diff --git a/Godeps/Godeps.json b/Godeps/Godeps.json
index 0989c3a65759..7c70406ff2fb 100644
--- a/Godeps/Godeps.json
+++ b/Godeps/Godeps.json
@@ -23,33 +23,38 @@
 		},
 		{
 			"ImportPath": "github.com/Azure/azure-sdk-for-go/arm/compute",
-			"Comment": "v11.1.1-beta",
-			"Rev": "509eea43b93cec2f3f17acbe2578ef58703923f8"
+			"Comment": "v12.4.0-beta",
+			"Rev": "f111fc2fa3861c5fdced76cae4c9c71821969577"
 		},
 		{
 			"ImportPath": "github.com/Azure/azure-sdk-for-go/arm/containerregistry",
-			"Comment": "v11.1.1-beta",
-			"Rev": "509eea43b93cec2f3f17acbe2578ef58703923f8"
+			"Comment": "v12.4.0-beta",
+			"Rev": "f111fc2fa3861c5fdced76cae4c9c71821969577"
 		},
 		{
 			"ImportPath": "github.com/Azure/azure-sdk-for-go/arm/disk",
-			"Comment": "v11.1.1-beta",
-			"Rev": "509eea43b93cec2f3f17acbe2578ef58703923f8"
+			"Comment": "v12.4.0-beta",
+			"Rev": "f111fc2fa3861c5fdced76cae4c9c71821969577"
 		},
 		{
 			"ImportPath": "github.com/Azure/azure-sdk-for-go/arm/network",
-			"Comment": "v11.1.1-beta",
-			"Rev": "509eea43b93cec2f3f17acbe2578ef58703923f8"
+			"Comment": "v12.4.0-beta",
+			"Rev": "f111fc2fa3861c5fdced76cae4c9c71821969577"
 		},
 		{
 			"ImportPath": "github.com/Azure/azure-sdk-for-go/arm/storage",
-			"Comment": "v11.1.1-beta",
-			"Rev": "509eea43b93cec2f3f17acbe2578ef58703923f8"
+			"Comment": "v12.4.0-beta",
+			"Rev": "f111fc2fa3861c5fdced76cae4c9c71821969577"
+		},
+		{
+			"ImportPath": "github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute",
+			"Comment": "v12.4.0-beta",
+			"Rev": "f111fc2fa3861c5fdced76cae4c9c71821969577"
 		},
 		{
 			"ImportPath": "github.com/Azure/azure-sdk-for-go/storage",
-			"Comment": "v11.1.1-beta",
-			"Rev": "509eea43b93cec2f3f17acbe2578ef58703923f8"
+			"Comment": "v12.4.0-beta",
+			"Rev": "f111fc2fa3861c5fdced76cae4c9c71821969577"
 		},
 		{
 			"ImportPath": "github.com/Azure/go-ansiterm",
@@ -61,33 +66,33 @@
 		},
 		{
 			"ImportPath": "github.com/Azure/go-autorest/autorest",
-			"Comment": "v9.1.0",
-			"Rev": "e14a70c556c8e0db173358d1a903dca345a8e75e"
+			"Comment": "v9.9.0",
+			"Rev": "d4e6b95c12a08b4de2d48b45d5b4d594e5d32fab"
 		},
 		{
 			"ImportPath": "github.com/Azure/go-autorest/autorest/adal",
-			"Comment": "v9.1.0",
-			"Rev": "e14a70c556c8e0db173358d1a903dca345a8e75e"
+			"Comment": "v9.9.0",
+			"Rev": "d4e6b95c12a08b4de2d48b45d5b4d594e5d32fab"
 		},
 		{
 			"ImportPath": "github.com/Azure/go-autorest/autorest/azure",
-			"Comment": "v9.1.0",
-			"Rev": "e14a70c556c8e0db173358d1a903dca345a8e75e"
+			"Comment": "v9.9.0",
+			"Rev": "d4e6b95c12a08b4de2d48b45d5b4d594e5d32fab"
 		},
 		{
 			"ImportPath": "github.com/Azure/go-autorest/autorest/date",
-			"Comment": "v9.1.0",
-			"Rev": "e14a70c556c8e0db173358d1a903dca345a8e75e"
+			"Comment": "v9.9.0",
+			"Rev": "d4e6b95c12a08b4de2d48b45d5b4d594e5d32fab"
 		},
 		{
 			"ImportPath": "github.com/Azure/go-autorest/autorest/to",
-			"Comment": "v9.1.0",
-			"Rev": "e14a70c556c8e0db173358d1a903dca345a8e75e"
+			"Comment": "v9.9.0",
+			"Rev": "d4e6b95c12a08b4de2d48b45d5b4d594e5d32fab"
 		},
 		{
 			"ImportPath": "github.com/Azure/go-autorest/autorest/validation",
-			"Comment": "v9.1.0",
-			"Rev": "e14a70c556c8e0db173358d1a903dca345a8e75e"
+			"Comment": "v9.9.0",
+			"Rev": "d4e6b95c12a08b4de2d48b45d5b4d594e5d32fab"
 		},
 		{
 			"ImportPath": "github.com/JeffAshton/win_pdh",
@@ -401,7 +406,7 @@
 		},
 		{
 			"ImportPath": "github.com/cockroachdb/cmux",
-			"Rev": "30d10be492927e2dcae0089c374c455d42414fcb"
+			"Rev": "112f0506e7743d64a6eb8fedbcff13d9979bbf92"
 		},
 		{
 			"ImportPath": "github.com/codedellemc/goscaleio",
@@ -412,8 +417,13 @@
 			"Rev": "20e2ce2cf8852dc78bd42b76698dcd8dcd77b7b1"
 		},
 		{
-			"ImportPath": "github.com/container-storage-interface/spec/lib/go/csi",
-			"Rev": "ec298903f94e1d6d954de121b28044a2e1fdbf48"
+			"ImportPath": "github.com/container-storage-interface/spec/lib/go/csi/v0",
+			"Comment": "v0.2.0",
+			"Rev": "35d9f9d77954980e449e52c3f3e43c21bd8171f5"
+		},
+		{
+			"ImportPath": "github.com/containerd/console",
+			"Rev": "84eeaae905fa414d03e07bcd6c8d3f19e7cf180e"
 		},
 		{
 			"ImportPath": "github.com/containerd/containerd/api/services/containers/v1",
@@ -565,293 +575,342 @@
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/alarm",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/auth",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/auth/authpb",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/client",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/clientv3",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
+		},
+		{
+			"ImportPath": "github.com/coreos/etcd/clientv3/concurrency",
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/compactor",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/discovery",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/embed",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/error",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/etcdserver",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/etcdserver/api",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
+		},
+		{
+			"ImportPath": "github.com/coreos/etcd/etcdserver/api/etcdhttp",
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/etcdserver/api/v2http",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/etcdserver/api/v2http/httptypes",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
+		},
+		{
+			"ImportPath": "github.com/coreos/etcd/etcdserver/api/v3client",
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
+		},
+		{
+			"ImportPath": "github.com/coreos/etcd/etcdserver/api/v3election",
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
+		},
+		{
+			"ImportPath": "github.com/coreos/etcd/etcdserver/api/v3election/v3electionpb",
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
+		},
+		{
+			"ImportPath": "github.com/coreos/etcd/etcdserver/api/v3election/v3electionpb/gw",
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
+		},
+		{
+			"ImportPath": "github.com/coreos/etcd/etcdserver/api/v3lock",
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
+		},
+		{
+			"ImportPath": "github.com/coreos/etcd/etcdserver/api/v3lock/v3lockpb",
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
+		},
+		{
+			"ImportPath": "github.com/coreos/etcd/etcdserver/api/v3lock/v3lockpb/gw",
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/etcdserver/api/v3rpc",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/etcdserver/api/v3rpc/rpctypes",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/etcdserver/auth",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/etcdserver/etcdserverpb",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
+		},
+		{
+			"ImportPath": "github.com/coreos/etcd/etcdserver/etcdserverpb/gw",
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/etcdserver/membership",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/etcdserver/stats",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/lease",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/lease/leasehttp",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/lease/leasepb",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/mvcc",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/mvcc/backend",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/mvcc/mvccpb",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/adt",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/contention",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/cors",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/cpuutil",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/crc",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
+		},
+		{
+			"ImportPath": "github.com/coreos/etcd/pkg/debugutil",
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/fileutil",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/httputil",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/idutil",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/ioutil",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/logutil",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/monotime",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/netutil",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/pathutil",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/pbutil",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/runtime",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/schedule",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
+		},
+		{
+			"ImportPath": "github.com/coreos/etcd/pkg/srv",
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/tlsutil",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/transport",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/types",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/pkg/wait",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
+		},
+		{
+			"ImportPath": "github.com/coreos/etcd/proxy/grpcproxy/adapter",
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/raft",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/raft/raftpb",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/rafthttp",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/snap",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/snap/snappb",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/store",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/version",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/wal",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
 			"ImportPath": "github.com/coreos/etcd/wal/walpb",
-			"Comment": "v3.1.11",
-			"Rev": "960f4604bc821241b94906da5fe7f66306a77472"
-		},
-		{
-			"ImportPath": "github.com/coreos/go-oidc/http",
-			"Rev": "a4973d9a4225417aecf5d450a9522f00c1f7130f"
-		},
-		{
-			"ImportPath": "github.com/coreos/go-oidc/jose",
-			"Rev": "a4973d9a4225417aecf5d450a9522f00c1f7130f"
-		},
-		{
-			"ImportPath": "github.com/coreos/go-oidc/key",
-			"Rev": "a4973d9a4225417aecf5d450a9522f00c1f7130f"
-		},
-		{
-			"ImportPath": "github.com/coreos/go-oidc/oauth2",
-			"Rev": "a4973d9a4225417aecf5d450a9522f00c1f7130f"
+			"Comment": "v3.2.13",
+			"Rev": "95a726a27e09030f9ccbd9982a1508f5a6d25ada"
 		},
 		{
-			"ImportPath": "github.com/coreos/go-oidc/oidc",
-			"Rev": "a4973d9a4225417aecf5d450a9522f00c1f7130f"
+			"ImportPath": "github.com/coreos/go-oidc",
+			"Rev": "065b426bd41667456c1a924468f507673629c46b"
 		},
 		{
 			"ImportPath": "github.com/coreos/go-semver/semver",
@@ -892,21 +951,6 @@
 			"Comment": "v2-8-gfa29b1d",
 			"Rev": "fa29b1d70f0beaddd4c7021607cc3c3be8ce94b8"
 		},
-		{
-			"ImportPath": "github.com/coreos/pkg/health",
-			"Comment": "v2-8-gfa29b1d",
-			"Rev": "fa29b1d70f0beaddd4c7021607cc3c3be8ce94b8"
-		},
-		{
-			"ImportPath": "github.com/coreos/pkg/httputil",
-			"Comment": "v2-8-gfa29b1d",
-			"Rev": "fa29b1d70f0beaddd4c7021607cc3c3be8ce94b8"
-		},
-		{
-			"ImportPath": "github.com/coreos/pkg/timeutil",
-			"Comment": "v2-8-gfa29b1d",
-			"Rev": "fa29b1d70f0beaddd4c7021607cc3c3be8ce94b8"
-		},
 		{
 			"ImportPath": "github.com/coreos/rkt/api/v1alpha",
 			"Comment": "v1.25.0",
@@ -917,6 +961,11 @@
 			"Comment": "v1.0.4",
 			"Rev": "71acacd42f85e5e82f70a55327789582a5200a90"
 		},
+		{
+			"ImportPath": "github.com/cyphar/filepath-securejoin",
+			"Comment": "v0.2.1-1-gae69057",
+			"Rev": "ae69057f2299fb9e5ba2df738607e6a505b74ab6"
+		},
 		{
 			"ImportPath": "github.com/d2g/dhcp4",
 			"Rev": "a1d1b6c41b1ce8a71a5121a9cee31809c4707d9c"
@@ -1129,13 +1178,18 @@
 			"Comment": "docs-v1.12.0-rc4-2016-07-15-7401-g4f3616fb1",
 			"Rev": "4f3616fb1c112e206b88cb7a9922bf49067a7756"
 		},
+		{
+			"ImportPath": "github.com/docker/docker/pkg/parsers",
+			"Comment": "docs-v1.12.0-rc4-2016-07-15-7401-g4f3616fb1",
+			"Rev": "4f3616fb1c112e206b88cb7a9922bf49067a7756"
+		},
 		{
 			"ImportPath": "github.com/docker/docker/pkg/stdcopy",
 			"Comment": "docs-v1.12.0-rc4-2016-07-15-7401-g4f3616fb1",
 			"Rev": "4f3616fb1c112e206b88cb7a9922bf49067a7756"
 		},
 		{
-			"ImportPath": "github.com/docker/docker/pkg/symlink",
+			"ImportPath": "github.com/docker/docker/pkg/sysinfo",
 			"Comment": "docs-v1.12.0-rc4-2016-07-15-7401-g4f3616fb1",
 			"Rev": "4f3616fb1c112e206b88cb7a9922bf49067a7756"
 		},
@@ -1432,7 +1486,7 @@
 		},
 		{
 			"ImportPath": "github.com/go-openapi/spec",
-			"Rev": "7abd5745472fff5eb3685386d5fb8bf38683154d"
+			"Rev": "1de3e0542de65ad8d75452a595886fdd0befb363"
 		},
 		{
 			"ImportPath": "github.com/go-openapi/strfmt",
@@ -1444,7 +1498,7 @@
 		},
 		{
 			"ImportPath": "github.com/go-openapi/validate",
-			"Rev": "deaf2c9013bc1a7f4c774662259a506ba874d80f"
+			"Rev": "d509235108fcf6ab4913d2dcb3a2260c0db2108e"
 		},
 		{
 			"ImportPath": "github.com/godbus/dbus",
@@ -1492,6 +1546,10 @@
 			"ImportPath": "github.com/golang/protobuf/proto",
 			"Rev": "1643683e1b54a9e88ad26d98f81400c8c9d9f4f9"
 		},
+		{
+			"ImportPath": "github.com/golang/protobuf/protoc-gen-go/descriptor",
+			"Rev": "1643683e1b54a9e88ad26d98f81400c8c9d9f4f9"
+		},
 		{
 			"ImportPath": "github.com/golang/protobuf/ptypes",
 			"Rev": "1643683e1b54a9e88ad26d98f81400c8c9d9f4f9"
@@ -1522,213 +1580,213 @@
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/accelerators",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/api",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/cache/memory",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/collector",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/container",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/container/common",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/container/containerd",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/container/crio",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/container/docker",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/container/libcontainer",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/container/raw",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/container/rkt",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/container/systemd",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/devicemapper",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/events",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/fs",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/healthz",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/http",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/http/mux",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/info/v1",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/info/v2",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/machine",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/manager",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/manager/watcher",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/manager/watcher/raw",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/manager/watcher/rkt",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/metrics",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/pages",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/pages/static",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/storage",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/summary",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/utils",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/utils/cloudinfo",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/utils/cpuload",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/utils/cpuload/netlink",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/utils/docker",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/utils/oomparser",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/utils/sysfs",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/utils/sysinfo",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/validate",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/version",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/cadvisor/zfs",
-			"Comment": "v0.28.3",
-			"Rev": "1e567c2ac359c3ed1303e0c80b6cf08edefc841d"
+			"Comment": "v0.29.1",
+			"Rev": "2e02d28350c5fbbad9cfb7e5a1733468b75ab3f9"
 		},
 		{
 			"ImportPath": "github.com/google/certificate-transparency/go",
@@ -1768,123 +1826,123 @@
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/blockstorage/extensions/volumeactions",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/blockstorage/v1/volumes",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/blockstorage/v2/volumes",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/blockstorage/v3/volumes",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/common/extensions",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/attachinterfaces",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/volumeattach",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/compute/v2/flavors",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/compute/v2/images",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/compute/v2/servers",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/identity/v2/tenants",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/identity/v2/tokens",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/identity/v3/extensions/trusts",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/identity/v3/tokens",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/external",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/layer3/floatingips",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/layer3/routers",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/lbaas_v2/listeners",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/lbaas_v2/loadbalancers",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/lbaas_v2/monitors",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/lbaas_v2/pools",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/security/groups",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/security/rules",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/networking/v2/networks",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/networking/v2/ports",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/openstack/utils",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gophercloud/gophercloud/pagination",
-			"Rev": "8183543f90d1aef267a5ecc209f2e0715b355acb"
+			"Rev": "6da026c32e2d622cc242d32984259c77237aefe1"
 		},
 		{
 			"ImportPath": "github.com/gorilla/mux",
@@ -1910,18 +1968,18 @@
 		},
 		{
 			"ImportPath": "github.com/grpc-ecosystem/grpc-gateway/runtime",
-			"Comment": "v1.1.0-25-g84398b9",
-			"Rev": "84398b94e188ee336f307779b57b3aa91af7063c"
+			"Comment": "v1.3.0",
+			"Rev": "8cc3a55af3bcf171a1c23a90c4df9cf591706104"
 		},
 		{
 			"ImportPath": "github.com/grpc-ecosystem/grpc-gateway/runtime/internal",
-			"Comment": "v1.1.0-25-g84398b9",
-			"Rev": "84398b94e188ee336f307779b57b3aa91af7063c"
+			"Comment": "v1.3.0",
+			"Rev": "8cc3a55af3bcf171a1c23a90c4df9cf591706104"
 		},
 		{
 			"ImportPath": "github.com/grpc-ecosystem/grpc-gateway/utilities",
-			"Comment": "v1.1.0-25-g84398b9",
-			"Rev": "84398b94e188ee336f307779b57b3aa91af7063c"
+			"Comment": "v1.3.0",
+			"Rev": "8cc3a55af3bcf171a1c23a90c4df9cf591706104"
 		},
 		{
 			"ImportPath": "github.com/hashicorp/errwrap",
@@ -2048,13 +2106,8 @@
 		},
 		{
 			"ImportPath": "github.com/json-iterator/go",
-			"Comment": "1.0.0",
-			"Rev": "36b14963da70d11297d313183d7e6388c8510e1e"
-		},
-		{
-			"ImportPath": "github.com/juju/ratelimit",
-			"Comment": "1.0",
-			"Rev": "5b9ff866471762aa2ab2dced63c9fb6f53921342"
+			"Comment": "1.0.4-7-g13f8643",
+			"Rev": "13f86432b882000a51c6e610c620974462691a97"
 		},
 		{
 			"ImportPath": "github.com/kardianos/osext",
@@ -2124,6 +2177,11 @@
 			"ImportPath": "github.com/mailru/easyjson/jwriter",
 			"Rev": "2f5df55504ebc322e4d52d34df6a1f5b503bf26d"
 		},
+		{
+			"ImportPath": "github.com/marstr/guid",
+			"Comment": "v1.1.0-2-g8bdf7d1",
+			"Rev": "8bdf7d1a087ccc975cf37dd6507da50698fd19ca"
+		},
 		{
 			"ImportPath": "github.com/mattn/go-runewidth",
 			"Comment": "v0.0.1-10-g737072b",
@@ -2203,78 +2261,83 @@
 		},
 		{
 			"ImportPath": "github.com/opencontainers/runc/libcontainer",
-			"Comment": "v1.0.0-rc4-50-g4d6e6720",
-			"Rev": "4d6e6720a7c885c37b4cb083c0d372dda3425120"
+			"Comment": "v1.0.0-rc4-221-g595bea02",
+			"Rev": "595bea022f077a9e17d7473b34fbaf1adaed9e43"
 		},
 		{
 			"ImportPath": "github.com/opencontainers/runc/libcontainer/apparmor",
-			"Comment": "v1.0.0-rc4-50-g4d6e6720",
-			"Rev": "4d6e6720a7c885c37b4cb083c0d372dda3425120"
+			"Comment": "v1.0.0-rc4-221-g595bea02",
+			"Rev": "595bea022f077a9e17d7473b34fbaf1adaed9e43"
 		},
 		{
 			"ImportPath": "github.com/opencontainers/runc/libcontainer/cgroups",
-			"Comment": "v1.0.0-rc4-50-g4d6e6720",
-			"Rev": "4d6e6720a7c885c37b4cb083c0d372dda3425120"
+			"Comment": "v1.0.0-rc4-221-g595bea02",
+			"Rev": "595bea022f077a9e17d7473b34fbaf1adaed9e43"
 		},
 		{
 			"ImportPath": "github.com/opencontainers/runc/libcontainer/cgroups/fs",
-			"Comment": "v1.0.0-rc4-50-g4d6e6720",
-			"Rev": "4d6e6720a7c885c37b4cb083c0d372dda3425120"
-		},
-		{
-			"ImportPath": "github.com/opencontainers/runc/libcontainer/cgroups/rootless",
-			"Comment": "v1.0.0-rc4-50-g4d6e6720",
-			"Rev": "4d6e6720a7c885c37b4cb083c0d372dda3425120"
+			"Comment": "v1.0.0-rc4-221-g595bea02",
+			"Rev": "595bea022f077a9e17d7473b34fbaf1adaed9e43"
 		},
 		{
 			"ImportPath": "github.com/opencontainers/runc/libcontainer/cgroups/systemd",
-			"Comment": "v1.0.0-rc4-50-g4d6e6720",
-			"Rev": "4d6e6720a7c885c37b4cb083c0d372dda3425120"
+			"Comment": "v1.0.0-rc4-221-g595bea02",
+			"Rev": "595bea022f077a9e17d7473b34fbaf1adaed9e43"
 		},
 		{
 			"ImportPath": "github.com/opencontainers/runc/libcontainer/configs",
-			"Comment": "v1.0.0-rc4-50-g4d6e6720",
-			"Rev": "4d6e6720a7c885c37b4cb083c0d372dda3425120"
+			"Comment": "v1.0.0-rc4-221-g595bea02",
+			"Rev": "595bea022f077a9e17d7473b34fbaf1adaed9e43"
 		},
 		{
 			"ImportPath": "github.com/opencontainers/runc/libcontainer/configs/validate",
-			"Comment": "v1.0.0-rc4-50-g4d6e6720",
-			"Rev": "4d6e6720a7c885c37b4cb083c0d372dda3425120"
+			"Comment": "v1.0.0-rc4-221-g595bea02",
+			"Rev": "595bea022f077a9e17d7473b34fbaf1adaed9e43"
 		},
 		{
 			"ImportPath": "github.com/opencontainers/runc/libcontainer/criurpc",
-			"Comment": "v1.0.0-rc4-50-g4d6e6720",
-			"Rev": "4d6e6720a7c885c37b4cb083c0d372dda3425120"
+			"Comment": "v1.0.0-rc4-221-g595bea02",
+			"Rev": "595bea022f077a9e17d7473b34fbaf1adaed9e43"
+		},
+		{
+			"ImportPath": "github.com/opencontainers/runc/libcontainer/intelrdt",
+			"Comment": "v1.0.0-rc4-221-g595bea02",
+			"Rev": "595bea022f077a9e17d7473b34fbaf1adaed9e43"
 		},
 		{
 			"ImportPath": "github.com/opencontainers/runc/libcontainer/keys",
-			"Comment": "v1.0.0-rc4-50-g4d6e6720",
-			"Rev": "4d6e6720a7c885c37b4cb083c0d372dda3425120"
+			"Comment": "v1.0.0-rc4-221-g595bea02",
+			"Rev": "595bea022f077a9e17d7473b34fbaf1adaed9e43"
+		},
+		{
+			"ImportPath": "github.com/opencontainers/runc/libcontainer/mount",
+			"Comment": "v1.0.0-rc4-221-g595bea02",
+			"Rev": "595bea022f077a9e17d7473b34fbaf1adaed9e43"
 		},
 		{
 			"ImportPath": "github.com/opencontainers/runc/libcontainer/seccomp",
-			"Comment": "v1.0.0-rc4-50-g4d6e6720",
-			"Rev": "4d6e6720a7c885c37b4cb083c0d372dda3425120"
+			"Comment": "v1.0.0-rc4-221-g595bea02",
+			"Rev": "595bea022f077a9e17d7473b34fbaf1adaed9e43"
 		},
 		{
 			"ImportPath": "github.com/opencontainers/runc/libcontainer/stacktrace",
-			"Comment": "v1.0.0-rc4-50-g4d6e6720",
-			"Rev": "4d6e6720a7c885c37b4cb083c0d372dda3425120"
+			"Comment": "v1.0.0-rc4-221-g595bea02",
+			"Rev": "595bea022f077a9e17d7473b34fbaf1adaed9e43"
 		},
 		{
 			"ImportPath": "github.com/opencontainers/runc/libcontainer/system",
-			"Comment": "v1.0.0-rc4-50-g4d6e6720",
-			"Rev": "4d6e6720a7c885c37b4cb083c0d372dda3425120"
+			"Comment": "v1.0.0-rc4-221-g595bea02",
+			"Rev": "595bea022f077a9e17d7473b34fbaf1adaed9e43"
 		},
 		{
 			"ImportPath": "github.com/opencontainers/runc/libcontainer/user",
-			"Comment": "v1.0.0-rc4-50-g4d6e6720",
-			"Rev": "4d6e6720a7c885c37b4cb083c0d372dda3425120"
+			"Comment": "v1.0.0-rc4-221-g595bea02",
+			"Rev": "595bea022f077a9e17d7473b34fbaf1adaed9e43"
 		},
 		{
 			"ImportPath": "github.com/opencontainers/runc/libcontainer/utils",
-			"Comment": "v1.0.0-rc4-50-g4d6e6720",
-			"Rev": "4d6e6720a7c885c37b4cb083c0d372dda3425120"
+			"Comment": "v1.0.0-rc4-221-g595bea02",
+			"Rev": "595bea022f077a9e17d7473b34fbaf1adaed9e43"
 		},
 		{
 			"ImportPath": "github.com/opencontainers/runtime-spec/specs-go",
@@ -2328,6 +2391,14 @@
 			"ImportPath": "github.com/pkg/sftp",
 			"Rev": "4d0e916071f68db74f8a73926335f809396d6b42"
 		},
+		{
+			"ImportPath": "github.com/pquerna/cachecontrol",
+			"Rev": "0dec1b30a0215bb68605dfc568e8855066c9202d"
+		},
+		{
+			"ImportPath": "github.com/pquerna/cachecontrol/cacheobject",
+			"Rev": "0dec1b30a0215bb68605dfc568e8855066c9202d"
+		},
 		{
 			"ImportPath": "github.com/prometheus/client_golang/prometheus",
 			"Comment": "v0.8.0-83-ge7e9030",
@@ -2365,7 +2436,7 @@
 		},
 		{
 			"ImportPath": "github.com/quobyte/api",
-			"Rev": "cb10db90715b14d4784465d2fa3b915dfacc0628"
+			"Rev": "f2b94aa4aa4f8fcf279fe667ccd916abe6a064d5"
 		},
 		{
 			"ImportPath": "github.com/r2d4/external-storage/lib/controller",
@@ -2411,9 +2482,9 @@
 			"Rev": "91d7393ff85980ba3a8966405871a3d446ca28f2"
 		},
 		{
-			"ImportPath": "github.com/satori/uuid",
-			"Comment": "v1.1.0-8-g5bf94b6",
-			"Rev": "5bf94b69c6b68ee1b541973bb8e1144db23a194b"
+			"ImportPath": "github.com/satori/go.uuid",
+			"Comment": "v1.1.0",
+			"Rev": "879c5887cd475cd7864858769793b2ceb0d44feb"
 		},
 		{
 			"ImportPath": "github.com/seccomp/libseccomp-golang",
@@ -2446,11 +2517,13 @@
 		},
 		{
 			"ImportPath": "github.com/spf13/cobra",
-			"Rev": "f62e98d28ab7ad31d707ba837a966378465c7b57"
+			"Comment": "v0.0.1-32-g6644d46",
+			"Rev": "6644d46b81fa1831979c4cded0106e774e0ef0ab"
 		},
 		{
 			"ImportPath": "github.com/spf13/cobra/doc",
-			"Rev": "f62e98d28ab7ad31d707ba837a966378465c7b57"
+			"Comment": "v0.0.1-32-g6644d46",
+			"Rev": "6644d46b81fa1831979c4cded0106e774e0ef0ab"
 		},
 		{
 			"ImportPath": "github.com/spf13/jwalterweatherman",
@@ -2458,7 +2531,8 @@
 		},
 		{
 			"ImportPath": "github.com/spf13/pflag",
-			"Rev": "9ff6c6923cfffbcd502984b8e0c80539a94968b7"
+			"Comment": "v1.0.0-10-g4c012f6",
+			"Rev": "4c012f6dcd9546820e378d0bdda4d8fc772cdfea"
 		},
 		{
 			"ImportPath": "github.com/spf13/viper",
@@ -2466,24 +2540,24 @@
 			"Rev": "25b30aa063fc18e48662b86996252eabdcf2f0c7"
 		},
 		{
-			"ImportPath": "github.com/square/go-jose",
-			"Rev": "789a4c4bd4c118f7564954f441b29c153ccd6a96"
-		},
-		{
-			"ImportPath": "github.com/square/go-jose/cipher",
-			"Rev": "789a4c4bd4c118f7564954f441b29c153ccd6a96"
+			"ImportPath": "github.com/storageos/go-api",
+			"Comment": "0.3.4",
+			"Rev": "3a4032328d99c1b43fbda3d85bd3c80fa06e1707"
 		},
 		{
-			"ImportPath": "github.com/square/go-jose/json",
-			"Rev": "789a4c4bd4c118f7564954f441b29c153ccd6a96"
+			"ImportPath": "github.com/storageos/go-api/netutil",
+			"Comment": "0.3.4",
+			"Rev": "3a4032328d99c1b43fbda3d85bd3c80fa06e1707"
 		},
 		{
-			"ImportPath": "github.com/storageos/go-api",
-			"Rev": "74f9beb613cacf0cc282facc2e1550a3231e126f"
+			"ImportPath": "github.com/storageos/go-api/serror",
+			"Comment": "0.3.4",
+			"Rev": "3a4032328d99c1b43fbda3d85bd3c80fa06e1707"
 		},
 		{
 			"ImportPath": "github.com/storageos/go-api/types",
-			"Rev": "74f9beb613cacf0cc282facc2e1550a3231e126f"
+			"Comment": "0.3.4",
+			"Rev": "3a4032328d99c1b43fbda3d85bd3c80fa06e1707"
 		},
 		{
 			"ImportPath": "github.com/syndtr/gocapability/capability",
@@ -2495,105 +2569,110 @@
 		},
 		{
 			"ImportPath": "github.com/vishvananda/netlink",
-			"Rev": "f5a6f697a596c788d474984a38a0ac4ba0719e93"
+			"Rev": "f67b75edbf5e3bb7dfe70bb788610693a71be3d1"
 		},
 		{
 			"ImportPath": "github.com/vishvananda/netlink/nl",
-			"Rev": "f5a6f697a596c788d474984a38a0ac4ba0719e93"
+			"Rev": "f67b75edbf5e3bb7dfe70bb788610693a71be3d1"
 		},
 		{
 			"ImportPath": "github.com/vishvananda/netns",
-			"Rev": "86bef332bfc3b59b7624a600bd53009ce91a9829"
+			"Rev": "be1fbeda19366dea804f00efff2dd73a1642fdcc"
 		},
 		{
 			"ImportPath": "github.com/vmware/govmomi",
-			"Comment": "v0.14.0-11-gb8b228c",
-			"Rev": "b8b228cfbad7f0a69ed90393ca9aee085d3c6ef1"
+			"Comment": "v0.16.0-97-g0f82f03",
+			"Rev": "0f82f03a2bbf14037d2331cf02f1d4157bbef6cc"
 		},
 		{
 			"ImportPath": "github.com/vmware/govmomi/find",
-			"Comment": "v0.14.0-11-gb8b228c",
-			"Rev": "b8b228cfbad7f0a69ed90393ca9aee085d3c6ef1"
+			"Comment": "v0.16.0-97-g0f82f03",
+			"Rev": "0f82f03a2bbf14037d2331cf02f1d4157bbef6cc"
 		},
 		{
 			"ImportPath": "github.com/vmware/govmomi/list",
-			"Comment": "v0.14.0-11-gb8b228c",
-			"Rev": "b8b228cfbad7f0a69ed90393ca9aee085d3c6ef1"
+			"Comment": "v0.16.0-97-g0f82f03",
+			"Rev": "0f82f03a2bbf14037d2331cf02f1d4157bbef6cc"
+		},
+		{
+			"ImportPath": "github.com/vmware/govmomi/nfc",
+			"Comment": "v0.16.0-97-g0f82f03",
+			"Rev": "0f82f03a2bbf14037d2331cf02f1d4157bbef6cc"
 		},
 		{
 			"ImportPath": "github.com/vmware/govmomi/object",
-			"Comment": "v0.14.0-11-gb8b228c",
-			"Rev": "b8b228cfbad7f0a69ed90393ca9aee085d3c6ef1"
+			"Comment": "v0.16.0-97-g0f82f03",
+			"Rev": "0f82f03a2bbf14037d2331cf02f1d4157bbef6cc"
 		},
 		{
 			"ImportPath": "github.com/vmware/govmomi/pbm",
-			"Comment": "v0.14.0-11-gb8b228c",
-			"Rev": "b8b228cfbad7f0a69ed90393ca9aee085d3c6ef1"
+			"Comment": "v0.16.0-97-g0f82f03",
+			"Rev": "0f82f03a2bbf14037d2331cf02f1d4157bbef6cc"
 		},
 		{
 			"ImportPath": "github.com/vmware/govmomi/pbm/methods",
-			"Comment": "v0.14.0-11-gb8b228c",
-			"Rev": "b8b228cfbad7f0a69ed90393ca9aee085d3c6ef1"
+			"Comment": "v0.16.0-97-g0f82f03",
+			"Rev": "0f82f03a2bbf14037d2331cf02f1d4157bbef6cc"
 		},
 		{
 			"ImportPath": "github.com/vmware/govmomi/pbm/types",
-			"Comment": "v0.14.0-11-gb8b228c",
-			"Rev": "b8b228cfbad7f0a69ed90393ca9aee085d3c6ef1"
+			"Comment": "v0.16.0-97-g0f82f03",
+			"Rev": "0f82f03a2bbf14037d2331cf02f1d4157bbef6cc"
 		},
 		{
 			"ImportPath": "github.com/vmware/govmomi/property",
-			"Comment": "v0.14.0-11-gb8b228c",
-			"Rev": "b8b228cfbad7f0a69ed90393ca9aee085d3c6ef1"
+			"Comment": "v0.16.0-97-g0f82f03",
+			"Rev": "0f82f03a2bbf14037d2331cf02f1d4157bbef6cc"
 		},
 		{
 			"ImportPath": "github.com/vmware/govmomi/session",
-			"Comment": "v0.14.0-11-gb8b228c",
-			"Rev": "b8b228cfbad7f0a69ed90393ca9aee085d3c6ef1"
+			"Comment": "v0.16.0-97-g0f82f03",
+			"Rev": "0f82f03a2bbf14037d2331cf02f1d4157bbef6cc"
 		},
 		{
 			"ImportPath": "github.com/vmware/govmomi/task",
-			"Comment": "v0.14.0-11-gb8b228c",
-			"Rev": "b8b228cfbad7f0a69ed90393ca9aee085d3c6ef1"
+			"Comment": "v0.16.0-97-g0f82f03",
+			"Rev": "0f82f03a2bbf14037d2331cf02f1d4157bbef6cc"
 		},
 		{
 			"ImportPath": "github.com/vmware/govmomi/vim25",
-			"Comment": "v0.14.0-11-gb8b228c",
-			"Rev": "b8b228cfbad7f0a69ed90393ca9aee085d3c6ef1"
+			"Comment": "v0.16.0-97-g0f82f03",
+			"Rev": "0f82f03a2bbf14037d2331cf02f1d4157bbef6cc"
 		},
 		{
 			"ImportPath": "github.com/vmware/govmomi/vim25/debug",
-			"Comment": "v0.14.0-11-gb8b228c",
-			"Rev": "b8b228cfbad7f0a69ed90393ca9aee085d3c6ef1"
+			"Comment": "v0.16.0-97-g0f82f03",
+			"Rev": "0f82f03a2bbf14037d2331cf02f1d4157bbef6cc"
 		},
 		{
 			"ImportPath": "github.com/vmware/govmomi/vim25/methods",
-			"Comment": "v0.14.0-11-gb8b228c",
-			"Rev": "b8b228cfbad7f0a69ed90393ca9aee085d3c6ef1"
+			"Comment": "v0.16.0-97-g0f82f03",
+			"Rev": "0f82f03a2bbf14037d2331cf02f1d4157bbef6cc"
 		},
 		{
 			"ImportPath": "github.com/vmware/govmomi/vim25/mo",
-			"Comment": "v0.14.0-11-gb8b228c",
-			"Rev": "b8b228cfbad7f0a69ed90393ca9aee085d3c6ef1"
+			"Comment": "v0.16.0-97-g0f82f03",
+			"Rev": "0f82f03a2bbf14037d2331cf02f1d4157bbef6cc"
 		},
 		{
 			"ImportPath": "github.com/vmware/govmomi/vim25/progress",
-			"Comment": "v0.14.0-11-gb8b228c",
-			"Rev": "b8b228cfbad7f0a69ed90393ca9aee085d3c6ef1"
+			"Comment": "v0.16.0-97-g0f82f03",
+			"Rev": "0f82f03a2bbf14037d2331cf02f1d4157bbef6cc"
 		},
 		{
 			"ImportPath": "github.com/vmware/govmomi/vim25/soap",
-			"Comment": "v0.14.0-11-gb8b228c",
-			"Rev": "b8b228cfbad7f0a69ed90393ca9aee085d3c6ef1"
+			"Comment": "v0.16.0-97-g0f82f03",
+			"Rev": "0f82f03a2bbf14037d2331cf02f1d4157bbef6cc"
 		},
 		{
 			"ImportPath": "github.com/vmware/govmomi/vim25/types",
-			"Comment": "v0.14.0-11-gb8b228c",
-			"Rev": "b8b228cfbad7f0a69ed90393ca9aee085d3c6ef1"
+			"Comment": "v0.16.0-97-g0f82f03",
+			"Rev": "0f82f03a2bbf14037d2331cf02f1d4157bbef6cc"
 		},
 		{
 			"ImportPath": "github.com/vmware/govmomi/vim25/xml",
-			"Comment": "v0.14.0-11-gb8b228c",
-			"Rev": "b8b228cfbad7f0a69ed90393ca9aee085d3c6ef1"
+			"Comment": "v0.16.0-97-g0f82f03",
+			"Rev": "0f82f03a2bbf14037d2331cf02f1d4157bbef6cc"
 		},
 		{
 			"ImportPath": "github.com/vmware/photon-controller-go-sdk/SSPI",
@@ -2808,6 +2887,10 @@
 			"ImportPath": "golang.org/x/sys/windows/registry",
 			"Rev": "95c6576299259db960f6c5b9b69ea52422860fce"
 		},
+		{
+			"ImportPath": "golang.org/x/sys/windows/svc",
+			"Rev": "95c6576299259db960f6c5b9b69ea52422860fce"
+		},
 		{
 			"ImportPath": "golang.org/x/text/cases",
 			"Rev": "b19bf474d317b857955b12035d2c5acb57ce8b01"
@@ -2872,41 +2955,53 @@
 			"ImportPath": "golang.org/x/text/width",
 			"Rev": "b19bf474d317b857955b12035d2c5acb57ce8b01"
 		},
+		{
+			"ImportPath": "golang.org/x/time/rate",
+			"Rev": "f51c12702a4d776e4c1fa9b0fabab841babae631"
+		},
 		{
 			"ImportPath": "golang.org/x/tools/container/intsets",
 			"Rev": "2382e3994d48b1d22acc2c86bcad0a2aff028e32"
 		},
 		{
 			"ImportPath": "google.golang.org/api/cloudmonitoring/v2beta2",
-			"Rev": "c0dae069ee96c9261a04c81efd9e0f1e55f565ac"
+			"Rev": "7f657476956314fee258816aaf81c0ff65cf8bee"
 		},
 		{
 			"ImportPath": "google.golang.org/api/compute/v0.alpha",
-			"Rev": "c0dae069ee96c9261a04c81efd9e0f1e55f565ac"
+			"Rev": "7f657476956314fee258816aaf81c0ff65cf8bee"
 		},
 		{
 			"ImportPath": "google.golang.org/api/compute/v0.beta",
-			"Rev": "c0dae069ee96c9261a04c81efd9e0f1e55f565ac"
+			"Rev": "7f657476956314fee258816aaf81c0ff65cf8bee"
 		},
 		{
 			"ImportPath": "google.golang.org/api/compute/v1",
-			"Rev": "c0dae069ee96c9261a04c81efd9e0f1e55f565ac"
+			"Rev": "7f657476956314fee258816aaf81c0ff65cf8bee"
 		},
 		{
 			"ImportPath": "google.golang.org/api/container/v1",
-			"Rev": "c0dae069ee96c9261a04c81efd9e0f1e55f565ac"
+			"Rev": "7f657476956314fee258816aaf81c0ff65cf8bee"
 		},
 		{
 			"ImportPath": "google.golang.org/api/gensupport",
-			"Rev": "c0dae069ee96c9261a04c81efd9e0f1e55f565ac"
+			"Rev": "7f657476956314fee258816aaf81c0ff65cf8bee"
 		},
 		{
 			"ImportPath": "google.golang.org/api/googleapi",
-			"Rev": "c0dae069ee96c9261a04c81efd9e0f1e55f565ac"
+			"Rev": "7f657476956314fee258816aaf81c0ff65cf8bee"
 		},
 		{
 			"ImportPath": "google.golang.org/api/googleapi/internal/uritemplates",
-			"Rev": "c0dae069ee96c9261a04c81efd9e0f1e55f565ac"
+			"Rev": "7f657476956314fee258816aaf81c0ff65cf8bee"
+		},
+		{
+			"ImportPath": "google.golang.org/api/tpu/v1alpha1",
+			"Rev": "7f657476956314fee258816aaf81c0ff65cf8bee"
+		},
+		{
+			"ImportPath": "google.golang.org/genproto/googleapis/api/annotations",
+			"Rev": "09f6ed296fc66555a25fe4ce95173148778dfa85"
 		},
 		{
 			"ImportPath": "google.golang.org/genproto/googleapis/rpc/status",
@@ -2914,73 +3009,93 @@
 		},
 		{
 			"ImportPath": "google.golang.org/grpc",
-			"Comment": "v1.3.0",
-			"Rev": "d2e1b51f33ff8c5e4a15560ff049d200e83726c5"
+			"Comment": "v1.7.5",
+			"Rev": "5b3c4e850e90a4cf6a20ebd46c8b32a0a3afcb9e"
+		},
+		{
+			"ImportPath": "google.golang.org/grpc/balancer",
+			"Comment": "v1.7.5",
+			"Rev": "5b3c4e850e90a4cf6a20ebd46c8b32a0a3afcb9e"
 		},
 		{
 			"ImportPath": "google.golang.org/grpc/codes",
-			"Comment": "v1.3.0",
-			"Rev": "d2e1b51f33ff8c5e4a15560ff049d200e83726c5"
+			"Comment": "v1.7.5",
+			"Rev": "5b3c4e850e90a4cf6a20ebd46c8b32a0a3afcb9e"
+		},
+		{
+			"ImportPath": "google.golang.org/grpc/connectivity",
+			"Comment": "v1.7.5",
+			"Rev": "5b3c4e850e90a4cf6a20ebd46c8b32a0a3afcb9e"
 		},
 		{
 			"ImportPath": "google.golang.org/grpc/credentials",
-			"Comment": "v1.3.0",
-			"Rev": "d2e1b51f33ff8c5e4a15560ff049d200e83726c5"
+			"Comment": "v1.7.5",
+			"Rev": "5b3c4e850e90a4cf6a20ebd46c8b32a0a3afcb9e"
 		},
 		{
-			"ImportPath": "google.golang.org/grpc/grpclb/grpc_lb_v1",
-			"Comment": "v1.3.0",
-			"Rev": "d2e1b51f33ff8c5e4a15560ff049d200e83726c5"
+			"ImportPath": "google.golang.org/grpc/grpclb/grpc_lb_v1/messages",
+			"Comment": "v1.7.5",
+			"Rev": "5b3c4e850e90a4cf6a20ebd46c8b32a0a3afcb9e"
 		},
 		{
 			"ImportPath": "google.golang.org/grpc/grpclog",
-			"Comment": "v1.3.0",
-			"Rev": "d2e1b51f33ff8c5e4a15560ff049d200e83726c5"
+			"Comment": "v1.7.5",
+			"Rev": "5b3c4e850e90a4cf6a20ebd46c8b32a0a3afcb9e"
+		},
+		{
+			"ImportPath": "google.golang.org/grpc/health/grpc_health_v1",
+			"Comment": "v1.7.5",
+			"Rev": "5b3c4e850e90a4cf6a20ebd46c8b32a0a3afcb9e"
 		},
 		{
 			"ImportPath": "google.golang.org/grpc/internal",
-			"Comment": "v1.3.0",
-			"Rev": "d2e1b51f33ff8c5e4a15560ff049d200e83726c5"
+			"Comment": "v1.7.5",
+			"Rev": "5b3c4e850e90a4cf6a20ebd46c8b32a0a3afcb9e"
 		},
 		{
 			"ImportPath": "google.golang.org/grpc/keepalive",
-			"Comment": "v1.3.0",
-			"Rev": "d2e1b51f33ff8c5e4a15560ff049d200e83726c5"
+			"Comment": "v1.7.5",
+			"Rev": "5b3c4e850e90a4cf6a20ebd46c8b32a0a3afcb9e"
 		},
 		{
 			"ImportPath": "google.golang.org/grpc/metadata",
-			"Comment": "v1.3.0",
-			"Rev": "d2e1b51f33ff8c5e4a15560ff049d200e83726c5"
+			"Comment": "v1.7.5",
+			"Rev": "5b3c4e850e90a4cf6a20ebd46c8b32a0a3afcb9e"
 		},
 		{
 			"ImportPath": "google.golang.org/grpc/naming",
-			"Comment": "v1.3.0",
-			"Rev": "d2e1b51f33ff8c5e4a15560ff049d200e83726c5"
+			"Comment": "v1.7.5",
+			"Rev": "5b3c4e850e90a4cf6a20ebd46c8b32a0a3afcb9e"
 		},
 		{
 			"ImportPath": "google.golang.org/grpc/peer",
-			"Comment": "v1.3.0",
-			"Rev": "d2e1b51f33ff8c5e4a15560ff049d200e83726c5"
+			"Comment": "v1.7.5",
+			"Rev": "5b3c4e850e90a4cf6a20ebd46c8b32a0a3afcb9e"
+		},
+		{
+			"ImportPath": "google.golang.org/grpc/resolver",
+			"Comment": "v1.7.5",
+			"Rev": "5b3c4e850e90a4cf6a20ebd46c8b32a0a3afcb9e"
 		},
 		{
 			"ImportPath": "google.golang.org/grpc/stats",
-			"Comment": "v1.3.0",
-			"Rev": "d2e1b51f33ff8c5e4a15560ff049d200e83726c5"
+			"Comment": "v1.7.5",
+			"Rev": "5b3c4e850e90a4cf6a20ebd46c8b32a0a3afcb9e"
 		},
 		{
 			"ImportPath": "google.golang.org/grpc/status",
-			"Comment": "v1.3.0",
-			"Rev": "d2e1b51f33ff8c5e4a15560ff049d200e83726c5"
+			"Comment": "v1.7.5",
+			"Rev": "5b3c4e850e90a4cf6a20ebd46c8b32a0a3afcb9e"
 		},
 		{
 			"ImportPath": "google.golang.org/grpc/tap",
-			"Comment": "v1.3.0",
-			"Rev": "d2e1b51f33ff8c5e4a15560ff049d200e83726c5"
+			"Comment": "v1.7.5",
+			"Rev": "5b3c4e850e90a4cf6a20ebd46c8b32a0a3afcb9e"
 		},
 		{
 			"ImportPath": "google.golang.org/grpc/transport",
-			"Comment": "v1.3.0",
-			"Rev": "d2e1b51f33ff8c5e4a15560ff049d200e83726c5"
+			"Comment": "v1.7.5",
+			"Rev": "5b3c4e850e90a4cf6a20ebd46c8b32a0a3afcb9e"
 		},
 		{
 			"ImportPath": "gopkg.in/cheggaaa/pb.v1",
@@ -3017,6 +3132,26 @@
 			"Comment": "v1.0-16-g20b71e5",
 			"Rev": "20b71e5b60d756d3d2f80def009790325acc2b23"
 		},
+		{
+			"ImportPath": "gopkg.in/square/go-jose.v2",
+			"Comment": "v2.1.3",
+			"Rev": "f8f38de21b4dcd69d0413faf231983f5fd6634b1"
+		},
+		{
+			"ImportPath": "gopkg.in/square/go-jose.v2/cipher",
+			"Comment": "v2.1.3",
+			"Rev": "f8f38de21b4dcd69d0413faf231983f5fd6634b1"
+		},
+		{
+			"ImportPath": "gopkg.in/square/go-jose.v2/json",
+			"Comment": "v2.1.3",
+			"Rev": "f8f38de21b4dcd69d0413faf231983f5fd6634b1"
+		},
+		{
+			"ImportPath": "gopkg.in/square/go-jose.v2/jwt",
+			"Comment": "v2.1.3",
+			"Rev": "f8f38de21b4dcd69d0413faf231983f5fd6634b1"
+		},
 		{
 			"ImportPath": "gopkg.in/warnings.v0",
 			"Comment": "v0.1.1",
@@ -3024,7 +3159,7 @@
 		},
 		{
 			"ImportPath": "gopkg.in/yaml.v2",
-			"Rev": "53feefa2559fb8dfa8d81baad31be332c97d6c77"
+			"Rev": "670d4cfef0544295bc27a114dbac37980d83185a"
 		},
 		{
 			"ImportPath": "k8s.io/heapster/metrics/api/v1/types",
@@ -3033,3426 +3168,3511 @@
 		},
 		{
 			"ImportPath": "k8s.io/kube-openapi/pkg/aggregator",
-			"Rev": "39a7bf85c140f972372c2a0d1ee40adbf0c8bfe1"
+			"Rev": "50ae88d24ede7b8bad68e23c805b5d3da5c8abaf"
 		},
 		{
 			"ImportPath": "k8s.io/kube-openapi/pkg/builder",
-			"Rev": "39a7bf85c140f972372c2a0d1ee40adbf0c8bfe1"
+			"Rev": "50ae88d24ede7b8bad68e23c805b5d3da5c8abaf"
 		},
 		{
 			"ImportPath": "k8s.io/kube-openapi/pkg/common",
-			"Rev": "39a7bf85c140f972372c2a0d1ee40adbf0c8bfe1"
+			"Rev": "50ae88d24ede7b8bad68e23c805b5d3da5c8abaf"
 		},
 		{
 			"ImportPath": "k8s.io/kube-openapi/pkg/handler",
-			"Rev": "39a7bf85c140f972372c2a0d1ee40adbf0c8bfe1"
+			"Rev": "50ae88d24ede7b8bad68e23c805b5d3da5c8abaf"
 		},
 		{
 			"ImportPath": "k8s.io/kube-openapi/pkg/util",
-			"Rev": "39a7bf85c140f972372c2a0d1ee40adbf0c8bfe1"
+			"Rev": "50ae88d24ede7b8bad68e23c805b5d3da5c8abaf"
 		},
 		{
 			"ImportPath": "k8s.io/kube-openapi/pkg/util/proto",
-			"Rev": "39a7bf85c140f972372c2a0d1ee40adbf0c8bfe1"
+			"Rev": "50ae88d24ede7b8bad68e23c805b5d3da5c8abaf"
 		},
 		{
 			"ImportPath": "k8s.io/kube-openapi/pkg/util/proto/validation",
-			"Rev": "39a7bf85c140f972372c2a0d1ee40adbf0c8bfe1"
+			"Rev": "50ae88d24ede7b8bad68e23c805b5d3da5c8abaf"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/cmd/controller-manager/app",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/cmd/controller-manager/app/options",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/cmd/kube-apiserver/app",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/cmd/kube-apiserver/app/options",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/cmd/kube-controller-manager/app",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/cmd/kube-controller-manager/app/config",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/cmd/kube-controller-manager/app/options",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/cmd/kube-proxy/app",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/cmd/kube-scheduler/app",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/cmd/kubeadm/app/constants",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/cmd/kubelet/app",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/cmd/kubelet/app/options",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/api/endpoints",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/api/events",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/api/legacyscheme",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/api/persistentvolume",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/api/persistentvolumeclaim",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/api/pod",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/api/ref",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/api/resource",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/api/service",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/api/v1/endpoints",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/api/v1/node",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/api/v1/pod",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/api/v1/resource",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/api/v1/service",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/abac",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/abac/latest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/abac/v0",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/abac/v1beta1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/admission",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/admission/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/admission/v1beta1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/admissionregistration",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/admissionregistration/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/admissionregistration/v1alpha1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/admissionregistration/v1beta1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/admissionregistration/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/apps",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/apps/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/apps/v1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/apps/v1beta1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/apps/v1beta2",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/apps/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/authentication",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/authentication/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/authentication/v1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/authentication/v1beta1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/authorization",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/authorization/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/authorization/v1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/authorization/v1beta1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/authorization/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/autoscaling",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/autoscaling/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/autoscaling/v1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/autoscaling/v2beta1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/autoscaling/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/batch",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/batch/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/batch/v1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/batch/v1beta1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/batch/v2alpha1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/batch/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/certificates",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/certificates/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/certificates/v1beta1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/certificates/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/componentconfig",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/componentconfig/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/core",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/core/helper",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/core/helper/qos",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/core/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/core/pods",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/core/v1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/core/v1/helper",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/core/v1/helper/qos",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/core/v1/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/core/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/events",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/events/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/events/v1beta1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/extensions",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/extensions/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/extensions/v1beta1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/extensions/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/imagepolicy",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/imagepolicy/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/imagepolicy/v1alpha1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/networking",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/networking/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/networking/v1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/networking/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/policy",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/policy/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/policy/v1beta1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/policy/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/rbac",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/rbac/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/rbac/v1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/rbac/v1alpha1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/rbac/v1beta1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/rbac/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/scheduling",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/scheduling/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/scheduling/v1alpha1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/scheduling/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/settings",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/settings/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/settings/v1alpha1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/settings/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/storage/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/storage/util",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/storage/v1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/storage/v1alpha1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/storage/v1beta1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/apis/storage/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/auth/authorizer/abac",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/auth/nodeidentifier",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/pkg/bootstrap/api",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/capabilities",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/chaosclient",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/scheme",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/events/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/settings/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/autoscaling",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/autoscaling/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/certificates",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/certificates/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/networking",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/networking/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/policy",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/policy/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/scheduling",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/scheduling/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/settings",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/settings/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/storage/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/leaderelectionconfig",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/listers/apps/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/listers/autoscaling/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/listers/batch/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/listers/certificates/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/listers/core/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/listers/extensions/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/listers/networking/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/listers/policy/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/listers/rbac/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/listers/scheduling/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/listers/settings/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/client/listers/storage/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/pkg/client/unversioned",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/cloudprovider",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/cloudprovider/providers",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/cloudprovider/providers/aws",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/cloudprovider/providers/azure",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/cloudprovider/providers/azure/auth",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/cloudprovider/providers/gce",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/cloudprovider/providers/openstack",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/cloudprovider/providers/ovirt",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/cloudprovider/providers/photon",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib/diskmanagers",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/bootstrap",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/certificates",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/certificates/approver",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/certificates/cleaner",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/certificates/signer",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/clusterroleaggregation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/cronjob",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/daemon",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/daemon/util",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/deployment",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/deployment/util",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/disruption",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/endpoint",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/garbagecollector",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/garbagecollector/metaonly",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/history",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/job",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/namespace",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/namespace/deletion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
-			"ImportPath": "k8s.io/kubernetes/pkg/controller/node",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"ImportPath": "k8s.io/kubernetes/pkg/controller/nodeipam",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
-			"ImportPath": "k8s.io/kubernetes/pkg/controller/node/ipam",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"ImportPath": "k8s.io/kubernetes/pkg/controller/nodeipam/ipam",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
-			"ImportPath": "k8s.io/kubernetes/pkg/controller/node/ipam/cidrset",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"ImportPath": "k8s.io/kubernetes/pkg/controller/nodeipam/ipam/cidrset",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
-			"ImportPath": "k8s.io/kubernetes/pkg/controller/node/ipam/sync",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"ImportPath": "k8s.io/kubernetes/pkg/controller/nodeipam/ipam/sync",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
-			"ImportPath": "k8s.io/kubernetes/pkg/controller/node/scheduler",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"ImportPath": "k8s.io/kubernetes/pkg/controller/nodelifecycle",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
-			"ImportPath": "k8s.io/kubernetes/pkg/controller/node/util",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"ImportPath": "k8s.io/kubernetes/pkg/controller/nodelifecycle/scheduler",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/podautoscaler",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/podautoscaler/metrics",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/podgc",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/replicaset",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/replication",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/resourcequota",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/route",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/service",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/serviceaccount",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/statefulset",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/ttl",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/controller/util/node",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/volume/attachdetach",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/volume/attachdetach/populator",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/volume/attachdetach/reconciler",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/volume/attachdetach/statusupdater",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/volume/attachdetach/util",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/volume/events",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/volume/expand",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/volume/expand/cache",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
-			"ImportPath": "k8s.io/kubernetes/pkg/controller/volume/expand/util",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"ImportPath": "k8s.io/kubernetes/pkg/controller/volume/persistentvolume",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
-			"ImportPath": "k8s.io/kubernetes/pkg/controller/volume/persistentvolume",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"ImportPath": "k8s.io/kubernetes/pkg/controller/volume/persistentvolume/metrics",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/controller/volume/pvcprotection",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/controller/volume/pvprotection",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/credentialprovider",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/credentialprovider/aws",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/credentialprovider/azure",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/credentialprovider/gcp",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/credentialprovider/rancher",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/credentialprovider/secrets",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/features",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/fieldpath",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/generated/openapi",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubeapiserver",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubeapiserver/admission",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubeapiserver/admission/util",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubeapiserver/authenticator",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubeapiserver/authorizer",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubeapiserver/authorizer/modes",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubeapiserver/options",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubeapiserver/server",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubectl",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubectl/apps",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubectl/categories",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubectl/cmd/templates",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubectl/cmd/util",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubectl/cmd/util/openapi",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubectl/cmd/util/openapi/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubectl/plugins",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubectl/resource",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubectl/scheme",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubectl/util",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubectl/util/hash",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubectl/util/slice",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubectl/util/term",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/kubectl/util/transport",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubectl/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/apis",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/apis/cri",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
-			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
-			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/scheme",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
-			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/cadvisor",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/certificate",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/certificate/bootstrap",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/checkpoint",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/client",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/cm",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/cm/cpumanager",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/state",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/topology",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/cm/cpuset",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
-			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/cm/devicemanager",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/cm/util",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/config",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/configmap",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/container",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/dockershim",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/dockershim/cm",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/dockershim/metrics",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/dockershim/remote",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/envvars",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/events",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/eviction",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/eviction/api",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/gpu",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/gpu/nvidia",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/images",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/kubeletconfig",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint/store",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/kubeletconfig/configfiles",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/kubeletconfig/status",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/kubeletconfig/util/codec",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/kubeletconfig/util/equal",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/kubeletconfig/util/files",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/kubeletconfig/util/log",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/kubeletconfig/util/panic",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/kuberuntime",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/kuberuntime/logs",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/leaky",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/lifecycle",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/logs",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/metrics",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/metrics/collectors",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/mountpod",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/network",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/network/cni",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/network/dns",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/network/hairpin",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/network/hostport",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/network/kubenet",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/network/metrics",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/pleg",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/pod",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/preemption",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/prober",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/prober/results",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/qos",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/remote",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/rkt",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/secret",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/server",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/server/portforward",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/server/remotecommand",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/server/stats",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/server/streaming",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/stats",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/status",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/sysctl",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/types",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/util",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/util/cache",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/util/format",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/util/ioutils",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/util/queue",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/util/sliceutils",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/util/store",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/volumemanager",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/volumemanager/cache",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/volumemanager/populator",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/volumemanager/reconciler",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/kubelet/winstats",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/master",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/master/controller/crdregistration",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/master/ports",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/master/reconcilers",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/master/tunneler",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/printers",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/printers/internalversion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/printers/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/probe",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/probe/exec",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/probe/http",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/probe/tcp",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/proxy",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/scheme",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/proxy/config",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/proxy/healthcheck",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/proxy/iptables",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/proxy/ipvs",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/proxy/metrics",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/proxy/userspace",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/proxy/util",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/proxy/winkernel",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/proxy/winuserspace",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/quota",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/quota/evaluator/core",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/quota/generic",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/quota/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/admissionregistration/initializerconfiguration",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/admissionregistration/initializerconfiguration/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/admissionregistration/mutatingwebhookconfiguration",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/admissionregistration/mutatingwebhookconfiguration/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/admissionregistration/rest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/admissionregistration/validatingwebhookconfiguration",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/admissionregistration/validatingwebhookconfiguration/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/apps/controllerrevision",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/apps/controllerrevision/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/registry/apps/daemonset",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/registry/apps/daemonset/storage",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/registry/apps/deployment",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/registry/apps/deployment/storage",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/registry/apps/replicaset",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/registry/apps/replicaset/storage",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/apps/rest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/apps/statefulset",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/apps/statefulset/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/authentication/rest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/authentication/tokenreview",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/authorization/localsubjectaccessreview",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/authorization/rest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/authorization/selfsubjectaccessreview",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/authorization/selfsubjectrulesreview",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/authorization/subjectaccessreview",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/authorization/util",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/autoscaling/horizontalpodautoscaler",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/autoscaling/horizontalpodautoscaler/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/autoscaling/rest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/batch/cronjob",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/batch/cronjob/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/batch/job",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/batch/job/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/batch/rest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/cachesize",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/certificates/certificates",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/certificates/certificates/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/certificates/rest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/componentstatus",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/configmap",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/configmap/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/endpoint",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/endpoint/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/event",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/event/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/limitrange",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/limitrange/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/namespace",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/namespace/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/node",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/node/rest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/node/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/persistentvolume",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/persistentvolume/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/persistentvolumeclaim",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/persistentvolumeclaim/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/pod",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/pod/rest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/pod/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/podtemplate",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/podtemplate/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/rangeallocation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/replicationcontroller",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/replicationcontroller/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/resourcequota",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/resourcequota/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/rest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/secret",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/secret/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/service",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/service/allocator",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/service/allocator/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/service/ipallocator",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/service/ipallocator/controller",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/service/portallocator",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/service/portallocator/controller",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/service/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/serviceaccount",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/core/serviceaccount/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/events/rest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/extensions/controller/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/pkg/registry/extensions/daemonset",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/pkg/registry/extensions/daemonset/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/pkg/registry/extensions/deployment",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/pkg/registry/extensions/deployment/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/extensions/ingress",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/extensions/ingress/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/pkg/registry/extensions/replicaset",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/pkg/registry/extensions/replicaset/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/extensions/rest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/networking/networkpolicy",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/networking/networkpolicy/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/networking/rest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/policy/poddisruptionbudget",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/policy/poddisruptionbudget/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/policy/rest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/rbac",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/rbac/clusterrole",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/rbac/clusterrole/policybased",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/rbac/clusterrole/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/rbac/clusterrolebinding",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/rbac/clusterrolebinding/policybased",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/rbac/clusterrolebinding/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/rbac/reconciliation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/rbac/rest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/rbac/role",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/rbac/role/policybased",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/rbac/role/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/rbac/rolebinding",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/rbac/rolebinding/policybased",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/rbac/rolebinding/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/rbac/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/scheduling/priorityclass",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/scheduling/priorityclass/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/scheduling/rest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/settings/podpreset",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/settings/podpreset/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/settings/rest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/storage/rest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/storage/storageclass",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/storage/storageclass/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/storage/volumeattachment",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/registry/storage/volumeattachment/storage",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/routes",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/scheduler",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/scheduler/algorithm",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/scheduler/algorithm/predicates",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/scheduler/algorithm/priorities",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/scheduler/algorithmprovider",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/scheduler/algorithmprovider/defaults",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/scheduler/api",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/scheduler/api/latest",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/scheduler/api/v1",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/scheduler/api/validation",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/scheduler/core",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/scheduler/factory",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/scheduler/metrics",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/scheduler/schedulercache",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/scheduler/util",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/scheduler/volumebinder",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/security/apparmor",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/security/podsecuritypolicy",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/security/podsecuritypolicy/apparmor",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/security/podsecuritypolicy/capabilities",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/security/podsecuritypolicy/group",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/security/podsecuritypolicy/seccomp",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/security/podsecuritypolicy/selinux",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/security/podsecuritypolicy/sysctl",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/security/podsecuritypolicy/user",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/security/podsecuritypolicy/util",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/securitycontext",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/serviceaccount",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/ssh",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/async",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/bandwidth",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/config",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/configz",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/util/conntrack",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/dbus",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/ebtables",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/env",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/file",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/filesystem",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/util/flag",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/flock",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/goroutinemap",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/goroutinemap/exponentialbackoff",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/hash",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/interrupt",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/io",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/ipconfig",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/ipset",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/iptables",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/ipvs",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/keymutex",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/labels",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/limitwriter",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/maps",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/metrics",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/mount",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/util/net",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/net/sets",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/netsh",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/node",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/nsenter",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/oom",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/parsers",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/pointer",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/procfs",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/reflector/prometheus",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/removeall",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/resizefs",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/resourcecontainer",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/rlimit",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/selinux",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/slice",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/strings",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/sysctl",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/system",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/tail",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/taints",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/term",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/tolerations",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/version",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/util/workqueue/prometheus",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/version",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/version/verflag",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/aws_ebs",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/azure_dd",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/azure_file",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/cephfs",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/cinder",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/configmap",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/csi",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/downwardapi",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/empty_dir",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/fc",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/flexvolume",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/flocker",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/gce_pd",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/git_repo",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/glusterfs",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/host_path",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/iscsi",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/local",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/nfs",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/photon_pd",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/portworx",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/projected",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/quobyte",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/rbd",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/scaleio",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/secret",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/storageos",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/util",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/volume/util/fs",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/util/nestedpendingoperations",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/util/operationexecutor",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/pkg/volume/util/recyclerclient",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/util/types",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
-			"ImportPath": "k8s.io/kubernetes/pkg/volume/util/volumehelper",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"ImportPath": "k8s.io/kubernetes/pkg/volume/util/volumepathhandler",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/pkg/volume/vsphere_volume",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
-			"ImportPath": "k8s.io/kubernetes/plugin/cmd/kube-scheduler/app",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"ImportPath": "k8s.io/kubernetes/pkg/windows/service",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/admit",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/alwayspullimages",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/antiaffinity",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/defaulttolerationseconds",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/deny",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/eventratelimit",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/v1alpha1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/exec",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/extendedresourcetoleration",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/gc",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/imagepolicy",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/initialresources",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/limitranger",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/namespace/autoprovision",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/namespace/exists",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/noderestriction",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/label",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/resize",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/persistentvolumeclaim/pvcprotection",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/podnodeselector",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/podpreset",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/v1alpha1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/priority",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/resourcequota",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/install",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/securitycontext/scdeny",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/serviceaccount",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
-			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/storageclass/setdefault",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/storage/storageclass/setdefault",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
+		},
+		{
+			"ImportPath": "k8s.io/kubernetes/plugin/pkg/admission/storage/storageobjectinuseprotection",
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/bootstrap",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/auth/authorizer/node",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/plugin/pkg/scheduler",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider/defaults",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/plugin/pkg/scheduler/api",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/plugin/pkg/scheduler/api/latest",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/plugin/pkg/scheduler/api/v1",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/plugin/pkg/scheduler/api/validation",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/plugin/pkg/scheduler/core",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/plugin/pkg/scheduler/factory",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/plugin/pkg/scheduler/metrics",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/plugin/pkg/scheduler/util",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
-		},
-		{
-			"ImportPath": "k8s.io/kubernetes/plugin/pkg/scheduler/volumebinder",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/third_party/forked/golang/expansion",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/third_party/forked/gonum/graph",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/third_party/forked/gonum/graph/internal/linear",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/third_party/forked/gonum/graph/simple",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/kubernetes/third_party/forked/gonum/graph/traverse",
-			"Comment": "v1.9.4",
-			"Rev": "bee2d1505c4fe820744d26d41ecd3fdd4a3d6546"
+			"Comment": "v1.10.0",
+			"Rev": "fc32d2f3698e36b93322a3465f63a14e9f0eaead"
 		},
 		{
 			"ImportPath": "k8s.io/utils/clock",
diff --git a/Makefile b/Makefile
index 45f6f1a35f02..f5db646e4b9c 100755
--- a/Makefile
+++ b/Makefile
@@ -52,7 +52,7 @@ STORAGE_PROVISIONER_TAG := v1.8.1
 # Set the version information for the Kubernetes servers, and build localkube statically
 K8S_VERSION_LDFLAGS := $(shell $(PYTHON) hack/get_k8s_version.py 2>&1)
 MINIKUBE_LDFLAGS := -X k8s.io/minikube/pkg/version.version=$(VERSION) -X k8s.io/minikube/pkg/version.isoVersion=$(ISO_VERSION) -X k8s.io/minikube/pkg/version.isoPath=$(ISO_BUCKET)
-LOCALKUBE_LDFLAGS := "$(K8S_VERSION_LDFLAGS) $(MINIKUBE_LDFLAGS) -s -w -extldflags '-static'"
+LOCALKUBE_LDFLAGS := "$(K8S_VERSION_LDFLAGS) $(MINIKUBE_LDFLAGS) -s -w"
 
 MAKEDEPEND := GOPATH=$(GOPATH) ./makedepend.sh
 
@@ -98,14 +98,14 @@ out/minikube$(IS_EXE): out/minikube-$(GOOS)-$(GOARCH)$(IS_EXE)
 	cp $< $@
 
 out/localkube.d:
-	$(MAKEDEPEND) out/localkube $(ORG) $(LOCALKUBEFILES) $^ > $@
+	GOOS=linux GOARCH=amd64 $(MAKEDEPEND) out/localkube $(ORG) $(LOCALKUBEFILES) $^ > $@
 
 -include out/localkube.d
 out/localkube:
 ifeq ($(LOCALKUBE_BUILD_IN_DOCKER),y)
 	$(call DOCKER,$(BUILD_IMAGE),/usr/bin/make $@)
 else
-	CGO_ENABLED=1 go build -tags static_build -ldflags=$(LOCALKUBE_LDFLAGS) -o $(BUILD_DIR)/localkube ./cmd/localkube
+	CGO_ENABLED=1 go build -ldflags=$(LOCALKUBE_LDFLAGS) -o $(BUILD_DIR)/localkube ./cmd/localkube
 endif
 
 out/minikube-windows-amd64.exe: out/minikube-windows-amd64
diff --git a/deploy/addons/addon-manager.yaml b/deploy/addons/addon-manager.yaml
index ea2314c64259..0dfce2519cf0 100644
--- a/deploy/addons/addon-manager.yaml
+++ b/deploy/addons/addon-manager.yaml
@@ -19,13 +19,13 @@ metadata:
   namespace: kube-system
   labels:
     component: kube-addon-manager
-    version: v6.5
+    version: v8.6
     kubernetes.io/minikube-addons: addon-manager
 spec:
   hostNetwork: true
   containers:
   - name: kube-addon-manager
-    image: gcr.io/google-containers/kube-addon-manager:v6.5
+    image: gcr.io/google-containers/kube-addon-manager:v8.6
     env:
     - name: KUBECONFIG
       value: /var/lib/localkube/kubeconfig
diff --git a/pkg/localkube/apiserver.go b/pkg/localkube/apiserver.go
index 1946e1166682..6d0c84b45987 100644
--- a/pkg/localkube/apiserver.go
+++ b/pkg/localkube/apiserver.go
@@ -28,9 +28,9 @@ import (
 	apiserveroptions "k8s.io/apiserver/pkg/server/options"
 	"k8s.io/apiserver/pkg/storage/storagebackend"
 
+	genericoptions "k8s.io/apiserver/pkg/server/options"
 	apiserver "k8s.io/kubernetes/cmd/kube-apiserver/app"
 	"k8s.io/kubernetes/cmd/kube-apiserver/app/options"
-	kubeapioptions "k8s.io/kubernetes/pkg/kubeapiserver/options"
 )
 
 func (lk LocalkubeServer) NewAPIServer() Server {
@@ -69,7 +69,7 @@ func StartAPIServer(lk LocalkubeServer) func() error {
 
 	config.AllowPrivileged = true
 
-	config.APIEnablement = &kubeapioptions.APIEnablementOptions{
+	config.APIEnablement = &genericoptions.APIEnablementOptions{
 		RuntimeConfig: lk.RuntimeConfig,
 	}
 
diff --git a/pkg/localkube/controller-manager.go b/pkg/localkube/controller-manager.go
index ef642ebaf5d4..735ee1179a24 100644
--- a/pkg/localkube/controller-manager.go
+++ b/pkg/localkube/controller-manager.go
@@ -18,6 +18,7 @@ package localkube
 
 import (
 	controllerManager "k8s.io/kubernetes/cmd/kube-controller-manager/app"
+	"k8s.io/kubernetes/cmd/kube-controller-manager/app/config"
 	"k8s.io/kubernetes/cmd/kube-controller-manager/app/options"
 	"k8s.io/minikube/pkg/util"
 )
@@ -27,24 +28,28 @@ func (lk LocalkubeServer) NewControllerManagerServer() Server {
 }
 
 func StartControllerManagerServer(lk LocalkubeServer) func() error {
-	config := options.NewCMServer()
+	opts := options.NewKubeControllerManagerOptions()
 
-	config.Kubeconfig = util.DefaultKubeConfigPath
+	opts.Generic.Kubeconfig = util.DefaultKubeConfigPath
 
 	// defaults from command
-	config.DeletingPodsQps = 0.1
-	config.DeletingPodsBurst = 10
-	config.NodeEvictionRate = 0.1
+	opts.Generic.ComponentConfig.DeletingPodsQps = 0.1
+	opts.Generic.ComponentConfig.DeletingPodsBurst = 10
+	opts.Generic.ComponentConfig.NodeEvictionRate = 0.1
 
-	config.EnableProfiling = true
-	config.VolumeConfiguration.EnableHostPathProvisioning = true
-	config.VolumeConfiguration.EnableDynamicProvisioning = true
-	config.ServiceAccountKeyFile = lk.GetPrivateKeyCertPath()
-	config.RootCAFile = lk.GetCAPublicKeyCertPath()
+	opts.Generic.ComponentConfig.EnableProfiling = true
+	opts.Generic.ComponentConfig.VolumeConfiguration.EnableHostPathProvisioning = true
+	opts.Generic.ComponentConfig.VolumeConfiguration.EnableDynamicProvisioning = true
+	opts.Generic.ComponentConfig.ServiceAccountKeyFile = lk.GetPrivateKeyCertPath()
+	opts.Generic.ComponentConfig.RootCAFile = lk.GetCAPublicKeyCertPath()
 
-	lk.SetExtraConfigForComponent("controller-manager", &config)
+	lk.SetExtraConfigForComponent("controller-manager", &opts)
 
+	cfg := config.Config{}
+	if err := opts.ApplyTo(&cfg); err != nil {
+		panic(err)
+	}
 	return func() error {
-		return controllerManager.Run(config)
+		return controllerManager.Run(cfg.Complete())
 	}
 }
diff --git a/pkg/localkube/kubelet.go b/pkg/localkube/kubelet.go
index 7a7435f2564b..0c81548230b1 100644
--- a/pkg/localkube/kubelet.go
+++ b/pkg/localkube/kubelet.go
@@ -17,7 +17,6 @@ limitations under the License.
 package localkube
 
 import (
-	"k8s.io/apiserver/pkg/util/flag"
 	kubelet "k8s.io/kubernetes/cmd/kubelet/app"
 	"k8s.io/kubernetes/cmd/kubelet/app/options"
 	"k8s.io/minikube/pkg/util"
@@ -38,14 +37,13 @@ func StartKubeletServer(lk LocalkubeServer) func() error {
 	}
 
 	// Master details
-	config.KubeConfig = flag.NewStringFlag(util.DefaultKubeConfigPath)
-	config.RequireKubeConfig = true
+	config.KubeConfig = util.DefaultKubeConfigPath
 
 	// Set containerized based on the flag
 	config.Containerized = lk.Containerized
 
 	config.AllowPrivileged = true
-	config.PodManifestPath = "/etc/kubernetes/manifests"
+	config.StaticPodPath = "/etc/kubernetes/manifests"
 
 	// Networking
 	config.ClusterDomain = lk.DNSDomain
@@ -54,6 +52,7 @@ func StartKubeletServer(lk LocalkubeServer) func() error {
 	config.PodCIDR = "10.180.1.0/24"
 
 	config.NodeIP = lk.NodeIP.String()
+	config.FailSwapOn = false
 
 	if lk.NetworkPlugin != "" {
 		config.NetworkPluginName = lk.NetworkPlugin
diff --git a/pkg/localkube/localkube.go b/pkg/localkube/localkube.go
index 3b08b90d602e..d8346d1e0410 100644
--- a/pkg/localkube/localkube.go
+++ b/pkg/localkube/localkube.go
@@ -26,6 +26,7 @@ import (
 	"net/http"
 	"path"
 	"strconv"
+	"strings"
 
 	"github.com/golang/glog"
 	"github.com/pkg/errors"
@@ -179,6 +180,27 @@ func (lk LocalkubeServer) SetExtraConfigForComponent(component string, config in
 	}
 }
 
+func (lk LocalkubeServer) GetFeatureGates() (map[string]bool, error) {
+	fg := map[string]bool{}
+	if lk.FeatureGates == "" {
+		return fg, nil
+	}
+	gates := strings.Split(lk.FeatureGates, ",")
+	for _, g := range gates {
+
+		kvp := strings.SplitN(g, "=", 2)
+		if len(kvp) != 2 {
+			return nil, fmt.Errorf("invalid feature gate specification: %s", g)
+		}
+		value, err := strconv.ParseBool(kvp[1])
+		if err != nil {
+			return nil, fmt.Errorf("invalid feature gate specification: %s", g)
+		}
+		fg[kvp[0]] = value
+	}
+	return fg, nil
+}
+
 func (lk LocalkubeServer) loadCert(path string) (*x509.Certificate, error) {
 	contents, err := ioutil.ReadFile(path)
 	if err != nil {
diff --git a/pkg/localkube/proxy.go b/pkg/localkube/proxy.go
index e617ad79a11b..3b53f84fe087 100644
--- a/pkg/localkube/proxy.go
+++ b/pkg/localkube/proxy.go
@@ -43,6 +43,10 @@ func StartProxyServer(lk LocalkubeServer) func() error {
 	}
 
 	opts := kubeproxy.NewOptions()
+	fg, err := lk.GetFeatureGates()
+	if err != nil {
+		panic(err)
+	}
 	config := &kubeproxyconfig.KubeProxyConfiguration{
 		OOMScoreAdj: &OOMScoreAdj,
 		ClientConnection: kubeproxyconfig.ClientConnectionConfiguration{
@@ -58,17 +62,15 @@ func StartProxyServer(lk LocalkubeServer) func() error {
 		},
 		BindAddress:  bindaddress,
 		Mode:         kubeproxyconfig.ProxyModeIPTables,
-		FeatureGates: lk.FeatureGates,
+		FeatureGates: fg,
 		// Disable the healthz check
-		HealthzBindAddress: "0",
+		HealthzBindAddress: "",
 	}
-	_, err := opts.ApplyDefaults(config)
-	if err != nil {
+	if _, err := opts.ApplyDefaults(config); err != nil {
 		panic(err)
 	}
-	opts.SetConfig(config)
-
 	lk.SetExtraConfigForComponent("proxy", &config)
+	opts.SetConfig(config)
 
 	return func() error {
 		return opts.Run()
diff --git a/pkg/localkube/scheduler.go b/pkg/localkube/scheduler.go
index 6fda922593d6..59616dfc55fb 100644
--- a/pkg/localkube/scheduler.go
+++ b/pkg/localkube/scheduler.go
@@ -17,8 +17,8 @@ limitations under the License.
 package localkube
 
 import (
+	scheduler "k8s.io/kubernetes/cmd/kube-scheduler/app"
 	"k8s.io/kubernetes/pkg/apis/componentconfig"
-	scheduler "k8s.io/kubernetes/plugin/cmd/kube-scheduler/app"
 	"k8s.io/minikube/pkg/util"
 )
 
diff --git a/pkg/minikube/bootstrapper/kubeadm/kubeadm_test.go b/pkg/minikube/bootstrapper/kubeadm/kubeadm_test.go
index e8114b7f4516..0c776c234ef8 100644
--- a/pkg/minikube/bootstrapper/kubeadm/kubeadm_test.go
+++ b/pkg/minikube/bootstrapper/kubeadm/kubeadm_test.go
@@ -34,7 +34,7 @@ func TestGenerateConfig(t *testing.T) {
 			description: "no extra args",
 			cfg: config.KubernetesConfig{
 				NodeIP:            "192.168.1.100",
-				KubernetesVersion: "v1.8.0",
+				KubernetesVersion: "v1.10.0",
 				NodeName:          "minikube",
 			},
 			expectedCfg: `apiVersion: kubeadm.k8s.io/v1alpha1
@@ -42,20 +42,22 @@ kind: MasterConfiguration
 api:
   advertiseAddress: 192.168.1.100
   bindPort: 8443
-kubernetesVersion: v1.8.0
+kubernetesVersion: v1.10.0
 certificatesDir: /var/lib/localkube/certs/
 networking:
   serviceSubnet: 10.96.0.0/12
 etcd:
   dataDir: /data
 nodeName: minikube
+apiServerExtraArgs:
+  admission-control: "Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"
 `,
 		},
 		{
 			description: "extra args all components",
 			cfg: config.KubernetesConfig{
 				NodeIP:            "192.168.1.101",
-				KubernetesVersion: "v1.8.0-alpha.0",
+				KubernetesVersion: "v1.10.0-alpha.0",
 				NodeName:          "extra-args-minikube",
 				ExtraOptions: util.ExtraOptionSlice{
 					util.ExtraOption{
@@ -80,7 +82,7 @@ kind: MasterConfiguration
 api:
   advertiseAddress: 192.168.1.101
   bindPort: 8443
-kubernetesVersion: v1.8.0-alpha.0
+kubernetesVersion: v1.10.0-alpha.0
 certificatesDir: /var/lib/localkube/certs/
 networking:
   serviceSubnet: 10.96.0.0/12
@@ -88,6 +90,7 @@ etcd:
   dataDir: /data
 nodeName: extra-args-minikube
 apiServerExtraArgs:
+  admission-control: "Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"
   fail-no-swap: "true"
 controllerManagerExtraArgs:
   kube-api-burst: "32"
@@ -99,7 +102,7 @@ schedulerExtraArgs:
 			description: "two extra args for one component",
 			cfg: config.KubernetesConfig{
 				NodeIP:            "192.168.1.101",
-				KubernetesVersion: "v1.8.0-alpha.0",
+				KubernetesVersion: "v1.10.0-alpha.0",
 				NodeName:          "extra-args-minikube",
 				ExtraOptions: util.ExtraOptionSlice{
 					util.ExtraOption{
@@ -119,7 +122,7 @@ kind: MasterConfiguration
 api:
   advertiseAddress: 192.168.1.101
   bindPort: 8443
-kubernetesVersion: v1.8.0-alpha.0
+kubernetesVersion: v1.10.0-alpha.0
 certificatesDir: /var/lib/localkube/certs/
 networking:
   serviceSubnet: 10.96.0.0/12
@@ -127,6 +130,7 @@ etcd:
   dataDir: /data
 nodeName: extra-args-minikube
 apiServerExtraArgs:
+  admission-control: "Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"
   fail-no-swap: "true"
   kube-api-burst: "32"
 `,
@@ -135,7 +139,7 @@ apiServerExtraArgs:
 			description: "enable feature gates",
 			cfg: config.KubernetesConfig{
 				NodeIP:            "192.168.1.101",
-				KubernetesVersion: "v1.8.0-alpha.0",
+				KubernetesVersion: "v1.10.0-alpha.0",
 				NodeName:          "extra-args-minikube",
 				FeatureGates:      "HugePages=true,OtherFeature=false",
 			},
@@ -144,7 +148,7 @@ kind: MasterConfiguration
 api:
   advertiseAddress: 192.168.1.101
   bindPort: 8443
-kubernetesVersion: v1.8.0-alpha.0
+kubernetesVersion: v1.10.0-alpha.0
 certificatesDir: /var/lib/localkube/certs/
 networking:
   serviceSubnet: 10.96.0.0/12
@@ -152,6 +156,7 @@ etcd:
   dataDir: /data
 nodeName: extra-args-minikube
 apiServerExtraArgs:
+  admission-control: "Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"
   feature-gates: "HugePages=true,OtherFeature=false"
 controllerManagerExtraArgs:
   feature-gates: "HugePages=true,OtherFeature=false"
@@ -163,7 +168,7 @@ schedulerExtraArgs:
 			description: "enable feature gates and extra config",
 			cfg: config.KubernetesConfig{
 				NodeIP:            "192.168.1.101",
-				KubernetesVersion: "v1.8.0-alpha.0",
+				KubernetesVersion: "v1.10.0-alpha.0",
 				NodeName:          "extra-args-minikube",
 				FeatureGates:      "HugePages=true,OtherFeature=false",
 				ExtraOptions: util.ExtraOptionSlice{
@@ -179,7 +184,7 @@ kind: MasterConfiguration
 api:
   advertiseAddress: 192.168.1.101
   bindPort: 8443
-kubernetesVersion: v1.8.0-alpha.0
+kubernetesVersion: v1.10.0-alpha.0
 certificatesDir: /var/lib/localkube/certs/
 networking:
   serviceSubnet: 10.96.0.0/12
@@ -187,6 +192,7 @@ etcd:
   dataDir: /data
 nodeName: extra-args-minikube
 apiServerExtraArgs:
+  admission-control: "Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"
   fail-no-swap: "true"
   feature-gates: "HugePages=true,OtherFeature=false"
 controllerManagerExtraArgs:
diff --git a/pkg/minikube/bootstrapper/kubeadm/versions.go b/pkg/minikube/bootstrapper/kubeadm/versions.go
index c54700724085..df5583ba81fe 100644
--- a/pkg/minikube/bootstrapper/kubeadm/versions.go
+++ b/pkg/minikube/bootstrapper/kubeadm/versions.go
@@ -173,7 +173,14 @@ var versionSpecificOpts = []VersionedExtraOption{
 	// Kubeconfig args
 	NewUnversionedOption(Kubelet, "kubeconfig", "/etc/kubernetes/kubelet.conf"),
 	NewUnversionedOption(Kubelet, "bootstrap-kubeconfig", "/etc/kubernetes/bootstrap-kubelet.conf"),
-	NewUnversionedOption(Kubelet, "require-kubeconfig", "true"),
+	{
+		Option: util.ExtraOption{
+			Component: Apiserver,
+			Key:       "require-kubeconfig",
+			Value:     "true",
+		},
+		LessThanOrEqual: semver.MustParse("1.9.10"),
+	},
 	NewUnversionedOption(Kubelet, "hostname-override", "minikube"),
 
 	// System pods args
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/availabilitysets.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/availabilitysets.go
index bf1a8fc34e38..76c20408fb13 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/availabilitysets.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/availabilitysets.go
@@ -90,7 +90,9 @@ func (client AvailabilitySetsClient) CreateOrUpdatePreparer(resourceGroupName st
 // CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the
 // http.Response Body if it receives an error.
 func (client AvailabilitySetsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always
@@ -155,7 +157,9 @@ func (client AvailabilitySetsClient) DeletePreparer(resourceGroupName string, av
 // DeleteSender sends the Delete request. The method will close the
 // http.Response Body if it receives an error.
 func (client AvailabilitySetsClient) DeleteSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // DeleteResponder handles the response to the Delete request. The method always
@@ -220,7 +224,9 @@ func (client AvailabilitySetsClient) GetPreparer(resourceGroupName string, avail
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client AvailabilitySetsClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -284,7 +290,9 @@ func (client AvailabilitySetsClient) ListPreparer(resourceGroupName string) (*ht
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client AvailabilitySetsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -350,7 +358,9 @@ func (client AvailabilitySetsClient) ListAvailableSizesPreparer(resourceGroupNam
 // ListAvailableSizesSender sends the ListAvailableSizes request. The method will close the
 // http.Response Body if it receives an error.
 func (client AvailabilitySetsClient) ListAvailableSizesSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListAvailableSizesResponder handles the response to the ListAvailableSizes request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/client.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/client.go
index 98b1c0dad648..93a44f2f20ba 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/client.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/client.go
@@ -1,6 +1,8 @@
 // Package compute implements the Azure ARM Compute service API version .
 //
 // Compute Client
+//
+// Deprecated: Please instead use github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-03-30/compute
 package compute
 
 // Copyright (c) Microsoft and contributors.  All rights reserved.
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/containerservices.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/containerservices.go
index 98c1706eef7b..a09f4c3357f3 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/containerservices.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/containerservices.go
@@ -144,6 +144,7 @@ func (client ContainerServicesClient) CreateOrUpdatePreparer(resourceGroupName s
 func (client ContainerServicesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -229,6 +230,7 @@ func (client ContainerServicesClient) DeletePreparer(resourceGroupName string, c
 func (client ContainerServicesClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -296,7 +298,9 @@ func (client ContainerServicesClient) GetPreparer(resourceGroupName string, cont
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client ContainerServicesClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -358,7 +362,9 @@ func (client ContainerServicesClient) ListPreparer() (*http.Request, error) {
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client ContainerServicesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -493,7 +499,9 @@ func (client ContainerServicesClient) ListByResourceGroupPreparer(resourceGroupN
 // ListByResourceGroupSender sends the ListByResourceGroup request. The method will close the
 // http.Response Body if it receives an error.
 func (client ContainerServicesClient) ListByResourceGroupSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListByResourceGroupResponder handles the response to the ListByResourceGroup request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/disks.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/disks.go
index 47e9e4029ce7..18efc73b229d 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/disks.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/disks.go
@@ -131,6 +131,7 @@ func (client DisksClient) CreateOrUpdatePreparer(resourceGroupName string, diskN
 func (client DisksClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -213,6 +214,7 @@ func (client DisksClient) DeletePreparer(resourceGroupName string, diskName stri
 func (client DisksClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -279,7 +281,9 @@ func (client DisksClient) GetPreparer(resourceGroupName string, diskName string)
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client DisksClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -372,6 +376,7 @@ func (client DisksClient) GrantAccessPreparer(resourceGroupName string, diskName
 func (client DisksClient) GrantAccessSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -433,7 +438,9 @@ func (client DisksClient) ListPreparer() (*http.Request, error) {
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client DisksClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -566,7 +573,9 @@ func (client DisksClient) ListByResourceGroupPreparer(resourceGroupName string)
 // ListByResourceGroupSender sends the ListByResourceGroup request. The method will close the
 // http.Response Body if it receives an error.
 func (client DisksClient) ListByResourceGroupSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListByResourceGroupResponder handles the response to the ListByResourceGroup request. The method always
@@ -717,6 +726,7 @@ func (client DisksClient) RevokeAccessPreparer(resourceGroupName string, diskNam
 func (client DisksClient) RevokeAccessSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -801,6 +811,7 @@ func (client DisksClient) UpdatePreparer(resourceGroupName string, diskName stri
 func (client DisksClient) UpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/images.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/images.go
index bbde2bc7f95f..6a5c06ad1535 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/images.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/images.go
@@ -119,6 +119,7 @@ func (client ImagesClient) CreateOrUpdatePreparer(resourceGroupName string, imag
 func (client ImagesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -200,6 +201,7 @@ func (client ImagesClient) DeletePreparer(resourceGroupName string, imageName st
 func (client ImagesClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -269,7 +271,9 @@ func (client ImagesClient) GetPreparer(resourceGroupName string, imageName strin
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client ImagesClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -331,7 +335,9 @@ func (client ImagesClient) ListPreparer() (*http.Request, error) {
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client ImagesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -464,7 +470,9 @@ func (client ImagesClient) ListByResourceGroupPreparer(resourceGroupName string)
 // ListByResourceGroupSender sends the ListByResourceGroup request. The method will close the
 // http.Response Body if it receives an error.
 func (client ImagesClient) ListByResourceGroupSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListByResourceGroupResponder handles the response to the ListByResourceGroup request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/resourceskus.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/resourceskus.go
index 9dd7fffa8564..c92374bfaa5f 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/resourceskus.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/resourceskus.go
@@ -83,7 +83,9 @@ func (client ResourceSkusClient) ListPreparer() (*http.Request, error) {
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client ResourceSkusClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/snapshots.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/snapshots.go
index 2c7135292156..2c77c51ce8e0 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/snapshots.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/snapshots.go
@@ -131,6 +131,7 @@ func (client SnapshotsClient) CreateOrUpdatePreparer(resourceGroupName string, s
 func (client SnapshotsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -213,6 +214,7 @@ func (client SnapshotsClient) DeletePreparer(resourceGroupName string, snapshotN
 func (client SnapshotsClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -279,7 +281,9 @@ func (client SnapshotsClient) GetPreparer(resourceGroupName string, snapshotName
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client SnapshotsClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -373,6 +377,7 @@ func (client SnapshotsClient) GrantAccessPreparer(resourceGroupName string, snap
 func (client SnapshotsClient) GrantAccessSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -434,7 +439,9 @@ func (client SnapshotsClient) ListPreparer() (*http.Request, error) {
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client SnapshotsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -567,7 +574,9 @@ func (client SnapshotsClient) ListByResourceGroupPreparer(resourceGroupName stri
 // ListByResourceGroupSender sends the ListByResourceGroup request. The method will close the
 // http.Response Body if it receives an error.
 func (client SnapshotsClient) ListByResourceGroupSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListByResourceGroupResponder handles the response to the ListByResourceGroup request. The method always
@@ -718,6 +727,7 @@ func (client SnapshotsClient) RevokeAccessPreparer(resourceGroupName string, sna
 func (client SnapshotsClient) RevokeAccessSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -802,6 +812,7 @@ func (client SnapshotsClient) UpdatePreparer(resourceGroupName string, snapshotN
 func (client SnapshotsClient) UpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/usage.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/usage.go
index 86e9ebabf3b7..ddf8917e3cbe 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/usage.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/usage.go
@@ -94,7 +94,9 @@ func (client UsageClient) ListPreparer(location string) (*http.Request, error) {
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client UsageClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/version.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/version.go
index 2f9cac6f3bc7..00a3106b8812 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/version.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/version.go
@@ -19,10 +19,10 @@ package compute
 
 // UserAgent returns the UserAgent string to use when sending http.Requests.
 func UserAgent() string {
-	return "Azure-SDK-For-Go/v11.0.0-beta arm-compute/"
+	return "Azure-SDK-For-Go/v12.4.0-beta arm-compute/"
 }
 
 // Version returns the semantic version (see http://semver.org) of the client.
 func Version() string {
-	return "v11.0.0-beta"
+	return "v12.4.0-beta"
 }
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachineextensionimages.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachineextensionimages.go
index c486f63ced50..2a9a4d28930f 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachineextensionimages.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachineextensionimages.go
@@ -90,7 +90,9 @@ func (client VirtualMachineExtensionImagesClient) GetPreparer(location string, p
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineExtensionImagesClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -155,7 +157,9 @@ func (client VirtualMachineExtensionImagesClient) ListTypesPreparer(location str
 // ListTypesSender sends the ListTypes request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineExtensionImagesClient) ListTypesSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListTypesResponder handles the response to the ListTypes request. The method always
@@ -230,7 +234,9 @@ func (client VirtualMachineExtensionImagesClient) ListVersionsPreparer(location
 // ListVersionsSender sends the ListVersions request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineExtensionImagesClient) ListVersionsSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListVersionsResponder handles the response to the ListVersions request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachineextensions.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachineextensions.go
index e8f0b27f1b00..4b8af16c9018 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachineextensions.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachineextensions.go
@@ -109,6 +109,7 @@ func (client VirtualMachineExtensionsClient) CreateOrUpdatePreparer(resourceGrou
 func (client VirtualMachineExtensionsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -192,6 +193,7 @@ func (client VirtualMachineExtensionsClient) DeletePreparer(resourceGroupName st
 func (client VirtualMachineExtensionsClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -263,7 +265,9 @@ func (client VirtualMachineExtensionsClient) GetPreparer(resourceGroupName strin
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineExtensionsClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachineimages.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachineimages.go
index 9eda416e9584..2e1e20b04424 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachineimages.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachineimages.go
@@ -91,7 +91,9 @@ func (client VirtualMachineImagesClient) GetPreparer(location string, publisherN
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineImagesClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -168,7 +170,9 @@ func (client VirtualMachineImagesClient) ListPreparer(location string, publisher
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineImagesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -233,7 +237,9 @@ func (client VirtualMachineImagesClient) ListOffersPreparer(location string, pub
 // ListOffersSender sends the ListOffers request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineImagesClient) ListOffersSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListOffersResponder handles the response to the ListOffers request. The method always
@@ -297,7 +303,9 @@ func (client VirtualMachineImagesClient) ListPublishersPreparer(location string)
 // ListPublishersSender sends the ListPublishers request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineImagesClient) ListPublishersSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListPublishersResponder handles the response to the ListPublishers request. The method always
@@ -364,7 +372,9 @@ func (client VirtualMachineImagesClient) ListSkusPreparer(location string, publi
 // ListSkusSender sends the ListSkus request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineImagesClient) ListSkusSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListSkusResponder handles the response to the ListSkus request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachineruncommands.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachineruncommands.go
index f422c92f58c0..287566a6a98f 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachineruncommands.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachineruncommands.go
@@ -94,7 +94,9 @@ func (client VirtualMachineRunCommandsClient) GetPreparer(location string, comma
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineRunCommandsClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -164,7 +166,9 @@ func (client VirtualMachineRunCommandsClient) ListPreparer(location string) (*ht
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineRunCommandsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachines.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachines.go
index ad1d829d14dc..086463240a42 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachines.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachines.go
@@ -119,6 +119,7 @@ func (client VirtualMachinesClient) CapturePreparer(resourceGroupName string, VM
 func (client VirtualMachinesClient) CaptureSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -201,6 +202,7 @@ func (client VirtualMachinesClient) ConvertToManagedDisksPreparer(resourceGroupN
 func (client VirtualMachinesClient) ConvertToManagedDisksSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -310,6 +312,7 @@ func (client VirtualMachinesClient) CreateOrUpdatePreparer(resourceGroupName str
 func (client VirtualMachinesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -392,6 +395,7 @@ func (client VirtualMachinesClient) DeallocatePreparer(resourceGroupName string,
 func (client VirtualMachinesClient) DeallocateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -473,6 +477,7 @@ func (client VirtualMachinesClient) DeletePreparer(resourceGroupName string, VMN
 func (client VirtualMachinesClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -538,7 +543,9 @@ func (client VirtualMachinesClient) GeneralizePreparer(resourceGroupName string,
 // GeneralizeSender sends the Generalize request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachinesClient) GeneralizeSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GeneralizeResponder handles the response to the Generalize request. The method always
@@ -607,7 +614,9 @@ func (client VirtualMachinesClient) GetPreparer(resourceGroupName string, VMName
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachinesClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -672,7 +681,9 @@ func (client VirtualMachinesClient) InstanceViewPreparer(resourceGroupName strin
 // InstanceViewSender sends the InstanceView request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachinesClient) InstanceViewSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // InstanceViewResponder handles the response to the InstanceView request. The method always
@@ -737,7 +748,9 @@ func (client VirtualMachinesClient) ListPreparer(resourceGroupName string) (*htt
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachinesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -868,7 +881,9 @@ func (client VirtualMachinesClient) ListAllPreparer() (*http.Request, error) {
 // ListAllSender sends the ListAll request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachinesClient) ListAllSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListAllResponder handles the response to the ListAll request. The method always
@@ -1002,7 +1017,9 @@ func (client VirtualMachinesClient) ListAvailableSizesPreparer(resourceGroupName
 // ListAvailableSizesSender sends the ListAvailableSizes request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachinesClient) ListAvailableSizesSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListAvailableSizesResponder handles the response to the ListAvailableSizes request. The method always
@@ -1084,6 +1101,7 @@ func (client VirtualMachinesClient) PerformMaintenancePreparer(resourceGroupName
 func (client VirtualMachinesClient) PerformMaintenanceSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -1167,6 +1185,7 @@ func (client VirtualMachinesClient) PowerOffPreparer(resourceGroupName string, V
 func (client VirtualMachinesClient) PowerOffSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -1249,6 +1268,7 @@ func (client VirtualMachinesClient) RedeployPreparer(resourceGroupName string, V
 func (client VirtualMachinesClient) RedeploySender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -1330,6 +1350,7 @@ func (client VirtualMachinesClient) RestartPreparer(resourceGroupName string, VM
 func (client VirtualMachinesClient) RestartSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -1423,6 +1444,7 @@ func (client VirtualMachinesClient) RunCommandPreparer(resourceGroupName string,
 func (client VirtualMachinesClient) RunCommandSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -1504,6 +1526,7 @@ func (client VirtualMachinesClient) StartPreparer(resourceGroupName string, VMNa
 func (client VirtualMachinesClient) StartSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinescalesetextensions.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinescalesetextensions.go
index 9a198f148d20..882339202b15 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinescalesetextensions.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinescalesetextensions.go
@@ -110,6 +110,7 @@ func (client VirtualMachineScaleSetExtensionsClient) CreateOrUpdatePreparer(reso
 func (client VirtualMachineScaleSetExtensionsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -193,6 +194,7 @@ func (client VirtualMachineScaleSetExtensionsClient) DeletePreparer(resourceGrou
 func (client VirtualMachineScaleSetExtensionsClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -264,7 +266,9 @@ func (client VirtualMachineScaleSetExtensionsClient) GetPreparer(resourceGroupNa
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineScaleSetExtensionsClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -330,7 +334,9 @@ func (client VirtualMachineScaleSetExtensionsClient) ListPreparer(resourceGroupN
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineScaleSetExtensionsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinescalesetrollingupgrades.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinescalesetrollingupgrades.go
index 45cc6e5c51cb..230b5da939c1 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinescalesetrollingupgrades.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinescalesetrollingupgrades.go
@@ -106,6 +106,7 @@ func (client VirtualMachineScaleSetRollingUpgradesClient) CancelPreparer(resourc
 func (client VirtualMachineScaleSetRollingUpgradesClient) CancelSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -171,7 +172,9 @@ func (client VirtualMachineScaleSetRollingUpgradesClient) GetLatestPreparer(reso
 // GetLatestSender sends the GetLatest request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineScaleSetRollingUpgradesClient) GetLatestSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetLatestResponder handles the response to the GetLatest request. The method always
@@ -254,6 +257,7 @@ func (client VirtualMachineScaleSetRollingUpgradesClient) StartOSUpgradePreparer
 func (client VirtualMachineScaleSetRollingUpgradesClient) StartOSUpgradeSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinescalesets.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinescalesets.go
index 72a868579acb..64c5c6d7a17f 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinescalesets.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinescalesets.go
@@ -133,6 +133,7 @@ func (client VirtualMachineScaleSetsClient) CreateOrUpdatePreparer(resourceGroup
 func (client VirtualMachineScaleSetsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -222,6 +223,7 @@ func (client VirtualMachineScaleSetsClient) DeallocatePreparer(resourceGroupName
 func (client VirtualMachineScaleSetsClient) DeallocateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -303,6 +305,7 @@ func (client VirtualMachineScaleSetsClient) DeletePreparer(resourceGroupName str
 func (client VirtualMachineScaleSetsClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -397,6 +400,7 @@ func (client VirtualMachineScaleSetsClient) DeleteInstancesPreparer(resourceGrou
 func (client VirtualMachineScaleSetsClient) DeleteInstancesSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -462,7 +466,9 @@ func (client VirtualMachineScaleSetsClient) GetPreparer(resourceGroupName string
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineScaleSetsClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -527,7 +533,9 @@ func (client VirtualMachineScaleSetsClient) GetInstanceViewPreparer(resourceGrou
 // GetInstanceViewSender sends the GetInstanceView request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineScaleSetsClient) GetInstanceViewSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetInstanceViewResponder handles the response to the GetInstanceView request. The method always
@@ -591,7 +599,9 @@ func (client VirtualMachineScaleSetsClient) ListPreparer(resourceGroupName strin
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineScaleSetsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -723,7 +733,9 @@ func (client VirtualMachineScaleSetsClient) ListAllPreparer() (*http.Request, er
 // ListAllSender sends the ListAll request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineScaleSetsClient) ListAllSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListAllResponder handles the response to the ListAll request. The method always
@@ -858,7 +870,9 @@ func (client VirtualMachineScaleSetsClient) ListSkusPreparer(resourceGroupName s
 // ListSkusSender sends the ListSkus request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineScaleSetsClient) ListSkusSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListSkusResponder handles the response to the ListSkus request. The method always
@@ -1016,6 +1030,7 @@ func (client VirtualMachineScaleSetsClient) PowerOffPreparer(resourceGroupName s
 func (client VirtualMachineScaleSetsClient) PowerOffSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -1104,6 +1119,7 @@ func (client VirtualMachineScaleSetsClient) ReimagePreparer(resourceGroupName st
 func (client VirtualMachineScaleSetsClient) ReimageSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -1192,6 +1208,7 @@ func (client VirtualMachineScaleSetsClient) ReimageAllPreparer(resourceGroupName
 func (client VirtualMachineScaleSetsClient) ReimageAllSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -1280,6 +1297,7 @@ func (client VirtualMachineScaleSetsClient) RestartPreparer(resourceGroupName st
 func (client VirtualMachineScaleSetsClient) RestartSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -1368,6 +1386,7 @@ func (client VirtualMachineScaleSetsClient) StartPreparer(resourceGroupName stri
 func (client VirtualMachineScaleSetsClient) StartSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -1452,6 +1471,7 @@ func (client VirtualMachineScaleSetsClient) UpdatePreparer(resourceGroupName str
 func (client VirtualMachineScaleSetsClient) UpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -1546,6 +1566,7 @@ func (client VirtualMachineScaleSetsClient) UpdateInstancesPreparer(resourceGrou
 func (client VirtualMachineScaleSetsClient) UpdateInstancesSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinescalesetvms.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinescalesetvms.go
index 5a15edae9131..0be36c9ac63a 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinescalesetvms.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinescalesetvms.go
@@ -107,6 +107,7 @@ func (client VirtualMachineScaleSetVMsClient) DeallocatePreparer(resourceGroupNa
 func (client VirtualMachineScaleSetVMsClient) DeallocateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -191,6 +192,7 @@ func (client VirtualMachineScaleSetVMsClient) DeletePreparer(resourceGroupName s
 func (client VirtualMachineScaleSetVMsClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -258,7 +260,9 @@ func (client VirtualMachineScaleSetVMsClient) GetPreparer(resourceGroupName stri
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineScaleSetVMsClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -325,7 +329,9 @@ func (client VirtualMachineScaleSetVMsClient) GetInstanceViewPreparer(resourceGr
 // GetInstanceViewSender sends the GetInstanceView request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineScaleSetVMsClient) GetInstanceViewSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetInstanceViewResponder handles the response to the GetInstanceView request. The method always
@@ -401,7 +407,9 @@ func (client VirtualMachineScaleSetVMsClient) ListPreparer(resourceGroupName str
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineScaleSetVMsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -555,6 +563,7 @@ func (client VirtualMachineScaleSetVMsClient) PowerOffPreparer(resourceGroupName
 func (client VirtualMachineScaleSetVMsClient) PowerOffSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -639,6 +648,7 @@ func (client VirtualMachineScaleSetVMsClient) ReimagePreparer(resourceGroupName
 func (client VirtualMachineScaleSetVMsClient) ReimageSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -723,6 +733,7 @@ func (client VirtualMachineScaleSetVMsClient) ReimageAllPreparer(resourceGroupNa
 func (client VirtualMachineScaleSetVMsClient) ReimageAllSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -807,6 +818,7 @@ func (client VirtualMachineScaleSetVMsClient) RestartPreparer(resourceGroupName
 func (client VirtualMachineScaleSetVMsClient) RestartSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -890,6 +902,7 @@ func (client VirtualMachineScaleSetVMsClient) StartPreparer(resourceGroupName st
 func (client VirtualMachineScaleSetVMsClient) StartSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinesizes.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinesizes.go
index dc2f2778bea2..0833578d5a6c 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinesizes.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/compute/virtualmachinesizes.go
@@ -93,7 +93,9 @@ func (client VirtualMachineSizesClient) ListPreparer(location string) (*http.Req
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualMachineSizesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/client.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/client.go
index b3eea6cb2f49..08485cae6140 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/client.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/client.go
@@ -1,6 +1,6 @@
 // Package containerregistry implements the Azure ARM Containerregistry service API version 2017-10-01.
 //
-//
+// Deprecated: Please instead use github.com/Azure/azure-sdk-for-go/services/containerregistry/mgmt/2017-10-01/containerregistry
 package containerregistry
 
 // Copyright (c) Microsoft and contributors.  All rights reserved.
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/operations.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/operations.go
index a9143e739664..5a5aa26f42c3 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/operations.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/operations.go
@@ -79,7 +79,9 @@ func (client OperationsClient) ListPreparer() (*http.Request, error) {
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client OperationsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/registries.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/registries.go
index c1c9af59e838..955b6ae1c439 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/registries.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/registries.go
@@ -100,7 +100,9 @@ func (client RegistriesClient) CheckNameAvailabilityPreparer(registryNameCheckRe
 // CheckNameAvailabilitySender sends the CheckNameAvailability request. The method will close the
 // http.Response Body if it receives an error.
 func (client RegistriesClient) CheckNameAvailabilitySender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // CheckNameAvailabilityResponder handles the response to the CheckNameAvailability request. The method always
@@ -202,6 +204,7 @@ func (client RegistriesClient) CreatePreparer(resourceGroupName string, registry
 func (client RegistriesClient) CreateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -295,6 +298,7 @@ func (client RegistriesClient) DeletePreparer(resourceGroupName string, registry
 func (client RegistriesClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -368,7 +372,9 @@ func (client RegistriesClient) GetPreparer(resourceGroupName string, registryNam
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client RegistriesClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -429,7 +435,9 @@ func (client RegistriesClient) ListPreparer() (*http.Request, error) {
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client RegistriesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -562,7 +570,9 @@ func (client RegistriesClient) ListByResourceGroupPreparer(resourceGroupName str
 // ListByResourceGroupSender sends the ListByResourceGroup request. The method will close the
 // http.Response Body if it receives an error.
 func (client RegistriesClient) ListByResourceGroupSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListByResourceGroupResponder handles the response to the ListByResourceGroup request. The method always
@@ -705,7 +715,9 @@ func (client RegistriesClient) ListCredentialsPreparer(resourceGroupName string,
 // ListCredentialsSender sends the ListCredentials request. The method will close the
 // http.Response Body if it receives an error.
 func (client RegistriesClient) ListCredentialsSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListCredentialsResponder handles the response to the ListCredentials request. The method always
@@ -779,7 +791,9 @@ func (client RegistriesClient) ListUsagesPreparer(resourceGroupName string, regi
 // ListUsagesSender sends the ListUsages request. The method will close the
 // http.Response Body if it receives an error.
 func (client RegistriesClient) ListUsagesSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListUsagesResponder handles the response to the ListUsages request. The method always
@@ -856,7 +870,9 @@ func (client RegistriesClient) RegenerateCredentialPreparer(resourceGroupName st
 // RegenerateCredentialSender sends the RegenerateCredential request. The method will close the
 // http.Response Body if it receives an error.
 func (client RegistriesClient) RegenerateCredentialSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // RegenerateCredentialResponder handles the response to the RegenerateCredential request. The method always
@@ -952,6 +968,7 @@ func (client RegistriesClient) UpdatePreparer(resourceGroupName string, registry
 func (client RegistriesClient) UpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/replications.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/replications.go
index 79fce2d21ee8..5b82038ef1d7 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/replications.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/replications.go
@@ -125,6 +125,7 @@ func (client ReplicationsClient) CreatePreparer(resourceGroupName string, regist
 func (client ReplicationsClient) CreateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -224,6 +225,7 @@ func (client ReplicationsClient) DeletePreparer(resourceGroupName string, regist
 func (client ReplicationsClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -302,7 +304,9 @@ func (client ReplicationsClient) GetPreparer(resourceGroupName string, registryN
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client ReplicationsClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -376,7 +380,9 @@ func (client ReplicationsClient) ListPreparer(resourceGroupName string, registry
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client ReplicationsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -547,6 +553,7 @@ func (client ReplicationsClient) UpdatePreparer(resourceGroupName string, regist
 func (client ReplicationsClient) UpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/version.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/version.go
index 6e3ee863831d..57af0d04a4de 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/version.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/version.go
@@ -19,10 +19,10 @@ package containerregistry
 
 // UserAgent returns the UserAgent string to use when sending http.Requests.
 func UserAgent() string {
-	return "Azure-SDK-For-Go/v11.1.0-beta arm-containerregistry/2017-10-01"
+	return "Azure-SDK-For-Go/v12.4.0-beta arm-containerregistry/2017-10-01"
 }
 
 // Version returns the semantic version (see http://semver.org) of the client.
 func Version() string {
-	return "v11.1.0-beta"
+	return "v12.4.0-beta"
 }
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/webhooks.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/webhooks.go
index ff5f9ce7844d..e61ce83a9739 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/webhooks.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry/webhooks.go
@@ -131,6 +131,7 @@ func (client WebhooksClient) CreatePreparer(resourceGroupName string, registryNa
 func (client WebhooksClient) CreateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -229,6 +230,7 @@ func (client WebhooksClient) DeletePreparer(resourceGroupName string, registryNa
 func (client WebhooksClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -307,7 +309,9 @@ func (client WebhooksClient) GetPreparer(resourceGroupName string, registryName
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client WebhooksClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -386,7 +390,9 @@ func (client WebhooksClient) GetCallbackConfigPreparer(resourceGroupName string,
 // GetCallbackConfigSender sends the GetCallbackConfig request. The method will close the
 // http.Response Body if it receives an error.
 func (client WebhooksClient) GetCallbackConfigSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetCallbackConfigResponder handles the response to the GetCallbackConfig request. The method always
@@ -460,7 +466,9 @@ func (client WebhooksClient) ListPreparer(resourceGroupName string, registryName
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client WebhooksClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -608,7 +616,9 @@ func (client WebhooksClient) ListEventsPreparer(resourceGroupName string, regist
 // ListEventsSender sends the ListEvents request. The method will close the
 // http.Response Body if it receives an error.
 func (client WebhooksClient) ListEventsSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListEventsResponder handles the response to the ListEvents request. The method always
@@ -756,7 +766,9 @@ func (client WebhooksClient) PingPreparer(resourceGroupName string, registryName
 // PingSender sends the Ping request. The method will close the
 // http.Response Body if it receives an error.
 func (client WebhooksClient) PingSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // PingResponder handles the response to the Ping request. The method always
@@ -858,6 +870,7 @@ func (client WebhooksClient) UpdatePreparer(resourceGroupName string, registryNa
 func (client WebhooksClient) UpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/disk/client.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/disk/client.go
index 8bab7acc1324..54634794d677 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/disk/client.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/disk/client.go
@@ -2,6 +2,8 @@
 // 2016-04-30-preview.
 //
 // The Disk Resource Provider Client.
+//
+// Deprecated: Please instead use github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2016-04-30-preview/compute
 package disk
 
 // Copyright (c) Microsoft and contributors.  All rights reserved.
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/disk/version.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/disk/version.go
index 11c4a35ee9c3..2981a37ce5bb 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/disk/version.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/disk/version.go
@@ -19,10 +19,10 @@ package disk
 
 // UserAgent returns the UserAgent string to use when sending http.Requests.
 func UserAgent() string {
-	return "Azure-SDK-For-Go/v10.2.0-beta arm-disk/2016-04-30-preview"
+	return "Azure-SDK-For-Go/v12.4.0-beta arm-disk/2016-04-30-preview"
 }
 
 // Version returns the semantic version (see http://semver.org) of the client.
 func Version() string {
-	return "v10.2.0-beta"
+	return "v12.4.0-beta"
 }
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/applicationgateways.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/applicationgateways.go
index c000be117bcd..0d1605ac2975 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/applicationgateways.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/applicationgateways.go
@@ -109,6 +109,7 @@ func (client ApplicationGatewaysClient) BackendHealthPreparer(resourceGroupName
 func (client ApplicationGatewaysClient) BackendHealthSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -209,6 +210,7 @@ func (client ApplicationGatewaysClient) CreateOrUpdatePreparer(resourceGroupName
 func (client ApplicationGatewaysClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -290,6 +292,7 @@ func (client ApplicationGatewaysClient) DeletePreparer(resourceGroupName string,
 func (client ApplicationGatewaysClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -354,7 +357,9 @@ func (client ApplicationGatewaysClient) GetPreparer(resourceGroupName string, ap
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client ApplicationGatewaysClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -418,7 +423,9 @@ func (client ApplicationGatewaysClient) GetSslPredefinedPolicyPreparer(predefine
 // GetSslPredefinedPolicySender sends the GetSslPredefinedPolicy request. The method will close the
 // http.Response Body if it receives an error.
 func (client ApplicationGatewaysClient) GetSslPredefinedPolicySender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetSslPredefinedPolicyResponder handles the response to the GetSslPredefinedPolicy request. The method always
@@ -482,7 +489,9 @@ func (client ApplicationGatewaysClient) ListPreparer(resourceGroupName string) (
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client ApplicationGatewaysClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -612,7 +621,9 @@ func (client ApplicationGatewaysClient) ListAllPreparer() (*http.Request, error)
 // ListAllSender sends the ListAll request. The method will close the
 // http.Response Body if it receives an error.
 func (client ApplicationGatewaysClient) ListAllSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListAllResponder handles the response to the ListAll request. The method always
@@ -742,7 +753,9 @@ func (client ApplicationGatewaysClient) ListAvailableSslOptionsPreparer() (*http
 // ListAvailableSslOptionsSender sends the ListAvailableSslOptions request. The method will close the
 // http.Response Body if it receives an error.
 func (client ApplicationGatewaysClient) ListAvailableSslOptionsSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListAvailableSslOptionsResponder handles the response to the ListAvailableSslOptions request. The method always
@@ -803,7 +816,9 @@ func (client ApplicationGatewaysClient) ListAvailableSslPredefinedPoliciesPrepar
 // ListAvailableSslPredefinedPoliciesSender sends the ListAvailableSslPredefinedPolicies request. The method will close the
 // http.Response Body if it receives an error.
 func (client ApplicationGatewaysClient) ListAvailableSslPredefinedPoliciesSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListAvailableSslPredefinedPoliciesResponder handles the response to the ListAvailableSslPredefinedPolicies request. The method always
@@ -933,7 +948,9 @@ func (client ApplicationGatewaysClient) ListAvailableWafRuleSetsPreparer() (*htt
 // ListAvailableWafRuleSetsSender sends the ListAvailableWafRuleSets request. The method will close the
 // http.Response Body if it receives an error.
 func (client ApplicationGatewaysClient) ListAvailableWafRuleSetsSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListAvailableWafRuleSetsResponder handles the response to the ListAvailableWafRuleSets request. The method always
@@ -1014,6 +1031,7 @@ func (client ApplicationGatewaysClient) StartPreparer(resourceGroupName string,
 func (client ApplicationGatewaysClient) StartSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -1095,6 +1113,7 @@ func (client ApplicationGatewaysClient) StopPreparer(resourceGroupName string, a
 func (client ApplicationGatewaysClient) StopSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/applicationsecuritygroups.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/applicationsecuritygroups.go
index 1e84e706466f..954b113d4228 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/applicationsecuritygroups.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/applicationsecuritygroups.go
@@ -107,6 +107,7 @@ func (client ApplicationSecurityGroupsClient) CreateOrUpdatePreparer(resourceGro
 func (client ApplicationSecurityGroupsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -190,6 +191,7 @@ func (client ApplicationSecurityGroupsClient) DeletePreparer(resourceGroupName s
 func (client ApplicationSecurityGroupsClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -255,7 +257,9 @@ func (client ApplicationSecurityGroupsClient) GetPreparer(resourceGroupName stri
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client ApplicationSecurityGroupsClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -319,7 +323,9 @@ func (client ApplicationSecurityGroupsClient) ListPreparer(resourceGroupName str
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client ApplicationSecurityGroupsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -449,7 +455,9 @@ func (client ApplicationSecurityGroupsClient) ListAllPreparer() (*http.Request,
 // ListAllSender sends the ListAll request. The method will close the
 // http.Response Body if it receives an error.
 func (client ApplicationSecurityGroupsClient) ListAllSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListAllResponder handles the response to the ListAll request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/availableendpointservices.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/availableendpointservices.go
index 26bcaf8b647c..a010418e9ded 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/availableendpointservices.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/availableendpointservices.go
@@ -86,7 +86,9 @@ func (client AvailableEndpointServicesClient) ListPreparer(location string) (*ht
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client AvailableEndpointServicesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/bgpservicecommunities.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/bgpservicecommunities.go
index 10cfa2cdd558..5c4f4786a90e 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/bgpservicecommunities.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/bgpservicecommunities.go
@@ -83,7 +83,9 @@ func (client BgpServiceCommunitiesClient) ListPreparer() (*http.Request, error)
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client BgpServiceCommunitiesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/client.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/client.go
index a3576c393aa9..ea0952c7ca9b 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/client.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/client.go
@@ -1,6 +1,8 @@
 // Package network implements the Azure ARM Network service API version .
 //
 // Network Client
+//
+// Deprecated: Please instead use github.com/Azure/azure-sdk-for-go/services/network/mgmt/2017-09-01/network
 package network
 
 // Copyright (c) Microsoft and contributors.  All rights reserved.
@@ -102,7 +104,9 @@ func (client ManagementClient) CheckDNSNameAvailabilityPreparer(location string,
 // CheckDNSNameAvailabilitySender sends the CheckDNSNameAvailability request. The method will close the
 // http.Response Body if it receives an error.
 func (client ManagementClient) CheckDNSNameAvailabilitySender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // CheckDNSNameAvailabilityResponder handles the response to the CheckDNSNameAvailability request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/defaultsecurityrules.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/defaultsecurityrules.go
index 9a3ded19d5c2..1fd3e18d92aa 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/defaultsecurityrules.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/defaultsecurityrules.go
@@ -89,7 +89,9 @@ func (client DefaultSecurityRulesClient) GetPreparer(resourceGroupName string, n
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client DefaultSecurityRulesClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -155,7 +157,9 @@ func (client DefaultSecurityRulesClient) ListPreparer(resourceGroupName string,
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client DefaultSecurityRulesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/expressroutecircuitauthorizations.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/expressroutecircuitauthorizations.go
index 9b7fd524e73c..3ea822813dc1 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/expressroutecircuitauthorizations.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/expressroutecircuitauthorizations.go
@@ -111,6 +111,7 @@ func (client ExpressRouteCircuitAuthorizationsClient) CreateOrUpdatePreparer(res
 func (client ExpressRouteCircuitAuthorizationsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -195,6 +196,7 @@ func (client ExpressRouteCircuitAuthorizationsClient) DeletePreparer(resourceGro
 func (client ExpressRouteCircuitAuthorizationsClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -261,7 +263,9 @@ func (client ExpressRouteCircuitAuthorizationsClient) GetPreparer(resourceGroupN
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client ExpressRouteCircuitAuthorizationsClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -326,7 +330,9 @@ func (client ExpressRouteCircuitAuthorizationsClient) ListPreparer(resourceGroup
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client ExpressRouteCircuitAuthorizationsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/expressroutecircuitpeerings.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/expressroutecircuitpeerings.go
index af9fc67e0394..c454167020dc 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/expressroutecircuitpeerings.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/expressroutecircuitpeerings.go
@@ -109,6 +109,7 @@ func (client ExpressRouteCircuitPeeringsClient) CreateOrUpdatePreparer(resourceG
 func (client ExpressRouteCircuitPeeringsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -193,6 +194,7 @@ func (client ExpressRouteCircuitPeeringsClient) DeletePreparer(resourceGroupName
 func (client ExpressRouteCircuitPeeringsClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -259,7 +261,9 @@ func (client ExpressRouteCircuitPeeringsClient) GetPreparer(resourceGroupName st
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client ExpressRouteCircuitPeeringsClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -324,7 +328,9 @@ func (client ExpressRouteCircuitPeeringsClient) ListPreparer(resourceGroupName s
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client ExpressRouteCircuitPeeringsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/expressroutecircuits.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/expressroutecircuits.go
index 63cfeff9e0a1..8a497d166afc 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/expressroutecircuits.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/expressroutecircuits.go
@@ -107,6 +107,7 @@ func (client ExpressRouteCircuitsClient) CreateOrUpdatePreparer(resourceGroupNam
 func (client ExpressRouteCircuitsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -188,6 +189,7 @@ func (client ExpressRouteCircuitsClient) DeletePreparer(resourceGroupName string
 func (client ExpressRouteCircuitsClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -252,7 +254,9 @@ func (client ExpressRouteCircuitsClient) GetPreparer(resourceGroupName string, c
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client ExpressRouteCircuitsClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -319,7 +323,9 @@ func (client ExpressRouteCircuitsClient) GetPeeringStatsPreparer(resourceGroupNa
 // GetPeeringStatsSender sends the GetPeeringStats request. The method will close the
 // http.Response Body if it receives an error.
 func (client ExpressRouteCircuitsClient) GetPeeringStatsSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetPeeringStatsResponder handles the response to the GetPeeringStats request. The method always
@@ -384,7 +390,9 @@ func (client ExpressRouteCircuitsClient) GetStatsPreparer(resourceGroupName stri
 // GetStatsSender sends the GetStats request. The method will close the
 // http.Response Body if it receives an error.
 func (client ExpressRouteCircuitsClient) GetStatsSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetStatsResponder handles the response to the GetStats request. The method always
@@ -448,7 +456,9 @@ func (client ExpressRouteCircuitsClient) ListPreparer(resourceGroupName string)
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client ExpressRouteCircuitsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -578,7 +588,9 @@ func (client ExpressRouteCircuitsClient) ListAllPreparer() (*http.Request, error
 // ListAllSender sends the ListAll request. The method will close the
 // http.Response Body if it receives an error.
 func (client ExpressRouteCircuitsClient) ListAllSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListAllResponder handles the response to the ListAll request. The method always
@@ -732,6 +744,7 @@ func (client ExpressRouteCircuitsClient) ListArpTablePreparer(resourceGroupName
 func (client ExpressRouteCircuitsClient) ListArpTableSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -817,6 +830,7 @@ func (client ExpressRouteCircuitsClient) ListRoutesTablePreparer(resourceGroupNa
 func (client ExpressRouteCircuitsClient) ListRoutesTableSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -902,6 +916,7 @@ func (client ExpressRouteCircuitsClient) ListRoutesTableSummaryPreparer(resource
 func (client ExpressRouteCircuitsClient) ListRoutesTableSummarySender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/expressrouteserviceproviders.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/expressrouteserviceproviders.go
index 5e39087b2a5c..ccd76e9968d4 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/expressrouteserviceproviders.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/expressrouteserviceproviders.go
@@ -84,7 +84,9 @@ func (client ExpressRouteServiceProvidersClient) ListPreparer() (*http.Request,
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client ExpressRouteServiceProvidersClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/inboundnatrules.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/inboundnatrules.go
index eab80ac57669..8a43aee1b914 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/inboundnatrules.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/inboundnatrules.go
@@ -132,6 +132,7 @@ func (client InboundNatRulesClient) CreateOrUpdatePreparer(resourceGroupName str
 func (client InboundNatRulesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -216,6 +217,7 @@ func (client InboundNatRulesClient) DeletePreparer(resourceGroupName string, loa
 func (client InboundNatRulesClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -285,7 +287,9 @@ func (client InboundNatRulesClient) GetPreparer(resourceGroupName string, loadBa
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client InboundNatRulesClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -350,7 +354,9 @@ func (client InboundNatRulesClient) ListPreparer(resourceGroupName string, loadB
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client InboundNatRulesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/interfaceipconfigurations.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/interfaceipconfigurations.go
index ca0359f09006..4885110b27f9 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/interfaceipconfigurations.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/interfaceipconfigurations.go
@@ -89,7 +89,9 @@ func (client InterfaceIPConfigurationsClient) GetPreparer(resourceGroupName stri
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client InterfaceIPConfigurationsClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -154,7 +156,9 @@ func (client InterfaceIPConfigurationsClient) ListPreparer(resourceGroupName str
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client InterfaceIPConfigurationsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/interfaceloadbalancers.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/interfaceloadbalancers.go
index c7b7d272f729..e9f00e491e50 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/interfaceloadbalancers.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/interfaceloadbalancers.go
@@ -87,7 +87,9 @@ func (client InterfaceLoadBalancersClient) ListPreparer(resourceGroupName string
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client InterfaceLoadBalancersClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/interfaces.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/interfaces.go
index c2fdb3e901b7..cfe3238c53aa 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/interfaces.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/interfaces.go
@@ -107,6 +107,7 @@ func (client InterfacesClient) CreateOrUpdatePreparer(resourceGroupName string,
 func (client InterfacesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -188,6 +189,7 @@ func (client InterfacesClient) DeletePreparer(resourceGroupName string, networkI
 func (client InterfacesClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -256,7 +258,9 @@ func (client InterfacesClient) GetPreparer(resourceGroupName string, networkInte
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client InterfacesClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -338,6 +342,7 @@ func (client InterfacesClient) GetEffectiveRouteTablePreparer(resourceGroupName
 func (client InterfacesClient) GetEffectiveRouteTableSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -410,7 +415,9 @@ func (client InterfacesClient) GetVirtualMachineScaleSetNetworkInterfacePreparer
 // GetVirtualMachineScaleSetNetworkInterfaceSender sends the GetVirtualMachineScaleSetNetworkInterface request. The method will close the
 // http.Response Body if it receives an error.
 func (client InterfacesClient) GetVirtualMachineScaleSetNetworkInterfaceSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetVirtualMachineScaleSetNetworkInterfaceResponder handles the response to the GetVirtualMachineScaleSetNetworkInterface request. The method always
@@ -474,7 +481,9 @@ func (client InterfacesClient) ListPreparer(resourceGroupName string) (*http.Req
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client InterfacesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -604,7 +613,9 @@ func (client InterfacesClient) ListAllPreparer() (*http.Request, error) {
 // ListAllSender sends the ListAll request. The method will close the
 // http.Response Body if it receives an error.
 func (client InterfacesClient) ListAllSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListAllResponder handles the response to the ListAll request. The method always
@@ -755,6 +766,7 @@ func (client InterfacesClient) ListEffectiveNetworkSecurityGroupsPreparer(resour
 func (client InterfacesClient) ListEffectiveNetworkSecurityGroupsSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -821,7 +833,9 @@ func (client InterfacesClient) ListVirtualMachineScaleSetNetworkInterfacesPrepar
 // ListVirtualMachineScaleSetNetworkInterfacesSender sends the ListVirtualMachineScaleSetNetworkInterfaces request. The method will close the
 // http.Response Body if it receives an error.
 func (client InterfacesClient) ListVirtualMachineScaleSetNetworkInterfacesSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListVirtualMachineScaleSetNetworkInterfacesResponder handles the response to the ListVirtualMachineScaleSetNetworkInterfaces request. The method always
@@ -958,7 +972,9 @@ func (client InterfacesClient) ListVirtualMachineScaleSetVMNetworkInterfacesPrep
 // ListVirtualMachineScaleSetVMNetworkInterfacesSender sends the ListVirtualMachineScaleSetVMNetworkInterfaces request. The method will close the
 // http.Response Body if it receives an error.
 func (client InterfacesClient) ListVirtualMachineScaleSetVMNetworkInterfacesSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListVirtualMachineScaleSetVMNetworkInterfacesResponder handles the response to the ListVirtualMachineScaleSetVMNetworkInterfaces request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancerbackendaddresspools.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancerbackendaddresspools.go
index de14c3556084..e15b18fc5835 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancerbackendaddresspools.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancerbackendaddresspools.go
@@ -90,7 +90,9 @@ func (client LoadBalancerBackendAddressPoolsClient) GetPreparer(resourceGroupNam
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client LoadBalancerBackendAddressPoolsClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -155,7 +157,9 @@ func (client LoadBalancerBackendAddressPoolsClient) ListPreparer(resourceGroupNa
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client LoadBalancerBackendAddressPoolsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancerfrontendipconfigurations.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancerfrontendipconfigurations.go
index 515b875a1831..7ba6f72fb532 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancerfrontendipconfigurations.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancerfrontendipconfigurations.go
@@ -91,7 +91,9 @@ func (client LoadBalancerFrontendIPConfigurationsClient) GetPreparer(resourceGro
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client LoadBalancerFrontendIPConfigurationsClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -156,7 +158,9 @@ func (client LoadBalancerFrontendIPConfigurationsClient) ListPreparer(resourceGr
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client LoadBalancerFrontendIPConfigurationsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancerloadbalancingrules.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancerloadbalancingrules.go
index 2ecd6be0d4f0..4a4747ccda11 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancerloadbalancingrules.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancerloadbalancingrules.go
@@ -90,7 +90,9 @@ func (client LoadBalancerLoadBalancingRulesClient) GetPreparer(resourceGroupName
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client LoadBalancerLoadBalancingRulesClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -155,7 +157,9 @@ func (client LoadBalancerLoadBalancingRulesClient) ListPreparer(resourceGroupNam
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client LoadBalancerLoadBalancingRulesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancernetworkinterfaces.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancernetworkinterfaces.go
index 35650354255b..def71135275e 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancernetworkinterfaces.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancernetworkinterfaces.go
@@ -88,7 +88,9 @@ func (client LoadBalancerNetworkInterfacesClient) ListPreparer(resourceGroupName
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client LoadBalancerNetworkInterfacesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancerprobes.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancerprobes.go
index daee51e0f355..2b43d041b026 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancerprobes.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancerprobes.go
@@ -89,7 +89,9 @@ func (client LoadBalancerProbesClient) GetPreparer(resourceGroupName string, loa
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client LoadBalancerProbesClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -154,7 +156,9 @@ func (client LoadBalancerProbesClient) ListPreparer(resourceGroupName string, lo
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client LoadBalancerProbesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancers.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancers.go
index 3a2528d85f4b..980478937e8d 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancers.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/loadbalancers.go
@@ -106,6 +106,7 @@ func (client LoadBalancersClient) CreateOrUpdatePreparer(resourceGroupName strin
 func (client LoadBalancersClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -187,6 +188,7 @@ func (client LoadBalancersClient) DeletePreparer(resourceGroupName string, loadB
 func (client LoadBalancersClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -255,7 +257,9 @@ func (client LoadBalancersClient) GetPreparer(resourceGroupName string, loadBala
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client LoadBalancersClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -319,7 +323,9 @@ func (client LoadBalancersClient) ListPreparer(resourceGroupName string) (*http.
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client LoadBalancersClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -449,7 +455,9 @@ func (client LoadBalancersClient) ListAllPreparer() (*http.Request, error) {
 // ListAllSender sends the ListAll request. The method will close the
 // http.Response Body if it receives an error.
 func (client LoadBalancersClient) ListAllSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListAllResponder handles the response to the ListAll request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/localnetworkgateways.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/localnetworkgateways.go
index 64cdea20a72b..5431d244efe9 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/localnetworkgateways.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/localnetworkgateways.go
@@ -119,6 +119,7 @@ func (client LocalNetworkGatewaysClient) CreateOrUpdatePreparer(resourceGroupNam
 func (client LocalNetworkGatewaysClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -210,6 +211,7 @@ func (client LocalNetworkGatewaysClient) DeletePreparer(resourceGroupName string
 func (client LocalNetworkGatewaysClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -281,7 +283,9 @@ func (client LocalNetworkGatewaysClient) GetPreparer(resourceGroupName string, l
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client LocalNetworkGatewaysClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -345,7 +349,9 @@ func (client LocalNetworkGatewaysClient) ListPreparer(resourceGroupName string)
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client LocalNetworkGatewaysClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/packetcaptures.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/packetcaptures.go
index 1ad97a5e2aa1..d089ca61dbb6 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/packetcaptures.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/packetcaptures.go
@@ -122,6 +122,7 @@ func (client PacketCapturesClient) CreatePreparer(resourceGroupName string, netw
 func (client PacketCapturesClient) CreateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -205,6 +206,7 @@ func (client PacketCapturesClient) DeletePreparer(resourceGroupName string, netw
 func (client PacketCapturesClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -271,7 +273,9 @@ func (client PacketCapturesClient) GetPreparer(resourceGroupName string, network
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client PacketCapturesClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -355,6 +359,7 @@ func (client PacketCapturesClient) GetStatusPreparer(resourceGroupName string, n
 func (client PacketCapturesClient) GetStatusSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -420,7 +425,9 @@ func (client PacketCapturesClient) ListPreparer(resourceGroupName string, networ
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client PacketCapturesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -503,6 +510,7 @@ func (client PacketCapturesClient) StopPreparer(resourceGroupName string, networ
 func (client PacketCapturesClient) StopSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/publicipaddresses.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/publicipaddresses.go
index af7e7ec85b66..63733fbd4824 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/publicipaddresses.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/publicipaddresses.go
@@ -122,6 +122,7 @@ func (client PublicIPAddressesClient) CreateOrUpdatePreparer(resourceGroupName s
 func (client PublicIPAddressesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -203,6 +204,7 @@ func (client PublicIPAddressesClient) DeletePreparer(resourceGroupName string, p
 func (client PublicIPAddressesClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -271,7 +273,9 @@ func (client PublicIPAddressesClient) GetPreparer(resourceGroupName string, publ
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client PublicIPAddressesClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -346,7 +350,9 @@ func (client PublicIPAddressesClient) GetVirtualMachineScaleSetPublicIPAddressPr
 // GetVirtualMachineScaleSetPublicIPAddressSender sends the GetVirtualMachineScaleSetPublicIPAddress request. The method will close the
 // http.Response Body if it receives an error.
 func (client PublicIPAddressesClient) GetVirtualMachineScaleSetPublicIPAddressSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetVirtualMachineScaleSetPublicIPAddressResponder handles the response to the GetVirtualMachineScaleSetPublicIPAddress request. The method always
@@ -410,7 +416,9 @@ func (client PublicIPAddressesClient) ListPreparer(resourceGroupName string) (*h
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client PublicIPAddressesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -540,7 +548,9 @@ func (client PublicIPAddressesClient) ListAllPreparer() (*http.Request, error) {
 // ListAllSender sends the ListAll request. The method will close the
 // http.Response Body if it receives an error.
 func (client PublicIPAddressesClient) ListAllSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListAllResponder handles the response to the ListAll request. The method always
@@ -676,7 +686,9 @@ func (client PublicIPAddressesClient) ListVirtualMachineScaleSetPublicIPAddresse
 // ListVirtualMachineScaleSetPublicIPAddressesSender sends the ListVirtualMachineScaleSetPublicIPAddresses request. The method will close the
 // http.Response Body if it receives an error.
 func (client PublicIPAddressesClient) ListVirtualMachineScaleSetPublicIPAddressesSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListVirtualMachineScaleSetPublicIPAddressesResponder handles the response to the ListVirtualMachineScaleSetPublicIPAddresses request. The method always
@@ -816,7 +828,9 @@ func (client PublicIPAddressesClient) ListVirtualMachineScaleSetVMPublicIPAddres
 // ListVirtualMachineScaleSetVMPublicIPAddressesSender sends the ListVirtualMachineScaleSetVMPublicIPAddresses request. The method will close the
 // http.Response Body if it receives an error.
 func (client PublicIPAddressesClient) ListVirtualMachineScaleSetVMPublicIPAddressesSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListVirtualMachineScaleSetVMPublicIPAddressesResponder handles the response to the ListVirtualMachineScaleSetVMPublicIPAddresses request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/routefilterrules.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/routefilterrules.go
index 7c0ab17904c8..b3dc3883bec4 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/routefilterrules.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/routefilterrules.go
@@ -122,6 +122,7 @@ func (client RouteFilterRulesClient) CreateOrUpdatePreparer(resourceGroupName st
 func (client RouteFilterRulesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -206,6 +207,7 @@ func (client RouteFilterRulesClient) DeletePreparer(resourceGroupName string, ro
 func (client RouteFilterRulesClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -272,7 +274,9 @@ func (client RouteFilterRulesClient) GetPreparer(resourceGroupName string, route
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client RouteFilterRulesClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -337,7 +341,9 @@ func (client RouteFilterRulesClient) ListByRouteFilterPreparer(resourceGroupName
 // ListByRouteFilterSender sends the ListByRouteFilter request. The method will close the
 // http.Response Body if it receives an error.
 func (client RouteFilterRulesClient) ListByRouteFilterSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListByRouteFilterResponder handles the response to the ListByRouteFilter request. The method always
@@ -493,6 +499,7 @@ func (client RouteFilterRulesClient) UpdatePreparer(resourceGroupName string, ro
 func (client RouteFilterRulesClient) UpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/routefilters.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/routefilters.go
index 711e58fc9c98..0d35b6d9c06c 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/routefilters.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/routefilters.go
@@ -107,6 +107,7 @@ func (client RouteFiltersClient) CreateOrUpdatePreparer(resourceGroupName string
 func (client RouteFiltersClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -188,6 +189,7 @@ func (client RouteFiltersClient) DeletePreparer(resourceGroupName string, routeF
 func (client RouteFiltersClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -256,7 +258,9 @@ func (client RouteFiltersClient) GetPreparer(resourceGroupName string, routeFilt
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client RouteFiltersClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -317,7 +321,9 @@ func (client RouteFiltersClient) ListPreparer() (*http.Request, error) {
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client RouteFiltersClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -450,7 +456,9 @@ func (client RouteFiltersClient) ListByResourceGroupPreparer(resourceGroupName s
 // ListByResourceGroupSender sends the ListByResourceGroup request. The method will close the
 // http.Response Body if it receives an error.
 func (client RouteFiltersClient) ListByResourceGroupSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListByResourceGroupResponder handles the response to the ListByResourceGroup request. The method always
@@ -604,6 +612,7 @@ func (client RouteFiltersClient) UpdatePreparer(resourceGroupName string, routeF
 func (client RouteFiltersClient) UpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/routes.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/routes.go
index 0dcde6fa01d0..48d11f3afce2 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/routes.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/routes.go
@@ -108,6 +108,7 @@ func (client RoutesClient) CreateOrUpdatePreparer(resourceGroupName string, rout
 func (client RoutesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -192,6 +193,7 @@ func (client RoutesClient) DeletePreparer(resourceGroupName string, routeTableNa
 func (client RoutesClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -258,7 +260,9 @@ func (client RoutesClient) GetPreparer(resourceGroupName string, routeTableName
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client RoutesClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -323,7 +327,9 @@ func (client RoutesClient) ListPreparer(resourceGroupName string, routeTableName
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client RoutesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/routetables.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/routetables.go
index e9b557bc0b37..3a2f4ca69e6c 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/routetables.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/routetables.go
@@ -107,6 +107,7 @@ func (client RouteTablesClient) CreateOrUpdatePreparer(resourceGroupName string,
 func (client RouteTablesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -188,6 +189,7 @@ func (client RouteTablesClient) DeletePreparer(resourceGroupName string, routeTa
 func (client RouteTablesClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -256,7 +258,9 @@ func (client RouteTablesClient) GetPreparer(resourceGroupName string, routeTable
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client RouteTablesClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -320,7 +324,9 @@ func (client RouteTablesClient) ListPreparer(resourceGroupName string) (*http.Re
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client RouteTablesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -450,7 +456,9 @@ func (client RouteTablesClient) ListAllPreparer() (*http.Request, error) {
 // ListAllSender sends the ListAll request. The method will close the
 // http.Response Body if it receives an error.
 func (client RouteTablesClient) ListAllSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListAllResponder handles the response to the ListAll request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/securitygroups.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/securitygroups.go
index b1a5ae4a6e29..3606e6d82c89 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/securitygroups.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/securitygroups.go
@@ -107,6 +107,7 @@ func (client SecurityGroupsClient) CreateOrUpdatePreparer(resourceGroupName stri
 func (client SecurityGroupsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -189,6 +190,7 @@ func (client SecurityGroupsClient) DeletePreparer(resourceGroupName string, netw
 func (client SecurityGroupsClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -257,7 +259,9 @@ func (client SecurityGroupsClient) GetPreparer(resourceGroupName string, network
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client SecurityGroupsClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -321,7 +325,9 @@ func (client SecurityGroupsClient) ListPreparer(resourceGroupName string) (*http
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client SecurityGroupsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -451,7 +457,9 @@ func (client SecurityGroupsClient) ListAllPreparer() (*http.Request, error) {
 // ListAllSender sends the ListAll request. The method will close the
 // http.Response Body if it receives an error.
 func (client SecurityGroupsClient) ListAllSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListAllResponder handles the response to the ListAll request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/securityrules.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/securityrules.go
index 9c76ef54e8b9..6fcecae5f9c1 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/securityrules.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/securityrules.go
@@ -122,6 +122,7 @@ func (client SecurityRulesClient) CreateOrUpdatePreparer(resourceGroupName strin
 func (client SecurityRulesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -205,6 +206,7 @@ func (client SecurityRulesClient) DeletePreparer(resourceGroupName string, netwo
 func (client SecurityRulesClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -271,7 +273,9 @@ func (client SecurityRulesClient) GetPreparer(resourceGroupName string, networkS
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client SecurityRulesClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -337,7 +341,9 @@ func (client SecurityRulesClient) ListPreparer(resourceGroupName string, network
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client SecurityRulesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/subnets.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/subnets.go
index 62a1789e591d..298cb989ffa8 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/subnets.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/subnets.go
@@ -109,6 +109,7 @@ func (client SubnetsClient) CreateOrUpdatePreparer(resourceGroupName string, vir
 func (client SubnetsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -192,6 +193,7 @@ func (client SubnetsClient) DeletePreparer(resourceGroupName string, virtualNetw
 func (client SubnetsClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -261,7 +263,9 @@ func (client SubnetsClient) GetPreparer(resourceGroupName string, virtualNetwork
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client SubnetsClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -326,7 +330,9 @@ func (client SubnetsClient) ListPreparer(resourceGroupName string, virtualNetwor
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client SubnetsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/usages.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/usages.go
index 85c220065404..ab2c9b8fcb3e 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/usages.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/usages.go
@@ -93,7 +93,9 @@ func (client UsagesClient) ListPreparer(location string) (*http.Request, error)
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client UsagesClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/version.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/version.go
index 7f510b4e4c6d..423a7117d8ff 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/version.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/version.go
@@ -19,10 +19,10 @@ package network
 
 // UserAgent returns the UserAgent string to use when sending http.Requests.
 func UserAgent() string {
-	return "Azure-SDK-For-Go/v11.0.0-beta arm-network/"
+	return "Azure-SDK-For-Go/v12.4.0-beta arm-network/"
 }
 
 // Version returns the semantic version (see http://semver.org) of the client.
 func Version() string {
-	return "v11.0.0-beta"
+	return "v12.4.0-beta"
 }
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/virtualnetworkgatewayconnections.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/virtualnetworkgatewayconnections.go
index 7db4d5de6c38..faac6f8a6797 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/virtualnetworkgatewayconnections.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/virtualnetworkgatewayconnections.go
@@ -126,6 +126,7 @@ func (client VirtualNetworkGatewayConnectionsClient) CreateOrUpdatePreparer(reso
 func (client VirtualNetworkGatewayConnectionsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -209,6 +210,7 @@ func (client VirtualNetworkGatewayConnectionsClient) DeletePreparer(resourceGrou
 func (client VirtualNetworkGatewayConnectionsClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -274,7 +276,9 @@ func (client VirtualNetworkGatewayConnectionsClient) GetPreparer(resourceGroupNa
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualNetworkGatewayConnectionsClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -341,7 +345,9 @@ func (client VirtualNetworkGatewayConnectionsClient) GetSharedKeyPreparer(resour
 // GetSharedKeySender sends the GetSharedKey request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualNetworkGatewayConnectionsClient) GetSharedKeySender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetSharedKeyResponder handles the response to the GetSharedKey request. The method always
@@ -406,7 +412,9 @@ func (client VirtualNetworkGatewayConnectionsClient) ListPreparer(resourceGroupN
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualNetworkGatewayConnectionsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -574,6 +582,7 @@ func (client VirtualNetworkGatewayConnectionsClient) ResetSharedKeyPreparer(reso
 func (client VirtualNetworkGatewayConnectionsClient) ResetSharedKeySender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -670,6 +679,7 @@ func (client VirtualNetworkGatewayConnectionsClient) SetSharedKeyPreparer(resour
 func (client VirtualNetworkGatewayConnectionsClient) SetSharedKeySender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/virtualnetworkgateways.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/virtualnetworkgateways.go
index 5f56a204badf..6edd19644c5b 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/virtualnetworkgateways.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/virtualnetworkgateways.go
@@ -117,6 +117,7 @@ func (client VirtualNetworkGatewaysClient) CreateOrUpdatePreparer(resourceGroupN
 func (client VirtualNetworkGatewaysClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -200,6 +201,7 @@ func (client VirtualNetworkGatewaysClient) DeletePreparer(resourceGroupName stri
 func (client VirtualNetworkGatewaysClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -284,6 +286,7 @@ func (client VirtualNetworkGatewaysClient) GeneratevpnclientpackagePreparer(reso
 func (client VirtualNetworkGatewaysClient) GeneratevpnclientpackageSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -370,6 +373,7 @@ func (client VirtualNetworkGatewaysClient) GenerateVpnProfilePreparer(resourceGr
 func (client VirtualNetworkGatewaysClient) GenerateVpnProfileSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -436,7 +440,9 @@ func (client VirtualNetworkGatewaysClient) GetPreparer(resourceGroupName string,
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualNetworkGatewaysClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -520,6 +526,7 @@ func (client VirtualNetworkGatewaysClient) GetAdvertisedRoutesPreparer(resourceG
 func (client VirtualNetworkGatewaysClient) GetAdvertisedRoutesSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -606,6 +613,7 @@ func (client VirtualNetworkGatewaysClient) GetBgpPeerStatusPreparer(resourceGrou
 func (client VirtualNetworkGatewaysClient) GetBgpPeerStatusSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -689,6 +697,7 @@ func (client VirtualNetworkGatewaysClient) GetLearnedRoutesPreparer(resourceGrou
 func (client VirtualNetworkGatewaysClient) GetLearnedRoutesSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -773,6 +782,7 @@ func (client VirtualNetworkGatewaysClient) GetVpnProfilePackageURLPreparer(resou
 func (client VirtualNetworkGatewaysClient) GetVpnProfilePackageURLSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -837,7 +847,9 @@ func (client VirtualNetworkGatewaysClient) ListPreparer(resourceGroupName string
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualNetworkGatewaysClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -972,7 +984,9 @@ func (client VirtualNetworkGatewaysClient) ListConnectionsPreparer(resourceGroup
 // ListConnectionsSender sends the ListConnections request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualNetworkGatewaysClient) ListConnectionsSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListConnectionsResponder handles the response to the ListConnections request. The method always
@@ -1128,6 +1142,7 @@ func (client VirtualNetworkGatewaysClient) ResetPreparer(resourceGroupName strin
 func (client VirtualNetworkGatewaysClient) ResetSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -1194,7 +1209,9 @@ func (client VirtualNetworkGatewaysClient) SupportedVpnDevicesPreparer(resourceG
 // SupportedVpnDevicesSender sends the SupportedVpnDevices request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualNetworkGatewaysClient) SupportedVpnDevicesSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // SupportedVpnDevicesResponder handles the response to the SupportedVpnDevices request. The method always
@@ -1263,7 +1280,9 @@ func (client VirtualNetworkGatewaysClient) VpnDeviceConfigurationScriptPreparer(
 // VpnDeviceConfigurationScriptSender sends the VpnDeviceConfigurationScript request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualNetworkGatewaysClient) VpnDeviceConfigurationScriptSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // VpnDeviceConfigurationScriptResponder handles the response to the VpnDeviceConfigurationScript request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/virtualnetworkpeerings.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/virtualnetworkpeerings.go
index 0a945c1bb8d7..30bed99c02cd 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/virtualnetworkpeerings.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/virtualnetworkpeerings.go
@@ -109,6 +109,7 @@ func (client VirtualNetworkPeeringsClient) CreateOrUpdatePreparer(resourceGroupN
 func (client VirtualNetworkPeeringsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -193,6 +194,7 @@ func (client VirtualNetworkPeeringsClient) DeletePreparer(resourceGroupName stri
 func (client VirtualNetworkPeeringsClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -259,7 +261,9 @@ func (client VirtualNetworkPeeringsClient) GetPreparer(resourceGroupName string,
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualNetworkPeeringsClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -324,7 +328,9 @@ func (client VirtualNetworkPeeringsClient) ListPreparer(resourceGroupName string
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualNetworkPeeringsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/virtualnetworks.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/virtualnetworks.go
index 58ac8ab11229..47c71480661f 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/virtualnetworks.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/virtualnetworks.go
@@ -91,7 +91,9 @@ func (client VirtualNetworksClient) CheckIPAddressAvailabilityPreparer(resourceG
 // CheckIPAddressAvailabilitySender sends the CheckIPAddressAvailability request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualNetworksClient) CheckIPAddressAvailabilitySender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // CheckIPAddressAvailabilityResponder handles the response to the CheckIPAddressAvailability request. The method always
@@ -176,6 +178,7 @@ func (client VirtualNetworksClient) CreateOrUpdatePreparer(resourceGroupName str
 func (client VirtualNetworksClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -257,6 +260,7 @@ func (client VirtualNetworksClient) DeletePreparer(resourceGroupName string, vir
 func (client VirtualNetworksClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -325,7 +329,9 @@ func (client VirtualNetworksClient) GetPreparer(resourceGroupName string, virtua
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualNetworksClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -389,7 +395,9 @@ func (client VirtualNetworksClient) ListPreparer(resourceGroupName string) (*htt
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualNetworksClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -519,7 +527,9 @@ func (client VirtualNetworksClient) ListAllPreparer() (*http.Request, error) {
 // ListAllSender sends the ListAll request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualNetworksClient) ListAllSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListAllResponder handles the response to the ListAll request. The method always
@@ -653,7 +663,9 @@ func (client VirtualNetworksClient) ListUsagePreparer(resourceGroupName string,
 // ListUsageSender sends the ListUsage request. The method will close the
 // http.Response Body if it receives an error.
 func (client VirtualNetworksClient) ListUsageSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListUsageResponder handles the response to the ListUsage request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/watchers.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/watchers.go
index 798d8c1bb221..b075417ddbee 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/network/watchers.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/network/watchers.go
@@ -120,6 +120,7 @@ func (client WatchersClient) CheckConnectivityPreparer(resourceGroupName string,
 func (client WatchersClient) CheckConnectivitySender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -188,7 +189,9 @@ func (client WatchersClient) CreateOrUpdatePreparer(resourceGroupName string, ne
 // CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the
 // http.Response Body if it receives an error.
 func (client WatchersClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always
@@ -270,6 +273,7 @@ func (client WatchersClient) DeletePreparer(resourceGroupName string, networkWat
 func (client WatchersClient) DeleteSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -334,7 +338,9 @@ func (client WatchersClient) GetPreparer(resourceGroupName string, networkWatche
 // GetSender sends the Get request. The method will close the
 // http.Response Body if it receives an error.
 func (client WatchersClient) GetSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetResponder handles the response to the Get request. The method always
@@ -431,6 +437,7 @@ func (client WatchersClient) GetAzureReachabilityReportPreparer(resourceGroupNam
 func (client WatchersClient) GetAzureReachabilityReportSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -525,6 +532,7 @@ func (client WatchersClient) GetFlowLogStatusPreparer(resourceGroupName string,
 func (client WatchersClient) GetFlowLogStatusSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -620,6 +628,7 @@ func (client WatchersClient) GetNextHopPreparer(resourceGroupName string, networ
 func (client WatchersClient) GetNextHopSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -694,7 +703,9 @@ func (client WatchersClient) GetTopologyPreparer(resourceGroupName string, netwo
 // GetTopologySender sends the GetTopology request. The method will close the
 // http.Response Body if it receives an error.
 func (client WatchersClient) GetTopologySender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetTopologyResponder handles the response to the GetTopology request. The method always
@@ -792,6 +803,7 @@ func (client WatchersClient) GetTroubleshootingPreparer(resourceGroupName string
 func (client WatchersClient) GetTroubleshootingSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -886,6 +898,7 @@ func (client WatchersClient) GetTroubleshootingResultPreparer(resourceGroupName
 func (client WatchersClient) GetTroubleshootingResultSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -980,6 +993,7 @@ func (client WatchersClient) GetVMSecurityRulesPreparer(resourceGroupName string
 func (client WatchersClient) GetVMSecurityRulesSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -1044,7 +1058,9 @@ func (client WatchersClient) ListPreparer(resourceGroupName string) (*http.Reque
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client WatchersClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -1105,7 +1121,9 @@ func (client WatchersClient) ListAllPreparer() (*http.Request, error) {
 // ListAllSender sends the ListAll request. The method will close the
 // http.Response Body if it receives an error.
 func (client WatchersClient) ListAllSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListAllResponder handles the response to the ListAll request. The method always
@@ -1190,6 +1208,7 @@ func (client WatchersClient) ListAvailableProvidersPreparer(resourceGroupName st
 func (client WatchersClient) ListAvailableProvidersSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -1288,6 +1307,7 @@ func (client WatchersClient) SetFlowLogConfigurationPreparer(resourceGroupName s
 func (client WatchersClient) SetFlowLogConfigurationSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -1386,6 +1406,7 @@ func (client WatchersClient) VerifyIPFlowPreparer(resourceGroupName string, netw
 func (client WatchersClient) VerifyIPFlowSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/accounts.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/accounts.go
index 0870a03ded6e..dfa59f957837 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/accounts.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/accounts.go
@@ -96,7 +96,9 @@ func (client AccountsClient) CheckNameAvailabilityPreparer(accountName AccountCh
 // CheckNameAvailabilitySender sends the CheckNameAvailability request. The method will close the
 // http.Response Body if it receives an error.
 func (client AccountsClient) CheckNameAvailabilitySender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // CheckNameAvailabilityResponder handles the response to the CheckNameAvailability request. The method always
@@ -208,6 +210,7 @@ func (client AccountsClient) CreatePreparer(resourceGroupName string, accountNam
 func (client AccountsClient) CreateSender(req *http.Request) (*http.Response, error) {
 	return autorest.SendWithSender(client,
 		req,
+		azure.DoRetryWithRegistration(client.Client),
 		azure.DoPollForAsynchronous(client.PollingDelay))
 }
 
@@ -286,7 +289,9 @@ func (client AccountsClient) DeletePreparer(resourceGroupName string, accountNam
 // DeleteSender sends the Delete request. The method will close the
 // http.Response Body if it receives an error.
 func (client AccountsClient) DeleteSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // DeleteResponder handles the response to the Delete request. The method always
@@ -364,7 +369,9 @@ func (client AccountsClient) GetPropertiesPreparer(resourceGroupName string, acc
 // GetPropertiesSender sends the GetProperties request. The method will close the
 // http.Response Body if it receives an error.
 func (client AccountsClient) GetPropertiesSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // GetPropertiesResponder handles the response to the GetProperties request. The method always
@@ -426,7 +433,9 @@ func (client AccountsClient) ListPreparer() (*http.Request, error) {
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client AccountsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
@@ -509,7 +518,9 @@ func (client AccountsClient) ListAccountSASPreparer(resourceGroupName string, ac
 // ListAccountSASSender sends the ListAccountSAS request. The method will close the
 // http.Response Body if it receives an error.
 func (client AccountsClient) ListAccountSASSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListAccountSASResponder handles the response to the ListAccountSAS request. The method always
@@ -582,7 +593,9 @@ func (client AccountsClient) ListByResourceGroupPreparer(resourceGroupName strin
 // ListByResourceGroupSender sends the ListByResourceGroup request. The method will close the
 // http.Response Body if it receives an error.
 func (client AccountsClient) ListByResourceGroupSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListByResourceGroupResponder handles the response to the ListByResourceGroup request. The method always
@@ -660,7 +673,9 @@ func (client AccountsClient) ListKeysPreparer(resourceGroupName string, accountN
 // ListKeysSender sends the ListKeys request. The method will close the
 // http.Response Body if it receives an error.
 func (client AccountsClient) ListKeysSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListKeysResponder handles the response to the ListKeys request. The method always
@@ -745,7 +760,9 @@ func (client AccountsClient) ListServiceSASPreparer(resourceGroupName string, ac
 // ListServiceSASSender sends the ListServiceSAS request. The method will close the
 // http.Response Body if it receives an error.
 func (client AccountsClient) ListServiceSASSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListServiceSASResponder handles the response to the ListServiceSAS request. The method always
@@ -828,7 +845,9 @@ func (client AccountsClient) RegenerateKeyPreparer(resourceGroupName string, acc
 // RegenerateKeySender sends the RegenerateKey request. The method will close the
 // http.Response Body if it receives an error.
 func (client AccountsClient) RegenerateKeySender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // RegenerateKeyResponder handles the response to the RegenerateKey request. The method always
@@ -914,7 +933,9 @@ func (client AccountsClient) UpdatePreparer(resourceGroupName string, accountNam
 // UpdateSender sends the Update request. The method will close the
 // http.Response Body if it receives an error.
 func (client AccountsClient) UpdateSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // UpdateResponder handles the response to the Update request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/client.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/client.go
index 133386ddbeb6..1c54682152d8 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/client.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/client.go
@@ -1,6 +1,8 @@
 // Package storage implements the Azure ARM Storage service API version 2017-06-01.
 //
 // The Azure Storage Management API.
+//
+// Deprecated: Please instead use github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-06-01/storage
 package storage
 
 // Copyright (c) Microsoft and contributors.  All rights reserved.
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/operations.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/operations.go
index cc46c6997920..ca46f8e13601 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/operations.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/operations.go
@@ -79,7 +79,9 @@ func (client OperationsClient) ListPreparer() (*http.Request, error) {
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client OperationsClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/skus.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/skus.go
index 94d4d6f83ec5..cfad757fb223 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/skus.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/skus.go
@@ -83,7 +83,9 @@ func (client SkusClient) ListPreparer() (*http.Request, error) {
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client SkusClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/usage.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/usage.go
index 682e5c16c362..933c5d9617e8 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/usage.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/usage.go
@@ -83,7 +83,9 @@ func (client UsageClient) ListPreparer() (*http.Request, error) {
 // ListSender sends the List request. The method will close the
 // http.Response Body if it receives an error.
 func (client UsageClient) ListSender(req *http.Request) (*http.Response, error) {
-	return autorest.SendWithSender(client, req)
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
 }
 
 // ListResponder handles the response to the List request. The method always
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/version.go b/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/version.go
index 467102d59734..47e1b25d4059 100755
--- a/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/version.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/arm/storage/version.go
@@ -19,10 +19,10 @@ package storage
 
 // UserAgent returns the UserAgent string to use when sending http.Requests.
 func UserAgent() string {
-	return "Azure-SDK-For-Go/v11.0.0-beta arm-storage/2017-06-01"
+	return "Azure-SDK-For-Go/v12.4.0-beta arm-storage/2017-06-01"
 }
 
 // Version returns the semantic version (see http://semver.org) of the client.
 func Version() string {
-	return "v11.0.0-beta"
+	return "v12.4.0-beta"
 }
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/availabilitysets.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/availabilitysets.go
new file mode 100644
index 000000000000..f1f4cb5eb995
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/availabilitysets.go
@@ -0,0 +1,373 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"net/http"
+)
+
+// AvailabilitySetsClient is the compute Client
+type AvailabilitySetsClient struct {
+	BaseClient
+}
+
+// NewAvailabilitySetsClient creates an instance of the AvailabilitySetsClient client.
+func NewAvailabilitySetsClient(subscriptionID string) AvailabilitySetsClient {
+	return NewAvailabilitySetsClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewAvailabilitySetsClientWithBaseURI creates an instance of the AvailabilitySetsClient client.
+func NewAvailabilitySetsClientWithBaseURI(baseURI string, subscriptionID string) AvailabilitySetsClient {
+	return AvailabilitySetsClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// CreateOrUpdate create or update an availability set.
+//
+// resourceGroupName is the name of the resource group. availabilitySetName is the name of the availability set.
+// parameters is parameters supplied to the Create Availability Set operation.
+func (client AvailabilitySetsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, availabilitySetName string, parameters AvailabilitySet) (result AvailabilitySet, err error) {
+	req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, availabilitySetName, parameters)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.AvailabilitySetsClient", "CreateOrUpdate", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.CreateOrUpdateSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.AvailabilitySetsClient", "CreateOrUpdate", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.CreateOrUpdateResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.AvailabilitySetsClient", "CreateOrUpdate", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// CreateOrUpdatePreparer prepares the CreateOrUpdate request.
+func (client AvailabilitySetsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, availabilitySetName string, parameters AvailabilitySet) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"availabilitySetName": autorest.Encode("path", availabilitySetName),
+		"resourceGroupName":   autorest.Encode("path", resourceGroupName),
+		"subscriptionId":      autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPut(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/availabilitySets/{availabilitySetName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the
+// http.Response Body if it receives an error.
+func (client AvailabilitySetsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always
+// closes the http.Response Body.
+func (client AvailabilitySetsClient) CreateOrUpdateResponder(resp *http.Response) (result AvailabilitySet, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Delete delete an availability set.
+//
+// resourceGroupName is the name of the resource group. availabilitySetName is the name of the availability set.
+func (client AvailabilitySetsClient) Delete(ctx context.Context, resourceGroupName string, availabilitySetName string) (result OperationStatusResponse, err error) {
+	req, err := client.DeletePreparer(ctx, resourceGroupName, availabilitySetName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.AvailabilitySetsClient", "Delete", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.DeleteSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.AvailabilitySetsClient", "Delete", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.DeleteResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.AvailabilitySetsClient", "Delete", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// DeletePreparer prepares the Delete request.
+func (client AvailabilitySetsClient) DeletePreparer(ctx context.Context, resourceGroupName string, availabilitySetName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"availabilitySetName": autorest.Encode("path", availabilitySetName),
+		"resourceGroupName":   autorest.Encode("path", resourceGroupName),
+		"subscriptionId":      autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsDelete(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/availabilitySets/{availabilitySetName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeleteSender sends the Delete request. The method will close the
+// http.Response Body if it receives an error.
+func (client AvailabilitySetsClient) DeleteSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// DeleteResponder handles the response to the Delete request. The method always
+// closes the http.Response Body.
+func (client AvailabilitySetsClient) DeleteResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Get retrieves information about an availability set.
+//
+// resourceGroupName is the name of the resource group. availabilitySetName is the name of the availability set.
+func (client AvailabilitySetsClient) Get(ctx context.Context, resourceGroupName string, availabilitySetName string) (result AvailabilitySet, err error) {
+	req, err := client.GetPreparer(ctx, resourceGroupName, availabilitySetName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.AvailabilitySetsClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.AvailabilitySetsClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.AvailabilitySetsClient", "Get", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client AvailabilitySetsClient) GetPreparer(ctx context.Context, resourceGroupName string, availabilitySetName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"availabilitySetName": autorest.Encode("path", availabilitySetName),
+		"resourceGroupName":   autorest.Encode("path", resourceGroupName),
+		"subscriptionId":      autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/availabilitySets/{availabilitySetName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client AvailabilitySetsClient) GetSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client AvailabilitySetsClient) GetResponder(resp *http.Response) (result AvailabilitySet, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// List lists all availability sets in a resource group.
+//
+// resourceGroupName is the name of the resource group.
+func (client AvailabilitySetsClient) List(ctx context.Context, resourceGroupName string) (result AvailabilitySetListResult, err error) {
+	req, err := client.ListPreparer(ctx, resourceGroupName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.AvailabilitySetsClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.AvailabilitySetsClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.AvailabilitySetsClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client AvailabilitySetsClient) ListPreparer(ctx context.Context, resourceGroupName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/availabilitySets", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client AvailabilitySetsClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client AvailabilitySetsClient) ListResponder(resp *http.Response) (result AvailabilitySetListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// ListAvailableSizes lists all available virtual machine sizes that can be used to create a new virtual machine in an
+// existing availability set.
+//
+// resourceGroupName is the name of the resource group. availabilitySetName is the name of the availability set.
+func (client AvailabilitySetsClient) ListAvailableSizes(ctx context.Context, resourceGroupName string, availabilitySetName string) (result VirtualMachineSizeListResult, err error) {
+	req, err := client.ListAvailableSizesPreparer(ctx, resourceGroupName, availabilitySetName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.AvailabilitySetsClient", "ListAvailableSizes", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListAvailableSizesSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.AvailabilitySetsClient", "ListAvailableSizes", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.ListAvailableSizesResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.AvailabilitySetsClient", "ListAvailableSizes", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListAvailableSizesPreparer prepares the ListAvailableSizes request.
+func (client AvailabilitySetsClient) ListAvailableSizesPreparer(ctx context.Context, resourceGroupName string, availabilitySetName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"availabilitySetName": autorest.Encode("path", availabilitySetName),
+		"resourceGroupName":   autorest.Encode("path", resourceGroupName),
+		"subscriptionId":      autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/availabilitySets/{availabilitySetName}/vmSizes", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListAvailableSizesSender sends the ListAvailableSizes request. The method will close the
+// http.Response Body if it receives an error.
+func (client AvailabilitySetsClient) ListAvailableSizesSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListAvailableSizesResponder handles the response to the ListAvailableSizes request. The method always
+// closes the http.Response Body.
+func (client AvailabilitySetsClient) ListAvailableSizesResponder(resp *http.Response) (result VirtualMachineSizeListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/client.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/client.go
new file mode 100644
index 000000000000..b23c9ca74268
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/client.go
@@ -0,0 +1,51 @@
+// Package compute implements the Azure ARM Compute service API version .
+//
+// Compute Client
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"github.com/Azure/go-autorest/autorest"
+)
+
+const (
+	// DefaultBaseURI is the default URI used for the service Compute
+	DefaultBaseURI = "https://management.azure.com"
+)
+
+// BaseClient is the base client for Compute.
+type BaseClient struct {
+	autorest.Client
+	BaseURI        string
+	SubscriptionID string
+}
+
+// New creates an instance of the BaseClient client.
+func New(subscriptionID string) BaseClient {
+	return NewWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewWithBaseURI creates an instance of the BaseClient client.
+func NewWithBaseURI(baseURI string, subscriptionID string) BaseClient {
+	return BaseClient{
+		Client:         autorest.NewClientWithUserAgent(UserAgent()),
+		BaseURI:        baseURI,
+		SubscriptionID: subscriptionID,
+	}
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/containerservices.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/containerservices.go
new file mode 100644
index 000000000000..7bc59c9ed406
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/containerservices.go
@@ -0,0 +1,472 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/autorest/validation"
+	"net/http"
+)
+
+// ContainerServicesClient is the compute Client
+type ContainerServicesClient struct {
+	BaseClient
+}
+
+// NewContainerServicesClient creates an instance of the ContainerServicesClient client.
+func NewContainerServicesClient(subscriptionID string) ContainerServicesClient {
+	return NewContainerServicesClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewContainerServicesClientWithBaseURI creates an instance of the ContainerServicesClient client.
+func NewContainerServicesClientWithBaseURI(baseURI string, subscriptionID string) ContainerServicesClient {
+	return ContainerServicesClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// CreateOrUpdate creates or updates a container service with the specified configuration of orchestrator, masters, and
+// agents.
+//
+// resourceGroupName is the name of the resource group. containerServiceName is the name of the container service in
+// the specified subscription and resource group. parameters is parameters supplied to the Create or Update a Container
+// Service operation.
+func (client ContainerServicesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, containerServiceName string, parameters ContainerService) (result ContainerServicesCreateOrUpdateFuture, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: parameters,
+			Constraints: []validation.Constraint{{Target: "parameters.ContainerServiceProperties", Name: validation.Null, Rule: false,
+				Chain: []validation.Constraint{{Target: "parameters.ContainerServiceProperties.CustomProfile", Name: validation.Null, Rule: false,
+					Chain: []validation.Constraint{{Target: "parameters.ContainerServiceProperties.CustomProfile.Orchestrator", Name: validation.Null, Rule: true, Chain: nil}}},
+					{Target: "parameters.ContainerServiceProperties.ServicePrincipalProfile", Name: validation.Null, Rule: false,
+						Chain: []validation.Constraint{{Target: "parameters.ContainerServiceProperties.ServicePrincipalProfile.ClientID", Name: validation.Null, Rule: true, Chain: nil},
+							{Target: "parameters.ContainerServiceProperties.ServicePrincipalProfile.Secret", Name: validation.Null, Rule: true, Chain: nil},
+						}},
+					{Target: "parameters.ContainerServiceProperties.MasterProfile", Name: validation.Null, Rule: true,
+						Chain: []validation.Constraint{{Target: "parameters.ContainerServiceProperties.MasterProfile.DNSPrefix", Name: validation.Null, Rule: true, Chain: nil}}},
+					{Target: "parameters.ContainerServiceProperties.AgentPoolProfiles", Name: validation.Null, Rule: true, Chain: nil},
+					{Target: "parameters.ContainerServiceProperties.WindowsProfile", Name: validation.Null, Rule: false,
+						Chain: []validation.Constraint{{Target: "parameters.ContainerServiceProperties.WindowsProfile.AdminUsername", Name: validation.Null, Rule: true,
+							Chain: []validation.Constraint{{Target: "parameters.ContainerServiceProperties.WindowsProfile.AdminUsername", Name: validation.Pattern, Rule: `^[a-zA-Z0-9]+([._]?[a-zA-Z0-9]+)*$`, Chain: nil}}},
+							{Target: "parameters.ContainerServiceProperties.WindowsProfile.AdminPassword", Name: validation.Null, Rule: true,
+								Chain: []validation.Constraint{{Target: "parameters.ContainerServiceProperties.WindowsProfile.AdminPassword", Name: validation.Pattern, Rule: `^(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%\^&\*\(\)])[a-zA-Z\d!@#$%\^&\*\(\)]{12,123}$`, Chain: nil}}},
+						}},
+					{Target: "parameters.ContainerServiceProperties.LinuxProfile", Name: validation.Null, Rule: true,
+						Chain: []validation.Constraint{{Target: "parameters.ContainerServiceProperties.LinuxProfile.AdminUsername", Name: validation.Null, Rule: true,
+							Chain: []validation.Constraint{{Target: "parameters.ContainerServiceProperties.LinuxProfile.AdminUsername", Name: validation.Pattern, Rule: `^[a-z][a-z0-9_-]*$`, Chain: nil}}},
+							{Target: "parameters.ContainerServiceProperties.LinuxProfile.SSH", Name: validation.Null, Rule: true,
+								Chain: []validation.Constraint{{Target: "parameters.ContainerServiceProperties.LinuxProfile.SSH.PublicKeys", Name: validation.Null, Rule: true, Chain: nil}}},
+						}},
+					{Target: "parameters.ContainerServiceProperties.DiagnosticsProfile", Name: validation.Null, Rule: false,
+						Chain: []validation.Constraint{{Target: "parameters.ContainerServiceProperties.DiagnosticsProfile.VMDiagnostics", Name: validation.Null, Rule: true,
+							Chain: []validation.Constraint{{Target: "parameters.ContainerServiceProperties.DiagnosticsProfile.VMDiagnostics.Enabled", Name: validation.Null, Rule: true, Chain: nil}}},
+						}},
+				}}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "compute.ContainerServicesClient", "CreateOrUpdate")
+	}
+
+	req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, containerServiceName, parameters)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ContainerServicesClient", "CreateOrUpdate", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.CreateOrUpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ContainerServicesClient", "CreateOrUpdate", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// CreateOrUpdatePreparer prepares the CreateOrUpdate request.
+func (client ContainerServicesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, containerServiceName string, parameters ContainerService) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"containerServiceName": autorest.Encode("path", containerServiceName),
+		"resourceGroupName":    autorest.Encode("path", resourceGroupName),
+		"subscriptionId":       autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-01-31"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPut(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/containerServices/{containerServiceName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the
+// http.Response Body if it receives an error.
+func (client ContainerServicesClient) CreateOrUpdateSender(req *http.Request) (future ContainerServicesCreateOrUpdateFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated, http.StatusAccepted))
+	return
+}
+
+// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always
+// closes the http.Response Body.
+func (client ContainerServicesClient) CreateOrUpdateResponder(resp *http.Response) (result ContainerService, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Delete deletes the specified container service in the specified subscription and resource group. The operation does
+// not delete other resources created as part of creating a container service, including storage accounts, VMs, and
+// availability sets. All the other resources created with the container service are part of the same resource group
+// and can be deleted individually.
+//
+// resourceGroupName is the name of the resource group. containerServiceName is the name of the container service in
+// the specified subscription and resource group.
+func (client ContainerServicesClient) Delete(ctx context.Context, resourceGroupName string, containerServiceName string) (result ContainerServicesDeleteFuture, err error) {
+	req, err := client.DeletePreparer(ctx, resourceGroupName, containerServiceName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ContainerServicesClient", "Delete", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.DeleteSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ContainerServicesClient", "Delete", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// DeletePreparer prepares the Delete request.
+func (client ContainerServicesClient) DeletePreparer(ctx context.Context, resourceGroupName string, containerServiceName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"containerServiceName": autorest.Encode("path", containerServiceName),
+		"resourceGroupName":    autorest.Encode("path", resourceGroupName),
+		"subscriptionId":       autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-01-31"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsDelete(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/containerServices/{containerServiceName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeleteSender sends the Delete request. The method will close the
+// http.Response Body if it receives an error.
+func (client ContainerServicesClient) DeleteSender(req *http.Request) (future ContainerServicesDeleteFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent))
+	return
+}
+
+// DeleteResponder handles the response to the Delete request. The method always
+// closes the http.Response Body.
+func (client ContainerServicesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent),
+		autorest.ByClosing())
+	result.Response = resp
+	return
+}
+
+// Get gets the properties of the specified container service in the specified subscription and resource group. The
+// operation returns the properties including state, orchestrator, number of masters and agents, and FQDNs of masters
+// and agents.
+//
+// resourceGroupName is the name of the resource group. containerServiceName is the name of the container service in
+// the specified subscription and resource group.
+func (client ContainerServicesClient) Get(ctx context.Context, resourceGroupName string, containerServiceName string) (result ContainerService, err error) {
+	req, err := client.GetPreparer(ctx, resourceGroupName, containerServiceName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ContainerServicesClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.ContainerServicesClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ContainerServicesClient", "Get", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client ContainerServicesClient) GetPreparer(ctx context.Context, resourceGroupName string, containerServiceName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"containerServiceName": autorest.Encode("path", containerServiceName),
+		"resourceGroupName":    autorest.Encode("path", resourceGroupName),
+		"subscriptionId":       autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-01-31"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/containerServices/{containerServiceName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client ContainerServicesClient) GetSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client ContainerServicesClient) GetResponder(resp *http.Response) (result ContainerService, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// List gets a list of container services in the specified subscription. The operation returns properties of each
+// container service including state, orchestrator, number of masters and agents, and FQDNs of masters and agents.
+func (client ContainerServicesClient) List(ctx context.Context) (result ContainerServiceListResultPage, err error) {
+	result.fn = client.listNextResults
+	req, err := client.ListPreparer(ctx)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ContainerServicesClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.cslr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.ContainerServicesClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result.cslr, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ContainerServicesClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client ContainerServicesClient) ListPreparer(ctx context.Context) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-01-31"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.ContainerService/containerServices", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client ContainerServicesClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client ContainerServicesClient) ListResponder(resp *http.Response) (result ContainerServiceListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listNextResults retrieves the next set of results, if any.
+func (client ContainerServicesClient) listNextResults(lastResults ContainerServiceListResult) (result ContainerServiceListResult, err error) {
+	req, err := lastResults.containerServiceListResultPreparer()
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "compute.ContainerServicesClient", "listNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "compute.ContainerServicesClient", "listNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ContainerServicesClient", "listNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListComplete enumerates all values, automatically crossing page boundaries as required.
+func (client ContainerServicesClient) ListComplete(ctx context.Context) (result ContainerServiceListResultIterator, err error) {
+	result.page, err = client.List(ctx)
+	return
+}
+
+// ListByResourceGroup gets a list of container services in the specified subscription and resource group. The
+// operation returns properties of each container service including state, orchestrator, number of masters and agents,
+// and FQDNs of masters and agents.
+//
+// resourceGroupName is the name of the resource group.
+func (client ContainerServicesClient) ListByResourceGroup(ctx context.Context, resourceGroupName string) (result ContainerServiceListResultPage, err error) {
+	result.fn = client.listByResourceGroupNextResults
+	req, err := client.ListByResourceGroupPreparer(ctx, resourceGroupName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ContainerServicesClient", "ListByResourceGroup", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListByResourceGroupSender(req)
+	if err != nil {
+		result.cslr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.ContainerServicesClient", "ListByResourceGroup", resp, "Failure sending request")
+		return
+	}
+
+	result.cslr, err = client.ListByResourceGroupResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ContainerServicesClient", "ListByResourceGroup", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListByResourceGroupPreparer prepares the ListByResourceGroup request.
+func (client ContainerServicesClient) ListByResourceGroupPreparer(ctx context.Context, resourceGroupName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-01-31"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/containerServices", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListByResourceGroupSender sends the ListByResourceGroup request. The method will close the
+// http.Response Body if it receives an error.
+func (client ContainerServicesClient) ListByResourceGroupSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListByResourceGroupResponder handles the response to the ListByResourceGroup request. The method always
+// closes the http.Response Body.
+func (client ContainerServicesClient) ListByResourceGroupResponder(resp *http.Response) (result ContainerServiceListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listByResourceGroupNextResults retrieves the next set of results, if any.
+func (client ContainerServicesClient) listByResourceGroupNextResults(lastResults ContainerServiceListResult) (result ContainerServiceListResult, err error) {
+	req, err := lastResults.containerServiceListResultPreparer()
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "compute.ContainerServicesClient", "listByResourceGroupNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListByResourceGroupSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "compute.ContainerServicesClient", "listByResourceGroupNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListByResourceGroupResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ContainerServicesClient", "listByResourceGroupNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListByResourceGroupComplete enumerates all values, automatically crossing page boundaries as required.
+func (client ContainerServicesClient) ListByResourceGroupComplete(ctx context.Context, resourceGroupName string) (result ContainerServiceListResultIterator, err error) {
+	result.page, err = client.ListByResourceGroup(ctx, resourceGroupName)
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/disks.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/disks.go
new file mode 100644
index 000000000000..6b812c6d34f5
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/disks.go
@@ -0,0 +1,676 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/autorest/validation"
+	"net/http"
+)
+
+// DisksClient is the compute Client
+type DisksClient struct {
+	BaseClient
+}
+
+// NewDisksClient creates an instance of the DisksClient client.
+func NewDisksClient(subscriptionID string) DisksClient {
+	return NewDisksClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewDisksClientWithBaseURI creates an instance of the DisksClient client.
+func NewDisksClientWithBaseURI(baseURI string, subscriptionID string) DisksClient {
+	return DisksClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// CreateOrUpdate creates or updates a disk.
+//
+// resourceGroupName is the name of the resource group. diskName is the name of the managed disk that is being created.
+// The name can't be changed after the disk is created. Supported characters for the name are a-z, A-Z, 0-9 and _. The
+// maximum name length is 80 characters. disk is disk object supplied in the body of the Put disk operation.
+func (client DisksClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, diskName string, disk Disk) (result DisksCreateOrUpdateFuture, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: disk,
+			Constraints: []validation.Constraint{{Target: "disk.DiskProperties", Name: validation.Null, Rule: false,
+				Chain: []validation.Constraint{{Target: "disk.DiskProperties.CreationData", Name: validation.Null, Rule: true,
+					Chain: []validation.Constraint{{Target: "disk.DiskProperties.CreationData.ImageReference", Name: validation.Null, Rule: false,
+						Chain: []validation.Constraint{{Target: "disk.DiskProperties.CreationData.ImageReference.ID", Name: validation.Null, Rule: true, Chain: nil}}},
+					}},
+					{Target: "disk.DiskProperties.EncryptionSettings", Name: validation.Null, Rule: false,
+						Chain: []validation.Constraint{{Target: "disk.DiskProperties.EncryptionSettings.DiskEncryptionKey", Name: validation.Null, Rule: false,
+							Chain: []validation.Constraint{{Target: "disk.DiskProperties.EncryptionSettings.DiskEncryptionKey.SourceVault", Name: validation.Null, Rule: true, Chain: nil},
+								{Target: "disk.DiskProperties.EncryptionSettings.DiskEncryptionKey.SecretURL", Name: validation.Null, Rule: true, Chain: nil},
+							}},
+							{Target: "disk.DiskProperties.EncryptionSettings.KeyEncryptionKey", Name: validation.Null, Rule: false,
+								Chain: []validation.Constraint{{Target: "disk.DiskProperties.EncryptionSettings.KeyEncryptionKey.SourceVault", Name: validation.Null, Rule: true, Chain: nil},
+									{Target: "disk.DiskProperties.EncryptionSettings.KeyEncryptionKey.KeyURL", Name: validation.Null, Rule: true, Chain: nil},
+								}},
+						}},
+				}}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "compute.DisksClient", "CreateOrUpdate")
+	}
+
+	req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, diskName, disk)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "CreateOrUpdate", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.CreateOrUpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "CreateOrUpdate", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// CreateOrUpdatePreparer prepares the CreateOrUpdate request.
+func (client DisksClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, diskName string, disk Disk) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"diskName":          autorest.Encode("path", diskName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-03-30"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPut(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/disks/{diskName}", pathParameters),
+		autorest.WithJSON(disk),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the
+// http.Response Body if it receives an error.
+func (client DisksClient) CreateOrUpdateSender(req *http.Request) (future DisksCreateOrUpdateFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always
+// closes the http.Response Body.
+func (client DisksClient) CreateOrUpdateResponder(resp *http.Response) (result Disk, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Delete deletes a disk.
+//
+// resourceGroupName is the name of the resource group. diskName is the name of the managed disk that is being created.
+// The name can't be changed after the disk is created. Supported characters for the name are a-z, A-Z, 0-9 and _. The
+// maximum name length is 80 characters.
+func (client DisksClient) Delete(ctx context.Context, resourceGroupName string, diskName string) (result DisksDeleteFuture, err error) {
+	req, err := client.DeletePreparer(ctx, resourceGroupName, diskName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "Delete", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.DeleteSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "Delete", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// DeletePreparer prepares the Delete request.
+func (client DisksClient) DeletePreparer(ctx context.Context, resourceGroupName string, diskName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"diskName":          autorest.Encode("path", diskName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-03-30"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsDelete(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/disks/{diskName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeleteSender sends the Delete request. The method will close the
+// http.Response Body if it receives an error.
+func (client DisksClient) DeleteSender(req *http.Request) (future DisksDeleteFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent))
+	return
+}
+
+// DeleteResponder handles the response to the Delete request. The method always
+// closes the http.Response Body.
+func (client DisksClient) DeleteResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Get gets information about a disk.
+//
+// resourceGroupName is the name of the resource group. diskName is the name of the managed disk that is being created.
+// The name can't be changed after the disk is created. Supported characters for the name are a-z, A-Z, 0-9 and _. The
+// maximum name length is 80 characters.
+func (client DisksClient) Get(ctx context.Context, resourceGroupName string, diskName string) (result Disk, err error) {
+	req, err := client.GetPreparer(ctx, resourceGroupName, diskName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "Get", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client DisksClient) GetPreparer(ctx context.Context, resourceGroupName string, diskName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"diskName":          autorest.Encode("path", diskName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-03-30"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/disks/{diskName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client DisksClient) GetSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client DisksClient) GetResponder(resp *http.Response) (result Disk, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// GrantAccess grants access to a disk.
+//
+// resourceGroupName is the name of the resource group. diskName is the name of the managed disk that is being created.
+// The name can't be changed after the disk is created. Supported characters for the name are a-z, A-Z, 0-9 and _. The
+// maximum name length is 80 characters. grantAccessData is access data object supplied in the body of the get disk
+// access operation.
+func (client DisksClient) GrantAccess(ctx context.Context, resourceGroupName string, diskName string, grantAccessData GrantAccessData) (result DisksGrantAccessFuture, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: grantAccessData,
+			Constraints: []validation.Constraint{{Target: "grantAccessData.DurationInSeconds", Name: validation.Null, Rule: true, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "compute.DisksClient", "GrantAccess")
+	}
+
+	req, err := client.GrantAccessPreparer(ctx, resourceGroupName, diskName, grantAccessData)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "GrantAccess", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.GrantAccessSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "GrantAccess", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// GrantAccessPreparer prepares the GrantAccess request.
+func (client DisksClient) GrantAccessPreparer(ctx context.Context, resourceGroupName string, diskName string, grantAccessData GrantAccessData) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"diskName":          autorest.Encode("path", diskName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-03-30"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/disks/{diskName}/beginGetAccess", pathParameters),
+		autorest.WithJSON(grantAccessData),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GrantAccessSender sends the GrantAccess request. The method will close the
+// http.Response Body if it receives an error.
+func (client DisksClient) GrantAccessSender(req *http.Request) (future DisksGrantAccessFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// GrantAccessResponder handles the response to the GrantAccess request. The method always
+// closes the http.Response Body.
+func (client DisksClient) GrantAccessResponder(resp *http.Response) (result AccessURI, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// List lists all the disks under a subscription.
+func (client DisksClient) List(ctx context.Context) (result DiskListPage, err error) {
+	result.fn = client.listNextResults
+	req, err := client.ListPreparer(ctx)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.dl.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result.dl, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client DisksClient) ListPreparer(ctx context.Context) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-03-30"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/disks", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client DisksClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client DisksClient) ListResponder(resp *http.Response) (result DiskList, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listNextResults retrieves the next set of results, if any.
+func (client DisksClient) listNextResults(lastResults DiskList) (result DiskList, err error) {
+	req, err := lastResults.diskListPreparer()
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "compute.DisksClient", "listNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "compute.DisksClient", "listNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "listNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListComplete enumerates all values, automatically crossing page boundaries as required.
+func (client DisksClient) ListComplete(ctx context.Context) (result DiskListIterator, err error) {
+	result.page, err = client.List(ctx)
+	return
+}
+
+// ListByResourceGroup lists all the disks under a resource group.
+//
+// resourceGroupName is the name of the resource group.
+func (client DisksClient) ListByResourceGroup(ctx context.Context, resourceGroupName string) (result DiskListPage, err error) {
+	result.fn = client.listByResourceGroupNextResults
+	req, err := client.ListByResourceGroupPreparer(ctx, resourceGroupName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "ListByResourceGroup", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListByResourceGroupSender(req)
+	if err != nil {
+		result.dl.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "ListByResourceGroup", resp, "Failure sending request")
+		return
+	}
+
+	result.dl, err = client.ListByResourceGroupResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "ListByResourceGroup", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListByResourceGroupPreparer prepares the ListByResourceGroup request.
+func (client DisksClient) ListByResourceGroupPreparer(ctx context.Context, resourceGroupName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-03-30"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/disks", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListByResourceGroupSender sends the ListByResourceGroup request. The method will close the
+// http.Response Body if it receives an error.
+func (client DisksClient) ListByResourceGroupSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListByResourceGroupResponder handles the response to the ListByResourceGroup request. The method always
+// closes the http.Response Body.
+func (client DisksClient) ListByResourceGroupResponder(resp *http.Response) (result DiskList, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listByResourceGroupNextResults retrieves the next set of results, if any.
+func (client DisksClient) listByResourceGroupNextResults(lastResults DiskList) (result DiskList, err error) {
+	req, err := lastResults.diskListPreparer()
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "compute.DisksClient", "listByResourceGroupNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListByResourceGroupSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "compute.DisksClient", "listByResourceGroupNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListByResourceGroupResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "listByResourceGroupNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListByResourceGroupComplete enumerates all values, automatically crossing page boundaries as required.
+func (client DisksClient) ListByResourceGroupComplete(ctx context.Context, resourceGroupName string) (result DiskListIterator, err error) {
+	result.page, err = client.ListByResourceGroup(ctx, resourceGroupName)
+	return
+}
+
+// RevokeAccess revokes access to a disk.
+//
+// resourceGroupName is the name of the resource group. diskName is the name of the managed disk that is being created.
+// The name can't be changed after the disk is created. Supported characters for the name are a-z, A-Z, 0-9 and _. The
+// maximum name length is 80 characters.
+func (client DisksClient) RevokeAccess(ctx context.Context, resourceGroupName string, diskName string) (result DisksRevokeAccessFuture, err error) {
+	req, err := client.RevokeAccessPreparer(ctx, resourceGroupName, diskName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "RevokeAccess", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.RevokeAccessSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "RevokeAccess", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// RevokeAccessPreparer prepares the RevokeAccess request.
+func (client DisksClient) RevokeAccessPreparer(ctx context.Context, resourceGroupName string, diskName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"diskName":          autorest.Encode("path", diskName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-03-30"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/disks/{diskName}/endGetAccess", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// RevokeAccessSender sends the RevokeAccess request. The method will close the
+// http.Response Body if it receives an error.
+func (client DisksClient) RevokeAccessSender(req *http.Request) (future DisksRevokeAccessFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// RevokeAccessResponder handles the response to the RevokeAccess request. The method always
+// closes the http.Response Body.
+func (client DisksClient) RevokeAccessResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Update updates (patches) a disk.
+//
+// resourceGroupName is the name of the resource group. diskName is the name of the managed disk that is being created.
+// The name can't be changed after the disk is created. Supported characters for the name are a-z, A-Z, 0-9 and _. The
+// maximum name length is 80 characters. disk is disk object supplied in the body of the Patch disk operation.
+func (client DisksClient) Update(ctx context.Context, resourceGroupName string, diskName string, disk DiskUpdate) (result DisksUpdateFuture, err error) {
+	req, err := client.UpdatePreparer(ctx, resourceGroupName, diskName, disk)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "Update", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.UpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.DisksClient", "Update", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// UpdatePreparer prepares the Update request.
+func (client DisksClient) UpdatePreparer(ctx context.Context, resourceGroupName string, diskName string, disk DiskUpdate) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"diskName":          autorest.Encode("path", diskName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-03-30"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPatch(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/disks/{diskName}", pathParameters),
+		autorest.WithJSON(disk),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// UpdateSender sends the Update request. The method will close the
+// http.Response Body if it receives an error.
+func (client DisksClient) UpdateSender(req *http.Request) (future DisksUpdateFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// UpdateResponder handles the response to the Update request. The method always
+// closes the http.Response Body.
+func (client DisksClient) UpdateResponder(resp *http.Response) (result Disk, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/images.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/images.go
new file mode 100644
index 000000000000..7cdb58154b44
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/images.go
@@ -0,0 +1,443 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/autorest/validation"
+	"net/http"
+)
+
+// ImagesClient is the compute Client
+type ImagesClient struct {
+	BaseClient
+}
+
+// NewImagesClient creates an instance of the ImagesClient client.
+func NewImagesClient(subscriptionID string) ImagesClient {
+	return NewImagesClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewImagesClientWithBaseURI creates an instance of the ImagesClient client.
+func NewImagesClientWithBaseURI(baseURI string, subscriptionID string) ImagesClient {
+	return ImagesClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// CreateOrUpdate create or update an image.
+//
+// resourceGroupName is the name of the resource group. imageName is the name of the image. parameters is parameters
+// supplied to the Create Image operation.
+func (client ImagesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, imageName string, parameters Image) (result ImagesCreateOrUpdateFuture, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: parameters,
+			Constraints: []validation.Constraint{{Target: "parameters.ImageProperties", Name: validation.Null, Rule: false,
+				Chain: []validation.Constraint{{Target: "parameters.ImageProperties.StorageProfile", Name: validation.Null, Rule: false,
+					Chain: []validation.Constraint{{Target: "parameters.ImageProperties.StorageProfile.OsDisk", Name: validation.Null, Rule: true, Chain: nil}}},
+				}}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "compute.ImagesClient", "CreateOrUpdate")
+	}
+
+	req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, imageName, parameters)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ImagesClient", "CreateOrUpdate", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.CreateOrUpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ImagesClient", "CreateOrUpdate", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// CreateOrUpdatePreparer prepares the CreateOrUpdate request.
+func (client ImagesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, imageName string, parameters Image) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"imageName":         autorest.Encode("path", imageName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPut(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/images/{imageName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the
+// http.Response Body if it receives an error.
+func (client ImagesClient) CreateOrUpdateSender(req *http.Request) (future ImagesCreateOrUpdateFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated))
+	return
+}
+
+// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always
+// closes the http.Response Body.
+func (client ImagesClient) CreateOrUpdateResponder(resp *http.Response) (result Image, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Delete deletes an Image.
+//
+// resourceGroupName is the name of the resource group. imageName is the name of the image.
+func (client ImagesClient) Delete(ctx context.Context, resourceGroupName string, imageName string) (result ImagesDeleteFuture, err error) {
+	req, err := client.DeletePreparer(ctx, resourceGroupName, imageName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ImagesClient", "Delete", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.DeleteSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ImagesClient", "Delete", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// DeletePreparer prepares the Delete request.
+func (client ImagesClient) DeletePreparer(ctx context.Context, resourceGroupName string, imageName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"imageName":         autorest.Encode("path", imageName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsDelete(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/images/{imageName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeleteSender sends the Delete request. The method will close the
+// http.Response Body if it receives an error.
+func (client ImagesClient) DeleteSender(req *http.Request) (future ImagesDeleteFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent))
+	return
+}
+
+// DeleteResponder handles the response to the Delete request. The method always
+// closes the http.Response Body.
+func (client ImagesClient) DeleteResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Get gets an image.
+//
+// resourceGroupName is the name of the resource group. imageName is the name of the image. expand is the expand
+// expression to apply on the operation.
+func (client ImagesClient) Get(ctx context.Context, resourceGroupName string, imageName string, expand string) (result Image, err error) {
+	req, err := client.GetPreparer(ctx, resourceGroupName, imageName, expand)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ImagesClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.ImagesClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ImagesClient", "Get", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client ImagesClient) GetPreparer(ctx context.Context, resourceGroupName string, imageName string, expand string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"imageName":         autorest.Encode("path", imageName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if len(expand) > 0 {
+		queryParameters["$expand"] = autorest.Encode("query", expand)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/images/{imageName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client ImagesClient) GetSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client ImagesClient) GetResponder(resp *http.Response) (result Image, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// List gets the list of Images in the subscription. Use nextLink property in the response to get the next page of
+// Images. Do this till nextLink is null to fetch all the Images.
+func (client ImagesClient) List(ctx context.Context) (result ImageListResultPage, err error) {
+	result.fn = client.listNextResults
+	req, err := client.ListPreparer(ctx)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ImagesClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.ilr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.ImagesClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result.ilr, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ImagesClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client ImagesClient) ListPreparer(ctx context.Context) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/images", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client ImagesClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client ImagesClient) ListResponder(resp *http.Response) (result ImageListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listNextResults retrieves the next set of results, if any.
+func (client ImagesClient) listNextResults(lastResults ImageListResult) (result ImageListResult, err error) {
+	req, err := lastResults.imageListResultPreparer()
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "compute.ImagesClient", "listNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "compute.ImagesClient", "listNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ImagesClient", "listNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListComplete enumerates all values, automatically crossing page boundaries as required.
+func (client ImagesClient) ListComplete(ctx context.Context) (result ImageListResultIterator, err error) {
+	result.page, err = client.List(ctx)
+	return
+}
+
+// ListByResourceGroup gets the list of images under a resource group.
+//
+// resourceGroupName is the name of the resource group.
+func (client ImagesClient) ListByResourceGroup(ctx context.Context, resourceGroupName string) (result ImageListResultPage, err error) {
+	result.fn = client.listByResourceGroupNextResults
+	req, err := client.ListByResourceGroupPreparer(ctx, resourceGroupName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ImagesClient", "ListByResourceGroup", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListByResourceGroupSender(req)
+	if err != nil {
+		result.ilr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.ImagesClient", "ListByResourceGroup", resp, "Failure sending request")
+		return
+	}
+
+	result.ilr, err = client.ListByResourceGroupResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ImagesClient", "ListByResourceGroup", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListByResourceGroupPreparer prepares the ListByResourceGroup request.
+func (client ImagesClient) ListByResourceGroupPreparer(ctx context.Context, resourceGroupName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/images", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListByResourceGroupSender sends the ListByResourceGroup request. The method will close the
+// http.Response Body if it receives an error.
+func (client ImagesClient) ListByResourceGroupSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListByResourceGroupResponder handles the response to the ListByResourceGroup request. The method always
+// closes the http.Response Body.
+func (client ImagesClient) ListByResourceGroupResponder(resp *http.Response) (result ImageListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listByResourceGroupNextResults retrieves the next set of results, if any.
+func (client ImagesClient) listByResourceGroupNextResults(lastResults ImageListResult) (result ImageListResult, err error) {
+	req, err := lastResults.imageListResultPreparer()
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "compute.ImagesClient", "listByResourceGroupNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListByResourceGroupSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "compute.ImagesClient", "listByResourceGroupNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListByResourceGroupResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ImagesClient", "listByResourceGroupNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListByResourceGroupComplete enumerates all values, automatically crossing page boundaries as required.
+func (client ImagesClient) ListByResourceGroupComplete(ctx context.Context, resourceGroupName string) (result ImageListResultIterator, err error) {
+	result.page, err = client.ListByResourceGroup(ctx, resourceGroupName)
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/loganalytics.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/loganalytics.go
new file mode 100644
index 000000000000..f6cb3bd1ab66
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/loganalytics.go
@@ -0,0 +1,195 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/autorest/validation"
+	"net/http"
+)
+
+// LogAnalyticsClient is the compute Client
+type LogAnalyticsClient struct {
+	BaseClient
+}
+
+// NewLogAnalyticsClient creates an instance of the LogAnalyticsClient client.
+func NewLogAnalyticsClient(subscriptionID string) LogAnalyticsClient {
+	return NewLogAnalyticsClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewLogAnalyticsClientWithBaseURI creates an instance of the LogAnalyticsClient client.
+func NewLogAnalyticsClientWithBaseURI(baseURI string, subscriptionID string) LogAnalyticsClient {
+	return LogAnalyticsClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// ExportRequestRateByInterval export logs that show Api requests made by this subscription in the given time window to
+// show throttling activities.
+//
+// parameters is parameters supplied to the LogAnalytics getRequestRateByInterval Api. location is the location upon
+// which virtual-machine-sizes is queried.
+func (client LogAnalyticsClient) ExportRequestRateByInterval(ctx context.Context, parameters RequestRateByIntervalInput, location string) (result LogAnalyticsExportRequestRateByIntervalFuture, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: location,
+			Constraints: []validation.Constraint{{Target: "location", Name: validation.Pattern, Rule: `^[-\w\._]+$`, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "compute.LogAnalyticsClient", "ExportRequestRateByInterval")
+	}
+
+	req, err := client.ExportRequestRateByIntervalPreparer(ctx, parameters, location)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.LogAnalyticsClient", "ExportRequestRateByInterval", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.ExportRequestRateByIntervalSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.LogAnalyticsClient", "ExportRequestRateByInterval", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// ExportRequestRateByIntervalPreparer prepares the ExportRequestRateByInterval request.
+func (client LogAnalyticsClient) ExportRequestRateByIntervalPreparer(ctx context.Context, parameters RequestRateByIntervalInput, location string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"location":       autorest.Encode("path", location),
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/locations/{location}/logAnalytics/apiAccess/getRequestRateByInterval", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ExportRequestRateByIntervalSender sends the ExportRequestRateByInterval request. The method will close the
+// http.Response Body if it receives an error.
+func (client LogAnalyticsClient) ExportRequestRateByIntervalSender(req *http.Request) (future LogAnalyticsExportRequestRateByIntervalFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// ExportRequestRateByIntervalResponder handles the response to the ExportRequestRateByInterval request. The method always
+// closes the http.Response Body.
+func (client LogAnalyticsClient) ExportRequestRateByIntervalResponder(resp *http.Response) (result LogAnalyticsOperationResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// ExportThrottledRequests export logs that show total throttled Api requests for this subscription in the given time
+// window.
+//
+// parameters is parameters supplied to the LogAnalytics getThrottledRequests Api. location is the location upon which
+// virtual-machine-sizes is queried.
+func (client LogAnalyticsClient) ExportThrottledRequests(ctx context.Context, parameters ThrottledRequestsInput, location string) (result LogAnalyticsExportThrottledRequestsFuture, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: location,
+			Constraints: []validation.Constraint{{Target: "location", Name: validation.Pattern, Rule: `^[-\w\._]+$`, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "compute.LogAnalyticsClient", "ExportThrottledRequests")
+	}
+
+	req, err := client.ExportThrottledRequestsPreparer(ctx, parameters, location)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.LogAnalyticsClient", "ExportThrottledRequests", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.ExportThrottledRequestsSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.LogAnalyticsClient", "ExportThrottledRequests", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// ExportThrottledRequestsPreparer prepares the ExportThrottledRequests request.
+func (client LogAnalyticsClient) ExportThrottledRequestsPreparer(ctx context.Context, parameters ThrottledRequestsInput, location string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"location":       autorest.Encode("path", location),
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/locations/{location}/logAnalytics/apiAccess/getThrottledRequests", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ExportThrottledRequestsSender sends the ExportThrottledRequests request. The method will close the
+// http.Response Body if it receives an error.
+func (client LogAnalyticsClient) ExportThrottledRequestsSender(req *http.Request) (future LogAnalyticsExportThrottledRequestsFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// ExportThrottledRequestsResponder handles the response to the ExportThrottledRequests request. The method always
+// closes the http.Response Body.
+func (client LogAnalyticsClient) ExportThrottledRequestsResponder(resp *http.Response) (result LogAnalyticsOperationResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/models.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/models.go
new file mode 100644
index 000000000000..02848ce546bd
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/models.go
@@ -0,0 +1,5809 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/autorest/date"
+	"github.com/Azure/go-autorest/autorest/to"
+	"net/http"
+)
+
+// AccessLevel enumerates the values for access level.
+type AccessLevel string
+
+const (
+	// None ...
+	None AccessLevel = "None"
+	// Read ...
+	Read AccessLevel = "Read"
+)
+
+// CachingTypes enumerates the values for caching types.
+type CachingTypes string
+
+const (
+	// CachingTypesNone ...
+	CachingTypesNone CachingTypes = "None"
+	// CachingTypesReadOnly ...
+	CachingTypesReadOnly CachingTypes = "ReadOnly"
+	// CachingTypesReadWrite ...
+	CachingTypesReadWrite CachingTypes = "ReadWrite"
+)
+
+// ComponentNames enumerates the values for component names.
+type ComponentNames string
+
+const (
+	// MicrosoftWindowsShellSetup ...
+	MicrosoftWindowsShellSetup ComponentNames = "Microsoft-Windows-Shell-Setup"
+)
+
+// ContainerServiceOrchestratorTypes enumerates the values for container service orchestrator types.
+type ContainerServiceOrchestratorTypes string
+
+const (
+	// Custom ...
+	Custom ContainerServiceOrchestratorTypes = "Custom"
+	// DCOS ...
+	DCOS ContainerServiceOrchestratorTypes = "DCOS"
+	// Kubernetes ...
+	Kubernetes ContainerServiceOrchestratorTypes = "Kubernetes"
+	// Swarm ...
+	Swarm ContainerServiceOrchestratorTypes = "Swarm"
+)
+
+// ContainerServiceVMSizeTypes enumerates the values for container service vm size types.
+type ContainerServiceVMSizeTypes string
+
+const (
+	// StandardA0 ...
+	StandardA0 ContainerServiceVMSizeTypes = "Standard_A0"
+	// StandardA1 ...
+	StandardA1 ContainerServiceVMSizeTypes = "Standard_A1"
+	// StandardA10 ...
+	StandardA10 ContainerServiceVMSizeTypes = "Standard_A10"
+	// StandardA11 ...
+	StandardA11 ContainerServiceVMSizeTypes = "Standard_A11"
+	// StandardA2 ...
+	StandardA2 ContainerServiceVMSizeTypes = "Standard_A2"
+	// StandardA3 ...
+	StandardA3 ContainerServiceVMSizeTypes = "Standard_A3"
+	// StandardA4 ...
+	StandardA4 ContainerServiceVMSizeTypes = "Standard_A4"
+	// StandardA5 ...
+	StandardA5 ContainerServiceVMSizeTypes = "Standard_A5"
+	// StandardA6 ...
+	StandardA6 ContainerServiceVMSizeTypes = "Standard_A6"
+	// StandardA7 ...
+	StandardA7 ContainerServiceVMSizeTypes = "Standard_A7"
+	// StandardA8 ...
+	StandardA8 ContainerServiceVMSizeTypes = "Standard_A8"
+	// StandardA9 ...
+	StandardA9 ContainerServiceVMSizeTypes = "Standard_A9"
+	// StandardD1 ...
+	StandardD1 ContainerServiceVMSizeTypes = "Standard_D1"
+	// StandardD11 ...
+	StandardD11 ContainerServiceVMSizeTypes = "Standard_D11"
+	// StandardD11V2 ...
+	StandardD11V2 ContainerServiceVMSizeTypes = "Standard_D11_v2"
+	// StandardD12 ...
+	StandardD12 ContainerServiceVMSizeTypes = "Standard_D12"
+	// StandardD12V2 ...
+	StandardD12V2 ContainerServiceVMSizeTypes = "Standard_D12_v2"
+	// StandardD13 ...
+	StandardD13 ContainerServiceVMSizeTypes = "Standard_D13"
+	// StandardD13V2 ...
+	StandardD13V2 ContainerServiceVMSizeTypes = "Standard_D13_v2"
+	// StandardD14 ...
+	StandardD14 ContainerServiceVMSizeTypes = "Standard_D14"
+	// StandardD14V2 ...
+	StandardD14V2 ContainerServiceVMSizeTypes = "Standard_D14_v2"
+	// StandardD1V2 ...
+	StandardD1V2 ContainerServiceVMSizeTypes = "Standard_D1_v2"
+	// StandardD2 ...
+	StandardD2 ContainerServiceVMSizeTypes = "Standard_D2"
+	// StandardD2V2 ...
+	StandardD2V2 ContainerServiceVMSizeTypes = "Standard_D2_v2"
+	// StandardD3 ...
+	StandardD3 ContainerServiceVMSizeTypes = "Standard_D3"
+	// StandardD3V2 ...
+	StandardD3V2 ContainerServiceVMSizeTypes = "Standard_D3_v2"
+	// StandardD4 ...
+	StandardD4 ContainerServiceVMSizeTypes = "Standard_D4"
+	// StandardD4V2 ...
+	StandardD4V2 ContainerServiceVMSizeTypes = "Standard_D4_v2"
+	// StandardD5V2 ...
+	StandardD5V2 ContainerServiceVMSizeTypes = "Standard_D5_v2"
+	// StandardDS1 ...
+	StandardDS1 ContainerServiceVMSizeTypes = "Standard_DS1"
+	// StandardDS11 ...
+	StandardDS11 ContainerServiceVMSizeTypes = "Standard_DS11"
+	// StandardDS12 ...
+	StandardDS12 ContainerServiceVMSizeTypes = "Standard_DS12"
+	// StandardDS13 ...
+	StandardDS13 ContainerServiceVMSizeTypes = "Standard_DS13"
+	// StandardDS14 ...
+	StandardDS14 ContainerServiceVMSizeTypes = "Standard_DS14"
+	// StandardDS2 ...
+	StandardDS2 ContainerServiceVMSizeTypes = "Standard_DS2"
+	// StandardDS3 ...
+	StandardDS3 ContainerServiceVMSizeTypes = "Standard_DS3"
+	// StandardDS4 ...
+	StandardDS4 ContainerServiceVMSizeTypes = "Standard_DS4"
+	// StandardG1 ...
+	StandardG1 ContainerServiceVMSizeTypes = "Standard_G1"
+	// StandardG2 ...
+	StandardG2 ContainerServiceVMSizeTypes = "Standard_G2"
+	// StandardG3 ...
+	StandardG3 ContainerServiceVMSizeTypes = "Standard_G3"
+	// StandardG4 ...
+	StandardG4 ContainerServiceVMSizeTypes = "Standard_G4"
+	// StandardG5 ...
+	StandardG5 ContainerServiceVMSizeTypes = "Standard_G5"
+	// StandardGS1 ...
+	StandardGS1 ContainerServiceVMSizeTypes = "Standard_GS1"
+	// StandardGS2 ...
+	StandardGS2 ContainerServiceVMSizeTypes = "Standard_GS2"
+	// StandardGS3 ...
+	StandardGS3 ContainerServiceVMSizeTypes = "Standard_GS3"
+	// StandardGS4 ...
+	StandardGS4 ContainerServiceVMSizeTypes = "Standard_GS4"
+	// StandardGS5 ...
+	StandardGS5 ContainerServiceVMSizeTypes = "Standard_GS5"
+)
+
+// DiskCreateOption enumerates the values for disk create option.
+type DiskCreateOption string
+
+const (
+	// Attach ...
+	Attach DiskCreateOption = "Attach"
+	// Copy ...
+	Copy DiskCreateOption = "Copy"
+	// Empty ...
+	Empty DiskCreateOption = "Empty"
+	// FromImage ...
+	FromImage DiskCreateOption = "FromImage"
+	// Import ...
+	Import DiskCreateOption = "Import"
+)
+
+// DiskCreateOptionTypes enumerates the values for disk create option types.
+type DiskCreateOptionTypes string
+
+const (
+	// DiskCreateOptionTypesAttach ...
+	DiskCreateOptionTypesAttach DiskCreateOptionTypes = "Attach"
+	// DiskCreateOptionTypesEmpty ...
+	DiskCreateOptionTypesEmpty DiskCreateOptionTypes = "Empty"
+	// DiskCreateOptionTypesFromImage ...
+	DiskCreateOptionTypesFromImage DiskCreateOptionTypes = "FromImage"
+)
+
+// InstanceViewTypes enumerates the values for instance view types.
+type InstanceViewTypes string
+
+const (
+	// InstanceView ...
+	InstanceView InstanceViewTypes = "instanceView"
+)
+
+// IntervalInMins enumerates the values for interval in mins.
+type IntervalInMins string
+
+const (
+	// FiveMins ...
+	FiveMins IntervalInMins = "FiveMins"
+	// SixtyMins ...
+	SixtyMins IntervalInMins = "SixtyMins"
+	// ThirtyMins ...
+	ThirtyMins IntervalInMins = "ThirtyMins"
+	// ThreeMins ...
+	ThreeMins IntervalInMins = "ThreeMins"
+)
+
+// IPVersion enumerates the values for ip version.
+type IPVersion string
+
+const (
+	// IPv4 ...
+	IPv4 IPVersion = "IPv4"
+	// IPv6 ...
+	IPv6 IPVersion = "IPv6"
+)
+
+// MaintenanceOperationResultCodeTypes enumerates the values for maintenance operation result code types.
+type MaintenanceOperationResultCodeTypes string
+
+const (
+	// MaintenanceOperationResultCodeTypesMaintenanceAborted ...
+	MaintenanceOperationResultCodeTypesMaintenanceAborted MaintenanceOperationResultCodeTypes = "MaintenanceAborted"
+	// MaintenanceOperationResultCodeTypesMaintenanceCompleted ...
+	MaintenanceOperationResultCodeTypesMaintenanceCompleted MaintenanceOperationResultCodeTypes = "MaintenanceCompleted"
+	// MaintenanceOperationResultCodeTypesNone ...
+	MaintenanceOperationResultCodeTypesNone MaintenanceOperationResultCodeTypes = "None"
+	// MaintenanceOperationResultCodeTypesRetryLater ...
+	MaintenanceOperationResultCodeTypesRetryLater MaintenanceOperationResultCodeTypes = "RetryLater"
+)
+
+// OperatingSystemStateTypes enumerates the values for operating system state types.
+type OperatingSystemStateTypes string
+
+const (
+	// Generalized ...
+	Generalized OperatingSystemStateTypes = "Generalized"
+	// Specialized ...
+	Specialized OperatingSystemStateTypes = "Specialized"
+)
+
+// OperatingSystemTypes enumerates the values for operating system types.
+type OperatingSystemTypes string
+
+const (
+	// Linux ...
+	Linux OperatingSystemTypes = "Linux"
+	// Windows ...
+	Windows OperatingSystemTypes = "Windows"
+)
+
+// PassNames enumerates the values for pass names.
+type PassNames string
+
+const (
+	// OobeSystem ...
+	OobeSystem PassNames = "OobeSystem"
+)
+
+// ProtocolTypes enumerates the values for protocol types.
+type ProtocolTypes string
+
+const (
+	// HTTP ...
+	HTTP ProtocolTypes = "Http"
+	// HTTPS ...
+	HTTPS ProtocolTypes = "Https"
+)
+
+// ResourceIdentityType enumerates the values for resource identity type.
+type ResourceIdentityType string
+
+const (
+	// ResourceIdentityTypeNone ...
+	ResourceIdentityTypeNone ResourceIdentityType = "None"
+	// ResourceIdentityTypeSystemAssigned ...
+	ResourceIdentityTypeSystemAssigned ResourceIdentityType = "SystemAssigned"
+	// ResourceIdentityTypeSystemAssignedUserAssigned ...
+	ResourceIdentityTypeSystemAssignedUserAssigned ResourceIdentityType = "SystemAssigned, UserAssigned"
+	// ResourceIdentityTypeUserAssigned ...
+	ResourceIdentityTypeUserAssigned ResourceIdentityType = "UserAssigned"
+)
+
+// ResourceSkuCapacityScaleType enumerates the values for resource sku capacity scale type.
+type ResourceSkuCapacityScaleType string
+
+const (
+	// ResourceSkuCapacityScaleTypeAutomatic ...
+	ResourceSkuCapacityScaleTypeAutomatic ResourceSkuCapacityScaleType = "Automatic"
+	// ResourceSkuCapacityScaleTypeManual ...
+	ResourceSkuCapacityScaleTypeManual ResourceSkuCapacityScaleType = "Manual"
+	// ResourceSkuCapacityScaleTypeNone ...
+	ResourceSkuCapacityScaleTypeNone ResourceSkuCapacityScaleType = "None"
+)
+
+// ResourceSkuRestrictionsReasonCode enumerates the values for resource sku restrictions reason code.
+type ResourceSkuRestrictionsReasonCode string
+
+const (
+	// NotAvailableForSubscription ...
+	NotAvailableForSubscription ResourceSkuRestrictionsReasonCode = "NotAvailableForSubscription"
+	// QuotaID ...
+	QuotaID ResourceSkuRestrictionsReasonCode = "QuotaId"
+)
+
+// ResourceSkuRestrictionsType enumerates the values for resource sku restrictions type.
+type ResourceSkuRestrictionsType string
+
+const (
+	// Location ...
+	Location ResourceSkuRestrictionsType = "Location"
+	// Zone ...
+	Zone ResourceSkuRestrictionsType = "Zone"
+)
+
+// RollingUpgradeActionType enumerates the values for rolling upgrade action type.
+type RollingUpgradeActionType string
+
+const (
+	// Cancel ...
+	Cancel RollingUpgradeActionType = "Cancel"
+	// Start ...
+	Start RollingUpgradeActionType = "Start"
+)
+
+// RollingUpgradeStatusCode enumerates the values for rolling upgrade status code.
+type RollingUpgradeStatusCode string
+
+const (
+	// Cancelled ...
+	Cancelled RollingUpgradeStatusCode = "Cancelled"
+	// Completed ...
+	Completed RollingUpgradeStatusCode = "Completed"
+	// Faulted ...
+	Faulted RollingUpgradeStatusCode = "Faulted"
+	// RollingForward ...
+	RollingForward RollingUpgradeStatusCode = "RollingForward"
+)
+
+// SettingNames enumerates the values for setting names.
+type SettingNames string
+
+const (
+	// AutoLogon ...
+	AutoLogon SettingNames = "AutoLogon"
+	// FirstLogonCommands ...
+	FirstLogonCommands SettingNames = "FirstLogonCommands"
+)
+
+// StatusLevelTypes enumerates the values for status level types.
+type StatusLevelTypes string
+
+const (
+	// Error ...
+	Error StatusLevelTypes = "Error"
+	// Info ...
+	Info StatusLevelTypes = "Info"
+	// Warning ...
+	Warning StatusLevelTypes = "Warning"
+)
+
+// StorageAccountTypes enumerates the values for storage account types.
+type StorageAccountTypes string
+
+const (
+	// PremiumLRS ...
+	PremiumLRS StorageAccountTypes = "Premium_LRS"
+	// StandardLRS ...
+	StandardLRS StorageAccountTypes = "Standard_LRS"
+)
+
+// UpgradeMode enumerates the values for upgrade mode.
+type UpgradeMode string
+
+const (
+	// Automatic ...
+	Automatic UpgradeMode = "Automatic"
+	// Manual ...
+	Manual UpgradeMode = "Manual"
+	// Rolling ...
+	Rolling UpgradeMode = "Rolling"
+)
+
+// VirtualMachinePriorityTypes enumerates the values for virtual machine priority types.
+type VirtualMachinePriorityTypes string
+
+const (
+	// Low ...
+	Low VirtualMachinePriorityTypes = "Low"
+	// Regular ...
+	Regular VirtualMachinePriorityTypes = "Regular"
+)
+
+// VirtualMachineScaleSetSkuScaleType enumerates the values for virtual machine scale set sku scale type.
+type VirtualMachineScaleSetSkuScaleType string
+
+const (
+	// VirtualMachineScaleSetSkuScaleTypeAutomatic ...
+	VirtualMachineScaleSetSkuScaleTypeAutomatic VirtualMachineScaleSetSkuScaleType = "Automatic"
+	// VirtualMachineScaleSetSkuScaleTypeNone ...
+	VirtualMachineScaleSetSkuScaleTypeNone VirtualMachineScaleSetSkuScaleType = "None"
+)
+
+// VirtualMachineSizeTypes enumerates the values for virtual machine size types.
+type VirtualMachineSizeTypes string
+
+const (
+	// VirtualMachineSizeTypesBasicA0 ...
+	VirtualMachineSizeTypesBasicA0 VirtualMachineSizeTypes = "Basic_A0"
+	// VirtualMachineSizeTypesBasicA1 ...
+	VirtualMachineSizeTypesBasicA1 VirtualMachineSizeTypes = "Basic_A1"
+	// VirtualMachineSizeTypesBasicA2 ...
+	VirtualMachineSizeTypesBasicA2 VirtualMachineSizeTypes = "Basic_A2"
+	// VirtualMachineSizeTypesBasicA3 ...
+	VirtualMachineSizeTypesBasicA3 VirtualMachineSizeTypes = "Basic_A3"
+	// VirtualMachineSizeTypesBasicA4 ...
+	VirtualMachineSizeTypesBasicA4 VirtualMachineSizeTypes = "Basic_A4"
+	// VirtualMachineSizeTypesStandardA0 ...
+	VirtualMachineSizeTypesStandardA0 VirtualMachineSizeTypes = "Standard_A0"
+	// VirtualMachineSizeTypesStandardA1 ...
+	VirtualMachineSizeTypesStandardA1 VirtualMachineSizeTypes = "Standard_A1"
+	// VirtualMachineSizeTypesStandardA10 ...
+	VirtualMachineSizeTypesStandardA10 VirtualMachineSizeTypes = "Standard_A10"
+	// VirtualMachineSizeTypesStandardA11 ...
+	VirtualMachineSizeTypesStandardA11 VirtualMachineSizeTypes = "Standard_A11"
+	// VirtualMachineSizeTypesStandardA1V2 ...
+	VirtualMachineSizeTypesStandardA1V2 VirtualMachineSizeTypes = "Standard_A1_v2"
+	// VirtualMachineSizeTypesStandardA2 ...
+	VirtualMachineSizeTypesStandardA2 VirtualMachineSizeTypes = "Standard_A2"
+	// VirtualMachineSizeTypesStandardA2mV2 ...
+	VirtualMachineSizeTypesStandardA2mV2 VirtualMachineSizeTypes = "Standard_A2m_v2"
+	// VirtualMachineSizeTypesStandardA2V2 ...
+	VirtualMachineSizeTypesStandardA2V2 VirtualMachineSizeTypes = "Standard_A2_v2"
+	// VirtualMachineSizeTypesStandardA3 ...
+	VirtualMachineSizeTypesStandardA3 VirtualMachineSizeTypes = "Standard_A3"
+	// VirtualMachineSizeTypesStandardA4 ...
+	VirtualMachineSizeTypesStandardA4 VirtualMachineSizeTypes = "Standard_A4"
+	// VirtualMachineSizeTypesStandardA4mV2 ...
+	VirtualMachineSizeTypesStandardA4mV2 VirtualMachineSizeTypes = "Standard_A4m_v2"
+	// VirtualMachineSizeTypesStandardA4V2 ...
+	VirtualMachineSizeTypesStandardA4V2 VirtualMachineSizeTypes = "Standard_A4_v2"
+	// VirtualMachineSizeTypesStandardA5 ...
+	VirtualMachineSizeTypesStandardA5 VirtualMachineSizeTypes = "Standard_A5"
+	// VirtualMachineSizeTypesStandardA6 ...
+	VirtualMachineSizeTypesStandardA6 VirtualMachineSizeTypes = "Standard_A6"
+	// VirtualMachineSizeTypesStandardA7 ...
+	VirtualMachineSizeTypesStandardA7 VirtualMachineSizeTypes = "Standard_A7"
+	// VirtualMachineSizeTypesStandardA8 ...
+	VirtualMachineSizeTypesStandardA8 VirtualMachineSizeTypes = "Standard_A8"
+	// VirtualMachineSizeTypesStandardA8mV2 ...
+	VirtualMachineSizeTypesStandardA8mV2 VirtualMachineSizeTypes = "Standard_A8m_v2"
+	// VirtualMachineSizeTypesStandardA8V2 ...
+	VirtualMachineSizeTypesStandardA8V2 VirtualMachineSizeTypes = "Standard_A8_v2"
+	// VirtualMachineSizeTypesStandardA9 ...
+	VirtualMachineSizeTypesStandardA9 VirtualMachineSizeTypes = "Standard_A9"
+	// VirtualMachineSizeTypesStandardB1ms ...
+	VirtualMachineSizeTypesStandardB1ms VirtualMachineSizeTypes = "Standard_B1ms"
+	// VirtualMachineSizeTypesStandardB1s ...
+	VirtualMachineSizeTypesStandardB1s VirtualMachineSizeTypes = "Standard_B1s"
+	// VirtualMachineSizeTypesStandardB2ms ...
+	VirtualMachineSizeTypesStandardB2ms VirtualMachineSizeTypes = "Standard_B2ms"
+	// VirtualMachineSizeTypesStandardB2s ...
+	VirtualMachineSizeTypesStandardB2s VirtualMachineSizeTypes = "Standard_B2s"
+	// VirtualMachineSizeTypesStandardB4ms ...
+	VirtualMachineSizeTypesStandardB4ms VirtualMachineSizeTypes = "Standard_B4ms"
+	// VirtualMachineSizeTypesStandardB8ms ...
+	VirtualMachineSizeTypesStandardB8ms VirtualMachineSizeTypes = "Standard_B8ms"
+	// VirtualMachineSizeTypesStandardD1 ...
+	VirtualMachineSizeTypesStandardD1 VirtualMachineSizeTypes = "Standard_D1"
+	// VirtualMachineSizeTypesStandardD11 ...
+	VirtualMachineSizeTypesStandardD11 VirtualMachineSizeTypes = "Standard_D11"
+	// VirtualMachineSizeTypesStandardD11V2 ...
+	VirtualMachineSizeTypesStandardD11V2 VirtualMachineSizeTypes = "Standard_D11_v2"
+	// VirtualMachineSizeTypesStandardD12 ...
+	VirtualMachineSizeTypesStandardD12 VirtualMachineSizeTypes = "Standard_D12"
+	// VirtualMachineSizeTypesStandardD12V2 ...
+	VirtualMachineSizeTypesStandardD12V2 VirtualMachineSizeTypes = "Standard_D12_v2"
+	// VirtualMachineSizeTypesStandardD13 ...
+	VirtualMachineSizeTypesStandardD13 VirtualMachineSizeTypes = "Standard_D13"
+	// VirtualMachineSizeTypesStandardD13V2 ...
+	VirtualMachineSizeTypesStandardD13V2 VirtualMachineSizeTypes = "Standard_D13_v2"
+	// VirtualMachineSizeTypesStandardD14 ...
+	VirtualMachineSizeTypesStandardD14 VirtualMachineSizeTypes = "Standard_D14"
+	// VirtualMachineSizeTypesStandardD14V2 ...
+	VirtualMachineSizeTypesStandardD14V2 VirtualMachineSizeTypes = "Standard_D14_v2"
+	// VirtualMachineSizeTypesStandardD15V2 ...
+	VirtualMachineSizeTypesStandardD15V2 VirtualMachineSizeTypes = "Standard_D15_v2"
+	// VirtualMachineSizeTypesStandardD16sV3 ...
+	VirtualMachineSizeTypesStandardD16sV3 VirtualMachineSizeTypes = "Standard_D16s_v3"
+	// VirtualMachineSizeTypesStandardD16V3 ...
+	VirtualMachineSizeTypesStandardD16V3 VirtualMachineSizeTypes = "Standard_D16_v3"
+	// VirtualMachineSizeTypesStandardD1V2 ...
+	VirtualMachineSizeTypesStandardD1V2 VirtualMachineSizeTypes = "Standard_D1_v2"
+	// VirtualMachineSizeTypesStandardD2 ...
+	VirtualMachineSizeTypesStandardD2 VirtualMachineSizeTypes = "Standard_D2"
+	// VirtualMachineSizeTypesStandardD2sV3 ...
+	VirtualMachineSizeTypesStandardD2sV3 VirtualMachineSizeTypes = "Standard_D2s_v3"
+	// VirtualMachineSizeTypesStandardD2V2 ...
+	VirtualMachineSizeTypesStandardD2V2 VirtualMachineSizeTypes = "Standard_D2_v2"
+	// VirtualMachineSizeTypesStandardD2V3 ...
+	VirtualMachineSizeTypesStandardD2V3 VirtualMachineSizeTypes = "Standard_D2_v3"
+	// VirtualMachineSizeTypesStandardD3 ...
+	VirtualMachineSizeTypesStandardD3 VirtualMachineSizeTypes = "Standard_D3"
+	// VirtualMachineSizeTypesStandardD32sV3 ...
+	VirtualMachineSizeTypesStandardD32sV3 VirtualMachineSizeTypes = "Standard_D32s_v3"
+	// VirtualMachineSizeTypesStandardD32V3 ...
+	VirtualMachineSizeTypesStandardD32V3 VirtualMachineSizeTypes = "Standard_D32_v3"
+	// VirtualMachineSizeTypesStandardD3V2 ...
+	VirtualMachineSizeTypesStandardD3V2 VirtualMachineSizeTypes = "Standard_D3_v2"
+	// VirtualMachineSizeTypesStandardD4 ...
+	VirtualMachineSizeTypesStandardD4 VirtualMachineSizeTypes = "Standard_D4"
+	// VirtualMachineSizeTypesStandardD4sV3 ...
+	VirtualMachineSizeTypesStandardD4sV3 VirtualMachineSizeTypes = "Standard_D4s_v3"
+	// VirtualMachineSizeTypesStandardD4V2 ...
+	VirtualMachineSizeTypesStandardD4V2 VirtualMachineSizeTypes = "Standard_D4_v2"
+	// VirtualMachineSizeTypesStandardD4V3 ...
+	VirtualMachineSizeTypesStandardD4V3 VirtualMachineSizeTypes = "Standard_D4_v3"
+	// VirtualMachineSizeTypesStandardD5V2 ...
+	VirtualMachineSizeTypesStandardD5V2 VirtualMachineSizeTypes = "Standard_D5_v2"
+	// VirtualMachineSizeTypesStandardD64sV3 ...
+	VirtualMachineSizeTypesStandardD64sV3 VirtualMachineSizeTypes = "Standard_D64s_v3"
+	// VirtualMachineSizeTypesStandardD64V3 ...
+	VirtualMachineSizeTypesStandardD64V3 VirtualMachineSizeTypes = "Standard_D64_v3"
+	// VirtualMachineSizeTypesStandardD8sV3 ...
+	VirtualMachineSizeTypesStandardD8sV3 VirtualMachineSizeTypes = "Standard_D8s_v3"
+	// VirtualMachineSizeTypesStandardD8V3 ...
+	VirtualMachineSizeTypesStandardD8V3 VirtualMachineSizeTypes = "Standard_D8_v3"
+	// VirtualMachineSizeTypesStandardDS1 ...
+	VirtualMachineSizeTypesStandardDS1 VirtualMachineSizeTypes = "Standard_DS1"
+	// VirtualMachineSizeTypesStandardDS11 ...
+	VirtualMachineSizeTypesStandardDS11 VirtualMachineSizeTypes = "Standard_DS11"
+	// VirtualMachineSizeTypesStandardDS11V2 ...
+	VirtualMachineSizeTypesStandardDS11V2 VirtualMachineSizeTypes = "Standard_DS11_v2"
+	// VirtualMachineSizeTypesStandardDS12 ...
+	VirtualMachineSizeTypesStandardDS12 VirtualMachineSizeTypes = "Standard_DS12"
+	// VirtualMachineSizeTypesStandardDS12V2 ...
+	VirtualMachineSizeTypesStandardDS12V2 VirtualMachineSizeTypes = "Standard_DS12_v2"
+	// VirtualMachineSizeTypesStandardDS13 ...
+	VirtualMachineSizeTypesStandardDS13 VirtualMachineSizeTypes = "Standard_DS13"
+	// VirtualMachineSizeTypesStandardDS132V2 ...
+	VirtualMachineSizeTypesStandardDS132V2 VirtualMachineSizeTypes = "Standard_DS13-2_v2"
+	// VirtualMachineSizeTypesStandardDS134V2 ...
+	VirtualMachineSizeTypesStandardDS134V2 VirtualMachineSizeTypes = "Standard_DS13-4_v2"
+	// VirtualMachineSizeTypesStandardDS13V2 ...
+	VirtualMachineSizeTypesStandardDS13V2 VirtualMachineSizeTypes = "Standard_DS13_v2"
+	// VirtualMachineSizeTypesStandardDS14 ...
+	VirtualMachineSizeTypesStandardDS14 VirtualMachineSizeTypes = "Standard_DS14"
+	// VirtualMachineSizeTypesStandardDS144V2 ...
+	VirtualMachineSizeTypesStandardDS144V2 VirtualMachineSizeTypes = "Standard_DS14-4_v2"
+	// VirtualMachineSizeTypesStandardDS148V2 ...
+	VirtualMachineSizeTypesStandardDS148V2 VirtualMachineSizeTypes = "Standard_DS14-8_v2"
+	// VirtualMachineSizeTypesStandardDS14V2 ...
+	VirtualMachineSizeTypesStandardDS14V2 VirtualMachineSizeTypes = "Standard_DS14_v2"
+	// VirtualMachineSizeTypesStandardDS15V2 ...
+	VirtualMachineSizeTypesStandardDS15V2 VirtualMachineSizeTypes = "Standard_DS15_v2"
+	// VirtualMachineSizeTypesStandardDS1V2 ...
+	VirtualMachineSizeTypesStandardDS1V2 VirtualMachineSizeTypes = "Standard_DS1_v2"
+	// VirtualMachineSizeTypesStandardDS2 ...
+	VirtualMachineSizeTypesStandardDS2 VirtualMachineSizeTypes = "Standard_DS2"
+	// VirtualMachineSizeTypesStandardDS2V2 ...
+	VirtualMachineSizeTypesStandardDS2V2 VirtualMachineSizeTypes = "Standard_DS2_v2"
+	// VirtualMachineSizeTypesStandardDS3 ...
+	VirtualMachineSizeTypesStandardDS3 VirtualMachineSizeTypes = "Standard_DS3"
+	// VirtualMachineSizeTypesStandardDS3V2 ...
+	VirtualMachineSizeTypesStandardDS3V2 VirtualMachineSizeTypes = "Standard_DS3_v2"
+	// VirtualMachineSizeTypesStandardDS4 ...
+	VirtualMachineSizeTypesStandardDS4 VirtualMachineSizeTypes = "Standard_DS4"
+	// VirtualMachineSizeTypesStandardDS4V2 ...
+	VirtualMachineSizeTypesStandardDS4V2 VirtualMachineSizeTypes = "Standard_DS4_v2"
+	// VirtualMachineSizeTypesStandardDS5V2 ...
+	VirtualMachineSizeTypesStandardDS5V2 VirtualMachineSizeTypes = "Standard_DS5_v2"
+	// VirtualMachineSizeTypesStandardE16sV3 ...
+	VirtualMachineSizeTypesStandardE16sV3 VirtualMachineSizeTypes = "Standard_E16s_v3"
+	// VirtualMachineSizeTypesStandardE16V3 ...
+	VirtualMachineSizeTypesStandardE16V3 VirtualMachineSizeTypes = "Standard_E16_v3"
+	// VirtualMachineSizeTypesStandardE2sV3 ...
+	VirtualMachineSizeTypesStandardE2sV3 VirtualMachineSizeTypes = "Standard_E2s_v3"
+	// VirtualMachineSizeTypesStandardE2V3 ...
+	VirtualMachineSizeTypesStandardE2V3 VirtualMachineSizeTypes = "Standard_E2_v3"
+	// VirtualMachineSizeTypesStandardE3216V3 ...
+	VirtualMachineSizeTypesStandardE3216V3 VirtualMachineSizeTypes = "Standard_E32-16_v3"
+	// VirtualMachineSizeTypesStandardE328sV3 ...
+	VirtualMachineSizeTypesStandardE328sV3 VirtualMachineSizeTypes = "Standard_E32-8s_v3"
+	// VirtualMachineSizeTypesStandardE32sV3 ...
+	VirtualMachineSizeTypesStandardE32sV3 VirtualMachineSizeTypes = "Standard_E32s_v3"
+	// VirtualMachineSizeTypesStandardE32V3 ...
+	VirtualMachineSizeTypesStandardE32V3 VirtualMachineSizeTypes = "Standard_E32_v3"
+	// VirtualMachineSizeTypesStandardE4sV3 ...
+	VirtualMachineSizeTypesStandardE4sV3 VirtualMachineSizeTypes = "Standard_E4s_v3"
+	// VirtualMachineSizeTypesStandardE4V3 ...
+	VirtualMachineSizeTypesStandardE4V3 VirtualMachineSizeTypes = "Standard_E4_v3"
+	// VirtualMachineSizeTypesStandardE6416sV3 ...
+	VirtualMachineSizeTypesStandardE6416sV3 VirtualMachineSizeTypes = "Standard_E64-16s_v3"
+	// VirtualMachineSizeTypesStandardE6432sV3 ...
+	VirtualMachineSizeTypesStandardE6432sV3 VirtualMachineSizeTypes = "Standard_E64-32s_v3"
+	// VirtualMachineSizeTypesStandardE64sV3 ...
+	VirtualMachineSizeTypesStandardE64sV3 VirtualMachineSizeTypes = "Standard_E64s_v3"
+	// VirtualMachineSizeTypesStandardE64V3 ...
+	VirtualMachineSizeTypesStandardE64V3 VirtualMachineSizeTypes = "Standard_E64_v3"
+	// VirtualMachineSizeTypesStandardE8sV3 ...
+	VirtualMachineSizeTypesStandardE8sV3 VirtualMachineSizeTypes = "Standard_E8s_v3"
+	// VirtualMachineSizeTypesStandardE8V3 ...
+	VirtualMachineSizeTypesStandardE8V3 VirtualMachineSizeTypes = "Standard_E8_v3"
+	// VirtualMachineSizeTypesStandardF1 ...
+	VirtualMachineSizeTypesStandardF1 VirtualMachineSizeTypes = "Standard_F1"
+	// VirtualMachineSizeTypesStandardF16 ...
+	VirtualMachineSizeTypesStandardF16 VirtualMachineSizeTypes = "Standard_F16"
+	// VirtualMachineSizeTypesStandardF16s ...
+	VirtualMachineSizeTypesStandardF16s VirtualMachineSizeTypes = "Standard_F16s"
+	// VirtualMachineSizeTypesStandardF16sV2 ...
+	VirtualMachineSizeTypesStandardF16sV2 VirtualMachineSizeTypes = "Standard_F16s_v2"
+	// VirtualMachineSizeTypesStandardF1s ...
+	VirtualMachineSizeTypesStandardF1s VirtualMachineSizeTypes = "Standard_F1s"
+	// VirtualMachineSizeTypesStandardF2 ...
+	VirtualMachineSizeTypesStandardF2 VirtualMachineSizeTypes = "Standard_F2"
+	// VirtualMachineSizeTypesStandardF2s ...
+	VirtualMachineSizeTypesStandardF2s VirtualMachineSizeTypes = "Standard_F2s"
+	// VirtualMachineSizeTypesStandardF2sV2 ...
+	VirtualMachineSizeTypesStandardF2sV2 VirtualMachineSizeTypes = "Standard_F2s_v2"
+	// VirtualMachineSizeTypesStandardF32sV2 ...
+	VirtualMachineSizeTypesStandardF32sV2 VirtualMachineSizeTypes = "Standard_F32s_v2"
+	// VirtualMachineSizeTypesStandardF4 ...
+	VirtualMachineSizeTypesStandardF4 VirtualMachineSizeTypes = "Standard_F4"
+	// VirtualMachineSizeTypesStandardF4s ...
+	VirtualMachineSizeTypesStandardF4s VirtualMachineSizeTypes = "Standard_F4s"
+	// VirtualMachineSizeTypesStandardF4sV2 ...
+	VirtualMachineSizeTypesStandardF4sV2 VirtualMachineSizeTypes = "Standard_F4s_v2"
+	// VirtualMachineSizeTypesStandardF64sV2 ...
+	VirtualMachineSizeTypesStandardF64sV2 VirtualMachineSizeTypes = "Standard_F64s_v2"
+	// VirtualMachineSizeTypesStandardF72sV2 ...
+	VirtualMachineSizeTypesStandardF72sV2 VirtualMachineSizeTypes = "Standard_F72s_v2"
+	// VirtualMachineSizeTypesStandardF8 ...
+	VirtualMachineSizeTypesStandardF8 VirtualMachineSizeTypes = "Standard_F8"
+	// VirtualMachineSizeTypesStandardF8s ...
+	VirtualMachineSizeTypesStandardF8s VirtualMachineSizeTypes = "Standard_F8s"
+	// VirtualMachineSizeTypesStandardF8sV2 ...
+	VirtualMachineSizeTypesStandardF8sV2 VirtualMachineSizeTypes = "Standard_F8s_v2"
+	// VirtualMachineSizeTypesStandardG1 ...
+	VirtualMachineSizeTypesStandardG1 VirtualMachineSizeTypes = "Standard_G1"
+	// VirtualMachineSizeTypesStandardG2 ...
+	VirtualMachineSizeTypesStandardG2 VirtualMachineSizeTypes = "Standard_G2"
+	// VirtualMachineSizeTypesStandardG3 ...
+	VirtualMachineSizeTypesStandardG3 VirtualMachineSizeTypes = "Standard_G3"
+	// VirtualMachineSizeTypesStandardG4 ...
+	VirtualMachineSizeTypesStandardG4 VirtualMachineSizeTypes = "Standard_G4"
+	// VirtualMachineSizeTypesStandardG5 ...
+	VirtualMachineSizeTypesStandardG5 VirtualMachineSizeTypes = "Standard_G5"
+	// VirtualMachineSizeTypesStandardGS1 ...
+	VirtualMachineSizeTypesStandardGS1 VirtualMachineSizeTypes = "Standard_GS1"
+	// VirtualMachineSizeTypesStandardGS2 ...
+	VirtualMachineSizeTypesStandardGS2 VirtualMachineSizeTypes = "Standard_GS2"
+	// VirtualMachineSizeTypesStandardGS3 ...
+	VirtualMachineSizeTypesStandardGS3 VirtualMachineSizeTypes = "Standard_GS3"
+	// VirtualMachineSizeTypesStandardGS4 ...
+	VirtualMachineSizeTypesStandardGS4 VirtualMachineSizeTypes = "Standard_GS4"
+	// VirtualMachineSizeTypesStandardGS44 ...
+	VirtualMachineSizeTypesStandardGS44 VirtualMachineSizeTypes = "Standard_GS4-4"
+	// VirtualMachineSizeTypesStandardGS48 ...
+	VirtualMachineSizeTypesStandardGS48 VirtualMachineSizeTypes = "Standard_GS4-8"
+	// VirtualMachineSizeTypesStandardGS5 ...
+	VirtualMachineSizeTypesStandardGS5 VirtualMachineSizeTypes = "Standard_GS5"
+	// VirtualMachineSizeTypesStandardGS516 ...
+	VirtualMachineSizeTypesStandardGS516 VirtualMachineSizeTypes = "Standard_GS5-16"
+	// VirtualMachineSizeTypesStandardGS58 ...
+	VirtualMachineSizeTypesStandardGS58 VirtualMachineSizeTypes = "Standard_GS5-8"
+	// VirtualMachineSizeTypesStandardH16 ...
+	VirtualMachineSizeTypesStandardH16 VirtualMachineSizeTypes = "Standard_H16"
+	// VirtualMachineSizeTypesStandardH16m ...
+	VirtualMachineSizeTypesStandardH16m VirtualMachineSizeTypes = "Standard_H16m"
+	// VirtualMachineSizeTypesStandardH16mr ...
+	VirtualMachineSizeTypesStandardH16mr VirtualMachineSizeTypes = "Standard_H16mr"
+	// VirtualMachineSizeTypesStandardH16r ...
+	VirtualMachineSizeTypesStandardH16r VirtualMachineSizeTypes = "Standard_H16r"
+	// VirtualMachineSizeTypesStandardH8 ...
+	VirtualMachineSizeTypesStandardH8 VirtualMachineSizeTypes = "Standard_H8"
+	// VirtualMachineSizeTypesStandardH8m ...
+	VirtualMachineSizeTypesStandardH8m VirtualMachineSizeTypes = "Standard_H8m"
+	// VirtualMachineSizeTypesStandardL16s ...
+	VirtualMachineSizeTypesStandardL16s VirtualMachineSizeTypes = "Standard_L16s"
+	// VirtualMachineSizeTypesStandardL32s ...
+	VirtualMachineSizeTypesStandardL32s VirtualMachineSizeTypes = "Standard_L32s"
+	// VirtualMachineSizeTypesStandardL4s ...
+	VirtualMachineSizeTypesStandardL4s VirtualMachineSizeTypes = "Standard_L4s"
+	// VirtualMachineSizeTypesStandardL8s ...
+	VirtualMachineSizeTypesStandardL8s VirtualMachineSizeTypes = "Standard_L8s"
+	// VirtualMachineSizeTypesStandardM12832ms ...
+	VirtualMachineSizeTypesStandardM12832ms VirtualMachineSizeTypes = "Standard_M128-32ms"
+	// VirtualMachineSizeTypesStandardM12864ms ...
+	VirtualMachineSizeTypesStandardM12864ms VirtualMachineSizeTypes = "Standard_M128-64ms"
+	// VirtualMachineSizeTypesStandardM128ms ...
+	VirtualMachineSizeTypesStandardM128ms VirtualMachineSizeTypes = "Standard_M128ms"
+	// VirtualMachineSizeTypesStandardM128s ...
+	VirtualMachineSizeTypesStandardM128s VirtualMachineSizeTypes = "Standard_M128s"
+	// VirtualMachineSizeTypesStandardM6416ms ...
+	VirtualMachineSizeTypesStandardM6416ms VirtualMachineSizeTypes = "Standard_M64-16ms"
+	// VirtualMachineSizeTypesStandardM6432ms ...
+	VirtualMachineSizeTypesStandardM6432ms VirtualMachineSizeTypes = "Standard_M64-32ms"
+	// VirtualMachineSizeTypesStandardM64ms ...
+	VirtualMachineSizeTypesStandardM64ms VirtualMachineSizeTypes = "Standard_M64ms"
+	// VirtualMachineSizeTypesStandardM64s ...
+	VirtualMachineSizeTypesStandardM64s VirtualMachineSizeTypes = "Standard_M64s"
+	// VirtualMachineSizeTypesStandardNC12 ...
+	VirtualMachineSizeTypesStandardNC12 VirtualMachineSizeTypes = "Standard_NC12"
+	// VirtualMachineSizeTypesStandardNC12sV2 ...
+	VirtualMachineSizeTypesStandardNC12sV2 VirtualMachineSizeTypes = "Standard_NC12s_v2"
+	// VirtualMachineSizeTypesStandardNC12sV3 ...
+	VirtualMachineSizeTypesStandardNC12sV3 VirtualMachineSizeTypes = "Standard_NC12s_v3"
+	// VirtualMachineSizeTypesStandardNC24 ...
+	VirtualMachineSizeTypesStandardNC24 VirtualMachineSizeTypes = "Standard_NC24"
+	// VirtualMachineSizeTypesStandardNC24r ...
+	VirtualMachineSizeTypesStandardNC24r VirtualMachineSizeTypes = "Standard_NC24r"
+	// VirtualMachineSizeTypesStandardNC24rsV2 ...
+	VirtualMachineSizeTypesStandardNC24rsV2 VirtualMachineSizeTypes = "Standard_NC24rs_v2"
+	// VirtualMachineSizeTypesStandardNC24rsV3 ...
+	VirtualMachineSizeTypesStandardNC24rsV3 VirtualMachineSizeTypes = "Standard_NC24rs_v3"
+	// VirtualMachineSizeTypesStandardNC24sV2 ...
+	VirtualMachineSizeTypesStandardNC24sV2 VirtualMachineSizeTypes = "Standard_NC24s_v2"
+	// VirtualMachineSizeTypesStandardNC24sV3 ...
+	VirtualMachineSizeTypesStandardNC24sV3 VirtualMachineSizeTypes = "Standard_NC24s_v3"
+	// VirtualMachineSizeTypesStandardNC6 ...
+	VirtualMachineSizeTypesStandardNC6 VirtualMachineSizeTypes = "Standard_NC6"
+	// VirtualMachineSizeTypesStandardNC6sV2 ...
+	VirtualMachineSizeTypesStandardNC6sV2 VirtualMachineSizeTypes = "Standard_NC6s_v2"
+	// VirtualMachineSizeTypesStandardNC6sV3 ...
+	VirtualMachineSizeTypesStandardNC6sV3 VirtualMachineSizeTypes = "Standard_NC6s_v3"
+	// VirtualMachineSizeTypesStandardND12s ...
+	VirtualMachineSizeTypesStandardND12s VirtualMachineSizeTypes = "Standard_ND12s"
+	// VirtualMachineSizeTypesStandardND24rs ...
+	VirtualMachineSizeTypesStandardND24rs VirtualMachineSizeTypes = "Standard_ND24rs"
+	// VirtualMachineSizeTypesStandardND24s ...
+	VirtualMachineSizeTypesStandardND24s VirtualMachineSizeTypes = "Standard_ND24s"
+	// VirtualMachineSizeTypesStandardND6s ...
+	VirtualMachineSizeTypesStandardND6s VirtualMachineSizeTypes = "Standard_ND6s"
+	// VirtualMachineSizeTypesStandardNV12 ...
+	VirtualMachineSizeTypesStandardNV12 VirtualMachineSizeTypes = "Standard_NV12"
+	// VirtualMachineSizeTypesStandardNV24 ...
+	VirtualMachineSizeTypesStandardNV24 VirtualMachineSizeTypes = "Standard_NV24"
+	// VirtualMachineSizeTypesStandardNV6 ...
+	VirtualMachineSizeTypesStandardNV6 VirtualMachineSizeTypes = "Standard_NV6"
+)
+
+// AccessURI a disk access SAS uri.
+type AccessURI struct {
+	autorest.Response `json:"-"`
+	// AccessURIOutput - Operation output data (raw JSON)
+	*AccessURIOutput `json:"properties,omitempty"`
+}
+
+// AccessURIOutput azure properties, including output.
+type AccessURIOutput struct {
+	// AccessURIRaw - Operation output data (raw JSON)
+	*AccessURIRaw `json:"output,omitempty"`
+}
+
+// AccessURIRaw this object gets 'bubbled up' through flattening.
+type AccessURIRaw struct {
+	// AccessSAS - A SAS uri for accessing a disk.
+	AccessSAS *string `json:"accessSAS,omitempty"`
+}
+
+// AdditionalUnattendContent specifies additional XML formatted information that can be included in the Unattend.xml
+// file, which is used by Windows Setup. Contents are defined by setting name, component name, and the pass in which
+// the content is applied.
+type AdditionalUnattendContent struct {
+	// PassName - The pass name. Currently, the only allowable value is OobeSystem. Possible values include: 'OobeSystem'
+	PassName PassNames `json:"passName,omitempty"`
+	// ComponentName - The component name. Currently, the only allowable value is Microsoft-Windows-Shell-Setup. Possible values include: 'MicrosoftWindowsShellSetup'
+	ComponentName ComponentNames `json:"componentName,omitempty"`
+	// SettingName - Specifies the name of the setting to which the content applies. Possible values are: FirstLogonCommands and AutoLogon. Possible values include: 'AutoLogon', 'FirstLogonCommands'
+	SettingName SettingNames `json:"settingName,omitempty"`
+	// Content - Specifies the XML formatted content that is added to the unattend.xml file for the specified path and component. The XML must be less than 4KB and must include the root element for the setting or feature that is being inserted.
+	Content *string `json:"content,omitempty"`
+}
+
+// APIEntityReference the API entity reference.
+type APIEntityReference struct {
+	// ID - The ARM resource id in the form of /subscriptions/{SubcriptionId}/resourceGroups/{ResourceGroupName}/...
+	ID *string `json:"id,omitempty"`
+}
+
+// APIError api error.
+type APIError struct {
+	// Details - The Api error details
+	Details *[]APIErrorBase `json:"details,omitempty"`
+	// Innererror - The Api inner error
+	Innererror *InnerError `json:"innererror,omitempty"`
+	// Code - The error code.
+	Code *string `json:"code,omitempty"`
+	// Target - The target of the particular error.
+	Target *string `json:"target,omitempty"`
+	// Message - The error message.
+	Message *string `json:"message,omitempty"`
+}
+
+// APIErrorBase api error base.
+type APIErrorBase struct {
+	// Code - The error code.
+	Code *string `json:"code,omitempty"`
+	// Target - The target of the particular error.
+	Target *string `json:"target,omitempty"`
+	// Message - The error message.
+	Message *string `json:"message,omitempty"`
+}
+
+// AvailabilitySet specifies information about the availability set that the virtual machine should be assigned to.
+// Virtual machines specified in the same availability set are allocated to different nodes to maximize availability.
+// For more information about availability sets, see [Manage the availability of virtual
+// machines](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-windows-manage-availability?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json).
+// <br><br> For more information on Azure planned maintainance, see [Planned maintenance for virtual machines in
+// Azure](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-windows-planned-maintenance?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json)
+// <br><br> Currently, a VM can only be added to availability set at creation time. An existing VM cannot be added to
+// an availability set.
+type AvailabilitySet struct {
+	autorest.Response `json:"-"`
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Name - Resource name
+	Name *string `json:"name,omitempty"`
+	// Type - Resource type
+	Type *string `json:"type,omitempty"`
+	// Location - Resource location
+	Location *string `json:"location,omitempty"`
+	// Tags - Resource tags
+	Tags                       *map[string]*string `json:"tags,omitempty"`
+	*AvailabilitySetProperties `json:"properties,omitempty"`
+	// Sku - Sku of the availability set
+	Sku *Sku `json:"sku,omitempty"`
+}
+
+// AvailabilitySetListResult the List Availability Set operation response.
+type AvailabilitySetListResult struct {
+	autorest.Response `json:"-"`
+	// Value - The list of availability sets
+	Value *[]AvailabilitySet `json:"value,omitempty"`
+}
+
+// AvailabilitySetProperties the instance view of a resource.
+type AvailabilitySetProperties struct {
+	// PlatformUpdateDomainCount - Update Domain count.
+	PlatformUpdateDomainCount *int32 `json:"platformUpdateDomainCount,omitempty"`
+	// PlatformFaultDomainCount - Fault Domain count.
+	PlatformFaultDomainCount *int32 `json:"platformFaultDomainCount,omitempty"`
+	// VirtualMachines - A list of references to all virtual machines in the availability set.
+	VirtualMachines *[]SubResource `json:"virtualMachines,omitempty"`
+	// Statuses - The resource status information.
+	Statuses *[]InstanceViewStatus `json:"statuses,omitempty"`
+}
+
+// BootDiagnostics boot Diagnostics is a debugging feature which allows you to view Console Output and Screenshot to
+// diagnose VM status. <br><br> For Linux Virtual Machines, you can easily view the output of your console log.
+// <br><br> For both Windows and Linux virtual machines, Azure also enables you to see a screenshot of the VM from the
+// hypervisor.
+type BootDiagnostics struct {
+	// Enabled - Whether boot diagnostics should be enabled on the Virtual Machine.
+	Enabled *bool `json:"enabled,omitempty"`
+	// StorageURI - Uri of the storage account to use for placing the console output and screenshot.
+	StorageURI *string `json:"storageUri,omitempty"`
+}
+
+// BootDiagnosticsInstanceView the instance view of a virtual machine boot diagnostics.
+type BootDiagnosticsInstanceView struct {
+	// ConsoleScreenshotBlobURI - The console screenshot blob URI.
+	ConsoleScreenshotBlobURI *string `json:"consoleScreenshotBlobUri,omitempty"`
+	// SerialConsoleLogBlobURI - The Linux serial console log blob Uri.
+	SerialConsoleLogBlobURI *string `json:"serialConsoleLogBlobUri,omitempty"`
+}
+
+// ContainerService container service.
+type ContainerService struct {
+	autorest.Response `json:"-"`
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Name - Resource name
+	Name *string `json:"name,omitempty"`
+	// Type - Resource type
+	Type *string `json:"type,omitempty"`
+	// Location - Resource location
+	Location *string `json:"location,omitempty"`
+	// Tags - Resource tags
+	Tags                        *map[string]*string `json:"tags,omitempty"`
+	*ContainerServiceProperties `json:"properties,omitempty"`
+}
+
+// ContainerServiceAgentPoolProfile profile for the container service agent pool.
+type ContainerServiceAgentPoolProfile struct {
+	// Name - Unique name of the agent pool profile in the context of the subscription and resource group.
+	Name *string `json:"name,omitempty"`
+	// Count - Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.
+	Count *int32 `json:"count,omitempty"`
+	// VMSize - Size of agent VMs. Possible values include: 'StandardA0', 'StandardA1', 'StandardA2', 'StandardA3', 'StandardA4', 'StandardA5', 'StandardA6', 'StandardA7', 'StandardA8', 'StandardA9', 'StandardA10', 'StandardA11', 'StandardD1', 'StandardD2', 'StandardD3', 'StandardD4', 'StandardD11', 'StandardD12', 'StandardD13', 'StandardD14', 'StandardD1V2', 'StandardD2V2', 'StandardD3V2', 'StandardD4V2', 'StandardD5V2', 'StandardD11V2', 'StandardD12V2', 'StandardD13V2', 'StandardD14V2', 'StandardG1', 'StandardG2', 'StandardG3', 'StandardG4', 'StandardG5', 'StandardDS1', 'StandardDS2', 'StandardDS3', 'StandardDS4', 'StandardDS11', 'StandardDS12', 'StandardDS13', 'StandardDS14', 'StandardGS1', 'StandardGS2', 'StandardGS3', 'StandardGS4', 'StandardGS5'
+	VMSize ContainerServiceVMSizeTypes `json:"vmSize,omitempty"`
+	// DNSPrefix - DNS prefix to be used to create the FQDN for the agent pool.
+	DNSPrefix *string `json:"dnsPrefix,omitempty"`
+	// Fqdn - FDQN for the agent pool.
+	Fqdn *string `json:"fqdn,omitempty"`
+}
+
+// ContainerServiceCustomProfile properties to configure a custom container service cluster.
+type ContainerServiceCustomProfile struct {
+	// Orchestrator - The name of the custom orchestrator to use.
+	Orchestrator *string `json:"orchestrator,omitempty"`
+}
+
+// ContainerServiceDiagnosticsProfile ...
+type ContainerServiceDiagnosticsProfile struct {
+	// VMDiagnostics - Profile for the container service VM diagnostic agent.
+	VMDiagnostics *ContainerServiceVMDiagnostics `json:"vmDiagnostics,omitempty"`
+}
+
+// ContainerServiceLinuxProfile profile for Linux VMs in the container service cluster.
+type ContainerServiceLinuxProfile struct {
+	// AdminUsername - The administrator username to use for Linux VMs.
+	AdminUsername *string `json:"adminUsername,omitempty"`
+	// SSH - The ssh key configuration for Linux VMs.
+	SSH *ContainerServiceSSHConfiguration `json:"ssh,omitempty"`
+}
+
+// ContainerServiceListResult the response from the List Container Services operation.
+type ContainerServiceListResult struct {
+	autorest.Response `json:"-"`
+	// Value - the list of container services.
+	Value *[]ContainerService `json:"value,omitempty"`
+	// NextLink - The URL to get the next set of container service results.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// ContainerServiceListResultIterator provides access to a complete listing of ContainerService values.
+type ContainerServiceListResultIterator struct {
+	i    int
+	page ContainerServiceListResultPage
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *ContainerServiceListResultIterator) Next() error {
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err := iter.page.Next()
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter ContainerServiceListResultIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter ContainerServiceListResultIterator) Response() ContainerServiceListResult {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter ContainerServiceListResultIterator) Value() ContainerService {
+	if !iter.page.NotDone() {
+		return ContainerService{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (cslr ContainerServiceListResult) IsEmpty() bool {
+	return cslr.Value == nil || len(*cslr.Value) == 0
+}
+
+// containerServiceListResultPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (cslr ContainerServiceListResult) containerServiceListResultPreparer() (*http.Request, error) {
+	if cslr.NextLink == nil || len(to.String(cslr.NextLink)) < 1 {
+		return nil, nil
+	}
+	return autorest.Prepare(&http.Request{},
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(cslr.NextLink)))
+}
+
+// ContainerServiceListResultPage contains a page of ContainerService values.
+type ContainerServiceListResultPage struct {
+	fn   func(ContainerServiceListResult) (ContainerServiceListResult, error)
+	cslr ContainerServiceListResult
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *ContainerServiceListResultPage) Next() error {
+	next, err := page.fn(page.cslr)
+	if err != nil {
+		return err
+	}
+	page.cslr = next
+	return nil
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page ContainerServiceListResultPage) NotDone() bool {
+	return !page.cslr.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page ContainerServiceListResultPage) Response() ContainerServiceListResult {
+	return page.cslr
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page ContainerServiceListResultPage) Values() []ContainerService {
+	if page.cslr.IsEmpty() {
+		return nil
+	}
+	return *page.cslr.Value
+}
+
+// ContainerServiceMasterProfile profile for the container service master.
+type ContainerServiceMasterProfile struct {
+	// Count - Number of masters (VMs) in the container service cluster. Allowed values are 1, 3, and 5. The default value is 1.
+	Count *int32 `json:"count,omitempty"`
+	// DNSPrefix - DNS prefix to be used to create the FQDN for master.
+	DNSPrefix *string `json:"dnsPrefix,omitempty"`
+	// Fqdn - FDQN for the master.
+	Fqdn *string `json:"fqdn,omitempty"`
+}
+
+// ContainerServiceOrchestratorProfile profile for the container service orchestrator.
+type ContainerServiceOrchestratorProfile struct {
+	// OrchestratorType - The orchestrator to use to manage container service cluster resources. Valid values are Swarm, DCOS, and Custom. Possible values include: 'Swarm', 'DCOS', 'Custom', 'Kubernetes'
+	OrchestratorType ContainerServiceOrchestratorTypes `json:"orchestratorType,omitempty"`
+}
+
+// ContainerServiceProperties properties of the container service.
+type ContainerServiceProperties struct {
+	// ProvisioningState - the current deployment or provisioning state, which only appears in the response.
+	ProvisioningState *string `json:"provisioningState,omitempty"`
+	// OrchestratorProfile - Properties of the orchestrator.
+	OrchestratorProfile *ContainerServiceOrchestratorProfile `json:"orchestratorProfile,omitempty"`
+	// CustomProfile - Properties for custom clusters.
+	CustomProfile *ContainerServiceCustomProfile `json:"customProfile,omitempty"`
+	// ServicePrincipalProfile - Properties for cluster service principals.
+	ServicePrincipalProfile *ContainerServiceServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
+	// MasterProfile - Properties of master agents.
+	MasterProfile *ContainerServiceMasterProfile `json:"masterProfile,omitempty"`
+	// AgentPoolProfiles - Properties of the agent pool.
+	AgentPoolProfiles *[]ContainerServiceAgentPoolProfile `json:"agentPoolProfiles,omitempty"`
+	// WindowsProfile - Properties of Windows VMs.
+	WindowsProfile *ContainerServiceWindowsProfile `json:"windowsProfile,omitempty"`
+	// LinuxProfile - Properties of Linux VMs.
+	LinuxProfile *ContainerServiceLinuxProfile `json:"linuxProfile,omitempty"`
+	// DiagnosticsProfile - Properties of the diagnostic agent.
+	DiagnosticsProfile *ContainerServiceDiagnosticsProfile `json:"diagnosticsProfile,omitempty"`
+}
+
+// ContainerServicesCreateOrUpdateFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type ContainerServicesCreateOrUpdateFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future ContainerServicesCreateOrUpdateFuture) Result(client ContainerServicesClient) (cs ContainerService, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return cs, autorest.NewError("compute.ContainerServicesCreateOrUpdateFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		cs, err = client.CreateOrUpdateResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	cs, err = client.CreateOrUpdateResponder(resp)
+	return
+}
+
+// ContainerServicesDeleteFuture an abstraction for monitoring and retrieving the results of a long-running operation.
+type ContainerServicesDeleteFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future ContainerServicesDeleteFuture) Result(client ContainerServicesClient) (ar autorest.Response, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return ar, autorest.NewError("compute.ContainerServicesDeleteFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		ar, err = client.DeleteResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	ar, err = client.DeleteResponder(resp)
+	return
+}
+
+// ContainerServiceServicePrincipalProfile information about a service principal identity for the cluster to use for
+// manipulating Azure APIs.
+type ContainerServiceServicePrincipalProfile struct {
+	// ClientID - The ID for the service principal.
+	ClientID *string `json:"clientId,omitempty"`
+	// Secret - The secret password associated with the service principal.
+	Secret *string `json:"secret,omitempty"`
+}
+
+// ContainerServiceSSHConfiguration SSH configuration for Linux-based VMs running on Azure.
+type ContainerServiceSSHConfiguration struct {
+	// PublicKeys - the list of SSH public keys used to authenticate with Linux-based VMs.
+	PublicKeys *[]ContainerServiceSSHPublicKey `json:"publicKeys,omitempty"`
+}
+
+// ContainerServiceSSHPublicKey contains information about SSH certificate public key data.
+type ContainerServiceSSHPublicKey struct {
+	// KeyData - Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.
+	KeyData *string `json:"keyData,omitempty"`
+}
+
+// ContainerServiceVMDiagnostics profile for diagnostics on the container service VMs.
+type ContainerServiceVMDiagnostics struct {
+	// Enabled - Whether the VM diagnostic agent is provisioned on the VM.
+	Enabled *bool `json:"enabled,omitempty"`
+	// StorageURI - The URI of the storage account where diagnostics are stored.
+	StorageURI *string `json:"storageUri,omitempty"`
+}
+
+// ContainerServiceWindowsProfile profile for Windows VMs in the container service cluster.
+type ContainerServiceWindowsProfile struct {
+	// AdminUsername - The administrator username to use for Windows VMs.
+	AdminUsername *string `json:"adminUsername,omitempty"`
+	// AdminPassword - The administrator password to use for Windows VMs.
+	AdminPassword *string `json:"adminPassword,omitempty"`
+}
+
+// CreationData data used when creating a disk.
+type CreationData struct {
+	// CreateOption - This enumerates the possible sources of a disk's creation. Possible values include: 'Empty', 'Attach', 'FromImage', 'Import', 'Copy'
+	CreateOption DiskCreateOption `json:"createOption,omitempty"`
+	// StorageAccountID - If createOption is Import, the Azure Resource Manager identifier of the storage account containing the blob to import as a disk. Required only if the blob is in a different subscription
+	StorageAccountID *string `json:"storageAccountId,omitempty"`
+	// ImageReference - Disk source information.
+	ImageReference *ImageDiskReference `json:"imageReference,omitempty"`
+	// SourceURI - If createOption is Import, this is the URI of a blob to be imported into a managed disk.
+	SourceURI *string `json:"sourceUri,omitempty"`
+	// SourceResourceID - If createOption is Copy, this is the ARM id of the source snapshot or disk.
+	SourceResourceID *string `json:"sourceResourceId,omitempty"`
+}
+
+// DataDisk describes a data disk.
+type DataDisk struct {
+	// Lun - Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM.
+	Lun *int32 `json:"lun,omitempty"`
+	// Name - The disk name.
+	Name *string `json:"name,omitempty"`
+	// Vhd - The virtual hard disk.
+	Vhd *VirtualHardDisk `json:"vhd,omitempty"`
+	// Image - The source user image virtual hard disk. The virtual hard disk will be copied before being attached to the virtual machine. If SourceImage is provided, the destination virtual hard drive must not exist.
+	Image *VirtualHardDisk `json:"image,omitempty"`
+	// Caching - Specifies the caching requirements. <br><br> Possible values are: <br><br> **None** <br><br> **ReadOnly** <br><br> **ReadWrite** <br><br> Default: **None for Standard storage. ReadOnly for Premium storage**. Possible values include: 'CachingTypesNone', 'CachingTypesReadOnly', 'CachingTypesReadWrite'
+	Caching CachingTypes `json:"caching,omitempty"`
+	// WriteAcceleratorEnabled - Specifies whether writeAccelerator should be enabled or disabled on the disk.
+	WriteAcceleratorEnabled *bool `json:"writeAcceleratorEnabled,omitempty"`
+	// CreateOption - Specifies how the virtual machine should be created.<br><br> Possible values are:<br><br> **Attach** \u2013 This value is used when you are using a specialized disk to create the virtual machine.<br><br> **FromImage** \u2013 This value is used when you are using an image to create the virtual machine. If you are using a platform image, you also use the imageReference element described above. If you are using a marketplace image, you  also use the plan element previously described. Possible values include: 'DiskCreateOptionTypesFromImage', 'DiskCreateOptionTypesEmpty', 'DiskCreateOptionTypesAttach'
+	CreateOption DiskCreateOptionTypes `json:"createOption,omitempty"`
+	// DiskSizeGB - Specifies the size of an empty data disk in gigabytes. This element can be used to overwrite the name of the disk in a virtual machine image. <br><br> This value cannot be larger than 1023 GB
+	DiskSizeGB *int32 `json:"diskSizeGB,omitempty"`
+	// ManagedDisk - The managed disk parameters.
+	ManagedDisk *ManagedDiskParameters `json:"managedDisk,omitempty"`
+}
+
+// DataDiskImage contains the data disk images information.
+type DataDiskImage struct {
+	// Lun - Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM.
+	Lun *int32 `json:"lun,omitempty"`
+}
+
+// DiagnosticsProfile specifies the boot diagnostic settings state. <br><br>Minimum api-version: 2015-06-15.
+type DiagnosticsProfile struct {
+	// BootDiagnostics - Boot Diagnostics is a debugging feature which allows you to view Console Output and Screenshot to diagnose VM status. <br><br> For Linux Virtual Machines, you can easily view the output of your console log. <br><br> For both Windows and Linux virtual machines, Azure also enables you to see a screenshot of the VM from the hypervisor.
+	BootDiagnostics *BootDiagnostics `json:"bootDiagnostics,omitempty"`
+}
+
+// Disk disk resource.
+type Disk struct {
+	autorest.Response `json:"-"`
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Name - Resource name
+	Name *string `json:"name,omitempty"`
+	// Type - Resource type
+	Type *string `json:"type,omitempty"`
+	// Location - Resource location
+	Location *string `json:"location,omitempty"`
+	// Tags - Resource tags
+	Tags *map[string]*string `json:"tags,omitempty"`
+	// ManagedBy - A relative URI containing the ID of the VM that has the disk attached.
+	ManagedBy *string  `json:"managedBy,omitempty"`
+	Sku       *DiskSku `json:"sku,omitempty"`
+	// Zones - The Logical zone list for Disk.
+	Zones           *[]string `json:"zones,omitempty"`
+	*DiskProperties `json:"properties,omitempty"`
+}
+
+// DiskEncryptionSettings describes a Encryption Settings for a Disk
+type DiskEncryptionSettings struct {
+	// DiskEncryptionKey - Specifies the location of the disk encryption key, which is a Key Vault Secret.
+	DiskEncryptionKey *KeyVaultSecretReference `json:"diskEncryptionKey,omitempty"`
+	// KeyEncryptionKey - Specifies the location of the key encryption key in Key Vault.
+	KeyEncryptionKey *KeyVaultKeyReference `json:"keyEncryptionKey,omitempty"`
+	// Enabled - Specifies whether disk encryption should be enabled on the virtual machine.
+	Enabled *bool `json:"enabled,omitempty"`
+}
+
+// DiskInstanceView the instance view of the disk.
+type DiskInstanceView struct {
+	// Name - The disk name.
+	Name *string `json:"name,omitempty"`
+	// EncryptionSettings - Specifies the encryption settings for the OS Disk. <br><br> Minimum api-version: 2015-06-15
+	EncryptionSettings *[]DiskEncryptionSettings `json:"encryptionSettings,omitempty"`
+	// Statuses - The resource status information.
+	Statuses *[]InstanceViewStatus `json:"statuses,omitempty"`
+}
+
+// DiskList the List Disks operation response.
+type DiskList struct {
+	autorest.Response `json:"-"`
+	// Value - A list of disks.
+	Value *[]Disk `json:"value,omitempty"`
+	// NextLink - The uri to fetch the next page of disks. Call ListNext() with this to fetch the next page of disks.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// DiskListIterator provides access to a complete listing of Disk values.
+type DiskListIterator struct {
+	i    int
+	page DiskListPage
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *DiskListIterator) Next() error {
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err := iter.page.Next()
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter DiskListIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter DiskListIterator) Response() DiskList {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter DiskListIterator) Value() Disk {
+	if !iter.page.NotDone() {
+		return Disk{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (dl DiskList) IsEmpty() bool {
+	return dl.Value == nil || len(*dl.Value) == 0
+}
+
+// diskListPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (dl DiskList) diskListPreparer() (*http.Request, error) {
+	if dl.NextLink == nil || len(to.String(dl.NextLink)) < 1 {
+		return nil, nil
+	}
+	return autorest.Prepare(&http.Request{},
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(dl.NextLink)))
+}
+
+// DiskListPage contains a page of Disk values.
+type DiskListPage struct {
+	fn func(DiskList) (DiskList, error)
+	dl DiskList
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *DiskListPage) Next() error {
+	next, err := page.fn(page.dl)
+	if err != nil {
+		return err
+	}
+	page.dl = next
+	return nil
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page DiskListPage) NotDone() bool {
+	return !page.dl.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page DiskListPage) Response() DiskList {
+	return page.dl
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page DiskListPage) Values() []Disk {
+	if page.dl.IsEmpty() {
+		return nil
+	}
+	return *page.dl.Value
+}
+
+// DiskProperties disk resource properties.
+type DiskProperties struct {
+	// TimeCreated - The time when the disk was created.
+	TimeCreated *date.Time `json:"timeCreated,omitempty"`
+	// OsType - The Operating System type. Possible values include: 'Windows', 'Linux'
+	OsType OperatingSystemTypes `json:"osType,omitempty"`
+	// CreationData - Disk source information. CreationData information cannot be changed after the disk has been created.
+	CreationData *CreationData `json:"creationData,omitempty"`
+	// DiskSizeGB - If creationData.createOption is Empty, this field is mandatory and it indicates the size of the VHD to create. If this field is present for updates or creation with other options, it indicates a resize. Resizes are only allowed if the disk is not attached to a running VM, and can only increase the disk's size.
+	DiskSizeGB *int32 `json:"diskSizeGB,omitempty"`
+	// EncryptionSettings - Encryption settings for disk or snapshot
+	EncryptionSettings *EncryptionSettings `json:"encryptionSettings,omitempty"`
+	// ProvisioningState - The disk provisioning state.
+	ProvisioningState *string `json:"provisioningState,omitempty"`
+}
+
+// DisksCreateOrUpdateFuture an abstraction for monitoring and retrieving the results of a long-running operation.
+type DisksCreateOrUpdateFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future DisksCreateOrUpdateFuture) Result(client DisksClient) (d Disk, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return d, autorest.NewError("compute.DisksCreateOrUpdateFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		d, err = client.CreateOrUpdateResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	d, err = client.CreateOrUpdateResponder(resp)
+	return
+}
+
+// DisksDeleteFuture an abstraction for monitoring and retrieving the results of a long-running operation.
+type DisksDeleteFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future DisksDeleteFuture) Result(client DisksClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.DisksDeleteFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.DeleteResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.DeleteResponder(resp)
+	return
+}
+
+// DisksGrantAccessFuture an abstraction for monitoring and retrieving the results of a long-running operation.
+type DisksGrantAccessFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future DisksGrantAccessFuture) Result(client DisksClient) (au AccessURI, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return au, autorest.NewError("compute.DisksGrantAccessFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		au, err = client.GrantAccessResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	au, err = client.GrantAccessResponder(resp)
+	return
+}
+
+// DiskSku the disks and snapshots sku name. Can be Standard_LRS or Premium_LRS.
+type DiskSku struct {
+	// Name - The sku name. Possible values include: 'StandardLRS', 'PremiumLRS'
+	Name StorageAccountTypes `json:"name,omitempty"`
+	// Tier - The sku tier.
+	Tier *string `json:"tier,omitempty"`
+}
+
+// DisksRevokeAccessFuture an abstraction for monitoring and retrieving the results of a long-running operation.
+type DisksRevokeAccessFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future DisksRevokeAccessFuture) Result(client DisksClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.DisksRevokeAccessFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.RevokeAccessResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.RevokeAccessResponder(resp)
+	return
+}
+
+// DisksUpdateFuture an abstraction for monitoring and retrieving the results of a long-running operation.
+type DisksUpdateFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future DisksUpdateFuture) Result(client DisksClient) (d Disk, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return d, autorest.NewError("compute.DisksUpdateFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		d, err = client.UpdateResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	d, err = client.UpdateResponder(resp)
+	return
+}
+
+// DiskUpdate disk update resource.
+type DiskUpdate struct {
+	// Tags - Resource tags
+	Tags                  *map[string]*string `json:"tags,omitempty"`
+	Sku                   *DiskSku            `json:"sku,omitempty"`
+	*DiskUpdateProperties `json:"properties,omitempty"`
+}
+
+// DiskUpdateProperties disk resource update properties.
+type DiskUpdateProperties struct {
+	// OsType - the Operating System type. Possible values include: 'Windows', 'Linux'
+	OsType OperatingSystemTypes `json:"osType,omitempty"`
+	// DiskSizeGB - If creationData.createOption is Empty, this field is mandatory and it indicates the size of the VHD to create. If this field is present for updates or creation with other options, it indicates a resize. Resizes are only allowed if the disk is not attached to a running VM, and can only increase the disk's size.
+	DiskSizeGB *int32 `json:"diskSizeGB,omitempty"`
+	// EncryptionSettings - Encryption settings for disk or snapshot
+	EncryptionSettings *EncryptionSettings `json:"encryptionSettings,omitempty"`
+}
+
+// EncryptionSettings encryption settings for disk or snapshot
+type EncryptionSettings struct {
+	// Enabled - Set this flag to true and provide DiskEncryptionKey and optional KeyEncryptionKey to enable encryption. Set this flag to false and remove DiskEncryptionKey and KeyEncryptionKey to disable encryption. If EncryptionSettings is null in the request object, the existing settings remain unchanged.
+	Enabled *bool `json:"enabled,omitempty"`
+	// DiskEncryptionKey - Key Vault Secret Url and vault id of the disk encryption key
+	DiskEncryptionKey *KeyVaultAndSecretReference `json:"diskEncryptionKey,omitempty"`
+	// KeyEncryptionKey - Key Vault Key Url and vault id of the key encryption key
+	KeyEncryptionKey *KeyVaultAndKeyReference `json:"keyEncryptionKey,omitempty"`
+}
+
+// GrantAccessData data used for requesting a SAS.
+type GrantAccessData struct {
+	// Access - Possible values include: 'None', 'Read'
+	Access AccessLevel `json:"access,omitempty"`
+	// DurationInSeconds - Time duration in seconds until the SAS access expires.
+	DurationInSeconds *int32 `json:"durationInSeconds,omitempty"`
+}
+
+// HardwareProfile specifies the hardware settings for the virtual machine.
+type HardwareProfile struct {
+	// VMSize - Specifies the size of the virtual machine. For more information about virtual machine sizes, see [Sizes for virtual machines](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-windows-sizes?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json). <br><br> The available VM sizes depend on region and availability set. For a list of available sizes use these APIs:  <br><br> [List all available virtual machine sizes in an availability set](virtualmachines-list-sizes-availability-set.md) <br><br> [List all available virtual machine sizes in a region](virtualmachines-list-sizes-region.md) <br><br> [List all available virtual machine sizes for resizing](virtualmachines-list-sizes-for-resizing.md). Possible values include: 'VirtualMachineSizeTypesBasicA0', 'VirtualMachineSizeTypesBasicA1', 'VirtualMachineSizeTypesBasicA2', 'VirtualMachineSizeTypesBasicA3', 'VirtualMachineSizeTypesBasicA4', 'VirtualMachineSizeTypesStandardA0', 'VirtualMachineSizeTypesStandardA1', 'VirtualMachineSizeTypesStandardA2', 'VirtualMachineSizeTypesStandardA3', 'VirtualMachineSizeTypesStandardA4', 'VirtualMachineSizeTypesStandardA5', 'VirtualMachineSizeTypesStandardA6', 'VirtualMachineSizeTypesStandardA7', 'VirtualMachineSizeTypesStandardA8', 'VirtualMachineSizeTypesStandardA9', 'VirtualMachineSizeTypesStandardA10', 'VirtualMachineSizeTypesStandardA11', 'VirtualMachineSizeTypesStandardA1V2', 'VirtualMachineSizeTypesStandardA2V2', 'VirtualMachineSizeTypesStandardA4V2', 'VirtualMachineSizeTypesStandardA8V2', 'VirtualMachineSizeTypesStandardA2mV2', 'VirtualMachineSizeTypesStandardA4mV2', 'VirtualMachineSizeTypesStandardA8mV2', 'VirtualMachineSizeTypesStandardB1s', 'VirtualMachineSizeTypesStandardB1ms', 'VirtualMachineSizeTypesStandardB2s', 'VirtualMachineSizeTypesStandardB2ms', 'VirtualMachineSizeTypesStandardB4ms', 'VirtualMachineSizeTypesStandardB8ms', 'VirtualMachineSizeTypesStandardD1', 'VirtualMachineSizeTypesStandardD2', 'VirtualMachineSizeTypesStandardD3', 'VirtualMachineSizeTypesStandardD4', 'VirtualMachineSizeTypesStandardD11', 'VirtualMachineSizeTypesStandardD12', 'VirtualMachineSizeTypesStandardD13', 'VirtualMachineSizeTypesStandardD14', 'VirtualMachineSizeTypesStandardD1V2', 'VirtualMachineSizeTypesStandardD2V2', 'VirtualMachineSizeTypesStandardD3V2', 'VirtualMachineSizeTypesStandardD4V2', 'VirtualMachineSizeTypesStandardD5V2', 'VirtualMachineSizeTypesStandardD2V3', 'VirtualMachineSizeTypesStandardD4V3', 'VirtualMachineSizeTypesStandardD8V3', 'VirtualMachineSizeTypesStandardD16V3', 'VirtualMachineSizeTypesStandardD32V3', 'VirtualMachineSizeTypesStandardD64V3', 'VirtualMachineSizeTypesStandardD2sV3', 'VirtualMachineSizeTypesStandardD4sV3', 'VirtualMachineSizeTypesStandardD8sV3', 'VirtualMachineSizeTypesStandardD16sV3', 'VirtualMachineSizeTypesStandardD32sV3', 'VirtualMachineSizeTypesStandardD64sV3', 'VirtualMachineSizeTypesStandardD11V2', 'VirtualMachineSizeTypesStandardD12V2', 'VirtualMachineSizeTypesStandardD13V2', 'VirtualMachineSizeTypesStandardD14V2', 'VirtualMachineSizeTypesStandardD15V2', 'VirtualMachineSizeTypesStandardDS1', 'VirtualMachineSizeTypesStandardDS2', 'VirtualMachineSizeTypesStandardDS3', 'VirtualMachineSizeTypesStandardDS4', 'VirtualMachineSizeTypesStandardDS11', 'VirtualMachineSizeTypesStandardDS12', 'VirtualMachineSizeTypesStandardDS13', 'VirtualMachineSizeTypesStandardDS14', 'VirtualMachineSizeTypesStandardDS1V2', 'VirtualMachineSizeTypesStandardDS2V2', 'VirtualMachineSizeTypesStandardDS3V2', 'VirtualMachineSizeTypesStandardDS4V2', 'VirtualMachineSizeTypesStandardDS5V2', 'VirtualMachineSizeTypesStandardDS11V2', 'VirtualMachineSizeTypesStandardDS12V2', 'VirtualMachineSizeTypesStandardDS13V2', 'VirtualMachineSizeTypesStandardDS14V2', 'VirtualMachineSizeTypesStandardDS15V2', 'VirtualMachineSizeTypesStandardDS134V2', 'VirtualMachineSizeTypesStandardDS132V2', 'VirtualMachineSizeTypesStandardDS148V2', 'VirtualMachineSizeTypesStandardDS144V2', 'VirtualMachineSizeTypesStandardE2V3', 'VirtualMachineSizeTypesStandardE4V3', 'VirtualMachineSizeTypesStandardE8V3', 'VirtualMachineSizeTypesStandardE16V3', 'VirtualMachineSizeTypesStandardE32V3', 'VirtualMachineSizeTypesStandardE64V3', 'VirtualMachineSizeTypesStandardE2sV3', 'VirtualMachineSizeTypesStandardE4sV3', 'VirtualMachineSizeTypesStandardE8sV3', 'VirtualMachineSizeTypesStandardE16sV3', 'VirtualMachineSizeTypesStandardE32sV3', 'VirtualMachineSizeTypesStandardE64sV3', 'VirtualMachineSizeTypesStandardE3216V3', 'VirtualMachineSizeTypesStandardE328sV3', 'VirtualMachineSizeTypesStandardE6432sV3', 'VirtualMachineSizeTypesStandardE6416sV3', 'VirtualMachineSizeTypesStandardF1', 'VirtualMachineSizeTypesStandardF2', 'VirtualMachineSizeTypesStandardF4', 'VirtualMachineSizeTypesStandardF8', 'VirtualMachineSizeTypesStandardF16', 'VirtualMachineSizeTypesStandardF1s', 'VirtualMachineSizeTypesStandardF2s', 'VirtualMachineSizeTypesStandardF4s', 'VirtualMachineSizeTypesStandardF8s', 'VirtualMachineSizeTypesStandardF16s', 'VirtualMachineSizeTypesStandardF2sV2', 'VirtualMachineSizeTypesStandardF4sV2', 'VirtualMachineSizeTypesStandardF8sV2', 'VirtualMachineSizeTypesStandardF16sV2', 'VirtualMachineSizeTypesStandardF32sV2', 'VirtualMachineSizeTypesStandardF64sV2', 'VirtualMachineSizeTypesStandardF72sV2', 'VirtualMachineSizeTypesStandardG1', 'VirtualMachineSizeTypesStandardG2', 'VirtualMachineSizeTypesStandardG3', 'VirtualMachineSizeTypesStandardG4', 'VirtualMachineSizeTypesStandardG5', 'VirtualMachineSizeTypesStandardGS1', 'VirtualMachineSizeTypesStandardGS2', 'VirtualMachineSizeTypesStandardGS3', 'VirtualMachineSizeTypesStandardGS4', 'VirtualMachineSizeTypesStandardGS5', 'VirtualMachineSizeTypesStandardGS48', 'VirtualMachineSizeTypesStandardGS44', 'VirtualMachineSizeTypesStandardGS516', 'VirtualMachineSizeTypesStandardGS58', 'VirtualMachineSizeTypesStandardH8', 'VirtualMachineSizeTypesStandardH16', 'VirtualMachineSizeTypesStandardH8m', 'VirtualMachineSizeTypesStandardH16m', 'VirtualMachineSizeTypesStandardH16r', 'VirtualMachineSizeTypesStandardH16mr', 'VirtualMachineSizeTypesStandardL4s', 'VirtualMachineSizeTypesStandardL8s', 'VirtualMachineSizeTypesStandardL16s', 'VirtualMachineSizeTypesStandardL32s', 'VirtualMachineSizeTypesStandardM64s', 'VirtualMachineSizeTypesStandardM64ms', 'VirtualMachineSizeTypesStandardM128s', 'VirtualMachineSizeTypesStandardM128ms', 'VirtualMachineSizeTypesStandardM6432ms', 'VirtualMachineSizeTypesStandardM6416ms', 'VirtualMachineSizeTypesStandardM12864ms', 'VirtualMachineSizeTypesStandardM12832ms', 'VirtualMachineSizeTypesStandardNC6', 'VirtualMachineSizeTypesStandardNC12', 'VirtualMachineSizeTypesStandardNC24', 'VirtualMachineSizeTypesStandardNC24r', 'VirtualMachineSizeTypesStandardNC6sV2', 'VirtualMachineSizeTypesStandardNC12sV2', 'VirtualMachineSizeTypesStandardNC24sV2', 'VirtualMachineSizeTypesStandardNC24rsV2', 'VirtualMachineSizeTypesStandardNC6sV3', 'VirtualMachineSizeTypesStandardNC12sV3', 'VirtualMachineSizeTypesStandardNC24sV3', 'VirtualMachineSizeTypesStandardNC24rsV3', 'VirtualMachineSizeTypesStandardND6s', 'VirtualMachineSizeTypesStandardND12s', 'VirtualMachineSizeTypesStandardND24s', 'VirtualMachineSizeTypesStandardND24rs', 'VirtualMachineSizeTypesStandardNV6', 'VirtualMachineSizeTypesStandardNV12', 'VirtualMachineSizeTypesStandardNV24'
+	VMSize VirtualMachineSizeTypes `json:"vmSize,omitempty"`
+}
+
+// Image the source user image virtual hard disk. The virtual hard disk will be copied before being attached to the
+// virtual machine. If SourceImage is provided, the destination virtual hard drive must not exist.
+type Image struct {
+	autorest.Response `json:"-"`
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Name - Resource name
+	Name *string `json:"name,omitempty"`
+	// Type - Resource type
+	Type *string `json:"type,omitempty"`
+	// Location - Resource location
+	Location *string `json:"location,omitempty"`
+	// Tags - Resource tags
+	Tags             *map[string]*string `json:"tags,omitempty"`
+	*ImageProperties `json:"properties,omitempty"`
+}
+
+// ImageDataDisk describes a data disk.
+type ImageDataDisk struct {
+	// Lun - Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM.
+	Lun *int32 `json:"lun,omitempty"`
+	// Snapshot - The snapshot.
+	Snapshot *SubResource `json:"snapshot,omitempty"`
+	// ManagedDisk - The managedDisk.
+	ManagedDisk *SubResource `json:"managedDisk,omitempty"`
+	// BlobURI - The Virtual Hard Disk.
+	BlobURI *string `json:"blobUri,omitempty"`
+	// Caching - Specifies the caching requirements. <br><br> Possible values are: <br><br> **None** <br><br> **ReadOnly** <br><br> **ReadWrite** <br><br> Default: **None for Standard storage. ReadOnly for Premium storage**. Possible values include: 'CachingTypesNone', 'CachingTypesReadOnly', 'CachingTypesReadWrite'
+	Caching CachingTypes `json:"caching,omitempty"`
+	// DiskSizeGB - Specifies the size of empty data disks in gigabytes. This element can be used to overwrite the name of the disk in a virtual machine image. <br><br> This value cannot be larger than 1023 GB
+	DiskSizeGB *int32 `json:"diskSizeGB,omitempty"`
+	// StorageAccountType - Specifies the storage account type for the managed disk. Possible values are: Standard_LRS or Premium_LRS. Possible values include: 'StandardLRS', 'PremiumLRS'
+	StorageAccountType StorageAccountTypes `json:"storageAccountType,omitempty"`
+}
+
+// ImageDiskReference the source image used for creating the disk.
+type ImageDiskReference struct {
+	// ID - A relative uri containing either a Platform Imgage Repository or user image reference.
+	ID *string `json:"id,omitempty"`
+	// Lun - If the disk is created from an image's data disk, this is an index that indicates which of the data disks in the image to use. For OS disks, this field is null.
+	Lun *int32 `json:"lun,omitempty"`
+}
+
+// ImageListResult the List Image operation response.
+type ImageListResult struct {
+	autorest.Response `json:"-"`
+	// Value - The list of Images.
+	Value *[]Image `json:"value,omitempty"`
+	// NextLink - The uri to fetch the next page of Images. Call ListNext() with this to fetch the next page of Images.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// ImageListResultIterator provides access to a complete listing of Image values.
+type ImageListResultIterator struct {
+	i    int
+	page ImageListResultPage
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *ImageListResultIterator) Next() error {
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err := iter.page.Next()
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter ImageListResultIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter ImageListResultIterator) Response() ImageListResult {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter ImageListResultIterator) Value() Image {
+	if !iter.page.NotDone() {
+		return Image{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (ilr ImageListResult) IsEmpty() bool {
+	return ilr.Value == nil || len(*ilr.Value) == 0
+}
+
+// imageListResultPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (ilr ImageListResult) imageListResultPreparer() (*http.Request, error) {
+	if ilr.NextLink == nil || len(to.String(ilr.NextLink)) < 1 {
+		return nil, nil
+	}
+	return autorest.Prepare(&http.Request{},
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(ilr.NextLink)))
+}
+
+// ImageListResultPage contains a page of Image values.
+type ImageListResultPage struct {
+	fn  func(ImageListResult) (ImageListResult, error)
+	ilr ImageListResult
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *ImageListResultPage) Next() error {
+	next, err := page.fn(page.ilr)
+	if err != nil {
+		return err
+	}
+	page.ilr = next
+	return nil
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page ImageListResultPage) NotDone() bool {
+	return !page.ilr.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page ImageListResultPage) Response() ImageListResult {
+	return page.ilr
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page ImageListResultPage) Values() []Image {
+	if page.ilr.IsEmpty() {
+		return nil
+	}
+	return *page.ilr.Value
+}
+
+// ImageOSDisk describes an Operating System disk.
+type ImageOSDisk struct {
+	// OsType - This property allows you to specify the type of the OS that is included in the disk if creating a VM from a custom image. <br><br> Possible values are: <br><br> **Windows** <br><br> **Linux**. Possible values include: 'Windows', 'Linux'
+	OsType OperatingSystemTypes `json:"osType,omitempty"`
+	// OsState - The OS State. Possible values include: 'Generalized', 'Specialized'
+	OsState OperatingSystemStateTypes `json:"osState,omitempty"`
+	// Snapshot - The snapshot.
+	Snapshot *SubResource `json:"snapshot,omitempty"`
+	// ManagedDisk - The managedDisk.
+	ManagedDisk *SubResource `json:"managedDisk,omitempty"`
+	// BlobURI - The Virtual Hard Disk.
+	BlobURI *string `json:"blobUri,omitempty"`
+	// Caching - Specifies the caching requirements. <br><br> Possible values are: <br><br> **None** <br><br> **ReadOnly** <br><br> **ReadWrite** <br><br> Default: **None for Standard storage. ReadOnly for Premium storage**. Possible values include: 'CachingTypesNone', 'CachingTypesReadOnly', 'CachingTypesReadWrite'
+	Caching CachingTypes `json:"caching,omitempty"`
+	// DiskSizeGB - Specifies the size of empty data disks in gigabytes. This element can be used to overwrite the name of the disk in a virtual machine image. <br><br> This value cannot be larger than 1023 GB
+	DiskSizeGB *int32 `json:"diskSizeGB,omitempty"`
+	// StorageAccountType - Specifies the storage account type for the managed disk. Possible values are: Standard_LRS or Premium_LRS. Possible values include: 'StandardLRS', 'PremiumLRS'
+	StorageAccountType StorageAccountTypes `json:"storageAccountType,omitempty"`
+}
+
+// ImageProperties describes the properties of an Image.
+type ImageProperties struct {
+	// SourceVirtualMachine - The source virtual machine from which Image is created.
+	SourceVirtualMachine *SubResource `json:"sourceVirtualMachine,omitempty"`
+	// StorageProfile - Specifies the storage settings for the virtual machine disks.
+	StorageProfile *ImageStorageProfile `json:"storageProfile,omitempty"`
+	// ProvisioningState - The provisioning state.
+	ProvisioningState *string `json:"provisioningState,omitempty"`
+}
+
+// ImageReference specifies information about the image to use. You can specify information about platform images,
+// marketplace images, or virtual machine images. This element is required when you want to use a platform image,
+// marketplace image, or virtual machine image, but is not used in other creation operations.
+type ImageReference struct {
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Publisher - The image publisher.
+	Publisher *string `json:"publisher,omitempty"`
+	// Offer - Specifies the offer of the platform image or marketplace image used to create the virtual machine.
+	Offer *string `json:"offer,omitempty"`
+	// Sku - The image SKU.
+	Sku *string `json:"sku,omitempty"`
+	// Version - Specifies the version of the platform image or marketplace image used to create the virtual machine. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available.
+	Version *string `json:"version,omitempty"`
+}
+
+// ImagesCreateOrUpdateFuture an abstraction for monitoring and retrieving the results of a long-running operation.
+type ImagesCreateOrUpdateFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future ImagesCreateOrUpdateFuture) Result(client ImagesClient) (i Image, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return i, autorest.NewError("compute.ImagesCreateOrUpdateFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		i, err = client.CreateOrUpdateResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	i, err = client.CreateOrUpdateResponder(resp)
+	return
+}
+
+// ImagesDeleteFuture an abstraction for monitoring and retrieving the results of a long-running operation.
+type ImagesDeleteFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future ImagesDeleteFuture) Result(client ImagesClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.ImagesDeleteFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.DeleteResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.DeleteResponder(resp)
+	return
+}
+
+// ImageStorageProfile describes a storage profile.
+type ImageStorageProfile struct {
+	// OsDisk - Specifies information about the operating system disk used by the virtual machine. <br><br> For more information about disks, see [About disks and VHDs for Azure virtual machines](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-windows-about-disks-vhds?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json).
+	OsDisk *ImageOSDisk `json:"osDisk,omitempty"`
+	// DataDisks - Specifies the parameters that are used to add a data disk to a virtual machine. <br><br> For more information about disks, see [About disks and VHDs for Azure virtual machines](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-windows-about-disks-vhds?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json).
+	DataDisks *[]ImageDataDisk `json:"dataDisks,omitempty"`
+}
+
+// InnerError inner error details.
+type InnerError struct {
+	// Exceptiontype - The exception type.
+	Exceptiontype *string `json:"exceptiontype,omitempty"`
+	// Errordetail - The internal error message or exception dump.
+	Errordetail *string `json:"errordetail,omitempty"`
+}
+
+// InstanceViewStatus instance view status.
+type InstanceViewStatus struct {
+	// Code - The status code.
+	Code *string `json:"code,omitempty"`
+	// Level - The level code. Possible values include: 'Info', 'Warning', 'Error'
+	Level StatusLevelTypes `json:"level,omitempty"`
+	// DisplayStatus - The short localizable label for the status.
+	DisplayStatus *string `json:"displayStatus,omitempty"`
+	// Message - The detailed status message, including for alerts and error messages.
+	Message *string `json:"message,omitempty"`
+	// Time - The time of the status.
+	Time *date.Time `json:"time,omitempty"`
+}
+
+// KeyVaultAndKeyReference key Vault Key Url and vault id of KeK, KeK is optional and when provided is used to unwrap
+// the encryptionKey
+type KeyVaultAndKeyReference struct {
+	// SourceVault - Resource id of the KeyVault containing the key or secret
+	SourceVault *SourceVault `json:"sourceVault,omitempty"`
+	// KeyURL - Url pointing to a key or secret in KeyVault
+	KeyURL *string `json:"keyUrl,omitempty"`
+}
+
+// KeyVaultAndSecretReference key Vault Secret Url and vault id of the encryption key
+type KeyVaultAndSecretReference struct {
+	// SourceVault - Resource id of the KeyVault containing the key or secret
+	SourceVault *SourceVault `json:"sourceVault,omitempty"`
+	// SecretURL - Url pointing to a key or secret in KeyVault
+	SecretURL *string `json:"secretUrl,omitempty"`
+}
+
+// KeyVaultKeyReference describes a reference to Key Vault Key
+type KeyVaultKeyReference struct {
+	// KeyURL - The URL referencing a key encryption key in Key Vault.
+	KeyURL *string `json:"keyUrl,omitempty"`
+	// SourceVault - The relative URL of the Key Vault containing the key.
+	SourceVault *SubResource `json:"sourceVault,omitempty"`
+}
+
+// KeyVaultSecretReference describes a reference to Key Vault Secret
+type KeyVaultSecretReference struct {
+	// SecretURL - The URL referencing a secret in a Key Vault.
+	SecretURL *string `json:"secretUrl,omitempty"`
+	// SourceVault - The relative URL of the Key Vault containing the secret.
+	SourceVault *SubResource `json:"sourceVault,omitempty"`
+}
+
+// LinuxConfiguration specifies the Linux operating system settings on the virtual machine. <br><br>For a list of
+// supported Linux distributions, see [Linux on Azure-Endorsed
+// Distributions](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-linux-endorsed-distros?toc=%2fazure%2fvirtual-machines%2flinux%2ftoc.json)
+// <br><br> For running non-endorsed distributions, see [Information for Non-Endorsed
+// Distributions](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-linux-create-upload-generic?toc=%2fazure%2fvirtual-machines%2flinux%2ftoc.json).
+type LinuxConfiguration struct {
+	// DisablePasswordAuthentication - Specifies whether password authentication should be disabled.
+	DisablePasswordAuthentication *bool `json:"disablePasswordAuthentication,omitempty"`
+	// SSH - Specifies the ssh key configuration for a Linux OS.
+	SSH *SSHConfiguration `json:"ssh,omitempty"`
+}
+
+// ListUsagesResult the List Usages operation response.
+type ListUsagesResult struct {
+	autorest.Response `json:"-"`
+	// Value - The list of compute resource usages.
+	Value *[]Usage `json:"value,omitempty"`
+	// NextLink - The URI to fetch the next page of compute resource usage information. Call ListNext() with this to fetch the next page of compute resource usage information.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// ListUsagesResultIterator provides access to a complete listing of Usage values.
+type ListUsagesResultIterator struct {
+	i    int
+	page ListUsagesResultPage
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *ListUsagesResultIterator) Next() error {
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err := iter.page.Next()
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter ListUsagesResultIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter ListUsagesResultIterator) Response() ListUsagesResult {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter ListUsagesResultIterator) Value() Usage {
+	if !iter.page.NotDone() {
+		return Usage{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (lur ListUsagesResult) IsEmpty() bool {
+	return lur.Value == nil || len(*lur.Value) == 0
+}
+
+// listUsagesResultPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (lur ListUsagesResult) listUsagesResultPreparer() (*http.Request, error) {
+	if lur.NextLink == nil || len(to.String(lur.NextLink)) < 1 {
+		return nil, nil
+	}
+	return autorest.Prepare(&http.Request{},
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(lur.NextLink)))
+}
+
+// ListUsagesResultPage contains a page of Usage values.
+type ListUsagesResultPage struct {
+	fn  func(ListUsagesResult) (ListUsagesResult, error)
+	lur ListUsagesResult
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *ListUsagesResultPage) Next() error {
+	next, err := page.fn(page.lur)
+	if err != nil {
+		return err
+	}
+	page.lur = next
+	return nil
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page ListUsagesResultPage) NotDone() bool {
+	return !page.lur.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page ListUsagesResultPage) Response() ListUsagesResult {
+	return page.lur
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page ListUsagesResultPage) Values() []Usage {
+	if page.lur.IsEmpty() {
+		return nil
+	}
+	return *page.lur.Value
+}
+
+// ListVirtualMachineExtensionImage ...
+type ListVirtualMachineExtensionImage struct {
+	autorest.Response `json:"-"`
+	Value             *[]VirtualMachineExtensionImage `json:"value,omitempty"`
+}
+
+// ListVirtualMachineImageResource ...
+type ListVirtualMachineImageResource struct {
+	autorest.Response `json:"-"`
+	Value             *[]VirtualMachineImageResource `json:"value,omitempty"`
+}
+
+// LogAnalyticsExportRequestRateByIntervalFuture an abstraction for monitoring and retrieving the results of a
+// long-running operation.
+type LogAnalyticsExportRequestRateByIntervalFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future LogAnalyticsExportRequestRateByIntervalFuture) Result(client LogAnalyticsClient) (laor LogAnalyticsOperationResult, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return laor, autorest.NewError("compute.LogAnalyticsExportRequestRateByIntervalFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		laor, err = client.ExportRequestRateByIntervalResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	laor, err = client.ExportRequestRateByIntervalResponder(resp)
+	return
+}
+
+// LogAnalyticsExportThrottledRequestsFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type LogAnalyticsExportThrottledRequestsFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future LogAnalyticsExportThrottledRequestsFuture) Result(client LogAnalyticsClient) (laor LogAnalyticsOperationResult, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return laor, autorest.NewError("compute.LogAnalyticsExportThrottledRequestsFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		laor, err = client.ExportThrottledRequestsResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	laor, err = client.ExportThrottledRequestsResponder(resp)
+	return
+}
+
+// LogAnalyticsInputBase api input base class for LogAnalytics Api.
+type LogAnalyticsInputBase struct {
+	// BlobContainerSasURI - SAS Uri of the logging blob container to which LogAnalytics Api writes output logs to.
+	BlobContainerSasURI *string `json:"blobContainerSasUri,omitempty"`
+	// FromTime - From time of the query
+	FromTime *date.Time `json:"fromTime,omitempty"`
+	// ToTime - To time of the query
+	ToTime *date.Time `json:"toTime,omitempty"`
+	// GroupByThrottlePolicy - Group query result by Throttle Policy applied.
+	GroupByThrottlePolicy *bool `json:"groupByThrottlePolicy,omitempty"`
+	// GroupByOperationName - Group query result by  by Operation Name.
+	GroupByOperationName *bool `json:"groupByOperationName,omitempty"`
+	// GroupByResourceName - Group query result by Resource Name.
+	GroupByResourceName *bool `json:"groupByResourceName,omitempty"`
+}
+
+// LogAnalyticsOperationResult logAnalytics operation status response
+type LogAnalyticsOperationResult struct {
+	autorest.Response `json:"-"`
+	// Name - Operation ID
+	Name *string `json:"name,omitempty"`
+	// Status - Operation status
+	Status *string `json:"status,omitempty"`
+	// StartTime - Start time of the operation
+	StartTime *date.Time `json:"startTime,omitempty"`
+	// EndTime - End time of the operation
+	EndTime *date.Time `json:"endTime,omitempty"`
+	// Error - Api error
+	Error *APIError `json:"error,omitempty"`
+	// Properties - LogAnalyticsOutput
+	Properties *LogAnalyticsOutput `json:"properties,omitempty"`
+}
+
+// LogAnalyticsOutput logAnalytics output properties
+type LogAnalyticsOutput struct {
+	// Output - Output file Uri path to blob container.
+	Output *string `json:"output,omitempty"`
+}
+
+// LongRunningOperationProperties compute-specific operation properties, including output
+type LongRunningOperationProperties struct {
+	// Output - Operation output data (raw JSON)
+	Output *map[string]interface{} `json:"output,omitempty"`
+}
+
+// MaintenanceRedeployStatus maintenance Operation Status.
+type MaintenanceRedeployStatus struct {
+	// IsCustomerInitiatedMaintenanceAllowed - True, if customer is allowed to perform Maintenance.
+	IsCustomerInitiatedMaintenanceAllowed *bool `json:"isCustomerInitiatedMaintenanceAllowed,omitempty"`
+	// PreMaintenanceWindowStartTime - Start Time for the Pre Maintenance Window.
+	PreMaintenanceWindowStartTime *date.Time `json:"preMaintenanceWindowStartTime,omitempty"`
+	// PreMaintenanceWindowEndTime - End Time for the Pre Maintenance Window.
+	PreMaintenanceWindowEndTime *date.Time `json:"preMaintenanceWindowEndTime,omitempty"`
+	// MaintenanceWindowStartTime - Start Time for the Maintenance Window.
+	MaintenanceWindowStartTime *date.Time `json:"maintenanceWindowStartTime,omitempty"`
+	// MaintenanceWindowEndTime - End Time for the Maintenance Window.
+	MaintenanceWindowEndTime *date.Time `json:"maintenanceWindowEndTime,omitempty"`
+	// LastOperationResultCode - The Last Maintenance Operation Result Code. Possible values include: 'MaintenanceOperationResultCodeTypesNone', 'MaintenanceOperationResultCodeTypesRetryLater', 'MaintenanceOperationResultCodeTypesMaintenanceAborted', 'MaintenanceOperationResultCodeTypesMaintenanceCompleted'
+	LastOperationResultCode MaintenanceOperationResultCodeTypes `json:"lastOperationResultCode,omitempty"`
+	// LastOperationMessage - Message returned for the last Maintenance Operation.
+	LastOperationMessage *string `json:"lastOperationMessage,omitempty"`
+}
+
+// ManagedDiskParameters the parameters of a managed disk.
+type ManagedDiskParameters struct {
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// StorageAccountType - Specifies the storage account type for the managed disk. Possible values are: Standard_LRS or Premium_LRS. Possible values include: 'StandardLRS', 'PremiumLRS'
+	StorageAccountType StorageAccountTypes `json:"storageAccountType,omitempty"`
+}
+
+// NetworkInterfaceReference describes a network interface reference.
+type NetworkInterfaceReference struct {
+	// ID - Resource Id
+	ID                                   *string `json:"id,omitempty"`
+	*NetworkInterfaceReferenceProperties `json:"properties,omitempty"`
+}
+
+// NetworkInterfaceReferenceProperties describes a network interface reference properties.
+type NetworkInterfaceReferenceProperties struct {
+	// Primary - Specifies the primary network interface in case the virtual machine has more than 1 network interface.
+	Primary *bool `json:"primary,omitempty"`
+}
+
+// NetworkProfile specifies the network interfaces of the virtual machine.
+type NetworkProfile struct {
+	// NetworkInterfaces - Specifies the list of resource Ids for the network interfaces associated with the virtual machine.
+	NetworkInterfaces *[]NetworkInterfaceReference `json:"networkInterfaces,omitempty"`
+}
+
+// OperationStatusResponse operation status response
+type OperationStatusResponse struct {
+	autorest.Response `json:"-"`
+	// Name - Operation ID
+	Name *string `json:"name,omitempty"`
+	// Status - Operation status
+	Status *string `json:"status,omitempty"`
+	// StartTime - Start time of the operation
+	StartTime *date.Time `json:"startTime,omitempty"`
+	// EndTime - End time of the operation
+	EndTime *date.Time `json:"endTime,omitempty"`
+	// Error - Api error
+	Error *APIError `json:"error,omitempty"`
+}
+
+// OSDisk specifies information about the operating system disk used by the virtual machine. <br><br> For more
+// information about disks, see [About disks and VHDs for Azure virtual
+// machines](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-windows-about-disks-vhds?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json).
+type OSDisk struct {
+	// OsType - This property allows you to specify the type of the OS that is included in the disk if creating a VM from user-image or a specialized VHD. <br><br> Possible values are: <br><br> **Windows** <br><br> **Linux**. Possible values include: 'Windows', 'Linux'
+	OsType OperatingSystemTypes `json:"osType,omitempty"`
+	// EncryptionSettings - Specifies the encryption settings for the OS Disk. <br><br> Minimum api-version: 2015-06-15
+	EncryptionSettings *DiskEncryptionSettings `json:"encryptionSettings,omitempty"`
+	// Name - The disk name.
+	Name *string `json:"name,omitempty"`
+	// Vhd - The virtual hard disk.
+	Vhd *VirtualHardDisk `json:"vhd,omitempty"`
+	// Image - The source user image virtual hard disk. The virtual hard disk will be copied before being attached to the virtual machine. If SourceImage is provided, the destination virtual hard drive must not exist.
+	Image *VirtualHardDisk `json:"image,omitempty"`
+	// Caching - Specifies the caching requirements. <br><br> Possible values are: <br><br> **None** <br><br> **ReadOnly** <br><br> **ReadWrite** <br><br> Default: **None for Standard storage. ReadOnly for Premium storage**. Possible values include: 'CachingTypesNone', 'CachingTypesReadOnly', 'CachingTypesReadWrite'
+	Caching CachingTypes `json:"caching,omitempty"`
+	// WriteAcceleratorEnabled - Specifies whether writeAccelerator should be enabled or disabled on the disk.
+	WriteAcceleratorEnabled *bool `json:"writeAcceleratorEnabled,omitempty"`
+	// CreateOption - Specifies how the virtual machine should be created.<br><br> Possible values are:<br><br> **Attach** \u2013 This value is used when you are using a specialized disk to create the virtual machine.<br><br> **FromImage** \u2013 This value is used when you are using an image to create the virtual machine. If you are using a platform image, you also use the imageReference element described above. If you are using a marketplace image, you  also use the plan element previously described. Possible values include: 'DiskCreateOptionTypesFromImage', 'DiskCreateOptionTypesEmpty', 'DiskCreateOptionTypesAttach'
+	CreateOption DiskCreateOptionTypes `json:"createOption,omitempty"`
+	// DiskSizeGB - Specifies the size of an empty data disk in gigabytes. This element can be used to overwrite the name of the disk in a virtual machine image. <br><br> This value cannot be larger than 1023 GB
+	DiskSizeGB *int32 `json:"diskSizeGB,omitempty"`
+	// ManagedDisk - The managed disk parameters.
+	ManagedDisk *ManagedDiskParameters `json:"managedDisk,omitempty"`
+}
+
+// OSDiskImage contains the os disk image information.
+type OSDiskImage struct {
+	// OperatingSystem - The operating system of the osDiskImage. Possible values include: 'Windows', 'Linux'
+	OperatingSystem OperatingSystemTypes `json:"operatingSystem,omitempty"`
+}
+
+// OSProfile specifies the operating system settings for the virtual machine.
+type OSProfile struct {
+	// ComputerName - Specifies the host OS name of the virtual machine. <br><br> **Max-length (Windows):** 15 characters <br><br> **Max-length (Linux):** 64 characters. <br><br> For naming conventions and restrictions see [Azure infrastructure services implementation guidelines](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-linux-infrastructure-subscription-accounts-guidelines?toc=%2fazure%2fvirtual-machines%2flinux%2ftoc.json#1-naming-conventions).
+	ComputerName *string `json:"computerName,omitempty"`
+	// AdminUsername - Specifies the name of the administrator account. <br><br> **Windows-only restriction:** Cannot end in "." <br><br> **Disallowed values:** "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". <br><br> **Minimum-length (Linux):** 1  character <br><br> **Max-length (Linux):** 64 characters <br><br> **Max-length (Windows):** 20 characters  <br><br><li> For root access to the Linux VM, see [Using root privileges on Linux virtual machines in Azure](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-linux-use-root-privileges?toc=%2fazure%2fvirtual-machines%2flinux%2ftoc.json)<br><li> For a list of built-in system users on Linux that should not be used in this field, see [Selecting User Names for Linux on Azure](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-linux-usernames?toc=%2fazure%2fvirtual-machines%2flinux%2ftoc.json)
+	AdminUsername *string `json:"adminUsername,omitempty"`
+	// AdminPassword - Specifies the password of the administrator account. <br><br> **Minimum-length (Windows):** 8 characters <br><br> **Minimum-length (Linux):** 6 characters <br><br> **Max-length (Windows):** 123 characters <br><br> **Max-length (Linux):** 72 characters <br><br> **Complexity requirements:** 3 out of 4 conditions below need to be fulfilled <br> Has lower characters <br>Has upper characters <br> Has a digit <br> Has a special character (Regex match [\W_]) <br><br> **Disallowed values:** "abc@123", "P@$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!" <br><br> For resetting the password, see [How to reset the Remote Desktop service or its login password in a Windows VM](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-windows-reset-rdp?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json) <br><br> For resetting root password, see [Manage users, SSH, and check or repair disks on Azure Linux VMs using the VMAccess Extension](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-linux-using-vmaccess-extension?toc=%2fazure%2fvirtual-machines%2flinux%2ftoc.json#reset-root-password)
+	AdminPassword *string `json:"adminPassword,omitempty"`
+	// CustomData - Specifies a base-64 encoded string of custom data. The base-64 encoded string is decoded to a binary array that is saved as a file on the Virtual Machine. The maximum length of the binary array is 65535 bytes. <br><br> For using cloud-init for your VM, see [Using cloud-init to customize a Linux VM during creation](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-linux-using-cloud-init?toc=%2fazure%2fvirtual-machines%2flinux%2ftoc.json)
+	CustomData *string `json:"customData,omitempty"`
+	// WindowsConfiguration - Specifies Windows operating system settings on the virtual machine.
+	WindowsConfiguration *WindowsConfiguration `json:"windowsConfiguration,omitempty"`
+	// LinuxConfiguration - Specifies the Linux operating system settings on the virtual machine. <br><br>For a list of supported Linux distributions, see [Linux on Azure-Endorsed Distributions](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-linux-endorsed-distros?toc=%2fazure%2fvirtual-machines%2flinux%2ftoc.json) <br><br> For running non-endorsed distributions, see [Information for Non-Endorsed Distributions](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-linux-create-upload-generic?toc=%2fazure%2fvirtual-machines%2flinux%2ftoc.json).
+	LinuxConfiguration *LinuxConfiguration `json:"linuxConfiguration,omitempty"`
+	// Secrets - Specifies set of certificates that should be installed onto the virtual machine.
+	Secrets *[]VaultSecretGroup `json:"secrets,omitempty"`
+}
+
+// Plan specifies information about the marketplace image used to create the virtual machine. This element is only used
+// for marketplace images. Before you can use a marketplace image from an API, you must enable the image for
+// programmatic use.  In the Azure portal, find the marketplace image that you want to use and then click **Want to
+// deploy programmatically, Get Started ->**. Enter any required information and then click **Save**.
+type Plan struct {
+	// Name - The plan ID.
+	Name *string `json:"name,omitempty"`
+	// Publisher - The publisher ID.
+	Publisher *string `json:"publisher,omitempty"`
+	// Product - Specifies the product of the image from the marketplace. This is the same value as Offer under the imageReference element.
+	Product *string `json:"product,omitempty"`
+	// PromotionCode - The promotion code.
+	PromotionCode *string `json:"promotionCode,omitempty"`
+}
+
+// PurchasePlan used for establishing the purchase context of any 3rd Party artifact through MarketPlace.
+type PurchasePlan struct {
+	// Publisher - The publisher ID.
+	Publisher *string `json:"publisher,omitempty"`
+	// Name - The plan ID.
+	Name *string `json:"name,omitempty"`
+	// Product - Specifies the product of the image from the marketplace. This is the same value as Offer under the imageReference element.
+	Product *string `json:"product,omitempty"`
+}
+
+// RecoveryWalkResponse response after calling a manual recovery walk
+type RecoveryWalkResponse struct {
+	autorest.Response `json:"-"`
+	// WalkPerformed - Whether the recovery walk was performed
+	WalkPerformed *bool `json:"walkPerformed,omitempty"`
+	// NextPlatformUpdateDomain - The next update domain that needs to be walked. Null means walk spanning all update domains has been completed
+	NextPlatformUpdateDomain *int32 `json:"nextPlatformUpdateDomain,omitempty"`
+}
+
+// RequestRateByIntervalInput api request input for LogAnalytics getRequestRateByInterval Api.
+type RequestRateByIntervalInput struct {
+	// BlobContainerSasURI - SAS Uri of the logging blob container to which LogAnalytics Api writes output logs to.
+	BlobContainerSasURI *string `json:"blobContainerSasUri,omitempty"`
+	// FromTime - From time of the query
+	FromTime *date.Time `json:"fromTime,omitempty"`
+	// ToTime - To time of the query
+	ToTime *date.Time `json:"toTime,omitempty"`
+	// GroupByThrottlePolicy - Group query result by Throttle Policy applied.
+	GroupByThrottlePolicy *bool `json:"groupByThrottlePolicy,omitempty"`
+	// GroupByOperationName - Group query result by  by Operation Name.
+	GroupByOperationName *bool `json:"groupByOperationName,omitempty"`
+	// GroupByResourceName - Group query result by Resource Name.
+	GroupByResourceName *bool `json:"groupByResourceName,omitempty"`
+	// IntervalLength - Interval value in minutes used to create LogAnalytics call rate logs. Possible values include: 'ThreeMins', 'FiveMins', 'ThirtyMins', 'SixtyMins'
+	IntervalLength IntervalInMins `json:"intervalLength,omitempty"`
+}
+
+// Resource the Resource model definition.
+type Resource struct {
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Name - Resource name
+	Name *string `json:"name,omitempty"`
+	// Type - Resource type
+	Type *string `json:"type,omitempty"`
+	// Location - Resource location
+	Location *string `json:"location,omitempty"`
+	// Tags - Resource tags
+	Tags *map[string]*string `json:"tags,omitempty"`
+}
+
+// ResourceSku describes an available Compute SKU.
+type ResourceSku struct {
+	// ResourceType - The type of resource the SKU applies to.
+	ResourceType *string `json:"resourceType,omitempty"`
+	// Name - The name of SKU.
+	Name *string `json:"name,omitempty"`
+	// Tier - Specifies the tier of virtual machines in a scale set.<br /><br /> Possible Values:<br /><br /> **Standard**<br /><br /> **Basic**
+	Tier *string `json:"tier,omitempty"`
+	// Size - The Size of the SKU.
+	Size *string `json:"size,omitempty"`
+	// Family - The Family of this particular SKU.
+	Family *string `json:"family,omitempty"`
+	// Kind - The Kind of resources that are supported in this SKU.
+	Kind *string `json:"kind,omitempty"`
+	// Capacity - Specifies the number of virtual machines in the scale set.
+	Capacity *ResourceSkuCapacity `json:"capacity,omitempty"`
+	// Locations - The set of locations that the SKU is available.
+	Locations *[]string `json:"locations,omitempty"`
+	// LocationInfo - A list of locations and availability zones in those locations where the SKU is available.
+	LocationInfo *[]ResourceSkuLocationInfo `json:"locationInfo,omitempty"`
+	// APIVersions - The api versions that support this SKU.
+	APIVersions *[]string `json:"apiVersions,omitempty"`
+	// Costs - Metadata for retrieving price info.
+	Costs *[]ResourceSkuCosts `json:"costs,omitempty"`
+	// Capabilities - A name value pair to describe the capability.
+	Capabilities *[]ResourceSkuCapabilities `json:"capabilities,omitempty"`
+	// Restrictions - The restrictions because of which SKU cannot be used. This is empty if there are no restrictions.
+	Restrictions *[]ResourceSkuRestrictions `json:"restrictions,omitempty"`
+}
+
+// ResourceSkuCapabilities describes The SKU capabilites object.
+type ResourceSkuCapabilities struct {
+	// Name - An invariant to describe the feature.
+	Name *string `json:"name,omitempty"`
+	// Value - An invariant if the feature is measured by quantity.
+	Value *string `json:"value,omitempty"`
+}
+
+// ResourceSkuCapacity describes scaling information of a SKU.
+type ResourceSkuCapacity struct {
+	// Minimum - The minimum capacity.
+	Minimum *int64 `json:"minimum,omitempty"`
+	// Maximum - The maximum capacity that can be set.
+	Maximum *int64 `json:"maximum,omitempty"`
+	// Default - The default capacity.
+	Default *int64 `json:"default,omitempty"`
+	// ScaleType - The scale type applicable to the sku. Possible values include: 'ResourceSkuCapacityScaleTypeAutomatic', 'ResourceSkuCapacityScaleTypeManual', 'ResourceSkuCapacityScaleTypeNone'
+	ScaleType ResourceSkuCapacityScaleType `json:"scaleType,omitempty"`
+}
+
+// ResourceSkuCosts describes metadata for retrieving price info.
+type ResourceSkuCosts struct {
+	// MeterID - Used for querying price from commerce.
+	MeterID *string `json:"meterID,omitempty"`
+	// Quantity - The multiplier is needed to extend the base metered cost.
+	Quantity *int64 `json:"quantity,omitempty"`
+	// ExtendedUnit - An invariant to show the extended unit.
+	ExtendedUnit *string `json:"extendedUnit,omitempty"`
+}
+
+// ResourceSkuLocationInfo ...
+type ResourceSkuLocationInfo struct {
+	// Location - Location of the SKU
+	Location *string `json:"location,omitempty"`
+	// Zones - List of availability zones where the SKU is supported.
+	Zones *[]string `json:"zones,omitempty"`
+}
+
+// ResourceSkuRestrictionInfo ...
+type ResourceSkuRestrictionInfo struct {
+	// Locations - Locations where the SKU is restricted
+	Locations *[]string `json:"locations,omitempty"`
+	// Zones - List of availability zones where the SKU is restricted.
+	Zones *[]string `json:"zones,omitempty"`
+}
+
+// ResourceSkuRestrictions describes scaling information of a SKU.
+type ResourceSkuRestrictions struct {
+	// Type - The type of restrictions. Possible values include: 'Location', 'Zone'
+	Type ResourceSkuRestrictionsType `json:"type,omitempty"`
+	// Values - The value of restrictions. If the restriction type is set to location. This would be different locations where the SKU is restricted.
+	Values *[]string `json:"values,omitempty"`
+	// RestrictionInfo - The information about the restriction where the SKU cannot be used.
+	RestrictionInfo *ResourceSkuRestrictionInfo `json:"restrictionInfo,omitempty"`
+	// ReasonCode - The reason for restriction. Possible values include: 'QuotaID', 'NotAvailableForSubscription'
+	ReasonCode ResourceSkuRestrictionsReasonCode `json:"reasonCode,omitempty"`
+}
+
+// ResourceSkusResult the Compute List Skus operation response.
+type ResourceSkusResult struct {
+	autorest.Response `json:"-"`
+	// Value - The list of skus available for the subscription.
+	Value *[]ResourceSku `json:"value,omitempty"`
+	// NextLink - The uri to fetch the next page of Compute Skus. Call ListNext() with this to fetch the next page of VMSS Skus.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// ResourceSkusResultIterator provides access to a complete listing of ResourceSku values.
+type ResourceSkusResultIterator struct {
+	i    int
+	page ResourceSkusResultPage
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *ResourceSkusResultIterator) Next() error {
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err := iter.page.Next()
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter ResourceSkusResultIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter ResourceSkusResultIterator) Response() ResourceSkusResult {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter ResourceSkusResultIterator) Value() ResourceSku {
+	if !iter.page.NotDone() {
+		return ResourceSku{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (rsr ResourceSkusResult) IsEmpty() bool {
+	return rsr.Value == nil || len(*rsr.Value) == 0
+}
+
+// resourceSkusResultPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (rsr ResourceSkusResult) resourceSkusResultPreparer() (*http.Request, error) {
+	if rsr.NextLink == nil || len(to.String(rsr.NextLink)) < 1 {
+		return nil, nil
+	}
+	return autorest.Prepare(&http.Request{},
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(rsr.NextLink)))
+}
+
+// ResourceSkusResultPage contains a page of ResourceSku values.
+type ResourceSkusResultPage struct {
+	fn  func(ResourceSkusResult) (ResourceSkusResult, error)
+	rsr ResourceSkusResult
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *ResourceSkusResultPage) Next() error {
+	next, err := page.fn(page.rsr)
+	if err != nil {
+		return err
+	}
+	page.rsr = next
+	return nil
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page ResourceSkusResultPage) NotDone() bool {
+	return !page.rsr.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page ResourceSkusResultPage) Response() ResourceSkusResult {
+	return page.rsr
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page ResourceSkusResultPage) Values() []ResourceSku {
+	if page.rsr.IsEmpty() {
+		return nil
+	}
+	return *page.rsr.Value
+}
+
+// ResourceUpdate the Resource model definition.
+type ResourceUpdate struct {
+	// Tags - Resource tags
+	Tags *map[string]*string `json:"tags,omitempty"`
+	Sku  *DiskSku            `json:"sku,omitempty"`
+}
+
+// RollingUpgradePolicy the configuration parameters used while performing a rolling upgrade.
+type RollingUpgradePolicy struct {
+	// MaxBatchInstancePercent - The maximum percent of total virtual machine instances that will be upgraded simultaneously by the rolling upgrade in one batch. As this is a maximum, unhealthy instances in previous or future batches can cause the percentage of instances in a batch to decrease to ensure higher reliability. The default value for this parameter is 20%.
+	MaxBatchInstancePercent *int32 `json:"maxBatchInstancePercent,omitempty"`
+	// MaxUnhealthyInstancePercent - The maximum percentage of the total virtual machine instances in the scale set that can be simultaneously unhealthy, either as a result of being upgraded, or by being found in an unhealthy state by the virtual machine health checks before the rolling upgrade aborts. This constraint will be checked prior to starting any batch. The default value for this parameter is 20%.
+	MaxUnhealthyInstancePercent *int32 `json:"maxUnhealthyInstancePercent,omitempty"`
+	// MaxUnhealthyUpgradedInstancePercent - The maximum percentage of upgraded virtual machine instances that can be found to be in an unhealthy state. This check will happen after each batch is upgraded. If this percentage is ever exceeded, the rolling update aborts. The default value for this parameter is 20%.
+	MaxUnhealthyUpgradedInstancePercent *int32 `json:"maxUnhealthyUpgradedInstancePercent,omitempty"`
+	// PauseTimeBetweenBatches - The wait time between completing the update for all virtual machines in one batch and starting the next batch. The time duration should be specified in ISO 8601 format. The default value is 0 seconds (PT0S).
+	PauseTimeBetweenBatches *string `json:"pauseTimeBetweenBatches,omitempty"`
+}
+
+// RollingUpgradeProgressInfo information about the number of virtual machine instances in each upgrade state.
+type RollingUpgradeProgressInfo struct {
+	// SuccessfulInstanceCount - The number of instances that have been successfully upgraded.
+	SuccessfulInstanceCount *int32 `json:"successfulInstanceCount,omitempty"`
+	// FailedInstanceCount - The number of instances that have failed to be upgraded successfully.
+	FailedInstanceCount *int32 `json:"failedInstanceCount,omitempty"`
+	// InProgressInstanceCount - The number of instances that are currently being upgraded.
+	InProgressInstanceCount *int32 `json:"inProgressInstanceCount,omitempty"`
+	// PendingInstanceCount - The number of instances that have not yet begun to be upgraded.
+	PendingInstanceCount *int32 `json:"pendingInstanceCount,omitempty"`
+}
+
+// RollingUpgradeRunningStatus information about the current running state of the overall upgrade.
+type RollingUpgradeRunningStatus struct {
+	// Code - Code indicating the current status of the upgrade. Possible values include: 'RollingForward', 'Cancelled', 'Completed', 'Faulted'
+	Code RollingUpgradeStatusCode `json:"code,omitempty"`
+	// StartTime - Start time of the upgrade.
+	StartTime *date.Time `json:"startTime,omitempty"`
+	// LastAction - The last action performed on the rolling upgrade. Possible values include: 'Start', 'Cancel'
+	LastAction RollingUpgradeActionType `json:"lastAction,omitempty"`
+	// LastActionTime - Last action time of the upgrade.
+	LastActionTime *date.Time `json:"lastActionTime,omitempty"`
+}
+
+// RollingUpgradeStatusInfo the status of the latest virtual machine scale set rolling upgrade.
+type RollingUpgradeStatusInfo struct {
+	autorest.Response `json:"-"`
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Name - Resource name
+	Name *string `json:"name,omitempty"`
+	// Type - Resource type
+	Type *string `json:"type,omitempty"`
+	// Location - Resource location
+	Location *string `json:"location,omitempty"`
+	// Tags - Resource tags
+	Tags                                *map[string]*string `json:"tags,omitempty"`
+	*RollingUpgradeStatusInfoProperties `json:"properties,omitempty"`
+}
+
+// RollingUpgradeStatusInfoProperties the status of the latest virtual machine scale set rolling upgrade.
+type RollingUpgradeStatusInfoProperties struct {
+	// Policy - The rolling upgrade policies applied for this upgrade.
+	Policy *RollingUpgradePolicy `json:"policy,omitempty"`
+	// RunningStatus - Information about the current running state of the overall upgrade.
+	RunningStatus *RollingUpgradeRunningStatus `json:"runningStatus,omitempty"`
+	// Progress - Information about the number of virtual machine instances in each upgrade state.
+	Progress *RollingUpgradeProgressInfo `json:"progress,omitempty"`
+	// Error - Error details for this upgrade, if there are any.
+	Error *APIError `json:"error,omitempty"`
+}
+
+// RunCommandDocument describes the properties of a Run Command.
+type RunCommandDocument struct {
+	autorest.Response `json:"-"`
+	// Schema - The VM run command schema.
+	Schema *string `json:"$schema,omitempty"`
+	// ID - The VM run command id.
+	ID *string `json:"id,omitempty"`
+	// OsType - The Operating System type. Possible values include: 'Windows', 'Linux'
+	OsType OperatingSystemTypes `json:"osType,omitempty"`
+	// Label - The VM run command label.
+	Label *string `json:"label,omitempty"`
+	// Description - The VM run command description.
+	Description *string `json:"description,omitempty"`
+	// Script - The script to be executed.
+	Script *[]string `json:"script,omitempty"`
+	// Parameters - The parameters used by the script.
+	Parameters *[]RunCommandParameterDefinition `json:"parameters,omitempty"`
+}
+
+// RunCommandDocumentBase describes the properties of a Run Command metadata.
+type RunCommandDocumentBase struct {
+	// Schema - The VM run command schema.
+	Schema *string `json:"$schema,omitempty"`
+	// ID - The VM run command id.
+	ID *string `json:"id,omitempty"`
+	// OsType - The Operating System type. Possible values include: 'Windows', 'Linux'
+	OsType OperatingSystemTypes `json:"osType,omitempty"`
+	// Label - The VM run command label.
+	Label *string `json:"label,omitempty"`
+	// Description - The VM run command description.
+	Description *string `json:"description,omitempty"`
+}
+
+// RunCommandInput capture Virtual Machine parameters.
+type RunCommandInput struct {
+	// CommandID - The run command id.
+	CommandID *string `json:"commandId,omitempty"`
+	// Script - Optional. The script to be executed.  When this value is given, the given script will override the default script of the command.
+	Script *[]string `json:"script,omitempty"`
+	// Parameters - The run command parameters.
+	Parameters *[]RunCommandInputParameter `json:"parameters,omitempty"`
+}
+
+// RunCommandInputParameter describes the properties of a run command parameter.
+type RunCommandInputParameter struct {
+	// Name - The run command parameter name.
+	Name *string `json:"name,omitempty"`
+	// Value - The run command parameter value.
+	Value *string `json:"value,omitempty"`
+}
+
+// RunCommandListResult the List Virtual Machine operation response.
+type RunCommandListResult struct {
+	autorest.Response `json:"-"`
+	// Value - The list of virtual machine run commands.
+	Value *[]RunCommandDocumentBase `json:"value,omitempty"`
+	// NextLink - The uri to fetch the next page of run commands. Call ListNext() with this to fetch the next page of run commands.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// RunCommandListResultIterator provides access to a complete listing of RunCommandDocumentBase values.
+type RunCommandListResultIterator struct {
+	i    int
+	page RunCommandListResultPage
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *RunCommandListResultIterator) Next() error {
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err := iter.page.Next()
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter RunCommandListResultIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter RunCommandListResultIterator) Response() RunCommandListResult {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter RunCommandListResultIterator) Value() RunCommandDocumentBase {
+	if !iter.page.NotDone() {
+		return RunCommandDocumentBase{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (rclr RunCommandListResult) IsEmpty() bool {
+	return rclr.Value == nil || len(*rclr.Value) == 0
+}
+
+// runCommandListResultPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (rclr RunCommandListResult) runCommandListResultPreparer() (*http.Request, error) {
+	if rclr.NextLink == nil || len(to.String(rclr.NextLink)) < 1 {
+		return nil, nil
+	}
+	return autorest.Prepare(&http.Request{},
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(rclr.NextLink)))
+}
+
+// RunCommandListResultPage contains a page of RunCommandDocumentBase values.
+type RunCommandListResultPage struct {
+	fn   func(RunCommandListResult) (RunCommandListResult, error)
+	rclr RunCommandListResult
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *RunCommandListResultPage) Next() error {
+	next, err := page.fn(page.rclr)
+	if err != nil {
+		return err
+	}
+	page.rclr = next
+	return nil
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page RunCommandListResultPage) NotDone() bool {
+	return !page.rclr.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page RunCommandListResultPage) Response() RunCommandListResult {
+	return page.rclr
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page RunCommandListResultPage) Values() []RunCommandDocumentBase {
+	if page.rclr.IsEmpty() {
+		return nil
+	}
+	return *page.rclr.Value
+}
+
+// RunCommandParameterDefinition describes the properties of a run command parameter.
+type RunCommandParameterDefinition struct {
+	// Name - The run command parameter name.
+	Name *string `json:"name,omitempty"`
+	// Type - The run command parameter type.
+	Type *string `json:"type,omitempty"`
+	// DefaultValue - The run command parameter default value.
+	DefaultValue *string `json:"defaultValue,omitempty"`
+	// Required - The run command parameter required.
+	Required *bool `json:"required,omitempty"`
+}
+
+// RunCommandResult run command operation response.
+type RunCommandResult struct {
+	autorest.Response `json:"-"`
+	// Name - Operation ID
+	Name *string `json:"name,omitempty"`
+	// Status - Operation status
+	Status *string `json:"status,omitempty"`
+	// StartTime - Start time of the operation
+	StartTime *date.Time `json:"startTime,omitempty"`
+	// EndTime - End time of the operation
+	EndTime *date.Time `json:"endTime,omitempty"`
+	// Error - Api error
+	Error                       *APIError `json:"error,omitempty"`
+	*RunCommandResultProperties `json:"properties,omitempty"`
+}
+
+// RunCommandResultProperties compute-specific operation properties, including output
+type RunCommandResultProperties struct {
+	// Output - Operation output data (raw JSON)
+	Output *map[string]interface{} `json:"output,omitempty"`
+}
+
+// Sku describes a virtual machine scale set sku.
+type Sku struct {
+	// Name - The sku name.
+	Name *string `json:"name,omitempty"`
+	// Tier - Specifies the tier of virtual machines in a scale set.<br /><br /> Possible Values:<br /><br /> **Standard**<br /><br /> **Basic**
+	Tier *string `json:"tier,omitempty"`
+	// Capacity - Specifies the number of virtual machines in the scale set.
+	Capacity *int64 `json:"capacity,omitempty"`
+}
+
+// Snapshot snapshot resource.
+type Snapshot struct {
+	autorest.Response `json:"-"`
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Name - Resource name
+	Name *string `json:"name,omitempty"`
+	// Type - Resource type
+	Type *string `json:"type,omitempty"`
+	// Location - Resource location
+	Location *string `json:"location,omitempty"`
+	// Tags - Resource tags
+	Tags *map[string]*string `json:"tags,omitempty"`
+	// ManagedBy - Unused. Always Null.
+	ManagedBy       *string  `json:"managedBy,omitempty"`
+	Sku             *DiskSku `json:"sku,omitempty"`
+	*DiskProperties `json:"properties,omitempty"`
+}
+
+// SnapshotList the List Snapshots operation response.
+type SnapshotList struct {
+	autorest.Response `json:"-"`
+	// Value - A list of snapshots.
+	Value *[]Snapshot `json:"value,omitempty"`
+	// NextLink - The uri to fetch the next page of snapshots. Call ListNext() with this to fetch the next page of snapshots.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// SnapshotListIterator provides access to a complete listing of Snapshot values.
+type SnapshotListIterator struct {
+	i    int
+	page SnapshotListPage
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *SnapshotListIterator) Next() error {
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err := iter.page.Next()
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter SnapshotListIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter SnapshotListIterator) Response() SnapshotList {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter SnapshotListIterator) Value() Snapshot {
+	if !iter.page.NotDone() {
+		return Snapshot{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (sl SnapshotList) IsEmpty() bool {
+	return sl.Value == nil || len(*sl.Value) == 0
+}
+
+// snapshotListPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (sl SnapshotList) snapshotListPreparer() (*http.Request, error) {
+	if sl.NextLink == nil || len(to.String(sl.NextLink)) < 1 {
+		return nil, nil
+	}
+	return autorest.Prepare(&http.Request{},
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(sl.NextLink)))
+}
+
+// SnapshotListPage contains a page of Snapshot values.
+type SnapshotListPage struct {
+	fn func(SnapshotList) (SnapshotList, error)
+	sl SnapshotList
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *SnapshotListPage) Next() error {
+	next, err := page.fn(page.sl)
+	if err != nil {
+		return err
+	}
+	page.sl = next
+	return nil
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page SnapshotListPage) NotDone() bool {
+	return !page.sl.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page SnapshotListPage) Response() SnapshotList {
+	return page.sl
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page SnapshotListPage) Values() []Snapshot {
+	if page.sl.IsEmpty() {
+		return nil
+	}
+	return *page.sl.Value
+}
+
+// SnapshotsCreateOrUpdateFuture an abstraction for monitoring and retrieving the results of a long-running operation.
+type SnapshotsCreateOrUpdateFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future SnapshotsCreateOrUpdateFuture) Result(client SnapshotsClient) (s Snapshot, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return s, autorest.NewError("compute.SnapshotsCreateOrUpdateFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		s, err = client.CreateOrUpdateResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	s, err = client.CreateOrUpdateResponder(resp)
+	return
+}
+
+// SnapshotsDeleteFuture an abstraction for monitoring and retrieving the results of a long-running operation.
+type SnapshotsDeleteFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future SnapshotsDeleteFuture) Result(client SnapshotsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.SnapshotsDeleteFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.DeleteResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.DeleteResponder(resp)
+	return
+}
+
+// SnapshotsGrantAccessFuture an abstraction for monitoring and retrieving the results of a long-running operation.
+type SnapshotsGrantAccessFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future SnapshotsGrantAccessFuture) Result(client SnapshotsClient) (au AccessURI, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return au, autorest.NewError("compute.SnapshotsGrantAccessFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		au, err = client.GrantAccessResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	au, err = client.GrantAccessResponder(resp)
+	return
+}
+
+// SnapshotsRevokeAccessFuture an abstraction for monitoring and retrieving the results of a long-running operation.
+type SnapshotsRevokeAccessFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future SnapshotsRevokeAccessFuture) Result(client SnapshotsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.SnapshotsRevokeAccessFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.RevokeAccessResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.RevokeAccessResponder(resp)
+	return
+}
+
+// SnapshotsUpdateFuture an abstraction for monitoring and retrieving the results of a long-running operation.
+type SnapshotsUpdateFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future SnapshotsUpdateFuture) Result(client SnapshotsClient) (s Snapshot, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return s, autorest.NewError("compute.SnapshotsUpdateFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		s, err = client.UpdateResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	s, err = client.UpdateResponder(resp)
+	return
+}
+
+// SnapshotUpdate snapshot update resource.
+type SnapshotUpdate struct {
+	// Tags - Resource tags
+	Tags                  *map[string]*string `json:"tags,omitempty"`
+	Sku                   *DiskSku            `json:"sku,omitempty"`
+	*DiskUpdateProperties `json:"properties,omitempty"`
+}
+
+// SourceVault the vault id is an Azure Resource Manager Resoure id in the form
+// /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}
+type SourceVault struct {
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+}
+
+// SSHConfiguration SSH configuration for Linux based VMs running on Azure
+type SSHConfiguration struct {
+	// PublicKeys - The list of SSH public keys used to authenticate with linux based VMs.
+	PublicKeys *[]SSHPublicKey `json:"publicKeys,omitempty"`
+}
+
+// SSHPublicKey contains information about SSH certificate public key and the path on the Linux VM where the public key
+// is placed.
+type SSHPublicKey struct {
+	// Path - Specifies the full path on the created VM where ssh public key is stored. If the file already exists, the specified key is appended to the file. Example: /home/user/.ssh/authorized_keys
+	Path *string `json:"path,omitempty"`
+	// KeyData - SSH public key certificate used to authenticate with the VM through ssh. The key needs to be at least 2048-bit and in ssh-rsa format. <br><br> For creating ssh keys, see [Create SSH keys on Linux and Mac for Linux VMs in Azure](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-linux-mac-create-ssh-keys?toc=%2fazure%2fvirtual-machines%2flinux%2ftoc.json).
+	KeyData *string `json:"keyData,omitempty"`
+}
+
+// StorageProfile specifies the storage settings for the virtual machine disks.
+type StorageProfile struct {
+	// ImageReference - Specifies information about the image to use. You can specify information about platform images, marketplace images, or virtual machine images. This element is required when you want to use a platform image, marketplace image, or virtual machine image, but is not used in other creation operations.
+	ImageReference *ImageReference `json:"imageReference,omitempty"`
+	// OsDisk - Specifies information about the operating system disk used by the virtual machine. <br><br> For more information about disks, see [About disks and VHDs for Azure virtual machines](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-windows-about-disks-vhds?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json).
+	OsDisk *OSDisk `json:"osDisk,omitempty"`
+	// DataDisks - Specifies the parameters that are used to add a data disk to a virtual machine. <br><br> For more information about disks, see [About disks and VHDs for Azure virtual machines](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-windows-about-disks-vhds?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json).
+	DataDisks *[]DataDisk `json:"dataDisks,omitempty"`
+}
+
+// SubResource ...
+type SubResource struct {
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+}
+
+// SubResourceReadOnly ...
+type SubResourceReadOnly struct {
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+}
+
+// ThrottledRequestsInput api request input for LogAnalytics getThrottledRequests Api.
+type ThrottledRequestsInput struct {
+	// BlobContainerSasURI - SAS Uri of the logging blob container to which LogAnalytics Api writes output logs to.
+	BlobContainerSasURI *string `json:"blobContainerSasUri,omitempty"`
+	// FromTime - From time of the query
+	FromTime *date.Time `json:"fromTime,omitempty"`
+	// ToTime - To time of the query
+	ToTime *date.Time `json:"toTime,omitempty"`
+	// GroupByThrottlePolicy - Group query result by Throttle Policy applied.
+	GroupByThrottlePolicy *bool `json:"groupByThrottlePolicy,omitempty"`
+	// GroupByOperationName - Group query result by  by Operation Name.
+	GroupByOperationName *bool `json:"groupByOperationName,omitempty"`
+	// GroupByResourceName - Group query result by Resource Name.
+	GroupByResourceName *bool `json:"groupByResourceName,omitempty"`
+}
+
+// UpdateResource the Update Resource model definition.
+type UpdateResource struct {
+	// Tags - Resource tags
+	Tags *map[string]*string `json:"tags,omitempty"`
+}
+
+// UpgradePolicy describes an upgrade policy - automatic, manual, or rolling.
+type UpgradePolicy struct {
+	// Mode - Specifies the mode of an upgrade to virtual machines in the scale set.<br /><br /> Possible values are:<br /><br /> **Manual** - You  control the application of updates to virtual machines in the scale set. You do this by using the manualUpgrade action.<br /><br /> **Automatic** - All virtual machines in the scale set are  automatically updated at the same time. Possible values include: 'Automatic', 'Manual', 'Rolling'
+	Mode UpgradeMode `json:"mode,omitempty"`
+	// RollingUpgradePolicy - The configuration parameters used while performing a rolling upgrade.
+	RollingUpgradePolicy *RollingUpgradePolicy `json:"rollingUpgradePolicy,omitempty"`
+	// AutomaticOSUpgrade - Whether OS upgrades should automatically be applied to scale set instances in a rolling fashion when a newer version of the image becomes available.
+	AutomaticOSUpgrade *bool `json:"automaticOSUpgrade,omitempty"`
+}
+
+// Usage describes Compute Resource Usage.
+type Usage struct {
+	// Unit - An enum describing the unit of usage measurement.
+	Unit *string `json:"unit,omitempty"`
+	// CurrentValue - The current usage of the resource.
+	CurrentValue *int32 `json:"currentValue,omitempty"`
+	// Limit - The maximum permitted usage of the resource.
+	Limit *int64 `json:"limit,omitempty"`
+	// Name - The name of the type of usage.
+	Name *UsageName `json:"name,omitempty"`
+}
+
+// UsageName the Usage Names.
+type UsageName struct {
+	// Value - The name of the resource.
+	Value *string `json:"value,omitempty"`
+	// LocalizedValue - The localized name of the resource.
+	LocalizedValue *string `json:"localizedValue,omitempty"`
+}
+
+// VaultCertificate describes a single certificate reference in a Key Vault, and where the certificate should reside on
+// the VM.
+type VaultCertificate struct {
+	// CertificateURL - This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see [Add a key or secret to the key vault](https://docs.microsoft.com/azure/key-vault/key-vault-get-started/#add). In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8: <br><br> {<br>  "data":"<Base64-encoded-certificate>",<br>  "dataType":"pfx",<br>  "password":"<pfx-file-password>"<br>}
+	CertificateURL *string `json:"certificateUrl,omitempty"`
+	// CertificateStore - For Windows VMs, specifies the certificate store on the Virtual Machine to which the certificate should be added. The specified certificate store is implicitly in the LocalMachine account. <br><br>For Linux VMs, the certificate file is placed under the /var/lib/waagent directory, with the file name <UppercaseThumbprint>.crt for the X509 certificate file and <UppercaseThumbpring>.prv for private key. Both of these files are .pem formatted.
+	CertificateStore *string `json:"certificateStore,omitempty"`
+}
+
+// VaultSecretGroup describes a set of certificates which are all in the same Key Vault.
+type VaultSecretGroup struct {
+	// SourceVault - The relative URL of the Key Vault containing all of the certificates in VaultCertificates.
+	SourceVault *SubResource `json:"sourceVault,omitempty"`
+	// VaultCertificates - The list of key vault references in SourceVault which contain certificates.
+	VaultCertificates *[]VaultCertificate `json:"vaultCertificates,omitempty"`
+}
+
+// VirtualHardDisk describes the uri of a disk.
+type VirtualHardDisk struct {
+	// URI - Specifies the virtual hard disk's uri.
+	URI *string `json:"uri,omitempty"`
+}
+
+// VirtualMachine describes a Virtual Machine.
+type VirtualMachine struct {
+	autorest.Response `json:"-"`
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Name - Resource name
+	Name *string `json:"name,omitempty"`
+	// Type - Resource type
+	Type *string `json:"type,omitempty"`
+	// Location - Resource location
+	Location *string `json:"location,omitempty"`
+	// Tags - Resource tags
+	Tags *map[string]*string `json:"tags,omitempty"`
+	// Plan - Specifies information about the marketplace image used to create the virtual machine. This element is only used for marketplace images. Before you can use a marketplace image from an API, you must enable the image for programmatic use.  In the Azure portal, find the marketplace image that you want to use and then click **Want to deploy programmatically, Get Started ->**. Enter any required information and then click **Save**.
+	Plan                      *Plan `json:"plan,omitempty"`
+	*VirtualMachineProperties `json:"properties,omitempty"`
+	// Resources - The virtual machine child extension resources.
+	Resources *[]VirtualMachineExtension `json:"resources,omitempty"`
+	// Identity - The identity of the virtual machine, if configured.
+	Identity *VirtualMachineIdentity `json:"identity,omitempty"`
+	// Zones - The virtual machine zones.
+	Zones *[]string `json:"zones,omitempty"`
+}
+
+// VirtualMachineAgentInstanceView the instance view of the VM Agent running on the virtual machine.
+type VirtualMachineAgentInstanceView struct {
+	// VMAgentVersion - The VM Agent full version.
+	VMAgentVersion *string `json:"vmAgentVersion,omitempty"`
+	// ExtensionHandlers - The virtual machine extension handler instance view.
+	ExtensionHandlers *[]VirtualMachineExtensionHandlerInstanceView `json:"extensionHandlers,omitempty"`
+	// Statuses - The resource status information.
+	Statuses *[]InstanceViewStatus `json:"statuses,omitempty"`
+}
+
+// VirtualMachineCaptureParameters capture Virtual Machine parameters.
+type VirtualMachineCaptureParameters struct {
+	// VhdPrefix - The captured virtual hard disk's name prefix.
+	VhdPrefix *string `json:"vhdPrefix,omitempty"`
+	// DestinationContainerName - The destination container name.
+	DestinationContainerName *string `json:"destinationContainerName,omitempty"`
+	// OverwriteVhds - Specifies whether to overwrite the destination virtual hard disk, in case of conflict.
+	OverwriteVhds *bool `json:"overwriteVhds,omitempty"`
+}
+
+// VirtualMachineCaptureResult resource Id.
+type VirtualMachineCaptureResult struct {
+	autorest.Response `json:"-"`
+	// ID - Resource Id
+	ID                                     *string `json:"id,omitempty"`
+	*VirtualMachineCaptureResultProperties `json:"properties,omitempty"`
+}
+
+// VirtualMachineCaptureResultProperties compute-specific operation properties, including output
+type VirtualMachineCaptureResultProperties struct {
+	// Output - Operation output data (raw JSON)
+	Output *map[string]interface{} `json:"output,omitempty"`
+}
+
+// VirtualMachineExtension describes a Virtual Machine Extension.
+type VirtualMachineExtension struct {
+	autorest.Response `json:"-"`
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Name - Resource name
+	Name *string `json:"name,omitempty"`
+	// Type - Resource type
+	Type *string `json:"type,omitempty"`
+	// Location - Resource location
+	Location *string `json:"location,omitempty"`
+	// Tags - Resource tags
+	Tags                               *map[string]*string `json:"tags,omitempty"`
+	*VirtualMachineExtensionProperties `json:"properties,omitempty"`
+}
+
+// VirtualMachineExtensionHandlerInstanceView the instance view of a virtual machine extension handler.
+type VirtualMachineExtensionHandlerInstanceView struct {
+	// Type - Specifies the type of the extension; an example is "CustomScriptExtension".
+	Type *string `json:"type,omitempty"`
+	// TypeHandlerVersion - Specifies the version of the script handler.
+	TypeHandlerVersion *string `json:"typeHandlerVersion,omitempty"`
+	// Status - The extension handler status.
+	Status *InstanceViewStatus `json:"status,omitempty"`
+}
+
+// VirtualMachineExtensionImage describes a Virtual Machine Extension Image.
+type VirtualMachineExtensionImage struct {
+	autorest.Response `json:"-"`
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Name - Resource name
+	Name *string `json:"name,omitempty"`
+	// Type - Resource type
+	Type *string `json:"type,omitempty"`
+	// Location - Resource location
+	Location *string `json:"location,omitempty"`
+	// Tags - Resource tags
+	Tags                                    *map[string]*string `json:"tags,omitempty"`
+	*VirtualMachineExtensionImageProperties `json:"properties,omitempty"`
+}
+
+// VirtualMachineExtensionImageProperties describes the properties of a Virtual Machine Extension Image.
+type VirtualMachineExtensionImageProperties struct {
+	// OperatingSystem - The operating system this extension supports.
+	OperatingSystem *string `json:"operatingSystem,omitempty"`
+	// ComputeRole - The type of role (IaaS or PaaS) this extension supports.
+	ComputeRole *string `json:"computeRole,omitempty"`
+	// HandlerSchema - The schema defined by publisher, where extension consumers should provide settings in a matching schema.
+	HandlerSchema *string `json:"handlerSchema,omitempty"`
+	// VMScaleSetEnabled - Whether the extension can be used on xRP VMScaleSets. By default existing extensions are usable on scalesets, but there might be cases where a publisher wants to explicitly indicate the extension is only enabled for CRP VMs but not VMSS.
+	VMScaleSetEnabled *bool `json:"vmScaleSetEnabled,omitempty"`
+	// SupportsMultipleExtensions - Whether the handler can support multiple extensions.
+	SupportsMultipleExtensions *bool `json:"supportsMultipleExtensions,omitempty"`
+}
+
+// VirtualMachineExtensionInstanceView the instance view of a virtual machine extension.
+type VirtualMachineExtensionInstanceView struct {
+	// Name - The virtual machine extension name.
+	Name *string `json:"name,omitempty"`
+	// Type - Specifies the type of the extension; an example is "CustomScriptExtension".
+	Type *string `json:"type,omitempty"`
+	// TypeHandlerVersion - Specifies the version of the script handler.
+	TypeHandlerVersion *string `json:"typeHandlerVersion,omitempty"`
+	// Substatuses - The resource status information.
+	Substatuses *[]InstanceViewStatus `json:"substatuses,omitempty"`
+	// Statuses - The resource status information.
+	Statuses *[]InstanceViewStatus `json:"statuses,omitempty"`
+}
+
+// VirtualMachineExtensionProperties describes the properties of a Virtual Machine Extension.
+type VirtualMachineExtensionProperties struct {
+	// ForceUpdateTag - How the extension handler should be forced to update even if the extension configuration has not changed.
+	ForceUpdateTag *string `json:"forceUpdateTag,omitempty"`
+	// Publisher - The name of the extension handler publisher.
+	Publisher *string `json:"publisher,omitempty"`
+	// Type - Specifies the type of the extension; an example is "CustomScriptExtension".
+	Type *string `json:"type,omitempty"`
+	// TypeHandlerVersion - Specifies the version of the script handler.
+	TypeHandlerVersion *string `json:"typeHandlerVersion,omitempty"`
+	// AutoUpgradeMinorVersion - Indicates whether the extension should use a newer minor version if one is available at deployment time. Once deployed, however, the extension will not upgrade minor versions unless redeployed, even with this property set to true.
+	AutoUpgradeMinorVersion *bool `json:"autoUpgradeMinorVersion,omitempty"`
+	// Settings - Json formatted public settings for the extension.
+	Settings *map[string]interface{} `json:"settings,omitempty"`
+	// ProtectedSettings - The extension can contain either protectedSettings or protectedSettingsFromKeyVault or no protected settings at all.
+	ProtectedSettings *map[string]interface{} `json:"protectedSettings,omitempty"`
+	// ProvisioningState - The provisioning state, which only appears in the response.
+	ProvisioningState *string `json:"provisioningState,omitempty"`
+	// InstanceView - The virtual machine extension instance view.
+	InstanceView *VirtualMachineExtensionInstanceView `json:"instanceView,omitempty"`
+}
+
+// VirtualMachineExtensionsCreateOrUpdateFuture an abstraction for monitoring and retrieving the results of a
+// long-running operation.
+type VirtualMachineExtensionsCreateOrUpdateFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineExtensionsCreateOrUpdateFuture) Result(client VirtualMachineExtensionsClient) (vme VirtualMachineExtension, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return vme, autorest.NewError("compute.VirtualMachineExtensionsCreateOrUpdateFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		vme, err = client.CreateOrUpdateResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	vme, err = client.CreateOrUpdateResponder(resp)
+	return
+}
+
+// VirtualMachineExtensionsDeleteFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachineExtensionsDeleteFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineExtensionsDeleteFuture) Result(client VirtualMachineExtensionsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineExtensionsDeleteFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.DeleteResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.DeleteResponder(resp)
+	return
+}
+
+// VirtualMachineHealthStatus the health status of the VM.
+type VirtualMachineHealthStatus struct {
+	// Status - The health status information for the VM.
+	Status *InstanceViewStatus `json:"status,omitempty"`
+}
+
+// VirtualMachineIdentity identity for the virtual machine.
+type VirtualMachineIdentity struct {
+	// PrincipalID - The principal id of virtual machine identity. This property will only be provided for a system assigned identity.
+	PrincipalID *string `json:"principalId,omitempty"`
+	// TenantID - The tenant id associated with the virtual machine. This property will only be provided for a system assigned identity.
+	TenantID *string `json:"tenantId,omitempty"`
+	// Type - The type of identity used for the virtual machine. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine. Possible values include: 'ResourceIdentityTypeSystemAssigned', 'ResourceIdentityTypeUserAssigned', 'ResourceIdentityTypeSystemAssignedUserAssigned', 'ResourceIdentityTypeNone'
+	Type ResourceIdentityType `json:"type,omitempty"`
+	// IdentityIds - The list of user identities associated with the Virtual Machine. The user identity references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/identities/{identityName}'.
+	IdentityIds *[]string `json:"identityIds,omitempty"`
+}
+
+// VirtualMachineImage describes a Virtual Machine Image.
+type VirtualMachineImage struct {
+	autorest.Response `json:"-"`
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Name - The name of the resource.
+	Name *string `json:"name,omitempty"`
+	// Location - The supported Azure location of the resource.
+	Location *string `json:"location,omitempty"`
+	// Tags - Specifies the tags that are assigned to the virtual machine. For more information about using tags, see [Using tags to organize your Azure resources](https://docs.microsoft.com/azure/azure-resource-manager/resource-group-using-tags.md).
+	Tags                           *map[string]*string `json:"tags,omitempty"`
+	*VirtualMachineImageProperties `json:"properties,omitempty"`
+}
+
+// VirtualMachineImageProperties describes the properties of a Virtual Machine Image.
+type VirtualMachineImageProperties struct {
+	Plan           *PurchasePlan    `json:"plan,omitempty"`
+	OsDiskImage    *OSDiskImage     `json:"osDiskImage,omitempty"`
+	DataDiskImages *[]DataDiskImage `json:"dataDiskImages,omitempty"`
+}
+
+// VirtualMachineImageResource virtual machine image resource information.
+type VirtualMachineImageResource struct {
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Name - The name of the resource.
+	Name *string `json:"name,omitempty"`
+	// Location - The supported Azure location of the resource.
+	Location *string `json:"location,omitempty"`
+	// Tags - Specifies the tags that are assigned to the virtual machine. For more information about using tags, see [Using tags to organize your Azure resources](https://docs.microsoft.com/azure/azure-resource-manager/resource-group-using-tags.md).
+	Tags *map[string]*string `json:"tags,omitempty"`
+}
+
+// VirtualMachineInstanceView the instance view of a virtual machine.
+type VirtualMachineInstanceView struct {
+	autorest.Response `json:"-"`
+	// PlatformUpdateDomain - Specifies the update domain of the virtual machine.
+	PlatformUpdateDomain *int32 `json:"platformUpdateDomain,omitempty"`
+	// PlatformFaultDomain - Specifies the fault domain of the virtual machine.
+	PlatformFaultDomain *int32 `json:"platformFaultDomain,omitempty"`
+	// ComputerName - The computer name assigned to the virtual machine.
+	ComputerName *string `json:"computerName,omitempty"`
+	// OsName - The Operating System running on the virtual machine.
+	OsName *string `json:"osName,omitempty"`
+	// OsVersion - The version of Operating System running on the virtual machine.
+	OsVersion *string `json:"osVersion,omitempty"`
+	// RdpThumbPrint - The Remote desktop certificate thumbprint.
+	RdpThumbPrint *string `json:"rdpThumbPrint,omitempty"`
+	// VMAgent - The VM Agent running on the virtual machine.
+	VMAgent *VirtualMachineAgentInstanceView `json:"vmAgent,omitempty"`
+	// MaintenanceRedeployStatus - The Maintenance Operation status on the virtual machine.
+	MaintenanceRedeployStatus *MaintenanceRedeployStatus `json:"maintenanceRedeployStatus,omitempty"`
+	// Disks - The virtual machine disk information.
+	Disks *[]DiskInstanceView `json:"disks,omitempty"`
+	// Extensions - The extensions information.
+	Extensions *[]VirtualMachineExtensionInstanceView `json:"extensions,omitempty"`
+	// BootDiagnostics - Boot Diagnostics is a debugging feature which allows you to view Console Output and Screenshot to diagnose VM status. <br><br> For Linux Virtual Machines, you can easily view the output of your console log. <br><br> For both Windows and Linux virtual machines, Azure also enables you to see a screenshot of the VM from the hypervisor.
+	BootDiagnostics *BootDiagnosticsInstanceView `json:"bootDiagnostics,omitempty"`
+	// Statuses - The resource status information.
+	Statuses *[]InstanceViewStatus `json:"statuses,omitempty"`
+}
+
+// VirtualMachineListResult the List Virtual Machine operation response.
+type VirtualMachineListResult struct {
+	autorest.Response `json:"-"`
+	// Value - The list of virtual machines.
+	Value *[]VirtualMachine `json:"value,omitempty"`
+	// NextLink - The URI to fetch the next page of VMs. Call ListNext() with this URI to fetch the next page of Virtual Machines.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// VirtualMachineListResultIterator provides access to a complete listing of VirtualMachine values.
+type VirtualMachineListResultIterator struct {
+	i    int
+	page VirtualMachineListResultPage
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *VirtualMachineListResultIterator) Next() error {
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err := iter.page.Next()
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter VirtualMachineListResultIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter VirtualMachineListResultIterator) Response() VirtualMachineListResult {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter VirtualMachineListResultIterator) Value() VirtualMachine {
+	if !iter.page.NotDone() {
+		return VirtualMachine{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (vmlr VirtualMachineListResult) IsEmpty() bool {
+	return vmlr.Value == nil || len(*vmlr.Value) == 0
+}
+
+// virtualMachineListResultPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (vmlr VirtualMachineListResult) virtualMachineListResultPreparer() (*http.Request, error) {
+	if vmlr.NextLink == nil || len(to.String(vmlr.NextLink)) < 1 {
+		return nil, nil
+	}
+	return autorest.Prepare(&http.Request{},
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(vmlr.NextLink)))
+}
+
+// VirtualMachineListResultPage contains a page of VirtualMachine values.
+type VirtualMachineListResultPage struct {
+	fn   func(VirtualMachineListResult) (VirtualMachineListResult, error)
+	vmlr VirtualMachineListResult
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *VirtualMachineListResultPage) Next() error {
+	next, err := page.fn(page.vmlr)
+	if err != nil {
+		return err
+	}
+	page.vmlr = next
+	return nil
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page VirtualMachineListResultPage) NotDone() bool {
+	return !page.vmlr.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page VirtualMachineListResultPage) Response() VirtualMachineListResult {
+	return page.vmlr
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page VirtualMachineListResultPage) Values() []VirtualMachine {
+	if page.vmlr.IsEmpty() {
+		return nil
+	}
+	return *page.vmlr.Value
+}
+
+// VirtualMachineProperties describes the properties of a Virtual Machine.
+type VirtualMachineProperties struct {
+	// HardwareProfile - Specifies the hardware settings for the virtual machine.
+	HardwareProfile *HardwareProfile `json:"hardwareProfile,omitempty"`
+	// StorageProfile - Specifies the storage settings for the virtual machine disks.
+	StorageProfile *StorageProfile `json:"storageProfile,omitempty"`
+	// OsProfile - Specifies the operating system settings for the virtual machine.
+	OsProfile *OSProfile `json:"osProfile,omitempty"`
+	// NetworkProfile - Specifies the network interfaces of the virtual machine.
+	NetworkProfile *NetworkProfile `json:"networkProfile,omitempty"`
+	// DiagnosticsProfile - Specifies the boot diagnostic settings state. <br><br>Minimum api-version: 2015-06-15.
+	DiagnosticsProfile *DiagnosticsProfile `json:"diagnosticsProfile,omitempty"`
+	// AvailabilitySet - Specifies information about the availability set that the virtual machine should be assigned to. Virtual machines specified in the same availability set are allocated to different nodes to maximize availability. For more information about availability sets, see [Manage the availability of virtual machines](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-windows-manage-availability?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json). <br><br> For more information on Azure planned maintainance, see [Planned maintenance for virtual machines in Azure](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-windows-planned-maintenance?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json) <br><br> Currently, a VM can only be added to availability set at creation time. An existing VM cannot be added to an availability set.
+	AvailabilitySet *SubResource `json:"availabilitySet,omitempty"`
+	// ProvisioningState - The provisioning state, which only appears in the response.
+	ProvisioningState *string `json:"provisioningState,omitempty"`
+	// InstanceView - The virtual machine instance view.
+	InstanceView *VirtualMachineInstanceView `json:"instanceView,omitempty"`
+	// LicenseType - Specifies that the image or disk that is being used was licensed on-premises. This element is only used for images that contain the Windows Server operating system. <br><br> Possible values are: <br><br> Windows_Client <br><br> Windows_Server <br><br> If this element is included in a request for an update, the value must match the initial value. This value cannot be updated. <br><br> For more information, see [Azure Hybrid Use Benefit for Windows Server](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-windows-hybrid-use-benefit-licensing?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json) <br><br> Minimum api-version: 2015-06-15
+	LicenseType *string `json:"licenseType,omitempty"`
+	// VMID - Specifies the VM unique ID which is a 128-bits identifier that is encoded and stored in all Azure IaaS VMs SMBIOS and can be read using platform BIOS commands.
+	VMID *string `json:"vmId,omitempty"`
+}
+
+// VirtualMachineScaleSet describes a Virtual Machine Scale Set.
+type VirtualMachineScaleSet struct {
+	autorest.Response `json:"-"`
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Name - Resource name
+	Name *string `json:"name,omitempty"`
+	// Type - Resource type
+	Type *string `json:"type,omitempty"`
+	// Location - Resource location
+	Location *string `json:"location,omitempty"`
+	// Tags - Resource tags
+	Tags *map[string]*string `json:"tags,omitempty"`
+	// Sku - The virtual machine scale set sku.
+	Sku *Sku `json:"sku,omitempty"`
+	// Plan - Specifies information about the marketplace image used to create the virtual machine. This element is only used for marketplace images. Before you can use a marketplace image from an API, you must enable the image for programmatic use.  In the Azure portal, find the marketplace image that you want to use and then click **Want to deploy programmatically, Get Started ->**. Enter any required information and then click **Save**.
+	Plan                              *Plan `json:"plan,omitempty"`
+	*VirtualMachineScaleSetProperties `json:"properties,omitempty"`
+	// Identity - The identity of the virtual machine scale set, if configured.
+	Identity *VirtualMachineScaleSetIdentity `json:"identity,omitempty"`
+	// Zones - The virtual machine scale set zones.
+	Zones *[]string `json:"zones,omitempty"`
+}
+
+// VirtualMachineScaleSetDataDisk describes a virtual machine scale set data disk.
+type VirtualMachineScaleSetDataDisk struct {
+	// Name - The disk name.
+	Name *string `json:"name,omitempty"`
+	// Lun - Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM.
+	Lun *int32 `json:"lun,omitempty"`
+	// Caching - Specifies the caching requirements. <br><br> Possible values are: <br><br> **None** <br><br> **ReadOnly** <br><br> **ReadWrite** <br><br> Default: **None for Standard storage. ReadOnly for Premium storage**. Possible values include: 'CachingTypesNone', 'CachingTypesReadOnly', 'CachingTypesReadWrite'
+	Caching CachingTypes `json:"caching,omitempty"`
+	// WriteAcceleratorEnabled - Specifies whether writeAccelerator should be enabled or disabled on the disk.
+	WriteAcceleratorEnabled *bool `json:"writeAcceleratorEnabled,omitempty"`
+	// CreateOption - The create option. Possible values include: 'DiskCreateOptionTypesFromImage', 'DiskCreateOptionTypesEmpty', 'DiskCreateOptionTypesAttach'
+	CreateOption DiskCreateOptionTypes `json:"createOption,omitempty"`
+	// DiskSizeGB - Specifies the size of an empty data disk in gigabytes. This element can be used to overwrite the name of the disk in a virtual machine image. <br><br> This value cannot be larger than 1023 GB
+	DiskSizeGB *int32 `json:"diskSizeGB,omitempty"`
+	// ManagedDisk - The managed disk parameters.
+	ManagedDisk *VirtualMachineScaleSetManagedDiskParameters `json:"managedDisk,omitempty"`
+}
+
+// VirtualMachineScaleSetExtension describes a Virtual Machine Scale Set Extension.
+type VirtualMachineScaleSetExtension struct {
+	autorest.Response `json:"-"`
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Name - The name of the extension.
+	Name                                       *string `json:"name,omitempty"`
+	*VirtualMachineScaleSetExtensionProperties `json:"properties,omitempty"`
+}
+
+// VirtualMachineScaleSetExtensionListResult the List VM scale set extension operation response.
+type VirtualMachineScaleSetExtensionListResult struct {
+	autorest.Response `json:"-"`
+	// Value - The list of VM scale set extensions.
+	Value *[]VirtualMachineScaleSetExtension `json:"value,omitempty"`
+	// NextLink - The uri to fetch the next page of VM scale set extensions. Call ListNext() with this to fetch the next page of VM scale set extensions.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// VirtualMachineScaleSetExtensionListResultIterator provides access to a complete listing of
+// VirtualMachineScaleSetExtension values.
+type VirtualMachineScaleSetExtensionListResultIterator struct {
+	i    int
+	page VirtualMachineScaleSetExtensionListResultPage
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *VirtualMachineScaleSetExtensionListResultIterator) Next() error {
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err := iter.page.Next()
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter VirtualMachineScaleSetExtensionListResultIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter VirtualMachineScaleSetExtensionListResultIterator) Response() VirtualMachineScaleSetExtensionListResult {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter VirtualMachineScaleSetExtensionListResultIterator) Value() VirtualMachineScaleSetExtension {
+	if !iter.page.NotDone() {
+		return VirtualMachineScaleSetExtension{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (vmsselr VirtualMachineScaleSetExtensionListResult) IsEmpty() bool {
+	return vmsselr.Value == nil || len(*vmsselr.Value) == 0
+}
+
+// virtualMachineScaleSetExtensionListResultPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (vmsselr VirtualMachineScaleSetExtensionListResult) virtualMachineScaleSetExtensionListResultPreparer() (*http.Request, error) {
+	if vmsselr.NextLink == nil || len(to.String(vmsselr.NextLink)) < 1 {
+		return nil, nil
+	}
+	return autorest.Prepare(&http.Request{},
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(vmsselr.NextLink)))
+}
+
+// VirtualMachineScaleSetExtensionListResultPage contains a page of VirtualMachineScaleSetExtension values.
+type VirtualMachineScaleSetExtensionListResultPage struct {
+	fn      func(VirtualMachineScaleSetExtensionListResult) (VirtualMachineScaleSetExtensionListResult, error)
+	vmsselr VirtualMachineScaleSetExtensionListResult
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *VirtualMachineScaleSetExtensionListResultPage) Next() error {
+	next, err := page.fn(page.vmsselr)
+	if err != nil {
+		return err
+	}
+	page.vmsselr = next
+	return nil
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page VirtualMachineScaleSetExtensionListResultPage) NotDone() bool {
+	return !page.vmsselr.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page VirtualMachineScaleSetExtensionListResultPage) Response() VirtualMachineScaleSetExtensionListResult {
+	return page.vmsselr
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page VirtualMachineScaleSetExtensionListResultPage) Values() []VirtualMachineScaleSetExtension {
+	if page.vmsselr.IsEmpty() {
+		return nil
+	}
+	return *page.vmsselr.Value
+}
+
+// VirtualMachineScaleSetExtensionProfile describes a virtual machine scale set extension profile.
+type VirtualMachineScaleSetExtensionProfile struct {
+	// Extensions - The virtual machine scale set child extension resources.
+	Extensions *[]VirtualMachineScaleSetExtension `json:"extensions,omitempty"`
+}
+
+// VirtualMachineScaleSetExtensionProperties describes the properties of a Virtual Machine Scale Set Extension.
+type VirtualMachineScaleSetExtensionProperties struct {
+	// ForceUpdateTag - If a value is provided and is different from the previous value, the extension handler will be forced to update even if the extension configuration has not changed.
+	ForceUpdateTag *string `json:"forceUpdateTag,omitempty"`
+	// Publisher - The name of the extension handler publisher.
+	Publisher *string `json:"publisher,omitempty"`
+	// Type - Specifies the type of the extension; an example is "CustomScriptExtension".
+	Type *string `json:"type,omitempty"`
+	// TypeHandlerVersion - Specifies the version of the script handler.
+	TypeHandlerVersion *string `json:"typeHandlerVersion,omitempty"`
+	// AutoUpgradeMinorVersion - Indicates whether the extension should use a newer minor version if one is available at deployment time. Once deployed, however, the extension will not upgrade minor versions unless redeployed, even with this property set to true.
+	AutoUpgradeMinorVersion *bool `json:"autoUpgradeMinorVersion,omitempty"`
+	// Settings - Json formatted public settings for the extension.
+	Settings *map[string]interface{} `json:"settings,omitempty"`
+	// ProtectedSettings - The extension can contain either protectedSettings or protectedSettingsFromKeyVault or no protected settings at all.
+	ProtectedSettings *map[string]interface{} `json:"protectedSettings,omitempty"`
+	// ProvisioningState - The provisioning state, which only appears in the response.
+	ProvisioningState *string `json:"provisioningState,omitempty"`
+}
+
+// VirtualMachineScaleSetExtensionsCreateOrUpdateFuture an abstraction for monitoring and retrieving the results of a
+// long-running operation.
+type VirtualMachineScaleSetExtensionsCreateOrUpdateFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetExtensionsCreateOrUpdateFuture) Result(client VirtualMachineScaleSetExtensionsClient) (vmsse VirtualMachineScaleSetExtension, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return vmsse, autorest.NewError("compute.VirtualMachineScaleSetExtensionsCreateOrUpdateFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		vmsse, err = client.CreateOrUpdateResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	vmsse, err = client.CreateOrUpdateResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetExtensionsDeleteFuture an abstraction for monitoring and retrieving the results of a
+// long-running operation.
+type VirtualMachineScaleSetExtensionsDeleteFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetExtensionsDeleteFuture) Result(client VirtualMachineScaleSetExtensionsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineScaleSetExtensionsDeleteFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.DeleteResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.DeleteResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetIdentity identity for the virtual machine scale set.
+type VirtualMachineScaleSetIdentity struct {
+	// PrincipalID - The principal id of virtual machine scale set identity. This property will only be provided for a system assigned identity.
+	PrincipalID *string `json:"principalId,omitempty"`
+	// TenantID - The tenant id associated with the virtual machine scale set. This property will only be provided for a system assigned identity.
+	TenantID *string `json:"tenantId,omitempty"`
+	// Type - The type of identity used for the virtual machine scale set. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine scale set. Possible values include: 'ResourceIdentityTypeSystemAssigned', 'ResourceIdentityTypeUserAssigned', 'ResourceIdentityTypeSystemAssignedUserAssigned', 'ResourceIdentityTypeNone'
+	Type ResourceIdentityType `json:"type,omitempty"`
+	// IdentityIds - The list of user identities associated with the virtual machine scale set. The user identity references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/identities/{identityName}'.
+	IdentityIds *[]string `json:"identityIds,omitempty"`
+}
+
+// VirtualMachineScaleSetInstanceView the instance view of a virtual machine scale set.
+type VirtualMachineScaleSetInstanceView struct {
+	autorest.Response `json:"-"`
+	// VirtualMachine - The instance view status summary for the virtual machine scale set.
+	VirtualMachine *VirtualMachineScaleSetInstanceViewStatusesSummary `json:"virtualMachine,omitempty"`
+	// Extensions - The extensions information.
+	Extensions *[]VirtualMachineScaleSetVMExtensionsSummary `json:"extensions,omitempty"`
+	// Statuses - The resource status information.
+	Statuses *[]InstanceViewStatus `json:"statuses,omitempty"`
+}
+
+// VirtualMachineScaleSetInstanceViewStatusesSummary instance view statuses summary for virtual machines of a virtual
+// machine scale set.
+type VirtualMachineScaleSetInstanceViewStatusesSummary struct {
+	// StatusesSummary - The extensions information.
+	StatusesSummary *[]VirtualMachineStatusCodeCount `json:"statusesSummary,omitempty"`
+}
+
+// VirtualMachineScaleSetIPConfiguration describes a virtual machine scale set network profile's IP configuration.
+type VirtualMachineScaleSetIPConfiguration struct {
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Name - The IP configuration name.
+	Name                                             *string `json:"name,omitempty"`
+	*VirtualMachineScaleSetIPConfigurationProperties `json:"properties,omitempty"`
+}
+
+// VirtualMachineScaleSetIPConfigurationProperties describes a virtual machine scale set network profile's IP
+// configuration properties.
+type VirtualMachineScaleSetIPConfigurationProperties struct {
+	// Subnet - Specifies the identifier of the subnet.
+	Subnet *APIEntityReference `json:"subnet,omitempty"`
+	// Primary - Specifies the primary network interface in case the virtual machine has more than 1 network interface.
+	Primary *bool `json:"primary,omitempty"`
+	// PublicIPAddressConfiguration - The publicIPAddressConfiguration.
+	PublicIPAddressConfiguration *VirtualMachineScaleSetPublicIPAddressConfiguration `json:"publicIPAddressConfiguration,omitempty"`
+	// PrivateIPAddressVersion - Available from Api-Version 2017-03-30 onwards, it represents whether the specific ipconfiguration is IPv4 or IPv6. Default is taken as IPv4.  Possible values are: 'IPv4' and 'IPv6'. Possible values include: 'IPv4', 'IPv6'
+	PrivateIPAddressVersion IPVersion `json:"privateIPAddressVersion,omitempty"`
+	// ApplicationGatewayBackendAddressPools - Specifies an array of references to backend address pools of application gateways. A scale set can reference backend address pools of multiple application gateways. Multiple scale sets cannot use the same application gateway.
+	ApplicationGatewayBackendAddressPools *[]SubResource `json:"applicationGatewayBackendAddressPools,omitempty"`
+	// LoadBalancerBackendAddressPools - Specifies an array of references to backend address pools of load balancers. A scale set can reference backend address pools of one public and one internal load balancer. Multiple scale sets cannot use the same load balancer.
+	LoadBalancerBackendAddressPools *[]SubResource `json:"loadBalancerBackendAddressPools,omitempty"`
+	// LoadBalancerInboundNatPools - Specifies an array of references to inbound Nat pools of the load balancers. A scale set can reference inbound nat pools of one public and one internal load balancer. Multiple scale sets cannot use the same load balancer
+	LoadBalancerInboundNatPools *[]SubResource `json:"loadBalancerInboundNatPools,omitempty"`
+}
+
+// VirtualMachineScaleSetListResult the List Virtual Machine operation response.
+type VirtualMachineScaleSetListResult struct {
+	autorest.Response `json:"-"`
+	// Value - The list of virtual machine scale sets.
+	Value *[]VirtualMachineScaleSet `json:"value,omitempty"`
+	// NextLink - The uri to fetch the next page of Virtual Machine Scale Sets. Call ListNext() with this to fetch the next page of VMSS.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// VirtualMachineScaleSetListResultIterator provides access to a complete listing of VirtualMachineScaleSet values.
+type VirtualMachineScaleSetListResultIterator struct {
+	i    int
+	page VirtualMachineScaleSetListResultPage
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *VirtualMachineScaleSetListResultIterator) Next() error {
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err := iter.page.Next()
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter VirtualMachineScaleSetListResultIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter VirtualMachineScaleSetListResultIterator) Response() VirtualMachineScaleSetListResult {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter VirtualMachineScaleSetListResultIterator) Value() VirtualMachineScaleSet {
+	if !iter.page.NotDone() {
+		return VirtualMachineScaleSet{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (vmsslr VirtualMachineScaleSetListResult) IsEmpty() bool {
+	return vmsslr.Value == nil || len(*vmsslr.Value) == 0
+}
+
+// virtualMachineScaleSetListResultPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (vmsslr VirtualMachineScaleSetListResult) virtualMachineScaleSetListResultPreparer() (*http.Request, error) {
+	if vmsslr.NextLink == nil || len(to.String(vmsslr.NextLink)) < 1 {
+		return nil, nil
+	}
+	return autorest.Prepare(&http.Request{},
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(vmsslr.NextLink)))
+}
+
+// VirtualMachineScaleSetListResultPage contains a page of VirtualMachineScaleSet values.
+type VirtualMachineScaleSetListResultPage struct {
+	fn     func(VirtualMachineScaleSetListResult) (VirtualMachineScaleSetListResult, error)
+	vmsslr VirtualMachineScaleSetListResult
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *VirtualMachineScaleSetListResultPage) Next() error {
+	next, err := page.fn(page.vmsslr)
+	if err != nil {
+		return err
+	}
+	page.vmsslr = next
+	return nil
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page VirtualMachineScaleSetListResultPage) NotDone() bool {
+	return !page.vmsslr.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page VirtualMachineScaleSetListResultPage) Response() VirtualMachineScaleSetListResult {
+	return page.vmsslr
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page VirtualMachineScaleSetListResultPage) Values() []VirtualMachineScaleSet {
+	if page.vmsslr.IsEmpty() {
+		return nil
+	}
+	return *page.vmsslr.Value
+}
+
+// VirtualMachineScaleSetListSkusResult the Virtual Machine Scale Set List Skus operation response.
+type VirtualMachineScaleSetListSkusResult struct {
+	autorest.Response `json:"-"`
+	// Value - The list of skus available for the virtual machine scale set.
+	Value *[]VirtualMachineScaleSetSku `json:"value,omitempty"`
+	// NextLink - The uri to fetch the next page of Virtual Machine Scale Set Skus. Call ListNext() with this to fetch the next page of VMSS Skus.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// VirtualMachineScaleSetListSkusResultIterator provides access to a complete listing of VirtualMachineScaleSetSku
+// values.
+type VirtualMachineScaleSetListSkusResultIterator struct {
+	i    int
+	page VirtualMachineScaleSetListSkusResultPage
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *VirtualMachineScaleSetListSkusResultIterator) Next() error {
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err := iter.page.Next()
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter VirtualMachineScaleSetListSkusResultIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter VirtualMachineScaleSetListSkusResultIterator) Response() VirtualMachineScaleSetListSkusResult {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter VirtualMachineScaleSetListSkusResultIterator) Value() VirtualMachineScaleSetSku {
+	if !iter.page.NotDone() {
+		return VirtualMachineScaleSetSku{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (vmsslsr VirtualMachineScaleSetListSkusResult) IsEmpty() bool {
+	return vmsslsr.Value == nil || len(*vmsslsr.Value) == 0
+}
+
+// virtualMachineScaleSetListSkusResultPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (vmsslsr VirtualMachineScaleSetListSkusResult) virtualMachineScaleSetListSkusResultPreparer() (*http.Request, error) {
+	if vmsslsr.NextLink == nil || len(to.String(vmsslsr.NextLink)) < 1 {
+		return nil, nil
+	}
+	return autorest.Prepare(&http.Request{},
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(vmsslsr.NextLink)))
+}
+
+// VirtualMachineScaleSetListSkusResultPage contains a page of VirtualMachineScaleSetSku values.
+type VirtualMachineScaleSetListSkusResultPage struct {
+	fn      func(VirtualMachineScaleSetListSkusResult) (VirtualMachineScaleSetListSkusResult, error)
+	vmsslsr VirtualMachineScaleSetListSkusResult
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *VirtualMachineScaleSetListSkusResultPage) Next() error {
+	next, err := page.fn(page.vmsslsr)
+	if err != nil {
+		return err
+	}
+	page.vmsslsr = next
+	return nil
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page VirtualMachineScaleSetListSkusResultPage) NotDone() bool {
+	return !page.vmsslsr.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page VirtualMachineScaleSetListSkusResultPage) Response() VirtualMachineScaleSetListSkusResult {
+	return page.vmsslsr
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page VirtualMachineScaleSetListSkusResultPage) Values() []VirtualMachineScaleSetSku {
+	if page.vmsslsr.IsEmpty() {
+		return nil
+	}
+	return *page.vmsslsr.Value
+}
+
+// VirtualMachineScaleSetListWithLinkResult the List Virtual Machine operation response.
+type VirtualMachineScaleSetListWithLinkResult struct {
+	autorest.Response `json:"-"`
+	// Value - The list of virtual machine scale sets.
+	Value *[]VirtualMachineScaleSet `json:"value,omitempty"`
+	// NextLink - The uri to fetch the next page of Virtual Machine Scale Sets. Call ListNext() with this to fetch the next page of Virtual Machine Scale Sets.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// VirtualMachineScaleSetListWithLinkResultIterator provides access to a complete listing of VirtualMachineScaleSet
+// values.
+type VirtualMachineScaleSetListWithLinkResultIterator struct {
+	i    int
+	page VirtualMachineScaleSetListWithLinkResultPage
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *VirtualMachineScaleSetListWithLinkResultIterator) Next() error {
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err := iter.page.Next()
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter VirtualMachineScaleSetListWithLinkResultIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter VirtualMachineScaleSetListWithLinkResultIterator) Response() VirtualMachineScaleSetListWithLinkResult {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter VirtualMachineScaleSetListWithLinkResultIterator) Value() VirtualMachineScaleSet {
+	if !iter.page.NotDone() {
+		return VirtualMachineScaleSet{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (vmsslwlr VirtualMachineScaleSetListWithLinkResult) IsEmpty() bool {
+	return vmsslwlr.Value == nil || len(*vmsslwlr.Value) == 0
+}
+
+// virtualMachineScaleSetListWithLinkResultPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (vmsslwlr VirtualMachineScaleSetListWithLinkResult) virtualMachineScaleSetListWithLinkResultPreparer() (*http.Request, error) {
+	if vmsslwlr.NextLink == nil || len(to.String(vmsslwlr.NextLink)) < 1 {
+		return nil, nil
+	}
+	return autorest.Prepare(&http.Request{},
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(vmsslwlr.NextLink)))
+}
+
+// VirtualMachineScaleSetListWithLinkResultPage contains a page of VirtualMachineScaleSet values.
+type VirtualMachineScaleSetListWithLinkResultPage struct {
+	fn       func(VirtualMachineScaleSetListWithLinkResult) (VirtualMachineScaleSetListWithLinkResult, error)
+	vmsslwlr VirtualMachineScaleSetListWithLinkResult
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *VirtualMachineScaleSetListWithLinkResultPage) Next() error {
+	next, err := page.fn(page.vmsslwlr)
+	if err != nil {
+		return err
+	}
+	page.vmsslwlr = next
+	return nil
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page VirtualMachineScaleSetListWithLinkResultPage) NotDone() bool {
+	return !page.vmsslwlr.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page VirtualMachineScaleSetListWithLinkResultPage) Response() VirtualMachineScaleSetListWithLinkResult {
+	return page.vmsslwlr
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page VirtualMachineScaleSetListWithLinkResultPage) Values() []VirtualMachineScaleSet {
+	if page.vmsslwlr.IsEmpty() {
+		return nil
+	}
+	return *page.vmsslwlr.Value
+}
+
+// VirtualMachineScaleSetManagedDiskParameters describes the parameters of a ScaleSet managed disk.
+type VirtualMachineScaleSetManagedDiskParameters struct {
+	// StorageAccountType - Specifies the storage account type for the managed disk. Possible values are: Standard_LRS or Premium_LRS. Possible values include: 'StandardLRS', 'PremiumLRS'
+	StorageAccountType StorageAccountTypes `json:"storageAccountType,omitempty"`
+}
+
+// VirtualMachineScaleSetNetworkConfiguration describes a virtual machine scale set network profile's network
+// configurations.
+type VirtualMachineScaleSetNetworkConfiguration struct {
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Name - The network configuration name.
+	Name                                                  *string `json:"name,omitempty"`
+	*VirtualMachineScaleSetNetworkConfigurationProperties `json:"properties,omitempty"`
+}
+
+// VirtualMachineScaleSetNetworkConfigurationDNSSettings describes a virtual machines scale sets network
+// configuration's DNS settings.
+type VirtualMachineScaleSetNetworkConfigurationDNSSettings struct {
+	// DNSServers - List of DNS servers IP addresses
+	DNSServers *[]string `json:"dnsServers,omitempty"`
+}
+
+// VirtualMachineScaleSetNetworkConfigurationProperties describes a virtual machine scale set network profile's IP
+// configuration.
+type VirtualMachineScaleSetNetworkConfigurationProperties struct {
+	// Primary - Specifies the primary network interface in case the virtual machine has more than 1 network interface.
+	Primary *bool `json:"primary,omitempty"`
+	// EnableAcceleratedNetworking - Specifies whether the network interface is accelerated networking-enabled.
+	EnableAcceleratedNetworking *bool `json:"enableAcceleratedNetworking,omitempty"`
+	// NetworkSecurityGroup - The network security group.
+	NetworkSecurityGroup *SubResource `json:"networkSecurityGroup,omitempty"`
+	// DNSSettings - The dns settings to be applied on the network interfaces.
+	DNSSettings *VirtualMachineScaleSetNetworkConfigurationDNSSettings `json:"dnsSettings,omitempty"`
+	// IPConfigurations - Specifies the IP configurations of the network interface.
+	IPConfigurations *[]VirtualMachineScaleSetIPConfiguration `json:"ipConfigurations,omitempty"`
+	// EnableIPForwarding - Whether IP forwarding enabled on this NIC.
+	EnableIPForwarding *bool `json:"enableIPForwarding,omitempty"`
+}
+
+// VirtualMachineScaleSetNetworkProfile describes a virtual machine scale set network profile.
+type VirtualMachineScaleSetNetworkProfile struct {
+	// HealthProbe - A reference to a load balancer probe used to determine the health of an instance in the virtual machine scale set. The reference will be in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/loadBalancers/{loadBalancerName}/probes/{probeName}'.
+	HealthProbe *APIEntityReference `json:"healthProbe,omitempty"`
+	// NetworkInterfaceConfigurations - The list of network configurations.
+	NetworkInterfaceConfigurations *[]VirtualMachineScaleSetNetworkConfiguration `json:"networkInterfaceConfigurations,omitempty"`
+}
+
+// VirtualMachineScaleSetOSDisk describes a virtual machine scale set operating system disk.
+type VirtualMachineScaleSetOSDisk struct {
+	// Name - The disk name.
+	Name *string `json:"name,omitempty"`
+	// Caching - Specifies the caching requirements. <br><br> Possible values are: <br><br> **None** <br><br> **ReadOnly** <br><br> **ReadWrite** <br><br> Default: **None for Standard storage. ReadOnly for Premium storage**. Possible values include: 'CachingTypesNone', 'CachingTypesReadOnly', 'CachingTypesReadWrite'
+	Caching CachingTypes `json:"caching,omitempty"`
+	// WriteAcceleratorEnabled - Specifies whether writeAccelerator should be enabled or disabled on the disk.
+	WriteAcceleratorEnabled *bool `json:"writeAcceleratorEnabled,omitempty"`
+	// CreateOption - Specifies how the virtual machines in the scale set should be created.<br><br> The only allowed value is: **FromImage** \u2013 This value is used when you are using an image to create the virtual machine. If you are using a platform image, you also use the imageReference element described above. If you are using a marketplace image, you  also use the plan element previously described. Possible values include: 'DiskCreateOptionTypesFromImage', 'DiskCreateOptionTypesEmpty', 'DiskCreateOptionTypesAttach'
+	CreateOption DiskCreateOptionTypes `json:"createOption,omitempty"`
+	// OsType - This property allows you to specify the type of the OS that is included in the disk if creating a VM from user-image or a specialized VHD. <br><br> Possible values are: <br><br> **Windows** <br><br> **Linux**. Possible values include: 'Windows', 'Linux'
+	OsType OperatingSystemTypes `json:"osType,omitempty"`
+	// Image - Specifies information about the unmanaged user image to base the scale set on.
+	Image *VirtualHardDisk `json:"image,omitempty"`
+	// VhdContainers - Specifies the container urls that are used to store operating system disks for the scale set.
+	VhdContainers *[]string `json:"vhdContainers,omitempty"`
+	// ManagedDisk - The managed disk parameters.
+	ManagedDisk *VirtualMachineScaleSetManagedDiskParameters `json:"managedDisk,omitempty"`
+}
+
+// VirtualMachineScaleSetOSProfile describes a virtual machine scale set OS profile.
+type VirtualMachineScaleSetOSProfile struct {
+	// ComputerNamePrefix - Specifies the computer name prefix for all of the virtual machines in the scale set. Computer name prefixes must be 1 to 15 characters long.
+	ComputerNamePrefix *string `json:"computerNamePrefix,omitempty"`
+	// AdminUsername - Specifies the name of the administrator account. <br><br> **Windows-only restriction:** Cannot end in "." <br><br> **Disallowed values:** "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5". <br><br> **Minimum-length (Linux):** 1  character <br><br> **Max-length (Linux):** 64 characters <br><br> **Max-length (Windows):** 20 characters  <br><br><li> For root access to the Linux VM, see [Using root privileges on Linux virtual machines in Azure](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-linux-use-root-privileges?toc=%2fazure%2fvirtual-machines%2flinux%2ftoc.json)<br><li> For a list of built-in system users on Linux that should not be used in this field, see [Selecting User Names for Linux on Azure](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-linux-usernames?toc=%2fazure%2fvirtual-machines%2flinux%2ftoc.json)
+	AdminUsername *string `json:"adminUsername,omitempty"`
+	// AdminPassword - Specifies the password of the administrator account. <br><br> **Minimum-length (Windows):** 8 characters <br><br> **Minimum-length (Linux):** 6 characters <br><br> **Max-length (Windows):** 123 characters <br><br> **Max-length (Linux):** 72 characters <br><br> **Complexity requirements:** 3 out of 4 conditions below need to be fulfilled <br> Has lower characters <br>Has upper characters <br> Has a digit <br> Has a special character (Regex match [\W_]) <br><br> **Disallowed values:** "abc@123", "P@$$w0rd", "P@ssw0rd", "P@ssword123", "Pa$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!" <br><br> For resetting the password, see [How to reset the Remote Desktop service or its login password in a Windows VM](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-windows-reset-rdp?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json) <br><br> For resetting root password, see [Manage users, SSH, and check or repair disks on Azure Linux VMs using the VMAccess Extension](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-linux-using-vmaccess-extension?toc=%2fazure%2fvirtual-machines%2flinux%2ftoc.json#reset-root-password)
+	AdminPassword *string `json:"adminPassword,omitempty"`
+	// CustomData - Specifies a base-64 encoded string of custom data. The base-64 encoded string is decoded to a binary array that is saved as a file on the Virtual Machine. The maximum length of the binary array is 65535 bytes. <br><br> For using cloud-init for your VM, see [Using cloud-init to customize a Linux VM during creation](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-linux-using-cloud-init?toc=%2fazure%2fvirtual-machines%2flinux%2ftoc.json)
+	CustomData *string `json:"customData,omitempty"`
+	// WindowsConfiguration - Specifies Windows operating system settings on the virtual machine.
+	WindowsConfiguration *WindowsConfiguration `json:"windowsConfiguration,omitempty"`
+	// LinuxConfiguration - Specifies the Linux operating system settings on the virtual machine. <br><br>For a list of supported Linux distributions, see [Linux on Azure-Endorsed Distributions](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-linux-endorsed-distros?toc=%2fazure%2fvirtual-machines%2flinux%2ftoc.json) <br><br> For running non-endorsed distributions, see [Information for Non-Endorsed Distributions](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-linux-create-upload-generic?toc=%2fazure%2fvirtual-machines%2flinux%2ftoc.json).
+	LinuxConfiguration *LinuxConfiguration `json:"linuxConfiguration,omitempty"`
+	// Secrets - Specifies set of certificates that should be installed onto the virtual machines in the scale set.
+	Secrets *[]VaultSecretGroup `json:"secrets,omitempty"`
+}
+
+// VirtualMachineScaleSetProperties describes the properties of a Virtual Machine Scale Set.
+type VirtualMachineScaleSetProperties struct {
+	// UpgradePolicy - The upgrade policy.
+	UpgradePolicy *UpgradePolicy `json:"upgradePolicy,omitempty"`
+	// VirtualMachineProfile - The virtual machine profile.
+	VirtualMachineProfile *VirtualMachineScaleSetVMProfile `json:"virtualMachineProfile,omitempty"`
+	// ProvisioningState - The provisioning state, which only appears in the response.
+	ProvisioningState *string `json:"provisioningState,omitempty"`
+	// Overprovision - Specifies whether the Virtual Machine Scale Set should be overprovisioned.
+	Overprovision *bool `json:"overprovision,omitempty"`
+	// UniqueID - Specifies the ID which uniquely identifies a Virtual Machine Scale Set.
+	UniqueID *string `json:"uniqueId,omitempty"`
+	// SinglePlacementGroup - When true this limits the scale set to a single placement group, of max size 100 virtual machines.
+	SinglePlacementGroup *bool `json:"singlePlacementGroup,omitempty"`
+}
+
+// VirtualMachineScaleSetPublicIPAddressConfiguration describes a virtual machines scale set IP Configuration's
+// PublicIPAddress configuration
+type VirtualMachineScaleSetPublicIPAddressConfiguration struct {
+	// Name - The publicIP address configuration name.
+	Name                                                          *string `json:"name,omitempty"`
+	*VirtualMachineScaleSetPublicIPAddressConfigurationProperties `json:"properties,omitempty"`
+}
+
+// VirtualMachineScaleSetPublicIPAddressConfigurationDNSSettings describes a virtual machines scale sets network
+// configuration's DNS settings.
+type VirtualMachineScaleSetPublicIPAddressConfigurationDNSSettings struct {
+	// DomainNameLabel - The Domain name label.The concatenation of the domain name label and vm index will be the domain name labels of the PublicIPAddress resources that will be created
+	DomainNameLabel *string `json:"domainNameLabel,omitempty"`
+}
+
+// VirtualMachineScaleSetPublicIPAddressConfigurationProperties describes a virtual machines scale set IP
+// Configuration's PublicIPAddress configuration
+type VirtualMachineScaleSetPublicIPAddressConfigurationProperties struct {
+	// IdleTimeoutInMinutes - The idle timeout of the public IP address.
+	IdleTimeoutInMinutes *int32 `json:"idleTimeoutInMinutes,omitempty"`
+	// DNSSettings - The dns settings to be applied on the publicIP addresses .
+	DNSSettings *VirtualMachineScaleSetPublicIPAddressConfigurationDNSSettings `json:"dnsSettings,omitempty"`
+}
+
+// VirtualMachineScaleSetRollingUpgradesCancelFuture an abstraction for monitoring and retrieving the results of a
+// long-running operation.
+type VirtualMachineScaleSetRollingUpgradesCancelFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetRollingUpgradesCancelFuture) Result(client VirtualMachineScaleSetRollingUpgradesClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineScaleSetRollingUpgradesCancelFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.CancelResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.CancelResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetRollingUpgradesStartOSUpgradeFuture an abstraction for monitoring and retrieving the results
+// of a long-running operation.
+type VirtualMachineScaleSetRollingUpgradesStartOSUpgradeFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetRollingUpgradesStartOSUpgradeFuture) Result(client VirtualMachineScaleSetRollingUpgradesClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineScaleSetRollingUpgradesStartOSUpgradeFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.StartOSUpgradeResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.StartOSUpgradeResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetsCreateOrUpdateFuture an abstraction for monitoring and retrieving the results of a
+// long-running operation.
+type VirtualMachineScaleSetsCreateOrUpdateFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetsCreateOrUpdateFuture) Result(client VirtualMachineScaleSetsClient) (vmss VirtualMachineScaleSet, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return vmss, autorest.NewError("compute.VirtualMachineScaleSetsCreateOrUpdateFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		vmss, err = client.CreateOrUpdateResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	vmss, err = client.CreateOrUpdateResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetsDeallocateFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachineScaleSetsDeallocateFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetsDeallocateFuture) Result(client VirtualMachineScaleSetsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineScaleSetsDeallocateFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.DeallocateResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.DeallocateResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetsDeleteFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachineScaleSetsDeleteFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetsDeleteFuture) Result(client VirtualMachineScaleSetsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineScaleSetsDeleteFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.DeleteResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.DeleteResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetsDeleteInstancesFuture an abstraction for monitoring and retrieving the results of a
+// long-running operation.
+type VirtualMachineScaleSetsDeleteInstancesFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetsDeleteInstancesFuture) Result(client VirtualMachineScaleSetsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineScaleSetsDeleteInstancesFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.DeleteInstancesResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.DeleteInstancesResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetSku describes an available virtual machine scale set sku.
+type VirtualMachineScaleSetSku struct {
+	// ResourceType - The type of resource the sku applies to.
+	ResourceType *string `json:"resourceType,omitempty"`
+	// Sku - The Sku.
+	Sku *Sku `json:"sku,omitempty"`
+	// Capacity - Specifies the number of virtual machines in the scale set.
+	Capacity *VirtualMachineScaleSetSkuCapacity `json:"capacity,omitempty"`
+}
+
+// VirtualMachineScaleSetSkuCapacity describes scaling information of a sku.
+type VirtualMachineScaleSetSkuCapacity struct {
+	// Minimum - The minimum capacity.
+	Minimum *int64 `json:"minimum,omitempty"`
+	// Maximum - The maximum capacity that can be set.
+	Maximum *int64 `json:"maximum,omitempty"`
+	// DefaultCapacity - The default capacity.
+	DefaultCapacity *int64 `json:"defaultCapacity,omitempty"`
+	// ScaleType - The scale type applicable to the sku. Possible values include: 'VirtualMachineScaleSetSkuScaleTypeAutomatic', 'VirtualMachineScaleSetSkuScaleTypeNone'
+	ScaleType VirtualMachineScaleSetSkuScaleType `json:"scaleType,omitempty"`
+}
+
+// VirtualMachineScaleSetsPowerOffFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachineScaleSetsPowerOffFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetsPowerOffFuture) Result(client VirtualMachineScaleSetsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineScaleSetsPowerOffFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.PowerOffResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.PowerOffResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetsReimageAllFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachineScaleSetsReimageAllFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetsReimageAllFuture) Result(client VirtualMachineScaleSetsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineScaleSetsReimageAllFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.ReimageAllResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.ReimageAllResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetsReimageFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachineScaleSetsReimageFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetsReimageFuture) Result(client VirtualMachineScaleSetsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineScaleSetsReimageFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.ReimageResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.ReimageResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetsRestartFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachineScaleSetsRestartFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetsRestartFuture) Result(client VirtualMachineScaleSetsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineScaleSetsRestartFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.RestartResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.RestartResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetsStartFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachineScaleSetsStartFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetsStartFuture) Result(client VirtualMachineScaleSetsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineScaleSetsStartFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.StartResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.StartResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetStorageProfile describes a virtual machine scale set storage profile.
+type VirtualMachineScaleSetStorageProfile struct {
+	// ImageReference - Specifies information about the image to use. You can specify information about platform images, marketplace images, or virtual machine images. This element is required when you want to use a platform image, marketplace image, or virtual machine image, but is not used in other creation operations.
+	ImageReference *ImageReference `json:"imageReference,omitempty"`
+	// OsDisk - Specifies information about the operating system disk used by the virtual machines in the scale set. <br><br> For more information about disks, see [About disks and VHDs for Azure virtual machines](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-windows-about-disks-vhds?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json).
+	OsDisk *VirtualMachineScaleSetOSDisk `json:"osDisk,omitempty"`
+	// DataDisks - Specifies the parameters that are used to add data disks to the virtual machines in the scale set. <br><br> For more information about disks, see [About disks and VHDs for Azure virtual machines](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-windows-about-disks-vhds?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json).
+	DataDisks *[]VirtualMachineScaleSetDataDisk `json:"dataDisks,omitempty"`
+}
+
+// VirtualMachineScaleSetsUpdateFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachineScaleSetsUpdateFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetsUpdateFuture) Result(client VirtualMachineScaleSetsClient) (vmss VirtualMachineScaleSet, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return vmss, autorest.NewError("compute.VirtualMachineScaleSetsUpdateFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		vmss, err = client.UpdateResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	vmss, err = client.UpdateResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetsUpdateInstancesFuture an abstraction for monitoring and retrieving the results of a
+// long-running operation.
+type VirtualMachineScaleSetsUpdateInstancesFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetsUpdateInstancesFuture) Result(client VirtualMachineScaleSetsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineScaleSetsUpdateInstancesFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.UpdateInstancesResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.UpdateInstancesResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetUpdate describes a Virtual Machine Scale Set.
+type VirtualMachineScaleSetUpdate struct {
+	// Tags - Resource tags
+	Tags *map[string]*string `json:"tags,omitempty"`
+	// Sku - The virtual machine scale set sku.
+	Sku *Sku `json:"sku,omitempty"`
+	// Plan - The purchase plan when deploying a virtual machine scale set from VM Marketplace images.
+	Plan                                    *Plan `json:"plan,omitempty"`
+	*VirtualMachineScaleSetUpdateProperties `json:"properties,omitempty"`
+	// Identity - The identity of the virtual machine scale set, if configured.
+	Identity *VirtualMachineScaleSetIdentity `json:"identity,omitempty"`
+}
+
+// VirtualMachineScaleSetUpdateIPConfiguration describes a virtual machine scale set network profile's IP
+// configuration.
+type VirtualMachineScaleSetUpdateIPConfiguration struct {
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Name - The IP configuration name.
+	Name                                                   *string `json:"name,omitempty"`
+	*VirtualMachineScaleSetUpdateIPConfigurationProperties `json:"properties,omitempty"`
+}
+
+// VirtualMachineScaleSetUpdateIPConfigurationProperties describes a virtual machine scale set network profile's IP
+// configuration properties.
+type VirtualMachineScaleSetUpdateIPConfigurationProperties struct {
+	// Subnet - The subnet.
+	Subnet *APIEntityReference `json:"subnet,omitempty"`
+	// Primary - Specifies the primary IP Configuration in case the network interface has more than one IP Configuration.
+	Primary *bool `json:"primary,omitempty"`
+	// PublicIPAddressConfiguration - The publicIPAddressConfiguration.
+	PublicIPAddressConfiguration *VirtualMachineScaleSetUpdatePublicIPAddressConfiguration `json:"publicIPAddressConfiguration,omitempty"`
+	// PrivateIPAddressVersion - Available from Api-Version 2017-03-30 onwards, it represents whether the specific ipconfiguration is IPv4 or IPv6. Default is taken as IPv4.  Possible values are: 'IPv4' and 'IPv6'. Possible values include: 'IPv4', 'IPv6'
+	PrivateIPAddressVersion IPVersion `json:"privateIPAddressVersion,omitempty"`
+	// ApplicationGatewayBackendAddressPools - The application gateway backend address pools.
+	ApplicationGatewayBackendAddressPools *[]SubResource `json:"applicationGatewayBackendAddressPools,omitempty"`
+	// LoadBalancerBackendAddressPools - The load balancer backend address pools.
+	LoadBalancerBackendAddressPools *[]SubResource `json:"loadBalancerBackendAddressPools,omitempty"`
+	// LoadBalancerInboundNatPools - The load balancer inbound nat pools.
+	LoadBalancerInboundNatPools *[]SubResource `json:"loadBalancerInboundNatPools,omitempty"`
+}
+
+// VirtualMachineScaleSetUpdateNetworkConfiguration describes a virtual machine scale set network profile's network
+// configurations.
+type VirtualMachineScaleSetUpdateNetworkConfiguration struct {
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Name - The network configuration name.
+	Name                                                        *string `json:"name,omitempty"`
+	*VirtualMachineScaleSetUpdateNetworkConfigurationProperties `json:"properties,omitempty"`
+}
+
+// VirtualMachineScaleSetUpdateNetworkConfigurationProperties describes a virtual machine scale set updatable network
+// profile's IP configuration.Use this object for updating network profile's IP Configuration.
+type VirtualMachineScaleSetUpdateNetworkConfigurationProperties struct {
+	// Primary - Whether this is a primary NIC on a virtual machine.
+	Primary *bool `json:"primary,omitempty"`
+	// EnableAcceleratedNetworking - Specifies whether the network interface is accelerated networking-enabled.
+	EnableAcceleratedNetworking *bool `json:"enableAcceleratedNetworking,omitempty"`
+	// NetworkSecurityGroup - The network security group.
+	NetworkSecurityGroup *SubResource `json:"networkSecurityGroup,omitempty"`
+	// DNSSettings - The dns settings to be applied on the network interfaces.
+	DNSSettings *VirtualMachineScaleSetNetworkConfigurationDNSSettings `json:"dnsSettings,omitempty"`
+	// IPConfigurations - The virtual machine scale set IP Configuration.
+	IPConfigurations *[]VirtualMachineScaleSetUpdateIPConfiguration `json:"ipConfigurations,omitempty"`
+	// EnableIPForwarding - Whether IP forwarding enabled on this NIC.
+	EnableIPForwarding *bool `json:"enableIPForwarding,omitempty"`
+}
+
+// VirtualMachineScaleSetUpdateNetworkProfile describes a virtual machine scale set network profile.
+type VirtualMachineScaleSetUpdateNetworkProfile struct {
+	// NetworkInterfaceConfigurations - The list of network configurations.
+	NetworkInterfaceConfigurations *[]VirtualMachineScaleSetUpdateNetworkConfiguration `json:"networkInterfaceConfigurations,omitempty"`
+}
+
+// VirtualMachineScaleSetUpdateOSDisk describes virtual machine scale set operating system disk Update Object. This
+// should be used for Updating VMSS OS Disk.
+type VirtualMachineScaleSetUpdateOSDisk struct {
+	// Caching - The caching type. Possible values include: 'CachingTypesNone', 'CachingTypesReadOnly', 'CachingTypesReadWrite'
+	Caching CachingTypes `json:"caching,omitempty"`
+	// WriteAcceleratorEnabled - Specifies whether writeAccelerator should be enabled or disabled on the disk.
+	WriteAcceleratorEnabled *bool `json:"writeAcceleratorEnabled,omitempty"`
+	// Image - The Source User Image VirtualHardDisk. This VirtualHardDisk will be copied before using it to attach to the Virtual Machine. If SourceImage is provided, the destination VirtualHardDisk should not exist.
+	Image *VirtualHardDisk `json:"image,omitempty"`
+	// VhdContainers - The list of virtual hard disk container uris.
+	VhdContainers *[]string `json:"vhdContainers,omitempty"`
+	// ManagedDisk - The managed disk parameters.
+	ManagedDisk *VirtualMachineScaleSetManagedDiskParameters `json:"managedDisk,omitempty"`
+}
+
+// VirtualMachineScaleSetUpdateOSProfile describes a virtual machine scale set OS profile.
+type VirtualMachineScaleSetUpdateOSProfile struct {
+	// CustomData - A base-64 encoded string of custom data.
+	CustomData *string `json:"customData,omitempty"`
+	// WindowsConfiguration - The Windows Configuration of the OS profile.
+	WindowsConfiguration *WindowsConfiguration `json:"windowsConfiguration,omitempty"`
+	// LinuxConfiguration - The Linux Configuration of the OS profile.
+	LinuxConfiguration *LinuxConfiguration `json:"linuxConfiguration,omitempty"`
+	// Secrets - The List of certificates for addition to the VM.
+	Secrets *[]VaultSecretGroup `json:"secrets,omitempty"`
+}
+
+// VirtualMachineScaleSetUpdateProperties describes the properties of a Virtual Machine Scale Set.
+type VirtualMachineScaleSetUpdateProperties struct {
+	// UpgradePolicy - The upgrade policy.
+	UpgradePolicy *UpgradePolicy `json:"upgradePolicy,omitempty"`
+	// VirtualMachineProfile - The virtual machine profile.
+	VirtualMachineProfile *VirtualMachineScaleSetUpdateVMProfile `json:"virtualMachineProfile,omitempty"`
+	// Overprovision - Specifies whether the Virtual Machine Scale Set should be overprovisioned.
+	Overprovision *bool `json:"overprovision,omitempty"`
+	// SinglePlacementGroup - When true this limits the scale set to a single placement group, of max size 100 virtual machines.
+	SinglePlacementGroup *bool `json:"singlePlacementGroup,omitempty"`
+}
+
+// VirtualMachineScaleSetUpdatePublicIPAddressConfiguration describes a virtual machines scale set IP Configuration's
+// PublicIPAddress configuration
+type VirtualMachineScaleSetUpdatePublicIPAddressConfiguration struct {
+	// Name - The publicIP address configuration name.
+	Name                                                                *string `json:"name,omitempty"`
+	*VirtualMachineScaleSetUpdatePublicIPAddressConfigurationProperties `json:"properties,omitempty"`
+}
+
+// VirtualMachineScaleSetUpdatePublicIPAddressConfigurationProperties describes a virtual machines scale set IP
+// Configuration's PublicIPAddress configuration
+type VirtualMachineScaleSetUpdatePublicIPAddressConfigurationProperties struct {
+	// IdleTimeoutInMinutes - The idle timeout of the public IP address.
+	IdleTimeoutInMinutes *int32 `json:"idleTimeoutInMinutes,omitempty"`
+	// DNSSettings - The dns settings to be applied on the publicIP addresses .
+	DNSSettings *VirtualMachineScaleSetPublicIPAddressConfigurationDNSSettings `json:"dnsSettings,omitempty"`
+}
+
+// VirtualMachineScaleSetUpdateStorageProfile describes a virtual machine scale set storage profile.
+type VirtualMachineScaleSetUpdateStorageProfile struct {
+	// ImageReference - The image reference.
+	ImageReference *ImageReference `json:"imageReference,omitempty"`
+	// OsDisk - The OS disk.
+	OsDisk *VirtualMachineScaleSetUpdateOSDisk `json:"osDisk,omitempty"`
+	// DataDisks - The data disks.
+	DataDisks *[]VirtualMachineScaleSetDataDisk `json:"dataDisks,omitempty"`
+}
+
+// VirtualMachineScaleSetUpdateVMProfile describes a virtual machine scale set virtual machine profile.
+type VirtualMachineScaleSetUpdateVMProfile struct {
+	// OsProfile - The virtual machine scale set OS profile.
+	OsProfile *VirtualMachineScaleSetUpdateOSProfile `json:"osProfile,omitempty"`
+	// StorageProfile - The virtual machine scale set storage profile.
+	StorageProfile *VirtualMachineScaleSetUpdateStorageProfile `json:"storageProfile,omitempty"`
+	// NetworkProfile - The virtual machine scale set network profile.
+	NetworkProfile *VirtualMachineScaleSetUpdateNetworkProfile `json:"networkProfile,omitempty"`
+	// DiagnosticsProfile - The virtual machine scale set diagnostics profile.
+	DiagnosticsProfile *DiagnosticsProfile `json:"diagnosticsProfile,omitempty"`
+	// ExtensionProfile - The virtual machine scale set extension profile.
+	ExtensionProfile *VirtualMachineScaleSetExtensionProfile `json:"extensionProfile,omitempty"`
+	// LicenseType - The license type, which is for bring your own license scenario.
+	LicenseType *string `json:"licenseType,omitempty"`
+}
+
+// VirtualMachineScaleSetVM describes a virtual machine scale set virtual machine.
+type VirtualMachineScaleSetVM struct {
+	autorest.Response `json:"-"`
+	// ID - Resource Id
+	ID *string `json:"id,omitempty"`
+	// Name - Resource name
+	Name *string `json:"name,omitempty"`
+	// Type - Resource type
+	Type *string `json:"type,omitempty"`
+	// Location - Resource location
+	Location *string `json:"location,omitempty"`
+	// Tags - Resource tags
+	Tags *map[string]*string `json:"tags,omitempty"`
+	// InstanceID - The virtual machine instance ID.
+	InstanceID *string `json:"instanceId,omitempty"`
+	// Sku - The virtual machine SKU.
+	Sku                                 *Sku `json:"sku,omitempty"`
+	*VirtualMachineScaleSetVMProperties `json:"properties,omitempty"`
+	// Plan - Specifies information about the marketplace image used to create the virtual machine. This element is only used for marketplace images. Before you can use a marketplace image from an API, you must enable the image for programmatic use.  In the Azure portal, find the marketplace image that you want to use and then click **Want to deploy programmatically, Get Started ->**. Enter any required information and then click **Save**.
+	Plan *Plan `json:"plan,omitempty"`
+	// Resources - The virtual machine child extension resources.
+	Resources *[]VirtualMachineExtension `json:"resources,omitempty"`
+}
+
+// VirtualMachineScaleSetVMExtensionsSummary extensions summary for virtual machines of a virtual machine scale set.
+type VirtualMachineScaleSetVMExtensionsSummary struct {
+	// Name - The extension name.
+	Name *string `json:"name,omitempty"`
+	// StatusesSummary - The extensions information.
+	StatusesSummary *[]VirtualMachineStatusCodeCount `json:"statusesSummary,omitempty"`
+}
+
+// VirtualMachineScaleSetVMInstanceIDs specifies a list of virtual machine instance IDs from the VM scale set.
+type VirtualMachineScaleSetVMInstanceIDs struct {
+	// InstanceIds - The virtual machine scale set instance ids. Omitting the virtual machine scale set instance ids will result in the operation being performed on all virtual machines in the virtual machine scale set.
+	InstanceIds *[]string `json:"instanceIds,omitempty"`
+}
+
+// VirtualMachineScaleSetVMInstanceRequiredIDs specifies a list of virtual machine instance IDs from the VM scale set.
+type VirtualMachineScaleSetVMInstanceRequiredIDs struct {
+	// InstanceIds - The virtual machine scale set instance ids.
+	InstanceIds *[]string `json:"instanceIds,omitempty"`
+}
+
+// VirtualMachineScaleSetVMInstanceView the instance view of a virtual machine scale set VM.
+type VirtualMachineScaleSetVMInstanceView struct {
+	autorest.Response `json:"-"`
+	// PlatformUpdateDomain - The Update Domain count.
+	PlatformUpdateDomain *int32 `json:"platformUpdateDomain,omitempty"`
+	// PlatformFaultDomain - The Fault Domain count.
+	PlatformFaultDomain *int32 `json:"platformFaultDomain,omitempty"`
+	// RdpThumbPrint - The Remote desktop certificate thumbprint.
+	RdpThumbPrint *string `json:"rdpThumbPrint,omitempty"`
+	// VMAgent - The VM Agent running on the virtual machine.
+	VMAgent *VirtualMachineAgentInstanceView `json:"vmAgent,omitempty"`
+	// Disks - The disks information.
+	Disks *[]DiskInstanceView `json:"disks,omitempty"`
+	// Extensions - The extensions information.
+	Extensions *[]VirtualMachineExtensionInstanceView `json:"extensions,omitempty"`
+	// VMHealth - The health status for the VM.
+	VMHealth *VirtualMachineHealthStatus `json:"vmHealth,omitempty"`
+	// BootDiagnostics - Boot Diagnostics is a debugging feature which allows you to view Console Output and Screenshot to diagnose VM status. <br><br> For Linux Virtual Machines, you can easily view the output of your console log. <br><br> For both Windows and Linux virtual machines, Azure also enables you to see a screenshot of the VM from the hypervisor.
+	BootDiagnostics *BootDiagnosticsInstanceView `json:"bootDiagnostics,omitempty"`
+	// Statuses - The resource status information.
+	Statuses *[]InstanceViewStatus `json:"statuses,omitempty"`
+	// PlacementGroupID - The placement group in which the VM is running. If the VM is deallocated it will not have a placementGroupId.
+	PlacementGroupID *string `json:"placementGroupId,omitempty"`
+}
+
+// VirtualMachineScaleSetVMListResult the List Virtual Machine Scale Set VMs operation response.
+type VirtualMachineScaleSetVMListResult struct {
+	autorest.Response `json:"-"`
+	// Value - The list of virtual machine scale sets VMs.
+	Value *[]VirtualMachineScaleSetVM `json:"value,omitempty"`
+	// NextLink - The uri to fetch the next page of Virtual Machine Scale Set VMs. Call ListNext() with this to fetch the next page of VMSS VMs
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// VirtualMachineScaleSetVMListResultIterator provides access to a complete listing of VirtualMachineScaleSetVM values.
+type VirtualMachineScaleSetVMListResultIterator struct {
+	i    int
+	page VirtualMachineScaleSetVMListResultPage
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *VirtualMachineScaleSetVMListResultIterator) Next() error {
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err := iter.page.Next()
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter VirtualMachineScaleSetVMListResultIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter VirtualMachineScaleSetVMListResultIterator) Response() VirtualMachineScaleSetVMListResult {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter VirtualMachineScaleSetVMListResultIterator) Value() VirtualMachineScaleSetVM {
+	if !iter.page.NotDone() {
+		return VirtualMachineScaleSetVM{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (vmssvlr VirtualMachineScaleSetVMListResult) IsEmpty() bool {
+	return vmssvlr.Value == nil || len(*vmssvlr.Value) == 0
+}
+
+// virtualMachineScaleSetVMListResultPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (vmssvlr VirtualMachineScaleSetVMListResult) virtualMachineScaleSetVMListResultPreparer() (*http.Request, error) {
+	if vmssvlr.NextLink == nil || len(to.String(vmssvlr.NextLink)) < 1 {
+		return nil, nil
+	}
+	return autorest.Prepare(&http.Request{},
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(vmssvlr.NextLink)))
+}
+
+// VirtualMachineScaleSetVMListResultPage contains a page of VirtualMachineScaleSetVM values.
+type VirtualMachineScaleSetVMListResultPage struct {
+	fn      func(VirtualMachineScaleSetVMListResult) (VirtualMachineScaleSetVMListResult, error)
+	vmssvlr VirtualMachineScaleSetVMListResult
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *VirtualMachineScaleSetVMListResultPage) Next() error {
+	next, err := page.fn(page.vmssvlr)
+	if err != nil {
+		return err
+	}
+	page.vmssvlr = next
+	return nil
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page VirtualMachineScaleSetVMListResultPage) NotDone() bool {
+	return !page.vmssvlr.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page VirtualMachineScaleSetVMListResultPage) Response() VirtualMachineScaleSetVMListResult {
+	return page.vmssvlr
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page VirtualMachineScaleSetVMListResultPage) Values() []VirtualMachineScaleSetVM {
+	if page.vmssvlr.IsEmpty() {
+		return nil
+	}
+	return *page.vmssvlr.Value
+}
+
+// VirtualMachineScaleSetVMProfile describes a virtual machine scale set virtual machine profile.
+type VirtualMachineScaleSetVMProfile struct {
+	// OsProfile - Specifies the operating system settings for the virtual machines in the scale set.
+	OsProfile *VirtualMachineScaleSetOSProfile `json:"osProfile,omitempty"`
+	// StorageProfile - Specifies the storage settings for the virtual machine disks.
+	StorageProfile *VirtualMachineScaleSetStorageProfile `json:"storageProfile,omitempty"`
+	// NetworkProfile - Specifies properties of the network interfaces of the virtual machines in the scale set.
+	NetworkProfile *VirtualMachineScaleSetNetworkProfile `json:"networkProfile,omitempty"`
+	// DiagnosticsProfile - Specifies the boot diagnostic settings state. <br><br>Minimum api-version: 2015-06-15.
+	DiagnosticsProfile *DiagnosticsProfile `json:"diagnosticsProfile,omitempty"`
+	// ExtensionProfile - Specifies a collection of settings for extensions installed on virtual machines in the scale set.
+	ExtensionProfile *VirtualMachineScaleSetExtensionProfile `json:"extensionProfile,omitempty"`
+	// LicenseType - Specifies that the image or disk that is being used was licensed on-premises. This element is only used for images that contain the Windows Server operating system. <br><br> Possible values are: <br><br> Windows_Client <br><br> Windows_Server <br><br> If this element is included in a request for an update, the value must match the initial value. This value cannot be updated. <br><br> For more information, see [Azure Hybrid Use Benefit for Windows Server](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-windows-hybrid-use-benefit-licensing?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json) <br><br> Minimum api-version: 2015-06-15
+	LicenseType *string `json:"licenseType,omitempty"`
+	// Priority - Specifies the priority for the virtual machines in the scale set. <br><br>Minimum api-version: 2017-10-30-preview. Possible values include: 'Regular', 'Low'
+	Priority VirtualMachinePriorityTypes `json:"priority,omitempty"`
+}
+
+// VirtualMachineScaleSetVMProperties describes the properties of a virtual machine scale set virtual machine.
+type VirtualMachineScaleSetVMProperties struct {
+	// LatestModelApplied - Specifies whether the latest model has been applied to the virtual machine.
+	LatestModelApplied *bool `json:"latestModelApplied,omitempty"`
+	// VMID - Azure VM unique ID.
+	VMID *string `json:"vmId,omitempty"`
+	// InstanceView - The virtual machine instance view.
+	InstanceView *VirtualMachineInstanceView `json:"instanceView,omitempty"`
+	// HardwareProfile - Specifies the hardware settings for the virtual machine.
+	HardwareProfile *HardwareProfile `json:"hardwareProfile,omitempty"`
+	// StorageProfile - Specifies the storage settings for the virtual machine disks.
+	StorageProfile *StorageProfile `json:"storageProfile,omitempty"`
+	// OsProfile - Specifies the operating system settings for the virtual machine.
+	OsProfile *OSProfile `json:"osProfile,omitempty"`
+	// NetworkProfile - Specifies the network interfaces of the virtual machine.
+	NetworkProfile *NetworkProfile `json:"networkProfile,omitempty"`
+	// DiagnosticsProfile - Specifies the boot diagnostic settings state. <br><br>Minimum api-version: 2015-06-15.
+	DiagnosticsProfile *DiagnosticsProfile `json:"diagnosticsProfile,omitempty"`
+	// AvailabilitySet - Specifies information about the availability set that the virtual machine should be assigned to. Virtual machines specified in the same availability set are allocated to different nodes to maximize availability. For more information about availability sets, see [Manage the availability of virtual machines](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-windows-manage-availability?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json). <br><br> For more information on Azure planned maintainance, see [Planned maintenance for virtual machines in Azure](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-windows-planned-maintenance?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json) <br><br> Currently, a VM can only be added to availability set at creation time. An existing VM cannot be added to an availability set.
+	AvailabilitySet *SubResource `json:"availabilitySet,omitempty"`
+	// ProvisioningState - The provisioning state, which only appears in the response.
+	ProvisioningState *string `json:"provisioningState,omitempty"`
+	// LicenseType - Specifies that the image or disk that is being used was licensed on-premises. This element is only used for images that contain the Windows Server operating system. <br><br> Possible values are: <br><br> Windows_Client <br><br> Windows_Server <br><br> If this element is included in a request for an update, the value must match the initial value. This value cannot be updated. <br><br> For more information, see [Azure Hybrid Use Benefit for Windows Server](https://docs.microsoft.com/azure/virtual-machines/virtual-machines-windows-hybrid-use-benefit-licensing?toc=%2fazure%2fvirtual-machines%2fwindows%2ftoc.json) <br><br> Minimum api-version: 2015-06-15
+	LicenseType *string `json:"licenseType,omitempty"`
+}
+
+// VirtualMachineScaleSetVMsDeallocateFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachineScaleSetVMsDeallocateFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetVMsDeallocateFuture) Result(client VirtualMachineScaleSetVMsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineScaleSetVMsDeallocateFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.DeallocateResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.DeallocateResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetVMsDeleteFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachineScaleSetVMsDeleteFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetVMsDeleteFuture) Result(client VirtualMachineScaleSetVMsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineScaleSetVMsDeleteFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.DeleteResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.DeleteResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetVMsPowerOffFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachineScaleSetVMsPowerOffFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetVMsPowerOffFuture) Result(client VirtualMachineScaleSetVMsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineScaleSetVMsPowerOffFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.PowerOffResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.PowerOffResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetVMsReimageAllFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachineScaleSetVMsReimageAllFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetVMsReimageAllFuture) Result(client VirtualMachineScaleSetVMsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineScaleSetVMsReimageAllFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.ReimageAllResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.ReimageAllResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetVMsReimageFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachineScaleSetVMsReimageFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetVMsReimageFuture) Result(client VirtualMachineScaleSetVMsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineScaleSetVMsReimageFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.ReimageResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.ReimageResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetVMsRestartFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachineScaleSetVMsRestartFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetVMsRestartFuture) Result(client VirtualMachineScaleSetVMsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineScaleSetVMsRestartFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.RestartResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.RestartResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetVMsStartFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachineScaleSetVMsStartFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetVMsStartFuture) Result(client VirtualMachineScaleSetVMsClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachineScaleSetVMsStartFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.StartResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.StartResponder(resp)
+	return
+}
+
+// VirtualMachineScaleSetVMsUpdateFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachineScaleSetVMsUpdateFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachineScaleSetVMsUpdateFuture) Result(client VirtualMachineScaleSetVMsClient) (vmssv VirtualMachineScaleSetVM, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return vmssv, autorest.NewError("compute.VirtualMachineScaleSetVMsUpdateFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		vmssv, err = client.UpdateResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	vmssv, err = client.UpdateResponder(resp)
+	return
+}
+
+// VirtualMachinesCaptureFuture an abstraction for monitoring and retrieving the results of a long-running operation.
+type VirtualMachinesCaptureFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachinesCaptureFuture) Result(client VirtualMachinesClient) (vmcr VirtualMachineCaptureResult, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return vmcr, autorest.NewError("compute.VirtualMachinesCaptureFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		vmcr, err = client.CaptureResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	vmcr, err = client.CaptureResponder(resp)
+	return
+}
+
+// VirtualMachinesConvertToManagedDisksFuture an abstraction for monitoring and retrieving the results of a
+// long-running operation.
+type VirtualMachinesConvertToManagedDisksFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachinesConvertToManagedDisksFuture) Result(client VirtualMachinesClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachinesConvertToManagedDisksFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.ConvertToManagedDisksResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.ConvertToManagedDisksResponder(resp)
+	return
+}
+
+// VirtualMachinesCreateOrUpdateFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachinesCreateOrUpdateFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachinesCreateOrUpdateFuture) Result(client VirtualMachinesClient) (VM VirtualMachine, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return VM, autorest.NewError("compute.VirtualMachinesCreateOrUpdateFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		VM, err = client.CreateOrUpdateResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	VM, err = client.CreateOrUpdateResponder(resp)
+	return
+}
+
+// VirtualMachinesDeallocateFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachinesDeallocateFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachinesDeallocateFuture) Result(client VirtualMachinesClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachinesDeallocateFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.DeallocateResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.DeallocateResponder(resp)
+	return
+}
+
+// VirtualMachinesDeleteFuture an abstraction for monitoring and retrieving the results of a long-running operation.
+type VirtualMachinesDeleteFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachinesDeleteFuture) Result(client VirtualMachinesClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachinesDeleteFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.DeleteResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.DeleteResponder(resp)
+	return
+}
+
+// VirtualMachineSize describes the properties of a VM size.
+type VirtualMachineSize struct {
+	// Name - The name of the virtual machine size.
+	Name *string `json:"name,omitempty"`
+	// NumberOfCores - The number of cores supported by the virtual machine size.
+	NumberOfCores *int32 `json:"numberOfCores,omitempty"`
+	// OsDiskSizeInMB - The OS disk size, in MB, allowed by the virtual machine size.
+	OsDiskSizeInMB *int32 `json:"osDiskSizeInMB,omitempty"`
+	// ResourceDiskSizeInMB - The resource disk size, in MB, allowed by the virtual machine size.
+	ResourceDiskSizeInMB *int32 `json:"resourceDiskSizeInMB,omitempty"`
+	// MemoryInMB - The amount of memory, in MB, supported by the virtual machine size.
+	MemoryInMB *int32 `json:"memoryInMB,omitempty"`
+	// MaxDataDiskCount - The maximum number of data disks that can be attached to the virtual machine size.
+	MaxDataDiskCount *int32 `json:"maxDataDiskCount,omitempty"`
+}
+
+// VirtualMachineSizeListResult the List Virtual Machine operation response.
+type VirtualMachineSizeListResult struct {
+	autorest.Response `json:"-"`
+	// Value - The list of virtual machine sizes.
+	Value *[]VirtualMachineSize `json:"value,omitempty"`
+}
+
+// VirtualMachinesPerformMaintenanceFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachinesPerformMaintenanceFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachinesPerformMaintenanceFuture) Result(client VirtualMachinesClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachinesPerformMaintenanceFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.PerformMaintenanceResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.PerformMaintenanceResponder(resp)
+	return
+}
+
+// VirtualMachinesPowerOffFuture an abstraction for monitoring and retrieving the results of a long-running operation.
+type VirtualMachinesPowerOffFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachinesPowerOffFuture) Result(client VirtualMachinesClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachinesPowerOffFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.PowerOffResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.PowerOffResponder(resp)
+	return
+}
+
+// VirtualMachinesRedeployFuture an abstraction for monitoring and retrieving the results of a long-running operation.
+type VirtualMachinesRedeployFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachinesRedeployFuture) Result(client VirtualMachinesClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachinesRedeployFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.RedeployResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.RedeployResponder(resp)
+	return
+}
+
+// VirtualMachinesRestartFuture an abstraction for monitoring and retrieving the results of a long-running operation.
+type VirtualMachinesRestartFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachinesRestartFuture) Result(client VirtualMachinesClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachinesRestartFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.RestartResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.RestartResponder(resp)
+	return
+}
+
+// VirtualMachinesRunCommandFuture an abstraction for monitoring and retrieving the results of a long-running
+// operation.
+type VirtualMachinesRunCommandFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachinesRunCommandFuture) Result(client VirtualMachinesClient) (rcr RunCommandResult, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return rcr, autorest.NewError("compute.VirtualMachinesRunCommandFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		rcr, err = client.RunCommandResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	rcr, err = client.RunCommandResponder(resp)
+	return
+}
+
+// VirtualMachinesStartFuture an abstraction for monitoring and retrieving the results of a long-running operation.
+type VirtualMachinesStartFuture struct {
+	azure.Future
+	req *http.Request
+}
+
+// Result returns the result of the asynchronous operation.
+// If the operation has not completed it will return an error.
+func (future VirtualMachinesStartFuture) Result(client VirtualMachinesClient) (osr OperationStatusResponse, err error) {
+	var done bool
+	done, err = future.Done(client)
+	if err != nil {
+		return
+	}
+	if !done {
+		return osr, autorest.NewError("compute.VirtualMachinesStartFuture", "Result", "asynchronous operation has not completed")
+	}
+	if future.PollingMethod() == azure.PollingLocation {
+		osr, err = client.StartResponder(future.Response())
+		return
+	}
+	var resp *http.Response
+	resp, err = autorest.SendWithSender(client, autorest.ChangeToGet(future.req),
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+	if err != nil {
+		return
+	}
+	osr, err = client.StartResponder(resp)
+	return
+}
+
+// VirtualMachineStatusCodeCount the status code and count of the virtual machine scale set instance view status
+// summary.
+type VirtualMachineStatusCodeCount struct {
+	// Code - The instance view status code.
+	Code *string `json:"code,omitempty"`
+	// Count - The number of instances having a particular status code.
+	Count *int32 `json:"count,omitempty"`
+}
+
+// WindowsConfiguration specifies Windows operating system settings on the virtual machine.
+type WindowsConfiguration struct {
+	// ProvisionVMAgent - Indicates whether virtual machine agent should be provisioned on the virtual machine. <br><br> When this property is not specified in the request body, default behavior is to set it to true.  This will ensure that VM Agent is installed on the VM so that extensions can be added to the VM later.
+	ProvisionVMAgent *bool `json:"provisionVMAgent,omitempty"`
+	// EnableAutomaticUpdates - Indicates whether virtual machine is enabled for automatic updates.
+	EnableAutomaticUpdates *bool `json:"enableAutomaticUpdates,omitempty"`
+	// TimeZone - Specifies the time zone of the virtual machine. e.g. "Pacific Standard Time"
+	TimeZone *string `json:"timeZone,omitempty"`
+	// AdditionalUnattendContent - Specifies additional base-64 encoded XML formatted information that can be included in the Unattend.xml file, which is used by Windows Setup.
+	AdditionalUnattendContent *[]AdditionalUnattendContent `json:"additionalUnattendContent,omitempty"`
+	// WinRM - Specifies the Windows Remote Management listeners. This enables remote Windows PowerShell.
+	WinRM *WinRMConfiguration `json:"winRM,omitempty"`
+}
+
+// WinRMConfiguration describes Windows Remote Management configuration of the VM
+type WinRMConfiguration struct {
+	// Listeners - The list of Windows Remote Management listeners
+	Listeners *[]WinRMListener `json:"listeners,omitempty"`
+}
+
+// WinRMListener describes Protocol and thumbprint of Windows Remote Management listener
+type WinRMListener struct {
+	// Protocol - Specifies the protocol of listener. <br><br> Possible values are: <br>**http** <br><br> **https**. Possible values include: 'HTTP', 'HTTPS'
+	Protocol ProtocolTypes `json:"protocol,omitempty"`
+	// CertificateURL - This is the URL of a certificate that has been uploaded to Key Vault as a secret. For adding a secret to the Key Vault, see [Add a key or secret to the key vault](https://docs.microsoft.com/azure/key-vault/key-vault-get-started/#add). In this case, your certificate needs to be It is the Base64 encoding of the following JSON Object which is encoded in UTF-8: <br><br> {<br>  "data":"<Base64-encoded-certificate>",<br>  "dataType":"pfx",<br>  "password":"<pfx-file-password>"<br>}
+	CertificateURL *string `json:"certificateUrl,omitempty"`
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/resourceskus.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/resourceskus.go
new file mode 100644
index 000000000000..de32a3df699d
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/resourceskus.go
@@ -0,0 +1,130 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"net/http"
+)
+
+// ResourceSkusClient is the compute Client
+type ResourceSkusClient struct {
+	BaseClient
+}
+
+// NewResourceSkusClient creates an instance of the ResourceSkusClient client.
+func NewResourceSkusClient(subscriptionID string) ResourceSkusClient {
+	return NewResourceSkusClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewResourceSkusClientWithBaseURI creates an instance of the ResourceSkusClient client.
+func NewResourceSkusClientWithBaseURI(baseURI string, subscriptionID string) ResourceSkusClient {
+	return ResourceSkusClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// List gets the list of Microsoft.Compute SKUs available for your Subscription.
+func (client ResourceSkusClient) List(ctx context.Context) (result ResourceSkusResultPage, err error) {
+	result.fn = client.listNextResults
+	req, err := client.ListPreparer(ctx)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ResourceSkusClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.rsr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.ResourceSkusClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result.rsr, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ResourceSkusClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client ResourceSkusClient) ListPreparer(ctx context.Context) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-09-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/skus", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client ResourceSkusClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client ResourceSkusClient) ListResponder(resp *http.Response) (result ResourceSkusResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listNextResults retrieves the next set of results, if any.
+func (client ResourceSkusClient) listNextResults(lastResults ResourceSkusResult) (result ResourceSkusResult, err error) {
+	req, err := lastResults.resourceSkusResultPreparer()
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "compute.ResourceSkusClient", "listNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "compute.ResourceSkusClient", "listNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.ResourceSkusClient", "listNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListComplete enumerates all values, automatically crossing page boundaries as required.
+func (client ResourceSkusClient) ListComplete(ctx context.Context) (result ResourceSkusResultIterator, err error) {
+	result.page, err = client.List(ctx)
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/snapshots.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/snapshots.go
new file mode 100644
index 000000000000..e5e1a9dd85a4
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/snapshots.go
@@ -0,0 +1,677 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/autorest/validation"
+	"net/http"
+)
+
+// SnapshotsClient is the compute Client
+type SnapshotsClient struct {
+	BaseClient
+}
+
+// NewSnapshotsClient creates an instance of the SnapshotsClient client.
+func NewSnapshotsClient(subscriptionID string) SnapshotsClient {
+	return NewSnapshotsClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewSnapshotsClientWithBaseURI creates an instance of the SnapshotsClient client.
+func NewSnapshotsClientWithBaseURI(baseURI string, subscriptionID string) SnapshotsClient {
+	return SnapshotsClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// CreateOrUpdate creates or updates a snapshot.
+//
+// resourceGroupName is the name of the resource group. snapshotName is the name of the snapshot that is being created.
+// The name can't be changed after the snapshot is created. Supported characters for the name are a-z, A-Z, 0-9 and _.
+// The max name length is 80 characters. snapshot is snapshot object supplied in the body of the Put disk operation.
+func (client SnapshotsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, snapshotName string, snapshot Snapshot) (result SnapshotsCreateOrUpdateFuture, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: snapshot,
+			Constraints: []validation.Constraint{{Target: "snapshot.DiskProperties", Name: validation.Null, Rule: false,
+				Chain: []validation.Constraint{{Target: "snapshot.DiskProperties.CreationData", Name: validation.Null, Rule: true,
+					Chain: []validation.Constraint{{Target: "snapshot.DiskProperties.CreationData.ImageReference", Name: validation.Null, Rule: false,
+						Chain: []validation.Constraint{{Target: "snapshot.DiskProperties.CreationData.ImageReference.ID", Name: validation.Null, Rule: true, Chain: nil}}},
+					}},
+					{Target: "snapshot.DiskProperties.EncryptionSettings", Name: validation.Null, Rule: false,
+						Chain: []validation.Constraint{{Target: "snapshot.DiskProperties.EncryptionSettings.DiskEncryptionKey", Name: validation.Null, Rule: false,
+							Chain: []validation.Constraint{{Target: "snapshot.DiskProperties.EncryptionSettings.DiskEncryptionKey.SourceVault", Name: validation.Null, Rule: true, Chain: nil},
+								{Target: "snapshot.DiskProperties.EncryptionSettings.DiskEncryptionKey.SecretURL", Name: validation.Null, Rule: true, Chain: nil},
+							}},
+							{Target: "snapshot.DiskProperties.EncryptionSettings.KeyEncryptionKey", Name: validation.Null, Rule: false,
+								Chain: []validation.Constraint{{Target: "snapshot.DiskProperties.EncryptionSettings.KeyEncryptionKey.SourceVault", Name: validation.Null, Rule: true, Chain: nil},
+									{Target: "snapshot.DiskProperties.EncryptionSettings.KeyEncryptionKey.KeyURL", Name: validation.Null, Rule: true, Chain: nil},
+								}},
+						}},
+				}}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "compute.SnapshotsClient", "CreateOrUpdate")
+	}
+
+	req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, snapshotName, snapshot)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "CreateOrUpdate", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.CreateOrUpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "CreateOrUpdate", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// CreateOrUpdatePreparer prepares the CreateOrUpdate request.
+func (client SnapshotsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, snapshotName string, snapshot Snapshot) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"snapshotName":      autorest.Encode("path", snapshotName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-03-30"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPut(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/snapshots/{snapshotName}", pathParameters),
+		autorest.WithJSON(snapshot),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the
+// http.Response Body if it receives an error.
+func (client SnapshotsClient) CreateOrUpdateSender(req *http.Request) (future SnapshotsCreateOrUpdateFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always
+// closes the http.Response Body.
+func (client SnapshotsClient) CreateOrUpdateResponder(resp *http.Response) (result Snapshot, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Delete deletes a snapshot.
+//
+// resourceGroupName is the name of the resource group. snapshotName is the name of the snapshot that is being created.
+// The name can't be changed after the snapshot is created. Supported characters for the name are a-z, A-Z, 0-9 and _.
+// The max name length is 80 characters.
+func (client SnapshotsClient) Delete(ctx context.Context, resourceGroupName string, snapshotName string) (result SnapshotsDeleteFuture, err error) {
+	req, err := client.DeletePreparer(ctx, resourceGroupName, snapshotName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "Delete", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.DeleteSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "Delete", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// DeletePreparer prepares the Delete request.
+func (client SnapshotsClient) DeletePreparer(ctx context.Context, resourceGroupName string, snapshotName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"snapshotName":      autorest.Encode("path", snapshotName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-03-30"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsDelete(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/snapshots/{snapshotName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeleteSender sends the Delete request. The method will close the
+// http.Response Body if it receives an error.
+func (client SnapshotsClient) DeleteSender(req *http.Request) (future SnapshotsDeleteFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent))
+	return
+}
+
+// DeleteResponder handles the response to the Delete request. The method always
+// closes the http.Response Body.
+func (client SnapshotsClient) DeleteResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Get gets information about a snapshot.
+//
+// resourceGroupName is the name of the resource group. snapshotName is the name of the snapshot that is being created.
+// The name can't be changed after the snapshot is created. Supported characters for the name are a-z, A-Z, 0-9 and _.
+// The max name length is 80 characters.
+func (client SnapshotsClient) Get(ctx context.Context, resourceGroupName string, snapshotName string) (result Snapshot, err error) {
+	req, err := client.GetPreparer(ctx, resourceGroupName, snapshotName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "Get", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client SnapshotsClient) GetPreparer(ctx context.Context, resourceGroupName string, snapshotName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"snapshotName":      autorest.Encode("path", snapshotName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-03-30"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/snapshots/{snapshotName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client SnapshotsClient) GetSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client SnapshotsClient) GetResponder(resp *http.Response) (result Snapshot, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// GrantAccess grants access to a snapshot.
+//
+// resourceGroupName is the name of the resource group. snapshotName is the name of the snapshot that is being created.
+// The name can't be changed after the snapshot is created. Supported characters for the name are a-z, A-Z, 0-9 and _.
+// The max name length is 80 characters. grantAccessData is access data object supplied in the body of the get snapshot
+// access operation.
+func (client SnapshotsClient) GrantAccess(ctx context.Context, resourceGroupName string, snapshotName string, grantAccessData GrantAccessData) (result SnapshotsGrantAccessFuture, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: grantAccessData,
+			Constraints: []validation.Constraint{{Target: "grantAccessData.DurationInSeconds", Name: validation.Null, Rule: true, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "compute.SnapshotsClient", "GrantAccess")
+	}
+
+	req, err := client.GrantAccessPreparer(ctx, resourceGroupName, snapshotName, grantAccessData)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "GrantAccess", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.GrantAccessSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "GrantAccess", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// GrantAccessPreparer prepares the GrantAccess request.
+func (client SnapshotsClient) GrantAccessPreparer(ctx context.Context, resourceGroupName string, snapshotName string, grantAccessData GrantAccessData) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"snapshotName":      autorest.Encode("path", snapshotName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-03-30"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/snapshots/{snapshotName}/beginGetAccess", pathParameters),
+		autorest.WithJSON(grantAccessData),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GrantAccessSender sends the GrantAccess request. The method will close the
+// http.Response Body if it receives an error.
+func (client SnapshotsClient) GrantAccessSender(req *http.Request) (future SnapshotsGrantAccessFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// GrantAccessResponder handles the response to the GrantAccess request. The method always
+// closes the http.Response Body.
+func (client SnapshotsClient) GrantAccessResponder(resp *http.Response) (result AccessURI, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// List lists snapshots under a subscription.
+func (client SnapshotsClient) List(ctx context.Context) (result SnapshotListPage, err error) {
+	result.fn = client.listNextResults
+	req, err := client.ListPreparer(ctx)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.sl.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result.sl, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client SnapshotsClient) ListPreparer(ctx context.Context) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-03-30"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/snapshots", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client SnapshotsClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client SnapshotsClient) ListResponder(resp *http.Response) (result SnapshotList, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listNextResults retrieves the next set of results, if any.
+func (client SnapshotsClient) listNextResults(lastResults SnapshotList) (result SnapshotList, err error) {
+	req, err := lastResults.snapshotListPreparer()
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "compute.SnapshotsClient", "listNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "compute.SnapshotsClient", "listNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "listNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListComplete enumerates all values, automatically crossing page boundaries as required.
+func (client SnapshotsClient) ListComplete(ctx context.Context) (result SnapshotListIterator, err error) {
+	result.page, err = client.List(ctx)
+	return
+}
+
+// ListByResourceGroup lists snapshots under a resource group.
+//
+// resourceGroupName is the name of the resource group.
+func (client SnapshotsClient) ListByResourceGroup(ctx context.Context, resourceGroupName string) (result SnapshotListPage, err error) {
+	result.fn = client.listByResourceGroupNextResults
+	req, err := client.ListByResourceGroupPreparer(ctx, resourceGroupName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "ListByResourceGroup", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListByResourceGroupSender(req)
+	if err != nil {
+		result.sl.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "ListByResourceGroup", resp, "Failure sending request")
+		return
+	}
+
+	result.sl, err = client.ListByResourceGroupResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "ListByResourceGroup", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListByResourceGroupPreparer prepares the ListByResourceGroup request.
+func (client SnapshotsClient) ListByResourceGroupPreparer(ctx context.Context, resourceGroupName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-03-30"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/snapshots", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListByResourceGroupSender sends the ListByResourceGroup request. The method will close the
+// http.Response Body if it receives an error.
+func (client SnapshotsClient) ListByResourceGroupSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListByResourceGroupResponder handles the response to the ListByResourceGroup request. The method always
+// closes the http.Response Body.
+func (client SnapshotsClient) ListByResourceGroupResponder(resp *http.Response) (result SnapshotList, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listByResourceGroupNextResults retrieves the next set of results, if any.
+func (client SnapshotsClient) listByResourceGroupNextResults(lastResults SnapshotList) (result SnapshotList, err error) {
+	req, err := lastResults.snapshotListPreparer()
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "compute.SnapshotsClient", "listByResourceGroupNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListByResourceGroupSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "compute.SnapshotsClient", "listByResourceGroupNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListByResourceGroupResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "listByResourceGroupNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListByResourceGroupComplete enumerates all values, automatically crossing page boundaries as required.
+func (client SnapshotsClient) ListByResourceGroupComplete(ctx context.Context, resourceGroupName string) (result SnapshotListIterator, err error) {
+	result.page, err = client.ListByResourceGroup(ctx, resourceGroupName)
+	return
+}
+
+// RevokeAccess revokes access to a snapshot.
+//
+// resourceGroupName is the name of the resource group. snapshotName is the name of the snapshot that is being created.
+// The name can't be changed after the snapshot is created. Supported characters for the name are a-z, A-Z, 0-9 and _.
+// The max name length is 80 characters.
+func (client SnapshotsClient) RevokeAccess(ctx context.Context, resourceGroupName string, snapshotName string) (result SnapshotsRevokeAccessFuture, err error) {
+	req, err := client.RevokeAccessPreparer(ctx, resourceGroupName, snapshotName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "RevokeAccess", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.RevokeAccessSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "RevokeAccess", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// RevokeAccessPreparer prepares the RevokeAccess request.
+func (client SnapshotsClient) RevokeAccessPreparer(ctx context.Context, resourceGroupName string, snapshotName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"snapshotName":      autorest.Encode("path", snapshotName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-03-30"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/snapshots/{snapshotName}/endGetAccess", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// RevokeAccessSender sends the RevokeAccess request. The method will close the
+// http.Response Body if it receives an error.
+func (client SnapshotsClient) RevokeAccessSender(req *http.Request) (future SnapshotsRevokeAccessFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// RevokeAccessResponder handles the response to the RevokeAccess request. The method always
+// closes the http.Response Body.
+func (client SnapshotsClient) RevokeAccessResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Update updates (patches) a snapshot.
+//
+// resourceGroupName is the name of the resource group. snapshotName is the name of the snapshot that is being created.
+// The name can't be changed after the snapshot is created. Supported characters for the name are a-z, A-Z, 0-9 and _.
+// The max name length is 80 characters. snapshot is snapshot object supplied in the body of the Patch snapshot
+// operation.
+func (client SnapshotsClient) Update(ctx context.Context, resourceGroupName string, snapshotName string, snapshot SnapshotUpdate) (result SnapshotsUpdateFuture, err error) {
+	req, err := client.UpdatePreparer(ctx, resourceGroupName, snapshotName, snapshot)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "Update", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.UpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.SnapshotsClient", "Update", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// UpdatePreparer prepares the Update request.
+func (client SnapshotsClient) UpdatePreparer(ctx context.Context, resourceGroupName string, snapshotName string, snapshot SnapshotUpdate) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"snapshotName":      autorest.Encode("path", snapshotName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-03-30"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPatch(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/snapshots/{snapshotName}", pathParameters),
+		autorest.WithJSON(snapshot),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// UpdateSender sends the Update request. The method will close the
+// http.Response Body if it receives an error.
+func (client SnapshotsClient) UpdateSender(req *http.Request) (future SnapshotsUpdateFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// UpdateResponder handles the response to the Update request. The method always
+// closes the http.Response Body.
+func (client SnapshotsClient) UpdateResponder(resp *http.Response) (result Snapshot, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/usage.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/usage.go
new file mode 100644
index 000000000000..3a316670fda0
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/usage.go
@@ -0,0 +1,141 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/autorest/validation"
+	"net/http"
+)
+
+// UsageClient is the compute Client
+type UsageClient struct {
+	BaseClient
+}
+
+// NewUsageClient creates an instance of the UsageClient client.
+func NewUsageClient(subscriptionID string) UsageClient {
+	return NewUsageClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewUsageClientWithBaseURI creates an instance of the UsageClient client.
+func NewUsageClientWithBaseURI(baseURI string, subscriptionID string) UsageClient {
+	return UsageClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// List gets, for the specified location, the current compute resource usage information as well as the limits for
+// compute resources under the subscription.
+//
+// location is the location for which resource usage is queried.
+func (client UsageClient) List(ctx context.Context, location string) (result ListUsagesResultPage, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: location,
+			Constraints: []validation.Constraint{{Target: "location", Name: validation.Pattern, Rule: `^[-\w\._]+$`, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "compute.UsageClient", "List")
+	}
+
+	result.fn = client.listNextResults
+	req, err := client.ListPreparer(ctx, location)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.UsageClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.lur.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.UsageClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result.lur, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.UsageClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client UsageClient) ListPreparer(ctx context.Context, location string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"location":       autorest.Encode("path", location),
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/locations/{location}/usages", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client UsageClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client UsageClient) ListResponder(resp *http.Response) (result ListUsagesResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listNextResults retrieves the next set of results, if any.
+func (client UsageClient) listNextResults(lastResults ListUsagesResult) (result ListUsagesResult, err error) {
+	req, err := lastResults.listUsagesResultPreparer()
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "compute.UsageClient", "listNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "compute.UsageClient", "listNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.UsageClient", "listNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListComplete enumerates all values, automatically crossing page boundaries as required.
+func (client UsageClient) ListComplete(ctx context.Context, location string) (result ListUsagesResultIterator, err error) {
+	result.page, err = client.List(ctx, location)
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/version.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/version.go
new file mode 100644
index 000000000000..00a3106b8812
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/version.go
@@ -0,0 +1,28 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+// UserAgent returns the UserAgent string to use when sending http.Requests.
+func UserAgent() string {
+	return "Azure-SDK-For-Go/v12.4.0-beta arm-compute/"
+}
+
+// Version returns the semantic version (see http://semver.org) of the client.
+func Version() string {
+	return "v12.4.0-beta"
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachineextensionimages.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachineextensionimages.go
new file mode 100644
index 000000000000..1573aa734dd8
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachineextensionimages.go
@@ -0,0 +1,251 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"net/http"
+)
+
+// VirtualMachineExtensionImagesClient is the compute Client
+type VirtualMachineExtensionImagesClient struct {
+	BaseClient
+}
+
+// NewVirtualMachineExtensionImagesClient creates an instance of the VirtualMachineExtensionImagesClient client.
+func NewVirtualMachineExtensionImagesClient(subscriptionID string) VirtualMachineExtensionImagesClient {
+	return NewVirtualMachineExtensionImagesClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewVirtualMachineExtensionImagesClientWithBaseURI creates an instance of the VirtualMachineExtensionImagesClient
+// client.
+func NewVirtualMachineExtensionImagesClientWithBaseURI(baseURI string, subscriptionID string) VirtualMachineExtensionImagesClient {
+	return VirtualMachineExtensionImagesClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// Get gets a virtual machine extension image.
+//
+// location is the name of a supported Azure region.
+func (client VirtualMachineExtensionImagesClient) Get(ctx context.Context, location string, publisherName string, typeParameter string, version string) (result VirtualMachineExtensionImage, err error) {
+	req, err := client.GetPreparer(ctx, location, publisherName, typeParameter, version)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineExtensionImagesClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineExtensionImagesClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineExtensionImagesClient", "Get", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client VirtualMachineExtensionImagesClient) GetPreparer(ctx context.Context, location string, publisherName string, typeParameter string, version string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"location":       autorest.Encode("path", location),
+		"publisherName":  autorest.Encode("path", publisherName),
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+		"type":           autorest.Encode("path", typeParameter),
+		"version":        autorest.Encode("path", version),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/locations/{location}/publishers/{publisherName}/artifacttypes/vmextension/types/{type}/versions/{version}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineExtensionImagesClient) GetSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineExtensionImagesClient) GetResponder(resp *http.Response) (result VirtualMachineExtensionImage, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// ListTypes gets a list of virtual machine extension image types.
+//
+// location is the name of a supported Azure region.
+func (client VirtualMachineExtensionImagesClient) ListTypes(ctx context.Context, location string, publisherName string) (result ListVirtualMachineExtensionImage, err error) {
+	req, err := client.ListTypesPreparer(ctx, location, publisherName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineExtensionImagesClient", "ListTypes", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListTypesSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineExtensionImagesClient", "ListTypes", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.ListTypesResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineExtensionImagesClient", "ListTypes", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListTypesPreparer prepares the ListTypes request.
+func (client VirtualMachineExtensionImagesClient) ListTypesPreparer(ctx context.Context, location string, publisherName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"location":       autorest.Encode("path", location),
+		"publisherName":  autorest.Encode("path", publisherName),
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/locations/{location}/publishers/{publisherName}/artifacttypes/vmextension/types", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListTypesSender sends the ListTypes request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineExtensionImagesClient) ListTypesSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListTypesResponder handles the response to the ListTypes request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineExtensionImagesClient) ListTypesResponder(resp *http.Response) (result ListVirtualMachineExtensionImage, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result.Value),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// ListVersions gets a list of virtual machine extension image versions.
+//
+// location is the name of a supported Azure region. filter is the filter to apply on the operation.
+func (client VirtualMachineExtensionImagesClient) ListVersions(ctx context.Context, location string, publisherName string, typeParameter string, filter string, top *int32, orderby string) (result ListVirtualMachineExtensionImage, err error) {
+	req, err := client.ListVersionsPreparer(ctx, location, publisherName, typeParameter, filter, top, orderby)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineExtensionImagesClient", "ListVersions", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListVersionsSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineExtensionImagesClient", "ListVersions", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.ListVersionsResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineExtensionImagesClient", "ListVersions", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListVersionsPreparer prepares the ListVersions request.
+func (client VirtualMachineExtensionImagesClient) ListVersionsPreparer(ctx context.Context, location string, publisherName string, typeParameter string, filter string, top *int32, orderby string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"location":       autorest.Encode("path", location),
+		"publisherName":  autorest.Encode("path", publisherName),
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+		"type":           autorest.Encode("path", typeParameter),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if len(filter) > 0 {
+		queryParameters["$filter"] = autorest.Encode("query", filter)
+	}
+	if top != nil {
+		queryParameters["$top"] = autorest.Encode("query", *top)
+	}
+	if len(orderby) > 0 {
+		queryParameters["$orderby"] = autorest.Encode("query", orderby)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/locations/{location}/publishers/{publisherName}/artifacttypes/vmextension/types/{type}/versions", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListVersionsSender sends the ListVersions request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineExtensionImagesClient) ListVersionsSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListVersionsResponder handles the response to the ListVersions request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineExtensionImagesClient) ListVersionsResponder(resp *http.Response) (result ListVirtualMachineExtensionImage, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result.Value),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachineextensions.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachineextensions.go
new file mode 100644
index 000000000000..d6d9066ccfa4
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachineextensions.go
@@ -0,0 +1,255 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"net/http"
+)
+
+// VirtualMachineExtensionsClient is the compute Client
+type VirtualMachineExtensionsClient struct {
+	BaseClient
+}
+
+// NewVirtualMachineExtensionsClient creates an instance of the VirtualMachineExtensionsClient client.
+func NewVirtualMachineExtensionsClient(subscriptionID string) VirtualMachineExtensionsClient {
+	return NewVirtualMachineExtensionsClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewVirtualMachineExtensionsClientWithBaseURI creates an instance of the VirtualMachineExtensionsClient client.
+func NewVirtualMachineExtensionsClientWithBaseURI(baseURI string, subscriptionID string) VirtualMachineExtensionsClient {
+	return VirtualMachineExtensionsClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// CreateOrUpdate the operation to create or update the extension.
+//
+// resourceGroupName is the name of the resource group. VMName is the name of the virtual machine where the extension
+// should be create or updated. VMExtensionName is the name of the virtual machine extension. extensionParameters is
+// parameters supplied to the Create Virtual Machine Extension operation.
+func (client VirtualMachineExtensionsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, VMName string, VMExtensionName string, extensionParameters VirtualMachineExtension) (result VirtualMachineExtensionsCreateOrUpdateFuture, err error) {
+	req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, VMName, VMExtensionName, extensionParameters)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineExtensionsClient", "CreateOrUpdate", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.CreateOrUpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineExtensionsClient", "CreateOrUpdate", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// CreateOrUpdatePreparer prepares the CreateOrUpdate request.
+func (client VirtualMachineExtensionsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, VMName string, VMExtensionName string, extensionParameters VirtualMachineExtension) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmExtensionName":   autorest.Encode("path", VMExtensionName),
+		"vmName":            autorest.Encode("path", VMName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPut(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmName}/extensions/{vmExtensionName}", pathParameters),
+		autorest.WithJSON(extensionParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineExtensionsClient) CreateOrUpdateSender(req *http.Request) (future VirtualMachineExtensionsCreateOrUpdateFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated))
+	return
+}
+
+// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineExtensionsClient) CreateOrUpdateResponder(resp *http.Response) (result VirtualMachineExtension, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Delete the operation to delete the extension.
+//
+// resourceGroupName is the name of the resource group. VMName is the name of the virtual machine where the extension
+// should be deleted. VMExtensionName is the name of the virtual machine extension.
+func (client VirtualMachineExtensionsClient) Delete(ctx context.Context, resourceGroupName string, VMName string, VMExtensionName string) (result VirtualMachineExtensionsDeleteFuture, err error) {
+	req, err := client.DeletePreparer(ctx, resourceGroupName, VMName, VMExtensionName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineExtensionsClient", "Delete", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.DeleteSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineExtensionsClient", "Delete", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// DeletePreparer prepares the Delete request.
+func (client VirtualMachineExtensionsClient) DeletePreparer(ctx context.Context, resourceGroupName string, VMName string, VMExtensionName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmExtensionName":   autorest.Encode("path", VMExtensionName),
+		"vmName":            autorest.Encode("path", VMName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsDelete(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmName}/extensions/{vmExtensionName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeleteSender sends the Delete request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineExtensionsClient) DeleteSender(req *http.Request) (future VirtualMachineExtensionsDeleteFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent))
+	return
+}
+
+// DeleteResponder handles the response to the Delete request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineExtensionsClient) DeleteResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Get the operation to get the extension.
+//
+// resourceGroupName is the name of the resource group. VMName is the name of the virtual machine containing the
+// extension. VMExtensionName is the name of the virtual machine extension. expand is the expand expression to apply on
+// the operation.
+func (client VirtualMachineExtensionsClient) Get(ctx context.Context, resourceGroupName string, VMName string, VMExtensionName string, expand string) (result VirtualMachineExtension, err error) {
+	req, err := client.GetPreparer(ctx, resourceGroupName, VMName, VMExtensionName, expand)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineExtensionsClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineExtensionsClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineExtensionsClient", "Get", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client VirtualMachineExtensionsClient) GetPreparer(ctx context.Context, resourceGroupName string, VMName string, VMExtensionName string, expand string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmExtensionName":   autorest.Encode("path", VMExtensionName),
+		"vmName":            autorest.Encode("path", VMName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if len(expand) > 0 {
+		queryParameters["$expand"] = autorest.Encode("query", expand)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmName}/extensions/{vmExtensionName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineExtensionsClient) GetSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineExtensionsClient) GetResponder(resp *http.Response) (result VirtualMachineExtension, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachineimages.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachineimages.go
new file mode 100644
index 000000000000..e3aa2bc8224e
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachineimages.go
@@ -0,0 +1,387 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"net/http"
+)
+
+// VirtualMachineImagesClient is the compute Client
+type VirtualMachineImagesClient struct {
+	BaseClient
+}
+
+// NewVirtualMachineImagesClient creates an instance of the VirtualMachineImagesClient client.
+func NewVirtualMachineImagesClient(subscriptionID string) VirtualMachineImagesClient {
+	return NewVirtualMachineImagesClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewVirtualMachineImagesClientWithBaseURI creates an instance of the VirtualMachineImagesClient client.
+func NewVirtualMachineImagesClientWithBaseURI(baseURI string, subscriptionID string) VirtualMachineImagesClient {
+	return VirtualMachineImagesClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// Get gets a virtual machine image.
+//
+// location is the name of a supported Azure region. publisherName is a valid image publisher. offer is a valid image
+// publisher offer. skus is a valid image SKU. version is a valid image SKU version.
+func (client VirtualMachineImagesClient) Get(ctx context.Context, location string, publisherName string, offer string, skus string, version string) (result VirtualMachineImage, err error) {
+	req, err := client.GetPreparer(ctx, location, publisherName, offer, skus, version)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineImagesClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineImagesClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineImagesClient", "Get", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client VirtualMachineImagesClient) GetPreparer(ctx context.Context, location string, publisherName string, offer string, skus string, version string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"location":       autorest.Encode("path", location),
+		"offer":          autorest.Encode("path", offer),
+		"publisherName":  autorest.Encode("path", publisherName),
+		"skus":           autorest.Encode("path", skus),
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+		"version":        autorest.Encode("path", version),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/locations/{location}/publishers/{publisherName}/artifacttypes/vmimage/offers/{offer}/skus/{skus}/versions/{version}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineImagesClient) GetSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineImagesClient) GetResponder(resp *http.Response) (result VirtualMachineImage, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// List gets a list of all virtual machine image versions for the specified location, publisher, offer, and SKU.
+//
+// location is the name of a supported Azure region. publisherName is a valid image publisher. offer is a valid image
+// publisher offer. skus is a valid image SKU. filter is the filter to apply on the operation.
+func (client VirtualMachineImagesClient) List(ctx context.Context, location string, publisherName string, offer string, skus string, filter string, top *int32, orderby string) (result ListVirtualMachineImageResource, err error) {
+	req, err := client.ListPreparer(ctx, location, publisherName, offer, skus, filter, top, orderby)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineImagesClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineImagesClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineImagesClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client VirtualMachineImagesClient) ListPreparer(ctx context.Context, location string, publisherName string, offer string, skus string, filter string, top *int32, orderby string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"location":       autorest.Encode("path", location),
+		"offer":          autorest.Encode("path", offer),
+		"publisherName":  autorest.Encode("path", publisherName),
+		"skus":           autorest.Encode("path", skus),
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if len(filter) > 0 {
+		queryParameters["$filter"] = autorest.Encode("query", filter)
+	}
+	if top != nil {
+		queryParameters["$top"] = autorest.Encode("query", *top)
+	}
+	if len(orderby) > 0 {
+		queryParameters["$orderby"] = autorest.Encode("query", orderby)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/locations/{location}/publishers/{publisherName}/artifacttypes/vmimage/offers/{offer}/skus/{skus}/versions", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineImagesClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineImagesClient) ListResponder(resp *http.Response) (result ListVirtualMachineImageResource, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result.Value),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// ListOffers gets a list of virtual machine image offers for the specified location and publisher.
+//
+// location is the name of a supported Azure region. publisherName is a valid image publisher.
+func (client VirtualMachineImagesClient) ListOffers(ctx context.Context, location string, publisherName string) (result ListVirtualMachineImageResource, err error) {
+	req, err := client.ListOffersPreparer(ctx, location, publisherName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineImagesClient", "ListOffers", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListOffersSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineImagesClient", "ListOffers", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.ListOffersResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineImagesClient", "ListOffers", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListOffersPreparer prepares the ListOffers request.
+func (client VirtualMachineImagesClient) ListOffersPreparer(ctx context.Context, location string, publisherName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"location":       autorest.Encode("path", location),
+		"publisherName":  autorest.Encode("path", publisherName),
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/locations/{location}/publishers/{publisherName}/artifacttypes/vmimage/offers", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListOffersSender sends the ListOffers request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineImagesClient) ListOffersSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListOffersResponder handles the response to the ListOffers request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineImagesClient) ListOffersResponder(resp *http.Response) (result ListVirtualMachineImageResource, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result.Value),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// ListPublishers gets a list of virtual machine image publishers for the specified Azure location.
+//
+// location is the name of a supported Azure region.
+func (client VirtualMachineImagesClient) ListPublishers(ctx context.Context, location string) (result ListVirtualMachineImageResource, err error) {
+	req, err := client.ListPublishersPreparer(ctx, location)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineImagesClient", "ListPublishers", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListPublishersSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineImagesClient", "ListPublishers", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.ListPublishersResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineImagesClient", "ListPublishers", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPublishersPreparer prepares the ListPublishers request.
+func (client VirtualMachineImagesClient) ListPublishersPreparer(ctx context.Context, location string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"location":       autorest.Encode("path", location),
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/locations/{location}/publishers", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListPublishersSender sends the ListPublishers request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineImagesClient) ListPublishersSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListPublishersResponder handles the response to the ListPublishers request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineImagesClient) ListPublishersResponder(resp *http.Response) (result ListVirtualMachineImageResource, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result.Value),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// ListSkus gets a list of virtual machine image SKUs for the specified location, publisher, and offer.
+//
+// location is the name of a supported Azure region. publisherName is a valid image publisher. offer is a valid image
+// publisher offer.
+func (client VirtualMachineImagesClient) ListSkus(ctx context.Context, location string, publisherName string, offer string) (result ListVirtualMachineImageResource, err error) {
+	req, err := client.ListSkusPreparer(ctx, location, publisherName, offer)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineImagesClient", "ListSkus", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSkusSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineImagesClient", "ListSkus", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.ListSkusResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineImagesClient", "ListSkus", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListSkusPreparer prepares the ListSkus request.
+func (client VirtualMachineImagesClient) ListSkusPreparer(ctx context.Context, location string, publisherName string, offer string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"location":       autorest.Encode("path", location),
+		"offer":          autorest.Encode("path", offer),
+		"publisherName":  autorest.Encode("path", publisherName),
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/locations/{location}/publishers/{publisherName}/artifacttypes/vmimage/offers/{offer}/skus", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSkusSender sends the ListSkus request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineImagesClient) ListSkusSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListSkusResponder handles the response to the ListSkus request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineImagesClient) ListSkusResponder(resp *http.Response) (result ListVirtualMachineImageResource, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result.Value),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachineruncommands.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachineruncommands.go
new file mode 100644
index 000000000000..79674138d2cb
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachineruncommands.go
@@ -0,0 +1,212 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/autorest/validation"
+	"net/http"
+)
+
+// VirtualMachineRunCommandsClient is the compute Client
+type VirtualMachineRunCommandsClient struct {
+	BaseClient
+}
+
+// NewVirtualMachineRunCommandsClient creates an instance of the VirtualMachineRunCommandsClient client.
+func NewVirtualMachineRunCommandsClient(subscriptionID string) VirtualMachineRunCommandsClient {
+	return NewVirtualMachineRunCommandsClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewVirtualMachineRunCommandsClientWithBaseURI creates an instance of the VirtualMachineRunCommandsClient client.
+func NewVirtualMachineRunCommandsClientWithBaseURI(baseURI string, subscriptionID string) VirtualMachineRunCommandsClient {
+	return VirtualMachineRunCommandsClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// Get gets specific run command for a subscription in a location.
+//
+// location is the location upon which run commands is queried. commandID is the command id.
+func (client VirtualMachineRunCommandsClient) Get(ctx context.Context, location string, commandID string) (result RunCommandDocument, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: location,
+			Constraints: []validation.Constraint{{Target: "location", Name: validation.Pattern, Rule: `^[-\w\._]+$`, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "compute.VirtualMachineRunCommandsClient", "Get")
+	}
+
+	req, err := client.GetPreparer(ctx, location, commandID)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineRunCommandsClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineRunCommandsClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineRunCommandsClient", "Get", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client VirtualMachineRunCommandsClient) GetPreparer(ctx context.Context, location string, commandID string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"commandId":      autorest.Encode("path", commandID),
+		"location":       autorest.Encode("path", location),
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/locations/{location}/runCommands/{commandId}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineRunCommandsClient) GetSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineRunCommandsClient) GetResponder(resp *http.Response) (result RunCommandDocument, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// List lists all available run commands for a subscription in a location.
+//
+// location is the location upon which run commands is queried.
+func (client VirtualMachineRunCommandsClient) List(ctx context.Context, location string) (result RunCommandListResultPage, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: location,
+			Constraints: []validation.Constraint{{Target: "location", Name: validation.Pattern, Rule: `^[-\w\._]+$`, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "compute.VirtualMachineRunCommandsClient", "List")
+	}
+
+	result.fn = client.listNextResults
+	req, err := client.ListPreparer(ctx, location)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineRunCommandsClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.rclr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineRunCommandsClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result.rclr, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineRunCommandsClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client VirtualMachineRunCommandsClient) ListPreparer(ctx context.Context, location string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"location":       autorest.Encode("path", location),
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/locations/{location}/runCommands", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineRunCommandsClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineRunCommandsClient) ListResponder(resp *http.Response) (result RunCommandListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listNextResults retrieves the next set of results, if any.
+func (client VirtualMachineRunCommandsClient) listNextResults(lastResults RunCommandListResult) (result RunCommandListResult, err error) {
+	req, err := lastResults.runCommandListResultPreparer()
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "compute.VirtualMachineRunCommandsClient", "listNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "compute.VirtualMachineRunCommandsClient", "listNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineRunCommandsClient", "listNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListComplete enumerates all values, automatically crossing page boundaries as required.
+func (client VirtualMachineRunCommandsClient) ListComplete(ctx context.Context, location string) (result RunCommandListResultIterator, err error) {
+	result.page, err = client.List(ctx, location)
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachines.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachines.go
new file mode 100644
index 000000000000..8e61949a5240
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachines.go
@@ -0,0 +1,1290 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/autorest/validation"
+	"net/http"
+)
+
+// VirtualMachinesClient is the compute Client
+type VirtualMachinesClient struct {
+	BaseClient
+}
+
+// NewVirtualMachinesClient creates an instance of the VirtualMachinesClient client.
+func NewVirtualMachinesClient(subscriptionID string) VirtualMachinesClient {
+	return NewVirtualMachinesClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewVirtualMachinesClientWithBaseURI creates an instance of the VirtualMachinesClient client.
+func NewVirtualMachinesClientWithBaseURI(baseURI string, subscriptionID string) VirtualMachinesClient {
+	return VirtualMachinesClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// Capture captures the VM by copying virtual hard disks of the VM and outputs a template that can be used to create
+// similar VMs.
+//
+// resourceGroupName is the name of the resource group. VMName is the name of the virtual machine. parameters is
+// parameters supplied to the Capture Virtual Machine operation.
+func (client VirtualMachinesClient) Capture(ctx context.Context, resourceGroupName string, VMName string, parameters VirtualMachineCaptureParameters) (result VirtualMachinesCaptureFuture, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: parameters,
+			Constraints: []validation.Constraint{{Target: "parameters.VhdPrefix", Name: validation.Null, Rule: true, Chain: nil},
+				{Target: "parameters.DestinationContainerName", Name: validation.Null, Rule: true, Chain: nil},
+				{Target: "parameters.OverwriteVhds", Name: validation.Null, Rule: true, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "compute.VirtualMachinesClient", "Capture")
+	}
+
+	req, err := client.CapturePreparer(ctx, resourceGroupName, VMName, parameters)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "Capture", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.CaptureSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "Capture", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// CapturePreparer prepares the Capture request.
+func (client VirtualMachinesClient) CapturePreparer(ctx context.Context, resourceGroupName string, VMName string, parameters VirtualMachineCaptureParameters) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmName":            autorest.Encode("path", VMName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmName}/capture", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// CaptureSender sends the Capture request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachinesClient) CaptureSender(req *http.Request) (future VirtualMachinesCaptureFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// CaptureResponder handles the response to the Capture request. The method always
+// closes the http.Response Body.
+func (client VirtualMachinesClient) CaptureResponder(resp *http.Response) (result VirtualMachineCaptureResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// ConvertToManagedDisks converts virtual machine disks from blob-based to managed disks. Virtual machine must be
+// stop-deallocated before invoking this operation.
+//
+// resourceGroupName is the name of the resource group. VMName is the name of the virtual machine.
+func (client VirtualMachinesClient) ConvertToManagedDisks(ctx context.Context, resourceGroupName string, VMName string) (result VirtualMachinesConvertToManagedDisksFuture, err error) {
+	req, err := client.ConvertToManagedDisksPreparer(ctx, resourceGroupName, VMName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "ConvertToManagedDisks", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.ConvertToManagedDisksSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "ConvertToManagedDisks", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// ConvertToManagedDisksPreparer prepares the ConvertToManagedDisks request.
+func (client VirtualMachinesClient) ConvertToManagedDisksPreparer(ctx context.Context, resourceGroupName string, VMName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmName":            autorest.Encode("path", VMName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmName}/convertToManagedDisks", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ConvertToManagedDisksSender sends the ConvertToManagedDisks request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachinesClient) ConvertToManagedDisksSender(req *http.Request) (future VirtualMachinesConvertToManagedDisksFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// ConvertToManagedDisksResponder handles the response to the ConvertToManagedDisks request. The method always
+// closes the http.Response Body.
+func (client VirtualMachinesClient) ConvertToManagedDisksResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// CreateOrUpdate the operation to create or update a virtual machine.
+//
+// resourceGroupName is the name of the resource group. VMName is the name of the virtual machine. parameters is
+// parameters supplied to the Create Virtual Machine operation.
+func (client VirtualMachinesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, VMName string, parameters VirtualMachine) (result VirtualMachinesCreateOrUpdateFuture, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: parameters,
+			Constraints: []validation.Constraint{{Target: "parameters.VirtualMachineProperties", Name: validation.Null, Rule: false,
+				Chain: []validation.Constraint{{Target: "parameters.VirtualMachineProperties.StorageProfile", Name: validation.Null, Rule: false,
+					Chain: []validation.Constraint{{Target: "parameters.VirtualMachineProperties.StorageProfile.OsDisk", Name: validation.Null, Rule: false,
+						Chain: []validation.Constraint{{Target: "parameters.VirtualMachineProperties.StorageProfile.OsDisk.EncryptionSettings", Name: validation.Null, Rule: false,
+							Chain: []validation.Constraint{{Target: "parameters.VirtualMachineProperties.StorageProfile.OsDisk.EncryptionSettings.DiskEncryptionKey", Name: validation.Null, Rule: false,
+								Chain: []validation.Constraint{{Target: "parameters.VirtualMachineProperties.StorageProfile.OsDisk.EncryptionSettings.DiskEncryptionKey.SecretURL", Name: validation.Null, Rule: true, Chain: nil},
+									{Target: "parameters.VirtualMachineProperties.StorageProfile.OsDisk.EncryptionSettings.DiskEncryptionKey.SourceVault", Name: validation.Null, Rule: true, Chain: nil},
+								}},
+								{Target: "parameters.VirtualMachineProperties.StorageProfile.OsDisk.EncryptionSettings.KeyEncryptionKey", Name: validation.Null, Rule: false,
+									Chain: []validation.Constraint{{Target: "parameters.VirtualMachineProperties.StorageProfile.OsDisk.EncryptionSettings.KeyEncryptionKey.KeyURL", Name: validation.Null, Rule: true, Chain: nil},
+										{Target: "parameters.VirtualMachineProperties.StorageProfile.OsDisk.EncryptionSettings.KeyEncryptionKey.SourceVault", Name: validation.Null, Rule: true, Chain: nil},
+									}},
+							}},
+						}},
+					}},
+				}}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "compute.VirtualMachinesClient", "CreateOrUpdate")
+	}
+
+	req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, VMName, parameters)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "CreateOrUpdate", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.CreateOrUpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "CreateOrUpdate", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// CreateOrUpdatePreparer prepares the CreateOrUpdate request.
+func (client VirtualMachinesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, VMName string, parameters VirtualMachine) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmName":            autorest.Encode("path", VMName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPut(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachinesClient) CreateOrUpdateSender(req *http.Request) (future VirtualMachinesCreateOrUpdateFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated))
+	return
+}
+
+// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always
+// closes the http.Response Body.
+func (client VirtualMachinesClient) CreateOrUpdateResponder(resp *http.Response) (result VirtualMachine, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Deallocate shuts down the virtual machine and releases the compute resources. You are not billed for the compute
+// resources that this virtual machine uses.
+//
+// resourceGroupName is the name of the resource group. VMName is the name of the virtual machine.
+func (client VirtualMachinesClient) Deallocate(ctx context.Context, resourceGroupName string, VMName string) (result VirtualMachinesDeallocateFuture, err error) {
+	req, err := client.DeallocatePreparer(ctx, resourceGroupName, VMName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "Deallocate", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.DeallocateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "Deallocate", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// DeallocatePreparer prepares the Deallocate request.
+func (client VirtualMachinesClient) DeallocatePreparer(ctx context.Context, resourceGroupName string, VMName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmName":            autorest.Encode("path", VMName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmName}/deallocate", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeallocateSender sends the Deallocate request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachinesClient) DeallocateSender(req *http.Request) (future VirtualMachinesDeallocateFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// DeallocateResponder handles the response to the Deallocate request. The method always
+// closes the http.Response Body.
+func (client VirtualMachinesClient) DeallocateResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Delete the operation to delete a virtual machine.
+//
+// resourceGroupName is the name of the resource group. VMName is the name of the virtual machine.
+func (client VirtualMachinesClient) Delete(ctx context.Context, resourceGroupName string, VMName string) (result VirtualMachinesDeleteFuture, err error) {
+	req, err := client.DeletePreparer(ctx, resourceGroupName, VMName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "Delete", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.DeleteSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "Delete", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// DeletePreparer prepares the Delete request.
+func (client VirtualMachinesClient) DeletePreparer(ctx context.Context, resourceGroupName string, VMName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmName":            autorest.Encode("path", VMName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsDelete(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeleteSender sends the Delete request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachinesClient) DeleteSender(req *http.Request) (future VirtualMachinesDeleteFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent))
+	return
+}
+
+// DeleteResponder handles the response to the Delete request. The method always
+// closes the http.Response Body.
+func (client VirtualMachinesClient) DeleteResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Generalize sets the state of the virtual machine to generalized.
+//
+// resourceGroupName is the name of the resource group. VMName is the name of the virtual machine.
+func (client VirtualMachinesClient) Generalize(ctx context.Context, resourceGroupName string, VMName string) (result OperationStatusResponse, err error) {
+	req, err := client.GeneralizePreparer(ctx, resourceGroupName, VMName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "Generalize", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GeneralizeSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "Generalize", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GeneralizeResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "Generalize", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GeneralizePreparer prepares the Generalize request.
+func (client VirtualMachinesClient) GeneralizePreparer(ctx context.Context, resourceGroupName string, VMName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmName":            autorest.Encode("path", VMName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmName}/generalize", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GeneralizeSender sends the Generalize request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachinesClient) GeneralizeSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GeneralizeResponder handles the response to the Generalize request. The method always
+// closes the http.Response Body.
+func (client VirtualMachinesClient) GeneralizeResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Get retrieves information about the model view or the instance view of a virtual machine.
+//
+// resourceGroupName is the name of the resource group. VMName is the name of the virtual machine. expand is the expand
+// expression to apply on the operation.
+func (client VirtualMachinesClient) Get(ctx context.Context, resourceGroupName string, VMName string, expand InstanceViewTypes) (result VirtualMachine, err error) {
+	req, err := client.GetPreparer(ctx, resourceGroupName, VMName, expand)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "Get", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client VirtualMachinesClient) GetPreparer(ctx context.Context, resourceGroupName string, VMName string, expand InstanceViewTypes) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmName":            autorest.Encode("path", VMName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if len(string(expand)) > 0 {
+		queryParameters["$expand"] = autorest.Encode("query", expand)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachinesClient) GetSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client VirtualMachinesClient) GetResponder(resp *http.Response) (result VirtualMachine, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// InstanceView retrieves information about the run-time state of a virtual machine.
+//
+// resourceGroupName is the name of the resource group. VMName is the name of the virtual machine.
+func (client VirtualMachinesClient) InstanceView(ctx context.Context, resourceGroupName string, VMName string) (result VirtualMachineInstanceView, err error) {
+	req, err := client.InstanceViewPreparer(ctx, resourceGroupName, VMName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "InstanceView", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.InstanceViewSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "InstanceView", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.InstanceViewResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "InstanceView", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// InstanceViewPreparer prepares the InstanceView request.
+func (client VirtualMachinesClient) InstanceViewPreparer(ctx context.Context, resourceGroupName string, VMName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmName":            autorest.Encode("path", VMName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmName}/instanceView", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// InstanceViewSender sends the InstanceView request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachinesClient) InstanceViewSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// InstanceViewResponder handles the response to the InstanceView request. The method always
+// closes the http.Response Body.
+func (client VirtualMachinesClient) InstanceViewResponder(resp *http.Response) (result VirtualMachineInstanceView, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// List lists all of the virtual machines in the specified resource group. Use the nextLink property in the response to
+// get the next page of virtual machines.
+//
+// resourceGroupName is the name of the resource group.
+func (client VirtualMachinesClient) List(ctx context.Context, resourceGroupName string) (result VirtualMachineListResultPage, err error) {
+	result.fn = client.listNextResults
+	req, err := client.ListPreparer(ctx, resourceGroupName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.vmlr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result.vmlr, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client VirtualMachinesClient) ListPreparer(ctx context.Context, resourceGroupName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachinesClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client VirtualMachinesClient) ListResponder(resp *http.Response) (result VirtualMachineListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listNextResults retrieves the next set of results, if any.
+func (client VirtualMachinesClient) listNextResults(lastResults VirtualMachineListResult) (result VirtualMachineListResult, err error) {
+	req, err := lastResults.virtualMachineListResultPreparer()
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "listNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "listNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "listNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListComplete enumerates all values, automatically crossing page boundaries as required.
+func (client VirtualMachinesClient) ListComplete(ctx context.Context, resourceGroupName string) (result VirtualMachineListResultIterator, err error) {
+	result.page, err = client.List(ctx, resourceGroupName)
+	return
+}
+
+// ListAll lists all of the virtual machines in the specified subscription. Use the nextLink property in the response
+// to get the next page of virtual machines.
+func (client VirtualMachinesClient) ListAll(ctx context.Context) (result VirtualMachineListResultPage, err error) {
+	result.fn = client.listAllNextResults
+	req, err := client.ListAllPreparer(ctx)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "ListAll", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListAllSender(req)
+	if err != nil {
+		result.vmlr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "ListAll", resp, "Failure sending request")
+		return
+	}
+
+	result.vmlr, err = client.ListAllResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "ListAll", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListAllPreparer prepares the ListAll request.
+func (client VirtualMachinesClient) ListAllPreparer(ctx context.Context) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/virtualMachines", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListAllSender sends the ListAll request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachinesClient) ListAllSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListAllResponder handles the response to the ListAll request. The method always
+// closes the http.Response Body.
+func (client VirtualMachinesClient) ListAllResponder(resp *http.Response) (result VirtualMachineListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listAllNextResults retrieves the next set of results, if any.
+func (client VirtualMachinesClient) listAllNextResults(lastResults VirtualMachineListResult) (result VirtualMachineListResult, err error) {
+	req, err := lastResults.virtualMachineListResultPreparer()
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "listAllNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListAllSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "listAllNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListAllResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "listAllNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListAllComplete enumerates all values, automatically crossing page boundaries as required.
+func (client VirtualMachinesClient) ListAllComplete(ctx context.Context) (result VirtualMachineListResultIterator, err error) {
+	result.page, err = client.ListAll(ctx)
+	return
+}
+
+// ListAvailableSizes lists all available virtual machine sizes to which the specified virtual machine can be resized.
+//
+// resourceGroupName is the name of the resource group. VMName is the name of the virtual machine.
+func (client VirtualMachinesClient) ListAvailableSizes(ctx context.Context, resourceGroupName string, VMName string) (result VirtualMachineSizeListResult, err error) {
+	req, err := client.ListAvailableSizesPreparer(ctx, resourceGroupName, VMName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "ListAvailableSizes", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListAvailableSizesSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "ListAvailableSizes", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.ListAvailableSizesResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "ListAvailableSizes", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListAvailableSizesPreparer prepares the ListAvailableSizes request.
+func (client VirtualMachinesClient) ListAvailableSizesPreparer(ctx context.Context, resourceGroupName string, VMName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmName":            autorest.Encode("path", VMName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmName}/vmSizes", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListAvailableSizesSender sends the ListAvailableSizes request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachinesClient) ListAvailableSizesSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListAvailableSizesResponder handles the response to the ListAvailableSizes request. The method always
+// closes the http.Response Body.
+func (client VirtualMachinesClient) ListAvailableSizesResponder(resp *http.Response) (result VirtualMachineSizeListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// PerformMaintenance the operation to perform maintenance on a virtual machine.
+//
+// resourceGroupName is the name of the resource group. VMName is the name of the virtual machine.
+func (client VirtualMachinesClient) PerformMaintenance(ctx context.Context, resourceGroupName string, VMName string) (result VirtualMachinesPerformMaintenanceFuture, err error) {
+	req, err := client.PerformMaintenancePreparer(ctx, resourceGroupName, VMName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "PerformMaintenance", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.PerformMaintenanceSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "PerformMaintenance", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// PerformMaintenancePreparer prepares the PerformMaintenance request.
+func (client VirtualMachinesClient) PerformMaintenancePreparer(ctx context.Context, resourceGroupName string, VMName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmName":            autorest.Encode("path", VMName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmName}/performMaintenance", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// PerformMaintenanceSender sends the PerformMaintenance request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachinesClient) PerformMaintenanceSender(req *http.Request) (future VirtualMachinesPerformMaintenanceFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// PerformMaintenanceResponder handles the response to the PerformMaintenance request. The method always
+// closes the http.Response Body.
+func (client VirtualMachinesClient) PerformMaintenanceResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// PowerOff the operation to power off (stop) a virtual machine. The virtual machine can be restarted with the same
+// provisioned resources. You are still charged for this virtual machine.
+//
+// resourceGroupName is the name of the resource group. VMName is the name of the virtual machine.
+func (client VirtualMachinesClient) PowerOff(ctx context.Context, resourceGroupName string, VMName string) (result VirtualMachinesPowerOffFuture, err error) {
+	req, err := client.PowerOffPreparer(ctx, resourceGroupName, VMName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "PowerOff", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.PowerOffSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "PowerOff", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// PowerOffPreparer prepares the PowerOff request.
+func (client VirtualMachinesClient) PowerOffPreparer(ctx context.Context, resourceGroupName string, VMName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmName":            autorest.Encode("path", VMName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmName}/powerOff", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// PowerOffSender sends the PowerOff request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachinesClient) PowerOffSender(req *http.Request) (future VirtualMachinesPowerOffFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// PowerOffResponder handles the response to the PowerOff request. The method always
+// closes the http.Response Body.
+func (client VirtualMachinesClient) PowerOffResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Redeploy the operation to redeploy a virtual machine.
+//
+// resourceGroupName is the name of the resource group. VMName is the name of the virtual machine.
+func (client VirtualMachinesClient) Redeploy(ctx context.Context, resourceGroupName string, VMName string) (result VirtualMachinesRedeployFuture, err error) {
+	req, err := client.RedeployPreparer(ctx, resourceGroupName, VMName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "Redeploy", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.RedeploySender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "Redeploy", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// RedeployPreparer prepares the Redeploy request.
+func (client VirtualMachinesClient) RedeployPreparer(ctx context.Context, resourceGroupName string, VMName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmName":            autorest.Encode("path", VMName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmName}/redeploy", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// RedeploySender sends the Redeploy request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachinesClient) RedeploySender(req *http.Request) (future VirtualMachinesRedeployFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// RedeployResponder handles the response to the Redeploy request. The method always
+// closes the http.Response Body.
+func (client VirtualMachinesClient) RedeployResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Restart the operation to restart a virtual machine.
+//
+// resourceGroupName is the name of the resource group. VMName is the name of the virtual machine.
+func (client VirtualMachinesClient) Restart(ctx context.Context, resourceGroupName string, VMName string) (result VirtualMachinesRestartFuture, err error) {
+	req, err := client.RestartPreparer(ctx, resourceGroupName, VMName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "Restart", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.RestartSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "Restart", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// RestartPreparer prepares the Restart request.
+func (client VirtualMachinesClient) RestartPreparer(ctx context.Context, resourceGroupName string, VMName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmName":            autorest.Encode("path", VMName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmName}/restart", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// RestartSender sends the Restart request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachinesClient) RestartSender(req *http.Request) (future VirtualMachinesRestartFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// RestartResponder handles the response to the Restart request. The method always
+// closes the http.Response Body.
+func (client VirtualMachinesClient) RestartResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// RunCommand run command on the VM.
+//
+// resourceGroupName is the name of the resource group. VMName is the name of the virtual machine. parameters is
+// parameters supplied to the Run command operation.
+func (client VirtualMachinesClient) RunCommand(ctx context.Context, resourceGroupName string, VMName string, parameters RunCommandInput) (result VirtualMachinesRunCommandFuture, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: parameters,
+			Constraints: []validation.Constraint{{Target: "parameters.CommandID", Name: validation.Null, Rule: true, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "compute.VirtualMachinesClient", "RunCommand")
+	}
+
+	req, err := client.RunCommandPreparer(ctx, resourceGroupName, VMName, parameters)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "RunCommand", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.RunCommandSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "RunCommand", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// RunCommandPreparer prepares the RunCommand request.
+func (client VirtualMachinesClient) RunCommandPreparer(ctx context.Context, resourceGroupName string, VMName string, parameters RunCommandInput) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmName":            autorest.Encode("path", VMName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmName}/runCommand", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// RunCommandSender sends the RunCommand request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachinesClient) RunCommandSender(req *http.Request) (future VirtualMachinesRunCommandFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// RunCommandResponder handles the response to the RunCommand request. The method always
+// closes the http.Response Body.
+func (client VirtualMachinesClient) RunCommandResponder(resp *http.Response) (result RunCommandResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Start the operation to start a virtual machine.
+//
+// resourceGroupName is the name of the resource group. VMName is the name of the virtual machine.
+func (client VirtualMachinesClient) Start(ctx context.Context, resourceGroupName string, VMName string) (result VirtualMachinesStartFuture, err error) {
+	req, err := client.StartPreparer(ctx, resourceGroupName, VMName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "Start", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.StartSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachinesClient", "Start", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// StartPreparer prepares the Start request.
+func (client VirtualMachinesClient) StartPreparer(ctx context.Context, resourceGroupName string, VMName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmName":            autorest.Encode("path", VMName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines/{vmName}/start", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// StartSender sends the Start request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachinesClient) StartSender(req *http.Request) (future VirtualMachinesStartFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// StartResponder handles the response to the Start request. The method always
+// closes the http.Response Body.
+func (client VirtualMachinesClient) StartResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachinescalesetextensions.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachinescalesetextensions.go
new file mode 100644
index 000000000000..d27a62b7954f
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachinescalesetextensions.go
@@ -0,0 +1,351 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"net/http"
+)
+
+// VirtualMachineScaleSetExtensionsClient is the compute Client
+type VirtualMachineScaleSetExtensionsClient struct {
+	BaseClient
+}
+
+// NewVirtualMachineScaleSetExtensionsClient creates an instance of the VirtualMachineScaleSetExtensionsClient client.
+func NewVirtualMachineScaleSetExtensionsClient(subscriptionID string) VirtualMachineScaleSetExtensionsClient {
+	return NewVirtualMachineScaleSetExtensionsClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewVirtualMachineScaleSetExtensionsClientWithBaseURI creates an instance of the
+// VirtualMachineScaleSetExtensionsClient client.
+func NewVirtualMachineScaleSetExtensionsClientWithBaseURI(baseURI string, subscriptionID string) VirtualMachineScaleSetExtensionsClient {
+	return VirtualMachineScaleSetExtensionsClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// CreateOrUpdate the operation to create or update an extension.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set where the
+// extension should be create or updated. vmssExtensionName is the name of the VM scale set extension.
+// extensionParameters is parameters supplied to the Create VM scale set Extension operation.
+func (client VirtualMachineScaleSetExtensionsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, VMScaleSetName string, vmssExtensionName string, extensionParameters VirtualMachineScaleSetExtension) (result VirtualMachineScaleSetExtensionsCreateOrUpdateFuture, err error) {
+	req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, VMScaleSetName, vmssExtensionName, extensionParameters)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetExtensionsClient", "CreateOrUpdate", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.CreateOrUpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetExtensionsClient", "CreateOrUpdate", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// CreateOrUpdatePreparer prepares the CreateOrUpdate request.
+func (client VirtualMachineScaleSetExtensionsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, vmssExtensionName string, extensionParameters VirtualMachineScaleSetExtension) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+		"vmssExtensionName": autorest.Encode("path", vmssExtensionName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPut(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/extensions/{vmssExtensionName}", pathParameters),
+		autorest.WithJSON(extensionParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetExtensionsClient) CreateOrUpdateSender(req *http.Request) (future VirtualMachineScaleSetExtensionsCreateOrUpdateFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated))
+	return
+}
+
+// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetExtensionsClient) CreateOrUpdateResponder(resp *http.Response) (result VirtualMachineScaleSetExtension, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Delete the operation to delete the extension.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set where the
+// extension should be deleted. vmssExtensionName is the name of the VM scale set extension.
+func (client VirtualMachineScaleSetExtensionsClient) Delete(ctx context.Context, resourceGroupName string, VMScaleSetName string, vmssExtensionName string) (result VirtualMachineScaleSetExtensionsDeleteFuture, err error) {
+	req, err := client.DeletePreparer(ctx, resourceGroupName, VMScaleSetName, vmssExtensionName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetExtensionsClient", "Delete", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.DeleteSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetExtensionsClient", "Delete", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// DeletePreparer prepares the Delete request.
+func (client VirtualMachineScaleSetExtensionsClient) DeletePreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, vmssExtensionName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+		"vmssExtensionName": autorest.Encode("path", vmssExtensionName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsDelete(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/extensions/{vmssExtensionName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeleteSender sends the Delete request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetExtensionsClient) DeleteSender(req *http.Request) (future VirtualMachineScaleSetExtensionsDeleteFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent))
+	return
+}
+
+// DeleteResponder handles the response to the Delete request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetExtensionsClient) DeleteResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Get the operation to get the extension.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set containing the
+// extension. vmssExtensionName is the name of the VM scale set extension. expand is the expand expression to apply on
+// the operation.
+func (client VirtualMachineScaleSetExtensionsClient) Get(ctx context.Context, resourceGroupName string, VMScaleSetName string, vmssExtensionName string, expand string) (result VirtualMachineScaleSetExtension, err error) {
+	req, err := client.GetPreparer(ctx, resourceGroupName, VMScaleSetName, vmssExtensionName, expand)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetExtensionsClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetExtensionsClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetExtensionsClient", "Get", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client VirtualMachineScaleSetExtensionsClient) GetPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, vmssExtensionName string, expand string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+		"vmssExtensionName": autorest.Encode("path", vmssExtensionName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if len(expand) > 0 {
+		queryParameters["$expand"] = autorest.Encode("query", expand)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/extensions/{vmssExtensionName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetExtensionsClient) GetSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetExtensionsClient) GetResponder(resp *http.Response) (result VirtualMachineScaleSetExtension, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// List gets a list of all extensions in a VM scale set.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set containing the
+// extension.
+func (client VirtualMachineScaleSetExtensionsClient) List(ctx context.Context, resourceGroupName string, VMScaleSetName string) (result VirtualMachineScaleSetExtensionListResultPage, err error) {
+	result.fn = client.listNextResults
+	req, err := client.ListPreparer(ctx, resourceGroupName, VMScaleSetName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetExtensionsClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.vmsselr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetExtensionsClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result.vmsselr, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetExtensionsClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client VirtualMachineScaleSetExtensionsClient) ListPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/extensions", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetExtensionsClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetExtensionsClient) ListResponder(resp *http.Response) (result VirtualMachineScaleSetExtensionListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listNextResults retrieves the next set of results, if any.
+func (client VirtualMachineScaleSetExtensionsClient) listNextResults(lastResults VirtualMachineScaleSetExtensionListResult) (result VirtualMachineScaleSetExtensionListResult, err error) {
+	req, err := lastResults.virtualMachineScaleSetExtensionListResultPreparer()
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetExtensionsClient", "listNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetExtensionsClient", "listNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetExtensionsClient", "listNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListComplete enumerates all values, automatically crossing page boundaries as required.
+func (client VirtualMachineScaleSetExtensionsClient) ListComplete(ctx context.Context, resourceGroupName string, VMScaleSetName string) (result VirtualMachineScaleSetExtensionListResultIterator, err error) {
+	result.page, err = client.List(ctx, resourceGroupName, VMScaleSetName)
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachinescalesetrollingupgrades.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachinescalesetrollingupgrades.go
new file mode 100644
index 000000000000..6e7b66cb06e9
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachinescalesetrollingupgrades.go
@@ -0,0 +1,245 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"net/http"
+)
+
+// VirtualMachineScaleSetRollingUpgradesClient is the compute Client
+type VirtualMachineScaleSetRollingUpgradesClient struct {
+	BaseClient
+}
+
+// NewVirtualMachineScaleSetRollingUpgradesClient creates an instance of the
+// VirtualMachineScaleSetRollingUpgradesClient client.
+func NewVirtualMachineScaleSetRollingUpgradesClient(subscriptionID string) VirtualMachineScaleSetRollingUpgradesClient {
+	return NewVirtualMachineScaleSetRollingUpgradesClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewVirtualMachineScaleSetRollingUpgradesClientWithBaseURI creates an instance of the
+// VirtualMachineScaleSetRollingUpgradesClient client.
+func NewVirtualMachineScaleSetRollingUpgradesClientWithBaseURI(baseURI string, subscriptionID string) VirtualMachineScaleSetRollingUpgradesClient {
+	return VirtualMachineScaleSetRollingUpgradesClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// Cancel cancels the current virtual machine scale set rolling upgrade.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set.
+func (client VirtualMachineScaleSetRollingUpgradesClient) Cancel(ctx context.Context, resourceGroupName string, VMScaleSetName string) (result VirtualMachineScaleSetRollingUpgradesCancelFuture, err error) {
+	req, err := client.CancelPreparer(ctx, resourceGroupName, VMScaleSetName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetRollingUpgradesClient", "Cancel", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.CancelSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetRollingUpgradesClient", "Cancel", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// CancelPreparer prepares the Cancel request.
+func (client VirtualMachineScaleSetRollingUpgradesClient) CancelPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/rollingUpgrades/cancel", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// CancelSender sends the Cancel request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetRollingUpgradesClient) CancelSender(req *http.Request) (future VirtualMachineScaleSetRollingUpgradesCancelFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// CancelResponder handles the response to the Cancel request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetRollingUpgradesClient) CancelResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// GetLatest gets the status of the latest virtual machine scale set rolling upgrade.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set.
+func (client VirtualMachineScaleSetRollingUpgradesClient) GetLatest(ctx context.Context, resourceGroupName string, VMScaleSetName string) (result RollingUpgradeStatusInfo, err error) {
+	req, err := client.GetLatestPreparer(ctx, resourceGroupName, VMScaleSetName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetRollingUpgradesClient", "GetLatest", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetLatestSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetRollingUpgradesClient", "GetLatest", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetLatestResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetRollingUpgradesClient", "GetLatest", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetLatestPreparer prepares the GetLatest request.
+func (client VirtualMachineScaleSetRollingUpgradesClient) GetLatestPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/rollingUpgrades/latest", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetLatestSender sends the GetLatest request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetRollingUpgradesClient) GetLatestSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetLatestResponder handles the response to the GetLatest request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetRollingUpgradesClient) GetLatestResponder(resp *http.Response) (result RollingUpgradeStatusInfo, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// StartOSUpgrade starts a rolling upgrade to move all virtual machine scale set instances to the latest available
+// Platform Image OS version. Instances which are already running the latest available OS version are not affected.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set.
+func (client VirtualMachineScaleSetRollingUpgradesClient) StartOSUpgrade(ctx context.Context, resourceGroupName string, VMScaleSetName string) (result VirtualMachineScaleSetRollingUpgradesStartOSUpgradeFuture, err error) {
+	req, err := client.StartOSUpgradePreparer(ctx, resourceGroupName, VMScaleSetName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetRollingUpgradesClient", "StartOSUpgrade", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.StartOSUpgradeSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetRollingUpgradesClient", "StartOSUpgrade", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// StartOSUpgradePreparer prepares the StartOSUpgrade request.
+func (client VirtualMachineScaleSetRollingUpgradesClient) StartOSUpgradePreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/osRollingUpgrade", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// StartOSUpgradeSender sends the StartOSUpgrade request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetRollingUpgradesClient) StartOSUpgradeSender(req *http.Request) (future VirtualMachineScaleSetRollingUpgradesStartOSUpgradeFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// StartOSUpgradeResponder handles the response to the StartOSUpgrade request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetRollingUpgradesClient) StartOSUpgradeResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachinescalesets.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachinescalesets.go
new file mode 100644
index 000000000000..9045380d1d1f
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachinescalesets.go
@@ -0,0 +1,1356 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/autorest/validation"
+	"net/http"
+)
+
+// VirtualMachineScaleSetsClient is the compute Client
+type VirtualMachineScaleSetsClient struct {
+	BaseClient
+}
+
+// NewVirtualMachineScaleSetsClient creates an instance of the VirtualMachineScaleSetsClient client.
+func NewVirtualMachineScaleSetsClient(subscriptionID string) VirtualMachineScaleSetsClient {
+	return NewVirtualMachineScaleSetsClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewVirtualMachineScaleSetsClientWithBaseURI creates an instance of the VirtualMachineScaleSetsClient client.
+func NewVirtualMachineScaleSetsClientWithBaseURI(baseURI string, subscriptionID string) VirtualMachineScaleSetsClient {
+	return VirtualMachineScaleSetsClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// CreateOrUpdate create or update a VM scale set.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set to create or
+// update. parameters is the scale set object.
+func (client VirtualMachineScaleSetsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, VMScaleSetName string, parameters VirtualMachineScaleSet) (result VirtualMachineScaleSetsCreateOrUpdateFuture, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: parameters,
+			Constraints: []validation.Constraint{{Target: "parameters.VirtualMachineScaleSetProperties", Name: validation.Null, Rule: false,
+				Chain: []validation.Constraint{{Target: "parameters.VirtualMachineScaleSetProperties.UpgradePolicy", Name: validation.Null, Rule: false,
+					Chain: []validation.Constraint{{Target: "parameters.VirtualMachineScaleSetProperties.UpgradePolicy.RollingUpgradePolicy", Name: validation.Null, Rule: false,
+						Chain: []validation.Constraint{{Target: "parameters.VirtualMachineScaleSetProperties.UpgradePolicy.RollingUpgradePolicy.MaxBatchInstancePercent", Name: validation.Null, Rule: false,
+							Chain: []validation.Constraint{{Target: "parameters.VirtualMachineScaleSetProperties.UpgradePolicy.RollingUpgradePolicy.MaxBatchInstancePercent", Name: validation.InclusiveMaximum, Rule: 100, Chain: nil},
+								{Target: "parameters.VirtualMachineScaleSetProperties.UpgradePolicy.RollingUpgradePolicy.MaxBatchInstancePercent", Name: validation.InclusiveMinimum, Rule: 5, Chain: nil},
+							}},
+							{Target: "parameters.VirtualMachineScaleSetProperties.UpgradePolicy.RollingUpgradePolicy.MaxUnhealthyInstancePercent", Name: validation.Null, Rule: false,
+								Chain: []validation.Constraint{{Target: "parameters.VirtualMachineScaleSetProperties.UpgradePolicy.RollingUpgradePolicy.MaxUnhealthyInstancePercent", Name: validation.InclusiveMaximum, Rule: 100, Chain: nil},
+									{Target: "parameters.VirtualMachineScaleSetProperties.UpgradePolicy.RollingUpgradePolicy.MaxUnhealthyInstancePercent", Name: validation.InclusiveMinimum, Rule: 5, Chain: nil},
+								}},
+							{Target: "parameters.VirtualMachineScaleSetProperties.UpgradePolicy.RollingUpgradePolicy.MaxUnhealthyUpgradedInstancePercent", Name: validation.Null, Rule: false,
+								Chain: []validation.Constraint{{Target: "parameters.VirtualMachineScaleSetProperties.UpgradePolicy.RollingUpgradePolicy.MaxUnhealthyUpgradedInstancePercent", Name: validation.InclusiveMaximum, Rule: 100, Chain: nil},
+									{Target: "parameters.VirtualMachineScaleSetProperties.UpgradePolicy.RollingUpgradePolicy.MaxUnhealthyUpgradedInstancePercent", Name: validation.InclusiveMinimum, Rule: 0, Chain: nil},
+								}},
+						}},
+					}},
+				}}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "compute.VirtualMachineScaleSetsClient", "CreateOrUpdate")
+	}
+
+	req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, VMScaleSetName, parameters)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "CreateOrUpdate", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.CreateOrUpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "CreateOrUpdate", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// CreateOrUpdatePreparer prepares the CreateOrUpdate request.
+func (client VirtualMachineScaleSetsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, parameters VirtualMachineScaleSet) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPut(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetsClient) CreateOrUpdateSender(req *http.Request) (future VirtualMachineScaleSetsCreateOrUpdateFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated))
+	return
+}
+
+// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetsClient) CreateOrUpdateResponder(resp *http.Response) (result VirtualMachineScaleSet, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Deallocate deallocates specific virtual machines in a VM scale set. Shuts down the virtual machines and releases the
+// compute resources. You are not billed for the compute resources that this virtual machine scale set deallocates.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set. VMInstanceIDs
+// is a list of virtual machine instance IDs from the VM scale set.
+func (client VirtualMachineScaleSetsClient) Deallocate(ctx context.Context, resourceGroupName string, VMScaleSetName string, VMInstanceIDs *VirtualMachineScaleSetVMInstanceIDs) (result VirtualMachineScaleSetsDeallocateFuture, err error) {
+	req, err := client.DeallocatePreparer(ctx, resourceGroupName, VMScaleSetName, VMInstanceIDs)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "Deallocate", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.DeallocateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "Deallocate", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// DeallocatePreparer prepares the Deallocate request.
+func (client VirtualMachineScaleSetsClient) DeallocatePreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, VMInstanceIDs *VirtualMachineScaleSetVMInstanceIDs) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/deallocate", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	if VMInstanceIDs != nil {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithJSON(VMInstanceIDs))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeallocateSender sends the Deallocate request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetsClient) DeallocateSender(req *http.Request) (future VirtualMachineScaleSetsDeallocateFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// DeallocateResponder handles the response to the Deallocate request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetsClient) DeallocateResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Delete deletes a VM scale set.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set.
+func (client VirtualMachineScaleSetsClient) Delete(ctx context.Context, resourceGroupName string, VMScaleSetName string) (result VirtualMachineScaleSetsDeleteFuture, err error) {
+	req, err := client.DeletePreparer(ctx, resourceGroupName, VMScaleSetName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "Delete", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.DeleteSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "Delete", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// DeletePreparer prepares the Delete request.
+func (client VirtualMachineScaleSetsClient) DeletePreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsDelete(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeleteSender sends the Delete request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetsClient) DeleteSender(req *http.Request) (future VirtualMachineScaleSetsDeleteFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent))
+	return
+}
+
+// DeleteResponder handles the response to the Delete request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetsClient) DeleteResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// DeleteInstances deletes virtual machines in a VM scale set.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set. VMInstanceIDs
+// is a list of virtual machine instance IDs from the VM scale set.
+func (client VirtualMachineScaleSetsClient) DeleteInstances(ctx context.Context, resourceGroupName string, VMScaleSetName string, VMInstanceIDs VirtualMachineScaleSetVMInstanceRequiredIDs) (result VirtualMachineScaleSetsDeleteInstancesFuture, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: VMInstanceIDs,
+			Constraints: []validation.Constraint{{Target: "VMInstanceIDs.InstanceIds", Name: validation.Null, Rule: true, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "compute.VirtualMachineScaleSetsClient", "DeleteInstances")
+	}
+
+	req, err := client.DeleteInstancesPreparer(ctx, resourceGroupName, VMScaleSetName, VMInstanceIDs)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "DeleteInstances", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.DeleteInstancesSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "DeleteInstances", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// DeleteInstancesPreparer prepares the DeleteInstances request.
+func (client VirtualMachineScaleSetsClient) DeleteInstancesPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, VMInstanceIDs VirtualMachineScaleSetVMInstanceRequiredIDs) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/delete", pathParameters),
+		autorest.WithJSON(VMInstanceIDs),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeleteInstancesSender sends the DeleteInstances request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetsClient) DeleteInstancesSender(req *http.Request) (future VirtualMachineScaleSetsDeleteInstancesFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// DeleteInstancesResponder handles the response to the DeleteInstances request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetsClient) DeleteInstancesResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// ForceRecoveryServiceFabricPlatformUpdateDomainWalk manual platform update domain walk to update virtual machines in
+// a service fabric virtual machine scale set.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set.
+// platformUpdateDomain is the platform update domain for which a manual recovery walk is requested
+func (client VirtualMachineScaleSetsClient) ForceRecoveryServiceFabricPlatformUpdateDomainWalk(ctx context.Context, resourceGroupName string, VMScaleSetName string, platformUpdateDomain int32) (result RecoveryWalkResponse, err error) {
+	req, err := client.ForceRecoveryServiceFabricPlatformUpdateDomainWalkPreparer(ctx, resourceGroupName, VMScaleSetName, platformUpdateDomain)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "ForceRecoveryServiceFabricPlatformUpdateDomainWalk", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ForceRecoveryServiceFabricPlatformUpdateDomainWalkSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "ForceRecoveryServiceFabricPlatformUpdateDomainWalk", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.ForceRecoveryServiceFabricPlatformUpdateDomainWalkResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "ForceRecoveryServiceFabricPlatformUpdateDomainWalk", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ForceRecoveryServiceFabricPlatformUpdateDomainWalkPreparer prepares the ForceRecoveryServiceFabricPlatformUpdateDomainWalk request.
+func (client VirtualMachineScaleSetsClient) ForceRecoveryServiceFabricPlatformUpdateDomainWalkPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, platformUpdateDomain int32) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version":          APIVersion,
+		"platformUpdateDomain": autorest.Encode("query", platformUpdateDomain),
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/forceRecoveryServiceFabricPlatformUpdateDomainWalk", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ForceRecoveryServiceFabricPlatformUpdateDomainWalkSender sends the ForceRecoveryServiceFabricPlatformUpdateDomainWalk request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetsClient) ForceRecoveryServiceFabricPlatformUpdateDomainWalkSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ForceRecoveryServiceFabricPlatformUpdateDomainWalkResponder handles the response to the ForceRecoveryServiceFabricPlatformUpdateDomainWalk request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetsClient) ForceRecoveryServiceFabricPlatformUpdateDomainWalkResponder(resp *http.Response) (result RecoveryWalkResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Get display information about a virtual machine scale set.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set.
+func (client VirtualMachineScaleSetsClient) Get(ctx context.Context, resourceGroupName string, VMScaleSetName string) (result VirtualMachineScaleSet, err error) {
+	req, err := client.GetPreparer(ctx, resourceGroupName, VMScaleSetName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "Get", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client VirtualMachineScaleSetsClient) GetPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetsClient) GetSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetsClient) GetResponder(resp *http.Response) (result VirtualMachineScaleSet, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// GetInstanceView gets the status of a VM scale set instance.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set.
+func (client VirtualMachineScaleSetsClient) GetInstanceView(ctx context.Context, resourceGroupName string, VMScaleSetName string) (result VirtualMachineScaleSetInstanceView, err error) {
+	req, err := client.GetInstanceViewPreparer(ctx, resourceGroupName, VMScaleSetName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "GetInstanceView", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetInstanceViewSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "GetInstanceView", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetInstanceViewResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "GetInstanceView", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetInstanceViewPreparer prepares the GetInstanceView request.
+func (client VirtualMachineScaleSetsClient) GetInstanceViewPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/instanceView", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetInstanceViewSender sends the GetInstanceView request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetsClient) GetInstanceViewSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetInstanceViewResponder handles the response to the GetInstanceView request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetsClient) GetInstanceViewResponder(resp *http.Response) (result VirtualMachineScaleSetInstanceView, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// List gets a list of all VM scale sets under a resource group.
+//
+// resourceGroupName is the name of the resource group.
+func (client VirtualMachineScaleSetsClient) List(ctx context.Context, resourceGroupName string) (result VirtualMachineScaleSetListResultPage, err error) {
+	result.fn = client.listNextResults
+	req, err := client.ListPreparer(ctx, resourceGroupName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.vmsslr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result.vmsslr, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client VirtualMachineScaleSetsClient) ListPreparer(ctx context.Context, resourceGroupName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetsClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetsClient) ListResponder(resp *http.Response) (result VirtualMachineScaleSetListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listNextResults retrieves the next set of results, if any.
+func (client VirtualMachineScaleSetsClient) listNextResults(lastResults VirtualMachineScaleSetListResult) (result VirtualMachineScaleSetListResult, err error) {
+	req, err := lastResults.virtualMachineScaleSetListResultPreparer()
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "listNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "listNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "listNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListComplete enumerates all values, automatically crossing page boundaries as required.
+func (client VirtualMachineScaleSetsClient) ListComplete(ctx context.Context, resourceGroupName string) (result VirtualMachineScaleSetListResultIterator, err error) {
+	result.page, err = client.List(ctx, resourceGroupName)
+	return
+}
+
+// ListAll gets a list of all VM Scale Sets in the subscription, regardless of the associated resource group. Use
+// nextLink property in the response to get the next page of VM Scale Sets. Do this till nextLink is null to fetch all
+// the VM Scale Sets.
+func (client VirtualMachineScaleSetsClient) ListAll(ctx context.Context) (result VirtualMachineScaleSetListWithLinkResultPage, err error) {
+	result.fn = client.listAllNextResults
+	req, err := client.ListAllPreparer(ctx)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "ListAll", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListAllSender(req)
+	if err != nil {
+		result.vmsslwlr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "ListAll", resp, "Failure sending request")
+		return
+	}
+
+	result.vmsslwlr, err = client.ListAllResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "ListAll", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListAllPreparer prepares the ListAll request.
+func (client VirtualMachineScaleSetsClient) ListAllPreparer(ctx context.Context) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/virtualMachineScaleSets", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListAllSender sends the ListAll request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetsClient) ListAllSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListAllResponder handles the response to the ListAll request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetsClient) ListAllResponder(resp *http.Response) (result VirtualMachineScaleSetListWithLinkResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listAllNextResults retrieves the next set of results, if any.
+func (client VirtualMachineScaleSetsClient) listAllNextResults(lastResults VirtualMachineScaleSetListWithLinkResult) (result VirtualMachineScaleSetListWithLinkResult, err error) {
+	req, err := lastResults.virtualMachineScaleSetListWithLinkResultPreparer()
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "listAllNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListAllSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "listAllNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListAllResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "listAllNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListAllComplete enumerates all values, automatically crossing page boundaries as required.
+func (client VirtualMachineScaleSetsClient) ListAllComplete(ctx context.Context) (result VirtualMachineScaleSetListWithLinkResultIterator, err error) {
+	result.page, err = client.ListAll(ctx)
+	return
+}
+
+// ListSkus gets a list of SKUs available for your VM scale set, including the minimum and maximum VM instances allowed
+// for each SKU.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set.
+func (client VirtualMachineScaleSetsClient) ListSkus(ctx context.Context, resourceGroupName string, VMScaleSetName string) (result VirtualMachineScaleSetListSkusResultPage, err error) {
+	result.fn = client.listSkusNextResults
+	req, err := client.ListSkusPreparer(ctx, resourceGroupName, VMScaleSetName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "ListSkus", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSkusSender(req)
+	if err != nil {
+		result.vmsslsr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "ListSkus", resp, "Failure sending request")
+		return
+	}
+
+	result.vmsslsr, err = client.ListSkusResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "ListSkus", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListSkusPreparer prepares the ListSkus request.
+func (client VirtualMachineScaleSetsClient) ListSkusPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/skus", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSkusSender sends the ListSkus request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetsClient) ListSkusSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListSkusResponder handles the response to the ListSkus request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetsClient) ListSkusResponder(resp *http.Response) (result VirtualMachineScaleSetListSkusResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listSkusNextResults retrieves the next set of results, if any.
+func (client VirtualMachineScaleSetsClient) listSkusNextResults(lastResults VirtualMachineScaleSetListSkusResult) (result VirtualMachineScaleSetListSkusResult, err error) {
+	req, err := lastResults.virtualMachineScaleSetListSkusResultPreparer()
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "listSkusNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListSkusSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "listSkusNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListSkusResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "listSkusNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListSkusComplete enumerates all values, automatically crossing page boundaries as required.
+func (client VirtualMachineScaleSetsClient) ListSkusComplete(ctx context.Context, resourceGroupName string, VMScaleSetName string) (result VirtualMachineScaleSetListSkusResultIterator, err error) {
+	result.page, err = client.ListSkus(ctx, resourceGroupName, VMScaleSetName)
+	return
+}
+
+// PowerOff power off (stop) one or more virtual machines in a VM scale set. Note that resources are still attached and
+// you are getting charged for the resources. Instead, use deallocate to release resources and avoid charges.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set. VMInstanceIDs
+// is a list of virtual machine instance IDs from the VM scale set.
+func (client VirtualMachineScaleSetsClient) PowerOff(ctx context.Context, resourceGroupName string, VMScaleSetName string, VMInstanceIDs *VirtualMachineScaleSetVMInstanceIDs) (result VirtualMachineScaleSetsPowerOffFuture, err error) {
+	req, err := client.PowerOffPreparer(ctx, resourceGroupName, VMScaleSetName, VMInstanceIDs)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "PowerOff", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.PowerOffSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "PowerOff", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// PowerOffPreparer prepares the PowerOff request.
+func (client VirtualMachineScaleSetsClient) PowerOffPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, VMInstanceIDs *VirtualMachineScaleSetVMInstanceIDs) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/poweroff", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	if VMInstanceIDs != nil {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithJSON(VMInstanceIDs))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// PowerOffSender sends the PowerOff request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetsClient) PowerOffSender(req *http.Request) (future VirtualMachineScaleSetsPowerOffFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// PowerOffResponder handles the response to the PowerOff request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetsClient) PowerOffResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Reimage reimages (upgrade the operating system) one or more virtual machines in a VM scale set.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set. VMInstanceIDs
+// is a list of virtual machine instance IDs from the VM scale set.
+func (client VirtualMachineScaleSetsClient) Reimage(ctx context.Context, resourceGroupName string, VMScaleSetName string, VMInstanceIDs *VirtualMachineScaleSetVMInstanceIDs) (result VirtualMachineScaleSetsReimageFuture, err error) {
+	req, err := client.ReimagePreparer(ctx, resourceGroupName, VMScaleSetName, VMInstanceIDs)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "Reimage", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.ReimageSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "Reimage", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// ReimagePreparer prepares the Reimage request.
+func (client VirtualMachineScaleSetsClient) ReimagePreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, VMInstanceIDs *VirtualMachineScaleSetVMInstanceIDs) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/reimage", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	if VMInstanceIDs != nil {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithJSON(VMInstanceIDs))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ReimageSender sends the Reimage request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetsClient) ReimageSender(req *http.Request) (future VirtualMachineScaleSetsReimageFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// ReimageResponder handles the response to the Reimage request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetsClient) ReimageResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// ReimageAll reimages all the disks ( including data disks ) in the virtual machines in a VM scale set. This operation
+// is only supported for managed disks.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set. VMInstanceIDs
+// is a list of virtual machine instance IDs from the VM scale set.
+func (client VirtualMachineScaleSetsClient) ReimageAll(ctx context.Context, resourceGroupName string, VMScaleSetName string, VMInstanceIDs *VirtualMachineScaleSetVMInstanceIDs) (result VirtualMachineScaleSetsReimageAllFuture, err error) {
+	req, err := client.ReimageAllPreparer(ctx, resourceGroupName, VMScaleSetName, VMInstanceIDs)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "ReimageAll", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.ReimageAllSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "ReimageAll", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// ReimageAllPreparer prepares the ReimageAll request.
+func (client VirtualMachineScaleSetsClient) ReimageAllPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, VMInstanceIDs *VirtualMachineScaleSetVMInstanceIDs) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/reimageall", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	if VMInstanceIDs != nil {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithJSON(VMInstanceIDs))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ReimageAllSender sends the ReimageAll request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetsClient) ReimageAllSender(req *http.Request) (future VirtualMachineScaleSetsReimageAllFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// ReimageAllResponder handles the response to the ReimageAll request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetsClient) ReimageAllResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Restart restarts one or more virtual machines in a VM scale set.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set. VMInstanceIDs
+// is a list of virtual machine instance IDs from the VM scale set.
+func (client VirtualMachineScaleSetsClient) Restart(ctx context.Context, resourceGroupName string, VMScaleSetName string, VMInstanceIDs *VirtualMachineScaleSetVMInstanceIDs) (result VirtualMachineScaleSetsRestartFuture, err error) {
+	req, err := client.RestartPreparer(ctx, resourceGroupName, VMScaleSetName, VMInstanceIDs)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "Restart", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.RestartSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "Restart", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// RestartPreparer prepares the Restart request.
+func (client VirtualMachineScaleSetsClient) RestartPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, VMInstanceIDs *VirtualMachineScaleSetVMInstanceIDs) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/restart", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	if VMInstanceIDs != nil {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithJSON(VMInstanceIDs))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// RestartSender sends the Restart request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetsClient) RestartSender(req *http.Request) (future VirtualMachineScaleSetsRestartFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// RestartResponder handles the response to the Restart request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetsClient) RestartResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Start starts one or more virtual machines in a VM scale set.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set. VMInstanceIDs
+// is a list of virtual machine instance IDs from the VM scale set.
+func (client VirtualMachineScaleSetsClient) Start(ctx context.Context, resourceGroupName string, VMScaleSetName string, VMInstanceIDs *VirtualMachineScaleSetVMInstanceIDs) (result VirtualMachineScaleSetsStartFuture, err error) {
+	req, err := client.StartPreparer(ctx, resourceGroupName, VMScaleSetName, VMInstanceIDs)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "Start", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.StartSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "Start", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// StartPreparer prepares the Start request.
+func (client VirtualMachineScaleSetsClient) StartPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, VMInstanceIDs *VirtualMachineScaleSetVMInstanceIDs) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/start", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	if VMInstanceIDs != nil {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithJSON(VMInstanceIDs))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// StartSender sends the Start request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetsClient) StartSender(req *http.Request) (future VirtualMachineScaleSetsStartFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// StartResponder handles the response to the Start request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetsClient) StartResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Update update a VM scale set.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set to create or
+// update. parameters is the scale set object.
+func (client VirtualMachineScaleSetsClient) Update(ctx context.Context, resourceGroupName string, VMScaleSetName string, parameters VirtualMachineScaleSetUpdate) (result VirtualMachineScaleSetsUpdateFuture, err error) {
+	req, err := client.UpdatePreparer(ctx, resourceGroupName, VMScaleSetName, parameters)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "Update", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.UpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "Update", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// UpdatePreparer prepares the Update request.
+func (client VirtualMachineScaleSetsClient) UpdatePreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, parameters VirtualMachineScaleSetUpdate) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPatch(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// UpdateSender sends the Update request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetsClient) UpdateSender(req *http.Request) (future VirtualMachineScaleSetsUpdateFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK))
+	return
+}
+
+// UpdateResponder handles the response to the Update request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetsClient) UpdateResponder(resp *http.Response) (result VirtualMachineScaleSet, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// UpdateInstances upgrades one or more virtual machines to the latest SKU set in the VM scale set model.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set. VMInstanceIDs
+// is a list of virtual machine instance IDs from the VM scale set.
+func (client VirtualMachineScaleSetsClient) UpdateInstances(ctx context.Context, resourceGroupName string, VMScaleSetName string, VMInstanceIDs VirtualMachineScaleSetVMInstanceRequiredIDs) (result VirtualMachineScaleSetsUpdateInstancesFuture, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: VMInstanceIDs,
+			Constraints: []validation.Constraint{{Target: "VMInstanceIDs.InstanceIds", Name: validation.Null, Rule: true, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "compute.VirtualMachineScaleSetsClient", "UpdateInstances")
+	}
+
+	req, err := client.UpdateInstancesPreparer(ctx, resourceGroupName, VMScaleSetName, VMInstanceIDs)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "UpdateInstances", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.UpdateInstancesSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetsClient", "UpdateInstances", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// UpdateInstancesPreparer prepares the UpdateInstances request.
+func (client VirtualMachineScaleSetsClient) UpdateInstancesPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, VMInstanceIDs VirtualMachineScaleSetVMInstanceRequiredIDs) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/manualupgrade", pathParameters),
+		autorest.WithJSON(VMInstanceIDs),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// UpdateInstancesSender sends the UpdateInstances request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetsClient) UpdateInstancesSender(req *http.Request) (future VirtualMachineScaleSetsUpdateInstancesFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// UpdateInstancesResponder handles the response to the UpdateInstances request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetsClient) UpdateInstancesResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachinescalesetvms.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachinescalesetvms.go
new file mode 100644
index 000000000000..9a55b534b5a8
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachinescalesetvms.go
@@ -0,0 +1,870 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/autorest/validation"
+	"net/http"
+)
+
+// VirtualMachineScaleSetVMsClient is the compute Client
+type VirtualMachineScaleSetVMsClient struct {
+	BaseClient
+}
+
+// NewVirtualMachineScaleSetVMsClient creates an instance of the VirtualMachineScaleSetVMsClient client.
+func NewVirtualMachineScaleSetVMsClient(subscriptionID string) VirtualMachineScaleSetVMsClient {
+	return NewVirtualMachineScaleSetVMsClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewVirtualMachineScaleSetVMsClientWithBaseURI creates an instance of the VirtualMachineScaleSetVMsClient client.
+func NewVirtualMachineScaleSetVMsClientWithBaseURI(baseURI string, subscriptionID string) VirtualMachineScaleSetVMsClient {
+	return VirtualMachineScaleSetVMsClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// Deallocate deallocates a specific virtual machine in a VM scale set. Shuts down the virtual machine and releases the
+// compute resources it uses. You are not billed for the compute resources of this virtual machine once it is
+// deallocated.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set. instanceID is
+// the instance ID of the virtual machine.
+func (client VirtualMachineScaleSetVMsClient) Deallocate(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (result VirtualMachineScaleSetVMsDeallocateFuture, err error) {
+	req, err := client.DeallocatePreparer(ctx, resourceGroupName, VMScaleSetName, instanceID)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "Deallocate", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.DeallocateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "Deallocate", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// DeallocatePreparer prepares the Deallocate request.
+func (client VirtualMachineScaleSetVMsClient) DeallocatePreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"instanceId":        autorest.Encode("path", instanceID),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/virtualmachines/{instanceId}/deallocate", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeallocateSender sends the Deallocate request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetVMsClient) DeallocateSender(req *http.Request) (future VirtualMachineScaleSetVMsDeallocateFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// DeallocateResponder handles the response to the Deallocate request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetVMsClient) DeallocateResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Delete deletes a virtual machine from a VM scale set.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set. instanceID is
+// the instance ID of the virtual machine.
+func (client VirtualMachineScaleSetVMsClient) Delete(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (result VirtualMachineScaleSetVMsDeleteFuture, err error) {
+	req, err := client.DeletePreparer(ctx, resourceGroupName, VMScaleSetName, instanceID)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "Delete", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.DeleteSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "Delete", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// DeletePreparer prepares the Delete request.
+func (client VirtualMachineScaleSetVMsClient) DeletePreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"instanceId":        autorest.Encode("path", instanceID),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsDelete(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/virtualmachines/{instanceId}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeleteSender sends the Delete request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetVMsClient) DeleteSender(req *http.Request) (future VirtualMachineScaleSetVMsDeleteFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent))
+	return
+}
+
+// DeleteResponder handles the response to the Delete request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetVMsClient) DeleteResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Get gets a virtual machine from a VM scale set.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set. instanceID is
+// the instance ID of the virtual machine.
+func (client VirtualMachineScaleSetVMsClient) Get(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (result VirtualMachineScaleSetVM, err error) {
+	req, err := client.GetPreparer(ctx, resourceGroupName, VMScaleSetName, instanceID)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "Get", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client VirtualMachineScaleSetVMsClient) GetPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"instanceId":        autorest.Encode("path", instanceID),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/virtualmachines/{instanceId}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetVMsClient) GetSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetVMsClient) GetResponder(resp *http.Response) (result VirtualMachineScaleSetVM, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// GetInstanceView gets the status of a virtual machine from a VM scale set.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set. instanceID is
+// the instance ID of the virtual machine.
+func (client VirtualMachineScaleSetVMsClient) GetInstanceView(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (result VirtualMachineScaleSetVMInstanceView, err error) {
+	req, err := client.GetInstanceViewPreparer(ctx, resourceGroupName, VMScaleSetName, instanceID)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "GetInstanceView", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetInstanceViewSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "GetInstanceView", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetInstanceViewResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "GetInstanceView", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetInstanceViewPreparer prepares the GetInstanceView request.
+func (client VirtualMachineScaleSetVMsClient) GetInstanceViewPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"instanceId":        autorest.Encode("path", instanceID),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/virtualmachines/{instanceId}/instanceView", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetInstanceViewSender sends the GetInstanceView request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetVMsClient) GetInstanceViewSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetInstanceViewResponder handles the response to the GetInstanceView request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetVMsClient) GetInstanceViewResponder(resp *http.Response) (result VirtualMachineScaleSetVMInstanceView, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// List gets a list of all virtual machines in a VM scale sets.
+//
+// resourceGroupName is the name of the resource group. virtualMachineScaleSetName is the name of the VM scale set.
+// filter is the filter to apply to the operation. selectParameter is the list parameters. expand is the expand
+// expression to apply to the operation.
+func (client VirtualMachineScaleSetVMsClient) List(ctx context.Context, resourceGroupName string, virtualMachineScaleSetName string, filter string, selectParameter string, expand string) (result VirtualMachineScaleSetVMListResultPage, err error) {
+	result.fn = client.listNextResults
+	req, err := client.ListPreparer(ctx, resourceGroupName, virtualMachineScaleSetName, filter, selectParameter, expand)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.vmssvlr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result.vmssvlr, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client VirtualMachineScaleSetVMsClient) ListPreparer(ctx context.Context, resourceGroupName string, virtualMachineScaleSetName string, filter string, selectParameter string, expand string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName":          autorest.Encode("path", resourceGroupName),
+		"subscriptionId":             autorest.Encode("path", client.SubscriptionID),
+		"virtualMachineScaleSetName": autorest.Encode("path", virtualMachineScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if len(filter) > 0 {
+		queryParameters["$filter"] = autorest.Encode("query", filter)
+	}
+	if len(selectParameter) > 0 {
+		queryParameters["$select"] = autorest.Encode("query", selectParameter)
+	}
+	if len(expand) > 0 {
+		queryParameters["$expand"] = autorest.Encode("query", expand)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{virtualMachineScaleSetName}/virtualMachines", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetVMsClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetVMsClient) ListResponder(resp *http.Response) (result VirtualMachineScaleSetVMListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listNextResults retrieves the next set of results, if any.
+func (client VirtualMachineScaleSetVMsClient) listNextResults(lastResults VirtualMachineScaleSetVMListResult) (result VirtualMachineScaleSetVMListResult, err error) {
+	req, err := lastResults.virtualMachineScaleSetVMListResultPreparer()
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "listNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "listNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "listNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListComplete enumerates all values, automatically crossing page boundaries as required.
+func (client VirtualMachineScaleSetVMsClient) ListComplete(ctx context.Context, resourceGroupName string, virtualMachineScaleSetName string, filter string, selectParameter string, expand string) (result VirtualMachineScaleSetVMListResultIterator, err error) {
+	result.page, err = client.List(ctx, resourceGroupName, virtualMachineScaleSetName, filter, selectParameter, expand)
+	return
+}
+
+// PowerOff power off (stop) a virtual machine in a VM scale set. Note that resources are still attached and you are
+// getting charged for the resources. Instead, use deallocate to release resources and avoid charges.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set. instanceID is
+// the instance ID of the virtual machine.
+func (client VirtualMachineScaleSetVMsClient) PowerOff(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (result VirtualMachineScaleSetVMsPowerOffFuture, err error) {
+	req, err := client.PowerOffPreparer(ctx, resourceGroupName, VMScaleSetName, instanceID)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "PowerOff", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.PowerOffSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "PowerOff", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// PowerOffPreparer prepares the PowerOff request.
+func (client VirtualMachineScaleSetVMsClient) PowerOffPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"instanceId":        autorest.Encode("path", instanceID),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/virtualmachines/{instanceId}/poweroff", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// PowerOffSender sends the PowerOff request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetVMsClient) PowerOffSender(req *http.Request) (future VirtualMachineScaleSetVMsPowerOffFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// PowerOffResponder handles the response to the PowerOff request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetVMsClient) PowerOffResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Reimage reimages (upgrade the operating system) a specific virtual machine in a VM scale set.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set. instanceID is
+// the instance ID of the virtual machine.
+func (client VirtualMachineScaleSetVMsClient) Reimage(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (result VirtualMachineScaleSetVMsReimageFuture, err error) {
+	req, err := client.ReimagePreparer(ctx, resourceGroupName, VMScaleSetName, instanceID)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "Reimage", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.ReimageSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "Reimage", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// ReimagePreparer prepares the Reimage request.
+func (client VirtualMachineScaleSetVMsClient) ReimagePreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"instanceId":        autorest.Encode("path", instanceID),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/virtualmachines/{instanceId}/reimage", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ReimageSender sends the Reimage request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetVMsClient) ReimageSender(req *http.Request) (future VirtualMachineScaleSetVMsReimageFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// ReimageResponder handles the response to the Reimage request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetVMsClient) ReimageResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// ReimageAll allows you to re-image all the disks ( including data disks ) in the a VM scale set instance. This
+// operation is only supported for managed disks.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set. instanceID is
+// the instance ID of the virtual machine.
+func (client VirtualMachineScaleSetVMsClient) ReimageAll(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (result VirtualMachineScaleSetVMsReimageAllFuture, err error) {
+	req, err := client.ReimageAllPreparer(ctx, resourceGroupName, VMScaleSetName, instanceID)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "ReimageAll", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.ReimageAllSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "ReimageAll", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// ReimageAllPreparer prepares the ReimageAll request.
+func (client VirtualMachineScaleSetVMsClient) ReimageAllPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"instanceId":        autorest.Encode("path", instanceID),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/virtualmachines/{instanceId}/reimageall", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ReimageAllSender sends the ReimageAll request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetVMsClient) ReimageAllSender(req *http.Request) (future VirtualMachineScaleSetVMsReimageAllFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// ReimageAllResponder handles the response to the ReimageAll request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetVMsClient) ReimageAllResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Restart restarts a virtual machine in a VM scale set.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set. instanceID is
+// the instance ID of the virtual machine.
+func (client VirtualMachineScaleSetVMsClient) Restart(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (result VirtualMachineScaleSetVMsRestartFuture, err error) {
+	req, err := client.RestartPreparer(ctx, resourceGroupName, VMScaleSetName, instanceID)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "Restart", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.RestartSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "Restart", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// RestartPreparer prepares the Restart request.
+func (client VirtualMachineScaleSetVMsClient) RestartPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"instanceId":        autorest.Encode("path", instanceID),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/virtualmachines/{instanceId}/restart", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// RestartSender sends the Restart request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetVMsClient) RestartSender(req *http.Request) (future VirtualMachineScaleSetVMsRestartFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// RestartResponder handles the response to the Restart request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetVMsClient) RestartResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Start starts a virtual machine in a VM scale set.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set. instanceID is
+// the instance ID of the virtual machine.
+func (client VirtualMachineScaleSetVMsClient) Start(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (result VirtualMachineScaleSetVMsStartFuture, err error) {
+	req, err := client.StartPreparer(ctx, resourceGroupName, VMScaleSetName, instanceID)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "Start", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.StartSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "Start", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// StartPreparer prepares the Start request.
+func (client VirtualMachineScaleSetVMsClient) StartPreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"instanceId":        autorest.Encode("path", instanceID),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/virtualmachines/{instanceId}/start", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// StartSender sends the Start request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetVMsClient) StartSender(req *http.Request) (future VirtualMachineScaleSetVMsStartFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// StartResponder handles the response to the Start request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetVMsClient) StartResponder(resp *http.Response) (result OperationStatusResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Update updates a virtual machine of a VM scale set.
+//
+// resourceGroupName is the name of the resource group. VMScaleSetName is the name of the VM scale set where the
+// extension should be create or updated. instanceID is the instance ID of the virtual machine. parameters is
+// parameters supplied to the Update Virtual Machine Scale Sets VM operation.
+func (client VirtualMachineScaleSetVMsClient) Update(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string, parameters VirtualMachineScaleSetVM) (result VirtualMachineScaleSetVMsUpdateFuture, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: parameters,
+			Constraints: []validation.Constraint{{Target: "parameters.VirtualMachineScaleSetVMProperties", Name: validation.Null, Rule: false,
+				Chain: []validation.Constraint{{Target: "parameters.VirtualMachineScaleSetVMProperties.StorageProfile", Name: validation.Null, Rule: false,
+					Chain: []validation.Constraint{{Target: "parameters.VirtualMachineScaleSetVMProperties.StorageProfile.OsDisk", Name: validation.Null, Rule: false,
+						Chain: []validation.Constraint{{Target: "parameters.VirtualMachineScaleSetVMProperties.StorageProfile.OsDisk.EncryptionSettings", Name: validation.Null, Rule: false,
+							Chain: []validation.Constraint{{Target: "parameters.VirtualMachineScaleSetVMProperties.StorageProfile.OsDisk.EncryptionSettings.DiskEncryptionKey", Name: validation.Null, Rule: false,
+								Chain: []validation.Constraint{{Target: "parameters.VirtualMachineScaleSetVMProperties.StorageProfile.OsDisk.EncryptionSettings.DiskEncryptionKey.SecretURL", Name: validation.Null, Rule: true, Chain: nil},
+									{Target: "parameters.VirtualMachineScaleSetVMProperties.StorageProfile.OsDisk.EncryptionSettings.DiskEncryptionKey.SourceVault", Name: validation.Null, Rule: true, Chain: nil},
+								}},
+								{Target: "parameters.VirtualMachineScaleSetVMProperties.StorageProfile.OsDisk.EncryptionSettings.KeyEncryptionKey", Name: validation.Null, Rule: false,
+									Chain: []validation.Constraint{{Target: "parameters.VirtualMachineScaleSetVMProperties.StorageProfile.OsDisk.EncryptionSettings.KeyEncryptionKey.KeyURL", Name: validation.Null, Rule: true, Chain: nil},
+										{Target: "parameters.VirtualMachineScaleSetVMProperties.StorageProfile.OsDisk.EncryptionSettings.KeyEncryptionKey.SourceVault", Name: validation.Null, Rule: true, Chain: nil},
+									}},
+							}},
+						}},
+					}},
+				}}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "compute.VirtualMachineScaleSetVMsClient", "Update")
+	}
+
+	req, err := client.UpdatePreparer(ctx, resourceGroupName, VMScaleSetName, instanceID, parameters)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "Update", nil, "Failure preparing request")
+		return
+	}
+
+	result, err = client.UpdateSender(req)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineScaleSetVMsClient", "Update", result.Response(), "Failure sending request")
+		return
+	}
+
+	return
+}
+
+// UpdatePreparer prepares the Update request.
+func (client VirtualMachineScaleSetVMsClient) UpdatePreparer(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string, parameters VirtualMachineScaleSetVM) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"instanceId":        autorest.Encode("path", instanceID),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"vmScaleSetName":    autorest.Encode("path", VMScaleSetName),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPut(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachineScaleSets/{vmScaleSetName}/virtualmachines/{instanceId}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// UpdateSender sends the Update request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineScaleSetVMsClient) UpdateSender(req *http.Request) (future VirtualMachineScaleSetVMsUpdateFuture, err error) {
+	sender := autorest.DecorateSender(client, azure.DoRetryWithRegistration(client.Client))
+	future.Future = azure.NewFuture(req)
+	future.req = req
+	_, err = future.Done(sender)
+	if err != nil {
+		return
+	}
+	err = autorest.Respond(future.Response(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted))
+	return
+}
+
+// UpdateResponder handles the response to the Update request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineScaleSetVMsClient) UpdateResponder(resp *http.Response) (result VirtualMachineScaleSetVM, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachinesizes.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachinesizes.go
new file mode 100644
index 000000000000..22b8756043be
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute/virtualmachinesizes.go
@@ -0,0 +1,112 @@
+package compute
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/autorest/validation"
+	"net/http"
+)
+
+// VirtualMachineSizesClient is the compute Client
+type VirtualMachineSizesClient struct {
+	BaseClient
+}
+
+// NewVirtualMachineSizesClient creates an instance of the VirtualMachineSizesClient client.
+func NewVirtualMachineSizesClient(subscriptionID string) VirtualMachineSizesClient {
+	return NewVirtualMachineSizesClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewVirtualMachineSizesClientWithBaseURI creates an instance of the VirtualMachineSizesClient client.
+func NewVirtualMachineSizesClientWithBaseURI(baseURI string, subscriptionID string) VirtualMachineSizesClient {
+	return VirtualMachineSizesClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// List lists all available virtual machine sizes for a subscription in a location.
+//
+// location is the location upon which virtual-machine-sizes is queried.
+func (client VirtualMachineSizesClient) List(ctx context.Context, location string) (result VirtualMachineSizeListResult, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: location,
+			Constraints: []validation.Constraint{{Target: "location", Name: validation.Pattern, Rule: `^[-\w\._]+$`, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "compute.VirtualMachineSizesClient", "List")
+	}
+
+	req, err := client.ListPreparer(ctx, location)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineSizesClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineSizesClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "compute.VirtualMachineSizesClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client VirtualMachineSizesClient) ListPreparer(ctx context.Context, location string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"location":       autorest.Encode("path", location),
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-12-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Compute/locations/{location}/vmSizes", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client VirtualMachineSizesClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client, req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client VirtualMachineSizesClient) ListResponder(resp *http.Response) (result VirtualMachineSizeListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/storage/README.md b/vendor/github.com/Azure/azure-sdk-for-go/storage/README.md
index 6dc348e02af2..85a0482d6ec6 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/storage/README.md
+++ b/vendor/github.com/Azure/azure-sdk-for-go/storage/README.md
@@ -6,7 +6,7 @@ This package includes support for [Azure Storage Emulator](https://azure.microso
 
 # Getting Started
 
- 1. Go get the SDK `go get -u github.com/Azure/azure-sdk-for=go/storage`
+ 1. Go get the SDK `go get -u github.com/Azure/azure-sdk-for-go/storage`
  1. If you don't already have one, [create a Storage Account](https://docs.microsoft.com/en-us/azure/storage/storage-create-storage-account).
       - Take note of your Azure Storage Account Name and Azure Storage Account Key. They'll both be necessary for using this library.
       - This option is production ready, but can also be used for development.
@@ -70,4 +70,4 @@ ok, err = queue2.Exists()
 c.Assert(err, chk.IsNil)
 c.Assert(ok, chk.Equals, true)
 }
-```
\ No newline at end of file
+```
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/storage/blob.go b/vendor/github.com/Azure/azure-sdk-for-go/storage/blob.go
index a9d3cfccb685..5047bfbb24b8 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/storage/blob.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/storage/blob.go
@@ -549,27 +549,7 @@ func (b *Blob) GetMetadata(options *GetBlobMetadataOptions) error {
 }
 
 func (b *Blob) writeMetadata(h http.Header) {
-	metadata := make(map[string]string)
-	for k, v := range h {
-		// Can't trust CanonicalHeaderKey() to munge case
-		// reliably. "_" is allowed in identifiers:
-		// https://msdn.microsoft.com/en-us/library/azure/dd179414.aspx
-		// https://msdn.microsoft.com/library/aa664670(VS.71).aspx
-		// http://tools.ietf.org/html/rfc7230#section-3.2
-		// ...but "_" is considered invalid by
-		// CanonicalMIMEHeaderKey in
-		// https://golang.org/src/net/textproto/reader.go?s=14615:14659#L542
-		// so k can be "X-Ms-Meta-Lol" or "x-ms-meta-lol_rofl".
-		k = strings.ToLower(k)
-		if len(v) == 0 || !strings.HasPrefix(k, strings.ToLower(userDefinedMetadataHeaderPrefix)) {
-			continue
-		}
-		// metadata["lol"] = content of the last X-Ms-Meta-Lol header
-		k = k[len(userDefinedMetadataHeaderPrefix):]
-		metadata[k] = v[len(v)-1]
-	}
-
-	b.Metadata = BlobMetadata(metadata)
+	b.Metadata = BlobMetadata(writeMetadata(h))
 }
 
 // DeleteBlobOptions includes the options for a delete blob operation
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/storage/blobserviceclient.go b/vendor/github.com/Azure/azure-sdk-for-go/storage/blobserviceclient.go
index 8fe21b0cfd98..e6b9704ee183 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/storage/blobserviceclient.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/storage/blobserviceclient.go
@@ -15,6 +15,7 @@ package storage
 //  limitations under the License.
 
 import (
+	"encoding/xml"
 	"fmt"
 	"net/http"
 	"net/url"
@@ -85,21 +86,53 @@ func (b BlobStorageClient) ListContainers(params ListContainersParameters) (*Con
 	uri := b.client.getEndpoint(blobServiceName, "", q)
 	headers := b.client.getStandardHeaders()
 
-	var out ContainerListResponse
+	type ContainerAlias struct {
+		bsc        *BlobStorageClient
+		Name       string              `xml:"Name"`
+		Properties ContainerProperties `xml:"Properties"`
+		Metadata   BlobMetadata
+		sasuri     url.URL
+	}
+	type ContainerListResponseAlias struct {
+		XMLName    xml.Name         `xml:"EnumerationResults"`
+		Xmlns      string           `xml:"xmlns,attr"`
+		Prefix     string           `xml:"Prefix"`
+		Marker     string           `xml:"Marker"`
+		NextMarker string           `xml:"NextMarker"`
+		MaxResults int64            `xml:"MaxResults"`
+		Containers []ContainerAlias `xml:"Containers>Container"`
+	}
+
+	var outAlias ContainerListResponseAlias
 	resp, err := b.client.exec(http.MethodGet, uri, headers, nil, b.auth)
 	if err != nil {
 		return nil, err
 	}
 	defer resp.body.Close()
-	err = xmlUnmarshal(resp.body, &out)
+	err = xmlUnmarshal(resp.body, &outAlias)
 	if err != nil {
 		return nil, err
 	}
 
-	// assign our client to the newly created Container objects
-	for i := range out.Containers {
-		out.Containers[i].bsc = &b
+	out := ContainerListResponse{
+		XMLName:    outAlias.XMLName,
+		Xmlns:      outAlias.Xmlns,
+		Prefix:     outAlias.Prefix,
+		Marker:     outAlias.Marker,
+		NextMarker: outAlias.NextMarker,
+		MaxResults: outAlias.MaxResults,
+		Containers: make([]Container, len(outAlias.Containers)),
+	}
+	for i, cnt := range outAlias.Containers {
+		out.Containers[i] = Container{
+			bsc:        &b,
+			Name:       cnt.Name,
+			Properties: cnt.Properties,
+			Metadata:   map[string]string(cnt.Metadata),
+			sasuri:     cnt.sasuri,
+		}
 	}
+
 	return &out, err
 }
 
@@ -124,3 +157,26 @@ func (p ListContainersParameters) getParameters() url.Values {
 
 	return out
 }
+
+func writeMetadata(h http.Header) map[string]string {
+	metadata := make(map[string]string)
+	for k, v := range h {
+		// Can't trust CanonicalHeaderKey() to munge case
+		// reliably. "_" is allowed in identifiers:
+		// https://msdn.microsoft.com/en-us/library/azure/dd179414.aspx
+		// https://msdn.microsoft.com/library/aa664670(VS.71).aspx
+		// http://tools.ietf.org/html/rfc7230#section-3.2
+		// ...but "_" is considered invalid by
+		// CanonicalMIMEHeaderKey in
+		// https://golang.org/src/net/textproto/reader.go?s=14615:14659#L542
+		// so k can be "X-Ms-Meta-Lol" or "x-ms-meta-lol_rofl".
+		k = strings.ToLower(k)
+		if len(v) == 0 || !strings.HasPrefix(k, strings.ToLower(userDefinedMetadataHeaderPrefix)) {
+			continue
+		}
+		// metadata["lol"] = content of the last X-Ms-Meta-Lol header
+		k = k[len(userDefinedMetadataHeaderPrefix):]
+		metadata[k] = v[len(v)-1]
+	}
+	return metadata
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/storage/client.go b/vendor/github.com/Azure/azure-sdk-for-go/storage/client.go
index 8f6cd95da718..7d502306d81c 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/storage/client.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/storage/client.go
@@ -31,6 +31,7 @@ import (
 	"net/url"
 	"regexp"
 	"runtime"
+	"strconv"
 	"strings"
 	"time"
 
@@ -69,6 +70,17 @@ const (
 	userAgentHeader = "User-Agent"
 
 	userDefinedMetadataHeaderPrefix = "x-ms-meta-"
+
+	connectionStringAccountName      = "accountname"
+	connectionStringAccountKey       = "accountkey"
+	connectionStringEndpointSuffix   = "endpointsuffix"
+	connectionStringEndpointProtocol = "defaultendpointsprotocol"
+
+	connectionStringBlobEndpoint  = "blobendpoint"
+	connectionStringFileEndpoint  = "fileendpoint"
+	connectionStringQueueEndpoint = "queueendpoint"
+	connectionStringTableEndpoint = "tableendpoint"
+	connectionStringSAS           = "sharedaccesssignature"
 )
 
 var (
@@ -204,6 +216,55 @@ func (e UnexpectedStatusCodeError) Got() int {
 	return e.got
 }
 
+// NewClientFromConnectionString creates a Client from the connection string.
+func NewClientFromConnectionString(input string) (Client, error) {
+	// build a map of connection string key/value pairs
+	parts := map[string]string{}
+	for _, pair := range strings.Split(input, ";") {
+		if pair == "" {
+			continue
+		}
+
+		equalDex := strings.IndexByte(pair, '=')
+		if equalDex <= 0 {
+			return Client{}, fmt.Errorf("Invalid connection segment %q", pair)
+		}
+
+		value := strings.TrimSpace(pair[equalDex+1:])
+		key := strings.TrimSpace(strings.ToLower(pair[:equalDex]))
+		parts[key] = value
+	}
+
+	// TODO: validate parameter sets?
+
+	if parts[connectionStringAccountName] == StorageEmulatorAccountName {
+		return NewEmulatorClient()
+	}
+
+	if parts[connectionStringSAS] != "" {
+		endpoint := ""
+		if parts[connectionStringBlobEndpoint] != "" {
+			endpoint = parts[connectionStringBlobEndpoint]
+		} else if parts[connectionStringFileEndpoint] != "" {
+			endpoint = parts[connectionStringFileEndpoint]
+		} else if parts[connectionStringQueueEndpoint] != "" {
+			endpoint = parts[connectionStringQueueEndpoint]
+		} else {
+			endpoint = parts[connectionStringTableEndpoint]
+		}
+
+		return NewAccountSASClientFromEndpointToken(endpoint, parts[connectionStringSAS])
+	}
+
+	useHTTPS := defaultUseHTTPS
+	if parts[connectionStringEndpointProtocol] != "" {
+		useHTTPS = parts[connectionStringEndpointProtocol] == "https"
+	}
+
+	return NewClient(parts[connectionStringAccountName], parts[connectionStringAccountKey],
+		parts[connectionStringEndpointSuffix], DefaultAPIVersion, useHTTPS)
+}
+
 // NewBasicClient constructs a Client with given storage service name and
 // key.
 func NewBasicClient(accountName, accountKey string) (Client, error) {
@@ -285,6 +346,47 @@ func NewAccountSASClient(account string, token url.Values, env azure.Environment
 	return c
 }
 
+// NewAccountSASClientFromEndpointToken constructs a client that uses accountSAS authorization
+// for its operations using the specified endpoint and SAS token.
+func NewAccountSASClientFromEndpointToken(endpoint string, sasToken string) (Client, error) {
+	u, err := url.Parse(endpoint)
+	if err != nil {
+		return Client{}, err
+	}
+
+	token, err := url.ParseQuery(sasToken)
+	if err != nil {
+		return Client{}, err
+	}
+
+	// the host name will look something like this
+	// - foo.blob.core.windows.net
+	// "foo" is the account name
+	// "core.windows.net" is the baseURL
+
+	// find the first dot to get account name
+	i1 := strings.IndexByte(u.Host, '.')
+	if i1 < 0 {
+		return Client{}, fmt.Errorf("failed to find '.' in %s", u.Host)
+	}
+
+	// now find the second dot to get the base URL
+	i2 := strings.IndexByte(u.Host[i1+1:], '.')
+	if i2 < 0 {
+		return Client{}, fmt.Errorf("failed to find '.' in %s", u.Host[i1+1:])
+	}
+
+	c := newSASClient()
+	c.accountSASToken = token
+	c.accountName = u.Host[:i1]
+	c.baseURL = u.Host[i1+i2+2:]
+
+	// Get API version and protocol from token
+	c.apiVersion = token.Get("sv")
+	c.useHTTPS = token.Get("spr") == "https"
+	return c, nil
+}
+
 func newSASClient() Client {
 	c := Client{
 		HTTPClient: http.DefaultClient,
@@ -613,12 +715,13 @@ func (c Client) exec(verb, url string, headers map[string]string, body io.Reader
 		return nil, errors.New("azure/storage: error creating request: " + err.Error())
 	}
 
-	// if a body was provided ensure that the content length was set.
-	// http.NewRequest() will automatically do this for a handful of types
-	// and for those that it doesn't we will handle here.
-	if body != nil && req.ContentLength < 1 {
-		if lr, ok := body.(*io.LimitedReader); ok {
-			setContentLengthFromLimitedReader(req, lr)
+	// http.NewRequest() will automatically set req.ContentLength for a handful of types
+	// otherwise we will handle here.
+	if req.ContentLength < 1 {
+		if clstr, ok := headers["Content-Length"]; ok {
+			if cl, err := strconv.ParseInt(clstr, 10, 64); err == nil {
+				req.ContentLength = cl
+			}
 		}
 	}
 
@@ -626,6 +729,13 @@ func (c Client) exec(verb, url string, headers map[string]string, body io.Reader
 		req.Header[k] = append(req.Header[k], v) // Must bypass case munging present in `Add` by using map functions directly. See https://github.com/Azure/azure-sdk-for-go/issues/645
 	}
 
+	if c.isAccountSASClient() {
+		// append the SAS token to the query params
+		v := req.URL.Query()
+		v = mergeParams(v, c.accountSASToken)
+		req.URL.RawQuery = v.Encode()
+	}
+
 	resp, err := c.Sender.Send(&c, req)
 	if err != nil {
 		return nil, err
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/storage/container.go b/vendor/github.com/Azure/azure-sdk-for-go/storage/container.go
index 8963c7a89b37..38463bb67f0d 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/storage/container.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/storage/container.go
@@ -301,9 +301,6 @@ func (c *Container) Exists() (bool, error) {
 		uri = newURI.String()
 
 	} else {
-		if c.bsc.client.isAccountSASClient() {
-			q = mergeParams(q, c.bsc.client.accountSASToken)
-		}
 		uri = c.bsc.client.getEndpoint(blobServiceName, c.buildPath(), q)
 	}
 	headers := c.bsc.client.getStandardHeaders()
@@ -489,9 +486,6 @@ func (c *Container) ListBlobs(params ListBlobsParameters) (BlobListResponse, err
 		newURI.RawQuery = q.Encode()
 		uri = newURI.String()
 	} else {
-		if c.bsc.client.isAccountSASClient() {
-			q = mergeParams(q, c.bsc.client.accountSASToken)
-		}
 		uri = c.bsc.client.getEndpoint(blobServiceName, c.buildPath(), q)
 	}
 
@@ -512,6 +506,81 @@ func (c *Container) ListBlobs(params ListBlobsParameters) (BlobListResponse, err
 	return out, err
 }
 
+// ContainerMetadataOptions includes options for container metadata operations
+type ContainerMetadataOptions struct {
+	Timeout   uint
+	LeaseID   string `header:"x-ms-lease-id"`
+	RequestID string `header:"x-ms-client-request-id"`
+}
+
+// SetMetadata replaces the metadata for the specified container.
+//
+// Some keys may be converted to Camel-Case before sending. All keys
+// are returned in lower case by GetBlobMetadata. HTTP header names
+// are case-insensitive so case munging should not matter to other
+// applications either.
+//
+// See https://docs.microsoft.com/en-us/rest/api/storageservices/set-container-metadata
+func (c *Container) SetMetadata(options *ContainerMetadataOptions) error {
+	params := url.Values{
+		"comp":    {"metadata"},
+		"restype": {"container"},
+	}
+	headers := c.bsc.client.getStandardHeaders()
+	headers = c.bsc.client.addMetadataToHeaders(headers, c.Metadata)
+
+	if options != nil {
+		params = addTimeout(params, options.Timeout)
+		headers = mergeHeaders(headers, headersFromStruct(*options))
+	}
+
+	uri := c.bsc.client.getEndpoint(blobServiceName, c.buildPath(), params)
+
+	resp, err := c.bsc.client.exec(http.MethodPut, uri, headers, nil, c.bsc.auth)
+	if err != nil {
+		return err
+	}
+	readAndCloseBody(resp.body)
+	return checkRespCode(resp.statusCode, []int{http.StatusOK})
+}
+
+// GetMetadata returns all user-defined metadata for the specified container.
+//
+// All metadata keys will be returned in lower case. (HTTP header
+// names are case-insensitive.)
+//
+// See https://docs.microsoft.com/en-us/rest/api/storageservices/get-container-metadata
+func (c *Container) GetMetadata(options *ContainerMetadataOptions) error {
+	params := url.Values{
+		"comp":    {"metadata"},
+		"restype": {"container"},
+	}
+	headers := c.bsc.client.getStandardHeaders()
+
+	if options != nil {
+		params = addTimeout(params, options.Timeout)
+		headers = mergeHeaders(headers, headersFromStruct(*options))
+	}
+
+	uri := c.bsc.client.getEndpoint(blobServiceName, c.buildPath(), params)
+
+	resp, err := c.bsc.client.exec(http.MethodGet, uri, headers, nil, c.bsc.auth)
+	if err != nil {
+		return err
+	}
+	readAndCloseBody(resp.body)
+	if err := checkRespCode(resp.statusCode, []int{http.StatusOK}); err != nil {
+		return err
+	}
+
+	c.writeMetadata(resp.headers)
+	return nil
+}
+
+func (c *Container) writeMetadata(h http.Header) {
+	c.Metadata = writeMetadata(h)
+}
+
 func generateContainerACLpayload(policies []ContainerAccessPolicy) (io.Reader, int, error) {
 	sil := SignedIdentifiers{
 		SignedIdentifiers: []SignedIdentifier{},
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/storage/entity.go b/vendor/github.com/Azure/azure-sdk-for-go/storage/entity.go
index 9668ea669494..4533d7d5edfc 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/storage/entity.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/storage/entity.go
@@ -26,7 +26,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/satori/uuid"
+	"github.com/satori/go.uuid"
 )
 
 // Annotating as secure for gas scanning
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/storage/pageblob.go b/vendor/github.com/Azure/azure-sdk-for-go/storage/pageblob.go
index c59fd4b50b9d..f07166521696 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/storage/pageblob.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/storage/pageblob.go
@@ -87,10 +87,10 @@ func (b *Blob) modifyRange(blobRange BlobRange, bytes io.Reader, options *PutPag
 		return errors.New("the value for rangeEnd must be greater than or equal to rangeStart")
 	}
 	if blobRange.Start%512 != 0 {
-		return errors.New("the value for rangeStart must be a modulus of 512")
+		return errors.New("the value for rangeStart must be a multiple of 512")
 	}
 	if blobRange.End%512 != 511 {
-		return errors.New("the value for rangeEnd must be a modulus of 511")
+		return errors.New("the value for rangeEnd must be a multiple of 512 - 1")
 	}
 
 	params := url.Values{"comp": {"page"}}
@@ -147,7 +147,7 @@ func (b *Blob) GetPageRanges(options *GetPageRangesOptions) (GetPageRangesRespon
 		params = addTimeout(params, options.Timeout)
 		params = addSnapshot(params, options.Snapshot)
 		if options.PreviousSnapshot != nil {
-			params.Add("prevsnapshot", timeRfc1123Formatted(*options.PreviousSnapshot))
+			params.Add("prevsnapshot", timeRFC3339Formatted(*options.PreviousSnapshot))
 		}
 		if options.Range != nil {
 			headers["Range"] = options.Range.String()
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/storage/table_batch.go b/vendor/github.com/Azure/azure-sdk-for-go/storage/table_batch.go
index 3f882417c65a..d1d75a2eb1a5 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/storage/table_batch.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/storage/table_batch.go
@@ -26,7 +26,7 @@ import (
 	"sort"
 	"strings"
 
-	"github.com/satori/uuid"
+	"github.com/marstr/guid"
 )
 
 // Operation type. Insert, Delete, Replace etc.
@@ -131,14 +131,26 @@ func (t *TableBatch) MergeEntity(entity *Entity) {
 // the changesets.
 // As per document https://docs.microsoft.com/en-us/rest/api/storageservices/fileservices/performing-entity-group-transactions
 func (t *TableBatch) ExecuteBatch() error {
-	changesetBoundary := fmt.Sprintf("changeset_%s", uuid.NewV1())
+
+	// Using `github.com/marstr/guid` is in response to issue #947 (https://github.com/Azure/azure-sdk-for-go/issues/947).
+	id, err := guid.NewGUIDs(guid.CreationStrategyVersion1)
+	if err != nil {
+		return err
+	}
+
+	changesetBoundary := fmt.Sprintf("changeset_%s", id.String())
 	uri := t.Table.tsc.client.getEndpoint(tableServiceName, "$batch", nil)
 	changesetBody, err := t.generateChangesetBody(changesetBoundary)
 	if err != nil {
 		return err
 	}
 
-	boundary := fmt.Sprintf("batch_%s", uuid.NewV1())
+	id, err = guid.NewGUIDs(guid.CreationStrategyVersion1)
+	if err != nil {
+		return err
+	}
+
+	boundary := fmt.Sprintf("batch_%s", id.String())
 	body, err := generateBody(changesetBody, changesetBoundary, boundary)
 	if err != nil {
 		return err
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/storage/util.go b/vendor/github.com/Azure/azure-sdk-for-go/storage/util.go
index 7734b8f886f7..089a74a8cc67 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/storage/util.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/storage/util.go
@@ -71,6 +71,10 @@ func timeRfc1123Formatted(t time.Time) string {
 	return t.Format(http.TimeFormat)
 }
 
+func timeRFC3339Formatted(t time.Time) string {
+	return t.Format("2006-01-02T15:04:05.0000000Z")
+}
+
 func mergeParams(v1, v2 url.Values) url.Values {
 	out := url.Values{}
 	for k, v := range v1 {
@@ -172,7 +176,7 @@ func addTimeout(params url.Values, timeout uint) url.Values {
 
 func addSnapshot(params url.Values, snapshot *time.Time) url.Values {
 	if snapshot != nil {
-		params.Add("snapshot", snapshot.Format("2006-01-02T15:04:05.0000000Z"))
+		params.Add("snapshot", timeRFC3339Formatted(*snapshot))
 	}
 	return params
 }
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/storage/util_1.7.go b/vendor/github.com/Azure/azure-sdk-for-go/storage/util_1.7.go
deleted file mode 100644
index 67ff6ca03fe3..000000000000
--- a/vendor/github.com/Azure/azure-sdk-for-go/storage/util_1.7.go
+++ /dev/null
@@ -1,26 +0,0 @@
-// +build !go1.8
-
-// Copyright 2017 Microsoft Corporation
-//
-//  Licensed under the Apache License, Version 2.0 (the "License");
-//  you may not use this file except in compliance with the License.
-//  You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-//  Unless required by applicable law or agreed to in writing, software
-//  distributed under the License is distributed on an "AS IS" BASIS,
-//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//  See the License for the specific language governing permissions and
-//  limitations under the License.
-
-package storage
-
-import (
-	"io"
-	"net/http"
-)
-
-func setContentLengthFromLimitedReader(req *http.Request, lr *io.LimitedReader) {
-	req.ContentLength = lr.N
-}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/storage/util_1.8.go b/vendor/github.com/Azure/azure-sdk-for-go/storage/util_1.8.go
deleted file mode 100644
index eada102c0cff..000000000000
--- a/vendor/github.com/Azure/azure-sdk-for-go/storage/util_1.8.go
+++ /dev/null
@@ -1,32 +0,0 @@
-// +build go1.8
-
-// Copyright 2017 Microsoft Corporation
-//
-//  Licensed under the Apache License, Version 2.0 (the "License");
-//  you may not use this file except in compliance with the License.
-//  You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-//  Unless required by applicable law or agreed to in writing, software
-//  distributed under the License is distributed on an "AS IS" BASIS,
-//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//  See the License for the specific language governing permissions and
-//  limitations under the License.
-
-package storage
-
-import (
-	"io"
-	"io/ioutil"
-	"net/http"
-)
-
-func setContentLengthFromLimitedReader(req *http.Request, lr *io.LimitedReader) {
-	req.ContentLength = lr.N
-	snapshot := *lr
-	req.GetBody = func() (io.ReadCloser, error) {
-		r := snapshot
-		return ioutil.NopCloser(&r), nil
-	}
-}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/storage/version.go b/vendor/github.com/Azure/azure-sdk-for-go/storage/version.go
index 1cd3e03d12a8..74eda60808c1 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/storage/version.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/storage/version.go
@@ -15,5 +15,5 @@ package storage
 //  limitations under the License.
 
 var (
-	sdkVersion = "10.0.2"
+	sdkVersion = "v12.4.0-beta"
 )
diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/README.md b/vendor/github.com/Azure/go-autorest/autorest/adal/README.md
index a17cf98c6215..08966c9cf892 100644
--- a/vendor/github.com/Azure/go-autorest/autorest/adal/README.md
+++ b/vendor/github.com/Azure/go-autorest/autorest/adal/README.md
@@ -218,6 +218,40 @@ if (err == nil) {
 }
 ```
 
+#### Username password authenticate
+
+```Go
+spt, err := adal.NewServicePrincipalTokenFromUsernamePassword(
+	oauthConfig,
+	applicationID,
+	username,
+	password,
+	resource,
+	callbacks...)
+
+if (err == nil) {
+    token := spt.Token
+}
+```
+
+#### Authorization code authenticate
+
+``` Go
+spt, err := adal.NewServicePrincipalTokenFromAuthorizationCode(
+	oauthConfig,
+	applicationID,
+	clientSecret,
+      authorizationCode,
+      redirectURI,
+	resource,
+	callbacks...)
+
+err  = spt.Refresh()
+if (err == nil) {
+    token := spt.Token
+}
+```
+
 ### Command Line Tool
 
 A command line tool is available in `cmd/adal.go` that can acquire a token for a given resource. It supports all flows mentioned above.
diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/config.go b/vendor/github.com/Azure/go-autorest/autorest/adal/config.go
index 49e9214d598a..f570d540a623 100644
--- a/vendor/github.com/Azure/go-autorest/autorest/adal/config.go
+++ b/vendor/github.com/Azure/go-autorest/autorest/adal/config.go
@@ -32,8 +32,24 @@ type OAuthConfig struct {
 	DeviceCodeEndpoint url.URL
 }
 
+// IsZero returns true if the OAuthConfig object is zero-initialized.
+func (oac OAuthConfig) IsZero() bool {
+	return oac == OAuthConfig{}
+}
+
+func validateStringParam(param, name string) error {
+	if len(param) == 0 {
+		return fmt.Errorf("parameter '" + name + "' cannot be empty")
+	}
+	return nil
+}
+
 // NewOAuthConfig returns an OAuthConfig with tenant specific urls
 func NewOAuthConfig(activeDirectoryEndpoint, tenantID string) (*OAuthConfig, error) {
+	if err := validateStringParam(activeDirectoryEndpoint, "activeDirectoryEndpoint"); err != nil {
+		return nil, err
+	}
+	// it's legal for tenantID to be empty so don't validate it
 	const activeDirectoryEndpointTemplate = "%s/oauth2/%s?api-version=%s"
 	u, err := url.Parse(activeDirectoryEndpoint)
 	if err != nil {
diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/token.go b/vendor/github.com/Azure/go-autorest/autorest/adal/token.go
index 67dd97a18c18..941af281b568 100644
--- a/vendor/github.com/Azure/go-autorest/autorest/adal/token.go
+++ b/vendor/github.com/Azure/go-autorest/autorest/adal/token.go
@@ -27,6 +27,7 @@ import (
 	"net/url"
 	"strconv"
 	"strings"
+	"sync"
 	"time"
 
 	"github.com/Azure/go-autorest/autorest/date"
@@ -42,9 +43,15 @@ const (
 	// OAuthGrantTypeClientCredentials is the "grant_type" identifier used in credential flows
 	OAuthGrantTypeClientCredentials = "client_credentials"
 
+	// OAuthGrantTypeUserPass is the "grant_type" identifier used in username and password auth flows
+	OAuthGrantTypeUserPass = "password"
+
 	// OAuthGrantTypeRefreshToken is the "grant_type" identifier used in refresh token flows
 	OAuthGrantTypeRefreshToken = "refresh_token"
 
+	// OAuthGrantTypeAuthorizationCode is the "grant_type" identifier used in authorization code flows
+	OAuthGrantTypeAuthorizationCode = "authorization_code"
+
 	// metadataHeader is the header required by MSI extension
 	metadataHeader = "Metadata"
 )
@@ -54,6 +61,12 @@ type OAuthTokenProvider interface {
 	OAuthToken() string
 }
 
+// TokenRefreshError is an interface used by errors returned during token refresh.
+type TokenRefreshError interface {
+	error
+	Response() *http.Response
+}
+
 // Refresher is an interface for token refresh functionality
 type Refresher interface {
 	Refresh() error
@@ -78,6 +91,11 @@ type Token struct {
 	Type     string `json:"token_type"`
 }
 
+// IsZero returns true if the token object is zero-initialized.
+func (t Token) IsZero() bool {
+	return t == Token{}
+}
+
 // Expires returns the time.Time when the Token expires.
 func (t Token) Expires() time.Time {
 	s, err := strconv.Atoi(t.ExpiresOn)
@@ -145,6 +163,34 @@ type ServicePrincipalCertificateSecret struct {
 type ServicePrincipalMSISecret struct {
 }
 
+// ServicePrincipalUsernamePasswordSecret implements ServicePrincipalSecret for username and password auth.
+type ServicePrincipalUsernamePasswordSecret struct {
+	Username string
+	Password string
+}
+
+// ServicePrincipalAuthorizationCodeSecret implements ServicePrincipalSecret for authorization code auth.
+type ServicePrincipalAuthorizationCodeSecret struct {
+	ClientSecret      string
+	AuthorizationCode string
+	RedirectURI       string
+}
+
+// SetAuthenticationValues is a method of the interface ServicePrincipalSecret.
+func (secret *ServicePrincipalAuthorizationCodeSecret) SetAuthenticationValues(spt *ServicePrincipalToken, v *url.Values) error {
+	v.Set("code", secret.AuthorizationCode)
+	v.Set("client_secret", secret.ClientSecret)
+	v.Set("redirect_uri", secret.RedirectURI)
+	return nil
+}
+
+// SetAuthenticationValues is a method of the interface ServicePrincipalSecret.
+func (secret *ServicePrincipalUsernamePasswordSecret) SetAuthenticationValues(spt *ServicePrincipalToken, v *url.Values) error {
+	v.Set("username", secret.Username)
+	v.Set("password", secret.Password)
+	return nil
+}
+
 // SetAuthenticationValues is a method of the interface ServicePrincipalSecret.
 func (msiSecret *ServicePrincipalMSISecret) SetAuthenticationValues(spt *ServicePrincipalToken, v *url.Values) error {
 	return nil
@@ -199,25 +245,46 @@ func (secret *ServicePrincipalCertificateSecret) SetAuthenticationValues(spt *Se
 type ServicePrincipalToken struct {
 	Token
 
-	secret        ServicePrincipalSecret
-	oauthConfig   OAuthConfig
-	clientID      string
-	resource      string
-	autoRefresh   bool
-	refreshWithin time.Duration
-	sender        Sender
+	secret          ServicePrincipalSecret
+	oauthConfig     OAuthConfig
+	clientID        string
+	resource        string
+	autoRefresh     bool
+	autoRefreshLock *sync.Mutex
+	refreshWithin   time.Duration
+	sender          Sender
 
 	refreshCallbacks []TokenRefreshCallback
 }
 
+func validateOAuthConfig(oac OAuthConfig) error {
+	if oac.IsZero() {
+		return fmt.Errorf("parameter 'oauthConfig' cannot be zero-initialized")
+	}
+	return nil
+}
+
 // NewServicePrincipalTokenWithSecret create a ServicePrincipalToken using the supplied ServicePrincipalSecret implementation.
 func NewServicePrincipalTokenWithSecret(oauthConfig OAuthConfig, id string, resource string, secret ServicePrincipalSecret, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) {
+	if err := validateOAuthConfig(oauthConfig); err != nil {
+		return nil, err
+	}
+	if err := validateStringParam(id, "id"); err != nil {
+		return nil, err
+	}
+	if err := validateStringParam(resource, "resource"); err != nil {
+		return nil, err
+	}
+	if secret == nil {
+		return nil, fmt.Errorf("parameter 'secret' cannot be nil")
+	}
 	spt := &ServicePrincipalToken{
 		oauthConfig:      oauthConfig,
 		secret:           secret,
 		clientID:         id,
 		resource:         resource,
 		autoRefresh:      true,
+		autoRefreshLock:  &sync.Mutex{},
 		refreshWithin:    defaultRefresh,
 		sender:           &http.Client{},
 		refreshCallbacks: callbacks,
@@ -227,6 +294,18 @@ func NewServicePrincipalTokenWithSecret(oauthConfig OAuthConfig, id string, reso
 
 // NewServicePrincipalTokenFromManualToken creates a ServicePrincipalToken using the supplied token
 func NewServicePrincipalTokenFromManualToken(oauthConfig OAuthConfig, clientID string, resource string, token Token, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) {
+	if err := validateOAuthConfig(oauthConfig); err != nil {
+		return nil, err
+	}
+	if err := validateStringParam(clientID, "clientID"); err != nil {
+		return nil, err
+	}
+	if err := validateStringParam(resource, "resource"); err != nil {
+		return nil, err
+	}
+	if token.IsZero() {
+		return nil, fmt.Errorf("parameter 'token' cannot be zero-initialized")
+	}
 	spt, err := NewServicePrincipalTokenWithSecret(
 		oauthConfig,
 		clientID,
@@ -245,6 +324,18 @@ func NewServicePrincipalTokenFromManualToken(oauthConfig OAuthConfig, clientID s
 // NewServicePrincipalToken creates a ServicePrincipalToken from the supplied Service Principal
 // credentials scoped to the named resource.
 func NewServicePrincipalToken(oauthConfig OAuthConfig, clientID string, secret string, resource string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) {
+	if err := validateOAuthConfig(oauthConfig); err != nil {
+		return nil, err
+	}
+	if err := validateStringParam(clientID, "clientID"); err != nil {
+		return nil, err
+	}
+	if err := validateStringParam(secret, "secret"); err != nil {
+		return nil, err
+	}
+	if err := validateStringParam(resource, "resource"); err != nil {
+		return nil, err
+	}
 	return NewServicePrincipalTokenWithSecret(
 		oauthConfig,
 		clientID,
@@ -256,8 +347,23 @@ func NewServicePrincipalToken(oauthConfig OAuthConfig, clientID string, secret s
 	)
 }
 
-// NewServicePrincipalTokenFromCertificate create a ServicePrincipalToken from the supplied pkcs12 bytes.
+// NewServicePrincipalTokenFromCertificate creates a ServicePrincipalToken from the supplied pkcs12 bytes.
 func NewServicePrincipalTokenFromCertificate(oauthConfig OAuthConfig, clientID string, certificate *x509.Certificate, privateKey *rsa.PrivateKey, resource string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) {
+	if err := validateOAuthConfig(oauthConfig); err != nil {
+		return nil, err
+	}
+	if err := validateStringParam(clientID, "clientID"); err != nil {
+		return nil, err
+	}
+	if err := validateStringParam(resource, "resource"); err != nil {
+		return nil, err
+	}
+	if certificate == nil {
+		return nil, fmt.Errorf("parameter 'certificate' cannot be nil")
+	}
+	if privateKey == nil {
+		return nil, fmt.Errorf("parameter 'privateKey' cannot be nil")
+	}
 	return NewServicePrincipalTokenWithSecret(
 		oauthConfig,
 		clientID,
@@ -270,6 +376,70 @@ func NewServicePrincipalTokenFromCertificate(oauthConfig OAuthConfig, clientID s
 	)
 }
 
+// NewServicePrincipalTokenFromUsernamePassword creates a ServicePrincipalToken from the username and password.
+func NewServicePrincipalTokenFromUsernamePassword(oauthConfig OAuthConfig, clientID string, username string, password string, resource string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) {
+	if err := validateOAuthConfig(oauthConfig); err != nil {
+		return nil, err
+	}
+	if err := validateStringParam(clientID, "clientID"); err != nil {
+		return nil, err
+	}
+	if err := validateStringParam(username, "username"); err != nil {
+		return nil, err
+	}
+	if err := validateStringParam(password, "password"); err != nil {
+		return nil, err
+	}
+	if err := validateStringParam(resource, "resource"); err != nil {
+		return nil, err
+	}
+	return NewServicePrincipalTokenWithSecret(
+		oauthConfig,
+		clientID,
+		resource,
+		&ServicePrincipalUsernamePasswordSecret{
+			Username: username,
+			Password: password,
+		},
+		callbacks...,
+	)
+}
+
+// NewServicePrincipalTokenFromAuthorizationCode creates a ServicePrincipalToken from the
+func NewServicePrincipalTokenFromAuthorizationCode(oauthConfig OAuthConfig, clientID string, clientSecret string, authorizationCode string, redirectURI string, resource string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) {
+
+	if err := validateOAuthConfig(oauthConfig); err != nil {
+		return nil, err
+	}
+	if err := validateStringParam(clientID, "clientID"); err != nil {
+		return nil, err
+	}
+	if err := validateStringParam(clientSecret, "clientSecret"); err != nil {
+		return nil, err
+	}
+	if err := validateStringParam(authorizationCode, "authorizationCode"); err != nil {
+		return nil, err
+	}
+	if err := validateStringParam(redirectURI, "redirectURI"); err != nil {
+		return nil, err
+	}
+	if err := validateStringParam(resource, "resource"); err != nil {
+		return nil, err
+	}
+
+	return NewServicePrincipalTokenWithSecret(
+		oauthConfig,
+		clientID,
+		resource,
+		&ServicePrincipalAuthorizationCodeSecret{
+			ClientSecret:      clientSecret,
+			AuthorizationCode: authorizationCode,
+			RedirectURI:       redirectURI,
+		},
+		callbacks...,
+	)
+}
+
 // GetMSIVMEndpoint gets the MSI endpoint on Virtual Machines.
 func GetMSIVMEndpoint() (string, error) {
 	return getMSIVMEndpoint(msiPath)
@@ -293,7 +463,29 @@ func getMSIVMEndpoint(path string) (string, error) {
 }
 
 // NewServicePrincipalTokenFromMSI creates a ServicePrincipalToken via the MSI VM Extension.
+// It will use the system assigned identity when creating the token.
 func NewServicePrincipalTokenFromMSI(msiEndpoint, resource string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) {
+	return newServicePrincipalTokenFromMSI(msiEndpoint, resource, nil, callbacks...)
+}
+
+// NewServicePrincipalTokenFromMSIWithUserAssignedID creates a ServicePrincipalToken via the MSI VM Extension.
+// It will use the specified user assigned identity when creating the token.
+func NewServicePrincipalTokenFromMSIWithUserAssignedID(msiEndpoint, resource string, userAssignedID string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) {
+	return newServicePrincipalTokenFromMSI(msiEndpoint, resource, &userAssignedID, callbacks...)
+}
+
+func newServicePrincipalTokenFromMSI(msiEndpoint, resource string, userAssignedID *string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) {
+	if err := validateStringParam(msiEndpoint, "msiEndpoint"); err != nil {
+		return nil, err
+	}
+	if err := validateStringParam(resource, "resource"); err != nil {
+		return nil, err
+	}
+	if userAssignedID != nil {
+		if err := validateStringParam(*userAssignedID, "userAssignedID"); err != nil {
+			return nil, err
+		}
+	}
 	// We set the oauth config token endpoint to be MSI's endpoint
 	msiEndpointURL, err := url.Parse(msiEndpoint)
 	if err != nil {
@@ -310,19 +502,49 @@ func NewServicePrincipalTokenFromMSI(msiEndpoint, resource string, callbacks ...
 		secret:           &ServicePrincipalMSISecret{},
 		resource:         resource,
 		autoRefresh:      true,
+		autoRefreshLock:  &sync.Mutex{},
 		refreshWithin:    defaultRefresh,
 		sender:           &http.Client{},
 		refreshCallbacks: callbacks,
 	}
 
+	if userAssignedID != nil {
+		spt.clientID = *userAssignedID
+	}
+
 	return spt, nil
 }
 
+// internal type that implements TokenRefreshError
+type tokenRefreshError struct {
+	message string
+	resp    *http.Response
+}
+
+// Error implements the error interface which is part of the TokenRefreshError interface.
+func (tre tokenRefreshError) Error() string {
+	return tre.message
+}
+
+// Response implements the TokenRefreshError interface, it returns the raw HTTP response from the refresh operation.
+func (tre tokenRefreshError) Response() *http.Response {
+	return tre.resp
+}
+
+func newTokenRefreshError(message string, resp *http.Response) TokenRefreshError {
+	return tokenRefreshError{message: message, resp: resp}
+}
+
 // EnsureFresh will refresh the token if it will expire within the refresh window (as set by
-// RefreshWithin) and autoRefresh flag is on.
+// RefreshWithin) and autoRefresh flag is on.  This method is safe for concurrent use.
 func (spt *ServicePrincipalToken) EnsureFresh() error {
 	if spt.autoRefresh && spt.WillExpireIn(spt.refreshWithin) {
-		return spt.Refresh()
+		// take the lock then check to see if the token was already refreshed
+		spt.autoRefreshLock.Lock()
+		defer spt.autoRefreshLock.Unlock()
+		if spt.WillExpireIn(spt.refreshWithin) {
+			return spt.Refresh()
+		}
 	}
 	return nil
 }
@@ -341,15 +563,28 @@ func (spt *ServicePrincipalToken) InvokeRefreshCallbacks(token Token) error {
 }
 
 // Refresh obtains a fresh token for the Service Principal.
+// This method is not safe for concurrent use and should be syncrhonized.
 func (spt *ServicePrincipalToken) Refresh() error {
 	return spt.refreshInternal(spt.resource)
 }
 
 // RefreshExchange refreshes the token, but for a different resource.
+// This method is not safe for concurrent use and should be syncrhonized.
 func (spt *ServicePrincipalToken) RefreshExchange(resource string) error {
 	return spt.refreshInternal(resource)
 }
 
+func (spt *ServicePrincipalToken) getGrantType() string {
+	switch spt.secret.(type) {
+	case *ServicePrincipalUsernamePasswordSecret:
+		return OAuthGrantTypeUserPass
+	case *ServicePrincipalAuthorizationCodeSecret:
+		return OAuthGrantTypeAuthorizationCode
+	default:
+		return OAuthGrantTypeClientCredentials
+	}
+}
+
 func (spt *ServicePrincipalToken) refreshInternal(resource string) error {
 	v := url.Values{}
 	v.Set("client_id", spt.clientID)
@@ -359,7 +594,7 @@ func (spt *ServicePrincipalToken) refreshInternal(resource string) error {
 		v.Set("grant_type", OAuthGrantTypeRefreshToken)
 		v.Set("refresh_token", spt.RefreshToken)
 	} else {
-		v.Set("grant_type", OAuthGrantTypeClientCredentials)
+		v.Set("grant_type", spt.getGrantType())
 		err := spt.secret.SetAuthenticationValues(spt, &v)
 		if err != nil {
 			return err
@@ -388,9 +623,9 @@ func (spt *ServicePrincipalToken) refreshInternal(resource string) error {
 
 	if resp.StatusCode != http.StatusOK {
 		if err != nil {
-			return fmt.Errorf("adal: Refresh request failed. Status Code = '%d'. Failed reading response body", resp.StatusCode)
+			return newTokenRefreshError(fmt.Sprintf("adal: Refresh request failed. Status Code = '%d'. Failed reading response body", resp.StatusCode), resp)
 		}
-		return fmt.Errorf("adal: Refresh request failed. Status Code = '%d'. Response body: %s", resp.StatusCode, string(rb))
+		return newTokenRefreshError(fmt.Sprintf("adal: Refresh request failed. Status Code = '%d'. Response body: %s", resp.StatusCode, string(rb)), resp)
 	}
 
 	if err != nil {
diff --git a/vendor/github.com/Azure/go-autorest/autorest/authorization.go b/vendor/github.com/Azure/go-autorest/autorest/authorization.go
index 71e3ced2d6a6..4a602f6760af 100644
--- a/vendor/github.com/Azure/go-autorest/autorest/authorization.go
+++ b/vendor/github.com/Azure/go-autorest/autorest/authorization.go
@@ -24,9 +24,12 @@ import (
 )
 
 const (
-	bearerChallengeHeader = "Www-Authenticate"
-	bearer                = "Bearer"
-	tenantID              = "tenantID"
+	bearerChallengeHeader       = "Www-Authenticate"
+	bearer                      = "Bearer"
+	tenantID                    = "tenantID"
+	apiKeyAuthorizerHeader      = "Ocp-Apim-Subscription-Key"
+	bingAPISdkHeader            = "X-BingApis-SDK-Client"
+	golangBingAPISdkHeaderValue = "Go-SDK"
 )
 
 // Authorizer is the interface that provides a PrepareDecorator used to supply request
@@ -44,6 +47,53 @@ func (na NullAuthorizer) WithAuthorization() PrepareDecorator {
 	return WithNothing()
 }
 
+// APIKeyAuthorizer implements API Key authorization.
+type APIKeyAuthorizer struct {
+	headers         map[string]interface{}
+	queryParameters map[string]interface{}
+}
+
+// NewAPIKeyAuthorizerWithHeaders creates an ApiKeyAuthorizer with headers.
+func NewAPIKeyAuthorizerWithHeaders(headers map[string]interface{}) *APIKeyAuthorizer {
+	return NewAPIKeyAuthorizer(headers, nil)
+}
+
+// NewAPIKeyAuthorizerWithQueryParameters creates an ApiKeyAuthorizer with query parameters.
+func NewAPIKeyAuthorizerWithQueryParameters(queryParameters map[string]interface{}) *APIKeyAuthorizer {
+	return NewAPIKeyAuthorizer(nil, queryParameters)
+}
+
+// NewAPIKeyAuthorizer creates an ApiKeyAuthorizer with headers.
+func NewAPIKeyAuthorizer(headers map[string]interface{}, queryParameters map[string]interface{}) *APIKeyAuthorizer {
+	return &APIKeyAuthorizer{headers: headers, queryParameters: queryParameters}
+}
+
+// WithAuthorization returns a PrepareDecorator that adds an HTTP headers and Query Paramaters
+func (aka *APIKeyAuthorizer) WithAuthorization() PrepareDecorator {
+	return func(p Preparer) Preparer {
+		return DecoratePreparer(p, WithHeaders(aka.headers), WithQueryParameters(aka.queryParameters))
+	}
+}
+
+// CognitiveServicesAuthorizer implements authorization for Cognitive Services.
+type CognitiveServicesAuthorizer struct {
+	subscriptionKey string
+}
+
+// NewCognitiveServicesAuthorizer is
+func NewCognitiveServicesAuthorizer(subscriptionKey string) *CognitiveServicesAuthorizer {
+	return &CognitiveServicesAuthorizer{subscriptionKey: subscriptionKey}
+}
+
+// WithAuthorization is
+func (csa *CognitiveServicesAuthorizer) WithAuthorization() PrepareDecorator {
+	headers := make(map[string]interface{})
+	headers[apiKeyAuthorizerHeader] = csa.subscriptionKey
+	headers[bingAPISdkHeader] = golangBingAPISdkHeaderValue
+
+	return NewAPIKeyAuthorizerWithHeaders(headers).WithAuthorization()
+}
+
 // BearerAuthorizer implements the bearer authorization
 type BearerAuthorizer struct {
 	tokenProvider adal.OAuthTokenProvider
@@ -69,7 +119,11 @@ func (ba *BearerAuthorizer) WithAuthorization() PrepareDecorator {
 			if ok {
 				err := refresher.EnsureFresh()
 				if err != nil {
-					return r, NewErrorWithError(err, "azure.BearerAuthorizer", "WithAuthorization", nil,
+					var resp *http.Response
+					if tokError, ok := err.(adal.TokenRefreshError); ok {
+						resp = tokError.Response()
+					}
+					return r, NewErrorWithError(err, "azure.BearerAuthorizer", "WithAuthorization", resp,
 						"Failed to refresh the Token for request to %s", r.URL)
 				}
 			}
@@ -179,3 +233,22 @@ func newBearerChallenge(resp *http.Response) (bc bearerChallenge, err error) {
 
 	return bc, err
 }
+
+// EventGridKeyAuthorizer implements authorization for event grid using key authentication.
+type EventGridKeyAuthorizer struct {
+	topicKey string
+}
+
+// NewEventGridKeyAuthorizer creates a new EventGridKeyAuthorizer
+// with the specified topic key.
+func NewEventGridKeyAuthorizer(topicKey string) EventGridKeyAuthorizer {
+	return EventGridKeyAuthorizer{topicKey: topicKey}
+}
+
+// WithAuthorization returns a PrepareDecorator that adds the aeg-sas-key authentication header.
+func (egta EventGridKeyAuthorizer) WithAuthorization() PrepareDecorator {
+	headers := map[string]interface{}{
+		"aeg-sas-key": egta.topicKey,
+	}
+	return NewAPIKeyAuthorizerWithHeaders(headers).WithAuthorization()
+}
diff --git a/vendor/github.com/Azure/go-autorest/autorest/autorest.go b/vendor/github.com/Azure/go-autorest/autorest/autorest.go
index 37b907c77f51..f86b66a410b1 100644
--- a/vendor/github.com/Azure/go-autorest/autorest/autorest.go
+++ b/vendor/github.com/Azure/go-autorest/autorest/autorest.go
@@ -87,6 +87,9 @@ const (
 // ResponseHasStatusCode returns true if the status code in the HTTP Response is in the passed set
 // and false otherwise.
 func ResponseHasStatusCode(resp *http.Response, codes ...int) bool {
+	if resp == nil {
+		return false
+	}
 	return containsInt(codes, resp.StatusCode)
 }
 
diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/async.go b/vendor/github.com/Azure/go-autorest/autorest/azure/async.go
index ffbc8da28e52..366fc5379391 100644
--- a/vendor/github.com/Azure/go-autorest/autorest/azure/async.go
+++ b/vendor/github.com/Azure/go-autorest/autorest/azure/async.go
@@ -16,6 +16,8 @@ package azure
 
 import (
 	"bytes"
+	"context"
+	"encoding/json"
 	"fmt"
 	"io/ioutil"
 	"net/http"
@@ -37,6 +39,152 @@ const (
 	operationSucceeded  string = "Succeeded"
 )
 
+var pollingCodes = [...]int{http.StatusNoContent, http.StatusAccepted, http.StatusCreated, http.StatusOK}
+
+// Future provides a mechanism to access the status and results of an asynchronous request.
+// Since futures are stateful they should be passed by value to avoid race conditions.
+type Future struct {
+	req  *http.Request
+	resp *http.Response
+	ps   pollingState
+}
+
+// NewFuture returns a new Future object initialized with the specified request.
+func NewFuture(req *http.Request) Future {
+	return Future{req: req}
+}
+
+// Response returns the last HTTP response or nil if there isn't one.
+func (f Future) Response() *http.Response {
+	return f.resp
+}
+
+// Status returns the last status message of the operation.
+func (f Future) Status() string {
+	if f.ps.State == "" {
+		return "Unknown"
+	}
+	return f.ps.State
+}
+
+// PollingMethod returns the method used to monitor the status of the asynchronous operation.
+func (f Future) PollingMethod() PollingMethodType {
+	return f.ps.PollingMethod
+}
+
+// Done queries the service to see if the operation has completed.
+func (f *Future) Done(sender autorest.Sender) (bool, error) {
+	// exit early if this future has terminated
+	if f.ps.hasTerminated() {
+		return true, f.errorInfo()
+	}
+
+	resp, err := sender.Do(f.req)
+	f.resp = resp
+	if err != nil || !autorest.ResponseHasStatusCode(resp, pollingCodes[:]...) {
+		return false, err
+	}
+
+	err = updatePollingState(resp, &f.ps)
+	if err != nil {
+		return false, err
+	}
+
+	if f.ps.hasTerminated() {
+		return true, f.errorInfo()
+	}
+
+	f.req, err = newPollingRequest(f.ps)
+	return false, err
+}
+
+// GetPollingDelay returns a duration the application should wait before checking
+// the status of the asynchronous request and true; this value is returned from
+// the service via the Retry-After response header.  If the header wasn't returned
+// then the function returns the zero-value time.Duration and false.
+func (f Future) GetPollingDelay() (time.Duration, bool) {
+	if f.resp == nil {
+		return 0, false
+	}
+
+	retry := f.resp.Header.Get(autorest.HeaderRetryAfter)
+	if retry == "" {
+		return 0, false
+	}
+
+	d, err := time.ParseDuration(retry + "s")
+	if err != nil {
+		panic(err)
+	}
+
+	return d, true
+}
+
+// WaitForCompletion will return when one of the following conditions is met: the long
+// running operation has completed, the provided context is cancelled, or the client's
+// polling duration has been exceeded.  It will retry failed polling attempts based on
+// the retry value defined in the client up to the maximum retry attempts.
+func (f Future) WaitForCompletion(ctx context.Context, client autorest.Client) error {
+	ctx, cancel := context.WithTimeout(ctx, client.PollingDuration)
+	defer cancel()
+
+	done, err := f.Done(client)
+	for attempts := 0; !done; done, err = f.Done(client) {
+		if attempts >= client.RetryAttempts {
+			return autorest.NewErrorWithError(err, "azure", "WaitForCompletion", f.resp, "the number of retries has been exceeded")
+		}
+		// we want delayAttempt to be zero in the non-error case so
+		// that DelayForBackoff doesn't perform exponential back-off
+		var delayAttempt int
+		var delay time.Duration
+		if err == nil {
+			// check for Retry-After delay, if not present use the client's polling delay
+			var ok bool
+			delay, ok = f.GetPollingDelay()
+			if !ok {
+				delay = client.PollingDelay
+			}
+		} else {
+			// there was an error polling for status so perform exponential
+			// back-off based on the number of attempts using the client's retry
+			// duration.  update attempts after delayAttempt to avoid off-by-one.
+			delayAttempt = attempts
+			delay = client.RetryDuration
+			attempts++
+		}
+		// wait until the delay elapses or the context is cancelled
+		delayElapsed := autorest.DelayForBackoff(delay, delayAttempt, ctx.Done())
+		if !delayElapsed {
+			return autorest.NewErrorWithError(ctx.Err(), "azure", "WaitForCompletion", f.resp, "context has been cancelled")
+		}
+	}
+	return err
+}
+
+// if the operation failed the polling state will contain
+// error information and implements the error interface
+func (f *Future) errorInfo() error {
+	if !f.ps.hasSucceeded() {
+		return f.ps
+	}
+	return nil
+}
+
+// MarshalJSON implements the json.Marshaler interface.
+func (f Future) MarshalJSON() ([]byte, error) {
+	return json.Marshal(&f.ps)
+}
+
+// UnmarshalJSON implements the json.Unmarshaler interface.
+func (f *Future) UnmarshalJSON(data []byte) error {
+	err := json.Unmarshal(data, &f.ps)
+	if err != nil {
+		return err
+	}
+	f.req, err = newPollingRequest(f.ps)
+	return err
+}
+
 // DoPollForAsynchronous returns a SendDecorator that polls if the http.Response is for an Azure
 // long-running operation. It will delay between requests for the duration specified in the
 // RetryAfter header or, if the header is absent, the passed delay. Polling may be canceled by
@@ -48,8 +196,7 @@ func DoPollForAsynchronous(delay time.Duration) autorest.SendDecorator {
 			if err != nil {
 				return resp, err
 			}
-			pollingCodes := []int{http.StatusAccepted, http.StatusCreated, http.StatusOK}
-			if !autorest.ResponseHasStatusCode(resp, pollingCodes...) {
+			if !autorest.ResponseHasStatusCode(resp, pollingCodes[:]...) {
 				return resp, nil
 			}
 
@@ -66,10 +213,11 @@ func DoPollForAsynchronous(delay time.Duration) autorest.SendDecorator {
 					break
 				}
 
-				r, err = newPollingRequest(resp, ps)
+				r, err = newPollingRequest(ps)
 				if err != nil {
 					return resp, err
 				}
+				r.Cancel = resp.Request.Cancel
 
 				delay = autorest.GetRetryAfter(resp, delay)
 				resp, err = autorest.SendWithSender(s, r,
@@ -86,20 +234,15 @@ func getAsyncOperation(resp *http.Response) string {
 }
 
 func hasSucceeded(state string) bool {
-	return state == operationSucceeded
+	return strings.EqualFold(state, operationSucceeded)
 }
 
 func hasTerminated(state string) bool {
-	switch state {
-	case operationCanceled, operationFailed, operationSucceeded:
-		return true
-	default:
-		return false
-	}
+	return strings.EqualFold(state, operationCanceled) || strings.EqualFold(state, operationFailed) || strings.EqualFold(state, operationSucceeded)
 }
 
 func hasFailed(state string) bool {
-	return state == operationFailed
+	return strings.EqualFold(state, operationFailed)
 }
 
 type provisioningTracker interface {
@@ -160,36 +303,42 @@ func (ps provisioningStatus) hasProvisioningError() bool {
 	return ps.ProvisioningError != ServiceError{}
 }
 
-type pollingResponseFormat string
+// PollingMethodType defines a type used for enumerating polling mechanisms.
+type PollingMethodType string
 
 const (
-	usesOperationResponse  pollingResponseFormat = "OperationResponse"
-	usesProvisioningStatus pollingResponseFormat = "ProvisioningStatus"
-	formatIsUnknown        pollingResponseFormat = ""
+	// PollingAsyncOperation indicates the polling method uses the Azure-AsyncOperation header.
+	PollingAsyncOperation PollingMethodType = "AsyncOperation"
+
+	// PollingLocation indicates the polling method uses the Location header.
+	PollingLocation PollingMethodType = "Location"
+
+	// PollingUnknown indicates an unknown polling method and is the default value.
+	PollingUnknown PollingMethodType = ""
 )
 
 type pollingState struct {
-	responseFormat pollingResponseFormat
-	uri            string
-	state          string
-	code           string
-	message        string
+	PollingMethod PollingMethodType `json:"pollingMethod"`
+	URI           string            `json:"uri"`
+	State         string            `json:"state"`
+	Code          string            `json:"code"`
+	Message       string            `json:"message"`
 }
 
 func (ps pollingState) hasSucceeded() bool {
-	return hasSucceeded(ps.state)
+	return hasSucceeded(ps.State)
 }
 
 func (ps pollingState) hasTerminated() bool {
-	return hasTerminated(ps.state)
+	return hasTerminated(ps.State)
 }
 
 func (ps pollingState) hasFailed() bool {
-	return hasFailed(ps.state)
+	return hasFailed(ps.State)
 }
 
 func (ps pollingState) Error() string {
-	return fmt.Sprintf("Long running operation terminated with status '%s': Code=%q Message=%q", ps.state, ps.code, ps.message)
+	return fmt.Sprintf("Long running operation terminated with status '%s': Code=%q Message=%q", ps.State, ps.Code, ps.Message)
 }
 
 //	updatePollingState maps the operation status -- retrieved from either a provisioningState
@@ -204,7 +353,7 @@ func updatePollingState(resp *http.Response, ps *pollingState) error {
 	// -- The first response will always be a provisioningStatus response; only the polling requests,
 	//    depending on the header returned, may be something otherwise.
 	var pt provisioningTracker
-	if ps.responseFormat == usesOperationResponse {
+	if ps.PollingMethod == PollingAsyncOperation {
 		pt = &operationResource{}
 	} else {
 		pt = &provisioningStatus{}
@@ -212,30 +361,30 @@ func updatePollingState(resp *http.Response, ps *pollingState) error {
 
 	// If this is the first request (that is, the polling response shape is unknown), determine how
 	// to poll and what to expect
-	if ps.responseFormat == formatIsUnknown {
+	if ps.PollingMethod == PollingUnknown {
 		req := resp.Request
 		if req == nil {
 			return autorest.NewError("azure", "updatePollingState", "Azure Polling Error - Original HTTP request is missing")
 		}
 
 		// Prefer the Azure-AsyncOperation header
-		ps.uri = getAsyncOperation(resp)
-		if ps.uri != "" {
-			ps.responseFormat = usesOperationResponse
+		ps.URI = getAsyncOperation(resp)
+		if ps.URI != "" {
+			ps.PollingMethod = PollingAsyncOperation
 		} else {
-			ps.responseFormat = usesProvisioningStatus
+			ps.PollingMethod = PollingLocation
 		}
 
 		// Else, use the Location header
-		if ps.uri == "" {
-			ps.uri = autorest.GetLocation(resp)
+		if ps.URI == "" {
+			ps.URI = autorest.GetLocation(resp)
 		}
 
 		// Lastly, requests against an existing resource, use the last request URI
-		if ps.uri == "" {
+		if ps.URI == "" {
 			m := strings.ToUpper(req.Method)
 			if m == http.MethodPatch || m == http.MethodPut || m == http.MethodGet {
-				ps.uri = req.URL.String()
+				ps.URI = req.URL.String()
 			}
 		}
 	}
@@ -256,23 +405,23 @@ func updatePollingState(resp *http.Response, ps *pollingState) error {
 	// -- Unknown states are per-service inprogress states
 	// -- Otherwise, infer state from HTTP status code
 	if pt.hasTerminated() {
-		ps.state = pt.state()
+		ps.State = pt.state()
 	} else if pt.state() != "" {
-		ps.state = operationInProgress
+		ps.State = operationInProgress
 	} else {
 		switch resp.StatusCode {
 		case http.StatusAccepted:
-			ps.state = operationInProgress
+			ps.State = operationInProgress
 
 		case http.StatusNoContent, http.StatusCreated, http.StatusOK:
-			ps.state = operationSucceeded
+			ps.State = operationSucceeded
 
 		default:
-			ps.state = operationFailed
+			ps.State = operationFailed
 		}
 	}
 
-	if ps.state == operationInProgress && ps.uri == "" {
+	if strings.EqualFold(ps.State, operationInProgress) && ps.URI == "" {
 		return autorest.NewError("azure", "updatePollingState", "Azure Polling Error - Unable to obtain polling URI for %s %s", resp.Request.Method, resp.Request.URL)
 	}
 
@@ -281,36 +430,49 @@ func updatePollingState(resp *http.Response, ps *pollingState) error {
 	// -- Response
 	// -- Otherwise, Unknown
 	if ps.hasFailed() {
-		if ps.responseFormat == usesOperationResponse {
+		if ps.PollingMethod == PollingAsyncOperation {
 			or := pt.(*operationResource)
-			ps.code = or.OperationError.Code
-			ps.message = or.OperationError.Message
+			ps.Code = or.OperationError.Code
+			ps.Message = or.OperationError.Message
 		} else {
 			p := pt.(*provisioningStatus)
 			if p.hasProvisioningError() {
-				ps.code = p.ProvisioningError.Code
-				ps.message = p.ProvisioningError.Message
+				ps.Code = p.ProvisioningError.Code
+				ps.Message = p.ProvisioningError.Message
 			} else {
-				ps.code = "Unknown"
-				ps.message = "None"
+				ps.Code = "Unknown"
+				ps.Message = "None"
 			}
 		}
 	}
 	return nil
 }
 
-func newPollingRequest(resp *http.Response, ps pollingState) (*http.Request, error) {
-	req := resp.Request
-	if req == nil {
-		return nil, autorest.NewError("azure", "newPollingRequest", "Azure Polling Error - Original HTTP request is missing")
-	}
-
-	reqPoll, err := autorest.Prepare(&http.Request{Cancel: req.Cancel},
+func newPollingRequest(ps pollingState) (*http.Request, error) {
+	reqPoll, err := autorest.Prepare(&http.Request{},
 		autorest.AsGet(),
-		autorest.WithBaseURL(ps.uri))
+		autorest.WithBaseURL(ps.URI))
 	if err != nil {
-		return nil, autorest.NewErrorWithError(err, "azure", "newPollingRequest", nil, "Failure creating poll request to %s", ps.uri)
+		return nil, autorest.NewErrorWithError(err, "azure", "newPollingRequest", nil, "Failure creating poll request to %s", ps.URI)
 	}
 
 	return reqPoll, nil
 }
+
+// AsyncOpIncompleteError is the type that's returned from a future that has not completed.
+type AsyncOpIncompleteError struct {
+	// FutureType is the name of the type composed of a azure.Future.
+	FutureType string
+}
+
+// Error returns an error message including the originating type name of the error.
+func (e AsyncOpIncompleteError) Error() string {
+	return fmt.Sprintf("%s: asynchronous operation has not completed", e.FutureType)
+}
+
+// NewAsyncOpIncompleteError creates a new AsyncOpIncompleteError with the specified parameters.
+func NewAsyncOpIncompleteError(futureType string) AsyncOpIncompleteError {
+	return AsyncOpIncompleteError{
+		FutureType: futureType,
+	}
+}
diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go b/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go
index 30c4351a576a..936836493ba1 100644
--- a/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go
+++ b/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go
@@ -15,10 +15,17 @@ package azure
 //  limitations under the License.
 
 import (
+	"encoding/json"
 	"fmt"
+	"io/ioutil"
+	"os"
 	"strings"
 )
 
+// EnvironmentFilepathName captures the name of the environment variable containing the path to the file
+// to be used while populating the Azure Environment.
+const EnvironmentFilepathName = "AZURE_ENVIRONMENT_FILEPATH"
+
 var environments = map[string]Environment{
 	"AZURECHINACLOUD":        ChinaCloud,
 	"AZUREGERMANCLOUD":       GermanCloud,
@@ -76,10 +83,10 @@ var (
 		PublishSettingsURL:           "https://manage.windowsazure.us/publishsettings/index",
 		ServiceManagementEndpoint:    "https://management.core.usgovcloudapi.net/",
 		ResourceManagerEndpoint:      "https://management.usgovcloudapi.net/",
-		ActiveDirectoryEndpoint:      "https://login.microsoftonline.com/",
+		ActiveDirectoryEndpoint:      "https://login.microsoftonline.us/",
 		GalleryEndpoint:              "https://gallery.usgovcloudapi.net/",
 		KeyVaultEndpoint:             "https://vault.usgovcloudapi.net/",
-		GraphEndpoint:                "https://graph.usgovcloudapi.net/",
+		GraphEndpoint:                "https://graph.windows.net/",
 		StorageEndpointSuffix:        "core.usgovcloudapi.net",
 		SQLDatabaseDNSSuffix:         "database.usgovcloudapi.net",
 		TrafficManagerDNSSuffix:      "usgovtrafficmanager.net",
@@ -133,12 +140,37 @@ var (
 	}
 )
 
-// EnvironmentFromName returns an Environment based on the common name specified
+// EnvironmentFromName returns an Environment based on the common name specified.
 func EnvironmentFromName(name string) (Environment, error) {
+	// IMPORTANT
+	// As per @radhikagupta5:
+	// This is technical debt, fundamentally here because Kubernetes is not currently accepting
+	// contributions to the providers. Once that is an option, the provider should be updated to
+	// directly call `EnvironmentFromFile`. Until then, we rely on dispatching Azure Stack environment creation
+	// from this method based on the name that is provided to us.
+	if strings.EqualFold(name, "AZURESTACKCLOUD") {
+		return EnvironmentFromFile(os.Getenv(EnvironmentFilepathName))
+	}
+
 	name = strings.ToUpper(name)
 	env, ok := environments[name]
 	if !ok {
 		return env, fmt.Errorf("autorest/azure: There is no cloud environment matching the name %q", name)
 	}
+
 	return env, nil
 }
+
+// EnvironmentFromFile loads an Environment from a configuration file available on disk.
+// This function is particularly useful in the Hybrid Cloud model, where one must define their own
+// endpoints.
+func EnvironmentFromFile(location string) (unmarshaled Environment, err error) {
+	fileContents, err := ioutil.ReadFile(location)
+	if err != nil {
+		return
+	}
+
+	err = json.Unmarshal(fileContents, &unmarshaled)
+
+	return
+}
diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/rp.go b/vendor/github.com/Azure/go-autorest/autorest/azure/rp.go
index 40d5f5ba002f..b6b95d6fdbcb 100644
--- a/vendor/github.com/Azure/go-autorest/autorest/azure/rp.go
+++ b/vendor/github.com/Azure/go-autorest/autorest/azure/rp.go
@@ -1,3 +1,17 @@
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 package azure
 
 import (
@@ -30,7 +44,7 @@ func DoRetryWithRegistration(client autorest.Client) autorest.SendDecorator {
 					return resp, err
 				}
 
-				if resp.StatusCode != http.StatusConflict {
+				if resp.StatusCode != http.StatusConflict || client.SkipResourceProviderRegistration {
 					return resp, err
 				}
 				var re RequestError
@@ -41,15 +55,16 @@ func DoRetryWithRegistration(client autorest.Client) autorest.SendDecorator {
 				if err != nil {
 					return resp, err
 				}
+				err = re
 
 				if re.ServiceError != nil && re.ServiceError.Code == "MissingSubscriptionRegistration" {
-					err = register(client, r, re)
-					if err != nil {
-						return resp, fmt.Errorf("failed auto registering Resource Provider: %s", err)
+					regErr := register(client, r, re)
+					if regErr != nil {
+						return resp, fmt.Errorf("failed auto registering Resource Provider: %s. Original error: %s", regErr, err)
 					}
 				}
 			}
-			return resp, errors.New("failed request and resource provider registration")
+			return resp, fmt.Errorf("failed request: %s", err)
 		})
 	}
 }
@@ -144,7 +159,7 @@ func register(client autorest.Client, originalReq *http.Request, re RequestError
 		}
 		req.Cancel = originalReq.Cancel
 
-		resp, err := autorest.SendWithSender(client.Sender, req,
+		resp, err := autorest.SendWithSender(client, req,
 			autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...),
 		)
 		if err != nil {
diff --git a/vendor/github.com/Azure/go-autorest/autorest/client.go b/vendor/github.com/Azure/go-autorest/autorest/client.go
index c857e761168b..d329cb737799 100644
--- a/vendor/github.com/Azure/go-autorest/autorest/client.go
+++ b/vendor/github.com/Azure/go-autorest/autorest/client.go
@@ -35,6 +35,9 @@ const (
 
 	// DefaultRetryAttempts is number of attempts for retry status codes (5xx).
 	DefaultRetryAttempts = 3
+
+	// DefaultRetryDuration is the duration to wait between retries.
+	DefaultRetryDuration = 30 * time.Second
 )
 
 var (
@@ -163,6 +166,9 @@ type Client struct {
 	UserAgent string
 
 	Jar http.CookieJar
+
+	// Set to true to skip attempted registration of resource providers (false by default).
+	SkipResourceProviderRegistration bool
 }
 
 // NewClientWithUserAgent returns an instance of a Client with the UserAgent set to the passed
@@ -172,9 +178,10 @@ func NewClientWithUserAgent(ua string) Client {
 		PollingDelay:    DefaultPollingDelay,
 		PollingDuration: DefaultPollingDuration,
 		RetryAttempts:   DefaultRetryAttempts,
-		RetryDuration:   30 * time.Second,
+		RetryDuration:   DefaultRetryDuration,
 		UserAgent:       defaultUserAgent,
 	}
+	c.Sender = c.sender()
 	c.AddToUserAgent(ua)
 	return c
 }
@@ -200,11 +207,17 @@ func (c Client) Do(r *http.Request) (*http.Response, error) {
 		c.WithInspection(),
 		c.WithAuthorization())
 	if err != nil {
-		return nil, NewErrorWithError(err, "autorest/Client", "Do", nil, "Preparing request failed")
+		var resp *http.Response
+		if detErr, ok := err.(DetailedError); ok {
+			// if the authorization failed (e.g. invalid credentials) there will
+			// be a response associated with the error, be sure to return it.
+			resp = detErr.Response
+		}
+		return resp, NewErrorWithError(err, "autorest/Client", "Do", nil, "Preparing request failed")
 	}
+
 	resp, err := SendWithSender(c.sender(), r)
-	Respond(resp,
-		c.ByInspecting())
+	Respond(resp, c.ByInspecting())
 	return resp, err
 }
 
diff --git a/vendor/github.com/Azure/go-autorest/autorest/preparer.go b/vendor/github.com/Azure/go-autorest/autorest/preparer.go
index 2290c4010032..6d67bd7337b7 100644
--- a/vendor/github.com/Azure/go-autorest/autorest/preparer.go
+++ b/vendor/github.com/Azure/go-autorest/autorest/preparer.go
@@ -27,8 +27,9 @@ import (
 )
 
 const (
-	mimeTypeJSON     = "application/json"
-	mimeTypeFormPost = "application/x-www-form-urlencoded"
+	mimeTypeJSON        = "application/json"
+	mimeTypeOctetStream = "application/octet-stream"
+	mimeTypeFormPost    = "application/x-www-form-urlencoded"
 
 	headerAuthorization = "Authorization"
 	headerContentType   = "Content-Type"
@@ -112,6 +113,28 @@ func WithHeader(header string, value string) PrepareDecorator {
 	}
 }
 
+// WithHeaders returns a PrepareDecorator that sets the specified HTTP headers of the http.Request to
+// the passed value. It canonicalizes the passed headers name (via http.CanonicalHeaderKey) before
+// adding them.
+func WithHeaders(headers map[string]interface{}) PrepareDecorator {
+	h := ensureValueStrings(headers)
+	return func(p Preparer) Preparer {
+		return PreparerFunc(func(r *http.Request) (*http.Request, error) {
+			r, err := p.Prepare(r)
+			if err == nil {
+				if r.Header == nil {
+					r.Header = make(http.Header)
+				}
+
+				for name, value := range h {
+					r.Header.Set(http.CanonicalHeaderKey(name), value)
+				}
+			}
+			return r, err
+		})
+	}
+}
+
 // WithBearerAuthorization returns a PrepareDecorator that adds an HTTP Authorization header whose
 // value is "Bearer " followed by the supplied token.
 func WithBearerAuthorization(token string) PrepareDecorator {
@@ -142,6 +165,11 @@ func AsJSON() PrepareDecorator {
 	return AsContentType(mimeTypeJSON)
 }
 
+// AsOctetStream returns a PrepareDecorator that adds the "application/octet-stream" Content-Type header.
+func AsOctetStream() PrepareDecorator {
+	return AsContentType(mimeTypeOctetStream)
+}
+
 // WithMethod returns a PrepareDecorator that sets the HTTP method of the passed request. The
 // decorator does not validate that the passed method string is a known HTTP method.
 func WithMethod(method string) PrepareDecorator {
@@ -215,6 +243,11 @@ func WithFormData(v url.Values) PrepareDecorator {
 			r, err := p.Prepare(r)
 			if err == nil {
 				s := v.Encode()
+
+				if r.Header == nil {
+					r.Header = make(http.Header)
+				}
+				r.Header.Set(http.CanonicalHeaderKey(headerContentType), mimeTypeFormPost)
 				r.ContentLength = int64(len(s))
 				r.Body = ioutil.NopCloser(strings.NewReader(s))
 			}
@@ -430,11 +463,16 @@ func WithQueryParameters(queryParameters map[string]interface{}) PrepareDecorato
 				if r.URL == nil {
 					return r, NewError("autorest", "WithQueryParameters", "Invoked with a nil URL")
 				}
+
 				v := r.URL.Query()
 				for key, value := range parameters {
-					v.Add(key, value)
+					d, err := url.QueryUnescape(value)
+					if err != nil {
+						return r, err
+					}
+					v.Add(key, d)
 				}
-				r.URL.RawQuery = createQuery(v)
+				r.URL.RawQuery = v.Encode()
 			}
 			return r, err
 		})
diff --git a/vendor/github.com/Azure/go-autorest/autorest/sender.go b/vendor/github.com/Azure/go-autorest/autorest/sender.go
index 7264c32f27db..c5efd59a219f 100644
--- a/vendor/github.com/Azure/go-autorest/autorest/sender.go
+++ b/vendor/github.com/Azure/go-autorest/autorest/sender.go
@@ -215,19 +215,26 @@ func DoRetryForStatusCodes(attempts int, backoff time.Duration, codes ...int) Se
 			rr := NewRetriableRequest(r)
 			// Increment to add the first call (attempts denotes number of retries)
 			attempts++
-			for attempt := 0; attempt < attempts; attempt++ {
+			for attempt := 0; attempt < attempts; {
 				err = rr.Prepare()
 				if err != nil {
 					return resp, err
 				}
 				resp, err = s.Do(rr.Request())
-				if err != nil || !ResponseHasStatusCode(resp, codes...) {
+				// we want to retry if err is not nil (e.g. transient network failure).  note that for failed authentication
+				// resp and err will both have a value, so in this case we don't want to retry as it will never succeed.
+				if err == nil && !ResponseHasStatusCode(resp, codes...) || IsTokenRefreshError(err) {
 					return resp, err
 				}
 				delayed := DelayWithRetryAfter(resp, r.Cancel)
 				if !delayed {
 					DelayForBackoff(backoff, attempt, r.Cancel)
 				}
+				// don't count a 429 against the number of attempts
+				// so that we continue to retry until it succeeds
+				if resp == nil || resp.StatusCode != http.StatusTooManyRequests {
+					attempt++
+				}
 			}
 			return resp, err
 		})
@@ -237,6 +244,9 @@ func DoRetryForStatusCodes(attempts int, backoff time.Duration, codes ...int) Se
 // DelayWithRetryAfter invokes time.After for the duration specified in the "Retry-After" header in
 // responses with status code 429
 func DelayWithRetryAfter(resp *http.Response, cancel <-chan struct{}) bool {
+	if resp == nil {
+		return false
+	}
 	retryAfter, _ := strconv.Atoi(resp.Header.Get("Retry-After"))
 	if resp.StatusCode == http.StatusTooManyRequests && retryAfter > 0 {
 		select {
diff --git a/vendor/github.com/Azure/go-autorest/autorest/utility.go b/vendor/github.com/Azure/go-autorest/autorest/utility.go
index dfdc6efdff06..afb3e4e161ba 100644
--- a/vendor/github.com/Azure/go-autorest/autorest/utility.go
+++ b/vendor/github.com/Azure/go-autorest/autorest/utility.go
@@ -20,10 +20,12 @@ import (
 	"encoding/xml"
 	"fmt"
 	"io"
+	"net/http"
 	"net/url"
 	"reflect"
-	"sort"
 	"strings"
+
+	"github.com/Azure/go-autorest/autorest/adal"
 )
 
 // EncodedAs is a series of constants specifying various data encodings
@@ -137,13 +139,38 @@ func MapToValues(m map[string]interface{}) url.Values {
 	return v
 }
 
+// AsStringSlice method converts interface{} to []string. This expects a
+//that the parameter passed to be a slice or array of a type that has the underlying
+//type a string.
+func AsStringSlice(s interface{}) ([]string, error) {
+	v := reflect.ValueOf(s)
+	if v.Kind() != reflect.Slice && v.Kind() != reflect.Array {
+		return nil, NewError("autorest", "AsStringSlice", "the value's type is not an array.")
+	}
+	stringSlice := make([]string, 0, v.Len())
+
+	for i := 0; i < v.Len(); i++ {
+		stringSlice = append(stringSlice, v.Index(i).String())
+	}
+	return stringSlice, nil
+}
+
 // String method converts interface v to string. If interface is a list, it
-// joins list elements using separator.
+// joins list elements using the seperator. Note that only sep[0] will be used for
+// joining if any separator is specified.
 func String(v interface{}, sep ...string) string {
-	if len(sep) > 0 {
-		return ensureValueString(strings.Join(v.([]string), sep[0]))
+	if len(sep) == 0 {
+		return ensureValueString(v)
 	}
-	return ensureValueString(v)
+	stringSlice, ok := v.([]string)
+	if ok == false {
+		var err error
+		stringSlice, err = AsStringSlice(v)
+		if err != nil {
+			panic(fmt.Sprintf("autorest: Couldn't convert value to a string %s.", err))
+		}
+	}
+	return ensureValueString(strings.Join(stringSlice, sep[0]))
 }
 
 // Encode method encodes url path and query parameters.
@@ -167,26 +194,25 @@ func queryEscape(s string) string {
 	return url.QueryEscape(s)
 }
 
-// This method is same as Encode() method of "net/url" go package,
-// except it does not encode the query parameters because they
-// already come encoded. It formats values map in query format (bar=foo&a=b).
-func createQuery(v url.Values) string {
-	var buf bytes.Buffer
-	keys := make([]string, 0, len(v))
-	for k := range v {
-		keys = append(keys, k)
+// ChangeToGet turns the specified http.Request into a GET (it assumes it wasn't).
+// This is mainly useful for long-running operations that use the Azure-AsyncOperation
+// header, so we change the initial PUT into a GET to retrieve the final result.
+func ChangeToGet(req *http.Request) *http.Request {
+	req.Method = "GET"
+	req.Body = nil
+	req.ContentLength = 0
+	req.Header.Del("Content-Length")
+	return req
+}
+
+// IsTokenRefreshError returns true if the specified error implements the TokenRefreshError
+// interface.  If err is a DetailedError it will walk the chain of Original errors.
+func IsTokenRefreshError(err error) bool {
+	if _, ok := err.(adal.TokenRefreshError); ok {
+		return true
 	}
-	sort.Strings(keys)
-	for _, k := range keys {
-		vs := v[k]
-		prefix := url.QueryEscape(k) + "="
-		for _, v := range vs {
-			if buf.Len() > 0 {
-				buf.WriteByte('&')
-			}
-			buf.WriteString(prefix)
-			buf.WriteString(v)
-		}
+	if de, ok := err.(DetailedError); ok {
+		return IsTokenRefreshError(de.Original)
 	}
-	return buf.String()
+	return false
 }
diff --git a/vendor/github.com/Azure/go-autorest/autorest/version.go b/vendor/github.com/Azure/go-autorest/autorest/version.go
index f588807dbb9c..a19c0d35a2d4 100644
--- a/vendor/github.com/Azure/go-autorest/autorest/version.go
+++ b/vendor/github.com/Azure/go-autorest/autorest/version.go
@@ -22,9 +22,9 @@ import (
 )
 
 const (
-	major = 8
-	minor = 0
-	patch = 0
+	major = 9
+	minor = 8
+	patch = 1
 	tag   = ""
 )
 
diff --git a/vendor/github.com/cockroachdb/cmux/.travis.yml b/vendor/github.com/cockroachdb/cmux/.travis.yml
index 9343f8d2c9d7..e73780f2eb0b 100644
--- a/vendor/github.com/cockroachdb/cmux/.travis.yml
+++ b/vendor/github.com/cockroachdb/cmux/.travis.yml
@@ -1,29 +1,22 @@
 language: go
 
 go:
+  - 1.3
+  - 1.4
   - 1.5
   - 1.6
-  - 1.7
-  - tip
-
-matrix:
-  allow_failures:
-    - go: tip
 
 gobuild_args: -race
 
 before_install:
-  - if [[ $TRAVIS_GO_VERSION == 1.7* ]]; then go get -u github.com/kisielk/errcheck; fi
-  - if [[ $TRAVIS_GO_VERSION == 1.7* ]]; then go get -u github.com/golang/lint/golint; fi
+  - go get -u github.com/golang/lint/golint
+  - if [[ $TRAVIS_GO_VERSION == 1.5* ]]; then go get -u github.com/kisielk/errcheck; fi
+  - go get -u golang.org/x/tools/cmd/vet
 
 before_script:
   - '! gofmt -s -l . | read'
+  - golint ./...
   - echo $TRAVIS_GO_VERSION
-  - if [[ $TRAVIS_GO_VERSION == 1.7* ]]; then golint ./...; fi
-  - if [[ $TRAVIS_GO_VERSION == 1.7* ]]; then errcheck ./...; fi
-  - if [[ $TRAVIS_GO_VERSION == 1.7* ]]; then go tool vet .; fi
-  - if [[ $TRAVIS_GO_VERSION == 1.7* ]]; then go tool vet --shadow .; fi
-
-script:
-  - go test -bench . -v ./...
-  - go test -race -bench . -v ./...
+  - if [[ $TRAVIS_GO_VERSION == 1.5* ]]; then errcheck ./...; fi
+  - go vet .
+  - go tool vet --shadow .
diff --git a/vendor/github.com/cockroachdb/cmux/CONTRIBUTORS b/vendor/github.com/cockroachdb/cmux/CONTRIBUTORS
deleted file mode 100644
index 1b73178547c1..000000000000
--- a/vendor/github.com/cockroachdb/cmux/CONTRIBUTORS
+++ /dev/null
@@ -1,11 +0,0 @@
-# The list of people who have contributed code to the cmux repository.
-#
-# Auto-generated with:
-#		git log --oneline --pretty=format:'%an <%aE>' | sort -u
-#
-Dmitri Shuralyov <shurcooL@gmail.com>
-Ethan Mosbaugh <emosbaugh@gmail.com>
-Soheil Hassas Yeganeh <soheil.h.y@gmail.com>
-Soheil Hassas Yeganeh <soheil@cs.toronto.edu>
-Tamir Duberstein <tamir@cockroachlabs.com>
-Tamir Duberstein <tamird@gmail.com>
diff --git a/vendor/github.com/cockroachdb/cmux/README.md b/vendor/github.com/cockroachdb/cmux/README.md
index 26e1737d731e..b3713da5876a 100644
--- a/vendor/github.com/cockroachdb/cmux/README.md
+++ b/vendor/github.com/cockroachdb/cmux/README.md
@@ -63,10 +63,3 @@ example of this approach.
 when it's accepted. For example, one connection can be either gRPC or REST, but
 not both. That is, we assume that a client connection is either used for gRPC
 or REST.
-
-# Copyright and License
-Copyright 2016 The CMux Authors. All rights reserved.
-
-See [CONTRIBUTORS](https://github.com/cockroachdb/cmux/blob/master/CONTRIBUTORS)
-for the CMux Authors. Code is released under
-[the Apache 2 license](https://github.com/cockroachdb/cmux/blob/master/LICENSE).
diff --git a/vendor/github.com/cockroachdb/cmux/buffer.go b/vendor/github.com/cockroachdb/cmux/buffer.go
index dc4d9921f01d..5c1785853634 100644
--- a/vendor/github.com/cockroachdb/cmux/buffer.go
+++ b/vendor/github.com/cockroachdb/cmux/buffer.go
@@ -1,17 +1,3 @@
-// Copyright 2016 The CMux Authors. All rights reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-// implied. See the License for the specific language governing
-// permissions and limitations under the License.
-
 package cmux
 
 import (
diff --git a/vendor/github.com/cockroachdb/cmux/cmux.go b/vendor/github.com/cockroachdb/cmux/cmux.go
index f9787fdfdca7..89cc910b024e 100644
--- a/vendor/github.com/cockroachdb/cmux/cmux.go
+++ b/vendor/github.com/cockroachdb/cmux/cmux.go
@@ -1,17 +1,3 @@
-// Copyright 2016 The CMux Authors. All rights reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-// implied. See the License for the specific language governing
-// permissions and limitations under the License.
-
 package cmux
 
 import (
diff --git a/vendor/github.com/cockroachdb/cmux/matchers.go b/vendor/github.com/cockroachdb/cmux/matchers.go
index 939909818934..abc30f6e0ad0 100644
--- a/vendor/github.com/cockroachdb/cmux/matchers.go
+++ b/vendor/github.com/cockroachdb/cmux/matchers.go
@@ -1,17 +1,3 @@
-// Copyright 2016 The CMux Authors. All rights reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-// implied. See the License for the specific language governing
-// permissions and limitations under the License.
-
 package cmux
 
 import (
diff --git a/vendor/github.com/cockroachdb/cmux/patricia.go b/vendor/github.com/cockroachdb/cmux/patricia.go
index c3e3d85bdeaf..56ec4e7b287c 100644
--- a/vendor/github.com/cockroachdb/cmux/patricia.go
+++ b/vendor/github.com/cockroachdb/cmux/patricia.go
@@ -1,17 +1,3 @@
-// Copyright 2016 The CMux Authors. All rights reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-// implied. See the License for the specific language governing
-// permissions and limitations under the License.
-
 package cmux
 
 import (
@@ -22,20 +8,12 @@ import (
 // patriciaTree is a simple patricia tree that handles []byte instead of string
 // and cannot be changed after instantiation.
 type patriciaTree struct {
-	root     *ptNode
-	maxDepth int // max depth of the tree.
+	root *ptNode
 }
 
-func newPatriciaTree(bs ...[]byte) *patriciaTree {
-	max := 0
-	for _, b := range bs {
-		if max < len(b) {
-			max = len(b)
-		}
-	}
+func newPatriciaTree(b ...[]byte) *patriciaTree {
 	return &patriciaTree{
-		root:     newNode(bs),
-		maxDepth: max + 1,
+		root: newNode(b),
 	}
 }
 
@@ -44,19 +22,17 @@ func newPatriciaTreeString(strs ...string) *patriciaTree {
 	for i, s := range strs {
 		b[i] = []byte(s)
 	}
-	return newPatriciaTree(b...)
+	return &patriciaTree{
+		root: newNode(b),
+	}
 }
 
 func (t *patriciaTree) matchPrefix(r io.Reader) bool {
-	buf := make([]byte, t.maxDepth)
-	n, _ := io.ReadFull(r, buf)
-	return t.root.match(buf[:n], true)
+	return t.root.match(r, true)
 }
 
 func (t *patriciaTree) match(r io.Reader) bool {
-	buf := make([]byte, t.maxDepth)
-	n, _ := io.ReadFull(r, buf)
-	return t.root.match(buf[:n], false)
+	return t.root.match(r, false)
 }
 
 type ptNode struct {
@@ -146,34 +122,52 @@ func splitPrefix(bss [][]byte) (prefix []byte, rest [][]byte) {
 	return prefix, rest
 }
 
-func (n *ptNode) match(b []byte, prefix bool) bool {
-	l := len(n.prefix)
-	if l > 0 {
-		if l > len(b) {
-			l = len(b)
+func readBytes(r io.Reader, n int) (b []byte, err error) {
+	b = make([]byte, n)
+	o := 0
+	for o < n {
+		nr, err := r.Read(b[o:])
+		if err != nil && err != io.EOF {
+			return b, err
 		}
-		if !bytes.Equal(b[:l], n.prefix) {
+
+		o += nr
+
+		if err == io.EOF {
+			break
+		}
+	}
+	return b[:o], nil
+}
+
+func (n *ptNode) match(r io.Reader, prefix bool) bool {
+	if l := len(n.prefix); l > 0 {
+		b, err := readBytes(r, l)
+		if err != nil || len(b) != l || !bytes.Equal(b, n.prefix) {
 			return false
 		}
 	}
 
-	if n.terminal && (prefix || len(n.prefix) == len(b)) {
+	if prefix && n.terminal {
 		return true
 	}
 
-	if l >= len(b) {
-		return false
-	}
+	b := make([]byte, 1)
+	for {
+		nr, err := r.Read(b)
+		if nr != 0 {
+			break
+		}
 
-	nextN, ok := n.next[b[l]]
-	if !ok {
-		return false
-	}
+		if err == io.EOF {
+			return n.terminal
+		}
 
-	if l == len(b) {
-		b = b[l:l]
-	} else {
-		b = b[l+1:]
+		if err != nil {
+			return false
+		}
 	}
-	return nextN.match(b, prefix)
+
+	nextN, ok := n.next[b[0]]
+	return ok && nextN.match(r, prefix)
 }
diff --git a/vendor/github.com/container-storage-interface/spec/lib/go/csi/csi.pb.go b/vendor/github.com/container-storage-interface/spec/lib/go/csi/v0/csi.pb.go
similarity index 57%
rename from vendor/github.com/container-storage-interface/spec/lib/go/csi/csi.pb.go
rename to vendor/github.com/container-storage-interface/spec/lib/go/csi/v0/csi.pb.go
index 6158a4870cc8..969362ff47d3 100644
--- a/vendor/github.com/container-storage-interface/spec/lib/go/csi/csi.pb.go
+++ b/vendor/github.com/container-storage-interface/spec/lib/go/csi/v0/csi.pb.go
@@ -8,16 +8,18 @@ It is generated from these files:
 	csi.proto
 
 It has these top-level messages:
-	GetSupportedVersionsRequest
-	GetSupportedVersionsResponse
-	Version
 	GetPluginInfoRequest
 	GetPluginInfoResponse
+	GetPluginCapabilitiesRequest
+	GetPluginCapabilitiesResponse
+	PluginCapability
+	ProbeRequest
+	ProbeResponse
 	CreateVolumeRequest
 	CreateVolumeResponse
 	VolumeCapability
 	CapacityRange
-	VolumeInfo
+	Volume
 	DeleteVolumeRequest
 	DeleteVolumeResponse
 	ControllerPublishVolumeRequest
@@ -30,19 +32,19 @@ It has these top-level messages:
 	ListVolumesResponse
 	GetCapacityRequest
 	GetCapacityResponse
-	ControllerProbeRequest
-	ControllerProbeResponse
 	ControllerGetCapabilitiesRequest
 	ControllerGetCapabilitiesResponse
 	ControllerServiceCapability
+	NodeStageVolumeRequest
+	NodeStageVolumeResponse
+	NodeUnstageVolumeRequest
+	NodeUnstageVolumeResponse
 	NodePublishVolumeRequest
 	NodePublishVolumeResponse
 	NodeUnpublishVolumeRequest
 	NodeUnpublishVolumeResponse
-	GetNodeIDRequest
-	GetNodeIDResponse
-	NodeProbeRequest
-	NodeProbeResponse
+	NodeGetIdRequest
+	NodeGetIdResponse
 	NodeGetCapabilitiesRequest
 	NodeGetCapabilitiesResponse
 	NodeServiceCapability
@@ -69,13 +71,46 @@ var _ = math.Inf
 // proto package needs to be updated.
 const _ = proto.ProtoPackageIsVersion2 // please upgrade the proto package
 
+type PluginCapability_Service_Type int32
+
+const (
+	PluginCapability_Service_UNKNOWN PluginCapability_Service_Type = 0
+	// CONTROLLER_SERVICE indicates that the Plugin provides RPCs for
+	// the ControllerService. Plugins SHOULD provide this capability.
+	// In rare cases certain plugins may wish to omit the
+	// ControllerService entirely from their implementation, but such
+	// SHOULD NOT be the common case.
+	// The presence of this capability determines whether the CO will
+	// attempt to invoke the REQUIRED ControllerService RPCs, as well
+	// as specific RPCs as indicated by ControllerGetCapabilities.
+	PluginCapability_Service_CONTROLLER_SERVICE PluginCapability_Service_Type = 1
+)
+
+var PluginCapability_Service_Type_name = map[int32]string{
+	0: "UNKNOWN",
+	1: "CONTROLLER_SERVICE",
+}
+var PluginCapability_Service_Type_value = map[string]int32{
+	"UNKNOWN":            0,
+	"CONTROLLER_SERVICE": 1,
+}
+
+func (x PluginCapability_Service_Type) String() string {
+	return proto.EnumName(PluginCapability_Service_Type_name, int32(x))
+}
+func (PluginCapability_Service_Type) EnumDescriptor() ([]byte, []int) {
+	return fileDescriptor0, []int{4, 0, 0}
+}
+
 type VolumeCapability_AccessMode_Mode int32
 
 const (
 	VolumeCapability_AccessMode_UNKNOWN VolumeCapability_AccessMode_Mode = 0
-	// Can be published as read/write at one node at a time.
+	// Can only be published once as read/write on a single node, at
+	// any given time.
 	VolumeCapability_AccessMode_SINGLE_NODE_WRITER VolumeCapability_AccessMode_Mode = 1
-	// Can be published as readonly at one node at a time.
+	// Can only be published once as readonly on a single node, at
+	// any given time.
 	VolumeCapability_AccessMode_SINGLE_NODE_READER_ONLY VolumeCapability_AccessMode_Mode = 2
 	// Can be published as readonly at multiple nodes simultaneously.
 	VolumeCapability_AccessMode_MULTI_NODE_READER_ONLY VolumeCapability_AccessMode_Mode = 3
@@ -108,7 +143,7 @@ func (x VolumeCapability_AccessMode_Mode) String() string {
 	return proto.EnumName(VolumeCapability_AccessMode_Mode_name, int32(x))
 }
 func (VolumeCapability_AccessMode_Mode) EnumDescriptor() ([]byte, []int) {
-	return fileDescriptor0, []int{7, 2, 0}
+	return fileDescriptor0, []int{9, 2, 0}
 }
 
 type ControllerServiceCapability_RPC_Type int32
@@ -146,103 +181,33 @@ func (ControllerServiceCapability_RPC_Type) EnumDescriptor() ([]byte, []int) {
 type NodeServiceCapability_RPC_Type int32
 
 const (
-	NodeServiceCapability_RPC_UNKNOWN NodeServiceCapability_RPC_Type = 0
+	NodeServiceCapability_RPC_UNKNOWN              NodeServiceCapability_RPC_Type = 0
+	NodeServiceCapability_RPC_STAGE_UNSTAGE_VOLUME NodeServiceCapability_RPC_Type = 1
 )
 
 var NodeServiceCapability_RPC_Type_name = map[int32]string{
 	0: "UNKNOWN",
+	1: "STAGE_UNSTAGE_VOLUME",
 }
 var NodeServiceCapability_RPC_Type_value = map[string]int32{
-	"UNKNOWN": 0,
+	"UNKNOWN":              0,
+	"STAGE_UNSTAGE_VOLUME": 1,
 }
 
 func (x NodeServiceCapability_RPC_Type) String() string {
 	return proto.EnumName(NodeServiceCapability_RPC_Type_name, int32(x))
 }
 func (NodeServiceCapability_RPC_Type) EnumDescriptor() ([]byte, []int) {
-	return fileDescriptor0, []int{37, 0, 0}
+	return fileDescriptor0, []int{39, 0, 0}
 }
 
-// //////
-// //////
-type GetSupportedVersionsRequest struct {
-}
-
-func (m *GetSupportedVersionsRequest) Reset()                    { *m = GetSupportedVersionsRequest{} }
-func (m *GetSupportedVersionsRequest) String() string            { return proto.CompactTextString(m) }
-func (*GetSupportedVersionsRequest) ProtoMessage()               {}
-func (*GetSupportedVersionsRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{0} }
-
-type GetSupportedVersionsResponse struct {
-	// All the CSI versions that the Plugin supports. This field is
-	// REQUIRED.
-	SupportedVersions []*Version `protobuf:"bytes,1,rep,name=supported_versions,json=supportedVersions" json:"supported_versions,omitempty"`
-}
-
-func (m *GetSupportedVersionsResponse) Reset()                    { *m = GetSupportedVersionsResponse{} }
-func (m *GetSupportedVersionsResponse) String() string            { return proto.CompactTextString(m) }
-func (*GetSupportedVersionsResponse) ProtoMessage()               {}
-func (*GetSupportedVersionsResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{1} }
-
-func (m *GetSupportedVersionsResponse) GetSupportedVersions() []*Version {
-	if m != nil {
-		return m.SupportedVersions
-	}
-	return nil
-}
-
-// Specifies a version in Semantic Version 2.0 format.
-// (http://semver.org/spec/v2.0.0.html)
-type Version struct {
-	Major uint32 `protobuf:"varint,1,opt,name=major" json:"major,omitempty"`
-	Minor uint32 `protobuf:"varint,2,opt,name=minor" json:"minor,omitempty"`
-	Patch uint32 `protobuf:"varint,3,opt,name=patch" json:"patch,omitempty"`
-}
-
-func (m *Version) Reset()                    { *m = Version{} }
-func (m *Version) String() string            { return proto.CompactTextString(m) }
-func (*Version) ProtoMessage()               {}
-func (*Version) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{2} }
-
-func (m *Version) GetMajor() uint32 {
-	if m != nil {
-		return m.Major
-	}
-	return 0
-}
-
-func (m *Version) GetMinor() uint32 {
-	if m != nil {
-		return m.Minor
-	}
-	return 0
-}
-
-func (m *Version) GetPatch() uint32 {
-	if m != nil {
-		return m.Patch
-	}
-	return 0
-}
-
-// //////
-// //////
 type GetPluginInfoRequest struct {
-	// The API version assumed by the CO. This is a REQUIRED field.
-	Version *Version `protobuf:"bytes,1,opt,name=version" json:"version,omitempty"`
 }
 
 func (m *GetPluginInfoRequest) Reset()                    { *m = GetPluginInfoRequest{} }
 func (m *GetPluginInfoRequest) String() string            { return proto.CompactTextString(m) }
 func (*GetPluginInfoRequest) ProtoMessage()               {}
-func (*GetPluginInfoRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{3} }
-
-func (m *GetPluginInfoRequest) GetVersion() *Version {
-	if m != nil {
-		return m.Version
-	}
-	return nil
-}
+func (*GetPluginInfoRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{0} }
 
 type GetPluginInfoResponse struct {
 	// The name MUST follow reverse domain name notation format
@@ -262,7 +227,7 @@ type GetPluginInfoResponse struct {
 func (m *GetPluginInfoResponse) Reset()                    { *m = GetPluginInfoResponse{} }
 func (m *GetPluginInfoResponse) String() string            { return proto.CompactTextString(m) }
 func (*GetPluginInfoResponse) ProtoMessage()               {}
-func (*GetPluginInfoResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{4} }
+func (*GetPluginInfoResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{1} }
 
 func (m *GetPluginInfoResponse) GetName() string {
 	if m != nil {
@@ -285,11 +250,156 @@ func (m *GetPluginInfoResponse) GetManifest() map[string]string {
 	return nil
 }
 
-// //////
-// //////
+type GetPluginCapabilitiesRequest struct {
+}
+
+func (m *GetPluginCapabilitiesRequest) Reset()                    { *m = GetPluginCapabilitiesRequest{} }
+func (m *GetPluginCapabilitiesRequest) String() string            { return proto.CompactTextString(m) }
+func (*GetPluginCapabilitiesRequest) ProtoMessage()               {}
+func (*GetPluginCapabilitiesRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{2} }
+
+type GetPluginCapabilitiesResponse struct {
+	// All the capabilities that the controller service supports. This
+	// field is OPTIONAL.
+	Capabilities []*PluginCapability `protobuf:"bytes,2,rep,name=capabilities" json:"capabilities,omitempty"`
+}
+
+func (m *GetPluginCapabilitiesResponse) Reset()                    { *m = GetPluginCapabilitiesResponse{} }
+func (m *GetPluginCapabilitiesResponse) String() string            { return proto.CompactTextString(m) }
+func (*GetPluginCapabilitiesResponse) ProtoMessage()               {}
+func (*GetPluginCapabilitiesResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{3} }
+
+func (m *GetPluginCapabilitiesResponse) GetCapabilities() []*PluginCapability {
+	if m != nil {
+		return m.Capabilities
+	}
+	return nil
+}
+
+// Specifies a capability of the plugin.
+type PluginCapability struct {
+	// Types that are valid to be assigned to Type:
+	//	*PluginCapability_Service_
+	Type isPluginCapability_Type `protobuf_oneof:"type"`
+}
+
+func (m *PluginCapability) Reset()                    { *m = PluginCapability{} }
+func (m *PluginCapability) String() string            { return proto.CompactTextString(m) }
+func (*PluginCapability) ProtoMessage()               {}
+func (*PluginCapability) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{4} }
+
+type isPluginCapability_Type interface {
+	isPluginCapability_Type()
+}
+
+type PluginCapability_Service_ struct {
+	Service *PluginCapability_Service `protobuf:"bytes,1,opt,name=service,oneof"`
+}
+
+func (*PluginCapability_Service_) isPluginCapability_Type() {}
+
+func (m *PluginCapability) GetType() isPluginCapability_Type {
+	if m != nil {
+		return m.Type
+	}
+	return nil
+}
+
+func (m *PluginCapability) GetService() *PluginCapability_Service {
+	if x, ok := m.GetType().(*PluginCapability_Service_); ok {
+		return x.Service
+	}
+	return nil
+}
+
+// XXX_OneofFuncs is for the internal use of the proto package.
+func (*PluginCapability) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{}) {
+	return _PluginCapability_OneofMarshaler, _PluginCapability_OneofUnmarshaler, _PluginCapability_OneofSizer, []interface{}{
+		(*PluginCapability_Service_)(nil),
+	}
+}
+
+func _PluginCapability_OneofMarshaler(msg proto.Message, b *proto.Buffer) error {
+	m := msg.(*PluginCapability)
+	// type
+	switch x := m.Type.(type) {
+	case *PluginCapability_Service_:
+		b.EncodeVarint(1<<3 | proto.WireBytes)
+		if err := b.EncodeMessage(x.Service); err != nil {
+			return err
+		}
+	case nil:
+	default:
+		return fmt.Errorf("PluginCapability.Type has unexpected type %T", x)
+	}
+	return nil
+}
+
+func _PluginCapability_OneofUnmarshaler(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error) {
+	m := msg.(*PluginCapability)
+	switch tag {
+	case 1: // type.service
+		if wire != proto.WireBytes {
+			return true, proto.ErrInternalBadWireType
+		}
+		msg := new(PluginCapability_Service)
+		err := b.DecodeMessage(msg)
+		m.Type = &PluginCapability_Service_{msg}
+		return true, err
+	default:
+		return false, nil
+	}
+}
+
+func _PluginCapability_OneofSizer(msg proto.Message) (n int) {
+	m := msg.(*PluginCapability)
+	// type
+	switch x := m.Type.(type) {
+	case *PluginCapability_Service_:
+		s := proto.Size(x.Service)
+		n += proto.SizeVarint(1<<3 | proto.WireBytes)
+		n += proto.SizeVarint(uint64(s))
+		n += s
+	case nil:
+	default:
+		panic(fmt.Sprintf("proto: unexpected type %T in oneof", x))
+	}
+	return n
+}
+
+type PluginCapability_Service struct {
+	Type PluginCapability_Service_Type `protobuf:"varint,1,opt,name=type,enum=csi.v0.PluginCapability_Service_Type" json:"type,omitempty"`
+}
+
+func (m *PluginCapability_Service) Reset()                    { *m = PluginCapability_Service{} }
+func (m *PluginCapability_Service) String() string            { return proto.CompactTextString(m) }
+func (*PluginCapability_Service) ProtoMessage()               {}
+func (*PluginCapability_Service) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{4, 0} }
+
+func (m *PluginCapability_Service) GetType() PluginCapability_Service_Type {
+	if m != nil {
+		return m.Type
+	}
+	return PluginCapability_Service_UNKNOWN
+}
+
+type ProbeRequest struct {
+}
+
+func (m *ProbeRequest) Reset()                    { *m = ProbeRequest{} }
+func (m *ProbeRequest) String() string            { return proto.CompactTextString(m) }
+func (*ProbeRequest) ProtoMessage()               {}
+func (*ProbeRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{5} }
+
+type ProbeResponse struct {
+}
+
+func (m *ProbeResponse) Reset()                    { *m = ProbeResponse{} }
+func (m *ProbeResponse) String() string            { return proto.CompactTextString(m) }
+func (*ProbeResponse) ProtoMessage()               {}
+func (*ProbeResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{6} }
+
 type CreateVolumeRequest struct {
-	// The API version assumed by the CO. This field is REQUIRED.
-	Version *Version `protobuf:"bytes,1,opt,name=version" json:"version,omitempty"`
 	// The suggested name for the storage space. This field is REQUIRED.
 	// It serves two purposes:
 	// 1) Idempotency - This name is generated by the CO to achieve
@@ -305,11 +415,11 @@ type CreateVolumeRequest struct {
 	//    an identifier by which to refer to the newly provisioned
 	//    storage. If a storage system supports this, it can optionally
 	//    use this name as the identifier for the new volume.
-	Name string `protobuf:"bytes,2,opt,name=name" json:"name,omitempty"`
+	Name string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
 	// This field is OPTIONAL. This allows the CO to specify the capacity
 	// requirement of the volume to be provisioned. If not specified, the
 	// Plugin MAY choose an implementation-defined capacity range.
-	CapacityRange *CapacityRange `protobuf:"bytes,3,opt,name=capacity_range,json=capacityRange" json:"capacity_range,omitempty"`
+	CapacityRange *CapacityRange `protobuf:"bytes,2,opt,name=capacity_range,json=capacityRange" json:"capacity_range,omitempty"`
 	// The capabilities that the provisioned volume MUST have: the Plugin
 	// MUST provision a volume that could satisfy ALL of the
 	// capabilities specified in this list. The Plugin MUST assume that
@@ -318,36 +428,35 @@ type CreateVolumeRequest struct {
 	// early validation: if ANY of the specified volume capabilities are
 	// not supported by the Plugin, the call SHALL fail. This field is
 	// REQUIRED.
-	VolumeCapabilities []*VolumeCapability `protobuf:"bytes,4,rep,name=volume_capabilities,json=volumeCapabilities" json:"volume_capabilities,omitempty"`
+	VolumeCapabilities []*VolumeCapability `protobuf:"bytes,3,rep,name=volume_capabilities,json=volumeCapabilities" json:"volume_capabilities,omitempty"`
 	// Plugin specific parameters passed in as opaque key-value pairs.
 	// This field is OPTIONAL. The Plugin is responsible for parsing and
 	// validating these parameters. COs will treat these as opaque.
-	Parameters map[string]string `protobuf:"bytes,5,rep,name=parameters" json:"parameters,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
-	// End user credentials used to authenticate/authorize volume creation
-	// request.
-	// This field contains credential data, for example username and
-	// password. Each key must consist of alphanumeric characters, '-',
-	// '_' or '.'. Each value MUST contain a valid string. An SP MAY
-	// choose to accept binary (non-string) data by using a binary-to-text
-	// encoding scheme, like base64. An SP SHALL advertise the
-	// requirements for credentials in documentation. COs SHALL permit
-	// users to pass through the required credentials. This information is
-	// sensitive and MUST be treated as such (not logged, etc.) by the CO.
+	Parameters map[string]string `protobuf:"bytes,4,rep,name=parameters" json:"parameters,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
+	// Secrets required by plugin to complete volume creation request.
+	// A secret is a string to string map where the key identifies the
+	// name of the secret (e.g. "username" or "password"), and the value
+	// contains the secret data (e.g. "bob" or "abc123").
+	// Each key MUST consist of alphanumeric characters, '-', '_' or '.'.
+	// Each value MUST contain a valid string. An SP MAY choose to accept
+	// binary (non-string) data by using a binary-to-text encoding scheme,
+	// like base64.
+	// An SP SHALL advertise the requirements for required secret keys and
+	// values in documentation.
+	// CO SHALL permit passing through the required secrets.
+	// A CO MAY pass the same secrets to all RPCs, therefore the keys for
+	// all unique secrets that an SP expects must be unique across all CSI
+	// operations.
+	// This information is sensitive and MUST be treated as such (not
+	// logged, etc.) by the CO.
 	// This field is OPTIONAL.
-	UserCredentials map[string]string `protobuf:"bytes,6,rep,name=user_credentials,json=userCredentials" json:"user_credentials,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
+	ControllerCreateSecrets map[string]string `protobuf:"bytes,5,rep,name=controller_create_secrets,json=controllerCreateSecrets" json:"controller_create_secrets,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
 }
 
 func (m *CreateVolumeRequest) Reset()                    { *m = CreateVolumeRequest{} }
 func (m *CreateVolumeRequest) String() string            { return proto.CompactTextString(m) }
 func (*CreateVolumeRequest) ProtoMessage()               {}
-func (*CreateVolumeRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{5} }
-
-func (m *CreateVolumeRequest) GetVersion() *Version {
-	if m != nil {
-		return m.Version
-	}
-	return nil
-}
+func (*CreateVolumeRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{7} }
 
 func (m *CreateVolumeRequest) GetName() string {
 	if m != nil {
@@ -377,9 +486,9 @@ func (m *CreateVolumeRequest) GetParameters() map[string]string {
 	return nil
 }
 
-func (m *CreateVolumeRequest) GetUserCredentials() map[string]string {
+func (m *CreateVolumeRequest) GetControllerCreateSecrets() map[string]string {
 	if m != nil {
-		return m.UserCredentials
+		return m.ControllerCreateSecrets
 	}
 	return nil
 }
@@ -388,17 +497,17 @@ type CreateVolumeResponse struct {
 	// Contains all attributes of the newly created volume that are
 	// relevant to the CO along with information required by the Plugin
 	// to uniquely identify the volume. This field is REQUIRED.
-	VolumeInfo *VolumeInfo `protobuf:"bytes,1,opt,name=volume_info,json=volumeInfo" json:"volume_info,omitempty"`
+	Volume *Volume `protobuf:"bytes,1,opt,name=volume" json:"volume,omitempty"`
 }
 
 func (m *CreateVolumeResponse) Reset()                    { *m = CreateVolumeResponse{} }
 func (m *CreateVolumeResponse) String() string            { return proto.CompactTextString(m) }
 func (*CreateVolumeResponse) ProtoMessage()               {}
-func (*CreateVolumeResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{6} }
+func (*CreateVolumeResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{8} }
 
-func (m *CreateVolumeResponse) GetVolumeInfo() *VolumeInfo {
+func (m *CreateVolumeResponse) GetVolume() *Volume {
 	if m != nil {
-		return m.VolumeInfo
+		return m.Volume
 	}
 	return nil
 }
@@ -419,7 +528,7 @@ type VolumeCapability struct {
 func (m *VolumeCapability) Reset()                    { *m = VolumeCapability{} }
 func (m *VolumeCapability) String() string            { return proto.CompactTextString(m) }
 func (*VolumeCapability) ProtoMessage()               {}
-func (*VolumeCapability) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{7} }
+func (*VolumeCapability) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{9} }
 
 type isVolumeCapability_AccessType interface {
 	isVolumeCapability_AccessType()
@@ -544,7 +653,7 @@ type VolumeCapability_BlockVolume struct {
 func (m *VolumeCapability_BlockVolume) Reset()                    { *m = VolumeCapability_BlockVolume{} }
 func (m *VolumeCapability_BlockVolume) String() string            { return proto.CompactTextString(m) }
 func (*VolumeCapability_BlockVolume) ProtoMessage()               {}
-func (*VolumeCapability_BlockVolume) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{7, 0} }
+func (*VolumeCapability_BlockVolume) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{9, 0} }
 
 // Indicate that the volume will be accessed via the filesystem API.
 type VolumeCapability_MountVolume struct {
@@ -562,7 +671,7 @@ type VolumeCapability_MountVolume struct {
 func (m *VolumeCapability_MountVolume) Reset()                    { *m = VolumeCapability_MountVolume{} }
 func (m *VolumeCapability_MountVolume) String() string            { return proto.CompactTextString(m) }
 func (*VolumeCapability_MountVolume) ProtoMessage()               {}
-func (*VolumeCapability_MountVolume) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{7, 1} }
+func (*VolumeCapability_MountVolume) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{9, 1} }
 
 func (m *VolumeCapability_MountVolume) GetFsType() string {
 	if m != nil {
@@ -581,13 +690,13 @@ func (m *VolumeCapability_MountVolume) GetMountFlags() []string {
 // Specify how a volume can be accessed.
 type VolumeCapability_AccessMode struct {
 	// This field is REQUIRED.
-	Mode VolumeCapability_AccessMode_Mode `protobuf:"varint,1,opt,name=mode,enum=csi.VolumeCapability_AccessMode_Mode" json:"mode,omitempty"`
+	Mode VolumeCapability_AccessMode_Mode `protobuf:"varint,1,opt,name=mode,enum=csi.v0.VolumeCapability_AccessMode_Mode" json:"mode,omitempty"`
 }
 
 func (m *VolumeCapability_AccessMode) Reset()                    { *m = VolumeCapability_AccessMode{} }
 func (m *VolumeCapability_AccessMode) String() string            { return proto.CompactTextString(m) }
 func (*VolumeCapability_AccessMode) ProtoMessage()               {}
-func (*VolumeCapability_AccessMode) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{7, 2} }
+func (*VolumeCapability_AccessMode) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{9, 2} }
 
 func (m *VolumeCapability_AccessMode) GetMode() VolumeCapability_AccessMode_Mode {
 	if m != nil {
@@ -602,25 +711,27 @@ func (m *VolumeCapability_AccessMode) GetMode() VolumeCapability_AccessMode_Mode
 type CapacityRange struct {
 	// Volume must be at least this big. This field is OPTIONAL.
 	// A value of 0 is equal to an unspecified field value.
-	RequiredBytes uint64 `protobuf:"varint,1,opt,name=required_bytes,json=requiredBytes" json:"required_bytes,omitempty"`
+	// The value of this field MUST NOT be negative.
+	RequiredBytes int64 `protobuf:"varint,1,opt,name=required_bytes,json=requiredBytes" json:"required_bytes,omitempty"`
 	// Volume must not be bigger than this. This field is OPTIONAL.
 	// A value of 0 is equal to an unspecified field value.
-	LimitBytes uint64 `protobuf:"varint,2,opt,name=limit_bytes,json=limitBytes" json:"limit_bytes,omitempty"`
+	// The value of this field MUST NOT be negative.
+	LimitBytes int64 `protobuf:"varint,2,opt,name=limit_bytes,json=limitBytes" json:"limit_bytes,omitempty"`
 }
 
 func (m *CapacityRange) Reset()                    { *m = CapacityRange{} }
 func (m *CapacityRange) String() string            { return proto.CompactTextString(m) }
 func (*CapacityRange) ProtoMessage()               {}
-func (*CapacityRange) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{8} }
+func (*CapacityRange) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{10} }
 
-func (m *CapacityRange) GetRequiredBytes() uint64 {
+func (m *CapacityRange) GetRequiredBytes() int64 {
 	if m != nil {
 		return m.RequiredBytes
 	}
 	return 0
 }
 
-func (m *CapacityRange) GetLimitBytes() uint64 {
+func (m *CapacityRange) GetLimitBytes() int64 {
 	if m != nil {
 		return m.LimitBytes
 	}
@@ -628,11 +739,12 @@ func (m *CapacityRange) GetLimitBytes() uint64 {
 }
 
 // The information about a provisioned volume.
-type VolumeInfo struct {
+type Volume struct {
 	// The capacity of the volume in bytes. This field is OPTIONAL. If not
 	// set (value of 0), it indicates that the capacity of the volume is
 	// unknown (e.g., NFS share).
-	CapacityBytes uint64 `protobuf:"varint,1,opt,name=capacity_bytes,json=capacityBytes" json:"capacity_bytes,omitempty"`
+	// The value of this field MUST NOT be negative.
+	CapacityBytes int64 `protobuf:"varint,1,opt,name=capacity_bytes,json=capacityBytes" json:"capacity_bytes,omitempty"`
 	// Contains identity information for the created volume. This field is
 	// REQUIRED. The identity information will be used by the CO in
 	// subsequent calls to refer to the provisioned volume.
@@ -648,65 +760,60 @@ type VolumeInfo struct {
 	Attributes map[string]string `protobuf:"bytes,3,rep,name=attributes" json:"attributes,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
 }
 
-func (m *VolumeInfo) Reset()                    { *m = VolumeInfo{} }
-func (m *VolumeInfo) String() string            { return proto.CompactTextString(m) }
-func (*VolumeInfo) ProtoMessage()               {}
-func (*VolumeInfo) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{9} }
+func (m *Volume) Reset()                    { *m = Volume{} }
+func (m *Volume) String() string            { return proto.CompactTextString(m) }
+func (*Volume) ProtoMessage()               {}
+func (*Volume) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{11} }
 
-func (m *VolumeInfo) GetCapacityBytes() uint64 {
+func (m *Volume) GetCapacityBytes() int64 {
 	if m != nil {
 		return m.CapacityBytes
 	}
 	return 0
 }
 
-func (m *VolumeInfo) GetId() string {
+func (m *Volume) GetId() string {
 	if m != nil {
 		return m.Id
 	}
 	return ""
 }
 
-func (m *VolumeInfo) GetAttributes() map[string]string {
+func (m *Volume) GetAttributes() map[string]string {
 	if m != nil {
 		return m.Attributes
 	}
 	return nil
 }
 
-// //////
-// //////
 type DeleteVolumeRequest struct {
-	// The API version assumed by the CO. This field is REQUIRED.
-	Version *Version `protobuf:"bytes,1,opt,name=version" json:"version,omitempty"`
 	// The ID of the volume to be deprovisioned.
 	// This field is REQUIRED.
-	VolumeId string `protobuf:"bytes,2,opt,name=volume_id,json=volumeId" json:"volume_id,omitempty"`
-	// End user credentials used to authenticate/authorize volume deletion
-	// request.
-	// This field contains credential data, for example username and
-	// password. Each key must consist of alphanumeric characters, '-',
-	// '_' or '.'. Each value MUST contain a valid string. An SP MAY
-	// choose to accept binary (non-string) data by using a binary-to-text
-	// encoding scheme, like base64. An SP SHALL advertise the
-	// requirements for credentials in documentation. COs SHALL permit
-	// users to pass through the required credentials. This information is
-	// sensitive and MUST be treated as such (not logged, etc.) by the CO.
+	VolumeId string `protobuf:"bytes,1,opt,name=volume_id,json=volumeId" json:"volume_id,omitempty"`
+	// Secrets required by plugin to complete volume deletion request.
+	// A secret is a string to string map where the key identifies the
+	// name of the secret (e.g. "username" or "password"), and the value
+	// contains the secret data (e.g. "bob" or "abc123").
+	// Each key MUST consist of alphanumeric characters, '-', '_' or '.'.
+	// Each value MUST contain a valid string. An SP MAY choose to accept
+	// binary (non-string) data by using a binary-to-text encoding scheme,
+	// like base64.
+	// An SP SHALL advertise the requirements for required secret keys and
+	// values in documentation.
+	// CO SHALL permit passing through the required secrets.
+	// A CO MAY pass the same secrets to all RPCs, therefore the keys for
+	// all unique secrets that an SP expects must be unique across all CSI
+	// operations.
+	// This information is sensitive and MUST be treated as such (not
+	// logged, etc.) by the CO.
 	// This field is OPTIONAL.
-	UserCredentials map[string]string `protobuf:"bytes,3,rep,name=user_credentials,json=userCredentials" json:"user_credentials,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
+	ControllerDeleteSecrets map[string]string `protobuf:"bytes,2,rep,name=controller_delete_secrets,json=controllerDeleteSecrets" json:"controller_delete_secrets,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
 }
 
 func (m *DeleteVolumeRequest) Reset()                    { *m = DeleteVolumeRequest{} }
 func (m *DeleteVolumeRequest) String() string            { return proto.CompactTextString(m) }
 func (*DeleteVolumeRequest) ProtoMessage()               {}
-func (*DeleteVolumeRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{10} }
-
-func (m *DeleteVolumeRequest) GetVersion() *Version {
-	if m != nil {
-		return m.Version
-	}
-	return nil
-}
+func (*DeleteVolumeRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{12} }
 
 func (m *DeleteVolumeRequest) GetVolumeId() string {
 	if m != nil {
@@ -715,9 +822,9 @@ func (m *DeleteVolumeRequest) GetVolumeId() string {
 	return ""
 }
 
-func (m *DeleteVolumeRequest) GetUserCredentials() map[string]string {
+func (m *DeleteVolumeRequest) GetControllerDeleteSecrets() map[string]string {
 	if m != nil {
-		return m.UserCredentials
+		return m.ControllerDeleteSecrets
 	}
 	return nil
 }
@@ -728,54 +835,50 @@ type DeleteVolumeResponse struct {
 func (m *DeleteVolumeResponse) Reset()                    { *m = DeleteVolumeResponse{} }
 func (m *DeleteVolumeResponse) String() string            { return proto.CompactTextString(m) }
 func (*DeleteVolumeResponse) ProtoMessage()               {}
-func (*DeleteVolumeResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{11} }
+func (*DeleteVolumeResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{13} }
 
-// //////
-// //////
 type ControllerPublishVolumeRequest struct {
-	// The API version assumed by the CO. This field is REQUIRED.
-	Version *Version `protobuf:"bytes,1,opt,name=version" json:"version,omitempty"`
 	// The ID of the volume to be used on a node.
 	// This field is REQUIRED.
-	VolumeId string `protobuf:"bytes,2,opt,name=volume_id,json=volumeId" json:"volume_id,omitempty"`
+	VolumeId string `protobuf:"bytes,1,opt,name=volume_id,json=volumeId" json:"volume_id,omitempty"`
 	// The ID of the node. This field is REQUIRED. The CO SHALL set this
-	// field to match the node ID returned by `GetNodeID`.
-	NodeId string `protobuf:"bytes,3,opt,name=node_id,json=nodeId" json:"node_id,omitempty"`
+	// field to match the node ID returned by `NodeGetId`.
+	NodeId string `protobuf:"bytes,2,opt,name=node_id,json=nodeId" json:"node_id,omitempty"`
 	// The capability of the volume the CO expects the volume to have.
 	// This is a REQUIRED field.
-	VolumeCapability *VolumeCapability `protobuf:"bytes,4,opt,name=volume_capability,json=volumeCapability" json:"volume_capability,omitempty"`
+	VolumeCapability *VolumeCapability `protobuf:"bytes,3,opt,name=volume_capability,json=volumeCapability" json:"volume_capability,omitempty"`
 	// Whether to publish the volume in readonly mode. This field is
 	// REQUIRED.
-	Readonly bool `protobuf:"varint,5,opt,name=readonly" json:"readonly,omitempty"`
-	// End user credentials used to authenticate/authorize controller
-	// publish request.
-	// This field contains credential data, for example username and
-	// password. Each key must consist of alphanumeric characters, '-',
-	// '_' or '.'. Each value MUST contain a valid string. An SP MAY
-	// choose to accept binary (non-string) data by using a binary-to-text
-	// encoding scheme, like base64. An SP SHALL advertise the
-	// requirements for credentials in documentation. COs SHALL permit
-	// users to pass through the required credentials. This information is
-	// sensitive and MUST be treated as such (not logged, etc.) by the CO.
+	Readonly bool `protobuf:"varint,4,opt,name=readonly" json:"readonly,omitempty"`
+	// Secrets required by plugin to complete controller publish volume
+	// request.
+	// A secret is a string to string map where the key identifies the
+	// name of the secret (e.g. "username" or "password"), and the value
+	// contains the secret data (e.g. "bob" or "abc123").
+	// Each key MUST consist of alphanumeric characters, '-', '_' or '.'.
+	// Each value MUST contain a valid string. An SP MAY choose to accept
+	// binary (non-string) data by using a binary-to-text encoding scheme,
+	// like base64.
+	// An SP SHALL advertise the requirements for required secret keys and
+	// values in documentation.
+	// CO SHALL permit passing through the required secrets.
+	// A CO MAY pass the same secrets to all RPCs, therefore the keys for
+	// all unique secrets that an SP expects must be unique across all CSI
+	// operations.
+	// This information is sensitive and MUST be treated as such (not
+	// logged, etc.) by the CO.
 	// This field is OPTIONAL.
-	UserCredentials map[string]string `protobuf:"bytes,6,rep,name=user_credentials,json=userCredentials" json:"user_credentials,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
+	ControllerPublishSecrets map[string]string `protobuf:"bytes,5,rep,name=controller_publish_secrets,json=controllerPublishSecrets" json:"controller_publish_secrets,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
 	// Attributes of the volume to be used on a node. This field is
-	// OPTIONAL and MUST match the attributes of the VolumeInfo identified
+	// OPTIONAL and MUST match the attributes of the Volume identified
 	// by `volume_id`.
-	VolumeAttributes map[string]string `protobuf:"bytes,7,rep,name=volume_attributes,json=volumeAttributes" json:"volume_attributes,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
+	VolumeAttributes map[string]string `protobuf:"bytes,6,rep,name=volume_attributes,json=volumeAttributes" json:"volume_attributes,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
 }
 
 func (m *ControllerPublishVolumeRequest) Reset()                    { *m = ControllerPublishVolumeRequest{} }
 func (m *ControllerPublishVolumeRequest) String() string            { return proto.CompactTextString(m) }
 func (*ControllerPublishVolumeRequest) ProtoMessage()               {}
-func (*ControllerPublishVolumeRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{12} }
-
-func (m *ControllerPublishVolumeRequest) GetVersion() *Version {
-	if m != nil {
-		return m.Version
-	}
-	return nil
-}
+func (*ControllerPublishVolumeRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{14} }
 
 func (m *ControllerPublishVolumeRequest) GetVolumeId() string {
 	if m != nil {
@@ -805,9 +908,9 @@ func (m *ControllerPublishVolumeRequest) GetReadonly() bool {
 	return false
 }
 
-func (m *ControllerPublishVolumeRequest) GetUserCredentials() map[string]string {
+func (m *ControllerPublishVolumeRequest) GetControllerPublishSecrets() map[string]string {
 	if m != nil {
-		return m.UserCredentials
+		return m.ControllerPublishSecrets
 	}
 	return nil
 }
@@ -821,64 +924,63 @@ func (m *ControllerPublishVolumeRequest) GetVolumeAttributes() map[string]string
 
 type ControllerPublishVolumeResponse struct {
 	// The SP specific information that will be passed to the Plugin in
-	// the subsequent `NodePublishVolume` call for the given volume.
+	// the subsequent `NodeStageVolume` or `NodePublishVolume` calls
+	// for the given volume.
 	// This information is opaque to the CO. This field is OPTIONAL.
-	PublishVolumeInfo map[string]string `protobuf:"bytes,1,rep,name=publish_volume_info,json=publishVolumeInfo" json:"publish_volume_info,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
+	PublishInfo map[string]string `protobuf:"bytes,1,rep,name=publish_info,json=publishInfo" json:"publish_info,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
 }
 
 func (m *ControllerPublishVolumeResponse) Reset()         { *m = ControllerPublishVolumeResponse{} }
 func (m *ControllerPublishVolumeResponse) String() string { return proto.CompactTextString(m) }
 func (*ControllerPublishVolumeResponse) ProtoMessage()    {}
 func (*ControllerPublishVolumeResponse) Descriptor() ([]byte, []int) {
-	return fileDescriptor0, []int{13}
+	return fileDescriptor0, []int{15}
 }
 
-func (m *ControllerPublishVolumeResponse) GetPublishVolumeInfo() map[string]string {
+func (m *ControllerPublishVolumeResponse) GetPublishInfo() map[string]string {
 	if m != nil {
-		return m.PublishVolumeInfo
+		return m.PublishInfo
 	}
 	return nil
 }
 
-// //////
-// //////
 type ControllerUnpublishVolumeRequest struct {
-	// The API version assumed by the CO. This field is REQUIRED.
-	Version *Version `protobuf:"bytes,1,opt,name=version" json:"version,omitempty"`
 	// The ID of the volume. This field is REQUIRED.
-	VolumeId string `protobuf:"bytes,2,opt,name=volume_id,json=volumeId" json:"volume_id,omitempty"`
+	VolumeId string `protobuf:"bytes,1,opt,name=volume_id,json=volumeId" json:"volume_id,omitempty"`
 	// The ID of the node. This field is OPTIONAL. The CO SHOULD set this
-	// field to match the node ID returned by `GetNodeID` or leave it
+	// field to match the node ID returned by `NodeGetId` or leave it
 	// unset. If the value is set, the SP MUST unpublish the volume from
 	// the specified node. If the value is unset, the SP MUST unpublish
 	// the volume from all nodes it is published to.
-	NodeId string `protobuf:"bytes,3,opt,name=node_id,json=nodeId" json:"node_id,omitempty"`
-	// End user credentials used to authenticate/authorize controller
-	// unpublish request.
-	// This field contains credential data, for example username and
-	// password. Each key must consist of alphanumeric characters, '-',
-	// '_' or '.'. Each value MUST contain a valid string. An SP MAY
-	// choose to accept binary (non-string) data by using a binary-to-text
-	// encoding scheme, like base64. An SP SHALL advertise the
-	// requirements for credentials in documentation. COs SHALL permit
-	// users to pass through the required credentials. This information is
-	// sensitive and MUST be treated as such (not logged, etc.) by the CO.
+	NodeId string `protobuf:"bytes,2,opt,name=node_id,json=nodeId" json:"node_id,omitempty"`
+	// Secrets required by plugin to complete controller unpublish volume
+	// request. This SHOULD be the same secrets passed to the
+	// ControllerPublishVolume.
+	// call for the specified volume.
+	// A secret is a string to string map where the key identifies the
+	// name of the secret (e.g. "username" or "password"), and the value
+	// contains the secret data (e.g. "bob" or "abc123").
+	// Each key MUST consist of alphanumeric characters, '-', '_' or '.'.
+	// Each value MUST contain a valid string. An SP MAY choose to accept
+	// binary (non-string) data by using a binary-to-text encoding scheme,
+	// like base64.
+	// An SP SHALL advertise the requirements for required secret keys and
+	// values in documentation.
+	// CO SHALL permit passing through the required secrets.
+	// A CO MAY pass the same secrets to all RPCs, therefore the keys for
+	// all unique secrets that an SP expects must be unique across all CSI
+	// operations.
+	// This information is sensitive and MUST be treated as such (not
+	// logged, etc.) by the CO.
 	// This field is OPTIONAL.
-	UserCredentials map[string]string `protobuf:"bytes,4,rep,name=user_credentials,json=userCredentials" json:"user_credentials,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
+	ControllerUnpublishSecrets map[string]string `protobuf:"bytes,3,rep,name=controller_unpublish_secrets,json=controllerUnpublishSecrets" json:"controller_unpublish_secrets,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
 }
 
 func (m *ControllerUnpublishVolumeRequest) Reset()         { *m = ControllerUnpublishVolumeRequest{} }
 func (m *ControllerUnpublishVolumeRequest) String() string { return proto.CompactTextString(m) }
 func (*ControllerUnpublishVolumeRequest) ProtoMessage()    {}
 func (*ControllerUnpublishVolumeRequest) Descriptor() ([]byte, []int) {
-	return fileDescriptor0, []int{14}
-}
-
-func (m *ControllerUnpublishVolumeRequest) GetVersion() *Version {
-	if m != nil {
-		return m.Version
-	}
-	return nil
+	return fileDescriptor0, []int{16}
 }
 
 func (m *ControllerUnpublishVolumeRequest) GetVolumeId() string {
@@ -895,9 +997,9 @@ func (m *ControllerUnpublishVolumeRequest) GetNodeId() string {
 	return ""
 }
 
-func (m *ControllerUnpublishVolumeRequest) GetUserCredentials() map[string]string {
+func (m *ControllerUnpublishVolumeRequest) GetControllerUnpublishSecrets() map[string]string {
 	if m != nil {
-		return m.UserCredentials
+		return m.ControllerUnpublishSecrets
 	}
 	return nil
 }
@@ -909,37 +1011,26 @@ func (m *ControllerUnpublishVolumeResponse) Reset()         { *m = ControllerUnp
 func (m *ControllerUnpublishVolumeResponse) String() string { return proto.CompactTextString(m) }
 func (*ControllerUnpublishVolumeResponse) ProtoMessage()    {}
 func (*ControllerUnpublishVolumeResponse) Descriptor() ([]byte, []int) {
-	return fileDescriptor0, []int{15}
+	return fileDescriptor0, []int{17}
 }
 
-// //////
-// //////
 type ValidateVolumeCapabilitiesRequest struct {
-	// The API version assumed by the CO. This is a REQUIRED field.
-	Version *Version `protobuf:"bytes,1,opt,name=version" json:"version,omitempty"`
 	// The ID of the volume to check. This field is REQUIRED.
-	VolumeId string `protobuf:"bytes,2,opt,name=volume_id,json=volumeId" json:"volume_id,omitempty"`
+	VolumeId string `protobuf:"bytes,1,opt,name=volume_id,json=volumeId" json:"volume_id,omitempty"`
 	// The capabilities that the CO wants to check for the volume. This
 	// call SHALL return "supported" only if all the volume capabilities
 	// specified below are supported. This field is REQUIRED.
-	VolumeCapabilities []*VolumeCapability `protobuf:"bytes,3,rep,name=volume_capabilities,json=volumeCapabilities" json:"volume_capabilities,omitempty"`
+	VolumeCapabilities []*VolumeCapability `protobuf:"bytes,2,rep,name=volume_capabilities,json=volumeCapabilities" json:"volume_capabilities,omitempty"`
 	// Attributes of the volume to check. This field is OPTIONAL and MUST
-	// match the attributes of the VolumeInfo identified by `volume_id`.
-	VolumeAttributes map[string]string `protobuf:"bytes,4,rep,name=volume_attributes,json=volumeAttributes" json:"volume_attributes,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
+	// match the attributes of the Volume identified by `volume_id`.
+	VolumeAttributes map[string]string `protobuf:"bytes,3,rep,name=volume_attributes,json=volumeAttributes" json:"volume_attributes,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
 }
 
 func (m *ValidateVolumeCapabilitiesRequest) Reset()         { *m = ValidateVolumeCapabilitiesRequest{} }
 func (m *ValidateVolumeCapabilitiesRequest) String() string { return proto.CompactTextString(m) }
 func (*ValidateVolumeCapabilitiesRequest) ProtoMessage()    {}
 func (*ValidateVolumeCapabilitiesRequest) Descriptor() ([]byte, []int) {
-	return fileDescriptor0, []int{16}
-}
-
-func (m *ValidateVolumeCapabilitiesRequest) GetVersion() *Version {
-	if m != nil {
-		return m.Version
-	}
-	return nil
+	return fileDescriptor0, []int{18}
 }
 
 func (m *ValidateVolumeCapabilitiesRequest) GetVolumeId() string {
@@ -977,7 +1068,7 @@ func (m *ValidateVolumeCapabilitiesResponse) Reset()         { *m = ValidateVolu
 func (m *ValidateVolumeCapabilitiesResponse) String() string { return proto.CompactTextString(m) }
 func (*ValidateVolumeCapabilitiesResponse) ProtoMessage()    {}
 func (*ValidateVolumeCapabilitiesResponse) Descriptor() ([]byte, []int) {
-	return fileDescriptor0, []int{17}
+	return fileDescriptor0, []int{19}
 }
 
 func (m *ValidateVolumeCapabilitiesResponse) GetSupported() bool {
@@ -994,11 +1085,7 @@ func (m *ValidateVolumeCapabilitiesResponse) GetMessage() string {
 	return ""
 }
 
-// //////
-// //////
 type ListVolumesRequest struct {
-	// The API version assumed by the CO. This field is REQUIRED.
-	Version *Version `protobuf:"bytes,1,opt,name=version" json:"version,omitempty"`
 	// If specified (non-zero value), the Plugin MUST NOT return more
 	// entries than this number in the response. If the actual number of
 	// entries is more than this number, the Plugin MUST set `next_token`
@@ -1006,27 +1093,21 @@ type ListVolumesRequest struct {
 	// in the subsequent `ListVolumes` call. This field is OPTIONAL. If
 	// not specified (zero value), it means there is no restriction on the
 	// number of entries that can be returned.
-	MaxEntries uint32 `protobuf:"varint,2,opt,name=max_entries,json=maxEntries" json:"max_entries,omitempty"`
+	// The value of this field MUST NOT be negative.
+	MaxEntries int32 `protobuf:"varint,1,opt,name=max_entries,json=maxEntries" json:"max_entries,omitempty"`
 	// A token to specify where to start paginating. Set this field to
 	// `next_token` returned by a previous `ListVolumes` call to get the
 	// next page of entries. This field is OPTIONAL.
 	// An empty string is equal to an unspecified field value.
-	StartingToken string `protobuf:"bytes,3,opt,name=starting_token,json=startingToken" json:"starting_token,omitempty"`
+	StartingToken string `protobuf:"bytes,2,opt,name=starting_token,json=startingToken" json:"starting_token,omitempty"`
 }
 
 func (m *ListVolumesRequest) Reset()                    { *m = ListVolumesRequest{} }
 func (m *ListVolumesRequest) String() string            { return proto.CompactTextString(m) }
 func (*ListVolumesRequest) ProtoMessage()               {}
-func (*ListVolumesRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{18} }
+func (*ListVolumesRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{20} }
 
-func (m *ListVolumesRequest) GetVersion() *Version {
-	if m != nil {
-		return m.Version
-	}
-	return nil
-}
-
-func (m *ListVolumesRequest) GetMaxEntries() uint32 {
+func (m *ListVolumesRequest) GetMaxEntries() int32 {
 	if m != nil {
 		return m.MaxEntries
 	}
@@ -1054,7 +1135,7 @@ type ListVolumesResponse struct {
 func (m *ListVolumesResponse) Reset()                    { *m = ListVolumesResponse{} }
 func (m *ListVolumesResponse) String() string            { return proto.CompactTextString(m) }
 func (*ListVolumesResponse) ProtoMessage()               {}
-func (*ListVolumesResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{19} }
+func (*ListVolumesResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{21} }
 
 func (m *ListVolumesResponse) GetEntries() []*ListVolumesResponse_Entry {
 	if m != nil {
@@ -1071,50 +1152,39 @@ func (m *ListVolumesResponse) GetNextToken() string {
 }
 
 type ListVolumesResponse_Entry struct {
-	VolumeInfo *VolumeInfo `protobuf:"bytes,1,opt,name=volume_info,json=volumeInfo" json:"volume_info,omitempty"`
+	Volume *Volume `protobuf:"bytes,1,opt,name=volume" json:"volume,omitempty"`
 }
 
 func (m *ListVolumesResponse_Entry) Reset()                    { *m = ListVolumesResponse_Entry{} }
 func (m *ListVolumesResponse_Entry) String() string            { return proto.CompactTextString(m) }
 func (*ListVolumesResponse_Entry) ProtoMessage()               {}
-func (*ListVolumesResponse_Entry) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{19, 0} }
+func (*ListVolumesResponse_Entry) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{21, 0} }
 
-func (m *ListVolumesResponse_Entry) GetVolumeInfo() *VolumeInfo {
+func (m *ListVolumesResponse_Entry) GetVolume() *Volume {
 	if m != nil {
-		return m.VolumeInfo
+		return m.Volume
 	}
 	return nil
 }
 
-// //////
-// //////
 type GetCapacityRequest struct {
-	// The API version assumed by the CO. This is a REQUIRED field.
-	Version *Version `protobuf:"bytes,1,opt,name=version" json:"version,omitempty"`
 	// If specified, the Plugin SHALL report the capacity of the storage
 	// that can be used to provision volumes that satisfy ALL of the
 	// specified `volume_capabilities`. These are the same
 	// `volume_capabilities` the CO will use in `CreateVolumeRequest`.
 	// This field is OPTIONAL.
-	VolumeCapabilities []*VolumeCapability `protobuf:"bytes,2,rep,name=volume_capabilities,json=volumeCapabilities" json:"volume_capabilities,omitempty"`
+	VolumeCapabilities []*VolumeCapability `protobuf:"bytes,1,rep,name=volume_capabilities,json=volumeCapabilities" json:"volume_capabilities,omitempty"`
 	// If specified, the Plugin SHALL report the capacity of the storage
 	// that can be used to provision volumes with the given Plugin
 	// specific `parameters`. These are the same `parameters` the CO will
 	// use in `CreateVolumeRequest`. This field is OPTIONAL.
-	Parameters map[string]string `protobuf:"bytes,3,rep,name=parameters" json:"parameters,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
+	Parameters map[string]string `protobuf:"bytes,2,rep,name=parameters" json:"parameters,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
 }
 
 func (m *GetCapacityRequest) Reset()                    { *m = GetCapacityRequest{} }
 func (m *GetCapacityRequest) String() string            { return proto.CompactTextString(m) }
 func (*GetCapacityRequest) ProtoMessage()               {}
-func (*GetCapacityRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{20} }
-
-func (m *GetCapacityRequest) GetVersion() *Version {
-	if m != nil {
-		return m.Version
-	}
-	return nil
-}
+func (*GetCapacityRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{22} }
 
 func (m *GetCapacityRequest) GetVolumeCapabilities() []*VolumeCapability {
 	if m != nil {
@@ -1136,53 +1206,23 @@ type GetCapacityResponse struct {
 	// specified in the request, the Plugin SHALL take those into
 	// consideration when calculating the available capacity of the
 	// storage. This field is REQUIRED.
-	AvailableCapacity uint64 `protobuf:"varint,1,opt,name=available_capacity,json=availableCapacity" json:"available_capacity,omitempty"`
+	// The value of this field MUST NOT be negative.
+	AvailableCapacity int64 `protobuf:"varint,1,opt,name=available_capacity,json=availableCapacity" json:"available_capacity,omitempty"`
 }
 
 func (m *GetCapacityResponse) Reset()                    { *m = GetCapacityResponse{} }
 func (m *GetCapacityResponse) String() string            { return proto.CompactTextString(m) }
 func (*GetCapacityResponse) ProtoMessage()               {}
-func (*GetCapacityResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{21} }
+func (*GetCapacityResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{23} }
 
-func (m *GetCapacityResponse) GetAvailableCapacity() uint64 {
+func (m *GetCapacityResponse) GetAvailableCapacity() int64 {
 	if m != nil {
 		return m.AvailableCapacity
 	}
 	return 0
 }
 
-// //////
-// //////
-type ControllerProbeRequest struct {
-	// The API version assumed by the CO. This is a REQUIRED field.
-	Version *Version `protobuf:"bytes,1,opt,name=version" json:"version,omitempty"`
-}
-
-func (m *ControllerProbeRequest) Reset()                    { *m = ControllerProbeRequest{} }
-func (m *ControllerProbeRequest) String() string            { return proto.CompactTextString(m) }
-func (*ControllerProbeRequest) ProtoMessage()               {}
-func (*ControllerProbeRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{22} }
-
-func (m *ControllerProbeRequest) GetVersion() *Version {
-	if m != nil {
-		return m.Version
-	}
-	return nil
-}
-
-type ControllerProbeResponse struct {
-}
-
-func (m *ControllerProbeResponse) Reset()                    { *m = ControllerProbeResponse{} }
-func (m *ControllerProbeResponse) String() string            { return proto.CompactTextString(m) }
-func (*ControllerProbeResponse) ProtoMessage()               {}
-func (*ControllerProbeResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{23} }
-
-// //////
-// //////
 type ControllerGetCapabilitiesRequest struct {
-	// The API version assumed by the CO. This is a REQUIRED field.
-	Version *Version `protobuf:"bytes,1,opt,name=version" json:"version,omitempty"`
 }
 
 func (m *ControllerGetCapabilitiesRequest) Reset()         { *m = ControllerGetCapabilitiesRequest{} }
@@ -1192,13 +1232,6 @@ func (*ControllerGetCapabilitiesRequest) Descriptor() ([]byte, []int) {
 	return fileDescriptor0, []int{24}
 }
 
-func (m *ControllerGetCapabilitiesRequest) GetVersion() *Version {
-	if m != nil {
-		return m.Version
-	}
-	return nil
-}
-
 type ControllerGetCapabilitiesResponse struct {
 	// All the capabilities that the controller service supports. This
 	// field is OPTIONAL.
@@ -1311,7 +1344,7 @@ func _ControllerServiceCapability_OneofSizer(msg proto.Message) (n int) {
 }
 
 type ControllerServiceCapability_RPC struct {
-	Type ControllerServiceCapability_RPC_Type `protobuf:"varint,1,opt,name=type,enum=csi.ControllerServiceCapability_RPC_Type" json:"type,omitempty"`
+	Type ControllerServiceCapability_RPC_Type `protobuf:"varint,1,opt,name=type,enum=csi.v0.ControllerServiceCapability_RPC_Type" json:"type,omitempty"`
 }
 
 func (m *ControllerServiceCapability_RPC) Reset()         { *m = ControllerServiceCapability_RPC{} }
@@ -1328,22 +1361,160 @@ func (m *ControllerServiceCapability_RPC) GetType() ControllerServiceCapability_
 	return ControllerServiceCapability_RPC_UNKNOWN
 }
 
-// //////
-// //////
+type NodeStageVolumeRequest struct {
+	// The ID of the volume to publish. This field is REQUIRED.
+	VolumeId string `protobuf:"bytes,1,opt,name=volume_id,json=volumeId" json:"volume_id,omitempty"`
+	// The CO SHALL set this field to the value returned by
+	// `ControllerPublishVolume` if the corresponding Controller Plugin
+	// has `PUBLISH_UNPUBLISH_VOLUME` controller capability, and SHALL be
+	// left unset if the corresponding Controller Plugin does not have
+	// this capability. This is an OPTIONAL field.
+	PublishInfo map[string]string `protobuf:"bytes,2,rep,name=publish_info,json=publishInfo" json:"publish_info,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
+	// The path to which the volume will be published. It MUST be an
+	// absolute path in the root filesystem of the process serving this
+	// request. The CO SHALL ensure that there is only one
+	// staging_target_path per volume.
+	// This is a REQUIRED field.
+	StagingTargetPath string `protobuf:"bytes,3,opt,name=staging_target_path,json=stagingTargetPath" json:"staging_target_path,omitempty"`
+	// The capability of the volume the CO expects the volume to have.
+	// This is a REQUIRED field.
+	VolumeCapability *VolumeCapability `protobuf:"bytes,4,opt,name=volume_capability,json=volumeCapability" json:"volume_capability,omitempty"`
+	// Secrets required by plugin to complete node stage volume request.
+	// A secret is a string to string map where the key identifies the
+	// name of the secret (e.g. "username" or "password"), and the value
+	// contains the secret data (e.g. "bob" or "abc123").
+	// Each key MUST consist of alphanumeric characters, '-', '_' or '.'.
+	// Each value MUST contain a valid string. An SP MAY choose to accept
+	// binary (non-string) data by using a binary-to-text encoding scheme,
+	// like base64.
+	// An SP SHALL advertise the requirements for required secret keys and
+	// values in documentation.
+	// CO SHALL permit passing through the required secrets.
+	// A CO MAY pass the same secrets to all RPCs, therefore the keys for
+	// all unique secrets that an SP expects must be unique across all CSI
+	// operations.
+	// This information is sensitive and MUST be treated as such (not
+	// logged, etc.) by the CO.
+	// This field is OPTIONAL.
+	NodeStageSecrets map[string]string `protobuf:"bytes,5,rep,name=node_stage_secrets,json=nodeStageSecrets" json:"node_stage_secrets,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
+	// Attributes of the volume to publish. This field is OPTIONAL and
+	// MUST match the attributes of the VolumeInfo identified by
+	// `volume_id`.
+	VolumeAttributes map[string]string `protobuf:"bytes,6,rep,name=volume_attributes,json=volumeAttributes" json:"volume_attributes,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
+}
+
+func (m *NodeStageVolumeRequest) Reset()                    { *m = NodeStageVolumeRequest{} }
+func (m *NodeStageVolumeRequest) String() string            { return proto.CompactTextString(m) }
+func (*NodeStageVolumeRequest) ProtoMessage()               {}
+func (*NodeStageVolumeRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{27} }
+
+func (m *NodeStageVolumeRequest) GetVolumeId() string {
+	if m != nil {
+		return m.VolumeId
+	}
+	return ""
+}
+
+func (m *NodeStageVolumeRequest) GetPublishInfo() map[string]string {
+	if m != nil {
+		return m.PublishInfo
+	}
+	return nil
+}
+
+func (m *NodeStageVolumeRequest) GetStagingTargetPath() string {
+	if m != nil {
+		return m.StagingTargetPath
+	}
+	return ""
+}
+
+func (m *NodeStageVolumeRequest) GetVolumeCapability() *VolumeCapability {
+	if m != nil {
+		return m.VolumeCapability
+	}
+	return nil
+}
+
+func (m *NodeStageVolumeRequest) GetNodeStageSecrets() map[string]string {
+	if m != nil {
+		return m.NodeStageSecrets
+	}
+	return nil
+}
+
+func (m *NodeStageVolumeRequest) GetVolumeAttributes() map[string]string {
+	if m != nil {
+		return m.VolumeAttributes
+	}
+	return nil
+}
+
+type NodeStageVolumeResponse struct {
+}
+
+func (m *NodeStageVolumeResponse) Reset()                    { *m = NodeStageVolumeResponse{} }
+func (m *NodeStageVolumeResponse) String() string            { return proto.CompactTextString(m) }
+func (*NodeStageVolumeResponse) ProtoMessage()               {}
+func (*NodeStageVolumeResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{28} }
+
+type NodeUnstageVolumeRequest struct {
+	// The ID of the volume. This field is REQUIRED.
+	VolumeId string `protobuf:"bytes,1,opt,name=volume_id,json=volumeId" json:"volume_id,omitempty"`
+	// The path at which the volume was published. It MUST be an absolute
+	// path in the root filesystem of the process serving this request.
+	// This is a REQUIRED field.
+	StagingTargetPath string `protobuf:"bytes,2,opt,name=staging_target_path,json=stagingTargetPath" json:"staging_target_path,omitempty"`
+}
+
+func (m *NodeUnstageVolumeRequest) Reset()                    { *m = NodeUnstageVolumeRequest{} }
+func (m *NodeUnstageVolumeRequest) String() string            { return proto.CompactTextString(m) }
+func (*NodeUnstageVolumeRequest) ProtoMessage()               {}
+func (*NodeUnstageVolumeRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{29} }
+
+func (m *NodeUnstageVolumeRequest) GetVolumeId() string {
+	if m != nil {
+		return m.VolumeId
+	}
+	return ""
+}
+
+func (m *NodeUnstageVolumeRequest) GetStagingTargetPath() string {
+	if m != nil {
+		return m.StagingTargetPath
+	}
+	return ""
+}
+
+type NodeUnstageVolumeResponse struct {
+}
+
+func (m *NodeUnstageVolumeResponse) Reset()                    { *m = NodeUnstageVolumeResponse{} }
+func (m *NodeUnstageVolumeResponse) String() string            { return proto.CompactTextString(m) }
+func (*NodeUnstageVolumeResponse) ProtoMessage()               {}
+func (*NodeUnstageVolumeResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{30} }
+
 type NodePublishVolumeRequest struct {
-	// The API version assumed by the CO. This is a REQUIRED field.
-	Version *Version `protobuf:"bytes,1,opt,name=version" json:"version,omitempty"`
 	// The ID of the volume to publish. This field is REQUIRED.
-	VolumeId string `protobuf:"bytes,2,opt,name=volume_id,json=volumeId" json:"volume_id,omitempty"`
+	VolumeId string `protobuf:"bytes,1,opt,name=volume_id,json=volumeId" json:"volume_id,omitempty"`
 	// The CO SHALL set this field to the value returned by
 	// `ControllerPublishVolume` if the corresponding Controller Plugin
 	// has `PUBLISH_UNPUBLISH_VOLUME` controller capability, and SHALL be
 	// left unset if the corresponding Controller Plugin does not have
 	// this capability. This is an OPTIONAL field.
-	PublishVolumeInfo map[string]string `protobuf:"bytes,3,rep,name=publish_volume_info,json=publishVolumeInfo" json:"publish_volume_info,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
+	PublishInfo map[string]string `protobuf:"bytes,2,rep,name=publish_info,json=publishInfo" json:"publish_info,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
+	// The path to which the device was mounted by `NodeStageVolume`.
+	// It MUST be an absolute path in the root filesystem of the process
+	// serving this request.
+	// It MUST be set if the Node Plugin implements the
+	// `STAGE_UNSTAGE_VOLUME` node capability.
+	// This is an OPTIONAL field.
+	StagingTargetPath string `protobuf:"bytes,3,opt,name=staging_target_path,json=stagingTargetPath" json:"staging_target_path,omitempty"`
 	// The path to which the volume will be published. It MUST be an
 	// absolute path in the root filesystem of the process serving this
 	// request. The CO SHALL ensure uniqueness of target_path per volume.
+	// The CO SHALL ensure that the path exists, and that the process
+	// serving the request has `read` and `write` permissions to the path.
 	// This is a REQUIRED field.
 	TargetPath string `protobuf:"bytes,4,opt,name=target_path,json=targetPath" json:"target_path,omitempty"`
 	// The capability of the volume the CO expects the volume to have.
@@ -1352,20 +1523,26 @@ type NodePublishVolumeRequest struct {
 	// Whether to publish the volume in readonly mode. This field is
 	// REQUIRED.
 	Readonly bool `protobuf:"varint,6,opt,name=readonly" json:"readonly,omitempty"`
-	// End user credentials used to authenticate/authorize node
-	// publish request.
-	// This field contains credential data, for example username and
-	// password. Each key must consist of alphanumeric characters, '-',
-	// '_' or '.'. Each value MUST contain a valid string. An SP MAY
-	// choose to accept binary (non-string) data by using a binary-to-text
-	// encoding scheme, like base64. An SP SHALL advertise the
-	// requirements for credentials in documentation. COs SHALL permit
-	// users to pass through the required credentials. This information is
-	// sensitive and MUST be treated as such (not logged, etc.) by the CO.
+	// Secrets required by plugin to complete node publish volume request.
+	// A secret is a string to string map where the key identifies the
+	// name of the secret (e.g. "username" or "password"), and the value
+	// contains the secret data (e.g. "bob" or "abc123").
+	// Each key MUST consist of alphanumeric characters, '-', '_' or '.'.
+	// Each value MUST contain a valid string. An SP MAY choose to accept
+	// binary (non-string) data by using a binary-to-text encoding scheme,
+	// like base64.
+	// An SP SHALL advertise the requirements for required secret keys and
+	// values in documentation.
+	// CO SHALL permit passing through the required secrets.
+	// A CO MAY pass the same secrets to all RPCs, therefore the keys for
+	// all unique secrets that an SP expects must be unique across all CSI
+	// operations.
+	// This information is sensitive and MUST be treated as such (not
+	// logged, etc.) by the CO.
 	// This field is OPTIONAL.
-	UserCredentials map[string]string `protobuf:"bytes,7,rep,name=user_credentials,json=userCredentials" json:"user_credentials,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
+	NodePublishSecrets map[string]string `protobuf:"bytes,7,rep,name=node_publish_secrets,json=nodePublishSecrets" json:"node_publish_secrets,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
 	// Attributes of the volume to publish. This field is OPTIONAL and
-	// MUST match the attributes of the VolumeInfo identified by
+	// MUST match the attributes of the Volume identified by
 	// `volume_id`.
 	VolumeAttributes map[string]string `protobuf:"bytes,8,rep,name=volume_attributes,json=volumeAttributes" json:"volume_attributes,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
 }
@@ -1373,14 +1550,7 @@ type NodePublishVolumeRequest struct {
 func (m *NodePublishVolumeRequest) Reset()                    { *m = NodePublishVolumeRequest{} }
 func (m *NodePublishVolumeRequest) String() string            { return proto.CompactTextString(m) }
 func (*NodePublishVolumeRequest) ProtoMessage()               {}
-func (*NodePublishVolumeRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{27} }
-
-func (m *NodePublishVolumeRequest) GetVersion() *Version {
-	if m != nil {
-		return m.Version
-	}
-	return nil
-}
+func (*NodePublishVolumeRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{31} }
 
 func (m *NodePublishVolumeRequest) GetVolumeId() string {
 	if m != nil {
@@ -1389,13 +1559,20 @@ func (m *NodePublishVolumeRequest) GetVolumeId() string {
 	return ""
 }
 
-func (m *NodePublishVolumeRequest) GetPublishVolumeInfo() map[string]string {
+func (m *NodePublishVolumeRequest) GetPublishInfo() map[string]string {
 	if m != nil {
-		return m.PublishVolumeInfo
+		return m.PublishInfo
 	}
 	return nil
 }
 
+func (m *NodePublishVolumeRequest) GetStagingTargetPath() string {
+	if m != nil {
+		return m.StagingTargetPath
+	}
+	return ""
+}
+
 func (m *NodePublishVolumeRequest) GetTargetPath() string {
 	if m != nil {
 		return m.TargetPath
@@ -1417,9 +1594,9 @@ func (m *NodePublishVolumeRequest) GetReadonly() bool {
 	return false
 }
 
-func (m *NodePublishVolumeRequest) GetUserCredentials() map[string]string {
+func (m *NodePublishVolumeRequest) GetNodePublishSecrets() map[string]string {
 	if m != nil {
-		return m.UserCredentials
+		return m.NodePublishSecrets
 	}
 	return nil
 }
@@ -1437,44 +1614,21 @@ type NodePublishVolumeResponse struct {
 func (m *NodePublishVolumeResponse) Reset()                    { *m = NodePublishVolumeResponse{} }
 func (m *NodePublishVolumeResponse) String() string            { return proto.CompactTextString(m) }
 func (*NodePublishVolumeResponse) ProtoMessage()               {}
-func (*NodePublishVolumeResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{28} }
+func (*NodePublishVolumeResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{32} }
 
-// //////
-// //////
 type NodeUnpublishVolumeRequest struct {
-	// The API version assumed by the CO. This is a REQUIRED field.
-	Version *Version `protobuf:"bytes,1,opt,name=version" json:"version,omitempty"`
 	// The ID of the volume. This field is REQUIRED.
-	VolumeId string `protobuf:"bytes,2,opt,name=volume_id,json=volumeId" json:"volume_id,omitempty"`
+	VolumeId string `protobuf:"bytes,1,opt,name=volume_id,json=volumeId" json:"volume_id,omitempty"`
 	// The path at which the volume was published. It MUST be an absolute
 	// path in the root filesystem of the process serving this request.
 	// This is a REQUIRED field.
-	TargetPath string `protobuf:"bytes,3,opt,name=target_path,json=targetPath" json:"target_path,omitempty"`
-	// End user credentials used to authenticate/authorize node
-	// unpublish request.
-	// This field contains credential data, for example username and
-	// password. Each key must consist of alphanumeric characters, '-',
-	// '_' or '.'. Each value MUST contain a valid string. An SP MAY
-	// choose to accept binary (non-string) data by using a binary-to-text
-	// encoding scheme, like base64. An SP SHALL advertise the
-	// requirements for credentials in documentation. COs SHALL permit
-	// users to pass through the required credentials. This information is
-	// sensitive and MUST be treated as such (not logged, etc.) by the CO.
-	// This field is OPTIONAL.
-	UserCredentials map[string]string `protobuf:"bytes,4,rep,name=user_credentials,json=userCredentials" json:"user_credentials,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
+	TargetPath string `protobuf:"bytes,2,opt,name=target_path,json=targetPath" json:"target_path,omitempty"`
 }
 
 func (m *NodeUnpublishVolumeRequest) Reset()                    { *m = NodeUnpublishVolumeRequest{} }
 func (m *NodeUnpublishVolumeRequest) String() string            { return proto.CompactTextString(m) }
 func (*NodeUnpublishVolumeRequest) ProtoMessage()               {}
-func (*NodeUnpublishVolumeRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{29} }
-
-func (m *NodeUnpublishVolumeRequest) GetVersion() *Version {
-	if m != nil {
-		return m.Version
-	}
-	return nil
-}
+func (*NodeUnpublishVolumeRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{33} }
 
 func (m *NodeUnpublishVolumeRequest) GetVolumeId() string {
 	if m != nil {
@@ -1490,104 +1644,48 @@ func (m *NodeUnpublishVolumeRequest) GetTargetPath() string {
 	return ""
 }
 
-func (m *NodeUnpublishVolumeRequest) GetUserCredentials() map[string]string {
-	if m != nil {
-		return m.UserCredentials
-	}
-	return nil
-}
-
 type NodeUnpublishVolumeResponse struct {
 }
 
 func (m *NodeUnpublishVolumeResponse) Reset()                    { *m = NodeUnpublishVolumeResponse{} }
 func (m *NodeUnpublishVolumeResponse) String() string            { return proto.CompactTextString(m) }
 func (*NodeUnpublishVolumeResponse) ProtoMessage()               {}
-func (*NodeUnpublishVolumeResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{30} }
+func (*NodeUnpublishVolumeResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{34} }
 
-// //////
-// //////
-type GetNodeIDRequest struct {
-	// The API version assumed by the CO. This is a REQUIRED field.
-	Version *Version `protobuf:"bytes,1,opt,name=version" json:"version,omitempty"`
+type NodeGetIdRequest struct {
 }
 
-func (m *GetNodeIDRequest) Reset()                    { *m = GetNodeIDRequest{} }
-func (m *GetNodeIDRequest) String() string            { return proto.CompactTextString(m) }
-func (*GetNodeIDRequest) ProtoMessage()               {}
-func (*GetNodeIDRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{31} }
+func (m *NodeGetIdRequest) Reset()                    { *m = NodeGetIdRequest{} }
+func (m *NodeGetIdRequest) String() string            { return proto.CompactTextString(m) }
+func (*NodeGetIdRequest) ProtoMessage()               {}
+func (*NodeGetIdRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{35} }
 
-func (m *GetNodeIDRequest) GetVersion() *Version {
-	if m != nil {
-		return m.Version
-	}
-	return nil
-}
-
-type GetNodeIDResponse struct {
+type NodeGetIdResponse struct {
 	// The ID of the node as understood by the SP which SHALL be used by
 	// CO in subsequent `ControllerPublishVolume`.
 	// This is a REQUIRED field.
 	NodeId string `protobuf:"bytes,1,opt,name=node_id,json=nodeId" json:"node_id,omitempty"`
 }
 
-func (m *GetNodeIDResponse) Reset()                    { *m = GetNodeIDResponse{} }
-func (m *GetNodeIDResponse) String() string            { return proto.CompactTextString(m) }
-func (*GetNodeIDResponse) ProtoMessage()               {}
-func (*GetNodeIDResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{32} }
+func (m *NodeGetIdResponse) Reset()                    { *m = NodeGetIdResponse{} }
+func (m *NodeGetIdResponse) String() string            { return proto.CompactTextString(m) }
+func (*NodeGetIdResponse) ProtoMessage()               {}
+func (*NodeGetIdResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{36} }
 
-func (m *GetNodeIDResponse) GetNodeId() string {
+func (m *NodeGetIdResponse) GetNodeId() string {
 	if m != nil {
 		return m.NodeId
 	}
 	return ""
 }
 
-// //////
-// //////
-type NodeProbeRequest struct {
-	// The API version assumed by the CO. This is a REQUIRED field.
-	Version *Version `protobuf:"bytes,1,opt,name=version" json:"version,omitempty"`
-}
-
-func (m *NodeProbeRequest) Reset()                    { *m = NodeProbeRequest{} }
-func (m *NodeProbeRequest) String() string            { return proto.CompactTextString(m) }
-func (*NodeProbeRequest) ProtoMessage()               {}
-func (*NodeProbeRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{33} }
-
-func (m *NodeProbeRequest) GetVersion() *Version {
-	if m != nil {
-		return m.Version
-	}
-	return nil
-}
-
-type NodeProbeResponse struct {
-}
-
-func (m *NodeProbeResponse) Reset()                    { *m = NodeProbeResponse{} }
-func (m *NodeProbeResponse) String() string            { return proto.CompactTextString(m) }
-func (*NodeProbeResponse) ProtoMessage()               {}
-func (*NodeProbeResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{34} }
-
-// //////
-// //////
 type NodeGetCapabilitiesRequest struct {
-	// The API version assumed by the CO. This is a REQUIRED field.
-	Version *Version `protobuf:"bytes,1,opt,name=version" json:"version,omitempty"`
 }
 
 func (m *NodeGetCapabilitiesRequest) Reset()                    { *m = NodeGetCapabilitiesRequest{} }
 func (m *NodeGetCapabilitiesRequest) String() string            { return proto.CompactTextString(m) }
 func (*NodeGetCapabilitiesRequest) ProtoMessage()               {}
-func (*NodeGetCapabilitiesRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{35} }
-
-func (m *NodeGetCapabilitiesRequest) GetVersion() *Version {
-	if m != nil {
-		return m.Version
-	}
-	return nil
-}
+func (*NodeGetCapabilitiesRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{37} }
 
 type NodeGetCapabilitiesResponse struct {
 	// All the capabilities that the node service supports. This field
@@ -1598,7 +1696,7 @@ type NodeGetCapabilitiesResponse struct {
 func (m *NodeGetCapabilitiesResponse) Reset()                    { *m = NodeGetCapabilitiesResponse{} }
 func (m *NodeGetCapabilitiesResponse) String() string            { return proto.CompactTextString(m) }
 func (*NodeGetCapabilitiesResponse) ProtoMessage()               {}
-func (*NodeGetCapabilitiesResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{36} }
+func (*NodeGetCapabilitiesResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{38} }
 
 func (m *NodeGetCapabilitiesResponse) GetCapabilities() []*NodeServiceCapability {
 	if m != nil {
@@ -1617,7 +1715,7 @@ type NodeServiceCapability struct {
 func (m *NodeServiceCapability) Reset()                    { *m = NodeServiceCapability{} }
 func (m *NodeServiceCapability) String() string            { return proto.CompactTextString(m) }
 func (*NodeServiceCapability) ProtoMessage()               {}
-func (*NodeServiceCapability) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{37} }
+func (*NodeServiceCapability) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{39} }
 
 type isNodeServiceCapability_Type interface {
 	isNodeServiceCapability_Type()
@@ -1699,13 +1797,13 @@ func _NodeServiceCapability_OneofSizer(msg proto.Message) (n int) {
 }
 
 type NodeServiceCapability_RPC struct {
-	Type NodeServiceCapability_RPC_Type `protobuf:"varint,1,opt,name=type,enum=csi.NodeServiceCapability_RPC_Type" json:"type,omitempty"`
+	Type NodeServiceCapability_RPC_Type `protobuf:"varint,1,opt,name=type,enum=csi.v0.NodeServiceCapability_RPC_Type" json:"type,omitempty"`
 }
 
 func (m *NodeServiceCapability_RPC) Reset()                    { *m = NodeServiceCapability_RPC{} }
 func (m *NodeServiceCapability_RPC) String() string            { return proto.CompactTextString(m) }
 func (*NodeServiceCapability_RPC) ProtoMessage()               {}
-func (*NodeServiceCapability_RPC) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{37, 0} }
+func (*NodeServiceCapability_RPC) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{39, 0} }
 
 func (m *NodeServiceCapability_RPC) GetType() NodeServiceCapability_RPC_Type {
 	if m != nil {
@@ -1715,53 +1813,57 @@ func (m *NodeServiceCapability_RPC) GetType() NodeServiceCapability_RPC_Type {
 }
 
 func init() {
-	proto.RegisterType((*GetSupportedVersionsRequest)(nil), "csi.GetSupportedVersionsRequest")
-	proto.RegisterType((*GetSupportedVersionsResponse)(nil), "csi.GetSupportedVersionsResponse")
-	proto.RegisterType((*Version)(nil), "csi.Version")
-	proto.RegisterType((*GetPluginInfoRequest)(nil), "csi.GetPluginInfoRequest")
-	proto.RegisterType((*GetPluginInfoResponse)(nil), "csi.GetPluginInfoResponse")
-	proto.RegisterType((*CreateVolumeRequest)(nil), "csi.CreateVolumeRequest")
-	proto.RegisterType((*CreateVolumeResponse)(nil), "csi.CreateVolumeResponse")
-	proto.RegisterType((*VolumeCapability)(nil), "csi.VolumeCapability")
-	proto.RegisterType((*VolumeCapability_BlockVolume)(nil), "csi.VolumeCapability.BlockVolume")
-	proto.RegisterType((*VolumeCapability_MountVolume)(nil), "csi.VolumeCapability.MountVolume")
-	proto.RegisterType((*VolumeCapability_AccessMode)(nil), "csi.VolumeCapability.AccessMode")
-	proto.RegisterType((*CapacityRange)(nil), "csi.CapacityRange")
-	proto.RegisterType((*VolumeInfo)(nil), "csi.VolumeInfo")
-	proto.RegisterType((*DeleteVolumeRequest)(nil), "csi.DeleteVolumeRequest")
-	proto.RegisterType((*DeleteVolumeResponse)(nil), "csi.DeleteVolumeResponse")
-	proto.RegisterType((*ControllerPublishVolumeRequest)(nil), "csi.ControllerPublishVolumeRequest")
-	proto.RegisterType((*ControllerPublishVolumeResponse)(nil), "csi.ControllerPublishVolumeResponse")
-	proto.RegisterType((*ControllerUnpublishVolumeRequest)(nil), "csi.ControllerUnpublishVolumeRequest")
-	proto.RegisterType((*ControllerUnpublishVolumeResponse)(nil), "csi.ControllerUnpublishVolumeResponse")
-	proto.RegisterType((*ValidateVolumeCapabilitiesRequest)(nil), "csi.ValidateVolumeCapabilitiesRequest")
-	proto.RegisterType((*ValidateVolumeCapabilitiesResponse)(nil), "csi.ValidateVolumeCapabilitiesResponse")
-	proto.RegisterType((*ListVolumesRequest)(nil), "csi.ListVolumesRequest")
-	proto.RegisterType((*ListVolumesResponse)(nil), "csi.ListVolumesResponse")
-	proto.RegisterType((*ListVolumesResponse_Entry)(nil), "csi.ListVolumesResponse.Entry")
-	proto.RegisterType((*GetCapacityRequest)(nil), "csi.GetCapacityRequest")
-	proto.RegisterType((*GetCapacityResponse)(nil), "csi.GetCapacityResponse")
-	proto.RegisterType((*ControllerProbeRequest)(nil), "csi.ControllerProbeRequest")
-	proto.RegisterType((*ControllerProbeResponse)(nil), "csi.ControllerProbeResponse")
-	proto.RegisterType((*ControllerGetCapabilitiesRequest)(nil), "csi.ControllerGetCapabilitiesRequest")
-	proto.RegisterType((*ControllerGetCapabilitiesResponse)(nil), "csi.ControllerGetCapabilitiesResponse")
-	proto.RegisterType((*ControllerServiceCapability)(nil), "csi.ControllerServiceCapability")
-	proto.RegisterType((*ControllerServiceCapability_RPC)(nil), "csi.ControllerServiceCapability.RPC")
-	proto.RegisterType((*NodePublishVolumeRequest)(nil), "csi.NodePublishVolumeRequest")
-	proto.RegisterType((*NodePublishVolumeResponse)(nil), "csi.NodePublishVolumeResponse")
-	proto.RegisterType((*NodeUnpublishVolumeRequest)(nil), "csi.NodeUnpublishVolumeRequest")
-	proto.RegisterType((*NodeUnpublishVolumeResponse)(nil), "csi.NodeUnpublishVolumeResponse")
-	proto.RegisterType((*GetNodeIDRequest)(nil), "csi.GetNodeIDRequest")
-	proto.RegisterType((*GetNodeIDResponse)(nil), "csi.GetNodeIDResponse")
-	proto.RegisterType((*NodeProbeRequest)(nil), "csi.NodeProbeRequest")
-	proto.RegisterType((*NodeProbeResponse)(nil), "csi.NodeProbeResponse")
-	proto.RegisterType((*NodeGetCapabilitiesRequest)(nil), "csi.NodeGetCapabilitiesRequest")
-	proto.RegisterType((*NodeGetCapabilitiesResponse)(nil), "csi.NodeGetCapabilitiesResponse")
-	proto.RegisterType((*NodeServiceCapability)(nil), "csi.NodeServiceCapability")
-	proto.RegisterType((*NodeServiceCapability_RPC)(nil), "csi.NodeServiceCapability.RPC")
-	proto.RegisterEnum("csi.VolumeCapability_AccessMode_Mode", VolumeCapability_AccessMode_Mode_name, VolumeCapability_AccessMode_Mode_value)
-	proto.RegisterEnum("csi.ControllerServiceCapability_RPC_Type", ControllerServiceCapability_RPC_Type_name, ControllerServiceCapability_RPC_Type_value)
-	proto.RegisterEnum("csi.NodeServiceCapability_RPC_Type", NodeServiceCapability_RPC_Type_name, NodeServiceCapability_RPC_Type_value)
+	proto.RegisterType((*GetPluginInfoRequest)(nil), "csi.v0.GetPluginInfoRequest")
+	proto.RegisterType((*GetPluginInfoResponse)(nil), "csi.v0.GetPluginInfoResponse")
+	proto.RegisterType((*GetPluginCapabilitiesRequest)(nil), "csi.v0.GetPluginCapabilitiesRequest")
+	proto.RegisterType((*GetPluginCapabilitiesResponse)(nil), "csi.v0.GetPluginCapabilitiesResponse")
+	proto.RegisterType((*PluginCapability)(nil), "csi.v0.PluginCapability")
+	proto.RegisterType((*PluginCapability_Service)(nil), "csi.v0.PluginCapability.Service")
+	proto.RegisterType((*ProbeRequest)(nil), "csi.v0.ProbeRequest")
+	proto.RegisterType((*ProbeResponse)(nil), "csi.v0.ProbeResponse")
+	proto.RegisterType((*CreateVolumeRequest)(nil), "csi.v0.CreateVolumeRequest")
+	proto.RegisterType((*CreateVolumeResponse)(nil), "csi.v0.CreateVolumeResponse")
+	proto.RegisterType((*VolumeCapability)(nil), "csi.v0.VolumeCapability")
+	proto.RegisterType((*VolumeCapability_BlockVolume)(nil), "csi.v0.VolumeCapability.BlockVolume")
+	proto.RegisterType((*VolumeCapability_MountVolume)(nil), "csi.v0.VolumeCapability.MountVolume")
+	proto.RegisterType((*VolumeCapability_AccessMode)(nil), "csi.v0.VolumeCapability.AccessMode")
+	proto.RegisterType((*CapacityRange)(nil), "csi.v0.CapacityRange")
+	proto.RegisterType((*Volume)(nil), "csi.v0.Volume")
+	proto.RegisterType((*DeleteVolumeRequest)(nil), "csi.v0.DeleteVolumeRequest")
+	proto.RegisterType((*DeleteVolumeResponse)(nil), "csi.v0.DeleteVolumeResponse")
+	proto.RegisterType((*ControllerPublishVolumeRequest)(nil), "csi.v0.ControllerPublishVolumeRequest")
+	proto.RegisterType((*ControllerPublishVolumeResponse)(nil), "csi.v0.ControllerPublishVolumeResponse")
+	proto.RegisterType((*ControllerUnpublishVolumeRequest)(nil), "csi.v0.ControllerUnpublishVolumeRequest")
+	proto.RegisterType((*ControllerUnpublishVolumeResponse)(nil), "csi.v0.ControllerUnpublishVolumeResponse")
+	proto.RegisterType((*ValidateVolumeCapabilitiesRequest)(nil), "csi.v0.ValidateVolumeCapabilitiesRequest")
+	proto.RegisterType((*ValidateVolumeCapabilitiesResponse)(nil), "csi.v0.ValidateVolumeCapabilitiesResponse")
+	proto.RegisterType((*ListVolumesRequest)(nil), "csi.v0.ListVolumesRequest")
+	proto.RegisterType((*ListVolumesResponse)(nil), "csi.v0.ListVolumesResponse")
+	proto.RegisterType((*ListVolumesResponse_Entry)(nil), "csi.v0.ListVolumesResponse.Entry")
+	proto.RegisterType((*GetCapacityRequest)(nil), "csi.v0.GetCapacityRequest")
+	proto.RegisterType((*GetCapacityResponse)(nil), "csi.v0.GetCapacityResponse")
+	proto.RegisterType((*ControllerGetCapabilitiesRequest)(nil), "csi.v0.ControllerGetCapabilitiesRequest")
+	proto.RegisterType((*ControllerGetCapabilitiesResponse)(nil), "csi.v0.ControllerGetCapabilitiesResponse")
+	proto.RegisterType((*ControllerServiceCapability)(nil), "csi.v0.ControllerServiceCapability")
+	proto.RegisterType((*ControllerServiceCapability_RPC)(nil), "csi.v0.ControllerServiceCapability.RPC")
+	proto.RegisterType((*NodeStageVolumeRequest)(nil), "csi.v0.NodeStageVolumeRequest")
+	proto.RegisterType((*NodeStageVolumeResponse)(nil), "csi.v0.NodeStageVolumeResponse")
+	proto.RegisterType((*NodeUnstageVolumeRequest)(nil), "csi.v0.NodeUnstageVolumeRequest")
+	proto.RegisterType((*NodeUnstageVolumeResponse)(nil), "csi.v0.NodeUnstageVolumeResponse")
+	proto.RegisterType((*NodePublishVolumeRequest)(nil), "csi.v0.NodePublishVolumeRequest")
+	proto.RegisterType((*NodePublishVolumeResponse)(nil), "csi.v0.NodePublishVolumeResponse")
+	proto.RegisterType((*NodeUnpublishVolumeRequest)(nil), "csi.v0.NodeUnpublishVolumeRequest")
+	proto.RegisterType((*NodeUnpublishVolumeResponse)(nil), "csi.v0.NodeUnpublishVolumeResponse")
+	proto.RegisterType((*NodeGetIdRequest)(nil), "csi.v0.NodeGetIdRequest")
+	proto.RegisterType((*NodeGetIdResponse)(nil), "csi.v0.NodeGetIdResponse")
+	proto.RegisterType((*NodeGetCapabilitiesRequest)(nil), "csi.v0.NodeGetCapabilitiesRequest")
+	proto.RegisterType((*NodeGetCapabilitiesResponse)(nil), "csi.v0.NodeGetCapabilitiesResponse")
+	proto.RegisterType((*NodeServiceCapability)(nil), "csi.v0.NodeServiceCapability")
+	proto.RegisterType((*NodeServiceCapability_RPC)(nil), "csi.v0.NodeServiceCapability.RPC")
+	proto.RegisterEnum("csi.v0.PluginCapability_Service_Type", PluginCapability_Service_Type_name, PluginCapability_Service_Type_value)
+	proto.RegisterEnum("csi.v0.VolumeCapability_AccessMode_Mode", VolumeCapability_AccessMode_Mode_name, VolumeCapability_AccessMode_Mode_value)
+	proto.RegisterEnum("csi.v0.ControllerServiceCapability_RPC_Type", ControllerServiceCapability_RPC_Type_name, ControllerServiceCapability_RPC_Type_value)
+	proto.RegisterEnum("csi.v0.NodeServiceCapability_RPC_Type", NodeServiceCapability_RPC_Type_name, NodeServiceCapability_RPC_Type_value)
 }
 
 // Reference imports to suppress errors if they are not otherwise used.
@@ -1775,8 +1877,9 @@ const _ = grpc.SupportPackageIsVersion4
 // Client API for Identity service
 
 type IdentityClient interface {
-	GetSupportedVersions(ctx context.Context, in *GetSupportedVersionsRequest, opts ...grpc.CallOption) (*GetSupportedVersionsResponse, error)
 	GetPluginInfo(ctx context.Context, in *GetPluginInfoRequest, opts ...grpc.CallOption) (*GetPluginInfoResponse, error)
+	GetPluginCapabilities(ctx context.Context, in *GetPluginCapabilitiesRequest, opts ...grpc.CallOption) (*GetPluginCapabilitiesResponse, error)
+	Probe(ctx context.Context, in *ProbeRequest, opts ...grpc.CallOption) (*ProbeResponse, error)
 }
 
 type identityClient struct {
@@ -1787,18 +1890,27 @@ func NewIdentityClient(cc *grpc.ClientConn) IdentityClient {
 	return &identityClient{cc}
 }
 
-func (c *identityClient) GetSupportedVersions(ctx context.Context, in *GetSupportedVersionsRequest, opts ...grpc.CallOption) (*GetSupportedVersionsResponse, error) {
-	out := new(GetSupportedVersionsResponse)
-	err := grpc.Invoke(ctx, "/csi.Identity/GetSupportedVersions", in, out, c.cc, opts...)
+func (c *identityClient) GetPluginInfo(ctx context.Context, in *GetPluginInfoRequest, opts ...grpc.CallOption) (*GetPluginInfoResponse, error) {
+	out := new(GetPluginInfoResponse)
+	err := grpc.Invoke(ctx, "/csi.v0.Identity/GetPluginInfo", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
 	return out, nil
 }
 
-func (c *identityClient) GetPluginInfo(ctx context.Context, in *GetPluginInfoRequest, opts ...grpc.CallOption) (*GetPluginInfoResponse, error) {
-	out := new(GetPluginInfoResponse)
-	err := grpc.Invoke(ctx, "/csi.Identity/GetPluginInfo", in, out, c.cc, opts...)
+func (c *identityClient) GetPluginCapabilities(ctx context.Context, in *GetPluginCapabilitiesRequest, opts ...grpc.CallOption) (*GetPluginCapabilitiesResponse, error) {
+	out := new(GetPluginCapabilitiesResponse)
+	err := grpc.Invoke(ctx, "/csi.v0.Identity/GetPluginCapabilities", in, out, c.cc, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *identityClient) Probe(ctx context.Context, in *ProbeRequest, opts ...grpc.CallOption) (*ProbeResponse, error) {
+	out := new(ProbeResponse)
+	err := grpc.Invoke(ctx, "/csi.v0.Identity/Probe", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -1808,62 +1920,85 @@ func (c *identityClient) GetPluginInfo(ctx context.Context, in *GetPluginInfoReq
 // Server API for Identity service
 
 type IdentityServer interface {
-	GetSupportedVersions(context.Context, *GetSupportedVersionsRequest) (*GetSupportedVersionsResponse, error)
 	GetPluginInfo(context.Context, *GetPluginInfoRequest) (*GetPluginInfoResponse, error)
+	GetPluginCapabilities(context.Context, *GetPluginCapabilitiesRequest) (*GetPluginCapabilitiesResponse, error)
+	Probe(context.Context, *ProbeRequest) (*ProbeResponse, error)
 }
 
 func RegisterIdentityServer(s *grpc.Server, srv IdentityServer) {
 	s.RegisterService(&_Identity_serviceDesc, srv)
 }
 
-func _Identity_GetSupportedVersions_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(GetSupportedVersionsRequest)
+func _Identity_GetPluginInfo_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(GetPluginInfoRequest)
 	if err := dec(in); err != nil {
 		return nil, err
 	}
 	if interceptor == nil {
-		return srv.(IdentityServer).GetSupportedVersions(ctx, in)
+		return srv.(IdentityServer).GetPluginInfo(ctx, in)
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/csi.Identity/GetSupportedVersions",
+		FullMethod: "/csi.v0.Identity/GetPluginInfo",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(IdentityServer).GetSupportedVersions(ctx, req.(*GetSupportedVersionsRequest))
+		return srv.(IdentityServer).GetPluginInfo(ctx, req.(*GetPluginInfoRequest))
 	}
 	return interceptor(ctx, in, info, handler)
 }
 
-func _Identity_GetPluginInfo_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(GetPluginInfoRequest)
+func _Identity_GetPluginCapabilities_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(GetPluginCapabilitiesRequest)
 	if err := dec(in); err != nil {
 		return nil, err
 	}
 	if interceptor == nil {
-		return srv.(IdentityServer).GetPluginInfo(ctx, in)
+		return srv.(IdentityServer).GetPluginCapabilities(ctx, in)
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/csi.Identity/GetPluginInfo",
+		FullMethod: "/csi.v0.Identity/GetPluginCapabilities",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(IdentityServer).GetPluginInfo(ctx, req.(*GetPluginInfoRequest))
+		return srv.(IdentityServer).GetPluginCapabilities(ctx, req.(*GetPluginCapabilitiesRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+func _Identity_Probe_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(ProbeRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(IdentityServer).Probe(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/csi.v0.Identity/Probe",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(IdentityServer).Probe(ctx, req.(*ProbeRequest))
 	}
 	return interceptor(ctx, in, info, handler)
 }
 
 var _Identity_serviceDesc = grpc.ServiceDesc{
-	ServiceName: "csi.Identity",
+	ServiceName: "csi.v0.Identity",
 	HandlerType: (*IdentityServer)(nil),
 	Methods: []grpc.MethodDesc{
-		{
-			MethodName: "GetSupportedVersions",
-			Handler:    _Identity_GetSupportedVersions_Handler,
-		},
 		{
 			MethodName: "GetPluginInfo",
 			Handler:    _Identity_GetPluginInfo_Handler,
 		},
+		{
+			MethodName: "GetPluginCapabilities",
+			Handler:    _Identity_GetPluginCapabilities_Handler,
+		},
+		{
+			MethodName: "Probe",
+			Handler:    _Identity_Probe_Handler,
+		},
 	},
 	Streams:  []grpc.StreamDesc{},
 	Metadata: "csi.proto",
@@ -1879,7 +2014,6 @@ type ControllerClient interface {
 	ValidateVolumeCapabilities(ctx context.Context, in *ValidateVolumeCapabilitiesRequest, opts ...grpc.CallOption) (*ValidateVolumeCapabilitiesResponse, error)
 	ListVolumes(ctx context.Context, in *ListVolumesRequest, opts ...grpc.CallOption) (*ListVolumesResponse, error)
 	GetCapacity(ctx context.Context, in *GetCapacityRequest, opts ...grpc.CallOption) (*GetCapacityResponse, error)
-	ControllerProbe(ctx context.Context, in *ControllerProbeRequest, opts ...grpc.CallOption) (*ControllerProbeResponse, error)
 	ControllerGetCapabilities(ctx context.Context, in *ControllerGetCapabilitiesRequest, opts ...grpc.CallOption) (*ControllerGetCapabilitiesResponse, error)
 }
 
@@ -1893,7 +2027,7 @@ func NewControllerClient(cc *grpc.ClientConn) ControllerClient {
 
 func (c *controllerClient) CreateVolume(ctx context.Context, in *CreateVolumeRequest, opts ...grpc.CallOption) (*CreateVolumeResponse, error) {
 	out := new(CreateVolumeResponse)
-	err := grpc.Invoke(ctx, "/csi.Controller/CreateVolume", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/csi.v0.Controller/CreateVolume", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -1902,7 +2036,7 @@ func (c *controllerClient) CreateVolume(ctx context.Context, in *CreateVolumeReq
 
 func (c *controllerClient) DeleteVolume(ctx context.Context, in *DeleteVolumeRequest, opts ...grpc.CallOption) (*DeleteVolumeResponse, error) {
 	out := new(DeleteVolumeResponse)
-	err := grpc.Invoke(ctx, "/csi.Controller/DeleteVolume", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/csi.v0.Controller/DeleteVolume", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -1911,7 +2045,7 @@ func (c *controllerClient) DeleteVolume(ctx context.Context, in *DeleteVolumeReq
 
 func (c *controllerClient) ControllerPublishVolume(ctx context.Context, in *ControllerPublishVolumeRequest, opts ...grpc.CallOption) (*ControllerPublishVolumeResponse, error) {
 	out := new(ControllerPublishVolumeResponse)
-	err := grpc.Invoke(ctx, "/csi.Controller/ControllerPublishVolume", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/csi.v0.Controller/ControllerPublishVolume", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -1920,7 +2054,7 @@ func (c *controllerClient) ControllerPublishVolume(ctx context.Context, in *Cont
 
 func (c *controllerClient) ControllerUnpublishVolume(ctx context.Context, in *ControllerUnpublishVolumeRequest, opts ...grpc.CallOption) (*ControllerUnpublishVolumeResponse, error) {
 	out := new(ControllerUnpublishVolumeResponse)
-	err := grpc.Invoke(ctx, "/csi.Controller/ControllerUnpublishVolume", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/csi.v0.Controller/ControllerUnpublishVolume", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -1929,7 +2063,7 @@ func (c *controllerClient) ControllerUnpublishVolume(ctx context.Context, in *Co
 
 func (c *controllerClient) ValidateVolumeCapabilities(ctx context.Context, in *ValidateVolumeCapabilitiesRequest, opts ...grpc.CallOption) (*ValidateVolumeCapabilitiesResponse, error) {
 	out := new(ValidateVolumeCapabilitiesResponse)
-	err := grpc.Invoke(ctx, "/csi.Controller/ValidateVolumeCapabilities", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/csi.v0.Controller/ValidateVolumeCapabilities", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -1938,7 +2072,7 @@ func (c *controllerClient) ValidateVolumeCapabilities(ctx context.Context, in *V
 
 func (c *controllerClient) ListVolumes(ctx context.Context, in *ListVolumesRequest, opts ...grpc.CallOption) (*ListVolumesResponse, error) {
 	out := new(ListVolumesResponse)
-	err := grpc.Invoke(ctx, "/csi.Controller/ListVolumes", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/csi.v0.Controller/ListVolumes", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -1947,16 +2081,7 @@ func (c *controllerClient) ListVolumes(ctx context.Context, in *ListVolumesReque
 
 func (c *controllerClient) GetCapacity(ctx context.Context, in *GetCapacityRequest, opts ...grpc.CallOption) (*GetCapacityResponse, error) {
 	out := new(GetCapacityResponse)
-	err := grpc.Invoke(ctx, "/csi.Controller/GetCapacity", in, out, c.cc, opts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *controllerClient) ControllerProbe(ctx context.Context, in *ControllerProbeRequest, opts ...grpc.CallOption) (*ControllerProbeResponse, error) {
-	out := new(ControllerProbeResponse)
-	err := grpc.Invoke(ctx, "/csi.Controller/ControllerProbe", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/csi.v0.Controller/GetCapacity", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -1965,7 +2090,7 @@ func (c *controllerClient) ControllerProbe(ctx context.Context, in *ControllerPr
 
 func (c *controllerClient) ControllerGetCapabilities(ctx context.Context, in *ControllerGetCapabilitiesRequest, opts ...grpc.CallOption) (*ControllerGetCapabilitiesResponse, error) {
 	out := new(ControllerGetCapabilitiesResponse)
-	err := grpc.Invoke(ctx, "/csi.Controller/ControllerGetCapabilities", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/csi.v0.Controller/ControllerGetCapabilities", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -1982,7 +2107,6 @@ type ControllerServer interface {
 	ValidateVolumeCapabilities(context.Context, *ValidateVolumeCapabilitiesRequest) (*ValidateVolumeCapabilitiesResponse, error)
 	ListVolumes(context.Context, *ListVolumesRequest) (*ListVolumesResponse, error)
 	GetCapacity(context.Context, *GetCapacityRequest) (*GetCapacityResponse, error)
-	ControllerProbe(context.Context, *ControllerProbeRequest) (*ControllerProbeResponse, error)
 	ControllerGetCapabilities(context.Context, *ControllerGetCapabilitiesRequest) (*ControllerGetCapabilitiesResponse, error)
 }
 
@@ -2000,7 +2124,7 @@ func _Controller_CreateVolume_Handler(srv interface{}, ctx context.Context, dec
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/csi.Controller/CreateVolume",
+		FullMethod: "/csi.v0.Controller/CreateVolume",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(ControllerServer).CreateVolume(ctx, req.(*CreateVolumeRequest))
@@ -2018,7 +2142,7 @@ func _Controller_DeleteVolume_Handler(srv interface{}, ctx context.Context, dec
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/csi.Controller/DeleteVolume",
+		FullMethod: "/csi.v0.Controller/DeleteVolume",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(ControllerServer).DeleteVolume(ctx, req.(*DeleteVolumeRequest))
@@ -2036,7 +2160,7 @@ func _Controller_ControllerPublishVolume_Handler(srv interface{}, ctx context.Co
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/csi.Controller/ControllerPublishVolume",
+		FullMethod: "/csi.v0.Controller/ControllerPublishVolume",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(ControllerServer).ControllerPublishVolume(ctx, req.(*ControllerPublishVolumeRequest))
@@ -2054,7 +2178,7 @@ func _Controller_ControllerUnpublishVolume_Handler(srv interface{}, ctx context.
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/csi.Controller/ControllerUnpublishVolume",
+		FullMethod: "/csi.v0.Controller/ControllerUnpublishVolume",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(ControllerServer).ControllerUnpublishVolume(ctx, req.(*ControllerUnpublishVolumeRequest))
@@ -2072,7 +2196,7 @@ func _Controller_ValidateVolumeCapabilities_Handler(srv interface{}, ctx context
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/csi.Controller/ValidateVolumeCapabilities",
+		FullMethod: "/csi.v0.Controller/ValidateVolumeCapabilities",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(ControllerServer).ValidateVolumeCapabilities(ctx, req.(*ValidateVolumeCapabilitiesRequest))
@@ -2090,7 +2214,7 @@ func _Controller_ListVolumes_Handler(srv interface{}, ctx context.Context, dec f
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/csi.Controller/ListVolumes",
+		FullMethod: "/csi.v0.Controller/ListVolumes",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(ControllerServer).ListVolumes(ctx, req.(*ListVolumesRequest))
@@ -2108,7 +2232,7 @@ func _Controller_GetCapacity_Handler(srv interface{}, ctx context.Context, dec f
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/csi.Controller/GetCapacity",
+		FullMethod: "/csi.v0.Controller/GetCapacity",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(ControllerServer).GetCapacity(ctx, req.(*GetCapacityRequest))
@@ -2116,24 +2240,6 @@ func _Controller_GetCapacity_Handler(srv interface{}, ctx context.Context, dec f
 	return interceptor(ctx, in, info, handler)
 }
 
-func _Controller_ControllerProbe_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(ControllerProbeRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(ControllerServer).ControllerProbe(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: "/csi.Controller/ControllerProbe",
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(ControllerServer).ControllerProbe(ctx, req.(*ControllerProbeRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
 func _Controller_ControllerGetCapabilities_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
 	in := new(ControllerGetCapabilitiesRequest)
 	if err := dec(in); err != nil {
@@ -2144,7 +2250,7 @@ func _Controller_ControllerGetCapabilities_Handler(srv interface{}, ctx context.
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/csi.Controller/ControllerGetCapabilities",
+		FullMethod: "/csi.v0.Controller/ControllerGetCapabilities",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(ControllerServer).ControllerGetCapabilities(ctx, req.(*ControllerGetCapabilitiesRequest))
@@ -2153,7 +2259,7 @@ func _Controller_ControllerGetCapabilities_Handler(srv interface{}, ctx context.
 }
 
 var _Controller_serviceDesc = grpc.ServiceDesc{
-	ServiceName: "csi.Controller",
+	ServiceName: "csi.v0.Controller",
 	HandlerType: (*ControllerServer)(nil),
 	Methods: []grpc.MethodDesc{
 		{
@@ -2184,10 +2290,6 @@ var _Controller_serviceDesc = grpc.ServiceDesc{
 			MethodName: "GetCapacity",
 			Handler:    _Controller_GetCapacity_Handler,
 		},
-		{
-			MethodName: "ControllerProbe",
-			Handler:    _Controller_ControllerProbe_Handler,
-		},
 		{
 			MethodName: "ControllerGetCapabilities",
 			Handler:    _Controller_ControllerGetCapabilities_Handler,
@@ -2200,10 +2302,11 @@ var _Controller_serviceDesc = grpc.ServiceDesc{
 // Client API for Node service
 
 type NodeClient interface {
+	NodeStageVolume(ctx context.Context, in *NodeStageVolumeRequest, opts ...grpc.CallOption) (*NodeStageVolumeResponse, error)
+	NodeUnstageVolume(ctx context.Context, in *NodeUnstageVolumeRequest, opts ...grpc.CallOption) (*NodeUnstageVolumeResponse, error)
 	NodePublishVolume(ctx context.Context, in *NodePublishVolumeRequest, opts ...grpc.CallOption) (*NodePublishVolumeResponse, error)
 	NodeUnpublishVolume(ctx context.Context, in *NodeUnpublishVolumeRequest, opts ...grpc.CallOption) (*NodeUnpublishVolumeResponse, error)
-	GetNodeID(ctx context.Context, in *GetNodeIDRequest, opts ...grpc.CallOption) (*GetNodeIDResponse, error)
-	NodeProbe(ctx context.Context, in *NodeProbeRequest, opts ...grpc.CallOption) (*NodeProbeResponse, error)
+	NodeGetId(ctx context.Context, in *NodeGetIdRequest, opts ...grpc.CallOption) (*NodeGetIdResponse, error)
 	NodeGetCapabilities(ctx context.Context, in *NodeGetCapabilitiesRequest, opts ...grpc.CallOption) (*NodeGetCapabilitiesResponse, error)
 }
 
@@ -2215,36 +2318,45 @@ func NewNodeClient(cc *grpc.ClientConn) NodeClient {
 	return &nodeClient{cc}
 }
 
-func (c *nodeClient) NodePublishVolume(ctx context.Context, in *NodePublishVolumeRequest, opts ...grpc.CallOption) (*NodePublishVolumeResponse, error) {
-	out := new(NodePublishVolumeResponse)
-	err := grpc.Invoke(ctx, "/csi.Node/NodePublishVolume", in, out, c.cc, opts...)
+func (c *nodeClient) NodeStageVolume(ctx context.Context, in *NodeStageVolumeRequest, opts ...grpc.CallOption) (*NodeStageVolumeResponse, error) {
+	out := new(NodeStageVolumeResponse)
+	err := grpc.Invoke(ctx, "/csi.v0.Node/NodeStageVolume", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
 	return out, nil
 }
 
-func (c *nodeClient) NodeUnpublishVolume(ctx context.Context, in *NodeUnpublishVolumeRequest, opts ...grpc.CallOption) (*NodeUnpublishVolumeResponse, error) {
-	out := new(NodeUnpublishVolumeResponse)
-	err := grpc.Invoke(ctx, "/csi.Node/NodeUnpublishVolume", in, out, c.cc, opts...)
+func (c *nodeClient) NodeUnstageVolume(ctx context.Context, in *NodeUnstageVolumeRequest, opts ...grpc.CallOption) (*NodeUnstageVolumeResponse, error) {
+	out := new(NodeUnstageVolumeResponse)
+	err := grpc.Invoke(ctx, "/csi.v0.Node/NodeUnstageVolume", in, out, c.cc, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *nodeClient) NodePublishVolume(ctx context.Context, in *NodePublishVolumeRequest, opts ...grpc.CallOption) (*NodePublishVolumeResponse, error) {
+	out := new(NodePublishVolumeResponse)
+	err := grpc.Invoke(ctx, "/csi.v0.Node/NodePublishVolume", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
 	return out, nil
 }
 
-func (c *nodeClient) GetNodeID(ctx context.Context, in *GetNodeIDRequest, opts ...grpc.CallOption) (*GetNodeIDResponse, error) {
-	out := new(GetNodeIDResponse)
-	err := grpc.Invoke(ctx, "/csi.Node/GetNodeID", in, out, c.cc, opts...)
+func (c *nodeClient) NodeUnpublishVolume(ctx context.Context, in *NodeUnpublishVolumeRequest, opts ...grpc.CallOption) (*NodeUnpublishVolumeResponse, error) {
+	out := new(NodeUnpublishVolumeResponse)
+	err := grpc.Invoke(ctx, "/csi.v0.Node/NodeUnpublishVolume", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
 	return out, nil
 }
 
-func (c *nodeClient) NodeProbe(ctx context.Context, in *NodeProbeRequest, opts ...grpc.CallOption) (*NodeProbeResponse, error) {
-	out := new(NodeProbeResponse)
-	err := grpc.Invoke(ctx, "/csi.Node/NodeProbe", in, out, c.cc, opts...)
+func (c *nodeClient) NodeGetId(ctx context.Context, in *NodeGetIdRequest, opts ...grpc.CallOption) (*NodeGetIdResponse, error) {
+	out := new(NodeGetIdResponse)
+	err := grpc.Invoke(ctx, "/csi.v0.Node/NodeGetId", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -2253,7 +2365,7 @@ func (c *nodeClient) NodeProbe(ctx context.Context, in *NodeProbeRequest, opts .
 
 func (c *nodeClient) NodeGetCapabilities(ctx context.Context, in *NodeGetCapabilitiesRequest, opts ...grpc.CallOption) (*NodeGetCapabilitiesResponse, error) {
 	out := new(NodeGetCapabilitiesResponse)
-	err := grpc.Invoke(ctx, "/csi.Node/NodeGetCapabilities", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/csi.v0.Node/NodeGetCapabilities", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -2263,10 +2375,11 @@ func (c *nodeClient) NodeGetCapabilities(ctx context.Context, in *NodeGetCapabil
 // Server API for Node service
 
 type NodeServer interface {
+	NodeStageVolume(context.Context, *NodeStageVolumeRequest) (*NodeStageVolumeResponse, error)
+	NodeUnstageVolume(context.Context, *NodeUnstageVolumeRequest) (*NodeUnstageVolumeResponse, error)
 	NodePublishVolume(context.Context, *NodePublishVolumeRequest) (*NodePublishVolumeResponse, error)
 	NodeUnpublishVolume(context.Context, *NodeUnpublishVolumeRequest) (*NodeUnpublishVolumeResponse, error)
-	GetNodeID(context.Context, *GetNodeIDRequest) (*GetNodeIDResponse, error)
-	NodeProbe(context.Context, *NodeProbeRequest) (*NodeProbeResponse, error)
+	NodeGetId(context.Context, *NodeGetIdRequest) (*NodeGetIdResponse, error)
 	NodeGetCapabilities(context.Context, *NodeGetCapabilitiesRequest) (*NodeGetCapabilitiesResponse, error)
 }
 
@@ -2274,74 +2387,92 @@ func RegisterNodeServer(s *grpc.Server, srv NodeServer) {
 	s.RegisterService(&_Node_serviceDesc, srv)
 }
 
-func _Node_NodePublishVolume_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(NodePublishVolumeRequest)
+func _Node_NodeStageVolume_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(NodeStageVolumeRequest)
 	if err := dec(in); err != nil {
 		return nil, err
 	}
 	if interceptor == nil {
-		return srv.(NodeServer).NodePublishVolume(ctx, in)
+		return srv.(NodeServer).NodeStageVolume(ctx, in)
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/csi.Node/NodePublishVolume",
+		FullMethod: "/csi.v0.Node/NodeStageVolume",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(NodeServer).NodePublishVolume(ctx, req.(*NodePublishVolumeRequest))
+		return srv.(NodeServer).NodeStageVolume(ctx, req.(*NodeStageVolumeRequest))
 	}
 	return interceptor(ctx, in, info, handler)
 }
 
-func _Node_NodeUnpublishVolume_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(NodeUnpublishVolumeRequest)
+func _Node_NodeUnstageVolume_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(NodeUnstageVolumeRequest)
 	if err := dec(in); err != nil {
 		return nil, err
 	}
 	if interceptor == nil {
-		return srv.(NodeServer).NodeUnpublishVolume(ctx, in)
+		return srv.(NodeServer).NodeUnstageVolume(ctx, in)
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/csi.Node/NodeUnpublishVolume",
+		FullMethod: "/csi.v0.Node/NodeUnstageVolume",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(NodeServer).NodeUnpublishVolume(ctx, req.(*NodeUnpublishVolumeRequest))
+		return srv.(NodeServer).NodeUnstageVolume(ctx, req.(*NodeUnstageVolumeRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+func _Node_NodePublishVolume_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(NodePublishVolumeRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(NodeServer).NodePublishVolume(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/csi.v0.Node/NodePublishVolume",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(NodeServer).NodePublishVolume(ctx, req.(*NodePublishVolumeRequest))
 	}
 	return interceptor(ctx, in, info, handler)
 }
 
-func _Node_GetNodeID_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(GetNodeIDRequest)
+func _Node_NodeUnpublishVolume_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(NodeUnpublishVolumeRequest)
 	if err := dec(in); err != nil {
 		return nil, err
 	}
 	if interceptor == nil {
-		return srv.(NodeServer).GetNodeID(ctx, in)
+		return srv.(NodeServer).NodeUnpublishVolume(ctx, in)
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/csi.Node/GetNodeID",
+		FullMethod: "/csi.v0.Node/NodeUnpublishVolume",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(NodeServer).GetNodeID(ctx, req.(*GetNodeIDRequest))
+		return srv.(NodeServer).NodeUnpublishVolume(ctx, req.(*NodeUnpublishVolumeRequest))
 	}
 	return interceptor(ctx, in, info, handler)
 }
 
-func _Node_NodeProbe_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(NodeProbeRequest)
+func _Node_NodeGetId_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(NodeGetIdRequest)
 	if err := dec(in); err != nil {
 		return nil, err
 	}
 	if interceptor == nil {
-		return srv.(NodeServer).NodeProbe(ctx, in)
+		return srv.(NodeServer).NodeGetId(ctx, in)
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/csi.Node/NodeProbe",
+		FullMethod: "/csi.v0.Node/NodeGetId",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(NodeServer).NodeProbe(ctx, req.(*NodeProbeRequest))
+		return srv.(NodeServer).NodeGetId(ctx, req.(*NodeGetIdRequest))
 	}
 	return interceptor(ctx, in, info, handler)
 }
@@ -2356,7 +2487,7 @@ func _Node_NodeGetCapabilities_Handler(srv interface{}, ctx context.Context, dec
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/csi.Node/NodeGetCapabilities",
+		FullMethod: "/csi.v0.Node/NodeGetCapabilities",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(NodeServer).NodeGetCapabilities(ctx, req.(*NodeGetCapabilitiesRequest))
@@ -2365,9 +2496,17 @@ func _Node_NodeGetCapabilities_Handler(srv interface{}, ctx context.Context, dec
 }
 
 var _Node_serviceDesc = grpc.ServiceDesc{
-	ServiceName: "csi.Node",
+	ServiceName: "csi.v0.Node",
 	HandlerType: (*NodeServer)(nil),
 	Methods: []grpc.MethodDesc{
+		{
+			MethodName: "NodeStageVolume",
+			Handler:    _Node_NodeStageVolume_Handler,
+		},
+		{
+			MethodName: "NodeUnstageVolume",
+			Handler:    _Node_NodeUnstageVolume_Handler,
+		},
 		{
 			MethodName: "NodePublishVolume",
 			Handler:    _Node_NodePublishVolume_Handler,
@@ -2377,12 +2516,8 @@ var _Node_serviceDesc = grpc.ServiceDesc{
 			Handler:    _Node_NodeUnpublishVolume_Handler,
 		},
 		{
-			MethodName: "GetNodeID",
-			Handler:    _Node_GetNodeID_Handler,
-		},
-		{
-			MethodName: "NodeProbe",
-			Handler:    _Node_NodeProbe_Handler,
+			MethodName: "NodeGetId",
+			Handler:    _Node_NodeGetId_Handler,
 		},
 		{
 			MethodName: "NodeGetCapabilities",
@@ -2396,130 +2531,141 @@ var _Node_serviceDesc = grpc.ServiceDesc{
 func init() { proto.RegisterFile("csi.proto", fileDescriptor0) }
 
 var fileDescriptor0 = []byte{
-	// 1993 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x59, 0x4b, 0x73, 0xe3, 0x58,
-	0x15, 0xb6, 0x6c, 0xe7, 0xe1, 0xe3, 0x38, 0xed, 0x5c, 0xe7, 0xa1, 0x28, 0xfd, 0x70, 0xab, 0xa7,
-	0x7b, 0x42, 0x15, 0xe3, 0xa2, 0x3c, 0x54, 0xd1, 0xe9, 0x9e, 0x19, 0x48, 0x6c, 0x4f, 0x62, 0x26,
-	0x71, 0xa7, 0x14, 0xa7, 0x9b, 0x01, 0xa6, 0x84, 0x62, 0xdf, 0xa4, 0x45, 0xcb, 0x92, 0x47, 0x92,
-	0x5d, 0xed, 0x3d, 0x4b, 0x16, 0xec, 0xd8, 0xc1, 0x72, 0xa0, 0x58, 0x02, 0xbf, 0x80, 0xbf, 0x00,
-	0xac, 0xd9, 0xf2, 0x0f, 0xa8, 0x62, 0x43, 0xdd, 0x87, 0x64, 0x49, 0x96, 0x1c, 0x3b, 0x93, 0x1e,
-	0x66, 0x27, 0x9d, 0xc7, 0x77, 0xcf, 0xe3, 0xde, 0x73, 0xce, 0x95, 0x20, 0xd7, 0x71, 0xf4, 0x4a,
-	0xdf, 0xb6, 0x5c, 0x0b, 0x65, 0x3a, 0x8e, 0x2e, 0xdf, 0x83, 0x9d, 0x43, 0xec, 0x9e, 0x0d, 0xfa,
-	0x7d, 0xcb, 0x76, 0x71, 0xf7, 0x25, 0xb6, 0x1d, 0xdd, 0x32, 0x1d, 0x05, 0x7f, 0x39, 0xc0, 0x8e,
-	0x2b, 0xff, 0x0c, 0xee, 0xc6, 0xb3, 0x9d, 0xbe, 0x65, 0x3a, 0x18, 0x3d, 0x07, 0xe4, 0x78, 0x4c,
-	0x75, 0xc8, 0xb9, 0xa2, 0x50, 0xce, 0xec, 0xe6, 0xab, 0x2b, 0x15, 0xb2, 0x16, 0x57, 0x51, 0xd6,
-	0x9c, 0x28, 0x88, 0xfc, 0x19, 0x2c, 0xf1, 0x67, 0xb4, 0x0e, 0x0b, 0x3d, 0xed, 0x97, 0x96, 0x2d,
-	0x0a, 0x65, 0x61, 0xb7, 0xa0, 0xb0, 0x17, 0x4a, 0xd5, 0x4d, 0xcb, 0x16, 0xd3, 0x9c, 0x4a, 0x5e,
-	0x08, 0xb5, 0xaf, 0xb9, 0x9d, 0xd7, 0x62, 0x86, 0x51, 0xe9, 0x8b, 0xfc, 0x09, 0xac, 0x1f, 0x62,
-	0xf7, 0xd4, 0x18, 0x5c, 0xe9, 0x66, 0xd3, 0xbc, 0xb4, 0xb8, 0x07, 0xe8, 0x09, 0x2c, 0x71, 0xbb,
-	0x28, 0x76, 0xd4, 0x2c, 0x8f, 0x29, 0xff, 0x43, 0x80, 0x8d, 0x08, 0x00, 0xf7, 0x11, 0x41, 0xd6,
-	0xd4, 0x7a, 0x98, 0xaa, 0xe7, 0x14, 0xfa, 0x8c, 0x1e, 0xc3, 0xea, 0x10, 0x9b, 0x5d, 0xcb, 0xf6,
-	0x9c, 0xa6, 0x26, 0xe6, 0x94, 0x02, 0xa3, 0x7a, 0x6e, 0xd5, 0x61, 0xb9, 0xa7, 0x99, 0xfa, 0x25,
-	0x76, 0x5c, 0x31, 0x43, 0x83, 0xb2, 0x4b, 0x57, 0x8f, 0x5d, 0xa8, 0x72, 0xc2, 0x45, 0x1b, 0xa6,
-	0x6b, 0x8f, 0x14, 0x5f, 0x53, 0x7a, 0x0e, 0x85, 0x10, 0x0b, 0x15, 0x21, 0xf3, 0x06, 0x8f, 0xb8,
-	0x41, 0xe4, 0x91, 0xc4, 0x64, 0xa8, 0x19, 0x03, 0xcc, 0xcd, 0x60, 0x2f, 0xcf, 0xd2, 0x4f, 0x05,
-	0xf9, 0xbf, 0x19, 0x28, 0xd5, 0x6c, 0xac, 0xb9, 0xf8, 0xa5, 0x65, 0x0c, 0x7a, 0x78, 0xce, 0xb8,
-	0xf8, 0xde, 0xa7, 0x03, 0xde, 0xef, 0xc1, 0x6a, 0x47, 0xeb, 0x6b, 0x1d, 0xdd, 0x1d, 0xa9, 0xb6,
-	0x66, 0x5e, 0x61, 0x9a, 0x8a, 0x7c, 0x15, 0x51, 0x88, 0x1a, 0x67, 0x29, 0x84, 0xa3, 0x14, 0x3a,
-	0xc1, 0x57, 0xf4, 0x29, 0x94, 0x86, 0xd4, 0x0e, 0x95, 0xd0, 0x2f, 0x74, 0x43, 0x77, 0x75, 0xec,
-	0x88, 0x59, 0x1a, 0x9c, 0x0d, 0x66, 0x02, 0xe5, 0xd7, 0x3c, 0xf6, 0x48, 0x41, 0xc3, 0x30, 0x45,
-	0xc7, 0x0e, 0x3a, 0x02, 0xe8, 0x6b, 0xb6, 0xd6, 0xc3, 0x2e, 0xb6, 0x1d, 0x71, 0x21, 0x10, 0xdb,
-	0x18, 0x67, 0x2b, 0xa7, 0xbe, 0x28, 0x8b, 0x6d, 0x40, 0x17, 0xfd, 0x04, 0x8a, 0x03, 0x07, 0xdb,
-	0x6a, 0xc7, 0xc6, 0x5d, 0x6c, 0xba, 0xba, 0x66, 0x38, 0xe2, 0x22, 0xc5, 0xfb, 0x20, 0x11, 0xef,
-	0xdc, 0xc1, 0x76, 0x6d, 0x2c, 0xcf, 0x40, 0xef, 0x0c, 0xc2, 0x54, 0xe9, 0x63, 0xb8, 0x13, 0x59,
-	0x78, 0x9e, 0xcc, 0x49, 0x07, 0xb0, 0x1e, 0xb7, 0xce, 0x5c, 0xd9, 0x3f, 0x82, 0xf5, 0xb0, 0xfd,
-	0x7c, 0x4f, 0x7f, 0x0f, 0xf2, 0x3c, 0x0d, 0xba, 0x79, 0x69, 0xf1, 0x1d, 0x70, 0x27, 0x10, 0x7e,
-	0xba, 0x31, 0x61, 0xe8, 0x3f, 0xcb, 0xbf, 0xcb, 0x42, 0x31, 0x9a, 0x19, 0xb4, 0x07, 0x0b, 0x17,
-	0x86, 0xd5, 0x79, 0xc3, 0x01, 0x1e, 0xc6, 0xe6, 0xaf, 0x72, 0x40, 0x44, 0x18, 0xf5, 0x28, 0xa5,
-	0x30, 0x0d, 0xa2, 0xda, 0xb3, 0x06, 0xa6, 0x4b, 0x6d, 0x4e, 0x54, 0x3d, 0x21, 0x22, 0x63, 0x55,
-	0xaa, 0x81, 0xf6, 0x21, 0xaf, 0x75, 0x3a, 0xd8, 0x71, 0xd4, 0x9e, 0xd5, 0xf5, 0xf6, 0x5e, 0x39,
-	0x1e, 0x60, 0x9f, 0x0a, 0x9e, 0x58, 0x5d, 0xac, 0x80, 0xe6, 0x3f, 0x4b, 0x05, 0xc8, 0x07, 0xac,
-	0x92, 0x0e, 0x21, 0x1f, 0x58, 0x09, 0x6d, 0xc1, 0xd2, 0xa5, 0xa3, 0xba, 0xa3, 0xbe, 0x77, 0xe8,
-	0x17, 0x2f, 0x9d, 0xf6, 0xa8, 0x8f, 0xd1, 0x03, 0xc8, 0x53, 0x13, 0xd4, 0x4b, 0x43, 0xbb, 0x72,
-	0xc4, 0x74, 0x39, 0xb3, 0x9b, 0x53, 0x80, 0x92, 0x3e, 0x25, 0x14, 0xe9, 0xdf, 0x02, 0xc0, 0x78,
-	0x49, 0xb4, 0x07, 0x59, 0x6a, 0x22, 0x41, 0x59, 0xad, 0x3e, 0xbe, 0xce, 0xc4, 0x0a, 0xb5, 0x93,
-	0xaa, 0xc8, 0xbf, 0x17, 0x20, 0x4b, 0x31, 0xf2, 0xb0, 0x74, 0xde, 0xfa, 0xac, 0xf5, 0xe2, 0x55,
-	0xab, 0x98, 0x42, 0x9b, 0x80, 0xce, 0x9a, 0xad, 0xc3, 0xe3, 0x86, 0xda, 0x7a, 0x51, 0x6f, 0xa8,
-	0xaf, 0x94, 0x66, 0xbb, 0xa1, 0x14, 0x05, 0xb4, 0x03, 0x5b, 0x41, 0xba, 0xd2, 0xd8, 0xaf, 0x37,
-	0x14, 0xf5, 0x45, 0xeb, 0xf8, 0xf3, 0x62, 0x1a, 0x49, 0xb0, 0x79, 0x72, 0x7e, 0xdc, 0x6e, 0x4e,
-	0xf2, 0x32, 0xe8, 0x2e, 0x88, 0x01, 0x1e, 0xc7, 0xe0, 0xb0, 0x59, 0x02, 0x1b, 0xe0, 0xb2, 0x47,
-	0xce, 0x5c, 0x38, 0x28, 0xf8, 0x69, 0x20, 0x91, 0x92, 0x5f, 0x41, 0x21, 0x74, 0xf2, 0x49, 0x8d,
-	0xb4, 0xf1, 0x97, 0x03, 0xdd, 0xc6, 0x5d, 0xf5, 0x62, 0xe4, 0x62, 0x87, 0x86, 0x21, 0xab, 0x14,
-	0x3c, 0xea, 0x01, 0x21, 0x92, 0x98, 0x1a, 0x7a, 0x4f, 0x77, 0xb9, 0x4c, 0x9a, 0xca, 0x00, 0x25,
-	0x51, 0x01, 0xf9, 0x6f, 0x02, 0xc0, 0x78, 0x53, 0x12, 0x58, 0xbf, 0xf8, 0x84, 0x60, 0x3d, 0x2a,
-	0x83, 0x5d, 0x85, 0xb4, 0xde, 0xe5, 0x07, 0x22, 0xad, 0x77, 0xd1, 0x0f, 0x01, 0x34, 0xd7, 0xb5,
-	0xf5, 0x8b, 0x01, 0x51, 0x61, 0xc5, 0xf8, 0x41, 0x64, 0xc3, 0x57, 0xf6, 0x7d, 0x09, 0x5e, 0x27,
-	0xc6, 0x2a, 0xe4, 0x34, 0x47, 0xd8, 0x73, 0x9d, 0xc4, 0xff, 0x08, 0x50, 0xaa, 0x63, 0x03, 0xdf,
-	0xb4, 0x0e, 0xef, 0x40, 0xce, 0x3b, 0xb1, 0x9e, 0x5b, 0xcb, 0xfc, 0x78, 0x76, 0x63, 0x6b, 0x58,
-	0x26, 0x50, 0xc3, 0x62, 0x16, 0x9e, 0xb1, 0x86, 0xdd, 0x46, 0x11, 0xda, 0x84, 0xf5, 0xb0, 0x01,
-	0xac, 0x08, 0xc9, 0x7f, 0xc9, 0xc2, 0xfd, 0x9a, 0x65, 0xba, 0xb6, 0x65, 0x18, 0xd8, 0x3e, 0x1d,
-	0x5c, 0x18, 0xba, 0xf3, 0xfa, 0x1d, 0x44, 0x67, 0x0b, 0x96, 0x4c, 0xab, 0x4b, 0x59, 0x19, 0x76,
-	0x9c, 0xc9, 0x6b, 0xb3, 0x8b, 0x0e, 0x60, 0x2d, 0xda, 0x8c, 0x46, 0x62, 0x96, 0xae, 0x93, 0xd0,
-	0x8a, 0x8a, 0xc3, 0x68, 0x09, 0x94, 0x60, 0xd9, 0xc6, 0x5a, 0xd7, 0x32, 0x8d, 0x91, 0xb8, 0x50,
-	0x16, 0x76, 0x97, 0x15, 0xff, 0x1d, 0x75, 0x12, 0x5b, 0xcb, 0x53, 0xd6, 0x5a, 0xa6, 0x3a, 0x3f,
-	0x5b, 0x86, 0xd0, 0xa5, 0xef, 0x44, 0x60, 0x7f, 0x2f, 0xd1, 0x55, 0xf6, 0x66, 0x59, 0x85, 0xbd,
-	0x45, 0x77, 0x3e, 0x77, 0x74, 0x4c, 0xbe, 0x8d, 0x9d, 0x20, 0xd5, 0x60, 0x23, 0x76, 0xb9, 0xb9,
-	0xb6, 0xd3, 0xdf, 0x05, 0x78, 0x90, 0xe8, 0x13, 0xef, 0x6f, 0x6f, 0xa0, 0xd4, 0x67, 0x0c, 0x35,
-	0xdc, 0xe7, 0x48, 0x58, 0x9e, 0x4f, 0x0f, 0x0b, 0x9f, 0xc6, 0x42, 0x54, 0x52, 0x1d, 0x58, 0x60,
-	0xd6, 0xfa, 0x51, 0xba, 0x54, 0x87, 0xcd, 0x78, 0xe1, 0xb9, 0xdc, 0xfa, 0x53, 0x1a, 0xca, 0x63,
-	0x9b, 0xce, 0xcd, 0xfe, 0x37, 0x7f, 0x1e, 0x70, 0xcc, 0x7e, 0x65, 0x93, 0xd9, 0xb3, 0x48, 0xc8,
-	0xe2, 0xcd, 0xfb, 0x06, 0x6b, 0xca, 0x23, 0x78, 0x38, 0xc5, 0x1a, 0x5e, 0x60, 0xfe, 0x95, 0x86,
-	0x87, 0x2f, 0x35, 0x43, 0xef, 0xfa, 0x03, 0x50, 0x70, 0x86, 0xbc, 0xd5, 0x98, 0x26, 0xcc, 0xb5,
-	0x99, 0x79, 0xe7, 0x5a, 0x3d, 0xee, 0x34, 0xb3, 0x1c, 0x7c, 0xc4, 0x50, 0xae, 0xf3, 0x67, 0xe6,
-	0x03, 0x7d, 0x2b, 0x87, 0xf1, 0xe7, 0x20, 0x4f, 0xb3, 0x88, 0x1f, 0xc7, 0xbb, 0x90, 0xf3, 0xaf,
-	0x7f, 0x14, 0x77, 0x59, 0x19, 0x13, 0x90, 0x08, 0x4b, 0x3d, 0xec, 0x38, 0xda, 0x95, 0x87, 0xef,
-	0xbd, 0xca, 0xbf, 0x12, 0x00, 0x1d, 0xeb, 0x0e, 0x9f, 0xcb, 0xe6, 0xce, 0x18, 0x19, 0xd7, 0xb4,
-	0xb7, 0x2a, 0x36, 0x5d, 0x5b, 0xe7, 0xa3, 0x45, 0x41, 0x81, 0x9e, 0xf6, 0xb6, 0xc1, 0x28, 0x64,
-	0x96, 0x70, 0x5c, 0xcd, 0x76, 0x75, 0xf3, 0x4a, 0x75, 0xad, 0x37, 0xd8, 0xe4, 0x07, 0xa2, 0xe0,
-	0x51, 0xdb, 0x84, 0x28, 0xff, 0x51, 0x80, 0x52, 0xc8, 0x0c, 0xee, 0xd6, 0x53, 0x58, 0xf2, 0xb0,
-	0x59, 0x65, 0xb9, 0x4f, 0xed, 0x88, 0x11, 0xad, 0xb0, 0x24, 0x78, 0xe2, 0xe8, 0x1e, 0x80, 0x89,
-	0xdf, 0xba, 0x7c, 0x51, 0xe6, 0x75, 0x8e, 0x50, 0xe8, 0x82, 0xd2, 0x1e, 0x2c, 0xb0, 0x54, 0xcc,
-	0x3f, 0xa7, 0xff, 0x3a, 0x0d, 0xe8, 0x10, 0xbb, 0xfe, 0x28, 0x36, 0x67, 0xc8, 0x12, 0xf6, 0x71,
-	0x7a, 0xde, 0x7d, 0x7c, 0x18, 0xba, 0x9f, 0xb1, 0x63, 0xf0, 0xbe, 0x77, 0xf7, 0x8d, 0x18, 0x37,
-	0xed, 0x7a, 0xf6, 0x35, 0x2f, 0x51, 0x72, 0x1d, 0x4a, 0xa1, 0x05, 0x79, 0xe6, 0x3e, 0x00, 0xa4,
-	0x0d, 0x35, 0xdd, 0xd0, 0x2e, 0x0c, 0xe6, 0x29, 0xe1, 0xf2, 0x41, 0x72, 0xcd, 0xe7, 0x78, 0x6a,
-	0xf2, 0x8f, 0x60, 0x33, 0xd0, 0x2e, 0x6c, 0xeb, 0x62, 0xde, 0x82, 0x2c, 0x6f, 0xc3, 0xd6, 0x04,
-	0x02, 0xaf, 0x52, 0x3f, 0x0e, 0xd6, 0x7d, 0x6e, 0xec, 0x0d, 0x6b, 0x94, 0xac, 0x07, 0xcb, 0xe2,
-	0x04, 0x16, 0x77, 0xbe, 0x0e, 0x2b, 0x31, 0xc9, 0x2d, 0x47, 0x4a, 0xfc, 0x19, 0xb6, 0x87, 0x7a,
-	0x27, 0x98, 0xe7, 0x90, 0x96, 0xfc, 0xdb, 0x34, 0xec, 0x4c, 0x91, 0x46, 0x4f, 0x21, 0x63, 0xf7,
-	0x3b, 0xdc, 0xdc, 0xf7, 0xae, 0x03, 0xaf, 0x28, 0xa7, 0xb5, 0xa3, 0x94, 0x42, 0x54, 0xa4, 0xbf,
-	0x0a, 0x90, 0x51, 0x4e, 0x6b, 0xe8, 0x63, 0xc8, 0xfa, 0x77, 0xb0, 0xd5, 0xea, 0x77, 0x66, 0x81,
-	0xa8, 0x90, 0x6b, 0x9a, 0x42, 0xd5, 0x64, 0x0b, 0xb2, 0xf4, 0xd2, 0x16, 0xba, 0x40, 0x89, 0xb0,
-	0x5e, 0x53, 0x1a, 0xfb, 0xed, 0x86, 0x5a, 0x6f, 0x1c, 0x37, 0xda, 0x0d, 0xf5, 0xe5, 0x8b, 0xe3,
-	0xf3, 0x93, 0x46, 0x51, 0x20, 0x37, 0xa1, 0xd3, 0xf3, 0x83, 0xe3, 0xe6, 0xd9, 0x91, 0x7a, 0xde,
-	0xf2, 0x9e, 0x38, 0x37, 0x8d, 0x8a, 0xb0, 0x72, 0xdc, 0x3c, 0x6b, 0x73, 0xc2, 0x59, 0x31, 0x43,
-	0x28, 0x87, 0x8d, 0xb6, 0x5a, 0xdb, 0x3f, 0xdd, 0xaf, 0x35, 0xdb, 0x9f, 0x17, 0xb3, 0x07, 0x8b,
-	0xcc, 0x5e, 0xf9, 0x9f, 0x0b, 0x20, 0xb6, 0xac, 0x2e, 0x7e, 0x77, 0x13, 0x6d, 0x37, 0x7e, 0xbc,
-	0x61, 0xc7, 0xec, 0xfb, 0x14, 0x30, 0xc9, 0x80, 0xd9, 0xe7, 0x1a, 0x52, 0x3e, 0x5d, 0xcd, 0xbe,
-	0xc2, 0xae, 0xda, 0xd7, 0xdc, 0xd7, 0x74, 0x30, 0xce, 0x29, 0xc0, 0x48, 0xa7, 0x9a, 0xfb, 0x3a,
-	0x7e, 0x7e, 0x5e, 0xb8, 0xf9, 0xfc, 0xbc, 0x18, 0x99, 0x9f, 0xbf, 0x88, 0x99, 0x47, 0xd8, 0x64,
-	0x5b, 0x9d, 0xee, 0xe3, 0x6c, 0x93, 0xf3, 0x2f, 0xe2, 0x7a, 0xed, 0x32, 0xc5, 0xff, 0x70, 0x3a,
-	0xfe, 0xac, 0x2d, 0xf6, 0x56, 0x26, 0xc3, 0x6f, 0xcf, 0xe4, 0xbd, 0x03, 0xdb, 0x31, 0x21, 0xe1,
-	0x65, 0xec, 0xab, 0x34, 0x48, 0x84, 0xfb, 0x2e, 0x27, 0xd7, 0xc8, 0x8e, 0xcc, 0x4c, 0xec, 0x48,
-	0x35, 0x71, 0x82, 0x1d, 0x9f, 0x8a, 0xff, 0xfb, 0xec, 0x7a, 0x0f, 0x76, 0x62, 0xed, 0xe0, 0x81,
-	0x7c, 0x06, 0xc5, 0x43, 0xec, 0x12, 0x89, 0x66, 0x7d, 0xde, 0xfa, 0xff, 0x5d, 0x58, 0x0b, 0xe8,
-	0xf2, 0x7a, 0x1f, 0x98, 0xf7, 0x85, 0xe0, 0xbc, 0x4f, 0x56, 0xa2, 0xf9, 0xbc, 0x49, 0x43, 0x2b,
-	0xc1, 0x5a, 0x40, 0x97, 0x9b, 0x5e, 0x67, 0x5b, 0xe0, 0x6b, 0x36, 0xb1, 0x2f, 0x58, 0x7c, 0x92,
-	0xda, 0xd7, 0x27, 0x91, 0xf6, 0xc5, 0x46, 0x2f, 0xc9, 0xcf, 0xef, 0x75, 0x8d, 0xeb, 0x0f, 0x02,
-	0x6c, 0xc4, 0xca, 0xa1, 0x6a, 0xb0, 0x65, 0xdd, 0x4f, 0x06, 0x0c, 0x36, 0xab, 0x33, 0xd6, 0xab,
-	0x7e, 0x10, 0xea, 0x55, 0x8f, 0xa6, 0xeb, 0x06, 0xbb, 0x54, 0x29, 0xa6, 0x4b, 0x79, 0x9d, 0xa4,
-	0xfa, 0x67, 0x01, 0x96, 0x9b, 0x74, 0xa3, 0xb9, 0xa4, 0x1a, 0xae, 0xc7, 0xfd, 0x8b, 0x41, 0x65,
-	0x6f, 0xac, 0x4a, 0xfa, 0x8b, 0x23, 0x3d, 0x9c, 0x22, 0xc1, 0x33, 0x97, 0x42, 0x47, 0x50, 0x08,
-	0xfd, 0x96, 0x40, 0xdb, 0x71, 0xbf, 0x2a, 0x18, 0xa0, 0x94, 0xfc, 0x17, 0x43, 0x4e, 0x55, 0xbf,
-	0x5a, 0x04, 0x18, 0xf7, 0x69, 0xd4, 0x80, 0x95, 0xe0, 0x37, 0x68, 0x24, 0x26, 0x7d, 0x56, 0x97,
-	0xb6, 0x63, 0x38, 0xbe, 0x7d, 0x0d, 0x58, 0x09, 0x7e, 0x45, 0xe2, 0x30, 0x31, 0x5f, 0xb6, 0x38,
-	0x4c, 0xec, 0x27, 0xa7, 0x14, 0xba, 0x0c, 0x0d, 0x62, 0xc1, 0x03, 0x88, 0x1e, 0xcd, 0xf0, 0xb9,
-	0x44, 0x7a, 0x6f, 0x96, 0x8f, 0x07, 0x72, 0x0a, 0x19, 0xb0, 0x9d, 0x78, 0x41, 0x45, 0x8f, 0x67,
-	0xba, 0x4e, 0x4b, 0x4f, 0xae, 0x13, 0xf3, 0x57, 0xb3, 0x40, 0x4a, 0xbe, 0x86, 0xa1, 0x27, 0xb3,
-	0xdd, 0x1c, 0xa5, 0xf7, 0xaf, 0x95, 0xf3, 0x17, 0x3c, 0x80, 0x7c, 0xe0, 0x9a, 0x83, 0xb6, 0x26,
-	0x2f, 0x3e, 0x0c, 0x52, 0x4c, 0xba, 0x11, 0x31, 0x8c, 0xc0, 0x6c, 0xce, 0x31, 0x26, 0xaf, 0x07,
-	0x1c, 0x23, 0x66, 0x8c, 0x97, 0x53, 0xa8, 0x05, 0x77, 0x22, 0x73, 0x35, 0xda, 0x89, 0x66, 0x28,
-	0x50, 0xde, 0xa4, 0xbb, 0xf1, 0xcc, 0xf8, 0xb4, 0x45, 0x2a, 0xd0, 0x44, 0xda, 0xe2, 0xeb, 0xdc,
-	0x44, 0xda, 0x12, 0x0a, 0x99, 0x9c, 0xaa, 0xfe, 0x26, 0x03, 0x59, 0x52, 0x25, 0x50, 0x9b, 0x57,
-	0xd3, 0xd0, 0x2e, 0xb9, 0x37, 0x75, 0x08, 0x91, 0xee, 0x27, 0xb1, 0x7d, 0x67, 0x7e, 0x0a, 0xa5,
-	0x98, 0x46, 0x83, 0x1e, 0x5c, 0xd3, 0x0a, 0xa5, 0x72, 0xb2, 0x80, 0x8f, 0xfd, 0x11, 0xe4, 0xfc,
-	0x4e, 0x83, 0x36, 0xbc, 0x0c, 0x85, 0xba, 0x96, 0xb4, 0x19, 0x25, 0x07, 0xb5, 0xfd, 0xee, 0xc1,
-	0xb5, 0xa3, 0x9d, 0x88, 0x6b, 0x4f, 0x36, 0x19, 0xdf, 0xaf, 0x68, 0x7a, 0xc6, 0x7e, 0x25, 0x24,
-	0xa6, 0x9c, 0x2c, 0xe0, 0x61, 0x5f, 0x2c, 0xd2, 0x9f, 0xe3, 0x1f, 0xfe, 0x2f, 0x00, 0x00, 0xff,
-	0xff, 0x17, 0x25, 0x65, 0xbe, 0x29, 0x1f, 0x00, 0x00,
+	// 2173 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x1a, 0x4d, 0x53, 0xe3, 0xc8,
+	0x15, 0xf9, 0x0b, 0x78, 0x06, 0xd6, 0xd3, 0x30, 0x83, 0x11, 0x30, 0x03, 0x62, 0x67, 0x96, 0xfd,
+	0xf2, 0x26, 0x24, 0xd9, 0xda, 0xec, 0x90, 0x49, 0xc0, 0x28, 0xe0, 0xc5, 0x18, 0x4a, 0x18, 0xa6,
+	0x76, 0xb2, 0x29, 0xad, 0xb0, 0x1b, 0x46, 0x19, 0x23, 0x79, 0x24, 0x99, 0x1a, 0x6e, 0xa9, 0x5c,
+	0x52, 0x95, 0x5b, 0xee, 0x49, 0xa5, 0x2a, 0xc7, 0x9c, 0x73, 0x48, 0x55, 0xaa, 0xe6, 0x9c, 0xaa,
+	0xfc, 0x81, 0x9c, 0xf2, 0x03, 0x52, 0x39, 0xe6, 0x94, 0x53, 0x4a, 0xdd, 0x2d, 0xb9, 0x25, 0xb7,
+	0x64, 0x7b, 0x67, 0x6a, 0x2b, 0x27, 0xac, 0xf7, 0xdd, 0xaf, 0xdf, 0x7b, 0xfd, 0x5e, 0x37, 0x30,
+	0xdd, 0x72, 0xcd, 0x4a, 0xd7, 0xb1, 0x3d, 0x1b, 0x15, 0xfc, 0x9f, 0x37, 0xdf, 0x51, 0xee, 0xc1,
+	0xc2, 0x3e, 0xf6, 0x4e, 0x3a, 0xbd, 0x2b, 0xd3, 0xaa, 0x59, 0x97, 0xb6, 0x86, 0x5f, 0xf6, 0xb0,
+	0xeb, 0x29, 0xff, 0x90, 0xe0, 0x6e, 0x0c, 0xe1, 0x76, 0x6d, 0xcb, 0xc5, 0x08, 0x41, 0xce, 0x32,
+	0xae, 0x71, 0x59, 0x5a, 0x93, 0x36, 0xa7, 0x35, 0xf2, 0x1b, 0x3d, 0x84, 0xb9, 0x1b, 0x6c, 0xb5,
+	0x6d, 0x47, 0xbf, 0xc1, 0x8e, 0x6b, 0xda, 0x56, 0x39, 0x43, 0xb0, 0xb3, 0x14, 0x7a, 0x4e, 0x81,
+	0x68, 0x1f, 0xa6, 0xae, 0x0d, 0xcb, 0xbc, 0xc4, 0xae, 0x57, 0xce, 0xae, 0x65, 0x37, 0x8b, 0x5b,
+	0x1f, 0x56, 0xa8, 0x1d, 0x15, 0xa1, 0xae, 0xca, 0x11, 0xa3, 0x56, 0x2d, 0xcf, 0xb9, 0xd5, 0x42,
+	0x66, 0xf9, 0x31, 0xcc, 0x46, 0x50, 0xa8, 0x04, 0xd9, 0x17, 0xf8, 0x96, 0xd9, 0xe4, 0xff, 0x44,
+	0x0b, 0x90, 0xbf, 0x31, 0x3a, 0x3d, 0xcc, 0x2c, 0xa1, 0x1f, 0x9f, 0x67, 0x3e, 0x93, 0x94, 0xfb,
+	0xb0, 0x12, 0x6a, 0xab, 0x1a, 0x5d, 0xe3, 0xc2, 0xec, 0x98, 0x9e, 0x89, 0xdd, 0x60, 0xe9, 0x3f,
+	0x87, 0xd5, 0x04, 0x3c, 0xf3, 0xc0, 0x36, 0xcc, 0xb4, 0x38, 0x78, 0x39, 0x43, 0x96, 0x52, 0x0e,
+	0x96, 0x12, 0xe3, 0xbc, 0xd5, 0x22, 0xd4, 0xca, 0xdf, 0x25, 0x28, 0xc5, 0x49, 0xd0, 0x36, 0x4c,
+	0xba, 0xd8, 0xb9, 0x31, 0x5b, 0xd4, 0xaf, 0xc5, 0xad, 0xb5, 0x24, 0x69, 0x95, 0x53, 0x4a, 0x77,
+	0x30, 0xa1, 0x05, 0x2c, 0xf2, 0x4b, 0x98, 0x64, 0x50, 0xf4, 0x43, 0xc8, 0x79, 0xb7, 0x5d, 0x2a,
+	0x65, 0x6e, 0xeb, 0xe1, 0x30, 0x29, 0x95, 0xe6, 0x6d, 0x17, 0x6b, 0x84, 0x45, 0xf9, 0x10, 0x72,
+	0xfe, 0x17, 0x2a, 0xc2, 0xe4, 0x59, 0xe3, 0xb0, 0x71, 0xfc, 0xb4, 0x51, 0x9a, 0x40, 0xf7, 0x00,
+	0x55, 0x8f, 0x1b, 0x4d, 0xed, 0xb8, 0x5e, 0x57, 0x35, 0xfd, 0x54, 0xd5, 0xce, 0x6b, 0x55, 0xb5,
+	0x24, 0xed, 0x16, 0xa8, 0x1e, 0x65, 0x0e, 0x66, 0x4e, 0x1c, 0xfb, 0x02, 0x07, 0xce, 0x7b, 0x07,
+	0x66, 0xd9, 0x37, 0x75, 0x96, 0xf2, 0xcb, 0x1c, 0xcc, 0x57, 0x1d, 0x6c, 0x78, 0xf8, 0xdc, 0xee,
+	0xf4, 0xae, 0x03, 0x42, 0x61, 0x18, 0x6d, 0xc3, 0x9c, 0xef, 0xaa, 0x96, 0xe9, 0xdd, 0xea, 0x8e,
+	0x61, 0x5d, 0xd1, 0xcd, 0x2b, 0x6e, 0xdd, 0x0d, 0x96, 0x51, 0x65, 0x58, 0xcd, 0x47, 0x6a, 0xb3,
+	0x2d, 0xfe, 0x13, 0xd5, 0x60, 0xfe, 0x86, 0xa8, 0xd0, 0x23, 0xbb, 0x93, 0x8d, 0xee, 0x0e, 0xb5,
+	0x82, 0xdb, 0x1d, 0x74, 0x13, 0x85, 0x98, 0xd8, 0x45, 0x87, 0x00, 0x5d, 0xc3, 0x31, 0xae, 0xb1,
+	0x87, 0x1d, 0xb7, 0x9c, 0x8b, 0x86, 0xaa, 0x60, 0x35, 0x95, 0x93, 0x90, 0x9a, 0x86, 0x2a, 0xc7,
+	0x8e, 0x3c, 0x58, 0x6a, 0xd9, 0x96, 0xe7, 0xd8, 0x9d, 0x0e, 0x76, 0xf4, 0x16, 0xe1, 0xd6, 0x5d,
+	0xdc, 0x72, 0xb0, 0xe7, 0x96, 0xf3, 0x44, 0xf6, 0x67, 0x69, 0xb2, 0xab, 0x21, 0x33, 0xc5, 0x9e,
+	0x52, 0x56, 0xaa, 0x68, 0xb1, 0x25, 0xc6, 0xca, 0x3f, 0x82, 0x77, 0x62, 0x46, 0x8d, 0x93, 0x24,
+	0xf2, 0x17, 0xb0, 0x92, 0xa6, 0x77, 0xac, 0x84, 0x7b, 0x02, 0x0b, 0xd1, 0x75, 0xb1, 0x3c, 0x7a,
+	0x04, 0x05, 0xea, 0x7b, 0x16, 0xf3, 0x73, 0xd1, 0x3d, 0xd2, 0x18, 0x56, 0xf9, 0x53, 0x0e, 0x4a,
+	0xf1, 0x6d, 0x43, 0xdb, 0x90, 0xbf, 0xe8, 0xd8, 0xad, 0x17, 0x8c, 0xf7, 0xdd, 0xa4, 0xfd, 0xad,
+	0xec, 0xfa, 0x54, 0x14, 0x7a, 0x30, 0xa1, 0x51, 0x26, 0x9f, 0xfb, 0xda, 0xee, 0x59, 0x1e, 0x0b,
+	0xb0, 0x64, 0xee, 0x23, 0x9f, 0xaa, 0xcf, 0x4d, 0x98, 0xd0, 0x1e, 0x14, 0x8d, 0x56, 0x0b, 0xbb,
+	0xae, 0x7e, 0x6d, 0xb7, 0x71, 0x39, 0x4b, 0x64, 0x6c, 0x24, 0xca, 0xd8, 0x21, 0xb4, 0x47, 0x76,
+	0x1b, 0x6b, 0x60, 0x84, 0xbf, 0xe5, 0x59, 0x28, 0x72, 0xb6, 0xc9, 0xfb, 0x50, 0xe4, 0x94, 0xa1,
+	0x45, 0x98, 0xbc, 0x74, 0xf5, 0x30, 0x97, 0xa7, 0xb5, 0xc2, 0xa5, 0x4b, 0xd2, 0xf3, 0x01, 0x14,
+	0x89, 0x15, 0xfa, 0x65, 0xc7, 0xb8, 0xa2, 0xc5, 0x67, 0x5a, 0x03, 0x02, 0xfa, 0xa9, 0x0f, 0x91,
+	0xff, 0x2d, 0x01, 0xf4, 0x55, 0xa2, 0x6d, 0xc8, 0x11, 0x2b, 0x69, 0x45, 0xd8, 0x1c, 0xc1, 0xca,
+	0x0a, 0x31, 0x95, 0x70, 0x29, 0x7f, 0x90, 0x20, 0x47, 0xc4, 0xc4, 0xab, 0xc2, 0x69, 0xad, 0xb1,
+	0x5f, 0x57, 0xf5, 0xc6, 0xf1, 0x9e, 0xaa, 0x3f, 0xd5, 0x6a, 0x4d, 0x55, 0x2b, 0x49, 0x68, 0x19,
+	0x16, 0x79, 0xb8, 0xa6, 0xee, 0xec, 0xa9, 0x9a, 0x7e, 0xdc, 0xa8, 0x7f, 0x59, 0xca, 0x20, 0x19,
+	0xee, 0x1d, 0x9d, 0xd5, 0x9b, 0xb5, 0x41, 0x5c, 0x16, 0xad, 0x40, 0x99, 0xc3, 0x31, 0x19, 0x4c,
+	0x6c, 0xce, 0x17, 0xcb, 0x61, 0xe9, 0x4f, 0x86, 0xcc, 0xef, 0xce, 0x86, 0x9b, 0x41, 0x0a, 0xd2,
+	0x53, 0x98, 0x8d, 0x54, 0x09, 0xff, 0x6c, 0x72, 0xf0, 0xcb, 0x9e, 0xe9, 0xe0, 0xb6, 0x7e, 0x71,
+	0xeb, 0x61, 0x97, 0x78, 0x22, 0xab, 0xcd, 0x06, 0xd0, 0x5d, 0x1f, 0xe8, 0xbb, 0xb5, 0x63, 0x5e,
+	0x9b, 0x1e, 0xa3, 0xc9, 0x10, 0x1a, 0x20, 0x20, 0x42, 0xa0, 0xbc, 0x96, 0xa0, 0xc0, 0xf6, 0xe6,
+	0x21, 0x57, 0xa7, 0x22, 0x22, 0x03, 0x28, 0x15, 0x39, 0x07, 0x19, 0xb3, 0xcd, 0xd2, 0x21, 0x63,
+	0xb6, 0xd1, 0x13, 0x00, 0xc3, 0xf3, 0x1c, 0xf3, 0xa2, 0xe7, 0x85, 0x75, 0xe9, 0x7e, 0x74, 0x3f,
+	0x2a, 0x3b, 0x21, 0x01, 0x2b, 0x24, 0x7d, 0x0e, 0x3f, 0xa5, 0x63, 0xe8, 0xb1, 0xd2, 0xf0, 0x3f,
+	0x12, 0xcc, 0xef, 0xe1, 0x0e, 0x8e, 0x57, 0xe2, 0x65, 0x98, 0x66, 0x75, 0xd3, 0x6c, 0x33, 0x49,
+	0x53, 0x14, 0x50, 0x6b, 0xc7, 0x8a, 0x57, 0x9b, 0xb0, 0x87, 0xc5, 0x2b, 0x13, 0x2d, 0x5e, 0x02,
+	0xe1, 0x5c, 0xf1, 0xa2, 0xd8, 0xa4, 0xe2, 0x15, 0xc1, 0x46, 0xab, 0xcf, 0x20, 0xe3, 0x58, 0xcb,
+	0xbe, 0x07, 0x0b, 0x51, 0xc3, 0xd8, 0xc1, 0xf4, 0xd7, 0x1c, 0xdc, 0xef, 0x2b, 0x39, 0xe9, 0x5d,
+	0x74, 0x4c, 0xf7, 0xf9, 0x18, 0x9e, 0x59, 0x84, 0x49, 0xcb, 0x6e, 0x13, 0x14, 0xd5, 0x59, 0xf0,
+	0x3f, 0x6b, 0x6d, 0xa4, 0xc2, 0x9d, 0xf8, 0x39, 0x74, 0xcb, 0x6a, 0x44, 0xf2, 0x29, 0x54, 0xba,
+	0x89, 0x17, 0x38, 0x19, 0xa6, 0x1c, 0x6c, 0xb4, 0x6d, 0xab, 0x73, 0x5b, 0xce, 0xad, 0x49, 0x9b,
+	0x53, 0x5a, 0xf8, 0x8d, 0x7e, 0x25, 0x81, 0xcc, 0x6d, 0x4b, 0x97, 0x1a, 0x1f, 0x3b, 0x54, 0xf6,
+	0xc2, 0x43, 0x25, 0x75, 0x95, 0x83, 0xe8, 0xc8, 0x1e, 0x95, 0x5b, 0x09, 0x68, 0x64, 0x86, 0xeb,
+	0xe4, 0xa2, 0xba, 0x40, 0x54, 0x6f, 0x8f, 0xa8, 0x9a, 0x7e, 0xc5, 0x63, 0x9e, 0xf9, 0xa2, 0x0f,
+	0x96, 0x0f, 0x61, 0x35, 0xd5, 0xca, 0xb1, 0x8e, 0xb6, 0x2a, 0xdc, 0x15, 0xea, 0x1d, 0x2b, 0xaa,
+	0x5e, 0x4b, 0xf0, 0x20, 0x71, 0x71, 0xec, 0x7c, 0xfb, 0x19, 0xcc, 0x04, 0x3b, 0x63, 0x5a, 0x97,
+	0x76, 0x59, 0x8a, 0x9d, 0xf5, 0xe9, 0xec, 0x15, 0x06, 0xf5, 0x1b, 0x62, 0xea, 0x97, 0x62, 0xb7,
+	0x0f, 0x91, 0x9f, 0x40, 0x29, 0x4e, 0x30, 0xd6, 0x02, 0xfe, 0x9c, 0x81, 0xb5, 0xbe, 0x05, 0x67,
+	0x56, 0xf7, 0xed, 0x25, 0xc0, 0x6f, 0x24, 0x58, 0xe1, 0xa2, 0xb3, 0x67, 0xc5, 0xe3, 0x93, 0x96,
+	0xbe, 0x83, 0x41, 0x47, 0x88, 0xcd, 0x10, 0x11, 0x44, 0x62, 0x94, 0xcb, 0x85, 0x38, 0x81, 0x7c,
+	0xc4, 0xef, 0x93, 0x90, 0x7d, 0x2c, 0xb7, 0x6d, 0xc0, 0x7a, 0x8a, 0xb9, 0xac, 0xb4, 0xbc, 0xce,
+	0xc0, 0xfa, 0xb9, 0xd1, 0x31, 0xdb, 0x61, 0xcf, 0x23, 0x98, 0x33, 0xd2, 0x9d, 0x9b, 0xd0, 0xcc,
+	0x66, 0xbe, 0x41, 0x33, 0xdb, 0x11, 0xe5, 0x29, 0xdd, 0x82, 0x1f, 0x87, 0x82, 0x86, 0x59, 0x3b,
+	0x72, 0xaa, 0xbe, 0x95, 0xec, 0xfa, 0x0a, 0x94, 0x34, 0x8b, 0x58, 0x7e, 0xad, 0xc0, 0xb4, 0xdb,
+	0xeb, 0x76, 0x6d, 0xc7, 0xc3, 0xd4, 0x81, 0x53, 0x5a, 0x1f, 0x80, 0xca, 0x30, 0x79, 0x8d, 0x5d,
+	0xd7, 0xb8, 0x0a, 0xe4, 0x07, 0x9f, 0xca, 0x57, 0x80, 0xea, 0xa6, 0xcb, 0x1a, 0xad, 0x70, 0x3b,
+	0xfc, 0xbe, 0xca, 0x78, 0xa5, 0x63, 0xcb, 0x73, 0x4c, 0x76, 0xa2, 0xe7, 0x35, 0xb8, 0x36, 0x5e,
+	0xa9, 0x14, 0xe2, 0x9f, 0xfa, 0xae, 0x67, 0x38, 0x9e, 0x69, 0x5d, 0xe9, 0x9e, 0xfd, 0x02, 0x87,
+	0x43, 0x6e, 0x00, 0x6d, 0xfa, 0x40, 0xe5, 0x8f, 0x12, 0xcc, 0x47, 0xc4, 0x33, 0x6b, 0x1f, 0xc3,
+	0x64, 0x5f, 0xb6, 0xef, 0xfc, 0xf5, 0xc0, 0xf9, 0x02, 0xea, 0x0a, 0x75, 0x6f, 0xc0, 0x81, 0x56,
+	0x01, 0x2c, 0xfc, 0xca, 0x8b, 0xe8, 0x9d, 0xf6, 0x21, 0x44, 0xa7, 0xfc, 0x09, 0xe4, 0xa9, 0x93,
+	0x47, 0x6d, 0xa9, 0xff, 0x25, 0x01, 0xda, 0xc7, 0x5e, 0xd8, 0x29, 0x31, 0x1f, 0x24, 0x44, 0x9d,
+	0xf4, 0x0d, 0xa2, 0xee, 0x8b, 0xc8, 0x08, 0x45, 0xe3, 0xf6, 0x03, 0x6e, 0xda, 0x8f, 0xa9, 0x4e,
+	0x9b, 0xa0, 0xde, 0x70, 0x96, 0x51, 0xf6, 0x60, 0x3e, 0xa2, 0x90, 0x6d, 0xc8, 0xc7, 0x80, 0x8c,
+	0x1b, 0xc3, 0xec, 0x18, 0x17, 0x1d, 0xba, 0x5e, 0x1f, 0xcb, 0x3a, 0xb9, 0x3b, 0x21, 0x26, 0x60,
+	0x53, 0x14, 0xbe, 0x5e, 0x32, 0x79, 0xf1, 0xab, 0x83, 0x0e, 0x5f, 0x1d, 0x06, 0x68, 0x98, 0xde,
+	0x7d, 0xe1, 0xf5, 0xc1, 0xc6, 0x60, 0x35, 0x64, 0x33, 0x7a, 0xe2, 0x4d, 0xc2, 0xef, 0x33, 0xb0,
+	0x9c, 0x42, 0x8d, 0x1e, 0x43, 0xd6, 0xe9, 0xb6, 0x58, 0x24, 0xbc, 0x37, 0x82, 0xfc, 0x8a, 0x76,
+	0x52, 0x3d, 0x98, 0xd0, 0x7c, 0x2e, 0xf9, 0x2f, 0x12, 0x64, 0xb5, 0x93, 0x2a, 0xfa, 0x49, 0xe4,
+	0x42, 0xe1, 0xa3, 0x11, 0xa5, 0xf0, 0xf7, 0x0a, 0xb6, 0xe8, 0x5e, 0xa1, 0x0c, 0x0b, 0x55, 0x4d,
+	0xdd, 0x69, 0xaa, 0xfa, 0x9e, 0x5a, 0x57, 0x9b, 0xaa, 0x7e, 0x7e, 0x5c, 0x3f, 0x3b, 0x52, 0x4b,
+	0x92, 0x3f, 0x0a, 0x9c, 0x9c, 0xed, 0xd6, 0x6b, 0xa7, 0x07, 0xfa, 0x59, 0x23, 0xf8, 0xc5, 0xb0,
+	0x19, 0x54, 0x82, 0x99, 0x7a, 0xed, 0xb4, 0xc9, 0x00, 0xa7, 0xa5, 0xac, 0x0f, 0xd9, 0x57, 0x9b,
+	0x7a, 0x75, 0xe7, 0x64, 0xa7, 0x5a, 0x6b, 0x7e, 0x59, 0xca, 0x85, 0x77, 0x13, 0xbf, 0xcd, 0xc3,
+	0xbd, 0x86, 0xdd, 0xc6, 0xa7, 0x9e, 0x71, 0x35, 0x4e, 0xcf, 0xab, 0xc5, 0xce, 0x6d, 0xba, 0x41,
+	0x9f, 0x04, 0x4b, 0x17, 0x8b, 0x4c, 0x3f, 0xae, 0x51, 0x05, 0xe6, 0x5d, 0xcf, 0xb8, 0x22, 0xb5,
+	0xc3, 0x70, 0xae, 0xb0, 0xa7, 0x77, 0x0d, 0xef, 0x39, 0x69, 0x0b, 0xa7, 0xb5, 0x3b, 0x0c, 0xd5,
+	0x24, 0x98, 0x13, 0xc3, 0x7b, 0x2e, 0x6e, 0x22, 0x73, 0x63, 0x37, 0x91, 0x17, 0x80, 0xc8, 0x19,
+	0xed, 0x2b, 0x88, 0x5f, 0x3a, 0x7c, 0x7f, 0xc8, 0x82, 0x42, 0x70, 0xe4, 0xac, 0x2d, 0x59, 0x31,
+	0x30, 0x32, 0x92, 0xfb, 0xc0, 0x61, 0x2a, 0x46, 0x3d, 0x54, 0xde, 0xb0, 0xd9, 0xf1, 0x0f, 0x25,
+	0xe1, 0x6a, 0xbe, 0xfd, 0xbe, 0x71, 0x09, 0x16, 0x07, 0x7c, 0xc1, 0xba, 0x86, 0x2b, 0x28, 0xfb,
+	0xa8, 0x33, 0xcb, 0x1d, 0x33, 0x5e, 0x13, 0x62, 0x2b, 0x93, 0x10, 0x5b, 0xca, 0x32, 0x2c, 0x09,
+	0x14, 0x31, 0x2b, 0xfe, 0x99, 0xa7, 0x66, 0x8c, 0x3f, 0x10, 0x35, 0x85, 0x69, 0xf3, 0x5d, 0x3e,
+	0x04, 0x84, 0x43, 0xc0, 0xdb, 0x4d, 0x9c, 0x07, 0x50, 0xe4, 0xe9, 0x72, 0x84, 0x0e, 0xbc, 0x21,
+	0x99, 0x95, 0x7f, 0xa3, 0xf1, 0xac, 0x10, 0x1b, 0xcf, 0x7e, 0x01, 0x0b, 0x24, 0xeb, 0xe2, 0x7d,
+	0xef, 0x64, 0x74, 0x00, 0x48, 0xf4, 0x08, 0x87, 0x88, 0xe4, 0x1e, 0xc9, 0xe5, 0xd8, 0x14, 0xd6,
+	0x12, 0x65, 0xdf, 0x14, 0x51, 0xf4, 0xe9, 0x50, 0x45, 0xdf, 0x56, 0xfe, 0xa9, 0x34, 0xea, 0xff,
+	0x2f, 0x26, 0x37, 0x16, 0xfd, 0xc2, 0x99, 0x4b, 0x79, 0x06, 0x32, 0x4d, 0x8d, 0xf1, 0xc7, 0xa1,
+	0x58, 0xe0, 0x65, 0xe2, 0x81, 0xa7, 0xac, 0xc2, 0xb2, 0x50, 0x36, 0x53, 0x8d, 0xa0, 0xe4, 0xa3,
+	0xf7, 0xb1, 0x57, 0x6b, 0x07, 0xfd, 0xc4, 0x47, 0x70, 0x87, 0x83, 0xb1, 0xfe, 0x81, 0x9b, 0xbb,
+	0x24, 0x7e, 0xee, 0x52, 0x56, 0xa8, 0xf1, 0x09, 0xbd, 0xc9, 0xd7, 0x54, 0x7d, 0x52, 0x57, 0xb2,
+	0x13, 0xeb, 0x4a, 0x68, 0xcf, 0xb7, 0x1a, 0x29, 0xe0, 0x43, 0xfa, 0x91, 0xbf, 0x49, 0xac, 0xcc,
+	0x0e, 0x74, 0x22, 0x3f, 0xe0, 0x3b, 0x91, 0xf5, 0x54, 0x99, 0x7c, 0x0f, 0xd2, 0xa5, 0x2d, 0xc8,
+	0xe7, 0x91, 0x16, 0xe4, 0xd1, 0x50, 0x76, 0xbe, 0xf9, 0xf8, 0x38, 0xa1, 0xf9, 0x38, 0x6d, 0xee,
+	0xec, 0xab, 0xfa, 0x59, 0x83, 0xfe, 0x0d, 0x9a, 0x8f, 0xa0, 0x75, 0xd8, 0xfa, 0xaf, 0x04, 0x53,
+	0xb5, 0x36, 0xb6, 0x3c, 0xdf, 0xfa, 0x06, 0xcc, 0x46, 0x9e, 0xa7, 0xd0, 0x4a, 0xc2, 0xab, 0x15,
+	0x71, 0xb4, 0xbc, 0x9a, 0xfa, 0xa6, 0xa5, 0x4c, 0xa0, 0x4b, 0xee, 0x69, 0x2d, 0xd2, 0x33, 0xbf,
+	0x3b, 0xc0, 0x29, 0xd8, 0x48, 0xf9, 0xe1, 0x10, 0xaa, 0x50, 0xcf, 0xa7, 0x90, 0x27, 0x6f, 0x31,
+	0x68, 0x21, 0x7c, 0x06, 0xe2, 0x9e, 0x6a, 0xe4, 0xbb, 0x31, 0x68, 0xc0, 0xb7, 0xf5, 0xeb, 0x02,
+	0x40, 0xbf, 0xbf, 0x43, 0x87, 0x30, 0xc3, 0x5f, 0xdf, 0xa3, 0xe5, 0x94, 0xc7, 0x0a, 0x79, 0x45,
+	0x8c, 0x0c, 0x6d, 0x3a, 0x84, 0x19, 0xfe, 0x36, 0xae, 0x2f, 0x4c, 0x70, 0x79, 0xd8, 0x17, 0x26,
+	0xbc, 0xc0, 0x9b, 0x40, 0x1d, 0x58, 0x4c, 0xb8, 0x44, 0x41, 0x8f, 0x46, 0xbb, 0x81, 0x92, 0xdf,
+	0x1b, 0xf1, 0x36, 0x46, 0x99, 0x40, 0x0e, 0x2c, 0x25, 0x8e, 0xfe, 0x68, 0x73, 0xd4, 0xcb, 0x0c,
+	0xf9, 0xfd, 0x11, 0x28, 0x43, 0x9d, 0x3d, 0x90, 0x93, 0x07, 0x61, 0xf4, 0xfe, 0xc8, 0xe3, 0xbb,
+	0xfc, 0xc1, 0x28, 0xa4, 0xa1, 0xda, 0x03, 0x28, 0x72, 0x43, 0x29, 0x92, 0x85, 0x93, 0x2a, 0x15,
+	0xbc, 0x9c, 0x32, 0xc5, 0x52, 0x49, 0xdc, 0xec, 0xd5, 0x97, 0x34, 0x38, 0x01, 0xf6, 0x25, 0x09,
+	0x86, 0xb5, 0xb8, 0xfb, 0x63, 0x55, 0x4c, 0xe4, 0x7e, 0x71, 0x19, 0x14, 0xb9, 0x3f, 0xa1, 0x24,
+	0x2a, 0x13, 0x5b, 0xbf, 0xcb, 0x41, 0xce, 0x2f, 0x33, 0xa8, 0x09, 0xef, 0xc4, 0xda, 0x36, 0x74,
+	0x3f, 0xbd, 0xb7, 0x95, 0x1f, 0x24, 0xe2, 0xc3, 0x25, 0x3d, 0xa3, 0xe5, 0x3d, 0xd2, 0x88, 0xa1,
+	0x35, 0x9e, 0x4f, 0xd4, 0x0c, 0xca, 0xeb, 0x29, 0x14, 0x71, 0xd9, 0xd1, 0xac, 0x58, 0x1b, 0xd6,
+	0x11, 0x44, 0x65, 0x27, 0x65, 0xc2, 0xd7, 0x30, 0x2f, 0x38, 0xc9, 0x90, 0x12, 0xb5, 0x4b, 0x18,
+	0xfd, 0x1b, 0xa9, 0x34, 0xa1, 0x86, 0x5d, 0x98, 0x0e, 0x0f, 0x3e, 0x54, 0xe6, 0x79, 0xf8, 0xf3,
+	0x51, 0x5e, 0x12, 0x60, 0xe2, 0x56, 0xc6, 0x43, 0x45, 0x89, 0xf1, 0x88, 0x82, 0x64, 0x23, 0x95,
+	0x26, 0xd0, 0xb0, 0x9b, 0x7f, 0x96, 0x6d, 0xb9, 0xe6, 0x45, 0x81, 0xfc, 0x4b, 0xc5, 0xf7, 0xfe,
+	0x17, 0x00, 0x00, 0xff, 0xff, 0x69, 0xaa, 0xdb, 0x41, 0x5f, 0x21, 0x00, 0x00,
 }
diff --git a/vendor/github.com/containerd/console/.travis.yml b/vendor/github.com/containerd/console/.travis.yml
new file mode 100644
index 000000000000..ba93012c7676
--- /dev/null
+++ b/vendor/github.com/containerd/console/.travis.yml
@@ -0,0 +1,17 @@
+language: go
+go:
+  - 1.9.x
+  - tip
+
+go_import_path: github.com/containerd/console
+
+install:
+  - go get -d
+  - GOOS=windows go get -d
+  - GOOS=solaris go get -d
+
+script:
+  - go test -race
+  - GOOS=windows go test
+  - GOOS=solaris go build
+  - GOOS=solaris go test -c
diff --git a/vendor/github.com/docker/docker/pkg/symlink/LICENSE.APACHE b/vendor/github.com/containerd/console/LICENSE
similarity index 94%
rename from vendor/github.com/docker/docker/pkg/symlink/LICENSE.APACHE
rename to vendor/github.com/containerd/console/LICENSE
index b9fbf3c98fb5..261eeb9e9f8b 100644
--- a/vendor/github.com/docker/docker/pkg/symlink/LICENSE.APACHE
+++ b/vendor/github.com/containerd/console/LICENSE
@@ -1,4 +1,3 @@
-
                                  Apache License
                            Version 2.0, January 2004
                         http://www.apache.org/licenses/
@@ -176,7 +175,18 @@
 
    END OF TERMS AND CONDITIONS
 
-   Copyright 2014-2017 Docker, Inc.
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.
diff --git a/vendor/github.com/containerd/console/README.md b/vendor/github.com/containerd/console/README.md
new file mode 100644
index 000000000000..4c56d9d134a9
--- /dev/null
+++ b/vendor/github.com/containerd/console/README.md
@@ -0,0 +1,17 @@
+# console
+
+[![Build Status](https://travis-ci.org/containerd/console.svg?branch=master)](https://travis-ci.org/containerd/console)
+
+Golang package for dealing with consoles.  Light on deps and a simple API.
+
+## Modifying the current process
+
+```go
+current := console.Current()
+defer current.Reset()
+
+if err := current.SetRaw(); err != nil {
+}
+ws, err := current.Size()
+current.Resize(ws)
+```
diff --git a/vendor/github.com/containerd/console/console.go b/vendor/github.com/containerd/console/console.go
new file mode 100644
index 000000000000..bf2798fda37d
--- /dev/null
+++ b/vendor/github.com/containerd/console/console.go
@@ -0,0 +1,62 @@
+package console
+
+import (
+	"errors"
+	"io"
+	"os"
+)
+
+var ErrNotAConsole = errors.New("provided file is not a console")
+
+type Console interface {
+	io.Reader
+	io.Writer
+	io.Closer
+
+	// Resize resizes the console to the provided window size
+	Resize(WinSize) error
+	// ResizeFrom resizes the calling console to the size of the
+	// provided console
+	ResizeFrom(Console) error
+	// SetRaw sets the console in raw mode
+	SetRaw() error
+	// DisableEcho disables echo on the console
+	DisableEcho() error
+	// Reset restores the console to its orignal state
+	Reset() error
+	// Size returns the window size of the console
+	Size() (WinSize, error)
+	// Fd returns the console's file descriptor
+	Fd() uintptr
+	// Name returns the console's file name
+	Name() string
+}
+
+// WinSize specifies the window size of the console
+type WinSize struct {
+	// Height of the console
+	Height uint16
+	// Width of the console
+	Width uint16
+	x     uint16
+	y     uint16
+}
+
+// Current returns the current processes console
+func Current() Console {
+	c, err := ConsoleFromFile(os.Stdin)
+	if err != nil {
+		// stdin should always be a console for the design
+		// of this function
+		panic(err)
+	}
+	return c
+}
+
+// ConsoleFromFile returns a console using the provided file
+func ConsoleFromFile(f *os.File) (Console, error) {
+	if err := checkConsole(f); err != nil {
+		return nil, err
+	}
+	return newMaster(f)
+}
diff --git a/vendor/github.com/containerd/console/console_linux.go b/vendor/github.com/containerd/console/console_linux.go
new file mode 100644
index 000000000000..c963729296d7
--- /dev/null
+++ b/vendor/github.com/containerd/console/console_linux.go
@@ -0,0 +1,255 @@
+// +build linux
+
+package console
+
+import (
+	"io"
+	"os"
+	"sync"
+
+	"golang.org/x/sys/unix"
+)
+
+const (
+	maxEvents = 128
+)
+
+// Epoller manages multiple epoll consoles using edge-triggered epoll api so we
+// dont have to deal with repeated wake-up of EPOLLER or EPOLLHUP.
+// For more details, see:
+// - https://github.com/systemd/systemd/pull/4262
+// - https://github.com/moby/moby/issues/27202
+//
+// Example usage of Epoller and EpollConsole can be as follow:
+//
+//	epoller, _ := NewEpoller()
+//	epollConsole, _ := epoller.Add(console)
+//	go epoller.Wait()
+//	var (
+//		b  bytes.Buffer
+//		wg sync.WaitGroup
+//	)
+//	wg.Add(1)
+//	go func() {
+//		io.Copy(&b, epollConsole)
+//		wg.Done()
+//	}()
+//	// perform I/O on the console
+//	epollConsole.Shutdown(epoller.CloseConsole)
+//	wg.Wait()
+//	epollConsole.Close()
+type Epoller struct {
+	efd       int
+	mu        sync.Mutex
+	fdMapping map[int]*EpollConsole
+}
+
+// NewEpoller returns an instance of epoller with a valid epoll fd.
+func NewEpoller() (*Epoller, error) {
+	efd, err := unix.EpollCreate1(unix.EPOLL_CLOEXEC)
+	if err != nil {
+		return nil, err
+	}
+	return &Epoller{
+		efd:       efd,
+		fdMapping: make(map[int]*EpollConsole),
+	}, nil
+}
+
+// Add creates a epoll console based on the provided console. The console will
+// be registered with EPOLLET (i.e. using edge-triggered notification) and its
+// file descriptor will be set to non-blocking mode. After this, user should use
+// the return console to perform I/O.
+func (e *Epoller) Add(console Console) (*EpollConsole, error) {
+	sysfd := int(console.Fd())
+	// Set sysfd to non-blocking mode
+	if err := unix.SetNonblock(sysfd, true); err != nil {
+		return nil, err
+	}
+
+	ev := unix.EpollEvent{
+		Events: unix.EPOLLIN | unix.EPOLLOUT | unix.EPOLLRDHUP | unix.EPOLLET,
+		Fd:     int32(sysfd),
+	}
+	if err := unix.EpollCtl(e.efd, unix.EPOLL_CTL_ADD, sysfd, &ev); err != nil {
+		return nil, err
+	}
+	ef := &EpollConsole{
+		Console: console,
+		sysfd:   sysfd,
+		readc:   sync.NewCond(&sync.Mutex{}),
+		writec:  sync.NewCond(&sync.Mutex{}),
+	}
+	e.mu.Lock()
+	e.fdMapping[sysfd] = ef
+	e.mu.Unlock()
+	return ef, nil
+}
+
+// Wait starts the loop to wait for its consoles' notifications and signal
+// appropriate console that it can perform I/O.
+func (e *Epoller) Wait() error {
+	events := make([]unix.EpollEvent, maxEvents)
+	for {
+		n, err := unix.EpollWait(e.efd, events, -1)
+		if err != nil {
+			// EINTR: The call was interrupted by a signal handler before either
+			// any of the requested events occurred or the timeout expired
+			if err == unix.EINTR {
+				continue
+			}
+			return err
+		}
+		for i := 0; i < n; i++ {
+			ev := &events[i]
+			// the console is ready to be read from
+			if ev.Events&(unix.EPOLLIN|unix.EPOLLHUP|unix.EPOLLERR) != 0 {
+				if epfile := e.getConsole(int(ev.Fd)); epfile != nil {
+					epfile.signalRead()
+				}
+			}
+			// the console is ready to be written to
+			if ev.Events&(unix.EPOLLOUT|unix.EPOLLHUP|unix.EPOLLERR) != 0 {
+				if epfile := e.getConsole(int(ev.Fd)); epfile != nil {
+					epfile.signalWrite()
+				}
+			}
+		}
+	}
+}
+
+// Close unregister the console's file descriptor from epoll interface
+func (e *Epoller) CloseConsole(fd int) error {
+	e.mu.Lock()
+	defer e.mu.Unlock()
+	delete(e.fdMapping, fd)
+	return unix.EpollCtl(e.efd, unix.EPOLL_CTL_DEL, fd, &unix.EpollEvent{})
+}
+
+func (e *Epoller) getConsole(sysfd int) *EpollConsole {
+	e.mu.Lock()
+	f := e.fdMapping[sysfd]
+	e.mu.Unlock()
+	return f
+}
+
+// Close the epoll fd
+func (e *Epoller) Close() error {
+	return unix.Close(e.efd)
+}
+
+// EpollConsole acts like a console but register its file descriptor with a
+// epoll fd and uses epoll API to perform I/O.
+type EpollConsole struct {
+	Console
+	readc  *sync.Cond
+	writec *sync.Cond
+	sysfd  int
+	closed bool
+}
+
+// Read reads up to len(p) bytes into p. It returns the number of bytes read
+// (0 <= n <= len(p)) and any error encountered.
+//
+// If the console's read returns EAGAIN or EIO, we assumes that its a
+// temporary error because the other side went away and wait for the signal
+// generated by epoll event to continue.
+func (ec *EpollConsole) Read(p []byte) (n int, err error) {
+	var read int
+	ec.readc.L.Lock()
+	defer ec.readc.L.Unlock()
+	for {
+		read, err = ec.Console.Read(p[n:])
+		n += read
+		if err != nil {
+			var hangup bool
+			if perr, ok := err.(*os.PathError); ok {
+				hangup = (perr.Err == unix.EAGAIN || perr.Err == unix.EIO)
+			} else {
+				hangup = (err == unix.EAGAIN || err == unix.EIO)
+			}
+			// if the other end disappear, assume this is temporary and wait for the
+			// signal to continue again. Unless we didnt read anything and the
+			// console is already marked as closed then we should exit
+			if hangup && !(n == 0 && len(p) > 0 && ec.closed) {
+				ec.readc.Wait()
+				continue
+			}
+		}
+		break
+	}
+	// if we didnt read anything then return io.EOF to end gracefully
+	if n == 0 && len(p) > 0 && err == nil {
+		err = io.EOF
+	}
+	// signal for others that we finished the read
+	ec.readc.Signal()
+	return n, err
+}
+
+// Writes len(p) bytes from p to the console. It returns the number of bytes
+// written from p (0 <= n <= len(p)) and any error encountered that caused
+// the write to stop early.
+//
+// If writes to the console returns EAGAIN or EIO, we assumes that its a
+// temporary error because the other side went away and wait for the signal
+// generated by epoll event to continue.
+func (ec *EpollConsole) Write(p []byte) (n int, err error) {
+	var written int
+	ec.writec.L.Lock()
+	defer ec.writec.L.Unlock()
+	for {
+		written, err = ec.Console.Write(p[n:])
+		n += written
+		if err != nil {
+			var hangup bool
+			if perr, ok := err.(*os.PathError); ok {
+				hangup = (perr.Err == unix.EAGAIN || perr.Err == unix.EIO)
+			} else {
+				hangup = (err == unix.EAGAIN || err == unix.EIO)
+			}
+			// if the other end disappear, assume this is temporary and wait for the
+			// signal to continue again.
+			if hangup {
+				ec.writec.Wait()
+				continue
+			}
+		}
+		// unrecoverable error, break the loop and return the error
+		break
+	}
+	if n < len(p) && err == nil {
+		err = io.ErrShortWrite
+	}
+	// signal for others that we finished the write
+	ec.writec.Signal()
+	return n, err
+}
+
+// Close closed the file descriptor and signal call waiters for this fd.
+// It accepts a callback which will be called with the console's fd. The
+// callback typically will be used to do further cleanup such as unregister the
+// console's fd from the epoll interface.
+// User should call Shutdown and wait for all I/O operation to be finished
+// before closing the console.
+func (ec *EpollConsole) Shutdown(close func(int) error) error {
+	ec.readc.L.Lock()
+	defer ec.readc.L.Unlock()
+	ec.writec.L.Lock()
+	defer ec.writec.L.Unlock()
+
+	ec.readc.Broadcast()
+	ec.writec.Broadcast()
+	ec.closed = true
+	return close(ec.sysfd)
+}
+
+// signalRead signals that the console is readable.
+func (ec *EpollConsole) signalRead() {
+	ec.readc.Signal()
+}
+
+// signalWrite signals that the console is writable.
+func (ec *EpollConsole) signalWrite() {
+	ec.writec.Signal()
+}
diff --git a/vendor/github.com/containerd/console/console_unix.go b/vendor/github.com/containerd/console/console_unix.go
new file mode 100644
index 000000000000..118c8c3abfd2
--- /dev/null
+++ b/vendor/github.com/containerd/console/console_unix.go
@@ -0,0 +1,142 @@
+// +build darwin freebsd linux solaris
+
+package console
+
+import (
+	"os"
+
+	"golang.org/x/sys/unix"
+)
+
+// NewPty creates a new pty pair
+// The master is returned as the first console and a string
+// with the path to the pty slave is returned as the second
+func NewPty() (Console, string, error) {
+	f, err := os.OpenFile("/dev/ptmx", unix.O_RDWR|unix.O_NOCTTY|unix.O_CLOEXEC, 0)
+	if err != nil {
+		return nil, "", err
+	}
+	slave, err := ptsname(f)
+	if err != nil {
+		return nil, "", err
+	}
+	if err := unlockpt(f); err != nil {
+		return nil, "", err
+	}
+	m, err := newMaster(f)
+	if err != nil {
+		return nil, "", err
+	}
+	return m, slave, nil
+}
+
+type master struct {
+	f        *os.File
+	original *unix.Termios
+}
+
+func (m *master) Read(b []byte) (int, error) {
+	return m.f.Read(b)
+}
+
+func (m *master) Write(b []byte) (int, error) {
+	return m.f.Write(b)
+}
+
+func (m *master) Close() error {
+	return m.f.Close()
+}
+
+func (m *master) Resize(ws WinSize) error {
+	return tcswinsz(m.f.Fd(), ws)
+}
+
+func (m *master) ResizeFrom(c Console) error {
+	ws, err := c.Size()
+	if err != nil {
+		return err
+	}
+	return m.Resize(ws)
+}
+
+func (m *master) Reset() error {
+	if m.original == nil {
+		return nil
+	}
+	return tcset(m.f.Fd(), m.original)
+}
+
+func (m *master) getCurrent() (unix.Termios, error) {
+	var termios unix.Termios
+	if err := tcget(m.f.Fd(), &termios); err != nil {
+		return unix.Termios{}, err
+	}
+	return termios, nil
+}
+
+func (m *master) SetRaw() error {
+	rawState, err := m.getCurrent()
+	if err != nil {
+		return err
+	}
+	rawState = cfmakeraw(rawState)
+	rawState.Oflag = rawState.Oflag | unix.OPOST
+	return tcset(m.f.Fd(), &rawState)
+}
+
+func (m *master) DisableEcho() error {
+	rawState, err := m.getCurrent()
+	if err != nil {
+		return err
+	}
+	rawState.Lflag = rawState.Lflag &^ unix.ECHO
+	return tcset(m.f.Fd(), &rawState)
+}
+
+func (m *master) Size() (WinSize, error) {
+	return tcgwinsz(m.f.Fd())
+}
+
+func (m *master) Fd() uintptr {
+	return m.f.Fd()
+}
+
+func (m *master) Name() string {
+	return m.f.Name()
+}
+
+// checkConsole checks if the provided file is a console
+func checkConsole(f *os.File) error {
+	var termios unix.Termios
+	if tcget(f.Fd(), &termios) != nil {
+		return ErrNotAConsole
+	}
+	return nil
+}
+
+func newMaster(f *os.File) (Console, error) {
+	m := &master{
+		f: f,
+	}
+	t, err := m.getCurrent()
+	if err != nil {
+		return nil, err
+	}
+	m.original = &t
+	return m, nil
+}
+
+// ClearONLCR sets the necessary tty_ioctl(4)s to ensure that a pty pair
+// created by us acts normally. In particular, a not-very-well-known default of
+// Linux unix98 ptys is that they have +onlcr by default. While this isn't a
+// problem for terminal emulators, because we relay data from the terminal we
+// also relay that funky line discipline.
+func ClearONLCR(fd uintptr) error {
+	return setONLCR(fd, false)
+}
+
+// SetONLCR sets the necessary tty_ioctl(4)s to ensure that a pty pair
+// created by us acts as intended for a terminal emulator.
+func SetONLCR(fd uintptr) error {
+	return setONLCR(fd, true)
+}
diff --git a/vendor/github.com/containerd/console/console_windows.go b/vendor/github.com/containerd/console/console_windows.go
new file mode 100644
index 000000000000..d78a0b8419be
--- /dev/null
+++ b/vendor/github.com/containerd/console/console_windows.go
@@ -0,0 +1,200 @@
+package console
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/pkg/errors"
+	"golang.org/x/sys/windows"
+)
+
+var (
+	vtInputSupported  bool
+	ErrNotImplemented = errors.New("not implemented")
+)
+
+func (m *master) initStdios() {
+	m.in = windows.Handle(os.Stdin.Fd())
+	if err := windows.GetConsoleMode(m.in, &m.inMode); err == nil {
+		// Validate that windows.ENABLE_VIRTUAL_TERMINAL_INPUT is supported, but do not set it.
+		if err = windows.SetConsoleMode(m.in, m.inMode|windows.ENABLE_VIRTUAL_TERMINAL_INPUT); err == nil {
+			vtInputSupported = true
+		}
+		// Unconditionally set the console mode back even on failure because SetConsoleMode
+		// remembers invalid bits on input handles.
+		windows.SetConsoleMode(m.in, m.inMode)
+	} else {
+		fmt.Printf("failed to get console mode for stdin: %v\n", err)
+	}
+
+	m.out = windows.Handle(os.Stdout.Fd())
+	if err := windows.GetConsoleMode(m.out, &m.outMode); err == nil {
+		if err := windows.SetConsoleMode(m.out, m.outMode|windows.ENABLE_VIRTUAL_TERMINAL_PROCESSING); err == nil {
+			m.outMode |= windows.ENABLE_VIRTUAL_TERMINAL_PROCESSING
+		} else {
+			windows.SetConsoleMode(m.out, m.outMode)
+		}
+	} else {
+		fmt.Printf("failed to get console mode for stdout: %v\n", err)
+	}
+
+	m.err = windows.Handle(os.Stderr.Fd())
+	if err := windows.GetConsoleMode(m.err, &m.errMode); err == nil {
+		if err := windows.SetConsoleMode(m.err, m.errMode|windows.ENABLE_VIRTUAL_TERMINAL_PROCESSING); err == nil {
+			m.errMode |= windows.ENABLE_VIRTUAL_TERMINAL_PROCESSING
+		} else {
+			windows.SetConsoleMode(m.err, m.errMode)
+		}
+	} else {
+		fmt.Printf("failed to get console mode for stderr: %v\n", err)
+	}
+}
+
+type master struct {
+	in     windows.Handle
+	inMode uint32
+
+	out     windows.Handle
+	outMode uint32
+
+	err     windows.Handle
+	errMode uint32
+}
+
+func (m *master) SetRaw() error {
+	if err := makeInputRaw(m.in, m.inMode); err != nil {
+		return err
+	}
+
+	// Set StdOut and StdErr to raw mode, we ignore failures since
+	// windows.DISABLE_NEWLINE_AUTO_RETURN might not be supported on this version of
+	// Windows.
+
+	windows.SetConsoleMode(m.out, m.outMode|windows.DISABLE_NEWLINE_AUTO_RETURN)
+
+	windows.SetConsoleMode(m.err, m.errMode|windows.DISABLE_NEWLINE_AUTO_RETURN)
+
+	return nil
+}
+
+func (m *master) Reset() error {
+	for _, s := range []struct {
+		fd   windows.Handle
+		mode uint32
+	}{
+		{m.in, m.inMode},
+		{m.out, m.outMode},
+		{m.err, m.errMode},
+	} {
+		if err := windows.SetConsoleMode(s.fd, s.mode); err != nil {
+			return errors.Wrap(err, "unable to restore console mode")
+		}
+	}
+
+	return nil
+}
+
+func (m *master) Size() (WinSize, error) {
+	var info windows.ConsoleScreenBufferInfo
+	err := windows.GetConsoleScreenBufferInfo(m.out, &info)
+	if err != nil {
+		return WinSize{}, errors.Wrap(err, "unable to get console info")
+	}
+
+	winsize := WinSize{
+		Width:  uint16(info.Window.Right - info.Window.Left + 1),
+		Height: uint16(info.Window.Bottom - info.Window.Top + 1),
+	}
+
+	return winsize, nil
+}
+
+func (m *master) Resize(ws WinSize) error {
+	return ErrNotImplemented
+}
+
+func (m *master) ResizeFrom(c Console) error {
+	return ErrNotImplemented
+}
+
+func (m *master) DisableEcho() error {
+	mode := m.inMode &^ windows.ENABLE_ECHO_INPUT
+	mode |= windows.ENABLE_PROCESSED_INPUT
+	mode |= windows.ENABLE_LINE_INPUT
+
+	if err := windows.SetConsoleMode(m.in, mode); err != nil {
+		return errors.Wrap(err, "unable to set console to disable echo")
+	}
+
+	return nil
+}
+
+func (m *master) Close() error {
+	return nil
+}
+
+func (m *master) Read(b []byte) (int, error) {
+	panic("not implemented on windows")
+}
+
+func (m *master) Write(b []byte) (int, error) {
+	panic("not implemented on windows")
+}
+
+func (m *master) Fd() uintptr {
+	return uintptr(m.in)
+}
+
+// on windows, console can only be made from os.Std{in,out,err}, hence there
+// isnt a single name here we can use. Return a dummy "console" value in this
+// case should be sufficient.
+func (m *master) Name() string {
+	return "console"
+}
+
+// makeInputRaw puts the terminal (Windows Console) connected to the given
+// file descriptor into raw mode
+func makeInputRaw(fd windows.Handle, mode uint32) error {
+	// See
+	// -- https://msdn.microsoft.com/en-us/library/windows/desktop/ms686033(v=vs.85).aspx
+	// -- https://msdn.microsoft.com/en-us/library/windows/desktop/ms683462(v=vs.85).aspx
+
+	// Disable these modes
+	mode &^= windows.ENABLE_ECHO_INPUT
+	mode &^= windows.ENABLE_LINE_INPUT
+	mode &^= windows.ENABLE_MOUSE_INPUT
+	mode &^= windows.ENABLE_WINDOW_INPUT
+	mode &^= windows.ENABLE_PROCESSED_INPUT
+
+	// Enable these modes
+	mode |= windows.ENABLE_EXTENDED_FLAGS
+	mode |= windows.ENABLE_INSERT_MODE
+	mode |= windows.ENABLE_QUICK_EDIT_MODE
+
+	if vtInputSupported {
+		mode |= windows.ENABLE_VIRTUAL_TERMINAL_INPUT
+	}
+
+	if err := windows.SetConsoleMode(fd, mode); err != nil {
+		return errors.Wrap(err, "unable to set console to raw mode")
+	}
+
+	return nil
+}
+
+func checkConsole(f *os.File) error {
+	var mode uint32
+	if err := windows.GetConsoleMode(windows.Handle(f.Fd()), &mode); err != nil {
+		return err
+	}
+	return nil
+}
+
+func newMaster(f *os.File) (Console, error) {
+	if f != os.Stdin && f != os.Stdout && f != os.Stderr {
+		return nil, errors.New("creating a console from a file is not supported on windows")
+	}
+	m := &master{}
+	m.initStdios()
+	return m, nil
+}
diff --git a/vendor/github.com/containerd/console/tc_darwin.go b/vendor/github.com/containerd/console/tc_darwin.go
new file mode 100644
index 000000000000..b102bad743a0
--- /dev/null
+++ b/vendor/github.com/containerd/console/tc_darwin.go
@@ -0,0 +1,37 @@
+package console
+
+import (
+	"fmt"
+	"os"
+	"unsafe"
+
+	"golang.org/x/sys/unix"
+)
+
+const (
+	cmdTcGet = unix.TIOCGETA
+	cmdTcSet = unix.TIOCSETA
+)
+
+func ioctl(fd, flag, data uintptr) error {
+	if _, _, err := unix.Syscall(unix.SYS_IOCTL, fd, flag, data); err != 0 {
+		return err
+	}
+	return nil
+}
+
+// unlockpt unlocks the slave pseudoterminal device corresponding to the master pseudoterminal referred to by f.
+// unlockpt should be called before opening the slave side of a pty.
+func unlockpt(f *os.File) error {
+	var u int32
+	return ioctl(f.Fd(), unix.TIOCPTYUNLK, uintptr(unsafe.Pointer(&u)))
+}
+
+// ptsname retrieves the name of the first available pts for the given master.
+func ptsname(f *os.File) (string, error) {
+	n, err := unix.IoctlGetInt(int(f.Fd()), unix.TIOCPTYGNAME)
+	if err != nil {
+		return "", err
+	}
+	return fmt.Sprintf("/dev/pts/%d", n), nil
+}
diff --git a/vendor/github.com/containerd/console/tc_freebsd.go b/vendor/github.com/containerd/console/tc_freebsd.go
new file mode 100644
index 000000000000..e2a10e4413c3
--- /dev/null
+++ b/vendor/github.com/containerd/console/tc_freebsd.go
@@ -0,0 +1,29 @@
+package console
+
+import (
+	"fmt"
+	"os"
+
+	"golang.org/x/sys/unix"
+)
+
+const (
+	cmdTcGet = unix.TIOCGETA
+	cmdTcSet = unix.TIOCSETA
+)
+
+// unlockpt unlocks the slave pseudoterminal device corresponding to the master pseudoterminal referred to by f.
+// unlockpt should be called before opening the slave side of a pty.
+// This does not exist on FreeBSD, it does not allocate controlling terminals on open
+func unlockpt(f *os.File) error {
+	return nil
+}
+
+// ptsname retrieves the name of the first available pts for the given master.
+func ptsname(f *os.File) (string, error) {
+	n, err := unix.IoctlGetInt(int(f.Fd()), unix.TIOCGPTN)
+	if err != nil {
+		return "", err
+	}
+	return fmt.Sprintf("/dev/pts/%d", n), nil
+}
diff --git a/vendor/github.com/containerd/console/tc_linux.go b/vendor/github.com/containerd/console/tc_linux.go
new file mode 100644
index 000000000000..80ef2f6fb39f
--- /dev/null
+++ b/vendor/github.com/containerd/console/tc_linux.go
@@ -0,0 +1,37 @@
+package console
+
+import (
+	"fmt"
+	"os"
+	"unsafe"
+
+	"golang.org/x/sys/unix"
+)
+
+const (
+	cmdTcGet = unix.TCGETS
+	cmdTcSet = unix.TCSETS
+)
+
+func ioctl(fd, flag, data uintptr) error {
+	if _, _, err := unix.Syscall(unix.SYS_IOCTL, fd, flag, data); err != 0 {
+		return err
+	}
+	return nil
+}
+
+// unlockpt unlocks the slave pseudoterminal device corresponding to the master pseudoterminal referred to by f.
+// unlockpt should be called before opening the slave side of a pty.
+func unlockpt(f *os.File) error {
+	var u int32
+	return ioctl(f.Fd(), unix.TIOCSPTLCK, uintptr(unsafe.Pointer(&u)))
+}
+
+// ptsname retrieves the name of the first available pts for the given master.
+func ptsname(f *os.File) (string, error) {
+	n, err := unix.IoctlGetInt(int(f.Fd()), unix.TIOCGPTN)
+	if err != nil {
+		return "", err
+	}
+	return fmt.Sprintf("/dev/pts/%d", n), nil
+}
diff --git a/vendor/github.com/containerd/console/tc_solaris_cgo.go b/vendor/github.com/containerd/console/tc_solaris_cgo.go
new file mode 100644
index 000000000000..f8066d8e3982
--- /dev/null
+++ b/vendor/github.com/containerd/console/tc_solaris_cgo.go
@@ -0,0 +1,35 @@
+// +build solaris,cgo
+
+package console
+
+import (
+	"os"
+
+	"golang.org/x/sys/unix"
+)
+
+//#include <stdlib.h>
+import "C"
+
+const (
+	cmdTcGet = unix.TCGETS
+	cmdTcSet = unix.TCSETS
+)
+
+// ptsname retrieves the name of the first available pts for the given master.
+func ptsname(f *os.File) (string, error) {
+	ptspath, err := C.ptsname(C.int(f.Fd()))
+	if err != nil {
+		return "", err
+	}
+	return C.GoString(ptspath), nil
+}
+
+// unlockpt unlocks the slave pseudoterminal device corresponding to the master pseudoterminal referred to by f.
+// unlockpt should be called before opening the slave side of a pty.
+func unlockpt(f *os.File) error {
+	if _, err := C.grantpt(C.int(f.Fd())); err != nil {
+		return err
+	}
+	return nil
+}
diff --git a/vendor/github.com/containerd/console/tc_solaris_nocgo.go b/vendor/github.com/containerd/console/tc_solaris_nocgo.go
new file mode 100644
index 000000000000..0aefa0d2bb12
--- /dev/null
+++ b/vendor/github.com/containerd/console/tc_solaris_nocgo.go
@@ -0,0 +1,31 @@
+// +build solaris,!cgo
+
+//
+// Implementing the functions below requires cgo support.  Non-cgo stubs
+// versions are defined below to enable cross-compilation of source code
+// that depends on these functions, but the resultant cross-compiled
+// binaries cannot actually be used.  If the stub function(s) below are
+// actually invoked they will display an error message and cause the
+// calling process to exit.
+//
+
+package console
+
+import (
+	"os"
+
+	"golang.org/x/sys/unix"
+)
+
+const (
+	cmdTcGet = unix.TCGETS
+	cmdTcSet = unix.TCSETS
+)
+
+func ptsname(f *os.File) (string, error) {
+	panic("ptsname() support requires cgo.")
+}
+
+func unlockpt(f *os.File) error {
+	panic("unlockpt() support requires cgo.")
+}
diff --git a/vendor/github.com/containerd/console/tc_unix.go b/vendor/github.com/containerd/console/tc_unix.go
new file mode 100644
index 000000000000..df7dcb933420
--- /dev/null
+++ b/vendor/github.com/containerd/console/tc_unix.go
@@ -0,0 +1,75 @@
+// +build darwin freebsd linux solaris
+
+package console
+
+import (
+	"golang.org/x/sys/unix"
+)
+
+func tcget(fd uintptr, p *unix.Termios) error {
+	termios, err := unix.IoctlGetTermios(int(fd), cmdTcGet)
+	if err != nil {
+		return err
+	}
+	*p = *termios
+	return nil
+}
+
+func tcset(fd uintptr, p *unix.Termios) error {
+	return unix.IoctlSetTermios(int(fd), cmdTcSet, p)
+}
+
+func tcgwinsz(fd uintptr) (WinSize, error) {
+	var ws WinSize
+
+	uws, err := unix.IoctlGetWinsize(int(fd), unix.TIOCGWINSZ)
+	if err != nil {
+		return ws, err
+	}
+
+	// Translate from unix.Winsize to console.WinSize
+	ws.Height = uws.Row
+	ws.Width = uws.Col
+	ws.x = uws.Xpixel
+	ws.y = uws.Ypixel
+	return ws, nil
+}
+
+func tcswinsz(fd uintptr, ws WinSize) error {
+	// Translate from console.WinSize to unix.Winsize
+
+	var uws unix.Winsize
+	uws.Row = ws.Height
+	uws.Col = ws.Width
+	uws.Xpixel = ws.x
+	uws.Ypixel = ws.y
+
+	return unix.IoctlSetWinsize(int(fd), unix.TIOCSWINSZ, &uws)
+}
+
+func setONLCR(fd uintptr, enable bool) error {
+	var termios unix.Termios
+	if err := tcget(fd, &termios); err != nil {
+		return err
+	}
+	if enable {
+		// Set +onlcr so we can act like a real terminal
+		termios.Oflag |= unix.ONLCR
+	} else {
+		// Set -onlcr so we don't have to deal with \r.
+		termios.Oflag &^= unix.ONLCR
+	}
+	return tcset(fd, &termios)
+}
+
+func cfmakeraw(t unix.Termios) unix.Termios {
+	t.Iflag &^= (unix.IGNBRK | unix.BRKINT | unix.PARMRK | unix.ISTRIP | unix.INLCR | unix.IGNCR | unix.ICRNL | unix.IXON)
+	t.Oflag &^= unix.OPOST
+	t.Lflag &^= (unix.ECHO | unix.ECHONL | unix.ICANON | unix.ISIG | unix.IEXTEN)
+	t.Cflag &^= (unix.CSIZE | unix.PARENB)
+	t.Cflag &^= unix.CS8
+	t.Cc[unix.VMIN] = 1
+	t.Cc[unix.VTIME] = 0
+
+	return t
+}
diff --git a/vendor/github.com/coreos/etcd/auth/authpb/auth.pb.go b/vendor/github.com/coreos/etcd/auth/authpb/auth.pb.go
index c6e2a12a7faa..009ebda70ca5 100644
--- a/vendor/github.com/coreos/etcd/auth/authpb/auth.pb.go
+++ b/vendor/github.com/coreos/etcd/auth/authpb/auth.pb.go
@@ -803,7 +803,7 @@ func init() { proto.RegisterFile("auth.proto", fileDescriptorAuth) }
 
 var fileDescriptorAuth = []byte{
 	// 288 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0x6c, 0x90, 0xc1, 0x4a, 0xc3, 0x30,
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x6c, 0x90, 0xc1, 0x4a, 0xc3, 0x30,
 	0x1c, 0xc6, 0x9b, 0xb6, 0x1b, 0xed, 0x5f, 0x27, 0x25, 0x0c, 0x0c, 0x13, 0x42, 0xe9, 0xa9, 0x78,
 	0xa8, 0xb0, 0x5d, 0xbc, 0x2a, 0xf6, 0x20, 0x78, 0x90, 0x50, 0xf1, 0x28, 0x1d, 0x0d, 0x75, 0x6c,
 	0x6d, 0x4a, 0x32, 0x91, 0xbe, 0x89, 0x07, 0x1f, 0x68, 0xc7, 0x3d, 0x82, 0xab, 0x2f, 0x22, 0x4d,
diff --git a/vendor/github.com/coreos/etcd/auth/jwt.go b/vendor/github.com/coreos/etcd/auth/jwt.go
new file mode 100644
index 000000000000..214ae48c83a9
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/auth/jwt.go
@@ -0,0 +1,137 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package auth
+
+import (
+	"crypto/rsa"
+	"io/ioutil"
+
+	jwt "github.com/dgrijalva/jwt-go"
+	"golang.org/x/net/context"
+)
+
+type tokenJWT struct {
+	signMethod string
+	signKey    *rsa.PrivateKey
+	verifyKey  *rsa.PublicKey
+}
+
+func (t *tokenJWT) enable()                         {}
+func (t *tokenJWT) disable()                        {}
+func (t *tokenJWT) invalidateUser(string)           {}
+func (t *tokenJWT) genTokenPrefix() (string, error) { return "", nil }
+
+func (t *tokenJWT) info(ctx context.Context, token string, rev uint64) (*AuthInfo, bool) {
+	// rev isn't used in JWT, it is only used in simple token
+	var (
+		username string
+		revision uint64
+	)
+
+	parsed, err := jwt.Parse(token, func(token *jwt.Token) (interface{}, error) {
+		return t.verifyKey, nil
+	})
+
+	switch err.(type) {
+	case nil:
+		if !parsed.Valid {
+			plog.Warningf("invalid jwt token: %s", token)
+			return nil, false
+		}
+
+		claims := parsed.Claims.(jwt.MapClaims)
+
+		username = claims["username"].(string)
+		revision = uint64(claims["revision"].(float64))
+	default:
+		plog.Warningf("failed to parse jwt token: %s", err)
+		return nil, false
+	}
+
+	return &AuthInfo{Username: username, Revision: revision}, true
+}
+
+func (t *tokenJWT) assign(ctx context.Context, username string, revision uint64) (string, error) {
+	// Future work: let a jwt token include permission information would be useful for
+	// permission checking in proxy side.
+	tk := jwt.NewWithClaims(jwt.GetSigningMethod(t.signMethod),
+		jwt.MapClaims{
+			"username": username,
+			"revision": revision,
+		})
+
+	token, err := tk.SignedString(t.signKey)
+	if err != nil {
+		plog.Debugf("failed to sign jwt token: %s", err)
+		return "", err
+	}
+
+	plog.Debugf("jwt token: %s", token)
+
+	return token, err
+}
+
+func prepareOpts(opts map[string]string) (jwtSignMethod, jwtPubKeyPath, jwtPrivKeyPath string, err error) {
+	for k, v := range opts {
+		switch k {
+		case "sign-method":
+			jwtSignMethod = v
+		case "pub-key":
+			jwtPubKeyPath = v
+		case "priv-key":
+			jwtPrivKeyPath = v
+		default:
+			plog.Errorf("unknown token specific option: %s", k)
+			return "", "", "", ErrInvalidAuthOpts
+		}
+	}
+
+	return jwtSignMethod, jwtPubKeyPath, jwtPrivKeyPath, nil
+}
+
+func newTokenProviderJWT(opts map[string]string) (*tokenJWT, error) {
+	jwtSignMethod, jwtPubKeyPath, jwtPrivKeyPath, err := prepareOpts(opts)
+	if err != nil {
+		return nil, ErrInvalidAuthOpts
+	}
+
+	t := &tokenJWT{}
+
+	t.signMethod = jwtSignMethod
+
+	verifyBytes, err := ioutil.ReadFile(jwtPubKeyPath)
+	if err != nil {
+		plog.Errorf("failed to read public key (%s) for jwt: %s", jwtPubKeyPath, err)
+		return nil, err
+	}
+	t.verifyKey, err = jwt.ParseRSAPublicKeyFromPEM(verifyBytes)
+	if err != nil {
+		plog.Errorf("failed to parse public key (%s): %s", jwtPubKeyPath, err)
+		return nil, err
+	}
+
+	signBytes, err := ioutil.ReadFile(jwtPrivKeyPath)
+	if err != nil {
+		plog.Errorf("failed to read private key (%s) for jwt: %s", jwtPrivKeyPath, err)
+		return nil, err
+	}
+	t.signKey, err = jwt.ParseRSAPrivateKeyFromPEM(signBytes)
+	if err != nil {
+		plog.Errorf("failed to parse private key (%s): %s", jwtPrivKeyPath, err)
+		return nil, err
+	}
+
+	return t, nil
+}
diff --git a/vendor/github.com/coreos/etcd/auth/range_perm_cache.go b/vendor/github.com/coreos/etcd/auth/range_perm_cache.go
index 3cd1ad2a4117..691b65ba38e7 100644
--- a/vendor/github.com/coreos/etcd/auth/range_perm_cache.go
+++ b/vendor/github.com/coreos/etcd/auth/range_perm_cache.go
@@ -15,93 +15,11 @@
 package auth
 
 import (
-	"bytes"
-	"sort"
-
 	"github.com/coreos/etcd/auth/authpb"
 	"github.com/coreos/etcd/mvcc/backend"
+	"github.com/coreos/etcd/pkg/adt"
 )
 
-// isSubset returns true if a is a subset of b.
-// If a is a prefix of b, then a is a subset of b.
-// Given intervals [a1,a2) and [b1,b2), is
-// the a interval a subset of b?
-func isSubset(a, b *rangePerm) bool {
-	switch {
-	case len(a.end) == 0 && len(b.end) == 0:
-		// a, b are both keys
-		return bytes.Equal(a.begin, b.begin)
-	case len(b.end) == 0:
-		// b is a key, a is a range
-		return false
-	case len(a.end) == 0:
-		// a is a key, b is a range. need b1 <= a1 and a1 < b2
-		return bytes.Compare(b.begin, a.begin) <= 0 && bytes.Compare(a.begin, b.end) < 0
-	default:
-		// both are ranges. need b1 <= a1 and a2 <= b2
-		return bytes.Compare(b.begin, a.begin) <= 0 && bytes.Compare(a.end, b.end) <= 0
-	}
-}
-
-func isRangeEqual(a, b *rangePerm) bool {
-	return bytes.Equal(a.begin, b.begin) && bytes.Equal(a.end, b.end)
-}
-
-// removeSubsetRangePerms removes any rangePerms that are subsets of other rangePerms.
-// If there are equal ranges, removeSubsetRangePerms only keeps one of them.
-// It returns a sorted rangePerm slice.
-func removeSubsetRangePerms(perms []*rangePerm) (newp []*rangePerm) {
-	sort.Sort(RangePermSliceByBegin(perms))
-	var prev *rangePerm
-	for i := range perms {
-		if i == 0 {
-			prev = perms[i]
-			newp = append(newp, perms[i])
-			continue
-		}
-		if isRangeEqual(perms[i], prev) {
-			continue
-		}
-		if isSubset(perms[i], prev) {
-			continue
-		}
-		if isSubset(prev, perms[i]) {
-			prev = perms[i]
-			newp[len(newp)-1] = perms[i]
-			continue
-		}
-		prev = perms[i]
-		newp = append(newp, perms[i])
-	}
-	return newp
-}
-
-// mergeRangePerms merges adjacent rangePerms.
-func mergeRangePerms(perms []*rangePerm) []*rangePerm {
-	var merged []*rangePerm
-	perms = removeSubsetRangePerms(perms)
-
-	i := 0
-	for i < len(perms) {
-		begin, next := i, i
-		for next+1 < len(perms) && bytes.Compare(perms[next].end, perms[next+1].begin) >= 0 {
-			next++
-		}
-		// don't merge ["a", "b") with ["b", ""), because perms[next+1].end is empty.
-		if next != begin && len(perms[next].end) > 0 {
-			merged = append(merged, &rangePerm{begin: perms[begin].begin, end: perms[next].end})
-		} else {
-			merged = append(merged, perms[begin])
-			if next != begin {
-				merged = append(merged, perms[next])
-			}
-		}
-		i = next + 1
-	}
-
-	return merged
-}
-
 func getMergedPerms(tx backend.BatchTx, userName string) *unifiedRangePermissions {
 	user := getUser(tx, userName)
 	if user == nil {
@@ -109,7 +27,8 @@ func getMergedPerms(tx backend.BatchTx, userName string) *unifiedRangePermission
 		return nil
 	}
 
-	var readPerms, writePerms []*rangePerm
+	readPerms := &adt.IntervalTree{}
+	writePerms := &adt.IntervalTree{}
 
 	for _, roleName := range user.Roles {
 		role := getRole(tx, roleName)
@@ -118,48 +37,66 @@ func getMergedPerms(tx backend.BatchTx, userName string) *unifiedRangePermission
 		}
 
 		for _, perm := range role.KeyPermission {
-			rp := &rangePerm{begin: perm.Key, end: perm.RangeEnd}
+			var ivl adt.Interval
+			var rangeEnd []byte
+
+			if len(perm.RangeEnd) != 1 || perm.RangeEnd[0] != 0 {
+				rangeEnd = perm.RangeEnd
+			}
+
+			if len(perm.RangeEnd) != 0 {
+				ivl = adt.NewBytesAffineInterval(perm.Key, rangeEnd)
+			} else {
+				ivl = adt.NewBytesAffinePoint(perm.Key)
+			}
 
 			switch perm.PermType {
 			case authpb.READWRITE:
-				readPerms = append(readPerms, rp)
-				writePerms = append(writePerms, rp)
+				readPerms.Insert(ivl, struct{}{})
+				writePerms.Insert(ivl, struct{}{})
 
 			case authpb.READ:
-				readPerms = append(readPerms, rp)
+				readPerms.Insert(ivl, struct{}{})
 
 			case authpb.WRITE:
-				writePerms = append(writePerms, rp)
+				writePerms.Insert(ivl, struct{}{})
 			}
 		}
 	}
 
 	return &unifiedRangePermissions{
-		readPerms:  mergeRangePerms(readPerms),
-		writePerms: mergeRangePerms(writePerms),
+		readPerms:  readPerms,
+		writePerms: writePerms,
 	}
 }
 
-func checkKeyPerm(cachedPerms *unifiedRangePermissions, key, rangeEnd []byte, permtyp authpb.Permission_Type) bool {
-	var tocheck []*rangePerm
+func checkKeyInterval(cachedPerms *unifiedRangePermissions, key, rangeEnd []byte, permtyp authpb.Permission_Type) bool {
+	if len(rangeEnd) == 1 && rangeEnd[0] == 0 {
+		rangeEnd = nil
+	}
 
+	ivl := adt.NewBytesAffineInterval(key, rangeEnd)
 	switch permtyp {
 	case authpb.READ:
-		tocheck = cachedPerms.readPerms
+		return cachedPerms.readPerms.Contains(ivl)
 	case authpb.WRITE:
-		tocheck = cachedPerms.writePerms
+		return cachedPerms.writePerms.Contains(ivl)
 	default:
 		plog.Panicf("unknown auth type: %v", permtyp)
 	}
+	return false
+}
 
-	requiredPerm := &rangePerm{begin: key, end: rangeEnd}
-
-	for _, perm := range tocheck {
-		if isSubset(requiredPerm, perm) {
-			return true
-		}
+func checkKeyPoint(cachedPerms *unifiedRangePermissions, key []byte, permtyp authpb.Permission_Type) bool {
+	pt := adt.NewBytesAffinePoint(key)
+	switch permtyp {
+	case authpb.READ:
+		return cachedPerms.readPerms.Intersects(pt)
+	case authpb.WRITE:
+		return cachedPerms.writePerms.Intersects(pt)
+	default:
+		plog.Panicf("unknown auth type: %v", permtyp)
 	}
-
 	return false
 }
 
@@ -175,7 +112,11 @@ func (as *authStore) isRangeOpPermitted(tx backend.BatchTx, userName string, key
 		as.rangePermCache[userName] = perms
 	}
 
-	return checkKeyPerm(as.rangePermCache[userName], key, rangeEnd, permtyp)
+	if len(rangeEnd) == 0 {
+		return checkKeyPoint(as.rangePermCache[userName], key, permtyp)
+	}
+
+	return checkKeyInterval(as.rangePermCache[userName], key, rangeEnd, permtyp)
 }
 
 func (as *authStore) clearCachedPerm() {
@@ -187,35 +128,6 @@ func (as *authStore) invalidateCachedPerm(userName string) {
 }
 
 type unifiedRangePermissions struct {
-	// readPerms[i] and readPerms[j] (i != j) don't overlap
-	readPerms []*rangePerm
-	// writePerms[i] and writePerms[j] (i != j) don't overlap, too
-	writePerms []*rangePerm
-}
-
-type rangePerm struct {
-	begin, end []byte
-}
-
-type RangePermSliceByBegin []*rangePerm
-
-func (slice RangePermSliceByBegin) Len() int {
-	return len(slice)
-}
-
-func (slice RangePermSliceByBegin) Less(i, j int) bool {
-	switch bytes.Compare(slice[i].begin, slice[j].begin) {
-	case 0: // begin(i) == begin(j)
-		return bytes.Compare(slice[i].end, slice[j].end) == -1
-
-	case -1: // begin(i) < begin(j)
-		return true
-
-	default:
-		return false
-	}
-}
-
-func (slice RangePermSliceByBegin) Swap(i, j int) {
-	slice[i], slice[j] = slice[j], slice[i]
+	readPerms  *adt.IntervalTree
+	writePerms *adt.IntervalTree
 }
diff --git a/vendor/github.com/coreos/etcd/auth/simple_token.go b/vendor/github.com/coreos/etcd/auth/simple_token.go
index a39f3927685e..94d92a115e24 100644
--- a/vendor/github.com/coreos/etcd/auth/simple_token.go
+++ b/vendor/github.com/coreos/etcd/auth/simple_token.go
@@ -19,10 +19,14 @@ package auth
 
 import (
 	"crypto/rand"
+	"fmt"
 	"math/big"
+	"strconv"
 	"strings"
 	"sync"
 	"time"
+
+	"golang.org/x/net/context"
 )
 
 const (
@@ -90,24 +94,14 @@ func (tm *simpleTokenTTLKeeper) run() {
 	}
 }
 
-func (as *authStore) enable() {
-	delf := func(tk string) {
-		if username, ok := as.simpleTokens[tk]; ok {
-			plog.Infof("deleting token %s for user %s", tk, username)
-			delete(as.simpleTokens, tk)
-		}
-	}
-	as.simpleTokenKeeper = &simpleTokenTTLKeeper{
-		tokens:          make(map[string]time.Time),
-		donec:           make(chan struct{}),
-		stopc:           make(chan struct{}),
-		deleteTokenFunc: delf,
-		mu:              &as.simpleTokensMu,
-	}
-	go as.simpleTokenKeeper.run()
+type tokenSimple struct {
+	indexWaiter       func(uint64) <-chan struct{}
+	simpleTokenKeeper *simpleTokenTTLKeeper
+	simpleTokensMu    sync.Mutex
+	simpleTokens      map[string]string // token -> username
 }
 
-func (as *authStore) GenSimpleToken() (string, error) {
+func (t *tokenSimple) genTokenPrefix() (string, error) {
 	ret := make([]byte, defaultSimpleTokenLength)
 
 	for i := 0; i < defaultSimpleTokenLength; i++ {
@@ -122,28 +116,105 @@ func (as *authStore) GenSimpleToken() (string, error) {
 	return string(ret), nil
 }
 
-func (as *authStore) assignSimpleTokenToUser(username, token string) {
-	as.simpleTokensMu.Lock()
-	_, ok := as.simpleTokens[token]
+func (t *tokenSimple) assignSimpleTokenToUser(username, token string) {
+	t.simpleTokensMu.Lock()
+	_, ok := t.simpleTokens[token]
 	if ok {
 		plog.Panicf("token %s is alredy used", token)
 	}
 
-	as.simpleTokens[token] = username
-	as.simpleTokenKeeper.addSimpleToken(token)
-	as.simpleTokensMu.Unlock()
+	t.simpleTokens[token] = username
+	t.simpleTokenKeeper.addSimpleToken(token)
+	t.simpleTokensMu.Unlock()
 }
 
-func (as *authStore) invalidateUser(username string) {
-	if as.simpleTokenKeeper == nil {
+func (t *tokenSimple) invalidateUser(username string) {
+	if t.simpleTokenKeeper == nil {
 		return
 	}
-	as.simpleTokensMu.Lock()
-	for token, name := range as.simpleTokens {
+	t.simpleTokensMu.Lock()
+	for token, name := range t.simpleTokens {
 		if strings.Compare(name, username) == 0 {
-			delete(as.simpleTokens, token)
-			as.simpleTokenKeeper.deleteSimpleToken(token)
+			delete(t.simpleTokens, token)
+			t.simpleTokenKeeper.deleteSimpleToken(token)
 		}
 	}
-	as.simpleTokensMu.Unlock()
+	t.simpleTokensMu.Unlock()
+}
+
+func (t *tokenSimple) enable() {
+	delf := func(tk string) {
+		if username, ok := t.simpleTokens[tk]; ok {
+			plog.Infof("deleting token %s for user %s", tk, username)
+			delete(t.simpleTokens, tk)
+		}
+	}
+	t.simpleTokenKeeper = &simpleTokenTTLKeeper{
+		tokens:          make(map[string]time.Time),
+		donec:           make(chan struct{}),
+		stopc:           make(chan struct{}),
+		deleteTokenFunc: delf,
+		mu:              &t.simpleTokensMu,
+	}
+	go t.simpleTokenKeeper.run()
+}
+
+func (t *tokenSimple) disable() {
+	t.simpleTokensMu.Lock()
+	tk := t.simpleTokenKeeper
+	t.simpleTokenKeeper = nil
+	t.simpleTokens = make(map[string]string) // invalidate all tokens
+	t.simpleTokensMu.Unlock()
+	if tk != nil {
+		tk.stop()
+	}
+}
+
+func (t *tokenSimple) info(ctx context.Context, token string, revision uint64) (*AuthInfo, bool) {
+	if !t.isValidSimpleToken(ctx, token) {
+		return nil, false
+	}
+	t.simpleTokensMu.Lock()
+	username, ok := t.simpleTokens[token]
+	if ok && t.simpleTokenKeeper != nil {
+		t.simpleTokenKeeper.resetSimpleToken(token)
+	}
+	t.simpleTokensMu.Unlock()
+	return &AuthInfo{Username: username, Revision: revision}, ok
+}
+
+func (t *tokenSimple) assign(ctx context.Context, username string, rev uint64) (string, error) {
+	// rev isn't used in simple token, it is only used in JWT
+	index := ctx.Value("index").(uint64)
+	simpleToken := ctx.Value("simpleToken").(string)
+	token := fmt.Sprintf("%s.%d", simpleToken, index)
+	t.assignSimpleTokenToUser(username, token)
+
+	return token, nil
+}
+
+func (t *tokenSimple) isValidSimpleToken(ctx context.Context, token string) bool {
+	splitted := strings.Split(token, ".")
+	if len(splitted) != 2 {
+		return false
+	}
+	index, err := strconv.Atoi(splitted[1])
+	if err != nil {
+		return false
+	}
+
+	select {
+	case <-t.indexWaiter(uint64(index)):
+		return true
+	case <-ctx.Done():
+	}
+
+	return false
+}
+
+func newTokenProviderSimple(indexWaiter func(uint64) <-chan struct{}) *tokenSimple {
+	return &tokenSimple{
+		simpleTokens: make(map[string]string),
+		indexWaiter:  indexWaiter,
+	}
 }
diff --git a/vendor/github.com/coreos/etcd/auth/store.go b/vendor/github.com/coreos/etcd/auth/store.go
index 236bb2c529d4..3fac7f5a6fd7 100644
--- a/vendor/github.com/coreos/etcd/auth/store.go
+++ b/vendor/github.com/coreos/etcd/auth/store.go
@@ -18,11 +18,10 @@ import (
 	"bytes"
 	"encoding/binary"
 	"errors"
-	"fmt"
 	"sort"
-	"strconv"
 	"strings"
 	"sync"
+	"sync/atomic"
 
 	"github.com/coreos/etcd/auth/authpb"
 	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
@@ -30,7 +29,9 @@ import (
 	"github.com/coreos/pkg/capnslog"
 	"golang.org/x/crypto/bcrypt"
 	"golang.org/x/net/context"
+	"google.golang.org/grpc/credentials"
 	"google.golang.org/grpc/metadata"
+	"google.golang.org/grpc/peer"
 )
 
 var (
@@ -60,6 +61,8 @@ var (
 	ErrAuthNotEnabled       = errors.New("auth: authentication is not enabled")
 	ErrAuthOldRevision      = errors.New("auth: revision in header is old")
 	ErrInvalidAuthToken     = errors.New("auth: invalid auth token")
+	ErrInvalidAuthOpts      = errors.New("auth: invalid auth options")
+	ErrInvalidAuthMgmt      = errors.New("auth: invalid auth management")
 
 	// BcryptCost is the algorithm cost / strength for hashing auth passwords
 	BcryptCost = bcrypt.DefaultCost
@@ -129,10 +132,6 @@ type AuthStore interface {
 	// RoleList gets a list of all roles
 	RoleList(r *pb.AuthRoleListRequest) (*pb.AuthRoleListResponse, error)
 
-	// AuthInfoFromToken gets a username from the given Token and current revision number
-	// (The revision number is used for preventing the TOCTOU problem)
-	AuthInfoFromToken(token string) (*AuthInfo, bool)
-
 	// IsPutPermitted checks put permission of the user
 	IsPutPermitted(authInfo *AuthInfo, key []byte) error
 
@@ -145,8 +144,9 @@ type AuthStore interface {
 	// IsAdminPermitted checks admin permission of the user
 	IsAdminPermitted(authInfo *AuthInfo) error
 
-	// GenSimpleToken produces a simple random string
-	GenSimpleToken() (string, error)
+	// GenTokenPrefix produces a random string in a case of simple token
+	// in a case of JWT, it produces an empty string
+	GenTokenPrefix() (string, error)
 
 	// Revision gets current revision of authStore
 	Revision() uint64
@@ -159,33 +159,32 @@ type AuthStore interface {
 
 	// AuthInfoFromCtx gets AuthInfo from gRPC's context
 	AuthInfoFromCtx(ctx context.Context) (*AuthInfo, error)
+
+	// AuthInfoFromTLS gets AuthInfo from TLS info of gRPC's context
+	AuthInfoFromTLS(ctx context.Context) *AuthInfo
+}
+
+type TokenProvider interface {
+	info(ctx context.Context, token string, revision uint64) (*AuthInfo, bool)
+	assign(ctx context.Context, username string, revision uint64) (string, error)
+	enable()
+	disable()
+
+	invalidateUser(string)
+	genTokenPrefix() (string, error)
 }
 
 type authStore struct {
+	// atomic operations; need 64-bit align, or 32-bit tests will crash
+	revision uint64
+
 	be        backend.Backend
 	enabled   bool
 	enabledMu sync.RWMutex
 
 	rangePermCache map[string]*unifiedRangePermissions // username -> unifiedRangePermissions
 
-	revision uint64
-
-	// tokenSimple in v3.2+
-	indexWaiter       func(uint64) <-chan struct{}
-	simpleTokenKeeper *simpleTokenTTLKeeper
-	simpleTokensMu    sync.Mutex
-	simpleTokens      map[string]string // token -> username
-}
-
-func newDeleterFunc(as *authStore) func(string) {
-	return func(t string) {
-		as.simpleTokensMu.Lock()
-		defer as.simpleTokensMu.Unlock()
-		if username, ok := as.simpleTokens[t]; ok {
-			plog.Infof("deleting token %s for user %s", t, username)
-			delete(as.simpleTokens, t)
-		}
-	}
+	tokenProvider TokenProvider
 }
 
 func (as *authStore) AuthEnable() error {
@@ -215,11 +214,11 @@ func (as *authStore) AuthEnable() error {
 	tx.UnsafePut(authBucketName, enableFlagKey, authEnabled)
 
 	as.enabled = true
-	as.enable()
+	as.tokenProvider.enable()
 
 	as.rangePermCache = make(map[string]*unifiedRangePermissions)
 
-	as.revision = getRevision(tx)
+	as.setRevision(getRevision(tx))
 
 	plog.Noticef("Authentication enabled")
 
@@ -241,15 +240,7 @@ func (as *authStore) AuthDisable() {
 	b.ForceCommit()
 
 	as.enabled = false
-
-	as.simpleTokensMu.Lock()
-	tk := as.simpleTokenKeeper
-	as.simpleTokenKeeper = nil
-	as.simpleTokens = make(map[string]string) // invalidate all tokens
-	as.simpleTokensMu.Unlock()
-	if tk != nil {
-		tk.stop()
-	}
+	as.tokenProvider.disable()
 
 	plog.Noticef("Authentication disabled")
 }
@@ -260,10 +251,7 @@ func (as *authStore) Close() error {
 	if !as.enabled {
 		return nil
 	}
-	if as.simpleTokenKeeper != nil {
-		as.simpleTokenKeeper.stop()
-		as.simpleTokenKeeper = nil
-	}
+	as.tokenProvider.disable()
 	return nil
 }
 
@@ -272,10 +260,6 @@ func (as *authStore) Authenticate(ctx context.Context, username, password string
 		return nil, ErrAuthNotEnabled
 	}
 
-	// TODO(mitake): after adding jwt support, branching based on values of ctx is required
-	index := ctx.Value("index").(uint64)
-	simpleToken := ctx.Value("simpleToken").(string)
-
 	tx := as.be.BatchTx()
 	tx.Lock()
 	defer tx.Unlock()
@@ -285,14 +269,23 @@ func (as *authStore) Authenticate(ctx context.Context, username, password string
 		return nil, ErrAuthFailed
 	}
 
-	token := fmt.Sprintf("%s.%d", simpleToken, index)
-	as.assignSimpleTokenToUser(username, token)
+	// Password checking is already performed in the API layer, so we don't need to check for now.
+	// Staleness of password can be detected with OCC in the API layer, too.
+
+	token, err := as.tokenProvider.assign(ctx, username, as.Revision())
+	if err != nil {
+		return nil, err
+	}
 
-	plog.Infof("authorized %s, token is %s", username, token)
+	plog.Debugf("authorized %s, token is %s", username, token)
 	return &pb.AuthenticateResponse{Token: token}, nil
 }
 
 func (as *authStore) CheckPassword(username, password string) (uint64, error) {
+	if !as.isAuthEnabled() {
+		return 0, ErrAuthNotEnabled
+	}
+
 	tx := as.be.BatchTx()
 	tx.Lock()
 	defer tx.Unlock()
@@ -322,7 +315,7 @@ func (as *authStore) Recover(be backend.Backend) {
 		}
 	}
 
-	as.revision = getRevision(tx)
+	as.setRevision(getRevision(tx))
 
 	tx.Unlock()
 
@@ -366,6 +359,11 @@ func (as *authStore) UserAdd(r *pb.AuthUserAddRequest) (*pb.AuthUserAddResponse,
 }
 
 func (as *authStore) UserDelete(r *pb.AuthUserDeleteRequest) (*pb.AuthUserDeleteResponse, error) {
+	if as.enabled && strings.Compare(r.Name, rootUser) == 0 {
+		plog.Errorf("the user root must not be deleted")
+		return nil, ErrInvalidAuthMgmt
+	}
+
 	tx := as.be.BatchTx()
 	tx.Lock()
 	defer tx.Unlock()
@@ -380,7 +378,7 @@ func (as *authStore) UserDelete(r *pb.AuthUserDeleteRequest) (*pb.AuthUserDelete
 	as.commitRevision(tx)
 
 	as.invalidateCachedPerm(r.Name)
-	as.invalidateUser(r.Name)
+	as.tokenProvider.invalidateUser(r.Name)
 
 	plog.Noticef("deleted a user: %s", r.Name)
 
@@ -416,7 +414,7 @@ func (as *authStore) UserChangePassword(r *pb.AuthUserChangePasswordRequest) (*p
 	as.commitRevision(tx)
 
 	as.invalidateCachedPerm(r.Name)
-	as.invalidateUser(r.Name)
+	as.tokenProvider.invalidateUser(r.Name)
 
 	plog.Noticef("changed a password of a user: %s", r.Name)
 
@@ -491,6 +489,11 @@ func (as *authStore) UserList(r *pb.AuthUserListRequest) (*pb.AuthUserListRespon
 }
 
 func (as *authStore) UserRevokeRole(r *pb.AuthUserRevokeRoleRequest) (*pb.AuthUserRevokeRoleResponse, error) {
+	if as.enabled && strings.Compare(r.Name, rootUser) == 0 && strings.Compare(r.Role, rootRole) == 0 {
+		plog.Errorf("the role root must not be revoked from the user root")
+		return nil, ErrInvalidAuthMgmt
+	}
+
 	tx := as.be.BatchTx()
 	tx.Lock()
 	defer tx.Unlock()
@@ -593,17 +596,10 @@ func (as *authStore) RoleRevokePermission(r *pb.AuthRoleRevokePermissionRequest)
 }
 
 func (as *authStore) RoleDelete(r *pb.AuthRoleDeleteRequest) (*pb.AuthRoleDeleteResponse, error) {
-	// TODO(mitake): current scheme of role deletion allows existing users to have the deleted roles
-	//
-	// Assume a case like below:
-	// create a role r1
-	// create a user u1 and grant r1 to u1
-	// delete r1
-	//
-	// After this sequence, u1 is still granted the role r1. So if admin create a new role with the name r1,
-	// the new r1 is automatically granted u1.
-	// In some cases, it would be confusing. So we need to provide an option for deleting the grant relation
-	// from all users.
+	if as.enabled && strings.Compare(r.Role, rootRole) == 0 {
+		plog.Errorf("the role root must not be deleted")
+		return nil, ErrInvalidAuthMgmt
+	}
 
 	tx := as.be.BatchTx()
 	tx.Lock()
@@ -616,6 +612,28 @@ func (as *authStore) RoleDelete(r *pb.AuthRoleDeleteRequest) (*pb.AuthRoleDelete
 
 	delRole(tx, r.Role)
 
+	users := getAllUsers(tx)
+	for _, user := range users {
+		updatedUser := &authpb.User{
+			Name:     user.Name,
+			Password: user.Password,
+		}
+
+		for _, role := range user.Roles {
+			if strings.Compare(role, r.Role) != 0 {
+				updatedUser.Roles = append(updatedUser.Roles, role)
+			}
+		}
+
+		if len(updatedUser.Roles) == len(user.Roles) {
+			continue
+		}
+
+		putUser(tx, updatedUser)
+
+		as.invalidateCachedPerm(string(user.Name))
+	}
+
 	as.commitRevision(tx)
 
 	plog.Noticef("deleted role %s", r.Role)
@@ -645,15 +663,8 @@ func (as *authStore) RoleAdd(r *pb.AuthRoleAddRequest) (*pb.AuthRoleAddResponse,
 	return &pb.AuthRoleAddResponse{}, nil
 }
 
-func (as *authStore) AuthInfoFromToken(token string) (*AuthInfo, bool) {
-	// same as '(t *tokenSimple) info' in v3.2+
-	as.simpleTokensMu.Lock()
-	username, ok := as.simpleTokens[token]
-	if ok && as.simpleTokenKeeper != nil {
-		as.simpleTokenKeeper.resetSimpleToken(token)
-	}
-	as.simpleTokensMu.Unlock()
-	return &AuthInfo{Username: username, Revision: as.revision}, ok
+func (as *authStore) authInfoFromToken(ctx context.Context, token string) (*AuthInfo, bool) {
+	return as.tokenProvider.info(ctx, token, as.Revision())
 }
 
 type permSlice []*authpb.Permission
@@ -723,7 +734,7 @@ func (as *authStore) isOpPermitted(userName string, revision uint64, key, rangeE
 		return ErrUserEmpty
 	}
 
-	if revision < as.revision {
+	if revision < as.Revision() {
 		return ErrAuthOldRevision
 	}
 
@@ -886,7 +897,7 @@ func (as *authStore) isAuthEnabled() bool {
 	return as.enabled
 }
 
-func NewAuthStore(be backend.Backend, indexWaiter func(uint64) <-chan struct{}) *authStore {
+func NewAuthStore(be backend.Backend, tp TokenProvider) *authStore {
 	tx := be.BatchTx()
 	tx.Lock()
 
@@ -904,18 +915,17 @@ func NewAuthStore(be backend.Backend, indexWaiter func(uint64) <-chan struct{})
 
 	as := &authStore{
 		be:             be,
-		simpleTokens:   make(map[string]string),
 		revision:       getRevision(tx),
-		indexWaiter:    indexWaiter,
 		enabled:        enabled,
 		rangePermCache: make(map[string]*unifiedRangePermissions),
+		tokenProvider:  tp,
 	}
 
 	if enabled {
-		as.enable()
+		as.tokenProvider.enable()
 	}
 
-	if as.revision == 0 {
+	if as.Revision() == 0 {
 		as.commitRevision(tx)
 	}
 
@@ -935,9 +945,9 @@ func hasRootRole(u *authpb.User) bool {
 }
 
 func (as *authStore) commitRevision(tx backend.BatchTx) {
-	as.revision++
+	atomic.AddUint64(&as.revision, 1)
 	revBytes := make([]byte, revBytesLen)
-	binary.BigEndian.PutUint64(revBytes, as.revision)
+	binary.BigEndian.PutUint64(revBytes, as.Revision())
 	tx.UnsafePut(authBucketName, revisionKey, revBytes)
 }
 
@@ -951,31 +961,38 @@ func getRevision(tx backend.BatchTx) uint64 {
 	return binary.BigEndian.Uint64(vs[0])
 }
 
+func (as *authStore) setRevision(rev uint64) {
+	atomic.StoreUint64(&as.revision, rev)
+}
+
 func (as *authStore) Revision() uint64 {
-	return as.revision
+	return atomic.LoadUint64(&as.revision)
 }
 
-func (as *authStore) isValidSimpleToken(token string, ctx context.Context) bool {
-	splitted := strings.Split(token, ".")
-	if len(splitted) != 2 {
-		return false
-	}
-	index, err := strconv.Atoi(splitted[1])
-	if err != nil {
-		return false
+func (as *authStore) AuthInfoFromTLS(ctx context.Context) *AuthInfo {
+	peer, ok := peer.FromContext(ctx)
+	if !ok || peer == nil || peer.AuthInfo == nil {
+		return nil
 	}
 
-	select {
-	case <-as.indexWaiter(uint64(index)):
-		return true
-	case <-ctx.Done():
+	tlsInfo := peer.AuthInfo.(credentials.TLSInfo)
+	for _, chains := range tlsInfo.State.VerifiedChains {
+		for _, chain := range chains {
+			cn := chain.Subject.CommonName
+			plog.Debugf("found common name %s", cn)
+
+			return &AuthInfo{
+				Username: cn,
+				Revision: as.Revision(),
+			}
+		}
 	}
 
-	return false
+	return nil
 }
 
 func (as *authStore) AuthInfoFromCtx(ctx context.Context) (*AuthInfo, error) {
-	md, ok := metadata.FromContext(ctx)
+	md, ok := metadata.FromIncomingContext(ctx)
 	if !ok {
 		return nil, nil
 	}
@@ -986,14 +1003,57 @@ func (as *authStore) AuthInfoFromCtx(ctx context.Context) (*AuthInfo, error) {
 	}
 
 	token := ts[0]
-	if !as.isValidSimpleToken(token, ctx) {
-		return nil, ErrInvalidAuthToken
-	}
-
-	authInfo, uok := as.AuthInfoFromToken(token)
+	authInfo, uok := as.authInfoFromToken(ctx, token)
 	if !uok {
 		plog.Warningf("invalid auth token: %s", token)
 		return nil, ErrInvalidAuthToken
 	}
 	return authInfo, nil
 }
+
+func (as *authStore) GenTokenPrefix() (string, error) {
+	return as.tokenProvider.genTokenPrefix()
+}
+
+func decomposeOpts(optstr string) (string, map[string]string, error) {
+	opts := strings.Split(optstr, ",")
+	tokenType := opts[0]
+
+	typeSpecificOpts := make(map[string]string)
+	for i := 1; i < len(opts); i++ {
+		pair := strings.Split(opts[i], "=")
+
+		if len(pair) != 2 {
+			plog.Errorf("invalid token specific option: %s", optstr)
+			return "", nil, ErrInvalidAuthOpts
+		}
+
+		if _, ok := typeSpecificOpts[pair[0]]; ok {
+			plog.Errorf("invalid token specific option, duplicated parameters (%s): %s", pair[0], optstr)
+			return "", nil, ErrInvalidAuthOpts
+		}
+
+		typeSpecificOpts[pair[0]] = pair[1]
+	}
+
+	return tokenType, typeSpecificOpts, nil
+
+}
+
+func NewTokenProvider(tokenOpts string, indexWaiter func(uint64) <-chan struct{}) (TokenProvider, error) {
+	tokenType, typeSpecificOpts, err := decomposeOpts(tokenOpts)
+	if err != nil {
+		return nil, ErrInvalidAuthOpts
+	}
+
+	switch tokenType {
+	case "simple":
+		plog.Warningf("simple token is not cryptographically signed")
+		return newTokenProviderSimple(indexWaiter), nil
+	case "jwt":
+		return newTokenProviderJWT(typeSpecificOpts)
+	default:
+		plog.Errorf("unknown token type: %s", tokenType)
+		return nil, ErrInvalidAuthOpts
+	}
+}
diff --git a/vendor/github.com/coreos/etcd/client/client.go b/vendor/github.com/coreos/etcd/client/client.go
index f9131b4725c1..19ce2ec01dad 100644
--- a/vendor/github.com/coreos/etcd/client/client.go
+++ b/vendor/github.com/coreos/etcd/client/client.go
@@ -15,6 +15,7 @@
 package client
 
 import (
+	"encoding/json"
 	"errors"
 	"fmt"
 	"io/ioutil"
@@ -27,6 +28,8 @@ import (
 	"sync"
 	"time"
 
+	"github.com/coreos/etcd/version"
+
 	"golang.org/x/net/context"
 )
 
@@ -201,6 +204,9 @@ type Client interface {
 	// returned
 	SetEndpoints(eps []string) error
 
+	// GetVersion retrieves the current etcd server and cluster version
+	GetVersion(ctx context.Context) (*version.Versions, error)
+
 	httpClient
 }
 
@@ -366,12 +372,7 @@ func (c *httpClusterClient) Do(ctx context.Context, act httpAction) (*http.Respo
 			if err == context.Canceled || err == context.DeadlineExceeded {
 				return nil, nil, err
 			}
-			if isOneShot {
-				return nil, nil, err
-			}
-			continue
-		}
-		if resp.StatusCode/100 == 5 {
+		} else if resp.StatusCode/100 == 5 {
 			switch resp.StatusCode {
 			case http.StatusInternalServerError, http.StatusServiceUnavailable:
 				// TODO: make sure this is a no leader response
@@ -379,10 +380,16 @@ func (c *httpClusterClient) Do(ctx context.Context, act httpAction) (*http.Respo
 			default:
 				cerr.Errors = append(cerr.Errors, fmt.Errorf("client: etcd member %s returns server error [%s]", eps[k].String(), http.StatusText(resp.StatusCode)))
 			}
-			if isOneShot {
-				return nil, nil, cerr.Errors[0]
+			err = cerr.Errors[0]
+		}
+		if err != nil {
+			if !isOneShot {
+				continue
 			}
-			continue
+			c.Lock()
+			c.pinned = (k + 1) % leps
+			c.Unlock()
+			return nil, nil, err
 		}
 		if k != pinned {
 			c.Lock()
@@ -477,6 +484,33 @@ func (c *httpClusterClient) AutoSync(ctx context.Context, interval time.Duration
 	}
 }
 
+func (c *httpClusterClient) GetVersion(ctx context.Context) (*version.Versions, error) {
+	act := &getAction{Prefix: "/version"}
+
+	resp, body, err := c.Do(ctx, act)
+	if err != nil {
+		return nil, err
+	}
+
+	switch resp.StatusCode {
+	case http.StatusOK:
+		if len(body) == 0 {
+			return nil, ErrEmptyBody
+		}
+		var vresp version.Versions
+		if err := json.Unmarshal(body, &vresp); err != nil {
+			return nil, ErrInvalidJSON
+		}
+		return &vresp, nil
+	default:
+		var etcdErr Error
+		if err := json.Unmarshal(body, &etcdErr); err != nil {
+			return nil, ErrInvalidJSON
+		}
+		return nil, etcdErr
+	}
+}
+
 type roundTripResponse struct {
 	resp *http.Response
 	err  error
diff --git a/vendor/github.com/coreos/etcd/client/discover.go b/vendor/github.com/coreos/etcd/client/discover.go
index bfd7aec93f5c..442e35fe543b 100644
--- a/vendor/github.com/coreos/etcd/client/discover.go
+++ b/vendor/github.com/coreos/etcd/client/discover.go
@@ -14,8 +14,27 @@
 
 package client
 
+import (
+	"github.com/coreos/etcd/pkg/srv"
+)
+
 // Discoverer is an interface that wraps the Discover method.
 type Discoverer interface {
 	// Discover looks up the etcd servers for the domain.
 	Discover(domain string) ([]string, error)
 }
+
+type srvDiscover struct{}
+
+// NewSRVDiscover constructs a new Discoverer that uses the stdlib to lookup SRV records.
+func NewSRVDiscover() Discoverer {
+	return &srvDiscover{}
+}
+
+func (d *srvDiscover) Discover(domain string) ([]string, error) {
+	srvs, err := srv.GetClient("etcd-client", domain)
+	if err != nil {
+		return nil, err
+	}
+	return srvs.Endpoints, nil
+}
diff --git a/vendor/github.com/coreos/etcd/client/srv.go b/vendor/github.com/coreos/etcd/client/srv.go
deleted file mode 100644
index fdfa34359219..000000000000
--- a/vendor/github.com/coreos/etcd/client/srv.go
+++ /dev/null
@@ -1,65 +0,0 @@
-// Copyright 2015 The etcd Authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package client
-
-import (
-	"fmt"
-	"net"
-	"net/url"
-)
-
-var (
-	// indirection for testing
-	lookupSRV = net.LookupSRV
-)
-
-type srvDiscover struct{}
-
-// NewSRVDiscover constructs a new Discoverer that uses the stdlib to lookup SRV records.
-func NewSRVDiscover() Discoverer {
-	return &srvDiscover{}
-}
-
-// Discover looks up the etcd servers for the domain.
-func (d *srvDiscover) Discover(domain string) ([]string, error) {
-	var urls []*url.URL
-
-	updateURLs := func(service, scheme string) error {
-		_, addrs, err := lookupSRV(service, "tcp", domain)
-		if err != nil {
-			return err
-		}
-		for _, srv := range addrs {
-			urls = append(urls, &url.URL{
-				Scheme: scheme,
-				Host:   net.JoinHostPort(srv.Target, fmt.Sprintf("%d", srv.Port)),
-			})
-		}
-		return nil
-	}
-
-	errHTTPS := updateURLs("etcd-client-ssl", "https")
-	errHTTP := updateURLs("etcd-client", "http")
-
-	if errHTTPS != nil && errHTTP != nil {
-		return nil, fmt.Errorf("dns lookup errors: %s and %s", errHTTPS, errHTTP)
-	}
-
-	endpoints := make([]string, len(urls))
-	for i := range urls {
-		endpoints[i] = urls[i].String()
-	}
-	return endpoints, nil
-}
diff --git a/vendor/github.com/coreos/etcd/clientv3/README.md b/vendor/github.com/coreos/etcd/clientv3/README.md
index 87c32d1a88a3..376bfba7614d 100644
--- a/vendor/github.com/coreos/etcd/clientv3/README.md
+++ b/vendor/github.com/coreos/etcd/clientv3/README.md
@@ -1,6 +1,6 @@
 # etcd/clientv3
 
-[![Godoc](http://img.shields.io/badge/go-documentation-blue.svg?style=flat-square)](https://godoc.org/github.com/coreos/etcd/clientv3)
+[![Godoc](https://img.shields.io/badge/go-documentation-blue.svg?style=flat-square)](https://godoc.org/github.com/coreos/etcd/clientv3)
 
 `etcd/clientv3` is the official Go etcd client for v3.
 
@@ -32,7 +32,7 @@ pass `context.WithTimeout` to APIs:
 
 ```go
 ctx, cancel := context.WithTimeout(context.Background(), timeout)
-resp, err := kvc.Put(ctx, "sample_key", "sample_value")
+resp, err := cli.Put(ctx, "sample_key", "sample_value")
 cancel()
 if err != nil {
     // handle error!
@@ -57,7 +57,7 @@ etcd client returns 2 types of errors:
 Here is the example code to handle client errors:
 
 ```go
-resp, err := kvc.Put(ctx, "", "")
+resp, err := cli.Put(ctx, "", "")
 if err != nil {
 	switch err {
 	case context.Canceled:
@@ -76,6 +76,10 @@ if err != nil {
 
 The etcd client optionally exposes RPC metrics through [go-grpc-prometheus](https://github.com/grpc-ecosystem/go-grpc-prometheus). See the [examples](https://github.com/coreos/etcd/blob/master/clientv3/example_metrics_test.go).
 
+## Namespacing
+
+The [namespace](https://godoc.org/github.com/coreos/etcd/clientv3/namespace) package provides `clientv3` interface wrappers to transparently isolate client requests to a user-defined prefix.
+
 ## Examples
 
 More code examples can be found at [GoDoc](https://godoc.org/github.com/coreos/etcd/clientv3).
diff --git a/vendor/github.com/coreos/etcd/clientv3/auth.go b/vendor/github.com/coreos/etcd/clientv3/auth.go
index b995bce8e3f2..a64b8caca895 100644
--- a/vendor/github.com/coreos/etcd/clientv3/auth.go
+++ b/vendor/github.com/coreos/etcd/clientv3/auth.go
@@ -20,6 +20,7 @@ import (
 
 	"github.com/coreos/etcd/auth/authpb"
 	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
+
 	"golang.org/x/net/context"
 	"google.golang.org/grpc"
 )
@@ -100,68 +101,65 @@ type Auth interface {
 }
 
 type auth struct {
-	c *Client
-
-	conn   *grpc.ClientConn // conn in-use
-	remote pb.AuthClient
+	remote   pb.AuthClient
+	callOpts []grpc.CallOption
 }
 
 func NewAuth(c *Client) Auth {
-	conn := c.ActiveConnection()
-	return &auth{
-		conn:   c.ActiveConnection(),
-		remote: pb.NewAuthClient(conn),
-		c:      c,
+	api := &auth{remote: RetryAuthClient(c)}
+	if c != nil {
+		api.callOpts = c.callOpts
 	}
+	return api
 }
 
 func (auth *auth) AuthEnable(ctx context.Context) (*AuthEnableResponse, error) {
-	resp, err := auth.remote.AuthEnable(ctx, &pb.AuthEnableRequest{}, grpc.FailFast(false))
+	resp, err := auth.remote.AuthEnable(ctx, &pb.AuthEnableRequest{}, auth.callOpts...)
 	return (*AuthEnableResponse)(resp), toErr(ctx, err)
 }
 
 func (auth *auth) AuthDisable(ctx context.Context) (*AuthDisableResponse, error) {
-	resp, err := auth.remote.AuthDisable(ctx, &pb.AuthDisableRequest{}, grpc.FailFast(false))
+	resp, err := auth.remote.AuthDisable(ctx, &pb.AuthDisableRequest{}, auth.callOpts...)
 	return (*AuthDisableResponse)(resp), toErr(ctx, err)
 }
 
 func (auth *auth) UserAdd(ctx context.Context, name string, password string) (*AuthUserAddResponse, error) {
-	resp, err := auth.remote.UserAdd(ctx, &pb.AuthUserAddRequest{Name: name, Password: password})
+	resp, err := auth.remote.UserAdd(ctx, &pb.AuthUserAddRequest{Name: name, Password: password}, auth.callOpts...)
 	return (*AuthUserAddResponse)(resp), toErr(ctx, err)
 }
 
 func (auth *auth) UserDelete(ctx context.Context, name string) (*AuthUserDeleteResponse, error) {
-	resp, err := auth.remote.UserDelete(ctx, &pb.AuthUserDeleteRequest{Name: name})
+	resp, err := auth.remote.UserDelete(ctx, &pb.AuthUserDeleteRequest{Name: name}, auth.callOpts...)
 	return (*AuthUserDeleteResponse)(resp), toErr(ctx, err)
 }
 
 func (auth *auth) UserChangePassword(ctx context.Context, name string, password string) (*AuthUserChangePasswordResponse, error) {
-	resp, err := auth.remote.UserChangePassword(ctx, &pb.AuthUserChangePasswordRequest{Name: name, Password: password})
+	resp, err := auth.remote.UserChangePassword(ctx, &pb.AuthUserChangePasswordRequest{Name: name, Password: password}, auth.callOpts...)
 	return (*AuthUserChangePasswordResponse)(resp), toErr(ctx, err)
 }
 
 func (auth *auth) UserGrantRole(ctx context.Context, user string, role string) (*AuthUserGrantRoleResponse, error) {
-	resp, err := auth.remote.UserGrantRole(ctx, &pb.AuthUserGrantRoleRequest{User: user, Role: role})
+	resp, err := auth.remote.UserGrantRole(ctx, &pb.AuthUserGrantRoleRequest{User: user, Role: role}, auth.callOpts...)
 	return (*AuthUserGrantRoleResponse)(resp), toErr(ctx, err)
 }
 
 func (auth *auth) UserGet(ctx context.Context, name string) (*AuthUserGetResponse, error) {
-	resp, err := auth.remote.UserGet(ctx, &pb.AuthUserGetRequest{Name: name}, grpc.FailFast(false))
+	resp, err := auth.remote.UserGet(ctx, &pb.AuthUserGetRequest{Name: name}, auth.callOpts...)
 	return (*AuthUserGetResponse)(resp), toErr(ctx, err)
 }
 
 func (auth *auth) UserList(ctx context.Context) (*AuthUserListResponse, error) {
-	resp, err := auth.remote.UserList(ctx, &pb.AuthUserListRequest{}, grpc.FailFast(false))
+	resp, err := auth.remote.UserList(ctx, &pb.AuthUserListRequest{}, auth.callOpts...)
 	return (*AuthUserListResponse)(resp), toErr(ctx, err)
 }
 
 func (auth *auth) UserRevokeRole(ctx context.Context, name string, role string) (*AuthUserRevokeRoleResponse, error) {
-	resp, err := auth.remote.UserRevokeRole(ctx, &pb.AuthUserRevokeRoleRequest{Name: name, Role: role})
+	resp, err := auth.remote.UserRevokeRole(ctx, &pb.AuthUserRevokeRoleRequest{Name: name, Role: role}, auth.callOpts...)
 	return (*AuthUserRevokeRoleResponse)(resp), toErr(ctx, err)
 }
 
 func (auth *auth) RoleAdd(ctx context.Context, name string) (*AuthRoleAddResponse, error) {
-	resp, err := auth.remote.RoleAdd(ctx, &pb.AuthRoleAddRequest{Name: name})
+	resp, err := auth.remote.RoleAdd(ctx, &pb.AuthRoleAddRequest{Name: name}, auth.callOpts...)
 	return (*AuthRoleAddResponse)(resp), toErr(ctx, err)
 }
 
@@ -171,27 +169,27 @@ func (auth *auth) RoleGrantPermission(ctx context.Context, name string, key, ran
 		RangeEnd: []byte(rangeEnd),
 		PermType: authpb.Permission_Type(permType),
 	}
-	resp, err := auth.remote.RoleGrantPermission(ctx, &pb.AuthRoleGrantPermissionRequest{Name: name, Perm: perm})
+	resp, err := auth.remote.RoleGrantPermission(ctx, &pb.AuthRoleGrantPermissionRequest{Name: name, Perm: perm}, auth.callOpts...)
 	return (*AuthRoleGrantPermissionResponse)(resp), toErr(ctx, err)
 }
 
 func (auth *auth) RoleGet(ctx context.Context, role string) (*AuthRoleGetResponse, error) {
-	resp, err := auth.remote.RoleGet(ctx, &pb.AuthRoleGetRequest{Role: role}, grpc.FailFast(false))
+	resp, err := auth.remote.RoleGet(ctx, &pb.AuthRoleGetRequest{Role: role}, auth.callOpts...)
 	return (*AuthRoleGetResponse)(resp), toErr(ctx, err)
 }
 
 func (auth *auth) RoleList(ctx context.Context) (*AuthRoleListResponse, error) {
-	resp, err := auth.remote.RoleList(ctx, &pb.AuthRoleListRequest{}, grpc.FailFast(false))
+	resp, err := auth.remote.RoleList(ctx, &pb.AuthRoleListRequest{}, auth.callOpts...)
 	return (*AuthRoleListResponse)(resp), toErr(ctx, err)
 }
 
 func (auth *auth) RoleRevokePermission(ctx context.Context, role string, key, rangeEnd string) (*AuthRoleRevokePermissionResponse, error) {
-	resp, err := auth.remote.RoleRevokePermission(ctx, &pb.AuthRoleRevokePermissionRequest{Role: role, Key: key, RangeEnd: rangeEnd})
+	resp, err := auth.remote.RoleRevokePermission(ctx, &pb.AuthRoleRevokePermissionRequest{Role: role, Key: key, RangeEnd: rangeEnd}, auth.callOpts...)
 	return (*AuthRoleRevokePermissionResponse)(resp), toErr(ctx, err)
 }
 
 func (auth *auth) RoleDelete(ctx context.Context, role string) (*AuthRoleDeleteResponse, error) {
-	resp, err := auth.remote.RoleDelete(ctx, &pb.AuthRoleDeleteRequest{Role: role})
+	resp, err := auth.remote.RoleDelete(ctx, &pb.AuthRoleDeleteRequest{Role: role}, auth.callOpts...)
 	return (*AuthRoleDeleteResponse)(resp), toErr(ctx, err)
 }
 
@@ -204,12 +202,13 @@ func StrToPermissionType(s string) (PermissionType, error) {
 }
 
 type authenticator struct {
-	conn   *grpc.ClientConn // conn in-use
-	remote pb.AuthClient
+	conn     *grpc.ClientConn // conn in-use
+	remote   pb.AuthClient
+	callOpts []grpc.CallOption
 }
 
 func (auth *authenticator) authenticate(ctx context.Context, name string, password string) (*AuthenticateResponse, error) {
-	resp, err := auth.remote.Authenticate(ctx, &pb.AuthenticateRequest{Name: name, Password: password}, grpc.FailFast(false))
+	resp, err := auth.remote.Authenticate(ctx, &pb.AuthenticateRequest{Name: name, Password: password}, auth.callOpts...)
 	return (*AuthenticateResponse)(resp), toErr(ctx, err)
 }
 
@@ -217,14 +216,18 @@ func (auth *authenticator) close() {
 	auth.conn.Close()
 }
 
-func newAuthenticator(endpoint string, opts []grpc.DialOption) (*authenticator, error) {
+func newAuthenticator(endpoint string, opts []grpc.DialOption, c *Client) (*authenticator, error) {
 	conn, err := grpc.Dial(endpoint, opts...)
 	if err != nil {
 		return nil, err
 	}
 
-	return &authenticator{
+	api := &authenticator{
 		conn:   conn,
 		remote: pb.NewAuthClient(conn),
-	}, nil
+	}
+	if c != nil {
+		api.callOpts = c.callOpts
+	}
+	return api, nil
 }
diff --git a/vendor/github.com/coreos/etcd/clientv3/balancer.go b/vendor/github.com/coreos/etcd/clientv3/balancer.go
deleted file mode 100644
index 0fef9c54934f..000000000000
--- a/vendor/github.com/coreos/etcd/clientv3/balancer.go
+++ /dev/null
@@ -1,239 +0,0 @@
-// Copyright 2016 The etcd Authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package clientv3
-
-import (
-	"net/url"
-	"strings"
-	"sync"
-
-	"golang.org/x/net/context"
-	"google.golang.org/grpc"
-	"google.golang.org/grpc/codes"
-)
-
-// ErrNoAddrAvilable is returned by Get() when the balancer does not have
-// any active connection to endpoints at the time.
-// This error is returned only when opts.BlockingWait is true.
-var ErrNoAddrAvilable = grpc.Errorf(codes.Unavailable, "there is no address available")
-
-// simpleBalancer does the bare minimum to expose multiple eps
-// to the grpc reconnection code path
-type simpleBalancer struct {
-	// addrs are the client's endpoints for grpc
-	addrs []grpc.Address
-	// notifyCh notifies grpc of the set of addresses for connecting
-	notifyCh chan []grpc.Address
-
-	// readyc closes once the first connection is up
-	readyc    chan struct{}
-	readyOnce sync.Once
-
-	// mu protects upEps, pinAddr, and connectingAddr
-	mu sync.RWMutex
-	// upEps holds the current endpoints that have an active connection
-	upEps map[string]struct{}
-	// upc closes when upEps transitions from empty to non-zero or the balancer closes.
-	upc chan struct{}
-
-	// grpc issues TLS cert checks using the string passed into dial so
-	// that string must be the host. To recover the full scheme://host URL,
-	// have a map from hosts to the original endpoint.
-	host2ep map[string]string
-
-	// pinAddr is the currently pinned address; set to the empty string on
-	// intialization and shutdown.
-	pinAddr string
-
-	closed bool
-}
-
-func newSimpleBalancer(eps []string) *simpleBalancer {
-	notifyCh := make(chan []grpc.Address, 1)
-	addrs := make([]grpc.Address, len(eps))
-	for i := range eps {
-		addrs[i].Addr = getHost(eps[i])
-	}
-	notifyCh <- addrs
-	sb := &simpleBalancer{
-		addrs:    addrs,
-		notifyCh: notifyCh,
-		readyc:   make(chan struct{}),
-		upEps:    make(map[string]struct{}),
-		upc:      make(chan struct{}),
-		host2ep:  getHost2ep(eps),
-	}
-	return sb
-}
-
-func (b *simpleBalancer) Start(target string, config grpc.BalancerConfig) error { return nil }
-
-func (b *simpleBalancer) ConnectNotify() <-chan struct{} {
-	b.mu.Lock()
-	defer b.mu.Unlock()
-	return b.upc
-}
-
-func (b *simpleBalancer) getEndpoint(host string) string {
-	b.mu.Lock()
-	defer b.mu.Unlock()
-	return b.host2ep[host]
-}
-
-func getHost2ep(eps []string) map[string]string {
-	hm := make(map[string]string, len(eps))
-	for i := range eps {
-		_, host, _ := parseEndpoint(eps[i])
-		hm[host] = eps[i]
-	}
-	return hm
-}
-
-func (b *simpleBalancer) updateAddrs(eps []string) {
-	np := getHost2ep(eps)
-
-	b.mu.Lock()
-	defer b.mu.Unlock()
-
-	match := len(np) == len(b.host2ep)
-	for k, v := range np {
-		if b.host2ep[k] != v {
-			match = false
-			break
-		}
-	}
-	if match {
-		// same endpoints, so no need to update address
-		return
-	}
-
-	b.host2ep = np
-
-	addrs := make([]grpc.Address, 0, len(eps))
-	for i := range eps {
-		addrs = append(addrs, grpc.Address{Addr: getHost(eps[i])})
-	}
-	b.addrs = addrs
-	b.notifyCh <- addrs
-}
-
-func (b *simpleBalancer) Up(addr grpc.Address) func(error) {
-	b.mu.Lock()
-	defer b.mu.Unlock()
-
-	// gRPC might call Up after it called Close. We add this check
-	// to "fix" it up at application layer. Or our simplerBalancer
-	// might panic since b.upc is closed.
-	if b.closed {
-		return func(err error) {}
-	}
-
-	if len(b.upEps) == 0 {
-		// notify waiting Get()s and pin first connected address
-		close(b.upc)
-		b.pinAddr = addr.Addr
-	}
-	b.upEps[addr.Addr] = struct{}{}
-
-	// notify client that a connection is up
-	b.readyOnce.Do(func() { close(b.readyc) })
-
-	return func(err error) {
-		b.mu.Lock()
-		delete(b.upEps, addr.Addr)
-		if len(b.upEps) == 0 && b.pinAddr != "" {
-			b.upc = make(chan struct{})
-		} else if b.pinAddr == addr.Addr {
-			// choose new random up endpoint
-			for k := range b.upEps {
-				b.pinAddr = k
-				break
-			}
-		}
-		b.mu.Unlock()
-	}
-}
-
-func (b *simpleBalancer) Get(ctx context.Context, opts grpc.BalancerGetOptions) (grpc.Address, func(), error) {
-	var addr string
-
-	// If opts.BlockingWait is false (for fail-fast RPCs), it should return
-	// an address it has notified via Notify immediately instead of blocking.
-	if !opts.BlockingWait {
-		b.mu.RLock()
-		closed := b.closed
-		addr = b.pinAddr
-		upEps := len(b.upEps)
-		b.mu.RUnlock()
-		if closed {
-			return grpc.Address{Addr: ""}, nil, grpc.ErrClientConnClosing
-		}
-
-		if upEps == 0 {
-			return grpc.Address{Addr: ""}, nil, ErrNoAddrAvilable
-		}
-		return grpc.Address{Addr: addr}, func() {}, nil
-	}
-
-	for {
-		b.mu.RLock()
-		ch := b.upc
-		b.mu.RUnlock()
-		select {
-		case <-ch:
-		case <-ctx.Done():
-			return grpc.Address{Addr: ""}, nil, ctx.Err()
-		}
-		b.mu.RLock()
-		addr = b.pinAddr
-		upEps := len(b.upEps)
-		b.mu.RUnlock()
-		if addr == "" {
-			return grpc.Address{Addr: ""}, nil, grpc.ErrClientConnClosing
-		}
-		if upEps > 0 {
-			break
-		}
-	}
-	return grpc.Address{Addr: addr}, func() {}, nil
-}
-
-func (b *simpleBalancer) Notify() <-chan []grpc.Address { return b.notifyCh }
-
-func (b *simpleBalancer) Close() error {
-	b.mu.Lock()
-	defer b.mu.Unlock()
-	// In case gRPC calls close twice. TODO: remove the checking
-	// when we are sure that gRPC wont call close twice.
-	if b.closed {
-		return nil
-	}
-	b.closed = true
-	close(b.notifyCh)
-	// terminate all waiting Get()s
-	b.pinAddr = ""
-	if len(b.upEps) == 0 {
-		close(b.upc)
-	}
-	return nil
-}
-
-func getHost(ep string) string {
-	url, uerr := url.Parse(ep)
-	if uerr != nil || !strings.Contains(ep, "://") {
-		return ep
-	}
-	return url.Host
-}
diff --git a/vendor/github.com/coreos/etcd/clientv3/client.go b/vendor/github.com/coreos/etcd/clientv3/client.go
index 8263890bdff0..2bdd928771f1 100644
--- a/vendor/github.com/coreos/etcd/clientv3/client.go
+++ b/vendor/github.com/coreos/etcd/clientv3/client.go
@@ -20,22 +20,25 @@ import (
 	"fmt"
 	"net"
 	"net/url"
+	"strconv"
 	"strings"
 	"sync"
 	"time"
 
 	"github.com/coreos/etcd/etcdserver/api/v3rpc/rpctypes"
-	prometheus "github.com/grpc-ecosystem/go-grpc-prometheus"
 
 	"golang.org/x/net/context"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/credentials"
+	"google.golang.org/grpc/keepalive"
 	"google.golang.org/grpc/metadata"
+	"google.golang.org/grpc/status"
 )
 
 var (
 	ErrNoAvailableEndpoints = errors.New("etcdclient: no available endpoints")
+	ErrOldCluster           = errors.New("etcdclient: old cluster version")
 )
 
 // Client provides and manages an etcd v3 client session.
@@ -47,22 +50,25 @@ type Client struct {
 	Auth
 	Maintenance
 
-	conn             *grpc.ClientConn
-	cfg              Config
-	creds            *credentials.TransportCredentials
-	balancer         *simpleBalancer
-	retryWrapper     retryRpcFunc
-	retryAuthWrapper retryRpcFunc
+	conn     *grpc.ClientConn
+	dialerrc chan error
+
+	cfg      Config
+	creds    *credentials.TransportCredentials
+	balancer *healthBalancer
+	mu       *sync.Mutex
 
 	ctx    context.Context
 	cancel context.CancelFunc
 
-	// Username is a username for authentication
+	// Username is a user name for authentication.
 	Username string
-	// Password is a password for authentication
+	// Password is a password for authentication.
 	Password string
 	// tokenCred is an instance of WithPerRPCCredentials()'s argument
 	tokenCred *authTokenCredential
+
+	callOpts []grpc.CallOption
 }
 
 // New creates a new etcdv3 client from a given configuration.
@@ -74,26 +80,28 @@ func New(cfg Config) (*Client, error) {
 	return newClient(&cfg)
 }
 
+// NewCtxClient creates a client with a context but no underlying grpc
+// connection. This is useful for embedded cases that override the
+// service interface implementations and do not need connection management.
+func NewCtxClient(ctx context.Context) *Client {
+	cctx, cancel := context.WithCancel(ctx)
+	return &Client{ctx: cctx, cancel: cancel}
+}
+
 // NewFromURL creates a new etcdv3 client from a URL.
 func NewFromURL(url string) (*Client, error) {
 	return New(Config{Endpoints: []string{url}})
 }
 
-// NewFromConfigFile creates a new etcdv3 client from a configuration file.
-func NewFromConfigFile(path string) (*Client, error) {
-	cfg, err := configFromFile(path)
-	if err != nil {
-		return nil, err
-	}
-	return New(*cfg)
-}
-
 // Close shuts down the client's etcd connections.
 func (c *Client) Close() error {
 	c.cancel()
 	c.Watcher.Close()
 	c.Lease.Close()
-	return toErr(c.ctx, c.conn.Close())
+	if c.conn != nil {
+		return toErr(c.ctx, c.conn.Close())
+	}
+	return c.ctx.Err()
 }
 
 // Ctx is a context for "out of band" messages (e.g., for sending
@@ -111,8 +119,23 @@ func (c *Client) Endpoints() (eps []string) {
 
 // SetEndpoints updates client's endpoints.
 func (c *Client) SetEndpoints(eps ...string) {
+	c.mu.Lock()
 	c.cfg.Endpoints = eps
-	c.balancer.updateAddrs(eps)
+	c.mu.Unlock()
+	c.balancer.updateAddrs(eps...)
+
+	// updating notifyCh can trigger new connections,
+	// need update addrs if all connections are down
+	// or addrs does not include pinAddr.
+	c.balancer.mu.RLock()
+	update := !hasAddr(c.balancer.addrs, c.balancer.pinAddr)
+	c.balancer.mu.RUnlock()
+	if update {
+		select {
+		case c.balancer.updateAddrsC <- notifyNext:
+		case <-c.balancer.stopc:
+		}
+	}
 }
 
 // Sync synchronizes client's endpoints with the known endpoints from the etcd membership.
@@ -139,8 +162,10 @@ func (c *Client) autoSync() {
 		case <-c.ctx.Done():
 			return
 		case <-time.After(c.cfg.AutoSyncInterval):
-			ctx, _ := context.WithTimeout(c.ctx, 5*time.Second)
-			if err := c.Sync(ctx); err != nil && err != c.ctx.Err() {
+			ctx, cancel := context.WithTimeout(c.ctx, 5*time.Second)
+			err := c.Sync(ctx)
+			cancel()
+			if err != nil && err != c.ctx.Err() {
 				logger.Println("Auto sync endpoints failed:", err)
 			}
 		}
@@ -169,7 +194,7 @@ func parseEndpoint(endpoint string) (proto string, host string, scheme string) {
 	host = endpoint
 	url, uerr := url.Parse(endpoint)
 	if uerr != nil || !strings.Contains(endpoint, "://") {
-		return
+		return proto, host, scheme
 	}
 	scheme = url.Scheme
 
@@ -177,12 +202,13 @@ func parseEndpoint(endpoint string) (proto string, host string, scheme string) {
 	host = url.Host
 	switch url.Scheme {
 	case "http", "https":
-	case "unix":
+	case "unix", "unixs":
 		proto = "unix"
+		host = url.Host + url.Path
 	default:
 		proto, host = "", ""
 	}
-	return
+	return proto, host, scheme
 }
 
 func (c *Client) processCreds(scheme string) (creds *credentials.TransportCredentials) {
@@ -191,7 +217,7 @@ func (c *Client) processCreds(scheme string) (creds *credentials.TransportCreden
 	case "unix":
 	case "http":
 		creds = nil
-	case "https":
+	case "https", "unixs":
 		if creds != nil {
 			break
 		}
@@ -201,7 +227,7 @@ func (c *Client) processCreds(scheme string) (creds *credentials.TransportCreden
 	default:
 		creds = nil
 	}
-	return
+	return creds
 }
 
 // dialSetupOpts gives the dial opts prior to any authentication
@@ -209,10 +235,22 @@ func (c *Client) dialSetupOpts(endpoint string, dopts ...grpc.DialOption) (opts
 	if c.cfg.DialTimeout > 0 {
 		opts = []grpc.DialOption{grpc.WithTimeout(c.cfg.DialTimeout)}
 	}
+	if c.cfg.DialKeepAliveTime > 0 {
+		params := keepalive.ClientParameters{
+			Time:    c.cfg.DialKeepAliveTime,
+			Timeout: c.cfg.DialKeepAliveTimeout,
+		}
+		opts = append(opts, grpc.WithKeepaliveParams(params))
+	}
 	opts = append(opts, dopts...)
 
 	f := func(host string, t time.Duration) (net.Conn, error) {
-		proto, host, _ := parseEndpoint(c.balancer.getEndpoint(host))
+		proto, host, _ := parseEndpoint(c.balancer.endpoint(host))
+		if host == "" && endpoint != "" {
+			// dialing an endpoint not in the balancer; use
+			// endpoint passed into dial
+			proto, host, _ = parseEndpoint(endpoint)
+		}
 		if proto == "" {
 			return nil, fmt.Errorf("unknown scheme for %q", host)
 		}
@@ -222,7 +260,14 @@ func (c *Client) dialSetupOpts(endpoint string, dopts ...grpc.DialOption) (opts
 		default:
 		}
 		dialer := &net.Dialer{Timeout: t}
-		return dialer.DialContext(c.ctx, proto, host)
+		conn, err := dialer.DialContext(c.ctx, proto, host)
+		if err != nil {
+			select {
+			case c.dialerrc <- err:
+			default:
+			}
+		}
+		return conn, err
 	}
 	opts = append(opts, grpc.WithDialer(f))
 
@@ -252,7 +297,7 @@ func (c *Client) getToken(ctx context.Context) error {
 		endpoint := c.cfg.Endpoints[i]
 		host := getHost(endpoint)
 		// use dial options without dopts to avoid reusing the client balancer
-		auth, err = newAuthenticator(host, c.dialSetupOpts(endpoint))
+		auth, err = newAuthenticator(host, c.dialSetupOpts(endpoint), c)
 		if err != nil {
 			continue
 		}
@@ -288,21 +333,23 @@ func (c *Client) dial(endpoint string, dopts ...grpc.DialOption) (*grpc.ClientCo
 			defer cancel()
 			ctx = cctx
 		}
-		if err := c.getToken(ctx); err != nil {
-			if err == ctx.Err() && ctx.Err() != c.ctx.Err() {
-				err = grpc.ErrClientConnTimeout
+
+		err := c.getToken(ctx)
+		if err != nil {
+			if toErr(ctx, err) != rpctypes.ErrAuthNotEnabled {
+				if err == ctx.Err() && ctx.Err() != c.ctx.Err() {
+					err = context.DeadlineExceeded
+				}
+				return nil, err
 			}
-			return nil, err
+		} else {
+			opts = append(opts, grpc.WithPerRPCCredentials(c.tokenCred))
 		}
-
-		opts = append(opts, grpc.WithPerRPCCredentials(c.tokenCred))
 	}
 
-	// add metrics options
-	opts = append(opts, grpc.WithUnaryInterceptor(prometheus.UnaryClientInterceptor))
-	opts = append(opts, grpc.WithStreamInterceptor(prometheus.StreamClientInterceptor))
+	opts = append(opts, c.cfg.DialOptions...)
 
-	conn, err := grpc.Dial(host, opts...)
+	conn, err := grpc.DialContext(c.ctx, host, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -313,7 +360,7 @@ func (c *Client) dial(endpoint string, dopts ...grpc.DialOption) (*grpc.ClientCo
 // when the cluster has a leader.
 func WithRequireLeader(ctx context.Context) context.Context {
 	md := metadata.Pairs(rpctypes.MetadataRequireLeaderKey, rpctypes.MetadataHasLeader)
-	return metadata.NewContext(ctx, md)
+	return metadata.NewOutgoingContext(ctx, md)
 }
 
 func newClient(cfg *Config) (*Client, error) {
@@ -327,20 +374,50 @@ func newClient(cfg *Config) (*Client, error) {
 	}
 
 	// use a temporary skeleton client to bootstrap first connection
-	ctx, cancel := context.WithCancel(context.TODO())
+	baseCtx := context.TODO()
+	if cfg.Context != nil {
+		baseCtx = cfg.Context
+	}
+
+	ctx, cancel := context.WithCancel(baseCtx)
 	client := &Client{
-		conn:   nil,
-		cfg:    *cfg,
-		creds:  creds,
-		ctx:    ctx,
-		cancel: cancel,
+		conn:     nil,
+		dialerrc: make(chan error, 1),
+		cfg:      *cfg,
+		creds:    creds,
+		ctx:      ctx,
+		cancel:   cancel,
+		mu:       new(sync.Mutex),
+		callOpts: defaultCallOpts,
 	}
 	if cfg.Username != "" && cfg.Password != "" {
 		client.Username = cfg.Username
 		client.Password = cfg.Password
 	}
+	if cfg.MaxCallSendMsgSize > 0 || cfg.MaxCallRecvMsgSize > 0 {
+		if cfg.MaxCallRecvMsgSize > 0 && cfg.MaxCallSendMsgSize > cfg.MaxCallRecvMsgSize {
+			return nil, fmt.Errorf("gRPC message recv limit (%d bytes) must be greater than send limit (%d bytes)", cfg.MaxCallRecvMsgSize, cfg.MaxCallSendMsgSize)
+		}
+		callOpts := []grpc.CallOption{
+			defaultFailFast,
+			defaultMaxCallSendMsgSize,
+			defaultMaxCallRecvMsgSize,
+		}
+		if cfg.MaxCallSendMsgSize > 0 {
+			callOpts[1] = grpc.MaxCallSendMsgSize(cfg.MaxCallSendMsgSize)
+		}
+		if cfg.MaxCallRecvMsgSize > 0 {
+			callOpts[2] = grpc.MaxCallRecvMsgSize(cfg.MaxCallRecvMsgSize)
+		}
+		client.callOpts = callOpts
+	}
 
-	client.balancer = newSimpleBalancer(cfg.Endpoints)
+	client.balancer = newHealthBalancer(cfg.Endpoints, cfg.DialTimeout, func(ep string) (bool, error) {
+		return grpcHealthCheck(client, ep)
+	})
+
+	// use Endpoints[0] so that for https:// without any tls config given, then
+	// grpc will assume the certificate server name is the endpoint host.
 	conn, err := client.dial(cfg.Endpoints[0], grpc.WithBalancer(client.balancer))
 	if err != nil {
 		client.cancel()
@@ -348,24 +425,27 @@ func newClient(cfg *Config) (*Client, error) {
 		return nil, err
 	}
 	client.conn = conn
-	client.retryWrapper = client.newRetryWrapper()
-	client.retryAuthWrapper = client.newAuthRetryWrapper()
 
 	// wait for a connection
 	if cfg.DialTimeout > 0 {
 		hasConn := false
 		waitc := time.After(cfg.DialTimeout)
 		select {
-		case <-client.balancer.readyc:
+		case <-client.balancer.ready():
 			hasConn = true
 		case <-ctx.Done():
 		case <-waitc:
 		}
 		if !hasConn {
+			err := context.DeadlineExceeded
+			select {
+			case err = <-client.dialerrc:
+			default:
+			}
 			client.cancel()
 			client.balancer.Close()
 			conn.Close()
-			return nil, grpc.ErrClientConnTimeout
+			return nil, err
 		}
 	}
 
@@ -376,10 +456,57 @@ func newClient(cfg *Config) (*Client, error) {
 	client.Auth = NewAuth(client)
 	client.Maintenance = NewMaintenance(client)
 
+	if cfg.RejectOldCluster {
+		if err := client.checkVersion(); err != nil {
+			client.Close()
+			return nil, err
+		}
+	}
+
 	go client.autoSync()
 	return client, nil
 }
 
+func (c *Client) checkVersion() (err error) {
+	var wg sync.WaitGroup
+	errc := make(chan error, len(c.cfg.Endpoints))
+	ctx, cancel := context.WithCancel(c.ctx)
+	if c.cfg.DialTimeout > 0 {
+		ctx, cancel = context.WithTimeout(ctx, c.cfg.DialTimeout)
+	}
+	wg.Add(len(c.cfg.Endpoints))
+	for _, ep := range c.cfg.Endpoints {
+		// if cluster is current, any endpoint gives a recent version
+		go func(e string) {
+			defer wg.Done()
+			resp, rerr := c.Status(ctx, e)
+			if rerr != nil {
+				errc <- rerr
+				return
+			}
+			vs := strings.Split(resp.Version, ".")
+			maj, min := 0, 0
+			if len(vs) >= 2 {
+				maj, _ = strconv.Atoi(vs[0])
+				min, rerr = strconv.Atoi(vs[1])
+			}
+			if maj < 3 || (maj == 3 && min < 2) {
+				rerr = ErrOldCluster
+			}
+			errc <- rerr
+		}(ep)
+	}
+	// wait for success
+	for i := 0; i < len(c.cfg.Endpoints); i++ {
+		if err = <-errc; err == nil {
+			break
+		}
+	}
+	cancel()
+	wg.Wait()
+	return err
+}
+
 // ActiveConnection returns the current in-use connection
 func (c *Client) ActiveConnection() *grpc.ClientConn { return c.conn }
 
@@ -392,14 +519,14 @@ func isHaltErr(ctx context.Context, err error) bool {
 	if err == nil {
 		return false
 	}
-	code := grpc.Code(err)
+	ev, _ := status.FromError(err)
 	// Unavailable codes mean the system will be right back.
 	// (e.g., can't connect, lost leader)
 	// Treat Internal codes as if something failed, leaving the
 	// system in an inconsistent state, but retrying could make progress.
 	// (e.g., failed in middle of send, corrupted frame)
 	// TODO: are permanent Internal errors possible from grpc?
-	return code != codes.Unavailable && code != codes.Internal
+	return ev.Code() != codes.Unavailable && ev.Code() != codes.Internal
 }
 
 func toErr(ctx context.Context, err error) error {
@@ -410,7 +537,8 @@ func toErr(ctx context.Context, err error) error {
 	if _, ok := err.(rpctypes.EtcdError); ok {
 		return err
 	}
-	code := grpc.Code(err)
+	ev, _ := status.FromError(err)
+	code := ev.Code()
 	switch code {
 	case codes.DeadlineExceeded:
 		fallthrough
@@ -419,9 +547,16 @@ func toErr(ctx context.Context, err error) error {
 			err = ctx.Err()
 		}
 	case codes.Unavailable:
-		err = ErrNoAvailableEndpoints
 	case codes.FailedPrecondition:
 		err = grpc.ErrClientConnClosing
 	}
 	return err
 }
+
+func canceledByCaller(stopCtx context.Context, err error) bool {
+	if stopCtx.Err() == nil || err == nil {
+		return false
+	}
+
+	return err == context.Canceled || err == context.DeadlineExceeded
+}
diff --git a/vendor/github.com/coreos/etcd/clientv3/cluster.go b/vendor/github.com/coreos/etcd/clientv3/cluster.go
index b9bff626bd7b..545d676e7bb3 100644
--- a/vendor/github.com/coreos/etcd/clientv3/cluster.go
+++ b/vendor/github.com/coreos/etcd/clientv3/cluster.go
@@ -16,6 +16,7 @@ package clientv3
 
 import (
 	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
+
 	"golang.org/x/net/context"
 	"google.golang.org/grpc"
 )
@@ -43,60 +44,59 @@ type Cluster interface {
 }
 
 type cluster struct {
-	remote pb.ClusterClient
+	remote   pb.ClusterClient
+	callOpts []grpc.CallOption
 }
 
 func NewCluster(c *Client) Cluster {
-	return &cluster{remote: RetryClusterClient(c)}
+	api := &cluster{remote: RetryClusterClient(c)}
+	if c != nil {
+		api.callOpts = c.callOpts
+	}
+	return api
+}
+
+func NewClusterFromClusterClient(remote pb.ClusterClient, c *Client) Cluster {
+	api := &cluster{remote: remote}
+	if c != nil {
+		api.callOpts = c.callOpts
+	}
+	return api
 }
 
 func (c *cluster) MemberAdd(ctx context.Context, peerAddrs []string) (*MemberAddResponse, error) {
 	r := &pb.MemberAddRequest{PeerURLs: peerAddrs}
-	resp, err := c.remote.MemberAdd(ctx, r)
-	if err == nil {
-		return (*MemberAddResponse)(resp), nil
-	}
-	if isHaltErr(ctx, err) {
+	resp, err := c.remote.MemberAdd(ctx, r, c.callOpts...)
+	if err != nil {
 		return nil, toErr(ctx, err)
 	}
-	return nil, toErr(ctx, err)
+	return (*MemberAddResponse)(resp), nil
 }
 
 func (c *cluster) MemberRemove(ctx context.Context, id uint64) (*MemberRemoveResponse, error) {
 	r := &pb.MemberRemoveRequest{ID: id}
-	resp, err := c.remote.MemberRemove(ctx, r)
-	if err == nil {
-		return (*MemberRemoveResponse)(resp), nil
-	}
-	if isHaltErr(ctx, err) {
+	resp, err := c.remote.MemberRemove(ctx, r, c.callOpts...)
+	if err != nil {
 		return nil, toErr(ctx, err)
 	}
-	return nil, toErr(ctx, err)
+	return (*MemberRemoveResponse)(resp), nil
 }
 
 func (c *cluster) MemberUpdate(ctx context.Context, id uint64, peerAddrs []string) (*MemberUpdateResponse, error) {
 	// it is safe to retry on update.
-	for {
-		r := &pb.MemberUpdateRequest{ID: id, PeerURLs: peerAddrs}
-		resp, err := c.remote.MemberUpdate(ctx, r, grpc.FailFast(false))
-		if err == nil {
-			return (*MemberUpdateResponse)(resp), nil
-		}
-		if isHaltErr(ctx, err) {
-			return nil, toErr(ctx, err)
-		}
+	r := &pb.MemberUpdateRequest{ID: id, PeerURLs: peerAddrs}
+	resp, err := c.remote.MemberUpdate(ctx, r, c.callOpts...)
+	if err == nil {
+		return (*MemberUpdateResponse)(resp), nil
 	}
+	return nil, toErr(ctx, err)
 }
 
 func (c *cluster) MemberList(ctx context.Context) (*MemberListResponse, error) {
 	// it is safe to retry on list.
-	for {
-		resp, err := c.remote.MemberList(ctx, &pb.MemberListRequest{}, grpc.FailFast(false))
-		if err == nil {
-			return (*MemberListResponse)(resp), nil
-		}
-		if isHaltErr(ctx, err) {
-			return nil, toErr(ctx, err)
-		}
+	resp, err := c.remote.MemberList(ctx, &pb.MemberListRequest{}, c.callOpts...)
+	if err == nil {
+		return (*MemberListResponse)(resp), nil
 	}
+	return nil, toErr(ctx, err)
 }
diff --git a/vendor/github.com/coreos/etcd/clientv3/compact_op.go b/vendor/github.com/coreos/etcd/clientv3/compact_op.go
index 32d97eb0cc1c..41e80c1da5d4 100644
--- a/vendor/github.com/coreos/etcd/clientv3/compact_op.go
+++ b/vendor/github.com/coreos/etcd/clientv3/compact_op.go
@@ -44,10 +44,8 @@ func (op CompactOp) toRequest() *pb.CompactionRequest {
 	return &pb.CompactionRequest{Revision: op.revision, Physical: op.physical}
 }
 
-// WithCompactPhysical makes compact RPC call wait until
-// the compaction is physically applied to the local database
-// such that compacted entries are totally removed from the
-// backend database.
+// WithCompactPhysical makes Compact wait until all compacted entries are
+// removed from the etcd server's storage.
 func WithCompactPhysical() CompactOption {
 	return func(op *CompactOp) { op.physical = true }
 }
diff --git a/vendor/github.com/coreos/etcd/clientv3/compare.go b/vendor/github.com/coreos/etcd/clientv3/compare.go
index f89ffb52c4ad..68a25fd800fb 100644
--- a/vendor/github.com/coreos/etcd/clientv3/compare.go
+++ b/vendor/github.com/coreos/etcd/clientv3/compare.go
@@ -82,6 +82,24 @@ func ModRevision(key string) Cmp {
 	return Cmp{Key: []byte(key), Target: pb.Compare_MOD}
 }
 
+// KeyBytes returns the byte slice holding with the comparison key.
+func (cmp *Cmp) KeyBytes() []byte { return cmp.Key }
+
+// WithKeyBytes sets the byte slice for the comparison key.
+func (cmp *Cmp) WithKeyBytes(key []byte) { cmp.Key = key }
+
+// ValueBytes returns the byte slice holding the comparison value, if any.
+func (cmp *Cmp) ValueBytes() []byte {
+	if tu, ok := cmp.TargetUnion.(*pb.Compare_Value); ok {
+		return tu.Value
+	}
+	return nil
+}
+
+// WithValueBytes sets the byte slice for the comparison's value.
+func (cmp *Cmp) WithValueBytes(v []byte) { cmp.TargetUnion.(*pb.Compare_Value).Value = v }
+
+// mustInt64 panics if val isn't an int or int64. It returns an int64 otherwise.
 func mustInt64(val interface{}) int64 {
 	if v, ok := val.(int64); ok {
 		return v
@@ -91,3 +109,12 @@ func mustInt64(val interface{}) int64 {
 	}
 	panic("bad value")
 }
+
+// mustInt64orLeaseID panics if val isn't a LeaseID, int or int64. It returns an
+// int64 otherwise.
+func mustInt64orLeaseID(val interface{}) int64 {
+	if v, ok := val.(LeaseID); ok {
+		return int64(v)
+	}
+	return mustInt64(val)
+}
diff --git a/vendor/github.com/cockroachdb/cmux/doc.go b/vendor/github.com/coreos/etcd/clientv3/concurrency/doc.go
similarity index 55%
rename from vendor/github.com/cockroachdb/cmux/doc.go
rename to vendor/github.com/coreos/etcd/clientv3/concurrency/doc.go
index aaa8f3158998..dcdbf511d1b1 100644
--- a/vendor/github.com/cockroachdb/cmux/doc.go
+++ b/vendor/github.com/coreos/etcd/clientv3/concurrency/doc.go
@@ -1,4 +1,4 @@
-// Copyright 2016 The CMux Authors. All rights reserved.
+// Copyright 2016 The etcd Authors
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -8,11 +8,10 @@
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-// implied. See the License for the specific language governing
-// permissions and limitations under the License.
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
 
-// Package cmux is a library to multiplex network connections based on
-// their payload. Using cmux, you can serve different protocols from the
-// same listener.
-package cmux
+// Package concurrency implements concurrency operations on top of
+// etcd such as distributed locks, barriers, and elections.
+package concurrency
diff --git a/vendor/github.com/coreos/etcd/clientv3/concurrency/election.go b/vendor/github.com/coreos/etcd/clientv3/concurrency/election.go
new file mode 100644
index 000000000000..c092bde0aeb6
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/clientv3/concurrency/election.go
@@ -0,0 +1,246 @@
+// Copyright 2016 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package concurrency
+
+import (
+	"errors"
+	"fmt"
+
+	v3 "github.com/coreos/etcd/clientv3"
+	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
+	"github.com/coreos/etcd/mvcc/mvccpb"
+
+	"golang.org/x/net/context"
+)
+
+var (
+	ErrElectionNotLeader = errors.New("election: not leader")
+	ErrElectionNoLeader  = errors.New("election: no leader")
+)
+
+type Election struct {
+	session *Session
+
+	keyPrefix string
+
+	leaderKey     string
+	leaderRev     int64
+	leaderSession *Session
+	hdr           *pb.ResponseHeader
+}
+
+// NewElection returns a new election on a given key prefix.
+func NewElection(s *Session, pfx string) *Election {
+	return &Election{session: s, keyPrefix: pfx + "/"}
+}
+
+// ResumeElection initializes an election with a known leader.
+func ResumeElection(s *Session, pfx string, leaderKey string, leaderRev int64) *Election {
+	return &Election{
+		session:       s,
+		leaderKey:     leaderKey,
+		leaderRev:     leaderRev,
+		leaderSession: s,
+	}
+}
+
+// Campaign puts a value as eligible for the election. It blocks until
+// it is elected, an error occurs, or the context is cancelled.
+func (e *Election) Campaign(ctx context.Context, val string) error {
+	s := e.session
+	client := e.session.Client()
+
+	k := fmt.Sprintf("%s%x", e.keyPrefix, s.Lease())
+	txn := client.Txn(ctx).If(v3.Compare(v3.CreateRevision(k), "=", 0))
+	txn = txn.Then(v3.OpPut(k, val, v3.WithLease(s.Lease())))
+	txn = txn.Else(v3.OpGet(k))
+	resp, err := txn.Commit()
+	if err != nil {
+		return err
+	}
+	e.leaderKey, e.leaderRev, e.leaderSession = k, resp.Header.Revision, s
+	if !resp.Succeeded {
+		kv := resp.Responses[0].GetResponseRange().Kvs[0]
+		e.leaderRev = kv.CreateRevision
+		if string(kv.Value) != val {
+			if err = e.Proclaim(ctx, val); err != nil {
+				e.Resign(ctx)
+				return err
+			}
+		}
+	}
+
+	_, err = waitDeletes(ctx, client, e.keyPrefix, e.leaderRev-1)
+	if err != nil {
+		// clean up in case of context cancel
+		select {
+		case <-ctx.Done():
+			e.Resign(client.Ctx())
+		default:
+			e.leaderSession = nil
+		}
+		return err
+	}
+	e.hdr = resp.Header
+
+	return nil
+}
+
+// Proclaim lets the leader announce a new value without another election.
+func (e *Election) Proclaim(ctx context.Context, val string) error {
+	if e.leaderSession == nil {
+		return ErrElectionNotLeader
+	}
+	client := e.session.Client()
+	cmp := v3.Compare(v3.CreateRevision(e.leaderKey), "=", e.leaderRev)
+	txn := client.Txn(ctx).If(cmp)
+	txn = txn.Then(v3.OpPut(e.leaderKey, val, v3.WithLease(e.leaderSession.Lease())))
+	tresp, terr := txn.Commit()
+	if terr != nil {
+		return terr
+	}
+	if !tresp.Succeeded {
+		e.leaderKey = ""
+		return ErrElectionNotLeader
+	}
+
+	e.hdr = tresp.Header
+	return nil
+}
+
+// Resign lets a leader start a new election.
+func (e *Election) Resign(ctx context.Context) (err error) {
+	if e.leaderSession == nil {
+		return nil
+	}
+	client := e.session.Client()
+	cmp := v3.Compare(v3.CreateRevision(e.leaderKey), "=", e.leaderRev)
+	resp, err := client.Txn(ctx).If(cmp).Then(v3.OpDelete(e.leaderKey)).Commit()
+	if err == nil {
+		e.hdr = resp.Header
+	}
+	e.leaderKey = ""
+	e.leaderSession = nil
+	return err
+}
+
+// Leader returns the leader value for the current election.
+func (e *Election) Leader(ctx context.Context) (*v3.GetResponse, error) {
+	client := e.session.Client()
+	resp, err := client.Get(ctx, e.keyPrefix, v3.WithFirstCreate()...)
+	if err != nil {
+		return nil, err
+	} else if len(resp.Kvs) == 0 {
+		// no leader currently elected
+		return nil, ErrElectionNoLeader
+	}
+	return resp, nil
+}
+
+// Observe returns a channel that reliably observes ordered leader proposals
+// as GetResponse values on every current elected leader key. It will not
+// necessarily fetch all historical leader updates, but will always post the
+// most recent leader value.
+//
+// The channel closes when the context is canceled or the underlying watcher
+// is otherwise disrupted.
+func (e *Election) Observe(ctx context.Context) <-chan v3.GetResponse {
+	retc := make(chan v3.GetResponse)
+	go e.observe(ctx, retc)
+	return retc
+}
+
+func (e *Election) observe(ctx context.Context, ch chan<- v3.GetResponse) {
+	client := e.session.Client()
+
+	defer close(ch)
+	for {
+		resp, err := client.Get(ctx, e.keyPrefix, v3.WithFirstCreate()...)
+		if err != nil {
+			return
+		}
+
+		var kv *mvccpb.KeyValue
+		var hdr *pb.ResponseHeader
+
+		if len(resp.Kvs) == 0 {
+			cctx, cancel := context.WithCancel(ctx)
+			// wait for first key put on prefix
+			opts := []v3.OpOption{v3.WithRev(resp.Header.Revision), v3.WithPrefix()}
+			wch := client.Watch(cctx, e.keyPrefix, opts...)
+			for kv == nil {
+				wr, ok := <-wch
+				if !ok || wr.Err() != nil {
+					cancel()
+					return
+				}
+				// only accept puts; a delete will make observe() spin
+				for _, ev := range wr.Events {
+					if ev.Type == mvccpb.PUT {
+						hdr, kv = &wr.Header, ev.Kv
+						// may have multiple revs; hdr.rev = the last rev
+						// set to kv's rev in case batch has multiple Puts
+						hdr.Revision = kv.ModRevision
+						break
+					}
+				}
+			}
+			cancel()
+		} else {
+			hdr, kv = resp.Header, resp.Kvs[0]
+		}
+
+		select {
+		case ch <- v3.GetResponse{Header: hdr, Kvs: []*mvccpb.KeyValue{kv}}:
+		case <-ctx.Done():
+			return
+		}
+
+		cctx, cancel := context.WithCancel(ctx)
+		wch := client.Watch(cctx, string(kv.Key), v3.WithRev(hdr.Revision+1))
+		keyDeleted := false
+		for !keyDeleted {
+			wr, ok := <-wch
+			if !ok {
+				cancel()
+				return
+			}
+			for _, ev := range wr.Events {
+				if ev.Type == mvccpb.DELETE {
+					keyDeleted = true
+					break
+				}
+				resp.Header = &wr.Header
+				resp.Kvs = []*mvccpb.KeyValue{ev.Kv}
+				select {
+				case ch <- *resp:
+				case <-cctx.Done():
+					cancel()
+					return
+				}
+			}
+		}
+		cancel()
+	}
+}
+
+// Key returns the leader key if elected, empty string otherwise.
+func (e *Election) Key() string { return e.leaderKey }
+
+// Rev returns the leader key's creation revision, if elected.
+func (e *Election) Rev() int64 { return e.leaderRev }
+
+// Header is the response header from the last successful election proposal.
+func (e *Election) Header() *pb.ResponseHeader { return e.hdr }
diff --git a/vendor/github.com/coreos/etcd/clientv3/concurrency/key.go b/vendor/github.com/coreos/etcd/clientv3/concurrency/key.go
new file mode 100644
index 000000000000..9936737756ca
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/clientv3/concurrency/key.go
@@ -0,0 +1,66 @@
+// Copyright 2016 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package concurrency
+
+import (
+	"fmt"
+
+	v3 "github.com/coreos/etcd/clientv3"
+	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
+	"github.com/coreos/etcd/mvcc/mvccpb"
+
+	"golang.org/x/net/context"
+)
+
+func waitDelete(ctx context.Context, client *v3.Client, key string, rev int64) error {
+	cctx, cancel := context.WithCancel(ctx)
+	defer cancel()
+
+	var wr v3.WatchResponse
+	wch := client.Watch(cctx, key, v3.WithRev(rev))
+	for wr = range wch {
+		for _, ev := range wr.Events {
+			if ev.Type == mvccpb.DELETE {
+				return nil
+			}
+		}
+	}
+	if err := wr.Err(); err != nil {
+		return err
+	}
+	if err := ctx.Err(); err != nil {
+		return err
+	}
+	return fmt.Errorf("lost watcher waiting for delete")
+}
+
+// waitDeletes efficiently waits until all keys matching the prefix and no greater
+// than the create revision.
+func waitDeletes(ctx context.Context, client *v3.Client, pfx string, maxCreateRev int64) (*pb.ResponseHeader, error) {
+	getOpts := append(v3.WithLastCreate(), v3.WithMaxCreateRev(maxCreateRev))
+	for {
+		resp, err := client.Get(ctx, pfx, getOpts...)
+		if err != nil {
+			return nil, err
+		}
+		if len(resp.Kvs) == 0 {
+			return resp.Header, nil
+		}
+		lastKey := string(resp.Kvs[0].Key)
+		if err = waitDelete(ctx, client, lastKey, resp.Header.Revision); err != nil {
+			return nil, err
+		}
+	}
+}
diff --git a/vendor/github.com/coreos/etcd/clientv3/concurrency/mutex.go b/vendor/github.com/coreos/etcd/clientv3/concurrency/mutex.go
new file mode 100644
index 000000000000..736a9d3d353f
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/clientv3/concurrency/mutex.go
@@ -0,0 +1,119 @@
+// Copyright 2016 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package concurrency
+
+import (
+	"fmt"
+	"sync"
+
+	v3 "github.com/coreos/etcd/clientv3"
+	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
+
+	"golang.org/x/net/context"
+)
+
+// Mutex implements the sync Locker interface with etcd
+type Mutex struct {
+	s *Session
+
+	pfx   string
+	myKey string
+	myRev int64
+	hdr   *pb.ResponseHeader
+}
+
+func NewMutex(s *Session, pfx string) *Mutex {
+	return &Mutex{s, pfx + "/", "", -1, nil}
+}
+
+// Lock locks the mutex with a cancelable context. If the context is canceled
+// while trying to acquire the lock, the mutex tries to clean its stale lock entry.
+func (m *Mutex) Lock(ctx context.Context) error {
+	s := m.s
+	client := m.s.Client()
+
+	m.myKey = fmt.Sprintf("%s%x", m.pfx, s.Lease())
+	cmp := v3.Compare(v3.CreateRevision(m.myKey), "=", 0)
+	// put self in lock waiters via myKey; oldest waiter holds lock
+	put := v3.OpPut(m.myKey, "", v3.WithLease(s.Lease()))
+	// reuse key in case this session already holds the lock
+	get := v3.OpGet(m.myKey)
+	// fetch current holder to complete uncontended path with only one RPC
+	getOwner := v3.OpGet(m.pfx, v3.WithFirstCreate()...)
+	resp, err := client.Txn(ctx).If(cmp).Then(put, getOwner).Else(get, getOwner).Commit()
+	if err != nil {
+		return err
+	}
+	m.myRev = resp.Header.Revision
+	if !resp.Succeeded {
+		m.myRev = resp.Responses[0].GetResponseRange().Kvs[0].CreateRevision
+	}
+	// if no key on prefix / the minimum rev is key, already hold the lock
+	ownerKey := resp.Responses[1].GetResponseRange().Kvs
+	if len(ownerKey) == 0 || ownerKey[0].CreateRevision == m.myRev {
+		m.hdr = resp.Header
+		return nil
+	}
+
+	// wait for deletion revisions prior to myKey
+	hdr, werr := waitDeletes(ctx, client, m.pfx, m.myRev-1)
+	// release lock key if cancelled
+	select {
+	case <-ctx.Done():
+		m.Unlock(client.Ctx())
+	default:
+		m.hdr = hdr
+	}
+	return werr
+}
+
+func (m *Mutex) Unlock(ctx context.Context) error {
+	client := m.s.Client()
+	if _, err := client.Delete(ctx, m.myKey); err != nil {
+		return err
+	}
+	m.myKey = "\x00"
+	m.myRev = -1
+	return nil
+}
+
+func (m *Mutex) IsOwner() v3.Cmp {
+	return v3.Compare(v3.CreateRevision(m.myKey), "=", m.myRev)
+}
+
+func (m *Mutex) Key() string { return m.myKey }
+
+// Header is the response header received from etcd on acquiring the lock.
+func (m *Mutex) Header() *pb.ResponseHeader { return m.hdr }
+
+type lockerMutex struct{ *Mutex }
+
+func (lm *lockerMutex) Lock() {
+	client := lm.s.Client()
+	if err := lm.Mutex.Lock(client.Ctx()); err != nil {
+		panic(err)
+	}
+}
+func (lm *lockerMutex) Unlock() {
+	client := lm.s.Client()
+	if err := lm.Mutex.Unlock(client.Ctx()); err != nil {
+		panic(err)
+	}
+}
+
+// NewLocker creates a sync.Locker backed by an etcd mutex.
+func NewLocker(s *Session, pfx string) sync.Locker {
+	return &lockerMutex{NewMutex(s, pfx)}
+}
diff --git a/vendor/github.com/coreos/etcd/clientv3/concurrency/session.go b/vendor/github.com/coreos/etcd/clientv3/concurrency/session.go
new file mode 100644
index 000000000000..55cb553ea4ad
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/clientv3/concurrency/session.go
@@ -0,0 +1,142 @@
+// Copyright 2016 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package concurrency
+
+import (
+	"time"
+
+	v3 "github.com/coreos/etcd/clientv3"
+
+	"golang.org/x/net/context"
+)
+
+const defaultSessionTTL = 60
+
+// Session represents a lease kept alive for the lifetime of a client.
+// Fault-tolerant applications may use sessions to reason about liveness.
+type Session struct {
+	client *v3.Client
+	opts   *sessionOptions
+	id     v3.LeaseID
+
+	cancel context.CancelFunc
+	donec  <-chan struct{}
+}
+
+// NewSession gets the leased session for a client.
+func NewSession(client *v3.Client, opts ...SessionOption) (*Session, error) {
+	ops := &sessionOptions{ttl: defaultSessionTTL, ctx: client.Ctx()}
+	for _, opt := range opts {
+		opt(ops)
+	}
+
+	id := ops.leaseID
+	if id == v3.NoLease {
+		resp, err := client.Grant(ops.ctx, int64(ops.ttl))
+		if err != nil {
+			return nil, err
+		}
+		id = v3.LeaseID(resp.ID)
+	}
+
+	ctx, cancel := context.WithCancel(ops.ctx)
+	keepAlive, err := client.KeepAlive(ctx, id)
+	if err != nil || keepAlive == nil {
+		cancel()
+		return nil, err
+	}
+
+	donec := make(chan struct{})
+	s := &Session{client: client, opts: ops, id: id, cancel: cancel, donec: donec}
+
+	// keep the lease alive until client error or cancelled context
+	go func() {
+		defer close(donec)
+		for range keepAlive {
+			// eat messages until keep alive channel closes
+		}
+	}()
+
+	return s, nil
+}
+
+// Client is the etcd client that is attached to the session.
+func (s *Session) Client() *v3.Client {
+	return s.client
+}
+
+// Lease is the lease ID for keys bound to the session.
+func (s *Session) Lease() v3.LeaseID { return s.id }
+
+// Done returns a channel that closes when the lease is orphaned, expires, or
+// is otherwise no longer being refreshed.
+func (s *Session) Done() <-chan struct{} { return s.donec }
+
+// Orphan ends the refresh for the session lease. This is useful
+// in case the state of the client connection is indeterminate (revoke
+// would fail) or when transferring lease ownership.
+func (s *Session) Orphan() {
+	s.cancel()
+	<-s.donec
+}
+
+// Close orphans the session and revokes the session lease.
+func (s *Session) Close() error {
+	s.Orphan()
+	// if revoke takes longer than the ttl, lease is expired anyway
+	ctx, cancel := context.WithTimeout(s.opts.ctx, time.Duration(s.opts.ttl)*time.Second)
+	_, err := s.client.Revoke(ctx, s.id)
+	cancel()
+	return err
+}
+
+type sessionOptions struct {
+	ttl     int
+	leaseID v3.LeaseID
+	ctx     context.Context
+}
+
+// SessionOption configures Session.
+type SessionOption func(*sessionOptions)
+
+// WithTTL configures the session's TTL in seconds.
+// If TTL is <= 0, the default 60 seconds TTL will be used.
+func WithTTL(ttl int) SessionOption {
+	return func(so *sessionOptions) {
+		if ttl > 0 {
+			so.ttl = ttl
+		}
+	}
+}
+
+// WithLease specifies the existing leaseID to be used for the session.
+// This is useful in process restart scenario, for example, to reclaim
+// leadership from an election prior to restart.
+func WithLease(leaseID v3.LeaseID) SessionOption {
+	return func(so *sessionOptions) {
+		so.leaseID = leaseID
+	}
+}
+
+// WithContext assigns a context to the session instead of defaulting to
+// using the client context. This is useful for canceling NewSession and
+// Close operations immediately without having to close the client. If the
+// context is canceled before Close() completes, the session's lease will be
+// abandoned and left to expire instead of being revoked.
+func WithContext(ctx context.Context) SessionOption {
+	return func(so *sessionOptions) {
+		so.ctx = ctx
+	}
+}
diff --git a/vendor/github.com/coreos/etcd/clientv3/concurrency/stm.go b/vendor/github.com/coreos/etcd/clientv3/concurrency/stm.go
new file mode 100644
index 000000000000..6bfd70ec4286
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/clientv3/concurrency/stm.go
@@ -0,0 +1,388 @@
+// Copyright 2016 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package concurrency
+
+import (
+	"math"
+
+	v3 "github.com/coreos/etcd/clientv3"
+
+	"golang.org/x/net/context"
+)
+
+// STM is an interface for software transactional memory.
+type STM interface {
+	// Get returns the value for a key and inserts the key in the txn's read set.
+	// If Get fails, it aborts the transaction with an error, never returning.
+	Get(key ...string) string
+	// Put adds a value for a key to the write set.
+	Put(key, val string, opts ...v3.OpOption)
+	// Rev returns the revision of a key in the read set.
+	Rev(key string) int64
+	// Del deletes a key.
+	Del(key string)
+
+	// commit attempts to apply the txn's changes to the server.
+	commit() *v3.TxnResponse
+	reset()
+}
+
+// Isolation is an enumeration of transactional isolation levels which
+// describes how transactions should interfere and conflict.
+type Isolation int
+
+const (
+	// SerializableSnapshot provides serializable isolation and also checks
+	// for write conflicts.
+	SerializableSnapshot Isolation = iota
+	// Serializable reads within the same transaction attempt return data
+	// from the at the revision of the first read.
+	Serializable
+	// RepeatableReads reads within the same transaction attempt always
+	// return the same data.
+	RepeatableReads
+	// ReadCommitted reads keys from any committed revision.
+	ReadCommitted
+)
+
+// stmError safely passes STM errors through panic to the STM error channel.
+type stmError struct{ err error }
+
+type stmOptions struct {
+	iso      Isolation
+	ctx      context.Context
+	prefetch []string
+}
+
+type stmOption func(*stmOptions)
+
+// WithIsolation specifies the transaction isolation level.
+func WithIsolation(lvl Isolation) stmOption {
+	return func(so *stmOptions) { so.iso = lvl }
+}
+
+// WithAbortContext specifies the context for permanently aborting the transaction.
+func WithAbortContext(ctx context.Context) stmOption {
+	return func(so *stmOptions) { so.ctx = ctx }
+}
+
+// WithPrefetch is a hint to prefetch a list of keys before trying to apply.
+// If an STM transaction will unconditionally fetch a set of keys, prefetching
+// those keys will save the round-trip cost from requesting each key one by one
+// with Get().
+func WithPrefetch(keys ...string) stmOption {
+	return func(so *stmOptions) { so.prefetch = append(so.prefetch, keys...) }
+}
+
+// NewSTM initiates a new STM instance, using serializable snapshot isolation by default.
+func NewSTM(c *v3.Client, apply func(STM) error, so ...stmOption) (*v3.TxnResponse, error) {
+	opts := &stmOptions{ctx: c.Ctx()}
+	for _, f := range so {
+		f(opts)
+	}
+	if len(opts.prefetch) != 0 {
+		f := apply
+		apply = func(s STM) error {
+			s.Get(opts.prefetch...)
+			return f(s)
+		}
+	}
+	return runSTM(mkSTM(c, opts), apply)
+}
+
+func mkSTM(c *v3.Client, opts *stmOptions) STM {
+	switch opts.iso {
+	case SerializableSnapshot:
+		s := &stmSerializable{
+			stm:      stm{client: c, ctx: opts.ctx},
+			prefetch: make(map[string]*v3.GetResponse),
+		}
+		s.conflicts = func() []v3.Cmp {
+			return append(s.rset.cmps(), s.wset.cmps(s.rset.first()+1)...)
+		}
+		return s
+	case Serializable:
+		s := &stmSerializable{
+			stm:      stm{client: c, ctx: opts.ctx},
+			prefetch: make(map[string]*v3.GetResponse),
+		}
+		s.conflicts = func() []v3.Cmp { return s.rset.cmps() }
+		return s
+	case RepeatableReads:
+		s := &stm{client: c, ctx: opts.ctx, getOpts: []v3.OpOption{v3.WithSerializable()}}
+		s.conflicts = func() []v3.Cmp { return s.rset.cmps() }
+		return s
+	case ReadCommitted:
+		s := &stm{client: c, ctx: opts.ctx, getOpts: []v3.OpOption{v3.WithSerializable()}}
+		s.conflicts = func() []v3.Cmp { return nil }
+		return s
+	default:
+		panic("unsupported stm")
+	}
+}
+
+type stmResponse struct {
+	resp *v3.TxnResponse
+	err  error
+}
+
+func runSTM(s STM, apply func(STM) error) (*v3.TxnResponse, error) {
+	outc := make(chan stmResponse, 1)
+	go func() {
+		defer func() {
+			if r := recover(); r != nil {
+				e, ok := r.(stmError)
+				if !ok {
+					// client apply panicked
+					panic(r)
+				}
+				outc <- stmResponse{nil, e.err}
+			}
+		}()
+		var out stmResponse
+		for {
+			s.reset()
+			if out.err = apply(s); out.err != nil {
+				break
+			}
+			if out.resp = s.commit(); out.resp != nil {
+				break
+			}
+		}
+		outc <- out
+	}()
+	r := <-outc
+	return r.resp, r.err
+}
+
+// stm implements repeatable-read software transactional memory over etcd
+type stm struct {
+	client *v3.Client
+	ctx    context.Context
+	// rset holds read key values and revisions
+	rset readSet
+	// wset holds overwritten keys and their values
+	wset writeSet
+	// getOpts are the opts used for gets
+	getOpts []v3.OpOption
+	// conflicts computes the current conflicts on the txn
+	conflicts func() []v3.Cmp
+}
+
+type stmPut struct {
+	val string
+	op  v3.Op
+}
+
+type readSet map[string]*v3.GetResponse
+
+func (rs readSet) add(keys []string, txnresp *v3.TxnResponse) {
+	for i, resp := range txnresp.Responses {
+		rs[keys[i]] = (*v3.GetResponse)(resp.GetResponseRange())
+	}
+}
+
+// first returns the store revision from the first fetch
+func (rs readSet) first() int64 {
+	ret := int64(math.MaxInt64 - 1)
+	for _, resp := range rs {
+		if rev := resp.Header.Revision; rev < ret {
+			ret = rev
+		}
+	}
+	return ret
+}
+
+// cmps guards the txn from updates to read set
+func (rs readSet) cmps() []v3.Cmp {
+	cmps := make([]v3.Cmp, 0, len(rs))
+	for k, rk := range rs {
+		cmps = append(cmps, isKeyCurrent(k, rk))
+	}
+	return cmps
+}
+
+type writeSet map[string]stmPut
+
+func (ws writeSet) get(keys ...string) *stmPut {
+	for _, key := range keys {
+		if wv, ok := ws[key]; ok {
+			return &wv
+		}
+	}
+	return nil
+}
+
+// cmps returns a cmp list testing no writes have happened past rev
+func (ws writeSet) cmps(rev int64) []v3.Cmp {
+	cmps := make([]v3.Cmp, 0, len(ws))
+	for key := range ws {
+		cmps = append(cmps, v3.Compare(v3.ModRevision(key), "<", rev))
+	}
+	return cmps
+}
+
+// puts is the list of ops for all pending writes
+func (ws writeSet) puts() []v3.Op {
+	puts := make([]v3.Op, 0, len(ws))
+	for _, v := range ws {
+		puts = append(puts, v.op)
+	}
+	return puts
+}
+
+func (s *stm) Get(keys ...string) string {
+	if wv := s.wset.get(keys...); wv != nil {
+		return wv.val
+	}
+	return respToValue(s.fetch(keys...))
+}
+
+func (s *stm) Put(key, val string, opts ...v3.OpOption) {
+	s.wset[key] = stmPut{val, v3.OpPut(key, val, opts...)}
+}
+
+func (s *stm) Del(key string) { s.wset[key] = stmPut{"", v3.OpDelete(key)} }
+
+func (s *stm) Rev(key string) int64 {
+	if resp := s.fetch(key); resp != nil && len(resp.Kvs) != 0 {
+		return resp.Kvs[0].ModRevision
+	}
+	return 0
+}
+
+func (s *stm) commit() *v3.TxnResponse {
+	txnresp, err := s.client.Txn(s.ctx).If(s.conflicts()...).Then(s.wset.puts()...).Commit()
+	if err != nil {
+		panic(stmError{err})
+	}
+	if txnresp.Succeeded {
+		return txnresp
+	}
+	return nil
+}
+
+func (s *stm) fetch(keys ...string) *v3.GetResponse {
+	if len(keys) == 0 {
+		return nil
+	}
+	ops := make([]v3.Op, len(keys))
+	for i, key := range keys {
+		if resp, ok := s.rset[key]; ok {
+			return resp
+		}
+		ops[i] = v3.OpGet(key, s.getOpts...)
+	}
+	txnresp, err := s.client.Txn(s.ctx).Then(ops...).Commit()
+	if err != nil {
+		panic(stmError{err})
+	}
+	s.rset.add(keys, txnresp)
+	return (*v3.GetResponse)(txnresp.Responses[0].GetResponseRange())
+}
+
+func (s *stm) reset() {
+	s.rset = make(map[string]*v3.GetResponse)
+	s.wset = make(map[string]stmPut)
+}
+
+type stmSerializable struct {
+	stm
+	prefetch map[string]*v3.GetResponse
+}
+
+func (s *stmSerializable) Get(keys ...string) string {
+	if wv := s.wset.get(keys...); wv != nil {
+		return wv.val
+	}
+	firstRead := len(s.rset) == 0
+	for _, key := range keys {
+		if resp, ok := s.prefetch[key]; ok {
+			delete(s.prefetch, key)
+			s.rset[key] = resp
+		}
+	}
+	resp := s.stm.fetch(keys...)
+	if firstRead {
+		// txn's base revision is defined by the first read
+		s.getOpts = []v3.OpOption{
+			v3.WithRev(resp.Header.Revision),
+			v3.WithSerializable(),
+		}
+	}
+	return respToValue(resp)
+}
+
+func (s *stmSerializable) Rev(key string) int64 {
+	s.Get(key)
+	return s.stm.Rev(key)
+}
+
+func (s *stmSerializable) gets() ([]string, []v3.Op) {
+	keys := make([]string, 0, len(s.rset))
+	ops := make([]v3.Op, 0, len(s.rset))
+	for k := range s.rset {
+		keys = append(keys, k)
+		ops = append(ops, v3.OpGet(k))
+	}
+	return keys, ops
+}
+
+func (s *stmSerializable) commit() *v3.TxnResponse {
+	keys, getops := s.gets()
+	txn := s.client.Txn(s.ctx).If(s.conflicts()...).Then(s.wset.puts()...)
+	// use Else to prefetch keys in case of conflict to save a round trip
+	txnresp, err := txn.Else(getops...).Commit()
+	if err != nil {
+		panic(stmError{err})
+	}
+	if txnresp.Succeeded {
+		return txnresp
+	}
+	// load prefetch with Else data
+	s.rset.add(keys, txnresp)
+	s.prefetch = s.rset
+	s.getOpts = nil
+	return nil
+}
+
+func isKeyCurrent(k string, r *v3.GetResponse) v3.Cmp {
+	if len(r.Kvs) != 0 {
+		return v3.Compare(v3.ModRevision(k), "=", r.Kvs[0].ModRevision)
+	}
+	return v3.Compare(v3.ModRevision(k), "=", 0)
+}
+
+func respToValue(resp *v3.GetResponse) string {
+	if resp == nil || len(resp.Kvs) == 0 {
+		return ""
+	}
+	return string(resp.Kvs[0].Value)
+}
+
+// NewSTMRepeatable is deprecated.
+func NewSTMRepeatable(ctx context.Context, c *v3.Client, apply func(STM) error) (*v3.TxnResponse, error) {
+	return NewSTM(c, apply, WithAbortContext(ctx), WithIsolation(RepeatableReads))
+}
+
+// NewSTMSerializable is deprecated.
+func NewSTMSerializable(ctx context.Context, c *v3.Client, apply func(STM) error) (*v3.TxnResponse, error) {
+	return NewSTM(c, apply, WithAbortContext(ctx), WithIsolation(Serializable))
+}
+
+// NewSTMReadCommitted is deprecated.
+func NewSTMReadCommitted(ctx context.Context, c *v3.Client, apply func(STM) error) (*v3.TxnResponse, error) {
+	return NewSTM(c, apply, WithAbortContext(ctx), WithIsolation(ReadCommitted))
+}
diff --git a/vendor/github.com/coreos/etcd/clientv3/config.go b/vendor/github.com/coreos/etcd/clientv3/config.go
index d1d5f40906a1..fee12eaf60bb 100644
--- a/vendor/github.com/coreos/etcd/clientv3/config.go
+++ b/vendor/github.com/coreos/etcd/clientv3/config.go
@@ -16,98 +16,60 @@ package clientv3
 
 import (
 	"crypto/tls"
-	"crypto/x509"
-	"io/ioutil"
 	"time"
 
-	"github.com/coreos/etcd/pkg/tlsutil"
-	"github.com/ghodss/yaml"
+	"golang.org/x/net/context"
+	"google.golang.org/grpc"
 )
 
 type Config struct {
-	// Endpoints is a list of URLs
-	Endpoints []string
+	// Endpoints is a list of URLs.
+	Endpoints []string `json:"endpoints"`
 
 	// AutoSyncInterval is the interval to update endpoints with its latest members.
 	// 0 disables auto-sync. By default auto-sync is disabled.
-	AutoSyncInterval time.Duration
+	AutoSyncInterval time.Duration `json:"auto-sync-interval"`
 
 	// DialTimeout is the timeout for failing to establish a connection.
-	DialTimeout time.Duration
+	DialTimeout time.Duration `json:"dial-timeout"`
+
+	// DialKeepAliveTime is the time in seconds after which client pings the server to see if
+	// transport is alive.
+	DialKeepAliveTime time.Duration `json:"dial-keep-alive-time"`
+
+	// DialKeepAliveTimeout is the time in seconds that the client waits for a response for the
+	// keep-alive probe.  If the response is not received in this time, the connection is closed.
+	DialKeepAliveTimeout time.Duration `json:"dial-keep-alive-timeout"`
+
+	// MaxCallSendMsgSize is the client-side request send limit in bytes.
+	// If 0, it defaults to 2.0 MiB (2 * 1024 * 1024).
+	// Make sure that "MaxCallSendMsgSize" < server-side default send/recv limit.
+	// ("--max-request-bytes" flag to etcd or "embed.Config.MaxRequestBytes").
+	MaxCallSendMsgSize int
+
+	// MaxCallRecvMsgSize is the client-side response receive limit.
+	// If 0, it defaults to "math.MaxInt32", because range response can
+	// easily exceed request send limits.
+	// Make sure that "MaxCallRecvMsgSize" >= server-side default send/recv limit.
+	// ("--max-request-bytes" flag to etcd or "embed.Config.MaxRequestBytes").
+	MaxCallRecvMsgSize int
 
 	// TLS holds the client secure credentials, if any.
 	TLS *tls.Config
 
-	// Username is a username for authentication
-	Username string
+	// Username is a user name for authentication.
+	Username string `json:"username"`
 
-	// Password is a password for authentication
-	Password string
-}
+	// Password is a password for authentication.
+	Password string `json:"password"`
 
-type yamlConfig struct {
-	Endpoints             []string      `json:"endpoints"`
-	AutoSyncInterval      time.Duration `json:"auto-sync-interval"`
-	DialTimeout           time.Duration `json:"dial-timeout"`
-	InsecureTransport     bool          `json:"insecure-transport"`
-	InsecureSkipTLSVerify bool          `json:"insecure-skip-tls-verify"`
-	Certfile              string        `json:"cert-file"`
-	Keyfile               string        `json:"key-file"`
-	CAfile                string        `json:"ca-file"`
-}
+	// RejectOldCluster when set will refuse to create a client against an outdated cluster.
+	RejectOldCluster bool `json:"reject-old-cluster"`
+
+	// DialOptions is a list of dial options for the grpc client (e.g., for interceptors).
+	DialOptions []grpc.DialOption
 
-func configFromFile(fpath string) (*Config, error) {
-	b, err := ioutil.ReadFile(fpath)
-	if err != nil {
-		return nil, err
-	}
-
-	yc := &yamlConfig{}
-
-	err = yaml.Unmarshal(b, yc)
-	if err != nil {
-		return nil, err
-	}
-
-	cfg := &Config{
-		Endpoints:        yc.Endpoints,
-		AutoSyncInterval: yc.AutoSyncInterval,
-		DialTimeout:      yc.DialTimeout,
-	}
-
-	if yc.InsecureTransport {
-		cfg.TLS = nil
-		return cfg, nil
-	}
-
-	var (
-		cert *tls.Certificate
-		cp   *x509.CertPool
-	)
-
-	if yc.Certfile != "" && yc.Keyfile != "" {
-		cert, err = tlsutil.NewCert(yc.Certfile, yc.Keyfile, nil)
-		if err != nil {
-			return nil, err
-		}
-	}
-
-	if yc.CAfile != "" {
-		cp, err = tlsutil.NewCertPool([]string{yc.CAfile})
-		if err != nil {
-			return nil, err
-		}
-	}
-
-	tlscfg := &tls.Config{
-		MinVersion:         tls.VersionTLS10,
-		InsecureSkipVerify: yc.InsecureSkipTLSVerify,
-		RootCAs:            cp,
-	}
-	if cert != nil {
-		tlscfg.Certificates = []tls.Certificate{*cert}
-	}
-	cfg.TLS = tlscfg
-
-	return cfg, nil
+	// Context is the default client context; it can be used to cancel grpc dial out and
+	// other operations that do not have an explicit context.
+	Context context.Context
 }
diff --git a/vendor/github.com/coreos/etcd/clientv3/doc.go b/vendor/github.com/coreos/etcd/clientv3/doc.go
index 470ca4dc4769..dacc5bb346fc 100644
--- a/vendor/github.com/coreos/etcd/clientv3/doc.go
+++ b/vendor/github.com/coreos/etcd/clientv3/doc.go
@@ -28,7 +28,7 @@
 // Make sure to close the client after using it. If the client is not closed, the
 // connection will have leaky goroutines.
 //
-// To specify client request timeout, pass context.WithTimeout to APIs:
+// To specify a client request timeout, wrap the context with context.WithTimeout:
 //
 //	ctx, cancel := context.WithTimeout(context.Background(), timeout)
 //	resp, err := kvc.Put(ctx, "sample_key", "sample_value")
diff --git a/vendor/github.com/coreos/etcd/clientv3/grpc_options.go b/vendor/github.com/coreos/etcd/clientv3/grpc_options.go
new file mode 100644
index 000000000000..592dd6993cf6
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/clientv3/grpc_options.go
@@ -0,0 +1,46 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package clientv3
+
+import (
+	"math"
+
+	"google.golang.org/grpc"
+)
+
+var (
+	// Disable gRPC internal retrial logic
+	// TODO: enable when gRPC retry is stable (FailFast=false)
+	// Reference:
+	//  - https://github.com/grpc/grpc-go/issues/1532
+	//  - https://github.com/grpc/proposal/blob/master/A6-client-retries.md
+	defaultFailFast = grpc.FailFast(true)
+
+	// client-side request send limit, gRPC default is math.MaxInt32
+	// Make sure that "client-side send limit < server-side default send/recv limit"
+	// Same value as "embed.DefaultMaxRequestBytes" plus gRPC overhead bytes
+	defaultMaxCallSendMsgSize = grpc.MaxCallSendMsgSize(2 * 1024 * 1024)
+
+	// client-side response receive limit, gRPC default is 4MB
+	// Make sure that "client-side receive limit >= server-side default send/recv limit"
+	// because range response can easily exceed request send limits
+	// Default to math.MaxInt32; writes exceeding server-side send limit fails anyway
+	defaultMaxCallRecvMsgSize = grpc.MaxCallRecvMsgSize(math.MaxInt32)
+)
+
+// defaultCallOpts defines a list of default "gRPC.CallOption".
+// Some options are exposed to "clientv3.Config".
+// Defaults will be overridden by the settings in "clientv3.Config".
+var defaultCallOpts = []grpc.CallOption{defaultFailFast, defaultMaxCallSendMsgSize, defaultMaxCallRecvMsgSize}
diff --git a/vendor/github.com/coreos/etcd/clientv3/health_balancer.go b/vendor/github.com/coreos/etcd/clientv3/health_balancer.go
new file mode 100644
index 000000000000..52bea90e66ed
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/clientv3/health_balancer.go
@@ -0,0 +1,627 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package clientv3
+
+import (
+	"errors"
+	"net/url"
+	"strings"
+	"sync"
+	"time"
+
+	"golang.org/x/net/context"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/codes"
+	healthpb "google.golang.org/grpc/health/grpc_health_v1"
+	"google.golang.org/grpc/status"
+)
+
+const (
+	minHealthRetryDuration = 3 * time.Second
+	unknownService         = "unknown service grpc.health.v1.Health"
+)
+
+// ErrNoAddrAvilable is returned by Get() when the balancer does not have
+// any active connection to endpoints at the time.
+// This error is returned only when opts.BlockingWait is true.
+var ErrNoAddrAvilable = status.Error(codes.Unavailable, "there is no address available")
+
+type healthCheckFunc func(ep string) (bool, error)
+
+type notifyMsg int
+
+const (
+	notifyReset notifyMsg = iota
+	notifyNext
+)
+
+// healthBalancer does the bare minimum to expose multiple eps
+// to the grpc reconnection code path
+type healthBalancer struct {
+	// addrs are the client's endpoint addresses for grpc
+	addrs []grpc.Address
+
+	// eps holds the raw endpoints from the client
+	eps []string
+
+	// notifyCh notifies grpc of the set of addresses for connecting
+	notifyCh chan []grpc.Address
+
+	// readyc closes once the first connection is up
+	readyc    chan struct{}
+	readyOnce sync.Once
+
+	// healthCheck checks an endpoint's health.
+	healthCheck        healthCheckFunc
+	healthCheckTimeout time.Duration
+
+	unhealthyMu        sync.RWMutex
+	unhealthyHostPorts map[string]time.Time
+
+	// mu protects all fields below.
+	mu sync.RWMutex
+
+	// upc closes when pinAddr transitions from empty to non-empty or the balancer closes.
+	upc chan struct{}
+
+	// downc closes when grpc calls down() on pinAddr
+	downc chan struct{}
+
+	// stopc is closed to signal updateNotifyLoop should stop.
+	stopc    chan struct{}
+	stopOnce sync.Once
+	wg       sync.WaitGroup
+
+	// donec closes when all goroutines are exited
+	donec chan struct{}
+
+	// updateAddrsC notifies updateNotifyLoop to update addrs.
+	updateAddrsC chan notifyMsg
+
+	// grpc issues TLS cert checks using the string passed into dial so
+	// that string must be the host. To recover the full scheme://host URL,
+	// have a map from hosts to the original endpoint.
+	hostPort2ep map[string]string
+
+	// pinAddr is the currently pinned address; set to the empty string on
+	// initialization and shutdown.
+	pinAddr string
+
+	closed bool
+}
+
+func newHealthBalancer(eps []string, timeout time.Duration, hc healthCheckFunc) *healthBalancer {
+	notifyCh := make(chan []grpc.Address)
+	addrs := eps2addrs(eps)
+	hb := &healthBalancer{
+		addrs:              addrs,
+		eps:                eps,
+		notifyCh:           notifyCh,
+		readyc:             make(chan struct{}),
+		healthCheck:        hc,
+		unhealthyHostPorts: make(map[string]time.Time),
+		upc:                make(chan struct{}),
+		stopc:              make(chan struct{}),
+		downc:              make(chan struct{}),
+		donec:              make(chan struct{}),
+		updateAddrsC:       make(chan notifyMsg),
+		hostPort2ep:        getHostPort2ep(eps),
+	}
+	if timeout < minHealthRetryDuration {
+		timeout = minHealthRetryDuration
+	}
+	hb.healthCheckTimeout = timeout
+
+	close(hb.downc)
+	go hb.updateNotifyLoop()
+	hb.wg.Add(1)
+	go func() {
+		defer hb.wg.Done()
+		hb.updateUnhealthy()
+	}()
+	return hb
+}
+
+func (b *healthBalancer) Start(target string, config grpc.BalancerConfig) error { return nil }
+
+func (b *healthBalancer) ConnectNotify() <-chan struct{} {
+	b.mu.Lock()
+	defer b.mu.Unlock()
+	return b.upc
+}
+
+func (b *healthBalancer) ready() <-chan struct{} { return b.readyc }
+
+func (b *healthBalancer) endpoint(hostPort string) string {
+	b.mu.RLock()
+	defer b.mu.RUnlock()
+	return b.hostPort2ep[hostPort]
+}
+
+func (b *healthBalancer) pinned() string {
+	b.mu.RLock()
+	defer b.mu.RUnlock()
+	return b.pinAddr
+}
+
+func (b *healthBalancer) hostPortError(hostPort string, err error) {
+	if b.endpoint(hostPort) == "" {
+		if logger.V(4) {
+			logger.Infof("clientv3/balancer: %q is stale (skip marking as unhealthy on %q)", hostPort, err.Error())
+		}
+		return
+	}
+
+	b.unhealthyMu.Lock()
+	b.unhealthyHostPorts[hostPort] = time.Now()
+	b.unhealthyMu.Unlock()
+	if logger.V(4) {
+		logger.Infof("clientv3/balancer: %q is marked unhealthy (%q)", hostPort, err.Error())
+	}
+}
+
+func (b *healthBalancer) removeUnhealthy(hostPort, msg string) {
+	if b.endpoint(hostPort) == "" {
+		if logger.V(4) {
+			logger.Infof("clientv3/balancer: %q was not in unhealthy (%q)", hostPort, msg)
+		}
+		return
+	}
+
+	b.unhealthyMu.Lock()
+	delete(b.unhealthyHostPorts, hostPort)
+	b.unhealthyMu.Unlock()
+	if logger.V(4) {
+		logger.Infof("clientv3/balancer: %q is removed from unhealthy (%q)", hostPort, msg)
+	}
+}
+
+func (b *healthBalancer) countUnhealthy() (count int) {
+	b.unhealthyMu.RLock()
+	count = len(b.unhealthyHostPorts)
+	b.unhealthyMu.RUnlock()
+	return count
+}
+
+func (b *healthBalancer) isUnhealthy(hostPort string) (unhealthy bool) {
+	b.unhealthyMu.RLock()
+	_, unhealthy = b.unhealthyHostPorts[hostPort]
+	b.unhealthyMu.RUnlock()
+	return unhealthy
+}
+
+func (b *healthBalancer) cleanupUnhealthy() {
+	b.unhealthyMu.Lock()
+	for k, v := range b.unhealthyHostPorts {
+		if time.Since(v) > b.healthCheckTimeout {
+			delete(b.unhealthyHostPorts, k)
+			if logger.V(4) {
+				logger.Infof("clientv3/balancer: removed %q from unhealthy after %v", k, b.healthCheckTimeout)
+			}
+		}
+	}
+	b.unhealthyMu.Unlock()
+}
+
+func (b *healthBalancer) liveAddrs() ([]grpc.Address, map[string]struct{}) {
+	unhealthyCnt := b.countUnhealthy()
+
+	b.mu.RLock()
+	defer b.mu.RUnlock()
+
+	hbAddrs := b.addrs
+	if len(b.addrs) == 1 || unhealthyCnt == 0 || unhealthyCnt == len(b.addrs) {
+		liveHostPorts := make(map[string]struct{}, len(b.hostPort2ep))
+		for k := range b.hostPort2ep {
+			liveHostPorts[k] = struct{}{}
+		}
+		return hbAddrs, liveHostPorts
+	}
+
+	addrs := make([]grpc.Address, 0, len(b.addrs)-unhealthyCnt)
+	liveHostPorts := make(map[string]struct{}, len(addrs))
+	for _, addr := range b.addrs {
+		if !b.isUnhealthy(addr.Addr) {
+			addrs = append(addrs, addr)
+			liveHostPorts[addr.Addr] = struct{}{}
+		}
+	}
+	return addrs, liveHostPorts
+}
+
+func (b *healthBalancer) updateUnhealthy() {
+	for {
+		select {
+		case <-time.After(b.healthCheckTimeout):
+			b.cleanupUnhealthy()
+			pinned := b.pinned()
+			if pinned == "" || b.isUnhealthy(pinned) {
+				select {
+				case b.updateAddrsC <- notifyNext:
+				case <-b.stopc:
+					return
+				}
+			}
+		case <-b.stopc:
+			return
+		}
+	}
+}
+
+func (b *healthBalancer) updateAddrs(eps ...string) {
+	np := getHostPort2ep(eps)
+
+	b.mu.Lock()
+	defer b.mu.Unlock()
+
+	match := len(np) == len(b.hostPort2ep)
+	if match {
+		for k, v := range np {
+			if b.hostPort2ep[k] != v {
+				match = false
+				break
+			}
+		}
+	}
+	if match {
+		// same endpoints, so no need to update address
+		return
+	}
+
+	b.hostPort2ep = np
+	b.addrs, b.eps = eps2addrs(eps), eps
+
+	b.unhealthyMu.Lock()
+	b.unhealthyHostPorts = make(map[string]time.Time)
+	b.unhealthyMu.Unlock()
+}
+
+func (b *healthBalancer) next() {
+	b.mu.RLock()
+	downc := b.downc
+	b.mu.RUnlock()
+	select {
+	case b.updateAddrsC <- notifyNext:
+	case <-b.stopc:
+	}
+	// wait until disconnect so new RPCs are not issued on old connection
+	select {
+	case <-downc:
+	case <-b.stopc:
+	}
+}
+
+func (b *healthBalancer) updateNotifyLoop() {
+	defer close(b.donec)
+
+	for {
+		b.mu.RLock()
+		upc, downc, addr := b.upc, b.downc, b.pinAddr
+		b.mu.RUnlock()
+		// downc or upc should be closed
+		select {
+		case <-downc:
+			downc = nil
+		default:
+		}
+		select {
+		case <-upc:
+			upc = nil
+		default:
+		}
+		switch {
+		case downc == nil && upc == nil:
+			// stale
+			select {
+			case <-b.stopc:
+				return
+			default:
+			}
+		case downc == nil:
+			b.notifyAddrs(notifyReset)
+			select {
+			case <-upc:
+			case msg := <-b.updateAddrsC:
+				b.notifyAddrs(msg)
+			case <-b.stopc:
+				return
+			}
+		case upc == nil:
+			select {
+			// close connections that are not the pinned address
+			case b.notifyCh <- []grpc.Address{{Addr: addr}}:
+			case <-downc:
+			case <-b.stopc:
+				return
+			}
+			select {
+			case <-downc:
+				b.notifyAddrs(notifyReset)
+			case msg := <-b.updateAddrsC:
+				b.notifyAddrs(msg)
+			case <-b.stopc:
+				return
+			}
+		}
+	}
+}
+
+func (b *healthBalancer) notifyAddrs(msg notifyMsg) {
+	if msg == notifyNext {
+		select {
+		case b.notifyCh <- []grpc.Address{}:
+		case <-b.stopc:
+			return
+		}
+	}
+	b.mu.RLock()
+	pinAddr := b.pinAddr
+	downc := b.downc
+	b.mu.RUnlock()
+	addrs, hostPorts := b.liveAddrs()
+
+	var waitDown bool
+	if pinAddr != "" {
+		_, ok := hostPorts[pinAddr]
+		waitDown = !ok
+	}
+
+	select {
+	case b.notifyCh <- addrs:
+		if waitDown {
+			select {
+			case <-downc:
+			case <-b.stopc:
+			}
+		}
+	case <-b.stopc:
+	}
+}
+
+func (b *healthBalancer) Up(addr grpc.Address) func(error) {
+	if !b.mayPin(addr) {
+		return func(err error) {}
+	}
+
+	b.mu.Lock()
+	defer b.mu.Unlock()
+
+	// gRPC might call Up after it called Close. We add this check
+	// to "fix" it up at application layer. Otherwise, will panic
+	// if b.upc is already closed.
+	if b.closed {
+		return func(err error) {}
+	}
+
+	// gRPC might call Up on a stale address.
+	// Prevent updating pinAddr with a stale address.
+	if !hasAddr(b.addrs, addr.Addr) {
+		return func(err error) {}
+	}
+
+	if b.pinAddr != "" {
+		if logger.V(4) {
+			logger.Infof("clientv3/balancer: %q is up but not pinned (already pinned %q)", addr.Addr, b.pinAddr)
+		}
+		return func(err error) {}
+	}
+
+	// notify waiting Get()s and pin first connected address
+	close(b.upc)
+	b.downc = make(chan struct{})
+	b.pinAddr = addr.Addr
+	if logger.V(4) {
+		logger.Infof("clientv3/balancer: pin %q", addr.Addr)
+	}
+
+	// notify client that a connection is up
+	b.readyOnce.Do(func() { close(b.readyc) })
+
+	return func(err error) {
+		// If connected to a black hole endpoint or a killed server, the gRPC ping
+		// timeout will induce a network I/O error, and retrying until success;
+		// finding healthy endpoint on retry could take several timeouts and redials.
+		// To avoid wasting retries, gray-list unhealthy endpoints.
+		b.hostPortError(addr.Addr, err)
+
+		b.mu.Lock()
+		b.upc = make(chan struct{})
+		close(b.downc)
+		b.pinAddr = ""
+		b.mu.Unlock()
+		if logger.V(4) {
+			logger.Infof("clientv3/balancer: unpin %q (%q)", addr.Addr, err.Error())
+		}
+	}
+}
+
+func (b *healthBalancer) mayPin(addr grpc.Address) bool {
+	if b.endpoint(addr.Addr) == "" { // stale host:port
+		return false
+	}
+
+	b.unhealthyMu.RLock()
+	unhealthyCnt := len(b.unhealthyHostPorts)
+	failedTime, bad := b.unhealthyHostPorts[addr.Addr]
+	b.unhealthyMu.RUnlock()
+
+	b.mu.RLock()
+	skip := len(b.addrs) == 1 || unhealthyCnt == 0 || len(b.addrs) == unhealthyCnt
+	b.mu.RUnlock()
+	if skip || !bad {
+		return true
+	}
+
+	// prevent isolated member's endpoint from being infinitely retried, as follows:
+	//   1. keepalive pings detects GoAway with http2.ErrCodeEnhanceYourCalm
+	//   2. balancer 'Up' unpins with grpc: failed with network I/O error
+	//   3. grpc-healthcheck still SERVING, thus retry to pin
+	// instead, return before grpc-healthcheck if failed within healthcheck timeout
+	if elapsed := time.Since(failedTime); elapsed < b.healthCheckTimeout {
+		if logger.V(4) {
+			logger.Infof("clientv3/balancer: %q is up but not pinned (failed %v ago, require minimum %v after failure)", addr.Addr, elapsed, b.healthCheckTimeout)
+		}
+		return false
+	}
+
+	if ok, _ := b.healthCheck(addr.Addr); ok {
+		b.removeUnhealthy(addr.Addr, "health check success")
+		return true
+	}
+
+	b.hostPortError(addr.Addr, errors.New("health check failed"))
+	return false
+}
+
+func (b *healthBalancer) Get(ctx context.Context, opts grpc.BalancerGetOptions) (grpc.Address, func(), error) {
+	var (
+		addr   string
+		closed bool
+	)
+
+	// If opts.BlockingWait is false (for fail-fast RPCs), it should return
+	// an address it has notified via Notify immediately instead of blocking.
+	if !opts.BlockingWait {
+		b.mu.RLock()
+		closed = b.closed
+		addr = b.pinAddr
+		b.mu.RUnlock()
+		if closed {
+			return grpc.Address{Addr: ""}, nil, grpc.ErrClientConnClosing
+		}
+		if addr == "" {
+			return grpc.Address{Addr: ""}, nil, ErrNoAddrAvilable
+		}
+		return grpc.Address{Addr: addr}, func() {}, nil
+	}
+
+	for {
+		b.mu.RLock()
+		ch := b.upc
+		b.mu.RUnlock()
+		select {
+		case <-ch:
+		case <-b.donec:
+			return grpc.Address{Addr: ""}, nil, grpc.ErrClientConnClosing
+		case <-ctx.Done():
+			return grpc.Address{Addr: ""}, nil, ctx.Err()
+		}
+		b.mu.RLock()
+		closed = b.closed
+		addr = b.pinAddr
+		b.mu.RUnlock()
+		// Close() which sets b.closed = true can be called before Get(), Get() must exit if balancer is closed.
+		if closed {
+			return grpc.Address{Addr: ""}, nil, grpc.ErrClientConnClosing
+		}
+		if addr != "" {
+			break
+		}
+	}
+	return grpc.Address{Addr: addr}, func() {}, nil
+}
+
+func (b *healthBalancer) Notify() <-chan []grpc.Address { return b.notifyCh }
+
+func (b *healthBalancer) Close() error {
+	b.mu.Lock()
+	// In case gRPC calls close twice. TODO: remove the checking
+	// when we are sure that gRPC wont call close twice.
+	if b.closed {
+		b.mu.Unlock()
+		<-b.donec
+		return nil
+	}
+	b.closed = true
+	b.stopOnce.Do(func() { close(b.stopc) })
+	b.pinAddr = ""
+
+	// In the case of following scenario:
+	//	1. upc is not closed; no pinned address
+	// 	2. client issues an RPC, calling invoke(), which calls Get(), enters for loop, blocks
+	// 	3. client.conn.Close() calls balancer.Close(); closed = true
+	// 	4. for loop in Get() never exits since ctx is the context passed in by the client and may not be canceled
+	// we must close upc so Get() exits from blocking on upc
+	select {
+	case <-b.upc:
+	default:
+		// terminate all waiting Get()s
+		close(b.upc)
+	}
+
+	b.mu.Unlock()
+	b.wg.Wait()
+
+	// wait for updateNotifyLoop to finish
+	<-b.donec
+	close(b.notifyCh)
+
+	return nil
+}
+
+func grpcHealthCheck(client *Client, ep string) (bool, error) {
+	conn, err := client.dial(ep)
+	if err != nil {
+		return false, err
+	}
+	defer conn.Close()
+	cli := healthpb.NewHealthClient(conn)
+	ctx, cancel := context.WithTimeout(context.Background(), time.Second)
+	resp, err := cli.Check(ctx, &healthpb.HealthCheckRequest{})
+	cancel()
+	if err != nil {
+		if s, ok := status.FromError(err); ok && s.Code() == codes.Unavailable {
+			if s.Message() == unknownService { // etcd < v3.3.0
+				return true, nil
+			}
+		}
+		return false, err
+	}
+	return resp.Status == healthpb.HealthCheckResponse_SERVING, nil
+}
+
+func hasAddr(addrs []grpc.Address, targetAddr string) bool {
+	for _, addr := range addrs {
+		if targetAddr == addr.Addr {
+			return true
+		}
+	}
+	return false
+}
+
+func getHost(ep string) string {
+	url, uerr := url.Parse(ep)
+	if uerr != nil || !strings.Contains(ep, "://") {
+		return ep
+	}
+	return url.Host
+}
+
+func eps2addrs(eps []string) []grpc.Address {
+	addrs := make([]grpc.Address, len(eps))
+	for i := range eps {
+		addrs[i].Addr = getHost(eps[i])
+	}
+	return addrs
+}
+
+func getHostPort2ep(eps []string) map[string]string {
+	hm := make(map[string]string, len(eps))
+	for i := range eps {
+		_, host, _ := parseEndpoint(eps[i])
+		hm[host] = eps[i]
+	}
+	return hm
+}
diff --git a/vendor/github.com/coreos/etcd/clientv3/kv.go b/vendor/github.com/coreos/etcd/clientv3/kv.go
index c8350f9268b2..6289605c8e05 100644
--- a/vendor/github.com/coreos/etcd/clientv3/kv.go
+++ b/vendor/github.com/coreos/etcd/clientv3/kv.go
@@ -16,6 +16,7 @@ package clientv3
 
 import (
 	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
+
 	"golang.org/x/net/context"
 	"google.golang.org/grpc"
 )
@@ -32,7 +33,7 @@ type KV interface {
 	// Put puts a key-value pair into etcd.
 	// Note that key,value can be plain bytes array and string is
 	// an immutable representation of that bytes array.
-	// To get a string of bytes, do string([]byte(0x10, 0x20)).
+	// To get a string of bytes, do string([]byte{0x10, 0x20}).
 	Put(ctx context.Context, key, val string, opts ...OpOption) (*PutResponse, error)
 
 	// Get retrieves keys.
@@ -51,11 +52,6 @@ type KV interface {
 	// Compact compacts etcd KV history before the given rev.
 	Compact(ctx context.Context, rev int64, opts ...CompactOption) (*CompactResponse, error)
 
-	// Do applies a single Op on KV without a transaction.
-	// Do is useful when declaring operations to be issued at a later time
-	// whereas Get/Put/Delete are for better suited for when the operation
-	// should be immediately issued at time of declaration.
-
 	// Do applies a single Op on KV without a transaction.
 	// Do is useful when creating arbitrary operations to be issued at a
 	// later time; the user can range over the operations, calling Do to
@@ -71,22 +67,46 @@ type OpResponse struct {
 	put *PutResponse
 	get *GetResponse
 	del *DeleteResponse
+	txn *TxnResponse
 }
 
 func (op OpResponse) Put() *PutResponse    { return op.put }
 func (op OpResponse) Get() *GetResponse    { return op.get }
 func (op OpResponse) Del() *DeleteResponse { return op.del }
+func (op OpResponse) Txn() *TxnResponse    { return op.txn }
+
+func (resp *PutResponse) OpResponse() OpResponse {
+	return OpResponse{put: resp}
+}
+func (resp *GetResponse) OpResponse() OpResponse {
+	return OpResponse{get: resp}
+}
+func (resp *DeleteResponse) OpResponse() OpResponse {
+	return OpResponse{del: resp}
+}
+func (resp *TxnResponse) OpResponse() OpResponse {
+	return OpResponse{txn: resp}
+}
 
 type kv struct {
-	remote pb.KVClient
+	remote   pb.KVClient
+	callOpts []grpc.CallOption
 }
 
 func NewKV(c *Client) KV {
-	return &kv{remote: RetryKVClient(c)}
+	api := &kv{remote: RetryKVClient(c)}
+	if c != nil {
+		api.callOpts = c.callOpts
+	}
+	return api
 }
 
-func NewKVFromKVClient(remote pb.KVClient) KV {
-	return &kv{remote: remote}
+func NewKVFromKVClient(remote pb.KVClient, c *Client) KV {
+	api := &kv{remote: remote}
+	if c != nil {
+		api.callOpts = c.callOpts
+	}
+	return api
 }
 
 func (kv *kv) Put(ctx context.Context, key, val string, opts ...OpOption) (*PutResponse, error) {
@@ -105,7 +125,7 @@ func (kv *kv) Delete(ctx context.Context, key string, opts ...OpOption) (*Delete
 }
 
 func (kv *kv) Compact(ctx context.Context, rev int64, opts ...CompactOption) (*CompactResponse, error) {
-	resp, err := kv.remote.Compact(ctx, OpCompact(rev, opts...).toRequest())
+	resp, err := kv.remote.Compact(ctx, OpCompact(rev, opts...).toRequest(), kv.callOpts...)
 	if err != nil {
 		return nil, toErr(ctx, err)
 	}
@@ -114,54 +134,43 @@ func (kv *kv) Compact(ctx context.Context, rev int64, opts ...CompactOption) (*C
 
 func (kv *kv) Txn(ctx context.Context) Txn {
 	return &txn{
-		kv:  kv,
-		ctx: ctx,
+		kv:       kv,
+		ctx:      ctx,
+		callOpts: kv.callOpts,
 	}
 }
 
 func (kv *kv) Do(ctx context.Context, op Op) (OpResponse, error) {
-	for {
-		resp, err := kv.do(ctx, op)
-		if err == nil {
-			return resp, nil
-		}
-
-		if isHaltErr(ctx, err) {
-			return resp, toErr(ctx, err)
-		}
-		// do not retry on modifications
-		if op.isWrite() {
-			return resp, toErr(ctx, err)
-		}
-	}
-}
-
-func (kv *kv) do(ctx context.Context, op Op) (OpResponse, error) {
 	var err error
 	switch op.t {
-	// TODO: handle other ops
 	case tRange:
 		var resp *pb.RangeResponse
-		resp, err = kv.remote.Range(ctx, op.toRangeRequest(), grpc.FailFast(false))
+		resp, err = kv.remote.Range(ctx, op.toRangeRequest(), kv.callOpts...)
 		if err == nil {
 			return OpResponse{get: (*GetResponse)(resp)}, nil
 		}
 	case tPut:
 		var resp *pb.PutResponse
-		r := &pb.PutRequest{Key: op.key, Value: op.val, Lease: int64(op.leaseID), PrevKv: op.prevKV}
-		resp, err = kv.remote.Put(ctx, r)
+		r := &pb.PutRequest{Key: op.key, Value: op.val, Lease: int64(op.leaseID), PrevKv: op.prevKV, IgnoreValue: op.ignoreValue, IgnoreLease: op.ignoreLease}
+		resp, err = kv.remote.Put(ctx, r, kv.callOpts...)
 		if err == nil {
 			return OpResponse{put: (*PutResponse)(resp)}, nil
 		}
 	case tDeleteRange:
 		var resp *pb.DeleteRangeResponse
 		r := &pb.DeleteRangeRequest{Key: op.key, RangeEnd: op.end, PrevKv: op.prevKV}
-		resp, err = kv.remote.DeleteRange(ctx, r)
+		resp, err = kv.remote.DeleteRange(ctx, r, kv.callOpts...)
 		if err == nil {
 			return OpResponse{del: (*DeleteResponse)(resp)}, nil
 		}
+	case tTxn:
+		var resp *pb.TxnResponse
+		resp, err = kv.remote.Txn(ctx, op.toTxnRequest(), kv.callOpts...)
+		if err == nil {
+			return OpResponse{txn: (*TxnResponse)(resp)}, nil
+		}
 	default:
 		panic("Unknown op")
 	}
-	return OpResponse{}, err
+	return OpResponse{}, toErr(ctx, err)
 }
diff --git a/vendor/github.com/coreos/etcd/clientv3/lease.go b/vendor/github.com/coreos/etcd/clientv3/lease.go
index 10d3dd0b27f8..e74e1d6b549f 100644
--- a/vendor/github.com/coreos/etcd/clientv3/lease.go
+++ b/vendor/github.com/coreos/etcd/clientv3/lease.go
@@ -20,8 +20,10 @@ import (
 
 	"github.com/coreos/etcd/etcdserver/api/v3rpc/rpctypes"
 	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
+
 	"golang.org/x/net/context"
 	"google.golang.org/grpc"
+	"google.golang.org/grpc/metadata"
 )
 
 type (
@@ -29,7 +31,7 @@ type (
 	LeaseID             int64
 )
 
-// LeaseGrantResponse is used to convert the protobuf grant response.
+// LeaseGrantResponse wraps the protobuf message LeaseGrantResponse.
 type LeaseGrantResponse struct {
 	*pb.ResponseHeader
 	ID    LeaseID
@@ -37,14 +39,14 @@ type LeaseGrantResponse struct {
 	Error string
 }
 
-// LeaseKeepAliveResponse is used to convert the protobuf keepalive response.
+// LeaseKeepAliveResponse wraps the protobuf message LeaseKeepAliveResponse.
 type LeaseKeepAliveResponse struct {
 	*pb.ResponseHeader
 	ID  LeaseID
 	TTL int64
 }
 
-// LeaseTimeToLiveResponse is used to convert the protobuf lease timetolive response.
+// LeaseTimeToLiveResponse wraps the protobuf message LeaseTimeToLiveResponse.
 type LeaseTimeToLiveResponse struct {
 	*pb.ResponseHeader
 	ID LeaseID `json:"id"`
@@ -59,6 +61,12 @@ type LeaseTimeToLiveResponse struct {
 	Keys [][]byte `json:"keys"`
 }
 
+// LeaseStatus represents a lease status.
+type LeaseStatus struct {
+	ID LeaseID `json:"id"`
+	// TODO: TTL int64
+}
+
 const (
 	// defaultTTL is the assumed lease TTL used for the first keepalive
 	// deadline before the actual TTL is known to the client.
@@ -67,6 +75,9 @@ const (
 	leaseResponseChSize = 16
 	// NoLease is a lease ID for the absence of a lease.
 	NoLease LeaseID = 0
+
+	// retryConnWait is how long to wait before retrying request due to an error
+	retryConnWait = 500 * time.Millisecond
 )
 
 // ErrKeepAliveHalted is returned if client keep alive loop halts with an unexpected error.
@@ -97,7 +108,7 @@ type Lease interface {
 	// KeepAlive keeps the given lease alive forever.
 	KeepAlive(ctx context.Context, id LeaseID) (<-chan *LeaseKeepAliveResponse, error)
 
-	// KeepAliveOnce renews the lease once. In most of the cases, Keepalive
+	// KeepAliveOnce renews the lease once. In most of the cases, KeepAlive
 	// should be used instead of KeepAliveOnce.
 	KeepAliveOnce(ctx context.Context, id LeaseID) (*LeaseKeepAliveResponse, error)
 
@@ -126,6 +137,11 @@ type lessor struct {
 	// firstKeepAliveTimeout is the timeout for the first keepalive request
 	// before the actual TTL is known to the lease client
 	firstKeepAliveTimeout time.Duration
+
+	// firstKeepAliveOnce ensures stream starts after first KeepAlive call.
+	firstKeepAliveOnce sync.Once
+
+	callOpts []grpc.CallOption
 }
 
 // keepAlive multiplexes a keepalive for a lease over multiple channels
@@ -141,85 +157,65 @@ type keepAlive struct {
 }
 
 func NewLease(c *Client) Lease {
+	return NewLeaseFromLeaseClient(RetryLeaseClient(c), c, c.cfg.DialTimeout+time.Second)
+}
+
+func NewLeaseFromLeaseClient(remote pb.LeaseClient, c *Client, keepAliveTimeout time.Duration) Lease {
 	l := &lessor{
 		donec:                 make(chan struct{}),
 		keepAlives:            make(map[LeaseID]*keepAlive),
-		remote:                RetryLeaseClient(c),
-		firstKeepAliveTimeout: c.cfg.DialTimeout + time.Second,
+		remote:                remote,
+		firstKeepAliveTimeout: keepAliveTimeout,
 	}
 	if l.firstKeepAliveTimeout == time.Second {
 		l.firstKeepAliveTimeout = defaultTTL
 	}
-
-	l.stopCtx, l.stopCancel = context.WithCancel(context.Background())
-	go l.recvKeepAliveLoop()
-	go l.deadlineLoop()
+	if c != nil {
+		l.callOpts = c.callOpts
+	}
+	reqLeaderCtx := WithRequireLeader(context.Background())
+	l.stopCtx, l.stopCancel = context.WithCancel(reqLeaderCtx)
 	return l
 }
 
 func (l *lessor) Grant(ctx context.Context, ttl int64) (*LeaseGrantResponse, error) {
-	cctx, cancel := context.WithCancel(ctx)
-	done := cancelWhenStop(cancel, l.stopCtx.Done())
-	defer close(done)
-
-	for {
-		r := &pb.LeaseGrantRequest{TTL: ttl}
-		resp, err := l.remote.LeaseGrant(cctx, r)
-		if err == nil {
-			gresp := &LeaseGrantResponse{
-				ResponseHeader: resp.GetHeader(),
-				ID:             LeaseID(resp.ID),
-				TTL:            resp.TTL,
-				Error:          resp.Error,
-			}
-			return gresp, nil
-		}
-		if isHaltErr(cctx, err) {
-			return nil, toErr(cctx, err)
+	r := &pb.LeaseGrantRequest{TTL: ttl}
+	resp, err := l.remote.LeaseGrant(ctx, r, l.callOpts...)
+	if err == nil {
+		gresp := &LeaseGrantResponse{
+			ResponseHeader: resp.GetHeader(),
+			ID:             LeaseID(resp.ID),
+			TTL:            resp.TTL,
+			Error:          resp.Error,
 		}
+		return gresp, nil
 	}
+	return nil, toErr(ctx, err)
 }
 
 func (l *lessor) Revoke(ctx context.Context, id LeaseID) (*LeaseRevokeResponse, error) {
-	cctx, cancel := context.WithCancel(ctx)
-	done := cancelWhenStop(cancel, l.stopCtx.Done())
-	defer close(done)
-
-	for {
-		r := &pb.LeaseRevokeRequest{ID: int64(id)}
-		resp, err := l.remote.LeaseRevoke(cctx, r)
-
-		if err == nil {
-			return (*LeaseRevokeResponse)(resp), nil
-		}
-		if isHaltErr(ctx, err) {
-			return nil, toErr(ctx, err)
-		}
+	r := &pb.LeaseRevokeRequest{ID: int64(id)}
+	resp, err := l.remote.LeaseRevoke(ctx, r, l.callOpts...)
+	if err == nil {
+		return (*LeaseRevokeResponse)(resp), nil
 	}
+	return nil, toErr(ctx, err)
 }
 
 func (l *lessor) TimeToLive(ctx context.Context, id LeaseID, opts ...LeaseOption) (*LeaseTimeToLiveResponse, error) {
-	cctx, cancel := context.WithCancel(ctx)
-	done := cancelWhenStop(cancel, l.stopCtx.Done())
-	defer close(done)
-
-	for {
-		r := toLeaseTimeToLiveRequest(id, opts...)
-		resp, err := l.remote.LeaseTimeToLive(cctx, r, grpc.FailFast(false))
-		if err == nil {
-			gresp := &LeaseTimeToLiveResponse{
-				ResponseHeader: resp.GetHeader(),
-				ID:             LeaseID(resp.ID),
-				TTL:            resp.TTL,
-				GrantedTTL:     resp.GrantedTTL,
-				Keys:           resp.Keys,
-			}
-			return gresp, nil
-		}
-		if isHaltErr(cctx, err) {
-			return nil, toErr(cctx, err)
+	r := toLeaseTimeToLiveRequest(id, opts...)
+	resp, err := l.remote.LeaseTimeToLive(ctx, r, l.callOpts...)
+	if err == nil {
+		gresp := &LeaseTimeToLiveResponse{
+			ResponseHeader: resp.GetHeader(),
+			ID:             LeaseID(resp.ID),
+			TTL:            resp.TTL,
+			GrantedTTL:     resp.GrantedTTL,
+			Keys:           resp.Keys,
 		}
+		return gresp, nil
 	}
+	return nil, toErr(ctx, err)
 }
 
 func (l *lessor) KeepAlive(ctx context.Context, id LeaseID) (<-chan *LeaseKeepAliveResponse, error) {
@@ -254,19 +250,19 @@ func (l *lessor) KeepAlive(ctx context.Context, id LeaseID) (<-chan *LeaseKeepAl
 	l.mu.Unlock()
 
 	go l.keepAliveCtxCloser(id, ctx, ka.donec)
+	l.firstKeepAliveOnce.Do(func() {
+		go l.recvKeepAliveLoop()
+		go l.deadlineLoop()
+	})
 
 	return ch, nil
 }
 
 func (l *lessor) KeepAliveOnce(ctx context.Context, id LeaseID) (*LeaseKeepAliveResponse, error) {
-	cctx, cancel := context.WithCancel(ctx)
-	done := cancelWhenStop(cancel, l.stopCtx.Done())
-	defer close(done)
-
 	for {
-		resp, err := l.keepAliveOnce(cctx, id)
+		resp, err := l.keepAliveOnce(ctx, id)
 		if err == nil {
-			if resp.TTL == 0 {
+			if resp.TTL <= 0 {
 				err = rpctypes.ErrLeaseNotFound
 			}
 			return resp, err
@@ -279,6 +275,8 @@ func (l *lessor) KeepAliveOnce(ctx context.Context, id LeaseID) (*LeaseKeepAlive
 
 func (l *lessor) Close() error {
 	l.stopCancel()
+	// close for synchronous teardown if stream goroutines never launched
+	l.firstKeepAliveOnce.Do(func() { close(l.donec) })
 	<-l.donec
 	return nil
 }
@@ -315,11 +313,50 @@ func (l *lessor) keepAliveCtxCloser(id LeaseID, ctx context.Context, donec <-cha
 	}
 }
 
+// closeRequireLeader scans keepAlives for ctxs that have require leader
+// and closes the associated channels.
+func (l *lessor) closeRequireLeader() {
+	l.mu.Lock()
+	defer l.mu.Unlock()
+	for _, ka := range l.keepAlives {
+		reqIdxs := 0
+		// find all required leader channels, close, mark as nil
+		for i, ctx := range ka.ctxs {
+			md, ok := metadata.FromOutgoingContext(ctx)
+			if !ok {
+				continue
+			}
+			ks := md[rpctypes.MetadataRequireLeaderKey]
+			if len(ks) < 1 || ks[0] != rpctypes.MetadataHasLeader {
+				continue
+			}
+			close(ka.chs[i])
+			ka.chs[i] = nil
+			reqIdxs++
+		}
+		if reqIdxs == 0 {
+			continue
+		}
+		// remove all channels that required a leader from keepalive
+		newChs := make([]chan<- *LeaseKeepAliveResponse, len(ka.chs)-reqIdxs)
+		newCtxs := make([]context.Context, len(newChs))
+		newIdx := 0
+		for i := range ka.chs {
+			if ka.chs[i] == nil {
+				continue
+			}
+			newChs[newIdx], newCtxs[newIdx] = ka.chs[i], ka.ctxs[newIdx]
+			newIdx++
+		}
+		ka.chs, ka.ctxs = newChs, newCtxs
+	}
+}
+
 func (l *lessor) keepAliveOnce(ctx context.Context, id LeaseID) (*LeaseKeepAliveResponse, error) {
 	cctx, cancel := context.WithCancel(ctx)
 	defer cancel()
 
-	stream, err := l.remote.LeaseKeepAlive(cctx, grpc.FailFast(false))
+	stream, err := l.remote.LeaseKeepAlive(cctx, l.callOpts...)
 	if err != nil {
 		return nil, toErr(ctx, err)
 	}
@@ -348,32 +385,50 @@ func (l *lessor) recvKeepAliveLoop() (gerr error) {
 		close(l.donec)
 		l.loopErr = gerr
 		for _, ka := range l.keepAlives {
-			ka.Close()
+			ka.close()
 		}
 		l.keepAlives = make(map[LeaseID]*keepAlive)
 		l.mu.Unlock()
 	}()
 
-	stream, serr := l.resetRecv()
-	for serr == nil {
-		resp, err := stream.Recv()
+	for {
+		stream, err := l.resetRecv()
 		if err != nil {
-			if isHaltErr(l.stopCtx, err) {
+			if canceledByCaller(l.stopCtx, err) {
 				return err
 			}
-			stream, serr = l.resetRecv()
+		} else {
+			for {
+				resp, err := stream.Recv()
+				if err != nil {
+					if canceledByCaller(l.stopCtx, err) {
+						return err
+					}
+
+					if toErr(l.stopCtx, err) == rpctypes.ErrNoLeader {
+						l.closeRequireLeader()
+					}
+					break
+				}
+
+				l.recvKeepAlive(resp)
+			}
+		}
+
+		select {
+		case <-time.After(retryConnWait):
 			continue
+		case <-l.stopCtx.Done():
+			return l.stopCtx.Err()
 		}
-		l.recvKeepAlive(resp)
 	}
-	return serr
 }
 
-// resetRecv opens a new lease stream and starts sending LeaseKeepAliveRequests
+// resetRecv opens a new lease stream and starts sending keep alive requests.
 func (l *lessor) resetRecv() (pb.Lease_LeaseKeepAliveClient, error) {
 	sctx, cancel := context.WithCancel(l.stopCtx)
-	stream, err := l.remote.LeaseKeepAlive(sctx, grpc.FailFast(false))
-	if err = toErr(sctx, err); err != nil {
+	stream, err := l.remote.LeaseKeepAlive(sctx, l.callOpts...)
+	if err != nil {
 		cancel()
 		return nil, err
 	}
@@ -381,7 +436,6 @@ func (l *lessor) resetRecv() (pb.Lease_LeaseKeepAliveClient, error) {
 	l.mu.Lock()
 	defer l.mu.Unlock()
 	if l.stream != nil && l.streamCancel != nil {
-		l.stream.CloseSend()
 		l.streamCancel()
 	}
 
@@ -411,7 +465,7 @@ func (l *lessor) recvKeepAlive(resp *pb.LeaseKeepAliveResponse) {
 	if karesp.TTL <= 0 {
 		// lease expired; close all keep alive channels
 		delete(l.keepAlives, karesp.ID)
-		ka.Close()
+		ka.close()
 		return
 	}
 
@@ -441,7 +495,7 @@ func (l *lessor) deadlineLoop() {
 		for id, ka := range l.keepAlives {
 			if ka.deadline.Before(now) {
 				// waited too long for response; lease may be expired
-				ka.Close()
+				ka.close()
 				delete(l.keepAlives, id)
 			}
 		}
@@ -449,19 +503,9 @@ func (l *lessor) deadlineLoop() {
 	}
 }
 
-// sendKeepAliveLoop sends LeaseKeepAliveRequests for the lifetime of a lease stream
+// sendKeepAliveLoop sends keep alive requests for the lifetime of the given stream.
 func (l *lessor) sendKeepAliveLoop(stream pb.Lease_LeaseKeepAliveClient) {
 	for {
-		select {
-		case <-time.After(500 * time.Millisecond):
-		case <-stream.Context().Done():
-			return
-		case <-l.donec:
-			return
-		case <-l.stopCtx.Done():
-			return
-		}
-
 		var tosend []LeaseID
 
 		now := time.Now()
@@ -480,29 +524,22 @@ func (l *lessor) sendKeepAliveLoop(stream pb.Lease_LeaseKeepAliveClient) {
 				return
 			}
 		}
+
+		select {
+		case <-time.After(500 * time.Millisecond):
+		case <-stream.Context().Done():
+			return
+		case <-l.donec:
+			return
+		case <-l.stopCtx.Done():
+			return
+		}
 	}
 }
 
-func (ka *keepAlive) Close() {
+func (ka *keepAlive) close() {
 	close(ka.donec)
 	for _, ch := range ka.chs {
 		close(ch)
 	}
 }
-
-// cancelWhenStop calls cancel when the given stopc fires. It returns a done chan. done
-// should be closed when the work is finished. When done fires, cancelWhenStop will release
-// its internal resource.
-func cancelWhenStop(cancel context.CancelFunc, stopc <-chan struct{}) chan<- struct{} {
-	done := make(chan struct{}, 1)
-
-	go func() {
-		select {
-		case <-stopc:
-		case <-done:
-		}
-		cancel()
-	}()
-
-	return done
-}
diff --git a/vendor/github.com/coreos/etcd/clientv3/logger.go b/vendor/github.com/coreos/etcd/clientv3/logger.go
index 519db45d8e34..012abdbce639 100644
--- a/vendor/github.com/coreos/etcd/clientv3/logger.go
+++ b/vendor/github.com/coreos/etcd/clientv3/logger.go
@@ -16,36 +16,35 @@ package clientv3
 
 import (
 	"io/ioutil"
-	"log"
 	"sync"
 
 	"google.golang.org/grpc/grpclog"
 )
 
 // Logger is the logger used by client library.
-// It implements grpclog.Logger interface.
-type Logger grpclog.Logger
+// It implements grpclog.LoggerV2 interface.
+type Logger grpclog.LoggerV2
 
 var (
 	logger settableLogger
 )
 
 type settableLogger struct {
-	l  grpclog.Logger
+	l  grpclog.LoggerV2
 	mu sync.RWMutex
 }
 
 func init() {
 	// disable client side logs by default
 	logger.mu.Lock()
-	logger.l = log.New(ioutil.Discard, "", 0)
+	logger.l = grpclog.NewLoggerV2(ioutil.Discard, ioutil.Discard, ioutil.Discard)
 
 	// logger has to override the grpclog at initialization so that
 	// any changes to the grpclog go through logger with locking
 	// instead of through SetLogger
 	//
 	// now updates only happen through settableLogger.set
-	grpclog.SetLogger(&logger)
+	grpclog.SetLoggerV2(&logger)
 	logger.mu.Unlock()
 }
 
@@ -62,6 +61,7 @@ func GetLogger() Logger {
 func (s *settableLogger) set(l Logger) {
 	s.mu.Lock()
 	logger.l = l
+	grpclog.SetLoggerV2(&logger)
 	s.mu.Unlock()
 }
 
@@ -72,11 +72,25 @@ func (s *settableLogger) get() Logger {
 	return l
 }
 
-// implement the grpclog.Logger interface
+// implement the grpclog.LoggerV2 interface
 
+func (s *settableLogger) Info(args ...interface{})                 { s.get().Info(args...) }
+func (s *settableLogger) Infof(format string, args ...interface{}) { s.get().Infof(format, args...) }
+func (s *settableLogger) Infoln(args ...interface{})               { s.get().Infoln(args...) }
+func (s *settableLogger) Warning(args ...interface{})              { s.get().Warning(args...) }
+func (s *settableLogger) Warningf(format string, args ...interface{}) {
+	s.get().Warningf(format, args...)
+}
+func (s *settableLogger) Warningln(args ...interface{}) { s.get().Warningln(args...) }
+func (s *settableLogger) Error(args ...interface{})     { s.get().Error(args...) }
+func (s *settableLogger) Errorf(format string, args ...interface{}) {
+	s.get().Errorf(format, args...)
+}
+func (s *settableLogger) Errorln(args ...interface{})               { s.get().Errorln(args...) }
 func (s *settableLogger) Fatal(args ...interface{})                 { s.get().Fatal(args...) }
 func (s *settableLogger) Fatalf(format string, args ...interface{}) { s.get().Fatalf(format, args...) }
 func (s *settableLogger) Fatalln(args ...interface{})               { s.get().Fatalln(args...) }
-func (s *settableLogger) Print(args ...interface{})                 { s.get().Print(args...) }
-func (s *settableLogger) Printf(format string, args ...interface{}) { s.get().Printf(format, args...) }
-func (s *settableLogger) Println(args ...interface{})               { s.get().Println(args...) }
+func (s *settableLogger) Print(args ...interface{})                 { s.get().Info(args...) }
+func (s *settableLogger) Printf(format string, args ...interface{}) { s.get().Infof(format, args...) }
+func (s *settableLogger) Println(args ...interface{})               { s.get().Infoln(args...) }
+func (s *settableLogger) V(l int) bool                              { return s.get().V(l) }
diff --git a/vendor/github.com/coreos/etcd/clientv3/maintenance.go b/vendor/github.com/coreos/etcd/clientv3/maintenance.go
index 718356250beb..67b928fcfb3a 100644
--- a/vendor/github.com/coreos/etcd/clientv3/maintenance.go
+++ b/vendor/github.com/coreos/etcd/clientv3/maintenance.go
@@ -18,6 +18,7 @@ import (
 	"io"
 
 	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
+
 	"golang.org/x/net/context"
 	"google.golang.org/grpc"
 )
@@ -36,7 +37,7 @@ type Maintenance interface {
 	// AlarmDisarm disarms a given alarm.
 	AlarmDisarm(ctx context.Context, m *AlarmMember) (*AlarmResponse, error)
 
-	// Defragment defragments storage backend of the etcd member with given endpoint.
+	// Defragment releases wasted space from internal fragmentation on a given etcd member.
 	// Defragment is only needed when deleting a large number of keys and want to reclaim
 	// the resources.
 	// Defragment is an expensive operation. User should avoid defragmenting multiple members
@@ -48,17 +49,45 @@ type Maintenance interface {
 	// Status gets the status of the endpoint.
 	Status(ctx context.Context, endpoint string) (*StatusResponse, error)
 
-	// Snapshot provides a reader for a snapshot of a backend.
+	// Snapshot provides a reader for a point-in-time snapshot of etcd.
 	Snapshot(ctx context.Context) (io.ReadCloser, error)
 }
 
 type maintenance struct {
-	c      *Client
-	remote pb.MaintenanceClient
+	dial     func(endpoint string) (pb.MaintenanceClient, func(), error)
+	remote   pb.MaintenanceClient
+	callOpts []grpc.CallOption
 }
 
 func NewMaintenance(c *Client) Maintenance {
-	return &maintenance{c: c, remote: pb.NewMaintenanceClient(c.conn)}
+	api := &maintenance{
+		dial: func(endpoint string) (pb.MaintenanceClient, func(), error) {
+			conn, err := c.dial(endpoint)
+			if err != nil {
+				return nil, nil, err
+			}
+			cancel := func() { conn.Close() }
+			return RetryMaintenanceClient(c, conn), cancel, nil
+		},
+		remote: RetryMaintenanceClient(c, c.conn),
+	}
+	if c != nil {
+		api.callOpts = c.callOpts
+	}
+	return api
+}
+
+func NewMaintenanceFromMaintenanceClient(remote pb.MaintenanceClient, c *Client) Maintenance {
+	api := &maintenance{
+		dial: func(string) (pb.MaintenanceClient, func(), error) {
+			return remote, func() {}, nil
+		},
+		remote: remote,
+	}
+	if c != nil {
+		api.callOpts = c.callOpts
+	}
+	return api
 }
 
 func (m *maintenance) AlarmList(ctx context.Context) (*AlarmResponse, error) {
@@ -67,15 +96,11 @@ func (m *maintenance) AlarmList(ctx context.Context) (*AlarmResponse, error) {
 		MemberID: 0,                 // all
 		Alarm:    pb.AlarmType_NONE, // all
 	}
-	for {
-		resp, err := m.remote.Alarm(ctx, req, grpc.FailFast(false))
-		if err == nil {
-			return (*AlarmResponse)(resp), nil
-		}
-		if isHaltErr(ctx, err) {
-			return nil, toErr(ctx, err)
-		}
+	resp, err := m.remote.Alarm(ctx, req, m.callOpts...)
+	if err == nil {
+		return (*AlarmResponse)(resp), nil
 	}
+	return nil, toErr(ctx, err)
 }
 
 func (m *maintenance) AlarmDisarm(ctx context.Context, am *AlarmMember) (*AlarmResponse, error) {
@@ -101,7 +126,7 @@ func (m *maintenance) AlarmDisarm(ctx context.Context, am *AlarmMember) (*AlarmR
 		return &ret, nil
 	}
 
-	resp, err := m.remote.Alarm(ctx, req, grpc.FailFast(false))
+	resp, err := m.remote.Alarm(ctx, req, m.callOpts...)
 	if err == nil {
 		return (*AlarmResponse)(resp), nil
 	}
@@ -109,13 +134,12 @@ func (m *maintenance) AlarmDisarm(ctx context.Context, am *AlarmMember) (*AlarmR
 }
 
 func (m *maintenance) Defragment(ctx context.Context, endpoint string) (*DefragmentResponse, error) {
-	conn, err := m.c.Dial(endpoint)
+	remote, cancel, err := m.dial(endpoint)
 	if err != nil {
 		return nil, toErr(ctx, err)
 	}
-	defer conn.Close()
-	remote := pb.NewMaintenanceClient(conn)
-	resp, err := remote.Defragment(ctx, &pb.DefragmentRequest{}, grpc.FailFast(false))
+	defer cancel()
+	resp, err := remote.Defragment(ctx, &pb.DefragmentRequest{}, m.callOpts...)
 	if err != nil {
 		return nil, toErr(ctx, err)
 	}
@@ -123,13 +147,12 @@ func (m *maintenance) Defragment(ctx context.Context, endpoint string) (*Defragm
 }
 
 func (m *maintenance) Status(ctx context.Context, endpoint string) (*StatusResponse, error) {
-	conn, err := m.c.Dial(endpoint)
+	remote, cancel, err := m.dial(endpoint)
 	if err != nil {
 		return nil, toErr(ctx, err)
 	}
-	defer conn.Close()
-	remote := pb.NewMaintenanceClient(conn)
-	resp, err := remote.Status(ctx, &pb.StatusRequest{}, grpc.FailFast(false))
+	defer cancel()
+	resp, err := remote.Status(ctx, &pb.StatusRequest{}, m.callOpts...)
 	if err != nil {
 		return nil, toErr(ctx, err)
 	}
@@ -137,7 +160,7 @@ func (m *maintenance) Status(ctx context.Context, endpoint string) (*StatusRespo
 }
 
 func (m *maintenance) Snapshot(ctx context.Context) (io.ReadCloser, error) {
-	ss, err := m.remote.Snapshot(ctx, &pb.SnapshotRequest{}, grpc.FailFast(false))
+	ss, err := m.remote.Snapshot(ctx, &pb.SnapshotRequest{}, m.callOpts...)
 	if err != nil {
 		return nil, toErr(ctx, err)
 	}
diff --git a/vendor/github.com/coreos/etcd/clientv3/op.go b/vendor/github.com/coreos/etcd/clientv3/op.go
index 6e2600766988..e18d28662c46 100644
--- a/vendor/github.com/coreos/etcd/clientv3/op.go
+++ b/vendor/github.com/coreos/etcd/clientv3/op.go
@@ -23,6 +23,7 @@ const (
 	tRange opType = iota + 1
 	tPut
 	tDeleteRange
+	tTxn
 )
 
 var (
@@ -52,6 +53,10 @@ type Op struct {
 	// for watch, put, delete
 	prevKV bool
 
+	// for put
+	ignoreValue bool
+	ignoreLease bool
+
 	// progressNotify is for progress updates.
 	progressNotify bool
 	// createdNotify is for created event
@@ -63,8 +68,69 @@ type Op struct {
 	// for put
 	val     []byte
 	leaseID LeaseID
+
+	// txn
+	cmps    []Cmp
+	thenOps []Op
+	elseOps []Op
 }
 
+// accessors / mutators
+
+func (op Op) IsTxn() bool              { return op.t == tTxn }
+func (op Op) Txn() ([]Cmp, []Op, []Op) { return op.cmps, op.thenOps, op.elseOps }
+
+// KeyBytes returns the byte slice holding the Op's key.
+func (op Op) KeyBytes() []byte { return op.key }
+
+// WithKeyBytes sets the byte slice for the Op's key.
+func (op *Op) WithKeyBytes(key []byte) { op.key = key }
+
+// RangeBytes returns the byte slice holding with the Op's range end, if any.
+func (op Op) RangeBytes() []byte { return op.end }
+
+// Rev returns the requested revision, if any.
+func (op Op) Rev() int64 { return op.rev }
+
+// IsPut returns true iff the operation is a Put.
+func (op Op) IsPut() bool { return op.t == tPut }
+
+// IsGet returns true iff the operation is a Get.
+func (op Op) IsGet() bool { return op.t == tRange }
+
+// IsDelete returns true iff the operation is a Delete.
+func (op Op) IsDelete() bool { return op.t == tDeleteRange }
+
+// IsSerializable returns true if the serializable field is true.
+func (op Op) IsSerializable() bool { return op.serializable == true }
+
+// IsKeysOnly returns whether keysOnly is set.
+func (op Op) IsKeysOnly() bool { return op.keysOnly == true }
+
+// IsCountOnly returns whether countOnly is set.
+func (op Op) IsCountOnly() bool { return op.countOnly == true }
+
+// MinModRev returns the operation's minimum modify revision.
+func (op Op) MinModRev() int64 { return op.minModRev }
+
+// MaxModRev returns the operation's maximum modify revision.
+func (op Op) MaxModRev() int64 { return op.maxModRev }
+
+// MinCreateRev returns the operation's minimum create revision.
+func (op Op) MinCreateRev() int64 { return op.minCreateRev }
+
+// MaxCreateRev returns the operation's maximum create revision.
+func (op Op) MaxCreateRev() int64 { return op.maxCreateRev }
+
+// WithRangeBytes sets the byte slice for the Op's range end.
+func (op *Op) WithRangeBytes(end []byte) { op.end = end }
+
+// ValueBytes returns the byte slice holding the Op's value, if any.
+func (op Op) ValueBytes() []byte { return op.val }
+
+// WithValueBytes sets the byte slice for the Op's value.
+func (op *Op) WithValueBytes(v []byte) { op.val = v }
+
 func (op Op) toRangeRequest() *pb.RangeRequest {
 	if op.t != tRange {
 		panic("op.t != tRange")
@@ -89,12 +155,28 @@ func (op Op) toRangeRequest() *pb.RangeRequest {
 	return r
 }
 
+func (op Op) toTxnRequest() *pb.TxnRequest {
+	thenOps := make([]*pb.RequestOp, len(op.thenOps))
+	for i, tOp := range op.thenOps {
+		thenOps[i] = tOp.toRequestOp()
+	}
+	elseOps := make([]*pb.RequestOp, len(op.elseOps))
+	for i, eOp := range op.elseOps {
+		elseOps[i] = eOp.toRequestOp()
+	}
+	cmps := make([]*pb.Compare, len(op.cmps))
+	for i := range op.cmps {
+		cmps[i] = (*pb.Compare)(&op.cmps[i])
+	}
+	return &pb.TxnRequest{Compare: cmps, Success: thenOps, Failure: elseOps}
+}
+
 func (op Op) toRequestOp() *pb.RequestOp {
 	switch op.t {
 	case tRange:
 		return &pb.RequestOp{Request: &pb.RequestOp_RequestRange{RequestRange: op.toRangeRequest()}}
 	case tPut:
-		r := &pb.PutRequest{Key: op.key, Value: op.val, Lease: int64(op.leaseID), PrevKv: op.prevKV}
+		r := &pb.PutRequest{Key: op.key, Value: op.val, Lease: int64(op.leaseID), PrevKv: op.prevKV, IgnoreValue: op.ignoreValue, IgnoreLease: op.ignoreLease}
 		return &pb.RequestOp{Request: &pb.RequestOp_RequestPut{RequestPut: r}}
 	case tDeleteRange:
 		r := &pb.DeleteRangeRequest{Key: op.key, RangeEnd: op.end, PrevKv: op.prevKV}
@@ -105,6 +187,19 @@ func (op Op) toRequestOp() *pb.RequestOp {
 }
 
 func (op Op) isWrite() bool {
+	if op.t == tTxn {
+		for _, tOp := range op.thenOps {
+			if tOp.isWrite() {
+				return true
+			}
+		}
+		for _, tOp := range op.elseOps {
+			if tOp.isWrite() {
+				return true
+			}
+		}
+		return false
+	}
 	return op.t != tRange
 }
 
@@ -170,6 +265,10 @@ func OpPut(key, val string, opts ...OpOption) Op {
 	return ret
 }
 
+func OpTxn(cmps []Cmp, thenOps []Op, elseOps []Op) Op {
+	return Op{t: tTxn, cmps: cmps, thenOps: thenOps, elseOps: elseOps}
+}
+
 func opWatch(key string, opts ...OpOption) Op {
 	ret := Op{t: tRange, key: []byte(key)}
 	ret.applyOpts(opts)
@@ -207,6 +306,7 @@ func WithLease(leaseID LeaseID) OpOption {
 }
 
 // WithLimit limits the number of results to return from 'Get' request.
+// If WithLimit is given a 0 limit, it is treated as no limit.
 func WithLimit(n int64) OpOption { return func(op *Op) { op.limit = n } }
 
 // WithRev specifies the store revision for 'Get' request.
@@ -222,9 +322,9 @@ func WithSort(target SortTarget, order SortOrder) OpOption {
 		if target == SortByKey && order == SortAscend {
 			// If order != SortNone, server fetches the entire key-space,
 			// and then applies the sort and limit, if provided.
-			// Since current mvcc.Range implementation returns results
-			// sorted by keys in lexicographically ascending order,
-			// client should ignore SortOrder if the target is SortByKey.
+			// Since by default the server returns results sorted by keys
+			// in lexicographically ascending order, the client should ignore
+			// SortOrder if the target is SortByKey.
 			order = SortNone
 		}
 		op.sort = &SortOption{target, order}
@@ -257,6 +357,10 @@ func getPrefix(key []byte) []byte {
 // can return 'foo1', 'foo2', and so on.
 func WithPrefix() OpOption {
 	return func(op *Op) {
+		if len(op.key) == 0 {
+			op.key, op.end = []byte{0}, []byte{0}
+			return
+		}
 		op.end = getPrefix(op.key)
 	}
 }
@@ -360,6 +464,24 @@ func WithPrevKV() OpOption {
 	}
 }
 
+// WithIgnoreValue updates the key using its current value.
+// This option can not be combined with non-empty values.
+// Returns an error if the key does not exist.
+func WithIgnoreValue() OpOption {
+	return func(op *Op) {
+		op.ignoreValue = true
+	}
+}
+
+// WithIgnoreLease updates the key using its current lease.
+// This option can not be combined with WithLease.
+// Returns an error if the key does not exist.
+func WithIgnoreLease() OpOption {
+	return func(op *Op) {
+		op.ignoreLease = true
+	}
+}
+
 // LeaseOp represents an Operation that lease can execute.
 type LeaseOp struct {
 	id LeaseID
@@ -377,8 +499,7 @@ func (op *LeaseOp) applyOpts(opts []LeaseOption) {
 	}
 }
 
-// WithAttachedKeys requests lease timetolive API to return
-// attached keys of given lease ID.
+// WithAttachedKeys makes TimeToLive list the keys attached to the given lease ID.
 func WithAttachedKeys() LeaseOption {
 	return func(op *LeaseOp) { op.attachedKeys = true }
 }
diff --git a/vendor/github.com/coreos/etcd/clientv3/ready_wait.go b/vendor/github.com/coreos/etcd/clientv3/ready_wait.go
new file mode 100644
index 000000000000..23eea9367ff7
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/clientv3/ready_wait.go
@@ -0,0 +1,30 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package clientv3
+
+import "golang.org/x/net/context"
+
+// TODO: remove this when "FailFast=false" is fixed.
+// See https://github.com/grpc/grpc-go/issues/1532.
+func readyWait(rpcCtx, clientCtx context.Context, ready <-chan struct{}) error {
+	select {
+	case <-ready:
+		return nil
+	case <-rpcCtx.Done():
+		return rpcCtx.Err()
+	case <-clientCtx.Done():
+		return clientCtx.Err()
+	}
+}
diff --git a/vendor/github.com/coreos/etcd/clientv3/retry.go b/vendor/github.com/coreos/etcd/clientv3/retry.go
index 78f31a8c4b0c..c95b2cad7c4f 100644
--- a/vendor/github.com/coreos/etcd/clientv3/retry.go
+++ b/vendor/github.com/coreos/etcd/clientv3/retry.go
@@ -17,135 +17,183 @@ package clientv3
 import (
 	"github.com/coreos/etcd/etcdserver/api/v3rpc/rpctypes"
 	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
+
 	"golang.org/x/net/context"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/status"
 )
 
 type rpcFunc func(ctx context.Context) error
-type retryRpcFunc func(context.Context, rpcFunc) error
+type retryRPCFunc func(context.Context, rpcFunc) error
+type retryStopErrFunc func(error) bool
+
+func isRepeatableStopError(err error) bool {
+	eErr := rpctypes.Error(err)
+	// always stop retry on etcd errors
+	if serverErr, ok := eErr.(rpctypes.EtcdError); ok && serverErr.Code() != codes.Unavailable {
+		return true
+	}
+	// only retry if unavailable
+	ev, _ := status.FromError(err)
+	return ev.Code() != codes.Unavailable
+}
+
+func isNonRepeatableStopError(err error) bool {
+	ev, _ := status.FromError(err)
+	if ev.Code() != codes.Unavailable {
+		return true
+	}
+	desc := rpctypes.ErrorDesc(err)
+	return desc != "there is no address available" && desc != "there is no connection available"
+}
 
-func (c *Client) newRetryWrapper() retryRpcFunc {
+func (c *Client) newRetryWrapper(isStop retryStopErrFunc) retryRPCFunc {
 	return func(rpcCtx context.Context, f rpcFunc) error {
 		for {
+			if err := readyWait(rpcCtx, c.ctx, c.balancer.ConnectNotify()); err != nil {
+				return err
+			}
+			pinned := c.balancer.pinned()
 			err := f(rpcCtx)
 			if err == nil {
 				return nil
 			}
-
-			eErr := rpctypes.Error(err)
-			// always stop retry on etcd errors
-			if _, ok := eErr.(rpctypes.EtcdError); ok {
-				return err
+			if logger.V(4) {
+				logger.Infof("clientv3/retry: error %q on pinned endpoint %q", err.Error(), pinned)
 			}
 
-			// only retry if unavailable
-			if grpc.Code(err) != codes.Unavailable {
-				return err
+			if s, ok := status.FromError(err); ok && (s.Code() == codes.Unavailable || s.Code() == codes.DeadlineExceeded || s.Code() == codes.Internal) {
+				// mark this before endpoint switch is triggered
+				c.balancer.hostPortError(pinned, err)
+				c.balancer.next()
+				if logger.V(4) {
+					logger.Infof("clientv3/retry: switching from %q due to error %q", pinned, err.Error())
+				}
 			}
 
-			select {
-			case <-c.balancer.ConnectNotify():
-			case <-rpcCtx.Done():
-				return rpcCtx.Err()
-			case <-c.ctx.Done():
-				return c.ctx.Err()
+			if isStop(err) {
+				return err
 			}
 		}
 	}
 }
 
-func (c *Client) newAuthRetryWrapper() retryRpcFunc {
+func (c *Client) newAuthRetryWrapper() retryRPCFunc {
 	return func(rpcCtx context.Context, f rpcFunc) error {
 		for {
+			pinned := c.balancer.pinned()
 			err := f(rpcCtx)
 			if err == nil {
 				return nil
 			}
-
+			if logger.V(4) {
+				logger.Infof("clientv3/auth-retry: error %q on pinned endpoint %q", err.Error(), pinned)
+			}
 			// always stop retry on etcd errors other than invalid auth token
 			if rpctypes.Error(err) == rpctypes.ErrInvalidAuthToken {
 				gterr := c.getToken(rpcCtx)
 				if gterr != nil {
+					if logger.V(4) {
+						logger.Infof("clientv3/auth-retry: cannot retry due to error %q(%q) on pinned endpoint %q", err.Error(), gterr.Error(), pinned)
+					}
 					return err // return the original error for simplicity
 				}
 				continue
 			}
-
 			return err
 		}
 	}
 }
 
-// RetryKVClient implements a KVClient that uses the client's FailFast retry policy.
+// RetryKVClient implements a KVClient.
 func RetryKVClient(c *Client) pb.KVClient {
-	retryWrite := &retryWriteKVClient{pb.NewKVClient(c.conn), c.retryWrapper}
-	return &retryKVClient{&retryWriteKVClient{retryWrite, c.retryAuthWrapper}}
+	repeatableRetry := c.newRetryWrapper(isRepeatableStopError)
+	nonRepeatableRetry := c.newRetryWrapper(isNonRepeatableStopError)
+	conn := pb.NewKVClient(c.conn)
+	retryBasic := &retryKVClient{&nonRepeatableKVClient{conn, nonRepeatableRetry}, repeatableRetry}
+	retryAuthWrapper := c.newAuthRetryWrapper()
+	return &retryKVClient{
+		&nonRepeatableKVClient{retryBasic, retryAuthWrapper},
+		retryAuthWrapper}
 }
 
 type retryKVClient struct {
-	*retryWriteKVClient
+	*nonRepeatableKVClient
+	repeatableRetry retryRPCFunc
 }
 
 func (rkv *retryKVClient) Range(ctx context.Context, in *pb.RangeRequest, opts ...grpc.CallOption) (resp *pb.RangeResponse, err error) {
-	err = rkv.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rkv.retryWriteKVClient.Range(rctx, in, opts...)
+	err = rkv.repeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rkv.kc.Range(rctx, in, opts...)
 		return err
 	})
 	return resp, err
 }
 
-type retryWriteKVClient struct {
-	pb.KVClient
-	retryf retryRpcFunc
+type nonRepeatableKVClient struct {
+	kc                 pb.KVClient
+	nonRepeatableRetry retryRPCFunc
 }
 
-func (rkv *retryWriteKVClient) Put(ctx context.Context, in *pb.PutRequest, opts ...grpc.CallOption) (resp *pb.PutResponse, err error) {
-	err = rkv.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rkv.KVClient.Put(rctx, in, opts...)
+func (rkv *nonRepeatableKVClient) Put(ctx context.Context, in *pb.PutRequest, opts ...grpc.CallOption) (resp *pb.PutResponse, err error) {
+	err = rkv.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rkv.kc.Put(rctx, in, opts...)
 		return err
 	})
 	return resp, err
 }
 
-func (rkv *retryWriteKVClient) DeleteRange(ctx context.Context, in *pb.DeleteRangeRequest, opts ...grpc.CallOption) (resp *pb.DeleteRangeResponse, err error) {
-	err = rkv.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rkv.KVClient.DeleteRange(rctx, in, opts...)
+func (rkv *nonRepeatableKVClient) DeleteRange(ctx context.Context, in *pb.DeleteRangeRequest, opts ...grpc.CallOption) (resp *pb.DeleteRangeResponse, err error) {
+	err = rkv.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rkv.kc.DeleteRange(rctx, in, opts...)
 		return err
 	})
 	return resp, err
 }
 
-func (rkv *retryWriteKVClient) Txn(ctx context.Context, in *pb.TxnRequest, opts ...grpc.CallOption) (resp *pb.TxnResponse, err error) {
-	err = rkv.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rkv.KVClient.Txn(rctx, in, opts...)
+func (rkv *nonRepeatableKVClient) Txn(ctx context.Context, in *pb.TxnRequest, opts ...grpc.CallOption) (resp *pb.TxnResponse, err error) {
+	// TODO: repeatableRetry if read-only txn
+	err = rkv.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rkv.kc.Txn(rctx, in, opts...)
 		return err
 	})
 	return resp, err
 }
 
-func (rkv *retryWriteKVClient) Compact(ctx context.Context, in *pb.CompactionRequest, opts ...grpc.CallOption) (resp *pb.CompactionResponse, err error) {
-	err = rkv.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rkv.KVClient.Compact(rctx, in, opts...)
+func (rkv *nonRepeatableKVClient) Compact(ctx context.Context, in *pb.CompactionRequest, opts ...grpc.CallOption) (resp *pb.CompactionResponse, err error) {
+	err = rkv.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rkv.kc.Compact(rctx, in, opts...)
 		return err
 	})
 	return resp, err
 }
 
 type retryLeaseClient struct {
-	pb.LeaseClient
-	retryf retryRpcFunc
+	lc              pb.LeaseClient
+	repeatableRetry retryRPCFunc
 }
 
-// RetryLeaseClient implements a LeaseClient that uses the client's FailFast retry policy.
+// RetryLeaseClient implements a LeaseClient.
 func RetryLeaseClient(c *Client) pb.LeaseClient {
-	retry := &retryLeaseClient{pb.NewLeaseClient(c.conn), c.retryWrapper}
-	return &retryLeaseClient{retry, c.retryAuthWrapper}
+	retry := &retryLeaseClient{
+		pb.NewLeaseClient(c.conn),
+		c.newRetryWrapper(isRepeatableStopError),
+	}
+	return &retryLeaseClient{retry, c.newAuthRetryWrapper()}
+}
+
+func (rlc *retryLeaseClient) LeaseTimeToLive(ctx context.Context, in *pb.LeaseTimeToLiveRequest, opts ...grpc.CallOption) (resp *pb.LeaseTimeToLiveResponse, err error) {
+	err = rlc.repeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rlc.lc.LeaseTimeToLive(rctx, in, opts...)
+		return err
+	})
+	return resp, err
 }
 
 func (rlc *retryLeaseClient) LeaseGrant(ctx context.Context, in *pb.LeaseGrantRequest, opts ...grpc.CallOption) (resp *pb.LeaseGrantResponse, err error) {
-	err = rlc.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rlc.LeaseClient.LeaseGrant(rctx, in, opts...)
+	err = rlc.repeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rlc.lc.LeaseGrant(rctx, in, opts...)
 		return err
 	})
 	return resp, err
@@ -153,140 +201,270 @@ func (rlc *retryLeaseClient) LeaseGrant(ctx context.Context, in *pb.LeaseGrantRe
 }
 
 func (rlc *retryLeaseClient) LeaseRevoke(ctx context.Context, in *pb.LeaseRevokeRequest, opts ...grpc.CallOption) (resp *pb.LeaseRevokeResponse, err error) {
-	err = rlc.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rlc.LeaseClient.LeaseRevoke(rctx, in, opts...)
+	err = rlc.repeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rlc.lc.LeaseRevoke(rctx, in, opts...)
 		return err
 	})
 	return resp, err
 }
 
+func (rlc *retryLeaseClient) LeaseKeepAlive(ctx context.Context, opts ...grpc.CallOption) (stream pb.Lease_LeaseKeepAliveClient, err error) {
+	err = rlc.repeatableRetry(ctx, func(rctx context.Context) error {
+		stream, err = rlc.lc.LeaseKeepAlive(rctx, opts...)
+		return err
+	})
+	return stream, err
+}
+
 type retryClusterClient struct {
-	pb.ClusterClient
-	retryf retryRpcFunc
+	*nonRepeatableClusterClient
+	repeatableRetry retryRPCFunc
 }
 
-// RetryClusterClient implements a ClusterClient that uses the client's FailFast retry policy.
+// RetryClusterClient implements a ClusterClient.
 func RetryClusterClient(c *Client) pb.ClusterClient {
-	return &retryClusterClient{pb.NewClusterClient(c.conn), c.retryWrapper}
+	repeatableRetry := c.newRetryWrapper(isRepeatableStopError)
+	nonRepeatableRetry := c.newRetryWrapper(isNonRepeatableStopError)
+	cc := pb.NewClusterClient(c.conn)
+	return &retryClusterClient{&nonRepeatableClusterClient{cc, nonRepeatableRetry}, repeatableRetry}
+}
+
+func (rcc *retryClusterClient) MemberList(ctx context.Context, in *pb.MemberListRequest, opts ...grpc.CallOption) (resp *pb.MemberListResponse, err error) {
+	err = rcc.repeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rcc.cc.MemberList(rctx, in, opts...)
+		return err
+	})
+	return resp, err
+}
+
+type nonRepeatableClusterClient struct {
+	cc                 pb.ClusterClient
+	nonRepeatableRetry retryRPCFunc
+}
+
+func (rcc *nonRepeatableClusterClient) MemberAdd(ctx context.Context, in *pb.MemberAddRequest, opts ...grpc.CallOption) (resp *pb.MemberAddResponse, err error) {
+	err = rcc.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rcc.cc.MemberAdd(rctx, in, opts...)
+		return err
+	})
+	return resp, err
+}
+
+func (rcc *nonRepeatableClusterClient) MemberRemove(ctx context.Context, in *pb.MemberRemoveRequest, opts ...grpc.CallOption) (resp *pb.MemberRemoveResponse, err error) {
+	err = rcc.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rcc.cc.MemberRemove(rctx, in, opts...)
+		return err
+	})
+	return resp, err
+}
+
+func (rcc *nonRepeatableClusterClient) MemberUpdate(ctx context.Context, in *pb.MemberUpdateRequest, opts ...grpc.CallOption) (resp *pb.MemberUpdateResponse, err error) {
+	err = rcc.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rcc.cc.MemberUpdate(rctx, in, opts...)
+		return err
+	})
+	return resp, err
+}
+
+// RetryMaintenanceClient implements a Maintenance.
+func RetryMaintenanceClient(c *Client, conn *grpc.ClientConn) pb.MaintenanceClient {
+	repeatableRetry := c.newRetryWrapper(isRepeatableStopError)
+	nonRepeatableRetry := c.newRetryWrapper(isNonRepeatableStopError)
+	mc := pb.NewMaintenanceClient(conn)
+	return &retryMaintenanceClient{&nonRepeatableMaintenanceClient{mc, nonRepeatableRetry}, repeatableRetry}
+}
+
+type retryMaintenanceClient struct {
+	*nonRepeatableMaintenanceClient
+	repeatableRetry retryRPCFunc
 }
 
-func (rcc *retryClusterClient) MemberAdd(ctx context.Context, in *pb.MemberAddRequest, opts ...grpc.CallOption) (resp *pb.MemberAddResponse, err error) {
-	err = rcc.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rcc.ClusterClient.MemberAdd(rctx, in, opts...)
+func (rmc *retryMaintenanceClient) Alarm(ctx context.Context, in *pb.AlarmRequest, opts ...grpc.CallOption) (resp *pb.AlarmResponse, err error) {
+	err = rmc.repeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rmc.mc.Alarm(rctx, in, opts...)
 		return err
 	})
 	return resp, err
 }
 
-func (rcc *retryClusterClient) MemberRemove(ctx context.Context, in *pb.MemberRemoveRequest, opts ...grpc.CallOption) (resp *pb.MemberRemoveResponse, err error) {
-	err = rcc.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rcc.ClusterClient.MemberRemove(rctx, in, opts...)
+func (rmc *retryMaintenanceClient) Status(ctx context.Context, in *pb.StatusRequest, opts ...grpc.CallOption) (resp *pb.StatusResponse, err error) {
+	err = rmc.repeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rmc.mc.Status(rctx, in, opts...)
 		return err
 	})
 	return resp, err
 }
 
-func (rcc *retryClusterClient) MemberUpdate(ctx context.Context, in *pb.MemberUpdateRequest, opts ...grpc.CallOption) (resp *pb.MemberUpdateResponse, err error) {
-	err = rcc.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rcc.ClusterClient.MemberUpdate(rctx, in, opts...)
+func (rmc *retryMaintenanceClient) Hash(ctx context.Context, in *pb.HashRequest, opts ...grpc.CallOption) (resp *pb.HashResponse, err error) {
+	err = rmc.repeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rmc.mc.Hash(rctx, in, opts...)
+		return err
+	})
+	return resp, err
+}
+
+func (rmc *retryMaintenanceClient) Snapshot(ctx context.Context, in *pb.SnapshotRequest, opts ...grpc.CallOption) (stream pb.Maintenance_SnapshotClient, err error) {
+	err = rmc.repeatableRetry(ctx, func(rctx context.Context) error {
+		stream, err = rmc.mc.Snapshot(rctx, in, opts...)
+		return err
+	})
+	return stream, err
+}
+
+type nonRepeatableMaintenanceClient struct {
+	mc                 pb.MaintenanceClient
+	nonRepeatableRetry retryRPCFunc
+}
+
+func (rmc *nonRepeatableMaintenanceClient) Defragment(ctx context.Context, in *pb.DefragmentRequest, opts ...grpc.CallOption) (resp *pb.DefragmentResponse, err error) {
+	err = rmc.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rmc.mc.Defragment(rctx, in, opts...)
 		return err
 	})
 	return resp, err
 }
 
 type retryAuthClient struct {
-	pb.AuthClient
-	retryf retryRpcFunc
+	*nonRepeatableAuthClient
+	repeatableRetry retryRPCFunc
 }
 
-// RetryAuthClient implements a AuthClient that uses the client's FailFast retry policy.
+// RetryAuthClient implements a AuthClient.
 func RetryAuthClient(c *Client) pb.AuthClient {
-	return &retryAuthClient{pb.NewAuthClient(c.conn), c.retryWrapper}
+	repeatableRetry := c.newRetryWrapper(isRepeatableStopError)
+	nonRepeatableRetry := c.newRetryWrapper(isNonRepeatableStopError)
+	ac := pb.NewAuthClient(c.conn)
+	return &retryAuthClient{&nonRepeatableAuthClient{ac, nonRepeatableRetry}, repeatableRetry}
+}
+
+func (rac *retryAuthClient) UserList(ctx context.Context, in *pb.AuthUserListRequest, opts ...grpc.CallOption) (resp *pb.AuthUserListResponse, err error) {
+	err = rac.repeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rac.ac.UserList(rctx, in, opts...)
+		return err
+	})
+	return resp, err
+}
+
+func (rac *retryAuthClient) UserGet(ctx context.Context, in *pb.AuthUserGetRequest, opts ...grpc.CallOption) (resp *pb.AuthUserGetResponse, err error) {
+	err = rac.repeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rac.ac.UserGet(rctx, in, opts...)
+		return err
+	})
+	return resp, err
+}
+
+func (rac *retryAuthClient) RoleGet(ctx context.Context, in *pb.AuthRoleGetRequest, opts ...grpc.CallOption) (resp *pb.AuthRoleGetResponse, err error) {
+	err = rac.repeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rac.ac.RoleGet(rctx, in, opts...)
+		return err
+	})
+	return resp, err
+}
+
+func (rac *retryAuthClient) RoleList(ctx context.Context, in *pb.AuthRoleListRequest, opts ...grpc.CallOption) (resp *pb.AuthRoleListResponse, err error) {
+	err = rac.repeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rac.ac.RoleList(rctx, in, opts...)
+		return err
+	})
+	return resp, err
+}
+
+type nonRepeatableAuthClient struct {
+	ac                 pb.AuthClient
+	nonRepeatableRetry retryRPCFunc
+}
+
+func (rac *nonRepeatableAuthClient) AuthEnable(ctx context.Context, in *pb.AuthEnableRequest, opts ...grpc.CallOption) (resp *pb.AuthEnableResponse, err error) {
+	err = rac.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rac.ac.AuthEnable(rctx, in, opts...)
+		return err
+	})
+	return resp, err
 }
 
-func (rac *retryAuthClient) AuthEnable(ctx context.Context, in *pb.AuthEnableRequest, opts ...grpc.CallOption) (resp *pb.AuthEnableResponse, err error) {
-	err = rac.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rac.AuthClient.AuthEnable(rctx, in, opts...)
+func (rac *nonRepeatableAuthClient) AuthDisable(ctx context.Context, in *pb.AuthDisableRequest, opts ...grpc.CallOption) (resp *pb.AuthDisableResponse, err error) {
+	err = rac.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rac.ac.AuthDisable(rctx, in, opts...)
 		return err
 	})
 	return resp, err
 }
 
-func (rac *retryAuthClient) AuthDisable(ctx context.Context, in *pb.AuthDisableRequest, opts ...grpc.CallOption) (resp *pb.AuthDisableResponse, err error) {
-	err = rac.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rac.AuthClient.AuthDisable(rctx, in, opts...)
+func (rac *nonRepeatableAuthClient) UserAdd(ctx context.Context, in *pb.AuthUserAddRequest, opts ...grpc.CallOption) (resp *pb.AuthUserAddResponse, err error) {
+	err = rac.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rac.ac.UserAdd(rctx, in, opts...)
 		return err
 	})
 	return resp, err
 }
 
-func (rac *retryAuthClient) UserAdd(ctx context.Context, in *pb.AuthUserAddRequest, opts ...grpc.CallOption) (resp *pb.AuthUserAddResponse, err error) {
-	err = rac.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rac.AuthClient.UserAdd(rctx, in, opts...)
+func (rac *nonRepeatableAuthClient) UserDelete(ctx context.Context, in *pb.AuthUserDeleteRequest, opts ...grpc.CallOption) (resp *pb.AuthUserDeleteResponse, err error) {
+	err = rac.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rac.ac.UserDelete(rctx, in, opts...)
 		return err
 	})
 	return resp, err
 }
 
-func (rac *retryAuthClient) UserDelete(ctx context.Context, in *pb.AuthUserDeleteRequest, opts ...grpc.CallOption) (resp *pb.AuthUserDeleteResponse, err error) {
-	err = rac.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rac.AuthClient.UserDelete(rctx, in, opts...)
+func (rac *nonRepeatableAuthClient) UserChangePassword(ctx context.Context, in *pb.AuthUserChangePasswordRequest, opts ...grpc.CallOption) (resp *pb.AuthUserChangePasswordResponse, err error) {
+	err = rac.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rac.ac.UserChangePassword(rctx, in, opts...)
 		return err
 	})
 	return resp, err
 }
 
-func (rac *retryAuthClient) UserChangePassword(ctx context.Context, in *pb.AuthUserChangePasswordRequest, opts ...grpc.CallOption) (resp *pb.AuthUserChangePasswordResponse, err error) {
-	err = rac.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rac.AuthClient.UserChangePassword(rctx, in, opts...)
+func (rac *nonRepeatableAuthClient) UserGrantRole(ctx context.Context, in *pb.AuthUserGrantRoleRequest, opts ...grpc.CallOption) (resp *pb.AuthUserGrantRoleResponse, err error) {
+	err = rac.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rac.ac.UserGrantRole(rctx, in, opts...)
 		return err
 	})
 	return resp, err
 }
 
-func (rac *retryAuthClient) UserGrantRole(ctx context.Context, in *pb.AuthUserGrantRoleRequest, opts ...grpc.CallOption) (resp *pb.AuthUserGrantRoleResponse, err error) {
-	err = rac.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rac.AuthClient.UserGrantRole(rctx, in, opts...)
+func (rac *nonRepeatableAuthClient) UserRevokeRole(ctx context.Context, in *pb.AuthUserRevokeRoleRequest, opts ...grpc.CallOption) (resp *pb.AuthUserRevokeRoleResponse, err error) {
+	err = rac.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rac.ac.UserRevokeRole(rctx, in, opts...)
 		return err
 	})
 	return resp, err
 }
 
-func (rac *retryAuthClient) UserRevokeRole(ctx context.Context, in *pb.AuthUserRevokeRoleRequest, opts ...grpc.CallOption) (resp *pb.AuthUserRevokeRoleResponse, err error) {
-	err = rac.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rac.AuthClient.UserRevokeRole(rctx, in, opts...)
+func (rac *nonRepeatableAuthClient) RoleAdd(ctx context.Context, in *pb.AuthRoleAddRequest, opts ...grpc.CallOption) (resp *pb.AuthRoleAddResponse, err error) {
+	err = rac.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rac.ac.RoleAdd(rctx, in, opts...)
 		return err
 	})
 	return resp, err
 }
 
-func (rac *retryAuthClient) RoleAdd(ctx context.Context, in *pb.AuthRoleAddRequest, opts ...grpc.CallOption) (resp *pb.AuthRoleAddResponse, err error) {
-	err = rac.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rac.AuthClient.RoleAdd(rctx, in, opts...)
+func (rac *nonRepeatableAuthClient) RoleDelete(ctx context.Context, in *pb.AuthRoleDeleteRequest, opts ...grpc.CallOption) (resp *pb.AuthRoleDeleteResponse, err error) {
+	err = rac.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rac.ac.RoleDelete(rctx, in, opts...)
 		return err
 	})
 	return resp, err
 }
 
-func (rac *retryAuthClient) RoleDelete(ctx context.Context, in *pb.AuthRoleDeleteRequest, opts ...grpc.CallOption) (resp *pb.AuthRoleDeleteResponse, err error) {
-	err = rac.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rac.AuthClient.RoleDelete(rctx, in, opts...)
+func (rac *nonRepeatableAuthClient) RoleGrantPermission(ctx context.Context, in *pb.AuthRoleGrantPermissionRequest, opts ...grpc.CallOption) (resp *pb.AuthRoleGrantPermissionResponse, err error) {
+	err = rac.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rac.ac.RoleGrantPermission(rctx, in, opts...)
 		return err
 	})
 	return resp, err
 }
 
-func (rac *retryAuthClient) RoleGrantPermission(ctx context.Context, in *pb.AuthRoleGrantPermissionRequest, opts ...grpc.CallOption) (resp *pb.AuthRoleGrantPermissionResponse, err error) {
-	err = rac.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rac.AuthClient.RoleGrantPermission(rctx, in, opts...)
+func (rac *nonRepeatableAuthClient) RoleRevokePermission(ctx context.Context, in *pb.AuthRoleRevokePermissionRequest, opts ...grpc.CallOption) (resp *pb.AuthRoleRevokePermissionResponse, err error) {
+	err = rac.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rac.ac.RoleRevokePermission(rctx, in, opts...)
 		return err
 	})
 	return resp, err
 }
 
-func (rac *retryAuthClient) RoleRevokePermission(ctx context.Context, in *pb.AuthRoleRevokePermissionRequest, opts ...grpc.CallOption) (resp *pb.AuthRoleRevokePermissionResponse, err error) {
-	err = rac.retryf(ctx, func(rctx context.Context) error {
-		resp, err = rac.AuthClient.RoleRevokePermission(rctx, in, opts...)
+func (rac *nonRepeatableAuthClient) Authenticate(ctx context.Context, in *pb.AuthenticateRequest, opts ...grpc.CallOption) (resp *pb.AuthenticateResponse, err error) {
+	err = rac.nonRepeatableRetry(ctx, func(rctx context.Context) error {
+		resp, err = rac.ac.Authenticate(rctx, in, opts...)
 		return err
 	})
 	return resp, err
diff --git a/vendor/github.com/coreos/etcd/clientv3/txn.go b/vendor/github.com/coreos/etcd/clientv3/txn.go
index a61decd6406d..1a80c8ebaabe 100644
--- a/vendor/github.com/coreos/etcd/clientv3/txn.go
+++ b/vendor/github.com/coreos/etcd/clientv3/txn.go
@@ -18,13 +18,14 @@ import (
 	"sync"
 
 	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
+
 	"golang.org/x/net/context"
 	"google.golang.org/grpc"
 )
 
 // Txn is the interface that wraps mini-transactions.
 //
-//	 Tx.If(
+//	 Txn(context.TODO()).If(
 //	  Compare(Value(k1), ">", v1),
 //	  Compare(Version(k1), "=", 2)
 //	 ).Then(
@@ -49,8 +50,6 @@ type Txn interface {
 
 	// Commit tries to commit the transaction.
 	Commit() (*TxnResponse, error)
-
-	// TODO: add a Do for shortcut the txn without any condition?
 }
 
 type txn struct {
@@ -68,6 +67,8 @@ type txn struct {
 
 	sus []*pb.RequestOp
 	fas []*pb.RequestOp
+
+	callOpts []grpc.CallOption
 }
 
 func (txn *txn) If(cs ...Cmp) Txn {
@@ -137,30 +138,14 @@ func (txn *txn) Else(ops ...Op) Txn {
 func (txn *txn) Commit() (*TxnResponse, error) {
 	txn.mu.Lock()
 	defer txn.mu.Unlock()
-	for {
-		resp, err := txn.commit()
-		if err == nil {
-			return resp, err
-		}
-		if isHaltErr(txn.ctx, err) {
-			return nil, toErr(txn.ctx, err)
-		}
-		if txn.isWrite {
-			return nil, toErr(txn.ctx, err)
-		}
-	}
-}
 
-func (txn *txn) commit() (*TxnResponse, error) {
 	r := &pb.TxnRequest{Compare: txn.cmps, Success: txn.sus, Failure: txn.fas}
 
-	var opts []grpc.CallOption
-	if !txn.isWrite {
-		opts = []grpc.CallOption{grpc.FailFast(false)}
-	}
-	resp, err := txn.kv.remote.Txn(txn.ctx, r, opts...)
+	var resp *pb.TxnResponse
+	var err error
+	resp, err = txn.kv.remote.Txn(txn.ctx, r, txn.callOpts...)
 	if err != nil {
-		return nil, err
+		return nil, toErr(txn.ctx, err)
 	}
 	return (*TxnResponse)(resp), nil
 }
diff --git a/vendor/github.com/coreos/etcd/clientv3/watch.go b/vendor/github.com/coreos/etcd/clientv3/watch.go
index 9b083cc94627..16a91fdff404 100644
--- a/vendor/github.com/coreos/etcd/clientv3/watch.go
+++ b/vendor/github.com/coreos/etcd/clientv3/watch.go
@@ -22,8 +22,12 @@ import (
 	v3rpc "github.com/coreos/etcd/etcdserver/api/v3rpc/rpctypes"
 	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
 	mvccpb "github.com/coreos/etcd/mvcc/mvccpb"
+
 	"golang.org/x/net/context"
 	"google.golang.org/grpc"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/metadata"
+	"google.golang.org/grpc/status"
 )
 
 const (
@@ -39,10 +43,9 @@ type WatchChan <-chan WatchResponse
 
 type Watcher interface {
 	// Watch watches on a key or prefix. The watched events will be returned
-	// through the returned channel.
-	// If the watch is slow or the required rev is compacted, the watch request
-	// might be canceled from the server-side and the chan will be closed.
-	// 'opts' can be: 'WithRev' and/or 'WithPrefix'.
+	// through the returned channel. If revisions waiting to be sent over the
+	// watch are compacted, then the watch will be canceled by the server, the
+	// client will post a compacted error watch response, and the channel will close.
 	Watch(ctx context.Context, key string, opts ...OpOption) WatchChan
 
 	// Close closes the watcher and cancels all watch requests.
@@ -65,6 +68,9 @@ type WatchResponse struct {
 	Created bool
 
 	closeErr error
+
+	// cancelReason is a reason of canceling watch
+	cancelReason string
 }
 
 // IsCreate returns true if the event tells that the key is newly created.
@@ -85,6 +91,9 @@ func (wr *WatchResponse) Err() error {
 	case wr.CompactRevision != 0:
 		return v3rpc.ErrCompacted
 	case wr.Canceled:
+		if len(wr.cancelReason) != 0 {
+			return v3rpc.Error(status.Error(codes.FailedPrecondition, wr.cancelReason))
+		}
 		return v3rpc.ErrFutureRev
 	}
 	return nil
@@ -97,7 +106,8 @@ func (wr *WatchResponse) IsProgressNotify() bool {
 
 // watcher implements the Watcher interface
 type watcher struct {
-	remote pb.WatchClient
+	remote   pb.WatchClient
+	callOpts []grpc.CallOption
 
 	// mu protects the grpc streams map
 	mu sync.RWMutex
@@ -108,8 +118,9 @@ type watcher struct {
 
 // watchGrpcStream tracks all watch resources attached to a single grpc stream.
 type watchGrpcStream struct {
-	owner  *watcher
-	remote pb.WatchClient
+	owner    *watcher
+	remote   pb.WatchClient
+	callOpts []grpc.CallOption
 
 	// ctx controls internal remote.Watch requests
 	ctx context.Context
@@ -128,7 +139,7 @@ type watchGrpcStream struct {
 	respc chan *pb.WatchResponse
 	// donec closes to broadcast shutdown
 	donec chan struct{}
-	// errc transmits errors from grpc Recv to the watch stream reconn logic
+	// errc transmits errors from grpc Recv to the watch stream reconnect logic
 	errc chan error
 	// closingc gets the watcherStream of closing watchers
 	closingc chan *watcherStream
@@ -180,14 +191,18 @@ type watcherStream struct {
 }
 
 func NewWatcher(c *Client) Watcher {
-	return NewWatchFromWatchClient(pb.NewWatchClient(c.conn))
+	return NewWatchFromWatchClient(pb.NewWatchClient(c.conn), c)
 }
 
-func NewWatchFromWatchClient(wc pb.WatchClient) Watcher {
-	return &watcher{
+func NewWatchFromWatchClient(wc pb.WatchClient, c *Client) Watcher {
+	w := &watcher{
 		remote:  wc,
 		streams: make(map[string]*watchGrpcStream),
 	}
+	if c != nil {
+		w.callOpts = c.callOpts
+	}
+	return w
 }
 
 // never closes
@@ -206,17 +221,17 @@ func (w *watcher) newWatcherGrpcStream(inctx context.Context) *watchGrpcStream {
 	wgs := &watchGrpcStream{
 		owner:      w,
 		remote:     w.remote,
+		callOpts:   w.callOpts,
 		ctx:        ctx,
-		ctxKey:     fmt.Sprintf("%v", inctx),
+		ctxKey:     streamKeyFromCtx(inctx),
 		cancel:     cancel,
 		substreams: make(map[int64]*watcherStream),
-
-		respc:    make(chan *pb.WatchResponse),
-		reqc:     make(chan *watchRequest),
-		donec:    make(chan struct{}),
-		errc:     make(chan error, 1),
-		closingc: make(chan *watcherStream),
-		resumec:  make(chan struct{}),
+		respc:      make(chan *pb.WatchResponse),
+		reqc:       make(chan *watchRequest),
+		donec:      make(chan struct{}),
+		errc:       make(chan error, 1),
+		closingc:   make(chan *watcherStream),
+		resumec:    make(chan struct{}),
 	}
 	go wgs.run()
 	return wgs
@@ -247,7 +262,7 @@ func (w *watcher) Watch(ctx context.Context, key string, opts ...OpOption) Watch
 	}
 
 	ok := false
-	ctxKey := fmt.Sprintf("%v", ctx)
+	ctxKey := streamKeyFromCtx(ctx)
 
 	// find or allocate appropriate grpc watch stream
 	w.mu.Lock()
@@ -310,14 +325,14 @@ func (w *watcher) Close() (err error) {
 	w.streams = nil
 	w.mu.Unlock()
 	for _, wgs := range streams {
-		if werr := wgs.Close(); werr != nil {
+		if werr := wgs.close(); werr != nil {
 			err = werr
 		}
 	}
 	return err
 }
 
-func (w *watchGrpcStream) Close() (err error) {
+func (w *watchGrpcStream) close() (err error) {
 	w.cancel()
 	<-w.donec
 	select {
@@ -428,7 +443,7 @@ func (w *watchGrpcStream) run() {
 				initReq: *wreq,
 				id:      -1,
 				outc:    outc,
-				// unbufffered so resumes won't cause repeat events
+				// unbuffered so resumes won't cause repeat events
 				recvc: make(chan *WatchResponse),
 			}
 
@@ -480,7 +495,7 @@ func (w *watchGrpcStream) run() {
 				req := &pb.WatchRequest{RequestUnion: cr}
 				wc.Send(req)
 			}
-		// watch client failed to recv; spawn another if possible
+		// watch client failed on Recv; spawn another if possible
 		case err := <-w.errc:
 			if isHaltErr(w.ctx, err) || toErr(w.ctx, err) == v3rpc.ErrNoLeader {
 				closeErr = err
@@ -520,10 +535,6 @@ func (w *watchGrpcStream) nextResume() *watcherStream {
 
 // dispatchEvent sends a WatchResponse to the appropriate watcher stream
 func (w *watchGrpcStream) dispatchEvent(pbresp *pb.WatchResponse) bool {
-	ws, ok := w.substreams[pbresp.WatchId]
-	if !ok {
-		return false
-	}
 	events := make([]*Event, len(pbresp.Events))
 	for i, ev := range pbresp.Events {
 		events[i] = (*Event)(ev)
@@ -534,6 +545,11 @@ func (w *watchGrpcStream) dispatchEvent(pbresp *pb.WatchResponse) bool {
 		CompactRevision: pbresp.CompactRevision,
 		Created:         pbresp.Created,
 		Canceled:        pbresp.Canceled,
+		cancelReason:    pbresp.CancelReason,
+	}
+	ws, ok := w.substreams[pbresp.WatchId]
+	if !ok {
+		return false
 	}
 	select {
 	case ws.recvc <- wr:
@@ -725,7 +741,11 @@ func (w *watchGrpcStream) waitCancelSubstreams(stopc <-chan struct{}) <-chan str
 				ws.closing = true
 				close(ws.outc)
 				ws.outc = nil
-				go func() { w.closingc <- ws }()
+				w.wg.Add(1)
+				go func() {
+					defer w.wg.Done()
+					w.closingc <- ws
+				}()
 			case <-stopc:
 			}
 		}(w.resuming[i])
@@ -737,7 +757,7 @@ func (w *watchGrpcStream) waitCancelSubstreams(stopc <-chan struct{}) <-chan str
 	return donec
 }
 
-// joinSubstream waits for all substream goroutines to complete
+// joinSubstreams waits for all substream goroutines to complete.
 func (w *watchGrpcStream) joinSubstreams() {
 	for _, ws := range w.substreams {
 		<-ws.donec
@@ -749,7 +769,9 @@ func (w *watchGrpcStream) joinSubstreams() {
 	}
 }
 
-// openWatchClient retries opening a watchclient until retryConnection fails
+// openWatchClient retries opening a watch client until success or halt.
+// manually retry in case "ws==nil && err==nil"
+// TODO: remove FailFast=false
 func (w *watchGrpcStream) openWatchClient() (ws pb.Watch_WatchClient, err error) {
 	for {
 		select {
@@ -760,7 +782,7 @@ func (w *watchGrpcStream) openWatchClient() (ws pb.Watch_WatchClient, err error)
 			return nil, err
 		default:
 		}
-		if ws, err = w.remote.Watch(w.ctx, grpc.FailFast(false)); ws != nil && err == nil {
+		if ws, err = w.remote.Watch(w.ctx, w.callOpts...); ws != nil && err == nil {
 			break
 		}
 		if isHaltErr(w.ctx, err) {
@@ -770,7 +792,7 @@ func (w *watchGrpcStream) openWatchClient() (ws pb.Watch_WatchClient, err error)
 	return ws, nil
 }
 
-// toPB converts an internal watch request structure to its protobuf messagefunc (wr *watchRequest)
+// toPB converts an internal watch request structure to its protobuf WatchRequest structure.
 func (wr *watchRequest) toPB() *pb.WatchRequest {
 	req := &pb.WatchCreateRequest{
 		StartRevision:  wr.rev,
@@ -783,3 +805,10 @@ func (wr *watchRequest) toPB() *pb.WatchRequest {
 	cr := &pb.WatchRequest_CreateRequest{CreateRequest: req}
 	return &pb.WatchRequest{RequestUnion: cr}
 }
+
+func streamKeyFromCtx(ctx context.Context) string {
+	if md, ok := metadata.FromOutgoingContext(ctx); ok {
+		return fmt.Sprintf("%+v", md)
+	}
+	return ""
+}
diff --git a/vendor/github.com/coreos/etcd/compactor/compactor.go b/vendor/github.com/coreos/etcd/compactor/compactor.go
index 322a0987011c..5cf7b65094a3 100644
--- a/vendor/github.com/coreos/etcd/compactor/compactor.go
+++ b/vendor/github.com/coreos/etcd/compactor/compactor.go
@@ -30,7 +30,8 @@ var (
 )
 
 const (
-	checkCompactionInterval = 5 * time.Minute
+	checkCompactionInterval   = 5 * time.Minute
+	executeCompactionInterval = time.Hour
 )
 
 type Compactable interface {
@@ -41,6 +42,8 @@ type RevGetter interface {
 	Rev() int64
 }
 
+// Periodic compacts the log by purging revisions older than
+// the configured retention time. Compaction happens hourly.
 type Periodic struct {
 	clock        clockwork.Clock
 	periodInHour int
@@ -85,11 +88,12 @@ func (t *Periodic) Run() {
 					continue
 				}
 			}
-			if clock.Now().Sub(last) < time.Duration(t.periodInHour)*time.Hour {
+
+			if clock.Now().Sub(last) < executeCompactionInterval {
 				continue
 			}
 
-			rev := t.getRev(t.periodInHour)
+			rev, remaining := t.getRev(t.periodInHour)
 			if rev < 0 {
 				continue
 			}
@@ -97,11 +101,11 @@ func (t *Periodic) Run() {
 			plog.Noticef("Starting auto-compaction at revision %d", rev)
 			_, err := t.c.Compact(t.ctx, &pb.CompactionRequest{Revision: rev})
 			if err == nil || err == mvcc.ErrCompacted {
-				t.revs = make([]int64, 0)
+				t.revs = remaining
 				last = clock.Now()
 				plog.Noticef("Finished auto-compaction at revision %d", rev)
 			} else {
-				plog.Noticef("Failed auto-compaction at revision %d (%v)", err, rev)
+				plog.Noticef("Failed auto-compaction at revision %d (%v)", rev, err)
 				plog.Noticef("Retry after %v", checkCompactionInterval)
 			}
 		}
@@ -124,10 +128,10 @@ func (t *Periodic) Resume() {
 	t.paused = false
 }
 
-func (t *Periodic) getRev(h int) int64 {
+func (t *Periodic) getRev(h int) (int64, []int64) {
 	i := len(t.revs) - int(time.Duration(h)*time.Hour/checkCompactionInterval)
 	if i < 0 {
-		return -1
+		return -1, t.revs
 	}
-	return t.revs[i]
+	return t.revs[i], t.revs[i+1:]
 }
diff --git a/vendor/github.com/coreos/etcd/discovery/srv.go b/vendor/github.com/coreos/etcd/discovery/srv.go
deleted file mode 100644
index c3d20ca92437..000000000000
--- a/vendor/github.com/coreos/etcd/discovery/srv.go
+++ /dev/null
@@ -1,104 +0,0 @@
-// Copyright 2015 The etcd Authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package discovery
-
-import (
-	"fmt"
-	"net"
-	"net/url"
-	"strings"
-
-	"github.com/coreos/etcd/pkg/types"
-)
-
-var (
-	// indirection for testing
-	lookupSRV      = net.LookupSRV
-	resolveTCPAddr = net.ResolveTCPAddr
-)
-
-// SRVGetCluster gets the cluster information via DNS discovery.
-// TODO(barakmich): Currently ignores priority and weight (as they don't make as much sense for a bootstrap)
-// Also doesn't do any lookups for the token (though it could)
-// Also sees each entry as a separate instance.
-func SRVGetCluster(name, dns string, defaultToken string, apurls types.URLs) (string, string, error) {
-	tempName := int(0)
-	tcp2ap := make(map[string]url.URL)
-
-	// First, resolve the apurls
-	for _, url := range apurls {
-		tcpAddr, err := resolveTCPAddr("tcp", url.Host)
-		if err != nil {
-			plog.Errorf("couldn't resolve host %s during SRV discovery", url.Host)
-			return "", "", err
-		}
-		tcp2ap[tcpAddr.String()] = url
-	}
-
-	stringParts := []string{}
-	updateNodeMap := func(service, scheme string) error {
-		_, addrs, err := lookupSRV(service, "tcp", dns)
-		if err != nil {
-			return err
-		}
-		for _, srv := range addrs {
-			port := fmt.Sprintf("%d", srv.Port)
-			host := net.JoinHostPort(srv.Target, port)
-			tcpAddr, err := resolveTCPAddr("tcp", host)
-			if err != nil {
-				plog.Warningf("couldn't resolve host %s during SRV discovery", host)
-				continue
-			}
-			n := ""
-			url, ok := tcp2ap[tcpAddr.String()]
-			if ok {
-				n = name
-			}
-			if n == "" {
-				n = fmt.Sprintf("%d", tempName)
-				tempName++
-			}
-			// SRV records have a trailing dot but URL shouldn't.
-			shortHost := strings.TrimSuffix(srv.Target, ".")
-			urlHost := net.JoinHostPort(shortHost, port)
-			stringParts = append(stringParts, fmt.Sprintf("%s=%s://%s", n, scheme, urlHost))
-			plog.Noticef("got bootstrap from DNS for %s at %s://%s", service, scheme, urlHost)
-			if ok && url.Scheme != scheme {
-				plog.Errorf("bootstrap at %s from DNS for %s has scheme mismatch with expected peer %s", scheme+"://"+urlHost, service, url.String())
-			}
-		}
-		return nil
-	}
-
-	failCount := 0
-	err := updateNodeMap("etcd-server-ssl", "https")
-	srvErr := make([]string, 2)
-	if err != nil {
-		srvErr[0] = fmt.Sprintf("error querying DNS SRV records for _etcd-server-ssl %s", err)
-		failCount++
-	}
-	err = updateNodeMap("etcd-server", "http")
-	if err != nil {
-		srvErr[1] = fmt.Sprintf("error querying DNS SRV records for _etcd-server %s", err)
-		failCount++
-	}
-	if failCount == 2 {
-		plog.Warningf(srvErr[0])
-		plog.Warningf(srvErr[1])
-		plog.Errorf("SRV discovery failed: too many errors querying DNS SRV records")
-		return "", "", err
-	}
-	return strings.Join(stringParts, ","), defaultToken, nil
-}
diff --git a/vendor/github.com/coreos/etcd/embed/config.go b/vendor/github.com/coreos/etcd/embed/config.go
index 242145301631..90efb3937d79 100644
--- a/vendor/github.com/coreos/etcd/embed/config.go
+++ b/vendor/github.com/coreos/etcd/embed/config.go
@@ -21,23 +21,30 @@ import (
 	"net/http"
 	"net/url"
 	"strings"
+	"time"
 
-	"github.com/coreos/etcd/discovery"
 	"github.com/coreos/etcd/etcdserver"
 	"github.com/coreos/etcd/pkg/cors"
 	"github.com/coreos/etcd/pkg/netutil"
+	"github.com/coreos/etcd/pkg/srv"
 	"github.com/coreos/etcd/pkg/transport"
 	"github.com/coreos/etcd/pkg/types"
+
 	"github.com/ghodss/yaml"
+	"google.golang.org/grpc"
 )
 
 const (
 	ClusterStateFlagNew      = "new"
 	ClusterStateFlagExisting = "existing"
 
-	DefaultName         = "default"
-	DefaultMaxSnapshots = 5
-	DefaultMaxWALs      = 5
+	DefaultName                  = "default"
+	DefaultMaxSnapshots          = 5
+	DefaultMaxWALs               = 5
+	DefaultMaxRequestBytes       = 1.5 * 1024 * 1024
+	DefaultGRPCKeepAliveMinTime  = 5 * time.Second
+	DefaultGRPCKeepAliveInterval = 2 * time.Hour
+	DefaultGRPCKeepAliveTimeout  = 20 * time.Second
 
 	DefaultListenPeerURLs   = "http://localhost:2380"
 	DefaultListenClientURLs = "http://localhost:2379"
@@ -83,6 +90,24 @@ type Config struct {
 	TickMs            uint  `json:"heartbeat-interval"`
 	ElectionMs        uint  `json:"election-timeout"`
 	QuotaBackendBytes int64 `json:"quota-backend-bytes"`
+	MaxRequestBytes   uint  `json:"max-request-bytes"`
+
+	// gRPC server options
+
+	// GRPCKeepAliveMinTime is the minimum interval that a client should
+	// wait before pinging server. When client pings "too fast", server
+	// sends goaway and closes the connection (errors: too_many_pings,
+	// http2.ErrCodeEnhanceYourCalm). When too slow, nothing happens.
+	// Server expects client pings only when there is any active streams
+	// (PermitWithoutStream is set false).
+	GRPCKeepAliveMinTime time.Duration `json:"grpc-keepalive-min-time"`
+	// GRPCKeepAliveInterval is the frequency of server-to-client ping
+	// to check if a connection is alive. Close a non-responsive connection
+	// after an additional duration of Timeout. 0 to disable.
+	GRPCKeepAliveInterval time.Duration `json:"grpc-keepalive-interval"`
+	// GRPCKeepAliveTimeout is the additional duration of wait
+	// before closing a non-responsive connection. 0 to disable.
+	GRPCKeepAliveTimeout time.Duration `json:"grpc-keepalive-timeout"`
 
 	// clustering
 
@@ -94,6 +119,7 @@ type Config struct {
 	InitialCluster      string `json:"initial-cluster"`
 	InitialClusterToken string `json:"initial-cluster-token"`
 	StrictReconfigCheck bool   `json:"strict-reconfig-check"`
+	EnableV2            bool   `json:"enable-v2"`
 
 	// security
 
@@ -106,7 +132,7 @@ type Config struct {
 
 	Debug        bool   `json:"debug"`
 	LogPkgLevels string `json:"log-package-levels"`
-	EnablePprof  bool
+	EnablePprof  bool   `json:"enable-pprof"`
 	Metrics      string `json:"metrics"`
 
 	// ForceNewCluster starts a new cluster even if previously started; unsafe.
@@ -117,6 +143,18 @@ type Config struct {
 	// The map key is the route path for the handler, and
 	// you must ensure it can't be conflicted with etcd's.
 	UserHandlers map[string]http.Handler `json:"-"`
+	// ServiceRegister is for registering users' gRPC services. A simple usage example:
+	//	cfg := embed.NewConfig()
+	//	cfg.ServerRegister = func(s *grpc.Server) {
+	//		pb.RegisterFooServer(s, &fooServer{})
+	//		pb.RegisterBarServer(s, &barServer{})
+	//	}
+	//	embed.StartEtcd(cfg)
+	ServiceRegister func(*grpc.Server) `json:"-"`
+
+	// auth
+
+	AuthToken string `json:"auth-token"`
 }
 
 // configYAML holds the config suitable for yaml parsing
@@ -152,21 +190,27 @@ func NewConfig() *Config {
 	lcurl, _ := url.Parse(DefaultListenClientURLs)
 	acurl, _ := url.Parse(DefaultAdvertiseClientURLs)
 	cfg := &Config{
-		CorsInfo:            &cors.CORSInfo{},
-		MaxSnapFiles:        DefaultMaxSnapshots,
-		MaxWalFiles:         DefaultMaxWALs,
-		Name:                DefaultName,
-		SnapCount:           etcdserver.DefaultSnapCount,
-		TickMs:              100,
-		ElectionMs:          1000,
-		LPUrls:              []url.URL{*lpurl},
-		LCUrls:              []url.URL{*lcurl},
-		APUrls:              []url.URL{*apurl},
-		ACUrls:              []url.URL{*acurl},
-		ClusterState:        ClusterStateFlagNew,
-		InitialClusterToken: "etcd-cluster",
-		StrictReconfigCheck: true,
-		Metrics:             "basic",
+		CorsInfo:              &cors.CORSInfo{},
+		MaxSnapFiles:          DefaultMaxSnapshots,
+		MaxWalFiles:           DefaultMaxWALs,
+		Name:                  DefaultName,
+		SnapCount:             etcdserver.DefaultSnapCount,
+		MaxRequestBytes:       DefaultMaxRequestBytes,
+		GRPCKeepAliveMinTime:  DefaultGRPCKeepAliveMinTime,
+		GRPCKeepAliveInterval: DefaultGRPCKeepAliveInterval,
+		GRPCKeepAliveTimeout:  DefaultGRPCKeepAliveTimeout,
+		TickMs:                100,
+		ElectionMs:            1000,
+		LPUrls:                []url.URL{*lpurl},
+		LCUrls:                []url.URL{*lcurl},
+		APUrls:                []url.URL{*apurl},
+		ACUrls:                []url.URL{*acurl},
+		ClusterState:          ClusterStateFlagNew,
+		InitialClusterToken:   "etcd-cluster",
+		StrictReconfigCheck:   true,
+		Metrics:               "basic",
+		EnableV2:              true,
+		AuthToken:             "simple",
 	}
 	cfg.InitialCluster = cfg.InitialClusterFromName(cfg.Name)
 	return cfg
@@ -186,6 +230,8 @@ func (cfg *configYAML) configFromFile(path string) error {
 		return err
 	}
 
+	defaultInitialCluster := cfg.InitialCluster
+
 	err = yaml.Unmarshal(b, cfg)
 	if err != nil {
 		return err
@@ -229,7 +275,8 @@ func (cfg *configYAML) configFromFile(path string) error {
 		cfg.ACUrls = []url.URL(u)
 	}
 
-	if (cfg.Durl != "" || cfg.DNSCluster != "") && cfg.InitialCluster == cfg.InitialClusterFromName(cfg.Name) {
+	// If a discovery flag is set, clear default initial cluster set by InitialClusterFromName
+	if (cfg.Durl != "" || cfg.DNSCluster != "") && cfg.InitialCluster == defaultInitialCluster {
 		cfg.InitialCluster = ""
 	}
 	if cfg.ClusterState == "" {
@@ -292,6 +339,7 @@ func (cfg *Config) Validate() error {
 
 // PeerURLsMapAndToken sets up an initial peer URLsMap and cluster token for bootstrap or discovery.
 func (cfg *Config) PeerURLsMapAndToken(which string) (urlsmap types.URLsMap, token string, err error) {
+	token = cfg.InitialClusterToken
 	switch {
 	case cfg.Durl != "":
 		urlsmap = types.URLsMap{}
@@ -300,11 +348,15 @@ func (cfg *Config) PeerURLsMapAndToken(which string) (urlsmap types.URLsMap, tok
 		urlsmap[cfg.Name] = cfg.APUrls
 		token = cfg.Durl
 	case cfg.DNSCluster != "":
-		var clusterStr string
-		clusterStr, token, err = discovery.SRVGetCluster(cfg.Name, cfg.DNSCluster, cfg.InitialClusterToken, cfg.APUrls)
-		if err != nil {
-			return nil, "", err
+		clusterStrs, cerr := srv.GetCluster("etcd-server", cfg.Name, cfg.DNSCluster, cfg.APUrls)
+		if cerr != nil {
+			plog.Errorf("couldn't resolve during SRV discovery (%v)", cerr)
+			return nil, "", cerr
+		}
+		for _, s := range clusterStrs {
+			plog.Noticef("got bootstrap from DNS for etcd-server at %s", s)
 		}
+		clusterStr := strings.Join(clusterStrs, ",")
 		if strings.Contains(clusterStr, "https://") && cfg.PeerTLSInfo.CAFile == "" {
 			cfg.PeerTLSInfo.ServerName = cfg.DNSCluster
 		}
@@ -319,7 +371,6 @@ func (cfg *Config) PeerURLsMapAndToken(which string) (urlsmap types.URLsMap, tok
 	default:
 		// We're statically configured, and cluster has appropriately been set.
 		urlsmap, err = types.NewURLsMap(cfg.InitialCluster)
-		token = cfg.InitialClusterToken
 	}
 	return urlsmap, token, err
 }
@@ -367,7 +418,7 @@ func (cfg *Config) UpdateDefaultClusterFromName(defaultInitialCluster string) (s
 	}
 
 	used := false
-	pip, pport, _ := net.SplitHostPort(cfg.LPUrls[0].Host)
+	pip, pport := cfg.LPUrls[0].Hostname(), cfg.LPUrls[0].Port()
 	if cfg.defaultPeerHost() && pip == "0.0.0.0" {
 		cfg.APUrls[0] = url.URL{Scheme: cfg.APUrls[0].Scheme, Host: fmt.Sprintf("%s:%s", defaultHostname, pport)}
 		used = true
@@ -377,7 +428,7 @@ func (cfg *Config) UpdateDefaultClusterFromName(defaultInitialCluster string) (s
 		cfg.InitialCluster = cfg.InitialClusterFromName(cfg.Name)
 	}
 
-	cip, cport, _ := net.SplitHostPort(cfg.LCUrls[0].Host)
+	cip, cport := cfg.LCUrls[0].Hostname(), cfg.LCUrls[0].Port()
 	if cfg.defaultClientHost() && cip == "0.0.0.0" {
 		cfg.ACUrls[0] = url.URL{Scheme: cfg.ACUrls[0].Scheme, Host: fmt.Sprintf("%s:%s", defaultHostname, cport)}
 		used = true
@@ -406,8 +457,7 @@ func checkBindURLs(urls []url.URL) error {
 			continue
 		}
 		if net.ParseIP(host) == nil {
-			err := fmt.Errorf("expected IP in URL for binding (%s)", url.String())
-			plog.Warning(err)
+			return fmt.Errorf("expected IP in URL for binding (%s)", url.String())
 		}
 	}
 	return nil
diff --git a/vendor/github.com/coreos/etcd/embed/etcd.go b/vendor/github.com/coreos/etcd/embed/etcd.go
index a33a85546259..2f500f9f13b7 100644
--- a/vendor/github.com/coreos/etcd/embed/etcd.go
+++ b/vendor/github.com/coreos/etcd/embed/etcd.go
@@ -15,20 +15,32 @@
 package embed
 
 import (
+	"context"
 	"crypto/tls"
 	"fmt"
+	"io/ioutil"
+	defaultLog "log"
 	"net"
 	"net/http"
 	"path/filepath"
+	"sync"
+	"time"
 
 	"github.com/coreos/etcd/etcdserver"
+	"github.com/coreos/etcd/etcdserver/api/etcdhttp"
 	"github.com/coreos/etcd/etcdserver/api/v2http"
+	"github.com/coreos/etcd/etcdserver/api/v3rpc"
 	"github.com/coreos/etcd/pkg/cors"
+	"github.com/coreos/etcd/pkg/debugutil"
 	runtimeutil "github.com/coreos/etcd/pkg/runtime"
 	"github.com/coreos/etcd/pkg/transport"
 	"github.com/coreos/etcd/pkg/types"
 	"github.com/coreos/etcd/rafthttp"
+
+	"github.com/cockroachdb/cmux"
 	"github.com/coreos/pkg/capnslog"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/keepalive"
 )
 
 var plog = capnslog.NewPackageLogger("github.com/coreos/etcd", "embed")
@@ -49,13 +61,24 @@ const (
 
 // Etcd contains a running etcd server and its listeners.
 type Etcd struct {
-	Peers   []net.Listener
+	Peers   []*peerListener
 	Clients []net.Listener
-	Server  *etcdserver.EtcdServer
+	// a map of contexts for the servers that serves client requests.
+	sctxs map[string]*serveCtx
+
+	Server *etcdserver.EtcdServer
 
 	cfg   Config
+	stopc chan struct{}
 	errc  chan error
-	sctxs map[string]*serveCtx
+
+	closeOnce sync.Once
+}
+
+type peerListener struct {
+	net.Listener
+	serve func() error
+	close func(context.Context) error
 }
 
 // StartEtcd launches the etcd server and HTTP handlers for client/server communication.
@@ -65,20 +88,28 @@ func StartEtcd(inCfg *Config) (e *Etcd, err error) {
 	if err = inCfg.Validate(); err != nil {
 		return nil, err
 	}
-	e = &Etcd{cfg: *inCfg}
+	serving := false
+	e = &Etcd{cfg: *inCfg, stopc: make(chan struct{})}
 	cfg := &e.cfg
 	defer func() {
-		if e != nil && err != nil {
-			e.Close()
-			e = nil
+		if e == nil || err == nil {
+			return
+		}
+		if !serving {
+			// errored before starting gRPC server for serveCtx.serversC
+			for _, sctx := range e.sctxs {
+				close(sctx.serversC)
+			}
 		}
+		e.Close()
+		e = nil
 	}()
 
 	if e.Peers, err = startPeerListeners(cfg); err != nil {
-		return
+		return e, err
 	}
 	if e.sctxs, err = startClientListeners(cfg); err != nil {
-		return
+		return e, err
 	}
 	for _, sctx := range e.sctxs {
 		e.Clients = append(e.Clients, sctx.l)
@@ -116,22 +147,31 @@ func StartEtcd(inCfg *Config) (e *Etcd, err error) {
 		ElectionTicks:           cfg.ElectionTicks(),
 		AutoCompactionRetention: cfg.AutoCompactionRetention,
 		QuotaBackendBytes:       cfg.QuotaBackendBytes,
+		MaxRequestBytes:         cfg.MaxRequestBytes,
 		StrictReconfigCheck:     cfg.StrictReconfigCheck,
 		ClientCertAuthEnabled:   cfg.ClientTLSInfo.ClientCertAuth,
+		AuthToken:               cfg.AuthToken,
+		Debug:                   cfg.Debug,
 	}
 
 	if e.Server, err = etcdserver.NewServer(srvcfg); err != nil {
-		return
+		return e, err
 	}
 
 	// buffer channel so goroutines on closed connections won't wait forever
 	e.errc = make(chan error, len(e.Peers)+len(e.Clients)+2*len(e.sctxs))
 
 	e.Server.Start()
-	if err = e.serve(); err != nil {
-		return
+
+	if err = e.servePeers(); err != nil {
+		return e, err
+	}
+	if err = e.serveClients(); err != nil {
+		return e, err
 	}
-	return
+
+	serving = true
+	return e, nil
 }
 
 // Config returns the current configuration.
@@ -139,28 +179,90 @@ func (e *Etcd) Config() Config {
 	return e.cfg
 }
 
+// Close gracefully shuts down all servers/listeners.
+// Client requests will be terminated with request timeout.
+// After timeout, enforce remaning requests be closed immediately.
 func (e *Etcd) Close() {
-	for _, sctx := range e.sctxs {
-		sctx.cancel()
+	e.closeOnce.Do(func() { close(e.stopc) })
+
+	// close client requests with request timeout
+	timeout := 2 * time.Second
+	if e.Server != nil {
+		timeout = e.Server.Cfg.ReqTimeout()
 	}
-	for i := range e.Peers {
-		if e.Peers[i] != nil {
-			e.Peers[i].Close()
+	for _, sctx := range e.sctxs {
+		for ss := range sctx.serversC {
+			ctx, cancel := context.WithTimeout(context.Background(), timeout)
+			stopServers(ctx, ss)
+			cancel()
 		}
 	}
+
+	for _, sctx := range e.sctxs {
+		sctx.cancel()
+	}
+
 	for i := range e.Clients {
 		if e.Clients[i] != nil {
 			e.Clients[i].Close()
 		}
 	}
+
+	// close rafthttp transports
 	if e.Server != nil {
 		e.Server.Stop()
 	}
+
+	// close all idle connections in peer handler (wait up to 1-second)
+	for i := range e.Peers {
+		if e.Peers[i] != nil && e.Peers[i].close != nil {
+			ctx, cancel := context.WithTimeout(context.Background(), time.Second)
+			e.Peers[i].close(ctx)
+			cancel()
+		}
+	}
+}
+
+func stopServers(ctx context.Context, ss *servers) {
+	shutdownNow := func() {
+		// first, close the http.Server
+		ss.http.Shutdown(ctx)
+		// then close grpc.Server; cancels all active RPCs
+		ss.grpc.Stop()
+	}
+
+	// do not grpc.Server.GracefulStop with TLS enabled etcd server
+	// See https://github.com/grpc/grpc-go/issues/1384#issuecomment-317124531
+	// and https://github.com/coreos/etcd/issues/8916
+	if ss.secure {
+		shutdownNow()
+		return
+	}
+
+	ch := make(chan struct{})
+	go func() {
+		defer close(ch)
+		// close listeners to stop accepting new connections,
+		// will block on any existing transports
+		ss.grpc.GracefulStop()
+	}()
+
+	// wait until all pending RPCs are finished
+	select {
+	case <-ch:
+	case <-ctx.Done():
+		// took too long, manually close open transports
+		// e.g. watch streams
+		shutdownNow()
+
+		// concurrent GracefulStop should be interrupted
+		<-ch
+	}
 }
 
 func (e *Etcd) Err() <-chan error { return e.errc }
 
-func startPeerListeners(cfg *Config) (plns []net.Listener, err error) {
+func startPeerListeners(cfg *Config) (peers []*peerListener, err error) {
 	if cfg.PeerAutoTLS && cfg.PeerTLSInfo.Empty() {
 		phosts := make([]string, len(cfg.LPUrls))
 		for i, u := range cfg.LPUrls {
@@ -178,22 +280,22 @@ func startPeerListeners(cfg *Config) (plns []net.Listener, err error) {
 		plog.Infof("peerTLS: %s", cfg.PeerTLSInfo)
 	}
 
-	plns = make([]net.Listener, len(cfg.LPUrls))
+	peers = make([]*peerListener, len(cfg.LPUrls))
 	defer func() {
 		if err == nil {
 			return
 		}
-		for i := range plns {
-			if plns[i] == nil {
-				continue
+		for i := range peers {
+			if peers[i] != nil && peers[i].close != nil {
+				plog.Info("stopping listening for peers on ", cfg.LPUrls[i].String())
+				ctx, cancel := context.WithTimeout(context.Background(), time.Second)
+				peers[i].close(ctx)
+				cancel()
 			}
-			plns[i].Close()
-			plog.Info("stopping listening for peers on ", cfg.LPUrls[i].String())
 		}
 	}()
 
 	for i, u := range cfg.LPUrls {
-		var tlscfg *tls.Config
 		if u.Scheme == "http" {
 			if !cfg.PeerTLSInfo.Empty() {
 				plog.Warningf("The scheme of peer url %s is HTTP while peer key/cert files are presented. Ignored peer key/cert files.", u.String())
@@ -202,17 +304,57 @@ func startPeerListeners(cfg *Config) (plns []net.Listener, err error) {
 				plog.Warningf("The scheme of peer url %s is HTTP while client cert auth (--peer-client-cert-auth) is enabled. Ignored client cert auth for this url.", u.String())
 			}
 		}
-		if !cfg.PeerTLSInfo.Empty() {
-			if tlscfg, err = cfg.PeerTLSInfo.ServerConfig(); err != nil {
-				return nil, err
-			}
-		}
-		if plns[i], err = rafthttp.NewListener(u, tlscfg); err != nil {
+		peers[i] = &peerListener{close: func(context.Context) error { return nil }}
+		peers[i].Listener, err = rafthttp.NewListener(u, &cfg.PeerTLSInfo)
+		if err != nil {
 			return nil, err
 		}
+		// once serve, overwrite with 'http.Server.Shutdown'
+		peers[i].close = func(context.Context) error {
+			return peers[i].Listener.Close()
+		}
 		plog.Info("listening for peers on ", u.String())
 	}
-	return plns, nil
+	return peers, nil
+}
+
+// configure peer handlers after rafthttp.Transport started
+func (e *Etcd) servePeers() (err error) {
+	ph := etcdhttp.NewPeerHandler(e.Server)
+	var peerTLScfg *tls.Config
+	if !e.cfg.PeerTLSInfo.Empty() {
+		if peerTLScfg, err = e.cfg.PeerTLSInfo.ServerConfig(); err != nil {
+			return err
+		}
+	}
+
+	for _, p := range e.Peers {
+		gs := v3rpc.Server(e.Server, peerTLScfg)
+		m := cmux.New(p.Listener)
+		go gs.Serve(m.Match(cmux.HTTP2()))
+		srv := &http.Server{
+			Handler:     grpcHandlerFunc(gs, ph),
+			ReadTimeout: 5 * time.Minute,
+			ErrorLog:    defaultLog.New(ioutil.Discard, "", 0), // do not log user error
+		}
+		go srv.Serve(m.Match(cmux.Any()))
+		p.serve = func() error { return m.Serve() }
+		p.close = func(ctx context.Context) error {
+			// gracefully shutdown http.Server
+			// close open listeners, idle connections
+			// until context cancel or time-out
+			stopServers(ctx, &servers{secure: peerTLScfg != nil, grpc: gs, http: srv})
+			return nil
+		}
+	}
+
+	// start peer servers in a goroutine
+	for _, pl := range e.Peers {
+		go func(l *peerListener) {
+			e.errHandler(l.serve())
+		}(pl)
+	}
+	return nil
 }
 
 func startClientListeners(cfg *Config) (sctxs map[string]*serveCtx, err error) {
@@ -230,7 +372,7 @@ func startClientListeners(cfg *Config) (sctxs map[string]*serveCtx, err error) {
 	}
 
 	if cfg.EnablePprof {
-		plog.Infof("pprof is enabled under %s", pprofPrefix)
+		plog.Infof("pprof is enabled under %s", debugutil.HTTPPrefixPProf)
 	}
 
 	sctxs = make(map[string]*serveCtx)
@@ -250,21 +392,26 @@ func startClientListeners(cfg *Config) (sctxs map[string]*serveCtx, err error) {
 		}
 
 		proto := "tcp"
+		addr := u.Host
 		if u.Scheme == "unix" || u.Scheme == "unixs" {
 			proto = "unix"
+			addr = u.Host + u.Path
 		}
 
 		sctx.secure = u.Scheme == "https" || u.Scheme == "unixs"
 		sctx.insecure = !sctx.secure
-		if oldctx := sctxs[u.Host]; oldctx != nil {
+		if oldctx := sctxs[addr]; oldctx != nil {
 			oldctx.secure = oldctx.secure || sctx.secure
 			oldctx.insecure = oldctx.insecure || sctx.insecure
 			continue
 		}
 
-		if sctx.l, err = net.Listen(proto, u.Host); err != nil {
+		if sctx.l, err = net.Listen(proto, addr); err != nil {
 			return nil, err
 		}
+		// net.Listener will rewrite ipv4 0.0.0.0 to ipv6 [::], breaking
+		// hosts that disable ipv6. So, use the address given by the user.
+		sctx.addr = addr
 
 		if fdLimit, fderr := runtimeutil.FDLimit(); fderr == nil {
 			if fdLimit <= reservedInternalFDNum {
@@ -289,15 +436,19 @@ func startClientListeners(cfg *Config) (sctxs map[string]*serveCtx, err error) {
 		for k := range cfg.UserHandlers {
 			sctx.userHandlers[k] = cfg.UserHandlers[k]
 		}
-		if cfg.EnablePprof {
+		sctx.serviceRegister = cfg.ServiceRegister
+		if cfg.EnablePprof || cfg.Debug {
 			sctx.registerPprof()
 		}
-		sctxs[u.Host] = sctx
+		if cfg.Debug {
+			sctx.registerTrace()
+		}
+		sctxs[addr] = sctx
 	}
 	return sctxs, nil
 }
 
-func (e *Etcd) serve() (err error) {
+func (e *Etcd) serveClients() (err error) {
 	var ctlscfg *tls.Config
 	if !e.cfg.ClientTLSInfo.Empty() {
 		plog.Infof("ClientTLS: %s", e.cfg.ClientTLSInfo)
@@ -310,25 +461,49 @@ func (e *Etcd) serve() (err error) {
 		plog.Infof("cors = %s", e.cfg.CorsInfo)
 	}
 
-	// Start the peer server in a goroutine
-	ph := v2http.NewPeerHandler(e.Server)
-	for _, l := range e.Peers {
-		go func(l net.Listener) {
-			e.errc <- servePeerHTTP(l, ph)
-		}(l)
+	// Start a client server goroutine for each listen address
+	var h http.Handler
+	if e.Config().EnableV2 {
+		h = v2http.NewClientHandler(e.Server, e.Server.Cfg.ReqTimeout())
+	} else {
+		mux := http.NewServeMux()
+		etcdhttp.HandleBasic(mux, e.Server)
+		h = mux
+	}
+	h = http.Handler(&cors.CORSHandler{Handler: h, Info: e.cfg.CorsInfo})
+
+	gopts := []grpc.ServerOption{}
+	if e.cfg.GRPCKeepAliveMinTime > time.Duration(0) {
+		gopts = append(gopts, grpc.KeepaliveEnforcementPolicy(keepalive.EnforcementPolicy{
+			MinTime:             e.cfg.GRPCKeepAliveMinTime,
+			PermitWithoutStream: false,
+		}))
+	}
+	if e.cfg.GRPCKeepAliveInterval > time.Duration(0) &&
+		e.cfg.GRPCKeepAliveTimeout > time.Duration(0) {
+		gopts = append(gopts, grpc.KeepaliveParams(keepalive.ServerParameters{
+			Time:    e.cfg.GRPCKeepAliveInterval,
+			Timeout: e.cfg.GRPCKeepAliveTimeout,
+		}))
 	}
 
-	// Start a client server goroutine for each listen address
-	ch := http.Handler(&cors.CORSHandler{
-		Handler: v2http.NewClientHandler(e.Server, e.Server.Cfg.ReqTimeout()),
-		Info:    e.cfg.CorsInfo,
-	})
+	// start client servers in a goroutine
 	for _, sctx := range e.sctxs {
-		// read timeout does not work with http close notify
-		// TODO: https://github.com/golang/go/issues/9524
 		go func(s *serveCtx) {
-			e.errc <- s.serve(e.Server, ctlscfg, ch, e.errc)
+			e.errHandler(s.serve(e.Server, ctlscfg, h, e.errHandler, gopts...))
 		}(sctx)
 	}
 	return nil
 }
+
+func (e *Etcd) errHandler(err error) {
+	select {
+	case <-e.stopc:
+		return
+	default:
+	}
+	select {
+	case <-e.stopc:
+	case e.errc <- err:
+	}
+}
diff --git a/vendor/github.com/coreos/etcd/embed/serve.go b/vendor/github.com/coreos/etcd/embed/serve.go
index 84b97615c617..b659bf8b7d68 100644
--- a/vendor/github.com/coreos/etcd/embed/serve.go
+++ b/vendor/github.com/coreos/etcd/embed/serve.go
@@ -20,58 +20,87 @@ import (
 	defaultLog "log"
 	"net"
 	"net/http"
-	"net/http/pprof"
 	"strings"
-	"time"
 
 	"github.com/coreos/etcd/etcdserver"
+	"github.com/coreos/etcd/etcdserver/api/v3client"
+	"github.com/coreos/etcd/etcdserver/api/v3election"
+	"github.com/coreos/etcd/etcdserver/api/v3election/v3electionpb"
+	v3electiongw "github.com/coreos/etcd/etcdserver/api/v3election/v3electionpb/gw"
+	"github.com/coreos/etcd/etcdserver/api/v3lock"
+	"github.com/coreos/etcd/etcdserver/api/v3lock/v3lockpb"
+	v3lockgw "github.com/coreos/etcd/etcdserver/api/v3lock/v3lockpb/gw"
 	"github.com/coreos/etcd/etcdserver/api/v3rpc"
-	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
-	"github.com/coreos/etcd/pkg/transport"
+	etcdservergw "github.com/coreos/etcd/etcdserver/etcdserverpb/gw"
+	"github.com/coreos/etcd/pkg/debugutil"
 
 	"github.com/cockroachdb/cmux"
 	gw "github.com/grpc-ecosystem/grpc-gateway/runtime"
 	"golang.org/x/net/context"
+	"golang.org/x/net/trace"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials"
 )
 
-const pprofPrefix = "/debug/pprof"
-
 type serveCtx struct {
 	l        net.Listener
+	addr     string
 	secure   bool
 	insecure bool
 
 	ctx    context.Context
 	cancel context.CancelFunc
 
-	userHandlers map[string]http.Handler
+	userHandlers    map[string]http.Handler
+	serviceRegister func(*grpc.Server)
+	serversC        chan *servers
+}
+
+type servers struct {
+	secure bool
+	grpc   *grpc.Server
+	http   *http.Server
 }
 
 func newServeCtx() *serveCtx {
 	ctx, cancel := context.WithCancel(context.Background())
-	return &serveCtx{ctx: ctx, cancel: cancel, userHandlers: make(map[string]http.Handler)}
+	return &serveCtx{
+		ctx:          ctx,
+		cancel:       cancel,
+		userHandlers: make(map[string]http.Handler),
+		serversC:     make(chan *servers, 2), // in case sctx.insecure,sctx.secure true
+	}
 }
 
 // serve accepts incoming connections on the listener l,
 // creating a new service goroutine for each. The service goroutines
 // read requests and then call handler to reply to them.
-func (sctx *serveCtx) serve(s *etcdserver.EtcdServer, tlscfg *tls.Config, handler http.Handler, errc chan<- error) error {
+func (sctx *serveCtx) serve(
+	s *etcdserver.EtcdServer,
+	tlscfg *tls.Config,
+	handler http.Handler,
+	errHandler func(error),
+	gopts ...grpc.ServerOption) error {
 	logger := defaultLog.New(ioutil.Discard, "etcdhttp", 0)
 	<-s.ReadyNotify()
 	plog.Info("ready to serve client requests")
 
 	m := cmux.New(sctx.l)
+	v3c := v3client.New(s)
+	servElection := v3election.NewElectionServer(v3c)
+	servLock := v3lock.NewLockServer(v3c)
 
 	if sctx.insecure {
-		gs := v3rpc.Server(s, nil)
+		gs := v3rpc.Server(s, nil, gopts...)
+		v3electionpb.RegisterElectionServer(gs, servElection)
+		v3lockpb.RegisterLockServer(gs, servLock)
+		if sctx.serviceRegister != nil {
+			sctx.serviceRegister(gs)
+		}
 		grpcl := m.Match(cmux.HTTP2())
-		go func() { errc <- gs.Serve(grpcl) }()
+		go func() { errHandler(gs.Serve(grpcl)) }()
 
-		opts := []grpc.DialOption{
-			grpc.WithInsecure(),
-		}
+		opts := []grpc.DialOption{grpc.WithInsecure()}
 		gwmux, err := sctx.registerGateway(opts)
 		if err != nil {
 			return err
@@ -84,15 +113,22 @@ func (sctx *serveCtx) serve(s *etcdserver.EtcdServer, tlscfg *tls.Config, handle
 			ErrorLog: logger, // do not log user error
 		}
 		httpl := m.Match(cmux.HTTP1())
-		go func() { errc <- srvhttp.Serve(httpl) }()
+		go func() { errHandler(srvhttp.Serve(httpl)) }()
+
+		sctx.serversC <- &servers{grpc: gs, http: srvhttp}
 		plog.Noticef("serving insecure client requests on %s, this is strongly discouraged!", sctx.l.Addr().String())
 	}
 
 	if sctx.secure {
-		gs := v3rpc.Server(s, tlscfg)
+		gs := v3rpc.Server(s, tlscfg, gopts...)
+		v3electionpb.RegisterElectionServer(gs, servElection)
+		v3lockpb.RegisterLockServer(gs, servLock)
+		if sctx.serviceRegister != nil {
+			sctx.serviceRegister(gs)
+		}
 		handler = grpcHandlerFunc(gs, handler)
 
-		dtls := transport.ShallowCopyTLSConfig(tlscfg)
+		dtls := tlscfg.Clone()
 		// trust local server
 		dtls.InsecureSkipVerify = true
 		creds := credentials.NewTLS(dtls)
@@ -111,17 +147,24 @@ func (sctx *serveCtx) serve(s *etcdserver.EtcdServer, tlscfg *tls.Config, handle
 			TLSConfig: tlscfg,
 			ErrorLog:  logger, // do not log user error
 		}
-		go func() { errc <- srv.Serve(tlsl) }()
+		go func() { errHandler(srv.Serve(tlsl)) }()
 
+		sctx.serversC <- &servers{secure: true, grpc: gs, http: srv}
 		plog.Infof("serving client requests on %s", sctx.l.Addr().String())
 	}
 
+	close(sctx.serversC)
 	return m.Serve()
 }
 
 // grpcHandlerFunc returns an http.Handler that delegates to grpcServer on incoming gRPC
 // connections or otherHandler otherwise. Copied from cockroachdb.
 func grpcHandlerFunc(grpcServer *grpc.Server, otherHandler http.Handler) http.Handler {
+	if otherHandler == nil {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			grpcServer.ServeHTTP(w, r)
+		})
+	}
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if r.ProtoMajor == 2 && strings.Contains(r.Header.Get("Content-Type"), "application/grpc") {
 			grpcServer.ServeHTTP(w, r)
@@ -131,46 +174,38 @@ func grpcHandlerFunc(grpcServer *grpc.Server, otherHandler http.Handler) http.Ha
 	})
 }
 
-func servePeerHTTP(l net.Listener, handler http.Handler) error {
-	logger := defaultLog.New(ioutil.Discard, "etcdhttp", 0)
-	// TODO: add debug flag; enable logging when debug flag is set
-	srv := &http.Server{
-		Handler:     handler,
-		ReadTimeout: 5 * time.Minute,
-		ErrorLog:    logger, // do not log user error
-	}
-	return srv.Serve(l)
-}
+type registerHandlerFunc func(context.Context, *gw.ServeMux, *grpc.ClientConn) error
 
 func (sctx *serveCtx) registerGateway(opts []grpc.DialOption) (*gw.ServeMux, error) {
 	ctx := sctx.ctx
-	addr := sctx.l.Addr().String()
-	gwmux := gw.NewServeMux()
-
-	err := pb.RegisterKVHandlerFromEndpoint(ctx, gwmux, addr, opts)
-	if err != nil {
-		return nil, err
-	}
-	err = pb.RegisterWatchHandlerFromEndpoint(ctx, gwmux, addr, opts)
-	if err != nil {
-		return nil, err
-	}
-	err = pb.RegisterLeaseHandlerFromEndpoint(ctx, gwmux, addr, opts)
+	conn, err := grpc.DialContext(ctx, sctx.addr, opts...)
 	if err != nil {
 		return nil, err
 	}
-	err = pb.RegisterClusterHandlerFromEndpoint(ctx, gwmux, addr, opts)
-	if err != nil {
-		return nil, err
-	}
-	err = pb.RegisterMaintenanceHandlerFromEndpoint(ctx, gwmux, addr, opts)
-	if err != nil {
-		return nil, err
+	gwmux := gw.NewServeMux()
+
+	handlers := []registerHandlerFunc{
+		etcdservergw.RegisterKVHandler,
+		etcdservergw.RegisterWatchHandler,
+		etcdservergw.RegisterLeaseHandler,
+		etcdservergw.RegisterClusterHandler,
+		etcdservergw.RegisterMaintenanceHandler,
+		etcdservergw.RegisterAuthHandler,
+		v3lockgw.RegisterLockHandler,
+		v3electiongw.RegisterElectionHandler,
 	}
-	err = pb.RegisterAuthHandlerFromEndpoint(ctx, gwmux, addr, opts)
-	if err != nil {
-		return nil, err
+	for _, h := range handlers {
+		if err := h(ctx, gwmux, conn); err != nil {
+			return nil, err
+		}
 	}
+	go func() {
+		<-ctx.Done()
+		if cerr := conn.Close(); cerr != nil {
+			plog.Warningf("failed to close conn to %s: %v", sctx.l.Addr().String(), cerr)
+		}
+	}()
+
 	return gwmux, nil
 }
 
@@ -181,26 +216,29 @@ func (sctx *serveCtx) createMux(gwmux *gw.ServeMux, handler http.Handler) *http.
 	}
 
 	httpmux.Handle("/v3alpha/", gwmux)
-	httpmux.Handle("/", handler)
+	if handler != nil {
+		httpmux.Handle("/", handler)
+	}
 	return httpmux
 }
 
+func (sctx *serveCtx) registerUserHandler(s string, h http.Handler) {
+	if sctx.userHandlers[s] != nil {
+		plog.Warningf("path %s already registered by user handler", s)
+		return
+	}
+	sctx.userHandlers[s] = h
+}
+
 func (sctx *serveCtx) registerPprof() {
-	f := func(s string, h http.Handler) {
-		if sctx.userHandlers[s] != nil {
-			plog.Warningf("path %s already registered by user handler", s)
-			return
-		}
-		sctx.userHandlers[s] = h
+	for p, h := range debugutil.PProfHandlers() {
+		sctx.registerUserHandler(p, h)
 	}
-	f(pprofPrefix+"/", http.HandlerFunc(pprof.Index))
-	f(pprofPrefix+"/profile", http.HandlerFunc(pprof.Profile))
-	f(pprofPrefix+"/symbol", http.HandlerFunc(pprof.Symbol))
-	f(pprofPrefix+"/cmdline", http.HandlerFunc(pprof.Cmdline))
-	f(pprofPrefix+"/trace", http.HandlerFunc(pprof.Trace))
-
-	f(pprofPrefix+"/heap", pprof.Handler("heap"))
-	f(pprofPrefix+"/goroutine", pprof.Handler("goroutine"))
-	f(pprofPrefix+"/threadcreate", pprof.Handler("threadcreate"))
-	f(pprofPrefix+"/block", pprof.Handler("block"))
+}
+
+func (sctx *serveCtx) registerTrace() {
+	reqf := func(w http.ResponseWriter, r *http.Request) { trace.Render(w, r, true) }
+	sctx.registerUserHandler("/debug/requests", http.HandlerFunc(reqf))
+	evf := func(w http.ResponseWriter, r *http.Request) { trace.RenderEvents(w, r, true) }
+	sctx.registerUserHandler("/debug/events", http.HandlerFunc(evf))
 }
diff --git a/vendor/github.com/coreos/etcd/error/error.go b/vendor/github.com/coreos/etcd/error/error.go
index 8cf83cc716af..b541a628b87f 100644
--- a/vendor/github.com/coreos/etcd/error/error.go
+++ b/vendor/github.com/coreos/etcd/error/error.go
@@ -154,9 +154,10 @@ func (e Error) StatusCode() int {
 	return status
 }
 
-func (e Error) WriteTo(w http.ResponseWriter) {
+func (e Error) WriteTo(w http.ResponseWriter) error {
 	w.Header().Add("X-Etcd-Index", fmt.Sprint(e.Index))
 	w.Header().Set("Content-Type", "application/json")
 	w.WriteHeader(e.StatusCode())
-	fmt.Fprintln(w, e.toJsonString())
+	_, err := w.Write([]byte(e.toJsonString() + "\n"))
+	return err
 }
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/capability.go b/vendor/github.com/coreos/etcd/etcdserver/api/capability.go
index ab8cee7cf89c..5e2de58e9a10 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/api/capability.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/capability.go
@@ -33,11 +33,10 @@ var (
 	plog = capnslog.NewPackageLogger("github.com/coreos/etcd", "etcdserver/api")
 
 	// capabilityMaps is a static map of version to capability map.
-	// the base capabilities is the set of capability 2.0 supports.
 	capabilityMaps = map[string]map[Capability]bool{
-		"2.3.0": {AuthCapability: true},
 		"3.0.0": {AuthCapability: true, V3rpcCapability: true},
 		"3.1.0": {AuthCapability: true, V3rpcCapability: true},
+		"3.2.0": {AuthCapability: true, V3rpcCapability: true},
 	}
 
 	enableMapMu sync.RWMutex
@@ -48,7 +47,10 @@ var (
 )
 
 func init() {
-	enabledMap = make(map[Capability]bool)
+	enabledMap = map[Capability]bool{
+		AuthCapability:  true,
+		V3rpcCapability: true,
+	}
 }
 
 // UpdateCapability updates the enabledMap when the cluster version increases.
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/etcdhttp/base.go b/vendor/github.com/coreos/etcd/etcdserver/api/etcdhttp/base.go
new file mode 100644
index 000000000000..283b32dbf956
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/etcdhttp/base.go
@@ -0,0 +1,186 @@
+// Copyright 2015 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package etcdhttp
+
+import (
+	"encoding/json"
+	"expvar"
+	"fmt"
+	"net/http"
+	"strings"
+	"time"
+
+	etcdErr "github.com/coreos/etcd/error"
+	"github.com/coreos/etcd/etcdserver"
+	"github.com/coreos/etcd/etcdserver/api"
+	"github.com/coreos/etcd/etcdserver/api/v2http/httptypes"
+	"github.com/coreos/etcd/etcdserver/etcdserverpb"
+	"github.com/coreos/etcd/pkg/logutil"
+	"github.com/coreos/etcd/raft"
+	"github.com/coreos/etcd/version"
+	"github.com/coreos/pkg/capnslog"
+	"github.com/prometheus/client_golang/prometheus"
+	"golang.org/x/net/context"
+)
+
+var (
+	plog = capnslog.NewPackageLogger("github.com/coreos/etcd", "etcdserver/api/etcdhttp")
+	mlog = logutil.NewMergeLogger(plog)
+)
+
+const (
+	configPath  = "/config"
+	metricsPath = "/metrics"
+	healthPath  = "/health"
+	varsPath    = "/debug/vars"
+	versionPath = "/version"
+)
+
+// HandleBasic adds handlers to a mux for serving JSON etcd client requests
+// that do not access the v2 store.
+func HandleBasic(mux *http.ServeMux, server *etcdserver.EtcdServer) {
+	mux.HandleFunc(varsPath, serveVars)
+	mux.HandleFunc(configPath+"/local/log", logHandleFunc)
+	mux.Handle(metricsPath, prometheus.Handler())
+	mux.Handle(healthPath, healthHandler(server))
+	mux.HandleFunc(versionPath, versionHandler(server.Cluster(), serveVersion))
+}
+
+func healthHandler(server *etcdserver.EtcdServer) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		if !allowMethod(w, r, "GET") {
+			return
+		}
+		if uint64(server.Leader()) == raft.None {
+			http.Error(w, `{"health": "false"}`, http.StatusServiceUnavailable)
+			return
+		}
+		ctx, cancel := context.WithTimeout(context.Background(), time.Second)
+		defer cancel()
+		if _, err := server.Do(ctx, etcdserverpb.Request{Method: "QGET"}); err != nil {
+			http.Error(w, `{"health": "false"}`, http.StatusServiceUnavailable)
+			return
+		}
+		w.WriteHeader(http.StatusOK)
+		w.Write([]byte(`{"health": "true"}`))
+	}
+}
+
+func versionHandler(c api.Cluster, fn func(http.ResponseWriter, *http.Request, string)) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		v := c.Version()
+		if v != nil {
+			fn(w, r, v.String())
+		} else {
+			fn(w, r, "not_decided")
+		}
+	}
+}
+
+func serveVersion(w http.ResponseWriter, r *http.Request, clusterV string) {
+	if !allowMethod(w, r, "GET") {
+		return
+	}
+	vs := version.Versions{
+		Server:  version.Version,
+		Cluster: clusterV,
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	b, err := json.Marshal(&vs)
+	if err != nil {
+		plog.Panicf("cannot marshal versions to json (%v)", err)
+	}
+	w.Write(b)
+}
+
+func logHandleFunc(w http.ResponseWriter, r *http.Request) {
+	if !allowMethod(w, r, "PUT") {
+		return
+	}
+
+	in := struct{ Level string }{}
+
+	d := json.NewDecoder(r.Body)
+	if err := d.Decode(&in); err != nil {
+		WriteError(w, r, httptypes.NewHTTPError(http.StatusBadRequest, "Invalid json body"))
+		return
+	}
+
+	logl, err := capnslog.ParseLevel(strings.ToUpper(in.Level))
+	if err != nil {
+		WriteError(w, r, httptypes.NewHTTPError(http.StatusBadRequest, "Invalid log level "+in.Level))
+		return
+	}
+
+	plog.Noticef("globalLogLevel set to %q", logl.String())
+	capnslog.SetGlobalLogLevel(logl)
+	w.WriteHeader(http.StatusNoContent)
+}
+
+func serveVars(w http.ResponseWriter, r *http.Request) {
+	if !allowMethod(w, r, "GET") {
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	fmt.Fprintf(w, "{\n")
+	first := true
+	expvar.Do(func(kv expvar.KeyValue) {
+		if !first {
+			fmt.Fprintf(w, ",\n")
+		}
+		first = false
+		fmt.Fprintf(w, "%q: %s", kv.Key, kv.Value)
+	})
+	fmt.Fprintf(w, "\n}\n")
+}
+
+func allowMethod(w http.ResponseWriter, r *http.Request, m string) bool {
+	if m == r.Method {
+		return true
+	}
+	w.Header().Set("Allow", m)
+	http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed)
+	return false
+}
+
+// WriteError logs and writes the given Error to the ResponseWriter
+// If Error is an etcdErr, it is rendered to the ResponseWriter
+// Otherwise, it is assumed to be a StatusInternalServerError
+func WriteError(w http.ResponseWriter, r *http.Request, err error) {
+	if err == nil {
+		return
+	}
+	switch e := err.(type) {
+	case *etcdErr.Error:
+		e.WriteTo(w)
+	case *httptypes.HTTPError:
+		if et := e.WriteTo(w); et != nil {
+			plog.Debugf("error writing HTTPError (%v) to %s", et, r.RemoteAddr)
+		}
+	default:
+		switch err {
+		case etcdserver.ErrTimeoutDueToLeaderFail, etcdserver.ErrTimeoutDueToConnectionLost, etcdserver.ErrNotEnoughStartedMembers, etcdserver.ErrUnhealthy:
+			mlog.MergeError(err)
+		default:
+			mlog.MergeErrorf("got unexpected response error (%v)", err)
+		}
+		herr := httptypes.NewHTTPError(http.StatusInternalServerError, "Internal Server Error")
+		if et := herr.WriteTo(w); et != nil {
+			plog.Debugf("error writing HTTPError (%v) to %s", et, r.RemoteAddr)
+		}
+	}
+}
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v2http/peer.go b/vendor/github.com/coreos/etcd/etcdserver/api/etcdhttp/peer.go
similarity index 97%
rename from vendor/github.com/coreos/etcd/etcdserver/api/v2http/peer.go
rename to vendor/github.com/coreos/etcd/etcdserver/api/etcdhttp/peer.go
index a1abadba8e72..721bae3c6000 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/api/v2http/peer.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/etcdhttp/peer.go
@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package v2http
+package etcdhttp
 
 import (
 	"encoding/json"
@@ -61,7 +61,7 @@ type peerMembersHandler struct {
 }
 
 func (h *peerMembersHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
-	if !allowMethod(w, r.Method, "GET") {
+	if !allowMethod(w, r, "GET") {
 		return
 	}
 	w.Header().Set("X-Etcd-Cluster-ID", h.cluster.ID().String())
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v2http/client.go b/vendor/github.com/coreos/etcd/etcdserver/api/v2http/client.go
index 038f5417e67e..aa1e71ec3291 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/api/v2http/client.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v2http/client.go
@@ -17,7 +17,6 @@ package v2http
 import (
 	"encoding/json"
 	"errors"
-	"expvar"
 	"fmt"
 	"io/ioutil"
 	"net/http"
@@ -30,38 +29,36 @@ import (
 	etcdErr "github.com/coreos/etcd/error"
 	"github.com/coreos/etcd/etcdserver"
 	"github.com/coreos/etcd/etcdserver/api"
+	"github.com/coreos/etcd/etcdserver/api/etcdhttp"
 	"github.com/coreos/etcd/etcdserver/api/v2http/httptypes"
 	"github.com/coreos/etcd/etcdserver/auth"
 	"github.com/coreos/etcd/etcdserver/etcdserverpb"
 	"github.com/coreos/etcd/etcdserver/membership"
 	"github.com/coreos/etcd/etcdserver/stats"
 	"github.com/coreos/etcd/pkg/types"
-	"github.com/coreos/etcd/raft"
 	"github.com/coreos/etcd/store"
-	"github.com/coreos/etcd/version"
-	"github.com/coreos/pkg/capnslog"
 	"github.com/jonboulle/clockwork"
-	"github.com/prometheus/client_golang/prometheus"
 	"golang.org/x/net/context"
 )
 
 const (
-	authPrefix               = "/v2/auth"
-	keysPrefix               = "/v2/keys"
-	deprecatedMachinesPrefix = "/v2/machines"
-	membersPrefix            = "/v2/members"
-	statsPrefix              = "/v2/stats"
-	varsPath                 = "/debug/vars"
-	metricsPath              = "/metrics"
-	healthPath               = "/health"
-	versionPath              = "/version"
-	configPath               = "/config"
+	authPrefix     = "/v2/auth"
+	keysPrefix     = "/v2/keys"
+	machinesPrefix = "/v2/machines"
+	membersPrefix  = "/v2/members"
+	statsPrefix    = "/v2/stats"
 )
 
 // NewClientHandler generates a muxed http.Handler with the given parameters to serve etcd client requests.
 func NewClientHandler(server *etcdserver.EtcdServer, timeout time.Duration) http.Handler {
-	sec := auth.NewStore(server, timeout)
+	mux := http.NewServeMux()
+	etcdhttp.HandleBasic(mux, server)
+	handleV2(mux, server, timeout)
+	return requestLogger(mux)
+}
 
+func handleV2(mux *http.ServeMux, server *etcdserver.EtcdServer, timeout time.Duration) {
+	sec := auth.NewStore(server, timeout)
 	kh := &keysHandler{
 		sec:                   sec,
 		server:                server,
@@ -84,34 +81,23 @@ func NewClientHandler(server *etcdserver.EtcdServer, timeout time.Duration) http
 		clientCertAuthEnabled: server.Cfg.ClientCertAuthEnabled,
 	}
 
-	dmh := &deprecatedMachinesHandler{
-		cluster: server.Cluster(),
-	}
+	mah := &machinesHandler{cluster: server.Cluster()}
 
 	sech := &authHandler{
 		sec:                   sec,
 		cluster:               server.Cluster(),
 		clientCertAuthEnabled: server.Cfg.ClientCertAuthEnabled,
 	}
-
-	mux := http.NewServeMux()
 	mux.HandleFunc("/", http.NotFound)
-	mux.Handle(healthPath, healthHandler(server))
-	mux.HandleFunc(versionPath, versionHandler(server.Cluster(), serveVersion))
 	mux.Handle(keysPrefix, kh)
 	mux.Handle(keysPrefix+"/", kh)
 	mux.HandleFunc(statsPrefix+"/store", sh.serveStore)
 	mux.HandleFunc(statsPrefix+"/self", sh.serveSelf)
 	mux.HandleFunc(statsPrefix+"/leader", sh.serveLeader)
-	mux.HandleFunc(varsPath, serveVars)
-	mux.HandleFunc(configPath+"/local/log", logHandleFunc)
-	mux.Handle(metricsPath, prometheus.Handler())
 	mux.Handle(membersPrefix, mh)
 	mux.Handle(membersPrefix+"/", mh)
-	mux.Handle(deprecatedMachinesPrefix, dmh)
+	mux.Handle(machinesPrefix, mah)
 	handleAuth(mux, sech)
-
-	return requestLogger(mux)
 }
 
 type keysHandler struct {
@@ -170,11 +156,11 @@ func (h *keysHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	}
 }
 
-type deprecatedMachinesHandler struct {
+type machinesHandler struct {
 	cluster api.Cluster
 }
 
-func (h *deprecatedMachinesHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+func (h *machinesHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	if !allowMethod(w, r.Method, "GET", "HEAD") {
 		return
 	}
@@ -234,7 +220,7 @@ func (h *membersHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		}
 		now := h.clock.Now()
 		m := membership.NewMember("", req.PeerURLs, "", &now)
-		err := h.server.AddMember(ctx, *m)
+		_, err := h.server.AddMember(ctx, *m)
 		switch {
 		case err == membership.ErrIDExists || err == membership.ErrPeerURLexists:
 			writeError(w, r, httptypes.NewHTTPError(http.StatusConflict, err.Error()))
@@ -255,7 +241,7 @@ func (h *membersHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		if !ok {
 			return
 		}
-		err := h.server.RemoveMember(ctx, uint64(id))
+		_, err := h.server.RemoveMember(ctx, uint64(id))
 		switch {
 		case err == membership.ErrIDRemoved:
 			writeError(w, r, httptypes.NewHTTPError(http.StatusGone, fmt.Sprintf("Member permanently removed: %s", id)))
@@ -280,7 +266,7 @@ func (h *membersHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 			ID:             id,
 			RaftAttributes: membership.RaftAttributes{PeerURLs: req.PeerURLs.StringSlice()},
 		}
-		err := h.server.UpdateMember(ctx, m)
+		_, err := h.server.UpdateMember(ctx, m)
 		switch {
 		case err == membership.ErrPeerURLexists:
 			writeError(w, r, httptypes.NewHTTPError(http.StatusConflict, err.Error()))
@@ -321,103 +307,13 @@ func (h *statsHandler) serveLeader(w http.ResponseWriter, r *http.Request) {
 	}
 	stats := h.stats.LeaderStats()
 	if stats == nil {
-		writeError(w, r, httptypes.NewHTTPError(http.StatusForbidden, "not current leader"))
+		etcdhttp.WriteError(w, r, httptypes.NewHTTPError(http.StatusForbidden, "not current leader"))
 		return
 	}
 	w.Header().Set("Content-Type", "application/json")
 	w.Write(stats)
 }
 
-func serveVars(w http.ResponseWriter, r *http.Request) {
-	if !allowMethod(w, r.Method, "GET") {
-		return
-	}
-
-	w.Header().Set("Content-Type", "application/json; charset=utf-8")
-	fmt.Fprintf(w, "{\n")
-	first := true
-	expvar.Do(func(kv expvar.KeyValue) {
-		if !first {
-			fmt.Fprintf(w, ",\n")
-		}
-		first = false
-		fmt.Fprintf(w, "%q: %s", kv.Key, kv.Value)
-	})
-	fmt.Fprintf(w, "\n}\n")
-}
-
-func healthHandler(server *etcdserver.EtcdServer) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		if !allowMethod(w, r.Method, "GET") {
-			return
-		}
-		if uint64(server.Leader()) == raft.None {
-			http.Error(w, `{"health": "false"}`, http.StatusServiceUnavailable)
-			return
-		}
-		ctx, cancel := context.WithTimeout(context.Background(), time.Second)
-		defer cancel()
-		if _, err := server.Do(ctx, etcdserverpb.Request{Method: "QGET"}); err != nil {
-			http.Error(w, `{"health": "false"}`, http.StatusServiceUnavailable)
-			return
-		}
-		w.WriteHeader(http.StatusOK)
-		w.Write([]byte(`{"health": "true"}`))
-	}
-}
-
-func versionHandler(c api.Cluster, fn func(http.ResponseWriter, *http.Request, string)) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		v := c.Version()
-		if v != nil {
-			fn(w, r, v.String())
-		} else {
-			fn(w, r, "not_decided")
-		}
-	}
-}
-
-func serveVersion(w http.ResponseWriter, r *http.Request, clusterV string) {
-	if !allowMethod(w, r.Method, "GET") {
-		return
-	}
-	vs := version.Versions{
-		Server:  version.Version,
-		Cluster: clusterV,
-	}
-
-	w.Header().Set("Content-Type", "application/json")
-	b, err := json.Marshal(&vs)
-	if err != nil {
-		plog.Panicf("cannot marshal versions to json (%v)", err)
-	}
-	w.Write(b)
-}
-
-func logHandleFunc(w http.ResponseWriter, r *http.Request) {
-	if !allowMethod(w, r.Method, "PUT") {
-		return
-	}
-
-	in := struct{ Level string }{}
-
-	d := json.NewDecoder(r.Body)
-	if err := d.Decode(&in); err != nil {
-		writeError(w, r, httptypes.NewHTTPError(http.StatusBadRequest, "Invalid json body"))
-		return
-	}
-
-	logl, err := capnslog.ParseLevel(strings.ToUpper(in.Level))
-	if err != nil {
-		writeError(w, r, httptypes.NewHTTPError(http.StatusBadRequest, "Invalid log level "+in.Level))
-		return
-	}
-
-	plog.Noticef("globalLogLevel set to %q", logl.String())
-	capnslog.SetGlobalLogLevel(logl)
-	w.WriteHeader(http.StatusNoContent)
-}
-
 // parseKeyRequest converts a received http.Request on keysPrefix to
 // a server Request, performing validation of supplied fields as appropriate.
 // If any validation fails, an empty Request and non-nil error is returned.
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v2http/http.go b/vendor/github.com/coreos/etcd/etcdserver/api/v2http/http.go
index 62c99e19d4a7..589c172dbbb4 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/api/v2http/http.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v2http/http.go
@@ -20,12 +20,11 @@ import (
 	"strings"
 	"time"
 
-	etcdErr "github.com/coreos/etcd/error"
-	"github.com/coreos/etcd/etcdserver"
+	"github.com/coreos/etcd/etcdserver/api/etcdhttp"
 	"github.com/coreos/etcd/etcdserver/api/v2http/httptypes"
-
 	"github.com/coreos/etcd/etcdserver/auth"
 	"github.com/coreos/etcd/pkg/logutil"
+
 	"github.com/coreos/pkg/capnslog"
 )
 
@@ -39,37 +38,18 @@ var (
 	mlog = logutil.NewMergeLogger(plog)
 )
 
-// writeError logs and writes the given Error to the ResponseWriter
-// If Error is an etcdErr, it is rendered to the ResponseWriter
-// Otherwise, it is assumed to be a StatusInternalServerError
 func writeError(w http.ResponseWriter, r *http.Request, err error) {
 	if err == nil {
 		return
 	}
-	switch e := err.(type) {
-	case *etcdErr.Error:
-		e.WriteTo(w)
-	case *httptypes.HTTPError:
-		if et := e.WriteTo(w); et != nil {
-			plog.Debugf("error writing HTTPError (%v) to %s", et, r.RemoteAddr)
-		}
-	case auth.Error:
+	if e, ok := err.(auth.Error); ok {
 		herr := httptypes.NewHTTPError(e.HTTPStatus(), e.Error())
 		if et := herr.WriteTo(w); et != nil {
 			plog.Debugf("error writing HTTPError (%v) to %s", et, r.RemoteAddr)
 		}
-	default:
-		switch err {
-		case etcdserver.ErrTimeoutDueToLeaderFail, etcdserver.ErrTimeoutDueToConnectionLost, etcdserver.ErrNotEnoughStartedMembers, etcdserver.ErrUnhealthy:
-			mlog.MergeError(err)
-		default:
-			mlog.MergeErrorf("got unexpected response error (%v)", err)
-		}
-		herr := httptypes.NewHTTPError(http.StatusInternalServerError, "Internal Server Error")
-		if et := herr.WriteTo(w); et != nil {
-			plog.Debugf("error writing HTTPError (%v) to %s", et, r.RemoteAddr)
-		}
+		return
 	}
+	etcdhttp.WriteError(w, r, err)
 }
 
 // allowMethod verifies that the given method is one of the allowed methods,
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3client/doc.go b/vendor/github.com/coreos/etcd/etcdserver/api/v3client/doc.go
new file mode 100644
index 000000000000..310715f5cd74
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3client/doc.go
@@ -0,0 +1,45 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package v3client provides clientv3 interfaces from an etcdserver.
+//
+// Use v3client by creating an EtcdServer instance, then wrapping it with v3client.New:
+//
+//	import (
+//		"context"
+//
+//		"github.com/coreos/etcd/embed"
+//		"github.com/coreos/etcd/etcdserver/api/v3client"
+//	)
+//
+//	...
+//
+//	// create an embedded EtcdServer from the default configuration
+//	cfg := embed.NewConfig()
+//	cfg.Dir = "default.etcd"
+//	e, err := embed.StartEtcd(cfg)
+//	if err != nil {
+//		// handle error!
+//	}
+//
+//	// wrap the EtcdServer with v3client
+//	cli := v3client.New(e.Server)
+//
+//	// use like an ordinary clientv3
+//	resp, err := cli.Put(context.TODO(), "some-key", "it works!")
+//	if err != nil {
+//		// handle error!
+//	}
+//
+package v3client
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3client/v3client.go b/vendor/github.com/coreos/etcd/etcdserver/api/v3client/v3client.go
new file mode 100644
index 000000000000..c0c07c8d767d
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3client/v3client.go
@@ -0,0 +1,67 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package v3client
+
+import (
+	"time"
+
+	"github.com/coreos/etcd/clientv3"
+	"github.com/coreos/etcd/etcdserver"
+	"github.com/coreos/etcd/etcdserver/api/v3rpc"
+	"github.com/coreos/etcd/proxy/grpcproxy/adapter"
+
+	"golang.org/x/net/context"
+)
+
+// New creates a clientv3 client that wraps an in-process EtcdServer. Instead
+// of making gRPC calls through sockets, the client makes direct function calls
+// to the etcd server through its api/v3rpc function interfaces.
+func New(s *etcdserver.EtcdServer) *clientv3.Client {
+	c := clientv3.NewCtxClient(context.Background())
+
+	kvc := adapter.KvServerToKvClient(v3rpc.NewQuotaKVServer(s))
+	c.KV = clientv3.NewKVFromKVClient(kvc, c)
+
+	lc := adapter.LeaseServerToLeaseClient(v3rpc.NewQuotaLeaseServer(s))
+	c.Lease = clientv3.NewLeaseFromLeaseClient(lc, c, time.Second)
+
+	wc := adapter.WatchServerToWatchClient(v3rpc.NewWatchServer(s))
+	c.Watcher = &watchWrapper{clientv3.NewWatchFromWatchClient(wc, c)}
+
+	mc := adapter.MaintenanceServerToMaintenanceClient(v3rpc.NewMaintenanceServer(s))
+	c.Maintenance = clientv3.NewMaintenanceFromMaintenanceClient(mc, c)
+
+	clc := adapter.ClusterServerToClusterClient(v3rpc.NewClusterServer(s))
+	c.Cluster = clientv3.NewClusterFromClusterClient(clc, c)
+
+	// TODO: implement clientv3.Auth interface?
+
+	return c
+}
+
+// BlankContext implements Stringer on a context so the ctx string doesn't
+// depend on the context's WithValue data, which tends to be unsynchronized
+// (e.g., x/net/trace), causing ctx.String() to throw data races.
+type blankContext struct{ context.Context }
+
+func (*blankContext) String() string { return "(blankCtx)" }
+
+// watchWrapper wraps clientv3 watch calls to blank out the context
+// to avoid races on trace data.
+type watchWrapper struct{ clientv3.Watcher }
+
+func (ww *watchWrapper) Watch(ctx context.Context, key string, opts ...clientv3.OpOption) clientv3.WatchChan {
+	return ww.Watcher.Watch(&blankContext{ctx}, key, opts...)
+}
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3election/doc.go b/vendor/github.com/coreos/etcd/etcdserver/api/v3election/doc.go
new file mode 100644
index 000000000000..d6fefd741500
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3election/doc.go
@@ -0,0 +1,16 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package v3election provides a v3 election service from an etcdserver.
+package v3election
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3election/election.go b/vendor/github.com/coreos/etcd/etcdserver/api/v3election/election.go
new file mode 100644
index 000000000000..f9061c079268
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3election/election.go
@@ -0,0 +1,123 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package v3election
+
+import (
+	"golang.org/x/net/context"
+
+	"github.com/coreos/etcd/clientv3"
+	"github.com/coreos/etcd/clientv3/concurrency"
+	epb "github.com/coreos/etcd/etcdserver/api/v3election/v3electionpb"
+)
+
+type electionServer struct {
+	c *clientv3.Client
+}
+
+func NewElectionServer(c *clientv3.Client) epb.ElectionServer {
+	return &electionServer{c}
+}
+
+func (es *electionServer) Campaign(ctx context.Context, req *epb.CampaignRequest) (*epb.CampaignResponse, error) {
+	s, err := es.session(ctx, req.Lease)
+	if err != nil {
+		return nil, err
+	}
+	e := concurrency.NewElection(s, string(req.Name))
+	if err = e.Campaign(ctx, string(req.Value)); err != nil {
+		return nil, err
+	}
+	return &epb.CampaignResponse{
+		Header: e.Header(),
+		Leader: &epb.LeaderKey{
+			Name:  req.Name,
+			Key:   []byte(e.Key()),
+			Rev:   e.Rev(),
+			Lease: int64(s.Lease()),
+		},
+	}, nil
+}
+
+func (es *electionServer) Proclaim(ctx context.Context, req *epb.ProclaimRequest) (*epb.ProclaimResponse, error) {
+	s, err := es.session(ctx, req.Leader.Lease)
+	if err != nil {
+		return nil, err
+	}
+	e := concurrency.ResumeElection(s, string(req.Leader.Name), string(req.Leader.Key), req.Leader.Rev)
+	if err := e.Proclaim(ctx, string(req.Value)); err != nil {
+		return nil, err
+	}
+	return &epb.ProclaimResponse{Header: e.Header()}, nil
+}
+
+func (es *electionServer) Observe(req *epb.LeaderRequest, stream epb.Election_ObserveServer) error {
+	s, err := es.session(stream.Context(), -1)
+	if err != nil {
+		return err
+	}
+	e := concurrency.NewElection(s, string(req.Name))
+	ch := e.Observe(stream.Context())
+	for stream.Context().Err() == nil {
+		select {
+		case <-stream.Context().Done():
+		case resp, ok := <-ch:
+			if !ok {
+				return nil
+			}
+			lresp := &epb.LeaderResponse{Header: resp.Header, Kv: resp.Kvs[0]}
+			if err := stream.Send(lresp); err != nil {
+				return err
+			}
+		}
+	}
+	return stream.Context().Err()
+}
+
+func (es *electionServer) Leader(ctx context.Context, req *epb.LeaderRequest) (*epb.LeaderResponse, error) {
+	s, err := es.session(ctx, -1)
+	if err != nil {
+		return nil, err
+	}
+	l, lerr := concurrency.NewElection(s, string(req.Name)).Leader(ctx)
+	if lerr != nil {
+		return nil, lerr
+	}
+	return &epb.LeaderResponse{Header: l.Header, Kv: l.Kvs[0]}, nil
+}
+
+func (es *electionServer) Resign(ctx context.Context, req *epb.ResignRequest) (*epb.ResignResponse, error) {
+	s, err := es.session(ctx, req.Leader.Lease)
+	if err != nil {
+		return nil, err
+	}
+	e := concurrency.ResumeElection(s, string(req.Leader.Name), string(req.Leader.Key), req.Leader.Rev)
+	if err := e.Resign(ctx); err != nil {
+		return nil, err
+	}
+	return &epb.ResignResponse{Header: e.Header()}, nil
+}
+
+func (es *electionServer) session(ctx context.Context, lease int64) (*concurrency.Session, error) {
+	s, err := concurrency.NewSession(
+		es.c,
+		concurrency.WithLease(clientv3.LeaseID(lease)),
+		concurrency.WithContext(ctx),
+	)
+	if err != nil {
+		return nil, err
+	}
+	s.Orphan()
+	return s, nil
+}
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3election/v3electionpb/gw/v3election.pb.gw.go b/vendor/github.com/coreos/etcd/etcdserver/api/v3election/v3electionpb/gw/v3election.pb.gw.go
new file mode 100644
index 000000000000..ac00cbea9837
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3election/v3electionpb/gw/v3election.pb.gw.go
@@ -0,0 +1,313 @@
+// Code generated by protoc-gen-grpc-gateway. DO NOT EDIT.
+// source: etcdserver/api/v3election/v3electionpb/v3election.proto
+
+/*
+Package v3electionpb is a reverse proxy.
+
+It translates gRPC into RESTful JSON APIs.
+*/
+package gw
+
+import (
+	"github.com/coreos/etcd/etcdserver/api/v3election/v3electionpb"
+	"io"
+	"net/http"
+
+	"github.com/golang/protobuf/proto"
+	"github.com/grpc-ecosystem/grpc-gateway/runtime"
+	"github.com/grpc-ecosystem/grpc-gateway/utilities"
+	"golang.org/x/net/context"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/grpclog"
+	"google.golang.org/grpc/status"
+)
+
+var _ codes.Code
+var _ io.Reader
+var _ status.Status
+var _ = runtime.String
+var _ = utilities.NewDoubleArray
+
+func request_Election_Campaign_0(ctx context.Context, marshaler runtime.Marshaler, client v3electionpb.ElectionClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq v3electionpb.CampaignRequest
+	var metadata runtime.ServerMetadata
+
+	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
+	}
+
+	msg, err := client.Campaign(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
+	return msg, metadata, err
+
+}
+
+func request_Election_Proclaim_0(ctx context.Context, marshaler runtime.Marshaler, client v3electionpb.ElectionClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq v3electionpb.ProclaimRequest
+	var metadata runtime.ServerMetadata
+
+	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
+	}
+
+	msg, err := client.Proclaim(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
+	return msg, metadata, err
+
+}
+
+func request_Election_Leader_0(ctx context.Context, marshaler runtime.Marshaler, client v3electionpb.ElectionClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq v3electionpb.LeaderRequest
+	var metadata runtime.ServerMetadata
+
+	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
+	}
+
+	msg, err := client.Leader(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
+	return msg, metadata, err
+
+}
+
+func request_Election_Observe_0(ctx context.Context, marshaler runtime.Marshaler, client v3electionpb.ElectionClient, req *http.Request, pathParams map[string]string) (v3electionpb.Election_ObserveClient, runtime.ServerMetadata, error) {
+	var protoReq v3electionpb.LeaderRequest
+	var metadata runtime.ServerMetadata
+
+	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
+	}
+
+	stream, err := client.Observe(ctx, &protoReq)
+	if err != nil {
+		return nil, metadata, err
+	}
+	header, err := stream.Header()
+	if err != nil {
+		return nil, metadata, err
+	}
+	metadata.HeaderMD = header
+	return stream, metadata, nil
+
+}
+
+func request_Election_Resign_0(ctx context.Context, marshaler runtime.Marshaler, client v3electionpb.ElectionClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq v3electionpb.ResignRequest
+	var metadata runtime.ServerMetadata
+
+	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
+	}
+
+	msg, err := client.Resign(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
+	return msg, metadata, err
+
+}
+
+// RegisterElectionHandlerFromEndpoint is same as RegisterElectionHandler but
+// automatically dials to "endpoint" and closes the connection when "ctx" gets done.
+func RegisterElectionHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, opts []grpc.DialOption) (err error) {
+	conn, err := grpc.Dial(endpoint, opts...)
+	if err != nil {
+		return err
+	}
+	defer func() {
+		if err != nil {
+			if cerr := conn.Close(); cerr != nil {
+				grpclog.Printf("Failed to close conn to %s: %v", endpoint, cerr)
+			}
+			return
+		}
+		go func() {
+			<-ctx.Done()
+			if cerr := conn.Close(); cerr != nil {
+				grpclog.Printf("Failed to close conn to %s: %v", endpoint, cerr)
+			}
+		}()
+	}()
+
+	return RegisterElectionHandler(ctx, mux, conn)
+}
+
+// RegisterElectionHandler registers the http handlers for service Election to "mux".
+// The handlers forward requests to the grpc endpoint over "conn".
+func RegisterElectionHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error {
+	return RegisterElectionHandlerClient(ctx, mux, v3electionpb.NewElectionClient(conn))
+}
+
+// RegisterElectionHandler registers the http handlers for service Election to "mux".
+// The handlers forward requests to the grpc endpoint over the given implementation of "ElectionClient".
+// Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "ElectionClient"
+// doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in
+// "ElectionClient" to call the correct interceptors.
+func RegisterElectionHandlerClient(ctx context.Context, mux *runtime.ServeMux, client v3electionpb.ElectionClient) error {
+
+	mux.Handle("POST", pattern_Election_Campaign_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
+		ctx, cancel := context.WithCancel(ctx)
+		defer cancel()
+		if cn, ok := w.(http.CloseNotifier); ok {
+			go func(done <-chan struct{}, closed <-chan bool) {
+				select {
+				case <-done:
+				case <-closed:
+					cancel()
+				}
+			}(ctx.Done(), cn.CloseNotify())
+		}
+		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
+		if err != nil {
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
+		}
+		resp, md, err := request_Election_Campaign_0(rctx, inboundMarshaler, client, req, pathParams)
+		ctx = runtime.NewServerMetadataContext(ctx, md)
+		if err != nil {
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
+		}
+
+		forward_Election_Campaign_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+
+	})
+
+	mux.Handle("POST", pattern_Election_Proclaim_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
+		ctx, cancel := context.WithCancel(ctx)
+		defer cancel()
+		if cn, ok := w.(http.CloseNotifier); ok {
+			go func(done <-chan struct{}, closed <-chan bool) {
+				select {
+				case <-done:
+				case <-closed:
+					cancel()
+				}
+			}(ctx.Done(), cn.CloseNotify())
+		}
+		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
+		if err != nil {
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
+		}
+		resp, md, err := request_Election_Proclaim_0(rctx, inboundMarshaler, client, req, pathParams)
+		ctx = runtime.NewServerMetadataContext(ctx, md)
+		if err != nil {
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
+		}
+
+		forward_Election_Proclaim_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+
+	})
+
+	mux.Handle("POST", pattern_Election_Leader_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
+		ctx, cancel := context.WithCancel(ctx)
+		defer cancel()
+		if cn, ok := w.(http.CloseNotifier); ok {
+			go func(done <-chan struct{}, closed <-chan bool) {
+				select {
+				case <-done:
+				case <-closed:
+					cancel()
+				}
+			}(ctx.Done(), cn.CloseNotify())
+		}
+		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
+		if err != nil {
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
+		}
+		resp, md, err := request_Election_Leader_0(rctx, inboundMarshaler, client, req, pathParams)
+		ctx = runtime.NewServerMetadataContext(ctx, md)
+		if err != nil {
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
+		}
+
+		forward_Election_Leader_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+
+	})
+
+	mux.Handle("POST", pattern_Election_Observe_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
+		ctx, cancel := context.WithCancel(ctx)
+		defer cancel()
+		if cn, ok := w.(http.CloseNotifier); ok {
+			go func(done <-chan struct{}, closed <-chan bool) {
+				select {
+				case <-done:
+				case <-closed:
+					cancel()
+				}
+			}(ctx.Done(), cn.CloseNotify())
+		}
+		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
+		if err != nil {
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
+		}
+		resp, md, err := request_Election_Observe_0(rctx, inboundMarshaler, client, req, pathParams)
+		ctx = runtime.NewServerMetadataContext(ctx, md)
+		if err != nil {
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
+		}
+
+		forward_Election_Observe_0(ctx, mux, outboundMarshaler, w, req, func() (proto.Message, error) { return resp.Recv() }, mux.GetForwardResponseOptions()...)
+
+	})
+
+	mux.Handle("POST", pattern_Election_Resign_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
+		ctx, cancel := context.WithCancel(ctx)
+		defer cancel()
+		if cn, ok := w.(http.CloseNotifier); ok {
+			go func(done <-chan struct{}, closed <-chan bool) {
+				select {
+				case <-done:
+				case <-closed:
+					cancel()
+				}
+			}(ctx.Done(), cn.CloseNotify())
+		}
+		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
+		if err != nil {
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
+		}
+		resp, md, err := request_Election_Resign_0(rctx, inboundMarshaler, client, req, pathParams)
+		ctx = runtime.NewServerMetadataContext(ctx, md)
+		if err != nil {
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
+		}
+
+		forward_Election_Resign_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+
+	})
+
+	return nil
+}
+
+var (
+	pattern_Election_Campaign_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2}, []string{"v3alpha", "election", "campaign"}, ""))
+
+	pattern_Election_Proclaim_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2}, []string{"v3alpha", "election", "proclaim"}, ""))
+
+	pattern_Election_Leader_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2}, []string{"v3alpha", "election", "leader"}, ""))
+
+	pattern_Election_Observe_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2}, []string{"v3alpha", "election", "observe"}, ""))
+
+	pattern_Election_Resign_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2}, []string{"v3alpha", "election", "resign"}, ""))
+)
+
+var (
+	forward_Election_Campaign_0 = runtime.ForwardResponseMessage
+
+	forward_Election_Proclaim_0 = runtime.ForwardResponseMessage
+
+	forward_Election_Leader_0 = runtime.ForwardResponseMessage
+
+	forward_Election_Observe_0 = runtime.ForwardResponseStream
+
+	forward_Election_Resign_0 = runtime.ForwardResponseMessage
+)
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3election/v3electionpb/v3election.pb.go b/vendor/github.com/coreos/etcd/etcdserver/api/v3election/v3electionpb/v3election.pb.go
new file mode 100644
index 000000000000..92acb1469e95
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3election/v3electionpb/v3election.pb.go
@@ -0,0 +1,2098 @@
+// Code generated by protoc-gen-gogo.
+// source: v3election.proto
+// DO NOT EDIT!
+
+/*
+	Package v3electionpb is a generated protocol buffer package.
+
+	It is generated from these files:
+		v3election.proto
+
+	It has these top-level messages:
+		CampaignRequest
+		CampaignResponse
+		LeaderKey
+		LeaderRequest
+		LeaderResponse
+		ResignRequest
+		ResignResponse
+		ProclaimRequest
+		ProclaimResponse
+*/
+package v3electionpb
+
+import (
+	"fmt"
+
+	proto "github.com/golang/protobuf/proto"
+
+	math "math"
+
+	etcdserverpb "github.com/coreos/etcd/etcdserver/etcdserverpb"
+
+	mvccpb "github.com/coreos/etcd/mvcc/mvccpb"
+
+	_ "google.golang.org/genproto/googleapis/api/annotations"
+
+	context "golang.org/x/net/context"
+
+	grpc "google.golang.org/grpc"
+
+	io "io"
+)
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = fmt.Errorf
+var _ = math.Inf
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the proto package it is being compiled against.
+// A compilation error at this line likely means your copy of the
+// proto package needs to be updated.
+const _ = proto.ProtoPackageIsVersion2 // please upgrade the proto package
+
+type CampaignRequest struct {
+	// name is the election's identifier for the campaign.
+	Name []byte `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// lease is the ID of the lease attached to leadership of the election. If the
+	// lease expires or is revoked before resigning leadership, then the
+	// leadership is transferred to the next campaigner, if any.
+	Lease int64 `protobuf:"varint,2,opt,name=lease,proto3" json:"lease,omitempty"`
+	// value is the initial proclaimed value set when the campaigner wins the
+	// election.
+	Value []byte `protobuf:"bytes,3,opt,name=value,proto3" json:"value,omitempty"`
+}
+
+func (m *CampaignRequest) Reset()                    { *m = CampaignRequest{} }
+func (m *CampaignRequest) String() string            { return proto.CompactTextString(m) }
+func (*CampaignRequest) ProtoMessage()               {}
+func (*CampaignRequest) Descriptor() ([]byte, []int) { return fileDescriptorV3Election, []int{0} }
+
+func (m *CampaignRequest) GetName() []byte {
+	if m != nil {
+		return m.Name
+	}
+	return nil
+}
+
+func (m *CampaignRequest) GetLease() int64 {
+	if m != nil {
+		return m.Lease
+	}
+	return 0
+}
+
+func (m *CampaignRequest) GetValue() []byte {
+	if m != nil {
+		return m.Value
+	}
+	return nil
+}
+
+type CampaignResponse struct {
+	Header *etcdserverpb.ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
+	// leader describes the resources used for holding leadereship of the election.
+	Leader *LeaderKey `protobuf:"bytes,2,opt,name=leader" json:"leader,omitempty"`
+}
+
+func (m *CampaignResponse) Reset()                    { *m = CampaignResponse{} }
+func (m *CampaignResponse) String() string            { return proto.CompactTextString(m) }
+func (*CampaignResponse) ProtoMessage()               {}
+func (*CampaignResponse) Descriptor() ([]byte, []int) { return fileDescriptorV3Election, []int{1} }
+
+func (m *CampaignResponse) GetHeader() *etcdserverpb.ResponseHeader {
+	if m != nil {
+		return m.Header
+	}
+	return nil
+}
+
+func (m *CampaignResponse) GetLeader() *LeaderKey {
+	if m != nil {
+		return m.Leader
+	}
+	return nil
+}
+
+type LeaderKey struct {
+	// name is the election identifier that correponds to the leadership key.
+	Name []byte `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// key is an opaque key representing the ownership of the election. If the key
+	// is deleted, then leadership is lost.
+	Key []byte `protobuf:"bytes,2,opt,name=key,proto3" json:"key,omitempty"`
+	// rev is the creation revision of the key. It can be used to test for ownership
+	// of an election during transactions by testing the key's creation revision
+	// matches rev.
+	Rev int64 `protobuf:"varint,3,opt,name=rev,proto3" json:"rev,omitempty"`
+	// lease is the lease ID of the election leader.
+	Lease int64 `protobuf:"varint,4,opt,name=lease,proto3" json:"lease,omitempty"`
+}
+
+func (m *LeaderKey) Reset()                    { *m = LeaderKey{} }
+func (m *LeaderKey) String() string            { return proto.CompactTextString(m) }
+func (*LeaderKey) ProtoMessage()               {}
+func (*LeaderKey) Descriptor() ([]byte, []int) { return fileDescriptorV3Election, []int{2} }
+
+func (m *LeaderKey) GetName() []byte {
+	if m != nil {
+		return m.Name
+	}
+	return nil
+}
+
+func (m *LeaderKey) GetKey() []byte {
+	if m != nil {
+		return m.Key
+	}
+	return nil
+}
+
+func (m *LeaderKey) GetRev() int64 {
+	if m != nil {
+		return m.Rev
+	}
+	return 0
+}
+
+func (m *LeaderKey) GetLease() int64 {
+	if m != nil {
+		return m.Lease
+	}
+	return 0
+}
+
+type LeaderRequest struct {
+	// name is the election identifier for the leadership information.
+	Name []byte `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+}
+
+func (m *LeaderRequest) Reset()                    { *m = LeaderRequest{} }
+func (m *LeaderRequest) String() string            { return proto.CompactTextString(m) }
+func (*LeaderRequest) ProtoMessage()               {}
+func (*LeaderRequest) Descriptor() ([]byte, []int) { return fileDescriptorV3Election, []int{3} }
+
+func (m *LeaderRequest) GetName() []byte {
+	if m != nil {
+		return m.Name
+	}
+	return nil
+}
+
+type LeaderResponse struct {
+	Header *etcdserverpb.ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
+	// kv is the key-value pair representing the latest leader update.
+	Kv *mvccpb.KeyValue `protobuf:"bytes,2,opt,name=kv" json:"kv,omitempty"`
+}
+
+func (m *LeaderResponse) Reset()                    { *m = LeaderResponse{} }
+func (m *LeaderResponse) String() string            { return proto.CompactTextString(m) }
+func (*LeaderResponse) ProtoMessage()               {}
+func (*LeaderResponse) Descriptor() ([]byte, []int) { return fileDescriptorV3Election, []int{4} }
+
+func (m *LeaderResponse) GetHeader() *etcdserverpb.ResponseHeader {
+	if m != nil {
+		return m.Header
+	}
+	return nil
+}
+
+func (m *LeaderResponse) GetKv() *mvccpb.KeyValue {
+	if m != nil {
+		return m.Kv
+	}
+	return nil
+}
+
+type ResignRequest struct {
+	// leader is the leadership to relinquish by resignation.
+	Leader *LeaderKey `protobuf:"bytes,1,opt,name=leader" json:"leader,omitempty"`
+}
+
+func (m *ResignRequest) Reset()                    { *m = ResignRequest{} }
+func (m *ResignRequest) String() string            { return proto.CompactTextString(m) }
+func (*ResignRequest) ProtoMessage()               {}
+func (*ResignRequest) Descriptor() ([]byte, []int) { return fileDescriptorV3Election, []int{5} }
+
+func (m *ResignRequest) GetLeader() *LeaderKey {
+	if m != nil {
+		return m.Leader
+	}
+	return nil
+}
+
+type ResignResponse struct {
+	Header *etcdserverpb.ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
+}
+
+func (m *ResignResponse) Reset()                    { *m = ResignResponse{} }
+func (m *ResignResponse) String() string            { return proto.CompactTextString(m) }
+func (*ResignResponse) ProtoMessage()               {}
+func (*ResignResponse) Descriptor() ([]byte, []int) { return fileDescriptorV3Election, []int{6} }
+
+func (m *ResignResponse) GetHeader() *etcdserverpb.ResponseHeader {
+	if m != nil {
+		return m.Header
+	}
+	return nil
+}
+
+type ProclaimRequest struct {
+	// leader is the leadership hold on the election.
+	Leader *LeaderKey `protobuf:"bytes,1,opt,name=leader" json:"leader,omitempty"`
+	// value is an update meant to overwrite the leader's current value.
+	Value []byte `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
+}
+
+func (m *ProclaimRequest) Reset()                    { *m = ProclaimRequest{} }
+func (m *ProclaimRequest) String() string            { return proto.CompactTextString(m) }
+func (*ProclaimRequest) ProtoMessage()               {}
+func (*ProclaimRequest) Descriptor() ([]byte, []int) { return fileDescriptorV3Election, []int{7} }
+
+func (m *ProclaimRequest) GetLeader() *LeaderKey {
+	if m != nil {
+		return m.Leader
+	}
+	return nil
+}
+
+func (m *ProclaimRequest) GetValue() []byte {
+	if m != nil {
+		return m.Value
+	}
+	return nil
+}
+
+type ProclaimResponse struct {
+	Header *etcdserverpb.ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
+}
+
+func (m *ProclaimResponse) Reset()                    { *m = ProclaimResponse{} }
+func (m *ProclaimResponse) String() string            { return proto.CompactTextString(m) }
+func (*ProclaimResponse) ProtoMessage()               {}
+func (*ProclaimResponse) Descriptor() ([]byte, []int) { return fileDescriptorV3Election, []int{8} }
+
+func (m *ProclaimResponse) GetHeader() *etcdserverpb.ResponseHeader {
+	if m != nil {
+		return m.Header
+	}
+	return nil
+}
+
+func init() {
+	proto.RegisterType((*CampaignRequest)(nil), "v3electionpb.CampaignRequest")
+	proto.RegisterType((*CampaignResponse)(nil), "v3electionpb.CampaignResponse")
+	proto.RegisterType((*LeaderKey)(nil), "v3electionpb.LeaderKey")
+	proto.RegisterType((*LeaderRequest)(nil), "v3electionpb.LeaderRequest")
+	proto.RegisterType((*LeaderResponse)(nil), "v3electionpb.LeaderResponse")
+	proto.RegisterType((*ResignRequest)(nil), "v3electionpb.ResignRequest")
+	proto.RegisterType((*ResignResponse)(nil), "v3electionpb.ResignResponse")
+	proto.RegisterType((*ProclaimRequest)(nil), "v3electionpb.ProclaimRequest")
+	proto.RegisterType((*ProclaimResponse)(nil), "v3electionpb.ProclaimResponse")
+}
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ context.Context
+var _ grpc.ClientConn
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the grpc package it is being compiled against.
+const _ = grpc.SupportPackageIsVersion4
+
+// Client API for Election service
+
+type ElectionClient interface {
+	// Campaign waits to acquire leadership in an election, returning a LeaderKey
+	// representing the leadership if successful. The LeaderKey can then be used
+	// to issue new values on the election, transactionally guard API requests on
+	// leadership still being held, and resign from the election.
+	Campaign(ctx context.Context, in *CampaignRequest, opts ...grpc.CallOption) (*CampaignResponse, error)
+	// Proclaim updates the leader's posted value with a new value.
+	Proclaim(ctx context.Context, in *ProclaimRequest, opts ...grpc.CallOption) (*ProclaimResponse, error)
+	// Leader returns the current election proclamation, if any.
+	Leader(ctx context.Context, in *LeaderRequest, opts ...grpc.CallOption) (*LeaderResponse, error)
+	// Observe streams election proclamations in-order as made by the election's
+	// elected leaders.
+	Observe(ctx context.Context, in *LeaderRequest, opts ...grpc.CallOption) (Election_ObserveClient, error)
+	// Resign releases election leadership so other campaigners may acquire
+	// leadership on the election.
+	Resign(ctx context.Context, in *ResignRequest, opts ...grpc.CallOption) (*ResignResponse, error)
+}
+
+type electionClient struct {
+	cc *grpc.ClientConn
+}
+
+func NewElectionClient(cc *grpc.ClientConn) ElectionClient {
+	return &electionClient{cc}
+}
+
+func (c *electionClient) Campaign(ctx context.Context, in *CampaignRequest, opts ...grpc.CallOption) (*CampaignResponse, error) {
+	out := new(CampaignResponse)
+	err := grpc.Invoke(ctx, "/v3electionpb.Election/Campaign", in, out, c.cc, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *electionClient) Proclaim(ctx context.Context, in *ProclaimRequest, opts ...grpc.CallOption) (*ProclaimResponse, error) {
+	out := new(ProclaimResponse)
+	err := grpc.Invoke(ctx, "/v3electionpb.Election/Proclaim", in, out, c.cc, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *electionClient) Leader(ctx context.Context, in *LeaderRequest, opts ...grpc.CallOption) (*LeaderResponse, error) {
+	out := new(LeaderResponse)
+	err := grpc.Invoke(ctx, "/v3electionpb.Election/Leader", in, out, c.cc, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *electionClient) Observe(ctx context.Context, in *LeaderRequest, opts ...grpc.CallOption) (Election_ObserveClient, error) {
+	stream, err := grpc.NewClientStream(ctx, &_Election_serviceDesc.Streams[0], c.cc, "/v3electionpb.Election/Observe", opts...)
+	if err != nil {
+		return nil, err
+	}
+	x := &electionObserveClient{stream}
+	if err := x.ClientStream.SendMsg(in); err != nil {
+		return nil, err
+	}
+	if err := x.ClientStream.CloseSend(); err != nil {
+		return nil, err
+	}
+	return x, nil
+}
+
+type Election_ObserveClient interface {
+	Recv() (*LeaderResponse, error)
+	grpc.ClientStream
+}
+
+type electionObserveClient struct {
+	grpc.ClientStream
+}
+
+func (x *electionObserveClient) Recv() (*LeaderResponse, error) {
+	m := new(LeaderResponse)
+	if err := x.ClientStream.RecvMsg(m); err != nil {
+		return nil, err
+	}
+	return m, nil
+}
+
+func (c *electionClient) Resign(ctx context.Context, in *ResignRequest, opts ...grpc.CallOption) (*ResignResponse, error) {
+	out := new(ResignResponse)
+	err := grpc.Invoke(ctx, "/v3electionpb.Election/Resign", in, out, c.cc, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+// Server API for Election service
+
+type ElectionServer interface {
+	// Campaign waits to acquire leadership in an election, returning a LeaderKey
+	// representing the leadership if successful. The LeaderKey can then be used
+	// to issue new values on the election, transactionally guard API requests on
+	// leadership still being held, and resign from the election.
+	Campaign(context.Context, *CampaignRequest) (*CampaignResponse, error)
+	// Proclaim updates the leader's posted value with a new value.
+	Proclaim(context.Context, *ProclaimRequest) (*ProclaimResponse, error)
+	// Leader returns the current election proclamation, if any.
+	Leader(context.Context, *LeaderRequest) (*LeaderResponse, error)
+	// Observe streams election proclamations in-order as made by the election's
+	// elected leaders.
+	Observe(*LeaderRequest, Election_ObserveServer) error
+	// Resign releases election leadership so other campaigners may acquire
+	// leadership on the election.
+	Resign(context.Context, *ResignRequest) (*ResignResponse, error)
+}
+
+func RegisterElectionServer(s *grpc.Server, srv ElectionServer) {
+	s.RegisterService(&_Election_serviceDesc, srv)
+}
+
+func _Election_Campaign_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(CampaignRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(ElectionServer).Campaign(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/v3electionpb.Election/Campaign",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(ElectionServer).Campaign(ctx, req.(*CampaignRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+func _Election_Proclaim_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(ProclaimRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(ElectionServer).Proclaim(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/v3electionpb.Election/Proclaim",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(ElectionServer).Proclaim(ctx, req.(*ProclaimRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+func _Election_Leader_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(LeaderRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(ElectionServer).Leader(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/v3electionpb.Election/Leader",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(ElectionServer).Leader(ctx, req.(*LeaderRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+func _Election_Observe_Handler(srv interface{}, stream grpc.ServerStream) error {
+	m := new(LeaderRequest)
+	if err := stream.RecvMsg(m); err != nil {
+		return err
+	}
+	return srv.(ElectionServer).Observe(m, &electionObserveServer{stream})
+}
+
+type Election_ObserveServer interface {
+	Send(*LeaderResponse) error
+	grpc.ServerStream
+}
+
+type electionObserveServer struct {
+	grpc.ServerStream
+}
+
+func (x *electionObserveServer) Send(m *LeaderResponse) error {
+	return x.ServerStream.SendMsg(m)
+}
+
+func _Election_Resign_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(ResignRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(ElectionServer).Resign(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/v3electionpb.Election/Resign",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(ElectionServer).Resign(ctx, req.(*ResignRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+var _Election_serviceDesc = grpc.ServiceDesc{
+	ServiceName: "v3electionpb.Election",
+	HandlerType: (*ElectionServer)(nil),
+	Methods: []grpc.MethodDesc{
+		{
+			MethodName: "Campaign",
+			Handler:    _Election_Campaign_Handler,
+		},
+		{
+			MethodName: "Proclaim",
+			Handler:    _Election_Proclaim_Handler,
+		},
+		{
+			MethodName: "Leader",
+			Handler:    _Election_Leader_Handler,
+		},
+		{
+			MethodName: "Resign",
+			Handler:    _Election_Resign_Handler,
+		},
+	},
+	Streams: []grpc.StreamDesc{
+		{
+			StreamName:    "Observe",
+			Handler:       _Election_Observe_Handler,
+			ServerStreams: true,
+		},
+	},
+	Metadata: "v3election.proto",
+}
+
+func (m *CampaignRequest) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *CampaignRequest) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if len(m.Name) > 0 {
+		dAtA[i] = 0xa
+		i++
+		i = encodeVarintV3Election(dAtA, i, uint64(len(m.Name)))
+		i += copy(dAtA[i:], m.Name)
+	}
+	if m.Lease != 0 {
+		dAtA[i] = 0x10
+		i++
+		i = encodeVarintV3Election(dAtA, i, uint64(m.Lease))
+	}
+	if len(m.Value) > 0 {
+		dAtA[i] = 0x1a
+		i++
+		i = encodeVarintV3Election(dAtA, i, uint64(len(m.Value)))
+		i += copy(dAtA[i:], m.Value)
+	}
+	return i, nil
+}
+
+func (m *CampaignResponse) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *CampaignResponse) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if m.Header != nil {
+		dAtA[i] = 0xa
+		i++
+		i = encodeVarintV3Election(dAtA, i, uint64(m.Header.Size()))
+		n1, err := m.Header.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n1
+	}
+	if m.Leader != nil {
+		dAtA[i] = 0x12
+		i++
+		i = encodeVarintV3Election(dAtA, i, uint64(m.Leader.Size()))
+		n2, err := m.Leader.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n2
+	}
+	return i, nil
+}
+
+func (m *LeaderKey) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *LeaderKey) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if len(m.Name) > 0 {
+		dAtA[i] = 0xa
+		i++
+		i = encodeVarintV3Election(dAtA, i, uint64(len(m.Name)))
+		i += copy(dAtA[i:], m.Name)
+	}
+	if len(m.Key) > 0 {
+		dAtA[i] = 0x12
+		i++
+		i = encodeVarintV3Election(dAtA, i, uint64(len(m.Key)))
+		i += copy(dAtA[i:], m.Key)
+	}
+	if m.Rev != 0 {
+		dAtA[i] = 0x18
+		i++
+		i = encodeVarintV3Election(dAtA, i, uint64(m.Rev))
+	}
+	if m.Lease != 0 {
+		dAtA[i] = 0x20
+		i++
+		i = encodeVarintV3Election(dAtA, i, uint64(m.Lease))
+	}
+	return i, nil
+}
+
+func (m *LeaderRequest) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *LeaderRequest) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if len(m.Name) > 0 {
+		dAtA[i] = 0xa
+		i++
+		i = encodeVarintV3Election(dAtA, i, uint64(len(m.Name)))
+		i += copy(dAtA[i:], m.Name)
+	}
+	return i, nil
+}
+
+func (m *LeaderResponse) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *LeaderResponse) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if m.Header != nil {
+		dAtA[i] = 0xa
+		i++
+		i = encodeVarintV3Election(dAtA, i, uint64(m.Header.Size()))
+		n3, err := m.Header.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n3
+	}
+	if m.Kv != nil {
+		dAtA[i] = 0x12
+		i++
+		i = encodeVarintV3Election(dAtA, i, uint64(m.Kv.Size()))
+		n4, err := m.Kv.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n4
+	}
+	return i, nil
+}
+
+func (m *ResignRequest) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ResignRequest) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if m.Leader != nil {
+		dAtA[i] = 0xa
+		i++
+		i = encodeVarintV3Election(dAtA, i, uint64(m.Leader.Size()))
+		n5, err := m.Leader.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n5
+	}
+	return i, nil
+}
+
+func (m *ResignResponse) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ResignResponse) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if m.Header != nil {
+		dAtA[i] = 0xa
+		i++
+		i = encodeVarintV3Election(dAtA, i, uint64(m.Header.Size()))
+		n6, err := m.Header.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n6
+	}
+	return i, nil
+}
+
+func (m *ProclaimRequest) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ProclaimRequest) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if m.Leader != nil {
+		dAtA[i] = 0xa
+		i++
+		i = encodeVarintV3Election(dAtA, i, uint64(m.Leader.Size()))
+		n7, err := m.Leader.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n7
+	}
+	if len(m.Value) > 0 {
+		dAtA[i] = 0x12
+		i++
+		i = encodeVarintV3Election(dAtA, i, uint64(len(m.Value)))
+		i += copy(dAtA[i:], m.Value)
+	}
+	return i, nil
+}
+
+func (m *ProclaimResponse) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ProclaimResponse) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if m.Header != nil {
+		dAtA[i] = 0xa
+		i++
+		i = encodeVarintV3Election(dAtA, i, uint64(m.Header.Size()))
+		n8, err := m.Header.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n8
+	}
+	return i, nil
+}
+
+func encodeFixed64V3Election(dAtA []byte, offset int, v uint64) int {
+	dAtA[offset] = uint8(v)
+	dAtA[offset+1] = uint8(v >> 8)
+	dAtA[offset+2] = uint8(v >> 16)
+	dAtA[offset+3] = uint8(v >> 24)
+	dAtA[offset+4] = uint8(v >> 32)
+	dAtA[offset+5] = uint8(v >> 40)
+	dAtA[offset+6] = uint8(v >> 48)
+	dAtA[offset+7] = uint8(v >> 56)
+	return offset + 8
+}
+func encodeFixed32V3Election(dAtA []byte, offset int, v uint32) int {
+	dAtA[offset] = uint8(v)
+	dAtA[offset+1] = uint8(v >> 8)
+	dAtA[offset+2] = uint8(v >> 16)
+	dAtA[offset+3] = uint8(v >> 24)
+	return offset + 4
+}
+func encodeVarintV3Election(dAtA []byte, offset int, v uint64) int {
+	for v >= 1<<7 {
+		dAtA[offset] = uint8(v&0x7f | 0x80)
+		v >>= 7
+		offset++
+	}
+	dAtA[offset] = uint8(v)
+	return offset + 1
+}
+func (m *CampaignRequest) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.Name)
+	if l > 0 {
+		n += 1 + l + sovV3Election(uint64(l))
+	}
+	if m.Lease != 0 {
+		n += 1 + sovV3Election(uint64(m.Lease))
+	}
+	l = len(m.Value)
+	if l > 0 {
+		n += 1 + l + sovV3Election(uint64(l))
+	}
+	return n
+}
+
+func (m *CampaignResponse) Size() (n int) {
+	var l int
+	_ = l
+	if m.Header != nil {
+		l = m.Header.Size()
+		n += 1 + l + sovV3Election(uint64(l))
+	}
+	if m.Leader != nil {
+		l = m.Leader.Size()
+		n += 1 + l + sovV3Election(uint64(l))
+	}
+	return n
+}
+
+func (m *LeaderKey) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.Name)
+	if l > 0 {
+		n += 1 + l + sovV3Election(uint64(l))
+	}
+	l = len(m.Key)
+	if l > 0 {
+		n += 1 + l + sovV3Election(uint64(l))
+	}
+	if m.Rev != 0 {
+		n += 1 + sovV3Election(uint64(m.Rev))
+	}
+	if m.Lease != 0 {
+		n += 1 + sovV3Election(uint64(m.Lease))
+	}
+	return n
+}
+
+func (m *LeaderRequest) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.Name)
+	if l > 0 {
+		n += 1 + l + sovV3Election(uint64(l))
+	}
+	return n
+}
+
+func (m *LeaderResponse) Size() (n int) {
+	var l int
+	_ = l
+	if m.Header != nil {
+		l = m.Header.Size()
+		n += 1 + l + sovV3Election(uint64(l))
+	}
+	if m.Kv != nil {
+		l = m.Kv.Size()
+		n += 1 + l + sovV3Election(uint64(l))
+	}
+	return n
+}
+
+func (m *ResignRequest) Size() (n int) {
+	var l int
+	_ = l
+	if m.Leader != nil {
+		l = m.Leader.Size()
+		n += 1 + l + sovV3Election(uint64(l))
+	}
+	return n
+}
+
+func (m *ResignResponse) Size() (n int) {
+	var l int
+	_ = l
+	if m.Header != nil {
+		l = m.Header.Size()
+		n += 1 + l + sovV3Election(uint64(l))
+	}
+	return n
+}
+
+func (m *ProclaimRequest) Size() (n int) {
+	var l int
+	_ = l
+	if m.Leader != nil {
+		l = m.Leader.Size()
+		n += 1 + l + sovV3Election(uint64(l))
+	}
+	l = len(m.Value)
+	if l > 0 {
+		n += 1 + l + sovV3Election(uint64(l))
+	}
+	return n
+}
+
+func (m *ProclaimResponse) Size() (n int) {
+	var l int
+	_ = l
+	if m.Header != nil {
+		l = m.Header.Size()
+		n += 1 + l + sovV3Election(uint64(l))
+	}
+	return n
+}
+
+func sovV3Election(x uint64) (n int) {
+	for {
+		n++
+		x >>= 7
+		if x == 0 {
+			break
+		}
+	}
+	return n
+}
+func sozV3Election(x uint64) (n int) {
+	return sovV3Election(uint64((x << 1) ^ uint64((int64(x) >> 63))))
+}
+func (m *CampaignRequest) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowV3Election
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: CampaignRequest: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: CampaignRequest: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var byteLen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Election
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				byteLen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if byteLen < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			postIndex := iNdEx + byteLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = append(m.Name[:0], dAtA[iNdEx:postIndex]...)
+			if m.Name == nil {
+				m.Name = []byte{}
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Lease", wireType)
+			}
+			m.Lease = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Election
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Lease |= (int64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType)
+			}
+			var byteLen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Election
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				byteLen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if byteLen < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			postIndex := iNdEx + byteLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Value = append(m.Value[:0], dAtA[iNdEx:postIndex]...)
+			if m.Value == nil {
+				m.Value = []byte{}
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipV3Election(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *CampaignResponse) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowV3Election
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: CampaignResponse: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: CampaignResponse: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Header", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Election
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Header == nil {
+				m.Header = &etcdserverpb.ResponseHeader{}
+			}
+			if err := m.Header.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Leader", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Election
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Leader == nil {
+				m.Leader = &LeaderKey{}
+			}
+			if err := m.Leader.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipV3Election(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *LeaderKey) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowV3Election
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: LeaderKey: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: LeaderKey: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var byteLen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Election
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				byteLen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if byteLen < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			postIndex := iNdEx + byteLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = append(m.Name[:0], dAtA[iNdEx:postIndex]...)
+			if m.Name == nil {
+				m.Name = []byte{}
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Key", wireType)
+			}
+			var byteLen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Election
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				byteLen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if byteLen < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			postIndex := iNdEx + byteLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Key = append(m.Key[:0], dAtA[iNdEx:postIndex]...)
+			if m.Key == nil {
+				m.Key = []byte{}
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Rev", wireType)
+			}
+			m.Rev = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Election
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Rev |= (int64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		case 4:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Lease", wireType)
+			}
+			m.Lease = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Election
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Lease |= (int64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		default:
+			iNdEx = preIndex
+			skippy, err := skipV3Election(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *LeaderRequest) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowV3Election
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: LeaderRequest: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: LeaderRequest: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var byteLen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Election
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				byteLen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if byteLen < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			postIndex := iNdEx + byteLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = append(m.Name[:0], dAtA[iNdEx:postIndex]...)
+			if m.Name == nil {
+				m.Name = []byte{}
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipV3Election(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *LeaderResponse) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowV3Election
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: LeaderResponse: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: LeaderResponse: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Header", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Election
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Header == nil {
+				m.Header = &etcdserverpb.ResponseHeader{}
+			}
+			if err := m.Header.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Kv", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Election
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Kv == nil {
+				m.Kv = &mvccpb.KeyValue{}
+			}
+			if err := m.Kv.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipV3Election(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ResignRequest) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowV3Election
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ResignRequest: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ResignRequest: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Leader", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Election
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Leader == nil {
+				m.Leader = &LeaderKey{}
+			}
+			if err := m.Leader.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipV3Election(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ResignResponse) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowV3Election
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ResignResponse: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ResignResponse: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Header", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Election
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Header == nil {
+				m.Header = &etcdserverpb.ResponseHeader{}
+			}
+			if err := m.Header.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipV3Election(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ProclaimRequest) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowV3Election
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ProclaimRequest: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ProclaimRequest: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Leader", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Election
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Leader == nil {
+				m.Leader = &LeaderKey{}
+			}
+			if err := m.Leader.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType)
+			}
+			var byteLen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Election
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				byteLen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if byteLen < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			postIndex := iNdEx + byteLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Value = append(m.Value[:0], dAtA[iNdEx:postIndex]...)
+			if m.Value == nil {
+				m.Value = []byte{}
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipV3Election(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ProclaimResponse) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowV3Election
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ProclaimResponse: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ProclaimResponse: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Header", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Election
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Header == nil {
+				m.Header = &etcdserverpb.ResponseHeader{}
+			}
+			if err := m.Header.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipV3Election(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthV3Election
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func skipV3Election(dAtA []byte) (n int, err error) {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return 0, ErrIntOverflowV3Election
+			}
+			if iNdEx >= l {
+				return 0, io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		wireType := int(wire & 0x7)
+		switch wireType {
+		case 0:
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return 0, ErrIntOverflowV3Election
+				}
+				if iNdEx >= l {
+					return 0, io.ErrUnexpectedEOF
+				}
+				iNdEx++
+				if dAtA[iNdEx-1] < 0x80 {
+					break
+				}
+			}
+			return iNdEx, nil
+		case 1:
+			iNdEx += 8
+			return iNdEx, nil
+		case 2:
+			var length int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return 0, ErrIntOverflowV3Election
+				}
+				if iNdEx >= l {
+					return 0, io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				length |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			iNdEx += length
+			if length < 0 {
+				return 0, ErrInvalidLengthV3Election
+			}
+			return iNdEx, nil
+		case 3:
+			for {
+				var innerWire uint64
+				var start int = iNdEx
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return 0, ErrIntOverflowV3Election
+					}
+					if iNdEx >= l {
+						return 0, io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					innerWire |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				innerWireType := int(innerWire & 0x7)
+				if innerWireType == 4 {
+					break
+				}
+				next, err := skipV3Election(dAtA[start:])
+				if err != nil {
+					return 0, err
+				}
+				iNdEx = start + next
+			}
+			return iNdEx, nil
+		case 4:
+			return iNdEx, nil
+		case 5:
+			iNdEx += 4
+			return iNdEx, nil
+		default:
+			return 0, fmt.Errorf("proto: illegal wireType %d", wireType)
+		}
+	}
+	panic("unreachable")
+}
+
+var (
+	ErrInvalidLengthV3Election = fmt.Errorf("proto: negative length found during unmarshaling")
+	ErrIntOverflowV3Election   = fmt.Errorf("proto: integer overflow")
+)
+
+func init() { proto.RegisterFile("v3election.proto", fileDescriptorV3Election) }
+
+var fileDescriptorV3Election = []byte{
+	// 540 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x54, 0xc1, 0x6e, 0xd3, 0x40,
+	0x10, 0x65, 0x9d, 0x10, 0xca, 0x90, 0xb6, 0x96, 0x55, 0x89, 0x34, 0xa4, 0x26, 0xda, 0x02, 0xaa,
+	0x72, 0xf0, 0xa2, 0x86, 0x53, 0x4e, 0x08, 0x04, 0xaa, 0x54, 0x24, 0xc0, 0x07, 0x04, 0xc7, 0x8d,
+	0x3b, 0x4a, 0xa2, 0x38, 0xde, 0xc5, 0x4e, 0x2d, 0xe5, 0xca, 0x2f, 0x70, 0xe1, 0x33, 0xf8, 0x0c,
+	0x8e, 0x48, 0xfc, 0x00, 0x0a, 0x7c, 0x08, 0xda, 0x5d, 0x1b, 0x3b, 0x6e, 0x88, 0x50, 0x73, 0xb1,
+	0xc6, 0x33, 0xcf, 0xf3, 0xe6, 0xbd, 0x9d, 0x35, 0xd8, 0x69, 0x1f, 0x43, 0x0c, 0xe6, 0x13, 0x11,
+	0x79, 0x32, 0x16, 0x73, 0xe1, 0x34, 0x8b, 0x8c, 0x1c, 0xb6, 0x0f, 0x46, 0x62, 0x24, 0x74, 0x81,
+	0xa9, 0xc8, 0x60, 0xda, 0x8f, 0x70, 0x1e, 0x5c, 0x30, 0xf5, 0x48, 0x30, 0x4e, 0x31, 0x2e, 0x85,
+	0x72, 0xc8, 0x62, 0x19, 0x64, 0xb8, 0x43, 0x8d, 0x9b, 0xa5, 0x41, 0xa0, 0x1f, 0x72, 0xc8, 0xa6,
+	0x69, 0x56, 0xea, 0x8c, 0x84, 0x18, 0x85, 0xc8, 0xb8, 0x9c, 0x30, 0x1e, 0x45, 0x62, 0xce, 0x15,
+	0x63, 0x62, 0xaa, 0xf4, 0x2d, 0xec, 0x3f, 0xe7, 0x33, 0xc9, 0x27, 0xa3, 0xc8, 0xc7, 0x8f, 0x97,
+	0x98, 0xcc, 0x1d, 0x07, 0xea, 0x11, 0x9f, 0x61, 0x8b, 0x74, 0xc9, 0x49, 0xd3, 0xd7, 0xb1, 0x73,
+	0x00, 0x37, 0x43, 0xe4, 0x09, 0xb6, 0xac, 0x2e, 0x39, 0xa9, 0xf9, 0xe6, 0x45, 0x65, 0x53, 0x1e,
+	0x5e, 0x62, 0xab, 0xa6, 0xa1, 0xe6, 0x85, 0x2e, 0xc0, 0x2e, 0x5a, 0x26, 0x52, 0x44, 0x09, 0x3a,
+	0x4f, 0xa0, 0x31, 0x46, 0x7e, 0x81, 0xb1, 0xee, 0x7a, 0xe7, 0xb4, 0xe3, 0x95, 0x85, 0x78, 0x39,
+	0xee, 0x4c, 0x63, 0xfc, 0x0c, 0xeb, 0x30, 0x68, 0x84, 0xe6, 0x2b, 0x4b, 0x7f, 0x75, 0xd7, 0x2b,
+	0x5b, 0xe6, 0xbd, 0xd2, 0xb5, 0x73, 0x5c, 0xf8, 0x19, 0x8c, 0x7e, 0x80, 0xdb, 0x7f, 0x93, 0x6b,
+	0x75, 0xd8, 0x50, 0x9b, 0xe2, 0x42, 0xb7, 0x6b, 0xfa, 0x2a, 0x54, 0x99, 0x18, 0x53, 0xad, 0xa0,
+	0xe6, 0xab, 0xb0, 0xd0, 0x5a, 0x2f, 0x69, 0xa5, 0xc7, 0xb0, 0x6b, 0x5a, 0x6f, 0xb0, 0x89, 0x8e,
+	0x61, 0x2f, 0x07, 0x6d, 0x25, 0xbc, 0x0b, 0xd6, 0x34, 0xcd, 0x44, 0xdb, 0x9e, 0x39, 0x51, 0xef,
+	0x1c, 0x17, 0xef, 0x94, 0xc1, 0xbe, 0x35, 0x4d, 0xe9, 0x53, 0xd8, 0xf5, 0x31, 0x29, 0x9d, 0x5a,
+	0xe1, 0x15, 0xf9, 0x3f, 0xaf, 0x5e, 0xc2, 0x5e, 0xde, 0x61, 0x9b, 0x59, 0xe9, 0x7b, 0xd8, 0x7f,
+	0x13, 0x8b, 0x20, 0xe4, 0x93, 0xd9, 0x75, 0x67, 0x29, 0x16, 0xc9, 0x2a, 0x2f, 0xd2, 0x19, 0xd8,
+	0x45, 0xe7, 0x6d, 0x66, 0x3c, 0xfd, 0x5a, 0x87, 0x9d, 0x17, 0xd9, 0x00, 0x8e, 0x84, 0x9d, 0x7c,
+	0x3f, 0x9d, 0xa3, 0xd5, 0xc9, 0x2a, 0x57, 0xa1, 0xed, 0xfe, 0xab, 0x6c, 0x58, 0xe8, 0xc3, 0x4f,
+	0x3f, 0x7e, 0x7f, 0xb6, 0xee, 0xd3, 0x36, 0x4b, 0xfb, 0x3c, 0x94, 0x63, 0xce, 0x72, 0x34, 0x0b,
+	0x32, 0xec, 0x80, 0xf4, 0x14, 0x63, 0x2e, 0xa4, 0xca, 0x58, 0xb1, 0xae, 0xca, 0x58, 0xd5, 0xbf,
+	0x89, 0x51, 0x66, 0x58, 0xc5, 0x38, 0x86, 0x86, 0x71, 0xd9, 0xb9, 0xb7, 0xce, 0xfb, 0x9c, 0xad,
+	0xb3, 0xbe, 0x98, 0x71, 0x1d, 0x6b, 0xae, 0x23, 0xda, 0xba, 0xca, 0x65, 0xce, 0x4d, 0x31, 0x85,
+	0x70, 0xeb, 0xf5, 0x50, 0xfb, 0xbf, 0x0d, 0xd5, 0x03, 0x4d, 0xe5, 0xd2, 0xc3, 0xab, 0x54, 0xc2,
+	0x74, 0x1f, 0x90, 0xde, 0x63, 0xa2, 0x74, 0x99, 0xa5, 0xad, 0x92, 0xad, 0x5c, 0x86, 0x2a, 0xd9,
+	0xea, 0x9e, 0x6f, 0xd2, 0x15, 0x6b, 0xe4, 0x80, 0xf4, 0x9e, 0xd9, 0xdf, 0x96, 0x2e, 0xf9, 0xbe,
+	0x74, 0xc9, 0xcf, 0xa5, 0x4b, 0xbe, 0xfc, 0x72, 0x6f, 0x0c, 0x1b, 0xfa, 0x8f, 0xd9, 0xff, 0x13,
+	0x00, 0x00, 0xff, 0xff, 0xfc, 0x4d, 0x5a, 0x40, 0xca, 0x05, 0x00, 0x00,
+}
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3election/v3electionpb/v3election.proto b/vendor/github.com/coreos/etcd/etcdserver/api/v3election/v3electionpb/v3election.proto
new file mode 100644
index 000000000000..ebf6c88f7fa3
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3election/v3electionpb/v3election.proto
@@ -0,0 +1,119 @@
+syntax = "proto3";
+package v3electionpb;
+
+import "gogoproto/gogo.proto";
+import "etcd/etcdserver/etcdserverpb/rpc.proto";
+import "etcd/mvcc/mvccpb/kv.proto";
+
+// for grpc-gateway
+import "google/api/annotations.proto";
+
+option (gogoproto.marshaler_all) = true;
+option (gogoproto.unmarshaler_all) = true;
+
+// The election service exposes client-side election facilities as a gRPC interface.
+service Election {
+  // Campaign waits to acquire leadership in an election, returning a LeaderKey
+  // representing the leadership if successful. The LeaderKey can then be used
+  // to issue new values on the election, transactionally guard API requests on
+  // leadership still being held, and resign from the election.
+  rpc Campaign(CampaignRequest) returns (CampaignResponse) {
+      option (google.api.http) = {
+        post: "/v3alpha/election/campaign"
+        body: "*"
+    };
+  }
+  // Proclaim updates the leader's posted value with a new value.
+  rpc Proclaim(ProclaimRequest) returns (ProclaimResponse) {
+      option (google.api.http) = {
+        post: "/v3alpha/election/proclaim"
+        body: "*"
+    };
+  }
+  // Leader returns the current election proclamation, if any.
+  rpc Leader(LeaderRequest) returns (LeaderResponse) {
+      option (google.api.http) = {
+        post: "/v3alpha/election/leader"
+        body: "*"
+    };
+  }
+  // Observe streams election proclamations in-order as made by the election's
+  // elected leaders.
+  rpc Observe(LeaderRequest) returns (stream LeaderResponse) {
+      option (google.api.http) = {
+        post: "/v3alpha/election/observe"
+        body: "*"
+    };
+  }
+  // Resign releases election leadership so other campaigners may acquire
+  // leadership on the election.
+  rpc Resign(ResignRequest) returns (ResignResponse) {
+      option (google.api.http) = {
+        post: "/v3alpha/election/resign"
+        body: "*"
+    };
+  }
+}
+
+message CampaignRequest {
+  // name is the election's identifier for the campaign.
+  bytes name = 1;
+  // lease is the ID of the lease attached to leadership of the election. If the
+  // lease expires or is revoked before resigning leadership, then the
+  // leadership is transferred to the next campaigner, if any.
+  int64 lease = 2;
+  // value is the initial proclaimed value set when the campaigner wins the
+  // election.
+  bytes value = 3;
+}
+
+message CampaignResponse {
+  etcdserverpb.ResponseHeader header = 1;
+  // leader describes the resources used for holding leadereship of the election.
+  LeaderKey leader = 2;
+}
+
+message LeaderKey {
+  // name is the election identifier that correponds to the leadership key.
+  bytes name = 1;
+  // key is an opaque key representing the ownership of the election. If the key
+  // is deleted, then leadership is lost.
+  bytes key = 2;
+  // rev is the creation revision of the key. It can be used to test for ownership
+  // of an election during transactions by testing the key's creation revision
+  // matches rev.
+  int64 rev = 3;
+  // lease is the lease ID of the election leader.
+  int64 lease = 4;
+}
+
+message LeaderRequest {
+  // name is the election identifier for the leadership information.
+  bytes name = 1;
+}
+
+message LeaderResponse {
+  etcdserverpb.ResponseHeader header = 1;
+  // kv is the key-value pair representing the latest leader update.
+  mvccpb.KeyValue kv = 2;
+}
+
+message ResignRequest {
+  // leader is the leadership to relinquish by resignation.
+  LeaderKey leader = 1;
+}
+
+message ResignResponse {
+  etcdserverpb.ResponseHeader header = 1;
+}
+
+message ProclaimRequest {
+  // leader is the leadership hold on the election.
+  LeaderKey leader = 1;
+  // value is an update meant to overwrite the leader's current value.
+  bytes value = 2;
+}
+
+message ProclaimResponse {
+  etcdserverpb.ResponseHeader header = 1;
+}
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3lock/doc.go b/vendor/github.com/coreos/etcd/etcdserver/api/v3lock/doc.go
new file mode 100644
index 000000000000..e0a1008abc9e
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3lock/doc.go
@@ -0,0 +1,16 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package v3lock provides a v3 locking service from an etcdserver.
+package v3lock
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3lock/lock.go b/vendor/github.com/coreos/etcd/etcdserver/api/v3lock/lock.go
new file mode 100644
index 000000000000..66465bf13f62
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3lock/lock.go
@@ -0,0 +1,56 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package v3lock
+
+import (
+	"golang.org/x/net/context"
+
+	"github.com/coreos/etcd/clientv3"
+	"github.com/coreos/etcd/clientv3/concurrency"
+	"github.com/coreos/etcd/etcdserver/api/v3lock/v3lockpb"
+)
+
+type lockServer struct {
+	c *clientv3.Client
+}
+
+func NewLockServer(c *clientv3.Client) v3lockpb.LockServer {
+	return &lockServer{c}
+}
+
+func (ls *lockServer) Lock(ctx context.Context, req *v3lockpb.LockRequest) (*v3lockpb.LockResponse, error) {
+	s, err := concurrency.NewSession(
+		ls.c,
+		concurrency.WithLease(clientv3.LeaseID(req.Lease)),
+		concurrency.WithContext(ctx),
+	)
+	if err != nil {
+		return nil, err
+	}
+	s.Orphan()
+	m := concurrency.NewMutex(s, string(req.Name))
+	if err = m.Lock(ctx); err != nil {
+		return nil, err
+	}
+	return &v3lockpb.LockResponse{Header: m.Header(), Key: []byte(m.Key())}, nil
+}
+
+func (ls *lockServer) Unlock(ctx context.Context, req *v3lockpb.UnlockRequest) (*v3lockpb.UnlockResponse, error) {
+	resp, err := ls.c.Delete(ctx, string(req.Key))
+	if err != nil {
+		return nil, err
+	}
+	return &v3lockpb.UnlockResponse{Header: resp.Header}, nil
+}
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3lock/v3lockpb/gw/v3lock.pb.gw.go b/vendor/github.com/coreos/etcd/etcdserver/api/v3lock/v3lockpb/gw/v3lock.pb.gw.go
new file mode 100644
index 000000000000..5aef4756dfe7
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3lock/v3lockpb/gw/v3lock.pb.gw.go
@@ -0,0 +1,167 @@
+// Code generated by protoc-gen-grpc-gateway. DO NOT EDIT.
+// source: etcdserver/api/v3lock/v3lockpb/v3lock.proto
+
+/*
+Package v3lockpb is a reverse proxy.
+
+It translates gRPC into RESTful JSON APIs.
+*/
+package gw
+
+import (
+	"github.com/coreos/etcd/etcdserver/api/v3lock/v3lockpb"
+	"io"
+	"net/http"
+
+	"github.com/golang/protobuf/proto"
+	"github.com/grpc-ecosystem/grpc-gateway/runtime"
+	"github.com/grpc-ecosystem/grpc-gateway/utilities"
+	"golang.org/x/net/context"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/grpclog"
+	"google.golang.org/grpc/status"
+)
+
+var _ codes.Code
+var _ io.Reader
+var _ status.Status
+var _ = runtime.String
+var _ = utilities.NewDoubleArray
+
+func request_Lock_Lock_0(ctx context.Context, marshaler runtime.Marshaler, client v3lockpb.LockClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq v3lockpb.LockRequest
+	var metadata runtime.ServerMetadata
+
+	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
+	}
+
+	msg, err := client.Lock(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
+	return msg, metadata, err
+
+}
+
+func request_Lock_Unlock_0(ctx context.Context, marshaler runtime.Marshaler, client v3lockpb.LockClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq v3lockpb.UnlockRequest
+	var metadata runtime.ServerMetadata
+
+	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
+	}
+
+	msg, err := client.Unlock(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
+	return msg, metadata, err
+
+}
+
+// RegisterLockHandlerFromEndpoint is same as RegisterLockHandler but
+// automatically dials to "endpoint" and closes the connection when "ctx" gets done.
+func RegisterLockHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, opts []grpc.DialOption) (err error) {
+	conn, err := grpc.Dial(endpoint, opts...)
+	if err != nil {
+		return err
+	}
+	defer func() {
+		if err != nil {
+			if cerr := conn.Close(); cerr != nil {
+				grpclog.Printf("Failed to close conn to %s: %v", endpoint, cerr)
+			}
+			return
+		}
+		go func() {
+			<-ctx.Done()
+			if cerr := conn.Close(); cerr != nil {
+				grpclog.Printf("Failed to close conn to %s: %v", endpoint, cerr)
+			}
+		}()
+	}()
+
+	return RegisterLockHandler(ctx, mux, conn)
+}
+
+// RegisterLockHandler registers the http handlers for service Lock to "mux".
+// The handlers forward requests to the grpc endpoint over "conn".
+func RegisterLockHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error {
+	return RegisterLockHandlerClient(ctx, mux, v3lockpb.NewLockClient(conn))
+}
+
+// RegisterLockHandler registers the http handlers for service Lock to "mux".
+// The handlers forward requests to the grpc endpoint over the given implementation of "LockClient".
+// Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "LockClient"
+// doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in
+// "LockClient" to call the correct interceptors.
+func RegisterLockHandlerClient(ctx context.Context, mux *runtime.ServeMux, client v3lockpb.LockClient) error {
+
+	mux.Handle("POST", pattern_Lock_Lock_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
+		ctx, cancel := context.WithCancel(ctx)
+		defer cancel()
+		if cn, ok := w.(http.CloseNotifier); ok {
+			go func(done <-chan struct{}, closed <-chan bool) {
+				select {
+				case <-done:
+				case <-closed:
+					cancel()
+				}
+			}(ctx.Done(), cn.CloseNotify())
+		}
+		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
+		if err != nil {
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
+		}
+		resp, md, err := request_Lock_Lock_0(rctx, inboundMarshaler, client, req, pathParams)
+		ctx = runtime.NewServerMetadataContext(ctx, md)
+		if err != nil {
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
+		}
+
+		forward_Lock_Lock_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+
+	})
+
+	mux.Handle("POST", pattern_Lock_Unlock_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
+		ctx, cancel := context.WithCancel(ctx)
+		defer cancel()
+		if cn, ok := w.(http.CloseNotifier); ok {
+			go func(done <-chan struct{}, closed <-chan bool) {
+				select {
+				case <-done:
+				case <-closed:
+					cancel()
+				}
+			}(ctx.Done(), cn.CloseNotify())
+		}
+		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
+		if err != nil {
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
+		}
+		resp, md, err := request_Lock_Unlock_0(rctx, inboundMarshaler, client, req, pathParams)
+		ctx = runtime.NewServerMetadataContext(ctx, md)
+		if err != nil {
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
+		}
+
+		forward_Lock_Unlock_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+
+	})
+
+	return nil
+}
+
+var (
+	pattern_Lock_Lock_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 1}, []string{"v3alpha", "lock"}, ""))
+
+	pattern_Lock_Unlock_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2}, []string{"v3alpha", "lock", "unlock"}, ""))
+)
+
+var (
+	forward_Lock_Lock_0 = runtime.ForwardResponseMessage
+
+	forward_Lock_Unlock_0 = runtime.ForwardResponseMessage
+)
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3lock/v3lockpb/v3lock.pb.go b/vendor/github.com/coreos/etcd/etcdserver/api/v3lock/v3lockpb/v3lock.pb.go
new file mode 100644
index 000000000000..dcf2bad4019c
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3lock/v3lockpb/v3lock.pb.go
@@ -0,0 +1,978 @@
+// Code generated by protoc-gen-gogo.
+// source: v3lock.proto
+// DO NOT EDIT!
+
+/*
+	Package v3lockpb is a generated protocol buffer package.
+
+	It is generated from these files:
+		v3lock.proto
+
+	It has these top-level messages:
+		LockRequest
+		LockResponse
+		UnlockRequest
+		UnlockResponse
+*/
+package v3lockpb
+
+import (
+	"fmt"
+
+	proto "github.com/golang/protobuf/proto"
+
+	math "math"
+
+	etcdserverpb "github.com/coreos/etcd/etcdserver/etcdserverpb"
+
+	_ "google.golang.org/genproto/googleapis/api/annotations"
+
+	context "golang.org/x/net/context"
+
+	grpc "google.golang.org/grpc"
+
+	io "io"
+)
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = fmt.Errorf
+var _ = math.Inf
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the proto package it is being compiled against.
+// A compilation error at this line likely means your copy of the
+// proto package needs to be updated.
+const _ = proto.ProtoPackageIsVersion2 // please upgrade the proto package
+
+type LockRequest struct {
+	// name is the identifier for the distributed shared lock to be acquired.
+	Name []byte `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
+	// lease is the ID of the lease that will be attached to ownership of the
+	// lock. If the lease expires or is revoked and currently holds the lock,
+	// the lock is automatically released. Calls to Lock with the same lease will
+	// be treated as a single acquistion; locking twice with the same lease is a
+	// no-op.
+	Lease int64 `protobuf:"varint,2,opt,name=lease,proto3" json:"lease,omitempty"`
+}
+
+func (m *LockRequest) Reset()                    { *m = LockRequest{} }
+func (m *LockRequest) String() string            { return proto.CompactTextString(m) }
+func (*LockRequest) ProtoMessage()               {}
+func (*LockRequest) Descriptor() ([]byte, []int) { return fileDescriptorV3Lock, []int{0} }
+
+func (m *LockRequest) GetName() []byte {
+	if m != nil {
+		return m.Name
+	}
+	return nil
+}
+
+func (m *LockRequest) GetLease() int64 {
+	if m != nil {
+		return m.Lease
+	}
+	return 0
+}
+
+type LockResponse struct {
+	Header *etcdserverpb.ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
+	// key is a key that will exist on etcd for the duration that the Lock caller
+	// owns the lock. Users should not modify this key or the lock may exhibit
+	// undefined behavior.
+	Key []byte `protobuf:"bytes,2,opt,name=key,proto3" json:"key,omitempty"`
+}
+
+func (m *LockResponse) Reset()                    { *m = LockResponse{} }
+func (m *LockResponse) String() string            { return proto.CompactTextString(m) }
+func (*LockResponse) ProtoMessage()               {}
+func (*LockResponse) Descriptor() ([]byte, []int) { return fileDescriptorV3Lock, []int{1} }
+
+func (m *LockResponse) GetHeader() *etcdserverpb.ResponseHeader {
+	if m != nil {
+		return m.Header
+	}
+	return nil
+}
+
+func (m *LockResponse) GetKey() []byte {
+	if m != nil {
+		return m.Key
+	}
+	return nil
+}
+
+type UnlockRequest struct {
+	// key is the lock ownership key granted by Lock.
+	Key []byte `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
+}
+
+func (m *UnlockRequest) Reset()                    { *m = UnlockRequest{} }
+func (m *UnlockRequest) String() string            { return proto.CompactTextString(m) }
+func (*UnlockRequest) ProtoMessage()               {}
+func (*UnlockRequest) Descriptor() ([]byte, []int) { return fileDescriptorV3Lock, []int{2} }
+
+func (m *UnlockRequest) GetKey() []byte {
+	if m != nil {
+		return m.Key
+	}
+	return nil
+}
+
+type UnlockResponse struct {
+	Header *etcdserverpb.ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
+}
+
+func (m *UnlockResponse) Reset()                    { *m = UnlockResponse{} }
+func (m *UnlockResponse) String() string            { return proto.CompactTextString(m) }
+func (*UnlockResponse) ProtoMessage()               {}
+func (*UnlockResponse) Descriptor() ([]byte, []int) { return fileDescriptorV3Lock, []int{3} }
+
+func (m *UnlockResponse) GetHeader() *etcdserverpb.ResponseHeader {
+	if m != nil {
+		return m.Header
+	}
+	return nil
+}
+
+func init() {
+	proto.RegisterType((*LockRequest)(nil), "v3lockpb.LockRequest")
+	proto.RegisterType((*LockResponse)(nil), "v3lockpb.LockResponse")
+	proto.RegisterType((*UnlockRequest)(nil), "v3lockpb.UnlockRequest")
+	proto.RegisterType((*UnlockResponse)(nil), "v3lockpb.UnlockResponse")
+}
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ context.Context
+var _ grpc.ClientConn
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the grpc package it is being compiled against.
+const _ = grpc.SupportPackageIsVersion4
+
+// Client API for Lock service
+
+type LockClient interface {
+	// Lock acquires a distributed shared lock on a given named lock.
+	// On success, it will return a unique key that exists so long as the
+	// lock is held by the caller. This key can be used in conjunction with
+	// transactions to safely ensure updates to etcd only occur while holding
+	// lock ownership. The lock is held until Unlock is called on the key or the
+	// lease associate with the owner expires.
+	Lock(ctx context.Context, in *LockRequest, opts ...grpc.CallOption) (*LockResponse, error)
+	// Unlock takes a key returned by Lock and releases the hold on lock. The
+	// next Lock caller waiting for the lock will then be woken up and given
+	// ownership of the lock.
+	Unlock(ctx context.Context, in *UnlockRequest, opts ...grpc.CallOption) (*UnlockResponse, error)
+}
+
+type lockClient struct {
+	cc *grpc.ClientConn
+}
+
+func NewLockClient(cc *grpc.ClientConn) LockClient {
+	return &lockClient{cc}
+}
+
+func (c *lockClient) Lock(ctx context.Context, in *LockRequest, opts ...grpc.CallOption) (*LockResponse, error) {
+	out := new(LockResponse)
+	err := grpc.Invoke(ctx, "/v3lockpb.Lock/Lock", in, out, c.cc, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *lockClient) Unlock(ctx context.Context, in *UnlockRequest, opts ...grpc.CallOption) (*UnlockResponse, error) {
+	out := new(UnlockResponse)
+	err := grpc.Invoke(ctx, "/v3lockpb.Lock/Unlock", in, out, c.cc, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+// Server API for Lock service
+
+type LockServer interface {
+	// Lock acquires a distributed shared lock on a given named lock.
+	// On success, it will return a unique key that exists so long as the
+	// lock is held by the caller. This key can be used in conjunction with
+	// transactions to safely ensure updates to etcd only occur while holding
+	// lock ownership. The lock is held until Unlock is called on the key or the
+	// lease associate with the owner expires.
+	Lock(context.Context, *LockRequest) (*LockResponse, error)
+	// Unlock takes a key returned by Lock and releases the hold on lock. The
+	// next Lock caller waiting for the lock will then be woken up and given
+	// ownership of the lock.
+	Unlock(context.Context, *UnlockRequest) (*UnlockResponse, error)
+}
+
+func RegisterLockServer(s *grpc.Server, srv LockServer) {
+	s.RegisterService(&_Lock_serviceDesc, srv)
+}
+
+func _Lock_Lock_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(LockRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(LockServer).Lock(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/v3lockpb.Lock/Lock",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(LockServer).Lock(ctx, req.(*LockRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+func _Lock_Unlock_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(UnlockRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(LockServer).Unlock(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/v3lockpb.Lock/Unlock",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(LockServer).Unlock(ctx, req.(*UnlockRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+var _Lock_serviceDesc = grpc.ServiceDesc{
+	ServiceName: "v3lockpb.Lock",
+	HandlerType: (*LockServer)(nil),
+	Methods: []grpc.MethodDesc{
+		{
+			MethodName: "Lock",
+			Handler:    _Lock_Lock_Handler,
+		},
+		{
+			MethodName: "Unlock",
+			Handler:    _Lock_Unlock_Handler,
+		},
+	},
+	Streams:  []grpc.StreamDesc{},
+	Metadata: "v3lock.proto",
+}
+
+func (m *LockRequest) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *LockRequest) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if len(m.Name) > 0 {
+		dAtA[i] = 0xa
+		i++
+		i = encodeVarintV3Lock(dAtA, i, uint64(len(m.Name)))
+		i += copy(dAtA[i:], m.Name)
+	}
+	if m.Lease != 0 {
+		dAtA[i] = 0x10
+		i++
+		i = encodeVarintV3Lock(dAtA, i, uint64(m.Lease))
+	}
+	return i, nil
+}
+
+func (m *LockResponse) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *LockResponse) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if m.Header != nil {
+		dAtA[i] = 0xa
+		i++
+		i = encodeVarintV3Lock(dAtA, i, uint64(m.Header.Size()))
+		n1, err := m.Header.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n1
+	}
+	if len(m.Key) > 0 {
+		dAtA[i] = 0x12
+		i++
+		i = encodeVarintV3Lock(dAtA, i, uint64(len(m.Key)))
+		i += copy(dAtA[i:], m.Key)
+	}
+	return i, nil
+}
+
+func (m *UnlockRequest) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *UnlockRequest) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if len(m.Key) > 0 {
+		dAtA[i] = 0xa
+		i++
+		i = encodeVarintV3Lock(dAtA, i, uint64(len(m.Key)))
+		i += copy(dAtA[i:], m.Key)
+	}
+	return i, nil
+}
+
+func (m *UnlockResponse) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *UnlockResponse) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if m.Header != nil {
+		dAtA[i] = 0xa
+		i++
+		i = encodeVarintV3Lock(dAtA, i, uint64(m.Header.Size()))
+		n2, err := m.Header.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n2
+	}
+	return i, nil
+}
+
+func encodeFixed64V3Lock(dAtA []byte, offset int, v uint64) int {
+	dAtA[offset] = uint8(v)
+	dAtA[offset+1] = uint8(v >> 8)
+	dAtA[offset+2] = uint8(v >> 16)
+	dAtA[offset+3] = uint8(v >> 24)
+	dAtA[offset+4] = uint8(v >> 32)
+	dAtA[offset+5] = uint8(v >> 40)
+	dAtA[offset+6] = uint8(v >> 48)
+	dAtA[offset+7] = uint8(v >> 56)
+	return offset + 8
+}
+func encodeFixed32V3Lock(dAtA []byte, offset int, v uint32) int {
+	dAtA[offset] = uint8(v)
+	dAtA[offset+1] = uint8(v >> 8)
+	dAtA[offset+2] = uint8(v >> 16)
+	dAtA[offset+3] = uint8(v >> 24)
+	return offset + 4
+}
+func encodeVarintV3Lock(dAtA []byte, offset int, v uint64) int {
+	for v >= 1<<7 {
+		dAtA[offset] = uint8(v&0x7f | 0x80)
+		v >>= 7
+		offset++
+	}
+	dAtA[offset] = uint8(v)
+	return offset + 1
+}
+func (m *LockRequest) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.Name)
+	if l > 0 {
+		n += 1 + l + sovV3Lock(uint64(l))
+	}
+	if m.Lease != 0 {
+		n += 1 + sovV3Lock(uint64(m.Lease))
+	}
+	return n
+}
+
+func (m *LockResponse) Size() (n int) {
+	var l int
+	_ = l
+	if m.Header != nil {
+		l = m.Header.Size()
+		n += 1 + l + sovV3Lock(uint64(l))
+	}
+	l = len(m.Key)
+	if l > 0 {
+		n += 1 + l + sovV3Lock(uint64(l))
+	}
+	return n
+}
+
+func (m *UnlockRequest) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.Key)
+	if l > 0 {
+		n += 1 + l + sovV3Lock(uint64(l))
+	}
+	return n
+}
+
+func (m *UnlockResponse) Size() (n int) {
+	var l int
+	_ = l
+	if m.Header != nil {
+		l = m.Header.Size()
+		n += 1 + l + sovV3Lock(uint64(l))
+	}
+	return n
+}
+
+func sovV3Lock(x uint64) (n int) {
+	for {
+		n++
+		x >>= 7
+		if x == 0 {
+			break
+		}
+	}
+	return n
+}
+func sozV3Lock(x uint64) (n int) {
+	return sovV3Lock(uint64((x << 1) ^ uint64((int64(x) >> 63))))
+}
+func (m *LockRequest) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowV3Lock
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: LockRequest: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: LockRequest: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var byteLen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Lock
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				byteLen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if byteLen < 0 {
+				return ErrInvalidLengthV3Lock
+			}
+			postIndex := iNdEx + byteLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = append(m.Name[:0], dAtA[iNdEx:postIndex]...)
+			if m.Name == nil {
+				m.Name = []byte{}
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Lease", wireType)
+			}
+			m.Lease = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Lock
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Lease |= (int64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		default:
+			iNdEx = preIndex
+			skippy, err := skipV3Lock(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthV3Lock
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *LockResponse) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowV3Lock
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: LockResponse: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: LockResponse: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Header", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Lock
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthV3Lock
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Header == nil {
+				m.Header = &etcdserverpb.ResponseHeader{}
+			}
+			if err := m.Header.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Key", wireType)
+			}
+			var byteLen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Lock
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				byteLen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if byteLen < 0 {
+				return ErrInvalidLengthV3Lock
+			}
+			postIndex := iNdEx + byteLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Key = append(m.Key[:0], dAtA[iNdEx:postIndex]...)
+			if m.Key == nil {
+				m.Key = []byte{}
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipV3Lock(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthV3Lock
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *UnlockRequest) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowV3Lock
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: UnlockRequest: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: UnlockRequest: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Key", wireType)
+			}
+			var byteLen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Lock
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				byteLen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if byteLen < 0 {
+				return ErrInvalidLengthV3Lock
+			}
+			postIndex := iNdEx + byteLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Key = append(m.Key[:0], dAtA[iNdEx:postIndex]...)
+			if m.Key == nil {
+				m.Key = []byte{}
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipV3Lock(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthV3Lock
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *UnlockResponse) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowV3Lock
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: UnlockResponse: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: UnlockResponse: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Header", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowV3Lock
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthV3Lock
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Header == nil {
+				m.Header = &etcdserverpb.ResponseHeader{}
+			}
+			if err := m.Header.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipV3Lock(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthV3Lock
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func skipV3Lock(dAtA []byte) (n int, err error) {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return 0, ErrIntOverflowV3Lock
+			}
+			if iNdEx >= l {
+				return 0, io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		wireType := int(wire & 0x7)
+		switch wireType {
+		case 0:
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return 0, ErrIntOverflowV3Lock
+				}
+				if iNdEx >= l {
+					return 0, io.ErrUnexpectedEOF
+				}
+				iNdEx++
+				if dAtA[iNdEx-1] < 0x80 {
+					break
+				}
+			}
+			return iNdEx, nil
+		case 1:
+			iNdEx += 8
+			return iNdEx, nil
+		case 2:
+			var length int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return 0, ErrIntOverflowV3Lock
+				}
+				if iNdEx >= l {
+					return 0, io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				length |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			iNdEx += length
+			if length < 0 {
+				return 0, ErrInvalidLengthV3Lock
+			}
+			return iNdEx, nil
+		case 3:
+			for {
+				var innerWire uint64
+				var start int = iNdEx
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return 0, ErrIntOverflowV3Lock
+					}
+					if iNdEx >= l {
+						return 0, io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					innerWire |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				innerWireType := int(innerWire & 0x7)
+				if innerWireType == 4 {
+					break
+				}
+				next, err := skipV3Lock(dAtA[start:])
+				if err != nil {
+					return 0, err
+				}
+				iNdEx = start + next
+			}
+			return iNdEx, nil
+		case 4:
+			return iNdEx, nil
+		case 5:
+			iNdEx += 4
+			return iNdEx, nil
+		default:
+			return 0, fmt.Errorf("proto: illegal wireType %d", wireType)
+		}
+	}
+	panic("unreachable")
+}
+
+var (
+	ErrInvalidLengthV3Lock = fmt.Errorf("proto: negative length found during unmarshaling")
+	ErrIntOverflowV3Lock   = fmt.Errorf("proto: integer overflow")
+)
+
+func init() { proto.RegisterFile("v3lock.proto", fileDescriptorV3Lock) }
+
+var fileDescriptorV3Lock = []byte{
+	// 336 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xe2, 0x29, 0x33, 0xce, 0xc9,
+	0x4f, 0xce, 0xd6, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0xe2, 0x80, 0xf0, 0x0a, 0x92, 0xa4, 0x44,
+	0xd2, 0xf3, 0xd3, 0xf3, 0xc1, 0x82, 0xfa, 0x20, 0x16, 0x44, 0x5e, 0x4a, 0x2d, 0xb5, 0x24, 0x39,
+	0x45, 0x1f, 0x44, 0x14, 0xa7, 0x16, 0x95, 0xa5, 0x16, 0x21, 0x31, 0x0b, 0x92, 0xf4, 0x8b, 0x0a,
+	0x92, 0xa1, 0xea, 0x64, 0xd2, 0xf3, 0xf3, 0xd3, 0x73, 0x52, 0xf5, 0x13, 0x0b, 0x32, 0xf5, 0x13,
+	0xf3, 0xf2, 0xf2, 0x4b, 0x12, 0x4b, 0x32, 0xf3, 0xf3, 0x8a, 0x21, 0xb2, 0x4a, 0xe6, 0x5c, 0xdc,
+	0x3e, 0xf9, 0xc9, 0xd9, 0x41, 0xa9, 0x85, 0xa5, 0xa9, 0xc5, 0x25, 0x42, 0x42, 0x5c, 0x2c, 0x79,
+	0x89, 0xb9, 0xa9, 0x12, 0x8c, 0x0a, 0x8c, 0x1a, 0x3c, 0x41, 0x60, 0xb6, 0x90, 0x08, 0x17, 0x6b,
+	0x4e, 0x6a, 0x62, 0x71, 0xaa, 0x04, 0x93, 0x02, 0xa3, 0x06, 0x73, 0x10, 0x84, 0xa3, 0x14, 0xc6,
+	0xc5, 0x03, 0xd1, 0x58, 0x5c, 0x90, 0x9f, 0x57, 0x9c, 0x2a, 0x64, 0xc2, 0xc5, 0x96, 0x91, 0x9a,
+	0x98, 0x92, 0x5a, 0x04, 0xd6, 0xcb, 0x6d, 0x24, 0xa3, 0x87, 0xec, 0x1e, 0x3d, 0x98, 0x3a, 0x0f,
+	0xb0, 0x9a, 0x20, 0xa8, 0x5a, 0x21, 0x01, 0x2e, 0xe6, 0xec, 0xd4, 0x4a, 0xb0, 0xc9, 0x3c, 0x41,
+	0x20, 0xa6, 0x92, 0x22, 0x17, 0x6f, 0x68, 0x5e, 0x0e, 0x92, 0x93, 0xa0, 0x4a, 0x18, 0x11, 0x4a,
+	0xdc, 0xb8, 0xf8, 0x60, 0x4a, 0x28, 0xb1, 0xdc, 0x68, 0x17, 0x23, 0x17, 0x0b, 0xc8, 0x0f, 0x42,
+	0x21, 0x50, 0x5a, 0x54, 0x0f, 0x16, 0xe6, 0x7a, 0x48, 0x81, 0x22, 0x25, 0x86, 0x2e, 0x0c, 0x31,
+	0x4d, 0x49, 0xb6, 0xe9, 0xf2, 0x93, 0xc9, 0x4c, 0xe2, 0x4a, 0x42, 0xfa, 0x65, 0xc6, 0x89, 0x39,
+	0x05, 0x19, 0x89, 0xfa, 0x20, 0x55, 0x60, 0xc2, 0x8a, 0x51, 0x4b, 0x28, 0x86, 0x8b, 0x0d, 0xe2,
+	0x4c, 0x21, 0x71, 0x84, 0x01, 0x28, 0x7e, 0x93, 0x92, 0xc0, 0x94, 0x80, 0x9a, 0x2d, 0x0f, 0x36,
+	0x5b, 0x52, 0x49, 0x04, 0xd5, 0xec, 0xd2, 0x3c, 0xa8, 0xe9, 0x4e, 0x02, 0x27, 0x1e, 0xc9, 0x31,
+	0x5e, 0x78, 0x24, 0xc7, 0xf8, 0xe0, 0x91, 0x1c, 0xe3, 0x8c, 0xc7, 0x72, 0x0c, 0x49, 0x6c, 0xe0,
+	0x18, 0x35, 0x06, 0x04, 0x00, 0x00, 0xff, 0xff, 0xb6, 0xa0, 0x26, 0x28, 0x47, 0x02, 0x00, 0x00,
+}
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3lock/v3lockpb/v3lock.proto b/vendor/github.com/coreos/etcd/etcdserver/api/v3lock/v3lockpb/v3lock.proto
new file mode 100644
index 000000000000..3e92a6ec277c
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3lock/v3lockpb/v3lock.proto
@@ -0,0 +1,65 @@
+syntax = "proto3";
+package v3lockpb;
+
+import "gogoproto/gogo.proto";
+import "etcd/etcdserver/etcdserverpb/rpc.proto";
+
+// for grpc-gateway
+import "google/api/annotations.proto";
+
+option (gogoproto.marshaler_all) = true;
+option (gogoproto.unmarshaler_all) = true;
+
+// The lock service exposes client-side locking facilities as a gRPC interface.
+service Lock {
+  // Lock acquires a distributed shared lock on a given named lock.
+  // On success, it will return a unique key that exists so long as the
+  // lock is held by the caller. This key can be used in conjunction with
+  // transactions to safely ensure updates to etcd only occur while holding
+  // lock ownership. The lock is held until Unlock is called on the key or the
+  // lease associate with the owner expires.
+  rpc Lock(LockRequest) returns (LockResponse) {
+      option (google.api.http) = {
+        post: "/v3alpha/lock/lock"
+        body: "*"
+    };
+  }
+
+  // Unlock takes a key returned by Lock and releases the hold on lock. The
+  // next Lock caller waiting for the lock will then be woken up and given
+  // ownership of the lock.
+  rpc Unlock(UnlockRequest) returns (UnlockResponse) {
+      option (google.api.http) = {
+        post: "/v3alpha/lock/unlock"
+        body: "*"
+    };
+  }
+}
+
+message LockRequest {
+  // name is the identifier for the distributed shared lock to be acquired.
+  bytes name = 1;
+  // lease is the ID of the lease that will be attached to ownership of the
+  // lock. If the lease expires or is revoked and currently holds the lock,
+  // the lock is automatically released. Calls to Lock with the same lease will
+  // be treated as a single acquistion; locking twice with the same lease is a
+  // no-op.
+  int64 lease = 2;
+}
+
+message LockResponse {
+  etcdserverpb.ResponseHeader header = 1;
+  // key is a key that will exist on etcd for the duration that the Lock caller
+  // owns the lock. Users should not modify this key or the lock may exhibit
+  // undefined behavior.
+  bytes key = 2;
+}
+
+message UnlockRequest {
+  // key is the lock ownership key granted by Lock.
+  bytes key = 1;
+}
+
+message UnlockResponse {
+  etcdserverpb.ResponseHeader header = 1;
+}
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/grpc.go b/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/grpc.go
index 88174e3bac24..5333491a2e25 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/grpc.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/grpc.go
@@ -16,6 +16,10 @@ package v3rpc
 
 import (
 	"crypto/tls"
+	"io/ioutil"
+	"math"
+	"os"
+	"sync"
 
 	"github.com/coreos/etcd/etcdserver"
 	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
@@ -24,11 +28,16 @@ import (
 	"google.golang.org/grpc/grpclog"
 )
 
-func init() {
-	grpclog.SetLogger(plog)
-}
+const (
+	grpcOverheadBytes = 512 * 1024
+	maxStreams        = math.MaxUint32
+	maxSendBytes      = math.MaxInt32
+)
+
+// integration tests call this multiple times, which is racey in gRPC side
+var grpclogOnce sync.Once
 
-func Server(s *etcdserver.EtcdServer, tls *tls.Config) *grpc.Server {
+func Server(s *etcdserver.EtcdServer, tls *tls.Config, gopts ...grpc.ServerOption) *grpc.Server {
 	var opts []grpc.ServerOption
 	opts = append(opts, grpc.CustomCodec(&codec{}))
 	if tls != nil {
@@ -36,8 +45,11 @@ func Server(s *etcdserver.EtcdServer, tls *tls.Config) *grpc.Server {
 	}
 	opts = append(opts, grpc.UnaryInterceptor(newUnaryInterceptor(s)))
 	opts = append(opts, grpc.StreamInterceptor(newStreamInterceptor(s)))
+	opts = append(opts, grpc.MaxRecvMsgSize(int(s.Cfg.MaxRequestBytes+grpcOverheadBytes)))
+	opts = append(opts, grpc.MaxSendMsgSize(maxSendBytes))
+	opts = append(opts, grpc.MaxConcurrentStreams(maxStreams))
+	grpcServer := grpc.NewServer(append(opts, gopts...)...)
 
-	grpcServer := grpc.NewServer(opts...)
 	pb.RegisterKVServer(grpcServer, NewQuotaKVServer(s))
 	pb.RegisterWatchServer(grpcServer, NewWatchServer(s))
 	pb.RegisterLeaseServer(grpcServer, NewQuotaLeaseServer(s))
@@ -45,5 +57,15 @@ func Server(s *etcdserver.EtcdServer, tls *tls.Config) *grpc.Server {
 	pb.RegisterAuthServer(grpcServer, NewAuthServer(s))
 	pb.RegisterMaintenanceServer(grpcServer, NewMaintenanceServer(s))
 
+	grpclogOnce.Do(func() {
+		if s.Cfg.Debug {
+			grpc.EnableTracing = true
+			// enable info, warning, error
+			grpclog.SetLoggerV2(grpclog.NewLoggerV2(os.Stderr, os.Stderr, os.Stderr))
+		} else {
+			// only discard info
+			grpclog.SetLoggerV2(grpclog.NewLoggerV2(ioutil.Discard, os.Stderr, os.Stderr))
+		}
+	})
 	return grpcServer
 }
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/interceptor.go b/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/interceptor.go
index 29aef2914a5b..de9470a8905c 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/interceptor.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/interceptor.go
@@ -45,7 +45,7 @@ func newUnaryInterceptor(s *etcdserver.EtcdServer) grpc.UnaryServerInterceptor {
 			return nil, rpctypes.ErrGRPCNotCapable
 		}
 
-		md, ok := metadata.FromContext(ctx)
+		md, ok := metadata.FromIncomingContext(ctx)
 		if ok {
 			if ks := md[rpctypes.MetadataRequireLeaderKey]; len(ks) > 0 && ks[0] == rpctypes.MetadataHasLeader {
 				if s.Leader() == types.ID(raft.None) {
@@ -66,7 +66,7 @@ func newStreamInterceptor(s *etcdserver.EtcdServer) grpc.StreamServerInterceptor
 			return rpctypes.ErrGRPCNotCapable
 		}
 
-		md, ok := metadata.FromContext(ss.Context())
+		md, ok := metadata.FromIncomingContext(ss.Context())
 		if ok {
 			if ks := md[rpctypes.MetadataRequireLeaderKey]; len(ks) > 0 && ks[0] == rpctypes.MetadataHasLeader {
 				if s.Leader() == types.ID(raft.None) {
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/key.go b/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/key.go
index 6ea7bbacde0a..d0220e03a26e 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/key.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/key.go
@@ -134,6 +134,12 @@ func checkPutRequest(r *pb.PutRequest) error {
 	if len(r.Key) == 0 {
 		return rpctypes.ErrGRPCEmptyKey
 	}
+	if r.IgnoreValue && len(r.Value) != 0 {
+		return rpctypes.ErrGRPCValueProvided
+	}
+	if r.IgnoreLease && r.Lease != 0 {
+		return rpctypes.ErrGRPCLeaseProvided
+	}
 	return nil
 }
 
@@ -246,8 +252,8 @@ func checkRequestOp(u *pb.RequestOp) error {
 			return checkDeleteRequest(uv.RequestDeleteRange)
 		}
 	default:
-		// empty op
-		return nil
+		// empty op / nil entry
+		return rpctypes.ErrGRPCKeyNotFound
 	}
 	return nil
 }
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/lease.go b/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/lease.go
index be6e20b97fb6..91618d115fcb 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/lease.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/lease.go
@@ -18,6 +18,7 @@ import (
 	"io"
 
 	"github.com/coreos/etcd/etcdserver"
+	"github.com/coreos/etcd/etcdserver/api/v3rpc/rpctypes"
 	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
 	"github.com/coreos/etcd/lease"
 	"golang.org/x/net/context"
@@ -53,20 +54,45 @@ func (ls *LeaseServer) LeaseRevoke(ctx context.Context, rr *pb.LeaseRevokeReques
 
 func (ls *LeaseServer) LeaseTimeToLive(ctx context.Context, rr *pb.LeaseTimeToLiveRequest) (*pb.LeaseTimeToLiveResponse, error) {
 	resp, err := ls.le.LeaseTimeToLive(ctx, rr)
-	if err != nil {
+	if err != nil && err != lease.ErrLeaseNotFound {
 		return nil, togRPCError(err)
 	}
+	if err == lease.ErrLeaseNotFound {
+		resp = &pb.LeaseTimeToLiveResponse{
+			Header: &pb.ResponseHeader{},
+			ID:     rr.ID,
+			TTL:    -1,
+		}
+	}
 	ls.hdr.fill(resp.Header)
 	return resp, nil
 }
 
-func (ls *LeaseServer) LeaseKeepAlive(stream pb.Lease_LeaseKeepAliveServer) error {
+func (ls *LeaseServer) LeaseKeepAlive(stream pb.Lease_LeaseKeepAliveServer) (err error) {
+	errc := make(chan error, 1)
+	go func() {
+		errc <- ls.leaseKeepAlive(stream)
+	}()
+	select {
+	case err = <-errc:
+	case <-stream.Context().Done():
+		// the only server-side cancellation is noleader for now.
+		err = stream.Context().Err()
+		if err == context.Canceled {
+			err = rpctypes.ErrGRPCNoLeader
+		}
+	}
+	return err
+}
+
+func (ls *LeaseServer) leaseKeepAlive(stream pb.Lease_LeaseKeepAliveServer) error {
 	for {
 		req, err := stream.Recv()
 		if err == io.EOF {
 			return nil
 		}
 		if err != nil {
+			plog.Debugf("failed to receive lease keepalive request from gRPC stream (%q)", err.Error())
 			return err
 		}
 
@@ -92,6 +118,7 @@ func (ls *LeaseServer) LeaseKeepAlive(stream pb.Lease_LeaseKeepAliveServer) erro
 		resp.TTL = ttl
 		err = stream.Send(resp)
 		if err != nil {
+			plog.Debugf("failed to send lease keepalive response to gRPC stream (%q)", err.Error())
 			return err
 		}
 	}
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/maintenance.go b/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/maintenance.go
index af29ab3b71e7..3657d0360829 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/maintenance.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/maintenance.go
@@ -47,6 +47,7 @@ type RaftStatusGetter interface {
 }
 
 type AuthGetter interface {
+	AuthInfoFromCtx(ctx context.Context) (*auth.AuthInfo, error)
 	AuthStore() auth.AuthStore
 }
 
@@ -152,7 +153,7 @@ type authMaintenanceServer struct {
 }
 
 func (ams *authMaintenanceServer) isAuthenticated(ctx context.Context) error {
-	authInfo, err := ams.ag.AuthStore().AuthInfoFromCtx(ctx)
+	authInfo, err := ams.ag.AuthInfoFromCtx(ctx)
 	if err != nil {
 		return err
 	}
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/member.go b/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/member.go
index bcd5dac5183f..91a59389b873 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/member.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/member.go
@@ -48,21 +48,24 @@ func (cs *ClusterServer) MemberAdd(ctx context.Context, r *pb.MemberAddRequest)
 
 	now := time.Now()
 	m := membership.NewMember("", urls, "", &now)
-	if err = cs.server.AddMember(ctx, *m); err != nil {
-		return nil, togRPCError(err)
+	membs, merr := cs.server.AddMember(ctx, *m)
+	if merr != nil {
+		return nil, togRPCError(merr)
 	}
 
 	return &pb.MemberAddResponse{
-		Header: cs.header(),
-		Member: &pb.Member{ID: uint64(m.ID), PeerURLs: m.PeerURLs},
+		Header:  cs.header(),
+		Member:  &pb.Member{ID: uint64(m.ID), PeerURLs: m.PeerURLs},
+		Members: membersToProtoMembers(membs),
 	}, nil
 }
 
 func (cs *ClusterServer) MemberRemove(ctx context.Context, r *pb.MemberRemoveRequest) (*pb.MemberRemoveResponse, error) {
-	if err := cs.server.RemoveMember(ctx, r.ID); err != nil {
+	membs, err := cs.server.RemoveMember(ctx, r.ID)
+	if err != nil {
 		return nil, togRPCError(err)
 	}
-	return &pb.MemberRemoveResponse{Header: cs.header()}, nil
+	return &pb.MemberRemoveResponse{Header: cs.header(), Members: membersToProtoMembers(membs)}, nil
 }
 
 func (cs *ClusterServer) MemberUpdate(ctx context.Context, r *pb.MemberUpdateRequest) (*pb.MemberUpdateResponse, error) {
@@ -70,15 +73,23 @@ func (cs *ClusterServer) MemberUpdate(ctx context.Context, r *pb.MemberUpdateReq
 		ID:             types.ID(r.ID),
 		RaftAttributes: membership.RaftAttributes{PeerURLs: r.PeerURLs},
 	}
-	if err := cs.server.UpdateMember(ctx, m); err != nil {
+	membs, err := cs.server.UpdateMember(ctx, m)
+	if err != nil {
 		return nil, togRPCError(err)
 	}
-	return &pb.MemberUpdateResponse{Header: cs.header()}, nil
+	return &pb.MemberUpdateResponse{Header: cs.header(), Members: membersToProtoMembers(membs)}, nil
 }
 
 func (cs *ClusterServer) MemberList(ctx context.Context, r *pb.MemberListRequest) (*pb.MemberListResponse, error) {
-	membs := cs.cluster.Members()
+	membs := membersToProtoMembers(cs.cluster.Members())
+	return &pb.MemberListResponse{Header: cs.header(), Members: membs}, nil
+}
 
+func (cs *ClusterServer) header() *pb.ResponseHeader {
+	return &pb.ResponseHeader{ClusterId: uint64(cs.cluster.ID()), MemberId: uint64(cs.server.ID()), RaftTerm: cs.raftTimer.Term()}
+}
+
+func membersToProtoMembers(membs []*membership.Member) []*pb.Member {
 	protoMembs := make([]*pb.Member, len(membs))
 	for i := range membs {
 		protoMembs[i] = &pb.Member{
@@ -88,10 +99,5 @@ func (cs *ClusterServer) MemberList(ctx context.Context, r *pb.MemberListRequest
 			ClientURLs: membs[i].ClientURLs,
 		}
 	}
-
-	return &pb.MemberListResponse{Header: cs.header(), Members: protoMembs}, nil
-}
-
-func (cs *ClusterServer) header() *pb.ResponseHeader {
-	return &pb.ResponseHeader{ClusterId: uint64(cs.cluster.ID()), MemberId: uint64(cs.server.ID()), RaftTerm: cs.raftTimer.Term()}
+	return protoMembs
 }
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/rpctypes/error.go b/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/rpctypes/error.go
index 5a3cfc0a0dbf..bd17179e9977 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/rpctypes/error.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/rpctypes/error.go
@@ -17,16 +17,20 @@ package rpctypes
 import (
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/status"
 )
 
 var (
 	// server-side error
-	ErrGRPCEmptyKey     = grpc.Errorf(codes.InvalidArgument, "etcdserver: key is not provided")
-	ErrGRPCTooManyOps   = grpc.Errorf(codes.InvalidArgument, "etcdserver: too many operations in txn request")
-	ErrGRPCDuplicateKey = grpc.Errorf(codes.InvalidArgument, "etcdserver: duplicate key given in txn request")
-	ErrGRPCCompacted    = grpc.Errorf(codes.OutOfRange, "etcdserver: mvcc: required revision has been compacted")
-	ErrGRPCFutureRev    = grpc.Errorf(codes.OutOfRange, "etcdserver: mvcc: required revision is a future revision")
-	ErrGRPCNoSpace      = grpc.Errorf(codes.ResourceExhausted, "etcdserver: mvcc: database space exceeded")
+	ErrGRPCEmptyKey      = grpc.Errorf(codes.InvalidArgument, "etcdserver: key is not provided")
+	ErrGRPCKeyNotFound   = grpc.Errorf(codes.InvalidArgument, "etcdserver: key not found")
+	ErrGRPCValueProvided = grpc.Errorf(codes.InvalidArgument, "etcdserver: value is provided")
+	ErrGRPCLeaseProvided = grpc.Errorf(codes.InvalidArgument, "etcdserver: lease is provided")
+	ErrGRPCTooManyOps    = grpc.Errorf(codes.InvalidArgument, "etcdserver: too many operations in txn request")
+	ErrGRPCDuplicateKey  = grpc.Errorf(codes.InvalidArgument, "etcdserver: duplicate key given in txn request")
+	ErrGRPCCompacted     = grpc.Errorf(codes.OutOfRange, "etcdserver: mvcc: required revision has been compacted")
+	ErrGRPCFutureRev     = grpc.Errorf(codes.OutOfRange, "etcdserver: mvcc: required revision is a future revision")
+	ErrGRPCNoSpace       = grpc.Errorf(codes.ResourceExhausted, "etcdserver: mvcc: database space exceeded")
 
 	ErrGRPCLeaseNotFound = grpc.Errorf(codes.NotFound, "etcdserver: requested lease not found")
 	ErrGRPCLeaseExist    = grpc.Errorf(codes.FailedPrecondition, "etcdserver: lease already exists")
@@ -53,6 +57,7 @@ var (
 	ErrGRPCPermissionNotGranted = grpc.Errorf(codes.FailedPrecondition, "etcdserver: permission is not granted to the role")
 	ErrGRPCAuthNotEnabled       = grpc.Errorf(codes.FailedPrecondition, "etcdserver: authentication is not enabled")
 	ErrGRPCInvalidAuthToken     = grpc.Errorf(codes.Unauthenticated, "etcdserver: invalid auth token")
+	ErrGRPCInvalidAuthMgmt      = grpc.Errorf(codes.InvalidArgument, "etcdserver: invalid auth management")
 
 	ErrGRPCNoLeader                   = grpc.Errorf(codes.Unavailable, "etcdserver: no leader")
 	ErrGRPCNotCapable                 = grpc.Errorf(codes.Unavailable, "etcdserver: not capable")
@@ -63,7 +68,11 @@ var (
 	ErrGRPCUnhealthy                  = grpc.Errorf(codes.Unavailable, "etcdserver: unhealthy cluster")
 
 	errStringToError = map[string]error{
-		grpc.ErrorDesc(ErrGRPCEmptyKey):     ErrGRPCEmptyKey,
+		grpc.ErrorDesc(ErrGRPCEmptyKey):      ErrGRPCEmptyKey,
+		grpc.ErrorDesc(ErrGRPCKeyNotFound):   ErrGRPCKeyNotFound,
+		grpc.ErrorDesc(ErrGRPCValueProvided): ErrGRPCValueProvided,
+		grpc.ErrorDesc(ErrGRPCLeaseProvided): ErrGRPCLeaseProvided,
+
 		grpc.ErrorDesc(ErrGRPCTooManyOps):   ErrGRPCTooManyOps,
 		grpc.ErrorDesc(ErrGRPCDuplicateKey): ErrGRPCDuplicateKey,
 		grpc.ErrorDesc(ErrGRPCCompacted):    ErrGRPCCompacted,
@@ -95,6 +104,7 @@ var (
 		grpc.ErrorDesc(ErrGRPCPermissionNotGranted): ErrGRPCPermissionNotGranted,
 		grpc.ErrorDesc(ErrGRPCAuthNotEnabled):       ErrGRPCAuthNotEnabled,
 		grpc.ErrorDesc(ErrGRPCInvalidAuthToken):     ErrGRPCInvalidAuthToken,
+		grpc.ErrorDesc(ErrGRPCInvalidAuthMgmt):      ErrGRPCInvalidAuthMgmt,
 
 		grpc.ErrorDesc(ErrGRPCNoLeader):                   ErrGRPCNoLeader,
 		grpc.ErrorDesc(ErrGRPCNotCapable):                 ErrGRPCNotCapable,
@@ -106,12 +116,15 @@ var (
 	}
 
 	// client-side error
-	ErrEmptyKey     = Error(ErrGRPCEmptyKey)
-	ErrTooManyOps   = Error(ErrGRPCTooManyOps)
-	ErrDuplicateKey = Error(ErrGRPCDuplicateKey)
-	ErrCompacted    = Error(ErrGRPCCompacted)
-	ErrFutureRev    = Error(ErrGRPCFutureRev)
-	ErrNoSpace      = Error(ErrGRPCNoSpace)
+	ErrEmptyKey      = Error(ErrGRPCEmptyKey)
+	ErrKeyNotFound   = Error(ErrGRPCKeyNotFound)
+	ErrValueProvided = Error(ErrGRPCValueProvided)
+	ErrLeaseProvided = Error(ErrGRPCLeaseProvided)
+	ErrTooManyOps    = Error(ErrGRPCTooManyOps)
+	ErrDuplicateKey  = Error(ErrGRPCDuplicateKey)
+	ErrCompacted     = Error(ErrGRPCCompacted)
+	ErrFutureRev     = Error(ErrGRPCFutureRev)
+	ErrNoSpace       = Error(ErrGRPCNoSpace)
 
 	ErrLeaseNotFound = Error(ErrGRPCLeaseNotFound)
 	ErrLeaseExist    = Error(ErrGRPCLeaseExist)
@@ -138,6 +151,7 @@ var (
 	ErrPermissionNotGranted = Error(ErrGRPCPermissionNotGranted)
 	ErrAuthNotEnabled       = Error(ErrGRPCAuthNotEnabled)
 	ErrInvalidAuthToken     = Error(ErrGRPCInvalidAuthToken)
+	ErrInvalidAuthMgmt      = Error(ErrGRPCInvalidAuthMgmt)
 
 	ErrNoLeader                   = Error(ErrGRPCNoLeader)
 	ErrNotCapable                 = Error(ErrGRPCNotCapable)
@@ -175,3 +189,10 @@ func Error(err error) error {
 	}
 	return EtcdError{code: grpc.Code(verr), desc: grpc.ErrorDesc(verr)}
 }
+
+func ErrorDesc(err error) string {
+	if s, ok := status.FromError(err); ok {
+		return s.Message()
+	}
+	return err.Error()
+}
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/util.go b/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/util.go
index 5a057ed040da..8d38d9bd18fe 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/util.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/util.go
@@ -42,8 +42,6 @@ func togRPCError(err error) error {
 		return rpctypes.ErrGRPCCompacted
 	case mvcc.ErrFutureRev:
 		return rpctypes.ErrGRPCFutureRev
-	case lease.ErrLeaseNotFound:
-		return rpctypes.ErrGRPCLeaseNotFound
 	case etcdserver.ErrRequestTooLarge:
 		return rpctypes.ErrGRPCRequestTooLarge
 	case etcdserver.ErrNoSpace:
@@ -63,6 +61,8 @@ func togRPCError(err error) error {
 		return rpctypes.ErrGRPCTimeoutDueToConnectionLost
 	case etcdserver.ErrUnhealthy:
 		return rpctypes.ErrGRPCUnhealthy
+	case etcdserver.ErrKeyNotFound:
+		return rpctypes.ErrGRPCKeyNotFound
 
 	case lease.ErrLeaseNotFound:
 		return rpctypes.ErrGRPCLeaseNotFound
@@ -95,6 +95,8 @@ func togRPCError(err error) error {
 		return rpctypes.ErrGRPCAuthNotEnabled
 	case auth.ErrInvalidAuthToken:
 		return rpctypes.ErrGRPCInvalidAuthToken
+	case auth.ErrInvalidAuthMgmt:
+		return rpctypes.ErrGRPCInvalidAuthMgmt
 	default:
 		return grpc.Errorf(codes.Unknown, err.Error())
 	}
diff --git a/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/watch.go b/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/watch.go
index f0215531dee1..cd2adf984538 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/watch.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/watch.go
@@ -21,6 +21,7 @@ import (
 
 	"golang.org/x/net/context"
 
+	"github.com/coreos/etcd/auth"
 	"github.com/coreos/etcd/etcdserver"
 	"github.com/coreos/etcd/etcdserver/api/v3rpc/rpctypes"
 	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
@@ -33,6 +34,8 @@ type watchServer struct {
 	memberID  int64
 	raftTimer etcdserver.RaftTimer
 	watchable mvcc.WatchableKV
+
+	ag AuthGetter
 }
 
 func NewWatchServer(s *etcdserver.EtcdServer) pb.WatchServer {
@@ -41,6 +44,7 @@ func NewWatchServer(s *etcdserver.EtcdServer) pb.WatchServer {
 		memberID:  int64(s.ID()),
 		raftTimer: s,
 		watchable: s.Watchable(),
+		ag:        s,
 	}
 }
 
@@ -101,6 +105,8 @@ type serverWatchStream struct {
 
 	// wg waits for the send loop to complete
 	wg sync.WaitGroup
+
+	ag AuthGetter
 }
 
 func (ws *watchServer) Watch(stream pb.Watch_WatchServer) (err error) {
@@ -118,6 +124,8 @@ func (ws *watchServer) Watch(stream pb.Watch_WatchServer) (err error) {
 		progress:   make(map[mvcc.WatchID]bool),
 		prevKV:     make(map[mvcc.WatchID]bool),
 		closec:     make(chan struct{}),
+
+		ag: ws.ag,
 	}
 
 	sws.wg.Add(1)
@@ -133,6 +141,7 @@ func (ws *watchServer) Watch(stream pb.Watch_WatchServer) (err error) {
 	// deadlock when calling sws.close().
 	go func() {
 		if rerr := sws.recvLoop(); rerr != nil {
+			plog.Debugf("failed to receive watch request from gRPC stream (%q)", rerr.Error())
 			errc <- rerr
 		}
 	}()
@@ -150,6 +159,19 @@ func (ws *watchServer) Watch(stream pb.Watch_WatchServer) (err error) {
 	return err
 }
 
+func (sws *serverWatchStream) isWatchPermitted(wcr *pb.WatchCreateRequest) bool {
+	authInfo, err := sws.ag.AuthInfoFromCtx(sws.gRPCStream.Context())
+	if err != nil {
+		return false
+	}
+	if authInfo == nil {
+		// if auth is enabled, IsRangePermitted() can cause an error
+		authInfo = &auth.AuthInfo{}
+	}
+
+	return sws.ag.AuthStore().IsRangePermitted(authInfo, wcr.Key, wcr.RangeEnd) == nil
+}
+
 func (sws *serverWatchStream) recvLoop() error {
 	for {
 		req, err := sws.gRPCStream.Recv()
@@ -171,10 +193,32 @@ func (sws *serverWatchStream) recvLoop() error {
 				// \x00 is the smallest key
 				creq.Key = []byte{0}
 			}
+			if len(creq.RangeEnd) == 0 {
+				// force nil since watchstream.Watch distinguishes
+				// between nil and []byte{} for single key / >=
+				creq.RangeEnd = nil
+			}
 			if len(creq.RangeEnd) == 1 && creq.RangeEnd[0] == 0 {
 				// support  >= key queries
 				creq.RangeEnd = []byte{}
 			}
+
+			if !sws.isWatchPermitted(creq) {
+				wr := &pb.WatchResponse{
+					Header:       sws.newResponseHeader(sws.watchStream.Rev()),
+					WatchId:      -1,
+					Canceled:     true,
+					Created:      true,
+					CancelReason: rpctypes.ErrGRPCPermissionDenied.Error(),
+				}
+
+				select {
+				case sws.ctrlStream <- wr:
+				case <-sws.closec:
+				}
+				return nil
+			}
+
 			filters := FiltersFromRequest(creq)
 
 			wsrev := sws.watchStream.Rev()
@@ -294,6 +338,7 @@ func (sws *serverWatchStream) sendLoop() {
 
 			mvcc.ReportEventReceived(len(evs))
 			if err := sws.gRPCStream.Send(wr); err != nil {
+				plog.Debugf("failed to send watch response to gRPC stream (%q)", err.Error())
 				return
 			}
 
@@ -310,6 +355,7 @@ func (sws *serverWatchStream) sendLoop() {
 			}
 
 			if err := sws.gRPCStream.Send(c); err != nil {
+				plog.Debugf("failed to send watch control response to gRPC stream (%q)", err.Error())
 				return
 			}
 
@@ -325,6 +371,7 @@ func (sws *serverWatchStream) sendLoop() {
 				for _, v := range pending[wid] {
 					mvcc.ReportEventReceived(len(v.Events))
 					if err := sws.gRPCStream.Send(v); err != nil {
+						plog.Debugf("failed to send pending watch response to gRPC stream (%q)", err.Error())
 						return
 					}
 				}
diff --git a/vendor/github.com/coreos/etcd/etcdserver/apply.go b/vendor/github.com/coreos/etcd/etcdserver/apply.go
index e4bf35bc47e4..0be93c52b6f4 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/apply.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/apply.go
@@ -16,7 +16,6 @@ package etcdserver
 
 import (
 	"bytes"
-	"fmt"
 	"sort"
 	"time"
 
@@ -30,11 +29,6 @@ import (
 )
 
 const (
-	// noTxn is an invalid txn ID.
-	// To apply with independent Range, Put, Delete, you can pass noTxn
-	// to apply functions instead of a valid txn ID.
-	noTxn = -1
-
 	warnApplyDuration = 100 * time.Millisecond
 )
 
@@ -51,9 +45,9 @@ type applyResult struct {
 type applierV3 interface {
 	Apply(r *pb.InternalRaftRequest) *applyResult
 
-	Put(txnID int64, p *pb.PutRequest) (*pb.PutResponse, error)
-	Range(txnID int64, r *pb.RangeRequest) (*pb.RangeResponse, error)
-	DeleteRange(txnID int64, dr *pb.DeleteRangeRequest) (*pb.DeleteRangeResponse, error)
+	Put(txn mvcc.TxnWrite, p *pb.PutRequest) (*pb.PutResponse, error)
+	Range(txn mvcc.TxnRead, r *pb.RangeRequest) (*pb.RangeResponse, error)
+	DeleteRange(txn mvcc.TxnWrite, dr *pb.DeleteRangeRequest) (*pb.DeleteRangeResponse, error)
 	Txn(rt *pb.TxnRequest) (*pb.TxnResponse, error)
 	Compaction(compaction *pb.CompactionRequest) (*pb.CompactionResponse, <-chan struct{}, error)
 
@@ -99,11 +93,11 @@ func (a *applierV3backend) Apply(r *pb.InternalRaftRequest) *applyResult {
 	// call into a.s.applyV3.F instead of a.F so upper appliers can check individual calls
 	switch {
 	case r.Range != nil:
-		ar.resp, ar.err = a.s.applyV3.Range(noTxn, r.Range)
+		ar.resp, ar.err = a.s.applyV3.Range(nil, r.Range)
 	case r.Put != nil:
-		ar.resp, ar.err = a.s.applyV3.Put(noTxn, r.Put)
+		ar.resp, ar.err = a.s.applyV3.Put(nil, r.Put)
 	case r.DeleteRange != nil:
-		ar.resp, ar.err = a.s.applyV3.DeleteRange(noTxn, r.DeleteRange)
+		ar.resp, ar.err = a.s.applyV3.DeleteRange(nil, r.DeleteRange)
 	case r.Txn != nil:
 		ar.resp, ar.err = a.s.applyV3.Txn(r.Txn)
 	case r.Compaction != nil:
@@ -152,106 +146,87 @@ func (a *applierV3backend) Apply(r *pb.InternalRaftRequest) *applyResult {
 	return ar
 }
 
-func (a *applierV3backend) Put(txnID int64, p *pb.PutRequest) (*pb.PutResponse, error) {
-	resp := &pb.PutResponse{}
+func (a *applierV3backend) Put(txn mvcc.TxnWrite, p *pb.PutRequest) (resp *pb.PutResponse, err error) {
+	resp = &pb.PutResponse{}
 	resp.Header = &pb.ResponseHeader{}
-	var (
-		rev int64
-		err error
-	)
 
-	var rr *mvcc.RangeResult
-	if p.PrevKv {
-		if txnID != noTxn {
-			rr, err = a.s.KV().TxnRange(txnID, p.Key, nil, mvcc.RangeOptions{})
-			if err != nil {
-				return nil, err
-			}
-		} else {
-			rr, err = a.s.KV().Range(p.Key, nil, mvcc.RangeOptions{})
-			if err != nil {
-				return nil, err
+	val, leaseID := p.Value, lease.LeaseID(p.Lease)
+	if txn == nil {
+		if leaseID != lease.NoLease {
+			if l := a.s.lessor.Lookup(leaseID); l == nil {
+				return nil, lease.ErrLeaseNotFound
 			}
 		}
+		txn = a.s.KV().Write()
+		defer txn.End()
 	}
 
-	if txnID != noTxn {
-		rev, err = a.s.KV().TxnPut(txnID, p.Key, p.Value, lease.LeaseID(p.Lease))
+	var rr *mvcc.RangeResult
+	if p.IgnoreValue || p.IgnoreLease || p.PrevKv {
+		rr, err = txn.Range(p.Key, nil, mvcc.RangeOptions{})
 		if err != nil {
 			return nil, err
 		}
-	} else {
-		leaseID := lease.LeaseID(p.Lease)
-		if leaseID != lease.NoLease {
-			if l := a.s.lessor.Lookup(leaseID); l == nil {
-				return nil, lease.ErrLeaseNotFound
-			}
+	}
+	if p.IgnoreValue || p.IgnoreLease {
+		if rr == nil || len(rr.KVs) == 0 {
+			// ignore_{lease,value} flag expects previous key-value pair
+			return nil, ErrKeyNotFound
 		}
-		rev = a.s.KV().Put(p.Key, p.Value, leaseID)
 	}
-	resp.Header.Revision = rev
-	if rr != nil && len(rr.KVs) != 0 {
-		resp.PrevKv = &rr.KVs[0]
+	if p.IgnoreValue {
+		val = rr.KVs[0].Value
+	}
+	if p.IgnoreLease {
+		leaseID = lease.LeaseID(rr.KVs[0].Lease)
+	}
+	if p.PrevKv {
+		if rr != nil && len(rr.KVs) != 0 {
+			resp.PrevKv = &rr.KVs[0]
+		}
 	}
+
+	resp.Header.Revision = txn.Put(p.Key, val, leaseID)
 	return resp, nil
 }
 
-func (a *applierV3backend) DeleteRange(txnID int64, dr *pb.DeleteRangeRequest) (*pb.DeleteRangeResponse, error) {
+func (a *applierV3backend) DeleteRange(txn mvcc.TxnWrite, dr *pb.DeleteRangeRequest) (*pb.DeleteRangeResponse, error) {
 	resp := &pb.DeleteRangeResponse{}
 	resp.Header = &pb.ResponseHeader{}
 
-	var (
-		n   int64
-		rev int64
-		err error
-	)
+	if txn == nil {
+		txn = a.s.kv.Write()
+		defer txn.End()
+	}
 
 	if isGteRange(dr.RangeEnd) {
 		dr.RangeEnd = []byte{}
 	}
 
-	var rr *mvcc.RangeResult
 	if dr.PrevKv {
-		if txnID != noTxn {
-			rr, err = a.s.KV().TxnRange(txnID, dr.Key, dr.RangeEnd, mvcc.RangeOptions{})
-			if err != nil {
-				return nil, err
-			}
-		} else {
-			rr, err = a.s.KV().Range(dr.Key, dr.RangeEnd, mvcc.RangeOptions{})
-			if err != nil {
-				return nil, err
-			}
-		}
-	}
-
-	if txnID != noTxn {
-		n, rev, err = a.s.KV().TxnDeleteRange(txnID, dr.Key, dr.RangeEnd)
+		rr, err := txn.Range(dr.Key, dr.RangeEnd, mvcc.RangeOptions{})
 		if err != nil {
 			return nil, err
 		}
-	} else {
-		n, rev = a.s.KV().DeleteRange(dr.Key, dr.RangeEnd)
-	}
-
-	resp.Deleted = n
-	if rr != nil {
-		for i := range rr.KVs {
-			resp.PrevKvs = append(resp.PrevKvs, &rr.KVs[i])
+		if rr != nil {
+			for i := range rr.KVs {
+				resp.PrevKvs = append(resp.PrevKvs, &rr.KVs[i])
+			}
 		}
 	}
-	resp.Header.Revision = rev
+
+	resp.Deleted, resp.Header.Revision = txn.DeleteRange(dr.Key, dr.RangeEnd)
 	return resp, nil
 }
 
-func (a *applierV3backend) Range(txnID int64, r *pb.RangeRequest) (*pb.RangeResponse, error) {
+func (a *applierV3backend) Range(txn mvcc.TxnRead, r *pb.RangeRequest) (*pb.RangeResponse, error) {
 	resp := &pb.RangeResponse{}
 	resp.Header = &pb.ResponseHeader{}
 
-	var (
-		rr  *mvcc.RangeResult
-		err error
-	)
+	if txn == nil {
+		txn = a.s.kv.Read()
+		defer txn.End()
+	}
 
 	if isGteRange(r.RangeEnd) {
 		r.RangeEnd = []byte{}
@@ -275,16 +250,9 @@ func (a *applierV3backend) Range(txnID int64, r *pb.RangeRequest) (*pb.RangeResp
 		Count: r.CountOnly,
 	}
 
-	if txnID != noTxn {
-		rr, err = a.s.KV().TxnRange(txnID, r.Key, r.RangeEnd, ro)
-		if err != nil {
-			return nil, err
-		}
-	} else {
-		rr, err = a.s.KV().Range(r.Key, r.RangeEnd, ro)
-		if err != nil {
-			return nil, err
-		}
+	rr, err := txn.Range(r.Key, r.RangeEnd, ro)
+	if err != nil {
+		return nil, err
 	}
 
 	if r.MaxModRevision != 0 {
@@ -350,61 +318,64 @@ func (a *applierV3backend) Range(txnID int64, r *pb.RangeRequest) (*pb.RangeResp
 }
 
 func (a *applierV3backend) Txn(rt *pb.TxnRequest) (*pb.TxnResponse, error) {
-	ok := true
-	for _, c := range rt.Compare {
-		if _, ok = a.applyCompare(c); !ok {
-			break
-		}
-	}
+	isWrite := !isTxnReadonly(rt)
+	txn := mvcc.NewReadOnlyTxnWrite(a.s.KV().Read())
 
-	var reqs []*pb.RequestOp
-	if ok {
-		reqs = rt.Success
-	} else {
-		reqs = rt.Failure
-	}
-
-	if err := a.checkRequestLeases(reqs); err != nil {
-		return nil, err
+	reqs, ok := a.compareToOps(txn, rt)
+	if isWrite {
+		if err := a.checkRequestPut(txn, reqs); err != nil {
+			txn.End()
+			return nil, err
+		}
 	}
-	if err := a.checkRequestRange(reqs); err != nil {
+	if err := checkRequestRange(txn, reqs); err != nil {
+		txn.End()
 		return nil, err
 	}
 
-	// When executing the operations of txn, we need to hold the txn lock.
-	// So the reader will not see any intermediate results.
-	txnID := a.s.KV().TxnBegin()
-
 	resps := make([]*pb.ResponseOp, len(reqs))
-	for i := range reqs {
-		resps[i] = a.applyUnion(txnID, reqs[i])
+	txnResp := &pb.TxnResponse{
+		Responses: resps,
+		Succeeded: ok,
+		Header:    &pb.ResponseHeader{},
 	}
 
-	err := a.s.KV().TxnEnd(txnID)
-	if err != nil {
-		panic(fmt.Sprint("unexpected error when closing txn", txnID))
+	// When executing mutable txn ops, etcd must hold the txn lock so
+	// readers do not see any intermediate results. Since writes are
+	// serialized on the raft loop, the revision in the read view will
+	// be the revision of the write txn.
+	if isWrite {
+		txn.End()
+		txn = a.s.KV().Write()
 	}
+	for i := range reqs {
+		resps[i] = a.applyUnion(txn, reqs[i])
+	}
+	rev := txn.Rev()
+	if len(txn.Changes()) != 0 {
+		rev++
+	}
+	txn.End()
 
-	txnResp := &pb.TxnResponse{}
-	txnResp.Header = &pb.ResponseHeader{}
-	txnResp.Header.Revision = a.s.KV().Rev()
-	txnResp.Responses = resps
-	txnResp.Succeeded = ok
+	txnResp.Header.Revision = rev
 	return txnResp, nil
 }
 
-// applyCompare applies the compare request.
-// It returns the revision at which the comparison happens. If the comparison
-// succeeds, the it returns true. Otherwise it returns false.
-func (a *applierV3backend) applyCompare(c *pb.Compare) (int64, bool) {
-	rr, err := a.s.KV().Range(c.Key, nil, mvcc.RangeOptions{})
-	rev := rr.Rev
+func (a *applierV3backend) compareToOps(rv mvcc.ReadView, rt *pb.TxnRequest) ([]*pb.RequestOp, bool) {
+	for _, c := range rt.Compare {
+		if !applyCompare(rv, c) {
+			return rt.Failure, false
+		}
+	}
+	return rt.Success, true
+}
 
+// applyCompare applies the compare request.
+// If the comparison succeeds, it returns true. Otherwise, returns false.
+func applyCompare(rv mvcc.ReadView, c *pb.Compare) bool {
+	rr, err := rv.Range(c.Key, nil, mvcc.RangeOptions{})
 	if err != nil {
-		if err == mvcc.ErrTxnIDMismatch {
-			panic("unexpected txn ID mismatch error")
-		}
-		return rev, false
+		return false
 	}
 	var ckv mvccpb.KeyValue
 	if len(rr.KVs) != 0 {
@@ -416,7 +387,7 @@ func (a *applierV3backend) applyCompare(c *pb.Compare) (int64, bool) {
 			// We can treat non-existence as the empty set explicitly, such that
 			// even a key with a value of length 0 bytes is still a real key
 			// that was written that way
-			return rev, false
+			return false
 		}
 	}
 
@@ -448,30 +419,22 @@ func (a *applierV3backend) applyCompare(c *pb.Compare) (int64, bool) {
 
 	switch c.Result {
 	case pb.Compare_EQUAL:
-		if result != 0 {
-			return rev, false
-		}
+		return result == 0
 	case pb.Compare_NOT_EQUAL:
-		if result == 0 {
-			return rev, false
-		}
+		return result != 0
 	case pb.Compare_GREATER:
-		if result != 1 {
-			return rev, false
-		}
+		return result > 0
 	case pb.Compare_LESS:
-		if result != -1 {
-			return rev, false
-		}
+		return result < 0
 	}
-	return rev, true
+	return true
 }
 
-func (a *applierV3backend) applyUnion(txnID int64, union *pb.RequestOp) *pb.ResponseOp {
+func (a *applierV3backend) applyUnion(txn mvcc.TxnWrite, union *pb.RequestOp) *pb.ResponseOp {
 	switch tv := union.Request.(type) {
 	case *pb.RequestOp_RequestRange:
 		if tv.RequestRange != nil {
-			resp, err := a.Range(txnID, tv.RequestRange)
+			resp, err := a.Range(txn, tv.RequestRange)
 			if err != nil {
 				plog.Panicf("unexpected error during txn: %v", err)
 			}
@@ -479,7 +442,7 @@ func (a *applierV3backend) applyUnion(txnID int64, union *pb.RequestOp) *pb.Resp
 		}
 	case *pb.RequestOp_RequestPut:
 		if tv.RequestPut != nil {
-			resp, err := a.Put(txnID, tv.RequestPut)
+			resp, err := a.Put(txn, tv.RequestPut)
 			if err != nil {
 				plog.Panicf("unexpected error during txn: %v", err)
 			}
@@ -487,7 +450,7 @@ func (a *applierV3backend) applyUnion(txnID int64, union *pb.RequestOp) *pb.Resp
 		}
 	case *pb.RequestOp_RequestDeleteRange:
 		if tv.RequestDeleteRange != nil {
-			resp, err := a.DeleteRange(txnID, tv.RequestDeleteRange)
+			resp, err := a.DeleteRange(txn, tv.RequestDeleteRange)
 			if err != nil {
 				plog.Panicf("unexpected error during txn: %v", err)
 			}
@@ -588,7 +551,7 @@ type applierV3Capped struct {
 // with Puts so that the number of keys in the store is capped.
 func newApplierV3Capped(base applierV3) applierV3 { return &applierV3Capped{applierV3: base} }
 
-func (a *applierV3Capped) Put(txnID int64, p *pb.PutRequest) (*pb.PutResponse, error) {
+func (a *applierV3Capped) Put(txn mvcc.TxnWrite, p *pb.PutRequest) (*pb.PutResponse, error) {
 	return nil, ErrNoSpace
 }
 
@@ -617,7 +580,7 @@ func (a *applierV3backend) AuthDisable() (*pb.AuthDisableResponse, error) {
 }
 
 func (a *applierV3backend) Authenticate(r *pb.InternalAuthenticateRequest) (*pb.AuthenticateResponse, error) {
-	ctx := context.WithValue(context.WithValue(context.Background(), "index", a.s.consistIndex.ConsistentIndex()), "simpleToken", r.SimpleToken)
+	ctx := context.WithValue(context.WithValue(a.s.ctx, "index", a.s.consistIndex.ConsistentIndex()), "simpleToken", r.SimpleToken)
 	resp, err := a.s.AuthStore().Authenticate(ctx, r.Name, r.Password)
 	if resp != nil {
 		resp.Header = newHeader(a.s)
@@ -738,9 +701,9 @@ func newQuotaApplierV3(s *EtcdServer, app applierV3) applierV3 {
 	return &quotaApplierV3{app, NewBackendQuota(s)}
 }
 
-func (a *quotaApplierV3) Put(txnID int64, p *pb.PutRequest) (*pb.PutResponse, error) {
+func (a *quotaApplierV3) Put(txn mvcc.TxnWrite, p *pb.PutRequest) (*pb.PutResponse, error) {
 	ok := a.q.Available(p)
-	resp, err := a.applierV3.Put(txnID, p)
+	resp, err := a.applierV3.Put(txn, p)
 	if err == nil && !ok {
 		err = ErrNoSpace
 	}
@@ -804,14 +767,27 @@ func (s *kvSortByValue) Less(i, j int) bool {
 	return bytes.Compare(s.kvs[i].Value, s.kvs[j].Value) < 0
 }
 
-func (a *applierV3backend) checkRequestLeases(reqs []*pb.RequestOp) error {
+func (a *applierV3backend) checkRequestPut(rv mvcc.ReadView, reqs []*pb.RequestOp) error {
 	for _, requ := range reqs {
 		tv, ok := requ.Request.(*pb.RequestOp_RequestPut)
 		if !ok {
 			continue
 		}
 		preq := tv.RequestPut
-		if preq == nil || lease.LeaseID(preq.Lease) == lease.NoLease {
+		if preq == nil {
+			continue
+		}
+		if preq.IgnoreValue || preq.IgnoreLease {
+			// expects previous key-value, error if not exist
+			rr, err := rv.Range(preq.Key, nil, mvcc.RangeOptions{})
+			if err != nil {
+				return err
+			}
+			if rr == nil || len(rr.KVs) == 0 {
+				return ErrKeyNotFound
+			}
+		}
+		if lease.LeaseID(preq.Lease) == lease.NoLease {
 			continue
 		}
 		if l := a.s.lessor.Lookup(lease.LeaseID(preq.Lease)); l == nil {
@@ -821,7 +797,7 @@ func (a *applierV3backend) checkRequestLeases(reqs []*pb.RequestOp) error {
 	return nil
 }
 
-func (a *applierV3backend) checkRequestRange(reqs []*pb.RequestOp) error {
+func checkRequestRange(rv mvcc.ReadView, reqs []*pb.RequestOp) error {
 	for _, requ := range reqs {
 		tv, ok := requ.Request.(*pb.RequestOp_RequestRange)
 		if !ok {
@@ -832,10 +808,10 @@ func (a *applierV3backend) checkRequestRange(reqs []*pb.RequestOp) error {
 			continue
 		}
 
-		if greq.Revision > a.s.KV().Rev() {
+		if greq.Revision > rv.Rev() {
 			return mvcc.ErrFutureRev
 		}
-		if greq.Revision < a.s.KV().FirstRev() {
+		if greq.Revision < rv.FirstRev() {
 			return mvcc.ErrCompacted
 		}
 	}
diff --git a/vendor/github.com/coreos/etcd/etcdserver/apply_auth.go b/vendor/github.com/coreos/etcd/etcdserver/apply_auth.go
index 4868e855ca12..7da4ae45df5d 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/apply_auth.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/apply_auth.go
@@ -19,6 +19,7 @@ import (
 
 	"github.com/coreos/etcd/auth"
 	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
+	"github.com/coreos/etcd/mvcc"
 )
 
 type authApplierV3 struct {
@@ -58,7 +59,7 @@ func (aa *authApplierV3) Apply(r *pb.InternalRaftRequest) *applyResult {
 	return ret
 }
 
-func (aa *authApplierV3) Put(txnID int64, r *pb.PutRequest) (*pb.PutResponse, error) {
+func (aa *authApplierV3) Put(txn mvcc.TxnWrite, r *pb.PutRequest) (*pb.PutResponse, error) {
 	if err := aa.as.IsPutPermitted(&aa.authInfo, r.Key); err != nil {
 		return nil, err
 	}
@@ -68,17 +69,17 @@ func (aa *authApplierV3) Put(txnID int64, r *pb.PutRequest) (*pb.PutResponse, er
 			return nil, err
 		}
 	}
-	return aa.applierV3.Put(txnID, r)
+	return aa.applierV3.Put(txn, r)
 }
 
-func (aa *authApplierV3) Range(txnID int64, r *pb.RangeRequest) (*pb.RangeResponse, error) {
+func (aa *authApplierV3) Range(txn mvcc.TxnRead, r *pb.RangeRequest) (*pb.RangeResponse, error) {
 	if err := aa.as.IsRangePermitted(&aa.authInfo, r.Key, r.RangeEnd); err != nil {
 		return nil, err
 	}
-	return aa.applierV3.Range(txnID, r)
+	return aa.applierV3.Range(txn, r)
 }
 
-func (aa *authApplierV3) DeleteRange(txnID int64, r *pb.DeleteRangeRequest) (*pb.DeleteRangeResponse, error) {
+func (aa *authApplierV3) DeleteRange(txn mvcc.TxnWrite, r *pb.DeleteRangeRequest) (*pb.DeleteRangeResponse, error) {
 	if err := aa.as.IsDeleteRangePermitted(&aa.authInfo, r.Key, r.RangeEnd); err != nil {
 		return nil, err
 	}
@@ -89,7 +90,7 @@ func (aa *authApplierV3) DeleteRange(txnID int64, r *pb.DeleteRangeRequest) (*pb
 		}
 	}
 
-	return aa.applierV3.DeleteRange(txnID, r)
+	return aa.applierV3.DeleteRange(txn, r)
 }
 
 func checkTxnReqsPermission(as auth.AuthStore, ai *auth.AuthInfo, reqs []*pb.RequestOp) error {
diff --git a/vendor/github.com/coreos/etcd/etcdserver/backend.go b/vendor/github.com/coreos/etcd/etcdserver/backend.go
new file mode 100644
index 000000000000..c5e2dabf3e71
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/etcdserver/backend.go
@@ -0,0 +1,81 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package etcdserver
+
+import (
+	"fmt"
+	"os"
+	"time"
+
+	"github.com/coreos/etcd/lease"
+	"github.com/coreos/etcd/mvcc"
+	"github.com/coreos/etcd/mvcc/backend"
+	"github.com/coreos/etcd/raft/raftpb"
+	"github.com/coreos/etcd/snap"
+)
+
+func newBackend(cfg *ServerConfig) backend.Backend {
+	bcfg := backend.DefaultBackendConfig()
+	bcfg.Path = cfg.backendPath()
+	if cfg.QuotaBackendBytes > 0 && cfg.QuotaBackendBytes != DefaultQuotaBytes {
+		// permit 10% excess over quota for disarm
+		bcfg.MmapSize = uint64(cfg.QuotaBackendBytes + cfg.QuotaBackendBytes/10)
+	}
+	return backend.New(bcfg)
+}
+
+// openSnapshotBackend renames a snapshot db to the current etcd db and opens it.
+func openSnapshotBackend(cfg *ServerConfig, ss *snap.Snapshotter, snapshot raftpb.Snapshot) (backend.Backend, error) {
+	snapPath, err := ss.DBFilePath(snapshot.Metadata.Index)
+	if err != nil {
+		return nil, fmt.Errorf("database snapshot file path error: %v", err)
+	}
+	if err := os.Rename(snapPath, cfg.backendPath()); err != nil {
+		return nil, fmt.Errorf("rename snapshot file error: %v", err)
+	}
+	return openBackend(cfg), nil
+}
+
+// openBackend returns a backend using the current etcd db.
+func openBackend(cfg *ServerConfig) backend.Backend {
+	fn := cfg.backendPath()
+	beOpened := make(chan backend.Backend)
+	go func() {
+		beOpened <- newBackend(cfg)
+	}()
+	select {
+	case be := <-beOpened:
+		return be
+	case <-time.After(time.Second):
+		plog.Warningf("another etcd process is using %q and holds the file lock.", fn)
+		plog.Warningf("waiting for it to exit before starting...")
+	}
+	return <-beOpened
+}
+
+// recoverBackendSnapshot recovers the DB from a snapshot in case etcd crashes
+// before updating the backend db after persisting raft snapshot to disk,
+// violating the invariant snapshot.Metadata.Index < db.consistentIndex. In this
+// case, replace the db with the snapshot db sent by the leader.
+func recoverSnapshotBackend(cfg *ServerConfig, oldbe backend.Backend, snapshot raftpb.Snapshot) (backend.Backend, error) {
+	var cIndex consistentIndex
+	kv := mvcc.New(oldbe, &lease.FakeLessor{}, &cIndex)
+	defer kv.Close()
+	if snapshot.Metadata.Index <= kv.ConsistentIndex() {
+		return oldbe, nil
+	}
+	oldbe.Close()
+	return openSnapshotBackend(cfg, snap.New(cfg.SnapDir()), snapshot)
+}
diff --git a/vendor/github.com/coreos/etcd/etcdserver/cluster_util.go b/vendor/github.com/coreos/etcd/etcdserver/cluster_util.go
index fa84ffae6307..f44862a46380 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/cluster_util.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/cluster_util.go
@@ -23,7 +23,6 @@ import (
 	"time"
 
 	"github.com/coreos/etcd/etcdserver/membership"
-	"github.com/coreos/etcd/pkg/httputil"
 	"github.com/coreos/etcd/pkg/types"
 	"github.com/coreos/etcd/version"
 	"github.com/coreos/go-semver/semver"
@@ -241,15 +240,6 @@ func getVersion(m *membership.Member, rt http.RoundTripper) (*version.Versions,
 			plog.Warningf("failed to reach the peerURL(%s) of member %s (%v)", u, m.ID, err)
 			continue
 		}
-		// etcd 2.0 does not have version endpoint on peer url.
-		if resp.StatusCode == http.StatusNotFound {
-			httputil.GracefulClose(resp)
-			return &version.Versions{
-				Server:  "2.0.0",
-				Cluster: "2.0.0",
-			}, nil
-		}
-
 		var b []byte
 		b, err = ioutil.ReadAll(resp.Body)
 		resp.Body.Close()
diff --git a/vendor/github.com/coreos/etcd/etcdserver/config.go b/vendor/github.com/coreos/etcd/etcdserver/config.go
index 9bcac0f076b9..ae8a4d08e355 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/config.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/config.go
@@ -55,10 +55,17 @@ type ServerConfig struct {
 	AutoCompactionRetention int
 	QuotaBackendBytes       int64
 
+	// MaxRequestBytes is the maximum request size to send over raft.
+	MaxRequestBytes uint
+
 	StrictReconfigCheck bool
 
 	// ClientCertAuthEnabled is true when cert has been signed by the client CA.
 	ClientCertAuthEnabled bool
+
+	AuthToken string
+
+	Debug bool
 }
 
 // VerifyBootstrap sanity-checks the initial config for bootstrap case
@@ -198,3 +205,5 @@ func (c *ServerConfig) bootstrapTimeout() time.Duration {
 	}
 	return time.Second
 }
+
+func (c *ServerConfig) backendPath() string { return filepath.Join(c.SnapDir(), "db") }
diff --git a/vendor/github.com/coreos/etcd/etcdserver/errors.go b/vendor/github.com/coreos/etcd/etcdserver/errors.go
index 5edc155624bc..ed749dbe8d88 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/errors.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/errors.go
@@ -33,6 +33,7 @@ var (
 	ErrNoSpace                    = errors.New("etcdserver: no space")
 	ErrTooManyRequests            = errors.New("etcdserver: too many requests")
 	ErrUnhealthy                  = errors.New("etcdserver: unhealthy cluster")
+	ErrKeyNotFound                = errors.New("etcdserver: key not found")
 )
 
 type DiscoveryError struct {
diff --git a/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/etcdserver.pb.go b/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/etcdserver.pb.go
index f34bedf3ed3a..aabf90061f6e 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/etcdserver.pb.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/etcdserver.pb.go
@@ -1018,7 +1018,7 @@ func init() { proto.RegisterFile("etcdserver.proto", fileDescriptorEtcdserver) }
 
 var fileDescriptorEtcdserver = []byte{
 	// 380 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0x5c, 0xd2, 0xdd, 0x6e, 0xda, 0x30,
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x5c, 0xd2, 0xdd, 0x6e, 0xda, 0x30,
 	0x14, 0x07, 0x70, 0x0c, 0xe1, 0xcb, 0x63, 0x1b, 0xb3, 0xd0, 0x74, 0x84, 0xa6, 0x2c, 0x42, 0xbb,
 	0xc8, 0xd5, 0xf6, 0x0e, 0x2c, 0x5c, 0x44, 0x2a, 0x15, 0x0d, 0x15, 0xbd, 0x76, 0xc9, 0x29, 0x58,
 	0x02, 0x4c, 0x1d, 0x07, 0xf1, 0x06, 0x7d, 0x85, 0x3e, 0x12, 0x97, 0x7d, 0x82, 0xaa, 0xa5, 0x2f,
diff --git a/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/rpc.pb.gw.go b/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/gw/rpc.pb.gw.go
similarity index 69%
rename from vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/rpc.pb.gw.go
rename to vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/gw/rpc.pb.gw.go
index 473ad582ef8e..02a23b78c107 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/rpc.pb.gw.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/gw/rpc.pb.gw.go
@@ -1,15 +1,15 @@
-// Code generated by protoc-gen-grpc-gateway
+// Code generated by protoc-gen-grpc-gateway. DO NOT EDIT.
 // source: etcdserver/etcdserverpb/rpc.proto
-// DO NOT EDIT!
 
 /*
 Package etcdserverpb is a reverse proxy.
 
 It translates gRPC into RESTful JSON APIs.
 */
-package etcdserverpb
+package gw
 
 import (
+	"github.com/coreos/etcd/etcdserver/etcdserverpb"
 	"io"
 	"net/http"
 
@@ -20,19 +20,21 @@ import (
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/grpclog"
+	"google.golang.org/grpc/status"
 )
 
 var _ codes.Code
 var _ io.Reader
+var _ status.Status
 var _ = runtime.String
 var _ = utilities.NewDoubleArray
 
-func request_KV_Range_0(ctx context.Context, marshaler runtime.Marshaler, client KVClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq RangeRequest
+func request_KV_Range_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.KVClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.RangeRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.Range(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -40,12 +42,12 @@ func request_KV_Range_0(ctx context.Context, marshaler runtime.Marshaler, client
 
 }
 
-func request_KV_Put_0(ctx context.Context, marshaler runtime.Marshaler, client KVClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq PutRequest
+func request_KV_Put_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.KVClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.PutRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.Put(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -53,12 +55,12 @@ func request_KV_Put_0(ctx context.Context, marshaler runtime.Marshaler, client K
 
 }
 
-func request_KV_DeleteRange_0(ctx context.Context, marshaler runtime.Marshaler, client KVClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq DeleteRangeRequest
+func request_KV_DeleteRange_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.KVClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.DeleteRangeRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.DeleteRange(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -66,12 +68,12 @@ func request_KV_DeleteRange_0(ctx context.Context, marshaler runtime.Marshaler,
 
 }
 
-func request_KV_Txn_0(ctx context.Context, marshaler runtime.Marshaler, client KVClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq TxnRequest
+func request_KV_Txn_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.KVClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.TxnRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.Txn(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -79,12 +81,12 @@ func request_KV_Txn_0(ctx context.Context, marshaler runtime.Marshaler, client K
 
 }
 
-func request_KV_Compact_0(ctx context.Context, marshaler runtime.Marshaler, client KVClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq CompactionRequest
+func request_KV_Compact_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.KVClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.CompactionRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.Compact(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -92,7 +94,7 @@ func request_KV_Compact_0(ctx context.Context, marshaler runtime.Marshaler, clie
 
 }
 
-func request_Watch_Watch_0(ctx context.Context, marshaler runtime.Marshaler, client WatchClient, req *http.Request, pathParams map[string]string) (Watch_WatchClient, runtime.ServerMetadata, error) {
+func request_Watch_Watch_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.WatchClient, req *http.Request, pathParams map[string]string) (etcdserverpb.Watch_WatchClient, runtime.ServerMetadata, error) {
 	var metadata runtime.ServerMetadata
 	stream, err := client.Watch(ctx)
 	if err != nil {
@@ -101,7 +103,7 @@ func request_Watch_Watch_0(ctx context.Context, marshaler runtime.Marshaler, cli
 	}
 	dec := marshaler.NewDecoder(req.Body)
 	handleSend := func() error {
-		var protoReq WatchRequest
+		var protoReq etcdserverpb.WatchRequest
 		err = dec.Decode(&protoReq)
 		if err == io.EOF {
 			return err
@@ -144,12 +146,12 @@ func request_Watch_Watch_0(ctx context.Context, marshaler runtime.Marshaler, cli
 	return stream, metadata, nil
 }
 
-func request_Lease_LeaseGrant_0(ctx context.Context, marshaler runtime.Marshaler, client LeaseClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq LeaseGrantRequest
+func request_Lease_LeaseGrant_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.LeaseClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.LeaseGrantRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.LeaseGrant(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -157,12 +159,12 @@ func request_Lease_LeaseGrant_0(ctx context.Context, marshaler runtime.Marshaler
 
 }
 
-func request_Lease_LeaseRevoke_0(ctx context.Context, marshaler runtime.Marshaler, client LeaseClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq LeaseRevokeRequest
+func request_Lease_LeaseRevoke_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.LeaseClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.LeaseRevokeRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.LeaseRevoke(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -170,7 +172,7 @@ func request_Lease_LeaseRevoke_0(ctx context.Context, marshaler runtime.Marshale
 
 }
 
-func request_Lease_LeaseKeepAlive_0(ctx context.Context, marshaler runtime.Marshaler, client LeaseClient, req *http.Request, pathParams map[string]string) (Lease_LeaseKeepAliveClient, runtime.ServerMetadata, error) {
+func request_Lease_LeaseKeepAlive_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.LeaseClient, req *http.Request, pathParams map[string]string) (etcdserverpb.Lease_LeaseKeepAliveClient, runtime.ServerMetadata, error) {
 	var metadata runtime.ServerMetadata
 	stream, err := client.LeaseKeepAlive(ctx)
 	if err != nil {
@@ -179,7 +181,7 @@ func request_Lease_LeaseKeepAlive_0(ctx context.Context, marshaler runtime.Marsh
 	}
 	dec := marshaler.NewDecoder(req.Body)
 	handleSend := func() error {
-		var protoReq LeaseKeepAliveRequest
+		var protoReq etcdserverpb.LeaseKeepAliveRequest
 		err = dec.Decode(&protoReq)
 		if err == io.EOF {
 			return err
@@ -222,12 +224,12 @@ func request_Lease_LeaseKeepAlive_0(ctx context.Context, marshaler runtime.Marsh
 	return stream, metadata, nil
 }
 
-func request_Lease_LeaseTimeToLive_0(ctx context.Context, marshaler runtime.Marshaler, client LeaseClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq LeaseTimeToLiveRequest
+func request_Lease_LeaseTimeToLive_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.LeaseClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.LeaseTimeToLiveRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.LeaseTimeToLive(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -235,12 +237,12 @@ func request_Lease_LeaseTimeToLive_0(ctx context.Context, marshaler runtime.Mars
 
 }
 
-func request_Cluster_MemberAdd_0(ctx context.Context, marshaler runtime.Marshaler, client ClusterClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq MemberAddRequest
+func request_Cluster_MemberAdd_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.ClusterClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.MemberAddRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.MemberAdd(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -248,12 +250,12 @@ func request_Cluster_MemberAdd_0(ctx context.Context, marshaler runtime.Marshale
 
 }
 
-func request_Cluster_MemberRemove_0(ctx context.Context, marshaler runtime.Marshaler, client ClusterClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq MemberRemoveRequest
+func request_Cluster_MemberRemove_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.ClusterClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.MemberRemoveRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.MemberRemove(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -261,12 +263,12 @@ func request_Cluster_MemberRemove_0(ctx context.Context, marshaler runtime.Marsh
 
 }
 
-func request_Cluster_MemberUpdate_0(ctx context.Context, marshaler runtime.Marshaler, client ClusterClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq MemberUpdateRequest
+func request_Cluster_MemberUpdate_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.ClusterClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.MemberUpdateRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.MemberUpdate(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -274,12 +276,12 @@ func request_Cluster_MemberUpdate_0(ctx context.Context, marshaler runtime.Marsh
 
 }
 
-func request_Cluster_MemberList_0(ctx context.Context, marshaler runtime.Marshaler, client ClusterClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq MemberListRequest
+func request_Cluster_MemberList_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.ClusterClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.MemberListRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.MemberList(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -287,12 +289,12 @@ func request_Cluster_MemberList_0(ctx context.Context, marshaler runtime.Marshal
 
 }
 
-func request_Maintenance_Alarm_0(ctx context.Context, marshaler runtime.Marshaler, client MaintenanceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq AlarmRequest
+func request_Maintenance_Alarm_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.MaintenanceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.AlarmRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.Alarm(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -300,12 +302,12 @@ func request_Maintenance_Alarm_0(ctx context.Context, marshaler runtime.Marshale
 
 }
 
-func request_Maintenance_Status_0(ctx context.Context, marshaler runtime.Marshaler, client MaintenanceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq StatusRequest
+func request_Maintenance_Status_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.MaintenanceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.StatusRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.Status(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -313,12 +315,12 @@ func request_Maintenance_Status_0(ctx context.Context, marshaler runtime.Marshal
 
 }
 
-func request_Maintenance_Defragment_0(ctx context.Context, marshaler runtime.Marshaler, client MaintenanceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq DefragmentRequest
+func request_Maintenance_Defragment_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.MaintenanceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.DefragmentRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.Defragment(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -326,12 +328,12 @@ func request_Maintenance_Defragment_0(ctx context.Context, marshaler runtime.Mar
 
 }
 
-func request_Maintenance_Hash_0(ctx context.Context, marshaler runtime.Marshaler, client MaintenanceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq HashRequest
+func request_Maintenance_Hash_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.MaintenanceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.HashRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.Hash(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -339,12 +341,12 @@ func request_Maintenance_Hash_0(ctx context.Context, marshaler runtime.Marshaler
 
 }
 
-func request_Maintenance_Snapshot_0(ctx context.Context, marshaler runtime.Marshaler, client MaintenanceClient, req *http.Request, pathParams map[string]string) (Maintenance_SnapshotClient, runtime.ServerMetadata, error) {
-	var protoReq SnapshotRequest
+func request_Maintenance_Snapshot_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.MaintenanceClient, req *http.Request, pathParams map[string]string) (etcdserverpb.Maintenance_SnapshotClient, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.SnapshotRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	stream, err := client.Snapshot(ctx, &protoReq)
@@ -360,12 +362,12 @@ func request_Maintenance_Snapshot_0(ctx context.Context, marshaler runtime.Marsh
 
 }
 
-func request_Auth_AuthEnable_0(ctx context.Context, marshaler runtime.Marshaler, client AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq AuthEnableRequest
+func request_Auth_AuthEnable_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.AuthEnableRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.AuthEnable(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -373,12 +375,12 @@ func request_Auth_AuthEnable_0(ctx context.Context, marshaler runtime.Marshaler,
 
 }
 
-func request_Auth_AuthDisable_0(ctx context.Context, marshaler runtime.Marshaler, client AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq AuthDisableRequest
+func request_Auth_AuthDisable_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.AuthDisableRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.AuthDisable(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -386,12 +388,12 @@ func request_Auth_AuthDisable_0(ctx context.Context, marshaler runtime.Marshaler
 
 }
 
-func request_Auth_Authenticate_0(ctx context.Context, marshaler runtime.Marshaler, client AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq AuthenticateRequest
+func request_Auth_Authenticate_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.AuthenticateRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.Authenticate(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -399,12 +401,12 @@ func request_Auth_Authenticate_0(ctx context.Context, marshaler runtime.Marshale
 
 }
 
-func request_Auth_UserAdd_0(ctx context.Context, marshaler runtime.Marshaler, client AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq AuthUserAddRequest
+func request_Auth_UserAdd_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.AuthUserAddRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.UserAdd(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -412,12 +414,12 @@ func request_Auth_UserAdd_0(ctx context.Context, marshaler runtime.Marshaler, cl
 
 }
 
-func request_Auth_UserGet_0(ctx context.Context, marshaler runtime.Marshaler, client AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq AuthUserGetRequest
+func request_Auth_UserGet_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.AuthUserGetRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.UserGet(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -425,12 +427,12 @@ func request_Auth_UserGet_0(ctx context.Context, marshaler runtime.Marshaler, cl
 
 }
 
-func request_Auth_UserList_0(ctx context.Context, marshaler runtime.Marshaler, client AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq AuthUserListRequest
+func request_Auth_UserList_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.AuthUserListRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.UserList(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -438,12 +440,12 @@ func request_Auth_UserList_0(ctx context.Context, marshaler runtime.Marshaler, c
 
 }
 
-func request_Auth_UserDelete_0(ctx context.Context, marshaler runtime.Marshaler, client AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq AuthUserDeleteRequest
+func request_Auth_UserDelete_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.AuthUserDeleteRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.UserDelete(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -451,12 +453,12 @@ func request_Auth_UserDelete_0(ctx context.Context, marshaler runtime.Marshaler,
 
 }
 
-func request_Auth_UserChangePassword_0(ctx context.Context, marshaler runtime.Marshaler, client AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq AuthUserChangePasswordRequest
+func request_Auth_UserChangePassword_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.AuthUserChangePasswordRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.UserChangePassword(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -464,12 +466,12 @@ func request_Auth_UserChangePassword_0(ctx context.Context, marshaler runtime.Ma
 
 }
 
-func request_Auth_UserGrantRole_0(ctx context.Context, marshaler runtime.Marshaler, client AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq AuthUserGrantRoleRequest
+func request_Auth_UserGrantRole_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.AuthUserGrantRoleRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.UserGrantRole(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -477,12 +479,12 @@ func request_Auth_UserGrantRole_0(ctx context.Context, marshaler runtime.Marshal
 
 }
 
-func request_Auth_UserRevokeRole_0(ctx context.Context, marshaler runtime.Marshaler, client AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq AuthUserRevokeRoleRequest
+func request_Auth_UserRevokeRole_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.AuthUserRevokeRoleRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.UserRevokeRole(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -490,12 +492,12 @@ func request_Auth_UserRevokeRole_0(ctx context.Context, marshaler runtime.Marsha
 
 }
 
-func request_Auth_RoleAdd_0(ctx context.Context, marshaler runtime.Marshaler, client AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq AuthRoleAddRequest
+func request_Auth_RoleAdd_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.AuthRoleAddRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.RoleAdd(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -503,12 +505,12 @@ func request_Auth_RoleAdd_0(ctx context.Context, marshaler runtime.Marshaler, cl
 
 }
 
-func request_Auth_RoleGet_0(ctx context.Context, marshaler runtime.Marshaler, client AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq AuthRoleGetRequest
+func request_Auth_RoleGet_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.AuthRoleGetRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.RoleGet(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -516,12 +518,12 @@ func request_Auth_RoleGet_0(ctx context.Context, marshaler runtime.Marshaler, cl
 
 }
 
-func request_Auth_RoleList_0(ctx context.Context, marshaler runtime.Marshaler, client AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq AuthRoleListRequest
+func request_Auth_RoleList_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.AuthRoleListRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.RoleList(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -529,12 +531,12 @@ func request_Auth_RoleList_0(ctx context.Context, marshaler runtime.Marshaler, c
 
 }
 
-func request_Auth_RoleDelete_0(ctx context.Context, marshaler runtime.Marshaler, client AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq AuthRoleDeleteRequest
+func request_Auth_RoleDelete_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.AuthRoleDeleteRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.RoleDelete(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -542,12 +544,12 @@ func request_Auth_RoleDelete_0(ctx context.Context, marshaler runtime.Marshaler,
 
 }
 
-func request_Auth_RoleGrantPermission_0(ctx context.Context, marshaler runtime.Marshaler, client AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq AuthRoleGrantPermissionRequest
+func request_Auth_RoleGrantPermission_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.AuthRoleGrantPermissionRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.RoleGrantPermission(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -555,12 +557,12 @@ func request_Auth_RoleGrantPermission_0(ctx context.Context, marshaler runtime.M
 
 }
 
-func request_Auth_RoleRevokePermission_0(ctx context.Context, marshaler runtime.Marshaler, client AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq AuthRoleRevokePermissionRequest
+func request_Auth_RoleRevokePermission_0(ctx context.Context, marshaler runtime.Marshaler, client etcdserverpb.AuthClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq etcdserverpb.AuthRoleRevokePermissionRequest
 	var metadata runtime.ServerMetadata
 
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil {
-		return nil, metadata, grpc.Errorf(codes.InvalidArgument, "%v", err)
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
 	msg, err := client.RoleRevokePermission(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
@@ -596,7 +598,15 @@ func RegisterKVHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, e
 // RegisterKVHandler registers the http handlers for service KV to "mux".
 // The handlers forward requests to the grpc endpoint over "conn".
 func RegisterKVHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error {
-	client := NewKVClient(conn)
+	return RegisterKVHandlerClient(ctx, mux, etcdserverpb.NewKVClient(conn))
+}
+
+// RegisterKVHandler registers the http handlers for service KV to "mux".
+// The handlers forward requests to the grpc endpoint over the given implementation of "KVClient".
+// Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "KVClient"
+// doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in
+// "KVClient" to call the correct interceptors.
+func RegisterKVHandlerClient(ctx context.Context, mux *runtime.ServeMux, client etcdserverpb.KVClient) error {
 
 	mux.Handle("POST", pattern_KV_Range_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
 		ctx, cancel := context.WithCancel(ctx)
@@ -611,18 +621,19 @@ func RegisterKVHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.Cl
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_KV_Range_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_KV_Range_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_KV_Range_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -639,18 +650,19 @@ func RegisterKVHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.Cl
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_KV_Put_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_KV_Put_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_KV_Put_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -667,18 +679,19 @@ func RegisterKVHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.Cl
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_KV_DeleteRange_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_KV_DeleteRange_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_KV_DeleteRange_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -695,18 +708,19 @@ func RegisterKVHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.Cl
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_KV_Txn_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_KV_Txn_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_KV_Txn_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -723,18 +737,19 @@ func RegisterKVHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.Cl
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_KV_Compact_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_KV_Compact_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_KV_Compact_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -793,7 +808,15 @@ func RegisterWatchHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux
 // RegisterWatchHandler registers the http handlers for service Watch to "mux".
 // The handlers forward requests to the grpc endpoint over "conn".
 func RegisterWatchHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error {
-	client := NewWatchClient(conn)
+	return RegisterWatchHandlerClient(ctx, mux, etcdserverpb.NewWatchClient(conn))
+}
+
+// RegisterWatchHandler registers the http handlers for service Watch to "mux".
+// The handlers forward requests to the grpc endpoint over the given implementation of "WatchClient".
+// Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "WatchClient"
+// doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in
+// "WatchClient" to call the correct interceptors.
+func RegisterWatchHandlerClient(ctx context.Context, mux *runtime.ServeMux, client etcdserverpb.WatchClient) error {
 
 	mux.Handle("POST", pattern_Watch_Watch_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
 		ctx, cancel := context.WithCancel(ctx)
@@ -808,18 +831,19 @@ func RegisterWatchHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Watch_Watch_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Watch_Watch_0(ctx, outboundMarshaler, w, req, func() (proto.Message, error) { return resp.Recv() }, mux.GetForwardResponseOptions()...)
+		forward_Watch_Watch_0(ctx, mux, outboundMarshaler, w, req, func() (proto.Message, error) { return resp.Recv() }, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -862,7 +886,15 @@ func RegisterLeaseHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux
 // RegisterLeaseHandler registers the http handlers for service Lease to "mux".
 // The handlers forward requests to the grpc endpoint over "conn".
 func RegisterLeaseHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error {
-	client := NewLeaseClient(conn)
+	return RegisterLeaseHandlerClient(ctx, mux, etcdserverpb.NewLeaseClient(conn))
+}
+
+// RegisterLeaseHandler registers the http handlers for service Lease to "mux".
+// The handlers forward requests to the grpc endpoint over the given implementation of "LeaseClient".
+// Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "LeaseClient"
+// doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in
+// "LeaseClient" to call the correct interceptors.
+func RegisterLeaseHandlerClient(ctx context.Context, mux *runtime.ServeMux, client etcdserverpb.LeaseClient) error {
 
 	mux.Handle("POST", pattern_Lease_LeaseGrant_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
 		ctx, cancel := context.WithCancel(ctx)
@@ -877,18 +909,19 @@ func RegisterLeaseHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Lease_LeaseGrant_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Lease_LeaseGrant_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Lease_LeaseGrant_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -905,18 +938,19 @@ func RegisterLeaseHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Lease_LeaseRevoke_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Lease_LeaseRevoke_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Lease_LeaseRevoke_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -933,18 +967,19 @@ func RegisterLeaseHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Lease_LeaseKeepAlive_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Lease_LeaseKeepAlive_0(ctx, outboundMarshaler, w, req, func() (proto.Message, error) { return resp.Recv() }, mux.GetForwardResponseOptions()...)
+		forward_Lease_LeaseKeepAlive_0(ctx, mux, outboundMarshaler, w, req, func() (proto.Message, error) { return resp.Recv() }, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -961,18 +996,19 @@ func RegisterLeaseHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Lease_LeaseTimeToLive_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Lease_LeaseTimeToLive_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Lease_LeaseTimeToLive_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1027,7 +1063,15 @@ func RegisterClusterHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeM
 // RegisterClusterHandler registers the http handlers for service Cluster to "mux".
 // The handlers forward requests to the grpc endpoint over "conn".
 func RegisterClusterHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error {
-	client := NewClusterClient(conn)
+	return RegisterClusterHandlerClient(ctx, mux, etcdserverpb.NewClusterClient(conn))
+}
+
+// RegisterClusterHandler registers the http handlers for service Cluster to "mux".
+// The handlers forward requests to the grpc endpoint over the given implementation of "ClusterClient".
+// Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "ClusterClient"
+// doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in
+// "ClusterClient" to call the correct interceptors.
+func RegisterClusterHandlerClient(ctx context.Context, mux *runtime.ServeMux, client etcdserverpb.ClusterClient) error {
 
 	mux.Handle("POST", pattern_Cluster_MemberAdd_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
 		ctx, cancel := context.WithCancel(ctx)
@@ -1042,18 +1086,19 @@ func RegisterClusterHandler(ctx context.Context, mux *runtime.ServeMux, conn *gr
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Cluster_MemberAdd_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Cluster_MemberAdd_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Cluster_MemberAdd_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1070,18 +1115,19 @@ func RegisterClusterHandler(ctx context.Context, mux *runtime.ServeMux, conn *gr
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Cluster_MemberRemove_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Cluster_MemberRemove_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Cluster_MemberRemove_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1098,18 +1144,19 @@ func RegisterClusterHandler(ctx context.Context, mux *runtime.ServeMux, conn *gr
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Cluster_MemberUpdate_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Cluster_MemberUpdate_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Cluster_MemberUpdate_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1126,18 +1173,19 @@ func RegisterClusterHandler(ctx context.Context, mux *runtime.ServeMux, conn *gr
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Cluster_MemberList_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Cluster_MemberList_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Cluster_MemberList_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1192,7 +1240,15 @@ func RegisterMaintenanceHandlerFromEndpoint(ctx context.Context, mux *runtime.Se
 // RegisterMaintenanceHandler registers the http handlers for service Maintenance to "mux".
 // The handlers forward requests to the grpc endpoint over "conn".
 func RegisterMaintenanceHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error {
-	client := NewMaintenanceClient(conn)
+	return RegisterMaintenanceHandlerClient(ctx, mux, etcdserverpb.NewMaintenanceClient(conn))
+}
+
+// RegisterMaintenanceHandler registers the http handlers for service Maintenance to "mux".
+// The handlers forward requests to the grpc endpoint over the given implementation of "MaintenanceClient".
+// Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "MaintenanceClient"
+// doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in
+// "MaintenanceClient" to call the correct interceptors.
+func RegisterMaintenanceHandlerClient(ctx context.Context, mux *runtime.ServeMux, client etcdserverpb.MaintenanceClient) error {
 
 	mux.Handle("POST", pattern_Maintenance_Alarm_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
 		ctx, cancel := context.WithCancel(ctx)
@@ -1207,18 +1263,19 @@ func RegisterMaintenanceHandler(ctx context.Context, mux *runtime.ServeMux, conn
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Maintenance_Alarm_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Maintenance_Alarm_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Maintenance_Alarm_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1235,18 +1292,19 @@ func RegisterMaintenanceHandler(ctx context.Context, mux *runtime.ServeMux, conn
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Maintenance_Status_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Maintenance_Status_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Maintenance_Status_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1263,18 +1321,19 @@ func RegisterMaintenanceHandler(ctx context.Context, mux *runtime.ServeMux, conn
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Maintenance_Defragment_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Maintenance_Defragment_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Maintenance_Defragment_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1291,18 +1350,19 @@ func RegisterMaintenanceHandler(ctx context.Context, mux *runtime.ServeMux, conn
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Maintenance_Hash_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Maintenance_Hash_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Maintenance_Hash_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1319,18 +1379,19 @@ func RegisterMaintenanceHandler(ctx context.Context, mux *runtime.ServeMux, conn
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Maintenance_Snapshot_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Maintenance_Snapshot_0(ctx, outboundMarshaler, w, req, func() (proto.Message, error) { return resp.Recv() }, mux.GetForwardResponseOptions()...)
+		forward_Maintenance_Snapshot_0(ctx, mux, outboundMarshaler, w, req, func() (proto.Message, error) { return resp.Recv() }, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1389,7 +1450,15 @@ func RegisterAuthHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux,
 // RegisterAuthHandler registers the http handlers for service Auth to "mux".
 // The handlers forward requests to the grpc endpoint over "conn".
 func RegisterAuthHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error {
-	client := NewAuthClient(conn)
+	return RegisterAuthHandlerClient(ctx, mux, etcdserverpb.NewAuthClient(conn))
+}
+
+// RegisterAuthHandler registers the http handlers for service Auth to "mux".
+// The handlers forward requests to the grpc endpoint over the given implementation of "AuthClient".
+// Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "AuthClient"
+// doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in
+// "AuthClient" to call the correct interceptors.
+func RegisterAuthHandlerClient(ctx context.Context, mux *runtime.ServeMux, client etcdserverpb.AuthClient) error {
 
 	mux.Handle("POST", pattern_Auth_AuthEnable_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
 		ctx, cancel := context.WithCancel(ctx)
@@ -1404,18 +1473,19 @@ func RegisterAuthHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Auth_AuthEnable_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Auth_AuthEnable_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Auth_AuthEnable_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1432,18 +1502,19 @@ func RegisterAuthHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Auth_AuthDisable_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Auth_AuthDisable_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Auth_AuthDisable_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1460,18 +1531,19 @@ func RegisterAuthHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Auth_Authenticate_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Auth_Authenticate_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Auth_Authenticate_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1488,18 +1560,19 @@ func RegisterAuthHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Auth_UserAdd_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Auth_UserAdd_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Auth_UserAdd_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1516,18 +1589,19 @@ func RegisterAuthHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Auth_UserGet_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Auth_UserGet_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Auth_UserGet_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1544,18 +1618,19 @@ func RegisterAuthHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Auth_UserList_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Auth_UserList_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Auth_UserList_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1572,18 +1647,19 @@ func RegisterAuthHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Auth_UserDelete_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Auth_UserDelete_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Auth_UserDelete_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1600,18 +1676,19 @@ func RegisterAuthHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Auth_UserChangePassword_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Auth_UserChangePassword_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Auth_UserChangePassword_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1628,18 +1705,19 @@ func RegisterAuthHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Auth_UserGrantRole_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Auth_UserGrantRole_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Auth_UserGrantRole_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1656,18 +1734,19 @@ func RegisterAuthHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Auth_UserRevokeRole_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Auth_UserRevokeRole_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Auth_UserRevokeRole_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1684,18 +1763,19 @@ func RegisterAuthHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Auth_RoleAdd_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Auth_RoleAdd_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Auth_RoleAdd_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1712,18 +1792,19 @@ func RegisterAuthHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Auth_RoleGet_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Auth_RoleGet_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Auth_RoleGet_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1740,18 +1821,19 @@ func RegisterAuthHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Auth_RoleList_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Auth_RoleList_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Auth_RoleList_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1768,18 +1850,19 @@ func RegisterAuthHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Auth_RoleDelete_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Auth_RoleDelete_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Auth_RoleDelete_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1796,18 +1879,19 @@ func RegisterAuthHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Auth_RoleGrantPermission_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Auth_RoleGrantPermission_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Auth_RoleGrantPermission_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -1824,18 +1908,19 @@ func RegisterAuthHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.
 			}(ctx.Done(), cn.CloseNotify())
 		}
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
-		rctx, err := runtime.AnnotateContext(ctx, req)
+		rctx, err := runtime.AnnotateContext(ctx, mux, req)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
+			return
 		}
 		resp, md, err := request_Auth_RoleRevokePermission_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
-			runtime.HTTPError(ctx, outboundMarshaler, w, req, err)
+			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_Auth_RoleRevokePermission_0(ctx, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_Auth_RoleRevokePermission_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
diff --git a/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/raft_internal.pb.go b/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/raft_internal.pb.go
index 66890c93c440..44a3b6f69eb9 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/raft_internal.pb.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/raft_internal.pb.go
@@ -2038,7 +2038,7 @@ func init() { proto.RegisterFile("raft_internal.proto", fileDescriptorRaftIntern
 
 var fileDescriptorRaftInternal = []byte{
 	// 837 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0x7c, 0x96, 0xdd, 0x52, 0xd3, 0x40,
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x7c, 0x96, 0xdd, 0x52, 0xd3, 0x40,
 	0x14, 0xc7, 0x69, 0xf9, 0xec, 0xb6, 0x54, 0x5c, 0x40, 0xd7, 0x32, 0x53, 0xa1, 0x8c, 0x8a, 0x5f,
 	0xe8, 0x94, 0x07, 0xd0, 0x4a, 0x19, 0x60, 0x86, 0x61, 0x98, 0x0c, 0xce, 0x38, 0xe3, 0x45, 0x5c,
 	0x9a, 0x43, 0x1b, 0x49, 0x93, 0xb8, 0xd9, 0x56, 0x7c, 0x13, 0x1f, 0xc3, 0xaf, 0x87, 0xe0, 0xc2,
diff --git a/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/rpc.pb.go b/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/rpc.pb.go
index b28f2e50e3c4..894c815f824c 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/rpc.pb.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/rpc.pb.go
@@ -15,6 +15,8 @@ import (
 
 	authpb "github.com/coreos/etcd/auth/authpb"
 
+	_ "google.golang.org/genproto/googleapis/api/annotations"
+
 	context "golang.org/x/net/context"
 
 	grpc "google.golang.org/grpc"
@@ -223,16 +225,45 @@ func (m *ResponseHeader) String() string            { return proto.CompactTextSt
 func (*ResponseHeader) ProtoMessage()               {}
 func (*ResponseHeader) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{0} }
 
+func (m *ResponseHeader) GetClusterId() uint64 {
+	if m != nil {
+		return m.ClusterId
+	}
+	return 0
+}
+
+func (m *ResponseHeader) GetMemberId() uint64 {
+	if m != nil {
+		return m.MemberId
+	}
+	return 0
+}
+
+func (m *ResponseHeader) GetRevision() int64 {
+	if m != nil {
+		return m.Revision
+	}
+	return 0
+}
+
+func (m *ResponseHeader) GetRaftTerm() uint64 {
+	if m != nil {
+		return m.RaftTerm
+	}
+	return 0
+}
+
 type RangeRequest struct {
 	// key is the first key for the range. If range_end is not given, the request only looks up key.
 	Key []byte `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
 	// range_end is the upper bound on the requested range [key, range_end).
 	// If range_end is '\0', the range is all keys >= key.
-	// If the range_end is one bit larger than the given key,
-	// then the range requests get the all keys with the prefix (the given key).
-	// If both key and range_end are '\0', then range requests returns all keys.
+	// If range_end is key plus one (e.g., "aa"+1 == "ab", "a\xff"+1 == "b"),
+	// then the range request gets all keys prefixed with key.
+	// If both key and range_end are '\0', then the range request returns all keys.
 	RangeEnd []byte `protobuf:"bytes,2,opt,name=range_end,json=rangeEnd,proto3" json:"range_end,omitempty"`
-	// limit is a limit on the number of keys returned for the request.
+	// limit is a limit on the number of keys returned for the request. When limit is set to 0,
+	// it is treated as no limit.
 	Limit int64 `protobuf:"varint,3,opt,name=limit,proto3" json:"limit,omitempty"`
 	// revision is the point-in-time of the key-value store to use for the range.
 	// If revision is less or equal to zero, the range is over the newest key-value store.
@@ -272,6 +303,97 @@ func (m *RangeRequest) String() string            { return proto.CompactTextStri
 func (*RangeRequest) ProtoMessage()               {}
 func (*RangeRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{1} }
 
+func (m *RangeRequest) GetKey() []byte {
+	if m != nil {
+		return m.Key
+	}
+	return nil
+}
+
+func (m *RangeRequest) GetRangeEnd() []byte {
+	if m != nil {
+		return m.RangeEnd
+	}
+	return nil
+}
+
+func (m *RangeRequest) GetLimit() int64 {
+	if m != nil {
+		return m.Limit
+	}
+	return 0
+}
+
+func (m *RangeRequest) GetRevision() int64 {
+	if m != nil {
+		return m.Revision
+	}
+	return 0
+}
+
+func (m *RangeRequest) GetSortOrder() RangeRequest_SortOrder {
+	if m != nil {
+		return m.SortOrder
+	}
+	return RangeRequest_NONE
+}
+
+func (m *RangeRequest) GetSortTarget() RangeRequest_SortTarget {
+	if m != nil {
+		return m.SortTarget
+	}
+	return RangeRequest_KEY
+}
+
+func (m *RangeRequest) GetSerializable() bool {
+	if m != nil {
+		return m.Serializable
+	}
+	return false
+}
+
+func (m *RangeRequest) GetKeysOnly() bool {
+	if m != nil {
+		return m.KeysOnly
+	}
+	return false
+}
+
+func (m *RangeRequest) GetCountOnly() bool {
+	if m != nil {
+		return m.CountOnly
+	}
+	return false
+}
+
+func (m *RangeRequest) GetMinModRevision() int64 {
+	if m != nil {
+		return m.MinModRevision
+	}
+	return 0
+}
+
+func (m *RangeRequest) GetMaxModRevision() int64 {
+	if m != nil {
+		return m.MaxModRevision
+	}
+	return 0
+}
+
+func (m *RangeRequest) GetMinCreateRevision() int64 {
+	if m != nil {
+		return m.MinCreateRevision
+	}
+	return 0
+}
+
+func (m *RangeRequest) GetMaxCreateRevision() int64 {
+	if m != nil {
+		return m.MaxCreateRevision
+	}
+	return 0
+}
+
 type RangeResponse struct {
 	Header *ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
 	// kvs is the list of key-value pairs matched by the range request.
@@ -302,6 +424,20 @@ func (m *RangeResponse) GetKvs() []*mvccpb.KeyValue {
 	return nil
 }
 
+func (m *RangeResponse) GetMore() bool {
+	if m != nil {
+		return m.More
+	}
+	return false
+}
+
+func (m *RangeResponse) GetCount() int64 {
+	if m != nil {
+		return m.Count
+	}
+	return 0
+}
+
 type PutRequest struct {
 	// key is the key, in bytes, to put into the key-value store.
 	Key []byte `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
@@ -313,6 +449,12 @@ type PutRequest struct {
 	// If prev_kv is set, etcd gets the previous key-value pair before changing it.
 	// The previous key-value pair will be returned in the put response.
 	PrevKv bool `protobuf:"varint,4,opt,name=prev_kv,json=prevKv,proto3" json:"prev_kv,omitempty"`
+	// If ignore_value is set, etcd updates the key using its current value.
+	// Returns an error if the key does not exist.
+	IgnoreValue bool `protobuf:"varint,5,opt,name=ignore_value,json=ignoreValue,proto3" json:"ignore_value,omitempty"`
+	// If ignore_lease is set, etcd updates the key using its current lease.
+	// Returns an error if the key does not exist.
+	IgnoreLease bool `protobuf:"varint,6,opt,name=ignore_lease,json=ignoreLease,proto3" json:"ignore_lease,omitempty"`
 }
 
 func (m *PutRequest) Reset()                    { *m = PutRequest{} }
@@ -320,6 +462,48 @@ func (m *PutRequest) String() string            { return proto.CompactTextString
 func (*PutRequest) ProtoMessage()               {}
 func (*PutRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{3} }
 
+func (m *PutRequest) GetKey() []byte {
+	if m != nil {
+		return m.Key
+	}
+	return nil
+}
+
+func (m *PutRequest) GetValue() []byte {
+	if m != nil {
+		return m.Value
+	}
+	return nil
+}
+
+func (m *PutRequest) GetLease() int64 {
+	if m != nil {
+		return m.Lease
+	}
+	return 0
+}
+
+func (m *PutRequest) GetPrevKv() bool {
+	if m != nil {
+		return m.PrevKv
+	}
+	return false
+}
+
+func (m *PutRequest) GetIgnoreValue() bool {
+	if m != nil {
+		return m.IgnoreValue
+	}
+	return false
+}
+
+func (m *PutRequest) GetIgnoreLease() bool {
+	if m != nil {
+		return m.IgnoreLease
+	}
+	return false
+}
+
 type PutResponse struct {
 	Header *ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
 	// if prev_kv is set in the request, the previous key-value pair will be returned.
@@ -350,12 +534,12 @@ type DeleteRangeRequest struct {
 	Key []byte `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
 	// range_end is the key following the last key to delete for the range [key, range_end).
 	// If range_end is not given, the range is defined to contain only the key argument.
-	// If range_end is one bit larger than the given key, then the range is all
-	// the all keys with the prefix (the given key).
+	// If range_end is one bit larger than the given key, then the range is all the keys
+	// with the prefix (the given key).
 	// If range_end is '\0', the range is all keys greater than or equal to the key argument.
 	RangeEnd []byte `protobuf:"bytes,2,opt,name=range_end,json=rangeEnd,proto3" json:"range_end,omitempty"`
 	// If prev_kv is set, etcd gets the previous key-value pairs before deleting it.
-	// The previous key-value pairs will be returned in the delte response.
+	// The previous key-value pairs will be returned in the delete response.
 	PrevKv bool `protobuf:"varint,3,opt,name=prev_kv,json=prevKv,proto3" json:"prev_kv,omitempty"`
 }
 
@@ -364,6 +548,27 @@ func (m *DeleteRangeRequest) String() string            { return proto.CompactTe
 func (*DeleteRangeRequest) ProtoMessage()               {}
 func (*DeleteRangeRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{5} }
 
+func (m *DeleteRangeRequest) GetKey() []byte {
+	if m != nil {
+		return m.Key
+	}
+	return nil
+}
+
+func (m *DeleteRangeRequest) GetRangeEnd() []byte {
+	if m != nil {
+		return m.RangeEnd
+	}
+	return nil
+}
+
+func (m *DeleteRangeRequest) GetPrevKv() bool {
+	if m != nil {
+		return m.PrevKv
+	}
+	return false
+}
+
 type DeleteRangeResponse struct {
 	Header *ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
 	// deleted is the number of keys deleted by the delete range request.
@@ -384,6 +589,13 @@ func (m *DeleteRangeResponse) GetHeader() *ResponseHeader {
 	return nil
 }
 
+func (m *DeleteRangeResponse) GetDeleted() int64 {
+	if m != nil {
+		return m.Deleted
+	}
+	return 0
+}
+
 func (m *DeleteRangeResponse) GetPrevKvs() []*mvccpb.KeyValue {
 	if m != nil {
 		return m.PrevKvs
@@ -754,6 +966,27 @@ func (m *Compare) GetTargetUnion() isCompare_TargetUnion {
 	return nil
 }
 
+func (m *Compare) GetResult() Compare_CompareResult {
+	if m != nil {
+		return m.Result
+	}
+	return Compare_EQUAL
+}
+
+func (m *Compare) GetTarget() Compare_CompareTarget {
+	if m != nil {
+		return m.Target
+	}
+	return Compare_VERSION
+}
+
+func (m *Compare) GetKey() []byte {
+	if m != nil {
+		return m.Key
+	}
+	return nil
+}
+
 func (m *Compare) GetVersion() int64 {
 	if x, ok := m.GetTargetUnion().(*Compare_Version); ok {
 		return x.Version
@@ -950,6 +1183,13 @@ func (m *TxnResponse) GetHeader() *ResponseHeader {
 	return nil
 }
 
+func (m *TxnResponse) GetSucceeded() bool {
+	if m != nil {
+		return m.Succeeded
+	}
+	return false
+}
+
 func (m *TxnResponse) GetResponses() []*ResponseOp {
 	if m != nil {
 		return m.Responses
@@ -973,6 +1213,20 @@ func (m *CompactionRequest) String() string            { return proto.CompactTex
 func (*CompactionRequest) ProtoMessage()               {}
 func (*CompactionRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{12} }
 
+func (m *CompactionRequest) GetRevision() int64 {
+	if m != nil {
+		return m.Revision
+	}
+	return 0
+}
+
+func (m *CompactionRequest) GetPhysical() bool {
+	if m != nil {
+		return m.Physical
+	}
+	return false
+}
+
 type CompactionResponse struct {
 	Header *ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
 }
@@ -1015,6 +1269,13 @@ func (m *HashResponse) GetHeader() *ResponseHeader {
 	return nil
 }
 
+func (m *HashResponse) GetHash() uint32 {
+	if m != nil {
+		return m.Hash
+	}
+	return 0
+}
+
 type SnapshotRequest struct {
 }
 
@@ -1045,6 +1306,20 @@ func (m *SnapshotResponse) GetHeader() *ResponseHeader {
 	return nil
 }
 
+func (m *SnapshotResponse) GetRemainingBytes() uint64 {
+	if m != nil {
+		return m.RemainingBytes
+	}
+	return 0
+}
+
+func (m *SnapshotResponse) GetBlob() []byte {
+	if m != nil {
+		return m.Blob
+	}
+	return nil
+}
+
 type WatchRequest struct {
 	// request_union is a request to either create a new watcher or cancel an existing watcher.
 	//
@@ -1198,6 +1473,48 @@ func (m *WatchCreateRequest) String() string            { return proto.CompactTe
 func (*WatchCreateRequest) ProtoMessage()               {}
 func (*WatchCreateRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{19} }
 
+func (m *WatchCreateRequest) GetKey() []byte {
+	if m != nil {
+		return m.Key
+	}
+	return nil
+}
+
+func (m *WatchCreateRequest) GetRangeEnd() []byte {
+	if m != nil {
+		return m.RangeEnd
+	}
+	return nil
+}
+
+func (m *WatchCreateRequest) GetStartRevision() int64 {
+	if m != nil {
+		return m.StartRevision
+	}
+	return 0
+}
+
+func (m *WatchCreateRequest) GetProgressNotify() bool {
+	if m != nil {
+		return m.ProgressNotify
+	}
+	return false
+}
+
+func (m *WatchCreateRequest) GetFilters() []WatchCreateRequest_FilterType {
+	if m != nil {
+		return m.Filters
+	}
+	return nil
+}
+
+func (m *WatchCreateRequest) GetPrevKv() bool {
+	if m != nil {
+		return m.PrevKv
+	}
+	return false
+}
+
 type WatchCancelRequest struct {
 	// watch_id is the watcher id to cancel so that no more events are transmitted.
 	WatchId int64 `protobuf:"varint,1,opt,name=watch_id,json=watchId,proto3" json:"watch_id,omitempty"`
@@ -1208,6 +1525,13 @@ func (m *WatchCancelRequest) String() string            { return proto.CompactTe
 func (*WatchCancelRequest) ProtoMessage()               {}
 func (*WatchCancelRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{20} }
 
+func (m *WatchCancelRequest) GetWatchId() int64 {
+	if m != nil {
+		return m.WatchId
+	}
+	return 0
+}
+
 type WatchResponse struct {
 	Header *ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
 	// watch_id is the ID of the watcher that corresponds to the response.
@@ -1228,8 +1552,10 @@ type WatchResponse struct {
 	//
 	// The client should treat the watcher as canceled and should not try to create any
 	// watcher with the same start_revision again.
-	CompactRevision int64           `protobuf:"varint,5,opt,name=compact_revision,json=compactRevision,proto3" json:"compact_revision,omitempty"`
-	Events          []*mvccpb.Event `protobuf:"bytes,11,rep,name=events" json:"events,omitempty"`
+	CompactRevision int64 `protobuf:"varint,5,opt,name=compact_revision,json=compactRevision,proto3" json:"compact_revision,omitempty"`
+	// cancel_reason indicates the reason for canceling the watcher.
+	CancelReason string          `protobuf:"bytes,6,opt,name=cancel_reason,json=cancelReason,proto3" json:"cancel_reason,omitempty"`
+	Events       []*mvccpb.Event `protobuf:"bytes,11,rep,name=events" json:"events,omitempty"`
 }
 
 func (m *WatchResponse) Reset()                    { *m = WatchResponse{} }
@@ -1244,6 +1570,41 @@ func (m *WatchResponse) GetHeader() *ResponseHeader {
 	return nil
 }
 
+func (m *WatchResponse) GetWatchId() int64 {
+	if m != nil {
+		return m.WatchId
+	}
+	return 0
+}
+
+func (m *WatchResponse) GetCreated() bool {
+	if m != nil {
+		return m.Created
+	}
+	return false
+}
+
+func (m *WatchResponse) GetCanceled() bool {
+	if m != nil {
+		return m.Canceled
+	}
+	return false
+}
+
+func (m *WatchResponse) GetCompactRevision() int64 {
+	if m != nil {
+		return m.CompactRevision
+	}
+	return 0
+}
+
+func (m *WatchResponse) GetCancelReason() string {
+	if m != nil {
+		return m.CancelReason
+	}
+	return ""
+}
+
 func (m *WatchResponse) GetEvents() []*mvccpb.Event {
 	if m != nil {
 		return m.Events
@@ -1263,6 +1624,20 @@ func (m *LeaseGrantRequest) String() string            { return proto.CompactTex
 func (*LeaseGrantRequest) ProtoMessage()               {}
 func (*LeaseGrantRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{22} }
 
+func (m *LeaseGrantRequest) GetTTL() int64 {
+	if m != nil {
+		return m.TTL
+	}
+	return 0
+}
+
+func (m *LeaseGrantRequest) GetID() int64 {
+	if m != nil {
+		return m.ID
+	}
+	return 0
+}
+
 type LeaseGrantResponse struct {
 	Header *ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
 	// ID is the lease ID for the granted lease.
@@ -1284,6 +1659,27 @@ func (m *LeaseGrantResponse) GetHeader() *ResponseHeader {
 	return nil
 }
 
+func (m *LeaseGrantResponse) GetID() int64 {
+	if m != nil {
+		return m.ID
+	}
+	return 0
+}
+
+func (m *LeaseGrantResponse) GetTTL() int64 {
+	if m != nil {
+		return m.TTL
+	}
+	return 0
+}
+
+func (m *LeaseGrantResponse) GetError() string {
+	if m != nil {
+		return m.Error
+	}
+	return ""
+}
+
 type LeaseRevokeRequest struct {
 	// ID is the lease ID to revoke. When the ID is revoked, all associated keys will be deleted.
 	ID int64 `protobuf:"varint,1,opt,name=ID,proto3" json:"ID,omitempty"`
@@ -1294,6 +1690,13 @@ func (m *LeaseRevokeRequest) String() string            { return proto.CompactTe
 func (*LeaseRevokeRequest) ProtoMessage()               {}
 func (*LeaseRevokeRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{24} }
 
+func (m *LeaseRevokeRequest) GetID() int64 {
+	if m != nil {
+		return m.ID
+	}
+	return 0
+}
+
 type LeaseRevokeResponse struct {
 	Header *ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
 }
@@ -1320,6 +1723,13 @@ func (m *LeaseKeepAliveRequest) String() string            { return proto.Compac
 func (*LeaseKeepAliveRequest) ProtoMessage()               {}
 func (*LeaseKeepAliveRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{26} }
 
+func (m *LeaseKeepAliveRequest) GetID() int64 {
+	if m != nil {
+		return m.ID
+	}
+	return 0
+}
+
 type LeaseKeepAliveResponse struct {
 	Header *ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
 	// ID is the lease ID from the keep alive request.
@@ -1333,11 +1743,25 @@ func (m *LeaseKeepAliveResponse) String() string            { return proto.Compa
 func (*LeaseKeepAliveResponse) ProtoMessage()               {}
 func (*LeaseKeepAliveResponse) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{27} }
 
-func (m *LeaseKeepAliveResponse) GetHeader() *ResponseHeader {
+func (m *LeaseKeepAliveResponse) GetHeader() *ResponseHeader {
+	if m != nil {
+		return m.Header
+	}
+	return nil
+}
+
+func (m *LeaseKeepAliveResponse) GetID() int64 {
+	if m != nil {
+		return m.ID
+	}
+	return 0
+}
+
+func (m *LeaseKeepAliveResponse) GetTTL() int64 {
 	if m != nil {
-		return m.Header
+		return m.TTL
 	}
-	return nil
+	return 0
 }
 
 type LeaseTimeToLiveRequest struct {
@@ -1352,6 +1776,20 @@ func (m *LeaseTimeToLiveRequest) String() string            { return proto.Compa
 func (*LeaseTimeToLiveRequest) ProtoMessage()               {}
 func (*LeaseTimeToLiveRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{28} }
 
+func (m *LeaseTimeToLiveRequest) GetID() int64 {
+	if m != nil {
+		return m.ID
+	}
+	return 0
+}
+
+func (m *LeaseTimeToLiveRequest) GetKeys() bool {
+	if m != nil {
+		return m.Keys
+	}
+	return false
+}
+
 type LeaseTimeToLiveResponse struct {
 	Header *ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
 	// ID is the lease ID from the keep alive request.
@@ -1376,6 +1814,34 @@ func (m *LeaseTimeToLiveResponse) GetHeader() *ResponseHeader {
 	return nil
 }
 
+func (m *LeaseTimeToLiveResponse) GetID() int64 {
+	if m != nil {
+		return m.ID
+	}
+	return 0
+}
+
+func (m *LeaseTimeToLiveResponse) GetTTL() int64 {
+	if m != nil {
+		return m.TTL
+	}
+	return 0
+}
+
+func (m *LeaseTimeToLiveResponse) GetGrantedTTL() int64 {
+	if m != nil {
+		return m.GrantedTTL
+	}
+	return 0
+}
+
+func (m *LeaseTimeToLiveResponse) GetKeys() [][]byte {
+	if m != nil {
+		return m.Keys
+	}
+	return nil
+}
+
 type Member struct {
 	// ID is the member ID for this member.
 	ID uint64 `protobuf:"varint,1,opt,name=ID,proto3" json:"ID,omitempty"`
@@ -1392,6 +1858,34 @@ func (m *Member) String() string            { return proto.CompactTextString(m)
 func (*Member) ProtoMessage()               {}
 func (*Member) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{30} }
 
+func (m *Member) GetID() uint64 {
+	if m != nil {
+		return m.ID
+	}
+	return 0
+}
+
+func (m *Member) GetName() string {
+	if m != nil {
+		return m.Name
+	}
+	return ""
+}
+
+func (m *Member) GetPeerURLs() []string {
+	if m != nil {
+		return m.PeerURLs
+	}
+	return nil
+}
+
+func (m *Member) GetClientURLs() []string {
+	if m != nil {
+		return m.ClientURLs
+	}
+	return nil
+}
+
 type MemberAddRequest struct {
 	// peerURLs is the list of URLs the added member will use to communicate with the cluster.
 	PeerURLs []string `protobuf:"bytes,1,rep,name=peerURLs" json:"peerURLs,omitempty"`
@@ -1402,10 +1896,19 @@ func (m *MemberAddRequest) String() string            { return proto.CompactText
 func (*MemberAddRequest) ProtoMessage()               {}
 func (*MemberAddRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{31} }
 
+func (m *MemberAddRequest) GetPeerURLs() []string {
+	if m != nil {
+		return m.PeerURLs
+	}
+	return nil
+}
+
 type MemberAddResponse struct {
 	Header *ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
 	// member is the member information for the added member.
 	Member *Member `protobuf:"bytes,2,opt,name=member" json:"member,omitempty"`
+	// members is a list of all members after adding the new member.
+	Members []*Member `protobuf:"bytes,3,rep,name=members" json:"members,omitempty"`
 }
 
 func (m *MemberAddResponse) Reset()                    { *m = MemberAddResponse{} }
@@ -1427,6 +1930,13 @@ func (m *MemberAddResponse) GetMember() *Member {
 	return nil
 }
 
+func (m *MemberAddResponse) GetMembers() []*Member {
+	if m != nil {
+		return m.Members
+	}
+	return nil
+}
+
 type MemberRemoveRequest struct {
 	// ID is the member ID of the member to remove.
 	ID uint64 `protobuf:"varint,1,opt,name=ID,proto3" json:"ID,omitempty"`
@@ -1437,8 +1947,17 @@ func (m *MemberRemoveRequest) String() string            { return proto.CompactT
 func (*MemberRemoveRequest) ProtoMessage()               {}
 func (*MemberRemoveRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{33} }
 
+func (m *MemberRemoveRequest) GetID() uint64 {
+	if m != nil {
+		return m.ID
+	}
+	return 0
+}
+
 type MemberRemoveResponse struct {
 	Header *ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
+	// members is a list of all members after removing the member.
+	Members []*Member `protobuf:"bytes,2,rep,name=members" json:"members,omitempty"`
 }
 
 func (m *MemberRemoveResponse) Reset()                    { *m = MemberRemoveResponse{} }
@@ -1453,6 +1972,13 @@ func (m *MemberRemoveResponse) GetHeader() *ResponseHeader {
 	return nil
 }
 
+func (m *MemberRemoveResponse) GetMembers() []*Member {
+	if m != nil {
+		return m.Members
+	}
+	return nil
+}
+
 type MemberUpdateRequest struct {
 	// ID is the member ID of the member to update.
 	ID uint64 `protobuf:"varint,1,opt,name=ID,proto3" json:"ID,omitempty"`
@@ -1465,8 +1991,24 @@ func (m *MemberUpdateRequest) String() string            { return proto.CompactT
 func (*MemberUpdateRequest) ProtoMessage()               {}
 func (*MemberUpdateRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{35} }
 
+func (m *MemberUpdateRequest) GetID() uint64 {
+	if m != nil {
+		return m.ID
+	}
+	return 0
+}
+
+func (m *MemberUpdateRequest) GetPeerURLs() []string {
+	if m != nil {
+		return m.PeerURLs
+	}
+	return nil
+}
+
 type MemberUpdateResponse struct {
 	Header *ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
+	// members is a list of all members after updating the member.
+	Members []*Member `protobuf:"bytes,2,rep,name=members" json:"members,omitempty"`
 }
 
 func (m *MemberUpdateResponse) Reset()                    { *m = MemberUpdateResponse{} }
@@ -1481,6 +2023,13 @@ func (m *MemberUpdateResponse) GetHeader() *ResponseHeader {
 	return nil
 }
 
+func (m *MemberUpdateResponse) GetMembers() []*Member {
+	if m != nil {
+		return m.Members
+	}
+	return nil
+}
+
 type MemberListRequest struct {
 }
 
@@ -1555,6 +2104,27 @@ func (m *AlarmRequest) String() string            { return proto.CompactTextStri
 func (*AlarmRequest) ProtoMessage()               {}
 func (*AlarmRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{41} }
 
+func (m *AlarmRequest) GetAction() AlarmRequest_AlarmAction {
+	if m != nil {
+		return m.Action
+	}
+	return AlarmRequest_GET
+}
+
+func (m *AlarmRequest) GetMemberID() uint64 {
+	if m != nil {
+		return m.MemberID
+	}
+	return 0
+}
+
+func (m *AlarmRequest) GetAlarm() AlarmType {
+	if m != nil {
+		return m.Alarm
+	}
+	return AlarmType_NONE
+}
+
 type AlarmMember struct {
 	// memberID is the ID of the member associated with the raised alarm.
 	MemberID uint64 `protobuf:"varint,1,opt,name=memberID,proto3" json:"memberID,omitempty"`
@@ -1567,6 +2137,20 @@ func (m *AlarmMember) String() string            { return proto.CompactTextStrin
 func (*AlarmMember) ProtoMessage()               {}
 func (*AlarmMember) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{42} }
 
+func (m *AlarmMember) GetMemberID() uint64 {
+	if m != nil {
+		return m.MemberID
+	}
+	return 0
+}
+
+func (m *AlarmMember) GetAlarm() AlarmType {
+	if m != nil {
+		return m.Alarm
+	}
+	return AlarmType_NONE
+}
+
 type AlarmResponse struct {
 	Header *ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
 	// alarms is a list of alarms associated with the alarm request.
@@ -1626,6 +2210,41 @@ func (m *StatusResponse) GetHeader() *ResponseHeader {
 	return nil
 }
 
+func (m *StatusResponse) GetVersion() string {
+	if m != nil {
+		return m.Version
+	}
+	return ""
+}
+
+func (m *StatusResponse) GetDbSize() int64 {
+	if m != nil {
+		return m.DbSize
+	}
+	return 0
+}
+
+func (m *StatusResponse) GetLeader() uint64 {
+	if m != nil {
+		return m.Leader
+	}
+	return 0
+}
+
+func (m *StatusResponse) GetRaftIndex() uint64 {
+	if m != nil {
+		return m.RaftIndex
+	}
+	return 0
+}
+
+func (m *StatusResponse) GetRaftTerm() uint64 {
+	if m != nil {
+		return m.RaftTerm
+	}
+	return 0
+}
+
 type AuthEnableRequest struct {
 }
 
@@ -1652,6 +2271,20 @@ func (m *AuthenticateRequest) String() string            { return proto.CompactT
 func (*AuthenticateRequest) ProtoMessage()               {}
 func (*AuthenticateRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{48} }
 
+func (m *AuthenticateRequest) GetName() string {
+	if m != nil {
+		return m.Name
+	}
+	return ""
+}
+
+func (m *AuthenticateRequest) GetPassword() string {
+	if m != nil {
+		return m.Password
+	}
+	return ""
+}
+
 type AuthUserAddRequest struct {
 	Name     string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
 	Password string `protobuf:"bytes,2,opt,name=password,proto3" json:"password,omitempty"`
@@ -1662,6 +2295,20 @@ func (m *AuthUserAddRequest) String() string            { return proto.CompactTe
 func (*AuthUserAddRequest) ProtoMessage()               {}
 func (*AuthUserAddRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{49} }
 
+func (m *AuthUserAddRequest) GetName() string {
+	if m != nil {
+		return m.Name
+	}
+	return ""
+}
+
+func (m *AuthUserAddRequest) GetPassword() string {
+	if m != nil {
+		return m.Password
+	}
+	return ""
+}
+
 type AuthUserGetRequest struct {
 	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
 }
@@ -1671,6 +2318,13 @@ func (m *AuthUserGetRequest) String() string            { return proto.CompactTe
 func (*AuthUserGetRequest) ProtoMessage()               {}
 func (*AuthUserGetRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{50} }
 
+func (m *AuthUserGetRequest) GetName() string {
+	if m != nil {
+		return m.Name
+	}
+	return ""
+}
+
 type AuthUserDeleteRequest struct {
 	// name is the name of the user to delete.
 	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
@@ -1681,6 +2335,13 @@ func (m *AuthUserDeleteRequest) String() string            { return proto.Compac
 func (*AuthUserDeleteRequest) ProtoMessage()               {}
 func (*AuthUserDeleteRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{51} }
 
+func (m *AuthUserDeleteRequest) GetName() string {
+	if m != nil {
+		return m.Name
+	}
+	return ""
+}
+
 type AuthUserChangePasswordRequest struct {
 	// name is the name of the user whose password is being changed.
 	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
@@ -1695,6 +2356,20 @@ func (*AuthUserChangePasswordRequest) Descriptor() ([]byte, []int) {
 	return fileDescriptorRpc, []int{52}
 }
 
+func (m *AuthUserChangePasswordRequest) GetName() string {
+	if m != nil {
+		return m.Name
+	}
+	return ""
+}
+
+func (m *AuthUserChangePasswordRequest) GetPassword() string {
+	if m != nil {
+		return m.Password
+	}
+	return ""
+}
+
 type AuthUserGrantRoleRequest struct {
 	// user is the name of the user which should be granted a given role.
 	User string `protobuf:"bytes,1,opt,name=user,proto3" json:"user,omitempty"`
@@ -1707,6 +2382,20 @@ func (m *AuthUserGrantRoleRequest) String() string            { return proto.Com
 func (*AuthUserGrantRoleRequest) ProtoMessage()               {}
 func (*AuthUserGrantRoleRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{53} }
 
+func (m *AuthUserGrantRoleRequest) GetUser() string {
+	if m != nil {
+		return m.User
+	}
+	return ""
+}
+
+func (m *AuthUserGrantRoleRequest) GetRole() string {
+	if m != nil {
+		return m.Role
+	}
+	return ""
+}
+
 type AuthUserRevokeRoleRequest struct {
 	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
 	Role string `protobuf:"bytes,2,opt,name=role,proto3" json:"role,omitempty"`
@@ -1717,6 +2406,20 @@ func (m *AuthUserRevokeRoleRequest) String() string            { return proto.Co
 func (*AuthUserRevokeRoleRequest) ProtoMessage()               {}
 func (*AuthUserRevokeRoleRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{54} }
 
+func (m *AuthUserRevokeRoleRequest) GetName() string {
+	if m != nil {
+		return m.Name
+	}
+	return ""
+}
+
+func (m *AuthUserRevokeRoleRequest) GetRole() string {
+	if m != nil {
+		return m.Role
+	}
+	return ""
+}
+
 type AuthRoleAddRequest struct {
 	// name is the name of the role to add to the authentication system.
 	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
@@ -1727,6 +2430,13 @@ func (m *AuthRoleAddRequest) String() string            { return proto.CompactTe
 func (*AuthRoleAddRequest) ProtoMessage()               {}
 func (*AuthRoleAddRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{55} }
 
+func (m *AuthRoleAddRequest) GetName() string {
+	if m != nil {
+		return m.Name
+	}
+	return ""
+}
+
 type AuthRoleGetRequest struct {
 	Role string `protobuf:"bytes,1,opt,name=role,proto3" json:"role,omitempty"`
 }
@@ -1736,6 +2446,13 @@ func (m *AuthRoleGetRequest) String() string            { return proto.CompactTe
 func (*AuthRoleGetRequest) ProtoMessage()               {}
 func (*AuthRoleGetRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{56} }
 
+func (m *AuthRoleGetRequest) GetRole() string {
+	if m != nil {
+		return m.Role
+	}
+	return ""
+}
+
 type AuthUserListRequest struct {
 }
 
@@ -1761,6 +2478,13 @@ func (m *AuthRoleDeleteRequest) String() string            { return proto.Compac
 func (*AuthRoleDeleteRequest) ProtoMessage()               {}
 func (*AuthRoleDeleteRequest) Descriptor() ([]byte, []int) { return fileDescriptorRpc, []int{59} }
 
+func (m *AuthRoleDeleteRequest) GetRole() string {
+	if m != nil {
+		return m.Role
+	}
+	return ""
+}
+
 type AuthRoleGrantPermissionRequest struct {
 	// name is the name of the role which will be granted the permission.
 	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
@@ -1775,6 +2499,13 @@ func (*AuthRoleGrantPermissionRequest) Descriptor() ([]byte, []int) {
 	return fileDescriptorRpc, []int{60}
 }
 
+func (m *AuthRoleGrantPermissionRequest) GetName() string {
+	if m != nil {
+		return m.Name
+	}
+	return ""
+}
+
 func (m *AuthRoleGrantPermissionRequest) GetPerm() *authpb.Permission {
 	if m != nil {
 		return m.Perm
@@ -1795,6 +2526,27 @@ func (*AuthRoleRevokePermissionRequest) Descriptor() ([]byte, []int) {
 	return fileDescriptorRpc, []int{61}
 }
 
+func (m *AuthRoleRevokePermissionRequest) GetRole() string {
+	if m != nil {
+		return m.Role
+	}
+	return ""
+}
+
+func (m *AuthRoleRevokePermissionRequest) GetKey() string {
+	if m != nil {
+		return m.Key
+	}
+	return ""
+}
+
+func (m *AuthRoleRevokePermissionRequest) GetRangeEnd() string {
+	if m != nil {
+		return m.RangeEnd
+	}
+	return ""
+}
+
 type AuthEnableResponse struct {
 	Header *ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
 }
@@ -1845,6 +2597,13 @@ func (m *AuthenticateResponse) GetHeader() *ResponseHeader {
 	return nil
 }
 
+func (m *AuthenticateResponse) GetToken() string {
+	if m != nil {
+		return m.Token
+	}
+	return ""
+}
+
 type AuthUserAddResponse struct {
 	Header *ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
 }
@@ -1878,6 +2637,13 @@ func (m *AuthUserGetResponse) GetHeader() *ResponseHeader {
 	return nil
 }
 
+func (m *AuthUserGetResponse) GetRoles() []string {
+	if m != nil {
+		return m.Roles
+	}
+	return nil
+}
+
 type AuthUserDeleteResponse struct {
 	Header *ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
 }
@@ -2001,6 +2767,13 @@ func (m *AuthRoleListResponse) GetHeader() *ResponseHeader {
 	return nil
 }
 
+func (m *AuthRoleListResponse) GetRoles() []string {
+	if m != nil {
+		return m.Roles
+	}
+	return nil
+}
+
 type AuthUserListResponse struct {
 	Header *ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
 	Users  []string        `protobuf:"bytes,2,rep,name=users" json:"users,omitempty"`
@@ -2018,6 +2791,13 @@ func (m *AuthUserListResponse) GetHeader() *ResponseHeader {
 	return nil
 }
 
+func (m *AuthUserListResponse) GetUsers() []string {
+	if m != nil {
+		return m.Users
+	}
+	return nil
+}
+
 type AuthRoleDeleteResponse struct {
 	Header *ResponseHeader `protobuf:"bytes,1,opt,name=header" json:"header,omitempty"`
 }
@@ -3929,12 +4709,32 @@ func (m *PutRequest) MarshalTo(dAtA []byte) (int, error) {
 	if m.Lease != 0 {
 		dAtA[i] = 0x18
 		i++
-		i = encodeVarintRpc(dAtA, i, uint64(m.Lease))
+		i = encodeVarintRpc(dAtA, i, uint64(m.Lease))
+	}
+	if m.PrevKv {
+		dAtA[i] = 0x20
+		i++
+		if m.PrevKv {
+			dAtA[i] = 1
+		} else {
+			dAtA[i] = 0
+		}
+		i++
+	}
+	if m.IgnoreValue {
+		dAtA[i] = 0x28
+		i++
+		if m.IgnoreValue {
+			dAtA[i] = 1
+		} else {
+			dAtA[i] = 0
+		}
+		i++
 	}
-	if m.PrevKv {
-		dAtA[i] = 0x20
+	if m.IgnoreLease {
+		dAtA[i] = 0x30
 		i++
-		if m.PrevKv {
+		if m.IgnoreLease {
 			dAtA[i] = 1
 		} else {
 			dAtA[i] = 0
@@ -4749,6 +5549,12 @@ func (m *WatchResponse) MarshalTo(dAtA []byte) (int, error) {
 		i++
 		i = encodeVarintRpc(dAtA, i, uint64(m.CompactRevision))
 	}
+	if len(m.CancelReason) > 0 {
+		dAtA[i] = 0x32
+		i++
+		i = encodeVarintRpc(dAtA, i, uint64(len(m.CancelReason)))
+		i += copy(dAtA[i:], m.CancelReason)
+	}
 	if len(m.Events) > 0 {
 		for _, msg := range m.Events {
 			dAtA[i] = 0x5a
@@ -5159,6 +5965,18 @@ func (m *MemberAddResponse) MarshalTo(dAtA []byte) (int, error) {
 		}
 		i += n29
 	}
+	if len(m.Members) > 0 {
+		for _, msg := range m.Members {
+			dAtA[i] = 0x1a
+			i++
+			i = encodeVarintRpc(dAtA, i, uint64(msg.Size()))
+			n, err := msg.MarshalTo(dAtA[i:])
+			if err != nil {
+				return 0, err
+			}
+			i += n
+		}
+	}
 	return i, nil
 }
 
@@ -5210,6 +6028,18 @@ func (m *MemberRemoveResponse) MarshalTo(dAtA []byte) (int, error) {
 		}
 		i += n30
 	}
+	if len(m.Members) > 0 {
+		for _, msg := range m.Members {
+			dAtA[i] = 0x12
+			i++
+			i = encodeVarintRpc(dAtA, i, uint64(msg.Size()))
+			n, err := msg.MarshalTo(dAtA[i:])
+			if err != nil {
+				return 0, err
+			}
+			i += n
+		}
+	}
 	return i, nil
 }
 
@@ -5276,6 +6106,18 @@ func (m *MemberUpdateResponse) MarshalTo(dAtA []byte) (int, error) {
 		}
 		i += n31
 	}
+	if len(m.Members) > 0 {
+		for _, msg := range m.Members {
+			dAtA[i] = 0x12
+			i++
+			i = encodeVarintRpc(dAtA, i, uint64(msg.Size()))
+			n, err := msg.MarshalTo(dAtA[i:])
+			if err != nil {
+				return 0, err
+			}
+			i += n
+		}
+	}
 	return i, nil
 }
 
@@ -6610,6 +7452,12 @@ func (m *PutRequest) Size() (n int) {
 	if m.PrevKv {
 		n += 2
 	}
+	if m.IgnoreValue {
+		n += 2
+	}
+	if m.IgnoreLease {
+		n += 2
+	}
 	return n
 }
 
@@ -6973,6 +7821,10 @@ func (m *WatchResponse) Size() (n int) {
 	if m.CompactRevision != 0 {
 		n += 1 + sovRpc(uint64(m.CompactRevision))
 	}
+	l = len(m.CancelReason)
+	if l > 0 {
+		n += 1 + l + sovRpc(uint64(l))
+	}
 	if len(m.Events) > 0 {
 		for _, e := range m.Events {
 			l = e.Size()
@@ -7143,6 +7995,12 @@ func (m *MemberAddResponse) Size() (n int) {
 		l = m.Member.Size()
 		n += 1 + l + sovRpc(uint64(l))
 	}
+	if len(m.Members) > 0 {
+		for _, e := range m.Members {
+			l = e.Size()
+			n += 1 + l + sovRpc(uint64(l))
+		}
+	}
 	return n
 }
 
@@ -7162,6 +8020,12 @@ func (m *MemberRemoveResponse) Size() (n int) {
 		l = m.Header.Size()
 		n += 1 + l + sovRpc(uint64(l))
 	}
+	if len(m.Members) > 0 {
+		for _, e := range m.Members {
+			l = e.Size()
+			n += 1 + l + sovRpc(uint64(l))
+		}
+	}
 	return n
 }
 
@@ -7187,6 +8051,12 @@ func (m *MemberUpdateResponse) Size() (n int) {
 		l = m.Header.Size()
 		n += 1 + l + sovRpc(uint64(l))
 	}
+	if len(m.Members) > 0 {
+		for _, e := range m.Members {
+			l = e.Size()
+			n += 1 + l + sovRpc(uint64(l))
+		}
+	}
 	return n
 }
 
@@ -8413,6 +9283,46 @@ func (m *PutRequest) Unmarshal(dAtA []byte) error {
 				}
 			}
 			m.PrevKv = bool(v != 0)
+		case 5:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field IgnoreValue", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowRpc
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.IgnoreValue = bool(v != 0)
+		case 6:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field IgnoreLease", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowRpc
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.IgnoreLease = bool(v != 0)
 		default:
 			iNdEx = preIndex
 			skippy, err := skipRpc(dAtA[iNdEx:])
@@ -10345,7 +11255,24 @@ func (m *WatchCreateRequest) Unmarshal(dAtA []byte) error {
 			}
 			m.ProgressNotify = bool(v != 0)
 		case 5:
-			if wireType == 2 {
+			if wireType == 0 {
+				var v WatchCreateRequest_FilterType
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowRpc
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					v |= (WatchCreateRequest_FilterType(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				m.Filters = append(m.Filters, v)
+			} else if wireType == 2 {
 				var packedLen int
 				for shift := uint(0); ; shift += 7 {
 					if shift >= 64 {
@@ -10386,23 +11313,6 @@ func (m *WatchCreateRequest) Unmarshal(dAtA []byte) error {
 					}
 					m.Filters = append(m.Filters, v)
 				}
-			} else if wireType == 0 {
-				var v WatchCreateRequest_FilterType
-				for shift := uint(0); ; shift += 7 {
-					if shift >= 64 {
-						return ErrIntOverflowRpc
-					}
-					if iNdEx >= l {
-						return io.ErrUnexpectedEOF
-					}
-					b := dAtA[iNdEx]
-					iNdEx++
-					v |= (WatchCreateRequest_FilterType(b) & 0x7F) << shift
-					if b < 0x80 {
-						break
-					}
-				}
-				m.Filters = append(m.Filters, v)
 			} else {
 				return fmt.Errorf("proto: wrong wireType = %d for field Filters", wireType)
 			}
@@ -10656,6 +11566,35 @@ func (m *WatchResponse) Unmarshal(dAtA []byte) error {
 					break
 				}
 			}
+		case 6:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field CancelReason", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowRpc
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthRpc
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.CancelReason = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
 		case 11:
 			if wireType != 2 {
 				return fmt.Errorf("proto: wrong wireType = %d for field Events", wireType)
@@ -11876,6 +12815,37 @@ func (m *MemberAddResponse) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Members", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowRpc
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthRpc
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Members = append(m.Members, &Member{})
+			if err := m.Members[len(m.Members)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipRpc(dAtA[iNdEx:])
@@ -12028,6 +12998,37 @@ func (m *MemberRemoveResponse) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Members", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowRpc
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthRpc
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Members = append(m.Members, &Member{})
+			if err := m.Members[len(m.Members)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipRpc(dAtA[iNdEx:])
@@ -12209,6 +13210,37 @@ func (m *MemberUpdateResponse) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Members", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowRpc
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthRpc
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Members = append(m.Members, &Member{})
+			if err := m.Members[len(m.Members)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipRpc(dAtA[iNdEx:])
@@ -16041,218 +17073,221 @@ var (
 func init() { proto.RegisterFile("rpc.proto", fileDescriptorRpc) }
 
 var fileDescriptorRpc = []byte{
-	// 3401 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0xb4, 0x5b, 0xcb, 0x73, 0x1b, 0xc7,
-	0xd1, 0xe7, 0x02, 0x24, 0x40, 0x34, 0x1e, 0x84, 0x86, 0x94, 0x04, 0xae, 0x24, 0x8a, 0x1a, 0xbd,
-	0x28, 0xc9, 0x26, 0x6d, 0xda, 0xdf, 0x77, 0xd0, 0xe7, 0x72, 0x7d, 0x14, 0x09, 0x8b, 0x0c, 0x29,
-	0x52, 0x5e, 0x52, 0xb2, 0x53, 0xe5, 0x0a, 0x6a, 0x09, 0x8c, 0xc8, 0x2d, 0x02, 0xbb, 0xf0, 0xee,
-	0x02, 0x22, 0x9d, 0xa4, 0x2a, 0xe5, 0xd8, 0x95, 0x4a, 0x8e, 0xf1, 0x21, 0xaf, 0x63, 0x2a, 0x87,
-	0xfc, 0x01, 0xb9, 0xe5, 0x0f, 0x48, 0xe5, 0x92, 0x54, 0xe5, 0x1f, 0x48, 0x39, 0x39, 0xe4, 0x90,
-	0x7b, 0x4e, 0xa9, 0xa4, 0xe6, 0xb5, 0x3b, 0xbb, 0xd8, 0x05, 0xe5, 0x6c, 0x7c, 0x11, 0x77, 0x66,
-	0x7a, 0xfa, 0xd7, 0xdd, 0x33, 0xdd, 0xd3, 0xd3, 0x03, 0x41, 0xc9, 0xed, 0xb7, 0x97, 0xfb, 0xae,
-	0xe3, 0x3b, 0xa8, 0x42, 0xfc, 0x76, 0xc7, 0x23, 0xee, 0x90, 0xb8, 0xfd, 0x43, 0x7d, 0xee, 0xc8,
-	0x39, 0x72, 0xd8, 0xc0, 0x0a, 0xfd, 0xe2, 0x34, 0xfa, 0x3c, 0xa5, 0x59, 0xe9, 0x0d, 0xdb, 0x6d,
-	0xf6, 0x4f, 0xff, 0x70, 0xe5, 0x64, 0x28, 0x86, 0xae, 0xb0, 0x21, 0x73, 0xe0, 0x1f, 0xb3, 0x7f,
-	0xfa, 0x87, 0xec, 0x8f, 0x18, 0xbc, 0x7a, 0xe4, 0x38, 0x47, 0x5d, 0xb2, 0x62, 0xf6, 0xad, 0x15,
-	0xd3, 0xb6, 0x1d, 0xdf, 0xf4, 0x2d, 0xc7, 0xf6, 0xf8, 0x28, 0xfe, 0x5c, 0x83, 0x9a, 0x41, 0xbc,
-	0xbe, 0x63, 0x7b, 0x64, 0x93, 0x98, 0x1d, 0xe2, 0xa2, 0x6b, 0x00, 0xed, 0xee, 0xc0, 0xf3, 0x89,
-	0xdb, 0xb2, 0x3a, 0x0d, 0x6d, 0x51, 0x5b, 0x9a, 0x34, 0x4a, 0xa2, 0x67, 0xab, 0x83, 0xae, 0x40,
-	0xa9, 0x47, 0x7a, 0x87, 0x7c, 0x34, 0xc7, 0x46, 0xa7, 0x79, 0xc7, 0x56, 0x07, 0xe9, 0x30, 0xed,
-	0x92, 0xa1, 0xe5, 0x59, 0x8e, 0xdd, 0xc8, 0x2f, 0x6a, 0x4b, 0x79, 0x23, 0x68, 0xd3, 0x89, 0xae,
-	0xf9, 0xc2, 0x6f, 0xf9, 0xc4, 0xed, 0x35, 0x26, 0xf9, 0x44, 0xda, 0x71, 0x40, 0xdc, 0x1e, 0xfe,
-	0x6c, 0x0a, 0x2a, 0x86, 0x69, 0x1f, 0x11, 0x83, 0x7c, 0x3c, 0x20, 0x9e, 0x8f, 0xea, 0x90, 0x3f,
-	0x21, 0x67, 0x0c, 0xbe, 0x62, 0xd0, 0x4f, 0x3e, 0xdf, 0x3e, 0x22, 0x2d, 0x62, 0x73, 0xe0, 0x0a,
-	0x9d, 0x6f, 0x1f, 0x91, 0xa6, 0xdd, 0x41, 0x73, 0x30, 0xd5, 0xb5, 0x7a, 0x96, 0x2f, 0x50, 0x79,
-	0x23, 0x22, 0xce, 0x64, 0x4c, 0x9c, 0x75, 0x00, 0xcf, 0x71, 0xfd, 0x96, 0xe3, 0x76, 0x88, 0xdb,
-	0x98, 0x5a, 0xd4, 0x96, 0x6a, 0xab, 0xb7, 0x96, 0xd5, 0x85, 0x58, 0x56, 0x05, 0x5a, 0xde, 0x77,
-	0x5c, 0x7f, 0x8f, 0xd2, 0x1a, 0x25, 0x4f, 0x7e, 0xa2, 0xf7, 0xa0, 0xcc, 0x98, 0xf8, 0xa6, 0x7b,
-	0x44, 0xfc, 0x46, 0x81, 0x71, 0xb9, 0x7d, 0x0e, 0x97, 0x03, 0x46, 0x6c, 0x30, 0x78, 0xfe, 0x8d,
-	0x30, 0x54, 0x3c, 0xe2, 0x5a, 0x66, 0xd7, 0xfa, 0xc4, 0x3c, 0xec, 0x92, 0x46, 0x71, 0x51, 0x5b,
-	0x9a, 0x36, 0x22, 0x7d, 0x54, 0xff, 0x13, 0x72, 0xe6, 0xb5, 0x1c, 0xbb, 0x7b, 0xd6, 0x98, 0x66,
-	0x04, 0xd3, 0xb4, 0x63, 0xcf, 0xee, 0x9e, 0xb1, 0x45, 0x73, 0x06, 0xb6, 0xcf, 0x47, 0x4b, 0x6c,
-	0xb4, 0xc4, 0x7a, 0xd8, 0xf0, 0x12, 0xd4, 0x7b, 0x96, 0xdd, 0xea, 0x39, 0x9d, 0x56, 0x60, 0x10,
-	0x60, 0x06, 0xa9, 0xf5, 0x2c, 0xfb, 0x89, 0xd3, 0x31, 0xa4, 0x59, 0x28, 0xa5, 0x79, 0x1a, 0xa5,
-	0x2c, 0x0b, 0x4a, 0xf3, 0x54, 0xa5, 0x5c, 0x86, 0x59, 0xca, 0xb3, 0xed, 0x12, 0xd3, 0x27, 0x21,
-	0x71, 0x85, 0x11, 0x5f, 0xe8, 0x59, 0xf6, 0x3a, 0x1b, 0x89, 0xd0, 0x9b, 0xa7, 0x23, 0xf4, 0x55,
-	0x41, 0x6f, 0x9e, 0x46, 0xe9, 0xf1, 0x32, 0x94, 0x02, 0x9b, 0xa3, 0x69, 0x98, 0xdc, 0xdd, 0xdb,
-	0x6d, 0xd6, 0x27, 0x10, 0x40, 0x61, 0x6d, 0x7f, 0xbd, 0xb9, 0xbb, 0x51, 0xd7, 0x50, 0x19, 0x8a,
-	0x1b, 0x4d, 0xde, 0xc8, 0xe1, 0x47, 0x00, 0xa1, 0x75, 0x51, 0x11, 0xf2, 0xdb, 0xcd, 0x6f, 0xd6,
-	0x27, 0x28, 0xcd, 0xf3, 0xa6, 0xb1, 0xbf, 0xb5, 0xb7, 0x5b, 0xd7, 0xe8, 0xe4, 0x75, 0xa3, 0xb9,
-	0x76, 0xd0, 0xac, 0xe7, 0x28, 0xc5, 0x93, 0xbd, 0x8d, 0x7a, 0x1e, 0x95, 0x60, 0xea, 0xf9, 0xda,
-	0xce, 0xb3, 0x66, 0x7d, 0x12, 0x7f, 0xa1, 0x41, 0x55, 0xac, 0x17, 0xf7, 0x09, 0xf4, 0x36, 0x14,
-	0x8e, 0x99, 0x5f, 0xb0, 0xad, 0x58, 0x5e, 0xbd, 0x1a, 0x5b, 0xdc, 0x88, 0xef, 0x18, 0x82, 0x16,
-	0x61, 0xc8, 0x9f, 0x0c, 0xbd, 0x46, 0x6e, 0x31, 0xbf, 0x54, 0x5e, 0xad, 0x2f, 0x73, 0x87, 0x5d,
-	0xde, 0x26, 0x67, 0xcf, 0xcd, 0xee, 0x80, 0x18, 0x74, 0x10, 0x21, 0x98, 0xec, 0x39, 0x2e, 0x61,
-	0x3b, 0x76, 0xda, 0x60, 0xdf, 0x74, 0x1b, 0xb3, 0x45, 0x13, 0xbb, 0x95, 0x37, 0x70, 0x1b, 0xe0,
-	0xe9, 0xc0, 0x4f, 0xf7, 0x8c, 0x39, 0x98, 0x1a, 0x52, 0xbe, 0xc2, 0x2b, 0x78, 0x83, 0xb9, 0x04,
-	0x31, 0x3d, 0x12, 0xb8, 0x04, 0x6d, 0xa0, 0xcb, 0x50, 0xec, 0xbb, 0x64, 0xd8, 0x3a, 0x19, 0x32,
-	0x8c, 0x69, 0xa3, 0x40, 0x9b, 0xdb, 0x43, 0x6c, 0x43, 0x99, 0x81, 0x64, 0xd2, 0xfb, 0x5e, 0xc8,
-	0x3d, 0xc7, 0xa6, 0x8d, 0xea, 0x2e, 0xf1, 0x3e, 0x02, 0xb4, 0x41, 0xba, 0xc4, 0x27, 0x59, 0xdc,
-	0x5e, 0xd1, 0x26, 0x1f, 0xd1, 0xe6, 0xc7, 0x1a, 0xcc, 0x46, 0xd8, 0x67, 0x52, 0xab, 0x01, 0xc5,
-	0x0e, 0x63, 0xc6, 0x25, 0xc8, 0x1b, 0xb2, 0x89, 0x1e, 0xc0, 0xb4, 0x10, 0xc0, 0x6b, 0xe4, 0x53,
-	0x56, 0xbb, 0xc8, 0x65, 0xf2, 0xf0, 0xdf, 0x35, 0x28, 0x09, 0x45, 0xf7, 0xfa, 0x68, 0x0d, 0xaa,
-	0x2e, 0x6f, 0xb4, 0x98, 0x3e, 0x42, 0x22, 0x3d, 0x3d, 0x7a, 0x6c, 0x4e, 0x18, 0x15, 0x31, 0x85,
-	0x75, 0xa3, 0xff, 0x83, 0xb2, 0x64, 0xd1, 0x1f, 0xf8, 0xc2, 0xe4, 0x8d, 0x28, 0x83, 0x70, 0xe7,
-	0x6c, 0x4e, 0x18, 0x20, 0xc8, 0x9f, 0x0e, 0x7c, 0x74, 0x00, 0x73, 0x72, 0x32, 0xd7, 0x46, 0x88,
-	0x91, 0x67, 0x5c, 0x16, 0xa3, 0x5c, 0x46, 0x97, 0x6a, 0x73, 0xc2, 0x40, 0x62, 0xbe, 0x32, 0xf8,
-	0xa8, 0x04, 0x45, 0xd1, 0x8b, 0xff, 0xa1, 0x01, 0x48, 0x83, 0xee, 0xf5, 0xd1, 0x06, 0xd4, 0x5c,
-	0xd1, 0x8a, 0x28, 0x7c, 0x25, 0x51, 0x61, 0xb1, 0x0e, 0x13, 0x46, 0x55, 0x4e, 0xe2, 0x2a, 0xbf,
-	0x0b, 0x95, 0x80, 0x4b, 0xa8, 0xf3, 0x7c, 0x82, 0xce, 0x01, 0x87, 0xb2, 0x9c, 0x40, 0xb5, 0xfe,
-	0x00, 0x2e, 0x06, 0xf3, 0x13, 0xd4, 0xbe, 0x31, 0x46, 0xed, 0x80, 0xe1, 0xac, 0xe4, 0xa0, 0x2a,
-	0x0e, 0xf4, 0xac, 0xe1, 0xdd, 0xf8, 0xd7, 0x79, 0x28, 0xae, 0x3b, 0xbd, 0xbe, 0xe9, 0xd2, 0x35,
-	0x2a, 0xb8, 0xc4, 0x1b, 0x74, 0x7d, 0xa6, 0x6e, 0x6d, 0xf5, 0x66, 0x14, 0x41, 0x90, 0xc9, 0xbf,
-	0x06, 0x23, 0x35, 0xc4, 0x14, 0x3a, 0x59, 0x1c, 0x2d, 0xb9, 0x57, 0x98, 0x2c, 0x0e, 0x16, 0x31,
-	0x45, 0xfa, 0x52, 0x3e, 0xf4, 0x25, 0x1d, 0x8a, 0x43, 0xe2, 0x86, 0xc7, 0xe1, 0xe6, 0x84, 0x21,
-	0x3b, 0xd0, 0x3d, 0x98, 0x89, 0x87, 0xe6, 0x29, 0x41, 0x53, 0x6b, 0x47, 0x23, 0xf9, 0x4d, 0xa8,
-	0x44, 0xce, 0x87, 0x82, 0xa0, 0x2b, 0xf7, 0x94, 0xe3, 0xe1, 0x92, 0x0c, 0x4a, 0xf4, 0x2c, 0xab,
-	0x6c, 0x4e, 0x88, 0xb0, 0x84, 0xff, 0x1f, 0xaa, 0x11, 0x5d, 0x69, 0xf8, 0x6d, 0xbe, 0xff, 0x6c,
-	0x6d, 0x87, 0xc7, 0xea, 0xc7, 0x2c, 0x3c, 0x1b, 0x75, 0x8d, 0x86, 0xfc, 0x9d, 0xe6, 0xfe, 0x7e,
-	0x3d, 0x87, 0xaa, 0x50, 0xda, 0xdd, 0x3b, 0x68, 0x71, 0xaa, 0x3c, 0x7e, 0x27, 0xe0, 0x20, 0x62,
-	0xbd, 0x12, 0xe2, 0x27, 0x94, 0x10, 0xaf, 0xc9, 0x10, 0x9f, 0x0b, 0x43, 0x7c, 0xfe, 0x51, 0x0d,
-	0x2a, 0xdc, 0x3e, 0xad, 0x81, 0x4d, 0x8f, 0x99, 0x5f, 0x6a, 0x00, 0x07, 0xa7, 0xb6, 0x0c, 0x40,
-	0x2b, 0x50, 0x6c, 0x73, 0xe6, 0x0d, 0x8d, 0xf9, 0xf3, 0xc5, 0x44, 0x93, 0x1b, 0x92, 0x0a, 0xbd,
-	0x09, 0x45, 0x6f, 0xd0, 0x6e, 0x13, 0x4f, 0x86, 0xfb, 0xcb, 0xf1, 0x90, 0x22, 0x1c, 0xde, 0x90,
-	0x74, 0x74, 0xca, 0x0b, 0xd3, 0xea, 0x0e, 0x58, 0xf0, 0x1f, 0x3f, 0x45, 0xd0, 0xe1, 0x9f, 0x69,
-	0x50, 0x66, 0x52, 0x66, 0x8a, 0x63, 0x57, 0xa1, 0xc4, 0x64, 0x20, 0x1d, 0x11, 0xc9, 0xa6, 0x8d,
-	0xb0, 0x03, 0xfd, 0x2f, 0x94, 0xe4, 0x0e, 0x96, 0xc1, 0xac, 0x91, 0xcc, 0x76, 0xaf, 0x6f, 0x84,
-	0xa4, 0x78, 0x1b, 0x2e, 0x30, 0xab, 0xb4, 0x69, 0x62, 0x29, 0xed, 0xa8, 0xa6, 0x5e, 0x5a, 0x2c,
-	0xf5, 0xd2, 0x61, 0xba, 0x7f, 0x7c, 0xe6, 0x59, 0x6d, 0xb3, 0x2b, 0xa4, 0x08, 0xda, 0xf8, 0x1b,
-	0x80, 0x54, 0x66, 0x59, 0xd4, 0xc5, 0x55, 0x28, 0x6f, 0x9a, 0xde, 0xb1, 0x10, 0x09, 0x7f, 0x08,
-	0x15, 0xde, 0xcc, 0x64, 0x43, 0x04, 0x93, 0xc7, 0xa6, 0x77, 0xcc, 0x04, 0xaf, 0x1a, 0xec, 0x1b,
-	0x5f, 0x80, 0x99, 0x7d, 0xdb, 0xec, 0x7b, 0xc7, 0x8e, 0x8c, 0xb5, 0x34, 0xb1, 0xae, 0x87, 0x7d,
-	0x99, 0x10, 0xef, 0xc2, 0x8c, 0x4b, 0x7a, 0xa6, 0x65, 0x5b, 0xf6, 0x51, 0xeb, 0xf0, 0xcc, 0x27,
-	0x9e, 0xc8, 0xbb, 0x6b, 0x41, 0xf7, 0x23, 0xda, 0x4b, 0x45, 0x3b, 0xec, 0x3a, 0x87, 0xc2, 0xe3,
-	0xd9, 0x37, 0xfe, 0x8d, 0x06, 0x95, 0x0f, 0x4c, 0xbf, 0x2d, 0xad, 0x80, 0xb6, 0xa0, 0x16, 0xf8,
-	0x39, 0xeb, 0x11, 0xb2, 0xc4, 0x02, 0x3e, 0x9b, 0x23, 0x33, 0x32, 0x19, 0xf0, 0xab, 0x6d, 0xb5,
-	0x83, 0xb1, 0x32, 0xed, 0x36, 0xe9, 0x06, 0xac, 0x72, 0xe9, 0xac, 0x18, 0xa1, 0xca, 0x4a, 0xed,
-	0x78, 0x34, 0x13, 0x1e, 0x86, 0xdc, 0x2d, 0x7f, 0x9e, 0x03, 0x34, 0x2a, 0xc3, 0x57, 0xcd, 0x0f,
-	0x6e, 0x43, 0xcd, 0xf3, 0x4d, 0xd7, 0x6f, 0xc5, 0x6e, 0x25, 0x55, 0xd6, 0x1b, 0xc4, 0xaa, 0xbb,
-	0x30, 0xd3, 0x77, 0x9d, 0x23, 0x97, 0x78, 0x5e, 0xcb, 0x76, 0x7c, 0xeb, 0xc5, 0x99, 0x48, 0x8e,
-	0x6a, 0xb2, 0x7b, 0x97, 0xf5, 0xa2, 0x26, 0x14, 0x5f, 0x58, 0x5d, 0x9f, 0xb8, 0x5e, 0x63, 0x6a,
-	0x31, 0xbf, 0x54, 0x5b, 0x7d, 0x70, 0x9e, 0xd5, 0x96, 0xdf, 0x63, 0xf4, 0x07, 0x67, 0x7d, 0x62,
-	0xc8, 0xb9, 0x6a, 0xda, 0x52, 0x88, 0xa4, 0x2d, 0xb7, 0x01, 0x42, 0x7a, 0x1a, 0xb5, 0x76, 0xf7,
-	0x9e, 0x3e, 0x3b, 0xa8, 0x4f, 0xa0, 0x0a, 0x4c, 0xef, 0xee, 0x6d, 0x34, 0x77, 0x9a, 0x34, 0xae,
-	0xe1, 0x15, 0x69, 0x1b, 0xd5, 0x86, 0x68, 0x1e, 0xa6, 0x5f, 0xd2, 0x5e, 0x79, 0x6d, 0xcb, 0x1b,
-	0x45, 0xd6, 0xde, 0xea, 0xe0, 0xbf, 0x69, 0x50, 0x15, 0xbb, 0x20, 0xd3, 0x56, 0x54, 0x21, 0x72,
-	0x11, 0x08, 0x9a, 0x23, 0xf1, 0xdd, 0xd1, 0x11, 0xa9, 0x98, 0x6c, 0x52, 0x77, 0xe7, 0x8b, 0x4d,
-	0x3a, 0xc2, 0xac, 0x41, 0x1b, 0xdd, 0x83, 0x7a, 0x9b, 0xbb, 0x7b, 0xec, 0xd8, 0x31, 0x66, 0x44,
-	0x7f, 0xb0, 0x48, 0xb7, 0xa1, 0x40, 0x86, 0xc4, 0xf6, 0xbd, 0x46, 0x99, 0xc5, 0xa6, 0xaa, 0x4c,
-	0xb4, 0x9a, 0xb4, 0xd7, 0x10, 0x83, 0xf8, 0x7f, 0xe0, 0xc2, 0x0e, 0xcd, 0x74, 0x1f, 0xbb, 0xa6,
-	0xad, 0xe6, 0xcc, 0x07, 0x07, 0x3b, 0xc2, 0x2a, 0xf4, 0x13, 0xd5, 0x20, 0xb7, 0xb5, 0x21, 0x74,
-	0xc8, 0x6d, 0x6d, 0xe0, 0x4f, 0x35, 0x40, 0xea, 0xbc, 0x4c, 0x66, 0x8a, 0x31, 0x97, 0xf0, 0xf9,
-	0x10, 0x7e, 0x0e, 0xa6, 0x88, 0xeb, 0x3a, 0x2e, 0x33, 0x48, 0xc9, 0xe0, 0x0d, 0x7c, 0x4b, 0xc8,
-	0x60, 0x90, 0xa1, 0x73, 0x12, 0xec, 0x79, 0xce, 0x4d, 0x0b, 0x44, 0xdd, 0x86, 0xd9, 0x08, 0x55,
-	0xa6, 0x18, 0x79, 0x17, 0x2e, 0x32, 0x66, 0xdb, 0x84, 0xf4, 0xd7, 0xba, 0xd6, 0x30, 0x15, 0xb5,
-	0x0f, 0x97, 0xe2, 0x84, 0x5f, 0xaf, 0x8d, 0xf0, 0x3b, 0x02, 0xf1, 0xc0, 0xea, 0x91, 0x03, 0x67,
-	0x27, 0x5d, 0x36, 0x1a, 0xf8, 0xe8, 0x4d, 0x58, 0x1c, 0x26, 0xec, 0x1b, 0xff, 0x4a, 0x83, 0xcb,
-	0x23, 0xd3, 0xbf, 0xe6, 0x55, 0x5d, 0x00, 0x38, 0xa2, 0xdb, 0x87, 0x74, 0xe8, 0x00, 0xbf, 0xc3,
-	0x29, 0x3d, 0x81, 0x9c, 0x34, 0x76, 0x54, 0x84, 0x9c, 0xc7, 0x50, 0x78, 0xc2, 0xca, 0x27, 0x8a,
-	0x56, 0x93, 0x52, 0x2b, 0xdb, 0xec, 0xf1, 0x5b, 0x5d, 0xc9, 0x60, 0xdf, 0xec, 0xe8, 0x24, 0xc4,
-	0x7d, 0x66, 0xec, 0xf0, 0x23, 0xba, 0x64, 0x04, 0x6d, 0x8a, 0xde, 0xee, 0x5a, 0xc4, 0xf6, 0xd9,
-	0xe8, 0x24, 0x1b, 0x55, 0x7a, 0xf0, 0x32, 0xd4, 0x39, 0xd2, 0x5a, 0xa7, 0xa3, 0x1c, 0xd3, 0x01,
-	0x3f, 0x2d, 0xca, 0x0f, 0xbf, 0x84, 0x0b, 0x0a, 0x7d, 0x26, 0xd3, 0xbd, 0x06, 0x05, 0x5e, 0x23,
-	0x12, 0x27, 0xc4, 0x5c, 0x74, 0x16, 0x87, 0x31, 0x04, 0x0d, 0xbe, 0x0d, 0xb3, 0xa2, 0x87, 0xf4,
-	0x9c, 0xa4, 0x55, 0x67, 0xf6, 0xc1, 0x3b, 0x30, 0x17, 0x25, 0xcb, 0xe4, 0x08, 0x6b, 0x12, 0xf4,
-	0x59, 0xbf, 0xa3, 0x1c, 0x38, 0xf1, 0x45, 0x51, 0x0d, 0x96, 0x8b, 0x19, 0x2c, 0x10, 0x48, 0xb2,
-	0xc8, 0x24, 0xd0, 0xac, 0x34, 0xff, 0x8e, 0xe5, 0x05, 0x69, 0xc5, 0x27, 0x80, 0xd4, 0xce, 0x4c,
-	0x8b, 0xb2, 0x0c, 0x45, 0x6e, 0x70, 0x99, 0xb9, 0x26, 0xaf, 0x8a, 0x24, 0xa2, 0x02, 0x6d, 0x90,
-	0x17, 0xae, 0x79, 0xd4, 0x23, 0x41, 0x64, 0xa5, 0xf9, 0x9a, 0xda, 0x99, 0x49, 0xe3, 0x3f, 0x68,
-	0x50, 0x59, 0xeb, 0x9a, 0x6e, 0x4f, 0x1a, 0xff, 0x5d, 0x28, 0xf0, 0x44, 0x50, 0xdc, 0x9d, 0xee,
-	0x44, 0xd9, 0xa8, 0xb4, 0xbc, 0xb1, 0xc6, 0xd3, 0x46, 0x31, 0x8b, 0x2e, 0x96, 0x28, 0x4d, 0x6e,
-	0xc4, 0x4a, 0x95, 0x1b, 0xe8, 0x75, 0x98, 0x32, 0xe9, 0x14, 0xe6, 0xbf, 0xb5, 0x78, 0x0a, 0xce,
-	0xb8, 0xb1, 0x43, 0x9b, 0x53, 0xe1, 0xb7, 0xa1, 0xac, 0x20, 0xd0, 0x9b, 0xc5, 0xe3, 0xa6, 0x38,
-	0x98, 0xd7, 0xd6, 0x0f, 0xb6, 0x9e, 0xf3, 0x0b, 0x47, 0x0d, 0x60, 0xa3, 0x19, 0xb4, 0x73, 0xf8,
-	0x43, 0x31, 0x4b, 0x78, 0xb8, 0x2a, 0x8f, 0x96, 0x26, 0x4f, 0xee, 0x95, 0xe4, 0x39, 0x85, 0xaa,
-	0x50, 0x3f, 0xd3, 0x1e, 0x78, 0x13, 0x0a, 0x8c, 0x9f, 0xdc, 0x02, 0xf3, 0x09, 0xb0, 0xd2, 0x3b,
-	0x39, 0x21, 0x9e, 0x81, 0xea, 0xbe, 0x6f, 0xfa, 0x03, 0x4f, 0x6e, 0x81, 0xdf, 0x6b, 0x50, 0x93,
-	0x3d, 0x59, 0xcb, 0x2c, 0xf2, 0x7a, 0xca, 0x63, 0x5e, 0x70, 0x39, 0xbd, 0x04, 0x85, 0xce, 0xe1,
-	0xbe, 0xf5, 0x89, 0x2c, 0x66, 0x89, 0x16, 0xed, 0xef, 0x72, 0x1c, 0x5e, 0x50, 0x16, 0x2d, 0x7a,
-	0xd1, 0x71, 0xcd, 0x17, 0xfe, 0x96, 0xdd, 0x21, 0xa7, 0x2c, 0x9f, 0x98, 0x34, 0xc2, 0x0e, 0x76,
-	0x37, 0x11, 0x85, 0x67, 0x96, 0x7f, 0xa9, 0x85, 0xe8, 0x59, 0xb8, 0xb0, 0x36, 0xf0, 0x8f, 0x9b,
-	0xb6, 0x79, 0xd8, 0x95, 0x41, 0x00, 0xcf, 0x01, 0xa2, 0x9d, 0x1b, 0x96, 0xa7, 0xf6, 0x36, 0x61,
-	0x96, 0xf6, 0x12, 0xdb, 0xb7, 0xda, 0x4a, 0xc4, 0x90, 0x61, 0x5b, 0x8b, 0x85, 0x6d, 0xd3, 0xf3,
-	0x5e, 0x3a, 0x6e, 0x47, 0xa8, 0x16, 0xb4, 0xf1, 0x06, 0x67, 0xfe, 0xcc, 0x8b, 0x04, 0xe6, 0xaf,
-	0xca, 0x65, 0x29, 0xe4, 0xf2, 0x98, 0xf8, 0x63, 0xb8, 0xe0, 0x07, 0x70, 0x51, 0x52, 0x8a, 0xfa,
-	0xc5, 0x18, 0xe2, 0x3d, 0xb8, 0x26, 0x89, 0xd7, 0x8f, 0x69, 0x56, 0xfd, 0x54, 0x00, 0xfe, 0xa7,
-	0x72, 0x3e, 0x82, 0x46, 0x20, 0x27, 0xcb, 0xb4, 0x9c, 0xae, 0x2a, 0xc0, 0xc0, 0x13, 0x7b, 0xa6,
-	0x64, 0xb0, 0x6f, 0xda, 0xe7, 0x3a, 0xdd, 0xe0, 0x10, 0xa4, 0xdf, 0x78, 0x1d, 0xe6, 0x25, 0x0f,
-	0x91, 0x03, 0x45, 0x99, 0x8c, 0x08, 0x94, 0xc4, 0x44, 0x18, 0x8c, 0x4e, 0x1d, 0x6f, 0x76, 0x95,
-	0x32, 0x6a, 0x5a, 0xc6, 0x53, 0x53, 0x78, 0x5e, 0xe4, 0x3b, 0x82, 0x0a, 0xa6, 0x06, 0x6d, 0xd1,
-	0x4d, 0x19, 0xa8, 0xdd, 0x62, 0x21, 0x68, 0xf7, 0xc8, 0x42, 0x8c, 0xb0, 0xfe, 0x08, 0x16, 0x02,
-	0x21, 0xa8, 0xdd, 0x9e, 0x12, 0xb7, 0x67, 0x79, 0x9e, 0x72, 0xe3, 0x4e, 0x52, 0xfc, 0x0e, 0x4c,
-	0xf6, 0x89, 0x88, 0x29, 0xe5, 0x55, 0xb4, 0xcc, 0x9f, 0x87, 0x96, 0x95, 0xc9, 0x6c, 0x1c, 0x77,
-	0xe0, 0xba, 0xe4, 0xce, 0x2d, 0x9a, 0xc8, 0x3e, 0x2e, 0x94, 0xbc, 0x8d, 0x71, 0xb3, 0x8e, 0xde,
-	0xc6, 0xf2, 0x7c, 0xed, 0xe5, 0x6d, 0x8c, 0x9e, 0x15, 0xaa, 0x6f, 0x65, 0x3a, 0x2b, 0xb6, 0xb9,
-	0x4d, 0x03, 0x97, 0xcc, 0xc4, 0xec, 0x10, 0xe6, 0xa2, 0x9e, 0x9c, 0x29, 0x8c, 0xcd, 0xc1, 0x94,
-	0xef, 0x9c, 0x10, 0x19, 0xc4, 0x78, 0x43, 0x0a, 0x1c, 0xb8, 0x79, 0x26, 0x81, 0xcd, 0x90, 0x19,
-	0xdb, 0x92, 0x59, 0xe5, 0xa5, 0xab, 0x29, 0xf3, 0x19, 0xde, 0xc0, 0xbb, 0x70, 0x29, 0x1e, 0x26,
-	0x32, 0x89, 0xfc, 0x9c, 0x6f, 0xe0, 0xa4, 0x48, 0x92, 0x89, 0xef, 0xfb, 0x61, 0x30, 0x50, 0x02,
-	0x4a, 0x26, 0x96, 0x06, 0xe8, 0x49, 0xf1, 0xe5, 0xbf, 0xb1, 0x5f, 0x83, 0x70, 0x93, 0x89, 0x99,
-	0x17, 0x32, 0xcb, 0xbe, 0xfc, 0x61, 0x8c, 0xc8, 0x8f, 0x8d, 0x11, 0xc2, 0x49, 0xc2, 0x28, 0xf6,
-	0x35, 0x6c, 0x3a, 0x81, 0x11, 0x06, 0xd0, 0xac, 0x18, 0xf4, 0x0c, 0x09, 0x30, 0x58, 0x43, 0x6e,
-	0x6c, 0x35, 0xec, 0x66, 0x5a, 0x8c, 0x0f, 0xc2, 0xd8, 0x39, 0x12, 0x99, 0x33, 0x31, 0xfe, 0x10,
-	0x16, 0xd3, 0x83, 0x72, 0x16, 0xce, 0xf7, 0x31, 0x94, 0x82, 0x84, 0x52, 0x79, 0x5a, 0x2d, 0x43,
-	0x71, 0x77, 0x6f, 0xff, 0xe9, 0xda, 0x7a, 0xb3, 0xae, 0xad, 0xfe, 0x33, 0x0f, 0xb9, 0xed, 0xe7,
-	0xe8, 0x5b, 0x30, 0xc5, 0x1f, 0x5e, 0xc6, 0xbc, 0x4b, 0xe9, 0xe3, 0x9e, 0x70, 0xf0, 0xd5, 0x4f,
-	0xff, 0xf4, 0xd7, 0x2f, 0x72, 0x97, 0xf0, 0x85, 0x95, 0xe1, 0x5b, 0x66, 0xb7, 0x7f, 0x6c, 0xae,
-	0x9c, 0x0c, 0x57, 0xd8, 0x99, 0xf0, 0x50, 0xbb, 0x8f, 0x9e, 0x43, 0xfe, 0xe9, 0xc0, 0x47, 0xa9,
-	0x8f, 0x56, 0x7a, 0xfa, 0xd3, 0x0e, 0xd6, 0x19, 0xe7, 0x39, 0x3c, 0xa3, 0x72, 0xee, 0x0f, 0x7c,
-	0xca, 0x77, 0x08, 0x65, 0xe5, 0x75, 0x06, 0x9d, 0xfb, 0x9c, 0xa5, 0x9f, 0xff, 0xf2, 0x83, 0x31,
-	0xc3, 0xbb, 0x8a, 0x2f, 0xab, 0x78, 0xfc, 0x11, 0x49, 0xd5, 0xe7, 0xe0, 0xd4, 0x8e, 0xeb, 0x13,
-	0x3e, 0x30, 0xc4, 0xf5, 0x51, 0x8a, 0xfa, 0xc9, 0xfa, 0xf8, 0xa7, 0x36, 0xe5, 0xeb, 0x88, 0x17,
-	0xa5, 0xb6, 0x8f, 0xae, 0x27, 0xbc, 0x48, 0xa8, 0xb5, 0x77, 0x7d, 0x31, 0x9d, 0x40, 0x20, 0xdd,
-	0x60, 0x48, 0x57, 0xf0, 0x25, 0x15, 0xa9, 0x1d, 0xd0, 0x3d, 0xd4, 0xee, 0xaf, 0x1e, 0xc3, 0x14,
-	0xab, 0x18, 0xa2, 0x96, 0xfc, 0xd0, 0x13, 0x6a, 0x9d, 0x29, 0x3b, 0x20, 0x52, 0x6b, 0xc4, 0xf3,
-	0x0c, 0x6d, 0x16, 0xd7, 0x02, 0x34, 0x56, 0x34, 0x7c, 0xa8, 0xdd, 0x5f, 0xd2, 0xde, 0xd0, 0x56,
-	0xbf, 0x3f, 0x09, 0x53, 0xac, 0x52, 0x83, 0xfa, 0x00, 0x61, 0x0d, 0x2e, 0xae, 0xe7, 0x48, 0x55,
-	0x2f, 0xae, 0xe7, 0x68, 0xf9, 0x0e, 0x5f, 0x67, 0xc8, 0xf3, 0x78, 0x2e, 0x40, 0x66, 0xaf, 0xe0,
-	0x2b, 0xac, 0x26, 0x43, 0xcd, 0xfa, 0x12, 0xca, 0x4a, 0x2d, 0x0d, 0x25, 0x71, 0x8c, 0x14, 0xe3,
-	0xe2, 0xdb, 0x24, 0xa1, 0x10, 0x87, 0x6f, 0x32, 0xd0, 0x6b, 0xb8, 0xa1, 0x1a, 0x97, 0xe3, 0xba,
-	0x8c, 0x92, 0x02, 0x7f, 0xa6, 0x41, 0x2d, 0x5a, 0x4f, 0x43, 0x37, 0x13, 0x58, 0xc7, 0xcb, 0x72,
-	0xfa, 0xad, 0xf1, 0x44, 0xa9, 0x22, 0x70, 0xfc, 0x13, 0x42, 0xfa, 0x26, 0xa5, 0x14, 0xb6, 0x47,
-	0x3f, 0xd0, 0x60, 0x26, 0x56, 0x25, 0x43, 0x49, 0x10, 0x23, 0x35, 0x38, 0xfd, 0xf6, 0x39, 0x54,
-	0x42, 0x92, 0xbb, 0x4c, 0x92, 0x1b, 0xf8, 0xea, 0xa8, 0x31, 0x7c, 0xab, 0x47, 0x7c, 0x47, 0x48,
-	0xb3, 0xfa, 0xaf, 0x3c, 0x14, 0xd7, 0xf9, 0xaf, 0x8c, 0x90, 0x0f, 0xa5, 0xa0, 0xf2, 0x84, 0x16,
-	0x92, 0xaa, 0x12, 0x61, 0xca, 0xae, 0x5f, 0x4f, 0x1d, 0x17, 0x22, 0xdc, 0x61, 0x22, 0x2c, 0xe2,
-	0x2b, 0x81, 0x08, 0xe2, 0xd7, 0x4c, 0x2b, 0xfc, 0xf2, 0xbd, 0x62, 0x76, 0x3a, 0x74, 0x49, 0xbe,
-	0xa7, 0x41, 0x45, 0x2d, 0x28, 0xa1, 0x1b, 0x89, 0xf5, 0x10, 0xb5, 0x26, 0xa5, 0xe3, 0x71, 0x24,
-	0x02, 0xff, 0x1e, 0xc3, 0xbf, 0x89, 0x17, 0xd2, 0xf0, 0x5d, 0x46, 0x1f, 0x15, 0x81, 0x97, 0x90,
-	0x92, 0x45, 0x88, 0x54, 0xa8, 0x92, 0x45, 0x88, 0x56, 0xa0, 0xce, 0x17, 0x61, 0xc0, 0xe8, 0xa9,
-	0x08, 0xa7, 0x00, 0x61, 0x85, 0x09, 0x25, 0x1a, 0x57, 0xb9, 0xc4, 0xc4, 0x7d, 0x70, 0xb4, 0x38,
-	0x95, 0xb0, 0x03, 0x62, 0xd8, 0x5d, 0xcb, 0xa3, 0xbe, 0xb8, 0xfa, 0xdb, 0x49, 0x28, 0x3f, 0x31,
-	0x2d, 0xdb, 0x27, 0xb6, 0x69, 0xb7, 0x09, 0x3a, 0x82, 0x29, 0x76, 0x4a, 0xc5, 0x03, 0x8f, 0x5a,
-	0xf6, 0x89, 0x07, 0x9e, 0x48, 0x4d, 0x04, 0xdf, 0x66, 0xd0, 0xd7, 0xb1, 0x1e, 0x40, 0xf7, 0x42,
-	0xfe, 0x2b, 0xac, 0x9e, 0x41, 0x55, 0x3e, 0x81, 0x02, 0xaf, 0x5f, 0xa0, 0x18, 0xb7, 0x48, 0x9d,
-	0x43, 0xbf, 0x9a, 0x3c, 0x98, 0xba, 0xcb, 0x54, 0x2c, 0x8f, 0x11, 0x53, 0xb0, 0x6f, 0x03, 0x84,
-	0x05, 0xb3, 0xb8, 0x7d, 0x47, 0xea, 0x6b, 0xfa, 0x62, 0x3a, 0x81, 0x00, 0xbe, 0xcf, 0x80, 0x6f,
-	0xe1, 0xeb, 0x89, 0xc0, 0x9d, 0x60, 0x02, 0x05, 0x6f, 0xc3, 0xe4, 0xa6, 0xe9, 0x1d, 0xa3, 0xd8,
-	0x21, 0xa4, 0xbc, 0x92, 0xea, 0x7a, 0xd2, 0x90, 0x80, 0xba, 0xc5, 0xa0, 0x16, 0xf0, 0x7c, 0x22,
-	0xd4, 0xb1, 0xe9, 0xd1, 0x98, 0x8e, 0x06, 0x30, 0x2d, 0x5f, 0x3e, 0xd1, 0xb5, 0x98, 0xcd, 0xa2,
-	0xaf, 0xa4, 0xfa, 0x42, 0xda, 0xb0, 0x00, 0x5c, 0x62, 0x80, 0x18, 0x5f, 0x4b, 0x36, 0xaa, 0x20,
-	0x7f, 0xa8, 0xdd, 0x7f, 0x43, 0x5b, 0xfd, 0x51, 0x1d, 0x26, 0x69, 0xbe, 0x44, 0x4f, 0x91, 0xf0,
-	0x9a, 0x19, 0xb7, 0xf0, 0x48, 0x71, 0x27, 0x6e, 0xe1, 0xd1, 0x1b, 0x6a, 0xc2, 0x29, 0xc2, 0x7e,
-	0x6b, 0x49, 0x18, 0x15, 0xd5, 0xd8, 0x87, 0xb2, 0x72, 0x19, 0x45, 0x09, 0x1c, 0xa3, 0xa5, 0xa3,
-	0xf8, 0x29, 0x92, 0x70, 0x93, 0xc5, 0x8b, 0x0c, 0x54, 0xc7, 0x17, 0xa3, 0xa0, 0x1d, 0x4e, 0x46,
-	0x51, 0xbf, 0x03, 0x15, 0xf5, 0xd6, 0x8a, 0x12, 0x98, 0xc6, 0x6a, 0x53, 0xf1, 0x58, 0x91, 0x74,
-	0xe9, 0x4d, 0x70, 0x9a, 0xe0, 0x97, 0xa5, 0x92, 0x96, 0xa2, 0x7f, 0x0c, 0x45, 0x71, 0x97, 0x4d,
-	0xd2, 0x37, 0x5a, 0xcd, 0x4a, 0xd2, 0x37, 0x76, 0x11, 0x4e, 0x48, 0x49, 0x18, 0x2c, 0xcd, 0xd9,
-	0x65, 0x80, 0x16, 0x90, 0x8f, 0x89, 0x9f, 0x06, 0x19, 0xd6, 0x67, 0xd2, 0x20, 0x95, 0xfb, 0xd2,
-	0x58, 0xc8, 0x23, 0xe2, 0x8b, 0xbd, 0x2c, 0x2f, 0x23, 0x28, 0x85, 0xa3, 0x1a, 0x0d, 0xf1, 0x38,
-	0x92, 0xd4, 0x2c, 0x32, 0x44, 0x15, 0xa1, 0x10, 0x7d, 0x17, 0x20, 0xbc, 0x78, 0xc7, 0x13, 0x83,
-	0xc4, 0xea, 0x5d, 0x3c, 0x31, 0x48, 0xbe, 0xbb, 0x27, 0x78, 0x70, 0x08, 0xce, 0x33, 0x59, 0x0a,
-	0xff, 0x13, 0x0d, 0xd0, 0xe8, 0x45, 0x1d, 0x3d, 0x48, 0x86, 0x48, 0x2c, 0x0c, 0xea, 0xaf, 0xbd,
-	0x1a, 0x71, 0x6a, 0xf4, 0x0c, 0xe5, 0x6a, 0xb3, 0x29, 0xfd, 0x97, 0x54, 0xb2, 0xcf, 0x35, 0xa8,
-	0x46, 0xae, 0xfa, 0xe8, 0x4e, 0xca, 0x3a, 0xc7, 0x8a, 0x8b, 0xfa, 0xdd, 0x73, 0xe9, 0x52, 0x73,
-	0x27, 0x65, 0x57, 0xc8, 0xbc, 0xf1, 0x87, 0x1a, 0xd4, 0xa2, 0xf5, 0x01, 0x94, 0x02, 0x30, 0x52,
-	0xa1, 0xd4, 0x97, 0xce, 0x27, 0x7c, 0x85, 0xd5, 0x0a, 0x53, 0xc9, 0x8f, 0xa1, 0x28, 0xca, 0x0a,
-	0x49, 0x6e, 0x11, 0x2d, 0x70, 0x26, 0xb9, 0x45, 0xac, 0x26, 0x91, 0xe6, 0x16, 0xf4, 0x86, 0xae,
-	0x78, 0xa2, 0x28, 0x3e, 0xa4, 0x41, 0x8e, 0xf7, 0xc4, 0x58, 0xe5, 0x62, 0x2c, 0x64, 0xe8, 0x89,
-	0xb2, 0xf4, 0x80, 0x52, 0x38, 0x9e, 0xe3, 0x89, 0xf1, 0xca, 0x45, 0x9a, 0x27, 0x32, 0x54, 0xc5,
-	0x13, 0xc3, 0x4a, 0x41, 0x92, 0x27, 0x8e, 0x94, 0x6f, 0x93, 0x3c, 0x71, 0xb4, 0xd8, 0x90, 0xb6,
-	0xb6, 0x0c, 0x3c, 0xe2, 0x89, 0xb3, 0x09, 0x95, 0x05, 0xf4, 0x5a, 0x8a, 0x4d, 0x13, 0x4b, 0xc3,
-	0xfa, 0xeb, 0xaf, 0x48, 0x3d, 0xde, 0x03, 0xf8, 0x6a, 0x48, 0x0f, 0xf8, 0x85, 0x06, 0x73, 0x49,
-	0xa5, 0x09, 0x94, 0x02, 0x96, 0x52, 0x57, 0xd6, 0x97, 0x5f, 0x95, 0xfc, 0x15, 0xec, 0x16, 0xf8,
-	0xc4, 0xa3, 0xfa, 0xef, 0xbe, 0x5c, 0xd0, 0xfe, 0xf8, 0xe5, 0x82, 0xf6, 0xe7, 0x2f, 0x17, 0xb4,
-	0x9f, 0xfe, 0x65, 0x61, 0xe2, 0xb0, 0xc0, 0xfe, 0xc3, 0xc3, 0x5b, 0xff, 0x0e, 0x00, 0x00, 0xff,
-	0xff, 0x73, 0x7e, 0xb4, 0xb4, 0x77, 0x31, 0x00, 0x00,
+	// 3450 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x3b, 0x5b, 0x6f, 0x1b, 0xc7,
+	0xb9, 0x5a, 0x5e, 0xc5, 0x8f, 0x17, 0xd1, 0x23, 0xd9, 0xa6, 0x68, 0x5b, 0x96, 0xc7, 0x37, 0xd9,
+	0x4e, 0xa4, 0x44, 0xc9, 0x39, 0x0f, 0x3e, 0x41, 0x70, 0x64, 0x89, 0xb1, 0x74, 0x24, 0x4b, 0xce,
+	0x4a, 0x76, 0x72, 0x80, 0xa0, 0xc4, 0x8a, 0x1c, 0x53, 0x0b, 0x91, 0xbb, 0xcc, 0xee, 0x92, 0x96,
+	0xd2, 0x14, 0x28, 0xd2, 0x04, 0x45, 0x0b, 0xf4, 0xa5, 0x79, 0xe8, 0xed, 0xb1, 0x28, 0x8a, 0xfc,
+	0x80, 0xbe, 0xf5, 0x07, 0x14, 0x7d, 0x69, 0x81, 0xfe, 0x81, 0x22, 0xed, 0x63, 0xdf, 0xfb, 0x54,
+	0xb4, 0x98, 0xdb, 0xee, 0xec, 0x72, 0x97, 0x52, 0xca, 0x26, 0x2f, 0xd6, 0xce, 0x37, 0xdf, 0x7c,
+	0xb7, 0x99, 0xef, 0x32, 0xdf, 0xd0, 0x50, 0x70, 0xfa, 0xad, 0xe5, 0xbe, 0x63, 0x7b, 0x36, 0x2a,
+	0x11, 0xaf, 0xd5, 0x76, 0x89, 0x33, 0x24, 0x4e, 0xff, 0xb0, 0x3e, 0xd7, 0xb1, 0x3b, 0x36, 0x9b,
+	0x58, 0xa1, 0x5f, 0x1c, 0xa7, 0x3e, 0x4f, 0x71, 0x56, 0x7a, 0xc3, 0x56, 0x8b, 0xfd, 0xd3, 0x3f,
+	0x5c, 0x39, 0x1e, 0x8a, 0xa9, 0x2b, 0x6c, 0xca, 0x18, 0x78, 0x47, 0xec, 0x9f, 0xfe, 0x21, 0xfb,
+	0x23, 0x26, 0xaf, 0x76, 0x6c, 0xbb, 0xd3, 0x25, 0x2b, 0x46, 0xdf, 0x5c, 0x31, 0x2c, 0xcb, 0xf6,
+	0x0c, 0xcf, 0xb4, 0x2d, 0x97, 0xcf, 0xe2, 0xcf, 0x34, 0xa8, 0xe8, 0xc4, 0xed, 0xdb, 0x96, 0x4b,
+	0x36, 0x89, 0xd1, 0x26, 0x0e, 0xba, 0x06, 0xd0, 0xea, 0x0e, 0x5c, 0x8f, 0x38, 0x4d, 0xb3, 0x5d,
+	0xd3, 0x16, 0xb5, 0xa5, 0x8c, 0x5e, 0x10, 0x90, 0xad, 0x36, 0xba, 0x02, 0x85, 0x1e, 0xe9, 0x1d,
+	0xf2, 0xd9, 0x14, 0x9b, 0x9d, 0xe6, 0x80, 0xad, 0x36, 0xaa, 0xc3, 0xb4, 0x43, 0x86, 0xa6, 0x6b,
+	0xda, 0x56, 0x2d, 0xbd, 0xa8, 0x2d, 0xa5, 0x75, 0x7f, 0x4c, 0x17, 0x3a, 0xc6, 0x0b, 0xaf, 0xe9,
+	0x11, 0xa7, 0x57, 0xcb, 0xf0, 0x85, 0x14, 0x70, 0x40, 0x9c, 0x1e, 0xfe, 0x34, 0x0b, 0x25, 0xdd,
+	0xb0, 0x3a, 0x44, 0x27, 0x1f, 0x0e, 0x88, 0xeb, 0xa1, 0x2a, 0xa4, 0x8f, 0xc9, 0x29, 0x63, 0x5f,
+	0xd2, 0xe9, 0x27, 0x5f, 0x6f, 0x75, 0x48, 0x93, 0x58, 0x9c, 0x71, 0x89, 0xae, 0xb7, 0x3a, 0xa4,
+	0x61, 0xb5, 0xd1, 0x1c, 0x64, 0xbb, 0x66, 0xcf, 0xf4, 0x04, 0x57, 0x3e, 0x08, 0x89, 0x93, 0x89,
+	0x88, 0xb3, 0x0e, 0xe0, 0xda, 0x8e, 0xd7, 0xb4, 0x9d, 0x36, 0x71, 0x6a, 0xd9, 0x45, 0x6d, 0xa9,
+	0xb2, 0x7a, 0x6b, 0x59, 0xdd, 0x88, 0x65, 0x55, 0xa0, 0xe5, 0x7d, 0xdb, 0xf1, 0xf6, 0x28, 0xae,
+	0x5e, 0x70, 0xe5, 0x27, 0x7a, 0x07, 0x8a, 0x8c, 0x88, 0x67, 0x38, 0x1d, 0xe2, 0xd5, 0x72, 0x8c,
+	0xca, 0xed, 0x33, 0xa8, 0x1c, 0x30, 0x64, 0x9d, 0xb1, 0xe7, 0xdf, 0x08, 0x43, 0xc9, 0x25, 0x8e,
+	0x69, 0x74, 0xcd, 0x8f, 0x8c, 0xc3, 0x2e, 0xa9, 0xe5, 0x17, 0xb5, 0xa5, 0x69, 0x3d, 0x04, 0xa3,
+	0xfa, 0x1f, 0x93, 0x53, 0xb7, 0x69, 0x5b, 0xdd, 0xd3, 0xda, 0x34, 0x43, 0x98, 0xa6, 0x80, 0x3d,
+	0xab, 0x7b, 0xca, 0x36, 0xcd, 0x1e, 0x58, 0x1e, 0x9f, 0x2d, 0xb0, 0xd9, 0x02, 0x83, 0xb0, 0xe9,
+	0x25, 0xa8, 0xf6, 0x4c, 0xab, 0xd9, 0xb3, 0xdb, 0x4d, 0xdf, 0x20, 0xc0, 0x0c, 0x52, 0xe9, 0x99,
+	0xd6, 0x13, 0xbb, 0xad, 0x4b, 0xb3, 0x50, 0x4c, 0xe3, 0x24, 0x8c, 0x59, 0x14, 0x98, 0xc6, 0x89,
+	0x8a, 0xb9, 0x0c, 0xb3, 0x94, 0x66, 0xcb, 0x21, 0x86, 0x47, 0x02, 0xe4, 0x12, 0x43, 0xbe, 0xd0,
+	0x33, 0xad, 0x75, 0x36, 0x13, 0xc2, 0x37, 0x4e, 0x46, 0xf0, 0xcb, 0x02, 0xdf, 0x38, 0x09, 0xe3,
+	0xe3, 0x65, 0x28, 0xf8, 0x36, 0x47, 0xd3, 0x90, 0xd9, 0xdd, 0xdb, 0x6d, 0x54, 0xa7, 0x10, 0x40,
+	0x6e, 0x6d, 0x7f, 0xbd, 0xb1, 0xbb, 0x51, 0xd5, 0x50, 0x11, 0xf2, 0x1b, 0x0d, 0x3e, 0x48, 0xe1,
+	0x47, 0x00, 0x81, 0x75, 0x51, 0x1e, 0xd2, 0xdb, 0x8d, 0xff, 0xaf, 0x4e, 0x51, 0x9c, 0xe7, 0x0d,
+	0x7d, 0x7f, 0x6b, 0x6f, 0xb7, 0xaa, 0xd1, 0xc5, 0xeb, 0x7a, 0x63, 0xed, 0xa0, 0x51, 0x4d, 0x51,
+	0x8c, 0x27, 0x7b, 0x1b, 0xd5, 0x34, 0x2a, 0x40, 0xf6, 0xf9, 0xda, 0xce, 0xb3, 0x46, 0x35, 0x83,
+	0x3f, 0xd7, 0xa0, 0x2c, 0xf6, 0x8b, 0xfb, 0x04, 0x7a, 0x13, 0x72, 0x47, 0xcc, 0x2f, 0xd8, 0x51,
+	0x2c, 0xae, 0x5e, 0x8d, 0x6c, 0x6e, 0xc8, 0x77, 0x74, 0x81, 0x8b, 0x30, 0xa4, 0x8f, 0x87, 0x6e,
+	0x2d, 0xb5, 0x98, 0x5e, 0x2a, 0xae, 0x56, 0x97, 0xb9, 0xc3, 0x2e, 0x6f, 0x93, 0xd3, 0xe7, 0x46,
+	0x77, 0x40, 0x74, 0x3a, 0x89, 0x10, 0x64, 0x7a, 0xb6, 0x43, 0xd8, 0x89, 0x9d, 0xd6, 0xd9, 0x37,
+	0x3d, 0xc6, 0x6c, 0xd3, 0xc4, 0x69, 0xe5, 0x03, 0xfc, 0x85, 0x06, 0xf0, 0x74, 0xe0, 0x25, 0xbb,
+	0xc6, 0x1c, 0x64, 0x87, 0x94, 0xb0, 0x70, 0x0b, 0x3e, 0x60, 0x3e, 0x41, 0x0c, 0x97, 0xf8, 0x3e,
+	0x41, 0x07, 0xe8, 0x32, 0xe4, 0xfb, 0x0e, 0x19, 0x36, 0x8f, 0x87, 0x8c, 0xc9, 0xb4, 0x9e, 0xa3,
+	0xc3, 0xed, 0x21, 0xba, 0x01, 0x25, 0xb3, 0x63, 0xd9, 0x0e, 0x69, 0x72, 0x5a, 0x59, 0x36, 0x5b,
+	0xe4, 0x30, 0x26, 0xb7, 0x82, 0xc2, 0x09, 0xe7, 0x54, 0x94, 0x1d, 0x0a, 0xc2, 0x16, 0x14, 0x99,
+	0xa8, 0x13, 0x99, 0xef, 0x5e, 0x20, 0x63, 0x8a, 0x2d, 0x1b, 0x35, 0xa1, 0x90, 0x1a, 0x7f, 0x00,
+	0x68, 0x83, 0x74, 0x89, 0x47, 0x26, 0x89, 0x1e, 0x8a, 0x4d, 0xd2, 0xaa, 0x4d, 0xf0, 0x8f, 0x35,
+	0x98, 0x0d, 0x91, 0x9f, 0x48, 0xad, 0x1a, 0xe4, 0xdb, 0x8c, 0x18, 0x97, 0x20, 0xad, 0xcb, 0x21,
+	0x7a, 0x00, 0xd3, 0x42, 0x00, 0xb7, 0x96, 0x4e, 0x38, 0x34, 0x79, 0x2e, 0x93, 0x8b, 0xff, 0xa6,
+	0x41, 0x41, 0x28, 0xba, 0xd7, 0x47, 0x6b, 0x50, 0x76, 0xf8, 0xa0, 0xc9, 0xf4, 0x11, 0x12, 0xd5,
+	0x93, 0x83, 0xd0, 0xe6, 0x94, 0x5e, 0x12, 0x4b, 0x18, 0x18, 0xfd, 0x0f, 0x14, 0x25, 0x89, 0xfe,
+	0xc0, 0x13, 0x26, 0xaf, 0x85, 0x09, 0x04, 0xe7, 0x6f, 0x73, 0x4a, 0x07, 0x81, 0xfe, 0x74, 0xe0,
+	0xa1, 0x03, 0x98, 0x93, 0x8b, 0xb9, 0x36, 0x42, 0x8c, 0x34, 0xa3, 0xb2, 0x18, 0xa6, 0x32, 0xba,
+	0x55, 0x9b, 0x53, 0x3a, 0x12, 0xeb, 0x95, 0xc9, 0x47, 0x05, 0xc8, 0x0b, 0x28, 0xfe, 0xbb, 0x06,
+	0x20, 0x0d, 0xba, 0xd7, 0x47, 0x1b, 0x50, 0x71, 0xc4, 0x28, 0xa4, 0xf0, 0x95, 0x58, 0x85, 0xc5,
+	0x3e, 0x4c, 0xe9, 0x65, 0xb9, 0x88, 0xab, 0xfc, 0x36, 0x94, 0x7c, 0x2a, 0x81, 0xce, 0xf3, 0x31,
+	0x3a, 0xfb, 0x14, 0x8a, 0x72, 0x01, 0xd5, 0xfa, 0x3d, 0xb8, 0xe8, 0xaf, 0x8f, 0x51, 0xfb, 0xc6,
+	0x18, 0xb5, 0x7d, 0x82, 0xb3, 0x92, 0x82, 0xaa, 0x38, 0xd0, 0x94, 0xc5, 0xc1, 0xf8, 0x8b, 0x34,
+	0xe4, 0xd7, 0xed, 0x5e, 0xdf, 0x70, 0xe8, 0x1e, 0xe5, 0x1c, 0xe2, 0x0e, 0xba, 0x1e, 0x53, 0xb7,
+	0xb2, 0x7a, 0x33, 0xcc, 0x41, 0xa0, 0xc9, 0xbf, 0x3a, 0x43, 0xd5, 0xc5, 0x12, 0xba, 0x58, 0x64,
+	0xa8, 0xd4, 0x39, 0x16, 0x8b, 0xfc, 0x24, 0x96, 0x48, 0x5f, 0x4a, 0x07, 0xbe, 0x54, 0x87, 0xfc,
+	0x90, 0x38, 0x41, 0x56, 0xdd, 0x9c, 0xd2, 0x25, 0x00, 0xdd, 0x83, 0x99, 0x68, 0x84, 0xcf, 0x0a,
+	0x9c, 0x4a, 0x2b, 0x9c, 0x10, 0x6e, 0x42, 0x29, 0x94, 0x66, 0x72, 0x02, 0xaf, 0xd8, 0x53, 0xb2,
+	0xcc, 0x25, 0x19, 0xda, 0x68, 0x4a, 0x2c, 0x6d, 0x4e, 0x89, 0xe0, 0x86, 0xff, 0x17, 0xca, 0x21,
+	0x5d, 0x69, 0x14, 0x6f, 0xbc, 0xfb, 0x6c, 0x6d, 0x87, 0x87, 0xfc, 0xc7, 0x2c, 0xca, 0xeb, 0x55,
+	0x8d, 0x66, 0x8e, 0x9d, 0xc6, 0xfe, 0x7e, 0x35, 0x85, 0xca, 0x50, 0xd8, 0xdd, 0x3b, 0x68, 0x72,
+	0xac, 0x34, 0x7e, 0xcb, 0xa7, 0x20, 0x52, 0x86, 0x92, 0x29, 0xa6, 0x94, 0x4c, 0xa1, 0xc9, 0x4c,
+	0x91, 0x0a, 0x32, 0x45, 0xfa, 0x51, 0x05, 0x4a, 0xdc, 0x3e, 0xcd, 0x81, 0x45, 0xb3, 0xd5, 0x2f,
+	0x35, 0x80, 0x83, 0x13, 0x4b, 0x06, 0xa0, 0x15, 0xc8, 0xb7, 0x38, 0xf1, 0x9a, 0xc6, 0xfc, 0xf9,
+	0x62, 0xac, 0xc9, 0x75, 0x89, 0x85, 0x5e, 0x87, 0xbc, 0x3b, 0x68, 0xb5, 0x88, 0x2b, 0xb3, 0xc6,
+	0xe5, 0x68, 0x48, 0x11, 0x0e, 0xaf, 0x4b, 0x3c, 0xba, 0xe4, 0x85, 0x61, 0x76, 0x07, 0x2c, 0x87,
+	0x8c, 0x5f, 0x22, 0xf0, 0xf0, 0xcf, 0x34, 0x28, 0x32, 0x29, 0x27, 0x8a, 0x63, 0x57, 0xa1, 0xc0,
+	0x64, 0x20, 0x6d, 0x11, 0xc9, 0xa6, 0xf5, 0x00, 0x80, 0xfe, 0x1b, 0x0a, 0xf2, 0x04, 0xcb, 0x60,
+	0x56, 0x8b, 0x27, 0xbb, 0xd7, 0xd7, 0x03, 0x54, 0xbc, 0x0d, 0x17, 0x98, 0x55, 0x5a, 0xb4, 0x3e,
+	0x95, 0x76, 0x54, 0x2b, 0x38, 0x2d, 0x52, 0xc1, 0xd5, 0x61, 0xba, 0x7f, 0x74, 0xea, 0x9a, 0x2d,
+	0xa3, 0x2b, 0xa4, 0xf0, 0xc7, 0xf8, 0xff, 0x00, 0xa9, 0xc4, 0x26, 0x51, 0x17, 0x97, 0xa1, 0xb8,
+	0x69, 0xb8, 0x47, 0x42, 0x24, 0xfc, 0x3e, 0x94, 0xf8, 0x70, 0x22, 0x1b, 0x22, 0xc8, 0x1c, 0x19,
+	0xee, 0x11, 0x13, 0xbc, 0xac, 0xb3, 0x6f, 0x7c, 0x01, 0x66, 0xf6, 0x2d, 0xa3, 0xef, 0x1e, 0xd9,
+	0x32, 0xd6, 0xd2, 0xfa, 0xbc, 0x1a, 0xc0, 0x26, 0xe2, 0x78, 0x17, 0x66, 0x1c, 0xd2, 0x33, 0x4c,
+	0xcb, 0xb4, 0x3a, 0xcd, 0xc3, 0x53, 0x8f, 0xb8, 0xa2, 0x7c, 0xaf, 0xf8, 0xe0, 0x47, 0x14, 0x4a,
+	0x45, 0x3b, 0xec, 0xda, 0x87, 0xc2, 0xe3, 0xd9, 0x37, 0xfe, 0x8d, 0x06, 0xa5, 0xf7, 0x0c, 0xaf,
+	0x25, 0xad, 0x80, 0xb6, 0xa0, 0xe2, 0xfb, 0x39, 0x83, 0x08, 0x59, 0x22, 0x01, 0x9f, 0xad, 0x91,
+	0x85, 0x9d, 0x0c, 0xf8, 0xe5, 0x96, 0x0a, 0x60, 0xa4, 0x0c, 0xab, 0x45, 0xba, 0x3e, 0xa9, 0x54,
+	0x32, 0x29, 0x86, 0xa8, 0x92, 0x52, 0x01, 0x8f, 0x66, 0x82, 0x64, 0xc8, 0xdd, 0xf2, 0xe7, 0x29,
+	0x40, 0xa3, 0x32, 0x7c, 0xd5, 0xfa, 0xe0, 0x36, 0x54, 0x5c, 0xcf, 0x70, 0xbc, 0x66, 0xe4, 0x72,
+	0x53, 0x66, 0x50, 0x3f, 0x56, 0xdd, 0x85, 0x99, 0xbe, 0x63, 0x77, 0x1c, 0xe2, 0xba, 0x4d, 0xcb,
+	0xf6, 0xcc, 0x17, 0xa7, 0xa2, 0xc4, 0xaa, 0x48, 0xf0, 0x2e, 0x83, 0xa2, 0x06, 0xe4, 0x5f, 0x98,
+	0x5d, 0x8f, 0x38, 0x6e, 0x2d, 0xbb, 0x98, 0x5e, 0xaa, 0xac, 0x3e, 0x38, 0xcb, 0x6a, 0xcb, 0xef,
+	0x30, 0xfc, 0x83, 0xd3, 0x3e, 0xd1, 0xe5, 0x5a, 0xb5, 0x6c, 0xc9, 0x85, 0xca, 0x96, 0xdb, 0x00,
+	0x01, 0x3e, 0x8d, 0x5a, 0xbb, 0x7b, 0x4f, 0x9f, 0x1d, 0x54, 0xa7, 0x50, 0x09, 0xa6, 0x77, 0xf7,
+	0x36, 0x1a, 0x3b, 0x0d, 0x1a, 0xd7, 0xf0, 0x8a, 0xb4, 0x8d, 0x6a, 0x43, 0x34, 0x0f, 0xd3, 0x2f,
+	0x29, 0x54, 0xde, 0xfe, 0xd2, 0x7a, 0x9e, 0x8d, 0xb7, 0xda, 0xf8, 0x47, 0x29, 0x28, 0x8b, 0x53,
+	0x30, 0xd1, 0x51, 0x54, 0x59, 0xa4, 0x42, 0x2c, 0x68, 0x8d, 0xc4, 0x4f, 0x47, 0x5b, 0x94, 0x62,
+	0x72, 0x48, 0xdd, 0x9d, 0x6f, 0x36, 0x69, 0x0b, 0xb3, 0xfa, 0x63, 0x74, 0x0f, 0xaa, 0x2d, 0xee,
+	0xee, 0x91, 0xb4, 0xa3, 0xcf, 0x08, 0xb8, 0x92, 0x75, 0xca, 0xfe, 0x69, 0x33, 0x5c, 0x91, 0x76,
+	0x0a, 0x7a, 0x49, 0x1e, 0x24, 0x0a, 0x43, 0xb7, 0x21, 0x47, 0x86, 0xc4, 0xf2, 0xdc, 0x5a, 0x91,
+	0x05, 0xb0, 0xb2, 0xac, 0xc6, 0x1a, 0x14, 0xaa, 0x8b, 0x49, 0xfc, 0x5f, 0x70, 0x81, 0x55, 0xbd,
+	0x8f, 0x1d, 0xc3, 0x52, 0xcb, 0xf3, 0x83, 0x83, 0x1d, 0x61, 0x3a, 0xfa, 0x89, 0x2a, 0x90, 0xda,
+	0xda, 0x10, 0x8a, 0xa6, 0xb6, 0x36, 0xf0, 0x27, 0x1a, 0x20, 0x75, 0xdd, 0x44, 0xb6, 0x8c, 0x10,
+	0x97, 0xec, 0xd3, 0x01, 0xfb, 0x39, 0xc8, 0x12, 0xc7, 0xb1, 0x1d, 0x66, 0xb5, 0x82, 0xce, 0x07,
+	0xf8, 0x96, 0x90, 0x41, 0x27, 0x43, 0xfb, 0xd8, 0x77, 0x0c, 0x4e, 0x4d, 0xf3, 0x45, 0xdd, 0x86,
+	0xd9, 0x10, 0xd6, 0x44, 0x81, 0xf4, 0x2e, 0x5c, 0x64, 0xc4, 0xb6, 0x09, 0xe9, 0xaf, 0x75, 0xcd,
+	0x61, 0x22, 0xd7, 0x3e, 0x5c, 0x8a, 0x22, 0x7e, 0xbd, 0x36, 0xc2, 0x6f, 0x09, 0x8e, 0x07, 0x66,
+	0x8f, 0x1c, 0xd8, 0x3b, 0xc9, 0xb2, 0xd1, 0xe8, 0x48, 0x6f, 0xdd, 0x22, 0xe3, 0xb0, 0x6f, 0xfc,
+	0x2b, 0x0d, 0x2e, 0x8f, 0x2c, 0xff, 0x9a, 0x77, 0x75, 0x01, 0xa0, 0x43, 0x8f, 0x0f, 0x69, 0xd3,
+	0x09, 0x7e, 0x5f, 0x54, 0x20, 0xbe, 0x9c, 0x34, 0xc0, 0x94, 0x84, 0x9c, 0x47, 0x90, 0x7b, 0xc2,
+	0x5a, 0x35, 0x8a, 0x56, 0x19, 0xa9, 0x95, 0x65, 0xf4, 0xf8, 0x05, 0xb2, 0xa0, 0xb3, 0x6f, 0x96,
+	0x5f, 0x09, 0x71, 0x9e, 0xe9, 0x3b, 0x3c, 0x8f, 0x17, 0x74, 0x7f, 0x4c, 0xb9, 0xb7, 0xba, 0x26,
+	0xb1, 0x3c, 0x36, 0x9b, 0x61, 0xb3, 0x0a, 0x04, 0x2f, 0x43, 0x95, 0x73, 0x5a, 0x6b, 0xb7, 0x95,
+	0x5c, 0xee, 0xd3, 0xd3, 0xc2, 0xf4, 0xf0, 0xaf, 0x35, 0xb8, 0xa0, 0x2c, 0x98, 0xc8, 0x76, 0xaf,
+	0x40, 0x8e, 0x37, 0xa4, 0x44, 0x1e, 0x99, 0x0b, 0xaf, 0xe2, 0x6c, 0x74, 0x81, 0x83, 0x96, 0x21,
+	0xcf, 0xbf, 0x64, 0xb1, 0x12, 0x8f, 0x2e, 0x91, 0xf0, 0x6d, 0x98, 0x15, 0x20, 0xd2, 0xb3, 0xe3,
+	0x8e, 0x09, 0x33, 0x28, 0xfe, 0x18, 0xe6, 0xc2, 0x68, 0x13, 0xa9, 0xa4, 0x08, 0x99, 0x3a, 0x8f,
+	0x90, 0x6b, 0x52, 0xc8, 0x67, 0xfd, 0xb6, 0x92, 0xf6, 0xa2, 0xbb, 0xae, 0xee, 0x48, 0x2a, 0xb2,
+	0x23, 0xbe, 0x02, 0x92, 0xc4, 0x37, 0xaa, 0xc0, 0xac, 0x3c, 0x0e, 0x3b, 0xa6, 0xeb, 0x17, 0x43,
+	0x1f, 0x01, 0x52, 0x81, 0xdf, 0xb4, 0x40, 0x1b, 0xe4, 0x85, 0x63, 0x74, 0x7a, 0xc4, 0x0f, 0xf5,
+	0xb4, 0xca, 0x54, 0x81, 0x13, 0x05, 0xc7, 0x3f, 0x68, 0x50, 0x5a, 0xeb, 0x1a, 0x4e, 0x4f, 0x6e,
+	0xd6, 0xdb, 0x90, 0xe3, 0xe5, 0xab, 0xb8, 0xf1, 0xdd, 0x09, 0x93, 0x51, 0x71, 0xf9, 0x60, 0x8d,
+	0x17, 0xbb, 0x62, 0x15, 0xdd, 0x5c, 0xd1, 0x97, 0xdd, 0x88, 0xf4, 0x69, 0x37, 0xd0, 0xab, 0x90,
+	0x35, 0xe8, 0x12, 0x16, 0x50, 0x2a, 0xd1, 0x8b, 0x03, 0xa3, 0xc6, 0x4a, 0x0d, 0x8e, 0x85, 0xdf,
+	0x84, 0xa2, 0xc2, 0x81, 0xde, 0x87, 0x1e, 0x37, 0x44, 0x39, 0xb1, 0xb6, 0x7e, 0xb0, 0xf5, 0x9c,
+	0x5f, 0x93, 0x2a, 0x00, 0x1b, 0x0d, 0x7f, 0x9c, 0xc2, 0xef, 0x8b, 0x55, 0x22, 0xe4, 0xa8, 0xf2,
+	0x68, 0x49, 0xf2, 0xa4, 0xce, 0x25, 0xcf, 0x09, 0x94, 0x85, 0xfa, 0x13, 0x9d, 0x81, 0xd7, 0x21,
+	0xc7, 0xe8, 0xc9, 0x23, 0x30, 0x1f, 0xc3, 0x56, 0x46, 0x0b, 0x8e, 0x88, 0x67, 0xa0, 0xbc, 0xef,
+	0x19, 0xde, 0xc0, 0x95, 0x47, 0xe0, 0xf7, 0x1a, 0x54, 0x24, 0x64, 0xd2, 0xe6, 0x90, 0xbc, 0x54,
+	0xf3, 0x20, 0xec, 0x5f, 0xa9, 0x2f, 0x41, 0xae, 0x7d, 0xb8, 0x6f, 0x7e, 0x24, 0x1b, 0x79, 0x62,
+	0x44, 0xe1, 0x5d, 0xce, 0x87, 0x77, 0xd3, 0xc5, 0x88, 0x5e, 0xcf, 0x1c, 0xe3, 0x85, 0xb7, 0x65,
+	0xb5, 0xc9, 0x09, 0xab, 0x82, 0x32, 0x7a, 0x00, 0x60, 0x37, 0x2a, 0xd1, 0x75, 0x67, 0xa5, 0x8f,
+	0xda, 0x85, 0x9f, 0x85, 0x0b, 0x6b, 0x03, 0xef, 0xa8, 0x61, 0x19, 0x87, 0x5d, 0x19, 0x34, 0xf0,
+	0x1c, 0x20, 0x0a, 0xdc, 0x30, 0x5d, 0x15, 0xda, 0x80, 0x59, 0x0a, 0x25, 0x96, 0x67, 0xb6, 0x94,
+	0x08, 0x23, 0xf3, 0x88, 0x16, 0xc9, 0x23, 0x86, 0xeb, 0xbe, 0xb4, 0x9d, 0xb6, 0x50, 0xcd, 0x1f,
+	0xe3, 0x0d, 0x4e, 0xfc, 0x99, 0x1b, 0xca, 0x14, 0x5f, 0x95, 0xca, 0x52, 0x40, 0xe5, 0x31, 0xf1,
+	0xc6, 0x50, 0xc1, 0x0f, 0xe0, 0xa2, 0xc4, 0x14, 0x5d, 0x97, 0x31, 0xc8, 0x7b, 0x70, 0x4d, 0x22,
+	0xaf, 0x1f, 0xd1, 0xbb, 0xc0, 0x53, 0xc1, 0xf0, 0xdf, 0x95, 0xf3, 0x11, 0xd4, 0x7c, 0x39, 0x59,
+	0xe9, 0x67, 0x77, 0x55, 0x01, 0x06, 0xae, 0x38, 0x33, 0x05, 0x9d, 0x7d, 0x53, 0x98, 0x63, 0x77,
+	0xfd, 0xac, 0x4c, 0xbf, 0xf1, 0x3a, 0xcc, 0x4b, 0x1a, 0xa2, 0x28, 0x0b, 0x13, 0x19, 0x11, 0x28,
+	0x8e, 0x88, 0x30, 0x18, 0x5d, 0x3a, 0xde, 0xec, 0x2a, 0x66, 0xd8, 0xb4, 0x8c, 0xa6, 0xa6, 0xd0,
+	0xbc, 0xc8, 0x4f, 0x04, 0x15, 0x4c, 0x0d, 0xda, 0x02, 0x4c, 0x09, 0xa8, 0x60, 0xb1, 0x11, 0x14,
+	0x3c, 0xb2, 0x11, 0x23, 0xa4, 0x3f, 0x80, 0x05, 0x5f, 0x08, 0x6a, 0xb7, 0xa7, 0xc4, 0xe9, 0x99,
+	0xae, 0xab, 0xf4, 0x09, 0xe2, 0x14, 0xbf, 0x03, 0x99, 0x3e, 0x11, 0x31, 0xa5, 0xb8, 0x8a, 0x96,
+	0xf9, 0xdb, 0xd8, 0xb2, 0xb2, 0x98, 0xcd, 0xe3, 0x36, 0x5c, 0x97, 0xd4, 0xb9, 0x45, 0x63, 0xc9,
+	0x47, 0x85, 0x92, 0x77, 0x48, 0x6e, 0xd6, 0xd1, 0x3b, 0x64, 0x9a, 0xef, 0xbd, 0xbc, 0x43, 0xd2,
+	0x5c, 0xa1, 0xfa, 0xd6, 0x44, 0xb9, 0x62, 0x9b, 0xdb, 0xd4, 0x77, 0xc9, 0x89, 0x88, 0x1d, 0xc2,
+	0x5c, 0xd8, 0x93, 0x27, 0x0a, 0x63, 0x73, 0x90, 0xf5, 0xec, 0x63, 0x22, 0x83, 0x18, 0x1f, 0x48,
+	0x81, 0x7d, 0x37, 0x9f, 0x48, 0x60, 0x23, 0x20, 0xc6, 0x8e, 0xe4, 0xa4, 0xf2, 0xd2, 0xdd, 0x94,
+	0xf5, 0x0f, 0x1f, 0xe0, 0x5d, 0xb8, 0x14, 0x0d, 0x13, 0x13, 0x89, 0xfc, 0x9c, 0x1f, 0xe0, 0xb8,
+	0x48, 0x32, 0x11, 0xdd, 0x77, 0x83, 0x60, 0xa0, 0x04, 0x94, 0x89, 0x48, 0xea, 0x50, 0x8f, 0x8b,
+	0x2f, 0xff, 0x89, 0xf3, 0xea, 0x87, 0x9b, 0x89, 0x88, 0xb9, 0x01, 0xb1, 0xc9, 0xb7, 0x3f, 0x88,
+	0x11, 0xe9, 0xb1, 0x31, 0x42, 0x38, 0x49, 0x10, 0xc5, 0xbe, 0x86, 0x43, 0x27, 0x78, 0x04, 0x01,
+	0x74, 0x52, 0x1e, 0x34, 0x87, 0xf8, 0x3c, 0xd8, 0x40, 0x1e, 0x6c, 0x35, 0xec, 0x4e, 0xb4, 0x19,
+	0xef, 0x05, 0xb1, 0x73, 0x24, 0x32, 0x4f, 0x44, 0xf8, 0x7d, 0x58, 0x4c, 0x0e, 0xca, 0x93, 0x50,
+	0xbe, 0x8f, 0xa1, 0xe0, 0x17, 0x94, 0xca, 0xbb, 0x72, 0x11, 0xf2, 0xbb, 0x7b, 0xfb, 0x4f, 0xd7,
+	0xd6, 0x1b, 0x55, 0x6d, 0xf5, 0x1f, 0x69, 0x48, 0x6d, 0x3f, 0x47, 0xdf, 0x82, 0x2c, 0x7f, 0x2e,
+	0x1a, 0xf3, 0x9a, 0x56, 0x1f, 0xf7, 0xf0, 0x84, 0xaf, 0x7e, 0xf2, 0xa7, 0xbf, 0x7e, 0x9e, 0xba,
+	0x84, 0x2f, 0xac, 0x0c, 0xdf, 0x30, 0xba, 0xfd, 0x23, 0x63, 0xe5, 0x78, 0xb8, 0xc2, 0x72, 0xc2,
+	0x43, 0xed, 0x3e, 0x7a, 0x0e, 0xe9, 0xa7, 0x03, 0x0f, 0x25, 0x3e, 0xb5, 0xd5, 0x93, 0x1f, 0xa4,
+	0x70, 0x9d, 0x51, 0x9e, 0xc3, 0x33, 0x2a, 0xe5, 0xfe, 0xc0, 0xa3, 0x74, 0x87, 0x50, 0x54, 0xde,
+	0x94, 0xd0, 0x99, 0x8f, 0x70, 0xf5, 0xb3, 0xdf, 0xab, 0x30, 0x66, 0xfc, 0xae, 0xe2, 0xcb, 0x2a,
+	0x3f, 0xfe, 0xf4, 0xa5, 0xea, 0x73, 0x70, 0x62, 0x45, 0xf5, 0x09, 0x9e, 0x45, 0xa2, 0xfa, 0x28,
+	0x4f, 0x11, 0xf1, 0xfa, 0x78, 0x27, 0x16, 0xa5, 0x6b, 0x8b, 0x77, 0xb0, 0x96, 0x87, 0xae, 0xc7,
+	0xbc, 0xa3, 0xa8, 0x2f, 0x06, 0xf5, 0xc5, 0x64, 0x04, 0xc1, 0xe9, 0x06, 0xe3, 0x74, 0x05, 0x5f,
+	0x52, 0x39, 0xb5, 0x7c, 0xbc, 0x87, 0xda, 0xfd, 0xd5, 0x23, 0xc8, 0xb2, 0x3e, 0x27, 0x6a, 0xca,
+	0x8f, 0x7a, 0x4c, 0x87, 0x36, 0xe1, 0x04, 0x84, 0x3a, 0xa4, 0x78, 0x9e, 0x71, 0x9b, 0xc5, 0x15,
+	0x9f, 0x1b, 0x6b, 0x75, 0x3e, 0xd4, 0xee, 0x2f, 0x69, 0xaf, 0x69, 0xab, 0xdf, 0xcb, 0x40, 0x96,
+	0xb5, 0x8e, 0x50, 0x1f, 0x20, 0x68, 0x0a, 0x46, 0xf5, 0x1c, 0x69, 0x33, 0x46, 0xf5, 0x1c, 0xed,
+	0x27, 0xe2, 0xeb, 0x8c, 0xf3, 0x3c, 0x9e, 0xf3, 0x39, 0xb3, 0x57, 0xfb, 0x15, 0xd6, 0x24, 0xa2,
+	0x66, 0x7d, 0x09, 0x45, 0xa5, 0xb9, 0x87, 0xe2, 0x28, 0x86, 0xba, 0x83, 0xd1, 0x63, 0x12, 0xd3,
+	0x19, 0xc4, 0x37, 0x19, 0xd3, 0x6b, 0xb8, 0xa6, 0x1a, 0x97, 0xf3, 0x75, 0x18, 0x26, 0x65, 0xfc,
+	0xa9, 0x06, 0x95, 0x70, 0x83, 0x0f, 0xdd, 0x8c, 0x21, 0x1d, 0xed, 0x13, 0xd6, 0x6f, 0x8d, 0x47,
+	0x4a, 0x14, 0x81, 0xf3, 0x3f, 0x26, 0xa4, 0x6f, 0x50, 0x4c, 0x61, 0x7b, 0xf4, 0x7d, 0x0d, 0x66,
+	0x22, 0x6d, 0x3b, 0x14, 0xc7, 0x62, 0xa4, 0x29, 0x58, 0xbf, 0x7d, 0x06, 0x96, 0x90, 0xe4, 0x2e,
+	0x93, 0xe4, 0x06, 0xbe, 0x3a, 0x6a, 0x0c, 0xcf, 0xec, 0x11, 0xcf, 0x16, 0xd2, 0xac, 0xfe, 0x33,
+	0x0d, 0xf9, 0x75, 0xfe, 0x13, 0x2b, 0xe4, 0x41, 0xc1, 0xef, 0x84, 0xa1, 0x85, 0xb8, 0xae, 0x44,
+	0x50, 0xb2, 0xd7, 0xaf, 0x27, 0xce, 0x0b, 0x11, 0xee, 0x30, 0x11, 0x16, 0xf1, 0x15, 0x5f, 0x04,
+	0xf1, 0x53, 0xae, 0x15, 0x7e, 0xf9, 0x5e, 0x31, 0xda, 0x6d, 0xba, 0x25, 0xdf, 0xd5, 0xa0, 0xa4,
+	0x36, 0xac, 0xd0, 0x8d, 0xd8, 0x7e, 0x88, 0xda, 0xf3, 0xaa, 0xe3, 0x71, 0x28, 0x82, 0xff, 0x3d,
+	0xc6, 0xff, 0x26, 0x5e, 0x48, 0xe2, 0xef, 0x30, 0xfc, 0xb0, 0x08, 0xbc, 0xe5, 0x14, 0x2f, 0x42,
+	0xa8, 0xa3, 0x15, 0x2f, 0x42, 0xb8, 0x63, 0x75, 0xb6, 0x08, 0x03, 0x86, 0x4f, 0x45, 0x38, 0x01,
+	0x08, 0x3a, 0x4c, 0x28, 0xd6, 0xb8, 0xca, 0x25, 0x26, 0xea, 0x83, 0xa3, 0xcd, 0xa9, 0x98, 0x13,
+	0x10, 0xe1, 0xdd, 0x35, 0x5d, 0xea, 0x8b, 0xab, 0xbf, 0xcd, 0x40, 0xf1, 0x89, 0x61, 0x5a, 0x1e,
+	0xb1, 0x0c, 0xab, 0x45, 0x50, 0x07, 0xb2, 0x2c, 0x4b, 0x45, 0x03, 0x8f, 0xda, 0xf6, 0x89, 0x06,
+	0x9e, 0x50, 0x4f, 0x04, 0xdf, 0x66, 0xac, 0xaf, 0xe3, 0xba, 0xcf, 0xba, 0x17, 0xd0, 0x5f, 0x61,
+	0xfd, 0x0c, 0xaa, 0xf2, 0x31, 0xe4, 0x78, 0xff, 0x02, 0x45, 0xa8, 0x85, 0xfa, 0x1c, 0xf5, 0xab,
+	0xf1, 0x93, 0x89, 0xa7, 0x4c, 0xe5, 0xe5, 0x32, 0x64, 0xca, 0xec, 0xdb, 0x00, 0x41, 0xc3, 0x2c,
+	0x6a, 0xdf, 0x91, 0xfe, 0x5a, 0x7d, 0x31, 0x19, 0x41, 0x30, 0xbe, 0xcf, 0x18, 0xdf, 0xc2, 0xd7,
+	0x63, 0x19, 0xb7, 0xfd, 0x05, 0x94, 0x79, 0x0b, 0x32, 0x9b, 0x86, 0x7b, 0x84, 0x22, 0x49, 0x48,
+	0x79, 0xdb, 0xad, 0xd7, 0xe3, 0xa6, 0x04, 0xab, 0x5b, 0x8c, 0xd5, 0x02, 0x9e, 0x8f, 0x65, 0x75,
+	0x64, 0xb8, 0x34, 0xa6, 0xa3, 0x01, 0x4c, 0xcb, 0xf7, 0x5a, 0x74, 0x2d, 0x62, 0xb3, 0xf0, 0xdb,
+	0x6e, 0x7d, 0x21, 0x69, 0x5a, 0x30, 0x5c, 0x62, 0x0c, 0x31, 0xbe, 0x16, 0x6f, 0x54, 0x81, 0xfe,
+	0x50, 0xbb, 0xff, 0x9a, 0xb6, 0xfa, 0xc3, 0x2a, 0x64, 0x68, 0xbd, 0x44, 0xb3, 0x48, 0x70, 0xcd,
+	0x8c, 0x5a, 0x78, 0xa4, 0xb9, 0x13, 0xb5, 0xf0, 0xe8, 0x0d, 0x35, 0x26, 0x8b, 0xb0, 0x1f, 0x9a,
+	0x12, 0x86, 0x45, 0x35, 0xf6, 0xa0, 0xa8, 0x5c, 0x46, 0x51, 0x0c, 0xc5, 0x70, 0xeb, 0x28, 0x9a,
+	0x45, 0x62, 0x6e, 0xb2, 0x78, 0x91, 0x31, 0xad, 0xe3, 0x8b, 0x61, 0xa6, 0x6d, 0x8e, 0x46, 0xb9,
+	0x7e, 0x0c, 0x25, 0xf5, 0xd6, 0x8a, 0x62, 0x88, 0x46, 0x7a, 0x53, 0xd1, 0x58, 0x11, 0x77, 0xe9,
+	0x8d, 0x71, 0x1a, 0xff, 0x67, 0xb5, 0x12, 0x97, 0x72, 0xff, 0x10, 0xf2, 0xe2, 0x2e, 0x1b, 0xa7,
+	0x6f, 0xb8, 0x9b, 0x15, 0xa7, 0x6f, 0xe4, 0x22, 0x1c, 0x53, 0x92, 0x30, 0xb6, 0xb4, 0x66, 0x97,
+	0x01, 0x5a, 0xb0, 0x7c, 0x4c, 0xbc, 0x24, 0x96, 0x41, 0x7f, 0x26, 0x89, 0xa5, 0x72, 0x5f, 0x1a,
+	0xcb, 0xb2, 0x43, 0x3c, 0x71, 0x96, 0xe5, 0x65, 0x04, 0x25, 0x50, 0x54, 0xa3, 0x21, 0x1e, 0x87,
+	0x92, 0x58, 0x45, 0x06, 0x5c, 0x45, 0x28, 0x44, 0xdf, 0x01, 0x08, 0x2e, 0xde, 0xd1, 0xc2, 0x20,
+	0xb6, 0x7b, 0x17, 0x2d, 0x0c, 0xe2, 0xef, 0xee, 0x31, 0x1e, 0x1c, 0x30, 0xe7, 0x95, 0x2c, 0x65,
+	0xff, 0x13, 0x0d, 0xd0, 0xe8, 0x45, 0x1d, 0x3d, 0x88, 0x67, 0x11, 0xdb, 0x18, 0xac, 0xbf, 0x72,
+	0x3e, 0xe4, 0xc4, 0xe8, 0x19, 0xc8, 0xd5, 0x62, 0x4b, 0xfa, 0x2f, 0xa9, 0x64, 0x9f, 0x69, 0x50,
+	0x0e, 0x5d, 0xf5, 0xd1, 0x9d, 0x84, 0x7d, 0x8e, 0x34, 0x17, 0xeb, 0x77, 0xcf, 0xc4, 0x4b, 0xac,
+	0x9d, 0x94, 0x53, 0x21, 0xeb, 0xc6, 0x1f, 0x68, 0x50, 0x09, 0xf7, 0x07, 0x50, 0x02, 0x83, 0x91,
+	0x0e, 0x65, 0x7d, 0xe9, 0x6c, 0xc4, 0x73, 0xec, 0x56, 0x50, 0x4a, 0x7e, 0x08, 0x79, 0xd1, 0x56,
+	0x88, 0x73, 0x8b, 0x70, 0x83, 0x33, 0xce, 0x2d, 0x22, 0x3d, 0x89, 0x24, 0xb7, 0xa0, 0x37, 0x74,
+	0xc5, 0x13, 0x45, 0xf3, 0x21, 0x89, 0xe5, 0x78, 0x4f, 0x8c, 0x74, 0x2e, 0xc6, 0xb2, 0x0c, 0x3c,
+	0x51, 0xb6, 0x1e, 0x50, 0x02, 0xc5, 0x33, 0x3c, 0x31, 0xda, 0xb9, 0x48, 0xf2, 0x44, 0xc6, 0x55,
+	0xf1, 0xc4, 0xa0, 0x53, 0x10, 0xe7, 0x89, 0x23, 0xed, 0xdb, 0x38, 0x4f, 0x1c, 0x6d, 0x36, 0x24,
+	0xed, 0x2d, 0x63, 0x1e, 0xf2, 0xc4, 0xd9, 0x98, 0xce, 0x02, 0x7a, 0x25, 0xc1, 0xa6, 0xb1, 0xad,
+	0xe1, 0xfa, 0xab, 0xe7, 0xc4, 0x1e, 0xef, 0x01, 0x7c, 0x37, 0xa4, 0x07, 0xfc, 0x42, 0x83, 0xb9,
+	0xb8, 0xd6, 0x04, 0x4a, 0x60, 0x96, 0xd0, 0x57, 0xae, 0x2f, 0x9f, 0x17, 0xfd, 0x1c, 0x76, 0xf3,
+	0x7d, 0xe2, 0x51, 0xf5, 0x77, 0x5f, 0x2e, 0x68, 0x7f, 0xfc, 0x72, 0x41, 0xfb, 0xf3, 0x97, 0x0b,
+	0xda, 0x4f, 0xff, 0xb2, 0x30, 0x75, 0x98, 0x63, 0xff, 0xdb, 0xe3, 0x8d, 0x7f, 0x05, 0x00, 0x00,
+	0xff, 0xff, 0x63, 0x1c, 0x78, 0x24, 0x74, 0x32, 0x00, 0x00,
 }
diff --git a/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/rpc.proto b/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/rpc.proto
index ddf1ad233299..a6cd00ab7c3e 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/rpc.proto
+++ b/vendor/github.com/coreos/etcd/etcdserver/etcdserverpb/rpc.proto
@@ -352,11 +352,12 @@ message RangeRequest {
   bytes key = 1;
   // range_end is the upper bound on the requested range [key, range_end).
   // If range_end is '\0', the range is all keys >= key.
-  // If the range_end is one bit larger than the given key,
-  // then the range requests get the all keys with the prefix (the given key).
-  // If both key and range_end are '\0', then range requests returns all keys.
+  // If range_end is key plus one (e.g., "aa"+1 == "ab", "a\xff"+1 == "b"),
+  // then the range request gets all keys prefixed with key.
+  // If both key and range_end are '\0', then the range request returns all keys.
   bytes range_end = 2;
-  // limit is a limit on the number of keys returned for the request.
+  // limit is a limit on the number of keys returned for the request. When limit is set to 0,
+  // it is treated as no limit.
   int64 limit = 3;
   // revision is the point-in-time of the key-value store to use for the range.
   // If revision is less or equal to zero, the range is over the newest key-value store.
@@ -423,6 +424,14 @@ message PutRequest {
   // If prev_kv is set, etcd gets the previous key-value pair before changing it.
   // The previous key-value pair will be returned in the put response.
   bool prev_kv = 4;
+
+  // If ignore_value is set, etcd updates the key using its current value.
+  // Returns an error if the key does not exist.
+  bool ignore_value = 5;
+
+  // If ignore_lease is set, etcd updates the key using its current lease.
+  // Returns an error if the key does not exist.
+  bool ignore_lease = 6;
 }
 
 message PutResponse {
@@ -436,13 +445,13 @@ message DeleteRangeRequest {
   bytes key = 1;
   // range_end is the key following the last key to delete for the range [key, range_end).
   // If range_end is not given, the range is defined to contain only the key argument.
-  // If range_end is one bit larger than the given key, then the range is all
-  // the all keys with the prefix (the given key).
+  // If range_end is one bit larger than the given key, then the range is all the keys
+  // with the prefix (the given key).
   // If range_end is '\0', the range is all keys greater than or equal to the key argument.
   bytes range_end = 2;
 
   // If prev_kv is set, etcd gets the previous key-value pairs before deleting it.
-  // The previous key-value pairs will be returned in the delte response.
+  // The previous key-value pairs will be returned in the delete response.
   bool prev_kv = 3;
 }
 
@@ -645,6 +654,9 @@ message WatchResponse {
   // watcher with the same start_revision again.
   int64 compact_revision  = 5;
 
+  // cancel_reason indicates the reason for canceling the watcher.
+  string cancel_reason = 6;
+
   repeated mvccpb.Event events = 11;
 }
 
@@ -725,6 +737,8 @@ message MemberAddResponse {
   ResponseHeader header = 1;
   // member is the member information for the added member.
   Member member = 2;
+  // members is a list of all members after adding the new member.
+  repeated Member members = 3;
 }
 
 message MemberRemoveRequest {
@@ -734,6 +748,8 @@ message MemberRemoveRequest {
 
 message MemberRemoveResponse {
   ResponseHeader header = 1;
+  // members is a list of all members after removing the member.
+  repeated Member members = 2;
 }
 
 message MemberUpdateRequest {
@@ -745,6 +761,8 @@ message MemberUpdateRequest {
 
 message MemberUpdateResponse{
   ResponseHeader header = 1;
+  // members is a list of all members after updating the member.
+  repeated Member members = 2;
 }
 
 message MemberListRequest {
diff --git a/vendor/github.com/coreos/etcd/etcdserver/membership/cluster.go b/vendor/github.com/coreos/etcd/etcdserver/membership/cluster.go
index 25c45dfce126..2330219f18ae 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/membership/cluster.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/membership/cluster.go
@@ -178,7 +178,7 @@ func (c *RaftCluster) String() string {
 	fmt.Fprintf(b, "Members:[%s] ", strings.Join(ms, " "))
 	var ids []string
 	for id := range c.removed {
-		ids = append(ids, fmt.Sprintf("%s", id))
+		ids = append(ids, id.String())
 	}
 	fmt.Fprintf(b, "RemovedMemberIDs:[%s]}", strings.Join(ids, " "))
 	return b.String()
diff --git a/vendor/github.com/coreos/etcd/etcdserver/membership/doc.go b/vendor/github.com/coreos/etcd/etcdserver/membership/doc.go
new file mode 100644
index 000000000000..b07fb2d92859
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/etcdserver/membership/doc.go
@@ -0,0 +1,16 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package membership describes individual etcd members and clusters of members.
+package membership
diff --git a/vendor/github.com/coreos/etcd/etcdserver/membership/store.go b/vendor/github.com/coreos/etcd/etcdserver/membership/store.go
index f2ea0120d74b..d3f8f2474a42 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/membership/store.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/membership/store.go
@@ -36,7 +36,7 @@ const (
 
 var (
 	membersBucketName        = []byte("members")
-	membersRemovedBuckedName = []byte("members_removed")
+	membersRemovedBucketName = []byte("members_removed")
 	clusterBucketName        = []byte("cluster")
 
 	StoreMembersPrefix        = path.Join(storePrefix, "members")
@@ -62,7 +62,7 @@ func mustDeleteMemberFromBackend(be backend.Backend, id types.ID) {
 	tx := be.BatchTx()
 	tx.Lock()
 	tx.UnsafeDelete(membersBucketName, mkey)
-	tx.UnsafePut(membersRemovedBuckedName, mkey, []byte("removed"))
+	tx.UnsafePut(membersRemovedBucketName, mkey, []byte("removed"))
 	tx.Unlock()
 }
 
@@ -164,7 +164,7 @@ func mustCreateBackendBuckets(be backend.Backend) {
 	tx.Lock()
 	defer tx.Unlock()
 	tx.UnsafeCreateBucket(membersBucketName)
-	tx.UnsafeCreateBucket(membersRemovedBuckedName)
+	tx.UnsafeCreateBucket(membersRemovedBucketName)
 	tx.UnsafeCreateBucket(clusterBucketName)
 }
 
diff --git a/vendor/github.com/coreos/etcd/etcdserver/metrics.go b/vendor/github.com/coreos/etcd/etcdserver/metrics.go
index 2b549f738f7b..90bbd3632a6e 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/metrics.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/metrics.go
@@ -58,6 +58,12 @@ var (
 		Name:      "proposals_failed_total",
 		Help:      "The total number of failed proposals seen.",
 	})
+	leaseExpired = prometheus.NewCounter(prometheus.CounterOpts{
+		Namespace: "etcd_debugging",
+		Subsystem: "server",
+		Name:      "lease_expired_total",
+		Help:      "The total number of expired leases.",
+	})
 )
 
 func init() {
@@ -67,6 +73,7 @@ func init() {
 	prometheus.MustRegister(proposalsApplied)
 	prometheus.MustRegister(proposalsPending)
 	prometheus.MustRegister(proposalsFailed)
+	prometheus.MustRegister(leaseExpired)
 }
 
 func monitorFileDescriptor(done <-chan struct{}) {
diff --git a/vendor/github.com/coreos/etcd/etcdserver/quota.go b/vendor/github.com/coreos/etcd/etcdserver/quota.go
index 088a4696253d..87126f1564c1 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/quota.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/quota.go
@@ -16,7 +16,15 @@ package etcdserver
 
 import (
 	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
-	"github.com/coreos/etcd/mvcc/backend"
+)
+
+const (
+	// DefaultQuotaBytes is the number of bytes the backend Size may
+	// consume before exceeding the space quota.
+	DefaultQuotaBytes = int64(2 * 1024 * 1024 * 1024) // 2GB
+	// MaxQuotaBytes is the maximum number of bytes suggested for a backend
+	// quota. A larger quota may lead to degraded performance.
+	MaxQuotaBytes = int64(8 * 1024 * 1024 * 1024) // 8GB
 )
 
 // Quota represents an arbitrary quota against arbitrary requests. Each request
@@ -57,11 +65,10 @@ func NewBackendQuota(s *EtcdServer) Quota {
 	}
 	if s.Cfg.QuotaBackendBytes == 0 {
 		// use default size if no quota size given
-		return &backendQuota{s, backend.DefaultQuotaBytes}
+		return &backendQuota{s, DefaultQuotaBytes}
 	}
-	if s.Cfg.QuotaBackendBytes > backend.MaxQuotaBytes {
-		plog.Warningf("backend quota %v exceeds maximum quota %v; using maximum", s.Cfg.QuotaBackendBytes, backend.MaxQuotaBytes)
-		return &backendQuota{s, backend.MaxQuotaBytes}
+	if s.Cfg.QuotaBackendBytes > MaxQuotaBytes {
+		plog.Warningf("backend quota %v exceeds maximum recommended quota %v", s.Cfg.QuotaBackendBytes, MaxQuotaBytes)
 	}
 	return &backendQuota{s, s.Cfg.QuotaBackendBytes}
 }
diff --git a/vendor/github.com/coreos/etcd/etcdserver/raft.go b/vendor/github.com/coreos/etcd/etcdserver/raft.go
index d7ec176eb3a7..dcb894f82fb1 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/raft.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/raft.go
@@ -83,7 +83,8 @@ type RaftTimer interface {
 type apply struct {
 	entries  []raftpb.Entry
 	snapshot raftpb.Snapshot
-	raftDone <-chan struct{} // rx {} after raft has persisted messages
+	// notifyc synchronizes etcd server applies with the raft node
+	notifyc chan struct{}
 }
 
 type raftNode struct {
@@ -94,14 +95,7 @@ type raftNode struct {
 	term  uint64
 	lead  uint64
 
-	mu sync.Mutex
-	// last lead elected time
-	lt time.Time
-
-	// to check if msg receiver is removed from cluster
-	isIDRemoved func(id uint64) bool
-
-	raft.Node
+	raftNodeConfig
 
 	// a chan to send/receive snapshot
 	msgSnapC chan raftpb.Message
@@ -113,28 +107,51 @@ type raftNode struct {
 	readStateC chan raft.ReadState
 
 	// utility
-	ticker <-chan time.Time
+	ticker *time.Ticker
 	// contention detectors for raft heartbeat message
-	td          *contention.TimeoutDetector
-	heartbeat   time.Duration // for logging
+	td *contention.TimeoutDetector
+
+	stopped chan struct{}
+	done    chan struct{}
+}
+
+type raftNodeConfig struct {
+	// to check if msg receiver is removed from cluster
+	isIDRemoved func(id uint64) bool
+	raft.Node
 	raftStorage *raft.MemoryStorage
 	storage     Storage
+	heartbeat   time.Duration // for logging
 	// transport specifies the transport to send and receive msgs to members.
 	// Sending messages MUST NOT block. It is okay to drop messages, since
 	// clients should timeout and reissue their messages.
 	// If transport is nil, server will panic.
 	transport rafthttp.Transporter
+}
 
-	stopped chan struct{}
-	done    chan struct{}
+func newRaftNode(cfg raftNodeConfig) *raftNode {
+	r := &raftNode{
+		raftNodeConfig: cfg,
+		// set up contention detectors for raft heartbeat message.
+		// expect to send a heartbeat within 2 heartbeat intervals.
+		td:         contention.NewTimeoutDetector(2 * cfg.heartbeat),
+		readStateC: make(chan raft.ReadState, 1),
+		msgSnapC:   make(chan raftpb.Message, maxInFlightMsgSnap),
+		applyc:     make(chan apply),
+		stopped:    make(chan struct{}),
+		done:       make(chan struct{}),
+	}
+	if r.heartbeat == 0 {
+		r.ticker = &time.Ticker{}
+	} else {
+		r.ticker = time.NewTicker(r.heartbeat)
+	}
+	return r
 }
 
 // start prepares and starts raftNode in a new goroutine. It is no longer safe
 // to modify the fields after it has been started.
 func (r *raftNode) start(rh *raftReadyHandler) {
-	r.applyc = make(chan apply)
-	r.stopped = make(chan struct{})
-	r.done = make(chan struct{})
 	internalTimeout := time.Second
 
 	go func() {
@@ -143,14 +160,12 @@ func (r *raftNode) start(rh *raftReadyHandler) {
 
 		for {
 			select {
-			case <-r.ticker:
+			case <-r.ticker.C:
 				r.Tick()
 			case rd := <-r.Ready():
 				if rd.SoftState != nil {
-					if lead := atomic.LoadUint64(&r.lead); rd.SoftState.Lead != raft.None && lead != rd.SoftState.Lead {
-						r.mu.Lock()
-						r.lt = time.Now()
-						r.mu.Unlock()
+					newLeader := rd.SoftState.Lead != raft.None && atomic.LoadUint64(&r.lead) != rd.SoftState.Lead
+					if newLeader {
 						leaderChanges.Inc()
 					}
 
@@ -162,7 +177,8 @@ func (r *raftNode) start(rh *raftReadyHandler) {
 
 					atomic.StoreUint64(&r.lead, rd.SoftState.Lead)
 					islead = rd.RaftState == raft.StateLeader
-					rh.updateLeadership()
+					rh.updateLeadership(newLeader)
+					r.td.Reset()
 				}
 
 				if len(rd.ReadStates) != 0 {
@@ -175,11 +191,11 @@ func (r *raftNode) start(rh *raftReadyHandler) {
 					}
 				}
 
-				raftDone := make(chan struct{}, 1)
+				notifyc := make(chan struct{}, 1)
 				ap := apply{
 					entries:  rd.CommittedEntries,
 					snapshot: rd.Snapshot,
-					raftDone: raftDone,
+					notifyc:  notifyc,
 				}
 
 				updateCommittedIndex(&ap, rh)
@@ -195,7 +211,7 @@ func (r *raftNode) start(rh *raftReadyHandler) {
 				// For more details, check raft thesis 10.2.1
 				if islead {
 					// gofail: var raftBeforeLeaderSend struct{}
-					r.sendMessages(rd.Messages)
+					r.transport.Send(r.processMessages(rd.Messages))
 				}
 
 				// gofail: var raftBeforeSave struct{}
@@ -212,6 +228,9 @@ func (r *raftNode) start(rh *raftReadyHandler) {
 					if err := r.storage.SaveSnap(rd.Snapshot); err != nil {
 						plog.Fatalf("raft save snapshot error: %v", err)
 					}
+					// etcdserver now claim the snapshot has been persisted onto the disk
+					notifyc <- struct{}{}
+
 					// gofail: var raftAfterSaveSnap struct{}
 					r.raftStorage.ApplySnapshot(rd.Snapshot)
 					plog.Infof("raft applied incoming snapshot at index %d", rd.Snapshot.Metadata.Index)
@@ -221,10 +240,44 @@ func (r *raftNode) start(rh *raftReadyHandler) {
 				r.raftStorage.Append(rd.Entries)
 
 				if !islead {
+					// finish processing incoming messages before we signal raftdone chan
+					msgs := r.processMessages(rd.Messages)
+
+					// now unblocks 'applyAll' that waits on Raft log disk writes before triggering snapshots
+					notifyc <- struct{}{}
+
+					// Candidate or follower needs to wait for all pending configuration
+					// changes to be applied before sending messages.
+					// Otherwise we might incorrectly count votes (e.g. votes from removed members).
+					// Also slow machine's follower raft-layer could proceed to become the leader
+					// on its own single-node cluster, before apply-layer applies the config change.
+					// We simply wait for ALL pending entries to be applied for now.
+					// We might improve this later on if it causes unnecessary long blocking issues.
+					waitApply := false
+					for _, ent := range rd.CommittedEntries {
+						if ent.Type == raftpb.EntryConfChange {
+							waitApply = true
+							break
+						}
+					}
+					if waitApply {
+						// blocks until 'applyAll' calls 'applyWait.Trigger'
+						// to be in sync with scheduled config-change job
+						// (assume notifyc has cap of 1)
+						select {
+						case notifyc <- struct{}{}:
+						case <-r.stopped:
+							return
+						}
+					}
+
 					// gofail: var raftBeforeFollowerSend struct{}
-					r.sendMessages(rd.Messages)
+					r.transport.Send(msgs)
+				} else {
+					// leader already processed 'MsgSnap' and signaled
+					notifyc <- struct{}{}
 				}
-				raftDone <- struct{}{}
+
 				r.Advance()
 			case <-r.stopped:
 				return
@@ -246,7 +299,7 @@ func updateCommittedIndex(ap *apply, rh *raftReadyHandler) {
 	}
 }
 
-func (r *raftNode) sendMessages(ms []raftpb.Message) {
+func (r *raftNode) processMessages(ms []raftpb.Message) []raftpb.Message {
 	sentAppResp := false
 	for i := len(ms) - 1; i >= 0; i-- {
 		if r.isIDRemoved(ms[i].To) {
@@ -282,20 +335,13 @@ func (r *raftNode) sendMessages(ms []raftpb.Message) {
 			}
 		}
 	}
-
-	r.transport.Send(ms)
+	return ms
 }
 
 func (r *raftNode) apply() chan apply {
 	return r.applyc
 }
 
-func (r *raftNode) leadElectedTime() time.Time {
-	r.mu.Lock()
-	defer r.mu.Unlock()
-	return r.lt
-}
-
 func (r *raftNode) stop() {
 	r.stopped <- struct{}{}
 	<-r.done
@@ -303,6 +349,7 @@ func (r *raftNode) stop() {
 
 func (r *raftNode) onStop() {
 	r.Stop()
+	r.ticker.Stop()
 	r.transport.Stop()
 	if err := r.storage.Close(); err != nil {
 		plog.Panicf("raft close storage error: %v", err)
diff --git a/vendor/github.com/coreos/etcd/etcdserver/server.go b/vendor/github.com/coreos/etcd/etcdserver/server.go
index 0734f8c59249..271c5e773137 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/server.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/server.go
@@ -23,7 +23,6 @@ import (
 	"net/http"
 	"os"
 	"path"
-	"path/filepath"
 	"regexp"
 	"sync"
 	"sync/atomic"
@@ -41,7 +40,6 @@ import (
 	"github.com/coreos/etcd/lease"
 	"github.com/coreos/etcd/mvcc"
 	"github.com/coreos/etcd/mvcc/backend"
-	"github.com/coreos/etcd/pkg/contention"
 	"github.com/coreos/etcd/pkg/fileutil"
 	"github.com/coreos/etcd/pkg/idutil"
 	"github.com/coreos/etcd/pkg/pbutil"
@@ -62,7 +60,7 @@ import (
 )
 
 const (
-	DefaultSnapCount = 10000
+	DefaultSnapCount = 100000
 
 	StoreClusterPrefix = "/0"
 	StoreKeysPrefix    = "/1"
@@ -77,7 +75,6 @@ const (
 	// (since it will timeout).
 	monitorVersionInterval = rafthttp.ConnWriteTimeout - time.Second
 
-	databaseFilename = "db"
 	// max number of in-flight snapshot messages etcdserver allows to have
 	// This number is more than enough for most clusters with 5 machines.
 	maxInFlightMsgSnap = 16
@@ -85,7 +82,8 @@ const (
 	releaseDelayAfterSnapshot = 30 * time.Second
 
 	// maxPendingRevokes is the maximum number of outstanding expired lease revocations.
-	maxPendingRevokes = 16
+	maxPendingRevokes          = 16
+	recommendedMaxRequestBytes = 10 * 1024 * 1024
 )
 
 var (
@@ -135,15 +133,15 @@ type Server interface {
 	// AddMember attempts to add a member into the cluster. It will return
 	// ErrIDRemoved if member ID is removed from the cluster, or return
 	// ErrIDExists if member ID exists in the cluster.
-	AddMember(ctx context.Context, memb membership.Member) error
+	AddMember(ctx context.Context, memb membership.Member) ([]*membership.Member, error)
 	// RemoveMember attempts to remove a member from the cluster. It will
 	// return ErrIDRemoved if member ID is removed from the cluster, or return
 	// ErrIDNotFound if member ID is not in the cluster.
-	RemoveMember(ctx context.Context, id uint64) error
+	RemoveMember(ctx context.Context, id uint64) ([]*membership.Member, error)
 
 	// UpdateMember attempts to update an existing member in the cluster. It will
 	// return ErrIDNotFound if the member ID does not exist.
-	UpdateMember(ctx context.Context, updateMemb membership.Member) error
+	UpdateMember(ctx context.Context, updateMemb membership.Member) ([]*membership.Member, error)
 
 	// ClusterVersion is the cluster-wide minimum major.minor version.
 	// Cluster version is set to the min version that an etcd member is
@@ -201,7 +199,8 @@ type EtcdServer struct {
 
 	cluster *membership.RaftCluster
 
-	store store.Store
+	store       store.Store
+	snapshotter *snap.Snapshotter
 
 	applyV2 ApplierV2
 
@@ -221,7 +220,7 @@ type EtcdServer struct {
 	stats  *stats.ServerStats
 	lstats *stats.LeaderStats
 
-	SyncTicker <-chan time.Time
+	SyncTicker *time.Ticker
 	// compactor is used to auto-compact the KV.
 	compactor *compactor.Periodic
 
@@ -238,6 +237,14 @@ type EtcdServer struct {
 	// wg is used to wait for the go routines that depends on the server state
 	// to exit when stopping the server.
 	wg sync.WaitGroup
+
+	// ctx is used for etcd-initiated requests that may need to be canceled
+	// on etcd server shutdown.
+	ctx    context.Context
+	cancel context.CancelFunc
+
+	leadTimeMu      sync.RWMutex
+	leadElectedTime time.Time
 }
 
 // NewServer creates a new EtcdServer from the supplied configuration. The
@@ -253,6 +260,10 @@ func NewServer(cfg *ServerConfig) (srv *EtcdServer, err error) {
 		cl *membership.RaftCluster
 	)
 
+	if cfg.MaxRequestBytes > recommendedMaxRequestBytes {
+		plog.Warningf("MaxRequestBytes %v exceeds maximum recommended size %v", cfg.MaxRequestBytes, recommendedMaxRequestBytes)
+	}
+
 	if terr := fileutil.TouchDirAll(cfg.DataDir); terr != nil {
 		return nil, fmt.Errorf("cannot access data directory: %v", terr)
 	}
@@ -264,23 +275,9 @@ func NewServer(cfg *ServerConfig) (srv *EtcdServer, err error) {
 	}
 	ss := snap.New(cfg.SnapDir())
 
-	bepath := filepath.Join(cfg.SnapDir(), databaseFilename)
+	bepath := cfg.backendPath()
 	beExist := fileutil.Exist(bepath)
-
-	var be backend.Backend
-	beOpened := make(chan struct{})
-	go func() {
-		be = backend.NewDefaultBackend(bepath)
-		beOpened <- struct{}{}
-	}()
-
-	select {
-	case <-beOpened:
-	case <-time.After(time.Second):
-		plog.Warningf("another etcd process is running with the same data dir and holding the file lock.")
-		plog.Warningf("waiting for it to exit before starting...")
-		<-beOpened
-	}
+	be := openBackend(cfg)
 
 	defer func() {
 		if err != nil {
@@ -378,6 +375,9 @@ func NewServer(cfg *ServerConfig) (srv *EtcdServer, err error) {
 				plog.Panicf("recovered store from snapshot error: %v", err)
 			}
 			plog.Infof("recovered store from snapshot at index %d", snapshot.Metadata.Index)
+			if be, err = recoverSnapshotBackend(cfg, be, *snapshot); err != nil {
+				plog.Panicf("recovering backend from snapshot error: %v", err)
+			}
 		}
 		cfg.Print()
 		if !cfg.ForceNewCluster {
@@ -400,39 +400,32 @@ func NewServer(cfg *ServerConfig) (srv *EtcdServer, err error) {
 		return nil, fmt.Errorf("cannot access member directory: %v", terr)
 	}
 
-	sstats := &stats.ServerStats{
-		Name: cfg.Name,
-		ID:   id.String(),
-	}
-	sstats.Initialize()
+	sstats := stats.NewServerStats(cfg.Name, id.String())
 	lstats := stats.NewLeaderStats(id.String())
 
 	heartbeat := time.Duration(cfg.TickMs) * time.Millisecond
 	srv = &EtcdServer{
-		readych:   make(chan struct{}),
-		Cfg:       cfg,
-		snapCount: cfg.SnapCount,
-		errorc:    make(chan error, 1),
-		store:     st,
-		r: raftNode{
-			isIDRemoved: func(id uint64) bool { return cl.IsIDRemoved(types.ID(id)) },
-			Node:        n,
-			ticker:      time.Tick(heartbeat),
-			// set up contention detectors for raft heartbeat message.
-			// expect to send a heartbeat within 2 heartbeat intervals.
-			td:          contention.NewTimeoutDetector(2 * heartbeat),
-			heartbeat:   heartbeat,
-			raftStorage: s,
-			storage:     NewStorage(w, ss),
-			msgSnapC:    make(chan raftpb.Message, maxInFlightMsgSnap),
-			readStateC:  make(chan raft.ReadState, 1),
-		},
+		readych:     make(chan struct{}),
+		Cfg:         cfg,
+		snapCount:   cfg.SnapCount,
+		errorc:      make(chan error, 1),
+		store:       st,
+		snapshotter: ss,
+		r: *newRaftNode(
+			raftNodeConfig{
+				isIDRemoved: func(id uint64) bool { return cl.IsIDRemoved(types.ID(id)) },
+				Node:        n,
+				heartbeat:   heartbeat,
+				raftStorage: s,
+				storage:     NewStorage(w, ss),
+			},
+		),
 		id:            id,
 		attributes:    membership.Attributes{Name: cfg.Name, ClientURLs: cfg.ClientURLs.StringSlice()},
 		cluster:       cl,
 		stats:         sstats,
 		lstats:        lstats,
-		SyncTicker:    time.Tick(500 * time.Millisecond),
+		SyncTicker:    time.NewTicker(500 * time.Millisecond),
 		peerRt:        prt,
 		reqIDGen:      idutil.NewGenerator(uint16(id), time.Now()),
 		forceVersionC: make(chan struct{}),
@@ -458,12 +451,26 @@ func NewServer(cfg *ServerConfig) (srv *EtcdServer, err error) {
 			plog.Warningf("consistent index never saved (snapshot index=%d)", snapshot.Metadata.Index)
 		}
 	}
-	srv.consistIndex.setConsistentIndex(srv.kv.ConsistentIndex())
+	newSrv := srv // since srv == nil in defer if srv is returned as nil
+	defer func() {
+		// closing backend without first closing kv can cause
+		// resumed compactions to fail with closed tx errors
+		if err != nil {
+			newSrv.kv.Close()
+		}
+	}()
 
-	srv.authStore = auth.NewAuthStore(srv.be,
+	srv.consistIndex.setConsistentIndex(srv.kv.ConsistentIndex())
+	tp, err := auth.NewTokenProvider(cfg.AuthToken,
 		func(index uint64) <-chan struct{} {
 			return srv.applyWait.Wait(index)
-		})
+		},
+	)
+	if err != nil {
+		plog.Errorf("failed to create token provider: %s", err)
+		return nil, err
+	}
+	srv.authStore = auth.NewAuthStore(srv.be, tp)
 	if h := cfg.AutoCompactionRetention; h != 0 {
 		srv.compactor = compactor.NewPeriodic(h, srv.kv, srv)
 		srv.compactor.Run()
@@ -531,6 +538,7 @@ func (s *EtcdServer) start() {
 	s.done = make(chan struct{})
 	s.stop = make(chan struct{})
 	s.stopping = make(chan struct{})
+	s.ctx, s.cancel = context.WithCancel(context.Background())
 	s.readwaitc = make(chan struct{}, 1)
 	s.readNotifier = newNotifier()
 	if s.ClusterVersion() != nil {
@@ -603,16 +611,19 @@ type etcdProgress struct {
 // and helps decouple state machine logic from Raft algorithms.
 // TODO: add a state machine interface to apply the commit entries and do snapshot/recover
 type raftReadyHandler struct {
-	updateLeadership     func()
+	updateLeadership     func(newLeader bool)
 	updateCommittedIndex func(uint64)
 }
 
 func (s *EtcdServer) run() {
-	snapshot, err := s.r.raftStorage.Snapshot()
+	sn, err := s.r.raftStorage.Snapshot()
 	if err != nil {
 		plog.Panicf("get snapshot from raft storage error: %v", err)
 	}
 
+	// asynchronously accept apply packets, dispatch progress in-order
+	sched := schedule.NewFIFOScheduler()
+
 	var (
 		smu   sync.RWMutex
 		syncC <-chan time.Time
@@ -629,7 +640,7 @@ func (s *EtcdServer) run() {
 		return
 	}
 	rh := &raftReadyHandler{
-		updateLeadership: func() {
+		updateLeadership: func(newLeader bool) {
 			if !s.isLeader() {
 				if s.lessor != nil {
 					s.lessor.Demote()
@@ -639,7 +650,13 @@ func (s *EtcdServer) run() {
 				}
 				setSyncC(nil)
 			} else {
-				setSyncC(s.SyncTicker)
+				if newLeader {
+					t := time.Now()
+					s.leadTimeMu.Lock()
+					s.leadElectedTime = t
+					s.leadTimeMu.Unlock()
+				}
+				setSyncC(s.SyncTicker.C)
 				if s.compactor != nil {
 					s.compactor.Resume()
 				}
@@ -650,9 +667,6 @@ func (s *EtcdServer) run() {
 			if s.stats != nil {
 				s.stats.BecomeLeader()
 			}
-			if s.r.td != nil {
-				s.r.td.Reset()
-			}
 		},
 		updateCommittedIndex: func(ci uint64) {
 			cci := s.getCommittedIndex()
@@ -663,25 +677,26 @@ func (s *EtcdServer) run() {
 	}
 	s.r.start(rh)
 
-	// asynchronously accept apply packets, dispatch progress in-order
-	sched := schedule.NewFIFOScheduler()
 	ep := etcdProgress{
-		confState: snapshot.Metadata.ConfState,
-		snapi:     snapshot.Metadata.Index,
-		appliedt:  snapshot.Metadata.Term,
-		appliedi:  snapshot.Metadata.Index,
+		confState: sn.Metadata.ConfState,
+		snapi:     sn.Metadata.Index,
+		appliedt:  sn.Metadata.Term,
+		appliedi:  sn.Metadata.Index,
 	}
 
 	defer func() {
 		s.wgMu.Lock() // block concurrent waitgroup adds in goAttach while stopping
 		close(s.stopping)
 		s.wgMu.Unlock()
+		s.cancel()
 
 		sched.Stop()
 
 		// wait for gouroutines before closing raft so wal stays open
 		s.wg.Wait()
 
+		s.SyncTicker.Stop()
+
 		// must stop raft after scheduler-- etcdserver can leak rafthttp pipelines
 		// by adding a peer after raft stops the transport
 		s.r.stop()
@@ -728,7 +743,8 @@ func (s *EtcdServer) run() {
 					}
 					lid := lease.ID
 					s.goAttach(func() {
-						s.LeaseRevoke(context.TODO(), &pb.LeaseRevokeRequest{ID: int64(lid)})
+						s.LeaseRevoke(s.ctx, &pb.LeaseRevokeRequest{ID: int64(lid)})
+						leaseExpired.Inc()
 						<-c
 					})
 				}
@@ -762,7 +778,7 @@ func (s *EtcdServer) applyAll(ep *etcdProgress, apply *apply) {
 	// wait for the raft routine to finish the disk writes before triggering a
 	// snapshot. or applied index might be greater than the last index in raft
 	// storage, since the raft routine might be slower than apply routine.
-	<-apply.raftDone
+	<-apply.notifyc
 
 	s.triggerSnapshot(ep)
 	select {
@@ -787,23 +803,19 @@ func (s *EtcdServer) applySnapshot(ep *etcdProgress, apply *apply) {
 			apply.snapshot.Metadata.Index, ep.appliedi)
 	}
 
-	snapfn, err := s.r.storage.DBFilePath(apply.snapshot.Metadata.Index)
-	if err != nil {
-		plog.Panicf("get database snapshot file path error: %v", err)
-	}
+	// wait for raftNode to persist snapshot onto the disk
+	<-apply.notifyc
 
-	fn := filepath.Join(s.Cfg.SnapDir(), databaseFilename)
-	if err := os.Rename(snapfn, fn); err != nil {
-		plog.Panicf("rename snapshot file error: %v", err)
+	newbe, err := openSnapshotBackend(s.Cfg, s.snapshotter, apply.snapshot)
+	if err != nil {
+		plog.Panic(err)
 	}
 
-	newbe := backend.NewDefaultBackend(fn)
-
 	// always recover lessor before kv. When we recover the mvcc.KV it will reattach keys to its leases.
 	// If we recover mvcc.KV first, it will attach the keys to the wrong lessor before it recovers.
 	if s.lessor != nil {
 		plog.Info("recovering lessor...")
-		s.lessor.Recover(newbe, s.kv)
+		s.lessor.Recover(newbe, func() lease.TxnDelete { return s.kv.Write() })
 		plog.Info("finished recovering lessor")
 	}
 
@@ -955,7 +967,7 @@ func (s *EtcdServer) TransferLeadership() error {
 	}
 
 	tm := s.Cfg.ReqTimeout()
-	ctx, cancel := context.WithTimeout(context.TODO(), tm)
+	ctx, cancel := context.WithTimeout(s.ctx, tm)
 	err := s.transferLeadership(ctx, s.Lead(), uint64(transferee))
 	cancel()
 	return err
@@ -1015,7 +1027,7 @@ func (s *EtcdServer) StoreStats() []byte { return s.store.JsonStats() }
 
 func (s *EtcdServer) checkMembershipOperationPermission(ctx context.Context) error {
 	if s.authStore == nil {
-		// In the context of ordinal etcd process, s.authStore will never be nil.
+		// In the context of ordinary etcd process, s.authStore will never be nil.
 		// This branch is for handling cases in server_test.go
 		return nil
 	}
@@ -1026,7 +1038,7 @@ func (s *EtcdServer) checkMembershipOperationPermission(ctx context.Context) err
 	// in the state machine layer
 	// However, both of membership change and role management requires the root privilege.
 	// So careful operation by admins can prevent the problem.
-	authInfo, err := s.AuthStore().AuthInfoFromCtx(ctx)
+	authInfo, err := s.AuthInfoFromCtx(ctx)
 	if err != nil {
 		return err
 	}
@@ -1034,27 +1046,27 @@ func (s *EtcdServer) checkMembershipOperationPermission(ctx context.Context) err
 	return s.AuthStore().IsAdminPermitted(authInfo)
 }
 
-func (s *EtcdServer) AddMember(ctx context.Context, memb membership.Member) error {
+func (s *EtcdServer) AddMember(ctx context.Context, memb membership.Member) ([]*membership.Member, error) {
 	if err := s.checkMembershipOperationPermission(ctx); err != nil {
-		return err
+		return nil, err
 	}
 
 	if s.Cfg.StrictReconfigCheck {
 		// by default StrictReconfigCheck is enabled; reject new members if unhealthy
 		if !s.cluster.IsReadyToAddNewMember() {
 			plog.Warningf("not enough started members, rejecting member add %+v", memb)
-			return ErrNotEnoughStartedMembers
+			return nil, ErrNotEnoughStartedMembers
 		}
 		if !isConnectedFullySince(s.r.transport, time.Now().Add(-HealthInterval), s.ID(), s.cluster.Members()) {
 			plog.Warningf("not healthy for reconfigure, rejecting member add %+v", memb)
-			return ErrUnhealthy
+			return nil, ErrUnhealthy
 		}
 	}
 
 	// TODO: move Member to protobuf type
 	b, err := json.Marshal(memb)
 	if err != nil {
-		return err
+		return nil, err
 	}
 	cc := raftpb.ConfChange{
 		Type:    raftpb.ConfChangeAddNode,
@@ -1064,14 +1076,14 @@ func (s *EtcdServer) AddMember(ctx context.Context, memb membership.Member) erro
 	return s.configure(ctx, cc)
 }
 
-func (s *EtcdServer) RemoveMember(ctx context.Context, id uint64) error {
+func (s *EtcdServer) RemoveMember(ctx context.Context, id uint64) ([]*membership.Member, error) {
 	if err := s.checkMembershipOperationPermission(ctx); err != nil {
-		return err
+		return nil, err
 	}
 
 	// by default StrictReconfigCheck is enabled; reject removal if leads to quorum loss
 	if err := s.mayRemoveMember(types.ID(id)); err != nil {
-		return err
+		return nil, err
 	}
 
 	cc := raftpb.ConfChange{
@@ -1107,14 +1119,14 @@ func (s *EtcdServer) mayRemoveMember(id types.ID) error {
 	return nil
 }
 
-func (s *EtcdServer) UpdateMember(ctx context.Context, memb membership.Member) error {
+func (s *EtcdServer) UpdateMember(ctx context.Context, memb membership.Member) ([]*membership.Member, error) {
 	b, merr := json.Marshal(memb)
 	if merr != nil {
-		return merr
+		return nil, merr
 	}
 
 	if err := s.checkMembershipOperationPermission(ctx); err != nil {
-		return err
+		return nil, err
 	}
 	cc := raftpb.ConfChange{
 		Type:    raftpb.ConfChangeUpdateNode,
@@ -1137,31 +1149,34 @@ func (s *EtcdServer) Lead() uint64 { return atomic.LoadUint64(&s.r.lead) }
 
 func (s *EtcdServer) Leader() types.ID { return types.ID(s.Lead()) }
 
+type confChangeResponse struct {
+	membs []*membership.Member
+	err   error
+}
+
 // configure sends a configuration change through consensus and
 // then waits for it to be applied to the server. It
 // will block until the change is performed or there is an error.
-func (s *EtcdServer) configure(ctx context.Context, cc raftpb.ConfChange) error {
+func (s *EtcdServer) configure(ctx context.Context, cc raftpb.ConfChange) ([]*membership.Member, error) {
 	cc.ID = s.reqIDGen.Next()
 	ch := s.w.Register(cc.ID)
 	start := time.Now()
 	if err := s.r.ProposeConfChange(ctx, cc); err != nil {
 		s.w.Trigger(cc.ID, nil)
-		return err
+		return nil, err
 	}
 	select {
 	case x := <-ch:
-		if err, ok := x.(error); ok {
-			return err
-		}
-		if x != nil {
-			plog.Panicf("return type should always be error")
+		if x == nil {
+			plog.Panicf("configure trigger value should never be nil")
 		}
-		return nil
+		resp := x.(*confChangeResponse)
+		return resp.membs, resp.err
 	case <-ctx.Done():
 		s.w.Trigger(cc.ID, nil) // GC wait
-		return s.parseProposeCtxErr(ctx.Err(), start)
+		return nil, s.parseProposeCtxErr(ctx.Err(), start)
 	case <-s.stopping:
-		return ErrStopped
+		return nil, ErrStopped
 	}
 }
 
@@ -1169,7 +1184,6 @@ func (s *EtcdServer) configure(ctx context.Context, cc raftpb.ConfChange) error
 // This makes no guarantee that the request will be proposed or performed.
 // The request will be canceled after the given timeout.
 func (s *EtcdServer) sync(timeout time.Duration) {
-	ctx, cancel := context.WithTimeout(context.Background(), timeout)
 	req := pb.Request{
 		Method: "SYNC",
 		ID:     s.reqIDGen.Next(),
@@ -1178,6 +1192,7 @@ func (s *EtcdServer) sync(timeout time.Duration) {
 	data := pbutil.MustMarshal(&req)
 	// There is no promise that node has leader when do SYNC request,
 	// so it uses goroutine to propose.
+	ctx, cancel := context.WithTimeout(s.ctx, timeout)
 	s.goAttach(func() {
 		s.r.Propose(ctx, data)
 		cancel()
@@ -1202,7 +1217,7 @@ func (s *EtcdServer) publish(timeout time.Duration) {
 	}
 
 	for {
-		ctx, cancel := context.WithTimeout(context.Background(), timeout)
+		ctx, cancel := context.WithTimeout(s.ctx, timeout)
 		_, err := s.Do(ctx, req)
 		cancel()
 		switch err {
@@ -1262,7 +1277,7 @@ func (s *EtcdServer) apply(es []raftpb.Entry, confState *raftpb.ConfState) (appl
 			removedSelf, err := s.applyConfChange(cc, confState)
 			s.setAppliedIndex(e.Index)
 			shouldStop = shouldStop || removedSelf
-			s.w.Trigger(cc.ID, err)
+			s.w.Trigger(cc.ID, &confChangeResponse{s.cluster.Members(), err})
 		default:
 			plog.Panicf("entry type should be either EntryNormal or EntryConfChange")
 		}
@@ -1347,8 +1362,7 @@ func (s *EtcdServer) applyEntryNormal(e *raftpb.Entry) {
 			Action:   pb.AlarmRequest_ACTIVATE,
 			Alarm:    pb.AlarmType_NOSPACE,
 		}
-		r := pb.InternalRaftRequest{Alarm: a}
-		s.processInternalRaftRequest(context.TODO(), r)
+		s.raftRequest(s.ctx, pb.InternalRaftRequest{Alarm: a})
 		s.w.Trigger(id, ar)
 	})
 }
@@ -1544,7 +1558,7 @@ func (s *EtcdServer) updateClusterVersion(ver string) {
 		Path:   membership.StoreClusterVersionKey(),
 		Val:    ver,
 	}
-	ctx, cancel := context.WithTimeout(context.Background(), s.Cfg.ReqTimeout())
+	ctx, cancel := context.WithTimeout(s.ctx, s.Cfg.ReqTimeout())
 	_, err := s.Do(ctx, req)
 	cancel()
 	switch err {
@@ -1563,7 +1577,9 @@ func (s *EtcdServer) parseProposeCtxErr(err error, start time.Time) error {
 	case context.Canceled:
 		return ErrCanceled
 	case context.DeadlineExceeded:
-		curLeadElected := s.r.leadElectedTime()
+		s.leadTimeMu.RLock()
+		curLeadElected := s.leadElectedTime
+		s.leadTimeMu.RUnlock()
 		prevLeadLost := curLeadElected.Add(-2 * time.Duration(s.Cfg.ElectionTicks) * time.Duration(s.Cfg.TickMs) * time.Millisecond)
 		if start.After(prevLeadLost) && start.Before(curLeadElected) {
 			return ErrTimeoutDueToLeaderFail
diff --git a/vendor/github.com/coreos/etcd/etcdserver/snapshot_merge.go b/vendor/github.com/coreos/etcd/etcdserver/snapshot_merge.go
index 9cfc852168bd..928aa95b6b16 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/snapshot_merge.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/snapshot_merge.go
@@ -60,9 +60,14 @@ func newSnapshotReaderCloser(snapshot backend.Snapshot) io.ReadCloser {
 		n, err := snapshot.WriteTo(pw)
 		if err == nil {
 			plog.Infof("wrote database snapshot out [total bytes: %d]", n)
+		} else {
+			plog.Warningf("failed to write database snapshot out [written bytes: %d]: %v", n, err)
 		}
 		pw.CloseWithError(err)
-		snapshot.Close()
+		err = snapshot.Close()
+		if err != nil {
+			plog.Panicf("failed to close database snapshot: %v", err)
+		}
 	}()
 	return pr
 }
diff --git a/vendor/github.com/coreos/etcd/etcdserver/stats/leader.go b/vendor/github.com/coreos/etcd/etcdserver/stats/leader.go
index 1bed85474e32..8f6a54ff751a 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/stats/leader.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/stats/leader.go
@@ -24,25 +24,30 @@ import (
 // LeaderStats is used by the leader in an etcd cluster, and encapsulates
 // statistics about communication with its followers
 type LeaderStats struct {
+	leaderStats
+	sync.Mutex
+}
+
+type leaderStats struct {
 	// Leader is the ID of the leader in the etcd cluster.
 	// TODO(jonboulle): clarify that these are IDs, not names
 	Leader    string                    `json:"leader"`
 	Followers map[string]*FollowerStats `json:"followers"`
-
-	sync.Mutex
 }
 
 // NewLeaderStats generates a new LeaderStats with the given id as leader
 func NewLeaderStats(id string) *LeaderStats {
 	return &LeaderStats{
-		Leader:    id,
-		Followers: make(map[string]*FollowerStats),
+		leaderStats: leaderStats{
+			Leader:    id,
+			Followers: make(map[string]*FollowerStats),
+		},
 	}
 }
 
 func (ls *LeaderStats) JSON() []byte {
 	ls.Lock()
-	stats := *ls
+	stats := ls.leaderStats
 	ls.Unlock()
 	b, err := json.Marshal(stats)
 	// TODO(jonboulle): appropriate error handling?
diff --git a/vendor/github.com/coreos/etcd/etcdserver/stats/server.go b/vendor/github.com/coreos/etcd/etcdserver/stats/server.go
index cd450e2d1999..0278e885cf99 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/stats/server.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/stats/server.go
@@ -26,6 +26,26 @@ import (
 // ServerStats encapsulates various statistics about an EtcdServer and its
 // communication with other members of the cluster
 type ServerStats struct {
+	serverStats
+	sync.Mutex
+}
+
+func NewServerStats(name, id string) *ServerStats {
+	ss := &ServerStats{
+		serverStats: serverStats{
+			Name: name,
+			ID:   id,
+		},
+	}
+	now := time.Now()
+	ss.StartTime = now
+	ss.LeaderInfo.StartTime = now
+	ss.sendRateQueue = &statsQueue{back: -1}
+	ss.recvRateQueue = &statsQueue{back: -1}
+	return ss
+}
+
+type serverStats struct {
 	Name string `json:"name"`
 	// ID is the raft ID of the node.
 	// TODO(jonboulle): use ID instead of name?
@@ -49,17 +69,15 @@ type ServerStats struct {
 
 	sendRateQueue *statsQueue
 	recvRateQueue *statsQueue
-
-	sync.Mutex
 }
 
 func (ss *ServerStats) JSON() []byte {
 	ss.Lock()
-	stats := *ss
+	stats := ss.serverStats
 	ss.Unlock()
 	stats.LeaderInfo.Uptime = time.Since(stats.LeaderInfo.StartTime).String()
-	stats.SendingPkgRate, stats.SendingBandwidthRate = stats.SendRates()
-	stats.RecvingPkgRate, stats.RecvingBandwidthRate = stats.RecvRates()
+	stats.SendingPkgRate, stats.SendingBandwidthRate = stats.sendRateQueue.Rate()
+	stats.RecvingPkgRate, stats.RecvingBandwidthRate = stats.recvRateQueue.Rate()
 	b, err := json.Marshal(stats)
 	// TODO(jonboulle): appropriate error handling?
 	if err != nil {
@@ -68,32 +86,6 @@ func (ss *ServerStats) JSON() []byte {
 	return b
 }
 
-// Initialize clears the statistics of ServerStats and resets its start time
-func (ss *ServerStats) Initialize() {
-	if ss == nil {
-		return
-	}
-	now := time.Now()
-	ss.StartTime = now
-	ss.LeaderInfo.StartTime = now
-	ss.sendRateQueue = &statsQueue{
-		back: -1,
-	}
-	ss.recvRateQueue = &statsQueue{
-		back: -1,
-	}
-}
-
-// RecvRates calculates and returns the rate of received append requests
-func (ss *ServerStats) RecvRates() (float64, float64) {
-	return ss.recvRateQueue.Rate()
-}
-
-// SendRates calculates and returns the rate of sent append requests
-func (ss *ServerStats) SendRates() (float64, float64) {
-	return ss.sendRateQueue.Rate()
-}
-
 // RecvAppendReq updates the ServerStats in response to an AppendRequest
 // from the given leader being received
 func (ss *ServerStats) RecvAppendReq(leader string, reqSize int) {
diff --git a/vendor/github.com/coreos/etcd/etcdserver/storage.go b/vendor/github.com/coreos/etcd/etcdserver/storage.go
index 693618fbd51c..aa8f87569dbe 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/storage.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/storage.go
@@ -32,9 +32,6 @@ type Storage interface {
 	Save(st raftpb.HardState, ents []raftpb.Entry) error
 	// SaveSnap function saves snapshot to the underlying stable storage.
 	SaveSnap(snap raftpb.Snapshot) error
-	// DBFilePath returns the file path of database snapshot saved with given
-	// id.
-	DBFilePath(id uint64) (string, error)
 	// Close closes the Storage and performs finalization.
 	Close() error
 }
diff --git a/vendor/github.com/coreos/etcd/etcdserver/util.go b/vendor/github.com/coreos/etcd/etcdserver/util.go
index 66084ae12446..e3896ffc2d3d 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/util.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/util.go
@@ -87,7 +87,7 @@ type notifier struct {
 
 func newNotifier() *notifier {
 	return &notifier{
-		c: make(chan struct{}, 0),
+		c: make(chan struct{}),
 	}
 }
 
diff --git a/vendor/github.com/coreos/etcd/etcdserver/v3_server.go b/vendor/github.com/coreos/etcd/etcdserver/v3_server.go
index 60653cb6dff4..ae449bbf22ff 100644
--- a/vendor/github.com/coreos/etcd/etcdserver/v3_server.go
+++ b/vendor/github.com/coreos/etcd/etcdserver/v3_server.go
@@ -19,6 +19,8 @@ import (
 	"encoding/binary"
 	"time"
 
+	"github.com/gogo/protobuf/proto"
+
 	"github.com/coreos/etcd/auth"
 	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
 	"github.com/coreos/etcd/etcdserver/membership"
@@ -27,17 +29,10 @@ import (
 	"github.com/coreos/etcd/mvcc"
 	"github.com/coreos/etcd/raft"
 
-	"github.com/coreos/go-semver/semver"
 	"golang.org/x/net/context"
 )
 
 const (
-	// the max request size that raft accepts.
-	// TODO: make this a flag? But we probably do not want to
-	// accept large request which might block raft stream. User
-	// specify a large value might end up with shooting in the foot.
-	maxRequestBytes = 1.5 * 1024 * 1024
-
 	// In the health case, there might be a small gap (10s of entries) between
 	// the applied index and committed index.
 	// However, if the committed entries are very heavy to apply, the gap might grow.
@@ -45,10 +40,6 @@ const (
 	maxGapBetweenApplyAndCommitIndex = 5000
 )
 
-var (
-	newRangeClusterVersion = *semver.Must(semver.NewVersion("3.1.0"))
-)
-
 type RaftKV interface {
 	Range(ctx context.Context, r *pb.RangeRequest) (*pb.RangeResponse, error)
 	Put(ctx context.Context, r *pb.PutRequest) (*pb.PutResponse, error)
@@ -91,11 +82,6 @@ type Authenticator interface {
 }
 
 func (s *EtcdServer) Range(ctx context.Context, r *pb.RangeRequest) (*pb.RangeResponse, error) {
-	// TODO: remove this checking when we release etcd 3.2
-	if s.ClusterVersion() == nil || s.ClusterVersion().LessThan(newRangeClusterVersion) {
-		return s.legacyRange(ctx, r)
-	}
-
 	if !r.Serializable {
 		err := s.linearizableReadNotify(ctx)
 		if err != nil {
@@ -107,65 +93,30 @@ func (s *EtcdServer) Range(ctx context.Context, r *pb.RangeRequest) (*pb.RangeRe
 	chk := func(ai *auth.AuthInfo) error {
 		return s.authStore.IsRangePermitted(ai, r.Key, r.RangeEnd)
 	}
-	get := func() { resp, err = s.applyV3Base.Range(noTxn, r) }
+	get := func() { resp, err = s.applyV3Base.Range(nil, r) }
 	if serr := s.doSerialize(ctx, chk, get); serr != nil {
 		return nil, serr
 	}
 	return resp, err
 }
 
-// TODO: remove this func when we release etcd 3.2
-func (s *EtcdServer) legacyRange(ctx context.Context, r *pb.RangeRequest) (*pb.RangeResponse, error) {
-	if r.Serializable {
-		var resp *pb.RangeResponse
-		var err error
-		chk := func(ai *auth.AuthInfo) error {
-			return s.authStore.IsRangePermitted(ai, r.Key, r.RangeEnd)
-		}
-		get := func() { resp, err = s.applyV3Base.Range(noTxn, r) }
-		if serr := s.doSerialize(ctx, chk, get); serr != nil {
-			return nil, serr
-		}
-		return resp, err
-	}
-	result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{Range: r})
-	if err != nil {
-		return nil, err
-	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.RangeResponse), nil
-}
-
 func (s *EtcdServer) Put(ctx context.Context, r *pb.PutRequest) (*pb.PutResponse, error) {
-	result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{Put: r})
+	resp, err := s.raftRequest(ctx, pb.InternalRaftRequest{Put: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.PutResponse), nil
+	return resp.(*pb.PutResponse), nil
 }
 
 func (s *EtcdServer) DeleteRange(ctx context.Context, r *pb.DeleteRangeRequest) (*pb.DeleteRangeResponse, error) {
-	result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{DeleteRange: r})
+	resp, err := s.raftRequest(ctx, pb.InternalRaftRequest{DeleteRange: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.DeleteRangeResponse), nil
+	return resp.(*pb.DeleteRangeResponse), nil
 }
 
 func (s *EtcdServer) Txn(ctx context.Context, r *pb.TxnRequest) (*pb.TxnResponse, error) {
-	// TODO: remove this checking when we release etcd 3.2
-	if s.ClusterVersion() == nil || s.ClusterVersion().LessThan(newRangeClusterVersion) {
-		return s.legacyTxn(ctx, r)
-	}
-
 	if isTxnReadonly(r) {
 		if !isTxnSerializable(r) {
 			err := s.linearizableReadNotify(ctx)
@@ -184,38 +135,11 @@ func (s *EtcdServer) Txn(ctx context.Context, r *pb.TxnRequest) (*pb.TxnResponse
 		}
 		return resp, err
 	}
-	result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{Txn: r})
-	if err != nil {
-		return nil, err
-	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.TxnResponse), nil
-}
-
-// TODO: remove this func when we release etcd 3.2
-func (s *EtcdServer) legacyTxn(ctx context.Context, r *pb.TxnRequest) (*pb.TxnResponse, error) {
-	if isTxnSerializable(r) {
-		var resp *pb.TxnResponse
-		var err error
-		chk := func(ai *auth.AuthInfo) error {
-			return checkTxnAuth(s.authStore, ai, r)
-		}
-		get := func() { resp, err = s.applyV3Base.Txn(r) }
-		if serr := s.doSerialize(ctx, chk, get); serr != nil {
-			return nil, serr
-		}
-		return resp, err
-	}
-	result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{Txn: r})
+	resp, err := s.raftRequest(ctx, pb.InternalRaftRequest{Txn: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.TxnResponse), nil
+	return resp.(*pb.TxnResponse), nil
 }
 
 func isTxnSerializable(r *pb.TxnRequest) bool {
@@ -280,25 +204,19 @@ func (s *EtcdServer) LeaseGrant(ctx context.Context, r *pb.LeaseGrantRequest) (*
 		// only use positive int64 id's
 		r.ID = int64(s.reqIDGen.Next() & ((1 << 63) - 1))
 	}
-	result, err := s.processInternalRaftRequestOnce(ctx, pb.InternalRaftRequest{LeaseGrant: r})
+	resp, err := s.raftRequestOnce(ctx, pb.InternalRaftRequest{LeaseGrant: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.LeaseGrantResponse), nil
+	return resp.(*pb.LeaseGrantResponse), nil
 }
 
 func (s *EtcdServer) LeaseRevoke(ctx context.Context, r *pb.LeaseRevokeRequest) (*pb.LeaseRevokeResponse, error) {
-	result, err := s.processInternalRaftRequestOnce(ctx, pb.InternalRaftRequest{LeaseRevoke: r})
+	resp, err := s.raftRequestOnce(ctx, pb.InternalRaftRequest{LeaseRevoke: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.LeaseRevokeResponse), nil
+	return resp.(*pb.LeaseRevokeResponse), nil
 }
 
 func (s *EtcdServer) LeaseRenew(ctx context.Context, id lease.LeaseID) (int64, error) {
@@ -394,54 +312,45 @@ func (s *EtcdServer) waitLeader(ctx context.Context) (*membership.Member, error)
 }
 
 func (s *EtcdServer) Alarm(ctx context.Context, r *pb.AlarmRequest) (*pb.AlarmResponse, error) {
-	result, err := s.processInternalRaftRequestOnce(ctx, pb.InternalRaftRequest{Alarm: r})
+	resp, err := s.raftRequestOnce(ctx, pb.InternalRaftRequest{Alarm: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.AlarmResponse), nil
+	return resp.(*pb.AlarmResponse), nil
 }
 
 func (s *EtcdServer) AuthEnable(ctx context.Context, r *pb.AuthEnableRequest) (*pb.AuthEnableResponse, error) {
-	result, err := s.processInternalRaftRequestOnce(ctx, pb.InternalRaftRequest{AuthEnable: r})
+	resp, err := s.raftRequestOnce(ctx, pb.InternalRaftRequest{AuthEnable: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.AuthEnableResponse), nil
+	return resp.(*pb.AuthEnableResponse), nil
 }
 
 func (s *EtcdServer) AuthDisable(ctx context.Context, r *pb.AuthDisableRequest) (*pb.AuthDisableResponse, error) {
-	result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{AuthDisable: r})
+	resp, err := s.raftRequest(ctx, pb.InternalRaftRequest{AuthDisable: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.AuthDisableResponse), nil
+	return resp.(*pb.AuthDisableResponse), nil
 }
 
 func (s *EtcdServer) Authenticate(ctx context.Context, r *pb.AuthenticateRequest) (*pb.AuthenticateResponse, error) {
-	var result *applyResult
-
-	err := s.linearizableReadNotify(ctx)
-	if err != nil {
+	if err := s.linearizableReadNotify(ctx); err != nil {
 		return nil, err
 	}
 
+	var resp proto.Message
 	for {
 		checkedRevision, err := s.AuthStore().CheckPassword(r.Name, r.Password)
 		if err != nil {
-			plog.Errorf("invalid authentication request to user %s was issued", r.Name)
+			if err != auth.ErrAuthNotEnabled {
+				plog.Errorf("invalid authentication request to user %s was issued", r.Name)
+			}
 			return nil, err
 		}
 
-		st, err := s.AuthStore().GenSimpleToken()
+		st, err := s.AuthStore().GenTokenPrefix()
 		if err != nil {
 			return nil, err
 		}
@@ -452,172 +361,147 @@ func (s *EtcdServer) Authenticate(ctx context.Context, r *pb.AuthenticateRequest
 			SimpleToken: st,
 		}
 
-		result, err = s.processInternalRaftRequestOnce(ctx, pb.InternalRaftRequest{Authenticate: internalReq})
+		resp, err = s.raftRequestOnce(ctx, pb.InternalRaftRequest{Authenticate: internalReq})
 		if err != nil {
 			return nil, err
 		}
-		if result.err != nil {
-			return nil, result.err
-		}
-
-		if checkedRevision != s.AuthStore().Revision() {
-			plog.Infof("revision when password checked is obsolete, retrying")
-			continue
+		if checkedRevision == s.AuthStore().Revision() {
+			break
 		}
-
-		break
+		plog.Infof("revision when password checked is obsolete, retrying")
 	}
 
-	return result.resp.(*pb.AuthenticateResponse), nil
+	return resp.(*pb.AuthenticateResponse), nil
 }
 
 func (s *EtcdServer) UserAdd(ctx context.Context, r *pb.AuthUserAddRequest) (*pb.AuthUserAddResponse, error) {
-	result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{AuthUserAdd: r})
+	resp, err := s.raftRequest(ctx, pb.InternalRaftRequest{AuthUserAdd: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.AuthUserAddResponse), nil
+	return resp.(*pb.AuthUserAddResponse), nil
 }
 
 func (s *EtcdServer) UserDelete(ctx context.Context, r *pb.AuthUserDeleteRequest) (*pb.AuthUserDeleteResponse, error) {
-	result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{AuthUserDelete: r})
+	resp, err := s.raftRequest(ctx, pb.InternalRaftRequest{AuthUserDelete: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.AuthUserDeleteResponse), nil
+	return resp.(*pb.AuthUserDeleteResponse), nil
 }
 
 func (s *EtcdServer) UserChangePassword(ctx context.Context, r *pb.AuthUserChangePasswordRequest) (*pb.AuthUserChangePasswordResponse, error) {
-	result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{AuthUserChangePassword: r})
+	resp, err := s.raftRequest(ctx, pb.InternalRaftRequest{AuthUserChangePassword: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.AuthUserChangePasswordResponse), nil
+	return resp.(*pb.AuthUserChangePasswordResponse), nil
 }
 
 func (s *EtcdServer) UserGrantRole(ctx context.Context, r *pb.AuthUserGrantRoleRequest) (*pb.AuthUserGrantRoleResponse, error) {
-	result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{AuthUserGrantRole: r})
+	resp, err := s.raftRequest(ctx, pb.InternalRaftRequest{AuthUserGrantRole: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.AuthUserGrantRoleResponse), nil
+	return resp.(*pb.AuthUserGrantRoleResponse), nil
 }
 
 func (s *EtcdServer) UserGet(ctx context.Context, r *pb.AuthUserGetRequest) (*pb.AuthUserGetResponse, error) {
-	result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{AuthUserGet: r})
+	resp, err := s.raftRequest(ctx, pb.InternalRaftRequest{AuthUserGet: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.AuthUserGetResponse), nil
+	return resp.(*pb.AuthUserGetResponse), nil
 }
 
 func (s *EtcdServer) UserList(ctx context.Context, r *pb.AuthUserListRequest) (*pb.AuthUserListResponse, error) {
-	result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{AuthUserList: r})
+	resp, err := s.raftRequest(ctx, pb.InternalRaftRequest{AuthUserList: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.AuthUserListResponse), nil
+	return resp.(*pb.AuthUserListResponse), nil
 }
 
 func (s *EtcdServer) UserRevokeRole(ctx context.Context, r *pb.AuthUserRevokeRoleRequest) (*pb.AuthUserRevokeRoleResponse, error) {
-	result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{AuthUserRevokeRole: r})
+	resp, err := s.raftRequest(ctx, pb.InternalRaftRequest{AuthUserRevokeRole: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.AuthUserRevokeRoleResponse), nil
+	return resp.(*pb.AuthUserRevokeRoleResponse), nil
 }
 
 func (s *EtcdServer) RoleAdd(ctx context.Context, r *pb.AuthRoleAddRequest) (*pb.AuthRoleAddResponse, error) {
-	result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{AuthRoleAdd: r})
+	resp, err := s.raftRequest(ctx, pb.InternalRaftRequest{AuthRoleAdd: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.AuthRoleAddResponse), nil
+	return resp.(*pb.AuthRoleAddResponse), nil
 }
 
 func (s *EtcdServer) RoleGrantPermission(ctx context.Context, r *pb.AuthRoleGrantPermissionRequest) (*pb.AuthRoleGrantPermissionResponse, error) {
-	result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{AuthRoleGrantPermission: r})
+	resp, err := s.raftRequest(ctx, pb.InternalRaftRequest{AuthRoleGrantPermission: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.AuthRoleGrantPermissionResponse), nil
+	return resp.(*pb.AuthRoleGrantPermissionResponse), nil
 }
 
 func (s *EtcdServer) RoleGet(ctx context.Context, r *pb.AuthRoleGetRequest) (*pb.AuthRoleGetResponse, error) {
-	result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{AuthRoleGet: r})
+	resp, err := s.raftRequest(ctx, pb.InternalRaftRequest{AuthRoleGet: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.AuthRoleGetResponse), nil
+	return resp.(*pb.AuthRoleGetResponse), nil
 }
 
 func (s *EtcdServer) RoleList(ctx context.Context, r *pb.AuthRoleListRequest) (*pb.AuthRoleListResponse, error) {
-	result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{AuthRoleList: r})
+	resp, err := s.raftRequest(ctx, pb.InternalRaftRequest{AuthRoleList: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.AuthRoleListResponse), nil
+	return resp.(*pb.AuthRoleListResponse), nil
 }
 
 func (s *EtcdServer) RoleRevokePermission(ctx context.Context, r *pb.AuthRoleRevokePermissionRequest) (*pb.AuthRoleRevokePermissionResponse, error) {
-	result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{AuthRoleRevokePermission: r})
+	resp, err := s.raftRequest(ctx, pb.InternalRaftRequest{AuthRoleRevokePermission: r})
 	if err != nil {
 		return nil, err
 	}
-	if result.err != nil {
-		return nil, result.err
-	}
-	return result.resp.(*pb.AuthRoleRevokePermissionResponse), nil
+	return resp.(*pb.AuthRoleRevokePermissionResponse), nil
 }
 
 func (s *EtcdServer) RoleDelete(ctx context.Context, r *pb.AuthRoleDeleteRequest) (*pb.AuthRoleDeleteResponse, error) {
-	result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{AuthRoleDelete: r})
+	resp, err := s.raftRequest(ctx, pb.InternalRaftRequest{AuthRoleDelete: r})
+	if err != nil {
+		return nil, err
+	}
+	return resp.(*pb.AuthRoleDeleteResponse), nil
+}
+
+func (s *EtcdServer) raftRequestOnce(ctx context.Context, r pb.InternalRaftRequest) (proto.Message, error) {
+	result, err := s.processInternalRaftRequestOnce(ctx, r)
 	if err != nil {
 		return nil, err
 	}
 	if result.err != nil {
 		return nil, result.err
 	}
-	return result.resp.(*pb.AuthRoleDeleteResponse), nil
+	return result.resp, nil
+}
+
+func (s *EtcdServer) raftRequest(ctx context.Context, r pb.InternalRaftRequest) (proto.Message, error) {
+	for {
+		resp, err := s.raftRequestOnce(ctx, r)
+		if err != auth.ErrAuthOldRevision {
+			return resp, err
+		}
+	}
 }
 
 // doSerialize handles the auth logic, with permissions checked by "chk", for a serialized request "get". Returns a non-nil error on authentication failure.
 func (s *EtcdServer) doSerialize(ctx context.Context, chk func(*auth.AuthInfo) error, get func()) error {
 	for {
-		ai, err := s.AuthStore().AuthInfoFromCtx(ctx)
+		ai, err := s.AuthInfoFromCtx(ctx)
 		if err != nil {
 			return err
 		}
@@ -652,7 +536,7 @@ func (s *EtcdServer) processInternalRaftRequestOnce(ctx context.Context, r pb.In
 		ID: s.reqIDGen.Next(),
 	}
 
-	authInfo, err := s.AuthStore().AuthInfoFromCtx(ctx)
+	authInfo, err := s.AuthInfoFromCtx(ctx)
 	if err != nil {
 		return nil, err
 	}
@@ -666,7 +550,7 @@ func (s *EtcdServer) processInternalRaftRequestOnce(ctx context.Context, r pb.In
 		return nil, err
 	}
 
-	if len(data) > maxRequestBytes {
+	if len(data) > int(s.Cfg.MaxRequestBytes) {
 		return nil, ErrRequestTooLarge
 	}
 
@@ -696,19 +580,6 @@ func (s *EtcdServer) processInternalRaftRequestOnce(ctx context.Context, r pb.In
 	}
 }
 
-func (s *EtcdServer) processInternalRaftRequest(ctx context.Context, r pb.InternalRaftRequest) (*applyResult, error) {
-	var result *applyResult
-	var err error
-	for {
-		result, err = s.processInternalRaftRequestOnce(ctx, r)
-		if err != auth.ErrAuthOldRevision {
-			break
-		}
-	}
-
-	return result, err
-}
-
 // Watchable returns a watchable interface attached to the etcdserver.
 func (s *EtcdServer) Watchable() mvcc.WatchableKV { return s.KV() }
 
@@ -802,3 +673,14 @@ func (s *EtcdServer) linearizableReadNotify(ctx context.Context) error {
 		return ErrStopped
 	}
 }
+
+func (s *EtcdServer) AuthInfoFromCtx(ctx context.Context) (*auth.AuthInfo, error) {
+	if s.Cfg.ClientCertAuthEnabled {
+		authInfo := s.AuthStore().AuthInfoFromTLS(ctx)
+		if authInfo != nil {
+			return authInfo, nil
+		}
+	}
+
+	return s.AuthStore().AuthInfoFromCtx(ctx)
+}
diff --git a/vendor/github.com/coreos/etcd/lease/leasehttp/http.go b/vendor/github.com/coreos/etcd/lease/leasehttp/http.go
index 256051efc8dd..c3175cbbb0f0 100644
--- a/vendor/github.com/coreos/etcd/lease/leasehttp/http.go
+++ b/vendor/github.com/coreos/etcd/lease/leasehttp/http.go
@@ -16,6 +16,7 @@ package leasehttp
 
 import (
 	"bytes"
+	"context"
 	"errors"
 	"fmt"
 	"io/ioutil"
@@ -26,7 +27,6 @@ import (
 	"github.com/coreos/etcd/lease"
 	"github.com/coreos/etcd/lease/leasepb"
 	"github.com/coreos/etcd/pkg/httputil"
-	"golang.org/x/net/context"
 )
 
 var (
@@ -202,45 +202,27 @@ func TimeToLiveHTTP(ctx context.Context, id lease.LeaseID, keys bool, url string
 	}
 	req.Header.Set("Content-Type", "application/protobuf")
 
-	cancel := httputil.RequestCanceler(req)
+	req = req.WithContext(ctx)
 
 	cc := &http.Client{Transport: rt}
 	var b []byte
 	// buffer errc channel so that errc don't block inside the go routinue
-	errc := make(chan error, 2)
-	go func() {
-		resp, err := cc.Do(req)
-		if err != nil {
-			errc <- err
-			return
-		}
-		b, err = readResponse(resp)
-		if err != nil {
-			errc <- err
-			return
-		}
-		if resp.StatusCode == http.StatusRequestTimeout {
-			errc <- ErrLeaseHTTPTimeout
-			return
-		}
-		if resp.StatusCode == http.StatusNotFound {
-			errc <- lease.ErrLeaseNotFound
-			return
-		}
-		if resp.StatusCode != http.StatusOK {
-			errc <- fmt.Errorf("lease: unknown error(%s)", string(b))
-			return
-		}
-		errc <- nil
-	}()
-	select {
-	case derr := <-errc:
-		if derr != nil {
-			return nil, derr
-		}
-	case <-ctx.Done():
-		cancel()
-		return nil, ctx.Err()
+	resp, err := cc.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	b, err = readResponse(resp)
+	if err != nil {
+		return nil, err
+	}
+	if resp.StatusCode == http.StatusRequestTimeout {
+		return nil, ErrLeaseHTTPTimeout
+	}
+	if resp.StatusCode == http.StatusNotFound {
+		return nil, lease.ErrLeaseNotFound
+	}
+	if resp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("lease: unknown error(%s)", string(b))
 	}
 
 	lresp := &leasepb.LeaseInternalResponse{}
diff --git a/vendor/github.com/coreos/etcd/lease/leasepb/lease.pb.go b/vendor/github.com/coreos/etcd/lease/leasepb/lease.pb.go
index fb3a9bab0c32..ec8db732be57 100644
--- a/vendor/github.com/coreos/etcd/lease/leasepb/lease.pb.go
+++ b/vendor/github.com/coreos/etcd/lease/leasepb/lease.pb.go
@@ -590,7 +590,7 @@ func init() { proto.RegisterFile("lease.proto", fileDescriptorLease) }
 
 var fileDescriptorLease = []byte{
 	// 233 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0xe2, 0xe2, 0xce, 0x49, 0x4d, 0x2c,
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xe2, 0xce, 0x49, 0x4d, 0x2c,
 	0x4e, 0xd5, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0x62, 0x07, 0x73, 0x0a, 0x92, 0xa4, 0x44, 0xd2,
 	0xf3, 0xd3, 0xf3, 0xc1, 0x62, 0xfa, 0x20, 0x16, 0x44, 0x5a, 0x4a, 0x2d, 0xb5, 0x24, 0x39, 0x45,
 	0x1f, 0x44, 0x14, 0xa7, 0x16, 0x95, 0xa5, 0x16, 0x21, 0x31, 0x0b, 0x92, 0xf4, 0x8b, 0x0a, 0x92,
diff --git a/vendor/github.com/coreos/etcd/lease/lessor.go b/vendor/github.com/coreos/etcd/lease/lessor.go
index 385bd76d73c7..3418cf565edb 100644
--- a/vendor/github.com/coreos/etcd/lease/lessor.go
+++ b/vendor/github.com/coreos/etcd/lease/lessor.go
@@ -31,40 +31,39 @@ import (
 const (
 	// NoLease is a special LeaseID representing the absence of a lease.
 	NoLease = LeaseID(0)
+
+	forever = monotime.Time(math.MaxInt64)
 )
 
 var (
 	leaseBucketName = []byte("lease")
 
-	forever = monotime.Time(math.MaxInt64)
+	// maximum number of leases to revoke per second; configurable for tests
+	leaseRevokeRate = 1000
 
 	ErrNotPrimary    = errors.New("not a primary lessor")
 	ErrLeaseNotFound = errors.New("lease not found")
 	ErrLeaseExists   = errors.New("lease already exists")
 )
 
-type LeaseID int64
-
-// RangeDeleter defines an interface with Txn and DeleteRange method.
-// We define this interface only for lessor to limit the number
-// of methods of mvcc.KV to what lessor actually needs.
-//
-// Having a minimum interface makes testing easy.
-type RangeDeleter interface {
-	// TxnBegin see comments on mvcc.KV
-	TxnBegin() int64
-	// TxnEnd see comments on mvcc.KV
-	TxnEnd(txnID int64) error
-	// TxnDeleteRange see comments on mvcc.KV
-	TxnDeleteRange(txnID int64, key, end []byte) (n, rev int64, err error)
+// TxnDelete is a TxnWrite that only permits deletes. Defined here
+// to avoid circular dependency with mvcc.
+type TxnDelete interface {
+	DeleteRange(key, end []byte) (n, rev int64)
+	End()
 }
 
+// RangeDeleter is a TxnDelete constructor.
+type RangeDeleter func() TxnDelete
+
+type LeaseID int64
+
 // Lessor owns leases. It can grant, revoke, renew and modify leases for lessee.
 type Lessor interface {
-	// SetRangeDeleter sets the RangeDeleter to the Lessor.
-	// Lessor deletes the items in the revoked or expired lease from the
-	// the set RangeDeleter.
-	SetRangeDeleter(dr RangeDeleter)
+	// SetRangeDeleter lets the lessor create TxnDeletes to the store.
+	// Lessor deletes the items in the revoked or expired lease by creating
+	// new TxnDeletes.
+	SetRangeDeleter(rd RangeDeleter)
 
 	// Grant grants a lease that expires at least after TTL seconds.
 	Grant(id LeaseID, ttl int64) (*Lease, error)
@@ -248,17 +247,14 @@ func (le *lessor) Revoke(id LeaseID) error {
 		return nil
 	}
 
-	tid := le.rd.TxnBegin()
+	txn := le.rd()
 
 	// sort keys so deletes are in same order among all members,
 	// otherwise the backened hashes will be different
 	keys := l.Keys()
 	sort.StringSlice(keys).Sort()
 	for _, key := range keys {
-		_, _, err := le.rd.TxnDeleteRange(tid, []byte(key), nil)
-		if err != nil {
-			panic(err)
-		}
+		txn.DeleteRange([]byte(key), nil)
 	}
 
 	le.mu.Lock()
@@ -269,11 +265,7 @@ func (le *lessor) Revoke(id LeaseID) error {
 	// deleting the keys if etcdserver fails in between.
 	le.b.BatchTx().UnsafeDelete(leaseBucketName, int64ToBytes(int64(l.ID)))
 
-	err := le.rd.TxnEnd(tid)
-	if err != nil {
-		panic(err)
-	}
-
+	txn.End()
 	return nil
 }
 
@@ -335,8 +327,53 @@ func (le *lessor) Promote(extend time.Duration) {
 	for _, l := range le.leaseMap {
 		l.refresh(extend)
 	}
+
+	if len(le.leaseMap) < leaseRevokeRate {
+		// no possibility of lease pile-up
+		return
+	}
+
+	// adjust expiries in case of overlap
+	leases := make([]*Lease, 0, len(le.leaseMap))
+	for _, l := range le.leaseMap {
+		leases = append(leases, l)
+	}
+	sort.Sort(leasesByExpiry(leases))
+
+	baseWindow := leases[0].Remaining()
+	nextWindow := baseWindow + time.Second
+	expires := 0
+	// have fewer expires than the total revoke rate so piled up leases
+	// don't consume the entire revoke limit
+	targetExpiresPerSecond := (3 * leaseRevokeRate) / 4
+	for _, l := range leases {
+		remaining := l.Remaining()
+		if remaining > nextWindow {
+			baseWindow = remaining
+			nextWindow = baseWindow + time.Second
+			expires = 1
+			continue
+		}
+		expires++
+		if expires <= targetExpiresPerSecond {
+			continue
+		}
+		rateDelay := float64(time.Second) * (float64(expires) / float64(targetExpiresPerSecond))
+		// If leases are extended by n seconds, leases n seconds ahead of the
+		// base window should be extended by only one second.
+		rateDelay -= float64(remaining - baseWindow)
+		delay := time.Duration(rateDelay)
+		nextWindow = baseWindow + delay
+		l.refresh(delay + extend)
+	}
 }
 
+type leasesByExpiry []*Lease
+
+func (le leasesByExpiry) Len() int           { return len(le) }
+func (le leasesByExpiry) Less(i, j int) bool { return le[i].Remaining() < le[j].Remaining() }
+func (le leasesByExpiry) Swap(i, j int)      { le[i], le[j] = le[j], le[i] }
+
 func (le *lessor) Demote() {
 	le.mu.Lock()
 	defer le.mu.Unlock()
@@ -433,6 +470,10 @@ func (le *lessor) runLoop() {
 		le.mu.Unlock()
 
 		if len(ls) != 0 {
+			// rate limit
+			if len(ls) > leaseRevokeRate/2 {
+				ls = ls[:leaseRevokeRate/2]
+			}
 			select {
 			case <-le.stopC:
 				return
diff --git a/vendor/github.com/coreos/etcd/mvcc/backend/backend.go b/vendor/github.com/coreos/etcd/mvcc/backend/backend.go
index 2f0ee3d205a3..87edd25f427c 100644
--- a/vendor/github.com/coreos/etcd/mvcc/backend/backend.go
+++ b/vendor/github.com/coreos/etcd/mvcc/backend/backend.go
@@ -35,25 +35,21 @@ var (
 
 	defragLimit = 10000
 
-	// InitialMmapSize is the initial size of the mmapped region. Setting this larger than
+	// initialMmapSize is the initial size of the mmapped region. Setting this larger than
 	// the potential max db size can prevent writer from blocking reader.
 	// This only works for linux.
-	InitialMmapSize = int64(10 * 1024 * 1024 * 1024)
+	initialMmapSize = uint64(10 * 1024 * 1024 * 1024)
 
 	plog = capnslog.NewPackageLogger("github.com/coreos/etcd", "mvcc/backend")
-)
 
-const (
-	// DefaultQuotaBytes is the number of bytes the backend Size may
-	// consume before exceeding the space quota.
-	DefaultQuotaBytes = int64(2 * 1024 * 1024 * 1024) // 2GB
-	// MaxQuotaBytes is the maximum number of bytes suggested for a backend
-	// quota. A larger quota may lead to degraded performance.
-	MaxQuotaBytes = int64(8 * 1024 * 1024 * 1024) // 8GB
+	// minSnapshotWarningTimeout is the minimum threshold to trigger a long running snapshot warning.
+	minSnapshotWarningTimeout = time.Duration(30 * time.Second)
 )
 
 type Backend interface {
+	ReadTx() ReadTx
 	BatchTx() BatchTx
+
 	Snapshot() Snapshot
 	Hash(ignores map[IgnoreKey]struct{}) (uint32, error)
 	// Size returns the current size of the backend.
@@ -86,36 +82,71 @@ type backend struct {
 
 	batchInterval time.Duration
 	batchLimit    int
-	batchTx       *batchTx
+	batchTx       *batchTxBuffered
+
+	readTx *readTx
 
 	stopc chan struct{}
 	donec chan struct{}
 }
 
-func New(path string, d time.Duration, limit int) Backend {
-	return newBackend(path, d, limit)
+type BackendConfig struct {
+	// Path is the file path to the backend file.
+	Path string
+	// BatchInterval is the maximum time before flushing the BatchTx.
+	BatchInterval time.Duration
+	// BatchLimit is the maximum puts before flushing the BatchTx.
+	BatchLimit int
+	// MmapSize is the number of bytes to mmap for the backend.
+	MmapSize uint64
+}
+
+func DefaultBackendConfig() BackendConfig {
+	return BackendConfig{
+		BatchInterval: defaultBatchInterval,
+		BatchLimit:    defaultBatchLimit,
+		MmapSize:      initialMmapSize,
+	}
+}
+
+func New(bcfg BackendConfig) Backend {
+	return newBackend(bcfg)
 }
 
 func NewDefaultBackend(path string) Backend {
-	return newBackend(path, defaultBatchInterval, defaultBatchLimit)
+	bcfg := DefaultBackendConfig()
+	bcfg.Path = path
+	return newBackend(bcfg)
 }
 
-func newBackend(path string, d time.Duration, limit int) *backend {
-	db, err := bolt.Open(path, 0600, boltOpenOptions)
+func newBackend(bcfg BackendConfig) *backend {
+	bopts := &bolt.Options{}
+	if boltOpenOptions != nil {
+		*bopts = *boltOpenOptions
+	}
+	bopts.InitialMmapSize = bcfg.mmapSize()
+
+	db, err := bolt.Open(bcfg.Path, 0600, bopts)
 	if err != nil {
-		plog.Panicf("cannot open database at %s (%v)", path, err)
+		plog.Panicf("cannot open database at %s (%v)", bcfg.Path, err)
 	}
 
+	// In future, may want to make buffering optional for low-concurrency systems
+	// or dynamically swap between buffered/non-buffered depending on workload.
 	b := &backend{
 		db: db,
 
-		batchInterval: d,
-		batchLimit:    limit,
+		batchInterval: bcfg.BatchInterval,
+		batchLimit:    bcfg.BatchLimit,
+
+		readTx: &readTx{buf: txReadBuffer{
+			txBuffer: txBuffer{make(map[string]*bucketBuffer)}},
+		},
 
 		stopc: make(chan struct{}),
 		donec: make(chan struct{}),
 	}
-	b.batchTx = newBatchTx(b)
+	b.batchTx = newBatchTxBuffered(b)
 	go b.run()
 	return b
 }
@@ -127,6 +158,8 @@ func (b *backend) BatchTx() BatchTx {
 	return b.batchTx
 }
 
+func (b *backend) ReadTx() ReadTx { return b.readTx }
+
 // ForceCommit forces the current batching tx to commit.
 func (b *backend) ForceCommit() {
 	b.batchTx.Commit()
@@ -141,7 +174,33 @@ func (b *backend) Snapshot() Snapshot {
 	if err != nil {
 		plog.Fatalf("cannot begin tx (%s)", err)
 	}
-	return &snapshot{tx}
+
+	stopc, donec := make(chan struct{}), make(chan struct{})
+	dbBytes := tx.Size()
+	go func() {
+		defer close(donec)
+		// sendRateBytes is based on transferring snapshot data over a 1 gigabit/s connection
+		// assuming a min tcp throughput of 100MB/s.
+		var sendRateBytes int64 = 100 * 1024 * 1014
+		warningTimeout := time.Duration(int64((float64(dbBytes) / float64(sendRateBytes)) * float64(time.Second)))
+		if warningTimeout < minSnapshotWarningTimeout {
+			warningTimeout = minSnapshotWarningTimeout
+		}
+		start := time.Now()
+		ticker := time.NewTicker(warningTimeout)
+		defer ticker.Stop()
+		for {
+			select {
+			case <-ticker.C:
+				plog.Warningf("snapshotting is taking more than %v seconds to finish transferring %v MB [started at %v]", time.Since(start).Seconds(), float64(dbBytes)/float64(1024*1014), start)
+			case <-stopc:
+				snapshotDurations.Observe(time.Since(start).Seconds())
+				return
+			}
+		}
+	}()
+
+	return &snapshot{tx, stopc, donec}
 }
 
 type IgnoreKey struct {
@@ -235,7 +294,11 @@ func (b *backend) defrag() error {
 	b.mu.Lock()
 	defer b.mu.Unlock()
 
-	b.batchTx.commit(true)
+	// block concurrent read requests while resetting tx
+	b.readTx.mu.Lock()
+	defer b.readTx.mu.Unlock()
+
+	b.batchTx.unsafeCommit(true)
 	b.batchTx.tx = nil
 
 	tmpdb, err := bolt.Open(b.db.Path()+".tmp", 0600, boltOpenOptions)
@@ -276,6 +339,10 @@ func (b *backend) defrag() error {
 		plog.Fatalf("cannot begin tx (%s)", err)
 	}
 
+	b.readTx.buf.reset()
+	b.readTx.tx = b.unsafeBegin(false)
+	atomic.StoreInt64(&b.size, b.readTx.tx.Size())
+
 	return nil
 }
 
@@ -331,6 +398,22 @@ func defragdb(odb, tmpdb *bolt.DB, limit int) error {
 	return tmptx.Commit()
 }
 
+func (b *backend) begin(write bool) *bolt.Tx {
+	b.mu.RLock()
+	tx := b.unsafeBegin(write)
+	b.mu.RUnlock()
+	atomic.StoreInt64(&b.size, tx.Size())
+	return tx
+}
+
+func (b *backend) unsafeBegin(write bool) *bolt.Tx {
+	tx, err := b.db.Begin(write)
+	if err != nil {
+		plog.Fatalf("cannot begin tx (%s)", err)
+	}
+	return tx
+}
+
 // NewTmpBackend creates a backend implementation for testing.
 func NewTmpBackend(batchInterval time.Duration, batchLimit int) (*backend, string) {
 	dir, err := ioutil.TempDir(os.TempDir(), "etcd_backend_test")
@@ -338,7 +421,9 @@ func NewTmpBackend(batchInterval time.Duration, batchLimit int) (*backend, strin
 		plog.Fatal(err)
 	}
 	tmpPath := filepath.Join(dir, "database")
-	return newBackend(tmpPath, batchInterval, batchLimit), tmpPath
+	bcfg := DefaultBackendConfig()
+	bcfg.Path, bcfg.BatchInterval, bcfg.BatchLimit = tmpPath, batchInterval, batchLimit
+	return newBackend(bcfg), tmpPath
 }
 
 func NewDefaultTmpBackend() (*backend, string) {
@@ -347,6 +432,12 @@ func NewDefaultTmpBackend() (*backend, string) {
 
 type snapshot struct {
 	*bolt.Tx
+	stopc chan struct{}
+	donec chan struct{}
 }
 
-func (s *snapshot) Close() error { return s.Tx.Rollback() }
+func (s *snapshot) Close() error {
+	close(s.stopc)
+	<-s.donec
+	return s.Tx.Rollback()
+}
diff --git a/vendor/github.com/coreos/etcd/mvcc/backend/batch_tx.go b/vendor/github.com/coreos/etcd/mvcc/backend/batch_tx.go
index a2f9f4ae75e7..e5fb84740899 100644
--- a/vendor/github.com/coreos/etcd/mvcc/backend/batch_tx.go
+++ b/vendor/github.com/coreos/etcd/mvcc/backend/batch_tx.go
@@ -16,6 +16,8 @@ package backend
 
 import (
 	"bytes"
+	"fmt"
+	"math"
 	"sync"
 	"sync/atomic"
 	"time"
@@ -24,15 +26,14 @@ import (
 )
 
 type BatchTx interface {
-	Lock()
-	Unlock()
+	ReadTx
 	UnsafeCreateBucket(name []byte)
 	UnsafePut(bucketName []byte, key []byte, value []byte)
 	UnsafeSeqPut(bucketName []byte, key []byte, value []byte)
-	UnsafeRange(bucketName []byte, key, endKey []byte, limit int64) (keys [][]byte, vals [][]byte)
 	UnsafeDelete(bucketName []byte, key []byte)
-	UnsafeForEach(bucketName []byte, visitor func(k, v []byte) error) error
+	// Commit commits a previous tx and begins a new writable one.
 	Commit()
+	// CommitAndStop commits the previous tx and does not create a new one.
 	CommitAndStop()
 }
 
@@ -40,13 +41,8 @@ type batchTx struct {
 	sync.Mutex
 	tx      *bolt.Tx
 	backend *backend
-	pending int
-}
 
-func newBatchTx(backend *backend) *batchTx {
-	tx := &batchTx{backend: backend}
-	tx.Commit()
-	return tx
+	pending int
 }
 
 func (t *batchTx) UnsafeCreateBucket(name []byte) {
@@ -84,30 +80,37 @@ func (t *batchTx) unsafePut(bucketName []byte, key []byte, value []byte, seq boo
 }
 
 // UnsafeRange must be called holding the lock on the tx.
-func (t *batchTx) UnsafeRange(bucketName []byte, key, endKey []byte, limit int64) (keys [][]byte, vs [][]byte) {
-	bucket := t.tx.Bucket(bucketName)
-	if bucket == nil {
-		plog.Fatalf("bucket %s does not exist", bucketName)
+func (t *batchTx) UnsafeRange(bucketName, key, endKey []byte, limit int64) ([][]byte, [][]byte) {
+	k, v, err := unsafeRange(t.tx, bucketName, key, endKey, limit)
+	if err != nil {
+		plog.Fatal(err)
 	}
+	return k, v
+}
 
+func unsafeRange(tx *bolt.Tx, bucketName, key, endKey []byte, limit int64) (keys [][]byte, vs [][]byte, err error) {
+	bucket := tx.Bucket(bucketName)
+	if bucket == nil {
+		return nil, nil, fmt.Errorf("bucket %s does not exist", bucketName)
+	}
 	if len(endKey) == 0 {
-		if v := bucket.Get(key); v == nil {
-			return keys, vs
-		} else {
-			return append(keys, key), append(vs, v)
+		if v := bucket.Get(key); v != nil {
+			return append(keys, key), append(vs, v), nil
 		}
+		return nil, nil, nil
+	}
+	if limit <= 0 {
+		limit = math.MaxInt64
 	}
-
 	c := bucket.Cursor()
 	for ck, cv := c.Seek(key); ck != nil && bytes.Compare(ck, endKey) < 0; ck, cv = c.Next() {
 		vs = append(vs, cv)
 		keys = append(keys, ck)
-		if limit > 0 && limit == int64(len(keys)) {
+		if limit == int64(len(keys)) {
 			break
 		}
 	}
-
-	return keys, vs
+	return keys, vs, nil
 }
 
 // UnsafeDelete must be called holding the lock on the tx.
@@ -125,12 +128,14 @@ func (t *batchTx) UnsafeDelete(bucketName []byte, key []byte) {
 
 // UnsafeForEach must be called holding the lock on the tx.
 func (t *batchTx) UnsafeForEach(bucketName []byte, visitor func(k, v []byte) error) error {
-	b := t.tx.Bucket(bucketName)
-	if b == nil {
-		// bucket does not exist
-		return nil
+	return unsafeForEach(t.tx, bucketName, visitor)
+}
+
+func unsafeForEach(tx *bolt.Tx, bucket []byte, visitor func(k, v []byte) error) error {
+	if b := tx.Bucket(bucket); b != nil {
+		return b.ForEach(visitor)
 	}
-	return b.ForEach(visitor)
+	return nil
 }
 
 // Commit commits a previous tx and begins a new writable one.
@@ -140,7 +145,7 @@ func (t *batchTx) Commit() {
 	t.commit(false)
 }
 
-// CommitAndStop commits the previous tx and do not create a new one.
+// CommitAndStop commits the previous tx and does not create a new one.
 func (t *batchTx) CommitAndStop() {
 	t.Lock()
 	defer t.Unlock()
@@ -150,37 +155,28 @@ func (t *batchTx) CommitAndStop() {
 func (t *batchTx) Unlock() {
 	if t.pending >= t.backend.batchLimit {
 		t.commit(false)
-		t.pending = 0
 	}
 	t.Mutex.Unlock()
 }
 
 func (t *batchTx) commit(stop bool) {
-	var err error
 	// commit the last tx
 	if t.tx != nil {
 		if t.pending == 0 && !stop {
 			t.backend.mu.RLock()
 			defer t.backend.mu.RUnlock()
 
-			// batchTx.commit(true) calls *bolt.Tx.Commit, which
-			// initializes *bolt.Tx.db and *bolt.Tx.meta as nil,
-			// and subsequent *bolt.Tx.Size() call panics.
-			//
-			// This nil pointer reference panic happens when:
-			//   1. batchTx.commit(false) from newBatchTx
-			//   2. batchTx.commit(true) from stopping backend
-			//   3. batchTx.commit(false) from inflight mvcc Hash call
-			//
-			// Check if db is nil to prevent this panic
-			if t.tx.DB() != nil {
-				atomic.StoreInt64(&t.backend.size, t.tx.Size())
-			}
+			// t.tx.DB()==nil if 'CommitAndStop' calls 'batchTx.commit(true)',
+			// which initializes *bolt.Tx.db and *bolt.Tx.meta as nil; panics t.tx.Size().
+			// Server must make sure 'batchTx.commit(false)' does not follow
+			// 'batchTx.commit(true)' (e.g. stopping backend, and inflight Hash call).
+			atomic.StoreInt64(&t.backend.size, t.tx.Size())
 			return
 		}
+
 		start := time.Now()
 		// gofail: var beforeCommit struct{}
-		err = t.tx.Commit()
+		err := t.tx.Commit()
 		// gofail: var afterCommit struct{}
 		commitDurations.Observe(time.Since(start).Seconds())
 		atomic.AddInt64(&t.backend.commits, 1)
@@ -190,17 +186,81 @@ func (t *batchTx) commit(stop bool) {
 			plog.Fatalf("cannot commit tx (%s)", err)
 		}
 	}
+	if !stop {
+		t.tx = t.backend.begin(true)
+	}
+}
+
+type batchTxBuffered struct {
+	batchTx
+	buf txWriteBuffer
+}
 
-	if stop {
-		return
+func newBatchTxBuffered(backend *backend) *batchTxBuffered {
+	tx := &batchTxBuffered{
+		batchTx: batchTx{backend: backend},
+		buf: txWriteBuffer{
+			txBuffer: txBuffer{make(map[string]*bucketBuffer)},
+			seq:      true,
+		},
 	}
+	tx.Commit()
+	return tx
+}
 
-	t.backend.mu.RLock()
-	defer t.backend.mu.RUnlock()
-	// begin a new tx
-	t.tx, err = t.backend.db.Begin(true)
-	if err != nil {
-		plog.Fatalf("cannot begin tx (%s)", err)
+func (t *batchTxBuffered) Unlock() {
+	if t.pending != 0 {
+		t.backend.readTx.mu.Lock()
+		t.buf.writeback(&t.backend.readTx.buf)
+		t.backend.readTx.mu.Unlock()
+		if t.pending >= t.backend.batchLimit {
+			t.commit(false)
+		}
 	}
-	atomic.StoreInt64(&t.backend.size, t.tx.Size())
+	t.batchTx.Unlock()
+}
+
+func (t *batchTxBuffered) Commit() {
+	t.Lock()
+	defer t.Unlock()
+	t.commit(false)
+}
+
+func (t *batchTxBuffered) CommitAndStop() {
+	t.Lock()
+	defer t.Unlock()
+	t.commit(true)
+}
+
+func (t *batchTxBuffered) commit(stop bool) {
+	// all read txs must be closed to acquire boltdb commit rwlock
+	t.backend.readTx.mu.Lock()
+	defer t.backend.readTx.mu.Unlock()
+	t.unsafeCommit(stop)
+}
+
+func (t *batchTxBuffered) unsafeCommit(stop bool) {
+	if t.backend.readTx.tx != nil {
+		if err := t.backend.readTx.tx.Rollback(); err != nil {
+			plog.Fatalf("cannot rollback tx (%s)", err)
+		}
+		t.backend.readTx.buf.reset()
+		t.backend.readTx.tx = nil
+	}
+
+	t.batchTx.commit(stop)
+
+	if !stop {
+		t.backend.readTx.tx = t.backend.begin(false)
+	}
+}
+
+func (t *batchTxBuffered) UnsafePut(bucketName []byte, key []byte, value []byte) {
+	t.batchTx.UnsafePut(bucketName, key, value)
+	t.buf.put(bucketName, key, value)
+}
+
+func (t *batchTxBuffered) UnsafeSeqPut(bucketName []byte, key []byte, value []byte) {
+	t.batchTx.UnsafeSeqPut(bucketName, key, value)
+	t.buf.putSeq(bucketName, key, value)
 }
diff --git a/vendor/github.com/coreos/etcd/mvcc/backend/boltoption_default.go b/vendor/github.com/coreos/etcd/mvcc/backend/config_default.go
similarity index 87%
rename from vendor/github.com/coreos/etcd/mvcc/backend/boltoption_default.go
rename to vendor/github.com/coreos/etcd/mvcc/backend/config_default.go
index ceb367f6d813..edfed0025c6c 100644
--- a/vendor/github.com/coreos/etcd/mvcc/backend/boltoption_default.go
+++ b/vendor/github.com/coreos/etcd/mvcc/backend/config_default.go
@@ -12,10 +12,12 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-// +build !linux
+// +build !linux,!windows
 
 package backend
 
 import bolt "github.com/coreos/bbolt"
 
 var boltOpenOptions *bolt.Options = nil
+
+func (bcfg *BackendConfig) mmapSize() int { return int(bcfg.MmapSize) }
diff --git a/vendor/github.com/coreos/etcd/mvcc/backend/boltoption_linux.go b/vendor/github.com/coreos/etcd/mvcc/backend/config_linux.go
similarity index 91%
rename from vendor/github.com/coreos/etcd/mvcc/backend/boltoption_linux.go
rename to vendor/github.com/coreos/etcd/mvcc/backend/config_linux.go
index 1abc8a628937..a8f6abeba63e 100644
--- a/vendor/github.com/coreos/etcd/mvcc/backend/boltoption_linux.go
+++ b/vendor/github.com/coreos/etcd/mvcc/backend/config_linux.go
@@ -27,6 +27,7 @@ import (
 // (https://github.com/torvalds/linux/releases/tag/v2.6.23), mmap might
 // silently ignore this flag. Please update your kernel to prevent this.
 var boltOpenOptions = &bolt.Options{
-	MmapFlags:       syscall.MAP_POPULATE,
-	InitialMmapSize: int(InitialMmapSize),
+	MmapFlags: syscall.MAP_POPULATE,
 }
+
+func (bcfg *BackendConfig) mmapSize() int { return int(bcfg.MmapSize) }
diff --git a/vendor/github.com/coreos/etcd/mvcc/backend/config_windows.go b/vendor/github.com/coreos/etcd/mvcc/backend/config_windows.go
new file mode 100644
index 000000000000..71d02700bcdc
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/mvcc/backend/config_windows.go
@@ -0,0 +1,26 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// +build windows
+
+package backend
+
+import bolt "github.com/coreos/bbolt"
+
+var boltOpenOptions *bolt.Options = nil
+
+// setting mmap size != 0 on windows will allocate the entire
+// mmap size for the file, instead of growing it. So, force 0.
+
+func (bcfg *BackendConfig) mmapSize() int { return 0 }
diff --git a/vendor/github.com/coreos/etcd/mvcc/backend/metrics.go b/vendor/github.com/coreos/etcd/mvcc/backend/metrics.go
index 34a56a91956f..30a388014766 100644
--- a/vendor/github.com/coreos/etcd/mvcc/backend/metrics.go
+++ b/vendor/github.com/coreos/etcd/mvcc/backend/metrics.go
@@ -24,8 +24,18 @@ var (
 		Help:      "The latency distributions of commit called by backend.",
 		Buckets:   prometheus.ExponentialBuckets(0.001, 2, 14),
 	})
+
+	snapshotDurations = prometheus.NewHistogram(prometheus.HistogramOpts{
+		Namespace: "etcd",
+		Subsystem: "disk",
+		Name:      "backend_snapshot_duration_seconds",
+		Help:      "The latency distribution of backend snapshots.",
+		// 10 ms -> 655 seconds
+		Buckets: prometheus.ExponentialBuckets(.01, 2, 17),
+	})
 )
 
 func init() {
 	prometheus.MustRegister(commitDurations)
+	prometheus.MustRegister(snapshotDurations)
 }
diff --git a/vendor/github.com/coreos/etcd/mvcc/backend/read_tx.go b/vendor/github.com/coreos/etcd/mvcc/backend/read_tx.go
new file mode 100644
index 000000000000..9fc6b7906206
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/mvcc/backend/read_tx.go
@@ -0,0 +1,92 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package backend
+
+import (
+	"bytes"
+	"math"
+	"sync"
+
+	bolt "github.com/coreos/bbolt"
+)
+
+// safeRangeBucket is a hack to avoid inadvertently reading duplicate keys;
+// overwrites on a bucket should only fetch with limit=1, but safeRangeBucket
+// is known to never overwrite any key so range is safe.
+var safeRangeBucket = []byte("key")
+
+type ReadTx interface {
+	Lock()
+	Unlock()
+
+	UnsafeRange(bucketName []byte, key, endKey []byte, limit int64) (keys [][]byte, vals [][]byte)
+	UnsafeForEach(bucketName []byte, visitor func(k, v []byte) error) error
+}
+
+type readTx struct {
+	// mu protects accesses to the txReadBuffer
+	mu  sync.RWMutex
+	buf txReadBuffer
+
+	// txmu protects accesses to the Tx on Range requests
+	txmu sync.Mutex
+	tx   *bolt.Tx
+}
+
+func (rt *readTx) Lock()   { rt.mu.RLock() }
+func (rt *readTx) Unlock() { rt.mu.RUnlock() }
+
+func (rt *readTx) UnsafeRange(bucketName, key, endKey []byte, limit int64) ([][]byte, [][]byte) {
+	if endKey == nil {
+		// forbid duplicates for single keys
+		limit = 1
+	}
+	if limit <= 0 {
+		limit = math.MaxInt64
+	}
+	if limit > 1 && !bytes.Equal(bucketName, safeRangeBucket) {
+		panic("do not use unsafeRange on non-keys bucket")
+	}
+	keys, vals := rt.buf.Range(bucketName, key, endKey, limit)
+	if int64(len(keys)) == limit {
+		return keys, vals
+	}
+	rt.txmu.Lock()
+	// ignore error since bucket may have been created in this batch
+	k2, v2, _ := unsafeRange(rt.tx, bucketName, key, endKey, limit-int64(len(keys)))
+	rt.txmu.Unlock()
+	return append(k2, keys...), append(v2, vals...)
+}
+
+func (rt *readTx) UnsafeForEach(bucketName []byte, visitor func(k, v []byte) error) error {
+	dups := make(map[string]struct{})
+	f1 := func(k, v []byte) error {
+		dups[string(k)] = struct{}{}
+		return visitor(k, v)
+	}
+	f2 := func(k, v []byte) error {
+		if _, ok := dups[string(k)]; ok {
+			return nil
+		}
+		return visitor(k, v)
+	}
+	if err := rt.buf.ForEach(bucketName, f1); err != nil {
+		return err
+	}
+	rt.txmu.Lock()
+	err := unsafeForEach(rt.tx, bucketName, f2)
+	rt.txmu.Unlock()
+	return err
+}
diff --git a/vendor/github.com/coreos/etcd/mvcc/backend/tx_buffer.go b/vendor/github.com/coreos/etcd/mvcc/backend/tx_buffer.go
new file mode 100644
index 000000000000..56e885dbfbc3
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/mvcc/backend/tx_buffer.go
@@ -0,0 +1,181 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package backend
+
+import (
+	"bytes"
+	"sort"
+)
+
+// txBuffer handles functionality shared between txWriteBuffer and txReadBuffer.
+type txBuffer struct {
+	buckets map[string]*bucketBuffer
+}
+
+func (txb *txBuffer) reset() {
+	for k, v := range txb.buckets {
+		if v.used == 0 {
+			// demote
+			delete(txb.buckets, k)
+		}
+		v.used = 0
+	}
+}
+
+// txWriteBuffer buffers writes of pending updates that have not yet committed.
+type txWriteBuffer struct {
+	txBuffer
+	seq bool
+}
+
+func (txw *txWriteBuffer) put(bucket, k, v []byte) {
+	txw.seq = false
+	txw.putSeq(bucket, k, v)
+}
+
+func (txw *txWriteBuffer) putSeq(bucket, k, v []byte) {
+	b, ok := txw.buckets[string(bucket)]
+	if !ok {
+		b = newBucketBuffer()
+		txw.buckets[string(bucket)] = b
+	}
+	b.add(k, v)
+}
+
+func (txw *txWriteBuffer) writeback(txr *txReadBuffer) {
+	for k, wb := range txw.buckets {
+		rb, ok := txr.buckets[k]
+		if !ok {
+			delete(txw.buckets, k)
+			txr.buckets[k] = wb
+			continue
+		}
+		if !txw.seq && wb.used > 1 {
+			// assume no duplicate keys
+			sort.Sort(wb)
+		}
+		rb.merge(wb)
+	}
+	txw.reset()
+}
+
+// txReadBuffer accesses buffered updates.
+type txReadBuffer struct{ txBuffer }
+
+func (txr *txReadBuffer) Range(bucketName, key, endKey []byte, limit int64) ([][]byte, [][]byte) {
+	if b := txr.buckets[string(bucketName)]; b != nil {
+		return b.Range(key, endKey, limit)
+	}
+	return nil, nil
+}
+
+func (txr *txReadBuffer) ForEach(bucketName []byte, visitor func(k, v []byte) error) error {
+	if b := txr.buckets[string(bucketName)]; b != nil {
+		return b.ForEach(visitor)
+	}
+	return nil
+}
+
+type kv struct {
+	key []byte
+	val []byte
+}
+
+// bucketBuffer buffers key-value pairs that are pending commit.
+type bucketBuffer struct {
+	buf []kv
+	// used tracks number of elements in use so buf can be reused without reallocation.
+	used int
+}
+
+func newBucketBuffer() *bucketBuffer {
+	return &bucketBuffer{buf: make([]kv, 512), used: 0}
+}
+
+func (bb *bucketBuffer) Range(key, endKey []byte, limit int64) (keys [][]byte, vals [][]byte) {
+	f := func(i int) bool { return bytes.Compare(bb.buf[i].key, key) >= 0 }
+	idx := sort.Search(bb.used, f)
+	if idx < 0 {
+		return nil, nil
+	}
+	if len(endKey) == 0 {
+		if bytes.Equal(key, bb.buf[idx].key) {
+			keys = append(keys, bb.buf[idx].key)
+			vals = append(vals, bb.buf[idx].val)
+		}
+		return keys, vals
+	}
+	if bytes.Compare(endKey, bb.buf[idx].key) <= 0 {
+		return nil, nil
+	}
+	for i := idx; i < bb.used && int64(len(keys)) < limit; i++ {
+		if bytes.Compare(endKey, bb.buf[i].key) <= 0 {
+			break
+		}
+		keys = append(keys, bb.buf[i].key)
+		vals = append(vals, bb.buf[i].val)
+	}
+	return keys, vals
+}
+
+func (bb *bucketBuffer) ForEach(visitor func(k, v []byte) error) error {
+	for i := 0; i < bb.used; i++ {
+		if err := visitor(bb.buf[i].key, bb.buf[i].val); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (bb *bucketBuffer) add(k, v []byte) {
+	bb.buf[bb.used].key, bb.buf[bb.used].val = k, v
+	bb.used++
+	if bb.used == len(bb.buf) {
+		buf := make([]kv, (3*len(bb.buf))/2)
+		copy(buf, bb.buf)
+		bb.buf = buf
+	}
+}
+
+// merge merges data from bb into bbsrc.
+func (bb *bucketBuffer) merge(bbsrc *bucketBuffer) {
+	for i := 0; i < bbsrc.used; i++ {
+		bb.add(bbsrc.buf[i].key, bbsrc.buf[i].val)
+	}
+	if bb.used == bbsrc.used {
+		return
+	}
+	if bytes.Compare(bb.buf[(bb.used-bbsrc.used)-1].key, bbsrc.buf[0].key) < 0 {
+		return
+	}
+
+	sort.Stable(bb)
+
+	// remove duplicates, using only newest update
+	widx := 0
+	for ridx := 1; ridx < bb.used; ridx++ {
+		if !bytes.Equal(bb.buf[ridx].key, bb.buf[widx].key) {
+			widx++
+		}
+		bb.buf[widx] = bb.buf[ridx]
+	}
+	bb.used = widx + 1
+}
+
+func (bb *bucketBuffer) Len() int { return bb.used }
+func (bb *bucketBuffer) Less(i, j int) bool {
+	return bytes.Compare(bb.buf[i].key, bb.buf[j].key) < 0
+}
+func (bb *bucketBuffer) Swap(i, j int) { bb.buf[i], bb.buf[j] = bb.buf[j], bb.buf[i] }
diff --git a/vendor/github.com/coreos/etcd/mvcc/index.go b/vendor/github.com/coreos/etcd/mvcc/index.go
index 397098a7ba75..991289cdd5c4 100644
--- a/vendor/github.com/coreos/etcd/mvcc/index.go
+++ b/vendor/github.com/coreos/etcd/mvcc/index.go
@@ -29,7 +29,9 @@ type index interface {
 	RangeSince(key, end []byte, rev int64) []revision
 	Compact(rev int64) map[revision]struct{}
 	Equal(b index) bool
+
 	Insert(ki *keyIndex)
+	KeyIndex(ki *keyIndex) *keyIndex
 }
 
 type treeIndex struct {
@@ -60,18 +62,27 @@ func (ti *treeIndex) Put(key []byte, rev revision) {
 
 func (ti *treeIndex) Get(key []byte, atRev int64) (modified, created revision, ver int64, err error) {
 	keyi := &keyIndex{key: key}
-
 	ti.RLock()
 	defer ti.RUnlock()
-	item := ti.tree.Get(keyi)
-	if item == nil {
+	if keyi = ti.keyIndex(keyi); keyi == nil {
 		return revision{}, revision{}, 0, ErrRevisionNotFound
 	}
-
-	keyi = item.(*keyIndex)
 	return keyi.get(atRev)
 }
 
+func (ti *treeIndex) KeyIndex(keyi *keyIndex) *keyIndex {
+	ti.RLock()
+	defer ti.RUnlock()
+	return ti.keyIndex(keyi)
+}
+
+func (ti *treeIndex) keyIndex(keyi *keyIndex) *keyIndex {
+	if item := ti.tree.Get(keyi); item != nil {
+		return item.(*keyIndex)
+	}
+	return nil
+}
+
 func (ti *treeIndex) Range(key, end []byte, atRev int64) (keys [][]byte, revs []revision) {
 	if end == nil {
 		rev, _, _, err := ti.Get(key, atRev)
diff --git a/vendor/github.com/coreos/etcd/mvcc/key_index.go b/vendor/github.com/coreos/etcd/mvcc/key_index.go
index 983c64e2f6bf..9104f9b2d36a 100644
--- a/vendor/github.com/coreos/etcd/mvcc/key_index.go
+++ b/vendor/github.com/coreos/etcd/mvcc/key_index.go
@@ -222,7 +222,6 @@ func (ki *keyIndex) compact(atRev int64, available map[revision]struct{}) {
 	}
 	// remove the previous generations.
 	ki.generations = ki.generations[i:]
-	return
 }
 
 func (ki *keyIndex) isEmpty() bool {
diff --git a/vendor/github.com/coreos/etcd/mvcc/kv.go b/vendor/github.com/coreos/etcd/mvcc/kv.go
index c851c8725e88..6636347aa431 100644
--- a/vendor/github.com/coreos/etcd/mvcc/kv.go
+++ b/vendor/github.com/coreos/etcd/mvcc/kv.go
@@ -32,15 +32,15 @@ type RangeResult struct {
 	Count int
 }
 
-type KV interface {
-	// Rev returns the current revision of the KV.
-	Rev() int64
-
-	// FirstRev returns the first revision of the KV.
+type ReadView interface {
+	// FirstRev returns the first KV revision at the time of opening the txn.
 	// After a compaction, the first revision increases to the compaction
 	// revision.
 	FirstRev() int64
 
+	// Rev returns the revision of the KV at the time of opening the txn.
+	Rev() int64
+
 	// Range gets the keys in the range at rangeRev.
 	// The returned rev is the current revision of the KV when the operation is executed.
 	// If rangeRev <=0, range gets the keys at currentRev.
@@ -50,14 +50,17 @@ type KV interface {
 	// Limit limits the number of keys returned.
 	// If the required rev is compacted, ErrCompacted will be returned.
 	Range(key, end []byte, ro RangeOptions) (r *RangeResult, err error)
+}
 
-	// Put puts the given key, value into the store. Put also takes additional argument lease to
-	// attach a lease to a key-value pair as meta-data. KV implementation does not validate the lease
-	// id.
-	// A put also increases the rev of the store, and generates one event in the event history.
-	// The returned rev is the current revision of the KV when the operation is executed.
-	Put(key, value []byte, lease lease.LeaseID) (rev int64)
+// TxnRead represents a read-only transaction with operations that will not
+// block other read transactions.
+type TxnRead interface {
+	ReadView
+	// End marks the transaction is complete and ready to commit.
+	End()
+}
 
+type WriteView interface {
 	// DeleteRange deletes the given range from the store.
 	// A deleteRange increases the rev of the store if any key in the range exists.
 	// The number of key deleted will be returned.
@@ -67,26 +70,51 @@ type KV interface {
 	// if the `end` is not nil, deleteRange deletes the keys in range [key, range_end).
 	DeleteRange(key, end []byte) (n, rev int64)
 
-	// TxnBegin begins a txn. Only Txn prefixed operation can be executed, others will be blocked
-	// until txn ends. Only one on-going txn is allowed.
-	// TxnBegin returns an int64 txn ID.
-	// All txn prefixed operations with same txn ID will be done with the same rev.
-	TxnBegin() int64
-	// TxnEnd ends the on-going txn with txn ID. If the on-going txn ID is not matched, error is returned.
-	TxnEnd(txnID int64) error
-	// TxnRange returns the current revision of the KV when the operation is executed.
-	TxnRange(txnID int64, key, end []byte, ro RangeOptions) (r *RangeResult, err error)
-	TxnPut(txnID int64, key, value []byte, lease lease.LeaseID) (rev int64, err error)
-	TxnDeleteRange(txnID int64, key, end []byte) (n, rev int64, err error)
+	// Put puts the given key, value into the store. Put also takes additional argument lease to
+	// attach a lease to a key-value pair as meta-data. KV implementation does not validate the lease
+	// id.
+	// A put also increases the rev of the store, and generates one event in the event history.
+	// The returned rev is the current revision of the KV when the operation is executed.
+	Put(key, value []byte, lease lease.LeaseID) (rev int64)
+}
+
+// TxnWrite represents a transaction that can modify the store.
+type TxnWrite interface {
+	TxnRead
+	WriteView
+	// Changes gets the changes made since opening the write txn.
+	Changes() []mvccpb.KeyValue
+}
 
-	// Compact frees all superseded keys with revisions less than rev.
-	Compact(rev int64) (<-chan struct{}, error)
+// txnReadWrite coerces a read txn to a write, panicking on any write operation.
+type txnReadWrite struct{ TxnRead }
+
+func (trw *txnReadWrite) DeleteRange(key, end []byte) (n, rev int64) { panic("unexpected DeleteRange") }
+func (trw *txnReadWrite) Put(key, value []byte, lease lease.LeaseID) (rev int64) {
+	panic("unexpected Put")
+}
+func (trw *txnReadWrite) Changes() []mvccpb.KeyValue { return nil }
+
+func NewReadOnlyTxnWrite(txn TxnRead) TxnWrite { return &txnReadWrite{txn} }
+
+type KV interface {
+	ReadView
+	WriteView
+
+	// Read creates a read transaction.
+	Read() TxnRead
+
+	// Write creates a write transaction.
+	Write() TxnWrite
 
 	// Hash retrieves the hash of KV state and revision.
-	// This method is designed for consistency checking purpose.
+	// This method is designed for consistency checking purposes.
 	Hash() (hash uint32, revision int64, err error)
 
-	// Commit commits txns into the underlying backend.
+	// Compact frees all superseded keys with revisions less than rev.
+	Compact(rev int64) (<-chan struct{}, error)
+
+	// Commit commits outstanding txns into the underlying backend.
 	Commit()
 
 	// Restore restores the KV store from a backend.
diff --git a/vendor/github.com/coreos/etcd/mvcc/kv_view.go b/vendor/github.com/coreos/etcd/mvcc/kv_view.go
new file mode 100644
index 000000000000..f40ba8edc22b
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/mvcc/kv_view.go
@@ -0,0 +1,53 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package mvcc
+
+import (
+	"github.com/coreos/etcd/lease"
+)
+
+type readView struct{ kv KV }
+
+func (rv *readView) FirstRev() int64 {
+	tr := rv.kv.Read()
+	defer tr.End()
+	return tr.FirstRev()
+}
+
+func (rv *readView) Rev() int64 {
+	tr := rv.kv.Read()
+	defer tr.End()
+	return tr.Rev()
+}
+
+func (rv *readView) Range(key, end []byte, ro RangeOptions) (r *RangeResult, err error) {
+	tr := rv.kv.Read()
+	defer tr.End()
+	return tr.Range(key, end, ro)
+}
+
+type writeView struct{ kv KV }
+
+func (wv *writeView) DeleteRange(key, end []byte) (n, rev int64) {
+	tw := wv.kv.Write()
+	defer tw.End()
+	return tw.DeleteRange(key, end)
+}
+
+func (wv *writeView) Put(key, value []byte, lease lease.LeaseID) (rev int64) {
+	tw := wv.kv.Write()
+	defer tw.End()
+	return tw.Put(key, value, lease)
+}
diff --git a/vendor/github.com/coreos/etcd/mvcc/kvstore.go b/vendor/github.com/coreos/etcd/mvcc/kvstore.go
index 28a18a06597a..28a508ccb959 100644
--- a/vendor/github.com/coreos/etcd/mvcc/kvstore.go
+++ b/vendor/github.com/coreos/etcd/mvcc/kvstore.go
@@ -18,7 +18,6 @@ import (
 	"encoding/binary"
 	"errors"
 	"math"
-	"math/rand"
 	"sync"
 	"time"
 
@@ -34,25 +33,29 @@ var (
 	keyBucketName  = []byte("key")
 	metaBucketName = []byte("meta")
 
-	// markedRevBytesLen is the byte length of marked revision.
-	// The first `revBytesLen` bytes represents a normal revision. The last
-	// one byte is the mark.
-	markedRevBytesLen      = revBytesLen + 1
-	markBytePosition       = markedRevBytesLen - 1
-	markTombstone     byte = 't'
-
 	consistentIndexKeyName  = []byte("consistent_index")
 	scheduledCompactKeyName = []byte("scheduledCompactRev")
 	finishedCompactKeyName  = []byte("finishedCompactRev")
 
-	ErrTxnIDMismatch = errors.New("mvcc: txn id mismatch")
-	ErrCompacted     = errors.New("mvcc: required revision has been compacted")
-	ErrFutureRev     = errors.New("mvcc: required revision is a future revision")
-	ErrCanceled      = errors.New("mvcc: watcher is canceled")
+	ErrCompacted = errors.New("mvcc: required revision has been compacted")
+	ErrFutureRev = errors.New("mvcc: required revision is a future revision")
+	ErrCanceled  = errors.New("mvcc: watcher is canceled")
+	ErrClosed    = errors.New("mvcc: closed")
 
 	plog = capnslog.NewPackageLogger("github.com/coreos/etcd", "mvcc")
 )
 
+const (
+	// markedRevBytesLen is the byte length of marked revision.
+	// The first `revBytesLen` bytes represents a normal revision. The last
+	// one byte is the mark.
+	markedRevBytesLen      = revBytesLen + 1
+	markBytePosition       = markedRevBytesLen - 1
+	markTombstone     byte = 't'
+)
+
+var restoreChunkKeys = 10000 // non-const for testing
+
 // ConsistentIndexGetter is an interface that wraps the Get method.
 // Consistent index is the offset of an entry in a consistent replicated log.
 type ConsistentIndexGetter interface {
@@ -61,7 +64,11 @@ type ConsistentIndexGetter interface {
 }
 
 type store struct {
-	mu sync.Mutex // guards the following
+	ReadView
+	WriteView
+
+	// mu read locks for txns and write locks for non-txn store changes.
+	mu sync.RWMutex
 
 	ig ConsistentIndexGetter
 
@@ -70,19 +77,19 @@ type store struct {
 
 	le lease.Lessor
 
-	currentRev revision
-	// the main revision of the last compaction
+	// revMuLock protects currentRev and compactMainRev.
+	// Locked at end of write txn and released after write txn unlock lock.
+	// Locked before locking read txn and released after locking.
+	revMu sync.RWMutex
+	// currentRev is the revision of the last completed transaction.
+	currentRev int64
+	// compactMainRev is the main revision of the last compaction.
 	compactMainRev int64
 
-	tx        backend.BatchTx
-	txnID     int64 // tracks the current txnID to verify txn operations
-	txnModify bool
-
 	// bytesBuf8 is a byte slice of length 8
 	// to avoid a repetitive allocation in saveIndex.
 	bytesBuf8 []byte
 
-	changes   []mvccpb.KeyValue
 	fifoSched schedule.Scheduler
 
 	stopc chan struct{}
@@ -98,17 +105,18 @@ func NewStore(b backend.Backend, le lease.Lessor, ig ConsistentIndexGetter) *sto
 
 		le: le,
 
-		currentRev:     revision{main: 1},
+		currentRev:     1,
 		compactMainRev: -1,
 
-		bytesBuf8: make([]byte, 8, 8),
+		bytesBuf8: make([]byte, 8),
 		fifoSched: schedule.NewFIFOScheduler(),
 
 		stopc: make(chan struct{}),
 	}
-
+	s.ReadView = &readView{s}
+	s.WriteView = &writeView{s}
 	if s.le != nil {
-		s.le.SetRangeDeleter(s)
+		s.le.SetRangeDeleter(func() lease.TxnDelete { return s.Write() })
 	}
 
 	tx := s.b.BatchTx()
@@ -126,140 +134,6 @@ func NewStore(b backend.Backend, le lease.Lessor, ig ConsistentIndexGetter) *sto
 	return s
 }
 
-func (s *store) Rev() int64 {
-	s.mu.Lock()
-	defer s.mu.Unlock()
-
-	return s.currentRev.main
-}
-
-func (s *store) FirstRev() int64 {
-	s.mu.Lock()
-	defer s.mu.Unlock()
-
-	return s.compactMainRev
-}
-
-func (s *store) Put(key, value []byte, lease lease.LeaseID) int64 {
-	id := s.TxnBegin()
-	s.put(key, value, lease)
-	s.txnEnd(id)
-
-	putCounter.Inc()
-
-	return int64(s.currentRev.main)
-}
-
-func (s *store) Range(key, end []byte, ro RangeOptions) (r *RangeResult, err error) {
-	id := s.TxnBegin()
-	kvs, count, rev, err := s.rangeKeys(key, end, ro.Limit, ro.Rev, ro.Count)
-	s.txnEnd(id)
-
-	rangeCounter.Inc()
-
-	r = &RangeResult{
-		KVs:   kvs,
-		Count: count,
-		Rev:   rev,
-	}
-
-	return r, err
-}
-
-func (s *store) DeleteRange(key, end []byte) (n, rev int64) {
-	id := s.TxnBegin()
-	n = s.deleteRange(key, end)
-	s.txnEnd(id)
-
-	deleteCounter.Inc()
-
-	return n, int64(s.currentRev.main)
-}
-
-func (s *store) TxnBegin() int64 {
-	s.mu.Lock()
-	s.currentRev.sub = 0
-	s.tx = s.b.BatchTx()
-	s.tx.Lock()
-
-	s.txnID = rand.Int63()
-	return s.txnID
-}
-
-func (s *store) TxnEnd(txnID int64) error {
-	err := s.txnEnd(txnID)
-	if err != nil {
-		return err
-	}
-
-	txnCounter.Inc()
-	return nil
-}
-
-// txnEnd is used for unlocking an internal txn. It does
-// not increase the txnCounter.
-func (s *store) txnEnd(txnID int64) error {
-	if txnID != s.txnID {
-		return ErrTxnIDMismatch
-	}
-
-	// only update index if the txn modifies the mvcc state.
-	// read only txn might execute with one write txn concurrently,
-	// it should not write its index to mvcc.
-	if s.txnModify {
-		s.saveIndex()
-	}
-	s.txnModify = false
-
-	s.tx.Unlock()
-	if s.currentRev.sub != 0 {
-		s.currentRev.main += 1
-	}
-	s.currentRev.sub = 0
-
-	dbTotalSize.Set(float64(s.b.Size()))
-	s.mu.Unlock()
-	return nil
-}
-
-func (s *store) TxnRange(txnID int64, key, end []byte, ro RangeOptions) (r *RangeResult, err error) {
-	if txnID != s.txnID {
-		return nil, ErrTxnIDMismatch
-	}
-
-	kvs, count, rev, err := s.rangeKeys(key, end, ro.Limit, ro.Rev, ro.Count)
-
-	r = &RangeResult{
-		KVs:   kvs,
-		Count: count,
-		Rev:   rev,
-	}
-	return r, err
-}
-
-func (s *store) TxnPut(txnID int64, key, value []byte, lease lease.LeaseID) (rev int64, err error) {
-	if txnID != s.txnID {
-		return 0, ErrTxnIDMismatch
-	}
-
-	s.put(key, value, lease)
-	return int64(s.currentRev.main + 1), nil
-}
-
-func (s *store) TxnDeleteRange(txnID int64, key, end []byte) (n, rev int64, err error) {
-	if txnID != s.txnID {
-		return 0, 0, ErrTxnIDMismatch
-	}
-
-	n = s.deleteRange(key, end)
-	if n != 0 || s.currentRev.sub != 0 {
-		rev = int64(s.currentRev.main + 1)
-	} else {
-		rev = int64(s.currentRev.main)
-	}
-	return n, rev, nil
-}
-
 func (s *store) compactBarrier(ctx context.Context, ch chan struct{}) {
 	if ctx == nil || ctx.Err() != nil {
 		s.mu.Lock()
@@ -275,16 +149,25 @@ func (s *store) compactBarrier(ctx context.Context, ch chan struct{}) {
 	close(ch)
 }
 
+func (s *store) Hash() (hash uint32, revision int64, err error) {
+	s.b.ForceCommit()
+	h, err := s.b.Hash(DefaultIgnores)
+	return h, s.currentRev, err
+}
+
 func (s *store) Compact(rev int64) (<-chan struct{}, error) {
 	s.mu.Lock()
 	defer s.mu.Unlock()
+	s.revMu.Lock()
+	defer s.revMu.Unlock()
+
 	if rev <= s.compactMainRev {
 		ch := make(chan struct{})
 		f := func(ctx context.Context) { s.compactBarrier(ctx, ch) }
 		s.fifoSched.Schedule(f)
 		return ch, ErrCompacted
 	}
-	if rev > s.currentRev.main {
+	if rev > s.currentRev {
 		return nil, ErrFutureRev
 	}
 
@@ -333,24 +216,14 @@ func init() {
 	}
 }
 
-func (s *store) Hash() (uint32, int64, error) {
-	s.mu.Lock()
-	defer s.mu.Unlock()
-	s.b.ForceCommit()
-
-	h, err := s.b.Hash(DefaultIgnores)
-	rev := s.currentRev.main
-	return h, rev, err
-}
-
 func (s *store) Commit() {
 	s.mu.Lock()
 	defer s.mu.Unlock()
 
-	s.tx = s.b.BatchTx()
-	s.tx.Lock()
-	s.saveIndex()
-	s.tx.Unlock()
+	tx := s.b.BatchTx()
+	tx.Lock()
+	s.saveIndex(tx)
+	tx.Unlock()
 	s.b.ForceCommit()
 }
 
@@ -363,10 +236,8 @@ func (s *store) Restore(b backend.Backend) error {
 
 	s.b = b
 	s.kvindex = newTreeIndex()
-	s.currentRev = revision{main: 1}
+	s.currentRev = 1
 	s.compactMainRev = -1
-	s.tx = b.BatchTx()
-	s.txnID = -1
 	s.fifoSched = schedule.NewFIFOScheduler()
 	s.stopc = make(chan struct{})
 
@@ -374,75 +245,63 @@ func (s *store) Restore(b backend.Backend) error {
 }
 
 func (s *store) restore() error {
+	reportDbTotalSizeInBytesMu.Lock()
+	b := s.b
+	reportDbTotalSizeInBytes = func() float64 { return float64(b.Size()) }
+	reportDbTotalSizeInBytesMu.Unlock()
+
 	min, max := newRevBytes(), newRevBytes()
 	revToBytes(revision{main: 1}, min)
 	revToBytes(revision{main: math.MaxInt64, sub: math.MaxInt64}, max)
 
 	keyToLease := make(map[string]lease.LeaseID)
 
-	// use an unordered map to hold the temp index data to speed up
-	// the initial key index recovery.
-	// we will convert this unordered map into the tree index later.
-	unordered := make(map[string]*keyIndex, 100000)
-
 	// restore index
 	tx := s.b.BatchTx()
 	tx.Lock()
+
 	_, finishedCompactBytes := tx.UnsafeRange(metaBucketName, finishedCompactKeyName, nil, 0)
 	if len(finishedCompactBytes) != 0 {
 		s.compactMainRev = bytesToRev(finishedCompactBytes[0]).main
 		plog.Printf("restore compact to %d", s.compactMainRev)
 	}
+	_, scheduledCompactBytes := tx.UnsafeRange(metaBucketName, scheduledCompactKeyName, nil, 0)
+	scheduledCompact := int64(0)
+	if len(scheduledCompactBytes) != 0 {
+		scheduledCompact = bytesToRev(scheduledCompactBytes[0]).main
+	}
 
-	// TODO: limit N to reduce max memory usage
-	keys, vals := tx.UnsafeRange(keyBucketName, min, max, 0)
-	for i, key := range keys {
-		var kv mvccpb.KeyValue
-		if err := kv.Unmarshal(vals[i]); err != nil {
-			plog.Fatalf("cannot unmarshal event: %v", err)
+	// index keys concurrently as they're loaded in from tx
+	keysGauge.Set(0)
+	rkvc, revc := restoreIntoIndex(s.kvindex)
+	for {
+		keys, vals := tx.UnsafeRange(keyBucketName, min, max, int64(restoreChunkKeys))
+		if len(keys) == 0 {
+			break
 		}
-
-		rev := bytesToRev(key[:revBytesLen])
-
-		// restore index
-		switch {
-		case isTombstone(key):
-			if ki, ok := unordered[string(kv.Key)]; ok {
-				ki.tombstone(rev.main, rev.sub)
-			}
-			delete(keyToLease, string(kv.Key))
-
-		default:
-			ki, ok := unordered[string(kv.Key)]
-			if ok {
-				ki.put(rev.main, rev.sub)
-			} else {
-				ki = &keyIndex{key: kv.Key}
-				ki.restore(revision{kv.CreateRevision, 0}, rev, kv.Version)
-				unordered[string(kv.Key)] = ki
-			}
-
-			if lid := lease.LeaseID(kv.Lease); lid != lease.NoLease {
-				keyToLease[string(kv.Key)] = lid
-			} else {
-				delete(keyToLease, string(kv.Key))
-			}
+		// rkvc blocks if the total pending keys exceeds the restore
+		// chunk size to keep keys from consuming too much memory.
+		restoreChunk(rkvc, keys, vals, keyToLease)
+		if len(keys) < restoreChunkKeys {
+			// partial set implies final set
+			break
 		}
-
-		// update revision
-		s.currentRev = rev
-	}
-
-	// restore the tree index from the unordered index.
-	for _, v := range unordered {
-		s.kvindex.Insert(v)
+		// next set begins after where this one ended
+		newMin := bytesToRev(keys[len(keys)-1][:revBytesLen])
+		newMin.sub++
+		revToBytes(newMin, min)
 	}
+	close(rkvc)
+	s.currentRev = <-revc
 
 	// keys in the range [compacted revision -N, compaction] might all be deleted due to compaction.
 	// the correct revision should be set to compaction revision in the case, not the largest revision
 	// we have seen.
-	if s.currentRev.main < s.compactMainRev {
-		s.currentRev.main = s.compactMainRev
+	if s.currentRev < s.compactMainRev {
+		s.currentRev = s.compactMainRev
+	}
+	if scheduledCompact <= s.compactMainRev {
+		scheduledCompact = 0
 	}
 
 	for key, lid := range keyToLease {
@@ -455,15 +314,6 @@ func (s *store) restore() error {
 		}
 	}
 
-	_, scheduledCompactBytes := tx.UnsafeRange(metaBucketName, scheduledCompactKeyName, nil, 0)
-	scheduledCompact := int64(0)
-	if len(scheduledCompactBytes) != 0 {
-		scheduledCompact = bytesToRev(scheduledCompactBytes[0]).main
-		if scheduledCompact <= s.compactMainRev {
-			scheduledCompact = 0
-		}
-	}
-
 	tx.Unlock()
 
 	if scheduledCompact != 0 {
@@ -474,6 +324,75 @@ func (s *store) restore() error {
 	return nil
 }
 
+type revKeyValue struct {
+	key  []byte
+	kv   mvccpb.KeyValue
+	kstr string
+}
+
+func restoreIntoIndex(idx index) (chan<- revKeyValue, <-chan int64) {
+	rkvc, revc := make(chan revKeyValue, restoreChunkKeys), make(chan int64, 1)
+	go func() {
+		currentRev := int64(1)
+		defer func() { revc <- currentRev }()
+		// restore the tree index from streaming the unordered index.
+		kiCache := make(map[string]*keyIndex, restoreChunkKeys)
+		for rkv := range rkvc {
+			ki, ok := kiCache[rkv.kstr]
+			// purge kiCache if many keys but still missing in the cache
+			if !ok && len(kiCache) >= restoreChunkKeys {
+				i := 10
+				for k := range kiCache {
+					delete(kiCache, k)
+					if i--; i == 0 {
+						break
+					}
+				}
+			}
+			// cache miss, fetch from tree index if there
+			if !ok {
+				ki = &keyIndex{key: rkv.kv.Key}
+				if idxKey := idx.KeyIndex(ki); idxKey != nil {
+					kiCache[rkv.kstr], ki = idxKey, idxKey
+					ok = true
+				}
+			}
+			rev := bytesToRev(rkv.key)
+			currentRev = rev.main
+			if ok {
+				if isTombstone(rkv.key) {
+					ki.tombstone(rev.main, rev.sub)
+					continue
+				}
+				ki.put(rev.main, rev.sub)
+			} else if !isTombstone(rkv.key) {
+				ki.restore(revision{rkv.kv.CreateRevision, 0}, rev, rkv.kv.Version)
+				idx.Insert(ki)
+				kiCache[rkv.kstr] = ki
+			}
+		}
+	}()
+	return rkvc, revc
+}
+
+func restoreChunk(kvc chan<- revKeyValue, keys, vals [][]byte, keyToLease map[string]lease.LeaseID) {
+	for i, key := range keys {
+		rkv := revKeyValue{key: key}
+		if err := rkv.kv.Unmarshal(vals[i]); err != nil {
+			plog.Fatalf("cannot unmarshal event: %v", err)
+		}
+		rkv.kstr = string(rkv.kv.Key)
+		if isTombstone(key) {
+			delete(keyToLease, rkv.kstr)
+		} else if lid := lease.LeaseID(rkv.kv.Lease); lid != lease.NoLease {
+			keyToLease[rkv.kstr] = lid
+		} else {
+			delete(keyToLease, rkv.kstr)
+		}
+		kvc <- rkv
+	}
+}
+
 func (s *store) Close() error {
 	close(s.stopc)
 	s.fifoSched.Stop()
@@ -490,180 +409,10 @@ func (a *store) Equal(b *store) bool {
 	return a.kvindex.Equal(b.kvindex)
 }
 
-// range is a keyword in Go, add Keys suffix.
-func (s *store) rangeKeys(key, end []byte, limit, rangeRev int64, countOnly bool) (kvs []mvccpb.KeyValue, count int, curRev int64, err error) {
-	curRev = int64(s.currentRev.main)
-	if s.currentRev.sub > 0 {
-		curRev += 1
-	}
-
-	if rangeRev > curRev {
-		return nil, -1, s.currentRev.main, ErrFutureRev
-	}
-	var rev int64
-	if rangeRev <= 0 {
-		rev = curRev
-	} else {
-		rev = rangeRev
-	}
-	if rev < s.compactMainRev {
-		return nil, -1, 0, ErrCompacted
-	}
-
-	_, revpairs := s.kvindex.Range(key, end, int64(rev))
-	if len(revpairs) == 0 {
-		return nil, 0, curRev, nil
-	}
-	if countOnly {
-		return nil, len(revpairs), curRev, nil
-	}
-
-	for _, revpair := range revpairs {
-		start, end := revBytesRange(revpair)
-
-		_, vs := s.tx.UnsafeRange(keyBucketName, start, end, 0)
-		if len(vs) != 1 {
-			plog.Fatalf("range cannot find rev (%d,%d)", revpair.main, revpair.sub)
-		}
-
-		var kv mvccpb.KeyValue
-		if err := kv.Unmarshal(vs[0]); err != nil {
-			plog.Fatalf("cannot unmarshal event: %v", err)
-		}
-		kvs = append(kvs, kv)
-		if limit > 0 && len(kvs) >= int(limit) {
-			break
-		}
-	}
-	return kvs, len(revpairs), curRev, nil
-}
-
-func (s *store) put(key, value []byte, leaseID lease.LeaseID) {
-	s.txnModify = true
-
-	rev := s.currentRev.main + 1
-	c := rev
-	oldLease := lease.NoLease
-
-	// if the key exists before, use its previous created and
-	// get its previous leaseID
-	_, created, ver, err := s.kvindex.Get(key, rev)
-	if err == nil {
-		c = created.main
-		oldLease = s.le.GetLease(lease.LeaseItem{Key: string(key)})
-	}
-
-	ibytes := newRevBytes()
-	revToBytes(revision{main: rev, sub: s.currentRev.sub}, ibytes)
-
-	ver = ver + 1
-	kv := mvccpb.KeyValue{
-		Key:            key,
-		Value:          value,
-		CreateRevision: c,
-		ModRevision:    rev,
-		Version:        ver,
-		Lease:          int64(leaseID),
-	}
-
-	d, err := kv.Marshal()
-	if err != nil {
-		plog.Fatalf("cannot marshal event: %v", err)
-	}
-
-	s.tx.UnsafeSeqPut(keyBucketName, ibytes, d)
-	s.kvindex.Put(key, revision{main: rev, sub: s.currentRev.sub})
-	s.changes = append(s.changes, kv)
-	s.currentRev.sub += 1
-
-	if oldLease != lease.NoLease {
-		if s.le == nil {
-			panic("no lessor to detach lease")
-		}
-
-		err = s.le.Detach(oldLease, []lease.LeaseItem{{Key: string(key)}})
-		if err != nil {
-			plog.Errorf("unexpected error from lease detach: %v", err)
-		}
-	}
-
-	if leaseID != lease.NoLease {
-		if s.le == nil {
-			panic("no lessor to attach lease")
-		}
-
-		err = s.le.Attach(leaseID, []lease.LeaseItem{{Key: string(key)}})
-		if err != nil {
-			panic("unexpected error from lease Attach")
-		}
-	}
-}
-
-func (s *store) deleteRange(key, end []byte) int64 {
-	s.txnModify = true
-
-	rrev := s.currentRev.main
-	if s.currentRev.sub > 0 {
-		rrev += 1
-	}
-	keys, revs := s.kvindex.Range(key, end, rrev)
-
-	if len(keys) == 0 {
-		return 0
-	}
-
-	for i, key := range keys {
-		s.delete(key, revs[i])
-	}
-	return int64(len(keys))
-}
-
-func (s *store) delete(key []byte, rev revision) {
-	mainrev := s.currentRev.main + 1
-
-	ibytes := newRevBytes()
-	revToBytes(revision{main: mainrev, sub: s.currentRev.sub}, ibytes)
-	ibytes = appendMarkTombstone(ibytes)
-
-	kv := mvccpb.KeyValue{
-		Key: key,
-	}
-
-	d, err := kv.Marshal()
-	if err != nil {
-		plog.Fatalf("cannot marshal event: %v", err)
-	}
-
-	s.tx.UnsafeSeqPut(keyBucketName, ibytes, d)
-	err = s.kvindex.Tombstone(key, revision{main: mainrev, sub: s.currentRev.sub})
-	if err != nil {
-		plog.Fatalf("cannot tombstone an existing key (%s): %v", string(key), err)
-	}
-	s.changes = append(s.changes, kv)
-	s.currentRev.sub += 1
-
-	item := lease.LeaseItem{Key: string(key)}
-	leaseID := s.le.GetLease(item)
-
-	if leaseID != lease.NoLease {
-		err = s.le.Detach(leaseID, []lease.LeaseItem{item})
-		if err != nil {
-			plog.Errorf("cannot detach %v", err)
-		}
-	}
-}
-
-func (s *store) getChanges() []mvccpb.KeyValue {
-	changes := s.changes
-	s.changes = make([]mvccpb.KeyValue, 0, 4)
-	return changes
-}
-
-func (s *store) saveIndex() {
+func (s *store) saveIndex(tx backend.BatchTx) {
 	if s.ig == nil {
 		return
 	}
-	tx := s.tx
 	bs := s.bytesBuf8
 	binary.BigEndian.PutUint64(bs, s.ig.ConsistentIndex())
 	// put the index into the underlying backend
diff --git a/vendor/github.com/coreos/etcd/mvcc/kvstore_txn.go b/vendor/github.com/coreos/etcd/mvcc/kvstore_txn.go
new file mode 100644
index 000000000000..13d4d530d0ae
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/mvcc/kvstore_txn.go
@@ -0,0 +1,253 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package mvcc
+
+import (
+	"github.com/coreos/etcd/lease"
+	"github.com/coreos/etcd/mvcc/backend"
+	"github.com/coreos/etcd/mvcc/mvccpb"
+)
+
+type storeTxnRead struct {
+	s  *store
+	tx backend.ReadTx
+
+	firstRev int64
+	rev      int64
+}
+
+func (s *store) Read() TxnRead {
+	s.mu.RLock()
+	tx := s.b.ReadTx()
+	s.revMu.RLock()
+	tx.Lock()
+	firstRev, rev := s.compactMainRev, s.currentRev
+	s.revMu.RUnlock()
+	return newMetricsTxnRead(&storeTxnRead{s, tx, firstRev, rev})
+}
+
+func (tr *storeTxnRead) FirstRev() int64 { return tr.firstRev }
+func (tr *storeTxnRead) Rev() int64      { return tr.rev }
+
+func (tr *storeTxnRead) Range(key, end []byte, ro RangeOptions) (r *RangeResult, err error) {
+	return tr.rangeKeys(key, end, tr.Rev(), ro)
+}
+
+func (tr *storeTxnRead) End() {
+	tr.tx.Unlock()
+	tr.s.mu.RUnlock()
+}
+
+type storeTxnWrite struct {
+	*storeTxnRead
+	tx backend.BatchTx
+	// beginRev is the revision where the txn begins; it will write to the next revision.
+	beginRev int64
+	changes  []mvccpb.KeyValue
+}
+
+func (s *store) Write() TxnWrite {
+	s.mu.RLock()
+	tx := s.b.BatchTx()
+	tx.Lock()
+	tw := &storeTxnWrite{
+		storeTxnRead: &storeTxnRead{s, tx, 0, 0},
+		tx:           tx,
+		beginRev:     s.currentRev,
+		changes:      make([]mvccpb.KeyValue, 0, 4),
+	}
+	return newMetricsTxnWrite(tw)
+}
+
+func (tw *storeTxnWrite) Rev() int64 { return tw.beginRev }
+
+func (tw *storeTxnWrite) Range(key, end []byte, ro RangeOptions) (r *RangeResult, err error) {
+	rev := tw.beginRev
+	if len(tw.changes) > 0 {
+		rev++
+	}
+	return tw.rangeKeys(key, end, rev, ro)
+}
+
+func (tw *storeTxnWrite) DeleteRange(key, end []byte) (int64, int64) {
+	if n := tw.deleteRange(key, end); n != 0 || len(tw.changes) > 0 {
+		return n, int64(tw.beginRev + 1)
+	}
+	return 0, int64(tw.beginRev)
+}
+
+func (tw *storeTxnWrite) Put(key, value []byte, lease lease.LeaseID) int64 {
+	tw.put(key, value, lease)
+	return int64(tw.beginRev + 1)
+}
+
+func (tw *storeTxnWrite) End() {
+	// only update index if the txn modifies the mvcc state.
+	if len(tw.changes) != 0 {
+		tw.s.saveIndex(tw.tx)
+		// hold revMu lock to prevent new read txns from opening until writeback.
+		tw.s.revMu.Lock()
+		tw.s.currentRev++
+	}
+	tw.tx.Unlock()
+	if len(tw.changes) != 0 {
+		tw.s.revMu.Unlock()
+	}
+	tw.s.mu.RUnlock()
+}
+
+func (tr *storeTxnRead) rangeKeys(key, end []byte, curRev int64, ro RangeOptions) (*RangeResult, error) {
+	rev := ro.Rev
+	if rev > curRev {
+		return &RangeResult{KVs: nil, Count: -1, Rev: curRev}, ErrFutureRev
+	}
+	if rev <= 0 {
+		rev = curRev
+	}
+	if rev < tr.s.compactMainRev {
+		return &RangeResult{KVs: nil, Count: -1, Rev: 0}, ErrCompacted
+	}
+
+	_, revpairs := tr.s.kvindex.Range(key, end, int64(rev))
+	if len(revpairs) == 0 {
+		return &RangeResult{KVs: nil, Count: 0, Rev: curRev}, nil
+	}
+	if ro.Count {
+		return &RangeResult{KVs: nil, Count: len(revpairs), Rev: curRev}, nil
+	}
+
+	var kvs []mvccpb.KeyValue
+	for _, revpair := range revpairs {
+		start, end := revBytesRange(revpair)
+		_, vs := tr.tx.UnsafeRange(keyBucketName, start, end, 0)
+		if len(vs) != 1 {
+			plog.Fatalf("range cannot find rev (%d,%d)", revpair.main, revpair.sub)
+		}
+
+		var kv mvccpb.KeyValue
+		if err := kv.Unmarshal(vs[0]); err != nil {
+			plog.Fatalf("cannot unmarshal event: %v", err)
+		}
+		kvs = append(kvs, kv)
+		if ro.Limit > 0 && len(kvs) >= int(ro.Limit) {
+			break
+		}
+	}
+	return &RangeResult{KVs: kvs, Count: len(revpairs), Rev: curRev}, nil
+}
+
+func (tw *storeTxnWrite) put(key, value []byte, leaseID lease.LeaseID) {
+	rev := tw.beginRev + 1
+	c := rev
+	oldLease := lease.NoLease
+
+	// if the key exists before, use its previous created and
+	// get its previous leaseID
+	_, created, ver, err := tw.s.kvindex.Get(key, rev)
+	if err == nil {
+		c = created.main
+		oldLease = tw.s.le.GetLease(lease.LeaseItem{Key: string(key)})
+	}
+
+	ibytes := newRevBytes()
+	idxRev := revision{main: rev, sub: int64(len(tw.changes))}
+	revToBytes(idxRev, ibytes)
+
+	ver = ver + 1
+	kv := mvccpb.KeyValue{
+		Key:            key,
+		Value:          value,
+		CreateRevision: c,
+		ModRevision:    rev,
+		Version:        ver,
+		Lease:          int64(leaseID),
+	}
+
+	d, err := kv.Marshal()
+	if err != nil {
+		plog.Fatalf("cannot marshal event: %v", err)
+	}
+
+	tw.tx.UnsafeSeqPut(keyBucketName, ibytes, d)
+	tw.s.kvindex.Put(key, idxRev)
+	tw.changes = append(tw.changes, kv)
+
+	if oldLease != lease.NoLease {
+		if tw.s.le == nil {
+			panic("no lessor to detach lease")
+		}
+		err = tw.s.le.Detach(oldLease, []lease.LeaseItem{{Key: string(key)}})
+		if err != nil {
+			plog.Errorf("unexpected error from lease detach: %v", err)
+		}
+	}
+	if leaseID != lease.NoLease {
+		if tw.s.le == nil {
+			panic("no lessor to attach lease")
+		}
+		err = tw.s.le.Attach(leaseID, []lease.LeaseItem{{Key: string(key)}})
+		if err != nil {
+			panic("unexpected error from lease Attach")
+		}
+	}
+}
+
+func (tw *storeTxnWrite) deleteRange(key, end []byte) int64 {
+	rrev := tw.beginRev
+	if len(tw.changes) > 0 {
+		rrev += 1
+	}
+	keys, revs := tw.s.kvindex.Range(key, end, rrev)
+	if len(keys) == 0 {
+		return 0
+	}
+	for i, key := range keys {
+		tw.delete(key, revs[i])
+	}
+	return int64(len(keys))
+}
+
+func (tw *storeTxnWrite) delete(key []byte, rev revision) {
+	ibytes := newRevBytes()
+	idxRev := revision{main: tw.beginRev + 1, sub: int64(len(tw.changes))}
+	revToBytes(idxRev, ibytes)
+	ibytes = appendMarkTombstone(ibytes)
+
+	kv := mvccpb.KeyValue{Key: key}
+
+	d, err := kv.Marshal()
+	if err != nil {
+		plog.Fatalf("cannot marshal event: %v", err)
+	}
+
+	tw.tx.UnsafeSeqPut(keyBucketName, ibytes, d)
+	err = tw.s.kvindex.Tombstone(key, idxRev)
+	if err != nil {
+		plog.Fatalf("cannot tombstone an existing key (%s): %v", string(key), err)
+	}
+	tw.changes = append(tw.changes, kv)
+
+	item := lease.LeaseItem{Key: string(key)}
+	leaseID := tw.s.le.GetLease(item)
+
+	if leaseID != lease.NoLease {
+		err = tw.s.le.Detach(leaseID, []lease.LeaseItem{item})
+		if err != nil {
+			plog.Errorf("cannot detach %v", err)
+		}
+	}
+}
+
+func (tw *storeTxnWrite) Changes() []mvccpb.KeyValue { return tw.changes }
diff --git a/vendor/github.com/coreos/etcd/mvcc/metrics.go b/vendor/github.com/coreos/etcd/mvcc/metrics.go
index aa8af6aa5525..a65fe59b996d 100644
--- a/vendor/github.com/coreos/etcd/mvcc/metrics.go
+++ b/vendor/github.com/coreos/etcd/mvcc/metrics.go
@@ -15,6 +15,8 @@
 package mvcc
 
 import (
+	"sync"
+
 	"github.com/prometheus/client_golang/prometheus"
 )
 
@@ -129,12 +131,21 @@ var (
 			Buckets: prometheus.ExponentialBuckets(100, 2, 14),
 		})
 
-	dbTotalSize = prometheus.NewGauge(prometheus.GaugeOpts{
+	dbTotalSize = prometheus.NewGaugeFunc(prometheus.GaugeOpts{
 		Namespace: "etcd_debugging",
 		Subsystem: "mvcc",
 		Name:      "db_total_size_in_bytes",
 		Help:      "Total size of the underlying database in bytes.",
-	})
+	},
+		func() float64 {
+			reportDbTotalSizeInBytesMu.RLock()
+			defer reportDbTotalSizeInBytesMu.RUnlock()
+			return reportDbTotalSizeInBytes()
+		},
+	)
+	// overridden by mvcc initialization
+	reportDbTotalSizeInBytesMu sync.RWMutex
+	reportDbTotalSizeInBytes   func() float64 = func() float64 { return 0 }
 )
 
 func init() {
diff --git a/vendor/github.com/coreos/etcd/mvcc/metrics_txn.go b/vendor/github.com/coreos/etcd/mvcc/metrics_txn.go
new file mode 100644
index 000000000000..fd2144279aea
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/mvcc/metrics_txn.go
@@ -0,0 +1,67 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package mvcc
+
+import (
+	"github.com/coreos/etcd/lease"
+)
+
+type metricsTxnWrite struct {
+	TxnWrite
+	ranges  uint
+	puts    uint
+	deletes uint
+}
+
+func newMetricsTxnRead(tr TxnRead) TxnRead {
+	return &metricsTxnWrite{&txnReadWrite{tr}, 0, 0, 0}
+}
+
+func newMetricsTxnWrite(tw TxnWrite) TxnWrite {
+	return &metricsTxnWrite{tw, 0, 0, 0}
+}
+
+func (tw *metricsTxnWrite) Range(key, end []byte, ro RangeOptions) (*RangeResult, error) {
+	tw.ranges++
+	return tw.TxnWrite.Range(key, end, ro)
+}
+
+func (tw *metricsTxnWrite) DeleteRange(key, end []byte) (n, rev int64) {
+	tw.deletes++
+	return tw.TxnWrite.DeleteRange(key, end)
+}
+
+func (tw *metricsTxnWrite) Put(key, value []byte, lease lease.LeaseID) (rev int64) {
+	tw.puts++
+	return tw.TxnWrite.Put(key, value, lease)
+}
+
+func (tw *metricsTxnWrite) End() {
+	defer tw.TxnWrite.End()
+	if sum := tw.ranges + tw.puts + tw.deletes; sum != 1 {
+		if sum > 1 {
+			txnCounter.Inc()
+		}
+		return
+	}
+	switch {
+	case tw.ranges == 1:
+		rangeCounter.Inc()
+	case tw.puts == 1:
+		putCounter.Inc()
+	case tw.deletes == 1:
+		deleteCounter.Inc()
+	}
+}
diff --git a/vendor/github.com/coreos/etcd/mvcc/mvccpb/kv.pb.go b/vendor/github.com/coreos/etcd/mvcc/mvccpb/kv.pb.go
index aa053f4e66e0..7033f1326626 100644
--- a/vendor/github.com/coreos/etcd/mvcc/mvccpb/kv.pb.go
+++ b/vendor/github.com/coreos/etcd/mvcc/mvccpb/kv.pb.go
@@ -713,7 +713,7 @@ func init() { proto.RegisterFile("kv.proto", fileDescriptorKv) }
 
 var fileDescriptorKv = []byte{
 	// 303 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0x6c, 0x90, 0x41, 0x4e, 0xc2, 0x40,
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x6c, 0x90, 0x41, 0x4e, 0xc2, 0x40,
 	0x14, 0x86, 0x3b, 0x14, 0x0a, 0x3e, 0x08, 0x36, 0x13, 0x12, 0x27, 0x2e, 0x26, 0x95, 0x8d, 0x18,
 	0x13, 0x4c, 0xf0, 0x06, 0xc6, 0xae, 0x70, 0x61, 0x1a, 0x74, 0x4b, 0x4a, 0x79, 0x21, 0xa4, 0x94,
 	0x69, 0x4a, 0x9d, 0xa4, 0x37, 0x71, 0xef, 0xde, 0x73, 0xb0, 0xe4, 0x08, 0x52, 0x2f, 0x62, 0xfa,
diff --git a/vendor/github.com/coreos/etcd/mvcc/watchable_store.go b/vendor/github.com/coreos/etcd/mvcc/watchable_store.go
index 028e05b9ad8c..68d9ab71d271 100644
--- a/vendor/github.com/coreos/etcd/mvcc/watchable_store.go
+++ b/vendor/github.com/coreos/etcd/mvcc/watchable_store.go
@@ -41,10 +41,12 @@ type watchable interface {
 }
 
 type watchableStore struct {
-	mu sync.Mutex
-
 	*store
 
+	// mu protects watcher groups and batches. It should never be locked
+	// before locking store.mu to avoid deadlock.
+	mu sync.RWMutex
+
 	// victims are watcher batches that were blocked on the watch channel
 	victims []watcherBatch
 	victimc chan struct{}
@@ -76,9 +78,11 @@ func newWatchableStore(b backend.Backend, le lease.Lessor, ig ConsistentIndexGet
 		synced:   newWatcherGroup(),
 		stopc:    make(chan struct{}),
 	}
+	s.store.ReadView = &readView{s}
+	s.store.WriteView = &writeView{s}
 	if s.le != nil {
 		// use this store as the deleter so revokes trigger watch events
-		s.le.SetRangeDeleter(s)
+		s.le.SetRangeDeleter(func() lease.TxnDelete { return s.Write() })
 	}
 	s.wg.Add(2)
 	go s.syncWatchersLoop()
@@ -86,89 +90,6 @@ func newWatchableStore(b backend.Backend, le lease.Lessor, ig ConsistentIndexGet
 	return s
 }
 
-func (s *watchableStore) Put(key, value []byte, lease lease.LeaseID) (rev int64) {
-	s.mu.Lock()
-	defer s.mu.Unlock()
-
-	rev = s.store.Put(key, value, lease)
-	changes := s.store.getChanges()
-	if len(changes) != 1 {
-		plog.Panicf("unexpected len(changes) != 1 after put")
-	}
-
-	ev := mvccpb.Event{
-		Type: mvccpb.PUT,
-		Kv:   &changes[0],
-	}
-	s.notify(rev, []mvccpb.Event{ev})
-	return rev
-}
-
-func (s *watchableStore) DeleteRange(key, end []byte) (n, rev int64) {
-	s.mu.Lock()
-	defer s.mu.Unlock()
-
-	n, rev = s.store.DeleteRange(key, end)
-	changes := s.store.getChanges()
-
-	if len(changes) != int(n) {
-		plog.Panicf("unexpected len(changes) != n after deleteRange")
-	}
-
-	if n == 0 {
-		return n, rev
-	}
-
-	evs := make([]mvccpb.Event, n)
-	for i := range changes {
-		evs[i] = mvccpb.Event{
-			Type: mvccpb.DELETE,
-			Kv:   &changes[i]}
-		evs[i].Kv.ModRevision = rev
-	}
-	s.notify(rev, evs)
-	return n, rev
-}
-
-func (s *watchableStore) TxnBegin() int64 {
-	s.mu.Lock()
-	return s.store.TxnBegin()
-}
-
-func (s *watchableStore) TxnEnd(txnID int64) error {
-	err := s.store.TxnEnd(txnID)
-	if err != nil {
-		return err
-	}
-
-	changes := s.getChanges()
-	if len(changes) == 0 {
-		s.mu.Unlock()
-		return nil
-	}
-
-	rev := s.store.Rev()
-	evs := make([]mvccpb.Event, len(changes))
-	for i, change := range changes {
-		switch change.CreateRevision {
-		case 0:
-			evs[i] = mvccpb.Event{
-				Type: mvccpb.DELETE,
-				Kv:   &changes[i]}
-			evs[i].Kv.ModRevision = rev
-		default:
-			evs[i] = mvccpb.Event{
-				Type: mvccpb.PUT,
-				Kv:   &changes[i]}
-		}
-	}
-
-	s.notify(rev, evs)
-	s.mu.Unlock()
-
-	return nil
-}
-
 func (s *watchableStore) Close() error {
 	close(s.stopc)
 	s.wg.Wait()
@@ -186,9 +107,6 @@ func (s *watchableStore) NewWatchStream() WatchStream {
 }
 
 func (s *watchableStore) watch(key, end []byte, startRev int64, id WatchID, ch chan<- WatchResponse, fcs ...FilterFunc) (*watcher, cancelFunc) {
-	s.mu.Lock()
-	defer s.mu.Unlock()
-
 	wa := &watcher{
 		key:    key,
 		end:    end,
@@ -198,21 +116,24 @@ func (s *watchableStore) watch(key, end []byte, startRev int64, id WatchID, ch c
 		fcs:    fcs,
 	}
 
-	s.store.mu.Lock()
-	synced := startRev > s.store.currentRev.main || startRev == 0
+	s.mu.Lock()
+	s.revMu.RLock()
+	synced := startRev > s.store.currentRev || startRev == 0
 	if synced {
-		wa.minRev = s.store.currentRev.main + 1
+		wa.minRev = s.store.currentRev + 1
 		if startRev > wa.minRev {
 			wa.minRev = startRev
 		}
 	}
-	s.store.mu.Unlock()
 	if synced {
 		s.synced.add(wa)
 	} else {
 		slowWatcherGauge.Inc()
 		s.unsynced.add(wa)
 	}
+	s.revMu.RUnlock()
+	s.mu.Unlock()
+
 	watcherGauge.Inc()
 
 	return wa, func() { s.cancelWatcher(wa) }
@@ -278,12 +199,15 @@ func (s *watchableStore) syncWatchersLoop() {
 	defer s.wg.Done()
 
 	for {
-		s.mu.Lock()
+		s.mu.RLock()
 		st := time.Now()
 		lastUnsyncedWatchers := s.unsynced.size()
-		s.syncWatchers()
-		unsyncedWatchers := s.unsynced.size()
-		s.mu.Unlock()
+		s.mu.RUnlock()
+
+		unsyncedWatchers := 0
+		if lastUnsyncedWatchers > 0 {
+			unsyncedWatchers = s.syncWatchers()
+		}
 		syncDuration := time.Since(st)
 
 		waitDuration := 100 * time.Millisecond
@@ -310,9 +234,9 @@ func (s *watchableStore) syncVictimsLoop() {
 		for s.moveVictims() != 0 {
 			// try to update all victim watchers
 		}
-		s.mu.Lock()
+		s.mu.RLock()
 		isEmpty := len(s.victims) == 0
-		s.mu.Unlock()
+		s.mu.RUnlock()
 
 		var tickc <-chan time.Time
 		if !isEmpty {
@@ -355,8 +279,8 @@ func (s *watchableStore) moveVictims() (moved int) {
 
 		// assign completed victim watchers to unsync/sync
 		s.mu.Lock()
-		s.store.mu.Lock()
-		curRev := s.store.currentRev.main
+		s.store.revMu.RLock()
+		curRev := s.store.currentRev
 		for w, eb := range wb {
 			if newVictim != nil && newVictim[w] != nil {
 				// couldn't send watch response; stays victim
@@ -373,7 +297,7 @@ func (s *watchableStore) moveVictims() (moved int) {
 				s.synced.add(w)
 			}
 		}
-		s.store.mu.Unlock()
+		s.store.revMu.RUnlock()
 		s.mu.Unlock()
 	}
 
@@ -391,19 +315,23 @@ func (s *watchableStore) moveVictims() (moved int) {
 //	2. iterate over the set to get the minimum revision and remove compacted watchers
 //	3. use minimum revision to get all key-value pairs and send those events to watchers
 //	4. remove synced watchers in set from unsynced group and move to synced group
-func (s *watchableStore) syncWatchers() {
+func (s *watchableStore) syncWatchers() int {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+
 	if s.unsynced.size() == 0 {
-		return
+		return 0
 	}
 
-	s.store.mu.Lock()
-	defer s.store.mu.Unlock()
+	s.store.revMu.RLock()
+	defer s.store.revMu.RUnlock()
 
 	// in order to find key-value pairs from unsynced watchers, we need to
 	// find min revision index, and these revisions can be used to
 	// query the backend store of key-value pairs
-	curRev := s.store.currentRev.main
+	curRev := s.store.currentRev
 	compactionRev := s.store.compactMainRev
+
 	wg, minRev := s.unsynced.choose(maxWatchersPerSync, curRev, compactionRev)
 	minBytes, maxBytes := newRevBytes(), newRevBytes()
 	revToBytes(revision{main: minRev}, minBytes)
@@ -411,7 +339,7 @@ func (s *watchableStore) syncWatchers() {
 
 	// UnsafeRange returns keys and values. And in boltdb, keys are revisions.
 	// values are actual key-value pairs in backend.
-	tx := s.store.b.BatchTx()
+	tx := s.store.b.ReadTx()
 	tx.Lock()
 	revs, vs := tx.UnsafeRange(keyBucketName, minBytes, maxBytes, 0)
 	evs := kvsToEvents(wg, revs, vs)
@@ -461,6 +389,8 @@ func (s *watchableStore) syncWatchers() {
 		vsz += len(v)
 	}
 	slowWatcherGauge.Set(float64(s.unsynced.size() + vsz))
+
+	return s.unsynced.size()
 }
 
 // kvsToEvents gets all events for the watchers from all key-value pairs
@@ -526,8 +456,8 @@ func (s *watchableStore) addVictim(victim watcherBatch) {
 func (s *watchableStore) rev() int64 { return s.store.Rev() }
 
 func (s *watchableStore) progress(w *watcher) {
-	s.mu.Lock()
-	defer s.mu.Unlock()
+	s.mu.RLock()
+	defer s.mu.RUnlock()
 
 	if _, ok := s.synced.watchers[w]; ok {
 		w.send(WatchResponse{WatchID: w.id, Revision: s.rev()})
diff --git a/vendor/github.com/coreos/etcd/mvcc/watchable_store_txn.go b/vendor/github.com/coreos/etcd/mvcc/watchable_store_txn.go
new file mode 100644
index 000000000000..5c5bfda13413
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/mvcc/watchable_store_txn.go
@@ -0,0 +1,53 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package mvcc
+
+import (
+	"github.com/coreos/etcd/mvcc/mvccpb"
+)
+
+func (tw *watchableStoreTxnWrite) End() {
+	changes := tw.Changes()
+	if len(changes) == 0 {
+		tw.TxnWrite.End()
+		return
+	}
+
+	rev := tw.Rev() + 1
+	evs := make([]mvccpb.Event, len(changes))
+	for i, change := range changes {
+		evs[i].Kv = &changes[i]
+		if change.CreateRevision == 0 {
+			evs[i].Type = mvccpb.DELETE
+			evs[i].Kv.ModRevision = rev
+		} else {
+			evs[i].Type = mvccpb.PUT
+		}
+	}
+
+	// end write txn under watchable store lock so the updates are visible
+	// when asynchronous event posting checks the current store revision
+	tw.s.mu.Lock()
+	tw.s.notify(rev, evs)
+	tw.TxnWrite.End()
+	tw.s.mu.Unlock()
+}
+
+type watchableStoreTxnWrite struct {
+	TxnWrite
+	s *watchableStore
+}
+
+func (s *watchableStore) Write() TxnWrite { return &watchableStoreTxnWrite{s.store.Write(), s} }
diff --git a/vendor/github.com/coreos/etcd/mvcc/watcher_group.go b/vendor/github.com/coreos/etcd/mvcc/watcher_group.go
index 2710c1cc9408..6ef1d0ce8bbe 100644
--- a/vendor/github.com/coreos/etcd/mvcc/watcher_group.go
+++ b/vendor/github.com/coreos/etcd/mvcc/watcher_group.go
@@ -183,7 +183,7 @@ func (wg *watcherGroup) add(wa *watcher) {
 // contains is whether the given key has a watcher in the group.
 func (wg *watcherGroup) contains(key string) bool {
 	_, ok := wg.keyWatchers[key]
-	return ok || wg.ranges.Contains(adt.NewStringAffinePoint(key))
+	return ok || wg.ranges.Intersects(adt.NewStringAffinePoint(key))
 }
 
 // size gives the number of unique watchers in the group.
diff --git a/vendor/github.com/coreos/etcd/pkg/adt/interval_tree.go b/vendor/github.com/coreos/etcd/pkg/adt/interval_tree.go
index 6edbe593fb41..9769771ea4fd 100644
--- a/vendor/github.com/coreos/etcd/pkg/adt/interval_tree.go
+++ b/vendor/github.com/coreos/etcd/pkg/adt/interval_tree.go
@@ -15,6 +15,7 @@
 package adt
 
 import (
+	"bytes"
 	"math"
 )
 
@@ -134,25 +135,29 @@ func (x *intervalNode) updateMax() {
 type nodeVisitor func(n *intervalNode) bool
 
 // visit will call a node visitor on each node that overlaps the given interval
-func (x *intervalNode) visit(iv *Interval, nv nodeVisitor) {
+func (x *intervalNode) visit(iv *Interval, nv nodeVisitor) bool {
 	if x == nil {
-		return
+		return true
 	}
 	v := iv.Compare(&x.iv.Ivl)
 	switch {
 	case v < 0:
-		x.left.visit(iv, nv)
+		if !x.left.visit(iv, nv) {
+			return false
+		}
 	case v > 0:
 		maxiv := Interval{x.iv.Ivl.Begin, x.max}
 		if maxiv.Compare(iv) == 0 {
-			x.left.visit(iv, nv)
-			x.right.visit(iv, nv)
+			if !x.left.visit(iv, nv) || !x.right.visit(iv, nv) {
+				return false
+			}
 		}
 	default:
-		nv(x)
-		x.left.visit(iv, nv)
-		x.right.visit(iv, nv)
+		if !x.left.visit(iv, nv) || !nv(x) || !x.right.visit(iv, nv) {
+			return false
+		}
 	}
+	return true
 }
 
 type IntervalValue struct {
@@ -402,10 +407,11 @@ func (ivt *IntervalTree) MaxHeight() int {
 	return int((2 * math.Log2(float64(ivt.Len()+1))) + 0.5)
 }
 
-// IntervalVisitor is used on tree searchs; return false to stop searching.
+// IntervalVisitor is used on tree searches; return false to stop searching.
 type IntervalVisitor func(n *IntervalValue) bool
 
 // Visit calls a visitor function on every tree node intersecting the given interval.
+// It will visit each interval [x, y) in ascending order sorted on x.
 func (ivt *IntervalTree) Visit(ivl Interval, ivv IntervalVisitor) {
 	ivt.root.visit(&ivl, func(n *intervalNode) bool { return ivv(&n.iv) })
 }
@@ -432,8 +438,8 @@ func (ivt *IntervalTree) Find(ivl Interval) (ret *IntervalValue) {
 	return &n.iv
 }
 
-// Contains returns true if there is some tree node intersecting the given interval.
-func (ivt *IntervalTree) Contains(iv Interval) bool {
+// Intersects returns true if there is some tree node intersecting the given interval.
+func (ivt *IntervalTree) Intersects(iv Interval) bool {
 	x := ivt.root
 	for x != nil && iv.Compare(&x.iv.Ivl) != 0 {
 		if x.left != nil && x.left.max.Compare(iv.Begin) > 0 {
@@ -445,6 +451,30 @@ func (ivt *IntervalTree) Contains(iv Interval) bool {
 	return x != nil
 }
 
+// Contains returns true if the interval tree's keys cover the entire given interval.
+func (ivt *IntervalTree) Contains(ivl Interval) bool {
+	var maxEnd, minBegin Comparable
+
+	isContiguous := true
+	ivt.Visit(ivl, func(n *IntervalValue) bool {
+		if minBegin == nil {
+			minBegin = n.Ivl.Begin
+			maxEnd = n.Ivl.End
+			return true
+		}
+		if maxEnd.Compare(n.Ivl.Begin) < 0 {
+			isContiguous = false
+			return false
+		}
+		if n.Ivl.End.Compare(maxEnd) > 0 {
+			maxEnd = n.Ivl.End
+		}
+		return true
+	})
+
+	return isContiguous && minBegin != nil && maxEnd.Compare(ivl.End) >= 0 && minBegin.Compare(ivl.Begin) <= 0
+}
+
 // Stab returns a slice with all elements in the tree intersecting the interval.
 func (ivt *IntervalTree) Stab(iv Interval) (ivs []*IntervalValue) {
 	if ivt.count == 0 {
@@ -529,3 +559,32 @@ func (v Int64Comparable) Compare(c Comparable) int {
 	}
 	return 0
 }
+
+// BytesAffineComparable treats empty byte arrays as > all other byte arrays
+type BytesAffineComparable []byte
+
+func (b BytesAffineComparable) Compare(c Comparable) int {
+	bc := c.(BytesAffineComparable)
+
+	if len(b) == 0 {
+		if len(bc) == 0 {
+			return 0
+		}
+		return 1
+	}
+	if len(bc) == 0 {
+		return -1
+	}
+
+	return bytes.Compare(b, bc)
+}
+
+func NewBytesAffineInterval(begin, end []byte) Interval {
+	return Interval{BytesAffineComparable(begin), BytesAffineComparable(end)}
+}
+func NewBytesAffinePoint(b []byte) Interval {
+	be := make([]byte, len(b)+1)
+	copy(be, b)
+	be[len(b)] = 0
+	return NewBytesAffineInterval(b, be)
+}
diff --git a/vendor/github.com/coreos/etcd/pkg/debugutil/doc.go b/vendor/github.com/coreos/etcd/pkg/debugutil/doc.go
new file mode 100644
index 000000000000..74499eb2737e
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/pkg/debugutil/doc.go
@@ -0,0 +1,16 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package debugutil includes utility functions for debugging.
+package debugutil
diff --git a/vendor/github.com/coreos/etcd/pkg/debugutil/pprof.go b/vendor/github.com/coreos/etcd/pkg/debugutil/pprof.go
new file mode 100644
index 000000000000..8d5544a3dcac
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/pkg/debugutil/pprof.go
@@ -0,0 +1,47 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package debugutil
+
+import (
+	"net/http"
+	"net/http/pprof"
+	"runtime"
+)
+
+const HTTPPrefixPProf = "/debug/pprof"
+
+// PProfHandlers returns a map of pprof handlers keyed by the HTTP path.
+func PProfHandlers() map[string]http.Handler {
+	// set only when there's no existing setting
+	if runtime.SetMutexProfileFraction(-1) == 0 {
+		// 1 out of 5 mutex events are reported, on average
+		runtime.SetMutexProfileFraction(5)
+	}
+
+	m := make(map[string]http.Handler)
+
+	m[HTTPPrefixPProf+"/"] = http.HandlerFunc(pprof.Index)
+	m[HTTPPrefixPProf+"/profile"] = http.HandlerFunc(pprof.Profile)
+	m[HTTPPrefixPProf+"/symbol"] = http.HandlerFunc(pprof.Symbol)
+	m[HTTPPrefixPProf+"/cmdline"] = http.HandlerFunc(pprof.Cmdline)
+	m[HTTPPrefixPProf+"/trace "] = http.HandlerFunc(pprof.Trace)
+	m[HTTPPrefixPProf+"/heap"] = pprof.Handler("heap")
+	m[HTTPPrefixPProf+"/goroutine"] = pprof.Handler("goroutine")
+	m[HTTPPrefixPProf+"/threadcreate"] = pprof.Handler("threadcreate")
+	m[HTTPPrefixPProf+"/block"] = pprof.Handler("block")
+	m[HTTPPrefixPProf+"/mutex"] = pprof.Handler("mutex")
+
+	return m
+}
diff --git a/vendor/github.com/coreos/etcd/pkg/fileutil/fileutil.go b/vendor/github.com/coreos/etcd/pkg/fileutil/fileutil.go
index aad40b75904c..fce5126c6956 100644
--- a/vendor/github.com/coreos/etcd/pkg/fileutil/fileutil.go
+++ b/vendor/github.com/coreos/etcd/pkg/fileutil/fileutil.go
@@ -17,6 +17,7 @@ package fileutil
 
 import (
 	"fmt"
+	"io"
 	"io/ioutil"
 	"os"
 	"path/filepath"
@@ -101,11 +102,11 @@ func Exist(name string) bool {
 // shorten the length of the file.
 func ZeroToEnd(f *os.File) error {
 	// TODO: support FALLOC_FL_ZERO_RANGE
-	off, err := f.Seek(0, os.SEEK_CUR)
+	off, err := f.Seek(0, io.SeekCurrent)
 	if err != nil {
 		return err
 	}
-	lenf, lerr := f.Seek(0, os.SEEK_END)
+	lenf, lerr := f.Seek(0, io.SeekEnd)
 	if lerr != nil {
 		return lerr
 	}
@@ -116,6 +117,6 @@ func ZeroToEnd(f *os.File) error {
 	if err = Preallocate(f, lenf, true); err != nil {
 		return err
 	}
-	_, err = f.Seek(off, os.SEEK_SET)
+	_, err = f.Seek(off, io.SeekStart)
 	return err
 }
diff --git a/vendor/github.com/coreos/etcd/pkg/fileutil/lock_linux.go b/vendor/github.com/coreos/etcd/pkg/fileutil/lock_linux.go
index dec25a1af44d..939fea623818 100644
--- a/vendor/github.com/coreos/etcd/pkg/fileutil/lock_linux.go
+++ b/vendor/github.com/coreos/etcd/pkg/fileutil/lock_linux.go
@@ -17,6 +17,7 @@
 package fileutil
 
 import (
+	"io"
 	"os"
 	"syscall"
 )
@@ -36,7 +37,7 @@ const (
 var (
 	wrlck = syscall.Flock_t{
 		Type:   syscall.F_WRLCK,
-		Whence: int16(os.SEEK_SET),
+		Whence: int16(io.SeekStart),
 		Start:  0,
 		Len:    0,
 	}
diff --git a/vendor/github.com/coreos/etcd/pkg/fileutil/preallocate.go b/vendor/github.com/coreos/etcd/pkg/fileutil/preallocate.go
index bb7f02812393..c747b7cf81f9 100644
--- a/vendor/github.com/coreos/etcd/pkg/fileutil/preallocate.go
+++ b/vendor/github.com/coreos/etcd/pkg/fileutil/preallocate.go
@@ -14,7 +14,10 @@
 
 package fileutil
 
-import "os"
+import (
+	"io"
+	"os"
+)
 
 // Preallocate tries to allocate the space for given
 // file. This operation is only supported on linux by a
@@ -22,6 +25,10 @@ import "os"
 // If the operation is unsupported, no error will be returned.
 // Otherwise, the error encountered will be returned.
 func Preallocate(f *os.File, sizeInBytes int64, extendFile bool) error {
+	if sizeInBytes == 0 {
+		// fallocate will return EINVAL if length is 0; skip
+		return nil
+	}
 	if extendFile {
 		return preallocExtend(f, sizeInBytes)
 	}
@@ -29,15 +36,15 @@ func Preallocate(f *os.File, sizeInBytes int64, extendFile bool) error {
 }
 
 func preallocExtendTrunc(f *os.File, sizeInBytes int64) error {
-	curOff, err := f.Seek(0, os.SEEK_CUR)
+	curOff, err := f.Seek(0, io.SeekCurrent)
 	if err != nil {
 		return err
 	}
-	size, err := f.Seek(sizeInBytes, os.SEEK_END)
+	size, err := f.Seek(sizeInBytes, io.SeekEnd)
 	if err != nil {
 		return err
 	}
-	if _, err = f.Seek(curOff, os.SEEK_SET); err != nil {
+	if _, err = f.Seek(curOff, io.SeekStart); err != nil {
 		return err
 	}
 	if sizeInBytes > size {
diff --git a/vendor/github.com/coreos/etcd/pkg/httputil/httputil.go b/vendor/github.com/coreos/etcd/pkg/httputil/httputil.go
index 859fc9d49e1c..09f44e7c71d9 100644
--- a/vendor/github.com/coreos/etcd/pkg/httputil/httputil.go
+++ b/vendor/github.com/coreos/etcd/pkg/httputil/httputil.go
@@ -13,15 +13,6 @@ import (
 	"net/http"
 )
 
-func RequestCanceler(req *http.Request) func() {
-	ch := make(chan struct{})
-	req.Cancel = ch
-
-	return func() {
-		close(ch)
-	}
-}
-
 // GracefulClose drains http.Response.Body until it hits EOF
 // and closes it. This prevents TCP/TLS connections from closing,
 // therefore available for reuse.
diff --git a/vendor/github.com/coreos/etcd/pkg/idutil/id.go b/vendor/github.com/coreos/etcd/pkg/idutil/id.go
index 931beb2d0583..2da210626571 100644
--- a/vendor/github.com/coreos/etcd/pkg/idutil/id.go
+++ b/vendor/github.com/coreos/etcd/pkg/idutil/id.go
@@ -32,8 +32,8 @@ const (
 // a node member ID.
 //
 // The initial id is in this format:
-// High order byte is memberID, next 5 bytes are from timestamp,
-// and low order 2 bytes are 0s.
+// High order 2 bytes are from memberID, next 5 bytes are from timestamp,
+// and low order one byte is a counter.
 // | prefix   | suffix              |
 // | 2 bytes  | 5 bytes   | 1 byte  |
 // | memberID | timestamp | cnt     |
diff --git a/vendor/github.com/coreos/etcd/pkg/netutil/netutil.go b/vendor/github.com/coreos/etcd/pkg/netutil/netutil.go
index bb5f392b34c5..5e38dc98dbfe 100644
--- a/vendor/github.com/coreos/etcd/pkg/netutil/netutil.go
+++ b/vendor/github.com/coreos/etcd/pkg/netutil/netutil.go
@@ -16,14 +16,13 @@
 package netutil
 
 import (
+	"context"
 	"net"
 	"net/url"
 	"reflect"
 	"sort"
 	"time"
 
-	"golang.org/x/net/context"
-
 	"github.com/coreos/etcd/pkg/types"
 	"github.com/coreos/pkg/capnslog"
 )
@@ -32,11 +31,38 @@ var (
 	plog = capnslog.NewPackageLogger("github.com/coreos/etcd", "pkg/netutil")
 
 	// indirection for testing
-	resolveTCPAddr = net.ResolveTCPAddr
+	resolveTCPAddr = resolveTCPAddrDefault
 )
 
 const retryInterval = time.Second
 
+// taken from go's ResolveTCP code but uses configurable ctx
+func resolveTCPAddrDefault(ctx context.Context, addr string) (*net.TCPAddr, error) {
+	host, port, serr := net.SplitHostPort(addr)
+	if serr != nil {
+		return nil, serr
+	}
+	portnum, perr := net.DefaultResolver.LookupPort(ctx, "tcp", port)
+	if perr != nil {
+		return nil, perr
+	}
+
+	var ips []net.IPAddr
+	if ip := net.ParseIP(host); ip != nil {
+		ips = []net.IPAddr{{IP: ip}}
+	} else {
+		// Try as a DNS name.
+		ipss, err := net.DefaultResolver.LookupIPAddr(ctx, host)
+		if err != nil {
+			return nil, err
+		}
+		ips = ipss
+	}
+	// randomize?
+	ip := ips[0]
+	return &net.TCPAddr{IP: ip.IP, Port: portnum, Zone: ip.Zone}, nil
+}
+
 // resolveTCPAddrs is a convenience wrapper for net.ResolveTCPAddr.
 // resolveTCPAddrs return a new set of url.URLs, in which all DNS hostnames
 // are resolved.
@@ -75,7 +101,7 @@ func resolveURL(ctx context.Context, u url.URL) (string, error) {
 		if host == "localhost" || net.ParseIP(host) != nil {
 			return "", nil
 		}
-		tcpAddr, err := resolveTCPAddr("tcp", u.Host)
+		tcpAddr, err := resolveTCPAddr(ctx, u.Host)
 		if err == nil {
 			plog.Infof("resolving %s to %s", u.Host, tcpAddr.String())
 			return tcpAddr.String(), nil
diff --git a/vendor/github.com/coreos/etcd/pkg/schedule/schedule.go b/vendor/github.com/coreos/etcd/pkg/schedule/schedule.go
index 79c59b01288a..bf8528b753a0 100644
--- a/vendor/github.com/coreos/etcd/pkg/schedule/schedule.go
+++ b/vendor/github.com/coreos/etcd/pkg/schedule/schedule.go
@@ -88,8 +88,6 @@ func (f *fifo) Schedule(j Job) {
 		}
 	}
 	f.pendings = append(f.pendings, j)
-
-	return
 }
 
 func (f *fifo) Pending() int {
diff --git a/vendor/github.com/coreos/etcd/pkg/srv/srv.go b/vendor/github.com/coreos/etcd/pkg/srv/srv.go
new file mode 100644
index 000000000000..fefcbcb4b889
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/pkg/srv/srv.go
@@ -0,0 +1,140 @@
+// Copyright 2015 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package srv looks up DNS SRV records.
+package srv
+
+import (
+	"fmt"
+	"net"
+	"net/url"
+	"strings"
+
+	"github.com/coreos/etcd/pkg/types"
+)
+
+var (
+	// indirection for testing
+	lookupSRV      = net.LookupSRV // net.DefaultResolver.LookupSRV when ctxs don't conflict
+	resolveTCPAddr = net.ResolveTCPAddr
+)
+
+// GetCluster gets the cluster information via DNS discovery.
+// Also sees each entry as a separate instance.
+func GetCluster(service, name, dns string, apurls types.URLs) ([]string, error) {
+	tempName := int(0)
+	tcp2ap := make(map[string]url.URL)
+
+	// First, resolve the apurls
+	for _, url := range apurls {
+		tcpAddr, err := resolveTCPAddr("tcp", url.Host)
+		if err != nil {
+			return nil, err
+		}
+		tcp2ap[tcpAddr.String()] = url
+	}
+
+	stringParts := []string{}
+	updateNodeMap := func(service, scheme string) error {
+		_, addrs, err := lookupSRV(service, "tcp", dns)
+		if err != nil {
+			return err
+		}
+		for _, srv := range addrs {
+			port := fmt.Sprintf("%d", srv.Port)
+			host := net.JoinHostPort(srv.Target, port)
+			tcpAddr, terr := resolveTCPAddr("tcp", host)
+			if terr != nil {
+				err = terr
+				continue
+			}
+			n := ""
+			url, ok := tcp2ap[tcpAddr.String()]
+			if ok {
+				n = name
+			}
+			if n == "" {
+				n = fmt.Sprintf("%d", tempName)
+				tempName++
+			}
+			// SRV records have a trailing dot but URL shouldn't.
+			shortHost := strings.TrimSuffix(srv.Target, ".")
+			urlHost := net.JoinHostPort(shortHost, port)
+			stringParts = append(stringParts, fmt.Sprintf("%s=%s://%s", n, scheme, urlHost))
+			if ok && url.Scheme != scheme {
+				err = fmt.Errorf("bootstrap at %s from DNS for %s has scheme mismatch with expected peer %s", scheme+"://"+urlHost, service, url.String())
+			}
+		}
+		if len(stringParts) == 0 {
+			return err
+		}
+		return nil
+	}
+
+	failCount := 0
+	err := updateNodeMap(service+"-ssl", "https")
+	srvErr := make([]string, 2)
+	if err != nil {
+		srvErr[0] = fmt.Sprintf("error querying DNS SRV records for _%s-ssl %s", service, err)
+		failCount++
+	}
+	err = updateNodeMap(service, "http")
+	if err != nil {
+		srvErr[1] = fmt.Sprintf("error querying DNS SRV records for _%s %s", service, err)
+		failCount++
+	}
+	if failCount == 2 {
+		return nil, fmt.Errorf("srv: too many errors querying DNS SRV records (%q, %q)", srvErr[0], srvErr[1])
+	}
+	return stringParts, nil
+}
+
+type SRVClients struct {
+	Endpoints []string
+	SRVs      []*net.SRV
+}
+
+// GetClient looks up the client endpoints for a service and domain.
+func GetClient(service, domain string) (*SRVClients, error) {
+	var urls []*url.URL
+	var srvs []*net.SRV
+
+	updateURLs := func(service, scheme string) error {
+		_, addrs, err := lookupSRV(service, "tcp", domain)
+		if err != nil {
+			return err
+		}
+		for _, srv := range addrs {
+			urls = append(urls, &url.URL{
+				Scheme: scheme,
+				Host:   net.JoinHostPort(srv.Target, fmt.Sprintf("%d", srv.Port)),
+			})
+		}
+		srvs = append(srvs, addrs...)
+		return nil
+	}
+
+	errHTTPS := updateURLs(service+"-ssl", "https")
+	errHTTP := updateURLs(service, "http")
+
+	if errHTTPS != nil && errHTTP != nil {
+		return nil, fmt.Errorf("dns lookup errors: %s and %s", errHTTPS, errHTTP)
+	}
+
+	endpoints := make([]string, len(urls))
+	for i := range urls {
+		endpoints[i] = urls[i].String()
+	}
+	return &SRVClients{Endpoints: endpoints, SRVs: srvs}, nil
+}
diff --git a/vendor/github.com/coreos/etcd/pkg/transport/listener.go b/vendor/github.com/coreos/etcd/pkg/transport/listener.go
index 4fcdb5ad9a37..3b58b41543f2 100644
--- a/vendor/github.com/coreos/etcd/pkg/transport/listener.go
+++ b/vendor/github.com/coreos/etcd/pkg/transport/listener.go
@@ -23,22 +23,21 @@ import (
 	"crypto/x509/pkix"
 	"encoding/pem"
 	"fmt"
-	"log"
 	"math/big"
 	"net"
 	"os"
 	"path/filepath"
+	"strings"
 	"time"
 
-	"github.com/coreos/etcd/pkg/fileutil"
 	"github.com/coreos/etcd/pkg/tlsutil"
 )
 
-func NewListener(addr, scheme string, tlscfg *tls.Config) (l net.Listener, err error) {
+func NewListener(addr, scheme string, tlsinfo *TLSInfo) (l net.Listener, err error) {
 	if l, err = newListener(addr, scheme); err != nil {
 		return nil, err
 	}
-	return wrapTLS(addr, scheme, tlscfg, l)
+	return wrapTLS(addr, scheme, tlsinfo, l)
 }
 
 func newListener(addr string, scheme string) (net.Listener, error) {
@@ -49,15 +48,11 @@ func newListener(addr string, scheme string) (net.Listener, error) {
 	return net.Listen("tcp", addr)
 }
 
-func wrapTLS(addr, scheme string, tlscfg *tls.Config, l net.Listener) (net.Listener, error) {
+func wrapTLS(addr, scheme string, tlsinfo *TLSInfo, l net.Listener) (net.Listener, error) {
 	if scheme != "https" && scheme != "unixs" {
 		return l, nil
 	}
-	if tlscfg == nil {
-		l.Close()
-		return nil, fmt.Errorf("cannot listen on TLS for %s: KeyFile and CertFile are not presented", scheme+"://"+addr)
-	}
-	return tls.NewListener(l, tlscfg), nil
+	return newTLSListener(l, tlsinfo)
 }
 
 type TLSInfo struct {
@@ -70,6 +65,10 @@ type TLSInfo struct {
 	// ServerName ensures the cert matches the given host in case of discovery / virtual hosting
 	ServerName string
 
+	// HandshakeFailure is optionally called when a connection fails to handshake. The
+	// connection will be closed immediately afterwards.
+	HandshakeFailure func(*tls.Conn, error)
+
 	selfCert bool
 
 	// parseFunc exists to simplify testing. Typically, parseFunc
@@ -86,7 +85,7 @@ func (info TLSInfo) Empty() bool {
 }
 
 func SelfCert(dirpath string, hosts []string) (info TLSInfo, err error) {
-	if err = fileutil.TouchDirAll(dirpath); err != nil {
+	if err = os.MkdirAll(dirpath, 0700); err != nil {
 		return
 	}
 
@@ -173,6 +172,14 @@ func (info TLSInfo) baseConfig() (*tls.Config, error) {
 		MinVersion:   tls.VersionTLS12,
 		ServerName:   info.ServerName,
 	}
+	// this only reloads certs when there's a client request
+	// TODO: support server-side refresh (e.g. inotify, SIGHUP), caching
+	cfg.GetCertificate = func(clientHello *tls.ClientHelloInfo) (*tls.Certificate, error) {
+		return tlsutil.NewCert(info.CertFile, info.KeyFile, info.parseFunc)
+	}
+	cfg.GetClientCertificate = func(unused *tls.CertificateRequestInfo) (*tls.Certificate, error) {
+		return tlsutil.NewCert(info.CertFile, info.KeyFile, info.parseFunc)
+	}
 	return cfg, nil
 }
 
@@ -235,9 +242,6 @@ func (info TLSInfo) ClientConfig() (*tls.Config, error) {
 		if err != nil {
 			return nil, err
 		}
-		// if given a CA, trust any host with a cert signed by the CA
-		log.Println("warning: ignoring ServerName for user-provided CA for backwards compatibility is deprecated")
-		cfg.ServerName = ""
 	}
 
 	if info.selfCert {
@@ -246,31 +250,11 @@ func (info TLSInfo) ClientConfig() (*tls.Config, error) {
 	return cfg, nil
 }
 
-// ShallowCopyTLSConfig copies *tls.Config. This is only
-// work-around for go-vet tests, which complains
-//
-//   assignment copies lock value to p: crypto/tls.Config contains sync.Once contains sync.Mutex
-//
-// Keep up-to-date with 'go/src/crypto/tls/common.go'
-func ShallowCopyTLSConfig(cfg *tls.Config) *tls.Config {
-	ncfg := tls.Config{
-		Time:                     cfg.Time,
-		Certificates:             cfg.Certificates,
-		NameToCertificate:        cfg.NameToCertificate,
-		GetCertificate:           cfg.GetCertificate,
-		RootCAs:                  cfg.RootCAs,
-		NextProtos:               cfg.NextProtos,
-		ServerName:               cfg.ServerName,
-		ClientAuth:               cfg.ClientAuth,
-		ClientCAs:                cfg.ClientCAs,
-		InsecureSkipVerify:       cfg.InsecureSkipVerify,
-		CipherSuites:             cfg.CipherSuites,
-		PreferServerCipherSuites: cfg.PreferServerCipherSuites,
-		SessionTicketKey:         cfg.SessionTicketKey,
-		ClientSessionCache:       cfg.ClientSessionCache,
-		MinVersion:               cfg.MinVersion,
-		MaxVersion:               cfg.MaxVersion,
-		CurvePreferences:         cfg.CurvePreferences,
-	}
-	return &ncfg
+// IsClosedConnError returns true if the error is from closing listener, cmux.
+// copied from golang.org/x/net/http2/http2.go
+func IsClosedConnError(err error) bool {
+	// 'use of closed network connection' (Go <=1.8)
+	// 'use of closed file or network connection' (Go >1.8, internal/poll.ErrClosing)
+	// 'mux: listener closed' (cmux.ErrListenerClosed)
+	return err != nil && strings.Contains(err.Error(), "closed")
 }
diff --git a/vendor/github.com/coreos/etcd/pkg/transport/listener_tls.go b/vendor/github.com/coreos/etcd/pkg/transport/listener_tls.go
new file mode 100644
index 000000000000..86511860335a
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/pkg/transport/listener_tls.go
@@ -0,0 +1,217 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package transport
+
+import (
+	"context"
+	"crypto/tls"
+	"crypto/x509"
+	"fmt"
+	"net"
+	"strings"
+	"sync"
+)
+
+// tlsListener overrides a TLS listener so it will reject client
+// certificates with insufficient SAN credentials.
+type tlsListener struct {
+	net.Listener
+	connc            chan net.Conn
+	donec            chan struct{}
+	err              error
+	handshakeFailure func(*tls.Conn, error)
+}
+
+func newTLSListener(l net.Listener, tlsinfo *TLSInfo) (net.Listener, error) {
+	if tlsinfo == nil || tlsinfo.Empty() {
+		l.Close()
+		return nil, fmt.Errorf("cannot listen on TLS for %s: KeyFile and CertFile are not presented", l.Addr().String())
+	}
+	tlscfg, err := tlsinfo.ServerConfig()
+	if err != nil {
+		return nil, err
+	}
+
+	hf := tlsinfo.HandshakeFailure
+	if hf == nil {
+		hf = func(*tls.Conn, error) {}
+	}
+	tlsl := &tlsListener{
+		Listener:         tls.NewListener(l, tlscfg),
+		connc:            make(chan net.Conn),
+		donec:            make(chan struct{}),
+		handshakeFailure: hf,
+	}
+	go tlsl.acceptLoop()
+	return tlsl, nil
+}
+
+func (l *tlsListener) Accept() (net.Conn, error) {
+	select {
+	case conn := <-l.connc:
+		return conn, nil
+	case <-l.donec:
+		return nil, l.err
+	}
+}
+
+// acceptLoop launches each TLS handshake in a separate goroutine
+// to prevent a hanging TLS connection from blocking other connections.
+func (l *tlsListener) acceptLoop() {
+	var wg sync.WaitGroup
+	var pendingMu sync.Mutex
+
+	pending := make(map[net.Conn]struct{})
+	ctx, cancel := context.WithCancel(context.Background())
+	defer func() {
+		cancel()
+		pendingMu.Lock()
+		for c := range pending {
+			c.Close()
+		}
+		pendingMu.Unlock()
+		wg.Wait()
+		close(l.donec)
+	}()
+
+	for {
+		conn, err := l.Listener.Accept()
+		if err != nil {
+			l.err = err
+			return
+		}
+
+		pendingMu.Lock()
+		pending[conn] = struct{}{}
+		pendingMu.Unlock()
+
+		wg.Add(1)
+		go func() {
+			defer func() {
+				if conn != nil {
+					conn.Close()
+				}
+				wg.Done()
+			}()
+
+			tlsConn := conn.(*tls.Conn)
+			herr := tlsConn.Handshake()
+			pendingMu.Lock()
+			delete(pending, conn)
+			pendingMu.Unlock()
+			if herr != nil {
+				l.handshakeFailure(tlsConn, herr)
+				return
+			}
+
+			st := tlsConn.ConnectionState()
+			if len(st.PeerCertificates) > 0 {
+				cert := st.PeerCertificates[0]
+				addr := tlsConn.RemoteAddr().String()
+				if cerr := checkCert(ctx, cert, addr); cerr != nil {
+					l.handshakeFailure(tlsConn, cerr)
+					return
+				}
+			}
+			select {
+			case l.connc <- tlsConn:
+				conn = nil
+			case <-ctx.Done():
+			}
+		}()
+	}
+}
+
+func checkCert(ctx context.Context, cert *x509.Certificate, remoteAddr string) error {
+	h, _, herr := net.SplitHostPort(remoteAddr)
+	if len(cert.IPAddresses) == 0 && len(cert.DNSNames) == 0 {
+		return nil
+	}
+	if herr != nil {
+		return herr
+	}
+	if len(cert.IPAddresses) > 0 {
+		cerr := cert.VerifyHostname(h)
+		if cerr == nil {
+			return nil
+		}
+		if len(cert.DNSNames) == 0 {
+			return cerr
+		}
+	}
+	if len(cert.DNSNames) > 0 {
+		ok, err := isHostInDNS(ctx, h, cert.DNSNames)
+		if ok {
+			return nil
+		}
+		errStr := ""
+		if err != nil {
+			errStr = " (" + err.Error() + ")"
+		}
+		return fmt.Errorf("tls: %q does not match any of DNSNames %q"+errStr, h, cert.DNSNames)
+	}
+	return nil
+}
+
+func isHostInDNS(ctx context.Context, host string, dnsNames []string) (ok bool, err error) {
+	// reverse lookup
+	wildcards, names := []string{}, []string{}
+	for _, dns := range dnsNames {
+		if strings.HasPrefix(dns, "*.") {
+			wildcards = append(wildcards, dns[1:])
+		} else {
+			names = append(names, dns)
+		}
+	}
+	lnames, lerr := net.DefaultResolver.LookupAddr(ctx, host)
+	for _, name := range lnames {
+		// strip trailing '.' from PTR record
+		if name[len(name)-1] == '.' {
+			name = name[:len(name)-1]
+		}
+		for _, wc := range wildcards {
+			if strings.HasSuffix(name, wc) {
+				return true, nil
+			}
+		}
+		for _, n := range names {
+			if n == name {
+				return true, nil
+			}
+		}
+	}
+	err = lerr
+
+	// forward lookup
+	for _, dns := range names {
+		addrs, lerr := net.DefaultResolver.LookupHost(ctx, dns)
+		if lerr != nil {
+			err = lerr
+			continue
+		}
+		for _, addr := range addrs {
+			if addr == host {
+				return true, nil
+			}
+		}
+	}
+	return false, err
+}
+
+func (l *tlsListener) Close() error {
+	err := l.Listener.Close()
+	<-l.donec
+	return err
+}
diff --git a/vendor/github.com/coreos/etcd/pkg/transport/timeout_listener.go b/vendor/github.com/coreos/etcd/pkg/transport/timeout_listener.go
index 0f4df5fbe3b2..b35e04955bb0 100644
--- a/vendor/github.com/coreos/etcd/pkg/transport/timeout_listener.go
+++ b/vendor/github.com/coreos/etcd/pkg/transport/timeout_listener.go
@@ -15,7 +15,6 @@
 package transport
 
 import (
-	"crypto/tls"
 	"net"
 	"time"
 )
@@ -23,7 +22,7 @@ import (
 // NewTimeoutListener returns a listener that listens on the given address.
 // If read/write on the accepted connection blocks longer than its time limit,
 // it will return timeout error.
-func NewTimeoutListener(addr string, scheme string, tlscfg *tls.Config, rdtimeoutd, wtimeoutd time.Duration) (net.Listener, error) {
+func NewTimeoutListener(addr string, scheme string, tlsinfo *TLSInfo, rdtimeoutd, wtimeoutd time.Duration) (net.Listener, error) {
 	ln, err := newListener(addr, scheme)
 	if err != nil {
 		return nil, err
@@ -33,7 +32,7 @@ func NewTimeoutListener(addr string, scheme string, tlscfg *tls.Config, rdtimeou
 		rdtimeoutd: rdtimeoutd,
 		wtimeoutd:  wtimeoutd,
 	}
-	if ln, err = wrapTLS(addr, scheme, tlscfg, ln); err != nil {
+	if ln, err = wrapTLS(addr, scheme, tlsinfo, ln); err != nil {
 		return nil, err
 	}
 	return ln, nil
diff --git a/vendor/github.com/coreos/etcd/pkg/transport/unix_listener.go b/vendor/github.com/coreos/etcd/pkg/transport/unix_listener.go
index c126b6f7fa04..123e2036f0f0 100644
--- a/vendor/github.com/coreos/etcd/pkg/transport/unix_listener.go
+++ b/vendor/github.com/coreos/etcd/pkg/transport/unix_listener.go
@@ -22,7 +22,7 @@ import (
 type unixListener struct{ net.Listener }
 
 func NewUnixListener(addr string) (net.Listener, error) {
-	if err := os.RemoveAll(addr); err != nil {
+	if err := os.Remove(addr); err != nil && !os.IsNotExist(err) {
 		return nil, err
 	}
 	l, err := net.Listen("unix", addr)
@@ -33,7 +33,7 @@ func NewUnixListener(addr string) (net.Listener, error) {
 }
 
 func (ul *unixListener) Close() error {
-	if err := os.RemoveAll(ul.Addr().String()); err != nil {
+	if err := os.Remove(ul.Addr().String()); err != nil && !os.IsNotExist(err) {
 		return err
 	}
 	return ul.Listener.Close()
diff --git a/vendor/github.com/coreos/etcd/pkg/wait/wait.go b/vendor/github.com/coreos/etcd/pkg/wait/wait.go
index 0f31eeb9790b..34fa237e825b 100644
--- a/vendor/github.com/coreos/etcd/pkg/wait/wait.go
+++ b/vendor/github.com/coreos/etcd/pkg/wait/wait.go
@@ -21,22 +21,29 @@ import (
 	"sync"
 )
 
+// Wait is an interface that provides the ability to wait and trigger events that
+// are associated with IDs.
 type Wait interface {
+	// Register waits returns a chan that waits on the given ID.
+	// The chan will be triggered when Trigger is called with
+	// the same ID.
 	Register(id uint64) <-chan interface{}
+	// Trigger triggers the waiting chans with the given ID.
 	Trigger(id uint64, x interface{})
 	IsRegistered(id uint64) bool
 }
 
-type List struct {
+type list struct {
 	l sync.Mutex
 	m map[uint64]chan interface{}
 }
 
-func New() *List {
-	return &List{m: make(map[uint64]chan interface{})}
+// New creates a Wait.
+func New() Wait {
+	return &list{m: make(map[uint64]chan interface{})}
 }
 
-func (w *List) Register(id uint64) <-chan interface{} {
+func (w *list) Register(id uint64) <-chan interface{} {
 	w.l.Lock()
 	defer w.l.Unlock()
 	ch := w.m[id]
@@ -49,7 +56,7 @@ func (w *List) Register(id uint64) <-chan interface{} {
 	return ch
 }
 
-func (w *List) Trigger(id uint64, x interface{}) {
+func (w *list) Trigger(id uint64, x interface{}) {
 	w.l.Lock()
 	ch := w.m[id]
 	delete(w.m, id)
@@ -60,7 +67,7 @@ func (w *List) Trigger(id uint64, x interface{}) {
 	}
 }
 
-func (w *List) IsRegistered(id uint64) bool {
+func (w *list) IsRegistered(id uint64) bool {
 	w.l.Lock()
 	defer w.l.Unlock()
 	_, ok := w.m[id]
diff --git a/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/chan_stream.go b/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/chan_stream.go
new file mode 100644
index 000000000000..3aa01f2052b1
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/chan_stream.go
@@ -0,0 +1,165 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package adapter
+
+import (
+	"golang.org/x/net/context"
+
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/metadata"
+)
+
+// chanServerStream implements grpc.ServerStream with a chanStream
+type chanServerStream struct {
+	headerc  chan<- metadata.MD
+	trailerc chan<- metadata.MD
+	grpc.Stream
+
+	headers []metadata.MD
+}
+
+func (ss *chanServerStream) SendHeader(md metadata.MD) error {
+	if ss.headerc == nil {
+		return errAlreadySentHeader
+	}
+	outmd := make(map[string][]string)
+	for _, h := range append(ss.headers, md) {
+		for k, v := range h {
+			outmd[k] = v
+		}
+	}
+	select {
+	case ss.headerc <- outmd:
+		ss.headerc = nil
+		ss.headers = nil
+		return nil
+	case <-ss.Context().Done():
+	}
+	return ss.Context().Err()
+}
+
+func (ss *chanServerStream) SetHeader(md metadata.MD) error {
+	if ss.headerc == nil {
+		return errAlreadySentHeader
+	}
+	ss.headers = append(ss.headers, md)
+	return nil
+}
+
+func (ss *chanServerStream) SetTrailer(md metadata.MD) {
+	ss.trailerc <- md
+}
+
+// chanClientStream implements grpc.ClientStream with a chanStream
+type chanClientStream struct {
+	headerc  <-chan metadata.MD
+	trailerc <-chan metadata.MD
+	*chanStream
+}
+
+func (cs *chanClientStream) Header() (metadata.MD, error) {
+	select {
+	case md := <-cs.headerc:
+		return md, nil
+	case <-cs.Context().Done():
+	}
+	return nil, cs.Context().Err()
+}
+
+func (cs *chanClientStream) Trailer() metadata.MD {
+	select {
+	case md := <-cs.trailerc:
+		return md
+	case <-cs.Context().Done():
+		return nil
+	}
+}
+
+func (cs *chanClientStream) CloseSend() error {
+	close(cs.chanStream.sendc)
+	return nil
+}
+
+// chanStream implements grpc.Stream using channels
+type chanStream struct {
+	recvc  <-chan interface{}
+	sendc  chan<- interface{}
+	ctx    context.Context
+	cancel context.CancelFunc
+}
+
+func (s *chanStream) Context() context.Context { return s.ctx }
+
+func (s *chanStream) SendMsg(m interface{}) error {
+	select {
+	case s.sendc <- m:
+		if err, ok := m.(error); ok {
+			return err
+		}
+		return nil
+	case <-s.ctx.Done():
+	}
+	return s.ctx.Err()
+}
+
+func (s *chanStream) RecvMsg(m interface{}) error {
+	v := m.(*interface{})
+	for {
+		select {
+		case msg, ok := <-s.recvc:
+			if !ok {
+				return grpc.ErrClientConnClosing
+			}
+			if err, ok := msg.(error); ok {
+				return err
+			}
+			*v = msg
+			return nil
+		case <-s.ctx.Done():
+		}
+		if len(s.recvc) == 0 {
+			// prioritize any pending recv messages over canceled context
+			break
+		}
+	}
+	return s.ctx.Err()
+}
+
+func newPipeStream(ctx context.Context, ssHandler func(chanServerStream) error) chanClientStream {
+	// ch1 is buffered so server can send error on close
+	ch1, ch2 := make(chan interface{}, 1), make(chan interface{})
+	headerc, trailerc := make(chan metadata.MD, 1), make(chan metadata.MD, 1)
+
+	cctx, ccancel := context.WithCancel(ctx)
+	cli := &chanStream{recvc: ch1, sendc: ch2, ctx: cctx, cancel: ccancel}
+	cs := chanClientStream{headerc, trailerc, cli}
+
+	sctx, scancel := context.WithCancel(ctx)
+	srv := &chanStream{recvc: ch2, sendc: ch1, ctx: sctx, cancel: scancel}
+	ss := chanServerStream{headerc, trailerc, srv, nil}
+
+	go func() {
+		if err := ssHandler(ss); err != nil {
+			select {
+			case srv.sendc <- err:
+			case <-sctx.Done():
+			case <-cctx.Done():
+			}
+		}
+		scancel()
+		ccancel()
+	}()
+	return cs
+}
diff --git a/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/cluster_client_adapter.go b/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/cluster_client_adapter.go
new file mode 100644
index 000000000000..4ddf78e15ec1
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/cluster_client_adapter.go
@@ -0,0 +1,44 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package adapter
+
+import (
+	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
+
+	"golang.org/x/net/context"
+	"google.golang.org/grpc"
+)
+
+type cls2clc struct{ cls pb.ClusterServer }
+
+func ClusterServerToClusterClient(cls pb.ClusterServer) pb.ClusterClient {
+	return &cls2clc{cls}
+}
+
+func (s *cls2clc) MemberList(ctx context.Context, r *pb.MemberListRequest, opts ...grpc.CallOption) (*pb.MemberListResponse, error) {
+	return s.cls.MemberList(ctx, r)
+}
+
+func (s *cls2clc) MemberAdd(ctx context.Context, r *pb.MemberAddRequest, opts ...grpc.CallOption) (*pb.MemberAddResponse, error) {
+	return s.cls.MemberAdd(ctx, r)
+}
+
+func (s *cls2clc) MemberUpdate(ctx context.Context, r *pb.MemberUpdateRequest, opts ...grpc.CallOption) (*pb.MemberUpdateResponse, error) {
+	return s.cls.MemberUpdate(ctx, r)
+}
+
+func (s *cls2clc) MemberRemove(ctx context.Context, r *pb.MemberRemoveRequest, opts ...grpc.CallOption) (*pb.MemberRemoveResponse, error) {
+	return s.cls.MemberRemove(ctx, r)
+}
diff --git a/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/doc.go b/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/doc.go
new file mode 100644
index 000000000000..7170be233046
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/doc.go
@@ -0,0 +1,17 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package adapter provides gRPC adapters between client and server
+// gRPC interfaces without needing to go through a gRPC connection.
+package adapter
diff --git a/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/election_client_adapter.go b/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/election_client_adapter.go
new file mode 100644
index 000000000000..383c1b9d8fb4
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/election_client_adapter.go
@@ -0,0 +1,79 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package adapter
+
+import (
+	"github.com/coreos/etcd/etcdserver/api/v3election/v3electionpb"
+
+	"golang.org/x/net/context"
+	"google.golang.org/grpc"
+)
+
+type es2ec struct{ es v3electionpb.ElectionServer }
+
+func ElectionServerToElectionClient(es v3electionpb.ElectionServer) v3electionpb.ElectionClient {
+	return &es2ec{es}
+}
+
+func (s *es2ec) Campaign(ctx context.Context, r *v3electionpb.CampaignRequest, opts ...grpc.CallOption) (*v3electionpb.CampaignResponse, error) {
+	return s.es.Campaign(ctx, r)
+}
+
+func (s *es2ec) Proclaim(ctx context.Context, r *v3electionpb.ProclaimRequest, opts ...grpc.CallOption) (*v3electionpb.ProclaimResponse, error) {
+	return s.es.Proclaim(ctx, r)
+}
+
+func (s *es2ec) Leader(ctx context.Context, r *v3electionpb.LeaderRequest, opts ...grpc.CallOption) (*v3electionpb.LeaderResponse, error) {
+	return s.es.Leader(ctx, r)
+}
+
+func (s *es2ec) Resign(ctx context.Context, r *v3electionpb.ResignRequest, opts ...grpc.CallOption) (*v3electionpb.ResignResponse, error) {
+	return s.es.Resign(ctx, r)
+}
+
+func (s *es2ec) Observe(ctx context.Context, in *v3electionpb.LeaderRequest, opts ...grpc.CallOption) (v3electionpb.Election_ObserveClient, error) {
+	cs := newPipeStream(ctx, func(ss chanServerStream) error {
+		return s.es.Observe(in, &es2ecServerStream{ss})
+	})
+	return &es2ecClientStream{cs}, nil
+}
+
+// es2ecClientStream implements Election_ObserveClient
+type es2ecClientStream struct{ chanClientStream }
+
+// es2ecServerStream implements Election_ObserveServer
+type es2ecServerStream struct{ chanServerStream }
+
+func (s *es2ecClientStream) Send(rr *v3electionpb.LeaderRequest) error {
+	return s.SendMsg(rr)
+}
+func (s *es2ecClientStream) Recv() (*v3electionpb.LeaderResponse, error) {
+	var v interface{}
+	if err := s.RecvMsg(&v); err != nil {
+		return nil, err
+	}
+	return v.(*v3electionpb.LeaderResponse), nil
+}
+
+func (s *es2ecServerStream) Send(rr *v3electionpb.LeaderResponse) error {
+	return s.SendMsg(rr)
+}
+func (s *es2ecServerStream) Recv() (*v3electionpb.LeaderRequest, error) {
+	var v interface{}
+	if err := s.RecvMsg(&v); err != nil {
+		return nil, err
+	}
+	return v.(*v3electionpb.LeaderRequest), nil
+}
diff --git a/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/kv_client_adapter.go b/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/kv_client_adapter.go
new file mode 100644
index 000000000000..fec401d9dd0e
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/kv_client_adapter.go
@@ -0,0 +1,47 @@
+// Copyright 2016 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package adapter
+
+import (
+	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
+	"golang.org/x/net/context"
+	grpc "google.golang.org/grpc"
+)
+
+type kvs2kvc struct{ kvs pb.KVServer }
+
+func KvServerToKvClient(kvs pb.KVServer) pb.KVClient {
+	return &kvs2kvc{kvs}
+}
+
+func (s *kvs2kvc) Range(ctx context.Context, in *pb.RangeRequest, opts ...grpc.CallOption) (*pb.RangeResponse, error) {
+	return s.kvs.Range(ctx, in)
+}
+
+func (s *kvs2kvc) Put(ctx context.Context, in *pb.PutRequest, opts ...grpc.CallOption) (*pb.PutResponse, error) {
+	return s.kvs.Put(ctx, in)
+}
+
+func (s *kvs2kvc) DeleteRange(ctx context.Context, in *pb.DeleteRangeRequest, opts ...grpc.CallOption) (*pb.DeleteRangeResponse, error) {
+	return s.kvs.DeleteRange(ctx, in)
+}
+
+func (s *kvs2kvc) Txn(ctx context.Context, in *pb.TxnRequest, opts ...grpc.CallOption) (*pb.TxnResponse, error) {
+	return s.kvs.Txn(ctx, in)
+}
+
+func (s *kvs2kvc) Compact(ctx context.Context, in *pb.CompactionRequest, opts ...grpc.CallOption) (*pb.CompactionResponse, error) {
+	return s.kvs.Compact(ctx, in)
+}
diff --git a/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/lease_client_adapter.go b/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/lease_client_adapter.go
new file mode 100644
index 000000000000..d471fd9144be
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/lease_client_adapter.go
@@ -0,0 +1,77 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package adapter
+
+import (
+	"golang.org/x/net/context"
+
+	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
+	"google.golang.org/grpc"
+)
+
+type ls2lc struct {
+	leaseServer pb.LeaseServer
+}
+
+func LeaseServerToLeaseClient(ls pb.LeaseServer) pb.LeaseClient {
+	return &ls2lc{ls}
+}
+
+func (c *ls2lc) LeaseGrant(ctx context.Context, in *pb.LeaseGrantRequest, opts ...grpc.CallOption) (*pb.LeaseGrantResponse, error) {
+	return c.leaseServer.LeaseGrant(ctx, in)
+}
+
+func (c *ls2lc) LeaseRevoke(ctx context.Context, in *pb.LeaseRevokeRequest, opts ...grpc.CallOption) (*pb.LeaseRevokeResponse, error) {
+	return c.leaseServer.LeaseRevoke(ctx, in)
+}
+
+func (c *ls2lc) LeaseKeepAlive(ctx context.Context, opts ...grpc.CallOption) (pb.Lease_LeaseKeepAliveClient, error) {
+	cs := newPipeStream(ctx, func(ss chanServerStream) error {
+		return c.leaseServer.LeaseKeepAlive(&ls2lcServerStream{ss})
+	})
+	return &ls2lcClientStream{cs}, nil
+}
+
+func (c *ls2lc) LeaseTimeToLive(ctx context.Context, in *pb.LeaseTimeToLiveRequest, opts ...grpc.CallOption) (*pb.LeaseTimeToLiveResponse, error) {
+	return c.leaseServer.LeaseTimeToLive(ctx, in)
+}
+
+// ls2lcClientStream implements Lease_LeaseKeepAliveClient
+type ls2lcClientStream struct{ chanClientStream }
+
+// ls2lcServerStream implements Lease_LeaseKeepAliveServer
+type ls2lcServerStream struct{ chanServerStream }
+
+func (s *ls2lcClientStream) Send(rr *pb.LeaseKeepAliveRequest) error {
+	return s.SendMsg(rr)
+}
+func (s *ls2lcClientStream) Recv() (*pb.LeaseKeepAliveResponse, error) {
+	var v interface{}
+	if err := s.RecvMsg(&v); err != nil {
+		return nil, err
+	}
+	return v.(*pb.LeaseKeepAliveResponse), nil
+}
+
+func (s *ls2lcServerStream) Send(rr *pb.LeaseKeepAliveResponse) error {
+	return s.SendMsg(rr)
+}
+func (s *ls2lcServerStream) Recv() (*pb.LeaseKeepAliveRequest, error) {
+	var v interface{}
+	if err := s.RecvMsg(&v); err != nil {
+		return nil, err
+	}
+	return v.(*pb.LeaseKeepAliveRequest), nil
+}
diff --git a/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/lock_client_adapter.go b/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/lock_client_adapter.go
new file mode 100644
index 000000000000..05e5cb020a16
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/lock_client_adapter.go
@@ -0,0 +1,36 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package adapter
+
+import (
+	"github.com/coreos/etcd/etcdserver/api/v3lock/v3lockpb"
+
+	"golang.org/x/net/context"
+	"google.golang.org/grpc"
+)
+
+type ls2lsc struct{ ls v3lockpb.LockServer }
+
+func LockServerToLockClient(ls v3lockpb.LockServer) v3lockpb.LockClient {
+	return &ls2lsc{ls}
+}
+
+func (s *ls2lsc) Lock(ctx context.Context, r *v3lockpb.LockRequest, opts ...grpc.CallOption) (*v3lockpb.LockResponse, error) {
+	return s.ls.Lock(ctx, r)
+}
+
+func (s *ls2lsc) Unlock(ctx context.Context, r *v3lockpb.UnlockRequest, opts ...grpc.CallOption) (*v3lockpb.UnlockResponse, error) {
+	return s.ls.Unlock(ctx, r)
+}
diff --git a/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/maintenance_client_adapter.go b/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/maintenance_client_adapter.go
new file mode 100644
index 000000000000..9b21bf2576e2
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/maintenance_client_adapter.go
@@ -0,0 +1,79 @@
+// Copyright 2017 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package adapter
+
+import (
+	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
+
+	"golang.org/x/net/context"
+	"google.golang.org/grpc"
+)
+
+type mts2mtc struct{ mts pb.MaintenanceServer }
+
+func MaintenanceServerToMaintenanceClient(mts pb.MaintenanceServer) pb.MaintenanceClient {
+	return &mts2mtc{mts}
+}
+
+func (s *mts2mtc) Alarm(ctx context.Context, r *pb.AlarmRequest, opts ...grpc.CallOption) (*pb.AlarmResponse, error) {
+	return s.mts.Alarm(ctx, r)
+}
+
+func (s *mts2mtc) Status(ctx context.Context, r *pb.StatusRequest, opts ...grpc.CallOption) (*pb.StatusResponse, error) {
+	return s.mts.Status(ctx, r)
+}
+
+func (s *mts2mtc) Defragment(ctx context.Context, dr *pb.DefragmentRequest, opts ...grpc.CallOption) (*pb.DefragmentResponse, error) {
+	return s.mts.Defragment(ctx, dr)
+}
+
+func (s *mts2mtc) Hash(ctx context.Context, r *pb.HashRequest, opts ...grpc.CallOption) (*pb.HashResponse, error) {
+	return s.mts.Hash(ctx, r)
+}
+
+func (s *mts2mtc) Snapshot(ctx context.Context, in *pb.SnapshotRequest, opts ...grpc.CallOption) (pb.Maintenance_SnapshotClient, error) {
+	cs := newPipeStream(ctx, func(ss chanServerStream) error {
+		return s.mts.Snapshot(in, &ss2scServerStream{ss})
+	})
+	return &ss2scClientStream{cs}, nil
+}
+
+// ss2scClientStream implements Maintenance_SnapshotClient
+type ss2scClientStream struct{ chanClientStream }
+
+// ss2scServerStream implements Maintenance_SnapshotServer
+type ss2scServerStream struct{ chanServerStream }
+
+func (s *ss2scClientStream) Send(rr *pb.SnapshotRequest) error {
+	return s.SendMsg(rr)
+}
+func (s *ss2scClientStream) Recv() (*pb.SnapshotResponse, error) {
+	var v interface{}
+	if err := s.RecvMsg(&v); err != nil {
+		return nil, err
+	}
+	return v.(*pb.SnapshotResponse), nil
+}
+
+func (s *ss2scServerStream) Send(rr *pb.SnapshotResponse) error {
+	return s.SendMsg(rr)
+}
+func (s *ss2scServerStream) Recv() (*pb.SnapshotRequest, error) {
+	var v interface{}
+	if err := s.RecvMsg(&v); err != nil {
+		return nil, err
+	}
+	return v.(*pb.SnapshotRequest), nil
+}
diff --git a/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/watch_client_adapter.go b/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/watch_client_adapter.go
new file mode 100644
index 000000000000..af4a13c41520
--- /dev/null
+++ b/vendor/github.com/coreos/etcd/proxy/grpcproxy/adapter/watch_client_adapter.go
@@ -0,0 +1,66 @@
+// Copyright 2016 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package adapter
+
+import (
+	"errors"
+
+	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
+	"golang.org/x/net/context"
+	"google.golang.org/grpc"
+)
+
+var errAlreadySentHeader = errors.New("adapter: already sent header")
+
+type ws2wc struct{ wserv pb.WatchServer }
+
+func WatchServerToWatchClient(wserv pb.WatchServer) pb.WatchClient {
+	return &ws2wc{wserv}
+}
+
+func (s *ws2wc) Watch(ctx context.Context, opts ...grpc.CallOption) (pb.Watch_WatchClient, error) {
+	cs := newPipeStream(ctx, func(ss chanServerStream) error {
+		return s.wserv.Watch(&ws2wcServerStream{ss})
+	})
+	return &ws2wcClientStream{cs}, nil
+}
+
+// ws2wcClientStream implements Watch_WatchClient
+type ws2wcClientStream struct{ chanClientStream }
+
+// ws2wcServerStream implements Watch_WatchServer
+type ws2wcServerStream struct{ chanServerStream }
+
+func (s *ws2wcClientStream) Send(wr *pb.WatchRequest) error {
+	return s.SendMsg(wr)
+}
+func (s *ws2wcClientStream) Recv() (*pb.WatchResponse, error) {
+	var v interface{}
+	if err := s.RecvMsg(&v); err != nil {
+		return nil, err
+	}
+	return v.(*pb.WatchResponse), nil
+}
+
+func (s *ws2wcServerStream) Send(wr *pb.WatchResponse) error {
+	return s.SendMsg(wr)
+}
+func (s *ws2wcServerStream) Recv() (*pb.WatchRequest, error) {
+	var v interface{}
+	if err := s.RecvMsg(&v); err != nil {
+		return nil, err
+	}
+	return v.(*pb.WatchRequest), nil
+}
diff --git a/vendor/github.com/coreos/etcd/raft/README.md b/vendor/github.com/coreos/etcd/raft/README.md
index a724b9585790..f485b839771b 100644
--- a/vendor/github.com/coreos/etcd/raft/README.md
+++ b/vendor/github.com/coreos/etcd/raft/README.md
@@ -13,9 +13,7 @@ To keep the codebase small as well as provide flexibility, the library only impl
 
 In order to easily test the Raft library, its behavior should be deterministic. To achieve this determinism, the library models Raft as a state machine.  The state machine takes a `Message` as input. A message can either be a local timer update or a network message sent from a remote peer. The state machine's output is a 3-tuple `{[]Messages, []LogEntries, NextState}` consisting of an array of `Messages`, `log entries`, and `Raft state changes`. For state machines with the same state, the same state machine input should always generate the same state machine output.
 
-A simple example application, _raftexample_, is also available to help illustrate
-how to use this package in practice:
-https://github.com/coreos/etcd/tree/master/contrib/raftexample
+A simple example application, _raftexample_, is also available to help illustrate how to use this package in practice: https://github.com/coreos/etcd/tree/master/contrib/raftexample
 
 # Features
 
@@ -51,11 +49,11 @@ This raft implementation also includes a few optional enhancements:
 - [etcd](https://github.com/coreos/etcd) A distributed reliable key-value store
 - [tikv](https://github.com/pingcap/tikv) A Distributed transactional key value database powered by Rust and Raft
 - [swarmkit](https://github.com/docker/swarmkit) A toolkit for orchestrating distributed systems at any scale.
+- [chain core](https://github.com/chain/chain) Software for operating permissioned, multi-asset blockchain networks
 
 ## Usage
 
-The primary object in raft is a Node. You either start a Node from scratch
-using raft.StartNode or start a Node from some initial state using raft.RestartNode.
+The primary object in raft is a Node. Either start a Node from scratch using raft.StartNode or start a Node from some initial state using raft.RestartNode.
 
 To start a three-node cluster
 ```go
@@ -73,7 +71,7 @@ To start a three-node cluster
   n := raft.StartNode(c, []raft.Peer{{ID: 0x02}, {ID: 0x03}})
 ```
 
-You can start a single node cluster, like so:
+Start a single node cluster, like so:
 ```go
   // Create storage and config as shown above.
   // Set peer list to itself, so this node can become the leader of this single-node cluster.
@@ -81,7 +79,7 @@ You can start a single node cluster, like so:
   n := raft.StartNode(c, peers)
 ```
 
-To allow a new node to join this cluster, do not pass in any peers. First, you need add the node to the existing cluster by calling `ProposeConfChange` on any existing node inside the cluster. Then, you can start the node with empty peer list, like so:
+To allow a new node to join this cluster, do not pass in any peers. First, add the node to the existing cluster by calling `ProposeConfChange` on any existing node inside the cluster. Then, start the node with an empty peer list, like so:
 ```go
   // Create storage and config as shown above.
   n := raft.StartNode(c, nil)
@@ -110,46 +108,21 @@ To restart a node from previous state:
   n := raft.RestartNode(c)
 ```
 
-Now that you are holding onto a Node you have a few responsibilities:
-
-First, you must read from the Node.Ready() channel and process the updates
-it contains. These steps may be performed in parallel, except as noted in step
-2.
-
-1. Write HardState, Entries, and Snapshot to persistent storage if they are
-not empty. Note that when writing an Entry with Index i, any
-previously-persisted entries with Index >= i must be discarded.
-
-2. Send all Messages to the nodes named in the To field. It is important that
-no messages be sent until the latest HardState has been persisted to disk,
-and all Entries written by any previous Ready batch (Messages may be sent while
-entries from the same batch are being persisted). To reduce the I/O latency, an
-optimization can be applied to make leader write to disk in parallel with its
-followers (as explained at section 10.2.1 in Raft thesis). If any Message has type
-MsgSnap, call Node.ReportSnapshot() after it has been sent (these messages may be
-large). Note: Marshalling messages is not thread-safe; it is important that you
-make sure that no new entries are persisted while marshalling.
-The easiest way to achieve this is to serialise the messages directly inside
-your main raft loop.
-
-3. Apply Snapshot (if any) and CommittedEntries to the state machine.
-If any committed Entry has Type EntryConfChange, call Node.ApplyConfChange()
-to apply it to the node. The configuration change may be cancelled at this point
-by setting the NodeID field to zero before calling ApplyConfChange
-(but ApplyConfChange must be called one way or the other, and the decision to cancel
-must be based solely on the state machine and not external information such as
-the observed health of the node).
-
-4. Call Node.Advance() to signal readiness for the next batch of updates.
-This may be done at any time after step 1, although all updates must be processed
-in the order they were returned by Ready.
-
-Second, all persisted log entries must be made available via an
-implementation of the Storage interface. The provided MemoryStorage
-type can be used for this (if you repopulate its state upon a
-restart), or you can supply your own disk-backed implementation.
-
-Third, when you receive a message from another node, pass it to Node.Step:
+After creating a Node, the user has a few responsibilities:
+
+First, read from the Node.Ready() channel and process the updates it contains. These steps may be performed in parallel, except as noted in step 2.
+
+1. Write HardState, Entries, and Snapshot to persistent storage if they are not empty. Note that when writing an Entry with Index i, any previously-persisted entries with Index >= i must be discarded.
+
+2. Send all Messages to the nodes named in the To field. It is important that no messages be sent until the latest HardState has been persisted to disk, and all Entries written by any previous Ready batch (Messages may be sent while entries from the same batch are being persisted). To reduce the I/O latency, an optimization can be applied to make leader write to disk in parallel with its followers (as explained at section 10.2.1 in Raft thesis). If any Message has type MsgSnap, call Node.ReportSnapshot() after it has been sent (these messages may be large). Note: Marshalling messages is not thread-safe; it is important to make sure that no new entries are persisted while marshalling. The easiest way to achieve this is to serialise the messages directly inside the main raft loop.
+
+3. Apply Snapshot (if any) and CommittedEntries to the state machine. If any committed Entry has Type EntryConfChange, call Node.ApplyConfChange() to apply it to the node. The configuration change may be cancelled at this point by setting the NodeID field to zero before calling ApplyConfChange (but ApplyConfChange must be called one way or the other, and the decision to cancel must be based solely on the state machine and not external information such as the observed health of the node).
+
+4. Call Node.Advance() to signal readiness for the next batch of updates. This may be done at any time after step 1, although all updates must be processed in the order they were returned by Ready.
+
+Second, all persisted log entries must be made available via an implementation of the Storage interface. The provided MemoryStorage type can be used for this (if repopulating its state upon a restart), or a custom disk-backed implementation can be supplied.
+
+Third, after receiving a message from another node, pass it to Node.Step:
 
 ```go
 	func recvRaftRPC(ctx context.Context, m raftpb.Message) {
@@ -157,10 +130,7 @@ Third, when you receive a message from another node, pass it to Node.Step:
 	}
 ```
 
-Finally, you need to call `Node.Tick()` at regular intervals (probably
-via a `time.Ticker`). Raft has two important timeouts: heartbeat and the
-election timeout. However, internally to the raft package time is
-represented by an abstract "tick".
+Finally, call `Node.Tick()` at regular intervals (probably via a `time.Ticker`). Raft has two important timeouts: heartbeat and the election timeout. However, internally to the raft package time is represented by an abstract "tick".
 
 The total state machine handling loop will look something like this:
 
@@ -190,16 +160,13 @@ The total state machine handling loop will look something like this:
   }
 ```
 
-To propose changes to the state machine from your node take your application
-data, serialize it into a byte slice and call:
+To propose changes to the state machine from the node to take application data, serialize it into a byte slice and call:
 
 ```go
 	n.Propose(ctx, data)
 ```
 
-If the proposal is committed, data will appear in committed entries with type
-raftpb.EntryNormal. There is no guarantee that a proposed command will be
-committed; you may have to re-propose after a timeout.
+If the proposal is committed, data will appear in committed entries with type raftpb.EntryNormal. There is no guarantee that a proposed command will be committed; the command may have to be reproposed after a timeout. 
 
 To add or remove node in a cluster, build ConfChange struct 'cc' and call:
 
@@ -207,8 +174,7 @@ To add or remove node in a cluster, build ConfChange struct 'cc' and call:
 	n.ProposeConfChange(ctx, cc)
 ```
 
-After config change is committed, some committed entry with type
-raftpb.EntryConfChange will be returned. You must apply it to node through:
+After config change is committed, some committed entry with type raftpb.EntryConfChange will be returned. This must be applied to node through:
 
 ```go
 	var cc raftpb.ConfChange
@@ -223,25 +189,8 @@ may be reused. Node IDs must be non-zero.
 
 ## Implementation notes
 
-This implementation is up to date with the final Raft thesis
-(https://ramcloud.stanford.edu/~ongaro/thesis.pdf), although our
-implementation of the membership change protocol differs somewhat from
-that described in chapter 4. The key invariant that membership changes
-happen one node at a time is preserved, but in our implementation the
-membership change takes effect when its entry is applied, not when it
-is added to the log (so the entry is committed under the old
-membership instead of the new). This is equivalent in terms of safety,
-since the old and new configurations are guaranteed to overlap.
-
-To ensure that we do not attempt to commit two membership changes at
-once by matching log positions (which would be unsafe since they
-should have different quorum requirements), we simply disallow any
-proposed membership change while any uncommitted change appears in
-the leader's log.
-
-This approach introduces a problem when you try to remove a member
-from a two-member cluster: If one of the members dies before the
-other one receives the commit of the confchange entry, then the member
-cannot be removed any more since the cluster cannot make progress.
-For this reason it is highly recommended to use three or more nodes in
-every cluster.
+This implementation is up to date with the final Raft thesis (https://ramcloud.stanford.edu/~ongaro/thesis.pdf), although this implementation of the membership change protocol differs somewhat from that described in chapter 4. The key invariant that membership changes happen one node at a time is preserved, but in our implementation the membership change takes effect when its entry is applied, not when it is added to the log (so the entry is committed under the old membership instead of the new). This is equivalent in terms of safety, since the old and new configurations are guaranteed to overlap.
+
+To ensure there is no attempt to commit two membership changes at once by matching log positions (which would be unsafe since they should have different quorum requirements), any proposed membership change is simply disallowed while any uncommitted change appears in the leader's log.
+
+This approach introduces a problem when removing a member from a two-member cluster: If one of the members dies before the other one receives the commit of the confchange entry, then the member cannot be removed any more since the cluster cannot make progress. For this reason it is highly recommended to use three or more nodes in every cluster.
diff --git a/vendor/github.com/coreos/etcd/raft/log_unstable.go b/vendor/github.com/coreos/etcd/raft/log_unstable.go
index 8ae301c3d8dd..263af9ce405e 100644
--- a/vendor/github.com/coreos/etcd/raft/log_unstable.go
+++ b/vendor/github.com/coreos/etcd/raft/log_unstable.go
@@ -85,6 +85,26 @@ func (u *unstable) stableTo(i, t uint64) {
 	if gt == t && i >= u.offset {
 		u.entries = u.entries[i+1-u.offset:]
 		u.offset = i + 1
+		u.shrinkEntriesArray()
+	}
+}
+
+// shrinkEntriesArray discards the underlying array used by the entries slice
+// if most of it isn't being used. This avoids holding references to a bunch of
+// potentially large entries that aren't needed anymore. Simply clearing the
+// entries wouldn't be safe because clients might still be using them.
+func (u *unstable) shrinkEntriesArray() {
+	// We replace the array if we're using less than half of the space in
+	// it. This number is fairly arbitrary, chosen as an attempt to balance
+	// memory usage vs number of allocations. It could probably be improved
+	// with some focused tuning.
+	const lenMultiple = 2
+	if len(u.entries) == 0 {
+		u.entries = nil
+	} else if len(u.entries)*lenMultiple < cap(u.entries) {
+		newEntries := make([]pb.Entry, len(u.entries))
+		copy(newEntries, u.entries)
+		u.entries = newEntries
 	}
 }
 
diff --git a/vendor/github.com/coreos/etcd/raft/node.go b/vendor/github.com/coreos/etcd/raft/node.go
index c8410fdc77fa..5da1c1193b27 100644
--- a/vendor/github.com/coreos/etcd/raft/node.go
+++ b/vendor/github.com/coreos/etcd/raft/node.go
@@ -83,6 +83,10 @@ type Ready struct {
 	// If it contains a MsgSnap message, the application MUST report back to raft
 	// when the snapshot has been received or has failed by calling ReportSnapshot.
 	Messages []pb.Message
+
+	// MustSync indicates whether the HardState and Entries must be synchronously
+	// written to disk or if an asynchronous write is permissible.
+	MustSync bool
 }
 
 func isHardStateEqual(a, b pb.HardState) bool {
@@ -517,5 +521,17 @@ func newReady(r *raft, prevSoftSt *SoftState, prevHardSt pb.HardState) Ready {
 	if len(r.readStates) != 0 {
 		rd.ReadStates = r.readStates
 	}
+	rd.MustSync = MustSync(rd.HardState, prevHardSt, len(rd.Entries))
 	return rd
 }
+
+// MustSync returns true if the hard state and count of Raft entries indicate
+// that a synchronous write to persistent storage is required.
+func MustSync(st, prevst pb.HardState, entsnum int) bool {
+	// Persistent state on all servers:
+	// (Updated on stable storage before responding to RPCs)
+	// currentTerm
+	// votedFor
+	// log entries[]
+	return entsnum != 0 || st.Vote != prevst.Vote || st.Term != prevst.Term
+}
diff --git a/vendor/github.com/coreos/etcd/raft/raft.go b/vendor/github.com/coreos/etcd/raft/raft.go
index 7be4407ee2bb..29f203982032 100644
--- a/vendor/github.com/coreos/etcd/raft/raft.go
+++ b/vendor/github.com/coreos/etcd/raft/raft.go
@@ -1159,6 +1159,10 @@ func (r *raft) addNode(id uint64) {
 	}
 
 	r.setProgress(id, 0, r.raftLog.lastIndex()+1)
+	// When a node is first added, we should mark it as recently active.
+	// Otherwise, CheckQuorum may cause us to step down if it is invoked
+	// before the added node has a chance to communicate with us.
+	r.prs[id].RecentActive = true
 }
 
 func (r *raft) removeNode(id uint64) {
diff --git a/vendor/github.com/coreos/etcd/raft/raftpb/raft.pb.go b/vendor/github.com/coreos/etcd/raft/raftpb/raft.pb.go
index 86ad31207087..4c6e79d58a0c 100644
--- a/vendor/github.com/coreos/etcd/raft/raftpb/raft.pb.go
+++ b/vendor/github.com/coreos/etcd/raft/raftpb/raft.pb.go
@@ -1558,25 +1558,67 @@ func (m *ConfState) Unmarshal(dAtA []byte) error {
 		}
 		switch fieldNum {
 		case 1:
-			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Nodes", wireType)
-			}
-			var v uint64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowRaft
+			if wireType == 0 {
+				var v uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowRaft
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					v |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
 				}
-				if iNdEx >= l {
+				m.Nodes = append(m.Nodes, v)
+			} else if wireType == 2 {
+				var packedLen int
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowRaft
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					packedLen |= (int(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				if packedLen < 0 {
+					return ErrInvalidLengthRaft
+				}
+				postIndex := iNdEx + packedLen
+				if postIndex > l {
 					return io.ErrUnexpectedEOF
 				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				v |= (uint64(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
+				for iNdEx < postIndex {
+					var v uint64
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowRaft
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						v |= (uint64(b) & 0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					m.Nodes = append(m.Nodes, v)
 				}
+			} else {
+				return fmt.Errorf("proto: wrong wireType = %d for field Nodes", wireType)
 			}
-			m.Nodes = append(m.Nodes, v)
 		default:
 			iNdEx = preIndex
 			skippy, err := skipRaft(dAtA[iNdEx:])
@@ -1847,7 +1889,7 @@ func init() { proto.RegisterFile("raft.proto", fileDescriptorRaft) }
 
 var fileDescriptorRaft = []byte{
 	// 790 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0x64, 0x54, 0xcd, 0x6e, 0xdb, 0x46,
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x64, 0x54, 0xcd, 0x6e, 0xdb, 0x46,
 	0x10, 0x16, 0x29, 0xea, 0x6f, 0x28, 0xcb, 0xab, 0xb5, 0x5a, 0x2c, 0x0c, 0x43, 0x55, 0x85, 0x1e,
 	0x04, 0x17, 0x76, 0x5b, 0x1d, 0x7a, 0xe8, 0xcd, 0x96, 0x0a, 0x58, 0x40, 0x65, 0xb8, 0xb2, 0xdc,
 	0x43, 0x83, 0x20, 0x58, 0x8b, 0x2b, 0x4a, 0x89, 0xc9, 0x25, 0x96, 0x2b, 0xc7, 0xbe, 0x04, 0x79,
diff --git a/vendor/github.com/coreos/etcd/rafthttp/pipeline.go b/vendor/github.com/coreos/etcd/rafthttp/pipeline.go
index ccd9eb78698d..d9f07c3479d9 100644
--- a/vendor/github.com/coreos/etcd/rafthttp/pipeline.go
+++ b/vendor/github.com/coreos/etcd/rafthttp/pipeline.go
@@ -16,13 +16,13 @@ package rafthttp
 
 import (
 	"bytes"
+	"context"
 	"errors"
 	"io/ioutil"
 	"sync"
 	"time"
 
 	"github.com/coreos/etcd/etcdserver/stats"
-	"github.com/coreos/etcd/pkg/httputil"
 	"github.com/coreos/etcd/pkg/pbutil"
 	"github.com/coreos/etcd/pkg/types"
 	"github.com/coreos/etcd/raft"
@@ -118,7 +118,8 @@ func (p *pipeline) post(data []byte) (err error) {
 	req := createPostRequest(u, RaftPrefix, bytes.NewBuffer(data), "application/protobuf", p.tr.URLs, p.tr.ID, p.tr.ClusterID)
 
 	done := make(chan struct{}, 1)
-	cancel := httputil.RequestCanceler(req)
+	ctx, cancel := context.WithCancel(context.Background())
+	req = req.WithContext(ctx)
 	go func() {
 		select {
 		case <-done:
diff --git a/vendor/github.com/coreos/etcd/rafthttp/snapshot_sender.go b/vendor/github.com/coreos/etcd/rafthttp/snapshot_sender.go
index 105b330728e8..52273c9d195e 100644
--- a/vendor/github.com/coreos/etcd/rafthttp/snapshot_sender.go
+++ b/vendor/github.com/coreos/etcd/rafthttp/snapshot_sender.go
@@ -16,6 +16,7 @@ package rafthttp
 
 import (
 	"bytes"
+	"context"
 	"io"
 	"io/ioutil"
 	"net/http"
@@ -104,7 +105,9 @@ func (s *snapshotSender) send(merged snap.Message) {
 // post posts the given request.
 // It returns nil when request is sent out and processed successfully.
 func (s *snapshotSender) post(req *http.Request) (err error) {
-	cancel := httputil.RequestCanceler(req)
+	ctx, cancel := context.WithCancel(context.Background())
+	req = req.WithContext(ctx)
+	defer cancel()
 
 	type responseAndError struct {
 		resp *http.Response
@@ -130,7 +133,6 @@ func (s *snapshotSender) post(req *http.Request) (err error) {
 
 	select {
 	case <-s.stopc:
-		cancel()
 		return errStopped
 	case r := <-result:
 		if r.err != nil {
diff --git a/vendor/github.com/coreos/etcd/rafthttp/stream.go b/vendor/github.com/coreos/etcd/rafthttp/stream.go
index e69a44ff65a1..2a6c620f56dc 100644
--- a/vendor/github.com/coreos/etcd/rafthttp/stream.go
+++ b/vendor/github.com/coreos/etcd/rafthttp/stream.go
@@ -15,10 +15,10 @@
 package rafthttp
 
 import (
+	"context"
 	"fmt"
 	"io"
 	"io/ioutil"
-	"net"
 	"net/http"
 	"path"
 	"strings"
@@ -27,6 +27,7 @@ import (
 
 	"github.com/coreos/etcd/etcdserver/stats"
 	"github.com/coreos/etcd/pkg/httputil"
+	"github.com/coreos/etcd/pkg/transport"
 	"github.com/coreos/etcd/pkg/types"
 	"github.com/coreos/etcd/raft/raftpb"
 	"github.com/coreos/etcd/version"
@@ -51,6 +52,7 @@ var (
 		"2.3.0": {streamTypeMsgAppV2, streamTypeMessage},
 		"3.0.0": {streamTypeMsgAppV2, streamTypeMessage},
 		"3.1.0": {streamTypeMsgAppV2, streamTypeMessage},
+		"3.2.0": {streamTypeMsgAppV2, streamTypeMessage},
 	}
 )
 
@@ -140,7 +142,8 @@ func (cw *streamWriter) run() {
 		flusher    http.Flusher
 		batched    int
 	)
-	tickc := time.Tick(ConnReadTimeout / 3)
+	tickc := time.NewTicker(ConnReadTimeout / 3)
+	defer tickc.Stop()
 	unflushed := 0
 
 	plog.Infof("started streaming with peer %s (writer)", cw.peerID)
@@ -212,7 +215,7 @@ func (cw *streamWriter) run() {
 				plog.Warningf("closed an existing TCP streaming connection with peer %s (%s writer)", cw.peerID, t)
 			}
 			plog.Infof("established a TCP streaming connection with peer %s (%s writer)", cw.peerID, t)
-			heartbeatc, msgc = tickc, cw.msgc
+			heartbeatc, msgc = tickc.C, cw.msgc
 		case <-cw.stopc:
 			if cw.close() {
 				plog.Infof("closed the TCP streaming connection with peer %s (%s writer)", cw.peerID, t)
@@ -314,7 +317,7 @@ func (cr *streamReader) run() {
 			// all data is read out
 			case err == io.EOF:
 			// connection is closed by the remote
-			case isClosedConnectionError(err):
+			case transport.IsClosedConnError(err):
 			default:
 				cr.status.deactivate(failureType{source: t.String(), action: "read"}, err.Error())
 			}
@@ -426,14 +429,17 @@ func (cr *streamReader) dial(t streamType) (io.ReadCloser, error) {
 
 	setPeerURLsHeader(req, cr.tr.URLs)
 
+	ctx, cancel := context.WithCancel(context.Background())
+	req = req.WithContext(ctx)
+
 	cr.mu.Lock()
+	cr.cancel = cancel
 	select {
 	case <-cr.stopc:
 		cr.mu.Unlock()
 		return nil, fmt.Errorf("stream reader is stopped")
 	default:
 	}
-	cr.cancel = httputil.RequestCanceler(req)
 	cr.mu.Unlock()
 
 	resp, err := cr.tr.streamRt.RoundTrip(req)
@@ -508,11 +514,6 @@ func (cr *streamReader) resume() {
 	cr.paused = false
 }
 
-func isClosedConnectionError(err error) bool {
-	operr, ok := err.(*net.OpError)
-	return ok && operr.Err.Error() == "use of closed network connection"
-}
-
 // checkStreamSupport checks whether the stream type is supported in the
 // given version.
 func checkStreamSupport(v *semver.Version, t streamType) bool {
diff --git a/vendor/github.com/coreos/etcd/rafthttp/util.go b/vendor/github.com/coreos/etcd/rafthttp/util.go
index 61855c52a60c..12e548c77175 100644
--- a/vendor/github.com/coreos/etcd/rafthttp/util.go
+++ b/vendor/github.com/coreos/etcd/rafthttp/util.go
@@ -15,8 +15,6 @@
 package rafthttp
 
 import (
-	"crypto/tls"
-	"encoding/binary"
 	"fmt"
 	"io"
 	"net"
@@ -27,7 +25,6 @@ import (
 
 	"github.com/coreos/etcd/pkg/transport"
 	"github.com/coreos/etcd/pkg/types"
-	"github.com/coreos/etcd/raft/raftpb"
 	"github.com/coreos/etcd/version"
 	"github.com/coreos/go-semver/semver"
 )
@@ -39,8 +36,8 @@ var (
 
 // NewListener returns a listener for raft message transfer between peers.
 // It uses timeout listener to identify broken streams promptly.
-func NewListener(u url.URL, tlscfg *tls.Config) (net.Listener, error) {
-	return transport.NewTimeoutListener(u.Host, u.Scheme, tlscfg, ConnReadTimeout, ConnWriteTimeout)
+func NewListener(u url.URL, tlsinfo *transport.TLSInfo) (net.Listener, error) {
+	return transport.NewTimeoutListener(u.Host, u.Scheme, tlsinfo, ConnReadTimeout, ConnWriteTimeout)
 }
 
 // NewRoundTripper returns a roundTripper used to send requests
@@ -61,31 +58,6 @@ func newStreamRoundTripper(tlsInfo transport.TLSInfo, dialTimeout time.Duration)
 	return transport.NewTimeoutTransport(tlsInfo, dialTimeout, ConnReadTimeout, ConnWriteTimeout)
 }
 
-func writeEntryTo(w io.Writer, ent *raftpb.Entry) error {
-	size := ent.Size()
-	if err := binary.Write(w, binary.BigEndian, uint64(size)); err != nil {
-		return err
-	}
-	b, err := ent.Marshal()
-	if err != nil {
-		return err
-	}
-	_, err = w.Write(b)
-	return err
-}
-
-func readEntryFrom(r io.Reader, ent *raftpb.Entry) error {
-	var l uint64
-	if err := binary.Read(r, binary.BigEndian, &l); err != nil {
-		return err
-	}
-	buf := make([]byte, int(l))
-	if _, err := io.ReadFull(r, buf); err != nil {
-		return err
-	}
-	return ent.Unmarshal(buf)
-}
-
 // createPostRequest creates a HTTP POST request that sends raft message.
 func createPostRequest(u url.URL, path string, body io.Reader, ct string, urls types.URLs, from, cid types.ID) *http.Request {
 	uu := u
diff --git a/vendor/github.com/coreos/etcd/snap/db.go b/vendor/github.com/coreos/etcd/snap/db.go
index ae3c743f80c1..01d897ae8611 100644
--- a/vendor/github.com/coreos/etcd/snap/db.go
+++ b/vendor/github.com/coreos/etcd/snap/db.go
@@ -15,6 +15,7 @@
 package snap
 
 import (
+	"errors"
 	"fmt"
 	"io"
 	"io/ioutil"
@@ -24,6 +25,8 @@ import (
 	"github.com/coreos/etcd/pkg/fileutil"
 )
 
+var ErrNoDBSnapshot = errors.New("snap: snapshot file doesn't exist")
+
 // SaveDBFrom saves snapshot of the database from the given reader. It
 // guarantees the save operation is atomic.
 func (s *Snapshotter) SaveDBFrom(r io.Reader, id uint64) (int64, error) {
@@ -41,7 +44,7 @@ func (s *Snapshotter) SaveDBFrom(r io.Reader, id uint64) (int64, error) {
 		os.Remove(f.Name())
 		return n, err
 	}
-	fn := filepath.Join(s.dir, fmt.Sprintf("%016x.snap.db", id))
+	fn := s.dbFilePath(id)
 	if fileutil.Exist(fn) {
 		os.Remove(f.Name())
 		return n, nil
@@ -60,15 +63,15 @@ func (s *Snapshotter) SaveDBFrom(r io.Reader, id uint64) (int64, error) {
 // DBFilePath returns the file path for the snapshot of the database with
 // given id. If the snapshot does not exist, it returns error.
 func (s *Snapshotter) DBFilePath(id uint64) (string, error) {
-	fns, err := fileutil.ReadDir(s.dir)
-	if err != nil {
+	if _, err := fileutil.ReadDir(s.dir); err != nil {
 		return "", err
 	}
-	wfn := fmt.Sprintf("%016x.snap.db", id)
-	for _, fn := range fns {
-		if fn == wfn {
-			return filepath.Join(s.dir, fn), nil
-		}
+	if fn := s.dbFilePath(id); fileutil.Exist(fn) {
+		return fn, nil
 	}
-	return "", fmt.Errorf("snap: snapshot file doesn't exist")
+	return "", ErrNoDBSnapshot
+}
+
+func (s *Snapshotter) dbFilePath(id uint64) string {
+	return filepath.Join(s.dir, fmt.Sprintf("%016x.snap.db", id))
 }
diff --git a/vendor/github.com/coreos/etcd/snap/snappb/snap.pb.go b/vendor/github.com/coreos/etcd/snap/snappb/snap.pb.go
index 130e2277c847..05a77ff9d06c 100644
--- a/vendor/github.com/coreos/etcd/snap/snappb/snap.pb.go
+++ b/vendor/github.com/coreos/etcd/snap/snappb/snap.pb.go
@@ -342,7 +342,7 @@ func init() { proto.RegisterFile("snap.proto", fileDescriptorSnap) }
 
 var fileDescriptorSnap = []byte{
 	// 126 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0xe2, 0xe2, 0x2a, 0xce, 0x4b, 0x2c,
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xe2, 0x2a, 0xce, 0x4b, 0x2c,
 	0xd0, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0x62, 0x03, 0xb1, 0x0b, 0x92, 0xa4, 0x44, 0xd2, 0xf3,
 	0xd3, 0xf3, 0xc1, 0x42, 0xfa, 0x20, 0x16, 0x44, 0x56, 0xc9, 0x8c, 0x8b, 0x03, 0x24, 0x5f, 0x9c,
 	0x91, 0x5f, 0x22, 0x24, 0xc6, 0xc5, 0x9c, 0x5c, 0x94, 0x2c, 0xc1, 0xa8, 0xc0, 0xa8, 0xc1, 0xeb,
diff --git a/vendor/github.com/coreos/etcd/store/node.go b/vendor/github.com/coreos/etcd/store/node.go
index 731327b08ba1..54159553500f 100644
--- a/vendor/github.com/coreos/etcd/store/node.go
+++ b/vendor/github.com/coreos/etcd/store/node.go
@@ -332,7 +332,6 @@ func (n *node) UpdateTTL(expireTime time.Time) {
 	n.ExpireTime = expireTime
 	// push into ttl heap
 	n.store.ttlKeyHeap.push(n)
-	return
 }
 
 // Compare function compares node index and value with provided ones.
diff --git a/vendor/github.com/coreos/etcd/store/store.go b/vendor/github.com/coreos/etcd/store/store.go
index 6c19ad4c9707..edf7f21942b9 100644
--- a/vendor/github.com/coreos/etcd/store/store.go
+++ b/vendor/github.com/coreos/etcd/store/store.go
@@ -682,6 +682,9 @@ func (s *store) DeleteExpiredKeys(cutoff time.Time) {
 		e := newEvent(Expire, node.Path, s.CurrentIndex, node.CreatedIndex)
 		e.EtcdIndex = s.CurrentIndex
 		e.PrevNode = node.Repr(false, false, s.clock)
+		if node.IsDir() {
+			e.Node.Dir = true
+		}
 
 		callback := func(path string) { // notify function
 			// notify the watchers with deleted set true
diff --git a/vendor/github.com/coreos/etcd/store/watcher_hub.go b/vendor/github.com/coreos/etcd/store/watcher_hub.go
index 6dd63f3c5419..13c23e391d91 100644
--- a/vendor/github.com/coreos/etcd/store/watcher_hub.go
+++ b/vendor/github.com/coreos/etcd/store/watcher_hub.go
@@ -116,7 +116,7 @@ func (wh *watcherHub) watch(key string, recursive, stream bool, index, storeInde
 }
 
 func (wh *watcherHub) add(e *Event) {
-	e = wh.EventHistory.addEvent(e)
+	wh.EventHistory.addEvent(e)
 }
 
 // notify function accepts an event and notify to the watchers.
diff --git a/vendor/github.com/coreos/etcd/version/version.go b/vendor/github.com/coreos/etcd/version/version.go
index 0cefd81ece2c..b488499c686d 100644
--- a/vendor/github.com/coreos/etcd/version/version.go
+++ b/vendor/github.com/coreos/etcd/version/version.go
@@ -26,7 +26,7 @@ import (
 var (
 	// MinClusterVersion is the min cluster version this etcd binary is compatible with.
 	MinClusterVersion = "3.0.0"
-	Version           = "3.1.11"
+	Version           = "3.2.13"
 	APIVersion        = "unknown"
 
 	// Git SHA Value will be set during build
diff --git a/vendor/github.com/coreos/etcd/wal/encoder.go b/vendor/github.com/coreos/etcd/wal/encoder.go
index efe58928cc8c..aac1e197e590 100644
--- a/vendor/github.com/coreos/etcd/wal/encoder.go
+++ b/vendor/github.com/coreos/etcd/wal/encoder.go
@@ -52,7 +52,7 @@ func newEncoder(w io.Writer, prevCrc uint32, pageOffset int) *encoder {
 
 // newFileEncoder creates a new encoder with current file offset for the page writer.
 func newFileEncoder(f *os.File, prevCrc uint32) (*encoder, error) {
-	offset, err := f.Seek(0, os.SEEK_CUR)
+	offset, err := f.Seek(0, io.SeekCurrent)
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/github.com/coreos/etcd/wal/repair.go b/vendor/github.com/coreos/etcd/wal/repair.go
index ffb141616826..091036b57b9a 100644
--- a/vendor/github.com/coreos/etcd/wal/repair.go
+++ b/vendor/github.com/coreos/etcd/wal/repair.go
@@ -62,7 +62,7 @@ func Repair(dirpath string) bool {
 			}
 			defer bf.Close()
 
-			if _, err = f.Seek(0, os.SEEK_SET); err != nil {
+			if _, err = f.Seek(0, io.SeekStart); err != nil {
 				plog.Errorf("could not repair %v, failed to read file", f.Name())
 				return false
 			}
diff --git a/vendor/github.com/coreos/etcd/wal/wal.go b/vendor/github.com/coreos/etcd/wal/wal.go
index b65f64483042..2cac25c1c904 100644
--- a/vendor/github.com/coreos/etcd/wal/wal.go
+++ b/vendor/github.com/coreos/etcd/wal/wal.go
@@ -112,7 +112,7 @@ func Create(dirpath string, metadata []byte) (*WAL, error) {
 	if err != nil {
 		return nil, err
 	}
-	if _, err = f.Seek(0, os.SEEK_END); err != nil {
+	if _, err = f.Seek(0, io.SeekEnd); err != nil {
 		return nil, err
 	}
 	if err = fileutil.Preallocate(f.File, SegmentSizeBytes, true); err != nil {
@@ -322,7 +322,7 @@ func (w *WAL) ReadAll() (metadata []byte, state raftpb.HardState, ents []raftpb.
 		// not all, will cause CRC errors on WAL open. Since the records
 		// were never fully synced to disk in the first place, it's safe
 		// to zero them out to avoid any CRC errors from new writes.
-		if _, err = w.tail().Seek(w.decoder.lastOffset(), os.SEEK_SET); err != nil {
+		if _, err = w.tail().Seek(w.decoder.lastOffset(), io.SeekStart); err != nil {
 			return nil, state, nil, err
 		}
 		if err = fileutil.ZeroToEnd(w.tail().File); err != nil {
@@ -361,7 +361,7 @@ func (w *WAL) ReadAll() (metadata []byte, state raftpb.HardState, ents []raftpb.
 // Then cut atomically rename temp wal file to a wal file.
 func (w *WAL) cut() error {
 	// close old wal file; truncate to avoid wasting space if an early cut
-	off, serr := w.tail().Seek(0, os.SEEK_CUR)
+	off, serr := w.tail().Seek(0, io.SeekCurrent)
 	if serr != nil {
 		return serr
 	}
@@ -401,7 +401,7 @@ func (w *WAL) cut() error {
 		return err
 	}
 
-	off, err = w.tail().Seek(0, os.SEEK_CUR)
+	off, err = w.tail().Seek(0, io.SeekCurrent)
 	if err != nil {
 		return err
 	}
@@ -418,7 +418,7 @@ func (w *WAL) cut() error {
 	if newTail, err = fileutil.LockFile(fpath, os.O_WRONLY, fileutil.PrivateFileMode); err != nil {
 		return err
 	}
-	if _, err = newTail.Seek(off, os.SEEK_SET); err != nil {
+	if _, err = newTail.Seek(off, io.SeekStart); err != nil {
 		return err
 	}
 
@@ -552,7 +552,7 @@ func (w *WAL) Save(st raftpb.HardState, ents []raftpb.Entry) error {
 		return nil
 	}
 
-	mustSync := mustSync(st, w.state, len(ents))
+	mustSync := raft.MustSync(st, w.state, len(ents))
 
 	// TODO(xiangli): no more reference operator
 	for i := range ents {
@@ -564,7 +564,7 @@ func (w *WAL) Save(st raftpb.HardState, ents []raftpb.Entry) error {
 		return err
 	}
 
-	curOff, err := w.tail().Seek(0, os.SEEK_CUR)
+	curOff, err := w.tail().Seek(0, io.SeekCurrent)
 	if err != nil {
 		return err
 	}
@@ -618,15 +618,6 @@ func (w *WAL) seq() uint64 {
 	return seq
 }
 
-func mustSync(st, prevst raftpb.HardState, entsnum int) bool {
-	// Persistent state on all servers:
-	// (Updated on stable storage before responding to RPCs)
-	// currentTerm
-	// votedFor
-	// log entries[]
-	return entsnum != 0 || st.Vote != prevst.Vote || st.Term != prevst.Term
-}
-
 func closeAll(rcs ...io.ReadCloser) error {
 	for _, f := range rcs {
 		if err := f.Close(); err != nil {
diff --git a/vendor/github.com/coreos/etcd/wal/walpb/record.pb.go b/vendor/github.com/coreos/etcd/wal/walpb/record.pb.go
index e1a77d5e51a0..664fae1305bf 100644
--- a/vendor/github.com/coreos/etcd/wal/walpb/record.pb.go
+++ b/vendor/github.com/coreos/etcd/wal/walpb/record.pb.go
@@ -506,7 +506,7 @@ func init() { proto.RegisterFile("record.proto", fileDescriptorRecord) }
 
 var fileDescriptorRecord = []byte{
 	// 186 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0xe2, 0xe2, 0x29, 0x4a, 0x4d, 0xce,
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0xe2, 0x29, 0x4a, 0x4d, 0xce,
 	0x2f, 0x4a, 0xd1, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0x62, 0x2d, 0x4f, 0xcc, 0x29, 0x48, 0x92,
 	0x12, 0x49, 0xcf, 0x4f, 0xcf, 0x07, 0x8b, 0xe8, 0x83, 0x58, 0x10, 0x49, 0x25, 0x3f, 0x2e, 0xb6,
 	0x20, 0xb0, 0x62, 0x21, 0x09, 0x2e, 0x96, 0x92, 0xca, 0x82, 0x54, 0x09, 0x46, 0x05, 0x46, 0x0d,
diff --git a/vendor/github.com/coreos/go-oidc/.gitignore b/vendor/github.com/coreos/go-oidc/.gitignore
new file mode 100644
index 000000000000..c96f2f47bc6d
--- /dev/null
+++ b/vendor/github.com/coreos/go-oidc/.gitignore
@@ -0,0 +1,2 @@
+/bin
+/gopath
diff --git a/vendor/github.com/coreos/go-oidc/.travis.yml b/vendor/github.com/coreos/go-oidc/.travis.yml
new file mode 100644
index 000000000000..f2f3c9c81ffd
--- /dev/null
+++ b/vendor/github.com/coreos/go-oidc/.travis.yml
@@ -0,0 +1,16 @@
+language: go
+
+go:
+  - 1.7.5
+  - 1.8
+
+install:
+ - go get -v -t github.com/coreos/go-oidc/...
+ - go get golang.org/x/tools/cmd/cover
+ - go get github.com/golang/lint/golint
+
+script:
+ - ./test
+
+notifications:
+  email: false
diff --git a/vendor/github.com/coreos/go-oidc/CONTRIBUTING.md b/vendor/github.com/coreos/go-oidc/CONTRIBUTING.md
new file mode 100644
index 000000000000..6662073a848e
--- /dev/null
+++ b/vendor/github.com/coreos/go-oidc/CONTRIBUTING.md
@@ -0,0 +1,71 @@
+# How to Contribute
+
+CoreOS projects are [Apache 2.0 licensed](LICENSE) and accept contributions via
+GitHub pull requests.  This document outlines some of the conventions on
+development workflow, commit message formatting, contact points and other
+resources to make it easier to get your contribution accepted.
+
+# Certificate of Origin
+
+By contributing to this project you agree to the Developer Certificate of
+Origin (DCO). This document was created by the Linux Kernel community and is a
+simple statement that you, as a contributor, have the legal right to make the
+contribution. See the [DCO](DCO) file for details.
+
+# Email and Chat
+
+The project currently uses the general CoreOS email list and IRC channel:
+- Email: [coreos-dev](https://groups.google.com/forum/#!forum/coreos-dev)
+- IRC: #[coreos](irc://irc.freenode.org:6667/#coreos) IRC channel on freenode.org
+
+Please avoid emailing maintainers found in the MAINTAINERS file directly. They
+are very busy and read the mailing lists.
+
+## Getting Started
+
+- Fork the repository on GitHub
+- Read the [README](README.md) for build and test instructions
+- Play with the project, submit bugs, submit patches!
+
+## Contribution Flow
+
+This is a rough outline of what a contributor's workflow looks like:
+
+- Create a topic branch from where you want to base your work (usually master).
+- Make commits of logical units.
+- Make sure your commit messages are in the proper format (see below).
+- Push your changes to a topic branch in your fork of the repository.
+- Make sure the tests pass, and add any new tests as appropriate.
+- Submit a pull request to the original repository.
+
+Thanks for your contributions!
+
+### Format of the Commit Message
+
+We follow a rough convention for commit messages that is designed to answer two
+questions: what changed and why. The subject line should feature the what and
+the body of the commit should describe the why.
+
+```
+scripts: add the test-cluster command
+
+this uses tmux to setup a test cluster that you can easily kill and
+start for debugging.
+
+Fixes #38
+```
+
+The format can be described more formally as follows:
+
+```
+<subsystem>: <what changed>
+<BLANK LINE>
+<why this change was made>
+<BLANK LINE>
+<footer>
+```
+
+The first line is the subject and should be no longer than 70 characters, the
+second line is always blank, and other lines should be wrapped at 80 characters.
+This allows the message to be easier to read on GitHub as well as in various
+git tools.
diff --git a/vendor/github.com/coreos/go-oidc/DCO b/vendor/github.com/coreos/go-oidc/DCO
new file mode 100644
index 000000000000..716561d5d282
--- /dev/null
+++ b/vendor/github.com/coreos/go-oidc/DCO
@@ -0,0 +1,36 @@
+Developer Certificate of Origin
+Version 1.1
+
+Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
+660 York Street, Suite 102,
+San Francisco, CA 94110 USA
+
+Everyone is permitted to copy and distribute verbatim copies of this
+license document, but changing it is not allowed.
+
+
+Developer's Certificate of Origin 1.1
+
+By making a contribution to this project, I certify that:
+
+(a) The contribution was created in whole or in part by me and I
+    have the right to submit it under the open source license
+    indicated in the file; or
+
+(b) The contribution is based upon previous work that, to the best
+    of my knowledge, is covered under an appropriate open source
+    license and I have the right under that license to submit that
+    work with modifications, whether created in whole or in part
+    by me, under the same open source license (unless I am
+    permitted to submit under a different license), as indicated
+    in the file; or
+
+(c) The contribution was provided directly to me by some other
+    person who certified (a), (b) or (c) and I have not modified
+    it.
+
+(d) I understand and agree that this project and the contribution
+    are public and that a record of the contribution (including all
+    personal information I submit with it, including my sign-off) is
+    maintained indefinitely and may be redistributed consistent with
+    this project or the open source license(s) involved.
diff --git a/vendor/github.com/coreos/go-oidc/MAINTAINERS b/vendor/github.com/coreos/go-oidc/MAINTAINERS
new file mode 100644
index 000000000000..68079f1ea685
--- /dev/null
+++ b/vendor/github.com/coreos/go-oidc/MAINTAINERS
@@ -0,0 +1,3 @@
+Bobby Rullo <bobby.rullo@coreos.com> (@bobbyrullo)
+Ed Rooth <ed.rooth@coreos.com> (@sym3tri)
+Eric Chiang <eric.chiang@coreos.com> (@ericchiang)
diff --git a/vendor/github.com/coreos/go-oidc/README.md b/vendor/github.com/coreos/go-oidc/README.md
new file mode 100644
index 000000000000..520d7c87f466
--- /dev/null
+++ b/vendor/github.com/coreos/go-oidc/README.md
@@ -0,0 +1,72 @@
+# go-oidc
+
+[![GoDoc](https://godoc.org/github.com/coreos/go-oidc?status.svg)](https://godoc.org/github.com/coreos/go-oidc)
+[![Build Status](https://travis-ci.org/coreos/go-oidc.png?branch=master)](https://travis-ci.org/coreos/go-oidc)
+
+## OpenID Connect support for Go
+
+This package enables OpenID Connect support for the [golang.org/x/oauth2](https://godoc.org/golang.org/x/oauth2) package.
+
+```go
+provider, err := oidc.NewProvider(ctx, "https://accounts.google.com")
+if err != nil {
+    // handle error
+}
+
+// Configure an OpenID Connect aware OAuth2 client.
+oauth2Config := oauth2.Config{
+    ClientID:     clientID,
+    ClientSecret: clientSecret,
+    RedirectURL:  redirectURL,
+
+    // Discovery returns the OAuth2 endpoints.
+    Endpoint: provider.Endpoint(),
+
+    // "openid" is a required scope for OpenID Connect flows.
+    Scopes: []string{oidc.ScopeOpenID, "profile", "email"},
+}
+```
+
+OAuth2 redirects are unchanged.
+
+```go
+func handleRedirect(w http.ResponseWriter, r *http.Request) {
+    http.Redirect(w, r, oauth2Config.AuthCodeURL(state), http.StatusFound)
+}
+```
+
+The on responses, the provider can be used to verify ID Tokens.
+
+```go
+var verifier = provider.Verifier(&oidc.Config{ClientID: clientID})
+
+func handleOAuth2Callback(w http.ResponseWriter, r *http.Request) {
+    // Verify state and errors.
+
+    oauth2Token, err := oauth2Config.Exchange(ctx, r.URL.Query().Get("code"))
+    if err != nil {
+        // handle error
+    }
+
+    // Extract the ID Token from OAuth2 token.
+    rawIDToken, ok := oauth2Token.Extra("id_token").(string)
+    if !ok {
+        // handle missing token
+    }
+
+    // Parse and verify ID Token payload.
+    idToken, err := verifier.Verify(ctx, rawIDToken)
+    if err != nil {
+        // handle error
+    }
+
+    // Extract custom claims
+    var claims struct {
+        Email    string `json:"email"`
+        Verified bool   `json:"email_verified"`
+    }
+    if err := idToken.Claims(&claims); err != nil {
+        // handle error
+    }
+}
+```
diff --git a/vendor/github.com/coreos/go-oidc/code-of-conduct.md b/vendor/github.com/coreos/go-oidc/code-of-conduct.md
new file mode 100644
index 000000000000..a234f3609d09
--- /dev/null
+++ b/vendor/github.com/coreos/go-oidc/code-of-conduct.md
@@ -0,0 +1,61 @@
+## CoreOS Community Code of Conduct
+
+### Contributor Code of Conduct
+
+As contributors and maintainers of this project, and in the interest of
+fostering an open and welcoming community, we pledge to respect all people who
+contribute through reporting issues, posting feature requests, updating
+documentation, submitting pull requests or patches, and other activities.
+
+We are committed to making participation in this project a harassment-free
+experience for everyone, regardless of level of experience, gender, gender
+identity and expression, sexual orientation, disability, personal appearance,
+body size, race, ethnicity, age, religion, or nationality.
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery
+* Personal attacks
+* Trolling or insulting/derogatory comments
+* Public or private harassment
+* Publishing others' private information, such as physical or electronic addresses, without explicit permission
+* Other unethical or unprofessional conduct.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct. By adopting this Code of Conduct,
+project maintainers commit themselves to fairly and consistently applying these
+principles to every aspect of managing this project. Project maintainers who do
+not follow or enforce the Code of Conduct may be permanently removed from the
+project team.
+
+This code of conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community.
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting a project maintainer, Brandon Philips
+<brandon.philips@coreos.com>, and/or Rithu John <rithu.john@coreos.com>.
+
+This Code of Conduct is adapted from the Contributor Covenant
+(http://contributor-covenant.org), version 1.2.0, available at
+http://contributor-covenant.org/version/1/2/0/
+
+### CoreOS Events Code of Conduct
+
+CoreOS events are working conferences intended for professional networking and
+collaboration in the CoreOS community. Attendees are expected to behave
+according to professional standards and in accordance with their employer’s
+policies on appropriate workplace behavior.
+
+While at CoreOS events or related social networking opportunities, attendees
+should not engage in discriminatory or offensive speech or actions including
+but not limited to gender, sexuality, race, age, disability, or religion.
+Speakers should be especially aware of these concerns.
+
+CoreOS does not condone any statements by speakers contrary to these standards.
+CoreOS reserves the right to deny entrance and/or eject from an event (without
+refund) any individual found to be engaging in discriminatory or offensive
+speech or actions.
+
+Please bring any concerns to the immediate attention of designated on-site
+staff, Brandon Philips <brandon.philips@coreos.com>, and/or Rithu John <rithu.john@coreos.com>.
diff --git a/vendor/github.com/coreos/go-oidc/http/client.go b/vendor/github.com/coreos/go-oidc/http/client.go
deleted file mode 100644
index fd079b4950f0..000000000000
--- a/vendor/github.com/coreos/go-oidc/http/client.go
+++ /dev/null
@@ -1,7 +0,0 @@
-package http
-
-import "net/http"
-
-type Client interface {
-	Do(*http.Request) (*http.Response, error)
-}
diff --git a/vendor/github.com/coreos/go-oidc/http/doc.go b/vendor/github.com/coreos/go-oidc/http/doc.go
deleted file mode 100644
index 5687e8b81b4b..000000000000
--- a/vendor/github.com/coreos/go-oidc/http/doc.go
+++ /dev/null
@@ -1,2 +0,0 @@
-// Package http is DEPRECATED. Use net/http instead.
-package http
diff --git a/vendor/github.com/coreos/go-oidc/http/http.go b/vendor/github.com/coreos/go-oidc/http/http.go
deleted file mode 100644
index 48717833cabb..000000000000
--- a/vendor/github.com/coreos/go-oidc/http/http.go
+++ /dev/null
@@ -1,161 +0,0 @@
-package http
-
-import (
-	"encoding/base64"
-	"encoding/json"
-	"errors"
-	"log"
-	"net/http"
-	"net/url"
-	"path"
-	"strconv"
-	"strings"
-	"time"
-)
-
-func WriteError(w http.ResponseWriter, code int, msg string) {
-	e := struct {
-		Error string `json:"error"`
-	}{
-		Error: msg,
-	}
-	b, err := json.Marshal(e)
-	if err != nil {
-		log.Printf("go-oidc: failed to marshal %#v: %v", e, err)
-		code = http.StatusInternalServerError
-		b = []byte(`{"error":"server_error"}`)
-	}
-	w.Header().Set("Content-Type", "application/json")
-	w.WriteHeader(code)
-	w.Write(b)
-}
-
-// BasicAuth parses a username and password from the request's
-// Authorization header. This was pulled from golang master:
-// https://codereview.appspot.com/76540043
-func BasicAuth(r *http.Request) (username, password string, ok bool) {
-	auth := r.Header.Get("Authorization")
-	if auth == "" {
-		return
-	}
-
-	if !strings.HasPrefix(auth, "Basic ") {
-		return
-	}
-	c, err := base64.StdEncoding.DecodeString(strings.TrimPrefix(auth, "Basic "))
-	if err != nil {
-		return
-	}
-	cs := string(c)
-	s := strings.IndexByte(cs, ':')
-	if s < 0 {
-		return
-	}
-	return cs[:s], cs[s+1:], true
-}
-
-func cacheControlMaxAge(hdr string) (time.Duration, bool, error) {
-	for _, field := range strings.Split(hdr, ",") {
-		parts := strings.SplitN(strings.TrimSpace(field), "=", 2)
-		k := strings.ToLower(strings.TrimSpace(parts[0]))
-		if k != "max-age" {
-			continue
-		}
-
-		if len(parts) == 1 {
-			return 0, false, errors.New("max-age has no value")
-		}
-
-		v := strings.TrimSpace(parts[1])
-		if v == "" {
-			return 0, false, errors.New("max-age has empty value")
-		}
-
-		age, err := strconv.Atoi(v)
-		if err != nil {
-			return 0, false, err
-		}
-
-		if age <= 0 {
-			return 0, false, nil
-		}
-
-		return time.Duration(age) * time.Second, true, nil
-	}
-
-	return 0, false, nil
-}
-
-func expires(date, expires string) (time.Duration, bool, error) {
-	if date == "" || expires == "" {
-		return 0, false, nil
-	}
-
-	var te time.Time
-	var err error
-	if expires == "0" {
-		return 0, false, nil
-	}
-	te, err = time.Parse(time.RFC1123, expires)
-	if err != nil {
-		return 0, false, err
-	}
-
-	td, err := time.Parse(time.RFC1123, date)
-	if err != nil {
-		return 0, false, err
-	}
-
-	ttl := te.Sub(td)
-
-	// headers indicate data already expired, caller should not
-	// have to care about this case
-	if ttl <= 0 {
-		return 0, false, nil
-	}
-
-	return ttl, true, nil
-}
-
-func Cacheable(hdr http.Header) (time.Duration, bool, error) {
-	ttl, ok, err := cacheControlMaxAge(hdr.Get("Cache-Control"))
-	if err != nil || ok {
-		return ttl, ok, err
-	}
-
-	return expires(hdr.Get("Date"), hdr.Get("Expires"))
-}
-
-// MergeQuery appends additional query values to an existing URL.
-func MergeQuery(u url.URL, q url.Values) url.URL {
-	uv := u.Query()
-	for k, vs := range q {
-		for _, v := range vs {
-			uv.Add(k, v)
-		}
-	}
-	u.RawQuery = uv.Encode()
-	return u
-}
-
-// NewResourceLocation appends a resource id to the end of the requested URL path.
-func NewResourceLocation(reqURL *url.URL, id string) string {
-	var u url.URL
-	u = *reqURL
-	u.Path = path.Join(u.Path, id)
-	u.RawQuery = ""
-	u.Fragment = ""
-	return u.String()
-}
-
-// CopyRequest returns a clone of the provided *http.Request.
-// The returned object is a shallow copy of the struct and a
-// deep copy of its Header field.
-func CopyRequest(r *http.Request) *http.Request {
-	r2 := *r
-	r2.Header = make(http.Header)
-	for k, s := range r.Header {
-		r2.Header[k] = s
-	}
-	return &r2
-}
diff --git a/vendor/github.com/coreos/go-oidc/http/url.go b/vendor/github.com/coreos/go-oidc/http/url.go
deleted file mode 100644
index df60eb1a6b5a..000000000000
--- a/vendor/github.com/coreos/go-oidc/http/url.go
+++ /dev/null
@@ -1,29 +0,0 @@
-package http
-
-import (
-	"errors"
-	"net/url"
-)
-
-// ParseNonEmptyURL checks that a string is a parsable URL which is also not empty
-// since `url.Parse("")` does not return an error. Must contian a scheme and a host.
-func ParseNonEmptyURL(u string) (*url.URL, error) {
-	if u == "" {
-		return nil, errors.New("url is empty")
-	}
-
-	ur, err := url.Parse(u)
-	if err != nil {
-		return nil, err
-	}
-
-	if ur.Scheme == "" {
-		return nil, errors.New("url scheme is empty")
-	}
-
-	if ur.Host == "" {
-		return nil, errors.New("url host is empty")
-	}
-
-	return ur, nil
-}
diff --git a/vendor/github.com/coreos/go-oidc/jose.go b/vendor/github.com/coreos/go-oidc/jose.go
new file mode 100644
index 000000000000..f2e6bf432248
--- /dev/null
+++ b/vendor/github.com/coreos/go-oidc/jose.go
@@ -0,0 +1,20 @@
+// +build !golint
+
+// Don't lint this file. We don't want to have to add a comment to each constant.
+
+package oidc
+
+const (
+	// JOSE asymmetric signing algorithm values as defined by RFC 7518
+	//
+	// see: https://tools.ietf.org/html/rfc7518#section-3.1
+	RS256 = "RS256" // RSASSA-PKCS-v1.5 using SHA-256
+	RS384 = "RS384" // RSASSA-PKCS-v1.5 using SHA-384
+	RS512 = "RS512" // RSASSA-PKCS-v1.5 using SHA-512
+	ES256 = "ES256" // ECDSA using P-256 and SHA-256
+	ES384 = "ES384" // ECDSA using P-384 and SHA-384
+	ES512 = "ES512" // ECDSA using P-521 and SHA-512
+	PS256 = "PS256" // RSASSA-PSS using SHA256 and MGF1-SHA256
+	PS384 = "PS384" // RSASSA-PSS using SHA384 and MGF1-SHA384
+	PS512 = "PS512" // RSASSA-PSS using SHA512 and MGF1-SHA512
+)
diff --git a/vendor/github.com/coreos/go-oidc/jose/claims.go b/vendor/github.com/coreos/go-oidc/jose/claims.go
deleted file mode 100644
index 8b48bfd230b0..000000000000
--- a/vendor/github.com/coreos/go-oidc/jose/claims.go
+++ /dev/null
@@ -1,126 +0,0 @@
-package jose
-
-import (
-	"encoding/json"
-	"fmt"
-	"math"
-	"time"
-)
-
-type Claims map[string]interface{}
-
-func (c Claims) Add(name string, value interface{}) {
-	c[name] = value
-}
-
-func (c Claims) StringClaim(name string) (string, bool, error) {
-	cl, ok := c[name]
-	if !ok {
-		return "", false, nil
-	}
-
-	v, ok := cl.(string)
-	if !ok {
-		return "", false, fmt.Errorf("unable to parse claim as string: %v", name)
-	}
-
-	return v, true, nil
-}
-
-func (c Claims) StringsClaim(name string) ([]string, bool, error) {
-	cl, ok := c[name]
-	if !ok {
-		return nil, false, nil
-	}
-
-	if v, ok := cl.([]string); ok {
-		return v, true, nil
-	}
-
-	// When unmarshaled, []string will become []interface{}.
-	if v, ok := cl.([]interface{}); ok {
-		var ret []string
-		for _, vv := range v {
-			str, ok := vv.(string)
-			if !ok {
-				return nil, false, fmt.Errorf("unable to parse claim as string array: %v", name)
-			}
-			ret = append(ret, str)
-		}
-		return ret, true, nil
-	}
-
-	return nil, false, fmt.Errorf("unable to parse claim as string array: %v", name)
-}
-
-func (c Claims) Int64Claim(name string) (int64, bool, error) {
-	cl, ok := c[name]
-	if !ok {
-		return 0, false, nil
-	}
-
-	v, ok := cl.(int64)
-	if !ok {
-		vf, ok := cl.(float64)
-		if !ok {
-			return 0, false, fmt.Errorf("unable to parse claim as int64: %v", name)
-		}
-		v = int64(vf)
-	}
-
-	return v, true, nil
-}
-
-func (c Claims) Float64Claim(name string) (float64, bool, error) {
-	cl, ok := c[name]
-	if !ok {
-		return 0, false, nil
-	}
-
-	v, ok := cl.(float64)
-	if !ok {
-		vi, ok := cl.(int64)
-		if !ok {
-			return 0, false, fmt.Errorf("unable to parse claim as float64: %v", name)
-		}
-		v = float64(vi)
-	}
-
-	return v, true, nil
-}
-
-func (c Claims) TimeClaim(name string) (time.Time, bool, error) {
-	v, ok, err := c.Float64Claim(name)
-	if !ok || err != nil {
-		return time.Time{}, ok, err
-	}
-
-	s := math.Trunc(v)
-	ns := (v - s) * math.Pow(10, 9)
-	return time.Unix(int64(s), int64(ns)).UTC(), true, nil
-}
-
-func decodeClaims(payload []byte) (Claims, error) {
-	var c Claims
-	if err := json.Unmarshal(payload, &c); err != nil {
-		return nil, fmt.Errorf("malformed JWT claims, unable to decode: %v", err)
-	}
-	return c, nil
-}
-
-func marshalClaims(c Claims) ([]byte, error) {
-	b, err := json.Marshal(c)
-	if err != nil {
-		return nil, err
-	}
-	return b, nil
-}
-
-func encodeClaims(c Claims) (string, error) {
-	b, err := marshalClaims(c)
-	if err != nil {
-		return "", err
-	}
-
-	return encodeSegment(b), nil
-}
diff --git a/vendor/github.com/coreos/go-oidc/jose/doc.go b/vendor/github.com/coreos/go-oidc/jose/doc.go
deleted file mode 100644
index b5e1321781c3..000000000000
--- a/vendor/github.com/coreos/go-oidc/jose/doc.go
+++ /dev/null
@@ -1,2 +0,0 @@
-// Package jose is DEPRECATED. Use gopkg.in/square/go-jose.v2 instead.
-package jose
diff --git a/vendor/github.com/coreos/go-oidc/jose/jose.go b/vendor/github.com/coreos/go-oidc/jose/jose.go
deleted file mode 100644
index 6209926596c9..000000000000
--- a/vendor/github.com/coreos/go-oidc/jose/jose.go
+++ /dev/null
@@ -1,112 +0,0 @@
-package jose
-
-import (
-	"encoding/base64"
-	"encoding/json"
-	"fmt"
-	"strings"
-)
-
-const (
-	HeaderMediaType    = "typ"
-	HeaderKeyAlgorithm = "alg"
-	HeaderKeyID        = "kid"
-)
-
-const (
-	// Encryption Algorithm Header Parameter Values for JWS
-	// See: https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40#page-6
-	AlgHS256 = "HS256"
-	AlgHS384 = "HS384"
-	AlgHS512 = "HS512"
-	AlgRS256 = "RS256"
-	AlgRS384 = "RS384"
-	AlgRS512 = "RS512"
-	AlgES256 = "ES256"
-	AlgES384 = "ES384"
-	AlgES512 = "ES512"
-	AlgPS256 = "PS256"
-	AlgPS384 = "PS384"
-	AlgPS512 = "PS512"
-	AlgNone  = "none"
-)
-
-const (
-	// Algorithm Header Parameter Values for JWE
-	// See: https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40#section-4.1
-	AlgRSA15            = "RSA1_5"
-	AlgRSAOAEP          = "RSA-OAEP"
-	AlgRSAOAEP256       = "RSA-OAEP-256"
-	AlgA128KW           = "A128KW"
-	AlgA192KW           = "A192KW"
-	AlgA256KW           = "A256KW"
-	AlgDir              = "dir"
-	AlgECDHES           = "ECDH-ES"
-	AlgECDHESA128KW     = "ECDH-ES+A128KW"
-	AlgECDHESA192KW     = "ECDH-ES+A192KW"
-	AlgECDHESA256KW     = "ECDH-ES+A256KW"
-	AlgA128GCMKW        = "A128GCMKW"
-	AlgA192GCMKW        = "A192GCMKW"
-	AlgA256GCMKW        = "A256GCMKW"
-	AlgPBES2HS256A128KW = "PBES2-HS256+A128KW"
-	AlgPBES2HS384A192KW = "PBES2-HS384+A192KW"
-	AlgPBES2HS512A256KW = "PBES2-HS512+A256KW"
-)
-
-const (
-	// Encryption Algorithm Header Parameter Values for JWE
-	// See: https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40#page-22
-	EncA128CBCHS256 = "A128CBC-HS256"
-	EncA128CBCHS384 = "A128CBC-HS384"
-	EncA256CBCHS512 = "A256CBC-HS512"
-	EncA128GCM      = "A128GCM"
-	EncA192GCM      = "A192GCM"
-	EncA256GCM      = "A256GCM"
-)
-
-type JOSEHeader map[string]string
-
-func (j JOSEHeader) Validate() error {
-	if _, exists := j[HeaderKeyAlgorithm]; !exists {
-		return fmt.Errorf("header missing %q parameter", HeaderKeyAlgorithm)
-	}
-
-	return nil
-}
-
-func decodeHeader(seg string) (JOSEHeader, error) {
-	b, err := decodeSegment(seg)
-	if err != nil {
-		return nil, err
-	}
-
-	var h JOSEHeader
-	err = json.Unmarshal(b, &h)
-	if err != nil {
-		return nil, err
-	}
-
-	return h, nil
-}
-
-func encodeHeader(h JOSEHeader) (string, error) {
-	b, err := json.Marshal(h)
-	if err != nil {
-		return "", err
-	}
-
-	return encodeSegment(b), nil
-}
-
-// Decode JWT specific base64url encoding with padding stripped
-func decodeSegment(seg string) ([]byte, error) {
-	if l := len(seg) % 4; l != 0 {
-		seg += strings.Repeat("=", 4-l)
-	}
-	return base64.URLEncoding.DecodeString(seg)
-}
-
-// Encode JWT specific base64url encoding with padding stripped
-func encodeSegment(seg []byte) string {
-	return strings.TrimRight(base64.URLEncoding.EncodeToString(seg), "=")
-}
diff --git a/vendor/github.com/coreos/go-oidc/jose/jwk.go b/vendor/github.com/coreos/go-oidc/jose/jwk.go
deleted file mode 100644
index 119f073ff7a9..000000000000
--- a/vendor/github.com/coreos/go-oidc/jose/jwk.go
+++ /dev/null
@@ -1,135 +0,0 @@
-package jose
-
-import (
-	"bytes"
-	"encoding/base64"
-	"encoding/binary"
-	"encoding/json"
-	"math/big"
-	"strings"
-)
-
-// JSON Web Key
-// https://tools.ietf.org/html/draft-ietf-jose-json-web-key-36#page-5
-type JWK struct {
-	ID       string
-	Type     string
-	Alg      string
-	Use      string
-	Exponent int
-	Modulus  *big.Int
-	Secret   []byte
-}
-
-type jwkJSON struct {
-	ID       string `json:"kid"`
-	Type     string `json:"kty"`
-	Alg      string `json:"alg"`
-	Use      string `json:"use"`
-	Exponent string `json:"e"`
-	Modulus  string `json:"n"`
-}
-
-func (j *JWK) MarshalJSON() ([]byte, error) {
-	t := jwkJSON{
-		ID:       j.ID,
-		Type:     j.Type,
-		Alg:      j.Alg,
-		Use:      j.Use,
-		Exponent: encodeExponent(j.Exponent),
-		Modulus:  encodeModulus(j.Modulus),
-	}
-
-	return json.Marshal(&t)
-}
-
-func (j *JWK) UnmarshalJSON(data []byte) error {
-	var t jwkJSON
-	err := json.Unmarshal(data, &t)
-	if err != nil {
-		return err
-	}
-
-	e, err := decodeExponent(t.Exponent)
-	if err != nil {
-		return err
-	}
-
-	n, err := decodeModulus(t.Modulus)
-	if err != nil {
-		return err
-	}
-
-	j.ID = t.ID
-	j.Type = t.Type
-	j.Alg = t.Alg
-	j.Use = t.Use
-	j.Exponent = e
-	j.Modulus = n
-
-	return nil
-}
-
-type JWKSet struct {
-	Keys []JWK `json:"keys"`
-}
-
-func decodeExponent(e string) (int, error) {
-	decE, err := decodeBase64URLPaddingOptional(e)
-	if err != nil {
-		return 0, err
-	}
-	var eBytes []byte
-	if len(decE) < 8 {
-		eBytes = make([]byte, 8-len(decE), 8)
-		eBytes = append(eBytes, decE...)
-	} else {
-		eBytes = decE
-	}
-	eReader := bytes.NewReader(eBytes)
-	var E uint64
-	err = binary.Read(eReader, binary.BigEndian, &E)
-	if err != nil {
-		return 0, err
-	}
-	return int(E), nil
-}
-
-func encodeExponent(e int) string {
-	b := make([]byte, 8)
-	binary.BigEndian.PutUint64(b, uint64(e))
-	var idx int
-	for ; idx < 8; idx++ {
-		if b[idx] != 0x0 {
-			break
-		}
-	}
-	return base64.RawURLEncoding.EncodeToString(b[idx:])
-}
-
-// Turns a URL encoded modulus of a key into a big int.
-func decodeModulus(n string) (*big.Int, error) {
-	decN, err := decodeBase64URLPaddingOptional(n)
-	if err != nil {
-		return nil, err
-	}
-	N := big.NewInt(0)
-	N.SetBytes(decN)
-	return N, nil
-}
-
-func encodeModulus(n *big.Int) string {
-	return base64.RawURLEncoding.EncodeToString(n.Bytes())
-}
-
-// decodeBase64URLPaddingOptional decodes Base64 whether there is padding or not.
-// The stdlib version currently doesn't handle this.
-// We can get rid of this is if this bug:
-//   https://github.com/golang/go/issues/4237
-// ever closes.
-func decodeBase64URLPaddingOptional(e string) ([]byte, error) {
-	if m := len(e) % 4; m != 0 {
-		e += strings.Repeat("=", 4-m)
-	}
-	return base64.URLEncoding.DecodeString(e)
-}
diff --git a/vendor/github.com/coreos/go-oidc/jose/jws.go b/vendor/github.com/coreos/go-oidc/jose/jws.go
deleted file mode 100644
index 1049ece831c5..000000000000
--- a/vendor/github.com/coreos/go-oidc/jose/jws.go
+++ /dev/null
@@ -1,51 +0,0 @@
-package jose
-
-import (
-	"fmt"
-	"strings"
-)
-
-type JWS struct {
-	RawHeader  string
-	Header     JOSEHeader
-	RawPayload string
-	Payload    []byte
-	Signature  []byte
-}
-
-// Given a raw encoded JWS token parses it and verifies the structure.
-func ParseJWS(raw string) (JWS, error) {
-	parts := strings.Split(raw, ".")
-	if len(parts) != 3 {
-		return JWS{}, fmt.Errorf("malformed JWS, only %d segments", len(parts))
-	}
-
-	rawSig := parts[2]
-	jws := JWS{
-		RawHeader:  parts[0],
-		RawPayload: parts[1],
-	}
-
-	header, err := decodeHeader(jws.RawHeader)
-	if err != nil {
-		return JWS{}, fmt.Errorf("malformed JWS, unable to decode header, %s", err)
-	}
-	if err = header.Validate(); err != nil {
-		return JWS{}, fmt.Errorf("malformed JWS, %s", err)
-	}
-	jws.Header = header
-
-	payload, err := decodeSegment(jws.RawPayload)
-	if err != nil {
-		return JWS{}, fmt.Errorf("malformed JWS, unable to decode payload: %s", err)
-	}
-	jws.Payload = payload
-
-	sig, err := decodeSegment(rawSig)
-	if err != nil {
-		return JWS{}, fmt.Errorf("malformed JWS, unable to decode signature: %s", err)
-	}
-	jws.Signature = sig
-
-	return jws, nil
-}
diff --git a/vendor/github.com/coreos/go-oidc/jose/jwt.go b/vendor/github.com/coreos/go-oidc/jose/jwt.go
deleted file mode 100644
index 3b3e9634b002..000000000000
--- a/vendor/github.com/coreos/go-oidc/jose/jwt.go
+++ /dev/null
@@ -1,82 +0,0 @@
-package jose
-
-import "strings"
-
-type JWT JWS
-
-func ParseJWT(token string) (jwt JWT, err error) {
-	jws, err := ParseJWS(token)
-	if err != nil {
-		return
-	}
-
-	return JWT(jws), nil
-}
-
-func NewJWT(header JOSEHeader, claims Claims) (jwt JWT, err error) {
-	jwt = JWT{}
-
-	jwt.Header = header
-	jwt.Header[HeaderMediaType] = "JWT"
-
-	claimBytes, err := marshalClaims(claims)
-	if err != nil {
-		return
-	}
-	jwt.Payload = claimBytes
-
-	eh, err := encodeHeader(header)
-	if err != nil {
-		return
-	}
-	jwt.RawHeader = eh
-
-	ec, err := encodeClaims(claims)
-	if err != nil {
-		return
-	}
-	jwt.RawPayload = ec
-
-	return
-}
-
-func (j *JWT) KeyID() (string, bool) {
-	kID, ok := j.Header[HeaderKeyID]
-	return kID, ok
-}
-
-func (j *JWT) Claims() (Claims, error) {
-	return decodeClaims(j.Payload)
-}
-
-// Encoded data part of the token which may be signed.
-func (j *JWT) Data() string {
-	return strings.Join([]string{j.RawHeader, j.RawPayload}, ".")
-}
-
-// Full encoded JWT token string in format: header.claims.signature
-func (j *JWT) Encode() string {
-	d := j.Data()
-	s := encodeSegment(j.Signature)
-	return strings.Join([]string{d, s}, ".")
-}
-
-func NewSignedJWT(claims Claims, s Signer) (*JWT, error) {
-	header := JOSEHeader{
-		HeaderKeyAlgorithm: s.Alg(),
-		HeaderKeyID:        s.ID(),
-	}
-
-	jwt, err := NewJWT(header, claims)
-	if err != nil {
-		return nil, err
-	}
-
-	sig, err := s.Sign([]byte(jwt.Data()))
-	if err != nil {
-		return nil, err
-	}
-	jwt.Signature = sig
-
-	return &jwt, nil
-}
diff --git a/vendor/github.com/coreos/go-oidc/jose/sig.go b/vendor/github.com/coreos/go-oidc/jose/sig.go
deleted file mode 100755
index 7b2b253cca53..000000000000
--- a/vendor/github.com/coreos/go-oidc/jose/sig.go
+++ /dev/null
@@ -1,24 +0,0 @@
-package jose
-
-import (
-	"fmt"
-)
-
-type Verifier interface {
-	ID() string
-	Alg() string
-	Verify(sig []byte, data []byte) error
-}
-
-type Signer interface {
-	Verifier
-	Sign(data []byte) (sig []byte, err error)
-}
-
-func NewVerifier(jwk JWK) (Verifier, error) {
-	if jwk.Type != "RSA" {
-		return nil, fmt.Errorf("unsupported key type %q", jwk.Type)
-	}
-
-	return NewVerifierRSA(jwk)
-}
diff --git a/vendor/github.com/coreos/go-oidc/jose/sig_rsa.go b/vendor/github.com/coreos/go-oidc/jose/sig_rsa.go
deleted file mode 100755
index 004e45dd835c..000000000000
--- a/vendor/github.com/coreos/go-oidc/jose/sig_rsa.go
+++ /dev/null
@@ -1,67 +0,0 @@
-package jose
-
-import (
-	"crypto"
-	"crypto/rand"
-	"crypto/rsa"
-	"fmt"
-)
-
-type VerifierRSA struct {
-	KeyID     string
-	Hash      crypto.Hash
-	PublicKey rsa.PublicKey
-}
-
-type SignerRSA struct {
-	PrivateKey rsa.PrivateKey
-	VerifierRSA
-}
-
-func NewVerifierRSA(jwk JWK) (*VerifierRSA, error) {
-	if jwk.Alg != "" && jwk.Alg != "RS256" {
-		return nil, fmt.Errorf("unsupported key algorithm %q", jwk.Alg)
-	}
-
-	v := VerifierRSA{
-		KeyID: jwk.ID,
-		PublicKey: rsa.PublicKey{
-			N: jwk.Modulus,
-			E: jwk.Exponent,
-		},
-		Hash: crypto.SHA256,
-	}
-
-	return &v, nil
-}
-
-func NewSignerRSA(kid string, key rsa.PrivateKey) *SignerRSA {
-	return &SignerRSA{
-		PrivateKey: key,
-		VerifierRSA: VerifierRSA{
-			KeyID:     kid,
-			PublicKey: key.PublicKey,
-			Hash:      crypto.SHA256,
-		},
-	}
-}
-
-func (v *VerifierRSA) ID() string {
-	return v.KeyID
-}
-
-func (v *VerifierRSA) Alg() string {
-	return "RS256"
-}
-
-func (v *VerifierRSA) Verify(sig []byte, data []byte) error {
-	h := v.Hash.New()
-	h.Write(data)
-	return rsa.VerifyPKCS1v15(&v.PublicKey, v.Hash, h.Sum(nil), sig)
-}
-
-func (s *SignerRSA) Sign(data []byte) ([]byte, error) {
-	h := s.Hash.New()
-	h.Write(data)
-	return rsa.SignPKCS1v15(rand.Reader, &s.PrivateKey, s.Hash, h.Sum(nil))
-}
diff --git a/vendor/github.com/coreos/go-oidc/jwks.go b/vendor/github.com/coreos/go-oidc/jwks.go
new file mode 100644
index 000000000000..e6a82c842956
--- /dev/null
+++ b/vendor/github.com/coreos/go-oidc/jwks.go
@@ -0,0 +1,228 @@
+package oidc
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"sync"
+	"time"
+
+	"github.com/pquerna/cachecontrol"
+	jose "gopkg.in/square/go-jose.v2"
+)
+
+// keysExpiryDelta is the allowed clock skew between a client and the OpenID Connect
+// server.
+//
+// When keys expire, they are valid for this amount of time after.
+//
+// If the keys have not expired, and an ID Token claims it was signed by a key not in
+// the cache, if and only if the keys expire in this amount of time, the keys will be
+// updated.
+const keysExpiryDelta = 30 * time.Second
+
+// NewRemoteKeySet returns a KeySet that can validate JSON web tokens by using HTTP
+// GETs to fetch JSON web token sets hosted at a remote URL. This is automatically
+// used by NewProvider using the URLs returned by OpenID Connect discovery, but is
+// exposed for providers that don't support discovery or to prevent round trips to the
+// discovery URL.
+//
+// The returned KeySet is a long lived verifier that caches keys based on cache-control
+// headers. Reuse a common remote key set instead of creating new ones as needed.
+//
+// The behavior of the returned KeySet is undefined once the context is canceled.
+func NewRemoteKeySet(ctx context.Context, jwksURL string) KeySet {
+	return newRemoteKeySet(ctx, jwksURL, time.Now)
+}
+
+func newRemoteKeySet(ctx context.Context, jwksURL string, now func() time.Time) *remoteKeySet {
+	if now == nil {
+		now = time.Now
+	}
+	return &remoteKeySet{jwksURL: jwksURL, ctx: ctx, now: now}
+}
+
+type remoteKeySet struct {
+	jwksURL string
+	ctx     context.Context
+	now     func() time.Time
+
+	// guard all other fields
+	mu sync.Mutex
+
+	// inflight suppresses parallel execution of updateKeys and allows
+	// multiple goroutines to wait for its result.
+	inflight *inflight
+
+	// A set of cached keys and their expiry.
+	cachedKeys []jose.JSONWebKey
+	expiry     time.Time
+}
+
+// inflight is used to wait on some in-flight request from multiple goroutines.
+type inflight struct {
+	doneCh chan struct{}
+
+	keys []jose.JSONWebKey
+	err  error
+}
+
+func newInflight() *inflight {
+	return &inflight{doneCh: make(chan struct{})}
+}
+
+// wait returns a channel that multiple goroutines can receive on. Once it returns
+// a value, the inflight request is done and result() can be inspected.
+func (i *inflight) wait() <-chan struct{} {
+	return i.doneCh
+}
+
+// done can only be called by a single goroutine. It records the result of the
+// inflight request and signals other goroutines that the result is safe to
+// inspect.
+func (i *inflight) done(keys []jose.JSONWebKey, err error) {
+	i.keys = keys
+	i.err = err
+	close(i.doneCh)
+}
+
+// result cannot be called until the wait() channel has returned a value.
+func (i *inflight) result() ([]jose.JSONWebKey, error) {
+	return i.keys, i.err
+}
+
+func (r *remoteKeySet) VerifySignature(ctx context.Context, jwt string) ([]byte, error) {
+	jws, err := jose.ParseSigned(jwt)
+	if err != nil {
+		return nil, fmt.Errorf("oidc: malformed jwt: %v", err)
+	}
+	return r.verify(ctx, jws)
+}
+
+func (r *remoteKeySet) verify(ctx context.Context, jws *jose.JSONWebSignature) ([]byte, error) {
+	// We don't support JWTs signed with multiple signatures.
+	keyID := ""
+	for _, sig := range jws.Signatures {
+		keyID = sig.Header.KeyID
+		break
+	}
+
+	keys, expiry := r.keysFromCache()
+
+	// Don't check expiry yet. This optimizes for when the provider is unavailable.
+	for _, key := range keys {
+		if keyID == "" || key.KeyID == keyID {
+			if payload, err := jws.Verify(&key); err == nil {
+				return payload, nil
+			}
+		}
+	}
+
+	if !r.now().Add(keysExpiryDelta).After(expiry) {
+		// Keys haven't expired, don't refresh.
+		return nil, errors.New("failed to verify id token signature")
+	}
+
+	keys, err := r.keysFromRemote(ctx)
+	if err != nil {
+		return nil, fmt.Errorf("fetching keys %v", err)
+	}
+
+	for _, key := range keys {
+		if keyID == "" || key.KeyID == keyID {
+			if payload, err := jws.Verify(&key); err == nil {
+				return payload, nil
+			}
+		}
+	}
+	return nil, errors.New("failed to verify id token signature")
+}
+
+func (r *remoteKeySet) keysFromCache() (keys []jose.JSONWebKey, expiry time.Time) {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+	return r.cachedKeys, r.expiry
+}
+
+// keysFromRemote syncs the key set from the remote set, records the values in the
+// cache, and returns the key set.
+func (r *remoteKeySet) keysFromRemote(ctx context.Context) ([]jose.JSONWebKey, error) {
+	// Need to lock to inspect the inflight request field.
+	r.mu.Lock()
+	// If there's not a current inflight request, create one.
+	if r.inflight == nil {
+		r.inflight = newInflight()
+
+		// This goroutine has exclusive ownership over the current inflight
+		// request. It releases the resource by nil'ing the inflight field
+		// once the goroutine is done.
+		go func() {
+			// Sync keys and finish inflight when that's done.
+			keys, expiry, err := r.updateKeys()
+
+			r.inflight.done(keys, err)
+
+			// Lock to update the keys and indicate that there is no longer an
+			// inflight request.
+			r.mu.Lock()
+			defer r.mu.Unlock()
+
+			if err == nil {
+				r.cachedKeys = keys
+				r.expiry = expiry
+			}
+
+			// Free inflight so a different request can run.
+			r.inflight = nil
+		}()
+	}
+	inflight := r.inflight
+	r.mu.Unlock()
+
+	select {
+	case <-ctx.Done():
+		return nil, ctx.Err()
+	case <-inflight.wait():
+		return inflight.result()
+	}
+}
+
+func (r *remoteKeySet) updateKeys() ([]jose.JSONWebKey, time.Time, error) {
+	req, err := http.NewRequest("GET", r.jwksURL, nil)
+	if err != nil {
+		return nil, time.Time{}, fmt.Errorf("oidc: can't create request: %v", err)
+	}
+
+	resp, err := doRequest(r.ctx, req)
+	if err != nil {
+		return nil, time.Time{}, fmt.Errorf("oidc: get keys failed %v", err)
+	}
+	defer resp.Body.Close()
+
+	body, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return nil, time.Time{}, fmt.Errorf("unable to read response body: %v", err)
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return nil, time.Time{}, fmt.Errorf("oidc: get keys failed: %s %s", resp.Status, body)
+	}
+
+	var keySet jose.JSONWebKeySet
+	err = unmarshalResp(resp, body, &keySet)
+	if err != nil {
+		return nil, time.Time{}, fmt.Errorf("oidc: failed to decode keys: %v %s", err, body)
+	}
+
+	// If the server doesn't provide cache control headers, assume the
+	// keys expire immediately.
+	expiry := r.now()
+
+	_, e, err := cachecontrol.CachableResponse(req, resp, cachecontrol.Options{})
+	if err == nil && e.After(expiry) {
+		expiry = e
+	}
+	return keySet.Keys, expiry, nil
+}
diff --git a/vendor/github.com/coreos/go-oidc/key/doc.go b/vendor/github.com/coreos/go-oidc/key/doc.go
deleted file mode 100644
index 936eec745825..000000000000
--- a/vendor/github.com/coreos/go-oidc/key/doc.go
+++ /dev/null
@@ -1,2 +0,0 @@
-// Package key is DEPRECATED. Use github.com/coreos/go-oidc instead.
-package key
diff --git a/vendor/github.com/coreos/go-oidc/key/key.go b/vendor/github.com/coreos/go-oidc/key/key.go
deleted file mode 100644
index 208c1fc1492c..000000000000
--- a/vendor/github.com/coreos/go-oidc/key/key.go
+++ /dev/null
@@ -1,153 +0,0 @@
-package key
-
-import (
-	"crypto/rand"
-	"crypto/rsa"
-	"encoding/hex"
-	"encoding/json"
-	"io"
-	"time"
-
-	"github.com/coreos/go-oidc/jose"
-)
-
-func NewPublicKey(jwk jose.JWK) *PublicKey {
-	return &PublicKey{jwk: jwk}
-}
-
-type PublicKey struct {
-	jwk jose.JWK
-}
-
-func (k *PublicKey) MarshalJSON() ([]byte, error) {
-	return json.Marshal(&k.jwk)
-}
-
-func (k *PublicKey) UnmarshalJSON(data []byte) error {
-	var jwk jose.JWK
-	if err := json.Unmarshal(data, &jwk); err != nil {
-		return err
-	}
-	k.jwk = jwk
-	return nil
-}
-
-func (k *PublicKey) ID() string {
-	return k.jwk.ID
-}
-
-func (k *PublicKey) Verifier() (jose.Verifier, error) {
-	return jose.NewVerifierRSA(k.jwk)
-}
-
-type PrivateKey struct {
-	KeyID      string
-	PrivateKey *rsa.PrivateKey
-}
-
-func (k *PrivateKey) ID() string {
-	return k.KeyID
-}
-
-func (k *PrivateKey) Signer() jose.Signer {
-	return jose.NewSignerRSA(k.ID(), *k.PrivateKey)
-}
-
-func (k *PrivateKey) JWK() jose.JWK {
-	return jose.JWK{
-		ID:       k.KeyID,
-		Type:     "RSA",
-		Alg:      "RS256",
-		Use:      "sig",
-		Exponent: k.PrivateKey.PublicKey.E,
-		Modulus:  k.PrivateKey.PublicKey.N,
-	}
-}
-
-type KeySet interface {
-	ExpiresAt() time.Time
-}
-
-type PublicKeySet struct {
-	keys      []PublicKey
-	index     map[string]*PublicKey
-	expiresAt time.Time
-}
-
-func NewPublicKeySet(jwks []jose.JWK, exp time.Time) *PublicKeySet {
-	keys := make([]PublicKey, len(jwks))
-	index := make(map[string]*PublicKey)
-	for i, jwk := range jwks {
-		keys[i] = *NewPublicKey(jwk)
-		index[keys[i].ID()] = &keys[i]
-	}
-	return &PublicKeySet{
-		keys:      keys,
-		index:     index,
-		expiresAt: exp,
-	}
-}
-
-func (s *PublicKeySet) ExpiresAt() time.Time {
-	return s.expiresAt
-}
-
-func (s *PublicKeySet) Keys() []PublicKey {
-	return s.keys
-}
-
-func (s *PublicKeySet) Key(id string) *PublicKey {
-	return s.index[id]
-}
-
-type PrivateKeySet struct {
-	keys        []*PrivateKey
-	ActiveKeyID string
-	expiresAt   time.Time
-}
-
-func NewPrivateKeySet(keys []*PrivateKey, exp time.Time) *PrivateKeySet {
-	return &PrivateKeySet{
-		keys:        keys,
-		ActiveKeyID: keys[0].ID(),
-		expiresAt:   exp.UTC(),
-	}
-}
-
-func (s *PrivateKeySet) Keys() []*PrivateKey {
-	return s.keys
-}
-
-func (s *PrivateKeySet) ExpiresAt() time.Time {
-	return s.expiresAt
-}
-
-func (s *PrivateKeySet) Active() *PrivateKey {
-	for i, k := range s.keys {
-		if k.ID() == s.ActiveKeyID {
-			return s.keys[i]
-		}
-	}
-
-	return nil
-}
-
-type GeneratePrivateKeyFunc func() (*PrivateKey, error)
-
-func GeneratePrivateKey() (*PrivateKey, error) {
-	pk, err := rsa.GenerateKey(rand.Reader, 2048)
-	if err != nil {
-		return nil, err
-	}
-	keyID := make([]byte, 20)
-	if _, err := io.ReadFull(rand.Reader, keyID); err != nil {
-		return nil, err
-	}
-
-	k := PrivateKey{
-		KeyID:      hex.EncodeToString(keyID),
-		PrivateKey: pk,
-	}
-
-	return &k, nil
-}
diff --git a/vendor/github.com/coreos/go-oidc/key/manager.go b/vendor/github.com/coreos/go-oidc/key/manager.go
deleted file mode 100644
index 476ab6a8d2b9..000000000000
--- a/vendor/github.com/coreos/go-oidc/key/manager.go
+++ /dev/null
@@ -1,99 +0,0 @@
-package key
-
-import (
-	"errors"
-	"time"
-
-	"github.com/jonboulle/clockwork"
-
-	"github.com/coreos/go-oidc/jose"
-	"github.com/coreos/pkg/health"
-)
-
-type PrivateKeyManager interface {
-	ExpiresAt() time.Time
-	Signer() (jose.Signer, error)
-	JWKs() ([]jose.JWK, error)
-	PublicKeys() ([]PublicKey, error)
-
-	WritableKeySetRepo
-	health.Checkable
-}
-
-func NewPrivateKeyManager() PrivateKeyManager {
-	return &privateKeyManager{
-		clock: clockwork.NewRealClock(),
-	}
-}
-
-type privateKeyManager struct {
-	keySet *PrivateKeySet
-	clock  clockwork.Clock
-}
-
-func (m *privateKeyManager) ExpiresAt() time.Time {
-	if m.keySet == nil {
-		return m.clock.Now().UTC()
-	}
-
-	return m.keySet.ExpiresAt()
-}
-
-func (m *privateKeyManager) Signer() (jose.Signer, error) {
-	if err := m.Healthy(); err != nil {
-		return nil, err
-	}
-
-	return m.keySet.Active().Signer(), nil
-}
-
-func (m *privateKeyManager) JWKs() ([]jose.JWK, error) {
-	if err := m.Healthy(); err != nil {
-		return nil, err
-	}
-
-	keys := m.keySet.Keys()
-	jwks := make([]jose.JWK, len(keys))
-	for i, k := range keys {
-		jwks[i] = k.JWK()
-	}
-	return jwks, nil
-}
-
-func (m *privateKeyManager) PublicKeys() ([]PublicKey, error) {
-	jwks, err := m.JWKs()
-	if err != nil {
-		return nil, err
-	}
-	keys := make([]PublicKey, len(jwks))
-	for i, jwk := range jwks {
-		keys[i] = *NewPublicKey(jwk)
-	}
-	return keys, nil
-}
-
-func (m *privateKeyManager) Healthy() error {
-	if m.keySet == nil {
-		return errors.New("private key manager uninitialized")
-	}
-
-	if len(m.keySet.Keys()) == 0 {
-		return errors.New("private key manager zero keys")
-	}
-
-	if m.keySet.ExpiresAt().Before(m.clock.Now().UTC()) {
-		return errors.New("private key manager keys expired")
-	}
-
-	return nil
-}
-
-func (m *privateKeyManager) Set(keySet KeySet) error {
-	privKeySet, ok := keySet.(*PrivateKeySet)
-	if !ok {
-		return errors.New("unable to cast to PrivateKeySet")
-	}
-
-	m.keySet = privKeySet
-	return nil
-}
diff --git a/vendor/github.com/coreos/go-oidc/key/repo.go b/vendor/github.com/coreos/go-oidc/key/repo.go
deleted file mode 100644
index 1acdeb3614c5..000000000000
--- a/vendor/github.com/coreos/go-oidc/key/repo.go
+++ /dev/null
@@ -1,55 +0,0 @@
-package key
-
-import (
-	"errors"
-	"sync"
-)
-
-var ErrorNoKeys = errors.New("no keys found")
-
-type WritableKeySetRepo interface {
-	Set(KeySet) error
-}
-
-type ReadableKeySetRepo interface {
-	Get() (KeySet, error)
-}
-
-type PrivateKeySetRepo interface {
-	WritableKeySetRepo
-	ReadableKeySetRepo
-}
-
-func NewPrivateKeySetRepo() PrivateKeySetRepo {
-	return &memPrivateKeySetRepo{}
-}
-
-type memPrivateKeySetRepo struct {
-	mu  sync.RWMutex
-	pks PrivateKeySet
-}
-
-func (r *memPrivateKeySetRepo) Set(ks KeySet) error {
-	pks, ok := ks.(*PrivateKeySet)
-	if !ok {
-		return errors.New("unable to cast to PrivateKeySet")
-	} else if pks == nil {
-		return errors.New("nil KeySet")
-	}
-
-	r.mu.Lock()
-	defer r.mu.Unlock()
-
-	r.pks = *pks
-	return nil
-}
-
-func (r *memPrivateKeySetRepo) Get() (KeySet, error) {
-	r.mu.RLock()
-	defer r.mu.RUnlock()
-
-	if r.pks.keys == nil {
-		return nil, ErrorNoKeys
-	}
-	return KeySet(&r.pks), nil
-}
diff --git a/vendor/github.com/coreos/go-oidc/key/rotate.go b/vendor/github.com/coreos/go-oidc/key/rotate.go
deleted file mode 100644
index bc6cdfb1bd89..000000000000
--- a/vendor/github.com/coreos/go-oidc/key/rotate.go
+++ /dev/null
@@ -1,159 +0,0 @@
-package key
-
-import (
-	"errors"
-	"log"
-	"time"
-
-	ptime "github.com/coreos/pkg/timeutil"
-	"github.com/jonboulle/clockwork"
-)
-
-var (
-	ErrorPrivateKeysExpired = errors.New("private keys have expired")
-)
-
-func NewPrivateKeyRotator(repo PrivateKeySetRepo, ttl time.Duration) *PrivateKeyRotator {
-	return &PrivateKeyRotator{
-		repo: repo,
-		ttl:  ttl,
-
-		keep:        2,
-		generateKey: GeneratePrivateKey,
-		clock:       clockwork.NewRealClock(),
-	}
-}
-
-type PrivateKeyRotator struct {
-	repo        PrivateKeySetRepo
-	generateKey GeneratePrivateKeyFunc
-	clock       clockwork.Clock
-	keep        int
-	ttl         time.Duration
-}
-
-func (r *PrivateKeyRotator) expiresAt() time.Time {
-	return r.clock.Now().UTC().Add(r.ttl)
-}
-
-func (r *PrivateKeyRotator) Healthy() error {
-	pks, err := r.privateKeySet()
-	if err != nil {
-		return err
-	}
-
-	if r.clock.Now().After(pks.ExpiresAt()) {
-		return ErrorPrivateKeysExpired
-	}
-
-	return nil
-}
-
-func (r *PrivateKeyRotator) privateKeySet() (*PrivateKeySet, error) {
-	ks, err := r.repo.Get()
-	if err != nil {
-		return nil, err
-	}
-
-	pks, ok := ks.(*PrivateKeySet)
-	if !ok {
-		return nil, errors.New("unable to cast to PrivateKeySet")
-	}
-	return pks, nil
-}
-
-func (r *PrivateKeyRotator) nextRotation() (time.Duration, error) {
-	pks, err := r.privateKeySet()
-	if err == ErrorNoKeys {
-		return 0, nil
-	}
-	if err != nil {
-		return 0, err
-	}
-
-	now := r.clock.Now()
-
-	// Ideally, we want to rotate after half the TTL has elapsed.
-	idealRotationTime := pks.ExpiresAt().Add(-r.ttl / 2)
-
-	// If we are past the ideal rotation time, rotate immediatly.
-	return max(0, idealRotationTime.Sub(now)), nil
-}
-
-func max(a, b time.Duration) time.Duration {
-	if a > b {
-		return a
-	}
-	return b
-}
-
-func (r *PrivateKeyRotator) Run() chan struct{} {
-	attempt := func() {
-		k, err := r.generateKey()
-		if err != nil {
-			log.Printf("go-oidc: failed generating signing key: %v", err)
-			return
-		}
-
-		exp := r.expiresAt()
-		if err := rotatePrivateKeys(r.repo, k, r.keep, exp); err != nil {
-			log.Printf("go-oidc: key rotation failed: %v", err)
-			return
-		}
-	}
-
-	stop := make(chan struct{})
-	go func() {
-		for {
-			var nextRotation time.Duration
-			var sleep time.Duration
-			var err error
-			for {
-				if nextRotation, err = r.nextRotation(); err == nil {
-					break
-				}
-				sleep = ptime.ExpBackoff(sleep, time.Minute)
-				log.Printf("go-oidc: error getting nextRotation, retrying in %v: %v", sleep, err)
-				time.Sleep(sleep)
-			}
-
-			select {
-			case <-r.clock.After(nextRotation):
-				attempt()
-			case <-stop:
-				return
-			}
-		}
-	}()
-
-	return stop
-}
-
-func rotatePrivateKeys(repo PrivateKeySetRepo, k *PrivateKey, keep int, exp time.Time) error {
-	ks, err := repo.Get()
-	if err != nil && err != ErrorNoKeys {
-		return err
-	}
-
-	var keys []*PrivateKey
-	if ks != nil {
-		pks, ok := ks.(*PrivateKeySet)
-		if !ok {
-			return errors.New("unable to cast to PrivateKeySet")
-		}
-		keys = pks.Keys()
-	}
-
-	keys = append([]*PrivateKey{k}, keys...)
-	if l := len(keys); l > keep {
-		keys = keys[0:keep]
-	}
-
-	nks := PrivateKeySet{
-		keys:        keys,
-		ActiveKeyID: k.ID(),
-		expiresAt:   exp,
-	}
-
-	return repo.Set(KeySet(&nks))
-}
diff --git a/vendor/github.com/coreos/go-oidc/key/sync.go b/vendor/github.com/coreos/go-oidc/key/sync.go
deleted file mode 100644
index b887f7b5a560..000000000000
--- a/vendor/github.com/coreos/go-oidc/key/sync.go
+++ /dev/null
@@ -1,91 +0,0 @@
-package key
-
-import (
-	"errors"
-	"log"
-	"time"
-
-	"github.com/jonboulle/clockwork"
-
-	"github.com/coreos/pkg/timeutil"
-)
-
-func NewKeySetSyncer(r ReadableKeySetRepo, w WritableKeySetRepo) *KeySetSyncer {
-	return &KeySetSyncer{
-		readable: r,
-		writable: w,
-		clock:    clockwork.NewRealClock(),
-	}
-}
-
-type KeySetSyncer struct {
-	readable ReadableKeySetRepo
-	writable WritableKeySetRepo
-	clock    clockwork.Clock
-}
-
-func (s *KeySetSyncer) Run() chan struct{} {
-	stop := make(chan struct{})
-	go func() {
-		var failing bool
-		var next time.Duration
-		for {
-			exp, err := syncKeySet(s.readable, s.writable, s.clock)
-			if err != nil || exp == 0 {
-				if !failing {
-					failing = true
-					next = time.Second
-				} else {
-					next = timeutil.ExpBackoff(next, time.Minute)
-				}
-				if exp == 0 {
-					log.Printf("Synced to already expired key set, retrying in %v: %v", next, err)
-
-				} else {
-					log.Printf("Failed syncing key set, retrying in %v: %v", next, err)
-				}
-			} else {
-				failing = false
-				next = exp / 2
-			}
-
-			select {
-			case <-s.clock.After(next):
-				continue
-			case <-stop:
-				return
-			}
-		}
-	}()
-
-	return stop
-}
-
-func Sync(r ReadableKeySetRepo, w WritableKeySetRepo) (time.Duration, error) {
-	return syncKeySet(r, w, clockwork.NewRealClock())
-}
-
-// syncKeySet copies the keyset from r to the KeySet at w and returns the duration in which the KeySet will expire.
-// If keyset has already expired, returns a zero duration.
-func syncKeySet(r ReadableKeySetRepo, w WritableKeySetRepo, clock clockwork.Clock) (exp time.Duration, err error) {
-	var ks KeySet
-	ks, err = r.Get()
-	if err != nil {
-		return
-	}
-
-	if ks == nil {
-		err = errors.New("no source KeySet")
-		return
-	}
-
-	if err = w.Set(ks); err != nil {
-		return
-	}
-
-	now := clock.Now()
-	if ks.ExpiresAt().After(now) {
-		exp = ks.ExpiresAt().Sub(now)
-	}
-	return
-}
diff --git a/vendor/github.com/coreos/go-oidc/oauth2/doc.go b/vendor/github.com/coreos/go-oidc/oauth2/doc.go
deleted file mode 100644
index 52eb3085e934..000000000000
--- a/vendor/github.com/coreos/go-oidc/oauth2/doc.go
+++ /dev/null
@@ -1,2 +0,0 @@
-// Package oauth2 is DEPRECATED. Use golang.org/x/oauth instead.
-package oauth2
diff --git a/vendor/github.com/coreos/go-oidc/oauth2/error.go b/vendor/github.com/coreos/go-oidc/oauth2/error.go
deleted file mode 100644
index 50d890949a23..000000000000
--- a/vendor/github.com/coreos/go-oidc/oauth2/error.go
+++ /dev/null
@@ -1,29 +0,0 @@
-package oauth2
-
-const (
-	ErrorAccessDenied            = "access_denied"
-	ErrorInvalidClient           = "invalid_client"
-	ErrorInvalidGrant            = "invalid_grant"
-	ErrorInvalidRequest          = "invalid_request"
-	ErrorServerError             = "server_error"
-	ErrorUnauthorizedClient      = "unauthorized_client"
-	ErrorUnsupportedGrantType    = "unsupported_grant_type"
-	ErrorUnsupportedResponseType = "unsupported_response_type"
-)
-
-type Error struct {
-	Type        string `json:"error"`
-	Description string `json:"error_description,omitempty"`
-	State       string `json:"state,omitempty"`
-}
-
-func (e *Error) Error() string {
-	if e.Description != "" {
-		return e.Type + ": " + e.Description
-	}
-	return e.Type
-}
-
-func NewError(typ string) *Error {
-	return &Error{Type: typ}
-}
diff --git a/vendor/github.com/coreos/go-oidc/oauth2/oauth2.go b/vendor/github.com/coreos/go-oidc/oauth2/oauth2.go
deleted file mode 100644
index 72d1d6715bfd..000000000000
--- a/vendor/github.com/coreos/go-oidc/oauth2/oauth2.go
+++ /dev/null
@@ -1,416 +0,0 @@
-package oauth2
-
-import (
-	"encoding/json"
-	"errors"
-	"fmt"
-	"io/ioutil"
-	"mime"
-	"net/http"
-	"net/url"
-	"sort"
-	"strconv"
-	"strings"
-
-	phttp "github.com/coreos/go-oidc/http"
-)
-
-// ResponseTypesEqual compares two response_type values. If either
-// contains a space, it is treated as an unordered list. For example,
-// comparing "code id_token" and "id_token code" would evaluate to true.
-func ResponseTypesEqual(r1, r2 string) bool {
-	if !strings.Contains(r1, " ") || !strings.Contains(r2, " ") {
-		// fast route, no split needed
-		return r1 == r2
-	}
-
-	// split, sort, and compare
-	r1Fields := strings.Fields(r1)
-	r2Fields := strings.Fields(r2)
-	if len(r1Fields) != len(r2Fields) {
-		return false
-	}
-	sort.Strings(r1Fields)
-	sort.Strings(r2Fields)
-	for i, r1Field := range r1Fields {
-		if r1Field != r2Fields[i] {
-			return false
-		}
-	}
-	return true
-}
-
-const (
-	// OAuth2.0 response types registered by OIDC.
-	//
-	// See: https://openid.net/specs/oauth-v2-multiple-response-types-1_0.html#RegistryContents
-	ResponseTypeCode             = "code"
-	ResponseTypeCodeIDToken      = "code id_token"
-	ResponseTypeCodeIDTokenToken = "code id_token token"
-	ResponseTypeIDToken          = "id_token"
-	ResponseTypeIDTokenToken     = "id_token token"
-	ResponseTypeToken            = "token"
-	ResponseTypeNone             = "none"
-)
-
-const (
-	GrantTypeAuthCode     = "authorization_code"
-	GrantTypeClientCreds  = "client_credentials"
-	GrantTypeUserCreds    = "password"
-	GrantTypeImplicit     = "implicit"
-	GrantTypeRefreshToken = "refresh_token"
-
-	AuthMethodClientSecretPost  = "client_secret_post"
-	AuthMethodClientSecretBasic = "client_secret_basic"
-	AuthMethodClientSecretJWT   = "client_secret_jwt"
-	AuthMethodPrivateKeyJWT     = "private_key_jwt"
-)
-
-type Config struct {
-	Credentials ClientCredentials
-	Scope       []string
-	RedirectURL string
-	AuthURL     string
-	TokenURL    string
-
-	// Must be one of the AuthMethodXXX methods above. Right now, only
-	// AuthMethodClientSecretPost and AuthMethodClientSecretBasic are supported.
-	AuthMethod string
-}
-
-type Client struct {
-	hc          phttp.Client
-	creds       ClientCredentials
-	scope       []string
-	authURL     *url.URL
-	redirectURL *url.URL
-	tokenURL    *url.URL
-	authMethod  string
-}
-
-type ClientCredentials struct {
-	ID     string
-	Secret string
-}
-
-func NewClient(hc phttp.Client, cfg Config) (c *Client, err error) {
-	if len(cfg.Credentials.ID) == 0 {
-		err = errors.New("missing client id")
-		return
-	}
-
-	if len(cfg.Credentials.Secret) == 0 {
-		err = errors.New("missing client secret")
-		return
-	}
-
-	if cfg.AuthMethod == "" {
-		cfg.AuthMethod = AuthMethodClientSecretBasic
-	} else if cfg.AuthMethod != AuthMethodClientSecretPost && cfg.AuthMethod != AuthMethodClientSecretBasic {
-		err = fmt.Errorf("auth method %q is not supported", cfg.AuthMethod)
-		return
-	}
-
-	au, err := phttp.ParseNonEmptyURL(cfg.AuthURL)
-	if err != nil {
-		return
-	}
-
-	tu, err := phttp.ParseNonEmptyURL(cfg.TokenURL)
-	if err != nil {
-		return
-	}
-
-	// Allow empty redirect URL in the case where the client
-	// only needs to verify a given token.
-	ru, err := url.Parse(cfg.RedirectURL)
-	if err != nil {
-		return
-	}
-
-	c = &Client{
-		creds:       cfg.Credentials,
-		scope:       cfg.Scope,
-		redirectURL: ru,
-		authURL:     au,
-		tokenURL:    tu,
-		hc:          hc,
-		authMethod:  cfg.AuthMethod,
-	}
-
-	return
-}
-
-// Return the embedded HTTP client
-func (c *Client) HttpClient() phttp.Client {
-	return c.hc
-}
-
-// Generate the url for initial redirect to oauth provider.
-func (c *Client) AuthCodeURL(state, accessType, prompt string) string {
-	v := c.commonURLValues()
-	v.Set("state", state)
-	if strings.ToLower(accessType) == "offline" {
-		v.Set("access_type", "offline")
-	}
-
-	if prompt != "" {
-		v.Set("prompt", prompt)
-	}
-	v.Set("response_type", "code")
-
-	q := v.Encode()
-	u := *c.authURL
-	if u.RawQuery == "" {
-		u.RawQuery = q
-	} else {
-		u.RawQuery += "&" + q
-	}
-	return u.String()
-}
-
-func (c *Client) commonURLValues() url.Values {
-	return url.Values{
-		"redirect_uri": {c.redirectURL.String()},
-		"scope":        {strings.Join(c.scope, " ")},
-		"client_id":    {c.creds.ID},
-	}
-}
-
-func (c *Client) newAuthenticatedRequest(urlToken string, values url.Values) (*http.Request, error) {
-	var req *http.Request
-	var err error
-	switch c.authMethod {
-	case AuthMethodClientSecretPost:
-		values.Set("client_secret", c.creds.Secret)
-		req, err = http.NewRequest("POST", urlToken, strings.NewReader(values.Encode()))
-		if err != nil {
-			return nil, err
-		}
-	case AuthMethodClientSecretBasic:
-		req, err = http.NewRequest("POST", urlToken, strings.NewReader(values.Encode()))
-		if err != nil {
-			return nil, err
-		}
-		encodedID := url.QueryEscape(c.creds.ID)
-		encodedSecret := url.QueryEscape(c.creds.Secret)
-		req.SetBasicAuth(encodedID, encodedSecret)
-	default:
-		panic("misconfigured client: auth method not supported")
-	}
-
-	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
-	return req, nil
-
-}
-
-// ClientCredsToken posts the client id and secret to obtain a token scoped to the OAuth2 client via the "client_credentials" grant type.
-// May not be supported by all OAuth2 servers.
-func (c *Client) ClientCredsToken(scope []string) (result TokenResponse, err error) {
-	v := url.Values{
-		"scope":      {strings.Join(scope, " ")},
-		"grant_type": {GrantTypeClientCreds},
-	}
-
-	req, err := c.newAuthenticatedRequest(c.tokenURL.String(), v)
-	if err != nil {
-		return
-	}
-
-	resp, err := c.hc.Do(req)
-	if err != nil {
-		return
-	}
-	defer resp.Body.Close()
-
-	return parseTokenResponse(resp)
-}
-
-// UserCredsToken posts the username and password to obtain a token scoped to the OAuth2 client via the "password" grant_type
-// May not be supported by all OAuth2 servers.
-func (c *Client) UserCredsToken(username, password string) (result TokenResponse, err error) {
-	v := url.Values{
-		"scope":      {strings.Join(c.scope, " ")},
-		"grant_type": {GrantTypeUserCreds},
-		"username":   {username},
-		"password":   {password},
-	}
-
-	req, err := c.newAuthenticatedRequest(c.tokenURL.String(), v)
-	if err != nil {
-		return
-	}
-
-	resp, err := c.hc.Do(req)
-	if err != nil {
-		return
-	}
-	defer resp.Body.Close()
-
-	return parseTokenResponse(resp)
-}
-
-// RequestToken requests a token from the Token Endpoint with the specified grantType.
-// If 'grantType' == GrantTypeAuthCode, then 'value' should be the authorization code.
-// If 'grantType' == GrantTypeRefreshToken, then 'value' should be the refresh token.
-func (c *Client) RequestToken(grantType, value string) (result TokenResponse, err error) {
-	v := c.commonURLValues()
-
-	v.Set("grant_type", grantType)
-	v.Set("client_secret", c.creds.Secret)
-	switch grantType {
-	case GrantTypeAuthCode:
-		v.Set("code", value)
-	case GrantTypeRefreshToken:
-		v.Set("refresh_token", value)
-	default:
-		err = fmt.Errorf("unsupported grant_type: %v", grantType)
-		return
-	}
-
-	req, err := c.newAuthenticatedRequest(c.tokenURL.String(), v)
-	if err != nil {
-		return
-	}
-
-	resp, err := c.hc.Do(req)
-	if err != nil {
-		return
-	}
-	defer resp.Body.Close()
-
-	return parseTokenResponse(resp)
-}
-
-func parseTokenResponse(resp *http.Response) (result TokenResponse, err error) {
-	body, err := ioutil.ReadAll(resp.Body)
-	if err != nil {
-		return
-	}
-	badStatusCode := resp.StatusCode < 200 || resp.StatusCode > 299
-
-	contentType, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-	if err != nil {
-		return
-	}
-
-	result = TokenResponse{
-		RawBody: body,
-	}
-
-	newError := func(typ, desc, state string) error {
-		if typ == "" {
-			return fmt.Errorf("unrecognized error %s", body)
-		}
-		return &Error{typ, desc, state}
-	}
-
-	if contentType == "application/x-www-form-urlencoded" || contentType == "text/plain" {
-		var vals url.Values
-		vals, err = url.ParseQuery(string(body))
-		if err != nil {
-			return
-		}
-		if error := vals.Get("error"); error != "" || badStatusCode {
-			err = newError(error, vals.Get("error_description"), vals.Get("state"))
-			return
-		}
-		e := vals.Get("expires_in")
-		if e == "" {
-			e = vals.Get("expires")
-		}
-		if e != "" {
-			result.Expires, err = strconv.Atoi(e)
-			if err != nil {
-				return
-			}
-		}
-		result.AccessToken = vals.Get("access_token")
-		result.TokenType = vals.Get("token_type")
-		result.IDToken = vals.Get("id_token")
-		result.RefreshToken = vals.Get("refresh_token")
-		result.Scope = vals.Get("scope")
-	} else {
-		var r struct {
-			AccessToken  string      `json:"access_token"`
-			TokenType    string      `json:"token_type"`
-			IDToken      string      `json:"id_token"`
-			RefreshToken string      `json:"refresh_token"`
-			Scope        string      `json:"scope"`
-			State        string      `json:"state"`
-			ExpiresIn    json.Number `json:"expires_in"` // Azure AD returns string
-			Expires      int         `json:"expires"`
-			Error        string      `json:"error"`
-			Desc         string      `json:"error_description"`
-		}
-		if err = json.Unmarshal(body, &r); err != nil {
-			return
-		}
-		if r.Error != "" || badStatusCode {
-			err = newError(r.Error, r.Desc, r.State)
-			return
-		}
-		result.AccessToken = r.AccessToken
-		result.TokenType = r.TokenType
-		result.IDToken = r.IDToken
-		result.RefreshToken = r.RefreshToken
-		result.Scope = r.Scope
-		if expiresIn, err := r.ExpiresIn.Int64(); err != nil {
-			result.Expires = r.Expires
-		} else {
-			result.Expires = int(expiresIn)
-		}
-	}
-	return
-}
-
-type TokenResponse struct {
-	AccessToken  string
-	TokenType    string
-	Expires      int
-	IDToken      string
-	RefreshToken string // OPTIONAL.
-	Scope        string // OPTIONAL, if identical to the scope requested by the client, otherwise, REQUIRED.
-	RawBody      []byte // In case callers need some other non-standard info from the token response
-}
-
-type AuthCodeRequest struct {
-	ResponseType string
-	ClientID     string
-	RedirectURL  *url.URL
-	Scope        []string
-	State        string
-}
-
-func ParseAuthCodeRequest(q url.Values) (AuthCodeRequest, error) {
-	acr := AuthCodeRequest{
-		ResponseType: q.Get("response_type"),
-		ClientID:     q.Get("client_id"),
-		State:        q.Get("state"),
-		Scope:        make([]string, 0),
-	}
-
-	qs := strings.TrimSpace(q.Get("scope"))
-	if qs != "" {
-		acr.Scope = strings.Split(qs, " ")
-	}
-
-	err := func() error {
-		if acr.ClientID == "" {
-			return NewError(ErrorInvalidRequest)
-		}
-
-		redirectURL := q.Get("redirect_uri")
-		if redirectURL != "" {
-			ru, err := url.Parse(redirectURL)
-			if err != nil {
-				return NewError(ErrorInvalidRequest)
-			}
-			acr.RedirectURL = ru
-		}
-
-		return nil
-	}()
-
-	return acr, err
-}
diff --git a/vendor/github.com/coreos/go-oidc/oidc.go b/vendor/github.com/coreos/go-oidc/oidc.go
new file mode 100644
index 000000000000..c82ba46b4af7
--- /dev/null
+++ b/vendor/github.com/coreos/go-oidc/oidc.go
@@ -0,0 +1,374 @@
+// Package oidc implements OpenID Connect client logic for the golang.org/x/oauth2 package.
+package oidc
+
+import (
+	"context"
+	"crypto/sha256"
+	"crypto/sha512"
+	"encoding/base64"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"hash"
+	"io/ioutil"
+	"mime"
+	"net/http"
+	"strings"
+	"time"
+
+	"golang.org/x/oauth2"
+	jose "gopkg.in/square/go-jose.v2"
+)
+
+const (
+	// ScopeOpenID is the mandatory scope for all OpenID Connect OAuth2 requests.
+	ScopeOpenID = "openid"
+
+	// ScopeOfflineAccess is an optional scope defined by OpenID Connect for requesting
+	// OAuth2 refresh tokens.
+	//
+	// Support for this scope differs between OpenID Connect providers. For instance
+	// Google rejects it, favoring appending "access_type=offline" as part of the
+	// authorization request instead.
+	//
+	// See: https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess
+	ScopeOfflineAccess = "offline_access"
+)
+
+var (
+	errNoAtHash      = errors.New("id token did not have an access token hash")
+	errInvalidAtHash = errors.New("access token hash does not match value in ID token")
+)
+
+// ClientContext returns a new Context that carries the provided HTTP client.
+//
+// This method sets the same context key used by the golang.org/x/oauth2 package,
+// so the returned context works for that package too.
+//
+//    myClient := &http.Client{}
+//    ctx := oidc.ClientContext(parentContext, myClient)
+//
+//    // This will use the custom client
+//    provider, err := oidc.NewProvider(ctx, "https://accounts.example.com")
+//
+func ClientContext(ctx context.Context, client *http.Client) context.Context {
+	return context.WithValue(ctx, oauth2.HTTPClient, client)
+}
+
+func doRequest(ctx context.Context, req *http.Request) (*http.Response, error) {
+	client := http.DefaultClient
+	if c, ok := ctx.Value(oauth2.HTTPClient).(*http.Client); ok {
+		client = c
+	}
+	return client.Do(req.WithContext(ctx))
+}
+
+// Provider represents an OpenID Connect server's configuration.
+type Provider struct {
+	issuer      string
+	authURL     string
+	tokenURL    string
+	userInfoURL string
+
+	// Raw claims returned by the server.
+	rawClaims []byte
+
+	remoteKeySet KeySet
+}
+
+type cachedKeys struct {
+	keys   []jose.JSONWebKey
+	expiry time.Time
+}
+
+type providerJSON struct {
+	Issuer      string `json:"issuer"`
+	AuthURL     string `json:"authorization_endpoint"`
+	TokenURL    string `json:"token_endpoint"`
+	JWKSURL     string `json:"jwks_uri"`
+	UserInfoURL string `json:"userinfo_endpoint"`
+}
+
+// NewProvider uses the OpenID Connect discovery mechanism to construct a Provider.
+//
+// The issuer is the URL identifier for the service. For example: "https://accounts.google.com"
+// or "https://login.salesforce.com".
+func NewProvider(ctx context.Context, issuer string) (*Provider, error) {
+	wellKnown := strings.TrimSuffix(issuer, "/") + "/.well-known/openid-configuration"
+	req, err := http.NewRequest("GET", wellKnown, nil)
+	if err != nil {
+		return nil, err
+	}
+	resp, err := doRequest(ctx, req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	body, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return nil, fmt.Errorf("unable to read response body: %v", err)
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("%s: %s", resp.Status, body)
+	}
+
+	var p providerJSON
+	err = unmarshalResp(resp, body, &p)
+	if err != nil {
+		return nil, fmt.Errorf("oidc: failed to decode provider discovery object: %v", err)
+	}
+
+	if p.Issuer != issuer {
+		return nil, fmt.Errorf("oidc: issuer did not match the issuer returned by provider, expected %q got %q", issuer, p.Issuer)
+	}
+	return &Provider{
+		issuer:       p.Issuer,
+		authURL:      p.AuthURL,
+		tokenURL:     p.TokenURL,
+		userInfoURL:  p.UserInfoURL,
+		rawClaims:    body,
+		remoteKeySet: NewRemoteKeySet(ctx, p.JWKSURL),
+	}, nil
+}
+
+// Claims unmarshals raw fields returned by the server during discovery.
+//
+//    var claims struct {
+//        ScopesSupported []string `json:"scopes_supported"`
+//        ClaimsSupported []string `json:"claims_supported"`
+//    }
+//
+//    if err := provider.Claims(&claims); err != nil {
+//        // handle unmarshaling error
+//    }
+//
+// For a list of fields defined by the OpenID Connect spec see:
+// https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata
+func (p *Provider) Claims(v interface{}) error {
+	if p.rawClaims == nil {
+		return errors.New("oidc: claims not set")
+	}
+	return json.Unmarshal(p.rawClaims, v)
+}
+
+// Endpoint returns the OAuth2 auth and token endpoints for the given provider.
+func (p *Provider) Endpoint() oauth2.Endpoint {
+	return oauth2.Endpoint{AuthURL: p.authURL, TokenURL: p.tokenURL}
+}
+
+// UserInfo represents the OpenID Connect userinfo claims.
+type UserInfo struct {
+	Subject       string `json:"sub"`
+	Profile       string `json:"profile"`
+	Email         string `json:"email"`
+	EmailVerified bool   `json:"email_verified"`
+
+	claims []byte
+}
+
+// Claims unmarshals the raw JSON object claims into the provided object.
+func (u *UserInfo) Claims(v interface{}) error {
+	if u.claims == nil {
+		return errors.New("oidc: claims not set")
+	}
+	return json.Unmarshal(u.claims, v)
+}
+
+// UserInfo uses the token source to query the provider's user info endpoint.
+func (p *Provider) UserInfo(ctx context.Context, tokenSource oauth2.TokenSource) (*UserInfo, error) {
+	if p.userInfoURL == "" {
+		return nil, errors.New("oidc: user info endpoint is not supported by this provider")
+	}
+
+	req, err := http.NewRequest("GET", p.userInfoURL, nil)
+	if err != nil {
+		return nil, fmt.Errorf("oidc: create GET request: %v", err)
+	}
+
+	token, err := tokenSource.Token()
+	if err != nil {
+		return nil, fmt.Errorf("oidc: get access token: %v", err)
+	}
+	token.SetAuthHeader(req)
+
+	resp, err := doRequest(ctx, req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+	body, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return nil, err
+	}
+	if resp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("%s: %s", resp.Status, body)
+	}
+
+	var userInfo UserInfo
+	if err := json.Unmarshal(body, &userInfo); err != nil {
+		return nil, fmt.Errorf("oidc: failed to decode userinfo: %v", err)
+	}
+	userInfo.claims = body
+	return &userInfo, nil
+}
+
+// IDToken is an OpenID Connect extension that provides a predictable representation
+// of an authorization event.
+//
+// The ID Token only holds fields OpenID Connect requires. To access additional
+// claims returned by the server, use the Claims method.
+type IDToken struct {
+	// The URL of the server which issued this token. OpenID Connect
+	// requires this value always be identical to the URL used for
+	// initial discovery.
+	//
+	// Note: Because of a known issue with Google Accounts' implementation
+	// this value may differ when using Google.
+	//
+	// See: https://developers.google.com/identity/protocols/OpenIDConnect#obtainuserinfo
+	Issuer string
+
+	// The client ID, or set of client IDs, that this token is issued for. For
+	// common uses, this is the client that initialized the auth flow.
+	//
+	// This package ensures the audience contains an expected value.
+	Audience []string
+
+	// A unique string which identifies the end user.
+	Subject string
+
+	// Expiry of the token. Ths package will not process tokens that have
+	// expired unless that validation is explicitly turned off.
+	Expiry time.Time
+	// When the token was issued by the provider.
+	IssuedAt time.Time
+
+	// Initial nonce provided during the authentication redirect.
+	//
+	// This package does NOT provided verification on the value of this field
+	// and it's the user's responsibility to ensure it contains a valid value.
+	Nonce string
+
+	// at_hash claim, if set in the ID token. Callers can verify an access token
+	// that corresponds to the ID token using the VerifyAccessToken method.
+	AccessTokenHash string
+
+	// signature algorithm used for ID token, needed to compute a verification hash of an
+	// access token
+	sigAlgorithm string
+
+	// Raw payload of the id_token.
+	claims []byte
+}
+
+// Claims unmarshals the raw JSON payload of the ID Token into a provided struct.
+//
+//		idToken, err := idTokenVerifier.Verify(rawIDToken)
+//		if err != nil {
+//			// handle error
+//		}
+//		var claims struct {
+//			Email         string `json:"email"`
+//			EmailVerified bool   `json:"email_verified"`
+//		}
+//		if err := idToken.Claims(&claims); err != nil {
+//			// handle error
+//		}
+//
+func (i *IDToken) Claims(v interface{}) error {
+	if i.claims == nil {
+		return errors.New("oidc: claims not set")
+	}
+	return json.Unmarshal(i.claims, v)
+}
+
+// VerifyAccessToken verifies that the hash of the access token that corresponds to the iD token
+// matches the hash in the id token. It returns an error if the hashes  don't match.
+// It is the caller's responsibility to ensure that the optional access token hash is present for the ID token
+// before calling this method. See https://openid.net/specs/openid-connect-core-1_0.html#CodeIDToken
+func (i *IDToken) VerifyAccessToken(accessToken string) error {
+	if i.AccessTokenHash == "" {
+		return errNoAtHash
+	}
+	var h hash.Hash
+	switch i.sigAlgorithm {
+	case RS256, ES256, PS256:
+		h = sha256.New()
+	case RS384, ES384, PS384:
+		h = sha512.New384()
+	case RS512, ES512, PS512:
+		h = sha512.New()
+	default:
+		return fmt.Errorf("oidc: unsupported signing algorithm %q", i.sigAlgorithm)
+	}
+	h.Write([]byte(accessToken)) // hash documents that Write will never return an error
+	sum := h.Sum(nil)[:h.Size()/2]
+	actual := base64.RawURLEncoding.EncodeToString(sum)
+	if actual != i.AccessTokenHash {
+		return errInvalidAtHash
+	}
+	return nil
+}
+
+type idToken struct {
+	Issuer   string   `json:"iss"`
+	Subject  string   `json:"sub"`
+	Audience audience `json:"aud"`
+	Expiry   jsonTime `json:"exp"`
+	IssuedAt jsonTime `json:"iat"`
+	Nonce    string   `json:"nonce"`
+	AtHash   string   `json:"at_hash"`
+}
+
+type audience []string
+
+func (a *audience) UnmarshalJSON(b []byte) error {
+	var s string
+	if json.Unmarshal(b, &s) == nil {
+		*a = audience{s}
+		return nil
+	}
+	var auds []string
+	if err := json.Unmarshal(b, &auds); err != nil {
+		return err
+	}
+	*a = audience(auds)
+	return nil
+}
+
+type jsonTime time.Time
+
+func (j *jsonTime) UnmarshalJSON(b []byte) error {
+	var n json.Number
+	if err := json.Unmarshal(b, &n); err != nil {
+		return err
+	}
+	var unix int64
+
+	if t, err := n.Int64(); err == nil {
+		unix = t
+	} else {
+		f, err := n.Float64()
+		if err != nil {
+			return err
+		}
+		unix = int64(f)
+	}
+	*j = jsonTime(time.Unix(unix, 0))
+	return nil
+}
+
+func unmarshalResp(r *http.Response, body []byte, v interface{}) error {
+	err := json.Unmarshal(body, &v)
+	if err == nil {
+		return nil
+	}
+	ct := r.Header.Get("Content-Type")
+	mediaType, _, parseErr := mime.ParseMediaType(ct)
+	if parseErr == nil && mediaType == "application/json" {
+		return fmt.Errorf("got Content-Type = application/json, but could not unmarshal as JSON: %v", err)
+	}
+	return fmt.Errorf("expected Content-Type = application/json, got %q: %v", ct, err)
+}
diff --git a/vendor/github.com/coreos/go-oidc/oidc/client.go b/vendor/github.com/coreos/go-oidc/oidc/client.go
deleted file mode 100644
index 7a3cb40f6450..000000000000
--- a/vendor/github.com/coreos/go-oidc/oidc/client.go
+++ /dev/null
@@ -1,846 +0,0 @@
-package oidc
-
-import (
-	"encoding/json"
-	"errors"
-	"fmt"
-	"net/http"
-	"net/mail"
-	"net/url"
-	"sync"
-	"time"
-
-	phttp "github.com/coreos/go-oidc/http"
-	"github.com/coreos/go-oidc/jose"
-	"github.com/coreos/go-oidc/key"
-	"github.com/coreos/go-oidc/oauth2"
-)
-
-const (
-	// amount of time that must pass after the last key sync
-	// completes before another attempt may begin
-	keySyncWindow = 5 * time.Second
-)
-
-var (
-	DefaultScope = []string{"openid", "email", "profile"}
-
-	supportedAuthMethods = map[string]struct{}{
-		oauth2.AuthMethodClientSecretBasic: struct{}{},
-		oauth2.AuthMethodClientSecretPost:  struct{}{},
-	}
-)
-
-type ClientCredentials oauth2.ClientCredentials
-
-type ClientIdentity struct {
-	Credentials ClientCredentials
-	Metadata    ClientMetadata
-}
-
-type JWAOptions struct {
-	// SigningAlg specifies an JWA alg for signing JWTs.
-	//
-	// Specifying this field implies different actions depending on the context. It may
-	// require objects be serialized and signed as a JWT instead of plain JSON, or
-	// require an existing JWT object use the specified alg.
-	//
-	// See: http://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata
-	SigningAlg string
-	// EncryptionAlg, if provided, specifies that the returned or sent object be stored
-	// (or nested) within a JWT object and encrypted with the provided JWA alg.
-	EncryptionAlg string
-	// EncryptionEnc specifies the JWA enc algorithm to use with EncryptionAlg. If
-	// EncryptionAlg is provided and EncryptionEnc is omitted, this field defaults
-	// to A128CBC-HS256.
-	//
-	// If EncryptionEnc is provided EncryptionAlg must also be specified.
-	EncryptionEnc string
-}
-
-func (opt JWAOptions) valid() error {
-	if opt.EncryptionEnc != "" && opt.EncryptionAlg == "" {
-		return errors.New("encryption encoding provided with no encryption algorithm")
-	}
-	return nil
-}
-
-func (opt JWAOptions) defaults() JWAOptions {
-	if opt.EncryptionAlg != "" && opt.EncryptionEnc == "" {
-		opt.EncryptionEnc = jose.EncA128CBCHS256
-	}
-	return opt
-}
-
-var (
-	// Ensure ClientMetadata satisfies these interfaces.
-	_ json.Marshaler   = &ClientMetadata{}
-	_ json.Unmarshaler = &ClientMetadata{}
-)
-
-// ClientMetadata holds metadata that the authorization server associates
-// with a client identifier. The fields range from human-facing display
-// strings such as client name, to items that impact the security of the
-// protocol, such as the list of valid redirect URIs.
-//
-// See http://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata
-//
-// TODO: support language specific claim representations
-// http://openid.net/specs/openid-connect-registration-1_0.html#LanguagesAndScripts
-type ClientMetadata struct {
-	RedirectURIs []url.URL // Required
-
-	// A list of OAuth 2.0 "response_type" values that the client wishes to restrict
-	// itself to. Either "code", "token", or another registered extension.
-	//
-	// If omitted, only "code" will be used.
-	ResponseTypes []string
-	// A list of OAuth 2.0 grant types the client wishes to restrict itself to.
-	// The grant type values used by OIDC are "authorization_code", "implicit",
-	// and "refresh_token".
-	//
-	// If ommitted, only "authorization_code" will be used.
-	GrantTypes []string
-	// "native" or "web". If omitted, "web".
-	ApplicationType string
-
-	// List of email addresses.
-	Contacts []mail.Address
-	// Name of client to be presented to the end-user.
-	ClientName string
-	// URL that references a logo for the Client application.
-	LogoURI *url.URL
-	// URL of the home page of the Client.
-	ClientURI *url.URL
-	// Profile data policies and terms of use to be provided to the end user.
-	PolicyURI         *url.URL
-	TermsOfServiceURI *url.URL
-
-	// URL to or the value of the client's JSON Web Key Set document.
-	JWKSURI *url.URL
-	JWKS    *jose.JWKSet
-
-	// URL referencing a flie with a single JSON array of redirect URIs.
-	SectorIdentifierURI *url.URL
-
-	SubjectType string
-
-	// Options to restrict the JWS alg and enc values used for server responses and requests.
-	IDTokenResponseOptions  JWAOptions
-	UserInfoResponseOptions JWAOptions
-	RequestObjectOptions    JWAOptions
-
-	// Client requested authorization method and signing options for the token endpoint.
-	//
-	// Defaults to "client_secret_basic"
-	TokenEndpointAuthMethod     string
-	TokenEndpointAuthSigningAlg string
-
-	// DefaultMaxAge specifies the maximum amount of time in seconds before an authorized
-	// user must reauthroize.
-	//
-	// If 0, no limitation is placed on the maximum.
-	DefaultMaxAge int64
-	// RequireAuthTime specifies if the auth_time claim in the ID token is required.
-	RequireAuthTime bool
-
-	// Default Authentication Context Class Reference values for authentication requests.
-	DefaultACRValues []string
-
-	// URI that a third party can use to initiate a login by the relaying party.
-	//
-	// See: http://openid.net/specs/openid-connect-core-1_0.html#ThirdPartyInitiatedLogin
-	InitiateLoginURI *url.URL
-	// Pre-registered request_uri values that may be cached by the server.
-	RequestURIs []url.URL
-}
-
-// Defaults returns a shallow copy of ClientMetadata with default
-// values replacing omitted fields.
-func (m ClientMetadata) Defaults() ClientMetadata {
-	if len(m.ResponseTypes) == 0 {
-		m.ResponseTypes = []string{oauth2.ResponseTypeCode}
-	}
-	if len(m.GrantTypes) == 0 {
-		m.GrantTypes = []string{oauth2.GrantTypeAuthCode}
-	}
-	if m.ApplicationType == "" {
-		m.ApplicationType = "web"
-	}
-	if m.TokenEndpointAuthMethod == "" {
-		m.TokenEndpointAuthMethod = oauth2.AuthMethodClientSecretBasic
-	}
-	m.IDTokenResponseOptions = m.IDTokenResponseOptions.defaults()
-	m.UserInfoResponseOptions = m.UserInfoResponseOptions.defaults()
-	m.RequestObjectOptions = m.RequestObjectOptions.defaults()
-	return m
-}
-
-func (m *ClientMetadata) MarshalJSON() ([]byte, error) {
-	e := m.toEncodableStruct()
-	return json.Marshal(&e)
-}
-
-func (m *ClientMetadata) UnmarshalJSON(data []byte) error {
-	var e encodableClientMetadata
-	if err := json.Unmarshal(data, &e); err != nil {
-		return err
-	}
-	meta, err := e.toStruct()
-	if err != nil {
-		return err
-	}
-	if err := meta.Valid(); err != nil {
-		return err
-	}
-	*m = meta
-	return nil
-}
-
-type encodableClientMetadata struct {
-	RedirectURIs                 []string     `json:"redirect_uris"` // Required
-	ResponseTypes                []string     `json:"response_types,omitempty"`
-	GrantTypes                   []string     `json:"grant_types,omitempty"`
-	ApplicationType              string       `json:"application_type,omitempty"`
-	Contacts                     []string     `json:"contacts,omitempty"`
-	ClientName                   string       `json:"client_name,omitempty"`
-	LogoURI                      string       `json:"logo_uri,omitempty"`
-	ClientURI                    string       `json:"client_uri,omitempty"`
-	PolicyURI                    string       `json:"policy_uri,omitempty"`
-	TermsOfServiceURI            string       `json:"tos_uri,omitempty"`
-	JWKSURI                      string       `json:"jwks_uri,omitempty"`
-	JWKS                         *jose.JWKSet `json:"jwks,omitempty"`
-	SectorIdentifierURI          string       `json:"sector_identifier_uri,omitempty"`
-	SubjectType                  string       `json:"subject_type,omitempty"`
-	IDTokenSignedResponseAlg     string       `json:"id_token_signed_response_alg,omitempty"`
-	IDTokenEncryptedResponseAlg  string       `json:"id_token_encrypted_response_alg,omitempty"`
-	IDTokenEncryptedResponseEnc  string       `json:"id_token_encrypted_response_enc,omitempty"`
-	UserInfoSignedResponseAlg    string       `json:"userinfo_signed_response_alg,omitempty"`
-	UserInfoEncryptedResponseAlg string       `json:"userinfo_encrypted_response_alg,omitempty"`
-	UserInfoEncryptedResponseEnc string       `json:"userinfo_encrypted_response_enc,omitempty"`
-	RequestObjectSigningAlg      string       `json:"request_object_signing_alg,omitempty"`
-	RequestObjectEncryptionAlg   string       `json:"request_object_encryption_alg,omitempty"`
-	RequestObjectEncryptionEnc   string       `json:"request_object_encryption_enc,omitempty"`
-	TokenEndpointAuthMethod      string       `json:"token_endpoint_auth_method,omitempty"`
-	TokenEndpointAuthSigningAlg  string       `json:"token_endpoint_auth_signing_alg,omitempty"`
-	DefaultMaxAge                int64        `json:"default_max_age,omitempty"`
-	RequireAuthTime              bool         `json:"require_auth_time,omitempty"`
-	DefaultACRValues             []string     `json:"default_acr_values,omitempty"`
-	InitiateLoginURI             string       `json:"initiate_login_uri,omitempty"`
-	RequestURIs                  []string     `json:"request_uris,omitempty"`
-}
-
-func (c *encodableClientMetadata) toStruct() (ClientMetadata, error) {
-	p := stickyErrParser{}
-	m := ClientMetadata{
-		RedirectURIs:                p.parseURIs(c.RedirectURIs, "redirect_uris"),
-		ResponseTypes:               c.ResponseTypes,
-		GrantTypes:                  c.GrantTypes,
-		ApplicationType:             c.ApplicationType,
-		Contacts:                    p.parseEmails(c.Contacts, "contacts"),
-		ClientName:                  c.ClientName,
-		LogoURI:                     p.parseURI(c.LogoURI, "logo_uri"),
-		ClientURI:                   p.parseURI(c.ClientURI, "client_uri"),
-		PolicyURI:                   p.parseURI(c.PolicyURI, "policy_uri"),
-		TermsOfServiceURI:           p.parseURI(c.TermsOfServiceURI, "tos_uri"),
-		JWKSURI:                     p.parseURI(c.JWKSURI, "jwks_uri"),
-		JWKS:                        c.JWKS,
-		SectorIdentifierURI:         p.parseURI(c.SectorIdentifierURI, "sector_identifier_uri"),
-		SubjectType:                 c.SubjectType,
-		TokenEndpointAuthMethod:     c.TokenEndpointAuthMethod,
-		TokenEndpointAuthSigningAlg: c.TokenEndpointAuthSigningAlg,
-		DefaultMaxAge:               c.DefaultMaxAge,
-		RequireAuthTime:             c.RequireAuthTime,
-		DefaultACRValues:            c.DefaultACRValues,
-		InitiateLoginURI:            p.parseURI(c.InitiateLoginURI, "initiate_login_uri"),
-		RequestURIs:                 p.parseURIs(c.RequestURIs, "request_uris"),
-		IDTokenResponseOptions: JWAOptions{
-			c.IDTokenSignedResponseAlg,
-			c.IDTokenEncryptedResponseAlg,
-			c.IDTokenEncryptedResponseEnc,
-		},
-		UserInfoResponseOptions: JWAOptions{
-			c.UserInfoSignedResponseAlg,
-			c.UserInfoEncryptedResponseAlg,
-			c.UserInfoEncryptedResponseEnc,
-		},
-		RequestObjectOptions: JWAOptions{
-			c.RequestObjectSigningAlg,
-			c.RequestObjectEncryptionAlg,
-			c.RequestObjectEncryptionEnc,
-		},
-	}
-	if p.firstErr != nil {
-		return ClientMetadata{}, p.firstErr
-	}
-	return m, nil
-}
-
-// stickyErrParser parses URIs and email addresses. Once it encounters
-// a parse error, subsequent calls become no-op.
-type stickyErrParser struct {
-	firstErr error
-}
-
-func (p *stickyErrParser) parseURI(s, field string) *url.URL {
-	if p.firstErr != nil || s == "" {
-		return nil
-	}
-	u, err := url.Parse(s)
-	if err == nil {
-		if u.Host == "" {
-			err = errors.New("no host in URI")
-		} else if u.Scheme != "http" && u.Scheme != "https" {
-			err = errors.New("invalid URI scheme")
-		}
-	}
-	if err != nil {
-		p.firstErr = fmt.Errorf("failed to parse %s: %v", field, err)
-		return nil
-	}
-	return u
-}
-
-func (p *stickyErrParser) parseURIs(s []string, field string) []url.URL {
-	if p.firstErr != nil || len(s) == 0 {
-		return nil
-	}
-	uris := make([]url.URL, len(s))
-	for i, val := range s {
-		if val == "" {
-			p.firstErr = fmt.Errorf("invalid URI in field %s", field)
-			return nil
-		}
-		if u := p.parseURI(val, field); u != nil {
-			uris[i] = *u
-		}
-	}
-	return uris
-}
-
-func (p *stickyErrParser) parseEmails(s []string, field string) []mail.Address {
-	if p.firstErr != nil || len(s) == 0 {
-		return nil
-	}
-	addrs := make([]mail.Address, len(s))
-	for i, addr := range s {
-		if addr == "" {
-			p.firstErr = fmt.Errorf("invalid email in field %s", field)
-			return nil
-		}
-		a, err := mail.ParseAddress(addr)
-		if err != nil {
-			p.firstErr = fmt.Errorf("invalid email in field %s: %v", field, err)
-			return nil
-		}
-		addrs[i] = *a
-	}
-	return addrs
-}
-
-func (m *ClientMetadata) toEncodableStruct() encodableClientMetadata {
-	return encodableClientMetadata{
-		RedirectURIs:                 urisToStrings(m.RedirectURIs),
-		ResponseTypes:                m.ResponseTypes,
-		GrantTypes:                   m.GrantTypes,
-		ApplicationType:              m.ApplicationType,
-		Contacts:                     emailsToStrings(m.Contacts),
-		ClientName:                   m.ClientName,
-		LogoURI:                      uriToString(m.LogoURI),
-		ClientURI:                    uriToString(m.ClientURI),
-		PolicyURI:                    uriToString(m.PolicyURI),
-		TermsOfServiceURI:            uriToString(m.TermsOfServiceURI),
-		JWKSURI:                      uriToString(m.JWKSURI),
-		JWKS:                         m.JWKS,
-		SectorIdentifierURI:          uriToString(m.SectorIdentifierURI),
-		SubjectType:                  m.SubjectType,
-		IDTokenSignedResponseAlg:     m.IDTokenResponseOptions.SigningAlg,
-		IDTokenEncryptedResponseAlg:  m.IDTokenResponseOptions.EncryptionAlg,
-		IDTokenEncryptedResponseEnc:  m.IDTokenResponseOptions.EncryptionEnc,
-		UserInfoSignedResponseAlg:    m.UserInfoResponseOptions.SigningAlg,
-		UserInfoEncryptedResponseAlg: m.UserInfoResponseOptions.EncryptionAlg,
-		UserInfoEncryptedResponseEnc: m.UserInfoResponseOptions.EncryptionEnc,
-		RequestObjectSigningAlg:      m.RequestObjectOptions.SigningAlg,
-		RequestObjectEncryptionAlg:   m.RequestObjectOptions.EncryptionAlg,
-		RequestObjectEncryptionEnc:   m.RequestObjectOptions.EncryptionEnc,
-		TokenEndpointAuthMethod:      m.TokenEndpointAuthMethod,
-		TokenEndpointAuthSigningAlg:  m.TokenEndpointAuthSigningAlg,
-		DefaultMaxAge:                m.DefaultMaxAge,
-		RequireAuthTime:              m.RequireAuthTime,
-		DefaultACRValues:             m.DefaultACRValues,
-		InitiateLoginURI:             uriToString(m.InitiateLoginURI),
-		RequestURIs:                  urisToStrings(m.RequestURIs),
-	}
-}
-
-func uriToString(u *url.URL) string {
-	if u == nil {
-		return ""
-	}
-	return u.String()
-}
-
-func urisToStrings(urls []url.URL) []string {
-	if len(urls) == 0 {
-		return nil
-	}
-	sli := make([]string, len(urls))
-	for i, u := range urls {
-		sli[i] = u.String()
-	}
-	return sli
-}
-
-func emailsToStrings(addrs []mail.Address) []string {
-	if len(addrs) == 0 {
-		return nil
-	}
-	sli := make([]string, len(addrs))
-	for i, addr := range addrs {
-		sli[i] = addr.String()
-	}
-	return sli
-}
-
-// Valid determines if a ClientMetadata conforms with the OIDC specification.
-//
-// Valid is called by UnmarshalJSON.
-//
-// NOTE(ericchiang): For development purposes Valid does not mandate 'https' for
-// URLs fields where the OIDC spec requires it. This may change in future releases
-// of this package. See: https://github.com/coreos/go-oidc/issues/34
-func (m *ClientMetadata) Valid() error {
-	if len(m.RedirectURIs) == 0 {
-		return errors.New("zero redirect URLs")
-	}
-
-	validURI := func(u *url.URL, fieldName string) error {
-		if u.Host == "" {
-			return fmt.Errorf("no host for uri field %s", fieldName)
-		}
-		if u.Scheme != "http" && u.Scheme != "https" {
-			return fmt.Errorf("uri field %s scheme is not http or https", fieldName)
-		}
-		return nil
-	}
-
-	uris := []struct {
-		val  *url.URL
-		name string
-	}{
-		{m.LogoURI, "logo_uri"},
-		{m.ClientURI, "client_uri"},
-		{m.PolicyURI, "policy_uri"},
-		{m.TermsOfServiceURI, "tos_uri"},
-		{m.JWKSURI, "jwks_uri"},
-		{m.SectorIdentifierURI, "sector_identifier_uri"},
-		{m.InitiateLoginURI, "initiate_login_uri"},
-	}
-
-	for _, uri := range uris {
-		if uri.val == nil {
-			continue
-		}
-		if err := validURI(uri.val, uri.name); err != nil {
-			return err
-		}
-	}
-
-	uriLists := []struct {
-		vals []url.URL
-		name string
-	}{
-		{m.RedirectURIs, "redirect_uris"},
-		{m.RequestURIs, "request_uris"},
-	}
-	for _, list := range uriLists {
-		for _, uri := range list.vals {
-			if err := validURI(&uri, list.name); err != nil {
-				return err
-			}
-		}
-	}
-
-	options := []struct {
-		option JWAOptions
-		name   string
-	}{
-		{m.IDTokenResponseOptions, "id_token response"},
-		{m.UserInfoResponseOptions, "userinfo response"},
-		{m.RequestObjectOptions, "request_object"},
-	}
-	for _, option := range options {
-		if err := option.option.valid(); err != nil {
-			return fmt.Errorf("invalid JWA values for %s: %v", option.name, err)
-		}
-	}
-	return nil
-}
-
-type ClientRegistrationResponse struct {
-	ClientID                string // Required
-	ClientSecret            string
-	RegistrationAccessToken string
-	RegistrationClientURI   string
-	// If IsZero is true, unspecified.
-	ClientIDIssuedAt time.Time
-	// Time at which the client_secret will expire.
-	// If IsZero is true, it will not expire.
-	ClientSecretExpiresAt time.Time
-
-	ClientMetadata
-}
-
-type encodableClientRegistrationResponse struct {
-	ClientID                string `json:"client_id"` // Required
-	ClientSecret            string `json:"client_secret,omitempty"`
-	RegistrationAccessToken string `json:"registration_access_token,omitempty"`
-	RegistrationClientURI   string `json:"registration_client_uri,omitempty"`
-	ClientIDIssuedAt        int64  `json:"client_id_issued_at,omitempty"`
-	// Time at which the client_secret will expire, in seconds since the epoch.
-	// If 0 it will not expire.
-	ClientSecretExpiresAt int64 `json:"client_secret_expires_at"` // Required
-
-	encodableClientMetadata
-}
-
-func unixToSec(t time.Time) int64 {
-	if t.IsZero() {
-		return 0
-	}
-	return t.Unix()
-}
-
-func (c *ClientRegistrationResponse) MarshalJSON() ([]byte, error) {
-	e := encodableClientRegistrationResponse{
-		ClientID:                c.ClientID,
-		ClientSecret:            c.ClientSecret,
-		RegistrationAccessToken: c.RegistrationAccessToken,
-		RegistrationClientURI:   c.RegistrationClientURI,
-		ClientIDIssuedAt:        unixToSec(c.ClientIDIssuedAt),
-		ClientSecretExpiresAt:   unixToSec(c.ClientSecretExpiresAt),
-		encodableClientMetadata: c.ClientMetadata.toEncodableStruct(),
-	}
-	return json.Marshal(&e)
-}
-
-func secToUnix(sec int64) time.Time {
-	if sec == 0 {
-		return time.Time{}
-	}
-	return time.Unix(sec, 0)
-}
-
-func (c *ClientRegistrationResponse) UnmarshalJSON(data []byte) error {
-	var e encodableClientRegistrationResponse
-	if err := json.Unmarshal(data, &e); err != nil {
-		return err
-	}
-	if e.ClientID == "" {
-		return errors.New("no client_id in client registration response")
-	}
-	metadata, err := e.encodableClientMetadata.toStruct()
-	if err != nil {
-		return err
-	}
-	*c = ClientRegistrationResponse{
-		ClientID:                e.ClientID,
-		ClientSecret:            e.ClientSecret,
-		RegistrationAccessToken: e.RegistrationAccessToken,
-		RegistrationClientURI:   e.RegistrationClientURI,
-		ClientIDIssuedAt:        secToUnix(e.ClientIDIssuedAt),
-		ClientSecretExpiresAt:   secToUnix(e.ClientSecretExpiresAt),
-		ClientMetadata:          metadata,
-	}
-	return nil
-}
-
-type ClientConfig struct {
-	HTTPClient     phttp.Client
-	Credentials    ClientCredentials
-	Scope          []string
-	RedirectURL    string
-	ProviderConfig ProviderConfig
-	KeySet         key.PublicKeySet
-}
-
-func NewClient(cfg ClientConfig) (*Client, error) {
-	// Allow empty redirect URL in the case where the client
-	// only needs to verify a given token.
-	ru, err := url.Parse(cfg.RedirectURL)
-	if err != nil {
-		return nil, fmt.Errorf("invalid redirect URL: %v", err)
-	}
-
-	c := Client{
-		credentials:    cfg.Credentials,
-		httpClient:     cfg.HTTPClient,
-		scope:          cfg.Scope,
-		redirectURL:    ru.String(),
-		providerConfig: newProviderConfigRepo(cfg.ProviderConfig),
-		keySet:         cfg.KeySet,
-	}
-
-	if c.httpClient == nil {
-		c.httpClient = http.DefaultClient
-	}
-
-	if c.scope == nil {
-		c.scope = make([]string, len(DefaultScope))
-		copy(c.scope, DefaultScope)
-	}
-
-	return &c, nil
-}
-
-type Client struct {
-	httpClient     phttp.Client
-	providerConfig *providerConfigRepo
-	credentials    ClientCredentials
-	redirectURL    string
-	scope          []string
-	keySet         key.PublicKeySet
-	providerSyncer *ProviderConfigSyncer
-
-	keySetSyncMutex sync.RWMutex
-	lastKeySetSync  time.Time
-}
-
-func (c *Client) Healthy() error {
-	now := time.Now().UTC()
-
-	cfg := c.providerConfig.Get()
-
-	if cfg.Empty() {
-		return errors.New("oidc client provider config empty")
-	}
-
-	if !cfg.ExpiresAt.IsZero() && cfg.ExpiresAt.Before(now) {
-		return errors.New("oidc client provider config expired")
-	}
-
-	return nil
-}
-
-func (c *Client) OAuthClient() (*oauth2.Client, error) {
-	cfg := c.providerConfig.Get()
-	authMethod, err := chooseAuthMethod(cfg)
-	if err != nil {
-		return nil, err
-	}
-
-	ocfg := oauth2.Config{
-		Credentials: oauth2.ClientCredentials(c.credentials),
-		RedirectURL: c.redirectURL,
-		AuthURL:     cfg.AuthEndpoint.String(),
-		TokenURL:    cfg.TokenEndpoint.String(),
-		Scope:       c.scope,
-		AuthMethod:  authMethod,
-	}
-
-	return oauth2.NewClient(c.httpClient, ocfg)
-}
-
-func chooseAuthMethod(cfg ProviderConfig) (string, error) {
-	if len(cfg.TokenEndpointAuthMethodsSupported) == 0 {
-		return oauth2.AuthMethodClientSecretBasic, nil
-	}
-
-	for _, authMethod := range cfg.TokenEndpointAuthMethodsSupported {
-		if _, ok := supportedAuthMethods[authMethod]; ok {
-			return authMethod, nil
-		}
-	}
-
-	return "", errors.New("no supported auth methods")
-}
-
-// SyncProviderConfig starts the provider config syncer
-func (c *Client) SyncProviderConfig(discoveryURL string) chan struct{} {
-	r := NewHTTPProviderConfigGetter(c.httpClient, discoveryURL)
-	s := NewProviderConfigSyncer(r, c.providerConfig)
-	stop := s.Run()
-	s.WaitUntilInitialSync()
-	return stop
-}
-
-func (c *Client) maybeSyncKeys() error {
-	tooSoon := func() bool {
-		return time.Now().UTC().Before(c.lastKeySetSync.Add(keySyncWindow))
-	}
-
-	// ignore request to sync keys if a sync operation has been
-	// attempted too recently
-	if tooSoon() {
-		return nil
-	}
-
-	c.keySetSyncMutex.Lock()
-	defer c.keySetSyncMutex.Unlock()
-
-	// check again, as another goroutine may have been holding
-	// the lock while updating the keys
-	if tooSoon() {
-		return nil
-	}
-
-	cfg := c.providerConfig.Get()
-	r := NewRemotePublicKeyRepo(c.httpClient, cfg.KeysEndpoint.String())
-	w := &clientKeyRepo{client: c}
-	_, err := key.Sync(r, w)
-	c.lastKeySetSync = time.Now().UTC()
-
-	return err
-}
-
-type clientKeyRepo struct {
-	client *Client
-}
-
-func (r *clientKeyRepo) Set(ks key.KeySet) error {
-	pks, ok := ks.(*key.PublicKeySet)
-	if !ok {
-		return errors.New("unable to cast to PublicKey")
-	}
-	r.client.keySet = *pks
-	return nil
-}
-
-func (c *Client) ClientCredsToken(scope []string) (jose.JWT, error) {
-	cfg := c.providerConfig.Get()
-
-	if !cfg.SupportsGrantType(oauth2.GrantTypeClientCreds) {
-		return jose.JWT{}, fmt.Errorf("%v grant type is not supported", oauth2.GrantTypeClientCreds)
-	}
-
-	oac, err := c.OAuthClient()
-	if err != nil {
-		return jose.JWT{}, err
-	}
-
-	t, err := oac.ClientCredsToken(scope)
-	if err != nil {
-		return jose.JWT{}, err
-	}
-
-	jwt, err := jose.ParseJWT(t.IDToken)
-	if err != nil {
-		return jose.JWT{}, err
-	}
-
-	return jwt, c.VerifyJWT(jwt)
-}
-
-// ExchangeAuthCode exchanges an OAuth2 auth code for an OIDC JWT ID token.
-func (c *Client) ExchangeAuthCode(code string) (jose.JWT, error) {
-	oac, err := c.OAuthClient()
-	if err != nil {
-		return jose.JWT{}, err
-	}
-
-	t, err := oac.RequestToken(oauth2.GrantTypeAuthCode, code)
-	if err != nil {
-		return jose.JWT{}, err
-	}
-
-	jwt, err := jose.ParseJWT(t.IDToken)
-	if err != nil {
-		return jose.JWT{}, err
-	}
-
-	return jwt, c.VerifyJWT(jwt)
-}
-
-// RefreshToken uses a refresh token to exchange for a new OIDC JWT ID Token.
-func (c *Client) RefreshToken(refreshToken string) (jose.JWT, error) {
-	oac, err := c.OAuthClient()
-	if err != nil {
-		return jose.JWT{}, err
-	}
-
-	t, err := oac.RequestToken(oauth2.GrantTypeRefreshToken, refreshToken)
-	if err != nil {
-		return jose.JWT{}, err
-	}
-
-	jwt, err := jose.ParseJWT(t.IDToken)
-	if err != nil {
-		return jose.JWT{}, err
-	}
-
-	return jwt, c.VerifyJWT(jwt)
-}
-
-func (c *Client) VerifyJWT(jwt jose.JWT) error {
-	var keysFunc func() []key.PublicKey
-	if kID, ok := jwt.KeyID(); ok {
-		keysFunc = c.keysFuncWithID(kID)
-	} else {
-		keysFunc = c.keysFuncAll()
-	}
-
-	v := NewJWTVerifier(
-		c.providerConfig.Get().Issuer.String(),
-		c.credentials.ID,
-		c.maybeSyncKeys, keysFunc)
-
-	return v.Verify(jwt)
-}
-
-// keysFuncWithID returns a function that retrieves at most unexpired
-// public key from the Client that matches the provided ID
-func (c *Client) keysFuncWithID(kID string) func() []key.PublicKey {
-	return func() []key.PublicKey {
-		c.keySetSyncMutex.RLock()
-		defer c.keySetSyncMutex.RUnlock()
-
-		if c.keySet.ExpiresAt().Before(time.Now()) {
-			return []key.PublicKey{}
-		}
-
-		k := c.keySet.Key(kID)
-		if k == nil {
-			return []key.PublicKey{}
-		}
-
-		return []key.PublicKey{*k}
-	}
-}
-
-// keysFuncAll returns a function that retrieves all unexpired public
-// keys from the Client
-func (c *Client) keysFuncAll() func() []key.PublicKey {
-	return func() []key.PublicKey {
-		c.keySetSyncMutex.RLock()
-		defer c.keySetSyncMutex.RUnlock()
-
-		if c.keySet.ExpiresAt().Before(time.Now()) {
-			return []key.PublicKey{}
-		}
-
-		return c.keySet.Keys()
-	}
-}
-
-type providerConfigRepo struct {
-	mu     sync.RWMutex
-	config ProviderConfig // do not access directly, use Get()
-}
-
-func newProviderConfigRepo(pc ProviderConfig) *providerConfigRepo {
-	return &providerConfigRepo{sync.RWMutex{}, pc}
-}
-
-// returns an error to implement ProviderConfigSetter
-func (r *providerConfigRepo) Set(cfg ProviderConfig) error {
-	r.mu.Lock()
-	defer r.mu.Unlock()
-	r.config = cfg
-	return nil
-}
-
-func (r *providerConfigRepo) Get() ProviderConfig {
-	r.mu.RLock()
-	defer r.mu.RUnlock()
-	return r.config
-}
diff --git a/vendor/github.com/coreos/go-oidc/oidc/doc.go b/vendor/github.com/coreos/go-oidc/oidc/doc.go
deleted file mode 100644
index 196611ec542f..000000000000
--- a/vendor/github.com/coreos/go-oidc/oidc/doc.go
+++ /dev/null
@@ -1,2 +0,0 @@
-// Package oidc is DEPRECATED. Use github.com/coreos/go-oidc instead.
-package oidc
diff --git a/vendor/github.com/coreos/go-oidc/oidc/identity.go b/vendor/github.com/coreos/go-oidc/oidc/identity.go
deleted file mode 100644
index 9bfa8e343994..000000000000
--- a/vendor/github.com/coreos/go-oidc/oidc/identity.go
+++ /dev/null
@@ -1,44 +0,0 @@
-package oidc
-
-import (
-	"errors"
-	"time"
-
-	"github.com/coreos/go-oidc/jose"
-)
-
-type Identity struct {
-	ID        string
-	Name      string
-	Email     string
-	ExpiresAt time.Time
-}
-
-func IdentityFromClaims(claims jose.Claims) (*Identity, error) {
-	if claims == nil {
-		return nil, errors.New("nil claim set")
-	}
-
-	var ident Identity
-	var err error
-	var ok bool
-
-	if ident.ID, ok, err = claims.StringClaim("sub"); err != nil {
-		return nil, err
-	} else if !ok {
-		return nil, errors.New("missing required claim: sub")
-	}
-
-	if ident.Email, _, err = claims.StringClaim("email"); err != nil {
-		return nil, err
-	}
-
-	exp, ok, err := claims.TimeClaim("exp")
-	if err != nil {
-		return nil, err
-	} else if ok {
-		ident.ExpiresAt = exp
-	}
-
-	return &ident, nil
-}
diff --git a/vendor/github.com/coreos/go-oidc/oidc/interface.go b/vendor/github.com/coreos/go-oidc/oidc/interface.go
deleted file mode 100644
index 248cac0b4dff..000000000000
--- a/vendor/github.com/coreos/go-oidc/oidc/interface.go
+++ /dev/null
@@ -1,3 +0,0 @@
-package oidc
-
-type LoginFunc func(ident Identity, sessionKey string) (redirectURL string, err error)
diff --git a/vendor/github.com/coreos/go-oidc/oidc/key.go b/vendor/github.com/coreos/go-oidc/oidc/key.go
deleted file mode 100755
index 82a0f567d577..000000000000
--- a/vendor/github.com/coreos/go-oidc/oidc/key.go
+++ /dev/null
@@ -1,67 +0,0 @@
-package oidc
-
-import (
-	"encoding/json"
-	"errors"
-	"net/http"
-	"time"
-
-	phttp "github.com/coreos/go-oidc/http"
-	"github.com/coreos/go-oidc/jose"
-	"github.com/coreos/go-oidc/key"
-)
-
-// DefaultPublicKeySetTTL is the default TTL set on the PublicKeySet if no
-// Cache-Control header is provided by the JWK Set document endpoint.
-const DefaultPublicKeySetTTL = 24 * time.Hour
-
-// NewRemotePublicKeyRepo is responsible for fetching the JWK Set document.
-func NewRemotePublicKeyRepo(hc phttp.Client, ep string) *remotePublicKeyRepo {
-	return &remotePublicKeyRepo{hc: hc, ep: ep}
-}
-
-type remotePublicKeyRepo struct {
-	hc phttp.Client
-	ep string
-}
-
-// Get returns a PublicKeySet fetched from the JWK Set document endpoint. A TTL
-// is set on the Key Set to avoid it having to be re-retrieved for every
-// encryption event. This TTL is typically controlled by the endpoint returning
-// a Cache-Control header, but defaults to 24 hours if no Cache-Control header
-// is found.
-func (r *remotePublicKeyRepo) Get() (key.KeySet, error) {
-	req, err := http.NewRequest("GET", r.ep, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	resp, err := r.hc.Do(req)
-	if err != nil {
-		return nil, err
-	}
-	defer resp.Body.Close()
-
-	var d struct {
-		Keys []jose.JWK `json:"keys"`
-	}
-	if err := json.NewDecoder(resp.Body).Decode(&d); err != nil {
-		return nil, err
-	}
-
-	if len(d.Keys) == 0 {
-		return nil, errors.New("zero keys in response")
-	}
-
-	ttl, ok, err := phttp.Cacheable(resp.Header)
-	if err != nil {
-		return nil, err
-	}
-	if !ok {
-		ttl = DefaultPublicKeySetTTL
-	}
-
-	exp := time.Now().UTC().Add(ttl)
-	ks := key.NewPublicKeySet(d.Keys, exp)
-	return ks, nil
-}
diff --git a/vendor/github.com/coreos/go-oidc/oidc/provider.go b/vendor/github.com/coreos/go-oidc/oidc/provider.go
deleted file mode 100644
index 2afc0da33529..000000000000
--- a/vendor/github.com/coreos/go-oidc/oidc/provider.go
+++ /dev/null
@@ -1,687 +0,0 @@
-package oidc
-
-import (
-	"encoding/json"
-	"errors"
-	"fmt"
-	"log"
-	"net/http"
-	"net/url"
-	"strings"
-	"sync"
-	"time"
-
-	"github.com/coreos/pkg/timeutil"
-	"github.com/jonboulle/clockwork"
-
-	phttp "github.com/coreos/go-oidc/http"
-	"github.com/coreos/go-oidc/oauth2"
-)
-
-const (
-	// Subject Identifier types defined by the OIDC spec. Specifies if the provider
-	// should provide the same sub claim value to all clients (public) or a unique
-	// value for each client (pairwise).
-	//
-	// See: http://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes
-	SubjectTypePublic   = "public"
-	SubjectTypePairwise = "pairwise"
-)
-
-var (
-	// Default values for omitted provider config fields.
-	//
-	// Use ProviderConfig's Defaults method to fill a provider config with these values.
-	DefaultGrantTypesSupported               = []string{oauth2.GrantTypeAuthCode, oauth2.GrantTypeImplicit}
-	DefaultResponseModesSupported            = []string{"query", "fragment"}
-	DefaultTokenEndpointAuthMethodsSupported = []string{oauth2.AuthMethodClientSecretBasic}
-	DefaultClaimTypesSupported               = []string{"normal"}
-)
-
-const (
-	MaximumProviderConfigSyncInterval = 24 * time.Hour
-	MinimumProviderConfigSyncInterval = time.Minute
-
-	discoveryConfigPath = "/.well-known/openid-configuration"
-)
-
-// internally configurable for tests
-var minimumProviderConfigSyncInterval = MinimumProviderConfigSyncInterval
-
-var (
-	// Ensure ProviderConfig satisfies these interfaces.
-	_ json.Marshaler   = &ProviderConfig{}
-	_ json.Unmarshaler = &ProviderConfig{}
-)
-
-// ProviderConfig represents the OpenID Provider Metadata specifying what
-// configurations a provider supports.
-//
-// See: http://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata
-type ProviderConfig struct {
-	Issuer               *url.URL // Required
-	AuthEndpoint         *url.URL // Required
-	TokenEndpoint        *url.URL // Required if grant types other than "implicit" are supported
-	UserInfoEndpoint     *url.URL
-	KeysEndpoint         *url.URL // Required
-	RegistrationEndpoint *url.URL
-	EndSessionEndpoint   *url.URL
-	CheckSessionIFrame   *url.URL
-
-	// Servers MAY choose not to advertise some supported scope values even when this
-	// parameter is used, although those defined in OpenID Core SHOULD be listed, if supported.
-	ScopesSupported []string
-	// OAuth2.0 response types supported.
-	ResponseTypesSupported []string // Required
-	// OAuth2.0 response modes supported.
-	//
-	// If omitted, defaults to DefaultResponseModesSupported.
-	ResponseModesSupported []string
-	// OAuth2.0 grant types supported.
-	//
-	// If omitted, defaults to DefaultGrantTypesSupported.
-	GrantTypesSupported []string
-	ACRValuesSupported  []string
-	// SubjectTypesSupported specifies strategies for providing values for the sub claim.
-	SubjectTypesSupported []string // Required
-
-	// JWA signing and encryption algorith values supported for ID tokens.
-	IDTokenSigningAlgValues    []string // Required
-	IDTokenEncryptionAlgValues []string
-	IDTokenEncryptionEncValues []string
-
-	// JWA signing and encryption algorith values supported for user info responses.
-	UserInfoSigningAlgValues    []string
-	UserInfoEncryptionAlgValues []string
-	UserInfoEncryptionEncValues []string
-
-	// JWA signing and encryption algorith values supported for request objects.
-	ReqObjSigningAlgValues    []string
-	ReqObjEncryptionAlgValues []string
-	ReqObjEncryptionEncValues []string
-
-	TokenEndpointAuthMethodsSupported          []string
-	TokenEndpointAuthSigningAlgValuesSupported []string
-	DisplayValuesSupported                     []string
-	ClaimTypesSupported                        []string
-	ClaimsSupported                            []string
-	ServiceDocs                                *url.URL
-	ClaimsLocalsSupported                      []string
-	UILocalsSupported                          []string
-	ClaimsParameterSupported                   bool
-	RequestParameterSupported                  bool
-	RequestURIParamaterSupported               bool
-	RequireRequestURIRegistration              bool
-
-	Policy         *url.URL
-	TermsOfService *url.URL
-
-	// Not part of the OpenID Provider Metadata
-	ExpiresAt time.Time
-}
-
-// Defaults returns a shallow copy of ProviderConfig with default
-// values replacing omitted fields.
-//
-//     var cfg oidc.ProviderConfig
-//     // Fill provider config with default values for omitted fields.
-//     cfg = cfg.Defaults()
-//
-func (p ProviderConfig) Defaults() ProviderConfig {
-	setDefault := func(val *[]string, defaultVal []string) {
-		if len(*val) == 0 {
-			*val = defaultVal
-		}
-	}
-	setDefault(&p.GrantTypesSupported, DefaultGrantTypesSupported)
-	setDefault(&p.ResponseModesSupported, DefaultResponseModesSupported)
-	setDefault(&p.TokenEndpointAuthMethodsSupported, DefaultTokenEndpointAuthMethodsSupported)
-	setDefault(&p.ClaimTypesSupported, DefaultClaimTypesSupported)
-	return p
-}
-
-func (p *ProviderConfig) MarshalJSON() ([]byte, error) {
-	e := p.toEncodableStruct()
-	return json.Marshal(&e)
-}
-
-func (p *ProviderConfig) UnmarshalJSON(data []byte) error {
-	var e encodableProviderConfig
-	if err := json.Unmarshal(data, &e); err != nil {
-		return err
-	}
-	conf, err := e.toStruct()
-	if err != nil {
-		return err
-	}
-	if err := conf.Valid(); err != nil {
-		return err
-	}
-	*p = conf
-	return nil
-}
-
-type encodableProviderConfig struct {
-	Issuer               string `json:"issuer"`
-	AuthEndpoint         string `json:"authorization_endpoint"`
-	TokenEndpoint        string `json:"token_endpoint"`
-	UserInfoEndpoint     string `json:"userinfo_endpoint,omitempty"`
-	KeysEndpoint         string `json:"jwks_uri"`
-	RegistrationEndpoint string `json:"registration_endpoint,omitempty"`
-	EndSessionEndpoint   string `json:"end_session_endpoint,omitempty"`
-	CheckSessionIFrame   string `json:"check_session_iframe,omitempty"`
-
-	// Use 'omitempty' for all slices as per OIDC spec:
-	// "Claims that return multiple values are represented as JSON arrays.
-	// Claims with zero elements MUST be omitted from the response."
-	// http://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse
-
-	ScopesSupported        []string `json:"scopes_supported,omitempty"`
-	ResponseTypesSupported []string `json:"response_types_supported,omitempty"`
-	ResponseModesSupported []string `json:"response_modes_supported,omitempty"`
-	GrantTypesSupported    []string `json:"grant_types_supported,omitempty"`
-	ACRValuesSupported     []string `json:"acr_values_supported,omitempty"`
-	SubjectTypesSupported  []string `json:"subject_types_supported,omitempty"`
-
-	IDTokenSigningAlgValues     []string `json:"id_token_signing_alg_values_supported,omitempty"`
-	IDTokenEncryptionAlgValues  []string `json:"id_token_encryption_alg_values_supported,omitempty"`
-	IDTokenEncryptionEncValues  []string `json:"id_token_encryption_enc_values_supported,omitempty"`
-	UserInfoSigningAlgValues    []string `json:"userinfo_signing_alg_values_supported,omitempty"`
-	UserInfoEncryptionAlgValues []string `json:"userinfo_encryption_alg_values_supported,omitempty"`
-	UserInfoEncryptionEncValues []string `json:"userinfo_encryption_enc_values_supported,omitempty"`
-	ReqObjSigningAlgValues      []string `json:"request_object_signing_alg_values_supported,omitempty"`
-	ReqObjEncryptionAlgValues   []string `json:"request_object_encryption_alg_values_supported,omitempty"`
-	ReqObjEncryptionEncValues   []string `json:"request_object_encryption_enc_values_supported,omitempty"`
-
-	TokenEndpointAuthMethodsSupported          []string `json:"token_endpoint_auth_methods_supported,omitempty"`
-	TokenEndpointAuthSigningAlgValuesSupported []string `json:"token_endpoint_auth_signing_alg_values_supported,omitempty"`
-
-	DisplayValuesSupported        []string `json:"display_values_supported,omitempty"`
-	ClaimTypesSupported           []string `json:"claim_types_supported,omitempty"`
-	ClaimsSupported               []string `json:"claims_supported,omitempty"`
-	ServiceDocs                   string   `json:"service_documentation,omitempty"`
-	ClaimsLocalsSupported         []string `json:"claims_locales_supported,omitempty"`
-	UILocalsSupported             []string `json:"ui_locales_supported,omitempty"`
-	ClaimsParameterSupported      bool     `json:"claims_parameter_supported,omitempty"`
-	RequestParameterSupported     bool     `json:"request_parameter_supported,omitempty"`
-	RequestURIParamaterSupported  bool     `json:"request_uri_parameter_supported,omitempty"`
-	RequireRequestURIRegistration bool     `json:"require_request_uri_registration,omitempty"`
-
-	Policy         string `json:"op_policy_uri,omitempty"`
-	TermsOfService string `json:"op_tos_uri,omitempty"`
-}
-
-func (cfg ProviderConfig) toEncodableStruct() encodableProviderConfig {
-	return encodableProviderConfig{
-		Issuer:                                     uriToString(cfg.Issuer),
-		AuthEndpoint:                               uriToString(cfg.AuthEndpoint),
-		TokenEndpoint:                              uriToString(cfg.TokenEndpoint),
-		UserInfoEndpoint:                           uriToString(cfg.UserInfoEndpoint),
-		KeysEndpoint:                               uriToString(cfg.KeysEndpoint),
-		RegistrationEndpoint:                       uriToString(cfg.RegistrationEndpoint),
-		EndSessionEndpoint:                         uriToString(cfg.EndSessionEndpoint),
-		CheckSessionIFrame:                         uriToString(cfg.CheckSessionIFrame),
-		ScopesSupported:                            cfg.ScopesSupported,
-		ResponseTypesSupported:                     cfg.ResponseTypesSupported,
-		ResponseModesSupported:                     cfg.ResponseModesSupported,
-		GrantTypesSupported:                        cfg.GrantTypesSupported,
-		ACRValuesSupported:                         cfg.ACRValuesSupported,
-		SubjectTypesSupported:                      cfg.SubjectTypesSupported,
-		IDTokenSigningAlgValues:                    cfg.IDTokenSigningAlgValues,
-		IDTokenEncryptionAlgValues:                 cfg.IDTokenEncryptionAlgValues,
-		IDTokenEncryptionEncValues:                 cfg.IDTokenEncryptionEncValues,
-		UserInfoSigningAlgValues:                   cfg.UserInfoSigningAlgValues,
-		UserInfoEncryptionAlgValues:                cfg.UserInfoEncryptionAlgValues,
-		UserInfoEncryptionEncValues:                cfg.UserInfoEncryptionEncValues,
-		ReqObjSigningAlgValues:                     cfg.ReqObjSigningAlgValues,
-		ReqObjEncryptionAlgValues:                  cfg.ReqObjEncryptionAlgValues,
-		ReqObjEncryptionEncValues:                  cfg.ReqObjEncryptionEncValues,
-		TokenEndpointAuthMethodsSupported:          cfg.TokenEndpointAuthMethodsSupported,
-		TokenEndpointAuthSigningAlgValuesSupported: cfg.TokenEndpointAuthSigningAlgValuesSupported,
-		DisplayValuesSupported:                     cfg.DisplayValuesSupported,
-		ClaimTypesSupported:                        cfg.ClaimTypesSupported,
-		ClaimsSupported:                            cfg.ClaimsSupported,
-		ServiceDocs:                                uriToString(cfg.ServiceDocs),
-		ClaimsLocalsSupported:                      cfg.ClaimsLocalsSupported,
-		UILocalsSupported:                          cfg.UILocalsSupported,
-		ClaimsParameterSupported:                   cfg.ClaimsParameterSupported,
-		RequestParameterSupported:                  cfg.RequestParameterSupported,
-		RequestURIParamaterSupported:               cfg.RequestURIParamaterSupported,
-		RequireRequestURIRegistration:              cfg.RequireRequestURIRegistration,
-		Policy:         uriToString(cfg.Policy),
-		TermsOfService: uriToString(cfg.TermsOfService),
-	}
-}
-
-func (e encodableProviderConfig) toStruct() (ProviderConfig, error) {
-	p := stickyErrParser{}
-	conf := ProviderConfig{
-		Issuer:                                     p.parseURI(e.Issuer, "issuer"),
-		AuthEndpoint:                               p.parseURI(e.AuthEndpoint, "authorization_endpoint"),
-		TokenEndpoint:                              p.parseURI(e.TokenEndpoint, "token_endpoint"),
-		UserInfoEndpoint:                           p.parseURI(e.UserInfoEndpoint, "userinfo_endpoint"),
-		KeysEndpoint:                               p.parseURI(e.KeysEndpoint, "jwks_uri"),
-		RegistrationEndpoint:                       p.parseURI(e.RegistrationEndpoint, "registration_endpoint"),
-		EndSessionEndpoint:                         p.parseURI(e.EndSessionEndpoint, "end_session_endpoint"),
-		CheckSessionIFrame:                         p.parseURI(e.CheckSessionIFrame, "check_session_iframe"),
-		ScopesSupported:                            e.ScopesSupported,
-		ResponseTypesSupported:                     e.ResponseTypesSupported,
-		ResponseModesSupported:                     e.ResponseModesSupported,
-		GrantTypesSupported:                        e.GrantTypesSupported,
-		ACRValuesSupported:                         e.ACRValuesSupported,
-		SubjectTypesSupported:                      e.SubjectTypesSupported,
-		IDTokenSigningAlgValues:                    e.IDTokenSigningAlgValues,
-		IDTokenEncryptionAlgValues:                 e.IDTokenEncryptionAlgValues,
-		IDTokenEncryptionEncValues:                 e.IDTokenEncryptionEncValues,
-		UserInfoSigningAlgValues:                   e.UserInfoSigningAlgValues,
-		UserInfoEncryptionAlgValues:                e.UserInfoEncryptionAlgValues,
-		UserInfoEncryptionEncValues:                e.UserInfoEncryptionEncValues,
-		ReqObjSigningAlgValues:                     e.ReqObjSigningAlgValues,
-		ReqObjEncryptionAlgValues:                  e.ReqObjEncryptionAlgValues,
-		ReqObjEncryptionEncValues:                  e.ReqObjEncryptionEncValues,
-		TokenEndpointAuthMethodsSupported:          e.TokenEndpointAuthMethodsSupported,
-		TokenEndpointAuthSigningAlgValuesSupported: e.TokenEndpointAuthSigningAlgValuesSupported,
-		DisplayValuesSupported:                     e.DisplayValuesSupported,
-		ClaimTypesSupported:                        e.ClaimTypesSupported,
-		ClaimsSupported:                            e.ClaimsSupported,
-		ServiceDocs:                                p.parseURI(e.ServiceDocs, "service_documentation"),
-		ClaimsLocalsSupported:                      e.ClaimsLocalsSupported,
-		UILocalsSupported:                          e.UILocalsSupported,
-		ClaimsParameterSupported:                   e.ClaimsParameterSupported,
-		RequestParameterSupported:                  e.RequestParameterSupported,
-		RequestURIParamaterSupported:               e.RequestURIParamaterSupported,
-		RequireRequestURIRegistration:              e.RequireRequestURIRegistration,
-		Policy:         p.parseURI(e.Policy, "op_policy-uri"),
-		TermsOfService: p.parseURI(e.TermsOfService, "op_tos_uri"),
-	}
-	if p.firstErr != nil {
-		return ProviderConfig{}, p.firstErr
-	}
-	return conf, nil
-}
-
-// Empty returns if a ProviderConfig holds no information.
-//
-// This case generally indicates a ProviderConfigGetter has experienced an error
-// and has nothing to report.
-func (p ProviderConfig) Empty() bool {
-	return p.Issuer == nil
-}
-
-func contains(sli []string, ele string) bool {
-	for _, s := range sli {
-		if s == ele {
-			return true
-		}
-	}
-	return false
-}
-
-// Valid determines if a ProviderConfig conforms with the OIDC specification.
-// If Valid returns successfully it guarantees required field are non-nil and
-// URLs are well formed.
-//
-// Valid is called by UnmarshalJSON.
-//
-// NOTE(ericchiang): For development purposes Valid does not mandate 'https' for
-// URLs fields where the OIDC spec requires it. This may change in future releases
-// of this package. See: https://github.com/coreos/go-oidc/issues/34
-func (p ProviderConfig) Valid() error {
-	grantTypes := p.GrantTypesSupported
-	if len(grantTypes) == 0 {
-		grantTypes = DefaultGrantTypesSupported
-	}
-	implicitOnly := true
-	for _, grantType := range grantTypes {
-		if grantType != oauth2.GrantTypeImplicit {
-			implicitOnly = false
-			break
-		}
-	}
-
-	if len(p.SubjectTypesSupported) == 0 {
-		return errors.New("missing required field subject_types_supported")
-	}
-	if len(p.IDTokenSigningAlgValues) == 0 {
-		return errors.New("missing required field id_token_signing_alg_values_supported")
-	}
-
-	if len(p.ScopesSupported) != 0 && !contains(p.ScopesSupported, "openid") {
-		return errors.New("scoped_supported must be unspecified or include 'openid'")
-	}
-
-	if !contains(p.IDTokenSigningAlgValues, "RS256") {
-		return errors.New("id_token_signing_alg_values_supported must include 'RS256'")
-	}
-
-	uris := []struct {
-		val      *url.URL
-		name     string
-		required bool
-	}{
-		{p.Issuer, "issuer", true},
-		{p.AuthEndpoint, "authorization_endpoint", true},
-		{p.TokenEndpoint, "token_endpoint", !implicitOnly},
-		{p.UserInfoEndpoint, "userinfo_endpoint", false},
-		{p.KeysEndpoint, "jwks_uri", true},
-		{p.RegistrationEndpoint, "registration_endpoint", false},
-		{p.EndSessionEndpoint, "end_session_endpoint", false},
-		{p.CheckSessionIFrame, "check_session_iframe", false},
-		{p.ServiceDocs, "service_documentation", false},
-		{p.Policy, "op_policy_uri", false},
-		{p.TermsOfService, "op_tos_uri", false},
-	}
-
-	for _, uri := range uris {
-		if uri.val == nil {
-			if !uri.required {
-				continue
-			}
-			return fmt.Errorf("empty value for required uri field %s", uri.name)
-		}
-		if uri.val.Host == "" {
-			return fmt.Errorf("no host for uri field %s", uri.name)
-		}
-		if uri.val.Scheme != "http" && uri.val.Scheme != "https" {
-			return fmt.Errorf("uri field %s schemeis not http or https", uri.name)
-		}
-	}
-	return nil
-}
-
-// Supports determines if provider supports a client given their respective metadata.
-func (p ProviderConfig) Supports(c ClientMetadata) error {
-	if err := p.Valid(); err != nil {
-		return fmt.Errorf("invalid provider config: %v", err)
-	}
-	if err := c.Valid(); err != nil {
-		return fmt.Errorf("invalid client config: %v", err)
-	}
-
-	// Fill default values for omitted fields
-	c = c.Defaults()
-	p = p.Defaults()
-
-	// Do the supported values list the requested one?
-	supports := []struct {
-		supported []string
-		requested string
-		name      string
-	}{
-		{p.IDTokenSigningAlgValues, c.IDTokenResponseOptions.SigningAlg, "id_token_signed_response_alg"},
-		{p.IDTokenEncryptionAlgValues, c.IDTokenResponseOptions.EncryptionAlg, "id_token_encryption_response_alg"},
-		{p.IDTokenEncryptionEncValues, c.IDTokenResponseOptions.EncryptionEnc, "id_token_encryption_response_enc"},
-		{p.UserInfoSigningAlgValues, c.UserInfoResponseOptions.SigningAlg, "userinfo_signed_response_alg"},
-		{p.UserInfoEncryptionAlgValues, c.UserInfoResponseOptions.EncryptionAlg, "userinfo_encryption_response_alg"},
-		{p.UserInfoEncryptionEncValues, c.UserInfoResponseOptions.EncryptionEnc, "userinfo_encryption_response_enc"},
-		{p.ReqObjSigningAlgValues, c.RequestObjectOptions.SigningAlg, "request_object_signing_alg"},
-		{p.ReqObjEncryptionAlgValues, c.RequestObjectOptions.EncryptionAlg, "request_object_encryption_alg"},
-		{p.ReqObjEncryptionEncValues, c.RequestObjectOptions.EncryptionEnc, "request_object_encryption_enc"},
-	}
-	for _, field := range supports {
-		if field.requested == "" {
-			continue
-		}
-		if !contains(field.supported, field.requested) {
-			return fmt.Errorf("provider does not support requested value for field %s", field.name)
-		}
-	}
-
-	stringsEqual := func(s1, s2 string) bool { return s1 == s2 }
-
-	// For lists, are the list of requested values a subset of the supported ones?
-	supportsAll := []struct {
-		supported []string
-		requested []string
-		name      string
-		// OAuth2.0 response_type can be space separated lists where order doesn't matter.
-		// For example "id_token token" is the same as "token id_token"
-		// Support a custom compare method.
-		comp func(s1, s2 string) bool
-	}{
-		{p.GrantTypesSupported, c.GrantTypes, "grant_types", stringsEqual},
-		{p.ResponseTypesSupported, c.ResponseTypes, "response_type", oauth2.ResponseTypesEqual},
-	}
-	for _, field := range supportsAll {
-	requestLoop:
-		for _, req := range field.requested {
-			for _, sup := range field.supported {
-				if field.comp(req, sup) {
-					continue requestLoop
-				}
-			}
-			return fmt.Errorf("provider does not support requested value for field %s", field.name)
-		}
-	}
-
-	// TODO(ericchiang): Are there more checks we feel comfortable with begin strict about?
-
-	return nil
-}
-
-func (p ProviderConfig) SupportsGrantType(grantType string) bool {
-	var supported []string
-	if len(p.GrantTypesSupported) == 0 {
-		supported = DefaultGrantTypesSupported
-	} else {
-		supported = p.GrantTypesSupported
-	}
-
-	for _, t := range supported {
-		if t == grantType {
-			return true
-		}
-	}
-	return false
-}
-
-type ProviderConfigGetter interface {
-	Get() (ProviderConfig, error)
-}
-
-type ProviderConfigSetter interface {
-	Set(ProviderConfig) error
-}
-
-type ProviderConfigSyncer struct {
-	from  ProviderConfigGetter
-	to    ProviderConfigSetter
-	clock clockwork.Clock
-
-	initialSyncDone bool
-	initialSyncWait sync.WaitGroup
-}
-
-func NewProviderConfigSyncer(from ProviderConfigGetter, to ProviderConfigSetter) *ProviderConfigSyncer {
-	return &ProviderConfigSyncer{
-		from:  from,
-		to:    to,
-		clock: clockwork.NewRealClock(),
-	}
-}
-
-func (s *ProviderConfigSyncer) Run() chan struct{} {
-	stop := make(chan struct{})
-
-	var next pcsStepper
-	next = &pcsStepNext{aft: time.Duration(0)}
-
-	s.initialSyncWait.Add(1)
-	go func() {
-		for {
-			select {
-			case <-s.clock.After(next.after()):
-				next = next.step(s.sync)
-			case <-stop:
-				return
-			}
-		}
-	}()
-
-	return stop
-}
-
-func (s *ProviderConfigSyncer) WaitUntilInitialSync() {
-	s.initialSyncWait.Wait()
-}
-
-func (s *ProviderConfigSyncer) sync() (time.Duration, error) {
-	cfg, err := s.from.Get()
-	if err != nil {
-		return 0, err
-	}
-
-	if err = s.to.Set(cfg); err != nil {
-		return 0, fmt.Errorf("error setting provider config: %v", err)
-	}
-
-	if !s.initialSyncDone {
-		s.initialSyncWait.Done()
-		s.initialSyncDone = true
-	}
-
-	return nextSyncAfter(cfg.ExpiresAt, s.clock), nil
-}
-
-type pcsStepFunc func() (time.Duration, error)
-
-type pcsStepper interface {
-	after() time.Duration
-	step(pcsStepFunc) pcsStepper
-}
-
-type pcsStepNext struct {
-	aft time.Duration
-}
-
-func (n *pcsStepNext) after() time.Duration {
-	return n.aft
-}
-
-func (n *pcsStepNext) step(fn pcsStepFunc) (next pcsStepper) {
-	ttl, err := fn()
-	if err == nil {
-		next = &pcsStepNext{aft: ttl}
-	} else {
-		next = &pcsStepRetry{aft: time.Second}
-		log.Printf("go-oidc: provider config sync failed, retrying in %v: %v", next.after(), err)
-	}
-	return
-}
-
-type pcsStepRetry struct {
-	aft time.Duration
-}
-
-func (r *pcsStepRetry) after() time.Duration {
-	return r.aft
-}
-
-func (r *pcsStepRetry) step(fn pcsStepFunc) (next pcsStepper) {
-	ttl, err := fn()
-	if err == nil {
-		next = &pcsStepNext{aft: ttl}
-	} else {
-		next = &pcsStepRetry{aft: timeutil.ExpBackoff(r.aft, time.Minute)}
-		log.Printf("go-oidc: provider config sync failed, retrying in %v: %v", next.after(), err)
-	}
-	return
-}
-
-func nextSyncAfter(exp time.Time, clock clockwork.Clock) time.Duration {
-	if exp.IsZero() {
-		return MaximumProviderConfigSyncInterval
-	}
-
-	t := exp.Sub(clock.Now()) / 2
-	if t > MaximumProviderConfigSyncInterval {
-		t = MaximumProviderConfigSyncInterval
-	} else if t < minimumProviderConfigSyncInterval {
-		t = minimumProviderConfigSyncInterval
-	}
-
-	return t
-}
-
-type httpProviderConfigGetter struct {
-	hc        phttp.Client
-	issuerURL string
-	clock     clockwork.Clock
-}
-
-func NewHTTPProviderConfigGetter(hc phttp.Client, issuerURL string) *httpProviderConfigGetter {
-	return &httpProviderConfigGetter{
-		hc:        hc,
-		issuerURL: issuerURL,
-		clock:     clockwork.NewRealClock(),
-	}
-}
-
-func (r *httpProviderConfigGetter) Get() (cfg ProviderConfig, err error) {
-	// If the Issuer value contains a path component, any terminating / MUST be removed before
-	// appending /.well-known/openid-configuration.
-	// https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationRequest
-	discoveryURL := strings.TrimSuffix(r.issuerURL, "/") + discoveryConfigPath
-	req, err := http.NewRequest("GET", discoveryURL, nil)
-	if err != nil {
-		return
-	}
-
-	resp, err := r.hc.Do(req)
-	if err != nil {
-		return
-	}
-	defer resp.Body.Close()
-
-	if err = json.NewDecoder(resp.Body).Decode(&cfg); err != nil {
-		return
-	}
-
-	var ttl time.Duration
-	var ok bool
-	ttl, ok, err = phttp.Cacheable(resp.Header)
-	if err != nil {
-		return
-	} else if ok {
-		cfg.ExpiresAt = r.clock.Now().UTC().Add(ttl)
-	}
-
-	// The issuer value returned MUST be identical to the Issuer URL that was directly used to retrieve the configuration information.
-	// http://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationValidation
-	if !urlEqual(cfg.Issuer.String(), r.issuerURL) {
-		err = fmt.Errorf(`"issuer" in config (%v) does not match provided issuer URL (%v)`, cfg.Issuer, r.issuerURL)
-		return
-	}
-
-	return
-}
-
-func FetchProviderConfig(hc phttp.Client, issuerURL string) (ProviderConfig, error) {
-	if hc == nil {
-		hc = http.DefaultClient
-	}
-
-	g := NewHTTPProviderConfigGetter(hc, issuerURL)
-	return g.Get()
-}
-
-func WaitForProviderConfig(hc phttp.Client, issuerURL string) (pcfg ProviderConfig) {
-	return waitForProviderConfig(hc, issuerURL, clockwork.NewRealClock())
-}
-
-func waitForProviderConfig(hc phttp.Client, issuerURL string, clock clockwork.Clock) (pcfg ProviderConfig) {
-	var sleep time.Duration
-	var err error
-	for {
-		pcfg, err = FetchProviderConfig(hc, issuerURL)
-		if err == nil {
-			break
-		}
-
-		sleep = timeutil.ExpBackoff(sleep, time.Minute)
-		fmt.Printf("Failed fetching provider config, trying again in %v: %v\n", sleep, err)
-		time.Sleep(sleep)
-	}
-
-	return
-}
diff --git a/vendor/github.com/coreos/go-oidc/oidc/transport.go b/vendor/github.com/coreos/go-oidc/oidc/transport.go
deleted file mode 100644
index 61c926d7fe72..000000000000
--- a/vendor/github.com/coreos/go-oidc/oidc/transport.go
+++ /dev/null
@@ -1,88 +0,0 @@
-package oidc
-
-import (
-	"fmt"
-	"net/http"
-	"sync"
-
-	phttp "github.com/coreos/go-oidc/http"
-	"github.com/coreos/go-oidc/jose"
-)
-
-type TokenRefresher interface {
-	// Verify checks if the provided token is currently valid or not.
-	Verify(jose.JWT) error
-
-	// Refresh attempts to authenticate and retrieve a new token.
-	Refresh() (jose.JWT, error)
-}
-
-type ClientCredsTokenRefresher struct {
-	Issuer     string
-	OIDCClient *Client
-}
-
-func (c *ClientCredsTokenRefresher) Verify(jwt jose.JWT) (err error) {
-	_, err = VerifyClientClaims(jwt, c.Issuer)
-	return
-}
-
-func (c *ClientCredsTokenRefresher) Refresh() (jwt jose.JWT, err error) {
-	if err = c.OIDCClient.Healthy(); err != nil {
-		err = fmt.Errorf("unable to authenticate, unhealthy OIDC client: %v", err)
-		return
-	}
-
-	jwt, err = c.OIDCClient.ClientCredsToken([]string{"openid"})
-	if err != nil {
-		err = fmt.Errorf("unable to verify auth code with issuer: %v", err)
-		return
-	}
-
-	return
-}
-
-type AuthenticatedTransport struct {
-	TokenRefresher
-	http.RoundTripper
-
-	mu  sync.Mutex
-	jwt jose.JWT
-}
-
-func (t *AuthenticatedTransport) verifiedJWT() (jose.JWT, error) {
-	t.mu.Lock()
-	defer t.mu.Unlock()
-
-	if t.TokenRefresher.Verify(t.jwt) == nil {
-		return t.jwt, nil
-	}
-
-	jwt, err := t.TokenRefresher.Refresh()
-	if err != nil {
-		return jose.JWT{}, fmt.Errorf("unable to acquire valid JWT: %v", err)
-	}
-
-	t.jwt = jwt
-	return t.jwt, nil
-}
-
-// SetJWT sets the JWT held by the Transport.
-// This is useful for cases in which you want to set an initial JWT.
-func (t *AuthenticatedTransport) SetJWT(jwt jose.JWT) {
-	t.mu.Lock()
-	defer t.mu.Unlock()
-
-	t.jwt = jwt
-}
-
-func (t *AuthenticatedTransport) RoundTrip(r *http.Request) (*http.Response, error) {
-	jwt, err := t.verifiedJWT()
-	if err != nil {
-		return nil, err
-	}
-
-	req := phttp.CopyRequest(r)
-	req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", jwt.Encode()))
-	return t.RoundTripper.RoundTrip(req)
-}
diff --git a/vendor/github.com/coreos/go-oidc/oidc/util.go b/vendor/github.com/coreos/go-oidc/oidc/util.go
deleted file mode 100644
index f2a5a195e4a3..000000000000
--- a/vendor/github.com/coreos/go-oidc/oidc/util.go
+++ /dev/null
@@ -1,109 +0,0 @@
-package oidc
-
-import (
-	"crypto/rand"
-	"encoding/base64"
-	"errors"
-	"fmt"
-	"net"
-	"net/http"
-	"net/url"
-	"strings"
-	"time"
-
-	"github.com/coreos/go-oidc/jose"
-)
-
-// RequestTokenExtractor funcs extract a raw encoded token from a request.
-type RequestTokenExtractor func(r *http.Request) (string, error)
-
-// ExtractBearerToken is a RequestTokenExtractor which extracts a bearer token from a request's
-// Authorization header.
-func ExtractBearerToken(r *http.Request) (string, error) {
-	ah := r.Header.Get("Authorization")
-	if ah == "" {
-		return "", errors.New("missing Authorization header")
-	}
-
-	if len(ah) <= 6 || strings.ToUpper(ah[0:6]) != "BEARER" {
-		return "", errors.New("should be a bearer token")
-	}
-
-	val := ah[7:]
-	if len(val) == 0 {
-		return "", errors.New("bearer token is empty")
-	}
-
-	return val, nil
-}
-
-// CookieTokenExtractor returns a RequestTokenExtractor which extracts a token from the named cookie in a request.
-func CookieTokenExtractor(cookieName string) RequestTokenExtractor {
-	return func(r *http.Request) (string, error) {
-		ck, err := r.Cookie(cookieName)
-		if err != nil {
-			return "", fmt.Errorf("token cookie not found in request: %v", err)
-		}
-
-		if ck.Value == "" {
-			return "", errors.New("token cookie found but is empty")
-		}
-
-		return ck.Value, nil
-	}
-}
-
-func NewClaims(iss, sub string, aud interface{}, iat, exp time.Time) jose.Claims {
-	return jose.Claims{
-		// required
-		"iss": iss,
-		"sub": sub,
-		"aud": aud,
-		"iat": iat.Unix(),
-		"exp": exp.Unix(),
-	}
-}
-
-func GenClientID(hostport string) (string, error) {
-	b, err := randBytes(32)
-	if err != nil {
-		return "", err
-	}
-
-	var host string
-	if strings.Contains(hostport, ":") {
-		host, _, err = net.SplitHostPort(hostport)
-		if err != nil {
-			return "", err
-		}
-	} else {
-		host = hostport
-	}
-
-	return fmt.Sprintf("%s@%s", base64.URLEncoding.EncodeToString(b), host), nil
-}
-
-func randBytes(n int) ([]byte, error) {
-	b := make([]byte, n)
-	got, err := rand.Read(b)
-	if err != nil {
-		return nil, err
-	} else if n != got {
-		return nil, errors.New("unable to generate enough random data")
-	}
-	return b, nil
-}
-
-// urlEqual checks two urls for equality using only the host and path portions.
-func urlEqual(url1, url2 string) bool {
-	u1, err := url.Parse(url1)
-	if err != nil {
-		return false
-	}
-	u2, err := url.Parse(url2)
-	if err != nil {
-		return false
-	}
-
-	return strings.ToLower(u1.Host+u1.Path) == strings.ToLower(u2.Host+u2.Path)
-}
diff --git a/vendor/github.com/coreos/go-oidc/oidc/verification.go b/vendor/github.com/coreos/go-oidc/oidc/verification.go
deleted file mode 100644
index d9c6afa6974d..000000000000
--- a/vendor/github.com/coreos/go-oidc/oidc/verification.go
+++ /dev/null
@@ -1,190 +0,0 @@
-package oidc
-
-import (
-	"errors"
-	"fmt"
-	"time"
-
-	"github.com/jonboulle/clockwork"
-
-	"github.com/coreos/go-oidc/jose"
-	"github.com/coreos/go-oidc/key"
-)
-
-func VerifySignature(jwt jose.JWT, keys []key.PublicKey) (bool, error) {
-	jwtBytes := []byte(jwt.Data())
-	for _, k := range keys {
-		v, err := k.Verifier()
-		if err != nil {
-			return false, err
-		}
-		if v.Verify(jwt.Signature, jwtBytes) == nil {
-			return true, nil
-		}
-	}
-	return false, nil
-}
-
-// containsString returns true if the given string(needle) is found
-// in the string array(haystack).
-func containsString(needle string, haystack []string) bool {
-	for _, v := range haystack {
-		if v == needle {
-			return true
-		}
-	}
-	return false
-}
-
-// Verify claims in accordance with OIDC spec
-// http://openid.net/specs/openid-connect-basic-1_0.html#IDTokenValidation
-func VerifyClaims(jwt jose.JWT, issuer, clientID string) error {
-	now := time.Now().UTC()
-
-	claims, err := jwt.Claims()
-	if err != nil {
-		return err
-	}
-
-	ident, err := IdentityFromClaims(claims)
-	if err != nil {
-		return err
-	}
-
-	if ident.ExpiresAt.Before(now) {
-		return errors.New("token is expired")
-	}
-
-	// iss REQUIRED. Issuer Identifier for the Issuer of the response.
-	// The iss value is a case sensitive URL using the https scheme that contains scheme,
-	// host, and optionally, port number and path components and no query or fragment components.
-	if iss, exists := claims["iss"].(string); exists {
-		if !urlEqual(iss, issuer) {
-			return fmt.Errorf("invalid claim value: 'iss'. expected=%s, found=%s.", issuer, iss)
-		}
-	} else {
-		return errors.New("missing claim: 'iss'")
-	}
-
-	// iat REQUIRED. Time at which the JWT was issued.
-	// Its value is a JSON number representing the number of seconds from 1970-01-01T0:0:0Z
-	// as measured in UTC until the date/time.
-	if _, exists := claims["iat"].(float64); !exists {
-		return errors.New("missing claim: 'iat'")
-	}
-
-	// aud REQUIRED. Audience(s) that this ID Token is intended for.
-	// It MUST contain the OAuth 2.0 client_id of the Relying Party as an audience value.
-	// It MAY also contain identifiers for other audiences. In the general case, the aud
-	// value is an array of case sensitive strings. In the common special case when there
-	// is one audience, the aud value MAY be a single case sensitive string.
-	if aud, ok, err := claims.StringClaim("aud"); err == nil && ok {
-		if aud != clientID {
-			return fmt.Errorf("invalid claims, 'aud' claim and 'client_id' do not match, aud=%s, client_id=%s", aud, clientID)
-		}
-	} else if aud, ok, err := claims.StringsClaim("aud"); err == nil && ok {
-		if !containsString(clientID, aud) {
-			return fmt.Errorf("invalid claims, cannot find 'client_id' in 'aud' claim, aud=%v, client_id=%s", aud, clientID)
-		}
-	} else {
-		return errors.New("invalid claim value: 'aud' is required, and should be either string or string array")
-	}
-
-	return nil
-}
-
-// VerifyClientClaims verifies all the required claims are valid for a "client credentials" JWT.
-// Returns the client ID if valid, or an error if invalid.
-func VerifyClientClaims(jwt jose.JWT, issuer string) (string, error) {
-	claims, err := jwt.Claims()
-	if err != nil {
-		return "", fmt.Errorf("failed to parse JWT claims: %v", err)
-	}
-
-	iss, ok, err := claims.StringClaim("iss")
-	if err != nil {
-		return "", fmt.Errorf("failed to parse 'iss' claim: %v", err)
-	} else if !ok {
-		return "", errors.New("missing required 'iss' claim")
-	} else if !urlEqual(iss, issuer) {
-		return "", fmt.Errorf("'iss' claim does not match expected issuer, iss=%s", iss)
-	}
-
-	sub, ok, err := claims.StringClaim("sub")
-	if err != nil {
-		return "", fmt.Errorf("failed to parse 'sub' claim: %v", err)
-	} else if !ok {
-		return "", errors.New("missing required 'sub' claim")
-	}
-
-	if aud, ok, err := claims.StringClaim("aud"); err == nil && ok {
-		if aud != sub {
-			return "", fmt.Errorf("invalid claims, 'aud' claim and 'sub' claim do not match, aud=%s, sub=%s", aud, sub)
-		}
-	} else if aud, ok, err := claims.StringsClaim("aud"); err == nil && ok {
-		if !containsString(sub, aud) {
-			return "", fmt.Errorf("invalid claims, cannot find 'sud' in 'aud' claim, aud=%v, sub=%s", aud, sub)
-		}
-	} else {
-		return "", errors.New("invalid claim value: 'aud' is required, and should be either string or string array")
-	}
-
-	now := time.Now().UTC()
-	exp, ok, err := claims.TimeClaim("exp")
-	if err != nil {
-		return "", fmt.Errorf("failed to parse 'exp' claim: %v", err)
-	} else if !ok {
-		return "", errors.New("missing required 'exp' claim")
-	} else if exp.Before(now) {
-		return "", fmt.Errorf("token already expired at: %v", exp)
-	}
-
-	return sub, nil
-}
-
-type JWTVerifier struct {
-	issuer   string
-	clientID string
-	syncFunc func() error
-	keysFunc func() []key.PublicKey
-	clock    clockwork.Clock
-}
-
-func NewJWTVerifier(issuer, clientID string, syncFunc func() error, keysFunc func() []key.PublicKey) JWTVerifier {
-	return JWTVerifier{
-		issuer:   issuer,
-		clientID: clientID,
-		syncFunc: syncFunc,
-		keysFunc: keysFunc,
-		clock:    clockwork.NewRealClock(),
-	}
-}
-
-func (v *JWTVerifier) Verify(jwt jose.JWT) error {
-	// Verify claims before verifying the signature. This is an optimization to throw out
-	// tokens we know are invalid without undergoing an expensive signature check and
-	// possibly a re-sync event.
-	if err := VerifyClaims(jwt, v.issuer, v.clientID); err != nil {
-		return fmt.Errorf("oidc: JWT claims invalid: %v", err)
-	}
-
-	ok, err := VerifySignature(jwt, v.keysFunc())
-	if err != nil {
-		return fmt.Errorf("oidc: JWT signature verification failed: %v", err)
-	} else if ok {
-		return nil
-	}
-
-	if err = v.syncFunc(); err != nil {
-		return fmt.Errorf("oidc: failed syncing KeySet: %v", err)
-	}
-
-	ok, err = VerifySignature(jwt, v.keysFunc())
-	if err != nil {
-		return fmt.Errorf("oidc: JWT signature verification failed: %v", err)
-	} else if !ok {
-		return errors.New("oidc: unable to verify JWT signature: no matching keys")
-	}
-
-	return nil
-}
diff --git a/vendor/github.com/coreos/go-oidc/test b/vendor/github.com/coreos/go-oidc/test
new file mode 100755
index 000000000000..b262d0e75a35
--- /dev/null
+++ b/vendor/github.com/coreos/go-oidc/test
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+set -e
+
+# Filter out any files with a !golint build tag.
+LINTABLE=$( go list -tags=golint -f '
+  {{- range $i, $file := .GoFiles -}}
+    {{ $file }} {{ end }}
+  {{ range $i, $file := .TestGoFiles -}}
+    {{ $file }} {{ end }}' github.com/coreos/go-oidc )
+
+go test -v -i -race github.com/coreos/go-oidc/...
+go test -v -race github.com/coreos/go-oidc/...
+golint -set_exit_status $LINTABLE
+go vet github.com/coreos/go-oidc/...
+go build -v ./example/...
diff --git a/vendor/github.com/coreos/go-oidc/verify.go b/vendor/github.com/coreos/go-oidc/verify.go
new file mode 100644
index 000000000000..24ff73ee1d21
--- /dev/null
+++ b/vendor/github.com/coreos/go-oidc/verify.go
@@ -0,0 +1,243 @@
+package oidc
+
+import (
+	"bytes"
+	"context"
+	"encoding/base64"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"strings"
+	"time"
+
+	"golang.org/x/oauth2"
+	jose "gopkg.in/square/go-jose.v2"
+)
+
+const (
+	issuerGoogleAccounts         = "https://accounts.google.com"
+	issuerGoogleAccountsNoScheme = "accounts.google.com"
+)
+
+// KeySet is a set of publc JSON Web Keys that can be used to validate the signature
+// of JSON web tokens. This is expected to be backed by a remote key set through
+// provider metadata discovery or an in-memory set of keys delivered out-of-band.
+type KeySet interface {
+	// VerifySignature parses the JSON web token, verifies the signature, and returns
+	// the raw payload. Header and claim fields are validated by other parts of the
+	// package. For example, the KeySet does not need to check values such as signature
+	// algorithm, issuer, and audience since the IDTokenVerifier validates these values
+	// independently.
+	//
+	// If VerifySignature makes HTTP requests to verify the token, it's expected to
+	// use any HTTP client associated with the context through ClientContext.
+	VerifySignature(ctx context.Context, jwt string) (payload []byte, err error)
+}
+
+// IDTokenVerifier provides verification for ID Tokens.
+type IDTokenVerifier struct {
+	keySet KeySet
+	config *Config
+	issuer string
+}
+
+// NewVerifier returns a verifier manually constructed from a key set and issuer URL.
+//
+// It's easier to use provider discovery to construct an IDTokenVerifier than creating
+// one directly. This method is intended to be used with provider that don't support
+// metadata discovery, or avoiding round trips when the key set URL is already known.
+//
+// This constructor can be used to create a verifier directly using the issuer URL and
+// JSON Web Key Set URL without using discovery:
+//
+//		keySet := oidc.NewRemoteKeySet(ctx, "https://www.googleapis.com/oauth2/v3/certs")
+//		verifier := oidc.NewVerifier("https://accounts.google.com", keySet, config)
+//
+// Since KeySet is an interface, this constructor can also be used to supply custom
+// public key sources. For example, if a user wanted to supply public keys out-of-band
+// and hold them statically in-memory:
+//
+//		// Custom KeySet implementation.
+//		keySet := newStatisKeySet(publicKeys...)
+//
+//		// Verifier uses the custom KeySet implementation.
+//		verifier := oidc.NewVerifier("https://auth.example.com", keySet, config)
+//
+func NewVerifier(issuerURL string, keySet KeySet, config *Config) *IDTokenVerifier {
+	return &IDTokenVerifier{keySet: keySet, config: config, issuer: issuerURL}
+}
+
+// Config is the configuration for an IDTokenVerifier.
+type Config struct {
+	// Expected audience of the token. For a majority of the cases this is expected to be
+	// the ID of the client that initialized the login flow. It may occasionally differ if
+	// the provider supports the authorizing party (azp) claim.
+	//
+	// If not provided, users must explicitly set SkipClientIDCheck.
+	ClientID string
+	// If specified, only this set of algorithms may be used to sign the JWT.
+	//
+	// Since many providers only support RS256, SupportedSigningAlgs defaults to this value.
+	SupportedSigningAlgs []string
+
+	// If true, no ClientID check performed. Must be true if ClientID field is empty.
+	SkipClientIDCheck bool
+	// If true, token expiry is not checked.
+	SkipExpiryCheck bool
+
+	// Time function to check Token expiry. Defaults to time.Now
+	Now func() time.Time
+}
+
+// Verifier returns an IDTokenVerifier that uses the provider's key set to verify JWTs.
+//
+// The returned IDTokenVerifier is tied to the Provider's context and its behavior is
+// undefined once the Provider's context is canceled.
+func (p *Provider) Verifier(config *Config) *IDTokenVerifier {
+	return NewVerifier(p.issuer, p.remoteKeySet, config)
+}
+
+func parseJWT(p string) ([]byte, error) {
+	parts := strings.Split(p, ".")
+	if len(parts) < 2 {
+		return nil, fmt.Errorf("oidc: malformed jwt, expected 3 parts got %d", len(parts))
+	}
+	payload, err := base64.RawURLEncoding.DecodeString(parts[1])
+	if err != nil {
+		return nil, fmt.Errorf("oidc: malformed jwt payload: %v", err)
+	}
+	return payload, nil
+}
+
+func contains(sli []string, ele string) bool {
+	for _, s := range sli {
+		if s == ele {
+			return true
+		}
+	}
+	return false
+}
+
+// Verify parses a raw ID Token, verifies it's been signed by the provider, preforms
+// any additional checks depending on the Config, and returns the payload.
+//
+// Verify does NOT do nonce validation, which is the callers responsibility.
+//
+// See: https://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation
+//
+//    oauth2Token, err := oauth2Config.Exchange(ctx, r.URL.Query().Get("code"))
+//    if err != nil {
+//        // handle error
+//    }
+//
+//    // Extract the ID Token from oauth2 token.
+//    rawIDToken, ok := oauth2Token.Extra("id_token").(string)
+//    if !ok {
+//        // handle error
+//    }
+//
+//    token, err := verifier.Verify(ctx, rawIDToken)
+//
+func (v *IDTokenVerifier) Verify(ctx context.Context, rawIDToken string) (*IDToken, error) {
+	jws, err := jose.ParseSigned(rawIDToken)
+	if err != nil {
+		return nil, fmt.Errorf("oidc: malformed jwt: %v", err)
+	}
+
+	// Throw out tokens with invalid claims before trying to verify the token. This lets
+	// us do cheap checks before possibly re-syncing keys.
+	payload, err := parseJWT(rawIDToken)
+	if err != nil {
+		return nil, fmt.Errorf("oidc: malformed jwt: %v", err)
+	}
+	var token idToken
+	if err := json.Unmarshal(payload, &token); err != nil {
+		return nil, fmt.Errorf("oidc: failed to unmarshal claims: %v", err)
+	}
+
+	t := &IDToken{
+		Issuer:          token.Issuer,
+		Subject:         token.Subject,
+		Audience:        []string(token.Audience),
+		Expiry:          time.Time(token.Expiry),
+		IssuedAt:        time.Time(token.IssuedAt),
+		Nonce:           token.Nonce,
+		AccessTokenHash: token.AtHash,
+		claims:          payload,
+	}
+
+	// Check issuer.
+	if t.Issuer != v.issuer {
+		// Google sometimes returns "accounts.google.com" as the issuer claim instead of
+		// the required "https://accounts.google.com". Detect this case and allow it only
+		// for Google.
+		//
+		// We will not add hooks to let other providers go off spec like this.
+		if !(v.issuer == issuerGoogleAccounts && t.Issuer == issuerGoogleAccountsNoScheme) {
+			return nil, fmt.Errorf("oidc: id token issued by a different provider, expected %q got %q", v.issuer, t.Issuer)
+		}
+	}
+
+	// If a client ID has been provided, make sure it's part of the audience. SkipClientIDCheck must be true if ClientID is empty.
+	//
+	// This check DOES NOT ensure that the ClientID is the party to which the ID Token was issued (i.e. Authorized party).
+	if !v.config.SkipClientIDCheck {
+		if v.config.ClientID != "" {
+			if !contains(t.Audience, v.config.ClientID) {
+				return nil, fmt.Errorf("oidc: expected audience %q got %q", v.config.ClientID, t.Audience)
+			}
+		} else {
+			return nil, fmt.Errorf("oidc: invalid configuration, clientID must be provided or SkipClientIDCheck must be set")
+		}
+	}
+
+	// If a SkipExpiryCheck is false, make sure token is not expired.
+	if !v.config.SkipExpiryCheck {
+		now := time.Now
+		if v.config.Now != nil {
+			now = v.config.Now
+		}
+
+		if t.Expiry.Before(now()) {
+			return nil, fmt.Errorf("oidc: token is expired (Token Expiry: %v)", t.Expiry)
+		}
+	}
+
+	switch len(jws.Signatures) {
+	case 0:
+		return nil, fmt.Errorf("oidc: id token not signed")
+	case 1:
+	default:
+		return nil, fmt.Errorf("oidc: multiple signatures on id token not supported")
+	}
+
+	sig := jws.Signatures[0]
+	supportedSigAlgs := v.config.SupportedSigningAlgs
+	if len(supportedSigAlgs) == 0 {
+		supportedSigAlgs = []string{RS256}
+	}
+
+	if !contains(supportedSigAlgs, sig.Header.Algorithm) {
+		return nil, fmt.Errorf("oidc: id token signed with unsupported algorithm, expected %q got %q", supportedSigAlgs, sig.Header.Algorithm)
+	}
+
+	t.sigAlgorithm = sig.Header.Algorithm
+
+	gotPayload, err := v.keySet.VerifySignature(ctx, rawIDToken)
+	if err != nil {
+		return nil, fmt.Errorf("failed to verify signature: %v", err)
+	}
+
+	// Ensure that the payload returned by the square actually matches the payload parsed earlier.
+	if !bytes.Equal(gotPayload, payload) {
+		return nil, errors.New("oidc: internal error, payload parsed did not match previous payload")
+	}
+
+	return t, nil
+}
+
+// Nonce returns an auth code option which requires the ID Token created by the
+// OpenID Connect provider to contain the specified nonce.
+func Nonce(nonce string) oauth2.AuthCodeOption {
+	return oauth2.SetAuthURLParam("nonce", nonce)
+}
diff --git a/vendor/github.com/coreos/pkg/health/README.md b/vendor/github.com/coreos/pkg/health/README.md
deleted file mode 100644
index 5ec34c21e0fd..000000000000
--- a/vendor/github.com/coreos/pkg/health/README.md
+++ /dev/null
@@ -1,11 +0,0 @@
-health
-====
-
-A simple framework for implementing an HTTP health check endpoint on servers.
-
-Users implement their `health.Checkable` types, and create a `health.Checker`, from which they can get an `http.HandlerFunc` using `health.Checker.MakeHealthHandlerFunc`.
-
-### Documentation
-
-For more details, visit the docs on [gopkgdoc](http://godoc.org/github.com/coreos/pkg/health)
-
diff --git a/vendor/github.com/coreos/pkg/health/health.go b/vendor/github.com/coreos/pkg/health/health.go
deleted file mode 100644
index a1c3610fa5c5..000000000000
--- a/vendor/github.com/coreos/pkg/health/health.go
+++ /dev/null
@@ -1,127 +0,0 @@
-package health
-
-import (
-	"expvar"
-	"fmt"
-	"log"
-	"net/http"
-
-	"github.com/coreos/pkg/httputil"
-)
-
-// Checkables should return nil when the thing they are checking is healthy, and an error otherwise.
-type Checkable interface {
-	Healthy() error
-}
-
-// Checker provides a way to make an endpoint which can be probed for system health.
-type Checker struct {
-	// Checks are the Checkables to be checked when probing.
-	Checks []Checkable
-
-	// Unhealthyhandler is called when one or more of the checks are unhealthy.
-	// If not provided DefaultUnhealthyHandler is called.
-	UnhealthyHandler UnhealthyHandler
-
-	// HealthyHandler is called when all checks are healthy.
-	// If not provided, DefaultHealthyHandler is called.
-	HealthyHandler http.HandlerFunc
-}
-
-func (c Checker) ServeHTTP(w http.ResponseWriter, r *http.Request) {
-	unhealthyHandler := c.UnhealthyHandler
-	if unhealthyHandler == nil {
-		unhealthyHandler = DefaultUnhealthyHandler
-	}
-
-	successHandler := c.HealthyHandler
-	if successHandler == nil {
-		successHandler = DefaultHealthyHandler
-	}
-
-	if r.Method != "GET" {
-		w.Header().Set("Allow", "GET")
-		w.WriteHeader(http.StatusMethodNotAllowed)
-		return
-	}
-
-	if err := Check(c.Checks); err != nil {
-		unhealthyHandler(w, r, err)
-		return
-	}
-
-	successHandler(w, r)
-}
-
-type UnhealthyHandler func(w http.ResponseWriter, r *http.Request, err error)
-
-type StatusResponse struct {
-	Status  string                 `json:"status"`
-	Details *StatusResponseDetails `json:"details,omitempty"`
-}
-
-type StatusResponseDetails struct {
-	Code    int    `json:"code,omitempty"`
-	Message string `json:"message,omitempty"`
-}
-
-func Check(checks []Checkable) (err error) {
-	errs := []error{}
-	for _, c := range checks {
-		if e := c.Healthy(); e != nil {
-			errs = append(errs, e)
-		}
-	}
-
-	switch len(errs) {
-	case 0:
-		err = nil
-	case 1:
-		err = errs[0]
-	default:
-		err = fmt.Errorf("multiple health check failure: %v", errs)
-	}
-
-	return
-}
-
-func DefaultHealthyHandler(w http.ResponseWriter, r *http.Request) {
-	err := httputil.WriteJSONResponse(w, http.StatusOK, StatusResponse{
-		Status: "ok",
-	})
-	if err != nil {
-		// TODO(bobbyrullo): replace with logging from new logging pkg,
-		// once it lands.
-		log.Printf("Failed to write JSON response: %v", err)
-	}
-}
-
-func DefaultUnhealthyHandler(w http.ResponseWriter, r *http.Request, err error) {
-	writeErr := httputil.WriteJSONResponse(w, http.StatusInternalServerError, StatusResponse{
-		Status: "error",
-		Details: &StatusResponseDetails{
-			Code:    http.StatusInternalServerError,
-			Message: err.Error(),
-		},
-	})
-	if writeErr != nil {
-		// TODO(bobbyrullo): replace with logging from new logging pkg,
-		// once it lands.
-		log.Printf("Failed to write JSON response: %v", err)
-	}
-}
-
-// ExpvarHandler is copied from https://golang.org/src/expvar/expvar.go, where it's sadly unexported.
-func ExpvarHandler(w http.ResponseWriter, r *http.Request) {
-	w.Header().Set("Content-Type", "application/json; charset=utf-8")
-	fmt.Fprintf(w, "{\n")
-	first := true
-	expvar.Do(func(kv expvar.KeyValue) {
-		if !first {
-			fmt.Fprintf(w, ",\n")
-		}
-		first = false
-		fmt.Fprintf(w, "%q: %s", kv.Key, kv.Value)
-	})
-	fmt.Fprintf(w, "\n}\n")
-}
diff --git a/vendor/github.com/coreos/pkg/httputil/README.md b/vendor/github.com/coreos/pkg/httputil/README.md
deleted file mode 100644
index 44fa751c4a0a..000000000000
--- a/vendor/github.com/coreos/pkg/httputil/README.md
+++ /dev/null
@@ -1,13 +0,0 @@
-httputil
-====
-
-Common code for dealing with HTTP.
-
-Includes:
-
-* Code for returning JSON responses.
-
-### Documentation
-
-Visit the docs on [gopkgdoc](http://godoc.org/github.com/coreos/pkg/httputil)
-
diff --git a/vendor/github.com/coreos/pkg/httputil/cookie.go b/vendor/github.com/coreos/pkg/httputil/cookie.go
deleted file mode 100644
index c37a37bb27c7..000000000000
--- a/vendor/github.com/coreos/pkg/httputil/cookie.go
+++ /dev/null
@@ -1,21 +0,0 @@
-package httputil
-
-import (
-	"net/http"
-	"time"
-)
-
-// DeleteCookies effectively deletes all named cookies
-// by wiping all data and setting to expire immediately.
-func DeleteCookies(w http.ResponseWriter, cookieNames ...string) {
-	for _, n := range cookieNames {
-		c := &http.Cookie{
-			Name:    n,
-			Value:   "",
-			Path:    "/",
-			MaxAge:  -1,
-			Expires: time.Time{},
-		}
-		http.SetCookie(w, c)
-	}
-}
diff --git a/vendor/github.com/coreos/pkg/httputil/json.go b/vendor/github.com/coreos/pkg/httputil/json.go
deleted file mode 100644
index 0b09235033ff..000000000000
--- a/vendor/github.com/coreos/pkg/httputil/json.go
+++ /dev/null
@@ -1,27 +0,0 @@
-package httputil
-
-import (
-	"encoding/json"
-	"net/http"
-)
-
-const (
-	JSONContentType = "application/json"
-)
-
-func WriteJSONResponse(w http.ResponseWriter, code int, resp interface{}) error {
-	enc, err := json.Marshal(resp)
-	if err != nil {
-		w.WriteHeader(http.StatusInternalServerError)
-		return err
-	}
-
-	w.Header().Set("Content-Type", JSONContentType)
-	w.WriteHeader(code)
-
-	_, err = w.Write(enc)
-	if err != nil {
-		return err
-	}
-	return nil
-}
diff --git a/vendor/github.com/coreos/pkg/timeutil/backoff.go b/vendor/github.com/coreos/pkg/timeutil/backoff.go
deleted file mode 100644
index b34fb49661b6..000000000000
--- a/vendor/github.com/coreos/pkg/timeutil/backoff.go
+++ /dev/null
@@ -1,15 +0,0 @@
-package timeutil
-
-import (
-	"time"
-)
-
-func ExpBackoff(prev, max time.Duration) time.Duration {
-	if prev == 0 {
-		return time.Second
-	}
-	if prev > max/2 {
-		return max
-	}
-	return 2 * prev
-}
diff --git a/vendor/github.com/cyphar/filepath-securejoin/.travis.yml b/vendor/github.com/cyphar/filepath-securejoin/.travis.yml
new file mode 100644
index 000000000000..3938f3834944
--- /dev/null
+++ b/vendor/github.com/cyphar/filepath-securejoin/.travis.yml
@@ -0,0 +1,19 @@
+# Copyright (C) 2017 SUSE LLC. All rights reserved.
+# Use of this source code is governed by a BSD-style
+# license that can be found in the LICENSE file.
+
+language: go
+go:
+    - 1.7.x
+    - 1.8.x
+    - tip
+
+os:
+    - linux
+    - osx
+
+script:
+    - go test -cover -v ./...
+
+notifications:
+    email: false
diff --git a/vendor/github.com/cyphar/filepath-securejoin/LICENSE b/vendor/github.com/cyphar/filepath-securejoin/LICENSE
new file mode 100644
index 000000000000..bec842f294f7
--- /dev/null
+++ b/vendor/github.com/cyphar/filepath-securejoin/LICENSE
@@ -0,0 +1,28 @@
+Copyright (C) 2014-2015 Docker Inc & Go Authors. All rights reserved.
+Copyright (C) 2017 SUSE LLC. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+   * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+   * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+   * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/vendor/github.com/cyphar/filepath-securejoin/README.md b/vendor/github.com/cyphar/filepath-securejoin/README.md
new file mode 100644
index 000000000000..49b2baa9f35c
--- /dev/null
+++ b/vendor/github.com/cyphar/filepath-securejoin/README.md
@@ -0,0 +1,65 @@
+## `filepath-securejoin` ##
+
+[![Build Status](https://travis-ci.org/cyphar/filepath-securejoin.svg?branch=master)](https://travis-ci.org/cyphar/filepath-securejoin)
+
+An implementation of `SecureJoin`, a [candidate for inclusion in the Go
+standard library][go#20126]. The purpose of this function is to be a "secure"
+alternative to `filepath.Join`, and in particular it provides certain
+guarantees that are not provided by `filepath.Join`.
+
+This is the function prototype:
+
+```go
+func SecureJoin(root, unsafePath string) (string, error)
+```
+
+This library **guarantees** the following:
+
+* If no error is set, the resulting string **must** be a child path of
+  `SecureJoin` and will not contain any symlink path components (they will all
+  be expanded).
+
+* When expanding symlinks, all symlink path components **must** be resolved
+  relative to the provided root. In particular, this can be considered a
+  userspace implementation of how `chroot(2)` operates on file paths. Note that
+  these symlinks will **not** be expanded lexically (`filepath.Clean` is not
+  called on the input before processing).
+
+* Non-existant path components are unaffected by `SecureJoin` (similar to
+  `filepath.EvalSymlinks`'s semantics).
+
+* The returned path will always be `filepath.Clean`ed and thus not contain any
+  `..` components.
+
+A (trivial) implementation of this function on GNU/Linux systems could be done
+with the following (note that this requires root privileges and is far more
+opaque than the implementation in this library, and also requires that
+`readlink` is inside the `root` path):
+
+```go
+package securejoin
+
+import (
+	"os/exec"
+	"path/filepath"
+)
+
+func SecureJoin(root, unsafePath string) (string, error) {
+	unsafePath = string(filepath.Separator) + unsafePath
+	cmd := exec.Command("chroot", root,
+		"readlink", "--canonicalize-missing", "--no-newline", unsafePath)
+	output, err := cmd.CombinedOutput()
+	if err != nil {
+		return "", err
+	}
+	expanded := string(output)
+	return filepath.Join(root, expanded), nil
+}
+```
+
+[go#20126]: https://github.com/golang/go/issues/20126
+
+### License ###
+
+The license of this project is the same as Go, which is a BSD 3-clause license
+available in the `LICENSE` file.
diff --git a/vendor/github.com/cyphar/filepath-securejoin/VERSION b/vendor/github.com/cyphar/filepath-securejoin/VERSION
new file mode 100644
index 000000000000..1f5f83047d3a
--- /dev/null
+++ b/vendor/github.com/cyphar/filepath-securejoin/VERSION
@@ -0,0 +1 @@
+0.2.1+dev
diff --git a/vendor/github.com/cyphar/filepath-securejoin/join.go b/vendor/github.com/cyphar/filepath-securejoin/join.go
new file mode 100644
index 000000000000..f20985479d4f
--- /dev/null
+++ b/vendor/github.com/cyphar/filepath-securejoin/join.go
@@ -0,0 +1,135 @@
+// Copyright (C) 2014-2015 Docker Inc & Go Authors. All rights reserved.
+// Copyright (C) 2017 SUSE LLC. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package securejoin is an implementation of the hopefully-soon-to-be-included
+// SecureJoin helper that is meant to be part of the "path/filepath" package.
+// The purpose of this project is to provide a PoC implementation to make the
+// SecureJoin proposal (https://github.com/golang/go/issues/20126) more
+// tangible.
+package securejoin
+
+import (
+	"bytes"
+	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
+	"syscall"
+
+	"github.com/pkg/errors"
+)
+
+// ErrSymlinkLoop is returned by SecureJoinVFS when too many symlinks have been
+// evaluated in attempting to securely join the two given paths.
+var ErrSymlinkLoop = fmt.Errorf("SecureJoin: too many links")
+
+// IsNotExist tells you if err is an error that implies that either the path
+// accessed does not exist (or path components don't exist). This is
+// effectively a more broad version of os.IsNotExist.
+func IsNotExist(err error) bool {
+	// If it's a bone-fide ENOENT just bail.
+	if os.IsNotExist(errors.Cause(err)) {
+		return true
+	}
+
+	// Check that it's not actually an ENOTDIR, which in some cases is a more
+	// convoluted case of ENOENT (usually involving weird paths).
+	var errno error
+	switch err := errors.Cause(err).(type) {
+	case *os.PathError:
+		errno = err.Err
+	case *os.LinkError:
+		errno = err.Err
+	case *os.SyscallError:
+		errno = err.Err
+	}
+	return errno == syscall.ENOTDIR || errno == syscall.ENOENT
+}
+
+// SecureJoinVFS joins the two given path components (similar to Join) except
+// that the returned path is guaranteed to be scoped inside the provided root
+// path (when evaluated). Any symbolic links in the path are evaluated with the
+// given root treated as the root of the filesystem, similar to a chroot. The
+// filesystem state is evaluated through the given VFS interface (if nil, the
+// standard os.* family of functions are used).
+//
+// Note that the guarantees provided by this function only apply if the path
+// components in the returned string are not modified (in other words are not
+// replaced with symlinks on the filesystem) after this function has returned.
+// Such a symlink race is necessarily out-of-scope of SecureJoin.
+func SecureJoinVFS(root, unsafePath string, vfs VFS) (string, error) {
+	// Use the os.* VFS implementation if none was specified.
+	if vfs == nil {
+		vfs = osVFS{}
+	}
+
+	var path bytes.Buffer
+	n := 0
+	for unsafePath != "" {
+		if n > 255 {
+			return "", ErrSymlinkLoop
+		}
+
+		// Next path component, p.
+		i := strings.IndexRune(unsafePath, filepath.Separator)
+		var p string
+		if i == -1 {
+			p, unsafePath = unsafePath, ""
+		} else {
+			p, unsafePath = unsafePath[:i], unsafePath[i+1:]
+		}
+
+		// Create a cleaned path, using the lexical semantics of /../a, to
+		// create a "scoped" path component which can safely be joined to fullP
+		// for evaluation. At this point, path.String() doesn't contain any
+		// symlink components.
+		cleanP := filepath.Clean(string(filepath.Separator) + path.String() + p)
+		if cleanP == string(filepath.Separator) {
+			path.Reset()
+			continue
+		}
+		fullP := filepath.Clean(root + cleanP)
+
+		// Figure out whether the path is a symlink.
+		fi, err := vfs.Lstat(fullP)
+		if err != nil && !IsNotExist(err) {
+			return "", err
+		}
+		// Treat non-existent path components the same as non-symlinks (we
+		// can't do any better here).
+		if IsNotExist(err) || fi.Mode()&os.ModeSymlink == 0 {
+			path.WriteString(p)
+			path.WriteRune(filepath.Separator)
+			continue
+		}
+
+		// Only increment when we actually dereference a link.
+		n++
+
+		// It's a symlink, expand it by prepending it to the yet-unparsed path.
+		dest, err := vfs.Readlink(fullP)
+		if err != nil {
+			return "", err
+		}
+		// Absolute symlinks reset any work we've already done.
+		if filepath.IsAbs(dest) {
+			path.Reset()
+		}
+		unsafePath = dest + string(filepath.Separator) + unsafePath
+	}
+
+	// We have to clean path.String() here because it may contain '..'
+	// components that are entirely lexical, but would be misleading otherwise.
+	// And finally do a final clean to ensure that root is also lexically
+	// clean.
+	fullP := filepath.Clean(string(filepath.Separator) + path.String())
+	return filepath.Clean(root + fullP), nil
+}
+
+// SecureJoin is a wrapper around SecureJoinVFS that just uses the os.* library
+// of functions as the VFS. If in doubt, use this function over SecureJoinVFS.
+func SecureJoin(root, unsafePath string) (string, error) {
+	return SecureJoinVFS(root, unsafePath, nil)
+}
diff --git a/vendor/github.com/cyphar/filepath-securejoin/vendor.conf b/vendor/github.com/cyphar/filepath-securejoin/vendor.conf
new file mode 100644
index 000000000000..66bb574b955b
--- /dev/null
+++ b/vendor/github.com/cyphar/filepath-securejoin/vendor.conf
@@ -0,0 +1 @@
+github.com/pkg/errors v0.8.0
diff --git a/vendor/github.com/cyphar/filepath-securejoin/vfs.go b/vendor/github.com/cyphar/filepath-securejoin/vfs.go
new file mode 100644
index 000000000000..a82a5eae11eb
--- /dev/null
+++ b/vendor/github.com/cyphar/filepath-securejoin/vfs.go
@@ -0,0 +1,41 @@
+// Copyright (C) 2017 SUSE LLC. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package securejoin
+
+import "os"
+
+// In future this should be moved into a separate package, because now there
+// are several projects (umoci and go-mtree) that are using this sort of
+// interface.
+
+// VFS is the minimal interface necessary to use SecureJoinVFS. A nil VFS is
+// equivalent to using the standard os.* family of functions. This is mainly
+// used for the purposes of mock testing, but also can be used to otherwise use
+// SecureJoin with VFS-like system.
+type VFS interface {
+	// Lstat returns a FileInfo describing the named file. If the file is a
+	// symbolic link, the returned FileInfo describes the symbolic link. Lstat
+	// makes no attempt to follow the link. These semantics are identical to
+	// os.Lstat.
+	Lstat(name string) (os.FileInfo, error)
+
+	// Readlink returns the destination of the named symbolic link. These
+	// semantics are identical to os.Readlink.
+	Readlink(name string) (string, error)
+}
+
+// osVFS is the "nil" VFS, in that it just passes everything through to the os
+// module.
+type osVFS struct{}
+
+// Lstat returns a FileInfo describing the named file. If the file is a
+// symbolic link, the returned FileInfo describes the symbolic link. Lstat
+// makes no attempt to follow the link. These semantics are identical to
+// os.Lstat.
+func (o osVFS) Lstat(name string) (os.FileInfo, error) { return os.Lstat(name) }
+
+// Readlink returns the destination of the named symbolic link. These
+// semantics are identical to os.Readlink.
+func (o osVFS) Readlink(name string) (string, error) { return os.Readlink(name) }
diff --git a/vendor/github.com/docker/docker/pkg/parsers/parsers.go b/vendor/github.com/docker/docker/pkg/parsers/parsers.go
new file mode 100644
index 000000000000..acc897168f3c
--- /dev/null
+++ b/vendor/github.com/docker/docker/pkg/parsers/parsers.go
@@ -0,0 +1,69 @@
+// Package parsers provides helper functions to parse and validate different type
+// of string. It can be hosts, unix addresses, tcp addresses, filters, kernel
+// operating system versions.
+package parsers
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+)
+
+// ParseKeyValueOpt parses and validates the specified string as a key/value pair (key=value)
+func ParseKeyValueOpt(opt string) (string, string, error) {
+	parts := strings.SplitN(opt, "=", 2)
+	if len(parts) != 2 {
+		return "", "", fmt.Errorf("Unable to parse key/value option: %s", opt)
+	}
+	return strings.TrimSpace(parts[0]), strings.TrimSpace(parts[1]), nil
+}
+
+// ParseUintList parses and validates the specified string as the value
+// found in some cgroup file (e.g. `cpuset.cpus`, `cpuset.mems`), which could be
+// one of the formats below. Note that duplicates are actually allowed in the
+// input string. It returns a `map[int]bool` with available elements from `val`
+// set to `true`.
+// Supported formats:
+//     7
+//     1-6
+//     0,3-4,7,8-10
+//     0-0,0,1-7
+//     03,1-3      <- this is gonna get parsed as [1,2,3]
+//     3,2,1
+//     0-2,3,1
+func ParseUintList(val string) (map[int]bool, error) {
+	if val == "" {
+		return map[int]bool{}, nil
+	}
+
+	availableInts := make(map[int]bool)
+	split := strings.Split(val, ",")
+	errInvalidFormat := fmt.Errorf("invalid format: %s", val)
+
+	for _, r := range split {
+		if !strings.Contains(r, "-") {
+			v, err := strconv.Atoi(r)
+			if err != nil {
+				return nil, errInvalidFormat
+			}
+			availableInts[v] = true
+		} else {
+			split := strings.SplitN(r, "-", 2)
+			min, err := strconv.Atoi(split[0])
+			if err != nil {
+				return nil, errInvalidFormat
+			}
+			max, err := strconv.Atoi(split[1])
+			if err != nil {
+				return nil, errInvalidFormat
+			}
+			if max < min {
+				return nil, errInvalidFormat
+			}
+			for i := min; i <= max; i++ {
+				availableInts[i] = true
+			}
+		}
+	}
+	return availableInts, nil
+}
diff --git a/vendor/github.com/docker/docker/pkg/symlink/README.md b/vendor/github.com/docker/docker/pkg/symlink/README.md
deleted file mode 100644
index 8dba54fd089d..000000000000
--- a/vendor/github.com/docker/docker/pkg/symlink/README.md
+++ /dev/null
@@ -1,6 +0,0 @@
-Package symlink implements EvalSymlinksInScope which is an extension of filepath.EvalSymlinks,
-as well as a Windows long-path aware version of filepath.EvalSymlinks
-from the [Go standard library](https://golang.org/pkg/path/filepath).
-
-The code from filepath.EvalSymlinks has been adapted in fs.go.
-Please read the LICENSE.BSD file that governs fs.go and LICENSE.APACHE for fs_test.go.
diff --git a/vendor/github.com/docker/docker/pkg/symlink/fs.go b/vendor/github.com/docker/docker/pkg/symlink/fs.go
deleted file mode 100644
index 52fb9a691b35..000000000000
--- a/vendor/github.com/docker/docker/pkg/symlink/fs.go
+++ /dev/null
@@ -1,144 +0,0 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE.BSD file.
-
-// This code is a modified version of path/filepath/symlink.go from the Go standard library.
-
-package symlink
-
-import (
-	"bytes"
-	"errors"
-	"os"
-	"path/filepath"
-	"strings"
-
-	"github.com/docker/docker/pkg/system"
-)
-
-// FollowSymlinkInScope is a wrapper around evalSymlinksInScope that returns an
-// absolute path. This function handles paths in a platform-agnostic manner.
-func FollowSymlinkInScope(path, root string) (string, error) {
-	path, err := filepath.Abs(filepath.FromSlash(path))
-	if err != nil {
-		return "", err
-	}
-	root, err = filepath.Abs(filepath.FromSlash(root))
-	if err != nil {
-		return "", err
-	}
-	return evalSymlinksInScope(path, root)
-}
-
-// evalSymlinksInScope will evaluate symlinks in `path` within a scope `root` and return
-// a result guaranteed to be contained within the scope `root`, at the time of the call.
-// Symlinks in `root` are not evaluated and left as-is.
-// Errors encountered while attempting to evaluate symlinks in path will be returned.
-// Non-existing paths are valid and do not constitute an error.
-// `path` has to contain `root` as a prefix, or else an error will be returned.
-// Trying to break out from `root` does not constitute an error.
-//
-// Example:
-//   If /foo/bar -> /outside,
-//   FollowSymlinkInScope("/foo/bar", "/foo") == "/foo/outside" instead of "/outside"
-//
-// IMPORTANT: it is the caller's responsibility to call evalSymlinksInScope *after* relevant symlinks
-// are created and not to create subsequently, additional symlinks that could potentially make a
-// previously-safe path, unsafe. Example: if /foo/bar does not exist, evalSymlinksInScope("/foo/bar", "/foo")
-// would return "/foo/bar". If one makes /foo/bar a symlink to /baz subsequently, then "/foo/bar" should
-// no longer be considered safely contained in "/foo".
-func evalSymlinksInScope(path, root string) (string, error) {
-	root = filepath.Clean(root)
-	if path == root {
-		return path, nil
-	}
-	if !strings.HasPrefix(path, root) {
-		return "", errors.New("evalSymlinksInScope: " + path + " is not in " + root)
-	}
-	const maxIter = 255
-	originalPath := path
-	// given root of "/a" and path of "/a/b/../../c" we want path to be "/b/../../c"
-	path = path[len(root):]
-	if root == string(filepath.Separator) {
-		path = string(filepath.Separator) + path
-	}
-	if !strings.HasPrefix(path, string(filepath.Separator)) {
-		return "", errors.New("evalSymlinksInScope: " + path + " is not in " + root)
-	}
-	path = filepath.Clean(path)
-	// consume path by taking each frontmost path element,
-	// expanding it if it's a symlink, and appending it to b
-	var b bytes.Buffer
-	// b here will always be considered to be the "current absolute path inside
-	// root" when we append paths to it, we also append a slash and use
-	// filepath.Clean after the loop to trim the trailing slash
-	for n := 0; path != ""; n++ {
-		if n > maxIter {
-			return "", errors.New("evalSymlinksInScope: too many links in " + originalPath)
-		}
-
-		// find next path component, p
-		i := strings.IndexRune(path, filepath.Separator)
-		var p string
-		if i == -1 {
-			p, path = path, ""
-		} else {
-			p, path = path[:i], path[i+1:]
-		}
-
-		if p == "" {
-			continue
-		}
-
-		// this takes a b.String() like "b/../" and a p like "c" and turns it
-		// into "/b/../c" which then gets filepath.Cleaned into "/c" and then
-		// root gets prepended and we Clean again (to remove any trailing slash
-		// if the first Clean gave us just "/")
-		cleanP := filepath.Clean(string(filepath.Separator) + b.String() + p)
-		if isDriveOrRoot(cleanP) {
-			// never Lstat "/" itself, or drive letters on Windows
-			b.Reset()
-			continue
-		}
-		fullP := filepath.Clean(root + cleanP)
-
-		fi, err := os.Lstat(fullP)
-		if os.IsNotExist(err) {
-			// if p does not exist, accept it
-			b.WriteString(p)
-			b.WriteRune(filepath.Separator)
-			continue
-		}
-		if err != nil {
-			return "", err
-		}
-		if fi.Mode()&os.ModeSymlink == 0 {
-			b.WriteString(p)
-			b.WriteRune(filepath.Separator)
-			continue
-		}
-
-		// it's a symlink, put it at the front of path
-		dest, err := os.Readlink(fullP)
-		if err != nil {
-			return "", err
-		}
-		if system.IsAbs(dest) {
-			b.Reset()
-		}
-		path = dest + string(filepath.Separator) + path
-	}
-
-	// see note above on "fullP := ..." for why this is double-cleaned and
-	// what's happening here
-	return filepath.Clean(root + filepath.Clean(string(filepath.Separator)+b.String())), nil
-}
-
-// EvalSymlinks returns the path name after the evaluation of any symbolic
-// links.
-// If path is relative the result will be relative to the current directory,
-// unless one of the components is an absolute symbolic link.
-// This version has been updated to support long paths prepended with `\\?\`.
-func EvalSymlinks(path string) (string, error) {
-	return evalSymlinks(path)
-}
diff --git a/vendor/github.com/docker/docker/pkg/symlink/fs_unix.go b/vendor/github.com/docker/docker/pkg/symlink/fs_unix.go
deleted file mode 100644
index 22708273d604..000000000000
--- a/vendor/github.com/docker/docker/pkg/symlink/fs_unix.go
+++ /dev/null
@@ -1,15 +0,0 @@
-// +build !windows
-
-package symlink
-
-import (
-	"path/filepath"
-)
-
-func evalSymlinks(path string) (string, error) {
-	return filepath.EvalSymlinks(path)
-}
-
-func isDriveOrRoot(p string) bool {
-	return p == string(filepath.Separator)
-}
diff --git a/vendor/github.com/docker/docker/pkg/symlink/fs_windows.go b/vendor/github.com/docker/docker/pkg/symlink/fs_windows.go
deleted file mode 100644
index 31523ade923a..000000000000
--- a/vendor/github.com/docker/docker/pkg/symlink/fs_windows.go
+++ /dev/null
@@ -1,169 +0,0 @@
-package symlink
-
-import (
-	"bytes"
-	"errors"
-	"os"
-	"path/filepath"
-	"strings"
-
-	"github.com/docker/docker/pkg/longpath"
-	"golang.org/x/sys/windows"
-)
-
-func toShort(path string) (string, error) {
-	p, err := windows.UTF16FromString(path)
-	if err != nil {
-		return "", err
-	}
-	b := p // GetShortPathName says we can reuse buffer
-	n, err := windows.GetShortPathName(&p[0], &b[0], uint32(len(b)))
-	if err != nil {
-		return "", err
-	}
-	if n > uint32(len(b)) {
-		b = make([]uint16, n)
-		if _, err = windows.GetShortPathName(&p[0], &b[0], uint32(len(b))); err != nil {
-			return "", err
-		}
-	}
-	return windows.UTF16ToString(b), nil
-}
-
-func toLong(path string) (string, error) {
-	p, err := windows.UTF16FromString(path)
-	if err != nil {
-		return "", err
-	}
-	b := p // GetLongPathName says we can reuse buffer
-	n, err := windows.GetLongPathName(&p[0], &b[0], uint32(len(b)))
-	if err != nil {
-		return "", err
-	}
-	if n > uint32(len(b)) {
-		b = make([]uint16, n)
-		n, err = windows.GetLongPathName(&p[0], &b[0], uint32(len(b)))
-		if err != nil {
-			return "", err
-		}
-	}
-	b = b[:n]
-	return windows.UTF16ToString(b), nil
-}
-
-func evalSymlinks(path string) (string, error) {
-	path, err := walkSymlinks(path)
-	if err != nil {
-		return "", err
-	}
-
-	p, err := toShort(path)
-	if err != nil {
-		return "", err
-	}
-	p, err = toLong(p)
-	if err != nil {
-		return "", err
-	}
-	// windows.GetLongPathName does not change the case of the drive letter,
-	// but the result of EvalSymlinks must be unique, so we have
-	// EvalSymlinks(`c:\a`) == EvalSymlinks(`C:\a`).
-	// Make drive letter upper case.
-	if len(p) >= 2 && p[1] == ':' && 'a' <= p[0] && p[0] <= 'z' {
-		p = string(p[0]+'A'-'a') + p[1:]
-	} else if len(p) >= 6 && p[5] == ':' && 'a' <= p[4] && p[4] <= 'z' {
-		p = p[:3] + string(p[4]+'A'-'a') + p[5:]
-	}
-	return filepath.Clean(p), nil
-}
-
-const utf8RuneSelf = 0x80
-
-func walkSymlinks(path string) (string, error) {
-	const maxIter = 255
-	originalPath := path
-	// consume path by taking each frontmost path element,
-	// expanding it if it's a symlink, and appending it to b
-	var b bytes.Buffer
-	for n := 0; path != ""; n++ {
-		if n > maxIter {
-			return "", errors.New("EvalSymlinks: too many links in " + originalPath)
-		}
-
-		// A path beginning with `\\?\` represents the root, so automatically
-		// skip that part and begin processing the next segment.
-		if strings.HasPrefix(path, longpath.Prefix) {
-			b.WriteString(longpath.Prefix)
-			path = path[4:]
-			continue
-		}
-
-		// find next path component, p
-		var i = -1
-		for j, c := range path {
-			if c < utf8RuneSelf && os.IsPathSeparator(uint8(c)) {
-				i = j
-				break
-			}
-		}
-		var p string
-		if i == -1 {
-			p, path = path, ""
-		} else {
-			p, path = path[:i], path[i+1:]
-		}
-
-		if p == "" {
-			if b.Len() == 0 {
-				// must be absolute path
-				b.WriteRune(filepath.Separator)
-			}
-			continue
-		}
-
-		// If this is the first segment after the long path prefix, accept the
-		// current segment as a volume root or UNC share and move on to the next.
-		if b.String() == longpath.Prefix {
-			b.WriteString(p)
-			b.WriteRune(filepath.Separator)
-			continue
-		}
-
-		fi, err := os.Lstat(b.String() + p)
-		if err != nil {
-			return "", err
-		}
-		if fi.Mode()&os.ModeSymlink == 0 {
-			b.WriteString(p)
-			if path != "" || (b.Len() == 2 && len(p) == 2 && p[1] == ':') {
-				b.WriteRune(filepath.Separator)
-			}
-			continue
-		}
-
-		// it's a symlink, put it at the front of path
-		dest, err := os.Readlink(b.String() + p)
-		if err != nil {
-			return "", err
-		}
-		if filepath.IsAbs(dest) || os.IsPathSeparator(dest[0]) {
-			b.Reset()
-		}
-		path = dest + string(filepath.Separator) + path
-	}
-	return filepath.Clean(b.String()), nil
-}
-
-func isDriveOrRoot(p string) bool {
-	if p == string(filepath.Separator) {
-		return true
-	}
-
-	length := len(p)
-	if length >= 2 {
-		if p[length-1] == ':' && (('a' <= p[length-2] && p[length-2] <= 'z') || ('A' <= p[length-2] && p[length-2] <= 'Z')) {
-			return true
-		}
-	}
-	return false
-}
diff --git a/vendor/github.com/docker/docker/pkg/sysinfo/README.md b/vendor/github.com/docker/docker/pkg/sysinfo/README.md
new file mode 100644
index 000000000000..c1530cef0da6
--- /dev/null
+++ b/vendor/github.com/docker/docker/pkg/sysinfo/README.md
@@ -0,0 +1 @@
+SysInfo stores information about which features a kernel supports.
diff --git a/vendor/github.com/docker/docker/pkg/sysinfo/numcpu.go b/vendor/github.com/docker/docker/pkg/sysinfo/numcpu.go
new file mode 100644
index 000000000000..aeb1a3a80405
--- /dev/null
+++ b/vendor/github.com/docker/docker/pkg/sysinfo/numcpu.go
@@ -0,0 +1,12 @@
+// +build !linux,!windows
+
+package sysinfo
+
+import (
+	"runtime"
+)
+
+// NumCPU returns the number of CPUs
+func NumCPU() int {
+	return runtime.NumCPU()
+}
diff --git a/vendor/github.com/docker/docker/pkg/sysinfo/numcpu_linux.go b/vendor/github.com/docker/docker/pkg/sysinfo/numcpu_linux.go
new file mode 100644
index 000000000000..f1d2d9db30b0
--- /dev/null
+++ b/vendor/github.com/docker/docker/pkg/sysinfo/numcpu_linux.go
@@ -0,0 +1,44 @@
+// +build linux
+
+package sysinfo
+
+import (
+	"runtime"
+	"unsafe"
+
+	"golang.org/x/sys/unix"
+)
+
+// numCPU queries the system for the count of threads available
+// for use to this process.
+//
+// Issues two syscalls.
+// Returns 0 on errors. Use |runtime.NumCPU| in that case.
+func numCPU() int {
+	// Gets the affinity mask for a process: The very one invoking this function.
+	pid, _, _ := unix.RawSyscall(unix.SYS_GETPID, 0, 0, 0)
+
+	var mask [1024 / 64]uintptr
+	_, _, err := unix.RawSyscall(unix.SYS_SCHED_GETAFFINITY, pid, uintptr(len(mask)*8), uintptr(unsafe.Pointer(&mask[0])))
+	if err != 0 {
+		return 0
+	}
+
+	// For every available thread a bit is set in the mask.
+	ncpu := 0
+	for _, e := range mask {
+		if e == 0 {
+			continue
+		}
+		ncpu += int(popcnt(uint64(e)))
+	}
+	return ncpu
+}
+
+// NumCPU returns the number of CPUs which are currently online
+func NumCPU() int {
+	if ncpu := numCPU(); ncpu > 0 {
+		return ncpu
+	}
+	return runtime.NumCPU()
+}
diff --git a/vendor/github.com/docker/docker/pkg/sysinfo/numcpu_windows.go b/vendor/github.com/docker/docker/pkg/sysinfo/numcpu_windows.go
new file mode 100644
index 000000000000..1d89dd550307
--- /dev/null
+++ b/vendor/github.com/docker/docker/pkg/sysinfo/numcpu_windows.go
@@ -0,0 +1,37 @@
+// +build windows
+
+package sysinfo
+
+import (
+	"runtime"
+	"unsafe"
+
+	"golang.org/x/sys/windows"
+)
+
+var (
+	kernel32               = windows.NewLazySystemDLL("kernel32.dll")
+	getCurrentProcess      = kernel32.NewProc("GetCurrentProcess")
+	getProcessAffinityMask = kernel32.NewProc("GetProcessAffinityMask")
+)
+
+func numCPU() int {
+	// Gets the affinity mask for a process
+	var mask, sysmask uintptr
+	currentProcess, _, _ := getCurrentProcess.Call()
+	ret, _, _ := getProcessAffinityMask.Call(currentProcess, uintptr(unsafe.Pointer(&mask)), uintptr(unsafe.Pointer(&sysmask)))
+	if ret == 0 {
+		return 0
+	}
+	// For every available thread a bit is set in the mask.
+	ncpu := int(popcnt(uint64(mask)))
+	return ncpu
+}
+
+// NumCPU returns the number of CPUs which are currently online
+func NumCPU() int {
+	if ncpu := numCPU(); ncpu > 0 {
+		return ncpu
+	}
+	return runtime.NumCPU()
+}
diff --git a/vendor/github.com/docker/docker/pkg/sysinfo/sysinfo.go b/vendor/github.com/docker/docker/pkg/sysinfo/sysinfo.go
new file mode 100644
index 000000000000..f046de4b1698
--- /dev/null
+++ b/vendor/github.com/docker/docker/pkg/sysinfo/sysinfo.go
@@ -0,0 +1,144 @@
+package sysinfo
+
+import "github.com/docker/docker/pkg/parsers"
+
+// SysInfo stores information about which features a kernel supports.
+// TODO Windows: Factor out platform specific capabilities.
+type SysInfo struct {
+	// Whether the kernel supports AppArmor or not
+	AppArmor bool
+	// Whether the kernel supports Seccomp or not
+	Seccomp bool
+
+	cgroupMemInfo
+	cgroupCPUInfo
+	cgroupBlkioInfo
+	cgroupCpusetInfo
+	cgroupPids
+
+	// Whether IPv4 forwarding is supported or not, if this was disabled, networking will not work
+	IPv4ForwardingDisabled bool
+
+	// Whether bridge-nf-call-iptables is supported or not
+	BridgeNFCallIPTablesDisabled bool
+
+	// Whether bridge-nf-call-ip6tables is supported or not
+	BridgeNFCallIP6TablesDisabled bool
+
+	// Whether the cgroup has the mountpoint of "devices" or not
+	CgroupDevicesEnabled bool
+}
+
+type cgroupMemInfo struct {
+	// Whether memory limit is supported or not
+	MemoryLimit bool
+
+	// Whether swap limit is supported or not
+	SwapLimit bool
+
+	// Whether soft limit is supported or not
+	MemoryReservation bool
+
+	// Whether OOM killer disable is supported or not
+	OomKillDisable bool
+
+	// Whether memory swappiness is supported or not
+	MemorySwappiness bool
+
+	// Whether kernel memory limit is supported or not
+	KernelMemory bool
+}
+
+type cgroupCPUInfo struct {
+	// Whether CPU shares is supported or not
+	CPUShares bool
+
+	// Whether CPU CFS(Completely Fair Scheduler) period is supported or not
+	CPUCfsPeriod bool
+
+	// Whether CPU CFS(Completely Fair Scheduler) quota is supported or not
+	CPUCfsQuota bool
+
+	// Whether CPU real-time period is supported or not
+	CPURealtimePeriod bool
+
+	// Whether CPU real-time runtime is supported or not
+	CPURealtimeRuntime bool
+}
+
+type cgroupBlkioInfo struct {
+	// Whether Block IO weight is supported or not
+	BlkioWeight bool
+
+	// Whether Block IO weight_device is supported or not
+	BlkioWeightDevice bool
+
+	// Whether Block IO read limit in bytes per second is supported or not
+	BlkioReadBpsDevice bool
+
+	// Whether Block IO write limit in bytes per second is supported or not
+	BlkioWriteBpsDevice bool
+
+	// Whether Block IO read limit in IO per second is supported or not
+	BlkioReadIOpsDevice bool
+
+	// Whether Block IO write limit in IO per second is supported or not
+	BlkioWriteIOpsDevice bool
+}
+
+type cgroupCpusetInfo struct {
+	// Whether Cpuset is supported or not
+	Cpuset bool
+
+	// Available Cpuset's cpus
+	Cpus string
+
+	// Available Cpuset's memory nodes
+	Mems string
+}
+
+type cgroupPids struct {
+	// Whether Pids Limit is supported or not
+	PidsLimit bool
+}
+
+// IsCpusetCpusAvailable returns `true` if the provided string set is contained
+// in cgroup's cpuset.cpus set, `false` otherwise.
+// If error is not nil a parsing error occurred.
+func (c cgroupCpusetInfo) IsCpusetCpusAvailable(provided string) (bool, error) {
+	return isCpusetListAvailable(provided, c.Cpus)
+}
+
+// IsCpusetMemsAvailable returns `true` if the provided string set is contained
+// in cgroup's cpuset.mems set, `false` otherwise.
+// If error is not nil a parsing error occurred.
+func (c cgroupCpusetInfo) IsCpusetMemsAvailable(provided string) (bool, error) {
+	return isCpusetListAvailable(provided, c.Mems)
+}
+
+func isCpusetListAvailable(provided, available string) (bool, error) {
+	parsedProvided, err := parsers.ParseUintList(provided)
+	if err != nil {
+		return false, err
+	}
+	parsedAvailable, err := parsers.ParseUintList(available)
+	if err != nil {
+		return false, err
+	}
+	for k := range parsedProvided {
+		if !parsedAvailable[k] {
+			return false, nil
+		}
+	}
+	return true, nil
+}
+
+// Returns bit count of 1, used by NumCPU
+func popcnt(x uint64) (n byte) {
+	x -= (x >> 1) & 0x5555555555555555
+	x = (x>>2)&0x3333333333333333 + x&0x3333333333333333
+	x += x >> 4
+	x &= 0x0f0f0f0f0f0f0f0f
+	x *= 0x0101010101010101
+	return byte(x >> 56)
+}
diff --git a/vendor/github.com/docker/docker/pkg/sysinfo/sysinfo_linux.go b/vendor/github.com/docker/docker/pkg/sysinfo/sysinfo_linux.go
new file mode 100644
index 000000000000..471f786a70ad
--- /dev/null
+++ b/vendor/github.com/docker/docker/pkg/sysinfo/sysinfo_linux.go
@@ -0,0 +1,254 @@
+package sysinfo
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path"
+	"strings"
+
+	"github.com/opencontainers/runc/libcontainer/cgroups"
+	"github.com/sirupsen/logrus"
+	"golang.org/x/sys/unix"
+)
+
+func findCgroupMountpoints() (map[string]string, error) {
+	cgMounts, err := cgroups.GetCgroupMounts(false)
+	if err != nil {
+		return nil, fmt.Errorf("Failed to parse cgroup information: %v", err)
+	}
+	mps := make(map[string]string)
+	for _, m := range cgMounts {
+		for _, ss := range m.Subsystems {
+			mps[ss] = m.Mountpoint
+		}
+	}
+	return mps, nil
+}
+
+// New returns a new SysInfo, using the filesystem to detect which features
+// the kernel supports. If `quiet` is `false` warnings are printed in logs
+// whenever an error occurs or misconfigurations are present.
+func New(quiet bool) *SysInfo {
+	sysInfo := &SysInfo{}
+	cgMounts, err := findCgroupMountpoints()
+	if err != nil {
+		logrus.Warnf("Failed to parse cgroup information: %v", err)
+	} else {
+		sysInfo.cgroupMemInfo = checkCgroupMem(cgMounts, quiet)
+		sysInfo.cgroupCPUInfo = checkCgroupCPU(cgMounts, quiet)
+		sysInfo.cgroupBlkioInfo = checkCgroupBlkioInfo(cgMounts, quiet)
+		sysInfo.cgroupCpusetInfo = checkCgroupCpusetInfo(cgMounts, quiet)
+		sysInfo.cgroupPids = checkCgroupPids(quiet)
+	}
+
+	_, ok := cgMounts["devices"]
+	sysInfo.CgroupDevicesEnabled = ok
+
+	sysInfo.IPv4ForwardingDisabled = !readProcBool("/proc/sys/net/ipv4/ip_forward")
+	sysInfo.BridgeNFCallIPTablesDisabled = !readProcBool("/proc/sys/net/bridge/bridge-nf-call-iptables")
+	sysInfo.BridgeNFCallIP6TablesDisabled = !readProcBool("/proc/sys/net/bridge/bridge-nf-call-ip6tables")
+
+	// Check if AppArmor is supported.
+	if _, err := os.Stat("/sys/kernel/security/apparmor"); !os.IsNotExist(err) {
+		sysInfo.AppArmor = true
+	}
+
+	// Check if Seccomp is supported, via CONFIG_SECCOMP.
+	if err := unix.Prctl(unix.PR_GET_SECCOMP, 0, 0, 0, 0); err != unix.EINVAL {
+		// Make sure the kernel has CONFIG_SECCOMP_FILTER.
+		if err := unix.Prctl(unix.PR_SET_SECCOMP, unix.SECCOMP_MODE_FILTER, 0, 0, 0); err != unix.EINVAL {
+			sysInfo.Seccomp = true
+		}
+	}
+
+	return sysInfo
+}
+
+// checkCgroupMem reads the memory information from the memory cgroup mount point.
+func checkCgroupMem(cgMounts map[string]string, quiet bool) cgroupMemInfo {
+	mountPoint, ok := cgMounts["memory"]
+	if !ok {
+		if !quiet {
+			logrus.Warn("Your kernel does not support cgroup memory limit")
+		}
+		return cgroupMemInfo{}
+	}
+
+	swapLimit := cgroupEnabled(mountPoint, "memory.memsw.limit_in_bytes")
+	if !quiet && !swapLimit {
+		logrus.Warn("Your kernel does not support swap memory limit")
+	}
+	memoryReservation := cgroupEnabled(mountPoint, "memory.soft_limit_in_bytes")
+	if !quiet && !memoryReservation {
+		logrus.Warn("Your kernel does not support memory reservation")
+	}
+	oomKillDisable := cgroupEnabled(mountPoint, "memory.oom_control")
+	if !quiet && !oomKillDisable {
+		logrus.Warn("Your kernel does not support oom control")
+	}
+	memorySwappiness := cgroupEnabled(mountPoint, "memory.swappiness")
+	if !quiet && !memorySwappiness {
+		logrus.Warn("Your kernel does not support memory swappiness")
+	}
+	kernelMemory := cgroupEnabled(mountPoint, "memory.kmem.limit_in_bytes")
+	if !quiet && !kernelMemory {
+		logrus.Warn("Your kernel does not support kernel memory limit")
+	}
+
+	return cgroupMemInfo{
+		MemoryLimit:       true,
+		SwapLimit:         swapLimit,
+		MemoryReservation: memoryReservation,
+		OomKillDisable:    oomKillDisable,
+		MemorySwappiness:  memorySwappiness,
+		KernelMemory:      kernelMemory,
+	}
+}
+
+// checkCgroupCPU reads the cpu information from the cpu cgroup mount point.
+func checkCgroupCPU(cgMounts map[string]string, quiet bool) cgroupCPUInfo {
+	mountPoint, ok := cgMounts["cpu"]
+	if !ok {
+		if !quiet {
+			logrus.Warn("Unable to find cpu cgroup in mounts")
+		}
+		return cgroupCPUInfo{}
+	}
+
+	cpuShares := cgroupEnabled(mountPoint, "cpu.shares")
+	if !quiet && !cpuShares {
+		logrus.Warn("Your kernel does not support cgroup cpu shares")
+	}
+
+	cpuCfsPeriod := cgroupEnabled(mountPoint, "cpu.cfs_period_us")
+	if !quiet && !cpuCfsPeriod {
+		logrus.Warn("Your kernel does not support cgroup cfs period")
+	}
+
+	cpuCfsQuota := cgroupEnabled(mountPoint, "cpu.cfs_quota_us")
+	if !quiet && !cpuCfsQuota {
+		logrus.Warn("Your kernel does not support cgroup cfs quotas")
+	}
+
+	cpuRealtimePeriod := cgroupEnabled(mountPoint, "cpu.rt_period_us")
+	if !quiet && !cpuRealtimePeriod {
+		logrus.Warn("Your kernel does not support cgroup rt period")
+	}
+
+	cpuRealtimeRuntime := cgroupEnabled(mountPoint, "cpu.rt_runtime_us")
+	if !quiet && !cpuRealtimeRuntime {
+		logrus.Warn("Your kernel does not support cgroup rt runtime")
+	}
+
+	return cgroupCPUInfo{
+		CPUShares:          cpuShares,
+		CPUCfsPeriod:       cpuCfsPeriod,
+		CPUCfsQuota:        cpuCfsQuota,
+		CPURealtimePeriod:  cpuRealtimePeriod,
+		CPURealtimeRuntime: cpuRealtimeRuntime,
+	}
+}
+
+// checkCgroupBlkioInfo reads the blkio information from the blkio cgroup mount point.
+func checkCgroupBlkioInfo(cgMounts map[string]string, quiet bool) cgroupBlkioInfo {
+	mountPoint, ok := cgMounts["blkio"]
+	if !ok {
+		if !quiet {
+			logrus.Warn("Unable to find blkio cgroup in mounts")
+		}
+		return cgroupBlkioInfo{}
+	}
+
+	weight := cgroupEnabled(mountPoint, "blkio.weight")
+	if !quiet && !weight {
+		logrus.Warn("Your kernel does not support cgroup blkio weight")
+	}
+
+	weightDevice := cgroupEnabled(mountPoint, "blkio.weight_device")
+	if !quiet && !weightDevice {
+		logrus.Warn("Your kernel does not support cgroup blkio weight_device")
+	}
+
+	readBpsDevice := cgroupEnabled(mountPoint, "blkio.throttle.read_bps_device")
+	if !quiet && !readBpsDevice {
+		logrus.Warn("Your kernel does not support cgroup blkio throttle.read_bps_device")
+	}
+
+	writeBpsDevice := cgroupEnabled(mountPoint, "blkio.throttle.write_bps_device")
+	if !quiet && !writeBpsDevice {
+		logrus.Warn("Your kernel does not support cgroup blkio throttle.write_bps_device")
+	}
+	readIOpsDevice := cgroupEnabled(mountPoint, "blkio.throttle.read_iops_device")
+	if !quiet && !readIOpsDevice {
+		logrus.Warn("Your kernel does not support cgroup blkio throttle.read_iops_device")
+	}
+
+	writeIOpsDevice := cgroupEnabled(mountPoint, "blkio.throttle.write_iops_device")
+	if !quiet && !writeIOpsDevice {
+		logrus.Warn("Your kernel does not support cgroup blkio throttle.write_iops_device")
+	}
+	return cgroupBlkioInfo{
+		BlkioWeight:          weight,
+		BlkioWeightDevice:    weightDevice,
+		BlkioReadBpsDevice:   readBpsDevice,
+		BlkioWriteBpsDevice:  writeBpsDevice,
+		BlkioReadIOpsDevice:  readIOpsDevice,
+		BlkioWriteIOpsDevice: writeIOpsDevice,
+	}
+}
+
+// checkCgroupCpusetInfo reads the cpuset information from the cpuset cgroup mount point.
+func checkCgroupCpusetInfo(cgMounts map[string]string, quiet bool) cgroupCpusetInfo {
+	mountPoint, ok := cgMounts["cpuset"]
+	if !ok {
+		if !quiet {
+			logrus.Warn("Unable to find cpuset cgroup in mounts")
+		}
+		return cgroupCpusetInfo{}
+	}
+
+	cpus, err := ioutil.ReadFile(path.Join(mountPoint, "cpuset.cpus"))
+	if err != nil {
+		return cgroupCpusetInfo{}
+	}
+
+	mems, err := ioutil.ReadFile(path.Join(mountPoint, "cpuset.mems"))
+	if err != nil {
+		return cgroupCpusetInfo{}
+	}
+
+	return cgroupCpusetInfo{
+		Cpuset: true,
+		Cpus:   strings.TrimSpace(string(cpus)),
+		Mems:   strings.TrimSpace(string(mems)),
+	}
+}
+
+// checkCgroupPids reads the pids information from the pids cgroup mount point.
+func checkCgroupPids(quiet bool) cgroupPids {
+	_, err := cgroups.FindCgroupMountpoint("pids")
+	if err != nil {
+		if !quiet {
+			logrus.Warn(err)
+		}
+		return cgroupPids{}
+	}
+
+	return cgroupPids{
+		PidsLimit: true,
+	}
+}
+
+func cgroupEnabled(mountPoint, name string) bool {
+	_, err := os.Stat(path.Join(mountPoint, name))
+	return err == nil
+}
+
+func readProcBool(path string) bool {
+	val, err := ioutil.ReadFile(path)
+	if err != nil {
+		return false
+	}
+	return strings.TrimSpace(string(val)) == "1"
+}
diff --git a/vendor/github.com/docker/docker/pkg/sysinfo/sysinfo_solaris.go b/vendor/github.com/docker/docker/pkg/sysinfo/sysinfo_solaris.go
new file mode 100644
index 000000000000..c858d57e0895
--- /dev/null
+++ b/vendor/github.com/docker/docker/pkg/sysinfo/sysinfo_solaris.go
@@ -0,0 +1,121 @@
+// +build solaris,cgo
+
+package sysinfo
+
+import (
+	"bytes"
+	"os/exec"
+	"strconv"
+	"strings"
+)
+
+/*
+#cgo LDFLAGS: -llgrp
+#include <unistd.h>
+#include <stdlib.h>
+#include <sys/lgrp_user.h>
+int getLgrpCount() {
+	lgrp_cookie_t lgrpcookie = LGRP_COOKIE_NONE;
+	uint_t nlgrps;
+
+	if ((lgrpcookie = lgrp_init(LGRP_VIEW_OS)) == LGRP_COOKIE_NONE) {
+		return -1;
+	}
+	nlgrps = lgrp_nlgrps(lgrpcookie);
+	return nlgrps;
+}
+*/
+import "C"
+
+// IsCPUSharesAvailable returns whether CPUShares setting is supported.
+// We need FSS to be set as default scheduling class to support CPU Shares
+func IsCPUSharesAvailable() bool {
+	cmd := exec.Command("/usr/sbin/dispadmin", "-d")
+	outBuf := new(bytes.Buffer)
+	errBuf := new(bytes.Buffer)
+	cmd.Stderr = errBuf
+	cmd.Stdout = outBuf
+
+	if err := cmd.Run(); err != nil {
+		return false
+	}
+	return (strings.Contains(outBuf.String(), "FSS"))
+}
+
+// New returns a new SysInfo, using the filesystem to detect which features
+// the kernel supports.
+//NOTE Solaris: If we change the below capabilities be sure
+// to update verifyPlatformContainerSettings() in daemon_solaris.go
+func New(quiet bool) *SysInfo {
+	sysInfo := &SysInfo{}
+	sysInfo.cgroupMemInfo = setCgroupMem(quiet)
+	sysInfo.cgroupCPUInfo = setCgroupCPU(quiet)
+	sysInfo.cgroupBlkioInfo = setCgroupBlkioInfo(quiet)
+	sysInfo.cgroupCpusetInfo = setCgroupCPUsetInfo(quiet)
+
+	sysInfo.IPv4ForwardingDisabled = false
+
+	sysInfo.AppArmor = false
+
+	return sysInfo
+}
+
+// setCgroupMem reads the memory information for Solaris.
+func setCgroupMem(quiet bool) cgroupMemInfo {
+
+	return cgroupMemInfo{
+		MemoryLimit:       true,
+		SwapLimit:         true,
+		MemoryReservation: false,
+		OomKillDisable:    false,
+		MemorySwappiness:  false,
+		KernelMemory:      false,
+	}
+}
+
+// setCgroupCPU reads the cpu information for Solaris.
+func setCgroupCPU(quiet bool) cgroupCPUInfo {
+
+	return cgroupCPUInfo{
+		CPUShares:          true,
+		CPUCfsPeriod:       false,
+		CPUCfsQuota:        true,
+		CPURealtimePeriod:  false,
+		CPURealtimeRuntime: false,
+	}
+}
+
+// blkio switches are not supported in Solaris.
+func setCgroupBlkioInfo(quiet bool) cgroupBlkioInfo {
+
+	return cgroupBlkioInfo{
+		BlkioWeight:       false,
+		BlkioWeightDevice: false,
+	}
+}
+
+// setCgroupCPUsetInfo reads the cpuset information for Solaris.
+func setCgroupCPUsetInfo(quiet bool) cgroupCpusetInfo {
+
+	return cgroupCpusetInfo{
+		Cpuset: true,
+		Cpus:   getCPUCount(),
+		Mems:   getLgrpCount(),
+	}
+}
+
+func getCPUCount() string {
+	ncpus := C.sysconf(C._SC_NPROCESSORS_ONLN)
+	if ncpus <= 0 {
+		return ""
+	}
+	return strconv.FormatInt(int64(ncpus), 16)
+}
+
+func getLgrpCount() string {
+	nlgrps := C.getLgrpCount()
+	if nlgrps <= 0 {
+		return ""
+	}
+	return strconv.FormatInt(int64(nlgrps), 16)
+}
diff --git a/vendor/github.com/docker/docker/pkg/sysinfo/sysinfo_unix.go b/vendor/github.com/docker/docker/pkg/sysinfo/sysinfo_unix.go
new file mode 100644
index 000000000000..45f3ef1c65f9
--- /dev/null
+++ b/vendor/github.com/docker/docker/pkg/sysinfo/sysinfo_unix.go
@@ -0,0 +1,9 @@
+// +build !linux,!solaris,!windows
+
+package sysinfo
+
+// New returns an empty SysInfo for non linux nor solaris for now.
+func New(quiet bool) *SysInfo {
+	sysInfo := &SysInfo{}
+	return sysInfo
+}
diff --git a/vendor/github.com/docker/docker/pkg/sysinfo/sysinfo_windows.go b/vendor/github.com/docker/docker/pkg/sysinfo/sysinfo_windows.go
new file mode 100644
index 000000000000..4e6255bc5928
--- /dev/null
+++ b/vendor/github.com/docker/docker/pkg/sysinfo/sysinfo_windows.go
@@ -0,0 +1,9 @@
+// +build windows
+
+package sysinfo
+
+// New returns an empty SysInfo for windows for now.
+func New(quiet bool) *SysInfo {
+	sysInfo := &SysInfo{}
+	return sysInfo
+}
diff --git a/vendor/github.com/go-openapi/spec/expander.go b/vendor/github.com/go-openapi/spec/expander.go
index b4429a21c825..5054a7be670d 100644
--- a/vendor/github.com/go-openapi/spec/expander.go
+++ b/vendor/github.com/go-openapi/spec/expander.go
@@ -20,6 +20,7 @@ import (
 	"log"
 	"net/url"
 	"os"
+	"path"
 	"path/filepath"
 	"reflect"
 	"strings"
@@ -83,21 +84,43 @@ func (s *simpleCache) Set(uri string, data interface{}) {
 
 // ResolveRefWithBase resolves a reference against a context root with preservation of base path
 func ResolveRefWithBase(root interface{}, ref *Ref, opts *ExpandOptions) (*Schema, error) {
-	resolver, err := defaultSchemaLoader(root, nil, opts, nil)
+	resolver, err := defaultSchemaLoader(root, opts, nil)
 	if err != nil {
 		return nil, err
 	}
+	specBasePath := ""
+	if opts != nil && opts.RelativeBase != "" {
+		specBasePath, _ = absPath(opts.RelativeBase)
+	}
 
 	result := new(Schema)
-	if err := resolver.Resolve(ref, result); err != nil {
+	if err := resolver.Resolve(ref, result, specBasePath); err != nil {
 		return nil, err
 	}
 	return result, nil
 }
 
 // ResolveRef resolves a reference against a context root
+// ref is guaranteed to be in root (no need to go to external files)
+// ResolveRef is ONLY called from the code generation module
 func ResolveRef(root interface{}, ref *Ref) (*Schema, error) {
-	return ResolveRefWithBase(root, ref, nil)
+	res, _, err := ref.GetPointer().Get(root)
+	if err != nil {
+		panic(err)
+	}
+	switch sch := res.(type) {
+	case Schema:
+		return &sch, nil
+	case *Schema:
+		return sch, nil
+	case map[string]interface{}:
+		b, _ := json.Marshal(sch)
+		newSch := new(Schema)
+		json.Unmarshal(b, newSch)
+		return newSch, nil
+	default:
+		return nil, fmt.Errorf("unknown type for the resolved reference")
+	}
 }
 
 // ResolveParameter resolves a paramter reference against a context root
@@ -107,13 +130,13 @@ func ResolveParameter(root interface{}, ref Ref) (*Parameter, error) {
 
 // ResolveParameterWithBase resolves a paramter reference against a context root and base path
 func ResolveParameterWithBase(root interface{}, ref Ref, opts *ExpandOptions) (*Parameter, error) {
-	resolver, err := defaultSchemaLoader(root, nil, opts, nil)
+	resolver, err := defaultSchemaLoader(root, opts, nil)
 	if err != nil {
 		return nil, err
 	}
 
 	result := new(Parameter)
-	if err := resolver.Resolve(&ref, result); err != nil {
+	if err := resolver.Resolve(&ref, result, ""); err != nil {
 		return nil, err
 	}
 	return result, nil
@@ -126,13 +149,13 @@ func ResolveResponse(root interface{}, ref Ref) (*Response, error) {
 
 // ResolveResponseWithBase resolves response a reference against a context root and base path
 func ResolveResponseWithBase(root interface{}, ref Ref, opts *ExpandOptions) (*Response, error) {
-	resolver, err := defaultSchemaLoader(root, nil, opts, nil)
+	resolver, err := defaultSchemaLoader(root, opts, nil)
 	if err != nil {
 		return nil, err
 	}
 
 	result := new(Response)
-	if err := resolver.Resolve(&ref, result); err != nil {
+	if err := resolver.Resolve(&ref, result, ""); err != nil {
 		return nil, err
 	}
 	return result, nil
@@ -140,13 +163,16 @@ func ResolveResponseWithBase(root interface{}, ref Ref, opts *ExpandOptions) (*R
 
 // ResolveItems resolves header and parameter items reference against a context root and base path
 func ResolveItems(root interface{}, ref Ref, opts *ExpandOptions) (*Items, error) {
-	resolver, err := defaultSchemaLoader(root, nil, opts, nil)
+	resolver, err := defaultSchemaLoader(root, opts, nil)
 	if err != nil {
 		return nil, err
 	}
-
+	basePath := ""
+	if opts.RelativeBase != "" {
+		basePath = opts.RelativeBase
+	}
 	result := new(Items)
-	if err := resolver.Resolve(&ref, result); err != nil {
+	if err := resolver.Resolve(&ref, result, basePath); err != nil {
 		return nil, err
 	}
 	return result, nil
@@ -154,26 +180,26 @@ func ResolveItems(root interface{}, ref Ref, opts *ExpandOptions) (*Items, error
 
 // ResolvePathItem resolves response a path item against a context root and base path
 func ResolvePathItem(root interface{}, ref Ref, opts *ExpandOptions) (*PathItem, error) {
-	resolver, err := defaultSchemaLoader(root, nil, opts, nil)
+	resolver, err := defaultSchemaLoader(root, opts, nil)
 	if err != nil {
 		return nil, err
 	}
-
+	basePath := ""
+	if opts.RelativeBase != "" {
+		basePath = opts.RelativeBase
+	}
 	result := new(PathItem)
-	if err := resolver.Resolve(&ref, result); err != nil {
+	if err := resolver.Resolve(&ref, result, basePath); err != nil {
 		return nil, err
 	}
 	return result, nil
 }
 
 type schemaLoader struct {
-	loadingRef  *Ref
-	startingRef *Ref
-	currentRef  *Ref
-	root        interface{}
-	options     *ExpandOptions
-	cache       ResolutionCache
-	loadDoc     func(string) (json.RawMessage, error)
+	root    interface{}
+	options *ExpandOptions
+	cache   ResolutionCache
+	loadDoc func(string) (json.RawMessage, error)
 }
 
 var idPtr, _ = jsonpointer.New("/id")
@@ -194,7 +220,6 @@ func init() {
 
 func defaultSchemaLoader(
 	root interface{},
-	ref *Ref,
 	expandOptions *ExpandOptions,
 	cache ResolutionCache) (*schemaLoader, error) {
 
@@ -205,20 +230,10 @@ func defaultSchemaLoader(
 		expandOptions = &ExpandOptions{}
 	}
 
-	var ptr *jsonpointer.Pointer
-	if ref != nil {
-		ptr = ref.GetPointer()
-	}
-
-	currentRef := nextRef(root, ref, ptr)
-
 	return &schemaLoader{
-		loadingRef:  ref,
-		startingRef: ref,
-		currentRef:  currentRef,
-		root:        root,
-		options:     expandOptions,
-		cache:       cache,
+		root:    root,
+		options: expandOptions,
+		cache:   cache,
 		loadDoc: func(path string) (json.RawMessage, error) {
 			debugLog("fetching document at %q", path)
 			return PathLoader(path)
@@ -303,172 +318,110 @@ func debugLog(msg string, args ...interface{}) {
 	}
 }
 
-func normalizeFileRef(ref *Ref, relativeBase string) *Ref {
-	refURL := ref.GetURL()
-	debugLog("normalizing %s against %s (%s)", ref.String(), relativeBase, refURL.String())
-	if strings.HasPrefix(refURL.String(), "#") {
-		return ref
+// normalize absolute path for cache.
+// on Windows, drive letters should be converted to lower as scheme in net/url.URL
+func normalizeAbsPath(path string) string {
+	u, err := url.Parse(path)
+	if err != nil {
+		debugLog("normalize absolute path failed: %s", err)
+		return path
 	}
+	return u.String()
+}
 
-	if refURL.Scheme == "file" || (refURL.Scheme == "" && refURL.Host == "") {
-		filePath := refURL.Path
-		debugLog("normalizing file path: %s", filePath)
-
-		if !filepath.IsAbs(filepath.FromSlash(filePath)) && len(relativeBase) != 0 {
-			debugLog("joining %s with %s", relativeBase, filePath)
-			if fi, err := os.Stat(filepath.FromSlash(relativeBase)); err == nil {
-				if !fi.IsDir() {
-					relativeBase = filepath.Dir(filepath.FromSlash(relativeBase))
-				}
-			}
-			filePath = filepath.Join(filepath.FromSlash(relativeBase), filepath.FromSlash(filePath))
-		}
-		if !filepath.IsAbs(filepath.FromSlash(filePath)) {
-			pwd, err := os.Getwd()
-			if err == nil {
-				debugLog("joining cwd %s with %s", pwd, filePath)
-				filePath = filepath.Join(pwd, filepath.FromSlash(filePath))
-			}
+// base or refPath could be a file path or a URL
+// given a base absolute path and a ref path, return the absolute path of refPath
+// 1) if refPath is absolute, return it
+// 2) if refPath is relative, join it with basePath keeping the scheme, hosts, and ports if exists
+// base could be a directory or a full file path
+func normalizePaths(refPath, base string) string {
+	refURL, _ := url.Parse(refPath)
+	if path.IsAbs(refURL.Path) {
+		// refPath is actually absolute
+		if refURL.Host != "" {
+			return refPath
 		}
+		return filepath.FromSlash(refPath)
+	}
 
-		debugLog("cleaning %s", filePath)
-		filePath = filepath.Clean(filepath.FromSlash(filePath))
-		_, err := os.Stat(filepath.FromSlash(filePath))
-		if err == nil {
-			debugLog("rewriting url %s to scheme \"\" path %s", refURL.String(), filePath)
-			slp := filepath.FromSlash(filePath)
-			if filepath.IsAbs(slp) && filepath.Separator == '\\' && len(slp) > 1 && slp[1] == ':' && ('a' <= slp[0] && slp[0] <= 'z' || 'A' <= slp[0] && slp[0] <= 'Z') {
-				slp = slp[2:]
-			}
-			refURL.Scheme = ""
-			refURL.Path = filepath.ToSlash(slp)
-			debugLog("new url with joined filepath: %s", refURL.String())
-			*ref = MustCreateRef(refURL.String())
+	// relative refPath
+	baseURL, _ := url.Parse(base)
+	if !strings.HasPrefix(refPath, "#") {
+		// combining paths
+		if baseURL.Host != "" {
+			baseURL.Path = path.Join(path.Dir(baseURL.Path), refURL.Path)
+		} else { // base is a file
+			newBase := fmt.Sprintf("%s#%s", filepath.Join(filepath.Dir(base), filepath.FromSlash(refURL.Path)), refURL.Fragment)
+			return newBase
 		}
-	}
 
-	debugLog("refurl: %s", ref.GetURL().String())
-	return ref
+	}
+	// copying fragment from ref to base
+	baseURL.Fragment = refURL.Fragment
+	return baseURL.String()
 }
 
-func (r *schemaLoader) resolveRef(currentRef, ref *Ref, node, target interface{}) error {
-
-	tgt := reflect.ValueOf(target)
-	if tgt.Kind() != reflect.Ptr {
-		return fmt.Errorf("resolve ref: target needs to be a pointer")
+// relativeBase could be an ABSOLUTE file path or an ABSOLUTE URL
+func normalizeFileRef(ref *Ref, relativeBase string) *Ref {
+	// This is important for when the reference is pointing to the root schema
+	if ref.String() == "" {
+		r, _ := NewRef(relativeBase)
+		return &r
 	}
 
-	oldRef := currentRef
+	refURL := ref.GetURL()
+	debugLog("normalizing %s against %s (%s)", ref.String(), relativeBase, refURL.String())
 
-	if currentRef != nil {
-		debugLog("resolve ref current %s new %s", currentRef.String(), ref.String())
-		nextRef := nextRef(node, ref, currentRef.GetPointer())
-		if nextRef == nil || nextRef.GetURL() == nil {
-			return nil
-		}
-		var err error
-		currentRef, err = currentRef.Inherits(*nextRef)
-		debugLog("resolved ref current %s", currentRef.String())
-		if err != nil {
-			return err
-		}
-	}
+	s := normalizePaths(ref.String(), relativeBase)
+	r, _ := NewRef(s)
+	return &r
+}
 
-	if currentRef == nil {
-		currentRef = ref
+func (r *schemaLoader) resolveRef(ref *Ref, target interface{}, basePath string) error {
+	tgt := reflect.ValueOf(target)
+	if tgt.Kind() != reflect.Ptr {
+		return fmt.Errorf("resolve ref: target needs to be a pointer")
 	}
 
-	refURL := currentRef.GetURL()
+	refURL := ref.GetURL()
 	if refURL == nil {
 		return nil
 	}
-	if currentRef.IsRoot() {
-		nv := reflect.ValueOf(node)
-		reflect.Indirect(tgt).Set(reflect.Indirect(nv))
-		return nil
-	}
 
-	if strings.HasPrefix(refURL.String(), "#") {
-		res, _, err := ref.GetPointer().Get(node)
+	var res interface{}
+	var data interface{}
+	var err error
+	// Resolve against the root if it isn't nil, and if ref is pointing at the root, or has a fragment only which means
+	// it is pointing somewhere in the root.
+	root := r.root
+	if (ref.IsRoot() || ref.HasFragmentOnly) && root == nil && basePath != "" {
+		if baseRef, err := NewRef(basePath); err == nil {
+			root, _, _, _ = r.load(baseRef.GetURL())
+		}
+	}
+	if (ref.IsRoot() || ref.HasFragmentOnly) && root != nil {
+		data = root
+	} else {
+		baseRef := normalizeFileRef(ref, basePath)
+		debugLog("current ref is: %s", ref.String())
+		debugLog("current ref normalized file: %s", baseRef.String())
+		data, _, _, err = r.load(baseRef.GetURL())
 		if err != nil {
-			res, _, err = ref.GetPointer().Get(r.root)
-			if err != nil {
-				return err
-			}
-		}
-		rv := reflect.Indirect(reflect.ValueOf(res))
-		tgtType := reflect.Indirect(tgt).Type()
-		if rv.Type().AssignableTo(tgtType) {
-			reflect.Indirect(tgt).Set(reflect.Indirect(reflect.ValueOf(res)))
-		} else {
-			if err := swag.DynamicJSONToStruct(rv.Interface(), target); err != nil {
-				return err
-			}
+			return err
 		}
-
-		return nil
 	}
 
-	relativeBase := ""
-	if r.options != nil && r.options.RelativeBase != "" {
-		relativeBase = r.options.RelativeBase
-	}
-	normalizeFileRef(currentRef, relativeBase)
-	debugLog("current ref normalized file: %s", currentRef.String())
-	normalizeFileRef(ref, relativeBase)
-	debugLog("ref normalized file: %s", currentRef.String())
-
-	data, _, _, err := r.load(currentRef.GetURL())
-	if err != nil {
-		return err
-	}
-
-	if ((oldRef == nil && currentRef != nil) ||
-		(oldRef != nil && currentRef == nil) ||
-		oldRef.String() != currentRef.String()) &&
-		((oldRef == nil && ref != nil) ||
-			(oldRef != nil && ref == nil) ||
-			(oldRef.String() != ref.String())) {
-
-		return r.resolveRef(currentRef, ref, data, target)
-	}
-
-	var res interface{}
-	if currentRef.String() != "" {
-		res, _, err = currentRef.GetPointer().Get(data)
+	res = data
+	if ref.String() != "" {
+		res, _, err = ref.GetPointer().Get(data)
 		if err != nil {
-			if strings.HasPrefix(ref.String(), "#") {
-				if r.loadingRef != nil {
-					rr, er := r.loadingRef.Inherits(*ref)
-					if er != nil {
-						return er
-					}
-					refURL = rr.GetURL()
-
-					data, _, _, err = r.load(refURL)
-					if err != nil {
-						return err
-					}
-				} else {
-					data = r.root
-				}
-			}
-
-			res, _, err = ref.GetPointer().Get(data)
-			if err != nil {
-				return err
-			}
+			return err
 		}
-	} else {
-		res = data
 	}
-
 	if err := swag.DynamicJSONToStruct(res, target); err != nil {
 		return err
 	}
 
-	r.currentRef = currentRef
-
 	return nil
 }
 
@@ -493,50 +446,62 @@ func (r *schemaLoader) load(refURL *url.URL) (interface{}, url.URL, bool, error)
 	return data, toFetch, fromCache, nil
 }
 
-func (r *schemaLoader) Resolve(ref *Ref, target interface{}) error {
-	return r.resolveRef(r.currentRef, ref, r.root, target)
+// Resolve resolves a reference against basePath and stores the result in target
+// Resolve is not in charge of following references, it only resolves ref by following its URL
+// if the schema that ref is referring to has more refs in it. Resolve doesn't resolve them
+// if basePath is an empty string, ref is resolved against the root schema stored in the schemaLoader struct
+func (r *schemaLoader) Resolve(ref *Ref, target interface{}, basePath string) error {
+	return r.resolveRef(ref, target, basePath)
 }
 
-func (r *schemaLoader) reset() {
-	ref := r.startingRef
-
-	var ptr *jsonpointer.Pointer
-	if ref != nil {
-		ptr = ref.GetPointer()
+// absPath returns the absolute path of a file
+func absPath(fname string) (string, error) {
+	if strings.HasPrefix(fname, "http") {
+		return fname, nil
 	}
-
-	r.currentRef = nextRef(r.root, ref, ptr)
+	if filepath.IsAbs(fname) {
+		return fname, nil
+	}
+	wd, err := os.Getwd()
+	return filepath.Join(wd, fname), err
 }
 
 // ExpandSpec expands the references in a swagger spec
 func ExpandSpec(spec *Swagger, options *ExpandOptions) error {
-	resolver, err := defaultSchemaLoader(spec, nil, options, nil)
+	resolver, err := defaultSchemaLoader(spec, options, nil)
 	// Just in case this ever returns an error.
 	if shouldStopOnError(err, resolver.options) {
 		return err
 	}
 
+	// getting the base path of the spec to adjust all subsequent reference resolutions
+	specBasePath := ""
+	if options != nil && options.RelativeBase != "" {
+		specBasePath, _ = absPath(options.RelativeBase)
+	}
+
 	if options == nil || !options.SkipSchemas {
 		for key, definition := range spec.Definitions {
 			var def *Schema
 			var err error
-			if def, err = expandSchema(definition, []string{"#/definitions/" + key}, resolver); shouldStopOnError(err, resolver.options) {
+			if def, err = expandSchema(definition, []string{fmt.Sprintf("#/defintions/%s", key)}, resolver, specBasePath); shouldStopOnError(err, resolver.options) {
 				return err
 			}
-			resolver.reset()
-			spec.Definitions[key] = *def
+			if def != nil {
+				spec.Definitions[key] = *def
+			}
 		}
 	}
 
 	for key, parameter := range spec.Parameters {
-		if err := expandParameter(&parameter, resolver); shouldStopOnError(err, resolver.options) {
+		if err := expandParameter(&parameter, resolver, specBasePath); shouldStopOnError(err, resolver.options) {
 			return err
 		}
 		spec.Parameters[key] = parameter
 	}
 
 	for key, response := range spec.Responses {
-		if err := expandResponse(&response, resolver); shouldStopOnError(err, resolver.options) {
+		if err := expandResponse(&response, resolver, specBasePath); shouldStopOnError(err, resolver.options) {
 			return err
 		}
 		spec.Responses[key] = response
@@ -544,7 +509,7 @@ func ExpandSpec(spec *Swagger, options *ExpandOptions) error {
 
 	if spec.Paths != nil {
 		for key, path := range spec.Paths.Paths {
-			if err := expandPathItem(&path, resolver); shouldStopOnError(err, resolver.options) {
+			if err := expandPathItem(&path, resolver, specBasePath); shouldStopOnError(err, resolver.options) {
 				return err
 			}
 			spec.Paths.Paths[key] = path
@@ -566,69 +531,65 @@ func shouldStopOnError(err error, opts *ExpandOptions) bool {
 	return false
 }
 
-// ExpandSchema expands the refs in the schema object
+// ExpandSchema expands the refs in the schema object with reference to the root object
+// go-openapi/validate uses this function
+// notice that it is impossible to reference a json scema in a different file other than root
 func ExpandSchema(schema *Schema, root interface{}, cache ResolutionCache) error {
-	return ExpandSchemaWithBasePath(schema, root, cache, nil)
+	// Only save the root to a tmp file if it isn't nil.
+	var base string
+	if root != nil {
+		base, _ = absPath("root")
+		if cache == nil {
+			cache = resCache
+		}
+		cache.Set(normalizeAbsPath(base), root)
+		base = "root"
+	}
+
+	opts := &ExpandOptions{
+		RelativeBase:    base,
+		SkipSchemas:     false,
+		ContinueOnError: false,
+	}
+	return ExpandSchemaWithBasePath(schema, cache, opts)
 }
 
 // ExpandSchemaWithBasePath expands the refs in the schema object, base path configured through expand options
-func ExpandSchemaWithBasePath(schema *Schema, root interface{}, cache ResolutionCache, opts *ExpandOptions) error {
+func ExpandSchemaWithBasePath(schema *Schema, cache ResolutionCache, opts *ExpandOptions) error {
 	if schema == nil {
 		return nil
 	}
-	if root == nil {
-		root = schema
-	}
 
-	nrr, _ := NewRef(schema.ID)
-	var rrr *Ref
-	if nrr.String() != "" {
-		switch rt := root.(type) {
-		case *Schema:
-			rid, _ := NewRef(rt.ID)
-			rrr, _ = rid.Inherits(nrr)
-		case *Swagger:
-			rid, _ := NewRef(rt.ID)
-			rrr, _ = rid.Inherits(nrr)
-		}
+	var basePath string
+	if opts.RelativeBase != "" {
+		basePath, _ = absPath(opts.RelativeBase)
 	}
 
-	resolver, err := defaultSchemaLoader(root, rrr, opts, cache)
+	resolver, err := defaultSchemaLoader(nil, opts, cache)
 	if err != nil {
 		return err
 	}
 
 	refs := []string{""}
-	if rrr != nil {
-		refs[0] = rrr.String()
-	}
 	var s *Schema
-	if s, err = expandSchema(*schema, refs, resolver); err != nil {
+	if s, err = expandSchema(*schema, refs, resolver, basePath); err != nil {
 		return err
 	}
 	*schema = *s
 	return nil
 }
 
-func expandItems(target Schema, parentRefs []string, resolver *schemaLoader) (*Schema, error) {
+func expandItems(target Schema, parentRefs []string, resolver *schemaLoader, basePath string) (*Schema, error) {
 	if target.Items != nil {
 		if target.Items.Schema != nil {
-			t, err := expandSchema(*target.Items.Schema, parentRefs, resolver)
+			t, err := expandSchema(*target.Items.Schema, parentRefs, resolver, basePath)
 			if err != nil {
-				if target.Items.Schema.ID == "" {
-					target.Items.Schema.ID = target.ID
-					if err != nil {
-						t, err = expandSchema(*target.Items.Schema, parentRefs, resolver)
-						if err != nil {
-							return nil, err
-						}
-					}
-				}
+				return nil, err
 			}
 			*target.Items.Schema = *t
 		}
 		for i := range target.Items.Schemas {
-			t, err := expandSchema(target.Items.Schemas[i], parentRefs, resolver)
+			t, err := expandSchema(target.Items.Schemas[i], parentRefs, resolver, basePath)
 			if err != nil {
 				return nil, err
 			}
@@ -638,36 +599,84 @@ func expandItems(target Schema, parentRefs []string, resolver *schemaLoader) (*S
 	return &target, nil
 }
 
-func expandSchema(target Schema, parentRefs []string, resolver *schemaLoader) (*Schema, error) {
+// basePathFromSchemaID returns a new basePath based on an existing basePath and a schema ID
+func basePathFromSchemaID(oldBasePath, id string) string {
+	u, err := url.Parse(oldBasePath)
+	if err != nil {
+		panic(err)
+	}
+	uid, err := url.Parse(id)
+	if err != nil {
+		panic(err)
+	}
+
+	if path.IsAbs(uid.Path) {
+		return id
+	}
+	u.Path = path.Join(path.Dir(u.Path), uid.Path)
+	return u.String()
+}
+
+func isCircular(ref *Ref, basePath string, parentRefs ...string) bool {
+	return basePath != "" && swag.ContainsStringsCI(parentRefs, ref.String())
+}
+
+func expandSchema(target Schema, parentRefs []string, resolver *schemaLoader, basePath string) (*Schema, error) {
 	if target.Ref.String() == "" && target.Ref.IsRoot() {
-		debugLog("skipping expand schema for no ref and root: %v", resolver.root)
+		// normalizing is important
+		newRef := normalizeFileRef(&target.Ref, basePath)
+		target.Ref = *newRef
+		return &target, nil
 
-		return resolver.root.(*Schema), nil
 	}
 
-	// t is the new expanded schema
-	var t *Schema
+	/* change the base path of resolution when an ID is encountered
+	   otherwise the basePath should inherit the parent's */
+	// important: ID can be relative path
+	if target.ID != "" {
+		// handling the case when id is a folder
+		// remember that basePath has to be a file
+		refPath := target.ID
+		if strings.HasSuffix(target.ID, "/") {
+			// path.Clean here would not work correctly if basepath is http
+			refPath = fmt.Sprintf("%s%s", refPath, "placeholder.json")
+		}
+		basePath = normalizePaths(refPath, basePath)
+	}
+
+	/* Explain here what this function does */
 
-	for target.Ref.String() != "" {
-		if swag.ContainsStringsCI(parentRefs, target.Ref.String()) {
+	var t *Schema
+	/* if Ref is found, everything else doesn't matter */
+	/* Ref also changes the resolution scope of children expandSchema */
+	if target.Ref.String() != "" {
+		/* Here the resolution scope is changed because a $ref was encountered */
+		normalizedRef := normalizeFileRef(&target.Ref, basePath)
+		normalizedBasePath := normalizedRef.RemoteURI()
+
+		/* this means there is a circle in the recursion tree */
+		/* return the Ref */
+		if isCircular(normalizedRef, basePath, parentRefs...) {
+			target.Ref = *normalizedRef
 			return &target, nil
 		}
 
-		if err := resolver.Resolve(&target.Ref, &t); shouldStopOnError(err, resolver.options) {
-			return &target, err
+		debugLog("\nbasePath: %s", basePath)
+		if Debug {
+			b, _ := json.Marshal(target)
+			debugLog("calling Resolve with target: %s", string(b))
 		}
-
-		if swag.ContainsStringsCI(parentRefs, target.Ref.String()) {
-			debugLog("ref already exists in parent")
-			return &target, nil
+		if err := resolver.Resolve(&target.Ref, &t, basePath); shouldStopOnError(err, resolver.options) {
+			return nil, err
 		}
-		parentRefs = append(parentRefs, target.Ref.String())
+
 		if t != nil {
-			target = *t
+			parentRefs = append(parentRefs, normalizedRef.String())
+			return expandSchema(*t, parentRefs, resolver, normalizedBasePath)
 		}
 	}
 
-	t, err := expandItems(target, parentRefs, resolver)
+	t, err := expandItems(target, parentRefs, resolver, basePath)
 	if shouldStopOnError(err, resolver.options) {
 		return &target, err
 	}
@@ -676,23 +685,21 @@ func expandSchema(target Schema, parentRefs []string, resolver *schemaLoader) (*
 	}
 
 	for i := range target.AllOf {
-		t, err := expandSchema(target.AllOf[i], parentRefs, resolver)
+		t, err := expandSchema(target.AllOf[i], parentRefs, resolver, basePath)
 		if shouldStopOnError(err, resolver.options) {
 			return &target, err
 		}
-		if t != nil {
-			target.AllOf[i] = *t
-		}
+		target.AllOf[i] = *t
 	}
 	for i := range target.AnyOf {
-		t, err := expandSchema(target.AnyOf[i], parentRefs, resolver)
+		t, err := expandSchema(target.AnyOf[i], parentRefs, resolver, basePath)
 		if shouldStopOnError(err, resolver.options) {
 			return &target, err
 		}
 		target.AnyOf[i] = *t
 	}
 	for i := range target.OneOf {
-		t, err := expandSchema(target.OneOf[i], parentRefs, resolver)
+		t, err := expandSchema(target.OneOf[i], parentRefs, resolver, basePath)
 		if shouldStopOnError(err, resolver.options) {
 			return &target, err
 		}
@@ -701,7 +708,7 @@ func expandSchema(target Schema, parentRefs []string, resolver *schemaLoader) (*
 		}
 	}
 	if target.Not != nil {
-		t, err := expandSchema(*target.Not, parentRefs, resolver)
+		t, err := expandSchema(*target.Not, parentRefs, resolver, basePath)
 		if shouldStopOnError(err, resolver.options) {
 			return &target, err
 		}
@@ -710,7 +717,7 @@ func expandSchema(target Schema, parentRefs []string, resolver *schemaLoader) (*
 		}
 	}
 	for k := range target.Properties {
-		t, err := expandSchema(target.Properties[k], parentRefs, resolver)
+		t, err := expandSchema(target.Properties[k], parentRefs, resolver, basePath)
 		if shouldStopOnError(err, resolver.options) {
 			return &target, err
 		}
@@ -719,7 +726,7 @@ func expandSchema(target Schema, parentRefs []string, resolver *schemaLoader) (*
 		}
 	}
 	if target.AdditionalProperties != nil && target.AdditionalProperties.Schema != nil {
-		t, err := expandSchema(*target.AdditionalProperties.Schema, parentRefs, resolver)
+		t, err := expandSchema(*target.AdditionalProperties.Schema, parentRefs, resolver, basePath)
 		if shouldStopOnError(err, resolver.options) {
 			return &target, err
 		}
@@ -728,7 +735,7 @@ func expandSchema(target Schema, parentRefs []string, resolver *schemaLoader) (*
 		}
 	}
 	for k := range target.PatternProperties {
-		t, err := expandSchema(target.PatternProperties[k], parentRefs, resolver)
+		t, err := expandSchema(target.PatternProperties[k], parentRefs, resolver, basePath)
 		if shouldStopOnError(err, resolver.options) {
 			return &target, err
 		}
@@ -738,7 +745,7 @@ func expandSchema(target Schema, parentRefs []string, resolver *schemaLoader) (*
 	}
 	for k := range target.Dependencies {
 		if target.Dependencies[k].Schema != nil {
-			t, err := expandSchema(*target.Dependencies[k].Schema, parentRefs, resolver)
+			t, err := expandSchema(*target.Dependencies[k].Schema, parentRefs, resolver, basePath)
 			if shouldStopOnError(err, resolver.options) {
 				return &target, err
 			}
@@ -748,7 +755,7 @@ func expandSchema(target Schema, parentRefs []string, resolver *schemaLoader) (*
 		}
 	}
 	if target.AdditionalItems != nil && target.AdditionalItems.Schema != nil {
-		t, err := expandSchema(*target.AdditionalItems.Schema, parentRefs, resolver)
+		t, err := expandSchema(*target.AdditionalItems.Schema, parentRefs, resolver, basePath)
 		if shouldStopOnError(err, resolver.options) {
 			return &target, err
 		}
@@ -757,7 +764,7 @@ func expandSchema(target Schema, parentRefs []string, resolver *schemaLoader) (*
 		}
 	}
 	for k := range target.Definitions {
-		t, err := expandSchema(target.Definitions[k], parentRefs, resolver)
+		t, err := expandSchema(target.Definitions[k], parentRefs, resolver, basePath)
 		if shouldStopOnError(err, resolver.options) {
 			return &target, err
 		}
@@ -768,55 +775,78 @@ func expandSchema(target Schema, parentRefs []string, resolver *schemaLoader) (*
 	return &target, nil
 }
 
-func expandPathItem(pathItem *PathItem, resolver *schemaLoader) error {
+func derefPathItem(pathItem *PathItem, parentRefs []string, resolver *schemaLoader, basePath string) error {
+	curRef := pathItem.Ref.String()
+	if curRef != "" {
+		normalizedRef := normalizeFileRef(&pathItem.Ref, basePath)
+		normalizedBasePath := normalizedRef.RemoteURI()
+
+		if isCircular(normalizedRef, basePath, parentRefs...) {
+			return nil
+		}
+
+		if err := resolver.Resolve(&pathItem.Ref, pathItem, basePath); shouldStopOnError(err, resolver.options) {
+			return err
+		}
+
+		if pathItem.Ref.String() != "" && pathItem.Ref.String() != curRef && basePath != normalizedBasePath {
+			parentRefs = append(parentRefs, normalizedRef.String())
+			return derefPathItem(pathItem, parentRefs, resolver, normalizedBasePath)
+		}
+	}
+
+	return nil
+}
+
+func expandPathItem(pathItem *PathItem, resolver *schemaLoader, basePath string) error {
 	if pathItem == nil {
 		return nil
 	}
 
-	if pathItem.Ref.String() != "" {
-		if err := resolver.Resolve(&pathItem.Ref, &pathItem); err != nil {
-			return err
-		}
-		resolver.reset()
-		pathItem.Ref = Ref{}
+	parentRefs := []string{}
+	if err := derefPathItem(pathItem, parentRefs, resolver, basePath); shouldStopOnError(err, resolver.options) {
+		return err
 	}
+	pathItem.Ref = Ref{}
+
+	parentRefs = parentRefs[0:]
 
 	for idx := range pathItem.Parameters {
-		if err := expandParameter(&(pathItem.Parameters[idx]), resolver); shouldStopOnError(err, resolver.options) {
+		if err := expandParameter(&(pathItem.Parameters[idx]), resolver, basePath); shouldStopOnError(err, resolver.options) {
 			return err
 		}
 	}
-	if err := expandOperation(pathItem.Get, resolver); shouldStopOnError(err, resolver.options) {
+	if err := expandOperation(pathItem.Get, resolver, basePath); shouldStopOnError(err, resolver.options) {
 		return err
 	}
-	if err := expandOperation(pathItem.Head, resolver); shouldStopOnError(err, resolver.options) {
+	if err := expandOperation(pathItem.Head, resolver, basePath); shouldStopOnError(err, resolver.options) {
 		return err
 	}
-	if err := expandOperation(pathItem.Options, resolver); shouldStopOnError(err, resolver.options) {
+	if err := expandOperation(pathItem.Options, resolver, basePath); shouldStopOnError(err, resolver.options) {
 		return err
 	}
-	if err := expandOperation(pathItem.Put, resolver); shouldStopOnError(err, resolver.options) {
+	if err := expandOperation(pathItem.Put, resolver, basePath); shouldStopOnError(err, resolver.options) {
 		return err
 	}
-	if err := expandOperation(pathItem.Post, resolver); shouldStopOnError(err, resolver.options) {
+	if err := expandOperation(pathItem.Post, resolver, basePath); shouldStopOnError(err, resolver.options) {
 		return err
 	}
-	if err := expandOperation(pathItem.Patch, resolver); shouldStopOnError(err, resolver.options) {
+	if err := expandOperation(pathItem.Patch, resolver, basePath); shouldStopOnError(err, resolver.options) {
 		return err
 	}
-	if err := expandOperation(pathItem.Delete, resolver); shouldStopOnError(err, resolver.options) {
+	if err := expandOperation(pathItem.Delete, resolver, basePath); shouldStopOnError(err, resolver.options) {
 		return err
 	}
 	return nil
 }
 
-func expandOperation(op *Operation, resolver *schemaLoader) error {
+func expandOperation(op *Operation, resolver *schemaLoader, basePath string) error {
 	if op == nil {
 		return nil
 	}
 
 	for i, param := range op.Parameters {
-		if err := expandParameter(&param, resolver); shouldStopOnError(err, resolver.options) {
+		if err := expandParameter(&param, resolver, basePath); shouldStopOnError(err, resolver.options) {
 			return err
 		}
 		op.Parameters[i] = param
@@ -824,11 +854,11 @@ func expandOperation(op *Operation, resolver *schemaLoader) error {
 
 	if op.Responses != nil {
 		responses := op.Responses
-		if err := expandResponse(responses.Default, resolver); shouldStopOnError(err, resolver.options) {
+		if err := expandResponse(responses.Default, resolver, basePath); shouldStopOnError(err, resolver.options) {
 			return err
 		}
 		for code, response := range responses.StatusCodeResponses {
-			if err := expandResponse(&response, resolver); shouldStopOnError(err, resolver.options) {
+			if err := expandResponse(&response, resolver, basePath); shouldStopOnError(err, resolver.options) {
 				return err
 			}
 			responses.StatusCodeResponses[code] = response
@@ -837,63 +867,125 @@ func expandOperation(op *Operation, resolver *schemaLoader) error {
 	return nil
 }
 
-func expandResponse(response *Response, resolver *schemaLoader) error {
-	if response == nil {
-		return nil
+// ExpandResponse expands a response based on a basepath
+// This is the exported version of expandResponse
+// all refs inside response will be resolved relative to basePath
+func ExpandResponse(response *Response, basePath string) error {
+	opts := &ExpandOptions{
+		RelativeBase: basePath,
 	}
+	resolver, err := defaultSchemaLoader(nil, opts, nil)
+	if err != nil {
+		return err
+	}
+
+	return expandResponse(response, resolver, basePath)
+}
 
-	var parentRefs []string
+func derefResponse(response *Response, parentRefs []string, resolver *schemaLoader, basePath string) error {
+	curRef := response.Ref.String()
+	if curRef != "" {
+		/* Here the resolution scope is changed because a $ref was encountered */
+		normalizedRef := normalizeFileRef(&response.Ref, basePath)
+		normalizedBasePath := normalizedRef.RemoteURI()
+
+		if isCircular(normalizedRef, basePath, parentRefs...) {
+			return nil
+		}
 
-	if response.Ref.String() != "" {
-		parentRefs = append(parentRefs, response.Ref.String())
-		if err := resolver.Resolve(&response.Ref, response); shouldStopOnError(err, resolver.options) {
+		if err := resolver.Resolve(&response.Ref, response, basePath); shouldStopOnError(err, resolver.options) {
 			return err
 		}
-		resolver.reset()
-		response.Ref = Ref{}
+
+		if response.Ref.String() != "" && response.Ref.String() != curRef && basePath != normalizedBasePath {
+			parentRefs = append(parentRefs, normalizedRef.String())
+			return derefResponse(response, parentRefs, resolver, normalizedBasePath)
+		}
 	}
 
+	return nil
+}
+
+func expandResponse(response *Response, resolver *schemaLoader, basePath string) error {
+	if response == nil {
+		return nil
+	}
+
+	parentRefs := []string{}
+	if err := derefResponse(response, parentRefs, resolver, basePath); shouldStopOnError(err, resolver.options) {
+		return err
+	}
+	response.Ref = Ref{}
+
+	parentRefs = parentRefs[0:]
 	if !resolver.options.SkipSchemas && response.Schema != nil {
 		parentRefs = append(parentRefs, response.Schema.Ref.String())
-		debugLog("response ref: %s", response.Schema.Ref)
-		if err := resolver.Resolve(&response.Schema.Ref, &response.Schema); shouldStopOnError(err, resolver.options) {
-			return err
-		}
-		s, err := expandSchema(*response.Schema, parentRefs, resolver)
+		s, err := expandSchema(*response.Schema, parentRefs, resolver, basePath)
 		if shouldStopOnError(err, resolver.options) {
 			return err
 		}
-		resolver.reset()
 		*response.Schema = *s
 	}
+
 	return nil
 }
 
-func expandParameter(parameter *Parameter, resolver *schemaLoader) error {
-	if parameter == nil {
-		return nil
+// ExpandParameter expands a parameter based on a basepath
+// This is the exported version of expandParameter
+// all refs inside parameter will be resolved relative to basePath
+func ExpandParameter(parameter *Parameter, basePath string) error {
+	opts := &ExpandOptions{
+		RelativeBase: basePath,
 	}
+	resolver, err := defaultSchemaLoader(nil, opts, nil)
+	if err != nil {
+		return err
+	}
+
+	return expandParameter(parameter, resolver, basePath)
+}
+
+func derefParameter(parameter *Parameter, parentRefs []string, resolver *schemaLoader, basePath string) error {
+	curRef := parameter.Ref.String()
+	if curRef != "" {
+		normalizedRef := normalizeFileRef(&parameter.Ref, basePath)
+		normalizedBasePath := normalizedRef.RemoteURI()
 
-	var parentRefs []string
+		if isCircular(normalizedRef, basePath, parentRefs...) {
+			return nil
+		}
 
-	if parameter.Ref.String() != "" {
-		parentRefs = append(parentRefs, parameter.Ref.String())
-		if err := resolver.Resolve(&parameter.Ref, parameter); shouldStopOnError(err, resolver.options) {
+		if err := resolver.Resolve(&parameter.Ref, parameter, basePath); shouldStopOnError(err, resolver.options) {
 			return err
 		}
-		resolver.reset()
-		parameter.Ref = Ref{}
+
+		if parameter.Ref.String() != "" && parameter.Ref.String() != curRef && basePath != normalizedBasePath {
+			parentRefs = append(parentRefs, normalizedRef.String())
+			return derefParameter(parameter, parentRefs, resolver, normalizedBasePath)
+		}
 	}
+
+	return nil
+}
+
+func expandParameter(parameter *Parameter, resolver *schemaLoader, basePath string) error {
+	if parameter == nil {
+		return nil
+	}
+
+	parentRefs := []string{}
+	if err := derefParameter(parameter, parentRefs, resolver, basePath); shouldStopOnError(err, resolver.options) {
+		return err
+	}
+	parameter.Ref = Ref{}
+
+	parentRefs = parentRefs[0:]
 	if !resolver.options.SkipSchemas && parameter.Schema != nil {
 		parentRefs = append(parentRefs, parameter.Schema.Ref.String())
-		if err := resolver.Resolve(&parameter.Schema.Ref, &parameter.Schema); shouldStopOnError(err, resolver.options) {
-			return err
-		}
-		s, err := expandSchema(*parameter.Schema, parentRefs, resolver)
+		s, err := expandSchema(*parameter.Schema, parentRefs, resolver, basePath)
 		if shouldStopOnError(err, resolver.options) {
 			return err
 		}
-		resolver.reset()
 		*parameter.Schema = *s
 	}
 	return nil
diff --git a/vendor/github.com/go-openapi/spec/items.go b/vendor/github.com/go-openapi/spec/items.go
index 46944fb699f3..492423ef7fd5 100644
--- a/vendor/github.com/go-openapi/spec/items.go
+++ b/vendor/github.com/go-openapi/spec/items.go
@@ -28,6 +28,7 @@ type SimpleSchema struct {
 	Items            *Items      `json:"items,omitempty"`
 	CollectionFormat string      `json:"collectionFormat,omitempty"`
 	Default          interface{} `json:"default,omitempty"`
+	Example          interface{} `json:"example,omitempty"`
 }
 
 func (s *SimpleSchema) TypeName() string {
@@ -178,9 +179,14 @@ func (i *Items) UnmarshalJSON(data []byte) error {
 	if err := json.Unmarshal(data, &simpleSchema); err != nil {
 		return err
 	}
+	var vendorExtensible VendorExtensible
+	if err := json.Unmarshal(data, &vendorExtensible); err != nil {
+		return err
+	}
 	i.Refable = ref
 	i.CommonValidations = validations
 	i.SimpleSchema = simpleSchema
+	i.VendorExtensible = vendorExtensible
 	return nil
 }
 
@@ -198,7 +204,11 @@ func (i Items) MarshalJSON() ([]byte, error) {
 	if err != nil {
 		return nil, err
 	}
-	return swag.ConcatJSON(b3, b1, b2), nil
+	b4, err := json.Marshal(i.VendorExtensible)
+	if err != nil {
+		return nil, err
+	}
+	return swag.ConcatJSON(b4, b3, b1, b2), nil
 }
 
 // JSONLookup look up a value by the json property name
diff --git a/vendor/github.com/go-openapi/spec/operation.go b/vendor/github.com/go-openapi/spec/operation.go
index de1db6f0201f..e698f9e8acfb 100644
--- a/vendor/github.com/go-openapi/spec/operation.go
+++ b/vendor/github.com/go-openapi/spec/operation.go
@@ -31,11 +31,36 @@ type OperationProps struct {
 	ExternalDocs *ExternalDocumentation `json:"externalDocs,omitempty"`
 	ID           string                 `json:"operationId,omitempty"`
 	Deprecated   bool                   `json:"deprecated,omitempty"`
-	Security     []map[string][]string  `json:"security,omitempty"`
+	Security     []map[string][]string  `json:"security,omitempty"` //Special case, see MarshalJSON function
 	Parameters   []Parameter            `json:"parameters,omitempty"`
 	Responses    *Responses             `json:"responses,omitempty"`
 }
 
+// MarshalJSON takes care of serializing operation properties to JSON
+//
+// We use a custom marhaller here to handle a special cases related
+// the Security field. We need to preserve zero length slice
+// while omiting the field when the value is nil/unset.
+func (op OperationProps) MarshalJSON() ([]byte, error) {
+	type Alias OperationProps
+	if op.Security == nil {
+		return json.Marshal(&struct {
+			Security []map[string][]string `json:"security,omitempty"`
+			*Alias
+		}{
+			Security: op.Security,
+			Alias:    (*Alias)(&op),
+		})
+	}
+	return json.Marshal(&struct {
+		Security []map[string][]string `json:"security"`
+		*Alias
+	}{
+		Security: op.Security,
+		Alias:    (*Alias)(&op),
+	})
+}
+
 // Operation describes a single API operation on a path.
 //
 // For more information: http://goo.gl/8us55a#operationObject
diff --git a/vendor/github.com/go-openapi/spec/ref.go b/vendor/github.com/go-openapi/spec/ref.go
index 4833b87e2fef..1405bfd8ee2b 100644
--- a/vendor/github.com/go-openapi/spec/ref.go
+++ b/vendor/github.com/go-openapi/spec/ref.go
@@ -145,7 +145,10 @@ func (r *Ref) UnmarshalJSON(d []byte) error {
 	if err := json.Unmarshal(d, &v); err != nil {
 		return err
 	}
+	return r.fromMap(v)
+}
 
+func (r *Ref) fromMap(v map[string]interface{}) error {
 	if v == nil {
 		return nil
 	}
diff --git a/vendor/github.com/go-openapi/spec/schema.go b/vendor/github.com/go-openapi/spec/schema.go
index 1cdcc163f1b6..05c1a4aa0eef 100644
--- a/vendor/github.com/go-openapi/spec/schema.go
+++ b/vendor/github.com/go-openapi/spec/schema.go
@@ -135,6 +135,10 @@ func (r *SchemaURL) UnmarshalJSON(data []byte) error {
 	if err := json.Unmarshal(data, &v); err != nil {
 		return err
 	}
+	return r.fromMap(v)
+}
+
+func (r *SchemaURL) fromMap(v map[string]interface{}) error {
 	if v == nil {
 		return nil
 	}
@@ -582,18 +586,17 @@ func (s Schema) MarshalJSON() ([]byte, error) {
 
 // UnmarshalJSON marshal this from JSON
 func (s *Schema) UnmarshalJSON(data []byte) error {
-	var sch Schema
-	if err := json.Unmarshal(data, &sch.SchemaProps); err != nil {
+	props := struct {
+		SchemaProps
+		SwaggerSchemaProps
+	}{}
+	if err := json.Unmarshal(data, &props); err != nil {
 		return err
 	}
-	if err := json.Unmarshal(data, &sch.Ref); err != nil {
-		return err
-	}
-	if err := json.Unmarshal(data, &sch.Schema); err != nil {
-		return err
-	}
-	if err := json.Unmarshal(data, &sch.SwaggerSchemaProps); err != nil {
-		return err
+
+	sch := Schema{
+		SchemaProps:        props.SchemaProps,
+		SwaggerSchemaProps: props.SwaggerSchemaProps,
 	}
 
 	var d map[string]interface{}
@@ -601,6 +604,9 @@ func (s *Schema) UnmarshalJSON(data []byte) error {
 		return err
 	}
 
+	sch.Ref.fromMap(d)
+	sch.Schema.fromMap(d)
+
 	delete(d, "$ref")
 	delete(d, "$schema")
 	for _, pn := range swag.DefaultJSONNameProvider.GetJSONNames(s) {
diff --git a/vendor/github.com/go-openapi/validate/.drone.sec b/vendor/github.com/go-openapi/validate/.drone.sec
deleted file mode 100644
index 64bfa2ef6e96..000000000000
--- a/vendor/github.com/go-openapi/validate/.drone.sec
+++ /dev/null
@@ -1 +0,0 @@
-eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkExMjhHQ00ifQ.lisG21ATunZSCBP6vaqK_AZCIR18tN563RdqkAb6PGOipqTeg8R7VwZQIeDqS-2Vond6NX_KSC_D_uxxv0hBf2DiGXmwMUmP4nRXrsmbzT2qQKKIHYRDC_6jb2-FSfK14ezIe1Q07UiiJecDsN3CFEccS8E68Tdnp78p7yDwbTvpumnZmwYfyhlImtjFQv2YpyFVsjEHWK0R4e9T3ONQWcx6D2rSoxABbutrS03QwsJhHCeD9joL_gxfkFKm3CW8yWPSk2QYtx_Q1hu-tZR4IPb2tQPXPX3mtyhwBqziWgmJRDFCEjlCO5aCobiMm_9K5X05gue_DcgW163zh1P9jg.nleER2An8CUn_OuR.b77RFEFp0gC8j5yCAoARNKYmQIvWq99ibmf5ffJgdhQBF3sRYJLt_XflJ_2lsaiFOxvc45T2fnkMVy2lHFcri7F9f1BRiT_0AcDthxsecGzG8BZ9QvaM6b4Dn0rhjrOq8rsF0m3ZnbPBkkg3LV5EkbHWstMo2fgJPJhJswlGWhqJPJBDecG1nMBC8SMH32X-zVlSM-BLiaghvOGNxyb_RLZJZ3CLczIdQ2JO2UeYkOGCPGzernvkHDMpqQXc-8cmulDdHgCy87qFLy5ttGFgYbnTm92h_ChOGKZixeX0PL0pQY5wXd2xTO7Tg_Ov5E5FoVwIkwOextedVsF9iz_b_mwtCY3LXrvbJTW7zWrwBVsVyAXxT5iu0HyQ3tBVxT2GxS-yM5ApqLozcZCQg9flMyfSgThu82FfzEr0fI5vKw8zo0GdO4GBuVSppM9m6ToG6hlwyHD9g2YTZw9068hyq1_kZQhugJRjgGbpa2gyGqzx16fg0zVoupVIiq5KfvRlAQFeOVVjQwb0BWf25tJUj5tV3O9ge6dbKSXizEca33FJJwJWoXhd7DCREXUU9pBz06NCCf495BGoVbq3oLPDQc2mpcuy0XAPxSwXcc5Ts8DNs7MrxBlYdw81wMXuztIpOY4.XjKlMWl_H40XszToi2VU5g
\ No newline at end of file
diff --git a/vendor/github.com/go-openapi/validate/.drone.yml b/vendor/github.com/go-openapi/validate/.drone.yml
deleted file mode 100644
index cfe9c7c30055..000000000000
--- a/vendor/github.com/go-openapi/validate/.drone.yml
+++ /dev/null
@@ -1,40 +0,0 @@
-clone:
-  path: github.com/go-openapi/validate
-
-matrix:
-  GO_VERSION:
-    - "1.6"
-
-build:
-  integration:
-    image: golang:$$GO_VERSION
-    pull: true
-    commands:
-      - go get -u github.com/axw/gocov/gocov
-      - go get -u gopkg.in/matm/v1/gocov-html
-      - go get -u github.com/cee-dub/go-junit-report
-      - go get -u github.com/stretchr/testify/assert
-      - go get -u gopkg.in/yaml.v2
-      - go get -u github.com/go-openapi/analysis
-      - go get -u github.com/go-openapi/errors
-      - go get -u github.com/go-openapi/loads
-      - go get -u github.com/go-openapi/strfmt
-      - go get -u github.com/go-openapi/runtime
-      - go test -race
-      - go test -v -cover -coverprofile=coverage.out -covermode=count
-
-notify:
-  slack:
-    channel: bots
-    webhook_url: $$SLACK_URL
-    username: drone
-
-publish:
-  coverage:
-    server: https://coverage.vmware.run
-    token: $$GITHUB_TOKEN
-    # threshold: 70
-    # must_increase: true
-    when:
-      matrix:
-        GO_VERSION: "1.6"
diff --git a/vendor/github.com/go-openapi/validate/.pullapprove.yml b/vendor/github.com/go-openapi/validate/.pullapprove.yml
deleted file mode 100644
index 5ec183e22442..000000000000
--- a/vendor/github.com/go-openapi/validate/.pullapprove.yml
+++ /dev/null
@@ -1,13 +0,0 @@
-approve_by_comment: true
-approve_regex: '^(:shipit:|:\+1:|\+1|LGTM|lgtm|Approved)'
-reject_regex: ^[Rr]ejected
-reset_on_push: false
-reviewers:
-  members:
-  - casualjim
-  - chancez
-  - frapposelli
-  - vburenin
-  - pytlesk4
-  name: pullapprove
-  required: 1
diff --git a/vendor/github.com/go-openapi/validate/.travis.yml b/vendor/github.com/go-openapi/validate/.travis.yml
new file mode 100644
index 000000000000..6eeb6f626757
--- /dev/null
+++ b/vendor/github.com/go-openapi/validate/.travis.yml
@@ -0,0 +1,22 @@
+language: go
+go:
+- 1.7
+install:
+- go get -u github.com/axw/gocov/gocov
+- go get -u gopkg.in/matm/v1/gocov-html
+- go get -u github.com/cee-dub/go-junit-report
+- go get -u github.com/stretchr/testify/assert
+- go get -u github.com/kr/pretty
+- go get -u gopkg.in/yaml.v2
+- go get -u github.com/go-openapi/analysis
+- go get -u github.com/go-openapi/errors
+- go get -u github.com/go-openapi/loads
+- go get -u github.com/go-openapi/strfmt
+- go get -u github.com/go-openapi/runtime
+script:
+- go test -v -race -cover -coverprofile=coverage.txt -covermode=atomic
+after_success:
+- bash <(curl -s https://codecov.io/bash)
+notifications:
+  slack:
+    secure: EmObnQuM9Mw8J9vpFaKKHqSMN4Wsr/A9+v7ewAD5cEhA0T1P4m7MbJMiJOhxUhj/X+BFh2DamW+P2lT8mybj5wg8wnkQ2BteKA8Tawi6f9PRw2NRheO8tAi8o/npLnlmet0kc93mn+oLuqHw36w4+j5mkOl2FghkfGiUVhwrhkCP7KXQN+3TU87e+/HzQumlJ3nsE+6terVxkH3PmaUTsS5ONaODZfuxFpfb7RsoEl3skHf6d+tr+1nViLxxly7558Nc33C+W1mr0qiEvMLZ+kJ/CpGWBJ6CUJM3jm6hNe2eMuIPwEK2hxZob8c7n22VPap4K6a0bBRoydoDXaba+2sD7Ym6ivDO/DVyL44VeBBLyIiIBylDGQdZH+6SoWm90Qe/i7tnY/T5Ao5igT8f3cfQY1c3EsTfqmlDfrhmACBmwSlgkdVBLTprHL63JMY24LWmh4jhxsmMRZhCL4dze8su1w6pLN/pD1pGHtKYCEVbdTmaM3PblNRFf12XB7qosmQsgUndH4Vq3bTbU0s1pKjeDhRyLvFzvR0TBbo0pDLEoF1A/i5GVFWa7yLZNUDudQERRh7qv/xBl2excIaQ1sV4DSVm7bAE9l6Kp+yeHQJW2uN6Y3X8wu9gB9nv9l5HBze7wh8KE6PyWAOLYYqZg9/sAtsv/2GcQqXcKFF1zcA=
diff --git a/vendor/github.com/go-openapi/validate/README.md b/vendor/github.com/go-openapi/validate/README.md
index 7e7831c9ea41..e3bfc622be26 100644
--- a/vendor/github.com/go-openapi/validate/README.md
+++ b/vendor/github.com/go-openapi/validate/README.md
@@ -1,3 +1,3 @@
-# Validation helpers [![Build Status](https://ci.vmware.run/api/badges/go-openapi/validate/status.svg)](https://ci.vmware.run/go-openapi/validate) [![Coverage](https://coverage.vmware.run/badges/go-openapi/validate/coverage.svg)](https://coverage.vmware.run/go-openapi/validate) [![Slack Status](https://slackin.goswagger.io/badge.svg)](https://slackin.goswagger.io)
+# Validation helpers [![Build Status](https://travis-ci.org/go-openapi/validate.svg?branch=master)](https://travis-ci.org/go-openapi/validate) [![codecov](https://codecov.io/gh/go-openapi/validate/branch/master/graph/badge.svg)](https://codecov.io/gh/go-openapi/validate) [![Slack Status](https://slackin.goswagger.io/badge.svg)](https://slackin.goswagger.io)
 
 [![license](http://img.shields.io/badge/license-Apache%20v2-orange.svg)](https://raw.githubusercontent.com/go-openapi/validate/master/LICENSE) [![GoDoc](https://godoc.org/github.com/go-openapi/validate?status.svg)](http://godoc.org/github.com/go-openapi/validate)
diff --git a/vendor/github.com/go-openapi/validate/formats.go b/vendor/github.com/go-openapi/validate/formats.go
index f0e9f9039a14..294845aff387 100644
--- a/vendor/github.com/go-openapi/validate/formats.go
+++ b/vendor/github.com/go-openapi/validate/formats.go
@@ -15,6 +15,7 @@
 package validate
 
 import (
+	"log"
 	"reflect"
 
 	"github.com/go-openapi/spec"
@@ -51,7 +52,9 @@ func (f *formatValidator) Applies(source interface{}, kind reflect.Kind) bool {
 		return false
 	}
 	r := doit()
-	// fmt.Printf("schema props validator for %q applies %t for %T (kind: %v)\n", f.Path, r, source, kind)
+	if Debug {
+		log.Printf("format validator for %q applies %t for %T (kind: %v)\n", f.Path, r, source, kind)
+	}
 	return r
 }
 
diff --git a/vendor/github.com/go-openapi/validate/object_validator.go b/vendor/github.com/go-openapi/validate/object_validator.go
index 7caff230c514..0dd580288dfe 100644
--- a/vendor/github.com/go-openapi/validate/object_validator.go
+++ b/vendor/github.com/go-openapi/validate/object_validator.go
@@ -15,8 +15,10 @@
 package validate
 
 import (
+	"log"
 	"reflect"
 	"regexp"
+	"strings"
 
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/spec"
@@ -45,10 +47,45 @@ func (o *objectValidator) Applies(source interface{}, kind reflect.Kind) bool {
 	// there is a problem in the type validator where it will be unhappy about null values
 	// so that requires more testing
 	r := reflect.TypeOf(source) == specSchemaType && (kind == reflect.Map || kind == reflect.Struct)
-	//fmt.Printf("object validator for %q applies %t for %T (kind: %v)\n", o.Path, r, source, kind)
+	if Debug {
+		log.Printf("object validator for %q applies %t for %T (kind: %v)\n", o.Path, r, source, kind)
+	}
 	return r
 }
 
+func (o *objectValidator) isPropertyName() bool {
+	p := strings.Split(o.Path, ".")
+	return p[len(p)-1] == "properties" && p[len(p)-2] != "properties"
+}
+func (o *objectValidator) checkArrayMustHaveItems(res *Result, val map[string]interface{}) {
+	if t, typeFound := val["type"]; typeFound {
+		if tpe, ok := t.(string); ok && tpe == "array" {
+			if _, itemsKeyFound := val["items"]; !itemsKeyFound {
+				res.AddErrors(errors.Required("items", o.Path))
+			}
+		}
+	}
+}
+
+func (o *objectValidator) checkItemsMustBeTypeArray(res *Result, val map[string]interface{}) {
+	if !o.isPropertyName() {
+		if _, itemsKeyFound := val["items"]; itemsKeyFound {
+			t, typeFound := val["type"]
+			if typeFound {
+				if tpe, ok := t.(string); !ok || tpe != "array" {
+					res.AddErrors(errors.InvalidType(o.Path, o.In, "array", nil))
+				}
+			} else {
+				// there is no type
+				res.AddErrors(errors.Required("type", o.Path))
+			}
+		}
+	}
+}
+func (o *objectValidator) precheck(res *Result, val map[string]interface{}) {
+	o.checkArrayMustHaveItems(res, val)
+	o.checkItemsMustBeTypeArray(res, val)
+}
 func (o *objectValidator) Validate(data interface{}) *Result {
 	val := data.(map[string]interface{})
 	numKeys := int64(len(val))
@@ -61,14 +98,8 @@ func (o *objectValidator) Validate(data interface{}) *Result {
 	}
 
 	res := new(Result)
-	if len(o.Required) > 0 {
-		for _, k := range o.Required {
-			if _, ok := val[k]; !ok {
-				res.AddErrors(errors.Required(o.Path+"."+k, o.In))
-				continue
-			}
-		}
-	}
+
+	o.precheck(res, val)
 
 	if o.AdditionalProperties != nil && !o.AdditionalProperties.Allows {
 		for k := range val {
@@ -99,6 +130,8 @@ func (o *objectValidator) Validate(data interface{}) *Result {
 		}
 	}
 
+	createdFromDefaults := map[string]bool{}
+
 	for pName, pSchema := range o.Properties {
 		rName := pName
 		if o.Path != "" {
@@ -106,7 +139,24 @@ func (o *objectValidator) Validate(data interface{}) *Result {
 		}
 
 		if v, ok := val[pName]; ok {
-			res.Merge(NewSchemaValidator(&pSchema, o.Root, rName, o.KnownFormats).Validate(v))
+			r := NewSchemaValidator(&pSchema, o.Root, rName, o.KnownFormats).Validate(v)
+			res.Merge(r)
+		} else if pSchema.Default != nil {
+			createdFromDefaults[pName] = true
+			pName := pName // shaddow
+			def := pSchema.Default
+			res.Defaulters = append(res.Defaulters, DefaulterFunc(func() {
+				val[pName] = def
+			}))
+		}
+	}
+
+	if len(o.Required) > 0 {
+		for _, k := range o.Required {
+			if _, ok := val[k]; !ok && !createdFromDefaults[k] {
+				res.AddErrors(errors.Required(o.Path+"."+k, o.In))
+				continue
+			}
 		}
 	}
 
@@ -137,9 +187,6 @@ func (o *objectValidator) validatePatternProperty(key string, value interface{},
 
 			res := validator.Validate(value)
 			result.Merge(res)
-			if res.IsValid() {
-				succeededOnce = true
-			}
 		}
 	}
 
diff --git a/vendor/github.com/go-openapi/validate/result.go b/vendor/github.com/go-openapi/validate/result.go
index d8f71e9468bd..7b58e50df717 100644
--- a/vendor/github.com/go-openapi/validate/result.go
+++ b/vendor/github.com/go-openapi/validate/result.go
@@ -14,12 +14,32 @@
 
 package validate
 
-import "github.com/go-openapi/errors"
+import (
+	"os"
+
+	"github.com/go-openapi/errors"
+)
+
+var (
+	// Debug is true when the SWAGGER_DEBUG env var is not empty
+	Debug = os.Getenv("SWAGGER_DEBUG") != ""
+)
+
+type Defaulter interface {
+	Apply()
+}
+
+type DefaulterFunc func()
+
+func (f DefaulterFunc) Apply() {
+	f()
+}
 
 // Result represents a validation result
 type Result struct {
 	Errors     []error
 	MatchCount int
+	Defaulters []Defaulter
 }
 
 // Merge merges this result with the other one, preserving match counts etc
@@ -29,11 +49,13 @@ func (r *Result) Merge(other *Result) *Result {
 	}
 	r.AddErrors(other.Errors...)
 	r.MatchCount += other.MatchCount
+	r.Defaulters = append(r.Defaulters, other.Defaulters...)
 	return r
 }
 
 // AddErrors adds errors to this validation result
 func (r *Result) AddErrors(errors ...error) {
+	// TODO: filter already existing errors
 	r.Errors = append(r.Errors, errors...)
 }
 
@@ -59,3 +81,9 @@ func (r *Result) AsError() error {
 	}
 	return errors.CompositeValidationError(r.Errors...)
 }
+
+func (r *Result) ApplyDefaults() {
+	for _, d := range r.Defaulters {
+		d.Apply()
+	}
+}
diff --git a/vendor/github.com/go-openapi/validate/schema.go b/vendor/github.com/go-openapi/validate/schema.go
index 8bf7d3bcc9bb..f859c6d6309e 100644
--- a/vendor/github.com/go-openapi/validate/schema.go
+++ b/vendor/github.com/go-openapi/validate/schema.go
@@ -15,6 +15,8 @@
 package validate
 
 import (
+	"encoding/json"
+	"log"
 	"reflect"
 
 	"github.com/go-openapi/spec"
@@ -80,12 +82,16 @@ func (s *SchemaValidator) Applies(source interface{}, kind reflect.Kind) bool {
 
 // Validate validates the data against the schema
 func (s *SchemaValidator) Validate(data interface{}) *Result {
+	result := new(Result)
+	if s == nil {
+		return result
+	}
+
 	if data == nil {
 		v := s.validators[0].Validate(data)
 		v.Merge(s.validators[6].Validate(data))
 		return v
 	}
-	result := new(Result)
 
 	tpe := reflect.TypeOf(data)
 	kind := tpe.Kind()
@@ -98,8 +104,35 @@ func (s *SchemaValidator) Validate(data interface{}) *Result {
 		d = swag.ToDynamicJSON(data)
 	}
 
+	isnumber := s.Schema.Type.Contains("number") || s.Schema.Type.Contains("integer")
+	if num, ok := data.(json.Number); ok && isnumber {
+		if s.Schema.Type.Contains("integer") { // avoid lossy conversion
+			in, erri := num.Int64()
+			if erri != nil {
+				result.AddErrors(erri)
+				result.Inc()
+				return result
+			}
+			d = in
+		} else {
+			nf, errf := num.Float64()
+			if errf != nil {
+				result.AddErrors(errf)
+				result.Inc()
+				return result
+			}
+			d = nf
+		}
+
+		tpe = reflect.TypeOf(d)
+		kind = tpe.Kind()
+	}
+
 	for _, v := range s.validators {
 		if !v.Applies(s.Schema, kind) {
+			if Debug {
+				log.Printf("%T does not apply for %v", v, kind)
+			}
 			continue
 		}
 
@@ -117,10 +150,9 @@ func (s *SchemaValidator) typeValidator() valueValidator {
 
 func (s *SchemaValidator) commonValidator() valueValidator {
 	return &basicCommonValidator{
-		Path:    s.Path,
-		In:      s.in,
-		Default: s.Schema.Default,
-		Enum:    s.Schema.Enum,
+		Path: s.Path,
+		In:   s.in,
+		Enum: s.Schema.Enum,
 	}
 }
 
@@ -155,7 +187,6 @@ func (s *SchemaValidator) stringValidator() valueValidator {
 	return &stringValidator{
 		Path:      s.Path,
 		In:        s.in,
-		Default:   s.Schema.Default,
 		MaxLength: s.Schema.MaxLength,
 		MinLength: s.Schema.MinLength,
 		Pattern:   s.Schema.Pattern,
@@ -164,9 +195,8 @@ func (s *SchemaValidator) stringValidator() valueValidator {
 
 func (s *SchemaValidator) formatValidator() valueValidator {
 	return &formatValidator{
-		Path: s.Path,
-		In:   s.in,
-		//Default:      s.Schema.Default,
+		Path:         s.Path,
+		In:           s.in,
 		Format:       s.Schema.Format,
 		KnownFormats: s.KnownFormats,
 	}
diff --git a/vendor/github.com/go-openapi/validate/schema_props.go b/vendor/github.com/go-openapi/validate/schema_props.go
index feff6d6a37a6..5d8ed404521c 100644
--- a/vendor/github.com/go-openapi/validate/schema_props.go
+++ b/vendor/github.com/go-openapi/validate/schema_props.go
@@ -15,6 +15,7 @@
 package validate
 
 import (
+	"log"
 	"reflect"
 
 	"github.com/go-openapi/errors"
@@ -80,12 +81,15 @@ func newSchemaPropsValidator(path string, in string, allOf, oneOf, anyOf []spec.
 
 func (s *schemaPropsValidator) Applies(source interface{}, kind reflect.Kind) bool {
 	r := reflect.TypeOf(source) == specSchemaType
-	// fmt.Printf("schema props validator for %q applies %t for %T (kind: %v)\n", s.Path, r, source, kind)
+	if Debug {
+		log.Printf("schema props validator for %q applies %t for %T (kind: %v)\n", s.Path, r, source, kind)
+	}
 	return r
 }
 
 func (s *schemaPropsValidator) Validate(data interface{}) *Result {
 	mainResult := new(Result)
+	var firstSuccess *Result
 	if len(s.anyOfValidators) > 0 {
 		var bestFailures *Result
 		succeededOnce := false
@@ -94,6 +98,9 @@ func (s *schemaPropsValidator) Validate(data interface{}) *Result {
 			if result.IsValid() {
 				bestFailures = nil
 				succeededOnce = true
+				if firstSuccess == nil {
+					firstSuccess = result
+				}
 				break
 			}
 			if bestFailures == nil || result.MatchCount > bestFailures.MatchCount {
@@ -106,11 +113,14 @@ func (s *schemaPropsValidator) Validate(data interface{}) *Result {
 		}
 		if bestFailures != nil {
 			mainResult.Merge(bestFailures)
+		} else if firstSuccess != nil {
+			mainResult.Merge(firstSuccess)
 		}
 	}
 
 	if len(s.oneOfValidators) > 0 {
 		var bestFailures *Result
+		var firstSuccess *Result
 		validated := 0
 
 		for _, oneOfSchema := range s.oneOfValidators {
@@ -118,6 +128,9 @@ func (s *schemaPropsValidator) Validate(data interface{}) *Result {
 			if result.IsValid() {
 				validated++
 				bestFailures = nil
+				if firstSuccess == nil {
+					firstSuccess = result
+				}
 				continue
 			}
 			if validated == 0 && (bestFailures == nil || result.MatchCount > bestFailures.MatchCount) {
@@ -130,6 +143,8 @@ func (s *schemaPropsValidator) Validate(data interface{}) *Result {
 			if bestFailures != nil {
 				mainResult.Merge(bestFailures)
 			}
+		} else if firstSuccess != nil {
+			mainResult.Merge(firstSuccess)
 		}
 	}
 
diff --git a/vendor/github.com/go-openapi/validate/slice_validator.go b/vendor/github.com/go-openapi/validate/slice_validator.go
index 8371061535d2..2665a0ffe99b 100644
--- a/vendor/github.com/go-openapi/validate/slice_validator.go
+++ b/vendor/github.com/go-openapi/validate/slice_validator.go
@@ -67,6 +67,9 @@ func (s *schemaSliceValidator) Validate(data interface{}) *Result {
 		itemsSize = int64(len(s.Items.Schemas))
 		for i := int64(0); i < itemsSize; i++ {
 			validator := NewSchemaValidator(&s.Items.Schemas[i], s.Root, fmt.Sprintf("%s.%d", s.Path, i), s.KnownFormats)
+			if val.Len() <= int(i) {
+				break
+			}
 			result.Merge(validator.Validate(val.Index(int(i)).Interface()))
 		}
 
diff --git a/vendor/github.com/go-openapi/validate/spec.go b/vendor/github.com/go-openapi/validate/spec.go
index 938bc5bf907f..2f1d7028695c 100644
--- a/vendor/github.com/go-openapi/validate/spec.go
+++ b/vendor/github.com/go-openapi/validate/spec.go
@@ -19,6 +19,7 @@ import (
 	"fmt"
 	"log"
 	"regexp"
+	"strconv"
 	"strings"
 
 	"github.com/go-openapi/analysis"
@@ -193,6 +194,13 @@ func (s *SpecValidator) validateDuplicatePropertyNames() *Result {
 	return res
 }
 
+func (s *SpecValidator) resolveRef(ref *spec.Ref) (*spec.Schema, error) {
+	if s.spec.SpecFilePath() != "" {
+		return spec.ResolveRefWithBase(s.spec.Spec(), ref, &spec.ExpandOptions{RelativeBase: s.spec.SpecFilePath()})
+	}
+	return spec.ResolveRef(s.spec.Spec(), ref)
+}
+
 func (s *SpecValidator) validateSchemaPropertyNames(nm string, sch spec.Schema, knowns map[string]struct{}) []dupProp {
 	var dups []dupProp
 
@@ -200,7 +208,7 @@ func (s *SpecValidator) validateSchemaPropertyNames(nm string, sch spec.Schema,
 	schc := &sch
 	for schc.Ref.String() != "" {
 		// gather property names
-		reso, err := spec.ResolveRef(s.spec.Spec(), &schc.Ref)
+		reso, err := s.resolveRef(&schc.Ref)
 		if err != nil {
 			panic(err)
 		}
@@ -236,7 +244,7 @@ func (s *SpecValidator) validateCircularAncestry(nm string, sch spec.Schema, kno
 	schn := nm
 	schc := &sch
 	for schc.Ref.String() != "" {
-		reso, err := spec.ResolveRef(s.spec.Spec(), &schc.Ref)
+		reso, err := s.resolveRef(&schc.Ref)
 		if err != nil {
 			panic(err)
 		}
@@ -335,15 +343,15 @@ func (s *SpecValidator) validateSchemaItems(schema spec.Schema, prefix, opID str
 		return errors.New(422, "%s for %q is a collection without an element type", prefix, opID)
 	}
 
-	schemas := schema.Items.Schemas
 	if schema.Items.Schema != nil {
-		schemas = []spec.Schema{*schema.Items.Schema}
-	}
-	for _, sch := range schemas {
-		if err := s.validateSchemaItems(sch, prefix, opID); err != nil {
-			return err
+		schema = *schema.Items.Schema
+		if _, err := regexp.Compile(schema.Pattern); err != nil {
+			return errors.New(422, "%s for %q has invalid items pattern: %q", prefix, opID, schema.Pattern)
 		}
+
+		return s.validateSchemaItems(schema, prefix, opID)
 	}
+
 	return nil
 }
 
@@ -524,8 +532,15 @@ func (s *SpecValidator) validateParameters() *Result {
 			}
 			var fromPath []string
 			for _, i := range params {
-				fromPath = append(fromPath, knowns[i])
-				knowns[i] = "!"
+				knownsi := knowns[i]
+				iparams := extractPathParams(knownsi)
+				if len(iparams) > 0 {
+					fromPath = append(fromPath, iparams...)
+					for _, iparam := range iparams {
+						knownsi = strings.Replace(knownsi, iparam, "!", 1)
+					}
+					knowns[i] = knownsi
+				}
 			}
 			knownPath := strings.Join(knowns, "/")
 			if orig, ok := knownPaths[knownPath]; ok {
@@ -544,7 +559,9 @@ func (s *SpecValidator) validateParameters() *Result {
 				for pr.Ref.String() != "" {
 					obj, _, err := pr.Ref.GetPointer().Get(sw)
 					if err != nil {
-						log.Println(err)
+						if Debug {
+							log.Println(err)
+						}
 						res.AddErrors(err)
 						break PARAMETERS
 					}
@@ -575,6 +592,10 @@ func (s *SpecValidator) validateParameters() *Result {
 					pr = obj.(spec.Parameter)
 				}
 
+				if _, err := regexp.Compile(pr.Pattern); err != nil {
+					res.AddErrors(errors.New(422, "operation %q has invalid pattern in param %q: %q", op.ID, pr.Name, pr.Pattern))
+				}
+
 				if pr.In == "body" {
 					if firstBodyParam != "" {
 						res.AddErrors(errors.New(422, "operation %q has more than 1 body param (accepted: %q, dropped: %q)", op.ID, firstBodyParam, pr.Name))
@@ -595,18 +616,35 @@ func (s *SpecValidator) validateParameters() *Result {
 func parsePath(path string) (segments []string, params []int) {
 	for i, p := range strings.Split(path, "/") {
 		segments = append(segments, p)
-		if len(p) > 0 && p[0] == '{' && p[len(p)-1] == '}' {
+		if d0 := strings.Index(p, "{"); d0 >= 0 && d0 < strings.Index(p, "}") {
 			params = append(params, i)
 		}
 	}
 	return
 }
 
+func extractPathParams(segment string) (params []string) {
+	for {
+		d0 := strings.IndexByte(segment, '{')
+		if d0 < 0 {
+			break
+		}
+		d1 := strings.IndexByte(segment[d0:], '}')
+		if d1 > 0 {
+			params = append(params, segment[d0:d0+d1+1])
+		} else {
+			break
+		}
+		segment = segment[d1:]
+	}
+	return params
+}
+
 func (s *SpecValidator) validateReferencesValid() *Result {
 	// each reference must point to a valid object
 	res := new(Result)
 	for _, r := range s.analyzer.AllRefs() {
-		if !r.IsValidURI() {
+		if !r.IsValidURI(s.spec.SpecFilePath()) {
 			res.AddErrors(errors.New(404, "invalid ref %q", r.String()))
 		}
 	}
@@ -698,7 +736,9 @@ func (s *SpecValidator) validateDefaultValueValidAgainstSchema() *Result {
 				}
 				// check simple paramters first
 				if param.Default != nil && param.Schema == nil {
-					//fmt.Println(param.Name, "in", param.In, "has a default without a schema")
+					if Debug {
+						log.Println(param.Name, "in", param.In, "has a default without a schema")
+					}
 					// check param valid
 					res.Merge(NewParamValidator(&param, s.KnownFormats).Validate(param.Default))
 				}
@@ -721,9 +761,15 @@ func (s *SpecValidator) validateDefaultValueValidAgainstSchema() *Result {
 					if h.Items != nil {
 						res.Merge(s.validateDefaultValueItemsAgainstSchema(nm, "header", &h, h.Items))
 					}
+					if _, err := regexp.Compile(h.Pattern); err != nil {
+						res.AddErrors(errors.New(422, "operation %q has invalid pattern in default header %q: %q", op.ID, nm, h.Pattern))
+					}
+				}
+				if dr.Schema != nil {
+					res.Merge(s.validateDefaultValueSchemaAgainstSchema("default", "response", dr.Schema))
 				}
 			}
-			for _, r := range op.Responses.StatusCodeResponses {
+			for code, r := range op.Responses.StatusCodeResponses {
 				for nm, h := range r.Headers {
 					if h.Default != nil {
 						res.Merge(NewHeaderValidator(nm, &h, s.KnownFormats).Validate(h.Default))
@@ -731,6 +777,12 @@ func (s *SpecValidator) validateDefaultValueValidAgainstSchema() *Result {
 					if h.Items != nil {
 						res.Merge(s.validateDefaultValueItemsAgainstSchema(nm, "header", &h, h.Items))
 					}
+					if _, err := regexp.Compile(h.Pattern); err != nil {
+						res.AddErrors(errors.New(422, "operation %q has invalid pattern in %v's header %q: %q", op.ID, code, nm, h.Pattern))
+					}
+				}
+				if r.Schema != nil {
+					res.Merge(s.validateDefaultValueSchemaAgainstSchema(strconv.Itoa(code), "response", r.Schema))
 				}
 			}
 
@@ -758,6 +810,9 @@ func (s *SpecValidator) validateDefaultValueSchemaAgainstSchema(path, in string,
 				res.Merge(s.validateDefaultValueSchemaAgainstSchema(fmt.Sprintf("%s.items[%d]", path, i), in, &sch))
 			}
 		}
+		if _, err := regexp.Compile(schema.Pattern); err != nil {
+			res.AddErrors(errors.New(422, "%s in %s has invalid pattern: %q", path, in, schema.Pattern))
+		}
 		if schema.AdditionalItems != nil && schema.AdditionalItems.Schema != nil {
 			res.Merge(s.validateDefaultValueSchemaAgainstSchema(fmt.Sprintf("%s.additionalItems", path), in, schema.AdditionalItems.Schema))
 		}
@@ -787,6 +842,9 @@ func (s *SpecValidator) validateDefaultValueItemsAgainstSchema(path, in string,
 		if items.Items != nil {
 			res.Merge(s.validateDefaultValueItemsAgainstSchema(path+"[0]", in, root, items.Items))
 		}
+		if _, err := regexp.Compile(items.Pattern); err != nil {
+			res.AddErrors(errors.New(422, "%s in %s has invalid pattern: %q", path, in, items.Pattern))
+		}
 	}
 	return res
 }
diff --git a/vendor/github.com/go-openapi/validate/type.go b/vendor/github.com/go-openapi/validate/type.go
index 0a5f4a2932ae..3ae31f087a51 100644
--- a/vendor/github.com/go-openapi/validate/type.go
+++ b/vendor/github.com/go-openapi/validate/type.go
@@ -15,6 +15,7 @@
 package validate
 
 import (
+	"log"
 	"reflect"
 	"strings"
 
@@ -32,16 +33,6 @@ type typeValidator struct {
 	Path   string
 }
 
-var jsonTypeNames = map[string]struct{}{
-	"array":   struct{}{},
-	"boolean": struct{}{},
-	"integer": struct{}{},
-	"null":    struct{}{},
-	"number":  struct{}{},
-	"object":  struct{}{},
-	"string":  struct{}{},
-}
-
 func (t *typeValidator) schemaInfoForType(data interface{}) (string, string) {
 	switch data.(type) {
 	case []byte:
@@ -121,7 +112,9 @@ func (t *typeValidator) SetPath(path string) {
 func (t *typeValidator) Applies(source interface{}, kind reflect.Kind) bool {
 	stpe := reflect.TypeOf(source)
 	r := (len(t.Type) > 0 || t.Format != "") && (stpe == specSchemaType || stpe == specParameterType || stpe == specHeaderType)
-	//fmt.Printf("type validator for %q applies %t for %T (kind: %v)\n", t.Path, r, source, kind)
+	if Debug {
+		log.Printf("type validator for %q applies %t for %T (kind: %v)\n", t.Path, r, source, kind)
+	}
 	return r
 }
 
@@ -140,7 +133,9 @@ func (t *typeValidator) Validate(data interface{}) *Result {
 	kind := val.Kind()
 
 	schType, format := t.schemaInfoForType(data)
-	//fmt.Println("path:", t.Path, "schType:", schType, "format:", format, "expType:", t.Type, "expFmt:", t.Format, "kind:", val.Kind().String())
+	if Debug {
+		log.Println("path:", t.Path, "schType:", schType, "format:", format, "expType:", t.Type, "expFmt:", t.Format, "kind:", val.Kind().String())
+	}
 	isLowerInt := t.Format == "int64" && format == "int32"
 	isLowerFloat := t.Format == "float64" && format == "float32"
 	isFloatInt := schType == "number" && swag.IsFloat64AJSONInteger(val.Float()) && t.Type.Contains("integer")
diff --git a/vendor/github.com/go-openapi/validate/update-fixtures.sh b/vendor/github.com/go-openapi/validate/update-fixtures.sh
new file mode 100755
index 000000000000..21b06e2b09a1
--- /dev/null
+++ b/vendor/github.com/go-openapi/validate/update-fixtures.sh
@@ -0,0 +1,15 @@
+#!/bin/bash 
+
+set -eu -o pipefail
+dir=$(git rev-parse --show-toplevel)
+scratch=$(mktemp -d -t tmp.XXXXXXXXXX)
+
+function finish {
+  rm -rf "$scratch"
+}
+trap finish EXIT SIGHUP SIGINT SIGTERM
+
+cd "$scratch"
+git clone https://github.com/json-schema-org/JSON-Schema-Test-Suite Suite
+cp -r Suite/tests/draft4/* "$dir/fixtures/jsonschema_suite"
+cp -a Suite/remotes "$dir/fixtures/jsonschema_suite"
diff --git a/vendor/github.com/go-openapi/validate/validator.go b/vendor/github.com/go-openapi/validate/validator.go
index 45675d28f31c..64a379fcde14 100644
--- a/vendor/github.com/go-openapi/validate/validator.go
+++ b/vendor/github.com/go-openapi/validate/validator.go
@@ -16,6 +16,7 @@ package validate
 
 import (
 	"fmt"
+	"log"
 	"reflect"
 
 	"github.com/go-openapi/errors"
@@ -156,8 +157,15 @@ func (b *basicCommonValidator) Applies(source interface{}, kind reflect.Kind) bo
 func (b *basicCommonValidator) Validate(data interface{}) (res *Result) {
 	if len(b.Enum) > 0 {
 		for _, enumValue := range b.Enum {
-			if data != nil && reflect.DeepEqual(enumValue, data) {
-				return nil
+			actualType := reflect.TypeOf(enumValue)
+			if actualType == nil {
+				continue
+			}
+			expectedValue := reflect.ValueOf(data)
+			if expectedValue.IsValid() && expectedValue.Type().ConvertibleTo(actualType) {
+				if reflect.DeepEqual(expectedValue.Convert(actualType).Interface(), enumValue) {
+					return nil
+				}
 			}
 		}
 		return sErr(errors.EnumFail(b.Path, b.In, data, b.Enum))
@@ -474,10 +482,14 @@ func (n *numberValidator) Applies(source interface{}, kind reflect.Kind) bool {
 		isInt := kind >= reflect.Int && kind <= reflect.Uint64
 		isFloat := kind == reflect.Float32 || kind == reflect.Float64
 		r := isInt || isFloat
-		// fmt.Printf("schema props validator for %q applies %t for %T (kind: %v)\n", n.Path, r, source, kind)
+		if Debug {
+			log.Printf("schema props validator for %q applies %t for %T (kind: %v)\n", n.Path, r, source, kind)
+		}
 		return r
 	}
-	// fmt.Printf("schema props validator for %q applies %t for %T (kind: %v)\n", n.Path, false, source, kind)
+	if Debug {
+		log.Printf("schema props validator for %q applies %t for %T (kind: %v)\n", n.Path, false, source, kind)
+	}
 	return false
 }
 
@@ -536,15 +548,22 @@ func (s *stringValidator) Applies(source interface{}, kind reflect.Kind) bool {
 	switch source.(type) {
 	case *spec.Parameter, *spec.Schema, *spec.Items, *spec.Header:
 		r := kind == reflect.String
-		// fmt.Printf("string validator for %q applies %t for %T (kind: %v)\n", s.Path, r, source, kind)
+		if Debug {
+			log.Printf("string validator for %q applies %t for %T (kind: %v)\n", s.Path, r, source, kind)
+		}
 		return r
 	}
-	// fmt.Printf("string validator for %q applies %t for %T (kind: %v)\n", s.Path, false, source, kind)
+	if Debug {
+		log.Printf("string validator for %q applies %t for %T (kind: %v)\n", s.Path, false, source, kind)
+	}
 	return false
 }
 
 func (s *stringValidator) Validate(val interface{}) *Result {
-	data := val.(string)
+	data, ok := val.(string)
+	if !ok {
+		return sErr(errors.InvalidType(s.Path, s.In, "string", val))
+	}
 
 	if s.Required && !s.AllowEmptyValue && (s.Default == nil || s.Default == "") {
 		if err := RequiredString(s.Path, s.In, data); err != nil {
diff --git a/vendor/github.com/go-openapi/validate/values.go b/vendor/github.com/go-openapi/validate/values.go
index ab5ce8af5084..67895d1ec608 100644
--- a/vendor/github.com/go-openapi/validate/values.go
+++ b/vendor/github.com/go-openapi/validate/values.go
@@ -196,7 +196,11 @@ func MinimumUint(path, in string, data, min uint64, exclusive bool) *errors.Vali
 
 // MultipleOf validates if the provided number is a multiple of the factor
 func MultipleOf(path, in string, data, factor float64) *errors.Validation {
-	if !swag.IsFloat64AJSONInteger(data / factor) {
+	mult := data / factor
+	if factor < 1 {
+		mult = 1 / factor * data
+	}
+	if !swag.IsFloat64AJSONInteger(mult) {
 		return errors.NotMultipleOf(path, in, factor)
 	}
 	return nil
diff --git a/vendor/github.com/golang/protobuf/protoc-gen-go/descriptor/Makefile b/vendor/github.com/golang/protobuf/protoc-gen-go/descriptor/Makefile
new file mode 100644
index 000000000000..f706871a6fa4
--- /dev/null
+++ b/vendor/github.com/golang/protobuf/protoc-gen-go/descriptor/Makefile
@@ -0,0 +1,37 @@
+# Go support for Protocol Buffers - Google's data interchange format
+#
+# Copyright 2010 The Go Authors.  All rights reserved.
+# https://github.com/golang/protobuf
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+#     * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+#     * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+# Not stored here, but descriptor.proto is in https://github.com/google/protobuf/
+# at src/google/protobuf/descriptor.proto
+regenerate:
+	@echo WARNING! THIS RULE IS PROBABLY NOT RIGHT FOR YOUR INSTALLATION
+	cp $(HOME)/src/protobuf/include/google/protobuf/descriptor.proto .
+	protoc --go_out=../../../../.. -I$(HOME)/src/protobuf/include $(HOME)/src/protobuf/include/google/protobuf/descriptor.proto
diff --git a/vendor/github.com/golang/protobuf/protoc-gen-go/descriptor/descriptor.pb.go b/vendor/github.com/golang/protobuf/protoc-gen-go/descriptor/descriptor.pb.go
new file mode 100644
index 000000000000..c6a91bcab9c2
--- /dev/null
+++ b/vendor/github.com/golang/protobuf/protoc-gen-go/descriptor/descriptor.pb.go
@@ -0,0 +1,2215 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// source: google/protobuf/descriptor.proto
+
+/*
+Package descriptor is a generated protocol buffer package.
+
+It is generated from these files:
+	google/protobuf/descriptor.proto
+
+It has these top-level messages:
+	FileDescriptorSet
+	FileDescriptorProto
+	DescriptorProto
+	ExtensionRangeOptions
+	FieldDescriptorProto
+	OneofDescriptorProto
+	EnumDescriptorProto
+	EnumValueDescriptorProto
+	ServiceDescriptorProto
+	MethodDescriptorProto
+	FileOptions
+	MessageOptions
+	FieldOptions
+	OneofOptions
+	EnumOptions
+	EnumValueOptions
+	ServiceOptions
+	MethodOptions
+	UninterpretedOption
+	SourceCodeInfo
+	GeneratedCodeInfo
+*/
+package descriptor
+
+import proto "github.com/golang/protobuf/proto"
+import fmt "fmt"
+import math "math"
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = fmt.Errorf
+var _ = math.Inf
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the proto package it is being compiled against.
+// A compilation error at this line likely means your copy of the
+// proto package needs to be updated.
+const _ = proto.ProtoPackageIsVersion2 // please upgrade the proto package
+
+type FieldDescriptorProto_Type int32
+
+const (
+	// 0 is reserved for errors.
+	// Order is weird for historical reasons.
+	FieldDescriptorProto_TYPE_DOUBLE FieldDescriptorProto_Type = 1
+	FieldDescriptorProto_TYPE_FLOAT  FieldDescriptorProto_Type = 2
+	// Not ZigZag encoded.  Negative numbers take 10 bytes.  Use TYPE_SINT64 if
+	// negative values are likely.
+	FieldDescriptorProto_TYPE_INT64  FieldDescriptorProto_Type = 3
+	FieldDescriptorProto_TYPE_UINT64 FieldDescriptorProto_Type = 4
+	// Not ZigZag encoded.  Negative numbers take 10 bytes.  Use TYPE_SINT32 if
+	// negative values are likely.
+	FieldDescriptorProto_TYPE_INT32   FieldDescriptorProto_Type = 5
+	FieldDescriptorProto_TYPE_FIXED64 FieldDescriptorProto_Type = 6
+	FieldDescriptorProto_TYPE_FIXED32 FieldDescriptorProto_Type = 7
+	FieldDescriptorProto_TYPE_BOOL    FieldDescriptorProto_Type = 8
+	FieldDescriptorProto_TYPE_STRING  FieldDescriptorProto_Type = 9
+	// Tag-delimited aggregate.
+	// Group type is deprecated and not supported in proto3. However, Proto3
+	// implementations should still be able to parse the group wire format and
+	// treat group fields as unknown fields.
+	FieldDescriptorProto_TYPE_GROUP   FieldDescriptorProto_Type = 10
+	FieldDescriptorProto_TYPE_MESSAGE FieldDescriptorProto_Type = 11
+	// New in version 2.
+	FieldDescriptorProto_TYPE_BYTES    FieldDescriptorProto_Type = 12
+	FieldDescriptorProto_TYPE_UINT32   FieldDescriptorProto_Type = 13
+	FieldDescriptorProto_TYPE_ENUM     FieldDescriptorProto_Type = 14
+	FieldDescriptorProto_TYPE_SFIXED32 FieldDescriptorProto_Type = 15
+	FieldDescriptorProto_TYPE_SFIXED64 FieldDescriptorProto_Type = 16
+	FieldDescriptorProto_TYPE_SINT32   FieldDescriptorProto_Type = 17
+	FieldDescriptorProto_TYPE_SINT64   FieldDescriptorProto_Type = 18
+)
+
+var FieldDescriptorProto_Type_name = map[int32]string{
+	1:  "TYPE_DOUBLE",
+	2:  "TYPE_FLOAT",
+	3:  "TYPE_INT64",
+	4:  "TYPE_UINT64",
+	5:  "TYPE_INT32",
+	6:  "TYPE_FIXED64",
+	7:  "TYPE_FIXED32",
+	8:  "TYPE_BOOL",
+	9:  "TYPE_STRING",
+	10: "TYPE_GROUP",
+	11: "TYPE_MESSAGE",
+	12: "TYPE_BYTES",
+	13: "TYPE_UINT32",
+	14: "TYPE_ENUM",
+	15: "TYPE_SFIXED32",
+	16: "TYPE_SFIXED64",
+	17: "TYPE_SINT32",
+	18: "TYPE_SINT64",
+}
+var FieldDescriptorProto_Type_value = map[string]int32{
+	"TYPE_DOUBLE":   1,
+	"TYPE_FLOAT":    2,
+	"TYPE_INT64":    3,
+	"TYPE_UINT64":   4,
+	"TYPE_INT32":    5,
+	"TYPE_FIXED64":  6,
+	"TYPE_FIXED32":  7,
+	"TYPE_BOOL":     8,
+	"TYPE_STRING":   9,
+	"TYPE_GROUP":    10,
+	"TYPE_MESSAGE":  11,
+	"TYPE_BYTES":    12,
+	"TYPE_UINT32":   13,
+	"TYPE_ENUM":     14,
+	"TYPE_SFIXED32": 15,
+	"TYPE_SFIXED64": 16,
+	"TYPE_SINT32":   17,
+	"TYPE_SINT64":   18,
+}
+
+func (x FieldDescriptorProto_Type) Enum() *FieldDescriptorProto_Type {
+	p := new(FieldDescriptorProto_Type)
+	*p = x
+	return p
+}
+func (x FieldDescriptorProto_Type) String() string {
+	return proto.EnumName(FieldDescriptorProto_Type_name, int32(x))
+}
+func (x *FieldDescriptorProto_Type) UnmarshalJSON(data []byte) error {
+	value, err := proto.UnmarshalJSONEnum(FieldDescriptorProto_Type_value, data, "FieldDescriptorProto_Type")
+	if err != nil {
+		return err
+	}
+	*x = FieldDescriptorProto_Type(value)
+	return nil
+}
+func (FieldDescriptorProto_Type) EnumDescriptor() ([]byte, []int) { return fileDescriptor0, []int{4, 0} }
+
+type FieldDescriptorProto_Label int32
+
+const (
+	// 0 is reserved for errors
+	FieldDescriptorProto_LABEL_OPTIONAL FieldDescriptorProto_Label = 1
+	FieldDescriptorProto_LABEL_REQUIRED FieldDescriptorProto_Label = 2
+	FieldDescriptorProto_LABEL_REPEATED FieldDescriptorProto_Label = 3
+)
+
+var FieldDescriptorProto_Label_name = map[int32]string{
+	1: "LABEL_OPTIONAL",
+	2: "LABEL_REQUIRED",
+	3: "LABEL_REPEATED",
+}
+var FieldDescriptorProto_Label_value = map[string]int32{
+	"LABEL_OPTIONAL": 1,
+	"LABEL_REQUIRED": 2,
+	"LABEL_REPEATED": 3,
+}
+
+func (x FieldDescriptorProto_Label) Enum() *FieldDescriptorProto_Label {
+	p := new(FieldDescriptorProto_Label)
+	*p = x
+	return p
+}
+func (x FieldDescriptorProto_Label) String() string {
+	return proto.EnumName(FieldDescriptorProto_Label_name, int32(x))
+}
+func (x *FieldDescriptorProto_Label) UnmarshalJSON(data []byte) error {
+	value, err := proto.UnmarshalJSONEnum(FieldDescriptorProto_Label_value, data, "FieldDescriptorProto_Label")
+	if err != nil {
+		return err
+	}
+	*x = FieldDescriptorProto_Label(value)
+	return nil
+}
+func (FieldDescriptorProto_Label) EnumDescriptor() ([]byte, []int) {
+	return fileDescriptor0, []int{4, 1}
+}
+
+// Generated classes can be optimized for speed or code size.
+type FileOptions_OptimizeMode int32
+
+const (
+	FileOptions_SPEED FileOptions_OptimizeMode = 1
+	// etc.
+	FileOptions_CODE_SIZE    FileOptions_OptimizeMode = 2
+	FileOptions_LITE_RUNTIME FileOptions_OptimizeMode = 3
+)
+
+var FileOptions_OptimizeMode_name = map[int32]string{
+	1: "SPEED",
+	2: "CODE_SIZE",
+	3: "LITE_RUNTIME",
+}
+var FileOptions_OptimizeMode_value = map[string]int32{
+	"SPEED":        1,
+	"CODE_SIZE":    2,
+	"LITE_RUNTIME": 3,
+}
+
+func (x FileOptions_OptimizeMode) Enum() *FileOptions_OptimizeMode {
+	p := new(FileOptions_OptimizeMode)
+	*p = x
+	return p
+}
+func (x FileOptions_OptimizeMode) String() string {
+	return proto.EnumName(FileOptions_OptimizeMode_name, int32(x))
+}
+func (x *FileOptions_OptimizeMode) UnmarshalJSON(data []byte) error {
+	value, err := proto.UnmarshalJSONEnum(FileOptions_OptimizeMode_value, data, "FileOptions_OptimizeMode")
+	if err != nil {
+		return err
+	}
+	*x = FileOptions_OptimizeMode(value)
+	return nil
+}
+func (FileOptions_OptimizeMode) EnumDescriptor() ([]byte, []int) { return fileDescriptor0, []int{10, 0} }
+
+type FieldOptions_CType int32
+
+const (
+	// Default mode.
+	FieldOptions_STRING       FieldOptions_CType = 0
+	FieldOptions_CORD         FieldOptions_CType = 1
+	FieldOptions_STRING_PIECE FieldOptions_CType = 2
+)
+
+var FieldOptions_CType_name = map[int32]string{
+	0: "STRING",
+	1: "CORD",
+	2: "STRING_PIECE",
+}
+var FieldOptions_CType_value = map[string]int32{
+	"STRING":       0,
+	"CORD":         1,
+	"STRING_PIECE": 2,
+}
+
+func (x FieldOptions_CType) Enum() *FieldOptions_CType {
+	p := new(FieldOptions_CType)
+	*p = x
+	return p
+}
+func (x FieldOptions_CType) String() string {
+	return proto.EnumName(FieldOptions_CType_name, int32(x))
+}
+func (x *FieldOptions_CType) UnmarshalJSON(data []byte) error {
+	value, err := proto.UnmarshalJSONEnum(FieldOptions_CType_value, data, "FieldOptions_CType")
+	if err != nil {
+		return err
+	}
+	*x = FieldOptions_CType(value)
+	return nil
+}
+func (FieldOptions_CType) EnumDescriptor() ([]byte, []int) { return fileDescriptor0, []int{12, 0} }
+
+type FieldOptions_JSType int32
+
+const (
+	// Use the default type.
+	FieldOptions_JS_NORMAL FieldOptions_JSType = 0
+	// Use JavaScript strings.
+	FieldOptions_JS_STRING FieldOptions_JSType = 1
+	// Use JavaScript numbers.
+	FieldOptions_JS_NUMBER FieldOptions_JSType = 2
+)
+
+var FieldOptions_JSType_name = map[int32]string{
+	0: "JS_NORMAL",
+	1: "JS_STRING",
+	2: "JS_NUMBER",
+}
+var FieldOptions_JSType_value = map[string]int32{
+	"JS_NORMAL": 0,
+	"JS_STRING": 1,
+	"JS_NUMBER": 2,
+}
+
+func (x FieldOptions_JSType) Enum() *FieldOptions_JSType {
+	p := new(FieldOptions_JSType)
+	*p = x
+	return p
+}
+func (x FieldOptions_JSType) String() string {
+	return proto.EnumName(FieldOptions_JSType_name, int32(x))
+}
+func (x *FieldOptions_JSType) UnmarshalJSON(data []byte) error {
+	value, err := proto.UnmarshalJSONEnum(FieldOptions_JSType_value, data, "FieldOptions_JSType")
+	if err != nil {
+		return err
+	}
+	*x = FieldOptions_JSType(value)
+	return nil
+}
+func (FieldOptions_JSType) EnumDescriptor() ([]byte, []int) { return fileDescriptor0, []int{12, 1} }
+
+// Is this method side-effect-free (or safe in HTTP parlance), or idempotent,
+// or neither? HTTP based RPC implementation may choose GET verb for safe
+// methods, and PUT verb for idempotent methods instead of the default POST.
+type MethodOptions_IdempotencyLevel int32
+
+const (
+	MethodOptions_IDEMPOTENCY_UNKNOWN MethodOptions_IdempotencyLevel = 0
+	MethodOptions_NO_SIDE_EFFECTS     MethodOptions_IdempotencyLevel = 1
+	MethodOptions_IDEMPOTENT          MethodOptions_IdempotencyLevel = 2
+)
+
+var MethodOptions_IdempotencyLevel_name = map[int32]string{
+	0: "IDEMPOTENCY_UNKNOWN",
+	1: "NO_SIDE_EFFECTS",
+	2: "IDEMPOTENT",
+}
+var MethodOptions_IdempotencyLevel_value = map[string]int32{
+	"IDEMPOTENCY_UNKNOWN": 0,
+	"NO_SIDE_EFFECTS":     1,
+	"IDEMPOTENT":          2,
+}
+
+func (x MethodOptions_IdempotencyLevel) Enum() *MethodOptions_IdempotencyLevel {
+	p := new(MethodOptions_IdempotencyLevel)
+	*p = x
+	return p
+}
+func (x MethodOptions_IdempotencyLevel) String() string {
+	return proto.EnumName(MethodOptions_IdempotencyLevel_name, int32(x))
+}
+func (x *MethodOptions_IdempotencyLevel) UnmarshalJSON(data []byte) error {
+	value, err := proto.UnmarshalJSONEnum(MethodOptions_IdempotencyLevel_value, data, "MethodOptions_IdempotencyLevel")
+	if err != nil {
+		return err
+	}
+	*x = MethodOptions_IdempotencyLevel(value)
+	return nil
+}
+func (MethodOptions_IdempotencyLevel) EnumDescriptor() ([]byte, []int) {
+	return fileDescriptor0, []int{17, 0}
+}
+
+// The protocol compiler can output a FileDescriptorSet containing the .proto
+// files it parses.
+type FileDescriptorSet struct {
+	File             []*FileDescriptorProto `protobuf:"bytes,1,rep,name=file" json:"file,omitempty"`
+	XXX_unrecognized []byte                 `json:"-"`
+}
+
+func (m *FileDescriptorSet) Reset()                    { *m = FileDescriptorSet{} }
+func (m *FileDescriptorSet) String() string            { return proto.CompactTextString(m) }
+func (*FileDescriptorSet) ProtoMessage()               {}
+func (*FileDescriptorSet) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{0} }
+
+func (m *FileDescriptorSet) GetFile() []*FileDescriptorProto {
+	if m != nil {
+		return m.File
+	}
+	return nil
+}
+
+// Describes a complete .proto file.
+type FileDescriptorProto struct {
+	Name    *string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
+	Package *string `protobuf:"bytes,2,opt,name=package" json:"package,omitempty"`
+	// Names of files imported by this file.
+	Dependency []string `protobuf:"bytes,3,rep,name=dependency" json:"dependency,omitempty"`
+	// Indexes of the public imported files in the dependency list above.
+	PublicDependency []int32 `protobuf:"varint,10,rep,name=public_dependency,json=publicDependency" json:"public_dependency,omitempty"`
+	// Indexes of the weak imported files in the dependency list.
+	// For Google-internal migration only. Do not use.
+	WeakDependency []int32 `protobuf:"varint,11,rep,name=weak_dependency,json=weakDependency" json:"weak_dependency,omitempty"`
+	// All top-level definitions in this file.
+	MessageType []*DescriptorProto        `protobuf:"bytes,4,rep,name=message_type,json=messageType" json:"message_type,omitempty"`
+	EnumType    []*EnumDescriptorProto    `protobuf:"bytes,5,rep,name=enum_type,json=enumType" json:"enum_type,omitempty"`
+	Service     []*ServiceDescriptorProto `protobuf:"bytes,6,rep,name=service" json:"service,omitempty"`
+	Extension   []*FieldDescriptorProto   `protobuf:"bytes,7,rep,name=extension" json:"extension,omitempty"`
+	Options     *FileOptions              `protobuf:"bytes,8,opt,name=options" json:"options,omitempty"`
+	// This field contains optional information about the original source code.
+	// You may safely remove this entire field without harming runtime
+	// functionality of the descriptors -- the information is needed only by
+	// development tools.
+	SourceCodeInfo *SourceCodeInfo `protobuf:"bytes,9,opt,name=source_code_info,json=sourceCodeInfo" json:"source_code_info,omitempty"`
+	// The syntax of the proto file.
+	// The supported values are "proto2" and "proto3".
+	Syntax           *string `protobuf:"bytes,12,opt,name=syntax" json:"syntax,omitempty"`
+	XXX_unrecognized []byte  `json:"-"`
+}
+
+func (m *FileDescriptorProto) Reset()                    { *m = FileDescriptorProto{} }
+func (m *FileDescriptorProto) String() string            { return proto.CompactTextString(m) }
+func (*FileDescriptorProto) ProtoMessage()               {}
+func (*FileDescriptorProto) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{1} }
+
+func (m *FileDescriptorProto) GetName() string {
+	if m != nil && m.Name != nil {
+		return *m.Name
+	}
+	return ""
+}
+
+func (m *FileDescriptorProto) GetPackage() string {
+	if m != nil && m.Package != nil {
+		return *m.Package
+	}
+	return ""
+}
+
+func (m *FileDescriptorProto) GetDependency() []string {
+	if m != nil {
+		return m.Dependency
+	}
+	return nil
+}
+
+func (m *FileDescriptorProto) GetPublicDependency() []int32 {
+	if m != nil {
+		return m.PublicDependency
+	}
+	return nil
+}
+
+func (m *FileDescriptorProto) GetWeakDependency() []int32 {
+	if m != nil {
+		return m.WeakDependency
+	}
+	return nil
+}
+
+func (m *FileDescriptorProto) GetMessageType() []*DescriptorProto {
+	if m != nil {
+		return m.MessageType
+	}
+	return nil
+}
+
+func (m *FileDescriptorProto) GetEnumType() []*EnumDescriptorProto {
+	if m != nil {
+		return m.EnumType
+	}
+	return nil
+}
+
+func (m *FileDescriptorProto) GetService() []*ServiceDescriptorProto {
+	if m != nil {
+		return m.Service
+	}
+	return nil
+}
+
+func (m *FileDescriptorProto) GetExtension() []*FieldDescriptorProto {
+	if m != nil {
+		return m.Extension
+	}
+	return nil
+}
+
+func (m *FileDescriptorProto) GetOptions() *FileOptions {
+	if m != nil {
+		return m.Options
+	}
+	return nil
+}
+
+func (m *FileDescriptorProto) GetSourceCodeInfo() *SourceCodeInfo {
+	if m != nil {
+		return m.SourceCodeInfo
+	}
+	return nil
+}
+
+func (m *FileDescriptorProto) GetSyntax() string {
+	if m != nil && m.Syntax != nil {
+		return *m.Syntax
+	}
+	return ""
+}
+
+// Describes a message type.
+type DescriptorProto struct {
+	Name           *string                           `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
+	Field          []*FieldDescriptorProto           `protobuf:"bytes,2,rep,name=field" json:"field,omitempty"`
+	Extension      []*FieldDescriptorProto           `protobuf:"bytes,6,rep,name=extension" json:"extension,omitempty"`
+	NestedType     []*DescriptorProto                `protobuf:"bytes,3,rep,name=nested_type,json=nestedType" json:"nested_type,omitempty"`
+	EnumType       []*EnumDescriptorProto            `protobuf:"bytes,4,rep,name=enum_type,json=enumType" json:"enum_type,omitempty"`
+	ExtensionRange []*DescriptorProto_ExtensionRange `protobuf:"bytes,5,rep,name=extension_range,json=extensionRange" json:"extension_range,omitempty"`
+	OneofDecl      []*OneofDescriptorProto           `protobuf:"bytes,8,rep,name=oneof_decl,json=oneofDecl" json:"oneof_decl,omitempty"`
+	Options        *MessageOptions                   `protobuf:"bytes,7,opt,name=options" json:"options,omitempty"`
+	ReservedRange  []*DescriptorProto_ReservedRange  `protobuf:"bytes,9,rep,name=reserved_range,json=reservedRange" json:"reserved_range,omitempty"`
+	// Reserved field names, which may not be used by fields in the same message.
+	// A given name may only be reserved once.
+	ReservedName     []string `protobuf:"bytes,10,rep,name=reserved_name,json=reservedName" json:"reserved_name,omitempty"`
+	XXX_unrecognized []byte   `json:"-"`
+}
+
+func (m *DescriptorProto) Reset()                    { *m = DescriptorProto{} }
+func (m *DescriptorProto) String() string            { return proto.CompactTextString(m) }
+func (*DescriptorProto) ProtoMessage()               {}
+func (*DescriptorProto) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{2} }
+
+func (m *DescriptorProto) GetName() string {
+	if m != nil && m.Name != nil {
+		return *m.Name
+	}
+	return ""
+}
+
+func (m *DescriptorProto) GetField() []*FieldDescriptorProto {
+	if m != nil {
+		return m.Field
+	}
+	return nil
+}
+
+func (m *DescriptorProto) GetExtension() []*FieldDescriptorProto {
+	if m != nil {
+		return m.Extension
+	}
+	return nil
+}
+
+func (m *DescriptorProto) GetNestedType() []*DescriptorProto {
+	if m != nil {
+		return m.NestedType
+	}
+	return nil
+}
+
+func (m *DescriptorProto) GetEnumType() []*EnumDescriptorProto {
+	if m != nil {
+		return m.EnumType
+	}
+	return nil
+}
+
+func (m *DescriptorProto) GetExtensionRange() []*DescriptorProto_ExtensionRange {
+	if m != nil {
+		return m.ExtensionRange
+	}
+	return nil
+}
+
+func (m *DescriptorProto) GetOneofDecl() []*OneofDescriptorProto {
+	if m != nil {
+		return m.OneofDecl
+	}
+	return nil
+}
+
+func (m *DescriptorProto) GetOptions() *MessageOptions {
+	if m != nil {
+		return m.Options
+	}
+	return nil
+}
+
+func (m *DescriptorProto) GetReservedRange() []*DescriptorProto_ReservedRange {
+	if m != nil {
+		return m.ReservedRange
+	}
+	return nil
+}
+
+func (m *DescriptorProto) GetReservedName() []string {
+	if m != nil {
+		return m.ReservedName
+	}
+	return nil
+}
+
+type DescriptorProto_ExtensionRange struct {
+	Start            *int32                 `protobuf:"varint,1,opt,name=start" json:"start,omitempty"`
+	End              *int32                 `protobuf:"varint,2,opt,name=end" json:"end,omitempty"`
+	Options          *ExtensionRangeOptions `protobuf:"bytes,3,opt,name=options" json:"options,omitempty"`
+	XXX_unrecognized []byte                 `json:"-"`
+}
+
+func (m *DescriptorProto_ExtensionRange) Reset()         { *m = DescriptorProto_ExtensionRange{} }
+func (m *DescriptorProto_ExtensionRange) String() string { return proto.CompactTextString(m) }
+func (*DescriptorProto_ExtensionRange) ProtoMessage()    {}
+func (*DescriptorProto_ExtensionRange) Descriptor() ([]byte, []int) {
+	return fileDescriptor0, []int{2, 0}
+}
+
+func (m *DescriptorProto_ExtensionRange) GetStart() int32 {
+	if m != nil && m.Start != nil {
+		return *m.Start
+	}
+	return 0
+}
+
+func (m *DescriptorProto_ExtensionRange) GetEnd() int32 {
+	if m != nil && m.End != nil {
+		return *m.End
+	}
+	return 0
+}
+
+func (m *DescriptorProto_ExtensionRange) GetOptions() *ExtensionRangeOptions {
+	if m != nil {
+		return m.Options
+	}
+	return nil
+}
+
+// Range of reserved tag numbers. Reserved tag numbers may not be used by
+// fields or extension ranges in the same message. Reserved ranges may
+// not overlap.
+type DescriptorProto_ReservedRange struct {
+	Start            *int32 `protobuf:"varint,1,opt,name=start" json:"start,omitempty"`
+	End              *int32 `protobuf:"varint,2,opt,name=end" json:"end,omitempty"`
+	XXX_unrecognized []byte `json:"-"`
+}
+
+func (m *DescriptorProto_ReservedRange) Reset()         { *m = DescriptorProto_ReservedRange{} }
+func (m *DescriptorProto_ReservedRange) String() string { return proto.CompactTextString(m) }
+func (*DescriptorProto_ReservedRange) ProtoMessage()    {}
+func (*DescriptorProto_ReservedRange) Descriptor() ([]byte, []int) {
+	return fileDescriptor0, []int{2, 1}
+}
+
+func (m *DescriptorProto_ReservedRange) GetStart() int32 {
+	if m != nil && m.Start != nil {
+		return *m.Start
+	}
+	return 0
+}
+
+func (m *DescriptorProto_ReservedRange) GetEnd() int32 {
+	if m != nil && m.End != nil {
+		return *m.End
+	}
+	return 0
+}
+
+type ExtensionRangeOptions struct {
+	// The parser stores options it doesn't recognize here. See above.
+	UninterpretedOption          []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
+	proto.XXX_InternalExtensions `json:"-"`
+	XXX_unrecognized             []byte `json:"-"`
+}
+
+func (m *ExtensionRangeOptions) Reset()                    { *m = ExtensionRangeOptions{} }
+func (m *ExtensionRangeOptions) String() string            { return proto.CompactTextString(m) }
+func (*ExtensionRangeOptions) ProtoMessage()               {}
+func (*ExtensionRangeOptions) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{3} }
+
+var extRange_ExtensionRangeOptions = []proto.ExtensionRange{
+	{1000, 536870911},
+}
+
+func (*ExtensionRangeOptions) ExtensionRangeArray() []proto.ExtensionRange {
+	return extRange_ExtensionRangeOptions
+}
+
+func (m *ExtensionRangeOptions) GetUninterpretedOption() []*UninterpretedOption {
+	if m != nil {
+		return m.UninterpretedOption
+	}
+	return nil
+}
+
+// Describes a field within a message.
+type FieldDescriptorProto struct {
+	Name   *string                     `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
+	Number *int32                      `protobuf:"varint,3,opt,name=number" json:"number,omitempty"`
+	Label  *FieldDescriptorProto_Label `protobuf:"varint,4,opt,name=label,enum=google.protobuf.FieldDescriptorProto_Label" json:"label,omitempty"`
+	// If type_name is set, this need not be set.  If both this and type_name
+	// are set, this must be one of TYPE_ENUM, TYPE_MESSAGE or TYPE_GROUP.
+	Type *FieldDescriptorProto_Type `protobuf:"varint,5,opt,name=type,enum=google.protobuf.FieldDescriptorProto_Type" json:"type,omitempty"`
+	// For message and enum types, this is the name of the type.  If the name
+	// starts with a '.', it is fully-qualified.  Otherwise, C++-like scoping
+	// rules are used to find the type (i.e. first the nested types within this
+	// message are searched, then within the parent, on up to the root
+	// namespace).
+	TypeName *string `protobuf:"bytes,6,opt,name=type_name,json=typeName" json:"type_name,omitempty"`
+	// For extensions, this is the name of the type being extended.  It is
+	// resolved in the same manner as type_name.
+	Extendee *string `protobuf:"bytes,2,opt,name=extendee" json:"extendee,omitempty"`
+	// For numeric types, contains the original text representation of the value.
+	// For booleans, "true" or "false".
+	// For strings, contains the default text contents (not escaped in any way).
+	// For bytes, contains the C escaped value.  All bytes >= 128 are escaped.
+	// TODO(kenton):  Base-64 encode?
+	DefaultValue *string `protobuf:"bytes,7,opt,name=default_value,json=defaultValue" json:"default_value,omitempty"`
+	// If set, gives the index of a oneof in the containing type's oneof_decl
+	// list.  This field is a member of that oneof.
+	OneofIndex *int32 `protobuf:"varint,9,opt,name=oneof_index,json=oneofIndex" json:"oneof_index,omitempty"`
+	// JSON name of this field. The value is set by protocol compiler. If the
+	// user has set a "json_name" option on this field, that option's value
+	// will be used. Otherwise, it's deduced from the field's name by converting
+	// it to camelCase.
+	JsonName         *string       `protobuf:"bytes,10,opt,name=json_name,json=jsonName" json:"json_name,omitempty"`
+	Options          *FieldOptions `protobuf:"bytes,8,opt,name=options" json:"options,omitempty"`
+	XXX_unrecognized []byte        `json:"-"`
+}
+
+func (m *FieldDescriptorProto) Reset()                    { *m = FieldDescriptorProto{} }
+func (m *FieldDescriptorProto) String() string            { return proto.CompactTextString(m) }
+func (*FieldDescriptorProto) ProtoMessage()               {}
+func (*FieldDescriptorProto) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{4} }
+
+func (m *FieldDescriptorProto) GetName() string {
+	if m != nil && m.Name != nil {
+		return *m.Name
+	}
+	return ""
+}
+
+func (m *FieldDescriptorProto) GetNumber() int32 {
+	if m != nil && m.Number != nil {
+		return *m.Number
+	}
+	return 0
+}
+
+func (m *FieldDescriptorProto) GetLabel() FieldDescriptorProto_Label {
+	if m != nil && m.Label != nil {
+		return *m.Label
+	}
+	return FieldDescriptorProto_LABEL_OPTIONAL
+}
+
+func (m *FieldDescriptorProto) GetType() FieldDescriptorProto_Type {
+	if m != nil && m.Type != nil {
+		return *m.Type
+	}
+	return FieldDescriptorProto_TYPE_DOUBLE
+}
+
+func (m *FieldDescriptorProto) GetTypeName() string {
+	if m != nil && m.TypeName != nil {
+		return *m.TypeName
+	}
+	return ""
+}
+
+func (m *FieldDescriptorProto) GetExtendee() string {
+	if m != nil && m.Extendee != nil {
+		return *m.Extendee
+	}
+	return ""
+}
+
+func (m *FieldDescriptorProto) GetDefaultValue() string {
+	if m != nil && m.DefaultValue != nil {
+		return *m.DefaultValue
+	}
+	return ""
+}
+
+func (m *FieldDescriptorProto) GetOneofIndex() int32 {
+	if m != nil && m.OneofIndex != nil {
+		return *m.OneofIndex
+	}
+	return 0
+}
+
+func (m *FieldDescriptorProto) GetJsonName() string {
+	if m != nil && m.JsonName != nil {
+		return *m.JsonName
+	}
+	return ""
+}
+
+func (m *FieldDescriptorProto) GetOptions() *FieldOptions {
+	if m != nil {
+		return m.Options
+	}
+	return nil
+}
+
+// Describes a oneof.
+type OneofDescriptorProto struct {
+	Name             *string       `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
+	Options          *OneofOptions `protobuf:"bytes,2,opt,name=options" json:"options,omitempty"`
+	XXX_unrecognized []byte        `json:"-"`
+}
+
+func (m *OneofDescriptorProto) Reset()                    { *m = OneofDescriptorProto{} }
+func (m *OneofDescriptorProto) String() string            { return proto.CompactTextString(m) }
+func (*OneofDescriptorProto) ProtoMessage()               {}
+func (*OneofDescriptorProto) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{5} }
+
+func (m *OneofDescriptorProto) GetName() string {
+	if m != nil && m.Name != nil {
+		return *m.Name
+	}
+	return ""
+}
+
+func (m *OneofDescriptorProto) GetOptions() *OneofOptions {
+	if m != nil {
+		return m.Options
+	}
+	return nil
+}
+
+// Describes an enum type.
+type EnumDescriptorProto struct {
+	Name             *string                     `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
+	Value            []*EnumValueDescriptorProto `protobuf:"bytes,2,rep,name=value" json:"value,omitempty"`
+	Options          *EnumOptions                `protobuf:"bytes,3,opt,name=options" json:"options,omitempty"`
+	XXX_unrecognized []byte                      `json:"-"`
+}
+
+func (m *EnumDescriptorProto) Reset()                    { *m = EnumDescriptorProto{} }
+func (m *EnumDescriptorProto) String() string            { return proto.CompactTextString(m) }
+func (*EnumDescriptorProto) ProtoMessage()               {}
+func (*EnumDescriptorProto) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{6} }
+
+func (m *EnumDescriptorProto) GetName() string {
+	if m != nil && m.Name != nil {
+		return *m.Name
+	}
+	return ""
+}
+
+func (m *EnumDescriptorProto) GetValue() []*EnumValueDescriptorProto {
+	if m != nil {
+		return m.Value
+	}
+	return nil
+}
+
+func (m *EnumDescriptorProto) GetOptions() *EnumOptions {
+	if m != nil {
+		return m.Options
+	}
+	return nil
+}
+
+// Describes a value within an enum.
+type EnumValueDescriptorProto struct {
+	Name             *string           `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
+	Number           *int32            `protobuf:"varint,2,opt,name=number" json:"number,omitempty"`
+	Options          *EnumValueOptions `protobuf:"bytes,3,opt,name=options" json:"options,omitempty"`
+	XXX_unrecognized []byte            `json:"-"`
+}
+
+func (m *EnumValueDescriptorProto) Reset()                    { *m = EnumValueDescriptorProto{} }
+func (m *EnumValueDescriptorProto) String() string            { return proto.CompactTextString(m) }
+func (*EnumValueDescriptorProto) ProtoMessage()               {}
+func (*EnumValueDescriptorProto) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{7} }
+
+func (m *EnumValueDescriptorProto) GetName() string {
+	if m != nil && m.Name != nil {
+		return *m.Name
+	}
+	return ""
+}
+
+func (m *EnumValueDescriptorProto) GetNumber() int32 {
+	if m != nil && m.Number != nil {
+		return *m.Number
+	}
+	return 0
+}
+
+func (m *EnumValueDescriptorProto) GetOptions() *EnumValueOptions {
+	if m != nil {
+		return m.Options
+	}
+	return nil
+}
+
+// Describes a service.
+type ServiceDescriptorProto struct {
+	Name             *string                  `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
+	Method           []*MethodDescriptorProto `protobuf:"bytes,2,rep,name=method" json:"method,omitempty"`
+	Options          *ServiceOptions          `protobuf:"bytes,3,opt,name=options" json:"options,omitempty"`
+	XXX_unrecognized []byte                   `json:"-"`
+}
+
+func (m *ServiceDescriptorProto) Reset()                    { *m = ServiceDescriptorProto{} }
+func (m *ServiceDescriptorProto) String() string            { return proto.CompactTextString(m) }
+func (*ServiceDescriptorProto) ProtoMessage()               {}
+func (*ServiceDescriptorProto) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{8} }
+
+func (m *ServiceDescriptorProto) GetName() string {
+	if m != nil && m.Name != nil {
+		return *m.Name
+	}
+	return ""
+}
+
+func (m *ServiceDescriptorProto) GetMethod() []*MethodDescriptorProto {
+	if m != nil {
+		return m.Method
+	}
+	return nil
+}
+
+func (m *ServiceDescriptorProto) GetOptions() *ServiceOptions {
+	if m != nil {
+		return m.Options
+	}
+	return nil
+}
+
+// Describes a method of a service.
+type MethodDescriptorProto struct {
+	Name *string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
+	// Input and output type names.  These are resolved in the same way as
+	// FieldDescriptorProto.type_name, but must refer to a message type.
+	InputType  *string        `protobuf:"bytes,2,opt,name=input_type,json=inputType" json:"input_type,omitempty"`
+	OutputType *string        `protobuf:"bytes,3,opt,name=output_type,json=outputType" json:"output_type,omitempty"`
+	Options    *MethodOptions `protobuf:"bytes,4,opt,name=options" json:"options,omitempty"`
+	// Identifies if client streams multiple client messages
+	ClientStreaming *bool `protobuf:"varint,5,opt,name=client_streaming,json=clientStreaming,def=0" json:"client_streaming,omitempty"`
+	// Identifies if server streams multiple server messages
+	ServerStreaming  *bool  `protobuf:"varint,6,opt,name=server_streaming,json=serverStreaming,def=0" json:"server_streaming,omitempty"`
+	XXX_unrecognized []byte `json:"-"`
+}
+
+func (m *MethodDescriptorProto) Reset()                    { *m = MethodDescriptorProto{} }
+func (m *MethodDescriptorProto) String() string            { return proto.CompactTextString(m) }
+func (*MethodDescriptorProto) ProtoMessage()               {}
+func (*MethodDescriptorProto) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{9} }
+
+const Default_MethodDescriptorProto_ClientStreaming bool = false
+const Default_MethodDescriptorProto_ServerStreaming bool = false
+
+func (m *MethodDescriptorProto) GetName() string {
+	if m != nil && m.Name != nil {
+		return *m.Name
+	}
+	return ""
+}
+
+func (m *MethodDescriptorProto) GetInputType() string {
+	if m != nil && m.InputType != nil {
+		return *m.InputType
+	}
+	return ""
+}
+
+func (m *MethodDescriptorProto) GetOutputType() string {
+	if m != nil && m.OutputType != nil {
+		return *m.OutputType
+	}
+	return ""
+}
+
+func (m *MethodDescriptorProto) GetOptions() *MethodOptions {
+	if m != nil {
+		return m.Options
+	}
+	return nil
+}
+
+func (m *MethodDescriptorProto) GetClientStreaming() bool {
+	if m != nil && m.ClientStreaming != nil {
+		return *m.ClientStreaming
+	}
+	return Default_MethodDescriptorProto_ClientStreaming
+}
+
+func (m *MethodDescriptorProto) GetServerStreaming() bool {
+	if m != nil && m.ServerStreaming != nil {
+		return *m.ServerStreaming
+	}
+	return Default_MethodDescriptorProto_ServerStreaming
+}
+
+type FileOptions struct {
+	// Sets the Java package where classes generated from this .proto will be
+	// placed.  By default, the proto package is used, but this is often
+	// inappropriate because proto packages do not normally start with backwards
+	// domain names.
+	JavaPackage *string `protobuf:"bytes,1,opt,name=java_package,json=javaPackage" json:"java_package,omitempty"`
+	// If set, all the classes from the .proto file are wrapped in a single
+	// outer class with the given name.  This applies to both Proto1
+	// (equivalent to the old "--one_java_file" option) and Proto2 (where
+	// a .proto always translates to a single class, but you may want to
+	// explicitly choose the class name).
+	JavaOuterClassname *string `protobuf:"bytes,8,opt,name=java_outer_classname,json=javaOuterClassname" json:"java_outer_classname,omitempty"`
+	// If set true, then the Java code generator will generate a separate .java
+	// file for each top-level message, enum, and service defined in the .proto
+	// file.  Thus, these types will *not* be nested inside the outer class
+	// named by java_outer_classname.  However, the outer class will still be
+	// generated to contain the file's getDescriptor() method as well as any
+	// top-level extensions defined in the file.
+	JavaMultipleFiles *bool `protobuf:"varint,10,opt,name=java_multiple_files,json=javaMultipleFiles,def=0" json:"java_multiple_files,omitempty"`
+	// This option does nothing.
+	JavaGenerateEqualsAndHash *bool `protobuf:"varint,20,opt,name=java_generate_equals_and_hash,json=javaGenerateEqualsAndHash" json:"java_generate_equals_and_hash,omitempty"`
+	// If set true, then the Java2 code generator will generate code that
+	// throws an exception whenever an attempt is made to assign a non-UTF-8
+	// byte sequence to a string field.
+	// Message reflection will do the same.
+	// However, an extension field still accepts non-UTF-8 byte sequences.
+	// This option has no effect on when used with the lite runtime.
+	JavaStringCheckUtf8 *bool                     `protobuf:"varint,27,opt,name=java_string_check_utf8,json=javaStringCheckUtf8,def=0" json:"java_string_check_utf8,omitempty"`
+	OptimizeFor         *FileOptions_OptimizeMode `protobuf:"varint,9,opt,name=optimize_for,json=optimizeFor,enum=google.protobuf.FileOptions_OptimizeMode,def=1" json:"optimize_for,omitempty"`
+	// Sets the Go package where structs generated from this .proto will be
+	// placed. If omitted, the Go package will be derived from the following:
+	//   - The basename of the package import path, if provided.
+	//   - Otherwise, the package statement in the .proto file, if present.
+	//   - Otherwise, the basename of the .proto file, without extension.
+	GoPackage *string `protobuf:"bytes,11,opt,name=go_package,json=goPackage" json:"go_package,omitempty"`
+	// Should generic services be generated in each language?  "Generic" services
+	// are not specific to any particular RPC system.  They are generated by the
+	// main code generators in each language (without additional plugins).
+	// Generic services were the only kind of service generation supported by
+	// early versions of google.protobuf.
+	//
+	// Generic services are now considered deprecated in favor of using plugins
+	// that generate code specific to your particular RPC system.  Therefore,
+	// these default to false.  Old code which depends on generic services should
+	// explicitly set them to true.
+	CcGenericServices   *bool `protobuf:"varint,16,opt,name=cc_generic_services,json=ccGenericServices,def=0" json:"cc_generic_services,omitempty"`
+	JavaGenericServices *bool `protobuf:"varint,17,opt,name=java_generic_services,json=javaGenericServices,def=0" json:"java_generic_services,omitempty"`
+	PyGenericServices   *bool `protobuf:"varint,18,opt,name=py_generic_services,json=pyGenericServices,def=0" json:"py_generic_services,omitempty"`
+	PhpGenericServices  *bool `protobuf:"varint,42,opt,name=php_generic_services,json=phpGenericServices,def=0" json:"php_generic_services,omitempty"`
+	// Is this file deprecated?
+	// Depending on the target platform, this can emit Deprecated annotations
+	// for everything in the file, or it will be completely ignored; in the very
+	// least, this is a formalization for deprecating files.
+	Deprecated *bool `protobuf:"varint,23,opt,name=deprecated,def=0" json:"deprecated,omitempty"`
+	// Enables the use of arenas for the proto messages in this file. This applies
+	// only to generated classes for C++.
+	CcEnableArenas *bool `protobuf:"varint,31,opt,name=cc_enable_arenas,json=ccEnableArenas,def=0" json:"cc_enable_arenas,omitempty"`
+	// Sets the objective c class prefix which is prepended to all objective c
+	// generated classes from this .proto. There is no default.
+	ObjcClassPrefix *string `protobuf:"bytes,36,opt,name=objc_class_prefix,json=objcClassPrefix" json:"objc_class_prefix,omitempty"`
+	// Namespace for generated classes; defaults to the package.
+	CsharpNamespace *string `protobuf:"bytes,37,opt,name=csharp_namespace,json=csharpNamespace" json:"csharp_namespace,omitempty"`
+	// By default Swift generators will take the proto package and CamelCase it
+	// replacing '.' with underscore and use that to prefix the types/symbols
+	// defined. When this options is provided, they will use this value instead
+	// to prefix the types/symbols defined.
+	SwiftPrefix *string `protobuf:"bytes,39,opt,name=swift_prefix,json=swiftPrefix" json:"swift_prefix,omitempty"`
+	// Sets the php class prefix which is prepended to all php generated classes
+	// from this .proto. Default is empty.
+	PhpClassPrefix *string `protobuf:"bytes,40,opt,name=php_class_prefix,json=phpClassPrefix" json:"php_class_prefix,omitempty"`
+	// Use this option to change the namespace of php generated classes. Default
+	// is empty. When this option is empty, the package name will be used for
+	// determining the namespace.
+	PhpNamespace *string `protobuf:"bytes,41,opt,name=php_namespace,json=phpNamespace" json:"php_namespace,omitempty"`
+	// The parser stores options it doesn't recognize here. See above.
+	UninterpretedOption          []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
+	proto.XXX_InternalExtensions `json:"-"`
+	XXX_unrecognized             []byte `json:"-"`
+}
+
+func (m *FileOptions) Reset()                    { *m = FileOptions{} }
+func (m *FileOptions) String() string            { return proto.CompactTextString(m) }
+func (*FileOptions) ProtoMessage()               {}
+func (*FileOptions) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{10} }
+
+var extRange_FileOptions = []proto.ExtensionRange{
+	{1000, 536870911},
+}
+
+func (*FileOptions) ExtensionRangeArray() []proto.ExtensionRange {
+	return extRange_FileOptions
+}
+
+const Default_FileOptions_JavaMultipleFiles bool = false
+const Default_FileOptions_JavaStringCheckUtf8 bool = false
+const Default_FileOptions_OptimizeFor FileOptions_OptimizeMode = FileOptions_SPEED
+const Default_FileOptions_CcGenericServices bool = false
+const Default_FileOptions_JavaGenericServices bool = false
+const Default_FileOptions_PyGenericServices bool = false
+const Default_FileOptions_PhpGenericServices bool = false
+const Default_FileOptions_Deprecated bool = false
+const Default_FileOptions_CcEnableArenas bool = false
+
+func (m *FileOptions) GetJavaPackage() string {
+	if m != nil && m.JavaPackage != nil {
+		return *m.JavaPackage
+	}
+	return ""
+}
+
+func (m *FileOptions) GetJavaOuterClassname() string {
+	if m != nil && m.JavaOuterClassname != nil {
+		return *m.JavaOuterClassname
+	}
+	return ""
+}
+
+func (m *FileOptions) GetJavaMultipleFiles() bool {
+	if m != nil && m.JavaMultipleFiles != nil {
+		return *m.JavaMultipleFiles
+	}
+	return Default_FileOptions_JavaMultipleFiles
+}
+
+func (m *FileOptions) GetJavaGenerateEqualsAndHash() bool {
+	if m != nil && m.JavaGenerateEqualsAndHash != nil {
+		return *m.JavaGenerateEqualsAndHash
+	}
+	return false
+}
+
+func (m *FileOptions) GetJavaStringCheckUtf8() bool {
+	if m != nil && m.JavaStringCheckUtf8 != nil {
+		return *m.JavaStringCheckUtf8
+	}
+	return Default_FileOptions_JavaStringCheckUtf8
+}
+
+func (m *FileOptions) GetOptimizeFor() FileOptions_OptimizeMode {
+	if m != nil && m.OptimizeFor != nil {
+		return *m.OptimizeFor
+	}
+	return Default_FileOptions_OptimizeFor
+}
+
+func (m *FileOptions) GetGoPackage() string {
+	if m != nil && m.GoPackage != nil {
+		return *m.GoPackage
+	}
+	return ""
+}
+
+func (m *FileOptions) GetCcGenericServices() bool {
+	if m != nil && m.CcGenericServices != nil {
+		return *m.CcGenericServices
+	}
+	return Default_FileOptions_CcGenericServices
+}
+
+func (m *FileOptions) GetJavaGenericServices() bool {
+	if m != nil && m.JavaGenericServices != nil {
+		return *m.JavaGenericServices
+	}
+	return Default_FileOptions_JavaGenericServices
+}
+
+func (m *FileOptions) GetPyGenericServices() bool {
+	if m != nil && m.PyGenericServices != nil {
+		return *m.PyGenericServices
+	}
+	return Default_FileOptions_PyGenericServices
+}
+
+func (m *FileOptions) GetPhpGenericServices() bool {
+	if m != nil && m.PhpGenericServices != nil {
+		return *m.PhpGenericServices
+	}
+	return Default_FileOptions_PhpGenericServices
+}
+
+func (m *FileOptions) GetDeprecated() bool {
+	if m != nil && m.Deprecated != nil {
+		return *m.Deprecated
+	}
+	return Default_FileOptions_Deprecated
+}
+
+func (m *FileOptions) GetCcEnableArenas() bool {
+	if m != nil && m.CcEnableArenas != nil {
+		return *m.CcEnableArenas
+	}
+	return Default_FileOptions_CcEnableArenas
+}
+
+func (m *FileOptions) GetObjcClassPrefix() string {
+	if m != nil && m.ObjcClassPrefix != nil {
+		return *m.ObjcClassPrefix
+	}
+	return ""
+}
+
+func (m *FileOptions) GetCsharpNamespace() string {
+	if m != nil && m.CsharpNamespace != nil {
+		return *m.CsharpNamespace
+	}
+	return ""
+}
+
+func (m *FileOptions) GetSwiftPrefix() string {
+	if m != nil && m.SwiftPrefix != nil {
+		return *m.SwiftPrefix
+	}
+	return ""
+}
+
+func (m *FileOptions) GetPhpClassPrefix() string {
+	if m != nil && m.PhpClassPrefix != nil {
+		return *m.PhpClassPrefix
+	}
+	return ""
+}
+
+func (m *FileOptions) GetPhpNamespace() string {
+	if m != nil && m.PhpNamespace != nil {
+		return *m.PhpNamespace
+	}
+	return ""
+}
+
+func (m *FileOptions) GetUninterpretedOption() []*UninterpretedOption {
+	if m != nil {
+		return m.UninterpretedOption
+	}
+	return nil
+}
+
+type MessageOptions struct {
+	// Set true to use the old proto1 MessageSet wire format for extensions.
+	// This is provided for backwards-compatibility with the MessageSet wire
+	// format.  You should not use this for any other reason:  It's less
+	// efficient, has fewer features, and is more complicated.
+	//
+	// The message must be defined exactly as follows:
+	//   message Foo {
+	//     option message_set_wire_format = true;
+	//     extensions 4 to max;
+	//   }
+	// Note that the message cannot have any defined fields; MessageSets only
+	// have extensions.
+	//
+	// All extensions of your type must be singular messages; e.g. they cannot
+	// be int32s, enums, or repeated messages.
+	//
+	// Because this is an option, the above two restrictions are not enforced by
+	// the protocol compiler.
+	MessageSetWireFormat *bool `protobuf:"varint,1,opt,name=message_set_wire_format,json=messageSetWireFormat,def=0" json:"message_set_wire_format,omitempty"`
+	// Disables the generation of the standard "descriptor()" accessor, which can
+	// conflict with a field of the same name.  This is meant to make migration
+	// from proto1 easier; new code should avoid fields named "descriptor".
+	NoStandardDescriptorAccessor *bool `protobuf:"varint,2,opt,name=no_standard_descriptor_accessor,json=noStandardDescriptorAccessor,def=0" json:"no_standard_descriptor_accessor,omitempty"`
+	// Is this message deprecated?
+	// Depending on the target platform, this can emit Deprecated annotations
+	// for the message, or it will be completely ignored; in the very least,
+	// this is a formalization for deprecating messages.
+	Deprecated *bool `protobuf:"varint,3,opt,name=deprecated,def=0" json:"deprecated,omitempty"`
+	// Whether the message is an automatically generated map entry type for the
+	// maps field.
+	//
+	// For maps fields:
+	//     map<KeyType, ValueType> map_field = 1;
+	// The parsed descriptor looks like:
+	//     message MapFieldEntry {
+	//         option map_entry = true;
+	//         optional KeyType key = 1;
+	//         optional ValueType value = 2;
+	//     }
+	//     repeated MapFieldEntry map_field = 1;
+	//
+	// Implementations may choose not to generate the map_entry=true message, but
+	// use a native map in the target language to hold the keys and values.
+	// The reflection APIs in such implementions still need to work as
+	// if the field is a repeated message field.
+	//
+	// NOTE: Do not set the option in .proto files. Always use the maps syntax
+	// instead. The option should only be implicitly set by the proto compiler
+	// parser.
+	MapEntry *bool `protobuf:"varint,7,opt,name=map_entry,json=mapEntry" json:"map_entry,omitempty"`
+	// The parser stores options it doesn't recognize here. See above.
+	UninterpretedOption          []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
+	proto.XXX_InternalExtensions `json:"-"`
+	XXX_unrecognized             []byte `json:"-"`
+}
+
+func (m *MessageOptions) Reset()                    { *m = MessageOptions{} }
+func (m *MessageOptions) String() string            { return proto.CompactTextString(m) }
+func (*MessageOptions) ProtoMessage()               {}
+func (*MessageOptions) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{11} }
+
+var extRange_MessageOptions = []proto.ExtensionRange{
+	{1000, 536870911},
+}
+
+func (*MessageOptions) ExtensionRangeArray() []proto.ExtensionRange {
+	return extRange_MessageOptions
+}
+
+const Default_MessageOptions_MessageSetWireFormat bool = false
+const Default_MessageOptions_NoStandardDescriptorAccessor bool = false
+const Default_MessageOptions_Deprecated bool = false
+
+func (m *MessageOptions) GetMessageSetWireFormat() bool {
+	if m != nil && m.MessageSetWireFormat != nil {
+		return *m.MessageSetWireFormat
+	}
+	return Default_MessageOptions_MessageSetWireFormat
+}
+
+func (m *MessageOptions) GetNoStandardDescriptorAccessor() bool {
+	if m != nil && m.NoStandardDescriptorAccessor != nil {
+		return *m.NoStandardDescriptorAccessor
+	}
+	return Default_MessageOptions_NoStandardDescriptorAccessor
+}
+
+func (m *MessageOptions) GetDeprecated() bool {
+	if m != nil && m.Deprecated != nil {
+		return *m.Deprecated
+	}
+	return Default_MessageOptions_Deprecated
+}
+
+func (m *MessageOptions) GetMapEntry() bool {
+	if m != nil && m.MapEntry != nil {
+		return *m.MapEntry
+	}
+	return false
+}
+
+func (m *MessageOptions) GetUninterpretedOption() []*UninterpretedOption {
+	if m != nil {
+		return m.UninterpretedOption
+	}
+	return nil
+}
+
+type FieldOptions struct {
+	// The ctype option instructs the C++ code generator to use a different
+	// representation of the field than it normally would.  See the specific
+	// options below.  This option is not yet implemented in the open source
+	// release -- sorry, we'll try to include it in a future version!
+	Ctype *FieldOptions_CType `protobuf:"varint,1,opt,name=ctype,enum=google.protobuf.FieldOptions_CType,def=0" json:"ctype,omitempty"`
+	// The packed option can be enabled for repeated primitive fields to enable
+	// a more efficient representation on the wire. Rather than repeatedly
+	// writing the tag and type for each element, the entire array is encoded as
+	// a single length-delimited blob. In proto3, only explicit setting it to
+	// false will avoid using packed encoding.
+	Packed *bool `protobuf:"varint,2,opt,name=packed" json:"packed,omitempty"`
+	// The jstype option determines the JavaScript type used for values of the
+	// field.  The option is permitted only for 64 bit integral and fixed types
+	// (int64, uint64, sint64, fixed64, sfixed64).  A field with jstype JS_STRING
+	// is represented as JavaScript string, which avoids loss of precision that
+	// can happen when a large value is converted to a floating point JavaScript.
+	// Specifying JS_NUMBER for the jstype causes the generated JavaScript code to
+	// use the JavaScript "number" type.  The behavior of the default option
+	// JS_NORMAL is implementation dependent.
+	//
+	// This option is an enum to permit additional types to be added, e.g.
+	// goog.math.Integer.
+	Jstype *FieldOptions_JSType `protobuf:"varint,6,opt,name=jstype,enum=google.protobuf.FieldOptions_JSType,def=0" json:"jstype,omitempty"`
+	// Should this field be parsed lazily?  Lazy applies only to message-type
+	// fields.  It means that when the outer message is initially parsed, the
+	// inner message's contents will not be parsed but instead stored in encoded
+	// form.  The inner message will actually be parsed when it is first accessed.
+	//
+	// This is only a hint.  Implementations are free to choose whether to use
+	// eager or lazy parsing regardless of the value of this option.  However,
+	// setting this option true suggests that the protocol author believes that
+	// using lazy parsing on this field is worth the additional bookkeeping
+	// overhead typically needed to implement it.
+	//
+	// This option does not affect the public interface of any generated code;
+	// all method signatures remain the same.  Furthermore, thread-safety of the
+	// interface is not affected by this option; const methods remain safe to
+	// call from multiple threads concurrently, while non-const methods continue
+	// to require exclusive access.
+	//
+	//
+	// Note that implementations may choose not to check required fields within
+	// a lazy sub-message.  That is, calling IsInitialized() on the outer message
+	// may return true even if the inner message has missing required fields.
+	// This is necessary because otherwise the inner message would have to be
+	// parsed in order to perform the check, defeating the purpose of lazy
+	// parsing.  An implementation which chooses not to check required fields
+	// must be consistent about it.  That is, for any particular sub-message, the
+	// implementation must either *always* check its required fields, or *never*
+	// check its required fields, regardless of whether or not the message has
+	// been parsed.
+	Lazy *bool `protobuf:"varint,5,opt,name=lazy,def=0" json:"lazy,omitempty"`
+	// Is this field deprecated?
+	// Depending on the target platform, this can emit Deprecated annotations
+	// for accessors, or it will be completely ignored; in the very least, this
+	// is a formalization for deprecating fields.
+	Deprecated *bool `protobuf:"varint,3,opt,name=deprecated,def=0" json:"deprecated,omitempty"`
+	// For Google-internal migration only. Do not use.
+	Weak *bool `protobuf:"varint,10,opt,name=weak,def=0" json:"weak,omitempty"`
+	// The parser stores options it doesn't recognize here. See above.
+	UninterpretedOption          []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
+	proto.XXX_InternalExtensions `json:"-"`
+	XXX_unrecognized             []byte `json:"-"`
+}
+
+func (m *FieldOptions) Reset()                    { *m = FieldOptions{} }
+func (m *FieldOptions) String() string            { return proto.CompactTextString(m) }
+func (*FieldOptions) ProtoMessage()               {}
+func (*FieldOptions) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{12} }
+
+var extRange_FieldOptions = []proto.ExtensionRange{
+	{1000, 536870911},
+}
+
+func (*FieldOptions) ExtensionRangeArray() []proto.ExtensionRange {
+	return extRange_FieldOptions
+}
+
+const Default_FieldOptions_Ctype FieldOptions_CType = FieldOptions_STRING
+const Default_FieldOptions_Jstype FieldOptions_JSType = FieldOptions_JS_NORMAL
+const Default_FieldOptions_Lazy bool = false
+const Default_FieldOptions_Deprecated bool = false
+const Default_FieldOptions_Weak bool = false
+
+func (m *FieldOptions) GetCtype() FieldOptions_CType {
+	if m != nil && m.Ctype != nil {
+		return *m.Ctype
+	}
+	return Default_FieldOptions_Ctype
+}
+
+func (m *FieldOptions) GetPacked() bool {
+	if m != nil && m.Packed != nil {
+		return *m.Packed
+	}
+	return false
+}
+
+func (m *FieldOptions) GetJstype() FieldOptions_JSType {
+	if m != nil && m.Jstype != nil {
+		return *m.Jstype
+	}
+	return Default_FieldOptions_Jstype
+}
+
+func (m *FieldOptions) GetLazy() bool {
+	if m != nil && m.Lazy != nil {
+		return *m.Lazy
+	}
+	return Default_FieldOptions_Lazy
+}
+
+func (m *FieldOptions) GetDeprecated() bool {
+	if m != nil && m.Deprecated != nil {
+		return *m.Deprecated
+	}
+	return Default_FieldOptions_Deprecated
+}
+
+func (m *FieldOptions) GetWeak() bool {
+	if m != nil && m.Weak != nil {
+		return *m.Weak
+	}
+	return Default_FieldOptions_Weak
+}
+
+func (m *FieldOptions) GetUninterpretedOption() []*UninterpretedOption {
+	if m != nil {
+		return m.UninterpretedOption
+	}
+	return nil
+}
+
+type OneofOptions struct {
+	// The parser stores options it doesn't recognize here. See above.
+	UninterpretedOption          []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
+	proto.XXX_InternalExtensions `json:"-"`
+	XXX_unrecognized             []byte `json:"-"`
+}
+
+func (m *OneofOptions) Reset()                    { *m = OneofOptions{} }
+func (m *OneofOptions) String() string            { return proto.CompactTextString(m) }
+func (*OneofOptions) ProtoMessage()               {}
+func (*OneofOptions) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{13} }
+
+var extRange_OneofOptions = []proto.ExtensionRange{
+	{1000, 536870911},
+}
+
+func (*OneofOptions) ExtensionRangeArray() []proto.ExtensionRange {
+	return extRange_OneofOptions
+}
+
+func (m *OneofOptions) GetUninterpretedOption() []*UninterpretedOption {
+	if m != nil {
+		return m.UninterpretedOption
+	}
+	return nil
+}
+
+type EnumOptions struct {
+	// Set this option to true to allow mapping different tag names to the same
+	// value.
+	AllowAlias *bool `protobuf:"varint,2,opt,name=allow_alias,json=allowAlias" json:"allow_alias,omitempty"`
+	// Is this enum deprecated?
+	// Depending on the target platform, this can emit Deprecated annotations
+	// for the enum, or it will be completely ignored; in the very least, this
+	// is a formalization for deprecating enums.
+	Deprecated *bool `protobuf:"varint,3,opt,name=deprecated,def=0" json:"deprecated,omitempty"`
+	// The parser stores options it doesn't recognize here. See above.
+	UninterpretedOption          []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
+	proto.XXX_InternalExtensions `json:"-"`
+	XXX_unrecognized             []byte `json:"-"`
+}
+
+func (m *EnumOptions) Reset()                    { *m = EnumOptions{} }
+func (m *EnumOptions) String() string            { return proto.CompactTextString(m) }
+func (*EnumOptions) ProtoMessage()               {}
+func (*EnumOptions) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{14} }
+
+var extRange_EnumOptions = []proto.ExtensionRange{
+	{1000, 536870911},
+}
+
+func (*EnumOptions) ExtensionRangeArray() []proto.ExtensionRange {
+	return extRange_EnumOptions
+}
+
+const Default_EnumOptions_Deprecated bool = false
+
+func (m *EnumOptions) GetAllowAlias() bool {
+	if m != nil && m.AllowAlias != nil {
+		return *m.AllowAlias
+	}
+	return false
+}
+
+func (m *EnumOptions) GetDeprecated() bool {
+	if m != nil && m.Deprecated != nil {
+		return *m.Deprecated
+	}
+	return Default_EnumOptions_Deprecated
+}
+
+func (m *EnumOptions) GetUninterpretedOption() []*UninterpretedOption {
+	if m != nil {
+		return m.UninterpretedOption
+	}
+	return nil
+}
+
+type EnumValueOptions struct {
+	// Is this enum value deprecated?
+	// Depending on the target platform, this can emit Deprecated annotations
+	// for the enum value, or it will be completely ignored; in the very least,
+	// this is a formalization for deprecating enum values.
+	Deprecated *bool `protobuf:"varint,1,opt,name=deprecated,def=0" json:"deprecated,omitempty"`
+	// The parser stores options it doesn't recognize here. See above.
+	UninterpretedOption          []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
+	proto.XXX_InternalExtensions `json:"-"`
+	XXX_unrecognized             []byte `json:"-"`
+}
+
+func (m *EnumValueOptions) Reset()                    { *m = EnumValueOptions{} }
+func (m *EnumValueOptions) String() string            { return proto.CompactTextString(m) }
+func (*EnumValueOptions) ProtoMessage()               {}
+func (*EnumValueOptions) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{15} }
+
+var extRange_EnumValueOptions = []proto.ExtensionRange{
+	{1000, 536870911},
+}
+
+func (*EnumValueOptions) ExtensionRangeArray() []proto.ExtensionRange {
+	return extRange_EnumValueOptions
+}
+
+const Default_EnumValueOptions_Deprecated bool = false
+
+func (m *EnumValueOptions) GetDeprecated() bool {
+	if m != nil && m.Deprecated != nil {
+		return *m.Deprecated
+	}
+	return Default_EnumValueOptions_Deprecated
+}
+
+func (m *EnumValueOptions) GetUninterpretedOption() []*UninterpretedOption {
+	if m != nil {
+		return m.UninterpretedOption
+	}
+	return nil
+}
+
+type ServiceOptions struct {
+	// Is this service deprecated?
+	// Depending on the target platform, this can emit Deprecated annotations
+	// for the service, or it will be completely ignored; in the very least,
+	// this is a formalization for deprecating services.
+	Deprecated *bool `protobuf:"varint,33,opt,name=deprecated,def=0" json:"deprecated,omitempty"`
+	// The parser stores options it doesn't recognize here. See above.
+	UninterpretedOption          []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
+	proto.XXX_InternalExtensions `json:"-"`
+	XXX_unrecognized             []byte `json:"-"`
+}
+
+func (m *ServiceOptions) Reset()                    { *m = ServiceOptions{} }
+func (m *ServiceOptions) String() string            { return proto.CompactTextString(m) }
+func (*ServiceOptions) ProtoMessage()               {}
+func (*ServiceOptions) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{16} }
+
+var extRange_ServiceOptions = []proto.ExtensionRange{
+	{1000, 536870911},
+}
+
+func (*ServiceOptions) ExtensionRangeArray() []proto.ExtensionRange {
+	return extRange_ServiceOptions
+}
+
+const Default_ServiceOptions_Deprecated bool = false
+
+func (m *ServiceOptions) GetDeprecated() bool {
+	if m != nil && m.Deprecated != nil {
+		return *m.Deprecated
+	}
+	return Default_ServiceOptions_Deprecated
+}
+
+func (m *ServiceOptions) GetUninterpretedOption() []*UninterpretedOption {
+	if m != nil {
+		return m.UninterpretedOption
+	}
+	return nil
+}
+
+type MethodOptions struct {
+	// Is this method deprecated?
+	// Depending on the target platform, this can emit Deprecated annotations
+	// for the method, or it will be completely ignored; in the very least,
+	// this is a formalization for deprecating methods.
+	Deprecated       *bool                           `protobuf:"varint,33,opt,name=deprecated,def=0" json:"deprecated,omitempty"`
+	IdempotencyLevel *MethodOptions_IdempotencyLevel `protobuf:"varint,34,opt,name=idempotency_level,json=idempotencyLevel,enum=google.protobuf.MethodOptions_IdempotencyLevel,def=0" json:"idempotency_level,omitempty"`
+	// The parser stores options it doesn't recognize here. See above.
+	UninterpretedOption          []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
+	proto.XXX_InternalExtensions `json:"-"`
+	XXX_unrecognized             []byte `json:"-"`
+}
+
+func (m *MethodOptions) Reset()                    { *m = MethodOptions{} }
+func (m *MethodOptions) String() string            { return proto.CompactTextString(m) }
+func (*MethodOptions) ProtoMessage()               {}
+func (*MethodOptions) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{17} }
+
+var extRange_MethodOptions = []proto.ExtensionRange{
+	{1000, 536870911},
+}
+
+func (*MethodOptions) ExtensionRangeArray() []proto.ExtensionRange {
+	return extRange_MethodOptions
+}
+
+const Default_MethodOptions_Deprecated bool = false
+const Default_MethodOptions_IdempotencyLevel MethodOptions_IdempotencyLevel = MethodOptions_IDEMPOTENCY_UNKNOWN
+
+func (m *MethodOptions) GetDeprecated() bool {
+	if m != nil && m.Deprecated != nil {
+		return *m.Deprecated
+	}
+	return Default_MethodOptions_Deprecated
+}
+
+func (m *MethodOptions) GetIdempotencyLevel() MethodOptions_IdempotencyLevel {
+	if m != nil && m.IdempotencyLevel != nil {
+		return *m.IdempotencyLevel
+	}
+	return Default_MethodOptions_IdempotencyLevel
+}
+
+func (m *MethodOptions) GetUninterpretedOption() []*UninterpretedOption {
+	if m != nil {
+		return m.UninterpretedOption
+	}
+	return nil
+}
+
+// A message representing a option the parser does not recognize. This only
+// appears in options protos created by the compiler::Parser class.
+// DescriptorPool resolves these when building Descriptor objects. Therefore,
+// options protos in descriptor objects (e.g. returned by Descriptor::options(),
+// or produced by Descriptor::CopyTo()) will never have UninterpretedOptions
+// in them.
+type UninterpretedOption struct {
+	Name []*UninterpretedOption_NamePart `protobuf:"bytes,2,rep,name=name" json:"name,omitempty"`
+	// The value of the uninterpreted option, in whatever type the tokenizer
+	// identified it as during parsing. Exactly one of these should be set.
+	IdentifierValue  *string  `protobuf:"bytes,3,opt,name=identifier_value,json=identifierValue" json:"identifier_value,omitempty"`
+	PositiveIntValue *uint64  `protobuf:"varint,4,opt,name=positive_int_value,json=positiveIntValue" json:"positive_int_value,omitempty"`
+	NegativeIntValue *int64   `protobuf:"varint,5,opt,name=negative_int_value,json=negativeIntValue" json:"negative_int_value,omitempty"`
+	DoubleValue      *float64 `protobuf:"fixed64,6,opt,name=double_value,json=doubleValue" json:"double_value,omitempty"`
+	StringValue      []byte   `protobuf:"bytes,7,opt,name=string_value,json=stringValue" json:"string_value,omitempty"`
+	AggregateValue   *string  `protobuf:"bytes,8,opt,name=aggregate_value,json=aggregateValue" json:"aggregate_value,omitempty"`
+	XXX_unrecognized []byte   `json:"-"`
+}
+
+func (m *UninterpretedOption) Reset()                    { *m = UninterpretedOption{} }
+func (m *UninterpretedOption) String() string            { return proto.CompactTextString(m) }
+func (*UninterpretedOption) ProtoMessage()               {}
+func (*UninterpretedOption) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{18} }
+
+func (m *UninterpretedOption) GetName() []*UninterpretedOption_NamePart {
+	if m != nil {
+		return m.Name
+	}
+	return nil
+}
+
+func (m *UninterpretedOption) GetIdentifierValue() string {
+	if m != nil && m.IdentifierValue != nil {
+		return *m.IdentifierValue
+	}
+	return ""
+}
+
+func (m *UninterpretedOption) GetPositiveIntValue() uint64 {
+	if m != nil && m.PositiveIntValue != nil {
+		return *m.PositiveIntValue
+	}
+	return 0
+}
+
+func (m *UninterpretedOption) GetNegativeIntValue() int64 {
+	if m != nil && m.NegativeIntValue != nil {
+		return *m.NegativeIntValue
+	}
+	return 0
+}
+
+func (m *UninterpretedOption) GetDoubleValue() float64 {
+	if m != nil && m.DoubleValue != nil {
+		return *m.DoubleValue
+	}
+	return 0
+}
+
+func (m *UninterpretedOption) GetStringValue() []byte {
+	if m != nil {
+		return m.StringValue
+	}
+	return nil
+}
+
+func (m *UninterpretedOption) GetAggregateValue() string {
+	if m != nil && m.AggregateValue != nil {
+		return *m.AggregateValue
+	}
+	return ""
+}
+
+// The name of the uninterpreted option.  Each string represents a segment in
+// a dot-separated name.  is_extension is true iff a segment represents an
+// extension (denoted with parentheses in options specs in .proto files).
+// E.g.,{ ["foo", false], ["bar.baz", true], ["qux", false] } represents
+// "foo.(bar.baz).qux".
+type UninterpretedOption_NamePart struct {
+	NamePart         *string `protobuf:"bytes,1,req,name=name_part,json=namePart" json:"name_part,omitempty"`
+	IsExtension      *bool   `protobuf:"varint,2,req,name=is_extension,json=isExtension" json:"is_extension,omitempty"`
+	XXX_unrecognized []byte  `json:"-"`
+}
+
+func (m *UninterpretedOption_NamePart) Reset()         { *m = UninterpretedOption_NamePart{} }
+func (m *UninterpretedOption_NamePart) String() string { return proto.CompactTextString(m) }
+func (*UninterpretedOption_NamePart) ProtoMessage()    {}
+func (*UninterpretedOption_NamePart) Descriptor() ([]byte, []int) {
+	return fileDescriptor0, []int{18, 0}
+}
+
+func (m *UninterpretedOption_NamePart) GetNamePart() string {
+	if m != nil && m.NamePart != nil {
+		return *m.NamePart
+	}
+	return ""
+}
+
+func (m *UninterpretedOption_NamePart) GetIsExtension() bool {
+	if m != nil && m.IsExtension != nil {
+		return *m.IsExtension
+	}
+	return false
+}
+
+// Encapsulates information about the original source file from which a
+// FileDescriptorProto was generated.
+type SourceCodeInfo struct {
+	// A Location identifies a piece of source code in a .proto file which
+	// corresponds to a particular definition.  This information is intended
+	// to be useful to IDEs, code indexers, documentation generators, and similar
+	// tools.
+	//
+	// For example, say we have a file like:
+	//   message Foo {
+	//     optional string foo = 1;
+	//   }
+	// Let's look at just the field definition:
+	//   optional string foo = 1;
+	//   ^       ^^     ^^  ^  ^^^
+	//   a       bc     de  f  ghi
+	// We have the following locations:
+	//   span   path               represents
+	//   [a,i)  [ 4, 0, 2, 0 ]     The whole field definition.
+	//   [a,b)  [ 4, 0, 2, 0, 4 ]  The label (optional).
+	//   [c,d)  [ 4, 0, 2, 0, 5 ]  The type (string).
+	//   [e,f)  [ 4, 0, 2, 0, 1 ]  The name (foo).
+	//   [g,h)  [ 4, 0, 2, 0, 3 ]  The number (1).
+	//
+	// Notes:
+	// - A location may refer to a repeated field itself (i.e. not to any
+	//   particular index within it).  This is used whenever a set of elements are
+	//   logically enclosed in a single code segment.  For example, an entire
+	//   extend block (possibly containing multiple extension definitions) will
+	//   have an outer location whose path refers to the "extensions" repeated
+	//   field without an index.
+	// - Multiple locations may have the same path.  This happens when a single
+	//   logical declaration is spread out across multiple places.  The most
+	//   obvious example is the "extend" block again -- there may be multiple
+	//   extend blocks in the same scope, each of which will have the same path.
+	// - A location's span is not always a subset of its parent's span.  For
+	//   example, the "extendee" of an extension declaration appears at the
+	//   beginning of the "extend" block and is shared by all extensions within
+	//   the block.
+	// - Just because a location's span is a subset of some other location's span
+	//   does not mean that it is a descendent.  For example, a "group" defines
+	//   both a type and a field in a single declaration.  Thus, the locations
+	//   corresponding to the type and field and their components will overlap.
+	// - Code which tries to interpret locations should probably be designed to
+	//   ignore those that it doesn't understand, as more types of locations could
+	//   be recorded in the future.
+	Location         []*SourceCodeInfo_Location `protobuf:"bytes,1,rep,name=location" json:"location,omitempty"`
+	XXX_unrecognized []byte                     `json:"-"`
+}
+
+func (m *SourceCodeInfo) Reset()                    { *m = SourceCodeInfo{} }
+func (m *SourceCodeInfo) String() string            { return proto.CompactTextString(m) }
+func (*SourceCodeInfo) ProtoMessage()               {}
+func (*SourceCodeInfo) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{19} }
+
+func (m *SourceCodeInfo) GetLocation() []*SourceCodeInfo_Location {
+	if m != nil {
+		return m.Location
+	}
+	return nil
+}
+
+type SourceCodeInfo_Location struct {
+	// Identifies which part of the FileDescriptorProto was defined at this
+	// location.
+	//
+	// Each element is a field number or an index.  They form a path from
+	// the root FileDescriptorProto to the place where the definition.  For
+	// example, this path:
+	//   [ 4, 3, 2, 7, 1 ]
+	// refers to:
+	//   file.message_type(3)  // 4, 3
+	//       .field(7)         // 2, 7
+	//       .name()           // 1
+	// This is because FileDescriptorProto.message_type has field number 4:
+	//   repeated DescriptorProto message_type = 4;
+	// and DescriptorProto.field has field number 2:
+	//   repeated FieldDescriptorProto field = 2;
+	// and FieldDescriptorProto.name has field number 1:
+	//   optional string name = 1;
+	//
+	// Thus, the above path gives the location of a field name.  If we removed
+	// the last element:
+	//   [ 4, 3, 2, 7 ]
+	// this path refers to the whole field declaration (from the beginning
+	// of the label to the terminating semicolon).
+	Path []int32 `protobuf:"varint,1,rep,packed,name=path" json:"path,omitempty"`
+	// Always has exactly three or four elements: start line, start column,
+	// end line (optional, otherwise assumed same as start line), end column.
+	// These are packed into a single field for efficiency.  Note that line
+	// and column numbers are zero-based -- typically you will want to add
+	// 1 to each before displaying to a user.
+	Span []int32 `protobuf:"varint,2,rep,packed,name=span" json:"span,omitempty"`
+	// If this SourceCodeInfo represents a complete declaration, these are any
+	// comments appearing before and after the declaration which appear to be
+	// attached to the declaration.
+	//
+	// A series of line comments appearing on consecutive lines, with no other
+	// tokens appearing on those lines, will be treated as a single comment.
+	//
+	// leading_detached_comments will keep paragraphs of comments that appear
+	// before (but not connected to) the current element. Each paragraph,
+	// separated by empty lines, will be one comment element in the repeated
+	// field.
+	//
+	// Only the comment content is provided; comment markers (e.g. //) are
+	// stripped out.  For block comments, leading whitespace and an asterisk
+	// will be stripped from the beginning of each line other than the first.
+	// Newlines are included in the output.
+	//
+	// Examples:
+	//
+	//   optional int32 foo = 1;  // Comment attached to foo.
+	//   // Comment attached to bar.
+	//   optional int32 bar = 2;
+	//
+	//   optional string baz = 3;
+	//   // Comment attached to baz.
+	//   // Another line attached to baz.
+	//
+	//   // Comment attached to qux.
+	//   //
+	//   // Another line attached to qux.
+	//   optional double qux = 4;
+	//
+	//   // Detached comment for corge. This is not leading or trailing comments
+	//   // to qux or corge because there are blank lines separating it from
+	//   // both.
+	//
+	//   // Detached comment for corge paragraph 2.
+	//
+	//   optional string corge = 5;
+	//   /* Block comment attached
+	//    * to corge.  Leading asterisks
+	//    * will be removed. */
+	//   /* Block comment attached to
+	//    * grault. */
+	//   optional int32 grault = 6;
+	//
+	//   // ignored detached comments.
+	LeadingComments         *string  `protobuf:"bytes,3,opt,name=leading_comments,json=leadingComments" json:"leading_comments,omitempty"`
+	TrailingComments        *string  `protobuf:"bytes,4,opt,name=trailing_comments,json=trailingComments" json:"trailing_comments,omitempty"`
+	LeadingDetachedComments []string `protobuf:"bytes,6,rep,name=leading_detached_comments,json=leadingDetachedComments" json:"leading_detached_comments,omitempty"`
+	XXX_unrecognized        []byte   `json:"-"`
+}
+
+func (m *SourceCodeInfo_Location) Reset()                    { *m = SourceCodeInfo_Location{} }
+func (m *SourceCodeInfo_Location) String() string            { return proto.CompactTextString(m) }
+func (*SourceCodeInfo_Location) ProtoMessage()               {}
+func (*SourceCodeInfo_Location) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{19, 0} }
+
+func (m *SourceCodeInfo_Location) GetPath() []int32 {
+	if m != nil {
+		return m.Path
+	}
+	return nil
+}
+
+func (m *SourceCodeInfo_Location) GetSpan() []int32 {
+	if m != nil {
+		return m.Span
+	}
+	return nil
+}
+
+func (m *SourceCodeInfo_Location) GetLeadingComments() string {
+	if m != nil && m.LeadingComments != nil {
+		return *m.LeadingComments
+	}
+	return ""
+}
+
+func (m *SourceCodeInfo_Location) GetTrailingComments() string {
+	if m != nil && m.TrailingComments != nil {
+		return *m.TrailingComments
+	}
+	return ""
+}
+
+func (m *SourceCodeInfo_Location) GetLeadingDetachedComments() []string {
+	if m != nil {
+		return m.LeadingDetachedComments
+	}
+	return nil
+}
+
+// Describes the relationship between generated code and its original source
+// file. A GeneratedCodeInfo message is associated with only one generated
+// source file, but may contain references to different source .proto files.
+type GeneratedCodeInfo struct {
+	// An Annotation connects some span of text in generated code to an element
+	// of its generating .proto file.
+	Annotation       []*GeneratedCodeInfo_Annotation `protobuf:"bytes,1,rep,name=annotation" json:"annotation,omitempty"`
+	XXX_unrecognized []byte                          `json:"-"`
+}
+
+func (m *GeneratedCodeInfo) Reset()                    { *m = GeneratedCodeInfo{} }
+func (m *GeneratedCodeInfo) String() string            { return proto.CompactTextString(m) }
+func (*GeneratedCodeInfo) ProtoMessage()               {}
+func (*GeneratedCodeInfo) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{20} }
+
+func (m *GeneratedCodeInfo) GetAnnotation() []*GeneratedCodeInfo_Annotation {
+	if m != nil {
+		return m.Annotation
+	}
+	return nil
+}
+
+type GeneratedCodeInfo_Annotation struct {
+	// Identifies the element in the original source .proto file. This field
+	// is formatted the same as SourceCodeInfo.Location.path.
+	Path []int32 `protobuf:"varint,1,rep,packed,name=path" json:"path,omitempty"`
+	// Identifies the filesystem path to the original source .proto.
+	SourceFile *string `protobuf:"bytes,2,opt,name=source_file,json=sourceFile" json:"source_file,omitempty"`
+	// Identifies the starting offset in bytes in the generated code
+	// that relates to the identified object.
+	Begin *int32 `protobuf:"varint,3,opt,name=begin" json:"begin,omitempty"`
+	// Identifies the ending offset in bytes in the generated code that
+	// relates to the identified offset. The end offset should be one past
+	// the last relevant byte (so the length of the text = end - begin).
+	End              *int32 `protobuf:"varint,4,opt,name=end" json:"end,omitempty"`
+	XXX_unrecognized []byte `json:"-"`
+}
+
+func (m *GeneratedCodeInfo_Annotation) Reset()         { *m = GeneratedCodeInfo_Annotation{} }
+func (m *GeneratedCodeInfo_Annotation) String() string { return proto.CompactTextString(m) }
+func (*GeneratedCodeInfo_Annotation) ProtoMessage()    {}
+func (*GeneratedCodeInfo_Annotation) Descriptor() ([]byte, []int) {
+	return fileDescriptor0, []int{20, 0}
+}
+
+func (m *GeneratedCodeInfo_Annotation) GetPath() []int32 {
+	if m != nil {
+		return m.Path
+	}
+	return nil
+}
+
+func (m *GeneratedCodeInfo_Annotation) GetSourceFile() string {
+	if m != nil && m.SourceFile != nil {
+		return *m.SourceFile
+	}
+	return ""
+}
+
+func (m *GeneratedCodeInfo_Annotation) GetBegin() int32 {
+	if m != nil && m.Begin != nil {
+		return *m.Begin
+	}
+	return 0
+}
+
+func (m *GeneratedCodeInfo_Annotation) GetEnd() int32 {
+	if m != nil && m.End != nil {
+		return *m.End
+	}
+	return 0
+}
+
+func init() {
+	proto.RegisterType((*FileDescriptorSet)(nil), "google.protobuf.FileDescriptorSet")
+	proto.RegisterType((*FileDescriptorProto)(nil), "google.protobuf.FileDescriptorProto")
+	proto.RegisterType((*DescriptorProto)(nil), "google.protobuf.DescriptorProto")
+	proto.RegisterType((*DescriptorProto_ExtensionRange)(nil), "google.protobuf.DescriptorProto.ExtensionRange")
+	proto.RegisterType((*DescriptorProto_ReservedRange)(nil), "google.protobuf.DescriptorProto.ReservedRange")
+	proto.RegisterType((*ExtensionRangeOptions)(nil), "google.protobuf.ExtensionRangeOptions")
+	proto.RegisterType((*FieldDescriptorProto)(nil), "google.protobuf.FieldDescriptorProto")
+	proto.RegisterType((*OneofDescriptorProto)(nil), "google.protobuf.OneofDescriptorProto")
+	proto.RegisterType((*EnumDescriptorProto)(nil), "google.protobuf.EnumDescriptorProto")
+	proto.RegisterType((*EnumValueDescriptorProto)(nil), "google.protobuf.EnumValueDescriptorProto")
+	proto.RegisterType((*ServiceDescriptorProto)(nil), "google.protobuf.ServiceDescriptorProto")
+	proto.RegisterType((*MethodDescriptorProto)(nil), "google.protobuf.MethodDescriptorProto")
+	proto.RegisterType((*FileOptions)(nil), "google.protobuf.FileOptions")
+	proto.RegisterType((*MessageOptions)(nil), "google.protobuf.MessageOptions")
+	proto.RegisterType((*FieldOptions)(nil), "google.protobuf.FieldOptions")
+	proto.RegisterType((*OneofOptions)(nil), "google.protobuf.OneofOptions")
+	proto.RegisterType((*EnumOptions)(nil), "google.protobuf.EnumOptions")
+	proto.RegisterType((*EnumValueOptions)(nil), "google.protobuf.EnumValueOptions")
+	proto.RegisterType((*ServiceOptions)(nil), "google.protobuf.ServiceOptions")
+	proto.RegisterType((*MethodOptions)(nil), "google.protobuf.MethodOptions")
+	proto.RegisterType((*UninterpretedOption)(nil), "google.protobuf.UninterpretedOption")
+	proto.RegisterType((*UninterpretedOption_NamePart)(nil), "google.protobuf.UninterpretedOption.NamePart")
+	proto.RegisterType((*SourceCodeInfo)(nil), "google.protobuf.SourceCodeInfo")
+	proto.RegisterType((*SourceCodeInfo_Location)(nil), "google.protobuf.SourceCodeInfo.Location")
+	proto.RegisterType((*GeneratedCodeInfo)(nil), "google.protobuf.GeneratedCodeInfo")
+	proto.RegisterType((*GeneratedCodeInfo_Annotation)(nil), "google.protobuf.GeneratedCodeInfo.Annotation")
+	proto.RegisterEnum("google.protobuf.FieldDescriptorProto_Type", FieldDescriptorProto_Type_name, FieldDescriptorProto_Type_value)
+	proto.RegisterEnum("google.protobuf.FieldDescriptorProto_Label", FieldDescriptorProto_Label_name, FieldDescriptorProto_Label_value)
+	proto.RegisterEnum("google.protobuf.FileOptions_OptimizeMode", FileOptions_OptimizeMode_name, FileOptions_OptimizeMode_value)
+	proto.RegisterEnum("google.protobuf.FieldOptions_CType", FieldOptions_CType_name, FieldOptions_CType_value)
+	proto.RegisterEnum("google.protobuf.FieldOptions_JSType", FieldOptions_JSType_name, FieldOptions_JSType_value)
+	proto.RegisterEnum("google.protobuf.MethodOptions_IdempotencyLevel", MethodOptions_IdempotencyLevel_name, MethodOptions_IdempotencyLevel_value)
+}
+
+func init() { proto.RegisterFile("google/protobuf/descriptor.proto", fileDescriptor0) }
+
+var fileDescriptor0 = []byte{
+	// 2519 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xc4, 0x59, 0xdd, 0x6e, 0x1b, 0xc7,
+	0x15, 0x0e, 0x7f, 0x45, 0x1e, 0x52, 0xd4, 0x68, 0xa4, 0xd8, 0x6b, 0xe5, 0xc7, 0x32, 0xf3, 0x63,
+	0xd9, 0x69, 0xa8, 0x40, 0xb1, 0x1d, 0x47, 0x29, 0xd2, 0x52, 0xe4, 0x5a, 0xa1, 0x4a, 0x91, 0xec,
+	0x92, 0x6a, 0x7e, 0x6e, 0x16, 0xa3, 0xdd, 0x21, 0xb9, 0xf6, 0x72, 0x77, 0xb3, 0xbb, 0xb4, 0xad,
+	0xa0, 0x17, 0x06, 0x7a, 0x55, 0xa0, 0x0f, 0x50, 0x14, 0x45, 0x2f, 0x72, 0x13, 0xa0, 0x0f, 0x50,
+	0x20, 0x77, 0x7d, 0x82, 0x02, 0x79, 0x83, 0xa2, 0x28, 0xd0, 0x3e, 0x46, 0x31, 0x33, 0xbb, 0xcb,
+	0x5d, 0xfe, 0xc4, 0x6a, 0x80, 0x38, 0x57, 0xe4, 0x7c, 0xe7, 0x3b, 0x67, 0xce, 0x9c, 0x39, 0x33,
+	0x73, 0x66, 0x16, 0x76, 0x47, 0xb6, 0x3d, 0x32, 0xe9, 0xbe, 0xe3, 0xda, 0xbe, 0x7d, 0x3e, 0x1d,
+	0xee, 0xeb, 0xd4, 0xd3, 0x5c, 0xc3, 0xf1, 0x6d, 0xb7, 0xc6, 0x31, 0xbc, 0x21, 0x18, 0xb5, 0x90,
+	0x51, 0x3d, 0x85, 0xcd, 0x07, 0x86, 0x49, 0x9b, 0x11, 0xb1, 0x4f, 0x7d, 0x7c, 0x1f, 0xb2, 0x43,
+	0xc3, 0xa4, 0x52, 0x6a, 0x37, 0xb3, 0x57, 0x3a, 0x78, 0xb3, 0x36, 0xa7, 0x54, 0x4b, 0x6a, 0xf4,
+	0x18, 0xac, 0x70, 0x8d, 0xea, 0xbf, 0xb3, 0xb0, 0xb5, 0x44, 0x8a, 0x31, 0x64, 0x2d, 0x32, 0x61,
+	0x16, 0x53, 0x7b, 0x45, 0x85, 0xff, 0xc7, 0x12, 0xac, 0x39, 0x44, 0x7b, 0x44, 0x46, 0x54, 0x4a,
+	0x73, 0x38, 0x6c, 0xe2, 0xd7, 0x01, 0x74, 0xea, 0x50, 0x4b, 0xa7, 0x96, 0x76, 0x21, 0x65, 0x76,
+	0x33, 0x7b, 0x45, 0x25, 0x86, 0xe0, 0x77, 0x60, 0xd3, 0x99, 0x9e, 0x9b, 0x86, 0xa6, 0xc6, 0x68,
+	0xb0, 0x9b, 0xd9, 0xcb, 0x29, 0x48, 0x08, 0x9a, 0x33, 0xf2, 0x4d, 0xd8, 0x78, 0x42, 0xc9, 0xa3,
+	0x38, 0xb5, 0xc4, 0xa9, 0x15, 0x06, 0xc7, 0x88, 0x0d, 0x28, 0x4f, 0xa8, 0xe7, 0x91, 0x11, 0x55,
+	0xfd, 0x0b, 0x87, 0x4a, 0x59, 0x3e, 0xfa, 0xdd, 0x85, 0xd1, 0xcf, 0x8f, 0xbc, 0x14, 0x68, 0x0d,
+	0x2e, 0x1c, 0x8a, 0xeb, 0x50, 0xa4, 0xd6, 0x74, 0x22, 0x2c, 0xe4, 0x56, 0xc4, 0x4f, 0xb6, 0xa6,
+	0x93, 0x79, 0x2b, 0x05, 0xa6, 0x16, 0x98, 0x58, 0xf3, 0xa8, 0xfb, 0xd8, 0xd0, 0xa8, 0x94, 0xe7,
+	0x06, 0x6e, 0x2e, 0x18, 0xe8, 0x0b, 0xf9, 0xbc, 0x8d, 0x50, 0x0f, 0x37, 0xa0, 0x48, 0x9f, 0xfa,
+	0xd4, 0xf2, 0x0c, 0xdb, 0x92, 0xd6, 0xb8, 0x91, 0xb7, 0x96, 0xcc, 0x22, 0x35, 0xf5, 0x79, 0x13,
+	0x33, 0x3d, 0x7c, 0x0f, 0xd6, 0x6c, 0xc7, 0x37, 0x6c, 0xcb, 0x93, 0x0a, 0xbb, 0xa9, 0xbd, 0xd2,
+	0xc1, 0xab, 0x4b, 0x13, 0xa1, 0x2b, 0x38, 0x4a, 0x48, 0xc6, 0x2d, 0x40, 0x9e, 0x3d, 0x75, 0x35,
+	0xaa, 0x6a, 0xb6, 0x4e, 0x55, 0xc3, 0x1a, 0xda, 0x52, 0x91, 0x1b, 0xb8, 0xbe, 0x38, 0x10, 0x4e,
+	0x6c, 0xd8, 0x3a, 0x6d, 0x59, 0x43, 0x5b, 0xa9, 0x78, 0x89, 0x36, 0xbe, 0x02, 0x79, 0xef, 0xc2,
+	0xf2, 0xc9, 0x53, 0xa9, 0xcc, 0x33, 0x24, 0x68, 0x55, 0xbf, 0xcd, 0xc3, 0xc6, 0x65, 0x52, 0xec,
+	0x23, 0xc8, 0x0d, 0xd9, 0x28, 0xa5, 0xf4, 0xff, 0x13, 0x03, 0xa1, 0x93, 0x0c, 0x62, 0xfe, 0x07,
+	0x06, 0xb1, 0x0e, 0x25, 0x8b, 0x7a, 0x3e, 0xd5, 0x45, 0x46, 0x64, 0x2e, 0x99, 0x53, 0x20, 0x94,
+	0x16, 0x53, 0x2a, 0xfb, 0x83, 0x52, 0xea, 0x33, 0xd8, 0x88, 0x5c, 0x52, 0x5d, 0x62, 0x8d, 0xc2,
+	0xdc, 0xdc, 0x7f, 0x9e, 0x27, 0x35, 0x39, 0xd4, 0x53, 0x98, 0x9a, 0x52, 0xa1, 0x89, 0x36, 0x6e,
+	0x02, 0xd8, 0x16, 0xb5, 0x87, 0xaa, 0x4e, 0x35, 0x53, 0x2a, 0xac, 0x88, 0x52, 0x97, 0x51, 0x16,
+	0xa2, 0x64, 0x0b, 0x54, 0x33, 0xf1, 0x87, 0xb3, 0x54, 0x5b, 0x5b, 0x91, 0x29, 0xa7, 0x62, 0x91,
+	0x2d, 0x64, 0xdb, 0x19, 0x54, 0x5c, 0xca, 0xf2, 0x9e, 0xea, 0xc1, 0xc8, 0x8a, 0xdc, 0x89, 0xda,
+	0x73, 0x47, 0xa6, 0x04, 0x6a, 0x62, 0x60, 0xeb, 0x6e, 0xbc, 0x89, 0xdf, 0x80, 0x08, 0x50, 0x79,
+	0x5a, 0x01, 0xdf, 0x85, 0xca, 0x21, 0xd8, 0x21, 0x13, 0xba, 0xf3, 0x15, 0x54, 0x92, 0xe1, 0xc1,
+	0xdb, 0x90, 0xf3, 0x7c, 0xe2, 0xfa, 0x3c, 0x0b, 0x73, 0x8a, 0x68, 0x60, 0x04, 0x19, 0x6a, 0xe9,
+	0x7c, 0x97, 0xcb, 0x29, 0xec, 0x2f, 0xfe, 0xe5, 0x6c, 0xc0, 0x19, 0x3e, 0xe0, 0xb7, 0x17, 0x67,
+	0x34, 0x61, 0x79, 0x7e, 0xdc, 0x3b, 0x1f, 0xc0, 0x7a, 0x62, 0x00, 0x97, 0xed, 0xba, 0xfa, 0x5b,
+	0x78, 0x79, 0xa9, 0x69, 0xfc, 0x19, 0x6c, 0x4f, 0x2d, 0xc3, 0xf2, 0xa9, 0xeb, 0xb8, 0x94, 0x65,
+	0xac, 0xe8, 0x4a, 0xfa, 0xcf, 0xda, 0x8a, 0x9c, 0x3b, 0x8b, 0xb3, 0x85, 0x15, 0x65, 0x6b, 0xba,
+	0x08, 0xde, 0x2e, 0x16, 0xfe, 0xbb, 0x86, 0x9e, 0x3d, 0x7b, 0xf6, 0x2c, 0x5d, 0xfd, 0x63, 0x1e,
+	0xb6, 0x97, 0xad, 0x99, 0xa5, 0xcb, 0xf7, 0x0a, 0xe4, 0xad, 0xe9, 0xe4, 0x9c, 0xba, 0x3c, 0x48,
+	0x39, 0x25, 0x68, 0xe1, 0x3a, 0xe4, 0x4c, 0x72, 0x4e, 0x4d, 0x29, 0xbb, 0x9b, 0xda, 0xab, 0x1c,
+	0xbc, 0x73, 0xa9, 0x55, 0x59, 0x6b, 0x33, 0x15, 0x45, 0x68, 0xe2, 0x8f, 0x21, 0x1b, 0x6c, 0xd1,
+	0xcc, 0xc2, 0xed, 0xcb, 0x59, 0x60, 0x6b, 0x49, 0xe1, 0x7a, 0xf8, 0x15, 0x28, 0xb2, 0x5f, 0x91,
+	0x1b, 0x79, 0xee, 0x73, 0x81, 0x01, 0x2c, 0x2f, 0xf0, 0x0e, 0x14, 0xf8, 0x32, 0xd1, 0x69, 0x78,
+	0xb4, 0x45, 0x6d, 0x96, 0x58, 0x3a, 0x1d, 0x92, 0xa9, 0xe9, 0xab, 0x8f, 0x89, 0x39, 0xa5, 0x3c,
+	0xe1, 0x8b, 0x4a, 0x39, 0x00, 0x7f, 0xc3, 0x30, 0x7c, 0x1d, 0x4a, 0x62, 0x55, 0x19, 0x96, 0x4e,
+	0x9f, 0xf2, 0xdd, 0x33, 0xa7, 0x88, 0x85, 0xd6, 0x62, 0x08, 0xeb, 0xfe, 0xa1, 0x67, 0x5b, 0x61,
+	0x6a, 0xf2, 0x2e, 0x18, 0xc0, 0xbb, 0xff, 0x60, 0x7e, 0xe3, 0x7e, 0x6d, 0xf9, 0xf0, 0xe6, 0x73,
+	0xaa, 0xfa, 0xb7, 0x34, 0x64, 0xf9, 0x7e, 0xb1, 0x01, 0xa5, 0xc1, 0xe7, 0x3d, 0x59, 0x6d, 0x76,
+	0xcf, 0x8e, 0xda, 0x32, 0x4a, 0xe1, 0x0a, 0x00, 0x07, 0x1e, 0xb4, 0xbb, 0xf5, 0x01, 0x4a, 0x47,
+	0xed, 0x56, 0x67, 0x70, 0xef, 0x0e, 0xca, 0x44, 0x0a, 0x67, 0x02, 0xc8, 0xc6, 0x09, 0xef, 0x1f,
+	0xa0, 0x1c, 0x46, 0x50, 0x16, 0x06, 0x5a, 0x9f, 0xc9, 0xcd, 0x7b, 0x77, 0x50, 0x3e, 0x89, 0xbc,
+	0x7f, 0x80, 0xd6, 0xf0, 0x3a, 0x14, 0x39, 0x72, 0xd4, 0xed, 0xb6, 0x51, 0x21, 0xb2, 0xd9, 0x1f,
+	0x28, 0xad, 0xce, 0x31, 0x2a, 0x46, 0x36, 0x8f, 0x95, 0xee, 0x59, 0x0f, 0x41, 0x64, 0xe1, 0x54,
+	0xee, 0xf7, 0xeb, 0xc7, 0x32, 0x2a, 0x45, 0x8c, 0xa3, 0xcf, 0x07, 0x72, 0x1f, 0x95, 0x13, 0x6e,
+	0xbd, 0x7f, 0x80, 0xd6, 0xa3, 0x2e, 0xe4, 0xce, 0xd9, 0x29, 0xaa, 0xe0, 0x4d, 0x58, 0x17, 0x5d,
+	0x84, 0x4e, 0x6c, 0xcc, 0x41, 0xf7, 0xee, 0x20, 0x34, 0x73, 0x44, 0x58, 0xd9, 0x4c, 0x00, 0xf7,
+	0xee, 0x20, 0x5c, 0x6d, 0x40, 0x8e, 0x67, 0x17, 0xc6, 0x50, 0x69, 0xd7, 0x8f, 0xe4, 0xb6, 0xda,
+	0xed, 0x0d, 0x5a, 0xdd, 0x4e, 0xbd, 0x8d, 0x52, 0x33, 0x4c, 0x91, 0x7f, 0x7d, 0xd6, 0x52, 0xe4,
+	0x26, 0x4a, 0xc7, 0xb1, 0x9e, 0x5c, 0x1f, 0xc8, 0x4d, 0x94, 0xa9, 0x6a, 0xb0, 0xbd, 0x6c, 0x9f,
+	0x5c, 0xba, 0x32, 0x62, 0x53, 0x9c, 0x5e, 0x31, 0xc5, 0xdc, 0xd6, 0xc2, 0x14, 0x7f, 0x9d, 0x82,
+	0xad, 0x25, 0x67, 0xc5, 0xd2, 0x4e, 0x7e, 0x01, 0x39, 0x91, 0xa2, 0xe2, 0xf4, 0xbc, 0xb5, 0xf4,
+	0xd0, 0xe1, 0x09, 0xbb, 0x70, 0x82, 0x72, 0xbd, 0x78, 0x05, 0x91, 0x59, 0x51, 0x41, 0x30, 0x13,
+	0x0b, 0x4e, 0xfe, 0x2e, 0x05, 0xd2, 0x2a, 0xdb, 0xcf, 0xd9, 0x28, 0xd2, 0x89, 0x8d, 0xe2, 0xa3,
+	0x79, 0x07, 0x6e, 0xac, 0x1e, 0xc3, 0x82, 0x17, 0xdf, 0xa4, 0xe0, 0xca, 0xf2, 0x42, 0x6b, 0xa9,
+	0x0f, 0x1f, 0x43, 0x7e, 0x42, 0xfd, 0xb1, 0x1d, 0x16, 0x1b, 0x6f, 0x2f, 0x39, 0xc2, 0x98, 0x78,
+	0x3e, 0x56, 0x81, 0x56, 0xfc, 0x0c, 0xcc, 0xac, 0xaa, 0x96, 0x84, 0x37, 0x0b, 0x9e, 0xfe, 0x3e,
+	0x0d, 0x2f, 0x2f, 0x35, 0xbe, 0xd4, 0xd1, 0xd7, 0x00, 0x0c, 0xcb, 0x99, 0xfa, 0xa2, 0xa0, 0x10,
+	0xfb, 0x53, 0x91, 0x23, 0x7c, 0xed, 0xb3, 0xbd, 0x67, 0xea, 0x47, 0xf2, 0x0c, 0x97, 0x83, 0x80,
+	0x38, 0xe1, 0xfe, 0xcc, 0xd1, 0x2c, 0x77, 0xf4, 0xf5, 0x15, 0x23, 0x5d, 0x38, 0xab, 0xdf, 0x03,
+	0xa4, 0x99, 0x06, 0xb5, 0x7c, 0xd5, 0xf3, 0x5d, 0x4a, 0x26, 0x86, 0x35, 0xe2, 0x1b, 0x70, 0xe1,
+	0x30, 0x37, 0x24, 0xa6, 0x47, 0x95, 0x0d, 0x21, 0xee, 0x87, 0x52, 0xa6, 0xc1, 0xcf, 0x38, 0x37,
+	0xa6, 0x91, 0x4f, 0x68, 0x08, 0x71, 0xa4, 0x51, 0xfd, 0xb6, 0x00, 0xa5, 0x58, 0x59, 0x8a, 0x6f,
+	0x40, 0xf9, 0x21, 0x79, 0x4c, 0xd4, 0xf0, 0xaa, 0x21, 0x22, 0x51, 0x62, 0x58, 0x2f, 0xb8, 0x6e,
+	0xbc, 0x07, 0xdb, 0x9c, 0x62, 0x4f, 0x7d, 0xea, 0xaa, 0x9a, 0x49, 0x3c, 0x8f, 0x07, 0xad, 0xc0,
+	0xa9, 0x98, 0xc9, 0xba, 0x4c, 0xd4, 0x08, 0x25, 0xf8, 0x2e, 0x6c, 0x71, 0x8d, 0xc9, 0xd4, 0xf4,
+	0x0d, 0xc7, 0xa4, 0x2a, 0xbb, 0xfc, 0x78, 0x7c, 0x23, 0x8e, 0x3c, 0xdb, 0x64, 0x8c, 0xd3, 0x80,
+	0xc0, 0x3c, 0xf2, 0x70, 0x13, 0x5e, 0xe3, 0x6a, 0x23, 0x6a, 0x51, 0x97, 0xf8, 0x54, 0xa5, 0x5f,
+	0x4e, 0x89, 0xe9, 0xa9, 0xc4, 0xd2, 0xd5, 0x31, 0xf1, 0xc6, 0xd2, 0x36, 0x33, 0x70, 0x94, 0x96,
+	0x52, 0xca, 0x35, 0x46, 0x3c, 0x0e, 0x78, 0x32, 0xa7, 0xd5, 0x2d, 0xfd, 0x13, 0xe2, 0x8d, 0xf1,
+	0x21, 0x5c, 0xe1, 0x56, 0x3c, 0xdf, 0x35, 0xac, 0x91, 0xaa, 0x8d, 0xa9, 0xf6, 0x48, 0x9d, 0xfa,
+	0xc3, 0xfb, 0xd2, 0x2b, 0xf1, 0xfe, 0xb9, 0x87, 0x7d, 0xce, 0x69, 0x30, 0xca, 0x99, 0x3f, 0xbc,
+	0x8f, 0xfb, 0x50, 0x66, 0x93, 0x31, 0x31, 0xbe, 0xa2, 0xea, 0xd0, 0x76, 0xf9, 0xc9, 0x52, 0x59,
+	0xb2, 0xb2, 0x63, 0x11, 0xac, 0x75, 0x03, 0x85, 0x53, 0x5b, 0xa7, 0x87, 0xb9, 0x7e, 0x4f, 0x96,
+	0x9b, 0x4a, 0x29, 0xb4, 0xf2, 0xc0, 0x76, 0x59, 0x42, 0x8d, 0xec, 0x28, 0xc0, 0x25, 0x91, 0x50,
+	0x23, 0x3b, 0x0c, 0xef, 0x5d, 0xd8, 0xd2, 0x34, 0x31, 0x66, 0x43, 0x53, 0x83, 0x2b, 0x8a, 0x27,
+	0xa1, 0x44, 0xb0, 0x34, 0xed, 0x58, 0x10, 0x82, 0x1c, 0xf7, 0xf0, 0x87, 0xf0, 0xf2, 0x2c, 0x58,
+	0x71, 0xc5, 0xcd, 0x85, 0x51, 0xce, 0xab, 0xde, 0x85, 0x2d, 0xe7, 0x62, 0x51, 0x11, 0x27, 0x7a,
+	0x74, 0x2e, 0xe6, 0xd5, 0x3e, 0x80, 0x6d, 0x67, 0xec, 0x2c, 0xea, 0xdd, 0x8e, 0xeb, 0x61, 0x67,
+	0xec, 0xcc, 0x2b, 0xbe, 0xc5, 0xef, 0xab, 0x2e, 0xd5, 0x88, 0x4f, 0x75, 0xe9, 0x6a, 0x9c, 0x1e,
+	0x13, 0xe0, 0x7d, 0x40, 0x9a, 0xa6, 0x52, 0x8b, 0x9c, 0x9b, 0x54, 0x25, 0x2e, 0xb5, 0x88, 0x27,
+	0x5d, 0x8f, 0x93, 0x2b, 0x9a, 0x26, 0x73, 0x69, 0x9d, 0x0b, 0xf1, 0x6d, 0xd8, 0xb4, 0xcf, 0x1f,
+	0x6a, 0x22, 0x25, 0x55, 0xc7, 0xa5, 0x43, 0xe3, 0xa9, 0xf4, 0x26, 0x8f, 0xef, 0x06, 0x13, 0xf0,
+	0x84, 0xec, 0x71, 0x18, 0xdf, 0x02, 0xa4, 0x79, 0x63, 0xe2, 0x3a, 0xbc, 0x26, 0xf0, 0x1c, 0xa2,
+	0x51, 0xe9, 0x2d, 0x41, 0x15, 0x78, 0x27, 0x84, 0xd9, 0x92, 0xf0, 0x9e, 0x18, 0x43, 0x3f, 0xb4,
+	0x78, 0x53, 0x2c, 0x09, 0x8e, 0x05, 0xd6, 0xf6, 0x00, 0xb1, 0x50, 0x24, 0x3a, 0xde, 0xe3, 0xb4,
+	0x8a, 0x33, 0x76, 0xe2, 0xfd, 0xbe, 0x01, 0xeb, 0x8c, 0x39, 0xeb, 0xf4, 0x96, 0xa8, 0x67, 0x9c,
+	0x71, 0xac, 0xc7, 0x1f, 0xad, 0xb4, 0xac, 0x1e, 0x42, 0x39, 0x9e, 0x9f, 0xb8, 0x08, 0x22, 0x43,
+	0x51, 0x8a, 0x9d, 0xf5, 0x8d, 0x6e, 0x93, 0x9d, 0xd2, 0x5f, 0xc8, 0x28, 0xcd, 0xaa, 0x85, 0x76,
+	0x6b, 0x20, 0xab, 0xca, 0x59, 0x67, 0xd0, 0x3a, 0x95, 0x51, 0x26, 0x56, 0x96, 0x9e, 0x64, 0x0b,
+	0x6f, 0xa3, 0x9b, 0xd5, 0xef, 0xd2, 0x50, 0x49, 0xde, 0x33, 0xf0, 0xcf, 0xe1, 0x6a, 0xf8, 0x28,
+	0xe0, 0x51, 0x5f, 0x7d, 0x62, 0xb8, 0x7c, 0xe1, 0x4c, 0x88, 0xa8, 0xb3, 0xa3, 0xa9, 0xdb, 0x0e,
+	0x58, 0x7d, 0xea, 0x7f, 0x6a, 0xb8, 0x6c, 0x59, 0x4c, 0x88, 0x8f, 0xdb, 0x70, 0xdd, 0xb2, 0x55,
+	0xcf, 0x27, 0x96, 0x4e, 0x5c, 0x5d, 0x9d, 0x3d, 0xc7, 0xa8, 0x44, 0xd3, 0xa8, 0xe7, 0xd9, 0xe2,
+	0xc0, 0x8a, 0xac, 0xbc, 0x6a, 0xd9, 0xfd, 0x80, 0x3c, 0xdb, 0xc9, 0xeb, 0x01, 0x75, 0x2e, 0xcd,
+	0x32, 0xab, 0xd2, 0xec, 0x15, 0x28, 0x4e, 0x88, 0xa3, 0x52, 0xcb, 0x77, 0x2f, 0x78, 0x75, 0x59,
+	0x50, 0x0a, 0x13, 0xe2, 0xc8, 0xac, 0xfd, 0x42, 0x8a, 0xfc, 0x93, 0x6c, 0xa1, 0x80, 0x8a, 0x27,
+	0xd9, 0x42, 0x11, 0x41, 0xf5, 0x5f, 0x19, 0x28, 0xc7, 0xab, 0x4d, 0x56, 0xbc, 0x6b, 0xfc, 0x64,
+	0x49, 0xf1, 0xbd, 0xe7, 0x8d, 0xef, 0xad, 0x4d, 0x6b, 0x0d, 0x76, 0xe4, 0x1c, 0xe6, 0x45, 0x0d,
+	0xa8, 0x08, 0x4d, 0x76, 0xdc, 0xb3, 0xdd, 0x86, 0x8a, 0x7b, 0x4d, 0x41, 0x09, 0x5a, 0xf8, 0x18,
+	0xf2, 0x0f, 0x3d, 0x6e, 0x3b, 0xcf, 0x6d, 0xbf, 0xf9, 0xfd, 0xb6, 0x4f, 0xfa, 0xdc, 0x78, 0xf1,
+	0xa4, 0xaf, 0x76, 0xba, 0xca, 0x69, 0xbd, 0xad, 0x04, 0xea, 0xf8, 0x1a, 0x64, 0x4d, 0xf2, 0xd5,
+	0x45, 0xf2, 0x70, 0xe2, 0xd0, 0x65, 0x27, 0xe1, 0x1a, 0x64, 0x9f, 0x50, 0xf2, 0x28, 0x79, 0x24,
+	0x70, 0xe8, 0x47, 0x5c, 0x0c, 0xfb, 0x90, 0xe3, 0xf1, 0xc2, 0x00, 0x41, 0xc4, 0xd0, 0x4b, 0xb8,
+	0x00, 0xd9, 0x46, 0x57, 0x61, 0x0b, 0x02, 0x41, 0x59, 0xa0, 0x6a, 0xaf, 0x25, 0x37, 0x64, 0x94,
+	0xae, 0xde, 0x85, 0xbc, 0x08, 0x02, 0x5b, 0x2c, 0x51, 0x18, 0xd0, 0x4b, 0x41, 0x33, 0xb0, 0x91,
+	0x0a, 0xa5, 0x67, 0xa7, 0x47, 0xb2, 0x82, 0xd2, 0xc9, 0xa9, 0xce, 0xa2, 0x5c, 0xd5, 0x83, 0x72,
+	0xbc, 0xdc, 0x7c, 0x31, 0x57, 0xc9, 0xbf, 0xa7, 0xa0, 0x14, 0x2b, 0x1f, 0x59, 0xe1, 0x42, 0x4c,
+	0xd3, 0x7e, 0xa2, 0x12, 0xd3, 0x20, 0x5e, 0x90, 0x1a, 0xc0, 0xa1, 0x3a, 0x43, 0x2e, 0x3b, 0x75,
+	0x2f, 0x68, 0x89, 0xe4, 0x50, 0xbe, 0xfa, 0x97, 0x14, 0xa0, 0xf9, 0x02, 0x74, 0xce, 0xcd, 0xd4,
+	0x4f, 0xe9, 0x66, 0xf5, 0xcf, 0x29, 0xa8, 0x24, 0xab, 0xce, 0x39, 0xf7, 0x6e, 0xfc, 0xa4, 0xee,
+	0xfd, 0x33, 0x0d, 0xeb, 0x89, 0x5a, 0xf3, 0xb2, 0xde, 0x7d, 0x09, 0x9b, 0x86, 0x4e, 0x27, 0x8e,
+	0xed, 0x53, 0x4b, 0xbb, 0x50, 0x4d, 0xfa, 0x98, 0x9a, 0x52, 0x95, 0x6f, 0x1a, 0xfb, 0xdf, 0x5f,
+	0xcd, 0xd6, 0x5a, 0x33, 0xbd, 0x36, 0x53, 0x3b, 0xdc, 0x6a, 0x35, 0xe5, 0xd3, 0x5e, 0x77, 0x20,
+	0x77, 0x1a, 0x9f, 0xab, 0x67, 0x9d, 0x5f, 0x75, 0xba, 0x9f, 0x76, 0x14, 0x64, 0xcc, 0xd1, 0x7e,
+	0xc4, 0x65, 0xdf, 0x03, 0x34, 0xef, 0x14, 0xbe, 0x0a, 0xcb, 0xdc, 0x42, 0x2f, 0xe1, 0x2d, 0xd8,
+	0xe8, 0x74, 0xd5, 0x7e, 0xab, 0x29, 0xab, 0xf2, 0x83, 0x07, 0x72, 0x63, 0xd0, 0x17, 0xd7, 0xfb,
+	0x88, 0x3d, 0x48, 0x2c, 0xf0, 0xea, 0x9f, 0x32, 0xb0, 0xb5, 0xc4, 0x13, 0x5c, 0x0f, 0x6e, 0x16,
+	0xe2, 0xb2, 0xf3, 0xee, 0x65, 0xbc, 0xaf, 0xb1, 0x82, 0xa0, 0x47, 0x5c, 0x3f, 0xb8, 0x88, 0xdc,
+	0x02, 0x16, 0x25, 0xcb, 0x37, 0x86, 0x06, 0x75, 0x83, 0xd7, 0x10, 0x71, 0xdd, 0xd8, 0x98, 0xe1,
+	0xe2, 0x41, 0xe4, 0x67, 0x80, 0x1d, 0xdb, 0x33, 0x7c, 0xe3, 0x31, 0x55, 0x0d, 0x2b, 0x7c, 0x3a,
+	0x61, 0xd7, 0x8f, 0xac, 0x82, 0x42, 0x49, 0xcb, 0xf2, 0x23, 0xb6, 0x45, 0x47, 0x64, 0x8e, 0xcd,
+	0x36, 0xf3, 0x8c, 0x82, 0x42, 0x49, 0xc4, 0xbe, 0x01, 0x65, 0xdd, 0x9e, 0xb2, 0x9a, 0x4c, 0xf0,
+	0xd8, 0xd9, 0x91, 0x52, 0x4a, 0x02, 0x8b, 0x28, 0x41, 0xb5, 0x3d, 0x7b, 0xb3, 0x29, 0x2b, 0x25,
+	0x81, 0x09, 0xca, 0x4d, 0xd8, 0x20, 0xa3, 0x91, 0xcb, 0x8c, 0x87, 0x86, 0xc4, 0xfd, 0xa1, 0x12,
+	0xc1, 0x9c, 0xb8, 0x73, 0x02, 0x85, 0x30, 0x0e, 0xec, 0xa8, 0x66, 0x91, 0x50, 0x1d, 0xf1, 0x6e,
+	0x97, 0xde, 0x2b, 0x2a, 0x05, 0x2b, 0x14, 0xde, 0x80, 0xb2, 0xe1, 0xa9, 0xb3, 0x27, 0xe8, 0xf4,
+	0x6e, 0x7a, 0xaf, 0xa0, 0x94, 0x0c, 0x2f, 0x7a, 0xbe, 0xab, 0x7e, 0x93, 0x86, 0x4a, 0xf2, 0x09,
+	0x1d, 0x37, 0xa1, 0x60, 0xda, 0x1a, 0xe1, 0xa9, 0x25, 0xbe, 0xdf, 0xec, 0x3d, 0xe7, 0xd5, 0xbd,
+	0xd6, 0x0e, 0xf8, 0x4a, 0xa4, 0xb9, 0xf3, 0x8f, 0x14, 0x14, 0x42, 0x18, 0x5f, 0x81, 0xac, 0x43,
+	0xfc, 0x31, 0x37, 0x97, 0x3b, 0x4a, 0xa3, 0x94, 0xc2, 0xdb, 0x0c, 0xf7, 0x1c, 0x62, 0xf1, 0x14,
+	0x08, 0x70, 0xd6, 0x66, 0xf3, 0x6a, 0x52, 0xa2, 0xf3, 0xcb, 0x89, 0x3d, 0x99, 0x50, 0xcb, 0xf7,
+	0xc2, 0x79, 0x0d, 0xf0, 0x46, 0x00, 0xe3, 0x77, 0x60, 0xd3, 0x77, 0x89, 0x61, 0x26, 0xb8, 0x59,
+	0xce, 0x45, 0xa1, 0x20, 0x22, 0x1f, 0xc2, 0xb5, 0xd0, 0xae, 0x4e, 0x7d, 0xa2, 0x8d, 0xa9, 0x3e,
+	0x53, 0xca, 0xf3, 0xf7, 0xd9, 0xab, 0x01, 0xa1, 0x19, 0xc8, 0x43, 0xdd, 0xea, 0x77, 0x29, 0xd8,
+	0x0c, 0xaf, 0x53, 0x7a, 0x14, 0xac, 0x53, 0x00, 0x62, 0x59, 0xb6, 0x1f, 0x0f, 0xd7, 0x62, 0x2a,
+	0x2f, 0xe8, 0xd5, 0xea, 0x91, 0x92, 0x12, 0x33, 0xb0, 0x33, 0x01, 0x98, 0x49, 0x56, 0x86, 0xed,
+	0x3a, 0x94, 0x82, 0xef, 0x23, 0xfc, 0x23, 0x9b, 0xb8, 0x80, 0x83, 0x80, 0xd8, 0xbd, 0x0b, 0x6f,
+	0x43, 0xee, 0x9c, 0x8e, 0x0c, 0x2b, 0x78, 0xf5, 0x14, 0x8d, 0xf0, 0x25, 0x37, 0x1b, 0xbd, 0xe4,
+	0x1e, 0xfd, 0x21, 0x05, 0x5b, 0x9a, 0x3d, 0x99, 0xf7, 0xf7, 0x08, 0xcd, 0xbd, 0x02, 0x78, 0x9f,
+	0xa4, 0xbe, 0xf8, 0x78, 0x64, 0xf8, 0xe3, 0xe9, 0x79, 0x4d, 0xb3, 0x27, 0xfb, 0x23, 0xdb, 0x24,
+	0xd6, 0x68, 0xf6, 0x95, 0x90, 0xff, 0xd1, 0xde, 0x1d, 0x51, 0xeb, 0xdd, 0x91, 0x1d, 0xfb, 0x66,
+	0xf8, 0xd1, 0xec, 0xef, 0xd7, 0xe9, 0xcc, 0x71, 0xef, 0xe8, 0xaf, 0xe9, 0x9d, 0x63, 0xd1, 0x57,
+	0x2f, 0x8c, 0x8d, 0x42, 0x87, 0x26, 0xd5, 0xd8, 0x78, 0xff, 0x17, 0x00, 0x00, 0xff, 0xff, 0x0c,
+	0xab, 0xb6, 0x37, 0x7e, 0x1c, 0x00, 0x00,
+}
diff --git a/vendor/github.com/golang/protobuf/protoc-gen-go/descriptor/descriptor.proto b/vendor/github.com/golang/protobuf/protoc-gen-go/descriptor/descriptor.proto
new file mode 100644
index 000000000000..4d4fb378f505
--- /dev/null
+++ b/vendor/github.com/golang/protobuf/protoc-gen-go/descriptor/descriptor.proto
@@ -0,0 +1,849 @@
+// Protocol Buffers - Google's data interchange format
+// Copyright 2008 Google Inc.  All rights reserved.
+// https://developers.google.com/protocol-buffers/
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+//     * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+//     * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+//     * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+// Author: kenton@google.com (Kenton Varda)
+//  Based on original Protocol Buffers design by
+//  Sanjay Ghemawat, Jeff Dean, and others.
+//
+// The messages in this file describe the definitions found in .proto files.
+// A valid .proto file can be translated directly to a FileDescriptorProto
+// without any other information (e.g. without reading its imports).
+
+
+syntax = "proto2";
+
+package google.protobuf;
+option go_package = "github.com/golang/protobuf/protoc-gen-go/descriptor;descriptor";
+option java_package = "com.google.protobuf";
+option java_outer_classname = "DescriptorProtos";
+option csharp_namespace = "Google.Protobuf.Reflection";
+option objc_class_prefix = "GPB";
+
+// descriptor.proto must be optimized for speed because reflection-based
+// algorithms don't work during bootstrapping.
+option optimize_for = SPEED;
+
+// The protocol compiler can output a FileDescriptorSet containing the .proto
+// files it parses.
+message FileDescriptorSet {
+  repeated FileDescriptorProto file = 1;
+}
+
+// Describes a complete .proto file.
+message FileDescriptorProto {
+  optional string name = 1;       // file name, relative to root of source tree
+  optional string package = 2;    // e.g. "foo", "foo.bar", etc.
+
+  // Names of files imported by this file.
+  repeated string dependency = 3;
+  // Indexes of the public imported files in the dependency list above.
+  repeated int32 public_dependency = 10;
+  // Indexes of the weak imported files in the dependency list.
+  // For Google-internal migration only. Do not use.
+  repeated int32 weak_dependency = 11;
+
+  // All top-level definitions in this file.
+  repeated DescriptorProto message_type = 4;
+  repeated EnumDescriptorProto enum_type = 5;
+  repeated ServiceDescriptorProto service = 6;
+  repeated FieldDescriptorProto extension = 7;
+
+  optional FileOptions options = 8;
+
+  // This field contains optional information about the original source code.
+  // You may safely remove this entire field without harming runtime
+  // functionality of the descriptors -- the information is needed only by
+  // development tools.
+  optional SourceCodeInfo source_code_info = 9;
+
+  // The syntax of the proto file.
+  // The supported values are "proto2" and "proto3".
+  optional string syntax = 12;
+}
+
+// Describes a message type.
+message DescriptorProto {
+  optional string name = 1;
+
+  repeated FieldDescriptorProto field = 2;
+  repeated FieldDescriptorProto extension = 6;
+
+  repeated DescriptorProto nested_type = 3;
+  repeated EnumDescriptorProto enum_type = 4;
+
+  message ExtensionRange {
+    optional int32 start = 1;
+    optional int32 end = 2;
+
+    optional ExtensionRangeOptions options = 3;
+  }
+  repeated ExtensionRange extension_range = 5;
+
+  repeated OneofDescriptorProto oneof_decl = 8;
+
+  optional MessageOptions options = 7;
+
+  // Range of reserved tag numbers. Reserved tag numbers may not be used by
+  // fields or extension ranges in the same message. Reserved ranges may
+  // not overlap.
+  message ReservedRange {
+    optional int32 start = 1; // Inclusive.
+    optional int32 end = 2;   // Exclusive.
+  }
+  repeated ReservedRange reserved_range = 9;
+  // Reserved field names, which may not be used by fields in the same message.
+  // A given name may only be reserved once.
+  repeated string reserved_name = 10;
+}
+
+message ExtensionRangeOptions {
+  // The parser stores options it doesn't recognize here. See above.
+  repeated UninterpretedOption uninterpreted_option = 999;
+
+  // Clients can define custom options in extensions of this message. See above.
+  extensions 1000 to max;
+}
+
+// Describes a field within a message.
+message FieldDescriptorProto {
+  enum Type {
+    // 0 is reserved for errors.
+    // Order is weird for historical reasons.
+    TYPE_DOUBLE         = 1;
+    TYPE_FLOAT          = 2;
+    // Not ZigZag encoded.  Negative numbers take 10 bytes.  Use TYPE_SINT64 if
+    // negative values are likely.
+    TYPE_INT64          = 3;
+    TYPE_UINT64         = 4;
+    // Not ZigZag encoded.  Negative numbers take 10 bytes.  Use TYPE_SINT32 if
+    // negative values are likely.
+    TYPE_INT32          = 5;
+    TYPE_FIXED64        = 6;
+    TYPE_FIXED32        = 7;
+    TYPE_BOOL           = 8;
+    TYPE_STRING         = 9;
+    // Tag-delimited aggregate.
+    // Group type is deprecated and not supported in proto3. However, Proto3
+    // implementations should still be able to parse the group wire format and
+    // treat group fields as unknown fields.
+    TYPE_GROUP          = 10;
+    TYPE_MESSAGE        = 11;  // Length-delimited aggregate.
+
+    // New in version 2.
+    TYPE_BYTES          = 12;
+    TYPE_UINT32         = 13;
+    TYPE_ENUM           = 14;
+    TYPE_SFIXED32       = 15;
+    TYPE_SFIXED64       = 16;
+    TYPE_SINT32         = 17;  // Uses ZigZag encoding.
+    TYPE_SINT64         = 18;  // Uses ZigZag encoding.
+  };
+
+  enum Label {
+    // 0 is reserved for errors
+    LABEL_OPTIONAL      = 1;
+    LABEL_REQUIRED      = 2;
+    LABEL_REPEATED      = 3;
+  };
+
+  optional string name = 1;
+  optional int32 number = 3;
+  optional Label label = 4;
+
+  // If type_name is set, this need not be set.  If both this and type_name
+  // are set, this must be one of TYPE_ENUM, TYPE_MESSAGE or TYPE_GROUP.
+  optional Type type = 5;
+
+  // For message and enum types, this is the name of the type.  If the name
+  // starts with a '.', it is fully-qualified.  Otherwise, C++-like scoping
+  // rules are used to find the type (i.e. first the nested types within this
+  // message are searched, then within the parent, on up to the root
+  // namespace).
+  optional string type_name = 6;
+
+  // For extensions, this is the name of the type being extended.  It is
+  // resolved in the same manner as type_name.
+  optional string extendee = 2;
+
+  // For numeric types, contains the original text representation of the value.
+  // For booleans, "true" or "false".
+  // For strings, contains the default text contents (not escaped in any way).
+  // For bytes, contains the C escaped value.  All bytes >= 128 are escaped.
+  // TODO(kenton):  Base-64 encode?
+  optional string default_value = 7;
+
+  // If set, gives the index of a oneof in the containing type's oneof_decl
+  // list.  This field is a member of that oneof.
+  optional int32 oneof_index = 9;
+
+  // JSON name of this field. The value is set by protocol compiler. If the
+  // user has set a "json_name" option on this field, that option's value
+  // will be used. Otherwise, it's deduced from the field's name by converting
+  // it to camelCase.
+  optional string json_name = 10;
+
+  optional FieldOptions options = 8;
+}
+
+// Describes a oneof.
+message OneofDescriptorProto {
+  optional string name = 1;
+  optional OneofOptions options = 2;
+}
+
+// Describes an enum type.
+message EnumDescriptorProto {
+  optional string name = 1;
+
+  repeated EnumValueDescriptorProto value = 2;
+
+  optional EnumOptions options = 3;
+}
+
+// Describes a value within an enum.
+message EnumValueDescriptorProto {
+  optional string name = 1;
+  optional int32 number = 2;
+
+  optional EnumValueOptions options = 3;
+}
+
+// Describes a service.
+message ServiceDescriptorProto {
+  optional string name = 1;
+  repeated MethodDescriptorProto method = 2;
+
+  optional ServiceOptions options = 3;
+}
+
+// Describes a method of a service.
+message MethodDescriptorProto {
+  optional string name = 1;
+
+  // Input and output type names.  These are resolved in the same way as
+  // FieldDescriptorProto.type_name, but must refer to a message type.
+  optional string input_type = 2;
+  optional string output_type = 3;
+
+  optional MethodOptions options = 4;
+
+  // Identifies if client streams multiple client messages
+  optional bool client_streaming = 5 [default=false];
+  // Identifies if server streams multiple server messages
+  optional bool server_streaming = 6 [default=false];
+}
+
+
+// ===================================================================
+// Options
+
+// Each of the definitions above may have "options" attached.  These are
+// just annotations which may cause code to be generated slightly differently
+// or may contain hints for code that manipulates protocol messages.
+//
+// Clients may define custom options as extensions of the *Options messages.
+// These extensions may not yet be known at parsing time, so the parser cannot
+// store the values in them.  Instead it stores them in a field in the *Options
+// message called uninterpreted_option. This field must have the same name
+// across all *Options messages. We then use this field to populate the
+// extensions when we build a descriptor, at which point all protos have been
+// parsed and so all extensions are known.
+//
+// Extension numbers for custom options may be chosen as follows:
+// * For options which will only be used within a single application or
+//   organization, or for experimental options, use field numbers 50000
+//   through 99999.  It is up to you to ensure that you do not use the
+//   same number for multiple options.
+// * For options which will be published and used publicly by multiple
+//   independent entities, e-mail protobuf-global-extension-registry@google.com
+//   to reserve extension numbers. Simply provide your project name (e.g.
+//   Objective-C plugin) and your project website (if available) -- there's no
+//   need to explain how you intend to use them. Usually you only need one
+//   extension number. You can declare multiple options with only one extension
+//   number by putting them in a sub-message. See the Custom Options section of
+//   the docs for examples:
+//   https://developers.google.com/protocol-buffers/docs/proto#options
+//   If this turns out to be popular, a web service will be set up
+//   to automatically assign option numbers.
+
+
+message FileOptions {
+
+  // Sets the Java package where classes generated from this .proto will be
+  // placed.  By default, the proto package is used, but this is often
+  // inappropriate because proto packages do not normally start with backwards
+  // domain names.
+  optional string java_package = 1;
+
+
+  // If set, all the classes from the .proto file are wrapped in a single
+  // outer class with the given name.  This applies to both Proto1
+  // (equivalent to the old "--one_java_file" option) and Proto2 (where
+  // a .proto always translates to a single class, but you may want to
+  // explicitly choose the class name).
+  optional string java_outer_classname = 8;
+
+  // If set true, then the Java code generator will generate a separate .java
+  // file for each top-level message, enum, and service defined in the .proto
+  // file.  Thus, these types will *not* be nested inside the outer class
+  // named by java_outer_classname.  However, the outer class will still be
+  // generated to contain the file's getDescriptor() method as well as any
+  // top-level extensions defined in the file.
+  optional bool java_multiple_files = 10 [default=false];
+
+  // This option does nothing.
+  optional bool java_generate_equals_and_hash = 20 [deprecated=true];
+
+  // If set true, then the Java2 code generator will generate code that
+  // throws an exception whenever an attempt is made to assign a non-UTF-8
+  // byte sequence to a string field.
+  // Message reflection will do the same.
+  // However, an extension field still accepts non-UTF-8 byte sequences.
+  // This option has no effect on when used with the lite runtime.
+  optional bool java_string_check_utf8 = 27 [default=false];
+
+
+  // Generated classes can be optimized for speed or code size.
+  enum OptimizeMode {
+    SPEED = 1;        // Generate complete code for parsing, serialization,
+                      // etc.
+    CODE_SIZE = 2;    // Use ReflectionOps to implement these methods.
+    LITE_RUNTIME = 3; // Generate code using MessageLite and the lite runtime.
+  }
+  optional OptimizeMode optimize_for = 9 [default=SPEED];
+
+  // Sets the Go package where structs generated from this .proto will be
+  // placed. If omitted, the Go package will be derived from the following:
+  //   - The basename of the package import path, if provided.
+  //   - Otherwise, the package statement in the .proto file, if present.
+  //   - Otherwise, the basename of the .proto file, without extension.
+  optional string go_package = 11;
+
+
+
+  // Should generic services be generated in each language?  "Generic" services
+  // are not specific to any particular RPC system.  They are generated by the
+  // main code generators in each language (without additional plugins).
+  // Generic services were the only kind of service generation supported by
+  // early versions of google.protobuf.
+  //
+  // Generic services are now considered deprecated in favor of using plugins
+  // that generate code specific to your particular RPC system.  Therefore,
+  // these default to false.  Old code which depends on generic services should
+  // explicitly set them to true.
+  optional bool cc_generic_services = 16 [default=false];
+  optional bool java_generic_services = 17 [default=false];
+  optional bool py_generic_services = 18 [default=false];
+  optional bool php_generic_services = 42 [default=false];
+
+  // Is this file deprecated?
+  // Depending on the target platform, this can emit Deprecated annotations
+  // for everything in the file, or it will be completely ignored; in the very
+  // least, this is a formalization for deprecating files.
+  optional bool deprecated = 23 [default=false];
+
+  // Enables the use of arenas for the proto messages in this file. This applies
+  // only to generated classes for C++.
+  optional bool cc_enable_arenas = 31 [default=false];
+
+
+  // Sets the objective c class prefix which is prepended to all objective c
+  // generated classes from this .proto. There is no default.
+  optional string objc_class_prefix = 36;
+
+  // Namespace for generated classes; defaults to the package.
+  optional string csharp_namespace = 37;
+
+  // By default Swift generators will take the proto package and CamelCase it
+  // replacing '.' with underscore and use that to prefix the types/symbols
+  // defined. When this options is provided, they will use this value instead
+  // to prefix the types/symbols defined.
+  optional string swift_prefix = 39;
+
+  // Sets the php class prefix which is prepended to all php generated classes
+  // from this .proto. Default is empty.
+  optional string php_class_prefix = 40;
+
+  // Use this option to change the namespace of php generated classes. Default
+  // is empty. When this option is empty, the package name will be used for
+  // determining the namespace.
+  optional string php_namespace = 41;
+
+  // The parser stores options it doesn't recognize here. See above.
+  repeated UninterpretedOption uninterpreted_option = 999;
+
+  // Clients can define custom options in extensions of this message. See above.
+  extensions 1000 to max;
+
+  reserved 38;
+}
+
+message MessageOptions {
+  // Set true to use the old proto1 MessageSet wire format for extensions.
+  // This is provided for backwards-compatibility with the MessageSet wire
+  // format.  You should not use this for any other reason:  It's less
+  // efficient, has fewer features, and is more complicated.
+  //
+  // The message must be defined exactly as follows:
+  //   message Foo {
+  //     option message_set_wire_format = true;
+  //     extensions 4 to max;
+  //   }
+  // Note that the message cannot have any defined fields; MessageSets only
+  // have extensions.
+  //
+  // All extensions of your type must be singular messages; e.g. they cannot
+  // be int32s, enums, or repeated messages.
+  //
+  // Because this is an option, the above two restrictions are not enforced by
+  // the protocol compiler.
+  optional bool message_set_wire_format = 1 [default=false];
+
+  // Disables the generation of the standard "descriptor()" accessor, which can
+  // conflict with a field of the same name.  This is meant to make migration
+  // from proto1 easier; new code should avoid fields named "descriptor".
+  optional bool no_standard_descriptor_accessor = 2 [default=false];
+
+  // Is this message deprecated?
+  // Depending on the target platform, this can emit Deprecated annotations
+  // for the message, or it will be completely ignored; in the very least,
+  // this is a formalization for deprecating messages.
+  optional bool deprecated = 3 [default=false];
+
+  // Whether the message is an automatically generated map entry type for the
+  // maps field.
+  //
+  // For maps fields:
+  //     map<KeyType, ValueType> map_field = 1;
+  // The parsed descriptor looks like:
+  //     message MapFieldEntry {
+  //         option map_entry = true;
+  //         optional KeyType key = 1;
+  //         optional ValueType value = 2;
+  //     }
+  //     repeated MapFieldEntry map_field = 1;
+  //
+  // Implementations may choose not to generate the map_entry=true message, but
+  // use a native map in the target language to hold the keys and values.
+  // The reflection APIs in such implementions still need to work as
+  // if the field is a repeated message field.
+  //
+  // NOTE: Do not set the option in .proto files. Always use the maps syntax
+  // instead. The option should only be implicitly set by the proto compiler
+  // parser.
+  optional bool map_entry = 7;
+
+  reserved 8;  // javalite_serializable
+  reserved 9;  // javanano_as_lite
+
+  // The parser stores options it doesn't recognize here. See above.
+  repeated UninterpretedOption uninterpreted_option = 999;
+
+  // Clients can define custom options in extensions of this message. See above.
+  extensions 1000 to max;
+}
+
+message FieldOptions {
+  // The ctype option instructs the C++ code generator to use a different
+  // representation of the field than it normally would.  See the specific
+  // options below.  This option is not yet implemented in the open source
+  // release -- sorry, we'll try to include it in a future version!
+  optional CType ctype = 1 [default = STRING];
+  enum CType {
+    // Default mode.
+    STRING = 0;
+
+    CORD = 1;
+
+    STRING_PIECE = 2;
+  }
+  // The packed option can be enabled for repeated primitive fields to enable
+  // a more efficient representation on the wire. Rather than repeatedly
+  // writing the tag and type for each element, the entire array is encoded as
+  // a single length-delimited blob. In proto3, only explicit setting it to
+  // false will avoid using packed encoding.
+  optional bool packed = 2;
+
+  // The jstype option determines the JavaScript type used for values of the
+  // field.  The option is permitted only for 64 bit integral and fixed types
+  // (int64, uint64, sint64, fixed64, sfixed64).  A field with jstype JS_STRING
+  // is represented as JavaScript string, which avoids loss of precision that
+  // can happen when a large value is converted to a floating point JavaScript.
+  // Specifying JS_NUMBER for the jstype causes the generated JavaScript code to
+  // use the JavaScript "number" type.  The behavior of the default option
+  // JS_NORMAL is implementation dependent.
+  //
+  // This option is an enum to permit additional types to be added, e.g.
+  // goog.math.Integer.
+  optional JSType jstype = 6 [default = JS_NORMAL];
+  enum JSType {
+    // Use the default type.
+    JS_NORMAL = 0;
+
+    // Use JavaScript strings.
+    JS_STRING = 1;
+
+    // Use JavaScript numbers.
+    JS_NUMBER = 2;
+  }
+
+  // Should this field be parsed lazily?  Lazy applies only to message-type
+  // fields.  It means that when the outer message is initially parsed, the
+  // inner message's contents will not be parsed but instead stored in encoded
+  // form.  The inner message will actually be parsed when it is first accessed.
+  //
+  // This is only a hint.  Implementations are free to choose whether to use
+  // eager or lazy parsing regardless of the value of this option.  However,
+  // setting this option true suggests that the protocol author believes that
+  // using lazy parsing on this field is worth the additional bookkeeping
+  // overhead typically needed to implement it.
+  //
+  // This option does not affect the public interface of any generated code;
+  // all method signatures remain the same.  Furthermore, thread-safety of the
+  // interface is not affected by this option; const methods remain safe to
+  // call from multiple threads concurrently, while non-const methods continue
+  // to require exclusive access.
+  //
+  //
+  // Note that implementations may choose not to check required fields within
+  // a lazy sub-message.  That is, calling IsInitialized() on the outer message
+  // may return true even if the inner message has missing required fields.
+  // This is necessary because otherwise the inner message would have to be
+  // parsed in order to perform the check, defeating the purpose of lazy
+  // parsing.  An implementation which chooses not to check required fields
+  // must be consistent about it.  That is, for any particular sub-message, the
+  // implementation must either *always* check its required fields, or *never*
+  // check its required fields, regardless of whether or not the message has
+  // been parsed.
+  optional bool lazy = 5 [default=false];
+
+  // Is this field deprecated?
+  // Depending on the target platform, this can emit Deprecated annotations
+  // for accessors, or it will be completely ignored; in the very least, this
+  // is a formalization for deprecating fields.
+  optional bool deprecated = 3 [default=false];
+
+  // For Google-internal migration only. Do not use.
+  optional bool weak = 10 [default=false];
+
+
+  // The parser stores options it doesn't recognize here. See above.
+  repeated UninterpretedOption uninterpreted_option = 999;
+
+  // Clients can define custom options in extensions of this message. See above.
+  extensions 1000 to max;
+
+  reserved 4;  // removed jtype
+}
+
+message OneofOptions {
+  // The parser stores options it doesn't recognize here. See above.
+  repeated UninterpretedOption uninterpreted_option = 999;
+
+  // Clients can define custom options in extensions of this message. See above.
+  extensions 1000 to max;
+}
+
+message EnumOptions {
+
+  // Set this option to true to allow mapping different tag names to the same
+  // value.
+  optional bool allow_alias = 2;
+
+  // Is this enum deprecated?
+  // Depending on the target platform, this can emit Deprecated annotations
+  // for the enum, or it will be completely ignored; in the very least, this
+  // is a formalization for deprecating enums.
+  optional bool deprecated = 3 [default=false];
+
+  reserved 5;  // javanano_as_lite
+
+  // The parser stores options it doesn't recognize here. See above.
+  repeated UninterpretedOption uninterpreted_option = 999;
+
+  // Clients can define custom options in extensions of this message. See above.
+  extensions 1000 to max;
+}
+
+message EnumValueOptions {
+  // Is this enum value deprecated?
+  // Depending on the target platform, this can emit Deprecated annotations
+  // for the enum value, or it will be completely ignored; in the very least,
+  // this is a formalization for deprecating enum values.
+  optional bool deprecated = 1 [default=false];
+
+  // The parser stores options it doesn't recognize here. See above.
+  repeated UninterpretedOption uninterpreted_option = 999;
+
+  // Clients can define custom options in extensions of this message. See above.
+  extensions 1000 to max;
+}
+
+message ServiceOptions {
+
+  // Note:  Field numbers 1 through 32 are reserved for Google's internal RPC
+  //   framework.  We apologize for hoarding these numbers to ourselves, but
+  //   we were already using them long before we decided to release Protocol
+  //   Buffers.
+
+  // Is this service deprecated?
+  // Depending on the target platform, this can emit Deprecated annotations
+  // for the service, or it will be completely ignored; in the very least,
+  // this is a formalization for deprecating services.
+  optional bool deprecated = 33 [default=false];
+
+  // The parser stores options it doesn't recognize here. See above.
+  repeated UninterpretedOption uninterpreted_option = 999;
+
+  // Clients can define custom options in extensions of this message. See above.
+  extensions 1000 to max;
+}
+
+message MethodOptions {
+
+  // Note:  Field numbers 1 through 32 are reserved for Google's internal RPC
+  //   framework.  We apologize for hoarding these numbers to ourselves, but
+  //   we were already using them long before we decided to release Protocol
+  //   Buffers.
+
+  // Is this method deprecated?
+  // Depending on the target platform, this can emit Deprecated annotations
+  // for the method, or it will be completely ignored; in the very least,
+  // this is a formalization for deprecating methods.
+  optional bool deprecated = 33 [default=false];
+
+  // Is this method side-effect-free (or safe in HTTP parlance), or idempotent,
+  // or neither? HTTP based RPC implementation may choose GET verb for safe
+  // methods, and PUT verb for idempotent methods instead of the default POST.
+  enum IdempotencyLevel {
+    IDEMPOTENCY_UNKNOWN = 0;
+    NO_SIDE_EFFECTS     = 1; // implies idempotent
+    IDEMPOTENT          = 2; // idempotent, but may have side effects
+  }
+  optional IdempotencyLevel idempotency_level =
+      34 [default=IDEMPOTENCY_UNKNOWN];
+
+  // The parser stores options it doesn't recognize here. See above.
+  repeated UninterpretedOption uninterpreted_option = 999;
+
+  // Clients can define custom options in extensions of this message. See above.
+  extensions 1000 to max;
+}
+
+
+// A message representing a option the parser does not recognize. This only
+// appears in options protos created by the compiler::Parser class.
+// DescriptorPool resolves these when building Descriptor objects. Therefore,
+// options protos in descriptor objects (e.g. returned by Descriptor::options(),
+// or produced by Descriptor::CopyTo()) will never have UninterpretedOptions
+// in them.
+message UninterpretedOption {
+  // The name of the uninterpreted option.  Each string represents a segment in
+  // a dot-separated name.  is_extension is true iff a segment represents an
+  // extension (denoted with parentheses in options specs in .proto files).
+  // E.g.,{ ["foo", false], ["bar.baz", true], ["qux", false] } represents
+  // "foo.(bar.baz).qux".
+  message NamePart {
+    required string name_part = 1;
+    required bool is_extension = 2;
+  }
+  repeated NamePart name = 2;
+
+  // The value of the uninterpreted option, in whatever type the tokenizer
+  // identified it as during parsing. Exactly one of these should be set.
+  optional string identifier_value = 3;
+  optional uint64 positive_int_value = 4;
+  optional int64 negative_int_value = 5;
+  optional double double_value = 6;
+  optional bytes string_value = 7;
+  optional string aggregate_value = 8;
+}
+
+// ===================================================================
+// Optional source code info
+
+// Encapsulates information about the original source file from which a
+// FileDescriptorProto was generated.
+message SourceCodeInfo {
+  // A Location identifies a piece of source code in a .proto file which
+  // corresponds to a particular definition.  This information is intended
+  // to be useful to IDEs, code indexers, documentation generators, and similar
+  // tools.
+  //
+  // For example, say we have a file like:
+  //   message Foo {
+  //     optional string foo = 1;
+  //   }
+  // Let's look at just the field definition:
+  //   optional string foo = 1;
+  //   ^       ^^     ^^  ^  ^^^
+  //   a       bc     de  f  ghi
+  // We have the following locations:
+  //   span   path               represents
+  //   [a,i)  [ 4, 0, 2, 0 ]     The whole field definition.
+  //   [a,b)  [ 4, 0, 2, 0, 4 ]  The label (optional).
+  //   [c,d)  [ 4, 0, 2, 0, 5 ]  The type (string).
+  //   [e,f)  [ 4, 0, 2, 0, 1 ]  The name (foo).
+  //   [g,h)  [ 4, 0, 2, 0, 3 ]  The number (1).
+  //
+  // Notes:
+  // - A location may refer to a repeated field itself (i.e. not to any
+  //   particular index within it).  This is used whenever a set of elements are
+  //   logically enclosed in a single code segment.  For example, an entire
+  //   extend block (possibly containing multiple extension definitions) will
+  //   have an outer location whose path refers to the "extensions" repeated
+  //   field without an index.
+  // - Multiple locations may have the same path.  This happens when a single
+  //   logical declaration is spread out across multiple places.  The most
+  //   obvious example is the "extend" block again -- there may be multiple
+  //   extend blocks in the same scope, each of which will have the same path.
+  // - A location's span is not always a subset of its parent's span.  For
+  //   example, the "extendee" of an extension declaration appears at the
+  //   beginning of the "extend" block and is shared by all extensions within
+  //   the block.
+  // - Just because a location's span is a subset of some other location's span
+  //   does not mean that it is a descendent.  For example, a "group" defines
+  //   both a type and a field in a single declaration.  Thus, the locations
+  //   corresponding to the type and field and their components will overlap.
+  // - Code which tries to interpret locations should probably be designed to
+  //   ignore those that it doesn't understand, as more types of locations could
+  //   be recorded in the future.
+  repeated Location location = 1;
+  message Location {
+    // Identifies which part of the FileDescriptorProto was defined at this
+    // location.
+    //
+    // Each element is a field number or an index.  They form a path from
+    // the root FileDescriptorProto to the place where the definition.  For
+    // example, this path:
+    //   [ 4, 3, 2, 7, 1 ]
+    // refers to:
+    //   file.message_type(3)  // 4, 3
+    //       .field(7)         // 2, 7
+    //       .name()           // 1
+    // This is because FileDescriptorProto.message_type has field number 4:
+    //   repeated DescriptorProto message_type = 4;
+    // and DescriptorProto.field has field number 2:
+    //   repeated FieldDescriptorProto field = 2;
+    // and FieldDescriptorProto.name has field number 1:
+    //   optional string name = 1;
+    //
+    // Thus, the above path gives the location of a field name.  If we removed
+    // the last element:
+    //   [ 4, 3, 2, 7 ]
+    // this path refers to the whole field declaration (from the beginning
+    // of the label to the terminating semicolon).
+    repeated int32 path = 1 [packed=true];
+
+    // Always has exactly three or four elements: start line, start column,
+    // end line (optional, otherwise assumed same as start line), end column.
+    // These are packed into a single field for efficiency.  Note that line
+    // and column numbers are zero-based -- typically you will want to add
+    // 1 to each before displaying to a user.
+    repeated int32 span = 2 [packed=true];
+
+    // If this SourceCodeInfo represents a complete declaration, these are any
+    // comments appearing before and after the declaration which appear to be
+    // attached to the declaration.
+    //
+    // A series of line comments appearing on consecutive lines, with no other
+    // tokens appearing on those lines, will be treated as a single comment.
+    //
+    // leading_detached_comments will keep paragraphs of comments that appear
+    // before (but not connected to) the current element. Each paragraph,
+    // separated by empty lines, will be one comment element in the repeated
+    // field.
+    //
+    // Only the comment content is provided; comment markers (e.g. //) are
+    // stripped out.  For block comments, leading whitespace and an asterisk
+    // will be stripped from the beginning of each line other than the first.
+    // Newlines are included in the output.
+    //
+    // Examples:
+    //
+    //   optional int32 foo = 1;  // Comment attached to foo.
+    //   // Comment attached to bar.
+    //   optional int32 bar = 2;
+    //
+    //   optional string baz = 3;
+    //   // Comment attached to baz.
+    //   // Another line attached to baz.
+    //
+    //   // Comment attached to qux.
+    //   //
+    //   // Another line attached to qux.
+    //   optional double qux = 4;
+    //
+    //   // Detached comment for corge. This is not leading or trailing comments
+    //   // to qux or corge because there are blank lines separating it from
+    //   // both.
+    //
+    //   // Detached comment for corge paragraph 2.
+    //
+    //   optional string corge = 5;
+    //   /* Block comment attached
+    //    * to corge.  Leading asterisks
+    //    * will be removed. */
+    //   /* Block comment attached to
+    //    * grault. */
+    //   optional int32 grault = 6;
+    //
+    //   // ignored detached comments.
+    optional string leading_comments = 3;
+    optional string trailing_comments = 4;
+    repeated string leading_detached_comments = 6;
+  }
+}
+
+// Describes the relationship between generated code and its original source
+// file. A GeneratedCodeInfo message is associated with only one generated
+// source file, but may contain references to different source .proto files.
+message GeneratedCodeInfo {
+  // An Annotation connects some span of text in generated code to an element
+  // of its generating .proto file.
+  repeated Annotation annotation = 1;
+  message Annotation {
+    // Identifies the element in the original source .proto file. This field
+    // is formatted the same as SourceCodeInfo.Location.path.
+    repeated int32 path = 1 [packed=true];
+
+    // Identifies the filesystem path to the original source .proto.
+    optional string source_file = 2;
+
+    // Identifies the starting offset in bytes in the generated code
+    // that relates to the identified object.
+    optional int32 begin = 3;
+
+    // Identifies the ending offset in bytes in the generated code that
+    // relates to the identified offset. The end offset should be one past
+    // the last relevant byte (so the length of the text = end - begin).
+    optional int32 end = 4;
+  }
+}
diff --git a/vendor/github.com/google/cadvisor/container/containerd/client.go b/vendor/github.com/google/cadvisor/container/containerd/client.go
index 182fd010b298..365f54a71ac5 100644
--- a/vendor/github.com/google/cadvisor/container/containerd/client.go
+++ b/vendor/github.com/google/cadvisor/container/containerd/client.go
@@ -16,6 +16,7 @@ package containerd
 
 import (
 	"context"
+	"sync"
 	"time"
 
 	containersapi "github.com/containerd/containerd/api/services/containers/v1"
@@ -45,32 +46,38 @@ type containerdClient interface {
 	Version(ctx context.Context) (string, error)
 }
 
+var once sync.Once
+var ctrdClient containerdClient = nil
+
 // Client creates a containerd client
 func Client() (containerdClient, error) {
-	gopts := []grpc.DialOption{
-		grpc.WithInsecure(),
-		grpc.FailOnNonTempDialError(true),
-		grpc.WithDialer(dialer.Dialer),
-		grpc.WithBlock(),
-		grpc.WithTimeout(2 * time.Second),
-		grpc.WithBackoffMaxDelay(3 * time.Second),
-	}
-	unary, stream := newNSInterceptors(k8sNamespace)
-	gopts = append(gopts,
-		grpc.WithUnaryInterceptor(unary),
-		grpc.WithStreamInterceptor(stream),
-	)
+	var retErr error
+	once.Do(func() {
+		gopts := []grpc.DialOption{
+			grpc.WithInsecure(),
+			grpc.WithDialer(dialer.Dialer),
+			grpc.WithBlock(),
+			grpc.WithTimeout(2 * time.Second),
+			grpc.WithBackoffMaxDelay(3 * time.Second),
+		}
+		unary, stream := newNSInterceptors(k8sNamespace)
+		gopts = append(gopts,
+			grpc.WithUnaryInterceptor(unary),
+			grpc.WithStreamInterceptor(stream),
+		)
 
-	conn, err := grpc.Dial(dialer.DialAddress("/var/run/containerd/containerd.sock"), gopts...)
-	if err != nil {
-		return nil, err
-	}
-	c := &client{
-		containerService: containersapi.NewContainersClient(conn),
-		taskService:      tasksapi.NewTasksClient(conn),
-		versionService:   versionapi.NewVersionClient(conn),
-	}
-	return c, err
+		conn, err := grpc.Dial(dialer.DialAddress("/var/run/containerd/containerd.sock"), gopts...)
+		if err != nil {
+			retErr = err
+			return
+		}
+		ctrdClient = &client{
+			containerService: containersapi.NewContainersClient(conn),
+			taskService:      tasksapi.NewTasksClient(conn),
+			versionService:   versionapi.NewVersionClient(conn),
+		}
+	})
+	return ctrdClient, retErr
 }
 
 func (c *client) LoadContainer(ctx context.Context, id string) (*containers.Container, error) {
diff --git a/vendor/github.com/google/cadvisor/container/containerd/handler.go b/vendor/github.com/google/cadvisor/container/containerd/handler.go
index b369d9b133d1..52ab24018d33 100644
--- a/vendor/github.com/google/cadvisor/container/containerd/handler.go
+++ b/vendor/github.com/google/cadvisor/container/containerd/handler.go
@@ -22,6 +22,7 @@ import (
 	"strings"
 	"time"
 
+	"github.com/containerd/containerd/errdefs"
 	"github.com/opencontainers/runc/libcontainer/cgroups"
 	cgroupfs "github.com/opencontainers/runc/libcontainer/cgroups/fs"
 	libcontainerconfigs "github.com/opencontainers/runc/libcontainer/configs"
@@ -103,10 +104,28 @@ func newContainerdContainerHandler(
 		return nil, err
 	}
 
-	taskPid, err := client.TaskPid(ctx, id)
-	if err != nil {
-		return nil, err
+	// Cgroup is created during task creation. When cadvisor sees the cgroup,
+	// task may not be fully created yet. Use a retry+backoff to tolerant the
+	// race condition.
+	// TODO(random-liu): Use cri-containerd client to talk with cri-containerd
+	// instead. cri-containerd has some internal synchronization to make sure
+	// `ContainerStatus` only returns result after `StartContainer` finishes.
+	var taskPid uint32
+	backoff := 100 * time.Millisecond
+	retry := 5
+	for {
+		taskPid, err = client.TaskPid(ctx, id)
+		if err == nil {
+			break
+		}
+		retry--
+		if !errdefs.IsNotFound(err) || retry == 0 {
+			return nil, err
+		}
+		time.Sleep(backoff)
+		backoff *= 2
 	}
+
 	rootfs := "/"
 	if !inHostNamespace {
 		rootfs = "/rootfs"
diff --git a/vendor/github.com/google/cadvisor/container/docker/docker.go b/vendor/github.com/google/cadvisor/container/docker/docker.go
index b0ed227dda0d..f1cda2be8f55 100644
--- a/vendor/github.com/google/cadvisor/container/docker/docker.go
+++ b/vendor/github.com/google/cadvisor/container/docker/docker.go
@@ -29,19 +29,27 @@ import (
 	"github.com/google/cadvisor/machine"
 )
 
-const defaultTimeout = time.Second * 5
+var dockerTimeout = 10 * time.Second
 
 func defaultContext() context.Context {
-	ctx, _ := context.WithTimeout(context.Background(), defaultTimeout)
+	ctx, _ := context.WithTimeout(context.Background(), dockerTimeout)
 	return ctx
 }
 
+func SetTimeout(timeout time.Duration) {
+	dockerTimeout = timeout
+}
+
 func Status() (v1.DockerStatus, error) {
+	return StatusWithContext(defaultContext())
+}
+
+func StatusWithContext(ctx context.Context) (v1.DockerStatus, error) {
 	client, err := Client()
 	if err != nil {
 		return v1.DockerStatus{}, fmt.Errorf("unable to communicate with docker daemon: %v", err)
 	}
-	dockerInfo, err := client.Info(defaultContext())
+	dockerInfo, err := client.Info(ctx)
 	if err != nil {
 		return v1.DockerStatus{}, err
 	}
diff --git a/vendor/github.com/google/cadvisor/container/docker/handler.go b/vendor/github.com/google/cadvisor/container/docker/handler.go
index 541df67c99da..8f63d02eb040 100644
--- a/vendor/github.com/google/cadvisor/container/docker/handler.go
+++ b/vendor/github.com/google/cadvisor/container/docker/handler.go
@@ -44,6 +44,7 @@ import (
 const (
 	// The read write layers exist here.
 	aufsRWLayer     = "diff"
+	overlayRWLayer  = "upper"
 	overlay2RWLayer = "diff"
 
 	// Path to the directory where docker stores log files if the json logging driver is enabled.
@@ -197,7 +198,7 @@ func newDockerContainerHandler(
 	case aufsStorageDriver:
 		rootfsStorageDir = path.Join(storageDir, string(aufsStorageDriver), aufsRWLayer, rwLayerID)
 	case overlayStorageDriver:
-		rootfsStorageDir = path.Join(storageDir, string(storageDriver), rwLayerID)
+		rootfsStorageDir = path.Join(storageDir, string(storageDriver), rwLayerID, overlayRWLayer)
 	case overlay2StorageDriver:
 		rootfsStorageDir = path.Join(storageDir, string(storageDriver), rwLayerID, overlay2RWLayer)
 	case zfsStorageDriver:
@@ -391,6 +392,7 @@ func (self *dockerContainerHandler) GetSpec() (info.ContainerSpec, error) {
 	}
 	spec.Envs = self.envs
 	spec.Image = self.image
+	spec.CreationTime = self.creationTime
 
 	return spec, err
 }
diff --git a/vendor/github.com/google/cadvisor/container/factory.go b/vendor/github.com/google/cadvisor/container/factory.go
index befb4a9e63ca..07445f9dd700 100644
--- a/vendor/github.com/google/cadvisor/container/factory.go
+++ b/vendor/github.com/google/cadvisor/container/factory.go
@@ -42,6 +42,7 @@ type MetricKind string
 
 const (
 	CpuUsageMetrics        MetricKind = "cpu"
+	PerCpuUsageMetrics     MetricKind = "percpu"
 	MemoryUsageMetrics     MetricKind = "memory"
 	CpuLoadMetrics         MetricKind = "cpuLoad"
 	DiskIOMetrics          MetricKind = "diskIO"
diff --git a/vendor/github.com/google/cadvisor/container/libcontainer/helpers.go b/vendor/github.com/google/cadvisor/container/libcontainer/helpers.go
index c2194ac34ad9..2f9270758b00 100644
--- a/vendor/github.com/google/cadvisor/container/libcontainer/helpers.go
+++ b/vendor/github.com/google/cadvisor/container/libcontainer/helpers.go
@@ -113,7 +113,8 @@ func GetStats(cgroupManager cgroups.Manager, rootFs string, pid int, ignoreMetri
 	libcontainerStats := &libcontainer.Stats{
 		CgroupStats: cgroupStats,
 	}
-	stats := newContainerStats(libcontainerStats)
+	withPerCPU := !ignoreMetrics.Has(container.PerCpuUsageMetrics)
+	stats := newContainerStats(libcontainerStats, withPerCPU)
 
 	// If we know the pid then get network stats from /proc/<pid>/net/dev
 	if pid == 0 {
@@ -467,14 +468,17 @@ func minUint32(x, y uint32) uint32 {
 var numCpusFunc = getNumberOnlineCPUs
 
 // Convert libcontainer stats to info.ContainerStats.
-func setCpuStats(s *cgroups.Stats, ret *info.ContainerStats) {
+func setCpuStats(s *cgroups.Stats, ret *info.ContainerStats, withPerCPU bool) {
 	ret.Cpu.Usage.User = s.CpuStats.CpuUsage.UsageInUsermode
 	ret.Cpu.Usage.System = s.CpuStats.CpuUsage.UsageInKernelmode
-	ret.Cpu.Usage.Total = 0
+	ret.Cpu.Usage.Total = s.CpuStats.CpuUsage.TotalUsage
 	ret.Cpu.CFS.Periods = s.CpuStats.ThrottlingData.Periods
 	ret.Cpu.CFS.ThrottledPeriods = s.CpuStats.ThrottlingData.ThrottledPeriods
 	ret.Cpu.CFS.ThrottledTime = s.CpuStats.ThrottlingData.ThrottledTime
 
+	if !withPerCPU {
+		return
+	}
 	if len(s.CpuStats.CpuUsage.PercpuUsage) == 0 {
 		// libcontainer's 'GetStats' can leave 'PercpuUsage' nil if it skipped the
 		// cpuacct subsystem.
@@ -501,7 +505,6 @@ func setCpuStats(s *cgroups.Stats, ret *info.ContainerStats) {
 
 	for i := uint32(0); i < numActual; i++ {
 		ret.Cpu.Usage.PerCpu[i] = s.CpuStats.CpuUsage.PercpuUsage[i]
-		ret.Cpu.Usage.Total += s.CpuStats.CpuUsage.PercpuUsage[i]
 	}
 
 }
@@ -587,13 +590,13 @@ func setNetworkStats(libcontainerStats *libcontainer.Stats, ret *info.ContainerS
 	}
 }
 
-func newContainerStats(libcontainerStats *libcontainer.Stats) *info.ContainerStats {
+func newContainerStats(libcontainerStats *libcontainer.Stats, withPerCPU bool) *info.ContainerStats {
 	ret := &info.ContainerStats{
 		Timestamp: time.Now(),
 	}
 
 	if s := libcontainerStats.CgroupStats; s != nil {
-		setCpuStats(s, ret)
+		setCpuStats(s, ret, withPerCPU)
 		setDiskIoStats(s, ret)
 		setMemoryStats(s, ret)
 	}
diff --git a/vendor/github.com/google/cadvisor/fs/fs.go b/vendor/github.com/google/cadvisor/fs/fs.go
index 271b01e3562f..b86ec36efedb 100644
--- a/vendor/github.com/google/cadvisor/fs/fs.go
+++ b/vendor/github.com/google/cadvisor/fs/fs.go
@@ -35,6 +35,7 @@ import (
 	"github.com/docker/docker/pkg/mount"
 	"github.com/golang/glog"
 	"github.com/google/cadvisor/devicemapper"
+	"github.com/google/cadvisor/utils"
 	dockerutil "github.com/google/cadvisor/utils/docker"
 	zfs "github.com/mistifyio/go-zfs"
 )
@@ -113,7 +114,9 @@ func NewFsInfo(context Context) (FsInfo, error) {
 
 	fsUUIDToDeviceName, err := getFsUUIDToDeviceNameMap()
 	if err != nil {
-		return nil, err
+		// UUID is not always avaiable across different OS distributions.
+		// Do not fail if there is an error.
+		glog.Warningf("Failed to get disk UUID mapping, getting disk info by uuid will not work: %v", err)
 	}
 
 	// Avoid devicemapper container mounts - these are tracked by the ThinPoolWatcher
@@ -409,10 +412,14 @@ func (self *RealFsInfo) GetFsInfoForPath(mountSet map[string]struct{}) ([]Fs, er
 				fs.Type = ZFS
 			default:
 				var inodes, inodesFree uint64
-				fs.Capacity, fs.Free, fs.Available, inodes, inodesFree, err = getVfsStats(partition.mountpoint)
-				fs.Inodes = &inodes
-				fs.InodesFree = &inodesFree
-				fs.Type = VFS
+				if utils.FileExists(partition.mountpoint) {
+					fs.Capacity, fs.Free, fs.Available, inodes, inodesFree, err = getVfsStats(partition.mountpoint)
+					fs.Inodes = &inodes
+					fs.InodesFree = &inodesFree
+					fs.Type = VFS
+				} else {
+					glog.V(4).Infof("unable to determine file system type, partition mountpoint does not exist: %v", partition.mountpoint)
+				}
 			}
 			if err != nil {
 				glog.Errorf("Stat fs failed. Error: %v", err)
diff --git a/vendor/github.com/google/cadvisor/manager/container.go b/vendor/github.com/google/cadvisor/manager/container.go
index 8193bb5e3759..88dd7c153651 100644
--- a/vendor/github.com/google/cadvisor/manager/container.go
+++ b/vendor/github.com/google/cadvisor/manager/container.go
@@ -504,7 +504,7 @@ func (c *containerData) housekeepingTick(timer <-chan time.Time, longHousekeepin
 	err := c.updateStats()
 	if err != nil {
 		if c.allowErrorLogging() {
-			glog.Warning("Failed to update stats for container \"%s\": %s", c.info.Name, err)
+			glog.Warningf("Failed to update stats for container \"%s\": %s", c.info.Name, err)
 		}
 	}
 	// Log if housekeeping took too long.
diff --git a/vendor/github.com/google/cadvisor/manager/manager.go b/vendor/github.com/google/cadvisor/manager/manager.go
index 08955833bff0..10a725f7eb57 100644
--- a/vendor/github.com/google/cadvisor/manager/manager.go
+++ b/vendor/github.com/google/cadvisor/manager/manager.go
@@ -50,6 +50,7 @@ import (
 
 	"github.com/golang/glog"
 	"github.com/opencontainers/runc/libcontainer/cgroups"
+	"golang.org/x/net/context"
 	"k8s.io/utils/clock"
 )
 
@@ -59,6 +60,8 @@ var eventStorageAgeLimit = flag.String("event_storage_age_limit", "default=24h",
 var eventStorageEventLimit = flag.String("event_storage_event_limit", "default=100000", "Max number of events to store (per type). Value is a comma separated list of key values, where the keys are event types (e.g.: creation, oom) or \"default\" and the value is an integer. Default is applied to all non-specified event types")
 var applicationMetricsCountLimit = flag.Int("application_metrics_count_limit", 100, "Max number of application metrics to store (per container)")
 
+const dockerClientTimeout = 10 * time.Second
+
 // The Manager interface defines operations for starting a manager and getting
 // container and machine information.
 type Manager interface {
@@ -154,11 +157,10 @@ func New(memoryCache *memory.InMemoryCache, sysfs sysfs.SysFs, maxHousekeepingIn
 		dockerStatus info.DockerStatus
 		rktPath      string
 	)
-	if tempDockerStatus, err := docker.Status(); err != nil {
-		glog.V(5).Infof("Docker not connected: %v", err)
-	} else {
-		dockerStatus = tempDockerStatus
-	}
+	docker.SetTimeout(dockerClientTimeout)
+	// Try to connect to docker indefinitely on startup.
+	dockerStatus = retryDockerStatus()
+
 	if tmpRktPath, err := rkt.RktPath(); err != nil {
 		glog.V(5).Infof("Rkt not connected: %v", err)
 	} else {
@@ -234,6 +236,31 @@ func New(memoryCache *memory.InMemoryCache, sysfs sysfs.SysFs, maxHousekeepingIn
 	return newManager, nil
 }
 
+func retryDockerStatus() info.DockerStatus {
+	startupTimeout := dockerClientTimeout
+	maxTimeout := 4 * startupTimeout
+	for {
+		ctx, _ := context.WithTimeout(context.Background(), startupTimeout)
+		dockerStatus, err := docker.StatusWithContext(ctx)
+		if err != nil {
+			return dockerStatus
+		}
+
+		switch err {
+		case context.DeadlineExceeded:
+			glog.Warningf("Timeout trying to communicate with docker during initialization, will retry")
+		default:
+			glog.V(5).Infof("Docker not connected: %v", err)
+			return info.DockerStatus{}
+		}
+
+		startupTimeout = 2 * startupTimeout
+		if startupTimeout > maxTimeout {
+			startupTimeout = maxTimeout
+		}
+	}
+}
+
 // A namespaced container name.
 type namespacedContainerName struct {
 	// The namespace of the container. Can be empty for the root namespace.
diff --git a/vendor/github.com/google/cadvisor/metrics/prometheus.go b/vendor/github.com/google/cadvisor/metrics/prometheus.go
index 2dd7747b8341..4354071b8126 100644
--- a/vendor/github.com/google/cadvisor/metrics/prometheus.go
+++ b/vendor/github.com/google/cadvisor/metrics/prometheus.go
@@ -150,10 +150,18 @@ func NewPrometheusCollector(i infoProvider, f ContainerLabelsFunc) *PrometheusCo
 				},
 			}, {
 				name:        "container_cpu_usage_seconds_total",
-				help:        "Cumulative cpu time consumed per cpu in seconds.",
+				help:        "Cumulative cpu time consumed in seconds.",
 				valueType:   prometheus.CounterValue,
 				extraLabels: []string{"cpu"},
 				getValues: func(s *info.ContainerStats) metricValues {
+					if len(s.Cpu.Usage.PerCpu) == 0 {
+						if s.Cpu.Usage.Total > 0 {
+							return metricValues{{
+								value:  float64(s.Cpu.Usage.Total) / float64(time.Second),
+								labels: []string{"total"},
+							}}
+						}
+					}
 					values := make(metricValues, 0, len(s.Cpu.Usage.PerCpu))
 					for i, value := range s.Cpu.Usage.PerCpu {
 						if value > 0 {
diff --git a/vendor/github.com/google/cadvisor/pages/static/assets.go b/vendor/github.com/google/cadvisor/pages/static/assets.go
index 156737f2bd43..ec854945f3a3 100644
--- a/vendor/github.com/google/cadvisor/pages/static/assets.go
+++ b/vendor/github.com/google/cadvisor/pages/static/assets.go
@@ -1,4 +1,4 @@
-// Copyright 2017 Google Inc. All Rights Reserved.
+// Copyright 2018 Google Inc. All Rights Reserved.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -251,7 +251,7 @@ func pagesAssetsStylesBootstrapTheme311MinCss() (*asset, error) {
 	return a, nil
 }
 
-var _pagesAssetsStylesContainersCss = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xac\xb9\xd7\x8e\xe3\x68\x9a\x28\x78\xdf\x4f\x91\x3b\x83\x05\xce\x39\xec\x6c\x7a\x57\x85\xbd\xa0\x11\x45\x27\x7a\x7f\xb3\xa0\x27\x25\x7a\x27\x92\x85\x79\xf7\x85\x22\x22\x23\xb3\x4c\x57\x75\xcf\x6c\x20\x95\x11\xfc\xf9\x7f\xde\x7f\xfa\xdb\x3f\xca\xbe\x2f\x9b\xfc\xeb\x56\xcf\x6b\xdc\xd4\x67\xbc\xd4\x7d\xf7\x75\xe9\xfb\x26\x89\xa7\x5f\x8a\xbe\x5b\xbe\xce\xf5\x99\xff\x04\x43\xd0\xff\xfd\x5f\x7f\x7a\xf9\xcb\x9f\xbe\xfd\x9a\xef\x43\x3f\x2d\x5f\xeb\xf7\x4b\x7f\xff\xff\x01\x55\x16\x2f\xf1\xff\x08\x4f\xb5\xb4\xcd\xd7\xb4\xcf\xf2\x5f\xda\x78\x2a\xeb\xee\xeb\x54\x97\xd5\xf2\xd3\x3f\xe0\xbc\xfd\x73\x51\xbf\x43\xbe\x78\x69\xe2\xee\xed\xed\xbb\xb6\x9e\xf9\x1b\x92\xa4\x6f\xb2\xbf\x40\xd2\x3f\xbe\x26\xeb\xb2\xf4\xdd\x2f\x43\x9c\x65\x75\x57\xfe\x84\x0c\xfb\x5f\xc0\x2c\x53\x1d\x77\x65\x93\xff\x32\xf4\x73\xfd\x7a\xf3\x53\x9c\xcc\x7d\xb3\x2e\xf9\xcf\xef\xcc\x43\x3f\x2f\xfd\xf0\x13\xf4\x17\x68\xd2\x78\x78\x7f\x8e\x93\x26\xff\xe5\x59\x67\x4b\xf5\x66\xe1\x9f\xbf\x71\x02\xfd\xfc\xae\x92\x9f\xa0\x9f\x93\x7e\xca\xf2\xe9\xf3\x8f\xaf\x69\xdf\x34\xf1\x30\xe7\x3f\x7d\xfb\xe3\x2f\x68\xcd\x6d\xdc\x34\x5f\xb3\x3a\x6e\xfa\xf2\x83\x14\x0e\x41\x7f\x29\x69\x52\x97\xbf\x06\xa2\xfe\x05\xa0\x1f\x69\xfd\xb9\x6b\xfc\x88\xff\xf7\xba\x4c\xe2\xf4\x51\x4e\xfd\xda\x65\x2f\x71\xfb\xe9\xa7\xff\x4c\xe1\x8c\x2e\x8a\x6f\xca\x80\x87\xfd\xcb\xdc\x37\x75\xf6\xe5\x3f\xd1\x18\x27\x49\xec\x53\x71\xd4\xbf\xc5\xe3\xd7\xe4\x5f\x67\xf3\x6b\x52\xfe\xf2\x7b\xbe\xb2\x2c\xfb\xf9\xf7\xfc\xbf\xf9\xc0\xcf\x4d\x5e\x2c\x7f\xe9\x0a\xbf\x62\x67\xa9\x97\xbf\x8a\xcd\x1f\x39\x7a\xbb\xfe\x07\x4c\xe5\x50\x9e\x15\xf9\xcf\x1f\x4f\x10\x04\xfd\x9c\xae\xd3\xdc\x4f\x3f\x0d\x7d\xdd\x2d\xf9\xf4\xa3\xb6\xbe\x73\x3f\xe5\x4d\xbc\xd4\x5b\xfe\xf3\x0f\x59\x07\x19\x96\x9f\x7f\x1b\x56\x3f\x6f\xf9\xb4\xd4\x69\xdc\x7c\x8d\x9b\xba\xec\x7e\x6a\xeb\x2c\x6b\xfe\x1d\x2f\xfc\x9a\xf6\xdd\x92\x77\xcb\xbf\x2e\xe8\x07\xc0\x1f\x88\x5a\x14\xc5\xa7\x34\xd8\xb0\xff\x8a\xd9\xae\x9f\xda\xb8\xf9\xb9\xdf\xf2\xa9\x68\xfa\xe7\x4f\xf1\xba\xf4\xff\xb6\x35\xbe\xa6\x4d\x3f\xff\xbb\x36\x79\x07\xfa\x81\xdd\x9f\x96\x29\xee\xe6\x21\x9e\xf2\x6e\xf9\xb2\x4e\xcd\xff\x7a\xbb\xf0\xff\x26\xfd\xfe\x8f\xb2\x2e\xfe\xf7\x97\xae\xff\x3a\xe5\x43\x1e\x2f\x5f\xe6\x74\xea\x9b\xe6\x4b\x9a\xbf\x19\xaa\x7a\x97\x04\xc6\x7f\x34\xd4\x6f\x52\x0e\x0c\x0d\xfb\x9b\xc7\xbd\xac\xf9\x91\x4b\xf0\x7f\x2f\x0c\x3e\xf4\xfb\xa5\x2e\xa6\xb8\xfd\x37\x84\xfd\x35\xdc\x8f\xd9\xe5\x1b\xe7\xe4\xdb\xc3\xef\xc2\x36\x69\xe2\xf4\xf1\x5f\xff\x48\xab\x78\x5a\xe6\xaf\x75\xd7\xd4\x5d\xfe\x35\x69\xfa\xf4\xf1\xcb\xef\xfd\x31\xab\xe7\xa1\x89\x8f\x9f\xbe\xb6\xfd\xf9\x79\xb7\xdf\x3f\xcf\x7f\x04\xff\xaf\xff\xf3\xe5\x55\x1c\xbe\xfc\x11\xea\xbf\xff\x9f\x9f\x8a\x7a\x9a\x97\xaf\x69\x55\x37\x19\xf0\x4f\xef\xfd\xf2\x6b\xc4\x9f\x6c\xb6\x79\xb7\xfe\x68\xd3\x37\xe7\xfb\x9e\x95\xdf\xd2\x54\x9a\x7e\xf9\x4f\x82\x20\x3e\xfe\x4b\xd3\xf4\xdb\x85\x79\x39\x9a\xfc\xa7\x37\xe9\xbf\x1d\x7d\xd8\x6a\xd8\xbf\x85\x67\x96\x17\xf1\xda\xbc\x47\xdc\x87\xf7\x7e\x81\xd1\x61\xff\xc2\x4c\x75\xdc\xfc\x7d\x8e\xbb\xf9\xeb\x9c\x4f\x75\xf1\xbd\x3a\xf4\xeb\xf2\xe2\xf1\xa7\xae\xef\xf2\x1f\x03\xe1\x0b\xf4\x07\xfe\xf2\xd2\x5e\x96\xef\x3f\x21\x10\x04\x41\xbf\x12\xeb\x5b\x25\xfc\x51\xba\x2c\xcb\xde\x5c\x15\x04\xe7\xb9\xf9\x47\x39\x2f\xf1\x52\xa7\xff\x48\xfb\x16\xcc\xb3\x7a\xe9\x27\xf0\x1d\xe6\x6b\x52\xfe\x63\xe8\xca\xff\xfd\xe5\xdd\x81\xbf\xee\x5f\x96\x7e\xf8\xf2\xca\x7d\xdf\x4b\xd7\x3f\xcf\x44\x4d\x3d\x2f\x1f\xba\x79\x13\xe1\x43\x30\x64\xd8\xff\x58\x34\xe8\xe7\x25\xdf\x97\xaf\x59\x9e\xf6\xd3\x9b\x5b\xbe\xbf\xfe\x27\x29\xe9\xf7\x12\x7e\xed\xd7\x25\x9f\x5e\xee\xf3\xf7\x3f\x7a\x5b\x77\xdd\xfb\xdb\x5f\xfe\xb9\xd9\x3e\x84\x89\xe3\xf8\xb7\x64\x97\x7e\xf8\x73\x9a\xbf\xfc\xa6\xaa\x7f\x77\x81\x97\xbd\xbe\x89\xf8\x87\x38\xbe\x73\xf6\x0d\xc7\x97\xaf\xf0\x67\x68\x7d\x20\x82\xbe\xbc\x8e\xbe\x21\x7a\x79\x0e\x36\xec\xbf\x0d\x89\x3f\xc6\xfa\x56\xac\x5e\x18\xff\xec\xfa\xb4\xfc\xf1\xf9\x77\x01\x3f\xd1\x7c\x24\xa7\xb7\x9c\xfb\xdf\xc0\xf8\x9d\xb1\x1f\xf1\xfc\xf3\xf8\xfd\x4b\xa1\xfe\x35\xd0\xbf\x66\xe7\x0d\xe5\x6f\xe4\xfb\xe9\xa7\xa9\xef\x97\x3f\x02\xfc\xe5\x2d\xab\x7c\xe4\x42\xe8\x4f\x2e\xfe\xa8\xc2\x7f\x15\xe4\x07\xa6\xfe\x55\x90\x8f\xc6\xf3\x57\x00\xef\x89\xe6\xcf\xa0\xb2\xa9\x1f\xb2\xfe\xf9\x87\x60\x7f\x78\xbf\x9e\x5f\x8d\x6d\xf6\x63\xbd\xae\xdb\xb8\x7c\x8f\xe5\xff\xab\x6e\x5f\xf3\x43\xdc\x2d\x3f\xf7\x43\x9c\xd6\xcb\xf1\xd3\x3f\xd0\x9f\xdf\x92\xfb\x0f\xcf\x45\xdd\x2c\xf9\xf4\x53\xdc\x0c\x55\xfc\xbf\x3e\xce\xff\x1f\x14\xfa\xdf\x7f\x4a\xf0\xcf\x35\xfb\x87\x11\xff\xa7\xa0\x9f\x1a\xfe\xf7\x41\x3f\x34\xfd\xef\x03\x7e\x2a\xfb\x23\xcf\xa0\x28\xfa\x83\xc6\x7e\x9d\x83\x68\x9a\xfe\xfe\xee\xcf\xc2\xec\x1b\xc5\x3f\x2b\x81\x7f\x68\xc1\xef\xf9\xf8\x95\x5a\x7e\x60\xe4\x33\x5b\xfd\xfa\xfc\x0f\xcd\x53\xbd\x5a\xb0\xff\x86\x6d\xfe\x39\xdc\xef\xf2\xf4\x37\x85\xa4\xc5\x97\xff\x24\xe8\xfc\xe3\x3f\x32\x2e\xfe\x82\xb5\x38\x7d\xb5\x18\x7f\x48\xbd\x1f\xf2\xee\x0f\x3a\xce\x24\x49\x7e\x9c\x4f\x3e\xab\x6c\xd2\x2f\x4b\xdf\xbe\x15\xbe\x3f\xa4\x54\xf4\xe9\x3a\xff\xb7\x5c\xf4\xcf\x20\xff\x89\x22\xfa\x29\xee\xca\x3f\x2e\x80\xdf\x52\xc0\x77\x03\xbe\xb5\x0b\x5f\xa0\x7f\xb5\x9a\x7d\x3a\xe8\x8f\xcd\xe9\x7b\xfd\x21\x5f\x05\xe9\x7b\x0b\xf1\xa7\xdd\xc3\xfb\xaf\x8f\xa6\xf2\xbd\x83\xf8\xde\x05\x7f\x45\x29\xea\xad\x28\xfe\x8b\x3c\x7d\x9b\x85\xdf\x57\x08\x7f\xa8\xc5\x5f\x5f\xf9\x6f\x98\xe1\x5f\x40\xf0\xdb\x22\xfd\xb1\xd1\xf8\xe3\x8a\xfe\x89\xef\xe5\x32\x7f\x4e\xf1\x75\xe3\x2f\xaa\xc6\x07\xc1\x6f\x33\xe7\x7f\x0b\xdb\xef\xd8\x7f\xc7\xf6\x2d\xe9\x7c\x2b\x7d\xdf\x46\xef\xa2\x28\xfe\x9a\xd0\x1f\x5e\xa8\xf2\xf4\xf1\xaf\x3a\xf4\x6f\xa9\x66\x59\xf6\x2b\xaa\xf5\x92\xb7\xbf\xfc\xd0\x60\xfe\x75\xf3\xfc\x4f\x7a\x4e\xe8\x57\xfd\x33\x99\xb7\x6f\x81\x81\xbc\x4d\x55\x55\xbd\xe4\x5f\xe7\x21\x4e\x5f\x20\xcf\x29\x1e\x7e\xc7\xc2\x6f\x9f\x5f\xad\xc4\xb7\x18\x7b\x97\x81\xcc\xdb\x6f\x14\x3e\xfc\x02\x79\xdb\x56\xfc\xa8\x84\xae\x7f\xd3\x4d\xd2\xef\x5f\x7e\x8b\xf0\xef\xbf\xb9\x58\xa7\x7d\xf7\xbb\x4b\xbf\xa6\x08\x23\xbf\xc7\x1f\xa7\x69\xde\xfc\x73\xb8\x0f\xc6\xa0\xdf\x00\xbe\x49\xf4\x6d\x0a\xff\x77\x94\xfd\x7b\x2c\x7f\x58\xfc\xde\xde\xbc\xb1\xf6\xf7\x7f\x03\xe0\x37\x0c\xa5\x69\xfa\x4f\xb2\xfd\x5f\xe0\x79\xa9\xf2\x97\xff\x69\x2f\xf2\x86\xa9\xaa\xcb\xaa\xf9\x5d\x0a\x7a\x7f\xf5\x2a\x66\x7f\xb4\x41\x22\x72\xba\xa0\x7e\x53\xd8\x7f\x7d\xf8\xee\xab\x59\xbf\x2c\xf9\xef\x87\xc7\xef\x93\xc3\xd7\xf7\x12\xf4\xea\xfb\x3f\x8f\x96\x7e\x78\x3d\xff\x81\x31\x3f\xfc\xec\xf7\x8c\xbe\x69\xe3\x07\x3e\xdf\x53\xf2\x4f\x9f\xc9\xf9\x73\x29\x41\x0c\xfb\xfb\x8e\x8b\xf8\x93\xed\xc4\xab\x41\xfe\xe3\xf1\xec\xdb\xae\x82\xf8\x23\xf6\x7e\xdb\x88\xff\x05\xcf\x7f\x78\xfd\x4d\x90\x37\x06\xdf\x98\x78\xe7\xe7\x47\x6a\xfd\xfb\x16\x76\xce\x9b\x3c\x5d\xfe\xd0\xc1\x7e\x4b\xf0\x2f\x21\x7e\xa3\xbc\xff\x49\x09\xc4\x5f\xe1\xfb\x05\xfa\xbd\x6e\xde\xe2\xe4\x97\xef\x2d\xe0\xcf\x59\x3d\xe5\xe9\x9b\xf2\x9b\x65\xfa\xf9\xbb\xc4\xdf\x4b\xfc\x9f\x59\xe8\x63\xa4\x7e\x37\xcd\xdb\xd1\xbf\x68\x8e\x77\x3e\x3e\x6a\xc4\x0f\xd6\xfe\x01\xdd\xef\xba\xa1\x37\xc0\xb6\xcb\xdb\xbe\xab\xd3\xaf\x55\xdd\x2d\xbf\xfc\x76\xa0\x5f\xbb\x2c\x9f\x7e\xb7\x78\xf9\x35\xe0\x9c\x0f\xf1\x14\x2f\xfd\xf4\xa3\x1a\x7e\xb5\xb7\xfc\x1e\x02\x6f\x0c\xbe\xe6\xe0\xbf\xfd\xed\x1f\x2f\x1b\x7c\x6d\xe2\x24\x6f\xbe\xfc\xf2\xb7\x2f\x5f\xbe\x7c\xf9\xdd\x72\xf3\x6f\xff\xf5\xb7\x7f\xac\x5d\xfd\xeb\x5b\x1f\x44\xa8\xb7\x9f\x9f\xbf\x03\xbe\x07\x66\xbd\xc4\x4d\x9d\xbe\x41\xbe\xb7\x93\x5f\xd3\x61\xfd\xa7\xf8\x7f\xc0\x07\xbd\xfd\xbc\x01\xd6\xdd\xef\x40\x7f\x43\xf4\xbf\xfe\xf6\x8f\x29\x7e\x7e\x7d\x49\x30\xff\x88\xbc\x88\xdb\xba\x39\x7e\xfa\xf2\x1f\x5c\xbf\x4e\x75\x3e\x7d\xd1\xf2\xe7\x7f\xbc\x93\xf9\xb1\x6c\x7d\x19\xa6\xfc\xeb\xab\x72\xbd\x93\x9b\xfb\xe6\x63\xab\x57\x2f\x4d\xfe\x6b\x8a\xc2\xdb\xcf\xdb\xbd\x21\x2e\x5f\x03\x5f\x9c\xe5\xd3\x97\x0a\xfe\xb8\xf6\xec\xa7\xec\x0d\xd5\x4f\x5f\x92\x29\x8f\x1f\x5f\x5f\x07\x6f\xd7\xdf\xbe\xcf\xf8\x3a\xf5\xcf\x3f\x64\x30\x7d\x67\xf0\x3f\xfe\xfe\xe5\x3f\xda\xbe\xeb\xdf\xf8\xfa\x8f\x1f\xb5\xf9\x32\xdd\x97\xb7\x76\xf2\xed\xf0\x07\x3f\xfa\xf2\xe6\x5e\xef\xc7\xbf\x49\x26\x5f\x96\x7e\x78\x7f\xf1\xb1\x6e\xfa\xf2\x89\xe0\xc7\x2e\xe6\x0b\xfa\x9b\xd3\x77\x87\xfd\xdd\xf1\x2b\x61\xfe\xee\xf0\x23\xb1\xbe\x9f\xff\xd7\xdf\xfe\x31\xaf\xc9\xab\xf6\xc4\xf5\xab\x57\xf9\xd8\x16\x7e\xad\xbb\x61\x5d\x3e\x04\xff\x15\x65\xec\x1b\xb6\xf7\x84\xf7\x05\x83\xde\xd1\xfc\x67\xd3\x97\xfd\x07\xc0\x47\x4e\xfd\x82\xbc\xed\x4b\x7f\xc7\x10\xf2\x79\xfa\xfb\xc4\xfc\x3d\x67\xfc\xee\xc6\xbb\x46\x3f\x58\xfd\xdd\xdb\xcf\x84\xf0\x6d\xdb\xfc\xdb\x0b\xef\x33\xfb\x2b\x85\xfd\x47\x16\x2f\xf1\x4f\x6f\xcf\xe0\xd0\x95\x3f\x27\xf1\x9c\x13\xd8\xdf\x6b\x8f\xd5\xad\x27\xa4\x5c\xcb\x9e\x61\x18\x46\xb3\xdd\xea\xe2\x96\x0c\xc3\x92\xee\xeb\xb1\xe6\x18\x89\x61\x18\x8e\x45\xcc\x01\x65\x18\x46\xb1\xfd\x86\x37\x61\xf6\x74\x1f\x19\x27\x5d\x1a\xc1\x3c\xc3\x5d\x77\x42\x44\x75\xa4\xf5\x66\x32\x4c\xae\x8d\x99\x8b\x66\xe1\x03\x4c\x7d\x63\x01\xd1\xc8\xa4\x7d\x73\xb9\x3f\xe7\x28\x9b\x4b\x93\xa9\x25\xe2\x29\x1d\x2c\x1b\xf5\x15\x67\x33\xd7\xeb\xe5\xc2\xca\xcc\x1e\xfa\x12\xd7\x84\xae\x60\x5d\x53\x5b\x08\x2e\xe5\xe2\x2a\xb6\x8c\x48\xd8\xc8\xf4\xeb\x35\x63\xeb\xbe\x8a\x6b\xd8\x4b\x75\x1d\x2b\x50\x25\x87\x8b\x60\xda\xc8\x1c\x25\x61\x70\xa5\x70\xfc\xec\xc0\x1b\x8e\x9f\x4f\x80\xb9\x58\x52\xfb\xc8\xe3\x3a\x2e\x19\xdc\xed\x5d\x4a\x5f\xca\xe2\x0e\xd1\xd2\x7e\x6b\xe9\x92\x91\x3c\x5b\x67\x2e\x12\xcb\xb7\x07\x25\x77\x6c\xea\x32\x8c\xc1\xf0\x79\x50\x01\x99\xca\x80\x20\x73\xdd\x92\x27\xc3\x31\x22\xef\xa9\xb5\x69\xef\x80\x08\x96\xe4\x60\xca\x4d\xca\x48\xf2\x85\xc1\x38\xc9\xc6\x9f\x33\xfb\x10\x24\xe6\xe0\x70\xf7\x60\x4d\xe6\x60\x4b\x66\x16\xf4\x33\x62\x7a\xa6\x61\x18\x26\x11\x1b\xca\xac\x25\x66\x2c\x21\x86\x34\x2c\xd9\x28\x5d\x06\x51\x5a\x07\x65\x53\x06\x51\xa4\x74\x34\x4b\xe6\x6e\x5e\x98\xd6\xae\x44\x99\x91\x99\xf5\xc9\x96\x5e\x28\xd8\x2a\xa3\x32\xcf\x92\x2b\xa7\x0b\x53\xab\xa5\xc3\x4c\xe5\x95\xf1\x93\xf0\xb0\x9e\x0a\xb3\x99\x2e\x93\xf5\x78\xf8\x60\x68\x26\x64\x38\xa6\x75\xa5\xf9\x64\x98\x52\x67\x24\xc6\xdc\x31\xe7\x34\x6f\xa5\xc3\xe8\xe5\x4d\x53\x40\x4c\x69\x8a\x54\xf2\x31\x9b\xb9\x30\xcf\xdb\xea\x9d\x51\xa6\x42\xf7\x9b\xbb\xca\x81\x79\xed\x8a\x83\xd2\xf9\x5a\xca\x55\x2e\x51\x05\x2e\xb4\xd2\xe1\x72\x0d\x65\x9c\x53\xd2\x06\x9f\xef\x17\xe8\xde\x31\xd0\xa9\xf3\x0c\xc3\x5c\xb7\xce\x7a\x16\x18\x66\xe0\x7c\x87\xaf\x4e\x85\xb7\x49\x97\xe8\x20\xb4\xc7\x2a\x10\x83\xec\x26\xdd\xb1\x8a\xca\x40\x60\x93\x9e\x1c\xcb\x30\xa6\x33\x83\x1b\xd2\x80\x0d\x9e\x85\x7c\x7a\x4b\xd9\x59\xf4\xc1\x98\x68\x12\x46\x1b\x7c\xe6\x7a\x2f\x00\x0f\x3a\x91\x67\x5b\xfa\xe5\x64\xe6\x5b\xab\xe6\xce\x9d\x32\x59\x22\xef\x3d\x5e\x32\x58\x28\xe5\xca\x59\x25\x6d\xaf\xee\x13\xe8\x89\x61\x33\x00\x9e\x46\x95\x00\x9c\x5a\x6c\x09\x65\xb2\x24\x80\xa0\xd3\x93\x11\xaf\xb1\x29\xb7\xcb\x53\xd1\x79\x30\x10\xaa\xa4\x8b\x57\xb7\x27\xbb\xe3\x69\x71\x37\x9f\x44\xf1\xc3\x00\x76\xcc\x03\xc1\x10\x1b\xa0\x5c\x82\x66\xef\x39\x0b\xe1\xb4\xfb\x52\x8b\xb9\x9c\xac\xed\x68\x8b\xbb\x83\x70\x91\xd2\xd6\xc3\x2a\x75\x28\x4e\x75\x17\xf1\x84\xe6\x22\x0d\xe5\x4d\x6e\xae\x1e\x20\xe3\x4c\xa1\xb8\xa4\xcb\xfc\x14\xc9\x95\x31\x15\x95\x6f\xee\x76\x56\xb2\x4c\xb1\xdd\x96\x3b\xdb\xab\x0f\x93\x31\xa3\xd3\x3c\xf2\x22\x65\x18\x59\x07\x81\x90\x66\x94\xe7\x85\x39\xa3\xfc\x81\x3d\x19\x66\xd3\xcb\x30\x50\x6a\x57\x80\xce\x2b\xc7\x30\x8c\xa5\x70\xac\x32\xb1\x2c\xfb\x3c\x59\x41\x39\x19\x7e\x38\x59\x31\x39\x19\xe1\x29\x57\xec\xc3\x62\x78\xce\x61\x0c\x96\xe5\xd8\xd5\x66\x44\x66\xac\xae\x72\xc4\x5e\x3d\x87\xd1\x97\xf2\xb2\x24\x0c\x7f\x1d\x19\xab\x5d\x2f\xe6\x72\xbb\xec\x3a\x83\x76\x18\x2b\xa7\x65\xbe\x3c\x85\x67\x54\x5e\x65\x92\xbb\xaa\xc7\x95\x33\x2d\xf6\x60\x4a\x27\xb4\x2f\x44\xcd\x0a\xf5\x7d\x29\xeb\xb3\x2c\x83\x36\xc4\x2e\x52\x2b\x48\x9a\xac\x30\x03\xc7\x0f\x35\x6b\x59\xd2\x1c\xbc\x9c\x90\x1b\x5d\x79\x7c\x78\xb0\x24\x81\xd2\x92\x56\x26\x7e\xf7\x76\x06\x18\xf8\xe4\xe0\x98\xa3\xde\x0e\x65\xbb\xa4\x7b\x23\x5d\x0f\xd7\x34\x5c\xa6\xf3\x98\x35\x2e\x8b\x6b\x3f\x5d\x7b\xd1\xb0\x32\xde\x34\x82\x90\xf3\xfb\x76\xb3\xae\x93\x99\x1b\x21\x87\xf4\x63\x61\xd9\x40\x05\x67\x0c\x4b\xd7\x3d\x7e\x2f\xb5\xcb\xce\xb7\xf1\x0d\xf1\x85\xf4\x2e\x65\x42\x28\x35\xe1\xb5\x4e\x44\xa1\x35\x1a\x9f\xf7\xfc\xfb\xe9\xdd\x45\xaf\x44\xb3\xca\x4d\x9e\x32\x5e\x91\xcf\xf2\xc1\xf4\x2b\x73\x01\x9e\x52\xd0\x9b\xe6\xb3\x3d\xb8\x87\xcc\x8a\xfe\x65\x0f\x4d\xa2\x6c\x48\x4e\x87\x2e\x53\x2f\x79\xcf\x96\xaf\x78\x91\x93\x0f\xc5\x19\x2f\x00\x24\x07\xbd\x0d\xa4\x16\x16\xde\xc7\xfd\x21\x54\xd7\x89\x4b\x56\xc9\xc2\xaa\xae\xf6\x72\xf9\x89\x39\x01\xae\x49\x32\x43\xca\x8f\xd5\xd2\xb9\xfa\xd2\x3c\x78\x59\xe6\xa0\x66\xb2\xb5\x45\x52\x63\xcb\x19\x78\xd2\xbe\x5c\xdb\xd4\xe1\x92\xe9\x71\x45\x65\x74\x35\xa5\xb9\xe7\x66\x49\xce\xad\x05\x67\x8c\xc7\x05\xb0\x01\xaa\xe3\x71\x35\x75\xf5\xd9\x97\xb0\xc7\x53\xee\x6b\xcb\x1e\x64\xd3\xb6\xef\x5e\x63\x00\xee\x65\x88\xa8\xc3\x1c\xda\x72\x6c\x44\x6d\x8c\x48\x97\x53\x46\x49\x1f\xe8\xd8\xf6\x91\x32\x6b\x98\xcd\xc5\xf2\xe1\x72\x5a\x70\x5b\x07\x5a\xbb\x47\xfc\x41\x98\x4b\x4f\x07\x66\xdb\x36\x5d\x5c\x64\xbd\x0a\x34\xd0\x5a\x76\x59\xb9\xe3\x42\x43\x73\x01\xd4\x6e\x3d\x0b\x74\x1d\x11\x1a\x50\xf6\x7c\x6a\x55\x89\xf0\x3b\x54\xd5\x0a\xdb\x4c\xd7\x60\x8e\x86\xbd\x46\xaf\x36\x10\x39\x4a\x28\x40\x78\x1e\x1d\x82\xf9\x84\x4f\x29\x69\xfd\x3c\xe4\xf1\x6a\xf3\xbc\x72\xa4\xeb\x81\x12\x22\x51\xb9\x0c\x2e\xd1\x78\xb1\x57\x0c\x41\x37\x36\x96\x97\xc2\x2e\x08\x07\xed\xc8\xc1\xf6\xe4\x99\xc0\x14\x34\x11\x3d\x3c\x22\x6f\x86\xf9\xfb\x68\x76\xae\x30\x6e\xde\x68\xc1\xde\x4a\x3c\x90\x69\xc6\xed\x0c\x56\x0c\xf7\x46\x5b\x01\xa1\x03\x01\x88\x70\x40\x7b\xd3\xe6\x3e\x16\xac\x91\xbb\xda\x8a\xe6\x86\x64\x71\xbd\x86\x50\x25\xcc\xe1\x11\x15\x42\x68\x2e\xd1\xe1\x95\xc6\xa4\x5e\xd7\xd0\xf1\xe5\x64\xde\xba\xd9\x11\x43\x01\xd8\x17\x44\x45\x97\x9b\x0b\x69\xe7\xd8\xc6\x73\x34\x08\x6d\x97\x47\xfb\x69\x5e\xf4\x7d\x12\x4b\x8a\xef\xa2\xee\x32\xe9\x52\x8a\x69\x67\x37\x2f\xcc\x01\x81\x6a\x22\xfa\xf1\x08\xb7\x53\x40\x2c\x1a\x3d\x10\xc8\x44\xc6\xe1\x0a\x1f\xa4\x95\x2c\x04\x3d\x6d\x59\xc0\x65\xa6\x0c\xcd\x5d\xe1\x12\x89\x33\xa1\x99\xd9\x12\xda\x34\x58\x6b\xef\x13\x08\x1a\x18\xc4\x9d\x74\x42\x60\xc1\x09\xb3\x83\x8f\xcd\xd5\x89\x0c\xb5\x2c\xd0\x5b\x68\xc5\x80\x05\x60\xda\xe0\x15\xb4\xc4\x33\x7d\x6a\x4c\x89\x3c\xd8\x66\xbe\x39\xd5\x9d\xba\x1d\x66\x08\x54\x53\x7b\x6d\x31\xa8\xe0\x2e\x58\x5c\x5a\x07\x52\x13\x8f\xd4\xea\x7b\x5a\x90\xfb\x23\xc7\xe4\x95\x10\x23\xe0\x06\xe7\x6c\x0a\x44\xe3\xbe\x89\x57\x65\xd6\x34\xbc\x41\xaf\x33\x15\xfa\xf2\x70\x5b\xd6\xc7\xae\x38\x02\xae\x62\xc3\x19\x59\x53\xdb\xc6\x04\x94\x38\x4e\x76\x3b\x6f\x07\x77\xa6\x93\x56\xcf\x47\x7e\xe8\x7a\xe6\xa7\x31\x8e\x57\xdb\xd2\x52\x08\x78\x68\x55\xec\x09\xdd\xcd\x53\xea\x33\x56\x77\x3c\x89\x9b\xee\x54\xd9\x28\xd2\x9a\x2d\x9f\x5b\x21\x04\xbc\xae\xf1\x69\x2f\x09\xa6\x4b\xe7\x07\xfa\x3c\x13\x08\xea\x7b\xc8\x6e\x5e\xe1\x3c\xe1\xe5\x99\x68\xa9\x15\x19\x15\x24\x99\x52\x0b\x69\x11\xb4\x10\x74\xc9\xbd\x1f\x9d\xad\x14\x9e\x93\x2c\xfd\x4e\x1a\xe7\xcc\xad\x47\x4c\x32\xc9\xa2\x17\x51\x45\xd7\x01\x92\x14\x89\x21\xa6\xcf\xf4\x52\xa1\xbe\x8e\x9a\x64\x21\xca\x50\x96\xee\x48\x22\x72\x14\x41\x38\x95\x76\xd3\x87\x5d\xe9\x78\xc2\xcb\xba\x2b\x92\x57\x29\x8e\x9e\x9a\x95\xb7\x36\xce\xab\x97\x21\x43\x9a\x3d\x73\x92\x38\x57\x06\x84\x28\xf2\x79\xf5\x70\x6b\x5a\xd7\x45\x81\x21\xd0\xbf\xb7\xe4\x9a\xa0\x0a\x1a\x25\x99\x93\x9d\x3c\x2a\x14\xf1\x46\x3a\x36\x91\x5c\xa9\x26\x7b\x9e\xe8\x66\x16\xce\x93\x86\xef\x75\x9a\x9e\xf7\x2e\xce\x93\x81\x52\xcf\x87\x9e\x6e\x41\x17\xe5\xbe\x47\x92\x9b\x85\x1b\x33\xfe\x6c\xbb\x25\x7c\x26\xe9\x3d\xd9\x85\xad\xdc\xd2\x85\x0c\xf9\x1e\x30\xfc\x80\x38\xd7\x07\x6f\xcc\x21\xc0\x0c\x34\xd1\x61\x39\x30\x4c\x58\x8d\x9e\x08\x20\xa1\xa4\x5f\x0c\x0d\xc0\x82\x47\x0e\x9c\x1b\x71\x80\x88\x01\xa8\x60\x95\x17\x92\x4f\xb9\x98\x10\x32\x22\xcb\xe4\x2e\xbb\x85\x97\xb8\x4c\x6e\x7c\xfc\xbc\x15\xac\xfc\xb8\x0c\x66\x0a\xb3\x21\x24\xac\xcf\x70\xe3\x79\xcc\x33\xcb\xa7\xcc\x7b\x8f\x22\x1d\xb4\xed\xc9\x16\xc7\x15\x6c\xee\x37\x7a\xef\x54\x79\xb2\x84\xb4\x97\x3a\xcb\x8b\xaf\x60\xff\x3c\xb9\xe8\x26\x2e\xa1\x75\xef\x13\x83\xd3\x28\xb3\x68\x81\x16\x70\xcf\xe1\x54\x43\xa9\xd6\x59\x31\x91\x6a\x4c\x44\x1e\x51\x6b\x15\x78\x61\x99\x83\x72\x57\x46\x75\x1d\xac\x45\xd0\xa0\x34\x70\x50\x55\x8b\x67\x5c\xe8\xc8\x88\x44\x74\x2a\x04\x86\xbb\xfa\x20\x11\x64\x44\xd2\x2e\xea\xa6\xeb\x30\xbb\xed\x7e\x27\xe5\x15\x2b\xd5\x7a\x5c\x25\x01\xab\xc0\x4a\xa0\xa2\xd4\xce\xd8\xdb\x83\xcb\x11\x19\xbf\x39\xe1\xce\x23\x32\x86\xde\x38\x1c\x39\xe2\x1b\x7e\x3e\xda\xc6\xf6\xb3\xab\xbe\xe2\xd9\x51\xaf\x56\xd1\x12\x29\xa9\x76\x5d\x4a\xf9\x8e\x17\x3d\xc4\x27\x56\x45\xa5\xdd\x90\x12\x88\x87\xb7\xd2\x6c\x98\xed\x7a\x01\x9b\x01\xc1\x35\xd1\x32\x8e\x4a\x5e\x05\x07\xf2\x81\xbe\x47\x6a\x37\xb9\xa2\xeb\xa5\xa7\x1e\x6b\x9c\x79\x43\x80\xe8\x1a\x44\x16\xae\x41\xc4\x52\x64\x58\x5d\x70\xbd\x3d\x1b\xc3\xad\x17\xfc\x61\xb5\xf6\x6a\x1b\xa7\xe3\x45\x17\x78\x21\xe6\x93\x6e\x76\xc4\x86\xf0\x46\x3e\xdc\x4e\xd1\x6c\xde\x6f\xfd\x85\xdb\x82\x9b\x9a\xf6\x0b\x44\xb7\xca\xb1\x3a\x7c\x6e\xe1\x78\x8b\x2a\x57\x5c\x17\x8f\xad\x78\x48\x60\x73\x52\xf4\xec\x25\x92\x77\x83\x62\x1d\x72\x47\xdc\xe4\xab\xe8\xa6\x12\xe5\x94\x0b\x73\xe8\xa3\x35\x66\xab\xb0\xe4\x2f\xe6\x89\x22\x09\x40\x6c\x8f\x3b\x87\x49\x7e\xa1\x22\xe6\x2c\x70\xd8\xac\x1a\xe1\x2a\x56\x11\x95\x33\xf5\x06\xf9\xa4\x50\xeb\xaa\xbb\x67\xa8\x7a\x17\x32\x77\x1a\x1e\xf9\xb5\x7b\x42\x1d\xaa\xc6\xb7\xf5\x68\x36\xd8\xc4\x9a\xca\xf6\x0a\x79\xcc\xb3\xf3\xb8\x37\x0a\x0f\x8d\x7e\x63\x1e\x2b\xe7\x9d\xb6\x37\x46\x8e\x7c\x20\xc4\x4a\x0b\x23\x1e\xee\x5e\xd5\xf8\x96\x47\x22\x63\x00\x7b\x8b\x5f\x1c\x7d\xd0\x78\xc0\x9c\x2a\x47\x3f\x6d\xf5\xd3\x9a\xee\x2d\xd6\x64\x7a\x40\x7b\x14\x1d\x34\x0b\xb2\x4c\xb9\x3d\x15\x0a\x99\x2f\x12\x41\x38\x53\x32\x9e\xa8\x9f\x00\x9b\x3d\xc1\xa3\x99\x05\x66\xb5\x31\xda\x64\x6d\xfb\x3d\x77\x93\x00\x81\x15\xb4\xb3\xab\xbc\x9d\xe0\xfb\x8c\x40\xaf\xec\xc0\x9c\x5e\xa5\xe5\x70\x72\xaa\xf1\x8c\x80\x4a\xa5\x8d\x06\x92\x0f\x30\x18\xa4\x8b\x0f\xc6\xc8\xb4\x90\x64\x24\x2f\x93\xbf\xd1\x30\x9a\x83\x37\xbd\xdc\x21\x4f\xa7\xc9\xad\xd1\x0f\x6a\xb1\x17\xcc\x43\x56\xda\x0a\x50\x38\x59\xd4\xb5\x5c\x10\xe3\xda\x4a\xc9\x3a\x81\x6d\xb1\x20\x98\x85\x66\xc6\x1e\x11\x46\x4e\x78\x24\x0b\x46\x02\x09\x2c\x63\x76\xa5\x67\x54\x01\xc0\x8d\x94\xe4\xc4\x93\x90\xbb\x85\x4b\x7a\xc7\x37\x2d\xc6\x6e\xc8\xb0\x2d\x6d\x97\xc3\xa9\xd0\x8f\xfc\x2c\xb3\x78\x7a\xe9\x50\x22\xa2\x72\x40\x33\x09\x45\xd4\x9f\xf4\xc9\x9f\x19\x10\x15\x64\x01\x73\xfa\x22\xe5\xf6\x66\xeb\x13\x0d\x4f\x1c\x72\x4f\x62\x86\xee\x13\x74\x23\xa4\xe3\xde\x59\x70\x2e\xba\x39\xb0\x80\x34\x40\x9e\xe2\x3d\x44\x03\x51\x0b\xe9\xa0\x1b\xb9\x4c\xe1\xd1\x1d\xc8\x6d\xee\x01\xe8\x5d\xa4\xe4\x79\xe7\x62\xa0\x91\xd9\x11\x2a\x76\xa8\x63\x1c\x51\x0c\xc3\x56\x90\xc0\x9d\x49\x01\xb9\xb1\x67\x10\xf9\x38\xd0\x00\x2c\x64\x8a\x26\xbb\x3b\x8c\x3e\x37\x91\x87\xa4\x2d\xab\x91\xc3\x47\x6d\x02\xa2\xa7\x3b\x2c\x16\x1d\x4f\x63\x6e\xbd\xf9\x08\x38\x45\x45\xa1\x92\x5e\x4a\x4d\x9d\x03\x39\xf9\x4c\x42\x39\xe8\x14\xe0\x30\x3e\x35\xef\x84\xc1\x7b\xa0\x36\x48\x91\x27\xe8\xb6\xaf\xcf\x64\x41\xb0\x16\xb5\x0e\x4c\x4e\x26\x18\x10\x13\x84\xb4\x32\x94\x5b\xf1\x1b\x2a\xc0\xc4\x1d\xad\x37\x50\x25\x63\x30\xef\x45\xa0\x04\xc7\x82\x74\x80\xd9\x0f\x98\x24\xe7\xb1\xf0\xc6\x96\x27\xa5\x45\x3c\x40\xe9\x5c\x98\xe7\xe0\xe0\x80\x10\x56\x54\xd0\xa3\xb8\x59\xb4\x7b\xb7\x6a\x5d\xbb\xe3\x50\x21\xee\xb3\x76\x9d\xd0\x23\xba\x11\x0e\x16\xe7\xc7\xb0\x1b\xc6\xd1\xe1\x3e\x88\x76\x53\x4a\x6c\x1d\x0a\xa2\x35\x00\x6d\x86\x6f\x9c\x21\xc5\x6c\x78\x4d\x01\xe0\xd4\xb5\x03\x85\xaa\xdb\x48\xb4\x9b\x3e\xa7\xf7\x7d\x07\xa8\xb3\x7b\xd0\x54\x9c\x50\x53\x4a\x26\x45\x0e\x60\x24\x39\x15\x3b\x09\x15\xad\x7d\xa7\x4c\x03\x37\x29\x5a\x24\x42\x2a\xef\xa0\x0b\x88\x1a\x6b\x46\x81\xdb\x73\xa3\x31\xe7\x04\x20\x50\x96\x22\xea\x35\xe7\x5d\xc3\xc7\x22\x5a\x0c\x0f\x32\x06\xc5\x80\x04\x47\x0f\xf8\xed\x75\x2e\xa7\x97\x2a\x4a\x9f\x0c\xa3\xd6\x37\x86\xe1\xb0\x3b\x13\xd4\x8d\x81\x86\xaf\x77\x62\x76\x69\x34\xcb\x2c\x72\xb6\x34\x6d\xe9\x6e\xdc\x99\xf5\x35\x29\x32\x25\x73\x69\x2e\xa6\x67\x61\xc8\x7a\x66\x19\xc2\x26\x30\xda\xa1\xa9\x2f\x59\xd2\xe5\x62\xcb\xea\x1d\x1d\x6a\x4b\x4f\xc2\x26\x5e\xea\x20\x6a\x56\x73\xc9\xd3\xfe\x3e\x47\xc8\xc3\x4f\x11\x1d\x3a\xa2\x05\x23\xad\x0d\x42\xad\x87\x3e\xb7\xc9\xd0\x36\x57\x8c\x84\x1b\x9f\xd2\x62\x78\x62\xda\x0a\xb2\x14\x91\x93\x1a\xf2\x0e\xb1\x8f\x92\x65\xef\xd2\x86\xf2\x84\x07\x88\x26\x2d\x48\xbd\x40\xf2\x18\xbf\xe1\x4f\x00\x7d\xd8\x6d\x8a\x9f\x64\x47\xdd\x54\x0a\x2b\xd8\xb4\xc9\x8a\x89\x37\xdf\x64\x62\x24\xae\xc4\x44\x86\xe0\x9f\x2e\x53\x30\x92\x39\xaf\x34\x94\x5f\xad\x46\x16\x31\x6e\x1a\x94\x50\xf8\x76\xc9\xf5\x60\x07\xa0\xe2\x24\x81\x1f\x9d\xdc\x96\x42\x29\xf0\x0e\x44\x1b\x64\x05\xd2\xf8\x3a\xe9\x53\x0b\x87\x8c\x07\x81\x02\xd8\x5d\xde\x40\x4c\x8d\x0b\xdb\xa8\xc3\xef\x3b\x48\xef\xba\x77\xa8\x1e\x72\xe4\x1a\x42\x2c\x8e\x68\x41\x85\x79\x31\x35\x7e\x22\x72\x88\xce\x0d\xd6\xb4\x91\x65\xb2\x1f\xd3\x21\x9c\x20\xa8\x5b\x3d\x17\xf0\xe8\x91\x9a\x2f\x2c\x2c\xe3\x6a\x0d\x88\xe9\x5c\xf5\x84\x0a\xee\x39\x2b\x90\xbf\xa2\x47\xe4\x6e\xc1\xe4\x41\x8e\x60\x79\x82\xff\x64\x2e\x43\x41\x02\x60\x79\x13\x79\x18\xee\xe3\xe4\x91\x52\x19\x8c\x92\x27\xdc\x0c\xb6\x0f\xb1\x49\x45\xe0\xfa\xbb\xac\xa5\xc2\xd6\x0b\xbd\x81\x60\x98\x82\xd9\xd4\xa4\x0d\x08\x74\xce\x98\x93\x9d\x2c\x25\x77\x37\x8e\x99\x83\xed\x79\xe6\x79\x13\xbb\xb3\x73\x05\xed\xa4\xd0\xad\xea\xee\x8f\x95\x1c\x97\x02\x88\x64\x65\x88\x25\xfc\xa9\xb9\x77\xf1\x99\xbe\xe1\x63\xe5\x19\x45\xe9\x01\x27\x3a\xc7\x03\x40\xf0\x91\x3e\x46\x20\x9b\xe1\x91\x1e\x24\x9e\x13\xcd\x37\x54\xe8\xd9\x51\x60\xeb\x50\xf3\xb2\xac\x9b\x1f\x08\x54\x1b\x40\x2c\x59\xb6\x9f\x3c\x5d\x99\x53\xbb\x93\xc0\x03\xa7\x00\xd9\xed\x6c\x16\x24\xd2\x86\xdd\x19\xd3\x58\xb1\x88\x7f\xce\x2a\xf7\x3c\x6e\x9b\x22\x27\xe8\xae\x8d\x74\x60\xcb\x39\x17\x3f\x24\x8a\x7f\xb7\x8b\x6a\xde\x28\x0a\x80\x69\x8b\xc2\x6c\x03\x14\xec\x07\x5e\x4a\xec\x59\xf9\x0e\x35\xaf\x9b\x3f\x25\xf0\x8e\x3d\xc3\x98\xf5\x9e\x13\xf5\xcd\x2e\x2c\x3b\xc6\xc8\x06\x92\x39\x08\xa6\x92\xbb\x41\x7a\x03\x1d\x78\xb8\xfa\xc9\xd2\x66\x81\x05\x69\x3a\xc4\x49\xca\x09\x80\xbd\x80\xf2\x0d\x34\x5c\x4d\x4a\xe5\x68\xad\xd7\x04\x10\x24\x86\xec\x1e\xb6\x72\x2f\xa0\xdc\x02\xc8\x90\xfa\x86\xf0\xc2\x98\xc7\xbc\xa9\x8e\x8b\xeb\xd7\xea\x99\x02\x53\xb9\xa5\x6a\x93\xee\x10\x90\x4e\xca\xb8\xfa\x89\x8c\x41\xd9\x08\xc7\xd0\xf9\xb0\x4b\xe6\x02\xd1\x5b\x42\x53\x44\xf5\xdc\xb3\xd8\xdf\xc8\x9a\x5e\x92\x1a\x2b\xfd\x0b\x46\xf1\xf3\x2c\x52\x1f\x8a\xe5\x52\x67\x40\xd6\x7c\xd3\x97\xce\x2b\xce\xc6\x1b\x97\x6c\xbb\xd6\x95\xbf\x05\x53\xdf\xaa\xf7\xd8\xdb\x18\xd6\x09\xe0\x2c\xa0\xcf\x51\xe4\x27\x2b\xdd\x82\x35\x08\x0a\x60\xdc\x2d\x54\x3b\xe6\xf5\x91\xdc\x98\xed\x6d\xee\x64\x18\x8e\xc1\x74\x0b\xd2\x37\x10\x46\x51\x0a\xbb\x9d\xda\xd9\x78\xc0\x06\xf9\xe5\xa8\xcc\xe3\x16\x90\x85\x9f\xf0\x89\x63\x98\x9c\x12\x5f\xc1\x4d\x17\x1d\xec\x50\x7c\x64\x19\x37\x50\x81\x1a\xd9\xf6\x40\x02\x5b\xb3\x41\x74\x18\xb2\x53\x28\xee\x8d\x3f\xa6\xd2\xb1\x5c\xac\x84\xdc\x6b\x06\x62\x1d\x27\x50\x9d\x0c\x0b\x37\x92\x1c\x89\x66\xa4\x98\x5e\xfa\x98\x26\x7a\x0d\x5c\x99\x32\x78\xe8\x22\xc9\x8b\xda\xd0\x53\xae\x07\x07\xd6\x13\xc6\xe9\x6f\x60\x4d\xb5\x9e\x4a\x58\xd8\x33\x06\x9c\xfb\xb7\x18\x5b\x7c\x67\xc7\xc6\xcd\xd8\x0f\xc0\x91\xf5\x6e\x46\x92\x89\x00\x3a\x43\xe0\xf6\x28\x5d\x10\x7c\x89\xdb\x5e\x49\x4c\xa7\xf4\x20\x54\x13\x30\x2c\xd5\xb3\x29\x83\x4e\x5d\xdd\x88\xcd\x8b\xab\xcc\x6f\x34\x8d\x0f\xb5\x44\xda\x9f\x1f\xb6\xb6\x67\xda\xb0\x21\x5c\x0f\x9a\x67\x6a\xb0\x31\x48\x48\x0f\x3b\x4f\x93\x6b\xd5\xc7\x57\x6c\x56\x38\x02\x20\x93\x16\xf6\xa3\x3a\xd1\x58\x9d\x4d\x82\x11\x44\x51\xa3\xbd\x3e\xa1\x5c\x3f\x57\x29\xa7\x23\xb2\x66\x8b\x9b\xc6\x96\x86\xc6\x5e\x63\xad\x60\x9f\xef\x26\xbf\x3d\x7d\x15\x1e\xb1\x9c\x02\x93\x19\x5c\xc9\x17\x9c\xf9\xd8\xd4\x2a\x8a\x7d\x54\x3e\x52\x82\x8e\x17\xd5\xbe\x4b\x03\x4e\x31\xf8\x83\xb0\x07\x5e\xeb\x08\x0c\xcb\x8b\x20\x7b\x64\xa2\xa3\x2f\x64\x25\xd0\xac\x1e\x72\xa0\xbc\x7f\xf8\xd0\xd3\x87\x2b\x6b\xeb\x8a\xa2\xe8\x41\xf1\x86\xa7\x41\x9c\x83\x7d\xac\x83\xbd\x7d\xa1\x8d\x15\x21\xb3\x75\x95\x04\x0a\x78\x8c\xa5\xd6\xec\x2b\x8d\x7a\x5a\x12\x6c\x5b\xb7\xdd\xc2\x29\xd0\xc1\xcc\xbb\xc9\x8d\x06\x14\x15\x9e\xb1\x79\xcc\x7d\xe7\xf3\xb8\x59\xad\x66\x85\xbe\xe0\xa4\xa0\x91\x06\xc4\x88\x2e\x00\x18\xe1\x38\x6e\xd8\x8f\x21\x5e\x91\x08\xb6\x82\x36\xf2\x47\xa4\xdd\x4c\x6e\x7d\xcc\x46\xa5\x8b\x3e\x41\xcc\x8e\xec\xc2\x9a\xe3\x92\x38\x71\xba\xae\xaa\xc0\xe6\x28\x24\x90\x80\x3f\xd4\x86\x0e\xa6\x81\x29\xdf\x43\xb7\xe6\x5d\x38\x40\xef\x2d\x92\x67\x14\x80\x8f\xbb\xbc\x18\x23\x1c\xaf\xbe\xda\xb4\x33\x04\x74\xfd\x4d\x62\xa6\x56\x3e\x52\x43\x24\x6b\x5c\x6f\x47\x62\x68\xa3\xab\x05\x00\xd3\x65\x6c\x80\x75\x0c\x40\x7a\x98\xb5\x45\xab\x42\x8e\x0c\x8d\x27\xf6\x86\x94\x13\xd5\xb3\x2e\x47\xcd\x1a\x0d\x2d\xda\x8c\x2a\x86\xc7\x19\x1e\x10\x32\x9b\xe8\x93\x30\x38\x05\x4f\xe7\xd1\x23\x08\xe9\x2e\x1d\x8f\xf3\xc9\x00\xe1\xd5\x7a\xe0\xb7\x9a\xdc\x81\x69\x3a\xc9\x2e\x4b\x06\x00\xcc\x85\xa8\x95\xd7\x0b\x76\x13\x8b\xf9\x33\x57\xa9\x14\x8a\x76\xe7\x94\x09\x3e\xdc\xc1\x18\x65\xf0\x3b\x75\xe4\xb2\x30\xc2\xf9\x56\xdf\xfd\x28\xe6\x7d\xe6\x95\x6c\xc8\x81\xc8\x7b\x28\x37\x34\x0f\xc0\xa4\x4b\x6b\x77\x58\x8c\xd1\x51\xb8\x28\x70\x3a\x0f\x74\xc0\x88\xaa\x00\x8a\xef\x41\x60\x82\xb7\x41\xb1\x41\x24\xb8\x9f\x6b\x76\x56\xb7\xce\xc1\x91\x75\xac\xb1\x45\xf5\xda\x33\x6e\xbc\x31\x2e\x7b\x8d\x85\x64\x9f\xc2\x7c\x3f\xa4\x72\x7d\x41\x33\x08\x10\x5d\x77\xf1\x86\xcc\x6f\xe4\xdb\x82\x5d\x71\x69\xa7\x3e\xd0\xd9\x60\x27\x9f\x33\xa1\xdf\xfb\x23\x6d\x64\xf0\x89\x56\x54\x70\x1f\x89\x75\x9a\x88\x75\x3a\x29\x50\xf5\x27\x01\xf7\x7c\xa1\x62\x10\x4c\x34\xb1\x20\x26\x4f\x3a\xf1\xc4\x73\x41\x0a\xb1\x7a\x58\x32\x4e\xfa\x8d\xe5\x0a\x57\x48\xc4\x7b\x9c\xfa\xe4\x51\x30\x47\xcf\x6f\x64\x2a\x6c\x9d\x01\x31\x43\x02\x96\x13\x84\x78\xc5\xb7\xfd\x18\x78\x7f\xf2\x60\xdf\x6d\x90\x07\x74\xdd\x7a\x83\xe5\xaf\x24\x1a\x90\x07\xac\x37\xce\x40\x2c\x14\x80\x73\xbc\x72\xcc\x93\x1a\x07\x67\x79\x05\x01\x0e\x13\xcf\x6f\xb1\xd5\xc7\xdc\xb4\x82\x5b\x00\x82\x41\x71\x2b\xa9\x58\xb0\x7c\x38\x9d\x83\x43\x48\xd7\xc0\x72\xad\xcb\x8d\xf1\x98\x07\xfb\x88\x44\x07\x06\xc0\x9b\x1d\xcd\xa8\xbb\x36\xd0\xa6\xa7\x8e\x1b\x9f\x19\x45\x51\x26\xba\x2a\x3d\x6b\x7c\xcf\x79\x8c\x3d\xdf\xa5\x33\x84\xa0\xb6\xa6\xdd\x11\x27\x58\xc7\x85\x0d\x92\xdf\x9f\x54\xba\x39\x99\x65\xce\x93\xd2\xe4\xab\x7d\xa9\xa4\x90\x53\x18\x49\xe3\x7d\xb8\x23\xa9\xfd\xd6\xfa\x70\x93\x80\x46\x40\x9e\xdc\xa6\x1e\x69\xd9\x89\x8c\x47\x55\xdf\xec\x5e\x49\xa3\xfd\x58\xe5\xfb\x0e\x81\x92\x41\x90\x0e\xe1\xec\xf0\xba\x0e\x90\x17\x78\x95\x99\x5e\xc7\x63\x70\x05\xb6\xe8\x6e\xac\xc5\x49\xe8\x15\x47\x83\x02\xc1\xb1\x23\xd3\xf9\x12\xd3\x95\xa6\xba\xc6\xee\x43\x4e\x9f\x22\xc6\x6d\x8f\x0f\x07\x65\xdd\x53\xa6\x40\x07\x17\x28\x90\x57\x36\x98\xde\xde\xca\x37\x32\x8c\xe1\x43\x65\x0f\x3c\x9c\x84\x7a\x4f\xc6\x8c\xef\x5b\xd6\x2c\xa5\x0b\xae\x3b\x03\x44\x64\xd3\x38\xae\x73\xb6\x2d\x47\x13\xd7\xde\xb8\x75\xe7\xb1\xd4\x56\xc9\x16\x92\xf5\x61\x2a\xc9\x56\x48\xe5\x98\x6b\xa9\x96\x88\xbc\x19\xa2\x74\x0e\xc5\xaa\xc1\x29\x02\xc9\x80\x27\x95\x06\xea\xf0\xa0\xc2\xde\x3b\x10\x4d\x93\xc7\xf0\x7a\x11\x22\xc3\x01\xc0\xfd\x71\xbc\xe5\x33\x5a\xec\x29\x89\xf6\xed\xc7\xb0\xaf\x9a\xb5\x86\x02\xc5\x06\x9f\x3d\xc4\x28\x70\x13\xec\x7a\x42\x15\x78\x30\x6d\x4b\xee\xed\x84\xe8\xa2\x70\xb2\x97\x4f\x76\x78\x09\x4e\xc8\x5d\xa0\xd6\x00\x07\x82\xe6\x76\xe1\x18\x7d\xa1\x17\x9a\xec\x4e\x9e\xc8\x34\x0f\x75\x20\xda\xac\x5c\xa4\x00\x31\x2a\x2a\x8b\xa7\x54\x7c\xe6\x2c\xa9\x75\xe8\xad\xab\x79\x1c\xb8\xfa\xb6\xcc\xbb\x88\xe6\xa4\x88\x66\x17\x97\xfd\xa0\x93\xa5\x73\xf6\xbe\x77\xa9\xac\xa4\x4d\x78\xb9\x63\xb9\xe0\x79\x99\x8b\x2e\xd7\xd4\x37\xdc\xad\xc5\xda\xbd\x3a\x59\xa3\x34\x01\xe7\x3d\x99\x48\x92\xe9\x0a\x56\xd4\x6b\xec\xc0\x9e\x8f\x06\xdb\x70\xd1\x82\x32\x98\x44\x17\x1c\xc4\xae\x6c\xe4\xe7\xad\x12\xa5\x9b\x0d\xd1\x7a\xa8\x5e\x58\x3d\x18\x01\x14\x70\x65\xd5\xf3\x02\x78\x77\xd7\x40\xbe\x3c\xec\x19\xaa\xce\x40\xd8\x6d\xb7\x56\x1c\xb6\xf8\x11\xb7\xd3\xd3\xc5\x98\x76\xfa\xfe\xaa\x43\x17\xf5\x06\x36\xe9\x12\xf8\xdd\xd8\x2e\x46\xa4\xe7\xdd\x14\x51\x48\xa2\x1e\x73\xa3\xe4\x98\xd9\x61\x2d\x05\xb7\x23\x41\x0c\x53\x3c\xae\xb3\x57\xce\xe5\x50\x28\x98\x3d\x32\x27\xd1\x52\x41\x4d\x67\xef\xa1\xc5\x5d\xee\xaf\x98\x07\xd0\x74\x71\xe6\xd2\xbe\xbb\x21\xaf\x7b\xcd\xe0\xce\xbe\x8a\x84\xa4\x9e\xb3\xe7\x7b\x5d\x58\x26\xc7\x85\x17\x1b\x59\xa7\x52\xa5\x1d\x6a\xb8\xe4\x60\x6e\xde\x81\xe0\x41\x8d\x4f\xfe\x29\x17\xb1\xc1\x3c\xdf\x8b\xbe\x0d\x89\xa5\xc1\x74\x0e\x16\x70\xe9\x34\xf6\x40\xe0\xf9\x59\x3b\x8c\x47\x64\x88\x75\x65\x05\x0d\xdb\xeb\xec\xd5\x74\xda\x58\xdc\xa9\x4d\x49\x10\x47\x47\xa2\x79\xbf\x39\x97\xa7\xe0\x2e\x0f\xa2\x3b\x28\x52\x09\xb7\x9e\x41\x0f\xe9\xa3\x04\x70\x97\x66\x76\x2e\xbb\x7e\xef\x89\x5b\x27\x1f\x26\x37\xae\x09\x0d\x62\x0a\x92\xad\x34\x99\xaf\x04\x80\xe5\x37\xd1\xde\xc3\xe5\x4c\x51\x3d\xb4\x00\x36\xce\x9d\x23\xaf\xe6\xb8\x6d\x87\x29\x5e\xb6\x04\x31\xf9\xdd\x94\x9c\x79\xb2\x89\xb9\x39\x4a\x8d\xba\x5f\xa9\xf1\xdd\xfe\xbc\xa4\xa4\x77\x43\x47\x75\x44\x5d\x79\xe5\xd5\x4f\x66\xc1\xab\x25\x09\x60\xaa\x10\xf7\x7a\x8f\x7c\x4f\xb6\x83\x3d\x0d\x84\x5b\xb4\x1d\x14\x3a\xd2\xdd\x06\x36\x74\x30\xbe\xfe\x89\x8f\xe9\x04\x6d\xd0\x05\x88\x79\x03\x3d\x65\x86\xaf\x33\xda\x14\xc4\xe0\x2a\x55\xdf\x6f\x00\xb9\x76\x93\x06\x67\x45\xd0\x9d\x0f\xda\x70\x9e\xc5\xf3\x1e\xcf\x65\x47\x3c\x2e\x85\x44\x7e\xe6\x20\x29\xcf\xe6\xa0\x40\xd5\x89\x7c\xc6\x14\x0f\xda\x23\x6c\x45\x6d\xf4\xf0\xde\xfa\x12\xdb\xb5\x2e\x96\x70\x23\xe8\xe0\xcc\xa7\x97\x17\x1b\x08\xe1\x77\xe2\x72\x33\xaa\xd5\x78\x1a\x15\x65\x54\xad\xdc\x46\xa9\x33\x66\x37\x88\xe8\x20\xa0\x81\xce\x7b\xd5\x75\xbc\xb6\x36\xf4\x36\xa4\x53\x93\xaa\x53\x91\x90\x41\x4c\x06\x36\x19\xe0\xee\x4e\xc1\x0f\xad\x70\xe6\x16\xf6\x47\xd8\x1f\x69\x2f\x1b\x96\x60\xcc\xd4\xe9\x49\x19\xec\x13\x8c\x40\xa0\x7f\xcd\x15\x05\x35\x61\x0f\x10\xf4\x76\x2a\xba\xa6\xdd\xa0\x2f\xd9\x98\x5c\xcf\x39\x11\x50\xfa\xd5\xcf\xcc\xc9\x75\x97\xd4\x3a\x55\xd1\x73\x9d\x89\x76\x50\xdc\xe7\x84\x09\xdb\x67\x9d\xaa\xe4\x83\x03\xf9\xc3\x53\x56\x16\xbd\x8b\x2d\x8d\xce\xc4\x3a\xbd\x3e\xaf\x1a\x58\xa5\x9e\xd0\x44\x6e\x73\x03\x0a\x8f\x72\x76\x0e\x11\xaa\xd0\x26\x82\x18\x91\x8f\xb4\x1d\x8e\x78\x1e\xda\x16\x1f\xe3\x76\x78\x7d\x8e\x78\x7e\xc0\x1a\x92\xa3\x8e\x36\x6d\x59\x32\xa5\xa4\xc8\xe0\xf2\xa3\xb2\x07\x27\x92\x1e\x76\x24\xa7\xea\x92\xce\xe0\x88\xc7\x53\x48\x50\x2a\x27\xd5\xb7\xbb\x54\xbf\x5c\x45\xa9\x27\x25\xe6\xcd\xf8\x9e\x26\xfd\xa8\xdc\xfb\x56\xaf\x43\xe2\x5a\x6b\xd6\x7c\xe3\x5a\x99\xc8\x8d\x2e\x07\xb0\xfc\x8c\xd6\x91\x5c\xc9\x91\xc3\x15\xc5\xb0\x6c\xbe\xd4\x01\xc6\xd8\xda\xf2\xbd\xe7\x7c\xb0\x37\x4f\x88\x7c\xb7\x79\x25\x52\xd6\x4c\x1b\xc0\xd8\x73\x79\x8c\x5b\x7c\x8d\xdb\x27\x74\x35\x51\x71\x2f\x27\xc5\x7e\x6c\x27\x65\xa8\x5e\x2c\x66\x87\x43\x88\x31\xa9\x7a\xf1\x14\x65\x7b\x3d\x7b\xe3\xe2\x8d\x9b\x10\x0e\x6d\xda\xc9\x63\xd8\xc9\x47\xd8\x8a\x0c\x26\x5e\x04\xfc\x88\xa4\x47\x10\x92\xe4\x04\x32\xf0\x23\xba\x5a\x37\xe7\xb2\x0f\x43\x1d\xb6\xf2\xbd\x47\xb4\x2a\x7c\x50\x0f\x37\x3e\x55\x61\x9f\xfd\x38\x6c\x15\x0e\x6c\xeb\xa0\x8d\xda\x68\x1f\x93\x96\x02\xd2\x44\x9d\x7c\x78\xcd\xd0\x55\x52\x57\x62\x53\xf7\x34\x59\x10\xc6\xc0\xb9\xcf\x38\x74\x03\x3c\x0f\x16\xfe\x81\x01\xf4\xae\xb3\x07\xbc\xf8\xd9\x18\x53\xf4\xc5\x7a\x84\xab\xcf\x73\xe0\xa2\x98\x98\x7a\xa6\x28\xc7\x87\xae\x03\xc1\xda\x3d\x3c\xf4\x17\xe5\x3b\x06\x18\x77\x0c\x31\xee\x18\xa0\xbd\x7e\x23\xc8\x13\x39\xfb\x93\xbe\xa9\x2f\xfd\x17\x09\xfb\x0c\xaf\xc6\xc6\x77\xf1\xe4\x12\x72\x9d\x5c\x45\x36\x0d\x22\x0c\x3b\x77\x2a\x10\xf6\xd4\x8f\xce\x40\xdc\xa3\xee\x66\x76\xb7\xe7\x69\x38\x68\x86\x8a\x67\x55\x5c\xb4\xbb\x7b\x4b\x6a\xf2\xe8\xa4\x03\xd1\x70\x06\x24\x19\x20\xff\x98\x9d\x84\xb7\xa4\x0b\x91\xe2\x6d\x63\x0d\xb8\xb9\x96\xc7\xb5\x1f\x55\x0e\xdb\xba\x93\x7b\xce\x2a\x2d\x8e\x34\xc0\xf8\x24\x9a\x93\x15\x16\x5d\x2b\x2c\x7f\xe5\xd4\xeb\xdb\xe7\x91\xbd\xfd\x1d\xb5\x56\xe3\x4f\xf2\x9b\x6c\xed\x7e\x2b\x44\x99\x32\xbb\xfd\x96\x76\x32\x67\x3e\x64\x3b\xb8\xb6\x14\xc4\x52\xe9\x2c\x7a\xe3\x0a\x8f\x45\xc3\x85\x88\xe6\x44\x70\x1e\xec\xc0\x4d\x06\x86\x8e\x20\x86\x02\xd4\xef\x18\xd0\x55\xae\x0a\xb0\x27\xf9\xd9\x1f\xd8\x65\xa7\x9f\xb3\x74\xaf\x79\xb0\xde\x9f\xba\x85\xa2\xf4\x5a\x4c\x44\xba\x8f\x9a\x5c\xa7\x64\x4e\x13\x54\xdf\x35\x42\x95\x2b\x8f\x84\x25\x8c\x08\xa9\xfa\x5c\x64\xfb\x58\x64\x9f\x94\x28\xcd\xc9\x24\x84\x0d\xdf\x47\x06\xef\x44\x64\x11\xae\x2b\x88\xd2\x38\x6a\x4d\x9a\x3c\x61\x80\x51\x3f\x5e\x69\x6f\x97\x9c\x07\xae\xdb\x6e\xa3\x5b\xd8\x0c\xb7\xe6\x0c\xb7\x54\xd0\xd2\x86\x03\x00\x42\x33\x24\x2d\x77\x40\x05\x5a\xdf\x8a\x5d\x51\xea\xbe\xbc\x8b\x8c\x43\x57\xe0\xf9\x51\x13\x2e\x0e\x4d\x2b\x4d\xc1\x33\x94\x51\x01\x9c\xf0\xb2\x81\x60\x25\x0f\x1c\x28\x3a\x1c\x28\x9a\x6b\xf9\xbc\xea\x61\x8e\x20\xfe\x49\x83\xa6\x46\x83\x05\x4a\x33\x4f\x9d\x2f\xa1\x57\x84\xe8\xd5\x6c\xdc\xd0\xd7\xec\xb8\xae\xf6\x63\xd0\x6d\x17\x97\x9d\x07\xae\x3a\x6f\x6d\x73\x63\xf0\xcf\x94\x7f\xa8\xb3\x50\xce\xc2\x01\xc0\x41\xb2\x63\x84\x27\x27\x08\xe8\x40\x19\x53\xe9\xe6\xab\x1f\x2b\x50\x14\x4d\x17\x9b\x35\x0e\xf6\xb3\x5f\x57\xe4\x1c\x05\x85\x6b\xe6\xc2\x8b\x22\x66\xcc\xe4\xbd\xdc\xbe\xe8\xf0\xd6\xea\x22\xa4\xe8\xa2\x6b\x1a\xdd\xdd\xb8\xe0\xcf\x0b\xac\x65\x81\x83\xd0\x45\x82\xa0\x33\x2e\x0c\x40\xd8\x5e\xf9\x8a\x4d\xaf\xc7\x2d\xda\xb4\xd8\x6f\x87\x38\x6e\x07\xc2\x6f\x86\xd7\xdf\xe0\xbd\x26\x22\x64\x9f\x27\x45\x3f\x47\x42\x3f\x67\x12\xa1\x43\x74\xa7\x8c\x9b\x45\x6e\x6d\x70\x0e\x8d\xef\x29\x70\x43\x96\x3c\x60\xde\x9f\xef\xbe\x65\x36\x96\x46\x46\x5d\x10\x2c\x34\x2b\xd2\x98\x23\xec\xf9\x2b\x86\xac\x47\xf4\xea\x4e\xc6\xf8\x31\x48\xd4\x4a\xa0\x8d\x3a\xe4\xd3\x42\xe6\xdb\x40\xe6\xe8\x40\xe4\xe8\x40\x16\x41\x38\x89\x26\xa2\x73\xad\x3b\x76\x35\x06\xdc\xce\xdb\x22\x9d\xd0\x72\x3b\xa1\xc5\x70\xa0\x46\xee\x32\xf4\xc0\x77\x7f\x5a\xc8\x9d\x0a\xaf\x6c\x8d\x6d\xa2\x3c\x6b\xd5\x4a\x17\x29\xdd\x19\xa0\x31\xdc\xa5\x1d\x02\x4a\x1e\x63\x80\xfc\x33\x26\x3d\x21\x6a\xd9\x07\x8c\x6d\xa0\xb8\xbf\xea\x0b\xf5\xf2\x25\xbc\x00\x07\xaa\x79\xd8\x8f\xe1\x76\x97\x28\xf4\x55\xb7\x5f\xb1\x2f\x5a\xae\x27\x5a\xda\x72\x97\x4e\x97\x08\x9c\xad\x73\x93\x85\x0e\xa6\x25\xdb\xb6\x07\xae\x3b\x25\x24\xb2\x68\x86\x66\x9d\x07\x16\x26\xc4\xb2\xe2\xd0\x9b\xee\x44\xa7\xe4\xed\x2e\x1d\xb7\xbb\x7c\xd0\xed\x9e\xf9\x42\x1d\x3a\x63\xa6\x3a\xd0\xa6\x9e\xb7\x53\x3a\x6f\xfb\xcd\x7e\x8c\xb7\x5b\x35\x15\x20\x74\x55\xe5\xcb\xe3\xbc\x9d\x37\x64\x45\xe1\xf1\x95\x7b\xd3\x4e\x4d\xc3\xea\x11\x7d\x44\x58\x2c\x96\xa4\x56\xc2\xfa\x5a\x35\xf1\xab\xfe\x6b\xbd\x09\x30\x1b\x49\x0a\x31\xf3\x51\xbb\x78\xb3\x91\xeb\x30\xe6\x99\x58\x7c\x42\x97\xc9\x18\x5e\x99\xcf\x8b\xa7\x18\x0a\x0c\x40\x2e\x82\x90\x94\x64\xb7\x3b\x72\xfe\xa4\xc2\xfb\x94\x9f\x80\x77\x64\x81\x85\x64\x9d\x85\x6c\x5b\xda\x11\x1b\xd5\xd8\x91\x9a\x90\x71\x24\xc0\x47\xbf\xa8\x9e\x7f\x87\x32\x46\x7c\x5e\x40\x77\x79\x6f\x50\x98\x8b\xaa\xda\x10\x2d\xf7\xcf\xfa\xc0\x02\xee\xad\xc6\x21\xeb\xb3\x13\x29\x2b\xcb\xee\xb3\xbb\xa9\x7b\x4d\x3c\x7d\x48\xb9\x30\x28\xae\xbf\x83\x94\x99\xe2\x37\x43\x26\x5d\x18\x4e\xba\x8b\xcf\x82\xaa\xbb\x6f\x03\x14\x47\x70\x32\xc6\x70\x1c\xa1\x21\xbb\x53\x3a\x9f\x73\x3b\x6f\x36\xe9\x04\xa4\x26\xc3\xbd\x6a\x68\x1d\x3e\x64\x9a\x11\x9f\xe2\xe7\x6c\xcb\xf7\xf5\x3d\x4f\x9e\x94\xc1\x13\xe6\x8d\xb9\xd9\x6e\x27\xc7\x8d\xab\x6c\x3d\x03\x30\xe0\x27\xdd\x81\x73\x3b\x99\xbe\x5c\x18\x49\xcd\x7b\x41\xb1\x63\x53\x2d\xbd\xef\xbb\x01\xb3\x19\xf6\x1b\xc8\x58\x8c\xcb\x75\x69\xcf\x30\xe0\xe7\xdc\x24\xd9\x10\xce\x39\xc8\xfd\x79\x33\x3d\x41\xb6\xa5\x07\xc4\x80\xd2\xf0\x39\xff\x40\x95\xe4\xe4\x46\x98\x31\x57\xdc\x34\xa5\xb2\xfe\xac\xb3\xaa\x7d\xb1\x74\xa9\x63\x38\xd5\x26\x40\x77\xbf\x39\x22\xc4\x14\xcc\xf7\x3d\xd1\xa5\x56\xb5\xa8\x81\xf4\x0a\xa6\x19\x8e\x8b\x2b\xc9\xc2\xda\x92\xc7\xae\xe0\xb7\x39\x80\x77\x5f\xbd\x0d\x64\x9a\x4c\x7f\x17\xce\xf8\xa9\x52\x77\xf4\x9b\xae\xf8\x91\x53\x5e\x2a\xac\x0d\xb2\x64\xa2\xcf\x7d\xd5\x45\xc9\x10\xf7\x29\xb1\x2e\xcf\xf8\xb8\x1e\xc9\x25\x0f\x58\x77\xec\x43\x05\x15\x2c\x0f\xba\x2c\x97\x8c\xe9\xd8\x07\x2a\xcf\x3c\x78\xdc\x52\xf6\xed\x95\x22\xea\x02\xab\xf1\x97\x27\x27\xc9\x7d\x94\x5c\x00\x16\xfc\xdc\x9f\x09\x4c\x10\x1e\xca\x85\xa9\x99\xf4\x42\xa6\xed\xd3\x00\xa5\xef\x39\x18\x23\xf4\xa1\x6f\x19\x96\x53\x9c\xb1\x70\x08\x30\x78\xc9\x88\x7e\xca\xa8\x94\xa7\xf5\x48\x6c\x96\x61\x6b\x34\xca\x6f\xd6\xd0\x33\x87\xc4\x7e\xea\x8e\x98\x55\xfe\x89\xba\x84\x18\x40\x8c\xc4\x10\xf7\x47\x0a\x2e\x0c\xdf\x7e\xe6\x88\x0b\x1b\x46\x17\xf7\xe2\x30\x4c\x05\xb9\x80\x8a\xfa\x25\xfb\x5d\x56\x96\xbf\xea\x09\xc5\xec\x6a\x3f\x54\x81\xe6\x30\xab\xc5\x18\xe5\xbb\xea\x18\xe3\x81\x31\x37\x61\xb5\xcb\x68\xb5\x7b\x26\xfd\x94\x93\x29\x55\x18\x2b\x1c\x96\xe1\x6b\x48\xca\x4e\xf7\xa9\x3e\x4c\xfe\x43\x3f\x17\x2e\xb4\x46\xbd\xe2\x4c\x0e\x53\xcc\x6b\x55\x7d\xf3\x4b\x89\x79\xde\xa3\xbe\xe7\x7a\x56\xd2\x8e\xe0\x48\xdd\x97\x6a\xdf\xf9\x63\x24\x6b\xd0\x8c\x83\xe1\x2f\x4c\x19\xdf\x5d\x54\x76\x39\x9f\x3c\xbd\xf8\xa3\x7f\x67\x64\xb1\x19\x98\x92\xdd\x73\x15\x4d\x1b\x86\xc1\xbf\xf3\xce\xb4\xb6\x25\x6b\x0c\xc7\xe8\x77\x2a\xe3\x2f\x4f\xe6\x47\xb9\xda\x47\x58\xd7\x0c\x53\x5f\x78\x00\x62\xf2\xe8\x5b\xdf\xc0\x98\xf8\xb0\xef\x50\x69\x32\xd8\x50\x47\x6d\x7c\x91\x4b\xe6\xfc\xb4\x05\x27\x1a\x37\xfd\x5a\x72\x8c\x2c\xac\xf6\xea\xdc\x4b\xf6\x87\x77\xf2\x9a\xcb\x15\x25\x4a\x2c\x23\x6a\x87\xc7\x08\xeb\x37\xbf\x67\x4d\x1c\xf4\x88\xc4\x09\x93\xc2\x64\xca\x7b\xdf\xc9\x76\xf4\x1b\x1b\xbd\x5a\xbd\xfb\x33\xef\x66\x4a\x36\x39\xc6\xb9\xec\x37\x88\x89\x18\xf6\x73\xf6\xd1\xac\x48\x15\xe2\x57\xda\xe9\x21\xda\x70\x0c\x45\x72\x1e\x8c\xf8\x19\x77\x30\x03\x19\x3c\x7d\xbb\x30\xba\x9a\xb5\x8f\xa8\x67\x56\x76\xfb\xc1\xb7\x50\x8b\xc7\xf4\x52\x98\x9d\x8b\xac\x7e\xf7\xab\x98\xe8\x16\x3c\x6d\x19\x96\xd5\xd4\xdf\xf8\x9c\xe4\x22\xf6\xa0\x91\xb9\xb1\xf5\x8c\xc9\xdb\x59\x90\x41\xbf\xf6\xb9\xcb\x7d\x22\x57\x7c\x5f\xbd\x13\x62\x42\xb6\xaf\xfa\xf8\x4a\x8a\x21\x59\x98\xfc\x0f\xb9\x86\xb7\xdb\x9a\x4e\x7b\xe6\xc1\xb0\x9c\x25\xbb\x8f\x45\x55\xd0\xdf\xc6\xf5\x98\xb4\xed\x83\x63\xf8\x0b\xac\xf1\x89\xc5\xde\xb8\xed\x7b\xbc\x5c\xa7\x2d\x81\xef\x99\x68\xbb\x46\xc9\x98\x2e\xb4\x4c\x04\xe0\x3c\x64\xf1\x85\x23\xfb\xc4\xb1\x3e\x88\x5c\x7f\xb8\x0e\xc3\xdc\x55\x0c\xbc\xa6\xd3\x38\xb6\x3c\xc6\x83\xdf\xe3\x55\x76\x0b\x90\x62\x2a\x62\x66\x2e\xda\x21\x3f\x88\xbc\x1d\x88\x62\x60\x00\xa6\xfb\xd4\x11\xcb\xc1\x11\x40\xe7\x13\x9d\xa9\xe2\x93\x93\x4e\x5d\x78\x6e\xa2\xd1\xdf\xde\x68\x59\x9f\xb4\xea\x71\x98\xe2\x9a\xce\xe2\xf1\x66\x30\x37\x0b\xa5\x16\x67\x38\x67\x6c\x7d\xab\x73\xdf\x73\xca\x6b\xda\x81\xc8\xe5\x80\xdb\x13\x63\x38\xa6\xb6\x65\x1e\x05\xb1\xc7\xe6\xd7\x66\x13\x33\x45\x9d\xd6\x0d\xd5\x30\xdf\x66\x3b\x35\x46\xe8\x35\xcb\x73\x59\x3c\x0b\xe6\x72\x69\xb6\x3b\x06\x48\x69\x5e\x70\xcc\x2e\x85\x82\xcf\xf0\xf8\xe5\x5b\xcc\x71\xdc\x55\xbc\xef\x4f\x3a\x35\x98\xcc\x8e\xe4\x9e\x0d\x39\xe6\xb2\x63\x79\xb1\xe4\x59\x86\xdb\x5e\xb3\x30\xca\x53\x28\xbe\xdb\x31\x15\x87\x4c\x25\x21\x6a\x5c\xb4\x33\x45\x20\xe6\xc1\x32\x3e\x89\x8c\xe9\x62\x68\x1a\xd1\xb8\x4a\xd3\xb3\x27\xfb\xbd\x6e\x00\x12\x72\xbb\xdf\xc9\x93\x34\x0c\xfe\x49\xe9\x10\xf3\x60\xcc\xe3\xb6\xa9\x5b\x01\xe6\xf9\x21\xdd\x25\xe4\x21\xdc\x2e\xc5\xe7\x4e\x5a\xd2\x32\xaa\xcf\x83\xc6\x83\x71\x58\x67\x0f\x88\x79\xf0\x66\x2d\xad\x1a\x5a\x90\x0c\x18\xb7\x83\x92\x98\x5c\xcb\x6c\x9f\x3b\x8c\x1b\xbf\x11\xe4\x24\xd0\xc0\x93\x7e\x62\x7c\xcd\x60\xec\x2d\x17\x27\x7c\x21\x70\xa8\xd9\x53\x1f\x62\x86\x12\xfe\xf4\x31\x91\x3f\x72\xfe\xd8\x36\x50\x6c\x5b\x47\xeb\x62\xd3\x67\x42\xc5\xb3\x47\x27\x9e\x37\x40\x24\x08\x3a\xb1\xb8\x96\xf3\x51\xc8\xf9\xbe\x23\xbf\xea\x28\x82\xd3\x38\xb9\x75\xfa\x59\xe3\x31\x63\xf3\xbd\x17\xd9\x41\x92\xa0\x93\xd3\xc3\x57\xf3\x58\x99\x18\x72\x01\xfe\x5b\x58\xb5\xda\x3d\x44\x41\x0c\x3b\xdf\xfa\x41\x88\x79\x70\xd2\x71\xeb\xf4\xa2\xe3\x49\xd0\xba\x58\x97\xc4\xe4\x56\x2e\xf9\xc4\xdf\x6b\xaa\x87\x16\x28\x74\xa3\xc0\x88\x0c\xa2\x98\xb1\xb9\x87\xcc\x85\x0f\xc3\x50\x25\x13\xbd\xee\xf3\xeb\xbe\x38\x7d\xe7\x47\x13\x43\xd8\x70\xec\x83\x00\x88\x80\x7b\xf1\xc3\x5c\x2c\xd7\x13\x8c\xe2\x34\xe9\xcd\x86\x34\xa1\x67\x03\xee\xfb\x8e\xe7\xa1\xd4\xe3\xd4\x75\xe7\x14\x21\xb6\xac\x5d\x14\x86\x13\xd4\x89\xce\xb6\x02\xe0\x00\x50\x7d\x52\x7e\x29\xa4\xfc\xf7\xdd\xcd\xf3\x6d\xcf\x6f\x60\x3c\x0b\x19\xcb\x38\x1b\x7c\xe6\xc6\xf7\x9b\x2d\xd5\xd2\x2c\x97\x1c\x43\x19\x30\xd0\x40\xfa\x00\xeb\x83\xa7\x0c\x70\x3e\x3e\x67\x9e\xdb\x60\x60\x83\xf3\x06\x7a\xcd\xc7\x4b\x76\x1f\x33\xe8\x49\x88\x21\x3d\x54\x1d\x99\x24\x64\x76\x9b\xaf\x8c\x59\x37\x6e\xef\x5d\xad\x47\x74\x0d\x1a\xfc\xb0\xe6\x75\x42\x6b\xcd\x1a\x35\x7b\xf4\xcc\xd1\xf3\xaa\xb0\xe5\x2c\x59\x7c\x34\xc7\x0a\x3f\xd7\x85\xde\xaa\x94\x2f\xd3\xfb\xda\x0d\x71\xb4\x69\x64\x17\x93\x26\x31\x58\xfe\x08\x23\x08\x1d\x93\xc7\x63\x50\x7d\xde\x60\x02\x92\xd8\x3f\x63\x92\x51\xb3\x69\x81\xc9\xfb\x40\x61\xd7\xd4\x0c\x46\x2d\x17\x5f\xa3\xa1\x3c\x3b\xe2\xab\x87\x6f\x73\xa3\x76\xb8\xc8\x49\x94\xe7\xa0\xd4\x83\x32\xd0\x86\x86\x2d\xee\xc3\x4e\xd4\x28\xd1\x62\x99\x8b\x37\x41\x6f\xb1\x48\xdc\xe7\xe4\xf5\xb9\xee\x7d\xde\x0d\x47\x1a\xd6\x30\x7b\x11\x85\x7d\x0e\x1f\x32\xe7\xc7\x27\xe2\x1f\x7a\x7d\x06\x42\xdb\xca\xda\x6b\xb6\x3c\x5e\xcd\xe1\xd9\x61\x4b\x34\x46\x6d\xd4\xa6\xed\x24\xc7\x13\x1b\x4f\x78\xa1\x70\xe2\x0e\x65\xd7\x1d\x8b\xb8\x5c\x4d\x03\x05\xf6\x51\x74\x52\x9b\x35\x50\x9b\x49\xf1\x4b\x6e\xfe\xfe\x7d\xd9\x4b\x87\xe0\x46\x5c\x11\xd0\x87\x35\xf3\x8a\x04\x9e\x60\x3d\xa2\x47\xd4\xc6\xef\x0d\xfb\xeb\x33\x26\x97\xfd\xe6\xdc\xd4\x2a\xa6\xe4\x57\xbf\xfc\x9a\x39\x40\x94\x66\x40\x94\x06\x33\x88\x36\x62\xfd\x1e\x1e\xcf\xe7\xc1\x85\xb8\x6e\x3f\xa6\xdb\x79\x6b\x64\xdb\x5d\x34\xdb\x1d\x14\xfb\x41\x19\xda\x59\x48\xd0\x68\x6b\x7c\x08\x18\x0b\x03\x42\x5a\x51\xa0\x74\x11\xc0\x34\xea\x10\xa8\x49\x94\x44\xdb\x28\x43\x30\xe2\xc3\xb2\x06\xaa\x46\x08\xf1\xac\xae\x9a\x8c\xfe\xb0\xdf\x64\xec\x48\x85\xa8\x71\xdd\xe0\x2c\x2f\x38\x8c\x54\xeb\x10\xd1\xce\x74\xd3\x8e\x74\x52\x8e\x79\x52\x1c\xa9\x36\x9a\xe3\x62\x6e\xa4\x32\x8c\x71\xbb\x4e\x2b\xb1\x92\x2b\xf9\x1a\x2e\x72\xb4\x21\xfd\x2b\xba\xab\x3d\x2d\x3c\x22\x3f\x6a\x23\x24\x6b\x22\xc4\x6b\xa2\x36\xe9\xe9\x60\x12\xc8\x23\xe5\x4b\x4c\xcf\x3a\x0f\xce\xd0\x0c\x5d\xc8\x1c\x42\xda\x13\xc2\x80\xe9\x04\xaa\x75\x0b\x50\x94\xa1\x89\x27\x8a\xe9\xfa\x67\xef\xc7\xc8\x97\xce\xa6\x0e\x80\x82\xb5\xbb\x2b\x68\x6c\xd0\x67\x42\x9f\x4e\xca\xc9\x95\xb3\x5a\x63\xbd\x72\xd9\x6f\x76\xa5\xa0\x4e\x34\x69\xd9\x26\xd6\xc3\x90\xf8\x30\x9d\x2b\x0d\xe1\xb7\xba\x4a\x15\x73\xeb\x1e\x6d\x3f\x2b\xdc\xb3\x57\xb8\xd7\xbc\xbf\x3b\xc6\x7e\x07\x0c\x38\xdf\x36\x02\x80\x97\xd8\x6f\x96\xd8\x47\x17\x12\x78\x4a\xb4\xe1\xad\x64\xb4\x05\x9a\x46\xa3\x12\x52\xde\x80\xcb\xa7\x5e\xf8\x27\x2b\xf6\xd8\xb4\x78\x23\xbe\xbb\x5e\x33\xc4\xae\xc0\xba\xde\xd1\x71\x7a\x75\xa5\x48\x94\x46\xb3\x22\x21\xaa\x39\xbe\xee\x8f\xc2\x50\xd2\x22\xa8\xcf\x3c\xb1\xa1\x41\xb5\xa1\x41\x71\x71\xdd\x61\xc6\x65\x5f\x97\x33\x45\xb4\x88\x02\x0b\x92\xa0\x7b\x48\xb7\x99\xbb\x77\x95\x0e\x49\x34\x4a\xf2\x33\x97\x3e\x19\x6b\xd5\x15\xdc\x1f\x81\xd4\x13\xa2\xd8\x6b\x66\x22\xf1\x76\x2b\x9c\x8b\x5a\xcc\x13\x34\xbf\xf7\xa4\x4e\x3d\x21\x0d\xa7\x88\xa2\xc3\x71\x64\xe6\xce\xfd\xe1\x3e\x5b\x17\xf2\x70\xdf\x6f\x06\xdb\x1f\x14\x7b\x64\x8b\x9a\x82\xdb\x18\xa9\x66\xbd\x2b\x80\xe2\x92\x89\xd1\xc1\xfb\x1b\x42\x2e\xed\xb0\xac\xe8\xad\x8e\x59\x9e\x60\x3e\x67\xcf\x4b\x4d\x05\x2b\x78\xaa\xe4\x19\x42\x6c\x55\x62\x49\x89\xab\x2d\x29\x3f\x66\x5f\x15\x0e\xe4\x56\xf7\xbd\x32\x57\xcd\xbe\xd2\x88\x76\x77\x21\x78\x49\xbc\x85\xb4\x90\xd9\x81\x8f\xf6\x63\x9f\x1d\xcf\x5d\xb5\x9b\xee\x15\xf0\x47\x48\x9f\xc7\x39\xb9\x5a\xc8\x32\xc6\x0f\x3a\x25\x13\x3d\x9a\x6e\x82\xb7\x06\xc1\xe4\x2d\x24\x46\x85\xda\x74\x01\x4b\x30\xbd\x8b\x8c\xf9\xee\x74\xb8\xe2\x05\xc1\x88\x4c\xe3\x13\x08\x3b\x72\xf0\xc6\x32\x38\x71\x02\x0e\xb7\xfb\x13\xd5\xa0\x62\xc7\x11\x94\x40\xa8\x7b\x1f\x8b\x1e\xec\x04\x9e\x46\xa6\xe7\x8d\x67\x66\x38\xba\x78\xa2\x45\xd0\xe9\xec\x3c\x7b\xe3\x39\x11\x8c\x04\x8a\x10\x7a\x56\xcf\xbe\x75\x86\xb3\x27\xd7\xa7\xd2\x93\x12\x94\xc0\x0d\x0d\xa2\x4e\xef\x2b\x1b\x0f\xa2\x44\x27\x7f\xab\x73\x65\xae\xc2\x1a\x4d\xcc\xd3\x88\xc9\xb5\x20\xc3\xfa\x82\xd6\x6f\xdf\x35\xc0\xc5\xb5\xa5\xa0\x4a\x73\xd3\xf3\x76\x1a\x9e\x96\xb8\x9d\x33\x10\x87\x3f\x22\x33\x22\x73\xf6\x63\x38\xa8\xbc\xf1\x1a\xdf\x6b\x07\x6b\xbc\xc9\xa3\xf9\x72\xa6\x99\xcc\xb6\xf3\x02\x84\xf1\xd5\xe4\xdb\xac\xb8\x6d\xad\x13\xcf\xa3\x47\xca\x75\x99\x6e\x9f\xb5\xb5\xf4\xc5\x80\xbc\xa3\xa2\x83\x3f\xdd\x8d\x22\x24\xee\x66\x8c\x5e\x14\xa8\xcd\x81\xa8\xb5\x54\x4a\x48\xda\xda\xb2\xde\x50\x26\xa5\x5b\x12\x40\xe9\x7c\x89\xec\x99\xa4\xe5\xc9\x83\xd4\xd7\xc9\x9b\xa8\xcd\x38\xcb\x8d\x08\x64\x85\x64\xc2\xe9\x92\x1a\xe8\xf5\x18\xa7\xe9\x4a\x06\xa1\x1a\x8c\x83\x32\x24\xd3\x9d\x5e\x56\x5f\x6d\xba\x1b\x54\x06\xdc\xf7\xfe\x5a\xac\x0e\x4d\x40\x69\x80\x4c\x54\xb4\xb6\xf2\x09\x06\xe8\x78\x52\xbc\xc8\x9d\xe8\xa0\xa7\xdd\x3d\xf4\x85\x35\x81\xf3\x19\xc8\x74\x10\xd4\xfb\xf4\x76\xef\x09\x0d\x92\x8e\xaa\x89\xda\x68\x0e\x54\x0a\x50\x0f\x20\xf0\x9a\x27\x72\x73\x84\x1d\xb8\xdd\xad\x76\x19\xe2\x3b\x94\xda\xab\x4b\xc0\x7e\x87\x82\x45\x91\xfa\x2a\x7e\x37\x1a\x46\xfc\xa8\x65\x0c\x03\x65\x81\xdf\x75\xcd\xb2\xef\x73\x0d\x3e\xb9\x09\x02\x1e\xa3\x47\xe0\xe1\x8c\x0e\x9e\xa2\x53\x11\x78\xd6\xb6\xac\x05\x41\x77\x6e\xcf\xb3\xbe\xaa\xbb\x2b\xa1\xe5\x23\x8a\xe3\x75\xbc\xd2\x4e\xea\x0a\x56\x60\xd7\x25\x95\x2c\x70\xa9\x8b\xce\x40\xe1\xed\x91\x61\x62\xbe\x38\xe7\x79\xb8\x17\x1c\xd1\x36\x5d\xb8\x5c\xd2\x6f\xb5\xd9\xf4\x37\x5d\x68\xda\xbc\xc8\x61\xc2\xde\x35\xe4\xe6\x7b\x42\x9e\x2d\xba\x76\x45\xb4\x3a\x1c\xea\x59\x41\x39\x12\x4d\x73\xbd\x3b\xab\x83\x16\x90\x0e\x82\x1e\x28\xd3\x0c\x50\xa6\x39\x57\xde\x9a\x7d\x35\x7e\x4a\x78\xa6\xb9\xd3\x9c\x30\x98\xce\xaf\x86\x0f\xa0\x4b\xe2\xaa\x3e\x21\xb2\xa1\x71\x87\x30\x8c\x6a\xe5\x23\x3d\x7d\xb3\x6a\x3e\x67\x0d\x51\x84\xe9\x22\x00\xf1\x29\x07\x2f\x67\x64\x9d\x6e\x65\xa0\xa4\xdc\xb8\x48\x74\x65\xef\x1a\xdc\xbc\x72\xfb\x96\x2c\x06\xcc\x92\x78\x7d\x2c\xdc\xc5\x8a\x27\x3f\xf2\xa2\xdc\x83\x09\x3a\xbe\x56\x58\xe1\xdc\xe3\xcd\x85\x35\x9b\x8a\x00\x30\x9f\x13\x61\xbf\xa5\xf3\xd9\xba\x47\x01\xa6\x47\xd7\x8f\xfa\xbd\xb5\xdb\x8b\x6a\x7c\xd4\x70\x89\x2b\x27\x21\x99\x26\x94\xa4\x5b\xaa\x93\x6d\x53\x98\x6a\xac\x7c\xa2\xe2\xe9\x38\xe1\x1c\xa8\xbe\xa9\x92\xf6\x09\xd1\x5b\x0c\x6c\xab\xa1\x95\xa9\xc0\xfa\x95\xc0\x70\xe5\x74\x24\x24\x08\x37\x53\x8d\xe9\xc2\xb0\x4f\xd9\xbe\xd2\xe4\x26\xde\x2b\x88\x28\x34\xe7\x4e\x99\x55\x18\xb4\xc3\x48\x8c\x69\x51\xe0\x8e\x61\xb0\xdc\xf1\xe9\x3f\x9c\x12\xb7\x51\x87\xd3\x3e\x08\xe4\x28\xfb\xb4\x6f\x7c\x6c\x3f\x56\x25\xa1\xdb\x43\xb7\xfb\xb1\x6e\xdb\x58\x0b\x41\x91\x02\x88\x1d\xc3\x52\x5d\x44\x63\xd2\x08\x2c\x3e\x95\xaf\xd6\x25\x5a\xb6\xad\xeb\xaa\x67\x39\xc4\x37\xab\x78\xf5\x88\xdb\x06\x0a\xad\x07\xe7\x68\xa9\x06\x9a\x72\x0c\x04\x71\xbb\x88\x80\x6a\x1a\x7d\xd8\x7c\xeb\x9b\x4b\x51\x01\x03\x80\xca\xbb\x0e\x81\x87\xc4\xf2\x97\xf9\xd5\x6e\x69\xcb\xb6\xf9\x01\x00\x8a\xdd\xed\xe1\x02\xb7\xbb\x44\xae\x88\x21\xb4\x16\x92\x76\x93\xc5\xfa\xb9\xd7\x0d\xcd\x8c\x24\xf7\x4b\x78\x9f\x0a\x5e\xee\x72\x18\xf2\x8a\x20\x2f\x8a\x59\x30\x78\x6d\x7c\xf9\xfc\x19\x2d\x6b\xd4\x63\x66\x39\x7f\xcb\x41\x3c\x87\x14\x06\x82\x76\xb9\x21\x5a\xf9\x32\x0e\x6a\xcd\x06\x45\x5a\x34\xcb\xc5\x62\x4c\x07\xbf\x68\xf9\x04\x16\x59\x48\xa5\x86\xc8\x9f\x3d\xe5\x56\x90\x79\x94\xd7\x12\x24\x11\x1f\xa1\x16\xe5\x58\x1b\x21\xc1\x60\xed\x4e\x02\xd0\xbc\x6e\xaf\x3e\xbe\x6e\x92\x10\x9e\xb6\x35\x50\xf7\x5e\xb2\xf4\x8b\x7b\xb9\x7d\xfa\xe8\x81\xb7\x67\x16\x03\x14\x30\x0c\xa6\xfc\x6a\xaa\x6a\x24\xd1\x0e\x38\x9b\x87\x7b\x44\x45\x3a\xb0\x4d\x44\x10\x74\x38\x1c\x89\xb6\xeb\x95\x65\xad\x9f\xdb\xd4\xb5\x70\xe2\xd8\xa1\x33\x15\x8c\x68\x47\x92\xbe\x75\x46\xff\x8a\xe7\x2a\x9d\x9a\x45\x98\x96\x10\xa3\x01\xa9\x9e\xcf\xc7\xb3\xe1\x6c\xee\xf2\x2d\xb5\x4b\x83\x0a\x80\x20\x9d\x83\x40\x8c\xaa\xb8\xa5\x74\x83\xe6\xb8\x8d\xb8\x6d\xe8\x10\x9b\x8f\x1b\x3f\x03\x72\xe0\x10\xd9\x81\xc7\x68\xb1\xb4\x89\x0e\x99\xcd\x63\x6c\xfc\x89\xe6\xb3\x7c\xf3\xc9\xe5\x3a\x79\x89\xc3\x27\xe0\x48\xea\x03\x41\xc5\x5e\x20\xd7\x61\xbb\x73\x8f\x41\xbf\x4f\x04\x87\x83\xa4\xb2\x13\x6b\xa9\x71\x04\x11\x5d\xbf\xcd\xc2\x97\x9b\x03\xd1\x60\xba\x81\x00\x0e\xde\x85\x7e\xc6\x64\x1b\x8e\x7d\x51\x4c\xa6\xa4\xe8\x33\x7e\x68\xad\x1d\x7b\xd5\x90\x8d\xcc\x4e\xc1\x3c\x57\xef\x52\x3d\xa2\x3c\xa7\x68\x04\x54\x4f\xaa\xad\x05\xe3\xfa\x44\x10\x6c\xde\x36\x5a\xf5\xe1\x1a\xd7\x6d\xe7\x81\x23\x21\x4d\x53\x95\x46\xe9\xbd\x6a\x9a\xce\xc7\x5e\x80\xe5\x05\x11\x24\xb1\xec\xba\x4d\x96\x7b\x55\x20\xbf\x84\xfc\x33\xda\xfc\x09\x9f\x95\xe2\x56\xcf\x24\x01\x6c\x6d\x5e\x14\xb4\x30\x2e\x99\xa4\xb4\xb1\xdf\x0d\x27\xfc\x44\x49\x24\x1d\x6d\xe9\xb4\x23\x15\x11\xcf\x0a\xa3\x35\xf8\x8e\x0d\x36\x34\x76\x6a\xf3\xf2\x9d\x96\x1d\x2f\xdc\x67\xac\x31\x26\x5f\x41\xc0\xbc\x81\x8c\xe9\x5e\x95\x3a\x24\x74\x74\x23\x99\xc2\xea\x06\x22\x3d\x54\x69\xdd\x11\xe0\xc5\x6b\xb0\xcb\xc3\x05\x81\x4d\x1f\x94\xb1\xc7\xab\x0d\x94\x85\x91\x0e\x6c\xee\xe1\x42\xda\x3d\xa6\xa9\x65\x98\x9c\x31\xed\x2d\x68\x59\x5e\x7d\x39\x56\xba\x6a\xcb\xe6\x17\x66\xfb\x46\x87\x3f\x5e\xee\x5d\x80\x1b\x69\x40\xb5\x2d\x5f\xa4\x5d\x49\x3b\x99\x3f\x01\xc8\xb0\xc3\xb6\xea\x1a\xeb\xc1\x59\x72\x42\x9e\xb8\xf7\x40\x97\xab\xd7\x57\x25\xbe\xac\xa8\x5a\x21\xa7\x3f\x11\xbd\x72\x00\xe0\x46\x74\x1d\xda\x20\x69\x27\x2b\xd5\x55\xaa\xa5\x5a\x01\x28\xb5\x05\xeb\x1e\xd1\x22\x0f\x33\xe9\xdb\x37\x7f\x67\x94\x99\xde\x16\x03\x04\x9b\xe9\x69\xe1\xb6\x00\x57\x66\x81\xd3\x34\x4d\xdc\x61\x60\x8d\x84\xfd\x92\x1a\x9d\xec\x76\x1a\x35\x72\x97\x21\x9e\xfc\x24\x09\x82\xdc\x6b\x86\xc4\xe4\x2a\x21\x9c\xb2\x04\xcc\x8b\x31\xea\x63\xa1\xba\x84\x93\x7c\xde\xee\x18\xad\xa4\x39\x76\xb0\x07\xcb\xa3\xda\x03\xa2\x00\xdb\x7a\xef\x7b\x19\x66\x20\xc0\xde\x0f\x5e\x4e\x6d\x29\xd5\x83\x88\x54\x81\xa6\x0f\xfa\x1e\x67\x7b\x5d\xdf\x3a\xfd\x9c\x2b\xa9\x20\xb9\xca\x8a\x11\x1a\x6c\xf8\xe8\xea\x5c\xa4\x27\x05\x7a\x42\x15\x9a\xdc\x7c\x09\x1d\x26\x14\x9a\xd8\xa5\xc1\x04\xbe\x87\x80\xa1\xc0\xe4\x6d\xbf\xd9\x17\x04\x80\xd6\xe3\x46\x77\x41\xc5\xa7\x00\x53\x4a\xef\x52\x71\x0f\x08\x0e\x3c\x01\x1e\xe2\x17\xad\x33\x1f\xbc\x8c\xde\x81\x2b\x3e\x37\x96\xa7\xe5\xde\x96\x94\xf4\xb6\xc0\xfa\x4c\x0a\xf4\x74\xed\x47\xe5\x2e\x8a\xe8\x0c\x29\xa7\xee\x78\x65\x25\x4c\x74\x0a\x82\x3a\x8f\x60\x65\x70\x5a\xf6\xbd\x45\x8c\x8b\x23\x5a\x48\xe6\x30\x23\x77\x05\x40\xe2\x5d\x1e\x5e\xb8\x4b\x84\x4e\x76\x0d\x39\x3d\x6b\x6f\x52\xc1\x0a\x18\x96\x6d\x1d\x2e\xd1\xc5\xd3\x2a\x33\x15\x79\xfe\x84\x42\xb1\xc2\x75\x05\x3d\x85\x88\x97\x69\x62\x13\xc4\xc7\x2e\x39\x71\xe8\x33\x1a\x3b\x69\x45\x51\xe4\x2e\x2c\xe4\x43\x57\x36\x8f\xda\xa6\x41\x7d\x78\xf5\xf2\xe7\x1b\x1d\xe3\xa3\xe7\xbc\x30\x51\x30\x82\xe8\xe0\x65\x79\xe6\x8c\x59\xdd\xe4\x47\x9e\x69\x9a\x06\xef\xa0\xe8\xdc\xea\x79\x39\xd2\xee\x92\x82\x80\x5b\x5d\x2a\x49\xf0\x4f\x01\xa6\x36\xa3\x73\xee\x27\x15\x27\x67\xe2\x70\xed\x75\x80\xf3\x61\xf1\x01\x3a\x5e\x5b\x7b\xc7\x06\x2f\x54\xe5\x18\xcd\x56\xbc\xb6\x2a\xfe\x86\x22\x04\xf4\x2e\x0f\x57\xd6\x8a\xb1\x89\xeb\x36\x10\x9e\x4f\xdd\x39\x24\xd1\x08\x64\x9c\xae\x26\xb1\xcb\xb9\xd5\x6d\x64\x2f\xef\xd8\x7e\x15\x2b\x88\x18\x8e\xf0\x0c\xae\x86\x01\x0e\xf2\x83\x6a\x2e\xca\xd3\xee\xdc\xb1\x59\x37\x00\xf5\x23\x77\x0d\x14\x81\x94\xdb\x44\x83\x4f\x2b\x8b\x5b\xf6\x72\x51\xc0\xcf\x18\xe2\xaa\x3e\x17\x79\x12\x3f\x6d\xe3\x72\x24\xcb\x81\x6d\x9d\xda\x70\x63\x78\x77\x15\xbb\x1d\xee\xe4\x01\x49\x46\x85\x39\x3b\x93\x45\xd1\x6d\x18\x2a\xd1\x00\x05\x29\x13\x4d\x68\x32\x4b\xe9\x35\xb3\x2c\xcd\xb2\x8d\x71\xd9\x7b\xe4\x61\x8b\x3e\x40\x11\x01\x83\xbd\x68\xc8\xc5\x67\xfc\xa4\x9b\x40\x6e\x0a\x01\xd0\xaf\x59\xb2\xb1\xe1\x3b\x9a\xf5\xaf\xfa\xba\x46\x4e\xcf\xd9\x48\xd4\xe2\xfd\xcd\x30\x14\xde\x8b\xdb\xbb\xb0\x38\x52\x7c\x8f\x40\x6a\xe7\xf4\xd7\x24\x08\x49\x3d\xd7\x7b\x92\x94\x1e\x67\xf9\x1a\xc1\x19\xdb\xb5\x58\x4f\x19\x97\x8c\xc6\xad\x40\xdd\x19\xc4\x91\x5a\xf9\xc8\x50\x72\x99\xb4\x8c\x63\xfa\x47\xf8\x31\x93\xea\x16\x42\x2d\xd6\xb0\xbb\xb4\xef\x27\x02\x85\x84\x50\xa2\x9d\x4c\x50\xda\xe5\xa6\x82\x05\x90\x03\xb4\x37\xc2\x3e\x84\xad\x7d\xc4\x4b\xd1\x4b\xae\xa7\xd9\x3d\xa9\xc9\x2c\xb1\x78\x0a\x88\x57\x5e\xe7\x40\xf5\x6c\x38\xf4\x7e\x6a\x2d\x61\x23\xf0\xe2\x30\x39\x47\x09\xeb\x4d\x78\xaf\x17\x0c\xce\x9b\xbb\x9e\x74\xe0\xf3\x22\x34\x31\x5c\x3f\x43\x03\x5b\xfc\x33\x3c\x05\x4c\x98\xd0\xe9\xa8\x11\x84\xa0\x2b\x07\x4f\xe5\x10\xbe\x6e\x05\x0a\x00\xb8\xe2\x3c\x90\x46\x28\x35\x79\x5c\x8a\xa2\xc8\x10\x5a\xa9\x67\xe9\x04\x6e\x71\xa2\x9f\x50\xce\xd3\x3a\x2b\x7d\xd6\x23\xce\x84\x53\x22\x5b\x91\xa8\x8d\x2a\x73\x96\xb8\x1b\x0d\x46\xf8\xe2\xc3\xee\x98\x55\x94\xb8\x8c\x9e\xda\x8c\x7b\xb2\x62\x21\x10\x48\x08\x49\x4e\xcf\xbb\x76\xe6\xa2\x51\x9a\xd0\xe6\x91\x20\x25\x19\x49\x88\x28\xae\xc1\x2f\x40\x26\x3a\x10\xa4\x5f\xee\x27\xe3\x73\xfc\x77\x3f\x06\xa6\x18\x0a\xae\xfb\x98\x08\xdc\xb3\xd4\xee\x09\xf2\xcc\x51\x94\x40\x4d\x0a\xe3\x2f\x61\xa2\x1d\xcf\x6d\x3c\xa0\x8a\xc7\x53\x24\x4c\x60\x18\xce\xdd\x86\xd6\x45\x89\x65\x9c\x0b\x68\x3c\xcd\x27\x38\xd2\xf9\x45\x81\x3b\x1e\x42\x7d\xed\x1e\x22\xc6\x8d\x0d\x25\xf9\xdb\x8e\xd3\xe4\x62\x5b\xe6\x3a\xb2\xe2\x73\xda\xd8\x0e\xab\x22\x23\xd1\x72\xdd\x5d\xa0\x04\x76\xf0\xe4\x65\xcb\x37\xfd\x2e\xed\x90\xbf\x09\xbb\x32\x4f\xea\x34\x81\xab\xbe\xf5\xa6\x26\x28\xf6\x03\x00\x68\x1c\xc1\x04\xee\xd5\x13\x3a\x0b\x4a\x22\x97\xfa\x72\xf9\xbe\x9b\xbd\xdd\x1b\x00\x5b\x1d\x89\x50\x6a\x8e\xf5\x0f\x9a\xa2\xc8\xcb\x7e\x31\x5b\x69\xa8\xfa\x25\xeb\x45\x72\xda\x82\x58\x3a\x1e\x82\x05\xf8\x8f\x41\xa6\x76\x00\x41\xa1\x30\x2d\x5d\xd8\x0a\xd7\xab\x48\xf3\x66\xef\xa7\xba\xc0\xd9\xd0\x32\x29\xbb\xce\xf6\x97\xcb\xa7\xce\x4b\x0a\x6e\x73\xa0\x30\x43\xd3\x55\x7d\x75\x69\xb3\x40\xdc\x99\x3a\xac\x81\x9b\x73\xd9\xb5\x1d\x3d\x4f\x78\xd4\xcc\x42\x01\xf1\x56\xe2\x6e\x37\x9e\xa6\x41\xd1\x75\x65\x96\x48\x06\x38\x06\x0a\x4d\x81\x95\x67\x29\x20\x24\x8a\x87\x8f\x3a\x6c\x98\x94\xfb\x36\xce\xf1\x12\x96\xf2\x6c\xb6\x5b\x94\x7a\xcd\x80\x60\x25\xaf\x7c\xbe\x46\x95\xcf\x79\x2d\xbe\x9c\x10\x06\xa1\x50\x5f\xa0\x2b\xba\x25\x5e\xa7\xa5\xa2\x08\x49\x76\x3d\x7a\xc4\x4a\x2c\x19\xe5\x27\xa7\xdb\x7b\x37\x5e\x3a\xde\x16\xa2\xfd\xaf\xf0\x62\x68\x7a\x97\xec\x0b\xba\x5c\x63\xef\x7a\xc7\xfa\x03\xed\x0c\x54\x9b\xfc\x58\xc4\xae\x3c\x92\x0f\x5e\x53\x18\xdd\x49\xdc\x8c\x86\x80\x93\x95\x88\xfb\x59\x66\x00\x96\xbf\xf2\xcf\x80\x07\x8b\x22\xeb\x35\x76\x6c\xb8\xee\xde\x41\xd7\x6b\x07\x51\xcd\x45\x62\xee\xcf\x6f\xfb\x11\x46\xa5\xc9\x1c\xa0\x81\x3b\x95\xdf\x61\xbd\x4a\x48\xf2\x74\x62\xde\x3c\x38\x48\xdc\xa6\xfb\xb2\xe2\xc0\x75\x0a\x7d\xa1\x22\xfc\x66\x20\x10\x00\xeb\xee\xd8\x65\x8b\x6c\xb7\x61\x67\x54\xd9\xa2\xe9\xe6\xc4\x09\x59\x70\x56\x4f\x3d\xb9\xb2\xe4\x3f\xe6\x69\x9e\xd9\xc8\x81\xcc\x87\x31\x6e\x71\x37\x2e\x72\x5f\xc1\x43\x5f\x60\xd3\x9d\x53\xa4\xfa\x76\xd7\x76\x02\xde\xa1\x0a\xed\x9d\x67\xaa\x41\x74\x86\xd0\x5e\x2a\xcc\x3b\xae\xda\xe3\x7c\x97\x36\x15\xce\x07\xc8\x05\x52\xe3\xea\x9f\x48\x54\x0a\x2c\xdf\x2f\xea\x7b\xfd\x64\x00\xcd\x67\x4b\x80\xea\xb5\xc0\xb2\xdd\x55\xd5\xb4\x67\xb0\xcc\x99\xa5\x0f\xe4\xdb\x4e\x10\x1d\xc8\x7c\x5b\xd0\xec\x99\x8a\x6c\x1d\xce\x72\x3d\x67\x75\x3b\x0c\xcf\x75\x40\x8d\xab\x12\xb4\xb4\x3e\x42\x48\xa0\x00\x46\xcd\x73\xe1\xdb\xce\xea\xba\x73\xc5\x45\x26\xac\x6e\x88\xf3\x6e\x40\xb2\x29\x91\x23\x66\x52\xba\xca\xf4\x05\xc1\x5e\x03\x51\xac\x71\xa5\x35\xc1\x20\x49\xb6\x6b\xe3\x14\xe2\x4e\xb9\x02\x11\xef\x80\x36\x24\x08\xb8\xc5\x3a\xd8\x93\x00\x95\x88\x6c\x99\x5e\xf7\x15\xf6\x95\xa7\xe3\x8d\x9b\x43\x44\xfb\xae\x2f\xd0\xda\x40\xf1\x1d\xca\x1b\x08\xcb\xc5\xea\x16\xc7\x61\xcb\x56\x6f\x7b\x32\xd9\x7e\x8d\x1d\x10\x6c\x38\x10\xad\x9e\x14\xf8\xe2\x1e\x10\xc7\xda\x1d\x5b\x04\x7d\x8d\x65\x28\x88\x8f\x40\x37\xc4\xae\xb7\x9a\x6e\xae\x6f\xd3\x82\x43\x14\x42\x9d\xf6\xb5\xfc\xcc\x81\xc6\xd1\xcf\xc4\x36\x61\xb3\xa7\xd6\xe5\xb1\x78\xe3\x8a\x24\x09\xac\x8e\x4f\x24\xef\xd0\x67\x63\x27\x93\x59\xe8\x42\x5a\x14\x08\x9e\x02\x59\xfc\x32\x61\x8e\x0e\x6d\xe1\x0f\x5a\xd8\xca\x75\xf1\x10\x58\xdb\x6f\xe4\xdc\xf5\x84\xd7\xcb\xe8\x6a\x3d\x20\xd1\x19\x86\x6a\x46\x97\x29\xca\x45\xf6\x91\xf1\xa9\xb0\x2d\x84\xca\x95\xa3\xa7\x0a\x65\xe1\x08\x45\x00\xd1\x9a\x9d\xe9\xc1\xb6\xa2\x6a\x77\xad\xfa\x58\xbf\x97\x44\x70\x9c\xc1\xd4\x40\x83\xe2\x0c\x18\x58\xc0\x38\x9e\xbb\x5e\x64\x05\xcd\x9e\x06\xa2\x89\xb2\x4d\x1d\xb6\xf2\xba\xf9\xc1\x69\x1f\x00\x38\xce\xf7\x7e\x20\xd6\x11\x26\xf0\xe8\x4c\x9a\x2b\x77\x2d\xc7\x89\xce\x54\xe1\x63\x76\x2d\x36\x85\x44\x41\xd0\x18\x92\x10\xb1\xc2\x28\x7f\xcd\xac\xe9\xf5\x99\x37\x87\x35\xe4\xd7\xba\xdf\x36\x32\xf5\x11\x80\x72\x3d\xcd\xc1\x40\xdd\x41\x55\x2f\x4e\xbc\x06\xcf\x73\x7f\x3c\x26\x6f\x82\x81\xe4\x81\x97\x11\xbb\xd3\x3d\xa9\x77\x24\xb9\x9e\xc0\x05\xd9\xb2\x38\x57\xef\xab\x0d\x83\x94\xd9\xf1\x54\x34\xf3\x0f\xfc\x6a\x75\x16\x55\x54\x26\x56\xa0\x64\x36\x93\x3a\xcf\xf7\x14\x9d\x1b\xb5\x54\x85\x73\xe7\x0c\xc7\x3c\x29\x2f\x9f\x37\xee\x35\x82\x80\xe0\x4e\xf8\x59\xec\xd7\xd4\x78\xeb\x9c\xe6\xa8\x7c\x34\xd1\xba\x5b\xbb\x43\x9c\xf0\xed\xbb\x84\x1b\x5b\xe4\xdd\x40\x16\xa0\x5f\x80\x44\x20\x41\xd7\xe8\x44\xd9\x14\x04\xcf\x36\x73\xaa\xec\xa1\x26\x5e\x3c\x15\x1b\x4a\x76\xdb\x34\x25\x79\xdc\xe2\x13\x45\x15\x23\x9e\x07\x8f\x44\x6b\xcf\x70\xbb\x7a\xaa\xdf\x0d\xb1\xc9\x67\xe3\xbe\x2f\x9b\xb7\x14\x6e\xb5\xd8\x28\x72\xc0\x89\x36\xc2\xe9\x6c\xab\xd8\x34\xae\xc3\xec\x77\xe8\xd4\xc0\x64\xb6\x02\x79\x27\x9f\x10\x10\xae\x13\x9c\x0f\x42\xfd\xff\x51\x75\x1d\x6b\xae\x22\xcd\xf2\x81\x58\x14\x1e\x6a\x29\x09\x09\x6f\x84\x87\x1d\xde\x7b\xcf\xd3\xdf\xaf\xcf\x3f\xa7\x67\xee\xba\xf5\xa9\x1b\xaa\x32\x33\x22\x33\x32\xfa\x0c\xd7\x5d\xef\xf9\x0e\xa7\x69\xd9\x96\xbf\x3d\x22\xcd\xab\x3b\x02\xb8\x6b\xb9\x3e\x62\x3a\x12\x24\x3a\x77\x00\x70\xae\x19\xf2\x6e\x2e\x50\x90\xd2\x77\x20\xfa\xeb\xb2\xf2\x7f\xf4\xc5\xdc\x43\x80\x4c\xb4\x79\x2b\x19\xbe\x2d\x73\xc8\x10\xc0\x40\xfa\x1d\x70\xd7\x07\xf7\x1e\xc7\x47\x4a\x1c\x82\xe8\xfd\xfe\xbb\xf8\x4a\x79\x24\x82\x5e\xef\x0c\xc8\x57\x1a\xdb\xf9\x13\x5f\xe7\x08\x83\x34\x9b\xf8\x34\x52\x4f\x9c\x68\x89\xbd\x84\x66\xad\x53\xb8\xd5\x40\xc8\xd7\xc2\x02\x0f\xb3\x1a\xeb\x73\x0d\x95\x78\x19\xb0\x5e\xd7\xed\x05\x39\x69\x9b\x95\xf7\xa9\xda\xb2\x1b\x6d\x38\x11\xa3\xab\x5c\x4f\xd3\x18\xb9\xd8\xb9\x09\x07\x19\xac\xcc\x9e\x32\x08\xd8\xa9\x9a\x61\x18\x06\x1d\x96\x1d\xee\x31\x2e\x55\x4e\x2f\x5d\xdf\xe6\xa9\x57\xe9\x37\x02\xfe\x7a\x4d\x67\x99\xde\x35\xeb\x15\x28\x5f\x38\xf9\xfb\x98\xff\x8c\x3d\xfe\x77\x26\x8f\xfd\x07\x03\xa5\x08\x13\x0d\x6c\xfd\xfd\x98\x7e\x3b\x61\xa9\xfb\xec\x53\x06\x85\x8a\x1d\x33\x3d\x86\xed\x37\x5b\xf4\x46\x7f\xaf\xed\xa2\x8d\x08\xc8\x3b\xb8\x33\xa4\x00\x11\x22\xdf\x89\x09\xf3\xa6\x63\x90\x5f\x85\xb2\x2d\x7c\xb4\xba\xdd\x26\xab\xb6\x83\x6a\x43\xfc\x82\xd4\x28\x8f\xfe\x4c\x0e\x19\x61\x7e\x7d\x94\x5f\x5f\x24\xbb\xcb\x72\x45\xee\x71\x1c\x53\x48\xd2\x2b\xf7\x97\xd0\xef\x1b\x23\x32\x86\xb0\x50\x5f\x99\x6f\x04\xef\x56\x2c\x44\x76\x35\xec\x35\x3e\x6c\xe2\xc7\x6a\x15\xd0\xc8\xb0\x97\xc5\xee\x0d\x25\xd9\xec\xf7\x60\x75\x2e\xc2\x92\xc5\xbd\x6a\x34\xe7\xf8\x12\x7d\xfe\xce\x93\x58\x71\x85\xc8\x01\x50\x98\xfb\x8a\x81\x53\xe4\xa6\xd3\x25\xf3\x05\x03\xcc\xc7\x6f\x24\x48\x5b\xbc\x91\x69\x0a\xef\x0c\x83\xb9\x4f\x8d\x90\x23\xaa\xa4\x97\x50\x36\x31\x80\xd0\x75\x38\x18\x52\x65\xaa\x86\x49\x79\x5c\x33\x62\x35\xa3\x12\xe1\xeb\xb6\xba\xdd\xfe\x55\x48\xa3\xfd\xdf\x3e\xc6\x31\x7c\x9e\x11\x4b\x74\xcf\x60\x21\xe2\xf5\x18\x1c\xc5\xa6\x50\x56\xb7\x51\xc8\x04\x6c\xf9\xc3\x25\x88\x95\xbe\x29\x68\x49\xcd\xd5\x8d\x53\xd6\x8f\xf4\x57\x70\x04\xc9\x95\xdb\xf0\x72\x3c\x61\xef\x66\xe3\xe4\x36\x88\x6d\x03\xe4\x03\x3e\x78\xe4\x72\xf1\x2c\xff\xed\xd7\x20\x07\x8e\xe0\xfb\x3e\x53\x5c\x53\xd9\x54\xc9\x30\x25\xb2\x6d\x72\x35\x8c\xaf\x11\x7a\x34\x6b\x70\x18\x0f\xa3\xd8\x96\x23\x5b\x42\x19\x3a\x0a\xca\x11\x01\x96\x44\x5e\x29\xce\xa4\x43\x28\x9c\x48\xde\x53\x6c\xfe\x55\x31\xc9\x76\xba\x71\x9a\x48\x89\x29\xdc\x42\xd5\x2b\xc2\x20\x9e\x80\x7d\xe2\x58\x7e\xb8\x23\x9d\x75\xb1\xd6\x21\xdb\x1f\xe5\x5f\x39\x5f\xe8\xf9\xe4\xbe\xa8\xc6\xa4\x1b\xbe\xcd\xf4\x96\x6b\x04\x44\xfc\xcf\x99\x0c\x82\xcd\x87\x9c\xac\xd5\x22\x43\xcf\x17\xe6\xab\xdc\x40\x6f\xbd\xd2\x56\xd3\x83\x25\xbf\xe9\xf3\x57\x5b\xa0\x3f\x99\x93\xa4\xf3\x4d\xa8\xcf\x66\xbf\xeb\x1f\xe0\xfa\xbf\x1a\xec\x46\x82\x37\x68\xca\xd5\x8c\x57\xb2\x1b\x3a\x71\x0f\x8b\xc1\x22\x0d\xf3\xd4\xf0\x94\xa4\x90\x37\xe3\xd2\xa9\xf1\x91\x2c\xb7\x5b\xee\xa6\xc0\x4b\xf1\x07\xaa\x9d\x6a\x2a\xe4\xc6\xc9\xbd\x1d\x02\xd4\xe7\x80\x96\x99\x61\xde\x21\x6f\x37\xb6\x9d\xe7\x84\x36\x5b\xf8\x4a\xa4\x4c\x0c\x4d\xa4\x1f\x99\x94\xb9\x71\x64\x2e\xdb\x5c\x17\x5e\x65\x20\x5c\x2f\xc7\xe4\xb3\x7e\x74\xd3\xd8\x67\x7b\x14\xd3\xf5\xf3\x1c\xa3\xa8\x93\x0a\xbf\xa5\x75\x54\x4c\xfe\xe2\xb3\x43\x4d\x1a\xcb\x9f\xc7\xd6\x4d\xfb\xb0\x8b\x1b\x01\xcc\x38\x8e\x53\x92\xed\x34\xd2\x1d\xc7\x3d\xb5\xc5\x1d\x85\x24\x39\x2e\x80\xc7\x4c\xab\x2a\x57\xd0\xc8\xe2\xe9\xc2\x85\x78\xd3\x24\x17\x62\xa5\x6b\x9e\x5a\x2b\xd6\x44\x4f\xb3\x61\x92\xa3\xfc\x4a\x20\xd1\xdd\x59\xb6\x66\xa9\x98\x57\x4f\xe7\x53\x06\xdd\x27\x9a\x89\xf8\x79\x7e\x11\x83\x2a\x57\x26\xf3\x77\x44\x23\x77\x97\xe6\xcf\x25\x82\xc8\x9d\x35\x94\xe7\x76\xa1\xe7\x4a\x3e\x15\x73\x8f\x88\xc3\x11\x62\xa4\xf5\xcb\xc9\xf1\x3a\x6e\x79\xc2\x1c\x06\x8f\x7d\x5c\x4a\xf1\x3b\x67\x12\xae\x65\xca\xdb\x57\x1a\xa0\xaf\x12\x1b\x1a\xe9\xca\xd3\xad\x73\x15\xd9\x40\x5e\x39\x4a\xe9\x75\xdd\x67\xb9\x7e\xa7\x01\x41\xa6\x66\x28\x37\x0b\x9e\xeb\x42\x8d\x5d\xa1\xce\x57\x66\x26\xe6\x86\xf9\xce\x84\x8d\x42\xf5\x7a\x63\xb6\x41\xba\xce\x0e\x84\x4b\xd5\x60\x9a\xed\x36\x1f\xe6\x8c\x66\x97\x22\x80\xef\xf5\x36\x45\x46\xbc\xd9\x9f\x34\xfa\xc0\x3b\x9c\xd8\x71\x62\x15\xca\x26\xf3\x14\x97\xdd\xc0\xac\x4d\x28\x26\xd9\x13\x3d\xce\x04\x4f\x13\xb7\xae\x45\xb3\x16\xc9\xec\xac\x88\xd7\xbb\xce\x9e\xcf\x4f\x91\x9e\xd2\x3f\x7a\x06\xee\x98\xa3\x79\x8a\x1a\x9f\x27\x7c\x8e\xe3\xc2\x13\xc9\x60\xee\xcd\x71\x9e\x64\xd3\xa2\x3e\x30\x9c\xcd\x0c\xfe\xb4\x89\xfb\x1a\xcd\x34\xff\x28\x6c\x1f\x61\xd1\x8e\x6e\x3b\x57\xe0\xc8\xf6\x93\xf8\xae\x66\x54\xbe\xc4\xfd\x34\xd1\x90\xcf\x77\x56\x00\xa7\xe8\x7e\x2c\x9f\xf3\xb8\x35\xcb\x01\x6a\x73\x37\x64\x97\xd8\x75\x59\x89\x0c\x38\x31\xc0\xa6\x6b\x6f\x05\x98\xcf\xf0\x1b\xc3\x24\x67\x45\xeb\xaf\x6e\xe1\xf1\xcc\x97\xb6\x58\xda\x8b\xc6\x2e\x1b\x6e\x5e\x3b\x4f\xe0\x07\x16\x0a\x30\xf0\xb4\x82\xe8\xf7\xb2\x1b\xab\x43\xf8\xfe\x69\xad\xdf\x83\x41\x30\x24\x47\x00\x02\x92\x53\x32\xfa\x06\x26\x56\x62\xe5\xb6\xae\xf7\x5c\xe1\x7b\x66\x40\x89\xac\x0f\xd6\xcb\x1c\xce\x59\x0d\x0b\xec\x01\x43\x50\x61\x3f\xab\xb4\x7e\x37\x2c\x00\x53\x47\x40\xe4\x30\xf7\x57\x32\xbb\xf4\x25\xd6\xe2\xf5\xcd\xe1\x71\x87\xc8\xc2\x0a\x05\x9c\xdf\x03\xff\xc1\xaf\x7f\xee\xa1\x94\xeb\xbd\x8c\xdb\x00\x7e\x8e\xc0\x3b\xb2\xfc\x44\xb8\x23\xe7\xde\x2b\x45\x7f\xe3\xb8\x84\x19\x48\x11\x64\x16\x84\xf2\x88\x04\x53\x67\xa4\x69\x99\xdc\xe7\xa0\x96\x1d\x1f\x50\xba\xdd\x8d\xa3\x52\x05\x98\xcf\x84\x48\x81\xc6\xee\x84\x65\x52\x02\x03\x6e\xc8\xeb\xcb\x07\x24\xb3\x40\x84\x6d\x75\x93\xa7\x15\x9f\x86\xd9\xe2\x57\x04\xd8\xb8\x28\x9e\xf3\xf6\xf5\x3a\x16\xab\x08\xdc\x7f\x7a\x9a\x5c\x61\xe1\xf9\x4c\x6f\x4e\xae\x71\x0d\x35\xc5\xaf\xa3\xd0\x23\x10\x22\xdd\x15\x9a\x0b\x1e\x8f\xe6\xba\x69\xb1\x87\x35\x2c\x84\x6d\xa9\x54\x4c\x45\x75\xea\xa7\xf0\x14\x6a\x89\xec\xa7\xc6\xc6\x03\x16\x81\xf2\x41\x1b\x38\x02\x07\x6c\xbf\x84\xe6\x42\x04\xc3\x30\xf6\x85\xb0\x89\x53\xa1\x34\x24\xf9\xf9\xec\xe4\xd2\xbb\x8b\x3c\x56\x92\x3f\xd2\xe9\xe4\x9f\xa5\xff\x37\x7f\x3c\x6e\x22\x45\xe1\x40\xeb\x35\x3b\x20\x4c\xb8\x3a\xd3\xb2\x88\x46\x66\x9c\x76\xcd\x2e\x14\xf1\x67\x7c\x9f\x03\x7a\xd6\xfa\x68\x61\x45\x9c\x7a\xb9\x32\x15\xce\x9a\x34\x17\xdd\xe7\xb2\xe5\x28\x6a\x4a\x95\xa8\xf3\x2b\x80\x86\x4f\xd8\xed\x82\x5d\x75\x5f\x93\xa8\xfc\xde\xf3\x9c\x57\xb4\x71\xd5\x6e\x31\xfe\xa9\x03\xad\x45\xe5\xa2\x81\x53\x4a\x84\xec\x28\xe4\xbe\xca\xbb\xe0\x7f\x9b\x92\x24\xa7\xf5\xf4\x69\x07\xba\x59\xa4\x82\x8b\x79\x6e\x33\xdf\xc6\xf5\x20\x14\x1c\xa4\x69\xb6\x37\x82\xf6\xe9\x16\x82\x58\x65\x8c\xa5\xd2\x5c\x6e\xba\x07\x2e\xd5\x03\xb9\x29\x17\xab\xd4\x4b\xb7\xfa\x4a\x73\x45\x8a\x84\x08\xc4\xdc\x34\x4e\xda\x08\x33\x8f\xcc\x3b\xad\xf4\x60\x67\x4b\xcd\x99\xe8\x7a\x0c\x87\x54\x10\x85\x1c\xa3\x0c\x89\xba\xa9\x73\x0d\xea\x6f\x51\xfc\xe6\x7f\x0d\x1c\xd9\x8c\x6a\xb5\x43\x5c\x35\xb6\x51\x49\xe1\x86\xa4\x93\xd1\x4c\x1e\x30\xe1\x93\x31\x49\xff\xc1\xb2\x01\xb6\xbb\x23\xbe\xbd\x67\xb5\x9c\xb0\xe4\x73\x60\x2a\x0d\xfd\x19\xa2\x95\xa7\x78\x29\x99\xb7\x63\xe7\xae\x5e\x75\x12\x12\x36\xc6\x1d\x83\xb0\x2d\x04\x56\x72\xa6\x14\xf7\x3e\xd5\xc8\x6b\x5f\xfd\x89\x67\x12\xc5\x0a\x0f\xfe\xf3\xfb\xdc\xcf\x2d\xed\x5d\xcc\x76\x30\xf5\xe2\xe8\xd9\x8e\x92\x46\x36\x58\x46\xbe\x46\xef\x5c\xe2\xf7\xc5\x21\x23\xaa\xcf\x00\xbb\x3d\xe0\x61\x30\x51\x70\x89\x6b\x46\xd9\x66\x81\x72\x3e\x7a\x18\x7f\xaa\x33\x98\x92\x89\x42\xbf\x5a\xb1\x30\xe7\x7b\x6e\x6f\x87\xd0\x08\x80\x5d\x18\x3c\xf5\xe7\xf1\xd2\x3a\xdb\xbd\x4a\xff\xe2\xe0\x6c\xe2\x56\xbf\x2c\xb6\xf1\x28\xa9\xbf\x7d\xd9\x27\x4b\x12\x17\xf7\xe8\x17\xde\x22\x27\x45\xbc\xc4\x2a\x32\x28\x01\xed\x26\x4c\xbe\x16\x17\xe7\xde\xd0\xb0\x09\x78\x47\x10\xee\xb1\x7e\x3b\xec\x2b\x7b\xaa\x7c\x2f\xfb\x47\x91\x3e\xbc\xd9\xa5\xa1\x19\x6a\xe7\x0d\x73\x3f\x47\xd2\x75\xb7\x28\xb1\xf1\x1a\xc3\x42\xd7\x3f\x0c\xa2\x11\x5a\xcb\x1a\xd5\xa8\x0b\xdb\xa0\x7e\x14\xfe\x2f\xff\xd2\xa8\x29\x52\xd8\x02\xc8\x9f\xbe\xf4\x91\xda\x40\x27\x4f\xae\xb9\xe5\x54\x73\x1e\x9b\x89\x13\xcb\x85\x33\x59\xc5\x60\xe9\x38\x90\x47\xe2\xa1\x12\x8f\x5e\xbb\x96\x53\xb5\x9a\xc1\x9a\xad\x89\x21\x2c\x4a\x94\xb2\x90\x4c\x70\x3a\x53\x67\xb6\x4a\x8c\x3b\x58\x4c\x80\x20\x04\x22\x66\x4f\x2d\x18\x96\xa7\xad\x97\x9b\xab\xf3\x8b\xd2\x3d\xff\xee\xce\xbe\x1e\xdc\x71\xa8\xdc\x67\x6c\x73\xb4\x4c\x83\x46\x7a\xa5\x7d\x84\x47\x32\x4a\xba\x04\xd4\x7b\x5e\x92\x5b\x61\xbd\x22\x17\xee\x0c\x64\x59\x36\xb0\x05\xf2\xfc\x4c\x69\xfd\x8d\xee\x44\x96\xab\x85\x83\x66\xbb\x54\x44\x91\xbe\x0a\x52\xe7\x9e\x83\xf6\xec\x85\xc1\xd1\x7d\x81\x59\xda\x34\xcf\x32\xdf\x75\x31\xd2\x8c\x03\x71\xba\x96\x15\xd5\x47\x42\x2d\x98\x90\x48\x95\x32\x51\x7e\x20\xab\xc9\xfd\xf6\x10\x8c\xfe\x55\x8e\x8e\x8f\x7c\xbf\xbe\xfa\x6a\xd8\xc4\xc0\xf9\xd3\x53\xad\x51\xba\xd4\xfa\xcb\xf2\x42\x0b\x63\x1f\xcb\x41\x73\xde\xac\x17\x07\xe4\x0b\x12\x89\x0e\x85\x11\x7a\x5e\x27\x39\x2f\x87\xea\x13\xba\xcf\xf7\xe1\x5e\xdd\xa9\xc8\x5f\x4d\x2f\xa1\xf9\x13\xf5\xc1\x35\x9c\x2c\xd1\x73\xec\x8e\xcf\xe2\xd8\xfa\x44\xb8\x69\xc4\x56\x51\x79\x94\xf1\xe9\xfb\xfb\x1f\xce\x5e\xbc\x14\x2a\x53\xda\xab\xa3\x55\x80\xee\xdc\x17\x35\x32\x04\x81\x84\x7a\x3f\xce\xd3\x5a\xa5\x69\xb5\xba\xab\xbf\x19\x36\xaf\x10\x80\x68\xf2\x13\xe4\xdb\xa7\x9b\xa2\x77\x29\x5a\xe8\xaa\x99\x0f\xf0\x22\x67\xbf\x7e\xe6\x60\x20\x1e\x2e\x88\x6b\x01\x10\x22\xe3\x07\x8a\xeb\xca\xfc\xb0\x22\x0f\x65\xcc\x67\x9c\x00\x0c\x93\xf4\x92\x15\x7d\x68\xa7\xfd\x64\xd2\x8e\x14\x8a\x33\xb1\xf2\xf7\x75\xff\x6a\xf8\xa4\x6a\xee\xc2\x2e\x24\x56\x12\xe9\xbe\xb9\x76\x25\xb4\x5e\x0f\xa4\x37\x15\x20\xcf\x80\xc4\xb8\xd3\x82\xe9\x55\xc8\x4f\xf2\x54\x0d\xa7\xb7\x51\x18\x00\xd4\x37\xe5\x0a\x54\x7b\x41\xc7\x42\xfd\xb4\xf4\x27\xd7\x3a\x96\x81\xcd\xf4\x5c\xa1\x27\x1a\x7e\x4e\xd4\xba\x49\x0d\xee\x91\xc0\x1d\x4f\x08\xc0\xde\x3e\xe0\x95\x10\x52\x93\x83\x00\x38\xfb\x22\xa0\xd9\xe3\x57\x2e\xa7\x9e\xae\x89\x67\x3d\x50\x53\xb5\xa2\x02\xd7\xd8\x77\x55\xbd\x7d\x17\xf3\x3e\x65\x60\xbe\xcd\xb7\x23\xba\xe1\x70\x3a\x88\xc0\x3b\x0d\xa5\xdb\x00\xd4\x4d\x83\x2a\xd8\x28\x7f\x1b\xd6\x50\xce\xea\x51\x72\x7b\x23\x19\xfd\x7e\x8a\x24\x62\xd4\x04\x60\x01\x38\x0f\xef\xd3\x45\xaa\xf6\x98\xdd\xe9\x5d\x3c\xfb\x19\xd2\xac\xca\x3d\x89\x78\xc5\xab\x54\xb5\x57\x77\x4c\x9d\xf6\x58\x58\xfa\x59\x93\x88\xf6\x12\xec\xe0\x93\xeb\x07\xf1\x7a\xfd\xd3\x7a\x55\x4f\xd3\xc3\x36\xe6\x7e\xe9\x93\x2b\x4f\x16\x59\xf8\x55\x2a\xbf\x88\x15\x64\x00\xec\x86\xcf\x40\xa7\xc3\xf6\xaf\xe8\xbc\xa1\x66\x27\xb8\x8e\x11\x99\x88\x52\x32\x89\x6b\x95\x0a\x0d\xfb\x81\x54\xe4\xec\xcf\xcf\xc7\x11\x19\x8d\x81\xdc\x82\x01\xee\xb2\x87\x92\x41\xa6\x11\xf3\x7e\xf8\x10\xaa\x09\xe0\x4d\x36\xff\xd0\xc9\x3a\x3a\x23\x2b\x55\x36\xf0\x0e\xf5\x78\xfd\xab\xad\xa5\xa2\x6e\xdf\x1b\xa1\x7f\x33\xfa\xb5\x4c\x72\x31\x24\xf6\x7c\x14\x08\x00\x15\x6b\x94\x9b\x71\x03\x1c\xc1\xf0\xc1\x0b\x85\x46\x18\x11\x36\x35\xed\x9f\xda\x41\xce\x56\xbb\x2a\x5f\x72\x51\x18\x85\xd2\x00\xc8\x0e\x5f\xa8\x4f\x22\x5e\x89\x3c\xef\xcf\x28\xb0\xe3\xc7\x27\x66\x74\xc9\x11\x63\x37\xda\x09\x33\x07\xe7\xb7\x57\xe2\x86\xe2\xbf\x71\xed\x2b\x3b\xe4\xc1\x4c\x3f\x0a\xae\xfc\x9d\xdb\xbe\x82\x37\x9d\xdb\xba\x5d\x90\xb2\xa1\x17\x2c\x39\xc8\x67\xd6\x3f\x8a\x9c\x60\x26\x7a\x9b\x88\x7d\xcb\x87\x1a\x8f\x62\x74\x52\xb3\x2a\xe8\x25\x02\x9c\xd8\xc7\xa8\x56\xd9\x1b\x16\xee\xf5\xd8\x7f\x62\xb0\xc3\xb6\x78\x20\x8b\x33\xae\x53\xa6\x04\x80\x7d\xe7\x20\x27\x3f\x5a\x15\xfb\x85\x74\x65\xfd\x53\x6e\x1b\xc0\x50\x70\x8d\x3d\xac\x28\xad\xda\x99\x1a\xf9\x75\xac\x8d\x30\x5b\xf3\x44\x6d\x84\x25\x56\xc6\xdf\x3c\xad\xbe\x92\x1f\x7a\x67\x49\x6a\xc3\x46\xf2\xfb\x20\xb3\x58\xfd\x41\x2b\x39\x08\xfb\xc5\x83\x46\x4a\xb2\xe4\x82\x18\x67\x66\xcc\x0c\x72\x38\x63\xb8\x80\xcd\xf8\xa2\x1a\x17\x88\x4e\x43\x55\x01\xff\x5c\xe7\xd7\x68\xef\xcb\x7a\xff\xd1\x04\xc9\x68\x71\xde\x37\x20\xfc\x37\x34\x6a\xaa\x50\x8c\xea\x58\x66\x39\x15\x86\xf7\x8d\x4b\x37\xa0\x97\x34\x9f\x3f\x91\x15\x88\x6b\x7f\xb3\x31\x7f\xaa\xe1\x12\xe0\xa0\x7b\xca\xd7\x6f\x1c\xab\x56\x9c\x2f\xb4\x5b\xaa\xf6\xfb\xbc\x9c\x51\x2c\x5a\x00\x5e\xec\xc5\xaa\xdc\xe3\x62\x01\x8a\xd0\x7a\xbd\x7f\xba\x10\x47\x88\x96\xfe\xe1\xe9\xa2\xea\xd2\x3b\xa4\xbb\x1c\x7c\xac\x84\x2a\xbf\xde\xe7\x61\xcb\x29\xd5\xb3\x57\x16\x0b\x5d\x58\x05\x88\x41\xec\xf9\x0e\xfa\x94\x7c\x6e\x89\x25\x15\x68\x4c\x3e\x3d\x6c\x8d\xd2\x0d\x75\x28\x87\x4f\x9f\x3f\x0c\xa7\x04\x3a\xb1\xfa\xda\xa7\x97\xc5\xfa\xaf\x3e\x93\x7b\xf4\x86\x8d\x43\x75\x60\x07\xbb\x0d\x87\x15\x6e\x79\x9e\xcf\x23\x07\xce\xf2\xcb\x6a\x54\xe2\x85\x42\x6f\x10\x51\x0b\x7d\x17\x0b\x51\x3a\x73\xe5\x6f\x50\x28\x43\xf5\x74\xcf\x61\x3f\xfb\x9e\x60\x22\x6d\x77\xfb\x27\x55\x90\x82\x48\x29\xed\x45\x4b\xab\x1e\xc4\x65\x38\x31\x04\x60\x88\x9c\x58\x58\xa1\x7c\x4f\x55\x50\x89\x97\x5a\x7d\x11\x86\x47\xd9\x19\x3e\x1f\x5a\x26\xff\x7b\x3e\x39\xcc\x19\x8a\xf1\x8a\x98\x42\xfc\xee\xe5\x1b\x8b\x72\xdf\x70\x5f\xdd\x01\xb0\x62\x86\x69\xb1\x5f\xc5\x72\xb6\x4e\x11\xe9\xc5\x89\xc0\x62\x04\x40\xbc\xf1\x29\x27\xbd\x76\x63\xfc\xe4\x22\x1a\xac\x12\x9f\x3f\xc3\x59\x0b\xcb\xf7\xb4\xb8\xdb\xaa\x28\x0c\x83\xbe\x93\x6d\xb1\x46\xb3\x0d\x67\x37\xfa\x79\x17\xa5\x34\x21\xfb\xca\x64\xbd\x87\x40\xc9\x29\xce\x9f\x77\xf2\xcd\x59\xfe\xf1\x1f\x4f\x81\x43\x3f\x35\x1b\x85\xb1\xf2\x8c\xc2\x27\x4b\xe8\x57\xa9\x94\x78\x97\x76\x61\x4b\xb1\x60\x70\x0c\xc0\xf4\x9f\xa0\x6b\x97\x0f\x2f\x0a\x13\x9b\xd7\xba\xdf\x57\x23\x5f\xce\xe3\xc4\x97\xdf\xf0\x25\x7c\xb6\x19\x43\x36\xbb\x09\x0d\x1e\x5c\x87\x19\xb2\xfc\xa7\x0c\x22\x84\x85\x8a\x92\xc6\x3b\x38\xfa\x93\x05\x79\x73\x7d\xff\xd4\x8e\x4b\x28\x38\x8e\xb9\x21\xa7\xbf\x5c\x49\x76\x5b\xab\xbf\x2b\x83\x80\x94\xae\x7e\x85\xbf\x7d\x06\x9e\xc3\x29\x8d\x8d\xf9\xe7\x12\xf3\x27\x9a\x2a\x89\x8c\x31\x70\xa2\x58\x44\x45\x78\x58\xdd\x16\x59\xd8\x25\xbe\x4d\x13\x9a\xf2\x66\x61\x26\xda\x02\x58\xd6\x6b\x9f\x72\xf9\xee\xb3\x99\x7e\x29\x1c\x2f\xa7\xdc\x94\x2a\x0c\x40\xd1\x26\x47\x26\x7a\xb6\xdd\xc4\xe0\x8e\x4b\x74\xe4\xa4\x22\x88\x22\x45\x53\x3f\xc8\x0c\x5f\x7a\x97\xef\xe1\x52\x6f\xa9\x31\x06\x89\x4d\x7a\xd9\x32\x09\xf3\x95\xfc\x6a\xb7\xb8\x90\x3f\x27\x4b\x3f\x6d\xa5\xed\x09\x40\xb2\x39\x75\xa9\x44\xdd\x22\x18\xcc\x68\xc0\x91\xee\x8b\x3d\xea\x14\xdf\x5f\x42\xb7\xd4\xed\x09\x84\xca\xe0\xdf\x60\xbd\x4e\xa9\xd3\x83\x36\xa7\x14\x9a\x80\x24\xfd\x93\x68\x9b\x1d\x48\xf4\x1e\xef\x19\x3e\xb5\x64\xf9\x55\xb9\x07\x9d\x1a\xfd\x19\xde\xef\x16\x90\x88\xb6\x7d\x7a\xc3\xa4\xf3\x60\x5e\xf6\x5b\x3d\x25\x35\xec\x25\x96\x13\x7e\xe5\xb7\xea\x95\x01\x6d\xb3\x9f\x69\xab\x78\x58\xea\x63\x50\x30\x59\x5f\x00\x69\x27\x55\xc1\x92\xce\xf3\xb5\xc6\x81\x03\x09\xc8\xbe\xb9\x27\x6b\x26\x5a\x4b\xef\x2e\xc5\x2d\xfe\x7e\x43\xf2\x88\x38\xd1\x6a\x4e\x27\x30\xe5\x74\xbb\x83\x24\x70\x01\xc2\x2a\xf7\xcd\x02\xf5\x7e\x95\x31\x69\x6b\x00\xc8\x2a\x69\x02\x08\xbe\x3c\xa6\xd9\x0e\x34\xea\xa3\x72\x2f\x03\x9e\x17\x5b\x8b\xb2\x8e\xb8\xef\x67\xff\x0f\x16\x7a\x16\x70\xfb\x1a\x46\x2d\xde\x68\xe3\x91\x2c\x97\x66\x04\x21\xb4\x0a\x51\x77\x74\x94\xb9\x84\xa3\x20\x1b\x04\x88\xbd\x56\x8b\xfa\x3a\x96\x58\xcb\xf5\xde\xa4\x0d\x13\xbc\xaf\xa0\x93\xaa\x27\xd7\x6d\x14\xa2\x35\xa1\x6c\x2b\xf9\x8b\xe3\x4d\x7c\xdc\xa3\x7b\xf5\x7d\x02\xf9\x28\x67\x91\x0b\x04\x58\x31\x37\x71\x67\xe1\x49\x46\xef\x3a\xf0\xa9\x42\x7c\x1d\xfb\x9d\xcd\xd8\x5e\xb5\x9f\x2c\x6c\x22\x9e\xf8\x18\x1c\xe8\x79\xb1\xfe\xcb\x07\xb8\x27\x23\xd2\xfa\x45\x6d\x6a\x54\xdb\xc3\x28\x3b\xfd\x39\x11\x01\xdd\x07\x79\x96\x65\xb9\xec\xdf\x2a\x6b\x18\x37\x43\x00\x4c\x9f\xbe\xb3\xd1\xdf\x1b\x11\x21\xa9\xde\xb8\xb9\x4e\xeb\xe5\x80\x65\xcd\xf4\xb6\x46\xc9\x42\x51\x73\x73\xf9\x51\x76\x64\x07\x82\x38\x8e\x01\xf8\xcc\xa0\xd7\x72\x80\x75\xb1\x60\xaa\xd3\x77\x04\xec\xa6\xe7\xba\x84\xe9\x4d\x94\x5e\x0c\xe6\xa3\x8e\x48\xba\x52\xbe\xbd\x5a\xd0\xae\x8f\xb9\xf4\xfe\xd5\x9d\x77\x96\xc4\xb7\x55\xd0\x28\xfa\x3b\x54\xad\xe6\xfe\x46\x75\x26\xfa\xf9\x7e\x07\x49\xbc\xa7\xa0\xcc\x00\x23\x35\xc0\x58\x89\x0c\xab\x42\x90\x59\xb4\x4f\x43\x80\xc0\x14\xbc\xfd\x9b\x15\xe0\xc6\xda\x43\x70\x3b\xd8\xc7\x32\x37\xea\x3b\x99\xfd\x05\x72\x08\xf3\xbe\xba\x63\x4c\xb3\x8c\x1c\x7c\x6b\x33\x19\x98\x24\xbf\xc8\x45\x4e\xa4\xdd\x4b\x8b\x40\xe7\xd8\xcd\xd7\xe5\x96\xe2\xbf\x8d\xcc\xb9\xd1\xe6\x24\xa8\x2d\x6d\x64\x86\x5a\x62\xa5\xfe\xe6\x60\x74\xb1\xdf\xe5\xcb\x94\x92\x81\x0e\x5a\xe9\x68\x8e\xc1\xcd\x43\x53\xe9\xd3\x79\x07\x4c\xbd\x02\x09\x20\xe5\xad\x40\x92\xde\xb2\x55\xb1\x88\x6a\xa6\x00\x57\x1e\xb4\x92\xa8\xa6\x9c\xb4\xb2\x75\x7d\x50\x6b\x88\x0f\xe5\x73\x31\x28\xdc\xcd\xec\x76\xf3\x8d\x60\xf2\xfd\xb6\xf3\xc6\x68\xdc\x26\x13\x6a\x52\xa0\x00\xeb\x37\x5c\xa2\x1e\xac\xf8\xd6\xe5\x19\xcb\xe6\x77\xf9\xf8\x52\x26\x63\x06\x73\x7c\xa6\xdf\xee\x5f\xdd\xb2\x17\x8a\x00\x9a\x5c\xf9\x0d\x3c\x4b\x92\x50\x3a\xcb\xc5\x69\x67\xea\x15\x9d\x5c\x80\x64\xf9\x7e\x11\x8d\x8e\x18\x14\x44\x30\x8a\x04\x7b\xf7\xf0\x38\xc4\x6e\x28\xb5\x8a\xe5\x54\xb3\xdf\x83\xb3\x36\xee\xb4\xda\x03\x62\xb4\xcc\xa9\x36\x64\x62\x10\x0c\xe6\x83\x9b\xcb\x01\x62\x50\x53\xd0\xe1\xde\x78\xeb\x23\x06\x00\x42\xec\xde\xeb\x7a\x2e\x8e\x41\x75\xf5\x3c\x9e\xe7\x36\xee\xfc\x9e\xd1\xbe\xa9\xdb\x28\xb8\xeb\xa2\x3d\x19\xc6\xfa\x07\xd4\xfc\xa4\x44\xc3\x7b\x85\xad\xd0\x0a\x7d\x4c\xa2\xe9\xa4\x6b\xf0\xb0\xa3\x5c\xde\x15\xac\xbf\x59\x08\xe0\xf8\x65\xd7\x10\x45\xf2\x7c\x64\x08\x02\xbd\x0a\x29\xfa\xbe\x84\x4f\xb9\x6b\xcd\x72\x14\xea\x61\x50\x22\xa5\x34\xf4\xfb\x41\xba\xba\x50\xc3\x13\xba\x2c\xab\xde\xc6\x8d\x59\x10\x8c\xf1\x36\x5b\x64\xfc\x32\x9e\x8c\x91\x02\x80\x08\xc8\x3c\xd1\x85\xd4\x1e\x7e\x8a\xa7\x46\x4c\x40\xab\xcd\xcc\x41\x59\x34\x4c\x9e\x19\x9e\xf5\xfe\xeb\x59\x73\x6b\xb2\x73\x5b\xf1\x5d\xe9\x21\xb9\x20\x92\xef\xfb\x3e\x0d\x15\x1f\x69\xbd\x2c\xcf\xb2\xc0\x37\x00\x42\xed\x44\x66\xf6\xf7\x48\xb1\xed\x9e\x23\x72\x1c\x33\x5f\xba\x90\x7c\x33\x2a\xde\x29\x1a\xcd\x6e\xd4\x5c\x2d\x7f\x1b\xb4\xb8\xe8\xaf\x7e\xa4\x93\x98\x2f\xa7\x8d\x8e\x60\xa0\x48\xc1\x9e\x6f\xbc\x22\x98\x68\x9a\x57\x84\x4a\xf9\x12\x64\x98\x3d\x07\xc1\x6a\x5c\xa5\xab\xb9\xa1\x7f\x45\x37\x93\x29\x46\x46\x2f\x4b\x8f\x84\xc5\x27\x31\xfe\xce\xae\xd5\xc7\x62\x3b\x98\x76\xd9\x57\xa5\x5b\x94\xce\x46\xdb\xd6\x43\xb7\xc3\xa2\x1c\x50\x24\x00\xe0\x0d\xc0\x89\xb8\x17\x12\x75\x93\xf1\x83\xb2\x10\x6d\xf6\x89\x84\x14\x44\x1e\x2b\x3f\x63\xec\x6d\x5f\xd0\x03\xb4\xc6\x46\x3f\x54\xf8\x10\x98\x9f\xfa\xe0\xb2\xdc\xb8\x11\x89\x6b\x69\xe1\x79\x24\x10\x41\x6a\x03\x83\xb9\x8f\x6c\xa0\x65\x59\x7c\xcd\x09\x26\x25\x7c\xac\x2a\xa6\x08\x99\x5d\x82\x4a\xaf\x9c\xa6\xae\xd3\xa6\xf4\x87\xc9\xff\xed\xf3\x76\x2f\x2f\x26\x2c\xa6\x4f\xde\x61\x3d\xbe\xe9\xde\x01\x91\xb5\xbb\xcc\x8e\xe4\x46\x1f\x82\x94\x48\x19\x06\xc3\xba\x24\x03\x98\xb9\xc7\x34\xdc\x2d\x6a\x0a\xbb\xbc\xf7\x05\x70\x17\x19\x84\x50\x9d\x9f\x78\xdd\x82\x2e\x9d\xb7\x3d\xf5\x90\xcb\x60\xad\xc8\xe6\x15\x5c\xba\x03\xdc\xdd\xdf\x51\x38\x12\xbd\x37\x11\xde\x0d\x80\x1b\x52\x80\x22\xa1\x8a\x00\x16\x97\xa8\x29\xea\xec\xfb\x66\x2f\xb9\xb5\xc7\x43\x39\xd7\xb6\xd9\x0f\xbe\x39\xd8\x0a\x92\x70\x80\x5c\xf8\x5b\x63\x9e\x61\x37\xc7\x0a\xb2\x14\x98\x43\xde\x97\xe8\x85\xbe\x0b\xd3\xa4\x18\x99\x8e\xda\x22\x61\xbd\x01\xc9\x70\x86\x91\x71\x47\xd6\x43\xd3\x4e\xe3\x79\x6a\x82\x24\xcb\x77\xc2\xc5\x0e\x89\xf8\xd8\x0e\xa1\x55\x6d\x56\xa0\xbd\x93\x7f\xae\x77\x81\x21\x51\x87\x27\xe0\x6b\xd2\x06\x85\xa4\x86\x91\xfb\x7e\x0f\xe0\xcb\x24\x36\xc6\x26\xc7\x53\x7f\x5e\x00\xd9\x9c\xdd\x00\x04\x39\x82\x91\x05\x76\x67\xc7\xc2\x48\x67\xe5\xd7\xa8\x2e\xb5\x16\x19\x37\xf2\x12\x04\x5b\xd9\x9d\x09\xac\xf1\xb0\xff\xd5\xb8\xde\x9a\xae\x3b\xd0\xb3\xd4\x4e\x2a\x87\xd3\x02\x54\xd0\xed\xb3\xf0\x81\x65\xd6\xcf\xf4\x14\x02\x84\xd1\x85\x95\x43\x98\x7c\xc5\x10\x6b\xfc\x74\xe0\x1e\xfc\x8e\xea\x20\x64\xc9\xe6\x4f\x6f\xc5\x0f\xf1\xf4\x11\xe3\xb2\xd2\x52\x8b\x1b\x1f\xfc\x3b\x8c\xbd\xf3\xfc\x7a\x22\xfb\x8a\xf6\xbb\x16\x5c\xba\x1a\x27\xbf\x1d\x10\xd2\x00\x60\x02\x00\x5b\x41\x6e\x20\x8b\x9f\xd8\x53\x3a\x33\x00\xc7\x7b\x82\x20\x8c\x4d\x20\x00\x5b\xbe\x05\xe8\x92\x35\x96\xcd\x20\xaf\xce\x60\x97\xb1\xe9\x69\x4d\x9e\x5c\x85\x2e\x16\xd9\x53\x66\xa7\xe8\x21\x5a\xe8\xa2\xfc\xa3\x0f\xb9\x49\xea\x32\xb5\x5c\x16\xab\x61\xb4\x80\x24\xee\x7e\x7c\x37\x0d\x4c\xc7\x18\x07\x00\x41\x20\x4b\xc1\x0c\x5c\xf3\xbd\xd6\xeb\x42\xc4\xe9\xe4\x74\x92\x89\xb6\x3e\x30\x49\xff\x91\x18\xbd\x39\x50\xd8\xc2\x84\x80\x0f\x1c\xee\x93\xc2\xcf\x47\xa1\x18\x0b\xad\x3f\x9f\x4a\xab\x72\x39\xfa\x58\xf8\x43\xd9\x35\xad\x7e\x1c\xaa\x91\xfb\xac\x5f\xb0\x33\xc3\x5c\xd7\xc0\xf8\x3e\x44\x8e\x24\xd3\x3d\x8f\x09\x16\x3f\x0e\xd5\x81\xe9\x23\x90\xec\xa9\xef\x62\x4c\xba\x41\x2a\x60\x33\xbd\x09\x79\x93\xfc\xd4\x77\x7b\x51\xd9\x2c\x57\x83\xa3\x04\xfc\x00\xdf\xa4\x56\x93\x1b\x4e\x3c\x2a\x83\x0f\x1e\x08\x57\xff\x37\x67\x52\x6c\xfd\x98\x7a\xd3\xe3\xcb\xc0\xc5\x52\x22\x67\xe0\xea\x22\x48\xae\xe5\x40\x83\x39\x10\x14\xa4\x28\x5c\xa5\xbd\xc8\x55\xbe\x80\x71\x27\x98\x64\x3b\x3b\xf3\x15\xbe\xa4\x5e\xcf\x11\x9e\x0a\x26\xa1\x99\x89\xef\x62\xd8\xb8\x87\xea\xc1\xe1\x6f\x96\x1d\xe9\x5c\x9b\x2d\xcf\xa2\x57\x59\xd6\x83\xdb\xfd\xb0\xb7\x9f\x13\x3f\x68\x00\x0a\x2f\xe3\x64\x0c\x82\x89\x73\x62\xdf\x31\xdc\xff\xdc\x09\xda\xf9\x4a\x5b\x9d\xa9\xd7\x9a\x4e\x2b\xe1\xe9\x27\xef\xfb\x16\xe9\xff\xc7\x27\xd6\x39\xc2\x17\x3a\xd1\x5d\x0d\x6e\xcd\x7c\x12\x69\xf4\x22\xd0\xb0\x93\xd0\x39\xd3\x6c\xf6\x3e\x00\x75\x56\xe2\xfa\x57\x23\x79\x58\x38\x99\x0b\x91\x04\x5b\x4b\xac\xc4\xd2\x02\x94\x41\x23\xc6\x88\x80\x71\xcd\xe7\xd8\x1b\x97\x98\x1f\x17\xa0\xa9\x06\xdd\x8e\xab\xfb\xb1\x1c\x35\x99\x06\xb7\xdb\x97\x74\x5c\xd7\xab\x0c\x9b\x22\x2f\x04\xfb\x0d\x0d\xef\x3a\xbc\xd0\x84\x6f\x39\x51\x2c\xa4\x7e\x69\xe6\x44\xf8\x34\xe5\x66\xac\x41\x20\x99\xd6\x9f\x6c\xfe\x81\x19\xc8\x37\x9c\xd9\x09\x76\x67\xd1\xce\x39\xf9\x01\xfb\xec\xaa\x52\xa6\xca\xf8\x73\x7e\xef\xf3\x9d\x3e\xfa\xe9\x55\xbb\x6e\x28\xf8\xbb\x9a\xd8\xf7\x53\x97\xbf\xff\xe1\x78\x92\xd3\x67\xb9\x76\x16\xea\xab\x44\x2e\x5f\xa5\xbe\x46\x33\x6d\x29\xb6\x55\xac\x5b\x2d\x6e\xf9\x0a\x2f\x01\x83\xc0\x99\x7b\x91\x55\x16\xc5\x7c\xfb\xf9\x13\xaa\xc3\x59\xad\xee\xb4\xba\xdd\x22\x2a\x7e\x19\x6e\xd5\xec\xd0\xbb\xa2\x92\x6e\xa3\x14\x0a\x38\xf3\xf7\xff\x72\xd5\xf1\xba\x25\x41\x68\x02\x4e\x98\x3f\xca\xdd\x35\x41\xb7\x87\xb5\x88\x18\xb2\xbb\x3d\xc8\x75\x43\xcb\x08\x9b\x72\xfe\x4a\xa0\xd9\x39\x7e\xe8\x50\x02\x95\xb0\x3f\xb8\xf9\x77\x66\xca\xbf\x3c\x49\xe8\xef\x24\xc4\xf4\x11\xb9\x31\xbb\x39\x55\x4b\xbf\x5e\xf0\x61\x7c\xe0\x41\xcd\xab\x3b\xb9\x56\xe5\x46\xde\x69\xe6\xec\x4b\x52\xb9\xef\x82\xe8\x9f\xc8\xa7\x74\x5f\x7f\xf9\xbc\xf9\x77\x2f\x32\xdc\x97\x7a\x74\x67\x4f\xb8\x26\xf7\x66\x73\xe9\xb5\xa3\xf5\x53\x37\x5e\xdf\x57\x3b\x06\x9d\xfc\x82\x59\x7b\xdb\x53\x6a\xb3\x41\x22\xd3\x82\x75\x09\x73\xb7\xb8\xe3\xe7\xf1\xdd\x38\xd0\xc9\xef\xcf\x5f\xec\x8c\x7a\x05\x9a\x14\x74\xdf\xfa\x19\xc9\x51\xeb\xa9\x8f\x2d\x9a\x13\x9c\xae\xbf\xb5\x55\xfd\xa6\xb2\x65\xab\x37\xb7\x46\x7d\x0e\x63\xd6\x7e\x57\xab\x32\x7b\xfc\xf3\xa9\x54\x41\xef\xfc\xcf\xa7\x8b\x0f\x25\x11\x01\x48\x12\xba\x11\x19\xc2\xd2\xcf\xec\x1a\x6c\x1f\x54\x4e\x61\xb0\xba\x13\xc9\x62\xee\x1b\x17\x94\x39\x99\xdb\xb0\x07\x54\xc8\x5e\x74\xfb\x61\xae\x65\x42\xb7\x1a\xab\xb9\xf1\xfd\x8c\x7f\x71\xeb\x5a\x43\xeb\x9a\x0f\xce\xc9\x1a\x7b\x58\xb1\x6d\x59\xe4\x22\x8e\xae\x07\x45\x22\xca\x5b\xeb\x6e\x6a\xd0\xb1\xc5\x16\xf7\xec\x41\x30\xe7\x25\x5c\x39\x7b\x7f\xff\xce\x71\x19\xb5\x46\x4a\x2e\xdb\x97\x35\x9b\x31\x6f\x0a\xe1\x0f\x39\xfe\xe4\x23\x96\x3b\xe6\x0b\xa3\xac\xbd\xfa\x3e\x6b\x0a\x2b\xef\x6f\x5e\x15\x65\x7e\xe4\x02\x28\x8c\xec\xdf\xfc\xae\x96\x35\x9a\x14\x4c\xdf\x5a\x66\x3b\x63\xa9\x72\xea\x6a\xae\x4f\xc4\x55\x9b\x4e\x59\x1b\x54\x61\xb9\x94\xc4\x9a\xf3\xeb\xc0\xfa\x1b\xb4\xfd\x6d\xad\x50\x0d\x3f\xcc\xf1\x1c\xf4\xa7\x15\x64\xc7\xaf\x7e\x59\xd1\x1a\x54\x5d\xa2\x2c\x2e\xa0\x30\x79\xbb\xcb\x22\x0d\x42\x1a\xd9\x20\x9c\xb5\xe1\x4c\xfb\x5c\x20\xb6\xf1\x52\x1a\x92\x3e\x29\xe3\x76\x70\x43\xfe\x7a\xbb\x44\xc7\xd2\xf1\xff\xea\x61\x08\x49\x84\x69\x7d\xca\x09\x04\x53\xe5\x24\x63\xe3\xee\xf7\x4b\xd3\xe2\x35\x1d\x7a\xef\x33\xe6\xca\x99\x7e\xdf\x52\x88\xe9\x9f\xf3\x6d\xbe\x5d\x79\xae\x00\x51\xff\x97\x03\xb4\x9d\xa5\x67\x4f\xcb\x78\xe1\x5a\x15\xac\xe6\x94\x0f\x0c\x6e\x84\x86\x34\xf2\xc7\x53\x18\xa0\x70\x18\x9a\x6b\xaa\xb5\x60\xc7\xef\x0e\xeb\xf2\x43\xf1\x6b\xca\xa5\xf2\x3f\xeb\x91\x2e\xcb\x31\x7a\xf1\xcf\xf7\x4c\x72\x35\x6c\xdf\xe4\xae\x85\xda\x31\x42\xda\xb5\x26\xf7\xa5\x7e\x3c\x56\x6c\xee\x8e\x72\xd6\x43\xff\x1c\x2f\xad\xf0\x4e\xf6\x52\xd9\x56\xb5\x3f\x6c\x4e\x73\xea\xb4\xdd\x4b\xc5\x6c\x93\x5c\x0f\x54\x49\xbc\xfe\x9b\x47\x6e\xc1\x44\x7d\x51\x97\x50\x59\xec\x42\x39\xba\xe6\x9b\xd9\xa7\x65\x94\x93\xc1\x13\xf9\x02\x61\xc6\xd2\xdb\xc5\xd0\xf9\xcc\x07\xd8\xc6\xc9\x93\x17\x6e\x6a\x7a\x5f\x33\xd1\xf4\xa3\x22\xec\xf7\xb3\xff\x1b\x47\xc3\xe6\x6b\x27\x82\xe1\xe4\x22\x16\x21\xf7\x08\xee\xf7\xbc\x0b\x14\x92\xf5\x65\x74\xa8\x27\x6d\x50\xc2\x97\xf6\x72\xee\x29\xdd\x0e\x66\xe7\xef\x88\x31\xe4\x2d\xcb\x23\xe3\x8b\xff\x07\xdb\x06\x93\xde\xd8\x4e\xbe\xc2\x76\xa9\x5a\x78\x85\x5d\xc0\xb3\x08\x15\xf3\x66\x2f\xaf\x84\x29\x17\xb2\xd3\x86\xdd\x3b\xec\xc2\x66\x71\x6c\x88\xba\x79\x83\xc5\xd4\x66\xc5\x78\x3b\x6a\xcf\xa9\x46\x93\x8a\xfd\x62\xf5\x7f\xbf\x4f\xa9\x5d\x6f\x74\x15\x51\xfb\xf3\x8c\x2e\xfc\x1e\xca\x21\xf8\xe8\xd6\x8f\x85\xad\x9d\x38\x66\x3b\xec\xe0\xbd\x9f\x8e\xdb\x86\x56\x72\xbf\x66\x8c\x0d\x67\xe3\x83\x73\x1a\x8e\x98\xb1\x57\x45\xb6\x95\x50\xc4\x6b\x7b\x46\xbf\xba\x17\x3e\x94\x26\xe8\xcb\x59\x62\xcb\xa7\x6a\xbd\xc9\x31\x4d\xbe\x1c\xb3\x45\xa0\xf9\x20\xc1\xec\x8b\xaa\x62\x21\x5b\xfd\x92\xaa\x34\x64\xe9\x93\xea\x81\x46\xef\xa1\x7a\x29\x15\x7e\x77\x51\xc6\x7e\xbb\x7f\xff\x3e\x3c\x54\x6f\x44\x79\x46\xed\x97\x3d\x17\x42\xbb\xc4\x4a\xac\x3a\x21\xc9\xbb\x1a\x82\x22\x13\xb1\x97\xb4\x19\x15\xc3\x75\xd4\x85\x04\xf7\x35\x63\x43\x6c\xa1\xab\x54\x05\x3c\xef\xce\x9d\x44\x67\xe9\xdc\x27\x4b\x81\xfa\x33\xf8\x72\xcf\xe1\x31\xff\xee\xc8\xab\x57\xd6\xbf\xa1\xb7\x6a\xed\x12\xcf\x69\x8c\x67\xab\x3b\x41\xa7\x1d\x23\x5f\xdd\x68\x38\x68\xd2\x6c\xa9\x9b\xcf\x44\xf1\x27\x3a\xb3\xcb\x38\x3d\xc9\xdc\xc5\xf8\x62\x7b\xd1\x9b\x2a\xc0\x78\xee\xdb\x8c\x8a\x3d\xb3\x39\x52\x5f\x7e\x35\xde\xcf\x4e\xb9\x9a\xd3\x49\x98\xf2\x5c\x62\xe1\x13\xc3\x86\x6c\xc4\x5c\xae\x8a\xe1\xcd\xbf\x01\x58\xeb\xa0\x93\x6a\xf8\xf6\x84\x67\x4b\x79\xee\x94\xfa\x6f\x93\xa1\x99\xc2\xfd\x0e\xf9\xa1\x86\x3c\xe5\x62\x87\x95\x74\x52\xcd\xed\xef\x67\x43\xfc\x9d\x15\x30\x2f\xa7\x97\xd8\x86\xea\xd5\xeb\xbc\x9b\x34\x5a\xfb\x23\x64\x11\x72\xb6\x0e\x77\x18\x97\xbc\x5e\x82\x89\xce\xb1\xeb\xfd\x34\xe1\xa8\xbd\xa8\x60\x11\x5f\x18\x3d\xab\xf1\xc5\x29\x2d\x06\xee\x60\x93\xef\x59\x1e\x5b\x61\x7f\x4b\xcb\x2f\x9f\xd4\x3a\x5b\xcf\x8b\x80\x37\x31\x13\x48\x8a\x72\x2d\x9b\xe6\xb8\x1f\x75\x77\xa0\xe3\xb6\xc1\xe4\x2f\xc6\x80\x4b\x45\x93\x25\xfe\x72\xc3\x9a\xec\x5e\xa6\x74\x35\xc0\x9e\x5a\x6f\x71\x43\x20\xfe\xd9\xfd\x53\x4f\x67\x17\xef\x32\xc8\xdb\x6d\x7c\xbe\xcd\xb7\x15\xb5\x37\xb6\x08\xf3\xf0\x6b\xe0\x76\x64\x3f\xf1\x13\xf2\x66\x13\x8b\x9a\x76\x17\xe8\x6c\x14\x6d\x74\x5b\xd1\xc7\xda\x3c\x15\xb8\x77\x78\x7f\xa3\xcf\x45\x45\xa3\x50\x84\xc7\x21\x2e\xd3\x00\x6a\xd6\xa9\xea\x81\xd6\xe5\x96\xf9\x4c\xd0\x9b\xbc\x09\x65\x45\xb6\xe9\x39\x54\x79\xb2\x11\xc6\x74\xc4\xfd\x7e\x85\xc3\xe7\xf7\x77\x48\x74\x33\xca\xb1\xac\x69\xf6\x97\x94\x54\xb1\x25\x98\x27\xf2\x00\x2a\x92\xe2\xbb\x7f\x9a\x44\xae\x16\x8f\x87\xf8\x78\x4a\xe6\xfb\xe3\xcc\xa9\x36\x68\xe2\xe4\xab\x76\x81\x4a\x82\xec\x97\x85\x25\x32\x67\xe2\x28\x68\xa9\xd9\x9e\xff\xb9\x57\x82\xe6\xb2\xc5\x9d\x51\xde\x92\xb8\x9e\xa8\xd9\x9d\x7a\x16\x82\xca\xfd\xc6\xf1\x53\x57\x6b\xc5\x0a\xcd\x75\x8e\x84\x5a\x24\xc1\x7b\xc8\x97\x76\xc6\x26\xf2\xe4\x1f\xa7\x0a\xcc\x73\xc5\x95\xd2\x2c\x39\x85\x7e\x1e\xe1\x9b\x19\xc5\x82\x8a\x88\xfc\xe2\xd3\x57\x42\x79\xdf\xe6\xc5\xbd\x14\xf4\x52\xeb\x01\xa7\xfc\x17\x13\x96\xcb\xae\x5e\x3c\x37\x89\x76\xfd\xcf\x8c\x86\x7b\xf4\xbc\xd9\x5d\x65\x0a\x36\x0d\xcf\x1a\x53\x68\xeb\xeb\x41\xf0\x8f\x73\xc6\x68\xac\xa6\xb7\xfc\xf5\x79\x6e\xcc\xd2\xcb\xed\x4b\xf2\x51\x08\x32\x85\x78\x95\xcf\x6b\xde\x47\x6a\x5c\xc3\x55\xd0\x50\x12\x45\x89\x32\x7b\xc9\xcd\xae\x6a\x8f\xb1\x48\x7f\x7b\x72\xd2\x2d\xee\x1c\x7e\x6c\x74\x2a\x94\xf2\x86\x90\x2c\xc9\x74\xc6\x44\xe1\xca\xd9\x2e\x58\x34\xbb\xf1\xa5\x5e\x49\x2b\x4d\x84\xfb\xa2\xde\x31\x06\x8d\x90\xde\x93\x01\x18\xb3\x35\x4c\x7c\x8d\x00\xa3\x5b\x70\xa6\x23\xfd\xe0\x8a\xcd\x06\x1a\x33\x7e\xd6\x7c\x40\xf0\x9b\x52\x90\x63\x49\xbf\xfe\x13\x5b\xd2\x4f\x9d\xee\x58\xfc\xe2\xd2\xdc\xc5\x2c\xe2\xe5\x5a\x30\xdc\xea\xef\xad\x52\x46\xd8\x9f\xb8\x6b\xf5\xbe\xd0\xfb\x99\xec\x88\x4d\x71\x21\x8d\xcc\x18\xf1\xf8\xfe\xbe\x33\xd4\x6c\xbc\x4f\x1f\x0b\xbe\x9f\x5d\x29\x9f\xad\xc3\x24\x56\xd2\x95\x0a\xe5\x7b\xa0\x37\x66\x6c\xf8\x6b\x53\xee\x4c\x15\x9f\xff\xee\x42\x52\xd7\x42\x68\x8d\x87\x2e\xc9\x57\xd1\x36\x04\x81\x25\xdd\xe5\xbd\xe7\x2b\x2d\xe9\x16\x6e\x5d\x09\x9a\x05\xdf\x4d\xb8\xe0\x31\x49\x4b\x95\x27\x60\xf7\x42\x42\x08\xd1\xf9\x5b\xb6\xfa\x48\x68\x8f\xb3\x34\xd6\x84\xd0\xee\xce\x9f\xc4\x5f\x4d\x09\xf7\xf4\x11\x5b\xe6\x45\x59\xab\x03\x4c\xb3\x9d\x4b\x4a\x60\x86\x11\xc4\xf3\x9d\x0a\x09\xb1\xdc\xac\x82\x3f\x4f\xd6\x19\x9f\xca\x09\x49\x44\xf8\xc1\xcc\x55\xcb\x37\x87\xf7\x22\x23\xb8\x7a\xee\xc6\x2e\xa3\xec\xb5\x44\xfc\x44\xf6\x6f\xe5\x42\xc3\x46\xad\x51\x62\x4f\xe0\x37\x4d\xc0\xd6\x6f\xe9\xaf\x47\x02\xd7\xc9\x15\x34\xb0\xf2\xd5\x58\x54\x45\x26\xda\x02\xd3\xdb\x60\x30\x7a\x3a\x26\xbe\xfe\x58\x15\x9f\xdd\x7a\x8b\xea\xfb\xda\x12\xef\x85\x41\x0e\x3f\x97\x93\xa1\x83\xc4\xbe\xef\x0e\xb2\x63\x8c\xce\xcf\xd0\xe1\x38\x9c\xf2\x27\xd2\x13\x49\x65\xa2\x29\x77\x55\x7e\xf0\xbf\x6c\xf5\xd2\xcd\x31\x6f\xf3\xfe\x77\xd6\xf4\x53\x1e\x4f\xd5\x7c\xe3\x41\xc4\x60\x5a\xd0\x5d\xa2\xbb\xe7\x80\x7b\x4e\x72\x31\x7c\x96\x07\x86\xe4\x66\x6f\x54\x9a\x28\x65\x68\x2a\x84\x62\x53\xa5\xc8\x89\xc6\xfc\x99\x04\xeb\xa7\x7c\xcf\x2a\x9b\x45\x2b\xce\x44\x67\x39\x41\xc9\xe9\xe5\x4b\x94\xf3\xb5\x24\xbd\x8f\x1f\x1f\x03\xc1\xe2\xf6\xcf\xd9\x7c\xfe\x9e\xcd\xe3\x91\x77\x9f\xd4\x91\xb5\x35\x50\x22\xd4\x7f\xc6\xfd\x44\xeb\xf5\xf0\x64\xc2\x3d\x04\xd1\x4e\x0c\xca\x9f\x49\x0d\x56\x8c\x96\x2d\x2f\xc7\x0b\x69\xf6\xad\x2f\xcd\xf6\x23\xe6\x48\xf6\xed\x7f\x72\xbd\xa7\xb6\x3e\xc3\x08\x82\xb0\x1a\x63\xfa\x92\x1c\xb2\x7f\x90\x5b\xbf\x37\x08\xe2\xc5\x62\xd9\xe7\x1f\xf1\x45\xfd\xce\xb2\x8c\xfa\xb1\x0b\xed\x67\x19\xb0\x76\x71\x2b\xde\x44\x83\xf7\x96\x73\x2b\x77\xa3\x03\x05\x19\xea\x6b\x64\xad\x42\x40\xa9\xe7\xa5\x48\x39\x42\xd5\xa8\x18\x3d\x44\xe5\x73\x89\xdf\x86\x01\x44\x51\x06\xcd\x44\x65\x71\x47\xf4\x33\x13\x07\xa2\x93\xd0\xdd\x6a\xc7\x31\x77\x42\x77\x82\xf6\x7d\x25\xdf\xaf\xf8\x37\x96\x8a\x07\x6c\x42\xdc\x97\xb6\x68\x75\x7a\x09\x07\xcf\xc1\x28\x13\x0c\x90\xc6\x63\x2f\xa2\xe9\xce\x17\x5e\x28\x87\xc6\x7b\x7d\x38\x95\xd6\xea\x00\xd7\x4a\x72\x98\xbd\x75\x8e\x40\x4a\x1a\xa2\xe8\xb0\x08\xc7\x71\xb4\xd7\x8c\xca\x2b\x9b\xd9\xd0\xdf\xf7\xd0\xad\x9d\xa0\xb6\xb8\xcf\x45\xd4\xb1\x8d\x42\x59\x35\x2b\x55\xf9\x49\x38\xbf\x73\x72\x71\xc9\x15\xe8\x4f\xc7\x20\xb1\x78\x10\xce\x91\x87\xba\x14\x1c\x88\x18\xb6\x96\xdb\xfe\x5c\x84\xea\xaa\xc4\x4a\xdc\xcf\x70\x64\x89\x52\xb1\xf0\xe5\x91\x26\x60\x4c\x85\x10\x4d\x7f\xde\xb1\x50\x92\x88\x94\x21\x6c\xe9\x79\xf0\x83\xa0\xcc\x3c\xcf\xed\x04\x03\xd1\x29\x4e\x7f\x82\xfe\xbd\xc2\x57\xc7\x41\x20\x14\xcb\xe3\x91\xab\xb9\xfa\x57\xd4\xab\x3f\x6c\xc9\xf2\x3f\xcb\x40\xb8\xc4\x4a\x95\x2b\xdc\x3f\x5b\x1e\xee\x39\x92\xc7\x45\x79\x9c\x8a\xfc\xc3\xff\xcf\xbe\x4c\x47\x94\xd0\xb8\x2f\xff\x29\xb4\x8f\x3c\x17\x3c\x8c\xf3\x45\xa7\xe9\x34\xba\x27\xf9\x7e\xf2\xa6\x4f\xd4\x95\x87\xc8\x0e\x0a\x89\x14\xe4\x0d\x25\x9b\xcb\x71\x3a\xbe\x82\x3f\x34\xf1\xf3\xfa\xf5\x50\xc9\x79\x2d\x73\xdc\x0f\x99\x29\x05\x1b\xa0\x9d\x85\x69\x5c\x20\xa9\x34\x46\x21\x76\x97\xef\x8a\x69\x62\x0d\x27\xd0\x19\xba\x1a\x76\x86\x20\xac\x3d\x52\xb4\x54\x05\xbd\x3e\x4f\xcc\x83\xee\x3e\x5c\x40\xa9\x8d\x95\x29\x0e\x4b\xa2\x7d\x3f\x54\x72\xd5\x49\x6b\x4e\xdd\x46\x8e\x08\xf7\xb7\xc6\x43\x52\xbb\xa9\xe7\xda\xf3\x56\xd3\x4a\x76\x73\x8a\xc1\x03\x2d\x9c\xdf\x78\x7c\xb2\x5f\x7a\x77\xaf\xbd\x61\x60\x96\xc4\xfc\x60\xd1\xe0\xcd\x22\xb0\x2b\xc7\xc8\xea\x15\x52\x55\x2b\xf1\xd2\x01\x42\x82\xdc\xa1\x5b\x87\x1c\x4d\xd4\x58\x1f\x78\x4d\x66\x9f\x32\xed\x57\x38\xc7\x78\xda\x0b\x93\xe5\x9c\x2a\xd0\x23\xa2\xef\x9e\x54\x4e\xdb\xb2\x1b\xba\xf1\x8a\xa3\xf6\x78\xd2\x3b\x06\xf7\xaf\xac\x21\x91\x82\x68\x7a\x25\x3e\x5f\xbf\xfa\x41\xa9\xbb\xd0\x52\x09\xcf\x6e\xdc\x19\x86\x0b\xe3\x87\x02\x0b\x19\xf3\x72\x04\xc9\xc1\xd0\x0a\x68\x4f\x04\x18\xc3\x20\x30\xb8\x54\x4e\xfe\xc8\x7a\x8f\x20\xa2\xf9\x60\x64\x77\x0e\x35\x88\xb1\x2c\x1d\x6b\x1d\xd6\x97\x02\xfe\xc0\x3b\x00\x36\x01\x50\xcf\x49\x12\x69\xbd\x5e\x7a\x89\x4e\x1b\x9e\xa6\x9c\xb3\x4e\x5e\xc7\x23\xdd\x09\xe6\xf7\x6c\x67\x33\xf0\x3e\x3f\xf9\x82\x1d\xee\x16\xfa\xf3\x7c\x53\xa8\x4f\xef\x0a\x10\x88\x9d\x10\x4c\xe0\xfb\x59\x0e\xf2\x85\x4e\xd4\x19\x1b\x30\xde\x9b\x2f\x4a\x49\xbe\xd4\xfd\x96\xad\x6f\x69\x37\xec\xf0\x08\xaf\xf7\xb2\x1f\xdb\x22\x64\xfe\x32\xfa\xe9\x45\xc5\x02\x53\x93\xdb\x8e\x60\x4b\x91\xc2\xac\x9d\xa7\xef\xfb\x2d\xbd\xf4\xf1\xf1\x46\xc7\x83\xc4\x2c\x6f\x5b\x2c\x8c\xf0\x18\xc5\xdd\x6e\x0b\xf6\x60\x13\x8e\x67\x2d\x24\xb6\x15\xa1\x61\xbf\x77\x7e\x03\x21\xf8\x14\xb1\x65\x68\x48\x36\xdf\x86\xaf\x23\xb4\x80\x23\xec\xdd\x68\xd6\x39\x23\xd4\x06\x10\x77\xaa\x34\xb4\x71\x09\x1c\xc1\x09\x02\xd0\x4f\x78\x2c\xd8\x28\x77\xe3\x94\xd3\xcf\x87\xad\x7a\x2c\xf2\x2a\xbf\x48\x8b\x7a\x53\x51\x82\xc4\xcd\x81\xe7\xce\xd1\xb5\xf7\x88\xd9\x5d\x8a\x01\xa0\x01\x28\x4e\x7c\x3e\xbe\x51\x6b\x33\x70\x43\x09\xe6\x53\x69\x16\x95\x7a\xaf\x3d\xae\x1f\x67\xfa\xcb\x6d\xe4\x67\x19\xb6\x6b\xb6\x68\x1b\x6d\xc3\x78\xc5\x19\x33\x5a\x1f\x6b\xba\xe2\xc6\x4b\x22\x40\xd3\x84\xac\x9c\xcc\x13\xbd\xed\xe0\x9e\xf7\x53\x5a\x5d\x65\xc5\x99\xfb\x33\x1a\x9e\x7e\x22\x6f\xde\xc4\x37\x2a\x56\x9e\x91\x70\x00\x7e\x07\x20\xdc\x95\x72\x32\x01\x9c\xfb\x1d\x54\x9f\x34\x4c\x13\x71\xb5\xbe\xcd\xd2\x35\x4d\x9c\x58\x0a\xc3\x90\x46\x78\xf0\xea\x33\xff\xf5\xb0\x10\x23\xf4\x56\x9f\x47\x28\x98\x4b\xfc\xe6\xd9\x9a\x7d\xe6\x80\x7c\x20\xdb\xae\x0f\xd3\x3d\xd8\x13\xbd\x8d\x3f\x77\x11\xa8\xfa\x65\xce\xb9\xee\xdc\x5e\x48\x30\xb0\x9d\x89\x69\xde\x70\xc5\x55\xd6\xd7\x1b\xd3\xec\x1c\x02\x1b\xb0\xbb\x75\x2b\xbd\xa1\x13\x84\x30\xcf\x0c\x71\x4f\x0e\x2d\x6b\xd1\x8e\x3c\xfb\xee\x7b\x45\xc9\x75\xba\x1f\x07\x63\xcb\x60\x74\x9e\xdc\x2f\xfe\xfe\x4e\xd3\x3e\xd3\xc8\x3c\xdd\xfe\x92\x70\xfb\x07\x47\xa5\x6d\x75\x67\x40\xbb\x00\xd9\xe2\x8d\xd9\xa8\xd3\x78\xd0\xb9\x8d\x98\x30\x07\xd8\xa8\xc5\x01\x36\x3c\xee\xf5\xa2\xf8\x82\x14\xb8\x70\x0f\xf2\x9d\xb6\x1b\x4c\xb7\x87\x01\x9f\xaa\x6d\xdf\xb6\x51\xc9\x01\xd3\x87\x3e\x33\x6e\x44\x9d\x9e\x3e\xb8\x53\x82\x9d\x49\xf5\x89\xf3\x7d\x69\x84\x89\x7f\xc5\xe3\xae\x9d\xf5\x20\x26\xd7\xaf\x34\xca\xc1\x65\x87\x5f\xcb\x3c\xc8\x91\xe7\x43\x1c\xdf\xdf\xf9\x2b\xe1\x1b\x40\xc1\x0e\x18\xec\x5c\x62\x9e\xad\x8f\xa7\xf6\x26\x98\x96\x06\x48\x84\xa7\xfd\x48\x3e\x6b\x9c\x69\x99\x15\xf6\x8a\x8c\x3c\xa0\x18\xec\x1f\x76\xe5\x35\x01\x10\x6a\x78\xc3\x78\x2d\x33\x78\x4f\x8c\x3e\x03\x86\xd9\xaf\x4d\x16\xd7\xf9\x61\x2e\x39\xff\x2c\x02\x9e\xb3\xf7\x44\x0a\xb3\x25\x38\xbc\x37\xfd\xaf\x97\x91\xcc\x70\xa8\x3f\xdb\xee\xf2\xc2\xdf\x57\x97\x4e\xd0\x64\x4d\x1c\x1d\x04\xf9\xe0\x32\x04\x26\x38\xbd\xcd\xe3\xd5\x11\xd8\xc7\xc9\x99\xb2\x07\xcc\xb9\xec\xfe\xfc\x34\xef\xf8\xd4\xed\x06\x8d\x0c\xe1\xfe\x30\xa5\x1f\xef\xc4\xf8\x11\xc7\xc7\x37\xc7\x11\x0a\x00\x42\x43\x73\x80\x15\xa1\xbf\x7f\x22\xaf\x9d\x11\xfa\xdc\xf3\xe4\xb1\x87\xa5\x40\xcc\x58\x87\xf3\x42\xb4\xe1\xeb\x14\x61\x63\xe0\xb8\x6f\x39\xe4\x7e\xef\x25\xf7\xd4\x50\x48\xdd\xa8\x3b\x73\xdc\x9c\xb6\x34\x13\x2e\x5a\xb5\x16\x82\x37\xce\x11\x03\x28\xc6\x63\x09\x8d\xb3\x9c\x1b\x5a\xf3\xb4\xcf\x04\x00\x85\x81\x61\x27\x33\x87\x35\x87\x33\x52\x1b\x1d\x8d\xa3\x9b\x91\x52\xf9\xad\x71\xf1\xf2\x09\xf4\xce\xdf\x7b\xdb\x27\xfc\xcc\xc7\x32\x6f\x5b\x23\x62\xdd\x19\x00\x95\x18\xe4\x0a\xc2\x05\xc7\x26\x1c\x1e\xd8\x71\xde\x8f\x48\x18\xa6\xe9\xb9\x8b\x82\xfa\xeb\xa9\xfa\x70\x88\x7d\xc6\x5a\xb4\xb3\x42\xf5\x3a\xc3\x2e\xec\xb2\x83\xcc\x3e\x8a\xaa\x73\xce\x12\xed\xbb\x0e\x99\x3b\xc0\x34\x2a\xe7\x46\x6d\x5f\xe1\x04\x10\x84\x81\xe9\x8a\xf3\x5c\xa7\xea\x8a\x39\x69\x0c\x9c\x29\x97\x9f\xfc\x6c\x69\xfc\x6f\x86\x8a\x5e\x85\xb8\x4a\x0e\xa8\xbe\x07\xcc\x12\xb2\x73\xf3\x5d\xf3\x94\xc8\x89\x95\x21\xe8\x7e\x99\x25\xeb\xd6\x3f\x6b\x4e\x68\x82\x3e\xa2\x27\xa3\x63\x3b\xc5\x63\xe6\x20\xfe\xab\x2f\x2a\xdd\x34\x75\x53\xdf\x24\x3a\x26\x20\x53\x8a\xfc\xc2\x13\x1e\xa9\x83\x69\x29\x60\xc0\x8e\x2c\xfe\xac\x77\x2b\x9f\x27\x14\xc8\x01\x46\x40\x40\x92\xc3\x3c\x9f\x26\x5e\x6a\x7b\x4e\x48\x1f\x7d\x44\xb7\x1a\x6f\x0d\x1b\x25\x13\x5d\x38\x43\x3c\x93\x00\x03\xf4\x0c\x40\x3e\x05\xe1\xec\x79\x99\x5e\xa1\xf9\x4e\xd0\x31\xc1\xf4\xf8\x4d\xe7\x36\x7b\x97\xa3\x2b\x8f\x8c\x07\x36\x55\x3f\x8f\x96\xbe\x18\xef\xe3\xba\x58\x4d\x07\xbf\x5a\x77\xfe\x69\xfa\x02\x81\xb9\x41\x90\x46\xc4\x73\xa0\x75\x5b\xf2\xbb\x8f\x42\xe6\x06\x05\xf6\x35\x26\xe0\x79\x80\x20\xb4\xfa\x6c\xe7\xc7\x29\xde\x09\xa0\x73\xda\x57\xc9\x1f\x68\xd1\x35\x70\xc3\x77\xac\x95\x35\x1f\xac\xab\x9d\xa2\xbe\x99\xe2\x99\x90\x42\x46\xa7\x00\x88\xb3\x1d\xdf\x08\xdc\xa9\x89\x9e\x00\xe0\xc9\x81\xbb\x07\xa0\xa3\x51\xa4\x71\xd2\xe1\xcb\xa4\x08\xae\x9f\x9e\xc2\x0b\xef\xcd\xa3\xac\x6d\xdf\xa4\xd3\xe5\xae\xf0\xf3\xf7\x2e\x79\xcf\x1f\x32\x83\x29\xed\x75\x9c\x8c\xf0\xd8\xf7\xd9\x0c\x29\x7e\x1c\xba\x3d\x34\x00\x10\xf7\x1e\xec\x2f\x0a\x77\x43\x65\xe6\xa5\x7d\x97\xa7\x09\x61\x28\x32\xfe\xf9\x3c\xe9\x66\x21\x17\xaf\x1d\x62\x98\x93\xde\xba\x46\xfc\x1c\xa2\x77\x6d\x92\x88\x6c\xa8\xf2\x3c\x33\x7d\x87\x80\x3c\x13\x41\x25\x2d\xdf\x97\x3c\xec\x07\xf0\x01\x73\x11\xe0\x5e\x09\x72\x66\xfd\x86\x6e\x9d\x09\x41\xe0\x3c\x96\x25\xb6\x31\xe1\xec\xfb\x34\xee\xbb\x05\xda\xfd\xf6\x0d\x3f\xc3\x66\x7a\x6c\x69\x40\x90\xe4\x3a\x11\x26\xac\x28\xb1\x48\xad\xe7\x48\x3a\x02\x60\xc2\x72\x3b\xfd\xde\x6a\x79\x87\x00\x20\xa1\x00\x73\xd3\x18\xbc\x37\x88\x56\xf5\xad\x66\x35\x03\x90\x73\x8c\xad\x8c\x40\x20\xa2\x49\x5d\x13\x67\x5f\xef\xba\x3c\xb8\xc7\x78\x46\x40\x94\xb8\x7d\xdf\x6f\xd5\x4b\x8b\x90\x75\x02\x84\x97\x32\xcc\x8d\xda\x0b\xf1\xaa\x19\xfd\xe7\x1c\x5f\x62\xce\x9d\xe5\xa9\x34\x93\x35\x13\xc4\xe6\x3e\xed\xc7\xfa\xcb\xa5\x78\x29\x5c\xfc\x93\x4a\x7d\x0f\x0b\x82\x3c\x86\x9a\xa4\x14\x4b\xf6\xf9\x0c\x7b\xbb\x2c\xcb\xb6\x01\xf0\x7c\xd2\x34\x7b\xed\xe6\x89\x8e\x72\x6b\x31\xcc\xbd\x67\x10\xa1\xfa\x04\xc8\x80\xfa\xae\xf8\x9d\x7e\x86\xfd\x63\x21\x00\x6a\xb6\x78\x65\x3b\x57\x88\xc9\x5b\xa0\xfd\x88\xd9\xc1\xbc\x03\xc0\xb4\x3b\xb8\x94\xf7\x56\x61\xcb\x26\xd0\x34\x02\x01\x29\x0a\x6e\x84\x05\x8a\xb1\x50\x6f\x71\x17\x22\x1a\x67\x83\x4c\x22\x76\x6d\x17\x69\xee\xfc\xfe\x6a\xcb\x03\xe5\x23\x36\xb3\x5d\xe6\x69\x12\xa5\x73\xf5\x67\xc5\xb4\x24\x11\xd1\xa7\x22\xb9\x1a\x66\x00\x8c\xd9\x07\x7b\xbc\x83\x85\x6e\x84\x6f\xb7\xb8\xdb\xce\xeb\x77\x9e\x01\xf6\xc1\xc9\x58\xb6\xbe\x7b\x04\x45\xbd\x12\xbd\x60\xb8\x8e\xf9\xe0\x65\x84\x70\x53\xdd\x81\xcb\x80\x24\x0d\xa0\x98\x35\xa4\x08\x00\x50\xdf\xf7\x2d\xd3\xca\xf6\x05\x82\x1d\x10\x00\xc0\x1d\x80\xd1\x07\x4c\x48\x02\x5e\x34\xe0\xb4\xe2\xe4\x3d\x4b\x95\x29\xa1\x43\x3c\x13\x4b\x5a\x3d\x31\xf5\x77\xe6\xa8\xc8\x8a\x3b\x61\xb9\x8b\x69\xdf\x20\x9d\xeb\xde\xef\x8b\xb2\x61\xbb\x60\xa8\x65\x22\x47\x38\x68\x10\x3d\x49\x9a\xeb\xb6\x6b\x9f\xe4\x0d\xe7\x8c\xd8\xe9\x94\x21\x88\xfd\x66\x00\x1b\x06\x39\x17\x04\xc3\x73\x67\x6c\x8a\x72\xbe\x95\x13\xcd\xfb\x0c\x84\xb3\x0a\x71\x26\x1d\xd7\x6a\x7a\x13\x9a\x9d\x02\x84\xe8\x73\xc0\x4e\x00\x5c\xed\x45\x94\x96\x29\x6d\x3b\x01\x19\x02\x90\xa8\x93\x6e\x5b\xee\x78\xce\x71\x90\x9f\xc7\x10\x6e\x7e\xcb\x52\xc1\xdc\xae\xb1\x87\xcd\xc2\xf7\xd0\xf2\x66\xf6\x41\x23\xbb\xff\x40\x24\xe5\x49\xfb\x28\xd1\x15\x14\xfd\x38\x4f\x72\xfe\x04\x7d\xc4\xcc\x51\x77\xa2\xa6\xe5\x26\x76\x91\xf2\x34\x93\x27\x7a\xd7\xb6\x27\xc9\x64\xdd\x79\x25\xad\x72\xa0\xf9\x0c\x41\x0d\xe8\xe6\x06\x08\xcd\x00\xaa\x63\x26\x5a\x9f\xf5\x24\xc3\xb5\x3a\xb8\x21\xc3\x36\x7d\xd9\x21\x4c\x13\x7a\xcf\x82\xd5\x24\x05\xab\x3a\x39\x18\x66\x33\xad\x60\x0e\xa6\x37\xc3\x0c\xb5\x10\x34\x99\x2e\x3c\x79\xc0\x43\x45\x6e\xad\x1d\x20\xd1\x0e\xb6\x5d\xd0\x6b\x3b\xbe\x35\x31\xa7\x4e\xdb\x30\xb8\x82\xd4\xf9\x5e\x5d\x26\xe8\xd2\x18\x85\xc6\x84\x47\xfa\xd7\x79\xaa\xbf\x5a\x06\xe5\x45\x46\xdd\x38\x71\x25\x8a\x04\x6b\xcd\x91\xfb\x20\x3c\xd7\x34\x05\x4f\x4a\x43\xd9\xd3\xea\x99\x89\xde\xea\x05\x61\x37\xde\x6b\xd7\x08\x21\x56\x3a\xec\xcc\xe6\x69\x22\x25\xbe\xdd\x00\x76\x09\x60\x81\x0d\x20\x49\x4d\x58\x74\xb9\x92\xba\xf2\x14\x44\xea\xda\x46\x4f\xcd\x0e\x73\x1c\xb9\x36\xd7\xea\x9c\xab\xf3\x9c\x54\xf0\x82\x70\x51\xb1\x6e\x03\xf2\x34\xd1\x34\x60\x83\xe8\xa7\x14\x20\x7b\x4d\x9e\x0e\x50\x3c\x6c\x0d\x76\x80\xb8\x39\x50\x3b\x7f\xef\xec\xe6\xc4\xc0\xa5\xdd\x05\x0a\x0d\xdb\xde\x6f\x7b\x49\xf8\xdd\x9b\x15\x66\x41\x9b\x35\x20\xf1\x27\xde\xb4\x4c\x94\x62\xef\x7f\x7c\x5a\x44\x32\xc9\x94\x66\xcf\x73\x78\x29\x1c\xe7\xc7\xca\x46\x16\x10\xb2\x0f\xbd\x9b\x28\x79\xa3\xaf\x9f\x04\x69\x3f\x80\xcd\x22\xb9\x51\x1d\xe2\x5b\x95\x9f\x0f\x31\x66\x98\xfb\xbe\xe7\x7d\x4f\xe6\x3d\x1d\xa7\xbd\x27\x2d\x4d\x10\xfa\xfa\x18\x7c\x89\xcc\xb1\x6e\xc5\x6a\x40\x17\x17\x74\x5c\xd7\x0b\xe3\xed\xdb\xdb\x14\xc3\xa2\x5f\xb0\x67\x84\x60\x8f\xfd\x97\x56\x92\xea\xbb\xcd\x1b\x63\x80\x6e\x24\x98\x1e\x29\xcb\x5d\x4d\xad\x75\x60\x0a\xe5\x02\xfe\xbe\x19\x3e\x4e\x13\x54\xcd\xc9\xc1\x7c\x8d\x04\x60\x4b\x82\x06\xfd\xe1\xe8\x61\xf3\xeb\xbd\x72\x1c\x3d\x0a\x90\x9d\x3f\x49\x36\xd1\x74\x78\xef\x00\x22\x79\x6c\x9b\x52\x4b\x79\x04\xce\xb8\x37\x85\xe8\x86\x91\xc7\xd1\x44\xb3\xae\x6a\x9b\xc9\xe6\x2b\x6d\x79\x53\xec\x79\xe1\x04\x31\x4d\xd3\x54\xb6\x73\xf7\x3e\xba\x1d\x08\x5a\xcc\x12\xea\x2d\xc5\x12\x42\x6f\xd8\x98\x39\x77\x0f\xa8\x7c\x1c\x56\x94\x22\x2f\xad\xae\x09\x9c\x96\x75\x90\x19\xf3\x1f\xb7\xeb\x60\xc0\x9e\x4e\x68\xcd\x33\xd3\xd2\x24\x85\x11\xfe\x7c\x6e\xbd\xdb\xed\x3c\xf3\x53\x5a\xee\xde\x3e\x47\x7c\x33\xd2\x2c\xcd\x9c\x55\x83\xe0\x8d\x0e\x81\xf5\xab\x4b\xe5\xb8\xd7\xa5\xd6\xc3\xca\x30\x37\xe1\x1d\x78\xc4\xde\x65\x34\x4d\xf3\x0f\x6e\xbd\xd9\xee\x8a\x35\x5a\xbe\x93\x5b\x35\x8c\x5d\x55\xa9\x2d\xcb\x11\xa1\x38\x02\x9d\x07\xb9\x94\xb9\x58\x4a\x80\x2f\xfa\x83\x33\x99\x38\x23\x56\x26\x0a\x10\x82\xa2\x28\x38\x37\xab\xc7\x64\x2e\xe6\xee\x4b\x5d\x40\x18\x68\xc4\xe7\x43\xad\x04\x90\x5a\x95\x5a\x5d\xdf\xef\x7b\xbc\xf3\x32\x3c\x86\xeb\x46\xbd\x34\x57\x67\x16\x3a\x66\xee\x71\x5c\xd7\x6d\xbb\xb1\x2f\x6f\x3f\x77\x98\x28\x25\x2b\x40\x48\x52\xfb\x99\x69\x57\x70\xdc\x4d\x52\xd7\x00\xa0\x23\x08\xee\x54\xf7\x84\xb8\x78\xfc\x72\xf4\xf7\x07\x81\x9b\x69\xeb\x44\xbe\xa9\xdb\x79\x60\x0c\xb1\xe3\x05\xe1\xef\x11\xfb\xa6\xeb\x80\x35\x8c\x5b\xbe\x2e\xb8\x13\xb1\xd4\x32\x14\x0d\x2f\xcf\xba\x58\x8d\x7f\x48\x82\x8b\xa6\x9f\x93\xc2\x42\xd7\xdf\xf3\x7c\xc2\xbc\xd5\x6b\x51\xee\xf3\x2c\x02\x61\x07\x09\x30\xae\x8a\x38\x55\x6d\x5b\x01\x90\x04\x80\x3f\x79\x7b\x2f\xfb\x97\x1a\xd5\x31\x73\x22\xdb\xba\xef\x06\xc3\xaf\x1d\x11\x87\x65\xd6\x8b\x0c\x52\xc9\xfc\xee\xcf\x33\xc1\x5e\xd5\x9e\xa5\x10\xc3\x2c\x2a\xd9\x94\x40\x08\x73\xa4\x32\x4d\x62\x53\xb3\xe2\xba\x4e\x4f\xa6\x40\x1c\xc6\x33\x53\xb2\x46\xb0\x44\x56\x61\xfc\x6a\xc5\x45\xed\x33\x40\x7d\x07\x30\xc0\x02\x85\x8f\x55\xd2\x33\x43\xb0\x89\xbe\xd1\xa6\xb6\xef\xa2\xd7\x33\xb8\x05\x12\xec\x38\x93\xee\x00\x9b\x19\x88\xfc\xa9\x95\x03\xda\xe3\x81\xc3\x0d\x59\xbd\xc7\x18\xa4\xa2\xd1\x8d\x60\xb4\x79\xfe\x6e\x9a\xa1\xe7\xb6\x96\x6b\x8f\xce\xd1\xb1\x08\xb1\xe7\x1d\x44\x53\xf9\x50\x09\x5c\x9c\xdd\xeb\x06\xb8\x86\x11\x6d\x72\x19\x03\xb2\xd3\x4d\xa2\x0b\x10\x61\xd2\x8d\x00\x39\x18\xd4\x3f\x5e\x6b\x03\xe8\x1a\xef\x45\x13\x1b\xbd\xcd\x09\x4b\x44\x6b\xb4\xfa\x33\xc3\x0c\xc3\xb0\x25\x4a\x9b\x4b\x1f\x7d\xfe\x92\x89\x6a\x80\xcd\x2c\x8f\x83\xf2\x3d\x6c\x67\x4a\x0c\xb0\xfb\xbb\x8b\x91\xef\x73\xff\xed\x47\x71\x9c\x0e\xeb\x94\x30\x0c\x1f\x55\x8e\x83\xf1\xdf\x1a\x04\x19\x00\xc4\x86\x44\xdb\xb2\xcb\xcf\xe4\x56\x6f\xe9\x60\x13\x4f\x3a\x12\xe1\xd9\x64\xbc\xb9\xc4\xdc\x37\xe0\x54\x46\xbd\x45\x9b\x6b\xdc\xef\xd5\x39\x45\x07\xbd\xd3\x73\x5d\x57\x43\x91\x43\x2f\x59\xd0\xb3\x60\x87\xae\xeb\xba\x7f\x2c\xde\xbe\x04\x76\x5b\xe8\x6a\x51\xc1\x22\xa7\xee\xcd\x88\xae\xa6\x30\x0c\x8d\x6f\x6b\x8b\x9c\x11\x93\x20\x9a\x80\x4d\x67\xe6\x87\x22\xf0\xea\xaf\xa5\xfb\x42\x15\x7e\x60\xce\xb0\xf5\x71\x69\xdc\x17\x55\xed\xf7\xa9\xdf\xea\xcd\x1f\x47\xf7\x3e\x9a\x66\x69\x1b\x79\xf4\xac\xd0\x6d\x5d\x37\xc1\xbb\x2c\x46\x91\x1e\xe6\x33\x0b\xf6\x99\x47\xe6\x99\x46\x26\x5f\xab\xa8\x35\xc2\x91\x7d\xa2\x97\xf9\x8a\xa5\xb7\x38\x0a\x00\xac\x11\x71\x20\xbc\x18\x38\x39\x4b\x24\x10\xd9\x66\xaf\x2d\x33\x47\x95\x02\xed\x9f\xe6\xd5\xb3\x10\x3e\x84\xbf\x83\x7e\x65\x48\x5a\xad\x9f\x25\x7e\xca\x7b\x9e\x41\x57\xd3\x20\xf5\xa0\x92\xf5\x4d\xd0\xad\x0d\xe1\xc9\xf8\x77\xdb\x0b\x76\x14\x33\x5f\x04\x41\x8c\x46\xde\x29\xc4\x1e\x9c\x6b\x9b\x1e\x80\xa5\xe4\x1f\xfc\x45\x46\xe9\x62\xff\xd4\xd7\x34\xcf\x52\x5e\x1e\xa0\x15\x4c\xce\xff\x82\xe2\xc1\x71\x96\x24\xa1\xe7\x91\x80\x40\x71\x22\x08\xf7\x21\xa2\x11\x80\xa6\x7b\x6c\x22\xbe\xf2\xb5\x8f\x2c\x47\xee\x53\x62\x47\x56\xc4\x1f\x55\xe3\xd7\x0b\x6b\x25\x6a\x76\x3e\xb6\xaa\xdb\x85\x7b\xc4\xf8\x72\xd3\xf0\x0d\x10\xb8\x87\x23\x25\xf3\x2a\xce\xdf\xfd\x91\xb7\xba\xfa\xf1\xd8\x00\xcf\xf3\xf9\xbe\x7f\x9f\x14\x43\x4e\xde\x47\xbb\xb1\xcf\xdb\xbe\x19\x0c\xea\xe7\xd2\x70\x53\x62\xac\x58\x7e\x97\x58\x77\x2d\x39\x89\x18\xd5\x7d\xdf\xd8\x4e\x3d\x3f\xfb\xbe\xf5\xfc\xbb\x2f\x1e\x8a\xf0\xd0\x7f\x63\x58\xfb\x6c\xbb\xfe\xa1\x7b\x16\xf6\xb8\xce\xbf\x8e\x8c\xab\x6d\x70\x39\x60\x92\x5b\x26\x41\x53\x1d\x04\x39\x2d\xbf\xf5\xe4\x8e\x00\x30\x14\xa9\x61\x08\x67\x08\xbe\x6d\xc3\x76\x82\xd0\x93\x68\xeb\x0c\x71\xba\x58\x1e\xb5\x85\x8a\x82\xb5\x02\xe5\x7e\xe8\xdf\xd9\xe7\x3b\xb6\x35\x1d\xe5\x18\x06\xa4\xd7\x4b\xcd\x74\x7f\x5e\x28\x37\xcd\xc6\x5c\x6e\xa7\x1e\x16\xa4\x94\x1b\xc6\x7b\x49\xef\xa5\xec\xa0\x93\x64\xd9\x75\x04\x21\x97\xc2\x28\x95\x30\x10\x25\x00\x01\x7d\x80\x28\x65\x69\x62\x5f\x87\x0a\x48\x23\x0f\x38\x79\xb8\xac\x5f\xec\x5a\x4d\x2f\x66\x02\x2a\xfc\xd0\x28\xc6\x0e\xc5\x1e\xfb\x0c\x45\x6b\x9f\xda\x55\x18\xb4\x54\x8d\xb2\xbf\x6f\xd4\x7a\x85\xdc\x89\x10\xf9\x7b\x68\xdf\x02\x71\x0f\xa4\xff\xa5\x6d\xab\x95\x6f\x2a\x5a\xbd\x03\xa0\x02\x67\x5f\x95\x96\xee\x9b\x4c\x4f\xd3\x30\xff\xff\xef\xdf\x0c\x1c\xc7\x19\x2c\x8b\x31\x5e\xd8\xf9\x53\xa2\xe8\xa0\x1b\xa7\x8a\x9d\x9c\xa6\x61\x1b\x16\xa8\x65\x3d\xb8\x2f\xd1\x99\xef\x94\xd4\xb9\xaf\x42\x30\x14\x27\x38\x83\x6a\xa5\x4c\x46\x41\x10\x84\xba\x69\xe2\xe7\x14\xf5\xf7\xee\xba\xa9\x95\x85\xdf\xe9\x5f\xbf\x50\x21\x60\xf2\x80\x61\xf6\xaa\x90\xde\x1d\x2f\xd8\x6f\xaf\x82\x00\x90\x47\x4a\xb9\x5d\x32\x66\xd9\x3c\xfa\xc0\x4a\xf5\xc6\x49\x89\xa5\xd7\xfd\x78\x23\x62\x0d\x93\x05\x67\xe6\x4f\xd5\x7e\x7f\x0f\x16\x34\x0b\x1a\xc1\xfb\xfb\xb1\x53\x15\x41\xb6\x37\x53\x2b\xe7\xf7\x71\x04\xbf\x18\xf0\xa3\xe2\x57\x5d\xd0\x9c\x00\x0a\x5c\xb5\x7b\x8a\x7c\xab\x46\x78\x8b\x61\xd5\xb2\x2f\xbf\xef\xb1\xd5\xc5\x19\x88\xbd\x84\x17\xb1\x77\x78\x96\x18\x42\x3d\xbe\x05\x67\x7c\x48\x4f\x99\x02\x6c\x62\x9c\x9d\x74\x8a\x07\xa4\x51\x12\x25\xfe\xfc\x63\x85\xfe\x72\x54\xe3\xd7\xcf\xf3\x24\xfc\x78\xfe\x63\x3f\xef\x04\xd9\x12\x81\x1d\x7b\x43\x00\x26\x6b\xa3\x4f\x3b\xc7\x8c\x78\x37\x18\x6e\x3c\xc3\x6c\x38\x88\x83\x85\x7b\x61\x3f\x48\x9d\xc3\x54\xc1\x71\xa6\xde\x79\x1c\x2c\xa2\x71\x0e\x8c\x33\xf3\xb9\x31\x1b\xad\xb4\x10\xf0\x89\x2b\x44\x96\xfa\xcb\x79\x1b\x5a\x1c\x52\x88\x50\x8e\xeb\xba\xe2\x01\x68\xac\xdd\x99\xea\x13\x6a\x73\x9c\x11\x0c\xd9\xe5\x20\x38\xe8\xfb\xa3\x4e\x6d\xce\x9c\x8f\x1b\x09\x47\xa3\x43\x22\xcf\xbb\xf1\x24\xc9\x72\x5a\x02\x81\xca\x89\x05\x31\x41\x62\x80\x2c\xf2\x56\x1d\xe1\xf2\x7e\xb5\xf6\x0e\x6f\x61\xab\xed\x10\x04\x61\xd5\xc7\x37\x85\x30\xf6\x7d\x9f\xd8\x61\x1a\x8c\xbb\xb9\xa3\xdc\xe3\x86\x08\xfb\xca\x47\xed\x8d\x5d\x49\xf9\x92\x4c\x9d\x81\xa4\x8f\xdf\x0b\xa3\x3b\x47\x6f\xa2\x7e\x0e\xc6\x9b\xa0\x10\x56\x7b\x96\xe2\x01\xa7\xd5\x1d\x88\x7c\xb3\x39\x7b\xca\x6c\x64\x32\x9a\xdf\x59\xad\x38\xef\xec\xee\xf9\xb3\x7b\x9d\x84\xfe\xe2\x8c\x1d\xbc\xaa\x1f\x28\x85\xf6\xe7\xed\xb9\x64\xa8\x9b\x02\xbc\x91\xaf\xfd\x0a\x46\x33\xa2\xba\x90\x34\x08\x60\xbc\x10\xe7\x55\xbe\x65\xe7\x7c\x63\xc0\xeb\xfb\x9d\xf9\x10\x73\x8e\xf3\xfe\x9d\x44\x34\x42\x6d\x13\xbe\xb6\xf9\x54\x0b\xbf\x3d\xd5\xd7\x9b\x95\xde\x06\x81\x7d\x5a\xe4\x63\x14\xf9\x2e\x28\x21\x11\xef\xe4\x97\x37\xc6\xfa\x8d\x18\x3b\xc3\x21\x08\x6d\x9c\x88\xee\x04\x1d\xdf\x8d\x53\x08\x32\x0d\x40\xd4\xab\x1c\x67\xac\x3f\x09\x8b\x80\x85\x37\x7a\x65\x50\x0d\x7c\x15\xb2\x7d\xe3\x69\x88\x7d\xd8\xf6\xd1\xff\xee\x35\xbd\xf9\x03\xc7\xaf\x04\xc9\xe7\xac\x8b\xbe\x41\x0e\xe9\x04\x64\x50\x21\x91\x47\xa3\xa8\x9c\x78\xb1\x83\xc6\xe4\x68\x85\x77\x74\x76\xb2\xf9\x3b\x27\x8c\x9d\x4b\xb8\x52\x95\xbf\x56\x4f\x83\xe1\xbe\x6f\x86\x38\xc7\x68\x7d\x96\xc0\x67\x80\x91\xe6\x69\xca\x5b\xa1\x1c\x3c\xc6\xaf\xf4\x9b\x8b\x5e\xe5\x14\x75\x03\x02\xd5\xb7\xc1\x0b\x20\x91\x28\x48\x67\xcb\xee\xcd\xa9\x99\x87\x0f\x9d\x2b\x40\xce\xb2\x0a\x25\x96\xc2\x8b\x7d\xa8\x31\x7f\xce\x10\xdc\x0c\x81\x8a\x65\x16\xce\xdb\x6a\x18\xbb\x8f\xb6\x13\x11\x73\x1c\xbd\x0d\x55\x91\x23\xb0\x4c\xb9\x21\xe3\x64\x87\xa3\x1a\x05\x5c\x6d\x04\xbf\xcf\x7f\x9e\x47\xd4\xc7\x29\x3a\x75\xc9\x14\x00\x28\x54\x41\x30\x7c\x86\x2d\x5f\xa6\x34\x5b\xe8\x6a\x8b\xfc\x03\x69\xe8\x74\xdb\xa0\x60\xa0\x64\xf3\x1e\xad\xca\xe1\xe5\xd3\x53\xc1\xf3\x8b\x61\x69\xef\xd0\x96\x63\x7c\x9a\x05\x36\x7d\xbe\x4f\xb7\xe1\xef\xb9\xba\x33\xdf\x94\xb8\x8f\xc7\x9f\x9f\x1f\xcf\xab\x98\xff\x6a\x2f\x1e\xca\x93\x58\x99\x1c\xe5\x1e\x98\x66\xa3\x47\x90\xaf\x4c\xb6\x2b\xd4\x47\x4c\x15\x8b\x40\xb1\xf2\x21\x8b\x89\x2e\x00\x46\xfa\x1e\x48\xef\x54\xad\xec\xb8\x95\x64\xea\xd2\xe3\x66\x05\x7c\x6d\x23\xe3\x44\x55\xec\x94\x3e\xf2\x68\x52\x08\xa5\xf1\x59\x41\x66\xaa\x01\x2c\xd7\xc5\x4e\xe4\xb6\x5d\x5f\x3d\x9c\x41\xfb\xc1\xe8\xd8\xf7\x1f\xcf\xbc\x97\x93\x71\x37\xd2\x67\x00\xb9\x59\xbb\x19\x0d\x5e\xf0\x67\x9e\xcd\x10\x4d\x30\x68\x79\x92\x67\xb5\x28\x3a\x22\x5e\x01\xb8\xba\x2c\x17\x95\x32\x32\xc6\xa9\x25\xe2\xf4\x16\xdb\xee\xf3\xfc\xc9\x9d\xc8\x09\xc9\x84\x2f\x07\xdc\x28\xb9\x95\xc9\x88\x3c\x1f\x41\x1e\x4c\x4c\x71\x95\xdc\x6f\x3d\x7a\x7e\x34\xfb\x7d\xb2\x90\x80\xc8\x5b\xdc\x3f\x35\x07\x50\xb4\x72\x95\x7c\xcb\x6c\x81\xc8\x28\x5f\x3d\x5f\xef\x04\x85\xbd\xc0\xcd\xeb\x86\x3b\xc1\xfc\x91\x9a\xdd\x46\x70\x1c\x81\x8c\x26\x29\xb2\xe3\x9e\x75\x80\x1b\x04\x00\xf5\x13\x0f\xbb\x6a\x7d\xf8\xfb\x34\x5d\xec\xae\xe7\xc8\x8d\x33\x44\x42\x2e\xc3\xf3\xda\x8b\xec\x77\xde\x75\xc2\x3c\xc6\x88\x3c\xab\x05\x3a\xb7\xa3\x4c\x35\x7c\x57\x28\x01\x62\x0b\x06\x16\xc6\x1e\xbb\x2c\x9f\xb7\xf3\xb7\xa6\xea\xc2\xdd\xca\xf2\xf7\xbc\xcf\xcc\x9f\x63\xa6\xa7\xa4\x69\x77\xad\xaa\x93\xc9\xb5\x3e\x49\x92\x65\x91\xb6\x60\xfd\xe1\xdb\x21\x17\xed\xd3\x84\x0e\x20\xb3\x3d\xbf\xe2\x33\xfc\x0a\xcd\xaf\x67\x7f\xc5\xef\xbb\x07\x96\x2c\x47\xe4\xde\xcc\x7b\xd7\x75\x7d\x97\x23\xc0\x50\xd0\xab\x3f\xe3\xa2\xc7\x71\xc1\x4f\x7c\x15\xdf\x03\x1a\xf6\xfb\xb4\x5e\x83\x8e\xad\x9c\x9d\xff\xe0\x82\x15\xae\x9a\x1c\x5c\x0d\x0d\x86\x79\x66\x18\x1c\xdd\x22\xbf\x22\xbc\x12\x41\xae\x1e\xd0\x80\x3f\x27\x57\x7d\xaa\x83\xf7\xeb\x29\xc4\x17\xfb\x0e\x94\x69\x2c\xd3\x5c\x5e\x63\xf3\x07\xab\x82\x04\xfd\x49\x51\x8a\x5a\x6a\x65\x2d\xd1\x59\x81\x02\x96\xd1\x73\x29\x54\xc4\x62\x46\xa2\x4b\xf2\xa8\x64\x9f\x11\x87\xae\x55\x37\x89\x21\x3d\x0b\xfb\xe9\xaf\xa0\x66\xfd\x9b\x0d\x88\x04\x53\x2a\x67\xd5\x9c\xe2\xe7\x9d\xb0\x55\xc8\x66\x7a\x7f\x35\xf2\x3b\x23\xbc\x09\x23\x08\xc6\x3d\xa9\x60\x70\xed\x87\x2d\xf3\x7f\x7b\x68\xef\x27\x6a\x10\xe0\x9a\x4c\x94\x49\x4f\x7f\xa6\x55\x4c\xb3\xfd\x74\x03\x62\x6d\x50\xb8\x5a\x7d\x5a\xa7\x6b\x88\x1e\x29\x1d\x2c\x5e\x3b\x72\x66\xd4\x15\xa1\x77\xc5\xdf\xba\x49\xb0\xe8\x50\x36\x60\x7b\x86\x09\xf8\x92\x43\xec\x2f\xd5\x9d\x27\xbb\xa6\xd1\x17\xc2\xb4\xef\x04\x53\xe6\xb8\x6c\x42\x5e\x10\x88\x16\x4d\x7a\x79\xf2\x1e\x3a\xf9\x8b\xc9\x4d\xfd\xa9\xfe\xcb\xe9\xbe\x7d\xc4\xcc\xdc\x0d\x2e\x5a\xe4\xb3\x82\x75\xa2\x42\xc3\x36\x00\x1f\x02\xc1\xc0\x89\x72\xe6\x2e\x18\x79\xb5\x0e\x58\x80\xac\x75\x2d\x5e\x7a\xfd\xf4\x41\xcb\x37\xe0\xe0\x68\xc8\xdc\xd5\xe4\x7e\xf7\xf1\xcc\xa6\x79\xca\x68\xb8\xaa\x7a\x18\xf4\xc9\x42\x1b\xfd\x2d\x94\x48\x85\x2d\x7d\xed\xaf\x5c\x86\xc7\x1a\x81\x92\xc3\x16\xda\x4a\x18\x04\x44\x9d\xaf\x69\x9e\x24\x06\xca\x53\x85\xfc\xdd\x81\xec\xce\xd8\xe3\xaf\x2e\x4e\x94\xde\x6d\xb4\xcf\x17\xb3\x13\xb0\xc8\xfa\x89\x96\x1f\x9a\x38\x42\x15\x1a\xdf\x3f\xfe\x02\x11\xde\x0e\xae\xe9\x7d\xf8\x57\x53\xfb\xd0\x4e\x09\x46\xb8\xc9\xc6\xc9\x5e\x47\xfa\xac\x76\x81\x6c\xa2\x5c\xa5\x83\x66\x67\x51\x3a\xd8\x5b\xd5\xbf\x2e\x95\x9c\xc3\x4e\xd3\x83\x83\x24\x74\xdb\xc3\x20\x8d\x41\x2d\xf5\xdd\x36\xf4\xdc\x5e\xf6\x3e\x9f\xef\xc1\xe7\x40\x39\xc4\x7b\x25\x98\x6a\xae\xc6\xd5\x57\x94\x99\x68\xb0\x76\xdd\xc2\x8a\x7c\xbc\xc0\xfe\x8f\xc6\xf7\xd9\x35\xce\xd1\x31\x4c\x4f\xec\x83\xf0\x3c\x2c\x59\x1f\x22\xe5\x95\xb3\x89\x60\xc0\xda\xc3\x96\x11\xfd\xa8\xf6\xc2\xe8\xb7\xd1\x13\x33\x8d\x2b\x42\x5d\x11\x83\xb3\x5e\x04\x12\xde\x39\xeb\xb4\x86\x35\x4e\x94\x7b\x43\xce\xea\x91\x8b\x44\xf7\xba\xf6\x67\x65\x23\xc7\x75\xdf\xd6\xcf\xb6\xfe\x1f\x55\xd7\xb5\xeb\x36\xcf\x6c\x1f\x48\x17\xea\xed\x52\xbd\xf7\xae\x3b\x75\xc9\xea\xcd\x2a\x4f\x7f\x90\x7c\xc9\xce\x7f\x0c\x18\x89\x01\x6f\x52\x34\x87\x53\xd6\x0c\xd7\xa0\x16\x21\xee\x7e\xf5\x8d\x40\x9a\x3a\x86\x29\x21\x45\x4c\x28\xaa\x2b\x3b\x63\xed\x04\xc0\xcc\xb3\xa9\x22\x61\xc8\x7f\xf7\x6e\x25\xed\x46\x18\xf0\xfc\x46\x74\x9f\x6a\x1e\x76\x91\x1f\xcc\x76\xeb\xf2\x97\x1c\xfc\xd2\xc5\x52\xd8\x5f\x71\x59\xa1\x79\x4c\xbf\x10\xb6\x7f\xc5\x6a\x71\x27\xb6\x42\xe6\xec\x98\x1c\xb4\xb2\xab\xe2\x0c\x9f\x70\x03\xbf\x78\x79\x8e\xc9\x15\x2c\xf4\xa9\xde\x80\x09\x80\x00\x82\x6e\x61\x07\x4c\xb6\x81\xc8\xb4\xed\x43\x10\x05\xd0\xb5\x7f\x0b\x4f\xa5\x5b\xd8\x7b\x6e\x2b\x6e\xd7\xf6\x7d\xae\x74\xac\x7d\x18\xf6\xfd\xf1\x41\xa5\xc4\xfb\x04\xd9\x2f\xcb\x61\xdf\x54\x2e\x75\x9f\xdd\x38\xe8\x03\x06\x08\x04\xdd\x86\x45\x74\x41\x4d\x94\x58\x28\x07\xc0\xc9\x9e\x80\xb9\x96\x78\x7e\xef\xd4\xb5\x00\x0f\xc5\xfc\x82\x7e\x82\x3d\xd9\x81\x98\x99\xff\xa0\xc4\x0d\xbe\xa8\x28\x17\x96\x86\x97\xe8\xf7\x0b\x42\xc8\x87\xaa\x79\x2e\x7d\xb6\x9c\xcf\xc8\xbc\xfe\x22\xbe\x47\x9f\xfe\x1a\x7a\xb7\x0b\xab\x38\xa9\x0e\x13\xf8\x0a\x37\xe2\xa6\xe9\xa0\x31\x06\xf5\xc3\x81\x38\x0a\x17\x21\x7f\x41\x80\xaf\x9e\x62\x54\xb1\x1d\xe8\xb7\x3c\x1a\x8e\xe3\xfc\x66\x11\x72\x2c\xa9\x3a\x66\x65\xa2\xdb\xb9\x87\x2f\x75\x8d\xea\xc2\x67\x7c\x03\xe2\xb3\x75\x3d\x50\x39\xa5\x08\x40\x50\x42\xcb\x9d\x56\x87\xdb\x88\x10\xb6\xba\x45\xdd\x07\xf2\xfd\x43\x3a\xbf\x67\xbd\x69\xda\x43\x4c\x1c\x08\x52\x93\xff\xa6\x00\x75\x4c\x53\x0b\x1d\x74\x07\xd1\x1d\x15\x7b\xe8\x91\x23\x6b\x09\xe2\xac\x6c\xc8\x93\xf2\x2f\x2e\xb2\x57\xd1\x21\x54\x9c\x24\xef\xb3\x1e\xb9\x0f\x40\xd2\xd1\x2f\xc7\x73\x20\x08\xb2\x2e\x54\xd4\x27\x22\xb7\xd2\x3b\x2e\x7f\x2b\x32\x39\xab\x73\x78\xd3\xf3\x03\x85\x9d\x9b\xf6\x1b\x38\x03\x67\xb5\x81\xb2\x31\xae\x38\xf4\xde\x74\x41\x01\xeb\x9d\x4f\xb2\x14\xc0\x72\xfb\x05\xa2\x71\x84\xb3\x7d\x36\x51\xed\xc4\xbb\x6c\x9a\xc8\xf3\xfc\xed\x67\xce\xfb\x35\xf2\xbf\xce\x0c\x48\x17\x83\xbd\x6a\x9b\xf6\x65\xf8\x69\x6b\xc8\x1f\xfe\x5e\xe3\x5a\xe5\x0b\x04\xdf\x06\xdd\x27\xb6\x6c\xc5\x7c\x13\x13\x52\xce\x49\x33\xac\x40\x1a\xd4\xe1\xe1\x16\xc0\x6f\x8a\x9c\x04\x54\x59\xf2\xaf\x73\xdc\x1f\x22\x0a\xe9\x79\xe8\x7f\xa9\xb5\x38\x6a\x03\xae\xe1\x74\xb4\xad\x0d\x01\x08\x33\x85\xc2\xad\x13\xa5\x0c\xfa\xea\xbc\x5f\xee\x99\xb4\xec\x38\x73\x83\x27\xd4\xf4\xd4\xb9\x6c\x1b\x09\xe0\x09\x54\x10\x93\x2b\xb6\xb6\xb1\x13\xd6\x87\xc4\xbb\x04\xb8\x8b\xfb\xc2\xf4\x7f\x5c\x82\xcb\x52\xda\x4b\xfc\x92\x24\xa8\xe3\x34\x00\xa8\x77\x90\x2e\xda\x49\x23\x67\x46\x10\x00\x70\xa8\x3a\xbc\x88\xfc\x14\xcb\x10\xa1\x0b\xb1\x89\x50\x95\xd4\xce\x51\xca\x3f\xf5\xb7\xd6\x87\xe3\x9c\x6f\xe1\x8e\xaf\xbd\x44\x37\x1a\x4c\x50\xee\x3d\xa9\x77\x0c\x4a\x18\x01\xb0\x6d\x95\xda\x26\x34\x69\xbf\xbb\xa2\x0a\x44\x4c\xbd\x3c\x91\x1c\xa2\xc6\x00\x53\x8c\xa7\xb2\xef\x78\xaa\x4b\xe0\x21\x48\x5c\x52\x47\xf6\x6d\xbe\xff\xfc\xa5\xe1\x40\x73\xe2\xf3\x45\xa9\xa6\xa7\xc6\xc2\x96\xfb\x4e\x9c\x4f\xd5\x78\x39\xfb\x46\xed\xc3\xac\x00\x1a\xe0\xd1\xaf\x56\x55\x34\xae\xaf\xa7\xfc\x1e\x00\xa8\x86\x71\xfc\xf9\x96\xe8\x03\x06\x17\xbb\x51\x10\x0c\x60\xe9\x62\xf4\xa3\x67\x18\x52\x4a\x1c\x80\x99\xeb\x26\x36\x83\xf0\x19\xeb\x27\x01\xd0\xc0\x06\xeb\x43\x77\x2d\xf8\x73\x78\x26\xbb\x95\xc7\x17\x35\xf5\xf0\x44\x55\x57\x51\x8b\x20\x1f\xe8\x7a\xcd\x46\x7c\x1f\xbc\x7c\xa1\xc0\x2c\x34\x3f\xc1\x91\x5a\x0a\x87\xfe\xd4\x2a\xa9\x1f\xfb\x29\x09\x60\xca\xbf\xc8\x6b\x43\xf8\x48\xa1\x08\xfd\x4d\x25\x65\x94\x5a\xf7\x6c\x21\xab\x23\x68\x5c\xd5\x75\x18\x06\xc7\x72\xfb\xea\xd9\xb8\x79\x44\xed\xe6\x00\x98\x7e\x91\x7c\x81\x73\xe9\x2e\x5e\x56\xae\xce\x88\x24\x91\x35\x9a\x7c\x51\x36\x2a\xb2\x2c\x2a\x44\x2f\x4c\x81\x06\xf3\x08\x3f\xab\x13\x08\x43\x34\x85\xcb\x60\xf5\x42\x31\x9f\x40\xcb\xef\x71\x35\x3b\x10\x30\xdf\xd1\xf4\xd0\x96\x24\xc8\x22\x21\x14\x67\x5b\x8e\xf9\x98\x0d\xc2\x1c\x5d\xda\x06\x3a\x45\x8c\x56\x19\x03\xff\xc9\xd3\x18\xea\x70\x59\xf6\x4b\x2d\x3b\xba\xd0\x12\xd0\x69\x22\x1a\xfb\x38\xba\x72\x57\xc6\xcf\x0d\x1c\x0e\x67\x04\x67\x70\xf6\x8d\x51\x3a\x75\x50\x98\x7e\x0a\x5a\xd7\x58\x3f\x3b\xe2\xaf\x4d\x7f\x4a\xb4\x35\xcc\xb6\x2f\xea\xa5\x84\x7c\x90\x56\xd2\x49\x94\x0e\x89\x92\xe7\x4a\xce\x50\x10\xca\xb3\xcd\x8f\x8b\x2c\x14\xc3\x30\x9e\x64\x1c\x8f\xbe\xf1\xa6\xe7\x69\xae\x85\xf4\x75\x9e\x44\xbd\x69\x68\x49\x9f\x08\x99\x54\xb6\xcc\x86\x8f\xb2\x6e\x36\x11\x1f\x7e\x18\x0e\x38\x1a\xc7\xf1\x60\x56\x34\x87\x30\xd5\x3f\xbd\x96\x75\x04\xb8\xea\x23\x0c\xa4\xe3\xb2\x00\x00\x49\xd9\xbc\xed\xda\x3e\x04\xe8\x56\xf5\x12\xc0\xb6\xe8\xf0\x0a\x6d\x4f\xc9\x5c\x23\x05\x55\x36\x8a\x77\x30\x40\x96\x2d\x46\x15\x6f\x94\xbd\x4b\xfb\x79\x5f\xef\x8b\xc6\x25\x7c\x47\x56\xb7\x12\x87\x0a\xe6\x24\xbe\xe8\x96\xf3\x12\xe1\xd8\xae\xe7\xb6\x86\xde\x37\xde\xf2\x13\x53\x59\xb0\x91\x9c\x55\x2c\x4f\x30\x3d\xd1\x2f\x3a\x75\x83\xab\xbf\x2d\x5c\xc6\x01\x6c\x56\x35\x8e\x1b\xd2\x3a\x14\x47\xac\x5b\xf4\x28\x3b\xb2\xf5\xd3\x5f\x88\xe7\x7c\xe6\x45\x64\xbe\xc5\x89\x1b\x71\xdf\x4a\x6e\xb1\x5a\x7c\x8b\xe5\x01\xd6\x75\x5b\x1e\x3c\x99\xe1\x15\xce\xe0\x23\x8f\xb5\x7d\x7c\x91\xd3\x6d\x2a\xc9\x1f\xae\x59\xaa\x7f\xf9\x5c\x02\xaa\x0f\x60\x12\x27\x30\x1d\x15\x28\x68\x68\x8b\x9a\x04\x25\x96\xe1\x7e\xee\x83\x65\x05\xf5\xea\x57\x12\xb7\x6c\x9d\xbf\xd1\x76\x20\x70\x31\x87\xa2\x1b\x84\xe9\x97\x4e\xfb\x7d\xea\x7b\xcf\x94\xe9\x9b\xc2\x0a\xcb\x9f\x8d\x48\xfc\xb2\xc1\xe8\x1d\x92\xaf\xf6\x3d\xd7\x50\xdb\x0b\x6e\x65\xb8\xa2\x31\x5f\x9a\x8e\xfc\xbe\x57\xe8\x3c\x72\x61\xfe\x70\x07\x71\xd7\xb8\x10\x09\x92\xa3\x18\x5c\x51\x72\x9d\x72\xc5\xa8\xce\x99\xdc\x5e\x3e\x98\x97\x75\xbb\x6b\x74\xf2\x9d\xde\xf0\x59\xa2\x63\xf3\x90\x91\xa3\x16\xd9\x85\x0a\x9b\x66\x2f\x0a\x32\x8d\xd7\xf0\xc5\x05\x9d\xec\xa5\xdb\xd2\xcf\x41\x80\x95\x02\xe4\x49\xdf\x4e\x03\x81\x1f\x27\x47\xc5\xc7\x52\xfb\x63\x9c\x6b\x7d\x52\xc6\xda\x90\x1d\xd1\xf6\xe5\x49\xb0\x4a\xb2\xca\x5b\x43\x6b\xda\x20\xc4\xc6\x78\x16\xc3\x2a\xeb\x49\xb3\x16\x14\xdf\x48\x43\x23\xfc\x4c\xc7\x0f\x55\x92\x4d\x06\xde\xa7\x09\xa1\x68\xde\xb5\xac\x45\xda\x4c\x12\xfe\xd4\xb7\x18\x4a\xb9\x9b\xdf\x2f\xc5\x3d\x94\xe8\x10\x22\x0a\x16\x5b\x8a\x49\x2f\x48\x94\xd6\x48\xd8\x61\x7b\xd0\xdf\x0c\xf9\xcd\xc2\x32\x13\x03\x1a\x62\xdf\x10\x6f\x6f\x7c\x30\xd4\x1e\xa8\x48\x1e\x26\x48\xb3\xbb\x31\xea\x97\x3f\x93\xea\x98\xec\x79\x5b\xd9\x83\x48\xcd\xee\x17\x17\x76\x2b\xe8\x9b\x2e\x9c\x01\x95\xdc\x0e\x6b\x4e\xb8\x19\xb2\xae\x03\x1a\x42\x25\x87\xe7\xf0\xf1\x16\xaa\xac\x6a\xd6\x8b\xdd\x45\xf5\x26\x54\x65\xcb\x1f\xb0\x46\x26\x7f\x23\x33\xa7\xe6\x82\xd6\x1b\x8e\x3c\x36\xb1\x98\xa3\x08\xb8\x44\xf4\xf3\xc4\x32\x0b\x5e\xe1\xd6\x6d\x7e\xea\x3e\x0d\xa6\x40\x8f\x05\xc4\x8c\xce\x4d\x40\x9b\xc2\xc6\x06\x42\x8e\x3a\xce\xb0\x25\x20\xb0\x37\x1b\x97\x2d\x82\x97\xfc\xbf\x36\x93\x7d\xe2\xee\x5f\x55\x50\x0e\xb9\xb6\x51\x8e\xf8\x82\x60\x40\x94\xd6\xe4\x2f\xa8\x95\xf2\xca\x50\xf6\xd9\x91\xb5\x1f\x0c\xd1\xc2\xdc\x65\x8f\xd0\x92\x64\x10\x69\x4e\x54\xf5\x4d\xed\xc9\x81\x8f\x19\x20\xb9\x05\xc8\x5a\x5e\xb3\xe8\xef\x52\x33\x61\x10\x9c\xd0\xcb\x47\x7c\xcf\x88\x73\x0f\x97\xa2\x01\xf7\x95\xdc\x7a\xd8\xfc\xdd\x47\x97\x3c\xc1\xaf\x8d\xca\xcf\xa2\x4f\x27\x43\x4f\x07\xbd\x64\x51\xd8\xa3\x3e\xfe\xb5\xc5\xbe\x73\xcb\x12\x40\xc3\x30\x8c\x42\x9d\x3b\x99\x1f\xce\x1b\x89\xd1\x28\x60\xdc\x8b\x19\x0f\xb4\x23\xce\xe1\xfb\xb4\xef\xe2\xc5\x28\x70\xa1\xd0\x5f\x6b\xe8\x02\x93\x0f\xce\xc8\x34\xfd\x10\x3e\xb6\xc3\xdd\xfc\xcc\xd3\x6a\x5f\xb8\x0d\xbf\x81\x6c\xde\x81\x4c\x1e\x74\x7e\x45\xd6\xd6\x47\x75\xa9\xac\xb6\x88\x4c\xbc\xf7\xed\xb6\x66\x8f\x02\x2d\x14\x3e\xd1\x39\x7b\x00\xd4\x24\x9b\xfd\xb9\x20\x93\x0e\x10\xf3\xf3\x4b\x29\x39\x90\x49\x27\x22\x73\x49\x2b\x2c\x4d\x7c\x51\xf0\x0d\x65\xf3\xd7\x63\xf2\x17\x65\xf1\x2d\x76\x6e\x14\x28\xcc\x63\xb6\xc7\x73\xf5\x21\x2b\xfc\xf4\xc7\xa9\x9b\xa6\x82\x5c\x8e\xf3\x1c\x30\x64\x31\x3a\x06\xfb\xe1\x6b\xe6\xba\x11\xa5\xa7\x21\x2f\x41\x0c\x98\xfc\x05\x33\x59\x08\x2c\x78\x2a\x9e\x69\x38\x0c\x7f\xfb\xaa\x4d\xc0\x35\x46\xcb\x5f\xc0\x76\x01\x1b\x5d\x2f\xa5\xb0\x7a\x87\xce\xc4\x3e\xe7\x78\x3b\x25\x36\x05\x9f\x60\xc6\xbb\xbf\xd6\xef\x22\x95\x1e\xb7\x3f\xc2\x6d\xfa\x51\xf8\xa6\x69\xec\x1d\x4c\x31\xda\x1d\xbd\xc2\x94\x97\xbe\xef\x47\xa9\x28\xd4\x3c\x80\x02\xce\x82\xa7\xa6\xbe\xfa\x3e\xdc\xbf\x66\x29\x43\x37\x50\x58\x6e\xde\x34\x10\x02\x50\xfa\xc2\x37\x62\x5b\x9b\x95\x6a\xfb\xa0\xed\xcd\xb6\x2b\xa6\x14\x29\x7f\xb3\xb1\xa9\xbf\x1c\xaa\xa6\x90\x6e\xc0\x1e\x6b\x1b\x40\xca\x71\x5d\xd7\x39\xff\x65\x87\x29\x05\x86\x22\x47\x1e\xff\xf5\x59\x72\x51\xcc\xe2\xda\xe6\x2a\x6c\x1d\xfc\xe4\x2e\x94\x49\xbf\xfc\x43\x6f\xa5\xf6\x70\xfd\x86\x64\x9c\xe1\x13\x47\xe4\x68\x95\x5d\x08\x02\x21\x23\x91\x2e\xdd\xaa\x26\x5b\x99\xe1\x53\xe6\x11\xdb\x79\x12\x53\xbf\x0e\xc1\x3a\x04\xca\x22\x2a\x2a\xab\xdf\x15\xa7\x64\x1d\x96\x72\x58\xe8\xac\x77\xdc\xc3\xf8\x6d\xc5\xdf\x5c\xea\xea\x81\x73\xae\xf2\x01\xc1\x1c\x96\xdd\x76\x4d\x06\xb9\xec\x0e\xfa\x5b\xe8\x5b\x5d\x26\x71\x9d\x90\x7e\x46\xc6\xa1\x1d\x9e\xb1\x59\xf5\xab\x87\x57\x50\x9c\xe6\x7c\x96\xbf\x5e\xe6\x3f\x91\xb3\x0e\xc1\x3c\x26\xa0\x88\xe9\x6c\xa6\xbb\x9c\xe6\x7a\xba\x0f\x09\x1f\x56\xed\x97\x64\x8f\xdc\x59\x61\xd9\x9c\x22\xfd\x72\xaf\x44\x5a\x6c\x53\xf0\xe5\xc6\xc8\xfa\x21\x62\xd7\x5d\x47\xb3\x7d\x8a\x7b\xe8\x81\x9a\xbe\x09\x7e\xbe\xbb\x2f\xd3\xe0\xf7\x19\x2b\x84\x19\xf9\x30\x5f\xb8\x9a\x7c\x5b\xab\x1c\x32\x50\xb6\x3e\x25\xa1\x8f\x2c\x02\x50\x9f\x7b\x62\x6b\xad\x5b\x91\xe3\x2d\xb0\xc9\x21\x28\x74\x74\xb9\x0d\x04\xdb\xf6\x3c\x7b\xa2\x19\x9f\xf6\x38\xda\x3f\x3c\xc1\xce\x71\xe2\x15\x42\x8d\x24\xfc\xe6\x38\x68\xa2\x25\xf7\xbc\x48\xf4\x06\x02\x50\x25\x1f\xb9\x15\x08\xbb\x3a\xa2\xe7\xb5\x69\xed\x1e\xac\x0f\x53\xfb\x6b\xb9\x21\xb9\x6e\xd9\x86\x79\x77\x54\xf0\xd8\xbe\xf9\x92\x66\x7b\x13\x73\xff\xfc\xe4\x2e\x58\x36\xce\x69\x60\xa1\x6a\x49\x6d\xb6\x27\x40\x23\xf2\x4b\x88\x9f\x91\x8a\xbb\x45\xdb\xc9\x1b\x5a\x84\xb0\xcb\xdd\x0c\xe5\xe5\x5d\x42\x9a\x6c\x5c\x87\x46\xff\x72\xa7\xd6\xed\x1b\x42\x7f\x73\x31\x08\x96\x47\xdb\x4b\x82\xef\x03\x33\xa6\xfc\xb2\x63\xea\x7f\x38\xba\x30\x04\xc4\x40\x03\xe8\xae\x01\x8a\xf6\xe8\x7a\x85\x1c\x47\x1e\xc2\x1e\x8a\xed\x69\x32\x7b\xa5\xd4\x93\x69\xf4\x41\x83\xa0\x70\xf8\x65\xab\x2b\xd9\x91\xba\x84\x13\x91\x0c\x8e\x96\x33\x1b\x97\x62\x8f\xc2\x8d\xd1\xe0\x86\x98\x4a\xe2\x2d\x6f\x00\x76\xc3\x11\xdc\x9f\xe6\x0f\xee\xcd\x1a\xc0\x05\x42\x2a\xab\xa9\xcd\x46\xef\x7e\x00\x1f\x19\x72\xe4\x73\x9c\xd6\xf3\xc7\xdd\xad\x52\xc0\x25\xd4\x88\x08\xe0\x93\xfb\x1d\x91\x77\xfe\x9a\xb2\xe1\xc3\xa0\x11\x5e\x1f\xeb\xeb\x93\x0f\x48\x61\xaf\x23\xb3\x58\x29\xb9\x54\x35\x1b\xff\x8b\x11\x08\xce\x6b\x90\x16\xad\x82\x7b\x44\x14\x71\x99\x4f\xe5\x94\xe2\x75\x4e\x66\xb9\x35\xaa\xb6\xf5\x2c\xbb\xb5\x79\x9b\x36\x47\xa6\x4a\x56\xd1\x47\xc3\x1b\x2e\x16\x58\xd1\x8d\x58\x77\x22\xb8\x2b\x05\x28\x20\x2e\xab\xc5\xa0\x66\xff\xdf\x98\x1e\x49\x93\x44\x18\x17\x0f\xe5\x0e\x52\x70\x6c\x29\x52\xad\x68\xf3\xd1\x51\x5a\x2f\xac\xb7\x3e\x2d\xfb\x04\xa7\xb9\x9b\x5a\x6d\xa9\x31\x4c\x87\xc7\x48\xba\xcf\x5c\x6a\xf7\x7c\x2b\x53\x91\xb7\x25\x6e\x2e\x59\x57\x3e\x3c\xb5\xe8\x7f\xfa\x55\x39\xef\x3a\xf9\xa0\x6b\xf8\xfd\x95\x14\xab\x96\x8d\xc7\x86\xd0\x71\x69\x40\x59\x43\x96\xc9\x34\x22\x29\x81\xb2\x2c\x8e\x68\xa7\x5e\xa3\xe5\xc0\x52\x93\x5a\xfb\x44\xf8\x20\x9b\x6e\x75\xd7\xdc\xc8\xc7\x2f\x6b\xc4\x39\x95\x0f\xb3\xef\xc0\xc9\x3f\x58\x64\xc4\xeb\x29\x69\x63\xbc\x9d\x24\xe5\x7b\x0e\x90\x1e\xaa\x71\x8c\x7f\xac\xae\x96\xb3\x04\x31\x61\xb7\x25\xef\x36\xb0\x36\x03\x9e\x38\x29\xfd\x5d\x5f\xf2\xcb\x7e\x20\x74\x43\xf2\xe4\x41\x0c\xc1\xda\xf3\xb6\x53\x2d\xb6\x31\x3b\x03\xf2\x9f\x48\x34\x62\x67\xc9\x1f\x28\xfa\x14\x99\x61\x6b\xca\xfe\x40\xb0\xf9\x06\xb0\xe9\xe7\xca\x1e\x80\xd4\x43\x23\xaf\x8d\xac\xf7\x19\x18\x67\xd9\x54\x13\x03\xee\xa2\x94\xcd\xf8\x9b\xa9\x5b\x04\x1f\x69\x15\xc2\xe5\xb7\xb0\xab\xe9\xbb\xe1\xfe\x4e\x9a\x2c\x31\xd3\x8f\xf3\x4f\x96\x15\x65\x11\xb0\xda\x72\x93\xc0\x21\x0f\x1a\x2e\xa1\x72\xca\x70\xd4\xc5\xc7\x39\x7d\x4c\x76\x82\x49\x60\x38\x0d\xab\x4c\x5e\xdb\x2d\xdd\x42\xbd\x3e\x02\xd3\xfe\xfe\x4e\xcc\x91\x1f\x1e\x47\x43\x3a\xaf\x11\x39\x62\xb4\x40\x22\x7f\x6a\xb0\x98\xcf\xe4\x14\x4f\x17\x7a\x6d\xbc\x11\xda\xba\x1e\x5b\x04\x9b\xbe\xb3\x47\xa5\x2b\x63\x81\x78\x8d\x17\x71\x78\x63\x10\x81\xa9\x21\xb0\x58\x15\x4f\xea\xba\xcf\xc7\x8c\x39\xb0\x14\x0c\x4b\x1e\x2d\xc1\x9e\x77\xe8\x87\xfe\xaf\x33\x6f\x5f\x26\x0f\xee\x84\xc3\xe7\xfb\x57\xf7\x73\x4a\xcc\x7d\x73\x98\x76\x5d\x5a\x0a\xc3\x30\xdc\xeb\xf4\xeb\xcc\x9f\xd7\xb0\x70\x0c\x43\x3f\xf1\xdc\x62\xdd\x0a\x7d\x6d\x19\xbe\xf9\x35\x96\x24\x14\x00\xbf\xc4\xb9\x3d\xd5\x06\x8b\xf2\x35\xe4\x8f\x28\x9e\xff\xfa\xe3\x29\x18\x24\x1b\xd7\x0a\xec\xdd\x47\xf0\xfd\xc3\xce\x11\xfe\x93\x79\x03\x01\xc7\x1f\xb4\x94\x85\x2d\x17\x2b\x10\x2a\xeb\x0a\xf2\x13\x7f\xc3\x2f\x49\xbb\x23\xd6\x15\xb3\x08\x5f\xb2\x68\x59\x87\x31\x14\x5b\x5b\x36\xde\x9d\xa8\xec\x03\xb5\xbf\x1a\x4b\xed\xc6\xf5\x07\x63\x77\x2e\xe3\x35\x48\x83\x6f\x7a\x58\xe5\x47\x73\xd1\x48\x34\xc2\xc7\x85\xbe\x7a\x88\x5a\xf5\x16\x2e\x0e\x68\xde\x27\xe8\x5c\x74\x17\x4e\xbd\x54\x6c\xf6\x61\x5e\xb5\x6e\x25\xce\x7c\x01\x63\x95\xf6\x66\xbe\xbd\xa8\x4d\x39\xee\xf5\x56\x2e\xe6\x1f\x87\xb8\xf2\xeb\x1c\x73\xea\x47\xf9\x6f\x9f\xf3\x0a\x31\xbb\x5e\x63\x96\x37\x14\x53\x64\x1a\xe7\x9c\x7f\x68\x6d\xc7\x8e\xf8\xf3\xa0\x27\x3e\x79\x49\xb3\xc3\xe3\x48\x9e\xc8\xa3\x2b\x3b\x72\x7c\x38\x2c\x66\xbf\xe4\x33\x8d\x9c\x14\x71\x3f\xb9\x07\xf9\xf2\x05\xdc\xe6\x15\xc2\xe6\xf8\x91\x3e\x3f\x48\xd1\x08\x12\x37\x3e\x7d\x19\x0d\x38\xf9\xd5\xe2\x47\xa7\xcc\x31\x49\xa8\x53\xf5\xf7\x25\x7f\x3b\x57\x5d\xd7\x71\x11\xeb\xe7\xd5\x7c\x44\xe6\xc7\xea\x8d\xbc\x44\xc7\x93\xbf\x85\xf9\xac\x53\x33\x25\xc1\x37\x3d\xe0\x0c\x63\x34\x3c\xf8\x91\x4b\xc7\x76\xd0\xd3\xfe\x8a\x55\x6a\xf1\xbe\x07\xf1\x65\x1a\x97\x9f\xb8\xb6\xe5\x6b\x1d\x5c\x69\xd9\xd2\xe1\x01\xc2\x47\x0f\xbf\x51\x14\x96\xb1\x0a\x8d\xde\x63\x59\xc6\x1d\x29\x93\xff\x4d\x9e\xf8\x69\xe4\x9f\xbb\x4c\x9c\x96\xff\x67\x57\x29\xf4\x0e\xf9\xff\x74\x0e\x52\xd2\xb5\x8f\xda\xa4\x77\xf9\xef\x8d\x27\x11\xc5\x8d\xf6\x63\xb2\x20\x4e\xfa\x5b\xe8\xc1\xb6\x36\xae\xc8\xe1\x07\xb0\x49\x56\x49\x5e\xe5\xd8\x4d\xe6\x98\x67\xcb\x88\xa0\x59\xc5\xce\x3e\x7f\x74\xc4\xbc\x2f\x38\xdf\x42\x10\x14\xf5\xa3\xf7\x4b\x82\xcf\x6d\x25\xc0\x18\x03\x0b\xb8\x7e\xd8\x31\xe1\x80\xab\xca\xb9\x6f\xb8\xb6\x01\x9a\x27\x99\xa6\xbb\x43\x18\x96\x61\x19\x1f\x34\x5d\x27\x99\xda\xde\x88\x76\xf7\x24\x4c\xfb\x2c\xad\xc9\x7f\x7d\x49\x8d\x4b\xd4\xae\x9a\xdc\xbe\x96\x7d\xbe\xdc\xc3\x30\xca\xc7\x65\xcb\x11\xfa\x7b\xf0\x4d\xe5\x47\xe6\x52\x59\x7a\x43\x4c\x1e\xcc\xd4\x93\x4a\x6d\x16\x89\x55\x1c\x0a\xeb\x7c\x51\x7d\x88\xea\xdd\x49\xab\x9d\x0b\xc9\x90\xdf\x19\xaf\x2d\x77\x0e\xcf\xaa\xe2\xfb\xf9\xa7\xfe\x6b\x56\x3f\xc6\x11\x4f\x94\xcc\x11\xf1\x89\x9a\x29\x4e\x6b\x83\x77\x87\x62\xe2\x2d\x3a\x1c\xfb\xc1\x91\xc3\x68\x94\x62\xdf\xf9\xfc\x7a\x3b\xf6\xbd\x0e\x01\x50\x5e\x29\x7b\x8f\x3c\x43\x8e\x2d\x43\xc6\xba\x6a\xd9\x52\xfc\xe5\xd0\xa0\xa2\x68\xa9\x50\x9f\xfc\xd5\x99\xf3\xb8\x8c\x29\x92\x4a\x6e\x90\xdb\xa0\xa8\x88\x4c\x1a\xd7\x28\xb5\xac\x99\xb4\x0b\xf5\xa9\x14\x62\x05\x4e\x0a\x35\xb4\xde\x03\x14\x21\xfd\xf5\xd0\x0f\xe3\x2e\x8f\x68\x9c\xa9\x38\x9c\x99\xf4\x99\x49\xeb\x7d\x2a\xfd\x1e\x41\xb8\xb7\xe4\x77\xd2\xd8\x49\x0b\xcc\xef\x4f\x5f\x5c\x57\xe6\xf1\xe7\x10\x5c\xe0\x24\xd3\x8c\x00\xb6\xd5\x2f\xcb\x5a\xb2\x8d\xc0\x43\xfa\xaf\x0c\x23\x37\x26\xd1\x76\x5a\xb9\x66\x0b\xa7\xee\x3d\x29\x8d\x17\xaa\x70\x19\x87\x28\x0d\x6a\xeb\x7a\x6e\xde\x29\x09\xd1\xa7\x77\x24\xa0\xa9\x92\x28\x75\xae\x7f\xf9\x4c\x51\x50\x16\x89\x6d\x0a\xd1\x03\xe6\x1e\xf2\xa3\x63\xcd\x86\x15\xd9\x4c\xfb\x28\x3f\x16\xa8\x46\x69\x9e\x53\x25\x04\xeb\xd1\x45\xa2\xe8\xc7\x15\x8b\xcb\x5f\x40\x02\x3a\x6b\x34\x44\x5d\xb8\x2c\xeb\xd8\xa4\xba\x27\x16\x66\x10\x06\x84\xcf\x8d\xb7\xc5\xc0\xf3\x3f\x75\xda\x85\x7b\xe1\xd5\x76\xf5\x13\xf8\x8e\x05\xff\xc9\x90\x63\xc9\x23\x7a\x2f\x6c\x7d\x7d\x5b\xc9\x7b\xe0\xf3\xd7\x7f\x3d\xb6\xe2\xdc\xb6\x02\xe0\xc4\xbc\x82\x3d\x8f\x08\x34\xa5\xc7\xe7\x5d\xb3\x51\xed\x51\xdf\x3b\x81\x69\xc4\x89\xd4\xa8\x4c\x7f\x50\x44\x5c\x69\xff\x1e\x1f\x97\x55\x16\x79\x26\xbd\xef\x70\x93\x38\x6e\xab\xf8\xf0\xbc\x6b\x3e\xe2\x5f\x13\x40\x1a\x60\x92\x6c\x30\xb1\x6c\xa6\xe4\xf8\x98\x44\xb7\xe5\x31\x16\x61\xdc\x2b\x74\xe8\x9e\xf8\xa1\xe3\x0a\x3d\xc8\x28\x3c\x75\xf4\xa2\x5b\xee\xd3\xaa\xff\x6a\xdb\x15\xc5\x57\xd1\xfd\x1d\x83\x57\x05\xf1\x06\x98\x48\x60\x5b\x89\xf3\xde\x73\xa1\x2f\xf1\x28\x9a\xa3\x92\x84\xcf\x1c\xa2\x5d\xb3\x7d\x31\x02\x28\xcf\x25\xea\xdb\xcb\x72\x91\x63\x8b\xd0\x83\x6c\xa9\x23\x04\xbe\x48\xe0\xee\xb5\x94\x8e\x15\xef\xf3\x8b\xf6\xd3\x1b\xce\x60\xe7\x28\x84\xc0\x22\xd3\xd0\x5a\x26\xab\x6e\x5e\x98\x10\xae\x51\x68\x0d\x75\xaf\x98\xcc\x6d\x04\x1e\xe0\x60\x95\x0b\x7c\x40\x70\x1b\xf9\x8c\xd4\x08\xd7\x84\xb5\x8f\x61\xb7\x99\x34\x2c\x51\x9e\xed\x10\x60\xdf\x83\x41\xdb\x75\xed\x63\x45\x96\x54\xea\x4f\x0f\x24\xb6\x39\x6c\xd2\x67\x48\x11\xfb\x6a\x37\x90\x0a\xa3\xc7\xcc\xb2\xb6\xad\xe4\x79\xef\xa9\x34\x52\xa8\x64\x45\x6c\xf5\x82\xd1\x3e\x45\x75\x8f\xfa\x65\x5a\x47\x2d\xc6\xb9\xc1\xa6\x06\xc4\xb4\x13\xd1\x50\x96\xe3\xe3\xaf\x60\x1c\x22\x18\x08\x00\x93\xcf\x60\x43\xdf\x4f\x06\xb3\x24\xe5\xbf\x39\x74\xbd\x6c\x9f\x56\x85\x8e\xbb\xa2\xf6\x5c\x52\xb7\xb3\xfc\x9e\xde\x68\x1a\x40\xa4\xc5\xdb\xf9\x86\x4d\x63\x2c\xb5\x0e\x97\x5b\x06\x1f\xd2\xfd\x5a\x5f\x78\x18\x0b\xd1\x58\x06\x23\x8a\xd1\x93\x05\x22\xfe\xaf\x4e\x4d\xb4\x4e\xed\x8a\x69\x21\xd2\xfe\xd1\x21\x55\x74\x83\x70\x4a\xe1\x52\xf7\x88\xaf\x4f\x54\x5e\x60\xa8\x28\x6e\xcb\xfa\x7b\x29\x4a\x85\x37\x3d\x5b\xe5\x68\x45\x7f\x33\xeb\xd7\x7b\x3f\xd7\xb1\x18\xb0\xc9\x5f\xde\xa0\x4c\x61\x9f\xe9\x22\xe9\xdf\xb8\x9f\x8f\x0a\xe1\x5e\xcb\x0f\xd5\x46\x56\x9f\x04\x1e\xc8\x0a\xab\x65\x8c\x08\x32\xb5\x55\x55\x44\xc4\x48\x78\x42\x58\x9d\x6a\xfb\xad\xa0\xea\x58\xb0\x5a\x5f\x40\xbc\x85\xb7\xd1\x3d\xbc\x4e\xf1\x8a\xee\x88\x7b\xee\x4a\xbe\x9b\x42\x69\x88\xd9\xf0\x7e\xee\xe1\x7c\x54\x53\x51\x99\x4c\x0d\x51\x22\x7f\x80\x70\xcd\x7f\x6d\xba\xf5\xec\x2b\xd3\x2a\xc2\x4e\x3f\xa6\x52\xa0\xfe\xe4\x88\x18\x86\xa3\xc0\x08\xa0\x74\x9c\x1a\x2e\x34\x04\x6f\xb0\x46\x78\xf5\x4b\x94\xc8\x13\xaf\x5d\xb6\xfa\x1c\xd9\xa6\xf1\xd0\x4f\x6c\xa3\xbc\x3e\x82\xee\x6b\x4f\xc1\x5e\x4b\x56\x2f\x72\x23\xe6\x27\x41\xf5\x81\x00\xe6\x35\x1b\xc3\x34\x89\x38\x8e\x23\xc2\xde\x2f\xca\x68\x8a\x2b\xf0\x59\x23\x68\xc0\x80\x73\x56\xbc\x31\x95\xc6\xac\x8e\x61\xbe\x38\xe3\x8d\xe8\xbe\x39\xcc\x86\x43\xa2\x51\x68\xf9\xc1\x2a\x9e\x09\xe6\x06\x9b\xd5\x9f\x7c\x1c\xff\x99\xac\x76\x20\x01\x49\xd4\x94\xc5\x0b\xe1\x0a\xad\xed\xe9\x51\x83\x33\xda\x27\x31\x2c\xe4\x2f\x11\x41\x19\xff\xdd\x6a\x10\x78\x0e\x79\xa0\x2a\x4f\xfa\x06\xb7\x88\xff\xda\x53\x3f\x40\x4d\x84\xfe\xea\x2b\x81\x8c\xf3\xa0\x6f\xdf\x26\xad\xaf\x7e\x40\xa5\x40\x34\xc9\x3f\x28\x30\xc7\xf3\x0a\x60\xb8\x9d\xea\x12\x5f\xfe\xfc\x12\x47\xbe\xa5\x51\x38\xa4\x48\x19\x47\xf0\x41\xfa\x44\xfd\x21\x92\x2d\x39\x54\x98\x28\xc7\xea\xa8\x6a\x0a\x43\xfd\xe0\xa8\xe3\xde\x98\x97\xcf\xfc\x2d\x33\x85\x65\x93\x63\x7d\xde\x6f\x8e\xf2\x24\x58\xfa\xbd\xdd\x63\x70\x5c\x10\x3d\x35\x38\x2c\xee\x18\xf6\xf6\x87\xfb\x80\x67\x95\x1c\xa1\x6a\xb7\xe8\x54\x04\x80\x91\x93\x46\x96\x50\x56\x9f\x62\x52\xd7\xac\x5b\x4b\x7f\x30\xfc\xd9\xbd\xf2\xf5\xdd\xef\xf8\x38\x2a\x3b\xde\xc6\x18\xc6\xb0\x83\x5f\xfd\xd4\xb7\x3a\x2e\xea\xb2\x70\x18\x52\xd1\x69\x84\x54\x1c\x47\xe9\x33\xa8\xcb\xa0\xf0\x0c\x64\x9b\x6f\x82\x04\xcc\x1a\xb1\xde\x9b\xfc\x87\x2f\x31\x9d\xea\x4a\xea\x5c\x29\x0e\xa1\x2b\xdc\x9a\x4d\x21\x4c\xff\xfa\xbd\x91\x76\xcd\xa6\x8c\x44\x5d\x57\xd0\x0c\x10\xda\xcc\x18\x8e\x11\xf4\x92\xf1\x4b\x25\xd9\x63\x9e\xbb\xa4\xeb\x1f\x5f\xc5\x41\x0b\x3e\xb6\xdc\x3c\x42\xa5\x95\x45\x20\xe9\x51\x98\x16\x19\x61\x68\x40\xf4\x6f\x9e\xf4\x43\xab\xe8\xfa\x82\x6a\xff\x7e\x6e\xa5\x3f\x7d\x14\x00\x61\xa0\x7e\x34\x77\x54\xd7\x6c\x52\x89\x2a\xfd\x9c\x38\x27\xa4\x23\x18\x7f\xc9\x91\x06\x7d\x58\xaa\xee\xc8\x24\xab\xbc\x89\x3b\x88\x77\x0e\x81\x69\x04\x66\x89\x34\xa7\x5d\xa3\x0d\x1b\xd5\x27\x66\x30\x6c\xca\x48\x8d\x09\x35\x46\x2c\xfe\x34\xec\x65\xdc\xea\x18\xbe\x11\xc7\x20\x23\x81\x00\xdf\x55\x3a\xb7\x0f\x96\xf0\x02\x6e\xfb\x58\xc8\x29\x21\x1a\x6b\xc1\xee\xe6\xfe\x4a\x55\x47\xe4\x81\xad\xfd\x39\x72\xc8\x87\x43\x97\x37\xc5\x6c\x83\xab\xfa\x0d\x43\x47\x00\xac\x5b\x64\xaa\x91\x40\x8f\x6f\x7c\xa0\x5b\xe8\xf5\x2b\x2b\xf4\xcc\x1f\x9b\xc8\x26\xa5\x6a\xf9\x01\x25\x36\x1d\x3f\x07\x90\xf8\xe4\x9c\x0a\xda\x03\x44\x4c\x0b\x51\xfd\x7e\x63\x5f\x01\x4b\xbd\x51\x43\xd2\xcf\x87\xae\xcc\xb2\x14\x13\xf7\x53\xda\x0b\xd7\x38\x2b\x68\x63\xda\x8a\xc7\xc8\x35\xc7\x71\x09\x6c\xd0\x3a\x04\x5b\x15\x27\x97\x37\x0a\x34\xee\x25\xef\x7f\x58\x0d\x77\x93\xe5\x4a\xd3\x94\xaf\xc6\xe7\x7a\xad\x92\x76\x23\xc6\x6b\xd0\xc6\x6b\xf8\xdc\x1a\xce\xed\x2c\xf5\xcf\x15\x61\x6d\xc8\x22\xd2\x85\x7c\x69\xba\x0e\x5c\xd9\x31\x15\x78\xd5\xb5\x65\xdb\x36\x62\xdd\xb6\x4c\xb2\x76\x7e\x47\x78\xea\x3f\x9f\x5f\x6c\x8b\x28\x44\xbf\xf2\xdd\xf5\xfc\xfc\x35\xb1\x98\xc1\x64\x85\x24\x80\x39\xbd\x2c\xde\xa1\x6d\xdf\x20\x2d\xc8\xe6\x4b\xca\x70\x3e\x6d\x55\xce\xdd\x6f\xfb\xd0\xcd\xbb\xbe\x94\xa2\x62\x26\xf8\x45\xa0\x01\x05\x7c\x06\x0d\xab\x06\xe6\x3f\x6e\x0d\x83\xeb\xa4\x16\xab\x3c\x2f\xf3\x61\x43\xb8\xf2\xad\x96\xc9\x3a\xd9\xe3\x7c\x86\x24\xe6\xb5\x5e\xe3\x11\x9c\x5e\xe2\x8a\xc5\x59\xa3\x30\xa5\xec\x05\xac\x49\xd4\x22\xed\xd0\xe7\x13\xc5\xe2\x1d\x7c\xd4\x75\x5c\x1d\xc6\x50\x67\xe0\x7f\x18\x8f\x4e\xd0\xfe\x52\xcf\x4b\xf3\xe5\x0d\xf3\xd9\xec\x34\xe7\x19\xcc\x7a\x8d\x57\xb8\x08\x99\x2b\x16\x57\x1a\xdd\x94\x9e\x56\xba\xde\xc0\x9a\xac\x53\x45\xe8\x91\xab\x7b\xac\xd2\x6f\x28\x83\xff\x04\xa8\x19\x2a\xda\xc8\xfe\xd4\x3b\x34\x42\x16\x7a\x6b\x25\xb7\x42\xb5\x38\xee\xef\x7d\x06\xbe\x94\xbd\x6f\xfb\x31\xec\x1a\xeb\x15\x53\x0a\x99\x6d\xa0\xa5\xbe\x92\x6b\x97\xec\x04\x6e\x2d\xe3\xb5\x48\x7c\x5f\x00\x46\x04\xec\xd4\x31\xd3\x5f\xea\xaf\x7a\x8f\x36\xc9\x39\x4d\xff\x9f\x44\x2b\xc7\x54\xc8\x5c\xa2\x89\x89\x13\xae\xdf\x10\x07\x6d\xb2\x96\xf1\x12\xa6\xec\x16\xb2\xee\xdd\x60\xbb\xc2\xcf\x6a\x3f\x64\x32\x0e\x7a\x7d\x93\x00\x63\xbc\xe6\x89\xf8\x81\x02\xb8\xe5\x15\xc4\x5c\x70\x43\x9d\xfa\x40\xeb\x1f\xf3\xaf\x6e\xdf\x95\x0f\xc1\x5e\xc9\xdc\x8c\x4d\xef\xd5\x2a\xf6\x65\x09\x1b\x46\xd4\x54\x9a\x61\xa9\xa1\xc4\xc6\x60\x3d\xe3\x46\xd4\x80\xed\xb5\x72\x09\x88\x09\x02\xbe\x70\xb5\x41\xc0\x48\xc1\x92\x53\x78\xc1\x1b\x25\x32\x3b\xff\xce\xfd\xce\x6c\xf1\xe8\x3f\xe3\x8a\x9d\xb7\x96\xfe\x8c\xf0\x2d\x2c\xa8\x93\x4f\xc4\x0e\x31\xc5\x21\x5c\x16\x43\x6f\xb4\x8e\xd6\x06\x2a\x8b\x2c\xde\xa7\x63\x5d\xb1\xc8\xbf\xa5\x3c\x83\x31\x01\xc6\x8a\xb1\x49\x21\x57\x3b\x36\xaf\x72\xf6\x45\x3f\xb1\x1c\xcc\xff\xad\x5d\x6c\xfa\xe6\x32\x79\x55\x83\xc7\x39\x1a\xb2\xdf\x2a\x30\x8a\x86\xed\x3c\x5d\x4f\x72\x4e\x0d\x03\x65\x0c\x76\xa4\x0e\x42\x3c\x55\xa9\x79\xa2\x16\x31\x9b\x25\x6c\x08\x18\x7b\xc5\x4a\x1e\xfb\x43\xb8\x1e\xe7\x27\xd8\x05\xbe\x3f\x3e\x0f\x77\x45\xe3\x7a\x26\xbd\xe7\xaa\xf9\x56\xe7\x64\x9c\xc7\x30\x5d\x4d\xc1\x3a\x5d\x1b\xe6\x7a\xab\xeb\x8b\x8e\x23\xa7\x39\x9f\xa1\x08\x60\x23\xa7\x09\x9d\xc7\xf3\xea\xa2\xe1\xf5\xfb\x36\x03\xbf\x37\xfe\x48\x35\x2d\x62\xbd\x9f\x38\x41\x88\x5c\x9f\xcb\xe5\xbb\xab\xe6\x86\x18\x97\x75\x58\xdc\x20\x14\xdd\x20\x92\xee\x88\xd5\xd4\x5b\xbc\x3d\x79\x1e\x85\x2a\x9b\x27\xb1\xcf\x7d\x53\x2d\x37\xf2\x4b\xe8\x11\x1c\x86\xdc\xa0\x64\x6c\x93\x48\x4f\x51\xb6\xf1\xbf\x5e\xf4\xa2\xe1\x3b\x94\x33\x59\x61\x30\x6a\x2f\x12\x5d\x48\x84\x84\xc3\x52\x84\x9d\xe7\x39\x5e\x1f\xfc\xe6\xf2\x14\x94\x51\x46\x86\xca\x2c\xdf\xfb\x89\x9f\x5f\xba\x1b\xbe\x4e\xe3\x2b\x7b\x26\x8f\xdd\x63\xf0\x0c\x26\x97\xc4\x78\xef\xfc\xe8\x13\x51\x31\xf9\xeb\xf6\xda\xd0\x80\x07\x3c\x11\x99\xff\xc6\xcb\x7c\x28\x6a\x7a\x61\x1e\xa4\x19\x17\x31\x5b\x23\x37\xeb\x1b\x2c\x05\xae\xf4\x56\x0a\x5b\x0b\x6d\xc0\x34\x0a\x68\xce\x77\x09\xb0\x4d\x4f\x49\x93\x77\x0a\xe1\x78\x05\x22\x62\xa4\x58\x12\xff\xe3\x9d\x61\x82\xb8\xcb\x7c\xc9\x85\xd2\xc5\x21\x07\xc7\x34\x20\xbf\xb4\x29\xb0\x59\xf5\x3b\xd5\xcd\x74\xb5\x5d\xcf\xf6\xe3\xcc\x30\xbd\x70\xad\x58\x08\x18\x20\x4b\xbd\x5f\x55\x18\x3b\x75\x0c\x87\x5e\xbe\x8a\xe5\x1f\x7e\x32\x7f\x55\xd9\xdd\x63\x67\x74\x6e\x54\xfb\x94\xe1\x5a\xe6\x3b\x9d\x6f\xe5\x44\xae\xc0\x12\x72\x73\xf6\x29\xd2\x0e\x8a\x1a\x48\x9a\xbf\xa2\xb1\x5c\x9e\x1a\xb8\x61\x98\xd4\xbc\xe1\x56\x8a\x75\x5f\x96\x39\x8f\xf1\x59\xca\xee\x1e\x5c\xe3\x85\x9a\x51\x12\xa4\xc5\xf7\x8f\x81\x68\xfd\x52\x28\xee\x30\xd1\xb5\x75\x05\xa6\x0b\x98\x28\x0a\xa5\xe9\x32\xd0\xda\xd1\xbc\x2b\xed\x8e\x09\xf1\x3e\xf3\x61\x1e\xcf\xf4\xb2\x58\xc8\x3a\x29\x93\x55\x14\xfc\x5d\x4a\x7b\x81\x4a\xe9\x6e\xe7\x94\xf0\x1a\xd9\xc7\xc2\x59\xfa\x4f\x9e\x3a\x2a\x49\xd7\x0d\x93\xe0\x20\xac\xad\x65\xdc\x41\x72\x25\x1b\xaa\x87\x26\x39\xf9\x8a\x98\xad\xe2\xca\xcd\x5a\xaa\xcb\x5f\xd5\x72\x03\xba\xa7\x5a\x03\x72\xc2\xc8\x48\xc1\xe7\x41\x7f\xf7\x72\xae\xcb\x7c\x2b\xb3\x2d\x75\x44\xf1\x65\x20\xa3\x57\x00\xfe\x63\xfc\xd4\xe1\x88\xe6\x27\xa0\x65\x87\x92\xd7\xc2\x3a\x79\x36\x0d\x8f\xfb\xd7\xdf\x1d\xf6\xd7\xf8\xae\xa1\xb3\x8e\xc1\x33\x42\xc8\x20\xf6\x81\xd5\x06\x5c\x93\x7c\x64\xa1\xd3\x73\x02\xbf\x91\x81\xf8\x86\x04\x89\xa6\xa4\x99\xb6\xa1\x78\x94\xc3\x9e\x33\xb4\xbc\xcd\x99\x7c\x7a\x90\x16\x00\x6a\xf7\xe7\xd8\xce\x86\xa8\x78\xba\xf2\xac\xbf\x5e\x51\xf7\x44\xe4\x4a\x5a\xa7\x53\x50\xcb\x61\x2f\x05\xdf\x14\xdc\x5c\xf3\x73\xc8\x60\x42\x33\xca\x17\x20\x5e\x16\x9b\xe9\x44\xbe\x58\xa7\x9b\x33\xd9\x16\x10\x53\x40\xa0\x08\x00\xdf\x20\x9e\xe1\xdf\x4a\x66\x13\xa9\xbd\x32\xa5\x59\x93\x48\xec\xf6\xf2\x63\x90\xda\x0b\xc2\x20\x12\x30\xba\xd1\xfc\xcf\xba\x2e\x8a\x69\xc5\x4b\xd1\xd5\xfd\x73\xc5\x9f\x61\xdf\xc5\x3e\x74\x41\x99\x00\x51\x80\x02\x81\xeb\x80\xe2\x84\x16\x94\x45\x9c\x4d\x56\x53\x5d\xab\x14\x94\x43\x4c\x74\x36\xd3\xa1\x4c\x1c\x3e\xeb\xba\x16\x18\x68\x96\xfc\x58\xfa\x4b\xad\xe3\xb1\x6e\x82\x85\xd8\x1e\x38\xb0\x90\xe5\x79\xa7\xf7\x8d\xc7\xe0\x2d\xff\x3a\x57\xd6\xf0\x62\x7f\xfc\x2a\x71\x10\x9a\x7e\x19\xcb\x71\x65\x8c\x88\x14\x61\xff\x57\xfc\xfd\x8e\x93\x51\xf4\xc9\x3a\x24\x8b\x34\xd3\xbf\xe7\x30\xef\xd6\x52\x2b\xfe\xa9\x46\xe9\xb8\xe4\x19\x94\x31\x50\x0c\xb4\x21\xc8\x24\x8a\x1a\x7e\xf7\x37\xe7\xb3\xfc\x8d\x24\x14\x01\x6e\xe4\xa4\xe0\x71\xa7\x07\x80\x2e\x6f\xa3\xa5\xec\xa5\xe4\xb0\x9d\x08\xd3\x30\xe9\xf4\x3e\x8d\x5b\x2c\x95\x07\x54\x45\x23\xe6\x71\x93\xd2\xfb\x83\x1d\x6b\x1a\xe7\x42\xbe\x48\xc4\x0f\x53\x03\x99\x07\xad\xeb\x46\xd4\x3c\x59\x5b\xc0\xdd\xc0\x71\x40\x8f\xc1\x35\x0a\xf3\x24\xa0\x36\xad\x83\xfd\x4c\xfc\x06\xdc\xf7\x21\xd0\x16\x58\x5b\x4a\xf5\x05\x71\xd1\x5a\x68\x2b\xf5\x8d\x2c\xe9\xe1\xd1\x53\x85\xd0\x15\xc5\x21\x0a\xc5\x5f\xff\x86\xa1\x19\xfe\x7e\xb9\x70\xde\x83\x19\xbe\x8c\xc0\x1b\x9a\xd0\xeb\x9a\x11\x76\xb7\xbb\x4c\x15\x55\xba\x66\x63\xbf\x0e\xc1\x64\x96\x7d\xc3\xbd\x98\xa1\xfc\xd1\x8f\x5d\x0f\x95\xc2\xdd\xcd\x2c\xa5\x19\x4b\xd7\x46\xc7\x74\x0c\xa8\x0d\xc2\xfb\xf3\xeb\x99\x7a\x68\x98\x8c\x65\x80\xac\x69\x07\x80\xe1\xe1\xb6\xf3\x78\x6b\xfc\x43\x8e\x8f\xab\xf6\x7b\xd0\x79\xa9\x2a\xf6\xeb\x03\x82\x3d\xb8\x21\x54\xa7\xcd\xdd\xaa\xe9\xc6\xf1\x92\x39\xa0\xfb\x8b\xd2\x47\x69\xf2\x8e\xce\x35\x29\x6e\x32\xae\xc0\xf1\x49\x00\x53\x1f\x3e\xae\xc3\x2d\xed\x02\x65\xc2\x5f\xff\x8a\x53\x5a\x5a\x9e\x06\xcf\x2d\x3f\xb2\xbe\x77\xaf\xbe\x0f\x09\x70\x87\x45\x48\x4d\x72\x9f\x20\xee\xef\x46\xef\xf8\xa8\x0d\x7f\x0a\xff\x18\x67\xe9\x4d\x76\xb4\x6f\x4b\x0e\x19\xbb\xf5\x88\x84\xad\x6e\x80\x59\x4b\x23\xe5\x62\xa8\x14\xef\xae\x61\xdf\x1f\x8e\x5a\xd6\x31\x46\xaa\x72\x6d\x3c\x52\x8e\xf9\x23\xe2\x40\x22\x50\xad\x61\xb5\x8f\xed\x6a\x72\xc4\x74\xff\x73\x37\x37\x9d\x3c\x63\x4a\x6c\x45\xbc\xc5\x23\x48\xbe\xf6\xeb\x4c\xfd\xd7\x65\xaf\xf9\xf6\x46\xe7\x6f\xbe\x97\x6b\x0c\x34\xd2\xd2\x51\xed\x7a\x7e\x6f\x7c\x21\x82\xee\x8e\x02\xc7\xba\x72\x8f\x5a\x7e\x38\x65\x67\x85\x1f\x3c\x50\x09\x6e\xe3\x45\x7c\x6f\x8d\x66\x06\xd4\xda\x47\x57\x7a\xaf\xf4\xda\xc8\xec\xa8\x0f\xf8\x98\x7d\x02\xf2\xe1\x3f\x1f\x45\x74\xbc\x8c\x03\xb9\x61\x97\x3b\x6a\x35\x4f\xea\x53\x93\xbf\xe4\xf3\x51\x03\xa6\x4a\xd8\xbf\xb5\x6b\x1a\x73\xdd\x7b\xb9\xd8\x33\x4e\xf5\x05\x15\x0d\x84\x32\x93\x26\x2d\x33\x69\xc6\x1b\x11\x11\x5f\x1f\xff\xdf\xfd\x55\x5f\xb4\x28\x54\xee\x3f\x35\x56\xb9\x59\x31\xfb\x8c\xfc\x98\x7e\xca\xda\x0d\xe9\xff\xf0\x5d\xb0\x3e\xf3\x5a\xd7\xfe\x16\x95\x6b\x63\x28\x8d\x41\x17\xfb\x4a\x00\x57\xb3\xef\xf8\xd3\x0b\x96\xeb\x98\x27\xe9\x97\x6e\xe6\xa9\x35\x5b\x24\x21\x99\x29\xd6\xdd\x70\xcb\x56\xc2\x2e\xf0\x3f\x94\xdf\xc2\x0d\x37\xfe\xc4\x7c\xdc\xc8\x76\xfd\x99\xac\x1a\xc3\x13\x9f\xd7\x10\x35\x35\x14\x9b\xf4\x1c\x0d\xe6\xdf\x9d\x74\x26\xe5\xec\xf9\xe1\x67\xfb\x21\x19\x51\xe5\xec\xf9\xe6\x74\xa6\x07\xfa\x46\xf8\x37\x0e\xd5\x46\xf6\xfd\x58\xae\x26\x87\xcc\xd4\xba\xe9\x31\x2c\xaa\x36\xaf\x06\x78\x1a\x33\x27\x11\xd9\xd5\xdd\x49\xf9\xb7\x67\x5c\xa5\xbe\x34\xd7\x28\xd6\x40\xe9\x86\xf3\xed\xb1\xa7\x13\xc6\x74\x4a\x73\x3e\xd5\x65\x8f\x01\x7e\x30\x1c\xfd\x97\xd1\x4e\x16\xe6\xab\xcb\xd7\x3b\x88\x33\xd7\x68\x27\xd8\xb9\x5f\xe4\x42\xac\x17\x7a\x9d\x1b\x6a\xec\x15\x47\xff\xd8\x66\xca\x0f\x10\xff\x43\x18\x8c\x69\x67\x76\x87\x09\x07\xce\x7d\x0c\x68\xe7\x8e\x00\x6f\xd8\xbf\x58\x99\x22\x82\x3e\x84\x5c\x9e\xcb\x88\x33\xc9\x52\x71\xca\x69\x58\x90\x88\xdc\x28\xa9\x4b\xc3\xfe\xef\x7a\x14\xad\x0d\xb5\x45\x94\x43\x06\x9c\xdb\xc1\x4d\x7b\x25\x1f\xbc\x46\x30\x1b\x90\x1f\xfe\xe9\x4b\x5c\x8a\x3c\x96\x71\xc4\x79\xdc\x84\x7d\x56\x0d\x96\x2f\xd6\x80\xe1\xdb\x42\xed\xc8\xe5\x66\xea\x9f\x79\x39\x8a\x6a\x1c\x48\x4c\xf2\x30\x13\xc3\x71\xe4\x3b\xb5\x01\xdf\x46\x73\x8e\x1a\x26\xd2\x21\x25\x1a\xde\x0d\x6f\x5a\xfb\x13\xc7\x2a\xf7\xf5\xde\xec\xb5\xb2\x78\xb7\x19\x6c\xb0\xdc\x4d\xc5\x48\x5a\xef\xca\x7f\xb1\x9c\x87\xf9\xe2\x16\xb3\x70\x33\x39\x6a\x86\xe8\x86\x83\xe7\xa9\xd6\xcc\x88\xcc\x19\xfd\xf4\xb3\xdf\x65\xce\xf5\x54\x1f\xd9\xbb\x46\xa1\x26\x69\x64\x88\x48\xae\xd9\xb7\xfb\xa9\x85\xe1\xae\x62\xc2\x61\x79\x76\x79\xc5\x68\xa1\xd9\x2e\x44\x47\x53\xbf\x66\xd0\x54\xca\xbf\x8b\x9b\xec\x05\x91\xf6\xce\x07\x6e\x2b\x18\x8d\x66\xb6\x08\xa4\x08\x05\x9b\xea\x76\x9a\xf0\xac\x20\x7b\xcc\xf3\x73\x47\xd6\x50\xc4\x14\x33\x02\xc6\x09\x5b\xe5\xa6\x27\x6b\xe0\xb4\x74\xe8\x47\x85\xcf\x7f\xb8\x8e\xae\x1d\x92\x38\x1f\x77\x18\x65\xde\x23\x02\xee\x45\x46\x6d\xad\x97\x4e\xd4\x81\x19\x23\x79\xff\xe3\x0d\x9c\xbf\x7c\xd9\x0f\xe6\xb4\xb0\x63\x63\x90\x84\x8c\x7b\xc2\x9b\x9c\x3d\x63\x1c\x97\x6a\xb6\x83\xbc\x3f\x7c\x05\xac\xb3\x4a\xce\x30\x94\xcb\x45\x2a\x13\x84\xbc\x81\xe3\xb5\x8f\xae\xed\x1a\xb3\xc0\x8e\x4d\x26\xf6\x45\xb2\x3f\xb5\xef\x6c\xa6\x6c\x9b\x32\x8b\xbf\xe4\xe3\x6d\x96\x9c\x13\x65\x25\xf0\x3e\xff\xf9\x34\x50\xf3\xd3\x57\xdc\x60\x38\x36\x31\xda\x6e\xe6\x38\x4c\x1a\x1d\xa5\xc7\x34\xf3\x81\x1d\x4e\x5f\x4f\x08\x51\xc4\x7f\x5c\xc8\xcc\x1e\x70\x4d\xb1\x34\xcd\xcc\x19\xb0\x54\xdf\x71\x5b\x98\x06\xc7\x86\xfb\xee\x74\x57\x24\xb0\xf5\x4f\x0c\xd2\x24\x0d\x15\xb0\x6c\xb4\xc2\xd1\x00\xe7\x21\x66\xaa\x1b\x37\xc3\x9c\xce\xfa\xa5\xaf\xd4\x4a\xe6\x32\x7f\xe2\x0a\x66\xf7\xd5\xaf\xca\x28\x25\x2f\x37\xe8\xc0\x76\x1e\x15\xa1\xc2\x23\x5e\xff\x7a\x16\xeb\x42\x02\x4b\xc6\x7b\x3f\x7c\x12\x36\x09\x0e\x3c\x3d\xeb\x8a\x7d\x14\xa5\x56\xc7\x82\x97\xcb\xd8\x2b\xc6\x61\xff\xfa\xdd\x1f\x6c\x71\x07\x41\x37\xa3\x23\x06\xa8\x16\x1f\x7e\x95\xc0\xe1\xdb\x42\x71\x3a\x47\xfc\xc7\xbb\xd6\x7a\xfc\xd7\xd1\x04\xe7\x6a\x66\xca\x2c\x1f\xc2\x61\xa4\x1e\x02\x06\xcc\x16\xb0\x52\xe1\xfe\xed\x9f\x33\x3b\x1f\xdc\x32\x66\x5e\x50\x93\x22\xab\x24\xf8\x53\xcc\xbd\xd0\xf4\x5e\x2b\x34\xea\x5f\x5c\xd7\x60\x39\xd7\xf8\xc8\x81\xd3\x3d\x3a\x77\x6a\x4e\x8b\x0a\xb7\x06\xe9\x22\xb3\xa2\x21\x27\xec\x3f\xf2\x22\x28\x4e\xb9\x32\x8d\x27\xf1\xe2\xd4\xc2\x19\x4a\x30\xd7\xa9\x05\x5a\xf2\xaf\x87\x76\xd4\x34\xa0\x3e\x3f\xbc\x72\x43\xb1\x44\x4e\x58\xc0\x6d\x65\xa0\x78\xef\x8f\x6e\x7a\x17\x6d\x09\x7f\xc5\xc4\x0d\xa9\x4c\x38\x4c\xc5\x36\xa3\xee\x1f\x93\xd5\x18\xf6\x5c\x03\x35\xf9\x89\x05\xd4\x5b\xf4\xfc\xc5\x51\xf8\xbc\x0b\x49\x39\xcd\xe3\x4c\x63\xc4\xc4\xfc\x5f\x4c\xf7\x5d\xb5\x5b\x12\x42\x06\xec\x5c\x35\xf9\x02\x18\x26\x75\x4c\x83\x69\xca\x5d\x19\x01\x13\x29\x3f\xbe\x1f\xce\x5d\x91\xea\xd2\x32\x93\x75\xab\xd6\xf7\x5e\xe9\x32\x29\x18\x86\x8e\x60\x0e\xbb\xd9\xe3\x02\xdf\xfd\xe3\xc1\x2c\xda\xcc\xa4\x82\x01\x17\x19\x3e\x5d\xc1\x06\xf2\x73\x33\xeb\x12\xda\xe9\x94\x88\x97\x88\xdd\x11\xda\xe2\x4f\x6e\x87\xb7\x3a\x7e\x70\x04\xdb\x43\xcc\x26\xca\xfd\xcc\x50\x34\x83\xe7\x9c\xc8\x38\x39\xe5\x2f\x0e\xca\x39\x06\xa2\x58\x22\xe3\x93\x37\x04\x3d\x7e\xf9\x4a\x0e\x23\x3b\x23\x73\x74\x3f\x71\x94\xe5\x19\xe6\xa6\xcc\x9c\xa2\xc6\x05\x74\xf9\x08\x78\xbb\x1c\xff\x74\x02\xf2\xff\x9e\xbf\xf2\x61\x46\xc0\x85\x21\x0c\xc3\x31\x5a\x13\x1b\x3b\x15\x84\x65\x3a\xa8\xc0\x2d\xc3\xf9\xe1\x2f\xe0\x18\xf4\x97\x6f\x31\x04\x8b\xcb\x02\x9e\x8a\x77\xcb\x98\xe4\xe6\xd2\x77\xee\xef\xcf\xbf\x9f\x1f\xfc\xf7\xdd\x94\xbd\x66\x4e\x5f\x90\x51\x09\x7a\xcf\x4f\x72\xf3\xb5\x1c\x90\xde\x58\x70\x92\xfe\x4d\xae\x32\xb9\xd1\x60\x01\x2b\x42\xa4\xcf\x87\x29\x6e\x99\x0d\x19\xb0\xcb\xbf\xe7\x77\xc6\x69\xe4\x41\x8b\xd9\x18\xcc\x63\x6a\x93\xa2\x7b\xc4\x85\x02\x26\x1e\x34\x55\x35\x88\x30\x61\xff\xc9\xb6\x3e\xa8\xbd\x42\x7d\xf2\xf7\x29\x20\xf8\x4d\x48\x05\xa4\x88\x7c\xad\x7c\x2e\x5b\x18\xc8\xe5\xff\xe9\x4a\x88\x65\x41\x7d\x52\x24\x0a\x16\xf3\x6f\x99\x6e\x81\xa7\x74\xf2\x17\xf7\x6c\x96\x6a\xe4\xb6\x90\x7a\xfe\xef\xdc\x4e\xc1\xb1\x5f\x73\x58\xb6\x51\x41\x6c\x4d\xf1\x81\xca\x46\xb4\xc6\x15\xfe\xff\x58\x5a\xfc\x82\xe4\x5d\xf2\x4b\x49\xdb\xe2\xb4\xc3\x43\x09\x43\x07\xf9\x32\x51\x61\x8c\x8c\x45\xe6\x7d\xa3\xfc\xdc\x4b\x62\x4f\xe1\xf4\x3f\x8f\x42\xf5\x5e\x3d\x41\x3b\x85\x8f\x3b\x14\xda\x48\xa1\xb9\x1d\xe7\xaa\x8b\x8f\x8e\x05\xc9\x0f\xf2\x73\xd5\x9a\x30\xfd\x9c\x47\x54\x67\x41\x59\x9e\x3c\x93\x43\xea\xf4\xc8\xb2\xa5\x89\xf8\x39\xb8\xc6\x88\x78\x6f\x1f\xba\x2d\xab\x85\x2c\x08\x43\xd3\xbe\xb2\x92\x17\x97\xa7\xe3\x32\x7e\x85\x08\xa9\x2f\x0a\x42\xa7\xa4\x3f\xf2\x32\xc2\x9e\xd6\x30\x26\x5e\x54\x1e\x2d\xd0\xd3\x97\xbe\x20\x93\xbf\xcb\x81\xd2\x44\x27\x32\xc0\xb5\x5b\xb5\x24\x2b\xde\x76\x57\xc9\x10\x2e\x5f\xb9\xe6\x53\x33\x8c\xc2\x14\x3f\x2f\xf1\xb9\x4a\xed\xa7\x7f\x31\xc7\xa0\x2c\xfb\x2a\x01\x88\x91\x7d\x18\x86\x47\x34\x65\x88\xd9\x61\x97\x67\xda\xaa\x6a\x7d\x12\xc4\x0a\x07\x47\xf2\x3f\xf1\x00\x35\x91\x71\x02\x86\xc7\xe2\x89\xd1\x39\xfc\x3f\x2e\x4b\x54\x73\xbd\x2c\x59\x99\x9a\xff\xec\x6c\xd2\xa6\x2b\x31\xaf\x29\x92\x4e\x0d\x25\x39\x49\x61\x5b\xe9\x66\xf0\x0c\x66\x85\x4d\x32\x8b\x26\x56\xdc\x18\xde\x82\x19\xa0\xce\x4e\x82\x51\x03\x46\x41\x80\xdf\x09\x3f\x39\x6c\xa3\x35\xad\x1e\x02\x3e\x73\xe4\xa7\xd9\xd7\x5c\xce\x18\xb4\x86\x6c\x3b\xb2\xf5\x29\xa6\xb6\x57\x25\x32\x28\x1e\x4a\x6e\xb1\x64\x17\xfb\xe3\x77\x29\xde\xa7\x1e\x76\x92\xa5\xe5\x69\xeb\x68\xae\xf9\x9f\x33\xba\xb0\xda\x82\x86\xe5\x72\xe1\x89\xa1\x9f\x74\xc2\x0e\x9b\x9b\x84\xf5\x70\x46\x6c\x53\x88\x86\xba\xd9\xc9\x75\x63\xf5\x74\x75\xb2\xf2\xc6\x21\xec\x25\x45\x01\x47\x6d\x7c\xb0\xed\x01\x9d\xde\xcd\x8f\x06\x1b\x7c\xfd\xf8\x8a\xbb\x1f\x5f\xd6\x72\x9a\xb7\xc2\x40\xdc\x28\xd3\x93\x47\x95\xbe\xf3\xc3\x50\xac\xa6\x60\x1d\xf1\xb8\xd4\x74\xf5\x6e\x34\x3f\xf8\x6f\x1f\x3f\x54\x79\x6c\x1f\x81\x94\x19\xc2\xbe\x61\x6b\x86\x49\x37\xdb\xfc\x2c\xff\xc4\x46\xc2\xe1\x79\x87\x41\x85\xc3\xff\x3b\x67\xf2\xe8\xbc\x0b\xfb\xd5\xbb\x92\xcd\x1e\x17\xab\x63\x02\x15\x30\x52\x15\x95\x5f\xa1\x75\xae\x0a\xd2\x24\x34\x7d\x3b\x97\xb2\xce\xa6\xba\x1f\x20\x30\x51\xa4\x45\x44\x30\x37\x88\xe4\x44\xa6\x4b\x9c\xad\xf9\xbe\x94\xcc\x0c\xf4\xe3\x4f\xb3\x4f\x6f\x10\x4e\x3e\xf2\xad\x2a\xf4\x6b\xc5\x80\xdb\x78\xce\x59\x47\x05\x8f\xe9\x07\xb4\x75\xef\x3b\xa0\x70\x2f\x52\xbd\x0c\x26\x32\xc8\x08\x86\x84\xcd\x04\xc5\xe9\x4e\xb2\xad\x14\x11\x6e\x34\x72\x09\x37\xed\x3f\x99\x67\x2c\xe3\x7c\x01\xe7\x26\x77\x73\xf8\xb2\x12\xdc\x90\x93\x43\xd8\x08\x82\xdc\x91\x90\x4a\x2e\x60\xdf\x95\x24\xd6\xb5\xc4\x5e\x9a\x3a\x18\xde\xa2\x06\x71\xc9\x99\x88\x94\x14\x14\x3e\xba\xc5\xbd\xf2\xa2\xe3\x0d\xed\x3f\x9d\xc1\xd3\x33\xf5\x91\x31\x52\xf4\xc2\x72\xcb\xd6\x79\xf0\xd2\x2d\x37\x61\x94\xc1\x61\xc2\xfa\x24\xb0\xac\xb4\x92\x7e\x87\x7a\x4b\x23\xe7\xfa\x2c\xcd\x21\xce\x67\xa7\x59\x73\xf7\xe5\xee\xc4\x49\xd8\xff\xb7\x2f\x0e\xb9\xb2\x36\xdf\x94\xef\x1e\x62\x51\x80\xfa\xa0\x4c\xd4\x77\xa4\xaa\x4b\xa8\xf0\x0d\x16\xe2\xe4\x18\x5c\x92\xba\x16\xe3\xa6\x26\xba\xae\xec\x21\x1c\x86\xc6\x99\xd7\x3e\xa7\xe6\x8f\x21\x68\x4d\xab\x72\xff\xf4\x81\xbc\xb0\x5f\xed\xae\x4c\x71\x2d\xc3\x28\x84\x7f\x59\x78\xee\x75\x33\xd9\xed\x4d\x13\x9c\xe2\x2e\xf1\xba\x4a\x72\xfb\xbc\x07\x43\x38\x91\x52\xb1\x47\x90\xb4\xe1\xbb\x37\x1c\x1f\x42\x2f\x71\x81\xc1\x21\x39\xa0\x57\xe0\x1b\x30\x81\xf2\xb3\x64\x5c\xe0\xed\xb4\xeb\x39\x71\x4f\xc7\xfd\x81\xab\x8c\xfb\xea\xc5\x18\x0e\x89\x45\xda\x10\x6d\xff\xbe\x40\xc1\xa1\xc4\xe2\x73\xb9\x6f\xbf\x5c\xf2\x46\xc9\xaf\x35\xaf\xeb\x2c\x69\xdc\xd7\x32\xad\x90\xbb\x2b\xdb\x9e\x4b\x55\xb3\x1b\x28\x10\x96\x9f\x7b\xc7\x9c\xd3\x20\x4f\xb4\xc5\x74\x32\x1b\xf1\xf9\xc0\x42\xca\x69\x9d\x66\x7c\xeb\x09\x4b\x25\xd1\x06\xcb\xa7\x90\x9a\x79\x08\x36\x13\xcc\x47\xe2\x5c\xb7\x86\xbf\x3d\xfa\x52\xdb\x4f\xda\x76\xef\xb2\x4e\xda\x46\x15\x06\xae\x13\x4a\xaf\xd0\xbc\xfe\xc3\xcb\xc8\x14\xa9\x1c\x75\xbc\xf7\x3a\xc9\xb7\x1e\x7a\xce\x5b\xce\x6d\x59\xc9\x1d\x20\xb6\x86\x32\x78\x8e\x6c\x92\x84\xfb\xa5\x27\x5c\x4f\xf6\xcf\x17\xcd\x48\xb4\xaa\x61\xe9\x33\x8d\x97\x13\x59\x55\xf9\x2a\x46\xf8\x4d\x9c\x19\xa7\xc4\x56\x7e\x0a\xa7\xfb\xc9\x79\xf5\x8c\xd5\xf1\xde\x93\x30\x05\x0d\xd3\xf6\x40\x95\xcb\x71\x90\x3b\xb0\x94\xf2\x72\x25\x3c\x37\xe5\x38\x65\xb2\x6b\x35\x2e\x3b\x48\x1d\x79\x36\x22\x33\xf7\x88\x92\x6e\x04\x57\x66\x8f\x41\x09\x25\xa7\xa4\x73\x36\x2a\x2b\xee\xe7\xc7\xd6\xf3\xfb\x47\xde\x7f\x19\x8a\x76\xf2\x07\xcd\x1e\x37\x85\xc1\xa4\xf9\x34\x3f\xca\x6b\x51\xf7\xf7\x43\x15\x7e\x1a\x03\x37\x72\x5e\x68\xae\x86\x08\x66\xe4\xa7\x21\xe5\x96\x0e\x56\x66\x23\x04\xd2\xf2\x13\x93\x59\x1e\x37\xc5\x74\x22\xa8\xb5\x9e\x95\x1e\x1b\x73\x44\x4c\x50\x77\xbd\x20\xe5\x98\x8e\x79\x05\xe6\x63\x3c\x06\xf7\x98\xc8\xfc\xe5\xcb\xca\xe4\x85\xaa\x59\xe6\x11\x7b\x7b\x53\x30\x4a\xbf\xc6\x64\xdb\xf2\x3d\x9c\x6e\xde\x95\xf5\xfa\x08\x3f\xb1\xab\xd1\xb0\x97\x93\x44\xf7\xde\x94\x37\x19\xc0\x70\x54\x80\xb3\xac\xf6\x25\xef\x44\x15\x5e\x4f\x71\x83\x19\xe0\x99\xe3\x43\x9b\xe9\x77\x55\xbf\x48\xf4\x64\x7d\x1d\xe0\x28\xde\x7e\x94\x19\x48\xf5\xca\x6d\x84\x40\xfc\xdf\xe7\x14\x0a\xc6\xd0\x93\xca\xf1\xe5\x08\x42\x46\xb0\xda\x53\xd8\x5f\xcf\x0f\x76\x59\x6a\x6b\x2d\x34\xb8\x10\x50\x29\xdf\x84\xee\x12\xea\x08\x46\x2b\x1a\x11\xeb\xa2\x35\xc0\xf1\x7e\x3f\x82\xdd\xf9\xf7\xb8\x60\x07\x25\x6b\x57\xab\x31\xf1\x8f\x4e\x8f\x59\xf6\x50\xe4\x84\xc0\x11\xea\xd7\x47\xc6\x0b\x5c\x36\x94\x4b\xe4\x84\x90\x28\xf5\x2c\x3b\x12\xcd\x32\xcd\x63\x40\xfd\xba\xca\x42\x1b\x7c\x03\xd9\x04\xe0\xce\xe4\x6b\x60\xd2\x42\x64\xd3\x0b\x12\xf1\xd3\x73\x8d\x66\xc0\xfc\xcb\x87\x23\x3d\x03\x7c\xe8\x78\x43\x13\xff\x3b\xfb\x4d\x03\xed\x8d\x69\x2f\xc6\xb7\x53\xba\x55\x11\xb4\x6e\xb3\xc0\xa5\x4c\x74\x3e\x79\xac\x29\xb7\x06\x2a\xfe\x50\xbf\xce\x58\x6c\x81\x46\xc8\xba\x03\xb7\xa6\x19\xf5\x1f\x6e\xf6\x6c\xbd\x29\xb6\x52\xf2\xd3\x17\x88\x61\x93\xd8\xc2\x3b\xda\xd2\xe6\x8d\xbf\x51\x0f\x8c\x8d\xd7\x78\xa1\xd7\x78\xd2\x2f\x85\xd1\x28\xa8\x15\x7c\xb9\x85\x61\x0e\xc0\x5d\xba\xdf\x31\xca\x66\x71\xfa\xe6\x8c\xf1\xfc\xd4\x30\xf6\x8a\xf5\x4e\x1d\xa3\xbc\xb6\x55\xf4\xe9\x2b\x12\x46\xd8\x1e\xe1\xba\x69\x3b\x7d\x3c\x3e\x44\x58\x6d\x4e\xd3\xb1\xf1\x65\xaf\x4c\x0e\xd6\xa9\xce\xbe\xec\xb1\xd3\x13\x55\x0f\x94\x9b\x21\xd1\x69\xe4\xc7\x2f\x9b\x26\xc6\x2c\xb3\x6f\x9c\xe2\x70\xff\xa3\xdb\x85\x46\xc0\x8b\xd3\x85\x2c\x65\x81\x91\xc1\x0d\x00\x3e\x34\x2d\xf0\xa8\x4b\x11\xaa\x65\xf6\xd6\x16\xda\xf8\xcc\x84\x39\xd9\x34\xfd\xf8\x3d\x0c\x97\xa5\xac\xa7\x99\x72\x5b\x38\x74\xea\xcd\x47\xa9\x5c\xe9\x2e\x76\x9c\xf9\x77\x2e\xd9\xa2\x9e\x91\x00\x10\x02\xef\x8c\x85\xf0\x70\xbe\x32\x02\xd8\x9f\x92\xdf\x4a\x18\x2d\xd7\x6a\xda\x46\x54\x16\x88\x29\x22\x50\x81\x81\xf9\x6c\xdc\x46\x0b\x49\xa7\xa0\x28\xf6\x07\xce\x48\xb4\x48\xd2\x4f\x7b\xc5\x42\xad\xde\x9c\x9c\x5a\x41\xa3\xfc\xe7\xbb\xdb\xcf\x1d\xbb\x1e\xae\x8d\x18\x40\x7e\x25\x6c\x72\x48\xd9\xaa\x81\xc4\x5b\xeb\x1a\x5c\x02\xd8\xf4\x23\x2e\x34\xde\xcf\x74\x02\x49\x86\xed\x74\xda\x16\xc7\xa3\xca\xaf\xd2\x2b\x19\x97\x8b\x97\xfb\x67\x9c\x62\x67\x65\x0c\x17\x7c\x37\xcd\xf4\xef\x1e\x61\xcb\x37\x2f\x1d\xc4\xab\xe1\xe7\x1b\x84\x63\xf7\x7e\xd4\x81\x92\xf9\xfe\xab\xac\x57\x2b\x30\xef\x9f\x78\x8a\x69\x58\xe0\xaa\x5d\x08\x2f\x98\xc9\xd9\x8b\xf2\x73\xc4\x2b\x38\x5d\x63\x09\x1f\x0e\x57\xde\xa8\x51\x17\x70\xec\xde\xc0\x00\x59\x92\x9b\xe2\x9f\x57\x06\xc5\xf1\x58\x54\xc1\x21\xd5\xa7\xff\x8b\x4d\x01\x9e\xa1\x3b\x10\x59\x24\xe7\xf5\xdd\xd6\xf1\xfc\xee\xdc\x31\x05\xac\xd8\x66\xf3\x3a\x2f\xe1\x29\x8f\x66\xe4\xba\xdd\xf4\x00\x53\x6f\x1b\x35\xd5\x27\x34\x7f\xca\x96\x27\xfc\xc1\x0a\xf1\x9e\x1a\x91\x9d\xa3\xbc\x54\xe9\x3d\x9b\x32\xc3\x30\xd8\xb4\xef\x3b\xd9\x44\x38\x9c\xd9\xba\x06\x3b\xbf\x8e\x51\x6c\x34\x9f\x37\x10\xb5\x34\x75\xf5\x8f\xca\xed\xf2\x65\x23\x7f\xe2\x5c\xbe\x6f\x90\x9d\xa7\x90\x0a\x46\x8a\x80\x48\xd6\x7d\xd3\xa8\x8b\x18\xd7\x75\xf1\x10\x06\x39\x96\xb6\x79\xf5\xa2\x73\xaf\x6b\xe3\xe4\x30\x53\x5a\xdc\xf0\xfe\x3b\x13\xbc\xbe\xe1\x72\x8f\xe1\x0d\x7a\x40\x1f\x75\xf5\x5e\x7d\x48\x23\xb6\x00\x71\x17\x22\x1d\xed\x0b\x83\x09\xb3\x91\xfc\x28\x46\xed\xbd\x5e\x73\x77\xc0\x27\x8e\x5c\xb2\x76\x7d\x8c\x6a\x58\xbc\xbf\x9c\xf4\x20\x37\xf6\xd2\xaf\x31\xe8\xfd\x80\xe5\x4f\x85\x6e\x16\x79\x6e\x8b\x46\x09\xb5\x35\x8d\xa0\x01\x67\x9a\x39\xba\xc9\x36\x72\x05\xd0\x38\xce\xbf\x38\x5a\xd6\x71\x33\xd4\x47\x11\x9a\x8c\x8e\x50\xe6\x72\x3b\xcc\x95\x13\xd5\x7e\x70\xfd\x38\x8e\xc7\xed\x22\xe4\x0b\xf8\xde\x9c\x88\x4b\x01\x76\xa7\x07\xbb\xb7\xbf\x79\xf4\x05\x9f\x92\xdf\x2c\xf8\x13\xe8\x5e\x35\xb1\x76\x01\xe3\x1b\x2d\x54\x2b\xaf\xe9\x6f\x74\x8a\x2f\xec\xa0\xfa\x01\x82\x68\xde\x3c\x83\xe9\x5c\x97\xdb\xc4\x0e\x17\x7f\x5f\x53\xcf\x32\x3f\xb1\x1c\xfb\x38\xf9\xc8\x55\xad\x09\xfb\xb1\x78\xf8\x79\x2e\x26\xff\xe5\x97\x84\xcb\x7b\x45\xd0\x8e\x32\x74\x97\xac\xf1\x76\xb6\xb1\x79\xcf\x5d\x60\xf9\x7f\x72\x43\x2d\xdf\x03\x52\xa4\x77\x3f\xd6\x23\x5f\x0a\xff\x23\xcb\xf8\x2f\xe7\xc4\xc5\x51\x3f\x8e\xe0\xae\x9a\x17\x70\x69\x97\x3d\xd1\xf1\xcd\xe3\x7b\xec\xe6\xbf\x87\xe6\xfc\xc1\x3f\x79\xbc\x27\xe0\x68\xa5\xa3\xec\x8d\x92\x85\xf5\x48\x06\x8f\x3d\x0d\x34\x5f\x5d\x75\x20\xb3\xf9\x00\x11\x84\xba\x9f\x72\x3b\x8a\x98\x9d\xae\xed\x68\x40\xbe\x91\xee\xfa\xfe\xa3\x37\xd8\x23\xdb\x2c\xb6\xac\xfc\x9b\x23\x9f\x04\x89\xfd\xe6\x04\x97\x66\xf0\x62\x05\x9f\xd2\x17\x4f\xec\x91\x21\xfe\xc7\x27\xbb\xae\x94\x89\xd5\xa6\xf7\x62\x3f\xd7\x04\x8b\x43\x6f\x8f\x15\x8c\x5d\x96\xf3\xb9\x91\xbf\xff\xe2\x0b\x53\x40\x3e\x9c\xde\x30\x2d\x65\xb4\xcf\xab\xc2\x1a\x5f\x9e\x07\x7d\x1a\x12\x68\xb6\xa4\xad\xb2\x76\x43\xb6\xff\x7a\x3a\xab\xbc\x3d\x63\x7a\x72\xd3\x77\x95\xaa\x03\x52\x89\x57\xc0\x54\x57\x6d\xb0\xc5\xff\xc4\x55\x2d\xf3\x30\xe7\x2b\x98\xef\x90\x6b\x65\x35\x12\x26\x26\x22\x11\x0f\xaa\x37\xa7\x94\x3f\x7e\x84\x74\x29\x56\xac\xf0\x65\xbe\xd6\x62\x61\x4e\x4f\xc5\x5f\x01\xe3\x96\x99\xbd\x35\x98\xc3\xbf\xff\x3f\x96\x61\xeb\x46\xf5\x84\x23\x21\xd6\x0e\x92\x14\x51\x84\x2f\xe0\xd4\x21\x0d\xfb\x9f\xf5\xce\x48\x8f\x74\x33\x8b\x62\xdf\xc8\xfb\xe0\x35\xca\x15\x8c\x29\x0c\x77\x03\xe4\x9c\xfb\x81\x0c\xec\x1f\x97\xf9\x9b\x90\x95\xff\xa9\xb4\xf2\x6d\x80\x64\xc5\x13\x2c\xc2\xf5\x8f\xa3\x16\xba\xf4\x2b\x9e\xfb\x9f\xb5\x7e\x14\x80\x67\xac\x87\xc9\xdb\x6c\x5d\xf9\xed\x2c\xad\x93\x3f\x52\x71\x88\x44\x25\x20\xfe\x5f\x6c\xf2\xeb\x19\x2d\x50\xc0\xc1\xd0\x63\xe5\xcf\xbc\x3b\x76\xc4\x2f\x8d\xfc\x83\xdf\xf1\x25\xe5\xb0\xe4\x64\xbf\xe2\xbc\x35\x9a\x7e\x47\xda\x5d\xe9\x83\xd9\x7c\xed\x76\x87\x8a\xff\x17\x07\x9b\xcb\x61\xf6\x9d\xbf\x36\xb2\x75\x55\xee\xfd\x86\x42\x78\x5b\xed\x1b\x30\x55\x75\x41\x68\x23\x3b\xdd\x5f\x1e\x45\xbe\x77\x17\xa5\xf7\x4b\x6b\x66\x28\xb2\x5d\xb2\x5d\xaa\x27\xe3\x29\x74\x43\xc0\x09\xe5\xb6\x8b\xff\x89\x3b\xd9\x31\x77\x50\xf9\xd4\x2a\x11\xa2\x2c\x87\x9e\x2c\x19\xae\xbe\x5d\xc0\x15\x64\x5b\xa8\x9c\xed\x40\xff\xd6\x32\xb1\xe2\x8b\xb1\xef\x2e\x52\x79\x9a\x8a\x03\x62\x2d\x68\xc0\xe4\x00\x5d\xc8\xec\x47\xf4\xfe\x07\x07\x50\x9e\x84\x41\x2a\x5f\x35\xa6\x6d\xce\x7b\xad\x9e\xbf\xf6\xfd\x40\xfe\x2e\xf3\x0c\xfb\x0f\x6f\xc2\x67\x92\xd2\xde\x33\x45\x4e\xc4\x4d\x97\x06\xc3\x46\xaa\x3e\x8e\x61\x53\xa7\x98\x47\xae\x5d\x90\x3f\x0f\xd3\x6d\xc3\x5f\x9c\xe5\xb9\x79\x97\x9d\x28\x5a\x2c\xd8\x88\xfe\x1c\xe1\x4c\xcb\x9f\x12\x66\x98\x5d\x76\x75\x3a\x09\x9c\xff\xf4\xbe\xa3\x11\x85\x3f\x2a\x16\xa8\xcc\xfb\x83\x60\xa8\xe1\x7d\xac\xe6\xde\x27\x4b\x30\x43\x51\x0c\xc3\xd5\x31\x04\xf7\x2f\x37\x95\xd1\xa5\x0f\x15\xf9\x34\xc8\x6c\xf2\x4c\xcb\xbf\x7f\x5b\xdb\x2c\x35\xf1\xd1\xe6\x81\x91\x23\xee\x8a\x16\xea\x10\x05\x8f\x19\x7f\xb0\x63\x83\x28\xfc\xae\x72\x35\x2b\xc7\x2a\xe7\xfa\xa0\xed\x60\x13\x85\x53\x98\x68\x19\x2a\xde\xf6\x0f\xf3\xe9\x5c\x75\x5e\x8c\x5d\x67\x33\x7d\x19\xa7\x6f\xc9\xa5\xfd\x0e\xf7\xae\xbb\x7c\xd4\x54\x58\x48\xae\xf1\xbe\x3b\x0d\x4e\x18\x02\x71\x1d\x15\x77\x2a\x0b\xc8\xeb\xff\x60\x71\x4e\xb2\x87\x11\x47\x24\xf5\xb0\x1e\xf0\xc0\x60\xb1\xf9\xb6\x6a\x6a\xab\x1f\xf6\x73\x53\x95\xe2\x7e\x0d\x22\x5b\x3e\x7d\x51\x1e\xd8\x52\xf0\x43\x6a\x74\xfc\x1a\xa6\x8e\xf7\x47\x07\x46\x8d\xce\xf0\x7d\xe7\x96\xa7\x7c\x4a\xba\x71\xb6\x81\x29\x75\x08\x72\x21\xd2\xf5\x48\x07\xaf\x62\xaa\xc6\x37\x65\x9d\xdd\xad\x7b\x45\x1d\xf6\x05\xb0\x9b\x09\x7f\x78\xff\x38\xb9\xc8\x3f\xa5\xa8\xc9\xc6\x39\x80\x36\xe7\xc3\x34\x64\xb5\x4f\x5b\x70\x9d\xeb\xb1\xe9\x50\x09\x36\x7f\xa1\x38\x18\x79\xde\xdb\x1c\x75\x8a\x83\x61\xb6\x39\xae\xa3\xb3\x53\x8f\xdd\x4c\x30\x3c\xff\xc9\xc1\x25\xa8\x18\xc7\x7f\xb5\xe9\x00\xa7\x9a\xae\xbe\x6b\xb6\xee\x32\xdb\x14\xa6\x8e\xcb\xf4\xf1\xc1\x4e\x2d\x5d\x44\x8c\xfc\x7a\xd8\xa4\x94\x79\x9a\x6d\x2e\x66\x1f\xb4\xad\x8d\x9d\xab\xa2\xa2\x26\xee\xff\xf3\x7b\x60\x5e\x7e\x69\x23\xa0\xcd\xfb\x35\xd1\xa6\x03\xbd\x55\xf8\xfc\xe6\xac\xf3\x47\x24\xe1\x1a\xc8\x7a\xcd\x3c\x0c\x87\xd4\x3e\x8c\xb6\x52\xd1\xa9\x78\x76\x51\x2d\xde\x76\x37\x0e\xaa\x6d\xb8\x0e\x3b\xfe\xe8\x5a\xee\x11\x5a\x0a\x61\xf0\x0a\xe5\xa6\xa2\xb6\xc3\x01\x0e\xc5\x04\x15\xef\x3d\x97\x3f\xee\x90\x28\x8b\x90\xc8\x2d\xb1\xac\xeb\xbc\x1f\x38\x56\x29\x47\x9d\x12\xb1\x3b\x8f\x7b\x46\xb6\xdf\x80\xfb\xa7\xf3\xd9\x46\x71\x5d\x71\x2f\xbf\x07\xac\x89\xfb\x1b\xd3\xf2\xce\xfd\x67\x2f\x9f\x62\x5c\x12\xae\x83\x10\xcd\xd6\x52\x5e\xa7\x19\xcc\xd2\xe6\xc1\x0d\x42\xd5\xcf\x3f\x4c\x5b\xe1\xaf\xbe\xb0\x09\xf8\x62\x5f\x53\xfa\xdf\xde\x25\x4d\xd9\x78\x91\x9e\x16\xfe\x5a\x8d\x6b\x6d\x83\xc0\xbe\x30\x8e\x18\x05\x58\x25\xb9\x2e\xa7\xdd\x2b\x63\xe4\x32\xbb\x58\x4b\xa8\xc0\x70\x18\x0f\x96\x47\x75\x30\x3d\x7d\x29\x68\xf4\x6e\xf9\x94\x6f\x47\x71\xf8\x1f\x8e\x50\x8e\xfd\x8a\x98\xed\x7a\xad\x2d\xba\x11\x7e\xa4\x56\xa4\x6a\x23\x71\x76\x6b\xfe\xd6\x89\xcd\x4b\xc9\x33\x06\x41\x06\x97\x9f\xa4\xe2\x1c\xaf\xf0\x9b\x42\xee\x81\x74\x5a\xfa\x0e\x86\xc7\x28\xcd\x00\x59\x83\xf2\x54\x6f\xd3\xaa\x6b\xd8\xf6\x7f\xb1\xee\x5a\xbf\x28\x2d\x59\x9f\x86\xe1\x33\x1c\xb4\xd3\x3c\x4f\x03\xed\x13\x60\xa6\x7e\x25\xf3\x35\x4b\x0d\x6e\xfa\xc1\x9d\xe9\x4b\x9e\x8d\xe7\x72\x4f\x2e\xe0\x10\xc0\x73\x60\x5e\x57\xe9\xac\xc7\x14\x3f\x38\x2d\xa3\xdd\x6a\xce\x50\x7a\xde\xb9\xa5\x00\x9b\x47\x11\x76\x5d\xe0\x74\x09\x62\x88\xf5\x9c\xf6\xb6\x8a\x25\x72\x3b\xc2\x11\x77\x57\x1f\xaa\x6e\x0b\xd5\xc7\x59\x66\xc8\x53\xa2\xe6\x93\xdc\x4e\x2b\xa6\x0a\x25\x38\x74\x27\x29\x06\xb7\xd9\x57\xfe\x61\xd3\xdf\x3e\x81\x8e\x06\x48\x85\x7e\x2d\x34\xf0\x12\x51\x46\xff\x9d\x33\x56\x53\x5d\xcd\xd5\x35\x9b\x52\xcc\x06\x6d\x74\x82\xe4\x63\x90\x6a\xf0\xb2\xc0\x35\x47\xa6\x3c\x9c\xaa\x77\xf6\xf7\x9e\xf5\x3c\x41\x4c\xb9\x87\x5a\xba\x0d\xcc\x73\x27\x3c\x9b\xd7\x54\x22\x4d\x75\xbf\x73\xfd\x30\xd0\x37\xcf\x9d\x59\xb0\xca\x59\x8a\x6e\x66\x48\x53\xd5\x12\x54\xc9\x73\x5b\x8b\x31\xfa\xa3\x53\x5b\xe4\xd5\x3f\x23\xaa\x3a\x94\x45\x40\x20\x0a\x04\xbc\xa4\xc9\xfe\x89\x94\xaa\x6a\x41\xdf\x2f\x1c\x12\xbe\xb2\xd0\xf6\x0b\x54\x4d\x6f\xd7\x15\x8e\x03\xbd\x93\xe1\x25\x36\xad\x34\x7a\x16\x7a\x6b\x08\xa3\x07\x9f\x77\x65\x73\x24\x6d\xb1\xe7\xdd\xf2\x2f\x89\x09\xd7\xea\xb1\xef\xf3\xf7\xde\x38\xc3\x32\x9f\x36\x50\xda\x9e\xea\x9d\x96\x78\x3a\x28\x6a\x92\x76\x9e\xf0\x17\x80\x90\x8c\x70\xd5\x04\xb6\x7c\xeb\x66\x9c\x05\x2b\xfb\x6f\xb6\xb7\x22\x33\xbb\xac\x24\x40\x92\xe4\xec\xdd\x2b\x79\xc5\xf2\xc2\x56\x0b\x9b\xca\x3d\x86\x71\xc8\x16\xac\xe7\x58\xed\xf3\x27\x91\xc6\x70\x8a\xec\x2a\x35\x52\xa4\xbd\x69\xe4\x2f\x8e\x6a\xb8\xad\x6b\x89\xc9\x5e\x16\x4c\x1e\x02\xc1\xc9\x4b\xf9\xa9\xc9\x9a\x27\x38\x45\xea\xb2\x63\xf8\x18\x12\xc7\xa9\x37\x3e\x76\x9a\x0e\x57\x9f\x4b\xd6\xb4\x69\xdd\xe5\xab\x5c\x1c\x14\x2b\xfe\x0c\xca\x24\x6d\xf9\x6a\xd1\xa2\xb8\xd7\x8a\xc7\x5a\xa4\x1d\x18\x71\xbd\xd1\xda\x6a\xca\xdc\x74\x22\x33\x87\x16\xbd\x76\x52\xe9\xc7\x23\x2d\x47\xe8\x41\xe2\x26\x3d\xee\xd8\x38\x12\xfe\x07\xd5\xdd\xcb\xf2\x1e\xd9\xa2\xb2\xea\x5d\xdc\x7b\x9a\x69\x21\x89\xca\xdd\x8a\x02\xcd\xfe\x5c\xa3\x63\x9e\xfe\x5f\x5d\xc1\x28\x72\x22\xe9\x4c\x6c\xaa\x7b\x8e\x89\x33\x2d\x1b\xcc\xeb\x9f\xd7\xa7\xc4\x41\x0b\x47\x0b\xe4\xce\xbd\xc2\xe1\x78\x0f\x47\x53\x11\xdc\x9f\x7b\x13\x46\xbb\xd6\x94\x6d\x25\xad\x45\xcb\x53\x8e\xb7\x7d\x88\x92\x29\xb2\xb1\x8c\x23\x31\x07\xa5\x92\x73\x7d\x38\x15\x99\xb2\x84\x26\xa7\x4e\xe3\xef\x72\x9c\x13\x6f\x73\x33\xd0\xb3\x39\x1a\xb2\xed\xae\x26\x7f\xd6\xd3\xdc\x9a\x8f\xe4\x20\x23\xf4\x24\x61\x7e\x3b\x65\xd5\x00\x5f\x3a\x23\x24\xf4\x8c\xab\x70\x3d\xc4\x8d\x8b\x55\x53\xf8\x15\x21\x25\xbb\xeb\x62\x56\xfb\xee\xa4\x35\x06\x8f\xb9\xd9\x9f\x5c\xd0\xe2\x77\x7d\xda\x90\xdb\xdc\xa5\x51\x7a\xfe\x3b\xdc\x7f\x27\xeb\x54\xd8\xda\x08\xd3\xd1\x3a\x81\x94\x18\x48\xda\x63\xdd\x11\x85\x30\x7d\x4d\x30\xd8\x25\xfc\x39\x2f\x8b\xbd\x74\x0e\x81\xcc\x7d\xeb\x3b\x46\xf9\x25\x1b\xc9\x2c\x7e\x86\x50\x4f\x91\x32\x48\x79\x3b\xeb\x55\xa3\x31\x3f\x09\xd4\xc1\xdd\xe3\xe5\xea\x1b\x66\x5b\x58\xe8\x7b\x49\x6a\xed\xd9\xb0\x6d\xa9\xc8\xa0\xfe\xb7\xae\x92\x11\xf8\x33\x9b\x3f\x6e\xc6\x57\x9a\x43\x05\x9d\x67\x2a\x2b\x81\x1f\xe5\x6c\xda\xde\xa9\x35\x88\x7c\x81\xd1\xd9\xae\x42\x8c\x46\xf8\x73\x3e\x16\xad\x74\xf6\x6e\xae\x27\xa6\xd3\x69\x67\x1e\x15\x19\x1b\xe3\xd7\x2d\xc9\x02\xea\x34\xff\x89\x97\xb8\x96\x4a\x64\x12\xa0\x51\xa1\xf1\x08\x71\x18\xf8\x14\x78\xa2\xff\x8b\x21\x30\x1c\x73\x6a\xbc\xe0\x7d\x72\x87\x88\xfd\x0e\x1f\x21\xb5\xd9\x58\x11\x0f\x4f\x19\xed\x6d\x8f\x00\x23\xe4\x40\x0f\x22\x47\x66\x48\x5a\x42\x4d\xad\x08\xeb\x89\x9c\xe7\x08\xb7\xa1\x5b\x81\x09\x8f\x59\xb8\x94\x53\xc2\x2e\xc9\x19\x2f\x89\x54\x8e\x4a\x9a\x19\x93\xc0\xb3\x05\x9e\xd9\x42\xc8\xb1\x35\xe7\xaf\x6f\xc2\x28\x1c\xd6\x99\x4a\x2c\x78\xbe\x35\x29\x7c\xf8\x1d\x56\xd3\x5d\x43\x8f\x3e\x48\x08\x88\x1f\xba\xf6\x18\x19\x6b\x28\x41\x5a\x4e\xa0\x72\x6e\xb5\xff\x64\x9b\xe9\x4a\x5f\x18\x59\x6f\xc0\x7e\x01\x7c\xc9\x22\x5c\x71\x50\x89\xb9\x10\xf3\x93\xa6\xba\x94\x69\xf3\xa6\xf4\xbf\xec\x3d\x76\x38\x99\xdd\x31\xcc\xc2\xf0\x78\xf1\xf7\x28\x29\x8d\x4e\x74\x6e\xff\x35\xdc\xb0\x23\xf3\x34\x37\x05\x14\xa1\x77\x3a\x5e\x69\x74\x66\xca\xd7\xb6\x80\xb5\xbc\x46\x0e\x92\x4f\x3b\x5e\x81\xf8\xb9\x6d\x0f\x98\x81\x31\xcb\xed\x14\x36\xb7\x0c\x3e\xe4\x74\xac\x3e\x17\xf5\xb9\xeb\x10\xa0\x3b\xc9\xc8\x92\x5d\xb8\x3b\xf0\x6d\x49\x95\x65\xa7\x99\x96\x9c\xce\x36\x58\x85\x85\x9f\xd3\x7f\x09\x94\x79\x18\xd3\x12\x2e\xf6\xef\x46\xca\xc2\x2d\xd9\xee\x0c\xa5\x53\xfa\x72\xa9\xdf\x6c\xd9\x1e\x72\x2d\x64\x8d\x28\x64\x27\xb0\x99\x7f\x29\xc6\xf6\xdc\x92\xce\x30\xe7\x06\xe3\x6a\xe1\x3e\x5a\xf6\x11\x26\x5a\x8c\x5e\xde\xb4\x13\x84\x75\x0c\xb6\x35\xb2\x78\x28\xf9\xe4\x69\x02\xef\x60\x39\x40\x91\x3b\x94\xf3\x58\xcb\x34\xa0\xad\xac\x37\xca\x26\xb5\x84\x6f\x49\x6e\xec\x59\x20\x16\x7e\x74\x08\x07\xa1\xbe\xd5\x22\x5e\xcc\x0e\xfa\x1c\x72\x33\x9c\x6d\x42\x5e\xd2\xe3\x91\xaa\x2e\x0e\x17\x82\x13\xf3\xe1\x49\xb6\x80\xed\x79\xf9\x78\x5c\xc0\xf7\x05\x09\x79\xb3\xd5\xc1\x64\x38\xb8\x73\xd5\x68\x45\xa2\x82\x6f\x8b\x10\xa0\xb2\xaa\x07\x75\x2c\x5a\xce\xfc\x9c\x4e\x72\x48\x96\xa1\x9c\x05\x9a\x1c\xc3\x74\x79\x4d\xb5\xb5\xd4\x1d\x39\xd3\x07\xf3\x3b\x0c\x67\xac\xff\x95\xab\x8a\x1d\x4c\x4f\x51\x7b\x5d\xb7\xd3\xc1\xe4\x8f\xfd\x79\xf3\x05\x33\xeb\xce\x32\x0b\x3a\x23\xe7\xea\xbd\xaa\x9c\xfc\xca\x02\x0a\xd9\xd7\xcb\xaa\x91\xba\xae\x30\xb0\x87\xc5\xd4\xcf\xa2\xac\xc0\x26\x97\x76\x00\x4d\x58\x9f\x23\x43\xcc\x55\xad\xc1\xd4\xde\x3b\xdf\xd6\xf7\x61\x3d\xc4\x13\x78\x7c\x25\xfe\x35\x67\xf4\xff\xe6\x14\x07\x23\x6d\x9c\x56\xa1\x86\xde\x18\xd0\x0e\xc2\x8b\x68\xc7\xc7\x91\xa8\x5a\xb2\x96\x71\x10\xa2\x6b\x5a\xa9\x61\xa0\x06\x69\xa0\x1f\x32\x5d\xf5\xc7\x61\x45\x20\x44\x83\x04\x07\x2d\xd1\xf2\x2d\xa0\x8e\x06\x66\x83\x55\x34\x17\x26\x3e\x7e\xb6\x84\x9a\xeb\xeb\xd5\x82\x6b\x46\x41\xa8\xf6\x25\x70\x6b\xcf\x79\xea\x95\x44\x50\x63\x5f\xd8\xdf\xad\xbe\x8d\x63\x77\x5c\xa5\x77\xa0\x3a\x1a\x94\xc7\xfd\xf8\x3e\x4f\xca\xe6\x74\x52\xf5\x87\x8a\x1b\xfc\xb3\x1e\xa8\x19\xf8\x68\xd7\x39\x8a\xd3\x11\xb1\x74\xbd\x04\x2e\xb8\xcc\x16\x66\x1b\x1c\xad\x9c\x22\x6e\x39\xb2\x5d\xa5\x1c\xa9\xc7\x70\xd6\x78\xb5\x14\x9b\xcc\x10\xbe\x2a\x8d\x70\x94\xda\x6f\xb4\x3a\x69\x8a\x85\xc5\x76\x88\x33\x25\x92\xba\xcd\xae\x66\xd4\x65\xbe\xe2\x60\x4d\x5d\x74\x7f\x73\xab\x8c\xa3\xdf\x50\xd4\xa1\x8f\xa2\x8e\x72\x5a\x8e\xfd\x11\x50\x90\x94\x40\xfb\x03\x66\xf8\x4e\x4d\xc7\xb6\x22\x1b\x4e\xa8\x84\x1b\x24\xfd\xa1\x86\x43\x8d\xe6\x79\xfd\x1c\xa8\xf9\x46\x38\x73\x89\x77\x35\xc5\xd1\x79\x2f\xdc\xec\xb2\xac\x20\x64\xbc\x53\xe6\xdf\x36\x2a\xf3\x89\x83\xc7\x58\xe1\xbc\xc6\xe7\xf6\x9e\x23\xfe\x9d\x69\x86\x71\x31\x7e\x23\x78\xf6\xf5\x55\x3b\xb5\x54\x61\xf2\xd2\x2d\x86\xce\xd0\x70\x5a\x89\xbb\xf2\x17\xcf\x96\x50\x5d\x4c\x6b\xe9\xef\x5e\x38\x07\xa8\x20\x20\x25\xe7\xb1\x78\x8d\x39\x1d\x22\xd0\x0a\x1f\x27\x8a\x96\x05\xc6\x35\xa1\x3b\xd5\x83\xc9\x52\xa0\xf9\x79\x83\x65\x4a\xe4\x8d\x63\xf8\x2b\x62\x1c\x8f\x01\xff\xd4\x2b\x32\x0c\xa7\x5d\xa3\xca\x68\x8f\xd7\x18\xd7\xe3\x1d\x6d\x3f\x0a\xfe\x5a\xfa\x9a\x81\x97\xed\x71\x56\x80\x98\x45\x60\x39\xee\xe0\x83\xf2\xb2\xb3\x8a\xc4\x00\x99\x54\xf4\x6a\x04\x00\xcf\x19\x02\xd8\xa0\x79\xec\xe6\x37\x58\x38\x95\x80\x8b\x22\xcd\xb0\xeb\xa5\x02\x83\x4b\x9c\x65\x61\xea\xf6\xc7\xc0\x0b\x89\x9e\x34\x62\xaa\xa6\x0c\xbe\x09\x77\x65\xd1\xa4\x55\xad\xb7\x86\xc6\x84\xeb\x68\x55\xfd\x7f\x5c\xbd\xc5\xb2\xec\xca\xce\x35\xfa\x40\x6e\x98\xa9\x69\x66\x66\xf7\x5c\x66\x66\x7c\xfa\x1b\x6b\xed\xfd\x9d\x73\xfe\x1b\xb3\x37\x23\x5c\x95\x95\x29\x69\x8c\xa1\x94\x25\xad\xbb\x7d\xce\x78\xa3\xd6\x00\xcd\x6b\xa2\xc8\xa9\xf8\x7e\xe2\xa1\x3e\x8c\x42\xdb\x3f\x26\x15\x47\xa4\xc0\x4f\x65\x87\xd6\x21\x58\xc7\xa0\x34\xe9\x81\x57\x07\x63\x39\xcc\x45\x70\x0a\x85\xa3\xfe\x7b\x5e\x35\x53\xef\x6b\x58\xab\xdc\x3d\x71\x86\xf2\xb9\x99\xd0\x01\x14\xb1\x04\x6b\x2f\x66\x66\xaa\xf4\x59\x09\xc7\xd2\xeb\x2e\x9f\x94\xf8\xf7\xc7\xb9\x15\x59\xc2\x07\x7a\xd2\x37\x40\x86\x6f\x65\x52\x7f\xf8\x85\xcc\xe0\xf2\x6f\x58\x8f\xe1\xf4\xaa\x3a\x65\xdf\x49\x83\x22\x8e\xc6\x09\x29\xb7\x34\x83\xc8\x1c\x7b\xf9\x4f\xf9\x08\xc3\xf0\x22\x10\x0f\x5a\xf0\x46\xae\x20\xf3\x2a\xef\x35\x99\xed\x82\x0e\x72\x03\xdf\xb5\xe9\xd0\xd0\x7f\x13\x3f\x03\x87\x68\xea\x53\x51\x07\x6c\x1d\x89\xd7\x4c\xe6\x83\x2a\x28\x2e\x37\x17\xfc\x56\x70\x7d\x9e\xd4\x93\x14\x65\xa1\xb7\x86\xde\xec\x2c\x58\x13\x4c\xf5\xca\x21\x7c\xd2\xa0\xe5\xff\x05\x20\x86\x11\x3c\xb6\x11\x9a\xd1\x33\xe3\x96\x72\xda\xd4\x97\x7e\xce\x44\xc4\x67\x59\xa9\xbf\xa8\x4a\x27\x93\x5d\x7a\x63\x98\x7a\x14\x10\xef\xd3\x24\x43\xc3\x76\xcb\x29\x80\xcf\x82\x70\xa6\x94\x72\x70\x0d\x7f\xfa\x14\x7f\x1f\x82\x6f\x3a\x44\x7b\x22\x96\x91\x3d\xb6\xfa\x2f\x46\x2a\x0c\xf6\x87\x0f\xa4\x77\xf4\x58\x48\xa9\x3f\x9c\x71\xc5\x9f\xcf\xdb\xa7\x69\xb6\xe4\x44\x4f\x5c\x9b\xe2\xa1\x88\x93\x84\x0e\x11\x57\x88\x5f\x25\x79\x4e\x34\x91\x4a\x33\x2e\x73\xce\xd8\xab\x4f\x33\xe8\x2f\x6f\xf1\x3e\x97\xea\xf9\x54\x54\xb5\x5c\xff\x8f\x3b\xf3\xad\xa1\x5e\xa6\xa9\x44\xd5\x58\x8e\x66\x1a\x8e\xdd\x9d\xf2\x59\x15\xb1\x33\x32\xde\xaf\x5b\x50\x5d\x4f\x84\xc0\xf6\x6a\x90\xd4\xc3\x90\x04\x8d\xd5\x47\x57\xbf\x1f\x6a\xd4\x60\xcf\xd5\x7b\x39\xfe\x1e\x9c\xe9\xb5\x54\x1a\x8e\x42\x33\x0c\x88\xf8\x52\x87\xd1\xb7\xda\x62\x0e\x45\xb9\xf4\xff\xd8\x32\x63\x8d\xab\x6a\xa4\x8d\xdd\xf6\x66\xb2\x8b\x93\xb9\x8a\x18\x2d\xbb\x7c\xc5\xab\x4c\xc7\x65\x5b\xa8\x25\x19\xd5\xfe\xf8\xf4\x47\x1b\x28\x52\xcc\x60\x4c\x3c\xe8\x7c\xbb\x9f\x7d\x02\x4b\x51\xb7\x3c\x84\xae\x76\x4c\x00\xe1\x3b\x06\x6e\xd9\xde\x7e\xb7\x89\xce\xca\x02\x7d\xc1\x8d\x13\xdb\x9d\xca\x1f\x33\xfa\x1f\x5f\xe5\x5d\xdc\x6c\x0e\x4e\xd0\x09\x69\xad\xc7\xa2\xd2\x5c\xd5\x1c\x7e\xdf\x40\x2c\xa1\xb5\x42\xd1\x39\x08\x5e\x36\x38\x84\xec\x4e\xa4\x40\x77\x3d\xbd\x83\x8e\x46\x5b\x21\x09\x6d\x8f\x2c\xd1\xe6\x3b\x6a\xfd\xe0\xa9\xbf\x68\x92\xa4\xe0\x52\x20\x1c\x2a\xe4\xdb\x73\xc2\xff\xb5\x2f\x53\xa8\xf5\x54\x8f\x36\x36\x51\x71\x2f\x30\xcb\x0d\xce\xf5\xb6\xb2\x74\xbb\x3f\x84\x5f\xf2\xc1\x70\xaf\xd7\x27\xb7\x16\xa8\x4c\x97\x53\x80\x98\xbf\x81\xae\x26\x10\xb2\xa3\x9f\x2f\x95\x27\x2c\x94\xe5\xd7\xef\xd7\x60\x2d\x90\x45\x52\x39\xb4\x84\xce\x0a\xe0\xcf\x1f\x60\xc7\xf0\xff\x68\x0c\x96\x31\xb9\xac\x0b\xbc\x3f\xf1\x8f\x5c\x56\x1b\x78\x09\xd5\xfb\x90\xec\xc9\xb6\x30\x1b\x42\x61\x3e\xc2\xf6\xd3\xa5\x19\x9e\x60\xab\xb7\xf2\xf4\xdd\xd0\x26\xa4\x3b\xaa\xea\x7e\x55\x81\xcd\x27\xdd\x48\x46\xda\x1b\xfd\x72\x13\x5c\x90\xa4\xf8\x15\x2a\x0b\xa2\x59\x1d\xb3\x9f\xca\xac\x40\x35\xf9\x5f\xae\xcf\x31\xe3\x79\x23\x61\x4a\x5b\x1e\xab\x16\x4b\x46\xfb\x2b\xca\xbe\xa4\x69\x98\x83\x91\x1e\xcb\x38\x13\xc0\x03\x54\xa8\x89\xa2\x45\x43\xdb\x17\x0d\x56\x17\x82\xfc\xd1\x4d\x8d\x6a\x6e\x5c\x98\xa8\xef\x00\x71\x79\x94\x5c\xb7\xe2\xc8\x58\x0e\xd5\xe8\xff\xf3\xd9\xaa\x50\x79\x7d\x90\x75\xe1\x3a\x04\xc2\xf1\x3e\x76\x37\xcc\x5e\x89\x24\x67\x48\xa1\xc8\x94\xd9\x0f\x60\x3f\x79\xf3\xc4\x24\xb2\x2a\xe4\xfe\xd7\x0f\x73\xbd\xcb\x13\x5a\xd5\x0a\x86\xd5\x8c\x9d\x0a\xdb\xe1\xfc\x2d\x2c\x5b\x0b\x5e\xaa\x60\xae\xb3\x2c\xec\x9d\x67\xff\x71\x43\xd1\x3c\xfd\x1a\xd3\x14\xc2\x89\xfb\xd6\x3d\xc2\xd5\x83\x9a\x1d\xee\x4d\x5d\xd9\x11\xa0\xb2\xd4\xad\x24\x8f\x95\x28\x5b\x60\x53\xa5\x44\x50\x78\xba\x48\x3f\x88\x63\x1e\x76\x34\x9b\xbe\xc6\x4b\x8c\x81\xea\xeb\xbf\x38\xd7\x0a\xe3\x12\x5a\x1d\x4c\x68\x48\xec\x5f\x2e\x21\x87\x6a\x66\x78\xac\x0a\x8d\xbf\x03\xa1\xc5\x40\x50\xdc\xda\x30\xbb\xc9\xdf\x42\x6d\x29\xa4\x59\xf8\xc9\x8d\xb1\x1c\x06\x98\xd3\x4c\xad\xfa\x03\x5e\x26\x35\xa7\xb2\xc8\x7f\x31\x9b\x61\x7a\x4f\x14\xfb\x3e\x99\xdb\x4d\x6d\xb3\xd8\xda\x0b\x7e\x2d\x9c\x55\xc0\x70\xca\xdc\xcd\xc6\x29\xda\x3a\x54\xfb\x23\x05\xd2\x97\x65\xde\x49\xfd\x72\x9b\x93\x4d\xfb\xce\x5d\xe6\xff\x1c\x89\x65\x62\xa1\x75\x17\x56\xfa\x90\xdc\x55\x8e\x3c\x45\xa3\xae\x99\x8e\x28\xa2\xfd\xb5\x70\x12\x79\x00\x3a\xdb\x21\xa6\x50\x5b\x1c\xf6\xf3\xea\x5e\x6b\x0c\x76\x73\x43\x37\xf6\xf8\xff\xe1\xdd\x0a\xaf\x7d\x48\xe2\x12\x72\x34\xb2\x69\x38\x7e\x9c\x17\x95\x18\xa1\x7a\xab\xef\x64\x5f\xc0\x83\x1e\xae\xf4\xc3\x59\xc9\x6f\x42\x86\x34\xd2\xb7\x26\x55\x5a\x8a\xc0\x10\xce\xf4\x5f\x9d\xf5\x28\x85\xe0\x85\xeb\x8d\x64\xcf\xbc\x34\x33\x08\x50\x6c\x63\xaa\xa3\xa1\x1b\x7b\xed\xda\xa2\xa3\x2d\x21\x21\x87\x73\xb6\x28\x12\x75\x89\xb7\xc0\x14\x8a\xfb\x3f\xba\xa6\xb6\xe7\xbc\xe3\x21\xc9\xb1\xf4\x3f\xfb\x67\xae\x42\x52\x61\x7f\xf8\x76\x0d\x93\x15\x88\x12\xd9\xd2\xc2\xa3\x01\x28\xbe\x8d\x5f\xa6\x37\x88\x4a\x12\xf4\xd9\xfd\x31\x78\xb1\x7e\x50\x43\x7a\x42\x7d\xef\xff\xe1\x80\xfa\x5b\xc9\x5f\xc7\x26\x66\x7b\x14\xaa\x30\x65\x7b\x9e\x56\x36\x9b\x6d\x4b\x4c\x71\x30\xa2\x3c\x0a\xb1\x6f\xdc\x9c\x36\xb9\x96\xb2\xc4\x5e\x50\x27\x06\x4b\xea\x6d\x2a\xfe\xd7\x18\xff\xc1\x27\xbb\x99\xdb\x5d\xcd\x9c\xb6\xff\xa4\xfa\x79\x47\xe7\x79\x04\xe6\xe0\x21\x14\x5a\xcf\xfc\xe8\x8d\xd5\x60\x2f\x67\x11\x93\x4f\x49\xd3\xb4\x7d\x84\x39\xdd\x9a\x96\xa5\x15\xff\xdf\x77\x94\xfe\x4e\x47\x16\xa1\x36\x72\x1e\x5e\xb2\xe0\xa8\x61\xe4\x3c\x9d\xcc\xe5\x6c\x36\x75\x7d\x22\x0e\x59\xc9\x16\xab\x7b\x2f\x7d\xde\xfe\x7d\xb5\xf9\x52\xdf\xfc\x61\x64\xcf\xcc\xd5\xee\x3f\x44\x9a\x65\x94\xd3\x1f\xf0\x95\xc3\x1a\xde\x4f\x7f\x7e\x62\x74\x65\xa3\xf4\xe7\x4d\x13\x04\x1b\x68\x83\xfc\x8b\x63\x77\x3d\xc2\x75\x72\x60\x6f\x78\xa5\x0c\xde\xb9\x57\xb7\x04\x2e\xbb\xf7\xbc\xf9\xbf\x4f\x51\x19\x5f\xdf\xa7\x6c\xa7\x71\xa7\x3c\xc2\x55\x54\x25\x8b\x93\x6c\x97\x38\xc3\xc7\x12\x14\xbf\x48\xfb\x00\x12\x6a\x69\x2a\x56\x5f\x1d\x53\xc0\x56\x04\x9e\xb8\xbb\x7f\xdf\xdd\xfb\xe3\x4b\x6b\xc0\x78\xae\xa5\x2a\x41\xff\x3e\x18\x81\x4c\xcc\xd0\xef\xf0\x08\x47\x2b\xec\xad\x81\x33\x0b\xb5\x34\xd4\x9e\xa7\xcc\x6d\x23\xdb\xeb\xb2\x38\xfe\x66\x27\x89\xf3\x5f\x48\xdc\xfd\xe6\xd5\xc2\x45\x9a\x24\x87\x9f\xaf\xb4\xe3\x32\x99\xcb\x42\x77\x45\xcd\x2f\x67\x92\xb6\x0e\x1e\x69\x86\xb4\xc6\x61\xdf\xfe\x46\x88\xef\x1d\xd8\x9c\x2d\x94\xf4\xbf\xf6\xc1\x39\x1a\xf3\xf1\x38\xc7\xc6\x1a\x3b\xbc\x67\xfe\xec\x66\x2b\x58\x6d\x92\x7e\xce\x3c\x46\x23\x6e\xf1\xe8\x5a\x79\x58\xec\xb7\x56\x2b\x2a\xbf\xff\xe1\x19\x0e\xa3\x84\x38\xbf\x3b\xac\x32\x29\x4e\x98\xb8\xc6\xac\x72\x8a\x9f\xa7\x5d\xd2\xf2\xa2\xc9\x40\x53\x49\x33\xb9\x1b\xfe\xff\x9e\xd1\x07\xbc\x8c\x5e\x5e\x31\xb0\x45\xfd\xdc\x44\xe4\x1a\x8d\x4f\x7b\x6e\xbd\xc2\x7b\xd5\xc6\xe6\xf6\x7b\xfc\x4c\x6e\xcb\x50\xf9\xb1\x37\x81\xff\x38\x34\xab\x29\xcb\x39\x50\x3a\x27\xda\x66\x9a\x0e\x3f\x3f\xd9\xb0\x9a\x49\xeb\xd7\x57\x2f\xf3\xce\x1f\x4e\x1e\xda\x7a\xcd\x39\x46\xeb\x2d\xe0\x7f\x72\x07\xba\xa0\x71\xb8\xc8\x78\x3f\x39\x97\xf9\x43\x54\x1c\x83\x91\x82\x68\x08\x9a\xde\x64\x77\xa7\x69\x4a\xf7\x2d\x3d\xd2\x0a\x7a\x9e\xb8\x89\xfc\x3f\x7e\xab\xaa\x3f\x33\x1b\xa2\x25\x54\x1a\x7e\x6d\x3a\xa8\xdc\xc2\xac\xf3\x1b\x86\x6d\xf0\xdf\x4f\x4c\x83\x28\x18\x1b\x66\xcc\x81\xa8\x59\x18\xb6\x67\xff\x77\x9d\xa7\x60\x56\xf5\x72\x77\xba\x31\x65\x24\x1f\x4b\x4c\x27\xb8\x6e\x28\x61\x16\xdc\x02\x13\xb9\x73\x56\x86\x19\xb5\x81\x61\x3d\xc7\xfc\x87\xda\xf4\xd1\x20\x36\x4c\xa2\x39\xc2\xd6\xe3\x67\xd6\xee\x4c\x33\x18\x5b\x98\xa4\x5d\xf0\x13\x94\x6a\x80\xac\x15\x52\xfb\xa4\x34\x6a\x83\x56\xfe\xef\x21\x8f\x6f\x8f\x70\xb4\xe0\x88\xe5\x64\x95\x37\xb2\x2e\x9a\x61\xed\x38\x98\x66\xb3\x7f\x1b\xaf\xa5\xbc\x2c\x2a\xfb\xa2\xb7\x4a\xed\xb0\x46\x6d\xff\x17\x23\x54\xc6\xf0\xb4\xa4\x1f\x83\x7b\xdc\xe9\x73\x6f\x19\xb3\xb7\x55\xa5\xa7\x40\xf5\x0d\x9c\x9a\x1c\xa3\x56\xbb\x87\x90\xed\x79\xe9\x7f\x74\x36\xdb\xbf\x72\x4e\xa4\x56\xdb\x0f\xef\xdd\x7b\xfe\xea\x18\x89\xb7\xcf\xa1\x33\xeb\x52\xf2\x61\x0b\x03\x95\x09\x46\x6d\xe6\x28\x77\x8a\xfc\x3f\x8e\xea\xf0\x7e\x28\x88\x84\xa9\xa5\xba\x98\xe9\x6e\x26\x3a\x0a\x43\x38\xb6\x77\x47\x3b\xac\x2d\x2e\xfb\x7a\x33\xe1\x61\x82\x20\x31\xff\xef\x73\xae\xea\x05\xbd\x5b\x2f\x8c\xa0\x2d\xb1\xf6\xe3\xb3\xa1\xe2\x73\xac\xeb\x2f\xdc\x9e\x7d\x3e\x09\x04\xc7\x98\x4e\x4c\x28\x8b\xb2\xdb\x9e\x7c\xec\xb3\x51\x03\x04\x28\xdb\xe2\x22\xed\x8d\x5c\x91\xec\x7a\xfd\xcf\xfe\xb2\x6a\x72\xf0\x5b\xe0\x18\x0d\x14\xb5\x59\x71\xfa\x83\x37\x8a\x76\xa9\x62\x36\x7d\x79\x7d\xd1\x00\xc4\xb9\xed\xdf\xb5\xd7\x06\x76\xbc\x7a\x1a\x8e\x24\x9a\x10\xbc\xa3\x69\xe1\xd0\x24\x1d\xa7\xb2\xea\xff\xea\x41\x9c\x1b\xf8\xa4\x8d\x59\x6a\x52\x3f\x49\xc9\xdc\x7b\x21\x15\x3c\xd6\x2e\xf8\xd9\xad\x06\xb6\x60\xe6\x85\x8e\x85\x0e\xd6\x30\xcf\x6c\xcb\x52\x72\x3f\x03\x7d\xa9\x72\x09\x99\xc9\xbd\x86\xf8\x2d\x58\xab\x04\x21\x26\x19\x77\xfb\x7f\x0b\xe4\x1c\xe3\xb7\x12\xe7\x45\xd2\x60\x5d\xaa\xd5\x92\xe1\x28\x89\xbd\xf6\x47\x55\x50\x82\x9b\x57\x67\x56\xf9\x8f\x79\x05\xa6\xae\x45\x65\xa8\x8d\xa6\x87\xa5\x19\x86\xe8\xbd\xac\x4d\xb2\xce\xa4\x05\xc5\xbb\xd3\x01\x8f\xa2\xda\x16\xaf\xd5\x96\x73\xd8\x25\xb9\x12\xac\x70\xb1\xba\x03\xaa\x38\xc6\xe3\x1d\xf7\x76\x84\x55\x66\xc6\x04\xb4\x26\x95\x6d\xfe\xf3\x7b\x14\xde\x80\x8a\xc9\xa5\xaa\x12\x04\x3d\xd4\xfd\x3e\x95\xf8\xd8\xae\x7f\x10\x53\xea\x23\x57\xcd\x4b\xb9\x51\x60\xaa\x11\x35\xd5\xd7\x1a\x07\x59\xe1\xd0\x3b\x5f\xcf\xdf\xbd\x4f\x3f\x36\x2f\x3f\x86\xf9\x78\xe3\xa7\xac\x5e\xf6\x3e\xb7\xe8\x58\xf4\x7a\xf6\xb0\xa4\xcc\x13\x5c\xea\x57\xa7\xd3\x01\x3a\xf0\x03\x48\x83\x69\x77\xda\x75\xdd\x13\xfe\xd8\xe2\x89\xfc\xb8\xe0\x3f\x66\xcc\xbc\xa1\x9b\x05\xfd\x33\x94\xfd\x34\xe3\x9a\xb9\x20\xa7\xac\xf4\x08\x77\xfc\xb2\x4b\x44\x2d\x7c\x21\x81\x6e\xf7\xcd\xf9\xcb\xbb\xef\x5a\xa7\x22\xd5\xa5\xe4\x1d\x89\x24\xc5\x9a\xc7\xd4\x97\x6a\x40\x4c\x91\x09\xa6\x67\xec\xa9\x61\x36\x39\xc6\xea\xa5\xff\xb5\x5b\xae\x0f\xda\x35\xec\x06\x27\xa8\xf7\x66\x2f\x7f\x23\xae\x1b\x87\x96\x1b\xc5\x3c\x76\xd9\xef\x53\x10\xd3\x0f\xc6\xad\x00\xa4\xb5\xa0\x05\x63\xa6\xab\x65\x1f\x67\x4e\x31\x70\x9a\xb0\x43\xa2\xbe\xa5\x34\x56\x25\x53\xe3\x68\x51\xe0\xf8\x4f\xe1\xff\x6b\xa2\xaf\x9f\xbe\x2e\x3b\x72\x0a\xa7\xe9\x48\xf6\xb9\x2b\x17\x91\xe5\x9b\xf9\x7d\xf6\x5b\xca\xa5\xd4\xf1\xc7\x2c\x49\x42\x5b\xde\x12\xfd\x00\x22\x8c\xd2\x3b\x7d\xfc\xb9\xcf\x4f\x08\x69\x02\x8b\xc7\x14\x36\x0b\xbd\x25\xb2\x03\xfc\x74\xda\xf4\xbf\x7c\xb7\x96\x9c\x4f\x4a\xa0\xa8\x7d\x86\x47\x50\xc2\x6c\x0b\xf0\x17\x2e\xa7\x46\xe9\x27\x2f\xdb\x64\x88\x56\xdc\x9c\x77\x20\xb5\xf2\x34\xfb\xa1\xaf\x93\x8a\x6a\xe8\x2f\x49\x4d\x82\x8f\x89\xe5\x53\xc6\x59\xca\x85\x89\x88\x96\x1a\xb3\x6e\xc4\x61\xf1\x5c\x2d\x81\x84\xf1\x7f\x39\x45\x30\xf2\x7d\x2b\x2b\x82\x12\x63\xfb\xfb\x6d\x6f\xbe\x46\xe0\x84\xae\xb4\xbf\x8a\x4e\x21\x17\xa8\xf9\x95\xa8\x6a\xd5\x0b\x28\xe3\x60\x4f\x1f\x66\x3f\xba\x88\xde\xe0\x76\xb2\xdc\x7c\xe6\xba\xd3\x30\x06\x45\x19\x4f\x0a\x31\xcf\xde\x9b\x6a\x9e\xb2\x3b\xac\xd1\xe8\xff\x1b\x63\xb8\x3f\x7e\xd9\x05\x19\x6f\x19\x3e\xdc\xe3\x44\x3b\xd9\xa3\x55\x88\x7d\x29\x41\xe3\x74\x6c\x19\x5c\xc4\x9e\x82\x42\x96\x87\x91\x0d\x11\x62\x46\xcd\xc9\x2b\xed\xb7\x44\x9c\x82\xd6\xee\xc9\x6f\x1e\x97\x7d\x98\x92\x61\xa6\x56\x82\xae\x9b\x2a\xe7\xc5\x82\x7b\x7f\x9c\xc2\x20\x4e\xff\x49\xf7\x1f\xc1\x06\x41\x34\x59\xc6\x03\x5c\xc4\x21\x1c\xa2\xc5\x2f\x23\x2e\x1b\x07\x65\xbc\x52\x58\x56\x01\x42\xec\x38\x2f\x42\xca\x4b\x5b\x4e\x62\x87\x61\x24\x36\x71\x67\x68\x46\xc9\xe3\xb2\x01\xc5\xd9\xe9\x37\x9f\x78\x5f\x63\xb3\x2b\xd4\x66\x58\x42\x8b\x38\x44\x8b\x2e\x50\xd5\x4a\x77\xcd\xe7\x73\x5c\x7e\x8d\x1d\x28\x7f\x60\x21\x48\x7f\x61\x5f\xbe\x09\x64\xed\xd8\x7b\x06\x2f\x6b\xb1\x96\x80\x44\x8e\xc6\x2a\x4a\x21\xbb\x10\x96\x19\x9e\x34\xb7\x0d\x84\xcf\x8e\xd1\xfc\xe5\xb6\x2c\x53\xae\xed\xb1\x86\x13\x00\x55\xda\x11\x91\x55\x04\x1f\xae\x92\xdb\xc5\xf8\xa9\xaf\xfa\x4f\xf2\xe1\x89\x83\x50\x66\x67\xcf\x94\x41\x1b\x63\x9c\x46\xe0\x5b\x7a\xdc\x21\x64\xf2\x33\x9c\x3e\xc2\xf1\x40\x8f\x97\xca\xf9\xa3\x0a\x4f\x6c\xd5\xb9\x3d\xcc\x80\x82\xec\x7f\xd7\x8f\x04\x1d\x97\x1d\x85\x47\xd2\x65\xc9\xec\x26\x83\xc6\xae\x17\xbe\xcc\x37\x0f\x04\xc0\xb6\x31\xae\xf3\x83\x4f\x26\x76\x85\x5b\x42\x4d\xb5\x04\x6e\x74\x26\x28\xfc\x73\x2c\x6b\x74\x9c\xbf\x89\x6c\xa9\xbc\xb8\x2e\x9b\x90\x0a\x9a\xc6\x5d\x7c\x53\x73\x87\x61\x6a\xb6\x01\xfb\x50\x0f\x5e\x59\x0d\x94\x04\x10\xc3\xf5\x30\x1f\x5c\x71\xf3\x6d\xc8\x37\x3a\x77\x59\x56\xd0\xda\x22\xe5\xf7\x03\xed\xa8\xb8\xa6\x58\x41\xb8\x79\xc9\x40\x46\x9f\x41\x05\xab\xfc\x94\xbe\x7f\x6d\x1a\x64\xb1\xcb\x55\x79\xa6\x58\xfb\xe6\x86\x85\xba\x58\x5f\xab\x51\xbb\xbf\x8c\x89\x55\x90\x8c\x28\x2c\x04\x20\x81\x34\x85\x33\x3a\x57\xeb\x99\x9d\xff\xec\x15\xde\xf6\x8b\x9e\xfe\xf4\x54\xe9\xf8\x9d\xab\x83\x76\xf3\xe7\x37\x1e\xa2\x70\x3e\xc5\xb9\x6d\x39\x45\x5f\xc9\xaa\x24\x47\xbc\x6b\x51\xfc\xb2\x49\xb4\x24\xc7\x8d\x2c\xf6\x6e\xbc\xd3\x3f\xdf\x9d\x34\xf5\x68\xd3\x00\xeb\xf9\x6a\xde\x4d\xb7\x5c\xf6\x21\x93\xee\x26\xfb\x87\x07\x38\xfa\x0c\xa0\xbf\x0d\xc6\x9c\xbc\x72\xd6\x41\x60\x18\x5e\x49\x98\xc7\x1c\x08\x6b\x27\x63\xee\xd6\x2d\xdb\x28\x70\xa6\x1f\x33\xac\xfb\x3a\x66\xec\x3f\xf9\x25\xc9\x0c\x29\x46\x2a\x47\x51\x03\xeb\x26\x0b\x97\x5a\x75\xe3\x2c\xf7\x1d\x73\xb1\x6e\x65\x10\xb5\x14\x5c\x2f\x93\x8e\xc3\x62\x9e\xe2\x5e\xa3\x97\xcf\x22\x08\xbc\x3a\xf8\x13\x5f\x88\xea\x42\x3c\x9f\xf0\x54\xa3\x34\xa4\xb9\xc7\x1c\x29\xe5\xff\xe6\x81\x04\xae\x5d\xd7\x75\xad\x2e\x34\xc1\x08\xd1\xe1\x34\xe1\x6f\xfc\x0d\x07\x3c\xd2\x46\x33\x7d\x24\x51\xb9\x00\x61\x79\x97\xb1\x9a\x00\x6c\x38\x76\x68\x0c\x00\x5a\xcf\xa4\xe5\x7d\xe8\x74\x89\x59\x4e\x28\x97\x72\x33\x71\xf8\xd8\xe1\x45\x44\xfc\xb2\xc4\x31\x83\xb6\xb3\xd1\xf4\xe1\x02\x3d\xde\x5a\x8d\xb9\x49\xb6\x92\x08\x8a\x7a\x48\xba\x94\xb5\x7f\xf3\xcb\x6c\x0b\x7f\x65\xf2\xae\xff\xe0\xec\x2f\xde\x38\x8a\x22\x38\x71\xb7\xb6\x5e\xce\x13\x7f\x49\x08\x9b\xd6\x52\x9c\x52\x97\xf2\x3e\x96\x94\x7b\xaa\x6e\x14\x80\xaf\xe2\x95\x0a\x55\xaf\x10\xb8\x61\xbf\xe3\x7b\x0b\xde\x80\x78\x5f\xd9\xc9\xe2\xe0\xd4\xfc\x56\xef\x79\x0b\xf4\x87\x84\xd1\x10\xcc\x43\x08\x42\xc2\x39\xa0\x27\x8d\x4e\x0c\x36\x69\x5b\x7d\xe8\x5e\x1e\xae\x47\x20\xb9\xe0\x04\xf3\xda\x1f\x5e\xda\x09\x49\x19\xcc\xee\xf3\x3d\x33\x56\xfc\xe1\x52\xcf\xbf\xfc\xce\x51\xb6\x68\x0b\x61\x92\x34\xeb\xe7\xf9\xb3\x1c\x5d\x17\x5a\x56\x1c\x8c\xc1\x69\x6c\xbc\xcc\x65\xfd\xc8\xb6\x9c\x30\x60\x44\x81\x24\x79\xdb\xbe\xb9\xe0\xe6\x78\x8b\x29\x79\x51\x8e\xad\x44\x4b\x12\x2d\xd1\xe5\x40\x46\xbc\xd3\x6b\x07\x26\x6a\xe2\x6c\x0c\x2f\x6c\xa8\x78\xa5\x45\x21\x76\x4d\x15\x32\xf3\x00\x3b\x4e\x1a\x19\xe1\x4c\x1b\xe9\xae\xc7\xa8\x49\x31\xcb\x0e\x6d\x19\xb6\xb7\xff\xcd\x71\x2f\xd1\xb6\xf6\x4c\xff\xf7\x4c\xf6\xdb\xd7\x0d\x8f\xbb\x1b\x19\xf7\xc3\x6c\x1f\x6f\x57\x0d\x0e\xed\x98\x56\x0a\x1c\x08\xe4\x03\xca\x9e\x02\xa7\xe2\x2b\x51\xda\x24\x03\x02\x75\xb4\x26\xd0\x05\x39\xb5\xd5\x48\x4d\x87\x08\x5e\x2c\xf5\xeb\x6b\xb0\xe7\xeb\x42\x3a\x7e\x3f\x5a\xbe\x3b\x85\xfe\xde\x6e\x7a\xa9\xc1\x69\xf5\x22\xb6\x3d\xb1\xa6\xf8\xa3\xe7\xff\xf9\x6e\x5e\x25\xca\x6f\xb7\xe5\xee\x56\xac\x3f\xb8\xc8\xa6\xcb\xef\xa5\x42\x05\x1b\x70\xc6\xb8\xff\x60\xc1\xfe\x4d\x7c\xbc\xb8\xd2\x8c\x4d\x96\xbf\x65\xc5\x19\xba\xb8\xc2\x49\x56\xfe\x05\x10\xad\x67\x97\x2a\xfc\xc1\x86\x48\xb9\x46\x3a\x6a\xc9\xa9\x80\x68\xd2\x45\xd2\x11\xca\x64\x86\x22\x89\x05\x8d\xbc\x67\x84\xc2\x43\xf6\xba\xc9\x5a\x83\xc8\x5b\x78\xbb\xea\x1d\x41\x6c\x1f\xa5\x47\x71\x69\x82\x09\xf9\xb5\x24\x47\xfc\x37\x1f\xd2\xe3\x74\xfb\x24\xef\xb8\x97\x75\xff\x27\x96\x7b\xbc\x61\x19\x52\x17\x78\x79\xd9\xd8\x0b\x6d\xa7\xe4\x2f\x33\x2a\x69\xa0\x89\x29\x80\xa6\xf5\x94\x17\x8e\x51\xe8\x2a\xae\x68\x65\xee\x39\x43\xed\x4d\x5d\x51\x33\x0b\xd7\x20\xd2\x4f\x53\x09\xdf\x7f\xcc\x2c\xd5\x54\xaf\x36\xd9\x55\xba\xbe\x69\xd4\x87\xe6\xf6\x33\xfc\xbd\x83\x10\x84\x25\x6f\xa4\xb4\x50\x01\xd2\xeb\x5a\x11\xb8\x4b\x86\xc3\xee\x63\xcc\x29\xf7\x1f\x12\xcf\x7a\x18\x82\xbf\xca\x5d\x33\x8c\xca\x89\xef\x7e\x68\x81\x45\xd4\x3c\x06\x4b\x18\xd5\xe9\x5f\xe1\xc6\x0b\xcc\xcc\x85\x28\xa4\x7f\x38\x21\x31\x20\xa7\x13\x2f\x8a\xd9\x25\xb0\xeb\x15\x48\x96\x6e\x27\xe9\x53\x8b\xb5\xd8\xaa\x67\x9a\xd0\x95\x5f\x22\x75\x0f\xd5\x51\xf0\x01\x6e\xff\x70\xf0\x97\x09\x61\x55\x46\xf9\xf2\xf8\xdd\x28\x25\x77\xad\x4c\xf7\xc7\x60\x48\xef\x6c\x7a\xbb\x08\x55\xfc\x53\xe4\xbd\xb5\x85\x69\x26\x8d\xfa\x0f\xe4\xb0\xaa\x2b\x88\xc1\x1f\x3d\xe3\x09\xd8\x0c\x2b\x7f\xfe\xcb\x32\xe6\x85\x33\x4b\xd6\x7d\x81\x85\x21\x6d\xbf\x0e\xef\x54\xf5\x69\x95\x6e\x87\xd8\x1f\x90\x1b\x8a\x4e\x2b\x9d\xd7\x81\xc3\x70\x5f\x22\xc7\x2f\x24\x2f\x17\x75\x69\xb8\x33\xd2\x79\xd1\x42\x71\xe5\x55\x61\xdc\x9e\x42\xf7\x05\x54\x81\x4d\xce\x81\x98\x86\xb0\x0f\x1a\xed\xa0\xa8\x0b\x88\xde\x2b\x65\x55\xdd\x27\x2d\x62\xd2\xa2\xe7\x16\xd8\x16\x8e\xb5\x5b\xfe\xac\x77\x8f\x4c\x49\x71\x08\xc7\x0d\x29\x50\x60\xfe\xd8\x0e\xb7\x04\xde\xfa\x14\x0c\xc6\x30\xba\x1a\x04\x91\xc4\xda\x9b\x45\x04\xc6\xef\xa9\x02\x7e\xf9\xe4\x52\x89\x67\x38\xcb\x86\x36\x32\xdd\xc9\x26\x84\x6e\xa1\xc0\xf3\x87\xca\xc8\xb5\x54\x36\x5e\x19\xd0\xa1\x17\x32\xfa\x4a\xde\x0e\x45\x8d\x42\xe8\xe4\xf2\x97\x14\x1c\x72\x81\x16\x68\x8e\xaa\x5a\xbd\x80\x3c\x09\x06\xf0\x69\x42\xa3\x67\xae\xfb\xc1\xc6\xe2\xd9\xf7\x5e\xbe\x04\xcc\x39\x3c\x01\x46\xe1\x42\xdb\xbd\xf5\xa5\x53\xc8\x1d\xaf\x37\x53\x43\xff\xfa\xb9\xac\xbf\xc6\x84\x0c\xd2\xdf\x5e\xc5\xbc\x34\xf9\x54\xe4\x84\xcc\x2a\x32\xb1\x05\x1a\x4f\x79\x98\x97\x9e\x74\x32\xfa\x06\x27\x72\xa0\x3b\x35\x8d\x34\xe1\x29\xe9\x5f\x5f\x37\x49\xa8\x55\x88\x27\xca\x1e\xd5\x92\x8f\x76\x0f\x67\xa5\x8e\x8e\x2b\xb3\xba\x4d\x20\xe9\x58\xcd\xc3\xaf\x2f\xca\x09\xb6\xb6\x21\x1f\x66\x05\x2b\x09\xc7\x4b\xdf\xc1\xd1\x58\xdf\x02\xa5\x07\x87\x6e\x98\xd3\x97\xd2\x96\xbb\x9e\x63\x11\x59\xd1\xf6\x7f\x34\xa9\x67\x10\x8a\xe0\x99\xbd\xd1\x4c\xed\x9f\x20\x80\x78\x3d\xfa\xe0\xc4\x42\x7a\xad\xec\x69\xa2\x63\xa9\xa8\x45\x1a\x93\x1f\xb8\xee\x60\x54\xf9\xf1\xa3\xd1\xbe\xb8\x2e\x9a\x89\x34\x26\x39\x06\x6d\x09\xb5\x09\xf6\xd2\x06\xa5\xdd\x75\x08\xb2\x4e\xad\xdb\x76\x0f\xa6\x3e\x5e\x10\x4e\x31\x3d\x52\xea\x5a\x6b\x7e\x3b\x2d\xdb\xc4\xbe\x4c\xef\xc1\x59\x87\xc0\x52\xd1\x74\x6a\x95\xca\x42\x92\x60\xdd\x44\xfe\xd8\x25\x83\x85\x6a\x64\x3a\x4b\x5b\xe6\x07\xaf\x28\x75\x61\x4d\xad\x69\x5c\xd6\x0c\xe4\x89\xea\x03\xa8\xea\x92\x0f\x8c\x3e\xd8\xd9\xe4\x40\x9a\x8e\xa2\x7c\x77\x4a\xe7\x8d\x7c\x7f\xe9\x41\xb0\xb0\x8e\xa8\xf9\x73\xf6\xba\xee\x3f\xb6\x3c\x6d\xf0\x09\x6a\xf1\x37\x5a\x47\xb2\xcf\x21\x33\x73\xcb\x87\x9b\x2a\x5c\xc4\xd8\x68\xba\xbd\xf9\x2b\xd1\x7d\x16\xad\x95\x56\x71\xed\xd4\x3d\x6c\x2d\xf8\x12\x65\x19\x95\x16\x68\x4b\xcd\x90\x38\x9d\x28\x78\x25\x4b\x12\x69\x72\xbb\x39\xa7\x25\xce\x43\xa9\x89\xb8\x00\x1b\x8f\xe7\xbc\x68\xda\x16\x14\x5f\x4d\x85\x27\xb3\x06\x5d\xcb\xd3\x44\x19\x42\x7d\xf9\x0c\xe0\x5a\x09\xca\x6e\x28\x3b\x2d\xc0\xba\xa1\xe5\xa5\xc8\xa2\x5e\xb5\x67\xa3\x46\x5e\x06\xe4\x17\x86\x62\xc1\xdf\x15\xc3\x8b\xbb\x97\xa8\xff\xfb\x63\x4d\x49\x27\x39\x7a\x4a\x9f\x23\x1a\x3d\x3f\xc3\x61\x31\x56\x84\x5f\x9a\xfb\x8b\x95\xba\x16\xf9\x6b\xbe\x69\x5e\x0f\x04\x61\x54\xfc\x3c\x3a\x5f\x43\x26\x10\xf9\xf6\xcb\x75\x48\xf1\x52\x05\x59\xc9\xd0\x56\xa1\xd7\xc2\x20\xa2\x5c\x4f\x01\xdb\x76\x80\x3f\xc2\xd5\xf4\xd6\xc1\x40\x36\x52\xc5\x63\x8d\x8e\xcf\xea\x29\x05\xab\xe9\xb5\xb3\x99\x73\x7e\xe9\x64\xe0\x77\x25\xa1\x29\x29\xc9\x33\x42\xaf\xb2\x13\xde\x1c\x1a\x33\x97\xa2\xf8\x11\xfb\xd9\xf8\x72\xa5\x21\x43\xb9\xc7\x88\xbd\xdc\x7e\x0e\xdb\xaf\xd2\x33\x97\xe2\x44\xd3\x1f\x89\x3d\x60\x71\xc4\x3f\x33\x6a\x7d\x99\x85\xcb\x27\x65\xc6\x3f\xe8\xe9\x3c\xfa\xdf\x76\xcb\x65\xce\xc8\x7f\x6d\x28\x2a\x4f\x6a\xcf\xac\x6f\x2b\xd6\x24\x58\x27\xe3\x3b\x5d\xac\x11\x88\x29\xf4\x36\xf2\xa8\xfd\x7d\x22\x3d\x33\x95\x5b\xff\x92\xe8\xa8\x7d\x83\x57\x3f\xd0\xc2\x9e\x8a\x2f\xc7\x9f\x1f\x05\x4e\xf4\x6f\xaa\x3e\x18\xde\x11\x15\x9d\x84\xc5\x7d\xa6\xf5\x07\xa5\x3b\x01\x17\xcb\x6b\x5c\x30\x42\xea\x68\x2f\xc9\x3f\xe5\x47\x59\x02\xcf\x91\x45\x0b\x60\x60\xfa\xfb\xd1\x27\x9d\x3d\x05\x67\xb8\x1e\x59\x00\xf0\x7b\x86\xaf\xc2\xdc\x2c\x2b\x28\x20\x0d\x4c\x12\x7d\x27\xcc\x5f\x4e\x5a\x2c\xba\x9a\x4a\xb6\xdc\x19\x6b\x09\x13\x87\xb7\x3a\xeb\x7b\x5d\xdc\xf3\xc5\xdb\x79\x5e\x86\x54\x7f\x24\xae\x42\x58\xd2\x74\x52\xda\xa9\x22\x78\x90\x11\x5c\x7e\x3b\x91\x1c\x58\xf0\xa0\xd2\xb9\xa1\x47\xfd\x87\x00\x3b\xef\x0a\x90\x42\x8f\x7c\x8b\xd6\x86\x5c\xad\x4d\xe2\x18\x28\x6b\xbe\x64\xd7\x8b\x51\xa0\xec\x32\x74\xaf\x02\xb1\xc4\x3c\xf6\x02\x11\x74\x2a\xcb\x13\x81\xad\xc4\xae\xcf\x6e\xdb\xe6\x7c\x4b\x6d\x92\xb2\x60\x35\xcb\x08\x82\x6b\xf9\x3b\x79\xc5\xe0\x4b\xbb\xab\xc9\x6a\x7f\x25\xe9\x19\x0e\x69\x90\xf1\xf6\xb2\x97\x5a\x90\x75\xce\x4f\xcd\x13\xa5\x0e\xb9\x75\x08\xbb\x2b\x31\x71\xa0\x3f\x7e\xfa\xfe\x21\xf7\x4b\x87\x89\xfa\x43\xfe\xf2\x23\x56\x1b\xf4\xfd\x44\xcb\xa7\x58\xe7\x28\x13\x76\xfc\xcf\xda\x02\xa3\xd5\xb9\xfa\x4a\x48\xa9\x89\xac\x58\xed\xcb\xcc\x09\xf5\x80\x89\xfe\x68\x21\x45\x91\xd7\x6c\x3c\xab\xd2\xfe\x62\xd0\xa3\xc3\x9a\x92\x8e\x48\xc7\x72\xc7\xb1\x14\x4b\x06\xf3\xd3\xac\x00\xaa\x2a\xb9\xba\xd6\x04\xa6\x66\x98\xbd\x61\x55\x41\x35\x26\xbf\xe5\x55\x9e\x03\xe4\x95\xb6\x97\x3f\x9a\xa6\x93\x81\xd4\x41\xbc\x2f\xaa\x73\xb5\x29\x86\xdd\x3b\x42\x22\x9e\xd7\x56\x67\xd3\x0f\x37\xc1\x26\xd7\xbb\x12\xce\xf9\x0f\x94\x19\x14\x3a\xba\x9e\xbe\x2e\x70\x84\x9b\x78\x0d\x9d\x25\x66\x92\x06\xf1\x1b\xbd\x0b\xee\x51\x7b\xef\xfd\xb5\xdb\x81\x96\x56\xb8\xbc\xfc\x39\x70\x9b\xf3\x15\x37\xa5\xbb\x8d\x1e\xb2\x69\x92\x3e\x06\xc5\x45\x95\x44\x9c\x41\x79\x47\x65\x9e\xdd\x1d\x56\xd1\x34\xe8\xb0\x7d\xb3\xa0\x09\x80\xac\x7e\x3f\x3c\x56\xf0\xb9\x16\x18\xc6\x9c\xa4\x1f\x9f\x84\xe2\x13\x8e\x14\xb3\x43\x52\x82\x58\x97\x78\x1b\x05\x07\xa4\x3e\xff\x73\x5c\xc7\xdc\xf3\xe1\x48\xe9\x31\x87\x24\xcb\xad\x70\x68\xe0\xe7\x90\xa3\x57\x44\x4c\x2a\x9a\x2c\xd1\x93\x84\xcb\xe9\xb8\x96\xed\xe7\xec\xb8\xdf\xe9\x7c\xb0\xbf\x4f\x12\x89\x6d\x1d\xb4\xf5\x03\x74\xa9\x31\x76\x9a\xb1\xa4\x4c\xdd\x94\x88\x8c\x30\xaf\xaf\xd5\x8e\x21\xdb\x07\x48\x5a\xa5\xe2\x48\xa8\xbf\xb0\x4a\x3b\x06\xeb\x74\x02\xc5\x48\x6b\x70\x76\x54\x16\xd7\xb0\x44\x61\x4c\xe9\x96\xa2\x14\xc6\x32\x0c\x4f\x48\x72\x05\x44\xf2\x28\xe9\x07\x01\x45\x2d\x8c\x9c\x37\xcc\xa3\x7c\xbe\xc7\x5f\xc5\x93\x2c\x70\x0e\x1a\xf0\x1e\x50\x30\x1c\x31\x04\xc4\x08\xf0\xfb\x62\xfb\x05\xaa\xef\xc4\x97\x5f\x39\xa2\x6b\xa1\x9f\x71\x45\x68\x4e\x9e\x12\x43\x93\xe9\xeb\x7d\x6b\x43\xb4\x7e\xfa\x0b\xfb\xd3\x9b\x4f\xe6\x97\x7f\xbc\xd6\x9b\xf1\x95\x27\x0e\xa3\x08\x62\xb4\xc1\xaf\xaa\x18\xfe\xde\xde\x66\x15\x8a\x61\x38\xa4\x59\xa4\x34\x0e\x73\xc5\x2e\x01\x26\x10\x8a\xc6\x7e\xe7\xfb\xb9\x5a\x1f\xbc\x03\xc9\xfc\x8a\x1b\x93\xbf\x40\x20\x59\xc5\x44\x85\x3e\xb9\xc1\x4a\x76\x92\x48\xc7\x46\x50\x73\xa8\x3d\x6c\xc2\x30\x9c\x63\xa9\x83\x61\x8e\x64\x5e\xc6\x17\x42\xee\x67\x2f\x42\x91\x97\x4a\x84\x15\x67\x60\x9c\xa0\x1f\x39\x23\x53\xf6\xe3\x33\xf8\x50\x5f\xeb\x1a\x8c\x66\x80\xf6\x26\x66\xff\xa9\x53\x01\xe2\x17\x78\x0d\x04\xa1\xa7\x4c\xc4\x8e\x9b\x14\x4f\x05\x0b\x29\x13\x2c\x51\x55\x72\x0f\x7a\x3d\x3c\xde\x22\x92\xa8\xd5\xa4\x02\xa8\x46\xb3\x0b\xbe\xaf\x88\xbc\x48\x49\xd3\x56\x15\xa8\xb4\xab\x38\x59\x57\x7c\xca\xea\xb9\xf6\x8f\xdf\x4b\x82\xa5\xba\x7b\xdc\xa9\x1f\x0a\x3e\x9c\xa5\x30\xb9\x99\x56\x30\x43\xfc\xed\xfb\xf2\xe8\x63\x81\x51\xa5\xf5\x4f\x1e\x9d\x5d\xe6\x5f\x3b\xef\x7a\x86\xe8\xd3\x86\xff\xc2\xb5\xcb\x8a\xd5\x1d\xf0\x72\xc9\x60\x51\x4c\xfc\x2c\xb5\x2d\xa4\x0c\x44\xd7\x57\x86\x43\x5b\x71\x51\xd8\xe9\x73\x57\x21\x30\xa4\x4d\x7c\xff\xc9\xba\x8e\x57\x2a\x2b\xce\x86\x5e\x0f\x6c\x45\x62\xcb\xb9\x4b\xce\x2b\x0d\x63\xe4\xa6\x9f\x4f\x05\x07\x16\x0f\xd8\xa9\x21\xa6\x3d\x21\xa4\x39\xb2\x05\x8c\x4e\x43\x17\x72\xf3\xc0\x36\xe5\x2b\x5b\xeb\xc6\x70\x9e\xf0\x01\xc5\x96\x8d\x0b\x27\x5b\xda\x83\x9f\x96\x1d\xfc\xa0\xe2\x9f\x94\x98\x36\xfa\x2a\xa9\x18\xea\x78\xdf\xdc\xe1\xbd\x4f\xa7\x52\xb9\x0c\x47\x91\x74\x84\xeb\x15\x66\x5b\x28\xd0\x3d\xd2\x04\x56\x03\x9d\x07\xf1\xab\x5b\x3e\x38\xe1\x97\xa7\xad\x65\xff\x49\xb3\xc6\x32\x1a\x6d\x22\x63\x46\x9e\xe8\xd7\xfa\xed\xa4\x10\x97\xd8\x2f\xe5\xaf\x7f\xfa\x21\x33\x9e\x31\x40\xfb\x54\x3f\x66\xc9\x91\xb1\x5c\xe1\xe5\x0c\x39\x66\xa7\xe1\x1b\xb8\x40\xcb\x0b\x88\x6b\x13\xfb\xf7\x1a\x88\x15\xa4\x19\x2e\xb7\xef\x99\x1f\x8b\x86\xcb\x26\x68\x57\xbd\xbd\xe7\xef\x48\x5f\xe2\xb4\x5d\xe2\x0a\x94\x53\xbd\x5b\x4e\x15\x46\xf2\x61\x13\x18\xa1\x88\x1d\x62\x21\x2d\xaf\x62\x78\xab\x45\x40\xd2\x53\xf2\x8a\xca\x00\x23\xd9\xe4\x53\xbd\x40\x6a\x45\xcd\xca\x71\x6f\x5a\x6e\xf1\x9b\xde\x6c\x39\x6c\x22\x2c\x98\xc0\x8c\x63\x4d\x55\xee\x91\xf9\x5b\x97\xc6\x71\xbc\xae\x52\x8c\x92\x9d\xc9\x25\xb6\xec\xbf\x69\x42\xa5\xcf\x0c\x8d\xb7\xd2\xce\x1a\x49\x10\x5d\xe9\x6b\xe5\x99\xb1\xc4\xf0\x23\xf2\x34\xd8\xde\x1c\x02\x75\xdf\x33\x7c\x3c\x8b\xca\xde\xcd\x18\xb0\x67\xf0\x21\xa0\x82\xcd\xdf\x54\x56\x0d\x38\x50\xd7\x99\x45\x06\x36\x73\x6f\xf4\x87\xdb\xb1\xcc\xc4\x5b\x8c\xb7\x06\xab\xde\x2e\x06\x81\xb5\xa6\xdc\xc1\xda\x42\x87\xad\xc6\x08\xca\x1f\x1d\x20\xf4\xde\x06\x79\x8c\x42\xf9\x07\x00\xca\xdd\x30\xc0\x54\xfb\x7f\x3d\xb2\xf3\x5c\x0a\xde\x72\x4c\xe2\x37\x55\xa1\x91\xf8\xd2\xe0\x31\x9b\xd5\x75\x57\x3a\xcc\xba\x20\xd1\x36\xef\x23\x77\xb8\x33\xaa\x2c\x6d\x4b\xf2\x92\x31\x50\x46\xd0\xfa\x15\x9d\x2b\x3a\x7f\xe8\xf2\xba\x43\x7b\x84\xf5\x64\x31\xde\x24\x47\xf9\x92\x0c\x2d\xb4\xea\x26\xd7\xe3\x08\x0d\xce\xb4\x70\x97\x87\xa3\xf0\x9c\xca\xb0\xb6\xde\x31\xcc\xd0\x18\xcb\x11\x6a\x8b\x13\x88\x86\xe4\x3d\xc1\xfe\x7f\x03\xe3\x14\xc8\x1a\x21\x1c\xa3\x8a\x1e\x26\x49\xdf\xb4\x20\x08\x1f\x2b\xb8\xbd\xaa\x80\xea\x9a\x57\x35\x47\x34\x1e\xb5\xb9\xfd\xc6\x6b\x8c\x85\x91\x7e\xce\xeb\xa3\x19\x5e\xe4\x82\x58\x1b\x02\x6f\xca\xf0\x6d\xf4\x3b\x5d\x16\x02\xd7\x9f\x3e\x39\x4c\xf5\x71\x81\xb3\x59\x1a\x08\xe4\x70\x16\x4b\x84\x64\xca\x80\x49\xc9\x13\x18\x4f\xe5\xbf\x07\x47\x6c\xc5\x70\x2f\x0c\x4b\x4c\x39\xc4\xae\xff\xb3\x11\xc1\x33\xa5\x41\x8b\x5d\x67\x28\x45\x67\x10\xf3\x50\xeb\x24\x68\x19\x12\xcf\x1f\xc5\xf4\x73\xb2\x48\xcd\xcc\xab\x2d\x3d\xf1\xcc\xb1\x6d\x95\x1e\xcd\x65\x14\x7a\x1a\x29\x3f\xd7\xc3\x2b\x15\xd6\x2e\xa9\xc4\x64\xfa\x8d\x16\xad\xcf\xd0\xf2\xfb\x1e\x8c\x74\x89\x90\x4d\xd9\x92\xf9\xbd\x0a\xc5\xab\xc6\x3a\x0c\x30\x22\x29\x86\x77\x2d\x44\x31\x3d\xc9\x1c\xb6\xcc\x3f\xf7\x37\xb4\x3a\x23\x45\xac\x55\x97\xe6\x40\x7f\xdc\x6f\xde\x35\xee\x30\x9b\xb0\x65\x44\xb5\xef\xd2\x0d\xc5\x1d\xf4\x41\x85\xc9\xa7\x43\xa8\x90\x7d\xe8\x0c\x81\x0d\xce\xda\xc0\xab\x9d\x23\x40\x7a\x68\x3c\xb5\xd6\x99\x43\x4e\xa9\xe0\xe2\x08\xe7\x43\x81\xb2\x20\xc9\x6b\x66\x6e\x85\x3f\x9c\x6d\xce\x09\x80\x82\x46\xe7\x55\x1c\xf2\x89\xe0\xec\x11\xff\x6d\xf1\x53\x8b\xd8\x3a\x44\x1b\x57\x0a\x43\xb5\x09\x83\x1b\x8a\x78\xf9\x1b\x09\x4b\xce\x8f\xd7\xc0\x0f\x6b\x81\x83\x15\x20\x52\xc1\x4a\xc8\x2d\xa7\xe8\xd4\x00\x46\x27\xf1\xf4\xe1\x65\x50\x8f\x20\xc1\x2c\x7d\xcb\xc9\x4f\x11\xe3\x76\xf4\x19\x20\x46\x53\x60\x98\xbe\x15\xb4\x06\x30\xa6\xa2\x78\x0d\x8b\xca\xce\x6d\xa5\x4f\x38\x7b\xaa\xf6\xdf\x1c\x39\xdd\xfe\xf9\x71\xf8\x87\x43\xc7\x8d\x0e\xc1\x92\xc6\xa2\x37\xc3\x40\x7f\xfb\xe6\xc4\xa4\x5b\x54\x50\x9f\x20\xd5\x30\x36\xf6\xaf\x18\x49\x09\xd5\xbf\xc5\x9d\x97\x30\x5e\x6e\xa3\xa7\x9f\x01\x90\xda\xac\x54\x40\x35\x4f\x38\xe8\x1f\xec\x97\xce\xb3\xca\xb2\x33\xac\x2c\xd7\xfd\xda\x10\x13\xce\xe9\x9f\x5a\xff\x7b\x69\x47\x5f\x45\xb6\x20\x5b\xa7\xe3\x0f\x42\xbc\xbf\x6a\x8a\x17\xb1\x3b\x10\x89\xd9\x67\x57\x5b\x0a\x77\x35\x15\x83\xaa\x35\x6d\x3e\xac\xab\xe2\x78\xa1\xf3\xfe\x70\x8b\x62\xca\xb5\x97\x08\x13\xe1\x2a\xfb\x53\x69\x53\x12\xe3\x93\xdb\xbd\x87\xda\x80\x9d\x9a\x73\x02\x9d\x06\xa8\x7d\x4c\x77\x24\x69\xf8\x49\xce\xae\x11\xfe\x79\xd0\xae\xff\x9f\x1d\x5d\x6e\x2b\x8d\x3e\x4e\x6b\x7d\xa8\xe2\x61\x79\xc4\x1c\x01\x12\x86\xbe\xf4\x6f\x66\x2c\xc8\x94\x61\x79\xc3\xe7\x69\xbc\x27\x3f\x33\x65\x9f\x61\xdb\xe9\x31\x70\x17\xe8\xa7\xb8\x58\xe0\xba\x01\x46\x11\x70\xd4\xc2\xeb\x71\x9d\xaf\xd7\x42\xa5\x29\x73\x52\x51\x63\xac\xb5\xe0\x10\x96\xb8\x9f\xc4\x59\xfc\xfe\x83\x09\x81\xe1\x78\x17\xa5\xd7\xaa\x04\x64\x1c\x04\x27\x96\x06\xa5\x50\x63\xb1\xfc\x41\x11\xa8\x60\xa7\x7f\xf7\x9b\x77\x7d\xe1\xd7\x01\x91\x2d\x7b\x92\x68\x53\x93\xfa\x6d\xcb\xf3\x8d\x9e\x71\x1d\x60\x5e\xb6\x54\x98\x87\x56\x27\x6c\x18\xbb\x2b\xaa\xad\xf2\xcc\x8f\x8e\x2a\x40\x4f\xdd\xfe\x3b\x07\x75\xf8\x7c\x67\xd6\x3d\x34\x22\x7e\x9e\x3b\xbe\xae\xda\x75\x07\x48\x72\x41\xfc\xe1\x3e\x97\x7a\x18\xe4\xc7\xf4\x86\xd4\x01\x26\x33\x82\xc1\xda\xc3\x53\x1b\x1e\xf8\x79\xdd\xea\xa2\x55\x41\x97\x38\x09\x92\x1b\xd5\xb6\x7b\x1f\x61\xa9\x01\x74\x78\x76\xcc\xdf\x54\xe6\xff\xba\xbd\xa6\x99\xb2\x38\x96\x03\x7e\xfa\x77\x03\xd7\x51\xfc\xd3\x70\xa5\xff\xf4\x6b\x8d\x62\x8e\xbc\x28\x98\xca\xba\x2c\xdb\x0f\xb1\x73\x49\x94\x54\x6c\x31\xd3\xf1\xec\x8d\x8d\xa1\x3e\xc4\xe1\x91\x7a\x06\x82\xa4\x2b\x4c\x51\xe0\x8e\x5a\x74\xb2\x26\xe3\xd0\xda\xf9\xf0\x4e\xf4\xf4\xd5\xf9\x8b\x09\x5a\x70\x99\x88\x65\xfe\xfa\x9e\x30\x3c\x5e\x3e\xf9\x17\x7a\x8c\x70\xba\xda\x13\xd8\x99\x3d\x5c\x14\x55\x15\xcf\x46\x64\x07\xd0\x7a\x46\x9a\x14\x1c\xba\x87\x54\xbf\x03\xd1\xfe\x6f\x76\xa6\x4c\x1b\xe7\xa8\x6a\xab\x98\xce\x78\x71\x5c\xb9\x76\xa7\x7a\x75\x85\x69\x50\xaf\x69\xbb\xa6\xcb\x4e\x4e\x97\x35\x49\x62\xac\x91\x31\xf1\x48\x79\x27\x95\xcf\xa8\x9c\x3a\x57\x17\xd9\x94\xa3\x0e\xad\xfa\xaa\x80\x54\xe6\xc5\x35\x61\xe7\x4b\x7a\x7b\xff\xc1\x9d\xfd\xf1\x19\x8e\xbf\x45\x35\xaa\x35\xdf\x23\xc0\xb8\x3a\xcb\x75\x25\xe1\x07\x0e\x4b\x77\x0c\xe1\x32\x46\x01\xca\x66\x19\x9d\x4d\x44\xc6\x69\x4c\xff\x44\x00\xcb\xb6\x87\xf4\x23\x16\x37\x89\xde\x7d\xd5\xae\xcd\xed\x00\x9a\xa0\xd5\x12\x14\x26\xc1\x1e\xde\xa7\x34\xae\xd3\xf3\x3e\x4e\xff\xf7\x7a\x2b\x7b\x49\x25\x8e\xbb\xe6\xc0\x88\xe4\x78\x7f\x5f\x1e\x70\x99\xdf\xb9\x34\x1a\x4f\xb2\x7b\xfe\x4c\x4b\x14\x82\x50\xec\xda\x5f\x04\x61\xa8\x49\x96\x3d\xc8\xef\xa0\xaa\x90\x69\x6a\x6b\x50\x09\x29\x39\x8c\x9e\xf6\x17\xa5\x62\xc4\x2b\x3f\x37\x14\x2c\x97\xc0\x1b\x4e\x2a\xd8\xfc\x7c\x11\x0d\x28\x72\x7a\x8f\xe2\xa1\x88\xc3\x05\x57\x71\x99\x67\x32\xfe\x0f\xa7\xce\x59\x85\x71\x6e\xeb\x8f\x66\x08\x4d\x75\x36\xd5\x85\x2d\x71\x68\xf2\xe3\x30\x3c\x92\xee\x2f\xff\xc7\x77\xa4\xaa\x80\x61\x18\x30\x28\xb1\x2a\x3d\x09\x61\x40\x3d\x72\x84\x2e\xc1\x5f\x00\x17\x01\x3e\x05\xa4\xf1\xf7\x52\x8b\xad\x6f\x11\x61\x5e\xbb\x42\xc8\xf4\xd1\x69\x9d\x33\xe5\x2e\xf0\x66\x35\x8f\x6a\x18\x02\x32\x4b\x26\x6d\x74\x42\xd5\xd2\x5f\xa6\x6b\xb4\xdb\xc6\x16\xb4\xc7\x67\xb4\x85\x6e\x77\x71\x09\xb5\x28\xac\x26\x6c\xd5\xdf\x05\x67\x55\x4f\xd5\xa0\xa8\x85\xcc\x2e\x40\xdc\x11\x59\x61\x69\xc8\x0d\xf5\x16\xf9\x42\xdb\x38\x17\x1e\x1b\x3b\xb8\x57\x50\x72\xd5\xda\x78\x6c\x64\xb0\x75\xbc\xd2\xb9\x7a\xfa\xf0\x9e\xd9\x67\xc3\xb9\xbf\xb2\xd4\x84\xbb\xd6\x27\x74\xa7\xec\x42\x76\x21\x55\x12\xec\xd4\xd7\xd3\xa6\x00\x32\x75\x81\xc6\xa7\x66\x3c\x7b\x51\x18\x86\xe5\x85\x7d\x0d\x42\x6c\xc2\x8c\x0a\x28\x57\xf2\x61\x84\x3d\xe6\xdd\x7b\x2c\x2b\x20\x85\x93\xf1\x09\x84\x39\xd2\xd5\xfe\xba\xce\xeb\x01\xbb\x7f\xe6\xc1\x9a\xae\xc6\x7a\x71\x8c\x0a\x22\xb6\x70\xe2\x9f\xf8\x88\xd0\x5b\xb6\x12\x8b\xad\x5e\x6e\x0a\x4b\x5b\xb8\x28\xbd\x9f\x4f\xf6\x6e\x54\xef\xe1\xae\xd0\xa9\xbf\xe7\xb2\x66\x28\x0a\xc4\x77\xb2\x61\x6f\x0f\x03\xd7\x0f\x39\x66\xfe\xf6\x58\xb5\x9f\x92\x5d\xee\xa9\xbb\xb9\xf8\x31\x3f\xc1\x19\x88\xa0\x9e\xca\x21\x7c\x79\xf9\x25\xd3\xa2\xeb\xb7\x1a\x97\xf0\xa8\xb9\x4f\xb7\x35\xfc\xed\x79\xe9\x3a\x30\x69\xe9\xaf\xb8\x99\xf8\xd7\x44\xb1\xdc\xa1\x04\x9c\x4a\xdd\xf3\xa8\xc4\xeb\x1c\x6a\x7f\x18\xe7\xa8\xa9\xd1\xfa\xb1\x21\x63\x60\xaa\x8a\xff\x91\x51\xb5\xf4\x77\x06\xa9\x9b\x3e\x35\x5e\xe4\xe5\x3a\x58\xdb\x9b\x2b\xc9\x49\x84\x21\xb6\x92\x8e\x4c\xc2\xef\x10\xd0\xb6\x0f\x25\xc6\x3f\xef\x9f\xce\x3f\x5a\x17\xa8\x30\xdb\xd4\x40\xf8\x2d\xc8\x40\x7c\x6a\xe3\x86\x14\x41\x2b\xdb\xaf\x2f\x19\x9f\x37\xb4\x60\x70\xdd\x4c\x97\x7c\xe8\x67\xc0\x51\xbf\xcc\x4b\xb9\xe0\x56\xa7\x23\x7b\xab\x25\x1e\xb1\x2f\xb8\xcc\xdb\xdf\x48\x58\x0e\xe6\xb8\xec\x7b\xa7\xb1\x7c\x85\x49\x04\x6c\x03\xb7\x0a\xa8\x13\xc0\x46\x30\xa6\x65\x8c\xa1\x0e\x91\xf4\xad\x05\xa2\xb9\xae\xf2\xc3\x48\x6b\xf5\x86\xc3\x6f\x09\x99\x24\x87\x51\x58\x25\x51\x20\xcb\xb5\xdc\xf6\xf7\x0e\xd0\xf0\x24\xba\x3c\xc9\x73\x5b\x04\xd4\xe2\x29\xb6\xb2\x41\x80\x80\xc5\x39\xa9\x77\x95\x2d\x75\x18\xb8\x8a\x5d\xc6\xe8\xa6\xfe\xe7\x42\x0c\x68\x4d\x95\x5a\xd5\xcb\x0f\x0e\x21\x48\xae\x1c\x55\x5f\x3c\x84\x1f\x04\x5d\x3a\xf7\x60\xdb\x90\x9b\xd4\x8f\x54\x02\xd1\x9f\x53\xf5\xae\xe2\x3c\x3b\xa5\x7b\xaa\x00\xbb\x07\x77\x50\x05\x8b\x49\x22\xe9\x44\x29\xdc\x06\x99\xeb\x3c\xf9\x85\xd9\x4a\x0b\x3d\xd9\xdd\xa6\xc0\xf8\xac\x60\x12\x2d\x64\x5a\x3b\xc4\x6f\x0e\xf3\xf8\xcd\xb8\xe9\x8e\x0e\xc6\xcd\x94\x29\xe0\x11\xde\xa7\xf6\xf6\x8b\xb9\x1c\x46\xd2\xdf\x21\x9c\xbc\xfa\xd5\xc5\xdd\x7d\xf6\x59\x57\xb5\xf2\xa6\xe9\x5c\xbd\x08\xdd\xdb\x89\x21\xa3\x24\x0a\x10\x0b\x8c\xa2\x26\xa7\xf0\xb3\x30\x6f\x14\x5d\x28\xf1\x54\x01\x3d\x2e\x7d\x68\x21\xcf\xfc\x42\xc3\x8d\xf4\x01\xe1\xff\xb9\xbc\xb5\xb8\x3d\xe5\xf5\xb4\x53\xce\x71\x07\xb4\x61\x9a\x02\x82\xcc\xee\x54\xa4\x08\x8a\x10\xaf\x16\xdf\x38\x28\xea\x61\x3c\x0a\xfa\x97\x80\xed\xed\xde\x0e\x99\x36\x9f\x0a\xba\x2c\xa1\xab\x4e\xbb\xae\xc0\xe0\x96\x00\x38\x7f\x80\x80\xfe\x1e\xe7\xb6\x11\x57\xf9\xcd\x77\x0e\xf9\x7d\x6e\x79\x03\x6e\xb9\xb2\xd8\x47\x49\x89\x20\x0e\x2e\xd7\x82\x56\x39\x41\x63\xe3\x35\x37\x52\x01\x15\xf7\x26\x3b\xc1\x69\x96\x0c\xde\xec\xb2\xcf\x88\x0e\xf8\x1f\x2c\x3f\xe3\x2f\x07\xca\xf2\xd1\xb9\x2b\x32\x77\x68\x84\x70\x5f\x15\x3e\xd1\x66\x94\xe4\x6f\x6c\xf9\xc9\x15\x05\xd8\xb2\xf6\xf6\xb3\x6b\x7e\x0d\x08\x5e\xdf\x3c\x42\xa1\xe8\xa6\xc6\xe8\x3f\xea\x03\xe0\x51\x38\xe4\xa5\x2d\xe7\x36\xf3\xb7\x86\xc4\x60\x53\x22\x8e\x88\xac\xb0\xc6\x60\x12\x2e\x28\xe4\x15\xfc\x8f\xf6\x5d\x68\xf2\x89\x02\xbc\xcd\x06\xf7\xe6\x59\xc3\x8b\xa5\x06\x8d\x52\xb3\xd0\xa0\x70\xbc\x98\x30\x97\xa9\x99\xe7\xa1\x4b\x04\x36\x5b\x68\x71\xa0\x84\x26\x3b\x79\xbf\xe6\xce\x6f\x97\xc3\xb6\x49\x55\x5d\x69\x35\xfd\xe7\xc4\x2a\x04\xd1\x99\x8e\x56\xe7\xe6\xe2\x51\x40\x25\x82\x59\xeb\x28\xf0\xc3\xa7\xcb\x13\xbc\xcb\xc3\xd6\xd6\x9d\xa1\x1d\xa4\x88\x30\xc4\xbd\x48\x34\x4a\xb0\x4a\x43\xad\x2c\x24\x11\xa2\x25\x5f\x40\x58\xec\x07\x59\x7f\x30\x5d\xd7\xb3\x23\xd1\x4e\x3d\x2a\xbb\xe3\x73\x87\x13\xcb\x54\x09\x03\xc8\x5b\xf0\xa8\x7f\xe6\xfb\x24\x12\x8b\x9f\x7e\xef\xab\xf3\xab\x03\x39\x95\x36\x4d\x4f\xa6\x97\x8b\x5e\x9d\x85\x6e\xba\xd3\x43\xbf\xc1\x1a\x29\x38\x0b\x86\xbb\xef\xa9\xde\x3b\x64\x24\x85\x44\x3d\xa3\xf0\xb6\x44\x3f\x59\x49\x00\x8f\x5b\x5f\x1e\xb2\x85\x51\x30\x62\x93\x01\xd6\x2f\xdf\x65\x92\x69\x2e\x0b\x1f\xe0\x98\x6b\xe3\xb6\x0c\xb2\xd0\x1b\x96\x32\x94\x18\x44\x6a\x74\xec\x3c\xc3\x1b\x28\x0b\x4d\x38\x63\xe3\x7c\x29\x1a\x7d\xe4\x2f\xe9\x7f\xf2\xbe\xb1\x7d\xac\x35\xde\x5c\x39\xd4\x6d\x1b\xad\xcd\x20\x1e\x9c\xf0\x1c\x56\xec\x50\x26\xf8\x05\xf6\x66\x51\xec\xf2\xcb\xe7\x6e\x07\x46\x8f\xaf\xee\xe6\x37\x57\x49\x57\xbc\x59\xd3\x49\xee\xbf\xfb\xdf\xb3\x61\xde\x7e\xd1\x93\xb6\x05\x3d\xda\x86\x5a\x5b\x7b\x57\x12\xa3\x53\xe0\x4d\x02\xe7\x31\x55\xa4\x88\x43\x6f\x19\xca\x70\x5c\xde\xa8\x0e\xaa\x7c\x7f\xe7\x2c\xe8\x69\xc5\xa5\x38\x21\x96\xc2\x52\xec\xc4\x09\xc3\x97\x1a\x56\x64\xe1\x84\xb2\x5d\xad\xf8\xf3\xb0\x3d\x4d\x96\xa5\x6a\xee\xfc\xaa\xe9\x4a\x7e\xf5\x54\x0b\x46\x22\x64\x50\xf3\x52\xb7\x12\x3b\x6a\xe0\xa8\x3e\x27\x99\x64\xd3\xb4\x28\x65\xc3\x1c\xb4\xcf\x15\xe3\xaa\x3d\x32\x7f\x2d\xf8\xcb\x10\x12\xbd\x75\xe4\xbb\x52\xb2\xf3\x8a\x36\x36\x42\x0d\xa0\xa4\x0c\xec\xdc\x68\x9b\x34\x4e\xf9\x57\x16\x9e\x02\xb4\x34\x78\x81\x68\x07\x67\xf5\x5d\xfd\xc3\xb7\x9e\x16\xd4\xbb\x6f\x32\x48\x6a\xae\x30\x64\x59\x3b\xaf\x3f\xf5\x2b\xe6\x87\xe9\xbe\xba\x0f\xaf\xd4\x7e\x23\x89\x5e\x33\xf5\xe6\x65\x23\x34\xf3\x0a\xbe\x60\x23\x19\x5c\xf2\x30\x9a\x7f\x58\xc9\x1e\x95\x10\xee\x96\xe0\xb1\x0b\x6d\x3f\x67\x72\xd5\xb1\xb5\xd7\x42\xf1\x90\x68\x07\xc8\xc0\x10\xde\xa7\xfe\x42\xcb\xb1\x46\x2d\x9c\x6d\x6a\xa6\xde\x30\x46\xa9\x7a\x4a\x51\x59\xb9\x9a\x71\xdf\x7a\x93\xaf\x0e\xfd\x0e\xf7\x8f\xe7\xb0\x2d\xe0\xba\x12\xc7\x70\x2f\x52\x68\x43\xd2\xa4\xb1\xe6\xdd\xeb\xd8\x75\x0b\xa9\xc5\x12\x4e\x21\x95\x8f\x9d\x04\xa3\x15\x1c\xac\x12\xff\xf0\x45\x95\x73\x97\x1e\x29\x2a\x03\x13\x04\x08\xf5\xd3\x28\x18\x50\x70\x42\x26\x63\xf4\xd5\xb6\x0d\xdb\xc6\x3f\xb7\x80\x98\x74\x8f\xba\xe0\x72\x84\xa8\x08\xd0\x54\xc5\xe3\x20\x65\x7f\xe7\x58\x48\x10\x47\x66\x53\x40\x41\x13\x83\x60\x06\x69\xe2\x62\xca\x47\x9a\x3b\x05\xda\x2f\xa5\x72\xad\xb9\x64\x5c\x81\x46\x08\x1d\x52\x2f\x5a\x6c\x8f\x4d\x74\x2b\xd5\xf5\x05\xc3\x01\x40\x4b\x8b\xe5\x3a\x26\x86\x02\x2a\xe0\xfd\x7b\x7f\x93\xd6\x0d\xf3\x53\x99\x8a\xa5\x9a\xf2\x21\x31\xa2\xb8\x3a\x47\x71\x05\xd4\x92\xc0\xf2\x52\x64\xe0\x45\xb2\xef\x4b\x6b\xdc\xa1\xfc\x69\x5d\x89\xd5\x9a\xfe\xa8\xda\xc4\xfd\xe7\x1c\x7e\xe4\x13\x1c\xae\xf1\x82\xc4\x70\x88\x18\xbd\xeb\xac\x6e\x9c\x96\x2c\x0e\x00\xfc\xab\x26\x7f\x99\xef\x78\x0d\x03\x6f\x94\x64\x29\x9d\x4f\x5d\x66\x88\xc9\x21\xa4\x36\x3a\x9e\x36\x81\xab\x8d\xc5\x47\xc9\x59\x39\x85\xf9\x1a\x3d\xad\xbf\x9e\x77\x7a\x25\x6a\x05\xaf\x3d\x41\xd4\x20\xc1\xe7\x71\xcb\xed\x61\x73\x1c\xbc\xfd\xd4\x7d\xc3\xc7\xb6\xb0\xea\x7e\x87\x57\xc7\x73\xb5\xdd\x4f\x7d\xff\xf4\x2f\x15\x95\x09\x8e\x7e\x70\xac\x3f\x9b\xb2\x9f\x17\xea\x21\xca\x4b\xa3\xb3\x08\x65\x46\xa6\xee\xb0\x56\xbb\xa3\x28\x30\x7b\x0c\x62\x4a\xed\x30\x51\x74\xa5\x41\x27\xc5\x89\x71\xf4\xfb\x7a\x9e\xd7\xb8\x3a\xec\xfb\xe4\x85\x8d\x44\x5f\xa4\x02\x58\x48\x10\xa9\x31\x0a\x9c\x6b\xdc\xdd\xbf\xa3\x22\x11\x85\x2e\x9b\xa5\xff\x63\x03\xe6\xf8\x81\x07\x69\x7d\xfb\x15\x5a\x4b\xa0\x7a\xf1\x90\x66\x91\xb8\x19\xbb\x46\x89\xb4\x79\x76\xb0\xb4\xc5\x12\x5c\xf0\x09\x54\x08\xee\x8d\x53\x5b\x13\xcd\x3f\x1a\x11\x8c\x8a\xa8\x95\x09\xd1\x54\xb8\x61\x9b\x67\xf3\x58\xd7\xb4\x64\x9b\xba\x06\x74\xd4\x44\x88\x16\x51\x60\x1d\xbd\xf4\xda\x08\x7e\xdc\x56\xa4\x00\xf5\x46\xcd\x5d\x5b\x97\xc1\xa4\x09\x32\xdf\x7e\x89\xf0\xda\xb4\xda\xc5\x99\x7e\xf5\xd3\xd4\xf8\xd4\x3d\xd8\x7b\xe3\x21\xcd\x94\x57\xcb\xc2\x92\xa1\x6f\x27\xad\x0d\x23\x8a\x55\x1b\x0f\x0c\x1d\x01\x9a\x04\xb4\xf6\xde\xa7\x8e\xdf\x2b\xe3\x9e\x6b\x79\xa8\x41\x7e\xe1\x06\x50\x26\x41\xa4\x0b\x37\xb7\xf8\xea\xc8\x3f\xfe\xc4\x8c\x1a\xa9\x43\x6b\xc1\xeb\xb8\x92\xd0\xec\x34\xa6\x8e\x8a\x98\xf9\x6f\xcc\x90\xd8\x3b\xdf\x26\x0a\x1b\xfa\x78\x0d\x5d\xad\x6e\x59\x43\x3d\x2d\x88\x23\xd2\xbc\x28\xa2\x70\x86\x32\xb3\x97\xd2\xd7\x56\xd4\x86\x30\x34\x0e\x64\xd4\x09\x9c\x98\xad\x5f\x2c\x01\xb3\xd8\xb2\x25\x44\x29\xc7\xdc\x11\xd0\x2e\x8b\x49\x92\xad\x01\x81\x5a\xb1\xdd\x76\x02\xfe\x70\x0b\x5e\xcb\xe5\xb0\x21\xf4\xb1\x85\x64\xc3\x80\x8a\x09\xdc\x10\x97\xcb\xf1\xcf\xce\x00\x2b\x0e\x18\x07\xbd\x45\x91\x0b\x87\x27\x1f\xb9\x33\x4d\x4b\x73\x5a\x8a\x70\x5d\xa0\xb7\x2c\xcd\x08\xc5\x31\xac\x30\xe0\xb5\x09\x58\x46\xe8\x4b\x50\x19\x3f\x15\x17\xc6\x24\x70\xf4\xb7\x3a\x9d\x9a\x75\xe4\x34\x3b\xd0\xf4\x28\xd0\x12\x6d\xd9\x9d\xca\x90\xca\xb2\x9b\x64\x8f\xed\x06\xac\xc0\xd5\x8f\x0c\x2a\xe1\xe6\x30\xaa\x74\x9f\xa2\xbb\xeb\xba\xa5\xfa\x6f\xff\xfd\xdb\x62\x03\xef\x8c\xf7\xc8\xb7\x38\xdb\x87\xc7\xfe\x1d\xcd\x62\x38\x2f\x18\xe9\x21\x62\x4f\xc6\x83\xaa\x3a\xd1\x71\x1b\x4d\xa6\x5b\x5e\xa2\xbd\x66\x3d\xda\xaa\x4f\x87\x53\x5b\x8b\xb1\x43\x13\x06\x73\xd7\x2a\x6e\x27\x65\x7a\x35\xa5\x56\x1a\xe8\x78\xcc\xa9\x04\x1a\xbd\xbe\x7d\x6e\xbf\x1f\x89\x53\xbe\x8b\x22\x35\xdd\x25\x7b\xa6\xd8\xee\x69\xd3\x4a\x17\x22\x9e\xee\xfe\x29\x06\x9d\xc6\x7b\xa0\x6e\x93\x00\x9a\x9c\x05\x4b\xd5\x60\x6c\xb6\x57\x11\xfe\xa2\xf4\x5b\x98\xe9\x5f\xb4\xba\xf9\x98\x50\x63\xaf\x34\xf2\x77\x8c\xb0\xd5\xb9\xca\xb3\x67\xd2\x65\xbf\x79\x3f\x18\x5a\xc2\x61\x49\x05\x61\x8e\x9a\x66\xda\xb8\x80\x2f\x24\x10\x39\x94\x91\xc4\xb2\x6e\x0a\x52\xe2\x6e\xbc\x87\xf3\x95\xc4\x7f\xf9\xb0\xc2\x18\xcb\x21\xce\x50\xbb\xe3\x72\x2f\xfb\x85\x8e\x75\x1b\xd9\xce\x0e\x47\xc4\x7c\x29\xc4\xd5\x0c\x14\x00\x9a\x53\x3e\x91\x3b\x44\xfd\x23\x74\x3c\xbc\xe7\xce\x87\x08\x52\x2b\x5d\xe2\xc9\x1b\x3f\xa3\xfc\x07\x02\x7e\x16\x03\x16\x89\x0f\x58\x9b\x3e\xc9\x03\x8c\x99\x6f\x92\xf0\x4a\x68\xe4\x56\xf5\xfe\x70\xf2\x4b\xb2\xcf\x09\x1a\x95\x70\xda\x31\xb7\x4e\x8b\x76\x94\xf6\xbe\x8d\x8b\xdb\xb0\x16\x58\xc3\x6c\x79\xf7\x43\x23\xf9\x74\x3b\x5b\x5f\xbe\xd0\xf1\xeb\x11\x0f\x50\x30\xaa\xed\x5d\x4c\x16\x2c\xc3\x6c\x5c\x86\x49\x35\xa9\x73\x31\xaa\xb4\xe3\x25\x78\x18\xc8\x82\x96\xfe\x1b\x7b\x62\x3a\x81\xef\x7d\xa1\x90\x42\xeb\x2c\x26\x48\xa3\xb0\x3e\xee\x1f\x8f\x55\xf9\x14\x96\x16\xf8\x0f\x96\x7d\x51\x36\xac\x86\xec\x25\x5e\x0a\x30\xaf\x05\x3d\x95\x29\x6c\x26\xef\x81\x10\xe1\x29\xd6\x47\x55\xd0\x42\xca\x43\x24\x76\xa0\x0f\xc6\xd0\xef\x16\x95\x14\xf8\xdd\xcb\xf5\xf0\x3c\x6b\x95\xf1\x4d\xe2\x22\xf7\xc1\x4c\xe9\x39\x67\xf1\x64\x32\x38\x38\xd7\x89\x4e\xfb\xac\xb8\x1d\xc8\xef\xad\xe0\xf6\x28\xa6\x08\x82\x63\x0a\x10\x49\x4d\xaa\xee\xcd\x5b\x9f\x77\x93\xc4\x7a\xfc\x3f\xb9\x66\x05\x15\x62\xff\x01\xbe\x9d\xc8\x21\x37\x39\xa3\xd6\x3f\x33\x78\x7c\x4b\xa6\x97\xfe\x2d\x6c\x7e\xe5\x7e\xf4\x8a\xe5\x84\x37\xed\x09\x56\x5a\xca\x41\x47\x10\x7e\x80\x14\x3f\x60\xbf\xeb\xa6\x5c\xe2\x0f\xa1\x71\x6c\x78\xeb\x74\x8b\x81\xf7\x93\x41\xdf\xb7\x73\x36\x6c\xea\xee\x27\x1a\x86\x58\x5f\xcf\x2b\xa6\x1d\x0a\x22\x05\x53\xf9\xf7\x5e\x34\x99\x38\x65\x9e\x7e\xd3\x2e\xc2\x69\xfa\xd1\x70\x23\x05\x49\x35\xd4\xb9\xb8\x97\xfa\x42\x62\x70\x35\xe3\xfc\xd1\xeb\x29\x27\x55\x1f\x59\x00\xa8\x3f\xbb\x26\xda\x59\xdf\xf2\xb9\xcf\x7c\x17\x06\xba\x41\x19\x2b\x55\xe0\xcf\x28\x2c\xfa\x39\x4d\x2c\xf9\x5b\x0f\xc5\xe8\x1a\x1b\x73\xc9\xa6\xb5\xf3\xac\xcb\xbc\x96\xca\xc8\xaf\x05\x36\xfe\x04\x67\xd4\x66\xef\x33\x38\xeb\x86\xf3\xb1\x35\xcd\x99\xb0\x59\x48\x9f\xfa\x9d\x12\xa5\x15\x54\x75\xb6\x17\xce\xf0\x26\x7f\x0b\x4a\xdd\x71\xd2\x71\xbf\x68\x4e\x3c\xf9\x6a\x80\x1d\xd8\xfc\xf0\xe3\x65\x3d\xae\xdf\x2f\xd2\x40\x6d\xb3\x50\xa0\xce\x15\xd8\x5a\xa3\x40\x92\x61\xea\x97\xf8\xe8\x52\x41\x6d\xfc\x31\x9f\x1a\xb2\x97\x8f\x1d\x8e\x3a\x6b\xf4\x57\x1e\xcb\x18\xce\x58\xed\xfc\xa7\x78\xb9\x17\x42\xc8\x3a\x11\x85\xea\xb4\x1f\xec\xaa\xc5\x6f\x8f\x85\xed\x09\x16\xbf\x62\x4d\x31\x39\x28\xb2\x0d\x4d\xc0\x60\x1c\x10\x66\x46\x93\xed\xf8\xf1\x13\x08\x24\x60\x9a\x53\xd6\x31\x1a\x5b\x78\x1f\x2f\x85\xa9\xed\x6a\x70\xec\x9a\xf0\xb3\x04\x9a\xfe\x3e\x73\x4d\x08\xda\x49\x81\xf5\x95\xa8\xfa\xe5\x14\x83\x1b\x3c\x9d\x38\xee\xde\x66\x81\xba\x17\x84\x5a\xab\x6d\xbb\xe6\x15\xe3\xd4\x91\x83\xbb\x67\x9d\x7d\xb4\x94\xc2\xe7\x1c\xf8\x59\x50\xb4\xc2\xca\x49\xf2\xd4\x19\xeb\x65\x4a\xca\xef\xdf\x7a\x03\x96\xa1\x5b\x56\x85\x46\x02\x1d\xd2\x32\x24\xe2\x80\xa8\x5b\xb6\x77\x36\x83\xa8\xc4\x2e\x77\x15\x29\x8c\x89\xdf\x74\xdc\xe8\xa6\xbf\x68\xee\xd5\x8f\xd9\xf4\x14\x55\xef\x60\x17\xb7\xe0\x55\xe6\xbc\x16\x46\x1d\xc7\xd2\x7e\x73\xa3\x0b\x50\xbe\x24\x0a\xac\x5d\x1d\x3b\xe4\x29\xdf\x9f\x6b\x15\x4c\x65\xf4\xde\xa4\x4c\xf7\x9f\xa8\x64\xe2\x21\x31\x71\x2e\x6d\xb7\x76\xbe\x41\xdb\x2e\x3a\x77\xcf\x54\x3e\x88\x30\x1c\xab\xcb\x3c\x0e\x01\x66\x13\xc7\xd8\x88\xdd\xf1\xf4\xe1\x37\x8a\xfa\x80\xfb\x02\x61\x18\xc7\x2f\xda\xda\x9b\x57\xda\x1b\x8a\x0b\xf8\x07\xfe\xad\xb5\x54\xb8\x5d\xc1\xad\x87\x75\x62\x5c\xf5\x42\x31\x9c\xd6\x38\x32\xa3\x54\x81\x83\x3d\x34\xb4\x47\xb6\x48\x3a\x89\xc1\x50\x04\xd6\xd0\xb9\x62\x47\x86\x28\x6b\xa7\x67\x69\x61\x53\x95\x12\xa2\x26\xa5\x50\x8a\xb8\xf0\x21\xe8\x5b\xce\x00\xc5\xed\x9d\xf6\x12\x66\xda\x30\x05\xe1\x5f\xfa\xab\x57\xbc\x9d\x34\x8e\xc5\x48\xfa\x16\x65\xa2\x0f\x49\xd5\x45\x7f\x86\x3a\x33\x10\x73\xe1\x79\xc2\xef\xfb\xf8\x2e\x84\x0a\xe1\x09\x35\x40\x3a\xdc\x62\x35\xe7\xaa\x42\x55\xf6\x49\x3d\x12\xc5\xbf\x7b\x3b\x0c\xda\x16\x72\xe9\xdb\xbd\xed\x4f\xa8\xeb\xd1\x37\xea\x59\x39\x1d\x03\x4c\x82\x3a\xd9\x06\x29\x78\x2a\xa0\xb2\x19\xd9\x10\x3c\x79\x08\xe9\x48\x9c\x36\xe8\x52\xf1\xdf\x57\x5f\xa5\xa1\x6f\x53\x73\xc7\x39\x48\x8c\x82\xf0\x34\x32\x91\x5f\x5d\xdc\x00\x14\x5a\x63\xdd\xc1\x56\x28\x68\x26\x01\x7a\x74\xe0\xf5\xb8\xdc\xcf\x7f\xec\x5f\xa9\xc7\x42\xe2\x62\xf6\x2b\xf2\x64\xe2\x83\xda\x7d\xcf\x8c\xe0\xd4\xf6\x4d\x38\xee\x6f\x25\x4f\xba\xbc\xa2\x17\x6c\xd9\xb1\xa8\x8c\xe1\xbc\x3a\x20\xc8\xab\x5e\x6c\xb0\xd2\x59\x02\xc8\xcf\x7b\x14\xa9\x48\xe2\x5c\xd6\x5c\x70\xfe\xd6\xfb\x0b\x0c\xc2\x6d\x81\x03\xb6\x56\xfb\x53\xfa\x09\x76\x5c\x36\xb2\xfb\xc1\x58\x85\xe7\x68\x91\xf9\xc6\x03\x1e\x74\x0b\xb5\x91\x60\xea\xc9\xdb\x72\x02\xd2\x9b\x7c\x37\xfe\x81\xda\xa6\x79\x19\xc5\x1d\xbb\x98\xc2\x81\x88\xee\xde\xec\x26\x69\x3d\x69\xeb\xc1\xe7\xa0\xdc\xbc\xe4\xad\xe9\x34\x55\xd6\xc4\xd8\x2f\x05\xb3\x2a\x89\x90\x2b\x71\x6c\x5a\xa0\xde\x62\x2d\x30\xdc\x1c\x0f\x67\x5c\xb6\x90\x11\xcb\x70\x22\x86\xb3\x7c\x99\xf9\xe9\xca\x38\x53\x20\x7d\x5d\xb4\x32\xe2\x37\x7a\xdd\xa2\x51\x81\xc7\xdd\x07\xba\x5b\xdc\xbe\xe3\x32\xab\x38\x1a\xaa\xf5\x4f\x0e\xb8\x5f\x12\xfc\x68\x38\xd6\xca\xdd\xc8\x32\x75\x53\x58\xf1\xb0\x92\x2f\x23\x1a\x0c\x5d\xdd\x69\xd2\x16\x16\xc2\x83\x34\xf0\x40\xe5\x33\x10\xf8\xee\x07\x62\xe5\x81\xea\x0a\x45\x76\x81\xb1\x8c\xfe\x90\x5b\x94\x7d\x06\x9c\x86\x31\x1d\xed\xbb\x55\x59\x52\x89\x20\x98\x5b\x8b\x32\x02\x0f\x22\xa3\xf2\xb1\xf1\x41\xc7\x4e\xf5\xa8\x35\xe7\x30\xfe\x8b\xdd\x6c\x9a\x5a\xbd\x67\x24\xe7\x26\xb2\x4e\xe4\x2f\x33\xa5\x95\x09\x38\xa1\xf1\xf3\xfc\x7d\xb3\xdf\xa7\xa3\x1f\xbc\x86\x3e\x93\x3c\x5c\xfd\xb7\x77\x87\x63\xfe\x16\xa4\xbd\xa2\x61\x5a\x94\xec\x26\xd1\x78\x74\x87\x02\xb9\xe7\x3b\xcf\xbd\x2d\x46\xcf\x81\x39\xcd\xc5\x47\xc0\x60\x8e\xed\xa0\x90\xb9\x47\xa3\xd0\xa6\x10\x13\x4f\x59\x03\x67\x0b\x56\x5b\x7b\x36\xd1\x50\x2d\xb2\xa7\xb4\xb9\x24\x7e\x6d\x20\x0b\x27\xec\xe9\x2a\xdf\xb0\x0b\xa7\x93\xac\x20\xd5\x57\x3d\x33\x2e\x8b\xd4\x0c\xc7\x90\xa1\x98\x46\x53\x57\x37\xe9\x20\x81\xd2\x1f\x6d\xb6\x9a\x4b\x79\x90\x14\xe0\xe9\xa7\x8f\x14\x13\x4e\xae\x30\xf1\xf1\xff\x04\x2f\x95\x85\x1f\x6d\x0f\xee\x54\x20\x18\x90\x5e\x26\xf6\x74\x39\x0f\xa6\x7f\x4d\x26\x4f\xa3\x6e\x5f\xb2\x51\x5b\xc5\xf3\x33\x4d\xc9\x54\xd2\x20\x53\x48\x1a\x3e\x65\x9a\xe3\x1c\x61\xa2\xdf\x52\xc3\x6c\x9c\xec\xef\x4e\xb8\x9e\xe3\x11\xc7\x1e\x77\x00\xa6\xaf\xab\xec\x66\x04\xc6\x61\x05\xe1\xe6\x04\x91\xa3\xfc\xaf\x2a\xaf\x05\xca\xa1\x53\x87\x81\xeb\x20\xce\x6f\x27\xcf\x3f\x7f\xdb\x49\x9c\xb3\xc6\x32\x4a\xa3\xef\x9e\xe8\x74\x9f\xdd\x40\x4a\x33\xd5\xd4\xc7\x1b\xc6\x6d\x0a\xa8\xcf\x1b\xe7\xcb\x6b\x57\xb4\x8a\xc1\x3f\xc3\x90\xdb\x25\xb4\x36\xd4\x4a\x79\x27\xf3\xbd\xec\x43\xf2\xf7\xd5\x35\x45\xdb\xc3\x21\xda\x43\x5f\xd8\xf2\x38\x1f\x7d\x3b\x2b\x2a\x7b\xba\x2a\x99\x20\x9e\x4f\x6e\x7f\x61\x2c\x06\x67\x14\xcb\xf6\x61\xba\xcd\xd6\x2a\xa8\x8c\x21\x03\x62\x92\x25\x32\x5d\x29\x76\x89\x84\xbd\x10\xe7\xf6\x02\x15\x0a\xc4\x28\x30\x2d\x58\xfd\x80\x02\xf5\xc1\x46\xf0\xfe\x94\xfd\x26\xd9\xf7\x0c\xee\xb1\x27\x8d\x7d\xa5\xb3\x99\x77\x32\x1e\x8a\x9c\x57\x4a\x10\xb7\x7a\xeb\x80\xeb\xff\xe9\xff\xd3\x5f\xe7\xb7\xe3\x86\x02\x2b\x2b\x6c\xc4\x23\xa6\x55\x44\xaf\x78\x16\x44\xa3\xa9\xb7\x30\x03\x18\x94\x0d\xba\xc9\x2c\xd1\xca\xb4\xce\xc1\x50\x54\x2d\xd1\xef\xaa\x05\x5e\x7b\xa7\x2c\xe7\xbe\x29\x61\xfd\x46\x6a\x2e\xd0\x71\x4d\x7a\x84\x5b\xd2\x71\xa6\x16\x76\x76\x93\x06\xbe\x3c\x36\xc4\xb5\xdd\xef\xa8\xa5\xe0\x31\x20\x86\x40\x92\x22\x66\x53\x62\xea\x94\xda\x6c\x5c\x96\x35\x43\xb6\x8d\x00\xae\x95\x00\xae\x8d\x00\xd6\xdf\xb8\x2c\xd6\x41\x7a\xd0\x41\xe6\x7a\xdd\xf2\xed\x8e\xb4\x70\xb4\x5c\x05\x3e\xf1\xbd\xf5\xbc\xd6\x64\xde\x79\x43\x99\x6e\x24\x7a\xc1\x84\xd3\x76\x3f\x36\x3d\x33\xdb\x0b\x79\x92\xe5\x2e\x62\xde\xe4\x8f\x5d\xe4\xbd\xd1\xf8\x33\xc7\xea\xa7\x2e\x3d\xdc\x90\x45\xe9\xdf\x58\x66\xca\xdd\x7c\x67\xb6\x3b\x77\xfc\x59\x50\x2e\xec\x15\x2b\xbf\x3c\xd8\xd4\x99\x6b\xba\x11\x7f\x27\x10\x5e\xeb\xf8\xec\x59\x39\x2d\x24\x76\x20\xf7\x3b\x56\x5a\xe1\xaf\xf9\x87\xe2\x52\x35\xe1\x40\x15\xc3\x8f\x17\x0c\xaa\xe7\x1c\x06\x94\xfc\xd3\x0f\xab\xfd\x63\x13\x9b\xf6\x77\x7c\xe5\xb2\x65\xc0\xd6\x83\x41\x7e\xd9\x26\x07\xfd\xb2\x5d\xe8\x9d\xd9\xea\x45\x79\x73\x5d\xa4\xb9\xb0\xbd\x7b\xd7\xd7\xc8\x9c\x2b\xb4\x3f\x22\xbd\x16\xa2\xce\x39\x3b\xd6\x86\xba\xfd\x65\x09\x40\x86\xd9\xe9\x06\x65\x36\x66\x8c\xce\xba\x82\x36\x32\x75\xaf\xab\x18\x71\xd1\x42\x09\x1c\xd7\x07\x60\x20\x78\x50\x17\xd1\xaf\x03\x34\xae\x1f\x52\xc2\x48\x8a\x49\xdf\x2d\x4e\xb5\xce\xdd\xb3\xd6\x6e\xda\x97\x23\x83\x66\xba\x05\x63\x34\xd4\xab\x80\x72\x6b\x55\x38\x46\x95\x96\xec\xd3\x08\x68\x77\x4f\x42\x95\x80\x35\xfd\x28\xc0\x96\x4f\x72\x74\x73\xe6\xf8\xa5\x48\x31\xa5\x48\x38\xc0\x73\xbb\x11\xfe\x1c\x72\x41\xe8\x06\xa1\xb8\x44\xd1\xa0\x66\xd6\xf8\x33\x46\x53\xec\x9e\x91\x61\x15\xd0\x7b\xca\x23\x5e\x1d\x8e\xa9\xb1\xfa\xd7\x11\xf9\x9d\xfe\x4a\xa9\x6d\x3c\x7d\x7c\xee\x91\x5b\xc5\xf6\xc5\x4d\x59\x96\xa9\x52\x71\x40\x80\xa7\x17\x99\x6f\xde\x13\xdc\xf8\x87\x02\x4c\xae\x71\xb0\xfc\x17\x73\xf8\xe3\xc3\x24\x92\x8d\x7f\xb6\xeb\xd8\x2c\xb0\x13\x45\x12\x45\x5f\x2b\x7e\xfb\x43\xf7\x82\xcc\x94\x3a\xb7\xc6\xa9\xed\xfb\x9e\x25\xb3\x25\x45\xfe\x5b\xd5\x5d\x5b\xd2\xba\x65\xe3\xf2\x27\x72\x63\xbb\xff\x08\x54\x61\xcb\x3c\x8d\x6c\x3a\x42\x5f\x55\x09\x8a\xfb\xad\x09\x9e\x3e\x3c\x54\xac\xd9\x76\x7a\x3e\xc6\x7b\xc1\xc9\x0f\xe5\xf9\xc3\x56\x7e\xde\x76\xe3\x61\x01\xdb\x7d\x52\x60\x83\xd3\xac\x57\x07\x78\x59\xf9\x92\x30\xdc\x4f\x50\xeb\x73\x8d\x88\xb8\x83\x27\x58\x28\x91\xe0\xf6\x39\xc2\x94\x50\x6d\x00\x78\xac\xd9\x78\xac\xe9\xf8\x01\x64\x01\x15\x60\xff\x52\x9b\xee\xce\x58\x66\xc6\x7a\xff\xaa\x52\xe7\x2e\x51\x3c\x20\x76\xc3\x51\xdc\x7d\xe8\x1e\x34\x69\x37\x50\x56\x6a\x7f\x14\xd7\xf1\x9b\x12\x74\x42\xf0\xc5\x8a\x51\xe2\xe0\x29\x87\x63\x12\xae\x0e\x38\x06\x47\xc7\xd4\xd7\x52\x47\x53\x5d\x6d\x09\xd6\xe3\x38\xae\xc3\xf2\x7b\xbc\xd8\x76\xfa\x03\x84\xc4\x88\x55\x21\x08\x45\x17\xba\x12\x1f\xa8\xc4\x86\xb2\x2f\x3a\x7e\x48\x8a\xda\x39\x16\xac\x2e\x94\xf4\xe9\x17\xd0\x39\x0c\xc9\x53\x8c\x65\x34\x76\x86\x4a\x5b\xee\x60\xc2\x94\x35\x7f\x39\xc7\x16\x5b\xb5\x27\xa1\x0a\x6b\xe4\x9b\xe7\x5d\x9c\xc5\xdc\xf6\x22\xb9\x0b\x5d\x7b\xfd\xe0\x4f\x6c\x19\xb4\xc1\xe7\xb0\x53\xcb\x7a\xa2\x10\xc6\xab\x82\x57\xb8\xa0\x49\x9b\x24\xe9\x62\x36\xd9\x06\x12\x18\xbf\x21\x54\xa1\x3b\xd1\xdf\x89\x6c\x30\x49\x03\x22\xdf\xc0\x2a\x0c\x31\x98\x54\x43\xb9\x25\x7f\xf8\x0b\xc8\x7c\xbf\x0c\xc4\x35\x7d\x2e\x4e\x9d\xce\xd2\x13\xb9\x5d\x48\xd3\xfe\xb7\x2d\x80\x30\x08\x4e\xe8\x1a\x53\xba\x19\x1f\xba\xff\xad\xc7\xd7\x09\xd1\x59\x6d\x5d\xd7\xc1\xea\x40\xe0\x0a\x4f\xcb\xa8\x79\xf7\xd5\xea\x66\x82\x95\x97\x61\x13\x57\x44\xda\x7b\xe6\x56\x39\x59\x7b\x87\xd7\x53\x98\x3a\xcd\xfd\x55\xae\xde\x12\xb9\xe8\x5c\x63\xc9\x59\xc1\x8d\x72\x70\x3a\xd9\xd0\x6e\x9e\x80\x14\xc7\xce\x76\xb3\xa2\x34\x37\xb9\x68\x51\x18\x41\x96\x38\x62\xde\xfa\x81\x9a\xac\xd5\x54\xb1\x76\x1f\x84\x7e\xf5\x2c\x5a\xb6\xd4\xe1\x14\x94\x15\x5a\xff\xa6\xb6\x3c\x75\x79\x74\xc6\x1a\x03\x76\x33\x69\xdd\x54\x69\x8b\x0d\x4e\x19\x3b\x0f\x80\x79\x65\xa3\x04\xb5\x12\xd7\x36\x59\xc0\x9b\xf0\xfc\x4c\xc7\xb3\x5a\xaf\xed\x69\x8d\x06\xbc\x0b\x59\x27\xf9\x21\x41\x9b\xed\x93\x10\x05\x98\x81\x2b\x46\x95\x86\x0f\xcc\x38\x5f\x5d\x5f\xbe\xae\xeb\x5a\x8c\xdf\xef\x9a\xec\x29\x85\xa9\x1c\x10\x74\xc1\xd9\x47\xf5\x06\x4d\x0a\x4e\xc6\x75\x6d\xcc\xf0\xfd\xe8\xcc\x6f\x38\x01\x02\xc6\xdc\x98\xe2\xf5\xb0\x26\x7f\xe9\x91\x6a\x1b\x9c\xd5\xc8\xd8\x94\x30\x4e\x9e\x05\xf7\x3c\x2d\x55\x08\xfd\x7d\x9b\x6b\x7e\x19\xc8\xc4\x1f\x08\x7a\xb2\x8d\xad\xf0\x11\x30\xf5\x2e\x6f\xe1\xda\x1c\xe7\xc5\xca\xdd\xb4\x05\x5c\x9d\xb3\x93\x85\xa6\x3b\x00\xfa\x3e\x59\x9c\x48\xf9\xdd\xe5\x5a\x22\x25\x0c\x5c\x74\x6a\x5a\xe3\x2b\x05\x7e\xb8\x1e\x30\xbe\x47\x5f\xba\x03\x40\x6a\x6b\xc1\x5b\x35\xc4\x3f\xe8\xe9\xb2\x32\x4f\x03\x95\x55\x5a\x1f\xfa\x3b\x41\xed\x7b\x5f\x6a\xa9\x0d\xbe\x0d\x6c\xaa\x7f\x5a\x34\x0d\x65\x2e\xc6\x5c\x73\xb4\x1c\x53\x11\x9c\xd2\x13\xc1\x5e\x50\x0d\x0f\x77\x02\x25\xb7\x05\xb0\x79\x55\x76\xe0\xf5\x87\x02\x05\xf6\x02\xe7\x94\xda\x05\xe4\x00\x2d\x15\xaf\x1f\xb5\x2e\xb9\x6b\xba\xd1\xee\x64\x1d\x89\x47\xb7\x01\x21\x0b\x00\x6a\x39\x41\x6b\x02\xf1\xbe\x7f\xc5\x22\x1a\x2f\x41\x64\x46\x62\xb4\x54\xc4\x79\x8e\x9e\xea\xec\x6d\x85\x28\x9e\x02\xc5\x68\xc9\xc5\x89\xfe\xfc\x03\x00\xf5\x26\x81\x91\x05\x2d\xe2\xf8\x40\x7f\xe6\x44\xe2\x18\xfd\x23\x51\x7c\xe9\xb3\x6e\xf4\x53\x1a\x99\xdf\x74\x7f\x09\x9c\x56\x55\x01\x36\x1e\xa6\x9a\x1e\x06\xf8\x63\x63\x24\x0b\xdc\x64\x6a\xdb\x68\x44\xa2\xd1\x44\x3b\xe7\x9f\xc0\xbe\xad\xc4\x92\x46\xa1\xce\xec\x16\x3a\xbd\xb8\x72\x8c\x9f\x5a\x3f\x19\x92\x9e\xbf\x91\xf4\x8a\x96\x49\x78\x63\x1b\xf2\xfd\x9d\x45\x56\x45\xa9\x5f\x63\xa8\xdb\x45\x48\x9d\x48\x26\x22\x4e\x7f\x7e\x74\x81\x57\x10\x0a\x45\x85\x84\xed\x53\xd6\xd7\x83\x89\xf5\x2c\xd5\xf4\x89\xfe\x8a\x13\x4b\x72\x1b\xf9\x15\xe7\x90\xa3\xa8\x8d\x89\x4b\x16\xb5\x73\xa4\x13\x43\x72\x09\xde\x05\x53\x40\x6e\x46\x17\xa2\xfe\x2c\xb0\x28\x25\xd1\x53\x9d\xa9\xf3\x18\xa5\x0e\x98\x5a\x66\x88\x89\x84\xf6\xda\xf3\x35\xbe\x84\x7a\xb1\xa6\x24\x28\x52\xf3\x1b\xb1\x8b\xbd\xd9\xc5\x78\x56\xee\xf4\xfb\x99\xde\x4a\x07\x49\xcc\x32\xe2\x07\xda\x24\x0d\xa0\x3f\xd0\x98\xc6\x2d\x3c\x11\x93\xcf\x51\x1e\xac\xec\xce\x5d\xd8\x7c\x05\x94\x40\x3a\x05\x87\xde\x6e\x74\x69\xd1\x99\x65\x57\x2f\x50\x19\x2e\xd6\x96\x4a\x53\x5c\xca\xc3\x88\x20\x89\x6c\xf6\x6c\x5a\xc8\xc7\x23\xe7\xd4\xfb\x07\xe8\x31\x6f\xde\x65\x66\x96\x8e\x88\x4c\x77\xf4\xa7\x89\xaa\x31\xba\x0a\x54\x94\xff\x1f\x49\x67\xad\x24\xbd\x0e\x05\xe1\x07\x72\x20\x33\x84\x63\x98\x31\x33\x67\x66\x66\xf6\xd3\xdf\xda\xff\x46\x5b\x9b\xb8\x64\xa9\x75\xfa\x6b\xd5\x19\xcb\x14\x4f\x74\xe4\xce\xd1\xa8\x2f\xe3\x95\x23\x18\x3f\x4b\x6a\x2e\xef\xd4\x52\xbe\x96\x63\x3e\x98\x94\x81\xd7\xc0\xca\x03\x53\xd9\x03\x44\xd4\x8e\x3e\x9a\x7a\xb1\xc6\xb8\x90\xfb\x8a\xe3\x89\xfe\x7b\xf3\xad\x34\x7e\x04\xf1\x90\x0c\xa5\x2a\xeb\x4a\x21\xc3\x35\x59\xf2\x54\x53\x3d\x2e\x3c\x7e\x1f\x7b\x29\x82\x82\x68\x13\x09\xc6\x81\x77\xb5\x5e\x51\xd8\xe3\x1a\x38\x83\x4a\x63\x74\x77\x0c\x1c\xe2\xf7\x4b\xd3\x14\x45\x5d\x44\x06\xe5\x85\x79\x64\xca\xc4\x08\x13\x54\x6b\xc8\xc1\x20\xa9\x3e\x80\x78\x0b\x74\x31\xf7\x7d\x3f\x40\xf6\x54\x61\x1d\xe7\x81\xfc\xdf\x44\xfd\xe0\x55\x74\x17\xe4\xb3\x0f\x61\x7b\xa9\xe3\x3d\xca\x88\x3e\xc6\x47\x28\xf2\x76\x2d\x60\x85\xf9\xdd\x04\x77\x7e\xed\x5d\x9f\x74\xd1\x1c\xde\xa9\xcf\xa8\x86\x53\x3c\x32\x37\xa8\x72\xa7\x47\xa4\xf2\x23\x81\x27\xf9\x91\xb8\x33\x3d\x54\x7a\x7b\xc3\x52\xbe\x1d\x67\xff\x70\x88\xd2\x27\x7d\x92\x88\xb6\x50\xfd\x72\x8b\x69\x43\x06\xba\x9e\xa3\xb9\xe7\x79\x51\x33\xd2\x3a\xb9\x33\x0d\x81\x7c\x30\x5e\x0a\x27\x8b\xd5\xf9\x2b\x0d\x7f\x60\x40\x2d\xcf\x16\xf1\x5c\x32\xf1\x22\xfc\x74\x8e\x33\xfb\xdc\x82\x04\x0b\xfa\x4e\x0a\x07\xef\xaa\x4d\xdb\xe6\x00\x93\xb9\xb1\xfb\xc3\x4e\x9e\xd1\x5c\x69\x6a\x3d\x32\x10\xc1\xf7\x51\x61\x88\x2f\x53\x84\x7e\xe8\xc3\xb9\x58\x33\x60\x27\xc6\x0d\xfa\x34\x5e\xe9\xee\x5f\x65\xd6\xd9\x4a\x93\x93\xa0\x9f\x93\xa0\x27\x08\x04\x60\xb3\x33\x7b\xaf\x46\x25\x36\xae\xb1\x67\x79\xa0\xbe\x49\xc4\xc1\xbf\x7b\xbe\x10\x3f\x0e\x45\x9c\x1e\x22\xb8\x78\xf9\x98\x57\xf6\x70\xdd\x7e\x36\x52\x48\x30\x2e\xf0\x2c\x13\x43\xe7\x2f\x75\xe7\x0e\x2b\x0c\x8e\x20\x61\x72\x15\x20\xb7\x52\xeb\xaa\x22\x14\x44\x75\x6a\xdd\xed\x32\x03\xfc\x18\x4b\x18\xd9\xef\x58\xe7\x1f\x66\xbe\x1d\xc7\xbe\xb5\x22\xfe\xb1\x59\xa0\x48\x8e\x1b\x1d\xa8\x19\x2c\xee\x77\x22\x65\x5a\xb8\x2d\x41\xf2\xd5\x8b\x59\xfd\x30\xbc\x61\x26\xde\xde\xec\x08\x8d\x73\xe0\x4f\x31\xe5\xe3\x16\xed\x6a\x25\x40\xcf\xf5\x9d\x51\x4a\x5a\xe9\xef\x9f\x1f\xfd\x71\x54\x6f\x12\x67\x95\xd3\x10\x4d\x5f\x7e\x46\x92\x16\xb1\x52\x3b\x84\xbd\x25\xda\xfa\xab\x3e\x82\xc7\x49\x54\x17\x3f\x31\xa2\x54\x29\x29\x85\x4a\x67\xdb\x25\x8a\x5a\xdf\xb7\x69\xfb\xd7\xfe\x0d\x8d\x83\xa6\x1f\x15\xd6\xed\x5c\x6c\x98\x05\x29\x76\x30\xb4\xf1\x36\x6b\xa3\x8b\xa6\xe6\x42\xc6\x73\xb1\xad\x9e\x92\xe7\x59\x01\xc1\x7d\x8f\xe0\xcb\xd3\x0f\xf3\xdf\xe4\x21\x00\xdc\xef\x1d\xaa\xfd\x05\x3d\xb6\xd4\x34\x8b\x3c\xbc\xf1\x4e\xbc\x14\x85\x19\x55\x25\x6b\x27\xe7\xe2\xcc\x95\x95\xc0\x14\xbf\x26\xde\xe0\x57\x9c\x97\x65\x10\x3e\x84\x36\x36\xd4\xe1\xda\x13\x5c\x80\x02\x6c\xb9\x34\x50\xd7\xb6\x6d\x67\x09\xa5\x31\x86\x8a\xb0\x86\xec\xa1\xcf\x14\x4b\xef\x1c\xa1\xef\xbc\xfa\x63\x98\xe8\x61\x8a\xed\x4a\xec\x18\x66\xfb\x2f\xb1\xd5\xdd\xb6\x59\xcc\x03\xbe\xed\x8d\x92\x80\x71\x93\x7b\x3f\x13\xe0\x02\x06\x7d\xf7\x87\x10\xaa\x77\x40\x1a\x24\x35\xb1\x16\x80\x12\xa3\x98\x21\x34\x73\x02\x97\x85\x27\xcd\xb2\xfd\xd8\xb7\x87\x84\x02\x73\xa1\x82\x7e\x77\x69\x08\xa7\x28\xf2\x4e\x8f\x87\xc8\xd5\x73\xb3\x24\xf7\xa8\xbc\xef\x0d\xdd\x76\x80\x61\x58\x2f\x46\xc1\xb7\xfe\xdb\x63\xe4\xb2\x2e\x39\x43\x40\x05\x63\xfe\x5a\xcf\xd8\x38\x59\x3c\x3a\x16\x12\x0b\xb5\xcd\xa9\xda\x2b\x55\x1f\x42\xb2\xc1\x6f\x23\xd4\xa4\x03\xec\x04\x8e\xcf\xdc\x6b\x55\xab\xd2\x27\x60\x25\xc1\x4f\xd6\x03\x69\x28\xec\x27\x84\xd3\x8a\x2d\x9c\x4c\x1d\xf3\x96\xd5\x79\xd7\xb0\x49\x50\xdf\x88\x5b\xaf\x90\x6a\x5a\x2c\x27\x24\x4a\xae\xfe\x90\x55\x3e\xd5\x6a\xe5\x28\xec\x3a\xc7\x57\xfe\xf6\x29\x9c\xf1\x82\x96\x31\x3f\xed\x67\x6d\x81\x3a\x57\x68\xe9\x4e\x83\x4b\xaf\x3b\xaa\x52\xed\x19\x02\x86\x04\x06\x53\x30\xe6\xb1\xe3\x1f\x81\x86\xb4\x3c\x3c\x80\xf2\xff\xfc\x3d\x7f\xd0\xe8\x3f\x1c\x4e\xd0\xa7\x7e\x1e\x00\x43\x13\x12\xa2\xf4\x8d\xdc\xe4\x3d\x31\x85\x2b\x33\xc4\x6f\x4b\x8f\x17\x84\xa5\x3a\x9e\x71\x53\xf0\x50\x69\xf8\x9a\x2a\xb3\x12\x24\x91\x1b\x58\x11\xbf\x45\xb2\xae\x54\x3f\x60\xe7\x4d\x1c\x61\x4f\x68\x01\xd8\x61\x12\x49\x47\x6c\x7d\x74\x28\xcf\xce\xbb\x33\x6a\x2a\xdf\xb0\x55\x6e\x21\x9c\xa4\x28\x0a\x1b\xe7\x79\x3f\xef\xea\xd6\xf6\x9f\xe7\x3b\x70\x98\x05\xdd\x97\xad\x8a\xff\xfb\x45\xec\x09\x4e\xf4\x20\xdd\x50\xcd\x10\xf9\x69\x40\x2e\x07\x4d\x75\xaa\x40\xf6\x79\xbe\xe0\x96\xe0\x91\x3c\xf5\x4a\x93\x87\xa0\x1b\x3a\xc1\xde\x9e\x0c\x5a\x2e\xc9\xfb\xe2\xb7\x9d\x89\x27\x68\x1b\x22\x85\xe8\x5c\x33\x74\xfd\x21\xe9\x72\xfe\x06\x0b\x1d\xe0\x37\x11\x33\x90\x06\xbb\x2e\x44\x95\xfb\x43\xab\x27\xb3\x65\x86\xc8\x56\xf8\xe6\xc8\x27\x46\x3d\x8d\xfb\xcc\xe1\x6a\x7e\x69\x70\x97\x21\xb6\x12\xd8\xcd\xd0\x9d\xfc\xed\xf5\x2b\xb2\xb9\x8f\x1d\xac\x7d\xf3\xaf\xcf\x35\xa5\x56\x82\x98\x41\x06\x72\x53\x53\x94\xce\xe3\xa6\x10\xa2\x8f\x0c\xa8\xa0\xbf\x32\x2f\x39\x84\x2b\xb3\x10\x90\xee\x28\x91\xd3\x87\xd8\x86\xef\x0c\x37\x67\xcf\x4c\xce\xfc\xee\x9d\xa2\xfa\x5a\x23\xe8\xc0\x48\xf1\x9d\x96\xa4\x70\xb6\xc3\xce\xba\x6d\x7b\x92\x42\x87\xed\xe6\x46\x97\x3e\x7d\x5b\x27\x16\x14\xc4\x38\x06\xbb\xb9\x13\x0e\xf7\xe5\x8a\x99\xbf\xa1\x29\x43\x3e\x45\x68\x14\xd7\xfb\x05\xe0\x7c\x57\x62\x03\x2e\x19\x3a\x91\x45\x8f\x21\xbc\xab\xcf\x49\x31\x44\xb2\x81\x03\xb3\x9a\x2f\x67\x40\xb8\x04\x67\x50\x61\x42\xbc\x6b\x6f\x18\x73\xba\xb0\xf3\x5b\xc5\xd0\x0c\x91\xf7\xc5\x28\xca\x3c\x01\xb4\x67\x8c\x09\xce\x78\x95\xf6\xf1\x2e\x49\xb9\xa3\x7c\x5e\xb9\x5a\x4e\x26\x36\x14\x14\x67\x9e\x63\x1b\x25\x04\xc5\x8b\xec\x69\xb0\x33\x04\x4d\x13\x28\x86\x11\xf8\x9d\x41\xd1\xbe\x33\x70\x62\xdd\xbf\x32\x67\x08\x12\x22\xe9\xf3\x7c\x5f\x18\xc6\x7e\xb5\x67\xd4\x66\x09\xea\xd6\x82\x4d\xbe\xba\x68\xa6\x36\xab\xf1\x9d\x04\x9e\xa5\xed\x3c\x18\xcf\x1c\x88\x9d\x8c\xee\xc1\xb7\xb9\x13\x65\x60\xc1\x68\xfc\x28\xc2\xa6\x0f\x00\xbd\xa0\xbc\xee\x57\xd2\xbe\x74\x61\x9a\x6d\x30\xa0\x60\x47\x55\x9c\x59\x83\xfd\xc7\x23\x48\x1a\x30\xc7\xba\x52\xef\xc3\xf4\xfb\x19\xba\xf9\x89\x6d\x28\x86\xfd\x9e\x17\x7d\x05\xb1\x5e\xc8\x67\x3b\x95\x1a\xba\x19\x09\xd4\x3e\x80\xd7\x2f\x00\x00\xa7\xd2\xf5\x64\x18\x8c\xc1\xb3\x4c\x15\x1a\x5f\x4d\x77\x88\x3a\xa8\xa9\x3c\x4a\x88\xff\x54\x96\x1e\x1b\xef\x94\xdd\x14\x46\xbd\xed\x2e\xb6\xf7\x4d\xe0\x16\x7d\xce\xe3\x49\x31\x12\x69\xb4\x55\x79\x1c\x17\x28\x97\x8f\xf0\xfb\x5e\xd7\xef\xcf\x9b\xe8\x82\x36\x41\x8f\xa4\xde\x63\x92\xf7\xd8\xdd\x67\x1d\x21\x7b\x2c\x37\x4c\x39\x76\x8e\xa2\x91\xaa\x26\xdd\x95\x23\x71\x03\xdf\x39\x52\xd4\x78\xc6\x2d\x49\x75\x63\x93\xb6\xbc\xa2\xf1\x4f\x5b\x07\xfb\x2c\x67\x31\xc0\x3c\x6b\xd0\x03\xdc\x54\x99\x52\x56\x55\x0a\x83\x5e\x8c\x29\x0a\x06\x41\x74\x86\x21\x1d\x98\x30\xf8\x23\x76\xe0\xfa\x02\xf9\x71\x8f\x0c\xf3\xa6\xd8\x4e\x1a\x9e\xe6\xce\xdb\x0d\x53\xe0\x0c\x8f\x13\xa4\x07\xea\x98\xfd\x98\x3c\xfb\x1a\x62\x1d\x1e\x65\xa3\x1b\x53\xf4\x25\x69\x66\x2f\xd1\x91\x90\x6b\xa3\xdb\xa7\x90\xf4\x1d\x9e\xc2\x14\x39\xc8\xda\x0a\x50\x04\x27\xfd\xf5\xa0\xa0\xad\x32\x6c\x9d\xfb\x07\x67\x00\xa4\x68\x65\x79\xd2\xe2\xf0\x02\x22\x36\x6a\x70\xfc\x71\xf0\x9c\x97\x45\x33\xfc\x12\x24\x84\x68\xfa\x07\x30\x0c\x1b\x45\xcf\x82\xb2\xcc\xce\x4d\x8d\x7c\x56\xb5\xc9\x8d\x44\xcf\xb5\xa0\x30\x8e\x5f\xa8\xf7\x0f\x92\x37\xe7\x6c\x0f\x85\xfb\x9e\xe1\x79\x42\xc5\x98\x9b\xe0\x85\x78\x2a\x66\xa0\x61\x08\x64\x2d\xa7\xa0\xf0\x81\x18\x86\xa1\x52\xfa\x47\x43\x19\x0d\x18\xe4\x4e\x93\x67\x1b\x2e\x84\xcb\x0c\x51\x6c\xce\xf1\x3c\xde\x22\xed\x0a\xc1\x0e\x7d\x26\xe3\x19\x06\x01\x8c\x51\xdb\x4e\x81\xf8\x0a\x6b\x93\xb4\x49\x51\xdb\xdb\x11\xd8\x70\x9e\xd8\x0a\x83\x12\x6a\xeb\xfd\x4b\xbc\xa2\x75\xfd\x28\xea\xc4\x62\x50\xff\x78\x97\xc7\x09\x50\xa7\x29\x85\x13\x14\x31\xaf\x21\xd6\x1e\x90\x67\x75\x7f\xf9\x99\x64\xa3\xb6\xcd\xdf\xf9\x8b\xa2\xf3\xde\x71\x17\xcb\x89\x1c\x83\x71\x0e\xce\xb3\x40\x96\xa4\xf1\x0e\x7a\xd1\x95\x7a\xfb\x7e\xaf\x06\xb9\x5f\xe8\xa6\x67\x9c\xbc\x3f\xe8\x28\x50\xbf\xaf\x35\x43\x27\x00\xa5\x88\x3d\x57\x62\x92\xdc\x4c\x50\xf4\x9b\xf4\xee\xfc\x72\x79\xb7\x70\xf7\x54\x88\xc5\x01\x31\x6c\xd6\xde\xc6\xf0\xc6\xc7\x69\x86\xc3\x70\x43\x38\x85\x91\xb2\x4c\xe7\x14\x55\x9e\xf4\x1f\xb9\x40\x39\x16\x86\x63\x87\xd4\xc7\xee\x6e\xcf\x06\xc4\x8a\x14\x7d\xec\x81\x4b\x5d\xa4\x59\x87\xa6\x19\xec\xe1\x1f\x3c\x20\xcc\xf9\x73\xf2\x37\x45\x13\x8e\x01\x8e\xbf\x67\xfd\xd5\xcc\xf1\x35\xd8\xb7\xa0\x30\x07\x82\x68\xf3\x88\x46\xe8\xf4\x4f\x8a\x70\x7c\x3f\xf8\x0e\x5c\xce\xd9\x70\x29\xfe\xed\xd9\x26\x6d\x59\x34\xce\x33\x69\xc0\x15\x83\x98\xff\x38\x7b\x19\x96\xfd\x8b\xfd\x58\xd7\x63\xfe\x38\x7a\xbb\x78\x57\xfd\x7c\x11\x86\xa6\x63\x83\x2a\xc7\x17\x73\x31\x32\x51\x67\xa0\x70\x99\x7c\x87\x5a\xd8\xc8\xd6\x39\xbc\x21\xd8\x7b\xbf\xa0\x0e\x6a\xbb\x35\x2b\xb2\xf9\x4f\x54\x82\xcc\x3b\x85\x24\x2c\x46\xd4\x01\xc5\x61\x85\xe6\xcc\x98\xc6\x7a\xc2\xfd\x0b\x00\x14\x6d\x7c\x88\xb2\x93\x74\xa6\x07\x5a\x1a\xe6\x09\x60\xa6\x2c\x4b\xc0\x53\x0c\xa0\xb3\xb6\xbe\xee\x5a\xac\x24\x01\x6a\x19\x82\x20\x21\x84\x40\x90\x97\x7a\xb6\x1d\xb8\x41\x93\xdc\xfb\xe6\xa7\x38\x79\xae\x73\x07\x27\x9e\x9f\x06\x9e\xe4\x46\x33\x5a\xce\x2d\xa7\xfe\xad\x8d\xfe\x55\xd3\xd9\x7f\xdc\xcd\x9c\x5e\x66\xac\x19\x4a\x36\xba\x89\xd8\x37\xa6\xb1\xcf\x76\x14\x32\x06\x88\x0b\x92\x96\x45\x6e\xea\xe7\x88\x2d\xcb\x96\x08\x6c\xf7\xcc\x37\x2b\x7c\x71\x4a\x17\x45\x53\x14\x60\x33\x4a\x77\x94\x2a\xcb\x2c\x3f\xf7\x16\x50\x8f\x8f\x78\x23\xdc\xdc\xe5\x8d\x89\xd9\x8f\x84\x40\xb9\x15\xfb\x7e\x61\x18\x87\x4e\x41\x99\x13\x5b\xa0\x02\x68\x3e\xf6\xb3\x30\xd2\x79\x26\x8e\x64\x68\xf9\xb0\x26\xd5\xc5\xd6\xbd\xb3\x3c\x29\x89\x81\x48\x3c\x83\xf2\x71\xbc\xb0\x67\x53\x01\xa0\x0a\x70\x13\xdc\x07\x6f\xc7\xb3\x9f\xe3\xcc\xa6\x3c\x3b\x3a\x43\xc5\x3f\x3e\xe8\x43\x34\x68\x34\x32\x9f\x7c\x5c\x99\xea\xe3\x0d\x4a\x61\x29\x20\xea\xba\xef\xdc\x7d\x93\xff\xf3\x92\x89\x99\x18\x1f\xf2\x18\x19\xd5\x65\xd0\xb2\xb7\x24\xb1\x3a\x81\x83\xd2\xfb\xd2\x50\x02\x00\x09\x30\xcf\xc8\x31\xe9\x07\x31\x50\x12\xc3\xc6\x16\x4b\x56\xa0\xb7\xf8\x7d\x9c\xe7\x43\xda\xa3\xdb\x43\x94\xde\x36\x00\x7b\x24\x2b\x1a\xd1\x77\xdf\xcf\x19\x1a\xc8\x36\x33\x44\xbe\x01\x80\xe4\x0c\x4d\x12\x58\x80\x87\x2c\x9e\x64\xa1\x53\x97\xe6\x70\x82\xd7\x71\x6e\x38\x17\xa3\x1e\x3a\x8e\x14\x2d\x44\x10\x96\xa0\x92\x13\x26\x51\xfb\x1a\x1a\x59\x51\x5c\xa6\xc9\xb5\x55\x18\x7e\xac\xc5\x9e\xda\x18\xc3\x37\xbe\x01\xd0\xe7\x4e\x2c\x87\x93\x08\x06\x72\x6b\xd4\xc8\x8f\x28\x37\x66\xe7\x53\xdf\xa7\x49\x2f\x73\xb0\xa6\x7d\x0d\x83\x02\x2a\xcb\x4b\x08\xeb\x26\x95\x9e\xc3\x5b\x6d\xe5\xcd\x87\x01\x36\x28\x1d\x80\xe9\x06\x34\xad\x88\x94\xf8\xb6\x28\xe2\x97\x33\xf4\x2c\xcb\x42\xee\x00\x32\xe1\xf2\x34\x47\xf2\x47\x9b\x38\xa1\x2d\x3f\xd8\x45\x48\xc6\x68\xcc\xf2\xe4\xf9\xfb\x66\x18\x5e\x85\x82\x08\xe3\xbb\x47\x16\xa9\x12\x4b\xcb\x33\x2c\x4b\x0f\x41\x7c\xac\x64\xc0\xe9\x53\xe7\x4d\xee\xe1\x0d\x3a\x0f\xa5\xf2\x73\x25\x8f\xd5\x22\xeb\xef\x8e\xd9\xf3\x6f\x74\x87\xd6\x88\x61\xa3\x81\xa2\x7c\xfa\x49\x3f\xe6\x25\xd0\xa0\xd0\xdb\x08\x8d\xb8\x62\x94\x48\xe0\x41\x80\xb9\xdf\x9d\x61\x1e\x12\xa7\x76\xf4\xfe\xe9\x1b\xed\x8a\x38\x18\x80\x09\xb0\x99\xe9\xf7\xc3\x4c\x59\x60\x92\xaa\x5d\x33\xe0\xaf\x0c\x50\xe2\xf3\x31\x4a\xe7\x85\x5e\x3c\x73\x02\x9f\x07\x44\xbd\x9f\x71\x7f\xc8\xb3\x68\x36\x86\x41\x31\x0c\x43\x98\xf7\x8b\x00\x1a\x87\x31\x4f\x9b\xb4\x49\x05\xa6\x09\x00\xdd\xf6\xfb\x59\x40\x54\x1c\xc3\x50\x69\xce\x68\x16\x93\xf7\xde\x36\x67\x5d\x28\x8b\x6c\xf4\x55\x1f\x2d\x4c\x05\xe7\x09\xe5\x88\xbc\x9e\xed\xe9\x22\x25\x48\x93\x3a\x53\xf6\x3d\x0a\xbe\x22\x23\xa9\xf5\x55\x7c\x9b\x97\x03\xd5\xd4\xdf\x3e\x85\xb9\x8d\xa8\x81\xd4\x6e\x1e\xd7\x60\x10\xad\xe9\x5f\xee\x4e\x20\x9a\x49\xd3\xc0\x94\x9a\x63\x2c\xcb\xd2\xce\xd9\x46\xf8\xaa\x0e\xbd\xb9\xed\x0b\x20\xfc\x06\x79\x5e\x72\xaa\xab\xb6\x56\x07\x19\xb8\x8f\x30\x04\x91\x93\x14\x85\xf6\x6b\x72\x9f\x0a\xfe\x6a\xb4\xc9\x50\x05\x76\x92\xd4\x4c\x00\x68\x7c\x0f\x30\xdc\x43\x3b\xc0\x32\x95\x1f\x10\x04\xf2\x38\x1d\x31\x70\x1c\x2e\x89\x84\x7c\xbe\x63\xac\xcd\x07\x31\x0d\xb1\xc2\x37\x3a\x51\x3c\xaf\x9a\xe7\x00\xe5\x89\x22\x51\x9d\xa0\xcd\x7d\xff\x4d\xbd\xea\x3f\xb0\xa3\x39\x7b\x9d\x99\xf5\x6c\xfb\x91\x35\x13\x90\x32\x47\xdb\x11\x52\xec\x35\xad\x5f\x07\x92\xc0\xf9\x73\x50\xf2\x58\x97\x91\x79\x11\x9c\xa1\x21\xc6\xb6\x0e\x71\x7a\xd0\x3c\xdb\x02\xff\x9b\xce\x2f\x04\x30\x9e\x3c\x5e\x47\x52\xf1\x52\x25\xeb\xfe\x47\xa9\xd6\x71\x06\xab\x77\x50\xb6\xa8\x8b\xf6\x95\x1b\x91\xa5\xc2\x70\x9e\x26\xd0\xde\x9c\xe5\x18\x62\x2d\xc6\x3c\x7f\x4c\x17\xf3\xd4\x49\x97\x0b\x0e\x8f\xd7\xe9\x67\xf5\x66\xef\x82\x61\x05\x5f\x6e\x97\xaf\xd6\x45\xa7\x7b\x71\x9c\xa6\xa6\x2f\x37\x41\x8c\xad\xf8\x66\xdf\xe7\xe7\x09\x96\xcd\x82\xc0\x91\x28\xd4\x6d\x37\x44\x8e\x2a\x41\x3e\xb1\x19\x54\x1c\x1b\x03\x93\x01\xb2\xaa\x32\x08\x7d\xe1\x58\x4a\x87\xdd\x32\xfe\xe5\x1f\x26\xa9\x1e\x73\xbb\x32\xfb\xc5\x88\x63\x3f\x31\x95\xbd\xe0\x74\x41\x86\x38\x49\x50\x4a\xa7\x18\x08\xc5\xb0\x36\xf1\xfc\x20\x88\x47\x96\x29\xe9\x5c\x7c\x7e\x77\x74\x04\x27\x65\x67\xcd\xed\x0a\x47\x99\x72\x19\x13\xaa\x5f\xf2\xf9\xf3\x97\x96\x88\x76\x92\x42\x5e\x8a\xa0\x72\xbc\x7b\xe3\x30\xdd\xec\x28\xfc\xc9\xc3\x9d\x0f\x41\x99\x2c\x0b\xc9\x18\xd7\x40\x99\x03\x3f\xba\xe9\x5a\xa8\xc5\x7d\x7f\xda\x36\xd0\x45\x9e\x41\x29\x71\xc7\xca\xb3\x24\x00\xc8\x33\x61\x21\x84\xb7\x7a\x38\x49\xb9\x93\xa3\x58\x7e\x75\x74\x34\x2d\x7d\xc7\xe9\x01\x15\xa7\xd5\x72\x1f\x9d\x36\x3c\x04\xb0\x80\xe6\xa1\xcf\x5b\x0d\x23\x11\x86\x38\xdc\x3f\x7a\x87\x6a\x70\xfe\x98\xb0\xe5\x48\xfb\xa8\x7e\x9b\x79\x3f\x0e\x51\x6c\xeb\x09\x93\x4b\x68\xe6\xe5\xa7\x3b\x90\x3a\x98\x82\x8b\xb2\xd0\x0b\x7f\xd8\x09\xc1\x6f\x3f\x14\x12\x72\x9a\xf1\x79\xee\x9b\xaf\xf1\x51\x59\xfe\x7e\x2a\xae\x74\x04\xff\x93\xf8\x52\xc5\x71\x52\x24\xd5\x80\x1a\x50\x05\x0f\x83\x09\x00\x7c\x3e\x52\xd9\x17\xac\xe5\x41\xf7\x33\xf9\xe3\x36\x9c\x30\x7e\xa5\x0c\xa1\x4a\x47\x3f\x68\x46\xe7\x23\xa7\x29\x17\xa5\x37\x10\x0e\x45\x69\x3a\xbe\x48\xef\x97\x74\x39\x32\xbf\x73\xe3\x03\x98\x2c\xff\x71\x46\xf3\x02\x9a\xfe\x5e\x65\x38\x0f\xd3\x55\x04\x24\x41\xe6\x98\x09\x4c\x18\x26\xd0\x7c\x8c\xdb\x15\x3f\xd6\x8d\x12\x5f\x74\xc8\x01\x43\x08\x39\x86\xe4\xae\x27\x7c\xec\x1b\x92\x3f\xb8\x18\x0f\x86\xc8\x0f\x1c\x2a\xad\x84\xc6\x9c\x2b\x56\xbe\x72\xfc\xef\x0c\x43\xdc\x50\x2b\xe1\x25\xab\xa7\xdc\xfe\xe7\x1d\x9f\xd3\x47\x99\x33\xd5\x51\x2c\xab\xb9\xae\x2e\x93\xaf\x45\xaa\x7e\x18\x9e\x58\x31\xe6\xcc\x77\xa4\xb2\x28\x17\x6d\xd8\x34\x4f\x8d\xba\x49\x1a\x5c\x82\xa7\x39\x96\x34\xad\x53\x62\xc6\xb4\xd8\x74\x37\xf2\x9c\x65\x4d\x68\xfd\xc2\x6b\xce\xe7\x4a\x3a\x68\xf0\x71\x6a\x14\x53\x66\xa8\x3e\x0e\x24\x88\x1b\xe3\x52\x34\x2e\xe8\x26\x80\x98\xd3\xc3\x02\x0e\xbb\xe9\xee\x24\x1f\x23\xce\x7d\xd4\x7e\x4b\xe2\x3a\xf7\xa7\x6a\x38\x58\xd9\xfa\xfc\x6a\x14\x4b\x9b\x28\x2b\xc2\x62\x99\x15\xe8\xa9\x80\x9b\x34\xf8\x6e\x14\xe2\xd4\x86\xbc\x2c\x98\xd7\xed\x88\x04\x42\xc1\xbc\x43\x7e\xe9\xcd\x07\xa9\xe7\xc0\xab\xc5\xe2\x18\x42\xd5\xcd\xcb\xb2\xe2\xbc\x93\x0e\xf6\xcd\x9a\x42\x7f\x2a\x65\xf2\xf4\x68\x1a\x9c\x0d\xcf\x30\x50\x49\xdb\x81\x69\x44\x14\x05\x4a\xed\xfc\xf7\x3e\x57\x34\xc7\x84\xc3\x42\xa5\x60\x62\xe3\x09\xfa\x79\x3f\xb0\x75\x1f\x79\x28\x26\xf1\xe3\x2d\x4f\x00\xd0\x00\xfd\x93\xf8\x0e\x04\xf2\x8c\x13\xe7\x63\x25\x62\x42\x09\x7e\x73\xaf\xdf\xe7\x9e\x96\x62\xb4\x69\x4b\x7f\x3b\xe6\x8a\x69\x62\x42\x68\x34\xbd\x5f\xb6\x09\x8f\x3e\xd8\xc2\xea\x9e\x27\x57\x10\x5d\x06\xa5\x34\x2a\x4d\x47\xd0\x32\x79\x71\x7f\x79\xa1\x30\xa8\xf8\x3c\xa1\x60\x18\x48\xdf\xb2\x1e\xf3\x8b\x01\x8d\x0e\xbb\xe7\xb7\xa1\x53\x19\x1c\x03\x63\x8b\xb4\x7a\xc3\x1f\xed\x36\xf4\xd9\xa5\xb4\xb8\x0f\x70\x8a\x97\xb9\x29\x84\x53\x8a\xd9\x11\xf4\x21\xb1\xd4\x3c\x61\x78\x4f\x8f\xbb\xec\xe8\x0d\x23\xa0\xb2\xf0\x72\x08\xed\x36\x9b\xe5\x04\x97\xcc\x77\xac\x86\x21\xd8\xbf\xad\x8e\x7e\x7f\x94\xac\xf9\x62\x6b\xcb\xab\x87\x0b\x85\x37\x5b\x0d\x61\x52\x95\x0e\x9f\xc9\x8e\x01\xd9\x34\x45\xd2\xfb\x9a\x5d\x40\x41\x15\x73\x3f\x7e\x68\x96\xe1\xba\x90\x47\x4c\x00\x02\x73\x61\x70\xa6\xc7\x3d\x59\xe2\xab\x06\xc9\x1e\x48\x11\xd0\x8d\x33\x58\xd7\x73\x86\xea\xed\x59\x49\x5e\x91\x78\x22\xd9\x8f\x17\x1a\x19\x6c\xa4\x09\x8c\xa9\x9e\xa5\xa5\x0f\x7d\x4f\x03\x0c\xc3\xc2\xf3\x1c\x01\x85\xdf\xf0\xa7\xaa\xd4\xa1\x48\x78\x98\x31\x4b\x40\xdf\x2f\x23\xac\x72\x18\x57\x8b\x11\x35\x3f\x40\xcd\x81\x52\xe4\x63\x44\x8e\xb1\x31\xba\xc2\x98\xbc\xf3\xa9\x13\xd3\x3e\xbe\x77\x7c\x57\x7f\xd9\x9c\xaf\xe3\xd6\x0e\x54\xf8\x0c\x0f\x14\x02\xf4\x8b\x15\xc0\xc7\xe1\x5b\x98\x4c\x11\x07\x63\x2f\x51\x0c\x4e\x6e\x63\xc9\x9b\xce\x3c\x5e\x88\xd4\x6d\xb6\x66\x70\xdb\xdc\xcb\x5b\xcb\x45\xaf\x71\x7d\x4c\xa1\xa6\x44\xfe\xf3\x1b\xc7\xbf\xcc\x9b\x19\x20\x67\x5e\x0b\xd3\xc9\x9c\x76\x99\x74\x8f\xd2\x45\x2c\x82\x90\x0e\xd0\x33\x52\xad\x12\x1a\x1e\xa5\xb3\x85\x49\x63\xc5\x59\x30\x68\x8a\x7a\x3c\x59\xd3\x84\x71\x9e\xbb\x44\xdd\x9d\xa1\xf5\x8f\x26\x2f\x5e\xb1\x2d\x34\x29\x34\x7e\x06\x94\x96\x4f\x56\x14\xcd\x49\x3c\x24\x0c\xef\xb7\x61\x9e\xd9\x59\x07\x6e\x7b\x8a\xa5\x39\xee\xfb\x79\x06\x58\x8e\xae\x41\x94\xb5\x5f\x83\x57\x1e\xdc\x98\x8b\xa0\x9f\x13\x51\xc4\xde\xa9\xc9\xb2\x32\x45\x81\x79\xac\x9e\x51\x60\xe9\x09\xce\x9f\x49\xb5\xeb\xea\xe7\x45\xdc\xdd\xa0\x84\xf2\x7e\xdc\x19\x84\x7e\x48\x32\x3f\x5e\x3e\x84\x11\x2b\x6c\x8e\x9f\x44\x98\x06\x53\xa0\xfb\x9a\xc0\x61\x16\x89\x12\x99\xc1\x91\xbb\xc3\xdb\x68\xd9\xac\xfa\x6d\x00\x7b\xcb\x9f\xaa\xa5\xf3\x17\xa3\x30\xec\x3c\x9d\xf0\xc4\x6d\x4e\xf2\x6c\xde\x66\xa1\x33\x3c\xb1\xdc\x80\x70\xba\x28\xe5\x2e\x5f\x09\xba\x62\x7e\x92\x11\xb2\x41\x31\x62\xcb\x8a\xc8\xa6\xbb\x0c\x87\xae\x84\x2e\x49\xf1\xfc\xe7\x37\x08\x04\xe8\xc7\xf2\x3c\x61\x11\x01\x74\x05\xdb\x8f\xe6\x23\x10\xbd\x99\xfa\x45\x56\xe1\x16\xe0\x26\x0d\x4d\x4f\x51\x00\x5d\xe0\x00\x67\x4e\x16\x6e\x2d\x74\x90\x96\xbd\x57\x71\x2f\xab\xcb\x86\x27\xae\xfd\xe4\x90\xf1\xe3\x1a\x3f\x0c\x7f\x88\x13\x3e\xa4\x1a\xa2\x21\x74\x8c\x8a\xc8\x20\x18\xdb\x8f\xf1\x4c\xd3\x4d\x1f\x11\xd2\x82\x41\xf3\x3e\xc1\x8b\xce\x65\x6a\x2c\x0f\x3d\x86\x2e\x9b\xb3\x04\xa7\xe7\x11\x7d\xc2\xbf\xcb\x8d\x61\xed\x9d\x86\xba\xa5\xbc\x44\x52\x9e\x9a\xae\x93\x29\x3d\x2c\x99\x67\x9c\xa9\xff\x07\x4c\xb4\x90\xed\xaa\x83\x30\xd4\x06\x09\x40\xac\x70\x51\xa4\xe6\x17\x63\x08\x5c\xa5\x28\xf4\xb1\x2f\xdc\xe5\x05\x30\x0a\x6b\xd2\xa2\x56\xaa\x26\x70\xb4\x0c\x52\x80\xea\x31\x73\xcc\xeb\xda\x8d\x8f\x43\x54\x70\xe1\xcb\xb6\x17\xff\xa4\x1f\xf2\xbe\x74\x56\xe0\xab\x60\x2f\xcc\x01\xd2\xfc\xd9\x8d\xa4\x89\xb5\xd4\xc3\x74\x86\x02\xd4\x69\x61\x2b\x82\x96\x75\xf2\xd0\x87\x92\x45\x82\xa1\x1c\x0d\xbe\xdb\xe2\xbc\x58\xde\x13\xe1\xec\xd7\x76\x06\xd4\x5b\x65\x7c\x50\x34\x79\x70\xce\x88\xe7\x71\x5a\xd2\xcc\xd5\x6f\xa0\xf0\x2b\x53\x4c\x91\x8a\xdb\x96\x06\x52\x10\x32\xfa\x88\x19\xc0\x88\x11\x3b\xb4\x0f\xd8\xa6\x2d\xc9\x47\xf1\x89\x50\x82\x06\x29\x9d\xc3\x3f\xe8\xa4\xc6\x2d\x8d\xe8\xb5\xb8\x95\x92\xd1\xec\x8c\x86\x19\x61\xea\xb3\x9f\x23\xeb\xcc\xe9\x5a\x3b\x6e\xef\x10\x8b\x86\x51\x38\x32\x73\xd4\x30\x11\x10\x4d\x79\x3b\xf2\x01\xa5\x40\x21\x84\x71\x3e\x13\xe5\x8f\xa6\xc2\x89\xd2\x4b\x25\xf7\xfe\x12\xad\xb0\x6c\x3e\xf1\x9d\x16\x24\x39\x8e\xc3\x0c\x50\x9c\x60\x72\xeb\x7d\x33\xb1\x2d\x5d\x7c\xbd\x02\x88\xdf\x4c\x96\x32\xa5\x0b\x00\x20\x0f\xe3\x08\x51\x0b\xb9\xad\x8f\xa7\xbb\x3e\x92\x63\x0c\x4e\x40\xf0\xb8\x0e\x8a\x69\x60\x2f\xfe\xc7\xda\x65\x09\x28\x95\xf8\x77\x5e\x78\x0b\x52\xd9\xb1\x52\x64\xa5\x82\x51\xf8\x1b\x9a\xfe\xed\x63\x78\x5c\x5f\x7d\x10\x0f\xe1\x94\x0e\x6a\x21\x91\xf1\xa5\xb5\x24\x11\x73\xee\xfd\xe3\x3b\x8a\xa2\x70\x71\x2f\x04\xe7\x39\xca\xd7\x2c\xa9\x29\x02\x00\xbb\x5f\x70\x9b\x32\xe3\xab\xd8\xab\xf4\x4a\x17\x81\x54\x17\xe3\x63\xf1\x7a\x03\xf0\x87\x29\xb6\x41\x9c\x7e\x03\xd3\x19\xbd\xa5\xff\xb5\x37\x99\x87\xe7\x46\x17\xa5\xd4\xf5\xbc\xc1\x51\xba\x9b\x63\x21\x66\xba\x18\x45\xa2\x11\x9e\x7b\xfb\x71\x5b\x1f\x40\x3c\x4c\xe6\x81\x83\xaf\x4e\x6a\x90\x72\xa6\xb8\x5b\x80\xe4\x70\x52\x92\x19\x76\x86\x00\x2d\xcf\xd5\x30\x9a\x67\xdd\x40\xb9\x14\x22\x55\x11\xac\xd3\xf9\x5f\x5b\xf0\x59\x9e\xbb\x37\xd6\x15\x3e\x4a\x78\x86\xc1\x68\xe8\x7b\x7a\x50\x7d\x2a\xcf\x77\x41\x7d\x6e\xe1\xe3\xd9\x2c\xcb\x5a\xd5\x97\x1d\x2a\xe1\xdf\x07\xb2\xda\x97\x09\x42\xbb\xac\x5f\xed\x61\x34\xa8\x64\x4e\x33\x8d\x43\x3b\x02\x39\x44\x8d\xe3\xda\xdf\xd4\x39\x14\x30\xe3\x9c\x1b\x5c\x0b\x98\x08\xb3\xc8\xce\xc5\x3e\x5d\xd0\xa0\x6c\xdb\xf8\x79\x3e\xdd\x5b\xc1\xbf\x09\xe3\xf1\xa0\x5e\x92\xb9\x8a\x7e\x54\x70\x6d\x69\x72\xef\xad\xf5\x68\xe3\x4b\xe9\x2d\x66\xbd\x10\xf3\x8d\x0e\x65\x27\xae\x67\xe2\x93\x6e\x12\xc2\xa3\x41\x43\x5f\x0f\x44\xd4\x1e\xcf\xe3\x24\x9d\xcb\xb6\xfc\x9b\xbc\x4d\xb9\x9c\xde\x7a\x9b\x0a\x85\x03\xf9\xe3\x4b\xf1\x13\x1b\x54\xc5\x13\xcd\xb2\x9b\xd9\xb4\xaf\x89\xeb\xf4\xce\x46\x19\xd8\xd9\x40\xa6\x38\xbe\x04\x26\x3e\xe6\xf3\x85\x08\xcd\x10\x73\x4e\xa0\xa8\xfe\x85\xa8\x34\x5c\xf4\x1f\x96\x32\x08\xa7\x50\xd4\x05\x4e\x8c\x22\x7d\x63\x44\x0e\x46\x71\x0e\x8c\x2e\xbe\x73\x32\xac\xd0\x89\x91\x86\x18\x88\xa4\x24\x89\xb4\x9b\x43\xd1\x96\x2a\x9b\xe2\x78\xd4\xb0\x6a\xd0\xc7\xb2\x34\xff\xcb\x5a\x1f\x36\xd1\x9a\xe9\xfd\xd0\x8f\xc4\x7e\xa4\x6f\xf3\x16\x67\x30\xf0\xf6\x71\x6b\xf1\xdd\x19\xa2\x48\x43\xa6\x33\x7b\x50\xb0\xd8\x0b\x9b\x32\x28\xa5\x3c\xdb\x8c\x93\x2a\xc4\x3e\x50\x88\x52\xbb\x2e\x92\x35\xc3\x5b\x9e\xc0\xe6\x9b\x22\xbc\x06\x9f\x2c\x77\xc1\x5f\x09\x1f\xc4\x4c\xea\xc1\xa3\x0c\xe7\x9a\xdd\xd6\x74\x95\x9a\x2c\x71\x12\xa7\x15\x3b\x5e\x2f\x13\xe6\x8d\x2f\x05\x1d\xc3\x54\x34\x7f\xe5\x12\x18\x1f\x13\x9f\xa2\x0a\x4d\xee\x1c\xf3\x6f\xf7\x4f\xde\x1d\x30\x94\x41\xae\xb0\xb6\xbb\x1b\x24\xe3\x73\x8c\x21\x14\xe9\x83\x9d\xd8\x4b\x6c\x4c\x02\x91\x9b\x09\xd2\x03\x1b\x43\x02\xdf\x02\x6d\x87\xc6\xa8\xf3\x18\x4d\x63\x2b\xed\x1b\xf8\x7d\xe8\xc3\xb9\xf6\x9a\x6e\xdf\xa0\xdb\x9a\xc0\x5b\xfb\xb9\x74\x44\x0f\xfd\x80\xbb\x06\xcb\xfe\x8c\x2d\x01\x45\x5a\x18\x26\xfd\x4b\x7d\xfb\x1b\xe2\xcf\xc2\x1e\x34\x38\x3c\x39\xa8\x15\xd7\xd6\x2e\x34\x6e\x6c\x4f\x12\x4a\x45\xfc\x9c\x75\x02\xbf\x5f\x06\x19\x4d\xaf\x1e\xfc\xde\x75\x15\x71\x35\x82\xf4\xbb\xa1\x49\xa4\xff\xa0\x60\x27\x94\xd0\x0e\xf4\x3d\x1a\x88\xbd\xe5\xca\x11\x78\x08\x92\x9f\x61\x8a\x0c\xeb\xf0\x12\x28\xaf\xb6\x01\x83\x0f\x80\x40\x9f\x44\xfd\x86\xf0\x8e\x28\xf1\x55\x9e\x58\xf8\x12\x93\xfb\xc9\xc2\x81\x38\xc2\xda\x12\x0a\x6b\xd5\xf2\x9f\xf5\xfa\x5e\x67\xca\xc3\x6b\x76\xb3\xe2\x8c\x18\xc5\x58\x9a\x57\xca\x46\x02\x9d\x6a\xef\xe0\x97\x45\xfa\x72\x1c\xb8\x7d\x8b\x9e\xd6\xab\xa5\xdf\xa9\x76\x6c\xa2\x3b\xd9\xce\x3a\x38\xbc\xbd\x69\xf0\x6c\x23\x94\xad\x7d\xf6\x22\x42\x4b\xa7\x35\xa8\xc0\x26\xf1\x88\xef\x7b\xa3\xa3\x32\xa7\x89\x5d\xa4\xda\x52\xb7\xe6\x62\x83\xce\x2c\x66\x2b\x7f\xe8\xc4\xbc\x68\x43\x7c\x58\x9f\x36\x47\x60\xac\x7a\x2f\xab\x08\x69\x41\x9e\x01\x95\x5a\x16\xed\xbe\x7b\xa3\xac\x1f\x78\xc5\x58\xca\xc8\x01\x55\x42\xad\xcd\x24\x4d\xdd\xe7\x37\x9b\xc6\x16\x20\x11\xa3\x9e\x3a\x18\xf5\xa7\x7b\x25\xf6\xe3\x14\xa8\x84\x27\xdd\x5c\x15\x98\x78\x12\x39\x34\xbf\x84\x6a\x8e\x04\x3d\xc8\x92\x53\x1a\x6b\x8f\x22\xc9\x3c\x7b\x4f\x72\x86\xab\x48\x27\x42\x2b\xad\xf1\x86\x6d\xad\xf4\x6e\x79\xd3\xc0\x39\x3f\xe7\x9c\xd7\xdb\x01\xb2\xab\xb6\xde\x4a\xe8\xb6\x3e\x48\xb4\xa7\xd9\xab\xb9\xa6\x0f\xe7\xbe\xe3\xf5\xc5\x01\xfe\xf5\xe8\xf8\x18\x89\x10\xf2\x1e\x50\x39\xb4\xbb\x53\xdb\x12\x64\x60\x5d\x25\xc9\x7f\x6c\x56\x10\x4a\x63\x73\x35\xa0\x77\xb1\xa5\x70\x92\x13\xb6\x66\x47\x10\xec\xb7\x96\x4a\xa0\x8f\xfd\xe3\x78\x9d\x6c\x0f\x0c\x4f\x9b\x21\x66\xdf\x26\x74\x36\x52\x27\x87\x83\x49\x47\x8b\xde\x78\xc2\x5a\x6e\x6d\x7e\x60\x25\x6f\x75\x06\x00\xbc\xe1\x4e\xe7\x66\x95\xc7\x0a\x23\x0d\x92\xd6\x82\x54\xcb\x2e\xb9\x37\xd3\xa2\xcc\x73\x12\x6c\xab\xe2\x74\xb3\xf2\xfc\x2d\xd7\xb4\x48\x4d\x4d\xef\xb5\xe6\x77\x9a\x3c\x99\xdf\x58\x17\xe7\x5c\xf9\x5a\x0a\x6b\xc9\x50\x78\x43\x61\x00\xe7\xed\xbf\xfb\x38\x6a\xdf\xf7\xc3\x3e\x0e\x82\x3e\x0e\xfc\x7e\x4e\xc2\x9e\x28\x42\x7c\xa9\xd9\x99\x93\xe8\xd2\xcc\x56\xf9\xb1\x04\xaf\x37\xef\xee\x3d\x17\x8d\x66\x2f\xb6\xb8\x49\xb3\x9d\xee\x0d\x4b\x27\xe4\x9e\x06\x58\xd1\x5a\x73\x7c\x7b\xc6\xee\xe2\x1f\x7b\x76\x40\x99\x4d\x19\xd1\xd3\x00\xd9\x79\xcf\xff\xea\xbe\xef\xfb\xae\xef\xc7\x41\xbc\x8a\x91\xca\xa6\xab\x83\x40\xd2\xb1\x42\xf3\x9a\x34\x93\xc2\x41\xe7\xc2\x55\xa7\x0a\x28\xfa\x48\xb9\xaa\xd2\x6e\xfe\xab\x93\x4c\xf1\x66\x87\x24\xf2\x2f\xd2\xc0\x7b\xb0\xd5\x5f\x05\xa6\x41\x09\x80\xda\x3f\xd4\x58\xcd\xb8\xa9\x44\x68\x71\x9e\x94\xe0\xc4\xba\x44\x0f\xbf\x6d\x55\x60\xc6\x9e\x1e\x89\xfb\x00\x11\x07\x8a\xdf\x25\xba\xe8\xa5\xae\xf5\x64\x94\x91\x9e\x9c\x25\x05\xf6\x7a\x45\x57\x85\x0f\xe6\x4e\xb6\x9e\xdc\xde\x90\x0b\x30\x23\xf0\x99\x2f\x6a\x8f\x92\x71\x2b\x43\xf2\x6b\xfe\x86\x54\x29\x09\x3b\x29\xce\x31\x29\xcd\x7e\xb1\x15\x55\x67\xea\x5c\xca\x51\x2b\x44\x3c\x97\xf0\x8e\xfd\x11\x42\xfa\x13\x72\x9e\xc7\x55\x09\x37\xec\x4b\x92\xe5\xc8\xf2\x45\xe9\xba\xae\x7e\x65\x3b\xd8\x3d\xc1\xb0\x14\xaa\x7d\xfa\xf5\x9c\x38\xbc\x03\x0d\xef\x4a\xfe\x47\xd2\x6a\x9a\x79\xa8\xb7\xbc\x4d\xe9\x67\x3d\xbf\x2d\x1a\xe4\x26\x19\xe6\x2d\xfd\xdd\x53\xfc\xbb\xbb\x54\xb8\x9d\x1c\x17\xba\x0b\x4e\xda\x2c\x6e\xb4\xb4\xcb\xd4\xa9\x54\xf1\x50\x22\xb8\xfe\xfa\xf2\x53\xc9\x8c\x18\xb4\xac\xca\xbd\x51\xc7\x1b\x37\x19\xed\x9e\x18\xda\x1d\x1b\x9a\x10\x88\xc7\xff\xbb\x93\x4c\x10\xac\x3d\x7c\x93\xae\x33\x32\x0b\x63\x82\x0d\xa3\x6f\x3d\x0e\xaf\xe1\xfc\xea\xf3\x6d\xa1\x03\x89\xee\x13\x69\x0c\xf3\x92\xfc\x49\xa6\x99\x96\x67\x5b\x35\xb5\xde\x54\xe6\x67\x20\xe0\xf3\xbd\x2a\x01\xa8\x0b\x39\xfc\x5b\x99\xf5\xa1\x4f\x45\xa1\x4f\xf5\x81\x77\xd5\x71\xf1\xe0\xeb\xb3\x83\xd0\x9f\x15\xad\xe5\x1f\x10\x19\x27\x9a\x66\xe8\xa4\xaf\xac\x40\x9f\x56\x09\x9b\x8c\x96\x1a\xcf\x3b\xc3\xa0\xc7\xa4\xc2\xc2\x0d\x8e\x87\x2e\x50\x2d\xb4\x53\x66\x50\xfb\xb9\x0a\x9c\x29\x5a\x7b\x45\xa6\xc7\x81\xca\x6f\x6e\x60\x51\xc1\x5b\x5b\x8b\x5b\xb9\xeb\xf5\xd2\xa3\xbd\xd9\xab\xb7\xd1\xad\xb9\xc2\xad\xb5\x11\xaa\xf3\xaa\x87\xec\x7f\x1a\x4a\x87\x8c\xaf\xf5\xce\xf6\x24\x56\x0b\xbf\xb7\xe7\x7f\xed\xc8\xfb\xb2\x7f\x32\xb5\x69\x50\x6a\xaf\xf1\x6e\x94\xf2\x6a\xaf\xfa\xd0\x06\x6d\x94\x8a\x39\xdc\xe1\xe2\x42\x29\x2d\x4f\xa5\x33\x77\x70\x7a\x19\xc1\xea\x93\x4c\x36\x96\xa2\x28\x62\x6d\xa9\xb2\x61\x11\xa3\xbe\x3e\xbc\xd3\x3e\x12\x56\xff\x0a\xe9\xef\xfe\x53\xff\x91\x0e\xc4\x90\x0e\xf1\x92\x0c\xf3\x3a\x93\x45\x3f\x27\xc1\x84\x59\x7f\xbb\x0a\x2a\xdb\x3b\x42\xe2\x21\xfe\xb7\x4b\xfe\xfe\xce\x49\x71\xa6\x14\x03\x39\xf1\xfa\xe5\x61\x32\x37\xbc\x26\xd6\x83\xd5\xc7\x5a\xca\xb8\x36\x1a\x88\x3f\x22\x54\xc3\xf5\xbb\x51\x45\xa6\x0a\xe4\x31\x2f\xc0\x8c\x66\xa5\x59\x8e\x20\x2d\x82\x07\x0a\x1c\xe2\xd1\xf5\xf1\xed\x5a\xd9\x09\x09\x24\xdb\xc3\x42\xb4\xa4\x6a\xa8\xd7\x18\x94\x29\x45\x31\x2e\x03\x4c\x73\x6c\xb7\xd1\x74\xe0\x5d\x76\xbc\x2f\xff\x78\x0d\x8d\x3b\xdf\x5a\x26\xd5\xe6\x31\x6b\x16\xd1\x2d\x8f\xff\xdc\xba\xeb\xbd\x09\x1a\x6f\xd1\xa0\x54\x29\xca\x56\x89\xc2\xfd\xc5\xb4\x7e\x4d\xd0\x8e\x91\xce\x1e\x33\x68\x48\xc8\xc2\xf1\x77\x0a\x6c\xb3\xed\xf3\x41\x6a\x7f\x5a\xb9\x2a\x3f\x19\x4d\xf8\x1e\x74\xc5\x96\x77\xe1\x53\x3d\xda\xaa\xbd\xda\xaa\x01\x73\x72\xbf\xb6\xe7\xff\xad\x86\xf5\x68\xad\xe9\x22\x8c\x19\x22\xcc\xe7\xd2\xf8\xdc\x82\xf5\xc2\x3f\x60\x5b\x31\x6d\xf4\x77\x05\x35\x8d\xd4\x19\x53\x65\xfc\x7c\xaa\x78\xa8\x10\x22\xbf\x32\x08\x4e\xe9\x35\xf5\xd0\x83\xab\x0f\xc8\x59\xa2\xca\x9d\x15\xda\x48\xa7\xe1\x62\x66\x84\x90\x44\xbe\xeb\x03\x91\xc8\x30\x23\x7a\x75\xf9\xed\xd4\x52\xc4\x77\x02\xe0\xf4\x01\x86\xea\xb2\x11\xcd\x15\x10\xcd\xf5\x50\xbd\x8d\x10\x24\x17\xbd\xd4\x74\x9d\x75\x56\x9c\x6e\x53\x3e\x95\xfc\x94\x23\x28\x4f\xec\x70\x3b\x82\x62\x88\x7e\x5e\x11\xe2\x82\xcc\xdb\x11\xeb\x8b\xc6\xe4\x57\xbe\x1c\x23\xa0\x98\xbb\xc2\x30\x8a\x19\x6b\x03\xb4\xa3\xea\x93\x78\x44\xdc\x8c\x15\x7c\xab\x69\xa4\xf6\xd2\xff\x3a\x70\x6e\x7e\x4b\xce\xea\x64\x9f\xef\x57\xa7\xfc\xcd\x47\x9a\xa0\xf9\x56\xa0\x69\x7c\x60\xe9\xe2\x47\x65\x7f\x55\x02\x77\xa7\xdb\xe9\x2a\x44\x76\x76\x85\xa5\x60\x69\x80\xa5\xfb\x82\xe6\x7b\x84\x22\x7b\x84\xea\x5d\xfc\xb3\x0d\x35\xe5\x22\x9e\x85\x73\xd1\x86\x73\xd1\x81\x96\xf2\x6c\x69\xf0\x27\x92\x61\x5e\x11\x68\x3c\x3b\x42\x2f\x4f\x6f\xd1\xdd\xc0\x57\x06\x1a\x12\xc2\xaf\x15\x7e\x2f\xcd\x40\x6f\x36\x98\x35\x82\x84\x34\x28\xaa\xec\xaa\x5c\x9f\x61\x3e\xd2\x0c\x4d\xab\x1b\xeb\xf1\x48\xb5\xa5\x81\xca\xd0\x94\x2c\xc1\x1a\x74\xd5\x2f\xe0\x9e\x60\x4d\x90\x1d\xba\x70\x23\xcd\x17\x38\x09\xfc\x75\x21\x93\x81\x6d\x94\xf5\xff\x4e\x24\xa2\x00\xb0\x9d\x87\x3d\x59\x74\xf3\xfb\xd0\x43\xe8\xe0\x70\x61\x86\x4f\xd4\x3b\x29\x32\xc7\xa3\x8f\x30\xe9\x1b\x67\x77\x74\x06\xb9\x0c\x2c\x11\x8a\xdb\x77\x4a\x7f\xc4\xae\x07\x6f\x6a\x0e\xae\x9f\xbe\xbd\xd9\x85\x1c\x81\xe1\x50\xac\xff\x6b\x3c\x35\x67\x2f\xe5\x63\x8a\xa4\xe2\x1d\x26\x63\xc3\x0d\xd1\x5c\x39\x8a\xf1\x26\x92\x3d\x18\xb0\xe2\x98\x42\x47\x83\x0f\x22\x34\x48\x74\x74\xf7\xc1\x9d\x0f\x43\x09\x65\x61\xef\x7a\xcd\xd5\x1f\x2c\x7f\x18\xd9\x9c\x1e\xa7\x9b\xe5\x9d\x64\x12\x74\x0d\xd0\x7d\xf5\x84\xd2\xda\x03\x52\x6f\x70\x70\x1e\x02\x3e\x53\x8f\x62\xd7\x1f\x61\xb4\x48\x17\xe7\x5b\x30\xc9\xdf\xf1\x2e\xd5\x87\x9e\xdd\x8e\x90\xdd\x8e\x30\x67\xac\x0c\x57\x12\x6a\xf6\x60\xcd\x5d\x1b\x49\xfe\x35\x5e\xfd\x0d\x6f\x5d\x93\x63\x5f\x48\x53\x71\x4e\x17\x38\xb5\x6b\x05\xce\x85\x0e\x34\xd2\x6c\x4c\xbf\x7d\xa7\x93\x31\x89\x15\xb7\x0f\x16\x71\xb6\x65\x1b\x42\x40\x07\xe4\xd9\x90\xf5\x9c\x10\x1c\x1a\x8c\xc8\xe1\xa6\xc3\x49\x7c\x16\xa5\x21\x4f\x1a\xc4\xc5\x9d\xfb\xad\xc6\x4c\x7e\x51\xb2\xc3\xfe\x0c\x30\x92\x09\x82\x66\x69\x3f\x1a\x3a\xf7\x97\x0f\x90\x3e\x2d\x01\x2a\x3b\x9c\x4b\x76\x43\x2f\x17\xb3\x08\x53\xfa\xe8\xb6\x6a\x16\x13\x5c\x4f\x28\xce\xf6\x47\x58\x08\x7a\x48\x7d\x09\xfc\x37\xa3\xb5\x97\x86\x81\x85\xe4\x61\xbe\x87\xa5\xc9\xe8\xd0\x48\x1c\xe5\xf8\x30\x07\x84\xe1\x07\xd8\x31\x95\xc8\x4e\x89\x2e\xf3\x0c\x48\xfe\x9e\x04\xf9\x98\xa0\xfd\x1c\x05\xf5\x14\xff\xec\x2e\xf9\x25\xcb\xbc\x38\xdd\xa2\xb4\x52\xc4\xb3\xa4\xc9\x50\x03\x6e\x70\xf0\x6e\x96\x21\x42\x5e\x99\x49\x2d\x59\x37\xc3\xed\xa3\xb2\x08\xd0\x01\x91\xdb\x55\xa2\x9b\x3a\x78\xc1\x4b\x8a\xf4\xd9\xa9\x00\xb9\x2a\x26\xfc\xad\x2e\x97\xbc\x6e\x7e\xa0\x6e\x47\x18\xcc\x81\xed\x01\x15\x2f\x76\x4c\xd4\xce\xe8\x23\xb9\x33\xca\x4a\x06\x95\x26\x76\xe2\xb8\xf6\x53\x6f\xb6\xf0\x06\x84\x7c\xa2\xdc\xfc\xa5\x3b\x4a\xe1\xd8\x40\xc3\x91\x25\xb0\x10\xc8\x4f\x2b\xb7\x32\xbd\x28\x30\x1b\x26\xf3\xd9\x26\xfd\x0f\x9d\x68\xea\xc7\x5b\x37\x28\x59\x92\x71\x26\xb3\x4a\x6a\xd9\x58\xee\xe6\x25\x31\x4e\x0c\x5b\x92\xa0\x9f\x03\x07\x77\x8a\x35\x79\xb3\xf0\x7b\x67\x01\x54\x86\xa7\x8c\x30\x6a\x80\xe8\x16\x5d\x80\x15\xfe\xd7\xe6\x86\x82\x52\x71\xaa\xa9\x53\x24\x33\xe7\x67\x06\x4c\x12\xa8\x2f\x3c\xb5\x6b\x56\x40\xe7\x0d\x8b\x28\x8c\x3d\x6a\xf2\x0c\x54\xcf\xc9\x87\xfb\x03\xd3\xa3\xf2\x9c\xf3\x0a\x17\x12\xb6\x84\x4a\x52\xab\x01\xba\xf7\x24\x1a\x75\xfe\xdb\x40\x69\x07\xc4\x0a\xd1\xdd\x20\xd5\x51\x98\xfc\x61\xc7\xcf\x3a\x8b\xa6\xd2\xd9\x69\xe7\xbe\x7c\x4d\x93\x85\x81\x97\x7a\xbc\x9d\x1f\x6a\x77\x3d\xc4\x78\x8b\xdd\xd9\x1e\x53\x50\x8e\xbe\xfd\xab\xfa\x4b\x71\x62\x96\xad\x02\xf7\xb1\x04\xff\x7b\xfb\xd5\x49\x5d\x74\x69\x76\xed\xad\x51\x7c\x9c\x9a\x27\xca\xd4\x30\x95\x17\x6b\xb4\xc4\x06\xb2\xa7\x7e\x94\x2c\xca\xb7\xf7\x9c\x86\x7b\x44\xfa\x4e\xe5\x78\x8c\xc5\x78\x97\x21\x67\x6c\xa6\xcf\x87\xfb\x7c\x1c\xcf\x66\x7d\x51\x90\xdb\x5b\x73\xc4\x16\x42\x7d\x15\x4f\x70\x3d\xf5\xba\x82\xfd\xce\xa9\x53\x73\x77\x48\x7c\xb6\x2a\xe7\x3f\x93\x9c\xee\xc3\x82\xb8\xcc\xcb\xe1\x0a\x79\xb4\x13\x74\x92\xe4\xd1\xf6\x40\x04\x40\xc6\xca\x1e\xce\xc3\x87\xaf\x68\xd0\x71\x74\xff\x44\xa4\x68\x91\x15\xfd\xad\xb4\xba\xdb\x88\xb9\x04\x9a\x3f\x6c\x00\xd0\x62\x56\x58\xcd\xd8\x32\x94\x7e\x1e\x66\xf0\x67\x55\x2e\x20\x44\x0b\xf6\xbd\xdc\x59\x9c\xc9\x1b\x54\x59\x05\x9e\x60\xa5\xe7\xd1\xa6\x8c\x85\xbe\x36\x93\xe3\xcc\x50\x47\xc2\x66\x2e\x92\x22\x2c\x87\x15\xd8\x73\x12\xf4\xee\xad\x14\xb7\x0e\x31\xd9\x03\x20\xb1\xeb\x9f\x76\xb4\xc8\x32\x23\xe9\xa3\xc0\x0b\x71\xac\x21\xd0\x76\xbd\xec\x78\x6b\xdf\xa0\xe0\x7b\x33\x26\x9c\x41\x20\x3b\xc3\xc5\x1c\x31\x4a\x37\x5f\x8c\xb5\x54\x96\xea\x51\xca\xad\x2f\xca\x5d\x16\x2a\x41\xb7\xf4\x47\x97\x46\x3b\x91\x46\x3b\xa6\x3b\xda\x06\x97\xa2\x38\xf8\x62\xb4\x1b\x9a\x9a\x76\xe7\x0b\xce\x40\x0a\xbe\xc6\x91\x96\x76\x8e\x37\xba\xaf\x49\x11\x9a\x83\xb9\xd6\x20\x44\xa6\xd2\x12\xbe\xec\xe4\x9f\x58\xba\x23\x14\x23\xf2\x1b\x66\x0e\x61\x4f\xce\xf2\x68\xac\x0b\x59\x95\x18\xc5\x40\x50\xee\x9e\x10\xb5\xa3\xcf\xd6\xca\x8a\xf8\x53\xb5\xf6\xcd\x6c\x06\x15\xf9\x4f\x56\xfa\xc3\xdc\x44\xb5\x90\x7f\xbb\xe1\x07\x2e\x73\x9b\xa9\xfc\x61\x16\xd4\x18\xdd\xba\xba\xba\x43\x44\x48\xa6\x74\x4b\x82\x5e\xb0\xd4\xb0\xe6\x25\x1e\xcc\xb7\xc0\xca\x13\xcb\x1f\x5d\x27\x21\xcc\x57\x9e\x25\x50\xfb\x87\xc8\x4f\xae\xd9\x7f\x85\x04\xff\x06\x2c\x18\xf9\xa1\x90\x5e\xa4\x37\x5b\xc6\x10\x24\x5b\x92\xd5\xf9\x02\xe7\x2b\xe3\x4f\x59\x9c\x62\xd7\x9a\x08\xcd\x24\xf7\x91\x7a\x89\x2e\xf2\x76\x85\x77\xe6\xa3\x3e\x3d\x34\xce\x92\x25\xd4\xcc\x43\x94\xfe\x0e\x15\x8d\xf6\x0c\xde\x3b\xae\x3d\xc6\x7c\xc0\x03\x9c\x3c\x95\x3e\x6c\x7f\x6a\xb0\xcc\x5b\x03\x91\x9d\x08\xe1\x7a\x8f\x66\xd6\xb7\xfa\xe2\x40\xe5\x87\x3d\x58\x67\xd7\xcf\xc3\x6f\x1f\x1f\xe1\x61\x8a\x3b\x4a\xe6\x98\xb9\x61\xdf\xce\x49\x41\xf1\xf6\x35\x57\x96\x4b\xe0\xd9\xfa\x50\x6c\x1f\x7c\x48\x44\x30\x1a\xb0\x4b\x4c\xa9\x93\xe5\x1e\x46\x73\x52\xd9\xa0\x52\xd9\x54\x5f\x3a\x2b\x67\xba\x04\x6f\xc7\x4d\x3e\xff\x21\x80\xf6\xfd\x54\xdf\xf2\x2f\x76\xd7\x82\x52\xe3\x06\x00\x9c\xe5\x71\x95\x57\x4d\xc2\xb4\x08\xd6\xf2\xb5\x64\x56\x92\x01\x20\x29\x87\xb3\x1c\x21\xb2\x25\x99\x53\xa1\x1e\xfd\xd8\xa0\x80\x8a\x05\x50\x00\x86\x2a\xf8\x37\x21\xc6\x0c\x00\xa3\xdf\x4b\x6e\x2f\xa5\x4b\x5a\xef\xaf\xa7\xc0\x14\x02\x8a\x84\x1b\x28\x7d\x02\xeb\xfa\x49\x77\x49\x45\xa7\x63\xb3\x38\x54\xf0\x2c\xa0\xd6\xe7\xb7\xb3\x49\x6c\xa8\x15\x9a\xfd\xf8\xf6\x4b\xd2\xa0\xd0\x82\xe8\x28\x35\x51\xf5\x57\x1a\xfb\x4d\x23\x9f\xa0\x3d\x00\xef\x60\x67\x50\xa9\xc9\xf8\xb8\xa6\x26\xfb\x10\xd9\xb9\x22\x10\x95\x9f\xe1\xf3\x2d\xc6\xe0\xc0\x1e\x79\x66\xa0\xd1\x2d\xbd\xd8\xb8\x63\x13\x2e\xe9\x3c\x05\xe5\x29\x5e\x30\x05\x35\x56\x5d\x85\x12\xf2\x4b\x21\x4f\x04\x90\xd5\x53\xf9\x75\x65\x2a\xc9\xa1\x4d\xd7\xc0\xb0\x3a\x30\x24\x03\x01\xf7\x80\x99\xf3\x03\xab\x9f\xf9\xc5\x7e\x22\x5f\xbf\xda\x43\x6f\x2e\x43\x96\x3b\xac\x08\xbc\x5e\xaa\xad\xc9\x12\x27\xb2\x5d\x60\x6c\x09\x42\x3a\x7b\x5d\xbb\x1b\x4d\xed\x08\x23\x3d\xb1\x3c\x54\x67\x24\x41\xa5\x34\x4b\xba\x4a\xf8\xb4\x07\x46\xed\x18\x9d\xa9\xdf\x03\x2b\x8f\x4e\x35\xbe\x48\x9f\x5d\x26\x43\x09\x01\xd1\xc5\x30\x19\xf1\x5c\x47\xe6\xfa\x86\x89\xfd\xed\x86\xe8\xfe\x66\xa1\xc0\x60\x3c\xcd\x7f\x75\xf7\xcf\x35\x8a\x23\xc4\xb3\x5b\xba\x84\x47\x7b\xb5\xd1\x8d\xeb\x48\x59\xbc\x9b\xc4\x2c\xf2\x8c\x76\xf7\x8b\x65\x66\xfb\x10\x86\x5b\xcb\xd0\xfe\xab\x2a\x6b\x11\xff\x9d\xbb\x78\xb6\x60\x33\x10\xc8\x7b\x7a\x6a\x30\x72\x74\xe7\xb6\x47\xf3\xd9\x25\x80\xd8\x32\x95\x78\x5f\x14\x46\x24\xe8\x7c\x60\x64\xf0\x47\x51\x4c\xe9\xfb\x5e\xef\x20\x34\x66\x7b\xfe\xd7\x43\x74\x97\x83\x37\x55\x79\xce\xf5\xed\x88\xfc\xd5\x5e\x6d\x31\x43\xe2\x81\x67\x15\x87\xcc\xf3\x0c\x57\x82\x3e\xb0\x74\x87\xe8\x47\xdb\x56\xe5\x19\xec\x96\x28\xcf\x10\x26\x7e\xbf\x7a\x8a\x09\x1a\x4a\xf5\x81\x38\xb0\x6d\xf5\x91\x6c\x94\x1d\x36\x58\x57\x5b\xc0\x17\xe5\xd9\xca\x7f\x20\x22\x3b\x5e\x57\x52\x28\x95\x1f\xd8\x9d\x85\xdf\xad\x9f\xbd\xf6\xec\x6f\xc3\x11\x6e\x2d\x14\x9f\x5a\xea\x9c\x72\x98\x07\x8d\x6d\xf2\x03\xb3\x0a\xf3\xe7\x48\x19\x53\x1c\xc2\x80\xb1\xbe\xac\xeb\xf2\x87\x1e\xea\x0f\xa6\x16\x98\xaa\x73\xf1\xd1\xb2\x5f\xb3\x05\x18\x78\x20\x47\xb1\xb5\x64\x9b\x51\x12\x3a\xa4\x28\x3a\x3c\x6e\x59\x3f\x23\x49\x40\xe4\x49\x64\xe5\xd8\x31\x0b\x92\x36\x77\x76\x24\x03\xaf\xfa\x55\x60\x28\xe2\xfd\xed\xd3\x38\x91\x28\x3a\x9c\xec\x3c\x2e\x50\x05\x7a\x13\xe2\x32\xe4\xa7\x58\x17\xb2\x65\x89\x03\xc3\xa5\xc8\xde\x4b\xe8\x09\x05\x33\x6c\x5e\x36\x66\x75\x3f\x9e\x9d\xee\x9f\x6f\x85\xfa\x43\x2c\x48\x71\x38\x7c\xa9\x6b\x23\xc5\xd5\xa6\xe0\xca\x28\x0f\xeb\x93\xc3\x01\xf3\xc5\x0f\x20\xcc\x4a\x36\x9e\xda\x4e\xfc\x25\x85\xc0\xff\x3a\x96\x79\x63\x09\x6d\xbe\x38\xe6\xee\x98\xdf\xdc\xa9\x3b\xa5\x4b\xc0\x7a\x7e\x5f\xe2\x3c\x54\xd1\xb9\xb9\xbf\xdc\x55\xc9\x82\xc7\x7d\xac\x91\x9f\x09\x7a\xe3\x20\x10\xa8\xcc\x3a\xf7\x4e\xd4\xe2\xe3\x48\x43\xa5\x8e\x16\x07\x21\x9b\x6d\xb0\xaf\x89\x85\x67\xba\xe8\xc6\xdb\xa0\x90\x85\x38\xfa\xe6\xc7\xba\x7e\x13\x79\xa8\x0e\x92\x85\x3d\xbe\x28\xcd\xa8\xdf\x59\x2a\xda\xda\x5f\x28\x0f\xeb\xa1\xe7\xb1\x8f\x8c\x69\x86\xc8\x3f\x92\xac\xee\x43\xfc\x73\xbd\x27\x17\xec\xcc\xc0\xa4\x31\x3f\x30\x13\xc3\xc8\x59\x41\xf7\x36\x10\x5a\xbf\x25\x68\x88\xe7\xf7\x9d\x81\xfa\xae\xbe\x43\xaf\x97\x12\x6d\x78\x27\x4e\x60\x4c\x2d\x43\x85\x4a\x92\x8d\xf9\xdd\xa8\xbf\xe0\x65\x40\x65\x4f\x4c\x89\x58\xd3\xf9\xef\x86\x2b\x3c\xa2\xf6\x95\xa0\x49\x78\xe7\x5d\xa2\xf1\xba\x57\xa3\x4c\x32\x08\x0c\xd6\xfa\xb2\xbe\xef\xfb\x79\x98\x63\x97\x69\xbc\x48\xc2\xe4\x68\xaa\x6f\xc6\xef\xd2\x29\x1e\x7a\xc3\x84\x96\x77\x76\x46\x7e\x1e\xc2\x7a\x40\x57\xd0\x96\x91\x45\x1b\xf1\xf5\xb5\x84\x3e\xe0\xf4\x28\x1c\xe8\xf8\xa9\xad\xca\xd3\x44\x68\x83\x6f\xb8\x68\xe1\x10\x1c\x62\xd4\x5b\x63\xfa\xef\x7c\xc9\x2a\xf3\x9b\xbf\x9c\xd6\x05\x13\xbe\x0c\xb6\x71\xb5\x48\x1e\x86\x07\x79\x8c\x14\xe3\xfc\x09\x3b\xf0\x7b\xd9\x1b\x7f\x84\xfc\xa8\xcd\x7b\xe0\xe0\x62\x8b\x79\xfe\xfd\x36\x74\x64\xd8\x6e\x1c\x3c\xd9\xf1\xfb\x28\xd3\x7e\xef\xbc\x30\xbf\x8a\x59\xdc\x47\xc8\xba\x4b\x02\x51\x2f\x60\x0b\x05\x40\x07\x7f\x39\x5a\x5d\x1e\x1e\x72\xf0\xcb\x66\xb7\x0f\x9a\x1c\x26\x26\x05\xcf\x7b\x11\x7c\xeb\x08\x3f\x2a\x3f\xd5\x7e\xba\x32\xe5\xb7\x42\xc1\xb2\x2e\xdf\xdd\xcc\x90\xd8\x4c\x7e\x36\x99\xcc\x63\x52\x42\x78\xfa\x0a\xb7\x66\x8f\x07\xee\x12\x13\xac\x70\x00\xbb\x21\xf5\x94\x46\x4e\xa0\x9d\x31\x53\x54\x92\x2a\x01\xe8\x06\x49\xbd\xc6\x0f\x39\xe5\x09\x2f\x4b\x54\xbc\xa3\xcc\x89\x51\x14\x23\x52\xfa\x18\xba\x35\x30\x5b\x89\xc6\x77\x94\xca\x11\x95\xf8\x49\x99\x21\xd6\x96\xc4\xca\xc6\xe0\x6a\x51\x04\x3a\x06\x66\x4a\xe7\x57\x50\x95\x29\x33\x0f\x00\xcb\xbf\x5e\xf1\x65\xa9\x66\x9a\x4b\x4c\x0a\xfe\xfd\x9c\xd5\xd4\xac\xc6\xb3\x44\xe6\x80\x4d\xbe\x5a\x9c\x62\x5d\xcb\x6b\x97\x9b\x56\xce\xc3\xbf\xc8\x14\xc9\x9b\xa8\xd5\x95\xa6\xa2\xcc\xf9\xbd\x8b\xf0\x9b\xed\xa1\xac\x22\xb8\x94\x44\xa6\x4b\x9a\xf6\x23\xe3\xe5\xf7\x5a\xbe\xcd\x1d\x6d\xa5\xe9\x5e\x93\x63\x61\xc9\xbe\x6c\x43\x02\x95\x29\xa0\xd9\x0f\xd9\x42\xbb\x39\xea\x63\x9e\x4c\x70\xa2\x8b\xad\x4d\x31\xb4\xf6\xe3\x37\x9d\xbb\x6a\xad\x30\xe9\xf2\x9a\xb4\xdb\xf2\xbf\x39\xca\x64\x57\x6e\x6d\xdf\x13\xa3\xea\x29\xf9\x1d\x6e\x7c\xd9\xbf\x42\xba\xf8\x17\xc7\x2e\xc8\x7c\xa3\x21\xde\x5f\x9c\xb6\x2b\x02\x5f\x8c\x6d\x17\xdd\x1f\xf2\x1b\x1c\xf1\x2e\x8e\x79\xc1\xa1\xec\x70\xa5\x2e\xd1\xc5\x25\x69\x26\x4f\xab\x0e\xeb\x31\xda\x9f\xab\x8f\x6c\x65\xfd\xfe\x6a\x33\xb9\xbb\x72\x07\x85\x3d\x61\xab\x29\xa3\x04\x2a\xdd\x9f\xc4\xf3\xfb\x5c\xfe\xd7\xf6\xca\xa6\xf7\xec\x09\x4f\xf2\x42\x8d\xb2\x8c\xff\x7c\xab\xe5\x8b\x90\x4c\x01\xa1\x26\xaa\xf2\xf7\x5c\x7e\xa0\xf0\x41\x91\x26\x98\x47\x93\x40\x20\x28\xff\x8c\xa8\x87\x85\x1b\xa2\x0d\x77\x86\x66\xb4\xb1\xd2\x4a\x4d\x6b\xf5\xfb\xcc\x9a\x1e\x77\x07\xd6\x95\x9f\x23\x54\x89\x66\x73\x0b\x39\x39\xe6\x25\xc2\x6e\xba\x9e\x88\x62\x76\x9a\x69\x91\x60\x86\xe9\x2b\xae\x17\x91\xae\x69\x08\x28\x37\x4d\xb2\x7b\xa2\xf4\xf1\xa2\x67\x07\x50\xa8\xfd\x9c\x49\xff\x49\xf7\x11\x4f\x4f\x33\xcf\x97\x5d\x46\x3f\x31\x70\x08\xe8\xc7\xb3\xf8\x16\xaa\xe7\xea\xab\xc6\x0f\x91\xe9\x0b\x12\xe3\x8a\xa1\x44\x9a\xd8\x91\xda\x65\x00\x20\xe8\x38\xd9\x83\x73\x24\xa1\x32\x9d\xd0\x52\x2b\xc5\xe2\x3b\xa9\x82\x1a\xf6\x0c\x8f\xc8\xc5\x04\x09\xeb\xad\x55\xf5\xc7\x11\x79\x83\x4b\xbd\x9a\x23\x09\xc7\xeb\x85\x18\x2f\x26\xea\x62\xd4\x9b\x22\x68\xca\x86\x55\x7e\x7c\x09\x46\x05\xad\x26\x88\xee\xf8\xef\x5e\x90\xcf\xa5\x5d\xdd\x48\xff\xfb\xc5\x9e\x12\x33\xe7\x40\xbf\xe3\x4b\x00\x10\xac\xd5\x24\x39\x5f\xf6\xa8\xa1\x36\x83\x4a\x23\x6c\x71\x68\xb4\xdf\x2f\xaa\xa5\xc1\xad\xbb\xf0\xa5\xfc\xf8\xfa\xa2\x0b\x63\x54\xf1\x8d\xaf\x0b\x13\xad\x97\x44\xfe\x30\x26\x45\x90\x44\x36\xa7\x3a\xca\x28\xa9\x68\x0e\xc4\x91\xb6\xf2\xf4\x9e\x48\xba\x61\x50\xb9\x23\x7a\xbd\x8a\xef\x0c\xe7\x06\x96\x43\x43\x6c\xc3\x91\x49\xb3\x5c\xca\xe0\x96\xe6\x0a\x68\x5e\xbd\x9b\x41\xd3\x35\xb5\x99\x32\xe3\x19\xc6\x58\xee\xcb\x02\x9d\xfc\xdb\xc4\x92\x1b\x91\x72\xf3\xb9\x3a\xf9\x62\x74\xd4\xf9\xfc\x31\xa3\x91\x9a\xe3\x29\x02\x10\xce\x52\xea\xfb\xac\x45\x9b\xe9\x4d\xdb\xd4\x3a\x91\x5c\x65\x7d\xc5\x7f\xdf\x4e\xbe\x61\x28\xd3\xb4\x34\x55\xde\x6a\x52\xcc\xd7\x4b\x62\x19\xbb\x65\xd9\x1c\x84\x67\xd8\x71\x60\xee\x0b\x92\x7e\x5c\xbf\x8d\x50\x89\xbb\xab\x60\x59\xc8\xa3\x3d\x0b\x36\x33\xc4\xac\x38\xf9\x62\x2a\xf1\x0f\xf8\x4d\x5b\x45\x4f\xba\x24\xf3\x0b\x5e\x52\xb4\xa0\x6f\x6e\x9f\xad\x08\x7d\x8a\xd8\xaf\x6d\x7c\x71\x9e\xe2\x9f\xae\x33\x46\xcc\xc1\x75\x33\x52\x5e\x36\xa3\xb3\x5d\xd7\x86\x1c\x3a\x74\x09\x6e\x91\xf4\x26\xe1\x26\xdc\x2a\x76\xfd\xe3\xba\x4a\x63\x6b\x8e\x65\x0b\xeb\x0c\x6e\x6f\xc0\x0c\x2f\x84\x89\x83\x1e\x50\x1c\x22\x4f\xaf\xfb\x74\x4f\xb5\x80\xef\x9a\xc2\xee\x21\xf3\x32\xb1\xbb\x6e\x8a\xac\x89\x2b\x77\x80\x68\x71\x2b\x71\x08\xa6\x22\x7d\x93\xbb\x1b\x68\x65\x6a\xcd\x15\x40\xb9\xa3\xe5\xb9\x91\xbe\x26\xa7\x18\x56\x62\x2b\x92\xa9\x63\x01\x23\x77\xa3\xc5\x60\x24\xe9\x96\x00\xe7\xd8\xb2\x57\x07\x95\x66\x37\xee\x49\xf7\x6b\x8d\xb0\xdc\x8d\x91\xe2\x20\x36\xda\x03\x78\x1e\x32\x48\x1b\xdd\x95\xdd\xd3\x74\xdf\x9e\x5c\x75\xe0\x5e\x8e\xb2\xd0\x50\x89\xc5\x36\x78\x08\x4b\xb6\x52\xcf\x30\x7e\x94\x53\x61\x57\x1d\xf4\x2c\x46\x60\x98\xa3\xfb\xda\x07\x4c\x97\x3f\x8f\x34\x4a\xd2\x47\x86\x37\xfa\xb3\xfa\xec\x0c\xa0\xb3\x8f\x3d\x7f\xec\x93\xc9\x1d\x6e\x8d\x57\xb8\x64\x4b\xbf\x77\x8d\xe3\xb9\x93\x06\xbc\xce\xce\xfb\xef\xd7\x2a\xe7\xc2\x55\x1f\x35\x6d\xc4\x65\x34\x9b\x21\x54\xc3\xc7\x1a\x9c\xe1\x7e\xff\x72\x21\x6a\xf2\x75\x97\x7f\x6d\xfc\xc9\x8d\xe9\x47\x3c\x80\xdb\x15\xa7\x5b\x80\x4b\xc0\x89\x58\x7b\x44\xa6\x7f\xaa\x22\xad\x22\x2f\x22\x6a\x6a\xd3\xeb\x8c\xe9\x68\xf1\x00\x1d\x6d\xeb\x93\xca\x57\x4d\xe7\x54\xda\xb1\xea\x0a\xc9\x24\xbb\xe8\xce\xb0\xf5\xa3\x6d\x5b\x24\xf1\x0c\x1c\x06\xab\x53\x58\x0e\x01\x1b\x84\xb6\x00\x69\xb6\xdc\xc1\xb5\x77\x77\x75\x2b\x04\xf1\xca\x25\x3b\x5f\x8b\xb3\x59\x2d\x3d\x27\x7c\x6c\x36\xbe\x4d\x85\xb2\xda\xb6\xf0\xdc\xd5\x01\x50\x22\x9a\x10\xd7\x0c\x66\xbb\x9f\xe3\x22\xba\xd8\x23\x57\x47\xeb\x6e\x4a\x27\x73\xa5\x09\x06\x3d\x98\xe8\xed\x79\x96\x79\xca\x40\xfe\x14\x29\x88\xcc\x62\x67\x8b\x55\xd3\x87\x37\xca\xf9\x6a\x72\x12\x2a\x98\x7d\x95\x7b\x37\xe6\xa0\x4a\x06\xa0\xa3\xbb\x27\xfb\xaf\xaa\x71\x0f\x39\x31\x2a\xdd\xdd\xdf\xb5\xd5\xab\x4b\x67\xc6\x3b\xc1\x49\xef\x96\xb3\xde\x64\xfb\x43\x2c\x98\x6e\x39\x26\x37\xa8\xf1\xd6\x77\xf7\x0b\x9c\x3a\x1b\x67\x88\xbb\xbc\xcf\xae\x72\x48\x1b\xf3\x35\x4c\x76\x7c\x06\xca\x26\x42\xbf\xeb\xdd\x13\x1f\xa6\xd6\xd8\xba\x3d\x55\xb8\x99\x16\x33\x33\xdd\xb7\x5b\x63\xca\xbb\x32\xa1\x66\xf4\xd6\x2e\x42\x60\xcc\x48\x74\x7e\x16\x0b\xfa\xe3\x47\x08\xf0\xf5\x87\xe4\xab\xcd\x10\x79\x27\x6d\x52\x0b\x8f\x8c\x3a\x46\xf4\x2f\xdb\xd9\x55\x26\xb4\xfc\xa4\x98\xec\x17\x65\xb2\xce\x6f\x06\x74\xef\x13\x6c\xeb\x0c\xa3\x35\x6b\x6b\x83\xf7\xd4\xee\x1e\x2f\xca\xc5\x18\x05\x7d\x83\x13\x99\xd1\x54\x73\xe2\xf5\x6c\x1d\xcc\xb8\xa8\x10\x13\x9d\x7d\x10\x28\x16\x6a\x29\x0f\xfd\x3e\x69\x76\x8a\xcf\x0e\x91\x6a\x4b\x3f\x0a\x56\x25\x39\xcf\x97\x4e\x9a\x87\x7d\xee\x62\x70\x65\x3a\x58\x56\x32\x39\xce\x81\xe2\xa1\xd3\x4b\x75\x42\x86\xb1\x39\x58\x04\xf4\x77\x0f\x14\x4b\x39\xaa\x0d\xec\xbd\x02\x12\xfa\x18\x02\xb6\x42\xac\x60\x22\x27\x48\x96\xe2\xd1\xd0\x3b\xd9\x7a\x7f\xb2\x2f\xdb\xae\xdf\xee\x08\xf9\xfa\x82\x5e\x40\xb4\xfe\x2d\x1f\x16\x62\x16\xda\x1d\x15\x38\xf8\x24\x66\x54\x52\x82\x86\x1c\x30\xee\x3d\x18\xb5\x23\x1d\xfa\x6d\xc5\x77\x46\xf9\x0b\x96\x42\x15\xf4\xaa\x83\xcb\xa6\xc2\x29\x76\xa2\x19\x24\x13\xb1\xb9\x63\x8b\xce\x75\x98\xf7\xb7\x41\xa2\x4d\x34\x29\xfe\xe4\x0d\xd2\xc2\x84\x67\x9b\x17\x86\xc1\x99\x81\xca\x8f\x3e\x64\x07\xc0\x6d\x3f\xb6\x8a\x44\xbe\x46\x1e\xca\xb8\x24\x39\x69\x96\x65\x5f\xfd\x3b\x0a\x3a\xb2\xf8\x8c\x2e\x41\x6c\x81\x9a\x17\x9f\x7a\x5f\xe0\x44\xfd\x76\x31\x5f\xfd\x79\xd8\xd3\xf1\x7e\x54\x18\x15\x1c\xb4\x87\x58\xe3\xe3\x05\x83\x50\x24\x0d\xc1\xfb\x54\xf1\xb8\xdd\xb1\x08\x23\xfa\x6b\xe3\x4c\x71\x49\x8a\x39\xae\xb8\xc2\x65\x23\x0b\x69\x62\xbf\xee\x18\x55\x3f\xd6\xc3\xcb\x5d\xd5\x7c\xbc\xaf\x1d\x8e\xef\xcc\x60\x32\x5f\x4b\x41\x9f\xf7\x5c\xce\x0d\x69\x7e\x58\x13\xfa\x03\x6e\x09\xe7\xf9\x26\xc9\x70\x67\xd1\x36\x8e\x78\x7e\x1f\xfd\xbe\xca\x33\x2d\x9f\x0a\xe4\xf6\xa2\xd7\x8e\xb7\xc9\x1f\x3b\xd8\xd4\xe1\x5b\x07\x17\x78\x39\x4d\xa2\x2b\x84\x38\xd2\xde\x1c\xdb\xcb\x1e\x31\x52\xe4\xeb\xbf\x00\x5d\x19\x05\x46\xaf\x7b\x93\xff\xf8\x4e\x80\x0b\x01\x4d\x97\xed\xc0\xac\x77\x4b\x2f\x25\x71\x47\xe5\x31\x51\xb3\xb7\xa6\xde\xf6\x7c\xed\x49\xb4\xd4\xc0\x0f\xb6\xad\x84\xe2\xf3\xcd\x80\x50\xa7\x03\xc2\x6b\xa3\x0f\xef\x6b\xca\xbb\x6d\x1f\x4b\x6d\x3f\xd1\x06\x7f\x2d\x42\x75\x8a\x28\x24\xb7\x69\xd8\xd2\x60\x50\xbf\xcd\xe3\xa1\x5a\x25\xd8\xdc\xda\x11\x86\x25\x40\x55\x9e\x1d\xd8\xac\x2b\xfd\x19\x22\xba\x9d\x6d\xbf\xba\x26\xd5\x5f\xeb\xf5\x8c\xb3\x24\x4e\xb7\xff\xc2\x74\xdf\xbe\x7c\x3d\x71\x53\x51\xf6\xf8\xc6\xf4\x9b\xd6\x93\xc2\xb6\x43\x20\x7c\xd9\xf3\x5c\xdb\xb2\xe6\x3f\x51\xfb\xc7\xee\xf5\x25\x73\x69\x72\x6f\x99\x78\x0e\x72\x12\x20\xfb\x8a\x90\x44\x72\x86\xd2\xef\x4b\xe8\x4e\xb3\xa9\xfc\x15\x8e\x17\x3d\x71\x7c\x2c\x8f\x66\x70\xa3\x86\xc0\x92\x5c\xe2\x70\x8e\xd2\x4e\x2f\x27\x7c\xd4\xce\x42\xa8\x82\x5e\x42\x55\xe6\x8d\xe5\xa0\x50\xfe\xa2\x04\xf7\x7e\x91\x5f\x2b\xb3\x84\x7f\x77\x5a\xbd\x40\x65\x08\xd7\xd1\x62\x58\x61\xe2\x48\xe0\xb0\x37\xbe\xa5\x50\x57\x86\x29\x0f\xd1\x9d\x6a\x47\x3e\x74\x71\x56\x93\xec\x78\x5f\x7f\x37\xc3\xf7\x2e\x74\xdb\xe6\x08\xfc\x58\xfd\xe5\x51\xec\xe3\xb3\x24\xc0\xd2\xb8\xfc\xa0\xe2\x35\x41\x77\x35\x32\x7f\x70\xdc\x08\xd4\x42\xef\xbb\xba\xc2\x2e\x7f\x1e\xe2\x18\x07\x9d\x53\x71\x55\xc0\x43\x98\x3a\x9e\xd8\x8a\xf2\xc2\xfa\x12\x2d\xdf\xef\x03\x2c\xdb\xa4\x47\xbb\xd8\x6b\x25\x70\x70\xf5\x57\x1a\x58\x22\x41\xfb\x5f\x3b\x18\x5f\xa2\xbe\x69\x93\xaf\x89\x3a\x72\xd0\xe3\x54\x9e\x6d\x8d\x35\x40\x7f\x44\x2e\x31\x3b\x69\xc5\x21\xb3\xfa\x84\x14\xa4\xed\x28\xdd\x9f\x68\x47\x8e\x05\x0e\x5d\x8d\x46\x2b\xa3\x3a\x6d\x3f\xa1\x2b\xb2\xf0\x1b\xf1\x9f\x00\xa4\x3e\x7e\x2d\x8e\xec\xe6\xd6\xad\xb5\x29\xca\x9c\x42\xcd\x49\x32\x0c\x95\xbf\x64\x98\x27\x40\xd0\xf4\xdf\xc3\x5d\x12\x49\x61\xa6\xf4\x31\x8a\xd9\xa8\xf2\x90\x04\x51\x67\xc3\x11\x23\x8e\x74\xcb\x0d\xf1\xc7\xac\x31\x9e\x07\x9e\x14\xbc\x31\x6a\xd3\xda\x90\x33\xe8\x3e\xa6\x17\x43\x44\xb7\x16\x7e\xf5\x00\xb7\xf8\x52\x62\x4a\x9e\x00\x78\xa4\x7c\x89\x22\xec\xf1\x1d\xb7\x3a\x7a\xc8\xcc\xd1\xfc\x8d\x23\x42\xf1\xd6\xa5\x13\x59\x5e\xfc\xe5\x51\xfe\xca\x44\xa8\x1c\x29\xfc\x0d\x54\x59\x7a\x6f\xe6\x90\x9f\x23\xe2\x38\xd9\xf1\x7a\xd8\x17\xf1\xbb\x22\x35\xd8\x60\xab\x40\xf8\xf2\x16\x6d\x40\xa0\x5c\xea\xcd\xaa\x1a\x1f\x79\xa8\xa2\xf7\xb5\xfc\x55\xd4\x1e\x5c\x08\x94\x66\xf3\xd6\xdf\xdc\x02\xed\xea\xc6\xce\x59\xa6\x68\xc4\xa6\x9e\xd8\xed\xfc\x65\xf0\xfa\xe9\x06\x97\x39\x46\xdf\x14\x26\x2e\xb4\x1f\x67\xd0\xa8\x3b\x50\x64\x12\xbc\xb7\x0b\xd1\x2a\xec\x58\x78\x77\x61\x70\x3d\xf1\x73\xcc\xef\xc8\x19\xef\xd5\x44\xe5\xad\x5d\x85\x0a\xdb\x71\x5b\xa7\x72\xd5\x3a\xbc\xf3\x9c\x07\xc8\xa1\x66\x0e\xd1\x8a\x7c\x4f\x17\x06\xb9\xa1\xb6\x8c\xe3\x27\x59\x10\x1b\x9a\x52\xef\x7e\x45\x3a\x45\x43\xde\xac\x38\x83\xf3\xc6\xf9\x8b\xd3\xd6\x16\xaa\xa8\xf4\x0c\x11\x46\xe1\x7f\xb9\x6f\x38\xc3\xb5\x3c\x9d\x87\xc8\x61\x97\x99\x52\x04\x65\xf0\xe1\xef\x55\x1e\x21\x37\x30\x4f\x31\x30\x72\x0b\xd3\x1d\x85\x3e\x21\x75\x65\xa8\x36\xee\x24\xf4\x01\x3b\x03\x4a\xe4\x52\xeb\x97\x10\xa2\x5e\xd8\xdc\x9f\x25\xbd\xb5\x64\xc8\xe3\xfb\x43\x59\xf5\xf9\xf3\xf8\x85\x28\x8e\x68\x61\x59\x4d\x3d\xc6\x74\x77\xba\xd9\xfc\x9e\xb6\xc7\x7f\x70\x93\xa9\x2f\x82\x2c\xc2\x53\x9d\x32\x4d\x63\x07\x53\xa1\x28\x66\xc7\xd2\x5f\xbe\x73\x1b\x4d\x7c\x66\x24\x2f\x83\xfa\xc2\x53\x36\xa9\x71\xd5\x78\x96\x5d\x9c\xa4\xc7\x3e\x95\x95\x90\x1c\x81\xfd\xd6\xba\xc8\x40\x37\x24\x46\x8a\x55\x38\x4a\x37\x2b\x8e\x4e\xf6\xe7\xf5\xf3\x63\x55\x4f\x7e\x6e\xbc\xfd\xf8\x38\x45\xbe\xdc\x97\xef\x5d\x36\x46\x14\xbe\x44\xd8\xf9\x37\x28\x60\x54\x9a\xfa\xc0\xd4\x4b\xde\x64\x6d\xa3\x47\xd3\xb8\xb5\xa4\x68\x6c\x51\x95\xb4\xd2\x71\xf6\x45\x11\x14\xca\x74\xb6\xf0\x1a\xc8\x17\x83\x42\xc7\x6e\x38\xf6\x8f\xd8\x5a\xdb\x68\x09\x21\x4d\x47\x4e\x82\xd9\xec\xd8\x88\x8a\xfe\x45\xba\x38\x3e\xd8\x89\xfd\x69\x47\x93\x55\x8e\x40\x48\xa6\x5c\x11\x88\xe2\x3b\x3d\x8f\x97\x66\x59\xe6\x09\xe4\x10\xc9\x96\xe5\xd6\x6f\x48\x42\x99\xc3\x85\x16\x90\xda\x39\x81\x28\xb6\x54\x80\x24\xf0\x9e\x94\x78\xa4\x89\xe9\x7c\xd3\x64\xfc\x23\x0c\xe2\x6f\xfc\x8b\x1e\x1c\x5b\x9a\x3c\x00\x70\x07\x41\x9d\x61\xfb\xce\xa4\x6e\x60\x7b\xb0\xca\x5b\x64\x04\x6b\xc7\xcc\x30\xb5\x49\xa7\xe4\x92\xbc\x4b\xa6\x80\x01\xe7\xb9\xec\xc1\x2e\xeb\x82\x94\x43\xb6\x88\x51\x3b\xa6\x02\x50\xd9\x1e\xfb\xa1\x31\x4b\x37\xc0\x25\xf0\x91\xa6\x3d\x4a\x2b\x39\x1f\x72\x9c\x4d\x71\xc5\x49\xc3\x91\x05\x48\x2d\x9a\xd9\x78\x33\xa6\xbd\x23\x2a\x41\xf7\x53\xde\xf6\xc4\x68\xa3\xbf\xff\x49\x24\xdd\xe9\x64\xea\xde\xb5\x88\x30\xa4\xaa\xaf\x28\xfc\xd6\x89\x02\xdd\xb1\xe4\x56\xcd\x97\x6a\x9f\xe3\xcf\x9f\x21\xba\xdb\x58\x41\x84\x9e\x5c\x1b\x5d\x9a\x4b\x97\xf7\x13\xb5\x86\xb7\xfa\x6f\x45\x3c\x70\x51\xef\x5a\xf4\xb9\x4e\x1e\x1b\x5f\xe2\xdd\xaa\xb1\x3d\x22\x37\x1e\x1a\x3a\xe6\x9c\xc4\x3d\x02\xd1\x9d\xdb\x78\x47\x51\x75\x6b\xe2\x33\x54\x9c\x21\xd5\x87\xcb\x23\x9f\xe8\xa1\x8f\x26\x75\x31\x05\x0d\xc5\xcf\xbe\xa7\xb5\x8a\xf2\xf4\x18\xf4\x74\xdd\x1a\x99\xab\x7e\x61\xf8\x24\x91\x1c\x25\xb5\xb1\x5d\x4f\x94\x6c\x02\x36\x8d\x51\xb5\xa1\xf5\x63\x5a\x65\xd6\xef\xe3\x60\x92\x01\x58\xe3\x03\x93\x55\x30\xfb\x6b\x82\x46\x59\x61\xb2\x11\x9e\xca\x94\x50\x40\x13\x3a\x34\x84\xe9\x4e\x8e\x21\xbe\xd9\xab\x95\x87\x60\x84\xc8\x4e\xdd\x24\x99\x33\x0e\x50\x64\x6d\x31\x63\x34\x1e\x9a\xd3\xd7\xdc\xa4\x74\x63\x1a\x8a\x35\xf4\x34\x44\xe5\xfa\x24\x55\x73\x9c\xfe\x65\x8a\x3c\xd9\xd9\x34\x11\x93\x55\xcd\x0a\x1f\x8b\x2d\xe8\x6f\xab\xcd\x03\x5f\xcf\x3c\x03\xf9\x8c\xed\xe5\xbf\xfd\xbc\x8f\x2a\xd2\x15\xf5\xfb\xb6\x9f\x59\x1a\xbc\x3e\x0e\xf6\x40\x8d\xb5\xf2\x03\x93\x27\xf4\x79\xf3\xe3\x1d\x56\x7f\xaf\xea\x47\x76\xbe\x3f\x64\xa7\x52\x58\x64\xd6\x13\xa1\x70\x26\x70\xd8\x3c\x0f\x73\x98\xfd\x5c\x25\x97\x4c\xc9\xb7\xee\x06\x48\xe9\x5c\x54\x6c\xbe\x07\x76\xc9\x50\x59\x57\x4c\x5c\xbd\xc6\x23\x78\x56\xe1\x98\x77\xe1\x28\x38\x31\xbb\x65\x39\xeb\x5a\x38\x5d\xdb\xcf\xbc\x0d\xfd\xbb\x1b\x9a\x48\xc0\x34\x99\x06\x7d\x50\xc5\xee\x51\x7d\x11\x93\x8e\x6b\x5a\x8f\x37\x14\xdf\xd7\x59\x73\x29\x0c\xa1\x92\x62\x28\x69\x28\x51\x0f\xa0\xfd\x5a\x2f\x52\xb9\xcf\x9b\x1d\x83\x41\x1d\x53\x34\x58\x99\x69\xd0\x27\xf3\x71\xbc\x7e\x7e\xd3\x05\x39\x61\x28\x57\xa6\x9f\x80\x13\xa9\x3e\x20\x10\x53\x4c\x41\xe1\x11\x93\xc8\x40\x90\x4e\x5f\x40\x7a\xb5\xc7\xa3\xc5\x24\x76\x8d\x44\x68\x6c\xcd\x14\xdd\x31\x5b\xbf\xdd\xbb\x8c\x75\x8f\xad\x37\xf1\xe8\xbf\x0b\x0e\xcc\x1f\xf8\x15\xe7\xd7\x49\x5c\xd2\xfd\x36\xb7\xd4\xbb\x32\x84\xa5\x3b\x09\x40\x46\xc9\x5d\x33\xf9\x1c\x1e\xcd\xfd\x83\x75\xf4\x78\x36\x06\xb5\x4a\xfe\xf3\x22\x62\x9b\x59\x67\xa0\x19\xf7\xae\x5a\xf4\x57\x74\x85\x6b\x97\xb8\xd5\xf9\xd4\x6c\x39\x12\x7f\xfc\xf9\xb9\xdd\x0d\x5b\x34\x4a\x2e\x08\x11\x4b\x44\x11\xef\xfc\x96\x0b\x47\x17\x55\xef\x1b\x27\x73\x73\xa4\x9d\xf1\x45\x95\xbb\x6f\x88\xd2\x1c\x43\x52\xff\xbd\xa4\xaf\x43\x6e\xec\x1c\x01\x78\x09\x44\x19\xa7\x26\x0c\x5f\x06\x04\x5c\x99\x86\xf2\x9b\x2d\x44\x76\x4e\xef\x4f\x9f\x82\xab\xfb\xf2\x51\x7e\x5d\x8b\xd2\x4c\xc5\xd8\x98\x56\xf0\x71\x6c\x9d\x51\xdd\xaa\xd8\xc6\xbf\xe2\x46\x1e\x1a\xe5\x1f\x04\x8d\x98\x51\x17\xf4\x74\xd3\x1a\x99\x4d\x2e\xa4\x90\xb5\x3b\xf7\x46\xde\x35\x08\x0f\xdc\x34\xc2\xc6\xdf\x6c\xb6\x40\x0c\x08\xbd\x5c\x8c\x99\x41\x21\xc2\x9a\x92\x5e\x22\x58\x91\x15\x11\x42\x97\xa1\xcb\x6c\x52\x9a\xe5\x08\x53\xe6\x80\x67\x57\x2e\xd8\x1b\x5c\x7d\x05\x30\x14\xa6\xf6\xe5\x98\x97\xa8\x47\x14\xcc\x47\xf2\x90\xde\x83\xfe\xf6\xfd\x28\xf8\x79\x44\xfe\x66\x45\xf6\x37\xb6\xee\xd4\xc5\xe1\x5b\xc7\x62\x35\x99\xa2\x6b\xd7\xe6\x91\xcf\x0d\x3f\x65\x6f\xc6\x44\xa5\x0c\x93\x25\x7d\xa6\x37\x94\x92\xc1\xa8\xfd\x47\xd3\x59\x2c\x59\xcb\x34\x5b\xf8\x82\x18\xe0\x36\xc4\x36\xee\xce\x0c\x77\x77\xae\xfe\x44\xbf\xdf\xf9\x07\x44\x74\x74\xec\x01\x55\x64\xad\x5c\x4f\x42\x65\x5d\x43\x31\x29\xd0\xf4\xc7\x49\xcb\x88\xed\xa8\x35\x7d\xb0\x11\x04\x15\x3a\xfe\xf0\xba\x47\x62\xb4\x9e\x55\xb6\xdf\x33\x34\x8d\x37\x2b\x21\xbe\x64\xef\x95\x12\xce\x54\x7e\x26\xcc\x6e\x47\x33\x10\xec\x9e\xfe\x8b\x36\x54\xf8\x61\x60\x8f\xf5\xdf\x2e\xc6\x3f\x86\xe1\x6a\x2c\xb3\x9a\xdb\x3d\x5f\x6c\x49\x83\x21\xfc\x4e\xf2\x87\x0d\xb5\xe3\x41\x91\x06\xbf\xb9\x39\x41\x44\xd1\x18\xab\xa4\x15\x17\x9a\xe1\x10\x95\x68\x18\xad\x84\xfe\x60\xa4\x67\x44\x83\xca\xee\x18\x29\x98\xeb\x59\xfa\xc0\xc5\x14\xf8\x5b\x30\x6a\x5e\x3a\x0e\x4d\x22\x7a\xfe\x09\xd1\x17\xa2\xd2\x8c\xfb\x63\x6f\xeb\xcb\x51\x5a\x4b\x9e\x9f\xe9\x4d\x11\xf9\xdc\x4c\x90\x7c\x8d\x9a\x4f\x51\xcb\xd8\x0e\x83\x2b\xec\x83\xc8\x4b\xfa\xee\x97\xc4\x3f\x72\x37\xc2\xfd\x3a\xb0\x84\xd5\x7b\xe5\x85\x19\xa0\x14\x49\xdf\x82\x92\xf4\x79\xa0\x44\xa9\xfc\x78\x41\xb9\xbf\x3d\x2d\x85\xa8\xd4\xd8\x06\x2a\x26\x17\xcd\x8e\x61\x49\x42\xc2\xca\x40\x68\xfa\x43\x3f\x53\xf2\x7a\x2a\xa7\x32\x1d\x55\xee\x9c\x0a\xa1\x41\xfb\x0a\x94\xa2\x52\xa3\x7a\xe1\xa2\x9d\xe3\x8e\x8f\x7f\xe6\x82\x1e\x78\x09\x01\xa9\xde\x8c\x48\x97\xba\x82\xee\x09\xcf\xe8\x25\x1d\xb0\xd9\x09\x44\x9c\xdb\x7a\xef\x2a\xb7\xae\xdb\x4a\x0e\xf9\xbf\x17\xf0\xeb\xba\x12\x3b\xf5\x81\xab\x83\x89\x38\x8f\xe0\x3b\xe2\xd8\x58\xf5\x2b\xfc\x60\xd4\x87\xf2\x08\x63\x4b\xa1\xfc\xb4\xfb\xfb\x59\x4c\x97\x67\x70\x69\x05\x85\x17\x3b\x27\x47\x9c\x4e\x4a\x4c\xff\xf5\x64\xb1\x2a\x3a\xd7\x28\x88\x3b\x16\x41\xe0\x04\x98\xd5\x07\xe6\xaa\xbe\x3b\xaa\xb1\x66\x27\x1b\x95\xc1\xfb\x70\x01\x80\x59\x4b\x4d\xcf\x04\xf0\xe1\x05\x82\x63\x16\xec\x4f\xe9\x16\x3f\xd0\xba\xf9\x58\x3f\x3b\xbd\x93\xdf\xec\x40\xa8\x36\x8f\x91\xee\xb4\xa4\x6e\x37\x01\xed\xcf\xf3\xa4\x96\xd8\x09\x49\x27\xf8\xb6\x49\xa2\xac\xea\x42\x33\xc3\x66\x30\x75\xf1\x21\x7c\x18\x7c\xcc\x5e\x5a\x06\x1b\x20\x98\xa3\x3e\x45\xad\x57\x8f\x9b\xce\x8e\x66\xca\x6f\x53\x8e\x39\x1b\x7f\x8f\x69\xd6\xb2\xb2\xe7\x59\x37\x8f\x0b\x51\x8a\xb5\x4c\xa6\xc7\x93\x1c\x8b\xe9\x14\x28\x79\x6c\xc1\x0a\xd4\x08\xb5\x80\x33\x71\x6e\x27\xaa\x19\x24\x71\x39\xcb\x20\x10\x26\x0c\x15\xac\x9d\xfe\x92\x1d\x89\x8f\x70\xb3\x6f\xfd\x33\xbc\x00\xae\xc0\x0f\x55\x30\xa2\xac\xa4\xc6\xd7\x9a\xf7\xf4\xb7\xe7\xe7\x01\xcf\xc8\xdc\x7f\xeb\x19\x5d\x61\xd2\xc0\x3e\x78\x59\xb9\x7e\xd1\x9c\x0e\x86\xf0\xfd\x10\xe4\x12\x3b\xc1\x52\x73\xeb\x99\x61\xed\x1e\x44\x3c\x13\xb8\xbc\x15\x75\x4e\xe4\xe7\x3f\x3e\xab\x25\x71\x6a\x7f\x24\x0d\x60\x41\x84\x94\x81\x06\x23\x48\x48\x3a\x73\xed\x91\xa0\x24\x14\xd2\x43\x40\xe4\xd1\x15\x6d\xd8\xe5\x1c\xcd\x75\xb1\x64\xdd\xa5\xfc\xd5\xb3\x28\xc3\x07\x2b\x86\xc3\x92\x09\x8f\x9e\x71\xa9\x8d\xc5\x46\x10\x14\x91\x83\x50\x8e\x63\x60\xb3\xc6\xdd\x42\x20\x9a\x1f\xe2\xea\x94\x55\x48\x41\xb3\x9a\xd3\x42\x97\x53\x06\x83\x10\xe3\x70\x8e\xab\x39\xd4\x1b\xa8\x0f\x7d\x0c\x33\x4c\x90\xc5\x9d\x9b\x52\x21\xfd\x08\xc4\x05\xda\x6d\x25\x80\x84\x06\x00\xad\x27\xdb\xad\x4c\xf2\x0b\x4d\x0a\x3f\x10\x9c\x73\x46\x29\x56\x29\x4e\x34\xc6\x4a\x0b\xc8\x6a\x8c\xe3\x2d\xa5\xaf\x41\xeb\xc1\x12\xa1\x9a\xc6\xcf\xd9\x9f\x36\x07\x29\x0c\xa3\x80\xaa\x3a\xea\x8d\xcf\x8b\x24\x8c\x86\xad\x38\x91\x34\x3c\xb6\xf9\x09\x7a\x99\x8b\x09\x71\xe0\x0c\x61\xd1\xf1\x0b\x9c\x98\x1a\xcb\x4d\xc6\x71\x74\x0f\xa2\xc1\xbe\xaa\x39\x0c\x58\x23\x57\x80\x8d\xce\xf1\xb2\xf2\x0e\x8a\xa8\x40\x68\x16\x4c\xbc\x94\x6d\xe5\x42\x13\xbf\x9d\x3e\x81\xfc\xce\x4d\x0d\xf7\x43\xb0\x16\xd8\x5d\x96\x97\x37\xef\x2d\xe9\xcf\x02\xa2\x40\x00\x11\x85\xf9\xa7\x4c\x37\x8c\x6f\x95\xf4\x50\xd0\xaf\x16\x7a\xdf\x54\xed\x1f\x08\x16\x00\xe9\xe2\xd5\x3e\x2e\x54\x67\x89\xb6\x42\xac\x18\x2d\x34\x42\xde\x2b\x6e\xa8\x78\x34\xf0\xec\x80\x85\x44\xde\xf9\x44\xaa\xf1\xe4\x7c\x9b\x7b\xc1\x8e\xd0\xa8\x03\xff\x0a\x6a\x7c\xf7\x4d\x3d\xc6\x2f\x6d\x7e\x71\x07\x3e\x29\x9b\x03\x99\x81\x66\x0d\xde\x13\x6b\x2c\x02\xaa\x27\xbd\xd3\xf4\x7c\x34\x08\x4e\x4f\x8d\x7e\xd8\xd3\xc6\x54\x6a\x39\xb3\x94\xd7\x6a\xbb\x12\x25\x9a\x9d\xba\x38\x06\xc3\x6a\x07\xe8\x4b\x81\xd6\x85\x92\xbb\xa5\x0a\x6d\xf0\x26\x1f\x2c\x96\xe4\xc9\x77\xfb\x2e\x77\x72\xcb\xf4\xd6\x36\xd0\x2d\x95\x3b\xc6\xce\x82\xef\x45\x98\xdd\x4c\xf2\xc8\x8d\x52\x9e\xc0\x0a\xf0\x69\xaa\x68\x76\x18\xe3\x93\x3e\x39\x30\xf4\xed\x6f\x58\xe1\xb4\x88\x14\xa8\x31\x7c\xdd\x9a\x6e\xa1\xab\xa0\xa1\xe4\x9f\x12\x30\x27\x6f\x57\x36\x1a\x35\xde\x9b\xaf\x71\x16\x67\xad\x78\x40\x20\x53\x72\x3e\x1b\x1a\x80\x61\xca\x20\x5a\x3b\x00\x76\xde\xb8\x3b\x37\x80\xd2\x2a\x35\x8f\xa4\x53\x1a\x00\xd2\x23\xfc\xfa\x9c\x1f\xb6\x22\x65\x6b\xfd\x59\x16\x38\xbd\x73\x5d\xe2\x38\xc0\x0b\x5e\xb2\x6c\x51\x80\x1c\x10\x48\xbc\x7a\x91\x83\x4e\x6d\x56\x18\x3b\x32\x3d\x88\x75\xa7\xe9\x41\x8b\x13\x85\xf1\x32\x6a\x31\x13\x4f\xb1\x53\xeb\x8c\x09\x8c\x05\x49\x54\xb2\x70\x0b\x0e\x6b\xf2\x30\xa3\x4a\x98\x73\xf7\x84\xc7\x5e\x05\xdb\x57\x98\xb5\xff\xa6\x2d\x46\xd8\x1a\xd2\xc3\x85\x23\xf8\xba\x2b\xaf\xc8\x85\x0e\x4d\xcf\xe6\xf4\x55\x22\x2d\xb8\x59\x69\x31\x12\x29\x08\x02\x18\xa1\xb0\xc2\xe9\x13\x31\xb5\xd4\x0b\xda\x57\x04\x8e\x13\x43\xa4\x87\xdd\x18\xe6\xa6\xb4\x65\xae\xf6\x2f\x79\xfa\x60\x72\x68\xdb\x72\xc3\xdb\x5d\x68\xf4\x80\x8f\x76\x73\xa1\xad\xa5\xba\x70\x20\xe5\x5e\xee\xe5\x72\xd8\xf0\x42\x26\xdd\x91\xcc\x80\x0a\xad\x7a\xfc\xb4\x2b\xb2\x92\x29\xa8\xed\xd6\xd8\x01\x02\x32\xf5\xed\xe7\xa7\x8d\xaa\x13\x1a\x23\xe3\xdc\xa2\x58\x7b\xb0\x1e\xbf\xe8\xf4\xdc\x1c\x54\xfa\x04\xc4\xa2\x5b\xac\xaa\x4d\xeb\x81\xcc\xad\x4f\x01\xac\x24\x6b\xa9\x89\x6d\xe8\xa0\x38\x0d\xb6\xc0\x13\x24\x42\x8c\x2c\xca\x2b\x82\x29\x4c\xc3\xd3\xa7\x54\x33\x63\x6c\xe1\xea\xb4\x15\x24\x61\xb3\xb7\x09\xc4\xce\x81\x8d\xb9\x57\xad\x5d\x76\x6c\xf5\xa3\x3c\x99\x44\x3c\xb3\xc2\x3f\xc3\xc1\x6e\x26\x50\xcf\x63\xf3\x60\x12\xaf\x6f\x31\x64\x4c\x1a\xd9\xe0\x6f\xf9\x5a\xff\xe7\xd8\xfe\x31\x7e\x59\x3a\x8a\xec\x7c\x63\x69\xeb\x9b\x12\xdf\x1e\xe1\x16\xda\xb7\x28\xb6\xbf\x46\xfb\x5d\x28\x49\x1c\x93\x83\xec\xc9\xc5\x39\x32\xef\x22\xb5\x5d\x0b\xf5\x3f\x3d\xfd\xad\xc5\x09\x3a\xf7\xe3\x64\x16\x27\xca\x92\x42\x07\x8c\x11\xf9\xb0\xc6\x98\x67\x27\xc5\x87\xc6\xb0\x81\x68\xa9\xc4\xb3\xcd\x00\x58\x9d\x68\xd6\x00\x91\xff\xb5\xa4\x03\xe5\xf0\x08\xe6\xb5\x3e\x3c\xaa\x58\x43\xc8\xa5\x06\x2a\xfc\x12\x6d\x78\x60\xe8\x5e\x5a\xd2\x4d\x55\x96\x6c\x03\xf2\xed\xb0\x2a\xd7\x2f\x5b\xb0\x7e\xe5\x41\x54\x15\xa2\x3c\x41\x84\xf4\xa3\x03\x56\x3b\x72\xa2\x2e\x67\xbb\x0f\x2e\x95\xbb\xd8\x77\x5a\xa7\x47\x12\x4a\x9d\x91\xcc\x6f\x0b\xe1\xfd\x50\xef\x40\x63\x2e\x6f\xfd\x71\x7f\x13\x14\xc9\x27\xe5\xd6\x79\x1b\x62\xd9\xd4\xec\xe6\x4e\x62\xc4\x5e\x11\x4a\xab\x93\xba\x07\x6c\x36\x28\x81\x80\x7f\xf7\x70\xa2\x69\xac\x9b\x06\xe6\x97\x56\x74\x99\x80\xa8\x8f\x40\xcb\xe2\xb7\x76\xda\x16\xd9\x80\xd6\xe7\xc3\xbf\x18\x3e\x38\xb3\xb2\xa6\xb8\x2c\x42\x1f\xb2\x9b\x1f\xc0\x58\xcf\xaa\xc9\x92\xac\x0d\xc4\xce\xac\x5c\xec\x73\x85\xe4\x3a\x35\x9f\xa5\x3d\xed\xf8\x81\x60\x5a\x8e\xad\x36\xde\x89\x92\x0f\xe7\x95\xf2\x1e\x6a\x5e\x72\xa1\xb1\xb2\x30\x41\x0b\x18\xbf\x65\x81\x09\xa2\x18\x2d\xc7\x9a\xbe\x79\xe8\xce\x1c\x6b\x7e\x4b\x8c\xd0\xad\x20\x31\x90\x47\x20\xf2\xaf\x6d\x55\x18\x94\x3a\x0e\xa3\x4a\xeb\xe1\x0d\x20\x3d\x7e\x55\x85\x8f\xc9\x58\x8a\xcd\xcf\xa1\x45\xa7\x4f\x4b\x99\x14\x9f\x13\x75\xe5\x76\xbe\xb9\x40\xd4\xdf\xd1\xd6\x25\x9e\x50\xe7\x9f\x67\xa7\x59\x52\x93\x89\x58\xc6\xa8\xf2\xe6\xcd\x4d\x95\xb1\xfc\xd1\x93\xbe\xa9\xef\xc2\xd7\x82\x24\xcc\xe0\x97\xc1\x34\x42\x16\x27\x21\xf1\x5e\x58\xf5\xeb\x4f\x28\x67\x75\xdf\x7a\x39\xab\x71\xf3\xe9\x33\xdb\x48\x08\x37\x76\xdb\x8c\x13\x2e\x59\x14\x9a\x38\xe3\xb8\x6e\x41\x8a\xf1\x73\xe6\xda\xff\x57\x9f\x6c\x31\x99\xfb\xc1\xdc\x71\xaa\x75\xac\x85\x90\xa0\xac\xe9\x58\x8b\x6b\x3a\x2e\xcb\x4b\x88\xbf\xbd\x10\x1e\xd1\x99\x63\x6c\xb0\x22\x98\xf6\x8a\x0b\x21\xd6\x7a\x96\x39\x96\xab\x09\xed\x29\x56\x2c\x89\xf4\x8f\x0a\x5d\x28\x1d\x97\x95\x3e\xbf\xb4\x71\x33\x4d\x07\xb0\xce\x62\x30\x49\xf2\x04\xc4\xe8\xe3\xed\xea\x8b\x15\xa8\xa4\xe2\x44\x53\xcd\x46\xb3\x79\x17\xc5\xf3\x0a\xbe\xe7\x94\xe7\x2c\x42\x29\xf0\x62\x1f\x75\xaa\x69\xbc\xcc\xd8\x6b\xc8\x16\x98\x84\xc8\x65\xa4\xfc\xc6\xc6\x2a\x4e\xab\x5b\xb5\x93\x3b\x41\xb7\x76\x5c\xc1\xb0\x42\x7b\xa1\x85\x49\xf2\xc2\x14\x5b\xfb\xa3\xdb\x27\xe5\x28\x7f\x07\x2a\x93\x28\xb8\x47\x06\xe7\x3a\xce\x59\xed\x15\xc1\xe2\x52\xc6\x64\x8c\x27\x11\x5c\xee\x0c\x26\x00\xf0\xa3\x56\x0e\xae\xbc\x8f\x87\xd8\x4e\xf0\xdd\xd2\x0f\x92\x90\x1d\x3c\xad\xb4\xf6\xf0\x6f\xdc\xcb\x9a\x8e\xbe\x09\xbb\x47\xe6\x42\xb8\xc5\x3b\x47\xba\xae\xc4\xc9\xb1\x0c\xa2\x11\xf5\xf8\x15\x57\x0f\x6b\xee\x7d\x76\x81\xf0\xce\xab\xda\xec\x68\x96\x04\x36\x64\xf0\x92\xa9\x44\xda\x40\x2b\xae\x8f\x8b\x3d\x10\xda\x17\x7a\xae\x9f\x02\x5a\xfd\x51\x00\x3e\x08\x28\x85\xa5\x75\x34\xa0\x5d\x6d\xa9\x93\x69\x98\x8c\xc6\x78\x99\x19\xff\xce\x42\xcf\x06\x41\x14\xd5\xb3\x20\xcd\x35\xe6\x2a\x5d\x3c\xfd\xfe\xf4\xdf\x0f\x8a\x88\x04\x7a\x15\xf0\xb0\x1d\x3c\xf1\x82\x12\x22\x62\xef\x9d\x21\x29\xc3\xa5\x7f\x2b\x36\xf9\x13\xc4\xb2\xa2\x4d\x07\x3c\x9a\xec\x85\x20\xa0\xdf\x02\x02\x74\xa1\xe2\xc7\xaa\xaf\xab\xa4\x2f\x1d\x21\x66\xb0\xd9\xab\x70\x1b\x7c\x1d\x77\x15\x84\xcf\x05\xb3\x85\xc3\x8a\x66\x07\x5a\xce\x1e\x94\xb6\x2f\xff\x76\x1a\xc1\x32\x29\x9f\xfe\xc5\x26\x64\x28\xe2\x6d\xfe\xee\xf9\xb7\xee\x37\x47\xde\x73\xbd\x49\xdd\x83\x6d\xda\x9c\x54\x27\xc4\x4d\x10\x5e\x5e\xe1\x38\x9a\x3e\x52\xfd\x3a\x55\x74\xfa\xa4\x16\x27\x6c\x11\xe4\x4e\x0a\xd6\x56\xe9\x9f\x63\x4b\xcd\xae\xde\x7f\xd2\xb9\x82\x7a\x85\x7b\xee\x92\x59\xce\x1c\xb2\x2b\xa9\x24\xbc\x1a\x6d\xc1\xcb\xf2\x19\xd3\x3f\x27\xd7\xd8\x34\x23\xb8\xae\x6c\x73\x3a\x51\x5a\xf6\x3e\xa7\xa2\xb3\xa3\xfa\xe8\x50\xab\x11\xc6\xd5\x21\x73\x8c\xcb\x8d\x62\xb7\xdb\x17\x71\x35\x0a\x45\x44\x01\x5e\xf2\xeb\xb9\x2c\xaa\x0b\x15\x17\x44\x58\x52\xc8\xcf\x84\xd8\xec\x91\x06\xab\xcb\x1b\x2b\xe2\x8f\x02\x2b\xb8\x61\x5d\xba\x3a\xaf\xaf\xb9\xef\x1c\xa2\x0f\x1a\x03\xcd\xc6\x71\xfb\x59\xdd\xd4\x04\x94\xd9\xd4\x92\xef\xa6\xb4\x3f\x9f\x41\x60\x1f\x74\xa3\x9a\x33\x3f\x58\xae\x26\xfe\x44\x9a\x40\x78\x08\x91\xaf\xc9\x27\x51\x88\xb4\xfd\xcd\x72\xcd\xd4\x32\x3f\x25\x48\xa1\x7b\xf5\x50\x4b\x28\x49\x0f\xe6\xe4\x39\xa6\x94\xef\x5a\xf7\xbc\x80\xd7\x1f\x6c\x03\x84\x52\x3d\x0b\xa2\x54\xcf\x24\xc3\x4f\xa1\xed\xa6\xae\x2d\x41\x34\x30\x54\x1f\xf4\x3a\xc6\x1d\x86\x54\x25\x21\x77\xa8\xfa\xc3\x9e\x89\x4f\xbd\xbc\x7a\x6b\x01\x15\xb2\x05\xc7\xef\x56\x74\xbc\xa1\x56\x46\x0b\xd1\x03\x19\x96\x34\xac\x65\x75\x9a\x47\xe5\x67\xd7\x82\x28\x82\x95\x0f\x1b\x5e\x0e\x6a\x02\x17\xf1\x09\x12\x59\xd3\x6d\xa5\x91\xa3\x91\xee\x77\x60\x80\xcc\x33\x76\x95\x30\x3d\x58\x7c\xc4\x1d\x60\x09\x10\x3d\x40\x28\xd4\xb2\x78\x1d\x57\x2d\xd3\x7c\x2a\xe2\x0d\x54\x44\x3f\x36\x86\x7f\x82\x6e\xc7\xda\x0c\x32\x38\x68\x5a\x92\x87\xa8\x43\x17\x73\xbd\xde\x43\x06\xbb\x1e\x01\x00\x96\xd4\x98\x14\x8e\x54\x63\xe5\x4f\xd0\x6c\x87\x2b\x4c\xb4\x2c\x75\xb1\x6f\x9d\x35\x13\x44\x13\x82\x9d\xfe\x73\x4a\xc0\xbb\x85\xcc\x89\xa4\x91\xfb\x90\x4a\x8f\x34\xab\xd9\x08\x47\x8b\x8f\xcd\x7d\xdb\xc6\x7b\x31\x80\xed\x06\xa6\xe5\x74\x5e\xff\xc4\x8f\x7e\x98\x06\x37\xb9\xc2\x7c\xfc\x37\x87\xec\x50\x63\xe0\xce\xff\xc6\xfc\x61\xeb\xbb\xd2\x9a\xce\xbc\x95\xd2\xad\xac\x09\x21\x8a\x4a\x0f\x9f\xe3\x42\x27\xf9\xd4\x54\x4c\x3a\x2d\x83\x38\x4a\x30\x67\x99\xbb\x6c\x0f\x40\xe3\xad\x8f\x61\xd0\xe7\xd1\x84\x3a\xe5\xb1\x52\xd7\x50\xa1\x07\xc9\xf1\xc9\xff\xbc\x67\x79\xed\xb4\x9a\x4f\x0a\x17\x53\xd5\x8d\x6c\x04\x50\x9d\xcd\x6e\xb7\x9c\xc0\x78\xce\x3a\xf8\x9b\xad\x45\x32\xc5\x74\xb7\x6b\x4f\xef\xbf\xe7\xd7\xa4\xe1\xaf\x87\x7c\xa2\xdc\xda\xb8\xe6\x53\x5d\xae\x28\xd8\xf0\xfc\x89\xbf\xcd\x88\x76\xdb\x39\x15\x9f\xc4\xea\x5f\x5e\xd8\x95\x1d\xe1\x1d\xbb\x83\x68\x2b\xe2\x93\x12\x94\x9e\x0d\x06\x40\x67\x3a\x06\xf1\x83\x69\xb0\x82\x24\xfe\x7e\x50\x09\xc3\x43\x83\x65\x15\x9c\xaa\x3e\x0a\x34\x2e\x34\xbb\x15\xad\x3b\x50\xb0\xfb\x76\xdd\xa5\xf1\x70\x4b\x56\x2e\x19\xc2\x9b\xc7\x18\x10\xc2\xcb\xec\x24\x3b\x07\x67\x13\x46\x5d\x2c\x7c\x7d\x2d\x04\xe3\x01\xb7\x5f\xd4\x5a\x56\x9c\xde\x6b\x07\xea\x2e\x19\x14\x29\xb7\x95\xd8\xaf\x50\xb3\xed\xce\xf1\x37\x9e\x49\x3a\x22\xde\x86\x90\xa3\x6a\xd7\x8e\x2d\x31\x55\x8f\xcd\x86\xe6\xf0\x77\x64\x2d\x16\x4a\xd6\xed\x52\xa5\xf1\xd9\xaf\xda\x58\x28\x89\xcf\x9a\x2c\xd7\xac\x20\x42\x47\xb8\x6b\xe5\x9b\x54\xe7\x68\x2f\x13\x45\x4b\x7f\x3e\x58\xcd\x40\x1a\x5e\x6c\xf0\x1b\xed\x57\x81\x90\x44\x13\x81\x71\x8a\x47\x05\xac\x3e\x5c\x27\xbb\xfd\xde\x43\x2d\x31\x33\xbc\xf7\xe5\x59\x7d\xf7\x2b\xcc\x08\xdd\x9b\x0b\x0b\x95\xc3\x5f\xa3\xaa\xb4\xde\xdf\x93\x43\x55\xf6\x8c\x08\x87\x5d\x80\xf0\xdb\xbd\xee\x37\x03\x55\xed\x60\xb7\xcb\xb2\xc2\x44\xe2\xf4\x1f\x94\xde\xa2\xbe\x94\x21\x93\x89\xe2\x38\xa7\x04\x37\x80\x50\xa2\x7b\xcc\x63\xe2\xd7\x8d\xfe\x58\xdb\x47\xad\x0d\x65\x1f\x87\xea\x17\x8e\x31\x3c\xb2\xca\x39\x10\x40\xaf\x0b\x25\x11\x01\x5e\x20\xa2\x52\xd6\xf4\x21\x85\x86\xfe\x74\xd4\x78\xc0\x8d\x98\x6b\xca\xad\xa9\xa0\x2d\xab\x01\x63\x60\x8a\x9b\x57\x4d\x73\xfb\xcb\x41\xc0\xa5\x4f\xc2\xa8\xb8\xea\x90\x82\xc7\x6a\x47\x34\xa9\x2d\x2d\x5c\x10\x64\x57\x45\xb4\x60\x3b\xa5\x68\x60\x6f\x86\x91\x19\x56\x71\x84\x9f\xcf\xbe\x67\xdc\x2f\x2f\x55\x5c\x7e\x6a\x58\x49\xf4\x17\x07\xd0\xe2\x91\xa0\x25\x78\xca\xce\x22\xf1\x6a\x0b\x58\x29\x35\x98\xb2\xf2\x6c\x4d\x23\x44\x11\x1b\x0c\x2c\xaf\x26\x5f\x63\x1d\xdb\x2d\x9c\x8b\x93\x04\x90\x19\xf7\xae\x70\xc7\xaf\x42\x66\xe3\x37\x33\xb1\xc8\x22\x68\x75\xfa\x3f\xc3\xb3\xbf\x02\xe0\xe2\x1e\x60\xeb\xf6\x77\x6f\xc6\xf4\xed\xec\x9a\x6f\x53\x4e\x78\xc6\x84\xc9\xa2\xcf\xed\x69\x0d\x44\x3f\x43\x8b\xee\x02\x0c\x75\x81\xe9\xa5\x5c\x4c\x3e\x1d\xf0\x8c\x3a\x24\x5e\xd9\x51\xb5\x59\x55\x3e\x17\xb0\xa9\x56\xc6\xf8\x6b\xa7\x4f\x28\x73\xf7\x4f\x8a\x48\xb9\x83\x01\xe6\x22\x44\x47\xa8\xe6\x5a\x2f\x6e\xda\x12\xf9\xcb\xf9\x23\xf5\x9e\x50\x13\x6a\x0e\x0b\xbb\xd7\xb8\x38\xa0\xb3\xf4\x1d\x36\x0f\x9e\x39\x85\xf0\x05\xc6\xc3\x51\x1a\x79\xfb\x44\xc4\x4f\x6f\xdc\xf1\x6d\xc4\x4e\x0e\xc9\x0c\xc2\x44\x2f\x6a\xe5\x1c\xfb\x3a\x10\xb2\xb8\x1e\x96\xca\xf5\xc9\x95\x25\x19\xcf\xab\xcb\xbb\x85\xa8\x6d\x3a\x2c\x15\xd9\x35\xc9\x17\xfd\xf4\x51\x94\xf4\x20\xba\x94\xe0\xd2\xfb\x80\xe2\xe7\xf8\x65\x7b\x74\xaa\xd8\xce\x9b\xf2\x50\x44\xa2\xf8\x6f\xe6\xa5\xbc\x03\x61\x70\xe9\xa4\x12\x49\x45\xd3\x43\xd9\xbe\xc0\x6e\x66\x36\xeb\xa1\x01\x15\x92\x77\xdb\xc2\xfc\xb3\x3c\x88\x5e\xc5\x88\xe4\x99\x98\x1f\x90\x8b\x16\xc9\xe2\x44\xdb\xfb\xd4\xea\xd8\x1f\x64\x54\x99\xac\x60\xc9\x0e\x29\x47\x0f\xac\xa4\x6b\x71\x5c\xd6\x58\x8c\x01\x4a\x93\x3e\x9c\x3a\x25\xf0\xb2\x4e\xf7\xd7\x40\x44\x45\x03\x05\x65\xfc\x92\x76\x37\xa6\x3d\xcc\x8c\x69\xb6\xff\xe2\xe3\x1a\xba\x66\xfe\xc4\x21\xfe\x40\xc3\x5b\xd6\x75\x5e\x69\x2b\xd6\xd8\x6a\xc2\x7f\x2f\x9d\xd7\x86\x9f\x63\x9f\x2f\x9a\xa0\xdf\x70\x3f\xb5\x92\x56\x8c\xbe\xbd\xc0\x9a\xbe\x17\xce\xaf\x5e\x95\x98\x08\x74\x51\x06\x9b\x44\x88\x3c\x6a\x2a\x31\x4f\x37\xca\x3a\x9f\x67\x6a\x3d\xd2\x06\x6c\x6f\xd0\xe4\xd7\xaa\x3f\xac\x32\xd3\xdd\x82\x9d\x20\xf0\x04\x7f\x89\x5b\xae\xde\xb5\xbc\x8c\x2c\x36\x09\xcd\x2e\x06\x59\x48\x11\x76\x28\xa3\x31\x4a\xe5\x6d\xc1\xa1\x20\x54\x9c\xa7\xf1\xa1\x00\x0e\xde\x19\x97\x55\xc5\x71\xeb\xc8\x90\xc7\x4b\xc3\x7d\x8c\x2e\x46\xcc\x39\xfb\x14\xe4\xb5\x20\x74\x6e\xe5\x06\x05\x2e\x15\x1a\x3d\x13\xd8\x5a\x7e\x58\xb8\x68\x48\x82\xe2\x8a\xe4\xdf\xdf\x1c\xe0\x14\x29\xde\x45\xb2\xd0\x0d\x75\xdf\xfa\xa6\x72\x33\x12\x28\x3f\xb8\x88\xd8\x25\x2a\x31\x1f\xea\x16\xb1\x73\x76\xc9\x74\xdc\xfa\xd2\x30\x4a\xef\x20\xb6\xbb\x50\x9e\x42\x24\x29\x36\x36\x6c\x55\xdb\xed\x94\x9a\xff\xf4\x81\x2e\xa7\xe0\x24\x8b\x38\x5b\xaf\x16\x5b\x13\x13\x28\x51\x6f\x81\xc0\x39\xd7\xad\x26\xe7\x6b\xed\xf7\xd2\xe5\x15\x25\x86\x4d\x2f\xe4\x31\x7e\x41\x7a\x02\x2c\x18\x69\x71\xb1\xdc\x75\x2b\xab\x5c\x7d\xb5\x64\x81\x08\x30\x59\xa2\x07\x40\x8e\x78\xec\x70\x2e\x16\x66\xe5\x5b\xf4\x49\xb0\x99\xf3\x2a\xd4\x39\x74\x0b\xce\x5a\xf0\x1e\x5c\x05\x77\xce\xb2\x7e\xdd\x63\x40\x1f\x3c\xc0\xa5\xae\x2b\xb1\x4b\x34\x40\x72\x69\x8c\xa2\xd2\xdd\xe1\xa0\xbc\xd1\x6a\x79\xe7\x92\xc0\xa2\x19\xbc\xa2\xce\xc7\x02\xee\x94\xa0\xb4\xc2\x09\xac\xff\xe3\xc2\x7f\xef\x29\xc9\x30\x52\x81\x07\x70\xfc\xac\x1e\x74\x02\x34\x23\xf0\x94\x54\x26\x1d\x29\xa4\x34\xa5\xde\x3d\xdb\x05\x5f\x7a\xa2\x6a\xce\x6b\x57\xe4\xf4\xdd\x37\x8d\xe4\x4c\x96\x22\xb0\xa9\x7b\xd0\x5f\xc1\x41\x82\x9d\xa4\xe1\xf0\xc7\x99\xbb\x32\x77\xce\x34\xaf\x6a\xbb\xb6\xc7\xdd\x72\xb0\x5e\xb9\xd0\xa6\xc2\xa5\x82\xdb\x53\x07\x93\x78\x67\x89\x04\xb8\xc2\x29\xd2\xbd\x1a\x2d\x6e\x05\x00\x7a\xbd\xf3\xdb\xe0\x15\xdd\x70\x20\x43\x40\xb7\xdb\xf1\x1d\xc9\xba\x67\xa6\xcb\x03\x60\x41\x5f\x68\xee\x28\x41\x8a\x4b\x59\xa0\x32\xd0\x06\x84\xd7\xea\xb0\x87\xc4\x29\x09\x65\x1b\xf4\x92\xfe\x99\x74\xb6\xbd\xc7\x26\xbf\x22\xc1\xe9\x56\x9b\x28\xbc\x85\xa2\x92\x7c\x4b\xe9\x72\xf7\x7f\xac\x67\x77\x69\xc6\x0c\x46\x1b\x92\xc7\x0b\xf0\xd5\x91\x2f\xc4\xba\x72\xc7\x01\x89\x62\x2f\x44\xc9\x5b\xd8\x46\x72\x17\xe5\xe7\x0b\x39\x4a\xc9\x99\xe4\xe8\xae\xea\x70\x3f\xf6\x26\x2c\xb6\xd1\xc7\xde\xaf\x29\x21\xd6\x27\x67\xce\x7f\x8c\x3d\x88\xfc\xbb\xc2\xe5\xb2\xa6\x3d\x62\x74\xc9\x2b\xcd\x3f\x6b\xfa\x3e\xe3\xa5\x76\xfe\x27\x79\x28\x65\xf0\x1e\x44\x99\xd7\x71\xba\xcf\x91\x05\xf0\x9f\xce\x55\xaa\xdd\x50\x23\xa0\x53\x95\xac\x5a\x68\x98\x3e\x80\xc1\x72\x4e\x1c\xfd\x70\x40\x69\x2b\x3f\x37\x02\xcd\xec\x3c\x98\x26\x26\x07\x2e\xbc\xb0\x96\x95\x4a\x93\x3c\x78\xe4\x85\x78\xaf\x5b\xbe\xc2\xbe\x61\xc5\xf5\x33\xd2\xa8\xb0\x89\x7e\x8a\xbb\x5f\xbc\xc5\x16\x30\x59\x58\x74\x47\x8f\x0f\x4d\x68\x19\xa7\xd7\xaf\xe1\x4c\xd6\x81\x97\x5b\xfa\xe2\x7e\xdd\x5a\xda\x4b\x2d\xaa\x2b\x0c\x38\x7c\x24\x6b\x3a\x6e\xab\xc8\xae\xf8\x4f\xa9\xbb\x56\x98\xdc\x73\x47\x00\xb0\x6a\xe1\xec\xf0\x95\xce\x8d\x55\xfc\xac\x46\x7b\xf6\x8d\x66\xc4\xb2\xea\x42\xcb\x6b\x53\x6f\x1d\x00\x0a\xfb\xf7\xf8\xc1\x50\xfa\x5b\xf0\xcd\xb8\x49\x08\x81\xe7\x17\x2f\x5d\x5a\xd1\x56\xab\xa0\xec\x50\x78\xda\xb8\x80\xb4\x08\x84\xe4\x1d\x48\xf0\x33\xa2\x8c\x50\xe5\x7e\x91\x5d\xba\xef\x08\x39\xba\x01\x10\x7e\x72\x49\xe5\xea\x39\x11\x9d\x99\x30\xbb\xcd\x98\x61\x54\xd7\x0b\x7a\x86\x89\x84\x71\x10\xfd\xe5\xce\x68\xeb\xf5\x55\x4f\xda\x3d\xfb\x24\x60\xe5\x36\x68\x97\xaf\x9b\xa5\x8d\x9e\x6d\xff\x90\x07\x84\xb9\x17\x96\x9d\x9b\x2e\x07\xcf\x44\x20\xef\x2d\xb5\xef\xfe\x57\x51\x8e\x73\x53\xbc\x63\xd2\x7b\x02\x56\x50\xc6\xe6\xcf\x6f\xa1\x74\xbe\x30\xa8\xb6\xe1\x2b\xea\x4c\xad\x85\x92\x34\x1c\x85\xc1\xa8\x64\x17\xf5\x6f\x27\xa3\xd2\xc6\x63\x70\x64\xe1\x39\x31\xdf\xee\x36\xc6\x73\x9c\xfa\xa1\xd9\x90\x2d\x08\x62\xfd\xfd\x1a\xa8\xb7\xa1\x61\xb0\x85\x8e\x39\x05\x29\x29\xdc\x00\xce\xa5\x69\x1d\x78\x45\x4f\xa3\xe6\x34\x63\x49\x2e\x38\xfb\x1a\x1e\xca\x8c\x57\x89\xc1\xa7\xc5\x78\x23\x5f\x11\x58\x63\xd9\xe9\x79\x1f\x02\xd0\xfc\xcb\x72\xb7\xc9\x52\x28\x35\x35\x57\x94\xa1\x1f\x00\xb2\x3d\xc4\x7d\xac\xdf\x9c\xa8\x0b\xd1\xd6\x86\xd5\x0e\x9e\x65\xcd\x4b\x64\x6a\x6e\x11\x98\xdc\xe4\x72\x06\x23\x14\xc3\x5d\xc9\x97\x53\xa6\xf2\x0e\x9a\x00\x1f\x71\xb8\xb6\x7d\x08\x35\x2c\xf5\xcc\xf8\xa0\xb7\x42\x44\x9c\x01\x08\x4a\x1d\x80\x4a\x03\x7e\x74\xf6\xa8\x6e\x2b\x74\xb0\x8e\xdd\xeb\x43\x5f\x5e\x07\x16\x13\x77\xcb\x59\xca\xb5\x60\x2d\x93\xc7\xbf\x16\xb5\x5d\xeb\xb9\x77\x22\x1f\x3d\xac\x57\x05\x89\x3e\xa9\x4b\x75\x07\xf6\xc3\x7f\x62\x0e\x4e\xae\x12\x74\x2c\x3a\xa1\x44\xcc\xd1\xdd\xbe\x8a\xdb\x7a\xef\x80\x0b\x7c\x2a\x9e\x1f\xb3\xc6\x46\x6c\x73\x5a\xb5\xcb\xd5\xe0\x74\x31\xd8\x9c\xa5\xc8\x6f\xe0\x6e\x8f\x06\x80\x75\xe8\x76\x1b\xd7\xa6\x8a\x06\x1e\xcf\x1f\xb0\x34\x5c\x56\xe0\xda\xc8\x39\x86\x40\xaf\x76\x04\x06\x02\x47\x89\x7f\xfa\x56\xbc\x49\x63\x97\xbd\xfd\x2c\xdc\x22\x8a\x60\x20\x6b\x3e\xaa\x79\xd9\x0f\xc7\x80\x26\x82\xf9\x9a\x8a\x3a\xa8\xa3\xbb\xee\x41\x34\xa5\xef\x4e\xd1\x4f\xac\x0d\x04\x18\x26\xe3\xd2\x39\x97\xd8\x5d\x40\x50\x55\x76\x18\x99\x6f\x00\x92\x6d\xf7\xe4\xa2\x58\x06\x75\x1f\xec\x31\x39\xd9\x02\xcd\xdd\x94\x78\x3e\x46\xf4\x47\x43\x82\x7d\x53\x5f\x19\xcb\x4d\xfe\xe9\xb1\xd4\x10\x39\xb6\x92\x1e\x2a\x63\x3f\xc8\x11\x70\x2c\x27\x0a\x04\x63\xd7\x82\xdf\x8a\x3f\xcf\x1b\xb9\x7e\x73\x5d\x38\xb0\x9b\x7e\xa4\x3d\xb2\xf7\x52\x97\x06\x05\xb5\x6a\xa7\x95\xa7\x80\x80\xc8\xe7\xd5\x2f\x56\x9f\xde\xb8\xac\xfb\xb6\x8d\xd8\x2e\x5f\xd0\x75\x30\xff\xc7\xba\xe1\x16\x7c\xce\x29\xe9\x50\x4d\xfd\xe2\x4b\x74\x95\x76\x9e\x55\xe4\xaa\x69\xa4\x04\x2b\x0b\x45\xdf\xdf\x8f\xb7\x97\x60\x47\xc7\xe4\xd3\xc3\x04\x34\xa3\x6c\x8e\xeb\x0c\x67\xbb\x78\xf5\x89\x77\x2c\x0e\x84\x66\xd1\xb1\xca\x0e\x84\xbe\xb2\x91\x30\x23\x04\x5d\xb0\xd3\xdb\x13\x91\xad\x6b\x1e\x97\xa9\xa6\x17\x8f\x93\xf6\x8a\x29\x43\x60\xf7\x88\xf0\xc2\xd2\x29\xa0\x32\x7f\x8f\xed\xdf\x3c\x5e\x74\x56\xf4\x33\xa0\x58\xae\xaf\x4f\x82\xa8\xad\x57\x03\xbd\xdf\x09\x34\x45\x8e\xe5\x8f\x51\x8d\xe9\x9a\xa4\x5a\xc2\x4f\x15\xcf\xaf\x0b\xdd\x06\xb7\x0f\x7e\xac\x83\x71\x0b\xf7\xa3\x40\xab\x7b\xb2\x6a\xc9\x6c\x41\x92\xbe\x05\x7d\xae\x05\xc9\x45\xb6\x8e\x4f\xc9\xdb\xd8\xb6\x93\x71\x50\xaf\x50\x09\x60\x9e\x41\xfe\x25\x61\x34\x74\xc9\x8e\x02\x76\x55\x13\xef\x81\x29\x8a\x5d\x55\x37\x97\x4a\x08\x98\xec\xad\x6f\x7e\xae\x1e\xf0\x35\x66\x56\x2f\x5c\x50\xeb\xbe\xe4\xdd\x5a\x58\x27\x68\x01\x45\xbd\x13\x05\x20\x77\x33\x21\x6a\x8e\x9c\xe3\x1d\x9e\x4b\xd3\x9d\xf1\xdb\x9a\x91\x34\x41\x97\x60\x06\xad\xc5\x2d\x62\x05\x42\x16\xd0\x40\xa6\x0a\x2b\xea\xa8\x17\xeb\xbc\xc3\xc6\x4b\x1b\x8f\x5a\x87\x10\x75\xb8\x89\xb6\x8c\xb6\x4a\x93\x36\x72\x28\xde\xf5\x86\x14\x26\xbc\x20\xeb\x9d\x38\xed\xc8\xc9\x3c\x30\x65\x24\x00\x4c\xae\x4d\x5e\x44\xd9\x2f\xa6\x93\xa3\xda\xf4\xe3\x9e\x12\xa7\xcb\x9e\x8c\x8b\x0f\x43\xb3\x03\x79\xf2\x4a\x8a\x31\xfa\xc5\xb9\x4a\xa8\x69\x02\x12\x6e\xaf\x31\x1d\x6d\x13\xf2\x49\x6b\x15\xb1\xbc\x19\x9a\x2e\x00\xa2\x5e\x61\x07\xdf\xbb\xda\x2f\x74\x17\x4f\xe1\x12\xb2\x9b\x47\x96\x3b\xa0\xec\x71\xd3\x1b\x71\x9d\x57\x8d\x06\xc4\x18\x86\xca\x47\xb7\x9b\xf0\x2b\x43\x2f\x94\xa4\xd9\x95\x72\x7f\x83\xe1\x85\x68\x87\xf7\x48\xbc\x5c\x3d\x4a\x9c\xdb\xfa\xcd\x3f\x84\x5e\xf8\xe3\x5f\x9d\xd9\x53\x7a\xce\x7c\xe5\x69\xed\x64\xd5\xea\xf5\xfb\x2a\x92\x30\xe6\xa6\xac\xf1\x83\x21\x21\xce\xed\xea\x02\xa5\x36\xf9\xa6\x7e\x47\x08\x98\xe6\x9a\xf2\x6e\x0e\xe4\x26\x28\x6c\x99\xfa\x9c\x16\x22\x2a\x4e\x14\x8f\x51\x11\xa1\xf3\x0b\xc4\x00\xf5\x3e\x42\x88\xae\x2a\x09\xd0\x3d\x3b\xe1\x44\xdd\x04\x2d\x20\x50\x93\x61\xf7\x26\x0a\x37\xca\x8b\xa9\x35\x2e\x81\x68\x0a\xa3\x80\x6d\x43\x28\x67\xa6\x93\x33\x7a\x70\x40\x9d\x3c\xed\x51\x2a\x4a\xaa\x29\x8b\x23\xe5\x00\x20\xcb\x3a\x7f\x2d\xf1\xd9\xb3\xf8\x11\xb2\x31\xfa\xdd\xb9\xcc\x1d\xe4\x44\xdf\x20\x49\xe6\xc7\x09\x74\x82\x02\xe5\x52\x0c\x08\xac\x72\x26\x63\x2a\x04\x71\x2f\xbb\x1e\xd5\x59\xb6\x74\x08\xba\x32\xe9\xd7\x85\x12\x58\x22\x74\x72\x88\xa6\x47\x0d\x91\xd5\xfe\x59\x28\x4c\x3b\x7e\x25\x4c\x17\x95\x8c\x3b\x96\x1b\x12\x8a\xbd\x20\xef\x02\x74\xb5\xe0\xf2\xca\xf8\x85\xe0\x5a\x99\x00\x8e\x9b\x0c\xac\xe3\xb0\x5e\xe8\x06\xb1\x6c\x08\x96\x8c\x42\xb8\x6e\xe3\x97\x16\x8a\xe9\xab\x91\x76\x09\x04\xc6\x71\x79\xc8\x33\x2d\x85\xf0\x96\x5c\x19\x46\x01\x2e\xf3\x68\x2e\x75\x9e\x5a\x4b\xdc\xe3\x2e\xbd\x01\x24\x97\x62\x73\x73\x2a\xdd\xe2\x39\x52\xe4\x9d\x5c\xd7\x2e\xa3\x3f\x46\x97\x86\xa1\x52\x06\x15\xa4\xcf\x3f\x31\xa5\xaa\x68\x3f\xc9\xe3\x1b\xbd\x64\x1f\xbb\x06\xac\x56\xa8\xb0\x3c\xb4\xb4\xca\xc8\x1a\xc9\x03\xa1\x71\xf0\xc5\xf3\x77\x52\xde\x20\x08\x82\xa8\xed\x71\xd6\x6c\x7c\xa5\xc3\x40\x7e\xac\x65\x23\xee\xfa\x85\x62\x99\x3b\xe7\xd6\x25\x0c\x87\x35\x9d\x96\x54\xdc\x12\x31\xd5\x07\xba\x44\xa4\xe2\x7c\x8c\xec\x17\xc7\xfe\x52\x8b\x50\x7f\xf5\x37\x1f\x48\xfc\x8c\xad\xea\xb9\x61\xb8\xd0\x29\xc4\xba\xae\x83\x01\x80\x14\x9a\x3d\xe0\x75\xa2\xd9\x6e\x91\x07\x6d\x79\x11\xec\x45\x3f\xc7\xf7\x03\x89\xc5\x22\x16\x2a\x24\x7b\xdf\xd2\x9b\x28\xce\x6d\x46\xd6\x3d\x92\x76\x09\x54\xf8\xd9\x2d\x3b\x79\xa2\x95\x67\xd3\x4f\xfd\xb9\x4f\x8b\x03\x2a\xc3\x4e\xa7\x00\x2e\xc2\xa2\x8d\x41\xb4\xdf\xa8\xef\x86\x72\x43\xaa\xc5\x95\x06\xc0\x8c\x25\xbf\x00\x27\x0c\x64\x22\x71\x53\x50\x80\x96\x7f\x2c\xc6\xe2\x65\xee\x00\x24\x12\xa6\x86\x88\xc3\xa8\xbc\x30\xa7\xd4\x17\x6e\xbd\xb2\xd0\xd5\xef\x17\x99\x5b\x81\x3e\xc2\x64\xc0\x69\x5d\x56\xbe\x9f\xa9\x23\x93\xd0\xa6\xf8\x0e\xc8\xba\x47\xb1\x66\x9a\x91\xf5\xee\xdf\xf6\x8d\x6f\xc3\x69\x82\xce\x22\x89\x58\xb7\xf5\xd9\xff\x75\x22\x18\xf1\x36\x1e\xd9\x3a\x15\x9d\x39\x15\xcf\x6d\x21\xca\x69\x26\x76\xc5\xa4\x20\x4b\x7e\x96\xcb\x0f\x74\x0e\x95\x3f\x3b\xfd\x52\x18\xac\x50\x37\xc0\x2d\xe7\x23\xc8\x02\xfd\x1e\x92\x09\x33\xd2\x9a\xde\x22\x0d\x83\xb3\xdb\x5d\x57\xf8\xc2\x0c\x3c\x23\x86\x25\xd9\xdd\xc1\xe5\x42\xc6\xfa\x0d\xa7\xea\xa0\xaf\xb6\x87\xec\x1e\x1c\x43\x84\xd6\x5c\x97\x2d\xad\x65\x81\xa7\xec\x2b\x4f\x79\xf9\xd3\x71\x8a\x2e\xef\x78\x26\x0c\xf5\x18\x89\x34\x1c\xae\x3b\x46\xb4\xc5\x10\x91\x3d\x1b\xbf\x72\x59\x03\x8e\xd3\x03\xc9\xb9\x26\x1c\xd8\x59\xc8\x7d\x75\xfa\x3b\xf9\xd9\x37\xbc\x10\xee\x26\xd5\x7b\x55\x5d\xd8\x36\x38\x37\x08\xbc\xe2\xd1\x46\xeb\xaa\x3b\x0f\xe1\x2b\xe3\x1b\x88\x54\x66\xee\x7c\xed\x1a\x10\x5a\x1b\x04\x2a\xc1\x26\x4c\xed\x31\x46\x34\x43\xb6\xe2\xea\x70\x51\x91\xf5\xfa\xda\x43\x2f\xd1\x17\xea\x89\xe6\xf0\xd7\xa4\x1e\xdd\x70\xfe\xa0\xb8\xfe\xa0\xa4\x74\x79\xad\x1b\x68\x3f\xab\xb1\xac\x62\x33\xff\xb7\x17\x79\x5a\xfe\x1d\x04\x61\x6e\x33\xf1\x37\x59\xe7\xb4\x12\xe6\xb1\xa5\x48\x47\x81\xe6\xef\xba\x6b\x38\x3b\xd6\xca\x76\x52\xeb\x0f\x1c\x91\xbd\x93\xb9\x1f\x34\x98\xd9\xdf\xb4\x66\x07\x52\x0b\xe6\x3b\x6d\x00\xa9\xf4\x53\xf1\x3b\xbe\xc5\x1c\xe6\x34\x3c\x2f\x94\xe4\x80\x22\xd9\x91\x54\xf6\x05\x41\x3a\x80\x4b\x53\x5f\xbd\xd3\x3f\x01\x5a\x0d\x67\xb5\xd8\xef\x5c\x7e\x02\x2b\xbb\xc2\xe3\x1b\xea\xd7\xe8\xe0\x19\xb7\xe5\xfc\xdd\xa1\x76\x10\x7c\xe2\xa5\xcd\x4d\x55\xe4\x81\x90\x38\xf0\xed\x1a\x4f\x89\xc9\x18\x0c\x4c\x94\x61\x44\xe9\xcd\x2d\x83\x5c\x6e\x1c\xa6\xe3\xb0\x6e\xc1\x0a\x97\xd7\xf4\x2a\x41\xdf\xea\xb5\x24\xb2\xbb\x35\x3d\x8d\xec\x0a\x03\x34\x28\xd4\xc4\x91\x93\xa2\xe6\xbc\xb8\x17\xb6\xc3\x03\x21\xff\x9a\xb2\xd0\x76\xdb\x82\x65\x07\xf2\x96\xfa\xf4\x73\x8b\xc8\x87\x1b\x8f\x40\x5c\xce\x5e\xb5\x16\x3b\xb5\x16\x07\xc0\x6a\x83\x69\x90\x0e\xc2\x60\x48\x02\xb8\x88\x42\xa8\x90\x02\xb8\x8a\x6e\x9d\x65\xfe\xbf\x95\x40\xe5\xfd\x5d\x10\x65\x15\xab\x6c\xc9\x1d\x5e\xab\xc4\x79\x4b\x8b\xb0\x16\x26\x58\x4a\x1e\x03\xf2\xc7\xd9\xb2\xd8\xaf\x05\xe6\x6f\x19\xd9\x37\x12\x45\xcd\xea\x88\xbc\x57\x6e\x23\x5c\x7f\x43\x12\xfe\xc5\xa4\xc9\x36\x36\xe2\xc6\xc8\xb1\xa4\xb7\x81\xd5\xac\x20\xc4\x62\xb3\xa9\x6f\xe8\x99\xc0\xe5\x7c\x39\x7d\xe2\x95\x5f\xfc\x1c\x3b\xf4\x63\xc9\x11\x96\xdf\x37\x3c\x30\xd5\x5f\x35\xeb\x13\x80\x2a\x08\x28\x2e\x3b\x4f\x3e\x29\xd4\x6b\xb9\x8f\x2c\xb1\x58\x8e\x64\xc5\xdc\x2b\xbe\x78\xae\xcc\x0e\x08\x9b\xb3\x10\x4f\x9a\x1c\x37\x41\x95\xc6\xe7\x42\x8d\x3c\xcd\x1c\x23\x43\x5d\x93\x1e\x62\xfb\xc4\x47\xa4\x5a\x40\x65\xfc\xee\x5a\xd8\xb7\x9f\xf4\x73\xfc\xe0\xef\x12\x9d\x3e\x41\xc1\x8f\x72\xe9\x10\x9f\x36\x02\xe8\x93\xbf\xff\x88\xce\x9c\x48\xcd\x80\x82\x36\x44\x57\xd2\x5c\x97\x6f\x5f\x7d\xeb\x2f\xe5\xd2\xfd\x3e\x4a\x79\x1d\xd9\x1c\xae\xa6\x2c\x38\x51\x7b\x1d\x68\xe0\x72\x97\x59\x65\x99\x00\xce\xa3\xce\xf5\x83\x82\x9f\x79\x2f\x61\xe2\x78\x07\xac\xbf\xc8\x61\x88\x05\x26\x64\x7b\xa3\x59\x21\xc1\xff\xb8\x8b\x08\x87\x25\xe6\x38\x1b\x70\x46\x7d\x2c\xe8\xf3\xf7\x9d\x7f\x6b\xca\x5b\x28\x82\x77\x03\xec\x2f\x47\x77\x0f\x05\x12\xe7\xb5\xbd\xd8\xc8\xaa\xee\xa4\xd4\xe2\x5a\x98\xdf\xd5\x06\xf8\xb1\x9b\x52\xb6\x54\x16\xcf\x30\x95\xc3\xf6\x57\x2d\xb1\xfb\x07\xc4\x4f\x5a\xc7\xd2\x43\x55\xbf\x25\x1d\x97\x30\x18\xec\x37\x1b\x96\x30\x08\x32\x00\xd6\xea\x16\xa0\xba\xc2\x62\x7a\xc1\xb6\x7f\x2f\x51\x54\x47\x47\xaf\x9f\x21\x7e\xa5\xe2\x70\x72\x82\xee\xc8\x15\x94\xf9\xf2\x56\x00\xa6\x20\xf6\x3b\xfe\xdb\xc3\x1f\x8f\xca\x8e\xa4\x86\xa7\x3f\x86\x27\x7c\xfa\xa7\xc3\x46\x11\x05\x10\x65\x31\x3d\x9b\x0c\x4b\x1a\x32\x56\x44\xe9\xbc\x8d\x1a\x5f\x8e\x3a\x81\xbf\xd4\xf1\xb8\xac\xf1\xa8\xba\x53\x02\x19\x4a\xd2\x86\xc3\x9c\xe1\xb9\xef\x96\x42\x74\x00\xe0\x0f\x15\x4d\x88\x83\xf9\x06\xba\x2d\x8c\x94\x4d\xe3\xe7\xfc\xab\x0f\xdf\x77\x22\x2f\xb4\xc9\x5f\xd5\xcd\xe8\xaf\xc5\x61\x11\x37\xaa\xdd\xfc\x66\xb4\xd1\x3b\x16\xea\x4f\x00\xc4\x6c\xa5\x73\x20\xd8\xa8\x4c\x5a\x00\x2e\xd8\x7a\x88\x5f\xd2\xef\xd7\x40\x4d\x35\x75\x08\x4a\x6b\x4a\xd5\x91\x8e\xf0\x01\x96\x99\x21\xbe\x0d\xdb\xfb\xb5\x2f\x34\x2e\x95\xee\xf0\x2a\x7a\xf1\xa1\x71\xb6\x7f\x0c\x22\xd0\x67\xbf\x87\xfc\x08\x5a\x77\x66\x87\x15\x7b\x55\xfe\x6e\xda\x71\x95\xf6\x7d\xe3\xc4\xc3\x25\x50\xe0\x89\x6a\xc2\x4f\xaf\xc7\x4f\x8f\x02\x78\x00\x4c\x29\x10\x97\x54\x7c\xd9\x91\x74\x4c\xce\x2c\x84\x97\x34\x1c\x96\x24\x1c\x9a\x38\xd6\x93\x3c\x5e\xdd\x61\xb1\xc5\xb5\x28\xbb\x98\x71\x91\x41\x60\xb0\xc2\xac\xf9\xf1\xa1\x2d\x0f\x3a\x9d\xf5\xf6\x5c\xae\x92\xad\x98\x02\xac\x6a\xa3\x83\xd5\x90\x6c\x02\x4d\x89\x42\x72\xb0\xcf\x91\x13\x7c\xc0\x45\x07\xe0\x6f\xc7\xd7\xb8\xad\xc5\xae\x7c\x69\xb3\xbf\xb9\xcc\xcc\xaf\xa6\xaa\x4a\x16\xdc\x8b\xd5\x33\xf3\x15\x5c\x47\x4f\x78\x63\xa8\xb0\xd6\x76\xdb\x82\x18\x2f\x2c\x70\x53\xe4\x8a\x7e\x1b\x98\x2a\xb2\xc7\xc6\x9a\xb3\x23\x8e\x8a\xc4\x6e\xf4\x4e\x60\xfd\x03\x38\x3a\xdd\x59\xd6\xa6\xac\x15\x4e\xe9\xe9\x52\xf0\x31\x1e\xf7\xb5\x8f\x6c\xff\xc7\x3a\xf9\x15\xc9\x7c\x40\xb3\x3d\xf9\xeb\x76\x5e\x66\x3a\xb7\xe0\x1f\xa9\x6c\xe4\x16\x4a\x32\x63\x04\xfc\xdb\xa9\x30\xda\x62\xc9\xcb\x0b\xb7\x75\xa4\x3d\xdf\x05\x41\xb2\xcd\xd4\x77\x9f\xc3\xc1\x89\xf7\x50\x0b\x4e\x28\x33\xc6\x37\xf0\xf7\x4f\xff\x0c\xc8\xf5\x3f\x06\xdf\xab\x0c\x29\xce\x6e\x71\xdc\x76\x8a\x10\x72\x14\xdb\x1b\x0a\xa3\x25\x2d\x87\x59\x75\x35\xcb\x55\x59\x40\xe2\x6e\x10\x5d\x9f\x44\x7f\xfd\x41\xf1\x9e\xb1\x65\x6e\x4f\xb2\x21\x6a\x8c\x4c\x0c\x14\xd0\x71\x93\x41\x89\x63\x40\x06\x94\x9a\x27\xaf\x44\x83\xa0\x0b\x92\x06\xfa\x8e\x22\xc9\x01\x3f\x63\x6e\x68\x42\x34\x9b\x2d\x3c\x4f\x34\xf7\x1c\xa1\xec\x93\x69\x4d\x34\x8a\xf2\xf2\xdf\xcc\x88\xce\x6a\xb0\xfd\x41\x65\x6d\xd5\xc6\x14\xfe\xd7\x82\xb8\xfb\x66\x87\x39\x91\x90\xa8\x80\x16\xfb\x78\x3e\x7c\xc4\xa5\x21\xd5\xf6\xd3\x8a\x9c\xcc\xb1\x58\xd7\xac\xcb\x9c\x8e\x4f\x7e\x8d\xea\xb8\xcc\x69\x61\xea\xd9\x1f\x9f\x0a\x0b\x35\x55\x2b\x4a\xfa\x81\xe2\xee\x5b\xfa\xa4\xc5\x89\x64\xde\x45\x16\x23\x7a\x90\x16\xd7\x48\x0b\xa7\x1f\x08\xc5\xc2\xc5\x0a\xa7\x58\x19\xfa\x75\x17\xd3\xcf\x70\xd9\xa1\xae\xd8\x6e\x2b\x95\x96\xd5\x4d\x1f\x0d\xb2\xcb\x6b\xc1\xd4\x8a\xfc\x1c\xec\x76\xe4\x74\x59\xd3\x11\xcf\x19\xfc\xd5\xd7\x72\x5c\xd6\xb4\xe9\x83\xdf\x99\xad\x64\x1e\x8e\xcb\x92\xa4\xe1\xbe\x31\x0f\xf6\x9b\x57\xbd\x55\x5c\x09\x94\x9a\x30\x69\xd3\x7a\xdc\x42\xc3\x88\x08\xf2\x8d\x47\xf8\xb0\x91\x54\x16\x7f\xb3\xa1\xac\xd5\x45\x83\x2a\xee\xee\x8c\xe1\xd2\xe5\xc9\xb3\x7f\xcc\x4c\x8f\xc1\xa5\x44\x43\x92\x8a\xcd\xee\x31\xc4\x8e\x3f\xc7\xa9\x3d\xa1\xd2\x48\x9c\x2c\x33\x7d\x74\x59\x13\xa4\xf3\x0c\x3a\x7d\x09\xee\x05\x3f\x57\xc8\xae\x57\x78\xf7\x4d\xfd\xd7\xeb\x79\xba\x08\x83\x73\xe3\xd9\xb0\x96\x61\x48\x42\xfa\xca\x90\x29\x3b\x20\xf2\xe0\x1e\x19\x27\xc2\xf1\xee\xea\x1d\x27\xd2\x71\x59\x9b\xde\xf9\xa5\x6e\x2b\x41\x74\x15\x05\x70\x11\x68\x6e\xbf\x30\xb0\xa5\xf5\xa6\x08\x30\xb2\xec\x62\x14\x60\xe1\xd2\x47\x71\xeb\x31\x42\xa9\x2c\x48\xbc\xf2\x6b\xb6\x01\xa1\xc3\x01\x2f\xf9\xb6\x89\xa3\xdf\xb7\x13\x25\xc1\x3e\xb5\xf6\x92\xe6\xe4\x15\x00\x58\xbe\xd5\xe7\x8f\xed\x8b\x61\x43\x9c\x76\x45\x4a\x95\x91\xa9\x4b\x92\xd2\xc6\xa1\xc8\x2a\x7d\x5d\x1e\x20\x49\xf3\x00\x06\x52\xac\x74\xb2\xf3\x64\xe1\x0f\x65\xf0\xc9\x4e\x17\x18\xa1\x8b\x51\x44\xc0\xe6\xb4\x12\xe3\xc2\xd8\xff\x3c\x64\x6e\x5d\x5c\xdc\x72\x8c\xaa\x6f\x29\x7c\xf8\x42\x77\x47\xd8\x1e\xdd\x60\x22\x0f\xa2\x28\xd8\xa7\x18\x25\xed\x3b\x79\x0b\xd9\xe7\xdb\x58\x48\x2c\x52\x9c\xdf\x86\x16\xd2\xbf\x73\x72\x7e\xf9\xb3\xb0\xd1\x88\x95\x83\xe2\x0e\x83\x1b\x11\xae\xd7\xff\x79\x43\x57\xea\x28\xb1\x2f\xb5\xa7\x54\x28\xb0\xa2\x33\x1b\x12\xd8\x48\xa8\x06\xe1\x62\xa1\xd8\xc2\xb4\xf1\xa1\x50\x3d\x57\xe4\x57\xde\x0f\xc1\x81\xc2\x8e\x73\x6c\xcc\x53\x44\x47\xdf\x00\x4b\x02\x65\xc0\x16\xfa\x3f\xc4\x9c\x55\xae\xa9\x11\x85\xf3\x92\x31\x33\x46\xe1\x1e\x81\x96\x6d\x44\xe6\x15\x3b\x80\x8e\x43\x1d\xf9\x12\x0a\xf3\x7f\x4f\xa5\xf5\xfd\x4e\x49\x2d\x48\xd1\xe2\x10\x7b\x39\xe0\xc8\xe0\x0f\x6a\x38\x4e\x36\x0d\x3e\x80\xe8\x93\xac\x50\x9a\x89\x39\xce\x34\x90\x4e\x40\x2a\x12\xd9\x82\x63\x0b\x08\x2a\x21\x8c\x04\x04\x8f\x07\x3f\x10\xb2\x6c\x44\x64\x53\x2a\x5d\x66\x65\x8d\xbb\x7b\x79\x36\xfc\x43\x53\x49\xd7\xcf\x87\x26\xb1\x1d\x0c\xbe\xf5\x82\x61\x55\x21\x1f\xf4\xd5\x1a\xf1\xab\x61\x7c\xa3\x1f\xb2\xe2\x42\xdf\x94\x2e\x65\x01\xe8\x15\xf0\xc3\x29\x52\xab\x94\x4a\xe1\xd1\xa1\x2e\xdc\x7a\x5c\xda\x38\xd6\x09\xf7\x77\x87\x4c\x2c\xb2\x6d\xcd\xe3\xca\xf4\x1a\x5c\x13\x1e\x5b\xba\x5b\xe3\x4f\xa0\x4a\xf3\xc5\x95\xdf\x9f\xef\xfb\x53\xcc\x5a\x96\x55\xae\x5e\x3b\x67\x06\x39\x44\xd0\x6d\xe7\x77\x5b\x70\xe4\x11\x0b\x37\x7a\xf4\x43\xc6\x1a\x68\x6e\xbc\x1e\x08\x51\x80\x16\x5b\xb2\xa3\x38\x05\x14\x06\xc1\x55\x08\x96\xc1\x04\x29\x58\x79\xad\x2f\xaf\x4e\x49\x95\x6a\xd4\x68\xf3\x76\x03\xba\x31\xc9\xde\x03\x95\xde\xf0\xee\x23\xe1\x57\xe2\x6a\x81\x07\x81\xd6\x03\xde\xb7\x9f\x44\xc1\x93\x5b\x22\xa7\x6e\x8f\xc8\x3f\xa6\x10\xce\xab\xda\x62\x85\x25\xb6\x99\x49\x75\x98\x3a\x64\xd1\x03\x7a\x1b\xe1\x88\x12\x68\x75\xd0\xcc\x1b\xc9\x0c\x3e\x62\x6d\x6e\xa2\xe3\x27\x5c\x71\x36\x2e\x36\xff\xcd\x57\xf7\x60\x24\x9b\xd6\x58\x66\x0d\x4f\xe0\xd9\x70\xc7\x43\x82\xbd\x87\xca\x94\x3c\x05\x02\x1a\xad\xd0\x3a\x56\x92\xf1\x29\x01\x79\x9d\xfa\xee\x6b\x2b\xb7\x2a\xed\x60\x40\xa2\x8f\xd3\x4b\x87\x57\xc4\x32\x32\x5b\x5e\xb2\x67\x4d\x28\xc1\xaa\xcd\x98\xca\x9d\xf1\x10\xa3\x34\xa7\x42\x33\xb3\x5b\x9d\xd7\xb6\x30\x3b\x5f\xfb\xc5\x40\x54\x71\x04\xdb\x2f\x2a\x7d\x07\xba\x4c\x2d\x61\x3a\x2e\xb3\x86\x53\x40\xc7\xc3\x76\xa3\xf6\x9a\x18\x12\x37\x63\x8c\x9b\x0d\xd3\x95\x54\x73\xc2\xc7\xd6\x09\x56\xab\x2e\xff\x60\xb5\xb3\xcb\x70\xa8\xbe\xfb\xe6\xe1\x14\xa5\x38\xd7\x38\xf1\x34\xfa\x6f\x7f\xde\x8f\xb3\x9f\x50\xc1\x81\xa8\xe9\x60\x4e\x90\xe5\x5a\x8c\x3d\x33\xc5\xb8\xd2\xb0\x9a\x04\x3c\x71\x20\x15\xc9\x20\x4d\xef\xcd\x9c\xbc\xa7\x02\xce\x90\xc7\x7a\x55\x6c\x64\xf7\xf7\xb7\x0e\xe6\x97\x01\x58\x71\xff\x30\x1a\x41\x1a\x39\x49\x0c\x9f\x01\xe3\x3e\x5d\xef\x15\xcc\xed\xe6\xb7\xca\x34\xbe\x14\x41\x9d\x21\x64\xa1\x79\x0f\x78\x63\xf2\x66\xe4\x67\xf4\xe2\xf3\x2a\x73\x55\xca\xa8\x1b\x0c\x80\xde\x44\x04\x9d\x56\xa5\xbc\xff\x8b\x78\xba\xa2\x7b\x76\x2e\x24\xef\x61\xa0\xfe\xc7\xda\xa1\xd4\xab\x26\x8b\x48\x44\x61\x4d\xb1\x5c\xa4\x5c\x7f\xdc\xbd\xc2\xc7\x76\x44\xf2\x40\x7b\xcd\x84\xc9\xfb\x71\x5e\xb7\xba\x7d\xeb\xbc\x93\x5f\x93\xf2\x73\x7f\xed\xdc\x93\xfa\xd7\xf9\x09\x6f\x3f\x8b\x61\xfb\x12\x3b\x0d\x08\xd9\xdc\x54\x52\x9e\xde\x8d\xe5\x9b\xea\x76\x5e\x2f\x22\xdc\x37\x16\x0d\xd2\x61\xdb\x4c\x94\x3d\x3b\x8d\xf6\x3f\xdf\xa1\x03\x9a\xd9\x61\xfa\x41\x17\x51\xf0\x54\xff\xee\xf9\x6f\xad\x36\x5c\x61\xb7\xee\x94\x4e\x85\x92\x06\x43\x2d\x9f\x49\x10\xf1\x4d\x9d\xf5\x4e\x0f\x15\x3c\xce\xfb\x22\x1f\x8c\x87\xaa\xb6\xf2\xf9\xf0\x7b\xfd\xe6\xe3\x48\x96\xa7\x25\x00\xea\x7d\xd8\xbd\xfe\xab\x3b\x2b\xfa\x6e\xb4\xe1\x05\xc1\x7b\xc3\xdf\x90\x65\xf4\x88\x18\xe5\x87\xed\x15\xc6\xb3\x27\xcb\x90\x5c\x52\x62\x0c\xb9\x23\x1f\xbd\x53\x0a\xd3\x35\x37\xa8\x81\xec\x5b\x47\xa8\x2f\xba\xfd\x92\x84\xce\xd8\x0d\xf2\x7c\x8f\xfe\x3d\x28\x6e\x78\xb7\xdc\xc6\x82\x7c\xdd\x5e\x58\x4d\x5a\x30\x26\xd2\xf5\x6b\xb9\x4e\x22\x38\xfd\xa0\xb9\xe8\x05\x53\x4d\x44\xd8\x1c\x72\x46\x5b\xdf\xea\x04\x0c\x5c\xb7\x88\x18\x7d\x11\xfc\x7c\xb0\x58\x98\xf4\xda\x02\x45\x70\xfc\xe8\x87\xe6\x3a\x1f\x5c\x16\xb6\x97\x26\x7c\x64\xa1\x7f\xb4\x7e\xaf\xb2\x4d\xb8\x0b\x95\x35\xb5\xf1\x68\x72\x75\x6c\x3b\xdc\x12\x87\xc3\x72\x46\x1e\xbe\xaf\x6d\x4c\xc8\x3c\x63\xff\x3e\x0d\x6a\x3c\xf5\xa5\x76\x8b\x34\xae\x8b\x28\xf1\x07\xab\xee\x5f\x61\xea\x5a\x92\x06\x35\xe0\xa4\x39\xd4\xff\x0a\x46\xa6\x8a\x98\x89\xad\xff\xe5\xbd\x5f\xc4\xe3\xf2\x13\x04\x3f\xef\x49\x5b\xe1\xe5\x9e\xd2\xf0\x1b\xbd\xea\xa6\xf8\xd4\x7a\x6a\x28\xd6\xdb\x3b\x28\xb5\x5d\x97\x79\x73\xec\x31\xf1\x03\x8b\x61\x5c\x47\xbf\xb2\x97\x32\x9b\x5b\x9f\x43\xcb\x5b\x20\xba\xff\x12\xa2\xd9\x5c\x5d\xeb\x9e\xb7\x5f\xd4\x98\xe3\x0c\x76\x33\x3e\x9a\xaa\xe4\x1b\x66\x05\x75\xec\x56\x22\x47\xd3\x7c\xeb\x11\xad\xfd\x46\xb2\x38\x8a\x12\x0d\x5a\xea\x1a\xe6\xb6\x34\x66\x82\xab\x63\x6b\x72\x97\x58\x02\x18\x17\xf0\xfa\x83\x31\x6e\xa5\x6a\x43\xde\x60\x23\x9b\xb3\xa2\x10\x3a\xb6\x9d\x66\x70\xb6\x7a\xf0\x3d\x67\x3f\xba\x5c\x01\xe6\xb5\x5e\x4e\xa6\xa4\x13\x7c\x1f\xff\x9a\x99\x27\x54\xba\x79\x0d\xbf\xa4\x16\xc8\x80\xd2\x47\xf0\xe0\x6f\x5d\x9a\x72\x60\x6c\xd7\xd4\x87\x4b\xbd\xb6\x43\x1d\xe9\xe6\x50\x64\xb4\x44\xee\x3d\xa1\xb9\x39\xf5\xa9\xf1\x17\x2f\x36\x11\xd9\xf5\x42\xb6\x59\x4e\xd2\xf6\xaf\x2c\xc8\xf3\xdb\x2f\x31\x2b\x90\xfe\x88\x36\xe2\x29\x2e\x82\x04\x6b\x46\xbc\x77\x7c\x1b\x1a\xc0\x89\xb6\x37\x35\x27\x92\x85\xa9\x27\xc6\x33\xf2\xbf\x7a\xb7\x92\x86\xf5\x2c\xb3\x4f\x53\x55\x5f\x11\x05\x14\xcd\x9a\x0e\x8a\xec\x50\x90\x93\x91\x24\xbd\xa2\x83\xb8\xce\x8b\xe7\x27\x16\x3a\x66\xbb\xa8\xc1\x58\xf5\xbd\xec\x4b\x08\x3d\xef\xd6\x38\x0c\xdd\x1e\xd4\xb1\x3a\xba\xe2\x93\x2b\x62\x0f\x6b\xe2\x83\xe6\x7b\xa6\x5d\x16\xff\x50\x40\xa4\x2d\x58\x1f\x2f\xe1\x25\xe0\x4a\x59\x7d\xb3\x90\xbe\x63\x84\x31\xe0\xd3\xb4\x9c\xcc\xb9\xc2\x0d\x48\x7f\x14\x58\x9c\xd3\x97\x3c\xee\x19\xf1\x0f\x84\x5b\x92\xf4\x2a\xd6\x85\x90\x95\x78\x12\x49\x6e\x73\x73\xf8\x97\x3f\x21\xb1\x34\x83\x51\xa9\xe7\xe3\xcd\x7c\x78\x96\x02\x19\x90\x69\x39\x89\x2e\x9c\xfa\x99\x52\xf4\x62\x3c\x4b\x70\x3e\x43\x3e\xf8\x5e\xe1\x15\x8f\x29\x17\xa8\xcb\x76\x83\xf7\x87\x9d\x24\xde\xdc\xea\xbd\x2e\x2c\x93\x2d\x03\x7f\xea\x32\x6d\x8b\xc2\xd7\x78\xdb\x77\x1b\x01\x5c\x1b\x8d\x1a\x4f\x6d\xe4\xe2\xb6\x73\x3e\x0f\xe8\x25\x92\x22\x55\xb4\x0d\x10\xd9\xf1\x82\x60\xfb\x1d\x6d\x08\xc4\x74\x20\xa4\xa7\x4c\x7c\x7e\x6a\x28\x49\xc3\x08\x5e\x8d\x28\x8a\x76\x88\xb7\x40\xdf\x42\x9c\x6a\x3b\xa7\x22\x8b\x77\xae\x40\x9a\xdf\xae\x3a\xfa\x44\x16\xeb\xe3\xbf\xb5\xff\x9e\xd2\xc9\x20\xf1\x17\xfa\x2f\x95\xa6\xf9\x9a\x69\xb5\xb4\x75\x9b\xde\xbd\xd6\x0b\x8a\xf5\x8e\x5e\x3a\x1c\x29\xc4\xef\x0d\xbd\x1a\xf2\x95\xbe\x33\x3c\x1f\x56\xbc\x3e\xb1\x5c\xf6\x3c\x5e\xa0\x48\xcf\x79\x15\x1a\xcd\x85\xce\xb0\xa8\x37\x84\x88\x15\x73\x41\xcc\xbc\xb7\xd6\x67\x92\xa5\x28\x38\xa7\x0e\x07\x68\x14\xab\x1e\xfc\x56\xe9\x32\x18\xb3\xf1\x2f\x27\x44\xd2\x05\xcf\x0b\xa3\x90\xa4\xf9\xef\xdb\x6f\x2e\xbd\x96\x16\x47\x25\xc1\x76\x9b\xdf\xef\x3e\x61\xe2\xc7\xb3\x58\x6e\x4a\x19\x49\xa5\x08\x7e\x66\xfd\xf2\xe6\xc7\x9a\x1d\x7c\x71\xa1\xdb\x83\x53\x44\x36\x43\x6f\x09\x11\x06\x78\x46\x31\x20\x36\xae\x3f\x29\x04\x5d\x9e\x50\x56\xa2\xed\x2e\x37\xae\x4a\x29\x90\x33\xe7\x0c\x9d\x33\xdb\x40\x7d\x98\x5d\x47\x0f\xdb\x55\xcd\x8b\x80\xae\x3f\x86\x0e\x9f\xc8\x77\xaa\x3d\x6f\x6f\x4e\x14\x60\x75\x71\xaf\x48\x7c\x61\x2e\x2b\xa6\xce\x4c\xf4\x0b\x65\x83\xc9\x2f\x86\xe9\x6d\xc9\x4b\x76\x98\x38\xb7\xa5\x3c\xd1\x39\xf0\x79\x1d\x53\x95\x26\x05\x2a\xf1\x86\x78\x3e\x1e\x50\x23\x0c\x86\xcc\xfc\x76\x2c\x8e\xec\x96\xf3\xd9\xbc\x93\x5f\xbd\x93\x09\xab\xac\xaa\x85\x02\x8a\xca\x9a\x3e\x60\xba\xfc\x81\xa4\x5f\xac\x53\xdf\x6b\x8b\xf2\x94\x2c\x9e\x3e\x51\x5c\x7f\x20\x0c\x25\x9a\x3a\x1c\xc7\xce\xfc\x2b\x76\x84\x38\x52\x34\x3b\x14\xb1\xba\xec\x94\xca\xa8\x82\xb4\xb7\xb7\x52\x48\xde\xe0\x5b\xad\x6a\x79\x89\x10\xed\x5b\xec\xfc\xd8\x6b\x43\xb6\x4c\x2b\x0d\x37\xb9\x9a\xe9\xdd\x71\x5d\x89\xfd\x8a\x28\x4d\x99\x14\x7b\x32\xba\x4d\xb4\x5e\x96\x19\x06\xb2\xd6\x9d\xd6\x86\xef\x68\x8f\xfd\xe2\xa5\x18\xce\x61\x2d\x90\xa9\xcd\x2b\xda\x7a\xa9\xd0\x1b\x41\xa0\xdc\x18\xa6\x03\x92\xb2\xdc\x62\x52\xa0\x6d\xaf\xfa\x1f\x7b\xe7\xbe\xf6\x43\x18\x78\x8f\xea\xdc\x76\x98\xc4\x86\x0c\x7e\xc6\x8d\x6e\x81\x08\x73\xca\x48\x60\x51\xdf\x5d\xb3\x8c\x22\xe9\x71\xb3\x18\xf0\x33\x9a\x12\xa4\xf8\xfb\x7b\xc4\xcd\xad\xbb\xa7\xcf\xde\x55\x6e\x4d\xf4\x71\x7b\xb0\x37\x00\xeb\x2e\x3f\x64\x0e\xdf\x0d\x18\x6e\xbb\xa3\x49\xc1\x24\xaa\xc1\x0e\x81\x11\x41\x1a\xc4\x4b\x04\xa4\x3f\xef\x07\x6b\xfb\x5e\x29\x80\xf2\xb2\x6d\xa4\x0d\xc4\xbe\xa9\x8f\x20\x11\x8d\x59\x4d\x38\x00\x1a\x08\xa9\x1d\x08\x81\x45\x28\xd2\x41\x60\x01\x88\xab\x87\x9a\x1c\x3c\xb8\x0e\xa5\x46\x29\x50\x82\xf9\x39\x8b\x99\xdd\xbb\x86\xff\xc6\x40\x65\x4a\x71\x6e\x34\xae\xd1\xc5\x30\x49\x03\xa3\x91\xc7\x7e\xdd\x8a\x6f\xb7\xae\x5b\x0a\xaf\xf8\x11\x92\x27\x42\x47\x74\x1c\x06\x63\x32\xe0\x67\x36\xe1\x20\x48\x95\x96\x04\x72\x34\x08\xe0\x4d\xd5\x2b\x20\x48\x14\xfa\x54\xba\x35\xb6\x12\xe7\x16\x92\x49\x9f\x86\xbf\x66\xce\xc1\x78\xaf\x64\x9b\x81\x5e\xec\x39\x4c\xb8\x14\x68\x39\x0c\xe7\x86\xa0\xf2\xe7\x2f\xa7\x6a\x8f\xa7\x76\x88\xe9\xb2\x89\xb0\xcc\xab\xd9\x42\x8c\x97\xc8\xbc\xdc\xfa\x4b\xf6\x62\xd0\xa2\xba\x33\xbb\xfe\xab\xb5\x70\xbf\x9e\xad\x29\xbb\xac\x18\x8b\x97\x79\xa3\x7b\x4b\xba\xb4\x24\xe8\x2d\x2c\x84\x3f\x61\xe5\x3a\x8d\x21\x09\xfd\x07\xca\xf9\xe2\xd9\x33\x02\x28\x94\xd9\x60\xee\x95\x15\xa4\x5e\xf8\x57\xd7\x3b\xb6\xf4\x3d\x36\x02\xa1\x01\xad\x51\x95\x76\x3e\x35\xee\xde\x35\xeb\xf1\xc3\x5f\x93\x00\xea\xb5\x41\x6b\xc6\xdd\x94\x61\x4e\xff\xfa\x25\x34\x7e\xf8\x93\x48\x00\x64\x87\x9b\x4f\x0c\x48\x88\x07\xe1\x44\xb3\x1d\xff\x45\xdf\xd3\x03\xb9\x6c\x99\x92\x48\xf2\xe9\x41\xa8\x94\xa4\x51\x40\xa0\x21\x55\xf3\x1d\x88\xc6\xc7\x19\xe8\x7b\xfd\xef\x92\xc6\x07\xee\xf7\x60\x0a\x60\x23\x6e\x7c\xc5\x23\x79\xf9\xd3\x04\x02\x77\x7d\xd8\x28\x17\x42\x36\x76\xca\xec\x9a\x9b\xfc\xf2\x48\xd0\x3b\x99\x9e\x62\xc9\x8f\x6c\x50\x6a\x16\xd7\x1d\x44\x4e\xe9\x17\xf5\x3d\x78\x01\x6a\x38\xe2\x4b\x0e\x89\x9f\x31\x4b\x18\x30\x66\xad\x13\x89\x75\x04\xf0\x7a\x30\x40\x9d\x3c\xdf\x2a\xd5\x88\xe6\x1d\xc8\xe9\xb1\x94\x65\xc5\x9f\x2c\xd7\xae\x04\xff\x71\xde\x7f\x07\x7b\x36\x99\x33\xef\x11\x0a\xe2\x91\x85\x3f\x79\xf8\x33\xed\x08\xb4\xd0\x68\xa1\x14\xab\x8c\x06\xdc\x2c\xa6\xe4\xcc\x46\xfc\x4f\xa2\x02\xe3\xab\xec\x3b\xb7\xa0\xb3\x85\xf2\xd2\x92\x5e\x30\x69\x82\x20\x09\x9b\x45\xe3\x8a\x2b\xf3\x97\xcc\xf6\x49\x59\xd0\x8e\x41\x56\xed\xb4\xfd\xfd\xe5\xec\x88\xc3\x22\xe2\x18\xc9\x8d\x7d\x2b\xcc\x91\x12\xd9\x5e\xb5\x07\xf1\xe5\x39\x60\x62\xc9\x89\x68\x80\x74\x97\x7d\x13\xc8\x3f\x36\xae\xc5\x65\x48\x92\xba\x1a\xf0\x8a\x4c\x53\x6f\x61\x19\x5b\xbc\xcf\x4c\x92\x3e\x98\x1a\x15\x35\x47\x35\x25\x50\x69\xed\xd4\x67\x50\x32\x51\x94\x30\xd4\x77\x1c\xc8\x1c\x25\x95\xa7\x61\x05\xc1\x46\x7c\x4a\xd5\x95\x5e\x6c\xe6\x58\x6c\xe6\xac\x02\x89\x92\x03\xad\x6f\x9f\x94\x37\xff\xd3\x68\x9a\x9e\x2e\x74\x0c\xfb\x85\x88\x26\x1c\x28\xbc\x78\xcd\x4d\xb2\x03\xea\x4d\xbd\xa9\xf4\x72\x66\xd1\xc3\xef\xf4\x5c\xd6\x9c\xaf\x8e\x51\x04\x59\x00\x1d\x38\xcf\x87\x8c\xbf\xe7\x45\xc3\xf2\x1c\x4c\xfe\xdf\x70\xb9\xba\x56\x63\x0a\xf5\x97\x69\xa5\x1c\x31\x15\xd7\xf5\xdc\xd4\x25\xbf\xe6\xfa\x7d\x1e\x7a\x7f\x13\x37\xd0\xc7\x17\x4a\xc4\x66\x87\x47\xf5\xed\x17\xdb\x8b\x24\xed\xc5\xce\xe7\x62\x6a\x9d\x0a\x7e\xa5\xcc\xca\x8e\x5c\x9a\x52\x08\x67\x08\x89\x13\x80\xbd\xd8\x3a\xd0\xc8\x90\x9c\x18\x22\x34\x92\xef\x27\x39\x50\x1a\xd6\x6c\x78\xac\xe9\xb8\xf1\x56\x71\x3f\x43\xc3\x08\x76\xca\xdb\x70\x61\x79\x70\x61\x7c\xb9\xc4\x63\xc0\x62\xfd\x7b\xb5\x79\x68\x1e\x74\x58\xae\xde\xc9\x9f\x0f\x1b\x36\xba\xa6\x63\x4f\x86\x2f\x50\x95\x3b\x52\x45\x28\x4d\x76\x30\xf1\x9a\x9b\xc3\xe4\xcf\x48\x5d\x13\xf5\xe1\x14\x98\x22\xcd\x1c\xeb\x8f\xd7\xe2\xaa\x2b\xec\xcc\x25\x9b\x99\x24\x44\x83\x78\x19\x7d\x1e\x04\xe1\x9d\xd1\xd5\xf4\xe1\xe0\x93\x72\xe2\xfb\x9f\x76\xf1\x51\xdf\x1a\xfd\xc9\x01\x78\x71\x05\xab\xf5\xe5\x28\x52\xd4\x05\x6f\x43\xc6\x6a\x7d\x58\x73\x53\x95\xce\x7f\xf2\xa7\x97\x96\x44\x0b\x82\x7f\x0a\x95\xc0\xb3\x28\xdd\x3c\xcc\xed\x9d\x68\x86\x94\xd4\x17\x36\x27\x94\xbc\x82\xf9\xee\x36\x27\x60\xb9\x79\x13\x1b\xe1\x0d\xaf\xa2\x54\xda\xe3\xb3\x9c\xc0\xd8\x8e\xf4\xce\xab\x7a\x65\x07\x42\x9f\x28\x48\x1e\x60\x80\xc0\x07\x59\x9e\x3e\xfc\xd2\x95\xb2\xc1\x04\x50\x29\x03\xd4\x1f\x6e\x90\xe4\x5a\x93\xab\x43\xf5\x42\xb8\xd0\x3c\xfa\x77\x1e\x35\x84\x49\x46\x72\x66\x03\x1e\xfe\x80\x49\xd2\x7a\xbc\x4c\x58\x67\xb1\x09\x7c\xcf\x1d\x20\xf6\xcf\x60\x0a\x82\x20\x63\x61\xe0\x9a\x30\x5e\x06\x65\xae\xfb\x39\x50\xd8\x72\x24\x2b\x04\xa2\xdb\x7f\x00\xa1\x76\xeb\x7d\xa0\xc4\x4e\x4a\x08\xc7\x7c\x12\x28\xfc\xd8\x7d\xb8\x89\x22\x33\xa0\x43\x76\xfd\x1f\xd3\x0b\xb3\x2f\xb0\xf8\xef\x4b\x5e\x20\xb7\x6e\x20\x73\x86\x9f\x1f\xb0\x37\x5e\x36\x8e\x28\xc4\x72\xdd\x72\x4e\xb3\xd3\xc3\x41\x16\x0b\x51\x46\xe7\x15\x6d\x3b\x62\x9c\xf8\x9e\x19\x5f\xf2\xf8\x17\x40\x1c\xe7\xb5\x91\x2b\x61\x36\x3d\x20\xcd\xa0\x04\xa0\x56\x69\xa9\x9d\xca\x93\x6a\x33\xa7\xbd\xb2\x5a\x71\xa3\xdd\x60\x37\x46\x0a\x05\x30\x2c\x0e\xf3\x9e\x4f\xd9\xbe\x22\x6f\x80\x6c\x7e\x94\x49\x5f\xb1\x92\xd2\xb7\x8d\x94\x7c\xb0\xc2\xff\xf2\x36\x2b\x21\xae\xf5\x98\xa5\x92\xd1\x00\x30\xc4\x30\xad\x7b\xbc\xdd\xe0\x9a\xfa\x52\xe8\xef\x6f\x1c\x65\x55\xd7\x0e\x4f\x52\x4c\xad\xd4\x6c\x4a\x97\x67\xb2\x68\xef\x48\xb7\xa1\x58\xc7\x9b\xc9\xdb\x58\x6e\xf8\x41\xe0\x3f\x0d\xfb\x17\x63\xae\x3c\x2d\x64\x39\xeb\x22\x1f\x10\x4f\x5a\x54\x92\x8a\x17\x5c\xe7\xa0\x40\x65\x1e\x51\x89\x2e\xb8\xb9\x40\xd7\x23\x93\x30\x08\xa2\xe4\x40\x35\xfe\x4b\x64\x29\x70\x75\x44\x1d\x5e\x19\x99\x31\x4f\xfd\x2e\x62\xc1\x47\x93\x4f\x33\x28\x04\x05\x8a\x90\x35\xbf\xab\x7a\x82\x43\x0a\xa1\x79\x2d\xb5\x16\xdb\xfe\xc6\x9f\x6a\x4d\x9e\xeb\xb3\xe7\xde\x4f\x69\xe8\xca\x61\xc5\x08\xdb\x14\x99\x67\xe3\xa6\x37\x32\x60\xf1\xc7\xbc\xda\xf4\x2d\xd4\xc4\x90\x71\x2c\xb2\x0d\xe7\xfe\x25\x97\x79\x11\xe4\x66\x35\x9a\xfd\x27\xda\x7f\xf4\x3d\x31\xa1\x70\x4f\x0b\x9a\x56\x68\x1d\xa1\x24\xa3\xd0\x08\xcb\x28\xac\x2b\xf1\xf7\xdd\x87\x9a\xab\x85\x99\x81\x80\xf9\xab\x6f\x3a\xcb\x3a\xfd\x1e\x74\xa5\xd5\x61\xb1\x75\xb7\x9c\x6c\x7a\x2c\xb2\x67\x29\xb2\x27\xc4\xa6\xd0\x57\x1e\x48\xce\x97\xec\xe8\x06\x03\x24\x78\x7e\x8b\x8f\xfd\x18\x59\x09\x35\xaf\x77\x30\x80\x69\x2c\xef\x19\xbe\x50\x18\x94\x3f\x85\xe6\xc3\x99\x8a\xd1\x85\x10\xeb\xf8\xc0\xfd\xc6\x72\xef\xc2\xd7\x3f\xfb\xb5\xfb\xdd\x39\xfd\x90\x02\x22\x81\xb6\x3c\x68\x56\xd3\x9f\x3d\x2a\x61\xc0\x66\xd7\x2c\x0a\x42\xef\x89\xc1\x80\x27\x91\xd6\x2b\x3a\x1e\x45\x27\xbe\x0d\x2d\xcc\xcd\xf0\x61\xc8\x7b\xa8\x69\x0f\x42\xbb\xab\x8f\xec\xbe\xf6\x23\x12\x73\x22\xd2\x7a\x16\x58\x38\x84\x1e\xdd\x4b\xb9\xbe\xe4\x9f\x32\x1b\xb1\xf3\xda\xfd\x46\x41\x40\x0f\x25\x64\x45\x91\x1d\x71\x06\x27\x02\x48\x21\xd1\xca\x8a\xca\x94\x0a\x00\x94\x6d\xe5\x9c\xb8\xa3\xc7\x17\xd3\x95\x18\x79\x33\x39\xa6\xb6\xff\x18\xcd\x7f\xaa\x3f\x1d\xf1\x5b\x79\x59\xd2\xf0\xc4\x4a\xe9\xc4\x2a\x69\xc0\x7b\x3a\x0f\xab\xce\x5f\x54\x4f\xa9\xee\x84\x3e\xbf\x94\x2c\x5e\x78\xc5\x44\xb6\x8e\x1f\x3c\x45\xd8\x9a\x51\xfc\xca\x43\x4f\x1e\x88\xa4\xb5\x4f\x30\xb1\x38\xbc\xb9\xe0\xb7\xbd\xfd\x57\x67\xc8\xda\xa8\xac\x05\x00\x40\xd5\x52\x39\x59\xf6\x7e\x1b\x83\xad\xcc\x09\xa8\x9e\x52\xe6\x38\x1b\xcb\x2d\x07\x2e\xb3\xfa\xda\x65\x1e\xe2\xe0\x77\xdf\xd4\xf6\xc9\xcf\x77\x66\x8e\x64\x4c\xc6\x5a\x5c\x2e\x88\xd6\x1f\x68\xaf\x15\xe9\x0f\xcd\x46\xde\xb6\x79\xd4\x36\x89\xf6\xcf\x23\x76\xb1\x5f\x29\x3b\xa6\x2b\xdd\x03\xf2\x49\x1f\xc7\xbc\x9e\xc4\x16\x0c\xe8\x12\xe3\xb0\x82\xa2\x76\xdb\x4a\x9e\x7a\xa8\x08\xbe\xd0\xdd\x7b\x62\xe9\x3e\x35\xab\x0c\xc3\xd4\x8c\x30\x08\x76\x60\x4f\xa8\x50\x60\x2a\x37\xaf\xee\xf8\x79\x41\x10\x04\x29\x5c\x5e\xbd\x07\x6b\x8c\x7d\x00\x39\xaa\xbc\xeb\xba\xae\xba\x30\x2f\xac\x0c\x4a\x0c\xfc\x3c\xab\x6a\x6e\x2f\xc2\xdc\xd0\x2f\xf8\x2f\x76\x87\xdb\x32\x79\xc0\x1c\x42\x4c\x3e\xe2\xdf\xb1\x8d\xca\x9a\x9e\x5b\x8d\xc9\xdc\x69\xd4\xbe\xc4\xde\x95\x97\xec\xd0\xbf\x33\x2b\xe4\xd1\x63\x7e\x87\x31\x7e\x36\x43\xce\xdb\x43\x01\x8e\xdc\x75\xc9\x57\xcf\xae\x70\xf0\x4c\xc6\xb3\xe4\x12\xb8\xe2\xa3\x7b\xc2\xa0\x70\xfe\x80\x08\xda\x83\xa1\x5a\x10\x69\xf0\x3b\xd5\x2d\x23\xdb\xad\xb0\x6b\xdc\x37\x7e\x09\x0d\xd2\xd7\x8b\xaf\x85\x39\xb9\xe1\x83\x43\x84\x29\xf1\x14\x50\x99\x2f\xdd\x79\xcb\x9a\x8c\xd0\x4f\xe1\xe2\x88\x5b\x54\xbb\xe7\x05\x6c\x45\xf3\x7b\x52\x6c\x01\xd1\x78\xf9\x4b\xb1\x34\x94\x2f\x55\xff\xcb\xbf\x6c\x1d\x8b\xb5\x30\x86\xf0\xdb\x2f\xa5\xce\xd8\xee\x00\xd0\x50\x2f\x6e\x46\x9c\x9b\x12\x96\x9e\x46\x03\xa3\x05\x5a\x30\x47\xe6\x42\x87\x52\xf9\x17\x01\xfb\xc1\xcf\x16\x34\x21\x50\xdc\xe9\x65\x63\x3f\x31\xfb\x81\xfc\xbb\xff\xcb\xc6\x62\x03\x2e\x3c\x9f\x65\xbd\x9e\x8a\xea\xa9\x6b\xa0\xe9\x26\x08\xda\xeb\x07\x1c\x34\x6b\x67\xe6\x38\xc3\xb9\x2c\x98\xa6\xcc\xd8\x76\x18\x61\x76\x1e\xd5\xed\x67\x20\xa6\x0a\x71\xc2\xc6\xe2\x42\x38\x36\x61\x67\x92\x34\xce\x6f\x21\xd2\xd1\x59\x62\xea\xd0\x5c\x88\x19\x1c\x12\x3c\xef\xa4\x69\xc3\x9f\x2b\xbd\xa5\x6b\x2c\xb1\xdd\xf0\xaa\x5c\x90\x94\xa9\x54\x1a\x9b\x7d\x66\x9c\xfa\x99\x3d\x8e\xed\x4c\xc8\x0c\x1c\xd4\x3b\xbc\xb3\x6c\x4d\xf3\xc1\xd2\x19\x37\xc5\x31\xff\xf8\x5e\x64\x7b\x47\xb5\x4d\xe4\x10\x9b\x86\x79\xc3\xa0\x5f\x64\xce\x64\xec\xa0\x76\x65\xd0\x22\x81\x7a\x66\x58\x5a\xe6\xa0\x9c\x1f\x4b\x7d\x78\xca\x3d\x19\x1d\xc1\x11\x83\x61\x29\x1c\x94\xcf\x1e\xec\x92\x4f\xaf\xc7\xfd\xc0\x3a\xfe\xf5\x2b\xb1\x7f\x76\xca\xeb\xc5\x43\x97\x82\x03\xc1\x96\x9b\xe8\xb0\xe3\x07\xba\x4b\x6c\xb1\xca\xd5\x83\x3e\x79\xd4\xea\x96\x70\x16\xce\xd6\xf4\x2c\x78\x5d\x2d\x8f\x66\x4d\x1d\xf6\x0b\x34\x4b\x38\xdf\x41\xb8\x56\x51\x2b\x6f\xcb\xd0\x92\x85\x77\x83\xc0\x0f\xb4\x87\xa4\x6f\xc2\x12\x7d\xe5\xf7\xe7\x77\xb6\x01\xa1\xd9\xb6\x8b\x67\xa4\xb0\x8a\x28\x80\x0d\x2d\x5b\x56\xb5\x9d\x69\x93\xf4\x44\x98\xbf\x81\x2d\xd8\x12\x9f\xe5\xf3\xd5\x95\xbd\x78\x0f\xfd\x9f\x0c\x1b\x9e\x7f\xed\xb2\x9b\x57\x3a\x13\x52\x9c\xd6\xde\xba\xf1\xb1\xe2\x9b\xce\xaa\xda\xca\xd7\xe7\xa7\xe5\x74\xc2\xd6\xb9\x6f\xbf\x1d\xcd\x28\x65\x05\xea\x08\x8b\x49\xbb\xfe\x1b\x8f\xe4\xa6\x1e\x51\x46\x87\xe4\x60\x01\x12\x81\x0c\xa3\xfd\x4e\x95\xb7\xb1\x3f\xf6\xf0\xc4\x84\xd2\x3f\xe1\xf1\x03\xd6\xae\x7f\x8a\xe6\xf6\xeb\xba\xaa\x1d\x93\xaa\xb6\xf0\xb7\x66\xda\x78\xac\xe9\xd2\x08\x87\xb3\x5e\xe5\x1d\x90\x2d\x8f\x3e\xb3\x03\xcb\x7d\x06\xad\x92\x57\xf6\xf1\x5c\xc6\x31\x7d\xcc\x6f\x92\xc3\xb9\xe6\xe3\xed\xe0\xdc\xff\xdb\x1f\x00\x93\xc3\xb9\x96\x87\x38\x79\xec\xc0\x1f\xe0\x06\x93\xa2\x98\xf4\xcc\x4d\xa9\x40\xf0\xf3\x03\xcb\xce\x0d\x47\x09\x29\xc0\x55\x04\x92\x89\x66\x98\x1a\x34\xde\xd1\x55\xd6\xe6\xb8\x2d\xd9\x60\x8a\x34\xbf\x9a\xe8\x58\x5f\xb0\x1d\x3e\xb1\x03\xb8\xa8\xce\xe9\x4b\xe0\x13\xcd\x0e\xcd\x85\x9f\xcc\x55\xda\x79\x55\x57\xbd\x91\x43\x4f\x33\x90\x3d\x4e\xdd\x79\xb3\xfe\x35\x0f\x78\xc0\xae\x67\x65\xaa\xb2\xb8\x7a\x5b\x31\xd3\x9d\x51\x1e\x4b\xda\x6c\x24\xcc\xad\xe5\x1f\x7e\xa9\x96\xa7\x6e\xf9\x13\xa5\x4a\xcf\xf0\x15\x25\x56\xce\x6d\x54\xda\xd8\x94\xbc\xb9\x56\x71\x0e\xca\x16\x43\xa4\x5b\x18\xc8\x38\x3e\x54\x03\x4e\x85\x8f\x4c\x59\x74\xa5\x38\x37\x31\xe0\x3e\x45\x60\xd6\x5f\xf7\xe0\x2d\xe8\xd5\x3f\x91\x87\x89\x7f\x35\xbc\x95\xad\x5d\x7f\x54\x7e\x02\x6d\xb3\xb6\xff\xfb\xef\xfb\xe9\x48\xc0\x26\xe1\xdf\x00\x66\xec\xf4\x20\x50\xf4\x94\x6f\xc6\xcd\x79\x51\xac\x4f\xa6\x98\x89\x5b\xe7\xc2\x7d\x52\x3a\x37\x7d\x13\x3d\xa7\x62\x8f\xeb\xc4\xab\xc9\x05\x21\x7b\x81\x06\xb7\x60\x66\xad\x0b\x6a\x38\xd6\x77\x4a\x94\xa0\x9c\xf8\x0c\x6b\x71\xb1\x84\x46\xe9\x09\x7f\x15\x5f\xa6\xbf\x84\x81\xee\x13\xd1\x66\xb8\x53\xe9\xbd\x89\xcf\x2d\xef\x66\xe0\x4c\xfd\xf6\x87\x02\x2a\xa1\x59\xec\xaf\xce\xbb\x1a\xce\x39\x50\x83\x68\xcb\xcb\xd1\xdf\xad\xeb\xa0\x76\xd3\xfa\xe8\x51\x97\xf2\xd2\xb2\x44\xad\xea\xba\xf0\x91\x5e\xf1\xeb\x81\x93\x66\xe3\xa4\x31\x24\x98\x92\xb4\x9b\x22\xd7\x08\x90\x60\xc3\x5d\x8c\x44\xc9\x9b\xeb\x02\x66\xb3\xc2\xaf\xe7\x3f\x1f\x3e\x4a\x88\x2c\xd0\x0e\x2f\xe5\x83\xbf\xb4\x3f\x3e\xda\x82\xf5\xd3\xba\x5f\xf8\x00\xa0\x4e\x1e\xe6\x27\x23\xf7\x60\x8f\xff\x04\x13\x81\x63\x98\x22\x4b\x69\x80\x7f\x38\xfb\x3d\x34\x5c\x2c\xd9\x4a\xec\x1b\xf3\x0e\xc1\x30\x24\x9c\x77\x72\x8c\x20\xf4\x8c\xd5\xf4\x5f\x2f\xf2\x2c\x61\x6e\xbb\xe5\x6d\xe4\x9d\x64\x0b\x3b\xfc\x40\x77\x2c\x24\xef\x40\x98\xc1\x25\xf3\xab\x7f\x9b\x66\xc0\x4f\xf9\x95\xea\x6f\xc1\x00\xb0\xbd\x91\xf0\x8b\x17\x81\xcb\x0d\x69\x61\x86\x24\x0c\x1e\xdf\xe6\x07\x82\x24\x81\xea\x68\x1a\x8e\x91\xeb\xbd\x5e\x0d\x76\x39\x80\xf9\x4e\x76\x20\xd3\x97\xe3\x37\x53\x0c\x3d\xf7\x81\xf0\xc6\xb8\x5b\x4c\x0e\x52\xf0\x4b\x16\xaf\xe9\xba\x32\x0b\xe5\xd7\x33\xfb\xd1\x14\x56\x20\x02\xf9\x14\x27\x72\x87\x0f\xd4\x92\x58\x4d\x5b\x10\xd1\x41\xc1\x96\x20\xb5\xac\x46\x1b\xfc\xfe\x6c\x2a\xb3\x5b\x49\x7d\xf7\xf5\x8c\x30\x33\xff\x8c\x91\x76\x6e\x20\xff\x98\xd1\x9c\x57\xa5\xfd\xf3\xca\xb6\x2e\x61\x27\x9a\xff\x31\xe5\x42\xfa\x83\xe4\x50\xef\xff\xb1\x74\xd6\x5a\xd3\x32\x4b\x14\xbe\x20\x02\xdc\x42\x9c\xc1\xdd\x32\xdc\xdd\xb9\xfa\xb3\xde\xef\x3f\x93\x4c\x32\xb0\x58\x3d\x5d\xb5\x9f\xdd\x54\x57\x5b\xef\x1b\x73\x75\xc9\x8f\xb4\x73\xcd\x0c\x1c\xd9\xd0\xf1\x4b\x0d\xc6\xc3\xa6\xb0\x99\x5d\xae\xd9\x05\x90\x93\x04\x99\x5c\x0b\x39\x80\x8d\x94\xab\xd7\x74\x5c\x52\x82\x2e\x25\x4e\xf8\x03\xcd\xf7\xcb\x1b\x67\x46\x32\x6b\xb2\xf5\x73\xc4\xdb\x38\x14\x1d\x5f\x61\xf7\x50\x75\xf7\x2d\x84\x17\xce\x1b\x52\x2a\xb7\x30\x8e\x6d\x48\xa5\x0e\xe1\xf8\x41\xec\x17\x21\x9d\xa3\x25\xb0\x36\xaf\xf1\x82\x39\x4e\x66\xaa\x0c\x04\xa3\x62\x23\xd3\x24\xce\xff\x75\x1f\x4e\x91\xec\x36\xf0\xfc\x9b\x3c\x2d\x33\x25\xaa\x82\x83\x56\x87\x21\xe6\x9c\xd9\x4d\x56\x9c\x08\x9b\xbe\x4b\x85\x5f\x80\xd1\xf9\xb0\x98\x9b\x3a\x6f\xfc\x5b\xaf\xda\x37\xe6\xa1\x67\x96\xed\xaa\x08\x6e\x4c\x48\x1b\xf1\x32\x29\xaf\xc9\x51\xfa\xed\x62\x30\x50\x34\xa7\x0f\x33\x56\x60\xea\x4c\x38\xce\xc5\xd8\xff\xd5\x2d\x3b\x24\x61\x88\x66\x07\x46\x9d\x16\xc8\xac\x8d\xbf\x0d\xef\x53\x5e\x32\x79\x9c\x17\x4c\xd2\x30\x42\xe5\xaa\x18\x07\x87\xba\x0c\x92\x29\x2c\x48\xc1\xc4\x1c\xb7\x2f\x03\x33\xff\xfb\xcd\xfe\xc4\xac\x71\x1c\xa4\x29\xf1\xec\x03\xbe\x54\xc7\xdf\xae\x70\x34\x71\x28\x53\x68\xd4\x30\xb7\x97\x1c\x48\x5b\x2f\x6a\x2a\x3d\xad\x72\x77\x6d\xf5\x60\x21\xcd\x05\xd2\xea\x0f\x8a\x4d\x95\x96\xce\x74\x0d\xcc\x88\x88\x30\xcc\x4a\x1b\x8f\xb2\xb7\x20\x8e\x58\x89\x75\x16\x1a\x47\x08\x6f\xaf\xee\xff\xdb\x57\x3d\xc8\x44\xf2\x20\xea\x13\xeb\x79\xfb\x16\x3f\x22\xe8\x67\xcf\xab\x50\x7c\xaf\x54\xa9\x8e\x45\x16\x45\x71\x3a\xf6\x02\xbe\x86\xf4\xbe\x6c\x47\xbd\x6b\xb1\x43\xb5\x05\x1f\x36\xa2\x40\xf6\xd8\xfb\xa7\xc7\x52\xdd\x72\xb7\x25\x83\x40\x65\x92\xbb\x69\x5b\xc4\x99\x23\x95\x09\x80\xf7\xec\x1b\x4f\x42\xd1\xe5\x35\xd9\xb8\xd9\xce\x2b\xa1\xb7\x4e\xe2\x9f\x21\x7f\xde\xe0\xcf\x60\x40\xcc\x8a\x8f\x49\xc4\x66\xd6\x4d\x8c\xb1\x78\x71\xf7\x29\x62\xaf\xa8\xe1\xeb\x50\x87\x15\x3a\x22\x9b\x0f\x1b\x9f\xad\x1d\x79\x16\x1d\x07\xfe\xe3\x65\xa3\x49\xa8\x1e\xab\xa9\xd8\xaa\x07\xc6\x77\x4b\x4f\x26\x4b\xf4\x30\x9d\xdb\x9c\x39\x3e\x58\xbf\x9f\x63\x66\x9b\x52\x5d\xf1\xae\x7f\xba\xe7\xcb\xfc\xac\x73\x77\x29\xbe\xe6\xed\x7f\xb3\xc6\xdd\xd7\x85\xaa\x19\x22\xe0\x8e\x66\x3c\x05\x73\xe4\x67\xa4\x0d\x41\x10\x84\x52\xec\x26\x55\x8e\x1a\x9f\xdc\x3d\x44\xc3\xe3\x1e\x0f\xd3\x54\xb5\x6b\xfe\x6c\x3b\x4c\x22\x39\xbd\x4b\xbc\xd8\x2a\x30\x8d\x29\xf3\xbb\xb9\x02\xd3\x40\xda\x70\xe6\x63\x54\xdd\x2a\x8f\x17\x06\x13\x0e\x13\x9a\xd8\xbf\x85\x7e\xc9\x16\x49\x6f\xd4\x30\xf5\x76\xeb\x57\xea\x16\x80\xd6\xf8\x31\xd3\x4d\x51\xa0\xf9\xf5\x99\xa7\xe8\xaf\x9b\xf8\x57\x00\x1b\x36\xc3\x06\xd4\xa8\x14\x51\x08\xef\xab\x64\xa6\x68\x76\x88\x02\x4f\xe6\x2c\x4e\xef\x77\x22\xcf\x80\xec\xfb\x05\xf7\xaf\x05\x07\x6b\xb4\xdf\x00\x3d\x16\x86\xd5\xc2\x3e\x5a\x3b\x3d\xec\x25\xcd\x36\xa7\x55\xb5\x18\x31\x95\x08\x5b\x3a\x02\xc2\x6f\x86\xd8\xef\xf0\xce\xb3\x35\xcd\x06\x54\x21\x91\xde\x43\x05\xa2\x13\x30\xb7\xdb\xaa\x01\xf4\x92\xa7\x56\x33\xc9\xca\xad\xeb\xba\x99\x8f\xee\xb4\xa3\x30\x46\xfe\x5b\x58\x6d\x6f\xb7\xf4\x4f\x7c\x47\x65\x4c\xe8\xb2\x4b\x04\x38\xfe\x08\x8b\x71\xde\xe8\xc3\x38\xa0\xb2\x70\xa0\x9a\x98\x7b\x5d\xd7\x74\xb7\xf2\x07\x30\xfd\x58\xa8\x39\xd6\xc1\xcf\x6c\x02\x62\x14\xca\xac\x76\x1f\x14\xaf\xc7\x6f\xa3\xba\xe8\x15\xce\x52\x05\xea\xa1\xc2\xf3\x27\x4b\x23\x33\x8c\xe3\xfe\xb4\xff\x4d\xe9\xf2\x8d\x63\xdc\x60\x37\x83\xcb\x3c\xd1\x1d\xfe\xc2\xc3\x16\x86\x85\xf3\xfa\xcc\x98\xbe\xe6\xdf\x71\x21\xaa\xd4\xcc\xc9\x98\x9c\xd9\x4c\x0a\x3f\x7b\xa9\xf4\x64\x64\x22\x1b\x94\xff\xf8\x6b\x8e\xd4\xd2\xea\x15\xe4\x85\x8e\x5f\x06\xbf\x12\x89\x4c\xd1\x86\x0e\x30\x6f\xdf\xa6\x21\x3a\x54\xce\xd7\x05\x72\x57\x64\xe7\x60\xd4\x1c\x05\x44\xbf\xae\xb1\x84\x50\xe0\xf4\x58\x72\x67\x0a\x2c\xd7\x2e\x6e\x38\x9c\xbf\x8d\x3b\xb7\x56\x7e\x18\x06\x41\x48\x92\x2e\xaf\x88\x7f\x23\x77\x37\xf1\x39\x65\xdb\x1d\xd3\x1b\xe7\x07\x02\xd7\x55\xed\x7a\xfb\x2a\x09\x76\xfb\x80\x7e\x3f\x4d\xcc\xb4\x1c\xd3\xaa\xee\x7c\xf7\xbe\x98\xdf\x8e\xf0\xb6\x9c\xe0\x30\x62\x27\x5d\xa6\x59\x96\xfb\x49\xc4\xb0\x02\xdd\xf3\xfc\xe3\x4e\xd3\xd5\xd7\xf5\xc7\xa9\x35\xd7\x38\xac\x6b\x5b\xbc\x2c\xd7\xd5\xc9\xe6\x24\x8c\xa3\x85\x13\x6c\xe5\xb6\x90\xe0\x46\x59\xf8\x37\x59\x66\xd0\x15\x60\x90\x18\x05\x1a\xc0\x41\x06\xad\x6a\xbb\xcc\x42\xcd\x32\xeb\x9e\x03\x45\xa5\xfa\x13\x80\xdc\x43\xe2\xfa\x9a\xb8\xde\xbd\x00\x65\x05\xcf\x73\x3f\x3e\x47\x7f\x88\xd1\xd5\x75\x24\x3d\x7b\xfa\x2a\x5d\x4b\x4f\xd1\xe9\x69\x15\x0b\xdd\xdc\xf8\xa6\x99\x57\xc3\x50\xdf\x0b\xa7\x92\xe1\x56\xb4\x76\xe1\x37\x31\xec\x6d\x16\xa5\xd5\xc9\xf6\x70\x89\x4d\x02\x81\xb5\x16\x02\x37\x6f\x44\x36\x01\x7a\x72\xa6\xc8\x9d\xf2\xf9\x3b\xdb\x11\x2c\xc7\xfd\x60\x0e\x3e\xb2\x40\x07\xf1\x46\x3e\xd6\xb3\x98\x12\xd8\x30\x8e\x9e\x00\x15\x8f\xd9\x81\xea\x26\x24\xfb\x54\x91\x7d\xc3\x86\xf3\x92\xbb\xe3\x0d\x8c\x75\xaa\xaa\xca\x94\x33\x8d\xec\xd4\x71\x5d\x6b\xac\xd2\x6d\xed\x60\x6c\xf6\x17\x66\x06\xf1\xe5\x05\xb1\xb8\xaa\xef\x72\xee\x16\x10\xb8\xea\xf5\xb8\xc4\x73\x13\x8f\x81\x02\x65\x79\x90\x22\xee\x6d\x0a\x94\x7a\xce\xef\xe5\x62\xdf\xf9\x31\x0f\xe7\x8e\x9b\xd1\x10\x07\x71\x8b\xc6\xae\xdc\x84\xc1\x90\x24\xc2\xb1\xc3\x20\x08\xd6\xf5\xce\xfc\xca\x97\x8a\x04\x4f\x78\xcc\xd7\xfd\x52\xb5\x9d\xe7\xf3\xb7\xeb\x31\x24\x1e\x3f\x4e\xef\xc7\x74\x6c\x66\x44\xc5\xe9\x12\x72\x02\x64\x7e\x8d\xae\x44\x14\xb2\x2e\x60\xd3\x7d\x73\xc8\xdb\x33\xfa\xec\x92\x1e\xb8\xa9\xcf\x35\xe5\x0e\x61\xd4\xd3\xbf\x7d\xf1\x29\x2b\x13\xdd\xc3\x3c\x64\x20\x0b\xa5\xc1\xbd\x0e\x81\xd2\x12\x5a\xa5\x4d\xa4\xf5\x2c\x28\xec\xaa\x95\xbd\x0e\x89\x12\x6d\x6d\xd4\xae\x35\xc6\xf4\x92\x19\x6b\xe4\x0b\xff\x1d\xcb\xf6\x52\x95\x85\xa6\x85\x5d\x77\x43\xb5\x41\x04\xb4\xdf\x07\x3c\x48\x4e\x9b\x6c\xbf\xd5\xac\x67\x83\xcf\x90\x64\xd8\x47\xbf\xb4\x64\x0e\x5a\x54\x5f\xda\x66\x6c\x7a\xa9\x4b\xe5\x81\x1b\xb0\xb5\xc2\xe2\xee\x5d\xcb\x51\xf6\x7d\xd8\x92\xb5\x8d\x8e\x34\xb1\x88\xfb\xa1\xc4\x63\xb1\xb6\x53\x5f\x36\x68\xc3\x97\x31\x7d\x7f\x8e\xbb\xae\xc3\x56\x7f\xf3\x81\x93\xb2\x25\x33\xe7\xd5\xec\xc6\x2e\xb9\xf4\x2e\x4e\xd3\x71\x58\x51\xf2\x80\x14\xf1\xaa\x1b\x1d\xb7\x16\x84\xfc\x7d\xb0\x21\x74\x0e\xc8\x49\x37\xea\x1e\xa4\xb8\xc2\xd9\x61\x4a\x99\x32\xb8\x93\xff\x2b\x65\x27\x10\x8b\x71\x2d\xfb\x45\x75\xe1\xb7\xb9\x0e\xc6\x66\x7e\x66\x84\xed\x01\x40\xb3\x54\x0a\x56\x13\x0a\xa2\x13\x2c\xf4\xfb\x7a\xae\xbe\x95\x1d\xab\xa3\x02\x60\xd7\x30\xf8\xc9\x41\x04\x0d\x5a\xe4\x4f\x14\x1b\x3f\x94\xbb\x81\x92\x54\xc4\x54\x7a\xa2\xe0\xf5\xce\xf8\xdc\xa8\x48\x3a\x16\x97\x4d\x16\x5c\xd9\xbd\x22\xa1\x80\xb0\x88\xcf\x9a\x3e\x4a\x9e\x3a\x44\x56\x6b\x87\xf8\x6d\x7b\xdc\xe5\xe0\x74\xde\x58\xda\xaa\x8d\x3b\x43\x95\x25\x8f\x1e\x5a\xda\xf4\x58\xca\x6a\x56\xa7\x5e\x86\x6e\x42\xe7\x50\x9b\xfa\x1e\xbc\xbb\x2a\x7f\xfc\x02\x43\x72\x3f\x86\x88\xce\x47\x28\x46\xef\x75\x4c\x75\xbf\x47\x77\x85\xd5\x81\x8e\xbd\x50\x32\x5c\xc0\x6f\x3d\x10\x1d\x28\x97\x3f\x9b\x61\x5a\xbd\xd3\xbf\xdf\x6b\xfc\x32\x9e\xa6\x75\xdf\xd6\xa4\x73\x1c\x04\x23\x63\x61\x45\x1c\x92\x32\x12\x1e\xfa\x1e\x54\x21\xd4\x82\x33\x1d\x93\xd1\xd1\x2a\x8b\x3a\x73\x4e\xa7\x65\x17\x32\x97\x49\x7b\xf3\x5e\x31\x85\x1e\x9b\xed\xb3\xfa\x00\xf0\xd2\x6b\xee\x61\xd3\x86\x47\xab\x16\x6b\xe3\x51\x39\xed\xa8\x69\x9c\x7d\xea\x1a\x2a\x6a\x7d\x77\x76\x52\x2e\xbb\x77\x8d\x3b\xd1\xea\x14\xb8\xf7\x0e\xd1\xa2\xc7\x57\xdb\xa4\x52\xca\xd9\x60\x82\x2e\x97\xd3\x7f\x8c\x97\x39\x24\x34\xda\xc6\xc9\x5b\x6a\x5b\xfb\xf4\x4b\x33\x51\xaf\xfe\x89\x73\x3a\x44\xc9\x89\x52\xf2\x5c\x45\x64\xcd\x41\x85\xec\xd0\xc7\xf8\xe5\x6d\x58\x56\xdf\xac\x87\x63\x9e\xee\x6a\x66\xc0\xa2\x35\x3d\xbf\xdd\x17\x44\xf6\x0e\x2b\x3d\xd5\x6c\x96\xe1\x98\x01\x3b\x45\xfe\x77\x06\x82\x15\x21\x6a\x92\xc3\xfe\xbe\xa5\x88\x32\x34\x69\x35\x60\xc0\x88\xfd\xbe\xc2\xaa\xef\xbd\x0e\xc2\x20\x08\x0e\x54\x63\xd8\xcd\x27\xc7\x63\x24\x4b\x7b\x7a\x39\xbf\xca\x4b\xcb\xe3\x0f\xc6\x64\x34\x79\xf1\xe5\x1c\xf5\x07\x8b\x19\x1c\x85\xfd\x15\x80\xac\x83\x69\x23\xcf\x4a\x77\xef\x9b\xba\xae\xed\xc8\xb1\x35\x8d\x16\x42\xe0\xaf\x65\xd4\x60\x94\x5c\xf7\x19\x46\xb3\x22\xa6\xc6\xb2\xc3\xb5\x25\x85\xdf\xa6\xf2\x7c\x09\x05\x00\x15\x98\x97\x5a\x0c\xa5\xdd\xab\x77\x24\xfd\x02\x9d\xd7\xde\x4d\x03\x2e\x6a\xe9\xa1\xe4\x81\x0d\x23\xa4\x7e\xfc\x25\x2b\x18\x09\x13\x34\xb2\xb9\x0b\xd3\xa7\x0c\xc3\xd9\x42\x93\x67\x2e\xe1\xe6\xeb\x3a\xaf\x84\x8b\x0a\x75\x44\xb5\xc0\x7b\xcf\x2a\x52\x05\xf3\x9e\x01\xcc\x1d\xff\x1a\x5f\x7d\x13\x8f\xd0\xaa\x26\x2e\xc5\x39\x95\x14\xc8\x40\x49\xfa\xc5\x2b\x80\x2a\xa9\x50\x95\x3b\xa7\x35\x11\x46\xa1\xec\x72\xc2\xce\xdf\xb9\xfd\x5b\x07\x3e\xfa\xb7\xc6\x4c\x4e\x68\x74\xcf\x4f\x64\x3d\x08\x96\x54\x6d\x52\x2d\x8c\x12\x67\x80\x7e\x67\x7f\xde\xdc\xaf\xd3\x27\xdc\x99\x33\x49\x73\xd0\x82\x73\x62\x4c\x0b\xb7\x00\x3a\x34\x17\xef\x33\xc1\x28\x58\x86\x1a\x46\x22\x7d\xcf\xed\x20\xde\xd4\x31\x52\xa9\xf6\x57\xb5\x5d\x91\xac\x18\x55\x53\x63\x15\x18\x21\x8b\xef\xd7\x8c\xfe\xba\x2e\xab\x2b\x00\x8d\x77\xd3\x5a\x89\x96\x68\xb6\x0b\x1c\xe0\xbc\x67\x6a\xd0\x55\x20\x93\x8c\xc0\xd8\xb7\x0f\xc2\xa3\xd3\x27\x2d\x57\x0c\xd2\xd8\x6c\xc2\xfb\x1e\x9d\x88\x5c\x73\xad\xb2\xf1\x8f\xdb\x38\x50\x6c\x41\xba\xc3\x4b\x08\x37\xf9\x63\x2d\x3d\xd6\x8e\xc4\x10\x2d\xae\x5f\x80\xed\x41\x12\x06\x53\x82\x14\x75\x7d\xdd\x6c\xe9\x77\x33\xbd\xa5\xd2\x86\x10\xc6\xc8\x67\x4a\xef\xb6\xa1\xf7\x3d\x33\x02\x1f\x59\x38\xbb\x77\xa6\x7c\x3b\x06\x54\xe7\x17\x2f\x96\xe0\x9d\x53\xb5\x20\xeb\x41\x76\x38\x59\x9c\x53\x75\xc0\xf2\x84\xf5\xaa\x94\x19\xe3\x4b\x15\x60\x71\x7a\x3e\x64\xcc\x04\x75\xfe\x31\x5b\x8d\xd4\x11\x12\x22\xb7\x44\xcf\x3a\xed\xbd\x52\xa9\xf0\x7b\x99\x94\x01\x18\x45\x03\x37\x99\xdd\x9c\x12\x27\xd9\xad\x36\xc5\xa8\xb5\xf8\xd2\xe5\xc4\x1f\xa4\xd8\xc2\x06\x72\x65\x27\xba\x98\xec\x80\x66\x21\x55\x45\x9f\x12\x5c\xff\x7a\xf5\x58\x28\x4a\xb9\x1a\xcf\xf4\x6f\x61\xf6\x13\x92\x16\xc0\xe6\xbf\xb9\xc6\x31\x83\x6f\x31\x8c\xf3\x07\x05\x8e\xda\x2f\x7e\xc7\x43\xe0\x9a\x9a\xfb\x26\xbc\xf7\x61\x69\x6f\xbe\x64\x62\x02\x78\xbf\x3e\xba\x81\x09\x79\x93\x27\x8f\xc4\x15\x2e\x4f\xfb\x38\xbd\x36\x0a\x36\x18\x1a\xba\x01\x7c\x9d\x68\x21\x7e\x5a\xce\x57\x94\x5b\x03\xd3\x71\xd4\xd4\x71\x08\x97\x4c\xc2\xc0\xe0\x30\x8c\xb9\xba\x42\xa4\xbe\x3b\x9e\x5f\x91\xb7\xf4\xbb\x75\x02\x56\x74\x74\xf1\xa8\x02\x85\x90\xaf\xea\x7b\x79\x10\x6d\xf0\xf5\xac\x47\x9f\xb2\x83\x99\xde\xd9\xbb\xc8\x48\x1a\xc0\xa8\x9c\x9b\x26\xf3\x5c\x59\xf8\xa3\x57\x03\x66\x57\x50\x36\x68\x22\x0c\x17\x51\xfc\x13\xd9\x3a\x17\xf5\x6f\xae\xa7\x03\x2f\x13\xab\xcc\xb1\x88\xc1\x00\x30\xdb\x9d\xfc\x57\xad\xd1\xf6\x80\xd6\x84\xdf\x02\x2f\xd4\x11\x4c\x98\xdf\x9e\x49\xcd\xec\x6a\x1a\x47\x9c\xd7\xd6\xb7\x8e\xd9\xbb\xd7\x45\x01\x95\x15\x5c\x20\xd6\x96\xd4\xd0\xb9\x32\xe5\x32\x0c\x83\x07\x70\x10\x38\x11\xf3\x45\x60\x6a\xec\x85\x92\x14\x91\x0f\xdf\x85\x82\x59\x4c\x18\x3e\x79\x59\xbb\x89\x0e\x54\xd5\x6e\x6b\x5f\x4c\xa8\xf5\xda\x69\x87\xad\x5d\x91\xab\x90\x3f\x95\x32\x7b\x48\xe7\xab\x0b\x26\x31\xf0\x66\xae\x07\xec\x6e\x53\xed\xe8\x4a\x9a\x63\x24\x18\x9c\xe8\x89\x6b\x90\x3a\x3d\x6a\x50\xec\x28\x70\xc3\x12\x3e\xb2\x48\xee\x1e\x28\xb3\x26\x2f\xa6\xc3\x2b\xba\x68\x60\x02\x12\x2e\x39\x43\xd2\x18\xeb\xe8\xc3\x97\xd0\x1f\x78\xfe\xd4\xeb\x5d\xe5\xf6\x1a\xb8\xb5\x05\x21\x88\xc4\x28\x98\xbe\x01\x65\xb6\x1a\xcb\x1c\x29\x79\x9e\x65\x0e\x00\x2c\x9f\xdc\x13\x28\x2b\xaf\x79\x67\x81\x66\x0f\x63\x56\xfe\xa5\x2e\x6d\x78\xf1\xd4\xab\xf2\x91\xd5\x20\xbb\x85\xd2\x39\x50\xf1\x11\xf8\xd5\x25\x50\xc4\x7a\x3b\xad\xfd\x6b\x71\x6f\x0e\x9b\x6f\x0f\xdd\xd2\xf4\x72\x59\x93\x1a\xc8\xe8\xe5\x47\xb8\x05\xfc\xf5\x17\x2f\x48\xfc\xa6\xaf\x4e\x2b\x84\x7d\x44\xd6\x3e\xea\xe3\x3e\xaf\xef\x79\x6b\x7d\x0a\x54\x32\x28\xe2\x9a\x73\x9b\x09\x0d\x94\x57\x26\x09\xc5\x89\xc8\x32\x28\x23\x64\x71\x1d\x21\x59\x28\x33\x60\x3f\xd7\x68\xf6\x90\xff\x63\x46\x0b\x91\x9c\x0a\x6a\x1c\x0c\x2a\xbd\xec\xd3\xdf\x7d\x53\xc5\xfc\x0c\x7b\x14\x4a\x18\x4c\x55\xdb\x79\x1d\xbd\x64\x24\x32\x0a\x2c\x65\x9c\xce\xf2\x12\x3c\xaf\x48\x04\xc0\x3d\x10\x9d\xfc\x25\xa0\x8b\xb7\x75\x4d\xe5\xab\xbc\xd3\x55\xdf\xe4\xd9\xed\x74\xa2\xe4\x8e\x85\xdd\xdb\x35\x05\x01\xc0\x0b\xcf\xb5\xa5\xd8\xc7\x10\x6c\x31\x14\xac\x76\xc7\x34\x3c\x67\x09\xb7\xa0\x51\x72\xd3\xc7\xa0\x1f\xa2\xad\xef\x95\x18\x2e\x11\x0c\x49\x20\xe0\xb3\x1f\x88\x4f\x51\xf1\x4c\xdf\x94\xa4\xd8\x55\x7a\x59\x3f\xb5\xc4\x6c\xec\xaa\x34\x12\xbb\x34\x71\x28\x72\xdc\x30\xbc\x12\x96\x2b\x30\xe3\xec\x1c\x2d\x38\x7b\x26\x5d\xd1\x86\x2a\x03\xbe\x17\x51\x04\xf7\x73\xa8\x51\x97\xf5\x42\x4c\xbd\xfc\x58\x55\x11\x77\xbc\xfa\xfd\x10\x58\xfd\x57\x8f\x4e\x9c\xdb\x5c\xdf\xb7\x58\xf4\x3a\x4f\x96\x08\x39\xa2\x75\x2c\xb0\x54\xa8\x7a\x42\x63\x0e\x7d\xe6\x33\xae\xe8\x18\xfd\x0a\x5a\xc4\x5f\xd0\x2b\x20\xdd\x10\xe3\xb2\x46\xc6\xf8\xa5\xc4\xbe\x49\x9e\xfd\x04\x04\xe5\xf2\xbf\x6f\x81\x24\x4f\x39\xa1\xa2\x4f\x06\x2f\x69\x66\x38\x3d\xdc\x25\x7f\x4b\x8e\x2d\x08\xa0\x48\x2e\x67\x83\x80\x70\x58\x92\xe2\x44\xfd\x21\x3a\x3f\xfc\xd6\xf9\xec\x40\x88\xe6\x4a\x84\x20\xb7\xb4\xfe\xbe\x73\x4b\x60\xf2\x10\x03\x2d\x1c\xed\x88\x8e\xe3\x41\xae\xee\x0d\x00\xcc\x2c\x08\xc8\x59\xa6\x1e\xf6\x30\xe7\xeb\x3c\x7d\x8e\x6d\xb9\xb1\xc2\x37\x75\xc6\x96\xca\xca\x9a\x60\x4e\xe0\xba\x8f\x38\xfc\xad\x5e\x83\x85\x20\xd9\x6f\x2d\x49\x8c\x2b\x4d\x85\x84\x34\x13\x8b\xd8\x37\x47\xf5\x48\x0b\xde\x1f\x9c\x80\x6e\x30\x1c\xd9\x89\x68\x09\x55\x03\xc9\x58\xfc\xe6\xca\x7c\xb1\xdd\x9e\x55\xae\xae\xdf\xff\x8f\x83\x89\x81\x12\xe5\x4c\x83\x36\x03\xce\xbf\x7d\xed\x67\x74\x8b\x83\x3f\x6f\x82\x4d\x55\xde\x32\xdf\x73\x81\x17\xcf\x92\x5f\xd1\x83\x91\xe5\x62\x2f\x22\x78\x41\x6f\x60\xbe\xdf\xc7\xf6\xf8\x62\xe3\xdd\x2b\xf2\x9c\x92\x84\x41\xe0\x07\x45\x3b\xfa\x90\x2d\x24\x06\x22\x71\x86\x91\xb5\x5b\x80\xd0\xf8\x89\x66\x07\xd2\x5c\x0b\xff\x9a\x9d\xf1\xa2\xc9\x0b\xb6\xb7\xbc\xf2\x68\x01\x65\x86\xd4\x30\xbb\xce\xbd\xfb\xf6\xfb\x12\x8a\xa4\xdc\xba\x0f\x44\x27\x64\xf1\xbb\xb9\x4a\x0f\x94\xe0\xa7\x80\x79\x9b\x81\xe8\x17\xc3\x25\x5f\xaa\xb7\x05\xfc\x54\x45\xa9\xd3\x18\x4a\x8d\x50\x19\x86\xdf\xab\x77\xf9\x74\x8a\xd5\x20\x66\xc2\xb7\x8f\x43\xb8\x41\x36\x31\xa4\xd7\x15\x66\x31\xd5\xfe\x56\xc7\xd9\xb7\x51\x04\x72\x96\xad\x1f\xb6\xa9\x65\xc0\xfd\x92\x84\xcf\x66\x5d\x26\x80\x69\x73\x09\xab\xf7\x9c\x1d\xe9\x2d\xa4\xe4\x35\xb0\x45\x8d\xf1\xa3\x80\xca\x14\xb0\x4b\xbc\x60\xed\x47\xc4\xac\x87\x14\x53\xd2\x69\x5d\xd9\x4b\x9c\xcb\x39\x1d\x5e\x59\x38\x93\x98\xa9\x6f\xf8\xf9\xa4\x60\xfa\xe8\xf9\x35\x22\x1c\x5a\xc6\x0f\xbc\x0e\x1d\xea\x7b\x7c\x16\x0e\x27\x4b\xbb\x47\xdd\x49\xf2\x43\xbc\xf9\x83\x90\x8e\xdb\x0a\xed\x81\xa6\x08\x6e\xd4\xd9\x3a\xad\xba\xfb\xd6\x81\xde\xab\x88\xd7\xd8\xe4\xfc\xb7\xa4\xe1\x40\x57\xe4\x24\x42\x06\xd7\xce\xed\xd9\x77\xc2\x6b\x9c\xa4\xb3\xbf\xd5\x2a\xd5\xec\x4c\x5e\xd6\xf4\x41\x0f\x1e\x87\x12\x31\x99\xcf\x5e\x0f\x47\x9d\x22\xc3\xf2\x77\x9f\xfd\x0b\x42\xec\x2d\x4c\x81\x59\x45\xa8\xed\x70\xe4\x08\x37\x00\xac\xe8\xb6\x88\x67\x25\x2d\xac\xc9\x9b\x2b\x89\x6b\x87\x7b\xad\xac\x51\x10\xa9\x1b\xba\x99\x62\xe1\x0d\x40\x6b\xdb\xf9\xd4\xfe\xe6\xce\xe0\x47\x8a\xe8\xe4\x11\x65\x46\xe6\x73\x0b\xe8\x98\x8e\xcb\xfa\xc7\x45\xfb\x68\x65\xf4\x40\x55\xf3\xdb\x5f\x1a\x09\xfe\x1a\x4e\x16\x41\xed\xa5\x58\xb0\xba\x84\xf7\xbd\x5d\xba\x3c\x91\x6e\x26\x52\x61\x7f\x71\x08\x87\x38\xb0\xfd\xd7\x53\xd0\x9a\x36\x81\xf8\xb1\xfa\xc8\x3b\x8a\xb4\xee\xf0\x4e\x9a\x2f\xbe\x13\x49\x0b\x3a\xe1\x85\xce\xdd\xbb\x03\x95\x15\xe9\xa1\x80\xeb\x99\x0d\x42\xba\xec\xa5\x3a\xa9\x9e\x97\xcb\xd9\xea\x39\x71\x4d\x75\xd1\xe1\x6f\x91\x72\xbe\x6b\x44\xba\x56\x68\x67\x06\xa5\xf0\xb9\x19\x9d\xd1\x3c\x13\x6d\x74\x21\xb2\x9b\x56\xe2\xcf\x3c\xd0\x3f\xfd\xc9\x64\xb7\x3f\xb4\x16\xad\x11\xf2\x05\x4c\xb9\x1b\x5e\xeb\x62\x28\xa9\x75\x1e\x98\xc0\x4b\xb4\x42\x65\xad\xed\x03\xf2\x70\x9b\x9a\x30\x3d\x01\xfb\xe9\x94\x4a\xf7\xc3\xa6\x85\x4f\x11\x05\x1e\xbf\x58\x33\xf8\x51\xa0\xd1\x7f\x49\x13\x47\x22\x61\x20\x49\x1a\x62\xab\xd4\x21\x9d\xd2\x47\x5f\x63\x90\xd1\x41\x80\x05\x06\x02\xc1\x03\xa5\x52\x3f\x63\x3a\x91\xcb\xfa\x64\xb9\x77\xcf\xa1\x76\xbc\xaa\xed\xe8\x92\x74\x7c\x9b\xad\x2a\x35\x58\xc2\x35\x36\x11\x38\xf9\xf5\x6d\xf0\x7d\x8d\x5f\x5e\x09\x38\x3a\x6f\x9a\x8b\x14\x66\x84\x4a\xcf\x4d\x55\x02\xb3\xe1\x73\x9a\x8e\xc6\xf8\x61\xb9\xa6\x0c\x53\x07\xd3\xcb\x84\x57\xeb\x4a\x02\xb4\x53\x25\x44\x62\x10\xe5\x34\xf3\x11\x93\xd6\x43\x2d\x31\x42\x4a\xd2\x85\x13\xb0\x3d\x9f\x3a\x2e\xeb\xe8\x86\x81\xd0\x52\x7a\xc9\xcf\xd7\xe7\xdd\x52\xa2\x07\x2e\x3d\x7b\x62\xab\x28\x89\xc3\x04\x10\xdd\x39\xef\x68\xf5\x49\x96\x67\x66\x8c\x70\xb8\x72\x11\xc6\x03\xde\x20\x3a\x79\x91\xe6\x88\x5d\xbf\xb7\x56\xfd\x32\xf9\xcd\x5f\x20\x30\xc7\xee\x49\xdc\x39\x9c\x16\xd5\xd3\xc7\x4e\xe2\x33\x79\x9e\x01\x41\xbc\xb0\xd3\x90\x3b\x50\xc1\x41\xab\x7e\x6e\x4f\xab\x94\x0c\xe8\xc0\xbb\xb4\xa0\xdf\x19\x71\x4a\x32\xc6\x12\x5f\x13\x66\xfb\xc3\x7b\x5b\x0e\x87\x25\x45\xa3\x0b\xfa\x89\x4d\x8d\xab\x86\xec\x89\x00\x6b\xa2\x19\x65\x32\x90\xc1\x87\xa3\x0f\xf2\xf5\x9b\x9f\xd1\x2b\x86\x0d\x4c\x07\x6c\x12\x7a\x03\x0a\x9f\x6f\xff\x08\xae\x60\x1f\x84\x4e\x5b\x3f\x9f\x63\x6c\x81\xa3\x3e\xeb\x23\x69\x7f\x83\x3f\x4f\xc1\x80\xea\x67\x3d\xa1\x45\xcd\x19\x90\xea\x4c\xcd\x0d\x6d\x3c\x6a\xa5\xd2\xfa\x0d\x3f\x28\x30\x6e\xb0\x4d\xef\x37\xc2\xae\xf3\xa3\x96\xac\x9f\x89\xfc\x69\xd6\xac\x89\x2d\xe2\x43\xfd\xba\x23\xc7\x96\xfe\x69\x38\x9a\x3d\x0f\xf3\x22\x1e\x2c\x5c\xed\xde\x06\xda\x92\x54\x64\xf1\x7b\xaf\x8d\x94\x7d\x6b\x89\x99\x9d\x61\xad\x66\xaf\x4e\x64\x45\xb6\x19\x37\x21\xa7\x66\xab\x0b\x9d\xe9\x84\xce\xf6\x77\x5f\x54\x98\x97\x02\x7b\x56\x78\x65\x26\xaa\x5e\x09\x03\x27\xfb\xfa\xcb\x78\x72\x73\x00\x31\x8c\xea\x7e\xdd\x43\x81\x42\xfb\xdc\x02\xaf\x7c\xd0\x3c\xc9\x02\x03\x70\x8b\xdf\xf7\xfd\x7c\xb1\x9f\x41\x88\x91\x60\xf0\x31\xfe\x40\xf4\xde\xb5\x39\x5f\xa3\xdb\x40\x57\x27\x3a\x1b\xe1\x01\x5b\x6b\xfa\xee\x13\x4f\x4f\xe4\xbc\x47\xda\xc3\xa8\x66\xea\x2e\xab\x37\xc5\x53\xc5\x12\x33\xac\xb3\x0b\x8a\x23\x4a\x5e\xd2\x27\x5a\x78\x3e\xac\x2b\xd3\x6c\x86\x43\x93\x3d\xc4\xfd\x63\x7a\x85\x4c\x91\x63\xe6\x81\x9b\xaa\xf9\x43\xf5\x06\xa5\x11\x2a\xd1\x1a\xe1\x15\xce\xf6\x0f\x3f\xf9\x1a\x33\x19\xf8\xc9\x17\xd1\xc5\x1c\x4e\x49\xf6\xf0\xc3\x23\xb8\x02\xec\xeb\xa2\x1c\x1b\x3c\x51\x98\xba\x33\x14\x0f\x82\x24\xf4\xdf\x2e\x7f\xf4\x4a\x86\x69\xc8\xcc\x99\x8c\xe0\x15\xfa\xe2\x3f\x1c\x02\x23\x68\x50\x5c\x7f\x15\x2d\x14\x44\x32\x2b\xd3\xc3\x32\x1a\xf0\xb4\x19\xb9\xb9\x13\xb1\xc1\xdf\x82\x91\x4c\x77\x41\x54\xd1\xd7\x56\xdb\x32\x23\x7f\x2d\x21\x10\x32\x33\x4d\x14\x55\x35\xaa\xe7\x16\x86\x4a\x78\xce\xee\x09\x8f\xc9\xb1\x71\x2a\x35\x9d\x42\x8b\xb8\xd4\xdc\x58\x92\x84\xc1\xa1\xad\x15\x7f\xef\x1a\xf3\xf7\xc8\x11\x7c\xa4\x2d\x59\x21\xbf\x3f\x0e\x29\x23\x6b\xec\x45\x04\x66\xa8\xaf\x35\xf2\x35\xcb\x24\x6a\x35\xdf\x6b\x73\xaf\x6e\x98\xc0\x79\x7a\x30\xaa\x50\xd0\xc3\xb9\xa1\xd2\x8c\x65\xd9\x34\x18\xb6\x5e\xec\x0a\x25\x71\xc3\x70\x6e\xa7\x0a\x44\xc7\xdf\xc4\x16\xe9\xcc\xcf\x0f\x3b\x98\x06\xf3\x58\x62\xaf\x9f\x7d\x39\xfd\x97\x7c\xce\x0c\x09\xac\xda\xf8\x7b\xdf\x77\xe1\x16\x1c\xc1\x85\x3b\x93\x7f\x46\x53\xf7\xac\x3f\x91\x23\x7c\xf4\x4c\x2c\x0d\x77\xf1\xfc\x12\xea\x54\x4a\x6d\x06\x11\x3c\x09\x03\x0c\x63\xfc\x32\x58\xee\x02\xb5\x3c\x03\xd9\x81\x02\x63\xfa\xd6\xe3\xd0\x6c\xdf\x70\xe1\x40\xf7\x84\x67\xfe\x5e\x1a\xdc\x96\xd7\x89\x56\xd9\x17\x75\x0f\xba\xb2\x37\x47\x8d\xef\xf7\x60\x80\xf2\x17\x1b\x2f\x5e\xf4\xca\xe8\x65\xc7\xab\x78\xad\x6c\xbd\x14\x42\x17\x60\x7e\xee\x0f\x55\x5a\x06\x49\x35\xf6\x81\x59\x52\x4f\x3b\x1c\x21\x37\x04\x9d\x5f\xb5\x42\xf6\x15\x35\xed\x41\x4d\x95\x54\xa6\xff\x8b\x09\xd6\x7b\x37\x51\xea\x9c\xdd\x9d\x9a\x05\xc2\xaa\xeb\x93\x2f\x58\xa0\x5b\x8c\x30\x2b\x10\x49\x09\xc1\xac\x40\x8d\x5c\x19\x86\xf1\x43\x8d\x46\x22\x97\xa0\x07\x12\x7a\x61\x33\x35\x24\xd8\x70\xfd\xbd\x0d\x91\x34\xd0\xc4\x6f\x54\xa6\x39\x1d\xf1\xf5\x37\xb4\x44\x10\x55\x3d\x6c\x7c\x79\x06\x4b\x10\x96\x5b\x18\x21\x85\x35\xd5\xd8\xb9\xb0\x0d\x2d\x12\xa1\xdb\x7f\x7d\x32\x1e\xbd\x75\xe8\x49\xbd\x03\x46\xab\x45\x50\xec\xab\x3a\x05\xc0\x09\x93\xbc\x64\xf9\x6d\xe0\x8b\x21\x46\xbd\xf4\x28\xa9\x7d\xd4\xc1\x27\xfe\xc1\xff\x31\x19\xd9\xd1\x88\x97\x60\x58\x5b\x7e\xe7\x6f\x00\x9b\x7c\x9b\x88\xae\x0a\x16\x09\x73\x6f\x17\xb3\xbf\x9c\x9c\x3b\xfd\xad\xe8\x53\x6b\x89\x75\x6d\x67\x81\xbb\x6f\x42\xff\x89\xcb\x5e\xf6\x4e\xbc\x87\x64\x83\x95\x50\x7b\x81\x7f\xba\x46\x01\x99\xbe\x05\x40\x69\xf3\x83\xe3\x8b\xcc\x5d\x96\x6a\x4f\x98\xcd\xdc\x30\x8a\xd4\x3d\x83\x51\x0c\x8b\xed\xf4\x99\xd4\x95\x3b\x78\xae\xfa\x4c\xe5\x53\xf7\x77\x3d\x71\x6e\xeb\x2a\xc6\x4c\x6c\xaa\x5d\x59\x12\x3b\x12\x74\xac\x67\xa4\x4b\xfd\xe3\x35\x8b\x1c\x57\xc2\x2f\x20\x82\xc6\x8d\x6a\xd4\xe2\x23\xd8\xd1\x35\x24\xeb\x30\x38\xb2\x13\xad\xd0\x69\x87\x32\x03\x9a\x97\xe3\x75\x32\xb2\x18\xe9\x92\xb6\xa4\x2e\x50\x0b\x61\x74\xce\xd8\xc3\x07\x64\x70\x05\xe9\x64\xc0\x37\xc2\xa9\x48\x1c\x92\xb2\x1a\x55\xbc\x50\xb3\x46\xef\x9a\x9c\xfd\xb9\xc2\xf5\xd0\x60\xa0\x95\x17\x54\xd0\xfd\x13\x81\xe6\x41\x46\x09\xea\x31\x6f\x62\xb9\x55\xbd\xa6\xa3\xd2\xfc\x54\xa7\xaf\xfb\x14\x63\x90\x22\xe8\xd9\x3a\x96\xba\x1e\x37\x53\x11\x86\x7e\x8f\xad\x96\xdf\x4e\x0a\xef\x77\x03\x99\x35\xa5\xe1\xb0\x78\x0c\xa8\xc1\xe6\xe4\x49\x5d\x71\x6a\x1a\xfa\xca\x50\x20\x80\x7c\xf2\xf8\x83\xe8\x08\xc1\x56\xff\x79\x4b\x4a\x92\x39\x44\x16\x14\xce\xee\x7f\x6c\xc4\x60\xf2\x4f\x1f\xbd\xbc\x2b\xe7\xaf\xce\xbf\x79\xe8\x1e\x94\x98\x07\x30\x1a\xbf\x42\x9f\x14\x31\xbf\x55\xae\x5f\xca\x68\x21\x67\x1f\x63\x6b\x55\x70\x85\x46\x0d\xb5\x81\xe0\x7c\x5f\x71\xb7\x01\x20\x8f\xeb\xb4\xa2\xdc\xd5\xe0\x42\x76\xd2\xd2\xaa\x7f\x62\xe9\x4c\x7c\x40\x1e\xab\xd4\xcc\x81\x6d\x09\xce\xed\x5b\x12\x68\xca\x9a\x18\x77\x72\x46\x4e\xef\xbc\xaa\x4b\x7c\x46\xfd\x8f\x3a\xc0\x1e\x04\x60\x77\x83\x09\x3c\x08\x44\x47\xb8\x19\x19\x10\x30\xca\x54\x10\xb9\x3a\x2f\xff\xf7\xe1\xa2\x6b\xf9\xce\xdf\x70\x63\x7b\x69\x96\xb1\x7c\x84\x76\xbf\x68\xee\x57\x5c\x48\xe7\x99\xe8\x47\xe1\x66\x32\x72\x37\x1a\x5d\x48\x6c\x22\x73\xdc\x50\xa2\xd0\x23\x32\xd0\xd7\x06\xe2\x8d\x0b\x37\xbe\x21\xf1\xf9\xf0\x11\x4b\xd1\xdd\xb4\x65\x7f\x0b\xcc\x2e\xb7\x8b\x7f\x62\x91\x4a\x42\x7c\x23\x83\x40\xe7\x03\xb9\x85\x7b\x99\xf4\xed\x21\x0f\x82\xdd\xef\xd6\x1b\x46\x05\x24\xd3\x9a\x5c\x34\x45\xec\x48\x79\xa9\x99\xde\x17\xf9\xe4\x68\xf5\x2c\x08\x88\x8d\xe4\xf0\x7e\xd9\x9a\xd5\xe9\x8b\x67\x6b\x22\xd4\x06\x84\xcb\x4e\x91\x46\x71\x30\x3b\x60\xf7\x88\x5c\x57\x9f\x3e\x9b\x89\xc4\xdb\x17\xd9\xac\x57\x97\x9e\xa9\x43\x2d\x40\xba\xcc\x95\xdd\x56\x2f\x9d\xab\xb5\x28\x1f\x9e\xc0\xce\xae\xd7\x6a\x83\x88\xc2\xc2\xf6\xd2\x38\xd1\xad\x6e\x48\xdb\x30\x46\x2f\x0b\x50\xe3\xce\x19\xbb\xc2\x04\xef\x4d\x27\xbd\xea\xd5\xc0\xd0\x3d\x1f\x19\xca\xb9\x75\xfb\x45\x4b\x74\x24\x2f\x40\x52\x56\x7c\x8b\x29\x60\x82\x2e\xe4\x0f\x87\x42\x8b\x13\x7f\xd2\x3a\x3a\x15\x8f\x83\x3f\x81\x67\xe9\x1f\x22\xb5\x32\x7b\xc7\xf6\x05\xd7\x48\x62\x86\xe3\x5a\x56\xd6\x98\xf0\x86\x1b\x6d\x03\x35\xda\x61\xd6\x90\xce\x86\xa2\x64\x4c\x49\xa2\x6b\xe5\xae\xfc\xe9\xcf\x03\x8e\x96\x42\x5e\x9a\x95\x4a\x52\x13\x07\x06\x38\xc2\x8f\xed\xff\x58\xfb\x36\x80\x64\x5c\x16\x84\xf4\x13\x6c\xad\xda\x67\x86\x4a\x10\xbc\xf3\x84\x28\x07\x94\xa4\xef\xa6\x14\x6c\x91\x8d\x03\xc7\xea\x88\xd9\xb3\xd9\xfa\x3c\x4e\x34\x6b\x91\xfc\xba\xf9\xec\xb1\xe0\x34\x00\x27\xf5\x9f\xce\x66\xc2\xa5\xe3\x95\x26\xbb\x6e\x44\xc2\x9f\x31\x7e\x65\xa5\x87\xe7\x78\xfc\x00\x77\x5c\xb6\x95\x04\x4e\x39\xd2\xa2\x4a\xb8\x22\x68\x2d\xc1\x59\xf7\x47\xa5\x2d\x7e\x80\x2f\xd1\x13\xfe\x08\x9d\xf3\x6a\x35\xc3\x03\x3f\xed\xb4\xba\x7f\xef\xfe\xe9\xf2\xf4\x83\x24\x1c\xce\xc5\x51\x58\x4d\xb9\x3a\x98\x14\xa9\x37\xeb\xb0\xb7\xa0\x2b\x7d\xb4\x2e\x02\x6d\x13\x33\xd4\x60\x24\x75\x10\x39\x1d\x33\x92\x06\xfa\x05\x6e\xc0\xa5\xea\x13\xd3\xa3\xde\xba\xad\x47\x8e\x9d\xbc\x05\x7d\x56\x1b\x37\x2f\xbd\x36\xe7\x20\x57\x58\xa5\xb8\xd0\xb4\x60\x43\x29\x31\x27\x84\x18\x93\x31\x09\x18\xda\x09\x87\x99\xc8\x28\x32\x67\xc0\x0b\x75\x11\x9d\x13\x62\xc3\xff\xb7\x6e\xb8\x39\x0b\x9a\xcc\x70\x10\x04\x01\xc0\xa3\x9c\x05\x4e\x04\x80\x0b\x07\x65\x85\x1b\x0c\x8b\xd6\x84\x92\x13\x0f\x11\xa5\x29\xc8\x48\x8c\x0e\x57\x82\x54\xa9\x75\xd9\x2c\x23\x93\x6a\x0d\x5e\xa8\x82\xdd\xd9\x80\x9b\x5e\x0d\xf3\xbe\x4d\xf1\x4a\xff\x97\xd8\x12\xc5\x85\x76\xc5\x9c\xbc\x19\x36\x3c\xd5\xfd\x28\xc6\x94\xbd\x74\x8f\x40\x10\x80\x3a\x5c\x75\xfd\x49\x01\xb5\xe9\xab\x0e\xe0\xf1\x89\x65\x51\x9e\x71\x5a\xd6\x6c\xbc\x2d\x92\xd6\x89\xca\x52\xb9\x79\x1f\xac\xf4\xf9\x38\x54\x1f\x5e\xbc\x6a\x96\x9a\x07\xf9\xba\xac\x7c\x52\x84\xf6\x65\xfd\xb6\x17\x17\xd9\x6f\x46\x0f\x84\x44\x5b\x9d\x9e\x3e\x9a\xec\xce\x0d\xcc\x1d\x0a\xac\xc4\x96\x28\x7f\x23\xb8\xd1\x80\x86\xe3\x9e\xe4\xb9\xb5\x0f\x76\xc9\xc0\x8d\x28\x2f\x4c\xf1\x32\x98\x1f\xe7\x86\xde\xb8\x68\x23\x00\x56\xeb\xb2\xa6\xbd\xa3\xf1\x0c\xa6\xfe\x6a\x31\x0e\x44\xd7\x1f\xe6\x01\xb4\x81\xdc\xf0\x7c\xd8\xb9\xb1\x62\xea\x16\x7c\x3f\xbe\x31\x04\x49\x0c\xcb\x0d\x0c\x24\x85\x1d\x51\x62\x79\xd1\x2b\xe9\xd9\x53\xa5\x60\x52\x8d\x84\xee\x06\x04\x3f\x9c\x82\xe9\x08\x6c\x15\x4c\xe3\x88\xc8\xa4\x17\x94\x37\x67\x87\x11\xeb\x4e\x77\x65\x27\xc3\xbe\x6b\x47\x2a\x4b\xf8\xcd\x95\x82\x8b\x3f\x78\xa5\xb3\x03\x3c\xad\xa8\x50\x33\xd1\x13\xd7\x4f\x6a\xf0\xee\xe2\x5a\x25\xde\x0f\x8d\x7b\xfb\x2a\xf1\xfe\x78\xe8\x5b\x20\xc0\xa2\x2b\x4b\x73\x05\x5a\x5e\x81\xe4\x36\xc5\x21\x09\x13\x7d\xf4\xf8\xe7\x25\x78\x46\x34\x5f\x4a\x69\x72\xc5\x08\xc9\x74\x5e\xd5\xba\x26\x19\x06\xec\xfa\x72\xdb\x9f\xa9\xc7\xcf\xac\x25\x7a\xcd\xb8\xc2\x69\xc5\xf5\x91\x04\xe9\x26\x08\x83\x51\x71\x2e\x96\xfe\x57\x27\x4d\x56\x97\xc4\x0f\xd4\xa3\x43\x99\x41\xb4\xd5\xe9\x0d\x34\x3e\xbf\x12\xef\x5c\xae\xfe\xa9\xf0\x91\x85\xcd\x9c\x0a\x02\x87\x7c\xf9\xa9\x89\x5e\x73\xe3\x73\x3e\xd9\xa3\xc0\x74\x04\x7d\xd2\xf2\xae\x33\x28\x55\x09\x4a\x46\x13\xf7\x8f\x57\xc3\x61\xc9\xfc\xca\x64\x29\xf1\x82\xf7\x41\xa9\x50\x30\xba\x50\x5c\x45\x8f\x28\x1b\xa8\xb2\xb2\x67\x19\xf1\xba\xc6\x02\x7b\x93\x4e\x2b\xe0\x07\x9e\x49\xf0\xe5\x17\x88\x57\x0b\x04\x14\xbf\xed\xf4\xe7\xc0\x9a\xbe\xa3\x1e\x84\x9b\x8f\xe9\x4e\x0d\xc6\xef\x38\xa8\xc5\xfe\xe3\xc5\xce\x04\x7f\x55\x9f\x9c\x99\x89\x4c\xdc\x63\x70\xda\x40\x38\x68\xcb\xc7\x26\x7f\x65\x08\x7d\xfd\xf2\x44\x0a\x06\xdc\xfd\xf3\xe6\xc3\x96\xc2\xc6\xbd\xe9\xae\xe0\xb0\xe0\xe5\xff\x79\xc6\x44\xfb\x8c\x94\x69\x6e\x57\xea\x2c\x0d\x6d\xe3\x51\x5f\x4c\x36\xad\x3e\x18\x20\xab\x05\x81\x72\x52\xe0\x76\x06\xb0\xb2\x36\x87\x2a\x40\xe4\xb8\x0e\x1f\xf3\xae\xcd\xc7\x65\x4d\x6b\x45\x9f\x2e\xbf\x20\xac\xf9\x34\x9d\xee\xc2\x02\x78\x48\xc2\x60\x47\x33\x50\xbc\x25\xf4\x43\x3e\x76\x4c\x2a\xa1\xb9\xc9\xc3\x94\xbf\xbd\x5f\xff\xf4\x2b\xe1\xf4\x6f\x01\xbf\x47\xe2\x55\x21\xfb\xc9\xfb\x28\x68\xe6\x5c\x31\x7c\x82\xe2\x00\x78\xbd\x38\x05\xa7\x47\x28\x0e\xae\xdf\xfe\x2c\x2f\x25\xee\x5d\xe6\xd9\xcb\x1a\xb7\x80\x20\xdc\x1e\x38\xc5\x08\x71\xae\x0c\x02\xa9\xa3\xa2\xab\x05\x67\x22\xf1\x29\x2a\x6e\x1b\x7e\x74\xcf\x01\xd5\x46\xcc\xb6\xcd\xd6\x13\xbe\xa6\xe3\x62\xc9\x1e\x76\x27\x78\x65\x1e\x1f\x06\xdb\xca\xfb\x6b\xef\xbd\xd2\x42\x62\x71\xb0\x49\xc5\x21\x22\xb1\x6c\xa2\xce\x0c\x84\xa0\x8a\xea\x40\xd2\x33\x8e\x06\xbc\x8c\x40\x52\xfe\x68\x50\x06\xe2\x3f\x7e\x3a\xed\x1b\x66\x29\xb0\x52\x3a\x02\x01\x1c\x43\xfa\x12\x1b\x5e\xcc\xea\x40\x18\x20\x39\x20\x16\x66\xac\xe3\xd9\xcb\x60\x48\x42\x94\x3c\x1a\xf3\xcb\x0b\x9d\x9f\x4b\xaf\x4f\x84\xa7\xa8\x54\xdf\x48\x8f\xf0\x05\x10\x0e\x8c\x80\xa0\x5f\xd4\x37\x39\xc2\x75\x2e\xb1\x52\xa4\x88\x6a\x80\x83\x50\x2a\x8e\xf1\x0b\x5b\x20\x0e\x92\x9f\x60\xca\xfa\xf4\xd3\xa5\x18\x7d\x73\xc6\xbd\x77\x4d\x5c\x91\x4c\x18\xef\xdb\xbc\xa2\x6d\x33\x46\x54\xb6\xd8\xb9\x0f\x91\x63\xcb\x7c\xd9\x3c\x2f\x15\x2e\x24\xbe\xb9\xcc\xae\x46\xf3\xeb\xd5\x29\x4d\xfa\xfa\xdd\x94\x51\xf2\x20\x45\xef\xa6\x01\xd9\x12\x8b\x97\xa5\x45\x4b\x5e\xb3\xc1\xf2\x02\x10\xad\x01\x5d\x64\x76\xb1\xd1\x29\xb7\xd9\xe5\xe6\x49\x04\x92\xc0\x18\x46\x73\xdd\x49\xb9\xa9\xb8\xf8\xb0\x3f\x0f\x25\x36\x7e\xf0\x73\x96\x4a\x75\xa9\x0b\x25\x17\xfc\xa5\x9f\x64\x27\xc2\xa2\x3a\x5e\xbc\x23\x8d\x63\x47\xe2\x9f\xf9\xab\xf8\xb4\x48\x29\x24\x9d\xe1\x15\xed\xa9\xb6\x4f\x85\xe8\x4f\xf5\x4b\x6b\xb8\xaa\xd3\x8a\x42\x9b\xe4\x51\x27\xf4\x03\xf1\x89\x2d\x1a\xf8\x1e\xa1\x9b\xdf\x31\xef\xbd\x49\x82\xe9\xe2\xa0\x24\x06\xca\x30\x96\xc0\x0c\xf9\x9e\x2c\x0f\xa6\xb3\x62\x47\xa1\x2c\x49\xfa\xf1\x2f\xae\xa2\x9b\x32\xe5\xb2\xbe\xf1\xe2\x74\xe7\x49\xca\xe3\x01\xaa\xfb\x02\x21\xab\xbf\x7c\xd3\x1e\xe5\xaf\x4f\x2a\x5e\xa3\xf6\x7b\x8c\xd3\xa7\xcd\x27\x64\xf2\xce\xfe\x4a\xd0\x67\xa3\x3a\xe5\x9b\x09\xbd\xe3\x9c\x38\x56\x2b\x73\x4a\xb8\xa4\x7f\xa7\xbc\xf5\xb1\x46\x7b\xa9\xeb\x42\x35\x5c\xef\xf6\x76\x26\xdc\xfe\x90\xa6\x4d\xdc\x97\x34\x1f\xf1\x93\xbc\xd4\xc1\x25\x0a\x73\x5a\xd4\x72\xd8\x33\xf5\x00\x5a\x05\xa3\xca\x2b\xca\x90\xd1\xb7\x66\xa5\xfa\xb1\xc3\xc4\x2f\xd0\xae\x49\xcf\xaf\x38\x3c\x73\xca\x20\x44\x2c\xaf\xea\x27\x4f\x4c\x3d\x82\x50\x28\xbf\x26\xc3\xdd\x51\x08\x1f\x59\xd9\x0e\x3e\x03\xa0\x77\x9c\x5b\xf2\xc4\x95\xd6\xcd\x30\x0c\xc7\x30\xae\xef\xb0\x01\x37\x6f\x2a\x64\x30\x44\xf7\xd0\xd4\xe1\x65\x10\x70\x71\x40\x65\xb9\xe8\xac\xf0\x2a\xeb\x99\x23\xef\x6b\x4c\x05\xb4\x21\x58\x9d\x10\x52\x99\xb3\xf9\xdc\x70\x11\x05\x8c\x5b\x58\x7c\x43\xbd\xb4\xbe\x0d\x2f\xf1\x55\xd9\x19\x49\xb4\x73\xf1\xcd\x8d\x91\xf9\x59\xdf\x83\x6f\xe8\x55\x75\xc1\x60\x88\xaa\x09\xef\xec\xb5\xb5\x35\x50\x65\x42\x63\x57\x5c\xd7\xf4\x0d\x5c\x4b\x44\x2e\xdd\x3b\x4f\xa8\x3d\x13\x78\x21\x7c\xa5\xc7\xf9\x29\x53\x65\xa6\x66\xa9\xa7\x70\xde\x94\x21\x58\x6c\xca\x28\x53\xe2\x5a\xb0\xde\x3a\x3f\xaf\xee\x96\x5a\x2b\x91\x18\x23\x40\x96\x27\x51\xb0\xf5\x9d\x40\xdd\xd1\x0e\x2d\x5e\xfd\xc8\x56\xc0\x10\x16\x49\x4c\x67\xec\x0e\xd4\xb8\x78\x1b\x32\xea\x3a\x7c\xd5\xd2\x6c\xb7\x95\x3c\x97\x16\xc9\xd6\xfc\x96\x84\x07\x0a\x70\x2f\x72\x73\xe0\x1a\xb5\x42\x2d\x73\xc1\x4d\x50\xe3\xcb\xff\xe6\x59\xd7\x4c\x83\xf0\xec\x5e\x8b\x53\x19\xcc\x80\x8f\x5a\x3a\x68\x76\x80\x00\x80\x95\x73\xfb\x0a\x8d\xe3\xbb\x20\x6a\x74\x31\xc2\xd7\x84\xb9\x6a\x2d\x23\x30\xe5\xa0\xa4\xa1\xdc\x3d\xf7\xad\x1b\x47\xae\xf3\x4a\x4f\x84\xc3\x52\xfd\xf2\x76\x7e\xf5\xce\x1a\x3e\xfc\x6f\xd0\xae\x80\x4f\xda\x58\x6c\xc0\xe3\x78\x47\x47\x77\xad\x4d\x75\x05\xda\x02\x51\xb1\x53\x4b\x72\xde\x06\x02\x7f\x8f\xcb\x23\x40\x82\x06\x88\x5b\x4f\x4b\xb7\x73\x10\x83\xaa\x94\xf8\x08\x7d\x05\xd1\xe8\x0c\x84\xd5\x60\x83\x01\x7f\x0b\x08\x45\x61\x68\x3b\xeb\xc8\x64\x82\x37\x23\xda\x90\xfe\x5b\x06\x83\x82\x94\x37\x9f\x54\x24\x3b\xee\x3b\x21\x39\x92\xaf\xfc\x70\x0e\x44\xc5\xcd\xcf\xa9\x7d\x0a\x6a\xf4\xa6\x5f\x66\x9a\x5d\x5d\xdb\x3a\x6e\x7a\xfd\x6b\xbd\x7e\x26\xe1\x3b\xdf\xdc\x7f\xd9\xcd\xfd\x7d\x93\xb4\xad\x69\xaf\xfc\xf0\x35\xf1\x61\xba\x92\xd1\x53\xd0\xe3\x3f\x0e\x54\xb5\xf5\xbd\x58\x66\x30\x3c\x1f\xa7\xc0\x92\x22\x52\x40\x73\x66\x24\xd2\xf0\x77\x09\xfd\xad\xc8\xfa\x9c\xef\x02\xb8\xf0\xa3\x6f\xa1\x2a\xe2\xc4\x9f\xdc\xa2\xd8\xde\xef\x04\xd4\x60\x02\xf1\x89\xe8\x33\xaa\x2a\xfd\x47\x35\x73\x52\x70\x7d\xee\x6b\x55\x1f\xa1\x72\x87\xea\x9f\xfe\xfd\xac\xab\x35\xe5\xef\x28\x69\x9a\x1a\x84\x7d\x5a\x7c\xa2\x52\xa6\x8e\x19\xbb\xdb\x64\x2e\xae\x9f\x55\xa3\xa3\x9f\x17\x43\x61\x4c\x24\x8b\x13\x34\xbf\x1c\x09\x0e\xea\x02\x29\x53\xe6\x91\x23\xd8\xac\x5f\x69\xcd\xdc\xb7\x94\xc7\x89\x64\x71\xae\xcb\xf1\x2a\xd1\x10\xe5\x29\x3d\x96\xeb\xd1\xaf\x7f\xec\x82\x06\x01\xb2\x00\xb5\xe1\x7b\xc0\x0d\xdf\xc3\xd1\xb7\xb8\x5f\x1b\xef\x2a\x46\x65\xc6\xf8\x09\x8f\xee\xaa\x1e\x06\x99\x50\x21\x17\xc5\x85\xaa\x5c\x3d\xff\x78\x84\x17\xd9\xab\xe2\xd7\x6a\x52\x4a\xf4\x20\x1b\xbf\x32\xbb\xda\x8e\x57\x2b\xfc\x0a\xb5\x9a\x78\xb0\xce\xe5\x93\xec\x4d\x89\x2f\xa2\x00\x0e\x83\x64\x8b\x0f\x61\xee\x73\x47\x88\x8a\x13\x45\x7b\x5f\x70\x25\xef\x51\xae\x0a\x5a\x71\x1a\x80\xe0\xcc\x58\xcf\x75\xdd\xb7\x95\xe5\xe6\x55\xdd\x37\xf5\xdd\x37\x01\xbb\x54\x95\xdb\x09\x54\xa1\x65\xf9\xd9\x53\x17\x4c\xb2\x9a\x30\x5d\xdf\xed\x9c\xa2\x8d\x57\xb5\xed\xd9\x20\x70\x19\x1b\x92\x47\x4b\x1a\x37\xff\x2f\xfd\x0f\x4b\x1a\xb6\x79\x30\xe0\xa5\x0f\xe3\x4c\x9c\x87\xf4\x08\x9b\x93\x99\xe2\x16\x6f\x23\x9e\x31\x49\x9d\x67\x03\x3b\x56\x51\xac\xed\x07\x62\x10\xfc\xab\xa5\x66\x7e\xec\x10\x1e\x1b\xb1\x16\xd3\x86\x93\x5e\x42\x91\xf1\x19\x41\xf2\x60\xe7\x87\xe6\x42\x74\x65\x76\xff\xae\xb5\x7e\xb1\x49\x55\x1a\xb2\x5c\x7d\x3a\xa8\x60\x8f\x97\x61\xc1\xd5\xf5\x8f\xb3\xd7\xb1\xd4\x42\xf8\xdc\x66\xe2\x76\x29\xd5\x2c\x7a\x5c\x2d\xc1\x0a\x26\xf2\x6b\x5e\xdb\x79\x5d\xe7\x55\x60\x9a\xbe\xb4\xe8\x69\xa2\x25\x20\x86\xff\x6e\x2f\xdd\xb7\x74\x44\xdb\x8d\x43\x12\xe1\x2e\xb3\x23\x24\x92\x3f\x20\xee\xe2\x3e\xad\x3f\x5a\x53\x07\x3b\x49\x7c\xd7\xe2\x7c\x69\x7f\x63\x11\x4f\x02\x1c\xc3\x45\x86\x4f\xd8\x68\x34\xcc\xd2\xfb\xdd\x5a\xd0\x66\xc7\xba\x78\xe4\x04\x43\x32\xab\xff\x1d\x2f\xbe\xa8\xae\x70\xb4\xd0\xf6\xaf\x47\x16\x06\x54\xa6\x6c\xad\x85\x52\x9e\x91\x5d\x92\x3c\x9a\x40\xf9\xa8\xd1\x4a\x06\xe8\xed\x77\xd0\xc4\xe5\xd1\x25\x58\xce\x13\xb3\xfe\x39\x5d\x3c\xbe\xfc\xf5\xd0\x8a\x6b\xf4\x82\xa9\x18\xc6\xc4\xb4\x1c\x57\xd5\x23\xb9\xaa\xd0\x95\xae\x5e\x3c\xc7\x60\xc3\x13\x52\x43\x3a\x42\xb4\xfa\x00\x09\x9d\xf7\x5e\xd8\x47\x83\xa0\x73\xde\x5b\x1e\xdd\xeb\x89\xf0\xb5\xa7\x18\xa1\x8f\x0b\xc9\x92\xc0\x0f\x04\x47\x4b\x06\x3a\x9f\xd4\x57\x2a\x3e\x2f\x16\x67\xab\x11\x2e\xb0\x4b\x68\x00\x25\xa7\x8f\x37\x87\xc5\xed\xc0\x07\xda\xc9\xc9\x44\xa3\x59\x97\x79\xfb\xd6\xf1\xe2\xec\x78\x3a\x87\x9f\x31\x39\x33\x1e\xb8\xa9\xd2\xd2\xea\x4a\x7a\xf4\xed\x26\x51\xf1\xa2\x22\x11\x0e\x23\xa7\x6f\x03\xca\x5a\xa3\x2a\xfb\xad\x5a\xdb\xfe\xba\x1f\x62\x94\x8f\xf6\x90\xf4\x4b\x0e\x60\x74\x48\xdf\xf7\xd1\x01\xa4\x36\x90\xfe\xe5\xff\x22\x49\x27\xcb\x6b\x34\xa7\x6e\x59\xd3\x71\x7d\xc0\xc6\xf0\x42\x78\xcf\xc4\xc7\xf7\xe9\x32\x59\xfd\x41\xf1\x5e\xf0\x42\xe5\xee\xa1\x13\xa3\x06\xa2\x0f\xc8\x33\xc9\xf9\x73\x1b\x57\x86\x18\x35\x56\x94\x4f\x1d\x87\x22\x8b\xc0\x3a\x7d\x5a\x20\x83\xf9\xa6\x9c\xc8\xca\xfc\x37\xce\xf8\x47\x9a\x36\x96\x1b\x33\x4a\xa9\xcb\x90\x5f\x11\x8e\x59\x96\x0c\x92\x70\x8b\xae\x07\x18\xbf\x06\xef\xe6\x7a\x78\x8d\x17\x3f\x7c\x84\xa3\x1b\xa2\xe3\x07\xc2\xa3\x7b\xfe\x67\x7e\x78\x8b\xa4\x05\xd0\xc5\xbb\x3f\x7a\xca\x59\x87\x30\x7c\x18\x5e\x0e\xdb\xdd\x2b\x54\x16\xfa\xd6\x20\xd1\x9f\x51\x46\xea\x45\xc9\x32\x01\xdb\xd3\x4b\xea\xf6\x0e\x8f\x13\xa2\x45\x11\x56\x1b\x0d\x55\xb4\xa4\x67\xf3\x9c\x76\x5b\x5b\x87\x16\xc2\x5e\x0e\xeb\x9e\x8f\x1a\x48\xd7\x42\x79\xe4\xbc\xfe\x60\x78\x3d\x56\x6e\x5a\x8b\xad\xc4\x61\x65\x63\x88\x4f\x49\xc8\xd6\x98\xa9\xad\xc8\x5a\x5c\x13\x91\x48\xce\x79\x6b\x80\x16\x6e\x30\xf4\xbb\xa2\x68\x23\xe9\x16\x0d\xec\x07\xcf\xc9\x35\x3e\x46\xf2\x40\x08\x2c\xae\x00\xb0\xaa\xe6\x22\x3d\xa3\x49\xc7\x2d\xf1\x09\x15\x82\x6b\xe6\x52\x6e\x89\x73\x3b\xb1\x10\xef\x33\xfd\xf5\x67\x19\x25\x00\x4b\x6c\x5f\x3d\xbc\x21\x83\xa7\x40\xf9\x49\x26\xdf\xda\xe0\x15\x41\xc9\xe2\x65\x55\x37\xa9\xd0\x10\x2d\x17\xc2\xed\x97\x34\x0e\xc5\x26\x0d\x07\x3c\xd4\x9e\x52\x5d\xd3\x7e\x21\xb5\x57\x64\xef\xf4\xab\xe2\x84\xf2\xa7\x38\xfe\xb3\x2c\xc6\x97\x7f\x46\xb8\x15\x27\x59\x76\xbd\x62\x9c\xe1\x27\x05\xc2\x11\xa2\xe5\xc9\x0b\x98\x2a\xb6\x08\x4e\x73\xb5\x1d\x1b\xe5\x15\x5d\x28\x61\x84\x9f\x97\xec\x08\xad\x00\x14\x50\xd1\x27\x9f\x47\x22\x14\x88\x8e\xef\x03\xdd\xd4\xe1\xb4\xbb\x23\x48\x76\x85\xf5\xaa\xd6\x58\x4c\x67\xfa\x9c\x9b\x92\x1f\x4d\x76\x67\x79\x90\x7d\xe7\xd6\x1b\x3a\xba\x3b\x64\x58\x25\x13\x28\x79\xa0\x52\xd7\x1c\x57\x32\x92\xd2\x5b\x9f\xfb\xaa\xd6\x3f\x4b\xbe\xce\x7b\xf6\x35\xd1\x04\x61\x65\x38\x42\xf8\x88\x81\x19\xca\x49\x1a\x95\x46\x1c\x98\x0e\x44\xcb\x68\xd4\x18\x3f\xbd\xbb\xd9\xf4\xb9\x36\xc6\xc5\xce\x3f\x8d\x87\x68\xcd\x9d\x87\xa0\xe7\xea\x5d\xdb\x60\x84\x2e\xbb\x7e\xb7\xb8\x7e\x71\xdd\x78\x8a\xa5\xa7\xdd\xc7\xaa\x42\x67\x8d\xaa\xfe\xf8\x3e\x73\x0e\x74\x45\x77\x52\xc8\x70\x40\xf6\x0e\xb8\x09\xe8\x07\xdd\x90\x6f\x36\x78\x63\x44\x63\xdb\x32\x3d\xd8\xb0\x22\x9e\xc4\xe2\xba\x89\x58\x43\xf6\x48\xf8\x44\x3c\x05\x22\xa8\x36\xa6\x65\xd5\x74\xd5\x7d\x53\xde\x8d\x26\x68\x50\x2f\x0d\xfd\xb3\xa1\xc4\x2a\x03\x68\x32\x28\x90\xb9\xb2\x64\x47\x09\xda\x9c\xbc\x2d\xda\x51\x06\x4b\x40\xb5\xc5\x56\x75\xda\x30\x4c\x97\x0d\xe9\x2b\xbb\xa9\x23\x02\xd8\xbe\x0f\x0b\x05\xc1\x36\xa3\x8d\x7b\x05\x49\x07\xf9\x92\x83\x9f\xe6\xbb\xf6\x93\xa9\xe6\xa2\x17\x41\x93\x75\x08\x41\xf0\x82\xff\x04\xf9\xb0\x8b\x72\x89\xf2\x40\x74\xb2\xe2\x44\x33\x1c\xc7\xc0\x55\xc3\x5f\xfa\x0f\xe8\xfb\x92\x4b\x4c\xaf\x27\xb2\x63\x24\xd9\xfe\x12\x88\x3c\x13\x9f\xe0\xc5\xab\xaa\xb9\x93\xd1\x0d\xac\xf9\x16\xf7\x5f\xc3\xfc\x26\xeb\x42\xa8\xca\xfa\x52\xe4\xa9\x7f\xca\x45\xf2\xb0\x0e\xa4\x54\x43\xf5\xa6\xaf\x65\x21\x7a\x64\x07\x42\x9a\x68\x70\xa7\xc7\x79\xca\x1e\x32\x05\x80\x37\xe1\x24\xa0\xb7\xd8\x69\x74\x31\x8c\x0b\x89\x19\xf7\x02\xff\xbd\x99\x41\x00\xd7\x9c\x19\x23\xbe\xc3\xcb\x4b\x98\x09\xf1\xc7\xa7\x32\xff\x60\x44\x71\xd9\x33\xef\x56\x8e\x0f\xb1\xac\x9d\xcb\x1a\x82\x5e\x2e\x6e\xd0\xb1\xd1\xd4\x8e\xf0\x98\x5f\x7e\x0c\xef\x19\x41\x21\x72\x5c\xd9\x06\x13\xa4\x33\x14\x56\x87\x65\xd3\x31\xa1\x1b\xbc\xb3\x5f\x9d\xfd\x68\xf6\x23\x2a\x12\xe8\x7a\x44\x83\xc9\x8e\xc2\x8b\x93\x6a\x10\x14\x0f\xb9\x7a\x56\x65\xfa\x01\xf3\x2b\xba\xa6\xb7\xd4\x27\x7d\xbb\xc5\x31\x59\x53\xf2\x18\xd1\x00\x3e\x64\x1c\x81\x5d\x61\x41\xe5\x07\x04\x23\xba\x04\xed\x38\x0f\xd7\x21\xff\x52\xfd\x97\x8f\xeb\x7a\x6e\xa8\x5d\xe2\x55\x45\x52\x63\x8e\x4d\x66\x74\x9d\x93\x29\x74\xce\xca\xbd\x29\xe7\xa3\x06\x5a\x0d\x54\x13\xfd\x65\x8d\x5f\x53\x7c\x2d\x05\x4e\x00\x46\x65\x04\x50\xed\x5f\x2a\x66\xf6\x47\x68\x38\x60\xd5\x91\xb3\x67\xd2\xe4\x2d\x70\x7e\x6e\xf1\x5d\x90\xe5\xd4\x8e\x5d\xcc\xaa\x0a\x6e\x85\x1b\x4c\xcb\x8e\x9f\x08\x4e\x07\x13\x60\xd5\xa2\x19\x93\xbb\xe6\xe4\x2d\x07\x4a\xf6\xbc\x05\xcc\x95\x42\x5f\x03\x80\x02\x20\x47\x06\x07\x42\x26\x1e\x4e\x11\xc5\x89\xba\x21\x1c\xf2\x49\xf0\xe1\x34\x70\x79\x37\x38\x9b\xbf\xe6\x06\xba\x99\xb0\x16\x5d\xd1\xec\x19\xa9\xac\xa3\xbc\xa2\x38\x8e\xd9\x86\x32\x14\x4f\xf8\xf2\x3d\x0a\x32\x4f\xb8\x75\x7b\x17\xb8\x76\x5e\x55\xec\x4d\x75\xf9\x83\x47\xde\xf2\x69\x81\x23\xf8\xe5\x42\x2f\x84\xb4\x50\x40\x13\xbb\xc3\x9c\x31\x63\x04\x9d\x4b\x80\xb2\xe6\x49\x8f\x70\x4b\x76\x24\x50\xfe\xd0\x34\x4c\x60\xc5\xf5\xaf\x1f\xa2\xfe\x11\x96\x3b\x35\x9e\xaf\xe4\x11\xfb\x1c\x38\x36\x81\x3e\x90\x9f\x51\xf2\xa7\xa1\xd9\x70\xe9\xc4\xba\xae\xf3\xd0\x3e\x89\x37\xd4\xa5\x74\x1c\x2b\x92\x65\xc7\x00\x7c\x29\x6b\xeb\x9c\xf9\xde\xbd\xc5\xd1\x27\x56\xcd\x06\x55\x5d\x3c\x66\x0f\x47\x56\x82\x97\x29\x7b\x29\x72\x74\x36\x75\x00\x68\x76\xd4\x61\x69\xf9\xa5\xac\x03\xf2\x53\xea\x70\x76\xc8\x2c\x54\x48\x5f\x76\x0d\xa8\x36\xb4\xc8\x42\x04\xac\xaa\x28\x6a\xa4\xc1\x14\xd0\x62\x0b\x00\x5c\x9e\xf2\x92\x6d\xb4\x4f\xb0\x86\xcb\x0c\x26\x36\x71\x78\x82\xd5\xb1\x65\xd7\xa3\x8f\x0a\x35\xe9\x56\x43\x98\xd7\x46\xd2\x2b\xb9\x20\x93\xb7\x9c\xf5\x0b\xae\xef\xb7\x50\xe0\x8e\x0a\x72\x95\xdb\xc2\xa1\xa5\xb0\x86\x85\x52\x4c\x43\xf6\xf6\xe6\x93\xb2\x13\x99\x35\x5b\xc3\x24\xa6\xac\x74\x00\x64\x01\x23\x70\xec\x81\xf2\xd8\xe0\x4e\xf3\x5e\x1d\x86\xd2\x14\xad\xb9\xf7\x4e\x9a\xdf\x41\x96\xdf\x91\x49\xf0\x91\x7a\x4a\x0b\x08\xc1\x99\x8d\x24\x37\x7e\xd5\x43\x55\xf2\xb3\xc1\xa4\xfc\xe4\xa1\xf2\x84\x3f\x62\x52\x42\xa3\xcb\x11\x80\x01\x8f\x84\xa2\x16\x7e\xcc\x75\x99\x7f\x20\xa2\x54\x18\xe0\x07\x85\xe3\xb2\x66\x07\xb2\x15\x1b\x9a\x26\x86\x74\xe7\x72\x7b\xe5\x9a\xe6\xce\x6b\x79\x91\x3b\x12\x5f\xd3\x47\x98\xdd\x7c\x80\x5e\xea\x1c\xb3\x08\x57\x91\x92\x9f\x21\x35\xd5\x94\x61\xe4\x1a\x4e\x81\x7f\xd6\x8c\xff\xe6\x9c\x43\x84\x7c\x9c\x50\x00\xfb\x8c\x39\xc4\x81\xae\xf9\x81\x17\x08\x2a\xa6\xa4\x50\xd9\x90\xcf\x88\xde\xa5\xc8\xb1\xe5\xf7\xa1\xfd\x57\x41\xaa\x7f\x7f\xfe\x31\x8d\xa0\x33\x35\xef\x9d\x67\x68\xcd\x83\x68\xcb\x85\x3a\xcb\xd5\x61\xa3\x0c\x0e\xe8\x38\xac\xe9\xc3\x9e\x6c\xda\xbb\x3f\x99\x1e\x33\x63\xe4\x23\x3b\x73\x2c\xf1\x19\xde\x27\x2d\xcc\x3f\x6f\xf2\x9c\x26\xfb\x98\x25\x54\xc9\x53\x04\x52\xdf\xac\x4c\xc4\x09\x67\x07\x1e\x9f\x51\xab\x7d\xba\x9f\x13\x90\xe1\xf9\x96\xcc\x63\x3d\x2f\x1c\x34\xf0\x65\x17\x00\x5a\x33\x54\x9a\x90\xb9\xfe\x6b\x0e\x99\x29\x3b\xbc\x23\xf0\x98\x22\x46\x97\x22\xc3\x80\x64\xce\xe2\xc3\x0a\xcf\xf0\x3e\x6c\x24\xfd\x1f\x8f\x29\x6e\x25\x3f\x54\x08\xb6\xe8\xeb\x52\xa5\x6f\x3c\xf0\x8e\x5e\xa9\x31\xbe\x78\x16\x17\x08\x09\xec\x01\x12\xa9\x00\xdf\xca\x37\x2d\x47\xf0\x47\xbf\xa4\xda\x22\x5d\x8d\x03\x84\x07\x0c\x97\xf6\xe5\x59\xc9\xd5\xf3\xae\x70\xe5\x42\x96\x8b\x41\x03\x14\x18\xa1\xf6\x17\x39\x0f\x51\x5a\x32\x55\x11\x40\x7e\xdc\x32\x1c\xd6\x23\x4c\xd0\x25\x81\x74\xa0\x97\x18\x74\x6e\x62\x54\x25\x5d\x30\xe7\x27\xfb\xc6\x41\x3a\x9f\xa3\xc6\x67\x43\x86\xd4\xb9\x8f\xce\x33\xb5\xf6\xb3\xc0\x6f\x4a\x10\xa7\x4f\xfe\x08\x45\x0a\xc7\x25\x2d\xc1\xf2\x8a\xce\x68\x12\x1f\xdb\x17\x38\x54\xe0\xfd\xc7\xe0\x1f\x0c\x50\x38\xe4\xe8\x12\xe0\xb5\x82\xdb\xf4\x1e\xea\x26\x37\xb8\x60\x8f\x0f\x97\x55\xdc\x8b\x11\xfd\x6f\x1e\x6d\x21\xb2\x6f\x21\xbc\x7b\x02\x6c\xb4\x45\x71\x45\x03\x5e\xa6\xfd\xa2\xc6\xa3\xd2\xc6\xbd\xd2\xda\xbd\xc2\x95\xc3\x9c\xf2\x7e\x91\xfe\x69\xca\xe4\xb1\xcf\x6f\x98\x97\x86\xd2\x15\x53\x16\x5f\x9a\xc0\x8b\x96\xd1\x37\xba\x44\xa3\x82\x0e\x53\x23\xf1\xca\xd8\xa9\xd1\xad\xdf\x2c\x13\xf4\x41\xd5\x9d\x57\xa3\x8b\xff\x1d\x80\x96\x19\xee\xdc\xfb\x38\x2f\xff\xf9\x6e\x07\x2a\x64\x1b\x36\x3c\xef\xdf\x56\x0d\xb8\x48\x45\x7b\xb5\x1a\xb0\x2a\x87\x29\xf8\xd7\xa2\xea\xef\x53\x44\x2d\x15\xfd\xa9\x54\x8b\x9d\x4a\xdb\xfb\x75\x2f\x2c\x51\x8f\x97\xd9\x88\x4b\xde\x94\x98\x95\xff\x97\x23\xe2\x68\xe1\x0f\xd2\x44\x43\x52\x7c\x95\x2a\x24\x09\xdb\x97\xd9\x3f\x4e\x60\x7a\x74\x6c\xa9\xd1\x53\xb6\xd9\x42\xe3\x7d\xa7\xc1\xde\x42\xa1\x14\x2f\x87\x20\x1c\x56\x15\x59\x9f\x2e\x0e\xc5\x87\x34\x6d\xa5\xec\x49\xd8\x9c\x2e\xe2\x33\x29\xb2\xa0\x35\x64\xce\xad\x89\xfa\x23\x99\x64\x4f\x25\x2f\x38\x37\x15\xf8\xd7\x80\x77\xa1\x81\xba\x4e\x52\xa9\x59\x53\x69\xd9\xd3\xc8\x44\xb3\x82\x26\xdc\x74\x5c\x56\xa2\x24\xc3\x99\x6c\xb0\x43\x68\x7c\x5f\x34\x9d\x1e\x07\x1c\xea\xdb\x27\x62\x50\xc2\x70\x58\x56\x67\x1a\xc4\x24\xf4\x27\x3e\x05\xbe\xf0\x2a\xae\xf5\x08\x2f\xd0\x1a\xca\xc8\x2e\xad\x4e\x66\x48\xf9\xcd\x87\x05\x27\x30\x90\xe2\x2d\x30\xcc\xdc\x22\x24\xb8\x71\x99\xe2\xc5\x12\xee\x59\x54\x55\x33\x55\x55\xe4\x98\x52\x0a\xa4\x9b\x68\x83\xb1\x46\xb4\x58\x34\x07\x2a\x6b\xfe\x1a\x4d\xe0\xc3\xd8\xea\x48\xc0\xfb\xee\xd2\x83\xff\x8c\x17\x5d\x45\x44\xd9\x74\xff\x0e\x05\x48\x91\x7f\xdf\x73\x3a\x36\x3d\x57\xaf\x6d\xe2\xfb\xb0\xe1\xf9\x8f\xff\x0b\x18\x9b\xb3\x16\xe0\x9a\x55\xd6\xa6\x71\xba\x02\x57\x58\xf8\xad\x03\x29\xbd\xd0\xa5\xbd\xd4\xa5\x11\xd4\xbc\xbd\xf5\xa2\x3a\x52\xd0\x0a\x8b\xf0\x5b\xc4\x5f\x20\x36\x76\x28\xfe\xab\xfa\xb2\x27\xfc\xcf\xf1\x84\xc1\x90\x00\x95\x07\xea\x86\xc5\xf7\x79\xb7\x10\x00\xb8\x80\x24\x48\x78\x99\x26\x1f\x63\x1b\x6d\x44\x61\x48\x5c\xe3\xd9\x55\xc5\x32\x6a\xe3\x23\x46\xc7\xdc\x06\xef\x5c\x8b\x31\x6e\xf1\x2e\xc9\x7c\x33\x23\xd0\xa1\xd9\x90\xc1\x47\xfe\xdf\xe3\x37\xfe\x6f\x48\xc2\x40\x74\x72\xff\xf2\x32\xe4\xec\x83\x22\x0c\x7e\x8d\xea\x9e\x1b\x41\x09\x81\xe8\x24\xf4\x67\x9d\xc5\xdf\xf8\x2a\xdf\x35\xdd\x98\x6f\x10\x61\xb3\x19\xe8\x7b\xe1\x95\x45\xb4\x4a\x7c\x14\x91\x88\x3a\x56\xd7\xe7\xdf\x6c\x91\x34\x50\x59\x53\x5c\xe8\x23\xf7\x22\xa5\x39\xba\x76\x88\x9f\x03\x8b\x98\x2f\xe5\x49\xcf\xaf\x26\x69\x9f\x86\x93\x70\xd9\x52\x20\xea\x83\x17\xb2\x39\x2e\xd1\x27\xbe\x73\x5f\xdc\x22\xae\xd8\x11\x7e\x8b\x24\x23\x08\xe7\xb8\x3f\x97\xfc\xd8\xea\xcf\xa3\x4e\x35\x66\x40\x45\x14\x26\xe5\x3d\x68\xe2\x0b\xe0\x65\xa9\x4b\xeb\xa5\x5d\xc9\x8e\x24\x56\xa8\xf5\xae\xbc\x96\x08\x86\x6e\x06\x9d\xee\x61\x1f\x59\x7b\xa9\x57\xe5\xe8\xbc\x67\x70\x9f\x03\x21\x69\x62\x1c\x1b\xf2\x87\x93\xe4\xf2\x5e\xe4\x86\xea\x52\x03\x4e\x39\xdf\x66\x07\x82\x8b\xe7\x4e\x54\x41\xb0\xa4\xc4\x19\x13\xfd\x2f\xa5\x95\x85\x7a\x66\xa2\xd0\xa7\x78\x56\xe7\x19\xd4\xb0\x52\xdc\x82\x15\x96\x64\x93\xd9\xfe\xed\xc1\x49\xf2\xf3\x8f\x25\x76\xe0\x25\x10\x3e\x07\xa2\x9a\x52\xb9\x7a\x85\x8f\x2c\xda\x43\x2c\x5c\x56\xe2\x24\x49\x8a\x07\x94\xfa\xb1\x32\x7f\x96\x49\x9a\xa0\xc7\x0f\xfe\x82\x2e\xfb\xf4\xef\x7b\x4a\xfe\x0e\x0f\xd9\x6c\x7c\xad\x69\x20\x2a\x41\xc8\xe2\xec\x92\xe8\x87\xc9\x9a\x18\x5b\x86\x57\x30\xef\x55\x22\x02\xec\xb9\xef\xf5\x07\x9f\x43\xe9\x50\xc9\x99\x05\xdc\x09\x66\x07\xfd\x50\xc4\xaa\x96\xd7\x87\x61\xeb\x46\x8c\x4b\x9f\x58\x2c\x95\x13\x85\x89\x53\xb4\x0c\x74\x0b\xe9\x86\x5e\xc0\x03\xcd\xf0\xe2\x4d\x6e\xdd\xdb\xbf\xfe\xbc\x14\x51\x25\x00\x89\xe3\x88\x33\xa1\x24\x21\xa2\x91\x0a\x14\xd7\xe6\xa7\xc5\x56\xfa\xcb\x47\x9a\x26\x98\x9e\x50\xe9\xdd\x8b\xcd\x27\xbc\x0c\xc9\x89\xa6\xe1\x3e\x51\x58\x23\x6a\x5e\x5a\xbf\xbb\x9a\x81\xa8\x27\xd3\x57\xa7\x0e\xba\x10\x6c\x64\x79\x67\xcf\x91\x4d\xaa\x48\x30\x24\x3e\x6d\x79\xb4\x6d\x6e\x05\xd3\xfc\x9c\xcb\xee\x85\xba\xe7\x6a\xca\xb0\x9f\x27\x76\x5d\xd5\xd9\x25\xfa\xbe\x64\xb9\x7b\xa6\x0b\x40\x7f\x15\x9b\xbb\x9a\xfe\xe5\x88\x35\x7d\x9f\xf3\xec\x12\x4b\x38\x15\x57\x4f\xc9\x99\x8c\x38\x40\xeb\xce\xc3\xff\x70\x30\x2f\x49\x3d\xb4\x5f\x73\x87\x71\x27\x0e\x45\x4c\x92\x7d\x5a\x50\x93\xd3\x0a\x1e\x74\x41\x93\x99\xc0\x98\xf0\xbe\x6b\x82\x77\xce\x13\x25\x9b\x86\xc0\xc8\xa3\x9c\x16\x62\xef\x56\x79\xa4\xf3\xe7\xc5\x9b\x23\xce\x86\x0f\xbf\x09\x44\xae\x80\x89\x54\xdf\x1d\x31\x9a\x18\xf9\x4b\x2a\x09\x5a\x40\xa1\x21\xff\x69\xbc\x2f\x5a\xbe\xc0\xac\xe2\x48\x26\xbb\x54\x46\xdd\x8d\x91\x5a\x1b\x23\x8a\x53\x6c\x4c\x79\xf1\x10\x3d\x28\x8e\x9f\xca\x81\x9a\xf5\x7a\xa1\x07\x27\xb5\xb9\xee\xb4\xa4\xe1\xa4\xbc\xba\xa9\x73\xe0\x39\x45\x9f\x32\xff\x98\x4e\x62\xc7\x6c\x22\xef\x57\x12\x7a\x9a\x4b\x7e\x2e\x74\x6c\x30\x4e\x16\x87\x88\xe4\x6a\x5b\x10\xf4\xb9\xc0\x80\x59\x3b\x86\xf9\x82\x27\xea\x3d\xbf\xf9\x57\xf3\x08\x59\xce\x2a\x26\xdf\x27\xef\x57\xe2\x92\x86\xdb\x85\x90\xec\x34\x60\x94\xc9\x71\x91\xb0\x3f\x67\xf5\x35\xf7\x9f\xe8\x76\x4d\xa5\xd3\xe5\x15\x3a\x98\x74\x46\x03\xfe\x27\x16\x69\x6b\x56\xe0\x86\x51\xa1\x61\x7a\x35\xce\x7b\x1f\x86\x28\x4d\x0c\x03\x2a\xdd\x4e\x1b\x50\x53\x40\x9f\x18\xd2\xf0\x02\x46\xe7\xa0\x3b\x69\xae\xdc\xb0\xe8\x9f\x0f\x5b\x91\xb6\xab\xfa\x8e\x28\xbf\xd1\x68\x7d\xd9\x80\x57\x4b\xc3\xf9\x04\xd3\x55\x94\x60\x3b\x7c\x07\xc2\x8c\x9f\x07\x2a\x94\xd7\xe9\xf6\x42\xb0\xbc\x24\xf9\x44\xc7\xae\xba\xc7\x00\xe8\xa6\x0d\x73\xcf\x2b\xdc\xaa\xbc\xb2\x0c\xee\x8e\x7d\x53\xa8\xdb\x5b\x64\xe3\x20\xc9\x91\xf4\x8a\x34\x58\xfd\xb1\x4c\x2d\x1d\x0e\x3a\xa6\x89\x39\x92\x09\x80\xdd\xb1\x00\x02\xb4\xeb\x0f\xea\x3b\x6a\xe0\xc1\x83\x8f\xcd\xbf\x36\x70\xad\xeb\xda\x2e\x4b\xa7\x67\x47\x76\x9b\xd6\xb3\xf4\x44\x75\x8c\x24\xcf\xb6\x0e\x3a\xaf\x25\x92\x15\x67\xc9\x31\x6d\xac\x23\xd4\x99\x38\xbb\x54\xf9\xc7\x98\xb4\xf1\x28\x4d\xb4\xe6\xf4\xb1\x64\x53\x14\xd5\x93\xe2\xa4\x5d\x10\xe1\xa5\x15\x2e\xb9\xf3\xa6\x12\x74\x71\xfd\x59\x17\x6d\xa8\xf2\xc6\xe6\xf3\x0c\x26\xe8\x6f\x79\x41\xa5\x75\x76\x4f\xd6\xb6\x76\xa7\x2d\x07\x09\xc2\x1b\x2c\xad\xd5\x9a\x29\xd4\xda\xc8\xf2\xd5\x27\x69\x84\x4a\x94\xed\xb1\x45\x50\xd1\xd7\x75\x5c\x1e\xa7\x81\xdd\x7d\xdb\x3f\x2e\xee\x35\x63\x9f\xa7\xed\xfe\x49\x24\x0d\xc0\x03\x0a\x65\x38\x6d\x48\x57\x05\x52\x1e\xe3\x96\x47\x96\xde\x0e\xb7\xcf\xb1\xc4\x76\x54\x19\xf2\xe0\x6a\x48\xb1\x7f\x71\x70\x01\x77\x8f\xd2\x95\xeb\x4a\xec\x60\x65\x35\xcc\x97\xc9\x31\x65\x8c\x54\x42\x00\x25\x13\x16\x26\x42\x5f\xd9\x0c\x4c\xb6\x03\x58\x52\xe7\x15\x3b\xb2\x35\x24\x0a\x63\x5f\xfe\xe9\xc4\x24\x50\x4a\xd1\x90\xa0\x31\x88\x8f\x1e\x58\x96\x6c\x44\xc4\x9f\xbf\xfe\x7e\x9d\xbe\xb3\x32\xff\x87\x1a\xb0\xee\xd9\x82\x18\x48\xc3\x9f\x56\xcf\x6f\xa2\xd3\xc5\x11\x9b\x85\x2e\x80\xdf\x4d\x40\x45\x14\x90\x25\xf8\xde\x0c\x31\x31\x63\xf4\x3e\x68\x67\xde\x31\x6c\x77\xd5\xac\xc6\x12\x85\x46\x67\xf0\x97\xec\x87\x24\x70\xf6\xf7\xad\x67\x95\xb9\x8b\x6a\x85\x96\xfc\x8c\x54\xb7\x9e\x7f\xec\xe2\xc2\x85\xf7\x23\x2c\xde\x99\x71\xbc\x8c\x86\x8e\xf5\x6e\x79\xb2\x26\xd8\x9c\x3a\x32\x98\xc7\x40\x6b\x4c\xb5\xda\x2d\x1d\x03\xd6\xce\xbd\x15\x65\x48\xaa\x8d\x00\xae\xdd\x24\x15\xea\x4e\x5d\xb5\xfa\xa0\x6a\xeb\x5d\xd8\xd0\x52\x74\xd1\x91\x5c\x60\x07\x74\x86\x32\x7d\xda\xb2\xc5\x58\x95\xe5\x8a\x4b\xe2\x62\x8f\x48\xad\xbb\x15\xde\x33\xdf\x30\x65\x44\x0d\xba\x1d\xd4\x15\x24\x39\xab\xd1\x89\xa1\x9c\xbe\x32\x38\x46\xc8\x3b\xa0\x54\xee\x5a\x3e\x09\xb8\x26\x17\xcb\xa2\x6c\x41\x8e\xc8\xff\x98\x2f\xb0\x33\x5a\x56\x27\x3c\xa1\x2c\x98\xd4\xee\x9d\x8c\x62\x28\x35\x7c\xcd\xd0\x17\x04\x39\xae\xb8\x3a\xd1\xd2\xb8\x17\xbc\x10\x35\x7c\xf8\x94\x1a\xce\xa9\xea\x32\xd1\x00\x2e\x1c\xc1\x50\x1d\x41\x6d\xf2\x23\xda\x86\xf6\xcb\x56\x54\x0f\x00\x81\x87\x54\xd3\x72\x07\xc1\x6a\x78\x34\xdb\x26\x09\x8f\x2c\xe0\x89\x6f\x2a\x37\x47\xe7\x8c\x63\x4c\x52\x58\x9d\xab\x73\x16\x44\x8d\xae\x6e\x5f\xb1\x44\x0f\x1c\x42\x3e\x9d\x05\x68\xee\xd1\xbb\x9a\xe0\x13\x39\x23\x9d\xd3\x89\x03\x2f\x34\x31\x91\xd9\xa5\x4e\xc1\x46\x88\x3c\x4e\x1d\xa6\x8b\xb2\xaa\x5f\x43\xea\xba\x07\xc1\xb6\x76\x18\x9c\x30\x1b\xbf\x02\x00\xac\x28\x58\x84\xd1\x43\x77\x82\x4e\x22\x2c\x9d\x3f\x11\x97\x19\xca\x8c\x39\x36\x54\x0e\x4f\x3c\xbe\x75\xdc\xc9\x12\xb5\x50\x61\xbd\x55\xf1\x08\x31\x97\x8b\x7b\xac\x30\x97\x5b\xb1\xcc\x1c\x29\x79\x66\xec\x1b\x2b\x3a\xfd\x33\xd2\x31\x79\x62\xb7\x16\xfb\xb1\x5e\x35\xa7\xe1\xd0\xb8\xfc\xcf\x77\x80\x60\xad\x85\xed\x58\xfd\xe1\xdf\x3b\xa9\x78\x64\x6a\x66\xf4\x94\x51\x91\x4d\x77\x5d\x56\xb5\xc1\xca\xa9\x17\x1b\xdb\xb1\x46\xbe\x75\xa6\x86\xc2\xa5\x67\x8f\x63\xbe\x24\x2a\x22\x9c\x57\xbd\xcb\x8b\xdb\xd0\xdc\xf7\xf2\x31\x0d\x78\x8f\x31\x2b\xbf\x99\x2b\xcc\x29\x07\xca\x8f\xb4\xd1\x5c\xe7\xc1\xf2\x23\xa0\xc2\x8a\x50\x32\x98\x68\xe2\xc6\x77\x78\x02\x01\xcd\x7c\xef\x3d\x8d\x68\xaf\x92\x60\x08\x40\x2c\x52\xfa\x8b\x69\x24\x35\x04\x4e\xf4\x45\x5e\x5c\xe2\x90\x63\x14\xaa\x25\xd2\x50\x6c\xaf\xa9\xdd\x92\x15\x8e\x97\x9f\x99\xad\xc4\xb9\xc7\xa3\x32\xd6\x53\x60\x6a\x1f\x90\xd1\xc6\x98\x7d\xd7\x2d\x93\x7a\xbd\xfc\x82\x3f\x8f\xe2\xf8\x7b\x48\xd2\xeb\x87\xdc\x8c\xe2\xe4\x5d\x91\x06\xe5\x11\x66\x30\x0c\x7c\x99\x2e\x55\x8b\x95\x9c\x69\x2c\x72\xfb\x75\x70\xdd\x5e\x67\xcc\x9d\xfd\x33\x06\x1a\x88\x68\xc2\xe4\xe1\xf4\x8a\x66\x33\x2c\x2d\x26\xc4\xd9\x2e\xe7\x7b\x18\xf0\x4b\xa5\x28\xd9\xdf\xd4\xad\x0c\x5c\xf1\xb1\xc2\x5c\x39\x00\xdc\x47\xa0\x08\xaf\x91\xdc\xd0\x19\xd6\x05\xc5\xa8\xea\xeb\x40\xfd\xf2\xc3\xa5\xa4\x0f\x44\xcf\x87\xcf\x3b\x35\xa5\x8a\xbd\xe9\x38\x1c\xd6\x56\x9e\xc0\x55\x8c\x24\xbf\xa3\x00\x9c\xc2\xc4\x03\x21\x83\x0e\xcc\xc3\x75\x25\x4e\x74\x1f\x4f\xd1\xbd\x00\x11\xbe\xc7\x6f\x3b\x10\xe2\xbd\x18\xc1\xb9\x2e\x62\x6e\xb2\x79\x8d\x11\x9e\x01\x93\xb6\x19\x41\xe4\x54\xee\x3c\x8c\x86\x42\xf6\x16\x58\x11\x15\x93\xc6\x31\xda\x5b\x28\x5a\x47\xd1\x91\x17\x3e\x79\x2e\x97\x24\x99\x48\x0c\x31\x84\xe7\xda\x88\x38\xe0\xc4\x2f\x2b\x4e\xd8\x7c\x0c\xec\x9b\xc0\x3c\xe4\x1f\xb6\xba\x64\xf8\x0b\xd1\x1b\xd3\x19\x0d\x07\x2f\x84\xc0\x8a\x19\x64\x6a\x8d\xbb\xcf\xbd\xc4\x75\x4f\xb6\x7b\x7a\x8d\xc0\x79\xa0\xba\xf0\xc7\xce\x99\x04\x50\xe4\x2e\x83\x07\x30\x45\xd8\xd4\xf6\xc3\xb8\xac\x69\x75\x91\x80\x48\x19\xdc\x02\x11\x15\xbc\xb2\x2c\x03\xae\x15\x25\x31\x56\x41\x7b\xa9\x45\x0e\x64\xc9\xf3\xd8\x96\x26\x9d\x43\xdd\x09\x90\x14\xb2\xab\x97\x66\xa7\x90\x7d\x12\x16\x53\xf1\x7d\x35\x6e\xbe\x78\xfe\xe7\xa1\x44\x2e\x03\x1f\xe8\x2c\xc9\xdd\x63\x6c\xd1\x5b\x20\xda\xf3\x03\xc9\x69\x80\x03\xce\xa3\x40\x9c\x17\xb1\xc2\xcd\x6b\x52\x88\x83\x47\xe8\x2d\x3d\xa6\x62\xef\xde\xb5\x56\xe0\x20\x80\x13\x82\x2e\x5b\xc1\xa4\x54\x4a\xe2\x9b\x4d\x78\xcf\xf3\xdd\x35\xee\x3e\x5a\xe9\x56\xd6\x61\x83\x09\x4c\xe5\xea\x7f\x05\xbf\xec\x2f\x17\xf9\xe6\x46\xf9\x1c\x5a\x88\x3f\xaf\xb9\xf4\x6f\x51\x5e\x8a\xcf\xb0\x56\xe4\x6e\x6a\xb0\x6f\xda\xdb\xfc\x7a\xef\xc3\x6f\x12\x21\x83\xcc\x80\xdc\x4e\x1e\xb6\x04\x71\x20\x3a\x8f\x3e\xa7\xdf\xc3\x3f\x3f\xf1\x7b\x66\x2a\xc3\x7e\xf3\x91\x9a\x1e\x17\xcb\xd5\xca\xae\x0f\x46\x32\xf8\x90\x21\xd5\x94\x3f\x95\xe9\xe1\x3d\x11\xb8\xb5\x3f\x8f\x92\x13\x8f\x4e\x6f\xc8\x60\x53\x1f\xbc\x86\x39\x06\x38\x52\x6e\x3d\x92\x2d\x5f\x43\xd6\xdf\xdf\x67\x57\x11\x18\xed\x43\xb8\x4d\x1b\x4c\xe8\x57\x45\x89\x8e\xed\x3f\x33\x96\x35\xe8\x46\xa9\x6d\xec\x29\x3d\xdc\x02\x43\x74\x97\xda\xd7\xfc\xa0\x58\x88\xec\xef\xa1\x2d\xb5\x0d\xbf\x1f\x0f\x1c\xec\x82\xc8\xfc\x42\x8d\x11\xc9\x3f\x18\xa4\xe3\x65\x44\x06\x3a\x6c\xf0\x9e\x04\x58\x63\x4b\x4c\x80\x93\x65\xc6\x48\x3a\xf0\xa0\x3f\xbe\x0f\xfb\xc5\x07\x9e\x96\x84\x2d\xb1\x06\xd2\x9e\x74\xc7\xb2\x48\xe0\x96\x04\x5a\x6a\x2b\x36\x7b\x36\xbe\xe0\x03\x15\xbc\x3f\xf1\x07\x88\x2e\xc3\x97\xfc\xcd\x0b\xaa\xea\xa8\x82\xc5\x5e\x73\x4b\xb7\xe2\x4c\x72\xa4\xa0\x9f\xf9\x09\x63\xc9\x44\x42\x35\xfe\x1f\x7b\xdf\xad\x73\x31\x8f\x6d\xd7\xdf\xc7\x70\x67\xa8\x50\x4e\x30\x5c\x48\xe7\x28\xe7\x1c\x3a\xe5\x9c\xb3\x00\xbf\xbb\x71\xbe\x01\x8c\x7f\xdc\xdd\x7e\x08\xa8\x10\x41\x70\x8b\xe4\x02\xf7\x5e\x14\xc9\xf5\x26\xba\xdc\x51\x74\xb4\x9f\x00\x48\x5c\xd4\xa4\x08\xc8\x17\x58\xb4\x44\x17\x08\x3a\x3b\x8b\x95\x99\x22\x13\x43\x7b\xcd\x0c\x77\xb2\x10\x8c\xc0\xad\xe9\x0d\xe8\xbd\x43\xe4\xfd\xe4\x08\xb5\xf1\xa8\x3e\xd3\xa4\xe8\x6d\x8c\x5c\x50\x42\x6a\x69\x9d\xc9\x8a\xd3\x2d\xcb\xba\xd0\xa2\x44\x4c\xa5\x8a\xa7\x31\x9a\xcb\xd7\x9d\xd0\x69\x06\x94\xfa\x36\xbc\x7e\x8b\x6d\x8f\xe4\x8f\x31\x82\x25\x7c\xfd\x63\xa3\x0b\x07\x19\x35\x61\x74\xb3\x6a\xef\x00\x18\x09\x48\x05\x45\xa5\x1d\x20\x6f\x70\x97\xa7\xd8\x02\x44\xa1\x8d\xbe\x50\xe5\xe1\x0b\x80\xe7\x89\x12\xdb\xa1\x27\xbd\x1c\xf8\xa3\x3b\x61\x74\x01\x96\x27\x61\x73\xb4\x49\xe6\x00\xbd\x26\xc1\x6e\x9f\x62\xc2\x5b\xc4\x97\x46\x48\x7d\x85\x09\x7c\x82\x13\x30\x51\xed\x22\x1c\xf1\xc8\xe3\xd8\xd7\xec\xaf\xa3\x34\x46\x84\x1e\x53\x2c\x13\x28\xe3\x84\xe8\xd2\x3b\x6b\x2c\x77\x4b\x9e\x71\x39\xdc\xc0\x29\x20\x6b\x01\xd1\x19\x96\x64\x94\x71\xd0\x68\xc7\x2e\xaa\x79\xf3\xc3\xff\x9a\xb5\xcf\x10\x19\x7c\x9f\x15\xca\x5d\x4d\xfd\x60\x07\xb9\x19\xe2\x17\x0c\x49\x1c\xbd\x80\x92\x46\x04\x3a\x9c\x89\xa2\x07\xe9\x5e\x5c\x21\x52\x17\xd5\x23\xcc\x7f\x84\x6e\x49\x9a\x89\xd0\x54\xe0\x28\xa2\x73\x48\xe8\x64\xa7\xee\x8e\x16\xda\x33\x82\xe4\xa7\x9e\x12\x91\xe4\x18\xaa\x8d\x00\x1d\x7d\xb2\x9e\xb7\x3d\x4f\x7a\xd4\x72\x22\x8c\x5a\x1b\x5b\xb9\x07\x92\xc5\xf7\xeb\x2a\x5e\x1f\x80\xb5\x94\xaf\x6f\x19\x27\x0b\x5a\x99\xc4\x46\x67\x59\xa4\xe5\x8e\x72\x7c\x5f\x75\xc6\x11\x7e\x91\xeb\x73\x4d\x8a\x3b\x63\x18\x17\x5e\xf5\xa2\x3e\x94\xa8\xa0\xfb\x4c\x13\x61\xc8\x24\x44\x51\x5d\x71\x34\xd4\xd3\x63\xda\x6b\x61\x47\xb9\x19\x9e\xc3\x2a\x2d\xca\xa7\x1d\x4e\x88\x5c\x8b\x52\x2d\x0f\xd4\xef\x2f\xd5\xf3\x79\xbb\x30\xe9\x9b\x48\xc6\x19\x30\x46\x64\x85\xc5\xf6\x42\x52\x7d\x95\x1f\x85\x4a\xbc\x5e\xb6\xbf\xec\x45\x16\x47\x88\x90\xf3\x12\x0b\xe3\xb2\x47\x8e\xd7\xcf\x8f\xfe\xf9\xd3\x27\x9b\xa5\x68\x41\x9b\xa8\x07\xc2\xc6\x8c\x36\x07\x06\xb0\xab\x30\x83\x30\xf1\xcd\x57\x73\xe2\xee\x4a\xc7\x3b\x4b\x3f\x8f\x6f\xc3\x0f\x90\x6d\x1e\xc3\x13\x0f\x17\x47\x8c\xff\xe0\x71\x79\xa0\x93\x9f\x45\x1f\x82\x3c\x94\x61\xf5\x37\x62\x0b\x51\x3a\xf6\xf1\x02\x6d\x2b\x10\x84\x80\x92\x68\xcd\x38\xda\x08\xaa\xc8\x0c\xe1\x0b\x9e\x86\x48\x38\xe3\x1c\x43\x78\x59\xa4\x0a\x9e\xed\x18\x40\x54\x7f\x24\x32\x44\x69\xd0\x6e\x68\xac\xf7\x28\xa7\x71\x2c\x4a\x35\x5e\xec\xc7\x13\x09\xf0\xbc\x9b\x04\x82\xf6\xd4\xa2\x4e\xf7\x16\x8b\x71\x55\x9e\x3c\x91\xa0\x35\xa6\x09\x3a\x65\x32\x4c\x90\x18\xf0\x98\x16\xa5\xdd\x40\x43\x47\x0b\x64\x71\x9d\x51\xed\x29\x49\x47\xca\x91\x04\xea\xd2\x1c\xab\x87\xe2\x78\x3b\x0a\xa6\xbd\xa7\x59\x0c\x14\x13\xfa\x38\xc6\xe8\x58\x1d\x0c\x28\xcc\x38\xf0\x7a\xbe\x7e\x43\x9b\xb3\xb9\x6c\x0b\xd4\x5b\x50\xef\x50\x4e\x37\x68\x56\x9c\xee\x08\xd4\xc0\x77\xe9\x09\xa4\x40\xf3\xc2\x37\x24\x01\x9b\x08\x08\xf1\x1b\xd8\x08\xea\xc3\x36\x78\xb4\xc5\x67\xf1\x81\x48\x07\xda\x59\x53\x6c\x7b\x84\x2c\x3a\xc8\xf0\x2f\x65\x5e\x94\x4a\xcb\xea\xb3\x23\x0b\xf3\x85\x1d\x07\x0e\x29\xc7\xa3\x42\xde\x4c\x09\x2a\xd6\x90\xb2\x39\xbc\xd7\x9a\xb0\x5a\xdc\x9e\x4e\x5b\x52\x02\x28\xf7\x2f\xcf\x29\x8f\x14\x63\x7f\x7b\xc4\xf6\xe1\x8d\x78\xf6\xf2\x5a\x5e\x94\x0d\x85\x75\x8e\x70\x3d\x82\x67\xbd\x23\x6d\x76\xec\xce\xe5\xe9\x67\x77\x4a\xa1\x51\x47\x2a\xac\x5f\x7c\x83\x72\x6d\x74\xa7\x16\xbc\x6f\xcb\x13\x59\x20\xfb\x32\x9d\xf2\xad\xaa\x49\xfa\xe8\x0a\x54\xc2\x8a\xcc\x7f\x60\x1a\x3c\x29\x3c\x3f\x1a\xc6\x7b\x79\xdf\xf5\x50\xf3\xbd\x37\xd8\x65\x9c\xcc\xe5\x6e\xc9\xfe\x86\x30\x5d\x7a\xf4\xb9\x52\xe2\x41\x6e\x75\xef\xec\x69\x61\x86\xbb\x21\xb6\x00\xdb\xbb\xf3\x36\x2d\xc9\xf0\xe3\x01\xc5\x92\x19\xa2\x53\x01\x6a\x9f\x1f\x03\xcc\xf3\x76\x16\xf8\x0f\x5c\x1a\xa3\x3b\xb8\xc3\xbc\x28\xf4\x99\xf9\xda\x6b\xbc\x60\xa5\x09\x34\x7b\x5a\x27\x2c\xb4\xf6\xf1\x6e\xac\x52\x8c\x29\xbd\x5c\x9a\x3b\x11\x41\x85\xad\x3b\x1e\xe4\x68\x26\xf3\x0d\xdd\xa0\x51\xca\x73\x52\xdb\x43\x98\xf1\x9d\x3d\xa2\xec\x32\x71\x31\xda\x89\x34\x7a\x61\x74\xd9\xb5\xd2\x3a\xd9\x5c\xdf\x8c\x34\xcc\xb1\x44\x52\xa3\xe5\x9d\xc7\xeb\xe5\x52\xbe\xce\x7c\x4d\x90\xce\x10\xbf\xf7\x46\xa4\x72\x05\x71\x73\xea\x94\xe8\x9d\x85\x30\x0d\xd2\xfb\x85\x3f\x66\xd5\x7d\x13\x5d\x04\x1c\xab\xf7\x4e\x07\x00\x66\xda\x55\x25\xfe\x48\x77\x02\xa3\xb2\xd2\x40\x51\xfd\xc9\x6a\x46\x01\x0a\xb7\xc3\x55\xbb\x82\x32\x55\x60\xab\xf4\xc9\xa8\x81\xaf\x23\x7f\xf5\x17\x44\x29\xd8\xf6\x96\x50\x7a\x8b\x05\x07\x8a\xcd\xee\x31\xc8\xa3\x44\x40\x59\x95\x66\x31\x3b\x42\x88\x94\xbf\x2d\x06\xa4\xe6\x28\x68\x2b\xce\x77\x3e\x7f\xff\xfc\x63\x05\x95\x46\x22\xe3\x14\x90\x48\xec\xb0\x51\x65\xa9\x42\xaf\x31\xba\xee\x8d\x81\xfd\x06\xf8\x93\x9a\x20\x7b\x63\xd0\xa6\x8c\x92\x34\xc7\x27\x4c\x33\xc8\x85\x59\x5f\x0f\x91\xea\xbf\xe8\xff\xc3\xf8\x84\xa4\x02\x9f\x06\x29\xdf\x0d\x29\x4d\xab\xa1\x8b\x63\x3c\xc7\x6f\x9f\xd0\x43\x3c\xc4\x74\xf1\xfa\x0b\x54\x9c\xe3\x91\x0e\xf8\x28\x3b\xb4\xc3\xb3\x57\x44\x35\xd2\x61\xd7\xea\x3a\x28\xcd\x34\xbb\xf5\x45\x1e\xd6\x7b\x65\x71\xec\x04\xad\xbd\x94\x26\x4a\x19\xdf\x6a\x21\xb2\x02\x26\xe2\x21\x1a\x08\xe0\xf0\x1e\x20\x4c\x10\x7d\x21\x0e\x75\xc1\xbe\xf5\x35\xd5\xd7\x09\x39\xdd\xae\xae\x98\x5d\x7e\xd7\xf9\xaa\xb2\xb0\x34\x14\x78\x5f\xbf\x88\xf0\x65\xc7\x0a\x6b\x14\xba\x15\x07\x48\xb4\xe9\xd0\xe3\xd9\x09\x4a\x15\x7e\x01\x4e\xa6\xac\x4c\x42\x42\x84\xaa\xd7\x1f\x20\x0f\xcf\xfb\x9a\x3c\x4f\xe4\xea\x34\x78\xb7\x8e\x66\xe5\xc1\x79\x79\x03\xf5\x1d\xe7\x41\xf8\x9a\x2a\xc5\x3b\x5b\x09\xb4\x2f\x2f\xeb\x33\x05\xb9\x31\xe6\x88\x08\xc8\x75\x8a\x50\xe7\x78\x0b\x58\x0e\x96\x07\x94\xe9\x22\x57\x4b\xce\x79\x7a\x22\x70\xae\x04\xba\xe8\x42\x61\x5d\x39\xd5\x6c\x6a\xd4\x4a\x8f\xd6\x10\x62\xed\x03\x64\xb1\xfa\xc0\x40\x2e\x57\x1f\x0b\x37\x65\x7d\x42\x26\x32\x33\x54\x75\xe0\xdd\xe6\x74\xff\x5c\x21\xaa\x30\xf9\x4e\xda\x7f\xf3\x35\x0e\x94\xe3\x93\xa9\xd0\xa7\x4a\x58\x13\x25\x7f\x7d\x73\x6f\xa9\x70\x5b\x00\x2d\x07\xbe\x1f\xc2\x30\xee\xad\x51\x9c\x7f\x42\x92\x06\x5a\x0f\x53\x39\x62\x58\x17\xb4\x9c\x91\x2d\xcc\x2f\x42\xef\x17\x38\x79\x8c\xaa\xd0\x5a\x90\x36\x93\x60\x9c\xf7\x64\x0f\x7f\xfd\x54\x9e\x28\xb1\xfb\x2f\x5f\x6b\x65\x8b\xb8\xc9\x4b\xe6\x0f\xee\x60\x74\x61\x7a\xb0\xe6\x1a\xee\xeb\xd6\x53\x29\x82\xd4\x61\x94\x7d\x4e\xad\xa7\x39\xbe\x80\x7a\x17\xca\xa3\xb5\xa2\x9b\x13\x75\xe8\xf5\x72\xe0\xc1\xba\xeb\xfb\xa1\x0f\xe5\xdc\xbd\xbf\x1f\x74\x57\x95\x67\x4f\xfd\x1e\x7a\x22\x1c\x7c\xba\x57\x7b\xb5\x59\x2b\x45\xfa\x00\xff\xf4\x60\x7b\x69\x16\xb0\x55\x79\xa8\x95\xbb\x1d\x09\x11\x0f\xde\x19\x2f\x9e\xb7\x7d\x3f\x0f\xb8\xa4\x53\x6a\x48\x77\xbd\x57\x53\x9d\x6b\x8d\x63\xed\x86\x72\x31\x7f\xe8\xf0\xbd\x41\x71\x9c\x66\x5a\x23\x77\x84\xb8\x65\xf5\xc3\x79\x9f\xf3\x84\xc9\x17\x94\xde\x0c\x55\x90\x6e\x4d\x6e\x68\x56\x1d\x42\x1f\x6a\xd3\x25\x79\x73\x50\x98\xfe\xe7\xed\x03\x76\x5f\x13\xe3\x07\xb5\x21\x1d\xf0\xd4\xd5\x53\xdc\xf8\x34\x97\x74\xcf\x10\x2a\xbf\x19\xe1\xd3\xbd\x26\x7c\xd1\xa8\xd0\x05\x09\x9f\x34\x38\x67\x2d\x8f\xa7\x4a\xf1\x7d\x10\x32\x9b\x49\x58\xe7\xa6\x41\xb9\x0f\xee\xda\xd4\x2e\x14\x0a\x22\x6d\xb3\xb5\x55\x94\x6d\xfa\x54\xc9\x92\x0c\xcb\x02\x94\x83\xf6\xe3\xd7\xaa\x03\xfd\x86\xe4\xdc\x2a\xca\xad\x33\x5d\x75\xa1\x46\x6a\xa5\xdb\x2c\x64\xd6\xed\xfe\xee\x04\x6e\xa6\x59\x41\xf6\x35\x81\xf7\x24\x58\xe3\x03\x22\x12\xdd\xba\x8f\x0f\x8b\x2d\x72\x93\x8e\x08\x4c\x87\xe9\x8e\x50\xe1\x53\x0a\xc8\x48\xaf\x09\xb2\xc3\x24\x3d\xb2\x77\x9e\x05\x5c\xe6\xf6\x76\xe8\xc3\x34\x0e\x26\x79\x02\x17\xa7\x39\x11\x5a\x6c\x04\x6d\xad\x9d\xfd\x3e\xbc\xfe\xd2\x83\x60\x39\xa2\x24\x9d\x68\xcf\xee\xb0\x14\x91\x3a\x54\x79\x7a\x0b\x1e\xc2\x4a\xd0\xcf\x89\xe5\x09\x40\xc0\xdf\x81\x5c\xc7\xa1\xef\x67\xb5\x76\xba\x5b\xe5\x5a\xb7\xfe\xb5\x5e\x8d\x34\xae\x4d\xfd\x3c\xfb\x9c\xe2\x4c\x75\x68\x2d\x4a\xed\xf2\x7b\x92\x3f\x46\xb3\x23\x64\x51\x9a\xe1\xc2\x47\xc7\x77\x22\x84\x1a\xca\x49\x7b\xf3\xcd\xf1\xad\x21\x32\x0f\xec\xdb\x19\x27\xa6\x63\xf5\x66\x2b\xdb\xe0\xf5\x37\x74\xed\x69\x90\xaf\xa1\xbd\x73\xbf\x8f\x85\x35\xcd\x34\xa8\x3f\x7a\x96\x01\xa0\x3b\xc3\xe9\x16\xc6\xfb\xf4\x61\x98\xaf\xd4\xfc\x69\xed\x36\xd8\x21\x95\xa8\x48\x3f\x60\x0e\xd1\x00\xb7\x91\x2b\x51\xf4\x30\x49\x0b\x6d\x81\x81\x07\xfd\x77\xce\x4a\x41\x4d\xf3\x19\xb1\x45\x69\x02\x32\x3f\x42\x92\x46\x54\x37\x1a\xea\x1a\x72\xcb\x06\xda\xd5\xf2\x84\xc8\xe2\xfc\x79\x62\xe0\x6c\xc9\x85\xc7\xd8\x5b\xfb\x92\x80\xeb\x76\xb8\x61\x73\xa6\x74\xe3\xa2\xdd\x12\x6a\x3b\xa4\xa2\xba\xe6\x9f\x29\xff\x00\x79\xb1\x21\xdf\x01\x4d\xf6\x01\x16\xaf\xd4\xe6\x18\xe6\xbb\xfc\xe2\x68\x54\x85\x5f\x1a\x24\xe8\x82\x02\x9a\xe9\xd9\x56\x05\xe8\xc1\xab\x52\xd8\x49\x30\xc6\x9f\x6f\xcc\x8b\x33\x9b\xad\x73\x18\x18\x86\x61\xb4\xe6\xa5\x55\x07\x92\x31\xa0\xb4\x39\x9f\x37\x43\x10\x69\x45\x18\xf7\x7b\xdb\xf3\x8d\x77\x27\xf3\x8d\x34\xc2\x74\x82\x34\xf1\x6f\x4d\xe1\xeb\xd3\x04\x89\x0b\xa6\xd8\x22\x4a\x61\x5a\x98\x36\xcb\xf7\x1b\x93\x26\x4e\xff\x1d\xde\xed\x13\xbc\x38\xc2\xf4\x54\xfc\x0c\x13\x18\x33\x65\x01\xb3\x06\x3b\xa8\xea\xb2\x54\xb8\x21\x5f\xb4\x7f\xc8\x5a\x61\x80\x56\x9a\x6d\x8d\xa8\x25\xa6\xd0\x8a\xe2\x6e\xc3\x8d\x37\x24\xd5\x11\xd0\x9e\xba\x50\xfd\x5b\xca\x3f\x2b\xec\x7b\xb1\xcf\xb4\x3e\x14\x68\x0c\xae\x0c\x01\xa5\x29\xa2\x0f\x20\xf2\x82\x5d\x25\xfb\xdb\xc1\xac\x95\x89\x3f\x18\xb2\x57\x26\xd4\xab\xa7\xa5\xec\x55\x6a\x7c\x95\x31\x8c\xf4\x01\x17\x62\x98\x9b\x08\x30\x5b\xec\xd0\xcb\x12\x5d\xe0\xec\xc0\x7a\xea\xd6\xfb\xe5\x98\xe7\xc0\x1f\x63\xba\x54\xd6\xf9\x4f\x7a\x48\x5f\x1d\xa4\x7c\xa1\xb2\xbf\xd6\x5c\x92\x65\x35\x1a\xf4\x76\x7c\x71\x82\x2e\x4c\x91\x82\xb3\x3d\xdc\x35\xc8\xbc\x01\xf3\x7e\x35\x54\x0f\xc8\x7c\x46\xd3\x59\x1f\xc0\xc4\x68\xe7\xb6\x62\x36\xc6\x10\x58\x10\x24\xfc\x13\x41\xc8\xfc\x0c\xa9\x54\xb8\xb3\x52\x94\x1f\xaf\x9f\x97\x60\x80\x82\xd5\x54\x59\xcf\xe7\x7d\xed\x5f\x07\xe7\xa1\x6d\x75\xae\x5d\x75\xa0\x5d\x75\xe8\x67\x63\xac\xcf\xb3\xad\xf2\xcf\x94\x4d\x01\x2a\xff\x90\x0d\x06\xeb\xb6\x37\x38\x6f\xed\xf3\xba\xbb\xfd\x62\x1a\x01\x0d\x56\x81\x44\xbd\x85\xb7\x1a\x71\x62\x19\xe6\xc3\x88\xb8\xe0\x8e\x25\x4a\xd0\xc5\x81\xa6\x34\x35\xc8\x4e\xd4\x9f\x28\x92\x8e\x31\xac\xbf\x64\x8e\xa9\x73\xb1\x2e\xc4\xbe\x26\x43\x3c\x24\xc8\xbe\xc6\x01\xdc\x47\x88\xf1\x15\x52\xdf\x32\x61\xdf\xf7\x13\xba\x38\xa7\x47\x6d\xa0\x5d\xf9\x05\x1e\x8e\xf9\x62\x58\xa4\x6f\x08\xf9\x0c\xfd\x9c\xec\x6d\x84\xc0\xad\x87\xa8\x7d\x83\x6e\x01\x99\x0b\x43\x7d\x31\xf4\x26\x62\x80\x02\x16\x7b\x0e\xd0\x05\x5e\x52\xf4\x00\x27\x41\x3f\x0f\xf6\x10\x0f\x7f\xbf\xff\x9a\x08\xe6\xa8\xeb\x37\x8b\xc2\x89\xa0\xfb\x6c\xc5\x30\x2c\x87\xcb\x36\xc7\x7b\x79\x18\xc2\xb4\xe9\x24\x42\xdd\xc1\x7a\x30\x2f\x89\xde\x7a\x8f\x5e\x49\x02\x0c\xb1\x8c\x78\x97\x45\xd8\xe3\x56\xa7\x7e\x10\xca\xe9\x70\xe3\x07\x7a\x07\x4d\x92\x7e\x86\xfa\x56\xfa\x91\x00\x44\x6f\x99\x49\xe8\x5d\xeb\xd6\x5c\x0f\xf9\xa1\x68\x4b\x93\x47\x6f\xa3\xcb\x2a\x7f\x30\x2e\x7b\x58\x76\xbc\x7e\x71\xba\x59\xb0\x87\x58\xb0\xc7\x99\x08\xc6\xf9\xf7\x5d\xbf\xda\x58\xcb\x12\xfc\x15\x8c\x29\xb3\xa7\x43\x9f\x2c\x6e\xab\x30\x85\xd6\x82\x12\x1d\xc1\x37\x44\x77\x2d\x44\x73\x39\x44\xaf\x23\x89\xfd\x54\xd5\xf4\xc1\xb0\x43\x6d\x66\xcd\xe5\x72\x00\x2c\xfe\x94\xd8\x92\xa2\x8f\x09\x67\xc4\x01\xb7\x73\x14\x90\x5d\x88\x63\x15\xee\x2e\xfd\x53\xf0\xbb\xb7\x74\xc0\x9b\x24\xe0\xf7\x14\x83\x36\x93\x31\xf6\xba\x94\x1f\x0a\x54\x1f\x6a\xd4\x80\x32\x7b\x69\x10\x3c\x2f\x5c\x7f\xa9\x53\x7d\x33\xd4\x7f\x2c\xa7\x2f\x71\xf3\x4f\x3a\xd2\xf3\xf1\xa2\x0c\xcb\xec\x5b\x65\xe2\x04\x8c\x93\xf2\xa9\xfe\x84\xab\x95\x56\xc2\x41\xdd\x67\x19\xd9\xaf\xbc\x4f\xf5\xb7\x6f\x4f\x69\x96\x25\xe8\x97\xa4\x4d\xad\x74\x67\x99\x05\x13\x86\xbe\x4f\xbe\x6c\xbf\xe8\xb9\xf8\xeb\x5f\xd7\xa2\x2e\x86\x91\x38\xa9\xe3\x06\x7f\x88\xc5\x97\xa0\x3f\xdd\x68\x3c\x19\x29\xbf\x1b\xa8\x92\xc0\xb4\xa9\x9f\x6b\xe3\x59\xcf\xeb\xa5\x81\x9f\x0b\xbf\xff\x73\x78\x5b\xd7\xcd\x4b\x22\x34\x44\xb8\x10\x4e\xe7\x8b\x45\xfb\xaf\x05\x50\xd9\x81\xf6\xaf\x07\xe9\xff\x82\x2b\xb4\xbb\xbf\xc7\x83\xf5\x34\xd0\x82\xba\x81\x74\xd7\xf2\xf8\xdc\xfc\x62\x1c\xff\x1b\x83\xa7\xb7\x7d\xbf\x08\x3b\x5c\xb0\xfb\xf8\x37\xa0\xb5\xe7\xff\x02\x38\x38\xf4\xc7\x4f\xb7\x73\xd2\xc8\xc7\x41\xdc\x47\xa1\x59\x94\xbf\xea\x73\x1b\x49\x8f\x15\xd7\xd1\x14\xd8\x8b\x7b\xf7\x3d\xfe\x5b\x51\xe0\xa8\x28\x63\xe0\xf9\xbe\xed\xfd\xda\xfe\x77\xb7\x8a\xcf\xe6\xa1\x0f\xe7\xcb\x07\xdf\x20\x85\x65\x2f\x28\xd1\x73\xd1\x86\x84\xd6\x5f\x7e\x8e\xa8\x4d\x20\xd2\x8a\x52\xe5\xa1\x8e\x77\x5b\xd5\xc5\xee\xe1\x27\x5b\xe5\xd7\x04\xb2\x80\xb7\x03\xc5\xfe\x78\xbd\xd4\x8b\x39\xc5\xed\x7d\x9c\xf8\x9c\xb4\x0c\xff\xda\xa0\xb8\xac\xeb\x7d\x9a\x38\xf8\xa1\xbf\xea\xef\xb5\x53\x61\xa3\x93\xe1\x3c\x42\x84\xaf\xbd\x21\xd0\x80\x7a\x1b\x2f\xb4\x76\x05\xa5\x44\x31\xae\x49\x30\x2f\xd2\x26\x31\x54\x95\xb6\xd8\xc5\xfc\xbf\x74\x71\x0a\xbc\xa7\x21\x36\x32\x1a\x83\x62\xe5\x9d\x59\xcc\x3f\xd2\xc7\xb2\xdf\x87\x63\xfe\x2d\x7d\x3b\x4e\x4b\x45\xe6\x9f\xe5\x38\xa6\x88\xc2\x2b\xfb\xb7\x62\x86\x65\xdf\x5b\xc6\xfe\x33\xcb\x62\xf1\xba\x64\xaf\x7f\x2b\x86\xb3\xa2\x70\x5f\xff\x34\xc1\x32\xe2\xc0\x53\xe2\xff\x6f\x33\xfb\x8f\xcd\xff\xd8\xfc\x6f\xd8\x3c\xa1\x72\x05\xea\x3e\x34\x76\x71\x40\xba\xbf\x5c\xc7\xf3\x0d\x5b\xc1\x3f\x91\x24\xfd\xef\xff\xf1\x3f\xff\xd7\x7f\xfd\x9f\xff\xfa\xbf\x01\x00\x00\xff\xff\xbb\x94\x2f\x4d\xe9\x06\x02\x00")
+var _pagesAssetsStylesContainersCss = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xac\xb9\xd7\x8e\xe3\x68\x9a\x28\x78\xdf\x4f\x91\x3b\x83\x05\xce\x39\xec\x6c\x7a\x57\x85\xbd\xa0\x11\x45\x27\x7a\x7f\xb3\xa0\x27\x25\x7a\x27\x92\x85\x79\xf7\x85\x22\x22\x23\xb3\x4c\x57\x75\xcf\x6c\x20\x95\x11\xfc\xf9\x7f\xde\x7f\xfa\xdb\x3f\xca\xbe\x2f\x9b\xfc\xeb\x56\xcf\x6b\xdc\xd4\x67\xbc\xd4\x7d\xf7\x75\xe9\xfb\x26\x89\xa7\x5f\x8a\xbe\x5b\xbe\xce\xf5\x99\xff\x04\x43\xd0\xff\xfd\x5f\x7f\x7a\xf9\xcb\x9f\xbe\xfd\x9a\xef\x43\x3f\x2d\x5f\xeb\xf7\x4b\x7f\xff\xff\x01\x55\x16\x2f\xf1\xff\x08\x4f\xb5\xb4\xcd\xd7\xb4\xcf\xf2\x5f\xda\x78\x2a\xeb\xee\xeb\x54\x97\xd5\xf2\xd3\x3f\xe0\xbc\xfd\x73\x51\xbf\x43\xbe\x78\x69\xe2\xee\xed\xed\xbb\xb6\x9e\xf9\x1b\x92\xa4\x6f\xb2\xbf\x40\xd2\x3f\xbe\x26\xeb\xb2\xf4\xdd\x2f\x43\x9c\x65\x75\x57\xfe\x84\x0c\xfb\x5f\xc0\x2c\x53\x1d\x77\x65\x93\xff\x32\xf4\x73\xfd\x7a\xf3\x53\x9c\xcc\x7d\xb3\x2e\xf9\xcf\xef\xcc\x43\x3f\x2f\xfd\xf0\x13\xf4\x17\x68\xd2\x78\x78\x7f\x8e\x93\x26\xff\xe5\x59\x67\x4b\xf5\x66\xe1\x9f\xbf\x71\x02\xfd\xfc\xae\x92\x9f\xa0\x9f\x93\x7e\xca\xf2\xe9\xf3\x8f\xaf\x69\xdf\x34\xf1\x30\xe7\x3f\x7d\xfb\xe3\x2f\x68\xcd\x6d\xdc\x34\x5f\xb3\x3a\x6e\xfa\xf2\x83\x14\x0e\x41\x7f\x29\x69\x52\x97\xbf\x06\xa2\xfe\x05\xa0\x1f\x69\xfd\xb9\x6b\xfc\x88\xff\xf7\xba\x4c\xe2\xf4\x51\x4e\xfd\xda\x65\x2f\x71\xfb\xe9\xa7\xff\x4c\xe1\x8c\x2e\x8a\x6f\xca\x80\x87\xfd\xcb\xdc\x37\x75\xf6\xe5\x3f\xd1\x18\x27\x49\xec\x53\x71\xd4\xbf\xc5\xe3\xd7\xe4\x5f\x67\xf3\x6b\x52\xfe\xf2\x7b\xbe\xb2\x2c\xfb\xf9\xf7\xfc\xbf\xf9\xc0\xcf\x4d\x5e\x2c\x7f\xe9\x0a\xbf\x62\x67\xa9\x97\xbf\x8a\xcd\x1f\x39\x7a\xbb\xfe\x07\x4c\xe5\x50\x9e\x15\xf9\xcf\x1f\x4f\x10\x04\xfd\x9c\xae\xd3\xdc\x4f\x3f\x0d\x7d\xdd\x2d\xf9\xf4\xa3\xb6\xbe\x73\x3f\xe5\x4d\xbc\xd4\x5b\xfe\xf3\x0f\x59\x07\x19\x96\x9f\x7f\x1b\x56\x3f\x6f\xf9\xb4\xd4\x69\xdc\x7c\x8d\x9b\xba\xec\x7e\x6a\xeb\x2c\x6b\xfe\x1d\x2f\xfc\x9a\xf6\xdd\x92\x77\xcb\xbf\x2e\xe8\x07\xc0\x1f\x88\x5a\x14\xc5\xa7\x34\xd8\xb0\xff\x8a\xd9\xae\x9f\xda\xb8\xf9\xb9\xdf\xf2\xa9\x68\xfa\xe7\x4f\xf1\xba\xf4\xff\xb6\x35\xbe\xa6\x4d\x3f\xff\xbb\x36\x79\x07\xfa\x81\xdd\x9f\x96\x29\xee\xe6\x21\x9e\xf2\x6e\xf9\xb2\x4e\xcd\xff\x7a\xbb\xf0\xff\x26\xfd\xfe\x8f\xb2\x2e\xfe\xf7\x97\xae\xff\x3a\xe5\x43\x1e\x2f\x5f\xe6\x74\xea\x9b\xe6\x4b\x9a\xbf\x19\xaa\x7a\x97\x04\xc6\x7f\x34\xd4\x6f\x52\x0e\x0c\x0d\xfb\x9b\xc7\xbd\xac\xf9\x91\x4b\xf0\x7f\x2f\x0c\x3e\xf4\xfb\xa5\x2e\xa6\xb8\xfd\x37\x84\xfd\x35\xdc\x8f\xd9\xe5\x1b\xe7\xe4\xdb\xc3\xef\xc2\x36\x69\xe2\xf4\xf1\x5f\xff\x48\xab\x78\x5a\xe6\xaf\x75\xd7\xd4\x5d\xfe\x35\x69\xfa\xf4\xf1\xcb\xef\xfd\x31\xab\xe7\xa1\x89\x8f\x9f\xbe\xb6\xfd\xf9\x79\xb7\xdf\x3f\xcf\x7f\x04\xff\xaf\xff\xf3\xe5\x55\x1c\xbe\xfc\x11\xea\xbf\xff\x9f\x9f\x8a\x7a\x9a\x97\xaf\x69\x55\x37\x19\xf0\x4f\xef\xfd\xf2\x6b\xc4\x9f\x6c\xb6\x79\xb7\xfe\x68\xd3\x37\xe7\xfb\x9e\x95\xdf\xd2\x54\x9a\x7e\xf9\x4f\x82\x20\x3e\xfe\x4b\xd3\xf4\xdb\x85\x79\x39\x9a\xfc\xa7\x37\xe9\xbf\x1d\x7d\xd8\x6a\xd8\xbf\x85\x67\x96\x17\xf1\xda\xbc\x47\xdc\x87\xf7\x7e\x81\xd1\x61\xff\xc2\x4c\x75\xdc\xfc\x7d\x8e\xbb\xf9\xeb\x9c\x4f\x75\xf1\xbd\x3a\xf4\xeb\xf2\xe2\xf1\xa7\xae\xef\xf2\x1f\x03\xe1\x0b\xf4\x07\xfe\xf2\xd2\x5e\x96\xef\x3f\x21\x10\x04\x41\xbf\x12\xeb\x5b\x25\xfc\x51\xba\x2c\xcb\xde\x5c\x15\x04\xe7\xb9\xf9\x47\x39\x2f\xf1\x52\xa7\xff\x48\xfb\x16\xcc\xb3\x7a\xe9\x27\xf0\x1d\xe6\x6b\x52\xfe\x63\xe8\xca\xff\xfd\xe5\xdd\x81\xbf\xee\x5f\x96\x7e\xf8\xf2\xca\x7d\xdf\x4b\xd7\x3f\xcf\x44\x4d\x3d\x2f\x1f\xba\x79\x13\xe1\x43\x30\x64\xd8\xff\x58\x34\xe8\xe7\x25\xdf\x97\xaf\x59\x9e\xf6\xd3\x9b\x5b\xbe\xbf\xfe\x27\x29\xe9\xf7\x12\x7e\xed\xd7\x25\x9f\x5e\xee\xf3\xf7\x3f\x7a\x5b\x77\xdd\xfb\xdb\x5f\xfe\xb9\xd9\x3e\x84\x89\xe3\xf8\xb7\x64\x97\x7e\xf8\x73\x9a\xbf\xfc\xa6\xaa\x7f\x77\x81\x97\xbd\xbe\x89\xf8\x87\x38\xbe\x73\xf6\x0d\xc7\x97\xaf\xf0\x67\x68\x7d\x20\x82\xbe\xbc\x8e\xbe\x21\x7a\x79\x0e\x36\xec\xbf\x0d\x89\x3f\xc6\xfa\x56\xac\x5e\x18\xff\xec\xfa\xb4\xfc\xf1\xf9\x77\x01\x3f\xd1\x7c\x24\xa7\xb7\x9c\xfb\xdf\xc0\xf8\x9d\xb1\x1f\xf1\xfc\xf3\xf8\xfd\x4b\xa1\xfe\x35\xd0\xbf\x66\xe7\x0d\xe5\x6f\xe4\xfb\xe9\xa7\xa9\xef\x97\x3f\x02\xfc\xe5\x2d\xab\x7c\xe4\x42\xe8\x4f\x2e\xfe\xa8\xc2\x7f\x15\xe4\x07\xa6\xfe\x55\x90\x8f\xc6\xf3\x57\x00\xef\x89\xe6\xcf\xa0\xb2\xa9\x1f\xb2\xfe\xf9\x87\x60\x7f\x78\xbf\x9e\x5f\x8d\x6d\xf6\x63\xbd\xae\xdb\xb8\x7c\x8f\xe5\xff\xab\x6e\x5f\xf3\x43\xdc\x2d\x3f\xf7\x43\x9c\xd6\xcb\xf1\xd3\x3f\xd0\x9f\xdf\x92\xfb\x0f\xcf\x45\xdd\x2c\xf9\xf4\x53\xdc\x0c\x55\xfc\xbf\x3e\xce\xff\x1f\x14\xfa\xdf\x7f\x4a\xf0\xcf\x35\xfb\x87\x11\xff\xa7\xa0\x9f\x1a\xfe\xf7\x41\x3f\x34\xfd\xef\x03\x7e\x2a\xfb\x23\xcf\xa0\x28\xfa\x83\xc6\x7e\x9d\x83\x68\x9a\xfe\xfe\xee\xcf\xc2\xec\x1b\xc5\x3f\x2b\x81\x7f\x68\xc1\xef\xf9\xf8\x95\x5a\x7e\x60\xe4\x33\x5b\xfd\xfa\xfc\x0f\xcd\x53\xbd\x5a\xb0\xff\x86\x6d\xfe\x39\xdc\xef\xf2\xf4\x37\x85\xa4\xc5\x97\xff\x24\xe8\xfc\xe3\x3f\x32\x2e\xfe\x82\xb5\x38\x7d\xb5\x18\x7f\x48\xbd\x1f\xf2\xee\x0f\x3a\xce\x24\x49\x7e\x9c\x4f\x3e\xab\x6c\xd2\x2f\x4b\xdf\xbe\x15\xbe\x3f\xa4\x54\xf4\xe9\x3a\xff\xb7\x5c\xf4\xcf\x20\xff\x89\x22\xfa\x29\xee\xca\x3f\x2e\x80\xdf\x52\xc0\x77\x03\xbe\xb5\x0b\x5f\xa0\x7f\xb5\x9a\x7d\x3a\xe8\x8f\xcd\xe9\x7b\xfd\x21\x5f\x05\xe9\x7b\x0b\xf1\xa7\xdd\xc3\xfb\xaf\x8f\xa6\xf2\xbd\x83\xf8\xde\x05\x7f\x45\x29\xea\xad\x28\xfe\x8b\x3c\x7d\x9b\x85\xdf\x57\x08\x7f\xa8\xc5\x5f\x5f\xf9\x6f\x98\xe1\x5f\x40\xf0\xdb\x22\xfd\xb1\xd1\xf8\xe3\x8a\xfe\x89\xef\xe5\x32\x7f\x4e\xf1\x75\xe3\x2f\xaa\xc6\x07\xc1\x6f\x33\xe7\x7f\x0b\xdb\xef\xd8\x7f\xc7\xf6\x2d\xe9\x7c\x2b\x7d\xdf\x46\xef\xa2\x28\xfe\x9a\xd0\x1f\x5e\xa8\xf2\xf4\xf1\xaf\x3a\xf4\x6f\xa9\x66\x59\xf6\x2b\xaa\xf5\x92\xb7\xbf\xfc\xd0\x60\xfe\x75\xf3\xfc\x4f\x7a\x4e\xe8\x57\xfd\x33\x99\xb7\x6f\x81\x81\xbc\x4d\x55\x55\xbd\xe4\x5f\xe7\x21\x4e\x5f\x20\xcf\x29\x1e\x7e\xc7\xc2\x6f\x9f\x5f\xad\xc4\xb7\x18\x7b\x97\x81\xcc\xdb\x6f\x14\x3e\xfc\x02\x79\xdb\x56\xfc\xa8\x84\xae\x7f\xd3\x4d\xd2\xef\x5f\x7e\x8b\xf0\xef\xbf\xb9\x58\xa7\x7d\xf7\xbb\x4b\xbf\xa6\x08\x23\xbf\xc7\x1f\xa7\x69\xde\xfc\x73\xb8\x0f\xc6\xa0\xdf\x00\xbe\x49\xf4\x6d\x0a\xff\x77\x94\xfd\x7b\x2c\x7f\x58\xfc\xde\xde\xbc\xb1\xf6\xf7\x7f\x03\xe0\x37\x0c\xa5\x69\xfa\x4f\xb2\xfd\x5f\xe0\x79\xa9\xf2\x97\xff\x69\x2f\xf2\x86\xa9\xaa\xcb\xaa\xf9\x5d\x0a\x7a\x7f\xf5\x2a\x66\x7f\xb4\x41\x22\x72\xba\xa0\x7e\x53\xd8\x7f\x7d\xf8\xee\xab\x59\xbf\x2c\xf9\xef\x87\xc7\xef\x93\xc3\xd7\xf7\x12\xf4\xea\xfb\x3f\x8f\x96\x7e\x78\x3d\xff\x81\x31\x3f\xfc\xec\xf7\x8c\xbe\x69\xe3\x07\x3e\xdf\x53\xf2\x4f\x9f\xc9\xf9\x73\x29\x41\x0c\xfb\xfb\x8e\x8b\xf8\x93\xed\xc4\xab\x41\xfe\xe3\xf1\xec\xdb\xae\x82\xf8\x23\xf6\x7e\xdb\x88\xff\x05\xcf\x7f\x78\xfd\x4d\x90\x37\x06\xdf\x98\x78\xe7\xe7\x47\x6a\xfd\xfb\x16\x76\xce\x9b\x3c\x5d\xfe\xd0\xc1\x7e\x4b\xf0\x2f\x21\x7e\xa3\xbc\xff\x49\x09\xc4\x5f\xe1\xfb\x05\xfa\xbd\x6e\xde\xe2\xe4\x97\xef\x2d\xe0\xcf\x59\x3d\xe5\xe9\x9b\xf2\x9b\x65\xfa\xf9\xbb\xc4\xdf\x4b\xfc\x9f\x59\xe8\x63\xa4\x7e\x37\xcd\xdb\xd1\xbf\x68\x8e\x77\x3e\x3e\x6a\xc4\x0f\xd6\xfe\x01\xdd\xef\xba\xa1\x37\xc0\xb6\xcb\xdb\xbe\xab\xd3\xaf\x55\xdd\x2d\xbf\xfc\x76\xa0\x5f\xbb\x2c\x9f\x7e\xb7\x78\xf9\x35\xe0\x9c\x0f\xf1\x14\x2f\xfd\xf4\xa3\x1a\x7e\xb5\xb7\xfc\x1e\x02\x6f\x0c\xbe\xe6\xe0\xbf\xfd\xed\x1f\x2f\x1b\x7c\x6d\xe2\x24\x6f\xbe\xfc\xf2\xb7\x2f\x5f\xbe\x7c\xf9\xdd\x72\xf3\x6f\xff\xf5\xb7\x7f\xac\x5d\xfd\xeb\x5b\x1f\x44\xa8\xb7\x9f\x9f\xbf\x03\xbe\x07\x66\xbd\xc4\x4d\x9d\xbe\x41\xbe\xb7\x93\x5f\xd3\x61\xfd\xa7\xf8\x7f\xc0\x07\xbd\xfd\xbc\x01\xd6\xdd\xef\x40\x7f\x43\xf4\xbf\xfe\xf6\x8f\x29\x7e\x7e\x7d\x49\x30\xff\x88\xbc\x88\xdb\xba\x39\x7e\xfa\xf2\x1f\x5c\xbf\x4e\x75\x3e\x7d\xd1\xf2\xe7\x7f\xbc\x93\xf9\xb1\x6c\x7d\x19\xa6\xfc\xeb\xab\x72\xbd\x93\x9b\xfb\xe6\x63\xab\x57\x2f\x4d\xfe\x6b\x8a\xc2\xdb\xcf\xdb\xbd\x21\x2e\x5f\x03\x5f\x9c\xe5\xd3\x97\x0a\xfe\xb8\xf6\xec\xa7\xec\x0d\xd5\x4f\x5f\x92\x29\x8f\x1f\x5f\x5f\x07\x6f\xd7\xdf\xbe\xcf\xf8\x3a\xf5\xcf\x3f\x64\x30\x7d\x67\xf0\x3f\xfe\xfe\xe5\x3f\xda\xbe\xeb\xdf\xf8\xfa\x8f\x1f\xb5\xf9\x32\xdd\x97\xb7\x76\xf2\xed\xf0\x07\x3f\xfa\xf2\xe6\x5e\xef\xc7\xbf\x49\x26\x5f\x96\x7e\x78\x7f\xf1\xb1\x6e\xfa\xf2\x89\xe0\xc7\x2e\xe6\x0b\xfa\x9b\xd3\x77\x87\xfd\xdd\xf1\x2b\x61\xfe\xee\xf0\x23\xb1\xbe\x9f\xff\xd7\xdf\xfe\x31\xaf\xc9\xab\xf6\xc4\xf5\xab\x57\xf9\xd8\x16\x7e\xad\xbb\x61\x5d\x3e\x04\xff\x15\x65\xec\x1b\xb6\xf7\x84\xf7\x05\x83\xde\xd1\xfc\x67\xd3\x97\xfd\x37\x4d\x35\x7d\xbc\xbc\x85\xcb\xfb\xd5\x8f\x1c\xfb\x05\x79\xdb\x9f\xfe\x8e\x41\xe4\xf3\xf4\xf7\x89\xfa\x7b\x0e\xf9\xdd\x8d\x77\x0d\x7f\xb0\xfe\xbb\xb7\x9f\x09\xe2\xdb\xf6\xf9\xb7\x17\xde\x67\xf8\x57\x4a\xfb\x8f\x2c\x5e\xe2\x9f\xde\x9e\xc1\xa1\x2b\x7f\x4e\xe2\x39\x27\xb0\xbf\xd7\x1e\xab\x5b\x4f\x48\xb9\x96\x3d\xc3\x30\x8c\x66\xbb\xd5\xc5\x2d\x19\x86\x25\xdd\xd7\x63\xcd\x31\x12\xc3\x30\x1c\x8b\x98\x03\xca\x30\x8c\x62\xfb\x0d\x6f\xc2\xec\xe9\x3e\x32\x4e\xba\x34\x82\x79\x86\xbb\xee\x84\x88\xea\x48\xeb\xcd\x64\x98\x5c\x1b\x33\x17\xcd\xc2\x07\x98\xfa\xc6\x02\xa2\x91\x49\xfb\xe6\x72\x7f\xce\x51\x36\x97\x26\x53\x4b\xc4\x53\x3a\x58\x36\xea\x2b\xce\x66\xae\xd7\xcb\x85\x95\x99\x3d\xf4\x25\xae\x09\x5d\xc1\xba\xa6\xb6\x10\x5c\xca\xc5\x55\x6c\x19\x91\xb0\x91\xe9\xd7\x6b\xc6\xd6\x7d\x15\xd7\xb0\x97\xea\x3a\x56\xa0\x4a\x0e\x17\xc1\xb4\x91\x39\x4a\xc2\xe0\x4a\xe1\xf8\xd9\x81\x37\x1c\x3f\x9f\x00\x73\xb1\xa4\xf6\x91\xc7\x75\x5c\x32\xb8\xdb\xbb\x94\xbe\x94\xc5\x1d\xa2\xa5\xfd\xd6\xd2\x25\x23\x79\xb6\xce\x5c\x24\x96\x6f\x0f\x4a\xee\xd8\xd4\x65\x18\x83\xe1\xf3\xa0\x02\x32\x95\x01\x41\xe6\xba\x25\x4f\x86\x63\x44\xde\x53\x6b\xd3\xde\x01\x11\x2c\xc9\xc1\x94\x9b\x94\x91\xe4\x0b\x83\x71\x92\x8d\x3f\x67\xf6\x21\x48\xcc\xc1\xe1\xee\xc1\x9a\xcc\xc1\x96\xcc\x2c\xe8\x67\xc4\xf4\x4c\xc3\x30\x4c\x22\x36\x94\x59\x4b\xcc\x58\x42\x0c\x69\x58\xb2\x51\xba\x0c\xa2\xb4\x0e\xca\xa6\x0c\xa2\x48\xe9\x68\x96\xcc\xdd\xbc\x30\xad\x5d\x89\x32\x23\x33\xeb\x93\x2d\xbd\x50\xb0\x55\x46\x65\x9e\x25\x57\x4e\x17\xa6\x56\x4b\x87\x99\xca\x2b\xe3\x27\xe1\x61\x3d\x15\x66\x33\x5d\x26\xeb\xf1\xf0\xc1\xd0\x4c\xc8\x70\x4c\xeb\x4a\xf3\xc9\x30\xa5\xce\x48\x8c\xb9\x63\xce\x69\xde\x4a\x87\xd1\xcb\x9b\xa6\x80\x98\xd2\x14\xa9\xe4\x63\x36\x73\x61\x9e\xb7\xd5\x3b\xa3\x4c\x85\xee\x37\x77\x95\x03\xf3\xda\x15\x07\xa5\xf3\xb5\x94\xab\x5c\xa2\x0a\x5c\x68\xa5\xc3\xe5\x1a\xca\x38\xa7\xa4\x0d\x3e\xdf\x2f\xd0\xbd\x63\xa0\x53\xe7\x19\x86\xb9\x6e\x9d\xf5\x2c\x30\xcc\xc0\xf9\x0e\x5f\x9d\x0a\x6f\x93\x2e\xd1\x41\x68\x8f\x55\x20\x06\xd9\x4d\xba\x63\x15\x95\x81\xc0\x26\x3d\x39\x96\x61\x4c\x67\x06\x37\xa4\x01\x1b\x3c\x0b\xf9\xf4\x96\xb2\xb3\xe8\x83\x31\xd1\x24\x8c\x36\xf8\xcc\xf5\x5e\x00\x1e\x74\x22\xcf\xb6\xf4\xcb\xc9\xcc\xb7\x56\xcd\x9d\x3b\x65\xb2\x44\xde\x7b\xbc\x64\xb0\x50\xca\x95\xb3\x4a\xda\x5e\xdd\x27\xd0\x13\xc3\x66\x00\x3c\x8d\x2a\x01\x38\xb5\xd8\x12\xca\x64\x49\x00\x41\xa7\x27\x23\x5e\x63\x53\x6e\x97\xa7\xa2\xf3\x60\x20\x54\x49\x17\xaf\x6e\x4f\x76\xc7\xd3\xe2\x6e\x3e\x89\xe2\x87\x01\xec\x98\x07\x82\x21\x36\x40\xb9\x04\xcd\xde\x73\x16\xc2\x69\xf7\xa5\x16\x73\x39\x59\xdb\xd1\x16\x77\x07\xe1\x22\xa5\xad\x87\x55\xea\x50\x9c\xea\x2e\xe2\x09\xcd\x45\x1a\xca\x9b\xdc\x5c\x3d\x40\xc6\x99\x42\x71\x49\x97\xf9\x29\x92\x2b\x63\x2a\x2a\xdf\xdc\xed\xac\x64\x99\x62\xbb\x2d\x77\xb6\x57\x1f\x26\x63\x46\xa7\x79\xe4\x45\xca\x30\xb2\x0e\x02\x21\xcd\x28\xcf\x0b\x73\x46\xf9\x03\x7b\x32\xcc\xa6\x97\x61\xa0\xd4\xae\x00\x9d\x57\x8e\x61\x18\x4b\xe1\x58\x65\x62\x59\xf6\x79\xb2\x82\x72\x32\xfc\x70\xb2\x62\x72\x32\xc2\x53\xae\xd8\x87\xc5\xf0\x9c\xc3\x18\x2c\xcb\xb1\xab\xcd\x88\xcc\x58\x5d\xe5\x88\xbd\x7a\x0e\xa3\x2f\xe5\x65\x49\x18\xfe\x3a\x32\x56\xbb\x5e\xcc\xe5\x76\xd9\x75\x06\xed\x30\x56\x4e\xcb\x7c\x79\x0a\xcf\xa8\xbc\xca\x24\x77\x55\x8f\x2b\x67\x5a\xec\xc1\x94\x4e\x68\x5f\x88\x9a\x15\xea\xfb\x52\xd6\x67\x59\x06\x6d\x88\x5d\xa4\x56\x90\x34\x59\x61\x06\x8e\x1f\x6a\xd6\xb2\xa4\x39\x78\x39\x21\x37\xba\xf2\xf8\xf0\x60\x49\x02\xa5\x25\xad\x4c\xfc\xee\xed\x0c\x30\xf0\xc9\xc1\x31\x47\xbd\x1d\xca\x76\x49\xf7\x46\xba\x1e\xae\x69\xb8\x4c\xe7\x31\x6b\x5c\x16\xd7\x7e\xba\xf6\xa2\x61\x65\xbc\x69\x04\x21\xe7\xf7\xed\x66\x5d\x27\x33\x37\x42\x0e\xe9\xc7\xc2\xb2\x81\x0a\xce\x18\x96\xae\x7b\xfc\x5e\x6a\x97\x9d\x6f\xe3\x1b\xe2\x0b\xe9\x5d\xca\x84\x50\x6a\xc2\x6b\x9d\x88\x42\x6b\x34\x3e\xef\xf9\xf7\xd3\xbb\x8b\x5e\x89\x66\x95\x9b\x3c\x65\xbc\x22\x9f\xe5\x83\xe9\x57\xe6\x02\x3c\xa5\xa0\x37\xcd\x67\x7b\x70\x0f\x99\x15\xfd\xcb\x1e\x9a\x44\xd9\x90\x9c\x0e\x5d\xa6\x5e\xf2\x9e\x2d\x5f\xf1\x22\x27\x1f\x8a\x33\x5e\x00\x48\x0e\x7a\x1b\x48\x2d\x2c\xbc\x8f\xfb\x43\xa8\xae\x13\x97\xac\x92\x85\x55\x5d\xed\xe5\xf2\x13\x73\x02\x5c\x93\x64\x86\x94\x1f\xab\xa5\x73\xf5\xa5\x79\xf0\xb2\xcc\x41\xcd\x64\x6b\x8b\xa4\xc6\x96\x33\xf0\xa4\x7d\xb9\xb6\xa9\xc3\x25\xd3\xe3\x8a\xca\xe8\x6a\x4a\x73\xcf\xcd\x92\x9c\x5b\x0b\xce\x18\x8f\x0b\x60\x03\x54\xc7\xe3\x6a\xea\xea\xb3\x2f\x61\x8f\xa7\xdc\xd7\x96\x3d\xc8\xa6\x6d\xdf\xbd\xc6\x00\xdc\xcb\x10\x51\x87\x39\xb4\xe5\xd8\x88\xda\x18\x91\x2e\xa7\x8c\x92\x3e\xd0\xb1\xed\x23\x65\xd6\x30\x9b\x8b\xe5\xc3\xe5\xb4\xe0\xb6\x0e\xb4\x76\x8f\xf8\x83\x30\x97\x9e\x0e\xcc\xb6\x6d\xba\xb8\xc8\x7a\x15\x68\xa0\xb5\xec\xb2\x72\xc7\x85\x86\xe6\x02\xa8\xdd\x7a\x16\xe8\x3a\x22\x34\xa0\xec\xf9\xd4\xaa\x12\xe1\x77\xa8\xaa\x15\xb6\x99\xae\xc1\x1c\x0d\x7b\x8d\x5e\x6d\x20\x72\x94\x50\x80\xf0\x3c\x3a\x04\xf3\x09\x9f\x52\xd2\xfa\x79\xc8\xe3\xd5\xe6\x79\xe5\x48\xd7\x03\x25\x44\xa2\x72\x19\x5c\xa2\xf1\x62\xaf\x18\x82\x6e\x6c\x2c\x2f\x85\x5d\x10\x0e\xda\x91\x83\xed\xc9\x33\x81\x29\x68\x22\x7a\x78\x44\xde\x0c\xf3\xf7\xd1\xec\x5c\x61\xdc\xbc\xd1\x82\xbd\x95\x78\x20\xd3\x8c\xdb\x19\xac\x18\xee\x8d\xb6\x02\x42\x07\x02\x10\xe1\x80\xf6\xa6\xcd\x7d\x2c\x58\x23\x77\xb5\x15\xcd\x0d\xc9\xe2\x7a\x0d\xa1\x4a\x98\xc3\x23\x2a\x84\xd0\x5c\xa2\xc3\x2b\x8d\x49\xbd\xae\xa1\xe3\xcb\xc9\xbc\x75\xb3\x23\x86\x02\xb0\x2f\x88\x8a\x2e\x37\x17\xd2\xce\xb1\x8d\xe7\x68\x10\xda\x2e\x8f\xf6\xd3\xbc\xe8\xfb\x24\x96\x14\xdf\x45\xdd\x65\xd2\xa5\x14\xd3\xce\x6e\x5e\x98\x03\x02\xd5\x44\xf4\xe3\x11\x6e\xa7\x80\x58\x34\x7a\x20\x90\x89\x8c\xc3\x15\x3e\x48\x2b\x59\x08\x7a\xda\xb2\x80\xcb\x4c\x19\x9a\xbb\xc2\x25\x12\x67\x42\x33\xb3\x25\xb4\x69\xb0\xd6\xde\x27\x10\x34\x30\x88\x3b\xe9\x84\xc0\x82\x13\x66\x07\x1f\x9b\xab\x13\x19\x6a\x59\xa0\xb7\xd0\x8a\x01\x0b\xc0\xb4\xc1\x2b\x68\x89\x67\xfa\xd4\x98\x12\x79\xb0\xcd\x7c\x73\xaa\x3b\x75\x3b\xcc\x10\xa8\xa6\xf6\xda\x62\x50\xc1\x5d\xb0\xb8\xb4\x0e\xa4\x26\x1e\xa9\xd5\xf7\xb4\x20\xf7\x47\x8e\xc9\x2b\x21\x46\xc0\x0d\xce\xd9\x14\x88\xc6\x7d\x13\xaf\xca\xac\x69\x78\x83\x5e\x67\x2a\xf4\xe5\xe1\xb6\xac\x8f\x5d\x71\x04\x5c\xc5\x86\x33\xb2\xa6\xb6\x8d\x09\x28\x71\x9c\xec\x76\xde\x0e\xee\x4c\x27\xad\x9e\x8f\xfc\xd0\xf5\xcc\x4f\x63\x1c\xaf\xb6\xa5\xa5\x10\xf0\xd0\xaa\xd8\x13\xba\x9b\xa7\xd4\x67\xac\xee\x78\x12\x37\xdd\xa9\xb2\x51\xa4\x35\x5b\x3e\xb7\x42\x08\x78\x5d\xe3\xd3\x5e\x12\x4c\x97\xce\x0f\xf4\x79\x26\x10\xd4\xf7\x90\xdd\xbc\xc2\x79\xc2\xcb\x33\xd1\x52\x2b\x32\x2a\x48\x32\xa5\x16\xd2\x22\x68\x21\xe8\x92\x7b\x3f\x3a\x5b\x29\x3c\x27\x59\xfa\x9d\x34\xce\x99\x5b\x8f\x98\x64\x92\x45\x2f\xa2\x8a\xae\x03\x24\x29\x12\x43\x4c\x9f\xe9\xa5\x42\x7d\x1d\x35\xc9\x42\x94\xa1\x2c\xdd\x91\x44\xe4\x28\x82\x70\x2a\xed\xa6\x0f\xbb\xd2\xf1\x84\x97\x75\x57\x24\xaf\x52\x1c\x3d\x35\x2b\x6f\x6d\x9c\x57\x2f\x43\x86\x34\x7b\xe6\x24\x71\xae\x0c\x08\x51\xe4\xf3\xea\xe1\xd6\xb4\xae\x8b\x02\x43\xa0\x7f\x6f\xc9\x35\x41\x15\x34\x4a\x32\x27\x3b\x79\x54\x28\xe2\x8d\x74\x6c\x22\xb9\x52\x4d\xf6\x3c\xd1\xcd\x2c\x9c\x27\x0d\xdf\xeb\x34\x3d\xef\x5d\x9c\x27\x03\xa5\x9e\x0f\x3d\xdd\x82\x2e\xca\x7d\x8f\x24\x37\x0b\x37\x66\xfc\xd9\x76\x4b\xf8\x4c\xd2\x7b\xb2\x0b\x5b\xb9\xa5\x0b\x19\xf2\x3d\x60\xf8\x01\x71\xae\x0f\xde\x98\x43\x80\x19\x68\xa2\xc3\x72\x60\x98\xb0\x1a\x3d\x11\x40\x42\x49\xbf\x18\x1a\x80\x05\x8f\x1c\x38\x37\xe2\x00\x11\x03\x50\xc1\x2a\x2f\x24\x9f\x72\x31\x21\x64\x44\x96\xc9\x5d\x76\x0b\x2f\x71\x99\xdc\xf8\xf8\x79\x2b\x58\xf9\x71\x19\xcc\x14\x66\x43\x48\x58\x9f\xe1\xc6\xf3\x98\x67\x96\x4f\x99\xf7\x1e\x45\x3a\x68\xdb\x93\x2d\x8e\x2b\xd8\xdc\x6f\xf4\xde\xa9\xf2\x64\x09\x69\x2f\x75\x96\x17\x5f\xc1\xfe\x79\x72\xd1\x4d\x5c\x42\xeb\xde\x27\x06\xa7\x51\x66\xd1\x02\x2d\xe0\x9e\xc3\xa9\x86\x52\xad\xb3\x62\x22\xd5\x98\x88\x3c\xa2\xd6\x2a\xf0\xc2\x32\x07\xe5\xae\x8c\xea\x3a\x58\x8b\xa0\x41\x69\xe0\xa0\xaa\x16\xcf\xb8\xd0\x91\x11\x89\xe8\x54\x08\x0c\x77\xf5\x41\x22\xc8\x88\xa4\x5d\xd4\x4d\xd7\x61\x76\xdb\xfd\x4e\xca\x2b\x56\xaa\xf5\xb8\x4a\x02\x56\x81\x95\x40\x45\xa9\x9d\xb1\xb7\x07\x97\x23\x32\x7e\x73\xc2\x9d\x47\x64\x0c\xbd\x71\x38\x72\xc4\x37\xfc\x7c\xb4\x8d\xed\x67\x57\x7d\xc5\xb3\xa3\x5e\xad\xa2\x25\x52\x52\xed\xba\x94\xf2\x1d\x2f\x7a\x88\x4f\xac\x8a\x4a\xbb\x21\x25\x10\x0f\x6f\xa5\xd9\x30\xdb\xf5\x02\x36\x03\x82\x6b\xa2\x65\x1c\x95\xbc\x0a\x0e\xe4\x03\x7d\x8f\xd4\x6e\x72\x45\xd7\x4b\x4f\x3d\xd6\x38\xf3\x86\x00\xd1\x35\x88\x2c\x5c\x83\x88\xa5\xc8\xb0\xba\xe0\x7a\x7b\x36\x86\x5b\x2f\xf8\xc3\x6a\xed\xd5\x36\x4e\xc7\x8b\x2e\xf0\x42\xcc\x27\xdd\xec\x88\x0d\xe1\x8d\x7c\xb8\x9d\xa2\xd9\xbc\xdf\xfa\x0b\xb7\x05\x37\x35\xed\x17\x88\x6e\x95\x63\x75\xf8\xdc\xc2\xf1\x16\x55\xae\xb8\x2e\x1e\x5b\xf1\x90\xc0\xe6\xa4\xe8\xd9\x4b\x24\xef\x06\xc5\x3a\xe4\x8e\xb8\xc9\x57\xd1\x4d\x25\xca\x29\x17\xe6\xd0\x47\x6b\xcc\x56\x61\xc9\x5f\xcc\x13\x45\x12\x80\xd8\x1e\x77\x0e\x93\xfc\x42\x45\xcc\x59\xe0\xb0\x59\x35\xc2\x55\xac\x22\x2a\x67\xea\x0d\xf2\x49\xa1\xd6\x55\x77\xcf\x50\xf5\x2e\x64\xee\x34\x3c\xf2\x6b\xf7\x84\x3a\x54\x8d\x6f\xeb\xd1\x6c\xb0\x89\x35\x95\xed\x15\xf2\x98\x67\xe7\x71\x6f\x14\x1e\x1a\xfd\xc6\x3c\x56\xce\x3b\x6d\x6f\x8c\x1c\xf9\x40\x88\x95\x16\x46\x3c\xdc\xbd\xaa\xf1\x2d\x8f\x44\xc6\x00\xf6\x16\xbf\x38\xfa\xa0\xf1\x80\x39\x55\x8e\x7e\xda\xea\xa7\x35\xdd\x5b\xac\xc9\xf4\x80\xf6\x28\x3a\x68\x16\x64\x99\x72\x7b\x2a\x14\x32\x5f\x24\x82\x70\xa6\x64\x3c\x51\x3f\x01\x36\x7b\x82\x47\x33\x0b\xcc\x6a\x63\xb4\xc9\xda\xf6\x7b\xee\x26\x01\x02\x2b\x68\x67\x57\x79\x3b\xc1\xf7\x19\x81\x5e\xd9\x81\x39\xbd\x4a\xcb\xe1\xe4\x54\xe3\x19\x01\x95\x4a\x1b\x0d\x24\x1f\x60\x30\x48\x17\x1f\x8c\x91\x69\x21\xc9\x48\x5e\x26\x7f\xa3\x61\x34\x07\x6f\x7a\xb9\x43\x9e\x4e\x93\x5b\xa3\x1f\xd4\x62\x2f\x98\x87\xac\xb4\x15\xa0\x70\xb2\xa8\x6b\xb9\x20\xc6\xb5\x95\x92\x75\x02\xdb\x62\x41\x30\x0b\xcd\x8c\x3d\x22\x8c\x9c\xf0\x48\x16\x8c\x04\x12\x58\xc6\xec\x4a\xcf\xa8\x02\x80\x1b\x29\xc9\x89\x27\x21\x77\x0b\x97\xf4\x8e\x6f\x5a\x8c\xdd\x90\x61\x5b\xda\x2e\x87\x53\xa1\x1f\xf9\x59\x66\xf1\xf4\xd2\xa1\x44\x44\xe5\x80\x66\x12\x8a\xa8\x3f\xe9\x93\x3f\x33\x20\x2a\xc8\x02\xe6\xf4\x45\xca\xed\xcd\xd6\x27\x1a\x9e\x38\xe4\x9e\xc4\x0c\xdd\x27\xe8\x46\x48\xc7\xbd\xb3\xe0\x5c\x74\x73\x60\x01\x69\x80\x3c\xc5\x7b\x88\x06\xa2\x16\xd2\x41\x37\x72\x99\xc2\xa3\x3b\x90\xdb\xdc\x03\xd0\xbb\x48\xc9\xf3\xce\xc5\x40\x23\xb3\x23\x54\xec\x50\xc7\x38\xa2\x18\x86\xad\x20\x81\x3b\x93\x02\x72\x63\xcf\x20\xf2\x71\xa0\x01\x58\xc8\x14\x4d\x76\x77\x18\x7d\x6e\x22\x0f\x49\x5b\x56\x23\x87\x8f\xda\x04\x44\x4f\x77\x58\x2c\x3a\x9e\xc6\xdc\x7a\xf3\x11\x70\x8a\x8a\x42\x25\xbd\x94\x9a\x3a\x07\x72\xf2\x99\x84\x72\xd0\x29\xc0\x61\x7c\x6a\xde\x09\x83\xf7\x40\x6d\x90\x22\x4f\xd0\x6d\x5f\x9f\xc9\x82\x60\x2d\x6a\x1d\x98\x9c\x4c\x30\x20\x26\x08\x69\x65\x28\xb7\xe2\x37\x54\x80\x89\x3b\x5a\x6f\xa0\x4a\xc6\x60\xde\x8b\x40\x09\x8e\x05\xe9\x00\xb3\x1f\x30\x49\xce\x63\xe1\x8d\x2d\x4f\x4a\x8b\x78\x80\xd2\xb9\x30\xcf\xc1\xc1\x01\x21\xac\xa8\xa0\x47\x71\xb3\x68\xf7\x6e\xd5\xba\x76\xc7\xa1\x42\xdc\x67\xed\x3a\xa1\x47\x74\x23\x1c\x2c\xce\x8f\x61\x37\x8c\xa3\xc3\x7d\x10\xed\xa6\x94\xd8\x3a\x14\x44\x6b\x00\xda\x0c\xdf\x38\x43\x8a\xd9\xf0\x9a\x02\xc0\xa9\x6b\x07\x0a\x55\xb7\x91\x68\x37\x7d\x4e\xef\xfb\x0e\x50\x67\xf7\xa0\xa9\x38\xa1\xa6\x94\x4c\x8a\x1c\xc0\x48\x72\x2a\x76\x12\x2a\x5a\xfb\x4e\x99\x06\x6e\x52\xb4\x48\x84\x54\xde\x41\x17\x10\x35\xd6\x8c\x02\xb7\xe7\x46\x63\xce\x09\x40\xa0\x2c\x45\xd4\x6b\xce\xbb\x86\x8f\x45\xb4\x18\x1e\x64\x0c\x8a\x01\x09\x8e\x1e\xf0\xdb\xeb\x5c\x4e\x2f\x55\x94\x3e\x19\x46\xad\x6f\x0c\xc3\x61\x77\x26\xa8\x1b\x03\x0d\x5f\xef\xc4\xec\xd2\x68\x96\x59\xe4\x6c\x69\xda\xd2\xdd\xb8\x33\xeb\x6b\x52\x64\x4a\xe6\xd2\x5c\x4c\xcf\xc2\x90\xf5\xcc\x32\x84\x4d\x60\xb4\x43\x53\x5f\xb2\xa4\xcb\xc5\x96\xd5\x3b\x3a\xd4\x96\x9e\x84\x4d\xbc\xd4\x41\xd4\xac\xe6\x92\xa7\xfd\x7d\x8e\x90\x87\x9f\x22\x3a\x74\x44\x0b\x46\x5a\x1b\x84\x5a\x0f\x7d\x6e\x93\xa1\x6d\xae\x18\x09\x37\x3e\xa5\xc5\xf0\xc4\xb4\x15\x64\x29\x22\x27\x35\xe4\x1d\x62\x1f\x25\xcb\xde\xa5\x0d\xe5\x09\x0f\x10\x4d\x5a\x90\x7a\x81\xe4\x31\x7e\xc3\x9f\x00\xfa\xb0\xdb\x14\x3f\xc9\x8e\xba\xa9\x14\x56\xb0\x69\x93\x15\x13\x6f\xbe\xc9\xc4\x48\x5c\x89\x89\x0c\xc1\x3f\x5d\xa6\x60\x24\x73\x5e\x69\x28\xbf\x5a\x8d\x2c\x62\xdc\x34\x28\xa1\xf0\xed\x92\xeb\xc1\x0e\x40\xc5\x49\x02\x3f\x3a\xb9\x2d\x85\x52\xe0\x1d\x88\x36\xc8\x0a\xa4\xf1\x75\xd2\xa7\x16\x0e\x19\x0f\x02\x05\xb0\xbb\xbc\x81\x98\x1a\x17\xb6\x51\x87\xdf\x77\x90\xde\x75\xef\x50\x3d\xe4\xc8\x35\x84\x58\x1c\xd1\x82\x0a\xf3\x62\x6a\xfc\x44\xe4\x10\x9d\x1b\xac\x69\x23\xcb\x64\x3f\xa6\x43\x38\x41\x50\xb7\x7a\x2e\xe0\xd1\x23\x35\x5f\x58\x58\xc6\xd5\x1a\x10\xd3\xb9\xea\x09\x15\xdc\x73\x56\x20\x7f\x45\x8f\xc8\xdd\x82\xc9\x83\x1c\xc1\xf2\x04\xff\xc9\x5c\x86\x82\x04\xc0\xf2\x26\xf2\x30\xdc\xc7\xc9\x23\xa5\x32\x18\x25\x4f\xb8\x19\x6c\x1f\x62\x93\x8a\xc0\xf5\x77\x59\x4b\x85\xad\x17\x7a\x03\xc1\x30\x05\xb3\xa9\x49\x1b\x10\xe8\x9c\x31\x27\x3b\x59\x4a\xee\x6e\x1c\x33\x07\xdb\xf3\xcc\xf3\x26\x76\x67\xe7\x0a\xda\x49\xa1\x5b\xd5\xdd\x1f\x2b\x39\x2e\x05\x10\xc9\xca\x10\x4b\xf8\x53\x73\xef\xe2\x33\x7d\xc3\xc7\xca\x33\x8a\xd2\x03\x4e\x74\x8e\x07\x80\xe0\x23\x7d\x8c\x40\x36\xc3\x23\x3d\x48\x3c\x27\x9a\x6f\xa8\xd0\xb3\xa3\xc0\xd6\xa1\xe6\x65\x59\x37\x3f\x10\xa8\x36\x80\x58\xb2\x6c\x3f\x79\xba\x32\xa7\x76\x27\x81\x07\x4e\x01\xb2\xdb\xd9\x2c\x48\xa4\x0d\xbb\x33\xa6\xb1\x62\x11\xff\x9c\x55\xee\x79\xdc\x36\x45\x4e\xd0\x5d\x1b\xe9\xc0\x96\x73\x2e\x7e\x48\x14\xff\x6e\x17\xd5\xbc\x51\x14\x00\xd3\x16\x85\xd9\x06\x28\xd8\x0f\xbc\x94\xd8\xb3\xf2\x1d\x6a\x5e\x37\x7f\x4a\xe0\x1d\x7b\x86\x31\xeb\x3d\x27\xea\x9b\x5d\x58\x76\x8c\x91\x0d\x24\x73\x10\x4c\x25\x77\x83\xf4\x06\x3a\xf0\x70\xf5\x93\xa5\xcd\x02\x0b\xd2\x74\x88\x93\x94\x13\x00\x7b\x01\xe5\x1b\x68\xb8\x9a\x94\xca\xd1\x5a\xaf\x09\x20\x48\x0c\xd9\x3d\x6c\xe5\x5e\x40\xb9\x05\x90\x21\xf5\x0d\xe1\x85\x31\x8f\x79\x53\x1d\x17\xd7\xaf\xd5\x33\x05\xa6\x72\x4b\xd5\x26\xdd\x21\x20\x9d\x94\x71\xf5\x13\x19\x83\xb2\x11\x8e\xa1\xf3\x61\x97\xcc\x05\xa2\xb7\x84\xa6\x88\xea\xb9\x67\xb1\xbf\x91\x35\xbd\x24\x35\x56\xfa\x17\x8c\xe2\xe7\x59\xa4\x3e\x14\xcb\xa5\xce\x80\xac\xf9\xa6\x2f\x9d\x57\x9c\x8d\x37\x2e\xd9\x76\xad\x2b\x7f\x0b\xa6\xbe\x55\xef\xb1\xb7\x31\xac\x13\xc0\x59\x40\x9f\xa3\xc8\x4f\x56\xba\x05\x6b\x10\x14\xc0\xb8\x5b\xa8\x76\xcc\xeb\x23\xb9\x31\xdb\xdb\xdc\xc9\x30\x1c\x83\xe9\x16\xa4\x6f\x20\x8c\xa2\x14\x76\x3b\xb5\xb3\xf1\x80\x0d\xf2\xcb\x51\x99\xc7\x2d\x20\x0b\x3f\xe1\x13\xc7\x30\x39\x25\xbe\x82\x9b\x2e\x3a\xd8\xa1\xf8\xc8\x32\x6e\xa0\x02\x35\xb2\xed\x81\x04\xb6\x66\x83\xe8\x30\x64\xa7\x50\xdc\x1b\x7f\x4c\xa5\x63\xb9\x58\x09\xb9\xd7\x0c\xc4\x3a\x4e\xa0\x3a\x19\x16\x6e\x24\x39\x12\xcd\x48\x31\xbd\xf4\x31\x4d\xf4\x1a\xb8\x32\x65\xf0\xd0\x45\x92\x17\xb5\xa1\xa7\x5c\x0f\x0e\xac\x27\x8c\xd3\xdf\xc0\x9a\x6a\x3d\x95\xb0\xb0\x67\x0c\x38\xf7\x6f\x31\xb6\xf8\xce\x8e\x8d\x9b\xb1\x1f\x80\x23\xeb\xdd\x8c\x24\x13\x01\x74\x86\xc0\xed\x51\xba\x20\xf8\x12\xb7\xbd\x92\x98\x4e\xe9\x41\xa8\x26\x60\x58\xaa\x67\x53\x06\x9d\xba\xba\x11\x9b\x17\x57\x99\xdf\x68\x1a\x1f\x6a\x89\xb4\x3f\x3f\x6c\x6d\xcf\xb4\x61\x43\xb8\x1e\x34\xcf\xd4\x60\x63\x90\x90\x1e\x76\x9e\x26\xd7\xaa\x8f\xaf\xd8\xac\x70\x04\x40\x26\x2d\xec\x47\x75\xa2\xb1\x3a\x9b\x04\x23\x88\xa2\x46\x7b\x7d\x42\xb9\x7e\xae\x52\x4e\x47\x64\xcd\x16\x37\x8d\x2d\x0d\x8d\xbd\xc6\x5a\xc1\x3e\xdf\x4d\x7e\x7b\xfa\x2a\x3c\x62\x39\x05\x26\x33\xb8\x92\x2f\x38\xf3\xb1\xa9\x55\x14\xfb\xa8\x7c\xa4\x04\x1d\x2f\xaa\x7d\x97\x06\x9c\x62\xf0\x07\x61\x0f\xbc\xd6\x11\x18\x96\x17\x41\xf6\xc8\x44\x47\x5f\xc8\x4a\xa0\x59\x3d\xe4\x40\x79\xff\xf0\xa1\xa7\x0f\x57\xd6\xd6\x15\x45\xd1\x83\xe2\x0d\x4f\x83\x38\x07\xfb\x58\x07\x7b\xfb\x42\x1b\x2b\x42\x66\xeb\x2a\x09\x14\xf0\x18\x4b\xad\xd9\x57\x1a\xf5\xb4\x24\xd8\xb6\x6e\xbb\x85\x53\xa0\x83\x99\x77\x93\x1b\x0d\x28\x2a\x3c\x63\xf3\x98\xfb\xce\xe7\x71\xb3\x5a\xcd\x0a\x7d\xc1\x49\x41\x23\x0d\x88\x11\x5d\x00\x30\xc2\x71\xdc\xb0\x1f\x43\xbc\x22\x11\x6c\x05\x6d\xe4\x8f\x48\xbb\x99\xdc\xfa\x98\x8d\x4a\x17\x7d\x82\x98\x1d\xd9\x85\x35\xc7\x25\x71\xe2\x74\x5d\x55\x81\xcd\x51\x48\x20\x01\x7f\xa8\x0d\x1d\x4c\x03\x53\xbe\x87\x6e\xcd\xbb\x70\x80\xde\x5b\x24\xcf\x28\x00\x1f\x77\x79\x31\x46\x38\x5e\x7d\xb5\x69\x67\x08\xe8\xfa\x9b\xc4\x4c\xad\x7c\xa4\x86\x48\xd6\xb8\xde\x8e\xc4\xd0\x46\x57\x0b\x00\xa6\xcb\xd8\x00\xeb\x18\x80\xf4\x30\x6b\x8b\x56\x85\x1c\x19\x1a\x4f\xec\x0d\x29\x27\xaa\x67\x5d\x8e\x9a\x35\x1a\x5a\xb4\x19\x55\x0c\x8f\x33\x3c\x20\x64\x36\xd1\x27\x61\x70\x0a\x9e\xce\xa3\x47\x10\xd2\x5d\x3a\x1e\xe7\x93\x01\xc2\xab\xf5\xc0\x6f\x35\xb9\x03\xd3\x74\x92\x5d\x96\x0c\x00\x98\x0b\x51\x2b\xaf\x17\xec\x26\x16\xf3\x67\xae\x52\x29\x14\xed\xce\x29\x13\x7c\xb8\x83\x31\xca\xe0\x77\xea\xc8\x65\x61\x84\xf3\xad\xbe\xfb\x51\xcc\xfb\xcc\x2b\xd9\x90\x03\x91\xf7\x50\x6e\x68\x1e\x80\x49\x97\xd6\xee\xb0\x18\xa3\xa3\x70\x51\xe0\x74\x1e\xe8\x80\x11\x55\x01\x14\xdf\x83\xc0\x04\x6f\x83\x62\x83\x48\x70\x3f\xd7\xec\xac\x6e\x9d\x83\x23\xeb\x58\x63\x8b\xea\xb5\x67\xdc\x78\x63\x5c\xf6\x1a\x0b\xc9\x3e\x85\xf9\x7e\x48\xe5\xfa\x82\x66\x10\x20\xba\xee\xe2\x0d\x99\xdf\xc8\xb7\x05\xbb\xe2\xd2\x4e\x7d\xa0\xb3\xc1\x4e\x3e\x67\x42\xbf\xf7\x47\xda\xc8\xe0\x13\xad\xa8\xe0\x3e\x12\xeb\x34\x11\xeb\x74\x52\xa0\xea\x4f\x02\xee\xf9\x42\xc5\x20\x98\x68\x62\x41\x4c\x9e\x74\xe2\x89\xe7\x82\x14\x62\xf5\xb0\x64\x9c\xf4\x1b\xcb\x15\xae\x90\x88\xf7\x38\xf5\xc9\xa3\x60\x8e\x9e\xdf\xc8\x54\xd8\x3a\x03\x62\x86\x04\x2c\x27\x08\xf1\x8a\x6f\xfb\x31\xf0\xfe\xe4\xc1\xbe\xdb\x20\x0f\xe8\xba\xf5\x06\xcb\x5f\x49\x34\x20\x0f\x58\x6f\x9c\x81\x58\x28\x00\xe7\x78\xe5\x98\x27\x35\x0e\xce\xf2\x0a\x02\x1c\x26\x9e\xdf\x62\xab\x8f\xb9\x69\x05\xb7\x00\x04\x83\xe2\x56\x52\xb1\x60\xf9\x70\x3a\x07\x87\x90\xae\x81\xe5\x5a\x97\x1b\xe3\x31\x0f\xf6\x11\x89\x0e\x0c\x80\x37\x3b\x9a\x51\x77\x6d\xa0\x4d\x4f\x1d\x37\x3e\x33\x8a\xa2\x4c\x74\x55\x7a\xd6\xf8\x9e\xf3\x18\x7b\xbe\x4b\x67\x08\x41\x6d\x4d\xbb\x23\x4e\xb0\x8e\x0b\x1b\x24\xbf\x3f\xa9\x74\x73\x32\xcb\x9c\x27\xa5\xc9\x57\xfb\x52\x49\x21\xa7\x30\x92\xc6\xfb\x70\x47\x52\xfb\xad\xf5\xe1\x26\x01\x8d\x80\x3c\xb9\x4d\x3d\xd2\xb2\x13\x19\x8f\xaa\xbe\xd9\xbd\x92\x46\xfb\xb1\xca\xf7\x1d\x02\x25\x83\x20\x1d\xc2\xd9\xe1\x75\x1d\x20\x2f\xf0\x2a\x33\xbd\x8e\xc7\xe0\x0a\x6c\xd1\xdd\x58\x8b\x93\xd0\x2b\x8e\x06\x05\x82\x63\x47\xa6\xf3\x25\xa6\x2b\x4d\x75\x8d\xdd\x87\x9c\x3e\x45\x8c\xdb\x1e\x1f\x0e\xca\xba\xa7\x4c\x81\x0e\x2e\x50\x20\xaf\x6c\x30\xbd\xbd\x95\x6f\x64\x18\xc3\x87\xca\x1e\x78\x38\x09\xf5\x9e\x8c\x19\xdf\xb7\xac\x59\x4a\x17\x5c\x77\x06\x88\xc8\xa6\x71\x5c\xe7\x6c\x5b\x8e\x26\xae\xbd\x71\xeb\xce\x63\xa9\xad\x92\x2d\x24\xeb\xc3\x54\x92\xad\x90\xca\x31\xd7\x52\x2d\x11\x79\x33\x44\xe9\x1c\x8a\x55\x83\x53\x04\x92\x01\x4f\x2a\x0d\xd4\xe1\x41\x85\xbd\x77\x20\x9a\x26\x8f\xe1\xf5\x22\x44\x86\x03\x80\xfb\xe3\x78\xcb\x67\xb4\xd8\x53\x12\xed\xdb\x8f\x61\x5f\x35\x6b\x0d\x05\x8a\x0d\x3e\x7b\x88\x51\xe0\x26\xd8\xf5\x84\x2a\xf0\x60\xda\x96\xdc\xdb\x09\xd1\x45\xe1\x64\x2f\x9f\xec\xf0\x12\x9c\x90\xbb\x40\xad\x01\x0e\x04\xcd\xed\xc2\x31\xfa\x42\x2f\x34\xd9\x9d\x3c\x91\x69\x1e\xea\x40\xb4\x59\xb9\x48\x01\x62\x54\x54\x16\x4f\xa9\xf8\xcc\x59\x52\xeb\xd0\x5b\x57\xf3\x38\x70\xf5\x6d\x99\x77\x11\xcd\x49\x11\xcd\x2e\x2e\xfb\x41\x27\x4b\xe7\xec\x7d\xef\x52\x59\x49\x9b\xf0\x72\xc7\x72\xc1\xf3\x32\x17\x5d\xae\xa9\x6f\xb8\x5b\x8b\xb5\x7b\x75\xb2\x46\x69\x02\xce\x7b\x32\x91\x24\xd3\x15\xac\xa8\xd7\xd8\x81\x3d\x1f\x0d\xb6\xe1\xa2\x05\x65\x30\x89\x2e\x38\x88\x5d\xd9\xc8\xcf\x5b\x25\x4a\x37\x1b\xa2\xf5\x50\xbd\xb0\x7a\x30\x02\x28\xe0\xca\xaa\xe7\x05\xf0\xee\xae\x81\x7c\x79\xd8\x33\x54\x9d\x81\xb0\xdb\x6e\xad\x38\x6c\xf1\x23\x6e\xa7\xa7\x8b\x31\xed\xf4\xfd\x55\x87\x2e\xea\x0d\x6c\xd2\x25\xf0\xbb\xb1\x5d\x8c\x48\xcf\xbb\x29\xa2\x90\x44\x3d\xe6\x46\xc9\x31\xb3\xc3\x5a\x0a\x6e\x47\x82\x18\xa6\x78\x5c\x67\xaf\x9c\xcb\xa1\x50\x30\x7b\x64\x4e\xa2\xa5\x82\x9a\xce\xde\x43\x8b\xbb\xdc\x5f\x31\x0f\xa0\xe9\xe2\xcc\xa5\x7d\x77\x43\x5e\xf7\x9a\xc1\x9d\x7d\x15\x09\x49\x3d\x67\xcf\xf7\xba\xb0\x4c\x8e\x0b\x2f\x36\xb2\x4e\xa5\x4a\x3b\xd4\x70\xc9\xc1\xdc\xbc\x03\xc1\x83\x1a\x9f\xfc\x53\x2e\x62\x83\x79\xbe\x17\x7d\x1b\x12\x4b\x83\xe9\x1c\x2c\xe0\xd2\x69\xec\x81\xc0\xf3\xb3\x76\x18\x8f\xc8\x10\xeb\xca\x0a\x1a\xb6\xd7\xd9\xab\xe9\xb4\xb1\xb8\x53\x9b\x92\x20\x8e\x8e\x44\xf3\x7e\x73\x2e\x4f\xc1\x5d\x1e\x44\x77\x50\xa4\x12\x6e\x3d\x83\x1e\xd2\x47\x09\xe0\x2e\xcd\xec\x5c\x76\xfd\xde\x13\xb7\x4e\x3e\x4c\x6e\x5c\x13\x1a\xc4\x14\x24\x5b\x69\x32\x5f\x09\x00\xcb\x6f\xa2\xbd\x87\xcb\x99\xa2\x7a\x68\x01\x6c\x9c\x3b\x47\x5e\xcd\x71\xdb\x0e\x53\xbc\x6c\x09\x62\xf2\xbb\x29\x39\xf3\x64\x13\x73\x73\x94\x1a\x75\xbf\x52\xe3\xbb\xfd\x79\x49\x49\xef\x86\x8e\xea\x88\xba\xf2\xca\xab\x9f\xcc\x82\x57\x4b\x12\xc0\x54\x21\xee\xf5\x1e\xf9\x9e\x6c\x07\x7b\x1a\x08\xb7\x68\x3b\x28\x74\xa4\xbb\x0d\x6c\xe8\x60\x7c\xfd\x13\x1f\xd3\x09\xda\xa0\x0b\x10\xf3\x06\x7a\xca\x0c\x5f\x67\xb4\x29\x88\xc1\x55\xaa\xbe\xdf\x00\x72\xed\x26\x0d\xce\x8a\xa0\x3b\x1f\xb4\xe1\x3c\x8b\xe7\x3d\x9e\xcb\x8e\x78\x5c\x0a\x89\xfc\xcc\x41\x52\x9e\xcd\x41\x81\xaa\x13\xf9\x8c\x29\x1e\xb4\x47\xd8\x8a\xda\xe8\xe1\xbd\xf5\x25\xb6\x6b\x5d\x2c\xe1\x46\xd0\xc1\x99\x4f\x2f\x2f\x36\x10\xc2\xef\xc4\xe5\x66\x54\xab\xf1\x34\x2a\xca\xa8\x5a\xb9\x8d\x52\x67\xcc\x6e\x10\xd1\x41\x40\x03\x9d\xf7\xaa\xeb\x78\x6d\x6d\xe8\x6d\x48\xa7\x26\x55\xa7\x22\x21\x83\x98\x0c\x6c\x32\xc0\xdd\x9d\x82\x1f\x5a\xe1\xcc\x2d\xec\x8f\xb0\x3f\xd2\x5e\x36\x2c\xc1\x98\xa9\xd3\x93\x32\xd8\x27\x18\x81\x40\xff\x9a\x2b\x0a\x6a\xc2\x1e\x20\xe8\xed\x54\x74\x4d\xbb\x41\x5f\xb2\x31\xb9\x9e\x73\x22\xa0\xf4\xab\x9f\x99\x93\xeb\x2e\xa9\x75\xaa\xa2\xe7\x3a\x13\xed\xa0\xb8\xcf\x09\x13\xb6\xcf\x3a\x55\xc9\x07\x07\xf2\x87\xa7\xac\x2c\x7a\x17\x5b\x1a\x9d\x89\x75\x7a\x7d\x5e\x35\xb0\x4a\x3d\xa1\x89\xdc\xe6\x06\x14\x1e\xe5\xec\x1c\x22\x54\xa1\x4d\x04\x31\x22\x1f\x69\x3b\x1c\xf1\x3c\xb4\x2d\x3e\xc6\xed\xf0\xfa\x1c\xf1\xfc\x80\x35\x24\x47\x1d\x6d\xda\xb2\x64\x4a\x49\x91\xc1\xe5\x47\x65\x0f\x4e\x24\x3d\xec\x48\x4e\xd5\x25\x9d\xc1\x11\x8f\xa7\x90\xa0\x54\x4e\xaa\x6f\x77\xa9\x7e\xb9\x8a\x52\x4f\x4a\xcc\x9b\xf1\x3d\x4d\xfa\x51\xb9\xf7\xad\x5e\x87\xc4\xb5\xd6\xac\xf9\xc6\xb5\x32\x91\x1b\x5d\x0e\x60\xf9\x19\xad\x23\xb9\x92\x23\x87\x2b\x8a\x61\xd9\x7c\xa9\x03\x8c\xb1\xb5\xe5\x7b\xcf\xf9\x60\x6f\x9e\x10\xf9\x6e\xf3\x4a\xa4\xac\x99\x36\x80\xb1\xe7\xf2\x18\xb7\xf8\x1a\xb7\x4f\xe8\x6a\xa2\xe2\x5e\x4e\x8a\xfd\xd8\x4e\xca\x50\xbd\x58\xcc\x0e\x87\x10\x63\x52\xf5\xe2\x29\xca\xf6\x7a\xf6\xc6\xc5\x1b\x37\x21\x1c\xda\xb4\x93\xc7\xb0\x93\x8f\xb0\x15\x19\x4c\xbc\x08\xf8\x11\x49\x8f\x20\x24\xc9\x09\x64\xe0\x47\x74\xb5\x6e\xce\x65\x1f\x86\x3a\x6c\xe5\x7b\x8f\x68\x55\xf8\xa0\x1e\x6e\x7c\xaa\xc2\x3e\xfb\x71\xd8\x2a\x1c\xd8\xd6\x41\x1b\xb5\xd1\x3e\x26\x2d\x05\xa4\x89\x3a\xf9\xf0\x9a\xa1\xab\xa4\xae\xc4\xa6\xee\x69\xb2\x20\x8c\x81\x73\x9f\x71\xe8\x06\x78\x1e\x2c\xfc\x03\x03\xe8\x5d\x67\x0f\x78\xf1\xb3\x31\xa6\xe8\x8b\xf5\x08\x57\x9f\xe7\xc0\x45\x31\x31\xf5\x4c\x51\x8e\x0f\x5d\x07\x82\xb5\x7b\x78\xe8\x2f\xca\x77\x0c\x30\xee\x18\x62\xdc\x31\x40\x7b\xfd\x46\x90\x27\x72\xf6\x27\x7d\x53\x5f\xfa\x2f\x12\xf6\x19\x5e\x8d\x8d\xef\xe2\xc9\x25\xe4\x3a\xb9\x8a\x6c\x1a\x44\x18\x76\xee\x54\x20\xec\xa9\x1f\x9d\x81\xb8\x47\xdd\xcd\xec\x6e\xcf\xd3\x70\xd0\x0c\x15\xcf\xaa\xb8\x68\x77\xf7\x96\xd4\xe4\xd1\x49\x07\xa2\xe1\x0c\x48\x32\x40\xfe\x31\x3b\x09\x6f\x49\x17\x22\xc5\xdb\xc6\x1a\x70\x73\x2d\x8f\x6b\x3f\xaa\x1c\xb6\x75\x27\xf7\x9c\x55\x5a\x1c\x69\x80\xf1\x49\x34\x27\x2b\x2c\xba\x56\x58\xfe\xca\xa9\xd7\xb7\xcf\x23\x7b\xfb\x3b\x6a\xad\xc6\x9f\xe4\x37\xd9\xda\xfd\x56\x88\x32\x65\x76\xfb\x2d\xed\x64\xce\x7c\xc8\x76\x70\x6d\x29\x88\xa5\xd2\x59\xf4\xc6\x15\x1e\x8b\x86\x0b\x11\xcd\x89\xe0\x3c\xd8\x81\x9b\x0c\x0c\x1d\x41\x0c\x05\xa8\xdf\x31\xa0\xab\x5c\x15\x60\x4f\xf2\xb3\x3f\xb0\xcb\x4e\x3f\x67\xe9\x5e\xf3\x60\xbd\x3f\x75\x0b\x45\xe9\xb5\x98\x88\x74\x1f\x35\xb9\x4e\xc9\x9c\x26\xa8\xbe\x6b\x84\x2a\x57\x1e\x09\x4b\x18\x11\x52\xf5\xb9\xc8\xf6\xb1\xc8\x3e\x29\x51\x9a\x93\x49\x08\x1b\xbe\x8f\x0c\xde\x89\xc8\x22\x5c\x57\x10\xa5\x71\xd4\x9a\x34\x79\xc2\x00\xa3\x7e\xbc\xd2\xde\x2e\x39\x0f\x5c\xb7\xdd\x46\xb7\xb0\x19\x6e\xcd\x19\x6e\xa9\xa0\xa5\x0d\x07\x00\x84\x66\x48\x5a\xee\x80\x0a\xb4\xbe\x15\xbb\xa2\xd4\x7d\x79\x17\x19\x87\xae\xc0\xf3\xa3\x26\x5c\x1c\x9a\x56\x9a\x82\x67\x28\xa3\x02\x38\xe1\x65\x03\xc1\x4a\x1e\x38\x50\x74\x38\x50\x34\xd7\xf2\x79\xd5\xc3\x1c\x41\xfc\x93\x06\x4d\x8d\x06\x0b\x94\x66\x9e\x3a\x5f\x42\xaf\x08\xd1\xab\xd9\xb8\xa1\xaf\xd9\x71\x5d\xed\xc7\xa0\xdb\x2e\x2e\x3b\x0f\x5c\x75\xde\xda\xe6\xc6\xe0\x9f\x29\xff\x50\x67\xa1\x9c\x85\x03\x80\x83\x64\xc7\x08\x4f\x4e\x10\xd0\x81\x32\xa6\xd2\xcd\x57\x3f\x56\xa0\x28\x9a\x2e\x36\x6b\x1c\xec\x67\xbf\xae\xc8\x39\x0a\x0a\xd7\xcc\x85\x17\x45\xcc\x98\xc9\x7b\xb9\x7d\xd1\xe1\xad\xd5\x45\x48\xd1\x45\xd7\x34\xba\xbb\x71\xc1\x9f\x17\x58\xcb\x02\x07\xa1\x8b\x04\x41\x67\x5c\x18\x80\xb0\xbd\xf2\x15\x9b\x5e\x8f\x5b\xb4\x69\xb1\xdf\x0e\x71\xdc\x0e\x84\xdf\x0c\xaf\xbf\xc1\x7b\x4d\x44\xc8\x3e\x4f\x8a\x7e\x8e\x84\x7e\xce\x24\x42\x87\xe8\x4e\x19\x37\x8b\xdc\xda\xe0\x1c\x1a\xdf\x53\xe0\x86\x2c\x79\xc0\xbc\x3f\xdf\x7d\xcb\x6c\x2c\x8d\x8c\xba\x20\x58\x68\x56\xa4\x31\x47\xd8\xf3\x57\x0c\x59\x8f\xe8\xd5\x9d\x8c\xf1\x63\x90\xa8\x95\x40\x1b\x75\xc8\xa7\x85\xcc\xb7\x81\xcc\xd1\x81\xc8\xd1\x81\x2c\x82\x70\x12\x4d\x44\xe7\x5a\x77\xec\x6a\x0c\xb8\x9d\xb7\x45\x3a\xa1\xe5\x76\x42\x8b\xe1\x40\x8d\xdc\x65\xe8\x81\xef\xfe\xb4\x90\x3b\x15\x5e\xd9\x1a\xdb\x44\x79\xd6\xaa\x95\x2e\x52\xba\x33\x40\x63\xb8\x4b\x3b\x04\x94\x3c\xc6\x00\xf9\x67\x4c\x7a\x42\xd4\xb2\x0f\x18\xdb\x40\x71\x7f\xd5\x17\xea\xe5\x4b\x78\x01\x0e\x54\xf3\xb0\x1f\xc3\xed\x2e\x51\xe8\xab\x6e\xbf\x62\x5f\xb4\x5c\x4f\xb4\xb4\xe5\x2e\x9d\x2e\x11\x38\x5b\xe7\x26\x0b\x1d\x4c\x4b\xb6\x6d\x0f\x5c\x77\x4a\x48\x64\xd1\x0c\xcd\x3a\x0f\x2c\x4c\x88\x65\xc5\xa1\x37\xdd\x89\x4e\xc9\xdb\x5d\x3a\x6e\x77\xf9\xa0\xdb\x3d\xf3\x85\x3a\x74\xc6\x4c\x75\xa0\x4d\x3d\x6f\xa7\x74\xde\xf6\x9b\xfd\x18\x6f\xb7\x6a\x2a\x40\xe8\xaa\xca\x97\xc7\x79\x3b\x6f\xc8\x8a\xc2\xe3\x2b\xf7\xa6\x9d\x9a\x86\xd5\x23\xfa\x88\xb0\x58\x2c\x49\xad\x84\xf5\xb5\x6a\xe2\x57\xfd\xd7\x7a\x13\x60\x36\x92\x14\x62\xe6\xa3\x76\xf1\x66\x23\xd7\x61\xcc\x33\xb1\xf8\x84\x2e\x93\x31\xbc\x32\x9f\x17\x4f\x31\x14\x18\x80\x5c\x04\x21\x29\xc9\x6e\x77\xe4\xfc\x49\x85\xf7\x29\x3f\x01\xef\xc8\x02\x0b\xc9\x3a\x0b\xd9\xb6\xb4\x23\x36\xaa\xb1\x23\x35\x21\xe3\x48\x80\x8f\x7e\x51\x3d\xff\x0e\x65\x8c\xf8\xbc\x80\xee\xf2\xde\xa0\x30\x17\x55\xb5\x21\x5a\xee\x9f\xf5\x81\x05\xdc\x5b\x8d\x43\xd6\x67\x27\x52\x56\x96\xdd\x67\x77\x53\xf7\x9a\x78\xfa\x90\x72\x61\x50\x5c\x7f\x07\x29\x33\xc5\x6f\x86\x4c\xba\x30\x9c\x74\x17\x9f\x05\x55\x77\xdf\x06\x28\x8e\xe0\x64\x8c\xe1\x38\x42\x43\x76\xa7\x74\x3e\xe7\x76\xde\x6c\xd2\x09\x48\x4d\x86\x7b\xd5\xd0\x3a\x7c\xc8\x34\x23\x3e\xc5\xcf\xd9\x96\xef\xeb\x7b\x9e\x3c\x29\x83\x27\xcc\x1b\x73\xb3\xdd\x4e\x8e\x1b\x57\xd9\x7a\x06\x60\xc0\x4f\xba\x03\xe7\x76\x32\x7d\xb9\x30\x92\x9a\xf7\x82\x62\xc7\xa6\x5a\x7a\xdf\x77\x03\x66\x33\xec\x37\x90\xb1\x18\x97\xeb\xd2\x9e\x61\xc0\xcf\xb9\x49\xb2\x21\x9c\x73\x90\xfb\xf3\x66\x7a\x82\x6c\x4b\x0f\x88\x01\xa5\xe1\x73\xfe\x81\x2a\xc9\xc9\x8d\x30\x63\xae\xb8\x69\x4a\x65\xfd\x59\x67\x55\xfb\x62\xe9\x52\xc7\x70\xaa\x4d\x80\xee\x7e\x73\x44\x88\x29\x98\xef\x7b\xa2\x4b\xad\x6a\x51\x03\xe9\x15\x4c\x33\x1c\x17\x57\x92\x85\xb5\x25\x8f\x5d\xc1\x6f\x73\x00\xef\xbe\x7a\x1b\xc8\x34\x99\xfe\x2e\x9c\xf1\x53\xa5\xee\xe8\x37\x5d\xf1\x23\xa7\xbc\x54\x58\x1b\x64\xc9\x44\x9f\xfb\xaa\x8b\x92\x21\xee\x53\x62\x5d\x9e\xf1\x71\x3d\x92\x4b\x1e\xb0\xee\xd8\x87\x0a\x2a\x58\x1e\x74\x59\x2e\x19\xd3\xb1\x0f\x54\x9e\x79\xf0\xb8\xa5\xec\xdb\x2b\x45\xd4\x05\x56\xe3\x2f\x4f\x4e\x92\xfb\x28\xb9\x00\x2c\xf8\xb9\x3f\x13\x98\x20\x3c\x94\x0b\x53\x33\xe9\x85\x4c\xdb\xa7\x01\x4a\xdf\x73\x30\x46\xe8\x43\xdf\x32\x2c\xa7\x38\x63\xe1\x10\x60\xf0\x92\x11\xfd\x94\x51\x29\x4f\xeb\x91\xd8\x2c\xc3\xd6\x68\x94\xdf\xac\xa1\x67\x0e\x89\xfd\xd4\x1d\x31\xab\xfc\x13\x75\x09\x31\x80\x18\x89\x21\xee\x8f\x14\x5c\x18\xbe\xfd\xcc\x11\x17\x36\x8c\x2e\xee\xc5\x61\x98\x0a\x72\x01\x15\xf5\x4b\xf6\xbb\xac\x2c\x7f\xd5\x13\x8a\xd9\xd5\x7e\xa8\x02\xcd\x61\x56\x8b\x31\xca\x77\xd5\x31\xc6\x03\x63\x6e\xc2\x6a\x97\xd1\x6a\xf7\x4c\xfa\x29\x27\x53\xaa\x30\x56\x38\x2c\xc3\xd7\x90\x94\x9d\xee\x53\x7d\x98\xfc\x87\x7e\x2e\x5c\x68\x8d\x7a\xc5\x99\x1c\xa6\x98\xd7\xaa\xfa\xe6\x97\x12\xf3\xbc\x47\x7d\xcf\xf5\xac\xa4\x1d\xc1\x91\xba\x2f\xd5\xbe\xf3\xc7\x48\xd6\xa0\x19\x07\xc3\x5f\x98\x32\xbe\xbb\xa8\xec\x72\x3e\x79\x7a\xf1\x47\xff\xce\xc8\x62\x33\x30\x25\xbb\xe7\x2a\x9a\x36\x0c\x83\x7f\xe7\x9d\x69\x6d\x4b\xd6\x18\x8e\xd1\xef\x54\xc6\x5f\x9e\xcc\x8f\x72\xb5\x8f\xb0\xae\x19\xa6\xbe\xf0\x00\xc4\xe4\xd1\xb7\xbe\x81\x31\xf1\x61\xdf\xa1\xd2\x64\xb0\xa1\x8e\xda\xf8\x22\x97\xcc\xf9\x69\x0b\x4e\x34\x6e\xfa\xb5\xe4\x18\x59\x58\xed\xd5\xb9\x97\xec\x0f\xef\xe4\x35\x97\x2b\x4a\x94\x58\x46\xd4\x0e\x8f\x11\xd6\x6f\x7e\xcf\x9a\x38\xe8\x11\x89\x13\x26\x85\xc9\x94\xf7\xbe\x93\xed\xe8\x37\x36\x7a\xb5\x7a\xf7\x67\xde\xcd\x94\x6c\x72\x8c\x73\xd9\x6f\x10\x13\x31\xec\xe7\xec\xa3\x59\x91\x2a\xc4\xaf\xb4\xd3\x43\xb4\xe1\x18\x8a\xe4\x3c\x18\xf1\x33\xee\x60\x06\x32\x78\xfa\x76\x61\x74\x35\x6b\x1f\x51\xcf\xac\xec\xf6\x83\x6f\xa1\x16\x8f\xe9\xa5\x30\x3b\x17\x59\xfd\xee\x57\x31\xd1\x2d\x78\xda\x32\x2c\xab\xa9\xbf\xf1\x39\xc9\x45\xec\x41\x23\x73\x63\xeb\x19\x93\xb7\xb3\x20\x83\x7e\xed\x73\x97\xfb\x44\xae\xf8\xbe\x7a\x27\xc4\x84\x6c\x5f\xf5\xf1\x95\x14\x43\xb2\x30\xf9\x1f\x72\x0d\x6f\xb7\x35\x9d\xf6\xcc\x83\x61\x39\x4b\x76\x1f\x8b\xaa\xa0\xbf\x8d\xeb\x31\x69\xdb\x07\xc7\xf0\x17\x58\xe3\x13\x8b\xbd\x71\xdb\xf7\x78\xb9\x4e\x5b\x02\xdf\x33\xd1\x76\x8d\x92\x31\x5d\x68\x99\x08\xc0\x79\xc8\xe2\x0b\x47\xf6\x89\x63\x7d\x10\xb9\xfe\x70\x1d\x86\xb9\xab\x18\x78\x4d\xa7\x71\x6c\x79\x8c\x07\xbf\xc7\xab\xec\x16\x20\xc5\x54\xc4\xcc\x5c\xb4\x43\x7e\x10\x79\x3b\x10\xc5\xc0\x00\x4c\xf7\xa9\x23\x96\x83\x23\x80\xce\x27\x3a\x53\xc5\x27\x27\x9d\xba\xf0\xdc\x44\xa3\xbf\xbd\xd1\xb2\x3e\x69\xd5\xe3\x30\xc5\x35\x9d\xc5\xe3\xcd\x60\x6e\x16\x4a\x2d\xce\x70\xce\xd8\xfa\x56\xe7\xbe\xe7\x94\xd7\xb4\x03\x91\xcb\x01\xb7\x27\xc6\x70\x4c\x6d\xcb\x3c\x0a\x62\x8f\xcd\xaf\xcd\x26\x66\x8a\x3a\xad\x1b\xaa\x61\xbe\xcd\x76\x6a\x8c\xd0\x6b\x96\xe7\xb2\x78\x16\xcc\xe5\xd2\x6c\x77\x0c\x90\xd2\xbc\xe0\x98\x5d\x0a\x05\x9f\xe1\xf1\xcb\xb7\x98\xe3\xb8\xab\x78\xdf\x9f\x74\x6a\x30\x99\x1d\xc9\x3d\x1b\x72\xcc\x65\xc7\xf2\x62\xc9\xb3\x0c\xb7\xbd\x66\x61\x94\xa7\x50\x7c\xb7\x63\x2a\x0e\x99\x4a\x42\xd4\xb8\x68\x67\x8a\x40\xcc\x83\x65\x7c\x12\x19\xd3\xc5\xd0\x34\xa2\x71\x95\xa6\x67\x4f\xf6\x7b\xdd\x00\x24\xe4\x76\xbf\x93\x27\x69\x18\xfc\x93\xd2\x21\xe6\xc1\x98\xc7\x6d\x53\xb7\x02\xcc\xf3\x43\xba\x4b\xc8\x43\xb8\x5d\x8a\xcf\x9d\xb4\xa4\x65\x54\x9f\x07\x8d\x07\xe3\xb0\xce\x1e\x10\xf3\xe0\xcd\x5a\x5a\x35\xb4\x20\x19\x30\x6e\x07\x25\x31\xb9\x96\xd9\x3e\x77\x18\x37\x7e\x23\xc8\x49\xa0\x81\x27\xfd\xc4\xf8\x9a\xc1\xd8\x5b\x2e\x4e\xf8\x42\xe0\x50\xb3\xa7\x3e\xc4\x0c\x25\xfc\xe9\x63\x22\x7f\xe4\xfc\xb1\x6d\xa0\xd8\xb6\x8e\xd6\xc5\xa6\xcf\x84\x8a\x67\x8f\x4e\x3c\x6f\x80\x48\x10\x74\x62\x71\x2d\xe7\xa3\x90\xf3\x7d\x47\x7e\xd5\x51\x04\xa7\x71\x72\xeb\xf4\xb3\xc6\x63\xc6\xe6\x7b\x2f\xb2\x83\x24\x41\x27\xa7\x87\xaf\xe6\xb1\x32\x31\xe4\x02\xfc\xb7\xb0\x6a\xb5\x7b\x88\x82\x18\x76\xbe\xf5\x83\x10\xf3\xe0\xa4\xe3\xd6\xe9\x45\xc7\x93\xa0\x75\xb1\x2e\x89\xc9\xad\x5c\xf2\x89\xbf\xd7\x54\x0f\x2d\x50\xe8\x46\x81\x11\x19\x44\x31\x63\x73\x0f\x99\x0b\x1f\x86\xa1\x4a\x26\x7a\xdd\xe7\xd7\x7d\x71\xfa\xce\x8f\x26\x86\xb0\xe1\xd8\x07\x01\x10\x01\xf7\xe2\x87\xb9\x58\xae\x27\x18\xc5\x69\xd2\x9b\x0d\x69\x42\xcf\x06\xdc\xf7\x1d\xcf\x43\xa9\xc7\xa9\xeb\xce\x29\x42\x6c\x59\xbb\x28\x0c\x27\xa8\x13\x9d\x6d\x05\xc0\x01\xa0\xfa\xa4\xfc\x52\x48\xf9\xef\xbb\x9b\xe7\xdb\x9e\xdf\xc0\x78\x16\x32\x96\x71\x36\xf8\xcc\x8d\xef\x37\x5b\xaa\xa5\x59\x2e\x39\x86\x32\x60\xa0\x81\xf4\x01\xd6\x07\x4f\x19\xe0\x7c\x7c\xce\x3c\xb7\xc1\xc0\x06\xe7\x0d\xf4\x9a\x8f\x97\xec\x3e\x66\xd0\x93\x10\x43\x7a\xa8\x3a\x32\x49\xc8\xec\x36\x5f\x19\xb3\x6e\xdc\xde\xbb\x5a\x8f\xe8\x1a\x34\xf8\x61\xcd\xeb\x84\xd6\x9a\x35\x6a\xf6\xe8\x99\xa3\xe7\x55\x61\xcb\x59\xb2\xf8\x68\x8e\x15\x7e\xae\x0b\xbd\x55\x29\x5f\xa6\xf7\xb5\x1b\xe2\x68\xd3\xc8\x2e\x26\x4d\x62\xb0\xfc\x11\x46\x10\x3a\x26\x8f\xc7\xa0\xfa\xbc\xc1\x04\x24\xb1\x7f\xc6\x24\xa3\x66\xd3\x02\x93\xf7\x81\xc2\xae\xa9\x19\x8c\x5a\x2e\xbe\x46\x43\x79\x76\xc4\x57\x0f\xdf\xe6\x46\xed\x70\x91\x93\x28\xcf\x41\xa9\x07\x65\xa0\x0d\x0d\x5b\xdc\x87\x9d\xa8\x51\xa2\xc5\x32\x17\x6f\x82\xde\x62\x91\xb8\xcf\xc9\xeb\x73\xdd\xfb\xbc\x1b\x8e\x34\xac\x61\xf6\x22\x0a\xfb\x1c\x3e\x64\xce\x8f\x4f\xc4\x3f\xf4\xfa\x0c\x84\xb6\x95\xb5\xd7\x6c\x79\xbc\x9a\xc3\xb3\xc3\x96\x68\x8c\xda\xa8\x4d\xdb\x49\x8e\x27\x36\x9e\xf0\x42\xe1\xc4\x1d\xca\xae\x3b\x16\x71\xb9\x9a\x06\x0a\xec\xa3\xe8\xa4\x36\x6b\xa0\x36\x93\xe2\x97\xdc\xfc\xfd\xfb\xb2\x97\x0e\xc1\x8d\xb8\x22\xa0\x0f\x6b\xe6\x15\x09\x3c\xc1\x7a\x44\x8f\xa8\x8d\xdf\x1b\xf6\xd7\x67\x4c\x2e\xfb\xcd\xb9\xa9\x55\x4c\xc9\xaf\x7e\xf9\x35\x73\x80\x28\xcd\x80\x28\x0d\x66\x10\x6d\xc4\xfa\x3d\x3c\x9e\xcf\x83\x0b\x71\xdd\x7e\x4c\xb7\xf3\xd6\xc8\xb6\xbb\x68\xb6\x3b\x28\xf6\x83\x32\xb4\xb3\x90\xa0\xd1\xd6\xf8\x10\x30\x16\x06\x84\xb4\xa2\x40\xe9\x22\x80\x69\xd4\x21\x50\x93\x28\x89\xb6\x51\x86\x60\xc4\x87\x65\x0d\x54\x8d\x10\xe2\x59\x5d\x35\x19\xfd\x61\xbf\xc9\xd8\x91\x0a\x51\xe3\xba\xc1\x59\x5e\x70\x18\xa9\xd6\x21\xa2\x9d\xe9\xa6\x1d\xe9\xa4\x1c\xf3\xa4\x38\x52\x6d\x34\xc7\xc5\xdc\x48\x65\x18\xe3\x76\x9d\x56\x62\x25\x57\xf2\x35\x5c\xe4\x68\x43\xfa\x57\x74\x57\x7b\x5a\x78\x44\x7e\xd4\x46\x48\xd6\x44\x88\xd7\x44\x6d\xd2\xd3\xc1\x24\x90\x47\xca\x97\x98\x9e\x75\x1e\x9c\xa1\x19\xba\x90\x39\x84\xb4\x27\x84\x01\xd3\x09\x54\xeb\x16\xa0\x28\x43\x13\x4f\x14\xd3\xf5\xcf\xde\x8f\x91\x2f\x9d\x4d\x1d\x00\x05\x6b\x77\x57\xd0\xd8\xa0\xcf\x84\x3e\x9d\x94\x93\x2b\x67\xb5\xc6\x7a\xe5\xb2\xdf\xec\x4a\x41\x9d\x68\xd2\xb2\x4d\xac\x87\x21\xf1\x61\x3a\x57\x1a\xc2\x6f\x75\x95\x2a\xe6\xd6\x3d\xda\x7e\x56\xb8\x67\xaf\x70\xaf\x79\x7f\x77\x8c\xfd\x0e\x18\x70\xbe\x6d\x04\x00\x2f\xb1\xdf\x2c\xb1\x8f\x2e\x24\xf0\x94\x68\xc3\x5b\xc9\x68\x0b\x34\x8d\x46\x25\xa4\xbc\x01\x97\x4f\xbd\xf0\x4f\x56\xec\xb1\x69\xf1\x46\x7c\x77\xbd\x66\x88\x5d\x81\x75\xbd\xa3\xe3\xf4\xea\x4a\x91\x28\x8d\x66\x45\x42\x54\x73\x7c\xdd\x1f\x85\xa1\xa4\x45\x50\x9f\x79\x62\x43\x83\x6a\x43\x83\xe2\xe2\xba\xc3\x8c\xcb\xbe\x2e\x67\x8a\x68\x11\x05\x16\x24\x41\xf7\x90\x6e\x33\x77\xef\x2a\x1d\x92\x68\x94\xe4\x67\x2e\x7d\x32\xd6\xaa\x2b\xb8\x3f\x02\xa9\x27\x44\xb1\xd7\xcc\x44\xe2\xed\x56\x38\x17\xb5\x98\x27\x68\x7e\xef\x49\x9d\x7a\x42\x1a\x4e\x11\x45\x87\xe3\xc8\xcc\x9d\xfb\xc3\x7d\xb6\x2e\xe4\xe1\xbe\xdf\x0c\xb6\x3f\x28\xf6\xc8\x16\x35\x05\xb7\x31\x52\xcd\x7a\x57\x00\xc5\x25\x13\xa3\x83\xf7\x37\x84\x5c\xda\x61\x59\xd1\x5b\x1d\xb3\x3c\xc1\x7c\xce\x9e\x97\x9a\x0a\x56\xf0\x54\xc9\x33\x84\xd8\xaa\xc4\x92\x12\x57\x5b\x52\x7e\xcc\xbe\x2a\x1c\xc8\xad\xee\x7b\x65\xae\x9a\x7d\xa5\x11\xed\xee\x42\xf0\x92\x78\x0b\x69\x21\xb3\x03\x1f\xed\xc7\x3e\x3b\x9e\xbb\x6a\x37\xdd\x2b\xe0\x8f\x90\x3e\x8f\x73\x72\xb5\x90\x65\x8c\x1f\x74\x4a\x26\x7a\x34\xdd\x04\x6f\x0d\x82\xc9\x5b\x48\x8c\x0a\xb5\xe9\x02\x96\x60\x7a\x17\x19\xf3\xdd\xe9\x70\xc5\x0b\x82\x11\x99\xc6\x27\x10\x76\xe4\xe0\x8d\x65\x70\xe2\x04\x1c\x6e\xf7\x27\xaa\x41\xc5\x8e\x23\x28\x81\x50\xf7\x3e\x16\x3d\xd8\x09\x3c\x8d\x4c\xcf\x1b\xcf\xcc\x70\x74\xf1\x44\x8b\xa0\xd3\xd9\x79\xf6\xc6\x73\x22\x18\x09\x14\x21\xf4\xac\x9e\x7d\xeb\x0c\x67\x4f\xae\x4f\xa5\x27\x25\x28\x81\x1b\x1a\x44\x9d\xde\x57\x36\x1e\x44\x89\x4e\xfe\x56\xe7\xca\x5c\x85\x35\x9a\x98\xa7\x11\x93\x6b\x41\x86\xf5\x05\xad\xdf\xbe\x6b\x80\x8b\x6b\x4b\x41\x95\xe6\xa6\xe7\xed\x34\x3c\x2d\x71\x3b\x67\x20\x0e\x7f\x44\x66\x44\xe6\xec\xc7\x70\x50\x79\xe3\x35\xbe\xd7\x0e\xd6\x78\x93\x47\xf3\xe5\x4c\x33\x99\x6d\xe7\x05\x08\xe3\xab\xc9\xb7\x59\x71\xdb\x5a\x27\x9e\x47\x8f\x94\xeb\x32\xdd\x3e\x6b\x6b\xe9\x8b\x01\x79\x47\x45\x07\x7f\xba\x1b\x45\x48\xdc\xcd\x18\xbd\x28\x50\x9b\x03\x51\x6b\xa9\x94\x90\xb4\xb5\x65\xbd\xa1\x4c\x4a\xb7\x24\x80\xd2\xf9\x12\xd9\x33\x49\xcb\x93\x07\xa9\xaf\x93\x37\x51\x9b\x71\x96\x1b\x11\xc8\x0a\xc9\x84\xd3\x25\x35\xd0\xeb\x31\x4e\xd3\x95\x0c\x42\x35\x18\x07\x65\x48\xa6\x3b\xbd\xac\xbe\xda\x74\x37\xa8\x0c\xb8\xef\xfd\xb5\x58\x1d\x9a\x80\xd2\x00\x99\xa8\x68\x6d\xe5\x13\x0c\xd0\xf1\xa4\x78\x91\x3b\xd1\x41\x4f\xbb\x7b\xe8\x0b\x6b\x02\xe7\x33\x90\xe9\x20\xa8\xf7\xe9\xed\xde\x13\x1a\x24\x1d\x55\x13\xb5\xd1\x1c\xa8\x14\xa0\x1e\x40\xe0\x35\x4f\xe4\xe6\x08\x3b\x70\xbb\x5b\xed\x32\xc4\x77\x28\xb5\x57\x97\x80\xfd\x0e\x05\x8b\x22\xf5\x55\xfc\x6e\x34\x8c\xf8\x51\xcb\x18\x06\xca\x02\xbf\xeb\x9a\x65\xdf\xe7\x1a\x7c\x72\x13\x04\x3c\x46\x8f\xc0\xc3\x19\x1d\x3c\x45\xa7\x22\xf0\xac\x6d\x59\x0b\x82\xee\xdc\x9e\x67\x7d\x55\x77\x57\x42\xcb\x47\x14\xc7\xeb\x78\xa5\x9d\xd4\x15\xac\xc0\xae\x4b\x2a\x59\xe0\x52\x17\x9d\x81\xc2\xdb\x23\xc3\xc4\x7c\x71\xce\xf3\x70\x2f\x38\xa2\x6d\xba\x70\xb9\xa4\xdf\x6a\xb3\xe9\x6f\xba\xd0\xb4\x79\x91\xc3\x84\xbd\x6b\xc8\xcd\xf7\x84\x3c\x5b\x74\xed\x8a\x68\x75\x38\xd4\xb3\x82\x72\x24\x9a\xe6\x7a\x77\x56\x07\x2d\x20\x1d\x04\x3d\x50\xa6\x19\xa0\x4c\x73\xae\xbc\x35\xfb\x6a\xfc\x94\xf0\x4c\x73\xa7\x39\x61\x30\x9d\x5f\x0d\x1f\x40\x97\xc4\x55\x7d\x42\x64\x43\xe3\x0e\x61\x18\xd5\xca\x47\x7a\xfa\x66\xd5\x7c\xce\x1a\xa2\x08\xd3\x45\x00\xe2\x53\x0e\x5e\xce\xc8\x3a\xdd\xca\x40\x49\xb9\x71\x91\xe8\xca\xde\x35\xb8\x79\xe5\xf6\x2d\x59\x0c\x98\x25\xf1\xfa\x58\xb8\x8b\x15\x4f\x7e\xe4\x45\xb9\x07\x13\x74\x7c\xad\xb0\xc2\xb9\xc7\x9b\x0b\x6b\x36\x15\x01\x60\x3e\x27\xc2\x7e\x4b\xe7\xb3\x75\x8f\x02\x4c\x8f\xae\x1f\xf5\x7b\x6b\xb7\x17\xd5\xf8\xa8\xe1\x12\x57\x4e\x42\x32\x4d\x28\x49\xb7\x54\x27\xdb\xa6\x30\xd5\x58\xf9\x44\xc5\xd3\x71\xc2\x39\x50\x7d\x53\x25\xed\x13\xa2\xb7\x18\xd8\x56\x43\x2b\x53\x81\xf5\x2b\x81\xe1\xca\xe9\x48\x48\x10\x6e\xa6\x1a\xd3\x85\x61\x9f\xb2\x7d\xa5\xc9\x4d\xbc\x57\x10\x51\x68\xce\x9d\x32\xab\x30\x68\x87\x91\x18\xd3\xa2\xc0\x1d\xc3\x60\xb9\xe3\xd3\x7f\x38\x25\x6e\xa3\x0e\xa7\x7d\x10\xc8\x51\xf6\x69\xdf\xf8\xd8\x7e\xac\x4a\x42\xb7\x87\x6e\xf7\x63\xdd\xb6\xb1\x16\x82\x22\x05\x10\x3b\x86\xa5\xba\x88\xc6\xa4\x11\x58\x7c\x2a\x5f\xad\x4b\xb4\x6c\x5b\xd7\x55\xcf\x72\x88\x6f\x56\xf1\xea\x11\xb7\x0d\x14\x5a\x0f\xce\xd1\x52\x0d\x34\xe5\x18\x08\xe2\x76\x11\x01\xd5\x34\xfa\xb0\xf9\xd6\x37\x97\xa2\x02\x06\x00\x95\x77\x1d\x02\x0f\x89\xe5\x2f\xf3\xab\xdd\xd2\x96\x6d\xf3\x03\x00\x14\xbb\xdb\xc3\x05\x6e\x77\x89\x5c\x11\x43\x68\x2d\x24\xed\x26\x8b\xf5\x73\xaf\x1b\x9a\x19\x49\xee\x97\xf0\x3e\x15\xbc\xdc\xe5\x30\xe4\x15\x41\x5e\x14\xb3\x60\xf0\xda\xf8\xf2\xf9\x33\x5a\xd6\xa8\xc7\xcc\x72\xfe\x96\x83\x78\x0e\x29\x0c\x04\xed\x72\x43\xb4\xf2\x65\x1c\xd4\x9a\x0d\x8a\xb4\x68\x96\x8b\xc5\x98\x0e\x7e\xd1\xf2\x09\x2c\xb2\x90\x4a\x0d\x91\x3f\x7b\xca\xad\x20\xf3\x28\xaf\x25\x48\x22\x3e\x42\x2d\xca\xb1\x36\x42\x82\xc1\xda\x9d\x04\xa0\x79\xdd\x5e\x7d\x7c\xdd\x24\x21\x3c\x6d\x6b\xa0\xee\xbd\x64\xe9\x17\xf7\x72\xfb\xf4\xd1\x03\x6f\xcf\x2c\x06\x28\x60\x18\x4c\xf9\xd5\x54\xd5\x48\xa2\x1d\x70\x36\x0f\xf7\x88\x8a\x74\x60\x9b\x88\x20\xe8\x70\x38\x12\x6d\xd7\x2b\xcb\x5a\x3f\xb7\xa9\x6b\xe1\xc4\xb1\x43\x67\x2a\x18\xd1\x8e\x24\x7d\xeb\x8c\xfe\x15\xcf\x55\x3a\x35\x8b\x30\x2d\x21\x46\x03\x52\x3d\x9f\x8f\x67\xc3\xd9\xdc\xe5\x5b\x6a\x97\x06\x15\x00\x41\x3a\x07\x81\x18\x55\x71\x4b\xe9\x06\xcd\x71\x1b\x71\xdb\xd0\x21\x36\x1f\x37\x7e\x06\xe4\xc0\x21\xb2\x03\x8f\xd1\x62\x69\x13\x1d\x32\x9b\xc7\xd8\xf8\x13\xcd\x67\xf9\xe6\x93\xcb\x75\xf2\x12\x87\x4f\xc0\x91\xd4\x07\x82\x8a\xbd\x40\xae\xc3\x76\xe7\x1e\x83\x7e\x9f\x08\x0e\x07\x49\x65\x27\xd6\x52\xe3\x08\x22\xba\x7e\x9b\x85\x2f\x37\x07\xa2\xc1\x74\x03\x01\x1c\xbc\x0b\xfd\x8c\xc9\x36\x1c\xfb\xa2\x98\x4c\x49\xd1\x67\xfc\xd0\x5a\x3b\xf6\xaa\x21\x1b\x99\x9d\x82\x79\xae\xde\xa5\x7a\x44\x79\x4e\xd1\x08\xa8\x9e\x54\x5b\x0b\xc6\xf5\x89\x20\xd8\xbc\x6d\xb4\xea\xc3\x35\xae\xdb\xce\x03\x47\x42\x9a\xa6\x2a\x8d\xd2\x7b\xd5\x34\x9d\x8f\xbd\x00\xcb\x0b\x22\x48\x62\xd9\x75\x9b\x2c\xf7\xaa\x40\x7e\x09\xf9\x67\xb4\xf9\x13\x3e\x2b\xc5\xad\x9e\x49\x02\xd8\xda\xbc\x28\x68\x61\x5c\x32\x49\x69\x63\xbf\x1b\x4e\xf8\x89\x92\x48\x3a\xda\xd2\x69\x47\x2a\x22\x9e\x15\x46\x6b\xf0\x1d\x1b\x6c\x68\xec\xd4\xe6\xe5\x3b\x2d\x3b\x5e\xb8\xcf\x58\x63\x4c\xbe\x82\x80\x79\x03\x19\xd3\xbd\x2a\x75\x48\xe8\xe8\x46\x32\x85\xd5\x0d\x44\x7a\xa8\xd2\xba\x23\xc0\x8b\xd7\x60\x97\x87\x0b\x02\x9b\x3e\x28\x63\x8f\x57\x1b\x28\x0b\x23\x1d\xd8\xdc\xc3\x85\xb4\x7b\x4c\x53\xcb\x30\x39\x63\xda\x5b\xd0\xb2\xbc\xfa\x72\xac\x74\xd5\x96\xcd\x2f\xcc\xf6\x8d\x0e\x7f\xbc\xdc\xbb\x00\x37\xd2\x80\x6a\x5b\xbe\x48\xbb\x92\x76\x32\x7f\x02\x90\x61\x87\x6d\xd5\x35\xd6\x83\xb3\xe4\x84\x3c\x71\xef\x81\x2e\x57\xaf\xaf\x4a\x7c\x59\x51\xb5\x42\x4e\x7f\x22\x7a\xe5\x00\xc0\x8d\xe8\x3a\xb4\x41\xd2\x4e\x56\xaa\xab\x54\x4b\xb5\x02\x50\x6a\x0b\xd6\x3d\xa2\x45\x1e\x66\xd2\xb7\x6f\xfe\xce\x28\x33\xbd\x2d\x06\x08\x36\xd3\xd3\xc2\x6d\x01\xae\xcc\x02\xa7\x69\x9a\xb8\xc3\xc0\x1a\x09\xfb\x25\x35\x3a\xd9\xed\x34\x6a\xe4\x2e\x43\x3c\xf9\x49\x12\x04\xb9\xd7\x0c\x89\xc9\x55\x42\x38\x65\x09\x98\x17\x63\xd4\xc7\x42\x75\x09\x27\xf9\xbc\xdd\x31\x5a\x49\x73\xec\x60\x0f\x96\x47\xb5\x07\x44\x01\xb6\xf5\xde\xf7\x32\xcc\x40\x80\xbd\x1f\xbc\x9c\xda\x52\xaa\x07\x11\xa9\x02\x4d\x1f\xf4\x3d\xce\xf6\xba\xbe\x75\xfa\x39\x57\x52\x41\x72\x95\x15\x23\x34\xd8\xf0\xd1\xd5\xb9\x48\x4f\x0a\xf4\x84\x2a\x34\xb9\xf9\x12\x3a\x4c\x28\x34\xb1\x4b\x83\x09\x7c\x0f\x01\x43\x81\xc9\xdb\x7e\xb3\x2f\x08\x00\xad\xc7\x8d\xee\x82\x8a\x4f\x01\xa6\x94\xde\xa5\xe2\x1e\x10\x1c\x78\x02\x3c\xc4\x2f\x5a\x67\x3e\x78\x19\xbd\x03\x57\x7c\x6e\x2c\x4f\xcb\xbd\x2d\x29\xe9\x6d\x81\xf5\x99\x14\xe8\xe9\xda\x8f\xca\x5d\x14\xd1\x19\x52\x4e\xdd\xf1\xca\x4a\x98\xe8\x14\x04\x75\x1e\xc1\xca\xe0\xb4\xec\x7b\x8b\x18\x17\x47\xb4\x90\xcc\x61\x46\xee\x0a\x80\xc4\xbb\x3c\xbc\x70\x97\x08\x9d\xec\x1a\x72\x7a\xd6\xde\xa4\x82\x15\x30\x2c\xdb\x3a\x5c\xa2\x8b\xa7\x55\x66\x2a\xf2\xfc\x09\x85\x62\x85\xeb\x0a\x7a\x0a\x11\x2f\xd3\xc4\x26\x88\x8f\x5d\x72\xe2\xd0\x67\x34\x76\xd2\x8a\xa2\xc8\x5d\x58\xc8\x87\xae\x6c\x1e\xb5\x4d\x83\xfa\xf0\xea\xe5\xcf\x37\x3a\xc6\x47\xcf\x79\x61\xa2\x60\x04\xd1\xc1\xcb\xf2\xcc\x19\xb3\xba\xc9\x8f\x3c\xd3\x34\x0d\xde\x41\xd1\xb9\xd5\xf3\x72\xa4\xdd\x25\x05\x01\xb7\xba\x54\x92\xe0\x9f\x02\x4c\x6d\x46\xe7\xdc\x4f\x2a\x4e\xce\xc4\xe1\xda\xeb\x00\xe7\xc3\xe2\x03\x74\xbc\xb6\xf6\x8e\x0d\x5e\xa8\xca\x31\x9a\xad\x78\x6d\x55\xfc\x0d\x45\x08\xe8\x5d\x1e\xae\xac\x15\x63\x13\xd7\x6d\x20\x3c\x9f\xba\x73\x48\xa2\x11\xc8\x38\x5d\x4d\x62\x97\x73\xab\xdb\xc8\x5e\xde\xb1\xfd\x2a\x56\x10\x31\x1c\xe1\x19\x5c\x0d\x03\x1c\xe4\x07\xd5\x5c\x94\xa7\xdd\xb9\x63\xb3\x6e\x00\xea\x47\xee\x1a\x28\x02\x29\xb7\x89\x06\x9f\x56\x16\xb7\xec\xe5\xa2\x80\x9f\x31\xc4\x55\x7d\x2e\xf2\x24\x7e\xda\xc6\xe5\x48\x96\x03\xdb\x3a\xb5\xe1\xc6\xf0\xee\x2a\x76\x3b\xdc\xc9\x03\x92\x8c\x0a\x73\x76\x26\x8b\xa2\xdb\x30\x54\xa2\x01\x0a\x52\x26\x9a\xd0\x64\x96\xd2\x6b\x66\x59\x9a\x65\x1b\xe3\xb2\xf7\xc8\xc3\x16\x7d\x80\x22\x02\x06\x7b\xd1\x90\x8b\xcf\xf8\x49\x37\x81\xdc\x14\x02\xa0\x5f\xb3\x64\x63\xc3\x77\x34\xeb\x5f\xf5\x75\x8d\x9c\x9e\xb3\x91\xa8\xc5\xfb\x9b\x61\x28\xbc\x17\xb7\x77\x61\x71\xa4\xf8\x1e\x81\xd4\xce\xe9\xaf\x49\x10\x92\x7a\xae\xf7\x24\x29\x3d\xce\xf2\x35\x82\x33\xb6\x6b\xb1\x9e\x32\x2e\x19\x8d\x5b\x81\xba\x33\x88\x23\xb5\xf2\x91\xa1\xe4\x32\x69\x19\xc7\xf4\x8f\xf0\x63\x26\xd5\x2d\x84\x5a\xac\x61\x77\x69\xdf\x4f\x04\x0a\x09\xa1\x44\x3b\x99\xa0\xb4\xcb\x4d\x05\x0b\x20\x07\x68\x6f\x84\x7d\x08\x5b\xfb\x88\x97\xa2\x97\x5c\x4f\xb3\x7b\x52\x93\x59\x62\xf1\x14\x10\xaf\xbc\xce\x81\xea\xd9\x70\xe8\xfd\xd4\x5a\xc2\x46\xe0\xc5\x61\x72\x8e\x12\xd6\x9b\xf0\x5e\x2f\x18\x9c\x37\x77\x3d\xe9\xc0\xe7\x45\x68\x62\xb8\x7e\x86\x06\xb6\xf8\x67\x78\x0a\x98\x30\xa1\xd3\x51\x23\x08\x41\x57\x0e\x9e\xca\x21\x7c\xdd\x0a\x14\x00\x70\xc5\x79\x20\x8d\x50\x6a\xf2\xb8\x14\x45\x91\x21\xb4\x52\xcf\xd2\x09\xdc\xe2\x44\x3f\xa1\x9c\xa7\x75\x56\xfa\xac\x47\x9c\x09\xa7\x44\xb6\x22\x51\x1b\x55\xe6\x2c\x71\x37\x1a\x8c\xf0\xc5\x87\xdd\x31\xab\x28\x71\x19\x3d\xb5\x19\xf7\x64\xc5\x42\x20\x90\x10\x92\x9c\x9e\x77\xed\xcc\x45\xa3\x34\xa1\xcd\x23\x41\x4a\x32\x92\x10\x51\x5c\x83\x5f\x80\x4c\x74\x20\x48\xbf\xdc\x4f\xc6\xe7\xf8\xef\x7e\x0c\x4c\x31\x14\x5c\xf7\x31\x11\xb8\x67\xa9\xdd\x13\xe4\x99\xa3\x28\x81\x9a\x14\xc6\x5f\xc2\x44\x3b\x9e\xdb\x78\x40\x15\x8f\xa7\x48\x98\xc0\x30\x9c\xbb\x0d\xad\x8b\x12\xcb\x38\x17\xd0\x78\x9a\x4f\x70\xa4\xf3\x8b\x02\x77\x3c\x84\xfa\xda\x3d\x44\x8c\x1b\x1b\x4a\xf2\xb7\x1d\xa7\xc9\xc5\xb6\xcc\x75\x64\xc5\xe7\xb4\xb1\x1d\x56\x45\x46\xa2\xe5\xba\xbb\x40\x09\xec\xe0\xc9\xcb\x96\x6f\xfa\x5d\xda\x21\x7f\x13\x76\x65\x9e\xd4\x69\x02\x57\x7d\xeb\x4d\x4d\x50\xec\x07\x00\xd0\x38\x82\x09\xdc\xab\x27\x74\x16\x94\x44\x2e\xf5\xe5\xf2\x7d\x37\x7b\xbb\x37\x00\xb6\x3a\x12\xa1\xd4\x1c\xeb\x1f\x34\x45\x91\x97\xfd\x62\xb6\xd2\x50\xf5\x4b\xd6\x8b\xe4\xb4\x05\xb1\x74\x3c\x04\x0b\xf0\x1f\x83\x4c\xed\x00\x82\x42\x61\x5a\xba\xb0\x15\xae\x57\x91\xe6\xcd\xde\x4f\x75\x81\xb3\xa1\x65\x52\x76\x9d\xed\x2f\x97\x4f\x9d\x97\x14\xdc\xe6\x40\x61\x86\xa6\xab\xfa\xea\xd2\x66\x81\xb8\x33\x75\x58\x03\x37\xe7\xb2\x6b\x3b\x7a\x9e\xf0\xa8\x99\x85\x02\xe2\xad\xc4\xdd\x6e\x3c\x4d\x83\xa2\xeb\xca\x2c\x91\x0c\x70\x0c\x14\x9a\x02\x2b\xcf\x52\x40\x48\x14\x0f\x1f\x75\xd8\x30\x29\xf7\x6d\x9c\xe3\x25\x2c\xe5\xd9\x6c\xb7\x28\xf5\x9a\x01\xc1\x4a\x5e\xf9\x7c\x8d\x2a\x9f\xf3\x5a\x7c\x39\x21\x0c\x42\xa1\xbe\x40\x57\x74\x4b\xbc\x4e\x4b\x45\x11\x92\xec\x7a\xf4\x88\x95\x58\x32\xca\x4f\x4e\xb7\xf7\x6e\xbc\x74\xbc\x2d\x44\xfb\x5f\xe1\xc5\xd0\xf4\x2e\xd9\x17\x74\xb9\xc6\xde\xf5\x8e\xf5\x07\xda\x19\xa8\x36\xf9\xb1\x88\x5d\x79\x24\x1f\xbc\xa6\x30\xba\x93\xb8\x19\x0d\x01\x27\x2b\x11\xf7\xb3\xcc\x00\x2c\x7f\xe5\x9f\x01\x0f\x16\x45\xd6\x6b\xec\xd8\x70\xdd\xbd\x83\xae\xd7\x0e\xa2\x9a\x8b\xc4\xdc\x9f\xdf\xf6\x23\x8c\x4a\x93\x39\x40\x03\x77\x2a\xbf\xc3\x7a\x95\x90\xe4\xe9\xc4\xbc\x79\x70\x90\xb8\x4d\xf7\x65\xc5\x81\xeb\x14\xfa\x42\x45\xf8\xcd\x40\x20\x00\xd6\xdd\xb1\xcb\x16\xd9\x6e\xc3\xce\xa8\xb2\x45\xd3\xcd\x89\x13\xb2\xe0\xac\x9e\x7a\x72\x65\xc9\x7f\xcc\xd3\x3c\xb3\x91\x03\x99\x0f\x63\xdc\xe2\x6e\x5c\xe4\xbe\x82\x87\xbe\xc0\xa6\x3b\xa7\x48\xf5\xed\xae\xed\x04\xbc\x43\x15\xda\x3b\xcf\x54\x83\xe8\x0c\xa1\xbd\x54\x98\x77\x5c\xb5\xc7\xf9\x2e\x6d\x2a\x9c\x0f\x90\x0b\xa4\xc6\xd5\x3f\x91\xa8\x14\x58\xbe\x5f\xd4\xf7\xfa\xc9\x00\x9a\xcf\x96\x00\xd5\x6b\x81\x65\xbb\xab\xaa\x69\xcf\x60\x99\x33\x4b\x1f\xc8\xb7\x9d\x20\x3a\x90\xf9\xb6\xa0\xd9\x33\x15\xd9\x3a\x9c\xe5\x7a\xce\xea\x76\x18\x9e\xeb\x80\x1a\x57\x25\x68\x69\x7d\x84\x90\x40\x01\x8c\x9a\xe7\xc2\xb7\x9d\xd5\x75\xe7\x8a\x8b\x4c\x58\xdd\x10\xe7\xdd\x80\x64\x53\x22\x47\xcc\xa4\x74\x95\xe9\x0b\x82\xbd\x06\xa2\x58\xe3\x4a\x6b\x82\x41\x92\x6c\xd7\xc6\x29\xc4\x9d\x72\x05\x22\xde\x01\x6d\x48\x10\x70\x8b\x75\xb0\x27\x01\x2a\x11\xd9\x32\xbd\xee\x2b\xec\x2b\x4f\xc7\x1b\x37\x87\x88\xf6\x5d\x5f\xa0\xb5\x81\xe2\x3b\x94\x37\x10\x96\x8b\xd5\x2d\x8e\xc3\x96\xad\xde\xf6\x64\xb2\xfd\x1a\x3b\x20\xd8\x70\x20\x5a\x3d\x29\xf0\xc5\x3d\x20\x8e\xb5\x3b\xb6\x08\xfa\x1a\xcb\x50\x10\x1f\x81\x6e\x88\x5d\x6f\x35\xdd\x5c\xdf\xa6\x05\x87\x28\x84\x3a\xed\x6b\xf9\x99\x03\x8d\xa3\x9f\x89\x6d\xc2\x66\x4f\xad\xcb\x63\xf1\xc6\x15\x49\x12\x58\x1d\x9f\x48\xde\xa1\xcf\xc6\x4e\x26\xb3\xd0\x85\xb4\x28\x10\x3c\x05\xb2\xf8\x65\xc2\x1c\x1d\xda\xc2\x1f\xb4\xb0\x95\xeb\xe2\x21\xb0\xb6\xdf\xc8\xb9\xeb\x09\xaf\x97\xd1\xd5\x7a\x40\xa2\x33\x0c\xd5\x8c\x2e\x53\x94\x8b\xec\x23\xe3\x53\x61\x5b\x08\x95\x2b\x47\x4f\x15\xca\xc2\x11\x8a\x00\xa2\x35\x3b\xd3\x83\x6d\x45\xd5\xee\x5a\xf5\xb1\x7e\x2f\x89\xe0\x38\x83\xa9\x81\x06\xc5\x19\x30\xb0\x80\x71\x3c\x77\xbd\xc8\x0a\x9a\x3d\x0d\x44\x13\x65\x9b\x3a\x6c\xe5\x75\xf3\x83\xd3\x3e\x00\x70\x9c\xef\xfd\x40\xac\x23\x4c\xe0\xd1\x99\x34\x57\xee\x5a\x8e\x13\x9d\xa9\xc2\xc7\xec\x5a\x6c\x0a\x89\x82\xa0\x31\x24\x21\x62\x85\x51\xfe\x9a\x59\xd3\xeb\x33\x6f\x0e\x6b\xc8\xaf\x75\xbf\x6d\x64\xea\x23\x00\xe5\x7a\x9a\x83\x81\xba\x83\xaa\x5e\x9c\x78\x0d\x9e\xe7\xfe\x78\x4c\xde\x04\x03\xc9\x03\x2f\x23\x76\xa7\x7b\x52\xef\x48\x72\x3d\x81\x0b\xb2\x65\x71\xae\xde\x57\x1b\x06\x29\xb3\xe3\xa9\x68\xe6\x1f\xf8\xd5\xea\x2c\xaa\xa8\x4c\xac\x40\xc9\x6c\x26\x75\x9e\xef\x29\x3a\x37\x6a\xa9\x0a\xe7\xce\x19\x8e\x79\x52\x5e\x3e\x6f\xdc\x6b\x04\x01\xc1\x9d\xf0\xb3\xd8\xaf\xa9\xf1\xd6\x39\xcd\x51\xf9\x68\xa2\x75\xb7\x76\x87\x38\xe1\xdb\x77\x09\x37\xb6\xc8\xbb\x81\x2c\x40\xbf\x00\x89\x40\x82\xae\xd1\x89\xb2\x29\x08\x9e\x6d\xe6\x54\xd9\x43\x4d\xbc\x78\x2a\x36\x94\xec\xb6\x69\x4a\xf2\xb8\xc5\x27\x8a\x2a\x46\x3c\x0f\x1e\x89\xd6\x9e\xe1\x76\xf5\x54\xbf\x1b\x62\x93\xcf\xc6\x7d\x5f\x36\x6f\x29\xdc\x6a\xb1\x51\xe4\x80\x13\x6d\x84\xd3\xd9\x56\xb1\x69\x5c\x87\xd9\xef\xd0\xa9\x81\xc9\x6c\x05\xf2\x4e\x3e\x21\x20\x5c\xff\x3f\xaa\xae\x63\xcd\x55\xa4\x59\x3e\x10\x8b\xc2\x43\x2d\x25\x21\xe1\x8d\xf0\xb0\xc3\x7b\xef\x79\xfa\xfb\xf5\xf9\xe7\xf4\xcc\x5d\xb7\x3e\x75\x43\x55\x66\x46\x64\x46\x46\xcf\x58\x36\x7e\xaa\x33\x5c\x77\xbd\xe7\x3b\x9c\xa6\x65\x5b\xfe\xf6\x88\x34\xaf\xee\x08\xe0\xae\xe5\xfa\x88\xe9\x48\x90\xe8\xdc\x01\xc0\xb9\x66\xc8\xbb\xb9\x40\x41\x4a\xdf\x81\xe8\xaf\xcb\xca\xff\xd1\x17\x73\x0f\x01\x32\xd1\xe6\xad\x64\xf8\xb6\xcc\x21\x43\x00\x03\xe9\x77\xc0\x5d\x1f\xdc\x7b\x1c\x1f\x29\x71\x08\xa2\xf7\xfb\xef\xe2\x2b\xe5\x91\x08\x7a\xbd\x33\x20\x5f\x69\x6c\xe7\x4f\x7c\x9d\x23\x0c\xd2\x6c\xe2\xd3\x48\x3d\x71\xa2\x25\xf6\x12\x9a\xb5\x4e\xe1\x56\x03\x21\x5f\x0b\x0b\x3c\xcc\x6a\xac\xcf\x35\x54\xe2\x65\xc0\x7a\x5d\xb7\x17\xe4\xa4\x6d\x56\xde\xa7\x6a\xcb\x6e\xb4\xe1\x44\x8c\xae\x72\x3d\x4d\x63\xe4\x62\xe7\x26\x1c\x64\xb0\x32\x7b\xca\x20\x60\xa7\x6a\x86\x61\x18\x74\x58\x76\xb8\xc7\xb8\x54\x39\xbd\x74\x7d\x9b\xa7\x5e\xa5\xdf\x08\xf8\xeb\x35\x9d\x65\x7a\xd7\xac\x57\xa0\x7c\xe1\xe4\xef\x63\xfe\x33\xf6\xf8\xdf\x99\x3c\xf6\x1f\x0c\x94\x22\x4c\x34\xb0\xf5\xf7\x63\xfa\xed\x84\xa5\xee\xb3\x4f\x19\x14\x2a\x76\xcc\xf4\x18\xb6\xdf\x6c\xd1\x1b\xfd\xbd\xb6\x8b\x36\x22\x20\xef\xe0\xce\x90\x02\x44\x88\x7c\x27\x26\xcc\x9b\x8e\x41\x7e\x15\xca\xb6\xf0\xd1\xea\x76\x9b\xac\xda\x0e\xaa\x0d\xf1\x0b\x52\xa3\x3c\xfa\x33\x39\x64\x84\xf9\xf5\x51\x7e\x7d\x91\xec\x2e\xcb\x15\xb9\xc7\x71\x4c\x21\x49\xaf\xdc\x5f\x42\xbf\x6f\x8c\xc8\x18\xc2\x42\x7d\x65\xbe\x11\xbc\x5b\xb1\x10\xd9\xd5\xb0\xd7\xf8\xb0\x89\x1f\xab\x55\x40\x23\xc3\x5e\x16\xbb\x37\x94\x64\xb3\xdf\x83\xd5\xb9\x08\x4b\x16\xf7\xaa\xd1\x9c\xe3\x4b\xf4\xf9\x3b\x4f\x62\xc5\x15\x22\x07\x40\x61\xee\x2b\x06\x4e\x91\x9b\x4e\x97\xcc\x17\x0c\x30\x1f\xbf\x91\x20\x6d\xf1\x46\xa6\x29\xbc\x33\x0c\xe6\x3e\x35\x42\x8e\xa8\x92\x5e\x42\xd9\xc4\x00\x42\xd7\xe1\x60\x48\x95\xa9\x1a\x26\xe5\x71\xcd\x88\xd5\x8c\x4a\x84\xaf\xdb\xea\x76\xfb\x57\x21\x8d\xf6\x7f\xfb\x18\xc7\xf0\x79\x46\x2c\xd1\x3d\x83\x85\x88\xd7\x63\x70\x14\x9b\x42\x59\xdd\x46\x21\x13\xb0\xe5\x0f\x97\x20\x56\xfa\xa6\xa0\x25\x35\x57\x37\x4e\x59\x3f\xd2\x5f\xc1\x11\x24\x57\x6e\xc3\xcb\xf1\x84\xbd\x9b\x8d\x93\xdb\x20\xb6\x0d\x90\x0f\xf8\xe0\x91\xcb\xc5\xb3\xfc\xb7\x5f\x83\x1c\x38\x82\xef\xfb\x4c\x71\x4d\x65\x53\x25\xc3\x94\xc8\xb6\xc9\xd5\x30\xbe\x46\xe8\xd1\xac\xc1\x61\x3c\x8c\x62\x5b\x8e\x6c\x09\x65\xe8\x28\x28\x47\x04\x58\x12\x79\xa5\x38\x93\x0e\xa1\x70\x22\x79\x4f\xb1\xf9\x57\xc5\x24\xdb\xe9\xc6\x69\x22\x25\xa6\x70\x0b\x55\xaf\x08\x83\x78\x02\xf6\x89\x63\xf9\xe1\x8e\x74\xd6\xc5\x5a\x87\x6c\x7f\x94\x7f\xe5\x7c\xa1\xe7\x93\xfb\xa2\x1a\x93\x6e\xf8\x36\xd3\x5b\xae\x11\x10\xf1\x3f\x67\x32\x08\x36\x1f\x72\xb2\x56\x8b\x0c\x3d\x5f\x98\xaf\x72\x03\xbd\xf5\x4a\x5b\x4d\x0f\x96\xfc\xa6\xcf\x5f\x6d\x81\xfe\x64\x4e\x92\xce\x37\xa1\x3e\x9b\xfd\xae\x7f\x80\xeb\xff\x6a\xb0\x1b\x09\xde\xa0\x29\x57\x33\x5e\xc9\x6e\xe8\xc4\x3d\x2c\x06\x8b\x34\xcc\x53\xc3\x53\x92\x42\xde\x8c\x4b\xa7\xc6\x47\xb2\xdc\x6e\xb9\x9b\x02\x2f\xc5\x1f\xa8\x76\xaa\xa9\x90\x1b\x27\xf7\x76\x08\x50\x9f\x03\x5a\x66\x86\x79\x87\xbc\xdd\xd8\x76\x9e\x13\xda\x6c\xe1\x2b\x91\x32\x31\x34\x91\x7e\x64\x52\xe6\xc6\x91\xb9\x6c\x73\x5d\x78\x95\x81\x70\xbd\x1c\x93\xcf\xfa\xd1\x4d\x63\x9f\xed\x51\x4c\xd7\xcf\x73\x8c\xa2\x4e\x2a\xfc\x96\xd6\x51\x31\xf9\x8b\xcf\x0e\x35\x69\x2c\x7f\x1e\x5b\x37\xed\xc3\x2e\x6e\x04\x30\xe3\x38\x4e\x49\xb6\xd3\x48\x77\x1c\xf7\xd4\x16\x77\x14\x92\xe4\xb8\x00\x1e\x33\xad\xaa\x5c\x41\x23\x8b\xa7\x0b\x17\xe2\x4d\x93\x5c\x88\x95\xae\x79\x6a\xad\x58\x13\x3d\xcd\x86\x49\x8e\xf2\x2b\x81\x44\x77\x67\xd9\x9a\xa5\x62\x5e\x3d\x9d\x4f\x19\x74\x9f\x68\x26\xe2\xe7\xf9\x45\x0c\xaa\x5c\x99\xcc\xdf\x11\x8d\xdc\x5d\x9a\x3f\x97\x08\x22\x77\xd6\x50\x9e\xdb\x85\x9e\x2b\xf9\x54\xcc\x3d\x22\x0e\x47\x88\x91\xd6\x2f\x27\xc7\xeb\xb8\xe5\x09\x73\x18\x3c\xf6\x71\x29\xc5\xef\x9c\x49\xb8\x96\x29\x6f\x5f\x69\x80\xbe\x4a\x6c\x68\xa4\x2b\x4f\xb7\xce\x55\x64\x03\x79\xe5\x28\xa5\xd7\x75\x9f\xe5\xfa\x9d\x06\x04\x99\x9a\xa1\xdc\x2c\x78\xae\x0b\x35\x76\x85\x3a\x5f\x99\x99\x98\x1b\xe6\x3b\x13\x36\x0a\xd5\xeb\x8d\xd9\x06\xe9\x3a\x3b\x10\x2e\x55\x83\x69\xb6\xdb\x7c\x98\x33\x9a\x5d\x8a\x00\xbe\xd7\xdb\x14\x19\xf1\x66\x7f\xd2\xe8\x03\xef\x70\x62\xc7\x89\x55\x28\x9b\xcc\x53\x5c\x76\x03\xb3\x36\xa1\x98\x64\x4f\xf4\x38\x13\x3c\x4d\xdc\xba\x16\xcd\x5a\x24\xb3\xb3\x22\x5e\xef\x3a\x7b\x3e\x3f\x45\x7a\x4a\xff\xe8\x19\xb8\x63\x8e\xe6\x29\x6a\x7c\x9e\xf0\x39\x8e\x0b\x4f\x24\x83\xb9\x37\xc7\x79\x92\x4d\x8b\xfa\xc0\x70\x36\x33\xf8\xd3\x26\xee\x6b\x34\xd3\xfc\xa3\xb0\x7d\x84\x45\x3b\xba\xed\x5c\x81\x23\xdb\x4f\xe2\xbb\x9a\x51\xf9\x12\xf7\xd3\x44\x43\x3e\xdf\x59\x01\x9c\xa2\xfb\xb1\x7c\xce\xe3\xd6\x2c\x07\xa8\xcd\xdd\x90\x5d\x62\xd7\x65\x25\x32\xe0\xc4\x00\x9b\xae\xbd\x15\x60\x3e\xc3\x6f\x0c\x93\x9c\x15\xad\xbf\xba\x85\xc7\x33\x5f\xda\x62\x69\x2f\x1a\xbb\x6c\xb8\x79\xed\x3c\x81\x1f\x58\x28\xc0\xc0\xd3\x0a\xa2\xdf\xcb\x6e\xac\x0e\xe1\xfb\xa7\xb5\x7e\x0f\x06\xc1\x90\x1c\x01\x08\x48\x4e\xc9\xe8\x1b\x98\x58\x89\x95\xdb\xba\xde\x73\x85\xef\x99\x01\x25\xb2\x3e\x58\x2f\x73\x38\x67\x35\x2c\xb0\x07\x0c\x41\x85\xfd\xac\xd2\xfa\xdd\xb0\x00\x4c\x1d\x01\x91\xc3\xdc\x5f\xc9\xec\xd2\x97\x58\x8b\xd7\x37\x87\xc7\x1d\x22\x0b\x2b\x14\x70\x7e\x0f\xfc\x07\xbf\xfe\xb9\x87\x52\xae\xf7\x32\x6e\x03\xf8\x39\x02\xef\xc8\xf2\x13\xe1\x8e\x9c\x7b\xaf\x14\xfd\x8d\xe3\x12\x66\x20\x45\x90\x59\x10\xca\x23\x12\x4c\x9d\x91\xa6\x65\x72\x9f\x83\x5a\x76\x7c\x40\xe9\x76\x37\x8e\x4a\x15\x60\x3e\x13\x22\x05\x1a\xbb\x13\x96\x49\x09\x0c\xb8\x21\xaf\x2f\x1f\x90\xcc\x02\x11\xb6\xd5\x4d\x9e\x56\x7c\x1a\x66\x8b\x5f\x11\x60\xe3\xa2\x78\xce\xdb\xd7\xeb\x58\xac\x22\x70\xff\xe9\x69\x72\x85\x85\xe7\x33\xbd\x39\xb9\xc6\x35\xd4\x14\xbf\x8e\x42\x8f\x40\x88\x74\x57\x68\x2e\x78\x3c\x9a\xeb\xa6\xc5\x1e\xd6\xb0\x10\xb6\xa5\x52\x31\x15\xd5\xa9\x9f\xc2\x53\xa8\x25\xb2\x9f\x1a\x1b\x0f\x58\x04\xca\x07\x6d\xe0\x08\x1c\xb0\xfd\x12\x9a\x0b\x11\x0c\xc3\xd8\x17\xc2\x26\x4e\x85\xd2\x90\xe4\xe7\xb3\x93\x4b\xef\x2e\xf2\x58\x49\xfe\x48\xa7\x93\x7f\x96\xfe\xdf\xfc\xf1\xb8\x89\x14\x85\x03\xad\xd7\xec\x80\x30\xe1\xea\x4c\xcb\x22\x1a\x99\x71\xda\x35\xbb\x50\xc4\x9f\xf1\x7d\x0e\xe8\x59\xeb\xa3\x85\x15\x71\xea\xe5\xca\x54\x38\x6b\xd2\x5c\x74\x9f\xcb\x96\xa3\xa8\x29\x55\xa2\xce\xaf\x00\x1a\x3e\x61\xb7\x0b\x76\xd5\x7d\x4d\xa2\xf2\x7b\xcf\x73\x5e\xd1\xc6\x55\xbb\xc5\xf8\xa7\x0e\xb4\x16\x95\x8b\x06\x4e\x29\x11\xb2\xa3\x90\xfb\x2a\xef\x82\xff\x6d\x4a\x92\x9c\xd6\xd3\xa7\x1d\xe8\x66\x91\x0a\x2e\xe6\xb9\xcd\x7c\x1b\xd7\x83\x50\x70\x90\xa6\xd9\xde\x08\xda\xa7\x5b\x08\x62\x95\x31\x96\x4a\x73\xb9\xe9\x1e\xb8\x54\x0f\xe4\xa6\x5c\xac\x52\x2f\xdd\xea\x2b\xcd\x15\x29\x12\x22\x10\x73\xd3\x38\x69\x23\xcc\x3c\x32\xef\xb4\xd2\x83\x9d\x2d\x35\x67\xa2\xeb\x31\x1c\x52\x41\x14\x72\x8c\x32\x24\xea\xa6\xce\x35\xa8\xbf\x45\xf1\x9b\xff\x35\x70\x64\x33\xaa\xd5\x0e\x71\xd5\xd8\x46\x25\x85\x1b\x92\x4e\x46\x33\x79\xc0\x84\x4f\xc6\x24\xfd\x07\xcb\x06\xd8\xee\x8e\xf8\xf6\x9e\xd5\x72\xc2\x92\xcf\x81\xa9\x34\xf4\x67\x88\x56\x9e\xe2\xa5\x64\xde\x8e\x9d\xbb\x7a\xd5\x49\x48\xd8\x18\x77\x0c\xc2\xb6\x10\x58\xc9\x99\x52\xdc\xfb\x54\x23\xaf\x7d\xf5\x27\x9e\x49\x14\x2b\x3c\xf8\xcf\xef\x73\x3f\xb7\xb4\x77\x31\xdb\xc1\xd4\x8b\xa3\x67\x3b\x4a\x1a\xd9\x60\x19\xf9\x1a\xbd\x73\x89\xdf\x17\x87\x8c\xa8\x3e\x03\xec\xf6\x80\x87\xc1\x44\xc1\x25\xae\x19\x65\x9b\x05\xca\xf9\xe8\x61\xfc\xa9\xce\x60\x4a\x26\x0a\xfd\x6a\xc5\xc2\x9c\xef\xb9\xbd\x1d\x42\x23\x00\x76\x61\xf0\xd4\x9f\xc7\x4b\xeb\x6c\xf7\x2a\xfd\x8b\x83\xb3\x89\x5b\xfd\xb2\xd8\xc6\xa3\xa4\xfe\xf6\x65\x9f\x2c\x49\x5c\xdc\xa3\x5f\x78\x8b\x9c\x14\xf1\x12\xab\xc8\xa0\x04\xb4\x9b\x30\xf9\x5a\x5c\x9c\x7b\x43\xc3\x26\xe0\x1d\x41\xb8\xc7\xfa\xed\xb0\xaf\xec\xa9\xf2\xbd\xec\x1f\x45\xfa\xf0\x66\x97\x86\x66\xa8\x9d\x37\xcc\xfd\x1c\x49\xd7\xdd\xa2\xc4\xc6\x6b\x0c\x0b\x5d\xff\x30\x88\x46\x68\x2d\x6b\x54\xa3\x2e\x6c\x83\xfa\x51\xf8\xbf\xfc\x4b\xa3\xa6\x48\x61\x0b\x20\x7f\xfa\xd2\x47\x6a\x03\x9d\x3c\xb9\xe6\x96\x53\xcd\x79\x6c\x26\x4e\x2c\x17\xce\x64\x15\x83\xa5\xe3\x40\x1e\x89\x87\x4a\x3c\x7a\xed\x5a\x4e\xd5\x6a\x06\x6b\xb6\x26\x86\xb0\x28\x51\xca\x42\x32\xc1\xe9\x4c\x9d\xd9\x2a\x31\xee\x60\x31\x01\x82\x10\x88\x98\x3d\xb5\x60\x58\x9e\xb6\x5e\x6e\xae\xce\x2f\x4a\xf7\xfc\xbb\x3b\xfb\x7a\x70\xc7\xa1\x72\x9f\xb1\xcd\xd1\x32\x0d\x1a\xe9\x95\xf6\x11\x1e\xc9\x28\xe9\x12\x50\xef\x79\x49\x6e\x85\xf5\x8a\x5c\xb8\x33\x90\x65\xd9\xc0\x16\xc8\xf3\x33\xa5\xf5\x37\xba\x13\x59\xae\x16\x0e\x9a\xed\x52\x11\x45\xfa\x2a\x48\x9d\x7b\x0e\xda\xb3\x17\x06\x47\xf7\x05\x66\x69\xd3\x3c\xcb\x7c\xd7\xc5\x48\x33\x0e\xc4\xe9\x5a\x56\x54\x1f\x09\xb5\x60\x42\x22\x55\xca\x44\xf9\x81\xac\x26\xf7\xdb\x43\x30\xfa\x57\x39\x3a\x3e\xf2\xfd\xfa\xea\xab\x61\x13\x03\xe7\x4f\x4f\xb5\x46\xe9\x52\xeb\x2f\xcb\x0b\x2d\x8c\x7d\x2c\x07\xcd\x79\xb3\x5e\x1c\x90\x2f\x48\x24\x3a\x14\x46\xe8\x79\x9d\xe4\xbc\x1c\xaa\x4f\xe8\x3e\xdf\x87\x7b\x75\xa7\x22\x7f\x35\xbd\x84\xe6\x4f\xd4\x07\xd7\x70\xb2\x44\xcf\xb1\x3b\x3e\x8b\x63\xeb\x13\xe1\xa6\x11\x5b\x45\xe5\x51\xc6\xa7\xef\xef\x7f\x38\x7b\xf1\x52\xa8\x4c\x69\xaf\x8e\x56\x01\xba\x73\x5f\xd4\xc8\x10\x04\x12\xea\xfd\x38\x4f\x6b\x95\xa6\xd5\xea\xae\xfe\x66\xd8\xbc\x42\x00\xa2\xc9\x4f\x90\x6f\x9f\x6e\x8a\xde\xa5\x68\xa1\xab\x66\x3e\xc0\x8b\x9c\xfd\xfa\x99\x83\x81\x78\xb8\x20\xae\x05\x40\x88\x8c\x1f\x28\xae\x2b\xf3\xc3\x8a\x3c\x94\x31\x9f\x71\x02\x30\x4c\xd2\x4b\x56\xf4\xa1\x9d\xf6\x93\x49\x3b\x52\x28\xce\xc4\xca\xdf\xd7\xfd\xab\xe1\x93\xaa\xb9\x0b\xbb\x90\x58\x49\xa4\xfb\xe6\xda\x95\xd0\x7a\x3d\x90\xde\x54\x80\x3c\x03\x12\xe3\x4e\x0b\xa6\x57\x21\x3f\xc9\x53\x35\x9c\xde\x46\x61\x00\x50\xdf\x94\x2b\x50\xed\x05\x1d\x0b\xf5\xd3\xd2\x9f\x5c\xeb\x58\x06\x36\xd3\x73\x85\x9e\x68\xf8\x39\x51\xeb\x26\x35\xb8\x47\x02\x77\x3c\x21\x00\x7b\xfb\x80\x57\x42\x48\x4d\x0e\x02\xe0\xec\x8b\x80\x66\x8f\x5f\xb9\x9c\x7a\xba\x26\x9e\xf5\x40\x4d\xd5\x8a\x0a\x5c\x63\xdf\x55\xf5\xf6\x5d\xcc\xfb\x94\x81\xf9\x36\xdf\x8e\xe8\x86\xc3\xe9\x20\x02\xef\x34\x94\x6e\x03\x50\x37\x0d\xaa\x60\xa3\xfc\x6d\x58\x43\x39\xab\x47\xc9\xed\x8d\x64\xf4\xfb\x29\x92\x88\x51\x13\x80\x05\xe0\x3c\xbc\x4f\x17\xa9\xda\x63\x76\xa7\x77\xf1\xec\x67\x48\xb3\x2a\xf7\x24\xe2\x15\xaf\x52\xd5\x5e\xdd\x31\x75\xda\x63\x61\xe9\x67\x4d\x22\xda\x4b\xb0\x83\x4f\xae\x1f\xc4\xeb\xf5\x4f\xeb\x55\x3d\x4d\x0f\xdb\x98\xfb\xa5\x4f\xae\x3c\x59\x64\xe1\x57\xa9\xfc\x22\x56\x90\x01\xb0\x1b\x3e\x03\x9d\x0e\xdb\xbf\xa2\xf3\x86\x9a\x9d\xe0\x3a\x46\x64\x22\x4a\xc9\x24\xae\x55\x2a\x34\xec\x07\x52\x91\xb3\x3f\x3f\x1f\x47\x64\x34\x06\x72\x0b\x06\xb8\xcb\x1e\x4a\x06\x99\x46\xcc\xfb\xe1\x43\xa8\x26\x80\x37\xd9\xfc\x43\x27\xeb\xe8\x8c\xac\x54\xd9\xc0\x3b\xd4\xe3\xf5\xaf\xb6\x96\x8a\xba\x7d\x6f\x84\xfe\xcd\xe8\xd7\x32\xc9\xc5\x90\xd8\xf3\x51\x20\x00\x54\xac\x51\x6e\xc6\x0d\x70\x04\xc3\x07\x2f\x14\x1a\x61\x44\xd8\xd4\xb4\x7f\x6a\x07\x39\x5b\xed\xaa\x7c\xc9\x45\x61\x14\x4a\x03\x20\x3b\x7c\xa1\x3e\x89\x78\x25\xf2\xbc\x3f\xa3\xc0\x8e\x1f\x9f\x98\xd1\x25\x47\x8c\xdd\x68\x27\xcc\x1c\x9c\xdf\x5e\x89\x1b\x8a\xff\xc6\xb5\xaf\xec\x90\x07\x33\xfd\x28\xb8\xf2\x77\x6e\xfb\x0a\xde\x74\x6e\xeb\x76\x41\xca\x86\x5e\xb0\xe4\x20\x9f\x59\xff\x28\x72\x82\x99\xe8\x6d\x22\xf6\x2d\x1f\x6a\x3c\x8a\xd1\x49\xcd\xaa\xa0\x97\x08\x70\x62\x1f\xa3\x5a\x65\x6f\x58\xb8\xd7\x63\xff\x89\xc1\x0e\xdb\xe2\x81\x2c\xce\xb8\x4e\x99\x12\x00\xf6\x9d\x83\x9c\xfc\x68\x55\xec\x17\xd2\x95\xf5\x4f\xb9\x6d\x00\x43\xc1\x35\xf6\xb0\xa2\xb4\x6a\x67\x6a\xe4\xd7\xb1\x36\xc2\x6c\xcd\x13\xb5\x11\x96\x58\x19\x7f\xf3\xb4\xfa\x4a\x7e\xe8\x9d\x25\xa9\x0d\x1b\xc9\xef\x83\xcc\x62\xf5\x07\xad\xe4\x20\xec\x17\x0f\x1a\x29\xc9\x92\x0b\x62\x9c\x99\x31\x33\xc8\xe1\x8c\xe1\x02\x36\xe3\x8b\x6a\x5c\x20\x3a\x0d\x55\x05\xfc\x73\x9d\x5f\xa3\xbd\x2f\xeb\xfd\x47\x13\x24\xa3\xc5\x79\xdf\x80\xf0\xdf\xd0\xa8\xa9\x42\x31\xaa\x63\x99\xe5\x54\x18\xde\x37\x2e\xdd\x80\x5e\xd2\x7c\xfe\x44\x56\x20\xae\xfd\xcd\xc6\xfc\xa9\x86\x4b\x80\x83\xee\x29\x5f\xbf\x71\xac\x5a\x71\xbe\xd0\x6e\xa9\xda\xef\xf3\x72\x46\xb1\x68\x01\x78\xb1\x17\xab\x72\x8f\x8b\x05\x28\x42\xeb\xf5\xfe\xe9\x42\x1c\x21\x5a\xfa\x87\xa7\x8b\xaa\x4b\xef\x90\xee\x72\xf0\xb1\x12\xaa\xfc\x7a\x9f\x87\x2d\xa7\x54\xcf\x5e\x59\x2c\x74\x61\x15\x20\x06\xb1\xe7\x3b\xe8\x53\xf2\xb9\x25\x96\x54\xa0\x31\xf9\xf4\xb0\x35\x4a\x37\xd4\xa1\x1c\x3e\x7d\xfe\x30\x9c\x12\xe8\xc4\xea\x6b\x9f\x5e\x16\xeb\xbf\xfa\x4c\xee\xd1\x1b\x36\x0e\xd5\x81\x1d\xec\x36\x1c\x56\xb8\xe5\x79\x3e\x8f\x1c\x38\xcb\x2f\xab\x51\x89\x17\x0a\xbd\x41\x44\x2d\xf4\x5d\x2c\x44\xe9\xcc\x95\xbf\x41\xa1\x0c\xd5\xd3\x3d\x87\xfd\xec\x7b\x82\x89\xb4\xdd\xed\x9f\x54\x41\x0a\x22\xa5\xb4\x17\x2d\xad\x7a\x10\x97\xe1\xc4\x10\x80\x21\x72\x62\x61\x85\xf2\x3d\x55\x41\x25\x5e\x6a\xf5\x45\x18\x1e\x65\x67\xf8\x7c\x68\x99\xfc\xef\xf9\xe4\x30\x67\x28\xc6\x2b\x62\x0a\xf1\xbb\x97\x6f\x2c\xca\x7d\xc3\x7d\x75\x07\xc0\x8a\x19\xa6\xc5\x7e\x15\xcb\xd9\x3a\x45\xa4\x17\x27\x02\x8b\x11\x00\xf1\xc6\xa7\x9c\xf4\xda\x8d\xf1\x93\x8b\x68\xb0\x4a\x7c\xfe\x0c\x67\x2d\x2c\xdf\xd3\xe2\x6e\xab\xa2\x30\x0c\xfa\x4e\xb6\xc5\x1a\xcd\x36\x9c\xdd\xe8\xe7\x5d\x94\xd2\x84\xec\x2b\x93\xf5\x1e\x02\x25\xa7\x38\x7f\xde\xc9\x37\x67\xf9\xc7\x7f\x3c\x05\x0e\xfd\xd4\x6c\x14\xc6\xca\x33\x0a\x9f\x2c\xa1\x5f\xa5\x52\xe2\x5d\xda\x85\x2d\xc5\x82\xc1\x31\x00\xd3\x7f\x82\xae\x5d\x3e\xbc\x28\x4c\x6c\x5e\xeb\x7e\x5f\x8d\x7c\x39\x8f\x13\x5f\x7e\xc3\x97\xf0\xd9\x66\x0c\xd9\xec\x26\x34\x78\x70\x1d\x66\xc8\xf2\x9f\x32\x88\x10\x16\x2a\x4a\x1a\xef\xe0\xe8\x4f\x16\xe4\xcd\xf5\xfd\x53\x3b\x2e\xa1\xe0\x38\xe6\x86\x9c\xfe\x72\x25\xd9\x6d\xad\xfe\xae\x0c\x02\x52\xba\xfa\x15\xfe\xf6\x19\x78\x0e\xa7\x34\x36\xe6\x9f\x4b\xcc\x9f\x68\xaa\x24\x32\xc6\xc0\x89\x62\x11\x15\xe1\x61\x75\x5b\x64\x61\x97\xf8\x36\x4d\x68\xca\x9b\x85\x99\x68\x0b\x60\x59\xaf\x7d\xca\xe5\xbb\xcf\x66\xfa\xa5\x70\xbc\x9c\x72\x53\xaa\x30\x00\x45\x9b\x1c\x99\xe8\xd9\x76\x13\x83\x3b\x2e\xd1\x91\x93\x8a\x20\x8a\x14\x4d\xfd\x20\x33\x7c\xe9\x5d\xbe\x87\x4b\xbd\xa5\xc6\x18\x24\x36\xe9\x65\xcb\x24\xcc\x57\xf2\xab\xdd\xe2\x42\xfe\x9c\x2c\xfd\xb4\x95\xb6\x27\x00\xc9\xe6\xd4\xa5\x12\x75\x8b\x60\x30\xa3\x01\x47\xba\x2f\xf6\xa8\x53\x7c\x7f\x09\xdd\x52\xb7\x27\x10\x2a\x83\x7f\x83\xf5\x3a\xa5\x4e\x0f\xda\x9c\x52\x68\x02\x92\xf4\x4f\xa2\x6d\x76\x20\xd1\x7b\xbc\x67\xf8\xd4\x92\xe5\x57\xe5\x1e\x74\x6a\xf4\x67\x78\xbf\x5b\x40\x22\xda\xf6\xe9\x0d\x93\xce\x83\x79\xd9\x6f\xf5\x94\xd4\xb0\x97\x58\x4e\xf8\x95\xdf\xaa\x57\x06\xb4\xcd\x7e\xa6\xad\xe2\x61\xa9\x8f\x41\xc1\x64\x7d\x01\xa4\x9d\x54\x05\x4b\x3a\xcf\xd7\x1a\x07\x0e\x24\x20\xfb\xe6\x9e\xac\x99\x68\x2d\xbd\xbb\x14\xb7\xf8\xfb\x0d\xc9\x23\xe2\x44\xab\x39\x9d\xc0\x94\xd3\xed\x0e\x92\xc0\x05\x08\xab\xdc\x37\x0b\xd4\xfb\x55\xc6\xa4\xad\x01\x20\xab\xa4\x09\x20\xf8\xf2\x98\x66\x3b\xd0\xa8\x8f\xca\xbd\x0c\x78\x5e\x6c\x2d\xca\x3a\xe2\xbe\x9f\xfd\x3f\x58\xe8\x59\xc0\xed\x6b\x18\xb5\x78\xa3\x8d\x47\xb2\x5c\x9a\x11\x84\xd0\x2a\x44\xdd\xd1\x51\xe6\x12\x8e\x82\x6c\x10\x20\xf6\x5a\x2d\xea\xeb\x58\x62\x2d\xd7\x7b\x93\x36\x4c\xf0\xbe\x82\x4e\xaa\x9e\x5c\xb7\x51\x88\xd6\x84\xb2\xad\xe4\x2f\x8e\x37\xf1\x71\x8f\xee\xd5\xf7\x09\xe4\xa3\x9c\x45\x2e\x10\x60\xc5\xdc\xc4\x9d\x85\x27\x19\xbd\xeb\xc0\xa7\x0a\xf1\x75\xec\x77\x36\x63\x7b\xd5\x7e\xb2\xb0\x89\x78\xe2\x63\x70\xa0\xe7\xc5\xfa\x2f\x1f\xe0\x9e\x8c\x48\xeb\x17\xb5\xa9\x51\x6d\x0f\xa3\xec\xf4\xe7\x44\x04\x74\x1f\xe4\x59\x96\xe5\xb2\x7f\xab\xac\x61\xdc\x0c\x01\x30\x7d\xfa\xce\x46\x7f\x6f\x44\x84\xa4\x7a\xe3\xe6\x3a\xad\x97\x03\x96\x35\xd3\xdb\x1a\x25\x0b\x45\xcd\xcd\xe5\x47\xd9\x91\x1d\x08\xe2\x38\x06\xe0\x33\x83\x5e\xcb\x01\xd6\xc5\x82\xa9\x4e\xdf\x11\xb0\x9b\x9e\xeb\x12\xa6\x37\x51\x7a\x31\x98\x8f\x3a\x22\xe9\x4a\xf9\xf6\x6a\x41\xbb\x3e\xe6\xd2\xfb\x57\x77\xde\x59\x12\xdf\x56\x41\xa3\xe8\xef\x50\xb5\x9a\xfb\x1b\xd5\x99\xe8\xe7\xfb\x1d\x24\xf1\x9e\x82\x32\x03\x8c\xd4\x00\x63\x25\x32\xac\x0a\x41\x66\xd1\x3e\x0d\x01\x02\x53\xf0\xf6\x6f\x56\x80\x1b\x6b\x0f\xc1\xed\x60\x1f\xcb\xdc\xa8\xef\x64\xf6\x17\xc8\x21\xcc\xfb\xea\x8e\x31\xcd\x32\x72\xf0\xad\xcd\x64\x60\x92\xfc\x22\x17\x39\x91\x76\x2f\x2d\x02\x9d\x63\x37\x5f\x97\x5b\x8a\xff\x36\x32\xe7\x46\x9b\x93\xa0\xb6\xb4\x91\x19\x6a\x89\x95\xfa\x9b\x83\xd1\xc5\x7e\x97\x2f\x53\x4a\x06\x3a\x68\xa5\xa3\x39\x06\x37\x0f\x4d\xa5\x4f\xe7\x1d\x30\xf5\x0a\x24\x80\x94\xb7\x02\x49\x7a\xcb\x56\xc5\x22\xaa\x99\x02\x5c\x79\xd0\x4a\xa2\x9a\x72\xd2\xca\xd6\xf5\x41\xad\x21\x3e\x94\xcf\xc5\xa0\x70\x37\xb3\xdb\xcd\x37\x82\xc9\xf7\xdb\xce\x1b\xa3\x71\x9b\x4c\xa8\x49\x81\x02\xac\xdf\x70\x89\x7a\xb0\xe2\x5b\x97\x67\x2c\x9b\xdf\xe5\xe3\x4b\x99\x8c\x19\xcc\xf1\x99\x7e\xbb\x7f\x75\xcb\x5e\x28\x02\x68\x72\xe5\x37\xf0\x2c\x49\x42\xe9\x2c\x17\xa7\x9d\xa9\x57\x74\x72\x01\x92\xe5\xfb\x45\x34\x3a\x62\x50\x10\xc1\x28\x12\xec\xdd\xc3\xe3\x10\xbb\xa1\xd4\x2a\x96\x53\xcd\x7e\x0f\xce\xda\xb8\xd3\x6a\x0f\x88\xd1\x32\xa7\xda\x90\x89\x41\x30\x98\x0f\x6e\x2e\x07\x88\x41\x4d\x41\x87\x7b\xe3\xad\x8f\x18\x00\x08\xb1\x7b\xaf\xeb\xb9\x38\x06\xd5\xd5\xf3\x78\x9e\xdb\xb8\xf3\x7b\x46\xfb\xa6\x6e\xa3\xe0\xae\x8b\xf6\x64\x18\xeb\x1f\x50\xf3\x93\x12\x0d\xef\x15\xb6\x42\x2b\xf4\x31\x89\xa6\x93\xae\xc1\xc3\x8e\x72\x79\x57\xb0\xfe\x66\x21\x80\xe3\x97\x5d\x43\x14\xc9\xf3\x91\x21\x08\xf4\x2a\xa4\xe8\xfb\x12\x3e\xe5\xae\x35\xcb\x51\xa8\x87\x41\x89\x94\xd2\xd0\xef\x07\xe9\xea\x42\x0d\x4f\xe8\xb2\xac\x7a\x1b\x37\x66\x41\x30\xc6\xdb\x6c\x91\xf1\xcb\x78\x32\x46\x0a\x00\x22\x20\xf3\x44\x17\x52\x7b\xf8\x29\x9e\x1a\x31\x01\xad\x36\x33\x07\x65\xd1\x30\x79\x66\x78\xd6\xfb\xaf\x67\xcd\xad\xc9\xce\x6d\xc5\x77\xa5\x87\xe4\x82\x48\xbe\xef\xfb\x34\x54\x7c\xa4\xf5\xb2\x3c\xcb\x02\xdf\x00\x08\xb5\x13\x99\xd9\xdf\x23\xc5\xb6\x7b\x8e\xc8\x71\xcc\x7c\xe9\x42\xf2\xcd\xa8\x78\xa7\x68\x34\xbb\x51\x73\xb5\xfc\x6d\xd0\xe2\xa2\xbf\xfa\x91\x4e\x62\xbe\x9c\x36\x3a\x82\x81\x22\x05\x7b\xbe\xf1\x8a\x60\xa2\x69\x5e\x11\x2a\xe5\x4b\x90\x61\xf6\x1c\x04\xab\x71\x95\xae\xe6\x86\xfe\x15\xdd\x4c\xa6\x18\x19\xbd\x2c\x3d\x12\x16\x9f\xc4\xf8\x3b\xbb\x56\x1f\x8b\xed\x60\xda\x65\x5f\x95\x6e\x51\x3a\x1b\x6d\x5b\x0f\xdd\x0e\x8b\x72\x40\x91\x00\x80\x37\x00\x27\xe2\x5e\x48\xd4\x4d\xc6\x0f\xca\x42\xb4\xd9\x27\x12\x52\x10\x79\xac\xfc\x8c\xb1\xb7\x7d\x41\x0f\xd0\x1a\x1b\xfd\x50\xe1\x43\x60\x7e\xea\x83\xcb\x72\xe3\x46\x24\xae\xa5\x85\xe7\x91\x40\x04\xa9\x0d\x0c\xe6\x3e\xb2\x81\x96\x65\xf1\x35\x27\x98\x94\xf0\xb1\xaa\x98\x22\x64\x76\x09\x2a\xbd\x72\x9a\xba\x4e\x9b\xd2\x1f\x26\xff\xb7\xcf\xdb\xbd\xbc\x98\xb0\x98\x3e\x79\x87\xf5\xf8\xa6\x7b\x07\x44\xd6\xee\x32\x3b\x92\x1b\x7d\x08\x52\x22\x65\x18\x0c\xeb\x92\x0c\x60\xe6\x1e\xd3\x70\xb7\xa8\x29\xec\xf2\xde\x17\xc0\x5d\x64\x10\x42\x75\x7e\xe2\x75\x0b\xba\x74\xde\xf6\xd4\x43\x2e\x83\xb5\x22\x9b\x57\x70\xe9\x0e\x70\x77\x7f\x47\xe1\x48\xf4\xde\x44\x78\x37\x00\x6e\x48\x01\x8a\x84\x2a\x02\x58\x5c\xa2\xa6\xa8\xb3\xef\x9b\xbd\xe4\xd6\x1e\x0f\xe5\x5c\xdb\x66\x3f\xf8\xe6\x60\x2b\x48\xc2\x01\x72\xe1\x6f\x8d\x79\x86\xdd\x1c\x2b\xc8\x52\x60\x0e\x79\x5f\xa2\x17\xfa\x2e\x4c\x93\x62\x64\x3a\x6a\x8b\x84\xf5\x06\x24\xc3\x19\x46\xc6\x1d\x59\x0f\x4d\x3b\x8d\xe7\xa9\x09\x92\x2c\xdf\x09\x17\x3b\x24\xe2\x63\x3b\x84\x56\xb5\x59\x81\xf6\x4e\xfe\xb9\xde\x05\x86\x44\x1d\x9e\x80\xaf\x49\x1b\x14\x92\x1a\x46\xee\xfb\x3d\x80\x2f\x93\xd8\x18\x9b\x1c\x4f\xfd\x79\x01\x64\x73\x76\x03\x10\xe4\x08\x46\x16\xd8\x9d\x1d\x0b\x23\x9d\x95\x5f\xa3\xba\xd4\x5a\x64\xdc\xc8\x4b\x10\x6c\x65\x77\x26\xb0\xc6\xc3\xfe\x57\xe3\x7a\x6b\xba\xee\x40\xcf\x52\x3b\xa9\x1c\x4e\x0b\x50\x41\xb7\xcf\xc2\x07\x96\x59\x3f\xd3\x53\x08\x10\x46\x17\x56\x0e\x61\xf2\x15\x43\xac\xf1\xd3\x81\x7b\xf0\x3b\xaa\x83\x90\x25\x9b\x3f\xbd\x15\x3f\xc4\xd3\x47\x8c\xcb\x4a\x4b\x2d\x6e\x7c\xf0\xef\x30\xf6\xce\xf3\xeb\x89\xec\x2b\xda\xef\x5a\x70\xe9\x6a\x9c\xfc\x76\x40\x48\x03\x80\x09\x00\x6c\x05\xb9\x81\x2c\x7e\x62\x4f\xe9\xcc\x00\x1c\xef\x09\x82\x30\x36\x81\x00\x6c\xf9\x16\xa0\x4b\xd6\x58\x36\x83\xbc\x3a\x83\x5d\xc6\xa6\xa7\x35\x79\x72\x15\xba\x58\x64\x4f\x99\x9d\xa2\x87\x68\xa1\x8b\xf2\x8f\x3e\xe4\x26\xa9\xcb\xd4\x72\x59\xac\x86\xd1\x02\x92\xb8\xfb\xf1\xdd\x34\x30\x1d\x63\x1c\x00\x04\x81\x2c\x05\x33\x70\xcd\xf7\x5a\xaf\x0b\x11\xa7\x93\xd3\x49\x26\xda\xfa\xc0\x24\xfd\x47\x62\xf4\xe6\x40\x61\x0b\x13\x02\x3e\x70\xb8\x4f\x0a\x3f\x1f\x85\x62\x2c\xb4\xfe\x7c\x2a\xad\xca\xe5\xe8\x63\xe1\x0f\x65\xd7\xb4\xfa\x71\xa8\x46\xee\xb3\x7e\xc1\xce\x0c\x73\x5d\x03\xe3\xfb\x10\x39\x92\x4c\xf7\x3c\x26\x58\xfc\x38\x54\x07\xa6\x8f\x40\xb2\xa7\xbe\x8b\x31\xe9\x06\xa9\x80\xcd\xf4\x26\xe4\x4d\xf2\x53\xdf\xed\x45\x65\xb3\x5c\x0d\x8e\x12\xf0\x03\x7c\x93\x5a\x4d\x6e\x38\xf1\xa8\x0c\x3e\x78\x20\x5c\xfd\xdf\x9c\x49\xb1\xf5\x63\xea\x4d\x8f\x2f\x03\x17\x4b\x89\x9c\x81\xab\x8b\x20\xb9\x96\x03\x0d\xe6\x40\x50\x90\xa2\x70\x95\xf6\x22\x57\xf9\x02\xc6\x9d\x60\x92\xed\xec\xcc\x57\xf8\x92\x7a\x3d\x47\x78\x2a\x98\x84\x66\x26\xbe\x8b\x61\xe3\x1e\xaa\x07\x87\xbf\x59\x76\xa4\x73\x6d\xb6\x3c\x8b\x5e\x65\x59\x0f\x6e\xf7\xc3\xde\x7e\x4e\xfc\xa0\x01\x28\xbc\x8c\x93\x31\x08\x26\xce\x89\x7d\xc7\x70\xff\x73\x27\x68\xe7\x2b\x6d\x75\xa6\x5e\x6b\x3a\xad\x84\xa7\x9f\xbc\xef\x5b\xa4\xff\x1f\x9f\x58\xe7\x08\x5f\xe8\x44\x77\x35\xb8\x35\xf3\x49\xa4\xd1\x8b\x40\xc3\x4e\x42\xe7\x4c\xb3\xd9\xfb\x00\xd4\x59\x89\xeb\x5f\x8d\xe4\x61\xe1\x64\x2e\x44\x12\x6c\x2d\xb1\x12\x4b\x0b\x50\x06\x8d\x18\x23\x02\xc6\x35\x9f\x63\x6f\x5c\x62\x7e\x5c\x80\xa6\x1a\x74\x3b\xae\xee\xc7\x72\xd4\x64\x1a\xdc\x6e\x5f\xd2\x71\x5d\xaf\x32\x6c\x8a\xbc\x10\xec\x37\x34\xbc\xeb\xf0\x42\x13\xbe\xe5\x44\xb1\x90\xfa\xa5\x99\x13\xe1\xd3\x94\x9b\xb1\x06\x81\x64\x5a\x7f\xb2\xf9\x07\x66\x20\xdf\x70\x66\x27\xd8\x9d\x45\x3b\xe7\xe4\x07\xec\xb3\xab\x4a\x99\x2a\xe3\xcf\xf9\xbd\xcf\x77\xfa\xe8\xa7\x57\xed\xba\xa1\xe0\xef\x6a\x62\xdf\x4f\x5d\xfe\xfe\x87\xe3\x49\x4e\x9f\xe5\xda\x59\xa8\xaf\x12\xb9\x7c\x95\xfa\x1a\xcd\xb4\xa5\xd8\x56\xb1\x6e\xb5\xb8\xe5\x2b\xbc\x04\x0c\x02\x67\xee\x45\x56\x59\x14\xf3\xed\xe7\x4f\xa8\x0e\x67\xb5\xba\xd3\xea\x76\x8b\xa8\xf8\x65\xb8\x55\xb3\x43\xef\x8a\x4a\xba\x8d\x52\x28\xe0\xcc\xdf\xff\xcb\x55\xc7\xeb\x96\x04\xa1\x09\x38\x61\xfe\x28\x77\xd7\x04\xdd\x1e\xd6\x22\x62\xc8\xee\xf6\x20\xd7\x0d\x2d\x23\x6c\xca\xf9\x2b\x81\x66\xe7\xf8\xa1\x43\x09\x54\xc2\xfe\xe0\xe6\xdf\x99\x29\xff\xf2\x24\xa1\xbf\x93\x10\xd3\x47\xe4\xc6\xec\xe6\x54\x2d\xfd\x7a\xc1\x87\xf1\x81\x07\x35\xaf\xee\xe4\x5a\x95\x1b\x79\xa7\x99\xb3\x2f\x49\xe5\xbe\x0b\xa2\x7f\x22\x9f\xd2\x7d\xfd\xe5\xf3\xe6\xdf\xbd\xc8\x70\x5f\xea\xd1\x9d\x3d\xe1\x9a\xdc\x9b\xcd\xa5\xd7\x8e\xd6\x4f\xdd\x78\x7d\x5f\xed\x18\x74\xf2\x0b\x66\xed\x6d\x4f\xa9\xcd\x06\x89\x4c\x0b\xd6\x25\xcc\xdd\xe2\x8e\x9f\xc7\x77\xe3\x40\x27\xbf\x3f\x7f\xb1\x33\xea\x15\x68\x52\xd0\x7d\xeb\x67\x24\x47\xad\xa7\x3e\xb6\x68\x4e\x70\xba\xfe\xd6\x56\xf5\x9b\xca\x96\xad\xde\xdc\x1a\xf5\x39\x8c\x59\xfb\x5d\xad\xca\xec\xf1\xcf\xa7\x52\x05\xbd\xf3\x3f\x9f\x2e\x3e\x94\x44\x04\x20\x49\xe8\x46\x64\x08\x4b\x3f\xb3\x6b\xb0\x7d\x50\x39\x85\xc1\xea\x4e\x24\x8b\xb9\x6f\x5c\x50\xe6\x64\x6e\xc3\x1e\x50\x21\x7b\xd1\xed\x87\xb9\x96\x09\xdd\x6a\xac\xe6\xc6\xf7\x33\xfe\xc5\xad\x6b\x0d\xad\x6b\x3e\x38\x27\x6b\xec\x61\xc5\xb6\x65\x91\x8b\x38\xba\x1e\x14\x89\x28\x6f\xad\xbb\xa9\x41\xc7\x16\x5b\xdc\xb3\x07\xc1\x9c\x97\x70\xe5\xec\xfd\xfd\x3b\xc7\x65\xd4\x1a\x29\xb9\x6c\x5f\xd6\x6c\xc6\xbc\x29\x84\x3f\xe4\xf8\x93\x8f\x58\xee\x98\x2f\x8c\xb2\xf6\xea\xfb\xac\x29\xac\xbc\xbf\x79\x55\x94\xf9\x91\x0b\xa0\x30\xb2\x7f\xf3\xbb\x5a\xd6\x68\x52\x30\x7d\x6b\x99\xed\x8c\xa5\xca\xa9\xab\xb9\x3e\x11\x57\x6d\x3a\x65\x6d\x50\x85\xe5\x52\x12\x6b\xce\xaf\x03\xeb\x6f\xd0\xf6\xb7\xb5\x42\x35\xfc\x30\xc7\x73\xd0\x9f\x56\x90\x1d\xbf\xfa\x65\x45\x6b\x50\x75\x89\xb2\xb8\x80\xc2\xe4\xed\x2e\x8b\x34\x08\x69\x64\x83\x70\xd6\x86\x33\xed\x73\x81\xd8\xc6\x4b\x69\x48\xfa\xa4\x8c\xdb\xc1\x0d\xf9\xeb\xed\x12\x1d\x4b\xc7\xff\xab\x87\x21\x24\x11\xa6\xf5\x29\x27\x10\x4c\x95\x93\x8c\x8d\xbb\xdf\x2f\x4d\x8b\xd7\x74\xe8\xbd\xcf\x98\x2b\x67\xfa\x7d\x4b\x21\xa6\x7f\xce\xb7\xf9\x76\xe5\xb9\x02\x44\xfd\x5f\x0e\xd0\x76\x96\x9e\x3d\x2d\xe3\x85\x6b\x55\xb0\x9a\x53\x3e\x30\xb8\x11\x1a\xd2\xc8\x1f\x4f\x61\x80\xc2\x61\x68\xae\xa9\xd6\x82\x1d\xbf\x3b\xac\xcb\x0f\xc5\xaf\x29\x97\xca\xff\xac\x47\xba\x2c\xc7\xe8\xc5\x3f\xdf\x33\xc9\xd5\xb0\x7d\x93\xbb\x16\x6a\xc7\x08\x69\xd7\x9a\xdc\x97\xfa\xf1\x58\xb1\xb9\x3b\xca\x59\x0f\xfd\x73\xbc\xb4\xc2\x3b\xd9\x4b\x65\x5b\xd5\xfe\xb0\x39\xcd\xa9\xd3\x76\x2f\x15\xb3\x4d\x72\x3d\x50\x25\xf1\xfa\x6f\x1e\xb9\x05\x13\xf5\x45\x5d\x42\x65\xb1\x0b\xe5\xe8\x9a\x6f\x66\x9f\x96\x51\x4e\x06\x4f\xe4\x0b\x84\x19\x4b\x6f\x17\x43\xe7\x33\x1f\x60\x1b\x27\x4f\x5e\xb8\xa9\xe9\x7d\xcd\x44\xd3\x8f\x8a\xb0\xdf\xcf\xfe\x6f\x1c\x0d\x9b\xaf\x9d\x08\x86\x93\x8b\x58\x84\xdc\x23\xb8\xdf\xf3\x2e\x50\x48\xd6\x97\xd1\xa1\x9e\xb4\x41\x09\x5f\xda\xcb\xb9\xa7\x74\x3b\x98\x9d\xbf\x23\xc6\x90\xb7\x2c\x8f\x8c\x2f\xfe\x1f\x6c\x1b\x4c\x7a\x63\x3b\xf9\x0a\xdb\xa5\x6a\xe1\x15\x76\x01\xcf\x22\x54\xcc\x9b\xbd\xbc\x12\xa6\x5c\xc8\x4e\x1b\x76\xef\xb0\x0b\x9b\xc5\xb1\x21\xea\xe6\x0d\x16\x53\x9b\x15\xe3\xed\xa8\x3d\xa7\x1a\x4d\x2a\xf6\x8b\xd5\xff\xfd\x3e\xa5\x76\xbd\xd1\x55\x44\xed\xcf\x33\xba\xf0\x7b\x28\x87\xe0\xa3\x5b\x3f\x16\xb6\x76\xe2\x98\xed\xb0\x83\xf7\x7e\x3a\x6e\x1b\x5a\xc9\xfd\x9a\x31\x36\x9c\x8d\x0f\xce\x69\x38\x62\xc6\x5e\x15\xd9\x56\x42\x11\xaf\xed\x19\xfd\xea\x5e\xf8\x50\x9a\xa0\x2f\x67\x89\x2d\x9f\xaa\xf5\x26\xc7\x34\xf9\x72\xcc\x16\x81\xe6\x83\x04\xb3\x2f\xaa\x8a\x85\x6c\xf5\x4b\xaa\xd2\x90\xa5\x4f\xaa\x07\x1a\xbd\x87\xea\xa5\x54\xf8\xdd\x45\x19\xfb\xed\xfe\xfd\xfb\xf0\x50\xbd\x11\xe5\x19\xb5\x5f\xf6\x5c\x08\xed\x12\x2b\xb1\xea\x84\x24\xef\x6a\x08\x8a\x4c\xc4\x5e\xd2\x66\x54\x0c\xd7\x51\x17\x12\xdc\xd7\x8c\x0d\xb1\x85\xae\x52\x15\xf0\xbc\x3b\x77\x12\x9d\xa5\x73\x9f\x2c\x05\xea\xcf\xe0\xcb\x3d\x87\xc7\xfc\xbb\x23\xaf\x5e\x59\xff\x86\xde\xaa\xb5\x4b\x3c\xa7\x31\x9e\xad\xee\x04\x9d\x76\x8c\x7c\x75\xa3\xe1\xa0\x49\xb3\xa5\x6e\x3e\x13\xc5\x9f\xe8\xcc\x2e\xe3\xf4\x24\x73\x17\xe3\x8b\xed\x45\x6f\xaa\x00\xe3\xb9\x6f\x33\x2a\xf6\xcc\xe6\x48\x7d\xf9\xd5\x78\x3f\x3b\xe5\x6a\x4e\x27\x61\xca\x73\x89\x85\x4f\x0c\x1b\xb2\x11\x73\xb9\x2a\x86\x37\xff\x06\x60\xad\x83\x4e\xaa\xe1\xdb\x13\x9e\x2d\xe5\xb9\x53\xea\xbf\x4d\x86\x66\x0a\xf7\x3b\xe4\x87\x1a\xf2\x94\x8b\x1d\x56\xd2\x49\x35\xb7\xbf\x9f\x0d\xf1\x77\x56\xc0\xbc\x9c\x5e\x62\x1b\xaa\x57\xaf\xf3\x6e\xd2\x68\xed\x8f\x90\x45\xc8\xd9\x3a\xdc\x61\x5c\xf2\x7a\x09\x26\x3a\xc7\xae\xf7\xd3\x84\xa3\xf6\xa2\x82\x45\x7c\x61\xf4\xac\xc6\x17\xa7\xb4\x18\xb8\x83\x4d\xbe\x67\x79\x6c\x85\xfd\x2d\x2d\xbf\x7c\x52\xeb\x6c\x3d\x2f\x02\xde\xc4\x4c\x20\x29\xca\xb5\x6c\x9a\xe3\x7e\xd4\xdd\x81\x8e\xdb\x06\x93\xbf\x18\x03\x2e\x15\x4d\x96\xf8\xcb\x0d\x6b\xb2\x7b\x99\xd2\xd5\x00\x7b\x6a\xbd\xc5\x0d\x81\xf8\x67\xf7\x4f\x3d\x9d\x5d\xbc\xcb\x20\x6f\xb7\xf1\xf9\x36\xdf\x56\xd4\xde\xd8\x22\xcc\xc3\xaf\x81\xdb\x91\xfd\xc4\x4f\xc8\x9b\x4d\x2c\x6a\xda\x5d\xa0\xb3\x51\xb4\xd1\x6d\x45\x1f\x6b\xf3\x54\xe0\xde\xe1\xfd\x8d\x3e\x17\x15\x8d\x42\x11\x1e\x87\xb8\x4c\x03\xa8\x59\xa7\xaa\x07\x5a\x97\x5b\xe6\x33\x41\x6f\xf2\x26\x94\x15\xd9\xa6\xe7\x50\xe5\xc9\x46\x18\xd3\x11\xf7\xfb\x15\x0e\x9f\xdf\xdf\x21\xd1\xcd\x28\xc7\xb2\xa6\xd9\x5f\x52\x52\xc5\x96\x60\x9e\xc8\x03\xa8\x48\x8a\xef\xfe\x69\x12\xb9\x5a\x3c\x1e\xe2\xe3\x29\x99\xef\x8f\x33\xa7\xda\xa0\x89\x93\xaf\xda\x05\x2a\x09\xb2\x5f\x16\x96\xc8\x9c\x89\xa3\xa0\xa5\x66\x7b\xfe\xe7\x5e\x09\x9a\xcb\x16\x77\x46\x79\x4b\xe2\x7a\xa2\x66\x77\xea\x59\x08\x2a\xf7\x1b\xc7\x4f\x5d\xad\x15\x2b\x34\xd7\x39\x12\x6a\x91\x04\xef\x21\x5f\xda\x19\x9b\xc8\x93\x7f\x9c\x2a\x30\xcf\x15\x57\x4a\xb3\xe4\x14\xfa\x79\x84\x6f\x66\x14\x0b\x2a\x22\xf2\x8b\x4f\x5f\x09\xe5\x7d\x9b\x17\xf7\x52\xd0\x4b\xad\x07\x9c\xf2\x5f\x4c\x58\x2e\xbb\x7a\xf1\xdc\x24\xda\xf5\x3f\x33\x1a\xee\xd1\xf3\x66\x77\x95\x29\xd8\x34\x3c\x6b\x4c\xa1\xad\xaf\x07\xc1\x3f\xce\x19\xa3\xb1\x9a\xde\xf2\xd7\xe7\xb9\x31\x4b\x2f\xb7\x2f\xc9\x47\x21\xc8\x14\xe2\x55\x3e\xaf\x79\x1f\xa9\x71\x0d\x57\x41\x43\x49\x14\x25\xca\xec\x25\x37\xbb\xaa\x3d\xc6\x22\xfd\xed\xc9\x49\xb7\xb8\x73\xf8\xb1\xd1\xa9\x50\xca\x1b\x42\xb2\x24\xd3\x19\x13\x85\x2b\x67\xbb\x60\xd1\xec\xc6\x97\x7a\x25\xad\x34\x11\xee\x8b\x7a\xc7\x18\x34\x42\x7a\x4f\x06\x60\xcc\xd6\x30\xf1\x35\x02\x8c\x6e\xc1\x99\x8e\xf4\x83\x2b\x36\x1b\x68\xcc\xf8\x59\xf3\x01\xc1\x6f\x4a\x41\x8e\x25\xfd\xfa\x4f\x6c\x49\x3f\x75\xba\x63\xf1\x8b\x4b\x73\x17\xb3\x88\x97\x6b\xc1\x70\xab\xbf\xb7\x4a\x19\x61\x7f\xe2\xae\xd5\xfb\x42\xef\x67\xb2\x23\x36\xc5\x85\x34\x32\x63\xc4\xe3\xfb\xfb\xce\x50\xb3\xf1\x3e\x7d\x2c\xf8\x7e\x76\xa5\x7c\xb6\x0e\x93\x58\x49\x57\x2a\x94\xef\x81\xde\x98\xb1\xe1\xaf\x4d\xb9\x33\x55\x7c\xfe\xbb\x0b\x49\x5d\x0b\xa1\x35\x1e\xba\x24\x5f\x45\xdb\x10\x04\x96\x74\x97\xf7\x9e\xaf\xb4\xa4\x5b\xb8\x75\x25\x68\x16\x7c\x37\xe1\x82\xc7\x24\x2d\x55\x9e\x80\xdd\x0b\x09\x21\x44\xe7\x6f\xd9\xea\x23\xa1\x3d\xce\xd2\x58\x13\x42\xbb\x3b\x7f\x12\x7f\x35\x25\xdc\xd3\x47\x6c\x99\x17\x65\xad\x0e\x30\xcd\x76\x2e\x29\x81\x19\x46\x10\xcf\x77\x2a\x24\xc4\x72\xb3\x0a\xfe\x3c\x59\x67\x7c\x2a\x27\x24\x11\xe1\x07\x33\x57\x2d\xdf\x1c\xde\x8b\x8c\xe0\xea\xb9\x1b\xbb\x8c\xb2\xd7\x12\xf1\x13\xd9\xbf\x95\x0b\x0d\x1b\xb5\x46\x89\x3d\x81\xdf\x34\x01\x5b\xbf\xa5\xbf\x1e\x09\x5c\x27\x57\xd0\xc0\xca\x57\x63\x51\x15\x99\x68\x0b\x4c\x6f\x83\xc1\xe8\xe9\x98\xf8\xfa\x63\x55\x7c\x76\xeb\x2d\xaa\xef\x6b\x4b\xbc\x17\x06\x39\xfc\x5c\x4e\x86\x0e\x12\xfb\xbe\x3b\xc8\x8e\x31\x3a\x3f\x43\x87\xe3\x70\xca\x9f\x48\x4f\x24\x95\x89\xa6\xdc\x55\xf9\xc1\xff\xb2\xd5\x4b\x37\xc7\xbc\xcd\xfb\xdf\x59\xd3\x4f\x79\x3c\x55\xf3\x8d\x07\x11\x83\x69\x41\x77\x89\xee\x9e\x03\xee\x39\xc9\xc5\xf0\x59\x1e\x18\x92\x9b\xbd\x51\x69\xa2\x94\xa1\xa9\x10\x8a\x4d\x95\x22\x27\x1a\xf3\x67\x12\xac\x9f\xf2\x3d\xab\x6c\x16\xad\x38\x13\x9d\xe5\x04\x25\xa7\x97\x2f\x51\xce\xd7\x92\xf4\x3e\x7e\x7c\x0c\x04\x8b\xdb\x3f\x67\xf3\xf9\x7b\x36\x8f\x47\xde\x7d\x52\x47\xd6\xd6\x40\x89\x50\xff\x19\xf7\x13\xad\xd7\xc3\x93\x09\xf7\x10\x44\x3b\x31\x28\x7f\x26\x35\x58\x31\x5a\xb6\xbc\x1c\x2f\xa4\xd9\xb7\xbe\x34\xdb\x8f\x98\x23\xd9\xb7\xff\xc9\xf5\x9e\xda\xfa\x0c\x23\x08\xc2\x6a\x8c\xe9\x4b\x72\xc8\xfe\x41\x6e\xfd\xde\x20\x88\x17\x8b\x65\x9f\x7f\xc4\x17\xf5\x3b\xcb\x32\xea\xc7\x2e\xb4\x9f\x65\xc0\xda\xc5\xad\x78\x13\x0d\xde\x5b\xce\xad\xdc\x8d\x0e\x14\x64\xa8\xaf\x91\xb5\x0a\x01\xa5\x9e\x97\x22\xe5\x08\x55\xa3\x62\xf4\x10\x95\xcf\x25\x7e\x1b\x06\x10\x45\x19\x34\x13\x95\xc5\x1d\xd1\xcf\x4c\x1c\x88\x4e\x42\x77\xab\x1d\xc7\xdc\x09\xdd\x09\xda\xf7\x95\x7c\xbf\xe2\xdf\x58\x2a\x1e\xb0\x09\x71\x5f\xda\xa2\xd5\xe9\x25\x1c\x3c\x07\xa3\x4c\x30\x40\x1a\x8f\xbd\x88\xa6\x3b\x5f\x78\xa1\x1c\x1a\xef\xf5\xe1\x54\x5a\xab\x03\x5c\x2b\xc9\x61\xf6\xd6\x39\x02\x29\x69\x88\xa2\xc3\x22\x1c\xc7\xd1\x5e\x33\x2a\xaf\x6c\x66\x43\x7f\xdf\x43\xb7\x76\x82\xda\xe2\x3e\x17\x51\xc7\x36\x0a\x65\xd5\xac\x54\xe5\x27\xe1\xfc\xce\xc9\xc5\x25\x57\xa0\x3f\x1d\x83\xc4\xe2\x41\x38\x47\x1e\xea\x52\x70\x20\x62\xd8\x5a\x6e\xfb\x73\x11\xaa\xab\x12\x2b\x71\x3f\xc3\x91\x25\x4a\xc5\xc2\x97\x47\x9a\x80\x31\x15\x42\x34\xfd\x79\xc7\x42\x49\x22\x52\x86\xb0\xa5\xe7\xc1\x0f\x82\x32\xf3\x3c\xb7\x13\x0c\x44\xa7\x38\xfd\x09\xfa\xf7\x0a\x5f\x1d\x07\x81\x50\x2c\x8f\x47\xae\xe6\xea\x5f\x51\xaf\xfe\xb0\x25\xcb\xff\x2c\x03\xe1\x12\x2b\x55\xae\x70\xff\x6c\x79\xb8\xe7\x48\x1e\x17\xe5\x71\x2a\xf2\x0f\xff\x3f\xfb\x32\x1d\x51\x42\xe3\xbe\xfc\xa7\xd0\x3e\xf2\x5c\xf0\x30\xce\x17\x9d\xa6\xd3\xe8\x9e\xe4\xfb\xc9\x9b\x3e\x51\x57\x1e\x22\x3b\x28\x24\x52\x90\x37\x94\x6c\x2e\xc7\xe9\xf8\x0a\xfe\xd0\xc4\xcf\xeb\xd7\x43\x25\xe7\xb5\xcc\x71\x3f\x64\xa6\x14\x6c\x80\x76\x16\xa6\x71\x81\xa4\xd2\x18\x85\xd8\x5d\xbe\x2b\xa6\x89\x35\x9c\x40\x67\xe8\x6a\xd8\x19\x82\xb0\xf6\x48\xd1\x52\x15\xf4\xfa\x3c\x31\x0f\xba\xfb\x70\x01\xa5\x36\x56\xa6\x38\x2c\x89\xf6\xfd\x50\xc9\x55\x27\xad\x39\x75\x1b\x39\x22\xdc\xdf\x1a\x0f\x49\xed\xa6\x9e\x6b\xcf\x5b\x4d\x2b\xd9\xcd\x29\x06\x0f\xb4\x70\x7e\xe3\xf1\xc9\x7e\xe9\xdd\xbd\xf6\x86\x81\x59\x12\xf3\x83\x45\x83\x37\x8b\xc0\xae\x1c\x23\xab\x57\x48\x55\xad\xc4\x4b\x07\x08\x09\x72\x87\x6e\x1d\x72\x34\x51\x63\x7d\xe0\x35\x99\x7d\xca\xb4\x5f\xe1\x1c\xe3\x69\x2f\x4c\x96\x73\xaa\x40\x8f\x88\xbe\x7b\x52\x39\x6d\xcb\x6e\xe8\xc6\x2b\x8e\xda\xe3\x49\xef\x18\xdc\xbf\xb2\x86\x44\x0a\xa2\xe9\x95\xf8\x7c\xfd\xea\x07\xa5\xee\x42\x4b\x25\x3c\xbb\x71\x67\x18\x2e\x8c\x1f\x0a\x2c\x64\xcc\xcb\x11\x24\x07\x43\x2b\xa0\x3d\x11\x60\x0c\x83\xc0\xe0\x52\x39\xf9\x23\xeb\x3d\x82\x88\xe6\x83\x91\xdd\x39\xd4\x20\xc6\xb2\x74\xac\x75\x58\x5f\x0a\xf8\x03\xef\x00\xd8\x04\x40\x3d\x27\x49\xa4\xf5\x7a\xe9\x25\x3a\x6d\x78\x9a\x72\xce\x3a\x79\x1d\x8f\x74\x27\x98\xdf\xb3\x9d\xcd\xc0\xfb\xfc\xe4\x0b\x76\xb8\x5b\xe8\xcf\xf3\x4d\xa1\x3e\xbd\x2b\x40\x20\x76\x42\x30\x81\xef\x67\x39\xc8\x17\x3a\x51\x67\x6c\xc0\x78\x6f\xbe\x28\x25\xf9\x52\xf7\x5b\xb6\xbe\xa5\xdd\xb0\xc3\x23\xbc\xde\xcb\x7e\x6c\x8b\x90\xf9\xcb\xe8\xa7\x17\x15\x0b\x4c\x4d\x6e\x3b\x82\x2d\x45\x0a\xb3\x76\x9e\xbe\xef\xb7\xf4\xd2\xc7\xc7\x1b\x1d\x0f\x12\xb3\xbc\x6d\xb1\x30\xc2\x63\x14\x77\xbb\x2d\xd8\x83\x4d\x38\x9e\xb5\x90\xd8\x56\x84\x86\xfd\xde\xf9\x0d\x84\xe0\x53\xc4\x96\xa1\x21\xd9\x7c\x1b\xbe\x8e\xd0\x02\x8e\xb0\x77\xa3\x59\xe7\x8c\x50\x1b\x40\xdc\xa9\xd2\xd0\xc6\x25\x70\x04\x27\x08\x40\x3f\xe1\xb1\x60\xa3\xdc\x8d\x53\x4e\x3f\x1f\xb6\xea\xb1\xc8\xab\xfc\x22\x2d\xea\x4d\x45\x09\x12\x37\x07\x9e\x3b\x47\xd7\xde\x23\x66\x77\x29\x06\x80\x06\xa0\x38\xf1\xf9\xf8\x46\xad\xcd\xc0\x0d\x25\x98\x4f\xa5\x59\x54\xea\xbd\xf6\xb8\x7e\x9c\xe9\x2f\xb7\x91\x9f\x65\xd8\xae\xd9\xa2\x6d\xb4\x0d\xe3\x15\x67\xcc\x68\x7d\xac\xe9\x8a\x1b\x2f\x89\x00\x4d\x13\xb2\x72\x32\x4f\xf4\xb6\x83\x7b\xde\x4f\x69\x75\x95\x15\x67\xee\xcf\x68\x78\xfa\x89\xbc\x79\x13\xdf\xa8\x58\x79\x46\xc2\x01\xf8\x1d\x80\x70\x57\xca\xc9\x04\x70\xee\x77\x50\x7d\xd2\x30\x4d\xc4\xd5\xfa\x36\x4b\xd7\x34\x71\x62\x29\x0c\x43\x1a\xe1\xc1\xab\xcf\xfc\xd7\xc3\x42\x8c\xd0\x5b\x7d\x1e\xa1\x60\x2e\xf1\x9b\x67\x6b\xf6\x99\x03\xf2\x81\x6c\xbb\x3e\x4c\xf7\x60\x4f\xf4\x36\xfe\xdc\x45\xa0\xea\x97\x39\xe7\xba\x73\x7b\x21\xc1\xc0\x76\x26\xa6\x79\xc3\x15\x57\x59\x5f\x6f\x4c\xb3\x73\x08\x6c\xc0\xee\xd6\xad\xf4\x86\x4e\x10\xc2\x3c\x33\xc4\x3d\x39\xb4\xac\x45\x3b\xf2\xec\xbb\xef\x15\x25\xd7\xe9\x7e\x1c\x8c\x2d\x83\xd1\x79\x72\xbf\xf8\xfb\x3b\x4d\xfb\x4c\x23\xf3\x74\xfb\x4b\xc2\xed\x1f\x1c\x95\xb6\xd5\x9d\x01\xed\x02\x64\x8b\x37\x66\xa3\x4e\xe3\x41\xe7\x36\x62\xc2\x1c\x60\xa3\x16\x07\xd8\xf0\xb8\xd7\x8b\xe2\x0b\x52\xe0\xc2\x3d\xc8\x77\xda\x6e\x30\xdd\x1e\x06\x7c\xaa\xb6\x7d\xdb\x46\x25\x07\x4c\x1f\xfa\xcc\xb8\x11\x75\x7a\xfa\xe0\x4e\x09\x76\x26\xd5\x27\xce\xf7\xa5\x11\x26\xfe\x15\x8f\xbb\x76\xd6\x83\x98\x5c\xbf\xd2\x28\x07\x97\x1d\x7e\x2d\xf3\x20\x47\x9e\x0f\x71\x7c\x7f\xe7\xaf\x84\x6f\x00\x05\x3b\x60\xb0\x73\x89\x79\xb6\x3e\x9e\xda\x9b\x60\x5a\x1a\x20\x11\x9e\xf6\x23\xf9\xac\x71\xa6\x65\x56\xd8\x2b\x32\xf2\x80\x62\xb0\x7f\xd8\x95\xd7\x04\x40\xa8\xe1\x0d\xe3\xb5\xcc\xe0\x3d\x31\xfa\x0c\x18\x66\xbf\x36\x59\x5c\xe7\x87\xb9\xe4\xfc\xb3\x08\x78\xce\xde\x13\x29\xcc\x96\xe0\xf0\xde\xf4\xbf\x5e\x46\x32\xc3\xa1\xfe\x6c\xbb\xcb\x0b\x7f\x5f\x5d\x3a\x41\x93\x35\x71\x74\x10\xe4\x83\xcb\x10\x98\xe0\xf4\x36\x8f\x57\x47\x60\x1f\x27\x67\xca\x1e\x30\xe7\xb2\xfb\xf3\xd3\xbc\xe3\x53\xb7\x1b\x34\x32\x84\xfb\xc3\x94\x7e\xbc\x13\xe3\x47\x1c\x1f\xdf\x1c\x47\x28\x00\x08\x0d\xcd\x01\x56\x84\xfe\xfe\x89\xbc\x76\x46\xe8\x73\xcf\x93\xc7\x1e\x96\x02\x31\x63\x1d\xce\x0b\xd1\x86\xaf\x53\x84\x8d\x81\xe3\xbe\xe5\x90\xfb\xbd\x97\xdc\x53\x43\x21\x75\xa3\xee\xcc\x71\x73\xda\xd2\x4c\xb8\x68\xd5\x5a\x08\xde\x38\x47\x0c\xa0\x18\x8f\x25\x34\xce\x72\x6e\x68\xcd\xd3\x3e\x13\x00\x14\x06\x86\x9d\xcc\x1c\xd6\x1c\xce\x48\x6d\x74\x34\x8e\x6e\x46\x4a\xe5\xb7\xc6\xc5\xcb\x27\xd0\x3b\x7f\xef\x6d\x9f\xf0\x33\x1f\xcb\xbc\x6d\x8d\x88\x75\x67\x00\x54\x62\x90\x2b\x08\x17\x1c\x9b\x70\x78\x60\xc7\x79\x3f\x22\x61\x98\xa6\xe7\x2e\x0a\xea\xaf\xa7\xea\xc3\x21\xf6\x19\x6b\xd1\xce\x0a\xd5\xeb\x0c\xbb\xb0\xcb\x0e\x32\xfb\x28\xaa\xce\x39\x4b\xb4\xef\x3a\x64\xee\x00\xd3\xa8\x9c\x1b\xb5\x7d\x85\x13\x40\x10\x06\xa6\x2b\xce\x73\x9d\xaa\x2b\xe6\xa4\x31\x70\xa6\x5c\x7e\xf2\xb3\xa5\xf1\xbf\x19\x2a\x7a\x15\xe2\x2a\x39\xa0\xfa\x1e\x30\x4b\xc8\xce\xcd\x77\xcd\x53\x22\x27\x56\x86\xa0\xfb\x65\x96\xac\x5b\xff\xac\x39\xa1\x09\xfa\x88\x9e\x8c\x8e\xed\x14\x8f\x99\x83\xf8\xaf\xbe\xa8\x74\xd3\xd4\x4d\x7d\x93\xe8\x98\x80\x4c\x29\xf2\x0b\x4f\x78\xa4\x0e\xa6\xa5\x80\x01\x3b\xb2\xf8\xb3\xde\xad\x7c\x9e\x50\x20\x07\x18\x01\x01\x49\x0e\xf3\x7c\x9a\x78\xa9\xed\x39\x21\x7d\xf4\x11\xdd\x6a\xbc\x35\x6c\x94\x4c\x74\xe1\x0c\xf1\x4c\x02\x0c\xd0\x33\x00\xf9\x14\x84\xb3\xe7\x65\x7a\x85\xe6\x3b\x41\xc7\x04\xd3\xe3\x37\x9d\xdb\xec\x5d\x8e\xae\x3c\x32\x1e\xd8\x54\xfd\x3c\x5a\xfa\x62\xbc\x8f\xeb\x62\x35\x1d\xfc\x6a\xdd\xf9\xa7\xe9\x0b\x04\xe6\x06\x41\x1a\x11\xcf\x81\xd6\x6d\xc9\xef\x3e\x0a\x99\x1b\x14\xd8\xd7\x98\x80\xe7\x01\x82\xd0\xea\xb3\x9d\x1f\xa7\x78\x27\x80\xce\x69\x5f\x25\x7f\xa0\x45\xd7\xc0\x0d\xdf\xb1\x56\xd6\x7c\xb0\xae\x76\x8a\xfa\x66\x8a\x67\x42\x0a\x19\x9d\x02\x20\xce\x76\x7c\x23\x70\xa7\x26\x7a\x02\x80\x27\x07\xee\x1e\x80\x8e\x46\x91\xc6\x49\x87\x2f\x93\x22\xb8\x7e\x7a\x0a\x2f\xbc\x37\x8f\xb2\xb6\x7d\x93\x4e\x97\xbb\xc2\xcf\xdf\xbb\xe4\x3d\x7f\xc8\x0c\xa6\xb4\xd7\x71\x32\xc2\x63\xdf\x67\x33\xa4\xf8\x71\xe8\xf6\xd0\x00\x40\xdc\x7b\xb0\xbf\x28\xdc\x0d\x95\x99\x97\xf6\x5d\x9e\x26\x84\xa1\xc8\xf8\xe7\xf3\xa4\x9b\x85\x5c\xbc\x76\x88\x61\x4e\x7a\xeb\x1a\xf1\x73\x88\xde\xb5\x49\x22\xb2\xa1\xca\xf3\xcc\xf4\x1d\x02\xf2\x4c\x04\x95\xb4\x7c\x5f\xf2\xb0\x1f\xc0\x07\xcc\x45\x80\x7b\x25\xc8\x99\xf5\x1b\xba\x75\x26\x04\x81\xf3\x58\x96\xd8\xc6\x84\xb3\xef\xd3\xb8\xef\x16\x68\xf7\xdb\x37\xfc\x0c\x9b\xe9\xb1\xa5\x01\x41\x92\xeb\x44\x98\xb0\xa2\xc4\x22\xb5\x9e\x23\xe9\x08\x80\x09\xcb\xed\xf4\x7b\xab\xe5\x1d\x02\x80\x84\x02\xcc\x4d\x63\xf0\xde\x20\x5a\xd5\xb7\x9a\xd5\x0c\x40\xce\x31\xb6\x32\x02\x81\x88\x26\x75\x4d\x9c\x7d\xbd\xeb\xf2\xe0\x1e\xe3\x19\x01\x51\xe2\xf6\x7d\xbf\x55\x2f\x2d\x42\xd6\x09\x10\x5e\xca\x30\x37\x6a\x2f\xc4\xab\x66\xf4\x9f\x73\x7c\x89\x39\x77\x96\xa7\xd2\x4c\xd6\x4c\x10\x9b\xfb\xb4\x1f\xeb\x2f\x97\xe2\xa5\x70\xf1\x4f\x2a\xf5\x3d\x2c\x08\xf2\x18\x6a\x92\x52\x2c\xd9\xe7\x33\xec\xed\xb2\x2c\xdb\x06\xc0\xf3\x49\xd3\xec\xb5\x9b\x27\x3a\xca\xad\xc5\x30\xf7\x9e\x41\x84\xea\x13\x20\x03\xea\xbb\xe2\x77\xfa\x19\xf6\x8f\x85\x00\xa8\xd9\xe2\x95\xed\x5c\x21\x26\x6f\x81\xf6\x23\x66\x07\xf3\x0e\x00\xd3\xee\xe0\x52\xde\x5b\x85\x2d\x9b\x40\xd3\x08\x04\xa4\x28\xb8\x11\x16\x28\xc6\x42\xbd\xc5\x5d\x88\x68\x9c\x0d\x32\x89\xd8\xb5\x5d\xa4\xb9\xf3\xfb\xab\x2d\x0f\x94\x8f\xd8\xcc\x76\x99\xa7\x49\x94\xce\xd5\x9f\x15\xd3\x92\x44\x44\x9f\x8a\xe4\x6a\x98\x01\x30\x66\x1f\xec\xf1\x0e\x16\xba\x11\xbe\xdd\xe2\x6e\x3b\xaf\xdf\x79\x06\xd8\x07\x27\x63\xd9\xfa\xee\x11\x14\xf5\x4a\xf4\x82\xe1\x3a\xe6\x83\x97\x11\xc2\x4d\x75\x07\x2e\x03\x92\x34\x80\x62\xd6\x90\x22\x00\x40\x7d\xdf\xb7\x4c\x2b\xdb\x17\x08\x76\x40\x00\x00\x77\x00\x46\x1f\x30\x21\x09\x78\xd1\x80\xd3\x8a\x93\xf7\x2c\x55\xa6\x84\x0e\xf1\x4c\x2c\x69\xf5\xc4\xd4\xdf\x99\xa3\x22\x2b\xee\x84\xe5\x2e\xa6\x7d\x83\x74\xae\x7b\xbf\x2f\xca\x86\xed\x82\xa1\x96\x89\x1c\xe1\xa0\x41\xf4\x24\x69\xae\xdb\xae\x7d\x92\x37\x9c\x33\x62\xa7\x53\x86\x20\xf6\x9b\x01\x6c\x18\xe4\x5c\x10\x0c\xcf\x9d\xb1\x29\xca\xf9\x56\x4e\x34\xef\x33\x10\xce\x2a\xc4\x99\x74\x5c\xab\xe9\x4d\x68\x76\x0a\x10\xa2\xcf\x01\x3b\x01\x70\xb5\x17\x51\x5a\xa6\xb4\xed\x04\x64\x08\x40\xa2\x4e\xba\x6d\xb9\xe3\x39\xc7\x41\x7e\x1e\x43\xb8\xf9\x2d\x4b\x05\x73\xbb\xc6\x1e\x36\x0b\xdf\x43\xcb\x9b\xd9\x07\x8d\xec\xfe\x03\x91\x94\x27\xed\xa3\x44\x57\x50\xf4\xe3\x3c\xc9\xf9\x13\xf4\x11\x33\x47\xdd\x89\x9a\x96\x9b\xd8\x45\xca\xd3\x4c\x9e\xe8\x5d\xdb\x9e\x24\x93\x75\xe7\x95\xb4\xca\x81\xe6\x33\x04\x35\xa0\x9b\x1b\x20\x34\x03\xa8\x8e\x99\x68\x7d\xd6\x93\x0c\xd7\xea\xe0\x86\x0c\xdb\xf4\x65\x87\x30\x4d\xe8\x3d\x0b\x56\x93\x14\xac\xea\xe4\x60\x98\xcd\xb4\x82\x39\x98\xde\x0c\x33\xd4\x42\xd0\x64\xba\xf0\xe4\x01\x0f\x15\xb9\xb5\x76\x80\x44\x3b\xd8\x76\x41\xaf\xed\xf8\xd6\xc4\x9c\x3a\x6d\xc3\xe0\x0a\x52\xe7\x7b\x75\x99\xa0\x4b\x63\x14\x1a\x13\x1e\xe9\x5f\xe7\xa9\xfe\x6a\x19\x94\x17\x19\x75\xe3\xc4\x95\x28\x12\xac\x35\x47\xee\x83\xf0\x5c\xd3\x14\x3c\x29\x0d\x65\x4f\xab\x67\x26\x7a\xab\x17\x84\xdd\x78\xaf\x5d\x23\x84\x58\xe9\xb0\x33\x9b\xa7\x89\x94\xf8\x76\x03\xd8\x25\x80\x05\x36\x80\x24\x35\x61\xd1\xe5\x4a\xea\xca\x53\x10\xa9\x6b\x1b\x3d\x35\x3b\xcc\x71\xe4\xda\x5c\xab\x73\xae\xce\x73\x52\xc1\x0b\xc2\x45\xc5\xba\x0d\xc8\xd3\x44\xd3\x80\x0d\xa2\x9f\x52\x80\xec\x35\x79\x3a\x40\xf1\xb0\x35\xd8\x01\xe2\xe6\x40\xed\xfc\xbd\xb3\x9b\x13\x03\x97\x76\x17\x28\x34\x6c\x7b\xbf\xed\x25\xe1\x77\x6f\x56\x98\x05\x6d\xd6\x80\xc4\x9f\x78\xd3\x32\x51\x8a\xbd\xff\xf1\x69\x11\xc9\x24\x53\x9a\x3d\xcf\xe1\xa5\x70\x9c\x1f\x2b\x1b\x59\x40\xc8\x3e\xf4\x6e\xa2\xe4\x8d\xbe\x7e\x12\xa4\xfd\x00\x36\x8b\xe4\x46\x75\x88\x6f\x55\x7e\x3e\xc4\x98\x61\xee\xfb\x9e\xf7\x3d\x99\xf7\x74\x9c\xf6\x9e\xb4\x34\x41\xe8\xeb\x63\xf0\x25\x32\xc7\xba\x15\xab\x01\x5d\x5c\xd0\x71\x5d\x2f\x8c\xb7\x6f\x6f\x53\x0c\x8b\x7e\xc1\x9e\x11\x82\x3d\xf6\x5f\x5a\x49\xaa\xef\x36\x6f\x8c\x01\xba\x91\x60\x7a\xa4\x2c\x77\x35\xb5\xd6\x81\x29\x94\x0b\xf8\xfb\x66\xf8\x38\x4d\x50\x35\x27\x07\xf3\x35\x12\x80\x2d\x09\x1a\xf4\x87\xa3\x87\xcd\xaf\xf7\xca\x71\xf4\x28\x40\x76\xfe\x24\xd9\x44\xd3\xe1\xbd\x03\x88\xe4\xb1\x6d\x4a\x2d\xe5\x11\x38\xe3\xde\x14\xa2\x1b\x46\x1e\x47\x13\xcd\xba\xaa\x6d\x26\x9b\xaf\xb4\xe5\x4d\xb1\xe7\x85\x13\xc4\x34\x4d\x53\xd9\xce\xdd\xfb\xe8\x76\x20\x68\x31\x4b\xa8\xb7\x14\x4b\x08\xbd\x61\x63\xe6\xdc\x3d\xa0\xf2\x71\x58\x51\x8a\xbc\xb4\xba\x26\x70\x5a\xd6\x41\x66\xcc\x7f\xdc\xae\x83\x01\x7b\x3a\xa1\x35\xcf\x4c\x4b\x93\x14\x46\xf8\xf3\xb9\xf5\x6e\xb7\xf3\xcc\x4f\x69\xb9\x7b\xfb\x1c\xf1\xcd\x48\xb3\x34\x73\x56\x0d\x82\x37\x3a\x04\xd6\xaf\x2e\x95\xe3\x5e\x97\x5a\x0f\x2b\xc3\xdc\x84\x77\xe0\x11\x7b\x97\xd1\x34\xcd\x3f\xb8\xf5\x66\xbb\x2b\xd6\x68\xf9\x4e\x6e\xd5\x30\x76\x55\xa5\xb6\x2c\x47\x84\xe2\x08\x74\x1e\xe4\x52\xe6\x62\x29\x01\xbe\xe8\x0f\xce\x64\xe2\x8c\x58\x99\x28\x40\x08\x8a\xa2\xe0\xdc\xac\x1e\x93\xb9\x98\xbb\x2f\x75\x01\x61\xa0\x11\x9f\x0f\xb5\x12\x40\x6a\x55\x6a\x75\x7d\xbf\xef\xf1\xce\xcb\xf0\x18\xae\x1b\xf5\xd2\x5c\x9d\x59\xe8\x98\xb9\xc7\x71\x5d\xb7\xed\xc6\xbe\xbc\xfd\xdc\x61\xa2\x94\xac\x00\x21\x49\xed\x67\xa6\x5d\xc1\x71\x37\x49\x5d\x03\x80\x8e\x20\xb8\x53\xdd\x13\xe2\xe2\xf1\xcb\xd1\xdf\x1f\x04\x6e\xa6\xad\x13\xf9\xa6\x6e\xe7\x81\x31\xc4\x8e\x17\x84\xbf\x47\xec\x9b\xae\x03\xd6\x30\x6e\xf9\xba\xe0\x4e\xc4\x52\xcb\x50\x34\xbc\x3c\xeb\x62\x35\xfe\x21\x09\x2e\x9a\x7e\x4e\x0a\x0b\x5d\x7f\xcf\xf3\x09\xf3\x56\xaf\x45\xb9\xcf\xb3\x08\x84\x1d\x24\xc0\xb8\x2a\xe2\x54\xb5\x6d\x05\x40\x12\x00\xfe\xe4\xed\xbd\xec\x5f\x6a\x54\xc7\xcc\x89\x6c\xeb\xbe\x1b\x0c\xbf\x76\x44\x1c\x96\x59\x2f\x32\x48\x25\xf3\xbb\x3f\xcf\x04\x7b\x55\x7b\x96\x42\x0c\xb3\xa8\x64\x53\x02\x21\xcc\x91\xca\x34\x89\x4d\xcd\x8a\xeb\x3a\x3d\x99\x02\x71\x18\xcf\x4c\xc9\x1a\xc1\x12\x59\x85\xf1\xab\x15\x17\xb5\xcf\x00\xf5\x1d\xc0\x00\x0b\x14\x3e\x56\x49\xcf\x0c\xc1\x26\xfa\x46\x9b\xda\xbe\x8b\x5e\xcf\xe0\x16\x48\xb0\xe3\x4c\xba\x03\x6c\x66\x20\xf2\xa7\x56\x0e\x68\x8f\x07\x0e\x37\x64\xf5\x1e\x63\x90\x8a\x46\x37\x82\xd1\xe6\xf9\xbb\x69\x86\x9e\xdb\x5a\xae\x3d\x3a\x47\xc7\x22\xc4\x9e\x77\x10\x4d\xe5\x43\x25\x70\x71\x76\xaf\x1b\xe0\x1a\x46\xb4\xc9\x65\x0c\xc8\x4e\x37\x89\x2e\x40\x84\x49\x37\x02\xe4\x60\x50\xff\x78\xad\x0d\xa0\x6b\xbc\x17\x4d\x6c\xf4\x36\x27\x2c\x11\xad\xd1\xea\xcf\x0c\x33\x0c\xc3\x96\x28\x6d\x2e\x7d\xf4\xf9\x4b\x26\xaa\x01\x36\xb3\x3c\x0e\xca\xf7\xb0\x9d\x29\x31\xc0\xee\xef\x2e\x46\xbe\xcf\xfd\xb7\x1f\xc5\x71\x3a\xac\x53\xc2\x30\x7c\x54\x39\x0e\xc6\x7f\x6b\x10\x64\x00\x10\x1b\x12\x6d\xcb\x2e\x3f\x93\x5b\xbd\xa5\x83\x4d\x3c\xe9\x48\x84\x67\x93\xf1\xe6\x12\x73\xdf\x80\x53\x19\xf5\x16\x6d\xae\x71\xbf\x57\xe7\x14\x1d\xf4\x4e\xcf\x75\x5d\x0d\x45\x0e\xbd\x64\x41\xcf\x82\x1d\xba\xae\xeb\xfe\xb1\x78\xfb\x12\xd8\x6d\xa1\xab\x45\x05\x8b\x9c\xba\x37\x23\xba\x9a\xc2\x30\x34\xbe\xad\x2d\x72\x46\x4c\x82\x68\x02\x36\x9d\x99\x1f\x8a\xc0\xab\xbf\x96\xee\x0b\x55\xf8\x81\x39\xc3\xd6\xc7\xa5\x71\x5f\x54\xb5\xdf\xa7\x7e\xab\x37\x7f\x1c\xdd\xfb\x68\x9a\xa5\x6d\xe4\xd1\xb3\x42\xb7\x75\xdd\x04\xef\xb2\x18\x45\x7a\x98\xcf\x2c\xd8\x67\x1e\x99\x67\x1a\x99\x7c\xad\xa2\xd6\x08\x47\xf6\x89\x5e\xe6\x2b\x96\xde\xe2\x28\x00\xb0\x46\xc4\x81\xf0\x62\xe0\xe4\x2c\x91\x40\x64\x9b\xbd\xb6\xcc\x1c\x55\x0a\xb4\x7f\x9a\x57\xcf\x42\xf8\x10\xfe\x0e\xfa\x95\x21\x69\xb5\x7e\x96\xf8\x29\xef\x79\x06\x5d\x4d\x83\xd4\x83\x4a\xd6\x37\x41\xb7\x36\x84\x27\xe3\xdf\x6d\x2f\xd8\x51\xcc\x7c\x11\x04\x31\x1a\x79\xa7\x10\x7b\x70\xae\x6d\x7a\x00\x96\x92\x7f\xf0\x17\x19\xa5\x8b\xfd\x53\x5f\xd3\x3c\x4b\x79\x79\x80\x56\x30\x39\xff\x0b\x8a\x07\xc7\x59\x92\x84\x9e\x47\x02\x02\xc5\x89\x20\xdc\x87\x88\x46\x00\x9a\xee\xb1\x89\xf8\xca\xd7\x3e\xb2\x1c\xb9\x4f\x89\x1d\x59\x11\x7f\x54\x8d\x5f\x2f\xac\x95\xa8\xd9\xf9\xd8\xaa\x6e\x17\xee\x11\xe3\xcb\x4d\xc3\x37\x40\xe0\x1e\x8e\x94\xcc\xab\x38\x7f\xf7\x47\xde\xea\xea\xc7\x63\x03\x3c\xcf\xe7\xfb\xfe\x7d\x52\x0c\x39\x79\x1f\xed\xc6\x3e\x6f\xfb\x66\x30\xa8\x9f\x4b\xc3\x4d\x89\xb1\x62\xf9\x5d\x62\xdd\xb5\xe4\x24\x62\x54\xf7\x7d\x63\x3b\xf5\xfc\xec\xfb\xd6\xf3\xef\xbe\x78\x28\xc2\x43\xff\x8d\x61\xed\xb3\xed\xfa\x87\xee\x59\xd8\xe3\x3a\xff\x3a\x32\xae\xb6\xc1\xe5\x80\x49\x6e\x99\x04\x4d\x75\x10\xe4\xb4\xfc\xd6\x93\x3b\x02\xc0\x50\xa4\x86\x21\x9c\x21\xf8\xb6\x0d\xdb\x09\x42\x4f\xa2\xad\x33\xc4\xe9\x62\x79\xd4\x16\x2a\x0a\xd6\x0a\x94\xfb\xa1\x7f\x67\x9f\xef\xd8\xd6\x74\x94\x63\x18\x90\x5e\x2f\x35\xd3\xfd\x79\xa1\xdc\x34\x1b\x73\xb9\x9d\x7a\x58\x90\x52\x6e\x18\xef\x25\xbd\x97\xb2\x83\x4e\x92\x65\xd7\x11\x84\x5c\x0a\xa3\x54\xc2\x40\x94\x00\x04\xf4\x01\xa2\x94\xa5\x89\x7d\x1d\x2a\x20\x8d\x3c\xe0\xe4\xe1\xb2\x7e\xb1\x6b\x35\xbd\x98\x09\xa8\xf0\x43\xa3\x18\x3b\x14\x7b\xec\x33\x14\xad\x7d\x6a\x57\x61\xd0\x52\x35\xca\xfe\xbe\x51\xeb\x15\x72\x27\x42\xe4\xef\xa1\x7d\x0b\xc4\x3d\x90\xfe\x97\xb6\xad\x56\xbe\xa9\x68\xf5\x0e\x80\x0a\x9c\x7d\x55\x5a\xba\x6f\x32\x3d\x4d\xc3\xfc\xff\xbf\x7f\x33\x70\x1c\x67\xb0\x2c\xc6\x78\x61\xe7\x4f\x89\xa2\x83\x6e\x9c\x2a\x76\x72\x9a\x86\x6d\x58\xa0\x96\xf5\xe0\xbe\x44\x67\xbe\x53\x52\xe7\xbe\x0a\xc1\x50\x9c\xe0\x0c\xaa\x95\x32\x19\x05\x41\x10\xea\xa6\x89\x9f\x53\xd4\xdf\xbb\xeb\xa6\x56\x16\x7e\xa7\x7f\xfd\x42\x85\x80\xc9\x03\x86\xd9\xab\x42\x7a\x77\xbc\x60\xbf\xbd\x0a\x02\x40\x1e\x29\xe5\x76\xc9\x98\x65\xf3\xe8\x03\x2b\xd5\x1b\x27\x25\x96\x5e\xf7\xe3\x8d\x88\x35\x4c\x16\x9c\x99\x3f\x55\xfb\xfd\x3d\x58\xd0\x2c\x68\x04\xef\xef\xc7\x4e\x55\x04\xd9\xde\x4c\xad\x9c\xdf\xc7\x11\xfc\x62\xc0\x8f\x8a\x5f\x75\x41\x73\x02\x28\x70\xd5\xee\x29\xf2\xad\x1a\xe1\x2d\x86\x55\xcb\xbe\xfc\xbe\xc7\x56\x17\x67\x20\xf6\x12\x5e\xc4\xde\xe1\x59\x62\x08\xf5\xf8\x16\x9c\xf1\x21\x3d\x65\x0a\xb0\x89\x71\x76\xd2\x29\x1e\x90\x46\x49\x94\xf8\xf3\x8f\x15\xfa\xcb\x51\x8d\x5f\x3f\xcf\x93\xf0\xe3\xf9\x8f\xfd\xbc\x13\x64\x4b\x04\x76\xec\x0d\x01\x98\xac\x8d\x3e\xed\x1c\x33\xe2\xdd\x60\xb8\xf1\x0c\xb3\xe1\x20\x0e\x16\xee\x85\xfd\x20\x75\x0e\x53\x05\xc7\x99\x7a\xe7\x71\xb0\x88\xc6\x39\x30\xce\xcc\xe7\xc6\x6c\xb4\xd2\x42\xc0\x27\xae\x10\x59\xea\x2f\xe7\x6d\x68\x71\x48\x21\x42\x39\xae\xeb\x8a\x07\xa0\xb1\x76\x67\xaa\x4f\xa8\xcd\x71\x46\x30\x64\x97\x83\xe0\xa0\xef\x8f\x3a\xb5\x39\x73\x3e\x6e\x24\x1c\x8d\x0e\x89\x3c\xef\xc6\x93\x24\xcb\x69\x09\x04\x2a\x27\x16\xc4\x04\x89\x01\xb2\xc8\x5b\x75\x84\xcb\xfb\xd5\xda\x3b\xbc\x85\xad\xb6\x43\x10\x84\x55\x1f\xdf\x14\xc2\xd8\xf7\x7d\x62\x87\x69\x30\xee\xe6\x8e\x72\x8f\x1b\x22\xec\x2b\x1f\xb5\x37\x76\x25\xe5\x4b\x32\x75\x06\x92\x3e\x7e\x2f\x8c\xee\x1c\xbd\x89\xfa\x39\x18\x6f\x82\x42\x58\xed\x59\x8a\x07\x9c\x56\x77\x20\xf2\xcd\xe6\xec\x29\xb3\x91\xc9\x68\x7e\x67\xb5\xe2\xbc\xb3\xbb\xe7\xcf\xee\x75\x12\xfa\x8b\x33\x76\xf0\xaa\x7e\xa0\x14\xda\x9f\xb7\xe7\x92\xa1\x6e\x0a\xf0\x46\xbe\xf6\x2b\x18\xcd\x88\xea\x42\xd2\x20\x80\xf1\x42\x9c\x57\xf9\x96\x9d\xf3\x8d\x01\xaf\xef\x77\xe6\x43\xcc\x39\xce\xfb\x77\x12\xd1\x08\xb5\x4d\xf8\xda\xe6\x53\x2d\xfc\xf6\x54\x5f\x6f\x56\x7a\x1b\x04\xf6\x69\x91\x8f\x51\xe4\xbb\xa0\x84\x44\xbc\x93\x5f\xde\x18\xeb\x37\x62\xec\x0c\x87\x20\xb4\x71\x22\xba\x13\x74\x7c\x37\x4e\x21\xc8\x34\x00\x51\xaf\x72\x9c\xb1\xfe\x24\x2c\x02\x16\xde\xe8\x95\x41\x35\xf0\x55\xc8\xf6\x8d\xa7\x21\xf6\x61\xdb\x47\xff\xbb\xd7\xf4\xe6\x0f\x1c\xbf\x12\x24\x9f\xb3\x2e\xfa\x06\x39\xa4\x13\x90\x41\x85\x44\x1e\x8d\xa2\x72\xe2\xc5\x0e\x1a\x93\xa3\x15\xde\xd1\xd9\xc9\xe6\xef\x9c\x30\x76\x2e\xe1\x4a\x55\xfe\x5a\x3d\x0d\x86\xfb\xbe\x19\xe2\x1c\xa3\xf5\x59\x02\x9f\x01\x46\x9a\xa7\x29\x6f\x85\x72\xf0\x18\xbf\xd2\x6f\x2e\x7a\x95\x53\xd4\x0d\x08\x54\xdf\x06\x2f\x80\x44\xa2\x20\x9d\x2d\xbb\x37\xa7\x66\x1e\x3e\x74\xae\x00\x39\xcb\x2a\x94\x58\x0a\x2f\xf6\xa1\xc6\xfc\x39\x43\x70\x33\x04\x2a\x96\x59\x38\x6f\xab\x61\xec\x3e\xda\x4e\x44\xcc\x71\xf4\x36\x54\x45\x8e\xc0\x32\xe5\x86\x8c\x93\x1d\x8e\x6a\x14\x70\xb5\x11\xfc\x3e\xff\x79\x1e\x51\x1f\xa7\xe8\xd4\x25\x53\x00\xa0\x50\x05\xc1\xf0\x19\xb6\x7c\x99\xd2\x6c\xa1\xab\x2d\xf2\x0f\xa4\xa1\xd3\x6d\x83\x82\x81\x92\xcd\x7b\xb4\x2a\x87\x97\x4f\x4f\x05\xcf\x2f\x86\xa5\xbd\x43\x5b\x8e\xf1\x69\x16\xd8\xf4\xf9\x3e\xdd\x86\xbf\xe7\xea\xce\x7c\x53\xe2\x3e\x1e\x7f\x7e\x7e\x3c\xaf\x62\xfe\xab\xbd\x78\x28\x4f\x62\x65\x72\x94\x7b\x60\x9a\x8d\x1e\x41\xbe\x32\xd9\xae\x50\x1f\x31\x55\x2c\x02\xc5\xca\x87\x2c\x26\xba\x00\x18\xe9\x7b\x20\xbd\x53\xb5\xb2\xe3\x56\x92\xa9\x4b\x8f\x9b\x15\xf0\xb5\x8d\x8c\x13\x55\xb1\x53\xfa\xc8\xa3\x49\x21\x94\xc6\x67\x05\x99\xa9\x06\xb0\x5c\x17\x3b\x91\xdb\x76\x7d\xf5\x70\x06\xed\x07\xa3\x63\xdf\x7f\x3c\xf3\x5e\x4e\xc6\xdd\x48\x9f\x01\xe4\x66\xed\x66\x34\x78\xc1\x9f\x79\x36\x43\x34\xc1\xa0\xe5\x49\x9e\xd5\xa2\xe8\x88\x78\x05\xe0\xea\xb2\x5c\x54\xca\xc8\x18\xa7\x96\x88\xd3\x5b\x6c\xbb\xcf\xf3\x27\x77\x22\x27\x24\x13\xbe\x1c\x70\xa3\xe4\x56\x26\x23\xf2\x7c\x04\x79\x30\x31\xc5\x55\x72\xbf\xf5\xe8\xf9\xd1\xec\xf7\xc9\x42\x02\x22\x6f\x71\xff\xd4\x1c\x40\xd1\xca\x55\xf2\x2d\xb3\x05\x22\xa3\x7c\xf5\x7c\xbd\x13\x14\xf6\x02\x37\xaf\x1b\xee\x04\xf3\x47\x6a\x76\x1b\xc1\x71\x04\x32\x9a\xa4\xc8\x8e\x7b\xd6\x01\x6e\x10\x00\xd4\x4f\x3c\xec\xaa\xf5\xe1\xef\xd3\x74\xb1\xbb\x9e\x23\x37\xce\x10\x09\xb9\x0c\xcf\x6b\x2f\xb2\xdf\x79\xd7\x09\xf3\x18\x23\xf2\xac\x16\xe8\xdc\x8e\x32\xd5\xf0\x5d\xa1\x04\x88\x2d\x18\x58\x18\x7b\xec\xb2\x7c\xde\xce\xdf\x9a\xaa\x0b\x77\x2b\xcb\xdf\xf3\x3e\x33\x7f\x8e\x99\x9e\x92\xa6\xdd\xb5\xaa\x4e\x26\xd7\xfa\x24\x49\x96\x45\xda\x82\xf5\x87\x6f\x87\x5c\xb4\x4f\x13\x3a\x80\xcc\xf6\xfc\x8a\xcf\xf0\x2b\x34\xbf\x9e\xfd\x15\xbf\xef\x1e\x58\xb2\x1c\x91\x7b\x33\xef\x5d\xd7\xf5\x5d\x8e\x00\x43\x41\xaf\xfe\x8c\x8b\x1e\xc7\x05\x3f\xf1\x55\x7c\x0f\x68\xd8\xef\xd3\x7a\x0d\x3a\xb6\x72\x76\xfe\x83\x0b\x56\xb8\x6a\x72\x70\x35\x34\x18\xe6\x99\x61\x70\x74\x8b\xfc\x8a\xf0\x4a\x04\xb9\x7a\x40\x03\xfe\x9c\x5c\xf5\xa9\x0e\xde\xaf\xa7\x10\x5f\xec\x3b\x50\xa6\xb1\x4c\x73\x79\x8d\xcd\x1f\xac\x0a\x12\xf4\x27\x45\x29\x6a\xa9\x95\xb5\x44\x67\x05\x0a\x58\x46\xcf\xa5\x50\x11\x8b\x19\x89\x2e\xc9\xa3\x92\x7d\x46\x1c\xba\x56\xdd\x24\x86\xf4\x2c\xec\xa7\xbf\x82\x9a\xf5\x6f\x36\x20\x12\x4c\xa9\x9c\x55\x73\x8a\x9f\x77\xc2\x56\x21\x9b\xe9\xfd\xd5\xc8\xef\x8c\xf0\x26\x8c\x20\x18\xf7\xa4\x82\xc1\xb5\x1f\xb6\xcc\xff\xed\xa1\xbd\x9f\xa8\x41\x80\x6b\x32\x51\x26\x3d\xfd\x99\x56\x31\xcd\xf6\xd3\x0d\x88\xb5\x41\xe1\x6a\xf5\x69\x9d\xae\x21\x7a\xa4\x74\xb0\x78\xed\xc8\x99\x51\x57\x84\xde\x15\x7f\xeb\x26\xc1\xa2\x43\xd9\x80\xed\x19\x26\xe0\x4b\x0e\xb1\xbf\x54\x77\x9e\xec\x9a\x46\x5f\x08\xd3\xbe\x13\x4c\x99\xe3\xb2\x09\x79\x41\x20\x5a\x34\xe9\xe5\xc9\x7b\xe8\xe4\x2f\x26\x37\xf5\xa7\xfa\x2f\xa7\xfb\xf6\x11\x33\x73\x37\xb8\x68\x91\xcf\x0a\xd6\x89\x0a\x0d\xdb\x00\x7c\x08\x04\x03\x27\xca\x99\xbb\x60\xe4\xd5\x3a\x60\x01\xb2\xd6\xb5\x78\xe9\xf5\xd3\x07\x2d\xdf\x80\x83\xa3\x21\x73\x57\x93\xfb\xdd\xc7\x33\x9b\xe6\x29\xa3\xe1\xaa\xea\x61\xd0\x27\x0b\x6d\xf4\xb7\x50\x22\x15\xb6\xf4\xb5\xbf\x72\x19\x1e\x6b\x04\x4a\x0e\x5b\x68\x2b\x61\x10\x10\x75\xbe\xa6\x79\x92\x18\x28\x4f\x15\xf2\x77\x07\xb2\x3b\x63\x8f\xbf\xba\x38\x51\x7a\xb7\xd1\x3e\x5f\xcc\x4e\xc0\x22\xeb\x27\x5a\x7e\x68\xe2\x08\x55\x68\x7c\xff\xf8\x0b\x44\x78\x3b\xb8\xa6\xf7\xe1\x5f\x4d\xed\x43\x3b\x25\x18\xe1\x26\x1b\x27\x7b\x1d\xe9\xb3\xda\x05\xb2\x89\x72\x95\x0e\x9a\x9d\x45\xe9\x60\x6f\x55\xff\xba\x54\x72\x0e\x3b\x4d\x0f\x0e\x92\xd0\x6d\x0f\x83\x34\x06\xb5\xd4\x77\xdb\xd0\x73\x7b\xd9\xfb\x7c\xbe\x07\x9f\x03\xe5\x10\xef\x95\x60\xaa\xb9\x1a\x57\x5f\x51\x66\xa2\xc1\xda\x75\x0b\x2b\xf2\xf1\x02\xfb\x3f\x1a\xdf\x67\xd7\x38\x47\xc7\x30\x3d\xb1\x0f\xc2\xf3\xb0\x64\x7d\x88\x94\x57\xce\x26\x82\x01\x6b\x0f\x5b\x46\xf4\xa3\xda\x0b\xa3\xdf\x46\x4f\xcc\x34\xae\x08\x75\x45\x0c\xce\x7a\x11\x48\x78\xe7\xac\xd3\x1a\xd6\x38\x51\xee\x0d\x39\xab\x47\x2e\x12\xdd\xeb\xda\x9f\x95\x8d\x1c\xd7\xff\xa3\xea\xba\x76\xdd\xe6\x99\xed\x03\xe9\x42\xbd\x5d\xaa\xf7\xde\x75\xa7\x2e\x59\xbd\x59\xe5\xe9\x0f\x92\x2f\xd9\xf9\x8f\x01\x23\x31\xe0\x4d\x8a\xe6\x70\xca\x9a\xe1\x9a\xef\x79\x88\xe7\x81\x5a\x84\xb8\xfb\xd5\x37\x02\x69\xea\x18\xa6\x84\x14\x31\xa1\xa8\xae\xec\x8c\xb5\x13\x00\x33\xcf\xa6\x8a\x84\x21\xff\xdd\xbb\x95\xb4\x1b\x61\xc0\xf3\x1b\xd1\x7d\xaa\x79\xd8\x45\x7e\x30\xdb\xad\xcb\x5f\x72\xf0\x4b\x17\x4b\x61\x7f\xc5\x65\x85\xe6\x31\xfd\x42\xd8\xfe\x15\xab\xc5\x9d\xd8\x0a\x99\xb3\x63\x72\xd0\xca\xae\x8a\x33\x7c\xc2\x0d\xfc\xe2\xe5\x39\x26\x57\xb0\xd0\xa7\x7a\x03\x26\x00\x02\x08\xba\x85\x1d\x30\xd9\x06\x22\xd3\xb6\x0f\x41\x14\x40\xd7\xfe\x2d\x3c\x95\x6e\x61\xef\xb9\xad\xb8\x5d\xdb\xf7\xb9\xd2\xb1\xf6\x61\xd8\xf7\xc7\x07\x95\x12\xef\x13\x64\xbf\x2c\x87\x7d\x53\xb9\xd4\x7d\x76\xe3\xa0\x0f\x18\x20\x10\x74\x1b\x16\xd1\x05\x35\x51\x62\xa1\x1c\x00\x27\x7b\x02\xe6\x5a\xe2\xf9\xbd\x53\xd7\x02\x3c\x14\xf3\x0b\xfa\x09\xf6\x64\x07\x62\x66\xfe\x83\x12\x37\xf8\xa2\xa2\x5c\x58\x1a\x5e\xa2\xdf\x2f\x08\x21\x1f\xaa\xe6\xb9\xf4\xd9\x72\x3e\x23\xf3\xfa\x8b\xf8\x1e\x7d\xfa\x6b\xe8\xdd\x2e\xac\xe2\xa4\x3a\x4c\xe0\x2b\xdc\x88\x9b\xa6\x83\xc6\x18\xd4\x0f\x07\xe2\x28\x5c\x84\xfc\x05\x01\xbe\x7a\x8a\x51\xc5\x76\xa0\xdf\xf2\x68\x38\x8e\xf3\x9b\x45\xc8\xb1\xa4\xea\x98\x95\x89\x6e\xe7\x1e\xbe\xd4\x35\xaa\x0b\x9f\xf1\x0d\x88\xcf\xd6\xf5\x40\xe5\x94\x22\x00\x41\x09\x2d\x77\x5a\x1d\x6e\x23\x42\xd8\xea\x16\x75\x1f\xc8\xf7\x0f\xe9\xfc\x9e\xf5\xa6\x69\x0f\x31\x71\x20\x48\x4d\xfe\x9b\x02\xd4\x31\x4d\x2d\x74\xd0\x1d\x44\x77\x54\xec\xa1\x47\x8e\xac\x25\x88\xb3\xb2\x21\x4f\xca\xbf\xb8\xc8\x5e\x45\x87\x50\x71\x92\xbc\xcf\x7a\xe4\x3e\x00\x49\x47\xbf\x1c\xcf\x81\x20\xc8\xba\x50\x51\x9f\x88\xdc\x4a\xef\xb8\xfc\xad\xc8\xe4\xac\xce\xe1\x4d\xcf\x0f\x14\x76\x6e\xda\x6f\xe0\x0c\x9c\xd5\x06\xca\xc6\xb8\xe2\xd0\x7b\xd3\x05\x05\xac\x77\x3e\xc9\x52\x00\xcb\xed\x17\x88\xc6\x11\xce\xf6\xd9\x44\xb5\x13\xef\xb2\x69\x22\xcf\xf3\xb7\x9f\x39\xef\xd7\xc8\xff\x3a\x33\x20\x5d\x0c\xf6\xaa\x6d\xda\x97\xe1\xa7\xad\x21\x7f\xf8\x7b\x8d\x6b\x95\x2f\x10\x7c\x1b\x74\x9f\xd8\xb2\x15\xf3\x4d\x4c\x48\x39\x27\xcd\xb0\x02\x69\x50\x87\x87\x5b\x00\xbf\x29\x72\x12\x50\x65\xc9\xbf\xce\x71\x7f\x88\x28\xa4\xe7\xa1\xff\xa5\xd6\xe2\xa8\x0d\xb8\x86\xd3\xd1\xb6\x36\x04\x20\xcc\x14\x0a\xb7\x4e\x94\x32\xe8\xab\xf3\x7e\xb9\x67\xd2\xb2\xe3\xcc\x0d\x9e\x50\xd3\x53\xe7\xb2\x6d\x24\x80\x27\x50\x41\x4c\xae\xd8\xda\xc6\x4e\x58\x1f\x12\xef\x12\xe0\x2e\xee\x0b\xd3\xff\x71\x09\x2e\x4b\x69\x2f\xf1\x4b\x92\xa0\x8e\xd3\x00\xa0\xde\x41\xba\x68\x27\x8d\x9c\x19\x41\x00\xc0\xa1\xea\xf0\x22\xf2\x53\x2c\x43\x84\x2e\xc4\x26\x42\x55\x52\x3b\x47\x29\xff\xd4\xdf\x5a\x1f\x8e\x73\xbe\x85\x3b\xbe\xf6\x12\xdd\x68\x30\x41\xb9\xf7\xa4\xde\x31\x28\x61\x04\xc0\xb6\x55\x6a\x9b\xd0\xa4\xfd\xee\x8a\x2a\x10\x31\xf5\xf2\x44\x72\x88\x1a\x03\x4c\x31\x9e\xca\xbe\xe3\xa9\x2e\x81\x87\x20\x71\x49\x1d\xd9\xb7\xf9\xfe\xf3\x97\x86\x03\xcd\x89\xcf\x17\xa5\x9a\x9e\x1a\x0b\x5b\xee\x3b\x71\x3e\x55\xe3\xe5\xec\x1b\xb5\x0f\xb3\x02\x68\x80\x47\xbf\x5a\x55\xd1\xb8\xbe\x9e\xf2\x7b\x00\xa0\x1a\xc6\xf1\xe7\x5b\xa2\x0f\x18\x5c\xec\x46\x41\x30\x80\xa5\x8b\xd1\x8f\x9e\x61\x48\x29\x71\x00\x66\xae\x9b\xd8\x0c\xc2\x67\xac\x9f\x04\x40\x03\x1b\xac\x0f\xdd\xb5\xe0\xcf\xe1\x99\xec\x56\x1e\x5f\xd4\xd4\xc3\x13\x55\x5d\x45\x2d\x82\x7c\xa0\xeb\x35\x1b\xf1\x7d\xf0\xf2\x85\x02\xb3\xd0\xfc\x04\x47\x6a\x29\x1c\xfa\x53\xab\xa4\x7e\xec\xa7\x24\x80\x29\xff\x22\xaf\x0d\xe1\x23\x85\x22\xf4\x37\x95\x94\x51\x6a\xdd\xb3\x85\xac\x8e\xa0\x71\x55\xd7\x61\x18\x1c\xcb\xed\xab\x67\xe3\xe6\x11\xb5\x9b\x03\x60\xfa\x45\xf2\x05\xce\xa5\xbb\x78\x59\xb9\x3a\x23\x92\x44\xd6\x68\xf2\x45\xd9\xa8\xc8\xb2\xa8\x10\xbd\x30\x05\x1a\xcc\x23\xfc\xac\x4e\x20\x0c\xd1\x14\x2e\x83\xd5\x0b\xc5\x7c\x02\x2d\xbf\xc7\xd5\xec\x40\xc0\x7c\x47\xd3\x43\x5b\x92\x20\x8b\x84\x50\x9c\x6d\x39\xe6\x63\x36\x08\x73\x74\x69\x1b\xe8\x14\x31\x5a\x65\x0c\xfc\x27\x4f\x63\xa8\xc3\x65\xd9\x2f\xb5\xec\xe8\x42\x4b\x40\xa7\x89\x68\xec\xe3\xe8\xca\x5d\x19\x3f\x37\x70\x38\x9c\x11\x9c\xc1\xd9\x37\x46\xe9\xd4\x41\x61\xfa\x29\x68\x5d\x63\xfd\xec\x88\xbf\x36\xfd\x29\xd1\xd6\x30\xdb\xbe\xa8\x97\x12\xf2\x41\x5a\x49\x27\x51\x3a\x24\x4a\x9e\x2b\x39\x43\x41\x28\xcf\x36\x3f\x2e\xb2\x50\x0c\xc3\x78\x92\x71\x3c\xfa\xc6\x9b\x9e\xa7\xb9\x16\xd2\xd7\x79\x12\xf5\xa6\xa1\x25\x7d\x22\x64\x52\xd9\x32\x1b\x3e\xca\xba\xd9\x44\x7c\xf8\x61\x38\xe0\x68\x1c\xc7\x83\x59\xd1\x1c\xc2\x54\xff\xf4\x5a\xd6\x11\xe0\xaa\x8f\x30\x90\x8e\xcb\x02\x00\x24\x65\xf3\xb6\x6b\xfb\x10\xa0\x5b\xd5\x4b\x00\xdb\xa2\xc3\x2b\xb4\x3d\x25\x73\x8d\x14\x54\xd9\x28\xde\xc1\x00\x59\xb6\x18\x55\xbc\x51\xf6\x2e\xed\xe7\x7d\xbd\x2f\x1a\x97\xf0\x1d\x59\xdd\x4a\x1c\x2a\x98\x93\xf8\xa2\x5b\xce\x4b\x84\x63\xbb\x9e\xdb\x1a\x7a\xdf\x78\xcb\x4f\x4c\x65\xc1\x46\x72\x56\xb1\x3c\xc1\xf4\x44\xbf\xe8\xd4\x0d\xae\xfe\xb6\x70\x19\x07\xb0\x59\xd5\x38\x6e\x48\xeb\x50\x1c\xb1\x6e\xd1\xa3\xec\xc8\xd6\x4f\x7f\x21\x9e\xf3\x99\x17\x91\xf9\x16\x27\x6e\xc4\x7d\x2b\xb9\xc5\x6a\xf1\x2d\x96\x07\x58\xd7\x6d\x79\xf0\x64\x86\x57\x38\x83\x8f\x3c\xd6\xf6\xf1\x45\x4e\xb7\xa9\x24\x7f\xb8\x66\xa9\xfe\xe5\x73\x09\xa8\x3e\x80\x49\x9c\xc0\x74\x54\xa0\xa0\xa1\x2d\x6a\x12\x94\x58\x86\xfb\xb9\x0f\x96\x15\xd4\xab\x5f\x49\xdc\xb2\x75\xfe\x46\xdb\x81\xc0\xc5\x1c\x8a\x6e\x10\xa6\x5f\x3a\xed\xf7\xa9\xef\x3d\x53\xa6\x6f\x0a\x2b\x2c\x7f\x36\x22\xf1\xcb\x06\xa3\x77\x48\xbe\xda\xf7\x5c\x43\x6d\x2f\xb8\x95\xe1\x8a\xc6\x7c\x69\x3a\xf2\xfb\x5e\xa1\xf3\xc8\x85\xf9\xc3\x1d\xc4\x5d\xe3\x42\x24\x48\x8e\x62\x70\x45\xc9\x75\xca\x15\xa3\x3a\x67\x72\x7b\xf9\x60\x5e\xd6\xed\xae\xd1\xc9\x77\x7a\xc3\x67\x89\x8e\xcd\x43\x46\x8e\x5a\x64\x17\x2a\x6c\x9a\xbd\x28\xc8\x34\x5e\xc3\x17\x17\x74\xb2\x97\x6e\x4b\x3f\x07\x01\x56\x0a\x90\x27\x7d\x3b\x0d\x04\x7e\x9c\x1c\x15\x1f\x4b\xed\x8f\x71\xae\xf5\x49\x19\x6b\x43\x76\x44\xdb\x97\x27\xc1\x2a\xc9\x2a\x6f\x0d\xad\x69\x83\x10\x1b\xe3\x59\x0c\xab\xac\x27\xcd\x5a\x50\x7c\x23\x0d\x8d\xf0\x33\x1d\x3f\x54\x49\x36\x19\x78\x9f\x26\x84\xa2\x79\xd7\xb2\x16\x69\x33\x49\xf8\x53\xdf\x62\x28\xe5\x6e\x7e\xbf\x14\xf7\x50\xa2\x43\x88\x28\x58\x6c\x29\x26\xbd\x20\x51\x5a\x23\x61\x87\xed\x41\x7f\x33\xe4\x37\x0b\xcb\x4c\x0c\x68\x88\x7d\x43\xbc\xbd\xf1\xc1\x50\x7b\xa0\x22\x79\x98\x20\xcd\xee\xc6\xa8\x5f\xfe\x4c\xaa\x63\xb2\xe7\x6d\x65\x0f\x22\x35\xbb\x5f\x5c\xd8\xad\xa0\x6f\xba\x70\x06\x54\x72\x3b\xac\x39\xe1\x66\xc8\xba\x0e\x68\x08\x95\x1c\x9e\xc3\xc7\x5b\xa8\xb2\xaa\x59\x2f\x76\x17\xd5\x9b\x50\x95\x2d\x7f\xc0\x1a\x99\xfc\x8d\xcc\x9c\x9a\x0b\x5a\x6f\x38\xf2\xd8\xc4\x62\x8e\x22\xe0\x12\xd1\xcf\x13\xcb\x2c\x78\x85\x5b\xb7\xf9\xa9\xfb\x34\x98\x02\x3d\x16\x10\x33\x3a\x37\x01\x6d\x0a\x1b\x1b\x08\x39\xea\x38\xc3\x96\x80\xc0\xde\x6c\x5c\xb6\x08\x5e\xf2\xff\xda\x4c\xf6\x89\xbb\x7f\x55\x41\x39\xe4\xda\x46\x39\xe2\x0b\x82\x01\x51\x5a\x93\xbf\xa0\x56\xca\x2b\x43\xd9\x67\x47\xd6\x7e\x30\x44\x0b\x73\x97\x3d\x42\x4b\x92\x41\xa4\x39\x51\xd5\x37\xb5\x27\x07\x3e\x66\x80\xe4\x16\x20\x6b\x79\xcd\xa2\xbf\x4b\xcd\x84\x41\x70\x42\x2f\x1f\xf1\x3d\x23\xce\x3d\x5c\x8a\x06\xdc\x57\x72\xeb\x61\xf3\x77\x1f\x5d\xf2\x04\xbf\x36\x2a\x3f\x8b\x3e\x9d\x0c\x3d\x1d\xf4\x92\x45\x61\x8f\xfa\xf8\xd7\x16\xfb\xce\x2d\x4b\x00\x0d\xc3\x30\x0a\x75\xee\x64\x7e\x38\x6f\x24\x46\xa3\x80\x71\x2f\x66\x3c\xd0\x8e\x38\x87\xef\xd3\xbe\x8b\x17\xa3\xc0\x85\x42\x7f\xad\xa1\x0b\x4c\x3e\x38\x23\xd3\xf4\x43\xf8\xd8\x0e\x77\xf3\x33\x4f\xab\x7d\xe1\x36\xfc\x06\xb2\x79\x07\x32\x79\xd0\xf9\x15\x59\x5b\x1f\xd5\xa5\xb2\xda\x22\x32\xf1\xde\xb7\xdb\x9a\x3d\x0a\xb4\x50\xf8\x44\xe7\xec\x01\x50\x93\x6c\xf6\xe7\x82\x4c\x3a\x40\xcc\xcf\x2f\xa5\xe4\x40\x26\x9d\x88\xcc\x25\xad\xb0\x34\xf1\x45\xc1\x37\x94\xcd\x5f\x8f\xc9\x5f\x94\xc5\xb7\xd8\xb9\x51\xa0\x30\x8f\xd9\x1e\xcf\xd5\x87\xac\xf0\xd3\x1f\xa7\x6e\x9a\x0a\x72\x39\xce\x73\xc0\x90\xc5\xe8\x18\xec\x87\xaf\x99\xeb\x46\x94\x9e\x86\xbc\x04\x31\x60\xf2\x17\xcc\x64\x21\xb0\xe0\xa9\x78\xa6\xe1\x30\xfc\xed\xab\x36\x01\xd7\x18\x2d\x7f\x01\xdb\x05\x6c\x74\xbd\x94\xc2\xea\x1d\x3a\x13\xfb\x9c\xe3\xed\x94\xd8\x14\x7c\x82\x19\xef\xfe\x5a\xbf\x8b\x54\x7a\xdc\xfe\x08\xb7\xe9\x47\xe1\x9b\xa6\xb1\x77\x30\xc5\x68\x77\xf4\x0a\x53\x5e\xfa\xbe\x1f\xa5\xa2\x50\xf3\x00\x0a\x38\x0b\x9e\x9a\xfa\xea\xfb\x70\xff\x9a\xa5\x0c\xdd\x40\x61\xb9\x79\xd3\x40\x08\x40\xe9\x0b\xdf\x88\x6d\x6d\x56\xaa\xed\x83\xb6\x37\xdb\xae\x98\x52\xa4\xfc\xcd\xc6\xa6\xfe\x72\xa8\x9a\x42\xba\x01\x7b\xac\x6d\x00\x29\xc7\x75\x5d\xe7\xfc\x97\x1d\xa6\x14\x18\x8a\x1c\x79\xfc\xd7\x67\xc9\x45\x31\x8b\x6b\x9b\xab\xb0\x75\xf0\x93\xbb\x50\x26\xfd\xf2\x0f\xbd\x95\xda\xc3\xf5\x1b\x92\x71\x86\x4f\x1c\x91\xa3\x55\x76\x21\x08\x84\x8c\x44\xba\x74\xab\x9a\x6c\x65\x86\x4f\x99\x47\x6c\xe7\x49\x4c\xfd\x3a\x04\xeb\x10\x28\x8b\xa8\xa8\xac\x7e\x57\x9c\x92\x75\x58\xca\x61\xa1\xb3\xde\x71\x0f\xe3\xb7\x15\x7f\x73\xa9\xab\x07\xce\xb9\xca\x07\x04\x73\x58\x76\xdb\x35\x19\xe4\xb2\x3b\xe8\x6f\xa1\x6f\x75\x99\xc4\x75\x42\xfa\x19\x19\x87\x76\x78\xc6\x66\xd5\xaf\x1e\x5e\x41\x71\x9a\xf3\x59\xfe\x7a\x99\xff\x44\xce\x3a\x04\xf3\x98\x80\x22\xa6\xb3\x99\xee\x72\x9a\xeb\xe9\x3e\x24\x7c\x58\xb5\x5f\x92\x3d\x72\x67\x85\x65\x73\x8a\xf4\xcb\xbd\x12\x69\xb1\x4d\xc1\x97\x1b\x23\xeb\x87\x88\x5d\x77\x1d\xcd\xf6\x29\xee\xa1\x07\x6a\xfa\x26\xf8\xf9\xee\xbe\x4c\x83\xdf\x67\xac\x10\x66\xe4\xc3\x7c\xe1\x6a\xf2\x6d\xad\x72\xc8\x40\xd9\xfa\x94\x84\x3e\xb2\x08\x40\x7d\xee\x89\xad\xb5\x6e\x45\x8e\xb7\xc0\x26\x87\xa0\xd0\xd1\xe5\x36\x10\x6c\xdb\xf3\xec\x89\x66\x7c\xda\xe3\x68\xff\xf0\x04\x3b\xc7\x89\x57\x08\x35\x92\xf0\x9b\xe3\xa0\x89\x96\xdc\xf3\x22\xd1\x1b\x08\x40\x95\x7c\xe4\x56\x20\xec\xea\x88\x9e\xd7\xa6\xb5\x7b\xb0\x3e\x4c\xed\xaf\xe5\x86\xe4\xba\x65\x1b\xe6\xdd\x51\xc1\x63\xfb\xe6\x4b\x9a\xed\x4d\xcc\xfd\xf3\x93\xbb\x60\xd9\x38\xa7\x81\x85\xaa\x25\xb5\xd9\x9e\x00\x8d\xc8\x2f\x21\x7e\x46\x2a\xee\x16\x6d\x27\x6f\x68\x11\xc2\x2e\x77\x33\x94\x97\x77\x09\x69\xb2\x71\x1d\x1a\xfd\xcb\x9d\x5a\xb7\x6f\x08\xfd\xcd\xc5\x20\x58\x1e\x6d\x2f\x09\xbe\x0f\xcc\x98\xf2\xcb\x8e\xa9\xff\xe1\xe8\xc2\x10\x10\x03\x0d\xa0\xbb\x06\x28\xda\xa3\xeb\x15\x72\x1c\x79\x08\x7b\x28\xb6\xa7\xc9\xec\x95\x52\x4f\xa6\xd1\x07\x0d\x82\xc2\xe1\x97\xad\xae\x64\x47\xea\x12\x4e\x44\x32\x38\x5a\xce\x6c\x5c\x8a\x3d\x0a\x37\x46\x83\x1b\x62\x2a\x89\xb7\xbc\x01\xd8\x0d\x47\x70\x7f\x9a\x3f\xb8\x37\x6b\x00\x17\x08\xa9\xac\xa6\x36\x1b\xbd\xfb\x01\x7c\x64\xc8\x91\xcf\x71\x5a\xcf\x1f\x77\xb7\x4a\x01\x97\x50\x23\x22\x80\x4f\xee\x77\x44\xde\xf9\x6b\xca\x86\x0f\x83\x46\x78\x7d\xac\xaf\x4f\x3e\x20\x85\xbd\x8e\xcc\x62\xa5\xe4\x52\xd5\x6c\xfc\x2f\x46\x20\x38\xaf\x41\x5a\xb4\x0a\xee\x11\x51\xc4\x65\x3e\x95\x53\x8a\xd7\x39\x99\xe5\xd6\xa8\xda\xd6\xb3\xec\xd6\xe6\x6d\xda\x1c\x99\x2a\x59\x45\x1f\x0d\x6f\xb8\x58\x60\x45\x37\x62\xdd\x89\xe0\xae\x14\xa0\x80\xb8\xac\x16\x83\x9a\xfd\x7f\x63\x7a\x24\x4d\x12\x61\x5c\x3c\x94\x3b\x48\xc1\xb1\xa5\x48\xb5\xa2\xcd\x47\x47\x69\xbd\xb0\xde\xfa\xb4\xec\x13\x9c\xe6\x6e\x6a\xb5\xa5\xc6\x30\x1d\x1e\x23\xe9\x3e\x73\xa9\xdd\xf3\xad\x4c\x45\xde\x96\xb8\xb9\x64\x5d\xf9\xf0\xd4\xa2\xff\xe9\x57\xe5\xbc\xeb\xe4\x83\xae\xe1\xf7\x57\x52\xac\x5a\x36\x1e\x1b\x42\xc7\xa5\x01\x65\x0d\x59\x26\xd3\x88\xa4\x04\xca\xb2\x38\xa2\x9d\x7a\x8d\x96\x03\x4b\x4d\x6a\xed\x13\xe1\x83\x6c\xba\xd5\x5d\x73\x23\x1f\xbf\xac\x11\xe7\x54\x3e\xcc\xbe\x03\x27\xff\x60\x91\x11\xaf\xa7\xa4\x8d\xf1\x76\x92\x94\xef\x39\x40\x7a\xa8\xc6\x31\xfe\xb1\xba\x5a\xce\x12\xc4\x84\xdd\x96\xbc\xdb\xc0\xda\x0c\x78\xe2\xa4\xf4\x77\x7d\xc9\x2f\xfb\x81\xd0\x0d\xc9\x93\x07\x31\x04\x6b\xcf\xdb\x4e\xb5\xd8\xc6\xec\x0c\xc8\x7f\x22\xd1\x88\x9d\x25\x7f\xa0\xe8\x53\x64\x86\xad\x29\xfb\x03\xc1\xe6\x1b\xc0\xa6\x9f\x2b\x7b\x00\x52\x0f\x8d\xbc\x36\xb2\xde\x67\x60\x9c\x65\x53\x4d\x0c\xb8\x8b\x52\x36\xe3\x6f\xa6\x6e\x11\x7c\xa4\x55\x08\x97\xdf\xc2\xae\xa6\xef\x86\xfb\x3b\x69\xb2\xc4\x4c\x3f\xce\x3f\x59\x56\x94\x45\xc0\x6a\xcb\x4d\x02\x87\x3c\x68\xb8\x84\xca\x29\xc3\x51\x17\x1f\xe7\xf4\x31\xd9\x09\x26\x81\xe1\x34\xac\x32\x79\x6d\xb7\x74\x0b\xf5\xfa\x08\x4c\xfb\xfb\x3b\x31\x47\x7e\x78\x1c\x0d\xe9\xbc\x46\xe4\x88\xd1\x02\x89\xfc\xa9\xc1\x62\x3e\x93\x53\x3c\x5d\xe8\xb5\xf1\x46\x68\xeb\x7a\x6c\x11\x6c\xfa\xce\x1e\x95\xae\x8c\x05\xe2\x35\x5e\xc4\xe1\x8d\x41\x04\xa6\x86\xc0\x62\x55\x3c\xa9\xeb\x3e\x1f\x33\xe6\xc0\x52\x30\x2c\x79\xb4\x04\x7b\xde\xa1\x1f\xfa\xbf\xce\xbc\x7d\x99\x3c\xb8\x13\x0e\x9f\xef\x5f\xdd\xcf\x29\x31\xf7\xcd\x61\xda\x75\x69\x29\x0c\xc3\x70\xaf\xd3\xaf\x33\x7f\x5e\xc3\xc2\x31\x0c\xfd\xc4\x73\x8b\x75\x2b\xf4\xb5\x65\xf8\xe6\xd7\x58\x92\x50\x00\xfc\x12\xe7\xf6\x54\x1b\x2c\xca\xd7\x90\x3f\xa2\x78\xfe\xeb\x8f\xa7\x60\x90\x6c\x5c\x2b\xb0\x77\x1f\xc1\xf7\x0f\x3b\x47\xf8\x4f\xe6\x0d\x04\x1c\x7f\xd0\x52\x16\xb6\x5c\xac\x40\xa8\xac\x2b\xc8\x4f\xfc\x0d\xbf\x24\xed\x8e\x58\x57\xcc\x22\x7c\xc9\xa2\x65\x1d\xc6\x50\x6c\x6d\xd9\x78\x77\xa2\xb2\x0f\xd4\xfe\x6a\x2c\xb5\x1b\xd7\x1f\x8c\xdd\xb9\x8c\xd7\x20\x0d\xbe\xe9\x61\x95\x1f\xcd\x45\x23\xd1\x08\x1f\x17\xfa\xea\x21\x6a\xd5\x5b\xb8\x38\xa0\x79\x9f\xa0\x73\xd1\x5d\x38\xf5\x52\xb1\xd9\x87\x79\xd5\xba\x95\x38\xf3\x05\x8c\x55\xda\x9b\xf9\xf6\xa2\x36\xe5\xb8\xd7\x5b\xb9\x98\x7f\x1c\xe2\xca\xaf\x73\xcc\xa9\x1f\xe5\xbf\x7d\xce\x2b\xc4\xec\x7a\x8d\x59\xde\x50\x4c\x91\x69\x9c\x73\xfe\xa1\xb5\x1d\x3b\xe2\xcf\x83\x9e\xf8\xe4\x25\xcd\x0e\x8f\x23\x79\x22\x8f\xae\xec\xc8\xf1\xe1\xb0\x98\xfd\x92\xcf\x34\x72\x52\xc4\xfd\xe4\x1e\xe4\xcb\x17\x70\x9b\x57\x08\x9b\xe3\x47\xfa\xfc\x20\x45\x23\x48\xdc\xf8\xf4\x65\x34\xe0\xe4\x57\x8b\x1f\x9d\x32\xc7\x24\xa1\x4e\xd5\xdf\x97\xfc\xed\x5c\x75\x5d\xc7\x45\xac\x9f\x57\xf3\x11\x99\x1f\xab\x37\xf2\x12\x1d\x4f\xfe\x16\xe6\xb3\x4e\xcd\x94\x04\xdf\xf4\x80\x33\x8c\xd1\xf0\xe0\x47\x2e\x1d\xdb\x41\x4f\xfb\x2b\x56\xa9\xc5\xfb\x1e\xc4\x97\x69\x5c\x7e\xe2\xda\x96\xaf\x75\x70\xa5\x65\x4b\x87\x07\x08\x1f\x3d\xfc\x46\x51\x58\xc6\x2a\x34\x7a\x8f\x65\x19\x77\xa4\x4c\xfe\x37\x79\xe2\xa7\x91\x7f\xee\x32\x71\x5a\xfe\x9f\x5d\xa5\xd0\x3b\xe4\xff\xd3\x39\x48\x49\xd7\x3e\x6a\x93\xde\xe5\xbf\x37\x9e\x44\x14\x37\xda\x8f\xc9\x82\x38\xe9\x6f\xa1\x07\xdb\xda\xb8\x22\x87\x1f\xc0\x26\x59\x25\x79\x95\x63\x37\x99\x63\x9e\x2d\x23\x82\x66\x15\x3b\xfb\xfc\xd1\x11\xf3\xbe\xe0\x7c\x0b\x41\x50\xd4\x8f\xde\x2f\x09\x3e\xb7\x95\x00\x63\x0c\x2c\xe0\xfa\x61\xc7\x84\x03\xae\x2a\xe7\xbe\xe1\xda\x06\x68\x9e\x64\x9a\xee\x0e\x61\x58\x86\x65\x7c\xd0\x74\x9d\x64\x6a\x7b\x23\xda\xdd\x93\x30\xed\xb3\xb4\x26\xff\xf5\x25\x35\x2e\x51\xbb\x6a\x72\xfb\x5a\xf6\xf9\x72\x0f\xc3\x28\x1f\x97\x2d\x47\xe8\xef\xc1\x37\x95\x1f\x99\x4b\x65\xe9\x0d\x31\x79\x30\x53\x4f\x2a\xb5\x59\x24\x56\x71\x28\xac\xf3\x45\xf5\x21\xaa\x77\x27\xad\x76\x2e\x24\x43\x7e\x67\xbc\xb6\xdc\x39\x3c\xab\x8a\xef\xe7\x9f\xfa\xaf\x59\xfd\x18\x47\x3c\x51\x32\x47\xc4\x27\x6a\xa6\x38\xad\x0d\xde\x1d\x8a\x89\xb7\xe8\x70\xec\x07\x47\x0e\xa3\x51\x8a\x7d\xe7\xf3\xeb\xed\xd8\xf7\x3a\x04\x40\x79\xa5\xec\x3d\xf2\x0c\x39\xb6\x0c\x19\xeb\xaa\x65\x4b\xf1\x97\x43\x83\x8a\xa2\xa5\x42\x7d\xf2\x57\x67\xce\xe3\x32\xa6\x48\x2a\xb9\x41\x6e\x83\xa2\x22\x32\x69\x5c\xa3\xd4\xb2\x66\xd2\x2e\xd4\xa7\x52\x88\x15\x38\x29\xd4\xd0\x7a\x0f\x50\x84\xf4\xd7\x43\x3f\x8c\xbb\x3c\xa2\x71\xa6\xe2\x70\x66\xd2\x67\x26\xad\xf7\xa9\xf4\x7b\x04\xe1\xde\x92\xdf\x49\x63\x27\x2d\x30\xbf\x3f\x7d\x71\x5d\x99\xc7\x9f\x43\x70\x81\x93\x4c\x33\x02\xd8\x56\xbf\x2c\x6b\xc9\x36\x02\x0f\xe9\xbf\x32\x8c\xdc\x98\x44\xdb\x69\xe5\x9a\x2d\x9c\xba\xf7\xa4\x34\x5e\xa8\xc2\x65\x1c\xa2\x34\xa8\xad\xeb\xb9\x79\xa7\x24\x44\x9f\xde\x91\x80\xa6\x4a\xa2\xd4\xb9\xfe\xe5\x33\x45\x41\x59\x24\xb6\x29\x44\x0f\x98\x7b\xc8\x8f\x8e\x35\x1b\x56\x64\x33\xed\xa3\xfc\x58\xa0\x1a\xa5\x79\x4e\x95\x10\xac\x47\x17\x89\xa2\x1f\x57\x2c\x2e\x7f\x01\x09\xe8\xac\xd1\x10\x75\xe1\xb2\xac\x63\x93\xea\x9e\x58\x98\x41\x18\x10\x3e\x37\xde\x16\x03\xcf\xff\xd4\x69\x17\xee\x85\x57\xdb\xd5\x4f\xe0\x3b\x16\xfc\x27\x43\x8e\x25\x8f\xe8\xbd\xb0\xf5\xf5\x6d\x25\xef\x81\xcf\x5f\xff\xf5\xd8\x8a\x73\xdb\x0a\x80\x13\xf3\x0a\xf6\x3c\x22\xd0\x94\x1e\x9f\x77\xcd\x46\xb5\x47\x7d\xef\x04\xa6\x11\x27\x52\xa3\x32\xfd\x41\x11\x71\xa5\xfd\x7b\x7c\x5c\x56\x59\xe4\x99\xf4\xbe\xc3\x4d\xe2\xb8\xad\xe2\xc3\xf3\xae\xf9\x88\x7f\x4d\x00\x69\x80\x49\xb2\xc1\xc4\xb2\x99\x92\xe3\x63\x12\xdd\x96\xc7\x58\x84\x71\xaf\xd0\xa1\x7b\xe2\x87\x8e\x2b\xf4\x20\xa3\xf0\xd4\xd1\x8b\x6e\xb9\x4f\xab\xfe\xab\x6d\x57\x14\x5f\x45\xf7\x77\x0c\x5e\x15\xc4\x1b\x60\x22\x81\x6d\x25\xce\x7b\xcf\x85\xbe\xc4\xa3\x68\x8e\x4a\x12\x3e\x73\x88\x76\xcd\xf6\xc5\x08\xa0\x3c\x97\xa8\x6f\x2f\xcb\x45\x8e\x2d\x42\x0f\xb2\xa5\x8e\x10\xf8\x22\x81\xbb\xd7\x52\x3a\x56\xbc\xcf\x2f\xda\x4f\x6f\x38\x83\x9d\xa3\x10\x02\x8b\x4c\x43\x6b\x99\xac\xba\x79\x61\x42\xb8\x46\xa1\x35\xd4\xbd\x62\x32\xb7\x11\x78\x80\x83\x55\x2e\xf0\x01\xc1\x6d\xe4\x33\x52\x23\x5c\x13\xd6\x3e\x86\xdd\x66\xd2\xb0\x44\x79\xb6\x43\x80\x7d\x0f\x06\x6d\xd7\xb5\x8f\x15\x59\x52\xa9\x3f\x3d\x90\xd8\xe6\xb0\x49\x9f\x21\x45\xec\xab\xdd\x40\x2a\x8c\x1e\x33\xcb\xda\xb6\x92\xe7\xbd\xa7\xd2\x48\xa1\x92\x15\xb1\xd5\x0b\x46\xfb\x14\xd5\x3d\xea\x97\x69\x1d\xb5\x18\xe7\x06\x9b\x1a\x10\xd3\x4e\x44\x43\x59\x8e\x8f\xbf\x82\x71\x88\x60\x20\x00\x4c\x3e\x83\x0d\x7d\x3f\x19\xcc\x92\x94\xff\xe6\xd0\xf5\xb2\x7d\x5a\x15\x3a\xee\x8a\xda\x73\x49\xdd\xce\xf2\x7b\x7a\xa3\x69\x00\x91\x16\x6f\xe7\x1b\x36\x8d\xb1\xd4\x3a\x5c\x6e\x19\x7c\x48\xf7\x6b\x7d\xe1\x61\x2c\x44\x63\x19\x8c\x28\x46\x4f\x16\x88\xf8\xbf\x3a\x35\xd1\x3a\xb5\x2b\xa6\x85\x48\xfb\x47\x87\x54\xd1\x0d\xc2\x29\x85\x4b\xdd\x23\xbe\x3e\x51\x79\x81\xa1\xa2\xb8\x2d\xeb\xef\xa5\x28\x15\xde\xf4\x6c\x95\xa3\x15\xfd\xcd\xac\x5f\xef\xfd\x5c\xc7\x62\xc0\x26\x7f\x79\x83\x32\x85\x7d\xa6\x8b\xa4\x7f\xe3\x7e\x3e\x2a\x84\x7b\x2d\x3f\x54\x1b\x59\x7d\x12\x78\x20\x2b\xac\x96\x31\x22\xc8\xd4\x56\x55\x11\x11\x23\xe1\x09\x61\x75\xaa\xed\xb7\x82\xaa\x63\xc1\x6a\x7d\x01\xf1\x16\xde\x46\xf7\xf0\x3a\xc5\x2b\xba\x23\xee\xb9\x2b\xf9\x6e\x0a\xa5\x21\x66\xc3\xfb\xb9\x87\xf3\x51\x4d\x45\x65\x32\x35\x44\x89\xfc\x01\xc2\x35\xff\xb5\xe9\xd6\xb3\xaf\x4c\xab\x08\x3b\xfd\x98\x4a\x81\xfa\x93\x23\x62\x18\x8e\x02\x23\x80\xd2\x71\x6a\xb8\xd0\x10\xbc\xc1\x1a\xe1\xd5\x2f\x51\x22\x4f\xbc\x76\xd9\xea\x73\x64\x9b\xc6\x43\x3f\xb1\x8d\xf2\xfa\x08\xba\xaf\x3d\x05\x7b\x2d\x59\xbd\xc8\x8d\x98\x9f\x04\xd5\x07\x02\x98\xd7\x6c\x0c\xd3\x24\xe2\x38\x8e\x08\x7b\xbf\x28\xa3\x29\xae\xc0\x67\x8d\xa0\x01\x03\xce\x59\xf1\xc6\x54\x1a\xb3\x3a\x86\xf9\xe2\x8c\x37\xa2\xfb\xe6\x30\x1b\x0e\x89\x46\xa1\xe5\x07\xab\x78\x26\x98\x1b\x6c\x56\x7f\xf2\x71\xfc\x67\xb2\xda\x81\x04\x24\x51\x53\x16\x2f\x84\x2b\xb4\xb6\xa7\x47\x0d\xce\x68\x9f\xc4\xb0\x90\xbf\x44\x04\x65\xfc\x77\xab\x41\xe0\x39\xe4\x81\xaa\x3c\xe9\x1b\xdc\x22\xfe\x6b\x4f\xfd\x00\x35\x11\xfa\xab\xaf\x04\x32\xce\x83\xbe\x7d\x9b\xb4\xbe\xfa\x01\x95\x02\xd1\x24\xff\xa0\xc0\x1c\xcf\x2b\x80\xe1\x76\xaa\x4b\x7c\xf9\xf3\x4b\x1c\xf9\x96\x46\xe1\x90\x22\x65\x1c\xc1\x07\xe9\x13\xf5\x87\x48\xb6\xe4\x50\x61\xa2\x1c\xab\xa3\xaa\x29\x0c\xf5\x83\xa3\x8e\x7b\x63\x5e\x3e\xf3\xb7\xcc\x14\x96\x4d\x8e\xf5\x79\xbf\x39\xca\x93\x60\xe9\xf7\x76\x8f\xc1\x71\x41\xf4\xd4\xe0\xb0\xb8\x63\xd8\xdb\x1f\xee\x03\x9e\x55\x72\x84\xaa\xdd\xa2\x53\x11\x00\x46\x4e\x1a\x59\x42\x59\x7d\x8a\x49\x5d\xb3\x6e\x2d\xfd\xc1\xf0\x67\xf7\xca\xd7\x77\xbf\xe3\xe3\xa8\xec\x78\x1b\x63\x18\xc3\x0e\x7e\xf5\x53\xdf\xea\xb8\xa8\xcb\xc2\x61\x48\x45\xa7\x11\x52\x71\x1c\xa5\xcf\xa0\x2e\x83\xc2\x33\x90\x6d\xbe\x09\x12\x30\x6b\xc4\x7a\x6f\xf2\x1f\xbe\xc4\x74\xaa\x2b\xa9\x73\xa5\x38\x84\xae\x70\x6b\x36\x85\x30\xfd\xeb\xf7\x46\xda\x35\x9b\x32\x12\x75\x5d\x41\x33\x40\x68\x33\x63\x38\x46\xd0\x4b\xc6\x2f\x95\x64\x8f\x79\xee\x92\xae\x7f\x7c\x15\x07\x2d\xf8\xd8\x72\xf3\x08\x95\x56\x16\x81\xa4\x47\x61\x5a\x64\x84\xa1\x01\xd1\xbf\x79\xd2\x0f\xad\xa2\xeb\x0b\xaa\xfd\xfb\xb9\x95\xfe\xf4\x51\x00\x84\x81\xfa\xd1\xdc\x51\x5d\xb3\x49\x25\xaa\xf4\x73\xe2\x9c\x90\x8e\x60\xfc\x25\x47\x1a\xf4\x61\xa9\xba\x23\x93\xac\xf2\x26\xee\x20\xde\x39\x04\xa6\x11\x98\x25\xd2\x9c\x76\x8d\x36\x6c\x54\x9f\x98\xc1\xb0\x29\x23\x35\x26\xd4\x18\xb1\xf8\xd3\xb0\x97\x71\xab\x63\xf8\x46\x1c\x83\x8c\x04\x02\x7c\x57\xe9\xdc\x3e\x58\xc2\x0b\xb8\xed\x63\x21\xa7\x84\x68\xac\x05\xbb\x9b\xfb\x2b\x55\x1d\x91\x07\xb6\xf6\xe7\xc8\x21\x1f\x0e\x5d\xde\x14\xb3\x0d\xae\xea\x37\x0c\x1d\x01\xb0\x6e\x91\xa9\x46\x02\x3d\xbe\xf1\x81\x6e\xa1\xd7\xaf\xac\xd0\x33\x7f\x6c\x22\x9b\x94\xaa\xe5\x07\x94\xd8\x74\xfc\x1c\x40\xe2\x93\x73\x2a\x68\x0f\x10\x31\x2d\x44\xf5\xfb\x8d\x7d\x05\x2c\xf5\x46\x0d\x49\x3f\x1f\xba\x32\xcb\x52\x4c\xdc\x4f\x69\x2f\x5c\xe3\xac\xa0\x8d\x69\x2b\x1e\x23\xd7\x1c\xc7\x25\xb0\x41\xeb\x10\x6c\x55\x9c\x5c\xde\x28\xd0\xb8\x97\xbc\xff\x61\x35\xdc\x4d\x96\x2b\x4d\x53\xbe\x1a\x9f\xeb\xb5\x4a\xda\x8d\x18\xaf\x41\x1b\xaf\xe1\x73\x6b\x38\xb7\xb3\xd4\x3f\x57\x84\xb5\x21\x8b\x48\x17\xf2\xa5\xe9\x3a\x70\x65\xc7\x54\xe0\x55\xd7\x96\x6d\xdb\x88\x75\xdb\x32\xc9\xda\xf9\x1d\xe1\xa9\xff\x7c\x7e\xb1\x2d\xa2\x10\xfd\xca\x77\xd7\xf3\xf3\xd7\xc4\x62\x06\x93\x15\x92\x00\xe6\xf4\xb2\x78\x87\xb6\x7d\x83\xb4\x20\x9b\x2f\x29\xc3\xf9\xb4\x55\x39\x77\xbf\xed\x43\x37\xef\xfa\x52\x8a\x8a\x99\xe0\x17\x81\x06\x14\xf0\x19\x34\xac\x1a\x98\xff\xb8\x35\x0c\xae\x93\x5a\xac\xf2\xbc\xcc\x87\x0d\xe1\xca\xb7\x5a\x26\xeb\x64\x8f\xf3\x19\x92\x98\xd7\x7a\x8d\x47\x70\x7a\x89\x2b\x16\x67\x8d\xc2\x94\xb2\x17\xb0\x26\x51\x8b\xb4\x43\x9f\x4f\x14\x8b\x77\xf0\x51\xd7\x71\x75\x18\x43\x9d\x81\xff\x61\x3c\x3a\x41\xfb\x4b\x3d\x2f\xcd\x97\x37\xcc\x67\xb3\xd3\x9c\x67\x30\xeb\x35\x5e\xe1\x22\x64\xae\x58\x5c\x69\x74\x53\x7a\x5a\xe9\x7a\x03\x6b\xb2\x4e\x15\xa1\x47\xae\xee\xb1\x4a\xbf\xa1\x0c\xfe\x13\xa0\x66\xa8\x68\x23\xfb\x53\xef\xd0\x08\x59\xe8\xad\x95\xdc\x0a\xd5\xe2\xb8\xbf\xf7\x19\xf8\x52\xf6\xbe\xed\xc7\xb0\x6b\xac\x57\x4c\x29\x64\xb6\x81\x96\xfa\x4a\xae\x5d\xb2\x13\xb8\xb5\x8c\xd7\x22\xf1\x7d\x01\x18\x11\xb0\x53\xc7\x4c\x7f\xa9\xbf\xea\x3d\xda\x24\xe7\x34\xfd\x7f\x12\xad\x1c\x53\x21\x73\x89\x26\x26\x4e\xb8\x7e\x43\x1c\xb4\xc9\x5a\xc6\x4b\x98\xb2\x5b\xc8\xba\x77\x83\xed\x0a\x3f\xab\xfd\x90\xc9\x38\xe8\xf5\x4d\x02\x8c\xf1\x9a\x27\xe2\x07\x0a\xe0\x96\x57\x10\x73\xc1\x0d\x75\xea\x03\xad\x7f\xcc\xbf\xba\x7d\x57\x3e\x04\x7b\x25\x73\x33\x36\xbd\x57\xab\xd8\x97\x25\x6c\x18\x51\x53\x69\x86\xa5\x86\x12\x1b\x83\xf5\x8c\x1b\x51\x03\xb6\xd7\xca\x25\x20\x26\x08\xf8\xc2\xd5\x06\x01\x23\x05\x4b\x4e\xe1\x05\x6f\x94\xc8\xec\xfc\x3b\xf7\x3b\xb3\xc5\xa3\xff\x8c\x2b\x76\xde\x5a\xfa\x33\xc2\xb7\xb0\xa0\x4e\x3e\x11\x3b\xc4\x14\x87\x70\x59\x0c\xbd\xd1\x3a\x5a\x1b\xa8\x2c\xb2\x78\x9f\x8e\x75\xc5\x22\xff\x96\xf2\x0c\xc6\x04\x18\x2b\xc6\x26\x85\x5c\xed\xd8\xbc\xca\xd9\x17\xfd\xc4\x72\x30\xff\xb7\x76\xb1\xe9\x9b\xcb\xe4\x55\x0d\x1e\xe7\x68\xc8\x7e\xab\xc0\x28\x1a\xb6\xf3\x74\x3d\xc9\x39\x35\x0c\x94\x31\xd8\x91\x3a\x08\xf1\x54\xa5\xe6\x89\x5a\xc4\x6c\x96\xb0\x21\x60\xec\x15\x2b\x79\xec\x0f\xe1\x7a\x9c\x9f\x60\x17\xf8\xfe\xf8\x3c\xdc\x15\x8d\xeb\x99\xf4\x9e\xab\xe6\x5b\x9d\x93\x71\x1e\xc3\x74\x35\x05\xeb\x74\x6d\x98\xeb\xad\xae\x2f\x3a\x8e\x9c\xe6\x7c\x86\x22\x80\x8d\x9c\x26\x74\x1e\xcf\xab\x8b\x86\xd7\xef\xdb\x0c\xfc\xde\xf8\x23\xd5\xb4\x88\xf5\x7e\xe2\x04\x21\x72\x7d\x2e\x97\xef\xae\x9a\x1b\x62\x5c\xd6\x61\x71\x83\x50\x74\x83\x48\xba\x23\x56\x53\x6f\xf1\xf6\xe4\x79\x14\xaa\x6c\x9e\xc4\x3e\xf7\x4d\xb5\xdc\xc8\x2f\xa1\x47\x70\x18\x72\x83\x92\xb1\x4d\x22\x3d\x45\xd9\xc6\xff\x7a\xd1\x8b\x86\xef\x50\xce\x64\x85\xc1\xa8\xbd\x48\x74\x21\x11\x12\x0e\x4b\x11\x76\x9e\xe7\x78\x7d\xf0\x9b\xcb\x53\x50\x46\x19\x19\x2a\xb3\x7c\xef\x27\x7e\x7e\xe9\x6e\xf8\x3a\x8d\xaf\xec\x99\x3c\x76\x8f\xc1\x33\x98\x5c\x12\xe3\xbd\xf3\xa3\x4f\x44\xc5\xe4\xaf\xdb\x6b\x43\x03\x1e\xf0\x44\x64\xfe\x1b\x2f\xf3\xa1\xa8\xe9\x85\x79\x90\x66\x5c\xc4\x6c\x8d\xdc\xac\x6f\xb0\x14\xb8\xd2\x5b\x29\x6c\x2d\xb4\x01\xd3\x28\xa0\x39\xdf\x25\xc0\x36\x3d\x25\x4d\xde\x29\x84\xe3\x15\x88\x88\x91\x62\x49\xfc\x8f\x77\x86\x09\xe2\x2e\xf3\x25\x17\x4a\x17\x87\x1c\x1c\xd3\x80\xfc\xd2\xa6\xc0\x66\xd5\xef\x54\x37\xd3\xd5\x76\x3d\xdb\x8f\x33\xc3\xf4\xc2\xb5\x62\x21\x60\x80\x2c\xf5\x7e\x55\x61\xec\xd4\x31\x1c\x7a\xf9\x2a\x96\x7f\xf8\xc9\xfc\x55\x65\x77\x8f\x9d\xd1\xb9\x51\xed\x53\x86\x6b\x99\xef\x74\xbe\x95\x13\xb9\x02\x4b\xc8\xcd\xd9\xa7\x48\x3b\x28\x6a\x20\x69\xfe\x8a\xc6\x72\x79\x6a\xe0\x86\x61\x52\xf3\x86\x5b\x29\xd6\x7d\x59\xe6\x3c\xc6\x67\x29\xbb\x7b\x70\x8d\x17\x6a\x46\x49\x90\x16\xdf\x3f\x06\xa2\xf5\x4b\xa1\xb8\xc3\x44\xd7\xd6\x15\x98\x2e\x60\xa2\x28\x94\xa6\xcb\x40\x6b\x47\xf3\xae\xb4\x3b\x26\xc4\xfb\xcc\x87\x79\x3c\xd3\xcb\x62\x21\xeb\xa4\x4c\x56\x51\xf0\x77\x29\xed\x05\x2a\xa5\xbb\x9d\x53\xc2\x6b\x64\x1f\x0b\x67\xe9\x3f\x79\xea\xa8\x24\x5d\x37\x4c\x82\x83\xb0\xb6\x96\x71\x07\xc9\x95\x6c\xa8\x1e\x9a\xe4\xe4\x2b\x62\xb6\x8a\x2b\x37\x6b\xa9\x2e\x7f\x55\xcb\x0d\xe8\x9e\x6a\x0d\xc8\x09\x23\x23\x05\x9f\x07\xfd\xdd\xcb\xb9\x2e\xf3\xad\xcc\xb6\xd4\x11\xc5\x97\x81\x8c\x5e\x01\xf8\x8f\xf1\x53\x87\x23\x9a\x9f\x80\x96\x1d\x4a\x5e\x0b\xeb\xe4\xd9\x34\x3c\xee\x5f\x7f\x77\xd8\x5f\xe3\xbb\x86\xce\x3a\x06\xcf\x08\x21\x83\xd8\x07\x56\x1b\x70\x4d\xf2\x91\x85\x4e\xcf\x09\xfc\x46\x06\xe2\x1b\x12\x24\x9a\x92\x66\xda\x86\xe2\x51\x0e\x7b\xce\xd0\xf2\x36\x67\xf2\xe9\x41\x5a\x00\xa8\xdd\x9f\x63\x3b\x1b\xa2\xe2\xe9\xca\xb3\xfe\x7a\x45\xdd\x13\x91\x2b\x69\x9d\x4e\x41\x2d\x87\xbd\x14\x7c\x53\x70\x73\xcd\xcf\x21\x83\x09\xcd\x28\x5f\x80\x78\x59\x6c\xa6\x13\xf9\x62\x9d\x6e\xce\x64\x5b\x40\x4c\x01\x81\x22\x00\x7c\x83\x78\x86\x7f\x2b\x99\x4d\xa4\xf6\xca\x94\x66\x4d\x22\xb1\xdb\xcb\x8f\x41\x6a\x2f\x08\x83\x48\xc0\xe8\x46\xf3\x3f\xeb\xba\x28\xa6\x15\x2f\x45\x57\xf7\xcf\x15\x7f\x86\x7d\x17\xfb\xd0\x05\x65\x02\x44\x01\x0a\x04\xae\x03\x8a\x13\x5a\x50\x16\x71\x36\x59\x4d\x75\xad\x52\x50\x0e\x31\xd1\xd9\x4c\x87\x32\x71\xf8\xac\xeb\x5a\x60\xa0\x59\xf2\x63\xe9\x2f\xb5\x8e\xc7\xba\x09\x16\x62\x7b\xe0\xc0\x42\x96\xe7\x9d\xde\x37\x1e\x83\xb7\xfc\xeb\x5c\x59\xc3\x8b\xfd\xf1\xab\xc4\x41\x68\xfa\x65\x2c\xc7\x95\x31\x22\x52\x84\xfd\x5f\xf1\xf7\x3b\x4e\x46\xd1\x27\xeb\x90\x2c\xd2\x4c\xff\x9e\xc3\xbc\x5b\x4b\xad\xf8\xa7\x1a\xa5\xe3\x92\x67\x50\xc6\x40\x31\xd0\x86\x20\x93\x28\x6a\xf8\xdd\xdf\x9c\xcf\xf2\x37\x92\x50\x04\xb8\x91\x93\x82\xc7\x9d\x1e\x00\xba\xbc\x8d\x96\xb2\x97\x92\xc3\x76\x22\x4c\xc3\xa4\xd3\xfb\x34\x6e\xb1\x54\x1e\x50\x15\x8d\x98\xc7\x4d\x4a\xef\x0f\x76\xac\x69\x9c\x0b\xf9\x22\x11\x3f\x4c\x0d\x64\x1e\xb4\xae\x1b\x51\xf3\x64\x6d\x01\x77\x03\xc7\x01\x3d\x06\xd7\x28\xcc\x93\x80\xda\xb4\x0e\xf6\x33\xf1\x1b\x70\xdf\x87\x40\x5b\x60\x6d\x29\xd5\x17\xc4\x45\x6b\xa1\xad\xd4\x37\xb2\xa4\x87\x47\x4f\x15\x42\x57\x14\x87\x28\x14\x7f\xfd\x1b\x86\x66\xf8\xfb\xe5\xc2\x79\x0f\x66\xf8\x32\x02\x6f\x68\x42\xaf\x6b\x46\xd8\xdd\xee\x32\x55\x54\xe9\x9a\x8d\xfd\x3a\x04\x93\x59\xf6\x0d\xf7\x62\x86\xf2\x47\x3f\x76\x3d\x54\x0a\x77\x37\xb3\x94\x66\x2c\x5d\x1b\x1d\xd3\x31\xa0\x36\x08\xef\xcf\xaf\x67\xea\xa1\x61\x32\x96\x01\xb2\xa6\x1d\x00\x86\x87\xdb\xce\xe3\xad\xf1\x0f\x39\x3e\xae\xda\xef\x41\xe7\xa5\xaa\xd8\xaf\x0f\x08\xf6\xe0\x86\x50\x9d\x36\x77\xab\xa6\x1b\xc7\x4b\xe6\x80\xee\x2f\x4a\x1f\xa5\xc9\x3b\x3a\xd7\xa4\xb8\xc9\xb8\x02\xc7\x27\x01\x4c\x7d\xf8\xb8\x0e\xb7\xb4\x0b\x94\x09\x7f\xfd\x2b\x4e\x69\x69\x79\x1a\x3c\xb7\xfc\xc8\xfa\xde\xbd\xfa\x3e\x24\xc0\x1d\x16\x21\x35\xc9\x7d\x82\xb8\xbf\x1b\xbd\xe3\xa3\x36\xfc\x29\xfc\x63\x9c\xa5\x37\xd9\xd1\xbe\x2d\x39\x64\xec\xd6\x23\x12\xb6\xba\x01\x66\x2d\x8d\x94\x8b\xa1\x52\xbc\xbb\x86\x7d\x7f\x38\x6a\x59\xc7\x18\xa9\xca\xb5\xf1\x48\x39\xe6\x8f\x88\x03\x89\x40\xb5\x86\xd5\x3e\xb6\xab\xc9\x11\xd3\xfd\xcf\xdd\xdc\x74\xf2\x8c\x29\xb1\x15\xf1\x16\x8f\x20\xf9\xda\xaf\x33\xf5\x5f\x97\xbd\xe6\xdb\x1b\x9d\xbf\xf9\x5e\xae\x31\xd0\x48\x4b\x47\xb5\xeb\xf9\xbd\xf1\x85\x08\xba\x3b\x0a\x1c\xeb\xca\x3d\x6a\xf9\xe1\x94\x9d\x15\x7e\xf0\x40\x25\xb8\x8d\x17\xf1\xbd\x35\x9a\x19\x50\x6b\x1f\x5d\xe9\xbd\xd2\x6b\x23\xb3\xa3\x3e\xe0\x63\xf6\x09\xc8\x87\xff\x7c\x14\xd1\xf1\x32\x0e\xe4\x86\x5d\xee\xa8\xd5\x3c\xa9\x4f\x4d\xfe\x92\xcf\x47\x0d\x98\x2a\x61\xff\xd6\xae\x69\xcc\x75\xef\xe5\x62\xcf\x38\xd5\x17\x54\x34\x10\xca\x4c\x9a\xb4\xcc\xa4\x19\x6f\x44\x44\x7c\x7d\xfc\x7f\xf7\x57\x7d\xd1\xa2\x50\xb9\xff\xd4\x58\xe5\x66\xc5\xec\x33\xf2\x63\xfa\x29\x6b\x37\xa4\xff\xc3\x77\xc1\xfa\xcc\x6b\x5d\xfb\x5b\x54\xae\x8d\xa1\x34\x06\x5d\xec\x2b\x01\x5c\xcd\xbe\xe3\x4f\x2f\x58\xae\x63\x9e\xa4\x5f\xba\x99\xa7\xd6\x6c\x91\x84\x64\xa6\x58\x77\xc3\x2d\x5b\x09\xbb\xc0\xff\x50\x7e\x0b\x37\xdc\xf8\x13\xf3\x71\x23\xdb\xf5\x67\xb2\x6a\x0c\x4f\x7c\x5e\x43\xd4\xd4\x50\x6c\xd2\x73\x34\x98\x7f\x77\xd2\x99\x94\xb3\xe7\x87\x9f\xed\x87\x64\x44\x95\xb3\xe7\x9b\xd3\x99\x1e\xe8\x1b\xe1\xdf\x38\x54\x1b\xd9\xf7\x63\xb9\x9a\x1c\x32\x53\xeb\xa6\xc7\xb0\xa8\xda\xbc\x1a\xe0\x69\xcc\x9c\x44\x64\x57\x77\x27\xe5\xdf\x9e\x71\x95\xfa\xd2\x5c\xa3\x58\x03\xa5\x1b\xce\xb7\xc7\x9e\x4e\x18\xd3\x29\xcd\xf9\x54\x97\x3d\x06\xf8\xc1\x70\xf4\x5f\x46\x3b\x59\x98\xaf\x2e\x5f\xef\x20\xce\x5c\xa3\x9d\x60\xe7\x7e\x91\x0b\xb1\x5e\xe8\x75\x6e\xa8\xb1\x57\x1c\xfd\x63\x9b\x29\x3f\x40\xfc\x0f\x61\x30\xa6\x9d\xd9\x1d\x26\x1c\x38\xf7\x31\xa0\x9d\x3b\x02\xbc\x61\xff\x62\x65\x8a\x08\xfa\x10\x72\x79\x2e\x23\xce\x24\x4b\xc5\x29\xa7\x61\x41\x22\x72\xa3\xa4\x2e\x0d\xfb\xbf\xeb\x51\xb4\x36\xd4\x16\x51\x0e\x19\x70\x6e\x07\x37\xed\x95\x7c\xf0\x1a\xc1\x6c\x40\x7e\xf8\xa7\x2f\x71\x29\xf2\x58\xc6\x11\xe7\x71\x13\xf6\x59\x35\x58\xbe\x58\x03\x86\x6f\x0b\xb5\x23\x97\x9b\xa9\x7f\xe6\xe5\x28\xaa\x71\x20\x31\xc9\xc3\x4c\x0c\xc7\x91\xef\xd4\x06\x7c\x1b\xcd\x39\x6a\x98\x48\x87\x94\x68\x78\x37\xbc\x69\xed\x4f\x1c\xab\xdc\xd7\x7b\xb3\xd7\xca\xe2\xdd\x66\xb0\xc1\x72\x37\x15\x23\x69\xbd\x2b\xff\xc5\x72\x1e\xe6\x8b\x5b\xcc\xc2\xcd\xe4\xa8\x19\xa2\x1b\x0e\x9e\xa7\x5a\x33\x23\x32\x67\xf4\xd3\xcf\x7e\x97\x39\xd7\x53\x7d\x64\xef\x1a\x85\x9a\xa4\x91\x21\x22\xb9\x66\xdf\xee\xa7\x16\x86\xbb\x8a\x09\x87\xe5\xd9\xe5\x15\xa3\x85\x66\xbb\x10\x1d\x4d\xfd\x9a\x41\x53\x29\xff\x2e\x6e\xb2\x17\x44\xda\x3b\x1f\xb8\xad\x60\x34\x9a\xd9\x22\x90\x22\x14\x6c\xaa\xdb\x69\xc2\xb3\x82\xec\x31\xcf\xcf\x1d\x59\x43\x11\x53\xcc\x08\x18\x27\x6c\x95\x9b\x9e\xac\x81\xd3\xd2\xa1\x1f\x15\x3e\xff\xe1\x3a\xba\x76\x48\xe2\x7c\xdc\x61\x94\x79\x8f\x08\xb8\x17\x19\xb5\xb5\x5e\x3a\x51\x07\x66\x8c\xe4\xfd\x8f\x37\x70\xfe\xf2\x65\x3f\x98\xd3\xc2\x8e\x8d\x41\x12\x32\xee\x09\x6f\x72\xf6\x8c\x71\x5c\xaa\xd9\x0e\xf2\xfe\xf0\x15\xb0\xce\x2a\x39\xc3\x50\x2e\x17\xa9\x4c\x10\xf2\x06\x8e\xd7\x3e\xba\xb6\x6b\xcc\x02\x3b\x36\x99\xd8\x17\xc9\xfe\xd4\xbe\xb3\x99\xb2\x6d\xca\x2c\xfe\x92\x8f\xb7\x59\x72\x4e\x94\x95\xc0\xfb\xfc\xe7\xd3\x40\xcd\x4f\x5f\x71\x83\xe1\xd8\xc4\x68\xbb\x99\xe3\x30\x69\x74\x94\x1e\xd3\xcc\x07\x76\x38\x7d\x3d\x21\x44\x11\xff\x71\x21\x33\x7b\xc0\x35\xc5\xd2\x34\x33\x67\xc0\x52\x7d\xc7\x6d\x61\x1a\x1c\x1b\xee\xbb\xd3\x5d\x91\xc0\xd6\x3f\x31\x48\x93\x34\x54\xc0\xb2\xd1\x0a\x47\x03\x9c\x87\x98\xa9\x6e\xdc\x0c\x73\x3a\xeb\x97\xbe\x52\x2b\x99\xcb\xfc\x89\x2b\x98\xdd\x57\xbf\x2a\xa3\x94\xbc\xdc\xa0\x03\xdb\x79\x54\x84\x0a\x8f\x78\xfd\xeb\x59\xac\x0b\x09\x2c\x19\xef\xfd\xf0\x49\xd8\x24\x38\xf0\xf4\xac\x2b\xf6\x51\x94\x5a\x1d\x0b\x5e\x2e\x63\xaf\x18\x87\xfd\xeb\x77\x7f\xb0\xc5\x1d\x04\xdd\x8c\x8e\x18\xa0\x5a\x7c\xf8\x55\x02\x87\x6f\x0b\xc5\xe9\x1c\xf1\x1f\xef\x5a\xeb\xf1\x5f\x47\x13\x9c\xab\x99\x29\xb3\x7c\x08\x87\x91\x7a\x08\x18\x30\x5b\xc0\x4a\x85\xfb\xb7\x7f\xce\xec\x7c\x70\xcb\x98\x79\x41\x4d\x8a\xac\x92\xe0\x4f\x31\xf7\x42\xd3\x7b\xad\xd0\xa8\x7f\x71\x5d\x83\xe5\x5c\xe3\x23\x07\x4e\xf7\xe8\xdc\xa9\x39\x2d\x2a\xdc\x1a\xa4\x8b\xcc\x8a\x86\x9c\xb0\xff\xc8\x8b\xa0\x38\xe5\xca\x34\x9e\xc4\x8b\x53\x0b\x67\x28\xc1\x5c\xa7\x16\x68\xc9\xbf\x1e\xda\x51\xd3\x80\xfa\xfc\xf0\xca\x0d\xc5\x12\x39\x61\x01\xb7\x95\x81\xe2\xbd\x3f\xba\xe9\x5d\xb4\x25\xfc\x15\x13\x37\xa4\x32\xe1\x30\x15\xdb\x8c\xba\x7f\x4c\x56\x63\xd8\x73\x0d\xd4\xe4\x27\x16\x50\x6f\xd1\xf3\x17\x47\xe1\xf3\x2e\x24\xe5\x34\x8f\x33\x8d\x11\x13\xf3\x7f\x31\xdd\x77\xd5\x6e\x49\x08\x19\xb0\x73\xd5\xe4\x0b\x60\x98\xd4\x31\x0d\xa6\x29\x77\x65\x04\x4c\xa4\xfc\xf8\x7e\x38\x77\x45\xaa\x4b\xcb\x4c\xd6\xad\x5a\xdf\x7b\xa5\xcb\xa4\x60\x18\x3a\x82\x39\xec\x66\x8f\x0b\x7c\xf7\x8f\x07\xb3\x68\x33\x93\x0a\x06\x5c\x64\xf8\x74\x05\x1b\xc8\xcf\xcd\xac\x4b\x68\xa7\x53\x22\x5e\x22\x76\x47\x68\x8b\x3f\xb9\x1d\xde\xea\xf8\xc1\x11\x6c\x0f\x31\x9b\x28\xf7\x33\x43\xd1\x0c\x9e\x73\x22\xe3\xe4\x94\xbf\x38\x28\xe7\x18\x88\x62\x89\x8c\x4f\xde\x10\xf4\xf8\xe5\x2b\x39\x8c\xec\x8c\xcc\xd1\xfd\xc4\x51\x96\x67\x98\x9b\x32\x73\x8a\x1a\x17\xd0\xe5\x23\xe0\xed\x72\xfc\xd3\x09\xc8\xff\x7b\xfe\xca\x87\x19\x01\x17\x86\x30\x0c\xc7\x68\x4d\x6c\xec\x54\x10\x96\xe9\xa0\x02\xb7\x0c\xe7\x87\xbf\x80\x63\xd0\x5f\xbe\xc5\x10\x2c\x2e\x0b\x78\x2a\xde\x2d\x63\x92\x9b\x4b\xdf\xb9\xbf\x3f\xff\x7e\x7e\xf0\xdf\x77\x53\xf6\x9a\x39\x7d\x41\x46\x25\xe8\x3d\x3f\xc9\xcd\xd7\x72\x40\x7a\x63\xc1\x49\xfa\x37\xb9\xca\xe4\x46\x83\x05\xac\x08\x91\x3e\x1f\xa6\xb8\x65\x36\x64\xc0\x2e\xff\x9e\xdf\x19\xa7\x91\x07\x2d\x66\x63\x30\x8f\xa9\x4d\x8a\xee\x11\x17\x0a\x98\x78\xd0\x54\xd5\x20\xc2\x84\xfd\x27\xdb\xfa\xa0\xf6\x0a\xf5\xc9\xdf\xa7\x80\xe0\x37\x21\x15\x90\x22\xf2\xb5\xf2\xb9\x6c\x61\x20\x97\xff\xa7\x2b\x21\x96\x05\xf5\x49\x91\x28\x58\xcc\xbf\x65\xba\x05\x9e\xd2\xc9\x5f\xdc\xb3\x59\xaa\x91\xdb\x42\xea\xf9\xbf\x73\x3b\x05\xc7\x7e\xcd\x61\xd9\x46\x05\xb1\x35\xc5\x07\x2a\x1b\xd1\x1a\x57\xf8\xff\x63\x69\xf1\x0b\x92\x77\xc9\x2f\x25\x6d\x8b\xd3\x0e\x0f\x25\x0c\x1d\xe4\xcb\x44\x85\x31\x32\x16\x99\xf7\x8d\xf2\x73\x2f\x89\x3d\x85\xd3\xff\x3c\x0a\xd5\x7b\xf5\x04\xed\x14\x3e\xee\x50\x68\x23\x85\xe6\x76\x9c\xab\x2e\x3e\x3a\x16\x24\x3f\xc8\xcf\x55\x6b\xc2\xf4\x73\x1e\x51\x9d\x05\x65\x79\xf2\x4c\x0e\xa9\xd3\x23\xcb\x96\x26\xe2\xe7\xe0\x1a\x23\xe2\xbd\x7d\xe8\xb6\xac\x16\xb2\x20\x0c\x4d\xfb\xca\x4a\x5e\x5c\x9e\x8e\xcb\xf8\x15\x22\xa4\xbe\x28\x08\x9d\x92\xfe\xc8\xcb\x08\x7b\x5a\xc3\x98\x78\x51\x79\xb4\x40\x4f\x5f\xfa\x82\x4c\xfe\x2e\x07\x4a\x13\x9d\xc8\x00\xd7\x6e\xd5\x92\xac\x78\xdb\x5d\x25\x43\xb8\x7c\xe5\x9a\x4f\xcd\x30\x0a\x53\xfc\xbc\xc4\xe7\x2a\xb5\x9f\xfe\xc5\x1c\x83\xb2\xec\xab\x04\x20\x46\xf6\x61\x18\x1e\xd1\x94\x21\x66\x87\x5d\x9e\x69\xab\xaa\xf5\x49\x10\x2b\x1c\x1c\xc9\xff\xc4\x03\xd4\x44\xc6\x09\x18\x1e\x8b\x27\x46\xe7\xf0\xff\xb8\x2c\x51\xcd\xf5\xb2\x64\x65\x6a\xfe\xb3\xb3\x49\x9b\xae\xc4\xbc\xa6\x48\x3a\x35\x94\xe4\x24\x85\x6d\xa5\x9b\xc1\x33\x98\x15\x36\xc9\x2c\x9a\x58\x71\x63\x78\x0b\x66\x80\x3a\x3b\x09\x46\x0d\x18\x05\x01\x7e\x27\xfc\xe4\xb0\x8d\xd6\xb4\x7a\x08\xf8\xcc\x91\x9f\x66\x5f\x73\x39\x63\xd0\x1a\xb2\xed\xc8\xd6\xa7\x98\xda\x5e\x95\xc8\xa0\x78\x28\xb9\xc5\x92\x5d\xec\x8f\xdf\xa5\x78\x9f\x7a\xd8\x49\x96\x96\xa7\xad\xa3\xb9\xe6\x7f\xce\xe8\xc2\x6a\x0b\x1a\x96\xcb\x85\x27\x86\x7e\xd2\x09\x3b\x6c\x6e\x12\xd6\xc3\x19\xb1\x4d\x21\x1a\xea\x66\x27\xd7\x8d\xd5\xd3\xd5\xc9\xca\x1b\x87\xb0\x97\x14\x05\x1c\xb5\xf1\xc1\xb6\x07\x74\x7a\x37\x3f\x1a\x6c\xf0\xf5\xe3\x2b\xee\x7e\x7c\x59\xcb\x69\xde\x0a\x03\x71\xa3\x4c\x4f\x1e\x55\xfa\xce\x0f\x43\xb1\x9a\x82\x75\xc4\xe3\x52\xd3\xd5\xbb\xd1\xfc\xe0\xbf\x7d\xfc\x50\xe5\xb1\x7d\x04\x52\x66\x08\xfb\x86\xad\x19\x26\xdd\x6c\xf3\xb3\xfc\x13\x1b\x09\x87\xe7\x1d\x06\x15\x0e\xff\xef\x9c\xc9\xa3\xf3\x2e\xec\x57\xef\x4a\x36\x7b\x5c\xac\x8e\x09\x54\xc0\x48\x55\x54\x7e\x85\xd6\xb9\x2a\x48\x93\xd0\xf4\xed\x5c\xca\x3a\x9b\xea\x7e\x80\xc0\x44\x91\x16\x11\xc1\xdc\x20\x92\x13\x99\x2e\x71\xb6\xe6\xfb\x52\x32\x33\xd0\x8f\x3f\xcd\x3e\xbd\x41\x38\xf9\xc8\xb7\xaa\xd0\xaf\x15\x03\x6e\xe3\x39\x67\x1d\x15\x3c\xa6\x1f\xd0\xd6\xbd\xef\x80\xc2\xbd\x48\xf5\x32\x98\xc8\x20\x23\x18\x12\x36\x13\x14\xa7\x3b\xc9\xb6\x52\x44\xb8\xd1\xc8\x25\xdc\xb4\xff\x64\x9e\xb1\x8c\xf3\x05\x9c\x9b\xdc\xcd\xe1\xcb\x4a\x70\x43\x4e\x0e\x61\x23\x08\x72\x47\x42\x2a\xb9\x80\x7d\x57\x92\x58\xd7\x12\x7b\x69\xea\x60\x78\x8b\x1a\xc4\x25\x67\x22\x52\x52\x50\xf8\xe8\x16\xf7\xca\x8b\x8e\x37\xb4\xff\x74\x06\x4f\xcf\xd4\x47\xc6\x48\xd1\x0b\xcb\x2d\x5b\xe7\xc1\x4b\xb7\xdc\x84\x51\x06\x87\x09\xeb\x93\xc0\xb2\xd2\x4a\xfa\x1d\xea\x2d\x8d\x9c\xeb\xb3\x34\x87\x38\x9f\x9d\x66\xcd\xdd\x97\xbb\x13\x27\x61\xff\xdf\xbe\x38\xe4\xca\xda\x7c\x53\xbe\x7b\x88\x45\x01\xea\x83\x32\x51\xdf\x91\xaa\x2e\xa1\xc2\x37\x58\x88\x93\x63\x70\x49\xea\x5a\x8c\x9b\x9a\xe8\xba\xb2\x87\x70\x18\x1a\x67\x5e\xfb\x9c\x9a\x3f\x86\xa0\x35\xad\xca\xfd\xd3\x07\xf2\xc2\x7e\xb5\xbb\x32\xc5\xb5\x0c\xa3\x10\xfe\x65\xe1\xb9\xd7\xcd\x64\xb7\x37\x4d\x70\x8a\xbb\xc4\xeb\x2a\xc9\xed\xf3\x1e\x0c\xe1\x44\x4a\xc5\x1e\x41\xd2\x86\xef\xde\x70\x7c\x08\xbd\xc4\x05\x06\x87\xe4\x80\x5e\x81\x6f\xc0\x04\xca\xcf\x92\x71\x81\xb7\xd3\xae\xe7\xc4\x3d\x1d\xf7\x07\xae\x32\xee\xab\x17\x63\x38\x24\x16\x69\x43\xb4\xfd\xfb\x02\x05\x87\x12\x8b\xcf\xe5\xbe\xfd\x72\xc9\x1b\x25\xbf\xd6\xbc\xae\xb3\xa4\x71\x5f\xcb\xb4\x42\xee\xae\x6c\x7b\x2e\x55\xcd\x6e\xa0\x40\x58\x7e\xee\x1d\x73\x4e\x83\x3c\xd1\x16\xd3\xc9\x6c\xc4\xe7\x03\x0b\x29\xa7\x75\x9a\xf1\xad\x27\x2c\x95\x44\x1b\x2c\x9f\x42\x6a\xe6\x21\xd8\x4c\x30\x1f\x89\x73\xdd\x1a\xfe\xf6\xe8\x4b\x6d\x3f\x69\xdb\xbd\xcb\x3a\x69\x1b\x55\x18\xb8\x4e\x28\xbd\x42\xf3\xfa\x0f\x2f\x23\x53\xa4\x72\xd4\xf1\xde\xeb\x24\xdf\x7a\xe8\x39\x6f\x39\xb7\x65\x25\x77\x80\xd8\x1a\xca\xe0\x39\xb2\x49\x12\xee\x97\x9e\x70\x3d\xd9\x3f\x5f\x34\x23\xd1\xaa\x86\xa5\xcf\x34\x5e\x4e\x64\x55\xe5\xab\x18\xe1\x37\x71\x66\x9c\x12\x5b\xf9\x29\x9c\xee\x27\xe7\xd5\x33\x56\xc7\x7b\x4f\xc2\x14\x34\x4c\xdb\x03\x55\x2e\xc7\x41\xee\xc0\x52\xca\xcb\x95\xf0\xdc\x94\xe3\x94\xc9\xae\xd5\xb8\xec\x20\x75\xe4\xd9\x88\xcc\xdc\x23\x4a\xba\x11\x5c\x99\x3d\x06\x25\x94\x9c\x92\xce\xd9\xa8\xac\xb8\x9f\x1f\x5b\xcf\xef\x1f\x79\xff\x65\x28\xda\xc9\x1f\x34\x7b\xdc\x14\x06\x93\xe6\xd3\xfc\x28\xaf\x45\xdd\xdf\x0f\x55\xf8\x69\x0c\xdc\xc8\x79\xa1\xb9\x1a\x22\x98\x91\x9f\x86\x94\x5b\x3a\x58\x99\x8d\x10\x48\xcb\x4f\x4c\x66\x79\xdc\x14\xd3\x89\xa0\xd6\x7a\x56\x7a\x6c\xcc\x11\x31\x41\xdd\xf5\x82\x94\x63\x3a\xe6\x15\x98\x8f\xf1\x18\xdc\x63\x22\xf3\x97\x2f\x2b\x93\x17\xaa\x66\x99\x47\xec\xed\x4d\xc1\x28\xfd\x1a\x93\x6d\xcb\xf7\x70\xba\x79\x57\xd6\xeb\x23\xfc\xc4\xae\x46\xc3\x5e\x4e\x12\xdd\x7b\x53\xde\x64\x00\xc3\x51\x01\xce\xb2\xda\x97\xbc\x13\x55\x78\x3d\xc5\x0d\x66\x80\x67\x8e\x0f\x6d\xa6\xdf\x55\xfd\x22\xd1\x93\xf5\x75\x80\xa3\x78\xfb\x51\x66\x20\xd5\x2b\xb7\x11\x02\xf1\x7f\x9f\x53\x28\x18\x43\x4f\x2a\xc7\x97\x23\x08\x19\xc1\x6a\x4f\x61\x7f\x3d\x3f\xd8\x65\xa9\xad\xb5\xd0\xe0\x42\x40\xa5\x7c\x13\xba\x4b\xa8\x23\x18\xad\x68\x44\xac\x8b\xd6\x00\xc7\xfb\xfd\x08\x76\xe7\xdf\xe3\x82\x1d\x94\xac\x5d\xad\xc6\xc4\x3f\x3a\x3d\x66\xd9\x43\x91\x13\x02\x47\xa8\x5f\x1f\x19\x2f\x70\xd9\x50\x2e\x91\x13\x42\xa2\xd4\xb3\xec\x48\x34\xcb\x34\x8f\x01\xf5\xeb\x2a\x0b\x6d\xf0\x0d\x64\x13\x80\x3b\x93\xaf\x81\x49\x0b\x91\x4d\x2f\x48\xc4\x4f\xcf\x35\x9a\x01\xf3\x2f\x1f\x8e\xf4\x0c\xf0\xa1\xe3\x0d\x4d\xfc\xef\xec\x37\x0d\xb4\x37\xa6\xbd\x18\xdf\x4e\xe9\x56\x45\xd0\xba\xcd\x02\x97\x32\xd1\xf9\xe4\xb1\xa6\xdc\x1a\xa8\xf8\x43\xfd\x3a\x63\xb1\x05\x1a\x21\xeb\x0e\xdc\x9a\x66\xd4\x7f\xb8\xd9\xb3\xf5\xa6\xd8\x4a\xc9\x4f\x5f\x20\x86\x4d\x62\x0b\xef\x68\x4b\x9b\x37\xfe\x46\x3d\x30\x36\x5e\xe3\x85\x5e\xe3\x49\xbf\x14\x46\xa3\xa0\x56\xf0\xe5\x16\x86\x39\x00\x77\xe9\x7e\xc7\x28\x9b\xc5\xe9\x9b\x33\xc6\xf3\x53\xc3\xd8\x2b\xd6\x3b\x75\x8c\xf2\xda\x56\xd1\xa7\xaf\x48\x18\x61\x7b\x84\xeb\xa6\xed\xf4\xf1\xf8\x10\x61\xb5\x39\x4d\xc7\xc6\x97\xbd\x32\x39\x58\xa7\x3a\xfb\xb2\xc7\x4e\x4f\x54\x3d\x50\x6e\x86\x44\xa7\x91\x1f\xbf\x6c\x9a\x18\xb3\xcc\xbe\x71\x8a\xc3\xfd\x8f\x6e\x17\x1a\x01\x2f\x4e\x17\xb2\x94\x05\x46\x06\x37\x00\xf8\xd0\xb4\xc0\xa3\x2e\x45\xa8\x96\xd9\x5b\x5b\x68\xe3\x33\x13\xe6\x64\xd3\xf4\xe3\xf7\x30\x5c\x96\xb2\x9e\x66\xca\x6d\xe1\xd0\xa9\x37\x1f\xa5\x72\xa5\xbb\xd8\x71\xe6\xdf\xb9\x64\x8b\x7a\x46\x02\x40\x08\xbc\x33\x16\xc2\xc3\xf9\xca\x08\x60\x7f\x4a\x7e\x2b\x61\xb4\x5c\xab\x69\x1b\x51\x59\x20\xa6\x88\x40\x05\x06\xe6\xb3\x71\x1b\x2d\x24\x9d\x82\xa2\xd8\x1f\x38\x23\xd1\x22\x49\x3f\xed\x15\x0b\xb5\x7a\x73\x72\x6a\x05\x8d\xf2\x9f\xef\x6e\x3f\x77\xec\x7a\xb8\x36\x62\x00\xf9\x95\xb0\xc9\x21\x65\xab\x06\x12\x6f\xad\x6b\x70\x09\x60\xd3\x8f\xb8\xd0\x78\x3f\xd3\x09\x24\x19\xb6\xd3\x69\x5b\x1c\x8f\x2a\xbf\x4a\xaf\x64\x5c\x2e\x5e\xee\x9f\x71\x8a\x9d\x95\x31\x5c\xf0\xdd\x34\xd3\xbf\x7b\x84\x2d\xdf\xbc\x74\x10\xaf\x86\x9f\x6f\x10\x8e\xdd\xfb\x51\x07\x4a\xe6\xfb\xaf\xb2\x5e\xad\xc0\xbc\x7f\xe2\x29\xa6\x61\x81\xab\x76\x21\xbc\x60\x26\x67\x2f\xca\xcf\x11\xaf\xe0\x74\x8d\x25\x7c\x38\x5c\x79\xa3\x46\x5d\xc0\xb1\x7b\x03\x03\x64\x49\x6e\x8a\x7f\x5e\x19\x14\xc7\x63\x51\x05\x87\x54\x9f\xfe\x2f\x36\x05\x78\x86\xee\x40\x64\x91\x9c\xd7\x77\x5b\xc7\xf3\xbb\x73\xc7\x14\xb0\x62\x9b\xcd\xeb\xbc\x84\xa7\x3c\x9a\x91\xeb\x76\xd3\x03\x4c\xbd\x6d\xd4\x54\x9f\xd0\xfc\x29\x5b\x9e\xf0\x07\x2b\xc4\x7b\x6a\x44\x76\x8e\xf2\x52\xa5\xf7\x6c\xca\x0c\xc3\x60\xd3\xbe\xef\x64\x13\xe1\x70\x66\xeb\x1a\xec\xfc\x3a\x46\xb1\xd1\x7c\xde\x40\xd4\xd2\xd4\xd5\x3f\x2a\xb7\xcb\x97\x8d\xfc\x89\x73\xf9\xbe\x41\x76\x9e\x42\x2a\x18\x29\x02\x22\x59\xf7\x4d\xa3\x2e\x62\x5c\xd7\xc5\x43\x18\xe4\x58\xda\xe6\xd5\x8b\xce\xbd\xae\x8d\x93\xc3\x4c\x69\x71\xc3\xfb\xef\x4c\xf0\xfa\x86\xcb\x3d\x86\x37\xe8\x01\x7d\xd4\xd5\x7b\xf5\x21\x8d\xd8\x02\xc4\x5d\x88\x74\xb4\x2f\x0c\x26\xcc\x46\xf2\xa3\x18\xb5\xf7\x7a\xcd\xdd\x01\x9f\x38\x72\xc9\xda\xf5\x31\xaa\x61\xf1\xfe\x72\xd2\x83\xdc\xd8\x4b\xbf\xc6\xa0\xf7\x03\x96\x3f\x15\xba\x59\xe4\xb9\x2d\x1a\x25\xd4\xd6\x34\x82\x06\x9c\x69\xe6\xe8\x26\xdb\xc8\x15\x40\xe3\x38\xff\xe2\x68\x59\xc7\xcd\x50\x1f\x45\x68\x32\x3a\x42\x99\xcb\xed\x30\x57\x4e\x54\xfb\xc1\xf5\xe3\x38\x1e\xb7\x8b\x90\x2f\xe0\x7b\x73\x22\x2e\x05\xd8\x9d\x1e\xec\xde\xfe\xe6\xd1\x17\x7c\x4a\x7e\xb3\xe0\x4f\xa0\x7b\xd5\xc4\xda\x05\x8c\x6f\xb4\x50\xad\xbc\xa6\xbf\xd1\x29\xbe\xb0\x83\xea\x07\x08\xa2\x79\xf3\x0c\xa6\x73\x5d\x6e\x13\x3b\x5c\xfc\x7d\x4d\x3d\xcb\xfc\xc4\x72\xec\xe3\xe4\x23\x57\xb5\x26\xec\xc7\xe2\xe1\xe7\xb9\x98\xfc\x97\x5f\x12\x2e\xef\x15\x41\x3b\xca\xd0\x5d\xb2\xc6\xdb\xd9\xc6\xe6\x3d\x77\x81\xe5\xff\xc9\x0d\xb5\x7c\x0f\x48\x91\xde\xfd\x58\x8f\x7c\x29\xfc\x8f\x2c\xe3\xbf\x9c\x13\x17\x47\xfd\x38\x82\xbb\x6a\x5e\xc0\xa5\x5d\xf6\x44\xc7\x37\x8f\xef\xb1\x9b\xff\x1e\x9a\xf3\x07\xff\xe4\xf1\x9e\x80\xa3\x95\x8e\xb2\x37\x4a\x16\xd6\x23\x19\x3c\xf6\x34\xd0\x7c\x75\xd5\x81\xcc\xe6\x03\x44\x10\xea\x7e\xca\xed\x28\x62\x76\xba\xb6\xa3\x01\xf9\x46\xba\xeb\xfb\x8f\xde\x60\x8f\x6c\xb3\xd8\xb2\xf2\x6f\x8e\x7c\x12\x24\xf6\x9b\x13\x5c\x9a\xc1\x8b\x15\x7c\x4a\x5f\x3c\xb1\x47\x86\xf8\x1f\x9f\xec\xba\x52\x26\x56\x9b\xde\x8b\xfd\x5c\x13\x2c\x0e\xbd\x3d\x56\x30\x76\x59\xce\xe7\x46\xfe\xfe\x8b\x2f\x4c\x01\xf9\x70\x7a\xc3\xb4\x94\xd1\x3e\xaf\x0a\x6b\x7c\x79\x1e\xf4\x69\x48\xa0\xd9\x92\xb6\xca\xda\x0d\xd9\xfe\xeb\xe9\xac\xf2\xf6\x8c\xe9\xc9\x4d\xdf\x55\xaa\x0e\x48\x25\x5e\x01\x53\x5d\xb5\xc1\x16\xff\x13\x57\xb5\xcc\xc3\x9c\xaf\x60\xbe\x43\xae\x95\xd5\x48\x98\x98\x88\x44\x3c\xa8\xde\x9c\x52\xfe\xf8\x11\xd2\xa5\x58\xb1\xc2\x97\xf9\x5a\x8b\x85\x39\x3d\x15\x7f\x05\x8c\x5b\x66\xf6\xd6\x60\x0e\xff\xfe\xff\x58\x86\xad\x1b\xd5\x13\x8e\x84\x58\x3b\x48\x52\x44\x11\xbe\x80\x53\x87\x34\xec\x7f\xd6\x3b\x23\x3d\xd2\xcd\x2c\x8a\x7d\x23\xef\x83\xd7\x28\x57\x30\xa6\x30\xdc\x0d\x90\x73\xee\x07\x32\xb0\x7f\x5c\xe6\x6f\x42\x56\xfe\xa7\xd2\xca\xb7\x01\x92\x15\x4f\xb0\x08\xd7\x3f\x8e\x5a\xe8\xd2\xaf\x78\xee\x7f\xd6\xfa\x51\x00\x9e\xb1\x1e\x26\x6f\xb3\x75\xe5\xb7\xb3\xb4\x4e\xfe\x48\xc5\x21\x12\x95\x80\xf8\x7f\xb1\xc9\xaf\x67\xb4\x40\x01\x07\x43\x8f\x95\x3f\xf3\xee\xd8\x11\xbf\x34\xf2\x0f\x7e\xc7\x97\x94\xc3\x92\x93\xfd\x8a\xf3\xd6\x68\xfa\x1d\x69\x77\xa5\x0f\x66\xf3\xb5\xdb\x1d\x2a\xfe\x5f\x1c\x6c\x2e\x87\xd9\x77\xfe\xda\xc8\xd6\x55\xb9\xf7\x1b\x0a\xe1\x6d\xb5\x6f\xc0\x54\xd5\x05\xa1\x8d\xec\x74\x7f\x79\x14\xf9\xde\x5d\x94\xde\x2f\xad\x99\xa1\xc8\x76\xc9\x76\xa9\x9e\x8c\xa7\xd0\x0d\x01\x27\x94\xdb\x2e\xfe\x27\xee\x64\xc7\xdc\x41\xe5\x53\xab\x44\x88\xb2\x1c\x7a\xb2\x64\xb8\xfa\x76\x01\x57\x90\x6d\xa1\x72\xb6\x03\xfd\x5b\xcb\xc4\x8a\x2f\xc6\xbe\xbb\x48\xe5\x69\x2a\x0e\x88\xb5\xa0\x01\x93\x03\x74\x21\xb3\x1f\xd1\xfb\x1f\x1c\x40\x79\x12\x06\xa9\x7c\xd5\x98\xb6\x39\xef\xb5\x7a\xfe\xda\xf7\x03\xf9\xbb\xcc\x33\xec\x3f\xbc\x09\x9f\x49\x4a\x7b\xcf\x14\x39\x11\x37\x5d\x1a\x0c\x1b\xa9\xfa\x38\x86\x4d\x9d\x62\x1e\xb9\x76\x41\xfe\x3c\x4c\xb7\x0d\x7f\x71\x96\xe7\xe6\x5d\x76\xa2\x68\xb1\x60\x23\xfa\x73\x84\x33\x2d\x7f\x4a\x98\x61\x76\xd9\xd5\xe9\x24\x70\xfe\xd3\xfb\x8e\x46\x14\xfe\xa8\x58\xa0\x32\xef\x0f\x82\xa1\x86\xf7\xb1\x9a\x7b\x9f\x2c\xc1\x0c\x45\x31\x0c\x57\xc7\x10\xdc\xbf\xdc\x54\x46\x97\x3e\x54\xe4\xd3\x20\xb3\xc9\x33\x2d\xff\xfe\x6d\x6d\xb3\xd4\xc4\x47\x9b\x07\x46\x8e\xb8\x2b\x5a\xa8\x43\x14\x3c\x66\xfc\xc1\x8e\x0d\xa2\xf0\xbb\xca\xd5\xac\x1c\xab\x9c\xeb\x83\xb6\x83\x4d\x14\x4e\x61\xa2\x65\xa8\x78\xdb\x3f\xcc\xa7\x73\xd5\x79\x31\x76\x9d\xcd\xf4\x65\x9c\xbe\x25\x97\xf6\x3b\xdc\xbb\xee\xf2\x51\x53\x61\x21\xb9\xc6\xfb\xee\x34\x38\x61\x08\xc4\x75\x54\xdc\xa9\x2c\x20\xaf\xff\x83\xc5\x39\xc9\x1e\x46\x1c\x91\xd4\xc3\x7a\xc0\x03\x83\xc5\xe6\xdb\xaa\xa9\xad\x7e\xd8\xcf\x4d\x55\x8a\xfb\x35\x88\x6c\xf9\xf4\x45\x79\x60\x4b\xc1\x0f\xa9\xd1\xf1\x6b\x98\x3a\xde\x1f\x1d\x18\x35\x3a\xc3\xf7\x9d\x5b\x9e\xf2\x29\xe9\xc6\xd9\x06\xa6\xd4\x21\xc8\x85\x48\xd7\x23\x1d\xbc\x8a\xa9\x1a\xdf\x94\x75\x76\xb7\xee\x15\x75\xd8\x17\xc0\x6e\x26\xfc\xe1\xfd\xe3\xe4\x22\xff\x94\xa2\x26\x1b\xe7\x00\xda\x9c\x0f\xd3\x90\xd5\x3e\x6d\xc1\x75\xae\xc7\xa6\x43\x25\xd8\xfc\x85\xe2\x60\xe4\x79\x6f\x73\xd4\x29\x0e\x86\xd9\xe6\xb8\x8e\xce\x4e\x3d\x76\x33\xc1\xf0\xfc\x27\x07\x97\xa0\x62\x1c\xff\xd5\xa6\x03\x9c\x6a\xba\xfa\xae\xd9\xba\xcb\x6c\x53\x98\x3a\x2e\xd3\xc7\x07\x3b\xb5\x74\x11\x31\xf2\xeb\x61\x93\x52\xe6\x69\xb6\xb9\x98\x7d\xd0\xb6\x36\x76\xae\x8a\x8a\x9a\xb8\xff\xcf\xef\x81\x79\xf9\xa5\x8d\x80\x36\xef\xd7\x44\x9b\x0e\xf4\x56\xe1\xf3\x9b\xb3\xce\x1f\x91\x84\x6b\x20\xeb\x35\xf3\x30\x1c\x52\xfb\x30\xda\x4a\x45\xa7\xe2\xd9\x45\xb5\x78\xdb\xdd\x38\xa8\xb6\xe1\x3a\xec\xf8\xa3\x6b\xb9\x47\x68\x29\x84\xc1\x2b\x94\x9b\x8a\xda\x0e\x07\x38\x14\x13\x54\xbc\xf7\x5c\xfe\xb8\x43\xa2\x2c\x42\x22\xb7\xc4\xb2\xae\xf3\x7e\xe0\x58\xa5\x1c\x75\x4a\xc4\xee\x3c\xee\x19\xd9\x7e\x03\xee\x9f\xce\x67\x1b\xc5\x75\xc5\xbd\xfc\x1e\xb0\x26\xee\x6f\x4c\xcb\x3b\xf7\x9f\xbd\x7c\x8a\x71\x49\xb8\x0e\x42\x34\x5b\x4b\x79\x9d\x66\x30\x4b\x9b\x07\x37\x08\x55\x3f\xff\x30\x6d\x85\xbf\xfa\xc2\x26\xe0\x8b\x7d\x4d\xe9\x7f\x7b\x97\x34\x65\xe3\x45\x7a\x5a\xf8\x6b\x35\xae\xb5\x0d\x02\xfb\xc2\x38\x62\x14\x60\x95\xe4\xba\x9c\x76\xaf\x8c\x91\xcb\xec\x62\x2d\xa1\x02\xc3\x61\x3c\x58\x1e\xd5\xc1\xf4\xf4\xa5\xa0\xd1\xbb\xe5\x53\xbe\x1d\xc5\xe1\x7f\x38\x42\x39\xf6\x2b\x62\xb6\xeb\xb5\xb6\xe8\x46\xf8\x91\x5a\x91\xaa\x8d\xc4\xd9\xad\xf9\x5b\x27\x36\x2f\x25\xcf\x18\x04\x19\x5c\x7e\x92\x8a\x73\xbc\xc2\x6f\x0a\xb9\x07\xd2\x69\xe9\x3b\x18\x1e\xa3\x34\x03\x64\x0d\xca\x53\xbd\x4d\xab\xae\x61\xdb\xff\xc5\xba\x6b\xfd\xa2\xb4\x64\x7d\x1a\x86\xcf\x70\xd0\x4e\xf3\x3c\x0d\xb4\x4f\x80\x99\xfa\x95\xcc\xd7\x2c\x35\xb8\xe9\x07\x77\xa6\x2f\x79\x36\x9e\xcb\x3d\xb9\x80\x43\x00\xcf\x81\x79\x5d\xa5\xb3\x1e\x53\xfc\xe0\xb4\x8c\x76\xab\x39\x43\xe9\x79\xe7\x96\x02\x6c\x1e\x45\xd8\x75\x81\xd3\x25\x88\x21\xd6\x73\xda\xdb\x2a\x96\xc8\xed\x08\x47\xdc\x5d\x7d\xa8\xba\x2d\x54\x1f\x67\x99\x21\x4f\x89\x9a\x4f\x72\x3b\xad\x98\x2a\x94\xe0\xd0\x9d\xa4\x18\xdc\x66\x5f\xf9\x87\x4d\x7f\xfb\x04\x3a\x1a\x20\x15\xfa\xb5\xd0\xc0\x4b\x44\x19\xfd\x77\xce\x58\x4d\x75\x35\x57\xd7\x6c\x4a\x31\x1b\xb4\xd1\x09\x92\x8f\x41\xaa\xc1\xcb\x02\xd7\x1c\x99\xf2\x70\xaa\xde\xd9\xdf\x7b\xd6\xf3\x04\x31\xe5\x1e\x6a\xe9\x36\x30\xcf\x9d\xf0\x6c\x5e\x53\x89\x34\xd5\xfd\xce\xf5\xc3\x40\xdf\x3c\x77\x66\xc1\x2a\x67\x29\xba\x99\x21\x4d\x55\x4b\x50\x25\xcf\x6d\x2d\xc6\xe8\x8f\x4e\x6d\x91\x57\xff\x8c\xa8\xea\x50\x16\x01\x81\x28\x10\xf0\x92\x26\xfb\x27\x52\xaa\xaa\x05\x7d\xbf\x70\x48\xf8\xca\x42\xdb\x2f\x50\x35\xbd\x5d\x57\x38\x0e\xf4\x4e\x86\x97\xd8\xb4\xd2\xe8\x59\xe8\xad\x21\x8c\x1e\x7c\xde\x95\xcd\x91\xb4\xc5\x9e\x77\xcb\xbf\x24\x26\x5c\xab\xc7\xbe\xcf\xdf\x7b\xe3\x0c\xcb\x7c\xda\x40\x69\x7b\xaa\x77\x5a\xe2\xe9\xa0\xa8\x49\xda\x79\xc2\x5f\x00\x42\x32\xc2\x55\x13\xd8\xf2\xad\x9b\x71\x16\xac\xec\xbf\xd9\xde\x8a\xcc\xec\xb2\x92\x00\x49\x92\xb3\x77\xaf\xe4\x15\xcb\x0b\x5b\x2d\x6c\x2a\xf7\x18\xc6\x21\x5b\xb0\x9e\x63\xb5\xcf\x9f\x44\x1a\xc3\x29\xb2\xab\xd4\x48\x91\xf6\xa6\x91\xbf\x38\xaa\xe1\xb6\xae\x25\x26\x7b\x59\x30\x79\x08\x04\x27\x2f\xe5\xa7\x26\x6b\x9e\xe0\x14\xa9\xcb\x8e\xe1\x63\x48\x1c\xa7\xde\xf8\xd8\x69\x3a\x5c\x7d\x2e\x59\xd3\xa6\x75\x97\xaf\x72\x71\x50\xac\xf8\x33\x28\x93\xb4\xe5\xab\x45\x8b\xe2\x5e\x2b\x1e\x6b\x91\x76\x60\xc4\xf5\x46\x6b\xab\x29\x73\xd3\x89\xcc\x1c\x5a\xf4\xda\x49\xa5\x1f\x8f\xb4\x1c\xa1\x07\x89\x9b\xf4\xb8\x63\xe3\x48\xf8\x1f\x54\x77\x2f\xcb\x7b\x64\x8b\xca\xaa\x77\x71\xef\x69\xa6\x85\x24\x2a\x77\x2b\x0a\x34\xfb\x73\x8d\x8e\x79\xfa\x7f\x75\x05\xa3\xc8\x89\xa4\x33\xb1\xa9\xee\x39\x26\xce\xb4\x6c\x30\xaf\x7f\x5e\x9f\x12\x07\x2d\x1c\x2d\x90\x3b\xf7\x0a\x87\xe3\x3d\x1c\x4d\x45\x70\x7f\xee\x4d\x18\xed\x5a\x53\xb6\x95\xb4\x16\x2d\x4f\x39\xde\xf6\x21\x4a\xa6\xc8\xc6\x32\x8e\xc4\x1c\x94\x4a\xce\xf5\xe1\x54\x64\xca\x12\x9a\x9c\x3a\x8d\xbf\xcb\x71\x4e\xbc\xcd\xcd\x40\xcf\xe6\x68\xc8\xb6\xbb\x9a\xfc\x59\x4f\x73\x6b\x3e\x92\x83\x8c\xd0\x93\x84\xf9\xed\x94\x55\x03\x7c\xe9\x8c\x90\xd0\x33\xae\xc2\xf5\x10\x37\x2e\x56\x4d\xe1\x57\x84\x94\xec\xae\x8b\x59\xed\xbb\x93\xd6\x18\x3c\xe6\x66\x7f\x72\x41\x8b\xdf\xf5\x69\x43\x6e\x73\x97\x46\xe9\xf9\xef\x70\xff\x9d\xac\x53\x61\x6b\x23\x4c\x47\xeb\x04\x52\x62\x20\x69\x8f\x75\x47\x14\xc2\xf4\x35\xc1\x60\x97\xf0\xe7\xbc\x2c\xf6\xd2\x39\x04\x32\xf7\xad\xef\x18\xe5\x97\x6c\x24\xb3\xf8\x19\x42\x3d\x45\xca\x20\xe5\xed\xac\x57\x8d\xc6\xfc\x24\x50\x07\x77\x8f\x97\xab\x6f\x98\x6d\x61\xa1\xef\x25\xa9\xb5\x67\xc3\xb6\xa5\x22\x83\xfa\xdf\xba\x4a\x46\xe0\xcf\x6c\xfe\xb8\x19\x5f\x69\x0e\x15\x74\x9e\xa9\xac\x04\x7e\x94\xb3\x69\x7b\xa7\xd6\x20\xf2\x05\x46\x67\xbb\x0a\x31\x1a\xe1\xcf\xf9\x58\xb4\xd2\xd9\xbb\xb9\x9e\x98\x4e\xa7\x9d\x79\x54\x64\x6c\x8c\x5f\xb7\x24\x0b\xa8\xd3\xfc\x27\x5e\xe2\x5a\x2a\x91\x49\x80\x46\x85\xc6\x23\xc4\x61\xe0\x53\xe0\x89\xfe\x2f\x86\xc0\x70\xcc\xa9\xf1\x82\xf7\xc9\x1d\x22\xf6\x3b\x7c\x84\xd4\x66\x63\x45\x3c\x3c\x65\xb4\xb7\x3d\x02\x8c\x90\x03\x3d\x88\x1c\x99\x21\x69\x09\x35\xb5\x22\xac\x27\x72\x9e\x23\xdc\x86\x6e\x05\x26\x3c\x66\xe1\x52\x4e\x09\xbb\x24\x67\xbc\x24\x52\x39\x2a\x69\x66\x4c\x02\xcf\x16\x78\x66\x0b\x21\xc7\xd6\x9c\xbf\xbe\x09\xa3\x70\x58\x67\x2a\xb1\xe0\xf9\xd6\xa4\xf0\xe1\x77\x58\x4d\x77\x0d\x3d\xfa\x20\x21\x20\x7e\xe8\xda\x63\x64\xac\xa1\x04\x69\x39\x81\xca\xb9\xd5\xfe\x93\x6d\xa6\x2b\x7d\x61\x64\xbd\x01\xfb\x05\xf0\x25\x8b\x70\xc5\x41\x25\xe6\x42\xcc\x4f\x9a\xea\x52\xa6\xcd\x9b\xd2\xff\xb2\xf7\xd8\xe1\x64\x76\xc7\x30\x0b\xc3\xe3\xc5\xdf\xa3\xa4\x34\x3a\xd1\xb9\xfd\xd7\x70\xc3\x8e\xcc\xd3\xdc\x14\x50\x84\xde\xe9\x78\xa5\xd1\x99\x29\x5f\xdb\x02\xd6\xf2\x1a\x39\x48\x3e\xed\x78\x05\xe2\xe7\xb6\x3d\x60\x06\xc6\x2c\xb7\x53\xd8\xdc\x32\xf8\x90\xd3\xb1\xfa\x5c\xd4\xe7\xae\x43\x80\xee\x24\x23\x4b\x76\xe1\xee\xc0\xb7\x25\x55\x96\x9d\x66\x5a\x72\x3a\xdb\x60\x15\x16\x7e\x4e\xff\x25\x50\xe6\x61\x4c\x4b\xb8\xd8\xbf\x1b\x29\x0b\xb7\x64\xbb\x33\x94\x4e\xe9\xcb\xa5\x7e\xb3\x65\x7b\xc8\xb5\x90\x35\xa2\x90\x9d\xc0\x66\xfe\xa5\x18\xdb\x73\x4b\x3a\xc3\x9c\x1b\x8c\xab\x85\xfb\x68\xd9\x47\x98\x68\x31\x7a\x79\xd3\x4e\x10\xd6\x31\xd8\xd6\xc8\xe2\xa1\xe4\x93\xa7\x09\xbc\x83\xe5\x00\x45\xee\x50\xce\x63\x2d\xd3\x80\xb6\xb2\xde\x28\x9b\xd4\x12\xbe\x25\xb9\xb1\x67\x81\x58\xf8\xd1\x21\x1c\x84\xfa\x56\x8b\x78\x31\x3b\xe8\x73\xc8\xcd\x70\xb6\x09\x79\x49\x8f\x47\xaa\xba\x38\x5c\x08\x4e\xcc\x87\x27\xd9\x02\xb6\xe7\xe5\xe3\x71\x01\xdf\x17\x24\xe4\xcd\x56\x07\x93\xe1\xe0\xce\x55\xa3\x15\x89\x0a\xbe\x2d\x42\x80\xca\xaa\x1e\xd4\xb1\x68\x39\xf3\x73\x3a\xc9\x21\x59\x86\x72\x16\x68\x72\x0c\xd3\xe5\x35\xd5\xd6\x52\x77\xe4\x4c\x1f\xcc\xef\x30\x9c\xb1\xfe\x57\xae\x2a\x76\x30\x3d\x45\xed\x75\xdd\x4e\x07\x93\x3f\xf6\xe7\xcd\x17\xcc\xac\x3b\xcb\x2c\xe8\x8c\x9c\xab\xf7\xaa\x72\xf2\x2b\x0b\x28\x64\x5f\x2f\xab\x46\xea\xba\xc2\xc0\x1e\x16\x53\x3f\x8b\xb2\x02\x9b\x5c\xda\x01\x34\x61\x7d\x8e\x0c\x31\x57\xb5\x06\x53\x7b\xef\x7c\x5b\xdf\x87\xf5\x10\x4f\xe0\xf1\x95\xf8\xd7\x9c\xd1\xff\x9b\x53\x1c\x8c\xb4\x71\x5a\x85\x1a\x7a\x63\x40\x3b\x08\x2f\xa2\x1d\x1f\x47\xa2\x6a\xc9\x5a\xc6\x41\x88\xae\x69\xa5\x86\x81\x1a\xa4\x81\x7e\xc8\x74\xd5\x1f\x87\x15\x81\x10\x0d\x12\x1c\xb4\x44\xcb\xb7\x80\x3a\x1a\x98\x0d\x56\xd1\x5c\x98\xf8\xf8\xd9\x12\x6a\xae\xaf\x57\x0b\xae\x19\x05\xa1\xda\x97\xc0\xad\x3d\xe7\xa9\x57\x12\x41\x8d\x7d\x61\x7f\xb7\xfa\x36\x8e\xdd\x71\x95\xde\x81\xea\x68\x50\x1e\xf7\xe3\xfb\x3c\x29\x9b\xd3\x49\xd5\x1f\x2a\x6e\xf0\xcf\x7a\xa0\x66\xe0\xa3\x5d\xe7\x28\x4e\x47\xc4\xd2\xf5\x12\xb8\xe0\x32\x5b\x98\x6d\x70\xb4\x72\x8a\xb8\xe5\xc8\x76\x95\x72\xa4\x1e\xc3\x59\xe3\xd5\x52\x6c\x32\x43\xf8\xaa\x34\xc2\x51\x6a\xbf\xd1\xea\xa4\x29\x16\x16\xdb\x21\xce\x94\x48\xea\x36\xbb\x9a\x51\x97\xf9\x8a\x83\x35\x75\xd1\xfd\xcd\xad\x32\x8e\x7e\x43\x51\x87\x3e\x8a\x3a\xca\x69\x39\xf6\x47\x40\x41\x52\x02\xed\x0f\x98\xe1\x3b\x35\x1d\xdb\x8a\x6c\x38\xa1\x12\x6e\x90\xf4\x87\x1a\x0e\x35\x9a\xe7\xf5\x73\xa0\xe6\x1b\xe1\xcc\x25\xde\xd5\x14\x47\xe7\xbd\x70\xb3\xcb\xb2\x82\x90\xf1\x4e\x99\x7f\xdb\xa8\xcc\x27\x0e\x1e\x63\x85\xf3\x1a\x9f\xdb\x7b\x8e\xf8\x77\xa6\x19\xc6\xc5\xf8\x8d\xe0\xd9\xd7\x57\xed\xd4\x52\x85\xc9\x4b\xb7\x18\x3a\x43\xc3\x69\x25\xee\xca\x5f\x3c\x5b\x42\x75\x31\xad\xa5\xbf\x7b\xe1\x1c\xa0\x82\x80\x94\x9c\xc7\xe2\x35\xe6\x74\x88\x40\x2b\x7c\x9c\x28\x5a\x16\x18\xd7\x84\xee\x54\x0f\x26\x4b\x81\xe6\xe7\x0d\x96\x29\x91\x37\x8e\xe1\xaf\x88\x71\x3c\x06\xfc\x53\xaf\xc8\x30\x9c\x76\x8d\x2a\xa3\x3d\x5e\x63\x5c\x8f\x77\xb4\xfd\x28\xf8\x6b\xe9\x6b\x06\x5e\xb6\xc7\x59\x01\x62\x16\x81\xe5\xb8\x83\x0f\xca\xcb\xce\x2a\x12\x03\x64\x52\xd1\xab\x11\x00\x3c\x67\x08\x60\x83\xe6\xb1\x9b\xdf\x60\xe1\x54\x02\x2e\x8a\x34\xc3\xae\x97\x0a\x0c\x2e\x71\x96\x85\xa9\xdb\x1f\x03\x2f\x24\x7a\xd2\x88\xa9\x9a\x32\xf8\x26\xdc\x95\x45\x93\x56\xb5\xde\x1a\x1a\xff\x1f\x57\x6f\xb1\x2c\xbb\xb2\x73\x8d\x3e\x90\x1b\x66\x6a\x9a\x99\xd9\x3d\x97\x99\x19\x9f\xfe\xc6\x5a\x7b\x7f\xe7\x9c\xff\xc6\xec\xcd\x08\x57\x65\x65\x4a\x1a\x63\x28\x65\x89\x70\x1d\xad\xac\xb4\xee\xf6\x39\xe3\x8d\x5a\x03\x34\xaf\x89\x22\xa7\xe2\xfb\x89\x87\xfa\x30\x0a\x6d\xff\x98\x54\x1c\x91\x02\x3f\x95\x1d\x5a\x87\x60\x1d\x83\xd2\xa4\x07\x5e\x1d\x8c\xe5\x30\x17\xc1\x29\x14\x8e\xfa\xef\x79\xd5\x4c\xbd\xaf\x61\xad\x72\xf7\xc4\x19\xca\xe7\x66\x42\x07\x50\xc4\x12\xac\xbd\x98\x99\xa9\xd2\x67\x25\x1c\x4b\xaf\xbb\x7c\x52\xe2\xdf\x1f\xe7\x56\x64\x09\x1f\xe8\x49\xdf\x00\x19\xbe\x95\x49\xfd\xe1\x17\x32\x83\xcb\xbf\x61\x3d\x86\xd3\xab\xea\x94\x7d\x27\x0d\x8a\x38\x1a\x27\xa4\xdc\xd2\x0c\x22\x73\xec\xe5\x3f\xe5\x23\x0c\xc3\x8b\x40\x3c\x68\xc1\x1b\xb9\x82\xcc\xab\xbc\xd7\x64\xb6\x0b\x3a\xc8\x0d\x7c\xd7\xa6\x43\x43\xff\x4d\xfc\x0c\x1c\xa2\xa9\x4f\x45\x1d\xb0\x75\x24\x5e\x33\x99\x0f\xaa\xa0\xb8\xdc\x5c\xf0\x5b\xc1\xf5\x79\x52\x4f\x52\x94\x85\xde\x1a\x7a\xb3\xb3\x60\x4d\x30\xd5\x2b\x87\xf0\x49\x83\x96\xff\x17\x80\x18\x46\xf0\xd8\x46\x68\x46\xcf\x8c\x5b\xca\x69\x53\x5f\xfa\x39\x13\x11\x9f\x65\xa5\xfe\xa2\x2a\x9d\x4c\x76\xe9\x8d\x61\xea\x51\x40\xbc\x4f\x93\x0c\x0d\xdb\x2d\xa7\x00\x3e\x0b\xc2\x99\x52\xca\xc1\x35\xfc\xe9\x53\xfc\x7d\x08\xbe\xe9\x10\xed\x89\x58\x46\xf6\xd8\xea\xbf\x18\xa9\x30\xd8\x1f\x3e\x90\xde\xd1\x63\x21\xa5\xfe\x70\xc6\x15\x7f\x3e\x6f\x9f\xa6\xd9\x92\x13\x3d\x71\x6d\x8a\x87\x22\x4e\x12\x3a\x44\x5c\x21\x7e\x95\xe4\x39\xd1\x44\x2a\xcd\xb8\xcc\x39\x63\xaf\x3e\xcd\xa0\xbf\xbc\xc5\xfb\x5c\xaa\xe7\x53\x51\xd5\x72\xfd\x3f\xee\xcc\xb7\x86\x7a\x99\xa6\x12\x55\x63\x39\x9a\x69\x38\x76\x77\xca\x67\x55\xc4\xce\xc8\x78\xbf\x6e\x41\x75\x3d\x11\x02\xdb\xab\x41\x52\x0f\x43\x12\x34\x56\x1f\x5d\xfd\x7e\xa8\x51\x83\x3d\x57\xef\xe5\xf8\x7b\x70\xa6\xd7\x52\x69\x38\x0a\xcd\x30\x20\xe2\x4b\x1d\x46\xdf\x6a\x8b\x39\x14\xe5\xd2\xff\x63\xcb\x8c\x35\xae\xaa\x91\x36\x76\xdb\x9b\xc9\x2e\x4e\xe6\x2a\x62\xb4\xec\xf2\x15\xaf\x32\x1d\x97\x6d\xa1\x96\x64\x54\xfb\xe3\xd3\x1f\x6d\xa0\x48\x31\x83\x31\xf1\xa0\xf3\xed\x7e\xf6\x09\x2c\x45\xdd\xf2\x10\xba\xda\x31\x01\x84\xef\x18\xb8\x65\x7b\xfb\xdd\x26\x3a\x2b\x0b\xf4\x05\x37\x4e\x6c\x77\x2a\x7f\xcc\xe8\x7f\x7c\x95\x77\x71\xb3\x39\x38\x41\x27\xa4\xb5\x1e\x8b\x4a\x73\x55\x73\xf8\x7d\x03\xb1\x84\xd6\x0a\x45\xe7\x20\x78\xd9\xe0\x10\xb2\x3b\x91\x02\xdd\xf5\xf4\x0e\x3a\x1a\x6d\x85\x24\xb4\x3d\xb2\x44\x9b\xef\xa8\xf5\x83\xa7\xfe\xa2\x49\x92\x82\x4b\x81\x70\xa8\x90\x6f\xcf\x09\xff\xd7\xbe\x4c\xa1\xd6\x53\x3d\xda\xd8\x44\xc5\xbd\xc0\x2c\x37\x38\xd7\xdb\xca\xd2\xed\xfe\x10\x7e\xc9\x07\xc3\xbd\x5e\x9f\xdc\x5a\xa0\x32\x5d\x4e\x01\x62\xfe\x06\xba\x9a\x40\xc8\x8e\x7e\xbe\x54\x9e\xb0\x50\x96\x5f\xbf\x5f\x83\xb5\x40\x16\x49\xe5\xd0\x12\x3a\x2b\x80\x3f\x7f\x80\x1d\xc3\xff\xa3\x31\x58\xc6\xe4\xb2\x2e\xf0\xfe\xc4\x3f\x72\x59\x6d\xe0\x25\x54\xef\x43\xb2\x27\xdb\xc2\x6c\x08\x85\xf9\x08\xdb\x4f\x97\x66\x78\x82\xad\xde\xca\xd3\x77\x43\x9b\x90\xee\xa8\xaa\xfb\x55\x05\x36\x9f\x74\x23\x19\x69\x6f\xf4\xcb\x4d\x70\x41\x92\xe2\x57\xa8\x2c\x88\x66\x75\xcc\x7e\x2a\xb3\x02\xd5\xe4\x7f\xb9\x3e\xc7\x8c\xe7\x8d\x84\x29\x6d\x79\xac\x5a\x2c\x19\xed\xaf\x28\xfb\x92\xa6\x61\x0e\x46\x7a\x2c\xe3\x4c\x00\x0f\x50\xa1\x26\x8a\x16\x0d\x6d\x5f\x34\x58\x5d\x08\xf2\x47\x37\x35\xaa\xb9\x71\x61\xa2\xbe\x03\xc4\xe5\x51\x72\xdd\x8a\x23\x63\x39\x54\xa3\xff\xcf\x67\xab\x42\xe5\xf5\x41\xd6\x85\xeb\x10\x08\xc7\xfb\xd8\xdd\x30\x7b\x25\x92\x9c\x21\x85\x22\x53\x66\x3f\x80\xfd\xe4\xcd\x13\x93\xc8\xaa\x90\xfb\x5f\x3f\xcc\xf5\x2e\x4f\x68\x55\x2b\x18\x56\x33\x76\x2a\x6c\x87\xf3\xb7\xb0\x6c\x2d\x78\xa9\x82\xb9\xce\xb2\xb0\x77\x9e\xfd\xc7\x0d\x45\xf3\xf4\x6b\x4c\x53\x08\x27\xee\x5b\xf7\x08\x57\x0f\x6a\x76\xb8\x37\x75\x65\x47\x80\xca\x52\xb7\x92\x3c\x56\xa2\x6c\x81\x4d\x95\x12\x41\xe1\xe9\x22\xfd\x20\x8e\x79\xd8\xd1\x6c\xfa\x1a\x2f\x31\x06\xaa\xaf\xff\xe2\x5c\x2b\x8c\x4b\x68\x75\x30\xa1\x21\xb1\x7f\xb9\x84\x1c\xaa\x99\xe1\xb1\x2a\x34\xfe\x0e\x84\x16\x03\x41\x71\x6b\xc3\xec\x26\x7f\x0b\xb5\xa5\x90\x66\xe1\x27\x37\xc6\x72\x18\x60\x4e\x33\xb5\xea\x0f\x78\x99\xd4\x9c\xca\x22\xff\xc5\x6c\x86\xe9\x3d\x51\xec\xfb\x64\x6e\x37\xb5\xcd\x62\x6b\x2f\xf8\xb5\x70\x56\x01\xc3\x29\x73\x37\x1b\xa7\x68\xeb\x50\xed\x8f\x14\x48\x5f\x96\x79\x27\xf5\xcb\x6d\x4e\x36\xed\x3b\x77\x99\xff\x73\x24\x96\x89\x85\xd6\x5d\x58\xe9\x43\x72\x57\x39\xf2\x14\x8d\xba\x66\x3a\xa2\x88\xf6\xd7\xc2\x49\xe4\x01\xe8\x6c\x87\x98\x42\x6d\x71\xd8\xcf\xab\x7b\xad\x31\xd8\xcd\x0d\xdd\xd8\xe3\xff\x87\x77\x2b\xbc\xf6\x21\x89\x4b\xc8\xd1\xc8\xa6\xe1\xf8\x71\x5e\x54\x62\x84\xea\xad\xbe\x93\x7d\x01\x0f\x7a\xb8\xd2\x0f\x67\x25\xbf\x09\x19\xd2\x48\xdf\x9a\x54\x69\x29\x02\x43\x38\xd3\x7f\x75\xd6\xa3\x14\x82\x17\xae\x37\x92\x3d\xf3\xd2\xcc\x20\x40\xb1\x8d\xa9\x8e\x86\x6e\xec\xb5\x6b\x8b\x8e\xb6\x84\x84\x1c\xce\xd9\xa2\x48\xd4\x25\xde\x02\x53\x28\xee\xff\xe8\x9a\xda\x9e\xf3\x8e\x87\x24\xc7\xd2\xff\xec\x9f\xb9\x0a\x49\x85\xfd\xe1\xdb\x35\x4c\x56\x20\x4a\x64\x4b\x0b\x8f\x06\xa0\xf8\x36\x7e\x99\xde\x20\x2a\x49\xd0\x67\xf7\xc7\xe0\xc5\xfa\x41\x0d\xe9\x09\xf5\xbd\xff\x87\x03\xea\x6f\x25\x7f\x1d\x9b\x98\xed\x51\xa8\xc2\x94\xed\x79\x5a\xd9\x6c\xb6\x2d\x31\xc5\xc1\x88\xf2\x28\xc4\xbe\x71\x73\xda\xe4\x5a\xca\x12\x7b\x41\x9d\x18\x2c\xa9\xb7\xa9\xf8\x5f\x63\xfc\x07\x9f\xec\x66\x6e\x77\x35\x73\xda\xfe\x93\xea\xe7\x1d\x9d\xe7\x11\x98\x83\x87\x50\x68\x3d\xf3\xa3\x37\x56\x83\xbd\x9c\x45\x4c\x3e\x25\x4d\xd3\xf6\x11\xe6\x74\x6b\x5a\x96\x56\xfc\x7f\xdf\x51\xfa\x3b\x1d\x59\x84\xda\xc8\x79\x78\xc9\x82\xa3\x86\x91\xf3\x74\x32\x97\xb3\xd9\xd4\xf5\x89\x38\x64\x25\x5b\xac\xee\xbd\xf4\x79\xfb\xf7\xd5\xe6\x4b\x7d\xf3\x87\x91\x3d\x33\x57\xbb\xff\x10\x69\x96\x51\x4e\x7f\xc0\x57\x0e\x6b\x78\x3f\xfd\xf9\x89\xd1\x95\x8d\xd2\x9f\x37\x4d\x10\x6c\xa0\x0d\xf2\x2f\x8e\xdd\xf5\x08\xd7\xc9\x81\xbd\xe1\x95\x32\x78\xe7\x5e\xdd\x12\xb8\xec\xde\xf3\xe6\xff\x3e\x45\x65\x7c\x7d\x9f\xb2\x9d\xc6\x9d\xf2\x08\x57\x51\x95\x2c\x4e\xb2\x5d\xe2\x0c\x1f\x4b\x50\xfc\x22\xed\x03\x48\xa8\xa5\xa9\x58\x7d\x75\x4c\x01\x5b\x11\x78\xe2\xee\xfe\x7d\x77\xef\x8f\x2f\xad\x01\xe3\xb9\x96\xaa\x04\xfd\xfb\x60\x04\x32\x31\x43\xbf\xc3\x23\x1c\xad\xb0\xb7\x06\xce\x2c\xd4\xd2\x50\x7b\x9e\x32\xb7\x8d\x6c\xaf\xcb\xe2\xf8\x9b\x9d\x24\xce\x7f\x21\x71\xf7\x9b\x57\x0b\x17\x69\x92\x1c\x7e\xbe\xd2\x8e\xcb\x64\x2e\x0b\xdd\x15\x35\xbf\x9c\x49\xda\x3a\x78\xa4\x19\xd2\x1a\x87\x7d\xfb\x1b\x21\xbe\x77\x60\x73\xb6\x50\xd2\xff\xda\x07\xe7\x68\xcc\xc7\xe3\x1c\x1b\x6b\xec\xf0\x9e\xf9\xb3\x9b\xad\x60\xb5\x49\xfa\x39\xf3\x18\x8d\xb8\xc5\xa3\x6b\xe5\x61\xb1\xdf\x5a\xad\xa8\xfc\xfe\x87\x67\x38\x8c\x12\xe2\xfc\xee\xb0\xca\xa4\x38\x61\xe2\x1a\xb3\xca\x29\x7e\x9e\x76\x49\xcb\x8b\x26\x03\x4d\x25\xcd\xe4\x6e\xf8\xff\x7b\x46\x1f\xf0\x32\x7a\x79\xc5\xc0\x16\xf5\x73\x13\x91\x6b\x34\x3e\xed\xb9\xf5\x0a\xef\x55\x1b\x9b\xdb\xef\xf1\x33\xb9\x2d\x43\xe5\xc7\xde\x04\xfe\xe3\xd0\xac\xa6\x2c\xe7\x40\xe9\x9c\x68\x9b\x69\x3a\xfc\xfc\x64\xc3\x6a\x26\xad\x5f\x5f\xbd\xcc\x3b\x7f\x38\x79\x68\xeb\x35\xe7\x18\xad\xb7\x80\xff\xc9\x1d\xe8\x82\xc6\xe1\x22\xe3\xfd\xe4\x5c\xe6\x0f\x51\x71\x0c\x46\x0a\xa2\x21\x68\x7a\x93\xdd\x9d\xa6\x29\xdd\xb7\xf4\x48\x2b\xe8\x79\xe2\x26\xf2\xff\xf8\xad\xaa\xfe\xcc\x6c\x88\x96\x50\x69\xf8\xb5\xe9\xa0\x72\x0b\xb3\xce\x6f\x18\xb6\xc1\x7f\x3f\x31\x0d\xa2\x60\x6c\x98\x31\x07\xa2\x66\x61\xd8\x9e\xfd\xdf\x75\x9e\x82\x59\xd5\xcb\xdd\xe9\xc6\x94\x91\x7c\x2c\x31\x9d\xe0\xba\xa1\x84\x59\x70\x0b\x4c\xe4\xce\x59\x19\x66\xd4\x06\x86\xf5\x1c\xf3\x1f\x6a\xd3\x47\x83\xd8\x30\x89\xe6\x08\x5b\x8f\x9f\x59\xbb\x33\xcd\x60\x6c\x61\x92\x76\xc1\x4f\x50\xaa\x01\xb2\x56\x48\xed\x93\xd2\xa8\x0d\x5a\xf9\xbf\x87\x3c\xbe\x3d\xc2\xd1\x82\x23\x96\x93\x55\xde\xc8\xba\x68\x86\xb5\xe3\x60\x9a\xcd\xfe\x6d\xbc\x96\xf2\xb2\xa8\xec\x8b\xde\x2a\xb5\xc3\x1a\xb5\xfd\x5f\x8c\x50\x19\xc3\xd3\x92\x7e\x0c\xee\x71\xa7\xcf\xbd\x65\xcc\xde\x56\x95\x9e\x02\xd5\x37\x70\x6a\x72\x8c\x5a\xed\x1e\x42\xb6\xe7\xa5\xff\xd1\xd9\x6c\xff\xca\x39\x91\x5a\x6d\x3f\xbc\x77\xef\xf9\xab\x63\x24\xde\x3e\x87\xce\xac\x4b\xc9\x87\x2d\x0c\x54\x26\x18\xb5\x99\xa3\xdc\x29\xf2\xff\x38\xaa\xc3\xfb\xa1\x20\x12\xa6\x96\xea\x62\xa6\xbb\x99\xe8\x28\x0c\xe1\xd8\xde\x1d\xed\xb0\xb6\xb8\xec\xeb\xcd\x84\x87\x09\x82\xc4\xfc\xbf\xcf\xb9\xaa\x17\xf4\x6e\xbd\x30\x82\xb6\xc4\xda\x8f\xcf\x86\x8a\xcf\xb1\xae\xbf\x70\x7b\xf6\xf9\x24\x10\x1c\x63\x3a\x31\xa1\x2c\xca\x6e\x7b\xf2\xb1\xcf\x46\x0d\x10\xa0\x6c\x8b\x8b\xb4\x37\x72\x45\xb2\xeb\xf5\x3f\xfb\xcb\xaa\xc9\xc1\x6f\x81\x63\x34\x50\xd4\x66\xc5\xe9\x0f\xde\x28\xda\xa5\x8a\xd9\xf4\xe5\xf5\x45\x03\x10\xe7\xb6\x7f\xd7\x5e\x1b\xd8\xf1\xea\x69\x38\x92\x68\x42\xf0\x8e\xa6\x85\x43\x93\x74\x9c\xca\xaa\xff\xab\x07\x71\x6e\xe0\x93\x36\x66\xa9\x49\xfd\x24\x25\x73\xef\x85\x54\xf0\x58\xbb\xe0\x67\xb7\x1a\xd8\x82\x99\x17\x3a\x16\x3a\x58\xc3\x3c\xb3\x2d\x4b\xc9\xfd\x0c\xf4\xa5\xca\x25\x64\x26\xf7\x1a\xe2\xb7\x60\xad\x12\x84\x98\x64\xdc\xed\xff\x2d\x90\x73\x8c\xdf\x4a\x9c\x17\x49\x83\x75\xa9\x56\x4b\x86\xa3\x24\xf6\xda\x1f\x55\x41\x09\x6e\x5e\x9d\x59\xe5\x3f\xe6\x15\x98\xba\x16\x95\xa1\x36\x9a\x1e\x96\x66\x18\xa2\xf7\xb2\x36\xc9\x3a\x93\x16\x14\xef\x4e\x07\x3c\x8a\x6a\x5b\xbc\x56\x5b\xce\x61\x97\xe4\x4a\xb0\xc2\xc5\xea\x0e\xa8\xe2\x18\x8f\x77\xdc\xdb\x11\x56\x99\x19\x13\xd0\x9a\x54\xb6\xf9\xcf\xef\x51\x78\x03\x2a\x26\x97\xaa\x4a\x10\xf4\x50\xf7\xfb\x54\xe2\x63\xbb\xfe\x41\x4c\xa9\x8f\x5c\x35\x2f\xe5\x46\x81\xa9\x46\xd4\x54\x5f\x6b\x1c\x64\x85\x43\xef\x7c\x3d\x7f\xf7\x3e\xfd\xd8\xbc\xfc\x18\xe6\xe3\x8d\x9f\xb2\x7a\xd9\xfb\xdc\xa2\x63\xd1\xeb\xd9\xc3\x92\x32\x4f\x70\xa9\x5f\x9d\x4e\x07\xe8\xc0\x0f\x20\x0d\xa6\xdd\x69\xd7\x75\x4f\xf8\x63\x8b\x27\xf2\xe3\x82\xff\x98\x31\xf3\x86\x6e\x16\xf4\xcf\x50\xf6\xd3\x8c\x6b\xe6\x82\x9c\xb2\xd2\x23\xdc\xf1\xcb\x2e\x11\xb5\xf0\x85\x04\xba\xdd\x37\xe7\x2f\xef\xbe\x6b\x9d\x8a\x54\x97\x92\x77\x24\x92\x14\x6b\x1e\x53\x5f\xaa\x01\x31\x45\x26\x98\x9e\xb1\xa7\x86\xd9\xe4\x18\xab\x97\xfe\xd7\x6e\xb9\x3e\x68\xd7\xb0\x1b\x9c\xa0\xde\x9b\xbd\xfc\x8d\xb8\x6e\x1c\x5a\x6e\x14\xf3\xd8\x65\xbf\x4f\x41\x4c\x3f\x18\xb7\x02\x90\xd6\x82\x16\x8c\x99\xae\x96\x7d\x9c\x39\xc5\xc0\x69\xc2\x0e\x89\xfa\x96\xd2\x58\x95\x4c\x8d\xa3\x45\x81\xe3\x3f\x85\xff\xaf\x89\xbe\x7e\xfa\xba\xec\xc8\x29\x9c\xa6\x23\xd9\xe7\xae\x5c\x44\x96\x6f\xe6\xf7\xd9\x6f\x29\x97\x52\xc7\x1f\xb3\x24\x09\x6d\x79\x4b\xf4\x03\x88\x30\x4a\xef\xf4\xf1\xe7\x3e\x3f\x21\xa4\x09\x2c\x1e\x53\xd8\x2c\xf4\x96\xc8\x0e\xf0\xd3\x69\xd3\xff\xf2\xdd\x5a\x72\x3e\x29\x81\xa2\xf6\x19\x1e\x41\x09\xb3\x2d\xc0\x5f\xb8\x9c\x1a\xa5\x9f\xbc\x6c\x93\x21\x5a\x71\x73\xde\x81\xd4\xca\xd3\xec\x87\xbe\x4e\x2a\xaa\xa1\xbf\x24\x35\x09\x3e\x26\x96\x4f\x19\x67\x29\x17\x26\x22\x5a\x6a\xcc\xba\x11\x87\xc5\x73\xb5\x04\x12\xc6\xff\xe5\x14\xc1\xc8\xf7\xad\xac\x08\x4a\x8c\xed\xef\xb7\xbd\xf9\x1a\x81\x13\xba\xd2\xfe\x2a\x3a\x85\x5c\xa0\xe6\x57\xa2\xaa\x55\x2f\xa0\x8c\x83\x3d\x7d\x98\xfd\xe8\x22\x7a\x83\xdb\xc9\x72\xf3\x99\xeb\x4e\xc3\x18\x14\x65\x3c\x29\xc4\x3c\x7b\x6f\xaa\x79\xca\xee\xb0\x46\xa3\xff\x6f\x8c\xe1\xfe\xf8\x65\x17\x64\xbc\x65\xf8\x70\x8f\x13\xed\x64\x8f\x56\x21\xf6\xa5\x04\x8d\xd3\xb1\x65\x70\x11\x7b\x0a\x0a\x59\x1e\x46\x36\x44\x88\x19\x35\x27\xaf\xb4\xdf\x12\x71\x0a\x5a\xbb\x27\xbf\x79\x5c\xf6\x61\x4a\x86\x99\x5a\x09\xba\x6e\xaa\x9c\x17\x0b\xee\xfd\x71\x0a\x83\x38\xfd\x27\xdd\x7f\x04\x1b\x04\xd1\x64\x19\x0f\x70\x11\x87\x70\x88\x16\xbf\x8c\xb8\x6c\x1c\x94\xf1\x4a\x61\x59\x05\x08\xb1\xe3\xbc\x08\x29\x2f\x6d\x39\x89\x1d\x86\x91\xd8\xc4\x9d\xa1\x19\x25\x8f\xcb\x06\x14\x67\xa7\xdf\x7c\xe2\x7d\x8d\xcd\xae\x50\x9b\x61\x09\x2d\xe2\x10\x2d\xba\x40\x55\x2b\xdd\x35\x9f\xcf\x71\xf9\x35\x76\xa0\xfc\x81\x85\x20\xfd\x85\x7d\xf9\x26\x90\xb5\x63\xef\x19\xbc\xac\xc5\x5a\x02\x12\x39\x1a\xab\x28\x85\xec\x42\x58\x66\x78\xd2\xdc\x36\x10\x3e\x3b\x46\xf3\x97\xdb\xb2\x4c\xb9\xb6\xc7\x1a\x4e\x00\x54\x69\x47\x44\x56\x11\x7c\xb8\x4a\x6e\x17\xe3\xa7\xbe\xea\x3f\xc9\x87\x27\x0e\x42\x99\x9d\x3d\x53\x06\x6d\x8c\x71\x1a\x81\x6f\xe9\x71\x87\x90\xc9\xcf\x70\xfa\x08\xc7\x03\x3d\x5e\x2a\xe7\x8f\x2a\x3c\xb1\x55\xe7\xf6\x30\x03\x0a\xb2\xff\x5d\x3f\x12\x74\x5c\x76\x14\x1e\x49\x97\x25\xb3\x9b\x0c\x1a\xbb\x5e\xf8\x32\xdf\x3c\x10\x00\xdb\xc6\xb8\xce\x0f\x3e\x99\xd8\x15\x6e\x09\x35\xd5\x12\xb8\xd1\x99\xa0\xf0\xcf\xb1\xac\xd1\x71\xfe\x26\xb2\xa5\xf2\xe2\xba\x6c\x42\x2a\x68\x1a\x77\xf1\x4d\xcd\x1d\x86\xa9\xd9\x06\xec\x43\x3d\x78\x65\x35\x50\x12\x40\x0c\xd7\xc3\x7c\x70\xc5\xcd\xb7\x21\xdf\xe8\xdc\x65\x59\x41\x6b\x8b\x94\xdf\x0f\xb4\xa3\xe2\x9a\x62\x05\xe1\xe6\x25\x03\x19\x7d\x06\x15\xac\xf2\x53\xfa\xfe\xb5\x69\x90\xc5\x2e\x57\xe5\x99\x62\xed\x9b\x1b\x16\xea\x62\x7d\xad\x46\xed\xfe\x32\x26\x56\x41\x32\xa2\xb0\x10\x80\x04\xd2\x14\xce\xe8\x5c\xad\x67\x76\xfe\xb3\x57\x78\xdb\x2f\x7a\xfa\xd3\x53\xa5\xe3\x77\xae\x0e\xda\xcd\x9f\xdf\x78\x88\xc2\xf9\x14\xe7\xb6\xe5\x14\x7d\x25\xab\x92\x1c\xf1\xae\x45\xf1\xcb\x26\xd1\x92\x1c\x37\xb2\xd8\xbb\xf1\x4e\xff\x7c\x77\xd2\xd4\xa3\x4d\x03\xac\xe7\xab\x79\x37\xdd\x72\xd9\x87\x4c\xba\x9b\xec\x1f\x1e\xe0\xe8\x33\x80\xfe\x36\x18\x73\xf2\xca\x59\x07\x81\x61\x78\x25\x61\x1e\x73\x20\xac\x9d\x8c\xb9\x5b\xb7\x6c\xa3\xc0\x99\x7e\xcc\xb0\xee\xeb\x98\xb1\xff\xe4\x97\x24\x33\xa4\x18\xa9\x1c\x45\x0d\xac\x9b\x2c\x5c\x6a\xd5\x8d\xb3\xdc\x77\xcc\xc5\xba\x95\x41\xd4\x52\x70\xbd\x4c\x3a\x0e\x8b\x79\x8a\x7b\x8d\x5e\x3e\x8b\x20\xf0\xea\xe0\x4f\x7c\x21\xaa\x0b\xf1\x7c\xc2\x53\x8d\xd2\x90\xe6\x1e\x73\xa4\x94\xff\x9b\x07\x12\xb8\x76\x5d\xd7\xb5\xba\xd0\x04\x23\x44\x87\xd3\x84\xbf\xf1\x37\x1c\xf0\x48\x1b\xcd\xf4\x91\x44\xe5\x02\x84\xe5\x5d\xc6\x6a\x02\xb0\xe1\xd8\xa1\x31\x00\x68\x3d\x93\x96\xf7\xa1\xd3\x25\x66\x39\xa1\x5c\xca\xcd\xc4\xe1\x63\x87\x17\x11\xf1\xcb\x12\xc7\x0c\xda\xce\x46\xd3\x87\x0b\xf4\x78\x6b\x35\xe6\x26\xd9\x4a\x22\x28\xea\x21\xe9\x52\xd6\xfe\xcd\x2f\xb3\x2d\xfc\x95\xc9\xbb\xfe\x83\xb3\xbf\x78\xe3\x28\x8a\xe0\xc4\xdd\xda\x7a\x39\x4f\xfc\x25\x21\x6c\x5a\x4b\x71\x4a\x5d\xca\xfb\x58\x52\xee\xa9\xba\x51\x00\xbe\x8a\x57\x2a\x54\xbd\x42\xe0\x86\xfd\x8e\xef\x2d\x78\x03\xe2\x7d\x65\x27\x8b\x83\x53\xf3\x5b\xbd\xe7\x2d\xd0\x1f\x12\x46\x43\x30\x0f\x21\x08\x09\xe7\x80\x9e\x34\x3a\x31\xd8\xa4\x6d\xf5\xa1\x7b\x79\xb8\x1e\x81\xe4\x82\x13\xcc\x6b\x7f\x78\x69\x27\x24\x65\x30\xbb\xcf\xf7\xcc\x58\xf1\x87\x4b\x3d\xff\xf2\x3b\x47\xd9\xa2\x2d\x84\x49\xd2\xac\x9f\xe7\xcf\x72\x74\x5d\x68\x59\x71\x30\x06\xa7\xb1\xf1\x32\x97\xf5\x23\xdb\x72\xc2\x80\x11\x05\x92\xe4\x6d\xfb\xe6\x82\x9b\xe3\x2d\xa6\xe4\x45\x39\xb6\x12\x2d\x49\xb4\x44\x97\x03\x19\xf1\x4e\xaf\x1d\x98\xa8\x89\xb3\x31\xbc\xb0\xa1\xe2\x95\x16\x85\xd8\x35\x55\xc8\xcc\x03\xec\x38\x69\x64\x84\x33\x6d\xa4\xbb\x1e\xa3\x26\xc5\x2c\x3b\xb4\x65\xd8\xde\xfe\x37\xc7\xbd\x44\xdb\xda\x33\xfd\xdf\x33\xd9\x6f\x5f\x37\x3c\xee\x6e\x64\xdc\x0f\xb3\x7d\xbc\x5d\x35\x38\xb4\x63\x5a\x29\x70\x20\x90\x0f\x28\x7b\x0a\x9c\x8a\xaf\x44\x69\x93\x0c\x08\xd4\xd1\x9a\x40\x17\xe4\xd4\x56\x23\x35\x1d\x22\x78\xb1\xd4\xaf\xaf\xc1\x9e\xaf\x0b\xe9\xf8\xfd\x68\xf9\xee\x14\xfa\x7b\xbb\xe9\xa5\x06\xa7\xd5\x8b\xd8\xf6\xc4\x9a\xe2\x8f\x9e\xff\xe7\xbb\x79\x95\x28\xbf\xdd\x96\xbb\x5b\xb1\xfe\xe0\x22\x9b\x2e\xbf\x97\x0a\x15\x6c\xc0\x19\xe3\xfe\x83\x05\xfb\x37\xf1\xf1\xe2\x4a\x33\x36\x59\xfe\x96\x15\x67\xe8\xe2\x0a\x27\x59\xf9\x17\x40\xb4\x9e\x5d\xaa\xf0\x07\x1b\x22\xe5\x1a\xe9\xa8\x25\xa7\x02\xa2\x49\x17\x49\x47\x28\x93\x19\x8a\x24\x16\x34\xf2\x9e\x11\x0a\x0f\xd9\xeb\x26\x6b\x0d\x22\x6f\xe1\xed\xaa\x77\x04\xb1\x7d\x94\x1e\xc5\xa5\x09\x26\xe4\xd7\x92\x1c\xf1\xdf\x7c\x48\x8f\xd3\xed\x93\xbc\xe3\x5e\xd6\xfd\x9f\x58\xee\xf1\x86\x65\x48\x5d\xe0\xe5\x65\x63\x2f\xb4\x9d\x92\xbf\xcc\xa8\xa4\x81\x26\xa6\x00\x9a\xd6\x53\x5e\x38\x46\xa1\xab\xb8\xa2\x95\xb9\xe7\x0c\xb5\x37\x75\x45\xcd\x2c\x5c\x83\x48\x3f\x4d\x25\x7c\xff\x31\xb3\x54\x53\xbd\xda\x64\x57\xe9\xfa\xa6\x51\x1f\x9a\xdb\xcf\xf0\xf7\x0e\x42\x10\x96\xbc\x91\xd2\x42\x05\x48\xaf\x6b\x45\xe0\x2e\x19\x0e\xbb\x8f\x31\xa7\xdc\x7f\x48\x3c\xeb\x61\x08\xfe\x2a\x77\xcd\x30\x2a\x27\xbe\xfb\xa1\x05\x16\x51\xf3\x18\x2c\x61\x54\xa7\x7f\x85\x1b\x2f\x30\x33\x17\xa2\x90\xfe\xe1\x84\xc4\x80\x9c\x4e\xbc\x28\x66\x97\xc0\xae\x57\x20\x59\xba\x9d\xa4\x4f\x2d\xd6\x62\xab\x9e\x69\x42\x57\x7e\x89\xd4\x3d\x54\x47\xc1\x07\xb8\xfd\xc3\xc1\x5f\x26\x84\x55\x19\xe5\xcb\xe3\x77\xa3\x94\xdc\xb5\x32\xdd\x1f\x83\x21\xbd\xb3\xe9\xed\x22\x54\xf1\x4f\x91\xf7\xd6\x16\xa6\x99\x34\xea\x3f\x90\xc3\xaa\xae\x20\x06\x7f\xf4\x8c\x27\x60\x33\xac\xfc\xf9\x2f\xcb\x98\x17\xce\x2c\x59\xf7\x05\x16\x86\xb4\xfd\x3a\xbc\x53\xd5\xa7\x55\xba\x1d\x62\x7f\x40\x6e\x28\x3a\xad\x74\x5e\x07\x0e\xc3\x7d\x89\x1c\xbf\x90\xbc\x5c\xd4\xa5\xe1\xce\x48\xe7\x45\x0b\xc5\x95\x57\x85\x71\x7b\x0a\xdd\x17\x50\x05\x36\x39\x07\x62\x1a\xc2\x3e\x68\xb4\x83\xa2\x2e\x20\x7a\xaf\x94\x55\x75\x9f\xb4\x88\x49\x8b\x9e\x5b\x60\x5b\x38\xd6\x6e\xf9\xb3\xde\x3d\x32\x25\xc5\x21\x1c\x37\xa4\x40\x81\xf9\x63\x3b\xdc\x12\x78\xeb\x53\x30\x18\xc3\xe8\x6a\x10\x44\x12\x6b\x6f\x16\x11\x18\xbf\xa7\x0a\xf8\xe5\x93\x4b\x25\x9e\xe1\x2c\x1b\xda\xc8\x74\x27\x9b\x10\xba\x85\x02\xcf\x1f\x2a\x23\xd7\x52\xd9\x78\x65\x40\x87\x5e\xc8\xe8\x2b\x79\x3b\x14\x35\x0a\xa1\x93\xcb\x5f\x52\x70\xc8\x05\x5a\xa0\x39\xaa\x6a\xf5\x02\xf2\x24\x18\xc0\xa7\x09\x8d\x9e\xb9\xee\x07\x1b\x8b\x67\xdf\x7b\xf9\x12\x30\xe7\xf0\x04\x18\x85\x0b\x6d\xf7\xd6\x97\x4e\x21\x77\xbc\xde\x4c\x0d\xfd\xeb\xe7\xb2\xfe\x1a\x13\x32\x48\x7f\x7b\x15\xf3\xd2\xe4\x53\x91\x13\x32\xab\xc8\xc4\x16\x68\x3c\xe5\x61\x5e\x7a\xd2\xc9\xe8\x1b\x9c\xc8\x81\xee\xd4\x34\xd2\x84\xa7\xa4\x7f\x7d\xdd\x24\xa1\x56\x21\x9e\x28\x7b\x54\x4b\x3e\xda\x3d\x9c\x95\x3a\x3a\xae\xcc\xea\x36\x81\xa4\x63\x35\x0f\xbf\xbe\x28\x27\xd8\xda\x86\x7c\x98\x15\xac\x24\x1c\x2f\x7d\x07\x47\x63\x7d\x0b\x94\x1e\x1c\xba\x61\x4e\x5f\x4a\x5b\xee\x7a\x8e\x45\x64\x45\xdb\xff\xd1\xa4\x9e\x41\x28\x82\x67\xf6\x46\x33\xb5\x7f\x82\x00\xe2\xf5\xe8\x83\x13\x0b\xe9\xb5\xb2\xa7\x89\x8e\xa5\xa2\x16\x69\x4c\x7e\xe0\xba\x83\x51\xe5\xc7\x8f\x46\xfb\xe2\xba\x68\x26\xd2\x98\xe4\x18\xb4\x25\xd4\x26\xd8\x4b\x1b\x94\x76\xd7\x21\xc8\x3a\xb5\x6e\xdb\x3d\x98\xfa\x78\x41\x38\xc5\xf4\x48\xa9\x6b\xad\xf9\xed\xb4\x6c\x13\xfb\x32\xbd\x07\x67\x1d\x02\x4b\x45\xd3\xa9\x55\x2a\x0b\x49\x82\x75\x13\xf9\x63\x97\x0c\x16\xaa\x91\xe9\x2c\x6d\x99\x1f\xbc\xa2\xd4\x85\x35\xb5\xa6\x71\x59\x33\x90\x27\xaa\x0f\xa0\xaa\x4b\x3e\x30\xfa\x60\x67\x93\x03\x69\x3a\x8a\xf2\xdd\x29\x9d\x37\xf2\xfd\xa5\x07\xc1\xc2\x3a\xa2\xe6\xcf\xd9\xeb\xba\xff\xd8\xf2\xb4\xc1\x27\xa8\xc5\xdf\x68\x1d\xc9\x3e\x87\xcc\xcc\x2d\x1f\x6e\xaa\x70\x11\x63\xa3\xe9\xf6\xe6\xaf\x44\xf7\x59\xb4\x56\x5a\xc5\xb5\x53\xf7\xb0\xb5\xe0\x4b\x94\x65\x54\x5a\xa0\x2d\x35\x43\xe2\x74\xa2\xe0\x95\x2c\x49\xa4\xc9\xed\xe6\x9c\x96\x38\x0f\xa5\x26\xe2\x02\x6c\x3c\x9e\xf3\xa2\x69\x5b\x50\x7c\x35\x15\x9e\xcc\x1a\x74\x2d\x4f\x13\x65\x08\xf5\xe5\x33\x80\x6b\x25\x28\xbb\xa1\xec\xb4\x00\xeb\x86\x96\x97\x22\x8b\x7a\xd5\x9e\x8d\x1a\x79\x19\x90\x5f\x18\x8a\x05\x7f\x57\x0c\x2f\xee\x5e\xa2\xfe\xef\x8f\x35\x25\x9d\xe4\xe8\x29\x7d\x8e\x68\xf4\xfc\x0c\x87\xc5\x58\x11\x7e\x69\xee\x2f\x56\xea\x5a\xe4\xaf\xf9\xa6\x79\x3d\x10\x84\x51\xf1\xf3\xe8\x7c\x0d\x99\x40\xe4\xdb\x2f\xd7\x21\xc5\x4b\x15\x64\x25\x43\x5b\x85\x5e\x0b\x83\x88\x72\x3d\x05\x6c\xdb\x01\xfe\x08\x57\xd3\x5b\x07\x03\xd9\x48\x15\x8f\x35\x3a\x3e\xab\xa7\x14\xac\xa6\xd7\xce\x66\xce\xf9\xa5\x93\x81\xdf\x95\x84\xa6\xa4\x24\xcf\x08\xbd\xca\x4e\x78\x73\x68\xcc\x5c\x8a\xe2\x47\xec\x67\xe3\xcb\x95\x86\x0c\xe5\x1e\x23\xf6\x72\xfb\x39\x6c\xbf\x4a\xcf\x5c\x8a\x13\x4d\x7f\x24\xf6\x80\xc5\x11\xff\xcc\xa8\xf5\x65\x16\x2e\x9f\x94\x19\xff\xa0\xa7\xf3\xe8\x7f\xdb\x2d\x97\x39\x23\xff\xb5\xa1\xa8\x3c\xa9\x3d\xb3\xbe\xad\x58\x93\x60\x9d\x8c\xef\x74\xb1\x46\x20\xa6\xd0\xdb\xc8\xa3\xf6\xf7\x89\xf4\xcc\x54\x6e\xfd\x4b\xa2\xa3\xf6\x0d\x5e\xfd\x40\x0b\x7b\x2a\xbe\x1c\x7f\x7e\x14\x38\xd1\xbf\xa9\xfa\x60\x78\x47\x54\x74\x12\x16\xf7\x99\xd6\x1f\x94\xee\x04\x5c\x2c\xaf\x71\xc1\x08\xa9\xa3\xbd\x24\xff\x94\x1f\x65\x09\x3c\x47\x16\x2d\x80\x81\xe9\xef\x47\x9f\x74\xf6\x14\x9c\xe1\x7a\x64\x01\xc0\xef\x19\xbe\x0a\x73\xb3\xac\xa0\x80\x34\x30\x49\xf4\x9d\x30\x7f\x39\x69\xb1\xe8\x6a\x2a\xd9\x72\x67\xac\x25\x4c\x1c\xde\xea\xac\xef\x75\x71\xcf\x17\x6f\xe7\x79\x19\x52\xfd\x91\xb8\x0a\x61\x49\xd3\x49\x69\xa7\x8a\xe0\x41\x46\x70\xf9\xed\x44\x72\x60\xc1\x83\x4a\xe7\x86\x1e\xf5\x1f\x02\xec\xbc\x2b\x40\x0a\x3d\xf2\x2d\x5a\x1b\x72\xb5\x36\x89\x63\xa0\xac\xf9\x92\x5d\x2f\x46\x81\xb2\xcb\xd0\xbd\x0a\xc4\x12\xf3\xd8\x0b\x44\xd0\xa9\x2c\x4f\x04\xb6\x12\xbb\x3e\xbb\x6d\x9b\xf3\x2d\xb5\x49\xca\x82\xd5\x2c\x23\x08\xae\xe5\xef\xe4\x15\x83\x2f\xed\xae\x26\xab\xfd\x95\xa4\x67\x38\xa4\x41\xc6\xdb\xcb\x5e\x6a\x41\xd6\x39\x3f\x35\x4f\x94\x3a\xe4\xd6\x21\xec\xae\xc4\xc4\x81\xfe\xf8\xe9\xfb\x87\xdc\x2f\x1d\x26\xea\x0f\xf9\xcb\x8f\x58\x6d\xd0\xf7\x13\x2d\x9f\x62\x9d\xa3\x4c\xd8\xf1\x3f\x6b\x0b\x8c\x56\xe7\xea\x2b\x21\xa5\x26\xb2\x62\xb5\x2f\x33\x27\xd4\x03\x26\xfa\xa3\x85\x14\x45\x5e\xb3\xf1\xac\x4a\xfb\x8b\x41\x8f\x0e\x6b\x4a\x3a\x22\x1d\xcb\x1d\xc7\x52\x2c\x19\xcc\x4f\xb3\x02\xa8\xaa\xe4\xea\x5a\x13\x98\x9a\x61\xf6\x86\x55\x05\xd5\x98\xfc\x96\x57\x79\x0e\x90\x57\xda\x5e\xfe\x68\x9a\x4e\x06\x52\x07\xf1\xbe\xa8\xce\xd5\xa6\x18\x76\xef\x08\x89\x78\x5e\x5b\x9d\x4d\x3f\xdc\x04\x9b\x5c\xef\x4a\x38\xe7\x3f\x50\x66\x50\xe8\xe8\x7a\xfa\xba\xc0\x11\x6e\xe2\x35\x74\x96\x98\x49\x1a\xc4\x6f\xf4\x2e\xb8\x47\xed\xbd\xf7\xd7\x6e\x07\x5a\x5a\xe1\xf2\xf2\xe7\xc0\x6d\xce\x57\xdc\x94\xee\x36\x7a\xc8\xa6\x49\xfa\x18\x14\x17\x55\x12\x71\x06\xe5\x1d\x95\x79\x76\x77\x58\x45\xd3\xa0\xc3\xf6\xcd\x82\x26\x00\xb2\xfa\xfd\xf0\x58\xc1\xe7\x5a\x60\x18\x73\x92\x7e\x7c\x12\x8a\x4f\x38\x52\xcc\x0e\x49\x09\x62\x5d\xe2\x6d\x14\x1c\x90\xfa\xfc\xcf\x71\x1d\x73\xcf\x87\x23\xa5\xc7\x1c\x92\x2c\xb7\xc2\xa1\x81\x9f\x43\x8e\x5e\x11\x31\xa9\x68\xb2\x44\x4f\x12\x2e\xa7\xe3\x5a\xb6\x9f\xb3\xe3\x7e\xa7\xf3\xc1\xfe\x3e\x49\x24\xb6\x75\xd0\xd6\x0f\xd0\xa5\xc6\xd8\x69\xc6\x92\x32\x75\x53\x22\x32\xc2\xbc\xbe\x56\x3b\x86\x6c\x1f\x20\x69\x95\x8a\x23\xa1\xfe\xc2\x2a\xed\x18\xac\xd3\x09\x14\x23\xad\xc1\xd9\x51\x59\x5c\xc3\x12\x85\x31\xa5\x5b\x8a\x52\x18\xcb\x30\x3c\x21\xc9\x15\x10\xc9\xa3\xa4\x1f\x04\x14\xb5\x30\x72\xde\x30\x8f\xf2\xf9\x1e\x7f\x15\x4f\xb2\xc0\x39\x68\xc0\x7b\x40\xc1\x70\xc4\x10\x10\x23\xc0\xef\x8b\xed\x17\xa8\xbe\x13\x5f\x7e\xe5\x88\xae\x85\x7e\xc6\x15\xa1\x39\x79\x4a\x0c\x4d\xa6\xaf\xf7\xad\x0d\xd1\xfa\xe9\x2f\xec\x4f\x6f\x3e\x99\x5f\xfe\xf1\x5a\x6f\xc6\x57\x9e\x38\x8c\x22\x88\xd1\x06\xbf\xaa\x62\xf8\x7b\x7b\x9b\x55\x28\x86\xe1\x90\x66\x91\xd2\x38\xcc\x15\xbb\x04\x98\x40\x28\x1a\xfb\x9d\xef\xe7\x6a\x7d\xf0\x0e\x24\xf3\x2b\x6e\x4c\xfe\x02\x81\x64\x15\x13\x15\xfa\xe4\x06\x2b\xd9\x49\x22\x1d\x1b\x41\xcd\xa1\xf6\xb0\x09\xc3\x70\x8e\xa5\x0e\x86\x39\x92\x79\x19\x5f\x08\xb9\x9f\xbd\x08\x45\x5e\x2a\x11\x56\x9c\x81\x71\x82\x7e\xe4\x8c\x4c\xd9\x8f\xcf\xe0\x43\x7d\xad\x6b\x30\x9a\x01\xda\x9b\x98\xfd\xa7\x4e\x05\x88\x5f\xe0\x35\x10\x84\x9e\x32\x11\x3b\x6e\x52\x3c\x15\x2c\xa4\x4c\xb0\x44\x55\xc9\x3d\xe8\xf5\xf0\x78\x8b\x48\xa2\x56\x93\x0a\xa0\x1a\xcd\x2e\xf8\xbe\x22\xf2\x22\x25\x4d\x5b\x55\xa0\xd2\xae\xe2\x64\x5d\xf1\x29\xab\xe7\xda\x3f\x7e\x2f\x09\x96\xea\xee\x71\xa7\x7e\x28\xf8\x70\x96\xc2\xe4\x66\x5a\xc1\x0c\xf1\xb7\xef\xcb\xa3\x8f\x05\x46\x95\xd6\x3f\x79\x74\x76\x99\x7f\xed\xbc\xeb\x19\xa2\x4f\x1b\xfe\x0b\xd7\x2e\x2b\x56\x77\xc0\xcb\x25\x83\x45\x31\xf1\xb3\xd4\xb6\x90\x32\x10\x5d\x5f\x19\x0e\x6d\xc5\x45\x61\xa7\xcf\x5d\x85\xc0\x90\x36\xf1\xfd\x27\xeb\x3a\x5e\xa9\xac\x38\x1b\x7a\x3d\xb0\x15\x89\x2d\xe7\x2e\x39\xaf\x34\x8c\x91\x9b\x7e\x3e\x15\x1c\x58\x3c\x60\xa7\x86\x98\xf6\x84\x90\xe6\xc8\x16\x30\x3a\x0d\x5d\xc8\xcd\x03\xdb\x94\xaf\x6c\xad\x1b\xc3\x79\xc2\x07\x14\x5b\x36\x2e\x9c\x6c\x69\x0f\x7e\x5a\x76\xf0\x83\x8a\x7f\x52\x62\xda\xe8\xab\xa4\x62\xa8\xe3\x7d\x73\x87\xf7\x3e\x9d\x4a\xe5\x32\x1c\x45\xd2\x11\xae\x57\x98\x6d\xa1\x40\xf7\x48\x13\x58\x0d\x74\x1e\xc4\xaf\x6e\xf9\xe0\x84\x5f\x9e\xb6\x96\xfd\x27\xcd\x1a\xcb\x68\xb4\x89\x8c\x19\x79\xa2\x5f\xeb\xb7\x93\x42\x5c\x62\xbf\x94\xbf\xfe\xe9\x87\xcc\x78\xc6\x00\xed\x53\xfd\x98\x25\x47\xc6\x72\x85\x97\x33\xe4\x98\x9d\x86\x6f\xe0\x02\x2d\x2f\x20\xae\x4d\xec\xdf\x6b\x20\x56\x90\x66\xb8\xdc\xbe\x67\x7e\x2c\x1a\x2e\x9b\xa0\x5d\xf5\xf6\x9e\xbf\x23\x7d\x89\xd3\x76\x89\x2b\x50\x4e\xf5\x6e\x39\x55\x18\xc9\x87\x4d\x60\x84\x22\x76\x88\x85\xb4\xbc\x8a\xe1\xad\x16\x01\x49\x4f\xc9\x2b\x2a\x03\x8c\x64\x93\x4f\xf5\x02\xa9\x15\x35\x2b\xc7\xbd\x69\xb9\xc5\x6f\x7a\xb3\xe5\xb0\x89\xb0\x60\x02\x33\x8e\x35\x55\xb9\x47\xe6\x6f\x5d\x1a\xc7\xf1\xba\x4a\x31\x4a\x76\x26\x97\xd8\xb2\xff\xa6\x09\x95\x3e\x33\x34\xde\x4a\x3b\x6b\x24\x41\x74\xa5\xaf\x95\x67\xc6\x12\xc3\x8f\xc8\xd3\x60\x7b\x73\x08\xd4\x7d\xcf\xf0\xf1\x2c\x2a\x7b\x37\x63\xc0\x9e\xc1\x87\x80\x0a\x36\x7f\x53\x59\x35\xe0\x40\x5d\x67\x16\x19\xd8\xcc\xbd\xd1\x1f\x6e\xc7\x32\x13\x6f\x31\xde\x1a\xac\x7a\xbb\x18\x04\xd6\x9a\x72\x07\x6b\x0b\x1d\xb6\x1a\x23\x28\x7f\x74\x80\xd0\x7b\x1b\xe4\x31\x0a\xe5\x1f\x00\x28\x77\xc3\x00\x53\xed\xff\xf5\xc8\xce\x73\x29\x78\xcb\x31\x89\xdf\x54\x85\x46\xe2\x4b\x83\xc7\x6c\x56\xd7\x5d\xe9\x30\xeb\x82\x44\xdb\xbc\x8f\xdc\xe1\xce\xa8\xb2\xb4\x2d\xc9\x4b\xc6\x40\x19\x41\xeb\x57\x74\xae\xe8\xfc\xa1\xcb\xeb\x0e\xed\x11\xd6\x93\xc5\x78\x93\x1c\xe5\x4b\x32\xb4\xd0\xaa\x9b\x5c\x8f\x23\x34\x38\xd3\xc2\x5d\x1e\x8e\xc2\x73\x2a\xc3\xda\x7a\xc7\x30\x43\x63\x2c\x47\xa8\x2d\x4e\x20\x1a\x92\xf7\x04\xfb\xff\x0d\x8c\x53\x20\x6b\x84\x70\x8c\x2a\x7a\x98\x24\x7d\xd3\x82\x20\x7c\xac\xe0\xf6\xaa\x02\xaa\x6b\x5e\xd5\x1c\xd1\x78\xd4\xe6\xf6\x1b\xaf\x31\x16\x46\xfa\x39\xaf\x8f\x66\x78\x91\x0b\x62\x6d\x08\xbc\x29\xc3\xb7\xd1\xef\x74\x59\x08\x5c\x7f\xfa\xe4\x30\xd5\xc7\x05\xce\x66\x69\x20\x90\xc3\x59\x2c\x11\x92\x29\x03\x26\x25\x4f\x60\x3c\x95\xff\x1e\x1c\xb1\x15\xc3\xbd\x30\x2c\x31\xe5\x10\xbb\xfe\xcf\x46\x04\xcf\x94\x06\x2d\x76\x9d\xa1\x14\x9d\x41\xcc\x43\xad\x93\xa0\x65\x48\x3c\x7f\x14\xd3\xcf\xc9\x22\x35\x33\xaf\xb6\xf4\xc4\x33\xc7\xb6\x55\x7a\x34\x97\x51\xe8\x69\xa4\xfc\x5c\x0f\xaf\x54\x58\xbb\xa4\x12\x93\xe9\x37\x5a\xb4\x3e\x43\xcb\xef\x7b\x30\xd2\x25\x42\x36\x65\x4b\xe6\xf7\x2a\x14\xaf\x1a\xeb\x30\xc0\x88\xa4\x18\xde\xb5\x10\xc5\xf4\x24\x73\xd8\x32\xff\xdc\xdf\xd0\xea\x8c\x14\xb1\x56\x5d\x9a\x03\xfd\x71\xbf\x79\xd7\xb8\xc3\x6c\xc2\x96\x11\xd5\xbe\x4b\x37\x14\x77\xd0\x07\x15\x26\x9f\x0e\xa1\x42\xf6\xa1\x33\x04\x36\x38\x6b\x03\xaf\x76\x8e\x00\xe9\xa1\xf1\xd4\x5a\x67\x0e\x39\xa5\x82\x8b\x23\x9c\x0f\x05\xca\x82\x24\xaf\x99\xb9\x15\xfe\x70\xb6\x39\x27\x00\x0a\x1a\x9d\x57\x71\xc8\x27\x82\xb3\x47\xfc\xb7\xc5\x4f\x2d\x62\xeb\x10\x6d\x5c\x29\x0c\xd5\x26\x0c\x6e\x28\xe2\xe5\x6f\x24\x2c\x39\x3f\x5e\x03\x3f\xac\x05\x0e\x56\x80\x48\x05\x2b\x21\xb7\x9c\xa2\x53\x03\x18\x9d\xc4\xd3\x87\x97\x41\x3d\x82\x04\xb3\xf4\x2d\x27\x3f\x45\x8c\xdb\xd1\x67\x80\x18\x4d\x81\x61\xfa\x56\xd0\x1a\xc0\x98\x8a\xe2\x35\x2c\x2a\x3b\xb7\x95\x3e\xe1\xec\xa9\xda\x7f\x73\xe4\x74\xfb\xe7\xc7\xe1\x1f\x0e\x1d\x37\x3a\x04\x4b\x1a\x8b\xde\x0c\x03\xfd\xed\x9b\x13\x93\x6e\x51\x41\x7d\x82\x54\xc3\xd8\xd8\xbf\x62\x24\x25\x54\xff\x16\x77\x5e\xc2\x78\xb9\x8d\x9e\x7e\x06\x40\x6a\xb3\x52\x01\xd5\x3c\xe1\xa0\x7f\xb0\x5f\x3a\xcf\x2a\xcb\xce\xb0\xb2\x5c\xf7\x6b\x43\x4c\x38\xa7\x7f\x6a\xfd\xef\xa5\x1d\x7d\x15\xd9\x82\x6c\x9d\x8e\x3f\x08\xf1\xfe\xaa\x29\x5e\xc4\xee\x40\x24\x66\x9f\x5d\x6d\x29\xdc\xd5\x54\x0c\xaa\xd6\xb4\xf9\xb0\xae\x8a\xe3\x85\xce\xfb\xc3\x2d\x8a\x29\xd7\x5e\x22\x4c\x84\xab\xec\x4f\xa5\x4d\x49\x8c\x4f\x6e\xf7\x1e\x6a\x03\x76\x6a\xce\x09\x74\x1a\xa0\xf6\x31\xdd\x91\xa4\xe1\x27\x39\xbb\x46\xf8\xe7\x41\xbb\xfe\x7f\x76\x74\xb9\xad\x34\xfa\x38\xad\xf5\xa1\x8a\x87\xe5\x11\x73\x04\x48\x18\xfa\xd2\xbf\x99\xb1\x20\x53\x86\xe5\x0d\x9f\xa7\xf1\x9e\xfc\xcc\x94\x7d\x86\x6d\xa7\xc7\xc0\x5d\xa0\x9f\xe2\x62\x81\xeb\x06\x18\x45\xc0\x51\x0b\xaf\xc7\x75\xbe\x5e\x0b\x95\xa6\xcc\x49\x45\x8d\xb1\xd6\x82\x43\x58\xe2\x7e\x12\x67\xf1\xfb\x0f\x26\x04\x86\xe3\x5d\x94\x5e\xab\x12\x90\x71\x10\x9c\x58\x1a\x94\x42\x8d\xc5\xf2\x07\x45\xa0\x82\x9d\xfe\xdd\x6f\xde\xf5\x85\x5f\x07\x44\xb6\xec\x49\xa2\x4d\x4d\xea\xb7\x2d\xcf\x37\x7a\xc6\x75\x80\x79\xd9\x52\x61\x1e\x5a\x9d\xb0\x61\xec\xae\xa8\xb6\xca\x33\x3f\x3a\xaa\x00\x3d\x75\xfb\xef\x1c\xd4\xe1\xf3\x9d\x59\xf7\xd0\x88\xf8\x79\xee\xf8\xba\x6a\xd7\x1d\x20\xc9\x05\xf1\x87\xfb\x5c\xea\x61\x90\x1f\xd3\x1b\x52\x07\x98\xcc\x08\x06\x6b\x0f\x4f\x6d\x78\xe0\xe7\x75\xab\x8b\x56\x05\x5d\xe2\x24\x48\x6e\x54\xdb\xee\x7d\x84\xa5\x06\xd0\xe1\xd9\x31\x7f\x53\x99\xff\xeb\xf6\x9a\x66\xca\xe2\x58\x0e\xf8\xe9\xdf\x0d\x5c\x47\xf1\x4f\xc3\x95\xfe\xd3\xaf\x35\x8a\x39\xf2\xa2\x60\x2a\xeb\xb2\x6c\x3f\xc4\xce\x25\x51\x52\xb1\xc5\x4c\xc7\xb3\x37\x36\x86\xfa\x10\x87\x47\xea\x19\x08\x92\xae\x30\x45\x81\x3b\x6a\xd1\xc9\x9a\x8c\x43\x6b\xe7\xc3\x3b\xd1\xd3\x57\xe7\x2f\x26\x68\xc1\x65\x22\x96\xf9\xeb\x7b\xc2\xf0\x78\xf9\xe4\x5f\xe8\x31\xc2\xe9\x6a\x4f\x60\x67\xf6\x70\x51\x54\x55\x3c\x1b\x91\x1d\x40\xeb\x19\x69\x52\x70\xe8\x1e\x52\xfd\x0e\x44\xfb\xbf\xd9\x99\x32\x6d\x9c\xa3\xaa\xad\x62\x3a\xe3\xc5\x71\xe5\xda\x9d\xea\xd5\x15\xa6\x41\xbd\xa6\xed\x9a\x2e\x3b\x39\x5d\xd6\x24\x89\xb1\x46\xc6\xc4\x23\xe5\x9d\x54\x3e\xa3\x72\xea\x5c\x5d\x64\x53\x8e\x3a\xb4\xea\xab\x02\x52\x99\x17\xd7\x84\x9d\x2f\xe9\xed\xfd\x07\x77\xf6\xc7\x67\x38\xfe\x16\xd5\xa8\xd6\x7c\x8f\x00\xe3\xea\x2c\xd7\x95\x84\x1f\x38\x2c\xdd\x31\x84\xcb\x18\x05\x28\x9b\x65\x74\x36\x11\x19\xa7\x31\xfd\x13\x01\x2c\xdb\x1e\xd2\x8f\x58\xdc\x24\x7a\xf7\x55\xbb\x36\xb7\x03\x68\x82\x56\x4b\x50\x98\x04\x7b\x78\x9f\xd2\xb8\x4e\xcf\xfb\x38\xfd\xdf\xeb\xad\xec\x25\x95\x38\xee\x9a\x03\x23\x92\xe3\xfd\x7d\x79\xc0\x65\x7e\xe7\xd2\x68\x3c\xc9\xee\xf9\x33\x2d\x51\x08\x42\xb1\x6b\x7f\x11\x84\xa1\x26\x59\xf6\x20\xbf\x83\xaa\x42\xa6\xa9\xad\x41\x25\xa4\xe4\x30\x7a\xda\x5f\x94\x8a\x11\xaf\xfc\xdc\x50\xb0\x5c\x02\x6f\x38\xa9\x60\xf3\xf3\x45\x34\xa0\xc8\xe9\x3d\x8a\x87\x22\x0e\x17\x5c\xc5\x65\x9e\xc9\xf8\x3f\x9c\x3a\x67\x15\xc6\xb9\xad\x3f\x9a\x21\x34\xd5\xd9\x54\x17\xb6\xc4\xa1\xc9\x8f\xc3\xf0\x48\xba\xbf\xfc\x1f\xdf\x91\xaa\x02\x86\x61\xc0\xa0\xc4\xaa\xf4\x24\x84\x01\xf5\xc8\x11\xba\x04\x7f\x01\x5c\x04\xf8\x14\x90\xc6\xdf\x4b\x2d\xb6\xbe\x45\x84\x79\xed\x0a\x21\xd3\x47\xa7\x75\xce\x94\xbb\xc0\x9b\xd5\x3c\xaa\x61\x08\xc8\x2c\x99\xb4\xd1\x09\x55\x4b\x7f\x99\xae\xd1\x6e\x1b\x5b\xd0\x1e\x9f\xd1\x16\xba\xdd\xc5\x25\xd4\xa2\xb0\x9a\xb0\x55\x7f\x17\x9c\x55\x3d\x55\x83\xa2\x16\x32\xbb\x00\x71\x47\x64\x85\xa5\x21\x37\xd4\x5b\xe4\x0b\x6d\xe3\x5c\x78\x6c\xec\xe0\x5e\x41\xc9\x55\x6b\xe3\xb1\x91\xc1\xd6\xf1\x4a\xe7\xea\xe9\xc3\x7b\x66\x9f\x0d\xe7\xfe\xca\x52\x13\xee\x5a\x9f\xd0\x9d\xb2\x0b\xd9\x85\x54\x49\xb0\x53\x5f\x4f\x9b\x02\xc8\xd4\x05\x1a\x9f\x9a\xf1\xec\x45\x61\x18\x96\x17\xf6\x35\x08\xb1\x09\x33\x2a\xa0\x5c\xc9\x87\x11\xf6\x98\x77\xef\xb1\xac\x80\x14\x4e\xc6\x27\x10\xe6\x48\x57\xfb\xeb\x3a\xaf\x07\xec\xfe\x99\x07\x6b\xba\x1a\xeb\xc5\x31\x2a\x88\xd8\xc2\x89\x7f\xe2\x23\x42\x6f\xd9\x4a\x2c\xb6\x7a\xb9\x29\x2c\x6d\xe1\xa2\xf4\x7e\x3e\xd9\xbb\x51\xbd\x87\xbb\x42\xa7\xfe\x9e\xcb\x9a\xa1\x28\x10\xdf\xc9\x86\xbd\x3d\x0c\x5c\x3f\xe4\x98\xf9\xdb\x63\xd5\x7e\x4a\x76\xb9\xa7\xee\xe6\xe2\xc7\xfc\x04\x67\x20\x82\x7a\x2a\x87\xf0\xe5\xe5\x97\x4c\x8b\xae\xdf\x6a\x5c\xc2\xa3\xe6\x3e\xdd\xd6\xf0\xb7\xe7\xa5\xeb\xc0\xa4\xa5\xbf\xe2\x66\xe2\x5f\x13\xc5\x72\x87\x12\x70\x2a\x75\xcf\xa3\x12\xaf\x73\xa8\xfd\x61\x9c\xa3\xa6\x46\xeb\xc7\x86\x8c\x81\xa9\x2a\xfe\x47\x46\xd5\xd2\xdf\x19\xa4\x6e\xfa\xd4\x78\x91\x97\xeb\x60\x6d\x6f\xae\x24\x27\x11\x86\xd8\x4a\x3a\x32\x09\xbf\x43\x40\xdb\x3e\x94\x18\xff\xbc\x7f\x3a\xff\x68\x5d\xa0\xc2\x6c\x53\x03\xe1\xb7\x20\x03\xf1\xa9\x8d\x1b\x52\x04\xad\x6c\xbf\xbe\x64\x7c\xde\xd0\x82\xc1\x75\x33\x5d\xf2\xa1\x9f\x01\x47\xfd\x32\x2f\xe5\x82\x5b\x9d\x8e\xec\xad\x96\x78\xc4\xbe\xe0\x32\x6f\x7f\x23\x61\x39\x98\xe3\xb2\xef\x9d\xc6\xf2\x15\x26\x11\xb0\x0d\xdc\x2a\xa0\x4e\x00\x1b\xc1\x98\x96\x31\x86\x3a\x44\xd2\xb7\x16\x88\xe6\xba\xca\x0f\x23\xad\xd5\x1b\x0e\xbf\x25\x64\x92\x1c\x46\x61\x95\x44\x81\x2c\xd7\x72\xdb\xdf\x3b\x40\xc3\x93\xe8\xf2\x24\xcf\x6d\x11\x50\x8b\xa7\xd8\xca\x06\x01\x02\x16\xe7\xa4\xde\x55\xb6\xd4\x61\xe0\x2a\x76\x19\xa3\x9b\xfa\x9f\x0b\x31\xa0\x35\x55\x6a\x55\x2f\x3f\x38\x84\x20\xb9\x72\x54\x7d\xf1\x10\x7e\x10\x74\xe9\xdc\x83\x6d\x43\x6e\x52\x3f\x52\x09\x44\x7f\x4e\xd5\xbb\x8a\xf3\xec\x94\xee\xa9\x02\xec\x1e\xdc\x41\x15\x2c\x26\x89\xa4\x13\xa5\x70\x1b\x64\xae\xf3\xe4\x17\x66\x2b\x2d\xf4\x64\x77\x9b\x02\xe3\xb3\x82\x49\xb4\x90\x69\xed\x10\xbf\x39\xcc\xe3\x37\xe3\xa6\x3b\x3a\x18\x37\x53\xa6\x80\x47\x78\x9f\xda\xdb\x2f\xe6\x72\x18\x49\x7f\x87\x70\xf2\xea\x57\x17\x77\xf7\xd9\x67\x5d\xd5\xca\x9b\xa6\x73\xf5\x22\x74\x6f\x27\x86\x8c\x92\x28\x40\x2c\x30\x8a\x9a\x9c\xc2\xcf\xc2\xbc\x51\x74\xa1\xc4\x53\x05\xf4\xb8\xf4\xa1\x85\x3c\xf3\x0b\x0d\x37\xd2\x07\x84\xff\xe7\xf2\xd6\xe2\xf6\x94\xd7\xd3\x4e\x39\xc7\x1d\xd0\x86\x69\x0a\x08\x32\xbb\x53\x91\x22\x28\x42\xbc\x5a\x7c\xe3\xa0\xa8\x87\xf1\x28\xe8\x5f\x02\xb6\xb7\x7b\x3b\x64\xda\x7c\x2a\xe8\xb2\x84\xae\x3a\xed\xba\x02\x83\x5b\x02\xe0\xfc\x01\x02\xfa\x7b\x9c\xdb\x46\x5c\xe5\x37\xdf\x39\xe4\xf7\xb9\xe5\x0d\xb8\xe5\xca\x62\x1f\x25\x25\x82\x38\xb8\x5c\x0b\x5a\xe5\x04\x8d\x8d\xd7\xdc\x48\x05\x54\xdc\x9b\xec\x04\xa7\x59\x32\x78\xb3\xcb\x3e\x23\x3a\xe0\x7f\xb0\xfc\x8c\xbf\x1c\x28\xcb\x47\xe7\xae\xc8\xdc\xa1\x11\xc2\x7d\x55\xf8\x44\x9b\x51\x92\xbf\xb1\xe5\x27\x57\x14\x60\xcb\xda\xdb\xcf\xae\xf9\x35\x20\x78\x7d\xf3\x08\x85\xa2\x9b\x1a\xa3\xff\xa8\x0f\x80\x47\xe1\x90\x97\xb6\x9c\xdb\xcc\xdf\x1a\x12\x83\x4d\x89\x38\x22\xb2\xc2\x1a\x83\x49\xb8\xa0\x90\x57\xf0\x3f\xda\x77\xa1\xc9\x27\x0a\xf0\x36\x1b\xdc\x9b\x67\x0d\x2f\x96\x1a\x34\x4a\xcd\x42\x83\xc2\xf1\x62\xc2\x5c\xa6\x66\x9e\x87\x2e\x11\xd8\x6c\xa1\xc5\x81\x12\x9a\xec\xe4\xfd\x9a\x3b\xbf\x5d\x0e\xdb\x26\x55\x75\xa5\xd5\xf4\x9f\x13\xab\x10\x44\x67\x3a\x5a\x9d\x9b\x8b\x47\x01\x95\x08\x66\xad\xa3\xc0\x0f\x9f\x2e\x4f\xf0\x2e\x0f\x5b\x5b\x77\x86\x76\x90\x22\xc2\x10\xf7\x22\xd1\x28\xc1\x2a\x0d\xb5\xb2\x90\x44\x88\x96\x7c\x01\x61\xb1\x1f\x64\xfd\xc1\x74\x5d\xcf\x8e\x44\x3b\xf5\xa8\xec\x8e\xcf\x1d\x4e\x2c\x53\x25\x0c\x20\x6f\xc1\xa3\xfe\x99\xef\x93\x48\x2c\x7e\xfa\xbd\xaf\xce\xaf\x0e\xe4\x54\xda\x34\x3d\x99\x5e\x2e\x7a\x75\x16\xba\xe9\x4e\x0f\xfd\x06\x6b\xa4\xe0\x2c\x18\xee\xbe\xa7\x7a\xef\x90\x91\x14\x12\xf5\x8c\xc2\xdb\x12\xfd\x64\x25\x01\x3c\x6e\x7d\x79\xc8\x16\x46\xc1\x88\x4d\x06\x58\xbf\x7c\x97\x49\xa6\xb9\x2c\x7c\x80\x63\xae\x8d\xdb\x32\xc8\x42\x6f\x58\xca\x50\x62\x10\xa9\xd1\xb1\xf3\x0c\x6f\xa0\x2c\x34\xe1\x8c\x8d\xf3\xa5\x68\xf4\x91\xbf\xa4\xff\xc9\xfb\xc6\xf6\xb1\xd6\x78\x73\xe5\x50\xb7\x6d\xb4\x36\x83\x78\x70\xc2\x73\x58\xb1\x43\x99\xe0\x17\xd8\x9b\x45\xb1\xcb\x2f\x9f\xbb\x1d\x18\x3d\xbe\xba\x9b\xdf\x5c\x25\x5d\xf1\x66\x4d\x27\xb9\xff\xee\x7f\xcf\x86\x79\xfb\x45\x4f\xda\x16\xf4\x68\x1b\x6a\x6d\xed\x5d\x49\x8c\x4e\x81\x37\x09\x9c\xc7\x54\x91\x22\x0e\xbd\x65\x28\xc3\x71\x79\xa3\x3a\xa8\xf2\xfd\x9d\xb3\xa0\xa7\x15\x97\xe2\x84\x58\x0a\x4b\xb1\x13\x27\x0c\x5f\x6a\x58\x91\x85\x13\xca\x76\xb5\xe2\xcf\xc3\xf6\x34\x59\x96\xaa\xb9\xf3\xab\xa6\x2b\xf9\xd5\x53\x2d\x18\x89\x90\x41\xcd\x4b\xdd\x4a\xec\xa8\x81\xa3\xfa\x9c\x64\x92\x4d\xd3\xa2\x94\x0d\x73\xd0\x3e\x57\x8c\xab\xf6\xc8\xfc\xb5\xe0\x2f\x43\x48\xf4\xd6\x91\xef\x4a\xc9\xce\x2b\xda\xd8\x08\x35\x80\x92\x32\xb0\x73\xa3\x6d\xd2\x38\xe5\x5f\x59\x78\x0a\xd0\xd2\xe0\x05\xa2\x1d\x9c\xd5\x77\xf5\x0f\xdf\x7a\x5a\x50\xef\xbe\xc9\x20\xa9\xb9\xc2\x90\x65\xed\xbc\xfe\xd4\xaf\x98\x1f\xa6\xfb\xea\x3e\xbc\x52\xfb\x8d\x24\x7a\xcd\xd4\x9b\x97\x8d\xd0\xcc\x2b\xf8\x82\x8d\x64\x70\xc9\xc3\x68\xfe\x61\x25\x7b\x54\x42\xb8\x5b\x82\xc7\x2e\xb4\xfd\x9c\xc9\x55\xc7\xd6\x5e\x0b\xc5\x43\xa2\x1d\x20\x03\x43\x78\x9f\xfa\x0b\x2d\xc7\x1a\xb5\x70\xb6\xa9\x99\x7a\xc3\x18\xa5\xea\x29\x45\x65\xe5\x6a\xc6\x7d\xeb\x4d\xbe\x3a\xf4\x3b\xdc\x3f\x9e\xc3\xb6\x80\xeb\x4a\x1c\xc3\xbd\x48\xa1\x0d\x49\x93\xc6\x9a\x77\xaf\x63\xd7\x2d\xa4\x16\x4b\x38\x85\x54\x3e\x76\x12\x8c\x56\x70\xb0\x4a\xfc\xc3\x17\x55\xce\x5d\x7a\xa4\xa8\x0c\x4c\x10\x20\xd4\x4f\xa3\x60\x40\xc1\x09\x99\x8c\xd1\x57\xdb\x36\x6c\x1b\xff\xdc\x02\x62\xd2\x3d\xea\x82\xcb\x11\xa2\x22\x40\x53\x15\x8f\x83\x94\xfd\x9d\x63\x21\x41\x1c\x99\x4d\x01\x05\x4d\x0c\x82\x19\xa4\x89\x8b\x29\x1f\x69\xee\x14\x68\xbf\x94\xca\xb5\xe6\x92\x71\x05\x1a\x21\x74\x48\xbd\x68\xb1\x3d\x36\xd1\xad\x54\xd7\x17\x0c\x07\x00\x2d\x2d\x96\xeb\x98\x18\x0a\xa8\x80\xf7\xef\xfd\x4d\x5a\x37\xcc\x4f\x65\x2a\x96\x6a\xca\x87\xc4\x88\xe2\xea\x1c\xc5\x15\x50\x4b\x02\xcb\x4b\x91\x81\x17\xc9\xbe\x2f\xad\x71\x87\xf2\xa7\x75\x25\x56\x6b\xfa\xa3\x6a\x13\xf7\x9f\x73\xf8\x91\x4f\x70\xb8\xc6\x0b\x12\xc3\x21\x62\xf4\xae\xb3\xba\x71\x5a\xb2\x38\x00\xf0\xaf\x9a\xfc\x65\xbe\xe3\x35\x0c\xbc\x51\x92\xa5\x74\x3e\x75\x99\x21\x26\x87\x90\xda\xe8\x78\xda\x04\xae\x36\x16\x1f\x25\x67\xe5\x14\xe6\x6b\xf4\xb4\xfe\x7a\xde\xe9\x95\xa8\x15\xbc\xf6\x04\x51\x83\x04\x9f\xc7\x2d\xb7\x87\xcd\x71\xf0\xf6\x53\xf7\x0d\x1f\xdb\xc2\xaa\xfb\x1d\x5e\x1d\xcf\xd5\x76\x3f\xf5\xfd\xd3\xbf\x54\x54\x26\x38\xfa\xc1\xb1\xfe\x6c\xca\x7e\x5e\xa8\x87\x28\x2f\x8d\xce\x22\x94\x19\x99\xba\xc3\x5a\xed\x8e\xa2\xc0\xec\x31\x88\x29\xb5\xc3\x44\xd1\x95\x06\x9d\x14\x27\xc6\xd1\xef\xeb\x79\x5e\xe3\xea\xb0\xef\x93\x17\x36\x12\x7d\x91\x0a\x60\x21\x41\xa4\xc6\x28\x70\xae\x71\x77\xff\x8e\x8a\x44\x14\xba\x6c\x96\xfe\x8f\x0d\x98\xe3\x07\x1e\xa4\xf5\xed\x57\x68\x2d\x81\xea\xc5\x43\x9a\x45\xe2\x66\xec\x1a\x25\xd2\xe6\xd9\xc1\xd2\x16\x4b\x70\xc1\x27\x50\x21\xb8\x37\x4e\x6d\x4d\x34\xff\x68\x44\x30\x2a\xa2\x56\x26\x44\x53\xe1\x86\x6d\x9e\xcd\x63\x5d\xd3\x92\x6d\xea\x1a\xd0\x51\x13\x21\x5a\x44\x81\x75\xf4\xd2\x6b\x23\xf8\x71\x5b\x91\x02\xd4\x1b\x35\x77\x6d\x5d\x06\x93\x26\xc8\x7c\xfb\x25\xc2\x6b\xd3\x6a\x17\x67\xfa\xd5\x4f\x53\xe3\x53\xf7\x60\xef\x8d\x87\x34\x53\x5e\x2d\x0b\x4b\x86\xbe\x9d\xb4\x36\x8c\x28\x56\x6d\x3c\x30\x74\x04\x68\x12\xd0\xda\x7b\x9f\x3a\x7e\xaf\x8c\x7b\xae\xe5\xa1\x06\xf9\x85\x1b\x40\x99\x04\x91\x2e\xdc\xdc\xe2\xab\x23\xff\xf8\x13\x33\x6a\xa4\x0e\xad\x05\xaf\xe3\x4a\x42\xb3\xd3\x98\x3a\x2a\x62\xe6\xbf\x31\x43\x62\xef\x7c\x9b\x28\x6c\xe8\xe3\x35\x74\xb5\xba\x65\x0d\xf5\xb4\x20\x8e\x48\xf3\xa2\x88\xc2\x19\xca\xcc\x5e\x4a\x5f\x5b\x51\x1b\xc2\xd0\x38\x90\x51\x27\x70\x62\xb6\x7e\xb1\x04\xcc\x62\xcb\x96\x10\xa5\x1c\x73\x47\x40\xbb\x2c\x26\x49\xb6\x06\x04\x6a\xc5\x76\xdb\x09\xf8\xc3\x2d\x78\x2d\x97\xc3\x86\xd0\xc7\x16\x92\x0d\x03\x2a\x26\x70\x43\x5c\x2e\xc7\x3f\x3b\x03\xac\x38\x60\x1c\xf4\x16\x45\x2e\x1c\x9e\x7c\xe4\xce\x34\x2d\xcd\x69\x29\xc2\x75\x81\xde\xb2\x34\x23\x14\xc7\xb0\xc2\x80\xd7\x26\x60\x19\xa1\x2f\x41\x65\xfc\x54\x5c\x18\x93\xc0\xd1\xdf\xea\x74\x6a\xd6\x91\xd3\xec\x40\xd3\xa3\x40\x4b\xb4\x65\x77\x2a\x43\x2a\xcb\x6e\x92\x3d\xb6\x1b\xb0\x02\x57\x3f\x32\xa8\x84\x9b\xc3\xa8\xd2\x7d\x8a\xee\xae\xeb\x96\xea\xbf\xfd\xf7\x6f\x8b\x0d\xbc\x33\xde\x23\xdf\xe2\x6c\x1f\x1e\xfb\x77\x34\x8b\xe1\xbc\x60\xa4\x87\x88\x3d\x19\x0f\xaa\xea\x44\xc7\x6d\x34\x99\x6e\x79\x89\xf6\x9a\xf5\x68\xab\x3e\x1d\x4e\x6d\x2d\xc6\x0e\x4d\x18\xcc\x5d\xab\xb8\x9d\x94\xe9\xd5\x94\x5a\x69\xa0\xe3\x31\xa7\x12\x68\xf4\xfa\xf6\xb9\xfd\x7e\x24\x4e\xf9\x2e\x8a\xd4\x74\x97\xec\x99\x62\xbb\xa7\x4d\x2b\x5d\x88\x78\xba\xfb\xa7\x18\x74\x1a\xef\x81\xba\x4d\x02\x68\x72\x16\x2c\x55\x83\xb1\xd9\x5e\x45\xf8\x8b\xd2\x6f\x61\xa6\x7f\xd1\xea\xe6\x63\x42\x8d\xbd\xd2\xc8\xdf\x31\xc2\x56\xe7\x2a\xcf\x9e\x49\x97\xfd\xe6\xfd\x60\x68\x09\x87\x25\x15\x84\x39\x6a\x9a\x69\xe3\x02\xbe\x90\x40\xe4\x50\x46\x12\xcb\xba\x29\x48\x89\xbb\xf1\x1e\xce\x57\x12\xff\xe5\xc3\x0a\x63\x2c\x87\x38\x43\xed\x8e\xcb\xbd\xec\x17\x3a\xd6\x6d\x64\x3b\x3b\x1c\x11\xf3\xa5\x10\x57\x33\x50\x00\x68\x4e\xf9\x44\xee\x10\xf5\x8f\xd0\xf1\xf0\x9e\x3b\x1f\x22\x48\xad\x74\x89\x27\x6f\xfc\x8c\xf2\x1f\x08\xf8\x59\x0c\x58\x24\x3e\x60\x6d\xfa\x24\x0f\x30\x66\xbe\x49\xc2\x2b\xa1\x91\x5b\xd5\xfb\xc3\xc9\x2f\xc9\x3e\x27\x68\x54\xc2\x69\xc7\xdc\x3a\x2d\xda\x51\xda\xfb\x36\x2e\x6e\xc3\x5a\x60\x0d\xb3\xe5\xdd\x0f\x8d\xe4\xd3\xed\x6c\x7d\xf9\x42\xc7\xaf\x47\x3c\x40\xc1\xa8\xb6\x77\x31\x59\xb0\x0c\xb3\x71\x19\x26\xd5\xa4\xce\xc5\xa8\xd2\x8e\x97\xe0\x61\x20\x0b\x5a\xfa\x6f\xec\x89\xe9\x04\xbe\xf7\x85\x42\x0a\xad\xb3\x98\x20\x8d\xc2\xfa\xb8\x7f\x3c\x56\xe5\x53\x58\x5a\xe0\x3f\x58\xf6\x45\xd9\xb0\x1a\xb2\x97\x78\x29\xc0\xbc\x16\xf4\x54\xa6\xb0\x99\xbc\x07\x42\x84\xa7\x58\x1f\x55\x41\x0b\x29\x0f\x91\xd8\x81\x3e\x18\x43\xbf\x5b\x54\x52\xe0\x77\x2f\xd7\xc3\xf3\xac\x55\xc6\x37\x89\x8b\xdc\x07\x33\xa5\xe7\x9c\xc5\x93\xc9\xe0\xe0\x5c\x27\x3a\xed\xb3\xe2\x76\x20\xbf\xb7\x82\xdb\xa3\x98\x22\x08\x8e\x29\x40\x24\x35\xa9\xba\x37\x6f\x7d\xde\x4d\x12\xeb\xf1\xff\xe4\x9a\x15\x54\x88\xfd\x07\xf8\x76\x22\x87\xdc\xe4\x8c\x5a\xff\xcc\xe0\xf1\x2d\x99\x5e\xfa\xb7\xb0\xf9\x95\xfb\xd1\x2b\x96\x13\xde\xb4\x27\x58\x69\x29\x07\x1d\x41\xf8\x01\x52\xfc\x80\xfd\xae\x9b\x72\x89\x3f\x84\xc6\xb1\xe1\xad\xd3\x2d\x06\xde\x4f\x06\x7d\xdf\xce\xd9\xb0\xa9\xbb\x9f\x68\x18\x62\x7d\x3d\xaf\x98\x76\x28\x88\x14\x4c\xe5\xdf\x7b\xd1\x64\xe2\x94\x79\xfa\x4d\xbb\x08\xa7\xe9\x47\xc3\x8d\x14\x24\xd5\x50\xe7\xe2\x5e\xea\x0b\x89\xc1\xd5\x8c\xf3\x47\xaf\xa7\x9c\x54\x7d\x64\x01\xa0\xfe\xec\x9a\x68\x67\x7d\xcb\xe7\x3e\xf3\x5d\x18\xe8\x06\x65\xac\x54\x81\x3f\xa3\xb0\xe8\xe7\x34\xb1\xe4\x6f\x3d\x14\xa3\x6b\x6c\xcc\x25\x9b\xd6\xce\xb3\x2e\xf3\x5a\x2a\x23\xbf\x16\xd8\xf8\x13\x9c\x51\x9b\xbd\xcf\xe0\xac\x1b\xce\xc7\xd6\x34\x67\xc2\x66\x21\x7d\xea\x77\x4a\x94\x56\x50\xd5\xd9\x5e\x38\xc3\x9b\xfc\x2d\x28\x75\xc7\x49\xc7\xfd\xa2\x39\xf1\xe4\xab\x01\x76\x60\xf3\xc3\x8f\x97\xf5\xb8\x7e\xbf\x48\x03\xb5\xcd\x42\x81\x3a\x57\x60\x6b\x8d\x02\x49\x86\xa9\x5f\xe2\xa3\x4b\x05\xb5\xf1\xc7\x7c\x6a\xc8\x5e\x3e\x76\x38\xea\xac\xd1\x5f\x79\x2c\x63\x38\x63\xb5\xf3\x9f\xe2\xe5\x5e\x08\x21\xeb\x44\x14\xaa\xd3\x7e\xb0\xab\x16\xbf\x3d\x16\xb6\x27\x58\xfc\x8a\x35\xc5\xe4\xa0\xc8\x36\x34\x01\x83\x71\x40\x98\x19\x4d\xb6\xe3\xc7\x4f\x20\x90\x80\x69\x4e\x59\xc7\x68\x6c\xe1\x7d\xbc\x14\xa6\xb6\xab\xc1\xb1\x6b\xc2\xcf\x12\x68\xfa\xfb\xcc\x35\x21\x68\x27\x05\xd6\x57\xa2\xea\x97\x53\x0c\x6e\xf0\x74\xe2\xb8\x7b\x9b\x05\xea\x5e\x10\x6a\xad\xb6\xed\x9a\x57\x8c\x53\x47\x0e\xee\x9e\x75\xf6\xd1\x52\x0a\x9f\x73\xe0\x67\x41\xd1\x0a\x2b\x27\xc9\x53\x67\xac\x97\x29\x29\xbf\x7f\xeb\x0d\x58\x86\x6e\x59\x15\x1a\x09\x74\x48\xcb\x90\x88\x03\xa2\x6e\xd9\xde\xd9\x0c\xa2\x12\xbb\xdc\x55\xa4\x30\x26\x7e\xd3\x71\xa3\x9b\xfe\xa2\xb9\x57\x3f\x66\xd3\x53\x54\xbd\x83\x5d\xdc\x82\x57\x99\xf3\x5a\x18\x75\x1c\x4b\xfb\xcd\x8d\x2e\x40\xf9\x92\x28\xb0\x76\x75\xec\x90\xa7\x7c\x7f\xae\x55\x30\x95\xd1\x7b\x93\x32\xdd\x7f\xa2\x92\x89\x87\xc4\xc4\xb9\xb4\xdd\xda\xf9\x06\x6d\xbb\xe8\xdc\x3d\x53\xf9\x20\xc2\x70\xac\x2e\xf3\x38\x04\x98\x4d\x1c\x63\x23\x76\xc7\xd3\x87\xdf\x28\xea\x03\xee\x0b\x84\x61\x1c\xbf\x68\x6b\x6f\x5e\x69\x6f\x28\x2e\xe0\x1f\xf8\xb7\xd6\x52\xe1\x76\x05\xb7\x1e\xd6\x89\x71\xd5\x0b\xc5\x70\x5a\xe3\xc8\x8c\x52\x05\x0e\xf6\xd0\xd0\x1e\xd9\x22\xe9\x24\x06\x43\x11\x58\x43\xe7\x8a\x1d\x19\xa2\xac\x9d\x9e\xa5\x85\x4d\x55\x4a\x88\x9a\x94\x42\x29\xe2\xc2\x87\xa0\x6f\x39\x03\x14\xb7\x77\xda\x4b\x98\x69\xc3\x14\x84\x7f\xe9\xaf\x5e\xf1\x76\xd2\x38\x16\x23\xe9\x5b\x94\x89\x3e\x24\x55\x17\xfd\x19\xea\xcc\x40\xcc\x85\xe7\x09\xbf\xef\xe3\xbb\x10\x2a\x84\x27\xd4\x00\xe9\x70\x8b\xd5\x9c\xab\x0a\x55\xd9\x27\xf5\x48\x14\xff\xee\xed\x30\x68\x5b\xc8\xa5\x6f\xf7\xb6\x3f\xa1\xae\x47\xdf\xa8\x67\xe5\x74\x0c\x30\x09\xea\x64\x1b\xa4\xe0\xa9\x80\xca\x66\x64\x43\xf0\xe4\x21\xa4\x23\x71\xda\xa0\x4b\xc5\x7f\x5f\x7d\x95\x86\xbe\x4d\xcd\x1d\xe7\x20\x31\x0a\xc2\xd3\xc8\x44\x7e\x75\x71\x03\x50\x68\x8d\x75\x07\x5b\xa1\xa0\x99\x04\xe8\xd1\x81\xd7\xe3\x72\x3f\xff\xb1\x7f\xa5\x1e\x0b\x89\x8b\xd9\xaf\xc8\x93\x89\x0f\x6a\xf7\x3d\x33\x82\x53\xdb\x37\xe1\xb8\xbf\x95\x3c\xe9\xf2\x8a\x5e\xb0\x65\xc7\xa2\x32\x86\xf3\xea\x80\x20\xaf\x7a\xb1\xc1\x4a\x67\x09\x20\x3f\xef\x51\xa4\x22\x89\x73\x59\x73\xc1\xf9\x5b\xef\x2f\x30\x08\xb7\x05\x0e\xd8\x5a\xed\x4f\xe9\x27\xd8\x71\xd9\xc8\xee\x07\x63\x15\x9e\xa3\x45\xe6\x1b\x0f\x78\xd0\x2d\xd4\x46\x82\xa9\x27\x6f\xcb\x09\x48\x6f\xf2\xdd\xf8\x07\x6a\x9b\xe6\x65\x14\x77\xec\x62\x0a\x07\x22\xba\x7b\xb3\x9b\xa4\xf5\xa4\xad\x07\x9f\x83\x72\xf3\x92\xb7\xa6\xd3\x54\x59\x13\x63\xbf\x14\xcc\xaa\x24\x42\xae\xc4\xb1\x69\x81\x7a\x8b\xb5\xc0\x70\x73\x3c\x9c\x71\xd9\x42\x46\x2c\xc3\x89\x18\xce\xf2\x65\xe6\xa7\x2b\xe3\x4c\x81\xf4\x75\xd1\xca\x88\xdf\xe8\x75\x8b\x46\x05\x1e\x77\x1f\xe8\x6e\x71\xfb\x8e\xcb\xac\xe2\x68\xa8\xd6\x3f\x39\xe0\x7e\x49\xf0\xa3\xe1\x58\x2b\x77\x23\xcb\xd4\x4d\x61\xc5\xc3\x4a\xbe\x8c\x68\x30\x74\x75\xa7\x49\x5b\x58\x08\x0f\xd2\xc0\x03\x95\xcf\x40\xe0\xbb\x1f\x88\x95\x07\xaa\x2b\x14\xd9\x05\xc6\x32\xfa\x43\x6e\x51\xf6\x19\x70\x1a\xc6\x74\xb4\xef\x56\x65\x49\x25\x82\x60\x6e\x2d\xca\x08\x3c\x88\x8c\xca\xc7\xc6\x07\x1d\x3b\xd5\xa3\xd6\x9c\xc3\xf8\x2f\x76\xb3\x69\x6a\xf5\x9e\x91\x9c\x9b\xc8\x3a\x91\xbf\xcc\x94\x56\x26\xe0\x84\xc6\xcf\xf3\xf7\xcd\x7e\x9f\x8e\x7e\xf0\x1a\xfa\x4c\xf2\x70\xf5\xdf\xde\x1d\x8e\xf9\x5b\x90\xf6\x8a\x86\x69\x51\xb2\x9b\x44\xe3\xd1\x1d\x0a\xe4\x9e\xef\x3c\xf7\xb6\x18\x3d\x07\xe6\x34\x17\x1f\x01\x83\x39\xb6\x83\x42\xe6\x1e\x8d\x42\x9b\x42\x4c\x3c\x65\x0d\x9c\x2d\x58\x6d\xed\xd9\x44\x43\xb5\xc8\x9e\xd2\xe6\x92\xf8\xb5\x81\x2c\x9c\xb0\xa7\xab\x7c\xc3\x2e\x9c\x4e\xb2\x82\x54\x5f\xf5\xcc\xb8\x2c\x52\x33\x1c\x43\x86\x62\x1a\x4d\x5d\xdd\xa4\x83\x04\x4a\x7f\xb4\xd9\x6a\x2e\xe5\x41\x52\x80\xa7\x9f\x3e\x52\x4c\x38\xb9\xc2\xc4\xc7\xff\x13\xbc\x54\x16\x7e\xb4\x3d\xb8\x53\x81\x60\x40\x7a\x99\xd8\xd3\xe5\x3c\x98\xfe\x35\x99\x3c\x8d\xba\x7d\xc9\x46\x6d\x15\xcf\xcf\x34\x25\x53\x49\x83\x4c\x21\x69\xf8\x94\x69\x8e\x73\x84\x89\x7e\x4b\x0d\xb3\x71\xb2\xbf\x3b\xe1\x7a\x8e\x47\x1c\x7b\xdc\x01\x98\xbe\xae\xb2\x9b\x11\x18\x87\x15\x84\x9b\x13\x44\x8e\xf2\xbf\xaa\xbc\x16\x28\x87\x4e\x1d\x06\xae\x83\x38\xbf\x9d\x3c\xff\xfc\x6d\x27\x71\xce\x1a\xcb\x28\x8d\xbe\x7b\xa2\xd3\x7d\x76\x03\x29\xcd\x54\x53\x1f\x6f\x18\xb7\x29\xa0\x3e\x6f\x9c\x2f\xaf\x5d\xd1\x2a\x06\xff\x0c\x43\x6e\x97\xd0\xda\x50\x2b\xe5\x9d\xcc\xf7\xb2\x0f\xc9\xdf\x57\xd7\x14\x6d\x0f\x87\x68\x0f\x7d\x61\xcb\xe3\x7c\xf4\xed\xac\xa8\xec\xe9\xaa\x64\x82\x78\x3e\xb9\xfd\x85\xb1\x18\x9c\x51\x2c\xdb\x87\xe9\x36\x5b\xab\xa0\x32\x86\x0c\x88\x49\x96\xc8\x74\xa5\xd8\x25\x12\xf6\x42\x9c\xdb\x0b\x54\x28\x10\xa3\xc0\xb4\x60\xf5\x03\x0a\xd4\x07\x1b\xc1\xfb\x53\xf6\x9b\x64\xdf\x33\xb8\xc7\x9e\x34\xf6\x95\xce\x66\xde\xc9\x78\x28\x72\x5e\x29\x41\xdc\xea\xad\x03\xae\xff\xa7\xff\x4f\x7f\x9d\xdf\x8e\x1b\x0a\xac\xac\xb0\x11\x8f\x98\x56\x11\xbd\xe2\x59\x10\x8d\xa6\xde\xc2\x0c\x60\x50\x36\xe8\x26\xb3\x44\x2b\xd3\x3a\x07\x43\x51\xb5\x44\xbf\xab\x16\x78\xed\x9d\xb2\x9c\xfb\xa6\x84\xf5\x1b\xa9\xb9\x40\xc7\x35\xe9\x11\x6e\x49\xc7\x99\x5a\xd8\xd9\x4d\x1a\xf8\xf2\xd8\x10\xd7\x76\xbf\xa3\x96\x82\xc7\x80\x18\x02\x49\x8a\x98\x4d\x89\xa9\x53\x6a\xb3\x71\x59\xd6\x0c\xd9\x36\x02\xb8\x56\x02\xb8\x36\x02\x58\x7f\xe3\xb2\x58\x07\xe9\x41\x07\x99\xeb\x75\xcb\xb7\x3b\xd2\xc2\xd1\x72\x15\xf8\xc4\xf7\xd6\xf3\x5a\x93\x79\xe7\x0d\x65\xba\x91\xe8\x05\x13\x4e\xdb\xfd\xd8\xf4\xcc\x6c\x2f\xe4\x49\x96\xbb\x88\x79\x93\x3f\x76\x91\xf7\x46\xe3\xcf\x1c\xab\x9f\xba\xf4\x70\x43\x16\xa5\x7f\x63\x99\x29\x77\xf3\x9d\xd9\xee\xdc\xf1\x67\x41\xb9\xb0\x57\xac\xfc\xf2\x60\x53\x67\xae\xe9\x46\xfc\x9d\x40\x78\xad\xe3\xb3\x67\xe5\xb4\x90\xd8\x81\xdc\xef\x58\x69\x85\xbf\xe6\x1f\x8a\x4b\xd5\x84\x03\x55\x0c\x3f\x5e\x30\xa8\x9e\x73\x18\x50\xf2\x4f\x3f\xac\xf6\x8f\x4d\x6c\xda\xdf\xf1\x95\xcb\x96\x01\x5b\x0f\x06\xf9\x65\x9b\x1c\xf4\xcb\x76\xa1\x77\x66\xab\x17\xe5\xcd\x75\x91\xe6\xc2\xf6\xee\x5d\x5f\x23\x73\xae\xd0\xfe\x88\xf4\x5a\x88\x3a\xe7\xec\x58\x1b\xea\xf6\x97\x25\x00\x19\x66\xa7\x1b\x94\xd9\x98\x31\x3a\xeb\x0a\xda\xc8\xd4\xbd\xae\x62\xc4\x45\x0b\x25\x70\x5c\x1f\x80\x81\xe0\x41\x5d\x44\xbf\x0e\xd0\xb8\x7e\x48\x09\x23\x29\x26\x7d\xb7\x38\xd5\x3a\x77\xcf\x5a\xbb\x69\x5f\x8e\x0c\x9a\xe9\x16\x8c\xd1\x50\xaf\x02\xca\xad\x55\xe1\x18\x55\x5a\xb2\x4f\x23\xa0\xdd\x3d\x09\x55\x02\xd6\xf4\xa3\x00\x5b\x3e\xc9\xd1\xcd\x99\xe3\x97\x22\xc5\x94\x22\xe1\x00\xcf\xed\x46\xf8\x73\xc8\x05\xa1\x1b\x84\xe2\x12\x45\x83\x9a\x59\xe3\xcf\x18\x4d\xb1\x7b\x46\x86\x55\x40\xef\x29\x8f\x78\x75\x38\xa6\xc6\xea\x5f\x47\xe4\x77\xfa\x2b\xa5\xb6\xf1\xf4\xf1\xb9\x47\x6e\x15\xdb\x17\x37\x65\x59\xa6\x4a\xc5\x01\x01\x9e\x5e\x64\xbe\x79\x4f\x70\xe3\x1f\x0a\x30\xb9\xc6\xc1\xf2\x5f\xcc\xe1\x8f\x0f\x93\x48\x36\xfe\xd9\xae\x63\xb3\xc0\x4e\x14\x49\x14\x7d\xad\xf8\xed\x0f\xdd\x0b\x32\x53\xea\xdc\x1a\xa7\xb6\xef\x7b\x96\xcc\x96\x14\xf9\x6f\x55\x77\x6d\x49\xeb\x96\x8d\xcb\x9f\xc8\x8d\xed\xfe\x23\x50\x85\x2d\xf3\x34\xb2\xe9\x08\x7d\x55\x25\x28\xee\xb7\x26\x78\xfa\xf0\x50\xb1\x66\xdb\xe9\xf9\x18\xef\x05\x27\x3f\x94\xe7\x0f\x5b\xf9\x79\xdb\x8d\x87\x05\x6c\xf7\x49\x81\x0d\x4e\xb3\x5e\x1d\xe0\x65\xe5\x4b\xc2\x70\x3f\x41\xad\xcf\x35\x22\xe2\x0e\x9e\x60\xa1\x44\x82\xdb\xe7\x08\x53\x42\xb5\x01\xe0\xb1\x66\xe3\xb1\xa6\xe3\x07\x90\x05\x54\x80\xfd\x4b\x6d\xba\x3b\x63\x99\x19\xeb\xfd\xab\x4a\x9d\xbb\x44\xf1\x80\xd8\x0d\x47\x71\xf7\xa1\x7b\xd0\xa4\xdd\x40\x59\xa9\xfd\x51\x5c\xc7\x6f\x4a\xd0\x09\xc1\x17\x2b\x46\x89\x83\xa7\x1c\x8e\x49\xb8\x3a\xe0\x18\x1c\x1d\x53\x5f\x4b\x1d\x4d\x75\xb5\x25\x58\x8f\xe3\xb8\x0e\xcb\xef\xf1\x62\xdb\xe9\x0f\x10\x12\x23\x56\x85\x20\x14\x5d\xe8\x4a\x7c\xa0\x12\x1b\xca\xbe\xe8\xf8\x21\x29\x6a\xe7\x58\xb0\xba\x50\xd2\xa7\x5f\x40\xe7\x30\x24\x4f\x31\x96\xd1\xd8\x19\x2a\x6d\xb9\x83\x09\x53\xd6\xfc\xe5\x1c\x5b\x6c\xd5\x9e\x84\x2a\xac\x91\x6f\x9e\x77\x71\x16\x73\xdb\x8b\xe4\x2e\x74\xed\xf5\x83\x3f\xb1\x65\xd0\x06\x9f\xc3\x4e\x2d\xeb\x89\x42\x18\xaf\x0a\x5e\xe1\x82\x26\x6d\x92\xa4\x8b\xd9\x64\x1b\x48\x60\xfc\x86\x50\x85\xee\x44\x7f\x27\xb2\xc1\x24\x0d\x88\x7c\x03\xab\x30\xc4\x60\x52\x0d\xe5\x96\xfc\xe1\x2f\x20\xf3\xfd\x32\x10\xd7\xf4\xb9\x38\x75\x3a\x4b\x4f\xe4\x76\x21\x4d\xfb\xdf\xb6\x00\xc2\x20\x38\xa1\x6b\x4c\xe9\x66\x7c\xe8\xfe\xb7\x1e\x5f\x27\x44\x67\xb5\x75\x5d\x07\xab\x03\x81\x2b\x3c\x2d\xa3\xe6\xdd\x57\xab\x9b\x09\x56\x5e\x86\x4d\x5c\x11\x69\xef\x99\x5b\xe5\x64\xed\x1d\x5e\x4f\x61\xea\x34\xf7\x57\xb9\x7a\x4b\xe4\xa2\x73\x8d\x25\x67\x05\x37\xca\xc1\xe9\x64\x43\xbb\x79\x02\x52\x1c\x3b\xdb\xcd\x8a\xd2\xdc\xe4\xa2\x45\x61\x04\x59\xe2\x88\x79\xeb\x07\x6a\xb2\x56\x53\xc5\xda\x7d\x10\xfa\xd5\xb3\x68\xd9\x52\x87\x53\x50\x56\x68\xfd\x9b\xda\xf2\xd4\xe5\xd1\x19\x6b\x0c\xd8\xcd\xa4\x75\x53\xa5\x2d\x36\x38\x65\xec\x3c\x00\xe6\x95\x8d\x12\xd4\x4a\x5c\xdb\x64\x01\x6f\xc2\xf3\x33\x1d\xcf\x6a\xbd\xb6\xa7\x35\x1a\xf0\x2e\x64\x9d\xe4\x87\x04\x6d\xb6\x4f\x42\x14\x60\x06\xae\x18\x55\x1a\x3e\x30\xe3\x7c\x75\x7d\xf9\xba\xae\x6b\x31\x7e\xbf\x6b\xb2\xa7\x14\xa6\x72\x40\xd0\x05\x67\x1f\xd5\x1b\x34\x29\x38\x19\xd7\xb5\x31\xc3\xf7\xa3\x33\xbf\xe1\x04\x08\x18\x73\x63\x8a\xd7\xc3\x9a\xfc\xa5\x47\xaa\x6d\x70\x56\x23\x63\x53\xc2\x38\x79\x16\xdc\xf3\xb4\x54\x21\xf4\xf7\x6d\xae\xf9\x65\x20\x13\x7f\x20\xe8\xc9\x36\xb6\xc2\x47\xc0\xd4\xbb\xbc\x85\x6b\x73\x9c\x17\x2b\x77\xd3\x16\x70\x75\xce\x4e\x16\x9a\xee\x00\xe8\xfb\x64\x71\x22\xe5\x77\x97\x6b\x89\x94\x30\x70\xd1\xa9\x69\x8d\xaf\x14\xf8\xe1\x7a\xc0\xf8\x1e\x7d\xe9\x0e\x00\xa9\xad\x05\x6f\xd5\x10\xff\xa0\xa7\xcb\xca\x3c\x0d\x54\x56\x69\x7d\xe8\xef\x04\xb5\xef\x7d\xa9\xa5\x36\xf8\x36\xb0\xa9\xfe\x69\xd1\x34\x94\xb9\x18\x73\xcd\xd1\x72\x4c\x45\x70\x4a\x4f\x04\x7b\x41\x35\x3c\xdc\x09\x94\xdc\x16\xc0\xe6\x55\xd9\x81\xd7\x1f\x0a\x14\xd8\x0b\x9c\x53\x6a\x17\x90\x03\xb4\x54\xbc\x7e\xd4\xba\xe4\xae\xe9\x46\xbb\x93\x75\x24\x1e\xdd\x06\x84\x2c\x00\xa8\xe5\x04\xad\x09\xc4\xfb\xfe\x15\x8b\x68\xbc\x04\x91\x19\x89\xd1\x52\x11\xe7\x39\x7a\xaa\xb3\xb7\x15\xa2\x78\x0a\x14\xa3\x25\x17\x27\xfa\xf3\x0f\x00\xd4\x9b\x04\x46\x16\xb4\x88\xe3\x03\xfd\x99\x13\x89\x63\xf4\x8f\x44\xf1\xa5\xcf\xba\xd1\x4f\x69\x64\x7e\xd3\xfd\x25\x70\x5a\x55\x05\xd8\x78\x98\x6a\x7a\x18\xe0\x8f\x8d\x91\x2c\x70\x93\xa9\x6d\xa3\x11\x89\x46\x13\xed\x9c\x7f\x02\xfb\xb6\x12\x4b\x1a\x85\x3a\xb3\x5b\xe8\xf4\xe2\xca\x31\x7e\x6a\xfd\x64\x48\x7a\xfe\x46\xd2\x2b\x5a\x26\xe1\x8d\x6d\xc8\xf7\x77\x16\x59\x15\xa5\x7e\x8d\xa1\x6e\x17\x21\x75\x22\x99\x88\x38\xfd\xf9\xd1\x05\x5e\x41\x28\x14\x15\x12\xb6\x4f\x59\x5f\x0f\x26\xd6\xb3\x54\xd3\x27\xfa\x2b\x4e\x2c\xc9\x6d\xe4\x57\x9c\x43\x8e\xa2\x36\x26\x2e\x59\xd4\xce\x91\x4e\x0c\xc9\x25\x78\x17\x4c\x01\xb9\x19\x5d\x88\xfa\xb3\xc0\xa2\x94\x44\x4f\x75\xa6\xce\x63\x94\x3a\x60\x6a\x99\x21\x26\x12\xda\x6b\xcf\xd7\xf8\x12\xea\xc5\x9a\x92\xa0\x48\xcd\x6f\xc4\x2e\xf6\x66\x17\xe3\x59\xb9\xd3\xef\x67\x7a\x2b\x1d\x24\x31\xcb\x88\x1f\x68\x93\x34\x80\xfe\x40\x63\x1a\xb7\xf0\x44\x4c\x3e\x47\x79\xb0\xb2\x3b\x77\x61\xf3\x15\x50\x02\xe9\x14\x1c\x7a\xbb\xd1\xa5\x45\x67\x96\x5d\xbd\x40\x65\xb8\x58\x5b\x2a\x4d\x71\x29\x0f\x23\x82\x24\xb2\xd9\xb3\x69\x21\x1f\x8f\x9c\x53\xef\x1f\xa0\xc7\xbc\x79\x97\x99\x59\x3a\x22\x32\xdd\xd1\x9f\x26\xaa\xc6\xff\x47\xd2\x59\x2b\x49\xaf\x43\x41\xf8\x81\x1c\xc8\x0c\xe1\x18\x66\xcc\xcc\x99\x99\x99\xfd\xf4\xb7\xf6\xbf\xd1\xd6\x26\x2e\x59\x6a\x9d\xfe\x5a\x75\xc6\x1a\x6c\x09\xce\x0b\x53\x3c\xd1\x91\x3b\x47\xa3\xbe\x8c\x57\x8e\x60\xfc\x2c\xa9\xb9\xbc\x53\x4b\xf9\x5a\x8e\xf9\x60\x52\x06\x5e\x03\x2b\x0f\x4c\x65\x0f\x10\x51\x3b\xfa\x68\xea\xc5\x1a\xe3\x42\xee\x2b\x8e\x27\xfa\xef\xcd\xb7\xd2\xf8\x11\xc4\x43\x32\x94\xaa\xac\x2b\x85\x0c\xd7\x64\xc9\x53\x4d\xf5\xb8\xf0\xf8\x7d\xec\xa5\x08\x0a\xa2\x4d\x24\x18\x07\xde\xd5\x7a\x45\x61\x8f\x6b\xe0\x0c\x2a\x8d\xd1\xdd\x31\x70\x88\xdf\x2f\x4d\x53\x14\x75\x11\x19\x94\x17\xe6\x91\x29\x13\x23\x4c\x50\xad\x21\x07\x83\xa4\xfa\x00\xe2\x2d\xd0\xc5\xdc\xf7\xfd\x00\xd9\x53\x85\x75\x9c\x07\xf2\x7f\x13\xf5\x83\x57\xd1\x5d\x90\xcf\x3e\x84\xed\xa5\x8e\xf7\x28\x23\xfa\x18\x1f\xa1\xc8\xdb\xb5\x80\x15\xe6\x77\x13\xdc\xf9\xb5\x77\x7d\xd2\x45\x73\x78\xa7\x3e\xa3\x1a\x4e\xf1\xc8\xdc\xa0\xca\x9d\x1e\x91\xca\x8f\x04\x9e\xe4\x47\xe2\xce\xf4\x50\xe9\xed\x0d\x4b\xf9\x76\x9c\xfd\xc3\x21\x4a\x9f\xf4\x49\x22\xda\x42\xf5\xcb\x2d\xa6\x0d\x19\xe8\x7a\x8e\xe6\x9e\xe7\x45\xcd\x48\xeb\xe4\xce\x34\x04\xf2\xc1\x78\x29\x9c\x2c\x56\xe7\xaf\x34\xfc\x81\x01\xb5\x3c\x5b\xc4\x73\xc9\xc4\x8b\xf0\xd3\x39\xce\xec\x73\x0b\x12\x2c\xe8\x3b\x29\x1c\xbc\xab\x36\x6d\x9b\x03\x4c\xe6\xc6\xee\x0f\x3b\x79\x46\x73\xa5\xa9\xf5\xc8\x40\x04\xdf\x47\x85\x21\xbe\x4c\x11\xfa\xa1\x0f\xe7\x62\xcd\x80\x9d\x18\x37\xe8\xd3\x78\xa5\xbb\x7f\x95\x59\x67\x2b\x4d\x4e\x82\x7e\x4e\x82\x9e\x20\x10\x80\xcd\xce\xec\xbd\x1a\x95\xd8\xb8\xc6\x9e\xe5\x81\xfa\x26\x11\x07\xff\xee\xf9\x42\xfc\x38\x14\x71\x7a\x88\xe0\xe2\xe5\x63\x5e\xd9\xc3\x75\xfb\xd9\x48\x21\xc1\xb8\xc0\xb3\x4c\x0c\x9d\xbf\xd4\x9d\x3b\xac\x30\x38\x82\x84\xc9\x55\x80\xdc\x4a\xad\xab\x8a\x50\x10\xd5\xa9\x75\xb7\xcb\x0c\xf0\x63\x2c\x61\x64\xbf\x63\x9d\x7f\x98\xf9\x76\x1c\xfb\xd6\x8a\xf8\xc7\x66\x81\x22\x39\x6e\x74\xa0\x66\xb0\xb8\xdf\x89\x94\x69\xe1\xb6\x04\xc9\x57\x2f\x66\xf5\xc3\xf0\x86\x99\x78\x7b\xb3\x23\x34\xce\x81\x3f\xc5\x94\x8f\x5b\xb4\xab\x95\x00\x3d\xd7\x77\x46\x29\x69\xa5\xbf\x7f\x7e\xf4\xc7\x51\xbd\x49\x9c\x55\x4e\x43\x34\x7d\xf9\x19\x49\x5a\xc4\x4a\xed\x10\xf6\x96\x68\xeb\xaf\xfa\x08\x1e\x27\x51\x5d\xfc\xc4\x88\x52\xa5\xa4\x14\x2a\x9d\x6d\x97\x28\x6a\x7d\xdf\xa6\xed\x5f\xfb\x37\x34\x0e\x9a\x7e\x54\x58\xb7\x73\xb1\x61\x16\xa4\xd8\xc1\xd0\xc6\xdb\xac\x8d\x2e\x9a\x9a\x0b\x19\xcf\xc5\xb6\x7a\x4a\x9e\x67\x05\x04\xf7\x3d\x82\x2f\x4f\x3f\xcc\x7f\x93\x87\x00\x70\xbf\x77\xa8\xf6\x17\xf4\xd8\x52\xd3\x2c\xf2\xf0\xc6\x3b\xf1\x52\x14\x66\x54\x95\xac\x9d\x9c\x8b\x33\x57\x56\x02\x53\xfc\x9a\x78\x83\x5f\x71\x5e\x96\x41\xf8\x10\xda\xd8\x50\x87\x6b\x4f\x70\x01\x0a\xb0\xe5\xd2\x40\x5d\xdb\xb6\x9d\x25\x94\xc6\x18\x2a\xc2\x1a\xb2\x87\x3e\x53\x2c\xbd\x73\x84\xbe\xf3\xea\x8f\x61\xa2\x87\x29\xb6\x2b\xb1\x63\x98\xed\xbf\xc4\x56\x77\xdb\x66\x31\x0f\xf8\xb6\x37\x4a\x02\xc6\x4d\xee\xfd\x4c\x80\x0b\x18\xf4\xdd\x1f\x42\xa8\xde\x01\x69\x90\xd4\xc4\x5a\x00\x4a\x8c\x62\x86\xd0\xcc\x09\x5c\x16\x9e\x34\xcb\xf6\x63\xdf\x1e\x12\x0a\xcc\x85\x0a\xfa\xdd\xa5\x21\x9c\xa2\xc8\x3b\x3d\x1e\x22\x57\xcf\xcd\x92\xdc\xa3\xf2\xbe\x37\x74\xdb\x01\x86\x61\xbd\x18\x05\xdf\xfa\x6f\x8f\x91\xcb\xba\xe4\x0c\x01\x15\x8c\xf9\x6b\x3d\x63\xe3\x64\xf1\xe8\x58\x48\x2c\xd4\x36\xa7\x6a\xaf\x54\x7d\x08\xc9\x06\xbf\x8d\x50\x93\x0e\xb0\x13\x38\x3e\x73\xaf\x55\xad\x4a\x9f\x80\x95\x04\x3f\x59\x0f\xa4\xa1\xb0\x9f\x10\x4e\x2b\xb6\x70\x32\x75\xcc\x5b\x56\xe7\x5d\xc3\x26\x41\x7d\x23\x6e\xbd\x42\xaa\x69\xb1\x9c\x90\x28\xb9\xfa\x43\x56\xf9\x54\xab\x95\xa3\xb0\xeb\x1c\x5f\xf9\xdb\xa7\x70\xc6\x0b\x5a\xc6\xfc\xb4\x9f\xb5\x05\xea\x5c\xa1\xa5\x3b\x0d\x2e\xbd\xee\xa8\x4a\xb5\x67\x08\x18\x12\x18\x4c\xc1\x98\xc7\x8e\x7f\x04\x1a\xd2\xf2\xf0\x00\xca\xff\xf3\xf7\xfc\x41\xa3\xff\x70\x38\x41\x9f\xfa\x79\x00\x0c\x4d\x48\x88\xd2\x37\x72\x93\xf7\xc4\x14\xae\xcc\x10\xbf\x2d\x3d\x5e\x10\x96\xea\x78\xc6\x4d\xc1\x43\xa5\xe1\x6b\xaa\xcc\x4a\x90\x44\x6e\x60\x45\xfc\x16\xc9\xba\x52\xfd\x80\x9d\x37\x71\x84\x3d\xa1\x05\x60\x87\x49\x24\x1d\xb1\xf5\xd1\xa1\x3c\x3b\xef\xce\xa8\xa9\x7c\xc3\x56\xb9\x85\x70\x92\xa2\x28\x6c\x9c\xe7\xfd\xbc\xab\x5b\xdb\x7f\x9e\xef\xc0\x61\x16\x74\x5f\xb6\x2a\xfe\xef\x17\xb1\x27\x38\xd1\x83\x74\x43\x35\x43\xe4\xa7\x01\xb9\x1c\x34\xd5\xa9\x02\xd9\xe7\xf9\x82\x5b\x82\x47\xf2\xd4\x2b\x4d\x1e\x82\x6e\xe8\x04\x7b\x7b\x32\x68\xb9\x24\xef\x8b\xdf\x76\x26\x9e\xa0\x6d\x88\x14\xa2\x73\xcd\xd0\xf5\x87\xa4\xcb\xf9\x1b\x2c\x74\x80\xdf\x44\xcc\x40\x1a\xec\xba\x10\x55\xee\x0f\xad\x9e\xcc\x96\x19\x22\x5b\xe1\x9b\x23\x9f\x18\xf5\x34\xee\x33\x87\xab\xf9\xa5\xc1\x5d\x86\xd8\x4a\x60\x37\x43\x77\xf2\xb7\xd7\xaf\xc8\xe6\x3e\x76\xb0\xf6\xcd\xbf\x3e\xd7\x94\x5a\x09\x62\x06\x19\xc8\x4d\x4d\x51\x3a\x8f\x9b\x42\x88\x3e\x32\xa0\x82\xfe\xca\xbc\xe4\x10\xae\xcc\x42\x40\xba\xa3\x44\x4e\x1f\x62\x1b\xbe\x33\xdc\x9c\x3d\x33\x39\xf3\xbb\x77\x8a\xea\x6b\x8d\xa0\x03\x23\xc5\x77\x5a\x92\xc2\xd9\x0e\x3b\xeb\xb6\xed\x49\x0a\x1d\xb6\x9b\x1b\x5d\xfa\xf4\x6d\x9d\x58\x50\x10\xe3\x18\xec\xe6\x4e\x38\xdc\x97\x2b\x66\xfe\x86\xa6\x0c\xf9\x14\xa1\x51\x5c\xef\x17\x80\xf3\x5d\x89\x0d\xb8\x64\xe8\x44\x16\x3d\x86\xf0\xae\x3e\x27\xc5\x10\xc9\x06\x0e\xcc\x6a\xbe\x9c\x01\xe1\x12\x9c\x41\x85\x09\xf1\xae\xbd\x61\xcc\xe9\xc2\xce\x6f\x15\x43\x33\x44\xde\x17\xa3\x28\xf3\x04\xd0\x9e\x31\x26\x38\xe3\x55\xda\xc7\xbb\x24\xe5\x8e\xf2\x79\xe5\x6a\x39\x99\xd8\x50\x50\x9c\x79\x8e\x6d\x94\x10\x14\x2f\xb2\xa7\xc1\xce\x10\x34\x4d\xa0\x18\x46\xe0\x77\x06\x45\xfb\xce\xc0\x89\x75\xff\xca\x9c\x21\x48\x88\xa4\xcf\xf3\x7d\x61\x18\xfb\xd5\x9e\x51\x9b\x25\xa8\x5b\x0b\x36\xf9\xea\xa2\x99\xda\xac\xc6\x77\x12\x78\x96\xb6\xf3\x60\x3c\x73\x20\x76\x32\xba\x07\xdf\xe6\x4e\x94\x81\x05\xa3\xf1\xa3\x08\x9b\x3e\x00\xf4\x82\xf2\xba\x5f\x49\xfb\xd2\x85\x69\xb6\xc1\x80\x82\x1d\x55\x71\x66\x0d\xf6\x1f\x8f\x20\x69\xc0\x1c\xeb\x4a\xbd\x0f\xd3\xef\x67\xe8\xe6\x27\xb6\xa1\x18\xf6\x7b\x5e\xf4\x15\xc4\x7a\x21\x9f\xed\x54\x6a\xe8\x66\x24\x50\xfb\x00\x5e\xbf\x00\x00\x9c\x4a\xd7\x93\x61\x30\x06\xcf\x32\x55\x68\x7c\x35\xdd\x21\xea\xa0\xa6\xf2\x28\x21\xfe\x53\x59\x7a\x6c\xbc\x53\x76\x53\x18\xf5\xb6\xbb\xd8\xde\x37\x81\x5b\xf4\x39\x8f\x27\xc5\x48\xa4\xd1\x56\xe5\x71\x5c\xa0\x5c\x3e\xc2\xef\x7b\x5d\xbf\x3f\x6f\xa2\x0b\xda\x04\x3d\x92\x7a\x8f\x49\xde\x63\x77\x9f\x75\x84\xec\xb1\xdc\x30\xe5\xd8\x39\x8a\x46\xaa\x9a\x74\x57\x8e\xc4\x0d\x7c\xe7\x48\x51\xe3\x19\xb7\x24\xd5\x8d\x4d\xda\xf2\x8a\xc6\x3f\x6d\x1d\xec\xb3\x9c\xc5\x00\xf3\xac\x41\x0f\x70\x53\x65\x4a\x59\x55\x29\x0c\x7a\x31\xa6\x28\x18\x04\xd1\x19\x86\x74\x60\xc2\xe0\x8f\xd8\x81\xeb\x0b\xe4\xc7\x3d\x32\xcc\x9b\x62\x3b\x69\x78\x9a\x3b\x6f\x37\x4c\x81\x33\x3c\x4e\x90\x1e\xa8\x63\xf6\x63\xf2\xec\x6b\x88\x75\x78\x94\x8d\x6e\x4c\xd1\x97\xa4\x99\xbd\x44\x47\x42\xae\x8d\x6e\x9f\x42\xd2\x77\x78\x0a\x53\xe4\x20\x6b\x2b\x40\x11\x9c\xf4\xd7\x83\x82\xb6\xca\xb0\x75\xee\x1f\x9c\x01\x90\xa2\x95\xe5\x49\x8b\xc3\x0b\x88\xd8\xa8\xc1\xf1\xc7\xc1\x73\x5e\x16\xcd\xf0\x4b\x90\x10\xa2\xe9\x1f\xc0\x30\x6c\x14\x3d\x0b\xca\x32\x3b\x37\x35\xf2\x59\xd5\x26\x37\x12\x3d\xd7\x82\xc2\x38\x7e\xa1\xde\x3f\x48\xde\x9c\xb3\x3d\x14\xee\x7b\x86\xe7\x09\x15\x63\x6e\x82\x17\xe2\xa9\x98\x81\x86\x21\x90\xb5\x9c\x82\xc2\x07\x62\x18\x86\x4a\xe9\x1f\x0d\x65\x34\x60\x90\x3b\x4d\x9e\x6d\xb8\x10\x2e\x33\x44\xb1\x39\xc7\xf3\x78\x8b\xb4\x2b\x04\x3b\xf4\x99\x8c\x67\x18\x04\x30\x46\x6d\x3b\x05\xe2\x2b\xac\x4d\xd2\x26\x45\x6d\x6f\x47\x60\xc3\x79\x62\x2b\x0c\x4a\xa8\xad\xf7\x2f\xf1\x8a\xd6\xf5\xa3\xa8\x13\x8b\x41\xfd\xe3\x5d\x1e\x27\x40\x9d\xa6\x14\x4e\x50\xc4\xbc\x86\x58\x7b\x40\x9e\xd5\xfd\xe5\x67\x92\x8d\xda\x36\x7f\xe7\x2f\x8a\xce\x7b\xc7\x5d\x2c\x27\x72\x0c\xc6\x39\x38\xcf\x02\x59\x92\xc6\x3b\xe8\x45\x57\xea\xed\xfb\xbd\x1a\xe4\x7e\xa1\x9b\x9e\x71\xf2\xfe\xa0\xa3\x40\xfd\xbe\xd6\x0c\x9d\x00\x94\x22\xf6\x5c\x89\x49\x72\x33\x41\xd1\x6f\xd2\xbb\xf3\xcb\xe5\xdd\xc2\xdd\x53\x21\x16\x07\xc4\xb0\x59\x7b\x1b\xc3\x1b\x1f\xa7\x19\x0e\xc3\x0d\xe1\x14\x46\xca\x32\x9d\x53\x54\x79\xd2\x7f\xe4\x02\xe5\x58\x18\x8e\x1d\x52\x1f\xbb\xbb\x3d\x1b\x10\x2b\x52\xf4\xb1\x07\x2e\x75\x91\x66\x1d\x9a\x66\xb0\x87\x7f\xf0\x80\x30\xe7\xcf\xc9\xdf\x14\x4d\x38\x06\x38\xfe\x9e\xf5\x57\x33\xc7\xd7\x60\xdf\x82\xc2\x1c\x08\xa2\xcd\x23\x1a\xa1\xd3\x3f\x29\xc2\xf1\xfd\xe0\x3b\x70\x39\x67\xc3\xa5\xf8\xb7\x67\x9b\xb4\x65\xd1\x38\xcf\xa4\x01\x57\x0c\x62\xfe\xe3\xec\x65\x58\xf6\x2f\xf6\x63\x5d\x8f\xf9\xe3\xe8\xed\xe2\x5d\xf5\xf3\x45\x18\x9a\x8e\x0d\xaa\x1c\x5f\xcc\xc5\xc8\x44\x9d\x81\xc2\x65\xf2\x1d\x6a\x61\x23\x5b\xe7\xf0\x86\x60\xef\xfd\x82\x3a\xa8\xed\xd6\xac\xc8\xe6\x3f\x51\x09\x32\xef\x14\x92\xb0\x18\x51\x07\x14\x87\x15\x9a\x33\x63\x1a\xeb\x09\xf7\x2f\x00\x50\xb4\xf1\x21\xca\x4e\xd2\x99\x1e\x68\x69\x98\x27\x80\x99\xb2\x2c\x01\x4f\x31\x80\xce\xda\xfa\xba\x6b\xb1\x92\x04\xa8\x65\x08\x82\x84\x10\x02\x41\x5e\xea\xd9\x76\xe0\x06\x4d\x72\xef\x9b\x9f\xe2\xe4\xb9\xce\x1d\x9c\x78\x7e\x1a\x78\x92\x1b\xcd\x68\x39\xb7\x9c\xfa\xb7\x36\xfa\x57\x4d\x67\xff\x71\x37\x73\x7a\x99\xb1\x66\x28\xd9\xe8\x26\x62\xdf\x98\xc6\x3e\xdb\x51\xc8\x18\x20\x2e\x48\x5a\x16\xb9\xa9\x9f\x23\xb6\x2c\x5b\x22\xb0\xdd\x33\xdf\xac\xf0\xc5\x29\x5d\x14\x4d\x51\x80\xcd\x28\xdd\x51\xaa\x2c\xb3\xfc\xdc\x5b\x40\x3d\x3e\xe2\x8d\x70\x73\x97\x37\x26\x66\x3f\x12\x02\xe5\x56\xec\xfb\x85\x61\x1c\x3a\x05\x65\x4e\x6c\x81\x0a\xa0\xf9\xd8\xcf\xc2\x48\xe7\x99\x38\x92\xa1\xe5\xc3\x9a\x54\x17\x5b\xf7\xce\xf2\xa4\x24\x06\x22\xf1\x0c\xca\xc7\xf1\xc2\x9e\x4d\x05\x80\x2a\xc0\x4d\x70\x1f\xbc\x1d\xcf\x7e\x8e\x33\x9b\xf2\xec\xe8\x0c\x15\xff\xf8\xa0\x0f\xd1\xa0\xd1\xc8\x7c\xf2\x71\x65\xaa\x8f\x37\x28\x85\xa5\x80\xa8\xeb\xbe\x73\xf7\x4d\xfe\xcf\x4b\x26\x66\x62\x7c\xc8\x63\x64\x54\x97\x41\xcb\xde\x92\xc4\xea\x04\x0e\x4a\xef\x4b\x43\x09\x00\x24\xc0\x3c\x23\xc7\xa4\x1f\xc4\x40\x49\x0c\x1b\x5b\x2c\x59\x81\xde\xe2\xf7\x71\x9e\x0f\x69\x8f\x6e\x0f\x51\x7a\xdb\x00\xec\x91\xac\x68\x44\xdf\x7d\x3f\x67\x68\x20\xdb\xcc\x10\xf9\x06\x00\x92\x33\x34\x49\x60\x01\x1e\xb2\x78\x92\x85\x4e\x5d\x9a\xc3\x09\x5e\xc7\xb9\xe1\x5c\x8c\x7a\xe8\x38\x52\xb4\x10\x41\x58\x82\x4a\x4e\x98\x44\xed\x6b\x68\x64\x45\x71\x99\x26\xd7\x56\x61\xf8\xb1\x16\x7b\x6a\x63\x0c\xdf\xf8\x06\x40\x9f\x3b\xb1\x1c\x4e\x22\x18\xc8\xad\x51\x23\x3f\xa2\xdc\x98\x9d\x4f\x7d\x9f\x26\xbd\xcc\xc1\x9a\xf6\x35\x0c\x0a\xa8\x2c\x2f\x21\xac\x9b\x54\x7a\x0e\x6f\xb5\x95\x37\x1f\x06\xd8\xa0\x74\x00\xa6\x1b\xd0\xb4\x22\x52\xe2\xdb\xa2\x88\x5f\xce\xd0\xb3\x2c\x0b\xb9\x03\xc8\x84\xcb\xd3\x1c\xc9\x1f\x6d\xe2\x84\xb6\xfc\x60\x17\x21\x19\xa3\x31\xcb\x93\xe7\xef\x9b\x61\x78\x15\x0a\x22\x8c\xef\x1e\x59\xa4\x4a\x2c\x2d\xcf\xb0\x2c\x3d\x04\xf1\xb1\x92\x01\xa7\x4f\x9d\x37\xb9\x87\x37\xe8\x3c\x94\xca\xcf\x95\x3c\x56\x8b\xac\xbf\x3b\x66\xcf\xbf\xd1\x1d\x5a\x23\x86\x8d\x06\x8a\xf2\xe9\x27\xfd\x98\x97\x40\x83\x42\x6f\x23\x34\xe2\x8a\x51\x22\x81\x07\x01\xe6\x7e\x77\x86\x79\x48\x9c\xda\xd1\xfb\xa7\x6f\xb4\x2b\xe2\x60\x00\x26\xc0\x66\xa6\xdf\x0f\x33\x65\x81\x49\xaa\x76\xcd\x80\xbf\x32\x40\x89\xcf\xc7\x28\x9d\x17\x7a\xf1\xcc\x09\x7c\x1e\x10\xf5\x7e\xc6\xfd\x21\xcf\xa2\xd9\x18\x06\xc5\x30\x0c\x61\xde\x2f\x02\x68\x1c\xc6\x3c\x6d\xd2\x26\x15\x98\x26\x00\x74\xdb\xef\x67\x01\x51\x71\x0c\x43\xa5\x39\xa3\x59\x4c\xde\x7b\xdb\x9c\x75\xa1\x2c\xb2\xd1\x57\x7d\xb4\x30\x15\x9c\x27\x94\x23\xf2\x7a\xb6\xa7\x8b\x94\x20\x4d\xea\x4c\xd9\xf7\x28\xf8\x8a\x8c\xa4\xd6\x57\xf1\x6d\x5e\x0e\x54\x53\x7f\xfb\x14\xe6\x36\xa2\x06\x52\xbb\x79\x5c\x83\x41\xb4\xa6\x7f\xb9\x3b\x81\x68\x26\x4d\x03\x53\x6a\x8e\xb1\x2c\x4b\x3b\x67\x1b\xe1\xab\x3a\xf4\xe6\xb6\x2f\x80\xf0\x1b\xe4\x79\xc9\xa9\xae\xda\x5a\x1d\x64\xe0\x3e\xc2\x10\x44\x4e\x52\x14\xda\xaf\xc9\x7d\x2a\xf8\xab\xd1\x26\x43\x15\xd8\x49\x52\x33\x01\xa0\xf1\x3d\xc0\x70\x0f\xed\x00\xcb\x54\x7e\x40\x10\xc8\xe3\x74\xc4\xc0\x71\xb8\x24\x12\xf2\xf9\x8e\xb1\x36\x1f\xc4\x34\xc4\x0a\xdf\xe8\x44\xf1\xbc\x6a\x9e\x03\x94\x27\x8a\x44\x75\x82\x36\xf7\xfd\x37\xf5\xaa\xff\xc0\x8e\xe6\xec\x75\x66\xd6\xb3\xed\x47\xd6\x4c\x40\xca\x1c\x6d\x47\x48\xb1\xd7\xb4\x7e\x1d\x48\x02\xe7\xcf\x41\xc9\x63\x5d\x46\xe6\x45\x70\x86\x86\x18\xdb\x3a\xc4\xe9\x41\xf3\x6c\x0b\xfc\x6f\x3a\xbf\x10\xc0\x78\xf2\x78\x1d\x49\xc5\x4b\x95\xac\xfb\x1f\xa5\x5a\xc7\x19\xac\xde\x41\xd9\xa2\x2e\xda\x57\x6e\x44\x96\x0a\xc3\x79\x9a\x40\x7b\x73\x96\x63\x88\xb5\x18\xf3\xfc\x31\x5d\xcc\x53\x27\x5d\x2e\x38\x3c\x5e\xa7\x9f\xd5\x9b\xbd\x0b\x86\x15\x7c\xb9\x5d\xbe\x5a\x17\x9d\xee\xc5\x71\x9a\x9a\xbe\xdc\x04\x31\xb6\xe2\x9b\x7d\x9f\x9f\x27\x58\x36\x0b\x02\x47\xa2\x50\xb7\xdd\x10\x39\xaa\x04\xf9\xc4\x66\x50\x71\x6c\x0c\x4c\x06\xc8\xaa\xca\x20\xf4\x85\x63\x29\x1d\x76\xcb\xf8\x97\x7f\x98\xa4\x7a\xcc\xed\xca\xec\x17\x23\x8e\xfd\xc4\x54\xf6\x82\xd3\x05\x19\xe2\x24\x41\x29\x9d\x62\x20\x14\xc3\xda\xc4\xf3\x83\x20\x1e\x59\xa6\xa4\x73\xf1\xf9\xdd\xd1\x11\x9c\x94\x9d\x35\xb7\x2b\x1c\x65\xca\x65\x4c\xa8\x7e\xc9\xe7\xcf\x5f\x5a\x22\xda\x49\x0a\x79\x29\x82\xca\xf1\xee\x8d\xc3\x74\xb3\xa3\xf0\x27\x0f\x77\x3e\x04\x65\xb2\x2c\x24\x63\x5c\x03\x65\x0e\xfc\xe8\xa6\x6b\xa1\x16\xf7\xfd\x69\xdb\x40\x17\x79\x06\xa5\xc4\x1d\x2b\xcf\x92\x00\x20\xcf\x84\x85\x10\xde\xea\xe1\x24\xe5\x4e\x8e\x62\xf9\xd5\xd1\xd1\xb4\xf4\x1d\xa7\x07\x54\x9c\x56\xcb\x7d\x74\xda\xf0\x10\xc0\x02\x9a\x87\x3e\x6f\x35\x8c\x44\x18\xe2\x70\xff\xe8\x1d\xaa\xc1\xf9\x63\xc2\x96\x23\xed\xa3\xfa\x6d\xe6\xfd\x38\x44\xb1\xad\x27\x4c\x2e\xa1\x99\x97\x9f\xee\x40\xea\x60\x0a\x2e\xca\x42\x2f\xfc\x61\x27\x04\xbf\xfd\x50\x48\xc8\x69\xc6\xe7\xb9\x6f\xbe\xc6\x47\x65\xf9\xfb\xa9\xb8\xd2\x11\xfc\x4f\xe2\x4b\x15\xc7\x49\x91\x54\x03\x6a\x40\x15\x3c\x0c\x26\x00\xf0\xf9\x48\x65\x5f\xb0\x96\x07\xdd\xcf\xe4\x8f\xdb\x70\xc2\xf8\x95\x32\x84\x2a\x1d\xfd\xa0\x19\x9d\x8f\x9c\xa6\x5c\x94\xde\x40\x38\x14\xa5\xe9\xf8\x22\xbd\x5f\xd2\xe5\xc8\xfc\xce\x8d\x0f\x60\xb2\xfc\xc7\x19\xcd\x0b\x68\xfa\x7b\x95\xe1\x3c\x4c\x57\x11\x90\x04\x99\x63\x26\x30\x61\x98\x40\xf3\x31\x6e\x57\xfc\x58\x37\x4a\x7c\xd1\x21\x07\x0c\x21\xe4\x18\x92\xbb\x9e\xf0\xb1\x6f\x48\xfe\xe0\x62\x3c\x18\x22\x3f\x70\xa8\xb4\x12\x1a\x73\xae\x58\xf9\xca\xf1\xbf\x33\x0c\x71\x43\xad\x84\x97\xac\x9e\x72\xfb\x9f\x77\x7c\x4e\x1f\x65\xce\x54\x47\xb1\xac\xe6\xba\xba\x4c\xbe\x16\xa9\xfa\x61\x78\x62\xc5\x98\x33\xdf\x91\xca\xa2\x5c\xb4\x61\xd3\x3c\x35\xea\x26\x69\x70\x09\x9e\xe6\x58\xd2\xb4\x4e\x89\x19\xd3\x62\xd3\xdd\xc8\x73\x96\x35\xa1\xf5\x0b\xaf\x39\x9f\x2b\xe9\xa0\xc1\xc7\xa9\x51\x4c\x99\xa1\xfa\x38\x90\x20\x6e\x8c\x4b\xd1\xb8\xa0\x9b\x00\x62\x4e\x0f\x0b\x38\xec\xa6\xbb\x93\x7c\x8c\x38\xf7\x51\xfb\x2d\x89\xeb\xdc\x9f\xaa\xe1\x60\x65\xeb\xf3\xab\x51\x2c\x6d\xa2\xac\x08\x8b\x65\x56\xa0\xa7\x02\x6e\xd2\xe0\xbb\x51\x88\x53\x1b\xf2\xb2\x60\x5e\xb7\x23\x12\x08\x05\xf3\x0e\xf9\xa5\x37\x1f\xa4\x9e\x03\xaf\x16\x8b\x63\x08\x55\x37\x2f\xcb\x8a\xf3\x4e\x3a\xd8\x37\x6b\x0a\xfd\xa9\x94\xc9\xd3\xa3\x69\x70\x36\x3c\xc3\x40\x25\x6d\x07\xa6\x11\x51\x14\x28\xb5\xf3\xdf\xfb\x5c\xd1\x1c\x13\x0e\x0b\x95\x82\x89\x8d\x27\xe8\xe7\xfd\xc0\xd6\x7d\xe4\xa1\x98\xc4\x8f\xb7\x3c\x01\x40\x03\xf4\x4f\xe2\x3b\x10\xc8\x33\x4e\x9c\x8f\x95\x88\x09\x25\xf8\xcd\xbd\x7e\x9f\x7b\x5a\x8a\xd1\xa6\x2d\xfd\xed\x98\x2b\xa6\x89\x09\xa1\xd1\xf4\x7e\xd9\x26\x3c\xfa\x60\x0b\xab\x7b\x9e\x5c\x41\x74\x19\x94\xd2\xa8\x34\x1d\x41\xcb\xe4\xc5\xfd\xe5\x85\xc2\xa0\xe2\xf3\x84\x82\x61\x20\x7d\xcb\x7a\xcc\x2f\x06\x34\x3a\xec\x9e\xdf\x86\x4e\x65\x70\x0c\x8c\x2d\xd2\xea\x0d\x7f\xb4\xdb\xd0\x67\x97\xd2\xe2\x3e\xc0\x29\x5e\xe6\xa6\x10\x4e\x29\x66\x47\xd0\x87\xc4\x52\xf3\x84\xe1\x3d\x3d\xee\xb2\xa3\x37\x8c\x80\xca\xc2\xcb\x21\xb4\xdb\x6c\x96\x13\x5c\x32\xdf\xb1\x1a\x86\x60\xff\xb6\x3a\xfa\xfd\x51\xb2\xe6\x8b\xad\x2d\xaf\x1e\x2e\x14\xde\x6c\x35\x84\x49\x55\x3a\x7c\x26\x3b\x06\x64\xd3\x14\x49\xef\x6b\x76\x01\x05\x55\xcc\xfd\xf8\xa1\x59\x86\xeb\x42\x1e\x31\x01\x08\xcc\x85\xc1\x99\x1e\xf7\x64\x89\xaf\x1a\x24\x7b\x20\x45\x40\x37\xce\x60\x5d\xcf\x19\xaa\xb7\x67\x25\x79\x45\xe2\x89\x64\x3f\x5e\x68\x64\xb0\x91\x26\x30\xa6\x7a\x96\x96\x3e\xf4\x3d\x0d\x30\x0c\x0b\xcf\x73\x04\x14\x7e\xc3\x9f\xaa\x52\x87\x22\xe1\x61\xc6\x2c\x01\x7d\xbf\x8c\xb0\xca\x61\x5c\x2d\x46\xd4\xfc\x00\x35\x07\x4a\x91\x8f\x11\x39\xc6\xc6\xe8\x0a\x63\xf2\xce\xa7\x4e\x4c\xfb\xf8\xde\xf1\x5d\xfd\x65\x73\xbe\x8e\x5b\x3b\x50\xe1\x33\x3c\x50\x08\xd0\x2f\x56\x00\x1f\x87\x6f\x61\x32\x45\x1c\x8c\xbd\x44\x31\x38\xb9\x8d\x25\x6f\x3a\xf3\x78\x21\x52\xb7\xd9\x9a\xc1\x6d\x73\x2f\x6f\x2d\x17\xbd\xc6\xf5\x31\x85\x9a\x12\xf9\xcf\x6f\x1c\xff\x32\x6f\x66\x80\x9c\x79\x2d\x4c\x27\x73\xda\x65\xd2\x3d\x4a\x17\xb1\x08\x42\x3a\x40\xcf\x48\xb5\x4a\x68\x78\x94\xce\x16\x26\x8d\x15\x67\xc1\xa0\x29\xea\xf1\x64\x4d\x13\xc6\x79\xee\x12\x75\x77\x86\xd6\x3f\x9a\xbc\x78\xc5\xb6\xd0\xa4\xd0\xf8\x19\x50\x5a\x3e\x59\x51\x34\x27\xf1\x90\x30\xbc\xdf\x86\x79\x66\x67\x1d\xb8\xed\x29\x96\xe6\xb8\xef\xe7\x19\x60\x39\xba\x06\x51\xd6\x7e\x0d\x5e\x79\x70\x63\x2e\x82\x7e\x4e\x44\x11\x7b\xa7\x26\xcb\xca\x14\x05\xe6\xb1\x7a\x46\x81\xa5\x27\x38\x7f\x26\xd5\xae\xab\x9f\x17\x71\x77\x83\x12\xca\xfb\x71\x67\x10\xfa\x21\xc9\xfc\x78\xf9\x10\x46\xac\xb0\x39\x7e\x12\x61\x1a\x4c\x81\xee\x6b\x02\x87\x59\x24\x4a\x64\x06\x47\xee\x0e\x6f\xa3\x65\xb3\xea\xb7\x01\xec\x2d\x7f\xaa\x96\xce\x5f\x8c\xc2\xb0\xf3\x74\xc2\x13\xb7\x39\xc9\xb3\x79\x9b\x85\xce\xf0\xc4\x72\x03\xc2\xe9\xa2\x94\xbb\x7c\x25\xe8\x8a\xf9\x49\x46\xc8\x06\xc5\x88\x2d\x2b\x22\x9b\xee\x32\x1c\xba\x12\xba\x24\xc5\xf3\x9f\xdf\x20\x10\xa0\x1f\xcb\xf3\x84\x45\x04\xd0\x15\x6c\x3f\x9a\x8f\x40\xf4\x66\xea\x17\x59\x85\x5b\x80\x9b\x34\x34\x3d\x45\x01\x74\x81\x03\x9c\x39\x59\xb8\xb5\xd0\x41\x5a\xf6\x5e\xc5\xbd\xac\x2e\x1b\x9e\xb8\xf6\x93\x43\xc6\x8f\x6b\xfc\x30\xfc\x21\x4e\xf8\x90\x6a\x88\x86\xd0\x31\x2a\x22\x83\x60\x6c\x3f\xc6\x33\x4d\x37\x7d\x44\x48\x0b\x06\xcd\xfb\x04\x2f\x3a\x97\xa9\xb1\x3c\xf4\x18\xba\x6c\xce\x12\x9c\x9e\x47\xf4\x09\xff\x2e\x37\x86\xb5\x77\x1a\xea\x96\xf2\x12\x49\x79\x6a\xba\x4e\xa6\xf4\xb0\x64\x9e\x71\xa6\xfe\x1f\x30\xd1\x42\xb6\xab\x0e\xc2\x50\x1b\x24\x00\xb1\xc2\x45\x91\x9a\x5f\x8c\x21\x70\x95\xa2\xd0\xc7\xbe\x70\x97\x17\xc0\x28\xac\x49\x8b\x5a\xa9\x9a\xc0\xd1\x32\x48\x01\xaa\xc7\xcc\x31\xaf\x6b\x37\x3e\x0e\x51\xc1\x85\x2f\xdb\x5e\xfc\x93\x7e\xc8\xfb\xd2\x59\x81\xaf\x82\xbd\x30\x07\x48\xf3\x67\x37\x92\x26\xd6\x52\x0f\xd3\x19\x0a\x50\xa7\x85\xad\x08\x5a\xd6\xc9\x43\x1f\x4a\x16\x09\x86\x72\x34\xf8\x6e\x8b\xf3\x62\x79\x4f\x84\xb3\x5f\xdb\x19\x50\x6f\x95\xf1\x41\xd1\xe4\xc1\x39\x23\x9e\xc7\x69\x49\x33\x57\xbf\x81\xc2\xaf\x4c\x31\x45\x2a\x6e\x5b\x1a\x48\x41\xc8\xe8\x23\x66\x00\x23\x46\xec\xd0\x3e\x60\x9b\xb6\x24\x1f\xc5\x27\x42\x09\x1a\xa4\x74\x0e\xff\xa0\x93\x1a\xb7\x34\xa2\xd7\xe2\x56\x4a\x46\xb3\x33\x1a\x66\x84\xa9\xcf\x7e\x8e\xac\x33\xa7\x6b\xed\xb8\xbd\x43\x2c\x1a\x46\xe1\xc8\xcc\x51\xc3\x44\x40\x34\xe5\xed\xc8\x07\x94\x02\x85\x10\xc6\xf9\x4c\x94\x3f\x9a\x0a\x27\x4a\x2f\x95\xdc\xfb\x4b\xb4\xc2\xb2\xf9\xc4\x77\x5a\x90\xe4\x38\x0e\x33\x40\x71\x82\xc9\xad\xf7\xcd\xc4\xb6\x74\xf1\xf5\x0a\x20\x7e\x33\x59\xca\x94\x2e\x00\x80\x3c\x8c\x23\x44\x2d\xe4\xb6\x3e\x9e\xee\xfa\x48\x8e\x31\x38\x01\xc1\xe3\x3a\x28\xa6\x81\xbd\xf8\x1f\x6b\x97\x25\xa0\x54\xe2\xdf\x79\xe1\x2d\x48\x65\xc7\x4a\x91\x95\x0a\x46\xe1\x6f\x68\xfa\xb7\x8f\xe1\x71\x7d\xf5\x41\x3c\x84\x53\x3a\xa8\x85\x44\xc6\x97\xd6\x92\x44\xcc\xb9\xf7\x8f\xef\x28\x8a\xc2\xc5\xbd\x10\x9c\xe7\x28\x5f\xb3\xa4\xa6\x08\x00\xec\x7e\xc1\x6d\xca\x8c\xaf\x62\xaf\xd2\x2b\x5d\x04\x52\x5d\x8c\x8f\xc5\xeb\x0d\xc0\x1f\xa6\xd8\x06\x71\xfa\x0d\x4c\x67\xf4\x96\xfe\xd7\xde\x64\x1e\x9e\x1b\x5d\x94\x52\xd7\xf3\x06\x47\xe9\x6e\x8e\x85\x98\xe9\x62\x14\x89\x46\x78\xee\xed\xc7\x6d\x7d\x00\xf1\x30\x99\x07\x0e\xbe\x3a\xa9\x41\xca\x99\xe2\x6e\x01\x92\xc3\x49\x49\x66\xd8\x19\x02\xb4\x3c\x57\xc3\x68\x9e\x75\x03\xe5\x52\x88\x54\x45\xb0\x4e\xe7\x7f\x6d\xc1\x67\x79\xee\xde\x58\x57\xf8\x28\xe1\x19\x06\xa3\xa1\xef\xe9\x41\xf5\xa9\x3c\xdf\x05\xf5\xb9\x85\x8f\x67\xb3\x2c\x6b\x55\x5f\x76\xa8\x84\x7f\x1f\xc8\x6a\x5f\x26\x08\xed\xb2\x7e\xb5\x87\xd1\xa0\x92\x39\xcd\x34\x0e\xed\x08\xe4\x10\x35\x8e\x6b\x7f\x53\xe7\x50\xc0\x8c\x73\x6e\x70\x2d\x60\x22\xcc\x22\x3b\x17\xfb\x74\x41\x83\xb2\x6d\xe3\xe7\xf9\x74\x6f\x05\xff\x26\x8c\xc7\x83\x7a\x49\xe6\x2a\xfa\x51\xc1\xb5\xa5\xc9\xbd\xb7\xd6\xa3\x8d\x2f\xa5\xb7\x98\xf5\x42\xcc\x37\x3a\x94\x9d\xb8\x9e\x89\x4f\xba\x49\x08\x8f\x06\x0d\x7d\x3d\x10\x51\x7b\x3c\x8f\x93\x74\x2e\xdb\xf2\x6f\xf2\x36\xe5\x72\x7a\xeb\x6d\x2a\x14\x0e\xe4\x8f\x2f\xc5\x4f\x6c\x50\x15\x4f\x34\xcb\x6e\x66\xd3\xbe\x26\xae\xd3\x3b\x1b\x65\x60\x67\x03\x99\xe2\xf8\x12\x98\xf8\x98\xcf\x17\x22\x34\x43\xcc\x39\x81\xa2\xfa\x17\xa2\xd2\x70\xd1\x7f\x58\xca\x20\x9c\x42\x51\x17\x38\x31\x8a\xf4\x8d\x11\x39\x18\xc5\x39\x30\xba\xf8\xce\xc9\xb0\x42\x27\x46\x1a\x62\x20\x92\x92\x24\xd2\x6e\x0e\x45\x5b\xaa\x6c\x8a\xe3\x51\xc3\xaa\x41\x1f\xcb\xd2\xfc\x2f\x6b\x7d\xd8\x44\x6b\xa6\xf7\x43\x3f\x12\xfb\x91\xbe\xcd\x5b\x9c\xc1\xc0\xdb\xc7\xad\xc5\x77\x67\x88\x22\x0d\x99\xce\xec\x41\xc1\x62\x2f\x6c\xca\xa0\x94\xf2\x6c\x33\x4e\xaa\x10\xfb\x40\x21\x4a\xed\xba\x48\xd6\x0c\x6f\x79\x02\x9b\x6f\x8a\xf0\x1a\x7c\xb2\xdc\x05\x7f\x25\x7c\x10\x33\xa9\x07\x8f\x32\x9c\x6b\x76\x5b\xd3\x55\x6a\xb2\xc4\x49\x9c\x56\xec\x78\xbd\x4c\x98\x37\xbe\x14\x74\x0c\x53\xd1\xfc\x95\x4b\x60\x7c\x4c\x7c\x8a\x2a\x34\xb9\x73\xcc\xbf\xdd\x3f\x79\x77\xc0\x50\x06\xb9\xc2\xda\xee\x6e\x90\x8c\xcf\x31\x86\x50\xa4\x0f\x76\x62\x2f\xb1\x31\x09\x44\x6e\x26\x48\x0f\x6c\x0c\x09\x7c\x0b\xb4\x1d\x1a\xa3\xce\x63\x34\x8d\xad\xb4\x6f\xe0\xf7\xa1\x0f\xe7\xda\x6b\xba\x7d\x83\x6e\x6b\x02\x6f\xed\xe7\xd2\x11\x3d\xf4\x03\xee\x1a\x2c\xfb\x33\xb6\x04\x14\x69\x61\x98\xf4\x2f\xf5\xed\x6f\x88\x3f\x0b\x7b\xd0\xe0\xf0\xe4\xa0\x56\x5c\x5b\xbb\xd0\xb8\xb1\x3d\x49\x28\x15\xf1\x73\xd6\x09\xfc\x7e\x19\x64\x34\xbd\x7a\xf0\x7b\xd7\x55\xc4\xd5\x08\xd2\xef\x86\x26\x91\xfe\x83\x82\x9d\x50\x42\x3b\xd0\xf7\x68\x20\xf6\x96\x2b\x47\xe0\x21\x48\x7e\x86\x29\x32\xac\xc3\x4b\xa0\xbc\xda\x06\x0c\x3e\x00\x02\x7d\x12\xf5\x1b\xc2\x3b\xa2\xc4\x57\x79\x62\xe1\x4b\x4c\xee\x27\x0b\x07\xe2\x08\x6b\x4b\x28\xac\x55\xcb\x7f\xd6\xeb\x7b\x9d\x29\x0f\xaf\xd9\xcd\x8a\x33\x62\x14\x63\x69\x5e\x29\x1b\x09\x74\xaa\xbd\x83\x5f\x16\xe9\xcb\x71\xe0\xf6\x2d\x7a\x5a\xaf\x96\x7e\xa7\xda\xb1\x89\xee\x64\x3b\xeb\xe0\xf0\xf6\xa6\xc1\xb3\x8d\x50\xb6\xf6\xd9\x8b\x08\x2d\x9d\xd6\xa0\x02\x9b\xc4\x23\xbe\xef\x8d\x8e\xca\x9c\x26\x76\x91\x6a\x4b\xdd\x9a\x8b\x0d\x3a\xb3\x98\xad\xfc\xa1\x13\xf3\xa2\x0d\xf1\x61\x7d\xda\x1c\x81\xb1\xea\xbd\xac\x22\xa4\x05\x79\x06\x54\x6a\x59\xb4\xfb\xee\x8d\xb2\x7e\xe0\x15\x63\x29\x23\x07\x54\x09\xb5\x36\x93\x34\x75\x9f\xdf\x6c\x1a\x5b\x80\x44\x8c\x7a\xea\x60\xd4\x9f\xee\x95\xd8\x8f\x53\xa0\x12\x9e\x74\x73\x55\x60\xe2\x49\xe4\xd0\xfc\x12\xaa\x39\x12\xf4\x20\x4b\x4e\x69\xac\x3d\x8a\x24\xf3\xec\x3d\xc9\x19\xae\x22\x9d\x08\xad\xb4\xc6\x1b\xb6\xb5\xd2\xbb\xe5\x4d\x03\xe7\xfc\x9c\x73\x5e\x6f\x07\xc8\xae\xda\x7a\x2b\xa1\xdb\xfa\x20\xd1\x9e\x66\xaf\xe6\x9a\x3e\x9c\xfb\x8e\xd7\x17\x07\xf8\xd7\xa3\xe3\x63\x24\x42\xc8\x7b\x40\xe5\xd0\xee\x4e\x6d\x4b\x90\x81\x75\x95\x24\xff\xb1\x59\x41\x28\x8d\xcd\xd5\x80\xde\xc5\x96\xc2\x49\x4e\xd8\x9a\x1d\x41\xb0\xdf\x5a\x2a\x81\x3e\xf6\x8f\xe3\x75\xb2\x3d\x30\x3c\x6d\x86\x98\x7d\x9b\xd0\xd9\x48\x9d\x1c\x0e\x26\x1d\x2d\x7a\xe3\x09\x6b\xb9\xb5\xf9\x81\x95\xbc\xd5\x19\x00\xf0\x86\x3b\x9d\x9b\x55\x1e\x2b\x8c\x34\x48\x5a\x0b\x52\x2d\xbb\xe4\xde\x4c\x8b\x32\xcf\x49\xb0\xad\x8a\xd3\xcd\xca\xf3\xb7\x5c\xd3\x22\x35\x35\xbd\xd7\x9a\xdf\x69\xf2\x64\x7e\x63\x5d\x9c\x73\xe5\x6b\x29\xac\x25\x43\xe1\x0d\x85\x01\x9c\xb7\xff\xee\xe3\xa8\x7d\xdf\x0f\xfb\x38\x08\xfa\x38\xf0\xfb\x39\x09\x7b\xa2\x08\xf1\xa5\x66\x67\x4e\xa2\x4b\x33\x5b\xe5\xc7\x12\xbc\xde\xbc\xbb\xf7\x5c\x34\x9a\xbd\xd8\xe2\x26\xcd\x76\xba\x37\x2c\x9d\x90\x7b\x1a\x60\x45\x6b\xcd\xf1\xed\x19\xbb\x8b\x7f\xec\xd9\x01\x65\x36\x65\x44\x4f\x03\x64\xe7\x3d\xff\xab\xfb\xbe\xef\xbb\xbe\x1f\x07\xf1\x2a\x46\x2a\x9b\xae\x0e\x02\x49\xc7\x0a\xcd\x6b\xd2\x4c\x0a\x07\x9d\x0b\x57\x9d\x2a\xa0\xe8\x23\xe5\xaa\x4a\xbb\xf9\xaf\x4e\x32\xc5\x9b\x1d\x92\xc8\xbf\x48\x03\xef\xc1\x56\x7f\x15\x98\x06\x25\x00\x6a\xff\x50\x63\x35\xe3\xa6\x12\xa1\xc5\x79\x52\x82\x13\xeb\x12\x3d\xfc\xb6\x55\x81\x19\x7b\x7a\x24\xee\x03\x44\x1c\x28\x7e\x97\xe8\xa2\x97\xba\xd6\x93\x51\x46\x7a\x72\x96\x14\xd8\xeb\x15\x5d\x15\x3e\x98\x3b\xd9\x7a\x72\x7b\x43\x2e\xc0\x8c\xc0\x67\xbe\xa8\x3d\x4a\xc6\xad\x0c\xc9\xaf\xf9\x1b\x52\xa5\x24\xec\xa4\x38\xc7\xa4\x34\xfb\xc5\x56\x54\x9d\xa9\x73\x29\x47\xad\x10\xf1\x5c\xc2\x3b\xf6\x47\x08\xe9\x4f\xc8\x79\x1e\x57\x25\xdc\xb0\x2f\x49\x96\x23\xcb\x17\xa5\xeb\xba\xfa\x95\xed\x60\xf7\x04\xc3\x52\xa8\xf6\xe9\xd7\x73\xe2\xf0\x0e\x34\xbc\x2b\xf9\x1f\x49\xab\x69\xe6\xa1\xde\xf2\x36\xa5\x9f\xf5\xfc\xb6\x68\x90\x9b\x64\x98\xb7\xf4\x77\x4f\xf1\xef\xee\x52\xe1\x76\x72\x5c\xe8\x2e\x38\x69\xb3\xb8\xd1\xd2\x2e\x53\xa7\x52\xc5\x43\x89\xe0\xfa\xeb\xcb\x4f\x25\x33\x62\xd0\xb2\x2a\xf7\x46\x1d\x6f\xdc\x64\xb4\x7b\x62\x68\x77\x6c\x68\x42\x20\x1e\xff\xef\x4e\x32\x41\xb0\xf6\xf0\x4d\xba\xce\xc8\x2c\x8c\x09\x36\x8c\xbe\xf5\x38\xbc\x86\xf3\xab\xcf\xb7\x85\x0e\x24\xba\x4f\xa4\x31\xcc\x4b\xf2\x27\x99\x66\x5a\x9e\x6d\xd5\xd4\x7a\x53\x99\x9f\x81\x80\xcf\xf7\xaa\x04\xa0\x2e\xe4\xf0\x6f\x65\xd6\x87\x3e\x15\x85\x3e\xd5\x07\xde\x55\xc7\xc5\x83\xaf\xcf\x0e\x42\x7f\x56\xb4\x96\x7f\x40\x64\x9c\x68\x9a\xa1\x93\xbe\xb2\x02\x7d\x5a\x25\x6c\x32\x5a\x6a\x3c\xef\x0c\x83\x1e\x93\x0a\x0b\x37\x38\x1e\xba\x40\xb5\xd0\x4e\x99\x41\xed\xe7\x2a\x70\xa6\x68\xed\x15\x99\x1e\x07\x2a\xbf\xb9\x81\x45\x05\x6f\x6d\x2d\x6e\xe5\xae\xd7\x4b\x8f\xf6\x66\xaf\xde\x46\xb7\xe6\x0a\xb7\xd6\x46\xa8\xce\xab\x1e\xb2\xff\x69\x28\x1d\x32\xbe\xd6\x3b\xdb\x93\x58\x2d\xfc\xde\x9e\xff\xb5\x23\xef\xcb\xfe\xc9\xd4\xa6\x41\xa9\xbd\xc6\xbb\x51\xca\xab\xbd\xea\x43\x1b\xb4\x51\x2a\xe6\x70\x87\x8b\x0b\xa5\xb4\x3c\x95\xce\xdc\xc1\xe9\x65\x04\xab\x4f\x32\xd9\x58\x8a\xa2\x88\xb5\xa5\xca\x86\x45\x8c\xfa\xfa\xf0\x4e\xfb\x48\x58\xfd\x2b\xa4\xbf\xfb\x4f\xfd\x47\x3a\x10\x43\x3a\xc4\x4b\x32\xcc\xeb\x4c\x16\xfd\x9c\x04\x13\x66\xfd\xed\x2a\xa8\x6c\xef\x08\x89\x87\xf8\xdf\x2e\xf9\xfb\x3b\x27\xc5\x99\x52\x0c\xe4\xc4\xeb\x97\x87\xc9\xdc\xf0\x9a\x58\x0f\x56\x1f\x6b\x29\xe3\xda\x68\x20\xfe\x88\x50\x0d\xd7\xef\x46\x15\x99\x2a\x90\xc7\xbc\x00\x33\x9a\x95\x66\x39\x82\xb4\x08\x1e\x28\x70\x88\x47\xd7\xc7\xb7\x6b\x65\x27\x24\x90\x6c\x0f\x0b\xd1\x92\xaa\xa1\x5e\x63\x50\xa6\x14\xc5\xb8\x0c\x30\xcd\xb1\xdd\x46\xd3\x81\x77\xd9\xf1\xbe\xfc\xe3\x35\x34\xee\x7c\x6b\x99\x54\x9b\xc7\xac\x59\x44\xb7\x3c\xfe\x73\xeb\xae\xf7\x26\x68\xbc\x45\x83\x52\xa5\x28\x5b\x25\x0a\xf7\x17\xd3\xfa\x35\x41\x3b\x46\x3a\x7b\xcc\xa0\x21\x21\x0b\xc7\xdf\x29\xb0\xcd\xb6\xcf\x07\xa9\xfd\x69\xe5\xaa\xfc\x64\x34\xe1\x7b\xd0\x15\x5b\xde\x85\x4f\xf5\x68\xab\xf6\x6a\xab\x06\xcc\xc9\xfd\xda\x9e\xff\xb7\x1a\xd6\xa3\xb5\xa6\x8b\x30\x66\x88\x30\x9f\x4b\xe3\x73\x0b\xd6\x0b\xff\x80\x6d\xc5\xb4\xd1\xdf\x15\xd4\x34\x52\x67\x4c\x95\xf1\xf3\xa9\xe2\xa1\x42\x88\xfc\xca\x20\x38\xa5\xd7\xd4\x43\x0f\xae\x3e\x20\x67\x89\x2a\x77\x56\x68\x23\x9d\x86\x8b\x99\x11\x42\x12\xf9\xae\x0f\x44\x22\xc3\x8c\xe8\xd5\xe5\xb7\x53\x4b\x11\xdf\x09\x80\xd3\x07\x18\xaa\xcb\x46\x34\x57\x40\x34\xd7\x43\xf5\x36\x42\x90\x5c\xf4\x52\xd3\x75\xd6\x59\x71\xba\x4d\xf9\x54\xf2\x53\x8e\xa0\x3c\xb1\xc3\xed\x08\x8a\x21\xfa\x79\x45\x88\x0b\x32\x6f\x47\xac\x2f\x1a\x93\x5f\xf9\x72\x8c\x80\x62\xee\x0a\xc3\x28\x66\xac\x0d\xd0\x8e\xaa\x4f\xe2\x11\x71\x33\x56\xf0\xad\xa6\x91\xda\x4b\xff\xeb\xc0\xb9\xf9\x2d\x39\xab\x93\x7d\xbe\x5f\x9d\xf2\x37\x1f\x69\x82\xe6\x5b\x81\xa6\xf1\x81\xa5\x8b\x1f\x95\xfd\x55\x09\xdc\x9d\x6e\xa7\xab\x10\xd9\xd9\x15\x96\x82\xa5\x01\x96\xee\x0b\x9a\xef\x11\x8a\xec\x11\xaa\x77\xf1\xcf\x36\xd4\x94\x8b\x78\x16\xce\x45\x1b\xce\x45\x07\x5a\xca\xb3\xa5\xc1\x9f\x48\x86\x79\x45\xa0\xf1\xec\x08\xbd\x3c\xbd\x45\x77\x03\x5f\x19\x68\x48\x08\xbf\x56\xf8\xbd\x34\x03\xbd\xd9\x60\xd6\x08\x12\xd2\xa0\xa8\xb2\xab\x72\x7d\x86\xf9\x48\x33\x34\xad\x6e\xac\xc7\x23\xd5\x96\x06\x2a\x43\x53\xb2\x04\x6b\xd0\x55\xbf\x80\x7b\x82\x35\x41\x76\xe8\xc2\x8d\x34\x5f\xe0\x24\xf0\xd7\x85\x4c\x06\xb6\x51\xd6\xff\x3b\x91\x88\x02\xc0\x76\x1e\xf6\x64\xd1\xcd\xef\x43\x0f\xa1\x83\xc3\x85\x19\x3e\x51\xef\xa4\xc8\x1c\x8f\x3e\xc2\xa4\x6f\x9c\xdd\xd1\x19\xe4\x32\xb0\x44\x28\x6e\xdf\x29\xfd\x11\xbb\x1e\xbc\xa9\x39\xb8\x7e\xfa\xf6\x66\x17\x72\x04\x86\x43\xb1\xfe\xaf\xf1\xd4\x9c\xbd\x94\x8f\x29\x92\x8a\x77\x98\x8c\x0d\x37\x44\x73\xe5\x28\xc6\x9b\x48\xf6\x60\xc0\x8a\x63\x0a\x1d\x0d\x3e\x88\xd0\x20\xd1\xd1\xdd\x07\x77\x3e\x0c\x25\x94\x85\xbd\xeb\x35\x57\x7f\xb0\xfc\x61\x64\x73\x7a\x9c\x6e\x96\x77\x92\x49\xd0\x35\x40\xf7\xd5\x13\x4a\x6b\x0f\x48\xbd\xc1\xc1\x79\x08\xf8\x4c\x3d\x8a\x5d\x7f\x84\xd1\x22\x5d\x9c\x6f\xc1\x24\x7f\xc7\xbb\x54\x1f\x7a\x76\x3b\x42\x76\x3b\xc2\x9c\xb1\x32\x5c\x49\xa8\xd9\x83\x35\x77\x6d\x24\xf9\xd7\x78\xf5\x37\xbc\x75\x4d\x8e\x7d\x21\x4d\xc5\x39\x5d\xe0\xd4\xae\x15\x38\x17\x3a\xd0\x48\xb3\x31\xfd\xf6\x9d\x4e\xc6\x24\x56\xdc\x3e\x58\xc4\xd9\x96\x6d\x08\x01\x1d\x90\x67\x43\xd6\x73\x42\x70\x68\x30\x22\x87\x9b\x0e\x27\xf1\x59\x94\x86\x3c\x69\x10\x17\x77\xee\xb7\x1a\x33\xf9\x45\xc9\x0e\xfb\x33\xc0\x48\x26\x08\x9a\xa5\xfd\x68\xe8\xdc\x5f\x3e\x40\xfa\xb4\x04\xa8\xec\x70\x2e\xd9\x0d\xbd\x5c\xcc\x22\x4c\xe9\xa3\xdb\xaa\x59\x4c\x70\x3d\xa1\x38\xdb\x1f\x61\x21\xe8\x21\xf5\x25\xf0\xdf\x8c\xd6\x5e\x1a\x06\x16\x92\x87\xf9\x1e\x96\x26\xa3\x43\x23\x71\x94\xe3\xc3\x1c\x10\x86\x1f\x60\xc7\x54\x22\x3b\x25\xba\xcc\x33\x20\xf9\x7b\x12\xe4\x63\x82\xf6\x73\x14\xd4\x53\xfc\xb3\xbb\xe4\x97\x2c\xf3\xe2\x74\x8b\xd2\x4a\x11\xcf\x92\x26\x43\x0d\xb8\xc1\xc1\xbb\x59\x86\x08\x79\x65\x26\xb5\x64\xdd\x0c\xb7\x8f\xca\x22\x40\x07\x44\x6e\x57\x89\x6e\xea\xe0\x05\x2f\x29\xd2\x67\xa7\x02\xe4\xaa\x98\xf0\xb7\xba\x5c\xf2\xba\xf9\x81\xba\x1d\x61\x30\x07\xb6\x07\x54\xbc\xd8\x31\x51\x3b\xa3\x8f\xe4\xce\x28\x2b\x19\x54\x9a\xd8\x89\xe3\xda\x4f\xbd\xd9\xc2\x1b\x10\xf2\x89\x72\xf3\x97\xee\x28\x85\x63\x03\x0d\x47\x96\xc0\x42\x20\x3f\xad\xdc\xca\xf4\xa2\xc0\x6c\x98\xcc\x67\x9b\xf4\x3f\x74\xa2\xa9\x1f\x6f\xdd\xa0\x64\x49\xc6\x99\xcc\x2a\xa9\x65\x63\xb9\x9b\x97\xc4\x38\x31\x6c\x49\x82\x7e\x0e\x1c\xdc\x29\xd6\xe4\xcd\xc2\xef\x9d\x05\x50\x19\x9e\x32\xc2\xa8\x01\xa2\x5b\x74\x01\x56\xf8\x5f\x9b\x1b\x0a\x4a\xc5\xa9\xa6\x4e\x91\xcc\x9c\x9f\x19\x30\x49\xa0\xbe\xf0\xd4\xae\x59\x01\x9d\x37\x2c\xa2\x30\xf6\xa8\xc9\x33\x50\x3d\x27\x1f\xee\x0f\x4c\x8f\xca\x73\xce\x2b\x5c\x48\xd8\x12\x2a\x49\xad\x06\xe8\xde\x93\x68\xd4\xf9\x6f\x03\xa5\x1d\x10\x2b\x44\x77\x83\x54\x47\x61\xf2\x87\x1d\x3f\xeb\x2c\x9a\x4a\x67\xa7\x9d\xfb\xf2\x35\x4d\x16\x06\x5e\xea\xf1\x76\x7e\xa8\xdd\xf5\x10\xe3\x2d\x76\x67\x7b\x4c\x41\x39\xfa\xf6\xaf\xea\x2f\xc5\x89\x59\xb6\x0a\xdc\xc7\x12\xfc\xef\xed\x57\x27\x75\xd1\xa5\xd9\xb5\xb7\x46\xf1\x71\x6a\x9e\x28\x53\xc3\x54\x5e\xac\xd1\x12\x1b\xc8\x9e\xfa\x51\xb2\x28\xdf\xde\x73\x1a\xee\x11\xe9\x3b\x95\xe3\x31\x16\xe3\x5d\x86\x9c\xb1\x99\x3e\x1f\xee\xf3\x71\x3c\x9b\xf5\x45\x41\x6e\x6f\xcd\x11\x5b\x08\xf5\x55\x3c\xc1\xf5\xd4\xeb\x0a\xf6\x3b\xa7\x4e\xcd\xdd\x21\xf1\xd9\xaa\x9c\xff\x4c\x72\xba\x0f\x0b\xe2\x32\x2f\x87\x2b\xe4\xd1\x4e\xd0\x49\x92\x47\xdb\x03\x11\x00\x19\x2b\x7b\x38\x0f\x1f\xbe\xa2\x41\xc7\xd1\xfd\x13\x91\xa2\x45\x56\xf4\xb7\xd2\xea\x6e\x23\xe6\x12\x68\xfe\xb0\x01\x40\x8b\x59\x61\x35\x63\xcb\x50\xfa\x79\x98\xc1\x9f\x55\xb9\x80\x10\x2d\xd8\xf7\x72\x67\x71\x26\x6f\x50\x65\x15\x78\x82\x95\x9e\x47\x9b\x32\x16\xfa\xda\x4c\x8e\x33\x43\x1d\x09\x9b\xb9\x48\x8a\xb0\x1c\x56\x60\xcf\x49\xd0\xbb\xb7\x52\xdc\x3a\xc4\x64\x0f\x80\xc4\xae\x7f\xda\xd1\x22\xcb\x8c\xa4\x8f\x02\x2f\xc4\xb1\x86\x40\xdb\xf5\xb2\xe3\xad\x7d\x83\x82\xef\xcd\x98\x70\x06\x81\xec\x0c\x17\x73\xc4\x28\xdd\x7c\x31\xd6\x52\x59\xaa\x47\x29\xb7\xbe\x28\x77\x59\xa8\x04\xdd\xd2\x1f\x5d\x1a\xed\x44\x1a\xed\x98\xee\x68\x1b\x5c\x8a\xe2\xe0\x8b\xd1\x6e\x68\x6a\xda\x9d\x2f\x38\x03\x29\xf8\x1a\x47\x5a\xda\x39\xde\xe8\xbe\x26\x45\x68\x0e\xe6\x5a\x83\x10\x99\x4a\x4b\xf8\xb2\x93\x7f\x62\xe9\x8e\x50\x8c\xc8\x6f\x98\x39\x84\x3d\x39\xcb\xa3\xb1\x2e\x64\x55\x62\x14\x03\x41\xb9\x7b\x42\xd4\x8e\x3e\x5b\x2b\x2b\xe2\x4f\xd5\xda\x37\xb3\x19\x54\xe4\x3f\x59\xe9\x0f\x73\x13\xd5\x42\xfe\xed\x86\x1f\xb8\xcc\x6d\xa6\xf2\x87\x59\x50\x63\x74\xeb\xea\xea\x0e\x11\x21\x99\xd2\x2d\x09\x7a\xc1\x52\xc3\x9a\x97\x78\x30\xdf\x02\x2b\x4f\x2c\x7f\x74\x9d\x84\x30\x5f\x79\x96\x40\xed\x1f\x22\x3f\xb9\x66\xff\x15\x12\xfc\x1b\xb0\x60\xe4\x87\x42\x7a\x91\xde\x6c\x19\x43\x90\x6c\x49\x56\xe7\x0b\x9c\xaf\x8c\x3f\x65\x71\x8a\x5d\x6b\x22\x34\x93\xdc\x47\xea\x25\xba\xc8\xdb\x15\xde\x99\x8f\xfa\xf4\xd0\x38\x4b\x96\x50\x33\x0f\x51\xfa\x3b\x54\x34\xda\x33\x78\xef\xb8\xf6\x18\xf3\x01\x0f\x70\xf2\x54\xfa\xb0\xfd\xa9\xc1\x32\x6f\x0d\x44\x76\x22\x84\xeb\x3d\x9a\x59\xdf\xea\x8b\x03\x95\x1f\xf6\x60\x9d\x5d\x3f\x0f\xbf\x7d\x7c\x84\x87\x29\xee\x28\x99\x63\xe6\x86\x7d\x3b\x27\x05\xc5\xdb\xd7\x5c\x59\x2e\x81\x67\xeb\x43\xb1\x7d\xf0\x21\x11\xc1\x68\xc0\x2e\x31\xa5\x4e\x96\x7b\x18\xcd\x49\x65\x83\x4a\x65\x53\x7d\xe9\xac\x9c\xe9\x12\xbc\x1d\x37\xf9\xfc\x87\x00\xda\xf7\x53\x7d\xcb\xbf\xd8\x5d\x0b\x4a\x8d\x1b\x00\x70\x96\xc7\x55\x5e\x35\x09\xd3\x22\x58\xcb\xd7\x92\x59\x49\x06\x80\xa4\x1c\xce\x72\x84\xc8\x96\x64\x4e\x85\x7a\xf4\x63\x83\x02\x2a\x16\x40\x01\x18\xaa\xe0\xdf\x84\x18\x33\x00\x8c\x7e\x2f\xb9\xbd\x94\x2e\x69\xbd\xbf\x9e\x02\x53\x08\x28\x12\x6e\xa0\xf4\x09\xac\xeb\x27\xdd\x25\x15\x9d\x8e\xcd\xe2\x50\xc1\xb3\x80\x5a\x9f\xdf\xce\x26\xb1\xa1\x56\x68\xf6\xe3\xdb\x2f\x49\x83\x42\x0b\xa2\xa3\xd4\x44\xd5\x5f\x69\xec\x37\x8d\x7c\x82\xf6\x00\xbc\x83\x9d\x41\xa5\x26\xe3\xe3\x9a\x9a\xec\x43\x64\xe7\x8a\x40\x54\x7e\x86\xcf\xb7\x18\x83\x03\x7b\xe4\x99\x81\x46\xb7\xf4\x62\xe3\x8e\x4d\xb8\xa4\xf3\x14\x94\xa7\x78\xc1\x14\xd4\x58\x75\x15\x4a\xc8\x2f\x85\x3c\x11\x40\x56\x4f\xe5\xd7\x95\xa9\x24\x87\x36\x5d\x03\xc3\xea\xc0\x90\x0c\x04\xdc\x03\x66\xce\x0f\xac\x7e\xe6\x17\xfb\x89\x7c\xfd\x6a\x0f\xbd\xb9\x0c\x59\xee\xb0\x22\xf0\x7a\xa9\xb6\x26\x4b\x9c\xc8\x76\x81\xb1\x25\x08\xe9\xec\x75\xed\x6e\x34\xb5\x23\x8c\xf4\xc4\xf2\x50\x9d\x91\x04\x95\xd2\x2c\xe9\x2a\xe1\xd3\x1e\x18\xb5\x63\x74\xa6\x7e\x0f\xac\x3c\x3a\xd5\xf8\x22\x7d\x76\x99\x0c\x25\x04\x44\x17\xc3\x64\xc4\x73\x1d\x99\xeb\x1b\x26\xf6\xb7\x1b\xa2\xfb\x9b\x85\x02\x83\xf1\x34\xff\xd5\xdd\x3f\xd7\x28\x8e\x10\xcf\x6e\xe9\x12\x1e\xed\xd5\x46\x37\xae\x23\x65\xf1\x6e\x12\xb3\xc8\x33\xda\xdd\x2f\x96\x99\xed\x43\x18\x6e\x2d\x43\xfb\xaf\xaa\xac\x45\xfc\x77\xee\xe2\xd9\x82\xcd\x40\x20\xef\xe9\xa9\xc1\xc8\xd1\x9d\xdb\x1e\xcd\x67\x97\x00\x62\xcb\x54\xe2\x7d\x51\x18\x91\xa0\xf3\x81\x91\xc1\x1f\x45\x31\xa5\xef\x7b\xbd\x83\xd0\x98\xed\xf9\x5f\x0f\xd1\x5d\x0e\xde\x54\xe5\x39\xd7\xb7\x23\xf2\x57\x7b\xb5\xc5\x0c\x89\x07\x9e\x55\x1c\x32\xcf\x33\x5c\x09\xfa\xc0\xd2\x1d\xa2\x1f\x6d\x5b\x95\x67\xb0\x5b\xa2\x3c\x43\x98\xf8\xfd\xea\x29\x26\x68\x28\xd5\x07\xe2\xc0\xb6\xd5\x47\xb2\x51\x76\xd8\x60\x5d\x6d\x01\x5f\x94\x67\x2b\xff\x81\x88\xec\x78\x5d\x49\xa1\x54\x7e\x60\x77\x16\x7e\xb7\x7e\xf6\xda\xb3\xbf\x0d\x47\xb8\xb5\x50\x7c\x6a\xa9\x73\xca\x61\x1e\x34\xb6\xc9\x0f\xcc\x2a\xcc\x9f\x23\x65\x4c\x71\x08\x03\xc6\xfa\xb2\xae\xcb\x1f\x7a\xa8\x3f\x98\x5a\x60\xaa\xce\xc5\x47\xcb\x7e\xcd\x16\x60\xe0\x81\x1c\xc5\xd6\x92\x6d\x46\x49\xe8\x90\xa2\xe8\xf0\xb8\x65\xfd\x8c\x24\x01\x91\x27\x91\x95\x63\xc7\x2c\x48\xda\xdc\xd9\x91\x0c\xbc\xea\x57\x81\xa1\x88\xf7\xb7\x4f\xe3\x44\xa2\xe8\x70\xb2\xf3\xb8\x40\x15\xe8\x4d\x88\xcb\x90\x9f\x62\x5d\xc8\x96\x25\x0e\x0c\x97\x22\x7b\x2f\xa1\x27\x14\xcc\xb0\x79\xd9\x98\xd5\xfd\x78\x76\xba\x7f\xbe\x15\xea\x0f\xb1\x20\xc5\xe1\xf0\xa5\xae\x8d\x14\x57\x9b\x82\x2b\xa3\x3c\xac\x4f\x0e\x07\xcc\x17\x3f\x80\x30\x2b\xd9\x78\x6a\x3b\xf1\x97\x14\x02\xff\xeb\x58\xe6\x8d\x25\xb4\xf9\xe2\x98\xbb\x63\x7e\x73\xa7\xee\x94\x2e\x01\xeb\xf9\x7d\x89\xf3\x50\x45\xe7\xe6\xfe\x72\x57\x25\x0b\x1e\xf7\xb1\x46\x7e\x26\xe8\x8d\x83\x40\xa0\x32\xeb\xdc\x3b\x51\x8b\x8f\x23\x0d\x95\x3a\x5a\x1c\x84\x6c\xb6\xc1\xbe\x26\x16\x9e\xe9\xa2\x1b\x6f\x83\x42\x16\xe2\xe8\x9b\x1f\xeb\xfa\x4d\xe4\xa1\x3a\x48\x16\xf6\xf8\xa2\x34\xa3\x7e\x67\xa9\x68\x6b\x7f\xa1\x3c\xac\x87\x9e\xc7\x3e\x32\xa6\x19\x22\xff\x48\xb2\xba\x0f\xf1\xcf\xf5\x9e\x5c\xb0\x33\x03\x93\xc6\xfc\xc0\x4c\x0c\x23\x67\x05\xdd\xdb\x40\x68\xfd\x96\xa0\x21\x9e\xdf\x77\x06\xea\xbb\xfa\x0e\xbd\x5e\x4a\xb4\xe1\x9d\x38\x81\x31\xb5\x0c\x15\x2a\x49\x36\xe6\x77\xa3\xfe\x82\x97\x01\x95\x3d\x31\x25\x62\x4d\xe7\xbf\x1b\xae\xf0\x88\xda\x57\x82\x26\xe1\x9d\x77\x89\xc6\xeb\x5e\x8d\x32\xc9\x20\x30\x58\xeb\xcb\xfa\xbe\xef\xe7\x61\x8e\x5d\xa6\xf1\x22\x09\x93\xa3\xa9\xbe\x19\xbf\x4b\xa7\x78\xe8\x0d\x13\x5a\xde\xd9\x19\xf9\x79\x08\xeb\x01\x5d\x41\x5b\x46\x16\x6d\xc4\xd7\xd7\x12\xfa\x80\xd3\xa3\x70\xa0\xe3\xa7\xb6\x2a\x4f\x13\xa1\x0d\xbe\xe1\xa2\x85\x43\x70\x88\x51\x6f\x8d\xe9\xbf\xf3\x25\xab\xcc\x6f\xfe\x72\x5a\x17\x4c\xf8\x32\xd8\xc6\xd5\x22\x79\x18\x1e\xe4\x31\x52\x8c\xf3\x27\xec\xc0\xef\x65\x6f\xfc\x11\xf2\xa3\x36\xef\x81\x83\x8b\x2d\xe6\xf9\xf7\xdb\xd0\x91\x61\xbb\x71\xf0\x64\xc7\xef\xa3\x4c\xfb\xbd\xf3\xc2\xfc\x2a\x66\x71\x1f\x21\xeb\x2e\x09\x44\xbd\x80\x2d\x14\x00\x1d\xfc\xe5\x68\x75\x79\x78\xc8\xc1\x2f\x9b\xdd\x3e\x68\x72\x98\x98\x14\x3c\xef\x45\xf0\xad\x23\xfc\xa8\xfc\x54\xfb\xe9\xca\x94\xdf\x0a\x05\xcb\xba\x7c\x77\x33\x43\x62\x33\xf9\xd9\x64\x32\x8f\x49\x09\xe1\xe9\x2b\xdc\x9a\x3d\x1e\xb8\x4b\x4c\xb0\xc2\x01\xec\x86\xd4\x53\x1a\x39\x81\x76\xc6\x4c\x51\x49\xaa\x04\xa0\x1b\x24\xf5\x1a\x3f\xe4\x94\x27\xbc\x2c\x51\xf1\x8e\x32\x27\x46\x51\x8c\x48\xe9\x63\xe8\xd6\xc0\x6c\x25\x1a\xdf\x51\x2a\x47\x54\xe2\x27\x65\x86\x58\x5b\x12\x2b\x1b\x83\xab\x45\x11\xe8\x18\x98\x29\x9d\x5f\x41\x55\xa6\xcc\x3c\x00\x2c\xff\x7a\xc5\x97\xa5\x9a\x69\x2e\x31\x29\xf8\xf7\x73\x56\x53\xb3\x1a\xcf\x12\x99\x03\x36\xf9\x6a\x71\x8a\x75\x2d\xaf\x5d\x6e\x5a\x39\x0f\xff\x22\x53\x24\x6f\xa2\x56\x57\x9a\x8a\x32\xe7\xf7\x2e\xc2\x6f\xb6\x87\xb2\x8a\xe0\x52\x12\x99\x2e\x69\xda\x8f\x8c\x97\xdf\x6b\xf9\x36\x77\xb4\x95\xa6\x7b\x4d\x8e\x85\x25\xfb\xb2\x0d\x09\x54\xa6\x80\x66\x3f\x64\x0b\xed\xe6\xa8\x8f\x79\x32\xc1\x89\x2e\xb6\x36\xc5\xd0\xda\x8f\xdf\x74\xee\xaa\xb5\xc2\xa4\xcb\x6b\xd2\x6e\xcb\xff\xe6\x28\x93\x5d\xb9\xb5\x7d\x4f\x8c\xaa\xa7\xe4\x77\xb8\xf1\x65\xff\x0a\xe9\xe2\x5f\x1c\xbb\x20\xf3\x8d\x86\x78\x7f\x71\xda\xae\x08\x7c\x31\xb6\x5d\x74\x7f\xc8\x6f\x70\xc4\xbb\x38\xe6\x05\x87\xb2\xc3\x95\xba\x44\x17\x97\xa4\x99\x3c\xad\x3a\xac\xc7\x68\x7f\xae\x3e\xb2\x95\xf5\xfb\xab\xcd\xe4\xee\xca\x1d\x14\xf6\x84\xad\xa6\x8c\x12\xa8\x74\x7f\x12\xcf\xef\x73\xf9\x5f\xdb\x2b\x9b\xde\xb3\x27\x3c\xc9\x0b\x35\xca\x32\xfe\xf3\xad\x96\x2f\x42\x32\x05\x84\x9a\xa8\xca\xdf\x73\xf9\x81\xc2\x07\x45\x9a\x60\x1e\x4d\x02\x81\xa0\xfc\x33\xa2\x1e\x16\x6e\x88\x36\xdc\x19\x9a\xd1\xc6\x4a\x2b\x35\xad\xd5\xef\x33\x6b\x7a\xdc\x1d\x58\x57\x7e\x8e\x50\x25\x9a\xcd\x2d\xe4\xe4\x98\x97\x08\xbb\xe9\x7a\x22\x8a\xd9\x69\xa6\x45\x82\x19\xa6\xaf\xb8\x5e\x44\xba\xa6\x21\xa0\xdc\x34\xc9\xee\x89\xd2\xc7\x8b\x9e\x1d\x40\xa1\xf6\x73\x26\xfd\x27\xdd\x47\x3c\x3d\xcd\x3c\x5f\x76\x19\xfd\xc4\xc0\x21\xa0\x1f\xcf\xe2\x5b\xa8\x9e\xab\xaf\x1a\x3f\x44\xa6\x2f\x48\x8c\x2b\x86\x12\x69\x62\x47\x6a\x97\x01\x80\xa0\xe3\x64\x0f\xce\x91\x84\xca\x74\x42\x4b\xad\x14\x8b\xef\xa4\x0a\x6a\xd8\x33\x3c\x22\x17\x13\x24\xac\xb7\x56\xd5\x1f\x47\xe4\x0d\x2e\xf5\x6a\x8e\x24\x1c\xaf\x17\x62\xbc\x98\xa8\x8b\x51\x6f\x8a\xa0\x29\x1b\x56\xf9\xf1\x25\x18\x15\xb4\x9a\x20\xba\xe3\xbf\x7b\x41\x3e\x97\x76\x75\x23\xfd\xef\x17\x7b\x4a\xcc\x9c\x03\xfd\x8e\x2f\x01\x40\xb0\x56\x93\xe4\x7c\xd9\xa3\x86\xda\x0c\x2a\x8d\xb0\xc5\xa1\xd1\x7e\xbf\xa8\x96\x06\xb7\xee\xc2\x97\xf2\xe3\xeb\x8b\x2e\x8c\x51\xc5\x37\xbe\x2e\x4c\xb4\x5e\x12\xf9\xc3\x98\x14\x41\x12\xd9\x9c\xea\x28\xa3\xa4\xa2\x39\x10\x47\xda\xca\xd3\x7b\x22\xe9\x86\x41\xe5\x8e\xe8\xf5\x2a\xbe\x33\x9c\x1b\x58\x0e\x0d\xb1\x0d\x47\x26\xcd\x72\x29\x83\x5b\x9a\x2b\xa0\x79\xf5\x6e\x06\x4d\xd7\xd4\x66\xca\x8c\x67\x18\x63\xb9\x2f\x0b\x74\xf2\x6f\x13\x4b\x6e\x44\xca\xcd\xe7\xea\xe4\x8b\xd1\x51\xe7\xf3\xc7\x8c\x46\x6a\x8e\xa7\x08\x40\x38\x4b\xa9\xef\xb3\x16\x6d\xa6\x37\x6d\x53\xeb\x44\x72\x95\xf5\x15\xff\x7d\x3b\xf9\x86\xa1\x4c\xd3\xd2\x54\x79\xab\x49\x31\x5f\x2f\x89\x65\xec\x96\x65\x73\x10\x9e\x61\xc7\x81\xb9\x2f\x48\xfa\x71\xfd\x36\x42\x25\xee\xae\x82\x65\x21\x8f\xf6\x2c\xd8\xcc\x10\xb3\xe2\xe4\x8b\xa9\xc4\x3f\xe0\x37\x6d\x15\x3d\xe9\x92\xcc\x2f\x78\x49\xd1\x82\xbe\xb9\x7d\xb6\x22\xf4\x29\x62\xbf\xb6\xf1\xc5\x79\x8a\x7f\xba\xce\x18\x31\x07\xd7\xcd\x48\x79\xd9\x8c\xce\x76\x5d\x1b\x72\xe8\xd0\x25\xb8\x45\xd2\x9b\x84\x9b\x70\xab\xd8\xf5\x8f\xeb\x2a\x8d\xad\x39\x96\x2d\xac\x33\xb8\xbd\x01\x33\xbc\x10\x26\x0e\x7a\x40\x71\x88\x3c\xbd\xee\xd3\x3d\xd5\x02\xbe\x6b\x0a\xbb\x87\xcc\xcb\xc4\xee\xba\x29\xb2\x26\xae\xdc\x01\xa2\xc5\xad\xc4\x21\x98\x8a\xf4\x4d\xee\x6e\xa0\x95\xa9\x35\x57\x00\xe5\x8e\x96\xe7\x46\xfa\x9a\x9c\x62\x58\x89\xad\x48\xa6\x8e\x05\x8c\xdc\x8d\x16\x83\x91\xa4\x5b\x02\x9c\x63\xcb\x5e\x1d\x54\x9a\xdd\xb8\x27\xdd\xaf\x35\xc2\x72\x37\x46\x8a\x83\xd8\x68\x0f\xe0\x79\xc8\x20\x6d\x74\x57\x76\x4f\xd3\x7d\x7b\x72\xd5\x81\x7b\x39\xca\x42\x43\x25\x16\xdb\xe0\x21\x2c\xd9\x4a\x3d\xc3\xf8\x51\x4e\x85\x5d\x75\xd0\xb3\x18\x81\x61\x8e\xee\x6b\x1f\x30\x5d\xfe\x3c\xd2\x28\x49\x1f\x19\xde\xe8\xcf\xea\xb3\x33\x80\xce\x3e\xf6\xfc\xb1\x4f\x26\x77\xb8\x35\x5e\xe1\x92\x2d\xfd\xde\x35\x8e\xe7\x4e\x1a\xf0\x3a\x3b\xef\xbf\x5f\xab\x9c\x0b\x57\x7d\xd4\xb4\x11\x97\xd1\x6c\x86\x50\x0d\x1f\x6b\x70\x86\xfb\xfd\xcb\x85\xa8\xc9\xd7\x5d\xfe\xb5\xf1\x27\x37\xa6\x1f\xf1\x00\x6e\x57\x9c\x6e\x01\x2e\x01\x27\x62\xed\x11\x99\xfe\xa9\x8a\xb4\x8a\xbc\x88\xa8\xa9\x4d\xaf\x33\xa6\xa3\xc5\x03\x74\xb4\xad\x4f\x2a\x5f\x35\x9d\x53\x69\xc7\xaa\x2b\x24\x93\xec\xa2\x3b\xc3\xd6\x8f\xb6\x6d\x91\xc4\x33\x70\x18\xac\x4e\x61\x39\x04\x6c\x10\xda\x02\xa4\xd9\x72\x07\xd7\xde\xdd\xd5\xad\x10\xc4\x2b\x97\xec\x7c\x2d\xce\x66\xb5\xf4\x9c\xf0\xb1\xd9\xf8\x36\x15\xca\x6a\xdb\xc2\x73\x57\x07\x40\x89\x68\x42\x5c\x33\x98\xed\x7e\x8e\x8b\xe8\x62\x8f\x5c\x1d\xad\xbb\x29\x9d\xcc\x95\x26\x18\xf4\x60\xa2\xb7\xe7\x59\xe6\x29\x03\xf9\x53\xa4\x20\x32\x8b\x9d\x2d\x56\x4d\x1f\xde\x28\xe7\xab\xc9\x49\xa8\x60\xf6\x55\xee\xdd\x98\x83\x2a\x19\x80\x8e\xee\x9e\xec\xbf\xaa\xc6\x3d\xe4\xc4\xa8\x74\x77\x7f\xd7\x56\xaf\x2e\x9d\x19\xef\x04\x27\xbd\x5b\xce\x7a\x93\xed\x0f\xb1\x60\xba\xe5\x98\xdc\xa0\xc6\x5b\xdf\xdd\x2f\x70\xea\x6c\x9c\x21\xee\xf2\x3e\xbb\xca\x21\x6d\xcc\xd7\x30\xd9\xf1\x19\x28\x9b\x08\xfd\xae\x77\x4f\x7c\x98\x5a\x63\xeb\xf6\x54\xe1\x66\x5a\xcc\xcc\x74\xdf\x6e\x8d\x29\xef\xca\x84\x9a\xd1\x5b\xbb\x08\x81\x31\x23\xd1\xf9\x59\x2c\xe8\x8f\x1f\x21\xc0\xd7\x1f\x92\xaf\x36\x43\xe4\x9d\xb4\x49\x2d\x3c\x32\xea\x18\xd1\xbf\x6c\x67\x57\x99\xd0\xf2\x93\x62\xb2\x5f\x94\xc9\x3a\xbf\x19\xd0\xbd\x4f\xb0\xad\x33\x8c\xd6\xac\xad\x0d\xde\x53\xbb\x7b\xbc\x28\x17\x63\x14\xf4\x0d\x4e\x64\x46\x53\xcd\x89\xd7\xb3\x75\x30\xe3\xa2\x42\x4c\x74\xf6\x41\xa0\x58\xa8\xa5\x3c\xf4\xfb\xa4\xd9\x29\x3e\x3b\x44\xaa\x2d\xfd\x28\x58\x95\xe4\x3c\x5f\x3a\x69\x1e\xf6\xb9\x8b\xc1\x95\xe9\x60\x59\xc9\xe4\x38\x07\x8a\x87\x4e\x2f\xd5\x09\x19\xc6\xe6\x60\x11\xd0\xdf\x3d\x50\x2c\xe5\xa8\x36\xb0\xf7\x0a\x48\xe8\x63\x08\xd8\x0a\xb1\x82\x89\x9c\x20\x59\x8a\x47\x43\xef\x64\xeb\xfd\xc9\xbe\x6c\xbb\x7e\xbb\x23\xe4\xeb\x0b\x7a\x01\xd1\xfa\xb7\x7c\x58\x88\x59\x68\x77\x54\xe0\xe0\x93\x98\x51\x49\x09\x1a\x72\xc0\xb8\xf7\x60\xd4\x8e\x74\xe8\xb7\x15\xdf\x19\xe5\x2f\x58\x0a\x55\xd0\xab\x0e\x2e\x9b\x0a\xa7\xd8\x89\x66\x90\x4c\xc4\xe6\x8e\x2d\x3a\xd7\x61\xde\xdf\x06\x89\x36\xd1\xa4\xf8\x93\x37\x48\x0b\x13\x9e\x6d\x5e\x18\x06\x67\x06\x2a\x3f\xfa\x90\x1d\x00\xb7\xfd\xd8\x2a\x12\xf9\x1a\x79\x28\xe3\x92\xe4\xa4\x59\x96\x7d\xf5\xef\x28\xe8\xc8\xe2\x33\xba\x04\xb1\x05\x6a\x5e\x7c\xea\x7d\x81\x13\xf5\xdb\xc5\x7c\xf5\xe7\x61\x4f\xc7\xfb\x51\x61\x54\x70\xd0\x1e\x62\x8d\x8f\x17\x0c\x42\x91\x34\x04\xef\x53\xc5\xe3\x76\xc7\x22\x8c\xe8\xaf\x8d\x33\xc5\x25\x29\xe6\xb8\xe2\x0a\x97\x8d\x2c\xa4\x89\xfd\xba\x63\x54\xfd\x58\x0f\x2f\x77\x55\xf3\xf1\xbe\x76\x38\xbe\x33\x83\xc9\x7c\x2d\x05\x7d\xde\x73\x39\x37\xa4\xf9\x61\x4d\xe8\x0f\xb8\x25\x9c\xe7\x9b\x24\xc3\x9d\x45\xdb\x38\xe2\xf9\x7d\xf4\xfb\x2a\xcf\xb4\x7c\x2a\x90\xdb\x8b\x5e\x3b\xde\x26\x7f\xec\x60\x53\x87\x6f\x1d\x5c\xe0\xe5\x34\x89\xae\x10\xe2\x48\x7b\x73\x6c\x2f\x7b\xc4\x48\x91\xaf\xff\x02\x74\x65\x14\x18\xbd\xee\x4d\xfe\xe3\x3b\x01\x2e\x04\x34\x5d\xb6\x03\xb3\xde\x2d\xbd\x94\xc4\x1d\x95\xc7\x44\xcd\xde\x9a\x7a\xdb\xf3\xb5\x27\xd1\x52\x03\x3f\xd8\xb6\x12\x8a\xcf\x37\x03\x42\x9d\x0e\x08\xaf\x8d\x3e\xbc\xaf\x29\xef\xb6\x7d\x2c\xb5\xfd\x44\x1b\xfc\xb5\x08\xd5\x29\xa2\x90\xdc\xa6\x61\x4b\x83\x41\xfd\x36\x8f\x87\x6a\x95\x60\x73\x6b\x47\x18\x96\x00\x55\x79\x76\x60\xb3\xae\xf4\x67\x88\xe8\x76\xb6\xfd\xea\x9a\x54\x7f\xad\xd7\x33\xce\x92\x38\xdd\xfe\x0b\xd3\x7d\xfb\xf2\xf5\xc4\x4d\x45\xd9\xe3\x1b\xd3\x6f\x5a\x4f\x0a\xdb\x0e\x81\xf0\x65\xcf\x73\x6d\xcb\x9a\xff\x44\xed\x1f\xbb\xd7\x97\xcc\xa5\xc9\xbd\x65\xe2\x39\xc8\x49\x80\xec\x2b\x42\x12\xc9\x19\x4a\xbf\x2f\xa1\x3b\xcd\xa6\xf2\x57\x38\x5e\xf4\xc4\xf1\xb1\x3c\x9a\xc1\x8d\x1a\x02\x4b\x72\x89\xc3\x39\x4a\x3b\xbd\x9c\xf0\x51\x3b\x0b\xa1\x0a\x7a\x09\x55\x99\x37\x96\x83\x42\xf9\x8b\x12\xdc\xfb\x45\x7e\xad\xcc\x12\xfe\xdd\x69\xf5\x02\x95\x21\x5c\x47\x8b\x61\x85\x89\x23\x81\xc3\xde\xf8\x96\x42\x5d\x19\xa6\x3c\x44\x77\xaa\x1d\xf9\xd0\xc5\x59\x4d\xb2\xe3\x7d\xfd\xdd\x0c\xdf\xbb\xd0\x6d\x9b\x23\xf0\x63\xf5\x97\x47\xb1\x8f\xcf\x92\x00\x4b\xe3\xf2\x83\x8a\xd7\x04\xdd\xd5\xc8\xfc\xc1\x71\x23\x50\x0b\xbd\xef\xea\x0a\xbb\xfc\x79\x88\x63\x1c\x74\x4e\xc5\x55\x01\x0f\x61\xea\x78\x62\x2b\xca\x0b\xeb\x4b\xb4\x7c\xbf\x0f\xb0\x6c\x93\x1e\xed\x62\xaf\x95\xc0\xc1\xd5\x5f\x69\x60\x89\x04\xed\x7f\xed\x60\x7c\x89\xfa\xa6\x4d\xbe\x26\xea\xc8\x41\x8f\x53\x79\xb6\x35\xd6\x00\xfd\x11\xb9\xc4\xec\xa4\x15\x87\xcc\xea\x13\x52\x90\xb6\xa3\x74\x7f\xa2\x1d\x39\x16\x38\x74\x35\x1a\xad\x8c\xea\xb4\xfd\x84\xae\xc8\xc2\x6f\xc4\x7f\x02\x90\xfa\xf8\xb5\x38\xb2\x9b\x5b\xb7\xd6\xa6\x28\x73\x0a\x35\x27\xc9\x30\x54\xfe\x92\x61\x9e\x00\x41\xd3\x7f\x0f\x77\x49\x24\x85\x99\xd2\xc7\x28\x66\xa3\xca\x43\x12\x44\x9d\x0d\x47\x8c\x38\xd2\x2d\x37\xc4\x1f\xb3\xc6\x78\x1e\x78\x52\xf0\xc6\xa8\x4d\x6b\x43\xce\xa0\xfb\x98\x5e\x0c\x11\xdd\x5a\xf8\xd5\x03\xdc\xe2\x4b\x89\x29\x79\x02\xe0\x91\xf2\x25\x8a\xb0\xc7\x77\xdc\xea\xe8\x21\x33\x47\xf3\x37\x8e\x08\xc5\x5b\x97\x4e\x64\x79\xf1\x97\x47\xf9\x2b\x13\xa1\x72\xa4\xf0\x37\x50\x65\xe9\xbd\x99\x43\x7e\x8e\x88\xe3\x64\xc7\xeb\x61\x5f\xc4\xef\x8a\xd4\x60\x83\xad\x02\xe1\xcb\x5b\xb4\x01\x81\x72\xa9\x37\xab\x6a\x7c\xe4\xa1\x8a\xde\xd7\xf2\x57\x51\x7b\x70\x21\x50\x9a\xcd\x5b\x7f\x73\x0b\xb4\xab\x1b\x3b\x67\x99\xa2\x11\x9b\x7a\x62\xb7\xf3\x97\xc1\xeb\xa7\x1b\x5c\xe6\x18\x7d\x53\x98\xb8\xd0\x7e\x9c\x41\xa3\xee\x40\x91\x49\xf0\xde\x2e\x44\xab\xb0\x63\xe1\xdd\x85\xc1\xf5\xc4\xcf\x31\xbf\x23\x67\xbc\x57\x13\x95\xb7\x76\x15\x2a\x6c\xc7\x6d\x9d\xca\x55\xeb\xf0\xce\x73\x1e\x20\x87\x9a\x39\x44\x2b\xf2\x3d\x5d\x18\xe4\x86\xda\x32\x8e\x9f\x64\x41\x6c\x68\x4a\xbd\xfb\x15\xe9\x14\x0d\x79\xb3\xe2\x0c\xce\x1b\xe7\x2f\x4e\x5b\x5b\xa8\xa2\xd2\x33\x44\x18\x85\xff\xe5\xbe\xe1\x0c\xd7\xf2\x74\x1e\x22\x87\x5d\x66\x4a\x11\x94\xc1\x87\xbf\x57\x79\x84\xdc\xc0\x3c\xc5\xc0\xc8\x2d\x4c\x77\x14\xfa\x84\xd4\x95\xa1\xda\xb8\x93\xd0\x07\xec\x0c\x28\x91\x4b\xad\x5f\x42\x88\x7a\x61\x73\x7f\x96\xf4\xd6\x92\x21\x8f\xef\x0f\x65\xd5\xe7\xcf\xe3\x17\xa2\x38\xa2\x85\x65\x35\xf5\x18\xd3\xdd\xe9\x66\xf3\x7b\xda\x1e\xff\xc1\x4d\xa6\xbe\x08\xb2\x08\x4f\x75\xca\x34\x8d\x1d\x4c\x85\xa2\x98\x1d\x4b\x7f\xf9\xce\x6d\x34\xf1\x99\x91\xbc\x0c\xea\x0b\x4f\xd9\xa4\xc6\x55\xe3\x59\x76\x71\x92\x1e\xfb\x54\x56\x42\x72\x04\xf6\x5b\xeb\x22\x03\xdd\x90\x18\x29\x56\xe1\x28\xdd\xac\x38\x3a\xd9\x9f\xd7\xcf\x8f\x55\x3d\xf9\xb9\xf1\xf6\xe3\xe3\x14\xf9\x72\x5f\xbe\x77\xd9\x18\x51\xf8\x12\x61\xe7\xdf\xa0\x80\x51\x69\xea\x03\x53\x2f\x79\x93\xb5\x8d\x1e\x4d\xe3\xd6\x92\xa2\xb1\x45\x55\xd2\x4a\xc7\xd9\x17\x45\x50\x28\xd3\xd9\xc2\x6b\x20\x5f\x0c\x0a\x1d\xbb\xe1\xd8\x3f\x62\x6b\x6d\xa3\x25\x84\x34\x1d\x39\x09\x66\xb3\x63\x23\x2a\xfa\x17\xe9\xe2\xf8\x60\x27\xf6\xa7\x1d\x4d\x56\x39\x02\x21\x99\x72\x45\x20\x8a\xef\xf4\x3c\x5e\x9a\x65\x99\x27\x90\x43\x24\x5b\x96\x5b\xbf\x21\x09\x65\x0e\x17\x5a\x40\x6a\xe7\x04\xa2\xd8\x52\x01\x92\xc0\x7b\x52\xe2\x91\x26\xa6\xf3\x4d\x93\xf1\x8f\x30\x88\xbf\xf1\x2f\x7a\x70\x6c\x69\xf2\x00\xc0\x1d\x04\x75\x86\xed\x3b\x93\xba\x81\xed\xc1\x2a\x6f\x91\x11\xac\x1d\x33\xc3\xd4\x26\x9d\x92\x4b\xf2\x2e\x99\x02\x06\x9c\xe7\xb2\x07\xbb\xac\x0b\x52\x0e\xd9\x22\x46\xed\x98\x0a\x40\x65\x7b\xec\x87\xc6\x2c\xdd\x00\x97\xc0\x47\x9a\xf6\x28\xad\xe4\x7c\xc8\x71\x36\xc5\x15\x27\x0d\x47\x16\x20\xb5\x68\x66\xe3\xcd\x98\xf6\x8e\xa8\x04\xdd\x4f\x79\xdb\x13\xa3\x8d\xfe\xfe\x27\x91\x74\xa7\x93\xa9\x7b\xd7\x22\xc2\x90\xaa\xbe\xa2\xf0\x5b\x27\x0a\x74\xc7\x92\x5b\x35\x5f\xaa\x7d\x8e\x3f\x7f\x86\xe8\x6e\x63\x05\x11\x7a\x72\x6d\x74\x69\x2e\x5d\xde\x4f\xd4\x1a\xde\xea\xbf\x15\xf1\xc0\x45\xbd\x6b\xd1\xe7\x3a\x79\x6c\x7c\x89\x77\xab\xc6\xf6\x88\xdc\x78\x68\xe8\x98\x73\x12\xf7\x08\x44\x77\x6e\xe3\x1d\x45\xd5\xad\x89\xcf\x50\x71\x86\x54\x1f\x2e\x8f\x7c\xa2\x87\x3e\x9a\xd4\xc5\x14\x34\x14\x3f\xfb\x9e\xd6\x2a\xca\xd3\x63\xd0\xd3\x75\x6b\x64\xae\xfa\x85\xe1\x93\x44\x72\x94\xd4\xc6\x76\x3d\x51\xb2\x09\xd8\x34\x46\xd5\x86\xd6\x8f\x69\x95\x59\xbf\x8f\x83\x49\x06\x60\x8d\x0f\x4c\x56\xc1\xec\xaf\x09\x1a\x65\x85\xc9\x46\x78\x2a\x53\x42\x01\x4d\xe8\xd0\x10\xa6\x3b\x39\x86\xf8\x66\xaf\x56\x1e\x82\x11\x22\x3b\x75\x93\x64\xce\x38\x40\x91\xb5\xc5\x8c\xd1\x78\x68\x4e\x5f\x73\x93\xd2\x8d\x69\x28\xd6\xd0\xd3\x10\x95\xeb\x93\x54\xcd\x71\xfa\x97\x29\xf2\x64\x67\xd3\x44\x4c\x56\x35\x2b\x7c\x2c\xb6\xa0\xbf\xad\x36\x0f\x7c\x3d\xf3\x0c\xe4\x33\xb6\x97\xff\xf6\xf3\x3e\xaa\x48\x57\xd4\xef\xdb\x7e\x66\x69\xf0\xfa\x38\xd8\x03\x35\xd6\xca\x0f\x4c\x9e\xd0\xe7\xcd\x8f\x77\x58\xfd\xbd\xaa\x1f\xd9\xf9\xfe\x90\x9d\x4a\x61\x91\x59\x4f\x84\xc2\x99\xc0\x61\xf3\x3c\xcc\x61\xf6\x73\x95\x5c\x32\x25\xdf\xba\x1b\x20\xa5\x73\x51\xb1\xf9\x1e\xd8\x25\x43\x65\x5d\x31\x71\xf5\x1a\x8f\xe0\x59\x85\x63\xde\x85\xa3\xe0\xc4\xec\x96\xe5\xac\x6b\xe1\x74\x6d\x3f\xf3\x36\xf4\xef\x6e\x68\x22\x01\xd3\x64\x1a\xf4\x41\x15\xbb\x47\xf5\x45\x4c\x3a\xae\x69\x3d\xde\x50\x7c\x5f\x67\xcd\xa5\x30\x84\x4a\x8a\xa1\xa4\xa1\x44\x3d\x80\xf6\x6b\xbd\x48\xe5\x3e\x6f\x76\x0c\x06\x75\x4c\xd1\x60\x65\xa6\x41\x9f\xcc\xc7\xf1\xfa\xf9\x4d\x17\xe4\x84\xa1\x5c\x99\x7e\x02\x4e\xa4\xfa\x80\x40\x4c\x31\x05\x85\x47\x4c\x22\x03\x41\x3a\x7d\x01\xe9\xd5\x1e\x8f\x16\x93\xd8\x35\x12\xa1\xb1\x35\x53\x74\xc7\x6c\xfd\x76\xef\x32\xd6\x3d\xb6\xde\xc4\xa3\xff\x2e\x38\x30\x7f\xe0\x57\x9c\x5f\x27\x71\x49\xf7\xdb\xdc\x52\xef\xca\x10\x96\xee\x24\x00\x19\x25\x77\xcd\xe4\x73\x78\x34\xf7\x0f\xd6\xd1\xe3\xd9\x18\xd4\x2a\xf9\xcf\x8b\x88\x6d\x66\x9d\x81\x66\xdc\xbb\x6a\xd1\x5f\xd1\x15\xae\x5d\xe2\x56\xe7\x53\xb3\xe5\x48\xfc\xf1\xe7\xe7\x76\x37\x6c\xd1\x28\xb9\x20\x44\x2c\x11\x45\xbc\xf3\x5b\x2e\x1c\x5d\x54\xbd\x6f\x9c\xcc\xcd\x91\x76\xc6\x17\x55\xee\xbe\x21\x4a\x73\x0c\x49\xfd\xf7\x92\xbe\x0e\xb9\xb1\x73\x04\xe0\x25\x10\x65\x9c\x9a\x30\x7c\x19\x10\x70\x65\x1a\xca\x6f\xb6\x10\xd9\x39\xbd\x3f\x7d\x0a\xae\xee\xcb\x47\xf9\x75\x2d\x4a\x33\x15\x63\x63\x5a\xc1\xc7\xb1\x75\x46\x75\xab\x62\x1b\xff\x8a\x1b\x79\x68\x94\x7f\x10\x34\x62\x46\x5d\xd0\xd3\x4d\x6b\x64\x36\xb9\x90\x42\xd6\xee\xdc\x1b\x79\xd7\x20\x3c\x70\xd3\x08\x1b\x7f\xb3\xd9\x02\x31\x20\xf4\x72\x31\x66\x06\x85\x08\x6b\x4a\x7a\x89\x60\x45\x56\x44\x08\x5d\x86\x2e\xb3\x49\x69\x96\x23\x4c\x99\x03\x9e\x5d\xb9\x60\x6f\x70\xf5\x15\xc0\x50\x98\xda\x97\x63\x5e\xa2\x1e\x51\x30\x1f\xc9\x43\x7a\x0f\xfa\xdb\xf7\xa3\xe0\xe7\x11\xf9\x9b\x15\xd9\xdf\xd8\xba\x53\x17\x87\x6f\x1d\x8b\xd5\x64\x8a\xae\x5d\x9b\x47\x3e\x37\xfc\x94\xbd\x19\x13\x95\x32\x4c\x96\xf4\x99\xde\xff\xd1\x74\x16\x4b\xd6\x32\xcd\x16\xbe\x20\x06\xb8\x0d\xb1\x8d\xbb\x33\xc3\xdd\x9d\xab\x3f\xd1\xef\x77\xfe\x01\x11\x1d\x1d\x7b\x40\x15\x59\x2b\xd7\x93\x50\x59\x40\x46\x84\x93\x7e\x0d\xc5\xa4\x40\xd3\x1f\x27\x2d\x23\xb6\xa3\xd6\xf4\xc1\x46\x10\x54\xe8\xf8\xc3\xeb\x1e\x89\xd1\x7a\x56\xd9\x7e\xcf\xd0\x34\xde\xac\x84\xf8\x92\xbd\x57\x4a\x38\x53\xf9\x99\x30\xbb\x1d\xcd\x40\xb0\x7b\xfa\x2f\xda\x50\xe1\x87\x81\x3d\xd6\x7f\xbb\x18\xff\x18\x86\xab\xb1\xcc\x6a\x6e\xf7\x7c\xb1\x25\x0d\x86\xf0\x3b\xc9\x1f\x36\xd4\x8e\x07\x45\x1a\xfc\xe6\xe6\x04\x11\x45\x63\xac\x92\x56\x5c\x68\x86\x43\x54\xa2\x61\xb4\x12\xfa\x83\x91\x9e\x11\x0d\x2a\xbb\x63\xa4\x60\xae\x67\xe9\x03\x17\x53\xe0\x6f\xc1\xa8\x79\xe9\x38\x34\x89\xe8\xf9\x27\x44\x5f\x88\x4a\x33\xee\x8f\xbd\xad\x2f\x47\x69\x2d\x79\x7e\xa6\x37\x45\xe4\x73\x33\x41\xf2\x35\x6a\x3e\x45\x2d\x63\x3b\x0c\xae\xb0\x0f\x22\x2f\xe9\xbb\x5f\x12\xff\xc8\xdd\x08\xf7\xeb\xc0\x12\x56\xef\x95\x17\x66\x80\x52\x24\x7d\x0b\x4a\xd2\xe7\x81\x12\xa5\xf2\xe3\x05\xe5\xfe\xf6\xb4\x14\xa2\x52\x63\x1b\xa8\x98\x5c\x34\x3b\x86\x25\x09\x09\x2b\x03\xa1\xe9\x0f\xfd\x4c\xc9\xeb\xa9\x9c\xca\x74\x54\xb9\x73\x2a\x84\x06\xed\x2b\x50\x8a\x4a\x8d\xea\x85\x8b\x76\x8e\x3b\x3e\xfe\x99\x0b\x7a\xe0\x25\x04\xa4\x7a\x33\x22\x5d\xea\x0a\xba\x27\x3c\xa3\x97\x74\xc0\x66\x27\x10\x71\x6e\xeb\xbd\xab\xdc\xba\x6e\x2b\x39\xe4\xff\x5e\xc0\xaf\xeb\x4a\xec\xd4\x07\xae\x0e\x26\xe2\x3c\x82\xef\x88\x63\x63\xd5\xaf\xf0\x83\x51\x1f\xca\x23\x8c\x2d\x85\xf2\xd3\xee\xef\x67\x31\x5d\x9e\xc1\xa5\x15\x14\x5e\xec\x9c\x1c\x71\x3a\x29\x31\xfd\xd7\x93\xc5\xaa\xe8\x5c\xa3\x20\xee\x58\x04\x81\x13\x60\x56\x1f\x98\xab\xfa\xee\xa8\xc6\x9a\x9d\x6c\x54\x06\xef\xc3\x05\x00\x66\x2d\x35\x3d\x13\xc0\x87\x17\x08\x8e\x59\xb0\x3f\xa5\x5b\xfc\x40\xeb\xe6\x63\xfd\xec\xf4\x4e\x7e\xb3\x03\xa1\xda\x3c\x46\xba\xd3\x92\xba\xdd\x04\xb4\x3f\xcf\x93\x5a\x62\x27\x24\x9d\xe0\xdb\x26\x89\xb2\xaa\x0b\xcd\x0c\x9b\xc1\xd4\xc5\x87\xf0\x61\xf0\x31\x7b\x69\x19\x6c\x80\x60\x8e\xfa\x14\xb5\x5e\x3d\x6e\x3a\x3b\x9a\x29\xbf\x4d\x39\xe6\x6c\xfc\x3d\xa6\x59\xcb\xca\x9e\x67\xdd\x3c\x2e\x44\x29\xd6\x32\x99\x1e\x4f\x72\x2c\xa6\x53\xa0\xe4\xb1\x05\x2b\x50\x23\xd4\x02\xce\xc4\xb9\x9d\xa8\x66\x90\xc4\xe5\x2c\x83\x40\x98\x30\x54\xb0\x76\xfa\x4b\x76\x24\x3e\xc2\xcd\xbe\xf5\xcf\xf0\x02\xb8\x02\x3f\x54\xc1\x88\xb2\x92\x1a\x5f\x6b\xde\xd3\xdf\x9e\x9f\x07\x3c\x23\x73\xff\xad\x67\x74\x85\x49\x03\xfb\xe0\x65\xe5\xfa\x45\x73\x3a\x18\xc2\xf7\x43\x90\x4b\xec\x04\x4b\xcd\xad\x67\x86\xb5\x7b\x10\xf1\x4c\xe0\xf2\x56\xd4\x39\x91\x9f\xff\xf8\xac\x96\xc4\xa9\xfd\x91\x34\x80\x05\x11\x52\x06\x1a\x8c\x20\x21\xe9\xcc\xb5\x47\x82\x92\x50\x48\x0f\x01\x91\x47\x57\xb4\x61\x97\x73\x34\xd7\xc5\x92\x75\x97\xf2\x57\xcf\xa2\x0c\x1f\xac\x18\x0e\x4b\x26\x3c\x7a\xc6\xa5\x36\x16\x1b\x41\x50\x44\x0e\x42\x39\x8e\x81\xcd\x1a\x77\x0b\x81\x68\x7e\x88\xab\x53\x56\x21\x05\xcd\x6a\x4e\x0b\x5d\x4e\x19\x0c\x42\x8c\xc3\x39\xae\xe6\x50\x6f\xa0\x3e\xf4\x31\xcc\x30\x41\x16\x77\x6e\x4a\x85\xf4\x23\x10\x17\x68\xb7\x95\x00\x12\x1a\x00\xb4\x9e\x6c\xb7\x32\xc9\x2f\x34\x29\xfc\x40\x70\xce\x19\xa5\x58\xa5\x38\xd1\x18\x2b\x2d\x20\xab\x31\x8e\xb7\x94\xbe\x06\xad\x07\x4b\x84\x6a\x1a\x3f\x67\x7f\xda\x1c\xa4\x30\x8c\x02\xaa\xea\xa8\x37\x3e\x2f\x92\x30\x1a\xb6\xe2\x44\xd2\xf0\xd8\xe6\x27\xe8\x65\x2e\x26\xc4\x81\x33\x84\x45\xc7\x2f\x70\x62\x6a\x2c\x37\x19\xc7\xd1\x3d\x88\x06\xfb\xaa\xe6\x30\x60\x8d\x5c\x01\x36\x3a\xc7\xcb\xca\x3b\x28\xa2\x02\xa1\x59\x30\xf1\x52\xb6\x95\x0b\x4d\xfc\x76\xfa\x04\xf2\x3b\x37\x35\xdc\x0f\xc1\x5a\x60\x77\x59\x5e\xde\xbc\xb7\xa4\x3f\x0b\x88\x02\x01\x44\x14\xe6\x9f\x32\xdd\x30\xbe\x55\xd2\x43\x41\xbf\x5a\xe8\x7d\x53\xb5\x7f\x20\x58\x00\xa4\x8b\x57\xfb\xb8\x50\x9d\x25\xda\x0a\xb1\x62\xb4\xd0\x08\x79\xaf\xb8\xa1\xe2\xd1\xc0\xb3\x03\x16\x12\x79\xe7\x13\xa9\xc6\x93\xf3\x6d\xee\x05\x3b\x42\xa3\x0e\xfc\x2b\xa8\xf1\xdd\x37\xf5\x18\xbf\xb4\xf9\xc5\x1d\xf8\xa4\x6c\x0e\x64\x06\x9a\x35\x78\x4f\xac\xb1\x08\xa8\x9e\xf4\x4e\xd3\xf3\xd1\x20\x38\x3d\x35\xfa\x61\x4f\x1b\x53\xa9\xe5\xcc\x52\x5e\xab\xed\x4a\x94\x68\x76\xea\xe2\x18\x0c\xab\x1d\xa0\x2f\x05\x5a\x17\x4a\xee\x96\x2a\xb4\xc1\x9b\x7c\xb0\x58\x92\x27\xdf\xed\xbb\xdc\xc9\x2d\xd3\x5b\xdb\x40\xb7\x54\xee\x18\x3b\x0b\xbe\x17\x61\x76\x33\xc9\x23\x37\x4a\x79\x02\x2b\xc0\xa7\xa9\xa2\xd9\x61\x8c\x4f\xfa\xe4\xc0\xd0\xb7\xbf\x61\x85\xd3\x22\x52\xa0\xc6\xf0\x75\x6b\xba\x85\xae\x82\x86\x92\x7f\x4a\xc0\x9c\xbc\x5d\xd9\x68\xd4\x78\x6f\xbe\xc6\x59\x9c\xb5\xe2\x01\x81\x4c\xc9\xf9\x6c\x68\x00\x86\x29\x83\x68\xed\x00\xd8\x79\xe3\xee\xdc\x00\x4a\xab\xd4\x3c\x92\x4e\x69\x00\x48\x8f\xf0\xeb\x73\x7e\xd8\x8a\x94\xad\xf5\x67\x59\xe0\xf4\xce\x75\x89\xe3\x00\x2f\x78\xc9\xb2\x45\x01\x72\x40\x20\xf1\xea\x45\x0e\x3a\xb5\x59\x61\xec\xc8\xf4\x20\xd6\x9d\xa6\x07\x2d\x4e\x14\xc6\xcb\xa8\xc5\x4c\x3c\xc5\x4e\xad\x33\x26\x30\x16\x24\x51\xc9\xc2\x2d\x38\xac\xc9\xc3\x8c\x2a\x61\xce\xdd\x13\x1e\x7b\x15\x6c\x5f\x61\xd6\xfe\x9b\xb6\x18\x61\x6b\x48\x0f\x17\x8e\xe0\xeb\xae\xbc\x22\x17\x3a\x34\x3d\x9b\xd3\x57\x89\xb4\xe0\x66\xa5\xc5\x48\xa4\x20\x08\x60\x84\xc2\x0a\xa7\x4f\xc4\xd4\x52\x2f\x68\x5f\x11\x38\x4e\x0c\x91\x1e\x76\x63\x98\x9b\xd2\x96\xb9\xda\xbf\xe4\xe9\x83\xc9\xa1\x6d\xcb\x0d\x6f\x77\xa1\xd1\x03\x3e\xda\xcd\x85\xb6\x96\xea\xc2\x81\x94\x7b\xb9\x97\xcb\x61\xc3\x0b\x99\x74\x47\x32\x03\x2a\xb4\xea\xf1\xd3\xae\xc8\x4a\xa6\xa0\xb6\x5b\x63\x07\x08\xc8\xd4\xb7\x9f\x9f\x36\xaa\x4e\x68\x8c\x8c\x73\x8b\x62\xed\xc1\x7a\xfc\xa2\xd3\x73\x73\x50\xe9\x13\x10\x8b\x6e\xb1\xaa\x36\xad\x07\x32\xb7\x3e\x05\xb0\x92\xac\xa5\x26\xb6\xa1\x83\xe2\x34\xd8\x02\x4f\x90\x08\x31\xb2\x28\xaf\x08\xa6\x30\x0d\x4f\x9f\x52\xcd\x8c\xb1\x85\xab\xd3\x56\x90\x84\xcd\xde\x26\x10\x3b\x07\x36\xe6\x5e\xb5\x76\xd9\xb1\xd5\x8f\xf2\x64\x12\xf1\xcc\x0a\xff\x0c\x07\xbb\x99\x40\x3d\x8f\xcd\x83\x49\xbc\xbe\xc5\x90\x31\x69\x64\x83\xbf\xe5\x6b\xfd\x9f\x63\xfb\xc7\xf8\x65\xe9\x28\xb2\xf3\x8d\xa5\xad\x6f\x4a\x7c\x7b\x84\x5b\x68\xdf\xa2\xd8\xfe\x1a\xed\x77\xa1\x24\x71\x4c\x0e\xb2\x27\x17\xe7\xc8\xbc\x8b\xd4\x76\x2d\xd4\xff\xf4\xf4\xb7\x16\x27\xe8\xdc\x8f\x93\x59\x9c\x28\x4b\x0a\x1d\x30\x46\xe4\xc3\x1a\x63\x9e\x9d\x14\x1f\x1a\xc3\x06\xa2\xa5\x12\xcf\x36\x03\x60\x75\xa2\x59\x03\x44\xfe\xd7\x92\x0e\x94\xc3\x23\x98\xd7\xfa\xf0\xa8\x62\x0d\x21\x97\x1a\xa8\xf0\x4b\xb4\xe1\x81\xa1\x7b\x69\x49\x37\x55\x59\xb2\x0d\xc8\xb7\xc3\xaa\x5c\xbf\x6c\xc1\xfa\x95\x07\x51\x55\x88\xf2\x04\x11\xd2\x8f\x0e\x58\xed\xc8\x89\xba\x9c\xed\x3e\xb8\x54\xee\x62\xdf\x69\x9d\x1e\x49\x28\x75\x46\x32\xbf\x2d\x84\xf7\x43\xbd\x03\x8d\xb9\xbc\xf5\xc7\xfd\x4d\x50\x24\x9f\x94\x5b\xe7\x6d\x88\x65\x53\xb3\x9b\x3b\x89\x11\x7b\x45\x28\xad\x4e\xea\x1e\xb0\xd9\xa0\x04\x02\xfe\xdd\xc3\x89\xa6\xb1\x6e\x1a\x98\x5f\x5a\xd1\x65\x02\xa2\x3e\x02\x2d\x8b\xdf\xda\x69\x5b\x64\x03\x5a\x9f\x0f\xff\x62\xf8\xe0\xcc\xca\x9a\xe2\xb2\x08\x7d\xc8\x6e\x7e\x00\x63\x3d\xab\x26\x4b\xb2\x36\x10\x3b\xb3\x72\xb1\xcf\x15\x92\xeb\xd4\x7c\x96\xf6\xb4\xe3\x07\x82\x69\x39\xb6\xda\x78\x27\x4a\x3e\x9c\x57\xca\x7b\xa8\x79\xc9\x85\xc6\xca\xc2\x04\x2d\x60\xfc\x96\x05\x26\x88\x62\xb4\x1c\x6b\xfa\xe6\xa1\x3b\x73\xac\xf9\x2d\x31\x42\xb7\x82\xc4\x40\x1e\x81\xc8\xbf\xb6\x55\x61\x50\xea\x38\x8c\x2a\xad\x87\x37\x80\xf4\xf8\x55\x15\x3e\x26\x63\x29\x36\x3f\x87\x16\x9d\x3e\x2d\x65\x52\x7c\x4e\xd4\x95\xdb\xf9\xe6\x02\x51\x7f\x47\x5b\x97\x78\x42\x9d\x7f\x9e\x9d\x66\x49\x4d\x26\x62\x19\xa3\xca\x9b\x37\x37\x55\xc6\xf2\x47\x4f\xfa\xa6\xbe\x0b\x5f\x0b\x92\x30\x83\x5f\x06\xd3\x08\x59\x9c\x84\xc4\x7b\x61\xd5\xaf\x3f\xa1\x9c\xd5\x7d\xeb\xe5\xac\xc6\xcd\xa7\xcf\x6c\x23\x21\xdc\xd8\x6d\x33\x4e\xb8\x64\x51\x68\xe2\x8c\xe3\xba\x05\x29\xc6\xcf\x99\x6b\xff\x5f\x7d\xb2\xc5\x64\xee\x07\x73\xc7\xa9\xd6\xb1\x16\x42\x82\xb2\xa6\x63\x2d\xae\xe9\xb8\x2c\x2f\x21\xfe\xf6\x42\x78\x44\x67\x8e\xb1\xc1\x8a\x60\xda\x2b\x2e\x84\x58\xeb\x59\xe6\x58\xae\x26\xb4\xa7\x58\xb1\x24\xd2\x3f\x2a\x74\xa1\x74\x5c\x56\xfa\xfc\xd2\xc6\xcd\x34\x1d\xc0\x3a\x8b\xc1\x24\xc9\x13\x10\xa3\x8f\xb7\xab\x2f\x56\xa0\x92\x8a\x13\x4d\x35\x1b\xcd\xe6\x5d\x14\xcf\x2b\xf8\x9e\x53\x9e\xb3\x08\xa5\xc0\x8b\x7d\xd4\xa9\xa6\xf1\x32\x63\xaf\x21\x5b\x60\x12\x22\x97\x91\xf2\x1b\x1b\xab\x38\xad\x6e\xd5\x4e\xee\x04\xdd\xda\x71\x05\xc3\x0a\xed\x85\x16\x26\xc9\x0b\x53\x6c\xed\x8f\x6e\x9f\x94\xa3\xfc\x1d\xa8\x4c\xa2\xe0\x1e\x19\x9c\xeb\x38\x67\xb5\x57\x04\x8b\x4b\x19\x93\x31\x9e\x44\x70\xb9\x33\x98\x00\xc0\x8f\x5a\x39\xb8\xf2\x3e\x1e\x62\x3b\xc1\x77\x4b\x3f\x48\x42\x76\xf0\xb4\xd2\xda\xc3\xbf\x71\x2f\x6b\x3a\xfa\x26\xec\x1e\x99\x0b\xe1\x16\xef\x1c\xe9\xba\x12\x27\xc7\x32\x88\x46\xd4\xe3\x57\x5c\x3d\xac\xb9\xf7\xd9\x05\xc2\x3b\xaf\x6a\xb3\xa3\x59\x12\xd8\x90\xc1\x4b\xa6\x12\x69\x03\xad\xb8\x3e\x2e\xf6\x40\x68\x5f\xe8\xb9\x7e\x0a\x68\xf5\x47\x01\xf8\x20\xa0\x14\x96\xd6\xd1\x80\x76\xb5\xa5\x4e\xa6\x61\x32\x1a\xe3\x65\x66\xfc\x3b\x0b\x3d\x1b\x04\x51\x54\xcf\x82\x34\xd7\x98\xab\x74\xf1\xf4\xfb\xd3\x7f\x3f\x28\x22\x12\xe8\x55\xc0\xc3\x76\xf0\xc4\x0b\x4a\x88\x88\xbd\x77\x86\xa4\x0c\x97\xfe\xad\xd8\xe4\x4f\x10\xcb\x8a\x36\x1d\xf0\x68\xb2\x17\x82\x80\x7e\x0b\x08\xd0\x85\x8a\x1f\xab\xbe\xae\x92\xbe\x74\x84\x98\xc1\x66\xaf\xc2\x6d\xf0\x75\xdc\x55\x10\x3e\x17\xcc\x16\x0e\x2b\x9a\x1d\x68\x39\x7b\x50\xda\xbe\xfc\xdb\x69\x04\xcb\xa4\x7c\xfa\x17\x9b\x90\xa1\x88\xb7\xf9\xbb\xe7\xdf\xba\xdf\x1c\x79\xcf\xf5\x26\x75\x0f\xb6\x69\x73\x52\x9d\x10\x37\x41\x78\x79\x85\xe3\x68\xfa\x48\xf5\xeb\x54\xd1\xe9\x93\x5a\x9c\xb0\x45\x90\x3b\x29\x58\x5b\xa5\x7f\x8e\x2d\x35\xbb\x7a\xff\x49\xe7\x0a\xea\x15\xee\xb9\x4b\x66\x39\x73\xc8\xae\xa4\x92\xf0\x6a\xb4\x05\x2f\xcb\x67\x4c\xff\x9c\x5c\x63\xd3\x8c\xe0\xba\xb2\xcd\xe9\x44\x69\xd9\xfb\x9c\x8a\xce\x8e\xea\xa3\x43\xad\x46\x18\x57\x87\xcc\x31\x2e\x37\x8a\xdd\x6e\x5f\xc4\xd5\x28\x14\x11\x05\x78\xc9\xaf\xe7\xb2\xa8\x2e\x54\x5c\x10\x61\x49\x21\x3f\x13\x62\xb3\x47\x1a\xac\x2e\x6f\xac\x88\x3f\x0a\xac\xe0\x86\x75\xe9\xea\xbc\xbe\xe6\xbe\x73\x88\x3e\x68\x0c\x34\x1b\xc7\xed\x67\x75\x53\x13\x50\x66\x53\x4b\xbe\x9b\xd2\xfe\x7c\x06\x81\x7d\xd0\x8d\x6a\xce\xfc\x60\xb9\x9a\xf8\x13\x69\x02\xe1\x21\x44\xbe\x26\x9f\x44\x21\xd2\xf6\x37\xcb\x35\x53\xcb\xfc\x94\x20\x85\xee\xd5\x43\x2d\xa1\x24\x3d\x98\x93\xe7\x98\x52\xbe\x6b\xdd\xf3\x02\x5e\x7f\xb0\x0d\x10\x4a\xf5\x2c\x88\x52\x3d\x93\x0c\x3f\x85\xb6\x9b\xba\xb6\x04\xd1\xc0\x50\x7d\xd0\xeb\x18\x77\x18\x52\x95\x84\xdc\xa1\xea\x0f\x7b\x26\x3e\xf5\xf2\xea\xad\x05\x54\xc8\x16\x1c\xbf\x5b\xd1\xf1\x86\x5a\x19\x2d\x44\x0f\x64\x58\xd2\xb0\x96\xd5\x69\x1e\x95\x9f\x5d\x0b\xa2\x08\x56\x3e\x6c\x78\x39\xa8\x09\x5c\xc4\x27\x48\x64\x4d\xb7\x95\x46\x8e\x46\xba\xdf\x81\x01\x32\xcf\xd8\x55\xc2\xf4\x60\xf1\x11\x77\x80\x25\x40\xf4\x00\xa1\x50\xcb\xe2\x75\x5c\xb5\x4c\xf3\xa9\x88\x37\x50\x11\xfd\xd8\x18\xfe\x09\xba\x1d\x6b\x33\xc8\xe0\xa0\x69\x49\x1e\xa2\x0e\x5d\xcc\xf5\x7a\x0f\x19\xec\x7a\x04\x00\x58\x52\x63\x52\x38\x52\x8d\x95\x3f\x41\xb3\x1d\xae\x30\xd1\xb2\xd4\xc5\xbe\x75\xd6\x4c\x10\x4d\x08\x76\xfa\xcf\x29\x01\xef\x16\x32\x27\x92\x46\xee\x43\x2a\x3d\xd2\xac\x66\x23\x1c\x2d\x3e\x36\xf7\x6d\x1b\xef\xc5\x00\xb6\x1b\x98\x96\xd3\x79\xfd\x13\x3f\xfa\x61\x1a\xdc\xe4\x0a\xf3\xf1\xdf\x1c\xb2\x43\x8d\x81\x3b\xff\x1b\xf3\x87\xad\xef\x4a\x6b\x3a\xf3\x56\x4a\xb7\xb2\x26\x84\x28\x2a\x3d\x7c\x8e\x0b\x9d\xe4\x53\x53\x31\xe9\xb4\x0c\xe2\x28\xc1\x9c\x65\xee\xb2\x3d\x00\x8d\xb7\x3e\x86\x41\x9f\x47\x13\xea\x94\xc7\x4a\x5d\x43\x85\x1e\x24\xc7\x27\xff\xf3\x9e\xe5\xb5\xd3\x6a\x3e\x29\x5c\x4c\x55\x37\xb2\x11\x40\x75\x36\xbb\xdd\x72\x02\xe3\x39\xeb\xe0\x6f\xb6\x16\xc9\x14\xd3\xdd\xae\x3d\xbd\xff\x9e\x5f\x93\x86\xbf\x1e\xf2\x89\x72\x6b\xe3\x9a\x4f\x75\xb9\xa2\x60\xc3\xf3\x27\xfe\x36\x23\xda\x6d\xe7\x54\x7c\x12\xab\x7f\x79\x61\x57\x76\x84\x77\xec\x0e\xa2\xad\x88\x4f\x4a\x50\x7a\x36\x18\x00\x9d\xe9\x18\xc4\x0f\xa6\xc1\x0a\x92\xf8\xfb\x41\x25\x0c\x0f\x0d\x96\x55\x70\xaa\xfa\x28\xd0\xb8\xd0\xec\x56\xb4\xee\x40\xc1\xee\xdb\x75\x97\xc6\xc3\x2d\x59\xb9\x64\x08\x6f\x1e\x63\x40\x08\x2f\xb3\x93\xec\x1c\x9c\x4d\x18\x75\xb1\xf0\xf5\xb5\x10\x8c\x07\xdc\x7e\x51\x6b\x59\x71\x7a\xaf\x1d\xa8\xbb\x64\x50\xa4\xdc\x56\x62\xbf\x42\xcd\xb6\x3b\xc7\xdf\x78\x26\xe9\x88\x78\x1b\x42\x8e\xaa\x5d\x3b\xb6\xc4\x54\x3d\x36\x1b\x9a\xc3\xdf\x91\xb5\x58\x28\x59\xb7\x4b\x95\xc6\x67\xbf\x6a\x63\xa1\x24\x3e\x6b\xb2\x5c\xb3\x82\x08\x1d\xe1\xae\x95\x6f\x52\x9d\xa3\xbd\x4c\x14\x2d\xfd\xf9\x60\x35\x03\x69\x78\xb1\xc1\x6f\xb4\x5f\x05\x42\x12\x4d\x04\xc6\x29\x1e\x15\xb0\xfa\x70\x9d\xec\xf6\x7b\x0f\xb5\xc4\xcc\xf0\xde\x97\x67\xf5\xdd\xaf\x30\x23\x74\x6f\x2e\x2c\x54\x0e\x7f\x8d\xaa\xd2\x7a\x7f\x4f\x0e\x55\xd9\x33\x22\x1c\x76\x01\xc2\x6f\xf7\xba\xdf\x0c\x54\xb5\x83\xdd\x2e\xcb\x0a\x13\x89\xd3\x7f\x50\x7a\x8b\xfa\x52\x86\x4c\x26\x8a\xe3\x9c\x12\xdc\x00\x42\x89\xee\x31\x8f\x89\x5f\x37\xfa\x63\x6d\x1f\xb5\x36\x94\x7d\x1c\xaa\x5f\x38\xc6\xf0\xc8\x2a\xe7\x40\x00\xbd\x2e\x94\x44\x04\x78\x81\x88\x4a\x59\xd3\x87\x14\x1a\xfa\xd3\x51\xe3\x01\x37\x62\xae\x29\xb7\xa6\x82\xb6\xac\x06\x8c\x81\x29\x6e\x5e\x35\xcd\xed\x2f\x07\x01\x97\x3e\x09\xa3\xe2\xaa\x43\x0a\x1e\xab\x1d\xd1\xa4\xb6\xb4\x70\x41\x90\x5d\x15\xd1\x82\xed\x94\xa2\x81\xbd\x19\x46\x66\x58\xc5\x11\x7e\x3e\xfb\x9e\x71\xbf\xbc\x54\x71\xf9\xa9\x61\x25\xd1\x5f\x1c\x40\x8b\x47\x82\x96\xe0\x29\x3b\x8b\xc4\xab\x2d\x60\xa5\xd4\x60\xca\xca\xb3\x35\x8d\x10\x45\x6c\x30\xb0\xbc\x9a\x7c\x8d\x75\x6c\xb7\x70\x2e\x4e\x12\x40\x66\xdc\xbb\xc2\x1d\xbf\x0a\x99\x8d\xdf\xcc\xc4\x22\x8b\xa0\xd5\xe9\xff\x0c\xcf\xfe\x0a\x80\x8b\x7b\x80\xad\xdb\xdf\xbd\x19\xd3\xb7\xb3\x6b\xbe\x4d\x39\xe1\x19\x13\x26\x8b\x3e\xb7\xa7\x35\x10\xfd\x0c\x2d\xba\x0b\x30\xd4\x05\xa6\x97\x72\x31\xf9\x74\xc0\x33\xea\x90\x78\x65\x47\xd5\x66\x55\xf9\x5c\xc0\xa6\x5a\x19\xe3\xaf\x9d\x3e\xa1\xcc\xdd\x3f\x29\x22\xe5\x0e\x06\x98\x8b\x10\x1d\xa1\x9a\x6b\xbd\xb8\x69\x4b\xe4\x2f\xe7\x8f\xd4\x7b\x42\x4d\xa8\x39\x2c\xec\x5e\xe3\xe2\x80\xce\xd2\x77\xd8\x3c\x78\xe6\x14\xc2\x17\x18\x0f\x47\x69\xe4\xed\x13\x11\x3f\xbd\x71\xc7\xb7\x11\x3b\x39\x24\x33\x08\x13\xbd\xa8\x95\x73\xec\xeb\x40\xc8\xe2\x7a\x58\x2a\xd7\x27\x57\x96\x64\x3c\xaf\x2e\xef\x16\xa2\xb6\xe9\xb0\x54\x64\xd7\x24\x5f\xf4\xd3\x47\x51\xd2\x83\xe8\x52\x82\x4b\xef\x03\x8a\x9f\xe3\x97\xed\xd1\xa9\x62\x3b\x6f\xca\x43\x11\x89\xe2\xbf\x99\x97\xf2\x0e\x84\xc1\xa5\x93\x4a\x24\x15\x4d\x0f\x65\xfb\x02\xbb\x99\xd9\xac\x87\x06\x54\x48\xde\x6d\x0b\xf3\xcf\xf2\x20\x7a\x15\x23\x92\x67\x62\x7e\x40\x2e\x5a\x24\x8b\x13\x6d\xef\x53\xab\x63\x7f\x90\x51\x65\xb2\x82\x25\x3b\xa4\x1c\x3d\xb0\x92\xae\xc5\x71\x59\x63\x31\x06\x28\x4d\xfa\x70\xea\x94\xc0\xcb\x3a\xdd\x5f\x03\x11\x15\x0d\x14\x94\xf1\x4b\xda\xdd\x98\xf6\x30\x33\xa6\xd9\xfe\x8b\x8f\x6b\xe8\x9a\xf9\x13\x87\xf8\x03\x0d\x6f\x59\xd7\x79\xa5\xad\x58\x63\xab\x09\xff\xbd\x74\x5e\x1b\x7e\x8e\x7d\xbe\x68\x82\x7e\xc3\xfd\xd4\x4a\x5a\x31\xfa\xf6\x02\x6b\xfa\x5e\x38\xbf\x7a\x55\x62\x22\xd0\x45\x19\x6c\x12\x21\xf2\xa8\xa9\xc4\x3c\xdd\x28\xeb\x7c\x9e\xa9\xf5\x48\x1b\xb0\xbd\x41\x93\x5f\xab\xfe\xb0\xca\x4c\x77\x0b\x76\x82\xc0\x13\xfc\x25\x6e\xb9\x7a\xd7\xf2\x32\xb2\xd8\x24\x34\xbb\x18\x64\x21\x45\xd8\xa1\x8c\xc6\x28\x95\xb7\x05\x87\x82\x50\x71\x9e\xc6\x87\x02\x38\x78\x67\x5c\x56\x15\xc7\xad\x23\x43\x1e\x2f\x0d\xf7\x31\xba\x18\x31\xe7\xec\x53\x90\xd7\x82\xd0\xb9\x95\x1b\x14\xb8\x54\x68\xf4\x4c\x60\x6b\xf9\x61\xe1\xa2\x21\x09\x8a\x2b\x92\x7f\x7f\x73\x80\x53\xa4\x78\x17\xc9\x42\x37\xd4\x7d\xeb\x9b\xca\xcd\x48\xa0\xfc\xe0\x22\x62\x97\xa8\xc4\x7c\xa8\x5b\xc4\xce\xd9\x25\xd3\x71\xeb\x4b\xc3\x28\xbd\x83\xd8\xee\x42\x79\x0a\x91\xa4\xd8\xd8\xb0\x55\x6d\xb7\x53\x6a\xfe\xd3\x07\xba\x9c\x82\x93\x2c\xe2\x6c\xbd\x5a\x6c\x4d\x4c\xa0\x44\xbd\x05\x02\xe7\x5c\xb7\x9a\x9c\xaf\xb5\xdf\x4b\x97\x57\x94\x18\x36\xbd\x90\xc7\xf8\x05\xe9\x09\xb0\x60\xa4\xc5\xc5\x72\xd7\xad\xac\x72\xf5\xd5\x92\x05\x22\xc0\x64\x89\x1e\x00\x39\xe2\xb1\xc3\xb9\x58\x98\x95\x6f\xd1\x27\xc1\x66\xce\xab\x50\xe7\xd0\x2d\x38\x6b\xc1\x7b\x70\x15\xdc\x39\xcb\xfa\x75\x8f\x01\x7d\xf0\x00\x97\xba\xae\xc4\x2e\xd1\x00\xc9\xa5\x31\x8a\x4a\x77\x87\x83\xf2\x46\xab\xe5\x9d\x4b\x02\x8b\x66\xf0\x8a\x3a\x1f\x0b\xb8\x53\x82\xd2\x0a\x27\xb0\xfe\x8f\x0b\xff\xbd\xa7\x24\xc3\x48\x05\x1e\xc0\xf1\xb3\x7a\xd0\x09\xd0\x8c\xc0\x53\x52\x99\x74\xa4\x90\xd2\x94\x7a\xf7\x6c\x17\x7c\xe9\x89\xaa\x39\xaf\x5d\x91\xd3\x77\xdf\x34\x92\x33\x59\x8a\xc0\xa6\xee\x41\x7f\x05\x07\x09\x76\x92\x86\xc3\x1f\x67\xee\xca\xdc\x39\xd3\xbc\xaa\xed\xda\x1e\x77\xcb\xc1\x7a\xe5\x42\x9b\x0a\x97\x0a\x6e\x4f\x1d\x4c\xe2\x9d\x25\x12\xe0\x0a\xa7\x48\xf7\x6a\xb4\xb8\x15\x00\xe8\xf5\xce\x6f\x83\x57\x74\xc3\x81\x0c\x01\xdd\x6e\xc7\x77\x24\xeb\x9e\x99\x2e\x0f\x80\x05\x7d\xa1\xb9\xa3\x04\x29\x2e\x65\x81\xca\x40\x1b\x10\x5e\xab\xc3\x1e\x12\xa7\x24\x94\x6d\xd0\x4b\xfa\x67\xd2\xd9\xf6\x1e\x9b\xfc\x8a\x04\xa7\x5b\x6d\xa2\xf0\x16\x8a\x4a\xf2\x2d\xa5\xcb\xdd\xff\xb1\x9e\xdd\xa5\x19\x33\x18\x6d\x48\x1e\x2f\xc0\x57\x47\xbe\x10\xeb\xca\x1d\x07\x24\x8a\xbd\x10\x25\x6f\x61\x1b\xc9\x5d\x94\x9f\x2f\xe4\x28\x25\x67\x92\xa3\xbb\xaa\xc3\xfd\xd8\x9b\xb0\xd8\x46\x1f\x7b\xbf\xa6\x84\x58\x9f\x9c\x39\xff\x31\xf6\x20\xf2\xef\x0a\x97\xcb\x9a\xf6\x88\xd1\x25\xaf\x34\xff\xac\xe9\xfb\x8c\x97\xda\xf9\x9f\xe4\xa1\x94\xc1\x7b\x10\x65\x5e\xc7\xe9\x3e\x47\x16\xc0\x7f\x3a\x57\xa9\x76\x43\x8d\x80\x4e\x55\xb2\x6a\xa1\x61\xfa\x00\x06\xcb\x39\x71\xf4\xc3\x01\xa5\xad\xfc\xdc\x08\x34\xb3\xf3\x60\x9a\x98\x1c\xb8\xf0\xc2\x5a\x56\x2a\x4d\xf2\xe0\x91\x17\xe2\xbd\x6e\xf9\x0a\xfb\x86\x15\xd7\xcf\x48\xa3\xc2\x26\xfa\x29\xee\x7e\xf1\x16\x5b\xc0\x64\x61\xd1\x1d\x3d\x3e\x34\xa1\x65\x9c\x5e\xbf\x86\x33\x59\x07\x5e\x6e\xe9\x8b\xfb\x75\x6b\x69\x2f\xb5\xa8\xae\x30\xe0\xf0\x91\xac\xe9\xb8\xad\x22\xbb\xe2\x3f\xa5\xee\x5a\x61\x72\xcf\x1d\x01\xc0\xaa\x85\xb3\xc3\x57\x3a\x37\x56\xf1\xb3\x1a\xed\xd9\x37\x9a\x11\xcb\xaa\x0b\x2d\xaf\x4d\xbd\x75\x00\x28\xec\xdf\xe3\x07\x43\xe9\x6f\xc1\x37\xe3\x26\x21\x04\x9e\x5f\xbc\x74\x69\x45\x5b\xad\x82\xb2\x43\xe1\x69\xe3\x02\xd2\x22\x10\x92\x77\x20\xc1\xcf\x88\x32\x42\x95\xfb\x45\x76\xe9\xbe\x23\xe4\xe8\x06\x40\xf8\xc9\x25\x95\xab\xe7\x44\x74\x66\xc2\xec\x36\x63\x86\x51\x5d\x2f\xe8\x19\x26\x12\xc6\x41\xf4\x97\x3b\xa3\xad\xd7\x57\x3d\x69\xf7\xec\x93\x80\x95\xdb\xa0\x5d\xbe\x6e\x96\x36\x7a\xb6\xfd\x43\x1e\x10\xe6\x5e\x58\x76\x6e\xba\x1c\x3c\x13\x81\xbc\xb7\xd4\xbe\xfb\x5f\x45\x39\xce\x4d\xf1\x8e\x49\xef\x09\x58\x41\x19\x9b\x3f\xbf\x85\xd2\xf9\xc2\xa0\xda\x86\xaf\xa8\x33\xb5\x16\x4a\xd2\x70\x14\x06\xa3\x92\x5d\xd4\xbf\x9d\x8c\x4a\x1b\x8f\xc1\x91\x85\xe7\xc4\x7c\xbb\xdb\x18\xcf\x71\xea\x87\x66\x43\xb6\x20\x88\xf5\xf7\x6b\xa0\xde\x86\x86\xc1\x16\x3a\xe6\x14\xa4\xa4\x70\x03\x38\x97\xa6\x75\xe0\x15\x3d\x8d\x9a\xd3\x8c\x25\xb9\xe0\xec\x6b\x78\x28\x33\x5e\x25\x06\x9f\x16\xe3\x8d\x7c\x45\x60\x8d\x65\xa7\xe7\x7d\x08\x40\xf3\x2f\xcb\xdd\x26\x4b\xa1\xd4\xd4\x5c\x51\x86\x7e\x00\xc8\xf6\x10\xf7\xb1\x7e\x73\xa2\x2e\x44\x5b\x1b\x56\x3b\x78\x96\x35\x2f\x91\xa9\xb9\x45\x60\x72\x93\xcb\x19\x8c\x50\x0c\x77\x25\x5f\x4e\x99\xca\x3b\x68\x02\x7c\xc4\xe1\xda\xf6\x21\xd4\xb0\xd4\x33\xe3\x83\xde\x0a\x11\x71\x06\x20\x28\x75\x00\x2a\x0d\xf8\xd1\xd9\xa3\xba\xad\xd0\xc1\x3a\x76\xaf\x0f\x7d\x79\x1d\x58\x4c\xdc\x2d\x67\x29\xd7\x82\xb5\x4c\x1e\xff\x5a\xd4\x76\xad\xe7\xde\x89\x7c\xf4\xb0\x5e\x15\x24\xfa\xa4\x2e\xd5\x1d\xd8\x0f\xff\x89\x39\x38\xb9\x4a\xd0\xb1\xe8\x84\x12\x31\x47\x77\xfb\x2a\x6e\xeb\xbd\x03\x2e\xf0\xa9\x78\x7e\xcc\x1a\x1b\xb1\xcd\x69\xd5\x2e\x57\x83\xd3\xc5\x60\x73\x96\x22\xbf\x81\xbb\x3d\x1a\x00\xd6\xa1\xdb\x6d\x5c\x9b\x2a\x1a\x78\x3c\x7f\xc0\xd2\x70\x59\x81\x6b\x23\xe7\x18\x02\xbd\xda\x11\x18\x08\x1c\x25\xfe\xe9\x5b\xf1\x26\x8d\x5d\xf6\xf6\xb3\x70\x8b\x28\x82\x81\xac\xf9\xa8\xe6\x65\x3f\x1c\x03\x9a\x08\xe6\x6b\x2a\xea\xa0\x8e\xee\xba\x07\xd1\x94\xbe\x3b\x45\x3f\xb1\x36\x10\x60\x98\x8c\x4b\xe7\x5c\x62\x77\x01\x41\x55\xd9\x61\x64\xbe\x01\x48\xb6\xdd\x93\x8b\x62\x19\xd4\x7d\xb0\xc7\xe4\x64\x0b\x34\x77\x53\xe2\xf9\x18\xd1\x1f\x0d\x09\xf6\x4d\x7d\x65\x2c\x37\xf9\xa7\xc7\x52\x43\xe4\xd8\x4a\x7a\xa8\x8c\xfd\x20\x47\xc0\xb1\x9c\x28\x10\x8c\x5d\x0b\x7e\x2b\xfe\x3c\x6f\xe4\xfa\xcd\x75\xe1\xc0\x6e\xfa\x91\xf6\xc8\xde\x4b\x5d\x1a\x14\xd4\xaa\x9d\x56\x9e\x02\x02\x22\x9f\x57\xbf\x58\x7d\x7a\xe3\xb2\xee\xdb\x36\x62\xbb\x7c\x41\xd7\xc1\xfc\x1f\xeb\x86\x5b\xf0\x39\xa7\xa4\x43\x35\xf5\x8b\x2f\xd1\x55\xda\x79\x56\x91\xab\xa6\x91\x12\xac\x2c\x14\x7d\x7f\x3f\xde\x5e\x82\x1d\x1d\x93\x4f\x0f\x13\xd0\x8c\xb2\x39\xae\x33\x9c\xed\xe2\xd5\x27\xde\xb1\x38\x10\x9a\x45\xc7\x2a\x3b\x10\xfa\xca\x46\xc2\x8c\x10\x74\xc1\x4e\x6f\x4f\x44\xb6\xae\x79\x5c\xa6\x9a\x5e\x3c\x4e\xda\x2b\xa6\x0c\x81\xdd\x23\xc2\x0b\x4b\xa7\x80\xca\xfc\x3d\xb6\x7f\xf3\x78\xd1\x59\xd1\xcf\x80\x62\xb9\xbe\x3e\x09\xa2\xb6\x5e\x0d\xf4\x7e\x27\xd0\x14\x39\x96\x3f\x46\x35\xa6\x6b\x92\x6a\x09\x3f\x55\x3c\xbf\x2e\x74\x1b\xdc\x3e\xf8\xb1\x0e\xc6\x2d\xdc\x8f\x02\xad\xee\xc9\xaa\x25\xb3\x05\x49\xfa\x16\xf4\xb9\x16\x24\x17\xd9\x3a\x3e\x25\x6f\x63\xdb\x4e\xc6\x41\xbd\x42\x25\x80\x79\x06\xf9\x97\x84\xd1\xd0\x25\x3b\x0a\xd8\x55\x4d\xbc\x07\xa6\x28\x76\x55\xdd\x5c\x2a\x21\x60\xb2\xb7\xbe\xf9\xb9\x7a\xc0\xd7\x98\x59\xbd\x70\x41\xad\xfb\x92\x77\x6b\x61\x9d\xa0\x05\x14\xf5\x4e\x14\x80\xdc\xcd\x84\xa8\x39\x72\x8e\x77\x78\x2e\x4d\x77\xc6\x6f\x6b\x46\xd2\x04\x5d\x82\x19\xb4\x16\xb7\x88\x15\x08\x59\x40\x03\x99\x2a\xac\xa8\xa3\x5e\xac\xf3\x0e\x1b\x2f\x6d\x3c\x6a\x1d\x42\xd4\xe1\x26\xda\x32\xda\x2a\x4d\xda\xc8\xa1\x78\xd7\x1b\x52\x98\xf0\x82\xac\x77\xe2\xb4\x23\x27\xf3\xc0\x94\x91\x00\x30\xb9\x36\x79\x11\x65\xbf\x98\x4e\x8e\x6a\xd3\x8f\x7b\x4a\x9c\x2e\x7b\x32\x2e\x3e\x0c\xcd\x0e\xe4\xc9\x2b\x29\xc6\xe8\x17\xe7\x2a\xa1\xa6\x09\x48\xb8\xbd\xc6\x74\xb4\x4d\xc8\x27\xad\x55\xc4\xf2\x66\x68\xba\x00\x88\x7a\x85\x1d\x7c\xef\x6a\xbf\xd0\x5d\x3c\x85\x4b\xc8\x6e\x1e\x59\xee\x80\xb2\xc7\x4d\x6f\xc4\x75\x5e\x35\x1a\x10\x63\x18\x2a\x1f\xdd\x6e\xc2\xaf\x0c\xbd\x50\x92\x66\x57\xca\xfd\x0d\x86\x17\xa2\x1d\xde\x23\xf1\x72\xf5\x28\x71\x6e\xeb\x37\xff\x10\x7a\xe1\x8f\x7f\x75\x66\x4f\xe9\x39\xf3\x95\xa7\xb5\x93\x55\xab\xd7\xef\xab\x48\xc2\x98\x9b\xb2\xc6\x0f\x86\x84\x38\xb7\xab\x0b\x94\xda\xe4\x9b\xfa\x1d\x21\x60\x9a\x6b\xca\xbb\x39\x90\x9b\xa0\xb0\x65\xea\x73\x5a\x88\xa8\x38\x51\x3c\x46\x45\x84\xce\x2f\x10\x03\xd4\xfb\x08\x21\xba\xaa\x24\x40\xf7\xec\x84\x13\x75\x13\xb4\x80\x40\x4d\x86\xdd\x9b\x28\xdc\x28\x2f\xa6\xd6\xb8\x04\xa2\x29\x8c\x02\xb6\x0d\xa1\x9c\x99\x4e\xce\xe8\xc1\x01\x75\xf2\xb4\x47\xa9\x28\xa9\xa6\x2c\x8e\x94\x03\x80\x2c\xeb\xfc\xb5\xc4\x67\xcf\xe2\x47\xc8\xc6\xe8\x77\xe7\x32\x77\x90\x13\x7d\x83\x24\x99\x1f\x27\xd0\x09\x0a\x94\x4b\x31\x20\xb0\xca\x99\x8c\xa9\x10\xc4\xbd\xec\x7a\x54\x67\xd9\xd2\x21\xe8\xca\xa4\x5f\x17\x4a\x60\x89\xd0\xc9\x21\x9a\x1e\x35\x44\x56\xfb\x67\xa1\x30\xed\xf8\x95\x30\x5d\x54\x32\xee\x58\x6e\x48\x28\xf6\x82\xbc\x0b\xd0\xd5\x82\xcb\x2b\xe3\x17\x82\x6b\x65\x02\x38\x6e\x32\xb0\x8e\xc3\x7a\xa1\x1b\xc4\xb2\x21\x58\x32\x0a\xe1\xba\x8d\x5f\x5a\x28\xa6\xaf\x46\xda\x25\x10\x18\xc7\xe5\x21\xcf\xb4\x14\xc2\x5b\x72\x65\x18\x05\xb8\xcc\xa3\xb9\xd4\x79\x6a\x2d\x71\x8f\xbb\xf4\x06\x90\x5c\x8a\xcd\xcd\xa9\x74\x8b\xe7\x48\x91\x77\x72\x5d\xbb\x8c\xfe\x18\x5d\x1a\x86\x4a\x19\x54\x90\x3e\xff\xc4\x94\xaa\xa2\xfd\x24\x8f\x6f\xf4\x92\x7d\xec\x1a\xb0\x5a\xa1\xc2\xf2\xd0\xd2\x2a\x23\x6b\x24\x0f\x84\xc6\xc1\x17\xcf\xdf\x49\x79\x83\x20\x08\xa2\xb6\xc7\x59\xb3\xf1\x95\x0e\x03\xf9\xb1\x96\x8d\xb8\xeb\x17\x8a\x65\xee\x9c\x5b\x97\x30\x1c\xd6\x74\x5a\x52\x71\x4b\xc4\x54\x1f\xe8\x12\x91\x8a\xf3\x31\xb2\x5f\x1c\xfb\x4b\x2d\x42\xfd\xd5\xdf\x7c\x20\xf1\x33\xb6\xaa\xe7\x86\xe1\x42\xa7\x10\xeb\xba\x0e\x06\x00\x52\x68\xf6\x80\xd7\x89\x66\xbb\x45\x1e\xb4\xe5\x45\xb0\x17\xfd\x1c\xdf\x0f\x24\x16\x8b\x58\xa8\x90\xec\x7d\x4b\x6f\xa2\x38\xb7\x19\x59\xf7\x48\xda\x25\x50\xe1\x67\xb7\xec\xe4\x89\x56\x9e\x4d\x3f\xf5\xe7\x3e\x2d\x0e\xa8\x0c\x3b\x9d\x02\xb8\x08\x8b\x36\x06\xd1\x7e\xa3\xbe\x1b\xca\x0d\xa9\x16\x57\x1a\x00\x33\x96\xfc\x02\x9c\x30\x90\x89\xc4\x4d\x41\x01\x5a\xfe\xb1\x18\x8b\x97\xb9\x03\x90\x48\x98\x1a\x22\x0e\xa3\xf2\xc2\x9c\x52\x5f\xb8\xf5\xca\x42\x57\xbf\x5f\x64\x6e\x05\xfa\x08\x93\x01\xa7\x75\x59\xf9\x7e\xa6\x8e\x4c\x42\x9b\xe2\x3b\x20\xeb\x1e\xc5\x9a\x69\x46\xd6\xbb\x7f\xdb\x37\xbe\x0d\xa7\x09\x3a\x8b\x24\x62\xdd\xd6\x67\xff\xd7\x89\x60\xc4\xdb\x78\x64\xeb\x54\x74\xe6\x54\x3c\xb7\x85\x28\xa7\x99\xd8\x15\x93\x82\x2c\xf9\x59\x2e\x3f\xd0\x39\x54\xfe\xec\xf4\x4b\x61\xb0\x42\xdd\x00\xb7\x9c\x8f\x20\x0b\xf4\x7b\x48\x26\xcc\x48\x6b\x7a\x8b\x34\x0c\xce\x6e\x77\x5d\xe1\x0b\x33\xf0\x8c\x18\x96\x64\x77\x07\x97\x0b\x19\xeb\x37\x9c\xaa\x83\xbe\xda\x1e\xb2\x7b\x70\x0c\x11\x5a\x73\x5d\xb6\xb4\x96\x05\x9e\xb2\xaf\x3c\xe5\xe5\x4f\xc7\x29\xba\xbc\xe3\x99\x30\xd4\x63\x24\xd2\x70\xb8\xee\x18\xd1\x16\x43\x44\xf6\x6c\xfc\xca\x65\x0d\x38\x4e\x0f\x24\xe7\x9a\x70\x60\x67\x21\xf7\xd5\xe9\xef\xe4\x67\xdf\xf0\x42\xb8\x9b\x54\xef\x55\x75\x61\xdb\xe0\xdc\x20\xf0\x8a\x47\x1b\xad\xab\xee\x3c\x84\xaf\x8c\x6f\x20\x52\x99\xb9\xf3\xb5\x6b\x40\x68\x6d\x10\xa8\x04\x9b\x30\xb5\xc7\x18\xd1\x0c\xd9\x8a\xab\xc3\x45\x45\xd6\xeb\x6b\x0f\xbd\x44\x5f\xa8\x27\x9a\xc3\x5f\x93\x7a\x74\xc3\xf9\x83\xe2\xfa\x83\x92\xd2\xe5\xb5\x6e\xa0\xfd\xac\xc6\xb2\x8a\xcd\xfc\xdf\x5e\xe4\x69\xf9\x77\x10\x84\xb9\xcd\xc4\xdf\x64\x9d\xd3\x4a\x98\xc7\x96\x22\x1d\x05\x9a\xbf\xeb\xae\xe1\xec\x58\x2b\xdb\x49\xad\x3f\x70\x44\xf6\x4e\xe6\x7e\xd0\x60\x66\x7f\xd3\x9a\x1d\x48\x2d\x98\xef\xb4\x01\xa4\xd2\x4f\xc5\xef\xf8\x16\x73\x98\xd3\xf0\xbc\x50\x92\x03\x8a\x64\x47\x52\xd9\x17\x04\xe9\x00\x2e\x4d\x7d\xf5\x4e\xff\x04\x68\x35\x9c\xd5\x62\xbf\x73\xf9\x09\xac\xec\x0a\x8f\x6f\xa8\x5f\xa3\x83\x67\xdc\x96\xf3\x77\x87\xda\x41\xf0\x89\x97\x36\x37\x55\x91\x07\x42\xe2\xc0\xb7\x6b\x3c\x25\x26\x63\x30\x30\x51\x86\x11\xa5\x37\xb7\x0c\x72\xb9\x71\x98\x8e\xc3\xba\x05\x2b\x5c\x5e\xd3\xab\x04\x7d\xab\xd7\x92\xc8\xee\xd6\xf4\x34\xb2\x2b\x0c\xd0\xa0\x50\x13\x47\x4e\x8a\x9a\xf3\xe2\x5e\xd8\x0e\x0f\x84\xfc\x6b\xca\x42\xdb\x6d\x0b\x96\x1d\xc8\x5b\xea\xd3\xcf\x2d\x22\x1f\x6e\x3c\x02\x71\x39\x7b\xd5\x5a\xec\xd4\x5a\x1c\x00\xab\x0d\xa6\x41\x3a\x08\x83\x21\x09\xe0\x22\x0a\xa1\x42\x0a\xe0\x2a\xba\x75\x96\xf9\xff\x56\x02\x95\xf7\x77\x41\x94\x55\xac\xb2\x25\x77\x78\xad\x12\xe7\x2d\x2d\xc2\x5a\x98\x60\x29\x79\x0c\xc8\x1f\x67\xcb\x62\xbf\x16\x98\xbf\x65\x64\xdf\x48\x14\x35\xab\x23\xf2\x5e\xb9\x8d\x70\xfd\x0d\x49\xf8\x17\x93\x26\xdb\xd8\x88\x1b\x23\xc7\x92\xde\x06\x56\xb3\x82\x10\x8b\xcd\xa6\xbe\xa1\x67\x02\x97\xf3\xe5\xf4\x89\x57\x7e\xf1\x73\xec\xd0\x8f\x25\x47\x58\x7e\xdf\xf0\xc0\x54\x7f\xd5\xac\x4f\x00\xaa\x20\xa0\xb8\xec\x3c\xf9\xa4\x50\xaf\xe5\x3e\xb2\xc4\x62\x39\x92\x15\x73\xaf\xf8\xe2\xb9\x32\x3b\x20\x6c\xce\x42\x3c\x69\x72\xdc\x04\x55\x1a\x9f\x0b\x35\xf2\x34\x73\x8c\x0c\x75\x4d\x7a\x88\xed\x13\x1f\x91\x6a\x01\x95\xf1\xbb\x6b\x61\xdf\x7e\xd2\xcf\xf1\x83\xbf\x4b\x74\xfa\x04\x05\x3f\xca\xa5\x43\x7c\xda\x08\xa0\x4f\xfe\xfe\x23\x3a\x73\x22\x35\x03\x0a\xda\x10\x5d\x49\x73\x5d\xbe\x7d\xf5\xad\xbf\x94\x4b\xf7\xfb\x28\xe5\x75\x64\x73\xb8\x9a\xb2\xe0\x44\xed\x75\xa0\x81\xcb\x5d\x66\x95\x65\x02\x38\x8f\x3a\xd7\x0f\x0a\x7e\xe6\xbd\x84\x89\xe3\x1d\xb0\xfe\x22\x87\x21\x16\x98\x90\xed\x8d\x66\x85\x04\xff\xe3\x2e\x22\x1c\x96\x98\xe3\x6c\xc0\x19\xf5\xb1\xa0\xcf\xdf\x77\xfe\xad\x29\x6f\xa1\x08\xde\x0d\xb0\xbf\x1c\xdd\x3d\x14\x48\x9c\xd7\xf6\x62\x23\xab\xba\x93\x52\x8b\x6b\x61\x7e\x57\x1b\xe0\xc7\x6e\x4a\xd9\x52\x59\x3c\xc3\x54\x0e\xdb\x5f\xb5\xc4\xee\x1f\x10\x3f\x69\x1d\x4b\x0f\x55\xfd\x96\x74\x5c\xc2\x60\xb0\xdf\x6c\x58\xc2\x20\xc8\x00\x58\xab\x5b\x80\xea\x0a\x8b\xe9\x05\xdb\xfe\xbd\x44\x51\x1d\x1d\xbd\x7e\x86\xf8\x95\x8a\xc3\xc9\x09\xba\x23\x57\x50\xe6\xcb\x5b\x01\x98\x82\xd8\xef\xf8\x6f\x0f\x7f\x3c\x2a\x3b\x92\x1a\x9e\xfe\x18\x9e\xf0\xe9\x9f\x0e\x1b\x45\x14\x40\x94\xc5\xf4\x6c\x32\x2c\x69\xc8\x58\x11\xa5\xf3\x36\x6a\x7c\x39\xea\x04\xfe\x52\xc7\xe3\xb2\xc6\xa3\xea\x4e\x09\x64\x28\x49\x1b\x0e\x73\x86\xe7\xbe\x5b\x0a\xd1\x01\x80\x3f\x54\x34\x21\x0e\xe6\x1b\xe8\xb6\x30\x52\x36\x8d\x9f\xf3\xaf\x3e\x7c\xdf\x89\xbc\xd0\x26\x7f\x55\x37\xa3\xbf\x16\x87\x45\xdc\xa8\x76\xf3\x9b\xd1\x46\xef\x58\xa8\x3f\x01\x10\xb3\x95\xce\x81\x60\xa3\x32\x69\x01\xb8\x60\xeb\x21\x7e\x49\xbf\x5f\x03\x35\xd5\xd4\x21\x28\xad\x29\x55\x47\x3a\xc2\x07\x58\x66\x86\xf8\x36\x6c\xef\xd7\xbe\xd0\xb8\x54\xba\xc3\xab\xe8\xc5\x87\xc6\xd9\xfe\x31\x88\x40\x9f\xfd\x1e\xf2\x23\x68\xdd\x99\x1d\x56\xec\x55\xf9\xbb\x69\xc7\x55\xda\xf7\x8d\x13\x0f\x97\x40\x81\x27\xaa\x09\x3f\xbd\x1e\x3f\x3d\x0a\xe0\x01\x30\xa5\x40\x5c\x52\xf1\x65\x47\xd2\x31\x39\xb3\x10\x5e\xd2\x70\x58\x92\x70\x68\xe2\x58\x4f\xf2\x78\x75\x87\xc5\x16\xd7\xa2\xec\x62\xc6\x45\x06\x81\xc1\x0a\xb3\xe6\xc7\x87\xb6\x3c\xe8\x74\xd6\xdb\x73\xb9\x4a\xb6\x62\x0a\xb0\xaa\x8d\x0e\x56\x43\xb2\x09\x34\x25\x0a\xc9\xc1\x3e\x47\x4e\xf0\x01\x17\x1d\x80\xbf\x1d\x5f\xe3\xb6\x16\xbb\xf2\xa5\xcd\xfe\xe6\x32\x33\xbf\x9a\xaa\x2a\x59\x70\x2f\x56\xcf\xcc\x57\x70\x1d\x3d\xe1\x8d\xa1\xc2\x5a\xdb\x6d\x0b\x62\xbc\xb0\xc0\x4d\x91\x2b\xfa\x6d\x60\xaa\xc8\x1e\x1b\x6b\xce\x8e\x38\x2a\x12\xbb\xd1\x3b\x81\xf5\x0f\xe0\xe8\x74\x67\x59\x9b\xb2\x56\x38\xa5\xa7\x4b\xc1\xc7\x78\xdc\xd7\x3e\xb2\xfd\x1f\xeb\xe4\x57\x24\xf3\x01\xcd\xf6\xe4\xaf\xdb\x79\x99\xe9\xdc\x82\x7f\xa4\xb2\x91\x5b\x28\xc9\x8c\x11\xf0\x6f\xa7\xc2\x68\x8b\x25\x2f\x2f\xdc\xd6\x91\xf6\x7c\x17\x04\xc9\x36\x53\xdf\x7d\x0e\x07\x27\xde\x43\x2d\x38\xa1\xcc\x18\xdf\xc0\xdf\x3f\xfd\x33\x20\xd7\xff\x18\x7c\xaf\x32\xa4\x38\xbb\xc5\x71\xdb\x29\x42\xc8\x51\x6c\x6f\x28\x8c\x96\xb4\x1c\x66\xd5\xd5\x2c\x57\x65\x01\x89\xbb\x41\x74\x7d\x12\xfd\xf5\x07\xc5\x7b\xc6\x96\xb9\x3d\xc9\x86\xa8\x31\x32\x31\x50\x40\xc7\x4d\x06\x25\x8e\x01\x19\x50\x6a\x9e\xbc\x12\x0d\x82\x2e\x48\x1a\xe8\x3b\x8a\x24\x07\xfc\x8c\xb9\xa1\x09\xd1\x6c\xb6\xf0\x3c\xd1\xdc\x73\x84\xb2\x4f\xa6\x35\xd1\x28\xca\xcb\x7f\x33\x23\x3a\xab\xc1\xf6\x07\x95\xb5\x55\x1b\x53\xf8\x5f\x0b\xe2\xee\x9b\x1d\xe6\x44\x42\xa2\x02\x5a\xec\xe3\xf9\xf0\x11\x97\x86\x54\xdb\x4f\x2b\x72\x32\xc7\x62\x5d\xb3\x2e\x73\x3a\x3e\xf9\x35\xaa\xe3\x32\xa7\x85\xa9\x67\x7f\x7c\x2a\x2c\xd4\x54\xad\x28\xe9\x07\x8a\xbb\x6f\xe9\x93\x16\x27\x92\x79\x17\x59\x8c\xe8\x41\x5a\x5c\x23\x2d\x9c\x7e\x20\x14\x0b\x17\x2b\x9c\x62\x65\xe8\xd7\x5d\x4c\x3f\xc3\x65\x87\xba\x62\xbb\xad\x54\x5a\x56\x37\x7d\x34\xc8\x2e\xaf\x05\x53\x2b\xf2\x73\xb0\xdb\x91\xd3\x65\x4d\x47\x3c\x67\xf0\x57\x5f\xcb\x71\x59\xd3\xa6\x0f\x7e\x67\xb6\x92\x79\x38\x2e\x4b\x92\x86\xfb\xc6\x3c\xd8\x6f\x5e\xf5\x56\x71\x25\x50\x6a\xc2\xa4\x4d\xeb\x71\x0b\x0d\x23\x22\xc8\x37\x1e\xe1\xc3\x46\x52\x59\xfc\xcd\x86\xb2\x56\x17\x0d\xaa\xb8\xbb\x33\x86\x4b\x97\x27\xcf\xfe\x31\x33\x3d\x06\x97\x12\x0d\x49\x2a\x36\xbb\xc7\x10\x3b\xfe\x1c\xa7\xf6\x84\x4a\x23\x71\xb2\xcc\xf4\xd1\x65\x4d\x90\xce\x33\xe8\xf4\x25\xb8\x17\xfc\x5c\x21\xbb\x5e\xe1\xdd\x37\xf5\x5f\xaf\xe7\xe9\x22\x0c\xce\x8d\x67\xc3\x5a\x86\x21\x09\xe9\x2b\x43\xa6\xec\x80\xc8\x83\x7b\x64\x9c\x08\xc7\xbb\xab\x77\x9c\x48\xc7\x65\x6d\x7a\xe7\x97\xba\xad\x04\xd1\x55\x14\xc0\x45\xa0\xb9\xfd\xc2\xc0\x96\xd6\x9b\x22\xc0\xc8\xb2\x8b\x51\x80\x85\x4b\x1f\xc5\xad\xc7\x08\xa5\xb2\x20\xf1\xca\xaf\xd9\x06\x84\x0e\x07\xbc\xe4\xdb\x26\x8e\x7e\xdf\x4e\x94\x04\xfb\xd4\xda\x4b\x9a\x93\x57\x00\x60\xf9\x56\x9f\x3f\xb6\x2f\x86\x0d\x71\xda\x15\x29\x55\x46\xa6\x2e\x49\x4a\x1b\x87\x22\xab\xf4\x75\x79\x80\x24\xcd\x03\x18\x48\xb1\xd2\xc9\xce\x93\x85\x3f\x94\xc1\x27\x3b\x5d\x60\x84\x2e\x46\x11\x01\x9b\xd3\x4a\x8c\x0b\x63\xff\xf3\x90\xb9\x75\x71\x71\xcb\x31\xaa\xbe\xa5\xf0\xe1\x0b\xdd\x1d\x61\x7b\x74\x83\x89\x3c\x88\xa2\x60\x9f\x62\x94\xb4\xef\xe4\x2d\x64\x9f\x6f\x63\x21\xb1\x48\x71\x7e\x1b\x5a\x48\xff\xce\xc9\xf9\xe5\xcf\xc2\x46\x23\x56\x0e\x8a\x3b\x0c\x6e\x44\xb8\x5e\xff\xe7\x0d\x5d\xa9\xa3\xc4\xbe\xd4\x9e\x52\xa1\xc0\x8a\xce\x6c\x48\x60\x23\xa1\x1a\x84\x8b\x85\x62\x0b\xd3\xc6\x87\x42\xf5\x5c\x91\x5f\x79\x3f\x04\x07\x0a\x3b\xce\xb1\x31\x4f\x11\x1d\x7d\x03\x2c\x09\x94\x01\x5b\xe8\xff\x10\x73\x56\xb9\xa6\x46\x14\xce\x4b\xc6\xcc\x18\x85\x7b\x04\x5a\xb6\x11\x99\x57\xec\x00\x3a\x0e\x75\xe4\x4b\x28\xcc\xff\x3d\x95\xd6\xf7\x3b\x25\xb5\x20\x45\x8b\x43\xec\xe5\x80\x23\x83\x3f\xa8\xe1\x38\xd9\x34\xf8\x00\xa2\x4f\xb2\x42\x69\x26\xe6\x38\xd3\x40\x3a\x01\xa9\x48\x64\x0b\x8e\x2d\x20\xa8\x84\x30\x12\x10\x3c\x1e\xfc\x40\xc8\xb2\x11\x91\x4d\xa9\x74\x99\x95\x35\xee\xee\xe5\xd9\xf0\x0f\x4d\x25\x5d\x3f\x1f\x9a\xc4\x76\x30\xf8\xd6\x0b\x86\x55\x85\x7c\xd0\x57\x6b\xc4\xaf\x86\xf1\x8d\x7e\xc8\x8a\x0b\x7d\x53\xba\x94\x05\xa0\x57\xc0\x0f\xa7\x48\xad\x52\x2a\x85\x47\x87\xba\x70\xeb\x71\x69\xe3\x58\x27\xdc\xdf\x1d\x32\xb1\xc8\xb6\x35\x8f\x2b\xd3\x6b\x70\x4d\x78\x6c\xe9\x6e\x8d\x3f\x81\x2a\xcd\x17\x57\x7e\x7f\xbe\xef\x4f\x31\x6b\x59\x56\xb9\x7a\xed\x9c\x19\xe4\x10\x41\xb7\x9d\xdf\x6d\xc1\x91\x47\x2c\xdc\xe8\xd1\x0f\x19\x6b\xa0\xb9\xf1\x7a\x20\x44\x01\x5a\x6c\xc9\x8e\xe2\x14\x50\x18\x04\x57\x21\x58\x06\x13\xa4\x60\xe5\xb5\xbe\xbc\x3a\x25\x55\xaa\x51\xa3\xcd\xdb\x0d\xe8\xc6\x24\x7b\x0f\x54\x7a\xc3\xbb\x8f\x84\x5f\x89\xab\x05\x1e\x04\x5a\x0f\x78\xdf\x7e\x12\x05\x4f\x6e\x89\x9c\xba\x3d\x22\xff\x98\x42\x38\xaf\x6a\x8b\x15\x96\xd8\x66\x26\xd5\x61\xea\x90\x45\x0f\xe8\x6d\x84\x23\x4a\xa0\xd5\x41\x33\x6f\x24\x33\xf8\x88\xb5\xb9\x89\x8e\x9f\x70\xc5\xd9\xb8\xd8\xfc\x37\x5f\xdd\x83\x91\x6c\x5a\x63\x99\x35\x3c\x81\x67\xc3\x1d\x0f\x09\xf6\x1e\x2a\x53\xf2\x14\x08\x68\xb4\x42\xeb\x58\x49\xc6\xa7\x04\xe4\x75\xea\xbb\xaf\xad\xdc\xaa\xb4\x83\x01\x89\x3e\x4e\x2f\x1d\x5e\x11\xcb\xc8\x6c\x79\xc9\x9e\x35\xa1\x04\xab\x36\x63\x2a\x77\xc6\x43\x8c\xd2\x9c\x0a\xcd\xcc\x6e\x75\x5e\xdb\xc2\xec\x7c\xed\x17\x03\x51\xc5\x11\x6c\xbf\xa8\xf4\x1d\xe8\x32\xb5\x84\xe9\xb8\xcc\x1a\x4e\x01\x1d\x0f\xdb\x8d\xda\x6b\x62\x48\xdc\x8c\x31\x6e\x36\x4c\x57\x52\xcd\x09\x1f\x5b\x27\x58\xad\xba\xfc\x83\xd5\xce\x2e\xc3\xa1\xfa\xee\x9b\x87\x53\x94\xe2\x5c\xe3\xc4\xd3\xe8\xbf\xfd\x79\x3f\xce\x7e\x42\x05\x07\xa2\xa6\x83\x39\x41\x96\x6b\x31\xf6\xcc\x14\xe3\x4a\xc3\x6a\x12\xf0\xc4\x81\x54\x24\x83\x34\xbd\x37\x73\xf2\x9e\x0a\x38\x43\x1e\xeb\x55\xb1\x91\xdd\xdf\xdf\x3a\x98\x5f\x06\x60\xc5\xfd\xc3\x68\x04\x69\xe4\x24\x31\x7c\x06\x8c\xfb\x74\xbd\x57\x30\xb7\x9b\xdf\x2a\xd3\xf8\x52\x04\x75\x86\x90\x85\xe6\x3d\xe0\x8d\xc9\x9b\x91\x9f\xd1\x8b\xcf\xab\xcc\x55\x29\xa3\x6e\x30\x00\x7a\x13\x11\x74\x5a\x95\xf2\xfe\x2f\xe2\xe9\x8a\xee\xd9\xb9\x90\xbc\x87\x81\xfa\x1f\x6b\x87\x52\xaf\x9a\x2c\x22\x11\x85\x35\xc5\x72\x91\x72\xfd\x71\xf7\x0a\x1f\xdb\x11\xc9\x03\xed\x35\x13\x26\xef\xc7\x79\xdd\xea\xf6\xad\xf3\x4e\x7e\x4d\xca\xcf\xfd\xb5\x73\x4f\xea\x5f\xe7\x27\xbc\xfd\x2c\x86\xed\x4b\xec\x34\x20\x64\x73\x53\x49\x79\x7a\x37\x96\x6f\xaa\xdb\x79\xbd\x88\x70\xdf\x58\x34\x48\x87\x6d\x33\x51\xf6\xec\x34\xda\xff\x7c\x87\x0e\x68\x66\x87\xe9\x07\x5d\x44\xc1\x53\xfd\xbb\xe7\xbf\xb5\xda\x70\x85\xdd\xba\x53\x3a\x15\x4a\x1a\x0c\xb5\x7c\x26\x41\xc4\x37\x75\xd6\x3b\x3d\x54\xf0\x38\xef\x8b\x7c\x30\x1e\xaa\xda\xca\xe7\xc3\xef\xf5\x9b\x8f\x23\x59\x9e\x96\x00\xa8\xf7\x61\xf7\xfa\xaf\xee\xac\xe8\xbb\xd1\x86\x17\x04\xef\x0d\x7f\x43\x96\xd1\x23\x62\x94\x1f\xb6\x57\x18\xcf\x9e\x2c\x43\x72\x49\x89\x31\xe4\x8e\x7c\xf4\x4e\x29\x4c\xd7\xdc\xa0\x06\xb2\x6f\x1d\xa1\xbe\xe8\xf6\x4b\x12\x3a\x63\x37\xc8\xf3\x3d\xfa\xf7\xa0\xb8\xe1\xdd\x72\x1b\x0b\xf2\x75\x7b\x61\x35\x69\xc1\x98\x48\xd7\xaf\xe5\x3a\x89\xe0\xf4\x83\xe6\xa2\x17\x4c\x35\x11\x61\x73\xc8\x19\x6d\x7d\xab\x13\x30\x70\xdd\x22\x62\xf4\x45\xf0\xf3\xc1\x62\x61\xd2\x6b\x0b\x14\xc1\xf1\xa3\x1f\x9a\xeb\x7c\x70\x59\xd8\x5e\x9a\xf0\x91\x85\xfe\xd1\xfa\xbd\xca\x36\xe1\x2e\x54\xd6\xd4\xc6\xa3\xc9\xd5\xb1\xed\x70\x4b\x1c\x0e\xcb\x19\x79\xf8\xbe\xb6\x31\x21\xf3\x8c\xfd\xfb\x34\xa8\xf1\xd4\x97\xda\x2d\xd2\xb8\x2e\xa2\xc4\x1f\xac\xba\x7f\x85\xa9\x6b\x49\x1a\xd4\x80\x93\xe6\x50\xff\x2b\x18\x99\x2a\x62\x26\xb6\xfe\x97\xf7\x7e\x11\x8f\xcb\x4f\x10\xfc\xbc\x27\x6d\x85\x97\x7b\x4a\xc3\x6f\xf4\xaa\x9b\xe2\x53\xeb\xa9\xa1\x58\x6f\xef\xa0\xd4\x76\x5d\xe6\xcd\xb1\xc7\xc4\x0f\x2c\x86\x71\x1d\xfd\xca\x5e\xca\x6c\x6e\x7d\x0e\x2d\x6f\x81\xe8\xfe\x4b\x88\x66\x73\x75\xad\x7b\xde\x7e\x51\x63\x8e\x33\xd8\xcd\xf8\x68\xaa\x92\x6f\x98\x15\xd4\xb1\x5b\x89\x1c\x4d\xf3\xad\x47\xb4\xf6\x1b\xc9\xe2\x28\x4a\x34\x68\xa9\x6b\x98\xdb\xd2\x98\x09\xae\x8e\xad\xc9\x5d\x62\x09\x60\x5c\xc0\xeb\x0f\xc6\xb8\x95\xaa\x0d\x79\x83\x8d\x6c\xce\x8a\x42\xe8\xd8\x76\x9a\xc1\xd9\xea\xc1\xf7\x9c\xfd\xe8\x72\x05\x98\xd7\x7a\x39\x99\x92\x4e\xf0\x7d\xfc\x6b\x66\x9e\x50\xe9\xe6\x35\xfc\x92\x5a\x20\x03\x4a\x1f\xc1\x83\xbf\x75\x69\xca\x81\xb1\x5d\x53\x1f\x2e\xf5\xda\x0e\x75\xa4\x9b\x43\x91\xd1\x12\xb9\xf7\x84\xe6\xe6\xd4\xa7\xc6\x5f\xbc\xd8\x44\x64\xd7\x0b\xd9\x66\x39\x49\xdb\xbf\xb2\x20\xcf\x6f\xbf\xc4\xac\x40\xfa\x23\xda\x88\xa7\xb8\x08\x12\xac\x19\xf1\xde\xf1\x6d\x68\x00\x27\xda\xde\xd4\x9c\x48\x16\xa6\x9e\x18\xcf\xc8\xff\xea\xdd\x4a\x1a\xd6\xb3\xcc\x3e\x4d\x55\x7d\x45\x14\x50\x34\x6b\x3a\x28\xb2\x43\x41\x4e\x46\x92\xf4\x8a\x0e\xe2\x3a\x2f\x9e\x9f\x58\xe8\x98\xed\xa2\x06\x63\xd5\xf7\xb2\x2f\x21\xf4\xbc\x5b\xe3\x30\x74\x7b\x50\xc7\xea\xe8\x8a\x4f\xae\x88\x3d\xac\x89\x0f\x9a\xef\x99\x76\x59\xfc\x43\x01\x91\xb6\x60\x7d\xbc\x84\x97\x80\x2b\x65\xf5\xcd\x42\xfa\x8e\x11\xc6\x80\x4f\xd3\x72\x32\xe7\x0a\x37\x20\xfd\x51\x60\x71\x4e\x5f\xf2\xb8\x67\xc4\x3f\x10\x6e\x49\xd2\xab\x58\x17\x42\x56\xe2\x49\x24\xb9\xcd\xcd\xe1\x5f\xfe\x84\xc4\xd2\x0c\x46\xa5\x9e\x8f\x37\xf3\xe1\x59\x0a\x64\x40\xa6\xe5\x24\xba\x70\xea\x67\x4a\xd1\x8b\xf1\x2c\xc1\xf9\x0c\xf9\xe0\x7b\x85\x57\x3c\xa6\x5c\xa0\x2e\xdb\x0d\xde\x1f\x76\x92\x78\x73\xab\xf7\xba\xb0\x4c\xb6\x0c\xfc\xa9\xcb\xb4\x2d\x0a\x5f\xe3\x6d\xdf\x6d\x04\x70\x6d\x34\x6a\x3c\xb5\x91\x8b\xdb\xce\xf9\x3c\xa0\x97\x48\x8a\x54\xd1\x36\x40\x64\xc7\x0b\x82\xed\x77\xb4\x21\x10\xd3\x81\x90\x9e\x32\xf1\xf9\xa9\xa1\x24\x0d\x23\x78\x35\xa2\x28\xda\x21\xde\x02\x7d\x0b\x71\xaa\xed\x9c\x8a\x2c\xde\xb9\x02\x69\x7e\xbb\xea\xe8\x13\x59\xac\x8f\xff\xd6\xfe\x7b\x4a\x27\x83\xc4\x5f\xe8\xbf\x54\x9a\xe6\x6b\xa6\xd5\xd2\xd6\x6d\x7a\xf7\x5a\x2f\x28\xd6\x3b\x7a\xe9\x70\xa4\x10\xbf\x37\xf4\x6a\xc8\x57\xfa\xce\xf0\x7c\x58\xf1\xfa\xc4\x72\xd9\xf3\x78\x81\x22\x3d\xe7\x55\x68\x34\x17\x3a\xc3\xa2\xde\x10\x22\x56\xcc\x05\x31\xf3\xde\x5a\x9f\x49\x96\xa2\xe0\x9c\x3a\x1c\xa0\x51\xac\x7a\xf0\x5b\xa5\xcb\x60\xcc\xc6\xbf\x9c\x10\x49\x17\x3c\x2f\x8c\x42\x92\xe6\xbf\x6f\xbf\xb9\xf4\x5a\x5a\x1c\x95\x04\xdb\x6d\x7e\xbf\xfb\x84\x89\x1f\xcf\x62\xb9\x29\x65\x24\x95\x22\xf8\x99\xf5\xcb\x9b\x1f\x6b\x76\xf0\xc5\x85\x6e\x0f\x4e\x11\xd9\x0c\xbd\x25\x44\x18\xe0\x19\xc5\x80\xd8\xb8\xfe\xa4\x10\x74\x79\x42\x59\x89\xb6\xbb\xdc\xb8\x2a\xa5\x40\xce\x9c\x33\x74\xce\x6c\x03\xf5\x61\x76\x1d\x3d\x6c\x57\x35\x2f\x02\xba\xfe\x18\x3a\x7c\x22\xdf\xa9\xf6\xbc\xbd\x39\x51\x80\xd5\xc5\xbd\x22\xf1\x85\xb9\xac\x98\x3a\x33\xd1\x2f\x94\x0d\x26\xbf\x18\xa6\xb7\x25\x2f\xd9\x61\xe2\xdc\x96\xf2\x44\xe7\xc0\xe7\x75\x4c\x55\x9a\x14\xa8\xc4\x1b\xe2\xf9\x78\x40\x8d\x30\x18\x32\xf3\xdb\xb1\x38\xb2\x5b\xce\x67\xf3\x4e\x7e\xf5\x4e\x26\xac\xb2\xaa\x16\x0a\x28\x2a\x6b\xfa\x80\xe9\xf2\x07\x92\x7e\xb1\x4e\x7d\xaf\x2d\xca\x53\xb2\x78\xfa\x44\x71\xfd\x81\x30\x94\x68\xea\x70\x1c\x3b\xf3\xaf\xd8\x11\xe2\x48\xd1\xec\x50\xc4\xea\xb2\x53\x2a\xa3\x0a\xd2\xde\xde\x4a\x21\x79\x83\x6f\xb5\xaa\xe5\x25\x42\xb4\x6f\xb1\xf3\x63\xaf\x0d\xd9\x32\xad\x34\xdc\xe4\x6a\xa6\x77\xc7\x75\x25\xf6\x2b\xa2\x34\x65\x52\xec\xc9\xe8\x36\xd1\x7a\x59\x66\x18\xc8\x5a\x77\x5a\x1b\xbe\xa3\x3d\xf6\x8b\x97\x62\x38\x87\xb5\x40\xa6\x36\xaf\x68\xeb\xa5\x42\x6f\x04\x81\x72\x63\x98\x0e\x48\xca\x72\x8b\x49\x81\xb6\xbd\xea\x7f\xec\x9d\xfb\xda\x0f\x61\xe0\x3d\xaa\x73\xdb\x61\x12\x1b\x32\xf8\x19\x37\xba\x05\x22\xcc\x29\x23\x81\x45\x7d\x77\xcd\x32\x8a\xa4\xc7\xcd\x62\xc0\xcf\x68\x4a\x90\xe2\xef\xef\x11\x37\xb7\xee\x9e\x3e\x7b\x57\xb9\x35\xd1\xc7\xed\xc1\xde\x00\xac\xbb\xfc\x90\x39\x7c\x37\x60\xb8\xed\x8e\x26\x05\x93\xa8\x06\x3b\x04\x46\x04\x69\x10\x2f\x11\x90\xfe\xbc\x1f\xac\xed\x7b\xa5\x00\xca\xcb\xb6\x91\x36\x10\xfb\xa6\x3e\x82\x44\x34\x66\x35\xe1\x00\x68\x20\xa4\x76\x20\x04\x16\xa1\x48\x07\x81\x05\x20\xae\x1e\x6a\x72\xf0\xe0\x3a\x94\x1a\xa5\x40\x09\xe6\xe7\x2c\x66\x76\xef\x1a\xfe\x1b\x03\x95\x29\xc5\xb9\xd1\xb8\x46\x17\xc3\x24\x0d\x8c\x46\x1e\xfb\x75\x2b\xbe\xdd\xba\x6e\x29\xbc\xe2\x47\x48\x9e\x08\x1d\xd1\x71\x18\x8c\xc9\x80\x9f\xd9\x84\x83\x20\x55\x5a\x12\xc8\xd1\x20\x80\x37\x55\xaf\x80\x20\x51\xe8\x53\xe9\xd6\xd8\x4a\x9c\x5b\x48\x26\x7d\x1a\xfe\x9a\x39\x07\xe3\xbd\x92\x6d\x06\x7a\xb1\xe7\x30\xe1\x52\xa0\xe5\x30\x9c\x1b\x82\xca\x9f\xbf\x9c\xaa\x3d\x9e\xda\x21\xa6\xcb\x26\xc2\x32\xaf\x66\x0b\x31\x5e\x22\xf3\x72\xeb\x2f\xd9\x8b\x41\x8b\xea\xce\xec\xfa\xaf\xd6\xc2\xfd\x7a\xb6\xa6\xec\xb2\x62\x2c\x5e\xe6\x8d\xee\x2d\xe9\xd2\x92\xa0\xb7\xb0\x10\xfe\x84\x95\xeb\x34\x86\x24\xf4\x1f\x28\xe7\x8b\x67\xcf\x08\xa0\x50\x66\x83\xb9\x57\x56\x90\x7a\xe1\x5f\x5d\xef\xd8\xd2\xf7\xd8\x08\x84\x06\xb4\x46\x55\xda\xf9\xd4\xb8\x7b\xd7\xac\xc7\x0f\x7f\x4d\x02\xa8\xd7\x06\xad\x19\x77\x53\x86\x39\xfd\xeb\x97\xd0\xf8\xe1\x4f\x22\x01\x90\x1d\x6e\x3e\x31\x20\x21\x1e\x84\x13\xcd\x76\xfc\x17\x7d\x4f\x0f\xe4\xb2\x65\x4a\x22\xc9\xa7\x07\xa1\x52\x92\x46\x01\x81\x86\x54\xcd\x77\x20\x1a\x1f\x67\xa0\xef\xf5\xbf\x4b\x1a\x1f\xb8\xdf\x83\x29\x80\x8d\xb8\xf1\x15\x8f\xe4\xe5\x4f\x13\x08\xdc\xf5\x61\xa3\x5c\x08\xd9\xd8\x29\xb3\x6b\x6e\xf2\xcb\x23\x41\xef\x64\x7a\x8a\x25\x3f\xb2\x41\xa9\x59\x5c\x77\x10\x39\xa5\x5f\xd4\xf7\xe0\x05\xa8\xe1\x88\x2f\x39\x24\x7e\xc6\x2c\x61\xc0\x98\xb5\x4e\x24\xd6\x11\xc0\xeb\xc1\x00\x75\xf2\x7c\xab\x54\x23\x9a\x77\x20\xa7\xc7\x52\x96\x15\x7f\xb2\x5c\xbb\x12\xfc\xc7\x79\xff\x1d\xec\xd9\x64\xce\xbc\x47\x28\x88\x47\x16\xfe\xe4\xe1\xcf\xb4\x23\xd0\x42\xa3\x85\x52\xac\x32\x1a\x70\xb3\x98\x92\x33\x1b\xf1\x3f\x89\x0a\x8c\xaf\xb2\xef\xdc\x82\xce\x16\xca\x4b\x4b\x7a\xc1\xa4\x09\x82\x24\x6c\x16\x8d\x2b\xae\xcc\x5f\x32\xdb\x27\x65\x41\x3b\x06\x59\xb5\xd3\xf6\xf7\x97\xb3\x23\x0e\x8b\x88\x63\x24\x37\xf6\xad\x30\x47\x4a\x64\x7b\xd5\x1e\xc4\x97\xe7\x80\x89\x25\x27\xa2\x01\xd2\x5d\xf6\x4d\x20\xff\xd8\xb8\x16\x97\x21\x49\xea\x6a\xc0\x2b\x32\x4d\xbd\x85\x65\x6c\xf1\x3e\x33\x49\xfa\x60\x6a\x54\xd4\x1c\xd5\x94\x40\xa5\xb5\x53\x9f\x41\xc9\x44\x51\xc2\x50\xdf\x71\x20\x73\x94\x54\x9e\x86\x15\x04\x1b\xf1\x29\x55\x57\x7a\xb1\x99\x63\xb1\x99\xb3\x0a\x24\x4a\x0e\xb4\xbe\x7d\x52\xde\xfc\x4f\xa3\x69\x7a\xba\xd0\x31\xec\x17\x22\x9a\x70\xa0\xf0\xe2\x35\x37\xc9\x0e\xa8\x37\xf5\xa6\xd2\xcb\x99\x45\x0f\xbf\xd3\x73\x59\x73\xbe\x3a\x46\x11\x64\x01\x74\xe0\x3c\x1f\x32\xfe\x9e\x17\x0d\xcb\x73\x30\xf9\x7f\xc3\xe5\xea\x5a\x8d\x29\xd4\x5f\xa6\x95\x72\xc4\x54\x5c\xd7\x73\x53\x97\xfc\x9a\xeb\xf7\x79\xe8\xfd\x4d\xdc\x40\x1f\x5f\x28\x11\x9b\x1d\x1e\xd5\xb7\x5f\x6c\x2f\x92\xb4\x17\x3b\x9f\x8b\xa9\x75\x2a\xf8\x95\x32\x2b\x3b\x72\x69\x4a\x21\x9c\x21\x24\x4e\x00\xf6\x62\xeb\x40\x23\x43\x72\x62\x88\xd0\x48\xbe\x9f\xe4\x40\x69\x58\xb3\xe1\xb1\xa6\xe3\xc6\x5b\xc5\xfd\x0c\x0d\x23\xd8\x29\x6f\xc3\x85\xe5\xc1\x85\xf1\xe5\x12\x8f\x01\x8b\xf5\xef\xd5\xe6\xa1\x79\xd0\x61\xb9\x7a\x27\x7f\x3e\x6c\xd8\xe8\x9a\x8e\x3d\x19\xbe\x40\x55\xee\x48\x15\xa1\x34\xd9\xc1\xc4\x6b\x6e\x0e\x93\x3f\x23\x75\x4d\xd4\x87\x53\x60\x8a\x34\x73\xac\x3f\x5e\x8b\xab\xae\xb0\x33\x97\x6c\x66\x92\x10\x0d\xe2\x65\xf4\x79\x10\x84\x77\x46\x57\xd3\x87\x83\x4f\xca\x89\xef\x7f\xda\xc5\x47\x7d\x6b\xf4\x27\x07\xe0\xc5\x15\xac\xd6\x97\xa3\x48\x51\x17\xbc\x0d\x19\xab\xf5\x61\xcd\x4d\x55\x3a\xff\xc9\x9f\x5e\x5a\x12\x2d\x08\xfe\x29\x54\x02\xcf\xa2\x74\xf3\x30\xb7\x77\xa2\x19\x52\x52\x5f\xd8\x9c\x50\xf2\x0a\xe6\xbb\xdb\x9c\x80\xe5\xe6\x4d\x6c\x84\x37\xbc\x8a\x52\x69\x8f\xcf\x72\x02\x63\x3b\xd2\x3b\xaf\xea\x95\x1d\x08\x7d\xa2\x20\x79\x80\x01\x02\x1f\x64\x79\xfa\xf0\x4b\x57\xca\x06\x13\x40\xa5\x0c\x50\x7f\xb8\x41\x92\x6b\x4d\xae\x0e\xd5\x0b\xe1\x42\xf3\xe8\xdf\x79\xd4\x10\x26\x19\xc9\x99\x0d\x78\xf8\x03\x26\x49\xeb\xf1\x32\x61\x9d\xc5\x26\xf0\x3d\x77\x80\xd8\x3f\x83\x29\x08\x82\x8c\x85\x81\x6b\xc2\x78\x19\x94\xb9\xee\xe7\x40\x61\xcb\x91\xac\x10\x88\x6e\xff\x01\x84\xda\xad\xf7\x81\x12\x3b\x29\x21\x1c\xf3\x49\xa0\xf0\x63\xf7\xe1\x26\x8a\xcc\x80\x0e\xd9\xf5\x7f\x4c\x2f\xcc\xbe\xc0\xe2\xbf\x2f\x79\x81\xdc\xba\x81\xcc\x19\x7e\x7e\xc0\xde\x78\xd9\x38\xa2\x10\xcb\x75\xcb\x39\xcd\x4e\x0f\x07\x59\x2c\x44\x19\x9d\x57\xb4\xed\x88\x71\xe2\x7b\x66\x7c\xc9\xe3\x5f\x00\x71\x9c\xd7\x46\xae\x84\xd9\xf4\x80\x34\x83\x12\x80\x5a\xa5\xa5\x76\x2a\x4f\xaa\xcd\x9c\xf6\xca\x6a\xc5\x8d\x76\x83\xdd\x18\x29\x14\xc0\xb0\x38\xcc\x7b\x3e\x65\xfb\x8a\xbc\x01\xb2\xf9\x51\x26\x7d\xc5\x4a\x4a\xdf\x36\x52\xf2\xc1\x0a\xff\xcb\xdb\xac\x84\xb8\xd6\x63\x96\x4a\x46\x03\xc0\x10\xc3\xb4\xee\xf1\x76\x83\x6b\xea\x4b\xa1\xbf\xbf\x71\x94\x55\x5d\x3b\x3c\x49\x31\xb5\x52\xb3\x29\x5d\x9e\xc9\xa2\xbd\x23\xdd\x86\x62\x1d\x6f\x26\x6f\x63\xb9\xe1\x07\x81\xff\x34\xec\x5f\x8c\xb9\xf2\xb4\x90\xe5\xac\x8b\x7c\x40\x3c\x69\x51\x49\x2a\x5e\x70\x9d\x83\x02\x95\x79\x44\x25\xba\xe0\xe6\x02\x5d\x8f\x4c\xc2\x20\x88\x92\x03\xd5\xf8\x2f\x91\xa5\xc0\xd5\x11\x75\x78\x65\x64\xc6\x3c\xf5\xbb\x88\x05\x1f\x4d\x3e\xcd\xa0\x10\x14\x28\x42\xd6\xfc\xae\xea\x09\x0e\x29\x84\xe6\xb5\xd4\x5a\x6c\xfb\x1b\x7f\xaa\x35\x79\xae\xcf\x9e\x7b\x3f\xa5\xa1\x2b\x87\x15\x23\x6c\x53\x64\x9e\x8d\x9b\xde\xc8\x80\xc5\x1f\xf3\x6a\xd3\xb7\x50\x13\x43\xc6\xb1\xc8\x36\x9c\xfb\x97\x5c\xe6\x45\x90\x9b\xd5\x68\xf6\x9f\x68\xff\xd1\xf7\xc4\x84\xc2\x3d\x2d\x68\x5a\xa1\x75\x84\x92\x8c\x42\x23\x2c\xa3\xb0\xae\xc4\xdf\x77\x1f\x6a\xae\x16\x66\x06\x02\xe6\xaf\xbe\xe9\x2c\xeb\xf4\x7b\xd0\x95\x56\x87\xc5\xd6\xdd\x72\xb2\xe9\xb1\xc8\x9e\xa5\xc8\x9e\x10\x9b\x42\x5f\x79\x20\x39\x5f\xb2\xa3\x1b\x0c\x90\xe0\xf9\x2d\x3e\xf6\x63\x64\x25\xd4\xbc\xde\xc1\x00\xa6\xb1\xbc\x67\xf8\x42\x61\x50\xfe\x14\x9a\x0f\x67\x2a\x46\x17\x42\xac\xe3\x03\xf7\x1b\xcb\xbd\x0b\x5f\xff\xec\xd7\xee\x77\xe7\xf4\x43\x0a\x88\x04\xda\xf2\xa0\x59\x4d\x7f\xf6\xa8\x84\x01\x9b\x5d\xb3\x28\x08\xbd\x27\x06\x03\x9e\x44\x5a\xaf\xe8\x78\x14\x9d\xf8\x36\xb4\x30\x37\xc3\x87\x21\xef\xa1\xa6\x3d\x08\xed\xae\x3e\xb2\xfb\xda\x8f\x48\xcc\x89\x48\xeb\x59\x60\xe1\x10\x7a\x74\x2f\xe5\xfa\x92\x7f\xca\x6c\xc4\xce\x6b\xf7\x1b\x05\x01\x3d\x94\x90\x15\x45\x76\xc4\x19\x9c\x08\x20\x85\x44\x2b\x2b\x2a\x53\x2a\x00\x50\xb6\x95\x73\xe2\x8e\x1e\x5f\x4c\x57\x62\xe4\xcd\xe4\x98\xda\xfe\x63\x34\xff\xa9\xfe\x74\xc4\x6f\xe5\x65\x49\xc3\x13\x2b\xa5\x13\xab\xa4\x01\xef\xe9\x3c\xac\x3a\x7f\x51\x3d\xa5\xba\x13\xfa\xfc\x52\xb2\x78\xe1\x15\x13\xd9\x3a\x7e\xf0\x14\x61\x6b\x46\xf1\x2b\x0f\x3d\x79\x20\x92\xd6\x3e\xc1\xc4\xe2\xf0\xe6\x82\xdf\xf6\xf6\x5f\x9d\x21\x6b\xa3\xb2\x16\x00\x00\x55\x4b\xe5\x64\xd9\xfb\x6d\x0c\xb6\x32\x27\xa0\x7a\x4a\x99\xe3\x6c\x2c\xb7\x1c\xb8\xcc\xea\x6b\x97\x79\x88\x83\xdf\x7d\x53\xdb\x27\x3f\xdf\x99\x39\x92\x31\x19\x6b\x71\xb9\x20\x5a\x7f\xa0\xbd\x56\xa4\x3f\x34\x1b\x79\xdb\xe6\x51\xdb\x24\xda\x3f\x8f\xd8\xc5\x7e\xa5\xec\x98\xae\x74\x0f\xc8\x27\x7d\x1c\xf3\x7a\x12\x5b\x30\xa0\x4b\x8c\xc3\x0a\x8a\xda\x6d\x2b\x79\xea\xa1\x22\xf8\x42\x77\xef\x89\xa5\xfb\xd4\xac\x32\x0c\x53\x33\xc2\x20\xd8\x81\x3d\xa1\x42\x81\xa9\xdc\xbc\xba\xe3\xe7\x05\x41\x10\xa4\x70\x79\xf5\x1e\xac\x31\xf6\x01\xe4\xa8\xf2\xae\xeb\xba\xea\xc2\xbc\xb0\x32\x28\x31\xf0\xf3\xac\xaa\xb9\xbd\x08\x73\x43\xbf\xe0\xbf\xd8\x1d\x6e\xcb\xe4\x01\x73\x08\x31\xf9\x88\x7f\xc7\x36\x2a\x6b\x7a\x6e\x35\x26\x73\xa7\x51\xfb\x12\x7b\x57\x5e\xb2\x43\xff\xce\xac\x90\x47\x8f\xf9\x1d\xc6\xf8\xd9\x0c\x39\x6f\x0f\x05\x38\x72\xd7\x25\x5f\x3d\xbb\xc2\xc1\x33\x19\xcf\x92\x4b\xe0\x8a\x8f\xee\x09\x83\xc2\xf9\x03\x22\x68\x0f\x86\x6a\x41\xa4\xc1\xef\x54\xb7\x8c\x6c\xb7\xc2\xae\x71\xdf\xf8\x25\x34\x48\x5f\x2f\xbe\x16\xe6\xe4\x86\x0f\x0e\x11\xa6\xc4\x53\x40\x65\xbe\x74\xe7\x2d\x6b\x32\x42\x3f\x85\x8b\x23\x6e\x51\xed\x9e\x17\xb0\x15\xcd\xef\x49\xb1\x05\x44\xe3\xe5\x2f\xc5\xd2\x50\xbe\x54\xfd\x2f\xff\xb2\x75\x2c\xd6\xc2\x18\xc2\x6f\xbf\x94\x3a\x63\xbb\x03\x40\x43\xbd\xb8\x19\x71\x6e\x4a\x58\x7a\x1a\x0d\x8c\x16\x68\xc1\x1c\x99\x0b\x1d\x4a\xe5\x5f\x04\xec\x07\x3f\x5b\xd0\x84\x40\x71\xa7\x97\x8d\xfd\xc4\xec\x07\xf2\xef\xfe\x2f\x1b\x8b\x0d\xb8\xf0\x7c\x96\xf5\x7a\x2a\xaa\xa7\xae\x81\xa6\x9b\x20\x68\xaf\x1f\x70\xd0\xac\x9d\x99\xe3\x0c\xe7\xb2\x60\x9a\x32\x63\xdb\x61\x84\xd9\x79\x54\xb7\x9f\x81\x98\x2a\xc4\x09\x1b\x8b\x0b\xe1\xd8\x84\x9d\x49\xd2\x38\xbf\x85\x48\x47\x67\x89\xa9\x43\x73\x21\x66\x70\x48\xf0\xbc\x93\xa6\x0d\x7f\xae\xf4\x96\xae\xb1\xc4\x76\xc3\xab\x72\x41\x52\xa6\x52\x69\x6c\xf6\x99\x71\xea\x67\xf6\x38\xb6\x33\x21\x33\x70\x50\xef\xf0\xce\xb2\x35\xcd\x07\x4b\x67\xdc\x14\xc7\xfc\xe3\x7b\x91\xed\x1d\xd5\x36\x91\x43\x6c\x1a\xe6\x0d\x83\x7e\x91\x39\x93\xb1\x83\xda\x95\x41\x8b\x04\xea\x99\x61\x69\x99\x83\x72\x7e\x2c\xf5\xe1\x29\xf7\x64\x74\x04\x47\x0c\x86\xa5\x70\x50\x3e\x7b\xb0\x4b\x3e\xbd\x1e\xf7\x03\xeb\xf8\xd7\xaf\xc4\xfe\xd9\x29\xaf\x17\x0f\x5d\x0a\x0e\x04\x5b\x6e\xa2\xc3\x8e\x1f\xe8\x2e\xb1\xc5\x2a\x57\x0f\xfa\xe4\x51\xab\x5b\xc2\x59\x38\x5b\xd3\xb3\xe0\x75\xb5\x3c\x9a\x35\x75\xd8\x2f\xd0\x2c\xe1\x7c\x07\xe1\x5a\x45\xad\xbc\x2d\x43\x4b\x16\xde\x0d\x02\x3f\xd0\x1e\x92\xbe\x09\x4b\xf4\x95\xdf\x9f\xdf\xd9\x06\x84\x66\xdb\x2e\x9e\x91\xc2\x2a\xa2\x00\x36\xb4\x6c\x59\xd5\x76\xa6\x4d\xd2\x13\x61\xfe\x06\xb6\x60\x4b\x7c\x96\xcf\x57\x57\xf6\xe2\x3d\xf4\x7f\x32\x6c\x78\xfe\xb5\xcb\x6e\x5e\xe9\x4c\x48\x71\x5a\x7b\xeb\xc6\xc7\x8a\x6f\x3a\xab\x6a\x2b\x5f\x9f\x9f\x96\xd3\x09\x5b\xe7\xbe\xfd\x76\x34\xa3\x94\x15\xa8\x23\x2c\x26\xed\xfa\x6f\x3c\x92\x9b\x7a\x44\x19\x1d\x92\x83\x05\x48\x04\x32\x8c\xf6\x3b\x55\xde\xc6\xfe\xd8\xc3\x13\x13\x4a\xff\x84\xc7\x0f\x58\xbb\xfe\x29\x9a\xdb\xaf\xeb\xaa\x76\x4c\xaa\xda\xc2\xdf\x9a\x69\xe3\xb1\xa6\x4b\x23\x1c\xce\x7a\x95\x77\x40\xb6\x3c\xfa\xcc\x0e\x2c\xf7\x19\xb4\x4a\x5e\xd9\xc7\x73\x19\xc7\xf4\x31\xbf\x49\x0e\xe7\x9a\x8f\xb7\x83\x73\xff\x6f\x7f\x00\x4c\x0e\xe7\x5a\x1e\xe2\xe4\xb1\x03\x7f\x80\x1b\x4c\x8a\x62\xd2\x33\x37\xa5\x02\xc1\xcf\x0f\x2c\x3b\x37\x1c\x25\xa4\x00\x57\x11\x48\x26\x9a\x61\x6a\xd0\x78\x47\x57\x59\x9b\xe3\xb6\x64\x83\x29\xd2\xfc\x6a\xa2\x63\x7d\xc1\x76\xf8\xc4\x0e\xe0\xa2\x3a\xa7\x2f\x81\x4f\x34\x3b\x34\x17\x7e\x32\x57\x69\xe7\x55\x5d\xf5\x46\x0e\x3d\xcd\x40\xf6\x38\x75\xe7\xcd\xfa\xd7\x3c\xe0\x01\xbb\x9e\x95\xa9\xca\xe2\xea\x6d\xc5\x4c\x77\x46\x79\x2c\x69\xb3\x91\x30\xb7\x96\x7f\xf8\xa5\x5a\x9e\xba\xe5\x4f\x94\x2a\x3d\xc3\x57\x94\x58\x39\xb7\x51\x69\x63\x53\xf2\xe6\x5a\xc5\x39\x28\x5b\x0c\x91\x6e\x61\x20\xe3\xf8\x50\x0d\x38\x15\x3e\x32\x65\xd1\x95\xe2\xdc\xc4\x80\xfb\x14\x81\x59\x7f\xdd\x83\xb7\xa0\x57\xff\x44\x1e\x26\xfe\xd5\xf0\x56\xb6\x76\xfd\x51\xf9\x09\xb4\xcd\xda\xfe\xef\xbf\xef\xa7\x23\x01\x9b\x84\x7f\x03\x98\xb1\xd3\x83\x40\xd1\x53\xbe\x19\x37\xe7\x45\xb1\x3e\x99\x62\x26\x6e\x9d\x0b\xf7\x49\xe9\xdc\xf4\x4d\xf4\x9c\x8a\x3d\xae\x13\xaf\x26\x17\x84\xec\x05\x1a\xdc\x82\x99\xb5\x2e\xa8\xe1\x58\xdf\x29\x51\x82\x72\xe2\x33\xac\xc5\xc5\x12\x1a\xa5\x27\xfc\x55\x7c\x99\xfe\x12\x06\xba\x4f\x44\x9b\xe1\x4e\xa5\xf7\x26\x3e\xb7\xbc\x9b\x81\x33\xf5\xdb\x1f\x0a\xa8\x84\x66\xb1\xbf\x3a\xef\x6a\x38\xe7\x40\x0d\xa2\x2d\x2f\x47\x7f\xb7\xae\x83\xda\x4d\xeb\xa3\x47\x5d\xca\x4b\xcb\x12\xb5\xaa\xeb\xc2\x47\x7a\xc5\xaf\x07\x4e\x9a\x8d\x93\xc6\x90\x60\x4a\xd2\x6e\x8a\x5c\x23\x40\x82\x0d\x77\x31\x12\x25\x6f\xae\x0b\x98\xcd\x0a\xbf\x9e\xff\x7c\xf8\x28\x21\xb2\x40\x3b\xbc\x94\x0f\xfe\xd2\xfe\xf8\x68\x0b\xd6\x4f\xeb\x7e\xe1\x03\x80\x3a\x79\x98\x9f\x8c\xdc\x83\x3d\xfe\x13\x4c\x04\x8e\x61\x8a\x2c\xa5\x01\xfe\xe1\xec\xf7\xd0\x70\xb1\x64\x2b\xb1\x6f\xcc\x3b\x04\xc3\x90\x70\xde\xc9\x31\x82\xd0\x33\x56\xd3\x7f\xbd\xc8\xb3\x84\xb9\xed\x96\xb7\x91\x77\x92\x2d\xec\xf0\x03\xdd\xb1\x90\xbc\x03\x61\x06\x97\xcc\xaf\xfe\x6d\x9a\x01\x3f\xe5\x57\xaa\xbf\x05\x03\xc0\xf6\x46\xc2\x2f\x5e\x04\x2e\x37\xa4\x85\x19\x92\x30\x78\x7c\x9b\x1f\x08\x92\x04\xaa\xa3\x69\x38\x46\xae\xf7\x7a\x35\xd8\xe5\x00\xe6\x3b\xd9\x81\x4c\x5f\x8e\xdf\x4c\x31\xf4\xdc\x07\xc2\x1b\xe3\x6e\x31\x39\x48\xc1\x2f\x59\xbc\xa6\xeb\xca\x2c\x94\x5f\xcf\xec\x47\x53\x58\x81\x08\xe4\x53\x9c\xc8\x1d\x3e\x50\x4b\x62\x35\x6d\x41\x44\x07\x05\x5b\x82\xd4\xb2\x1a\x6d\xf0\xfb\xb3\xa9\xcc\x6e\x25\xf5\xdd\xd7\x33\xc2\xcc\xfc\x33\x46\xda\xb9\x81\xfc\x63\x46\x73\x5e\x95\xf6\xcf\x2b\xdb\xba\x84\x9d\x68\xfe\xc7\x94\x0b\xf9\x7f\x2c\x9d\xb5\xd6\xb4\xcc\x12\x85\x2f\x88\x00\xb7\x10\x67\x70\xb7\x0c\x77\x77\xae\xfe\xac\xf7\xfb\xcf\x24\x93\x0c\x2c\x56\x4f\x57\xed\x67\x37\xd5\xd5\xfe\x20\x3b\xd4\x6b\xbd\x6f\xcc\xd5\x25\x3f\xd2\xce\x35\x33\x70\x64\x43\xc7\x2f\x35\x18\x0f\x9b\xc2\x66\x76\xb9\x66\x17\x40\x4e\x12\x64\x72\x2d\xe4\x00\x36\x52\xae\x5e\xd3\x71\x49\x09\xba\x94\x38\xe1\x0f\x34\xdf\x2f\x6f\x9c\x19\xc9\xac\xc9\xd6\xcf\x11\x6f\xe3\x50\x74\x7c\x85\xdd\x43\xd5\xdd\xb7\x10\x5e\x38\x6f\x48\xa9\xdc\xc2\x38\xb6\x21\x95\x3a\x84\xe3\x07\xb1\x5f\x84\x74\x8e\x96\xc0\xda\xbc\xc6\x0b\xe6\x38\x99\xa9\x32\x10\x8c\x8a\x8d\x4c\x93\x38\xff\xd7\x7d\x38\x45\xb2\xdb\xc0\xf3\x6f\xf2\xb4\xcc\x94\xa8\x0a\x0e\x5a\x1d\x86\x98\x73\x66\x37\x59\x71\x22\x6c\xfa\x2e\x15\x7e\x01\x46\xe7\xc3\x62\x6e\xea\xbc\xf1\x6f\xbd\x6a\xdf\x98\x87\x9e\x59\xb6\xab\x22\xb8\x31\x21\x6d\xc4\xcb\xa4\xbc\x26\x47\xe9\xb7\x8b\xc1\x40\xd1\x9c\x3e\xcc\x58\x81\xa9\x33\xe1\x38\x17\x63\xff\x57\xb7\xec\x90\x84\x21\x9a\x1d\x18\x75\x5a\x20\xb3\x36\xfe\x36\xbc\x4f\x79\xc9\xe4\x71\x5e\x30\x49\xc3\x08\x95\xab\x62\x1c\x1c\xea\x32\x48\xa6\xb0\x20\x05\x13\x73\xdc\xbe\x0c\xcc\xfc\xef\x37\xfb\x13\xb3\xc6\x71\x90\xa6\xc4\xb3\x0f\xf8\x52\x1d\x7f\xbb\xc2\xd1\xc4\xa1\x4c\xa1\x51\xc3\xdc\x5e\x72\x20\x6d\xbd\xa8\xa9\xf4\xb4\xca\xdd\xb5\xd5\x83\x85\x34\x17\x48\xab\x3f\x28\x36\x55\x5a\x3a\xd3\x35\x30\x23\x22\xc2\x30\x2b\x6d\x3c\xca\xde\x82\x38\x62\x25\xd6\x59\x68\x1c\x21\xbc\xbd\xba\xff\x6f\x5f\xf5\x20\x13\xc9\x83\xa8\x4f\xac\xe7\xed\x5b\xfc\x88\xa0\x9f\x3d\xaf\x42\xf1\xbd\x52\xa5\x3a\x16\x59\x14\xc5\xe9\xd8\x0b\xf8\x1a\xd2\xfb\xb2\x1d\xf5\xae\xc5\x0e\xd5\x16\x7c\xd8\x88\x02\xd9\x63\xef\x9f\x1e\x4b\x75\xcb\xdd\x96\x0c\x02\x95\x49\xee\xa6\x6d\x11\x67\x8e\x54\x26\x00\xde\xb3\x6f\x3c\x09\x45\x97\xd7\x64\xe3\x66\x3b\xaf\x84\xde\x3a\x89\x7f\x86\xfc\x79\x83\x3f\x83\x01\x31\x2b\x3e\x26\x11\x9b\x59\x37\x31\xc6\xe2\xc5\xdd\xa7\x88\xbd\xa2\x86\xaf\x43\x1d\x56\xe8\x88\x6c\x3e\x6c\x7c\xb6\x76\xe4\x59\x74\x1c\xf8\x8f\x97\x8d\x26\xa1\x7a\xac\xa6\x62\xab\x1e\x18\xdf\x2d\x3d\x99\x2c\xd1\xc3\x74\x6e\x73\xe6\xf8\x60\xfd\x7e\x8e\x99\x6d\x4a\x75\xc5\xbb\xfe\xe9\x9e\x2f\xf3\xb3\xce\xdd\xa5\xf8\x9a\xb7\xff\xcd\x1a\x77\x5f\x17\xaa\x66\x88\x80\x3b\x9a\xf1\x14\xcc\x91\x9f\x91\x36\x04\x41\x10\x4a\xb1\x9b\x54\x39\x6a\x7c\x72\xf7\x10\x0d\x8f\x7b\x3c\x4c\x53\xd5\xae\xf9\xb3\xed\x30\x89\xe4\xf4\x2e\xf1\x62\xab\xc0\x34\xa6\xcc\xef\xe6\x0a\x4c\x03\x69\xc3\x99\x8f\x51\x75\xab\x3c\x5e\x18\x4c\x38\x4c\x68\x62\xff\x16\xfa\x25\x5b\x24\xbd\x51\xc3\xd4\xdb\xad\x5f\xa9\x5b\x00\x5a\xe3\xc7\x4c\x37\x45\x81\xe6\xd7\x67\x9e\xa2\xbf\x6e\xe2\x5f\x01\x6c\xd8\x0c\x1b\x50\xa3\x52\x44\x21\xbc\xaf\x92\x99\xa2\xd9\x21\x0a\x3c\x99\xb3\x38\xbd\xdf\x89\x3c\x03\xb2\xef\x17\xdc\xbf\x16\x1c\xac\xd1\x7e\x03\xf4\x58\x18\x56\x0b\xfb\x68\xed\xf4\xb0\x97\x34\xdb\x9c\x56\xd5\x62\xc4\x54\x22\x6c\xe9\x08\x08\xbf\x19\x62\xbf\xc3\x3b\xcf\xd6\x34\x1b\x50\x85\x44\x7a\x0f\x15\x88\x4e\xc0\xdc\x6e\xab\x06\xd0\x4b\x9e\x5a\xcd\x24\x2b\xb7\xae\xeb\x66\x3e\xba\xd3\x8e\xc2\x18\xf9\x6f\x61\xb5\xbd\xdd\xd2\x3f\xf1\x1d\x95\x31\xa1\xcb\x2e\x11\xe0\xf8\x23\x2c\xc6\x79\xa3\x0f\xe3\x80\xca\xc2\x81\x6a\x62\xee\x75\x5d\xd3\xdd\xca\x1f\xc0\xf4\x63\xa1\xe6\x58\x07\x3f\xb3\x09\x88\x51\x28\xb3\xda\x7d\x50\xbc\x1e\xbf\x8d\xea\xa2\x57\x38\x4b\x15\xa8\x87\x0a\xcf\x9f\x2c\x8d\xcc\x30\x8e\xfb\xd3\xfe\x37\xa5\xcb\x37\x8e\x71\x83\xdd\x0c\x2e\xf3\x44\x77\xf8\x0b\x0f\x5b\x18\x16\xce\xeb\x33\x63\xfa\x9a\x7f\xc7\x85\xa8\x52\x33\x27\x63\x72\x66\x33\x29\xfc\xec\xa5\xd2\x93\x91\x89\x6c\x50\xfe\xe3\xaf\x39\x52\x4b\xab\x57\x90\x17\x3a\x7e\x19\xfc\x4a\x24\x32\x45\x1b\x3a\xc0\xbc\x7d\x9b\x86\xe8\x50\x39\x5f\x17\xc8\x5d\x91\x9d\x83\x51\x73\x14\x10\xfd\xba\xc6\x12\x42\x81\xd3\x63\xc9\x9d\x29\xb0\x5c\xbb\xb8\xe1\x70\xfe\x36\xee\xdc\x5a\xf9\x61\x18\x04\x21\x49\xba\xbc\x22\xfe\x8d\xdc\xdd\xc4\xe7\x94\x6d\x77\x4c\x6f\x9c\x1f\x08\x5c\x57\xb5\xeb\xed\xab\x24\xd8\xed\x03\xfa\xfd\x34\x31\xd3\x72\x4c\xab\xba\xf3\xdd\xfb\x62\x7e\x3b\xc2\xdb\x72\x82\xc3\x88\x9d\x74\x99\x66\x59\xee\x27\x11\xc3\x0a\x74\xcf\xf3\x8f\x3b\x4d\x57\x5f\xd7\x1f\xa7\xd6\x5c\xe3\xb0\xae\x6d\xf1\xb2\x5c\x57\x27\x9b\x93\x30\x8e\x16\x4e\xb0\x95\xdb\x42\x82\x1b\x65\xe1\xdf\x64\x99\x41\x57\x80\x41\x62\x14\x68\x00\x07\x19\xb4\xaa\xed\x32\x0b\x35\xcb\xac\x7b\x0e\x14\x95\xea\x4f\x00\x72\x0f\x89\xeb\x6b\xe2\x7a\xf7\x02\x94\x15\x3c\xcf\xfd\xf8\x1c\xfd\x21\x46\x57\xd7\x91\xf4\xec\xe9\xab\x74\x2d\x3d\x45\xa7\xa7\x55\x2c\x74\x73\xe3\x9b\x66\x5e\x0d\x43\x7d\x2f\x9c\x4a\x86\x5b\xd1\xda\x85\xdf\xc4\xb0\xb7\x59\x94\x56\x27\xdb\xc3\x25\x36\x09\x04\xd6\x5a\x08\xdc\xbc\x11\xd9\x04\xe8\xc9\x99\x22\x77\xca\xe7\xef\x6c\x47\xb0\x1c\xf7\x83\x39\xf8\xc8\x02\x1d\xc4\x1b\xf9\x58\xcf\x62\x4a\x60\xc3\x38\x7a\x02\x54\x3c\x66\x07\xaa\x9b\x90\xec\x53\x45\xf6\x0d\x1b\xce\x4b\xee\x8e\x37\x30\xd6\xa9\xaa\x2a\x53\xce\x34\xb2\x53\xc7\x75\xad\xb1\x4a\xb7\xb5\x83\xb1\xd9\x5f\x98\x19\xc4\x97\x17\xc4\xe2\xaa\xbe\xcb\xb9\x5b\x40\xe0\xaa\xd7\xe3\x12\xcf\x4d\x3c\x06\x0a\x94\xe5\x41\x8a\xb8\xb7\x29\x50\xea\x39\xbf\x97\x8b\x7d\xe7\xc7\x3c\x9c\x3b\x6e\x46\x43\x1c\xc4\x2d\x1a\xbb\x72\x13\x06\x43\x92\x08\xc7\x0e\x83\x20\x58\xd7\x3b\xf3\x2b\x5f\x2a\x12\x3c\xe1\x31\x5f\xf7\x4b\xd5\x76\x9e\xcf\xdf\xae\xc7\x90\x78\xfc\x38\xbd\x1f\xd3\xb1\x99\x11\x15\xa7\x4b\xc8\x09\x90\xf9\x35\xba\x12\x51\xc8\xba\x80\x4d\xf7\xcd\x21\x6f\xcf\xe8\xb3\x4b\x7a\xe0\xa6\x3e\xd7\x94\x3b\x84\x51\x4f\xff\xf6\xc5\xa7\xac\x4c\x74\x0f\xf3\x90\x81\x2c\x94\x06\xf7\x3a\x04\x4a\x4b\x68\x95\x36\x91\xd6\xb3\xa0\xb0\xab\x56\xf6\x3a\x24\x4a\xb4\xb5\x51\xbb\xd6\x18\xd3\x4b\x66\xac\x91\x2f\xfc\x77\x2c\xdb\x4b\x55\x16\x9a\x16\x76\xdd\x0d\xd5\x06\x11\xd0\x7e\x1f\xf0\x20\x39\x6d\xb2\xfd\x56\xb3\x9e\x0d\x3e\x43\x92\x61\x1f\xfd\xd2\x92\x39\x68\x51\x7d\x69\x9b\xb1\xe9\xa5\x2e\x95\x07\x6e\xc0\xd6\x0a\x8b\xbb\x77\x2d\x47\xd9\xf7\x61\x4b\xd6\x36\x3a\xd2\xc4\x22\xee\x87\x12\x8f\xc5\xda\x4e\x7d\xd9\xa0\x0d\x5f\xc6\xf4\xfd\x39\xee\xba\x0e\x5b\xfd\xcd\x07\x4e\xca\x96\xcc\x9c\x57\xb3\x1b\xbb\xe4\xd2\xbb\x38\x4d\xc7\x61\x45\xc9\x03\x52\xc4\xab\x6e\x74\xdc\x5a\x10\xf2\xf7\xc1\x86\xd0\x39\x20\x27\xdd\xa8\x7b\x90\xe2\x0a\x67\x87\x29\x65\xca\xe0\x4e\xfe\xaf\x94\x9d\x40\x2c\xc6\xb5\xec\x17\xd5\x85\xdf\xe6\x3a\x18\x9b\xf9\x99\x11\xb6\x07\x00\xcd\x52\x29\x58\x4d\x28\x88\x4e\xb0\xd0\xef\xeb\xb9\xfa\x56\x76\xac\x8e\x0a\x80\x5d\xc3\xe0\x27\x07\x11\x34\x68\x91\x3f\x51\x6c\xfc\x50\xee\x06\x4a\x52\x11\x53\xe9\x89\x82\xd7\x3b\xe3\x73\xa3\x22\xe9\x58\x5c\x36\x59\x70\x65\xf7\x8a\x84\x02\xc2\x22\x3e\x6b\xfa\x28\x79\xea\x10\x59\xad\x1d\xe2\xb7\xed\x71\x97\x83\xd3\x79\x63\x69\xab\x36\xee\x0c\x55\x96\x3c\x7a\x68\x69\xd3\x63\x29\xab\x59\x9d\x7a\x19\xba\x09\x9d\x43\x6d\xea\x7b\xf0\xee\xaa\xfc\xf1\x0b\x0c\xc9\xfd\x18\x22\x3a\x1f\xa1\x18\xbd\xd7\x31\xd5\xfd\x1e\xdd\x15\x56\x07\x3a\xf6\x42\xc9\x70\x01\xbf\xf5\x40\x74\xa0\x5c\xfe\x6c\x86\x69\xf5\x4e\xff\x7e\xaf\xf1\xcb\x78\x9a\xd6\x7d\x5b\x93\xce\x71\x10\x8c\x8c\x85\x15\x71\x48\xca\x48\x78\xe8\x7b\x50\x85\x50\x0b\xce\x74\x4c\x46\x47\xab\x2c\xea\xcc\x39\x9d\x96\x5d\xc8\x5c\x26\xed\xcd\x7b\xc5\x14\x7a\x6c\xb6\xcf\xea\x03\xc0\x4b\xaf\xb9\x87\x4d\x1b\x1e\xad\x5a\xac\x8d\x47\xe5\xb4\xa3\xa6\x71\xf6\xa9\x6b\xa8\xa8\xf5\xdd\xd9\x49\xb9\xec\xde\x35\xee\x44\xab\x53\xe0\xde\x3b\x44\x8b\x1e\x5f\x6d\x93\x4a\x29\x67\x83\x09\xba\x5c\x4e\xff\x31\x5e\xe6\x90\xd0\x68\x1b\x27\x6f\xa9\x6d\xed\xd3\x2f\xcd\x44\xbd\xfa\x27\xce\xe9\x10\x25\x27\x4a\xc9\x73\x15\x91\x35\x07\x15\xb2\x43\x1f\xe3\x97\xb7\x61\x59\x7d\xb3\x1e\x8e\x79\xba\xab\x99\x01\x8b\xd6\xf4\xfc\x76\x5f\x10\xd9\x3b\xac\xf4\x54\xb3\x59\x86\x63\x06\xec\x14\xf9\xdf\x19\x08\x56\x84\xa8\x49\x0e\xfb\xfb\x96\x22\xca\xd0\xa4\xd5\x80\x01\x23\xf6\xfb\x0a\xab\xbe\xf7\x3a\x08\x83\x20\x38\x50\x8d\x61\x37\x9f\x1c\x8f\x91\x2c\xed\xe9\xe5\xfc\x2a\x2f\x2d\x8f\x3f\x18\x93\xd1\xe4\xc5\x97\x73\xd4\x1f\x2c\x66\x70\x14\xf6\x57\x00\xb2\x0e\xa6\x8d\x3c\x2b\xdd\xbd\x6f\xea\xba\xb6\x23\xc7\xd6\x34\x5a\x08\x81\xbf\x96\x51\x83\x51\x72\xdd\x67\x18\xcd\x8a\x98\x1a\xcb\x0e\xd7\x96\x14\x7e\x9b\xca\xf3\x25\x14\x00\x54\x60\x5e\x6a\x31\x94\x76\xaf\xde\x91\xf4\x0b\x74\x5e\x7b\x37\x0d\xb8\xa8\xa5\x87\x92\x07\x36\x8c\x90\xfa\xf1\x97\xac\x60\x24\x4c\xd0\xc8\xe6\x2e\x4c\x9f\x32\x0c\x67\x0b\x4d\x9e\xb9\x84\x9b\xaf\xeb\xbc\x12\x2e\x2a\xd4\x11\xd5\x02\xef\x3d\xab\x48\x15\xcc\x7b\x06\x30\x77\xfc\x6b\x7c\xf5\x4d\x3c\x42\xab\x9a\xb8\x14\xe7\x54\x52\x20\x03\x25\xe9\x17\xaf\x00\xaa\xa4\x42\x55\xee\x9c\xd6\x44\x18\x85\xb2\xcb\x09\x3b\x7f\xe7\xf6\x6f\x1d\xf8\xe8\xdf\x1a\x33\x39\xa1\xd1\x3d\x3f\x91\xf5\x20\x58\x52\xb5\x49\xb5\x30\x4a\x9c\x01\xfa\x9d\xfd\x79\x73\xbf\x4e\x9f\x70\x67\xce\x24\xcd\x41\x0b\xce\x89\x31\x2d\xdc\x02\xe8\xd0\x5c\xbc\xcf\x04\xa3\x60\x19\x6a\x18\x89\xf4\x3d\xb7\x83\x78\x53\xc7\x48\xa5\xda\x5f\xd5\x76\x45\xb2\x62\x54\x4d\x8d\x55\x60\x84\x2c\xbe\x5f\x33\xfa\xeb\xba\xac\xae\x00\x34\xde\x4d\x6b\x25\x5a\xa2\xd9\x2e\x70\x80\xf3\x9e\xa9\x41\x57\x81\x4c\x32\x02\x63\xdf\x3e\x08\x8f\x4e\x9f\xb4\x5c\x31\x48\x63\xb3\x09\xef\x7b\x74\x22\x72\xcd\xb5\xca\xc6\x3f\x6e\xe3\x40\xb1\x05\xe9\x0e\x2f\x21\xdc\xe4\x8f\xb5\xf4\x58\x3b\x12\x43\xb4\xb8\x7e\x01\xb6\x07\x49\x18\x4c\x09\x52\xd4\xf5\x75\xb3\xa5\xdf\xcd\xf4\x96\x4a\x1b\x42\x18\x23\x9f\x29\xbd\xdb\x86\xde\xf7\xcc\x08\x7c\x64\xe1\xec\xde\x99\xf2\xed\x18\x50\x9d\x5f\xbc\x58\x82\x77\x4e\xd5\x82\xac\x07\xd9\xe1\x64\x71\x4e\xd5\x01\xcb\x13\xd6\xab\x52\x66\x8c\x2f\x55\x80\xc5\xe9\xf9\x90\x31\x13\xd4\xf9\xc7\x6c\x35\x52\x47\x48\x88\xdc\x12\x3d\xeb\xb4\xf7\x4a\xa5\xc2\xef\x65\x52\x06\x60\x14\x0d\xdc\x64\x76\x73\x4a\x9c\x64\xb7\xda\x14\xa3\xd6\xe2\x4b\x97\x13\x7f\x90\x62\x0b\x1b\xc8\x95\x9d\xe8\x62\xb2\x03\x9a\x85\x54\x15\x7d\x4a\x70\xfd\xeb\xd5\x63\xa1\x28\xe5\x6a\x3c\xd3\xbf\x85\xd9\x4f\x48\x5a\x00\x9b\xff\xe6\x1a\xc7\x0c\xbe\xc5\x30\xce\x1f\x14\x38\x6a\xbf\xf8\x1d\x0f\x81\x6b\x6a\xee\x9b\xf0\xde\x87\xa5\xbd\xf9\x92\x89\x09\xe0\xfd\xfa\xe8\x06\x26\xe4\x4d\x9e\x3c\x12\x57\xb8\x3c\xed\xe3\xf4\xda\x28\xd8\x60\x68\xe8\x06\xf0\x75\xa2\x85\xf8\x69\x39\x5f\x51\x6e\x0d\x4c\xc7\x51\x53\xc7\x21\x5c\x32\x09\x03\x83\xc3\x30\xe6\xea\x0a\x91\xfa\xee\x78\x7e\x45\xde\xd2\xef\xd6\x09\x58\xd1\xd1\xc5\xa3\x0a\x14\x42\xbe\xaa\xef\xe5\x41\xb4\xc1\xd7\xb3\x1e\x7d\xca\x0e\x66\x7a\x67\xef\x22\x23\x69\x00\xa3\x72\x6e\x9a\xcc\x73\x65\xe1\x8f\x5e\x0d\x98\x5d\x41\xd9\xa0\x89\x30\x5c\x44\xf1\x4f\x64\xeb\x5c\xd4\xbf\xb9\x9e\x0e\xbc\x4c\xac\x32\xc7\x22\x06\x03\xc0\x6c\x77\xf2\x5f\xb5\x46\xdb\x03\x5a\x13\x7e\x0b\xbc\x50\x47\x30\x61\x7e\x7b\x26\x35\xb3\xab\x69\x1c\x71\x5e\x5b\xdf\x3a\x66\xef\x5e\x17\x05\x54\x56\x70\x81\x58\x5b\x52\x43\xe7\xca\x94\xcb\x30\x0c\x1e\xc0\x41\xe0\x44\xcc\x17\x81\xa9\xb1\x17\x4a\x52\x44\x3e\x7c\x17\x0a\x66\x31\x61\xf8\xe4\x65\xed\x26\x3a\x50\x55\xbb\xad\x7d\x31\xa1\xd6\x6b\xa7\x1d\xb6\x76\x45\xae\x42\xfe\x54\xca\xec\x21\x9d\xaf\x2e\x98\xc4\xc0\x9b\xb9\x1e\xb0\xbb\x4d\xb5\xa3\x2b\x69\x8e\x91\x60\x70\xa2\x27\xae\x41\xea\xf4\xa8\x41\xb1\xa3\xc0\x0d\x4b\xf8\xc8\x22\xb9\x7b\xa0\xcc\x9a\xbc\x98\x0e\xaf\xe8\xa2\x81\x09\x48\xb8\xe4\x0c\x49\x63\xac\xa3\x0f\x5f\x42\x7f\xe0\xf9\x53\xaf\x77\x95\xdb\x6b\xe0\xd6\x16\x84\x20\x12\xa3\x60\xfa\x06\x94\xd9\x6a\x2c\x73\xa4\xe4\x79\x96\x39\x00\xb0\x7c\x72\x4f\xa0\xac\xbc\xe6\x9d\x05\x9a\x3d\x8c\x59\xf9\x97\xba\xb4\xe1\xc5\x53\xaf\xca\x47\x56\x83\xec\x16\x4a\xe7\x40\xc5\x47\xe0\x57\x97\x40\x11\xeb\xed\xb4\xf6\xaf\xc5\xbd\x39\x6c\xbe\x3d\x74\x4b\xd3\xcb\x65\x4d\x6a\x20\xa3\x97\x1f\xe1\x16\xf0\xd7\x5f\xbc\x20\xf1\x9b\xbe\x3a\xad\x10\xf6\x11\x59\xfb\xa8\x8f\xfb\xbc\xbe\xe7\xad\xf5\x29\x50\xc9\xa0\x88\x6b\xce\x6d\x26\x34\x50\x5e\x99\x24\x14\x27\x22\xcb\xa0\x8c\x90\xc5\x75\x84\x64\xa1\xcc\x80\xfd\x5c\xa3\xd9\x43\xfe\x8f\x19\x2d\x44\x72\x2a\xa8\x71\x30\xa8\xf4\xb2\x4f\x7f\xf7\x4d\x15\xf3\x33\xec\x51\x28\x61\x30\x55\x6d\xe7\x75\xf4\x92\x91\xc8\x28\xb0\x94\x71\x3a\xcb\x4b\xf0\xbc\x22\x11\x00\xf7\x40\x74\xf2\x97\x80\x2e\xde\xd6\x35\x95\xaf\xf2\x4e\x57\x7d\x93\x67\xb7\xd3\x89\x92\x3b\x16\x76\x6f\xd7\x14\x04\x00\x2f\x3c\xd7\x96\x62\x1f\x43\xb0\xc5\x50\xb0\xda\x1d\xd3\xf0\x9c\x25\xdc\x82\x46\xc9\x4d\x1f\x83\x7e\x88\xb6\xbe\x57\x62\xb8\x44\x30\x24\x81\x80\xcf\x7e\x20\x3e\x45\xc5\x33\x7d\x53\x92\x62\x57\xe9\x65\xfd\xd4\x12\xb3\xb1\xab\xd2\x48\xec\xd2\xc4\xa1\xc8\x71\xc3\xf0\x4a\x58\xae\xc0\x8c\xb3\x73\xb4\xe0\xec\x99\x74\x45\x1b\xaa\x0c\xf8\x5e\x44\x11\xdc\xcf\xa1\x46\x5d\xd6\x0b\x31\xf5\xf2\x63\x55\x45\xdc\xf1\xea\xf7\x43\x60\xf5\x5f\x3d\x3a\x71\x6e\x73\x7d\xdf\x62\xd1\xeb\x3c\x59\x22\xe4\x88\xd6\xb1\xc0\x52\xa1\xea\x09\x8d\x39\xf4\x99\xcf\xb8\xa2\x63\xf4\x2b\x68\x11\x7f\x41\xaf\x80\x74\x43\x8c\xcb\x1a\x19\xe3\x97\x12\xfb\x26\x79\xf6\x13\x10\x94\xcb\xff\xbe\x05\x92\x3c\xe5\x84\x8a\x3e\x19\xbc\xa4\x99\xe1\xf4\x70\x97\xfc\x2d\x39\xb6\x20\x80\x22\xb9\x9c\x0d\x02\xc2\x61\x49\x8a\x13\xf5\x87\xe8\xfc\xf0\x5b\xe7\xb3\x03\x21\x9a\x2b\x11\x82\xdc\xd2\xfa\xfb\xce\x2d\x81\xc9\x43\x0c\xb4\x70\xb4\x23\x3a\x8e\x07\xb9\xba\x37\x00\x30\xb3\x20\x20\x67\x99\x7a\xd8\xc3\x9c\xaf\xf3\xf4\x39\xb6\xe5\xc6\x0a\xdf\xd4\x19\x5b\x2a\x2b\x6b\x82\x39\x81\xeb\x3e\xe2\xf0\xb7\x7a\x0d\x16\x82\x64\xbf\xb5\x24\x31\xae\x34\x15\x12\xd2\x4c\x2c\x62\xdf\x1c\xd5\x23\x2d\x78\x7f\x70\x02\xba\xc1\x70\x64\x27\xa2\x25\x54\x0d\x24\x63\xf1\x9b\x2b\xf3\xc5\x76\x7b\x56\xb9\xba\x7e\xff\x3f\x0e\x26\x06\x4a\x94\x33\x0d\xda\x0c\x38\xff\xf6\xb5\x9f\xd1\x2d\x0e\xfe\xbc\x09\x36\x55\x79\xcb\x7c\xcf\x05\x5e\x3c\x4b\x7e\x45\x0f\x46\x96\x8b\xbd\x88\xe0\x05\xbd\x81\xf9\x7e\x1f\xdb\xe3\x8b\x8d\x77\xaf\xc8\x73\x4a\x12\x06\x81\x1f\x14\xed\xe8\x43\xb6\x90\x18\x88\xc4\x19\x46\xd6\x6e\x01\x42\xe3\x27\x9a\x1d\x48\x73\x2d\xfc\x6b\x76\xc6\x8b\x26\x2f\xd8\xde\xf2\xca\xa3\x05\x94\x19\x52\xc3\xec\x3a\xf7\xee\xdb\xef\x4b\x28\x92\x72\xeb\x3e\x10\x9d\x90\xc5\xef\xe6\x2a\x3d\x50\x82\x9f\x02\xe6\x6d\x06\xa2\x5f\x0c\x97\x7c\xa9\xde\x16\xf0\x53\x15\xa5\x4e\x63\x28\x35\x42\x65\x18\x7e\xaf\xde\xe5\xd3\x29\x56\x83\x98\x09\xdf\x3e\x0e\xe1\x06\xd9\xc4\x90\x5e\x57\x98\xc5\x54\xfb\x5b\x1d\x67\xdf\x46\x11\xc8\x59\xb6\x7e\xd8\xa6\x96\x01\xf7\x4b\x12\x3e\x9b\x75\x99\x00\xa6\xcd\x25\xac\xde\x73\x76\xa4\xb7\x90\x92\xd7\xc0\x16\x35\xc6\x8f\x02\x2a\x53\xc0\x2e\xf1\x82\xb5\x1f\x11\xb3\x1e\x52\x4c\x49\xa7\x75\x65\x2f\x71\x2e\xe7\x74\x78\x65\xe1\x4c\x62\xa6\xbe\xe1\xe7\x93\x82\xe9\xa3\xe7\xd7\x88\x70\x68\x19\x3f\xf0\x3a\x74\xa8\xef\xf1\x59\x38\x9c\x2c\xed\x1e\x75\x27\xc9\x0f\xf1\xe6\x0f\x42\x3a\x6e\x2b\xb4\x07\x9a\x22\xb8\x51\x67\xeb\xb4\xea\xee\x5b\x07\x7a\xaf\x22\x5e\x63\x93\xf3\xdf\x92\x86\x03\x5d\x91\x93\x08\x19\x5c\x3b\xb7\x67\xdf\x09\xaf\x71\x92\xce\xfe\x56\xab\x54\xb3\x33\x79\x59\xd3\x07\x3d\x78\x1c\x4a\xc4\x64\x3e\x7b\x3d\x1c\x75\x8a\x0c\xcb\xdf\x7d\xf6\x2f\x08\xb1\xb7\x30\x05\x66\x15\xa1\xb6\xc3\x91\x23\xdc\x00\xb0\xa2\xdb\x22\x9e\x95\xb4\xb0\x26\x6f\xae\x24\xae\x1d\xee\xb5\xb2\x46\x41\xa4\x6e\xe8\x66\x8a\x85\x37\x00\xad\x6d\xe7\x53\xfb\x9b\x3b\x83\x1f\x29\xa2\x93\x47\x94\x19\x99\xcf\x2d\xa0\x63\x3a\x2e\xeb\x1f\x17\xed\xa3\x95\xd1\x03\x55\xcd\x6f\x7f\x69\x24\xf8\x6b\x38\x59\x04\xb5\x97\x62\xc1\xea\x12\xde\xf7\x76\xe9\xf2\x44\xba\x99\x48\x85\xfd\xc5\x21\x1c\xe2\xc0\xf6\x5f\x4f\x41\x6b\xda\x04\xe2\xc7\xea\x23\xef\x28\xd2\xba\xc3\x3b\x69\xbe\xf8\x4e\x24\x2d\xe8\x84\x17\x3a\x77\xef\x0e\x54\x56\xa4\x87\x02\xae\x67\x36\x08\xe9\xb2\x97\xea\xa4\x7a\x5e\x2e\x67\xab\xe7\xc4\x35\xd5\x45\x87\xbf\x45\xca\xf9\xae\x11\xe9\x5a\xa1\x9d\x19\x94\xc2\xe7\x66\x74\x46\xf3\x4c\xb4\xd1\x85\xc8\x6e\x5a\x89\x3f\xf3\x40\xff\xf4\x27\x93\xdd\xfe\xd0\x5a\xb4\x46\xc8\x17\x30\xe5\x6e\x78\xad\x8b\xa1\xa4\xd6\x79\x60\x02\x2f\xd1\x0a\x95\xb5\xb6\x0f\xc8\xc3\x6d\x6a\xc2\xf4\x04\xec\xa7\x53\x2a\xdd\x0f\x9b\x16\x3e\x45\x14\x78\xfc\x62\xcd\xe0\x47\x81\x46\xff\x25\x4d\x1c\x89\x84\x81\x24\x69\x88\xad\x52\x87\x74\x4a\x1f\x7d\x8d\x41\x46\x07\x01\x16\x18\x08\x04\x0f\x94\x4a\xfd\x8c\xe9\x44\x2e\xeb\x93\xe5\xde\x3d\x87\xda\xf1\xaa\xb6\xa3\x4b\xd2\xf1\x6d\xb6\xaa\xd4\x60\x09\xd7\xd8\x44\xe0\xe4\xd7\xb7\xc1\xf7\x35\x7e\x79\x25\xe0\xe8\xbc\x69\x2e\x52\x98\x11\x2a\x3d\x37\x55\x09\xcc\x86\xcf\x69\x3a\x1a\xe3\x87\xe5\x9a\x32\x4c\x1d\x4c\x2f\x13\x5e\xad\x2b\x09\xd0\x4e\x95\x10\x89\x41\x94\xd3\xcc\x47\x4c\x5a\x0f\xb5\xc4\x08\x29\x49\x17\x4e\xc0\xf6\x7c\xea\xb8\xac\xa3\x1b\x06\x42\x4b\xe9\x25\x3f\x5f\x9f\x77\x4b\x89\x1e\xb8\xf4\xec\x89\xad\xa2\x24\x0e\x13\x40\x74\xe7\xbc\xa3\xd5\x27\x59\x9e\x99\x31\xc2\xe1\xca\x45\x18\x0f\x78\x83\xe8\xe4\x45\x9a\x23\x76\xfd\xde\x5a\xf5\xcb\xe4\x37\x7f\x81\xc0\x1c\xbb\x27\x71\xe7\x70\x5a\x54\x4f\x1f\x3b\x89\xcf\xe4\x79\x06\x04\xf1\xc2\x4e\x43\xee\x40\x05\x07\xad\xfa\xb9\x3d\xad\x52\x32\xa0\x03\xef\xd2\x82\x7e\x67\xc4\x29\xc9\x18\x4b\x7c\x4d\x98\xed\x0f\xef\x6d\x39\x1c\x96\x14\x8d\x2e\xe8\x27\x36\x35\xae\x1a\xb2\x27\x02\xac\x89\x66\x94\xc9\x40\x06\x1f\x8e\x3e\xc8\xd7\x6f\x7e\x46\xaf\x18\x36\x30\x1d\xb0\x49\xe8\x0d\x28\x7c\xbe\xfd\x23\xb8\x82\x7d\x10\x3a\x6d\xfd\x7c\x8e\xb1\x05\x8e\xfa\xac\x8f\xa4\xfd\x0d\xfe\x3c\x05\x03\xaa\x9f\xf5\x84\x16\x35\x67\x40\xaa\x33\x35\x37\xb4\xf1\xa8\x95\x4a\xeb\x37\xfc\xa0\xc0\xb8\xc1\x36\xbd\xdf\x08\xbb\xce\x8f\x5a\xb2\x7e\x26\xf2\xa7\x59\xb3\x26\xb6\x88\x0f\xf5\xeb\x8e\x1c\x5b\xfa\xa7\xe1\x68\xf6\x3c\xcc\x8b\x78\xb0\x70\xb5\x7b\x1b\x68\x4b\x52\x91\xc5\xef\xbd\x36\x52\xf6\xad\x25\x66\x76\x86\xb5\x9a\xbd\x3a\x91\x15\xd9\x66\xdc\x84\x9c\x9a\xad\x2e\x74\xa6\x13\x3a\xdb\xdf\x7d\x51\x61\x5e\x0a\xec\x59\xe1\x95\x99\xa8\x7a\x25\x0c\x9c\xec\xeb\x2f\xe3\xc9\xcd\x01\xc4\x30\xaa\xfb\x75\x0f\x05\x0a\xed\x73\x0b\xbc\xf2\x41\xf3\x24\x0b\x0c\xc0\x2d\x7e\xdf\xf7\xf3\xc5\x7e\x06\x21\x46\x82\xc1\xc7\xf8\x03\xd1\x7b\xd7\xe6\x7c\x8d\x6e\x03\x5d\x9d\xe8\x6c\x84\x07\x6c\xad\xe9\xbb\x4f\x3c\x3d\x91\xf3\x1e\x69\x0f\xa3\x9a\xa9\xbb\xac\xde\x14\x4f\x15\x4b\xcc\xb0\xce\x2e\x28\x8e\x28\x79\x49\x9f\x68\xe1\xf9\xb0\xae\x4c\xb3\x19\x0e\x4d\xf6\x10\xf7\x8f\xe9\x15\x32\x45\x8e\x99\x07\x6e\xaa\xe6\x0f\xd5\x1b\x94\x46\xa8\x44\x6b\x84\x57\x38\xdb\x3f\xfc\xe4\x6b\xcc\x64\xe0\x27\x5f\x44\x17\x73\x38\x25\xd9\xc3\x0f\x8f\xe0\x0a\xb0\xaf\x8b\x72\x6c\xf0\x44\x61\xea\xce\x50\x3c\x08\x92\xd0\x7f\xbb\xfc\xd1\x2b\x19\xa6\x21\x33\x67\x32\x82\x57\xe8\x8b\xff\x70\x08\x8c\xa0\x41\x71\xfd\x55\xb4\x50\x10\xc9\xac\x4c\x0f\xcb\x68\xc0\xd3\x66\xe4\xe6\x4e\xc4\x06\x7f\x0b\x46\x32\xdd\x05\x51\x45\x5f\x5b\x6d\xcb\x8c\xfc\xb5\x84\x40\xc8\xcc\x34\x51\x54\xd5\xa8\x9e\x5b\x18\x2a\xe1\x39\xbb\x27\x3c\x26\xc7\xc6\xa9\xd4\x74\x0a\x2d\xe2\x52\x73\x63\x49\x12\x06\x87\xb6\x56\xfc\xbd\x6b\xcc\xdf\x23\x47\xf0\x91\xb6\x64\x85\xfc\xfe\x38\xa4\x8c\xac\xb1\x17\x11\x98\xa1\xbe\xd6\xc8\xd7\x2c\x93\xa8\xd5\x7c\xaf\xcd\xbd\xba\x61\x02\xe7\xe9\xc1\xa8\x42\x41\x0f\xe7\x86\x4a\x33\x96\x65\xd3\x60\xd8\x7a\xb1\x2b\x94\xc4\x0d\xc3\xb9\x9d\x2a\x10\x1d\x7f\x13\x5b\xa4\x33\x3f\x3f\xec\x60\x1a\xcc\x63\x89\xbd\x7e\xf6\xe5\xf4\x5f\xf2\x39\x33\x24\xb0\x6a\xe3\xef\x7d\xdf\x85\x5b\x70\x04\x17\xee\x4c\xfe\x19\x4d\xdd\xb3\xfe\x44\x8e\xf0\xd1\x33\xb1\x34\xdc\xc5\xf3\x4b\xa8\x53\x29\xb5\x19\x44\xf0\x24\x0c\x30\x8c\xf1\xcb\x60\xb9\x0b\xd4\xf2\x0c\x64\x07\x0a\x8c\xe9\x5b\x8f\x43\xb3\x7d\xc3\x85\x03\xdd\x13\x9e\xf9\x7b\x69\x70\x5b\x5e\x27\x5a\x65\x5f\xd4\x3d\xe8\xca\xde\x1c\x35\xbe\xdf\x83\x01\xca\x5f\x6c\xbc\x78\xd1\x2b\xa3\x97\x1d\xaf\xe2\xb5\xb2\xf5\x52\x08\x5d\x80\xf9\xb9\x3f\x54\x69\x19\x24\xd5\xd8\x07\x66\x49\x3d\xed\x70\x84\xdc\x10\x74\x7e\xd5\x0a\xd9\x57\xd4\xb4\x07\x35\x55\x52\x99\xfe\x2f\x26\x58\xef\xdd\x44\xa9\x73\x76\x77\x6a\x16\x08\xab\xae\x4f\xbe\x60\x81\x6e\x31\xc2\xac\x40\x24\x25\x04\xb3\x02\x35\x72\x65\x18\xc6\x0f\x35\x1a\x89\x5c\x82\x1e\x48\xe8\x85\xcd\xd4\x90\x60\xc3\xf5\xf7\x36\x44\xd2\x40\x13\xbf\x51\x99\xe6\x74\xc4\xd7\xdf\xd0\x12\x41\x54\xf5\xb0\xf1\xe5\x19\x2c\x41\x58\x6e\x61\x84\x14\xd6\x54\x63\xe7\xc2\x36\xb4\x48\x84\x6e\xff\xf5\xc9\x78\xf4\xd6\xa1\x27\xf5\x0e\x18\xad\x16\x41\xb1\xaf\xea\x14\x00\x27\x4c\xf2\x92\xe5\xb7\x81\x2f\x86\x18\xf5\xd2\xa3\xa4\xf6\x51\x07\x9f\xf8\x07\xff\xc7\x64\x64\x47\x23\x5e\x82\x61\x6d\xf9\x9d\xbf\x01\x6c\xf2\x6d\x22\xba\x2a\x58\x24\xcc\xbd\x5d\xcc\xfe\x72\x72\xee\xf4\xb7\xa2\x4f\xad\x25\xd6\xb5\x9d\x05\xee\xbe\x09\xfd\x27\x2e\x7b\xd9\x3b\xf1\x1e\x92\x0d\x56\x42\xed\x05\xfe\xe9\x1a\x05\x64\xfa\x16\x00\xa5\xcd\x0f\x8e\x2f\x32\x77\x59\xaa\x3d\x61\x36\x73\xc3\x28\x52\xf7\x0c\x46\x31\x2c\xb6\xd3\x67\x52\x57\xee\xe0\xb9\xea\x33\x95\x4f\xdd\xdf\xf5\xc4\xb9\xad\xab\x18\x33\xb1\xa9\x76\x65\x49\xec\x48\xd0\xb1\x9e\x91\x2e\xf5\x8f\xd7\x2c\x72\x5c\x09\xbf\x80\x08\x1a\x37\xaa\x51\x8b\x8f\x60\x47\xd7\x90\xac\xc3\xe0\xc8\x4e\xb4\x42\xa7\x1d\xca\x0c\x68\x5e\x8e\xd7\xc9\xc8\x62\xa4\x4b\xda\x92\xba\x40\x2d\x84\xd1\x39\x63\x0f\x1f\x90\xc1\x15\xa4\x93\x01\xdf\x08\xa7\x22\x71\x48\xca\x6a\x54\xf1\x42\xcd\x1a\xbd\x6b\x72\xf6\xe7\x0a\xd7\x43\x83\x81\x56\x5e\x50\x41\xf7\x4f\x04\x9a\x07\x19\x25\xa8\xc7\xbc\x89\xe5\x56\xf5\x9a\x8e\x4a\xf3\x53\x9d\xbe\xee\x53\x8c\x41\x8a\xa0\x67\xeb\x58\xea\x7a\xdc\x4c\x45\x18\xfa\x3d\xb6\x5a\x7e\x3b\x29\xbc\xdf\x0d\x64\xd6\x94\x86\xc3\xe2\x31\xa0\x06\x9b\x93\x27\x75\xc5\xa9\x69\xe8\x2b\x43\x81\x00\xf2\xc9\xe3\x0f\xa2\x23\x04\x5b\xfd\xe7\x2d\x29\x49\xe6\x10\x59\x50\x38\xbb\xff\xb1\x11\x83\xc9\x3f\x7d\xf4\xf2\xae\x9c\xbf\x3a\xff\xe6\xa1\x7b\x50\x62\x1e\xc0\x68\xfc\x0a\x7d\x52\xc4\xfc\x56\xb9\x7e\x29\xa3\x85\x9c\x7d\x8c\xad\x55\xc1\x15\x1a\x35\xd4\x06\x82\xf3\x7d\xc5\xdd\x06\x80\x3c\xae\xd3\x8a\x72\x57\x83\x0b\xd9\x49\x4b\xab\xfe\x89\xa5\x33\xf1\x01\x79\xac\x52\x33\x07\xb6\x25\x38\xb7\x6f\x49\xa0\x29\x6b\x62\xdc\xc9\x19\x39\xbd\xf3\xaa\x2e\xf1\x19\xf5\x3f\xea\x00\x7b\x10\x80\xdd\x0d\x26\xf0\x20\x10\x1d\xe1\x66\x64\x40\xc0\x28\x53\x41\xe4\xea\xbc\xfc\xdf\x87\x8b\xae\xe5\x3b\x7f\xc3\x8d\xed\xa5\x59\xc6\xf2\x11\xda\xfd\xa2\xb9\x5f\x71\x21\x9d\x67\xa2\x1f\x85\x9b\xc9\xc8\xdd\x68\x74\x21\xb1\x89\xcc\x71\x43\x89\x42\x8f\xc8\x40\x5f\x1b\x88\x37\x2e\xdc\xf8\x86\xc4\xe7\xc3\x47\x2c\x45\x77\xd3\x96\xfd\x2d\x30\xbb\xdc\x2e\xfe\x89\x45\x2a\x09\xf1\x8d\x0c\x02\x9d\x0f\xe4\x16\xee\x65\xd2\xb7\x87\x3c\x08\x76\xbf\x5b\x6f\x18\x15\x90\x4c\x6b\x72\xd1\x14\xb1\x23\xe5\xa5\x66\x7a\x5f\xe4\x93\xa3\xd5\xb3\x20\x20\x36\x92\xc3\xfb\x65\x6b\x56\xa7\x2f\x9e\xad\x89\x50\x1b\x10\x2e\x3b\x45\x1a\xc5\xc1\xec\x80\xdd\x23\x72\x5d\x7d\xfa\x6c\x26\x12\x6f\x5f\x64\xb3\x5e\x5d\x7a\xa6\x0e\xb5\x00\xe9\x32\x57\x76\x5b\xbd\x74\xae\xd6\xa2\x7c\x78\x02\x3b\xbb\x5e\xab\x0d\x22\x0a\x0b\xdb\x4b\xe3\x44\xb7\xba\x21\x6d\xc3\x18\xbd\x2c\x40\x8d\x3b\x67\xec\x0a\x13\xbc\x37\x9d\xf4\xaa\x57\x03\x43\xf7\x7c\x64\x28\xe7\xd6\xed\x17\x2d\xd1\x91\xbc\x00\x49\x59\xf1\x2d\xa6\x80\x09\xba\x90\x3f\x1c\x0a\x2d\x4e\xfc\x49\xeb\xe8\x54\x3c\x0e\xfe\x04\x9e\xa5\x7f\x88\xd4\xca\xec\x1d\xdb\x17\x5c\x23\x89\x19\x8e\x6b\x59\x59\x63\xc2\x1b\x6e\xb4\x0d\xd4\x68\x87\x59\x43\x3a\x1b\x8a\x92\x31\x25\x89\xae\x95\xbb\xf2\xa7\x3f\x0f\x38\x5a\x0a\x79\x69\x56\x2a\x49\x4d\x1c\x18\xe0\x08\x3f\xb6\xff\x63\xed\xdb\x00\x92\x71\x59\x10\xd2\x4f\xb0\xb5\x6a\x9f\x19\x2a\x41\xf0\xce\x13\xa2\x1c\x50\x92\xbe\x9b\x52\xb0\x45\x36\x0e\x1c\xab\x23\x66\xcf\x66\xeb\xf3\x38\xd1\xac\x45\xf2\xeb\xe6\xb3\xc7\x82\xd3\x00\x9c\xd4\x7f\x3a\x9b\x09\x97\x8e\x57\x9a\xec\xba\x11\x09\x7f\xc6\xf8\x95\x95\x1e\x9e\xe3\xf1\x03\xdc\x71\xd9\x56\x12\x38\xe5\x48\x8b\x2a\xe1\x8a\xa0\xb5\x04\x67\xdd\x1f\x95\xb6\xf8\x01\xbe\x44\x4f\xf8\x23\x74\xce\xab\xd5\x0c\x0f\xfc\xb4\xd3\xea\xfe\xbd\xfb\xa7\xcb\xd3\x0f\x92\x70\x38\x17\x47\x61\x35\xe5\xea\x60\x52\xa4\xde\xac\xc3\xde\x82\xae\xf4\xd1\xba\x08\xb4\x4d\xcc\x50\x83\x91\xd4\x41\xe4\x74\xcc\x48\x1a\xe8\x17\xb8\x01\x97\xaa\x4f\x4c\x8f\x7a\xeb\xb6\x1e\x39\x76\xf2\x16\xf4\x59\x6d\xdc\xbc\xf4\xda\x9c\x83\x5c\x61\x95\xe2\x42\xd3\x82\x0d\xa5\xc4\x9c\x10\x62\x4c\xc6\x24\x60\x68\x27\x1c\x66\x22\xa3\xc8\x9c\x01\x2f\xd4\x45\x74\x4e\x88\x0d\xff\xdf\xba\xe1\xe6\x2c\x68\x32\xc3\x41\x10\x04\x00\x8f\x72\x16\x38\x11\x00\x2e\x1c\x94\x15\x6e\x30\x2c\x5a\x13\x4a\x4e\x3c\x44\x94\xa6\x20\x23\x31\x3a\x5c\x09\x52\xa5\xd6\x65\xb3\x8c\x4c\xaa\x35\x78\xa1\x0a\x76\x67\x03\x6e\x7a\x35\xcc\xfb\x36\xc5\x2b\xfd\x5f\x62\x4b\x14\x17\xda\x15\x73\xf2\x66\xd8\xf0\x54\xf7\xa3\x18\x53\xf6\xd2\x3d\x02\x41\x00\xea\x70\xd5\xf5\x27\x05\xd4\xa6\xaf\x3a\x80\xc7\x27\x96\x45\x79\xc6\x69\x59\xb3\xf1\xb6\x48\x5a\x27\x2a\x4b\xe5\xe6\x7d\xb0\xd2\xe7\xe3\x50\x7d\x78\xf1\xaa\x59\x6a\x1e\xe4\xeb\xb2\xf2\x49\x11\xda\x97\xf5\xdb\x5e\x5c\x64\xbf\x19\x3d\x10\x12\x6d\x75\x7a\xfa\x68\xb2\x3b\x37\x30\x77\x28\xb0\x12\x5b\xa2\xfc\x8d\xe0\x46\x03\x1a\x8e\x7b\x92\xe7\xd6\x3e\xd8\x25\x03\x37\xa2\xbc\x30\xc5\xcb\x60\x7e\x9c\x1b\x7a\xe3\xa2\x8d\x00\x58\xad\xcb\x9a\xf6\x8e\xc6\x33\x98\xfa\xab\xc5\x38\x10\x5d\x7f\x98\x07\xd0\x06\x72\xc3\xf3\x61\xe7\xc6\x8a\xa9\x5b\xf0\xfd\xf8\xc6\x10\x24\x31\x2c\x37\x30\x90\x14\x76\x44\x89\xe5\x45\xaf\xa4\x67\x4f\x95\x82\x49\x35\x12\xba\x1b\x10\xfc\x70\x0a\xa6\x23\xb0\x55\x30\x8d\x23\x22\x93\x5e\x50\xde\x9c\x1d\x46\xac\x3b\xdd\x95\x9d\x0c\xfb\xae\x1d\xa9\x2c\xe1\x37\x57\x0a\x2e\xfe\xe0\x95\xce\x0e\xf0\xb4\xa2\x42\xcd\x44\x4f\x5c\x3f\xa9\xc1\xbb\x8b\x6b\x95\x78\x3f\x34\xee\xed\xab\xc4\xfb\xe3\xa1\x6f\x81\x00\x8b\xae\x2c\xcd\x15\x68\x79\x05\x92\xdb\x14\x87\x24\x4c\xf4\xd1\xe3\x9f\x97\xe0\x19\xd1\x7c\x29\xa5\xc9\x15\x23\x24\xd3\x79\x55\xeb\x9a\x64\x18\xb0\xeb\xcb\x6d\x7f\xa6\x1e\x3f\xb3\x96\xe8\x35\xe3\x0a\xa7\x15\xd7\x47\x12\xa4\x9b\x20\x0c\x46\xc5\xb9\x58\xfa\x5f\x9d\x34\x59\x5d\x12\x3f\x50\x8f\x0e\x65\x06\xd1\x56\xa7\x37\xd0\xf8\xfc\x4a\xbc\x73\xb9\xfa\xa7\xc2\x47\x16\x36\x73\x2a\x08\x1c\xf2\xe5\xa7\x26\x7a\xcd\x8d\xcf\xf9\x64\x8f\x02\xd3\x11\xf4\x49\xcb\xbb\xce\xa0\x54\x25\x28\x19\x4d\xdc\x3f\x5e\x0d\x87\x25\xf3\x2b\x93\xa5\xc4\x0b\xde\x07\xa5\x42\xc1\xe8\x42\x71\x15\x3d\xa2\x6c\xa0\xca\xca\x9e\x65\xc4\xeb\x1a\x0b\xec\x4d\x3a\xad\x80\x1f\x78\x26\xc1\x97\x5f\x20\x5e\x2d\x10\x50\xfc\xb6\xd3\x9f\x03\x6b\xfa\x8e\x7a\x10\x6e\x3e\xa6\x3b\x35\x18\xbf\xe3\xa0\x16\xfb\x8f\x17\x3b\x13\xfc\x55\x7d\x72\x66\x26\x32\x71\x8f\xc1\x69\x03\xe1\xa0\x2d\x1f\x9b\xfc\x95\x21\xf4\xf5\xcb\x13\x29\x18\x70\xf7\xcf\x9b\x0f\x5b\x0a\x1b\xf7\xa6\xbb\x82\xc3\x82\x97\xff\xe7\x19\x13\xed\x33\x52\xa6\xb9\x5d\xa9\xb3\x34\xb4\x8d\x47\x7d\x31\xd9\xb4\xfa\x60\x80\xac\x16\x04\xca\x49\x81\xdb\x19\xc0\xca\xda\x1c\xaa\x00\x91\xe3\x3a\x7c\xcc\xbb\x36\x1f\x97\x35\xad\x15\x7d\xba\xfc\x82\xb0\xe6\xd3\x74\xba\x0b\x0b\xe0\x21\x09\x83\x1d\xcd\x40\xf1\x96\xd0\x0f\xf9\xd8\x31\xa9\x84\xe6\x26\x0f\x53\xfe\xf6\x7e\xfd\xd3\xaf\x84\xd3\xbf\x05\xfc\x1e\x89\x57\x85\xec\x27\xef\xa3\xa0\x99\x73\xc5\xf0\x09\x8a\x03\xe0\xf5\xe2\x14\x9c\x1e\xa1\x38\xb8\x7e\xfb\xb3\xbc\x94\xb8\x77\x99\x67\x2f\x6b\xdc\x02\x82\x70\x7b\xe0\x14\x23\xc4\xb9\x32\x08\xa4\x8e\x8a\xae\x16\x9c\x89\xc4\xa7\xa8\xb8\x6d\xf8\xd1\x3d\x07\x54\x1b\x31\xdb\x36\x5b\x4f\xf8\x9a\x8e\x8b\x25\x7b\xd8\x9d\xe0\x95\x79\x7c\x18\x6c\x2b\xef\xaf\xbd\xf7\x4a\x0b\x89\xc5\xc1\x26\x15\x87\x88\xc4\xb2\x89\x3a\x33\x10\x82\x2a\xaa\x03\x49\xcf\x38\x1a\xf0\x32\x02\x49\xf9\xa3\x41\x19\x88\xff\xf8\xe9\xb4\x6f\x98\xa5\xc0\x4a\xe9\x08\x04\x70\x0c\xe9\x4b\x6c\x78\x31\xab\x03\x61\x80\xe4\x80\x58\x98\xb1\x8e\x67\x2f\x83\x21\x09\x51\xf2\x68\xcc\x2f\x2f\x74\x7e\x2e\xbd\x3e\x11\x9e\xa2\x52\x7d\x23\x3d\xc2\x17\x40\x38\x30\x02\x82\x7e\x51\xdf\xe4\x08\xd7\xb9\xc4\x4a\x91\x22\xaa\x01\x0e\x42\xa9\x38\xc6\x2f\x6c\x81\x38\x48\x7e\x82\x29\xeb\xd3\x4f\x97\x62\xf4\xcd\x19\xf7\xde\x35\x71\x45\x32\x61\xbc\x6f\xf3\x8a\xb6\xcd\x18\x51\xd9\x62\xe7\x3e\x44\x8e\x2d\xf3\x65\xf3\xbc\x54\xb8\x90\xf8\xe6\x32\xbb\x1a\xcd\xaf\x57\xa7\x34\xe9\xeb\x77\x53\x46\xc9\x83\x14\xbd\x9b\x06\x64\x4b\x2c\x5e\x96\x16\x2d\x79\xcd\x06\xcb\x0b\x40\xb4\x06\x74\x91\xd9\xc5\x46\xa7\xdc\x66\x97\x9b\x27\x11\x48\x02\x63\x18\xcd\x75\x27\xe5\xa6\xe2\xe2\xc3\xfe\x3c\x94\xd8\xf8\xc1\xcf\x59\x2a\xd5\xa5\x2e\x94\x5c\xf0\x97\x7e\x92\x9d\x08\x8b\xea\x78\xf1\x8e\x34\x8e\x1d\x89\x7f\xe6\xaf\xe2\xd3\x22\xa5\x90\x74\x86\x57\xb4\xa7\xda\x3e\x15\xa2\x3f\xd5\x2f\xad\xe1\xaa\x4e\x2b\x0a\x6d\x92\x47\x9d\xd0\x0f\xc4\x27\xb6\x68\xe0\x7b\x84\x6e\x7e\xc7\xbc\xf7\x26\x09\xa6\x8b\x83\x92\x18\x28\xc3\x58\x02\x33\xe4\x7b\xb2\x3c\x98\xce\x8a\x1d\x85\xb2\x24\xe9\xc7\xbf\xb8\x8a\x6e\xca\x94\xcb\xfa\xc6\x8b\xd3\x9d\x27\x29\x8f\x07\xa8\xee\x0b\x84\xac\xfe\xf2\x4d\x7b\x94\xbf\x3e\xa9\x78\x8d\xda\xef\x31\x4e\x9f\x36\x9f\x90\xc9\x3b\xfb\x2b\x41\x9f\x8d\xea\x94\x6f\x26\xf4\x8e\x73\xe2\x58\xad\xcc\x29\xe1\x92\xfe\x9d\xf2\xd6\xc7\x1a\xed\xa5\xae\x0b\xd5\x70\xbd\xdb\xdb\x99\x70\xfb\x43\x9a\x36\x71\x5f\xd2\x7c\xc4\x4f\xf2\x52\x07\x97\x28\xcc\x69\x51\xcb\x61\xcf\xd4\x03\x68\x15\x8c\x2a\xaf\x28\x43\x46\xdf\x9a\x95\xea\xc7\x0e\x13\xbf\x40\xbb\x26\x3d\xbf\xe2\xf0\xcc\x29\x83\x10\xb1\xbc\xaa\x9f\x3c\x31\xf5\x08\x42\xa1\xfc\x9a\x0c\x77\x47\x21\x7c\x64\x65\x3b\xf8\x0c\x80\xde\x71\x6e\xc9\x13\x57\x5a\x37\xc3\x30\x1c\xc3\xb8\xbe\xc3\x06\xdc\xbc\xa9\x90\xc1\x10\xdd\x43\x53\x87\x97\x41\xc0\xc5\x01\x95\xe5\xa2\xb3\xc2\xab\xac\x67\x8e\xbc\xaf\x31\x15\xd0\x86\x60\x75\x42\x48\x65\xce\xe6\x73\xc3\x45\x14\x30\x6e\x61\xf1\x0d\xf5\xd2\xfa\x36\xbc\xc4\x57\x65\x67\x24\xd1\xce\xc5\x37\x37\x46\xe6\x67\x7d\x0f\xbe\xa1\x57\xd5\x05\x83\x21\xaa\x26\xbc\xb3\xd7\xd6\xd6\x40\x95\x09\x8d\x5d\x71\x5d\xd3\x37\x70\x2d\x11\xb9\x74\xef\x3c\xa1\xf6\x4c\xe0\x85\xf0\x95\x1e\xe7\xa7\x4c\x95\x99\x9a\xa5\x9e\xc2\x79\x53\x86\x60\xb1\x29\xa3\x4c\x89\x6b\xc1\x7a\xeb\xfc\xbc\xba\x5b\x6a\xad\x44\x62\x8c\x00\x59\x9e\x44\xc1\xd6\x77\x02\x75\x47\x3b\xb4\x78\xf5\x23\x5b\x01\x43\x58\x24\x31\x9d\xb1\x3b\x50\xe3\xe2\x6d\xc8\xa8\xeb\xf0\x55\x4b\xb3\xdd\x56\xf2\x5c\x5a\x24\x5b\xf3\x5b\x12\x1e\x28\xc0\xbd\xc8\xcd\x81\x6b\xd4\x0a\xb5\xcc\x05\x37\x41\x8d\x2f\xff\x9b\x67\x5d\x33\x0d\xc2\xb3\x7b\x2d\x4e\x65\x30\x03\x3e\x6a\xe9\xa0\xd9\x01\x02\x00\x56\xce\xed\x2b\x34\x8e\xef\x82\xa8\xd1\xc5\x08\x5f\x13\xe6\xaa\xb5\x8c\xc0\x94\x83\x92\x86\x72\xf7\xdc\xb7\x6e\x1c\xb9\xce\x2b\x3d\x11\x0e\x4b\xf5\xcb\xdb\xf9\xd5\x3b\x6b\xf8\xf0\xbf\x41\xbb\x02\x3e\x69\x63\xb1\x01\x8f\xe3\x1d\x1d\xdd\xb5\x36\xd5\x15\x68\x0b\x44\xc5\x4e\x2d\xc9\x79\x1b\x08\xfc\x3d\x2e\x8f\x00\x09\x1a\x20\x6e\x3d\x2d\xdd\xce\x41\x0c\xaa\x52\xe2\x23\xf4\x15\x44\xa3\x33\x10\x56\x83\x0d\x06\xfc\x2d\x20\x14\x85\xa1\xed\xac\x23\x93\x09\xde\x8c\x68\x43\xfa\x6f\x19\x0c\x0a\x52\xde\x7c\x52\x91\xec\xb8\xef\x84\xe4\x48\xbe\xf2\xc3\x39\x10\x15\x37\x3f\xa7\xf6\x29\xa8\xd1\x9b\x7e\x99\x69\x76\x75\x6d\xeb\xb8\xe9\xf5\xaf\xf5\xfa\x99\x84\xef\x7c\x73\xff\x65\x37\xf7\xf7\x4d\xd2\xb6\xa6\xbd\xf2\xc3\xd7\xc4\x87\xe9\x4a\x46\x4f\x41\x8f\xff\x38\x50\xd5\xd6\xf7\x62\x99\xc1\xf0\x7c\x9c\x02\x4b\x8a\x48\x01\xcd\x99\x91\x48\xc3\xdf\x25\xf4\xb7\x22\xeb\x73\xbe\x0b\xe0\xc2\x8f\xbe\x85\xaa\x88\x13\x7f\x72\x8b\x62\x7b\xbf\x13\x50\x83\x09\xc4\x27\xa2\xcf\xa8\xaa\xf4\x1f\xd5\xcc\x49\xc1\xf5\xb9\xaf\x55\x7d\x84\xca\x1d\xaa\x7f\xfa\xf7\xb3\xae\xd6\x94\xbf\xa3\xa4\x69\x6a\x10\xf6\x69\xf1\x89\x4a\x99\x3a\x66\xec\x6e\x93\xb9\xb8\x7e\x56\x8d\x8e\x7e\x5e\x0c\x85\x31\x91\x2c\x4e\xd0\xfc\x72\x24\x38\xa8\x0b\xa4\x4c\x99\x47\x8e\x60\xb3\x7e\xa5\x35\x73\xdf\x52\x1e\x27\x92\xc5\xb9\x2e\xc7\xab\x44\x43\x94\xa7\xf4\x58\xae\x47\xbf\xfe\xb1\x0b\x1a\x04\xc8\x02\xd4\x86\xef\x01\x37\x7c\x0f\x47\xdf\xe2\x7e\x6d\xbc\xab\x18\x95\x19\xe3\x27\x3c\xba\xab\x7a\x18\x64\x42\x85\x5c\x14\x17\xaa\x72\xf5\xfc\xe3\x11\x5e\x64\xaf\x8a\x5f\xab\x49\x29\xd1\x83\x6c\xfc\xca\xec\x6a\x3b\x5e\xad\xf0\x2b\xd4\x6a\xe2\xc1\x3a\x97\x4f\xb2\x37\x25\xbe\x88\x02\x38\x0c\x92\x2d\x3e\x84\xb9\xcf\x1d\x21\x2a\x4e\x14\xed\x7d\xc1\x95\xbc\x47\xb9\x2a\x68\xc5\x69\x00\x82\x33\x63\x3d\xd7\x75\xdf\x56\x96\x9b\x57\x75\xdf\xd4\x77\xdf\x04\xec\x52\x55\x6e\x27\x50\x85\x96\xe5\x67\x4f\x5d\x30\xc9\x6a\xc2\x74\x7d\xb7\x73\x8a\x36\x5e\xd5\xb6\x67\x83\xc0\x65\x6c\x48\x1e\x2d\x69\xdc\xfc\xbf\xf4\x3f\x2c\x69\xd8\xe6\xc1\x80\x97\x3e\x8c\x33\x71\x1e\xd2\x23\x6c\x4e\x66\x8a\x5b\xbc\x8d\x78\xc6\x24\x75\x9e\x0d\xec\x58\x45\xb1\xb6\x1f\x88\x41\xf0\xaf\x96\x9a\xf9\xb1\x43\x78\x6c\xc4\x5a\x4c\x1b\x4e\x7a\x09\x45\xc6\x67\x04\xc9\x83\x9d\x1f\x9a\x0b\xd1\x95\xd9\xfd\xbb\xd6\xfa\xc5\x26\x55\x69\xc8\x72\xf5\xe9\xa0\x82\x3d\x5e\x86\x05\x57\xd7\x3f\xce\x5e\xc7\x52\x0b\xe1\x73\x9b\x89\xdb\xa5\x54\xb3\xe8\x71\xb5\x04\x2b\x98\xc8\xaf\x79\x6d\xe7\x75\x9d\x57\x81\x69\xfa\xd2\xa2\xa7\x89\x96\x80\x18\xfe\xbb\xbd\x74\xdf\xd2\x11\x6d\x37\x0e\x49\x84\xbb\xcc\x8e\x90\x48\xfe\x80\xb8\x8b\xfb\xb4\xfe\x68\x4d\x1d\xec\x24\xf1\x5d\x8b\xf3\xa5\xfd\x8d\x45\x3c\x09\x70\x0c\x17\x19\x3e\x61\xa3\xd1\x30\x4b\xef\x77\x6b\x41\x9b\x1d\xeb\xe2\x91\x13\x0c\xc9\xac\xfe\x77\xbc\xf8\xa2\xba\xc2\xd1\x42\xdb\xbf\x1e\x59\x18\x50\x99\xb2\xb5\x16\x4a\x79\x46\x76\x49\xf2\x68\x02\xe5\xa3\x46\x2b\x19\xa0\xb7\xdf\x41\x13\x97\x47\x97\x60\x39\x4f\xcc\xfa\xe7\x74\xf1\xf8\xf2\xd7\x43\x2b\xae\xd1\x0b\xa6\x62\x18\x13\xd3\x72\x5c\x55\x8f\xe4\xaa\x42\x57\xba\x7a\xf1\x1c\x83\x0d\x4f\x48\x0d\xe9\x08\xd1\xea\x03\x24\x74\xde\x7b\x61\x1f\x0d\x82\xce\x79\x6f\x79\x74\xaf\x27\xc2\xd7\x9e\x62\x84\x3e\x2e\x24\x4b\x02\x3f\x10\x1c\x2d\x19\xe8\x7c\x52\x5f\xa9\xf8\xbc\x58\x9c\xad\x46\xb8\xc0\x2e\xa1\x01\x94\x9c\x3e\xde\x1c\x16\xb7\x03\x1f\x68\x27\x27\x13\x8d\x66\x5d\xe6\xed\x5b\xc7\x8b\xb3\xe3\xe9\x1c\x7e\xc6\xe4\xcc\x78\xe0\xa6\x4a\x4b\xab\x2b\xe9\xd1\xb7\x9b\x44\xc5\x8b\x8a\x44\x38\x8c\x9c\xbe\x0d\x28\x6b\x8d\xaa\xec\xb7\x6a\x6d\xfb\xeb\x7e\x88\x51\x3e\xda\x43\xd2\x2f\x39\x80\xd1\x21\x7d\xdf\x47\x07\x90\xda\x40\xfa\x97\xff\x8b\x24\x9d\x2c\xaf\xd1\x9c\xba\x65\x4d\xc7\xf5\x01\x1b\xc3\x0b\xe1\x3d\x13\x1f\xdf\xa7\xcb\x64\xf5\x07\xc5\x7b\xc1\x0b\x95\xbb\x87\x4e\x8c\x1a\x88\x3e\x20\xcf\x24\xe7\xcf\x6d\x5c\x19\x62\xd4\x58\x51\x3e\x75\x1c\x8a\x2c\x02\xeb\xf4\x69\x81\x0c\xe6\x9b\x72\x22\x2b\xf3\xdf\x38\xe3\x1f\x69\xda\x58\x6e\xcc\x28\xa5\x2e\x43\x7e\x45\x38\x66\x59\x32\x48\xc2\x2d\xba\x1e\x60\xfc\x1a\xbc\x9b\xeb\xe1\x35\x5e\xfc\xf0\x11\x8e\x6e\x88\x8e\x1f\x08\x8f\xee\xf9\x9f\xf9\xe1\x2d\x92\x16\x40\x17\xef\xfe\xe8\x29\x67\x1d\xc2\xf0\x61\x78\x39\x6c\x77\xaf\x50\x59\xe8\x5b\x83\x44\x7f\x46\x19\xa9\x17\x25\xcb\x04\x6c\x4f\x2f\xa9\xdb\x3b\x3c\x4e\x88\x16\x45\x58\x6d\x34\x54\xd1\x92\x9e\xcd\x73\xda\x6d\x6d\x1d\x5a\x08\x7b\x39\xac\x7b\x3e\x6a\x20\x5d\x0b\xe5\x91\xf3\xfa\x83\xe1\xf5\x58\xb9\x69\x2d\xb6\x12\x87\x95\x8d\x21\x3e\x25\x21\x5b\x63\xa6\xb6\x22\x6b\x71\x4d\x44\x22\x39\xe7\xad\x01\x5a\xb8\xc1\xd0\xef\x8a\xa2\x8d\xa4\x5b\x34\xb0\x1f\x3c\x27\xd7\xf8\x18\xc9\x03\x21\xb0\xb8\x02\xc0\xaa\x9a\x8b\xf4\x8c\x26\x1d\xb7\xc4\x27\x54\x08\xae\x99\x4b\xb9\x25\xce\xed\xc4\x42\xbc\xcf\xf4\xd7\x9f\x65\x94\x00\x2c\xb1\x7d\xf5\xf0\x86\x0c\x9e\x02\xe5\x27\x99\x7c\x6b\x83\x57\x04\x25\x8b\x97\x55\xdd\xa4\x42\x43\xb4\x5c\x08\xb7\x5f\xd2\x38\x14\x9b\x34\x1c\xf0\x50\x7b\x4a\x75\x4d\xfb\x85\xd4\x5e\x91\xbd\xd3\xaf\x8a\x13\xca\x9f\xe2\xf8\xcf\xb2\x18\x5f\xfe\x19\xe1\x56\x9c\x64\xd9\xf5\x8a\x71\x86\x9f\x14\x08\x47\x88\x96\x27\x2f\x60\xaa\xd8\x22\x38\xcd\xd5\x76\x6c\x94\x57\x74\xa1\x84\x11\x7e\x5e\xb2\x23\xb4\x02\x50\x40\x45\x9f\x7c\x1e\x89\x50\x20\x3a\xbe\x0f\x74\x53\x87\xd3\xee\x8e\x20\xd9\x15\xd6\xab\x5a\x63\x31\x9d\xe9\x73\x6e\x4a\x7e\x34\xd9\x9d\xe5\x41\xf6\x9d\x5b\x6f\xe8\xe8\xee\x90\x61\x95\x4c\xa0\xe4\x81\x4a\x5d\x73\x5c\xc9\x48\x4a\x6f\x7d\xee\xab\x5a\xff\x2c\xf9\x3a\xef\xd9\xd7\x44\x13\x84\x95\xe1\x08\xe1\x23\x06\x66\x28\x27\x69\x54\x1a\x71\x60\x3a\x10\x2d\xa3\x51\x63\xfc\xf4\xee\x66\xd3\xe7\xda\x18\x17\x3b\xff\x34\x1e\xa2\x35\x77\x1e\x82\x9e\xab\x77\x6d\x83\x11\xba\xec\xfa\xdd\xe2\xfa\xc5\x75\xe3\x29\x96\x9e\x76\x1f\xab\x0a\x9d\x35\xaa\xfa\xe3\xfb\xcc\x39\xd0\x15\xdd\x49\x21\xc3\x01\xd9\x3b\xe0\x26\xa0\x1f\x74\x43\xbe\xd9\xe0\x8d\x11\x8d\x6d\xcb\xf4\x60\xc3\x8a\x78\x12\x8b\xeb\x26\x62\x0d\xd9\x23\xe1\x13\xf1\x14\x88\xa0\xda\x98\x96\x55\xd3\x55\xf7\x4d\x79\x37\x9a\xa0\x41\xbd\x34\xf4\xcf\x86\x12\xab\x0c\xa0\xc9\xa0\x40\xe6\xca\x92\x1d\x25\x68\x73\xf2\xb6\x68\x47\x19\x2c\x01\xd5\x16\x5b\xd5\x69\xc3\x30\x5d\x36\xa4\xaf\xec\xa6\x8e\x08\x60\xfb\x3e\x2c\x14\x04\xdb\x8c\x36\xee\x15\x24\x1d\xe4\x4b\x0e\x7e\x9a\xef\xda\x4f\xa6\x9a\x8b\x5e\x04\x4d\xd6\x21\x04\xc1\x0b\xfe\x13\xe4\xc3\x2e\xca\x25\xca\x03\xd1\xc9\x8a\x13\xcd\x70\x1c\x03\x57\x0d\x7f\xe9\x3f\xa0\xef\x4b\x2e\x31\xbd\x9e\xc8\x8e\x91\x64\xfb\x4b\x20\xf2\x4c\x7c\x82\x17\xaf\xaa\xe6\x4e\x46\x37\xb0\xe6\x5b\xdc\x7f\x0d\xf3\x9b\xac\x0b\xa1\x2a\xeb\x4b\x91\xa7\xfe\x29\x17\xc9\xc3\x3a\x90\x52\x0d\xd5\x9b\xbe\x96\x85\xe8\x91\x1d\x08\x69\xa2\xc1\x9d\x1e\xe7\x29\x7b\xc8\x14\x00\xde\x84\x93\x80\xde\x62\xa7\xd1\xc5\x30\x2e\x24\x66\xdc\x0b\xfc\xf7\x66\x06\x01\x5c\x73\x66\x8c\xf8\x0e\x2f\x2f\x61\x26\xc4\x1f\x9f\xca\xfc\x83\x11\xc5\x65\xcf\xbc\x5b\x39\x3e\xc4\xb2\x76\x2e\x6b\x08\x7a\xb9\xb8\x41\xc7\x46\x53\x3b\xc2\x63\x7e\xf9\x31\xbc\x67\x04\x85\xc8\x71\x65\x1b\x4c\x90\xce\x50\x58\x1d\x96\x4d\xc7\x84\x6e\xf0\xce\x7e\x75\xf6\xa3\xd9\x8f\xa8\x48\xa0\xeb\x11\x0d\x26\x3b\x0a\x2f\x4e\xaa\x41\x50\x3c\xe4\xea\x59\x95\xe9\x07\xcc\xaf\xe8\x9a\xde\x52\x9f\xf4\xed\x16\xc7\x64\x4d\xc9\x63\x44\x03\xf8\x90\x71\x04\x76\x85\x05\x95\x1f\x10\x8c\xe8\x12\xb4\xe3\x3c\x5c\x87\xfc\x4b\xf5\x5f\x3e\xae\xeb\xb9\xa1\x76\x89\x57\x15\x49\x8d\x39\x36\x99\xd1\x75\x4e\xa6\xd0\x39\x2b\xf7\xa6\x9c\x8f\x1a\x68\x35\x50\x4d\xf4\x97\x35\x7e\x4d\xf1\xb5\x14\x38\x01\x18\x95\x11\x40\xb5\x7f\xa9\x98\xd9\x1f\xa1\xe1\x80\x55\x47\xce\x9e\x49\x93\xb7\xc0\xf9\xb9\xc5\x77\x41\x96\x53\x3b\x76\x31\xab\x2a\xb8\x15\x6e\x30\x2d\x3b\x7e\x22\x38\x1d\x4c\x80\x55\x8b\x66\x4c\xee\x9a\x93\xb7\x1c\x28\xd9\xf3\x16\x30\x57\x0a\x7d\x0d\x00\x0a\x80\x1c\x19\x1c\x08\x99\x78\x38\x45\x14\x27\xea\x86\x70\xc8\x27\xc1\x87\xd3\xc0\xe5\xdd\xe0\x6c\xfe\x9a\x1b\xe8\x66\xc2\x5a\x74\x45\xb3\x67\xa4\xb2\x8e\xf2\x8a\xe2\x38\x66\x1b\xca\x50\x3c\xe1\xcb\xf7\x28\xc8\x3c\xe1\xd6\xed\x5d\xe0\xda\x79\x55\xb1\x37\xd5\xe5\x0f\x1e\x79\xcb\xa7\x05\x8e\xe0\x97\x0b\xbd\x10\xd2\x42\x01\x4d\xec\x0e\x73\xc6\x8c\x11\x74\x2e\x01\xca\x9a\x27\x3d\xc2\x2d\xd9\x91\x40\xf9\x43\xd3\x30\x81\x15\xd7\xbf\x7e\x88\xfa\x47\x58\xee\xd4\x78\xbe\x92\x47\xec\x73\xe0\xd8\x04\xfa\x40\x7e\x46\xc9\x9f\x86\x66\xc3\xa5\x13\xeb\xba\xce\x43\xfb\x24\xde\x50\x97\xd2\x71\xac\x48\x96\x1d\x03\xf0\xa5\xac\xad\x73\xe6\x7b\xf7\x16\x47\x9f\x58\x35\x1b\x54\x75\xf1\x98\x3d\x1c\x59\x09\x5e\xa6\xec\xa5\xc8\xd1\xd9\xd4\x01\xa0\xd9\x51\x87\xa5\xe5\x97\xb2\x0e\xc8\x4f\xa9\xc3\xd9\x21\xb3\x50\x21\x7d\xd9\x35\xa0\xda\xd0\x22\x0b\x11\xb0\xaa\xa2\xa8\x91\x06\x53\x40\x8b\x2d\x00\x70\x79\xca\x4b\xb6\xd1\x3e\xc1\x1a\x2e\x33\x98\xd8\xc4\xe1\x09\x56\xc7\x96\x5d\x8f\x3e\x2a\xd4\xa4\x5b\x0d\x61\x5e\x1b\x49\xaf\xe4\x82\x4c\xde\x72\xd6\x2f\xb8\xbe\xdf\x42\x81\x3b\x2a\xc8\x55\x6e\x0b\x87\x96\xc2\x1a\x16\x4a\x31\x0d\xd9\xdb\x9b\x4f\xca\x4e\x64\xd6\x6c\x0d\x93\x98\xb2\xd2\x01\x90\x05\x8c\xc0\xb1\x07\xca\x63\x83\x3b\xcd\x7b\x75\x18\x4a\x53\xb4\xe6\xde\x3b\x69\x7e\x07\x59\x7e\x47\x26\xc1\x47\xea\x29\x2d\x20\x04\x67\x36\x92\xdc\xf8\x55\x0f\x55\xc9\xcf\x06\x93\xf2\x93\x87\xca\x13\xfe\x88\x49\x09\x8d\x2e\x47\x00\x06\x3c\x12\x8a\x5a\xf8\x31\xd7\x65\xfe\x81\x88\x52\x61\x80\x1f\x14\x8e\xcb\x9a\x1d\xc8\x56\x6c\x68\x9a\x18\xd2\x9d\xcb\xed\x95\x6b\x9a\x3b\xaf\xe5\x45\xee\x48\x7c\x4d\x1f\x61\x76\xf3\x01\x7a\xa9\x73\xcc\x22\x5c\x45\x4a\x7e\x86\xd4\x54\x53\x86\x91\x6b\x38\x05\xfe\x59\x33\xfe\x9b\x73\x0e\x11\xf2\x71\x42\x01\xec\x33\xe6\x10\x07\xba\xe6\x07\x5e\x20\xa8\x98\x92\x42\x65\x43\x3e\x23\x7a\x97\x22\xc7\x96\xdf\x87\xf6\x5f\x05\xa9\xfe\xfd\xf9\xc7\x34\x82\xce\xd4\xbc\x77\x9e\xa1\x35\x0f\xa2\x2d\x17\xea\x2c\x57\x87\x8d\x32\x38\xa0\xe3\xb0\xa6\x0f\x7b\xb2\x69\xef\xfe\x64\x7a\xcc\x8c\x91\x8f\xec\xcc\xb1\xc4\x67\x78\x9f\xb4\x30\xff\xbc\xc9\x73\x9a\xec\x63\x96\x50\x25\x4f\x11\x48\x7d\xb3\x32\x11\x27\x9c\x1d\x78\x7c\x46\xad\xf6\xe9\x7e\x4e\x40\x86\xe7\x5b\x32\x8f\xf5\xbc\x70\xd0\xc0\x97\x5d\x00\x68\xcd\x50\x69\x42\xe6\xfa\xaf\x39\x64\xa6\xec\xf0\x8e\xc0\x63\x8a\x18\x5d\x8a\x0c\x03\x92\x39\x8b\x0f\x2b\x3c\xc3\xfb\xb0\x91\xf4\x7f\x3c\xa6\xb8\x95\xfc\x50\x21\xd8\xa2\xaf\x4b\x95\xbe\xf1\xc0\x3b\x7a\xa5\xc6\xf8\xe2\x59\x5c\x20\x24\xb0\x07\x48\xa4\x02\x7c\x2b\xdf\xb4\x1c\xc1\x1f\xfd\x92\x6a\x8b\x74\x35\x0e\x10\x1e\x30\x5c\xda\x97\x67\x25\x57\xcf\xbb\xc2\x95\x0b\x59\x2e\x06\x0d\x50\x60\x84\xda\x5f\xe4\x3c\x44\x69\xc9\x54\x45\x00\xf9\x71\xcb\x70\x58\x8f\x30\x41\x97\x04\xd2\x81\x5e\x62\xd0\xb9\x89\x51\x95\x74\xc1\x9c\x9f\xec\x1b\x07\xe9\x7c\x8e\x1a\x9f\x0d\x19\x52\xe7\x3e\x3a\xcf\xd4\xda\xcf\x02\xbf\x29\x41\x9c\x3e\xf9\x23\x14\x29\x1c\x97\xb4\x04\xcb\x2b\x3a\xa3\x49\x7c\x6c\x5f\xe0\x50\x81\xf7\x1f\x83\x7f\x30\x40\xe1\x90\xa3\x4b\x80\xd7\x0a\x6e\xd3\x7b\xa8\x9b\xdc\xe0\x82\x3d\x3e\x5c\x56\x71\x2f\x46\xf4\xbf\x79\xb4\x85\xc8\xbe\x85\xf0\xee\x09\xb0\xd1\x16\xc5\x15\x0d\x78\x99\xf6\x8b\x1a\x8f\x4a\x1b\xf7\x4a\x6b\xf7\x0a\x57\x0e\x73\xca\xfb\x45\xfa\xa7\x29\x93\xc7\x3e\xbf\x61\x5e\x1a\x4a\x57\x4c\x59\x7c\x69\x02\x2f\x5a\x46\xdf\xe8\x12\x8d\x0a\x3a\x4c\x8d\xc4\x2b\x63\xa7\x46\xb7\x7e\xb3\x4c\xd0\x07\x55\x77\x5e\x8d\x2e\xfe\x77\x00\x5a\x66\xb8\x73\xef\xe3\xbc\xfc\xe7\xbb\x1d\xa8\x90\x6d\xd8\xf0\xbc\x7f\x5b\x35\xe0\x22\x15\xed\xd5\x6a\xc0\xaa\x1c\xa6\xe0\x5f\x8b\xaa\xbf\x4f\x11\xb5\x54\xf4\xa7\x52\x2d\x76\x2a\x6d\xef\xd7\xbd\xb0\x44\x3d\x5e\x66\x23\x2e\x79\x53\x62\x56\xfe\x5f\x8e\x88\xa3\x85\x3f\x48\x13\x0d\x49\xf1\x55\xaa\x90\x24\x6c\x5f\x66\xff\x38\x81\xe9\xd1\xb1\xa5\x46\x4f\xd9\x66\x0b\x8d\xf7\x9d\x06\x7b\x0b\x85\x52\xbc\x1c\x82\x70\x58\x55\x64\x7d\xba\x38\x14\x1f\xd2\xb4\x95\xb2\x27\x61\x73\xba\x88\xcf\xa4\xc8\x82\xd6\x90\x39\xb7\x26\xea\x8f\x64\x92\x3d\x95\xbc\xe0\xdc\x54\xe0\x5f\x03\xde\x85\x06\xea\x3a\x49\xa5\x66\x4d\xa5\x65\x4f\x23\x13\xcd\x0a\x9a\x70\xd3\x71\x59\x89\x92\x0c\x67\xb2\xc1\x0e\xa1\xf1\x7d\xd1\x74\x7a\x1c\x70\xa8\x6f\x9f\x88\x41\x09\xc3\x61\x59\x9d\x69\x10\x93\xd0\x9f\xf8\x14\xf8\xc2\xab\xb8\xd6\x23\xbc\x40\x6b\x28\x23\xbb\xb4\x3a\x99\x21\xe5\x37\x1f\x16\x9c\xc0\x40\x8a\xb7\xc0\x30\x73\x8b\x90\xe0\xc6\x65\x8a\x17\x4b\xb8\x67\x51\x55\xcd\x54\x55\x91\x63\x4a\x29\x90\x6e\xa2\x0d\xc6\x1a\xd1\x62\xd1\x1c\xa8\xac\xf9\x6b\x34\x81\x0f\x63\xab\x23\x01\xef\xbb\x4b\x0f\xfe\x33\x5e\x74\x15\x11\x65\xd3\xfd\x3b\x14\x20\x45\xfe\x7d\xcf\xe9\xd8\xf4\x5c\xbd\xb6\x89\xef\xc3\x86\xe7\x3f\xfe\x2f\x60\x6c\xce\x5a\x80\x6b\x56\x59\x9b\xc6\xe9\x0a\x5c\x61\xe1\xb7\x0e\xa4\xf4\x42\x97\xf6\x52\x97\x46\x50\xf3\xf6\xd6\x8b\xea\x48\x41\x2b\x2c\xc2\x6f\x11\x7f\x81\xd8\xd8\xa1\xf8\xaf\xea\xcb\x9e\xf0\x3f\xc7\x13\x06\x43\x02\x54\x1e\xa8\x1b\x16\xdf\xe7\xdd\x42\x00\xe0\x02\x92\x20\xe1\x65\x9a\x7c\x8c\x6d\xb4\x11\x85\x21\x71\x8d\x67\x57\x15\xcb\xa8\x8d\x8f\x18\x1d\x73\x1b\xbc\x73\x2d\xc6\xb8\xc5\xbb\x24\xf3\xcd\x8c\x40\x87\x66\x43\x06\x1f\xf9\x7f\x8f\xdf\xf8\xbf\x21\x09\x03\xd1\xc9\xfd\xcb\xcb\x90\xb3\x0f\x8a\x30\xf8\x35\xaa\x7b\x6e\x04\x25\x04\xa2\x93\xd0\x9f\x75\x16\x7f\xe3\xab\x7c\xd7\x74\x63\xbe\x41\x84\xcd\x66\xa0\xef\x85\x57\x16\xd1\x2a\xf1\x51\x44\x22\xea\x58\x5d\x9f\x7f\xb3\x45\xd2\x40\x65\x4d\x71\xa1\x8f\xdc\x8b\x94\xe6\xe8\xda\x21\x7e\x0e\x2c\x62\xbe\x94\x27\x3d\xbf\x9a\xa4\x7d\x1a\x4e\xc2\x65\x4b\x81\xa8\x0f\x5e\xc8\xe6\xb8\x44\x9f\xf8\xce\x7d\x71\x8b\xb8\x62\x47\xf8\x2d\x92\x8c\x20\x9c\xe3\xfe\x5c\xf2\x63\xab\x3f\x8f\x3a\xd5\x98\x01\x15\x51\x98\x94\xf7\xa0\x89\x2f\x80\x97\xa5\x2e\xad\x97\x76\x25\x3b\x92\x58\xa1\xd6\xbb\xf2\x5a\x22\x18\xba\x19\x74\xba\x87\x7d\x64\xed\xa5\x5e\x95\xa3\xf3\x9e\xc1\x7d\x0e\x84\xa4\x89\x71\x6c\xc8\x1f\x4e\x92\xcb\x7b\x91\x1b\xaa\x4b\x0d\x38\xe5\x7c\x9b\x1d\x08\x2e\x9e\x3b\x51\x05\xc1\x92\x12\x67\x4c\xf4\xbf\x94\x56\x16\xea\x99\x89\x42\x9f\xe2\x59\x9d\x67\x50\xc3\x4a\x71\x0b\x56\x58\x92\x4d\x66\xfb\xb7\x07\x27\xc9\xcf\x3f\x96\xd8\x81\x97\x40\xf8\x1c\x88\x6a\x4a\xe5\xea\x15\x3e\xb2\x68\x0f\xb1\x70\x59\x89\x93\x24\x29\x1e\x50\xea\xc7\xca\xfc\x59\x26\x69\x82\x1e\x3f\xf8\x0b\xba\xec\xd3\xbf\xef\x29\xf9\x3b\x3c\x64\xb3\xf1\xb5\xa6\x81\xa8\x04\x21\x8b\xb3\x4b\xa2\x1f\x26\x6b\x62\x6c\x19\x5e\xc1\xbc\x57\x89\x08\xb0\xe7\xbe\xd7\x1f\x7c\x0e\xa5\x43\x25\x67\x16\x70\x27\x98\x1d\xf4\x43\x11\xab\x5a\x5e\x1f\x86\xad\x1b\x31\x2e\x7d\x62\xb1\x54\x4e\x14\x26\x4e\xd1\x32\xd0\x2d\xa4\x1b\x7a\x01\x0f\x34\xc3\x8b\x37\xb9\x75\x6f\xff\xfa\xf3\x52\x44\x95\x00\x24\x8e\x23\xce\x84\x92\x84\x88\x46\x2a\x50\x5c\x9b\x9f\x16\x5b\xe9\x2f\x1f\x69\x9a\x60\x7a\x42\xa5\x77\x2f\x36\x9f\xf0\x32\x24\x27\x9a\x86\xfb\x44\x61\x8d\xa8\x79\x69\xfd\xee\x6a\x06\xa2\x9e\x4c\x5f\x9d\x3a\xe8\x42\xb0\x91\xe5\x9d\x3d\x47\x36\xa9\x22\xc1\x90\xf8\xb4\xe5\xd1\xb6\xb9\x15\x4c\xf3\x73\x2e\xbb\x17\xea\x9e\xab\x29\xc3\x7e\x9e\xd8\x75\x55\x67\x97\xe8\xfb\x92\xe5\xee\x99\x2e\x00\xfd\x55\x6c\xee\x6a\xfa\x97\x23\xd6\xf4\x7d\xce\xb3\x4b\x2c\xe1\x54\x5c\x3d\x25\x67\x32\xe2\x00\xad\x3b\x0f\xff\xc3\xc1\xbc\x24\xf5\xd0\x7e\xcd\x1d\xc6\x9d\x38\x14\x31\x49\xf6\x69\x41\x4d\x4e\x2b\x78\xd0\x05\x4d\x66\x02\x63\xc2\xfb\xae\x09\xde\x39\x4f\x94\x6c\x1a\x02\x23\x8f\x72\x5a\x88\xbd\x5b\xe5\x91\xce\x9f\x17\x6f\x8e\x38\x1b\x3e\xfc\x26\x10\xb9\x02\x26\x52\x7d\x77\xc4\x68\x62\xe4\x2f\xa9\x24\x68\x01\x85\x86\xfc\xa7\xf1\xbe\x68\xf9\x02\xb3\x8a\x23\x99\xec\x52\x19\x75\x37\x46\x6a\x6d\x8c\x28\x4e\xb1\x31\xe5\xc5\x43\xf4\xa0\x38\x7e\x2a\x07\x6a\xd6\xeb\x85\x1e\x9c\xd4\xe6\xba\xd3\x92\x86\x93\xf2\xea\xa6\xce\x81\xe7\x14\x7d\xca\xfc\x63\x3a\x89\x1d\xb3\x89\xbc\x5f\x49\xe8\x69\x2e\xf9\xb9\xd0\xb1\xc1\x38\x59\x1c\x22\x92\xab\x6d\x41\xd0\xe7\x02\x03\x66\xed\x18\xe6\x0b\x9e\xa8\xf7\xfc\xe6\x5f\xcd\x23\x64\x39\xab\x98\x7c\x9f\xbc\x5f\x89\x4b\x1a\x6e\x17\x42\xb2\xd3\x80\x51\x26\xc7\x45\xc2\xfe\x9c\xd5\xd7\xdc\x7f\xa2\xdb\x35\x95\x4e\x97\x57\xe8\x60\xd2\x19\x0d\xf8\x9f\x58\xa4\xad\x59\x81\x1b\x46\x85\x86\xe9\xd5\x38\xef\x7d\x18\xa2\x34\x31\x0c\xa8\x74\x3b\x6d\x40\x4d\x01\x7d\x62\x48\xc3\x0b\x18\x9d\x83\xee\xa4\xb9\x72\xc3\xa2\x7f\x3e\x6c\x45\xda\xae\xea\x3b\xa2\xfc\x46\xa3\xf5\x65\x03\x5e\x2d\x0d\xe7\x13\x4c\x57\x51\x82\xed\xf0\x1d\x08\x33\x7e\x1e\xa8\x50\x5e\xa7\xdb\x0b\xc1\xf2\x92\xe4\x13\x1d\xbb\xea\x1e\x03\xa0\x9b\x36\xcc\x3d\xaf\x70\xab\xf2\xca\x32\xb8\x3b\xf6\x4d\xa1\x6e\x6f\x91\x8d\x83\x24\x47\xd2\x2b\xd2\x60\xf5\xc7\x32\xb5\x74\x38\xe8\x98\x26\xe6\x48\x26\x00\x76\xc7\x02\x08\xd0\xae\x3f\xa8\xef\xa8\x81\x07\x0f\x3e\x36\xff\xda\xc0\xb5\xae\x6b\xbb\x2c\x9d\x9e\x1d\xd9\x6d\x5a\xcf\xd2\x13\xd5\x31\x92\x3c\xdb\x3a\xe8\xbc\x96\x48\x56\x9c\x25\xc7\xb4\xb1\x8e\x50\x67\xe2\xec\x52\xe5\x1f\x63\xd2\xc6\xa3\x34\xd1\x9a\xd3\xc7\x92\x4d\x51\x54\x4f\x8a\x93\x76\x41\x84\x97\x56\xb8\xe4\xce\x9b\x4a\xd0\xc5\xf5\x67\x5d\xb4\xa1\xca\x1b\x9b\xcf\x33\x98\xa0\xbf\xe5\x05\x95\xd6\xd9\x3d\x59\xdb\xda\x9d\xb6\x1c\x24\x08\x6f\xb0\xb4\x56\x6b\xa6\x50\x6b\x23\xcb\x57\x9f\xa4\x11\x2a\x51\xb6\xc7\x16\x41\x45\x5f\xd7\x71\x79\x9c\x06\x76\xf7\x6d\xff\xb8\xb8\xd7\x8c\x7d\x9e\xb6\xfb\x27\x91\x34\x00\x0f\x28\x94\xe1\xb4\x21\x5d\x15\x48\x79\x8c\x5b\x1e\x59\x7a\x3b\xdc\x3e\xc7\x12\xdb\x51\x65\xc8\x83\xab\x21\xc5\xfe\xc5\xc1\x05\xdc\x3d\x4a\x57\xae\x2b\xb1\x83\x95\xd5\x30\x5f\x26\xc7\x94\x31\x52\x09\x01\x94\x4c\x58\x98\x08\x7d\x65\x33\x30\xd9\x0e\x60\x49\x9d\x57\xec\xc8\xd6\x90\x28\x8c\x7d\xf9\xa7\x13\x93\x40\x29\x45\x43\x82\xc6\x20\x3e\x7a\x60\x59\xb2\x11\x11\x7f\xfe\xfa\xfb\x75\xfa\xce\xca\xfc\x1f\x6a\xc0\xba\x67\x0b\x62\x20\x0d\x7f\x5a\x3d\xbf\x89\x4e\x17\x47\x6c\x16\xba\x00\x7e\x37\x01\x15\x51\x40\x96\xe0\x7b\x33\xc4\xc4\x8c\xd1\xfb\xa0\x9d\x79\xc7\xb0\xdd\x55\xb3\x1a\x4b\x14\x1a\x9d\xc1\x5f\xb2\x1f\x92\xc0\xd9\xdf\xb7\x9e\x55\xe6\x2e\xaa\x15\x5a\xf2\x33\x52\xdd\x7a\xfe\xb1\x8b\x0b\x17\xde\x8f\xb0\x78\x67\xc6\xf1\x32\x1a\x3a\xd6\xbb\xe5\xc9\x9a\x60\x73\xea\xc8\x60\x1e\x03\xad\x31\xd5\x6a\xb7\x74\x0c\x58\x3b\xf7\x56\x94\x21\xa9\x36\x02\xb8\x76\x93\x54\xa8\x3b\x75\xd5\xea\x83\xaa\xad\x77\x61\x43\x4b\xd1\x45\x47\x72\x81\x1d\xd0\x19\xca\xf4\x69\xcb\x16\x63\x55\x96\x2b\x2e\x89\x8b\x3d\x22\xb5\xee\x56\x78\xcf\x7c\xc3\x94\x11\x35\xe8\x76\x50\x57\x90\xe4\xac\x46\x27\x86\x72\xfa\xca\xe0\x18\x21\xef\x80\x52\xb9\x6b\xf9\x24\xe0\x9a\x5c\x2c\x8b\xb2\x05\x39\x22\xff\x63\xbe\xc0\xce\x68\x59\x9d\xf0\x84\xb2\x60\x52\xbb\x77\x32\x8a\xa1\xd4\xf0\x35\x43\x5f\x10\xe4\xb8\xe2\xea\x44\x4b\xe3\x5e\xf0\x42\xd4\xf0\xe1\x53\x6a\x38\xa7\xaa\xcb\x44\x03\xb8\x70\x04\x43\x75\x04\xb5\xc9\x8f\x68\x1b\xda\x2f\x5b\x51\x3d\x00\x04\x1e\x52\x4d\xcb\x1d\x04\xab\xe1\xd1\x6c\x9b\x24\x3c\xb2\x80\x27\xbe\xa9\xdc\x1c\x9d\x33\x8e\x31\x49\x61\x75\xae\xce\x59\x10\x35\xba\xba\x7d\xc5\x12\x3d\x70\x08\xf9\x74\x16\xa0\xb9\x47\xef\x6a\x82\x4f\xe4\x8c\x74\x4e\x27\x0e\xbc\xd0\xc4\x44\x66\x97\x3a\x05\x1b\x21\xf2\x38\x75\x98\x2e\xca\xaa\x7e\x0d\xa9\xeb\x1e\x04\xdb\xda\x61\x70\xc2\x6c\xfc\x0a\x00\xb0\xa2\x60\x11\x46\x0f\xdd\x09\x3a\x89\xb0\x74\xfe\x44\x5c\x66\x28\x33\xe6\xd8\x50\x39\x3c\xf1\xf8\xd6\x71\x27\x4b\xd4\x42\x85\xf5\x56\xc5\x23\xc4\x5c\x2e\xee\xb1\xc2\x5c\x6e\xc5\x32\x73\xa4\xe4\x99\xb1\x6f\xac\xe8\xf4\xcf\x48\xc7\xe4\x89\xdd\x5a\xec\xc7\x7a\xd5\x9c\x86\x43\xe3\xf2\x3f\xdf\x01\x82\xb5\x16\xb6\x63\xf5\x87\x7f\xef\xa4\xe2\x91\xa9\x99\xd1\x53\x46\x45\x36\xdd\x75\x59\xd5\x06\x2b\xa7\x5e\x6c\x6c\xc7\x1a\xf9\xd6\x99\x1a\x0a\x97\x9e\x3d\x8e\xf9\x92\xa8\x88\x70\x5e\xf5\x2e\x2f\x6e\x43\x73\xdf\xcb\xc7\x34\xe0\x3d\xc6\xac\xfc\x66\xae\x30\xa7\x1c\x28\x3f\xd2\x46\x73\x9d\x07\xcb\x8f\x80\x0a\x2b\x42\xc9\x60\xa2\x89\x1b\xdf\xe1\x09\x04\x34\xf3\xbd\xf7\x34\xa2\xbd\x4a\x82\x21\x00\xb1\x48\xe9\x2f\xa6\x91\xd4\x10\x38\xd1\x17\x79\x71\x89\x43\x8e\x51\xa8\x96\x48\x43\xb1\xbd\xa6\x76\x4b\x56\x38\x5e\x7e\x66\xb6\x12\xe7\x1e\x8f\xca\x58\x4f\x81\xa9\x7d\x40\x46\x1b\x63\xf6\x5d\xb7\x4c\xea\xf5\xf2\x0b\xfe\x3c\x8a\xe3\xef\x21\x49\xaf\x1f\x72\x33\x8a\x93\x77\x45\x1a\x94\x47\x98\xc1\x30\xf0\x65\xba\x54\x2d\x56\x72\xa6\xb1\xc8\xed\xd7\xc1\x75\x7b\x9d\x31\x77\xf6\xcf\x18\x68\x20\xa2\x09\x93\x87\xd3\x2b\x9a\xcd\xb0\xb4\x98\x10\x67\xbb\x9c\xef\x61\xc0\x2f\x95\xa2\x64\x7f\x53\xb7\x32\x70\xc5\xc7\x0a\x73\xe5\x00\x70\x1f\x81\x22\xbc\x46\x72\x43\x67\x58\x17\x14\xa3\xaa\xaf\x03\xf5\xcb\x0f\x97\x92\x3e\x10\x3d\x1f\x3e\xef\xd4\x94\x2a\xf6\xa6\xe3\x70\x58\x5b\x79\x02\x57\x31\x92\xfc\x8e\x02\x70\x0a\x13\x0f\x84\x0c\x3a\x30\x0f\xd7\x95\x38\xd1\x7d\x3c\x45\xf7\x02\x44\xf8\x1e\xbf\xed\x40\x88\xf7\x62\x04\xe7\xba\x88\xb9\xc9\xe6\x35\x46\x78\x06\x4c\xda\x66\x04\x91\x53\xb9\xf3\x30\x1a\x0a\xd9\x5b\x60\x45\x54\x4c\x1a\xc7\x68\x6f\xa1\x68\x1d\x45\x47\x5e\xf8\xe4\xb9\x5c\x92\x64\x22\x31\xc4\x10\x9e\x6b\x23\xe2\x80\x13\xbf\xac\x38\x61\xf3\x31\xb0\x6f\x02\xf3\x90\x7f\xd8\xea\x92\xe1\x2f\x44\x6f\x4c\x67\x34\x1c\xbc\x10\x02\x2b\x66\x90\xa9\x35\xee\x3e\xf7\x12\xd7\x3d\xd9\xee\xe9\x35\x02\xe7\x81\xea\xc2\x1f\x3b\x67\x12\x40\x91\xbb\x0c\x1e\xc0\x14\x61\x53\xdb\x0f\xe3\xb2\xa6\xd5\x45\x02\x22\x65\x70\x0b\x44\x54\xf0\xca\xb2\x0c\xb8\x56\x94\xc4\x58\x05\xed\xa5\x16\x39\x90\x25\xcf\x63\x5b\x9a\x74\x0e\x75\x27\x40\x52\xc8\xae\x5e\x9a\x9d\x42\xf6\x49\x58\x4c\xc5\xf7\xd5\xb8\xf9\xe2\xf9\x9f\x87\x12\xb9\x0c\x7c\xa0\xb3\x24\x77\x8f\xb1\x45\x6f\x81\x68\xcf\x0f\x24\xa7\x01\x0e\x38\x8f\x02\x71\x5e\xc4\x0a\x37\xaf\x49\x21\x0e\x1e\xa1\xb7\xf4\x98\x8a\xbd\x7b\xd7\x5a\x81\x83\x00\x4e\x08\xba\x6c\x05\x93\x52\x29\x89\x6f\x36\xe1\x3d\xcf\x77\xd7\xb8\xfb\x68\xa5\x5b\x59\x87\x0d\x26\x30\x95\xab\xff\x15\xfc\xb2\xbf\x5c\xe4\x9b\x1b\xe5\x73\x68\x21\xfe\xbc\xe6\xd2\xbf\x45\x79\x29\x3e\xc3\x5a\x91\xbb\xa9\xc1\xbe\x69\x6f\xf3\xeb\xbd\x0f\xbf\x49\x84\x0c\x32\x03\x72\x3b\x79\xd8\x12\xc4\x81\xe8\x3c\xfa\x9c\x7e\x0f\xff\xfc\xc4\xef\x99\xa9\x0c\xfb\xcd\x47\x6a\x7a\x5c\x2c\x57\x2b\xbb\x3e\x18\xc9\xe0\x43\x86\x54\x53\xfe\x54\xa6\x87\xf7\x44\xe0\xd6\xfe\x3c\x4a\x4e\x3c\x3a\xbd\x21\x83\x4d\x7d\xf0\x1a\xe6\x18\xe0\x48\xb9\xf5\x48\xb6\x7c\x0d\x59\x7f\x7f\x9f\x5d\x45\x60\xb4\x0f\xe1\x36\x6d\x30\xa1\x5f\x15\x25\x3a\xb6\xff\xcc\x58\xd6\xa0\x1b\xa5\xb6\xb1\xa7\xf4\x70\x0b\x0c\xd1\x5d\x6a\x5f\xf3\x83\x62\x21\xb2\xbf\x87\xb6\xd4\x36\xfc\x7e\x3c\x70\xb0\x0b\x22\xf3\x0b\x35\x46\x24\xff\x60\x90\x8e\x97\x11\x19\xe8\xb0\xc1\x7b\x12\x60\x8d\x2d\x31\x01\x4e\x96\x19\x23\xe9\xc0\x83\xfe\xf8\x3e\xec\x17\x1f\x78\x5a\x12\xb6\xc4\x1a\x48\x7b\xd2\x1d\xcb\x22\x81\x5b\x12\x68\xa9\xad\xd8\xec\xd9\xf8\x82\x0f\x54\xf0\xfe\xc4\x1f\x20\xba\x0c\x5f\xf2\x37\x2f\xa8\xaa\xa3\x0a\x16\x7b\xcd\x2d\xdd\x8a\x33\xc9\x91\x82\x7e\xe6\x27\x8c\xff\xc7\xde\x75\xb4\xde\x8f\x73\xe7\xfd\xfb\x29\xc2\x64\x15\x0c\x71\x6f\x33\x24\x60\xdf\xeb\x5e\xaf\xbb\x4d\x36\xee\xbd\x77\x87\xf7\xbb\x87\xfb\x1b\x08\xff\xc9\x2e\xfb\x11\x78\x61\x21\x74\x2c\xe9\x41\xe7\x3c\xb2\xa4\x47\x30\x10\x5f\x09\x9f\x58\x97\x5b\x8a\x0e\xb7\x03\x00\x89\x93\x1a\x15\x01\x79\x03\xb3\x16\xeb\x02\x41\xa7\x47\xbe\x30\x63\x68\x62\x68\xa7\x99\xc1\x46\xe6\x82\xe1\x3b\x15\xbd\x02\x9d\xbb\x8b\xbc\x17\xef\x81\x36\xec\xe5\x6b\x1c\x15\xbd\x89\x90\x13\x8a\x49\x2d\xa9\x52\x59\xb1\xdb\x79\x5e\x66\x5a\x94\x88\xb1\x50\xf1\x24\x42\x33\xf9\xbc\x62\x3a\x49\x81\x42\x5f\xfb\xc7\x6b\xb0\xf5\x96\xbc\x21\x42\xb0\x98\xaf\xbe\x6c\x74\xe6\x20\xa3\x22\x8c\x76\x52\xad\x0d\x00\x43\x01\x29\xa1\xb0\xb0\x7c\xe4\xf1\xaf\xe2\x10\x1b\x80\xc8\xb5\xc1\x13\xca\x2c\x78\x00\xf0\x38\x50\x62\xdd\xf5\xb8\x93\x7d\x6f\x70\x46\x8c\xce\xc1\xe2\x20\x2c\x8e\x36\xc9\x0c\xa0\x97\xd8\xdf\xac\x43\x8c\xf9\x0f\xf1\xa6\x11\x52\x5f\x60\x02\x1f\xe1\x18\x8c\x55\x2b\x0f\x06\x3c\x74\x39\xf6\x31\xbb\x73\x2f\x8c\x01\xa1\x87\x04\x4b\x05\xca\x38\x20\xba\x70\x8f\x0a\xcb\x9c\x82\x67\x1c\x0e\x37\x70\x0a\x48\x1b\x40\xb4\xfb\x39\x1e\x64\x1c\x34\x9a\xa1\x0d\x2b\xde\x7c\xf1\xdf\x66\x6d\x13\x44\xfa\xef\x7b\x81\x32\x47\x53\x5f\xd8\x4e\xae\x86\xf8\x06\x03\x12\x47\x4f\xa0\xa0\x11\x81\x0e\x26\x22\xef\x40\xba\x13\x17\x88\xd4\x45\x75\x0f\xb2\x2f\xa1\x9b\xe3\x7a\x24\x34\x15\xd8\xf3\xf0\xe8\x63\x3a\xde\xa8\xab\xa5\x85\xe6\x08\x21\xf9\xae\xc6\x58\x24\x39\x86\x6a\x42\x40\x47\xef\xb4\xe3\x2d\xd7\x95\x6e\xb5\x18\x09\xa3\xd2\x86\x46\xee\x80\x78\xf6\xbc\xaa\x8c\x96\x1b\x60\x3f\xca\xdb\xfb\x18\x07\x0b\x7e\x52\x89\x0d\x8f\x22\x4f\x8a\x0d\xe5\xf8\xae\x6c\x8d\x3d\x78\x23\xe7\xeb\x1c\x15\x67\xc2\x30\x2e\x38\xab\x59\xbd\x29\x51\x41\xb7\x89\x26\x82\x80\x89\x89\xbc\x3c\xa3\xb0\xaf\xc6\xdb\xb4\x96\xdc\x0a\x33\x33\x38\xfa\x45\x9a\x95\x57\xd3\x1f\x10\xb9\xe4\x85\x5a\xec\xa8\xd7\x9d\xaa\xeb\xf1\x56\x6e\xd2\x17\x11\x0f\x13\x60\x0c\xc8\x02\x8b\xcd\x89\x24\xfa\x22\xdf\x0a\x15\xbb\x9d\x6c\xbd\xd9\x93\xcc\xf7\x00\x21\xa7\x39\x12\x86\x79\x0b\x6d\xb7\x9b\x6e\xfd\xf5\xa3\x4f\x36\x49\xe1\x8c\xd6\x61\x07\x04\xb5\x19\xae\x36\x0c\x60\x67\x6e\xfa\x41\xec\x99\x8f\x66\x47\xed\x99\x0c\x57\x9a\xbc\x6e\xcf\x82\x6f\x20\x5d\x5d\x86\x27\x6e\x2e\x0a\x19\xef\xc6\xa3\x62\x47\x47\x2f\x0d\x5f\x04\xb9\x2b\xfd\xe2\xad\xc4\x1a\xa0\x74\xe4\xe1\x39\xda\x94\x20\x08\x01\x05\xd1\x98\x51\xb8\x12\x54\x9e\x1a\xc2\x1b\x3c\x0c\x91\xb0\x87\x29\x82\xf0\x22\x4f\x14\x3c\xdd\x30\x80\x28\x7f\x48\x64\x80\xd2\xa0\x55\xd3\x58\xe7\x52\x76\x6d\x7f\x28\xd5\x78\xb0\x2f\x4f\x24\xc0\xe3\xaa\x63\x08\xda\x92\x0f\x75\x38\x97\x98\x0f\x8b\x72\x67\xb1\x04\x2d\x11\x4d\xd0\x09\x93\x62\x82\xc4\x80\xfb\x38\x2b\xcd\x0a\x1a\x3a\x9a\x23\xb3\x63\x0f\x6a\x47\x49\x3a\x52\x0c\x24\x50\x15\xe6\x50\xde\x14\xc7\x5b\xa1\x3f\x6e\x1d\xcd\x62\xa0\x18\xd3\xfb\x3e\x84\xfb\x62\x63\x40\x6e\x46\xbe\xdb\xf1\xd5\x13\x58\x9c\xc5\xa5\xab\xaf\x5e\x82\x7a\x05\x72\xb2\x42\x93\x62\xb7\xbb\xaf\xfa\x9e\x43\x8f\x20\x05\x9a\x27\xbe\x22\x31\x58\x87\x40\x80\x5f\xc0\x4a\x50\x2f\xb6\xc6\xc3\x35\x3a\xf2\x17\x44\xda\xd0\xc6\x9a\x62\xd3\x21\x64\xde\x42\x86\x77\x2a\xd3\xac\x94\x5a\x5a\x1d\x2d\x99\x9b\x0f\x6c\xdb\x70\x40\xd9\x2e\x15\xf0\x66\x42\x50\x91\x86\x14\xf5\xee\x3e\x9f\x11\xab\xc4\xf5\x6e\xb5\x39\x21\x80\x62\x7b\xf3\x9c\x72\x4b\x11\xf6\xb3\x47\x6c\xeb\x9f\x90\x67\x4f\xb7\xe1\x45\xd9\x50\x58\x7b\x0f\x96\xdd\xbf\x97\x2b\xd4\x26\xdb\x6a\x1d\x9e\xbe\x37\xbb\x10\x6a\x75\xa0\x82\xea\xc1\x57\x28\xd3\x06\x67\x6c\xc0\xeb\xfa\xb8\x22\x0b\xa4\x6f\xa6\x55\xde\x65\x39\x4a\x2f\x5d\x81\x0a\x58\x91\xf9\x17\x4c\x83\x07\x85\x67\x7b\xcd\xb8\x0f\xef\x39\x2e\x6a\x3e\xd7\x0a\x3b\x8c\x9d\x3a\xdc\x25\x59\xef\x00\xa6\x0b\x97\x3e\x16\x4a\xdc\xc9\xb5\xea\xec\x2d\xc9\xcd\x60\x33\xc4\x06\x60\x3b\x67\x5a\xc7\x39\xee\xbf\x3c\x20\x9f\x53\x43\xb4\x4b\x40\xed\xb2\xbd\x87\x79\xde\x4a\x7d\xef\x86\x0b\x63\x70\x7a\xa7\x9f\x66\x85\x3e\x52\x4f\x7b\x8c\x07\x2c\x35\x81\x66\x8f\xcf\x01\x0b\x8d\xb5\x3f\x2b\xab\xe4\x43\x42\xcf\xa7\xe6\x8c\x84\x5f\x62\xcb\x86\xfb\x19\x9a\xca\x7c\x4d\xd7\x68\x98\xf0\x9c\xd4\x74\x10\x66\xbc\x27\x97\x28\xda\x54\x9c\x8d\x66\x24\x8d\x4e\x18\x1c\x76\x29\xb5\x56\x36\x97\x27\x25\x0d\x73\x28\x90\xc4\x68\x78\xfb\x76\x3b\xb9\x90\xcf\x23\x5b\x62\xa4\x35\xc4\xf7\xb5\x12\x89\x5c\x42\xdc\x94\xd8\x05\x7a\xa5\x01\x4c\x83\xf4\x76\xe2\xb7\x59\xb6\xef\x58\x17\x01\xfb\xd3\xb9\x87\x0d\x00\x13\xed\xa8\x12\xbf\x27\x1b\x81\x51\x69\x61\xa0\xa8\x7e\xa7\x15\xa3\x00\xb9\xd3\xe2\xaa\x55\x42\xa9\x2a\xb0\x65\x72\xa7\x54\xcf\x57\xa1\xb7\x78\x33\xa2\xe4\x6c\x73\x49\x28\xbd\x46\x82\x0d\x45\x66\x7b\x1b\xe4\x5e\x20\xa0\xac\x4a\x93\x98\xee\x01\x44\xca\xef\x06\x03\x12\x73\x10\xb4\x05\xe7\x5b\x8f\xbf\xbe\xfe\xb1\x84\x0a\x23\x96\x71\x0a\x88\x25\xb6\x5f\xa9\xa2\x50\xa1\xc7\x18\x1c\xe7\xc2\xc0\x6e\x05\xbc\x51\x8d\x91\xad\x36\x68\x53\x46\x49\x9a\xe3\x63\xa6\xee\xe5\xdc\xac\xce\x9b\x48\xf4\x6f\xf4\xff\x62\x3c\x42\x52\x81\x57\x8d\x14\xcf\x8a\x14\xe6\xa7\xa6\xf3\x7d\x38\x86\x77\x17\xd3\x7d\xd4\x47\x74\xfe\x78\x33\x94\x1f\xc3\x9e\xf4\xf8\x20\xdb\xb4\xcd\xb3\x67\x48\xd5\xd2\x6e\x55\xea\xd2\x2b\xf5\x38\x39\xd5\x49\xee\x9f\xe7\x4c\xa3\xc8\xf6\x1b\x6b\x2e\x4c\x94\x32\xde\xe5\x4c\xa4\x39\x4c\x44\x7d\xd8\x13\xc0\xee\xde\x40\x10\x23\xfa\x4c\xec\xea\x8c\xbd\xab\x73\xac\xce\x03\xb2\xdb\x4d\x5d\x30\xab\x78\x2f\xd3\x59\xa6\x41\x61\x28\xf0\xb6\xbc\x11\xe1\xcd\x0e\x25\x56\x2b\x74\x23\xf6\x90\x68\xd1\x81\xcb\xb3\x23\x94\x28\xfc\x0c\x1c\x4c\x51\x9a\x84\x84\x08\x65\xa7\xdf\x40\x16\x1c\xd7\x39\xba\xae\xc8\x55\x89\xff\xac\x2d\xcd\xca\xbd\xfd\xf0\x06\xea\xd9\xf6\x8d\xf0\x15\x55\x88\x57\xba\x10\x68\x57\x9c\x9f\xd7\xe8\x67\xc6\x90\x21\x22\x20\x57\x09\x42\x1d\xc3\x25\x60\x19\x58\xec\x50\xaa\x8b\x5c\x25\xd9\xc7\xe1\x8a\xc0\xb1\x10\xe8\xac\x0b\xf9\xe7\xcc\xa8\x7a\x55\xc3\x46\xba\xb5\x9a\x10\x2b\x0f\x20\xf3\xc5\x03\x7a\x72\x3e\xbb\x48\xb8\xa8\xcf\x2b\x60\x42\x33\x45\x55\x1b\xde\x2c\x4e\xf7\x8e\x05\xa2\x72\x93\x6f\xa5\xed\x3b\x5f\xe3\x40\x31\xdc\xa9\x0a\xbd\xca\x98\x35\x51\xf2\xdb\x37\xd7\x9a\x08\xd7\x07\xa0\x65\xdf\xf3\x02\x18\xc6\xdd\x25\x8c\xb2\x57\x40\xd2\x40\xe3\x62\x2a\x47\xf4\xcb\x8c\x16\x13\xb2\x06\xd9\x49\xe8\xdd\x0c\xc7\xb7\x51\xe6\x5a\x03\xd2\x66\xec\x0f\xd3\x16\x6f\xc1\xb7\x9f\x8a\x03\x25\x36\xef\xe1\x2b\xad\x68\x10\x27\x7e\xc8\xec\xc6\x6d\x8c\xce\x4d\x17\xd6\x1c\xc3\x79\x9c\x6a\x2c\x44\x90\xda\x8d\xa2\xcb\xa8\xe5\x30\x87\x07\x50\xaf\x5c\xb9\xb5\x46\x74\x32\xa2\x0a\xdc\x4e\xf6\x5d\x58\x77\x3c\x2f\xf0\xa0\x8c\xbb\xb6\xe7\x85\x6e\xaa\x72\x6f\x89\xd7\x41\x77\x88\x83\x77\xfb\x68\x8f\x36\x69\x85\x48\xef\xe0\x8f\x1e\x6c\x27\x4d\x02\xb6\x28\x37\xb5\x70\x97\x2d\x21\xe2\xce\xdb\xc3\xc9\xf3\x96\xe7\x65\x3e\x17\xb7\x4a\x05\xe9\x8e\xfb\x68\xaa\x7d\x2e\x51\xa4\x5d\x50\x26\x66\x37\x1d\x3c\x17\x28\x0e\xe3\x44\x6b\xe4\x86\x10\x97\xac\xbe\x38\xf7\x75\x1c\x30\xf9\x80\xd2\x93\xa2\x0a\xd2\x2e\xf1\x05\x4d\xaa\x4d\xe8\x7d\x65\x3a\x24\x6f\xf6\x0a\xd3\x7d\xbd\xbd\xcf\x6e\x4b\x6c\x7c\xa1\xd6\x27\x3d\x9e\x38\x7a\x82\x1b\xaf\xfa\x94\xae\x09\x42\xe5\x27\x25\x3c\xba\xd3\x84\x37\x1a\xe6\xba\x20\xe1\xa3\x06\x67\xec\xc7\xe5\xa9\x42\x7c\x6e\x84\x4c\x27\x12\xd6\xb9\xb1\x57\xae\x9d\x3b\x57\xb5\x0d\x84\x9c\x48\x9a\x74\x69\x14\x65\x1d\x5f\x65\x3c\xc7\xfd\x3c\x03\x45\xaf\x7d\xf9\xb5\x6a\x43\xdf\x21\x39\xd6\x92\x72\xaa\x54\x57\x1d\xa8\x96\x1a\xe9\x32\x73\x99\x75\xda\x9f\x3b\x81\xeb\x71\x52\x90\x6d\x89\xe1\x2d\xf6\x97\x68\x87\x88\x58\xff\x5c\xfb\x8b\xc5\x66\xb9\x4e\x06\x04\xa6\x83\x64\x43\xa8\xe0\x2e\x04\x64\xa0\x97\x18\xd9\x60\x92\x1e\xd8\x2b\x4b\x7d\x2e\x75\x3a\x2b\xf0\x60\x1a\x07\xe3\x2c\x86\xf3\xc3\x1c\x09\x2d\x32\xfc\xa6\xd2\x8e\x6e\xeb\x1f\x6f\xee\x40\xb0\x18\x50\x92\x8e\xb5\x7b\xb3\x59\x8a\x48\x6c\xaa\x38\xdc\x19\x0f\x60\xc5\xef\xa6\xf8\xe3\x0a\x80\xcf\x5f\xbe\x5c\x45\x81\xe7\xa5\x95\x76\x38\x6b\xe9\x7c\x2e\xfd\xfd\x79\x34\xd2\x38\x57\xf5\x75\x6f\x53\x82\x33\xe5\xae\x35\x28\xb5\xc9\xcf\x41\x7e\x19\xcd\x86\x90\x79\x61\x06\x33\x1f\xee\xef\x91\x10\x2a\x28\x23\xad\xd5\x33\x87\xa7\x82\xc8\xcc\xb7\x2e\x7b\x18\x99\x96\xd5\xeb\xb5\x68\xfc\xc7\x5b\xd1\xa5\xa3\x41\xbe\x82\xb6\xd6\x79\xdf\x1f\xac\xae\xc7\x5e\xfd\xd2\xb3\x14\x00\x9d\x09\x4e\xd6\x20\xda\xc6\x17\xc3\xbc\xa5\xfa\x47\x6b\xb7\xc6\x76\xa9\x40\x45\xfa\x06\x33\x88\x06\xb8\x95\x5c\x88\xbc\x83\x49\x5a\x68\x72\x0c\xdc\xe9\x9f\x73\x56\x0a\x6a\x9a\xf7\x80\xcd\x4a\xed\x93\xd9\x1e\x90\x34\xa2\x3a\x61\x5f\x55\x90\x53\xd4\xd0\xa6\x16\x07\x44\xe6\xc7\xd7\x13\x03\x47\x43\xce\x3c\xc6\x5e\xda\x9b\x04\x1c\xa7\xc5\x0d\x8b\x33\xa5\x0b\x17\xad\x86\x50\x9b\x3e\x11\xd5\x25\x7b\x8d\xd9\x0b\xc8\xf2\x15\x79\xf7\x68\xbc\xf5\xb0\x78\x26\x16\xc7\x30\xef\xf9\x1b\x47\xa3\x2a\xfc\xd0\x20\x41\xe7\x14\x50\x8f\xf7\xba\x28\x40\x07\x9e\xa5\xc2\x8e\x82\x31\x7c\x7d\x63\x96\x1f\xe9\xf4\x39\xfa\x9e\x61\x18\x46\xab\x1f\x5a\xb5\x21\x19\x03\x0a\x8b\xf3\x78\x33\x00\x91\x46\x84\x71\xaf\xb3\x5c\xcf\x78\x36\x32\x5b\x49\x23\x48\x46\x48\x13\x7f\xd6\x14\xde\x1e\x4d\x90\xb8\x60\x8a\x0d\xa2\xe4\xe6\x07\xd3\x26\xf9\x7a\x22\xd2\xc4\xe9\x9f\xc3\xbb\x5d\x8c\xe7\x7b\x90\x1c\x8a\x97\x62\x02\x63\x26\x2c\x60\x56\x60\x0b\x95\x6d\x9a\x08\x17\xe4\x89\xd6\x17\x59\x0b\x0c\xd0\x4a\xbd\x2e\x21\x35\x47\x14\x5a\x52\xdc\x65\x38\xd1\x8a\x24\x3a\x02\x5a\x63\x1b\xa8\x3f\x4b\xf9\x47\x89\xbd\x4f\xf6\x1e\x97\x9b\x02\x8d\xde\x91\x21\xa0\x30\x45\xf4\x06\x44\x5e\xb0\xca\x78\x7b\x5a\x98\xfd\xa4\xe2\x17\x86\xec\x99\x0a\xd5\xe2\x6a\x09\x7b\x16\x1a\x5f\xa6\x0c\x23\xbd\xc0\x99\xe8\xa7\x3a\x04\xcc\x06\xdb\xf5\xa2\x40\x67\x38\xdd\xb1\x8e\xba\xf4\x6e\xde\xa7\xc9\xf7\x86\x88\x2e\x94\x65\xfa\x91\x1e\xd2\x17\x1b\x29\x1e\xa8\xe8\xce\x25\x93\x64\x59\x0d\x7b\xbd\x19\x1e\x9c\xa0\x73\x53\xa4\xe0\x74\x0b\x36\x0d\x32\x2f\xc0\xbc\x1e\x0d\xd5\x7d\x32\x9b\xd0\x64\xd2\x7b\x30\x36\x9a\xa9\x29\x99\x95\x31\x04\x16\x04\x09\xef\x40\x10\x32\x3b\x02\x2a\x11\xae\xb4\x10\xe5\xdb\xed\xa6\xd9\xef\x21\x7f\x31\x55\xd6\xf5\x78\x4f\xfb\xf3\xe0\x3c\xb4\x2e\xf6\xb9\xa9\x36\xb4\xa9\x36\x7d\xaf\xcc\xe7\x75\xaf\x8b\xfc\x35\x65\x51\x80\xca\xdf\x64\x8d\xc1\xba\xe5\xf6\xf6\x53\x79\xbc\xee\xac\xdf\x98\x46\x40\xfd\x45\x20\x51\x77\xe6\x3f\xb5\x38\xb2\x0c\xf3\x62\x44\x5c\x70\x86\x02\x25\xe8\x7c\x47\x13\x9a\xea\x65\x3b\xec\x0e\x14\x49\x86\x08\xd6\x1f\x32\xc3\xd4\x29\x5f\x66\x62\x5b\xe2\x3e\xea\x63\x64\x5b\x22\x1f\xee\x42\xc4\x78\x0b\x89\xf7\x31\x61\xcf\xf3\x62\x3a\x3f\xc6\x5b\xad\xa1\x4d\xf9\x06\x1e\xb6\xf9\x60\x58\xa8\xaf\x08\x79\xf7\xdd\x14\x6f\x4d\x88\xc0\x8d\x8b\xa8\x5d\x8d\xae\x3e\x99\x09\x7d\x75\x32\xf4\x2a\x62\x80\x02\xe6\x5b\x06\xd0\x39\x5e\x50\x74\x0f\xc7\x7e\x37\xf5\x56\x1f\xf5\x3f\xbf\xff\xea\x10\xe6\xa8\xf3\x3b\x8b\xc2\xb1\xa0\x7b\x6c\xc9\x30\x2c\x87\xcb\x16\xc7\xbb\x59\x10\xc0\xb4\x69\xc7\x42\xd5\xc2\xba\x3f\xcd\xb1\xde\xb8\xb7\x5e\x4a\x02\x0c\xb1\x8c\x78\x15\x79\xd0\xe1\x9f\x56\x7d\x21\x94\xdd\xe2\xc6\x17\xf4\x36\x1a\xc7\xdd\x04\x75\x8d\xf4\x25\x01\x88\xde\x30\xa3\xd0\x39\x9f\x4b\x73\x5c\xe4\x8b\xa2\x35\x89\x6f\xbd\x09\xcf\x4f\xf1\x85\x71\xd1\xc1\xb2\xed\x76\xb3\xdd\x4e\x82\xd5\x47\x82\x35\x4c\x84\x3f\x4c\xdf\xef\xfa\xd6\xc6\x7e\x3e\x82\xb7\x80\x11\x65\x76\x74\xe0\x91\xf9\xf5\xc9\x4d\xa1\xf9\x40\xb1\x8e\xe0\x2b\xa2\x3b\x1f\x44\x73\x38\x44\xaf\x42\x89\x7d\x95\xe5\xf8\xc2\xb0\x5d\xad\x27\xcd\xe1\x32\x00\xcc\x7f\x94\xd8\xe2\xbc\x8b\x08\x7b\xc0\x01\xa7\xb5\x15\x90\x9d\x89\x7d\x11\xae\x36\xf9\x51\xf0\xbb\xd6\xa4\xc7\xeb\xd8\xe7\xb7\x04\x83\x56\x93\x31\xb6\xaa\x90\x6f\x0a\x54\x6f\x6a\xd0\x80\x22\x7d\x68\x10\x3c\x4e\x5c\x7f\xa8\x43\x7d\x52\xd4\xbb\x3f\x76\x57\xe0\xe6\x8f\x74\xa4\xeb\xe1\x79\x11\x14\xe9\xbb\x4c\xc5\x11\x18\x46\xe5\x55\xfe\x08\x57\x2b\x8d\x84\x83\xba\xc7\x32\xb2\x57\xba\xaf\xf2\x67\xdf\x9e\x52\xcf\xb3\xdf\xcd\x71\x93\x7c\x92\x8d\x65\x66\x4c\xe8\xbb\x2e\x7e\xb3\xdd\xac\x67\xe2\xb7\x7f\x9d\x0f\x75\x32\x8c\xc4\x49\x2d\xd7\x7b\x7d\x24\x3e\x04\xfd\x6a\x07\xe3\x4e\x49\xf9\x59\x41\x95\x04\xc6\x55\x7d\x9d\x2b\xcf\xba\x6e\x27\xf5\xfc\x94\x7b\xdd\x8f\xc3\x5b\xdb\x76\x9a\x63\xa1\x26\x82\x99\xb0\x5b\x4f\xcc\x9b\x3f\x17\x40\x65\x1b\xda\xde\x2e\xa4\xff\x09\x57\x68\x73\xbe\x8f\x0b\xeb\x89\xaf\xf9\x55\x0d\xe9\xce\xc7\xe5\x33\xf3\x8d\x71\xfc\x77\x0c\xee\xce\xf2\xbc\x3c\x68\x71\xc1\xea\xa2\xef\x80\x56\xae\xf7\x0d\xe0\xe0\xc0\x1b\x5e\xed\xc6\x49\x03\x1f\xf9\x51\x17\x06\x66\x5e\x7c\xab\xcf\x2c\x24\xd9\x17\x5c\x47\x13\x60\xcb\xaf\xcd\x73\xf9\x77\x49\x81\x83\xa2\x0c\xbe\xeb\x79\x96\xfb\x6d\xfb\xcf\xdd\x2a\x1e\x9b\x05\x1e\x9c\xcd\x2f\x7c\x85\x14\x96\x3d\xa1\x58\xcf\x44\x0b\x12\x1a\x6f\xfe\x3a\xa2\x26\x86\xc8\x4f\x98\x28\x37\xb5\x3f\xeb\xa2\xce\x56\x07\xdf\xe9\x22\x3f\x26\x90\xfa\xbc\xe5\x2b\xd6\xcb\xed\xa4\x4e\xcc\x28\x6e\xeb\xa2\xd8\xe3\xa4\xb9\xff\x73\x83\xe2\xbc\x2c\xd7\x61\xe2\xe0\x8b\x7e\xab\xdf\xd7\x56\x85\x8d\x56\x86\xb3\x10\x11\xde\xd6\x8a\x40\x3d\xea\xae\xbc\xd0\x58\x25\x94\x10\xf9\xb0\xc4\xfe\x34\x4b\xab\xc4\x50\x65\xd2\x60\x27\xf3\xbf\xe9\xe4\x14\x78\x4b\x02\x6c\x60\x34\x06\xc5\x8a\x2b\xfd\x30\xbf\xa4\xd7\xc7\x7a\x6e\x8e\xf9\x4b\x7a\xb7\x9c\x96\x88\xcc\xaf\xe5\x38\x26\x0f\x83\x33\xfd\x4b\x31\xe3\x63\x5d\x6b\xca\xfe\x9a\xf5\x61\xf1\xaa\x60\xcf\xbf\x14\xc3\x59\x51\xb8\xce\x5f\x4d\xb0\x8c\xd8\xf3\x94\xf8\x7f\x6d\xa6\x7f\xdb\xfc\xdb\xe6\xff\xc3\xe6\x01\x15\x0b\x50\x75\x81\xb1\x89\x3d\xd2\xfe\xe4\xda\xae\x67\x58\x0a\xfe\x0a\x25\xe9\x3f\x7e\xfb\xb7\x3f\xfe\xf1\xcf\x7f\xfc\x7b\xb2\xe4\x71\x96\x2e\x7b\x9f\xfc\x67\x57\x03\x5d\xfd\x7b\x92\x17\xe3\x92\xff\x77\x3a\x0e\x5b\x3e\x6c\xbf\xff\x06\xfe\x17\x04\xc5\xd0\x6f\x7f\x4c\x71\x96\xd5\x43\xf9\x3b\xf4\x2f\xf8\x74\xfd\x91\x8e\xdd\xb8\xfc\xfe\xaf\x69\x9a\xfe\xf1\xcf\xff\x09\x00\x00\xff\xff\xaf\xa5\x1a\xb1\x3d\x07\x02\x00")
 
 func pagesAssetsStylesContainersCssBytes() ([]byte, error) {
 	return bindataRead(
diff --git a/vendor/github.com/google/cadvisor/pages/templates.go b/vendor/github.com/google/cadvisor/pages/templates.go
index 45f1c1840029..b4821d4ae447 100644
--- a/vendor/github.com/google/cadvisor/pages/templates.go
+++ b/vendor/github.com/google/cadvisor/pages/templates.go
@@ -1,4 +1,4 @@
-// Copyright 2017 Google Inc. All Rights Reserved.
+// Copyright 2018 Google Inc. All Rights Reserved.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
diff --git a/vendor/github.com/gophercloud/gophercloud/README.md b/vendor/github.com/gophercloud/gophercloud/README.md
index 60ca479de89d..bb218c3fe9e1 100644
--- a/vendor/github.com/gophercloud/gophercloud/README.md
+++ b/vendor/github.com/gophercloud/gophercloud/README.md
@@ -141,3 +141,19 @@ See the [contributing guide](./.github/CONTRIBUTING.md).
 
 If you're struggling with something or have spotted a potential bug, feel free
 to submit an issue to our [bug tracker](/issues).
+
+## Thank You
+
+We'd like to extend special thanks and appreciation to the following:
+
+### OpenLab
+
+<a href="http://openlabtesting.org/"><img src="assets/openlab.png" width="600px"></a>
+
+OpenLab is providing a full CI environment to test each PR and merge for a variety of OpenStack releases.
+
+### VEXXHOST
+
+<a href="https://vexxhost.com/"><img src="assets/vexxhost.png" width="600px"></a>
+
+VEXXHOST is providing their services to assist with the development and testing of Gophercloud.
diff --git a/vendor/github.com/gophercloud/gophercloud/STYLEGUIDE.md b/vendor/github.com/gophercloud/gophercloud/STYLEGUIDE.md
index e7531a83d9d4..22a290094129 100644
--- a/vendor/github.com/gophercloud/gophercloud/STYLEGUIDE.md
+++ b/vendor/github.com/gophercloud/gophercloud/STYLEGUIDE.md
@@ -1,6 +1,8 @@
 
 ## On Pull Requests
 
+- Please make sure to read our [contributing guide](/.github/CONTRIBUTING.md).
+
 - Before you start a PR there needs to be a Github issue and a discussion about it
   on that issue with a core contributor, even if it's just a 'SGTM'.
 
@@ -34,6 +36,9 @@
   append. It makes it difficult for the reviewer to see what's changed from one
   review to the next.
 
+- See [#583](https://github.com/gophercloud/gophercloud/issues/583) as an example of a
+  well-formatted issue which contains all relevant information we need to review and approve.
+
 ## On Code
 
 - In re design: follow as closely as is reasonable the code already in the library.
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/auth_env.go b/vendor/github.com/gophercloud/gophercloud/openstack/auth_env.go
index 95286041d66e..b5482ba8c9f7 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/auth_env.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/auth_env.go
@@ -16,7 +16,12 @@ The following variables provide sources of truth: OS_AUTH_URL, OS_USERNAME,
 OS_PASSWORD, OS_TENANT_ID, and OS_TENANT_NAME.
 
 Of these, OS_USERNAME, OS_PASSWORD, and OS_AUTH_URL must have settings,
-or an error will result.  OS_TENANT_ID and OS_TENANT_NAME are optional.
+or an error will result.  OS_TENANT_ID, OS_TENANT_NAME, OS_PROJECT_ID, and
+OS_PROJECT_NAME are optional.
+
+OS_TENANT_ID and OS_TENANT_NAME are mutually exclusive to OS_PROJECT_ID and
+OS_PROJECT_NAME. If OS_PROJECT_ID and OS_PROJECT_NAME are set, they will
+still be referred as "tenant" in Gophercloud.
 
 To use this function, first set the OS_* environment variables (for example,
 by sourcing an `openrc` file), then:
@@ -34,6 +39,16 @@ func AuthOptionsFromEnv() (gophercloud.AuthOptions, error) {
 	domainID := os.Getenv("OS_DOMAIN_ID")
 	domainName := os.Getenv("OS_DOMAIN_NAME")
 
+	// If OS_PROJECT_ID is set, overwrite tenantID with the value.
+	if v := os.Getenv("OS_PROJECT_ID"); v != "" {
+		tenantID = v
+	}
+
+	// If OS_PROJECT_NAME is set, overwrite tenantName with the value.
+	if v := os.Getenv("OS_PROJECT_NAME"); v != "" {
+		tenantName = v
+	}
+
 	if authURL == "" {
 		err := gophercloud.ErrMissingInput{Argument: "authURL"}
 		return nilOptions, err
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/extensions/volumeactions/requests.go b/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/extensions/volumeactions/requests.go
index a3916c77c167..d18bff555b54 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/extensions/volumeactions/requests.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/extensions/volumeactions/requests.go
@@ -47,7 +47,7 @@ func Attach(client *gophercloud.ServiceClient, id string, opts AttachOptsBuilder
 		r.Err = err
 		return
 	}
-	_, r.Err = client.Post(attachURL(client, id), b, nil, &gophercloud.RequestOpts{
+	_, r.Err = client.Post(actionURL(client, id), b, nil, &gophercloud.RequestOpts{
 		OkCodes: []int{202},
 	})
 	return
@@ -56,7 +56,7 @@ func Attach(client *gophercloud.ServiceClient, id string, opts AttachOptsBuilder
 // BeginDetach will mark the volume as detaching.
 func BeginDetaching(client *gophercloud.ServiceClient, id string) (r BeginDetachingResult) {
 	b := map[string]interface{}{"os-begin_detaching": make(map[string]interface{})}
-	_, r.Err = client.Post(beginDetachingURL(client, id), b, nil, &gophercloud.RequestOpts{
+	_, r.Err = client.Post(actionURL(client, id), b, nil, &gophercloud.RequestOpts{
 		OkCodes: []int{202},
 	})
 	return
@@ -87,7 +87,7 @@ func Detach(client *gophercloud.ServiceClient, id string, opts DetachOptsBuilder
 		r.Err = err
 		return
 	}
-	_, r.Err = client.Post(detachURL(client, id), b, nil, &gophercloud.RequestOpts{
+	_, r.Err = client.Post(actionURL(client, id), b, nil, &gophercloud.RequestOpts{
 		OkCodes: []int{202},
 	})
 	return
@@ -96,7 +96,7 @@ func Detach(client *gophercloud.ServiceClient, id string, opts DetachOptsBuilder
 // Reserve will reserve a volume based on volume ID.
 func Reserve(client *gophercloud.ServiceClient, id string) (r ReserveResult) {
 	b := map[string]interface{}{"os-reserve": make(map[string]interface{})}
-	_, r.Err = client.Post(reserveURL(client, id), b, nil, &gophercloud.RequestOpts{
+	_, r.Err = client.Post(actionURL(client, id), b, nil, &gophercloud.RequestOpts{
 		OkCodes: []int{200, 201, 202},
 	})
 	return
@@ -105,7 +105,7 @@ func Reserve(client *gophercloud.ServiceClient, id string) (r ReserveResult) {
 // Unreserve will unreserve a volume based on volume ID.
 func Unreserve(client *gophercloud.ServiceClient, id string) (r UnreserveResult) {
 	b := map[string]interface{}{"os-unreserve": make(map[string]interface{})}
-	_, r.Err = client.Post(unreserveURL(client, id), b, nil, &gophercloud.RequestOpts{
+	_, r.Err = client.Post(actionURL(client, id), b, nil, &gophercloud.RequestOpts{
 		OkCodes: []int{200, 201, 202},
 	})
 	return
@@ -145,7 +145,7 @@ func InitializeConnection(client *gophercloud.ServiceClient, id string, opts Ini
 		r.Err = err
 		return
 	}
-	_, r.Err = client.Post(initializeConnectionURL(client, id), b, &r.Body, &gophercloud.RequestOpts{
+	_, r.Err = client.Post(actionURL(client, id), b, &r.Body, &gophercloud.RequestOpts{
 		OkCodes: []int{200, 201, 202},
 	})
 	return
@@ -183,7 +183,7 @@ func TerminateConnection(client *gophercloud.ServiceClient, id string, opts Term
 		r.Err = err
 		return
 	}
-	_, r.Err = client.Post(teminateConnectionURL(client, id), b, nil, &gophercloud.RequestOpts{
+	_, r.Err = client.Post(actionURL(client, id), b, nil, &gophercloud.RequestOpts{
 		OkCodes: []int{202},
 	})
 	return
@@ -216,7 +216,7 @@ func ExtendSize(client *gophercloud.ServiceClient, id string, opts ExtendSizeOpt
 		r.Err = err
 		return
 	}
-	_, r.Err = client.Post(extendSizeURL(client, id), b, nil, &gophercloud.RequestOpts{
+	_, r.Err = client.Post(actionURL(client, id), b, nil, &gophercloud.RequestOpts{
 		OkCodes: []int{202},
 	})
 	return
@@ -256,8 +256,14 @@ func UploadImage(client *gophercloud.ServiceClient, id string, opts UploadImageO
 		r.Err = err
 		return
 	}
-	_, r.Err = client.Post(uploadURL(client, id), b, &r.Body, &gophercloud.RequestOpts{
+	_, r.Err = client.Post(actionURL(client, id), b, &r.Body, &gophercloud.RequestOpts{
 		OkCodes: []int{202},
 	})
 	return
 }
+
+// ForceDelete will delete the volume regardless of state.
+func ForceDelete(client *gophercloud.ServiceClient, id string) (r ForceDeleteResult) {
+	_, r.Err = client.Post(actionURL(client, id), map[string]interface{}{"os-force_delete": ""}, nil, nil)
+	return
+}
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/extensions/volumeactions/results.go b/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/extensions/volumeactions/results.go
index 9815f0c26ac3..5cadd360f205 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/extensions/volumeactions/results.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/extensions/volumeactions/results.go
@@ -184,3 +184,8 @@ func (r UploadImageResult) Extract() (VolumeImage, error) {
 	err := r.ExtractInto(&s)
 	return s.VolumeImage, err
 }
+
+// ForceDeleteResult contains the response body and error from a ForceDelete request.
+type ForceDeleteResult struct {
+	gophercloud.ErrResult
+}
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/extensions/volumeactions/urls.go b/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/extensions/volumeactions/urls.go
index 5efd2b25c05b..20486ed71944 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/extensions/volumeactions/urls.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/extensions/volumeactions/urls.go
@@ -2,38 +2,6 @@ package volumeactions
 
 import "github.com/gophercloud/gophercloud"
 
-func attachURL(c *gophercloud.ServiceClient, id string) string {
+func actionURL(c *gophercloud.ServiceClient, id string) string {
 	return c.ServiceURL("volumes", id, "action")
 }
-
-func beginDetachingURL(c *gophercloud.ServiceClient, id string) string {
-	return attachURL(c, id)
-}
-
-func detachURL(c *gophercloud.ServiceClient, id string) string {
-	return attachURL(c, id)
-}
-
-func uploadURL(c *gophercloud.ServiceClient, id string) string {
-	return attachURL(c, id)
-}
-
-func reserveURL(c *gophercloud.ServiceClient, id string) string {
-	return attachURL(c, id)
-}
-
-func unreserveURL(c *gophercloud.ServiceClient, id string) string {
-	return attachURL(c, id)
-}
-
-func initializeConnectionURL(c *gophercloud.ServiceClient, id string) string {
-	return attachURL(c, id)
-}
-
-func teminateConnectionURL(c *gophercloud.ServiceClient, id string) string {
-	return attachURL(c, id)
-}
-
-func extendSizeURL(c *gophercloud.ServiceClient, id string) string {
-	return attachURL(c, id)
-}
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/v2/volumes/requests.go b/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/v2/volumes/requests.go
index 18c9cb272ecb..2ec10ad55ed4 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/v2/volumes/requests.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/v2/volumes/requests.go
@@ -83,14 +83,21 @@ type ListOptsBuilder interface {
 // ListOpts holds options for listing Volumes. It is passed to the volumes.List
 // function.
 type ListOpts struct {
-	// admin-only option. Set it to true to see all tenant volumes.
+	// AllTenants will retrieve volumes of all tenants/projects.
 	AllTenants bool `q:"all_tenants"`
-	// List only volumes that contain Metadata.
+
+	// Metadata will filter results based on specified metadata.
 	Metadata map[string]string `q:"metadata"`
-	// List only volumes that have Name as the display name.
+
+	// Name will filter by the specified volume name.
 	Name string `q:"name"`
-	// List only volumes that have a status of Status.
+
+	// Status will filter by the specified status.
 	Status string `q:"status"`
+
+	// TenantID will filter by a specific tenant/project ID.
+	// Setting AllTenants is required for this.
+	TenantID string `q:"project_id"`
 }
 
 // ToVolumeListQuery formats a ListOpts into a query string.
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/v3/volumes/requests.go b/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/v3/volumes/requests.go
index 18c9cb272ecb..43727409dd91 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/v3/volumes/requests.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/v3/volumes/requests.go
@@ -83,14 +83,34 @@ type ListOptsBuilder interface {
 // ListOpts holds options for listing Volumes. It is passed to the volumes.List
 // function.
 type ListOpts struct {
-	// admin-only option. Set it to true to see all tenant volumes.
+	// AllTenants will retrieve volumes of all tenants/projects.
 	AllTenants bool `q:"all_tenants"`
-	// List only volumes that contain Metadata.
+
+	// Metadata will filter results based on specified metadata.
 	Metadata map[string]string `q:"metadata"`
-	// List only volumes that have Name as the display name.
+
+	// Name will filter by the specified volume name.
 	Name string `q:"name"`
-	// List only volumes that have a status of Status.
+
+	// Status will filter by the specified status.
 	Status string `q:"status"`
+
+	// TenantID will filter by a specific tenant/project ID.
+	// Setting AllTenants is required for this.
+	TenantID string `q:"project_id"`
+
+	// Comma-separated list of sort keys and optional sort directions in the
+	// form of <key>[:<direction>].
+	Sort string `q:"sort"`
+
+	// Requests a page size of items.
+	Limit int `q:"limit"`
+
+	// Used in conjunction with limit to return a slice of items.
+	Offset int `q:"offset"`
+
+	// The ID of the last-seen item.
+	Marker string `q:"marker"`
 }
 
 // ToVolumeListQuery formats a ListOpts into a query string.
@@ -111,7 +131,7 @@ func List(client *gophercloud.ServiceClient, opts ListOptsBuilder) pagination.Pa
 	}
 
 	return pagination.NewPager(client, url, func(r pagination.PageResult) pagination.Page {
-		return VolumePage{pagination.SinglePageBase(r)}
+		return VolumePage{pagination.LinkedPageBase{PageResult: r}}
 	})
 }
 
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/v3/volumes/results.go b/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/v3/volumes/results.go
index 5ebe36a33854..87f71262c1db 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/v3/volumes/results.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/blockstorage/v3/volumes/results.go
@@ -101,7 +101,7 @@ func (r *Volume) UnmarshalJSON(b []byte) error {
 
 // VolumePage is a pagination.pager that is returned from a call to the List function.
 type VolumePage struct {
-	pagination.SinglePageBase
+	pagination.LinkedPageBase
 }
 
 // IsEmpty returns true if a ListResult contains no Volumes.
@@ -110,6 +110,17 @@ func (r VolumePage) IsEmpty() (bool, error) {
 	return len(volumes) == 0, err
 }
 
+func (page VolumePage) NextPageURL() (string, error) {
+	var s struct {
+		Links []gophercloud.Link `json:"volumes_links"`
+	}
+	err := page.ExtractInto(&s)
+	if err != nil {
+		return "", err
+	}
+	return gophercloud.ExtractNextURL(s.Links)
+}
+
 // ExtractVolumes extracts and returns Volumes. It is used while iterating over a volumes.List call.
 func ExtractVolumes(r pagination.Page) ([]Volume, error) {
 	var s []Volume
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/client.go b/vendor/github.com/gophercloud/gophercloud/openstack/client.go
index c796795b8ee9..5a52e5791487 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/client.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/client.go
@@ -56,11 +56,12 @@ func NewClient(endpoint string) (*gophercloud.ProviderClient, error) {
 	endpoint = gophercloud.NormalizeURL(endpoint)
 	base = gophercloud.NormalizeURL(base)
 
-	return &gophercloud.ProviderClient{
-		IdentityBase:     base,
-		IdentityEndpoint: endpoint,
-	}, nil
+	p := new(gophercloud.ProviderClient)
+	p.IdentityBase = base
+	p.IdentityEndpoint = endpoint
+	p.UseTokenLock()
 
+	return p, nil
 }
 
 /*
@@ -158,9 +159,21 @@ func v2auth(client *gophercloud.ProviderClient, endpoint string, options gopherc
 	}
 
 	if options.AllowReauth {
+		// here we're creating a throw-away client (tac). it's a copy of the user's provider client, but
+		// with the token and reauth func zeroed out. combined with setting `AllowReauth` to `false`,
+		// this should retry authentication only once
+		tac := *client
+		tac.ReauthFunc = nil
+		tac.TokenID = ""
+		tao := options
+		tao.AllowReauth = false
 		client.ReauthFunc = func() error {
-			client.TokenID = ""
-			return v2auth(client, endpoint, options, eo)
+			err := v2auth(&tac, endpoint, tao, eo)
+			if err != nil {
+				return err
+			}
+			client.TokenID = tac.TokenID
+			return nil
 		}
 	}
 	client.TokenID = token.ID
@@ -202,9 +215,32 @@ func v3auth(client *gophercloud.ProviderClient, endpoint string, opts tokens3.Au
 	client.TokenID = token.ID
 
 	if opts.CanReauth() {
+		// here we're creating a throw-away client (tac). it's a copy of the user's provider client, but
+		// with the token and reauth func zeroed out. combined with setting `AllowReauth` to `false`,
+		// this should retry authentication only once
+		tac := *client
+		tac.ReauthFunc = nil
+		tac.TokenID = ""
+		var tao tokens3.AuthOptionsBuilder
+		switch ot := opts.(type) {
+		case *gophercloud.AuthOptions:
+			o := *ot
+			o.AllowReauth = false
+			tao = &o
+		case *tokens3.AuthOptions:
+			o := *ot
+			o.AllowReauth = false
+			tao = &o
+		default:
+			tao = opts
+		}
 		client.ReauthFunc = func() error {
-			client.TokenID = ""
-			return v3auth(client, endpoint, opts, eo)
+			err := v3auth(&tac, endpoint, tao, eo)
+			if err != nil {
+				return err
+			}
+			client.TokenID = tac.TokenID
+			return nil
 		}
 	}
 	client.EndpointLocator = func(opts gophercloud.EndpointOpts) (string, error) {
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/attachinterfaces/doc.go b/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/attachinterfaces/doc.go
index a99601371173..3653122bf30f 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/attachinterfaces/doc.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/attachinterfaces/doc.go
@@ -18,5 +18,35 @@ Example of Listing a Server's Interfaces
 	for _, interface := range allInterfaces {
 		fmt.Printf("%+v\n", interface)
 	}
+
+Example to Get a Server's Interface
+
+	portID = "0dde1598-b374-474e-986f-5b8dd1df1d4e"
+	serverID := "b07e7a3b-d951-4efc-a4f9-ac9f001afb7f"
+	interface, err := attachinterfaces.Get(computeClient, serverID, portID).Extract()
+	if err != nil {
+		panic(err)
+	}
+
+Example to Create a new Interface attachment on the Server
+
+	networkID := "8a5fe506-7e9f-4091-899b-96336909d93c"
+	serverID := "b07e7a3b-d951-4efc-a4f9-ac9f001afb7f"
+	attachOpts := attachinterfaces.CreateOpts{
+		NetworkID: networkID,
+	}
+	interface, err := attachinterfaces.Create(computeClient, serverID, attachOpts).Extract()
+	if err != nil {
+		panic(err)
+	}
+
+Example to Delete an Interface attachment from the Server
+
+	portID = "0dde1598-b374-474e-986f-5b8dd1df1d4e"
+	serverID := "b07e7a3b-d951-4efc-a4f9-ac9f001afb7f"
+	err := attachinterfaces.Delete(computeClient, serverID, portID).ExtractErr()
+	if err != nil {
+		panic(err)
+	}
 */
 package attachinterfaces
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/attachinterfaces/requests.go b/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/attachinterfaces/requests.go
index faf2747246ad..18dade837c17 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/attachinterfaces/requests.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/attachinterfaces/requests.go
@@ -11,3 +11,62 @@ func List(client *gophercloud.ServiceClient, serverID string) pagination.Pager {
 		return InterfacePage{pagination.SinglePageBase(r)}
 	})
 }
+
+// Get requests details on a single interface attachment by the server and port IDs.
+func Get(client *gophercloud.ServiceClient, serverID, portID string) (r GetResult) {
+	_, r.Err = client.Get(getInterfaceURL(client, serverID, portID), &r.Body, &gophercloud.RequestOpts{
+		OkCodes: []int{200},
+	})
+	return
+}
+
+// CreateOptsBuilder allows extensions to add additional parameters to the
+// Create request.
+type CreateOptsBuilder interface {
+	ToAttachInterfacesCreateMap() (map[string]interface{}, error)
+}
+
+// CreateOpts specifies parameters of a new interface attachment.
+type CreateOpts struct {
+
+	// PortID is the ID of the port for which you want to create an interface.
+	// The NetworkID and PortID parameters are mutually exclusive.
+	// If you do not specify the PortID parameter, the OpenStack Networking API
+	// v2.0 allocates a port and creates an interface for it on the network.
+	PortID string `json:"port_id,omitempty"`
+
+	// NetworkID is the ID of the network for which you want to create an interface.
+	// The NetworkID and PortID parameters are mutually exclusive.
+	// If you do not specify the NetworkID parameter, the OpenStack Networking
+	// API v2.0 uses the network information cache that is associated with the instance.
+	NetworkID string `json:"net_id,omitempty"`
+
+	// Slice of FixedIPs. If you request a specific FixedIP address without a
+	// NetworkID, the request returns a Bad Request (400) response code.
+	FixedIPs []FixedIP `json:"fixed_ips,omitempty"`
+}
+
+// ToAttachInterfacesCreateMap constructs a request body from CreateOpts.
+func (opts CreateOpts) ToAttachInterfacesCreateMap() (map[string]interface{}, error) {
+	return gophercloud.BuildRequestBody(opts, "interfaceAttachment")
+}
+
+// Create requests the creation of a new interface attachment on the server.
+func Create(client *gophercloud.ServiceClient, serverID string, opts CreateOptsBuilder) (r CreateResult) {
+	b, err := opts.ToAttachInterfacesCreateMap()
+	if err != nil {
+		r.Err = err
+		return
+	}
+	_, r.Err = client.Post(createInterfaceURL(client, serverID), b, &r.Body, &gophercloud.RequestOpts{
+		OkCodes: []int{200},
+	})
+	return
+}
+
+// Delete makes a request against the nova API to detach a single interface from the server.
+// It needs server and port IDs to make a such request.
+func Delete(client *gophercloud.ServiceClient, serverID, portID string) (r DeleteResult) {
+	_, r.Err = client.Delete(deleteInterfaceURL(client, serverID, portID), nil)
+	return
+}
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/attachinterfaces/results.go b/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/attachinterfaces/results.go
index e3987eaca841..a16fa14f7598 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/attachinterfaces/results.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/attachinterfaces/results.go
@@ -1,9 +1,41 @@
 package attachinterfaces
 
 import (
+	"github.com/gophercloud/gophercloud"
 	"github.com/gophercloud/gophercloud/pagination"
 )
 
+type attachInterfaceResult struct {
+	gophercloud.Result
+}
+
+// Extract interprets any attachInterfaceResult as an Interface, if possible.
+func (r attachInterfaceResult) Extract() (*Interface, error) {
+	var s struct {
+		Interface *Interface `json:"interfaceAttachment"`
+	}
+	err := r.ExtractInto(&s)
+	return s.Interface, err
+}
+
+// GetResult is the response from a Get operation. Call its Extract
+// method to interpret it as an Interface.
+type GetResult struct {
+	attachInterfaceResult
+}
+
+// CreateResult is the response from a Create operation. Call its Extract
+// method to interpret it as an Interface.
+type CreateResult struct {
+	attachInterfaceResult
+}
+
+// DeleteResult is the response from a Delete operation. Call its ExtractErr
+// method to determine if the call succeeded or failed.
+type DeleteResult struct {
+	gophercloud.ErrResult
+}
+
 // FixedIP represents a Fixed IP Address.
 type FixedIP struct {
 	SubnetID  string `json:"subnet_id"`
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/attachinterfaces/urls.go b/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/attachinterfaces/urls.go
index 7d376f99bb56..50292e8b5a55 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/attachinterfaces/urls.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/attachinterfaces/urls.go
@@ -5,3 +5,14 @@ import "github.com/gophercloud/gophercloud"
 func listInterfaceURL(client *gophercloud.ServiceClient, serverID string) string {
 	return client.ServiceURL("servers", serverID, "os-interface")
 }
+
+func getInterfaceURL(client *gophercloud.ServiceClient, serverID, portID string) string {
+	return client.ServiceURL("servers", serverID, "os-interface", portID)
+}
+
+func createInterfaceURL(client *gophercloud.ServiceClient, serverID string) string {
+	return client.ServiceURL("servers", serverID, "os-interface")
+}
+func deleteInterfaceURL(client *gophercloud.ServiceClient, serverID, portID string) string {
+	return client.ServiceURL("servers", serverID, "os-interface", portID)
+}
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/flavors/doc.go b/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/flavors/doc.go
index a7bc15c3e5cc..34d8764fadb2 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/flavors/doc.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/flavors/doc.go
@@ -59,5 +59,79 @@ Example to List Flavor Access
 	for _, access := range allAccesses {
 		fmt.Printf("%+v", access)
 	}
+
+Example to Grant Access to a Flavor
+
+	flavorID := "e91758d6-a54a-4778-ad72-0c73a1cb695b"
+
+	accessOpts := flavors.AddAccessOpts{
+		Tenant: "15153a0979884b59b0592248ef947921",
+	}
+
+	accessList, err := flavors.AddAccess(computeClient, flavor.ID, accessOpts).Extract()
+	if err != nil {
+		panic(err)
+	}
+
+Example to Remove/Revoke Access to a Flavor
+
+	flavorID := "e91758d6-a54a-4778-ad72-0c73a1cb695b"
+
+	accessOpts := flavors.RemoveAccessOpts{
+		Tenant: "15153a0979884b59b0592248ef947921",
+	}
+
+	accessList, err := flavors.RemoveAccess(computeClient, flavor.ID, accessOpts).Extract()
+	if err != nil {
+		panic(err)
+	}
+
+Example to Create Extra Specs for a Flavor
+
+	flavorID := "e91758d6-a54a-4778-ad72-0c73a1cb695b"
+
+	createOpts := flavors.ExtraSpecsOpts{
+		"hw:cpu_policy":        "CPU-POLICY",
+		"hw:cpu_thread_policy": "CPU-THREAD-POLICY",
+	}
+	createdExtraSpecs, err := flavors.CreateExtraSpecs(computeClient, flavorID, createOpts).Extract()
+	if err != nil {
+		panic(err)
+	}
+
+	fmt.Printf("%+v", createdExtraSpecs)
+
+Example to Get Extra Specs for a Flavor
+
+	flavorID := "e91758d6-a54a-4778-ad72-0c73a1cb695b"
+
+	extraSpecs, err := flavors.ListExtraSpecs(computeClient, flavorID).Extract()
+	if err != nil {
+		panic(err)
+	}
+
+	fmt.Printf("%+v", extraSpecs)
+
+Example to Update Extra Specs for a Flavor
+
+	flavorID := "e91758d6-a54a-4778-ad72-0c73a1cb695b"
+
+	updateOpts := flavors.ExtraSpecsOpts{
+		"hw:cpu_thread_policy": "CPU-THREAD-POLICY-UPDATED",
+	}
+	updatedExtraSpec, err := flavors.UpdateExtraSpec(computeClient, flavorID, updateOpts).Extract()
+	if err != nil {
+		panic(err)
+	}
+
+	fmt.Printf("%+v", updatedExtraSpec)
+
+Example to Delete an Extra Spec for a Flavor
+
+	flavorID := "e91758d6-a54a-4778-ad72-0c73a1cb695b"
+	err := flavors.DeleteExtraSpec(computeClient, flavorID, "hw:cpu_thread_policy").ExtractErr()
+	if err != nil {
+		panic(err)
+	}
 */
 package flavors
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/flavors/requests.go b/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/flavors/requests.go
index 6eb3678b2bd2..e7041df05986 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/flavors/requests.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/flavors/requests.go
@@ -162,6 +162,151 @@ func ListAccesses(client *gophercloud.ServiceClient, id string) pagination.Pager
 	})
 }
 
+// AddAccessOptsBuilder allows extensions to add additional parameters to the
+// AddAccess requests.
+type AddAccessOptsBuilder interface {
+	ToFlavorAddAccessMap() (map[string]interface{}, error)
+}
+
+// AddAccessOpts represents options for adding access to a flavor.
+type AddAccessOpts struct {
+	// Tenant is the project/tenant ID to grant access.
+	Tenant string `json:"tenant"`
+}
+
+// ToFlavorAddAccessMap constructs a request body from AddAccessOpts.
+func (opts AddAccessOpts) ToFlavorAddAccessMap() (map[string]interface{}, error) {
+	return gophercloud.BuildRequestBody(opts, "addTenantAccess")
+}
+
+// AddAccess grants a tenant/project access to a flavor.
+func AddAccess(client *gophercloud.ServiceClient, id string, opts AddAccessOptsBuilder) (r AddAccessResult) {
+	b, err := opts.ToFlavorAddAccessMap()
+	if err != nil {
+		r.Err = err
+		return
+	}
+	_, r.Err = client.Post(accessActionURL(client, id), b, &r.Body, &gophercloud.RequestOpts{
+		OkCodes: []int{200},
+	})
+	return
+}
+
+// RemoveAccessOptsBuilder allows extensions to add additional parameters to the
+// RemoveAccess requests.
+type RemoveAccessOptsBuilder interface {
+	ToFlavorRemoveAccessMap() (map[string]interface{}, error)
+}
+
+// RemoveAccessOpts represents options for removing access to a flavor.
+type RemoveAccessOpts struct {
+	// Tenant is the project/tenant ID to grant access.
+	Tenant string `json:"tenant"`
+}
+
+// ToFlavorRemoveAccessMap constructs a request body from RemoveAccessOpts.
+func (opts RemoveAccessOpts) ToFlavorRemoveAccessMap() (map[string]interface{}, error) {
+	return gophercloud.BuildRequestBody(opts, "removeTenantAccess")
+}
+
+// RemoveAccess removes/revokes a tenant/project access to a flavor.
+func RemoveAccess(client *gophercloud.ServiceClient, id string, opts RemoveAccessOptsBuilder) (r RemoveAccessResult) {
+	b, err := opts.ToFlavorRemoveAccessMap()
+	if err != nil {
+		r.Err = err
+		return
+	}
+	_, r.Err = client.Post(accessActionURL(client, id), b, &r.Body, &gophercloud.RequestOpts{
+		OkCodes: []int{200},
+	})
+	return
+}
+
+// ExtraSpecs requests all the extra-specs for the given flavor ID.
+func ListExtraSpecs(client *gophercloud.ServiceClient, flavorID string) (r ListExtraSpecsResult) {
+	_, r.Err = client.Get(extraSpecsListURL(client, flavorID), &r.Body, nil)
+	return
+}
+
+func GetExtraSpec(client *gophercloud.ServiceClient, flavorID string, key string) (r GetExtraSpecResult) {
+	_, r.Err = client.Get(extraSpecsGetURL(client, flavorID, key), &r.Body, nil)
+	return
+}
+
+// CreateExtraSpecsOptsBuilder allows extensions to add additional parameters to the
+// CreateExtraSpecs requests.
+type CreateExtraSpecsOptsBuilder interface {
+	ToExtraSpecsCreateMap() (map[string]interface{}, error)
+}
+
+// ExtraSpecsOpts is a map that contains key-value pairs.
+type ExtraSpecsOpts map[string]string
+
+// ToExtraSpecsCreateMap assembles a body for a Create request based on the
+// contents of a ExtraSpecsOpts
+func (opts ExtraSpecsOpts) ToExtraSpecsCreateMap() (map[string]interface{}, error) {
+	return map[string]interface{}{"extra_specs": opts}, nil
+}
+
+// CreateExtraSpecs will create or update the extra-specs key-value pairs for the specified Flavor
+func CreateExtraSpecs(client *gophercloud.ServiceClient, flavorID string, opts CreateExtraSpecsOptsBuilder) (r CreateExtraSpecsResult) {
+	b, err := opts.ToExtraSpecsCreateMap()
+	if err != nil {
+		r.Err = err
+		return
+	}
+	_, r.Err = client.Post(extraSpecsCreateURL(client, flavorID), b, &r.Body, &gophercloud.RequestOpts{
+		OkCodes: []int{200},
+	})
+	return
+}
+
+// UpdateExtraSpecOptsBuilder allows extensions to add additional parameters to the
+// Update request.
+type UpdateExtraSpecOptsBuilder interface {
+	ToExtraSpecUpdateMap() (map[string]string, string, error)
+}
+
+// ToExtraSpecUpdateMap assembles a body for an Update request based on the
+// contents of a ExtraSpecOpts.
+func (opts ExtraSpecsOpts) ToExtraSpecUpdateMap() (map[string]string, string, error) {
+	if len(opts) != 1 {
+		err := gophercloud.ErrInvalidInput{}
+		err.Argument = "flavors.ExtraSpecOpts"
+		err.Info = "Must have 1 and only one key-value pair"
+		return nil, "", err
+	}
+
+	var key string
+	for k := range opts {
+		key = k
+	}
+
+	return opts, key, nil
+}
+
+// UpdateExtraSpec will updates the value of the specified flavor's extra spec for the key in opts.
+func UpdateExtraSpec(client *gophercloud.ServiceClient, flavorID string, opts UpdateExtraSpecOptsBuilder) (r UpdateExtraSpecResult) {
+	b, key, err := opts.ToExtraSpecUpdateMap()
+	if err != nil {
+		r.Err = err
+		return
+	}
+	_, r.Err = client.Put(extraSpecUpdateURL(client, flavorID, key), b, &r.Body, &gophercloud.RequestOpts{
+		OkCodes: []int{200},
+	})
+	return
+}
+
+// DeleteExtraSpec will delete the key-value pair with the given key for the given
+// flavor ID.
+func DeleteExtraSpec(client *gophercloud.ServiceClient, flavorID, key string) (r DeleteExtraSpecResult) {
+	_, r.Err = client.Delete(extraSpecDeleteURL(client, flavorID, key), &gophercloud.RequestOpts{
+		OkCodes: []int{200},
+	})
+	return
+}
+
 // IDFromName is a convienience function that returns a flavor's ID given its
 // name.
 func IDFromName(client *gophercloud.ServiceClient, name string) (string, error) {
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/flavors/results.go b/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/flavors/results.go
index fb5c335b8eac..525cddaea222 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/flavors/results.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/flavors/results.go
@@ -66,6 +66,9 @@ type Flavor struct {
 
 	// IsPublic indicates whether the flavor is public.
 	IsPublic bool `json:"os-flavor-access:is_public"`
+
+	// Ephemeral is the amount of ephemeral disk space, measured in GB.
+	Ephemeral int `json:"OS-FLV-EXT-DATA:ephemeral"`
 }
 
 func (r *Flavor) UnmarshalJSON(b []byte) error {
@@ -154,6 +157,32 @@ func ExtractAccesses(r pagination.Page) ([]FlavorAccess, error) {
 	return s.FlavorAccesses, err
 }
 
+type accessResult struct {
+	gophercloud.Result
+}
+
+// AddAccessResult is the response of an AddAccess operation. Call its
+// Extract method to interpret it as a slice of FlavorAccess.
+type AddAccessResult struct {
+	accessResult
+}
+
+// RemoveAccessResult is the response of a RemoveAccess operation. Call its
+// Extract method to interpret it as a slice of FlavorAccess.
+type RemoveAccessResult struct {
+	accessResult
+}
+
+// Extract provides access to the result of an access create or delete.
+// The result will be all accesses that the flavor has.
+func (r accessResult) Extract() ([]FlavorAccess, error) {
+	var s struct {
+		FlavorAccesses []FlavorAccess `json:"flavor_access"`
+	}
+	err := r.ExtractInto(&s)
+	return s.FlavorAccesses, err
+}
+
 // FlavorAccess represents an ACL of tenant access to a specific Flavor.
 type FlavorAccess struct {
 	// FlavorID is the unique ID of the flavor.
@@ -162,3 +191,62 @@ type FlavorAccess struct {
 	// TenantID is the unique ID of the tenant.
 	TenantID string `json:"tenant_id"`
 }
+
+// Extract interprets any extraSpecsResult as ExtraSpecs, if possible.
+func (r extraSpecsResult) Extract() (map[string]string, error) {
+	var s struct {
+		ExtraSpecs map[string]string `json:"extra_specs"`
+	}
+	err := r.ExtractInto(&s)
+	return s.ExtraSpecs, err
+}
+
+// extraSpecsResult contains the result of a call for (potentially) multiple
+// key-value pairs. Call its Extract method to interpret it as a
+// map[string]interface.
+type extraSpecsResult struct {
+	gophercloud.Result
+}
+
+// ListExtraSpecsResult contains the result of a Get operation. Call its Extract
+// method to interpret it as a map[string]interface.
+type ListExtraSpecsResult struct {
+	extraSpecsResult
+}
+
+// CreateExtraSpecResult contains the result of a Create operation. Call its
+// Extract method to interpret it as a map[string]interface.
+type CreateExtraSpecsResult struct {
+	extraSpecsResult
+}
+
+// extraSpecResult contains the result of a call for individual a single
+// key-value pair.
+type extraSpecResult struct {
+	gophercloud.Result
+}
+
+// GetExtraSpecResult contains the result of a Get operation. Call its Extract
+// method to interpret it as a map[string]interface.
+type GetExtraSpecResult struct {
+	extraSpecResult
+}
+
+// UpdateExtraSpecResult contains the result of an Update operation. Call its
+// Extract method to interpret it as a map[string]interface.
+type UpdateExtraSpecResult struct {
+	extraSpecResult
+}
+
+// DeleteExtraSpecResult contains the result of a Delete operation. Call its
+// ExtractErr method to determine if the call succeeded or failed.
+type DeleteExtraSpecResult struct {
+	gophercloud.ErrResult
+}
+
+// Extract interprets any extraSpecResult as an ExtraSpec, if possible.
+func (r extraSpecResult) Extract() (map[string]string, error) {
+	var s map[string]string
+	err := r.ExtractInto(&s)
+	return s, err
+}
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/flavors/urls.go b/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/flavors/urls.go
index 04d33bf1279f..8620dd78ad0a 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/flavors/urls.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/flavors/urls.go
@@ -23,3 +23,27 @@ func deleteURL(client *gophercloud.ServiceClient, id string) string {
 func accessURL(client *gophercloud.ServiceClient, id string) string {
 	return client.ServiceURL("flavors", id, "os-flavor-access")
 }
+
+func accessActionURL(client *gophercloud.ServiceClient, id string) string {
+	return client.ServiceURL("flavors", id, "action")
+}
+
+func extraSpecsListURL(client *gophercloud.ServiceClient, id string) string {
+	return client.ServiceURL("flavors", id, "os-extra_specs")
+}
+
+func extraSpecsGetURL(client *gophercloud.ServiceClient, id, key string) string {
+	return client.ServiceURL("flavors", id, "os-extra_specs", key)
+}
+
+func extraSpecsCreateURL(client *gophercloud.ServiceClient, id string) string {
+	return client.ServiceURL("flavors", id, "os-extra_specs")
+}
+
+func extraSpecUpdateURL(client *gophercloud.ServiceClient, id, key string) string {
+	return client.ServiceURL("flavors", id, "os-extra_specs", key)
+}
+
+func extraSpecDeleteURL(client *gophercloud.ServiceClient, id, key string) string {
+	return client.ServiceURL("flavors", id, "os-extra_specs", key)
+}
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/layer3/floatingips/requests.go b/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/layer3/floatingips/requests.go
index 1c8a8b2f13f3..0a6eb62cb646 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/layer3/floatingips/requests.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/layer3/floatingips/requests.go
@@ -53,6 +53,7 @@ type CreateOpts struct {
 	FloatingIP        string `json:"floating_ip_address,omitempty"`
 	PortID            string `json:"port_id,omitempty"`
 	FixedIP           string `json:"fixed_ip_address,omitempty"`
+	SubnetID          string `json:"subnet_id,omitempty"`
 	TenantID          string `json:"tenant_id,omitempty"`
 }
 
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/layer3/routers/requests.go b/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/layer3/routers/requests.go
index 6799d200b7ad..fa346c8555f2 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/layer3/routers/requests.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/layer3/routers/requests.go
@@ -49,11 +49,12 @@ type CreateOptsBuilder interface {
 // CreateOpts contains all the values needed to create a new router. There are
 // no required values.
 type CreateOpts struct {
-	Name         string       `json:"name,omitempty"`
-	AdminStateUp *bool        `json:"admin_state_up,omitempty"`
-	Distributed  *bool        `json:"distributed,omitempty"`
-	TenantID     string       `json:"tenant_id,omitempty"`
-	GatewayInfo  *GatewayInfo `json:"external_gateway_info,omitempty"`
+	Name                  string       `json:"name,omitempty"`
+	AdminStateUp          *bool        `json:"admin_state_up,omitempty"`
+	Distributed           *bool        `json:"distributed,omitempty"`
+	TenantID              string       `json:"tenant_id,omitempty"`
+	GatewayInfo           *GatewayInfo `json:"external_gateway_info,omitempty"`
+	AvailabilityZoneHints []string     `json:"availability_zone_hints,omitempty"`
 }
 
 // ToRouterCreateMap builds a create request body from CreateOpts.
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/layer3/routers/results.go b/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/layer3/routers/results.go
index e19c8e74c47b..da1b9e4bdfa9 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/layer3/routers/results.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/layer3/routers/results.go
@@ -60,6 +60,10 @@ type Router struct {
 
 	// Routes are a collection of static routes that the router will host.
 	Routes []Route `json:"routes"`
+
+	// Availability zone hints groups network nodes that run services like DHCP, L3, FW, and others.
+	// Used to make network resources highly available.
+	AvailabilityZoneHints []string `json:"availability_zone_hints"`
 }
 
 // RouterPage is the page returned by a pager when traversing over a
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/networks/requests.go b/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/networks/requests.go
index 5b61b247192b..040f32183b49 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/networks/requests.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/networks/requests.go
@@ -66,10 +66,11 @@ type CreateOptsBuilder interface {
 
 // CreateOpts represents options used to create a network.
 type CreateOpts struct {
-	AdminStateUp *bool  `json:"admin_state_up,omitempty"`
-	Name         string `json:"name,omitempty"`
-	Shared       *bool  `json:"shared,omitempty"`
-	TenantID     string `json:"tenant_id,omitempty"`
+	AdminStateUp          *bool    `json:"admin_state_up,omitempty"`
+	Name                  string   `json:"name,omitempty"`
+	Shared                *bool    `json:"shared,omitempty"`
+	TenantID              string   `json:"tenant_id,omitempty"`
+	AvailabilityZoneHints []string `json:"availability_zone_hints,omitempty"`
 }
 
 // ToNetworkCreateMap builds a request body from CreateOpts.
diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/networks/results.go b/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/networks/results.go
index ffd0259f1d2f..c73f9e1a63fd 100644
--- a/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/networks/results.go
+++ b/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/networks/results.go
@@ -69,6 +69,10 @@ type Network struct {
 
 	// Specifies whether the network resource can be accessed by any tenant.
 	Shared bool `json:"shared"`
+
+	// Availability zone hints groups network nodes that run services like DHCP, L3, FW, and others.
+	// Used to make network resources highly available.
+	AvailabilityZoneHints []string `json:"availability_zone_hints"`
 }
 
 // NetworkPage is the page returned by a pager when traversing over a
diff --git a/vendor/github.com/gophercloud/gophercloud/params.go b/vendor/github.com/gophercloud/gophercloud/params.go
index 687af3dc0ce6..28ad9068565b 100644
--- a/vendor/github.com/gophercloud/gophercloud/params.go
+++ b/vendor/github.com/gophercloud/gophercloud/params.go
@@ -115,10 +115,15 @@ func BuildRequestBody(opts interface{}, parent string) (map[string]interface{},
 				}
 			}
 
+			jsonTag := f.Tag.Get("json")
+			if jsonTag == "-" {
+				continue
+			}
+
 			if v.Kind() == reflect.Struct || (v.Kind() == reflect.Ptr && v.Elem().Kind() == reflect.Struct) {
 				if zero {
 					//fmt.Printf("value before change: %+v\n", optsValue.Field(i))
-					if jsonTag := f.Tag.Get("json"); jsonTag != "" {
+					if jsonTag != "" {
 						jsonTagPieces := strings.Split(jsonTag, ",")
 						if len(jsonTagPieces) > 1 && jsonTagPieces[1] == "omitempty" {
 							if v.CanSet() {
diff --git a/vendor/github.com/gophercloud/gophercloud/provider_client.go b/vendor/github.com/gophercloud/gophercloud/provider_client.go
index 01b3010739ae..72daeb0a3eb0 100644
--- a/vendor/github.com/gophercloud/gophercloud/provider_client.go
+++ b/vendor/github.com/gophercloud/gophercloud/provider_client.go
@@ -7,6 +7,7 @@ import (
 	"io/ioutil"
 	"net/http"
 	"strings"
+	"sync"
 )
 
 // DefaultUserAgent is the default User-Agent string set in the request header.
@@ -51,6 +52,8 @@ type ProviderClient struct {
 	IdentityEndpoint string
 
 	// TokenID is the ID of the most recently issued valid token.
+	// NOTE: Aside from within a custom ReauthFunc, this field shouldn't be set by an application.
+	// To safely read or write this value, call `Token` or `SetToken`, respectively
 	TokenID string
 
 	// EndpointLocator describes how this provider discovers the endpoints for
@@ -68,16 +71,59 @@ type ProviderClient struct {
 	// authentication functions for different Identity service versions.
 	ReauthFunc func() error
 
-	Debug bool
+	mut *sync.RWMutex
+
+	reauthmut *reauthlock
+}
+
+type reauthlock struct {
+	sync.RWMutex
+	reauthing bool
 }
 
 // AuthenticatedHeaders returns a map of HTTP headers that are common for all
 // authenticated service requests.
-func (client *ProviderClient) AuthenticatedHeaders() map[string]string {
-	if client.TokenID == "" {
-		return map[string]string{}
+func (client *ProviderClient) AuthenticatedHeaders() (m map[string]string) {
+	if client.reauthmut != nil {
+		client.reauthmut.RLock()
+		if client.reauthmut.reauthing {
+			client.reauthmut.RUnlock()
+			return
+		}
+		client.reauthmut.RUnlock()
+	}
+	t := client.Token()
+	if t == "" {
+		return
+	}
+	return map[string]string{"X-Auth-Token": t}
+}
+
+// UseTokenLock creates a mutex that is used to allow safe concurrent access to the auth token.
+// If the application's ProviderClient is not used concurrently, this doesn't need to be called.
+func (client *ProviderClient) UseTokenLock() {
+	client.mut = new(sync.RWMutex)
+	client.reauthmut = new(reauthlock)
+}
+
+// Token safely reads the value of the auth token from the ProviderClient. Applications should
+// call this method to access the token instead of the TokenID field
+func (client *ProviderClient) Token() string {
+	if client.mut != nil {
+		client.mut.RLock()
+		defer client.mut.RUnlock()
+	}
+	return client.TokenID
+}
+
+// SetToken safely sets the value of the auth token in the ProviderClient. Applications may
+// use this method in a custom ReauthFunc
+func (client *ProviderClient) SetToken(t string) {
+	if client.mut != nil {
+		client.mut.Lock()
+		defer client.mut.Unlock()
 	}
-	return map[string]string{"X-Auth-Token": client.TokenID}
+	client.TokenID = t
 }
 
 // RequestOpts customizes the behavior of the provider.Request() method.
@@ -166,6 +212,8 @@ func (client *ProviderClient) Request(method, url string, options *RequestOpts)
 	// Set connection parameter to close the connection immediately when we've got the response
 	req.Close = true
 
+	prereqtok := req.Header.Get("X-Auth-Token")
+
 	// Issue the request.
 	resp, err := client.HTTPClient.Do(req)
 	if err != nil {
@@ -189,9 +237,6 @@ func (client *ProviderClient) Request(method, url string, options *RequestOpts)
 	if !ok {
 		body, _ := ioutil.ReadAll(resp.Body)
 		resp.Body.Close()
-		//pc := make([]uintptr, 1)
-		//runtime.Callers(2, pc)
-		//f := runtime.FuncForPC(pc[0])
 		respErr := ErrUnexpectedResponseCode{
 			URL:      url,
 			Method:   method,
@@ -199,7 +244,6 @@ func (client *ProviderClient) Request(method, url string, options *RequestOpts)
 			Actual:   resp.StatusCode,
 			Body:     body,
 		}
-		//respErr.Function = "gophercloud.ProviderClient.Request"
 
 		errType := options.ErrorContext
 		switch resp.StatusCode {
@@ -210,7 +254,21 @@ func (client *ProviderClient) Request(method, url string, options *RequestOpts)
 			}
 		case http.StatusUnauthorized:
 			if client.ReauthFunc != nil {
-				err = client.ReauthFunc()
+				if client.mut != nil {
+					client.mut.Lock()
+					client.reauthmut.Lock()
+					client.reauthmut.reauthing = true
+					client.reauthmut.Unlock()
+					if curtok := client.TokenID; curtok == prereqtok {
+						err = client.ReauthFunc()
+					}
+					client.reauthmut.Lock()
+					client.reauthmut.reauthing = false
+					client.reauthmut.Unlock()
+					client.mut.Unlock()
+				} else {
+					err = client.ReauthFunc()
+				}
 				if err != nil {
 					e := &ErrUnableToReauthenticate{}
 					e.ErrOriginal = respErr
diff --git a/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/context.go b/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/context.go
index f248c738b232..6e0eb27e2858 100644
--- a/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/context.go
+++ b/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/context.go
@@ -9,18 +9,23 @@ import (
 	"time"
 
 	"golang.org/x/net/context"
-	"google.golang.org/grpc"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/grpclog"
 	"google.golang.org/grpc/metadata"
+	"google.golang.org/grpc/status"
 )
 
-// MetadataHeaderPrefix is prepended to HTTP headers in order to convert them to 
-// gRPC metadata for incoming requests processed by grpc-gateway
+// MetadataHeaderPrefix is the http prefix that represents custom metadata
+// parameters to or from a gRPC call.
 const MetadataHeaderPrefix = "Grpc-Metadata-"
+
+// MetadataPrefix is the prefix for grpc-gateway supplied custom metadata fields.
+const MetadataPrefix = "grpcgateway-"
+
 // MetadataTrailerPrefix is prepended to gRPC metadata as it is converted to
 // HTTP headers in a response handled by grpc-gateway
 const MetadataTrailerPrefix = "Grpc-Trailer-"
+
 const metadataGrpcTimeout = "Grpc-Timeout"
 
 const xForwardedFor = "X-Forwarded-For"
@@ -39,25 +44,25 @@ At a minimum, the RemoteAddr is included in the fashion of "X-Forwarded-For",
 except that the forwarded destination is not another HTTP service but rather
 a gRPC service.
 */
-func AnnotateContext(ctx context.Context, req *http.Request) (context.Context, error) {
+func AnnotateContext(ctx context.Context, mux *ServeMux, req *http.Request) (context.Context, error) {
 	var pairs []string
 	timeout := DefaultContextTimeout
 	if tm := req.Header.Get(metadataGrpcTimeout); tm != "" {
 		var err error
 		timeout, err = timeoutDecode(tm)
 		if err != nil {
-			return nil, grpc.Errorf(codes.InvalidArgument, "invalid grpc-timeout: %s", tm)
+			return nil, status.Errorf(codes.InvalidArgument, "invalid grpc-timeout: %s", tm)
 		}
 	}
 
 	for key, vals := range req.Header {
 		for _, val := range vals {
-			if key == "Authorization" {
+			// For backwards-compatibility, pass through 'authorization' header with no prefix.
+			if strings.ToLower(key) == "authorization" {
 				pairs = append(pairs, "authorization", val)
-				continue
 			}
-			if strings.HasPrefix(key, MetadataHeaderPrefix) {
-				pairs = append(pairs, key[len(MetadataHeaderPrefix):], val)
+			if h, ok := mux.incomingHeaderMatcher(key); ok {
+				pairs = append(pairs, h, val)
 			}
 		}
 	}
@@ -85,7 +90,11 @@ func AnnotateContext(ctx context.Context, req *http.Request) (context.Context, e
 	if len(pairs) == 0 {
 		return ctx, nil
 	}
-	return metadata.NewContext(ctx, metadata.Pairs(pairs...)), nil
+	md := metadata.Pairs(pairs...)
+	if mux.metadataAnnotator != nil {
+		md = metadata.Join(md, mux.metadataAnnotator(ctx, req))
+	}
+	return metadata.NewOutgoingContext(ctx, md), nil
 }
 
 // ServerMetadata consists of metadata sent from gRPC server.
@@ -141,3 +150,38 @@ func timeoutUnitToDuration(u uint8) (d time.Duration, ok bool) {
 	}
 	return
 }
+
+// isPermanentHTTPHeader checks whether hdr belongs to the list of
+// permenant request headers maintained by IANA.
+// http://www.iana.org/assignments/message-headers/message-headers.xml
+func isPermanentHTTPHeader(hdr string) bool {
+	switch hdr {
+	case
+		"Accept",
+		"Accept-Charset",
+		"Accept-Language",
+		"Accept-Ranges",
+		"Authorization",
+		"Cache-Control",
+		"Content-Type",
+		"Cookie",
+		"Date",
+		"Expect",
+		"From",
+		"Host",
+		"If-Match",
+		"If-Modified-Since",
+		"If-None-Match",
+		"If-Schedule-Tag-Match",
+		"If-Unmodified-Since",
+		"Max-Forwards",
+		"Origin",
+		"Pragma",
+		"Referer",
+		"User-Agent",
+		"Via",
+		"Warning":
+		return true
+	}
+	return false
+}
diff --git a/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/errors.go b/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/errors.go
index 0d3cb3bf3caf..8eebdcf49f49 100644
--- a/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/errors.go
+++ b/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/errors.go
@@ -6,9 +6,9 @@ import (
 
 	"github.com/golang/protobuf/proto"
 	"golang.org/x/net/context"
-	"google.golang.org/grpc"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/grpclog"
+	"google.golang.org/grpc/status"
 )
 
 // HTTPStatusFromCode converts a gRPC error code into the corresponding HTTP response status.
@@ -64,7 +64,7 @@ var (
 
 type errorBody struct {
 	Error string `protobuf:"bytes,1,name=error" json:"error"`
-	Code  int    `protobuf:"bytes,2,name=code" json:"code"`
+	Code  int32  `protobuf:"varint,2,name=code" json:"code"`
 }
 
 //Make this also conform to proto.Message for builtin JSONPb Marshaler
@@ -78,14 +78,20 @@ func (*errorBody) ProtoMessage()    {}
 //
 // The response body returned by this function is a JSON object,
 // which contains a member whose key is "error" and whose value is err.Error().
-func DefaultHTTPError(ctx context.Context, marshaler Marshaler, w http.ResponseWriter, _ *http.Request, err error) {
+func DefaultHTTPError(ctx context.Context, mux *ServeMux, marshaler Marshaler, w http.ResponseWriter, _ *http.Request, err error) {
 	const fallback = `{"error": "failed to marshal error message"}`
 
 	w.Header().Del("Trailer")
 	w.Header().Set("Content-Type", marshaler.ContentType())
+
+	s, ok := status.FromError(err)
+	if !ok {
+		s = status.New(codes.Unknown, err.Error())
+	}
+
 	body := &errorBody{
-		Error: grpc.ErrorDesc(err),
-		Code:  int(grpc.Code(err)),
+		Error: s.Message(),
+		Code:  int32(s.Code()),
 	}
 
 	buf, merr := marshaler.Marshal(body)
@@ -103,9 +109,9 @@ func DefaultHTTPError(ctx context.Context, marshaler Marshaler, w http.ResponseW
 		grpclog.Printf("Failed to extract ServerMetadata from context")
 	}
 
-	handleForwardResponseServerMetadata(w, md)
+	handleForwardResponseServerMetadata(w, mux, md)
 	handleForwardResponseTrailerHeader(w, md)
-	st := HTTPStatusFromCode(grpc.Code(err))
+	st := HTTPStatusFromCode(s.Code())
 	w.WriteHeader(st)
 	if _, err := w.Write(buf); err != nil {
 		grpclog.Printf("Failed to write response: %v", err)
diff --git a/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/handler.go b/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/handler.go
index d7040851ae9c..ae6a5d551cfb 100644
--- a/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/handler.go
+++ b/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/handler.go
@@ -9,12 +9,13 @@ import (
 	"github.com/golang/protobuf/proto"
 	"github.com/grpc-ecosystem/grpc-gateway/runtime/internal"
 	"golang.org/x/net/context"
-	"google.golang.org/grpc"
+	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/grpclog"
+	"google.golang.org/grpc/status"
 )
 
 // ForwardResponseStream forwards the stream from gRPC server to REST client.
-func ForwardResponseStream(ctx context.Context, marshaler Marshaler, w http.ResponseWriter, req *http.Request, recv func() (proto.Message, error), opts ...func(context.Context, http.ResponseWriter, proto.Message) error) {
+func ForwardResponseStream(ctx context.Context, mux *ServeMux, marshaler Marshaler, w http.ResponseWriter, req *http.Request, recv func() (proto.Message, error), opts ...func(context.Context, http.ResponseWriter, proto.Message) error) {
 	f, ok := w.(http.Flusher)
 	if !ok {
 		grpclog.Printf("Flush not supported in %T", w)
@@ -28,7 +29,7 @@ func ForwardResponseStream(ctx context.Context, marshaler Marshaler, w http.Resp
 		http.Error(w, "unexpected error", http.StatusInternalServerError)
 		return
 	}
-	handleForwardResponseServerMetadata(w, md)
+	handleForwardResponseServerMetadata(w, mux, md)
 
 	w.Header().Set("Transfer-Encoding", "chunked")
 	w.Header().Set("Content-Type", marshaler.ContentType())
@@ -57,7 +58,7 @@ func ForwardResponseStream(ctx context.Context, marshaler Marshaler, w http.Resp
 			grpclog.Printf("Failed to marshal response chunk: %v", err)
 			return
 		}
-		if _, err = fmt.Fprintf(w, "%s\n", buf); err != nil {
+		if _, err = w.Write(buf); err != nil {
 			grpclog.Printf("Failed to send response chunk: %v", err)
 			return
 		}
@@ -65,11 +66,12 @@ func ForwardResponseStream(ctx context.Context, marshaler Marshaler, w http.Resp
 	}
 }
 
-func handleForwardResponseServerMetadata(w http.ResponseWriter, md ServerMetadata) {
+func handleForwardResponseServerMetadata(w http.ResponseWriter, mux *ServeMux, md ServerMetadata) {
 	for k, vs := range md.HeaderMD {
-		hKey := fmt.Sprintf("%s%s", MetadataHeaderPrefix, k)
-		for i := range vs {
-			w.Header().Add(hKey, vs[i])
+		if h, ok := mux.outgoingHeaderMatcher(k); ok {
+			for _, v := range vs {
+				w.Header().Add(h, v)
+			}
 		}
 	}
 }
@@ -84,31 +86,31 @@ func handleForwardResponseTrailerHeader(w http.ResponseWriter, md ServerMetadata
 func handleForwardResponseTrailer(w http.ResponseWriter, md ServerMetadata) {
 	for k, vs := range md.TrailerMD {
 		tKey := fmt.Sprintf("%s%s", MetadataTrailerPrefix, k)
-		for i := range vs {
-			w.Header().Add(tKey, vs[i])
+		for _, v := range vs {
+			w.Header().Add(tKey, v)
 		}
 	}
 }
 
 // ForwardResponseMessage forwards the message "resp" from gRPC server to REST client.
-func ForwardResponseMessage(ctx context.Context, marshaler Marshaler, w http.ResponseWriter, req *http.Request, resp proto.Message, opts ...func(context.Context, http.ResponseWriter, proto.Message) error) {
+func ForwardResponseMessage(ctx context.Context, mux *ServeMux, marshaler Marshaler, w http.ResponseWriter, req *http.Request, resp proto.Message, opts ...func(context.Context, http.ResponseWriter, proto.Message) error) {
 	md, ok := ServerMetadataFromContext(ctx)
 	if !ok {
 		grpclog.Printf("Failed to extract ServerMetadata from context")
 	}
 
-	handleForwardResponseServerMetadata(w, md)
+	handleForwardResponseServerMetadata(w, mux, md)
 	handleForwardResponseTrailerHeader(w, md)
 	w.Header().Set("Content-Type", marshaler.ContentType())
 	if err := handleForwardResponseOptions(ctx, w, resp, opts); err != nil {
-		HTTPError(ctx, marshaler, w, req, err)
+		HTTPError(ctx, mux, marshaler, w, req, err)
 		return
 	}
 
 	buf, err := marshaler.Marshal(resp)
 	if err != nil {
 		grpclog.Printf("Marshal error: %v", err)
-		HTTPError(ctx, marshaler, w, req, err)
+		HTTPError(ctx, mux, marshaler, w, req, err)
 		return
 	}
 
@@ -146,7 +148,10 @@ func handleForwardResponseStreamError(marshaler Marshaler, w http.ResponseWriter
 
 func streamChunk(result proto.Message, err error) map[string]proto.Message {
 	if err != nil {
-		grpcCode := grpc.Code(err)
+		grpcCode := codes.Unknown
+		if s, ok := status.FromError(err); ok {
+			grpcCode = s.Code()
+		}
 		httpCode := HTTPStatusFromCode(grpcCode)
 		return map[string]proto.Message{
 			"error": &internal.StreamError{
diff --git a/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/internal/stream_chunk.pb.go b/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/internal/stream_chunk.pb.go
index 6f837cfd5d95..44550f393b4c 100644
--- a/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/internal/stream_chunk.pb.go
+++ b/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/internal/stream_chunk.pb.go
@@ -1,6 +1,5 @@
-// Code generated by protoc-gen-go.
+// Code generated by protoc-gen-go. DO NOT EDIT.
 // source: runtime/internal/stream_chunk.proto
-// DO NOT EDIT!
 
 /*
 Package internal is a generated protocol buffer package.
@@ -42,6 +41,34 @@ func (m *StreamError) String() string            { return proto.CompactTextStrin
 func (*StreamError) ProtoMessage()               {}
 func (*StreamError) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{0} }
 
+func (m *StreamError) GetGrpcCode() int32 {
+	if m != nil {
+		return m.GrpcCode
+	}
+	return 0
+}
+
+func (m *StreamError) GetHttpCode() int32 {
+	if m != nil {
+		return m.HttpCode
+	}
+	return 0
+}
+
+func (m *StreamError) GetMessage() string {
+	if m != nil {
+		return m.Message
+	}
+	return ""
+}
+
+func (m *StreamError) GetHttpStatus() string {
+	if m != nil {
+		return m.HttpStatus
+	}
+	return ""
+}
+
 func init() {
 	proto.RegisterType((*StreamError)(nil), "grpc.gateway.runtime.StreamError")
 }
@@ -50,7 +77,7 @@ func init() { proto.RegisterFile("runtime/internal/stream_chunk.proto", fileDesc
 
 var fileDescriptor0 = []byte{
 	// 181 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0x34, 0x8e, 0xbf, 0xee, 0x82, 0x30,
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x34, 0x8e, 0xbf, 0xee, 0x82, 0x30,
 	0x14, 0x85, 0xd3, 0xdf, 0x1f, 0x85, 0xcb, 0x46, 0x1c, 0x9a, 0x38, 0x48, 0x74, 0x61, 0x82, 0xc1,
 	0x37, 0xd0, 0xf8, 0x02, 0xb0, 0xb9, 0x90, 0x0a, 0x37, 0x40, 0x94, 0x96, 0xdc, 0x5e, 0x62, 0x5c,
 	0x7d, 0x72, 0xd3, 0x22, 0xe3, 0xf9, 0xbe, 0x73, 0x92, 0x03, 0x07, 0x9a, 0x34, 0xf7, 0x03, 0xe6,
diff --git a/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/mux.go b/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/mux.go
index 2e6c56213029..205bc4309214 100644
--- a/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/mux.go
+++ b/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/mux.go
@@ -1,12 +1,16 @@
 package runtime
 
 import (
+	"fmt"
 	"net/http"
+	"net/textproto"
 	"strings"
 
-	"golang.org/x/net/context"
-
 	"github.com/golang/protobuf/proto"
+	"golang.org/x/net/context"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/metadata"
+	"google.golang.org/grpc/status"
 )
 
 // A HandlerFunc handles a specific pair of path pattern and HTTP method.
@@ -19,6 +23,10 @@ type ServeMux struct {
 	handlers               map[string][]handler
 	forwardResponseOptions []func(context.Context, http.ResponseWriter, proto.Message) error
 	marshalers             marshalerRegistry
+	incomingHeaderMatcher  HeaderMatcherFunc
+	outgoingHeaderMatcher  HeaderMatcherFunc
+	metadataAnnotator      func(context.Context, *http.Request) metadata.MD
+	protoErrorHandler      ProtoErrorHandlerFunc
 }
 
 // ServeMuxOption is an option that can be given to a ServeMux on construction.
@@ -36,6 +44,64 @@ func WithForwardResponseOption(forwardResponseOption func(context.Context, http.
 	}
 }
 
+// HeaderMatcherFunc checks whether a header key should be forwarded to/from gRPC context.
+type HeaderMatcherFunc func(string) (string, bool)
+
+// DefaultHeaderMatcher is used to pass http request headers to/from gRPC context. This adds permanent HTTP header
+// keys (as specified by the IANA) to gRPC context with grpcgateway- prefix. HTTP headers that start with
+// 'Grpc-Metadata-' are mapped to gRPC metadata after removing prefix 'Grpc-Metadata-'.
+func DefaultHeaderMatcher(key string) (string, bool) {
+	key = textproto.CanonicalMIMEHeaderKey(key)
+	if isPermanentHTTPHeader(key) {
+		return MetadataPrefix + key, true
+	} else if strings.HasPrefix(key, MetadataHeaderPrefix) {
+		return key[len(MetadataHeaderPrefix):], true
+	}
+	return "", false
+}
+
+// WithIncomingHeaderMatcher returns a ServeMuxOption representing a headerMatcher for incoming request to gateway.
+//
+// This matcher will be called with each header in http.Request. If matcher returns true, that header will be
+// passed to gRPC context. To transform the header before passing to gRPC context, matcher should return modified header.
+func WithIncomingHeaderMatcher(fn HeaderMatcherFunc) ServeMuxOption {
+	return func(mux *ServeMux) {
+		mux.incomingHeaderMatcher = fn
+	}
+}
+
+// WithOutgoingHeaderMatcher returns a ServeMuxOption representing a headerMatcher for outgoing response from gateway.
+//
+// This matcher will be called with each header in response header metadata. If matcher returns true, that header will be
+// passed to http response returned from gateway. To transform the header before passing to response,
+// matcher should return modified header.
+func WithOutgoingHeaderMatcher(fn HeaderMatcherFunc) ServeMuxOption {
+	return func(mux *ServeMux) {
+		mux.outgoingHeaderMatcher = fn
+	}
+}
+
+// WithMetadata returns a ServeMuxOption for passing metadata to a gRPC context.
+//
+// This can be used by services that need to read from http.Request and modify gRPC context. A common use case
+// is reading token from cookie and adding it in gRPC context.
+func WithMetadata(annotator func(context.Context, *http.Request) metadata.MD) ServeMuxOption {
+	return func(serveMux *ServeMux) {
+		serveMux.metadataAnnotator = annotator
+	}
+}
+
+// WithProtoErrorHandler returns a ServeMuxOption for passing metadata to a gRPC context.
+//
+// This can be used to handle an error as general proto message defined by gRPC.
+// The response including body and status is not backward compatible with the default error handler.
+// When this option is used, HTTPError and OtherErrorHandler are overwritten on initialization.
+func WithProtoErrorHandler(fn ProtoErrorHandlerFunc) ServeMuxOption {
+	return func(serveMux *ServeMux) {
+		serveMux.protoErrorHandler = fn
+	}
+}
+
 // NewServeMux returns a new ServeMux whose internal mapping is empty.
 func NewServeMux(opts ...ServeMuxOption) *ServeMux {
 	serveMux := &ServeMux{
@@ -47,6 +113,29 @@ func NewServeMux(opts ...ServeMuxOption) *ServeMux {
 	for _, opt := range opts {
 		opt(serveMux)
 	}
+
+	if serveMux.protoErrorHandler != nil {
+		HTTPError = serveMux.protoErrorHandler
+		// OtherErrorHandler is no longer used when protoErrorHandler is set.
+		// Overwritten by a special error handler to return Unknown.
+		OtherErrorHandler = func(w http.ResponseWriter, r *http.Request, _ string, _ int) {
+			ctx := context.Background()
+			_, outboundMarshaler := MarshalerForRequest(serveMux, r)
+			sterr := status.Error(codes.Unknown, "unexpected use of OtherErrorHandler")
+			serveMux.protoErrorHandler(ctx, serveMux, outboundMarshaler, w, r, sterr)
+		}
+	}
+
+	if serveMux.incomingHeaderMatcher == nil {
+		serveMux.incomingHeaderMatcher = DefaultHeaderMatcher
+	}
+
+	if serveMux.outgoingHeaderMatcher == nil {
+		serveMux.outgoingHeaderMatcher = func(key string) (string, bool) {
+			return fmt.Sprintf("%s%s", MetadataHeaderPrefix, key), true
+		}
+	}
+
 	return serveMux
 }
 
@@ -57,9 +146,17 @@ func (s *ServeMux) Handle(meth string, pat Pattern, h HandlerFunc) {
 
 // ServeHTTP dispatches the request to the first handler whose pattern matches to r.Method and r.Path.
 func (s *ServeMux) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+
 	path := r.URL.Path
 	if !strings.HasPrefix(path, "/") {
-		OtherErrorHandler(w, r, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
+		if s.protoErrorHandler != nil {
+			_, outboundMarshaler := MarshalerForRequest(s, r)
+			sterr := status.Error(codes.InvalidArgument, http.StatusText(http.StatusBadRequest))
+			s.protoErrorHandler(ctx, s, outboundMarshaler, w, r, sterr)
+		} else {
+			OtherErrorHandler(w, r, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
+		}
 		return
 	}
 
@@ -67,7 +164,13 @@ func (s *ServeMux) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	l := len(components)
 	var verb string
 	if idx := strings.LastIndex(components[l-1], ":"); idx == 0 {
-		OtherErrorHandler(w, r, http.StatusText(http.StatusNotFound), http.StatusNotFound)
+		if s.protoErrorHandler != nil {
+			_, outboundMarshaler := MarshalerForRequest(s, r)
+			sterr := status.Error(codes.Unimplemented, http.StatusText(http.StatusNotImplemented))
+			s.protoErrorHandler(ctx, s, outboundMarshaler, w, r, sterr)
+		} else {
+			OtherErrorHandler(w, r, http.StatusText(http.StatusNotFound), http.StatusNotFound)
+		}
 		return
 	} else if idx > 0 {
 		c := components[l-1]
@@ -77,7 +180,13 @@ func (s *ServeMux) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	if override := r.Header.Get("X-HTTP-Method-Override"); override != "" && isPathLengthFallback(r) {
 		r.Method = strings.ToUpper(override)
 		if err := r.ParseForm(); err != nil {
-			OtherErrorHandler(w, r, err.Error(), http.StatusBadRequest)
+			if s.protoErrorHandler != nil {
+				_, outboundMarshaler := MarshalerForRequest(s, r)
+				sterr := status.Error(codes.InvalidArgument, err.Error())
+				s.protoErrorHandler(ctx, s, outboundMarshaler, w, r, sterr)
+			} else {
+				OtherErrorHandler(w, r, err.Error(), http.StatusBadRequest)
+			}
 			return
 		}
 	}
@@ -104,17 +213,36 @@ func (s *ServeMux) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 			// X-HTTP-Method-Override is optional. Always allow fallback to POST.
 			if isPathLengthFallback(r) {
 				if err := r.ParseForm(); err != nil {
-					OtherErrorHandler(w, r, err.Error(), http.StatusBadRequest)
+					if s.protoErrorHandler != nil {
+						_, outboundMarshaler := MarshalerForRequest(s, r)
+						sterr := status.Error(codes.InvalidArgument, err.Error())
+						s.protoErrorHandler(ctx, s, outboundMarshaler, w, r, sterr)
+					} else {
+						OtherErrorHandler(w, r, err.Error(), http.StatusBadRequest)
+					}
 					return
 				}
 				h.h(w, r, pathParams)
 				return
 			}
-			OtherErrorHandler(w, r, http.StatusText(http.StatusMethodNotAllowed), http.StatusMethodNotAllowed)
+			if s.protoErrorHandler != nil {
+				_, outboundMarshaler := MarshalerForRequest(s, r)
+				sterr := status.Error(codes.Unimplemented, http.StatusText(http.StatusMethodNotAllowed))
+				s.protoErrorHandler(ctx, s, outboundMarshaler, w, r, sterr)
+			} else {
+				OtherErrorHandler(w, r, http.StatusText(http.StatusMethodNotAllowed), http.StatusMethodNotAllowed)
+			}
 			return
 		}
 	}
-	OtherErrorHandler(w, r, http.StatusText(http.StatusNotFound), http.StatusNotFound)
+
+	if s.protoErrorHandler != nil {
+		_, outboundMarshaler := MarshalerForRequest(s, r)
+		sterr := status.Error(codes.Unimplemented, http.StatusText(http.StatusNotImplemented))
+		s.protoErrorHandler(ctx, s, outboundMarshaler, w, r, sterr)
+	} else {
+		OtherErrorHandler(w, r, http.StatusText(http.StatusNotFound), http.StatusNotFound)
+	}
 }
 
 // GetForwardResponseOptions returns the ForwardResponseOptions associated with this ServeMux.
diff --git a/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/pattern.go b/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/pattern.go
index 3947dbea023a..8a9ec2cdae40 100644
--- a/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/pattern.go
+++ b/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/pattern.go
@@ -21,7 +21,7 @@ type op struct {
 	operand int
 }
 
-// Pattern is a template pattern of http request paths defined in third_party/googleapis/google/api/http.proto.
+// Pattern is a template pattern of http request paths defined in github.com/googleapis/googleapis/google/api/http.proto.
 type Pattern struct {
 	// ops is a list of operations
 	ops []op
diff --git a/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/proto_errors.go b/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/proto_errors.go
new file mode 100644
index 000000000000..b1b089273b6d
--- /dev/null
+++ b/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/proto_errors.go
@@ -0,0 +1,61 @@
+package runtime
+
+import (
+	"io"
+	"net/http"
+
+	"golang.org/x/net/context"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/grpclog"
+	"google.golang.org/grpc/status"
+)
+
+// ProtoErrorHandlerFunc handles the error as a gRPC error generated via status package and replies to the request.
+type ProtoErrorHandlerFunc func(context.Context, *ServeMux, Marshaler, http.ResponseWriter, *http.Request, error)
+
+var _ ProtoErrorHandlerFunc = DefaultHTTPProtoErrorHandler
+
+// DefaultHTTPProtoErrorHandler is an implementation of HTTPError.
+// If "err" is an error from gRPC system, the function replies with the status code mapped by HTTPStatusFromCode.
+// If otherwise, it replies with http.StatusInternalServerError.
+//
+// The response body returned by this function is a Status message marshaled by a Marshaler.
+//
+// Do not set this function to HTTPError variable directly, use WithProtoErrorHandler option instead.
+func DefaultHTTPProtoErrorHandler(ctx context.Context, mux *ServeMux, marshaler Marshaler, w http.ResponseWriter, _ *http.Request, err error) {
+	// return Internal when Marshal failed
+	const fallback = `{"code": 13, "message": "failed to marshal error message"}`
+
+	w.Header().Del("Trailer")
+	w.Header().Set("Content-Type", marshaler.ContentType())
+
+	s, ok := status.FromError(err)
+	if !ok {
+		s = status.New(codes.Unknown, err.Error())
+	}
+
+	buf, merr := marshaler.Marshal(s.Proto())
+	if merr != nil {
+		grpclog.Printf("Failed to marshal error message %q: %v", s.Proto(), merr)
+		w.WriteHeader(http.StatusInternalServerError)
+		if _, err := io.WriteString(w, fallback); err != nil {
+			grpclog.Printf("Failed to write response: %v", err)
+		}
+		return
+	}
+
+	md, ok := ServerMetadataFromContext(ctx)
+	if !ok {
+		grpclog.Printf("Failed to extract ServerMetadata from context")
+	}
+
+	handleForwardResponseServerMetadata(w, mux, md)
+	handleForwardResponseTrailerHeader(w, md)
+	st := HTTPStatusFromCode(s.Code())
+	w.WriteHeader(st)
+	if _, err := w.Write(buf); err != nil {
+		grpclog.Printf("Failed to write response: %v", err)
+	}
+
+	handleForwardResponseTrailer(w, md)
+}
diff --git a/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/query.go b/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/query.go
index 56a919a52f1c..c00e0b914e27 100644
--- a/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/query.go
+++ b/vendor/github.com/grpc-ecosystem/grpc-gateway/runtime/query.go
@@ -4,7 +4,9 @@ import (
 	"fmt"
 	"net/url"
 	"reflect"
+	"strconv"
 	"strings"
+	"time"
 
 	"github.com/golang/protobuf/proto"
 	"github.com/grpc-ecosystem/grpc-gateway/utilities"
@@ -38,31 +40,39 @@ func populateFieldValueFromPath(msg proto.Message, fieldPath []string, values []
 	if m.Kind() != reflect.Ptr {
 		return fmt.Errorf("unexpected type %T: %v", msg, msg)
 	}
+	var props *proto.Properties
 	m = m.Elem()
 	for i, fieldName := range fieldPath {
 		isLast := i == len(fieldPath)-1
 		if !isLast && m.Kind() != reflect.Struct {
 			return fmt.Errorf("non-aggregate type in the mid of path: %s", strings.Join(fieldPath, "."))
 		}
-		f := fieldByProtoName(m, fieldName)
-		if !f.IsValid() {
+		var f reflect.Value
+		var err error
+		f, props, err = fieldByProtoName(m, fieldName)
+		if err != nil {
+			return err
+		} else if !f.IsValid() {
 			grpclog.Printf("field not found in %T: %s", msg, strings.Join(fieldPath, "."))
 			return nil
 		}
 
 		switch f.Kind() {
 		case reflect.Bool, reflect.Float32, reflect.Float64, reflect.Int32, reflect.Int64, reflect.String, reflect.Uint32, reflect.Uint64:
+			if !isLast {
+				return fmt.Errorf("unexpected nested field %s in %s", fieldPath[i+1], strings.Join(fieldPath[:i+1], "."))
+			}
 			m = f
 		case reflect.Slice:
 			// TODO(yugui) Support []byte
 			if !isLast {
 				return fmt.Errorf("unexpected repeated field in %s", strings.Join(fieldPath, "."))
 			}
-			return populateRepeatedField(f, values)
+			return populateRepeatedField(f, values, props)
 		case reflect.Ptr:
 			if f.IsNil() {
 				m = reflect.New(f.Type().Elem())
-				f.Set(m)
+				f.Set(m.Convert(f.Type()))
 			}
 			m = f.Elem()
 			continue
@@ -80,39 +90,127 @@ func populateFieldValueFromPath(msg proto.Message, fieldPath []string, values []
 	default:
 		grpclog.Printf("too many field values: %s", strings.Join(fieldPath, "."))
 	}
-	return populateField(m, values[0])
+	return populateField(m, values[0], props)
 }
 
 // fieldByProtoName looks up a field whose corresponding protobuf field name is "name".
 // "m" must be a struct value. It returns zero reflect.Value if no such field found.
-func fieldByProtoName(m reflect.Value, name string) reflect.Value {
+func fieldByProtoName(m reflect.Value, name string) (reflect.Value, *proto.Properties, error) {
 	props := proto.GetProperties(m.Type())
+
+	// look up field name in oneof map
+	if op, ok := props.OneofTypes[name]; ok {
+		v := reflect.New(op.Type.Elem())
+		field := m.Field(op.Field)
+		if !field.IsNil() {
+			return reflect.Value{}, nil, fmt.Errorf("field already set for %s oneof", props.Prop[op.Field].OrigName)
+		}
+		field.Set(v)
+		return v.Elem().Field(0), op.Prop, nil
+	}
+
 	for _, p := range props.Prop {
 		if p.OrigName == name {
-			return m.FieldByName(p.Name)
+			return m.FieldByName(p.Name), p, nil
+		}
+		if p.JSONName == name {
+			return m.FieldByName(p.Name), p, nil
 		}
 	}
-	return reflect.Value{}
+	return reflect.Value{}, nil, nil
 }
 
-func populateRepeatedField(f reflect.Value, values []string) error {
+func populateRepeatedField(f reflect.Value, values []string, props *proto.Properties) error {
 	elemType := f.Type().Elem()
+
+	// is the destination field a slice of an enumeration type?
+	if enumValMap := proto.EnumValueMap(props.Enum); enumValMap != nil {
+		return populateFieldEnumRepeated(f, values, enumValMap)
+	}
+
 	conv, ok := convFromType[elemType.Kind()]
 	if !ok {
 		return fmt.Errorf("unsupported field type %s", elemType)
 	}
-	f.Set(reflect.MakeSlice(f.Type(), len(values), len(values)))
+	f.Set(reflect.MakeSlice(f.Type(), len(values), len(values)).Convert(f.Type()))
 	for i, v := range values {
 		result := conv.Call([]reflect.Value{reflect.ValueOf(v)})
 		if err := result[1].Interface(); err != nil {
 			return err.(error)
 		}
-		f.Index(i).Set(result[0])
+		f.Index(i).Set(result[0].Convert(f.Index(i).Type()))
 	}
 	return nil
 }
 
-func populateField(f reflect.Value, value string) error {
+func populateField(f reflect.Value, value string, props *proto.Properties) error {
+	// Handle well known type
+	type wkt interface {
+		XXX_WellKnownType() string
+	}
+	if wkt, ok := f.Addr().Interface().(wkt); ok {
+		switch wkt.XXX_WellKnownType() {
+		case "Timestamp":
+			if value == "null" {
+				f.Field(0).SetInt(0)
+				f.Field(1).SetInt(0)
+				return nil
+			}
+
+			t, err := time.Parse(time.RFC3339Nano, value)
+			if err != nil {
+				return fmt.Errorf("bad Timestamp: %v", err)
+			}
+			f.Field(0).SetInt(int64(t.Unix()))
+			f.Field(1).SetInt(int64(t.Nanosecond()))
+			return nil
+		case "DoubleValue":
+			fallthrough
+		case "FloatValue":
+			float64Val, err := strconv.ParseFloat(value, 64)
+			if err != nil {
+				return fmt.Errorf("bad DoubleValue: %s", value)
+			}
+			f.Field(0).SetFloat(float64Val)
+			return nil
+		case "Int64Value":
+			fallthrough
+		case "Int32Value":
+			int64Val, err := strconv.ParseInt(value, 10, 64)
+			if err != nil {
+				return fmt.Errorf("bad DoubleValue: %s", value)
+			}
+			f.Field(0).SetInt(int64Val)
+			return nil
+		case "UInt64Value":
+			fallthrough
+		case "UInt32Value":
+			uint64Val, err := strconv.ParseUint(value, 10, 64)
+			if err != nil {
+				return fmt.Errorf("bad DoubleValue: %s", value)
+			}
+			f.Field(0).SetUint(uint64Val)
+			return nil
+		case "BoolValue":
+			if value == "true" {
+				f.Field(0).SetBool(true)
+			} else if value == "false" {
+				f.Field(0).SetBool(false)
+			} else {
+				return fmt.Errorf("bad BoolValue: %s", value)
+			}
+			return nil
+		case "StringValue":
+			f.Field(0).SetString(value)
+			return nil
+		}
+	}
+
+	// is the destination field an enumeration type?
+	if enumValMap := proto.EnumValueMap(props.Enum); enumValMap != nil {
+		return populateFieldEnum(f, value, enumValMap)
+	}
+
 	conv, ok := convFromType[f.Kind()]
 	if !ok {
 		return fmt.Errorf("unsupported field type %T", f)
@@ -121,7 +219,48 @@ func populateField(f reflect.Value, value string) error {
 	if err := result[1].Interface(); err != nil {
 		return err.(error)
 	}
-	f.Set(result[0])
+	f.Set(result[0].Convert(f.Type()))
+	return nil
+}
+
+func convertEnum(value string, t reflect.Type, enumValMap map[string]int32) (reflect.Value, error) {
+	// see if it's an enumeration string
+	if enumVal, ok := enumValMap[value]; ok {
+		return reflect.ValueOf(enumVal).Convert(t), nil
+	}
+
+	// check for an integer that matches an enumeration value
+	eVal, err := strconv.Atoi(value)
+	if err != nil {
+		return reflect.Value{}, fmt.Errorf("%s is not a valid %s", value, t)
+	}
+	for _, v := range enumValMap {
+		if v == int32(eVal) {
+			return reflect.ValueOf(eVal).Convert(t), nil
+		}
+	}
+	return reflect.Value{}, fmt.Errorf("%s is not a valid %s", value, t)
+}
+
+func populateFieldEnum(f reflect.Value, value string, enumValMap map[string]int32) error {
+	cval, err := convertEnum(value, f.Type(), enumValMap)
+	if err != nil {
+		return err
+	}
+	f.Set(cval)
+	return nil
+}
+
+func populateFieldEnumRepeated(f reflect.Value, values []string, enumValMap map[string]int32) error {
+	elemType := f.Type().Elem()
+	f.Set(reflect.MakeSlice(f.Type(), len(values), len(values)).Convert(f.Type()))
+	for i, v := range values {
+		result, err := convertEnum(v, elemType, enumValMap)
+		if err != nil {
+			return err
+		}
+		f.Index(i).Set(result)
+	}
 	return nil
 }
 
diff --git a/vendor/github.com/json-iterator/go/.gitignore b/vendor/github.com/json-iterator/go/.gitignore
index 501fcdc9a692..15556530a854 100644
--- a/vendor/github.com/json-iterator/go/.gitignore
+++ b/vendor/github.com/json-iterator/go/.gitignore
@@ -1,3 +1,4 @@
-.idea
+/vendor
+/bug_test.go
 /coverage.txt
-/profile.out
+/.idea
diff --git a/vendor/github.com/json-iterator/go/.travis.yml b/vendor/github.com/json-iterator/go/.travis.yml
index 945b9c5947c6..449e67cd01ac 100644
--- a/vendor/github.com/json-iterator/go/.travis.yml
+++ b/vendor/github.com/json-iterator/go/.travis.yml
@@ -2,6 +2,7 @@ language: go
 
 go:
   - 1.8.x
+  - 1.x
 
 before_install:
   - go get -t -v ./...
diff --git a/vendor/github.com/json-iterator/go/Gopkg.lock b/vendor/github.com/json-iterator/go/Gopkg.lock
new file mode 100644
index 000000000000..f34f5b4ad1c8
--- /dev/null
+++ b/vendor/github.com/json-iterator/go/Gopkg.lock
@@ -0,0 +1,33 @@
+# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
+
+
+[[projects]]
+  name = "github.com/davecgh/go-spew"
+  packages = ["spew"]
+  revision = "346938d642f2ec3594ed81d874461961cd0faa76"
+  version = "v1.1.0"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/google/gofuzz"
+  packages = ["."]
+  revision = "24818f796faf91cd76ec7bddd72458fbced7a6c1"
+
+[[projects]]
+  name = "github.com/pmezard/go-difflib"
+  packages = ["difflib"]
+  revision = "792786c7400a136282c1664665ae0a8db921c6c2"
+  version = "v1.0.0"
+
+[[projects]]
+  name = "github.com/stretchr/testify"
+  packages = ["assert","require"]
+  revision = "69483b4bd14f5845b5a1e55bca19e954e827f1d0"
+  version = "v1.1.4"
+
+[solve-meta]
+  analyzer-name = "dep"
+  analyzer-version = 1
+  inputs-digest = "f8b7cf3941d3792cbbd570bb53c093adaf774334d1162c651565c97a58dc9d09"
+  solver-name = "gps-cdcl"
+  solver-version = 1
diff --git a/vendor/github.com/json-iterator/go/Gopkg.toml b/vendor/github.com/json-iterator/go/Gopkg.toml
new file mode 100644
index 000000000000..0ac55ef876ac
--- /dev/null
+++ b/vendor/github.com/json-iterator/go/Gopkg.toml
@@ -0,0 +1,33 @@
+# Gopkg.toml example
+#
+# Refer to https://github.com/golang/dep/blob/master/docs/Gopkg.toml.md
+# for detailed Gopkg.toml documentation.
+#
+# required = ["github.com/user/thing/cmd/thing"]
+# ignored = ["github.com/user/project/pkgX", "bitbucket.org/user/project/pkgA/pkgY"]
+#
+# [[constraint]]
+#   name = "github.com/user/project"
+#   version = "1.0.0"
+#
+# [[constraint]]
+#   name = "github.com/user/project2"
+#   branch = "dev"
+#   source = "github.com/myfork/project2"
+#
+# [[override]]
+#  name = "github.com/x/y"
+#  version = "2.4.0"
+
+
+[[constraint]]
+  name = "github.com/davecgh/go-spew"
+  version = "1.1.0"
+
+[[constraint]]
+  branch = "master"
+  name = "github.com/google/gofuzz"
+
+[[constraint]]
+  name = "github.com/stretchr/testify"
+  version = "1.1.4"
diff --git a/vendor/github.com/json-iterator/go/README.md b/vendor/github.com/json-iterator/go/README.md
index 23a4b57c8e73..3a0d680983b9 100644
--- a/vendor/github.com/json-iterator/go/README.md
+++ b/vendor/github.com/json-iterator/go/README.md
@@ -44,7 +44,9 @@ with
 
 ```go
 import "github.com/json-iterator/go"
-jsoniter.Marshal(&data)
+
+var json = jsoniter.ConfigCompatibleWithStandardLibrary
+json.Marshal(&data)
 ```
 
 Replace
@@ -58,7 +60,9 @@ with
 
 ```go
 import "github.com/json-iterator/go"
-jsoniter.Unmarshal(input, &data)
+
+var json = jsoniter.ConfigCompatibleWithStandardLibrary
+json.Unmarshal(input, &data)
 ```
 
 [More documentation](http://jsoniter.com/migrate-from-go-std.html)
@@ -76,5 +80,7 @@ Contributors
 * [thockin](https://github.com/thockin) 
 * [mattn](https://github.com/mattn)
 * [cch123](https://github.com/cch123)
+* [Oleg Shaldybin](https://github.com/olegshaldybin)
+* [Jason Toffaletti](https://github.com/toffaletti)
 
 Report issue or pull request, or email taowen@gmail.com, or [![Gitter chat](https://badges.gitter.im/gitterHQ/gitter.png)](https://gitter.im/json-iterator/Lobby)
diff --git a/vendor/github.com/json-iterator/go/build.sh b/vendor/github.com/json-iterator/go/build.sh
new file mode 100755
index 000000000000..b45ef688313e
--- /dev/null
+++ b/vendor/github.com/json-iterator/go/build.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+set -e
+set -x
+
+if [ ! -d /tmp/build-golang/src/github.com/json-iterator ]; then
+    mkdir -p /tmp/build-golang/src/github.com/json-iterator
+    ln -s $PWD /tmp/build-golang/src/github.com/json-iterator/go
+fi
+export GOPATH=/tmp/build-golang
+go get -u github.com/golang/dep/cmd/dep
+cd /tmp/build-golang/src/github.com/json-iterator/go
+exec $GOPATH/bin/dep ensure -update
diff --git a/vendor/github.com/json-iterator/go/feature_adapter.go b/vendor/github.com/json-iterator/go/feature_adapter.go
index edb477c4fd1b..0214b711a65a 100644
--- a/vendor/github.com/json-iterator/go/feature_adapter.go
+++ b/vendor/github.com/json-iterator/go/feature_adapter.go
@@ -110,6 +110,7 @@ type Encoder struct {
 // Encode encode interface{} as JSON to io.Writer
 func (adapter *Encoder) Encode(val interface{}) error {
 	adapter.stream.WriteVal(val)
+	adapter.stream.WriteRaw("\n")
 	adapter.stream.Flush()
 	return adapter.stream.Error
 }
@@ -125,3 +126,8 @@ func (adapter *Encoder) SetEscapeHTML(escapeHTML bool) {
 	config.EscapeHTML = escapeHTML
 	adapter.stream.cfg = config.Froze().(*frozenConfig)
 }
+
+// Valid reports whether data is a valid JSON encoding.
+func Valid(data []byte) bool {
+	return ConfigDefault.Valid(data)
+}
diff --git a/vendor/github.com/json-iterator/go/feature_any.go b/vendor/github.com/json-iterator/go/feature_any.go
index 6733dce4cc5f..87716d1fcf2e 100644
--- a/vendor/github.com/json-iterator/go/feature_any.go
+++ b/vendor/github.com/json-iterator/go/feature_any.go
@@ -1,6 +1,7 @@
 package jsoniter
 
 import (
+	"errors"
 	"fmt"
 	"io"
 	"reflect"
@@ -157,6 +158,8 @@ func (iter *Iterator) readAny() Any {
 		return iter.readArrayAny()
 	case '-':
 		return iter.readNumberAny(false)
+	case 0:
+		return &invalidAny{baseAny{}, errors.New("input is empty")}
 	default:
 		return iter.readNumberAny(true)
 	}
diff --git a/vendor/github.com/json-iterator/go/feature_config.go b/vendor/github.com/json-iterator/go/feature_config.go
index fc055d504eb6..78a2ce1a593d 100644
--- a/vendor/github.com/json-iterator/go/feature_config.go
+++ b/vendor/github.com/json-iterator/go/feature_config.go
@@ -12,23 +12,26 @@ import (
 // Config customize how the API should behave.
 // The API is created from Config by Froze.
 type Config struct {
-	IndentionStep           int
-	MarshalFloatWith6Digits bool
-	EscapeHTML              bool
-	SortMapKeys             bool
-	UseNumber               bool
-	TagKey                  string
+	IndentionStep                 int
+	MarshalFloatWith6Digits       bool
+	EscapeHTML                    bool
+	SortMapKeys                   bool
+	UseNumber                     bool
+	TagKey                        string
+	ValidateJsonRawMessage        bool
+	ObjectFieldMustBeSimpleString bool
 }
 
 type frozenConfig struct {
-	configBeforeFrozen Config
-	sortMapKeys        bool
-	indentionStep      int
-	decoderCache       unsafe.Pointer
-	encoderCache       unsafe.Pointer
-	extensions         []Extension
-	streamPool         chan *Stream
-	iteratorPool       chan *Iterator
+	configBeforeFrozen            Config
+	sortMapKeys                   bool
+	indentionStep                 int
+	objectFieldMustBeSimpleString bool
+	decoderCache                  unsafe.Pointer
+	encoderCache                  unsafe.Pointer
+	extensions                    []Extension
+	streamPool                    chan *Stream
+	iteratorPool                  chan *Iterator
 }
 
 // API the public interface of this package.
@@ -44,6 +47,8 @@ type API interface {
 	Get(data []byte, path ...interface{}) Any
 	NewEncoder(writer io.Writer) *Encoder
 	NewDecoder(reader io.Reader) *Decoder
+	Valid(data []byte) bool
+	RegisterExtension(extension Extension)
 }
 
 // ConfigDefault the default API
@@ -53,24 +58,27 @@ var ConfigDefault = Config{
 
 // ConfigCompatibleWithStandardLibrary tries to be 100% compatible with standard library behavior
 var ConfigCompatibleWithStandardLibrary = Config{
-	EscapeHTML:  true,
-	SortMapKeys: true,
+	EscapeHTML:             true,
+	SortMapKeys:            true,
+	ValidateJsonRawMessage: true,
 }.Froze()
 
 // ConfigFastest marshals float with only 6 digits precision
 var ConfigFastest = Config{
-	EscapeHTML:              false,
-	MarshalFloatWith6Digits: true,
+	EscapeHTML:                    false,
+	MarshalFloatWith6Digits:       true, // will lose precession
+	ObjectFieldMustBeSimpleString: true, // do not unescape object field
 }.Froze()
 
 // Froze forge API from config
 func (cfg Config) Froze() API {
 	// TODO: cache frozen config
 	frozenConfig := &frozenConfig{
-		sortMapKeys:   cfg.SortMapKeys,
-		indentionStep: cfg.IndentionStep,
-		streamPool:    make(chan *Stream, 16),
-		iteratorPool:  make(chan *Iterator, 16),
+		sortMapKeys:                   cfg.SortMapKeys,
+		indentionStep:                 cfg.IndentionStep,
+		objectFieldMustBeSimpleString: cfg.ObjectFieldMustBeSimpleString,
+		streamPool:                    make(chan *Stream, 16),
+		iteratorPool:                  make(chan *Iterator, 16),
 	}
 	atomic.StorePointer(&frozenConfig.decoderCache, unsafe.Pointer(&map[string]ValDecoder{}))
 	atomic.StorePointer(&frozenConfig.encoderCache, unsafe.Pointer(&map[string]ValEncoder{}))
@@ -83,10 +91,31 @@ func (cfg Config) Froze() API {
 	if cfg.UseNumber {
 		frozenConfig.useNumber()
 	}
+	if cfg.ValidateJsonRawMessage {
+		frozenConfig.validateJsonRawMessage()
+	}
 	frozenConfig.configBeforeFrozen = cfg
 	return frozenConfig
 }
 
+func (cfg *frozenConfig) validateJsonRawMessage() {
+	encoder := &funcEncoder{func(ptr unsafe.Pointer, stream *Stream) {
+		rawMessage := *(*json.RawMessage)(ptr)
+		iter := cfg.BorrowIterator([]byte(rawMessage))
+		iter.Read()
+		if iter.Error != nil {
+			stream.WriteRaw("null")
+		} else {
+			cfg.ReturnIterator(iter)
+			stream.WriteRaw(string(rawMessage))
+		}
+	}, func(ptr unsafe.Pointer) bool {
+		return false
+	}}
+	cfg.addEncoderToCache(reflect.TypeOf((*json.RawMessage)(nil)).Elem(), encoder)
+	cfg.addEncoderToCache(reflect.TypeOf((*RawMessage)(nil)).Elem(), encoder)
+}
+
 func (cfg *frozenConfig) useNumber() {
 	cfg.addDecoderToCache(reflect.TypeOf((*interface{})(nil)).Elem(), &funcDecoder{func(ptr unsafe.Pointer, iter *Iterator) {
 		if iter.WhatIsNext() == NumberValue {
@@ -104,7 +133,7 @@ func (cfg *frozenConfig) getTagKey() string {
 	return tagKey
 }
 
-func (cfg *frozenConfig) registerExtension(extension Extension) {
+func (cfg *frozenConfig) RegisterExtension(extension Extension) {
 	cfg.extensions = append(cfg.extensions, extension)
 }
 
@@ -310,3 +339,10 @@ func (cfg *frozenConfig) NewDecoder(reader io.Reader) *Decoder {
 	iter := Parse(cfg, reader, 512)
 	return &Decoder{iter}
 }
+
+func (cfg *frozenConfig) Valid(data []byte) bool {
+	iter := cfg.BorrowIterator(data)
+	defer cfg.ReturnIterator(iter)
+	iter.Skip()
+	return iter.Error == nil
+}
diff --git a/vendor/github.com/json-iterator/go/feature_iter.go b/vendor/github.com/json-iterator/go/feature_iter.go
index 4357d69bac7a..95ae54fbfe4d 100644
--- a/vendor/github.com/json-iterator/go/feature_iter.go
+++ b/vendor/github.com/json-iterator/go/feature_iter.go
@@ -77,6 +77,7 @@ type Iterator struct {
 	captureStartedAt int
 	captured         []byte
 	Error            error
+	Attachment       interface{} // open for customized decoder
 }
 
 // NewIterator creates an empty Iterator instance
@@ -167,7 +168,7 @@ func (iter *Iterator) isObjectEnd() bool {
 	if c == '}' {
 		return true
 	}
-	iter.ReportError("isObjectEnd", "object ended prematurely")
+	iter.ReportError("isObjectEnd", "object ended prematurely, unexpected char "+string([]byte{c}))
 	return true
 }
 
@@ -200,8 +201,22 @@ func (iter *Iterator) ReportError(operation string, msg string) {
 	if peekStart < 0 {
 		peekStart = 0
 	}
-	iter.Error = fmt.Errorf("%s: %s, parsing %v ...%s... at %s", operation, msg, iter.head,
-		string(iter.buf[peekStart:iter.head]), string(iter.buf[0:iter.tail]))
+	peekEnd := iter.head + 10
+	if peekEnd > iter.tail {
+		peekEnd = iter.tail
+	}
+	parsing := string(iter.buf[peekStart:peekEnd])
+	contextStart := iter.head - 50
+	if contextStart < 0 {
+		contextStart = 0
+	}
+	contextEnd := iter.head + 50
+	if contextEnd > iter.tail {
+		contextEnd = iter.tail
+	}
+	context := string(iter.buf[contextStart:contextEnd])
+	iter.Error = fmt.Errorf("%s: %s, error found in #%v byte of ...|%s|..., bigger context ...|%s|...",
+		operation, msg, iter.head-peekStart, parsing, context)
 }
 
 // CurrentBuffer gets current buffer as string for debugging purpose
@@ -210,7 +225,7 @@ func (iter *Iterator) CurrentBuffer() string {
 	if peekStart < 0 {
 		peekStart = 0
 	}
-	return fmt.Sprintf("parsing %v ...|%s|... at %s", iter.head,
+	return fmt.Sprintf("parsing #%v byte, around ...|%s|..., whole buffer ...|%s|...", iter.head,
 		string(iter.buf[peekStart:iter.head]), string(iter.buf[0:iter.tail]))
 }
 
diff --git a/vendor/github.com/json-iterator/go/feature_iter_array.go b/vendor/github.com/json-iterator/go/feature_iter_array.go
index cbc3ec8d16a4..6188cb4577ab 100644
--- a/vendor/github.com/json-iterator/go/feature_iter_array.go
+++ b/vendor/github.com/json-iterator/go/feature_iter_array.go
@@ -19,7 +19,7 @@ func (iter *Iterator) ReadArray() (ret bool) {
 	case ',':
 		return true
 	default:
-		iter.ReportError("ReadArray", "expect [ or , or ] or n, but found: "+string([]byte{c}))
+		iter.ReportError("ReadArray", "expect [ or , or ] or n, but found "+string([]byte{c}))
 		return
 	}
 }
@@ -42,7 +42,7 @@ func (iter *Iterator) ReadArrayCB(callback func(*Iterator) bool) (ret bool) {
 				c = iter.nextToken()
 			}
 			if c != ']' {
-				iter.ReportError("ReadArrayCB", "expect ] in the end")
+				iter.ReportError("ReadArrayCB", "expect ] in the end, but found "+string([]byte{c}))
 				return false
 			}
 			return true
@@ -53,6 +53,6 @@ func (iter *Iterator) ReadArrayCB(callback func(*Iterator) bool) (ret bool) {
 		iter.skipThreeBytes('u', 'l', 'l')
 		return true // null
 	}
-	iter.ReportError("ReadArrayCB", "expect [ or n, but found: "+string([]byte{c}))
+	iter.ReportError("ReadArrayCB", "expect [ or n, but found "+string([]byte{c}))
 	return false
 }
diff --git a/vendor/github.com/json-iterator/go/feature_iter_int.go b/vendor/github.com/json-iterator/go/feature_iter_int.go
index 886879efdbb1..4781c63933cf 100644
--- a/vendor/github.com/json-iterator/go/feature_iter_int.go
+++ b/vendor/github.com/json-iterator/go/feature_iter_int.go
@@ -115,6 +115,7 @@ func (iter *Iterator) ReadUint32() (ret uint32) {
 func (iter *Iterator) readUint32(c byte) (ret uint32) {
 	ind := intDigits[c]
 	if ind == 0 {
+		iter.assertInteger()
 		return 0 // single zero
 	}
 	if ind == invalidCharForNumber {
@@ -127,12 +128,14 @@ func (iter *Iterator) readUint32(c byte) (ret uint32) {
 		ind2 := intDigits[iter.buf[i]]
 		if ind2 == invalidCharForNumber {
 			iter.head = i
+			iter.assertInteger()
 			return value
 		}
 		i++
 		ind3 := intDigits[iter.buf[i]]
 		if ind3 == invalidCharForNumber {
 			iter.head = i
+			iter.assertInteger()
 			return value*10 + uint32(ind2)
 		}
 		//iter.head = i + 1
@@ -141,30 +144,35 @@ func (iter *Iterator) readUint32(c byte) (ret uint32) {
 		ind4 := intDigits[iter.buf[i]]
 		if ind4 == invalidCharForNumber {
 			iter.head = i
+			iter.assertInteger()
 			return value*100 + uint32(ind2)*10 + uint32(ind3)
 		}
 		i++
 		ind5 := intDigits[iter.buf[i]]
 		if ind5 == invalidCharForNumber {
 			iter.head = i
+			iter.assertInteger()
 			return value*1000 + uint32(ind2)*100 + uint32(ind3)*10 + uint32(ind4)
 		}
 		i++
 		ind6 := intDigits[iter.buf[i]]
 		if ind6 == invalidCharForNumber {
 			iter.head = i
+			iter.assertInteger()
 			return value*10000 + uint32(ind2)*1000 + uint32(ind3)*100 + uint32(ind4)*10 + uint32(ind5)
 		}
 		i++
 		ind7 := intDigits[iter.buf[i]]
 		if ind7 == invalidCharForNumber {
 			iter.head = i
+			iter.assertInteger()
 			return value*100000 + uint32(ind2)*10000 + uint32(ind3)*1000 + uint32(ind4)*100 + uint32(ind5)*10 + uint32(ind6)
 		}
 		i++
 		ind8 := intDigits[iter.buf[i]]
 		if ind8 == invalidCharForNumber {
 			iter.head = i
+			iter.assertInteger()
 			return value*1000000 + uint32(ind2)*100000 + uint32(ind3)*10000 + uint32(ind4)*1000 + uint32(ind5)*100 + uint32(ind6)*10 + uint32(ind7)
 		}
 		i++
@@ -172,6 +180,7 @@ func (iter *Iterator) readUint32(c byte) (ret uint32) {
 		value = value*10000000 + uint32(ind2)*1000000 + uint32(ind3)*100000 + uint32(ind4)*10000 + uint32(ind5)*1000 + uint32(ind6)*100 + uint32(ind7)*10 + uint32(ind8)
 		iter.head = i
 		if ind9 == invalidCharForNumber {
+			iter.assertInteger()
 			return value
 		}
 	}
@@ -180,6 +189,7 @@ func (iter *Iterator) readUint32(c byte) (ret uint32) {
 			ind = intDigits[iter.buf[i]]
 			if ind == invalidCharForNumber {
 				iter.head = i
+				iter.assertInteger()
 				return value
 			}
 			if value > uint32SafeToMultiply10 {
@@ -194,6 +204,7 @@ func (iter *Iterator) readUint32(c byte) (ret uint32) {
 			value = (value << 3) + (value << 1) + uint32(ind)
 		}
 		if !iter.loadMore() {
+			iter.assertInteger()
 			return value
 		}
 	}
@@ -226,6 +237,7 @@ func (iter *Iterator) ReadUint64() uint64 {
 func (iter *Iterator) readUint64(c byte) (ret uint64) {
 	ind := intDigits[c]
 	if ind == 0 {
+		iter.assertInteger()
 		return 0 // single zero
 	}
 	if ind == invalidCharForNumber {
@@ -233,11 +245,73 @@ func (iter *Iterator) readUint64(c byte) (ret uint64) {
 		return
 	}
 	value := uint64(ind)
+	if iter.tail-iter.head > 10 {
+		i := iter.head
+		ind2 := intDigits[iter.buf[i]]
+		if ind2 == invalidCharForNumber {
+			iter.head = i
+			iter.assertInteger()
+			return value
+		}
+		i++
+		ind3 := intDigits[iter.buf[i]]
+		if ind3 == invalidCharForNumber {
+			iter.head = i
+			iter.assertInteger()
+			return value*10 + uint64(ind2)
+		}
+		//iter.head = i + 1
+		//value = value * 100 + uint32(ind2) * 10 + uint32(ind3)
+		i++
+		ind4 := intDigits[iter.buf[i]]
+		if ind4 == invalidCharForNumber {
+			iter.head = i
+			iter.assertInteger()
+			return value*100 + uint64(ind2)*10 + uint64(ind3)
+		}
+		i++
+		ind5 := intDigits[iter.buf[i]]
+		if ind5 == invalidCharForNumber {
+			iter.head = i
+			iter.assertInteger()
+			return value*1000 + uint64(ind2)*100 + uint64(ind3)*10 + uint64(ind4)
+		}
+		i++
+		ind6 := intDigits[iter.buf[i]]
+		if ind6 == invalidCharForNumber {
+			iter.head = i
+			iter.assertInteger()
+			return value*10000 + uint64(ind2)*1000 + uint64(ind3)*100 + uint64(ind4)*10 + uint64(ind5)
+		}
+		i++
+		ind7 := intDigits[iter.buf[i]]
+		if ind7 == invalidCharForNumber {
+			iter.head = i
+			iter.assertInteger()
+			return value*100000 + uint64(ind2)*10000 + uint64(ind3)*1000 + uint64(ind4)*100 + uint64(ind5)*10 + uint64(ind6)
+		}
+		i++
+		ind8 := intDigits[iter.buf[i]]
+		if ind8 == invalidCharForNumber {
+			iter.head = i
+			iter.assertInteger()
+			return value*1000000 + uint64(ind2)*100000 + uint64(ind3)*10000 + uint64(ind4)*1000 + uint64(ind5)*100 + uint64(ind6)*10 + uint64(ind7)
+		}
+		i++
+		ind9 := intDigits[iter.buf[i]]
+		value = value*10000000 + uint64(ind2)*1000000 + uint64(ind3)*100000 + uint64(ind4)*10000 + uint64(ind5)*1000 + uint64(ind6)*100 + uint64(ind7)*10 + uint64(ind8)
+		iter.head = i
+		if ind9 == invalidCharForNumber {
+			iter.assertInteger()
+			return value
+		}
+	}
 	for {
 		for i := iter.head; i < iter.tail; i++ {
 			ind = intDigits[iter.buf[i]]
 			if ind == invalidCharForNumber {
 				iter.head = i
+				iter.assertInteger()
 				return value
 			}
 			if value > uint64SafeToMultiple10 {
@@ -252,7 +326,14 @@ func (iter *Iterator) readUint64(c byte) (ret uint64) {
 			value = (value << 3) + (value << 1) + uint64(ind)
 		}
 		if !iter.loadMore() {
+			iter.assertInteger()
 			return value
 		}
 	}
 }
+
+func (iter *Iterator) assertInteger() {
+	if iter.head < len(iter.buf) && iter.buf[iter.head] == '.' {
+		iter.ReportError("assertInteger", "can not decode float as int")
+	}
+}
diff --git a/vendor/github.com/json-iterator/go/feature_iter_object.go b/vendor/github.com/json-iterator/go/feature_iter_object.go
index 3bdb5576eed1..dfd91fa60d95 100644
--- a/vendor/github.com/json-iterator/go/feature_iter_object.go
+++ b/vendor/github.com/json-iterator/go/feature_iter_object.go
@@ -19,15 +19,33 @@ func (iter *Iterator) ReadObject() (ret string) {
 		c = iter.nextToken()
 		if c == '"' {
 			iter.unreadByte()
-			return string(iter.readObjectFieldAsBytes())
+			if iter.cfg.objectFieldMustBeSimpleString {
+				return string(iter.readObjectFieldAsBytes())
+			} else {
+				field := iter.ReadString()
+				c = iter.nextToken()
+				if c != ':' {
+					iter.ReportError("ReadObject", "expect : after object field, but found "+string([]byte{c}))
+				}
+				return field
+			}
 		}
 		if c == '}' {
 			return "" // end of object
 		}
-		iter.ReportError("ReadObject", `expect " after {`)
+		iter.ReportError("ReadObject", `expect " after {, but found `+string([]byte{c}))
 		return
 	case ',':
-		return string(iter.readObjectFieldAsBytes())
+		if iter.cfg.objectFieldMustBeSimpleString {
+			return string(iter.readObjectFieldAsBytes())
+		} else {
+			field := iter.ReadString()
+			c = iter.nextToken()
+			if c != ':' {
+				iter.ReportError("ReadObject", "expect : after object field, but found "+string([]byte{c}))
+			}
+			return field
+		}
 	case '}':
 		return "" // end of object
 	default:
@@ -44,17 +62,34 @@ func (iter *Iterator) readFieldHash() int32 {
 			for i := iter.head; i < iter.tail; i++ {
 				// require ascii string and no escape
 				b := iter.buf[i]
-				if 'A' <= b && b <= 'Z' {
-					b += 'a' - 'A'
+				if !iter.cfg.objectFieldMustBeSimpleString && b == '\\' {
+					iter.head = i
+					for _, b := range iter.readStringSlowPath() {
+						if 'A' <= b && b <= 'Z' {
+							b += 'a' - 'A'
+						}
+						hash ^= int64(b)
+						hash *= 0x1000193
+					}
+					c = iter.nextToken()
+					if c != ':' {
+						iter.ReportError("readFieldHash", `expect :, but found `+string([]byte{c}))
+						return 0
+					}
+					return int32(hash)
 				}
 				if b == '"' {
 					iter.head = i + 1
 					c = iter.nextToken()
 					if c != ':' {
 						iter.ReportError("readFieldHash", `expect :, but found `+string([]byte{c}))
+						return 0
 					}
 					return int32(hash)
 				}
+				if 'A' <= b && b <= 'Z' {
+					b += 'a' - 'A'
+				}
 				hash ^= int64(b)
 				hash *= 0x1000193
 			}
@@ -80,18 +115,38 @@ func calcHash(str string) int32 {
 // ReadObjectCB read object with callback, the key is ascii only and field name not copied
 func (iter *Iterator) ReadObjectCB(callback func(*Iterator, string) bool) bool {
 	c := iter.nextToken()
+	var fieldBytes []byte
+	var field string
 	if c == '{' {
 		c = iter.nextToken()
 		if c == '"' {
 			iter.unreadByte()
-			field := iter.readObjectFieldAsBytes()
-			if !callback(iter, *(*string)(unsafe.Pointer(&field))) {
+			if iter.cfg.objectFieldMustBeSimpleString {
+				fieldBytes = iter.readObjectFieldAsBytes()
+				field = *(*string)(unsafe.Pointer(&fieldBytes))
+			} else {
+				field = iter.ReadString()
+				c = iter.nextToken()
+				if c != ':' {
+					iter.ReportError("ReadObject", "expect : after object field, but found "+string([]byte{c}))
+				}
+			}
+			if !callback(iter, field) {
 				return false
 			}
 			c = iter.nextToken()
 			for c == ',' {
-				field = iter.readObjectFieldAsBytes()
-				if !callback(iter, *(*string)(unsafe.Pointer(&field))) {
+				if iter.cfg.objectFieldMustBeSimpleString {
+					fieldBytes = iter.readObjectFieldAsBytes()
+					field = *(*string)(unsafe.Pointer(&fieldBytes))
+				} else {
+					field = iter.ReadString()
+					c = iter.nextToken()
+					if c != ':' {
+						iter.ReportError("ReadObject", "expect : after object field, but found "+string([]byte{c}))
+					}
+				}
+				if !callback(iter, field) {
 					return false
 				}
 				c = iter.nextToken()
@@ -105,14 +160,14 @@ func (iter *Iterator) ReadObjectCB(callback func(*Iterator, string) bool) bool {
 		if c == '}' {
 			return true
 		}
-		iter.ReportError("ReadObjectCB", `expect " after }`)
+		iter.ReportError("ReadObjectCB", `expect " after }, but found `+string([]byte{c}))
 		return false
 	}
 	if c == 'n' {
 		iter.skipThreeBytes('u', 'l', 'l')
 		return true // null
 	}
-	iter.ReportError("ReadObjectCB", `expect { or n`)
+	iter.ReportError("ReadObjectCB", `expect { or n, but found `+string([]byte{c}))
 	return false
 }
 
@@ -125,7 +180,7 @@ func (iter *Iterator) ReadMapCB(callback func(*Iterator, string) bool) bool {
 			iter.unreadByte()
 			field := iter.ReadString()
 			if iter.nextToken() != ':' {
-				iter.ReportError("ReadMapCB", "expect : after object field")
+				iter.ReportError("ReadMapCB", "expect : after object field, but found "+string([]byte{c}))
 				return false
 			}
 			if !callback(iter, field) {
@@ -135,7 +190,7 @@ func (iter *Iterator) ReadMapCB(callback func(*Iterator, string) bool) bool {
 			for c == ',' {
 				field = iter.ReadString()
 				if iter.nextToken() != ':' {
-					iter.ReportError("ReadMapCB", "expect : after object field")
+					iter.ReportError("ReadMapCB", "expect : after object field, but found "+string([]byte{c}))
 					return false
 				}
 				if !callback(iter, field) {
@@ -152,14 +207,14 @@ func (iter *Iterator) ReadMapCB(callback func(*Iterator, string) bool) bool {
 		if c == '}' {
 			return true
 		}
-		iter.ReportError("ReadMapCB", `expect " after }`)
+		iter.ReportError("ReadMapCB", `expect " after }, but found `+string([]byte{c}))
 		return false
 	}
 	if c == 'n' {
 		iter.skipThreeBytes('u', 'l', 'l')
 		return true // null
 	}
-	iter.ReportError("ReadMapCB", `expect { or n`)
+	iter.ReportError("ReadMapCB", `expect { or n, but found `+string([]byte{c}))
 	return false
 }
 
@@ -176,7 +231,7 @@ func (iter *Iterator) readObjectStart() bool {
 		iter.skipThreeBytes('u', 'l', 'l')
 		return false
 	}
-	iter.ReportError("readObjectStart", "expect { or n")
+	iter.ReportError("readObjectStart", "expect { or n, but found "+string([]byte{c}))
 	return false
 }
 
@@ -192,7 +247,7 @@ func (iter *Iterator) readObjectFieldAsBytes() (ret []byte) {
 		}
 	}
 	if iter.buf[iter.head] != ':' {
-		iter.ReportError("readObjectFieldAsBytes", "expect : after object field")
+		iter.ReportError("readObjectFieldAsBytes", "expect : after object field, but found "+string([]byte{iter.buf[iter.head]}))
 		return
 	}
 	iter.head++
diff --git a/vendor/github.com/json-iterator/go/feature_iter_skip.go b/vendor/github.com/json-iterator/go/feature_iter_skip.go
index b008d98c99a3..f58beb9137bf 100644
--- a/vendor/github.com/json-iterator/go/feature_iter_skip.go
+++ b/vendor/github.com/json-iterator/go/feature_iter_skip.go
@@ -25,7 +25,7 @@ func (iter *Iterator) ReadBool() (ret bool) {
 		iter.skipFourBytes('a', 'l', 's', 'e')
 		return false
 	}
-	iter.ReportError("ReadBool", "expect t or f")
+	iter.ReportError("ReadBool", "expect t or f, but found "+string([]byte{c}))
 	return
 }
 
@@ -59,7 +59,9 @@ func (iter *Iterator) stopCapture() []byte {
 	iter.captureStartedAt = -1
 	iter.captured = nil
 	if len(captured) == 0 {
-		return remaining
+		copied := make([]byte, len(remaining))
+		copy(copied, remaining)
+		return copied
 	}
 	captured = append(captured, remaining...)
 	return captured
diff --git a/vendor/github.com/json-iterator/go/feature_iter_skip_sloppy.go b/vendor/github.com/json-iterator/go/feature_iter_skip_sloppy.go
index 047d58a4bc9e..8fcdc3b69bdf 100644
--- a/vendor/github.com/json-iterator/go/feature_iter_skip_sloppy.go
+++ b/vendor/github.com/json-iterator/go/feature_iter_skip_sloppy.go
@@ -1,4 +1,4 @@
-//+build jsoniter-sloppy
+//+build jsoniter_sloppy
 
 package jsoniter
 
diff --git a/vendor/github.com/json-iterator/go/feature_iter_skip_strict.go b/vendor/github.com/json-iterator/go/feature_iter_skip_strict.go
index d26763825408..f67bc2e83151 100644
--- a/vendor/github.com/json-iterator/go/feature_iter_skip_strict.go
+++ b/vendor/github.com/json-iterator/go/feature_iter_skip_strict.go
@@ -1,4 +1,4 @@
-//+build !jsoniter-sloppy
+//+build !jsoniter_sloppy
 
 package jsoniter
 
@@ -64,7 +64,7 @@ func (iter *Iterator) trySkipString() bool {
 		} else if c == '\\' {
 			return false
 		} else if c < ' ' {
-			iter.ReportError("ReadString",
+			iter.ReportError("trySkipString",
 				fmt.Sprintf(`invalid control character found: %d`, c))
 			return true // already failed
 		}
diff --git a/vendor/github.com/json-iterator/go/feature_iter_string.go b/vendor/github.com/json-iterator/go/feature_iter_string.go
index b764600460e6..adc487ea8048 100644
--- a/vendor/github.com/json-iterator/go/feature_iter_string.go
+++ b/vendor/github.com/json-iterator/go/feature_iter_string.go
@@ -28,7 +28,7 @@ func (iter *Iterator) ReadString() (ret string) {
 		iter.skipThreeBytes('u', 'l', 'l')
 		return ""
 	}
-	iter.ReportError("ReadString", `expects " or n`)
+	iter.ReportError("ReadString", `expects " or n, but found `+string([]byte{c}))
 	return
 }
 
@@ -47,7 +47,7 @@ func (iter *Iterator) readStringSlowPath() (ret string) {
 			str = append(str, c)
 		}
 	}
-	iter.ReportError("ReadString", "unexpected end of input")
+	iter.ReportError("readStringSlowPath", "unexpected end of input")
 	return
 }
 
@@ -104,7 +104,7 @@ func (iter *Iterator) readEscapedChar(c byte, str []byte) []byte {
 	case 't':
 		str = append(str, '\t')
 	default:
-		iter.ReportError("ReadString",
+		iter.ReportError("readEscapedChar",
 			`invalid escape char after \`)
 		return nil
 	}
@@ -139,7 +139,7 @@ func (iter *Iterator) ReadStringAsSlice() (ret []byte) {
 		}
 		return copied
 	}
-	iter.ReportError("ReadString", `expects " or n`)
+	iter.ReportError("ReadStringAsSlice", `expects " or n, but found `+string([]byte{c}))
 	return
 }
 
@@ -156,7 +156,7 @@ func (iter *Iterator) readU4() (ret rune) {
 		} else if c >= 'A' && c <= 'F' {
 			ret = ret*16 + rune(c-'A'+10)
 		} else {
-			iter.ReportError("readU4", "expects 0~9 or a~f")
+			iter.ReportError("readU4", "expects 0~9 or a~f, but found "+string([]byte{c}))
 			return
 		}
 	}
diff --git a/vendor/github.com/json-iterator/go/feature_json_number.go b/vendor/github.com/json-iterator/go/feature_json_number.go
index 0439f6725283..e187b200a9cd 100644
--- a/vendor/github.com/json-iterator/go/feature_json_number.go
+++ b/vendor/github.com/json-iterator/go/feature_json_number.go
@@ -1,9 +1,25 @@
 package jsoniter
 
-import "encoding/json"
+import (
+	"encoding/json"
+	"strconv"
+)
 
 type Number string
 
+// String returns the literal text of the number.
+func (n Number) String() string { return string(n) }
+
+// Float64 returns the number as a float64.
+func (n Number) Float64() (float64, error) {
+	return strconv.ParseFloat(string(n), 64)
+}
+
+// Int64 returns the number as an int64.
+func (n Number) Int64() (int64, error) {
+	return strconv.ParseInt(string(n), 10, 64)
+}
+
 func CastJsonNumber(val interface{}) (string, bool) {
 	switch typedVal := val.(type) {
 	case json.Number:
diff --git a/vendor/github.com/json-iterator/go/feature_pool.go b/vendor/github.com/json-iterator/go/feature_pool.go
index 73962bc6f6cc..52d38e685540 100644
--- a/vendor/github.com/json-iterator/go/feature_pool.go
+++ b/vendor/github.com/json-iterator/go/feature_pool.go
@@ -28,6 +28,7 @@ func (cfg *frozenConfig) BorrowStream(writer io.Writer) *Stream {
 
 func (cfg *frozenConfig) ReturnStream(stream *Stream) {
 	stream.Error = nil
+	stream.Attachment = nil
 	select {
 	case cfg.streamPool <- stream:
 		return
@@ -48,6 +49,7 @@ func (cfg *frozenConfig) BorrowIterator(data []byte) *Iterator {
 
 func (cfg *frozenConfig) ReturnIterator(iter *Iterator) {
 	iter.Error = nil
+	iter.Attachment = nil
 	select {
 	case cfg.iteratorPool <- iter:
 		return
diff --git a/vendor/github.com/json-iterator/go/feature_reflect.go b/vendor/github.com/json-iterator/go/feature_reflect.go
index 05d91b49c8b9..bed7764ed7d7 100644
--- a/vendor/github.com/json-iterator/go/feature_reflect.go
+++ b/vendor/github.com/json-iterator/go/feature_reflect.go
@@ -72,24 +72,24 @@ func init() {
 	textUnmarshalerType = reflect.TypeOf((*encoding.TextUnmarshaler)(nil)).Elem()
 }
 
-type optionalDecoder struct {
-	valueType    reflect.Type
-	valueDecoder ValDecoder
+type OptionalDecoder struct {
+	ValueType    reflect.Type
+	ValueDecoder ValDecoder
 }
 
-func (decoder *optionalDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) {
+func (decoder *OptionalDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) {
 	if iter.ReadNil() {
 		*((*unsafe.Pointer)(ptr)) = nil
 	} else {
 		if *((*unsafe.Pointer)(ptr)) == nil {
 			//pointer to null, we have to allocate memory to hold the value
-			value := reflect.New(decoder.valueType)
+			value := reflect.New(decoder.ValueType)
 			newPtr := extractInterface(value.Interface()).word
-			decoder.valueDecoder.Decode(newPtr, iter)
+			decoder.ValueDecoder.Decode(newPtr, iter)
 			*((*uintptr)(ptr)) = uintptr(newPtr)
 		} else {
 			//reuse existing instance
-			decoder.valueDecoder.Decode(*((*unsafe.Pointer)(ptr)), iter)
+			decoder.ValueDecoder.Decode(*((*unsafe.Pointer)(ptr)), iter)
 		}
 	}
 }
@@ -113,27 +113,45 @@ func (decoder *deferenceDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) {
 	}
 }
 
-type optionalEncoder struct {
-	valueEncoder ValEncoder
+type OptionalEncoder struct {
+	ValueEncoder ValEncoder
 }
 
-func (encoder *optionalEncoder) Encode(ptr unsafe.Pointer, stream *Stream) {
+func (encoder *OptionalEncoder) Encode(ptr unsafe.Pointer, stream *Stream) {
 	if *((*unsafe.Pointer)(ptr)) == nil {
 		stream.WriteNil()
 	} else {
-		encoder.valueEncoder.Encode(*((*unsafe.Pointer)(ptr)), stream)
+		encoder.ValueEncoder.Encode(*((*unsafe.Pointer)(ptr)), stream)
 	}
 }
 
-func (encoder *optionalEncoder) EncodeInterface(val interface{}, stream *Stream) {
+func (encoder *OptionalEncoder) EncodeInterface(val interface{}, stream *Stream) {
 	WriteToStream(val, stream, encoder)
 }
 
-func (encoder *optionalEncoder) IsEmpty(ptr unsafe.Pointer) bool {
+func (encoder *OptionalEncoder) IsEmpty(ptr unsafe.Pointer) bool {
+	return *((*unsafe.Pointer)(ptr)) == nil
+}
+
+type optionalMapEncoder struct {
+	valueEncoder ValEncoder
+}
+
+func (encoder *optionalMapEncoder) Encode(ptr unsafe.Pointer, stream *Stream) {
 	if *((*unsafe.Pointer)(ptr)) == nil {
-		return true
+		stream.WriteNil()
+	} else {
+		encoder.valueEncoder.Encode(*((*unsafe.Pointer)(ptr)), stream)
 	}
-	return false
+}
+
+func (encoder *optionalMapEncoder) EncodeInterface(val interface{}, stream *Stream) {
+	WriteToStream(val, stream, encoder)
+}
+
+func (encoder *optionalMapEncoder) IsEmpty(ptr unsafe.Pointer) bool {
+	p := *((*unsafe.Pointer)(ptr))
+	return p == nil || encoder.valueEncoder.IsEmpty(p)
 }
 
 type placeholderEncoder struct {
@@ -146,7 +164,7 @@ func (encoder *placeholderEncoder) Encode(ptr unsafe.Pointer, stream *Stream) {
 }
 
 func (encoder *placeholderEncoder) EncodeInterface(val interface{}, stream *Stream) {
-	WriteToStream(val, stream, encoder)
+	encoder.getRealEncoder().EncodeInterface(val, stream)
 }
 
 func (encoder *placeholderEncoder) IsEmpty(ptr unsafe.Pointer) bool {
@@ -154,11 +172,11 @@ func (encoder *placeholderEncoder) IsEmpty(ptr unsafe.Pointer) bool {
 }
 
 func (encoder *placeholderEncoder) getRealEncoder() ValEncoder {
-	for i := 0; i < 30; i++ {
+	for i := 0; i < 500; i++ {
 		realDecoder := encoder.cfg.getEncoderFromCache(encoder.cacheKey)
 		_, isPlaceholder := realDecoder.(*placeholderEncoder)
 		if isPlaceholder {
-			time.Sleep(time.Second)
+			time.Sleep(10 * time.Millisecond)
 		} else {
 			return realDecoder
 		}
@@ -172,11 +190,11 @@ type placeholderDecoder struct {
 }
 
 func (decoder *placeholderDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	for i := 0; i < 30; i++ {
+	for i := 0; i < 500; i++ {
 		realDecoder := decoder.cfg.getDecoderFromCache(decoder.cacheKey)
 		_, isPlaceholder := realDecoder.(*placeholderDecoder)
 		if isPlaceholder {
-			time.Sleep(time.Second)
+			time.Sleep(10 * time.Millisecond)
 		} else {
 			realDecoder.Decode(ptr, iter)
 			return
@@ -256,7 +274,7 @@ func decoderOfType(cfg *frozenConfig, typ reflect.Type) (ValDecoder, error) {
 	if decoder != nil {
 		return decoder, nil
 	}
-	decoder = getTypeDecoderFromExtension(typ)
+	decoder = getTypeDecoderFromExtension(cfg, typ)
 	if decoder != nil {
 		cfg.addDecoderToCache(cacheKey, decoder)
 		return decoder, nil
@@ -267,6 +285,9 @@ func decoderOfType(cfg *frozenConfig, typ reflect.Type) (ValDecoder, error) {
 	for _, extension := range extensions {
 		decoder = extension.DecorateDecoder(typ, decoder)
 	}
+	for _, extension := range cfg.extensions {
+		decoder = extension.DecorateDecoder(typ, decoder)
+	}
 	cfg.addDecoderToCache(cacheKey, decoder)
 	return decoder, err
 }
@@ -289,7 +310,7 @@ func createDecoderOfType(cfg *frozenConfig, typ reflect.Type) (ValDecoder, error
 		templateInterface := reflect.New(typ).Elem().Interface()
 		var decoder ValDecoder = &unmarshalerDecoder{extractInterface(templateInterface)}
 		if typ.Kind() == reflect.Ptr {
-			decoder = &optionalDecoder{typ.Elem(), decoder}
+			decoder = &OptionalDecoder{typ.Elem(), decoder}
 		}
 		return decoder, nil
 	}
@@ -302,7 +323,7 @@ func createDecoderOfType(cfg *frozenConfig, typ reflect.Type) (ValDecoder, error
 		templateInterface := reflect.New(typ).Elem().Interface()
 		var decoder ValDecoder = &textUnmarshalerDecoder{extractInterface(templateInterface)}
 		if typ.Kind() == reflect.Ptr {
-			decoder = &optionalDecoder{typ.Elem(), decoder}
+			decoder = &OptionalDecoder{typ.Elem(), decoder}
 		}
 		return decoder, nil
 	}
@@ -423,7 +444,7 @@ func encoderOfType(cfg *frozenConfig, typ reflect.Type) (ValEncoder, error) {
 	if encoder != nil {
 		return encoder, nil
 	}
-	encoder = getTypeEncoderFromExtension(typ)
+	encoder = getTypeEncoderFromExtension(cfg, typ)
 	if encoder != nil {
 		cfg.addEncoderToCache(cacheKey, encoder)
 		return encoder, nil
@@ -434,6 +455,9 @@ func encoderOfType(cfg *frozenConfig, typ reflect.Type) (ValEncoder, error) {
 	for _, extension := range extensions {
 		encoder = extension.DecorateEncoder(typ, encoder)
 	}
+	for _, extension := range cfg.extensions {
+		encoder = extension.DecorateEncoder(typ, encoder)
+	}
 	cfg.addEncoderToCache(cacheKey, encoder)
 	return encoder, err
 }
@@ -452,7 +476,7 @@ func createEncoderOfType(cfg *frozenConfig, typ reflect.Type) (ValEncoder, error
 		return &jsoniterNumberCodec{}, nil
 	}
 	if typ.Implements(marshalerType) {
-		checkIsEmpty, err := createCheckIsEmpty(typ)
+		checkIsEmpty, err := createCheckIsEmpty(cfg, typ)
 		if err != nil {
 			return nil, err
 		}
@@ -462,12 +486,24 @@ func createEncoderOfType(cfg *frozenConfig, typ reflect.Type) (ValEncoder, error
 			checkIsEmpty:      checkIsEmpty,
 		}
 		if typ.Kind() == reflect.Ptr {
-			encoder = &optionalEncoder{encoder}
+			encoder = &OptionalEncoder{encoder}
+		}
+		return encoder, nil
+	}
+	if reflect.PtrTo(typ).Implements(marshalerType) {
+		checkIsEmpty, err := createCheckIsEmpty(cfg, reflect.PtrTo(typ))
+		if err != nil {
+			return nil, err
+		}
+		templateInterface := reflect.New(typ).Interface()
+		var encoder ValEncoder = &marshalerEncoder{
+			templateInterface: extractInterface(templateInterface),
+			checkIsEmpty:      checkIsEmpty,
 		}
 		return encoder, nil
 	}
 	if typ.Implements(textMarshalerType) {
-		checkIsEmpty, err := createCheckIsEmpty(typ)
+		checkIsEmpty, err := createCheckIsEmpty(cfg, typ)
 		if err != nil {
 			return nil, err
 		}
@@ -477,7 +513,7 @@ func createEncoderOfType(cfg *frozenConfig, typ reflect.Type) (ValEncoder, error
 			checkIsEmpty:      checkIsEmpty,
 		}
 		if typ.Kind() == reflect.Ptr {
-			encoder = &optionalEncoder{encoder}
+			encoder = &OptionalEncoder{encoder}
 		}
 		return encoder, nil
 	}
@@ -490,7 +526,7 @@ func createEncoderOfType(cfg *frozenConfig, typ reflect.Type) (ValEncoder, error
 	return createEncoderOfSimpleType(cfg, typ)
 }
 
-func createCheckIsEmpty(typ reflect.Type) (checkIsEmpty, error) {
+func createCheckIsEmpty(cfg *frozenConfig, typ reflect.Type) (checkIsEmpty, error) {
 	kind := typ.Kind()
 	switch kind {
 	case reflect.String:
@@ -535,9 +571,9 @@ func createCheckIsEmpty(typ reflect.Type) (checkIsEmpty, error) {
 	case reflect.Slice:
 		return &sliceEncoder{}, nil
 	case reflect.Map:
-		return &mapEncoder{}, nil
+		return encoderOfMap(cfg, typ)
 	case reflect.Ptr:
-		return &optionalEncoder{}, nil
+		return &OptionalEncoder{}, nil
 	default:
 		return nil, fmt.Errorf("unsupported type: %v", typ)
 	}
@@ -648,7 +684,7 @@ func decoderOfOptional(cfg *frozenConfig, typ reflect.Type) (ValDecoder, error)
 	if err != nil {
 		return nil, err
 	}
-	return &optionalDecoder{elemType, decoder}, nil
+	return &OptionalDecoder{elemType, decoder}, nil
 }
 
 func encoderOfOptional(cfg *frozenConfig, typ reflect.Type) (ValEncoder, error) {
@@ -657,9 +693,9 @@ func encoderOfOptional(cfg *frozenConfig, typ reflect.Type) (ValEncoder, error)
 	if err != nil {
 		return nil, err
 	}
-	encoder := &optionalEncoder{elemEncoder}
+	encoder := &OptionalEncoder{elemEncoder}
 	if elemType.Kind() == reflect.Map {
-		encoder = &optionalEncoder{encoder}
+		encoder = &OptionalEncoder{encoder}
 	}
 	return encoder, nil
 }
diff --git a/vendor/github.com/json-iterator/go/feature_reflect_array.go b/vendor/github.com/json-iterator/go/feature_reflect_array.go
index e23f187b7c83..d661fb6fe561 100644
--- a/vendor/github.com/json-iterator/go/feature_reflect_array.go
+++ b/vendor/github.com/json-iterator/go/feature_reflect_array.go
@@ -21,7 +21,7 @@ func encoderOfArray(cfg *frozenConfig, typ reflect.Type) (ValEncoder, error) {
 		return nil, err
 	}
 	if typ.Elem().Kind() == reflect.Map {
-		encoder = &optionalEncoder{encoder}
+		encoder = &OptionalEncoder{encoder}
 	}
 	return &arrayEncoder{typ, typ.Elem(), encoder}, nil
 }
diff --git a/vendor/github.com/json-iterator/go/feature_reflect_extension.go b/vendor/github.com/json-iterator/go/feature_reflect_extension.go
index 3dd38299d49d..c129076bcc08 100644
--- a/vendor/github.com/json-iterator/go/feature_reflect_extension.go
+++ b/vendor/github.com/json-iterator/go/feature_reflect_extension.go
@@ -161,22 +161,31 @@ func RegisterExtension(extension Extension) {
 	extensions = append(extensions, extension)
 }
 
-func getTypeDecoderFromExtension(typ reflect.Type) ValDecoder {
-	decoder := _getTypeDecoderFromExtension(typ)
+func getTypeDecoderFromExtension(cfg *frozenConfig, typ reflect.Type) ValDecoder {
+	decoder := _getTypeDecoderFromExtension(cfg, typ)
 	if decoder != nil {
 		for _, extension := range extensions {
 			decoder = extension.DecorateDecoder(typ, decoder)
 		}
+		for _, extension := range cfg.extensions {
+			decoder = extension.DecorateDecoder(typ, decoder)
+		}
 	}
 	return decoder
 }
-func _getTypeDecoderFromExtension(typ reflect.Type) ValDecoder {
+func _getTypeDecoderFromExtension(cfg *frozenConfig, typ reflect.Type) ValDecoder {
 	for _, extension := range extensions {
 		decoder := extension.CreateDecoder(typ)
 		if decoder != nil {
 			return decoder
 		}
 	}
+	for _, extension := range cfg.extensions {
+		decoder := extension.CreateDecoder(typ)
+		if decoder != nil {
+			return decoder
+		}
+	}
 	typeName := typ.String()
 	decoder := typeDecoders[typeName]
 	if decoder != nil {
@@ -185,29 +194,38 @@ func _getTypeDecoderFromExtension(typ reflect.Type) ValDecoder {
 	if typ.Kind() == reflect.Ptr {
 		decoder := typeDecoders[typ.Elem().String()]
 		if decoder != nil {
-			return &optionalDecoder{typ.Elem(), decoder}
+			return &OptionalDecoder{typ.Elem(), decoder}
 		}
 	}
 	return nil
 }
 
-func getTypeEncoderFromExtension(typ reflect.Type) ValEncoder {
-	encoder := _getTypeEncoderFromExtension(typ)
+func getTypeEncoderFromExtension(cfg *frozenConfig, typ reflect.Type) ValEncoder {
+	encoder := _getTypeEncoderFromExtension(cfg, typ)
 	if encoder != nil {
 		for _, extension := range extensions {
 			encoder = extension.DecorateEncoder(typ, encoder)
 		}
+		for _, extension := range cfg.extensions {
+			encoder = extension.DecorateEncoder(typ, encoder)
+		}
 	}
 	return encoder
 }
 
-func _getTypeEncoderFromExtension(typ reflect.Type) ValEncoder {
+func _getTypeEncoderFromExtension(cfg *frozenConfig, typ reflect.Type) ValEncoder {
 	for _, extension := range extensions {
 		encoder := extension.CreateEncoder(typ)
 		if encoder != nil {
 			return encoder
 		}
 	}
+	for _, extension := range cfg.extensions {
+		encoder := extension.CreateEncoder(typ)
+		if encoder != nil {
+			return encoder
+		}
+	}
 	typeName := typ.String()
 	encoder := typeEncoders[typeName]
 	if encoder != nil {
@@ -216,7 +234,7 @@ func _getTypeEncoderFromExtension(typ reflect.Type) ValEncoder {
 	if typ.Kind() == reflect.Ptr {
 		encoder := typeEncoders[typ.Elem().String()]
 		if encoder != nil {
-			return &optionalEncoder{encoder}
+			return &OptionalEncoder{encoder}
 		}
 	}
 	return nil
@@ -254,7 +272,7 @@ func describeStruct(cfg *frozenConfig, typ reflect.Type) (*StructDescriptor, err
 				for _, binding := range structDescriptor.Fields {
 					binding.levels = append([]int{i}, binding.levels...)
 					omitempty := binding.Encoder.(*structFieldEncoder).omitempty
-					binding.Encoder = &optionalEncoder{binding.Encoder}
+					binding.Encoder = &OptionalEncoder{binding.Encoder}
 					binding.Encoder = &structFieldEncoder{&field, binding.Encoder, omitempty}
 					binding.Decoder = &deferenceDecoder{field.Type.Elem(), binding.Decoder}
 					binding.Decoder = &structFieldDecoder{&field, binding.Decoder}
@@ -269,7 +287,7 @@ func describeStruct(cfg *frozenConfig, typ reflect.Type) (*StructDescriptor, err
 		if decoder == nil {
 			var err error
 			decoder, err = decoderOfType(cfg, field.Type)
-			if err != nil {
+			if len(fieldNames) > 0 && err != nil {
 				return nil, err
 			}
 		}
@@ -277,12 +295,13 @@ func describeStruct(cfg *frozenConfig, typ reflect.Type) (*StructDescriptor, err
 		if encoder == nil {
 			var err error
 			encoder, err = encoderOfType(cfg, field.Type)
-			if err != nil {
+			if len(fieldNames) > 0 && err != nil {
 				return nil, err
 			}
-			// map is stored as pointer in the struct
-			if field.Type.Kind() == reflect.Map {
-				encoder = &optionalEncoder{encoder}
+			// map is stored as pointer in the struct,
+			// and treat nil or empty map as empty field
+			if encoder != nil && field.Type.Kind() == reflect.Map {
+				encoder = &optionalMapEncoder{encoder}
 			}
 		}
 		binding := &Binding{
@@ -323,6 +342,9 @@ func createStructDescriptor(cfg *frozenConfig, typ reflect.Type, bindings []*Bin
 	for _, extension := range extensions {
 		extension.UpdateStructDescriptor(structDescriptor)
 	}
+	for _, extension := range cfg.extensions {
+		extension.UpdateStructDescriptor(structDescriptor)
+	}
 	processTags(structDescriptor, cfg)
 	// merge normal & embedded bindings & sort with original order
 	allBindings := sortableBindings(append(embeddedBindings, structDescriptor.Fields...))
diff --git a/vendor/github.com/json-iterator/go/feature_reflect_native.go b/vendor/github.com/json-iterator/go/feature_reflect_native.go
index b37dab3d8a1c..95bd1e87cc5a 100644
--- a/vendor/github.com/json-iterator/go/feature_reflect_native.go
+++ b/vendor/github.com/json-iterator/go/feature_reflect_native.go
@@ -4,6 +4,7 @@ import (
 	"encoding"
 	"encoding/base64"
 	"encoding/json"
+	"reflect"
 	"unsafe"
 )
 
@@ -31,7 +32,9 @@ type intCodec struct {
 }
 
 func (codec *intCodec) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	*((*int)(ptr)) = iter.ReadInt()
+	if !iter.ReadNil() {
+		*((*int)(ptr)) = iter.ReadInt()
+	}
 }
 
 func (codec *intCodec) Encode(ptr unsafe.Pointer, stream *Stream) {
@@ -50,7 +53,9 @@ type uintptrCodec struct {
 }
 
 func (codec *uintptrCodec) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	*((*uintptr)(ptr)) = uintptr(iter.ReadUint64())
+	if !iter.ReadNil() {
+		*((*uintptr)(ptr)) = uintptr(iter.ReadUint64())
+	}
 }
 
 func (codec *uintptrCodec) Encode(ptr unsafe.Pointer, stream *Stream) {
@@ -69,7 +74,9 @@ type int8Codec struct {
 }
 
 func (codec *int8Codec) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	*((*int8)(ptr)) = iter.ReadInt8()
+	if !iter.ReadNil() {
+		*((*int8)(ptr)) = iter.ReadInt8()
+	}
 }
 
 func (codec *int8Codec) Encode(ptr unsafe.Pointer, stream *Stream) {
@@ -88,7 +95,9 @@ type int16Codec struct {
 }
 
 func (codec *int16Codec) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	*((*int16)(ptr)) = iter.ReadInt16()
+	if !iter.ReadNil() {
+		*((*int16)(ptr)) = iter.ReadInt16()
+	}
 }
 
 func (codec *int16Codec) Encode(ptr unsafe.Pointer, stream *Stream) {
@@ -107,7 +116,9 @@ type int32Codec struct {
 }
 
 func (codec *int32Codec) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	*((*int32)(ptr)) = iter.ReadInt32()
+	if !iter.ReadNil() {
+		*((*int32)(ptr)) = iter.ReadInt32()
+	}
 }
 
 func (codec *int32Codec) Encode(ptr unsafe.Pointer, stream *Stream) {
@@ -126,7 +137,9 @@ type int64Codec struct {
 }
 
 func (codec *int64Codec) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	*((*int64)(ptr)) = iter.ReadInt64()
+	if !iter.ReadNil() {
+		*((*int64)(ptr)) = iter.ReadInt64()
+	}
 }
 
 func (codec *int64Codec) Encode(ptr unsafe.Pointer, stream *Stream) {
@@ -145,7 +158,10 @@ type uintCodec struct {
 }
 
 func (codec *uintCodec) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	*((*uint)(ptr)) = iter.ReadUint()
+	if !iter.ReadNil() {
+		*((*uint)(ptr)) = iter.ReadUint()
+		return
+	}
 }
 
 func (codec *uintCodec) Encode(ptr unsafe.Pointer, stream *Stream) {
@@ -164,7 +180,9 @@ type uint8Codec struct {
 }
 
 func (codec *uint8Codec) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	*((*uint8)(ptr)) = iter.ReadUint8()
+	if !iter.ReadNil() {
+		*((*uint8)(ptr)) = iter.ReadUint8()
+	}
 }
 
 func (codec *uint8Codec) Encode(ptr unsafe.Pointer, stream *Stream) {
@@ -183,7 +201,9 @@ type uint16Codec struct {
 }
 
 func (codec *uint16Codec) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	*((*uint16)(ptr)) = iter.ReadUint16()
+	if !iter.ReadNil() {
+		*((*uint16)(ptr)) = iter.ReadUint16()
+	}
 }
 
 func (codec *uint16Codec) Encode(ptr unsafe.Pointer, stream *Stream) {
@@ -202,7 +222,9 @@ type uint32Codec struct {
 }
 
 func (codec *uint32Codec) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	*((*uint32)(ptr)) = iter.ReadUint32()
+	if !iter.ReadNil() {
+		*((*uint32)(ptr)) = iter.ReadUint32()
+	}
 }
 
 func (codec *uint32Codec) Encode(ptr unsafe.Pointer, stream *Stream) {
@@ -221,7 +243,9 @@ type uint64Codec struct {
 }
 
 func (codec *uint64Codec) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	*((*uint64)(ptr)) = iter.ReadUint64()
+	if !iter.ReadNil() {
+		*((*uint64)(ptr)) = iter.ReadUint64()
+	}
 }
 
 func (codec *uint64Codec) Encode(ptr unsafe.Pointer, stream *Stream) {
@@ -240,7 +264,9 @@ type float32Codec struct {
 }
 
 func (codec *float32Codec) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	*((*float32)(ptr)) = iter.ReadFloat32()
+	if !iter.ReadNil() {
+		*((*float32)(ptr)) = iter.ReadFloat32()
+	}
 }
 
 func (codec *float32Codec) Encode(ptr unsafe.Pointer, stream *Stream) {
@@ -259,7 +285,9 @@ type float64Codec struct {
 }
 
 func (codec *float64Codec) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	*((*float64)(ptr)) = iter.ReadFloat64()
+	if !iter.ReadNil() {
+		*((*float64)(ptr)) = iter.ReadFloat64()
+	}
 }
 
 func (codec *float64Codec) Encode(ptr unsafe.Pointer, stream *Stream) {
@@ -278,7 +306,9 @@ type boolCodec struct {
 }
 
 func (codec *boolCodec) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	*((*bool)(ptr)) = iter.ReadBool()
+	if !iter.ReadNil() {
+		*((*bool)(ptr)) = iter.ReadBool()
+	}
 }
 
 func (codec *boolCodec) Encode(ptr unsafe.Pointer, stream *Stream) {
@@ -297,7 +327,42 @@ type emptyInterfaceCodec struct {
 }
 
 func (codec *emptyInterfaceCodec) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	*((*interface{})(ptr)) = iter.Read()
+	existing := *((*interface{})(ptr))
+
+	// Checking for both typed and untyped nil pointers.
+	if existing != nil &&
+		reflect.TypeOf(existing).Kind() == reflect.Ptr &&
+		!reflect.ValueOf(existing).IsNil() {
+
+		var ptrToExisting interface{}
+		for {
+			elem := reflect.ValueOf(existing).Elem()
+			if elem.Kind() != reflect.Ptr || elem.IsNil() {
+				break
+			}
+			ptrToExisting = existing
+			existing = elem.Interface()
+		}
+
+		if iter.ReadNil() {
+			if ptrToExisting != nil {
+				nilPtr := reflect.Zero(reflect.TypeOf(ptrToExisting).Elem())
+				reflect.ValueOf(ptrToExisting).Elem().Set(nilPtr)
+			} else {
+				*((*interface{})(ptr)) = nil
+			}
+		} else {
+			iter.ReadVal(existing)
+		}
+
+		return
+	}
+
+	if iter.ReadNil() {
+		*((*interface{})(ptr)) = nil
+	} else {
+		*((*interface{})(ptr)) = iter.Read()
+	}
 }
 
 func (codec *emptyInterfaceCodec) Encode(ptr unsafe.Pointer, stream *Stream) {
@@ -309,7 +374,8 @@ func (codec *emptyInterfaceCodec) EncodeInterface(val interface{}, stream *Strea
 }
 
 func (codec *emptyInterfaceCodec) IsEmpty(ptr unsafe.Pointer) bool {
-	return ptr == nil
+	emptyInterface := (*emptyInterface)(ptr)
+	return emptyInterface.typ == nil
 }
 
 type nonEmptyInterfaceCodec struct {
@@ -326,15 +392,20 @@ func (codec *nonEmptyInterfaceCodec) Decode(ptr unsafe.Pointer, iter *Iterator)
 	e.typ = nonEmptyInterface.itab.typ
 	e.word = nonEmptyInterface.word
 	iter.ReadVal(&i)
+	if e.word == nil {
+		nonEmptyInterface.itab = nil
+	}
 	nonEmptyInterface.word = e.word
 }
 
 func (codec *nonEmptyInterfaceCodec) Encode(ptr unsafe.Pointer, stream *Stream) {
 	nonEmptyInterface := (*nonEmptyInterface)(ptr)
 	var i interface{}
-	e := (*emptyInterface)(unsafe.Pointer(&i))
-	e.typ = nonEmptyInterface.itab.typ
-	e.word = nonEmptyInterface.word
+	if nonEmptyInterface.itab != nil {
+		e := (*emptyInterface)(unsafe.Pointer(&i))
+		e.typ = nonEmptyInterface.itab.typ
+		e.word = nonEmptyInterface.word
+	}
 	stream.WriteVal(i)
 }
 
@@ -370,7 +441,15 @@ type jsonNumberCodec struct {
 }
 
 func (codec *jsonNumberCodec) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	*((*json.Number)(ptr)) = json.Number([]byte(iter.readNumberAsString()))
+	switch iter.WhatIsNext() {
+	case StringValue:
+		*((*json.Number)(ptr)) = json.Number(iter.ReadString())
+	case NilValue:
+		iter.skipFourBytes('n', 'u', 'l', 'l')
+		*((*json.Number)(ptr)) = ""
+	default:
+		*((*json.Number)(ptr)) = json.Number([]byte(iter.readNumberAsString()))
+	}
 }
 
 func (codec *jsonNumberCodec) Encode(ptr unsafe.Pointer, stream *Stream) {
@@ -389,7 +468,15 @@ type jsoniterNumberCodec struct {
 }
 
 func (codec *jsoniterNumberCodec) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	*((*Number)(ptr)) = Number([]byte(iter.readNumberAsString()))
+	switch iter.WhatIsNext() {
+	case StringValue:
+		*((*Number)(ptr)) = Number(iter.ReadString())
+	case NilValue:
+		iter.skipFourBytes('n', 'u', 'l', 'l')
+		*((*Number)(ptr)) = ""
+	default:
+		*((*Number)(ptr)) = Number([]byte(iter.readNumberAsString()))
+	}
 }
 
 func (codec *jsoniterNumberCodec) Encode(ptr unsafe.Pointer, stream *Stream) {
@@ -521,7 +608,7 @@ type stringModeNumberDecoder struct {
 func (decoder *stringModeNumberDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) {
 	c := iter.nextToken()
 	if c != '"' {
-		iter.ReportError("stringModeNumberDecoder", `expect "`)
+		iter.ReportError("stringModeNumberDecoder", `expect ", but found `+string([]byte{c}))
 		return
 	}
 	decoder.elemDecoder.Decode(ptr, iter)
@@ -530,7 +617,7 @@ func (decoder *stringModeNumberDecoder) Decode(ptr unsafe.Pointer, iter *Iterato
 	}
 	c = iter.readByte()
 	if c != '"' {
-		iter.ReportError("stringModeNumberDecoder", `expect "`)
+		iter.ReportError("stringModeNumberDecoder", `expect ", but found `+string([]byte{c}))
 		return
 	}
 }
@@ -595,7 +682,12 @@ func (encoder *marshalerEncoder) Encode(ptr unsafe.Pointer, stream *Stream) {
 	templateInterface := encoder.templateInterface
 	templateInterface.word = ptr
 	realInterface := (*interface{})(unsafe.Pointer(&templateInterface))
-	marshaler := (*realInterface).(json.Marshaler)
+	marshaler, ok := (*realInterface).(json.Marshaler)
+	if !ok {
+		stream.WriteVal(nil)
+		return
+	}
+
 	bytes, err := marshaler.MarshalJSON()
 	if err != nil {
 		stream.Error = err
diff --git a/vendor/github.com/json-iterator/go/feature_reflect_slice.go b/vendor/github.com/json-iterator/go/feature_reflect_slice.go
index 7377eec7b3bd..51a8daecfba2 100644
--- a/vendor/github.com/json-iterator/go/feature_reflect_slice.go
+++ b/vendor/github.com/json-iterator/go/feature_reflect_slice.go
@@ -21,7 +21,7 @@ func encoderOfSlice(cfg *frozenConfig, typ reflect.Type) (ValEncoder, error) {
 		return nil, err
 	}
 	if typ.Elem().Kind() == reflect.Map {
-		encoder = &optionalEncoder{encoder}
+		encoder = &OptionalEncoder{encoder}
 	}
 	return &sliceEncoder{typ, typ.Elem(), encoder}, nil
 }
@@ -127,12 +127,10 @@ func growOne(slice *sliceHeader, sliceType reflect.Type, elementType reflect.Typ
 	newVal := reflect.MakeSlice(sliceType, newLen, newCap)
 	dst := unsafe.Pointer(newVal.Pointer())
 	// copy old array into new array
-	originalBytesCount := uintptr(slice.Len) * elementType.Size()
-	srcPtr := (*[1 << 30]byte)(slice.Data)
-	dstPtr := (*[1 << 30]byte)(dst)
-	for i := uintptr(0); i < originalBytesCount; i++ {
-		dstPtr[i] = srcPtr[i]
-	}
+	originalBytesCount := slice.Len * int(elementType.Size())
+	srcSliceHeader := (unsafe.Pointer)(&sliceHeader{slice.Data, originalBytesCount, originalBytesCount})
+	dstSliceHeader := (unsafe.Pointer)(&sliceHeader{dst, originalBytesCount, originalBytesCount})
+	copy(*(*[]byte)(dstSliceHeader), *(*[]byte)(srcSliceHeader))
 	slice.Data = dst
 	slice.Len = newLen
 	slice.Cap = newCap
diff --git a/vendor/github.com/json-iterator/go/feature_reflect_struct_decoder.go b/vendor/github.com/json-iterator/go/feature_reflect_struct_decoder.go
index b3417fd73a7f..e6ced77c22e8 100644
--- a/vendor/github.com/json-iterator/go/feature_reflect_struct_decoder.go
+++ b/vendor/github.com/json-iterator/go/feature_reflect_struct_decoder.go
@@ -427,8 +427,18 @@ func (decoder *generalStructDecoder) Decode(ptr unsafe.Pointer, iter *Iterator)
 	if !iter.readObjectStart() {
 		return
 	}
-	fieldBytes := iter.readObjectFieldAsBytes()
-	field := *(*string)(unsafe.Pointer(&fieldBytes))
+	var fieldBytes []byte
+	var field string
+	if iter.cfg.objectFieldMustBeSimpleString {
+		fieldBytes = iter.readObjectFieldAsBytes()
+		field = *(*string)(unsafe.Pointer(&fieldBytes))
+	} else {
+		field = iter.ReadString()
+		c := iter.nextToken()
+		if c != ':' {
+			iter.ReportError("ReadObject", "expect : after object field, but found "+string([]byte{c}))
+		}
+	}
 	fieldDecoder := decoder.fields[strings.ToLower(field)]
 	if fieldDecoder == nil {
 		iter.Skip()
@@ -436,8 +446,16 @@ func (decoder *generalStructDecoder) Decode(ptr unsafe.Pointer, iter *Iterator)
 		fieldDecoder.Decode(ptr, iter)
 	}
 	for iter.nextToken() == ',' {
-		fieldBytes = iter.readObjectFieldAsBytes()
-		field = *(*string)(unsafe.Pointer(&fieldBytes))
+		if iter.cfg.objectFieldMustBeSimpleString {
+			fieldBytes := iter.readObjectFieldAsBytes()
+			field = *(*string)(unsafe.Pointer(&fieldBytes))
+		} else {
+			field = iter.ReadString()
+			c := iter.nextToken()
+			if c != ':' {
+				iter.ReportError("ReadObject", "expect : after object field, but found "+string([]byte{c}))
+			}
+		}
 		fieldDecoder = decoder.fields[strings.ToLower(field)]
 		if fieldDecoder == nil {
 			iter.Skip()
diff --git a/vendor/github.com/json-iterator/go/feature_stream.go b/vendor/github.com/json-iterator/go/feature_stream.go
index 9c8470a03ae3..97355eb5b70c 100644
--- a/vendor/github.com/json-iterator/go/feature_stream.go
+++ b/vendor/github.com/json-iterator/go/feature_stream.go
@@ -4,15 +4,16 @@ import (
 	"io"
 )
 
-// Stream is a io.Writer like object, with JSON specific write functions.
+// stream is a io.Writer like object, with JSON specific write functions.
 // Error is not returned as return value, but stored as Error member on this stream instance.
 type Stream struct {
-	cfg       *frozenConfig
-	out       io.Writer
-	buf       []byte
-	n         int
-	Error     error
-	indention int
+	cfg        *frozenConfig
+	out        io.Writer
+	buf        []byte
+	n          int
+	Error      error
+	indention  int
+	Attachment interface{} // open for customized encoder
 }
 
 // NewStream create new stream instance.
@@ -191,6 +192,9 @@ func (stream *Stream) ensure(minimal int) {
 func (stream *Stream) growAtLeast(minimal int) {
 	if stream.out != nil {
 		stream.Flush()
+		if stream.Available() >= minimal {
+			return
+		}
 	}
 	toGrow := len(stream.buf)
 	if toGrow < minimal {
@@ -280,8 +284,7 @@ func (stream *Stream) WriteArrayStart() {
 
 // WriteEmptyArray write []
 func (stream *Stream) WriteEmptyArray() {
-	stream.writeByte('[')
-	stream.writeByte(']')
+	stream.writeTwoBytes('[', ']')
 }
 
 // WriteArrayEnd write ] with possible indention
diff --git a/vendor/github.com/juju/ratelimit/LICENSE b/vendor/github.com/juju/ratelimit/LICENSE
deleted file mode 100644
index ade9307b390c..000000000000
--- a/vendor/github.com/juju/ratelimit/LICENSE
+++ /dev/null
@@ -1,191 +0,0 @@
-All files in this repository are licensed as follows. If you contribute
-to this repository, it is assumed that you license your contribution
-under the same license unless you state otherwise.
-
-All files Copyright (C) 2015 Canonical Ltd. unless otherwise specified in the file.
-
-This software is licensed under the LGPLv3, included below.
-
-As a special exception to the GNU Lesser General Public License version 3
-("LGPL3"), the copyright holders of this Library give you permission to
-convey to a third party a Combined Work that links statically or dynamically
-to this Library without providing any Minimal Corresponding Source or
-Minimal Application Code as set out in 4d or providing the installation
-information set out in section 4e, provided that you comply with the other
-provisions of LGPL3 and provided that you meet, for the Application the
-terms and conditions of the license(s) which apply to the Application.
-
-Except as stated in this special exception, the provisions of LGPL3 will
-continue to comply in full to this Library. If you modify this Library, you
-may apply this exception to your version of this Library, but you are not
-obliged to do so. If you do not wish to do so, delete this exception
-statement from your version. This exception does not (and cannot) modify any
-license terms which apply to the Application, with which you must still
-comply.
-
-
-                   GNU LESSER GENERAL PUBLIC LICENSE
-                       Version 3, 29 June 2007
-
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-
-  This version of the GNU Lesser General Public License incorporates
-the terms and conditions of version 3 of the GNU General Public
-License, supplemented by the additional permissions listed below.
-
-  0. Additional Definitions.
-
-  As used herein, "this License" refers to version 3 of the GNU Lesser
-General Public License, and the "GNU GPL" refers to version 3 of the GNU
-General Public License.
-
-  "The Library" refers to a covered work governed by this License,
-other than an Application or a Combined Work as defined below.
-
-  An "Application" is any work that makes use of an interface provided
-by the Library, but which is not otherwise based on the Library.
-Defining a subclass of a class defined by the Library is deemed a mode
-of using an interface provided by the Library.
-
-  A "Combined Work" is a work produced by combining or linking an
-Application with the Library.  The particular version of the Library
-with which the Combined Work was made is also called the "Linked
-Version".
-
-  The "Minimal Corresponding Source" for a Combined Work means the
-Corresponding Source for the Combined Work, excluding any source code
-for portions of the Combined Work that, considered in isolation, are
-based on the Application, and not on the Linked Version.
-
-  The "Corresponding Application Code" for a Combined Work means the
-object code and/or source code for the Application, including any data
-and utility programs needed for reproducing the Combined Work from the
-Application, but excluding the System Libraries of the Combined Work.
-
-  1. Exception to Section 3 of the GNU GPL.
-
-  You may convey a covered work under sections 3 and 4 of this License
-without being bound by section 3 of the GNU GPL.
-
-  2. Conveying Modified Versions.
-
-  If you modify a copy of the Library, and, in your modifications, a
-facility refers to a function or data to be supplied by an Application
-that uses the facility (other than as an argument passed when the
-facility is invoked), then you may convey a copy of the modified
-version:
-
-   a) under this License, provided that you make a good faith effort to
-   ensure that, in the event an Application does not supply the
-   function or data, the facility still operates, and performs
-   whatever part of its purpose remains meaningful, or
-
-   b) under the GNU GPL, with none of the additional permissions of
-   this License applicable to that copy.
-
-  3. Object Code Incorporating Material from Library Header Files.
-
-  The object code form of an Application may incorporate material from
-a header file that is part of the Library.  You may convey such object
-code under terms of your choice, provided that, if the incorporated
-material is not limited to numerical parameters, data structure
-layouts and accessors, or small macros, inline functions and templates
-(ten or fewer lines in length), you do both of the following:
-
-   a) Give prominent notice with each copy of the object code that the
-   Library is used in it and that the Library and its use are
-   covered by this License.
-
-   b) Accompany the object code with a copy of the GNU GPL and this license
-   document.
-
-  4. Combined Works.
-
-  You may convey a Combined Work under terms of your choice that,
-taken together, effectively do not restrict modification of the
-portions of the Library contained in the Combined Work and reverse
-engineering for debugging such modifications, if you also do each of
-the following:
-
-   a) Give prominent notice with each copy of the Combined Work that
-   the Library is used in it and that the Library and its use are
-   covered by this License.
-
-   b) Accompany the Combined Work with a copy of the GNU GPL and this license
-   document.
-
-   c) For a Combined Work that displays copyright notices during
-   execution, include the copyright notice for the Library among
-   these notices, as well as a reference directing the user to the
-   copies of the GNU GPL and this license document.
-
-   d) Do one of the following:
-
-       0) Convey the Minimal Corresponding Source under the terms of this
-       License, and the Corresponding Application Code in a form
-       suitable for, and under terms that permit, the user to
-       recombine or relink the Application with a modified version of
-       the Linked Version to produce a modified Combined Work, in the
-       manner specified by section 6 of the GNU GPL for conveying
-       Corresponding Source.
-
-       1) Use a suitable shared library mechanism for linking with the
-       Library.  A suitable mechanism is one that (a) uses at run time
-       a copy of the Library already present on the user's computer
-       system, and (b) will operate properly with a modified version
-       of the Library that is interface-compatible with the Linked
-       Version.
-
-   e) Provide Installation Information, but only if you would otherwise
-   be required to provide such information under section 6 of the
-   GNU GPL, and only to the extent that such information is
-   necessary to install and execute a modified version of the
-   Combined Work produced by recombining or relinking the
-   Application with a modified version of the Linked Version. (If
-   you use option 4d0, the Installation Information must accompany
-   the Minimal Corresponding Source and Corresponding Application
-   Code. If you use option 4d1, you must provide the Installation
-   Information in the manner specified by section 6 of the GNU GPL
-   for conveying Corresponding Source.)
-
-  5. Combined Libraries.
-
-  You may place library facilities that are a work based on the
-Library side by side in a single library together with other library
-facilities that are not Applications and are not covered by this
-License, and convey such a combined library under terms of your
-choice, if you do both of the following:
-
-   a) Accompany the combined library with a copy of the same work based
-   on the Library, uncombined with any other library facilities,
-   conveyed under the terms of this License.
-
-   b) Give prominent notice with the combined library that part of it
-   is a work based on the Library, and explaining where to find the
-   accompanying uncombined form of the same work.
-
-  6. Revised Versions of the GNU Lesser General Public License.
-
-  The Free Software Foundation may publish revised and/or new versions
-of the GNU Lesser General Public License from time to time. Such new
-versions will be similar in spirit to the present version, but may
-differ in detail to address new problems or concerns.
-
-  Each version is given a distinguishing version number. If the
-Library as you received it specifies that a certain numbered version
-of the GNU Lesser General Public License "or any later version"
-applies to it, you have the option of following the terms and
-conditions either of that published version or of any later version
-published by the Free Software Foundation. If the Library as you
-received it does not specify a version number of the GNU Lesser
-General Public License, you may choose any version of the GNU Lesser
-General Public License ever published by the Free Software Foundation.
-
-  If the Library as you received it specifies that a proxy can decide
-whether future versions of the GNU Lesser General Public License shall
-apply, that proxy's public statement of acceptance of any version is
-permanent authorization for you to choose that version for the
-Library.
diff --git a/vendor/github.com/juju/ratelimit/README.md b/vendor/github.com/juju/ratelimit/README.md
deleted file mode 100644
index a0fdfe2b128a..000000000000
--- a/vendor/github.com/juju/ratelimit/README.md
+++ /dev/null
@@ -1,117 +0,0 @@
-# ratelimit
---
-    import "github.com/juju/ratelimit"
-
-The ratelimit package provides an efficient token bucket implementation. See
-http://en.wikipedia.org/wiki/Token_bucket.
-
-## Usage
-
-#### func  Reader
-
-```go
-func Reader(r io.Reader, bucket *Bucket) io.Reader
-```
-Reader returns a reader that is rate limited by the given token bucket. Each
-token in the bucket represents one byte.
-
-#### func  Writer
-
-```go
-func Writer(w io.Writer, bucket *Bucket) io.Writer
-```
-Writer returns a writer that is rate limited by the given token bucket. Each
-token in the bucket represents one byte.
-
-#### type Bucket
-
-```go
-type Bucket struct {
-}
-```
-
-Bucket represents a token bucket that fills at a predetermined rate. Methods on
-Bucket may be called concurrently.
-
-#### func  NewBucket
-
-```go
-func NewBucket(fillInterval time.Duration, capacity int64) *Bucket
-```
-NewBucket returns a new token bucket that fills at the rate of one token every
-fillInterval, up to the given maximum capacity. Both arguments must be positive.
-The bucket is initially full.
-
-#### func  NewBucketWithQuantum
-
-```go
-func NewBucketWithQuantum(fillInterval time.Duration, capacity, quantum int64) *Bucket
-```
-NewBucketWithQuantum is similar to NewBucket, but allows the specification of
-the quantum size - quantum tokens are added every fillInterval.
-
-#### func  NewBucketWithRate
-
-```go
-func NewBucketWithRate(rate float64, capacity int64) *Bucket
-```
-NewBucketWithRate returns a token bucket that fills the bucket at the rate of
-rate tokens per second up to the given maximum capacity. Because of limited
-clock resolution, at high rates, the actual rate may be up to 1% different from
-the specified rate.
-
-#### func (*Bucket) Rate
-
-```go
-func (tb *Bucket) Rate() float64
-```
-Rate returns the fill rate of the bucket, in tokens per second.
-
-#### func (*Bucket) Take
-
-```go
-func (tb *Bucket) Take(count int64) time.Duration
-```
-Take takes count tokens from the bucket without blocking. It returns the time
-that the caller should wait until the tokens are actually available.
-
-Note that if the request is irrevocable - there is no way to return tokens to
-the bucket once this method commits us to taking them.
-
-#### func (*Bucket) TakeAvailable
-
-```go
-func (tb *Bucket) TakeAvailable(count int64) int64
-```
-TakeAvailable takes up to count immediately available tokens from the bucket. It
-returns the number of tokens removed, or zero if there are no available tokens.
-It does not block.
-
-#### func (*Bucket) TakeMaxDuration
-
-```go
-func (tb *Bucket) TakeMaxDuration(count int64, maxWait time.Duration) (time.Duration, bool)
-```
-TakeMaxDuration is like Take, except that it will only take tokens from the
-bucket if the wait time for the tokens is no greater than maxWait.
-
-If it would take longer than maxWait for the tokens to become available, it does
-nothing and reports false, otherwise it returns the time that the caller should
-wait until the tokens are actually available, and reports true.
-
-#### func (*Bucket) Wait
-
-```go
-func (tb *Bucket) Wait(count int64)
-```
-Wait takes count tokens from the bucket, waiting until they are available.
-
-#### func (*Bucket) WaitMaxDuration
-
-```go
-func (tb *Bucket) WaitMaxDuration(count int64, maxWait time.Duration) bool
-```
-WaitMaxDuration is like Wait except that it will only take tokens from the
-bucket if it needs to wait for no greater than maxWait. It reports whether any
-tokens have been removed from the bucket If no tokens have been removed, it
-returns immediately.
diff --git a/vendor/github.com/juju/ratelimit/ratelimit.go b/vendor/github.com/juju/ratelimit/ratelimit.go
deleted file mode 100644
index 1c3f25b2ec45..000000000000
--- a/vendor/github.com/juju/ratelimit/ratelimit.go
+++ /dev/null
@@ -1,284 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the LGPLv3 with static-linking exception.
-// See LICENCE file for details.
-
-// Package ratelimit provides an efficient token bucket implementation
-// that can be used to limit the rate of arbitrary things.
-// See http://en.wikipedia.org/wiki/Token_bucket.
-package ratelimit
-
-import (
-	"math"
-	"strconv"
-	"sync"
-	"time"
-)
-
-// Bucket represents a token bucket that fills at a predetermined rate.
-// Methods on Bucket may be called concurrently.
-type Bucket struct {
-	startTime    time.Time
-	capacity     int64
-	quantum      int64
-	fillInterval time.Duration
-	clock        Clock
-
-	// The mutex guards the fields following it.
-	mu sync.Mutex
-
-	// avail holds the number of available tokens
-	// in the bucket, as of availTick ticks from startTime.
-	// It will be negative when there are consumers
-	// waiting for tokens.
-	avail     int64
-	availTick int64
-}
-
-// Clock is used to inject testable fakes.
-type Clock interface {
-	Now() time.Time
-	Sleep(d time.Duration)
-}
-
-// realClock implements Clock in terms of standard time functions.
-type realClock struct{}
-
-// Now is identical to time.Now.
-func (realClock) Now() time.Time {
-	return time.Now()
-}
-
-// Sleep is identical to time.Sleep.
-func (realClock) Sleep(d time.Duration) {
-	time.Sleep(d)
-}
-
-// NewBucket returns a new token bucket that fills at the
-// rate of one token every fillInterval, up to the given
-// maximum capacity. Both arguments must be
-// positive. The bucket is initially full.
-func NewBucket(fillInterval time.Duration, capacity int64) *Bucket {
-	return NewBucketWithClock(fillInterval, capacity, realClock{})
-}
-
-// NewBucketWithClock is identical to NewBucket but injects a testable clock
-// interface.
-func NewBucketWithClock(fillInterval time.Duration, capacity int64, clock Clock) *Bucket {
-	return NewBucketWithQuantumAndClock(fillInterval, capacity, 1, clock)
-}
-
-// rateMargin specifes the allowed variance of actual
-// rate from specified rate. 1% seems reasonable.
-const rateMargin = 0.01
-
-// NewBucketWithRate returns a token bucket that fills the bucket
-// at the rate of rate tokens per second up to the given
-// maximum capacity. Because of limited clock resolution,
-// at high rates, the actual rate may be up to 1% different from the
-// specified rate.
-func NewBucketWithRate(rate float64, capacity int64) *Bucket {
-	return NewBucketWithRateAndClock(rate, capacity, realClock{})
-}
-
-// NewBucketWithRateAndClock is identical to NewBucketWithRate but injects a
-// testable clock interface.
-func NewBucketWithRateAndClock(rate float64, capacity int64, clock Clock) *Bucket {
-	for quantum := int64(1); quantum < 1<<50; quantum = nextQuantum(quantum) {
-		fillInterval := time.Duration(1e9 * float64(quantum) / rate)
-		if fillInterval <= 0 {
-			continue
-		}
-		tb := NewBucketWithQuantumAndClock(fillInterval, capacity, quantum, clock)
-		if diff := math.Abs(tb.Rate() - rate); diff/rate <= rateMargin {
-			return tb
-		}
-	}
-	panic("cannot find suitable quantum for " + strconv.FormatFloat(rate, 'g', -1, 64))
-}
-
-// nextQuantum returns the next quantum to try after q.
-// We grow the quantum exponentially, but slowly, so we
-// get a good fit in the lower numbers.
-func nextQuantum(q int64) int64 {
-	q1 := q * 11 / 10
-	if q1 == q {
-		q1++
-	}
-	return q1
-}
-
-// NewBucketWithQuantum is similar to NewBucket, but allows
-// the specification of the quantum size - quantum tokens
-// are added every fillInterval.
-func NewBucketWithQuantum(fillInterval time.Duration, capacity, quantum int64) *Bucket {
-	return NewBucketWithQuantumAndClock(fillInterval, capacity, quantum, realClock{})
-}
-
-// NewBucketWithQuantumAndClock is identical to NewBucketWithQuantum but injects
-// a testable clock interface.
-func NewBucketWithQuantumAndClock(fillInterval time.Duration, capacity, quantum int64, clock Clock) *Bucket {
-	if fillInterval <= 0 {
-		panic("token bucket fill interval is not > 0")
-	}
-	if capacity <= 0 {
-		panic("token bucket capacity is not > 0")
-	}
-	if quantum <= 0 {
-		panic("token bucket quantum is not > 0")
-	}
-	return &Bucket{
-		clock:        clock,
-		startTime:    clock.Now(),
-		capacity:     capacity,
-		quantum:      quantum,
-		avail:        capacity,
-		fillInterval: fillInterval,
-	}
-}
-
-// Wait takes count tokens from the bucket, waiting until they are
-// available.
-func (tb *Bucket) Wait(count int64) {
-	if d := tb.Take(count); d > 0 {
-		tb.clock.Sleep(d)
-	}
-}
-
-// WaitMaxDuration is like Wait except that it will
-// only take tokens from the bucket if it needs to wait
-// for no greater than maxWait. It reports whether
-// any tokens have been removed from the bucket
-// If no tokens have been removed, it returns immediately.
-func (tb *Bucket) WaitMaxDuration(count int64, maxWait time.Duration) bool {
-	d, ok := tb.TakeMaxDuration(count, maxWait)
-	if d > 0 {
-		tb.clock.Sleep(d)
-	}
-	return ok
-}
-
-const infinityDuration time.Duration = 0x7fffffffffffffff
-
-// Take takes count tokens from the bucket without blocking. It returns
-// the time that the caller should wait until the tokens are actually
-// available.
-//
-// Note that if the request is irrevocable - there is no way to return
-// tokens to the bucket once this method commits us to taking them.
-func (tb *Bucket) Take(count int64) time.Duration {
-	d, _ := tb.take(tb.clock.Now(), count, infinityDuration)
-	return d
-}
-
-// TakeMaxDuration is like Take, except that
-// it will only take tokens from the bucket if the wait
-// time for the tokens is no greater than maxWait.
-//
-// If it would take longer than maxWait for the tokens
-// to become available, it does nothing and reports false,
-// otherwise it returns the time that the caller should
-// wait until the tokens are actually available, and reports
-// true.
-func (tb *Bucket) TakeMaxDuration(count int64, maxWait time.Duration) (time.Duration, bool) {
-	return tb.take(tb.clock.Now(), count, maxWait)
-}
-
-// TakeAvailable takes up to count immediately available tokens from the
-// bucket. It returns the number of tokens removed, or zero if there are
-// no available tokens. It does not block.
-func (tb *Bucket) TakeAvailable(count int64) int64 {
-	return tb.takeAvailable(tb.clock.Now(), count)
-}
-
-// takeAvailable is the internal version of TakeAvailable - it takes the
-// current time as an argument to enable easy testing.
-func (tb *Bucket) takeAvailable(now time.Time, count int64) int64 {
-	if count <= 0 {
-		return 0
-	}
-	tb.mu.Lock()
-	defer tb.mu.Unlock()
-
-	tb.adjust(now)
-	if tb.avail <= 0 {
-		return 0
-	}
-	if count > tb.avail {
-		count = tb.avail
-	}
-	tb.avail -= count
-	return count
-}
-
-// Available returns the number of available tokens. It will be negative
-// when there are consumers waiting for tokens. Note that if this
-// returns greater than zero, it does not guarantee that calls that take
-// tokens from the buffer will succeed, as the number of available
-// tokens could have changed in the meantime. This method is intended
-// primarily for metrics reporting and debugging.
-func (tb *Bucket) Available() int64 {
-	return tb.available(tb.clock.Now())
-}
-
-// available is the internal version of available - it takes the current time as
-// an argument to enable easy testing.
-func (tb *Bucket) available(now time.Time) int64 {
-	tb.mu.Lock()
-	defer tb.mu.Unlock()
-	tb.adjust(now)
-	return tb.avail
-}
-
-// Capacity returns the capacity that the bucket was created with.
-func (tb *Bucket) Capacity() int64 {
-	return tb.capacity
-}
-
-// Rate returns the fill rate of the bucket, in tokens per second.
-func (tb *Bucket) Rate() float64 {
-	return 1e9 * float64(tb.quantum) / float64(tb.fillInterval)
-}
-
-// take is the internal version of Take - it takes the current time as
-// an argument to enable easy testing.
-func (tb *Bucket) take(now time.Time, count int64, maxWait time.Duration) (time.Duration, bool) {
-	if count <= 0 {
-		return 0, true
-	}
-	tb.mu.Lock()
-	defer tb.mu.Unlock()
-
-	currentTick := tb.adjust(now)
-	avail := tb.avail - count
-	if avail >= 0 {
-		tb.avail = avail
-		return 0, true
-	}
-	// Round up the missing tokens to the nearest multiple
-	// of quantum - the tokens won't be available until
-	// that tick.
-	endTick := currentTick + (-avail+tb.quantum-1)/tb.quantum
-	endTime := tb.startTime.Add(time.Duration(endTick) * tb.fillInterval)
-	waitTime := endTime.Sub(now)
-	if waitTime > maxWait {
-		return 0, false
-	}
-	tb.avail = avail
-	return waitTime, true
-}
-
-// adjust adjusts the current bucket capacity based on the current time.
-// It returns the current tick.
-func (tb *Bucket) adjust(now time.Time) (currentTick int64) {
-	currentTick = int64(now.Sub(tb.startTime) / tb.fillInterval)
-
-	if tb.avail >= tb.capacity {
-		return
-	}
-	tb.avail += (currentTick - tb.availTick) * tb.quantum
-	if tb.avail > tb.capacity {
-		tb.avail = tb.capacity
-	}
-	tb.availTick = currentTick
-	return
-}
diff --git a/vendor/github.com/juju/ratelimit/reader.go b/vendor/github.com/juju/ratelimit/reader.go
deleted file mode 100644
index 6403bf78d4a5..000000000000
--- a/vendor/github.com/juju/ratelimit/reader.go
+++ /dev/null
@@ -1,51 +0,0 @@
-// Copyright 2014 Canonical Ltd.
-// Licensed under the LGPLv3 with static-linking exception.
-// See LICENCE file for details.
-
-package ratelimit
-
-import "io"
-
-type reader struct {
-	r      io.Reader
-	bucket *Bucket
-}
-
-// Reader returns a reader that is rate limited by
-// the given token bucket. Each token in the bucket
-// represents one byte.
-func Reader(r io.Reader, bucket *Bucket) io.Reader {
-	return &reader{
-		r:      r,
-		bucket: bucket,
-	}
-}
-
-func (r *reader) Read(buf []byte) (int, error) {
-	n, err := r.r.Read(buf)
-	if n <= 0 {
-		return n, err
-	}
-	r.bucket.Wait(int64(n))
-	return n, err
-}
-
-type writer struct {
-	w      io.Writer
-	bucket *Bucket
-}
-
-// Writer returns a reader that is rate limited by
-// the given token bucket. Each token in the bucket
-// represents one byte.
-func Writer(w io.Writer, bucket *Bucket) io.Writer {
-	return &writer{
-		w:      w,
-		bucket: bucket,
-	}
-}
-
-func (w *writer) Write(buf []byte) (int, error) {
-	w.bucket.Wait(int64(len(buf)))
-	return w.w.Write(buf)
-}
diff --git a/vendor/github.com/marstr/guid/.travis.yml b/vendor/github.com/marstr/guid/.travis.yml
new file mode 100644
index 000000000000..35158ec532dd
--- /dev/null
+++ b/vendor/github.com/marstr/guid/.travis.yml
@@ -0,0 +1,18 @@
+sudo: false
+
+language: go
+
+go:
+ - 1.7
+ - 1.8
+
+install:
+    - go get -u github.com/golang/lint/golint
+    - go get -u github.com/HewlettPackard/gas
+
+script:
+    - golint --set_exit_status
+    - go vet
+    - go test -v -cover -race
+    - go test -bench .
+    - gas ./...
\ No newline at end of file
diff --git a/vendor/github.com/marstr/guid/LICENSE.txt b/vendor/github.com/marstr/guid/LICENSE.txt
new file mode 100644
index 000000000000..e18a0841a1c4
--- /dev/null
+++ b/vendor/github.com/marstr/guid/LICENSE.txt
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2016 Martin Strobel
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
\ No newline at end of file
diff --git a/vendor/github.com/marstr/guid/README.md b/vendor/github.com/marstr/guid/README.md
new file mode 100644
index 000000000000..355fad16d273
--- /dev/null
+++ b/vendor/github.com/marstr/guid/README.md
@@ -0,0 +1,27 @@
+[![Build Status](https://travis-ci.org/marstr/guid.svg?branch=master)](https://travis-ci.org/marstr/guid)
+[![GoDoc](https://godoc.org/github.com/marstr/guid?status.svg)](https://godoc.org/github.com/marstr/guid)
+[![Go Report Card](https://goreportcard.com/badge/github.com/marstr/guid)](https://goreportcard.com/report/github.com/marstr/guid)
+
+# Guid
+Globally unique identifiers offer a quick means of generating non-colliding values across a distributed system. For this implemenation, [RFC 4122](http://ietf.org/rfc/rfc4122.txt) governs the desired behavior.
+
+## What's in a name?
+You have likely already noticed that RFC and some implementations refer to these structures as UUIDs (Universally Unique Identifiers), where as this project is annotated as  GUIDs (Globally Unique Identifiers). The name Guid was selected to make clear this project's ties to the [.NET struct Guid.](https://msdn.microsoft.com/en-us/library/system.guid(v=vs.110).aspx) The most obvious relationship is the desire to have the same format specifiers available in this library's Format and Parse methods as .NET would have in its ToString and Parse methods.
+
+# Installation
+- Ensure you have the [Go Programming Language](https://golang.org/) installed on your system.
+- Run the command: `go get -u github.com/marstr/guid`
+
+# Contribution
+Contributions are welcome! Feel free to send Pull Requests. Continuous Integration will ensure that you have conformed to Go conventions. Please remember to add tests for your changes.
+
+# Versioning
+This library will adhere to the
+[Semantic Versioning 2.0.0](http://semver.org/spec/v2.0.0.html) specification. It may be worth noting this should allow for tools like [glide](https://glide.readthedocs.io/en/latest/) to pull in this library with ease.
+
+The Release Notes portion of this file will be updated to reflect the most recent major/minor updates, with the option to tag particular bug-fixes as well. Updates to the Release Notes for patches should be addative, where as major/minor updates should replace the previous version. If one desires to see the release notes for an older version, checkout that version of code and open this file.
+
+# Release Notes 1.1.*
+
+## v1.1.0
+Adding support for JSON marshaling and unmarshaling.
diff --git a/vendor/github.com/marstr/guid/guid.go b/vendor/github.com/marstr/guid/guid.go
new file mode 100644
index 000000000000..51b038b75cdc
--- /dev/null
+++ b/vendor/github.com/marstr/guid/guid.go
@@ -0,0 +1,301 @@
+package guid
+
+import (
+	"bytes"
+	"crypto/rand"
+	"errors"
+	"fmt"
+	"net"
+	"strings"
+	"sync"
+	"time"
+)
+
+// GUID is a unique identifier designed to virtually guarantee non-conflict between values generated
+// across a distributed system.
+type GUID struct {
+	timeHighAndVersion      uint16
+	timeMid                 uint16
+	timeLow                 uint32
+	clockSeqHighAndReserved uint8
+	clockSeqLow             uint8
+	node                    [6]byte
+}
+
+// Format enumerates the values that are supported by Parse and Format
+type Format string
+
+// These constants define the possible string formats available via this implementation of Guid.
+const (
+	FormatB       Format = "B" // {00000000-0000-0000-0000-000000000000}
+	FormatD       Format = "D" // 00000000-0000-0000-0000-000000000000
+	FormatN       Format = "N" // 00000000000000000000000000000000
+	FormatP       Format = "P" // (00000000-0000-0000-0000-000000000000)
+	FormatX       Format = "X" // {0x00000000,0x0000,0x0000,{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}}
+	FormatDefault Format = FormatD
+)
+
+// CreationStrategy enumerates the values that are supported for populating the bits of a new Guid.
+type CreationStrategy string
+
+// These constants define the possible creation strategies available via this implementation of Guid.
+const (
+	CreationStrategyVersion1 CreationStrategy = "version1"
+	CreationStrategyVersion2 CreationStrategy = "version2"
+	CreationStrategyVersion3 CreationStrategy = "version3"
+	CreationStrategyVersion4 CreationStrategy = "version4"
+	CreationStrategyVersion5 CreationStrategy = "version5"
+)
+
+var emptyGUID GUID
+
+// NewGUID generates and returns a new globally unique identifier
+func NewGUID() GUID {
+	result, err := version4()
+	if err != nil {
+		panic(err) //Version 4 (pseudo-random GUID) doesn't use anything that could fail.
+	}
+	return result
+}
+
+var knownStrategies = map[CreationStrategy]func() (GUID, error){
+	CreationStrategyVersion1: version1,
+	CreationStrategyVersion4: version4,
+}
+
+// NewGUIDs generates and returns a new globally unique identifier that conforms to the given strategy.
+func NewGUIDs(strategy CreationStrategy) (GUID, error) {
+	if creator, present := knownStrategies[strategy]; present {
+		result, err := creator()
+		return result, err
+	}
+	return emptyGUID, errors.New("Unsupported CreationStrategy")
+}
+
+// Empty returns a copy of the default and empty GUID.
+func Empty() GUID {
+	return emptyGUID
+}
+
+var knownFormats = map[Format]string{
+	FormatN: "%08x%04x%04x%02x%02x%02x%02x%02x%02x%02x%02x",
+	FormatD: "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x",
+	FormatB: "{%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x}",
+	FormatP: "(%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x)",
+	FormatX: "{0x%08x,0x%04x,0x%04x,{0x%02x,0x%02x,0x%02x,0x%02x,0x%02x,0x%02x,0x%02x,0x%02x}}",
+}
+
+// MarshalJSON writes a GUID as a JSON string.
+func (guid GUID) MarshalJSON() (marshaled []byte, err error) {
+	buf := bytes.Buffer{}
+
+	_, err = buf.WriteRune('"')
+	buf.WriteString(guid.String())
+	buf.WriteRune('"')
+
+	marshaled = buf.Bytes()
+	return
+}
+
+// Parse instantiates a GUID from a text representation of the same GUID.
+// This is the inverse of function family String()
+func Parse(value string) (GUID, error) {
+	var guid GUID
+	for _, fullFormat := range knownFormats {
+		parity, err := fmt.Sscanf(
+			value,
+			fullFormat,
+			&guid.timeLow,
+			&guid.timeMid,
+			&guid.timeHighAndVersion,
+			&guid.clockSeqHighAndReserved,
+			&guid.clockSeqLow,
+			&guid.node[0],
+			&guid.node[1],
+			&guid.node[2],
+			&guid.node[3],
+			&guid.node[4],
+			&guid.node[5])
+		if parity == 11 && err == nil {
+			return guid, err
+		}
+	}
+	return emptyGUID, fmt.Errorf("\"%s\" is not in a recognized format", value)
+}
+
+// String returns a text representation of a GUID in the default format.
+func (guid GUID) String() string {
+	return guid.Stringf(FormatDefault)
+}
+
+// Stringf returns a text representation of a GUID that conforms to the specified format.
+// If an unrecognized format is provided, the empty string is returned.
+func (guid GUID) Stringf(format Format) string {
+	if format == "" {
+		format = FormatDefault
+	}
+	fullFormat, present := knownFormats[format]
+	if !present {
+		return ""
+	}
+	return fmt.Sprintf(
+		fullFormat,
+		guid.timeLow,
+		guid.timeMid,
+		guid.timeHighAndVersion,
+		guid.clockSeqHighAndReserved,
+		guid.clockSeqLow,
+		guid.node[0],
+		guid.node[1],
+		guid.node[2],
+		guid.node[3],
+		guid.node[4],
+		guid.node[5])
+}
+
+// UnmarshalJSON parses a GUID from a JSON string token.
+func (guid *GUID) UnmarshalJSON(marshaled []byte) (err error) {
+	if len(marshaled) < 2 {
+		err = errors.New("JSON GUID must be surrounded by quotes")
+		return
+	}
+	stripped := marshaled[1 : len(marshaled)-1]
+	*guid, err = Parse(string(stripped))
+	return
+}
+
+// Version reads a GUID to parse which mechanism of generating GUIDS was employed.
+// Values returned here are documented in rfc4122.txt.
+func (guid GUID) Version() uint {
+	return uint(guid.timeHighAndVersion >> 12)
+}
+
+var unixToGregorianOffset = time.Date(1970, 01, 01, 0, 0, 00, 0, time.UTC).Sub(time.Date(1582, 10, 15, 0, 0, 0, 0, time.UTC))
+
+// getRFC4122Time returns a 60-bit count of 100-nanosecond intervals since 00:00:00.00 October 15th, 1582
+func getRFC4122Time() int64 {
+	currentTime := time.Now().UTC().Add(unixToGregorianOffset).UnixNano()
+	currentTime /= 100
+	return currentTime & 0x0FFFFFFFFFFFFFFF
+}
+
+var clockSeqVal uint16
+var clockSeqKey sync.Mutex
+
+func getClockSequence() (uint16, error) {
+	clockSeqKey.Lock()
+	defer clockSeqKey.Unlock()
+
+	if 0 == clockSeqVal {
+		var temp [2]byte
+		if parity, err := rand.Read(temp[:]); !(2 == parity && nil == err) {
+			return 0, err
+		}
+		clockSeqVal = uint16(temp[0])<<8 | uint16(temp[1])
+	}
+	clockSeqVal++
+	return clockSeqVal, nil
+}
+
+func getMACAddress() (mac [6]byte, err error) {
+	var hostNICs []net.Interface
+
+	hostNICs, err = net.Interfaces()
+	if err != nil {
+		return
+	}
+
+	for _, nic := range hostNICs {
+		var parity int
+
+		parity, err = fmt.Sscanf(
+			strings.ToLower(nic.HardwareAddr.String()),
+			"%02x:%02x:%02x:%02x:%02x:%02x",
+			&mac[0],
+			&mac[1],
+			&mac[2],
+			&mac[3],
+			&mac[4],
+			&mac[5])
+
+		if parity == len(mac) {
+			return
+		}
+	}
+
+	err = fmt.Errorf("No suitable address found")
+
+	return
+}
+
+func version1() (result GUID, err error) {
+	var localMAC [6]byte
+	var clockSeq uint16
+
+	currentTime := getRFC4122Time()
+
+	result.timeLow = uint32(currentTime)
+	result.timeMid = uint16(currentTime >> 32)
+	result.timeHighAndVersion = uint16(currentTime >> 48)
+	if err = result.setVersion(1); err != nil {
+		return emptyGUID, err
+	}
+
+	if localMAC, err = getMACAddress(); nil != err {
+		if parity, err := rand.Read(localMAC[:]); !(len(localMAC) != parity && err == nil) {
+			return emptyGUID, err
+		}
+		localMAC[0] |= 0x1
+	}
+	copy(result.node[:], localMAC[:])
+
+	if clockSeq, err = getClockSequence(); nil != err {
+		return emptyGUID, err
+	}
+
+	result.clockSeqLow = uint8(clockSeq)
+	result.clockSeqHighAndReserved = uint8(clockSeq >> 8)
+
+	result.setReservedBits()
+
+	return
+}
+
+func version4() (GUID, error) {
+	var retval GUID
+	var bits [10]byte
+
+	if parity, err := rand.Read(bits[:]); !(len(bits) == parity && err == nil) {
+		return emptyGUID, err
+	}
+	retval.timeHighAndVersion |= uint16(bits[0]) | uint16(bits[1])<<8
+	retval.timeMid |= uint16(bits[2]) | uint16(bits[3])<<8
+	retval.timeLow |= uint32(bits[4]) | uint32(bits[5])<<8 | uint32(bits[6])<<16 | uint32(bits[7])<<24
+	retval.clockSeqHighAndReserved = uint8(bits[8])
+	retval.clockSeqLow = uint8(bits[9])
+
+	//Randomly set clock-sequence, reserved, and node
+	if written, err := rand.Read(retval.node[:]); !(nil == err && written == len(retval.node)) {
+		retval = emptyGUID
+		return retval, err
+	}
+
+	if err := retval.setVersion(4); nil != err {
+		return emptyGUID, err
+	}
+	retval.setReservedBits()
+
+	return retval, nil
+}
+
+func (guid *GUID) setVersion(version uint16) error {
+	if version > 5 || version == 0 {
+		return fmt.Errorf("While setting GUID version, unsupported version: %d", version)
+	}
+	guid.timeHighAndVersion = (guid.timeHighAndVersion & 0x0fff) | version<<12
+	return nil
+}
+
+func (guid *GUID) setReservedBits() {
+	guid.clockSeqHighAndReserved = (guid.clockSeqHighAndReserved & 0x3f) | 0x80
+}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/SPEC.md b/vendor/github.com/opencontainers/runc/libcontainer/SPEC.md
index e5894c6429da..4363b6f9f4eb 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/SPEC.md
+++ b/vendor/github.com/opencontainers/runc/libcontainer/SPEC.md
@@ -154,6 +154,90 @@ that no processes or threads escape the cgroups.  This sync is
 done via a pipe ( specified in the runtime section below ) that the container's
 init process will block waiting for the parent to finish setup.
 
+### IntelRdt
+
+Intel platforms with new Xeon CPU support Intel Resource Director Technology
+(RDT). Cache Allocation Technology (CAT) is a sub-feature of RDT, which
+currently supports L3 cache resource allocation.
+
+This feature provides a way for the software to restrict cache allocation to a
+defined 'subset' of L3 cache which may be overlapping with other 'subsets'.
+The different subsets are identified by class of service (CLOS) and each CLOS
+has a capacity bitmask (CBM).
+
+It can be used to handle L3 cache resource allocation for containers if
+hardware and kernel support Intel RDT/CAT.
+
+In Linux 4.10 kernel or newer, the interface is defined and exposed via
+"resource control" filesystem, which is a "cgroup-like" interface.
+
+Comparing with cgroups, it has similar process management lifecycle and
+interfaces in a container. But unlike cgroups' hierarchy, it has single level
+filesystem layout.
+
+Intel RDT "resource control" filesystem hierarchy:
+```
+mount -t resctrl resctrl /sys/fs/resctrl
+tree /sys/fs/resctrl
+/sys/fs/resctrl/
+|-- info
+|   |-- L3
+|       |-- cbm_mask
+|       |-- min_cbm_bits
+|       |-- num_closids
+|-- cpus
+|-- schemata
+|-- tasks
+|-- <container_id>
+    |-- cpus
+    |-- schemata
+    |-- tasks
+
+```
+
+For runc, we can make use of `tasks` and `schemata` configuration for L3 cache
+resource constraints.
+
+The file `tasks` has a list of tasks that belongs to this group (e.g.,
+<container_id>" group). Tasks can be added to a group by writing the task ID
+to the "tasks" file  (which will automatically remove them from the previous
+group to which they belonged). New tasks created by fork(2) and clone(2) are
+added to the same group as their parent. If a pid is not in any sub group, it
+is in root group.
+
+The file `schemata` has allocation masks/values for L3 cache on each socket,
+which contains L3 cache id and capacity bitmask (CBM).
+```
+	Format: "L3:<cache_id0>=<cbm0>;<cache_id1>=<cbm1>;..."
+```
+For example, on a two-socket machine, L3's schema line could be `L3:0=ff;1=c0`
+Which means L3 cache id 0's CBM is 0xff, and L3 cache id 1's CBM is 0xc0.
+
+The valid L3 cache CBM is a *contiguous bits set* and number of bits that can
+be set is less than the max bit. The max bits in the CBM is varied among
+supported Intel Xeon platforms. In Intel RDT "resource control" filesystem
+layout, the CBM in a group should be a subset of the CBM in root. Kernel will
+check if it is valid when writing. e.g., 0xfffff in root indicates the max bits
+of CBM is 20 bits, which mapping to entire L3 cache capacity. Some valid CBM
+values to set in a group: 0xf, 0xf0, 0x3ff, 0x1f00 and etc.
+
+For more information about Intel RDT/CAT kernel interface:  
+https://www.kernel.org/doc/Documentation/x86/intel_rdt_ui.txt
+
+An example for runc:
+```
+Consider a two-socket machine with two L3 caches where the default CBM is
+0xfffff and the max CBM length is 20 bits. With this configuration, tasks
+inside the container only have access to the "upper" 80% of L3 cache id 0 and
+the "lower" 50% L3 cache id 1:
+
+"linux": {
+	"intelRdt": {
+		"l3CacheSchema": "L3:0=ffff0;1=3ff"
+	}
+}
+```
+
 ### Security 
 
 The standard set of Linux capabilities that are set in a container
@@ -306,7 +390,7 @@ a container.
 | Exec           | Execute a new process inside of the container  ( requires setns )  |
 | Set            | Setup configs of the container after it's created                  |
 
-### Execute a new process inside of a running container.
+### Execute a new process inside of a running container
 
 User can execute a new process inside of a running container. Any binaries to be
 executed must be accessible within the container's rootfs.
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/apparmor/apparmor.go b/vendor/github.com/opencontainers/runc/libcontainer/apparmor/apparmor.go
index 82ed1a68a698..7fff0627fa1b 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/apparmor/apparmor.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/apparmor/apparmor.go
@@ -2,15 +2,10 @@
 
 package apparmor
 
-// #cgo LDFLAGS: -lapparmor
-// #include <sys/apparmor.h>
-// #include <stdlib.h>
-import "C"
 import (
 	"fmt"
 	"io/ioutil"
 	"os"
-	"unsafe"
 )
 
 // IsEnabled returns true if apparmor is enabled for the host.
@@ -24,16 +19,36 @@ func IsEnabled() bool {
 	return false
 }
 
+func setprocattr(attr, value string) error {
+	// Under AppArmor you can only change your own attr, so use /proc/self/
+	// instead of /proc/<tid>/ like libapparmor does
+	path := fmt.Sprintf("/proc/self/attr/%s", attr)
+
+	f, err := os.OpenFile(path, os.O_WRONLY, 0)
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+
+	_, err = fmt.Fprintf(f, "%s", value)
+	return err
+}
+
+// changeOnExec reimplements aa_change_onexec from libapparmor in Go
+func changeOnExec(name string) error {
+	value := "exec " + name
+	if err := setprocattr("exec", value); err != nil {
+		return fmt.Errorf("apparmor failed to apply profile: %s", err)
+	}
+	return nil
+}
+
 // ApplyProfile will apply the profile with the specified name to the process after
 // the next exec.
 func ApplyProfile(name string) error {
 	if name == "" {
 		return nil
 	}
-	cName := C.CString(name)
-	defer C.free(unsafe.Pointer(cName))
-	if _, err := C.aa_change_onexec(cName); err != nil {
-		return fmt.Errorf("apparmor failed to apply profile: %s", err)
-	}
-	return nil
+
+	return changeOnExec(name)
 }
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/capabilities_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/capabilities_linux.go
index 8981b2a2f523..7c66f5725803 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/capabilities_linux.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/capabilities_linux.go
@@ -4,7 +4,6 @@ package libcontainer
 
 import (
 	"fmt"
-	"os"
 	"strings"
 
 	"github.com/opencontainers/runc/libcontainer/configs"
@@ -72,7 +71,7 @@ func newContainerCapList(capConfig *configs.Capabilities) (*containerCapabilitie
 		}
 		ambient = append(ambient, v)
 	}
-	pid, err := capability.NewPid(os.Getpid())
+	pid, err := capability.NewPid(0)
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/apply_raw.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/apply_raw.go
index 22d82acb4e23..43bdccf3e9dc 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/apply_raw.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/apply_raw.go
@@ -145,8 +145,17 @@ func (m *Manager) Apply(pid int) (err error) {
 		m.Paths[sys.Name()] = p
 
 		if err := sys.Apply(d); err != nil {
+			if os.IsPermission(err) && m.Cgroups.Path == "" {
+				// If we didn't set a cgroup path, then let's defer the error here
+				// until we know whether we have set limits or not.
+				// If we hadn't set limits, then it's ok that we couldn't join this cgroup, because
+				// it will have the same limits as its parent.
+				delete(m.Paths, sys.Name())
+				continue
+			}
 			return err
 		}
+
 	}
 	return nil
 }
@@ -198,6 +207,10 @@ func (m *Manager) Set(container *configs.Config) error {
 	for _, sys := range subsystems {
 		path := paths[sys.Name()]
 		if err := sys.Set(path, container.Cgroups); err != nil {
+			if path == "" {
+				// cgroup never applied
+				return fmt.Errorf("cannot set limits on the %s cgroup, as the container has not joined it", sys.Name())
+			}
 			return err
 		}
 	}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/freezer.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/freezer.go
index e70dfe3b950f..4b19f8a970d7 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/freezer.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs/freezer.go
@@ -29,11 +29,15 @@ func (s *FreezerGroup) Apply(d *cgroupData) error {
 func (s *FreezerGroup) Set(path string, cgroup *configs.Cgroup) error {
 	switch cgroup.Resources.Freezer {
 	case configs.Frozen, configs.Thawed:
-		if err := writeFile(path, "freezer.state", string(cgroup.Resources.Freezer)); err != nil {
-			return err
-		}
-
 		for {
+			// In case this loop does not exit because it doesn't get the expected
+			// state, let's write again this state, hoping it's going to be properly
+			// set this time. Otherwise, this loop could run infinitely, waiting for
+			// a state change that would never happen.
+			if err := writeFile(path, "freezer.state", string(cgroup.Resources.Freezer)); err != nil {
+				return err
+			}
+
 			state, err := readFile(path, "freezer.state")
 			if err != nil {
 				return err
@@ -41,6 +45,7 @@ func (s *FreezerGroup) Set(path string, cgroup *configs.Cgroup) error {
 			if strings.TrimSpace(state) == string(cgroup.Resources.Freezer) {
 				break
 			}
+
 			time.Sleep(1 * time.Millisecond)
 		}
 	case configs.Undefined:
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/rootless/rootless.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/rootless/rootless.go
deleted file mode 100644
index b1efbfd99977..000000000000
--- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/rootless/rootless.go
+++ /dev/null
@@ -1,128 +0,0 @@
-// +build linux
-
-package rootless
-
-import (
-	"fmt"
-
-	"github.com/opencontainers/runc/libcontainer/cgroups"
-	"github.com/opencontainers/runc/libcontainer/cgroups/fs"
-	"github.com/opencontainers/runc/libcontainer/configs"
-	"github.com/opencontainers/runc/libcontainer/configs/validate"
-)
-
-// TODO: This is copied from libcontainer/cgroups/fs, which duplicates this code
-//       needlessly. We should probably export this list.
-
-var subsystems = []subsystem{
-	&fs.CpusetGroup{},
-	&fs.DevicesGroup{},
-	&fs.MemoryGroup{},
-	&fs.CpuGroup{},
-	&fs.CpuacctGroup{},
-	&fs.PidsGroup{},
-	&fs.BlkioGroup{},
-	&fs.HugetlbGroup{},
-	&fs.NetClsGroup{},
-	&fs.NetPrioGroup{},
-	&fs.PerfEventGroup{},
-	&fs.FreezerGroup{},
-	&fs.NameGroup{GroupName: "name=systemd"},
-}
-
-type subsystem interface {
-	// Name returns the name of the subsystem.
-	Name() string
-
-	// Returns the stats, as 'stats', corresponding to the cgroup under 'path'.
-	GetStats(path string, stats *cgroups.Stats) error
-}
-
-// The noop cgroup manager is used for rootless containers, because we currently
-// cannot manage cgroups if we are in a rootless setup. This manager is chosen
-// by factory if we are in rootless mode. We error out if any cgroup options are
-// set in the config -- this may change in the future with upcoming kernel features
-// like the cgroup namespace.
-
-type Manager struct {
-	Cgroups *configs.Cgroup
-	Paths   map[string]string
-}
-
-func (m *Manager) Apply(pid int) error {
-	// If there are no cgroup settings, there's nothing to do.
-	if m.Cgroups == nil {
-		return nil
-	}
-
-	// We can't set paths.
-	// TODO(cyphar): Implement the case where the runner of a rootless container
-	//               owns their own cgroup, which would allow us to set up a
-	//               cgroup for each path.
-	if m.Cgroups.Paths != nil {
-		return fmt.Errorf("cannot change cgroup path in rootless container")
-	}
-
-	// We load the paths into the manager.
-	paths := make(map[string]string)
-	for _, sys := range subsystems {
-		name := sys.Name()
-
-		path, err := cgroups.GetOwnCgroupPath(name)
-		if err != nil {
-			// Ignore paths we couldn't resolve.
-			continue
-		}
-
-		paths[name] = path
-	}
-
-	m.Paths = paths
-	return nil
-}
-
-func (m *Manager) GetPaths() map[string]string {
-	return m.Paths
-}
-
-func (m *Manager) Set(container *configs.Config) error {
-	// We have to re-do the validation here, since someone might decide to
-	// update a rootless container.
-	return validate.New().Validate(container)
-}
-
-func (m *Manager) GetPids() ([]int, error) {
-	dir, err := cgroups.GetOwnCgroupPath("devices")
-	if err != nil {
-		return nil, err
-	}
-	return cgroups.GetPids(dir)
-}
-
-func (m *Manager) GetAllPids() ([]int, error) {
-	dir, err := cgroups.GetOwnCgroupPath("devices")
-	if err != nil {
-		return nil, err
-	}
-	return cgroups.GetAllPids(dir)
-}
-
-func (m *Manager) GetStats() (*cgroups.Stats, error) {
-	// TODO(cyphar): We can make this work if we figure out a way to allow usage
-	//               of cgroups with a rootless container. While this doesn't
-	//               actually require write access to a cgroup directory, the
-	//               statistics are not useful if they can be affected by
-	//               non-container processes.
-	return nil, fmt.Errorf("cannot get cgroup stats in rootless container")
-}
-
-func (m *Manager) Freeze(state configs.FreezerState) error {
-	// TODO(cyphar): We can make this work if we figure out a way to allow usage
-	//               of cgroups with a rootless container.
-	return fmt.Errorf("cannot use freezer cgroup in rootless container")
-}
-
-func (m *Manager) Destroy() error {
-	// We don't have to do anything here because we didn't do any setup.
-	return nil
-}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/systemd/apply_nosystemd.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/systemd/apply_nosystemd.go
index 7de9ae6050bd..a65d8e4432da 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/systemd/apply_nosystemd.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/systemd/apply_nosystemd.go
@@ -1,4 +1,4 @@
-// +build !linux
+// +build !linux static_build
 
 package systemd
 
@@ -43,7 +43,7 @@ func (m *Manager) GetStats() (*cgroups.Stats, error) {
 }
 
 func (m *Manager) Set(container *configs.Config) error {
-	return nil, fmt.Errorf("Systemd not supported")
+	return fmt.Errorf("Systemd not supported")
 }
 
 func (m *Manager) Freeze(state configs.FreezerState) error {
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/systemd/apply_systemd.go b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/systemd/apply_systemd.go
index de89ccbedaae..b5cf33aa8af0 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/cgroups/systemd/apply_systemd.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/cgroups/systemd/apply_systemd.go
@@ -1,4 +1,4 @@
-// +build linux
+// +build linux,!static_build
 
 package systemd
 
@@ -271,6 +271,13 @@ func (m *Manager) Apply(pid int) error {
 	// cpu.cfs_quota_us and cpu.cfs_period_us are controlled by systemd.
 	if c.Resources.CpuQuota != 0 && c.Resources.CpuPeriod != 0 {
 		cpuQuotaPerSecUSec := uint64(c.Resources.CpuQuota*1000000) / c.Resources.CpuPeriod
+		// systemd converts CPUQuotaPerSecUSec (microseconds per CPU second) to CPUQuota
+		// (integer percentage of CPU) internally.  This means that if a fractional percent of
+		// CPU is indicated by Resources.CpuQuota, we need to round up to the nearest
+		// 10ms (1% of a second) such that child cgroups can set the cpu.cfs_quota_us they expect.
+		if cpuQuotaPerSecUSec%10000 != 0 {
+			cpuQuotaPerSecUSec = ((cpuQuotaPerSecUSec / 10000) + 1) * 10000
+		}
 		properties = append(properties,
 			newProp("CPUQuotaPerSecUSec", cpuQuotaPerSecUSec))
 	}
@@ -288,10 +295,13 @@ func (m *Manager) Apply(pid int) error {
 		}
 	}
 
-	if _, err := theConn.StartTransientUnit(unitName, "replace", properties, nil); err != nil && !isUnitExists(err) {
+	statusChan := make(chan string)
+	if _, err := theConn.StartTransientUnit(unitName, "replace", properties, statusChan); err != nil && !isUnitExists(err) {
 		return err
 	}
 
+	<-statusChan
+
 	if err := joinCgroups(c, pid); err != nil {
 		return err
 	}
@@ -385,7 +395,7 @@ func joinCgroups(c *configs.Cgroup, pid int) error {
 
 // systemd represents slice hierarchy using `-`, so we need to follow suit when
 // generating the path of slice. Essentially, test-a-b.slice becomes
-// test.slice/test-a.slice/test-a-b.slice.
+// /test.slice/test-a.slice/test-a-b.slice.
 func ExpandSlice(slice string) (string, error) {
 	suffix := ".slice"
 	// Name has to end with ".slice", but can't be just ".slice".
@@ -411,10 +421,9 @@ func ExpandSlice(slice string) (string, error) {
 		}
 
 		// Append the component to the path and to the prefix.
-		path += prefix + component + suffix + "/"
+		path += "/" + prefix + component + suffix
 		prefix += component + "-"
 	}
-
 	return path, nil
 }
 
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/compat_1.5_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/compat_1.5_linux.go
deleted file mode 100644
index c7bdf1f60a01..000000000000
--- a/vendor/github.com/opencontainers/runc/libcontainer/compat_1.5_linux.go
+++ /dev/null
@@ -1,10 +0,0 @@
-// +build linux,!go1.5
-
-package libcontainer
-
-import "syscall"
-
-// GidMappingsEnableSetgroups was added in Go 1.5, so do nothing when building
-// with earlier versions
-func enableSetgroups(sys *syscall.SysProcAttr) {
-}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_unsupported.go b/vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_unsupported.go
deleted file mode 100644
index 95e2830a4360..000000000000
--- a/vendor/github.com/opencontainers/runc/libcontainer/configs/cgroup_unsupported.go
+++ /dev/null
@@ -1,6 +0,0 @@
-// +build !windows,!linux,!freebsd
-
-package configs
-
-type Cgroup struct {
-}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/configs/config.go b/vendor/github.com/opencontainers/runc/libcontainer/configs/config.go
index 269fffff3577..3cae4fd8d96c 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/configs/config.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/configs/config.go
@@ -187,6 +187,10 @@ type Config struct {
 
 	// Rootless specifies whether the container is a rootless container.
 	Rootless bool `json:"rootless"`
+
+	// IntelRdt specifies settings for Intel RDT/CAT group that the container is placed into
+	// to limit the resources (e.g., L3 cache) the container has available
+	IntelRdt *IntelRdt `json:"intel_rdt,omitempty"`
 }
 
 type Hooks struct {
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/configs/device_defaults.go b/vendor/github.com/opencontainers/runc/libcontainer/configs/device_defaults.go
index 4d348d217ec9..e4f423c523ff 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/configs/device_defaults.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/configs/device_defaults.go
@@ -1,4 +1,4 @@
-// +build linux freebsd
+// +build linux
 
 package configs
 
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/configs/intelrdt.go b/vendor/github.com/opencontainers/runc/libcontainer/configs/intelrdt.go
new file mode 100644
index 000000000000..36bd5f96a112
--- /dev/null
+++ b/vendor/github.com/opencontainers/runc/libcontainer/configs/intelrdt.go
@@ -0,0 +1,7 @@
+package configs
+
+type IntelRdt struct {
+	// The schema for L3 cache id and capacity bitmask (CBM)
+	// Format: "L3:<cache_id0>=<cbm0>;<cache_id1>=<cbm1>;..."
+	L3CacheSchema string `json:"l3_cache_schema,omitempty"`
+}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/configs/validate/rootless.go b/vendor/github.com/opencontainers/runc/libcontainer/configs/validate/rootless.go
index 0cebfaf801a2..7a9f33b7114b 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/configs/validate/rootless.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/configs/validate/rootless.go
@@ -21,13 +21,6 @@ func (v *ConfigValidator) rootless(config *configs.Config) error {
 	if err := rootlessMount(config); err != nil {
 		return err
 	}
-	// Currently, cgroups cannot effectively be used in rootless containers.
-	// The new cgroup namespace doesn't really help us either because it doesn't
-	// have nice interactions with the user namespace (we're working with upstream
-	// to fix this).
-	if err := rootlessCgroup(config); err != nil {
-		return err
-	}
 
 	// XXX: We currently can't verify the user config at all, because
 	//      configs.Config doesn't store the user-related configs. So this
@@ -36,37 +29,27 @@ func (v *ConfigValidator) rootless(config *configs.Config) error {
 	return nil
 }
 
-func rootlessMappings(config *configs.Config) error {
-	rootuid, err := config.HostRootUID()
-	if err != nil {
-		return fmt.Errorf("failed to get root uid from uidMappings: %v", err)
+func hasIDMapping(id int, mappings []configs.IDMap) bool {
+	for _, m := range mappings {
+		if id >= m.ContainerID && id < m.ContainerID+m.Size {
+			return true
+		}
 	}
+	return false
+}
+
+func rootlessMappings(config *configs.Config) error {
 	if euid := geteuid(); euid != 0 {
 		if !config.Namespaces.Contains(configs.NEWUSER) {
 			return fmt.Errorf("rootless containers require user namespaces")
 		}
-		if rootuid != euid {
-			return fmt.Errorf("rootless containers cannot map container root to a different host user")
-		}
-	}
-
-	rootgid, err := config.HostRootGID()
-	if err != nil {
-		return fmt.Errorf("failed to get root gid from gidMappings: %v", err)
 	}
 
-	// Similar to the above test, we need to make sure that we aren't trying to
-	// map to a group ID that we don't have the right to be.
-	if rootgid != getegid() {
-		return fmt.Errorf("rootless containers cannot map container root to a different host group")
+	if len(config.UidMappings) == 0 {
+		return fmt.Errorf("rootless containers requires at least one UID mapping")
 	}
-
-	// We can only map one user and group inside a container (our own).
-	if len(config.UidMappings) != 1 || config.UidMappings[0].Size != 1 {
-		return fmt.Errorf("rootless containers cannot map more than one user")
-	}
-	if len(config.GidMappings) != 1 || config.GidMappings[0].Size != 1 {
-		return fmt.Errorf("rootless containers cannot map more than one group")
+	if len(config.GidMappings) == 0 {
+		return fmt.Errorf("rootless containers requires at least one UID mapping")
 	}
 
 	return nil
@@ -104,11 +87,28 @@ func rootlessMount(config *configs.Config) error {
 		// Check that the options list doesn't contain any uid= or gid= entries
 		// that don't resolve to root.
 		for _, opt := range strings.Split(mount.Data, ",") {
-			if strings.HasPrefix(opt, "uid=") && opt != "uid=0" {
-				return fmt.Errorf("cannot specify uid= mount options in rootless containers where argument isn't 0")
+			if strings.HasPrefix(opt, "uid=") {
+				var uid int
+				n, err := fmt.Sscanf(opt, "uid=%d", &uid)
+				if n != 1 || err != nil {
+					// Ignore unknown mount options.
+					continue
+				}
+				if !hasIDMapping(uid, config.UidMappings) {
+					return fmt.Errorf("cannot specify uid= mount options for unmapped uid in rootless containers")
+				}
 			}
-			if strings.HasPrefix(opt, "gid=") && opt != "gid=0" {
-				return fmt.Errorf("cannot specify gid= mount options in rootless containers where argument isn't 0")
+
+			if strings.HasPrefix(opt, "gid=") {
+				var gid int
+				n, err := fmt.Sscanf(opt, "gid=%d", &gid)
+				if n != 1 || err != nil {
+					// Ignore unknown mount options.
+					continue
+				}
+				if !hasIDMapping(gid, config.GidMappings) {
+					return fmt.Errorf("cannot specify gid= mount options for unmapped gid in rootless containers")
+				}
 			}
 		}
 	}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/configs/validate/validator.go b/vendor/github.com/opencontainers/runc/libcontainer/configs/validate/validator.go
index 8284345442cd..cbbba9a03a20 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/configs/validate/validator.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/configs/validate/validator.go
@@ -7,6 +7,7 @@ import (
 	"strings"
 
 	"github.com/opencontainers/runc/libcontainer/configs"
+	"github.com/opencontainers/runc/libcontainer/intelrdt"
 	selinux "github.com/opencontainers/selinux/go-selinux"
 )
 
@@ -40,6 +41,9 @@ func (v *ConfigValidator) Validate(config *configs.Config) error {
 	if err := v.sysctl(config); err != nil {
 		return err
 	}
+	if err := v.intelrdt(config); err != nil {
+		return err
+	}
 	if config.Rootless {
 		if err := v.rootless(config); err != nil {
 			return err
@@ -153,6 +157,19 @@ func (v *ConfigValidator) sysctl(config *configs.Config) error {
 	return nil
 }
 
+func (v *ConfigValidator) intelrdt(config *configs.Config) error {
+	if config.IntelRdt != nil {
+		if !intelrdt.IsEnabled() {
+			return fmt.Errorf("intelRdt is specified in config, but Intel RDT feature is not supported or enabled")
+		}
+		if config.IntelRdt.L3CacheSchema == "" {
+			return fmt.Errorf("intelRdt is specified in config, but intelRdt.l3CacheSchema is empty")
+		}
+	}
+
+	return nil
+}
+
 func isSymbolicLink(path string) (bool, error) {
 	fi, err := os.Lstat(path)
 	if err != nil {
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/console.go b/vendor/github.com/opencontainers/runc/libcontainer/console.go
deleted file mode 100644
index 917acc702f36..000000000000
--- a/vendor/github.com/opencontainers/runc/libcontainer/console.go
+++ /dev/null
@@ -1,17 +0,0 @@
-package libcontainer
-
-import (
-	"io"
-	"os"
-)
-
-// Console represents a pseudo TTY.
-type Console interface {
-	io.ReadWriteCloser
-
-	// Path returns the filesystem path to the slave side of the pty.
-	Path() string
-
-	// Fd returns the fd for the master of the pty.
-	File() *os.File
-}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/console_freebsd.go b/vendor/github.com/opencontainers/runc/libcontainer/console_freebsd.go
deleted file mode 100644
index b7166a31f066..000000000000
--- a/vendor/github.com/opencontainers/runc/libcontainer/console_freebsd.go
+++ /dev/null
@@ -1,13 +0,0 @@
-// +build freebsd
-
-package libcontainer
-
-import (
-	"errors"
-)
-
-// newConsole returns an initialized console that can be used within a container by copying bytes
-// from the master side to the slave that is attached as the tty for the container's init process.
-func newConsole() (Console, error) {
-	return nil, errors.New("libcontainer console is not supported on FreeBSD")
-}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/console_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/console_linux.go
index f70de384812b..9997e93ed4f3 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/console_linux.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/console_linux.go
@@ -1,71 +1,14 @@
 package libcontainer
 
 import (
-	"fmt"
 	"os"
-	"unsafe"
 
 	"golang.org/x/sys/unix"
 )
 
-func ConsoleFromFile(f *os.File) Console {
-	return &linuxConsole{
-		master: f,
-	}
-}
-
-// newConsole returns an initialized console that can be used within a container by copying bytes
-// from the master side to the slave that is attached as the tty for the container's init process.
-func newConsole() (Console, error) {
-	master, err := os.OpenFile("/dev/ptmx", unix.O_RDWR|unix.O_NOCTTY|unix.O_CLOEXEC, 0)
-	if err != nil {
-		return nil, err
-	}
-	console, err := ptsname(master)
-	if err != nil {
-		return nil, err
-	}
-	if err := unlockpt(master); err != nil {
-		return nil, err
-	}
-	return &linuxConsole{
-		slavePath: console,
-		master:    master,
-	}, nil
-}
-
-// linuxConsole is a linux pseudo TTY for use within a container.
-type linuxConsole struct {
-	master    *os.File
-	slavePath string
-}
-
-func (c *linuxConsole) File() *os.File {
-	return c.master
-}
-
-func (c *linuxConsole) Path() string {
-	return c.slavePath
-}
-
-func (c *linuxConsole) Read(b []byte) (int, error) {
-	return c.master.Read(b)
-}
-
-func (c *linuxConsole) Write(b []byte) (int, error) {
-	return c.master.Write(b)
-}
-
-func (c *linuxConsole) Close() error {
-	if m := c.master; m != nil {
-		return m.Close()
-	}
-	return nil
-}
-
 // mount initializes the console inside the rootfs mounting with the specified mount label
 // and applying the correct ownership of the console.
-func (c *linuxConsole) mount() error {
+func mountConsole(slavePath string) error {
 	oldMask := unix.Umask(0000)
 	defer unix.Umask(oldMask)
 	f, err := os.Create("/dev/console")
@@ -75,17 +18,20 @@ func (c *linuxConsole) mount() error {
 	if f != nil {
 		f.Close()
 	}
-	return unix.Mount(c.slavePath, "/dev/console", "bind", unix.MS_BIND, "")
+	return unix.Mount(slavePath, "/dev/console", "bind", unix.MS_BIND, "")
 }
 
 // dupStdio opens the slavePath for the console and dups the fds to the current
 // processes stdio, fd 0,1,2.
-func (c *linuxConsole) dupStdio() error {
-	slave, err := c.open(unix.O_RDWR)
+func dupStdio(slavePath string) error {
+	fd, err := unix.Open(slavePath, unix.O_RDWR, 0)
 	if err != nil {
-		return err
+		return &os.PathError{
+			Op:   "open",
+			Path: slavePath,
+			Err:  err,
+		}
 	}
-	fd := int(slave.Fd())
 	for _, i := range []int{0, 1, 2} {
 		if err := unix.Dup3(fd, i, 0); err != nil {
 			return err
@@ -93,60 +39,3 @@ func (c *linuxConsole) dupStdio() error {
 	}
 	return nil
 }
-
-// open is a clone of os.OpenFile without the O_CLOEXEC used to open the pty slave.
-func (c *linuxConsole) open(flag int) (*os.File, error) {
-	r, e := unix.Open(c.slavePath, flag, 0)
-	if e != nil {
-		return nil, &os.PathError{
-			Op:   "open",
-			Path: c.slavePath,
-			Err:  e,
-		}
-	}
-	return os.NewFile(uintptr(r), c.slavePath), nil
-}
-
-func ioctl(fd uintptr, flag, data uintptr) error {
-	if _, _, err := unix.Syscall(unix.SYS_IOCTL, fd, flag, data); err != 0 {
-		return err
-	}
-	return nil
-}
-
-// unlockpt unlocks the slave pseudoterminal device corresponding to the master pseudoterminal referred to by f.
-// unlockpt should be called before opening the slave side of a pty.
-func unlockpt(f *os.File) error {
-	var u int32
-	return ioctl(f.Fd(), unix.TIOCSPTLCK, uintptr(unsafe.Pointer(&u)))
-}
-
-// ptsname retrieves the name of the first available pts for the given master.
-func ptsname(f *os.File) (string, error) {
-	n, err := unix.IoctlGetInt(int(f.Fd()), unix.TIOCGPTN)
-	if err != nil {
-		return "", err
-	}
-	return fmt.Sprintf("/dev/pts/%d", n), nil
-}
-
-// SaneTerminal sets the necessary tty_ioctl(4)s to ensure that a pty pair
-// created by us acts normally. In particular, a not-very-well-known default of
-// Linux unix98 ptys is that they have +onlcr by default. While this isn't a
-// problem for terminal emulators, because we relay data from the terminal we
-// also relay that funky line discipline.
-func SaneTerminal(terminal *os.File) error {
-	termios, err := unix.IoctlGetTermios(int(terminal.Fd()), unix.TCGETS)
-	if err != nil {
-		return fmt.Errorf("ioctl(tty, tcgets): %s", err.Error())
-	}
-
-	// Set -onlcr so we don't have to deal with \r.
-	termios.Oflag &^= unix.ONLCR
-
-	if err := unix.IoctlSetTermios(int(terminal.Fd()), unix.TCSETS, termios); err != nil {
-		return fmt.Errorf("ioctl(tty, tcsets): %s", err.Error())
-	}
-
-	return nil
-}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/console_solaris.go b/vendor/github.com/opencontainers/runc/libcontainer/console_solaris.go
deleted file mode 100644
index e5ca54599c2c..000000000000
--- a/vendor/github.com/opencontainers/runc/libcontainer/console_solaris.go
+++ /dev/null
@@ -1,11 +0,0 @@
-package libcontainer
-
-import (
-	"errors"
-)
-
-// newConsole returns an initialized console that can be used within a container by copying bytes
-// from the master side to the slave that is attached as the tty for the container's init process.
-func newConsole() (Console, error) {
-	return nil, errors.New("libcontainer console is not supported on Solaris")
-}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/console_windows.go b/vendor/github.com/opencontainers/runc/libcontainer/console_windows.go
deleted file mode 100644
index c61e866a5d5d..000000000000
--- a/vendor/github.com/opencontainers/runc/libcontainer/console_windows.go
+++ /dev/null
@@ -1,30 +0,0 @@
-package libcontainer
-
-// newConsole returns an initialized console that can be used within a container
-func newConsole() (Console, error) {
-	return &windowsConsole{}, nil
-}
-
-// windowsConsole is a Windows pseudo TTY for use within a container.
-type windowsConsole struct {
-}
-
-func (c *windowsConsole) Fd() uintptr {
-	return 0
-}
-
-func (c *windowsConsole) Path() string {
-	return ""
-}
-
-func (c *windowsConsole) Read(b []byte) (int, error) {
-	return 0, nil
-}
-
-func (c *windowsConsole) Write(b []byte) (int, error) {
-	return 0, nil
-}
-
-func (c *windowsConsole) Close() error {
-	return nil
-}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/container_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/container_linux.go
index 9e1b74d77af7..db2242e26969 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/container_linux.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/container_linux.go
@@ -5,6 +5,7 @@ package libcontainer
 import (
 	"bytes"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"io"
 	"io/ioutil"
@@ -21,6 +22,7 @@ import (
 	"github.com/opencontainers/runc/libcontainer/cgroups"
 	"github.com/opencontainers/runc/libcontainer/configs"
 	"github.com/opencontainers/runc/libcontainer/criurpc"
+	"github.com/opencontainers/runc/libcontainer/intelrdt"
 	"github.com/opencontainers/runc/libcontainer/system"
 	"github.com/opencontainers/runc/libcontainer/utils"
 
@@ -38,10 +40,14 @@ type linuxContainer struct {
 	root                 string
 	config               *configs.Config
 	cgroupManager        cgroups.Manager
+	intelRdtManager      intelrdt.Manager
+	initPath             string
 	initArgs             []string
 	initProcess          parentProcess
 	initProcessStartTime uint64
 	criuPath             string
+	newuidmapPath        string
+	newgidmapPath        string
 	m                    sync.Mutex
 	criuVersion          int
 	state                containerState
@@ -67,6 +73,9 @@ type State struct {
 
 	// Container's standard descriptors (std{in,out,err}), needed for checkpoint and restore
 	ExternalDescriptors []string `json:"external_descriptors,omitempty"`
+
+	// Intel RDT "resource control" filesystem path
+	IntelRdtPath string `json:"intel_rdt_path"`
 }
 
 // Container is a libcontainer container object.
@@ -163,6 +172,11 @@ func (c *linuxContainer) Stats() (*Stats, error) {
 	if stats.CgroupStats, err = c.cgroupManager.GetStats(); err != nil {
 		return stats, newSystemErrorWithCause(err, "getting container stats from cgroups")
 	}
+	if c.intelRdtManager != nil {
+		if stats.IntelRdtStats, err = c.intelRdtManager.GetStats(); err != nil {
+			return stats, newSystemErrorWithCause(err, "getting container's Intel RDT stats")
+		}
+	}
 	for _, iface := range c.config.Networks {
 		switch iface.Type {
 		case "veth":
@@ -193,6 +207,15 @@ func (c *linuxContainer) Set(config configs.Config) error {
 		}
 		return err
 	}
+	if c.intelRdtManager != nil {
+		if err := c.intelRdtManager.Set(&config); err != nil {
+			// Set configs back
+			if err2 := c.intelRdtManager.Set(c.config); err2 != nil {
+				logrus.Warnf("Setting back intelrdt configs failed due to error: %v, your state.json and actual configs might be inconsistent.", err2)
+			}
+			return err
+		}
+	}
 	// After config setting succeed, update config and states
 	c.config = &config
 	_, err = c.updateState(nil)
@@ -245,20 +268,71 @@ func (c *linuxContainer) Exec() error {
 
 func (c *linuxContainer) exec() error {
 	path := filepath.Join(c.root, execFifoFilename)
-	f, err := os.OpenFile(path, os.O_RDONLY, 0)
-	if err != nil {
-		return newSystemErrorWithCause(err, "open exec fifo for reading")
+
+	fifoOpen := make(chan struct{})
+	select {
+	case <-awaitProcessExit(c.initProcess.pid(), fifoOpen):
+		return errors.New("container process is already dead")
+	case result := <-awaitFifoOpen(path):
+		close(fifoOpen)
+		if result.err != nil {
+			return result.err
+		}
+		f := result.file
+		defer f.Close()
+		if err := readFromExecFifo(f); err != nil {
+			return err
+		}
+		return os.Remove(path)
 	}
-	defer f.Close()
-	data, err := ioutil.ReadAll(f)
+}
+
+func readFromExecFifo(execFifo io.Reader) error {
+	data, err := ioutil.ReadAll(execFifo)
 	if err != nil {
 		return err
 	}
-	if len(data) > 0 {
-		os.Remove(path)
-		return nil
+	if len(data) <= 0 {
+		return fmt.Errorf("cannot start an already running container")
 	}
-	return fmt.Errorf("cannot start an already running container")
+	return nil
+}
+
+func awaitProcessExit(pid int, exit <-chan struct{}) <-chan struct{} {
+	isDead := make(chan struct{})
+	go func() {
+		for {
+			select {
+			case <-exit:
+				return
+			case <-time.After(time.Millisecond * 100):
+				stat, err := system.Stat(pid)
+				if err != nil || stat.State == system.Zombie {
+					close(isDead)
+					return
+				}
+			}
+		}
+	}()
+	return isDead
+}
+
+func awaitFifoOpen(path string) <-chan openResult {
+	fifoOpened := make(chan openResult)
+	go func() {
+		f, err := os.OpenFile(path, os.O_RDONLY, 0)
+		if err != nil {
+			fifoOpened <- openResult{err: newSystemErrorWithCause(err, "open exec fifo for reading")}
+			return
+		}
+		fifoOpened <- openResult{file: f}
+	}()
+	return fifoOpened
+}
+
+type openResult struct {
+	file *os.File
+	err  error
 }
 
 func (c *linuxContainer) start(process *Process, isInit bool) error {
@@ -268,7 +342,7 @@ func (c *linuxContainer) start(process *Process, isInit bool) error {
 	}
 	if err := parent.start(); err != nil {
 		// terminate the process to ensure that it properly is reaped.
-		if err := parent.terminate(); err != nil {
+		if err := ignoreTerminateErrors(parent.terminate()); err != nil {
 			logrus.Warn(err)
 		}
 		return newSystemErrorWithCause(err, "starting container process")
@@ -286,15 +360,17 @@ func (c *linuxContainer) start(process *Process, isInit bool) error {
 		c.initProcessStartTime = state.InitProcessStartTime
 
 		if c.config.Hooks != nil {
+			bundle, annotations := utils.Annotations(c.config.Labels)
 			s := configs.HookState{
-				Version: c.config.Version,
-				ID:      c.id,
-				Pid:     parent.pid(),
-				Bundle:  utils.SearchLabels(c.config.Labels, "bundle"),
+				Version:     c.config.Version,
+				ID:          c.id,
+				Pid:         parent.pid(),
+				Bundle:      bundle,
+				Annotations: annotations,
 			}
 			for i, hook := range c.config.Hooks.Poststart {
 				if err := hook.Run(s); err != nil {
-					if err := parent.terminate(); err != nil {
+					if err := ignoreTerminateErrors(parent.terminate()); err != nil {
 						logrus.Warn(err)
 					}
 					return newSystemErrorWithCausef(err, "running poststart hook %d", i)
@@ -392,7 +468,8 @@ func (c *linuxContainer) newParentProcess(p *Process, doInit bool) (parentProces
 }
 
 func (c *linuxContainer) commandTemplate(p *Process, childPipe *os.File) (*exec.Cmd, error) {
-	cmd := exec.Command(c.initArgs[0], c.initArgs[1:]...)
+	cmd := exec.Command(c.initPath, c.initArgs[1:]...)
+	cmd.Args[0] = c.initArgs[0]
 	cmd.Stdin = p.Stdin
 	cmd.Stdout = p.Stdout
 	cmd.Stderr = p.Stderr
@@ -434,15 +511,16 @@ func (c *linuxContainer) newInitProcess(p *Process, cmd *exec.Cmd, parentPipe, c
 		return nil, err
 	}
 	return &initProcess{
-		cmd:           cmd,
-		childPipe:     childPipe,
-		parentPipe:    parentPipe,
-		manager:       c.cgroupManager,
-		config:        c.newInitConfig(p),
-		container:     c,
-		process:       p,
-		bootstrapData: data,
-		sharePidns:    sharePidns,
+		cmd:             cmd,
+		childPipe:       childPipe,
+		parentPipe:      parentPipe,
+		manager:         c.cgroupManager,
+		intelRdtManager: c.intelRdtManager,
+		config:          c.newInitConfig(p),
+		container:       c,
+		process:         p,
+		bootstrapData:   data,
+		sharePidns:      sharePidns,
 	}, nil
 }
 
@@ -461,6 +539,7 @@ func (c *linuxContainer) newSetnsProcess(p *Process, cmd *exec.Cmd, parentPipe,
 	return &setnsProcess{
 		cmd:           cmd,
 		cgroupPaths:   c.cgroupManager.GetPaths(),
+		intelRdtPath:  state.IntelRdtPath,
 		childPipe:     childPipe,
 		parentPipe:    parentPipe,
 		config:        c.newInitConfig(p),
@@ -499,6 +578,8 @@ func (c *linuxContainer) newInitConfig(process *Process) *initConfig {
 		cfg.Rlimits = process.Rlimits
 	}
 	cfg.CreateConsole = process.ConsoleSocket != nil
+	cfg.ConsoleWidth = process.ConsoleWidth
+	cfg.ConsoleHeight = process.ConsoleHeight
 	return cfg
 }
 
@@ -600,9 +681,24 @@ func (c *linuxContainer) checkCriuFeatures(criuOpts *CriuOpts, rpcOpts *criurpc.
 	logrus.Debugf("Feature check says: %s", criuFeatures)
 	missingFeatures := false
 
-	if *criuFeat.MemTrack && !*criuFeatures.MemTrack {
-		missingFeatures = true
-		logrus.Debugf("CRIU does not support MemTrack")
+	// The outer if checks if the fields actually exist
+	if (criuFeat.MemTrack != nil) &&
+		(criuFeatures.MemTrack != nil) {
+		// The inner if checks if they are set to true
+		if *criuFeat.MemTrack && !*criuFeatures.MemTrack {
+			missingFeatures = true
+			logrus.Debugf("CRIU does not support MemTrack")
+		}
+	}
+
+	// This needs to be repeated for every new feature check.
+	// Is there a way to put this in a function. Reflection?
+	if (criuFeat.LazyPages != nil) &&
+		(criuFeatures.LazyPages != nil) {
+		if *criuFeat.LazyPages && !*criuFeatures.LazyPages {
+			missingFeatures = true
+			logrus.Debugf("CRIU does not support LazyPages")
+		}
 	}
 
 	if missingFeatures {
@@ -632,9 +728,9 @@ func parseCriuVersion(path string) (int, error) {
 			return 0, fmt.Errorf("Unable to parse the CRIU version: %s", path)
 		}
 
-		n, err := fmt.Sscanf(string(version), "GitID: v%d.%d.%d", &x, &y, &z) // 1.5.2
+		n, err := fmt.Sscanf(version, "GitID: v%d.%d.%d", &x, &y, &z) // 1.5.2
 		if err != nil {
-			n, err = fmt.Sscanf(string(version), "GitID: v%d.%d", &x, &y) // 1.6
+			n, err = fmt.Sscanf(version, "GitID: v%d.%d", &x, &y) // 1.6
 			y++
 		} else {
 			z++
@@ -758,6 +854,25 @@ func (c *linuxContainer) addMaskPaths(req *criurpc.CriuReq) error {
 		}
 		req.Opts.ExtMnt = append(req.Opts.ExtMnt, extMnt)
 	}
+	return nil
+}
+
+func waitForCriuLazyServer(r *os.File, status string) error {
+
+	data := make([]byte, 1)
+	_, err := r.Read(data)
+	if err != nil {
+		return err
+	}
+	fd, err := os.OpenFile(status, os.O_TRUNC|os.O_WRONLY, os.ModeAppend)
+	if err != nil {
+		return err
+	}
+	_, err = fd.Write(data)
+	if err != nil {
+		return err
+	}
+	fd.Close()
 
 	return nil
 }
@@ -825,6 +940,7 @@ func (c *linuxContainer) Checkpoint(criuOpts *CriuOpts) error {
 		EmptyNs:         proto.Uint32(criuOpts.EmptyNs),
 		OrphanPtsMaster: proto.Bool(true),
 		AutoDedup:       proto.Bool(criuOpts.AutoDedup),
+		LazyPages:       proto.Bool(criuOpts.LazyPages),
 	}
 
 	fcg := c.cgroupManager.GetPaths()["freezer"]
@@ -875,6 +991,24 @@ func (c *linuxContainer) Checkpoint(criuOpts *CriuOpts) error {
 		Opts: &rpcOpts,
 	}
 
+	if criuOpts.LazyPages {
+		// lazy migration requested; check if criu supports it
+		feat := criurpc.CriuFeatures{
+			LazyPages: proto.Bool(true),
+		}
+
+		if err := c.checkCriuFeatures(criuOpts, &rpcOpts, &feat); err != nil {
+			return err
+		}
+
+		statusRead, statusWrite, err := os.Pipe()
+		if err != nil {
+			return err
+		}
+		rpcOpts.StatusFd = proto.Int32(int32(statusWrite.Fd()))
+		go waitForCriuLazyServer(statusRead, criuOpts.StatusFd)
+	}
+
 	//no need to dump these information in pre-dump
 	if !criuOpts.PreDump {
 		for _, m := range c.config.Mounts {
@@ -1027,6 +1161,7 @@ func (c *linuxContainer) Restore(process *Process, criuOpts *CriuOpts) error {
 			EmptyNs:         proto.Uint32(criuOpts.EmptyNs),
 			OrphanPtsMaster: proto.Bool(true),
 			AutoDedup:       proto.Bool(criuOpts.AutoDedup),
+			LazyPages:       proto.Bool(criuOpts.LazyPages),
 		},
 	}
 
@@ -1355,11 +1490,13 @@ func (c *linuxContainer) criuNotifications(resp *criurpc.CriuResp, process *Proc
 		}
 	case notify.GetScript() == "setup-namespaces":
 		if c.config.Hooks != nil {
+			bundle, annotations := utils.Annotations(c.config.Labels)
 			s := configs.HookState{
-				Version: c.config.Version,
-				ID:      c.id,
-				Pid:     int(notify.GetPid()),
-				Bundle:  utils.SearchLabels(c.config.Labels, "bundle"),
+				Version:     c.config.Version,
+				ID:          c.id,
+				Pid:         int(notify.GetPid()),
+				Bundle:      bundle,
+				Annotations: annotations,
 			}
 			for i, hook := range c.config.Hooks.Prestart {
 				if err := hook.Run(s); err != nil {
@@ -1404,7 +1541,7 @@ func (c *linuxContainer) criuNotifications(resp *criurpc.CriuResp, process *Proc
 		defer master.Close()
 
 		// While we can access console.master, using the API is a good idea.
-		if err := utils.SendFd(process.ConsoleSocket, master); err != nil {
+		if err := utils.SendFd(process.ConsoleSocket, master.Name(), master.Fd()); err != nil {
 			return err
 		}
 	}
@@ -1519,6 +1656,10 @@ func (c *linuxContainer) currentState() (*State, error) {
 		startTime, _ = c.initProcess.startTime()
 		externalDescriptors = c.initProcess.externalDescriptors()
 	}
+	intelRdtPath, err := intelrdt.GetIntelRdtPath(c.ID())
+	if err != nil {
+		intelRdtPath = ""
+	}
 	state := &State{
 		BaseState: BaseState{
 			ID:                   c.ID(),
@@ -1529,6 +1670,7 @@ func (c *linuxContainer) currentState() (*State, error) {
 		},
 		Rootless:            c.config.Rootless,
 		CgroupPaths:         c.cgroupManager.GetPaths(),
+		IntelRdtPath:        intelRdtPath,
 		NamespacePaths:      make(map[configs.NamespaceType]string),
 		ExternalDescriptors: externalDescriptors,
 	}
@@ -1627,6 +1769,12 @@ func (c *linuxContainer) bootstrapData(cloneFlags uintptr, nsMaps map[configs.Na
 	if !joinExistingUser {
 		// write uid mappings
 		if len(c.config.UidMappings) > 0 {
+			if c.config.Rootless && c.newuidmapPath != "" {
+				r.AddData(&Bytemsg{
+					Type:  UidmapPathAttr,
+					Value: []byte(c.newuidmapPath),
+				})
+			}
 			b, err := encodeIDMapping(c.config.UidMappings)
 			if err != nil {
 				return nil, err
@@ -1647,10 +1795,16 @@ func (c *linuxContainer) bootstrapData(cloneFlags uintptr, nsMaps map[configs.Na
 				Type:  GidmapAttr,
 				Value: b,
 			})
+			if c.config.Rootless && c.newgidmapPath != "" {
+				r.AddData(&Bytemsg{
+					Type:  GidmapPathAttr,
+					Value: []byte(c.newgidmapPath),
+				})
+			}
 			// The following only applies if we are root.
 			if !c.config.Rootless {
 				// check if we have CAP_SETGID to setgroup properly
-				pid, err := capability.NewPid(os.Getpid())
+				pid, err := capability.NewPid(0)
 				if err != nil {
 					return nil, err
 				}
@@ -1678,3 +1832,18 @@ func (c *linuxContainer) bootstrapData(cloneFlags uintptr, nsMaps map[configs.Na
 
 	return bytes.NewReader(r.Serialize()), nil
 }
+
+// ignoreTerminateErrors returns nil if the given err matches an error known
+// to indicate that the terminate occurred successfully or err was nil, otherwise
+// err is returned unaltered.
+func ignoreTerminateErrors(err error) error {
+	if err == nil {
+		return nil
+	}
+	s := err.Error()
+	switch {
+	case strings.Contains(s, "process already finished"), strings.Contains(s, "Wait was already called"):
+		return nil
+	}
+	return err
+}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/container_solaris.go b/vendor/github.com/opencontainers/runc/libcontainer/container_solaris.go
deleted file mode 100644
index bb84ff7402b9..000000000000
--- a/vendor/github.com/opencontainers/runc/libcontainer/container_solaris.go
+++ /dev/null
@@ -1,20 +0,0 @@
-package libcontainer
-
-// State represents a running container's state
-type State struct {
-	BaseState
-
-	// Platform specific fields below here
-}
-
-// A libcontainer container object.
-//
-// Each container is thread-safe within the same process. Since a container can
-// be destroyed by a separate process, any function may return that the container
-// was not found.
-type Container interface {
-	BaseContainer
-
-	// Methods below here are platform specific
-
-}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/container_windows.go b/vendor/github.com/opencontainers/runc/libcontainer/container_windows.go
deleted file mode 100644
index bb84ff7402b9..000000000000
--- a/vendor/github.com/opencontainers/runc/libcontainer/container_windows.go
+++ /dev/null
@@ -1,20 +0,0 @@
-package libcontainer
-
-// State represents a running container's state
-type State struct {
-	BaseState
-
-	// Platform specific fields below here
-}
-
-// A libcontainer container object.
-//
-// Each container is thread-safe within the same process. Since a container can
-// be destroyed by a separate process, any function may return that the container
-// was not found.
-type Container interface {
-	BaseContainer
-
-	// Methods below here are platform specific
-
-}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/criu_opts_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/criu_opts_linux.go
index 8f142c9fa5ca..a2e344fc4b67 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/criu_opts_linux.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/criu_opts_linux.go
@@ -23,7 +23,7 @@ type VethPairName struct {
 type CriuOpts struct {
 	ImagesDirectory         string             // directory for storing image files
 	WorkDirectory           string             // directory to cd and write logs/pidfiles/stats to
-	ParentImage             string             // direcotry for storing parent image files in pre-dump and dump
+	ParentImage             string             // directory for storing parent image files in pre-dump and dump
 	LeaveRunning            bool               // leave container in running state after checkpoint
 	TcpEstablished          bool               // checkpoint/restore established TCP connections
 	ExternalUnixConnections bool               // allow external unix connections
@@ -35,4 +35,6 @@ type CriuOpts struct {
 	ManageCgroupsMode       cgMode             // dump or restore cgroup mode
 	EmptyNs                 uint32             // don't c/r properties for namespace from this mask
 	AutoDedup               bool               // auto deduplication for incremental dumps
+	LazyPages               bool               // restore memory pages lazily using userfaultfd
+	StatusFd                string             // fd for feedback when lazy server is ready
 }
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/criu_opts_windows.go b/vendor/github.com/opencontainers/runc/libcontainer/criu_opts_windows.go
deleted file mode 100644
index bc9207703a1d..000000000000
--- a/vendor/github.com/opencontainers/runc/libcontainer/criu_opts_windows.go
+++ /dev/null
@@ -1,6 +0,0 @@
-package libcontainer
-
-// TODO Windows: This can ultimately be entirely factored out as criu is
-// a Unix concept not relevant on Windows.
-type CriuOpts struct {
-}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/factory_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/factory_linux.go
index 947bdea1cebb..7d53d5e04d8a 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/factory_linux.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/factory_linux.go
@@ -11,13 +11,13 @@ import (
 	"runtime/debug"
 	"strconv"
 
-	"github.com/docker/docker/pkg/mount"
 	"github.com/opencontainers/runc/libcontainer/cgroups"
 	"github.com/opencontainers/runc/libcontainer/cgroups/fs"
-	"github.com/opencontainers/runc/libcontainer/cgroups/rootless"
 	"github.com/opencontainers/runc/libcontainer/cgroups/systemd"
 	"github.com/opencontainers/runc/libcontainer/configs"
 	"github.com/opencontainers/runc/libcontainer/configs/validate"
+	"github.com/opencontainers/runc/libcontainer/intelrdt"
+	"github.com/opencontainers/runc/libcontainer/mount"
 	"github.com/opencontainers/runc/libcontainer/utils"
 
 	"golang.org/x/sys/unix"
@@ -72,15 +72,15 @@ func Cgroupfs(l *LinuxFactory) error {
 	return nil
 }
 
-// RootlessCgroups is an options func to configure a LinuxFactory to
-// return containers that use the "rootless" cgroup manager, which will
-// fail to do any operations not possible to do with an unprivileged user.
-// It should only be used in conjunction with rootless containers.
-func RootlessCgroups(l *LinuxFactory) error {
-	l.NewCgroupsManager = func(config *configs.Cgroup, paths map[string]string) cgroups.Manager {
-		return &rootless.Manager{
-			Cgroups: config,
-			Paths:   paths,
+// IntelRdtfs is an options func to configure a LinuxFactory to return
+// containers that use the Intel RDT "resource control" filesystem to
+// create and manage Intel Xeon platform shared resources (e.g., L3 cache).
+func IntelRdtFs(l *LinuxFactory) error {
+	l.NewIntelRdtManager = func(config *configs.Config, id string, path string) intelrdt.Manager {
+		return &intelrdt.IntelRdtManager{
+			Config: config,
+			Id:     id,
+			Path:   path,
 		}
 	}
 	return nil
@@ -119,12 +119,16 @@ func New(root string, options ...func(*LinuxFactory) error) (Factory, error) {
 	}
 	l := &LinuxFactory{
 		Root:      root,
-		InitArgs:  []string{"/proc/self/exe", "init"},
+		InitPath:  "/proc/self/exe",
+		InitArgs:  []string{os.Args[0], "init"},
 		Validator: validate.New(),
 		CriuPath:  "criu",
 	}
 	Cgroupfs(l)
 	for _, opt := range options {
+		if opt == nil {
+			continue
+		}
 		if err := opt(l); err != nil {
 			return nil, err
 		}
@@ -137,6 +141,10 @@ type LinuxFactory struct {
 	// Root directory for the factory to store state.
 	Root string
 
+	// InitPath is the path for calling the init responsibilities for spawning
+	// a container.
+	InitPath string
+
 	// InitArgs are arguments for calling the init responsibilities for spawning
 	// a container.
 	InitArgs []string
@@ -145,11 +153,19 @@ type LinuxFactory struct {
 	// containers.
 	CriuPath string
 
+	// New{u,g}uidmapPath is the path to the binaries used for mapping with
+	// rootless containers.
+	NewuidmapPath string
+	NewgidmapPath string
+
 	// Validator provides validation to container configurations.
 	Validator validate.Validator
 
 	// NewCgroupsManager returns an initialized cgroups manager for a single container.
 	NewCgroupsManager func(config *configs.Cgroup, paths map[string]string) cgroups.Manager
+
+	// NewIntelRdtManager returns an initialized Intel RDT manager for a single container.
+	NewIntelRdtManager func(config *configs.Config, id string, path string) intelrdt.Manager
 }
 
 func (l *LinuxFactory) Create(id string, config *configs.Config) (Container, error) {
@@ -174,17 +190,20 @@ func (l *LinuxFactory) Create(id string, config *configs.Config) (Container, err
 	if err := os.Chown(containerRoot, unix.Geteuid(), unix.Getegid()); err != nil {
 		return nil, newGenericError(err, SystemError)
 	}
-	if config.Rootless {
-		RootlessCgroups(l)
-	}
 	c := &linuxContainer{
 		id:            id,
 		root:          containerRoot,
 		config:        config,
+		initPath:      l.InitPath,
 		initArgs:      l.InitArgs,
 		criuPath:      l.CriuPath,
+		newuidmapPath: l.NewuidmapPath,
+		newgidmapPath: l.NewgidmapPath,
 		cgroupManager: l.NewCgroupsManager(config.Cgroups, nil),
 	}
+	if intelrdt.IsEnabled() {
+		c.intelRdtManager = l.NewIntelRdtManager(config, id, "")
+	}
 	c.state = &stoppedState{c: c}
 	return c, nil
 }
@@ -203,17 +222,16 @@ func (l *LinuxFactory) Load(id string) (Container, error) {
 		processStartTime: state.InitProcessStartTime,
 		fds:              state.ExternalDescriptors,
 	}
-	// We have to use the RootlessManager.
-	if state.Rootless {
-		RootlessCgroups(l)
-	}
 	c := &linuxContainer{
 		initProcess:          r,
 		initProcessStartTime: state.InitProcessStartTime,
 		id:                   id,
 		config:               &state.Config,
+		initPath:             l.InitPath,
 		initArgs:             l.InitArgs,
 		criuPath:             l.CriuPath,
+		newuidmapPath:        l.NewuidmapPath,
+		newgidmapPath:        l.NewgidmapPath,
 		cgroupManager:        l.NewCgroupsManager(state.Config.Cgroups, state.CgroupPaths),
 		root:                 containerRoot,
 		created:              state.Created,
@@ -222,6 +240,9 @@ func (l *LinuxFactory) Load(id string) (Container, error) {
 	if err := c.refreshState(); err != nil {
 		return nil, err
 	}
+	if intelrdt.IsEnabled() {
+		c.intelRdtManager = l.NewIntelRdtManager(&state.Config, id, state.IntelRdtPath)
+	}
 	return c, nil
 }
 
@@ -323,3 +344,21 @@ func (l *LinuxFactory) validateID(id string) error {
 
 	return nil
 }
+
+// NewuidmapPath returns an option func to configure a LinuxFactory with the
+// provided ..
+func NewuidmapPath(newuidmapPath string) func(*LinuxFactory) error {
+	return func(l *LinuxFactory) error {
+		l.NewuidmapPath = newuidmapPath
+		return nil
+	}
+}
+
+// NewgidmapPath returns an option func to configure a LinuxFactory with the
+// provided ..
+func NewgidmapPath(newgidmapPath string) func(*LinuxFactory) error {
+	return func(l *LinuxFactory) error {
+		l.NewgidmapPath = newgidmapPath
+		return nil
+	}
+}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/init_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/init_linux.go
index 2020bb7a5aa5..2770be307185 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/init_linux.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/init_linux.go
@@ -12,15 +12,16 @@ import (
 	"syscall" // only for Errno
 	"unsafe"
 
+	"golang.org/x/sys/unix"
+
+	"github.com/containerd/console"
 	"github.com/opencontainers/runc/libcontainer/cgroups"
 	"github.com/opencontainers/runc/libcontainer/configs"
 	"github.com/opencontainers/runc/libcontainer/system"
 	"github.com/opencontainers/runc/libcontainer/user"
 	"github.com/opencontainers/runc/libcontainer/utils"
-
 	"github.com/sirupsen/logrus"
 	"github.com/vishvananda/netlink"
-	"golang.org/x/sys/unix"
 )
 
 type initType string
@@ -61,6 +62,8 @@ type initConfig struct {
 	ContainerId      string                `json:"containerid"`
 	Rlimits          []configs.Rlimit      `json:"rlimits"`
 	CreateConsole    bool                  `json:"create_console"`
+	ConsoleWidth     uint16                `json:"console_width"`
+	ConsoleHeight    uint16                `json:"console_height"`
 	Rootless         bool                  `json:"rootless"`
 }
 
@@ -170,29 +173,38 @@ func setupConsole(socket *os.File, config *initConfig, mount bool) error {
 	// however, that setupUser (specifically fixStdioPermissions) *will* change
 	// the UID owner of the console to be the user the process will run as (so
 	// they can actually control their console).
-	console, err := newConsole()
+
+	pty, slavePath, err := console.NewPty()
 	if err != nil {
 		return err
 	}
-	// After we return from here, we don't need the console anymore.
-	defer console.Close()
 
-	linuxConsole, ok := console.(*linuxConsole)
-	if !ok {
-		return fmt.Errorf("failed to cast console to *linuxConsole")
+	if config.ConsoleHeight != 0 && config.ConsoleWidth != 0 {
+		err = pty.Resize(console.WinSize{
+			Height: config.ConsoleHeight,
+			Width:  config.ConsoleWidth,
+		})
+
+		if err != nil {
+			return err
+		}
 	}
+
+	// After we return from here, we don't need the console anymore.
+	defer pty.Close()
+
 	// Mount the console inside our rootfs.
 	if mount {
-		if err := linuxConsole.mount(); err != nil {
+		if err := mountConsole(slavePath); err != nil {
 			return err
 		}
 	}
 	// While we can access console.master, using the API is a good idea.
-	if err := utils.SendFd(socket, linuxConsole.File()); err != nil {
+	if err := utils.SendFd(socket, pty.Name(), pty.Fd()); err != nil {
 		return err
 	}
 	// Now, dup over all the things.
-	return linuxConsole.dupStdio()
+	return dupStdio(slavePath)
 }
 
 // syncParentReady sends to the given pipe a JSON payload which indicates that
@@ -261,25 +273,27 @@ func setupUser(config *initConfig) error {
 		}
 	}
 
-	if config.Rootless {
-		if execUser.Uid != 0 {
-			return fmt.Errorf("cannot run as a non-root user in a rootless container")
-		}
-
-		if execUser.Gid != 0 {
-			return fmt.Errorf("cannot run as a non-root group in a rootless container")
-		}
+	// Rather than just erroring out later in setuid(2) and setgid(2), check
+	// that the user is mapped here.
+	if _, err := config.Config.HostUID(execUser.Uid); err != nil {
+		return fmt.Errorf("cannot set uid to unmapped user in user namespace")
+	}
+	if _, err := config.Config.HostGID(execUser.Gid); err != nil {
+		return fmt.Errorf("cannot set gid to unmapped user in user namespace")
+	}
 
-		// We cannot set any additional groups in a rootless container and thus we
-		// bail if the user asked us to do so. TODO: We currently can't do this
-		// earlier, but if libcontainer.Process.User was typesafe this might work.
+	if config.Rootless {
+		// We cannot set any additional groups in a rootless container and thus
+		// we bail if the user asked us to do so. TODO: We currently can't do
+		// this check earlier, but if libcontainer.Process.User was typesafe
+		// this might work.
 		if len(addGroups) > 0 {
 			return fmt.Errorf("cannot set any additional groups in a rootless container")
 		}
 	}
 
-	// before we change to the container's user make sure that the processes STDIO
-	// is correctly owned by the user that we are switching to.
+	// Before we change to the container's user make sure that the processes
+	// STDIO is correctly owned by the user that we are switching to.
 	if err := fixStdioPermissions(config, execUser); err != nil {
 		return err
 	}
@@ -298,7 +312,6 @@ func setupUser(config *initConfig) error {
 	if err := system.Setgid(execUser.Gid); err != nil {
 		return err
 	}
-
 	if err := system.Setuid(execUser.Uid); err != nil {
 		return err
 	}
@@ -335,14 +348,6 @@ func fixStdioPermissions(config *initConfig, u *user.ExecUser) error {
 			continue
 		}
 
-		// Skip chown if s.Gid is actually an unmapped gid in the host. While
-		// this is a bit dodgy if it just so happens that the console _is_
-		// owned by overflow_gid, there's no way for us to disambiguate this as
-		// a userspace program.
-		if _, err := config.Config.HostGID(int(s.Gid)); err != nil {
-			continue
-		}
-
 		// We only change the uid owner (as it is possible for the mount to
 		// prefer a different gid, and there's no reason for us to change it).
 		// The reason why we don't just leave the default uid=X mount setup is
@@ -350,6 +355,15 @@ func fixStdioPermissions(config *initConfig, u *user.ExecUser) error {
 		// this code, you couldn't effectively run as a non-root user inside a
 		// container and also have a console set up.
 		if err := unix.Fchown(int(fd), u.Uid, int(s.Gid)); err != nil {
+			// If we've hit an EINVAL then s.Gid isn't mapped in the user
+			// namespace. If we've hit an EPERM then the inode's current owner
+			// is not mapped in our user namespace (in particular,
+			// privileged_wrt_inode_uidgid() has failed). In either case, we
+			// are in a configuration where it's better for us to just not
+			// touch the stdio rather than bail at this point.
+			if err == unix.EINVAL || err == unix.EPERM {
+				continue
+			}
 			return err
 		}
 	}
@@ -480,6 +494,16 @@ func signalAllProcesses(m cgroups.Manager, s os.Signal) error {
 		logrus.Warn(err)
 	}
 
+	subreaper, err := system.GetSubreaper()
+	if err != nil {
+		// The error here means that PR_GET_CHILD_SUBREAPER is not
+		// supported because this code might run on a kernel older
+		// than 3.4. We don't want to throw an error in that case,
+		// and we simplify things, considering there is no subreaper
+		// set.
+		subreaper = 0
+	}
+
 	for _, p := range procs {
 		if s != unix.SIGKILL {
 			if ok, err := isWaitable(p.Pid); err != nil {
@@ -493,9 +517,16 @@ func signalAllProcesses(m cgroups.Manager, s os.Signal) error {
 			}
 		}
 
-		if _, err := p.Wait(); err != nil {
-			if !isNoChildren(err) {
-				logrus.Warn("wait: ", err)
+		// In case a subreaper has been setup, this code must not
+		// wait for the process. Otherwise, we cannot be sure the
+		// current process will be reaped by the subreaper, while
+		// the subreaper might be waiting for this process in order
+		// to retrieve its exit code.
+		if subreaper == 0 {
+			if _, err := p.Wait(); err != nil {
+				if !isNoChildren(err) {
+					logrus.Warn("wait: ", err)
+				}
 			}
 		}
 	}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/intelrdt/intelrdt.go b/vendor/github.com/opencontainers/runc/libcontainer/intelrdt/intelrdt.go
new file mode 100644
index 000000000000..487c630af61c
--- /dev/null
+++ b/vendor/github.com/opencontainers/runc/libcontainer/intelrdt/intelrdt.go
@@ -0,0 +1,553 @@
+// +build linux
+
+package intelrdt
+
+import (
+	"bufio"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"strconv"
+	"strings"
+	"sync"
+
+	"github.com/opencontainers/runc/libcontainer/configs"
+)
+
+/*
+ * About Intel RDT/CAT feature:
+ * Intel platforms with new Xeon CPU support Resource Director Technology (RDT).
+ * Intel Cache Allocation Technology (CAT) is a sub-feature of RDT. Currently L3
+ * Cache is the only resource that is supported in RDT.
+ *
+ * This feature provides a way for the software to restrict cache allocation to a
+ * defined 'subset' of L3 cache which may be overlapping with other 'subsets'.
+ * The different subsets are identified by class of service (CLOS) and each CLOS
+ * has a capacity bitmask (CBM).
+ *
+ * For more information about Intel RDT/CAT can be found in the section 17.17
+ * of Intel Software Developer Manual.
+ *
+ * About Intel RDT/CAT kernel interface:
+ * In Linux 4.10 kernel or newer, the interface is defined and exposed via
+ * "resource control" filesystem, which is a "cgroup-like" interface.
+ *
+ * Comparing with cgroups, it has similar process management lifecycle and
+ * interfaces in a container. But unlike cgroups' hierarchy, it has single level
+ * filesystem layout.
+ *
+ * Intel RDT "resource control" filesystem hierarchy:
+ * mount -t resctrl resctrl /sys/fs/resctrl
+ * tree /sys/fs/resctrl
+ * /sys/fs/resctrl/
+ * |-- info
+ * |   |-- L3
+ * |       |-- cbm_mask
+ * |       |-- min_cbm_bits
+ * |       |-- num_closids
+ * |-- cpus
+ * |-- schemata
+ * |-- tasks
+ * |-- <container_id>
+ *     |-- cpus
+ *     |-- schemata
+ *     |-- tasks
+ *
+ * For runc, we can make use of `tasks` and `schemata` configuration for L3 cache
+ * resource constraints.
+ *
+ *  The file `tasks` has a list of tasks that belongs to this group (e.g.,
+ * <container_id>" group). Tasks can be added to a group by writing the task ID
+ * to the "tasks" file  (which will automatically remove them from the previous
+ * group to which they belonged). New tasks created by fork(2) and clone(2) are
+ * added to the same group as their parent. If a pid is not in any sub group, it is
+ * in root group.
+ *
+ * The file `schemata` has allocation bitmasks/values for L3 cache on each socket,
+ * which contains L3 cache id and capacity bitmask (CBM).
+ * 	Format: "L3:<cache_id0>=<cbm0>;<cache_id1>=<cbm1>;..."
+ * For example, on a two-socket machine, L3's schema line could be `L3:0=ff;1=c0`
+ * which means L3 cache id 0's CBM is 0xff, and L3 cache id 1's CBM is 0xc0.
+ *
+ * The valid L3 cache CBM is a *contiguous bits set* and number of bits that can
+ * be set is less than the max bit. The max bits in the CBM is varied among
+ * supported Intel Xeon platforms. In Intel RDT "resource control" filesystem
+ * layout, the CBM in a group should be a subset of the CBM in root. Kernel will
+ * check if it is valid when writing. e.g., 0xfffff in root indicates the max bits
+ * of CBM is 20 bits, which mapping to entire L3 cache capacity. Some valid CBM
+ * values to set in a group: 0xf, 0xf0, 0x3ff, 0x1f00 and etc.
+ *
+ * For more information about Intel RDT/CAT kernel interface:
+ * https://www.kernel.org/doc/Documentation/x86/intel_rdt_ui.txt
+ *
+ * An example for runc:
+ * Consider a two-socket machine with two L3 caches where the default CBM is
+ * 0xfffff and the max CBM length is 20 bits. With this configuration, tasks
+ * inside the container only have access to the "upper" 80% of L3 cache id 0 and
+ * the "lower" 50% L3 cache id 1:
+ *
+ * "linux": {
+ * 	"intelRdt": {
+ * 		"l3CacheSchema": "L3:0=ffff0;1=3ff"
+ * 	}
+ * }
+ */
+
+type Manager interface {
+	// Applies Intel RDT configuration to the process with the specified pid
+	Apply(pid int) error
+
+	// Returns statistics for Intel RDT
+	GetStats() (*Stats, error)
+
+	// Destroys the Intel RDT 'container_id' group
+	Destroy() error
+
+	// Returns Intel RDT path to save in a state file and to be able to
+	// restore the object later
+	GetPath() string
+
+	// Set Intel RDT "resource control" filesystem as configured.
+	Set(container *configs.Config) error
+}
+
+// This implements interface Manager
+type IntelRdtManager struct {
+	mu     sync.Mutex
+	Config *configs.Config
+	Id     string
+	Path   string
+}
+
+const (
+	IntelRdtTasks = "tasks"
+)
+
+var (
+	// The absolute root path of the Intel RDT "resource control" filesystem
+	intelRdtRoot     string
+	intelRdtRootLock sync.Mutex
+
+	// The flag to indicate if Intel RDT is supported
+	isEnabled bool
+)
+
+type intelRdtData struct {
+	root   string
+	config *configs.Config
+	pid    int
+}
+
+// Check if Intel RDT is enabled in init()
+func init() {
+	// 1. Check if hardware and kernel support Intel RDT/CAT feature
+	// "cat_l3" flag is set if supported
+	isFlagSet, err := parseCpuInfoFile("/proc/cpuinfo")
+	if !isFlagSet || err != nil {
+		isEnabled = false
+		return
+	}
+
+	// 2. Check if Intel RDT "resource control" filesystem is mounted
+	// The user guarantees to mount the filesystem
+	isEnabled = isIntelRdtMounted()
+}
+
+// Return the mount point path of Intel RDT "resource control" filesysem
+func findIntelRdtMountpointDir() (string, error) {
+	f, err := os.Open("/proc/self/mountinfo")
+	if err != nil {
+		return "", err
+	}
+	defer f.Close()
+
+	s := bufio.NewScanner(f)
+	for s.Scan() {
+		text := s.Text()
+		fields := strings.Split(text, " ")
+		// Safe as mountinfo encodes mountpoints with spaces as \040.
+		index := strings.Index(text, " - ")
+		postSeparatorFields := strings.Fields(text[index+3:])
+		numPostFields := len(postSeparatorFields)
+
+		// This is an error as we can't detect if the mount is for "Intel RDT"
+		if numPostFields == 0 {
+			return "", fmt.Errorf("Found no fields post '-' in %q", text)
+		}
+
+		if postSeparatorFields[0] == "resctrl" {
+			// Check that the mount is properly formated.
+			if numPostFields < 3 {
+				return "", fmt.Errorf("Error found less than 3 fields post '-' in %q", text)
+			}
+
+			return fields[4], nil
+		}
+	}
+	if err := s.Err(); err != nil {
+		return "", err
+	}
+
+	return "", NewNotFoundError("Intel RDT")
+}
+
+// Gets the root path of Intel RDT "resource control" filesystem
+func getIntelRdtRoot() (string, error) {
+	intelRdtRootLock.Lock()
+	defer intelRdtRootLock.Unlock()
+
+	if intelRdtRoot != "" {
+		return intelRdtRoot, nil
+	}
+
+	root, err := findIntelRdtMountpointDir()
+	if err != nil {
+		return "", err
+	}
+
+	if _, err := os.Stat(root); err != nil {
+		return "", err
+	}
+
+	intelRdtRoot = root
+	return intelRdtRoot, nil
+}
+
+func isIntelRdtMounted() bool {
+	_, err := getIntelRdtRoot()
+	if err != nil {
+		return false
+	}
+
+	return true
+}
+
+func parseCpuInfoFile(path string) (bool, error) {
+	f, err := os.Open(path)
+	if err != nil {
+		return false, err
+	}
+	defer f.Close()
+
+	s := bufio.NewScanner(f)
+	for s.Scan() {
+		if err := s.Err(); err != nil {
+			return false, err
+		}
+
+		text := s.Text()
+		flags := strings.Split(text, " ")
+
+		// "cat_l3" flag is set if Intel RDT/CAT is supported
+		for _, flag := range flags {
+			if flag == "cat_l3" {
+				return true, nil
+			}
+		}
+	}
+	return false, nil
+}
+
+func parseUint(s string, base, bitSize int) (uint64, error) {
+	value, err := strconv.ParseUint(s, base, bitSize)
+	if err != nil {
+		intValue, intErr := strconv.ParseInt(s, base, bitSize)
+		// 1. Handle negative values greater than MinInt64 (and)
+		// 2. Handle negative values lesser than MinInt64
+		if intErr == nil && intValue < 0 {
+			return 0, nil
+		} else if intErr != nil && intErr.(*strconv.NumError).Err == strconv.ErrRange && intValue < 0 {
+			return 0, nil
+		}
+
+		return value, err
+	}
+
+	return value, nil
+}
+
+// Gets a single uint64 value from the specified file.
+func getIntelRdtParamUint(path, file string) (uint64, error) {
+	fileName := filepath.Join(path, file)
+	contents, err := ioutil.ReadFile(fileName)
+	if err != nil {
+		return 0, err
+	}
+
+	res, err := parseUint(strings.TrimSpace(string(contents)), 10, 64)
+	if err != nil {
+		return res, fmt.Errorf("unable to parse %q as a uint from file %q", string(contents), fileName)
+	}
+	return res, nil
+}
+
+// Gets a string value from the specified file
+func getIntelRdtParamString(path, file string) (string, error) {
+	contents, err := ioutil.ReadFile(filepath.Join(path, file))
+	if err != nil {
+		return "", err
+	}
+
+	return strings.TrimSpace(string(contents)), nil
+}
+
+func readTasksFile(dir string) ([]int, error) {
+	f, err := os.Open(filepath.Join(dir, IntelRdtTasks))
+	if err != nil {
+		return nil, err
+	}
+	defer f.Close()
+
+	var (
+		s   = bufio.NewScanner(f)
+		out = []int{}
+	)
+
+	for s.Scan() {
+		if t := s.Text(); t != "" {
+			pid, err := strconv.Atoi(t)
+			if err != nil {
+				return nil, err
+			}
+			out = append(out, pid)
+		}
+	}
+	return out, nil
+}
+
+func writeFile(dir, file, data string) error {
+	if dir == "" {
+		return fmt.Errorf("no such directory for %s", file)
+	}
+	if err := ioutil.WriteFile(filepath.Join(dir, file), []byte(data+"\n"), 0700); err != nil {
+		return fmt.Errorf("failed to write %v to %v: %v", data, file, err)
+	}
+	return nil
+}
+
+func getIntelRdtData(c *configs.Config, pid int) (*intelRdtData, error) {
+	rootPath, err := getIntelRdtRoot()
+	if err != nil {
+		return nil, err
+	}
+	return &intelRdtData{
+		root:   rootPath,
+		config: c,
+		pid:    pid,
+	}, nil
+}
+
+// Get the read-only L3 cache information
+func getL3CacheInfo() (*L3CacheInfo, error) {
+	l3CacheInfo := &L3CacheInfo{}
+
+	rootPath, err := getIntelRdtRoot()
+	if err != nil {
+		return l3CacheInfo, err
+	}
+
+	path := filepath.Join(rootPath, "info", "L3")
+	cbmMask, err := getIntelRdtParamString(path, "cbm_mask")
+	if err != nil {
+		return l3CacheInfo, err
+	}
+	minCbmBits, err := getIntelRdtParamUint(path, "min_cbm_bits")
+	if err != nil {
+		return l3CacheInfo, err
+	}
+	numClosids, err := getIntelRdtParamUint(path, "num_closids")
+	if err != nil {
+		return l3CacheInfo, err
+	}
+
+	l3CacheInfo.CbmMask = cbmMask
+	l3CacheInfo.MinCbmBits = minCbmBits
+	l3CacheInfo.NumClosids = numClosids
+
+	return l3CacheInfo, nil
+}
+
+// WriteIntelRdtTasks writes the specified pid into the "tasks" file
+func WriteIntelRdtTasks(dir string, pid int) error {
+	if dir == "" {
+		return fmt.Errorf("no such directory for %s", IntelRdtTasks)
+	}
+
+	// Dont attach any pid if -1 is specified as a pid
+	if pid != -1 {
+		if err := ioutil.WriteFile(filepath.Join(dir, IntelRdtTasks), []byte(strconv.Itoa(pid)), 0700); err != nil {
+			return fmt.Errorf("failed to write %v to %v: %v", pid, IntelRdtTasks, err)
+		}
+	}
+	return nil
+}
+
+// Check if Intel RDT is enabled
+func IsEnabled() bool {
+	return isEnabled
+}
+
+// Get the 'container_id' path in Intel RDT "resource control" filesystem
+func GetIntelRdtPath(id string) (string, error) {
+	rootPath, err := getIntelRdtRoot()
+	if err != nil {
+		return "", err
+	}
+
+	path := filepath.Join(rootPath, id)
+	return path, nil
+}
+
+// Applies Intel RDT configuration to the process with the specified pid
+func (m *IntelRdtManager) Apply(pid int) (err error) {
+	// If intelRdt is not specified in config, we do nothing
+	if m.Config.IntelRdt == nil {
+		return nil
+	}
+	d, err := getIntelRdtData(m.Config, pid)
+	if err != nil && !IsNotFound(err) {
+		return err
+	}
+
+	m.mu.Lock()
+	defer m.mu.Unlock()
+	path, err := d.join(m.Id)
+	if err != nil {
+		return err
+	}
+
+	m.Path = path
+	return nil
+}
+
+// Destroys the Intel RDT 'container_id' group
+func (m *IntelRdtManager) Destroy() error {
+	m.mu.Lock()
+	defer m.mu.Unlock()
+	if err := os.RemoveAll(m.Path); err != nil {
+		return err
+	}
+	m.Path = ""
+	return nil
+}
+
+// Returns Intel RDT path to save in a state file and to be able to
+// restore the object later
+func (m *IntelRdtManager) GetPath() string {
+	if m.Path == "" {
+		m.Path, _ = GetIntelRdtPath(m.Id)
+	}
+	return m.Path
+}
+
+// Returns statistics for Intel RDT
+func (m *IntelRdtManager) GetStats() (*Stats, error) {
+	// If intelRdt is not specified in config
+	if m.Config.IntelRdt == nil {
+		return nil, nil
+	}
+
+	m.mu.Lock()
+	defer m.mu.Unlock()
+	stats := NewStats()
+
+	// The read-only L3 cache information
+	l3CacheInfo, err := getL3CacheInfo()
+	if err != nil {
+		return nil, err
+	}
+	stats.L3CacheInfo = l3CacheInfo
+
+	// The read-only L3 cache schema in root
+	rootPath, err := getIntelRdtRoot()
+	if err != nil {
+		return nil, err
+	}
+	tmpRootStrings, err := getIntelRdtParamString(rootPath, "schemata")
+	if err != nil {
+		return nil, err
+	}
+	// L3 cache schema is in the first line
+	schemaRootStrings := strings.Split(tmpRootStrings, "\n")
+	stats.L3CacheSchemaRoot = schemaRootStrings[0]
+
+	// The L3 cache schema in 'container_id' group
+	tmpStrings, err := getIntelRdtParamString(m.GetPath(), "schemata")
+	if err != nil {
+		return nil, err
+	}
+	// L3 cache schema is in the first line
+	schemaStrings := strings.Split(tmpStrings, "\n")
+	stats.L3CacheSchema = schemaStrings[0]
+
+	return stats, nil
+}
+
+// Set Intel RDT "resource control" filesystem as configured.
+func (m *IntelRdtManager) Set(container *configs.Config) error {
+	path := m.GetPath()
+
+	// About L3 cache schema file:
+	// The schema has allocation masks/values for L3 cache on each socket,
+	// which contains L3 cache id and capacity bitmask (CBM).
+	//     Format: "L3:<cache_id0>=<cbm0>;<cache_id1>=<cbm1>;..."
+	// For example, on a two-socket machine, L3's schema line could be:
+	//     L3:0=ff;1=c0
+	// Which means L3 cache id 0's CBM is 0xff, and L3 cache id 1's CBM is 0xc0.
+	//
+	// About L3 cache CBM validity:
+	// The valid L3 cache CBM is a *contiguous bits set* and number of
+	// bits that can be set is less than the max bit. The max bits in the
+	// CBM is varied among supported Intel Xeon platforms. In Intel RDT
+	// "resource control" filesystem layout, the CBM in a group should
+	// be a subset of the CBM in root. Kernel will check if it is valid
+	// when writing.
+	// e.g., 0xfffff in root indicates the max bits of CBM is 20 bits,
+	// which mapping to entire L3 cache capacity. Some valid CBM values
+	// to set in a group: 0xf, 0xf0, 0x3ff, 0x1f00 and etc.
+	if container.IntelRdt != nil {
+		l3CacheSchema := container.IntelRdt.L3CacheSchema
+		if l3CacheSchema != "" {
+			if err := writeFile(path, "schemata", l3CacheSchema); err != nil {
+				return err
+			}
+		}
+	}
+
+	return nil
+}
+
+func (raw *intelRdtData) join(id string) (string, error) {
+	path := filepath.Join(raw.root, id)
+	if err := os.MkdirAll(path, 0755); err != nil {
+		return "", err
+	}
+
+	if err := WriteIntelRdtTasks(path, raw.pid); err != nil {
+		return "", err
+	}
+	return path, nil
+}
+
+type NotFoundError struct {
+	ResourceControl string
+}
+
+func (e *NotFoundError) Error() string {
+	return fmt.Sprintf("mountpoint for %s not found", e.ResourceControl)
+}
+
+func NewNotFoundError(res string) error {
+	return &NotFoundError{
+		ResourceControl: res,
+	}
+}
+
+func IsNotFound(err error) bool {
+	if err == nil {
+		return false
+	}
+	_, ok := err.(*NotFoundError)
+	return ok
+}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/intelrdt/stats.go b/vendor/github.com/opencontainers/runc/libcontainer/intelrdt/stats.go
new file mode 100644
index 000000000000..095c0a380cd0
--- /dev/null
+++ b/vendor/github.com/opencontainers/runc/libcontainer/intelrdt/stats.go
@@ -0,0 +1,24 @@
+// +build linux
+
+package intelrdt
+
+type L3CacheInfo struct {
+	CbmMask    string `json:"cbm_mask,omitempty"`
+	MinCbmBits uint64 `json:"min_cbm_bits,omitempty"`
+	NumClosids uint64 `json:"num_closids,omitempty"`
+}
+
+type Stats struct {
+	// The read-only L3 cache information
+	L3CacheInfo *L3CacheInfo `json:"l3_cache_info,omitempty"`
+
+	// The read-only L3 cache schema in root
+	L3CacheSchemaRoot string `json:"l3_cache_schema_root,omitempty"`
+
+	// The L3 cache schema in 'container_id' group
+	L3CacheSchema string `json:"l3_cache_schema,omitempty"`
+}
+
+func NewStats() *Stats {
+	return &Stats{}
+}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/keys/keyctl.go b/vendor/github.com/opencontainers/runc/libcontainer/keys/keyctl.go
index 82ffa7a88499..ce8b4e6b040e 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/keys/keyctl.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/keys/keyctl.go
@@ -29,7 +29,7 @@ func ModKeyringPerm(ringId KeySerial, mask, setbits uint32) error {
 		return err
 	}
 
-	res := strings.Split(string(dest), ";")
+	res := strings.Split(dest, ";")
 	if len(res) < 5 {
 		return fmt.Errorf("Destination buffer for key description is too small")
 	}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/message_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/message_linux.go
index 8829b71ad85d..ab453cde9120 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/message_linux.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/message_linux.go
@@ -18,6 +18,8 @@ const (
 	SetgroupAttr    uint16 = 27285
 	OomScoreAdjAttr uint16 = 27286
 	RootlessAttr    uint16 = 27287
+	UidmapPathAttr  uint16 = 27288
+	GidmapPathAttr  uint16 = 27289
 )
 
 type Int32msg struct {
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/mount/mount.go b/vendor/github.com/opencontainers/runc/libcontainer/mount/mount.go
new file mode 100644
index 000000000000..e8965e081bb1
--- /dev/null
+++ b/vendor/github.com/opencontainers/runc/libcontainer/mount/mount.go
@@ -0,0 +1,23 @@
+package mount
+
+// GetMounts retrieves a list of mounts for the current running process.
+func GetMounts() ([]*Info, error) {
+	return parseMountTable()
+}
+
+// Mounted looks at /proc/self/mountinfo to determine of the specified
+// mountpoint has been mounted
+func Mounted(mountpoint string) (bool, error) {
+	entries, err := parseMountTable()
+	if err != nil {
+		return false, err
+	}
+
+	// Search the table for the mountpoint
+	for _, e := range entries {
+		if e.Mountpoint == mountpoint {
+			return true, nil
+		}
+	}
+	return false, nil
+}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/mount/mount_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/mount/mount_linux.go
new file mode 100644
index 000000000000..1e5191928dec
--- /dev/null
+++ b/vendor/github.com/opencontainers/runc/libcontainer/mount/mount_linux.go
@@ -0,0 +1,82 @@
+// +build linux
+
+package mount
+
+import (
+	"bufio"
+	"fmt"
+	"io"
+	"os"
+	"strings"
+)
+
+const (
+	/* 36 35 98:0 /mnt1 /mnt2 rw,noatime master:1 - ext3 /dev/root rw,errors=continue
+	   (1)(2)(3)   (4)   (5)      (6)      (7)   (8) (9)   (10)         (11)
+
+	   (1) mount ID:  unique identifier of the mount (may be reused after umount)
+	   (2) parent ID:  ID of parent (or of self for the top of the mount tree)
+	   (3) major:minor:  value of st_dev for files on filesystem
+	   (4) root:  root of the mount within the filesystem
+	   (5) mount point:  mount point relative to the process's root
+	   (6) mount options:  per mount options
+	   (7) optional fields:  zero or more fields of the form "tag[:value]"
+	   (8) separator:  marks the end of the optional fields
+	   (9) filesystem type:  name of filesystem of the form "type[.subtype]"
+	   (10) mount source:  filesystem specific information or "none"
+	   (11) super options:  per super block options*/
+	mountinfoFormat = "%d %d %d:%d %s %s %s %s"
+)
+
+// Parse /proc/self/mountinfo because comparing Dev and ino does not work from
+// bind mounts
+func parseMountTable() ([]*Info, error) {
+	f, err := os.Open("/proc/self/mountinfo")
+	if err != nil {
+		return nil, err
+	}
+	defer f.Close()
+
+	return parseInfoFile(f)
+}
+
+func parseInfoFile(r io.Reader) ([]*Info, error) {
+	var (
+		s   = bufio.NewScanner(r)
+		out = []*Info{}
+	)
+
+	for s.Scan() {
+		if err := s.Err(); err != nil {
+			return nil, err
+		}
+
+		var (
+			p              = &Info{}
+			text           = s.Text()
+			optionalFields string
+		)
+
+		if _, err := fmt.Sscanf(text, mountinfoFormat,
+			&p.ID, &p.Parent, &p.Major, &p.Minor,
+			&p.Root, &p.Mountpoint, &p.Opts, &optionalFields); err != nil {
+			return nil, fmt.Errorf("Scanning '%s' failed: %s", text, err)
+		}
+		// Safe as mountinfo encodes mountpoints with spaces as \040.
+		index := strings.Index(text, " - ")
+		postSeparatorFields := strings.Fields(text[index+3:])
+		if len(postSeparatorFields) < 3 {
+			return nil, fmt.Errorf("Error found less than 3 fields post '-' in %q", text)
+		}
+
+		if optionalFields != "-" {
+			p.Optional = optionalFields
+		}
+
+		p.Fstype = postSeparatorFields[0]
+		p.Source = postSeparatorFields[1]
+		p.VfsOpts = strings.Join(postSeparatorFields[2:], " ")
+		out = append(out, p)
+	}
+	return out, nil
+}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/mount/mountinfo.go b/vendor/github.com/opencontainers/runc/libcontainer/mount/mountinfo.go
new file mode 100644
index 000000000000..e3fc3535e934
--- /dev/null
+++ b/vendor/github.com/opencontainers/runc/libcontainer/mount/mountinfo.go
@@ -0,0 +1,40 @@
+package mount
+
+// Info reveals information about a particular mounted filesystem. This
+// struct is populated from the content in the /proc/<pid>/mountinfo file.
+type Info struct {
+	// ID is a unique identifier of the mount (may be reused after umount).
+	ID int
+
+	// Parent indicates the ID of the mount parent (or of self for the top of the
+	// mount tree).
+	Parent int
+
+	// Major indicates one half of the device ID which identifies the device class.
+	Major int
+
+	// Minor indicates one half of the device ID which identifies a specific
+	// instance of device.
+	Minor int
+
+	// Root of the mount within the filesystem.
+	Root string
+
+	// Mountpoint indicates the mount point relative to the process's root.
+	Mountpoint string
+
+	// Opts represents mount-specific options.
+	Opts string
+
+	// Optional represents optional fields.
+	Optional string
+
+	// Fstype indicates the type of filesystem, such as EXT3.
+	Fstype string
+
+	// Source indicates filesystem specific information or "none".
+	Source string
+
+	// VfsOpts represents per super block options.
+	VfsOpts string
+}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/process.go b/vendor/github.com/opencontainers/runc/libcontainer/process.go
index f1ad0814912f..86bf7387f8c4 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/process.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/process.go
@@ -47,6 +47,10 @@ type Process struct {
 	// ExtraFiles specifies additional open files to be inherited by the container
 	ExtraFiles []*os.File
 
+	// Initial sizings for the console
+	ConsoleWidth  uint16
+	ConsoleHeight uint16
+
 	// Capabilities specify the capabilities to keep when executing the process inside the container
 	// All capabilities not specified will be dropped from the processes capability mask
 	Capabilities *configs.Capabilities
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/process_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/process_linux.go
index 50f9af574c4d..58980b0594e7 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/process_linux.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/process_linux.go
@@ -15,6 +15,7 @@ import (
 
 	"github.com/opencontainers/runc/libcontainer/cgroups"
 	"github.com/opencontainers/runc/libcontainer/configs"
+	"github.com/opencontainers/runc/libcontainer/intelrdt"
 	"github.com/opencontainers/runc/libcontainer/system"
 	"github.com/opencontainers/runc/libcontainer/utils"
 
@@ -49,6 +50,7 @@ type setnsProcess struct {
 	parentPipe    *os.File
 	childPipe     *os.File
 	cgroupPaths   map[string]string
+	intelRdtPath  string
 	config        *initConfig
 	fds           []string
 	process       *Process
@@ -83,12 +85,20 @@ func (p *setnsProcess) start() (err error) {
 	if err = p.execSetns(); err != nil {
 		return newSystemErrorWithCause(err, "executing setns process")
 	}
-	// We can't join cgroups if we're in a rootless container.
-	if !p.config.Rootless && len(p.cgroupPaths) > 0 {
+	if len(p.cgroupPaths) > 0 {
 		if err := cgroups.EnterPid(p.cgroupPaths, p.pid()); err != nil {
 			return newSystemErrorWithCausef(err, "adding pid %d to cgroups", p.pid())
 		}
 	}
+	if p.intelRdtPath != "" {
+		// if Intel RDT "resource control" filesystem path exists
+		_, err := os.Stat(p.intelRdtPath)
+		if err == nil {
+			if err := intelrdt.WriteIntelRdtTasks(p.intelRdtPath, p.pid()); err != nil {
+				return newSystemErrorWithCausef(err, "adding pid %d to Intel RDT resource control filesystem", p.pid())
+			}
+		}
+	}
 	// set rlimits, this has to be done here because we lose permissions
 	// to raise the limits once we enter a user-namespace
 	if err := setupRlimits(p.config.Rlimits, p.pid()); err != nil {
@@ -193,16 +203,17 @@ func (p *setnsProcess) setExternalDescriptors(newFds []string) {
 }
 
 type initProcess struct {
-	cmd           *exec.Cmd
-	parentPipe    *os.File
-	childPipe     *os.File
-	config        *initConfig
-	manager       cgroups.Manager
-	container     *linuxContainer
-	fds           []string
-	process       *Process
-	bootstrapData io.Reader
-	sharePidns    bool
+	cmd             *exec.Cmd
+	parentPipe      *os.File
+	childPipe       *os.File
+	config          *initConfig
+	manager         cgroups.Manager
+	intelRdtManager intelrdt.Manager
+	container       *linuxContainer
+	fds             []string
+	process         *Process
+	bootstrapData   io.Reader
+	sharePidns      bool
 }
 
 func (p *initProcess) pid() int {
@@ -261,12 +272,35 @@ func (p *initProcess) start() error {
 		p.process.ops = nil
 		return newSystemErrorWithCause(err, "starting init process command")
 	}
+	// Do this before syncing with child so that no children can escape the
+	// cgroup. We don't need to worry about not doing this and not being root
+	// because we'd be using the rootless cgroup manager in that case.
+	if err := p.manager.Apply(p.pid()); err != nil {
+		return newSystemErrorWithCause(err, "applying cgroup configuration for process")
+	}
+	if p.intelRdtManager != nil {
+		if err := p.intelRdtManager.Apply(p.pid()); err != nil {
+			return newSystemErrorWithCause(err, "applying Intel RDT configuration for process")
+		}
+	}
+	defer func() {
+		if err != nil {
+			// TODO: should not be the responsibility to call here
+			p.manager.Destroy()
+			if p.intelRdtManager != nil {
+				p.intelRdtManager.Destroy()
+			}
+		}
+	}()
+
 	if _, err := io.Copy(p.parentPipe, p.bootstrapData); err != nil {
 		return newSystemErrorWithCause(err, "copying bootstrap data to pipe")
 	}
+
 	if err := p.execSetns(); err != nil {
 		return newSystemErrorWithCause(err, "running exec setns process for init")
 	}
+
 	// Save the standard descriptor names before the container process
 	// can potentially move them (e.g., via dup2()).  If we don't do this now,
 	// we won't know at checkpoint time which file descriptor to look up.
@@ -275,18 +309,6 @@ func (p *initProcess) start() error {
 		return newSystemErrorWithCausef(err, "getting pipe fds for pid %d", p.pid())
 	}
 	p.setExternalDescriptors(fds)
-	// Do this before syncing with child so that no children can escape the
-	// cgroup. We don't need to worry about not doing this and not being root
-	// because we'd be using the rootless cgroup manager in that case.
-	if err := p.manager.Apply(p.pid()); err != nil {
-		return newSystemErrorWithCause(err, "applying cgroup configuration for process")
-	}
-	defer func() {
-		if err != nil {
-			// TODO: should not be the responsibility to call here
-			p.manager.Destroy()
-		}
-	}()
 	if err := p.createNetworkInterfaces(); err != nil {
 		return newSystemErrorWithCause(err, "creating network interfaces")
 	}
@@ -312,13 +334,20 @@ func (p *initProcess) start() error {
 				if err := p.manager.Set(p.config.Config); err != nil {
 					return newSystemErrorWithCause(err, "setting cgroup config for ready process")
 				}
+				if p.intelRdtManager != nil {
+					if err := p.intelRdtManager.Set(p.config.Config); err != nil {
+						return newSystemErrorWithCause(err, "setting Intel RDT config for ready process")
+					}
+				}
 
 				if p.config.Config.Hooks != nil {
+					bundle, annotations := utils.Annotations(p.container.config.Labels)
 					s := configs.HookState{
-						Version: p.container.config.Version,
-						ID:      p.container.id,
-						Pid:     p.pid(),
-						Bundle:  utils.SearchLabels(p.config.Config.Labels, "bundle"),
+						Version:     p.container.config.Version,
+						ID:          p.container.id,
+						Pid:         p.pid(),
+						Bundle:      bundle,
+						Annotations: annotations,
 					}
 					for i, hook := range p.config.Config.Hooks.Prestart {
 						if err := hook.Run(s); err != nil {
@@ -337,12 +366,19 @@ func (p *initProcess) start() error {
 			if err := p.manager.Set(p.config.Config); err != nil {
 				return newSystemErrorWithCause(err, "setting cgroup config for procHooks process")
 			}
+			if p.intelRdtManager != nil {
+				if err := p.intelRdtManager.Set(p.config.Config); err != nil {
+					return newSystemErrorWithCause(err, "setting Intel RDT config for procHooks process")
+				}
+			}
 			if p.config.Config.Hooks != nil {
+				bundle, annotations := utils.Annotations(p.container.config.Labels)
 				s := configs.HookState{
-					Version: p.container.config.Version,
-					ID:      p.container.id,
-					Pid:     p.pid(),
-					Bundle:  utils.SearchLabels(p.config.Config.Labels, "bundle"),
+					Version:     p.container.config.Version,
+					ID:          p.container.id,
+					Pid:         p.pid(),
+					Bundle:      bundle,
+					Annotations: annotations,
 				}
 				for i, hook := range p.config.Config.Hooks.Prestart {
 					if err := hook.Run(s); err != nil {
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/rootfs_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/rootfs_linux.go
index e2e734a85660..73ee2bd691ac 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/rootfs_linux.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/rootfs_linux.go
@@ -13,11 +13,11 @@ import (
 	"strings"
 	"time"
 
-	"github.com/docker/docker/pkg/mount"
-	"github.com/docker/docker/pkg/symlink"
+	"github.com/cyphar/filepath-securejoin"
 	"github.com/mrunalp/fileutils"
 	"github.com/opencontainers/runc/libcontainer/cgroups"
 	"github.com/opencontainers/runc/libcontainer/configs"
+	"github.com/opencontainers/runc/libcontainer/mount"
 	"github.com/opencontainers/runc/libcontainer/system"
 	libcontainerUtils "github.com/opencontainers/runc/libcontainer/utils"
 	"github.com/opencontainers/selinux/go-selinux/label"
@@ -40,7 +40,8 @@ func needsSetupDev(config *configs.Config) bool {
 // prepareRootfs sets up the devices, mount points, and filesystems for use
 // inside a new mount namespace. It doesn't set anything as ro. You must call
 // finalizeRootfs after this function to finish setting up the rootfs.
-func prepareRootfs(pipe io.ReadWriter, config *configs.Config) (err error) {
+func prepareRootfs(pipe io.ReadWriter, iConfig *initConfig) (err error) {
+	config := iConfig.Config
 	if err := prepareRoot(config); err != nil {
 		return newSystemErrorWithCause(err, "preparing rootfs")
 	}
@@ -80,6 +81,7 @@ func prepareRootfs(pipe io.ReadWriter, config *configs.Config) (err error) {
 	// The hooks are run after the mounts are setup, but before we switch to the new
 	// root, so that the old root is still available in the hooks for any mount
 	// manipulations.
+	// Note that iConfig.Cwd is not guaranteed to exist here.
 	if err := syncParentHooks(pipe); err != nil {
 		return err
 	}
@@ -98,8 +100,10 @@ func prepareRootfs(pipe io.ReadWriter, config *configs.Config) (err error) {
 
 	if config.NoPivotRoot {
 		err = msMoveRoot(config.Rootfs)
-	} else {
+	} else if config.Namespaces.Contains(configs.NEWNS) {
 		err = pivotRoot(config.Rootfs)
+	} else {
+		err = chroot(config.Rootfs)
 	}
 	if err != nil {
 		return newSystemErrorWithCause(err, "jailing process inside rootfs")
@@ -111,6 +115,14 @@ func prepareRootfs(pipe io.ReadWriter, config *configs.Config) (err error) {
 		}
 	}
 
+	if cwd := iConfig.Cwd; cwd != "" {
+		// Note that spec.Process.Cwd can contain unclean value like  "../../../../foo/bar...".
+		// However, we are safe to call MkDirAll directly because we are in the jail here.
+		if err := os.MkdirAll(cwd, 0755); err != nil {
+			return err
+		}
+	}
+
 	return nil
 }
 
@@ -230,7 +242,7 @@ func mountToRootfs(m *configs.Mount, rootfs, mountLabel string) error {
 		// any previous mounts can invalidate the next mount's destination.
 		// this can happen when a user specifies mounts within other mounts to cause breakouts or other
 		// evil stuff to try to escape the container's rootfs.
-		if dest, err = symlink.FollowSymlinkInScope(dest, rootfs); err != nil {
+		if dest, err = securejoin.SecureJoin(rootfs, m.Destination); err != nil {
 			return err
 		}
 		if err := checkMountDestination(rootfs, dest); err != nil {
@@ -318,7 +330,7 @@ func mountToRootfs(m *configs.Mount, rootfs, mountLabel string) error {
 		// this can happen when a user specifies mounts within other mounts to cause breakouts or other
 		// evil stuff to try to escape the container's rootfs.
 		var err error
-		if dest, err = symlink.FollowSymlinkInScope(dest, rootfs); err != nil {
+		if dest, err = securejoin.SecureJoin(rootfs, m.Destination); err != nil {
 			return err
 		}
 		if err := checkMountDestination(rootfs, dest); err != nil {
@@ -668,9 +680,12 @@ func pivotRoot(rootfs string) error {
 		return err
 	}
 
-	// Make oldroot rprivate to make sure our unmounts don't propagate to the
-	// host (and thus bork the machine).
-	if err := unix.Mount("", ".", "", unix.MS_PRIVATE|unix.MS_REC, ""); err != nil {
+	// Make oldroot rslave to make sure our unmounts don't propagate to the
+	// host (and thus bork the machine). We don't use rprivate because this is
+	// known to cause issues due to races where we still have a reference to a
+	// mount while a process in the host namespace are trying to operate on
+	// something they think has no mounts (devicemapper in particular).
+	if err := unix.Mount("", ".", "", unix.MS_SLAVE|unix.MS_REC, ""); err != nil {
 		return err
 	}
 	// Preform the unmount. MNT_DETACH allows us to unmount /proc/self/cwd.
@@ -689,6 +704,10 @@ func msMoveRoot(rootfs string) error {
 	if err := unix.Mount(rootfs, "/", "", unix.MS_MOVE, ""); err != nil {
 		return err
 	}
+	return chroot(rootfs)
+}
+
+func chroot(rootfs string) error {
 	if err := unix.Chroot("."); err != nil {
 		return err
 	}
@@ -733,7 +752,14 @@ func remountReadonly(m *configs.Mount) error {
 		flags = m.Flags
 	)
 	for i := 0; i < 5; i++ {
-		if err := unix.Mount("", dest, "", uintptr(flags|unix.MS_REMOUNT|unix.MS_RDONLY), ""); err != nil {
+		// There is a special case in the kernel for
+		// MS_REMOUNT | MS_BIND, which allows us to change only the
+		// flags even as an unprivileged user (i.e. user namespace)
+		// assuming we don't drop any security related flags (nodev,
+		// nosuid, etc.). So, let's use that case so that we can do
+		// this re-mount without failing in a userns.
+		flags |= unix.MS_REMOUNT | unix.MS_BIND | unix.MS_RDONLY
+		if err := unix.Mount("", dest, "", uintptr(flags), ""); err != nil {
 			switch err {
 			case unix.EBUSY:
 				time.Sleep(100 * time.Millisecond)
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/seccomp/seccomp_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/seccomp/seccomp_linux.go
index 2523cbf9901b..d99f3fe640c6 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/seccomp/seccomp_linux.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/seccomp/seccomp_linux.go
@@ -22,6 +22,11 @@ var (
 	actErrno = libseccomp.ActErrno.SetReturnCode(int16(unix.EPERM))
 )
 
+const (
+	// Linux system calls can have at most 6 arguments
+	syscallMaxArguments int = 6
+)
+
 // Filters given syscalls in a container, preventing them from being used
 // Started in the container init process, and carried over to all child processes
 // Setns calls, however, require a separate invocation, as they are not children
@@ -45,11 +50,11 @@ func InitSeccomp(config *configs.Seccomp) error {
 	for _, arch := range config.Architectures {
 		scmpArch, err := libseccomp.GetArchFromString(arch)
 		if err != nil {
-			return err
+			return fmt.Errorf("error validating Seccomp architecture: %s", err)
 		}
 
 		if err := filter.AddArch(scmpArch); err != nil {
-			return err
+			return fmt.Errorf("error adding architecture to seccomp filter: %s", err)
 		}
 	}
 
@@ -170,29 +175,55 @@ func matchCall(filter *libseccomp.ScmpFilter, call *configs.Syscall) error {
 	// Convert the call's action to the libseccomp equivalent
 	callAct, err := getAction(call.Action)
 	if err != nil {
-		return err
+		return fmt.Errorf("action in seccomp profile is invalid: %s", err)
 	}
 
 	// Unconditional match - just add the rule
 	if len(call.Args) == 0 {
 		if err = filter.AddRule(callNum, callAct); err != nil {
-			return err
+			return fmt.Errorf("error adding seccomp filter rule for syscall %s: %s", call.Name, err)
 		}
 	} else {
-		// Conditional match - convert the per-arg rules into library format
+		// If two or more arguments have the same condition,
+		// Revert to old behavior, adding each condition as a separate rule
+		argCounts := make([]uint, syscallMaxArguments)
 		conditions := []libseccomp.ScmpCondition{}
 
 		for _, cond := range call.Args {
 			newCond, err := getCondition(cond)
 			if err != nil {
-				return err
+				return fmt.Errorf("error creating seccomp syscall condition for syscall %s: %s", call.Name, err)
 			}
 
+			argCounts[cond.Index] += 1
+
 			conditions = append(conditions, newCond)
 		}
 
-		if err = filter.AddRuleConditional(callNum, callAct, conditions); err != nil {
-			return err
+		hasMultipleArgs := false
+		for _, count := range argCounts {
+			if count > 1 {
+				hasMultipleArgs = true
+				break
+			}
+		}
+
+		if hasMultipleArgs {
+			// Revert to old behavior
+			// Add each condition attached to a separate rule
+			for _, cond := range conditions {
+				condArr := []libseccomp.ScmpCondition{cond}
+
+				if err = filter.AddRuleConditional(callNum, callAct, condArr); err != nil {
+					return fmt.Errorf("error adding seccomp rule for syscall %s: %s", call.Name, err)
+				}
+			}
+		} else {
+			// No conditions share same argument
+			// Use new, proper behavior
+			if err = filter.AddRuleConditional(callNum, callAct, conditions); err != nil {
+				return fmt.Errorf("error adding seccomp rule for syscall %s: %s", call.Name, err)
+			}
 		}
 	}
 
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/setgroups_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/setgroups_linux.go
deleted file mode 100644
index c7bdb605aa88..000000000000
--- a/vendor/github.com/opencontainers/runc/libcontainer/setgroups_linux.go
+++ /dev/null
@@ -1,11 +0,0 @@
-// +build linux,go1.5
-
-package libcontainer
-
-import "syscall"
-
-// Set the GidMappingsEnableSetgroups member to true, so the process's
-// setgroups proc entry wont be set to 'deny' if GidMappings are set
-func enableSetgroups(sys *syscall.SysProcAttr) {
-	sys.GidMappingsEnableSetgroups = true
-}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/setns_init_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/setns_init_linux.go
index 35b84219c5df..096c601e7675 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/setns_init_linux.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/setns_init_linux.go
@@ -47,7 +47,10 @@ func (l *linuxSetnsInit) Init() error {
 			return err
 		}
 	}
-	if l.config.Config.Seccomp != nil {
+	// Without NoNewPrivileges seccomp is a privileged operation, so we need to
+	// do this before dropping capabilities; otherwise do it as late as possible
+	// just before execve so as few syscalls take place after it as possible.
+	if l.config.Config.Seccomp != nil && !l.config.NoNewPrivileges {
 		if err := seccomp.InitSeccomp(l.config.Config.Seccomp); err != nil {
 			return err
 		}
@@ -61,5 +64,13 @@ func (l *linuxSetnsInit) Init() error {
 	if err := label.SetProcessLabel(l.config.ProcessLabel); err != nil {
 		return err
 	}
+	// Set seccomp as close to execve as possible, so as few syscalls take
+	// place afterward (reducing the amount of syscalls that users need to
+	// enable in their seccomp profiles).
+	if l.config.Config.Seccomp != nil && l.config.NoNewPrivileges {
+		if err := seccomp.InitSeccomp(l.config.Config.Seccomp); err != nil {
+			return newSystemErrorWithCause(err, "init seccomp")
+		}
+	}
 	return system.Execv(l.config.Args[0], l.config.Args[0:], os.Environ())
 }
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/standard_init_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/standard_init_linux.go
index fbcf3a6ac024..02ea753eda3c 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/standard_init_linux.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/standard_init_linux.go
@@ -30,15 +30,15 @@ func (l *linuxStandardInit) getSessionRingParams() (string, uint32, uint32) {
 	var newperms uint32
 
 	if l.config.Config.Namespaces.Contains(configs.NEWUSER) {
-		// with user ns we need 'other' search permissions
+		// With user ns we need 'other' search permissions.
 		newperms = 0x8
 	} else {
-		// without user ns we need 'UID' search permissions
+		// Without user ns we need 'UID' search permissions.
 		newperms = 0x80000
 	}
 
-	// create a unique per session container name that we can
-	// join in setns; however, other containers can also join it
+	// Create a unique per session container name that we can join in setns;
+	// However, other containers can also join it.
 	return fmt.Sprintf("_ses.%s", l.config.ContainerId), 0xffffffff, newperms
 }
 
@@ -46,12 +46,12 @@ func (l *linuxStandardInit) Init() error {
 	if !l.config.Config.NoNewKeyring {
 		ringname, keepperms, newperms := l.getSessionRingParams()
 
-		// do not inherit the parent's session keyring
+		// Do not inherit the parent's session keyring.
 		sessKeyId, err := keys.JoinSessionKeyring(ringname)
 		if err != nil {
 			return err
 		}
-		// make session keyring searcheable
+		// Make session keyring searcheable.
 		if err := keys.ModKeyringPerm(sessKeyId, keepperms, newperms); err != nil {
 			return err
 		}
@@ -65,14 +65,9 @@ func (l *linuxStandardInit) Init() error {
 	}
 
 	label.Init()
-
-	// prepareRootfs() can be executed only for a new mount namespace.
-	if l.config.Config.Namespaces.Contains(configs.NEWNS) {
-		if err := prepareRootfs(l.pipe, l.config.Config); err != nil {
-			return err
-		}
+	if err := prepareRootfs(l.pipe, l.config); err != nil {
+		return err
 	}
-
 	// Set up the console. This has to be done *before* we finalize the rootfs,
 	// but *after* we've given the user the chance to set up all of the mounts
 	// they wanted.
@@ -150,19 +145,20 @@ func (l *linuxStandardInit) Init() error {
 	if err := pdeath.Restore(); err != nil {
 		return err
 	}
-	// compare the parent from the initial start of the init process and make sure that it did not change.
-	// if the parent changes that means it died and we were reparented to something else so we should
-	// just kill ourself and not cause problems for someone else.
+	// Compare the parent from the initial start of the init process and make
+	// sure that it did not change.  if the parent changes that means it died
+	// and we were reparented to something else so we should just kill ourself
+	// and not cause problems for someone else.
 	if unix.Getppid() != l.parentPid {
 		return unix.Kill(unix.Getpid(), unix.SIGKILL)
 	}
-	// check for the arg before waiting to make sure it exists and it is returned
-	// as a create time error.
+	// Check for the arg before waiting to make sure it exists and it is
+	// returned as a create time error.
 	name, err := exec.LookPath(l.config.Args[0])
 	if err != nil {
 		return err
 	}
-	// close the pipe to signal that we have completed our init.
+	// Close the pipe to signal that we have completed our init.
 	l.pipe.Close()
 	// Wait for the FIFO to be opened on the other side before exec-ing the
 	// user process. We open it through /proc/self/fd/$fd, because the fd that
@@ -170,19 +166,26 @@ func (l *linuxStandardInit) Init() error {
 	// re-open an O_PATH fd through /proc.
 	fd, err := unix.Open(fmt.Sprintf("/proc/self/fd/%d", l.fifoFd), unix.O_WRONLY|unix.O_CLOEXEC, 0)
 	if err != nil {
-		return newSystemErrorWithCause(err, "openat exec fifo")
+		return newSystemErrorWithCause(err, "open exec fifo")
 	}
 	if _, err := unix.Write(fd, []byte("0")); err != nil {
 		return newSystemErrorWithCause(err, "write 0 exec fifo")
 	}
+	// Close the O_PATH fifofd fd before exec because the kernel resets
+	// dumpable in the wrong order. This has been fixed in newer kernels, but
+	// we keep this to ensure CVE-2016-9962 doesn't re-emerge on older kernels.
+	// N.B. the core issue itself (passing dirfds to the host filesystem) has
+	// since been resolved.
+	// https://github.com/torvalds/linux/blob/v4.9/fs/exec.c#L1290-L1318
+	unix.Close(l.fifoFd)
+	// Set seccomp as close to execve as possible, so as few syscalls take
+	// place afterward (reducing the amount of syscalls that users need to
+	// enable in their seccomp profiles).
 	if l.config.Config.Seccomp != nil && l.config.NoNewPrivileges {
 		if err := seccomp.InitSeccomp(l.config.Config.Seccomp); err != nil {
 			return newSystemErrorWithCause(err, "init seccomp")
 		}
 	}
-	// close the statedir fd before exec because the kernel resets dumpable in the wrong order
-	// https://github.com/torvalds/linux/blob/v4.9/fs/exec.c#L1290-L1318
-	unix.Close(l.fifoFd)
 	if err := syscall.Exec(name, l.config.Args[0:], os.Environ()); err != nil {
 		return newSystemErrorWithCause(err, "exec user process")
 	}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/state_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/state_linux.go
index 44fa6b43a8db..b45ce23e4a5b 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/state_linux.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/state_linux.go
@@ -45,6 +45,11 @@ func destroy(c *linuxContainer) error {
 		}
 	}
 	err := c.cgroupManager.Destroy()
+	if c.intelRdtManager != nil {
+		if ierr := c.intelRdtManager.Destroy(); err == nil {
+			err = ierr
+		}
+	}
 	if rerr := os.RemoveAll(c.root); err == nil {
 		err = rerr
 	}
@@ -58,10 +63,12 @@ func destroy(c *linuxContainer) error {
 
 func runPoststopHooks(c *linuxContainer) error {
 	if c.config.Hooks != nil {
+		bundle, annotations := utils.Annotations(c.config.Labels)
 		s := configs.HookState{
-			Version: c.config.Version,
-			ID:      c.id,
-			Bundle:  utils.SearchLabels(c.config.Labels, "bundle"),
+			Version:     c.config.Version,
+			ID:          c.id,
+			Bundle:      bundle,
+			Annotations: annotations,
 		}
 		for _, hook := range c.config.Hooks.Poststop {
 			if err := hook.Run(s); err != nil {
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/stats_freebsd.go b/vendor/github.com/opencontainers/runc/libcontainer/stats_freebsd.go
deleted file mode 100644
index f8d1d689ceea..000000000000
--- a/vendor/github.com/opencontainers/runc/libcontainer/stats_freebsd.go
+++ /dev/null
@@ -1,5 +0,0 @@
-package libcontainer
-
-type Stats struct {
-	Interfaces []*NetworkInterface
-}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/stats_linux.go b/vendor/github.com/opencontainers/runc/libcontainer/stats_linux.go
index c629dc67de96..29fd641e9dd1 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/stats_linux.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/stats_linux.go
@@ -1,8 +1,10 @@
 package libcontainer
 
 import "github.com/opencontainers/runc/libcontainer/cgroups"
+import "github.com/opencontainers/runc/libcontainer/intelrdt"
 
 type Stats struct {
-	Interfaces  []*NetworkInterface
-	CgroupStats *cgroups.Stats
+	Interfaces    []*NetworkInterface
+	CgroupStats   *cgroups.Stats
+	IntelRdtStats *intelrdt.Stats
 }
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/stats_solaris.go b/vendor/github.com/opencontainers/runc/libcontainer/stats_solaris.go
deleted file mode 100644
index da78c1c2e155..000000000000
--- a/vendor/github.com/opencontainers/runc/libcontainer/stats_solaris.go
+++ /dev/null
@@ -1,7 +0,0 @@
-package libcontainer
-
-// Solaris - TODO
-
-type Stats struct {
-	Interfaces []*NetworkInterface
-}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/stats_windows.go b/vendor/github.com/opencontainers/runc/libcontainer/stats_windows.go
deleted file mode 100644
index f8d1d689ceea..000000000000
--- a/vendor/github.com/opencontainers/runc/libcontainer/stats_windows.go
+++ /dev/null
@@ -1,5 +0,0 @@
-package libcontainer
-
-type Stats struct {
-	Interfaces []*NetworkInterface
-}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/system/linux.go b/vendor/github.com/opencontainers/runc/libcontainer/system/linux.go
index 4837085a7fd4..5f124cd8bbc7 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/system/linux.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/system/linux.go
@@ -134,3 +134,14 @@ func RunningInUserNS() bool {
 func SetSubreaper(i int) error {
 	return unix.Prctl(PR_SET_CHILD_SUBREAPER, uintptr(i), 0, 0, 0)
 }
+
+// GetSubreaper returns the subreaper setting for the calling process
+func GetSubreaper() (int, error) {
+	var i uintptr
+
+	if err := unix.Prctl(unix.PR_GET_CHILD_SUBREAPER, uintptr(unsafe.Pointer(&i)), 0, 0, 0); err != nil {
+		return -1, err
+	}
+
+	return int(i), nil
+}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_386.go b/vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_32.go
similarity index 93%
rename from vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_386.go
rename to vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_32.go
index 3f7235ed1544..c5ca5d86235b 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_386.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_32.go
@@ -1,4 +1,5 @@
-// +build linux,386
+// +build linux
+// +build 386 arm
 
 package system
 
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_64.go b/vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_64.go
index d7891a2ffa0d..11c3faafbf0b 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_64.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_64.go
@@ -1,4 +1,5 @@
-// +build linux,arm64 linux,amd64 linux,ppc linux,ppc64 linux,ppc64le linux,s390x
+// +build linux
+// +build arm64 amd64 mips mipsle mips64 mips64le ppc ppc64 ppc64le s390x
 
 package system
 
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_arm.go b/vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_arm.go
deleted file mode 100644
index 31ff3deb1351..000000000000
--- a/vendor/github.com/opencontainers/runc/libcontainer/system/syscall_linux_arm.go
+++ /dev/null
@@ -1,25 +0,0 @@
-// +build linux,arm
-
-package system
-
-import (
-	"golang.org/x/sys/unix"
-)
-
-// Setuid sets the uid of the calling thread to the specified uid.
-func Setuid(uid int) (err error) {
-	_, _, e1 := unix.RawSyscall(unix.SYS_SETUID32, uintptr(uid), 0, 0)
-	if e1 != 0 {
-		err = e1
-	}
-	return
-}
-
-// Setgid sets the gid of the calling thread to the specified gid.
-func Setgid(gid int) (err error) {
-	_, _, e1 := unix.RawSyscall(unix.SYS_SETGID32, uintptr(gid), 0, 0)
-	if e1 != 0 {
-		err = e1
-	}
-	return
-}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/system/sysconfig.go b/vendor/github.com/opencontainers/runc/libcontainer/system/sysconfig.go
index b3a07cba3efa..b8434f10500b 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/system/sysconfig.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/system/sysconfig.go
@@ -1,4 +1,4 @@
-// +build cgo,linux cgo,freebsd
+// +build cgo,linux
 
 package system
 
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/user/lookup_unsupported.go b/vendor/github.com/opencontainers/runc/libcontainer/user/lookup_unsupported.go
deleted file mode 100644
index 4a8d00acbd57..000000000000
--- a/vendor/github.com/opencontainers/runc/libcontainer/user/lookup_unsupported.go
+++ /dev/null
@@ -1,38 +0,0 @@
-// +build !darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris
-
-package user
-
-import (
-	"io"
-	"syscall"
-)
-
-func GetPasswdPath() (string, error) {
-	return "", ErrUnsupported
-}
-
-func GetPasswd() (io.ReadCloser, error) {
-	return nil, ErrUnsupported
-}
-
-func GetGroupPath() (string, error) {
-	return "", ErrUnsupported
-}
-
-func GetGroup() (io.ReadCloser, error) {
-	return nil, ErrUnsupported
-}
-
-// CurrentUser looks up the current user by their user id in /etc/passwd. If the
-// user cannot be found (or there is no /etc/passwd file on the filesystem),
-// then CurrentUser returns an error.
-func CurrentUser() (User, error) {
-	return LookupUid(syscall.Getuid())
-}
-
-// CurrentGroup looks up the current user's group by their primary group id's
-// entry in /etc/passwd. If the group cannot be found (or there is no
-// /etc/group file on the filesystem), then CurrentGroup returns an error.
-func CurrentGroup() (Group, error) {
-	return LookupGid(syscall.Getgid())
-}
diff --git a/vendor/github.com/opencontainers/runc/libcontainer/utils/cmsg.go b/vendor/github.com/opencontainers/runc/libcontainer/utils/cmsg.go
index 2cbb6491a707..c8a9364d54d7 100644
--- a/vendor/github.com/opencontainers/runc/libcontainer/utils/cmsg.go
+++ b/vendor/github.com/opencontainers/runc/libcontainer/utils/cmsg.go
@@ -84,12 +84,10 @@ func RecvFd(socket *os.File) (*os.File, error) {
 // addition, the file.Name() of the given file will also be sent as
 // non-auxiliary data in the same payload (allowing to send contextual
 // information for a file descriptor).
-func SendFd(socket, file *os.File) error {
-	name := []byte(file.Name())
+func SendFd(socket *os.File, name string, fd uintptr) error {
 	if len(name) >= MaxNameLen {
-		return fmt.Errorf("sendfd: filename too long: %s", file.Name())
+		return fmt.Errorf("sendfd: filename too long: %s", name)
 	}
-	oob := unix.UnixRights(int(file.Fd()))
-
-	return unix.Sendmsg(int(socket.Fd()), name, oob, nil, 0)
+	oob := unix.UnixRights(int(fd))
+	return unix.Sendmsg(int(socket.Fd()), []byte(name), oob, nil, 0)
 }
diff --git a/vendor/github.com/pquerna/cachecontrol/.travis.yml b/vendor/github.com/pquerna/cachecontrol/.travis.yml
new file mode 100644
index 000000000000..f140b4971bf0
--- /dev/null
+++ b/vendor/github.com/pquerna/cachecontrol/.travis.yml
@@ -0,0 +1,10 @@
+language: go
+
+install:
+  - go get -d -v ./...
+  - go get -u github.com/stretchr/testify/require
+
+go:
+  - 1.7
+  - 1.8
+  - tip
diff --git a/vendor/github.com/square/go-jose/LICENSE b/vendor/github.com/pquerna/cachecontrol/LICENSE
similarity index 100%
rename from vendor/github.com/square/go-jose/LICENSE
rename to vendor/github.com/pquerna/cachecontrol/LICENSE
diff --git a/vendor/github.com/pquerna/cachecontrol/README.md b/vendor/github.com/pquerna/cachecontrol/README.md
new file mode 100644
index 000000000000..da0b428f307b
--- /dev/null
+++ b/vendor/github.com/pquerna/cachecontrol/README.md
@@ -0,0 +1,107 @@
+# cachecontrol: HTTP Caching Parser and Interpretation
+
+[![GoDoc](https://godoc.org/github.com/pquerna/cachecontrol?status.svg)](https://godoc.org/github.com/pquerna/cachecontrol)[![Build Status](https://travis-ci.org/pquerna/cachecontrol.svg?branch=master)](https://travis-ci.org/pquerna/cachecontrol)
+
+ 
+
+`cachecontrol` implements [RFC 7234](http://tools.ietf.org/html/rfc7234) __Hypertext Transfer Protocol (HTTP/1.1): Caching__.  It does this by parsing the `Cache-Control` and other headers, providing information about requests and responses -- but `cachecontrol` does not implement an actual cache backend, just the control plane to make decisions about if a particular response is cachable.
+
+# Usage
+
+`cachecontrol.CachableResponse` returns an array of [reasons](https://godoc.org/github.com/pquerna/cachecontrol/cacheobject#Reason) why a response should not be cached and when it expires.  In the case that `len(reasons) == 0`, the response is cachable according to the RFC.  However, some people want non-compliant caches for various business use cases, so each reason is specifically named, so if your cache wants to cache `POST` requests, it can easily do that, but still be RFC compliant in other situations.
+
+# Examples
+
+## Can you cache Example.com?
+
+```go
+package main
+
+import (
+	"github.com/pquerna/cachecontrol"
+
+	"fmt"
+	"io/ioutil"
+	"net/http"
+)
+
+func main() {
+	req, _ := http.NewRequest("GET", "http://www.example.com/", nil)
+
+	res, _ := http.DefaultClient.Do(req)
+	_, _ = ioutil.ReadAll(res.Body)
+
+	reasons, expires, _ := cachecontrol.CachableResponse(req, res, cachecontrol.Options{})
+
+	fmt.Println("Reasons to not cache: ", reasons)
+	fmt.Println("Expiration: ", expires.String())
+}
+```
+
+## Can I use this in a high performance caching server?
+
+`cachecontrol` is divided into two packages: `cachecontrol` with a high level API, and a lower level `cacheobject` package.  Use [Object](https://godoc.org/github.com/pquerna/cachecontrol/cacheobject#Object) in a high performance use case where you have previously parsed headers containing dates or would like to avoid memory allocations.
+
+```go
+package main
+
+import (
+	"github.com/pquerna/cachecontrol/cacheobject"
+
+	"fmt"
+	"io/ioutil"
+	"net/http"
+)
+
+func main() {
+	req, _ := http.NewRequest("GET", "http://www.example.com/", nil)
+
+	res, _ := http.DefaultClient.Do(req)
+	_, _ = ioutil.ReadAll(res.Body)
+
+	reqDir, _ := cacheobject.ParseRequestCacheControl(req.Header.Get("Cache-Control"))
+
+	resDir, _ := cacheobject.ParseResponseCacheControl(res.Header.Get("Cache-Control"))
+	expiresHeader, _ := http.ParseTime(res.Header.Get("Expires"))
+	dateHeader, _ := http.ParseTime(res.Header.Get("Date"))
+	lastModifiedHeader, _ := http.ParseTime(res.Header.Get("Last-Modified"))
+
+	obj := cacheobject.Object{
+		RespDirectives:         resDir,
+		RespHeaders:            res.Header,
+		RespStatusCode:         res.StatusCode,
+		RespExpiresHeader:      expiresHeader,
+		RespDateHeader:         dateHeader,
+		RespLastModifiedHeader: lastModifiedHeader,
+
+		ReqDirectives: reqDir,
+		ReqHeaders:    req.Header,
+		ReqMethod:     req.Method,
+
+		NowUTC: time.Now().UTC(),
+	}
+	rv := cacheobject.ObjectResults{}
+
+	cacheobject.CachableObject(&obj, &rv)
+	cacheobject.ExpirationObject(&obj, &rv)
+
+	fmt.Println("Errors: ", rv.OutErr)
+	fmt.Println("Reasons to not cache: ", rv.OutReasons)
+	fmt.Println("Warning headers to add: ", rv.OutWarnings)
+	fmt.Println("Expiration: ", rv.OutExpirationTime.String())
+}
+```
+
+## Improvements, bugs, adding features, and taking cachecontrol new directions!
+
+Please [open issues in Github](https://github.com/pquerna/cachecontrol/issues) for ideas, bugs, and general thoughts.  Pull requests are of course preferred :)
+
+# Credits
+
+`cachecontrol` has recieved significant contributions from:
+
+* [Paul Querna](https://github.com/pquerna) 
+
+## License
+
+`cachecontrol` is licensed under the [Apache License, Version 2.0](./LICENSE)
diff --git a/vendor/github.com/pquerna/cachecontrol/api.go b/vendor/github.com/pquerna/cachecontrol/api.go
new file mode 100644
index 000000000000..f6f28585d16c
--- /dev/null
+++ b/vendor/github.com/pquerna/cachecontrol/api.go
@@ -0,0 +1,48 @@
+/**
+ *  Copyright 2015 Paul Querna
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package cachecontrol
+
+import (
+	"github.com/pquerna/cachecontrol/cacheobject"
+
+	"net/http"
+	"time"
+)
+
+type Options struct {
+	// Set to True for a prviate cache, which is not shared amoung users (eg, in a browser)
+	// Set to False for a "shared" cache, which is more common in a server context.
+	PrivateCache bool
+}
+
+// Given an HTTP Request, the future Status Code, and an ResponseWriter,
+// determine the possible reasons a response SHOULD NOT be cached.
+func CachableResponseWriter(req *http.Request,
+	statusCode int,
+	resp http.ResponseWriter,
+	opts Options) ([]cacheobject.Reason, time.Time, error) {
+	return cacheobject.UsingRequestResponse(req, statusCode, resp.Header(), opts.PrivateCache)
+}
+
+// Given an HTTP Request and Response, determine the possible reasons a response SHOULD NOT
+// be cached.
+func CachableResponse(req *http.Request,
+	resp *http.Response,
+	opts Options) ([]cacheobject.Reason, time.Time, error) {
+	return cacheobject.UsingRequestResponse(req, resp.StatusCode, resp.Header, opts.PrivateCache)
+}
diff --git a/vendor/github.com/pquerna/cachecontrol/cacheobject/directive.go b/vendor/github.com/pquerna/cachecontrol/cacheobject/directive.go
new file mode 100644
index 000000000000..1e2a6c2e4196
--- /dev/null
+++ b/vendor/github.com/pquerna/cachecontrol/cacheobject/directive.go
@@ -0,0 +1,510 @@
+/**
+ *  Copyright 2015 Paul Querna
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package cacheobject
+
+import (
+	"errors"
+	"math"
+	"net/http"
+	"net/textproto"
+	"strconv"
+	"strings"
+)
+
+// TODO(pquerna): add extensions from here: http://www.iana.org/assignments/http-cache-directives/http-cache-directives.xhtml
+
+var (
+	ErrQuoteMismatch         = errors.New("Missing closing quote")
+	ErrMaxAgeDeltaSeconds    = errors.New("Failed to parse delta-seconds in `max-age`")
+	ErrSMaxAgeDeltaSeconds   = errors.New("Failed to parse delta-seconds in `s-maxage`")
+	ErrMaxStaleDeltaSeconds  = errors.New("Failed to parse delta-seconds in `min-fresh`")
+	ErrMinFreshDeltaSeconds  = errors.New("Failed to parse delta-seconds in `min-fresh`")
+	ErrNoCacheNoArgs         = errors.New("Unexpected argument to `no-cache`")
+	ErrNoStoreNoArgs         = errors.New("Unexpected argument to `no-store`")
+	ErrNoTransformNoArgs     = errors.New("Unexpected argument to `no-transform`")
+	ErrOnlyIfCachedNoArgs    = errors.New("Unexpected argument to `only-if-cached`")
+	ErrMustRevalidateNoArgs  = errors.New("Unexpected argument to `must-revalidate`")
+	ErrPublicNoArgs          = errors.New("Unexpected argument to `public`")
+	ErrProxyRevalidateNoArgs = errors.New("Unexpected argument to `proxy-revalidate`")
+)
+
+func whitespace(b byte) bool {
+	if b == '\t' || b == ' ' {
+		return true
+	}
+	return false
+}
+
+func parse(value string, cd cacheDirective) error {
+	var err error = nil
+	i := 0
+
+	for i < len(value) && err == nil {
+		// eat leading whitespace or commas
+		if whitespace(value[i]) || value[i] == ',' {
+			i++
+			continue
+		}
+
+		j := i + 1
+
+		for j < len(value) {
+			if !isToken(value[j]) {
+				break
+			}
+			j++
+		}
+
+		token := strings.ToLower(value[i:j])
+		tokenHasFields := hasFieldNames(token)
+		/*
+			println("GOT TOKEN:")
+			println("	i -> ", i)
+			println("	j -> ", j)
+			println("	token -> ", token)
+		*/
+
+		if j+1 < len(value) && value[j] == '=' {
+			k := j + 1
+			// minimum size two bytes of "", but we let httpUnquote handle it.
+			if k < len(value) && value[k] == '"' {
+				eaten, result := httpUnquote(value[k:])
+				if eaten == -1 {
+					return ErrQuoteMismatch
+				}
+				i = k + eaten
+
+				err = cd.addPair(token, result)
+			} else {
+				z := k
+				for z < len(value) {
+					if tokenHasFields {
+						if whitespace(value[z]) {
+							break
+						}
+					} else {
+						if whitespace(value[z]) || value[z] == ',' {
+							break
+						}
+					}
+					z++
+				}
+				i = z
+
+				result := value[k:z]
+				if result != "" && result[len(result)-1] == ',' {
+					result = result[:len(result)-1]
+				}
+
+				err = cd.addPair(token, result)
+			}
+		} else {
+			if token != "," {
+				err = cd.addToken(token)
+			}
+			i = j
+		}
+	}
+
+	return err
+}
+
+// DeltaSeconds specifies a non-negative integer, representing
+// time in seconds: http://tools.ietf.org/html/rfc7234#section-1.2.1
+//
+// When set to -1, this means unset.
+//
+type DeltaSeconds int32
+
+// Parser for delta-seconds, a uint31, more or less:
+// http://tools.ietf.org/html/rfc7234#section-1.2.1
+func parseDeltaSeconds(v string) (DeltaSeconds, error) {
+	n, err := strconv.ParseUint(v, 10, 32)
+	if err != nil {
+		if numError, ok := err.(*strconv.NumError); ok {
+			if numError.Err == strconv.ErrRange {
+				return DeltaSeconds(math.MaxInt32), nil
+			}
+		}
+		return DeltaSeconds(-1), err
+	} else {
+		if n > math.MaxInt32 {
+			return DeltaSeconds(math.MaxInt32), nil
+		} else {
+			return DeltaSeconds(n), nil
+		}
+	}
+}
+
+// Fields present in a header.
+type FieldNames map[string]bool
+
+// internal interface for shared methods of RequestCacheDirectives and ResponseCacheDirectives
+type cacheDirective interface {
+	addToken(s string) error
+	addPair(s string, v string) error
+}
+
+// LOW LEVEL API: Repersentation of possible request directives in a `Cache-Control` header: http://tools.ietf.org/html/rfc7234#section-5.2.1
+//
+// Note: Many fields will be `nil` in practice.
+//
+type RequestCacheDirectives struct {
+
+	// max-age(delta seconds): http://tools.ietf.org/html/rfc7234#section-5.2.1.1
+	//
+	// The "max-age" request directive indicates that the client is
+	// unwilling to accept a response whose age is greater than the
+	// specified number of seconds.  Unless the max-stale request directive
+	// is also present, the client is not willing to accept a stale
+	// response.
+	MaxAge DeltaSeconds
+
+	// max-stale(delta seconds): http://tools.ietf.org/html/rfc7234#section-5.2.1.2
+	//
+	// The "max-stale" request directive indicates that the client is
+	// willing to accept a response that has exceeded its freshness
+	// lifetime.  If max-stale is assigned a value, then the client is
+	// willing to accept a response that has exceeded its freshness lifetime
+	// by no more than the specified number of seconds.  If no value is
+	// assigned to max-stale, then the client is willing to accept a stale
+	// response of any age.
+	MaxStale DeltaSeconds
+
+	// min-fresh(delta seconds): http://tools.ietf.org/html/rfc7234#section-5.2.1.3
+	//
+	// The "min-fresh" request directive indicates that the client is
+	// willing to accept a response whose freshness lifetime is no less than
+	// its current age plus the specified time in seconds.  That is, the
+	// client wants a response that will still be fresh for at least the
+	// specified number of seconds.
+	MinFresh DeltaSeconds
+
+	// no-cache(bool): http://tools.ietf.org/html/rfc7234#section-5.2.1.4
+	//
+	// The "no-cache" request directive indicates that a cache MUST NOT use
+	// a stored response to satisfy the request without successful
+	// validation on the origin server.
+	NoCache bool
+
+	// no-store(bool): http://tools.ietf.org/html/rfc7234#section-5.2.1.5
+	//
+	// The "no-store" request directive indicates that a cache MUST NOT
+	// store any part of either this request or any response to it.  This
+	// directive applies to both private and shared caches.
+	NoStore bool
+
+	// no-transform(bool): http://tools.ietf.org/html/rfc7234#section-5.2.1.6
+	//
+	// The "no-transform" request directive indicates that an intermediary
+	// (whether or not it implements a cache) MUST NOT transform the
+	// payload, as defined in Section 5.7.2 of RFC7230.
+	NoTransform bool
+
+	// only-if-cached(bool): http://tools.ietf.org/html/rfc7234#section-5.2.1.7
+	//
+	// The "only-if-cached" request directive indicates that the client only
+	// wishes to obtain a stored response.
+	OnlyIfCached bool
+
+	// Extensions: http://tools.ietf.org/html/rfc7234#section-5.2.3
+	//
+	// The Cache-Control header field can be extended through the use of one
+	// or more cache-extension tokens, each with an optional value.  A cache
+	// MUST ignore unrecognized cache directives.
+	Extensions []string
+}
+
+func (cd *RequestCacheDirectives) addToken(token string) error {
+	var err error = nil
+
+	switch token {
+	case "max-age":
+		err = ErrMaxAgeDeltaSeconds
+	case "max-stale":
+		err = ErrMaxStaleDeltaSeconds
+	case "min-fresh":
+		err = ErrMinFreshDeltaSeconds
+	case "no-cache":
+		cd.NoCache = true
+	case "no-store":
+		cd.NoStore = true
+	case "no-transform":
+		cd.NoTransform = true
+	case "only-if-cached":
+		cd.OnlyIfCached = true
+	default:
+		cd.Extensions = append(cd.Extensions, token)
+	}
+	return err
+}
+
+func (cd *RequestCacheDirectives) addPair(token string, v string) error {
+	var err error = nil
+
+	switch token {
+	case "max-age":
+		cd.MaxAge, err = parseDeltaSeconds(v)
+		if err != nil {
+			err = ErrMaxAgeDeltaSeconds
+		}
+	case "max-stale":
+		cd.MaxStale, err = parseDeltaSeconds(v)
+		if err != nil {
+			err = ErrMaxStaleDeltaSeconds
+		}
+	case "min-fresh":
+		cd.MinFresh, err = parseDeltaSeconds(v)
+		if err != nil {
+			err = ErrMinFreshDeltaSeconds
+		}
+	case "no-cache":
+		err = ErrNoCacheNoArgs
+	case "no-store":
+		err = ErrNoStoreNoArgs
+	case "no-transform":
+		err = ErrNoTransformNoArgs
+	case "only-if-cached":
+		err = ErrOnlyIfCachedNoArgs
+	default:
+		// TODO(pquerna): this sucks, making user re-parse
+		cd.Extensions = append(cd.Extensions, token+"="+v)
+	}
+
+	return err
+}
+
+// LOW LEVEL API: Parses a Cache Control Header from a Request into a set of directives.
+func ParseRequestCacheControl(value string) (*RequestCacheDirectives, error) {
+	cd := &RequestCacheDirectives{
+		MaxAge:   -1,
+		MaxStale: -1,
+		MinFresh: -1,
+	}
+
+	err := parse(value, cd)
+	if err != nil {
+		return nil, err
+	}
+	return cd, nil
+}
+
+// LOW LEVEL API: Repersentation of possible response directives in a `Cache-Control` header: http://tools.ietf.org/html/rfc7234#section-5.2.2
+//
+// Note: Many fields will be `nil` in practice.
+//
+type ResponseCacheDirectives struct {
+
+	// must-revalidate(bool): http://tools.ietf.org/html/rfc7234#section-5.2.2.1
+	//
+	// The "must-revalidate" response directive indicates that once it has
+	// become stale, a cache MUST NOT use the response to satisfy subsequent
+	// requests without successful validation on the origin server.
+	MustRevalidate bool
+
+	// no-cache(FieldName): http://tools.ietf.org/html/rfc7234#section-5.2.2.2
+	//
+	// The "no-cache" response directive indicates that the response MUST
+	// NOT be used to satisfy a subsequent request without successful
+	// validation on the origin server.
+	//
+	// If the no-cache response directive specifies one or more field-names,
+	// then a cache MAY use the response to satisfy a subsequent request,
+	// subject to any other restrictions on caching.  However, any header
+	// fields in the response that have the field-name(s) listed MUST NOT be
+	// sent in the response to a subsequent request without successful
+	// revalidation with the origin server.
+	NoCache FieldNames
+
+	// no-cache(cast-to-bool): http://tools.ietf.org/html/rfc7234#section-5.2.2.2
+	//
+	// While the RFC defines optional field-names on a no-cache directive,
+	// many applications only want to know if any no-cache directives were
+	// present at all.
+	NoCachePresent bool
+
+	// no-store(bool): http://tools.ietf.org/html/rfc7234#section-5.2.2.3
+	//
+	// The "no-store" request directive indicates that a cache MUST NOT
+	// store any part of either this request or any response to it.  This
+	// directive applies to both private and shared caches.
+	NoStore bool
+
+	// no-transform(bool): http://tools.ietf.org/html/rfc7234#section-5.2.2.4
+	//
+	// The "no-transform" response directive indicates that an intermediary
+	// (regardless of whether it implements a cache) MUST NOT transform the
+	// payload, as defined in Section 5.7.2 of RFC7230.
+	NoTransform bool
+
+	// public(bool): http://tools.ietf.org/html/rfc7234#section-5.2.2.5
+	//
+	// The "public" response directive indicates that any cache MAY store
+	// the response, even if the response would normally be non-cacheable or
+	// cacheable only within a private cache.
+	Public bool
+
+	// private(FieldName): http://tools.ietf.org/html/rfc7234#section-5.2.2.6
+	//
+	// The "private" response directive indicates that the response message
+	// is intended for a single user and MUST NOT be stored by a shared
+	// cache.  A private cache MAY store the response and reuse it for later
+	// requests, even if the response would normally be non-cacheable.
+	//
+	// If the private response directive specifies one or more field-names,
+	// this requirement is limited to the field-values associated with the
+	// listed response header fields.  That is, a shared cache MUST NOT
+	// store the specified field-names(s), whereas it MAY store the
+	// remainder of the response message.
+	Private FieldNames
+
+	// private(cast-to-bool): http://tools.ietf.org/html/rfc7234#section-5.2.2.6
+	//
+	// While the RFC defines optional field-names on a private directive,
+	// many applications only want to know if any private directives were
+	// present at all.
+	PrivatePresent bool
+
+	// proxy-revalidate(bool): http://tools.ietf.org/html/rfc7234#section-5.2.2.7
+	//
+	// The "proxy-revalidate" response directive has the same meaning as the
+	// must-revalidate response directive, except that it does not apply to
+	// private caches.
+	ProxyRevalidate bool
+
+	// max-age(delta seconds): http://tools.ietf.org/html/rfc7234#section-5.2.2.8
+	//
+	// The "max-age" response directive indicates that the response is to be
+	// considered stale after its age is greater than the specified number
+	// of seconds.
+	MaxAge DeltaSeconds
+
+	// s-maxage(delta seconds): http://tools.ietf.org/html/rfc7234#section-5.2.2.9
+	//
+	// The "s-maxage" response directive indicates that, in shared caches,
+	// the maximum age specified by this directive overrides the maximum age
+	// specified by either the max-age directive or the Expires header
+	// field.  The s-maxage directive also implies the semantics of the
+	// proxy-revalidate response directive.
+	SMaxAge DeltaSeconds
+
+	// Extensions: http://tools.ietf.org/html/rfc7234#section-5.2.3
+	//
+	// The Cache-Control header field can be extended through the use of one
+	// or more cache-extension tokens, each with an optional value.  A cache
+	// MUST ignore unrecognized cache directives.
+	Extensions []string
+}
+
+// LOW LEVEL API: Parses a Cache Control Header from a Response into a set of directives.
+func ParseResponseCacheControl(value string) (*ResponseCacheDirectives, error) {
+	cd := &ResponseCacheDirectives{
+		MaxAge:  -1,
+		SMaxAge: -1,
+	}
+
+	err := parse(value, cd)
+	if err != nil {
+		return nil, err
+	}
+	return cd, nil
+}
+
+func (cd *ResponseCacheDirectives) addToken(token string) error {
+	var err error = nil
+	switch token {
+	case "must-revalidate":
+		cd.MustRevalidate = true
+	case "no-cache":
+		cd.NoCachePresent = true
+	case "no-store":
+		cd.NoStore = true
+	case "no-transform":
+		cd.NoTransform = true
+	case "public":
+		cd.Public = true
+	case "private":
+		cd.PrivatePresent = true
+	case "proxy-revalidate":
+		cd.ProxyRevalidate = true
+	case "max-age":
+		err = ErrMaxAgeDeltaSeconds
+	case "s-maxage":
+		err = ErrSMaxAgeDeltaSeconds
+	default:
+		cd.Extensions = append(cd.Extensions, token)
+	}
+	return err
+}
+
+func hasFieldNames(token string) bool {
+	switch token {
+	case "no-cache":
+		return true
+	case "private":
+		return true
+	}
+	return false
+}
+
+func (cd *ResponseCacheDirectives) addPair(token string, v string) error {
+	var err error = nil
+
+	switch token {
+	case "must-revalidate":
+		err = ErrMustRevalidateNoArgs
+	case "no-cache":
+		cd.NoCachePresent = true
+		tokens := strings.Split(v, ",")
+		if cd.NoCache == nil {
+			cd.NoCache = make(FieldNames)
+		}
+		for _, t := range tokens {
+			k := http.CanonicalHeaderKey(textproto.TrimString(t))
+			cd.NoCache[k] = true
+		}
+	case "no-store":
+		err = ErrNoStoreNoArgs
+	case "no-transform":
+		err = ErrNoTransformNoArgs
+	case "public":
+		err = ErrPublicNoArgs
+	case "private":
+		cd.PrivatePresent = true
+		tokens := strings.Split(v, ",")
+		if cd.Private == nil {
+			cd.Private = make(FieldNames)
+		}
+		for _, t := range tokens {
+			k := http.CanonicalHeaderKey(textproto.TrimString(t))
+			cd.Private[k] = true
+		}
+	case "proxy-revalidate":
+		err = ErrProxyRevalidateNoArgs
+	case "max-age":
+		cd.MaxAge, err = parseDeltaSeconds(v)
+	case "s-maxage":
+		cd.SMaxAge, err = parseDeltaSeconds(v)
+	default:
+		// TODO(pquerna): this sucks, making user re-parse, and its technically not 'quoted' like the original,
+		// but this is still easier, just a SplitN on "="
+		cd.Extensions = append(cd.Extensions, token+"="+v)
+	}
+
+	return err
+}
diff --git a/vendor/github.com/pquerna/cachecontrol/cacheobject/lex.go b/vendor/github.com/pquerna/cachecontrol/cacheobject/lex.go
new file mode 100644
index 000000000000..c658e09b1512
--- /dev/null
+++ b/vendor/github.com/pquerna/cachecontrol/cacheobject/lex.go
@@ -0,0 +1,93 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package cacheobject
+
+// This file deals with lexical matters of HTTP
+
+func isSeparator(c byte) bool {
+	switch c {
+	case '(', ')', '<', '>', '@', ',', ';', ':', '\\', '"', '/', '[', ']', '?', '=', '{', '}', ' ', '\t':
+		return true
+	}
+	return false
+}
+
+func isCtl(c byte) bool { return (0 <= c && c <= 31) || c == 127 }
+
+func isChar(c byte) bool { return 0 <= c && c <= 127 }
+
+func isAnyText(c byte) bool { return !isCtl(c) }
+
+func isQdText(c byte) bool { return isAnyText(c) && c != '"' }
+
+func isToken(c byte) bool { return isChar(c) && !isCtl(c) && !isSeparator(c) }
+
+// Valid escaped sequences are not specified in RFC 2616, so for now, we assume
+// that they coincide with the common sense ones used by GO. Malformed
+// characters should probably not be treated as errors by a robust (forgiving)
+// parser, so we replace them with the '?' character.
+func httpUnquotePair(b byte) byte {
+	// skip the first byte, which should always be '\'
+	switch b {
+	case 'a':
+		return '\a'
+	case 'b':
+		return '\b'
+	case 'f':
+		return '\f'
+	case 'n':
+		return '\n'
+	case 'r':
+		return '\r'
+	case 't':
+		return '\t'
+	case 'v':
+		return '\v'
+	case '\\':
+		return '\\'
+	case '\'':
+		return '\''
+	case '"':
+		return '"'
+	}
+	return '?'
+}
+
+// raw must begin with a valid quoted string. Only the first quoted string is
+// parsed and is unquoted in result. eaten is the number of bytes parsed, or -1
+// upon failure.
+func httpUnquote(raw string) (eaten int, result string) {
+	buf := make([]byte, len(raw))
+	if raw[0] != '"' {
+		return -1, ""
+	}
+	eaten = 1
+	j := 0 // # of bytes written in buf
+	for i := 1; i < len(raw); i++ {
+		switch b := raw[i]; b {
+		case '"':
+			eaten++
+			buf = buf[0:j]
+			return i + 1, string(buf)
+		case '\\':
+			if len(raw) < i+2 {
+				return -1, ""
+			}
+			buf[j] = httpUnquotePair(raw[i+1])
+			eaten += 2
+			j++
+			i++
+		default:
+			if isQdText(b) {
+				buf[j] = b
+			} else {
+				buf[j] = '?'
+			}
+			eaten++
+			j++
+		}
+	}
+	return -1, ""
+}
diff --git a/vendor/github.com/pquerna/cachecontrol/cacheobject/object.go b/vendor/github.com/pquerna/cachecontrol/cacheobject/object.go
new file mode 100644
index 000000000000..35f88b9247d7
--- /dev/null
+++ b/vendor/github.com/pquerna/cachecontrol/cacheobject/object.go
@@ -0,0 +1,378 @@
+/**
+ *  Copyright 2015 Paul Querna
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package cacheobject
+
+import (
+	"net/http"
+	"time"
+)
+
+// LOW LEVEL API: Repersents a potentially cachable HTTP object.
+//
+// This struct is designed to be serialized efficiently, so in a high
+// performance caching server, things like Date-Strings don't need to be
+// parsed for every use of a cached object.
+type Object struct {
+	CacheIsPrivate bool
+
+	RespDirectives         *ResponseCacheDirectives
+	RespHeaders            http.Header
+	RespStatusCode         int
+	RespExpiresHeader      time.Time
+	RespDateHeader         time.Time
+	RespLastModifiedHeader time.Time
+
+	ReqDirectives *RequestCacheDirectives
+	ReqHeaders    http.Header
+	ReqMethod     string
+
+	NowUTC time.Time
+}
+
+// LOW LEVEL API: Repersents the results of examinig an Object with
+// CachableObject and ExpirationObject.
+//
+// TODO(pquerna): decide if this is a good idea or bad
+type ObjectResults struct {
+	OutReasons        []Reason
+	OutWarnings       []Warning
+	OutExpirationTime time.Time
+	OutErr            error
+}
+
+// LOW LEVEL API: Check if a object is cachable.
+func CachableObject(obj *Object, rv *ObjectResults) {
+	rv.OutReasons = nil
+	rv.OutWarnings = nil
+	rv.OutErr = nil
+
+	switch obj.ReqMethod {
+	case "GET":
+		break
+	case "HEAD":
+		break
+	case "POST":
+		/**
+		  POST: http://tools.ietf.org/html/rfc7231#section-4.3.3
+
+		  Responses to POST requests are only cacheable when they include
+		  explicit freshness information (see Section 4.2.1 of [RFC7234]).
+		  However, POST caching is not widely implemented.  For cases where an
+		  origin server wishes the client to be able to cache the result of a
+		  POST in a way that can be reused by a later GET, the origin server
+		  MAY send a 200 (OK) response containing the result and a
+		  Content-Location header field that has the same value as the POST's
+		  effective request URI (Section 3.1.4.2).
+		*/
+		if !hasFreshness(obj.ReqDirectives, obj.RespDirectives, obj.RespHeaders, obj.RespExpiresHeader, obj.CacheIsPrivate) {
+			rv.OutReasons = append(rv.OutReasons, ReasonRequestMethodPOST)
+		}
+
+	case "PUT":
+		rv.OutReasons = append(rv.OutReasons, ReasonRequestMethodPUT)
+
+	case "DELETE":
+		rv.OutReasons = append(rv.OutReasons, ReasonRequestMethodDELETE)
+
+	case "CONNECT":
+		rv.OutReasons = append(rv.OutReasons, ReasonRequestMethodCONNECT)
+
+	case "OPTIONS":
+		rv.OutReasons = append(rv.OutReasons, ReasonRequestMethodOPTIONS)
+
+	case "TRACE":
+		rv.OutReasons = append(rv.OutReasons, ReasonRequestMethodTRACE)
+
+	// HTTP Extension Methods: http://www.iana.org/assignments/http-methods/http-methods.xhtml
+	//
+	// To my knowledge, none of them are cachable. Please open a ticket if this is not the case!
+	//
+	default:
+		rv.OutReasons = append(rv.OutReasons, ReasonRequestMethodUnkown)
+	}
+
+	if obj.ReqDirectives.NoStore {
+		rv.OutReasons = append(rv.OutReasons, ReasonRequestNoStore)
+	}
+
+	// Storing Responses to Authenticated Requests: http://tools.ietf.org/html/rfc7234#section-3.2
+	authz := obj.ReqHeaders.Get("Authorization")
+	if authz != "" {
+		if obj.RespDirectives.MustRevalidate ||
+			obj.RespDirectives.Public ||
+			obj.RespDirectives.SMaxAge != -1 {
+			// Expires of some kind present, this is potentially OK.
+		} else {
+			rv.OutReasons = append(rv.OutReasons, ReasonRequestAuthorizationHeader)
+		}
+	}
+
+	if obj.RespDirectives.PrivatePresent && !obj.CacheIsPrivate {
+		rv.OutReasons = append(rv.OutReasons, ReasonResponsePrivate)
+	}
+
+	if obj.RespDirectives.NoStore {
+		rv.OutReasons = append(rv.OutReasons, ReasonResponseNoStore)
+	}
+
+	/*
+	   the response either:
+
+	     *  contains an Expires header field (see Section 5.3), or
+
+	     *  contains a max-age response directive (see Section 5.2.2.8), or
+
+	     *  contains a s-maxage response directive (see Section 5.2.2.9)
+	        and the cache is shared, or
+
+	     *  contains a Cache Control Extension (see Section 5.2.3) that
+	        allows it to be cached, or
+
+	     *  has a status code that is defined as cacheable by default (see
+	        Section 4.2.2), or
+
+	     *  contains a public response directive (see Section 5.2.2.5).
+	*/
+
+	expires := obj.RespHeaders.Get("Expires") != ""
+	statusCachable := cachableStatusCode(obj.RespStatusCode)
+
+	if expires ||
+		obj.RespDirectives.MaxAge != -1 ||
+		(obj.RespDirectives.SMaxAge != -1 && !obj.CacheIsPrivate) ||
+		statusCachable ||
+		obj.RespDirectives.Public {
+		/* cachable by default, at least one of the above conditions was true */
+	} else {
+		rv.OutReasons = append(rv.OutReasons, ReasonResponseUncachableByDefault)
+	}
+}
+
+var twentyFourHours = time.Duration(24 * time.Hour)
+
+const debug = false
+
+// LOW LEVEL API: Update an objects expiration time.
+func ExpirationObject(obj *Object, rv *ObjectResults) {
+	/**
+	 * Okay, lets calculate Freshness/Expiration now. woo:
+	 *  http://tools.ietf.org/html/rfc7234#section-4.2
+	 */
+
+	/*
+	   o  If the cache is shared and the s-maxage response directive
+	      (Section 5.2.2.9) is present, use its value, or
+
+	   o  If the max-age response directive (Section 5.2.2.8) is present,
+	      use its value, or
+
+	   o  If the Expires response header field (Section 5.3) is present, use
+	      its value minus the value of the Date response header field, or
+
+	   o  Otherwise, no explicit expiration time is present in the response.
+	      A heuristic freshness lifetime might be applicable; see
+	      Section 4.2.2.
+	*/
+
+	var expiresTime time.Time
+
+	if obj.RespDirectives.SMaxAge != -1 && !obj.CacheIsPrivate {
+		expiresTime = obj.NowUTC.Add(time.Second * time.Duration(obj.RespDirectives.SMaxAge))
+	} else if obj.RespDirectives.MaxAge != -1 {
+		expiresTime = obj.NowUTC.UTC().Add(time.Second * time.Duration(obj.RespDirectives.MaxAge))
+	} else if !obj.RespExpiresHeader.IsZero() {
+		serverDate := obj.RespDateHeader
+		if serverDate.IsZero() {
+			// common enough case when a Date: header has not yet been added to an
+			// active response.
+			serverDate = obj.NowUTC
+		}
+		expiresTime = obj.NowUTC.Add(obj.RespExpiresHeader.Sub(serverDate))
+	} else if !obj.RespLastModifiedHeader.IsZero() {
+		// heuristic freshness lifetime
+		rv.OutWarnings = append(rv.OutWarnings, WarningHeuristicExpiration)
+
+		// http://httpd.apache.org/docs/2.4/mod/mod_cache.html#cachelastmodifiedfactor
+		// CacheMaxExpire defaults to 24 hours
+		// CacheLastModifiedFactor: is 0.1
+		//
+		// expiry-period = MIN(time-since-last-modified-date * factor, 24 hours)
+		//
+		// obj.NowUTC
+
+		since := obj.RespLastModifiedHeader.Sub(obj.NowUTC)
+		since = time.Duration(float64(since) * -0.1)
+
+		if since > twentyFourHours {
+			expiresTime = obj.NowUTC.Add(twentyFourHours)
+		} else {
+			expiresTime = obj.NowUTC.Add(since)
+		}
+
+		if debug {
+			println("Now UTC: ", obj.NowUTC.String())
+			println("Last-Modified: ", obj.RespLastModifiedHeader.String())
+			println("Since: ", since.String())
+			println("TwentyFourHours: ", twentyFourHours.String())
+			println("Expiration: ", expiresTime.String())
+		}
+	} else {
+		// TODO(pquerna): what should the default behavoir be for expiration time?
+	}
+
+	rv.OutExpirationTime = expiresTime
+}
+
+// Evaluate cachability based on an HTTP request, and parts of the response.
+func UsingRequestResponse(req *http.Request,
+	statusCode int,
+	respHeaders http.Header,
+	privateCache bool) ([]Reason, time.Time, error) {
+
+	var reqHeaders http.Header
+	var reqMethod string
+
+	var reqDir *RequestCacheDirectives = nil
+	respDir, err := ParseResponseCacheControl(respHeaders.Get("Cache-Control"))
+	if err != nil {
+		return nil, time.Time{}, err
+	}
+
+	if req != nil {
+		reqDir, err = ParseRequestCacheControl(req.Header.Get("Cache-Control"))
+		if err != nil {
+			return nil, time.Time{}, err
+		}
+		reqHeaders = req.Header
+		reqMethod = req.Method
+	}
+
+	var expiresHeader time.Time
+	var dateHeader time.Time
+	var lastModifiedHeader time.Time
+
+	if respHeaders.Get("Expires") != "" {
+		expiresHeader, err = http.ParseTime(respHeaders.Get("Expires"))
+		if err != nil {
+			// sometimes servers will return `Expires: 0` or `Expires: -1` to
+			// indicate expired content
+			expiresHeader = time.Time{}
+		}
+		expiresHeader = expiresHeader.UTC()
+	}
+
+	if respHeaders.Get("Date") != "" {
+		dateHeader, err = http.ParseTime(respHeaders.Get("Date"))
+		if err != nil {
+			return nil, time.Time{}, err
+		}
+		dateHeader = dateHeader.UTC()
+	}
+
+	if respHeaders.Get("Last-Modified") != "" {
+		lastModifiedHeader, err = http.ParseTime(respHeaders.Get("Last-Modified"))
+		if err != nil {
+			return nil, time.Time{}, err
+		}
+		lastModifiedHeader = lastModifiedHeader.UTC()
+	}
+
+	obj := Object{
+		CacheIsPrivate: privateCache,
+
+		RespDirectives:         respDir,
+		RespHeaders:            respHeaders,
+		RespStatusCode:         statusCode,
+		RespExpiresHeader:      expiresHeader,
+		RespDateHeader:         dateHeader,
+		RespLastModifiedHeader: lastModifiedHeader,
+
+		ReqDirectives: reqDir,
+		ReqHeaders:    reqHeaders,
+		ReqMethod:     reqMethod,
+
+		NowUTC: time.Now().UTC(),
+	}
+	rv := ObjectResults{}
+
+	CachableObject(&obj, &rv)
+	if rv.OutErr != nil {
+		return nil, time.Time{}, rv.OutErr
+	}
+
+	ExpirationObject(&obj, &rv)
+	if rv.OutErr != nil {
+		return nil, time.Time{}, rv.OutErr
+	}
+
+	return rv.OutReasons, rv.OutExpirationTime, nil
+}
+
+// calculate if a freshness directive is present: http://tools.ietf.org/html/rfc7234#section-4.2.1
+func hasFreshness(reqDir *RequestCacheDirectives, respDir *ResponseCacheDirectives, respHeaders http.Header, respExpires time.Time, privateCache bool) bool {
+	if !privateCache && respDir.SMaxAge != -1 {
+		return true
+	}
+
+	if respDir.MaxAge != -1 {
+		return true
+	}
+
+	if !respExpires.IsZero() || respHeaders.Get("Expires") != "" {
+		return true
+	}
+
+	return false
+}
+
+func cachableStatusCode(statusCode int) bool {
+	/*
+		Responses with status codes that are defined as cacheable by default
+		(e.g., 200, 203, 204, 206, 300, 301, 404, 405, 410, 414, and 501 in
+		this specification) can be reused by a cache with heuristic
+		expiration unless otherwise indicated by the method definition or
+		explicit cache controls [RFC7234]; all other status codes are not
+		cacheable by default.
+	*/
+	switch statusCode {
+	case 200:
+		return true
+	case 203:
+		return true
+	case 204:
+		return true
+	case 206:
+		return true
+	case 300:
+		return true
+	case 301:
+		return true
+	case 404:
+		return true
+	case 405:
+		return true
+	case 410:
+		return true
+	case 414:
+		return true
+	case 501:
+		return true
+	default:
+		return false
+	}
+}
diff --git a/vendor/github.com/pquerna/cachecontrol/cacheobject/reasons.go b/vendor/github.com/pquerna/cachecontrol/cacheobject/reasons.go
new file mode 100644
index 000000000000..f53d1ad593df
--- /dev/null
+++ b/vendor/github.com/pquerna/cachecontrol/cacheobject/reasons.go
@@ -0,0 +1,95 @@
+/**
+ *  Copyright 2015 Paul Querna
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package cacheobject
+
+// Repersents a potential Reason to not cache an object.
+//
+// Applications may wish to ignore specific reasons, which will make them non-RFC
+// compliant, but this type gives them specific cases they can choose to ignore,
+// making them compliant in as many cases as they can.
+type Reason int
+
+const (
+
+	// The request method was POST and an Expiration header was not supplied.
+	ReasonRequestMethodPOST Reason = iota
+
+	// The request method was PUT and PUTs are not cachable.
+	ReasonRequestMethodPUT
+
+	// The request method was DELETE and DELETEs are not cachable.
+	ReasonRequestMethodDELETE
+
+	// The request method was CONNECT and CONNECTs are not cachable.
+	ReasonRequestMethodCONNECT
+
+	// The request method was OPTIONS and OPTIONS are not cachable.
+	ReasonRequestMethodOPTIONS
+
+	// The request method was TRACE and TRACEs are not cachable.
+	ReasonRequestMethodTRACE
+
+	// The request method was not recognized by cachecontrol, and should not be cached.
+	ReasonRequestMethodUnkown
+
+	// The request included an Cache-Control: no-store header
+	ReasonRequestNoStore
+
+	// The request included an Authorization header without an explicit Public or Expiration time: http://tools.ietf.org/html/rfc7234#section-3.2
+	ReasonRequestAuthorizationHeader
+
+	// The response included an Cache-Control: no-store header
+	ReasonResponseNoStore
+
+	// The response included an Cache-Control: private header and this is not a Private cache
+	ReasonResponsePrivate
+
+	// The response failed to meet at least one of the conditions specified in RFC 7234 section 3: http://tools.ietf.org/html/rfc7234#section-3
+	ReasonResponseUncachableByDefault
+)
+
+func (r Reason) String() string {
+	switch r {
+	case ReasonRequestMethodPOST:
+		return "ReasonRequestMethodPOST"
+	case ReasonRequestMethodPUT:
+		return "ReasonRequestMethodPUT"
+	case ReasonRequestMethodDELETE:
+		return "ReasonRequestMethodDELETE"
+	case ReasonRequestMethodCONNECT:
+		return "ReasonRequestMethodCONNECT"
+	case ReasonRequestMethodOPTIONS:
+		return "ReasonRequestMethodOPTIONS"
+	case ReasonRequestMethodTRACE:
+		return "ReasonRequestMethodTRACE"
+	case ReasonRequestMethodUnkown:
+		return "ReasonRequestMethodUnkown"
+	case ReasonRequestNoStore:
+		return "ReasonRequestNoStore"
+	case ReasonRequestAuthorizationHeader:
+		return "ReasonRequestAuthorizationHeader"
+	case ReasonResponseNoStore:
+		return "ReasonResponseNoStore"
+	case ReasonResponsePrivate:
+		return "ReasonResponsePrivate"
+	case ReasonResponseUncachableByDefault:
+		return "ReasonResponseUncachableByDefault"
+	}
+
+	panic(r)
+}
diff --git a/vendor/github.com/pquerna/cachecontrol/cacheobject/warning.go b/vendor/github.com/pquerna/cachecontrol/cacheobject/warning.go
new file mode 100644
index 000000000000..82f894130341
--- /dev/null
+++ b/vendor/github.com/pquerna/cachecontrol/cacheobject/warning.go
@@ -0,0 +1,107 @@
+/**
+ *  Copyright 2015 Paul Querna
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package cacheobject
+
+import (
+	"fmt"
+	"net/http"
+	"time"
+)
+
+// Repersents an HTTP Warning: http://tools.ietf.org/html/rfc7234#section-5.5
+type Warning int
+
+const (
+	// Response is Stale
+	// A cache SHOULD generate this whenever the sent response is stale.
+	WarningResponseIsStale Warning = 110
+
+	// Revalidation Failed
+	// A cache SHOULD generate this when sending a stale
+	// response because an attempt to validate the response failed, due to an
+	// inability to reach the server.
+	WarningRevalidationFailed Warning = 111
+
+	// Disconnected Operation
+	// A cache SHOULD generate this if it is intentionally disconnected from
+	// the rest of the network for a period of time.
+	WarningDisconnectedOperation Warning = 112
+
+	// Heuristic Expiration
+	//
+	// A cache SHOULD generate this if it heuristically chose a freshness
+	// lifetime greater than 24 hours and the response's age is greater than
+	// 24 hours.
+	WarningHeuristicExpiration Warning = 113
+
+	// Miscellaneous Warning
+	//
+	// The warning text can include arbitrary information to be presented to
+	// a human user or logged.  A system receiving this warning MUST NOT
+	// take any automated action, besides presenting the warning to the
+	// user.
+	WarningMiscellaneousWarning Warning = 199
+
+	// Transformation Applied
+	//
+	// This Warning code MUST be added by a proxy if it applies any
+	// transformation to the representation, such as changing the
+	// content-coding, media-type, or modifying the representation data,
+	// unless this Warning code already appears in the response.
+	WarningTransformationApplied Warning = 214
+
+	// Miscellaneous Persistent Warning
+	//
+	// The warning text can include arbitrary information to be presented to
+	// a human user or logged.  A system receiving this warning MUST NOT
+	// take any automated action.
+	WarningMiscellaneousPersistentWarning Warning = 299
+)
+
+func (w Warning) HeaderString(agent string, date time.Time) string {
+	if agent == "" {
+		agent = "-"
+	} else {
+		// TODO(pquerna): this doesn't escape agent if it contains bad things.
+		agent = `"` + agent + `"`
+	}
+	return fmt.Sprintf(`%d %s "%s" %s`, w, agent, w.String(), date.Format(http.TimeFormat))
+}
+
+func (w Warning) String() string {
+	switch w {
+	case WarningResponseIsStale:
+		return "Response is Stale"
+	case WarningRevalidationFailed:
+		return "Revalidation Failed"
+	case WarningDisconnectedOperation:
+		return "Disconnected Operation"
+	case WarningHeuristicExpiration:
+		return "Heuristic Expiration"
+	case WarningMiscellaneousWarning:
+		// TODO(pquerna): ideally had a better way to override this one code.
+		return "Miscellaneous Warning"
+	case WarningTransformationApplied:
+		return "Transformation Applied"
+	case WarningMiscellaneousPersistentWarning:
+		// TODO(pquerna): same as WarningMiscellaneousWarning
+		return "Miscellaneous Persistent Warning"
+	}
+
+	panic(w)
+}
diff --git a/vendor/github.com/pquerna/cachecontrol/doc.go b/vendor/github.com/pquerna/cachecontrol/doc.go
new file mode 100644
index 000000000000..3fe7ed0d689c
--- /dev/null
+++ b/vendor/github.com/pquerna/cachecontrol/doc.go
@@ -0,0 +1,25 @@
+/**
+ *  Copyright 2015 Paul Querna
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+// Package cachecontrol implements the logic for HTTP Caching
+//
+// Deciding if an HTTP Response can be cached is often harder
+// and more bug prone than an actual cache storage backend.
+// cachecontrol provides a simple interface to determine if
+// request and response pairs are cachable as defined under
+// RFC 7234 http://tools.ietf.org/html/rfc7234
+package cachecontrol
diff --git a/vendor/github.com/quobyte/api/README.md b/vendor/github.com/quobyte/api/README.md
index 072033b7bdec..642468aedbc0 100644
--- a/vendor/github.com/quobyte/api/README.md
+++ b/vendor/github.com/quobyte/api/README.md
@@ -1,6 +1,6 @@
 # Quobyte API Clients
 
-Get the quoybte api client
+Get the quobyte api client
 
 ```bash
 go get github.com/quobyte/api
@@ -18,6 +18,7 @@ import (
 
 func main() {
     client := quobyte_api.NewQuobyteClient("http://apiserver:7860", "user", "password")
+    client.SetAPIRetryPolicy(quobyte_api.RetryInfinitely) // Default quobyte_api.RetryInteractive
     req := &quobyte_api.CreateVolumeRequest{
         Name:              "MyVolume",
         RootUserID:        "root",
diff --git a/vendor/github.com/quobyte/api/quobyte.go b/vendor/github.com/quobyte/api/quobyte.go
index 3a2a5fd17a2b..66e51fd8132b 100644
--- a/vendor/github.com/quobyte/api/quobyte.go
+++ b/vendor/github.com/quobyte/api/quobyte.go
@@ -5,20 +5,38 @@ import (
 	"net/http"
 )
 
+// retry policy codes
+const (
+	RetryNever         string = "NEVER"
+	RetryInteractive   string = "INTERACTIVE"
+	RetryInfinitely    string = "INFINITELY"
+	RetryOncePerTarget string = "ONCE_PER_TARGET"
+)
+
 type QuobyteClient struct {
-	client   *http.Client
-	url      string
-	username string
-	password string
+	client         *http.Client
+	url            string
+	username       string
+	password       string
+	apiRetryPolicy string
+}
+
+func (client *QuobyteClient) SetAPIRetryPolicy(retry string) {
+	client.apiRetryPolicy = retry
+}
+
+func (client *QuobyteClient) GetAPIRetryPolicy() string {
+	return client.apiRetryPolicy
 }
 
 // NewQuobyteClient creates a new Quobyte API client
 func NewQuobyteClient(url string, username string, password string) *QuobyteClient {
 	return &QuobyteClient{
-		client:   &http.Client{},
-		url:      url,
-		username: username,
-		password: password,
+		client:         &http.Client{},
+		url:            url,
+		username:       username,
+		password:       password,
+		apiRetryPolicy: RetryInteractive,
 	}
 }
 
@@ -80,6 +98,7 @@ func (client *QuobyteClient) GetClientList(tenant string) (GetClientListResponse
 	return response, nil
 }
 
+// SetVolumeQuota sets a Quota to the specified Volume
 func (client *QuobyteClient) SetVolumeQuota(volumeUUID string, quotaSize uint64) error {
 	request := &setQuotaRequest{
 		Quotas: []*quota{
@@ -102,3 +121,50 @@ func (client *QuobyteClient) SetVolumeQuota(volumeUUID string, quotaSize uint64)
 
 	return client.sendRequest("setQuota", request, nil)
 }
+
+// GetTenant returns the Tenant configuration for all specified tenants
+func (client *QuobyteClient) GetTenant(tenantIDs []string) (GetTenantResponse, error) {
+	request := &getTenantRequest{TenantIDs: tenantIDs}
+
+	var response GetTenantResponse
+	err := client.sendRequest("getTenant", request, &response)
+	if err != nil {
+		return response, err
+	}
+
+	return response, nil
+}
+
+// GetTenantMap returns a map that contains all tenant names and there ID's
+func (client *QuobyteClient) GetTenantMap() (map[string]string, error) {
+	result := map[string]string{}
+	response, err := client.GetTenant([]string{})
+
+	if err != nil {
+		return result, err
+	}
+
+	for _, tenant := range response.Tenants {
+		result[tenant.Name] = tenant.TenantID
+	}
+
+	return result, nil
+}
+
+// SetTenant creates a Tenant with the specified name
+func (client *QuobyteClient) SetTenant(tenantName string) (string, error) {
+	request := &setTenantRequest{
+		&TenantDomainConfiguration{
+			Name: tenantName,
+		},
+		retryPolicy{client.GetAPIRetryPolicy()},
+	}
+
+	var response setTenantResponse
+	err := client.sendRequest("setTenant", request, &response)
+	if err != nil {
+		return "", err
+	}
+
+	return response.TenantID, nil
+}
diff --git a/vendor/github.com/quobyte/api/rpc_client.go b/vendor/github.com/quobyte/api/rpc_client.go
index 7c7326c57fac..77e929e766be 100644
--- a/vendor/github.com/quobyte/api/rpc_client.go
+++ b/vendor/github.com/quobyte/api/rpc_client.go
@@ -7,6 +7,7 @@ import (
 	"io"
 	"math/rand"
 	"net/http"
+	"reflect"
 	"strconv"
 )
 
@@ -88,6 +89,11 @@ func decodeResponse(ioReader io.Reader, reply interface{}) error {
 }
 
 func (client QuobyteClient) sendRequest(method string, request interface{}, response interface{}) error {
+	etype := reflect.ValueOf(request).Elem()
+	field := etype.FieldByName("RetryPolicy")
+	if field.IsValid() {
+		field.SetString(client.GetAPIRetryPolicy())
+	}
 	message, err := encodeRequest(method, request)
 	if err != nil {
 		return err
diff --git a/vendor/github.com/quobyte/api/types.go b/vendor/github.com/quobyte/api/types.go
index c1a87d337147..2e18bd7278ec 100644
--- a/vendor/github.com/quobyte/api/types.go
+++ b/vendor/github.com/quobyte/api/types.go
@@ -1,19 +1,25 @@
 package quobyte
 
+type retryPolicy struct {
+        RetryPolicy string `json:"retry,omitempty"`
+}
+
 // CreateVolumeRequest represents a CreateVolumeRequest
 type CreateVolumeRequest struct {
-	Name              string   `json:"name,omitempty"`
-	RootUserID        string   `json:"root_user_id,omitempty"`
-	RootGroupID       string   `json:"root_group_id,omitempty"`
-	ReplicaDeviceIDS  []uint64 `json:"replica_device_ids,string,omitempty"`
-	ConfigurationName string   `json:"configuration_name,omitempty"`
-	AccessMode        uint32   `json:"access_mode,string,omitempty"`
-	TenantID          string   `json:"tenant_id,omitempty"`
+        Name              string   `json:"name,omitempty"`
+        RootUserID        string   `json:"root_user_id,omitempty"`
+        RootGroupID       string   `json:"root_group_id,omitempty"`
+        ReplicaDeviceIDS  []uint64 `json:"replica_device_ids,string,omitempty"`
+        ConfigurationName string   `json:"configuration_name,omitempty"`
+        AccessMode        uint32   `json:"access_mode,string,omitempty"`
+        TenantID          string   `json:"tenant_id,omitempty"`
+        retryPolicy
 }
 
 type resolveVolumeNameRequest struct {
-	VolumeName   string `json:"volume_name,omitempty"`
-	TenantDomain string `json:"tenant_domain,omitempty"`
+        VolumeName   string `json:"volume_name,omitempty"`
+        TenantDomain string `json:"tenant_domain,omitempty"`
+        retryPolicy
 }
 
 type volumeUUID struct {
@@ -21,7 +27,8 @@ type volumeUUID struct {
 }
 
 type getClientListRequest struct {
-	TenantDomain string `json:"tenant_domain,omitempty"`
+        TenantDomain string `json:"tenant_domain,omitempty"`
+        retryPolicy
 }
 
 type GetClientListResponse struct {
@@ -52,5 +59,37 @@ type quota struct {
 }
 
 type setQuotaRequest struct {
-	Quotas []*quota `json:"quotas,omitempty"`
+        Quotas []*quota `json:"quotas,omitempty"`
+        retryPolicy
+}
+
+type getTenantRequest struct {
+        TenantIDs []string `json:"tenant_id,omitempty"`
+        retryPolicy
+}
+
+type GetTenantResponse struct {
+	Tenants []*TenantDomainConfiguration `json:"tenant,omitempty"`
+}
+
+type TenantDomainConfiguration struct {
+	TenantID          string                                   `json:"tenant_id,omitempty"`
+	Name              string                                   `json:"name,omitempty"`
+	RestrictToNetwork []string                                 `json:"restrict_to_network,omitempty"`
+	VolumeAccess      []*TenantDomainConfigurationVolumeAccess `json:"volume_access,omitempty"`
+}
+
+type TenantDomainConfigurationVolumeAccess struct {
+	VolumeUUID        string `json:"volume_uuid,omitempty"`
+	RestrictToNetwork string `json:"restrict_to_network,omitempty"`
+	ReadOnly          bool   `json:"read_only,omitempty"`
+}
+
+type setTenantRequest struct {
+        Tenants *TenantDomainConfiguration `json:"tenant,omitempty"`
+        retryPolicy
+}
+
+type setTenantResponse struct {
+	TenantID string `json:"tenant_id,omitempty"`
 }
diff --git a/vendor/github.com/satori/uuid/.travis.yml b/vendor/github.com/satori/go.uuid/.travis.yml
similarity index 73%
rename from vendor/github.com/satori/uuid/.travis.yml
rename to vendor/github.com/satori/go.uuid/.travis.yml
index fdf960e86b55..38517e2ed906 100644
--- a/vendor/github.com/satori/uuid/.travis.yml
+++ b/vendor/github.com/satori/go.uuid/.travis.yml
@@ -6,13 +6,6 @@ go:
     - 1.4
     - 1.5
     - 1.6
-    - 1.7
-    - 1.8
-    - tip
-matrix:
-    allow_failures:
-        - go: tip
-    fast_finish: true
 before_install:
     - go get github.com/mattn/goveralls
     - go get golang.org/x/tools/cmd/cover
diff --git a/vendor/github.com/satori/uuid/LICENSE b/vendor/github.com/satori/go.uuid/LICENSE
similarity index 100%
rename from vendor/github.com/satori/uuid/LICENSE
rename to vendor/github.com/satori/go.uuid/LICENSE
diff --git a/vendor/github.com/satori/uuid/README.md b/vendor/github.com/satori/go.uuid/README.md
similarity index 100%
rename from vendor/github.com/satori/uuid/README.md
rename to vendor/github.com/satori/go.uuid/README.md
diff --git a/vendor/github.com/satori/uuid/uuid.go b/vendor/github.com/satori/go.uuid/uuid.go
similarity index 97%
rename from vendor/github.com/satori/uuid/uuid.go
rename to vendor/github.com/satori/go.uuid/uuid.go
index 295f3fc2c57f..9c7fbaa54e67 100644
--- a/vendor/github.com/satori/uuid/uuid.go
+++ b/vendor/github.com/satori/go.uuid/uuid.go
@@ -251,12 +251,18 @@ func (u *UUID) UnmarshalText(text []byte) (err error) {
 	b := u[:]
 
 	for i, byteGroup := range byteGroups {
-		if i > 0 {
-			if t[0] != '-' {
-				err = fmt.Errorf("uuid: invalid string format")
+		if i > 0 && t[0] == '-' {
+			t = t[1:]
+		} else if i > 0 && t[0] != '-' {
+			err = fmt.Errorf("uuid: invalid string format")
+			return
+		}
+
+		if i == 2 {
+			if !bytes.Contains([]byte("012345"), []byte{t[0]}) {
+				err = fmt.Errorf("uuid: invalid version number: %s", t[0])
 				return
 			}
-			t = t[1:]
 		}
 
 		if len(t) < byteGroup {
@@ -266,11 +272,12 @@ func (u *UUID) UnmarshalText(text []byte) (err error) {
 
 		if i == 4 && len(t) > byteGroup &&
 			((braced && t[byteGroup] != '}') || len(t[byteGroup:]) > 1 || !braced) {
-			err = fmt.Errorf("uuid: UUID string too long: %s", text)
+			err = fmt.Errorf("uuid: UUID string too long: %s", t)
 			return
 		}
 
 		_, err = hex.Decode(b[:byteGroup/2], t[:byteGroup])
+
 		if err != nil {
 			return
 		}
diff --git a/vendor/github.com/spf13/cobra/.travis.yml b/vendor/github.com/spf13/cobra/.travis.yml
index 6e84be54d16d..68efa136331d 100644
--- a/vendor/github.com/spf13/cobra/.travis.yml
+++ b/vendor/github.com/spf13/cobra/.travis.yml
@@ -1,11 +1,10 @@
 language: go
-go:
-  - 1.4.3
-  - 1.5.4
-  - 1.6.3
-  - tip
 
 matrix:
+  include:
+    - go: 1.7.6
+    - go: 1.8.3
+    - go: tip
   allow_failures:
     - go: tip
 
@@ -16,3 +15,7 @@ before_install:
 script:
   - PATH=$PATH:$PWD/bin go test -v ./...
   - go build
+  - diff -u <(echo -n) <(gofmt -d -s .)
+  - if [ -z $NOVET ]; then
+      diff -u <(echo -n) <(go tool vet . 2>&1 | grep -vE 'ExampleCommand|bash_completions.*Fprint');
+    fi
diff --git a/vendor/github.com/spf13/cobra/README.md b/vendor/github.com/spf13/cobra/README.md
index b338a0e4424a..851fcc087cae 100644
--- a/vendor/github.com/spf13/cobra/README.md
+++ b/vendor/github.com/spf13/cobra/README.md
@@ -8,6 +8,7 @@ Many of the most widely used Go projects are built using Cobra including:
 * [Hugo](http://gohugo.io)
 * [rkt](https://github.com/coreos/rkt)
 * [etcd](https://github.com/coreos/etcd)
+* [Moby (former Docker)](https://github.com/moby/moby)
 * [Docker (distribution)](https://github.com/docker/distribution)
 * [OpenShift](https://www.openshift.com/)
 * [Delve](https://github.com/derekparker/delve)
@@ -15,16 +16,37 @@ Many of the most widely used Go projects are built using Cobra including:
 * [CockroachDB](http://www.cockroachlabs.com/)
 * [Bleve](http://www.blevesearch.com/)
 * [ProjectAtomic (enterprise)](http://www.projectatomic.io/)
-* [Parse (CLI)](https://parse.com/)
 * [GiantSwarm's swarm](https://github.com/giantswarm/cli)
 * [Nanobox](https://github.com/nanobox-io/nanobox)/[Nanopack](https://github.com/nanopack)
-
+* [rclone](http://rclone.org/)
+* [nehm](https://github.com/bogem/nehm)
+* [Pouch](https://github.com/alibaba/pouch)
 
 [![Build Status](https://travis-ci.org/spf13/cobra.svg "Travis CI status")](https://travis-ci.org/spf13/cobra)
 [![CircleCI status](https://circleci.com/gh/spf13/cobra.png?circle-token=:circle-token "CircleCI status")](https://circleci.com/gh/spf13/cobra)
-[![GoDoc](https://godoc.org/github.com/spf13/cobra?status.svg)](https://godoc.org/github.com/spf13/cobra) 
-
-![cobra](https://cloud.githubusercontent.com/assets/173412/10911369/84832a8e-8212-11e5-9f82-cc96660a4794.gif)
+[![GoDoc](https://godoc.org/github.com/spf13/cobra?status.svg)](https://godoc.org/github.com/spf13/cobra)
+
+# Table of Contents
+
+- [Overview](#overview)
+- [Concepts](#concepts)
+  * [Commands](#commands)
+  * [Flags](#flags)
+- [Installing](#installing)
+- [Getting Started](#getting-started)
+  * [Using the Cobra Generator](#using-the-cobra-generator)
+  * [Using the Cobra Library](#using-the-cobra-library)
+  * [Working with Flags](#working-with-flags)
+  * [Positional and Custom Arguments](#positional-and-custom-arguments)
+  * [Example](#example)
+  * [Help Command](#help-command)
+  * [Usage Message](#usage-message)
+  * [PreRun and PostRun Hooks](#prerun-and-postrun-hooks)
+  * [Suggestions when "unknown command" happens](#suggestions-when-unknown-command-happens)
+  * [Generating documentation for your command](#generating-documentation-for-your-command)
+  * [Generating bash completions](#generating-bash-completions)
+- [Contributing](#contributing)
+- [License](#license)
 
 # Overview
 
@@ -39,27 +61,16 @@ Cobra provides:
 * Fully POSIX-compliant flags (including short & long versions)
 * Nested subcommands
 * Global, local and cascading flags
-* Easy generation of applications & commands with `cobra create appname` & `cobra add cmdname`
+* Easy generation of applications & commands with `cobra init appname` & `cobra add cmdname`
 * Intelligent suggestions (`app srver`... did you mean `app server`?)
 * Automatic help generation for commands and flags
-* Automatic detailed help for `app help [command]`
 * Automatic help flag recognition of `-h`, `--help`, etc.
 * Automatically generated bash autocomplete for your application
 * Automatically generated man pages for your application
 * Command aliases so you can change things without breaking them
-* The flexibilty to define your own help, usage, etc.
+* The flexibility to define your own help, usage, etc.
 * Optional tight integration with [viper](http://github.com/spf13/viper) for 12-factor apps
 
-Cobra has an exceptionally clean interface and simple design without needless
-constructors or initialization methods.
-
-Applications built with Cobra commands are designed to be as user-friendly as
-possible. Flags can be placed before or after the command (as long as a
-confusing space isn’t provided). Both short and long flags can be used. A
-command need not even be fully typed.  Help is automatically generated and
-available for the application or for a specific command using either the help
-command or the `--help` flag.
-
 # Concepts
 
 Cobra is built on a structure of commands, arguments & flags.
@@ -78,11 +89,11 @@ A few good real world examples may better illustrate this point.
 
 In the following example, 'server' is a command, and 'port' is a flag:
 
-    > hugo server --port=1313
+    hugo server --port=1313
 
 In this command we are telling Git to clone the url bare.
 
-    > git clone URL --bare
+    git clone URL --bare
 
 ## Commands
 
@@ -92,20 +103,11 @@ have children commands and optionally run an action.
 
 In the example above, 'server' is the command.
 
-A Command has the following structure:
-
-```go
-type Command struct {
-    Use string // The one-line usage message.
-    Short string // The short description shown in the 'help' output.
-    Long string // The long message shown in the 'help <this-command>' output.
-    Run func(cmd *Command, args []string) // Run runs the command.
-}
-```
+[More about cobra.Command](https://godoc.org/github.com/spf13/cobra#Command)
 
 ## Flags
 
-A Flag is a way to modify the behavior of a command. Cobra supports
+A flag is a way to modify the behavior of a command. Cobra supports
 fully POSIX-compliant flags as well as the Go [flag package](https://golang.org/pkg/flag/).
 A Cobra command can define flags that persist through to children commands
 and flags that are only available to that command.
@@ -113,23 +115,15 @@ and flags that are only available to that command.
 In the example above, 'port' is the flag.
 
 Flag functionality is provided by the [pflag
-library](https://github.com/ogier/pflag), a fork of the flag standard library
+library](https://github.com/spf13/pflag), a fork of the flag standard library
 which maintains the same interface while adding POSIX compliance.
 
-## Usage
-
-Cobra works by creating a set of commands and then organizing them into a tree.
-The tree defines the structure of the application.
-
-Once each command is defined with its corresponding flags, then the
-tree is assigned to the commander which is finally executed.
-
 # Installing
 Using Cobra is easy. First, use `go get` to install the latest version
-of the library. This command will install the `cobra` generator executible
-along with the library:
+of the library. This command will install the `cobra` generator executable
+along with the library and its dependencies:
 
-    > go get -v github.com/spf13/cobra/cobra
+    go get -u github.com/spf13/cobra/cobra
 
 Next, include Cobra in your application:
 
@@ -139,8 +133,8 @@ import "github.com/spf13/cobra"
 
 # Getting Started
 
-While you are welcome to provide your own organization, typically a Cobra based
-application will follow the following organizational structure.
+While you are welcome to provide your own organization, typically a Cobra-based
+application will follow the following organizational structure:
 
 ```
   ▾ appName/
@@ -152,18 +146,20 @@ application will follow the following organizational structure.
       main.go
 ```
 
-In a Cobra app, typically the main.go file is very bare. It serves, one purpose, to initialize Cobra.
+In a Cobra app, typically the main.go file is very bare. It serves one purpose: initializing Cobra.
 
 ```go
 package main
 
-import "{pathToYourApp}/cmd"
+import (
+  "fmt"
+  "os"
+
+  "{pathToYourApp}/cmd"
+)
 
 func main() {
-	if err := cmd.RootCmd.Execute(); err != nil {
-		fmt.Println(err)
-		os.Exit(-1)
-	}
+  cmd.Execute()
 }
 ```
 
@@ -172,134 +168,89 @@ func main() {
 Cobra provides its own program that will create your application and add any
 commands you want. It's the easiest way to incorporate Cobra into your application.
 
-In order to use the cobra command, compile it using the following command:
-
-    > go install github.com/spf13/cobra/cobra
-
-This will create the cobra executable under your go path bin directory!
-
-### cobra init
-
-The `cobra init [yourApp]` command will create your initial application code
-for you. It is a very powerful application that will populate your program with
-the right structure so you can immediately enjoy all the benefits of Cobra. It
-will also automatically apply the license you specify to your application.
-
-Cobra init is pretty smart. You can provide it a full path, or simply a path
-similar to what is expected in the import.
-
-```
-cobra init github.com/spf13/newAppName
-```
-
-### cobra add
-
-Once an application is initialized Cobra can create additional commands for you.
-Let's say you created an app and you wanted the following commands for it:
-
-* app serve
-* app config
-* app config create
-
-In your project directory (where your main.go file is) you would run the following:
-
-```
-cobra add serve
-cobra add config
-cobra add create -p 'configCmd'
-```
-
-Once you have run these three commands you would have an app structure that would look like:
-
-```
-  ▾ app/
-    ▾ cmd/
-        serve.go
-        config.go
-        create.go
-      main.go
-```
-
-at this point you can run `go run main.go` and it would run your app. `go run
-main.go serve`, `go run main.go config`, `go run main.go config create` along
-with `go run main.go help serve`, etc would all work.
-
-Obviously you haven't added your own code to these yet, the commands are ready
-for you to give them their tasks. Have fun.
+[Here](https://github.com/spf13/cobra/blob/master/cobra/README.md) you can find more information about it.
 
-### Configuring the cobra generator
+## Using the Cobra Library
 
-The cobra generator will be easier to use if you provide a simple configuration
-file which will help you eliminate providing a bunch of repeated information in
-flags over and over.
-
-An example ~/.cobra.yaml file:
-
-```yaml
-author: Steve Francia <spf@spf13.com>
-license: MIT
-```
-
-You can specify no license by setting `license` to `none` or you can specify
-a custom license:
-
-```yaml
-license:
-  header: This file is part of {{ .appName }}.
-  text: |
-    {{ .copyright }}
-
-    This is my license. There are many like it, but this one is mine.
-    My license is my best friend. It is my life. I must master it as I must
-    master my life.  
-```
-
-## Manually implementing Cobra
-
-To manually implement cobra you need to create a bare main.go file and a RootCmd file.
+To manually implement Cobra you need to create a bare main.go file and a rootCmd file.
 You will optionally provide additional commands as you see fit.
 
-### Create the root command
-
-The root command represents your binary itself.
-
-
-#### Manually create rootCmd
+### Create rootCmd
 
 Cobra doesn't require any special constructors. Simply create your commands.
 
 Ideally you place this in app/cmd/root.go:
 
 ```go
-var RootCmd = &cobra.Command{
-	Use:   "hugo",
-	Short: "Hugo is a very fast static site generator",
-	Long: `A Fast and Flexible Static Site Generator built with
+var rootCmd = &cobra.Command{
+  Use:   "hugo",
+  Short: "Hugo is a very fast static site generator",
+  Long: `A Fast and Flexible Static Site Generator built with
                 love by spf13 and friends in Go.
                 Complete documentation is available at http://hugo.spf13.com`,
-	Run: func(cmd *cobra.Command, args []string) {
-		// Do Stuff Here
-	},
+  Run: func(cmd *cobra.Command, args []string) {
+    // Do Stuff Here
+  },
+}
+
+func Execute() {
+  if err := rootCmd.Execute(); err != nil {
+    fmt.Println(err)
+    os.Exit(1)
+  }
 }
 ```
 
 You will additionally define flags and handle configuration in your init() function.
 
-for example cmd/root.go:
+For example cmd/root.go:
 
 ```go
+import (
+  "fmt"
+  "os"
+
+  homedir "github.com/mitchellh/go-homedir"
+  "github.com/spf13/cobra"
+  "github.com/spf13/viper"
+)
+
 func init() {
-	cobra.OnInitialize(initConfig)
-	RootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "config file (default is $HOME/.cobra.yaml)")
-	RootCmd.PersistentFlags().StringVarP(&projectBase, "projectbase", "b", "", "base project directory eg. github.com/spf13/")
-	RootCmd.PersistentFlags().StringP("author", "a", "YOUR NAME", "Author name for copyright attribution")
-	RootCmd.PersistentFlags().StringVarP(&userLicense, "license", "l", "", "Name of license for the project (can provide `licensetext` in config)")
-	RootCmd.PersistentFlags().Bool("viper", true, "Use Viper for configuration")
-	viper.BindPFlag("author", RootCmd.PersistentFlags().Lookup("author"))
-	viper.BindPFlag("projectbase", RootCmd.PersistentFlags().Lookup("projectbase"))
-	viper.BindPFlag("useViper", RootCmd.PersistentFlags().Lookup("viper"))
-	viper.SetDefault("author", "NAME HERE <EMAIL ADDRESS>")
-	viper.SetDefault("license", "apache")
+  cobra.OnInitialize(initConfig)
+  rootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "config file (default is $HOME/.cobra.yaml)")
+  rootCmd.PersistentFlags().StringVarP(&projectBase, "projectbase", "b", "", "base project directory eg. github.com/spf13/")
+  rootCmd.PersistentFlags().StringP("author", "a", "YOUR NAME", "Author name for copyright attribution")
+  rootCmd.PersistentFlags().StringVarP(&userLicense, "license", "l", "", "Name of license for the project (can provide `licensetext` in config)")
+  rootCmd.PersistentFlags().Bool("viper", true, "Use Viper for configuration")
+  viper.BindPFlag("author", rootCmd.PersistentFlags().Lookup("author"))
+  viper.BindPFlag("projectbase", rootCmd.PersistentFlags().Lookup("projectbase"))
+  viper.BindPFlag("useViper", rootCmd.PersistentFlags().Lookup("viper"))
+  viper.SetDefault("author", "NAME HERE <EMAIL ADDRESS>")
+  viper.SetDefault("license", "apache")
+}
+
+func initConfig() {
+  // Don't forget to read config either from cfgFile or from home directory!
+  if cfgFile != "" {
+    // Use config file from the flag.
+    viper.SetConfigFile(cfgFile)
+  } else {
+    // Find home directory.
+    home, err := homedir.Dir()
+    if err != nil {
+      fmt.Println(err)
+      os.Exit(1)
+    }
+
+    // Search config in home directory with name ".cobra" (without extension).
+    viper.AddConfigPath(home)
+    viper.SetConfigName(".cobra")
+  }
+
+  if err := viper.ReadInConfig(); err != nil {
+    fmt.Println("Can't read config:", err)
+    os.Exit(1)
+  }
 }
 ```
 
@@ -313,17 +264,18 @@ In a Cobra app, typically the main.go file is very bare. It serves, one purpose,
 ```go
 package main
 
-import "{pathToYourApp}/cmd"
+import (
+  "fmt"
+  "os"
+
+  "{pathToYourApp}/cmd"
+)
 
 func main() {
-	if err := cmd.RootCmd.Execute(); err != nil {
-		fmt.Println(err)
-		os.Exit(-1)
-	}
+  cmd.Execute()
 }
 ```
 
-
 ### Create additional commands
 
 Additional commands can be defined and typically are each given their own file
@@ -336,47 +288,25 @@ populate it with the following:
 package cmd
 
 import (
-	"github.com/spf13/cobra"
+  "fmt"
+
+  "github.com/spf13/cobra"
 )
 
 func init() {
-	RootCmd.AddCommand(versionCmd)
+  rootCmd.AddCommand(versionCmd)
 }
 
 var versionCmd = &cobra.Command{
-	Use:   "version",
-	Short: "Print the version number of Hugo",
-	Long:  `All software has versions. This is Hugo's`,
-	Run: func(cmd *cobra.Command, args []string) {
-		fmt.Println("Hugo Static Site Generator v0.9 -- HEAD")
-	},
+  Use:   "version",
+  Short: "Print the version number of Hugo",
+  Long:  `All software has versions. This is Hugo's`,
+  Run: func(cmd *cobra.Command, args []string) {
+    fmt.Println("Hugo Static Site Generator v0.9 -- HEAD")
+  },
 }
 ```
 
-### Attach command to its parent
-
-
-If you notice in the above example we attach the command to its parent. In
-this case the parent is the rootCmd. In this example we are attaching it to the
-root, but commands can be attached at any level.
-
-```go
-RootCmd.AddCommand(versionCmd)
-```
-
-### Remove a command from its parent
-
-Removing a command is not a common action in simple programs, but it allows 3rd
-parties to customize an existing command tree.
-
-In this example, we remove the existing `VersionCmd` command of an existing
-root command, and we replace it with our own version:
-
-```go
-mainlib.RootCmd.RemoveCommand(mainlib.VersionCmd)
-mainlib.RootCmd.AddCommand(versionCmd)
-```
-
 ## Working with Flags
 
 Flags provide modifiers to control how the action command operates.
@@ -401,7 +331,7 @@ command it's assigned to as well as every command under that command. For
 global flags, assign a flag as a persistent flag on the root.
 
 ```go
-RootCmd.PersistentFlags().BoolVarP(&Verbose, "verbose", "v", false, "verbose output")
+rootCmd.PersistentFlags().BoolVarP(&Verbose, "verbose", "v", false, "verbose output")
 ```
 
 ### Local Flags
@@ -409,9 +339,83 @@ RootCmd.PersistentFlags().BoolVarP(&Verbose, "verbose", "v", false, "verbose out
 A flag can also be assigned locally which will only apply to that specific command.
 
 ```go
-RootCmd.Flags().StringVarP(&Source, "source", "s", "", "Source directory to read from")
+rootCmd.Flags().StringVarP(&Source, "source", "s", "", "Source directory to read from")
+```
+
+### Local Flag on Parent Commands
+
+By default Cobra only parses local flags on the target command, any local flags on
+parent commands are ignored. By enabling `Command.TraverseChildren` Cobra will
+parse local flags on each command before executing the target command.
+
+```go
+command := cobra.Command{
+  Use: "print [OPTIONS] [COMMANDS]",
+  TraverseChildren: true,
+}
 ```
 
+### Bind Flags with Config
+
+You can also bind your flags with [viper](https://github.com/spf13/viper):
+```go
+var author string
+
+func init() {
+  rootCmd.PersistentFlags().StringVar(&author, "author", "YOUR NAME", "Author name for copyright attribution")
+  viper.BindPFlag("author", rootCmd.PersistentFlags().Lookup("author"))
+}
+```
+
+In this example the persistent flag `author` is bound with `viper`.
+**Note**, that the variable `author` will not be set to the value from config,
+when the `--author` flag is not provided by user.
+
+More in [viper documentation](https://github.com/spf13/viper#working-with-flags).
+
+### Required flags
+
+Flags are optional by default. If instead you wish your command to report an error
+when a flag has not been set, mark it as required:
+```go
+rootCmd.Flags().StringVarP(&Region, "region", "r", "", "AWS region (required)")
+rootCmd.MarkFlagRequired("region")
+```
+
+## Positional and Custom Arguments
+
+Validation of positional arguments can be specified using the `Args` field
+of `Command`.
+
+The following validators are built in:
+
+- `NoArgs` - the command will report an error if there are any positional args.
+- `ArbitraryArgs` - the command will accept any args.
+- `OnlyValidArgs` - the command will report an error if there are any positional args that are not in the `ValidArgs` field of `Command`.
+- `MinimumNArgs(int)` - the command will report an error if there are not at least N positional args.
+- `MaximumNArgs(int)` - the command will report an error if there are more than N positional args.
+- `ExactArgs(int)` - the command will report an error if there are not exactly N positional args.
+- `RangeArgs(min, max)` - the command will report an error if the number of args is not between the minimum and maximum number of expected args.
+
+An example of setting the custom validator:
+
+```go
+var cmd = &cobra.Command{
+  Short: "hello",
+  Args: func(cmd *cobra.Command, args []string) error {
+    if len(args) < 1 {
+      return errors.New("requires at least one arg")
+    }
+    if myapp.IsValidColor(args[0]) {
+      return nil
+    }
+    return fmt.Errorf("invalid color specified: %s", args[0])
+  },
+  Run: func(cmd *cobra.Command, args []string) {
+    fmt.Println("Hello, World!")
+  },
+}
+```
 
 ## Example
 
@@ -428,62 +432,62 @@ More documentation about flags is available at https://github.com/spf13/pflag
 package main
 
 import (
-	"fmt"
-	"strings"
+  "fmt"
+  "strings"
 
-	"github.com/spf13/cobra"
+  "github.com/spf13/cobra"
 )
 
 func main() {
-
-	var echoTimes int
-
-	var cmdPrint = &cobra.Command{
-		Use:   "print [string to print]",
-		Short: "Print anything to the screen",
-		Long: `print is for printing anything back to the screen.
-            For many years people have printed back to the screen.
-            `,
-		Run: func(cmd *cobra.Command, args []string) {
-			fmt.Println("Print: " + strings.Join(args, " "))
-		},
-	}
-
-	var cmdEcho = &cobra.Command{
-		Use:   "echo [string to echo]",
-		Short: "Echo anything to the screen",
-		Long: `echo is for echoing anything back.
-            Echo works a lot like print, except it has a child command.
-            `,
-		Run: func(cmd *cobra.Command, args []string) {
-			fmt.Println("Print: " + strings.Join(args, " "))
-		},
-	}
-
-	var cmdTimes = &cobra.Command{
-		Use:   "times [# times] [string to echo]",
-		Short: "Echo anything to the screen more times",
-		Long: `echo things multiple times back to the user by providing
-            a count and a string.`,
-		Run: func(cmd *cobra.Command, args []string) {
-			for i := 0; i < echoTimes; i++ {
-				fmt.Println("Echo: " + strings.Join(args, " "))
-			}
-		},
-	}
-
-	cmdTimes.Flags().IntVarP(&echoTimes, "times", "t", 1, "times to echo the input")
-
-	var rootCmd = &cobra.Command{Use: "app"}
-	rootCmd.AddCommand(cmdPrint, cmdEcho)
-	cmdEcho.AddCommand(cmdTimes)
-	rootCmd.Execute()
+  var echoTimes int
+
+  var cmdPrint = &cobra.Command{
+    Use:   "print [string to print]",
+    Short: "Print anything to the screen",
+    Long: `print is for printing anything back to the screen.
+For many years people have printed back to the screen.`,
+    Args: cobra.MinimumNArgs(1),
+    Run: func(cmd *cobra.Command, args []string) {
+      fmt.Println("Print: " + strings.Join(args, " "))
+    },
+  }
+
+  var cmdEcho = &cobra.Command{
+    Use:   "echo [string to echo]",
+    Short: "Echo anything to the screen",
+    Long: `echo is for echoing anything back.
+Echo works a lot like print, except it has a child command.`,
+    Args: cobra.MinimumNArgs(1),
+    Run: func(cmd *cobra.Command, args []string) {
+      fmt.Println("Print: " + strings.Join(args, " "))
+    },
+  }
+
+  var cmdTimes = &cobra.Command{
+    Use:   "times [# times] [string to echo]",
+    Short: "Echo anything to the screen more times",
+    Long: `echo things multiple times back to the user by providing
+a count and a string.`,
+    Args: cobra.MinimumNArgs(1),
+    Run: func(cmd *cobra.Command, args []string) {
+      for i := 0; i < echoTimes; i++ {
+        fmt.Println("Echo: " + strings.Join(args, " "))
+      }
+    },
+  }
+
+  cmdTimes.Flags().IntVarP(&echoTimes, "times", "t", 1, "times to echo the input")
+
+  var rootCmd = &cobra.Command{Use: "app"}
+  rootCmd.AddCommand(cmdPrint, cmdEcho)
+  cmdEcho.AddCommand(cmdTimes)
+  rootCmd.Execute()
 }
 ```
 
 For a more complete example of a larger application, please checkout [Hugo](http://gohugo.io/).
 
-## The Help Command
+## Help Command
 
 Cobra automatically adds a help command to your application when you have subcommands.
 This will be called when a user runs 'app help'. Additionally, help will also
@@ -496,60 +500,28 @@ create' is called.  Every command will automatically have the '--help' flag adde
 The following output is automatically generated by Cobra. Nothing beyond the
 command and flag definitions are needed.
 
-    > hugo help
-
-    hugo is the main command, used to build your Hugo site.
-
-    Hugo is a Fast and Flexible Static Site Generator
-    built with love by spf13 and friends in Go.
+    $ cobra help
 
-    Complete documentation is available at http://gohugo.io/.
+    Cobra is a CLI library for Go that empowers applications.
+    This application is a tool to generate the needed files
+    to quickly create a Cobra application.
 
     Usage:
-      hugo [flags]
-      hugo [command]
+      cobra [command]
 
     Available Commands:
-      server          Hugo runs its own webserver to render the files
-      version         Print the version number of Hugo
-      config          Print the site configuration
-      check           Check content in the source directory
-      benchmark       Benchmark hugo by building a site a number of times.
-      convert         Convert your content to different formats
-      new             Create new content for your site
-      list            Listing out various types of content
-      undraft         Undraft changes the content's draft status from 'True' to 'False'
-      genautocomplete Generate shell autocompletion script for Hugo
-      gendoc          Generate Markdown documentation for the Hugo CLI.
-      genman          Generate man page for Hugo
-      import          Import your site from others.
+      add         Add a command to a Cobra Application
+      help        Help about any command
+      init        Initialize a Cobra Application
 
     Flags:
-      -b, --baseURL="": hostname (and path) to the root, e.g. http://spf13.com/
-      -D, --buildDrafts[=false]: include content marked as draft
-      -F, --buildFuture[=false]: include content with publishdate in the future
-          --cacheDir="": filesystem path to cache directory. Defaults: $TMPDIR/hugo_cache/
-          --canonifyURLs[=false]: if true, all relative URLs will be canonicalized using baseURL
-          --config="": config file (default is path/config.yaml|json|toml)
-      -d, --destination="": filesystem path to write files to
-          --disableRSS[=false]: Do not build RSS files
-          --disableSitemap[=false]: Do not build Sitemap file
-          --editor="": edit new content with this editor, if provided
-          --ignoreCache[=false]: Ignores the cache directory for reading but still writes to it
-          --log[=false]: Enable Logging
-          --logFile="": Log File path (if set, logging enabled automatically)
-          --noTimes[=false]: Don't sync modification time of files
-          --pluralizeListTitles[=true]: Pluralize titles in lists using inflect
-          --preserveTaxonomyNames[=false]: Preserve taxonomy names as written ("Gérard Depardieu" vs "gerard-depardieu")
-      -s, --source="": filesystem path to read files relative from
-          --stepAnalysis[=false]: display memory and timing of different steps of the program
-      -t, --theme="": theme to use (located in /themes/THEMENAME/)
-          --uglyURLs[=false]: if true, use /filename.html instead of /filename/
-      -v, --verbose[=false]: verbose output
-          --verboseLog[=false]: verbose logging
-      -w, --watch[=false]: watch filesystem for changes and recreate as needed
-
-    Use "hugo [command] --help" for more information about a command.
+      -a, --author string    author name for copyright attribution (default "YOUR NAME")
+          --config string    config file (default is $HOME/.cobra.yaml)
+      -h, --help             help for cobra
+      -l, --license string   name of license for the project
+          --viper            use Viper for configuration (default true)
+
+    Use "cobra [command] --help" for more information about a command.
 
 
 Help is just a command like any other. There is no special logic or behavior
@@ -557,38 +529,18 @@ around it. In fact, you can provide your own if you want.
 
 ### Defining your own help
 
-You can provide your own Help command or your own template for the default command to use.
-
-The default help command is
+You can provide your own Help command or your own template for the default command to use
+with following functions:
 
 ```go
-func (c *Command) initHelp() {
-	if c.helpCommand == nil {
-		c.helpCommand = &Command{
-			Use:   "help [command]",
-			Short: "Help about any command",
-			Long: `Help provides help for any command in the application.
-        Simply type ` + c.Name() + ` help [path to command] for full details.`,
-			Run: c.HelpFunc(),
-		}
-	}
-	c.AddCommand(c.helpCommand)
-}
-```
-
-You can provide your own command, function or template through the following methods:
-
-```go
-command.SetHelpCommand(cmd *Command)
-
-command.SetHelpFunc(f func(*Command, []string))
-
-command.SetHelpTemplate(s string)
+cmd.SetHelpCommand(cmd *Command)
+cmd.SetHelpFunc(f func(*Command, []string))
+cmd.SetHelpTemplate(s string)
 ```
 
 The latter two will also apply to any children commands.
 
-## Usage
+## Usage Message
 
 When the user provides an invalid flag or invalid command, Cobra responds by
 showing the user the 'usage'.
@@ -597,73 +549,44 @@ showing the user the 'usage'.
 You may recognize this from the help above. That's because the default help
 embeds the usage as part of its output.
 
+    $ cobra --invalid
+    Error: unknown flag: --invalid
     Usage:
-      hugo [flags]
-      hugo [command]
+      cobra [command]
 
     Available Commands:
-      server          Hugo runs its own webserver to render the files
-      version         Print the version number of Hugo
-      config          Print the site configuration
-      check           Check content in the source directory
-      benchmark       Benchmark hugo by building a site a number of times.
-      convert         Convert your content to different formats
-      new             Create new content for your site
-      list            Listing out various types of content
-      undraft         Undraft changes the content's draft status from 'True' to 'False'
-      genautocomplete Generate shell autocompletion script for Hugo
-      gendoc          Generate Markdown documentation for the Hugo CLI.
-      genman          Generate man page for Hugo
-      import          Import your site from others.
+      add         Add a command to a Cobra Application
+      help        Help about any command
+      init        Initialize a Cobra Application
 
     Flags:
-      -b, --baseURL="": hostname (and path) to the root, e.g. http://spf13.com/
-      -D, --buildDrafts[=false]: include content marked as draft
-      -F, --buildFuture[=false]: include content with publishdate in the future
-          --cacheDir="": filesystem path to cache directory. Defaults: $TMPDIR/hugo_cache/
-          --canonifyURLs[=false]: if true, all relative URLs will be canonicalized using baseURL
-          --config="": config file (default is path/config.yaml|json|toml)
-      -d, --destination="": filesystem path to write files to
-          --disableRSS[=false]: Do not build RSS files
-          --disableSitemap[=false]: Do not build Sitemap file
-          --editor="": edit new content with this editor, if provided
-          --ignoreCache[=false]: Ignores the cache directory for reading but still writes to it
-          --log[=false]: Enable Logging
-          --logFile="": Log File path (if set, logging enabled automatically)
-          --noTimes[=false]: Don't sync modification time of files
-          --pluralizeListTitles[=true]: Pluralize titles in lists using inflect
-          --preserveTaxonomyNames[=false]: Preserve taxonomy names as written ("Gérard Depardieu" vs "gerard-depardieu")
-      -s, --source="": filesystem path to read files relative from
-          --stepAnalysis[=false]: display memory and timing of different steps of the program
-      -t, --theme="": theme to use (located in /themes/THEMENAME/)
-          --uglyURLs[=false]: if true, use /filename.html instead of /filename/
-      -v, --verbose[=false]: verbose output
-          --verboseLog[=false]: verbose logging
-      -w, --watch[=false]: watch filesystem for changes and recreate as needed
+      -a, --author string    author name for copyright attribution (default "YOUR NAME")
+          --config string    config file (default is $HOME/.cobra.yaml)
+      -h, --help             help for cobra
+      -l, --license string   name of license for the project
+          --viper            use Viper for configuration (default true)
+
+    Use "cobra [command] --help" for more information about a command.
 
 ### Defining your own usage
 You can provide your own usage function or template for Cobra to use.
-
-The default usage function is:
+Like help, the function and template are overridable through public methods:
 
 ```go
-return func(c *Command) error {
-	err := tmpl(c.Out(), c.UsageTemplate(), c)
-	return err
-}
+cmd.SetUsageFunc(f func(*Command) error)
+cmd.SetUsageTemplate(s string)
 ```
 
-Like help, the function and template are overridable through public methods:
-
-```go
-command.SetUsageFunc(f func(*Command) error)
+## Version Flag
 
-command.SetUsageTemplate(s string)
-```
+Cobra adds a top-level '--version' flag if the Version field is set on the root command.
+Running an application with the '--version' flag will print the version to stdout using
+the version template. The template can be customized using the
+`cmd.SetVersionTemplate(s string)` function.
 
-## PreRun or PostRun Hooks
+## PreRun and PostRun Hooks
 
-It is possible to run functions before or after the main `Run` function of your command. The `PersistentPreRun` and `PreRun` functions will be executed before `Run`. `PersistentPostRun` and `PostRun` will be executed after `Run`.  The `Persistent*Run` functions will be inherrited by children if they do not declare their own.  These function are run in the following order:
+It is possible to run functions before or after the main `Run` function of your command. The `PersistentPreRun` and `PreRun` functions will be executed before `Run`. `PersistentPostRun` and `PostRun` will be executed after `Run`.  The `Persistent*Run` functions will be inherited by children if they do not declare their own.  These functions are run in the following order:
 
 - `PersistentPreRun`
 - `PreRun`
@@ -677,105 +600,73 @@ An example of two commands which use all of these features is below.  When the s
 package main
 
 import (
-	"fmt"
+  "fmt"
 
-	"github.com/spf13/cobra"
+  "github.com/spf13/cobra"
 )
 
 func main() {
 
-	var rootCmd = &cobra.Command{
-		Use:   "root [sub]",
-		Short: "My root command",
-		PersistentPreRun: func(cmd *cobra.Command, args []string) {
-			fmt.Printf("Inside rootCmd PersistentPreRun with args: %v\n", args)
-		},
-		PreRun: func(cmd *cobra.Command, args []string) {
-			fmt.Printf("Inside rootCmd PreRun with args: %v\n", args)
-		},
-		Run: func(cmd *cobra.Command, args []string) {
-			fmt.Printf("Inside rootCmd Run with args: %v\n", args)
-		},
-		PostRun: func(cmd *cobra.Command, args []string) {
-			fmt.Printf("Inside rootCmd PostRun with args: %v\n", args)
-		},
-		PersistentPostRun: func(cmd *cobra.Command, args []string) {
-			fmt.Printf("Inside rootCmd PersistentPostRun with args: %v\n", args)
-		},
-	}
-
-	var subCmd = &cobra.Command{
-		Use:   "sub [no options!]",
-		Short: "My subcommand",
-		PreRun: func(cmd *cobra.Command, args []string) {
-			fmt.Printf("Inside subCmd PreRun with args: %v\n", args)
-		},
-		Run: func(cmd *cobra.Command, args []string) {
-			fmt.Printf("Inside subCmd Run with args: %v\n", args)
-		},
-		PostRun: func(cmd *cobra.Command, args []string) {
-			fmt.Printf("Inside subCmd PostRun with args: %v\n", args)
-		},
-		PersistentPostRun: func(cmd *cobra.Command, args []string) {
-			fmt.Printf("Inside subCmd PersistentPostRun with args: %v\n", args)
-		},
-	}
-
-	rootCmd.AddCommand(subCmd)
-
-	rootCmd.SetArgs([]string{""})
-	_ = rootCmd.Execute()
-	fmt.Print("\n")
-	rootCmd.SetArgs([]string{"sub", "arg1", "arg2"})
-	_ = rootCmd.Execute()
+  var rootCmd = &cobra.Command{
+    Use:   "root [sub]",
+    Short: "My root command",
+    PersistentPreRun: func(cmd *cobra.Command, args []string) {
+      fmt.Printf("Inside rootCmd PersistentPreRun with args: %v\n", args)
+    },
+    PreRun: func(cmd *cobra.Command, args []string) {
+      fmt.Printf("Inside rootCmd PreRun with args: %v\n", args)
+    },
+    Run: func(cmd *cobra.Command, args []string) {
+      fmt.Printf("Inside rootCmd Run with args: %v\n", args)
+    },
+    PostRun: func(cmd *cobra.Command, args []string) {
+      fmt.Printf("Inside rootCmd PostRun with args: %v\n", args)
+    },
+    PersistentPostRun: func(cmd *cobra.Command, args []string) {
+      fmt.Printf("Inside rootCmd PersistentPostRun with args: %v\n", args)
+    },
+  }
+
+  var subCmd = &cobra.Command{
+    Use:   "sub [no options!]",
+    Short: "My subcommand",
+    PreRun: func(cmd *cobra.Command, args []string) {
+      fmt.Printf("Inside subCmd PreRun with args: %v\n", args)
+    },
+    Run: func(cmd *cobra.Command, args []string) {
+      fmt.Printf("Inside subCmd Run with args: %v\n", args)
+    },
+    PostRun: func(cmd *cobra.Command, args []string) {
+      fmt.Printf("Inside subCmd PostRun with args: %v\n", args)
+    },
+    PersistentPostRun: func(cmd *cobra.Command, args []string) {
+      fmt.Printf("Inside subCmd PersistentPostRun with args: %v\n", args)
+    },
+  }
+
+  rootCmd.AddCommand(subCmd)
+
+  rootCmd.SetArgs([]string{""})
+  rootCmd.Execute()
+  fmt.Println()
+  rootCmd.SetArgs([]string{"sub", "arg1", "arg2"})
+  rootCmd.Execute()
 }
 ```
 
+Output:
+```
+Inside rootCmd PersistentPreRun with args: []
+Inside rootCmd PreRun with args: []
+Inside rootCmd Run with args: []
+Inside rootCmd PostRun with args: []
+Inside rootCmd PersistentPostRun with args: []
 
-## Alternative Error Handling
-
-Cobra also has functions where the return signature is an error. This allows for errors to bubble up to the top,
-providing a way to handle the errors in one location. The current list of functions that return an error is:
-
-* PersistentPreRunE
-* PreRunE
-* RunE
-* PostRunE
-* PersistentPostRunE
-
-If you would like to silence the default `error` and `usage` output in favor of your own, you can set `SilenceUsage`
-and `SilenceErrors` to `false` on the command. A child command respects these flags if they are set on the parent
-command.
-
-**Example Usage using RunE:**
-
-```go
-package main
-
-import (
-	"errors"
-	"log"
-
-	"github.com/spf13/cobra"
-)
-
-func main() {
-	var rootCmd = &cobra.Command{
-		Use:   "hugo",
-		Short: "Hugo is a very fast static site generator",
-		Long: `A Fast and Flexible Static Site Generator built with
-                love by spf13 and friends in Go.
-                Complete documentation is available at http://hugo.spf13.com`,
-		RunE: func(cmd *cobra.Command, args []string) error {
-			// Do Stuff Here
-			return errors.New("some random error")
-		},
-	}
-
-	if err := rootCmd.Execute(); err != nil {
-		log.Fatal(err)
-	}
-}
+Inside rootCmd PersistentPreRun with args: [arg1 arg2]
+Inside subCmd PreRun with args: [arg1 arg2]
+Inside subCmd Run with args: [arg1 arg2]
+Inside subCmd PostRun with args: [arg1 arg2]
+Inside subCmd PersistentPostRun with args: [arg1 arg2]
 ```
 
 ## Suggestions when "unknown command" happens
@@ -818,81 +709,28 @@ Did you mean this?
 Run 'kubectl help' for usage.
 ```
 
-## Generating Markdown-formatted documentation for your command
-
-Cobra can generate a Markdown-formatted document based on the subcommands, flags, etc. A simple example of how to do this for your command can be found in [Markdown Docs](doc/md_docs.md).
+## Generating documentation for your command
 
-## Generating man pages for your command
+Cobra can generate documentation based on subcommands, flags, etc. in the following formats:
 
-Cobra can generate a man page based on the subcommands, flags, etc. A simple example of how to do this for your command can be found in [Man Docs](doc/man_docs.md).
+- [Markdown](doc/md_docs.md)
+- [ReStructured Text](doc/rest_docs.md)
+- [Man Page](doc/man_docs.md)
 
-## Generating bash completions for your command
+## Generating bash completions
 
 Cobra can generate a bash-completion file. If you add more information to your command, these completions can be amazingly powerful and flexible.  Read more about it in [Bash Completions](bash_completions.md).
 
-## Debugging
-
-Cobra provides a ‘DebugFlags’ method on a command which, when called, will print
-out everything Cobra knows about the flags for each command.
-
-### Example
-
-```go
-command.DebugFlags()
-```
-
-## Release Notes
-* **0.9.0** June 17, 2014
-  * flags can appears anywhere in the args (provided they are unambiguous)
-  * --help prints usage screen for app or command
-  * Prefix matching for commands
-  * Cleaner looking help and usage output
-  * Extensive test suite
-* **0.8.0** Nov 5, 2013
-  * Reworked interface to remove commander completely
-  * Command now primary structure
-  * No initialization needed
-  * Usage & Help templates & functions definable at any level
-  * Updated Readme
-* **0.7.0** Sept 24, 2013
-  * Needs more eyes
-  * Test suite
-  * Support for automatic error messages
-  * Support for help command
-  * Support for printing to any io.Writer instead of os.Stderr
-  * Support for persistent flags which cascade down tree
-  * Ready for integration into Hugo
-* **0.1.0** Sept 3, 2013
-  * Implement first draft
-
-## Extensions
-
-Libraries for extending Cobra:
-
-* [cmdns](https://github.com/gosuri/cmdns): Enables name spacing a command's immediate children. It provides an alternative way to structure subcommands, similar to `heroku apps:create` and `ovrclk clusters:launch`.
-
-## ToDo
-* Launch proper documentation site
-
-## Contributing
+# Contributing
 
 1. Fork it
-2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Commit your changes (`git commit -am 'Add some feature'`)
-4. Push to the branch (`git push origin my-new-feature`)
-5. Create new Pull Request
-
-## Contributors
+2. Download your fork to your PC (`git clone https://github.com/your_username/cobra && cd cobra`)
+3. Create your feature branch (`git checkout -b my-new-feature`)
+4. Make changes and add them (`git add .`)
+5. Commit your changes (`git commit -m 'Add some feature'`)
+6. Push to the branch (`git push origin my-new-feature`)
+7. Create new pull request
 
-Names in no particular order:
-
-* [spf13](https://github.com/spf13),
-[eparis](https://github.com/eparis),
-[bep](https://github.com/bep), and many more!
-
-## License
+# License
 
 Cobra is released under the Apache 2.0 license. See [LICENSE.txt](https://github.com/spf13/cobra/blob/master/LICENSE.txt)
-
-
-[![Bitdeli Badge](https://d2weczhvl823v0.cloudfront.net/spf13/cobra/trend.png)](https://bitdeli.com/free "Bitdeli Badge")
diff --git a/vendor/github.com/spf13/cobra/args.go b/vendor/github.com/spf13/cobra/args.go
new file mode 100644
index 000000000000..a5d8a9273eab
--- /dev/null
+++ b/vendor/github.com/spf13/cobra/args.go
@@ -0,0 +1,89 @@
+package cobra
+
+import (
+	"fmt"
+)
+
+type PositionalArgs func(cmd *Command, args []string) error
+
+// Legacy arg validation has the following behaviour:
+// - root commands with no subcommands can take arbitrary arguments
+// - root commands with subcommands will do subcommand validity checking
+// - subcommands will always accept arbitrary arguments
+func legacyArgs(cmd *Command, args []string) error {
+	// no subcommand, always take args
+	if !cmd.HasSubCommands() {
+		return nil
+	}
+
+	// root command with subcommands, do subcommand checking.
+	if !cmd.HasParent() && len(args) > 0 {
+		return fmt.Errorf("unknown command %q for %q%s", args[0], cmd.CommandPath(), cmd.findSuggestions(args[0]))
+	}
+	return nil
+}
+
+// NoArgs returns an error if any args are included.
+func NoArgs(cmd *Command, args []string) error {
+	if len(args) > 0 {
+		return fmt.Errorf("unknown command %q for %q", args[0], cmd.CommandPath())
+	}
+	return nil
+}
+
+// OnlyValidArgs returns an error if any args are not in the list of ValidArgs.
+func OnlyValidArgs(cmd *Command, args []string) error {
+	if len(cmd.ValidArgs) > 0 {
+		for _, v := range args {
+			if !stringInSlice(v, cmd.ValidArgs) {
+				return fmt.Errorf("invalid argument %q for %q%s", v, cmd.CommandPath(), cmd.findSuggestions(args[0]))
+			}
+		}
+	}
+	return nil
+}
+
+// ArbitraryArgs never returns an error.
+func ArbitraryArgs(cmd *Command, args []string) error {
+	return nil
+}
+
+// MinimumNArgs returns an error if there is not at least N args.
+func MinimumNArgs(n int) PositionalArgs {
+	return func(cmd *Command, args []string) error {
+		if len(args) < n {
+			return fmt.Errorf("requires at least %d arg(s), only received %d", n, len(args))
+		}
+		return nil
+	}
+}
+
+// MaximumNArgs returns an error if there are more than N args.
+func MaximumNArgs(n int) PositionalArgs {
+	return func(cmd *Command, args []string) error {
+		if len(args) > n {
+			return fmt.Errorf("accepts at most %d arg(s), received %d", n, len(args))
+		}
+		return nil
+	}
+}
+
+// ExactArgs returns an error if there are not exactly n args.
+func ExactArgs(n int) PositionalArgs {
+	return func(cmd *Command, args []string) error {
+		if len(args) != n {
+			return fmt.Errorf("accepts %d arg(s), received %d", n, len(args))
+		}
+		return nil
+	}
+}
+
+// RangeArgs returns an error if the number of args is not within the expected range.
+func RangeArgs(min int, max int) PositionalArgs {
+	return func(cmd *Command, args []string) error {
+		if len(args) < min || len(args) > max {
+			return fmt.Errorf("accepts between %d and %d arg(s), received %d", min, max, len(args))
+		}
+		return nil
+	}
+}
diff --git a/vendor/github.com/spf13/cobra/bash_completions.go b/vendor/github.com/spf13/cobra/bash_completions.go
index 236dee67f211..291eae7d8e5b 100644
--- a/vendor/github.com/spf13/cobra/bash_completions.go
+++ b/vendor/github.com/spf13/cobra/bash_completions.go
@@ -1,6 +1,7 @@
 package cobra
 
 import (
+	"bytes"
 	"fmt"
 	"io"
 	"os"
@@ -10,20 +11,18 @@ import (
 	"github.com/spf13/pflag"
 )
 
+// Annotations for Bash completion.
 const (
-	BashCompFilenameExt     = "cobra_annotation_bash_completion_filename_extentions"
+	BashCompFilenameExt     = "cobra_annotation_bash_completion_filename_extensions"
 	BashCompCustom          = "cobra_annotation_bash_completion_custom"
 	BashCompOneRequiredFlag = "cobra_annotation_bash_completion_one_required_flag"
 	BashCompSubdirsInDir    = "cobra_annotation_bash_completion_subdirs_in_dir"
 )
 
-func preamble(out io.Writer, name string) error {
-	_, err := fmt.Fprintf(out, "# bash completion for %-36s -*- shell-script -*-\n", name)
-	if err != nil {
-		return err
-	}
-	_, err = fmt.Fprint(out, `
-__debug()
+func writePreamble(buf *bytes.Buffer, name string) {
+	buf.WriteString(fmt.Sprintf("# bash completion for %-36s -*- shell-script -*-\n", name))
+	buf.WriteString(fmt.Sprintf(`
+__%[1]s_debug()
 {
     if [[ -n ${BASH_COMP_DEBUG_FILE} ]]; then
         echo "$*" >> "${BASH_COMP_DEBUG_FILE}"
@@ -32,13 +31,13 @@ __debug()
 
 # Homebrew on Macs have version 1.3 of bash-completion which doesn't include
 # _init_completion. This is a very minimal version of that function.
-__my_init_completion()
+__%[1]s_init_completion()
 {
     COMPREPLY=()
     _get_comp_words_by_ref "$@" cur prev words cword
 }
 
-__index_of_word()
+__%[1]s_index_of_word()
 {
     local w word=$1
     shift
@@ -50,7 +49,7 @@ __index_of_word()
     index=-1
 }
 
-__contains_word()
+__%[1]s_contains_word()
 {
     local w word=$1; shift
     for w in "$@"; do
@@ -59,9 +58,9 @@ __contains_word()
     return 1
 }
 
-__handle_reply()
+__%[1]s_handle_reply()
 {
-    __debug "${FUNCNAME[0]}"
+    __%[1]s_debug "${FUNCNAME[0]}"
     case $cur in
         -*)
             if [[ $(type -t compopt) = "builtin" ]]; then
@@ -86,14 +85,14 @@ __handle_reply()
 
                 local index flag
                 flag="${cur%%=*}"
-                __index_of_word "${flag}" "${flags_with_completion[@]}"
+                __%[1]s_index_of_word "${flag}" "${flags_with_completion[@]}"
+                COMPREPLY=()
                 if [[ ${index} -ge 0 ]]; then
-                    COMPREPLY=()
                     PREFIX=""
                     cur="${cur#*=}"
                     ${flags_completion[${index}]}
                     if [ -n "${ZSH_VERSION}" ]; then
-                        # zfs completion needs --flag= prefix
+                        # zsh completion needs --flag= prefix
                         eval "COMPREPLY=( \"\${COMPREPLY[@]/#/${flag}=}\" )"
                     fi
                 fi
@@ -104,7 +103,7 @@ __handle_reply()
 
     # check if we are handling a flag with special work handling
     local index
-    __index_of_word "${prev}" "${flags_with_completion[@]}"
+    __%[1]s_index_of_word "${prev}" "${flags_with_completion[@]}"
     if [[ ${index} -ge 0 ]]; then
         ${flags_completion[${index}]}
         return
@@ -133,25 +132,34 @@ __handle_reply()
         declare -F __custom_func >/dev/null && __custom_func
     fi
 
-    __ltrim_colon_completions "$cur"
+    # available in bash-completion >= 2, not always present on macOS
+    if declare -F __ltrim_colon_completions >/dev/null; then
+        __ltrim_colon_completions "$cur"
+    fi
+
+    # If there is only 1 completion and it is a flag with an = it will be completed
+    # but we don't want a space after the =
+    if [[ "${#COMPREPLY[@]}" -eq "1" ]] && [[ $(type -t compopt) = "builtin" ]] && [[ "${COMPREPLY[0]}" == --*= ]]; then
+       compopt -o nospace
+    fi
 }
 
 # The arguments should be in the form "ext1|ext2|extn"
-__handle_filename_extension_flag()
+__%[1]s_handle_filename_extension_flag()
 {
     local ext="$1"
     _filedir "@(${ext})"
 }
 
-__handle_subdirs_in_dir_flag()
+__%[1]s_handle_subdirs_in_dir_flag()
 {
     local dir="$1"
     pushd "${dir}" >/dev/null 2>&1 && _filedir -d && popd >/dev/null 2>&1
 }
 
-__handle_flag()
+__%[1]s_handle_flag()
 {
-    __debug "${FUNCNAME[0]}: c is $c words[c] is ${words[c]}"
+    __%[1]s_debug "${FUNCNAME[0]}: c is $c words[c] is ${words[c]}"
 
     # if a command required a flag, and we found it, unset must_have_one_flag()
     local flagname=${words[c]}
@@ -162,27 +170,30 @@ __handle_flag()
         flagname=${flagname%%=*} # strip everything after the =
         flagname="${flagname}=" # but put the = back
     fi
-    __debug "${FUNCNAME[0]}: looking for ${flagname}"
-    if __contains_word "${flagname}" "${must_have_one_flag[@]}"; then
+    __%[1]s_debug "${FUNCNAME[0]}: looking for ${flagname}"
+    if __%[1]s_contains_word "${flagname}" "${must_have_one_flag[@]}"; then
         must_have_one_flag=()
     fi
 
     # if you set a flag which only applies to this command, don't show subcommands
-    if __contains_word "${flagname}" "${local_nonpersistent_flags[@]}"; then
+    if __%[1]s_contains_word "${flagname}" "${local_nonpersistent_flags[@]}"; then
       commands=()
     fi
 
     # keep flag value with flagname as flaghash
-    if [ -n "${flagvalue}" ] ; then
-        flaghash[${flagname}]=${flagvalue}
-    elif [ -n "${words[ $((c+1)) ]}" ] ; then
-        flaghash[${flagname}]=${words[ $((c+1)) ]}
-    else
-        flaghash[${flagname}]="true" # pad "true" for bool flag
+    # flaghash variable is an associative array which is only supported in bash > 3.
+    if [[ -z "${BASH_VERSION}" || "${BASH_VERSINFO[0]}" -gt 3 ]]; then
+        if [ -n "${flagvalue}" ] ; then
+            flaghash[${flagname}]=${flagvalue}
+        elif [ -n "${words[ $((c+1)) ]}" ] ; then
+            flaghash[${flagname}]=${words[ $((c+1)) ]}
+        else
+            flaghash[${flagname}]="true" # pad "true" for bool flag
+        fi
     fi
 
     # skip the argument to a two word flag
-    if __contains_word "${words[c]}" "${two_word_flags[@]}"; then
+    if __%[1]s_contains_word "${words[c]}" "${two_word_flags[@]}"; then
         c=$((c+1))
         # if we are looking for a flags value, don't show commands
         if [[ $c -eq $cword ]]; then
@@ -194,13 +205,13 @@ __handle_flag()
 
 }
 
-__handle_noun()
+__%[1]s_handle_noun()
 {
-    __debug "${FUNCNAME[0]}: c is $c words[c] is ${words[c]}"
+    __%[1]s_debug "${FUNCNAME[0]}: c is $c words[c] is ${words[c]}"
 
-    if __contains_word "${words[c]}" "${must_have_one_noun[@]}"; then
+    if __%[1]s_contains_word "${words[c]}" "${must_have_one_noun[@]}"; then
         must_have_one_noun=()
-    elif __contains_word "${words[c]}" "${noun_aliases[@]}"; then
+    elif __%[1]s_contains_word "${words[c]}" "${noun_aliases[@]}"; then
         must_have_one_noun=()
     fi
 
@@ -208,61 +219,57 @@ __handle_noun()
     c=$((c+1))
 }
 
-__handle_command()
+__%[1]s_handle_command()
 {
-    __debug "${FUNCNAME[0]}: c is $c words[c] is ${words[c]}"
+    __%[1]s_debug "${FUNCNAME[0]}: c is $c words[c] is ${words[c]}"
 
     local next_command
     if [[ -n ${last_command} ]]; then
         next_command="_${last_command}_${words[c]//:/__}"
     else
         if [[ $c -eq 0 ]]; then
-            next_command="_$(basename "${words[c]//:/__}")"
+            next_command="_%[1]s_root_command"
         else
             next_command="_${words[c]//:/__}"
         fi
     fi
     c=$((c+1))
-    __debug "${FUNCNAME[0]}: looking for ${next_command}"
-    declare -F $next_command >/dev/null && $next_command
+    __%[1]s_debug "${FUNCNAME[0]}: looking for ${next_command}"
+    declare -F "$next_command" >/dev/null && $next_command
 }
 
-__handle_word()
+__%[1]s_handle_word()
 {
     if [[ $c -ge $cword ]]; then
-        __handle_reply
+        __%[1]s_handle_reply
         return
     fi
-    __debug "${FUNCNAME[0]}: c is $c words[c] is ${words[c]}"
+    __%[1]s_debug "${FUNCNAME[0]}: c is $c words[c] is ${words[c]}"
     if [[ "${words[c]}" == -* ]]; then
-        __handle_flag
-    elif __contains_word "${words[c]}" "${commands[@]}"; then
-        __handle_command
-    elif [[ $c -eq 0 ]] && __contains_word "$(basename "${words[c]}")" "${commands[@]}"; then
-        __handle_command
+        __%[1]s_handle_flag
+    elif __%[1]s_contains_word "${words[c]}" "${commands[@]}"; then
+        __%[1]s_handle_command
+    elif [[ $c -eq 0 ]]; then
+        __%[1]s_handle_command
     else
-        __handle_noun
+        __%[1]s_handle_noun
     fi
-    __handle_word
+    __%[1]s_handle_word
 }
 
-`)
-	return err
+`, name))
 }
 
-func postscript(w io.Writer, name string) error {
+func writePostscript(buf *bytes.Buffer, name string) {
 	name = strings.Replace(name, ":", "__", -1)
-	_, err := fmt.Fprintf(w, "__start_%s()\n", name)
-	if err != nil {
-		return err
-	}
-	_, err = fmt.Fprintf(w, `{
+	buf.WriteString(fmt.Sprintf("__start_%s()\n", name))
+	buf.WriteString(fmt.Sprintf(`{
     local cur prev words cword
     declare -A flaghash 2>/dev/null || :
     if declare -F _init_completion >/dev/null 2>&1; then
         _init_completion -s || return
     else
-        __my_init_completion -n "=" || return
+        __%[1]s_init_completion -n "=" || return
     fi
 
     local c=0
@@ -271,350 +278,268 @@ func postscript(w io.Writer, name string) error {
     local local_nonpersistent_flags=()
     local flags_with_completion=()
     local flags_completion=()
-    local commands=("%s")
+    local commands=("%[1]s")
     local must_have_one_flag=()
     local must_have_one_noun=()
     local last_command
     local nouns=()
 
-    __handle_word
+    __%[1]s_handle_word
 }
 
-`, name)
-	if err != nil {
-		return err
-	}
-	_, err = fmt.Fprintf(w, `if [[ $(type -t compopt) = "builtin" ]]; then
+`, name))
+	buf.WriteString(fmt.Sprintf(`if [[ $(type -t compopt) = "builtin" ]]; then
     complete -o default -F __start_%s %s
 else
     complete -o default -o nospace -F __start_%s %s
 fi
 
-`, name, name, name, name)
-	if err != nil {
-		return err
-	}
-	_, err = fmt.Fprintf(w, "# ex: ts=4 sw=4 et filetype=sh\n")
-	return err
+`, name, name, name, name))
+	buf.WriteString("# ex: ts=4 sw=4 et filetype=sh\n")
 }
 
-func writeCommands(cmd *Command, w io.Writer) error {
-	if _, err := fmt.Fprintf(w, "    commands=()\n"); err != nil {
-		return err
-	}
+func writeCommands(buf *bytes.Buffer, cmd *Command) {
+	buf.WriteString("    commands=()\n")
 	for _, c := range cmd.Commands() {
 		if !c.IsAvailableCommand() || c == cmd.helpCommand {
 			continue
 		}
-		if _, err := fmt.Fprintf(w, "    commands+=(%q)\n", c.Name()); err != nil {
-			return err
-		}
+		buf.WriteString(fmt.Sprintf("    commands+=(%q)\n", c.Name()))
 	}
-	_, err := fmt.Fprintf(w, "\n")
-	return err
+	buf.WriteString("\n")
 }
 
-func writeFlagHandler(name string, annotations map[string][]string, w io.Writer) error {
+func writeFlagHandler(buf *bytes.Buffer, name string, annotations map[string][]string, cmd *Command) {
 	for key, value := range annotations {
 		switch key {
 		case BashCompFilenameExt:
-			_, err := fmt.Fprintf(w, "    flags_with_completion+=(%q)\n", name)
-			if err != nil {
-				return err
-			}
+			buf.WriteString(fmt.Sprintf("    flags_with_completion+=(%q)\n", name))
 
+			var ext string
 			if len(value) > 0 {
-				ext := "__handle_filename_extension_flag " + strings.Join(value, "|")
-				_, err = fmt.Fprintf(w, "    flags_completion+=(%q)\n", ext)
+				ext = fmt.Sprintf("__%s_handle_filename_extension_flag ", cmd.Root().Name()) + strings.Join(value, "|")
 			} else {
-				ext := "_filedir"
-				_, err = fmt.Fprintf(w, "    flags_completion+=(%q)\n", ext)
-			}
-			if err != nil {
-				return err
+				ext = "_filedir"
 			}
+			buf.WriteString(fmt.Sprintf("    flags_completion+=(%q)\n", ext))
 		case BashCompCustom:
-			_, err := fmt.Fprintf(w, "    flags_with_completion+=(%q)\n", name)
-			if err != nil {
-				return err
-			}
+			buf.WriteString(fmt.Sprintf("    flags_with_completion+=(%q)\n", name))
 			if len(value) > 0 {
 				handlers := strings.Join(value, "; ")
-				_, err = fmt.Fprintf(w, "    flags_completion+=(%q)\n", handlers)
+				buf.WriteString(fmt.Sprintf("    flags_completion+=(%q)\n", handlers))
 			} else {
-				_, err = fmt.Fprintf(w, "    flags_completion+=(:)\n")
-			}
-			if err != nil {
-				return err
+				buf.WriteString("    flags_completion+=(:)\n")
 			}
 		case BashCompSubdirsInDir:
-			_, err := fmt.Fprintf(w, "    flags_with_completion+=(%q)\n", name)
+			buf.WriteString(fmt.Sprintf("    flags_with_completion+=(%q)\n", name))
 
+			var ext string
 			if len(value) == 1 {
-				ext := "__handle_subdirs_in_dir_flag " + value[0]
-				_, err = fmt.Fprintf(w, "    flags_completion+=(%q)\n", ext)
+				ext = fmt.Sprintf("__%s_handle_subdirs_in_dir_flag ", cmd.Root().Name()) + value[0]
 			} else {
-				ext := "_filedir -d"
-				_, err = fmt.Fprintf(w, "    flags_completion+=(%q)\n", ext)
-			}
-			if err != nil {
-				return err
+				ext = "_filedir -d"
 			}
+			buf.WriteString(fmt.Sprintf("    flags_completion+=(%q)\n", ext))
 		}
 	}
-	return nil
 }
 
-func writeShortFlag(flag *pflag.Flag, w io.Writer) error {
-	b := (len(flag.NoOptDefVal) > 0)
+func writeShortFlag(buf *bytes.Buffer, flag *pflag.Flag, cmd *Command) {
 	name := flag.Shorthand
 	format := "    "
-	if !b {
+	if len(flag.NoOptDefVal) == 0 {
 		format += "two_word_"
 	}
 	format += "flags+=(\"-%s\")\n"
-	if _, err := fmt.Fprintf(w, format, name); err != nil {
-		return err
-	}
-	return writeFlagHandler("-"+name, flag.Annotations, w)
+	buf.WriteString(fmt.Sprintf(format, name))
+	writeFlagHandler(buf, "-"+name, flag.Annotations, cmd)
 }
 
-func writeFlag(flag *pflag.Flag, w io.Writer) error {
-	b := (len(flag.NoOptDefVal) > 0)
+func writeFlag(buf *bytes.Buffer, flag *pflag.Flag, cmd *Command) {
 	name := flag.Name
 	format := "    flags+=(\"--%s"
-	if !b {
+	if len(flag.NoOptDefVal) == 0 {
 		format += "="
 	}
 	format += "\")\n"
-	if _, err := fmt.Fprintf(w, format, name); err != nil {
-		return err
-	}
-	return writeFlagHandler("--"+name, flag.Annotations, w)
+	buf.WriteString(fmt.Sprintf(format, name))
+	writeFlagHandler(buf, "--"+name, flag.Annotations, cmd)
 }
 
-func writeLocalNonPersistentFlag(flag *pflag.Flag, w io.Writer) error {
-	b := (len(flag.NoOptDefVal) > 0)
+func writeLocalNonPersistentFlag(buf *bytes.Buffer, flag *pflag.Flag) {
 	name := flag.Name
 	format := "    local_nonpersistent_flags+=(\"--%s"
-	if !b {
+	if len(flag.NoOptDefVal) == 0 {
 		format += "="
 	}
 	format += "\")\n"
-	if _, err := fmt.Fprintf(w, format, name); err != nil {
-		return err
-	}
-	return nil
+	buf.WriteString(fmt.Sprintf(format, name))
 }
 
-func writeFlags(cmd *Command, w io.Writer) error {
-	_, err := fmt.Fprintf(w, `    flags=()
+func writeFlags(buf *bytes.Buffer, cmd *Command) {
+	buf.WriteString(`    flags=()
     two_word_flags=()
     local_nonpersistent_flags=()
     flags_with_completion=()
     flags_completion=()
 
 `)
-	if err != nil {
-		return err
-	}
 	localNonPersistentFlags := cmd.LocalNonPersistentFlags()
-	var visitErr error
 	cmd.NonInheritedFlags().VisitAll(func(flag *pflag.Flag) {
-		if err := writeFlag(flag, w); err != nil {
-			visitErr = err
+		if nonCompletableFlag(flag) {
 			return
 		}
+		writeFlag(buf, flag, cmd)
 		if len(flag.Shorthand) > 0 {
-			if err := writeShortFlag(flag, w); err != nil {
-				visitErr = err
-				return
-			}
+			writeShortFlag(buf, flag, cmd)
 		}
 		if localNonPersistentFlags.Lookup(flag.Name) != nil {
-			if err := writeLocalNonPersistentFlag(flag, w); err != nil {
-				visitErr = err
-				return
-			}
+			writeLocalNonPersistentFlag(buf, flag)
 		}
 	})
-	if visitErr != nil {
-		return visitErr
-	}
 	cmd.InheritedFlags().VisitAll(func(flag *pflag.Flag) {
-		if err := writeFlag(flag, w); err != nil {
-			visitErr = err
+		if nonCompletableFlag(flag) {
 			return
 		}
+		writeFlag(buf, flag, cmd)
 		if len(flag.Shorthand) > 0 {
-			if err := writeShortFlag(flag, w); err != nil {
-				visitErr = err
-				return
-			}
+			writeShortFlag(buf, flag, cmd)
 		}
 	})
-	if visitErr != nil {
-		return visitErr
-	}
 
-	_, err = fmt.Fprintf(w, "\n")
-	return err
+	buf.WriteString("\n")
 }
 
-func writeRequiredFlag(cmd *Command, w io.Writer) error {
-	if _, err := fmt.Fprintf(w, "    must_have_one_flag=()\n"); err != nil {
-		return err
-	}
+func writeRequiredFlag(buf *bytes.Buffer, cmd *Command) {
+	buf.WriteString("    must_have_one_flag=()\n")
 	flags := cmd.NonInheritedFlags()
-	var visitErr error
 	flags.VisitAll(func(flag *pflag.Flag) {
+		if nonCompletableFlag(flag) {
+			return
+		}
 		for key := range flag.Annotations {
 			switch key {
 			case BashCompOneRequiredFlag:
 				format := "    must_have_one_flag+=(\"--%s"
-				b := (flag.Value.Type() == "bool")
-				if !b {
+				if flag.Value.Type() != "bool" {
 					format += "="
 				}
 				format += "\")\n"
-				if _, err := fmt.Fprintf(w, format, flag.Name); err != nil {
-					visitErr = err
-					return
-				}
+				buf.WriteString(fmt.Sprintf(format, flag.Name))
 
 				if len(flag.Shorthand) > 0 {
-					if _, err := fmt.Fprintf(w, "    must_have_one_flag+=(\"-%s\")\n", flag.Shorthand); err != nil {
-						visitErr = err
-						return
-					}
+					buf.WriteString(fmt.Sprintf("    must_have_one_flag+=(\"-%s\")\n", flag.Shorthand))
 				}
 			}
 		}
 	})
-	return visitErr
 }
 
-func writeRequiredNouns(cmd *Command, w io.Writer) error {
-	if _, err := fmt.Fprintf(w, "    must_have_one_noun=()\n"); err != nil {
-		return err
-	}
+func writeRequiredNouns(buf *bytes.Buffer, cmd *Command) {
+	buf.WriteString("    must_have_one_noun=()\n")
 	sort.Sort(sort.StringSlice(cmd.ValidArgs))
 	for _, value := range cmd.ValidArgs {
-		if _, err := fmt.Fprintf(w, "    must_have_one_noun+=(%q)\n", value); err != nil {
-			return err
-		}
+		buf.WriteString(fmt.Sprintf("    must_have_one_noun+=(%q)\n", value))
 	}
-	return nil
 }
 
-func writeArgAliases(cmd *Command, w io.Writer) error {
-	if _, err := fmt.Fprintf(w, "    noun_aliases=()\n"); err != nil {
-		return err
-	}
+func writeArgAliases(buf *bytes.Buffer, cmd *Command) {
+	buf.WriteString("    noun_aliases=()\n")
 	sort.Sort(sort.StringSlice(cmd.ArgAliases))
 	for _, value := range cmd.ArgAliases {
-		if _, err := fmt.Fprintf(w, "    noun_aliases+=(%q)\n", value); err != nil {
-			return err
-		}
+		buf.WriteString(fmt.Sprintf("    noun_aliases+=(%q)\n", value))
 	}
-	return nil
 }
 
-func gen(cmd *Command, w io.Writer) error {
+func gen(buf *bytes.Buffer, cmd *Command) {
 	for _, c := range cmd.Commands() {
 		if !c.IsAvailableCommand() || c == cmd.helpCommand {
 			continue
 		}
-		if err := gen(c, w); err != nil {
-			return err
-		}
+		gen(buf, c)
 	}
 	commandName := cmd.CommandPath()
 	commandName = strings.Replace(commandName, " ", "_", -1)
 	commandName = strings.Replace(commandName, ":", "__", -1)
-	if _, err := fmt.Fprintf(w, "_%s()\n{\n", commandName); err != nil {
-		return err
-	}
-	if _, err := fmt.Fprintf(w, "    last_command=%q\n", commandName); err != nil {
-		return err
-	}
-	if err := writeCommands(cmd, w); err != nil {
-		return err
-	}
-	if err := writeFlags(cmd, w); err != nil {
-		return err
-	}
-	if err := writeRequiredFlag(cmd, w); err != nil {
-		return err
-	}
-	if err := writeRequiredNouns(cmd, w); err != nil {
-		return err
-	}
-	if err := writeArgAliases(cmd, w); err != nil {
-		return err
-	}
-	if _, err := fmt.Fprintf(w, "}\n\n"); err != nil {
-		return err
+
+	if cmd.Root() == cmd {
+		buf.WriteString(fmt.Sprintf("_%s_root_command()\n{\n", commandName))
+	} else {
+		buf.WriteString(fmt.Sprintf("_%s()\n{\n", commandName))
 	}
-	return nil
+
+	buf.WriteString(fmt.Sprintf("    last_command=%q\n", commandName))
+	writeCommands(buf, cmd)
+	writeFlags(buf, cmd)
+	writeRequiredFlag(buf, cmd)
+	writeRequiredNouns(buf, cmd)
+	writeArgAliases(buf, cmd)
+	buf.WriteString("}\n\n")
 }
 
-func (cmd *Command) GenBashCompletion(w io.Writer) error {
-	if err := preamble(w, cmd.Name()); err != nil {
-		return err
-	}
-	if len(cmd.BashCompletionFunction) > 0 {
-		if _, err := fmt.Fprintf(w, "%s\n", cmd.BashCompletionFunction); err != nil {
-			return err
-		}
-	}
-	if err := gen(cmd, w); err != nil {
-		return err
+// GenBashCompletion generates bash completion file and writes to the passed writer.
+func (c *Command) GenBashCompletion(w io.Writer) error {
+	buf := new(bytes.Buffer)
+	writePreamble(buf, c.Name())
+	if len(c.BashCompletionFunction) > 0 {
+		buf.WriteString(c.BashCompletionFunction + "\n")
 	}
-	return postscript(w, cmd.Name())
+	gen(buf, c)
+	writePostscript(buf, c.Name())
+
+	_, err := buf.WriteTo(w)
+	return err
+}
+
+func nonCompletableFlag(flag *pflag.Flag) bool {
+	return flag.Hidden || len(flag.Deprecated) > 0
 }
 
-func (cmd *Command) GenBashCompletionFile(filename string) error {
+// GenBashCompletionFile generates bash completion file.
+func (c *Command) GenBashCompletionFile(filename string) error {
 	outFile, err := os.Create(filename)
 	if err != nil {
 		return err
 	}
 	defer outFile.Close()
 
-	return cmd.GenBashCompletion(outFile)
+	return c.GenBashCompletion(outFile)
 }
 
-// MarkFlagRequired adds the BashCompOneRequiredFlag annotation to the named flag, if it exists.
-func (cmd *Command) MarkFlagRequired(name string) error {
-	return MarkFlagRequired(cmd.Flags(), name)
+// MarkFlagRequired adds the BashCompOneRequiredFlag annotation to the named flag if it exists,
+// and causes your command to report an error if invoked without the flag.
+func (c *Command) MarkFlagRequired(name string) error {
+	return MarkFlagRequired(c.Flags(), name)
 }
 
-// MarkPersistentFlagRequired adds the BashCompOneRequiredFlag annotation to the named persistent flag, if it exists.
-func (cmd *Command) MarkPersistentFlagRequired(name string) error {
-	return MarkFlagRequired(cmd.PersistentFlags(), name)
+// MarkPersistentFlagRequired adds the BashCompOneRequiredFlag annotation to the named persistent flag if it exists,
+// and causes your command to report an error if invoked without the flag.
+func (c *Command) MarkPersistentFlagRequired(name string) error {
+	return MarkFlagRequired(c.PersistentFlags(), name)
 }
 
-// MarkFlagRequired adds the BashCompOneRequiredFlag annotation to the named flag in the flag set, if it exists.
+// MarkFlagRequired adds the BashCompOneRequiredFlag annotation to the named flag if it exists,
+// and causes your command to report an error if invoked without the flag.
 func MarkFlagRequired(flags *pflag.FlagSet, name string) error {
 	return flags.SetAnnotation(name, BashCompOneRequiredFlag, []string{"true"})
 }
 
 // MarkFlagFilename adds the BashCompFilenameExt annotation to the named flag, if it exists.
 // Generated bash autocompletion will select filenames for the flag, limiting to named extensions if provided.
-func (cmd *Command) MarkFlagFilename(name string, extensions ...string) error {
-	return MarkFlagFilename(cmd.Flags(), name, extensions...)
+func (c *Command) MarkFlagFilename(name string, extensions ...string) error {
+	return MarkFlagFilename(c.Flags(), name, extensions...)
 }
 
 // MarkFlagCustom adds the BashCompCustom annotation to the named flag, if it exists.
 // Generated bash autocompletion will call the bash function f for the flag.
-func (cmd *Command) MarkFlagCustom(name string, f string) error {
-	return MarkFlagCustom(cmd.Flags(), name, f)
+func (c *Command) MarkFlagCustom(name string, f string) error {
+	return MarkFlagCustom(c.Flags(), name, f)
 }
 
 // MarkPersistentFlagFilename adds the BashCompFilenameExt annotation to the named persistent flag, if it exists.
 // Generated bash autocompletion will select filenames for the flag, limiting to named extensions if provided.
-func (cmd *Command) MarkPersistentFlagFilename(name string, extensions ...string) error {
-	return MarkFlagFilename(cmd.PersistentFlags(), name, extensions...)
+func (c *Command) MarkPersistentFlagFilename(name string, extensions ...string) error {
+	return MarkFlagFilename(c.PersistentFlags(), name, extensions...)
 }
 
 // MarkFlagFilename adds the BashCompFilenameExt annotation to the named flag in the flag set, if it exists.
diff --git a/vendor/github.com/spf13/cobra/bash_completions.md b/vendor/github.com/spf13/cobra/bash_completions.md
index 6e3b71f13d51..691a04e190b2 100644
--- a/vendor/github.com/spf13/cobra/bash_completions.md
+++ b/vendor/github.com/spf13/cobra/bash_completions.md
@@ -18,7 +18,7 @@ func main() {
 }
 ```
 
-That will get you completions of subcommands and flags. If you make additional annotations to your code, you can get even more intelligent and flexible behavior.
+`out.sh` will get you completions of subcommands and flags. Copy it to `/etc/bash_completion.d/` as described [here](https://debian-administration.org/article/316/An_introduction_to_bash_completion_part_1) and reset your terminal to use autocompletion. If you make additional annotations to your code, you can get even more intelligent and flexible behavior.
 
 ## Creating your own custom functions
 
@@ -106,7 +106,7 @@ node                 pod                    replicationcontroller  service
 
 If your nouns have a number of aliases, you can define them alongside `ValidArgs` using `ArgAliases`:
 
-```go`
+```go
 argAliases []string = { "pods", "nodes", "services", "svc", "replicationcontrollers", "rc" }
 
 cmd := &cobra.Command{
@@ -173,9 +173,9 @@ hello.yml                     test.json
 
 So while there are many other files in the CWD it only shows me subdirs and those with valid extensions.
 
-# Specifiy custom flag completion
+# Specify custom flag completion
 
-Similar to the filename completion and filtering using cobra.BashCompFilenameExt, you can specifiy
+Similar to the filename completion and filtering using cobra.BashCompFilenameExt, you can specify
 a custom flag completion function with cobra.BashCompCustom:
 
 ```go
@@ -204,3 +204,17 @@ __kubectl_get_namespaces()
     fi
 }
 ```
+# Using bash aliases for commands
+
+You can also configure the `bash aliases` for the commands and they will also support completions.
+
+```bash
+alias aliasname=origcommand
+complete -o default -F __start_origcommand aliasname
+
+# and now when you run `aliasname` completion will make
+# suggestions as it did for `origcommand`.
+
+$) aliasname <tab><tab>
+completion     firstcommand   secondcommand
+```
diff --git a/vendor/github.com/spf13/cobra/cobra.go b/vendor/github.com/spf13/cobra/cobra.go
index 93a2c0f3a77d..7010fd15b723 100644
--- a/vendor/github.com/spf13/cobra/cobra.go
+++ b/vendor/github.com/spf13/cobra/cobra.go
@@ -27,48 +27,60 @@ import (
 )
 
 var templateFuncs = template.FuncMap{
-	"trim":               strings.TrimSpace,
-	"trimRightSpace":     trimRightSpace,
-	"appendIfNotPresent": appendIfNotPresent,
-	"rpad":               rpad,
-	"gt":                 Gt,
-	"eq":                 Eq,
+	"trim":                    strings.TrimSpace,
+	"trimRightSpace":          trimRightSpace,
+	"trimTrailingWhitespaces": trimRightSpace,
+	"appendIfNotPresent":      appendIfNotPresent,
+	"rpad":                    rpad,
+	"gt":                      Gt,
+	"eq":                      Eq,
 }
 
 var initializers []func()
 
-// automatic prefix matching can be a dangerous thing to automatically enable in CLI tools.
-// Set this to true to enable it
+// EnablePrefixMatching allows to set automatic prefix matching. Automatic prefix matching can be a dangerous thing
+// to automatically enable in CLI tools.
+// Set this to true to enable it.
 var EnablePrefixMatching = false
 
-//EnableCommandSorting controls sorting of the slice of commands, which is turned on by default.
-//To disable sorting, set it to false.
+// EnableCommandSorting controls sorting of the slice of commands, which is turned on by default.
+// To disable sorting, set it to false.
 var EnableCommandSorting = true
 
-//AddTemplateFunc adds a template function that's available to Usage and Help
-//template generation.
+// MousetrapHelpText enables an information splash screen on Windows
+// if the CLI is started from explorer.exe.
+// To disable the mousetrap, just set this variable to blank string ("").
+// Works only on Microsoft Windows.
+var MousetrapHelpText string = `This is a command line tool.
+
+You need to open cmd.exe and run it from there.
+`
+
+// AddTemplateFunc adds a template function that's available to Usage and Help
+// template generation.
 func AddTemplateFunc(name string, tmplFunc interface{}) {
 	templateFuncs[name] = tmplFunc
 }
 
-//AddTemplateFuncs adds multiple template functions availalble to Usage and
-//Help template generation.
+// AddTemplateFuncs adds multiple template functions that are available to Usage and
+// Help template generation.
 func AddTemplateFuncs(tmplFuncs template.FuncMap) {
 	for k, v := range tmplFuncs {
 		templateFuncs[k] = v
 	}
 }
 
-//OnInitialize takes a series of func() arguments and appends them to a slice of func().
+// OnInitialize sets the passed functions to be run when each command's
+// Execute method is called.
 func OnInitialize(y ...func()) {
-	for _, x := range y {
-		initializers = append(initializers, x)
-	}
+	initializers = append(initializers, y...)
 }
 
-//Gt takes two types and checks whether the first type is greater than the second. In case of types Arrays, Chans,
-//Maps and Slices, Gt will compare their lengths. Ints are compared directly while strings are first parsed as
-//ints and then compared.
+// FIXME Gt is unused by cobra and should be removed in a version 2. It exists only for compatibility with users of cobra.
+
+// Gt takes two types and checks whether the first type is greater than the second. In case of types Arrays, Chans,
+// Maps and Slices, Gt will compare their lengths. Ints are compared directly while strings are first parsed as
+// ints and then compared.
 func Gt(a interface{}, b interface{}) bool {
 	var left, right int64
 	av := reflect.ValueOf(a)
@@ -96,7 +108,9 @@ func Gt(a interface{}, b interface{}) bool {
 	return left > right
 }
 
-//Eq takes two types and checks whether they are equal. Supported types are int and string. Unsupported types will panic.
+// FIXME Eq is unused by cobra and should be removed in a version 2. It exists only for compatibility with users of cobra.
+
+// Eq takes two types and checks whether they are equal. Supported types are int and string. Unsupported types will panic.
 func Eq(a interface{}, b interface{}) bool {
 	av := reflect.ValueOf(a)
 	bv := reflect.ValueOf(b)
@@ -116,7 +130,9 @@ func trimRightSpace(s string) string {
 	return strings.TrimRightFunc(s, unicode.IsSpace)
 }
 
-// appendIfNotPresent will append stringToAppend to the end of s, but only if it's not yet present in s
+// FIXME appendIfNotPresent is unused by cobra and should be removed in a version 2. It exists only for compatibility with users of cobra.
+
+// appendIfNotPresent will append stringToAppend to the end of s, but only if it's not yet present in s.
 func appendIfNotPresent(s, stringToAppend string) string {
 	if strings.Contains(s, stringToAppend) {
 		return s
@@ -124,7 +140,7 @@ func appendIfNotPresent(s, stringToAppend string) string {
 	return s + " " + stringToAppend
 }
 
-//rpad adds padding to the right of a string
+// rpad adds padding to the right of a string.
 func rpad(s string, padding int) string {
 	template := fmt.Sprintf("%%-%ds", padding)
 	return fmt.Sprintf(template, s)
@@ -138,7 +154,7 @@ func tmpl(w io.Writer, text string, data interface{}) error {
 	return t.Execute(w, data)
 }
 
-// ld compares two strings and returns the levenshtein distance between them
+// ld compares two strings and returns the levenshtein distance between them.
 func ld(s, t string, ignoreCase bool) int {
 	if ignoreCase {
 		s = strings.ToLower(s)
@@ -173,3 +189,12 @@ func ld(s, t string, ignoreCase bool) int {
 	}
 	return d[len(s)][len(t)]
 }
+
+func stringInSlice(a string, list []string) bool {
+	for _, b := range list {
+		if b == a {
+			return true
+		}
+	}
+	return false
+}
diff --git a/vendor/github.com/spf13/cobra/command.go b/vendor/github.com/spf13/cobra/command.go
index 083e4ea7f47b..29675b336322 100644
--- a/vendor/github.com/spf13/cobra/command.go
+++ b/vendor/github.com/spf13/cobra/command.go
@@ -11,8 +11,8 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-//Package cobra is a commander providing a simple interface to create powerful modern CLI interfaces.
-//In addition to providing an interface, Cobra simultaneously provides a controller to organize your application code.
+// Package cobra is a commander providing a simple interface to create powerful modern CLI interfaces.
+// In addition to providing an interface, Cobra simultaneously provides a controller to organize your application code.
 package cobra
 
 import (
@@ -28,107 +28,170 @@ import (
 )
 
 // Command is just that, a command for your application.
-// eg.  'go run' ... 'run' is the command. Cobra requires
+// E.g.  'go run ...' - 'run' is the command. Cobra requires
 // you to define the usage and description as part of your command
 // definition to ensure usability.
 type Command struct {
-	// Name is the command name, usually the executable's name.
-	name string
-	// The one-line usage message.
+	// Use is the one-line usage message.
 	Use string
-	// An array of aliases that can be used instead of the first word in Use.
+
+	// Aliases is an array of aliases that can be used instead of the first word in Use.
 	Aliases []string
-	// An array of command names for which this command will be suggested - similar to aliases but only suggests.
+
+	// SuggestFor is an array of command names for which this command will be suggested -
+	// similar to aliases but only suggests.
 	SuggestFor []string
-	// The short description shown in the 'help' output.
+
+	// Short is the short description shown in the 'help' output.
 	Short string
-	// The long message shown in the 'help <this-command>' output.
+
+	// Long is the long message shown in the 'help <this-command>' output.
 	Long string
-	// Examples of how to use the command
+
+	// Example is examples of how to use the command.
 	Example string
-	// List of all valid non-flag arguments that are accepted in bash completions
+
+	// ValidArgs is list of all valid non-flag arguments that are accepted in bash completions
 	ValidArgs []string
-	// List of aliases for ValidArgs. These are not suggested to the user in the bash
-	// completion, but accepted if entered manually.
+
+	// Expected arguments
+	Args PositionalArgs
+
+	// ArgAliases is List of aliases for ValidArgs.
+	// These are not suggested to the user in the bash completion,
+	// but accepted if entered manually.
 	ArgAliases []string
-	// Custom functions used by the bash autocompletion generator
+
+	// BashCompletionFunction is custom functions used by the bash autocompletion generator.
 	BashCompletionFunction string
-	// Is this command deprecated and should print this string when used?
+
+	// Deprecated defines, if this command is deprecated and should print this string when used.
 	Deprecated string
-	// Is this command hidden and should NOT show up in the list of available commands?
+
+	// Hidden defines, if this command is hidden and should NOT show up in the list of available commands.
 	Hidden bool
-	// Full set of flags
-	flags *flag.FlagSet
-	// Set of flags childrens of this command will inherit
-	pflags *flag.FlagSet
-	// Flags that are declared specifically by this command (not inherited).
-	lflags *flag.FlagSet
-	// SilenceErrors is an option to quiet errors down stream
-	SilenceErrors bool
-	// Silence Usage is an option to silence usage when an error occurs.
-	SilenceUsage bool
+
+	// Annotations are key/value pairs that can be used by applications to identify or
+	// group commands.
+	Annotations map[string]string
+
+	// Version defines the version for this command. If this value is non-empty and the command does not
+	// define a "version" flag, a "version" boolean flag will be added to the command and, if specified,
+	// will print content of the "Version" variable.
+	Version string
+
 	// The *Run functions are executed in the following order:
 	//   * PersistentPreRun()
 	//   * PreRun()
 	//   * Run()
 	//   * PostRun()
 	//   * PersistentPostRun()
-	// All functions get the same args, the arguments after the command name
-	// PersistentPreRun: children of this command will inherit and execute
+	// All functions get the same args, the arguments after the command name.
+	//
+	// PersistentPreRun: children of this command will inherit and execute.
 	PersistentPreRun func(cmd *Command, args []string)
-	// PersistentPreRunE: PersistentPreRun but returns an error
+	// PersistentPreRunE: PersistentPreRun but returns an error.
 	PersistentPreRunE func(cmd *Command, args []string) error
 	// PreRun: children of this command will not inherit.
 	PreRun func(cmd *Command, args []string)
-	// PreRunE: PreRun but returns an error
+	// PreRunE: PreRun but returns an error.
 	PreRunE func(cmd *Command, args []string) error
-	// Run: Typically the actual work function. Most commands will only implement this
+	// Run: Typically the actual work function. Most commands will only implement this.
 	Run func(cmd *Command, args []string)
-	// RunE: Run but returns an error
+	// RunE: Run but returns an error.
 	RunE func(cmd *Command, args []string) error
 	// PostRun: run after the Run command.
 	PostRun func(cmd *Command, args []string)
-	// PostRunE: PostRun but returns an error
+	// PostRunE: PostRun but returns an error.
 	PostRunE func(cmd *Command, args []string) error
-	// PersistentPostRun: children of this command will inherit and execute after PostRun
+	// PersistentPostRun: children of this command will inherit and execute after PostRun.
 	PersistentPostRun func(cmd *Command, args []string)
-	// PersistentPostRunE: PersistentPostRun but returns an error
+	// PersistentPostRunE: PersistentPostRun but returns an error.
 	PersistentPostRunE func(cmd *Command, args []string) error
-	// DisableAutoGenTag remove
+
+	// SilenceErrors is an option to quiet errors down stream.
+	SilenceErrors bool
+
+	// SilenceUsage is an option to silence usage when an error occurs.
+	SilenceUsage bool
+
+	// DisableFlagParsing disables the flag parsing.
+	// If this is true all flags will be passed to the command as arguments.
+	DisableFlagParsing bool
+
+	// DisableAutoGenTag defines, if gen tag ("Auto generated by spf13/cobra...")
+	// will be printed by generating docs for this command.
 	DisableAutoGenTag bool
-	// Commands is the list of commands supported by this program.
+
+	// DisableFlagsInUseLine will disable the addition of [flags] to the usage
+	// line of a command when printing help or generating docs
+	DisableFlagsInUseLine bool
+
+	// DisableSuggestions disables the suggestions based on Levenshtein distance
+	// that go along with 'unknown command' messages.
+	DisableSuggestions bool
+	// SuggestionsMinimumDistance defines minimum levenshtein distance to display suggestions.
+	// Must be > 0.
+	SuggestionsMinimumDistance int
+
+	// TraverseChildren parses flags on all parents before executing child command.
+	TraverseChildren bool
+
+	// commands is the list of commands supported by this program.
 	commands []*Command
-	// Parent Command for this command
+	// parent is a parent command for this command.
 	parent *Command
-	// max lengths of commands' string lengths for use in padding
+	// Max lengths of commands' string lengths for use in padding.
 	commandsMaxUseLen         int
 	commandsMaxCommandPathLen int
 	commandsMaxNameLen        int
-	// is commands slice are sorted or not
+	// commandsAreSorted defines, if command slice are sorted or not.
 	commandsAreSorted bool
+	// commandCalledAs is the name or alias value used to call this command.
+	commandCalledAs struct {
+		name   string
+		called bool
+	}
 
+	// args is actual args parsed from flags.
+	args []string
+	// flagErrorBuf contains all error messages from pflag.
 	flagErrorBuf *bytes.Buffer
-
-	args          []string                 // actual args parsed from flags
-	output        *io.Writer               // out writer if set in SetOutput(w)
-	usageFunc     func(*Command) error     // Usage can be defined by application
-	usageTemplate string                   // Can be defined by Application
-	helpTemplate  string                   // Can be defined by Application
-	helpFunc      func(*Command, []string) // Help can be defined by application
-	helpCommand   *Command                 // The help command
-	// The global normalization function that we can use on every pFlag set and children commands
+	// flags is full set of flags.
+	flags *flag.FlagSet
+	// pflags contains persistent flags.
+	pflags *flag.FlagSet
+	// lflags contains local flags.
+	lflags *flag.FlagSet
+	// iflags contains inherited flags.
+	iflags *flag.FlagSet
+	// parentsPflags is all persistent flags of cmd's parents.
+	parentsPflags *flag.FlagSet
+	// globNormFunc is the global normalization function
+	// that we can use on every pflag set and children commands
 	globNormFunc func(f *flag.FlagSet, name string) flag.NormalizedName
 
-	// Disable the suggestions based on Levenshtein distance that go along with 'unknown command' messages
-	DisableSuggestions bool
-	// If displaying suggestions, allows to set the minimum levenshtein distance to display, must be > 0
-	SuggestionsMinimumDistance int
-
-	// Disable the flag parsing. If this is true all flags will be passed to the command as arguments.
-	DisableFlagParsing bool
-}
-
-// os.Args[1:] by default, if desired, can be overridden
+	// output is an output writer defined by user.
+	output io.Writer
+	// usageFunc is usage func defined by user.
+	usageFunc func(*Command) error
+	// usageTemplate is usage template defined by user.
+	usageTemplate string
+	// flagErrorFunc is func defined by user and it's called when the parsing of
+	// flags returns an error.
+	flagErrorFunc func(*Command, error) error
+	// helpTemplate is help template defined by user.
+	helpTemplate string
+	// helpFunc is help func defined by user.
+	helpFunc func(*Command, []string)
+	// helpCommand is command with usage 'help'. If it's not defined by user,
+	// cobra uses default help command.
+	helpCommand *Command
+	// versionTemplate is the version template defined by user.
+	versionTemplate string
+}
+
+// SetArgs sets arguments for the command. It is set to os.Args[1:] by default, if desired, can be overridden
 // particularly useful when testing.
 func (c *Command) SetArgs(a []string) {
 	c.args = a
@@ -137,33 +200,45 @@ func (c *Command) SetArgs(a []string) {
 // SetOutput sets the destination for usage and error messages.
 // If output is nil, os.Stderr is used.
 func (c *Command) SetOutput(output io.Writer) {
-	c.output = &output
+	c.output = output
 }
 
-// Usage can be defined by application
+// SetUsageFunc sets usage function. Usage can be defined by application.
 func (c *Command) SetUsageFunc(f func(*Command) error) {
 	c.usageFunc = f
 }
 
-// Can be defined by Application
+// SetUsageTemplate sets usage template. Can be defined by Application.
 func (c *Command) SetUsageTemplate(s string) {
 	c.usageTemplate = s
 }
 
-// Can be defined by Application
+// SetFlagErrorFunc sets a function to generate an error when flag parsing
+// fails.
+func (c *Command) SetFlagErrorFunc(f func(*Command, error) error) {
+	c.flagErrorFunc = f
+}
+
+// SetHelpFunc sets help function. Can be defined by Application.
 func (c *Command) SetHelpFunc(f func(*Command, []string)) {
 	c.helpFunc = f
 }
 
+// SetHelpCommand sets help command.
 func (c *Command) SetHelpCommand(cmd *Command) {
 	c.helpCommand = cmd
 }
 
-// Can be defined by Application
+// SetHelpTemplate sets help template to be used. Application can use it to set custom template.
 func (c *Command) SetHelpTemplate(s string) {
 	c.helpTemplate = s
 }
 
+// SetVersionTemplate sets version template to be used. Application can use it to set custom template.
+func (c *Command) SetVersionTemplate(s string) {
+	c.versionTemplate = s
+}
+
 // SetGlobalNormalizationFunc sets a normalization function to all flag sets and also to child commands.
 // The user should not have a cyclic dependency on commands.
 func (c *Command) SetGlobalNormalizationFunc(n func(f *flag.FlagSet, name string) flag.NormalizedName) {
@@ -176,17 +251,19 @@ func (c *Command) SetGlobalNormalizationFunc(n func(f *flag.FlagSet, name string
 	}
 }
 
+// OutOrStdout returns output to stdout.
 func (c *Command) OutOrStdout() io.Writer {
 	return c.getOut(os.Stdout)
 }
 
+// OutOrStderr returns output to stderr
 func (c *Command) OutOrStderr() io.Writer {
 	return c.getOut(os.Stderr)
 }
 
 func (c *Command) getOut(def io.Writer) io.Writer {
 	if c.output != nil {
-		return *c.output
+		return c.output
 	}
 	if c.HasParent() {
 		return c.parent.getOut(def)
@@ -195,14 +272,13 @@ func (c *Command) getOut(def io.Writer) io.Writer {
 }
 
 // UsageFunc returns either the function set by SetUsageFunc for this command
-// or a parent, or it returns a default usage function
+// or a parent, or it returns a default usage function.
 func (c *Command) UsageFunc() (f func(*Command) error) {
 	if c.usageFunc != nil {
 		return c.usageFunc
 	}
-
 	if c.HasParent() {
-		return c.parent.UsageFunc()
+		return c.Parent().UsageFunc()
 	}
 	return func(c *Command) error {
 		c.mergePersistentFlags()
@@ -214,24 +290,23 @@ func (c *Command) UsageFunc() (f func(*Command) error) {
 	}
 }
 
-// Output the usage for the command
-// Used when a user provides invalid input
-// Can be defined by user by overriding UsageFunc
+// Usage puts out the usage for the command.
+// Used when a user provides invalid input.
+// Can be defined by user by overriding UsageFunc.
 func (c *Command) Usage() error {
 	return c.UsageFunc()(c)
 }
 
 // HelpFunc returns either the function set by SetHelpFunc for this command
-// or a parent, or it returns a function with default help behavior
+// or a parent, or it returns a function with default help behavior.
 func (c *Command) HelpFunc() func(*Command, []string) {
-	cmd := c
-	for cmd != nil {
-		if cmd.helpFunc != nil {
-			return cmd.helpFunc
-		}
-		cmd = cmd.parent
+	if c.helpFunc != nil {
+		return c.helpFunc
+	}
+	if c.HasParent() {
+		return c.Parent().HelpFunc()
 	}
-	return func(*Command, []string) {
+	return func(c *Command, a []string) {
 		c.mergePersistentFlags()
 		err := tmpl(c.OutOrStdout(), c.HelpTemplate(), c)
 		if err != nil {
@@ -240,14 +315,15 @@ func (c *Command) HelpFunc() func(*Command, []string) {
 	}
 }
 
-// Output the help for the command
-// Used when a user calls help [command]
-// Can be defined by user by overriding HelpFunc
+// Help puts out the help for the command.
+// Used when a user calls help [command].
+// Can be defined by user by overriding HelpFunc.
 func (c *Command) Help() error {
 	c.HelpFunc()(c, []string{})
 	return nil
 }
 
+// UsageString return usage string.
 func (c *Command) UsageString() string {
 	tmpOutput := c.output
 	bb := new(bytes.Buffer)
@@ -257,8 +333,25 @@ func (c *Command) UsageString() string {
 	return bb.String()
 }
 
+// FlagErrorFunc returns either the function set by SetFlagErrorFunc for this
+// command or a parent, or it returns a function which returns the original
+// error.
+func (c *Command) FlagErrorFunc() (f func(*Command, error) error) {
+	if c.flagErrorFunc != nil {
+		return c.flagErrorFunc
+	}
+
+	if c.HasParent() {
+		return c.parent.FlagErrorFunc()
+	}
+	return func(c *Command, err error) error {
+		return err
+	}
+}
+
 var minUsagePadding = 25
 
+// UsagePadding return padding for the usage.
 func (c *Command) UsagePadding() int {
 	if c.parent == nil || minUsagePadding > c.parent.commandsMaxUseLen {
 		return minUsagePadding
@@ -268,7 +361,7 @@ func (c *Command) UsagePadding() int {
 
 var minCommandPathPadding = 11
 
-//
+// CommandPathPadding return padding for the command path.
 func (c *Command) CommandPathPadding() int {
 	if c.parent == nil || minCommandPathPadding > c.parent.commandsMaxCommandPathLen {
 		return minCommandPathPadding
@@ -278,6 +371,7 @@ func (c *Command) CommandPathPadding() int {
 
 var minNamePadding = 11
 
+// NamePadding returns padding for the name.
 func (c *Command) NamePadding() int {
 	if c.parent == nil || minNamePadding > c.parent.commandsMaxNameLen {
 		return minNamePadding
@@ -285,6 +379,7 @@ func (c *Command) NamePadding() int {
 	return c.parent.commandsMaxNameLen
 }
 
+// UsageTemplate returns usage template for the command.
 func (c *Command) UsageTemplate() string {
 	if c.usageTemplate != "" {
 		return c.usageTemplate
@@ -294,32 +389,32 @@ func (c *Command) UsageTemplate() string {
 		return c.parent.UsageTemplate()
 	}
 	return `Usage:{{if .Runnable}}
-  {{if .HasAvailableFlags}}{{appendIfNotPresent .UseLine "[flags]"}}{{else}}{{.UseLine}}{{end}}{{end}}{{if .HasAvailableSubCommands}}
-  {{ .CommandPath}} [command]{{end}}{{if gt .Aliases 0}}
+  {{.UseLine}}{{end}}{{if .HasAvailableSubCommands}}
+  {{.CommandPath}} [command]{{end}}{{if gt (len .Aliases) 0}}
 
 Aliases:
-  {{.NameAndAliases}}
-{{end}}{{if .HasExample}}
+  {{.NameAndAliases}}{{end}}{{if .HasExample}}
 
 Examples:
-{{ .Example }}{{end}}{{ if .HasAvailableSubCommands}}
+{{.Example}}{{end}}{{if .HasAvailableSubCommands}}
 
-Available Commands:{{range .Commands}}{{if .IsAvailableCommand}}
-  {{rpad .Name .NamePadding }} {{.Short}}{{end}}{{end}}{{end}}{{ if .HasAvailableLocalFlags}}
+Available Commands:{{range .Commands}}{{if (or .IsAvailableCommand (eq .Name "help"))}}
+  {{rpad .Name .NamePadding }} {{.Short}}{{end}}{{end}}{{end}}{{if .HasAvailableLocalFlags}}
 
 Flags:
-{{.LocalFlags.FlagUsages | trimRightSpace}}{{end}}{{ if .HasAvailableInheritedFlags}}
+{{.LocalFlags.FlagUsages | trimTrailingWhitespaces}}{{end}}{{if .HasAvailableInheritedFlags}}
 
 Global Flags:
-{{.InheritedFlags.FlagUsages | trimRightSpace}}{{end}}{{if .HasHelpSubCommands}}
+{{.InheritedFlags.FlagUsages | trimTrailingWhitespaces}}{{end}}{{if .HasHelpSubCommands}}
 
-Additional help topics:{{range .Commands}}{{if .IsHelpCommand}}
-  {{rpad .CommandPath .CommandPathPadding}} {{.Short}}{{end}}{{end}}{{end}}{{ if .HasAvailableSubCommands }}
+Additional help topics:{{range .Commands}}{{if .IsAdditionalHelpTopicCommand}}
+  {{rpad .CommandPath .CommandPathPadding}} {{.Short}}{{end}}{{end}}{{end}}{{if .HasAvailableSubCommands}}
 
 Use "{{.CommandPath}} [command] --help" for more information about a command.{{end}}
 `
 }
 
+// HelpTemplate return help template for the command.
 func (c *Command) HelpTemplate() string {
 	if c.helpTemplate != "" {
 		return c.helpTemplate
@@ -328,72 +423,73 @@ func (c *Command) HelpTemplate() string {
 	if c.HasParent() {
 		return c.parent.HelpTemplate()
 	}
-	return `{{with or .Long .Short }}{{. | trim}}
+	return `{{with (or .Long .Short)}}{{. | trimTrailingWhitespaces}}
 
 {{end}}{{if or .Runnable .HasSubCommands}}{{.UsageString}}{{end}}`
 }
 
-// Really only used when casting a command to a commander
-func (c *Command) resetChildrensParents() {
-	for _, x := range c.commands {
-		x.parent = c
+// VersionTemplate return version template for the command.
+func (c *Command) VersionTemplate() string {
+	if c.versionTemplate != "" {
+		return c.versionTemplate
 	}
+
+	if c.HasParent() {
+		return c.parent.VersionTemplate()
+	}
+	return `{{with .Name}}{{printf "%s " .}}{{end}}{{printf "version %s" .Version}}
+`
 }
 
-// Test if the named flag is a boolean flag.
-func isBooleanFlag(name string, f *flag.FlagSet) bool {
-	flag := f.Lookup(name)
+func hasNoOptDefVal(name string, fs *flag.FlagSet) bool {
+	flag := fs.Lookup(name)
 	if flag == nil {
 		return false
 	}
-	return flag.Value.Type() == "bool"
+	return flag.NoOptDefVal != ""
 }
 
-// Test if the named flag is a boolean flag.
-func isBooleanShortFlag(name string, f *flag.FlagSet) bool {
-	result := false
-	f.VisitAll(func(f *flag.Flag) {
-		if f.Shorthand == name && f.Value.Type() == "bool" {
-			result = true
-		}
-	})
-	return result
+func shortHasNoOptDefVal(name string, fs *flag.FlagSet) bool {
+	if len(name) == 0 {
+		return false
+	}
+
+	flag := fs.ShorthandLookup(name[:1])
+	if flag == nil {
+		return false
+	}
+	return flag.NoOptDefVal != ""
 }
 
 func stripFlags(args []string, c *Command) []string {
-	if len(args) < 1 {
+	if len(args) == 0 {
 		return args
 	}
 	c.mergePersistentFlags()
 
 	commands := []string{}
-
-	inQuote := false
-	inFlag := false
-	for _, y := range args {
-		if !inQuote {
-			switch {
-			case strings.HasPrefix(y, "\""):
-				inQuote = true
-			case strings.Contains(y, "=\""):
-				inQuote = true
-			case strings.HasPrefix(y, "--") && !strings.Contains(y, "="):
-				// TODO: this isn't quite right, we should really check ahead for 'true' or 'false'
-				inFlag = !isBooleanFlag(y[2:], c.Flags())
-			case strings.HasPrefix(y, "-") && !strings.Contains(y, "=") && len(y) == 2 && !isBooleanShortFlag(y[1:], c.Flags()):
-				inFlag = true
-			case inFlag:
-				inFlag = false
-			case y == "":
-				// strip empty commands, as the go tests expect this to be ok....
-			case !strings.HasPrefix(y, "-"):
-				commands = append(commands, y)
-				inFlag = false
+	flags := c.Flags()
+
+Loop:
+	for len(args) > 0 {
+		s := args[0]
+		args = args[1:]
+		switch {
+		case strings.HasPrefix(s, "--") && !strings.Contains(s, "=") && !hasNoOptDefVal(s[2:], flags):
+			// If '--flag arg' then
+			// delete arg from args.
+			fallthrough // (do the same as below)
+		case strings.HasPrefix(s, "-") && !strings.Contains(s, "=") && len(s) == 2 && !shortHasNoOptDefVal(s[1:], flags):
+			// If '-f arg' then
+			// delete 'arg' from args or break the loop if len(args) <= 1.
+			if len(args) <= 1 {
+				break Loop
+			} else {
+				args = args[1:]
+				continue
 			}
-		}
-
-		if strings.HasSuffix(y, "\"") && !strings.HasSuffix(y, "\\\"") {
-			inQuote = false
+		case s != "" && !strings.HasPrefix(s, "-"):
+			commands = append(commands, s)
 		}
 	}
 
@@ -414,13 +510,14 @@ func argsMinusFirstX(args []string, x string) []string {
 	return args
 }
 
-// find the target command given the args and command tree
+func isFlagArg(arg string) bool {
+	return ((len(arg) >= 3 && arg[1] == '-') ||
+		(len(arg) >= 2 && arg[0] == '-' && arg[1] != '-'))
+}
+
+// Find the target command given the args and command tree
 // Meant to be run on the highest node. Only searches down.
 func (c *Command) Find(args []string) (*Command, []string, error) {
-	if c == nil {
-		return nil, nil, fmt.Errorf("Called find() on a nil Command")
-	}
-
 	var innerfind func(*Command, []string) (*Command, []string)
 
 	innerfind = func(c *Command, innerArgs []string) (*Command, []string) {
@@ -429,59 +526,101 @@ func (c *Command) Find(args []string) (*Command, []string, error) {
 			return c, innerArgs
 		}
 		nextSubCmd := argsWOflags[0]
-		matches := make([]*Command, 0)
-		for _, cmd := range c.commands {
-			if cmd.Name() == nextSubCmd || cmd.HasAlias(nextSubCmd) { // exact name or alias match
-				return innerfind(cmd, argsMinusFirstX(innerArgs, nextSubCmd))
-			}
-			if EnablePrefixMatching {
-				if strings.HasPrefix(cmd.Name(), nextSubCmd) { // prefix match
-					matches = append(matches, cmd)
-				}
-				for _, x := range cmd.Aliases {
-					if strings.HasPrefix(x, nextSubCmd) {
-						matches = append(matches, cmd)
-					}
-				}
-			}
-		}
 
-		// only accept a single prefix match - multiple matches would be ambiguous
-		if len(matches) == 1 {
-			return innerfind(matches[0], argsMinusFirstX(innerArgs, argsWOflags[0]))
+		cmd := c.findNext(nextSubCmd)
+		if cmd != nil {
+			return innerfind(cmd, argsMinusFirstX(innerArgs, nextSubCmd))
 		}
-
 		return c, innerArgs
 	}
 
 	commandFound, a := innerfind(c, args)
-	argsWOflags := stripFlags(a, commandFound)
+	if commandFound.Args == nil {
+		return commandFound, a, legacyArgs(commandFound, stripFlags(a, commandFound))
+	}
+	return commandFound, a, nil
+}
 
-	// no subcommand, always take args
-	if !commandFound.HasSubCommands() {
-		return commandFound, a, nil
+func (c *Command) findSuggestions(arg string) string {
+	if c.DisableSuggestions {
+		return ""
 	}
+	if c.SuggestionsMinimumDistance <= 0 {
+		c.SuggestionsMinimumDistance = 2
+	}
+	suggestionsString := ""
+	if suggestions := c.SuggestionsFor(arg); len(suggestions) > 0 {
+		suggestionsString += "\n\nDid you mean this?\n"
+		for _, s := range suggestions {
+			suggestionsString += fmt.Sprintf("\t%v\n", s)
+		}
+	}
+	return suggestionsString
+}
 
-	// root command with subcommands, do subcommand checking
-	if commandFound == c && len(argsWOflags) > 0 {
-		suggestionsString := ""
-		if !c.DisableSuggestions {
-			if c.SuggestionsMinimumDistance <= 0 {
-				c.SuggestionsMinimumDistance = 2
-			}
-			if suggestions := c.SuggestionsFor(argsWOflags[0]); len(suggestions) > 0 {
-				suggestionsString += "\n\nDid you mean this?\n"
-				for _, s := range suggestions {
-					suggestionsString += fmt.Sprintf("\t%v\n", s)
-				}
-			}
+func (c *Command) findNext(next string) *Command {
+	matches := make([]*Command, 0)
+	for _, cmd := range c.commands {
+		if cmd.Name() == next || cmd.HasAlias(next) {
+			cmd.commandCalledAs.name = next
+			return cmd
+		}
+		if EnablePrefixMatching && cmd.hasNameOrAliasPrefix(next) {
+			matches = append(matches, cmd)
 		}
-		return commandFound, a, fmt.Errorf("unknown command %q for %q%s", argsWOflags[0], commandFound.CommandPath(), suggestionsString)
 	}
 
-	return commandFound, a, nil
+	if len(matches) == 1 {
+		return matches[0]
+	}
+
+	return nil
+}
+
+// Traverse the command tree to find the command, and parse args for
+// each parent.
+func (c *Command) Traverse(args []string) (*Command, []string, error) {
+	flags := []string{}
+	inFlag := false
+
+	for i, arg := range args {
+		switch {
+		// A long flag with a space separated value
+		case strings.HasPrefix(arg, "--") && !strings.Contains(arg, "="):
+			// TODO: this isn't quite right, we should really check ahead for 'true' or 'false'
+			inFlag = !hasNoOptDefVal(arg[2:], c.Flags())
+			flags = append(flags, arg)
+			continue
+		// A short flag with a space separated value
+		case strings.HasPrefix(arg, "-") && !strings.Contains(arg, "=") && len(arg) == 2 && !shortHasNoOptDefVal(arg[1:], c.Flags()):
+			inFlag = true
+			flags = append(flags, arg)
+			continue
+		// The value for a flag
+		case inFlag:
+			inFlag = false
+			flags = append(flags, arg)
+			continue
+		// A flag without a value, or with an `=` separated value
+		case isFlagArg(arg):
+			flags = append(flags, arg)
+			continue
+		}
+
+		cmd := c.findNext(arg)
+		if cmd == nil {
+			return c, args, nil
+		}
+
+		if err := c.ParseFlags(flags); err != nil {
+			return nil, args, err
+		}
+		return cmd.Traverse(args[i+1:])
+	}
+	return c, args, nil
 }
 
+// SuggestionsFor provides suggestions for the typedName.
 func (c *Command) SuggestionsFor(typedName string) []string {
 	suggestions := []string{}
 	for _, cmd := range c.commands {
@@ -502,38 +641,24 @@ func (c *Command) SuggestionsFor(typedName string) []string {
 	return suggestions
 }
 
+// VisitParents visits all parents of the command and invokes fn on each parent.
 func (c *Command) VisitParents(fn func(*Command)) {
-	var traverse func(*Command) *Command
-
-	traverse = func(x *Command) *Command {
-		if x != c {
-			fn(x)
-		}
-		if x.HasParent() {
-			return traverse(x.parent)
-		}
-		return x
+	if c.HasParent() {
+		fn(c.Parent())
+		c.Parent().VisitParents(fn)
 	}
-	traverse(c)
 }
 
+// Root finds root command.
 func (c *Command) Root() *Command {
-	var findRoot func(*Command) *Command
-
-	findRoot = func(x *Command) *Command {
-		if x.HasParent() {
-			return findRoot(x.parent)
-		}
-		return x
+	if c.HasParent() {
+		return c.Parent().Root()
 	}
-
-	return findRoot(c)
+	return c
 }
 
-// ArgsLenAtDash will return the length of f.Args at the moment when a -- was
-// found during arg parsing. This allows your program to know which args were
-// before the -- and which came after. (Description from
-// https://godoc.org/github.com/spf13/pflag#FlagSet.ArgsLenAtDash).
+// ArgsLenAtDash will return the length of c.Flags().Args at the moment
+// when a -- was found during args parsing.
 func (c *Command) ArgsLenAtDash() int {
 	return c.Flags().ArgsLenAtDash()
 }
@@ -547,25 +672,47 @@ func (c *Command) execute(a []string) (err error) {
 		c.Printf("Command %q is deprecated, %s\n", c.Name(), c.Deprecated)
 	}
 
-	// initialize help flag as the last point possible to allow for user
+	// initialize help and version flag at the last point possible to allow for user
 	// overriding
-	c.initHelpFlag()
+	c.InitDefaultHelpFlag()
+	c.InitDefaultVersionFlag()
 
 	err = c.ParseFlags(a)
 	if err != nil {
-		return err
+		return c.FlagErrorFunc()(c, err)
 	}
-	// If help is called, regardless of other flags, return we want help
+
+	// If help is called, regardless of other flags, return we want help.
 	// Also say we need help if the command isn't runnable.
 	helpVal, err := c.Flags().GetBool("help")
 	if err != nil {
 		// should be impossible to get here as we always declare a help
-		// flag in initHelpFlag()
+		// flag in InitDefaultHelpFlag()
 		c.Println("\"help\" flag declared as non-bool. Please correct your code")
 		return err
 	}
 
-	if helpVal || !c.Runnable() {
+	if helpVal {
+		return flag.ErrHelp
+	}
+
+	// for back-compat, only add version flag behavior if version is defined
+	if c.Version != "" {
+		versionVal, err := c.Flags().GetBool("version")
+		if err != nil {
+			c.Println("\"version\" flag declared as non-bool. Please correct your code")
+			return err
+		}
+		if versionVal {
+			err := tmpl(c.OutOrStdout(), c.VersionTemplate(), c)
+			if err != nil {
+				c.Println(err)
+			}
+			return err
+		}
+	}
+
+	if !c.Runnable() {
 		return flag.ErrHelp
 	}
 
@@ -576,6 +723,10 @@ func (c *Command) execute(a []string) (err error) {
 		argWoFlags = a
 	}
 
+	if err := c.ValidateArgs(argWoFlags); err != nil {
+		return err
+	}
+
 	for p := c; p != nil; p = p.Parent() {
 		if p.PersistentPreRunE != nil {
 			if err := p.PersistentPreRunE(c, argWoFlags); err != nil {
@@ -595,6 +746,9 @@ func (c *Command) execute(a []string) (err error) {
 		c.PreRun(c, argWoFlags)
 	}
 
+	if err := c.validateRequiredFlags(); err != nil {
+		return err
+	}
 	if c.RunE != nil {
 		if err := c.RunE(c, argWoFlags); err != nil {
 			return err
@@ -630,18 +784,7 @@ func (c *Command) preRun() {
 	}
 }
 
-func (c *Command) errorMsgFromParse() string {
-	s := c.flagErrorBuf.String()
-
-	x := strings.Split(s, "\n")
-
-	if len(x) > 0 {
-		return x[0]
-	}
-	return ""
-}
-
-// Call execute to use the args (os.Args[1:] by default)
+// Execute uses the args (os.Args[1:] by default)
 // and run through the command tree finding appropriate matches
 // for commands and then corresponding flags.
 func (c *Command) Execute() error {
@@ -649,8 +792,8 @@ func (c *Command) Execute() error {
 	return err
 }
 
+// ExecuteC executes the command.
 func (c *Command) ExecuteC() (cmd *Command, err error) {
-
 	// Regardless of what command execute is called on, run on Root only
 	if c.HasParent() {
 		return c.Root().ExecuteC()
@@ -663,7 +806,7 @@ func (c *Command) ExecuteC() (cmd *Command, err error) {
 
 	// initialize help as the last point possible to allow for user
 	// overriding
-	c.initHelpCmd()
+	c.InitDefaultHelpCmd()
 
 	var args []string
 
@@ -674,7 +817,12 @@ func (c *Command) ExecuteC() (cmd *Command, err error) {
 		args = c.args
 	}
 
-	cmd, flags, err := c.Find(args)
+	var flags []string
+	if c.TraverseChildren {
+		cmd, flags, err = c.Traverse(args)
+	} else {
+		cmd, flags, err = c.Find(args)
+	}
 	if err != nil {
 		// If found parse to a subcommand and then failed, talk about the subcommand
 		if cmd != nil {
@@ -686,6 +834,12 @@ func (c *Command) ExecuteC() (cmd *Command, err error) {
 		}
 		return c, err
 	}
+
+	cmd.commandCalledAs.called = true
+	if cmd.commandCalledAs.name == "" {
+		cmd.commandCalledAs.name = cmd.Name()
+	}
+
 	err = cmd.execute(flags)
 	if err != nil {
 		// Always show help if requested, even if SilenceErrors is in
@@ -706,52 +860,113 @@ func (c *Command) ExecuteC() (cmd *Command, err error) {
 		if !cmd.SilenceUsage && !c.SilenceUsage {
 			c.Println(cmd.UsageString())
 		}
-		return cmd, err
 	}
-	return cmd, nil
+	return cmd, err
 }
 
-func (c *Command) initHelpFlag() {
-	if c.Flags().Lookup("help") == nil {
-		c.Flags().BoolP("help", "h", false, "help for "+c.Name())
+func (c *Command) ValidateArgs(args []string) error {
+	if c.Args == nil {
+		return nil
 	}
+	return c.Args(c, args)
 }
 
-func (c *Command) initHelpCmd() {
-	if c.helpCommand == nil {
-		if !c.HasSubCommands() {
+func (c *Command) validateRequiredFlags() error {
+	flags := c.Flags()
+	missingFlagNames := []string{}
+	flags.VisitAll(func(pflag *flag.Flag) {
+		requiredAnnotation, found := pflag.Annotations[BashCompOneRequiredFlag]
+		if !found {
 			return
 		}
+		if (requiredAnnotation[0] == "true") && !pflag.Changed {
+			missingFlagNames = append(missingFlagNames, pflag.Name)
+		}
+	})
+
+	if len(missingFlagNames) > 0 {
+		return fmt.Errorf(`required flag(s) "%s" not set`, strings.Join(missingFlagNames, `", "`))
+	}
+	return nil
+}
+
+// InitDefaultHelpFlag adds default help flag to c.
+// It is called automatically by executing the c or by calling help and usage.
+// If c already has help flag, it will do nothing.
+func (c *Command) InitDefaultHelpFlag() {
+	c.mergePersistentFlags()
+	if c.Flags().Lookup("help") == nil {
+		usage := "help for "
+		if c.Name() == "" {
+			usage += "this command"
+		} else {
+			usage += c.Name()
+		}
+		c.Flags().BoolP("help", "h", false, usage)
+	}
+}
+
+// InitDefaultVersionFlag adds default version flag to c.
+// It is called automatically by executing the c.
+// If c already has a version flag, it will do nothing.
+// If c.Version is empty, it will do nothing.
+func (c *Command) InitDefaultVersionFlag() {
+	if c.Version == "" {
+		return
+	}
+
+	c.mergePersistentFlags()
+	if c.Flags().Lookup("version") == nil {
+		usage := "version for "
+		if c.Name() == "" {
+			usage += "this command"
+		} else {
+			usage += c.Name()
+		}
+		c.Flags().Bool("version", false, usage)
+	}
+}
+
+// InitDefaultHelpCmd adds default help command to c.
+// It is called automatically by executing the c or by calling help and usage.
+// If c already has help command or c has no subcommands, it will do nothing.
+func (c *Command) InitDefaultHelpCmd() {
+	if !c.HasSubCommands() {
+		return
+	}
 
+	if c.helpCommand == nil {
 		c.helpCommand = &Command{
 			Use:   "help [command]",
 			Short: "Help about any command",
 			Long: `Help provides help for any command in the application.
-    Simply type ` + c.Name() + ` help [path to command] for full details.`,
-			PersistentPreRun:  func(cmd *Command, args []string) {},
-			PersistentPostRun: func(cmd *Command, args []string) {},
+Simply type ` + c.Name() + ` help [path to command] for full details.`,
 
 			Run: func(c *Command, args []string) {
 				cmd, _, e := c.Root().Find(args)
 				if cmd == nil || e != nil {
-					c.Printf("Unknown help topic %#q.", args)
+					c.Printf("Unknown help topic %#q\n", args)
 					c.Root().Usage()
 				} else {
+					cmd.InitDefaultHelpFlag() // make possible 'help' flag to be shown
 					cmd.Help()
 				}
 			},
 		}
 	}
+	c.RemoveCommand(c.helpCommand)
 	c.AddCommand(c.helpCommand)
 }
 
-// Used for testing
+// ResetCommands delete parent, subcommand and help command from c.
 func (c *Command) ResetCommands() {
+	c.parent = nil
 	c.commands = nil
 	c.helpCommand = nil
+	c.parentsPflags = nil
 }
 
-// Sorts commands by their names
+// Sorts commands by their names.
 type commandSorterByName []*Command
 
 func (c commandSorterByName) Len() int           { return len(c) }
@@ -831,45 +1046,48 @@ main:
 	}
 }
 
-// Print is a convenience method to Print to the defined output, fallback to Stderr if not set
+// Print is a convenience method to Print to the defined output, fallback to Stderr if not set.
 func (c *Command) Print(i ...interface{}) {
 	fmt.Fprint(c.OutOrStderr(), i...)
 }
 
-// Println is a convenience method to Println to the defined output, fallback to Stderr if not set
+// Println is a convenience method to Println to the defined output, fallback to Stderr if not set.
 func (c *Command) Println(i ...interface{}) {
-	str := fmt.Sprintln(i...)
-	c.Print(str)
+	c.Print(fmt.Sprintln(i...))
 }
 
-// Printf is a convenience method to Printf to the defined output, fallback to Stderr if not set
+// Printf is a convenience method to Printf to the defined output, fallback to Stderr if not set.
 func (c *Command) Printf(format string, i ...interface{}) {
-	str := fmt.Sprintf(format, i...)
-	c.Print(str)
+	c.Print(fmt.Sprintf(format, i...))
 }
 
 // CommandPath returns the full path to this command.
 func (c *Command) CommandPath() string {
-	str := c.Name()
-	x := c
-	for x.HasParent() {
-		str = x.parent.Name() + " " + str
-		x = x.parent
+	if c.HasParent() {
+		return c.Parent().CommandPath() + " " + c.Name()
 	}
-	return str
+	return c.Name()
 }
 
-//The full usage for a given command (including parents)
+// UseLine puts out the full usage for a given command (including parents).
 func (c *Command) UseLine() string {
-	str := ""
+	var useline string
 	if c.HasParent() {
-		str = c.parent.CommandPath() + " "
+		useline = c.parent.CommandPath() + " " + c.Use
+	} else {
+		useline = c.Use
 	}
-	return str + c.Use
+	if c.DisableFlagsInUseLine {
+		return useline
+	}
+	if c.HasAvailableFlags() && !strings.Contains(useline, "[flags]") {
+		useline += " [flags]"
+	}
+	return useline
 }
 
-// For use in determining which flags have been assigned to which commands
-// and which persist
+// DebugFlags used to determine which flags have been assigned to which commands
+// and which persist.
 func (c *Command) DebugFlags() {
 	c.Println("DebugFlags called on", c.Name())
 	var debugflags func(*Command)
@@ -880,12 +1098,8 @@ func (c *Command) DebugFlags() {
 		}
 		if x.HasFlags() {
 			x.flags.VisitAll(func(f *flag.Flag) {
-				if x.HasPersistentFlags() {
-					if x.persistentFlag(f.Name) == nil {
-						c.Println("  -"+f.Shorthand+",", "--"+f.Name, "["+f.DefValue+"]", "", f.Value, "  [L]")
-					} else {
-						c.Println("  -"+f.Shorthand+",", "--"+f.Name, "["+f.DefValue+"]", "", f.Value, "  [LP]")
-					}
+				if x.HasPersistentFlags() && x.persistentFlag(f.Name) != nil {
+					c.Println("  -"+f.Shorthand+",", "--"+f.Name, "["+f.DefValue+"]", "", f.Value, "  [LP]")
 				} else {
 					c.Println("  -"+f.Shorthand+",", "--"+f.Name, "["+f.DefValue+"]", "", f.Value, "  [L]")
 				}
@@ -915,9 +1129,6 @@ func (c *Command) DebugFlags() {
 
 // Name returns the command's name: the first word in the use line.
 func (c *Command) Name() string {
-	if c.name != "" {
-		return c.name
-	}
 	name := c.Use
 	i := strings.Index(name, " ")
 	if i >= 0 {
@@ -936,26 +1147,53 @@ func (c *Command) HasAlias(s string) bool {
 	return false
 }
 
+// CalledAs returns the command name or alias that was used to invoke
+// this command or an empty string if the command has not been called.
+func (c *Command) CalledAs() string {
+	if c.commandCalledAs.called {
+		return c.commandCalledAs.name
+	}
+	return ""
+}
+
+// hasNameOrAliasPrefix returns true if the Name or any of aliases start
+// with prefix
+func (c *Command) hasNameOrAliasPrefix(prefix string) bool {
+	if strings.HasPrefix(c.Name(), prefix) {
+		c.commandCalledAs.name = c.Name()
+		return true
+	}
+	for _, alias := range c.Aliases {
+		if strings.HasPrefix(alias, prefix) {
+			c.commandCalledAs.name = alias
+			return true
+		}
+	}
+	return false
+}
+
+// NameAndAliases returns a list of the command name and all aliases
 func (c *Command) NameAndAliases() string {
 	return strings.Join(append([]string{c.Name()}, c.Aliases...), ", ")
 }
 
+// HasExample determines if the command has example.
 func (c *Command) HasExample() bool {
 	return len(c.Example) > 0
 }
 
-// Runnable determines if the command is itself runnable
+// Runnable determines if the command is itself runnable.
 func (c *Command) Runnable() bool {
 	return c.Run != nil || c.RunE != nil
 }
 
-// HasSubCommands determines if the command has children commands
+// HasSubCommands determines if the command has children commands.
 func (c *Command) HasSubCommands() bool {
 	return len(c.commands) > 0
 }
 
 // IsAvailableCommand determines if a command is available as a non-help command
-// (this includes all non deprecated/hidden commands)
+// (this includes all non deprecated/hidden commands).
 func (c *Command) IsAvailableCommand() bool {
 	if len(c.Deprecated) != 0 || c.Hidden {
 		return false
@@ -972,11 +1210,12 @@ func (c *Command) IsAvailableCommand() bool {
 	return false
 }
 
-// IsHelpCommand determines if a command is a 'help' command; a help command is
-// determined by the fact that it is NOT runnable/hidden/deprecated, and has no
-// sub commands that are runnable/hidden/deprecated
-func (c *Command) IsHelpCommand() bool {
-
+// IsAdditionalHelpTopicCommand determines if a command is an additional
+// help topic command; additional help topic command is determined by the
+// fact that it is NOT runnable/hidden/deprecated, and has no sub commands that
+// are runnable/hidden/deprecated.
+// Concrete example: https://github.com/spf13/cobra/issues/393#issuecomment-282741924.
+func (c *Command) IsAdditionalHelpTopicCommand() bool {
 	// if a command is runnable, deprecated, or hidden it is not a 'help' command
 	if c.Runnable() || len(c.Deprecated) != 0 || c.Hidden {
 		return false
@@ -984,7 +1223,7 @@ func (c *Command) IsHelpCommand() bool {
 
 	// if any non-help sub commands are found, the command is not a 'help' command
 	for _, sub := range c.commands {
-		if !sub.IsHelpCommand() {
+		if !sub.IsAdditionalHelpTopicCommand() {
 			return false
 		}
 	}
@@ -993,14 +1232,13 @@ func (c *Command) IsHelpCommand() bool {
 	return true
 }
 
-// HasHelpSubCommands determines if a command has any avilable 'help' sub commands
+// HasHelpSubCommands determines if a command has any available 'help' sub commands
 // that need to be shown in the usage/help default template under 'additional help
-// topics'
+// topics'.
 func (c *Command) HasHelpSubCommands() bool {
-
 	// return true on the first found available 'help' sub command
 	for _, sub := range c.commands {
-		if sub.IsHelpCommand() {
+		if sub.IsAdditionalHelpTopicCommand() {
 			return true
 		}
 	}
@@ -1010,9 +1248,8 @@ func (c *Command) HasHelpSubCommands() bool {
 }
 
 // HasAvailableSubCommands determines if a command has available sub commands that
-// need to be shown in the usage/help default template under 'available commands'
+// need to be shown in the usage/help default template under 'available commands'.
 func (c *Command) HasAvailableSubCommands() bool {
-
 	// return true on the first found available (non deprecated/help/hidden)
 	// sub command
 	for _, sub := range c.commands {
@@ -1021,22 +1258,23 @@ func (c *Command) HasAvailableSubCommands() bool {
 		}
 	}
 
-	// the command either has no sub comamnds, or no available (non deprecated/help/hidden)
+	// the command either has no sub commands, or no available (non deprecated/help/hidden)
 	// sub commands
 	return false
 }
 
-// Determine if the command is a child command
+// HasParent determines if the command is a child command.
 func (c *Command) HasParent() bool {
 	return c.parent != nil
 }
 
-// GlobalNormalizationFunc returns the global normalization function or nil if doesn't exists
+// GlobalNormalizationFunc returns the global normalization function or nil if it doesn't exist.
 func (c *Command) GlobalNormalizationFunc() func(f *flag.FlagSet, name string) flag.NormalizedName {
 	return c.globNormFunc
 }
 
-// Get the complete FlagSet that applies to this command (local and persistent declared here and by all parents)
+// Flags returns the complete FlagSet that applies
+// to this command (local and persistent declared here and by all parents).
 func (c *Command) Flags() *flag.FlagSet {
 	if c.flags == nil {
 		c.flags = flag.NewFlagSet(c.Name(), flag.ContinueOnError)
@@ -1045,10 +1283,11 @@ func (c *Command) Flags() *flag.FlagSet {
 		}
 		c.flags.SetOutput(c.flagErrorBuf)
 	}
+
 	return c.flags
 }
 
-// LocalNonPersistentFlags are flags specific to this command which will NOT persist to subcommands
+// LocalNonPersistentFlags are flags specific to this command which will NOT persist to subcommands.
 func (c *Command) LocalNonPersistentFlags() *flag.FlagSet {
 	persistentFlags := c.PersistentFlags()
 
@@ -1061,59 +1300,63 @@ func (c *Command) LocalNonPersistentFlags() *flag.FlagSet {
 	return out
 }
 
-// Get the local FlagSet specifically set in the current command
+// LocalFlags returns the local FlagSet specifically set in the current command.
 func (c *Command) LocalFlags() *flag.FlagSet {
 	c.mergePersistentFlags()
 
-	local := flag.NewFlagSet(c.Name(), flag.ContinueOnError)
-	c.lflags.VisitAll(func(f *flag.Flag) {
-		local.AddFlag(f)
-	})
-	if !c.HasParent() {
-		flag.CommandLine.VisitAll(func(f *flag.Flag) {
-			if local.Lookup(f.Name) == nil {
-				local.AddFlag(f)
-			}
-		})
+	if c.lflags == nil {
+		c.lflags = flag.NewFlagSet(c.Name(), flag.ContinueOnError)
+		if c.flagErrorBuf == nil {
+			c.flagErrorBuf = new(bytes.Buffer)
+		}
+		c.lflags.SetOutput(c.flagErrorBuf)
 	}
-	return local
+	c.lflags.SortFlags = c.Flags().SortFlags
+	if c.globNormFunc != nil {
+		c.lflags.SetNormalizeFunc(c.globNormFunc)
+	}
+
+	addToLocal := func(f *flag.Flag) {
+		if c.lflags.Lookup(f.Name) == nil && c.parentsPflags.Lookup(f.Name) == nil {
+			c.lflags.AddFlag(f)
+		}
+	}
+	c.Flags().VisitAll(addToLocal)
+	c.PersistentFlags().VisitAll(addToLocal)
+	return c.lflags
 }
 
-// All Flags which were inherited from parents commands
+// InheritedFlags returns all flags which were inherited from parents commands.
 func (c *Command) InheritedFlags() *flag.FlagSet {
 	c.mergePersistentFlags()
 
-	inherited := flag.NewFlagSet(c.Name(), flag.ContinueOnError)
-	local := c.LocalFlags()
-
-	var rmerge func(x *Command)
-
-	rmerge = func(x *Command) {
-		if x.HasPersistentFlags() {
-			x.PersistentFlags().VisitAll(func(f *flag.Flag) {
-				if inherited.Lookup(f.Name) == nil && local.Lookup(f.Name) == nil {
-					inherited.AddFlag(f)
-				}
-			})
-		}
-		if x.HasParent() {
-			rmerge(x.parent)
+	if c.iflags == nil {
+		c.iflags = flag.NewFlagSet(c.Name(), flag.ContinueOnError)
+		if c.flagErrorBuf == nil {
+			c.flagErrorBuf = new(bytes.Buffer)
 		}
+		c.iflags.SetOutput(c.flagErrorBuf)
 	}
 
-	if c.HasParent() {
-		rmerge(c.parent)
+	local := c.LocalFlags()
+	if c.globNormFunc != nil {
+		c.iflags.SetNormalizeFunc(c.globNormFunc)
 	}
 
-	return inherited
+	c.parentsPflags.VisitAll(func(f *flag.Flag) {
+		if c.iflags.Lookup(f.Name) == nil && local.Lookup(f.Name) == nil {
+			c.iflags.AddFlag(f)
+		}
+	})
+	return c.iflags
 }
 
-// All Flags which were not inherited from parent commands
+// NonInheritedFlags returns all flags which were not inherited from parent commands.
 func (c *Command) NonInheritedFlags() *flag.FlagSet {
 	return c.LocalFlags()
 }
 
-// Get the Persistent FlagSet specifically set in the current command
+// PersistentFlags returns the persistent FlagSet specifically set in the current command.
 func (c *Command) PersistentFlags() *flag.FlagSet {
 	if c.pflags == nil {
 		c.pflags = flag.NewFlagSet(c.Name(), flag.ContinueOnError)
@@ -1125,7 +1368,7 @@ func (c *Command) PersistentFlags() *flag.FlagSet {
 	return c.pflags
 }
 
-// For use in testing
+// ResetFlags deletes all flags from command.
 func (c *Command) ResetFlags() {
 	c.flagErrorBuf = new(bytes.Buffer)
 	c.flagErrorBuf.Reset()
@@ -1133,52 +1376,56 @@ func (c *Command) ResetFlags() {
 	c.flags.SetOutput(c.flagErrorBuf)
 	c.pflags = flag.NewFlagSet(c.Name(), flag.ContinueOnError)
 	c.pflags.SetOutput(c.flagErrorBuf)
+
+	c.lflags = nil
+	c.iflags = nil
+	c.parentsPflags = nil
 }
 
-// Does the command contain any flags (local plus persistent from the entire structure)
+// HasFlags checks if the command contains any flags (local plus persistent from the entire structure).
 func (c *Command) HasFlags() bool {
 	return c.Flags().HasFlags()
 }
 
-// Does the command contain persistent flags
+// HasPersistentFlags checks if the command contains persistent flags.
 func (c *Command) HasPersistentFlags() bool {
 	return c.PersistentFlags().HasFlags()
 }
 
-// Does the command has flags specifically declared locally
+// HasLocalFlags checks if the command has flags specifically declared locally.
 func (c *Command) HasLocalFlags() bool {
 	return c.LocalFlags().HasFlags()
 }
 
-// Does the command have flags inherited from its parent command
+// HasInheritedFlags checks if the command has flags inherited from its parent command.
 func (c *Command) HasInheritedFlags() bool {
 	return c.InheritedFlags().HasFlags()
 }
 
-// Does the command contain any flags (local plus persistent from the entire
-// structure) which are not hidden or deprecated
+// HasAvailableFlags checks if the command contains any flags (local plus persistent from the entire
+// structure) which are not hidden or deprecated.
 func (c *Command) HasAvailableFlags() bool {
 	return c.Flags().HasAvailableFlags()
 }
 
-// Does the command contain persistent flags which are not hidden or deprecated
+// HasAvailablePersistentFlags checks if the command contains persistent flags which are not hidden or deprecated.
 func (c *Command) HasAvailablePersistentFlags() bool {
 	return c.PersistentFlags().HasAvailableFlags()
 }
 
-// Does the command has flags specifically declared locally which are not hidden
-// or deprecated
+// HasAvailableLocalFlags checks if the command has flags specifically declared locally which are not hidden
+// or deprecated.
 func (c *Command) HasAvailableLocalFlags() bool {
 	return c.LocalFlags().HasAvailableFlags()
 }
 
-// Does the command have flags inherited from its parent command which are
-// not hidden or deprecated
+// HasAvailableInheritedFlags checks if the command has flags inherited from its parent command which are
+// not hidden or deprecated.
 func (c *Command) HasAvailableInheritedFlags() bool {
 	return c.InheritedFlags().HasAvailableFlags()
 }
 
-// Flag climbs up the command tree looking for matching flag
+// Flag climbs up the command tree looking for matching flag.
 func (c *Command) Flag(name string) (flag *flag.Flag) {
 	flag = c.Flags().Lookup(name)
 
@@ -1189,68 +1436,69 @@ func (c *Command) Flag(name string) (flag *flag.Flag) {
 	return
 }
 
-// recursively find matching persistent flag
+// Recursively find matching persistent flag.
 func (c *Command) persistentFlag(name string) (flag *flag.Flag) {
 	if c.HasPersistentFlags() {
 		flag = c.PersistentFlags().Lookup(name)
 	}
 
-	if flag == nil && c.HasParent() {
-		flag = c.parent.persistentFlag(name)
+	if flag == nil {
+		c.updateParentsPflags()
+		flag = c.parentsPflags.Lookup(name)
 	}
 	return
 }
 
-// ParseFlags parses persistent flag tree & local flags
-func (c *Command) ParseFlags(args []string) (err error) {
+// ParseFlags parses persistent flag tree and local flags.
+func (c *Command) ParseFlags(args []string) error {
 	if c.DisableFlagParsing {
 		return nil
 	}
+
+	if c.flagErrorBuf == nil {
+		c.flagErrorBuf = new(bytes.Buffer)
+	}
+	beforeErrorBufLen := c.flagErrorBuf.Len()
 	c.mergePersistentFlags()
-	err = c.Flags().Parse(args)
-	return
+	err := c.Flags().Parse(args)
+	// Print warnings if they occurred (e.g. deprecated flag messages).
+	if c.flagErrorBuf.Len()-beforeErrorBufLen > 0 && err == nil {
+		c.Print(c.flagErrorBuf.String())
+	}
+
+	return err
 }
 
-// Parent returns a commands parent command
+// Parent returns a commands parent command.
 func (c *Command) Parent() *Command {
 	return c.parent
 }
 
+// mergePersistentFlags merges c.PersistentFlags() to c.Flags()
+// and adds missing persistent flags of all parents.
 func (c *Command) mergePersistentFlags() {
-	var rmerge func(x *Command)
+	c.updateParentsPflags()
+	c.Flags().AddFlagSet(c.PersistentFlags())
+	c.Flags().AddFlagSet(c.parentsPflags)
+}
 
-	// Save the set of local flags
-	if c.lflags == nil {
-		c.lflags = flag.NewFlagSet(c.Name(), flag.ContinueOnError)
-		if c.flagErrorBuf == nil {
-			c.flagErrorBuf = new(bytes.Buffer)
-		}
-		c.lflags.SetOutput(c.flagErrorBuf)
-		addtolocal := func(f *flag.Flag) {
-			c.lflags.AddFlag(f)
-		}
-		c.Flags().VisitAll(addtolocal)
-		c.PersistentFlags().VisitAll(addtolocal)
-	}
-	rmerge = func(x *Command) {
-		if !x.HasParent() {
-			flag.CommandLine.VisitAll(func(f *flag.Flag) {
-				if x.PersistentFlags().Lookup(f.Name) == nil {
-					x.PersistentFlags().AddFlag(f)
-				}
-			})
-		}
-		if x.HasPersistentFlags() {
-			x.PersistentFlags().VisitAll(func(f *flag.Flag) {
-				if c.Flags().Lookup(f.Name) == nil {
-					c.Flags().AddFlag(f)
-				}
-			})
-		}
-		if x.HasParent() {
-			rmerge(x.parent)
-		}
+// updateParentsPflags updates c.parentsPflags by adding
+// new persistent flags of all parents.
+// If c.parentsPflags == nil, it makes new.
+func (c *Command) updateParentsPflags() {
+	if c.parentsPflags == nil {
+		c.parentsPflags = flag.NewFlagSet(c.Name(), flag.ContinueOnError)
+		c.parentsPflags.SetOutput(c.flagErrorBuf)
+		c.parentsPflags.SortFlags = false
 	}
 
-	rmerge(c)
+	if c.globNormFunc != nil {
+		c.parentsPflags.SetNormalizeFunc(c.globNormFunc)
+	}
+
+	c.Root().PersistentFlags().AddFlagSet(flag.CommandLine)
+
+	c.VisitParents(func(parent *Command) {
+		c.parentsPflags.AddFlagSet(parent.PersistentFlags())
+	})
 }
diff --git a/vendor/github.com/spf13/cobra/command_win.go b/vendor/github.com/spf13/cobra/command_win.go
index 4b0eaa1b6bc7..edec728e4f5a 100644
--- a/vendor/github.com/spf13/cobra/command_win.go
+++ b/vendor/github.com/spf13/cobra/command_win.go
@@ -11,14 +11,8 @@ import (
 
 var preExecHookFn = preExecHook
 
-// enables an information splash screen on Windows if the CLI is started from explorer.exe.
-var MousetrapHelpText string = `This is a command line tool
-
-You need to open cmd.exe and run it from there.
-`
-
 func preExecHook(c *Command) {
-	if mousetrap.StartedByExplorer() {
+	if MousetrapHelpText != "" && mousetrap.StartedByExplorer() {
 		c.Print(MousetrapHelpText)
 		time.Sleep(5 * time.Second)
 		os.Exit(1)
diff --git a/vendor/github.com/spf13/cobra/doc/man_docs.go b/vendor/github.com/spf13/cobra/doc/man_docs.go
index b202029d1e0c..ce92332dd178 100644
--- a/vendor/github.com/spf13/cobra/doc/man_docs.go
+++ b/vendor/github.com/spf13/cobra/doc/man_docs.go
@@ -23,21 +23,21 @@ import (
 	"strings"
 	"time"
 
-	mangen "github.com/cpuguy83/go-md2man/md2man"
+	"github.com/cpuguy83/go-md2man/md2man"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
 )
 
 // GenManTree will generate a man page for this command and all descendants
 // in the directory given. The header may be nil. This function may not work
-// correctly if your command names have - in them. If you have `cmd` with two
-// subcmds, `sub` and `sub-third`. And `sub` has a subcommand called `third`
+// correctly if your command names have `-` in them. If you have `cmd` with two
+// subcmds, `sub` and `sub-third`, and `sub` has a subcommand called `third`
 // it is undefined which help output will be in the file `cmd-sub-third.1`.
 func GenManTree(cmd *cobra.Command, header *GenManHeader, dir string) error {
 	return GenManTreeFromOpts(cmd, GenManTreeOptions{
 		Header:           header,
 		Path:             dir,
-		CommandSeparator: "_",
+		CommandSeparator: "-",
 	})
 }
 
@@ -49,7 +49,7 @@ func GenManTreeFromOpts(cmd *cobra.Command, opts GenManTreeOptions) error {
 		header = &GenManHeader{}
 	}
 	for _, c := range cmd.Commands() {
-		if !c.IsAvailableCommand() || c.IsHelpCommand() {
+		if !c.IsAvailableCommand() || c.IsAdditionalHelpTopicCommand() {
 			continue
 		}
 		if err := GenManTreeFromOpts(c, opts); err != nil {
@@ -66,7 +66,7 @@ func GenManTreeFromOpts(cmd *cobra.Command, opts GenManTreeOptions) error {
 		separator = opts.CommandSeparator
 	}
 	basename := strings.Replace(cmd.CommandPath(), " ", separator, -1)
-	filename := filepath.Join(opts.Path, basename + "." + section)
+	filename := filepath.Join(opts.Path, basename+"."+section)
 	f, err := os.Create(filename)
 	if err != nil {
 		return err
@@ -77,6 +77,8 @@ func GenManTreeFromOpts(cmd *cobra.Command, opts GenManTreeOptions) error {
 	return GenMan(cmd, &headerCopy, f)
 }
 
+// GenManTreeOptions is the options for generating the man pages.
+// Used only in GenManTreeFromOpts.
 type GenManTreeOptions struct {
 	Header           *GenManHeader
 	Path             string
@@ -105,7 +107,7 @@ func GenMan(cmd *cobra.Command, header *GenManHeader, w io.Writer) error {
 	fillHeader(header, cmd.CommandPath())
 
 	b := genMan(cmd, header)
-	_, err := w.Write(mangen.Render(b))
+	_, err := w.Write(md2man.Render(b))
 	return err
 }
 
@@ -126,25 +128,25 @@ func fillHeader(header *GenManHeader, name string) {
 	}
 }
 
-func manPreamble(out io.Writer, header *GenManHeader, cmd *cobra.Command, dashedName string) {
+func manPreamble(buf *bytes.Buffer, header *GenManHeader, cmd *cobra.Command, dashedName string) {
 	description := cmd.Long
 	if len(description) == 0 {
 		description = cmd.Short
 	}
 
-	fmt.Fprintf(out, `%% %s(%s)%s
+	buf.WriteString(fmt.Sprintf(`%% %s(%s)%s
 %% %s
 %% %s
 # NAME
-`, header.Title, header.Section, header.date, header.Source, header.Manual)
-	fmt.Fprintf(out, "%s \\- %s\n\n", dashedName, cmd.Short)
-	fmt.Fprintf(out, "# SYNOPSIS\n")
-	fmt.Fprintf(out, "**%s**\n\n", cmd.UseLine())
-	fmt.Fprintf(out, "# DESCRIPTION\n")
-	fmt.Fprintf(out, "%s\n\n", description)
+`, header.Title, header.Section, header.date, header.Source, header.Manual))
+	buf.WriteString(fmt.Sprintf("%s \\- %s\n\n", dashedName, cmd.Short))
+	buf.WriteString("# SYNOPSIS\n")
+	buf.WriteString(fmt.Sprintf("**%s**\n\n", cmd.UseLine()))
+	buf.WriteString("# DESCRIPTION\n")
+	buf.WriteString(description + "\n\n")
 }
 
-func manPrintFlags(out io.Writer, flags *pflag.FlagSet) {
+func manPrintFlags(buf *bytes.Buffer, flags *pflag.FlagSet) {
 	flags.VisitAll(func(flag *pflag.Flag) {
 		if len(flag.Deprecated) > 0 || flag.Hidden {
 			return
@@ -156,38 +158,41 @@ func manPrintFlags(out io.Writer, flags *pflag.FlagSet) {
 			format = fmt.Sprintf("**--%s**", flag.Name)
 		}
 		if len(flag.NoOptDefVal) > 0 {
-			format = format + "["
+			format += "["
 		}
 		if flag.Value.Type() == "string" {
 			// put quotes on the value
-			format = format + "=%q"
+			format += "=%q"
 		} else {
-			format = format + "=%s"
+			format += "=%s"
 		}
 		if len(flag.NoOptDefVal) > 0 {
-			format = format + "]"
+			format += "]"
 		}
-		format = format + "\n\t%s\n\n"
-		fmt.Fprintf(out, format, flag.DefValue, flag.Usage)
+		format += "\n\t%s\n\n"
+		buf.WriteString(fmt.Sprintf(format, flag.DefValue, flag.Usage))
 	})
 }
 
-func manPrintOptions(out io.Writer, command *cobra.Command) {
+func manPrintOptions(buf *bytes.Buffer, command *cobra.Command) {
 	flags := command.NonInheritedFlags()
 	if flags.HasFlags() {
-		fmt.Fprintf(out, "# OPTIONS\n")
-		manPrintFlags(out, flags)
-		fmt.Fprintf(out, "\n")
+		buf.WriteString("# OPTIONS\n")
+		manPrintFlags(buf, flags)
+		buf.WriteString("\n")
 	}
 	flags = command.InheritedFlags()
 	if flags.HasFlags() {
-		fmt.Fprintf(out, "# OPTIONS INHERITED FROM PARENT COMMANDS\n")
-		manPrintFlags(out, flags)
-		fmt.Fprintf(out, "\n")
+		buf.WriteString("# OPTIONS INHERITED FROM PARENT COMMANDS\n")
+		manPrintFlags(buf, flags)
+		buf.WriteString("\n")
 	}
 }
 
 func genMan(cmd *cobra.Command, header *GenManHeader) []byte {
+	cmd.InitDefaultHelpCmd()
+	cmd.InitDefaultHelpFlag()
+
 	// something like `rootcmd-subcmd1-subcmd2`
 	dashCommandName := strings.Replace(cmd.CommandPath(), " ", "-", -1)
 
@@ -196,11 +201,11 @@ func genMan(cmd *cobra.Command, header *GenManHeader) []byte {
 	manPreamble(buf, header, cmd, dashCommandName)
 	manPrintOptions(buf, cmd)
 	if len(cmd.Example) > 0 {
-		fmt.Fprintf(buf, "# EXAMPLE\n")
-		fmt.Fprintf(buf, "```\n%s\n```\n", cmd.Example)
+		buf.WriteString("# EXAMPLE\n")
+		buf.WriteString(fmt.Sprintf("```\n%s\n```\n", cmd.Example))
 	}
 	if hasSeeAlso(cmd) {
-		fmt.Fprintf(buf, "# SEE ALSO\n")
+		buf.WriteString("# SEE ALSO\n")
 		seealsos := make([]string, 0)
 		if cmd.HasParent() {
 			parentPath := cmd.Parent().CommandPath()
@@ -216,16 +221,16 @@ func genMan(cmd *cobra.Command, header *GenManHeader) []byte {
 		children := cmd.Commands()
 		sort.Sort(byName(children))
 		for _, c := range children {
-			if !c.IsAvailableCommand() || c.IsHelpCommand() {
+			if !c.IsAvailableCommand() || c.IsAdditionalHelpTopicCommand() {
 				continue
 			}
 			seealso := fmt.Sprintf("**%s-%s(%s)**", dashCommandName, c.Name(), header.Section)
 			seealsos = append(seealsos, seealso)
 		}
-		fmt.Fprintf(buf, "%s\n", strings.Join(seealsos, ", "))
+		buf.WriteString(strings.Join(seealsos, ", ") + "\n")
 	}
 	if !cmd.DisableAutoGenTag {
-		fmt.Fprintf(buf, "# HISTORY\n%s Auto generated by spf13/cobra\n", header.Date.Format("2-Jan-2006"))
+		buf.WriteString(fmt.Sprintf("# HISTORY\n%s Auto generated by spf13/cobra\n", header.Date.Format("2-Jan-2006")))
 	}
 	return buf.Bytes()
 }
diff --git a/vendor/github.com/spf13/cobra/doc/man_docs.md b/vendor/github.com/spf13/cobra/doc/man_docs.md
index 5fe957a35587..3709160f34f0 100644
--- a/vendor/github.com/spf13/cobra/doc/man_docs.md
+++ b/vendor/github.com/spf13/cobra/doc/man_docs.md
@@ -6,6 +6,8 @@ Generating man pages from a cobra command is incredibly easy. An example is as f
 package main
 
 import (
+	"log"
+
 	"github.com/spf13/cobra"
 	"github.com/spf13/cobra/doc"
 )
@@ -15,12 +17,15 @@ func main() {
 		Use:   "test",
 		Short: "my test program",
 	}
-	header := &cobra.GenManHeader{
+	header := &doc.GenManHeader{
 		Title: "MINE",
 		Section: "3",
 	}
-	doc.GenManTree(cmd, header, "/tmp")
+	err := doc.GenManTree(cmd, header, "/tmp")
+	if err != nil {
+		log.Fatal(err)
+	}
 }
 ```
 
-That will get you a man page `/tmp/test.1`
+That will get you a man page `/tmp/test.3`
diff --git a/vendor/github.com/spf13/cobra/doc/md_docs.go b/vendor/github.com/spf13/cobra/doc/md_docs.go
index fa1363180490..d7a2c2b62991 100644
--- a/vendor/github.com/spf13/cobra/doc/md_docs.go
+++ b/vendor/github.com/spf13/cobra/doc/md_docs.go
@@ -14,6 +14,7 @@
 package doc
 
 import (
+	"bytes"
 	"fmt"
 	"io"
 	"os"
@@ -25,38 +26,36 @@ import (
 	"github.com/spf13/cobra"
 )
 
-func printOptions(w io.Writer, cmd *cobra.Command, name string) error {
+func printOptions(buf *bytes.Buffer, cmd *cobra.Command, name string) error {
 	flags := cmd.NonInheritedFlags()
-	flags.SetOutput(w)
+	flags.SetOutput(buf)
 	if flags.HasFlags() {
-		if _, err := fmt.Fprintf(w, "### Options\n\n```\n"); err != nil {
-			return err
-		}
+		buf.WriteString("### Options\n\n```\n")
 		flags.PrintDefaults()
-		if _, err := fmt.Fprintf(w, "```\n\n"); err != nil {
-			return err
-		}
+		buf.WriteString("```\n\n")
 	}
 
 	parentFlags := cmd.InheritedFlags()
-	parentFlags.SetOutput(w)
+	parentFlags.SetOutput(buf)
 	if parentFlags.HasFlags() {
-		if _, err := fmt.Fprintf(w, "### Options inherited from parent commands\n\n```\n"); err != nil {
-			return err
-		}
+		buf.WriteString("### Options inherited from parent commands\n\n```\n")
 		parentFlags.PrintDefaults()
-		if _, err := fmt.Fprintf(w, "```\n\n"); err != nil {
-			return err
-		}
+		buf.WriteString("```\n\n")
 	}
 	return nil
 }
 
+// GenMarkdown creates markdown output.
 func GenMarkdown(cmd *cobra.Command, w io.Writer) error {
 	return GenMarkdownCustom(cmd, w, func(s string) string { return s })
 }
 
+// GenMarkdownCustom creates custom markdown output.
 func GenMarkdownCustom(cmd *cobra.Command, w io.Writer, linkHandler func(string) string) error {
+	cmd.InitDefaultHelpCmd()
+	cmd.InitDefaultHelpFlag()
+
+	buf := new(bytes.Buffer)
 	name := cmd.CommandPath()
 
 	short := cmd.Short
@@ -65,49 +64,31 @@ func GenMarkdownCustom(cmd *cobra.Command, w io.Writer, linkHandler func(string)
 		long = short
 	}
 
-	if _, err := fmt.Fprintf(w, "## %s\n\n", name); err != nil {
-		return err
-	}
-	if _, err := fmt.Fprintf(w, "%s\n\n", short); err != nil {
-		return err
-	}
-	if _, err := fmt.Fprintf(w, "### Synopsis\n\n"); err != nil {
-		return err
-	}
-	if _, err := fmt.Fprintf(w, "\n%s\n\n", long); err != nil {
-		return err
-	}
+	buf.WriteString("## " + name + "\n\n")
+	buf.WriteString(short + "\n\n")
+	buf.WriteString("### Synopsis\n\n")
+	buf.WriteString(long + "\n\n")
 
 	if cmd.Runnable() {
-		if _, err := fmt.Fprintf(w, "```\n%s\n```\n\n", cmd.UseLine()); err != nil {
-			return err
-		}
+		buf.WriteString(fmt.Sprintf("```\n%s\n```\n\n", cmd.UseLine()))
 	}
 
 	if len(cmd.Example) > 0 {
-		if _, err := fmt.Fprintf(w, "### Examples\n\n"); err != nil {
-			return err
-		}
-		if _, err := fmt.Fprintf(w, "```\n%s\n```\n\n", cmd.Example); err != nil {
-			return err
-		}
+		buf.WriteString("### Examples\n\n")
+		buf.WriteString(fmt.Sprintf("```\n%s\n```\n\n", cmd.Example))
 	}
 
-	if err := printOptions(w, cmd, name); err != nil {
+	if err := printOptions(buf, cmd, name); err != nil {
 		return err
 	}
 	if hasSeeAlso(cmd) {
-		if _, err := fmt.Fprintf(w, "### SEE ALSO\n"); err != nil {
-			return err
-		}
+		buf.WriteString("### SEE ALSO\n\n")
 		if cmd.HasParent() {
 			parent := cmd.Parent()
 			pname := parent.CommandPath()
 			link := pname + ".md"
 			link = strings.Replace(link, " ", "_", -1)
-			if _, err := fmt.Fprintf(w, "* [%s](%s)\t - %s\n", pname, linkHandler(link), parent.Short); err != nil {
-				return err
-			}
+			buf.WriteString(fmt.Sprintf("* [%s](%s)\t - %s\n", pname, linkHandler(link), parent.Short))
 			cmd.VisitParents(func(c *cobra.Command) {
 				if c.DisableAutoGenTag {
 					cmd.DisableAutoGenTag = c.DisableAutoGenTag
@@ -119,37 +100,40 @@ func GenMarkdownCustom(cmd *cobra.Command, w io.Writer, linkHandler func(string)
 		sort.Sort(byName(children))
 
 		for _, child := range children {
-			if !child.IsAvailableCommand() || child.IsHelpCommand() {
+			if !child.IsAvailableCommand() || child.IsAdditionalHelpTopicCommand() {
 				continue
 			}
 			cname := name + " " + child.Name()
 			link := cname + ".md"
 			link = strings.Replace(link, " ", "_", -1)
-			if _, err := fmt.Fprintf(w, "* [%s](%s)\t - %s\n", cname, linkHandler(link), child.Short); err != nil {
-				return err
-			}
-		}
-		if _, err := fmt.Fprintf(w, "\n"); err != nil {
-			return err
+			buf.WriteString(fmt.Sprintf("* [%s](%s)\t - %s\n", cname, linkHandler(link), child.Short))
 		}
+		buf.WriteString("\n")
 	}
 	if !cmd.DisableAutoGenTag {
-		if _, err := fmt.Fprintf(w, "###### Auto generated by spf13/cobra on %s\n", time.Now().Format("2-Jan-2006")); err != nil {
-			return err
-		}
+		buf.WriteString("###### Auto generated by spf13/cobra on " + time.Now().Format("2-Jan-2006") + "\n")
 	}
-	return nil
+	_, err := buf.WriteTo(w)
+	return err
 }
 
+// GenMarkdownTree will generate a markdown page for this command and all
+// descendants in the directory given. The header may be nil.
+// This function may not work correctly if your command names have `-` in them.
+// If you have `cmd` with two subcmds, `sub` and `sub-third`,
+// and `sub` has a subcommand called `third`, it is undefined which
+// help output will be in the file `cmd-sub-third.1`.
 func GenMarkdownTree(cmd *cobra.Command, dir string) error {
 	identity := func(s string) string { return s }
 	emptyStr := func(s string) string { return "" }
 	return GenMarkdownTreeCustom(cmd, dir, emptyStr, identity)
 }
 
+// GenMarkdownTreeCustom is the the same as GenMarkdownTree, but
+// with custom filePrepender and linkHandler.
 func GenMarkdownTreeCustom(cmd *cobra.Command, dir string, filePrepender, linkHandler func(string) string) error {
 	for _, c := range cmd.Commands() {
-		if !c.IsAvailableCommand() || c.IsHelpCommand() {
+		if !c.IsAvailableCommand() || c.IsAdditionalHelpTopicCommand() {
 			continue
 		}
 		if err := GenMarkdownTreeCustom(c, dir, filePrepender, linkHandler); err != nil {
diff --git a/vendor/github.com/spf13/cobra/doc/md_docs.md b/vendor/github.com/spf13/cobra/doc/md_docs.md
index 0c3b96e27186..56ce9fe819e3 100644
--- a/vendor/github.com/spf13/cobra/doc/md_docs.md
+++ b/vendor/github.com/spf13/cobra/doc/md_docs.md
@@ -6,6 +6,8 @@ Generating man pages from a cobra command is incredibly easy. An example is as f
 package main
 
 import (
+	"log"
+
 	"github.com/spf13/cobra"
 	"github.com/spf13/cobra/doc"
 )
@@ -15,7 +17,10 @@ func main() {
 		Use:   "test",
 		Short: "my test program",
 	}
-	doc.GenMarkdownTree(cmd, "/tmp")
+	err := doc.GenMarkdownTree(cmd, "/tmp")
+	if err != nil {
+		log.Fatal(err)
+	}
 }
 ```
 
@@ -29,18 +34,22 @@ This program can actually generate docs for the kubectl command in the kubernete
 package main
 
 import (
+	"log"
 	"io/ioutil"
 	"os"
 
-	kubectlcmd "k8s.io/kubernetes/pkg/kubectl/cmd"
+	"k8s.io/kubernetes/pkg/kubectl/cmd"
 	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
 
 	"github.com/spf13/cobra/doc"
 )
 
 func main() {
-	cmd := kubectlcmd.NewKubectlCommand(cmdutil.NewFactory(nil), os.Stdin, ioutil.Discard, ioutil.Discard)
-	doc.GenMarkdownTree(cmd, "./")
+	kubectl := cmd.NewKubectlCommand(cmdutil.NewFactory(nil), os.Stdin, ioutil.Discard, ioutil.Discard)
+	err := doc.GenMarkdownTree(kubectl, "./")
+	if err != nil {
+		log.Fatal(err)
+	}
 }
 ```
 
@@ -52,7 +61,10 @@ You may wish to have more control over the output, or only generate for a single
 
 ```go
 	out := new(bytes.Buffer)
-	doc.GenMarkdown(cmd, out)
+	err := doc.GenMarkdown(cmd, out)
+	if err != nil {
+		log.Fatal(err)
+	}
 ```
 
 This will write the markdown doc for ONLY "cmd" into the out, buffer.
@@ -101,4 +113,3 @@ linkHandler := func(name string) string {
 	return "/commands/" + strings.ToLower(base) + "/"
 }
 ```
-
diff --git a/vendor/github.com/spf13/cobra/doc/rest_docs.go b/vendor/github.com/spf13/cobra/doc/rest_docs.go
new file mode 100644
index 000000000000..4913e3ee2ea2
--- /dev/null
+++ b/vendor/github.com/spf13/cobra/doc/rest_docs.go
@@ -0,0 +1,185 @@
+//Copyright 2015 Red Hat Inc. All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package doc
+
+import (
+	"bytes"
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+	"sort"
+	"strings"
+	"time"
+
+	"github.com/spf13/cobra"
+)
+
+func printOptionsReST(buf *bytes.Buffer, cmd *cobra.Command, name string) error {
+	flags := cmd.NonInheritedFlags()
+	flags.SetOutput(buf)
+	if flags.HasFlags() {
+		buf.WriteString("Options\n")
+		buf.WriteString("~~~~~~~\n\n::\n\n")
+		flags.PrintDefaults()
+		buf.WriteString("\n")
+	}
+
+	parentFlags := cmd.InheritedFlags()
+	parentFlags.SetOutput(buf)
+	if parentFlags.HasFlags() {
+		buf.WriteString("Options inherited from parent commands\n")
+		buf.WriteString("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\n::\n\n")
+		parentFlags.PrintDefaults()
+		buf.WriteString("\n")
+	}
+	return nil
+}
+
+// linkHandler for default ReST hyperlink markup
+func defaultLinkHandler(name, ref string) string {
+	return fmt.Sprintf("`%s <%s.rst>`_", name, ref)
+}
+
+// GenReST creates reStructured Text output.
+func GenReST(cmd *cobra.Command, w io.Writer) error {
+	return GenReSTCustom(cmd, w, defaultLinkHandler)
+}
+
+// GenReSTCustom creates custom reStructured Text output.
+func GenReSTCustom(cmd *cobra.Command, w io.Writer, linkHandler func(string, string) string) error {
+	cmd.InitDefaultHelpCmd()
+	cmd.InitDefaultHelpFlag()
+
+	buf := new(bytes.Buffer)
+	name := cmd.CommandPath()
+
+	short := cmd.Short
+	long := cmd.Long
+	if len(long) == 0 {
+		long = short
+	}
+	ref := strings.Replace(name, " ", "_", -1)
+
+	buf.WriteString(".. _" + ref + ":\n\n")
+	buf.WriteString(name + "\n")
+	buf.WriteString(strings.Repeat("-", len(name)) + "\n\n")
+	buf.WriteString(short + "\n\n")
+	buf.WriteString("Synopsis\n")
+	buf.WriteString("~~~~~~~~\n\n")
+	buf.WriteString("\n" + long + "\n\n")
+
+	if cmd.Runnable() {
+		buf.WriteString(fmt.Sprintf("::\n\n  %s\n\n", cmd.UseLine()))
+	}
+
+	if len(cmd.Example) > 0 {
+		buf.WriteString("Examples\n")
+		buf.WriteString("~~~~~~~~\n\n")
+		buf.WriteString(fmt.Sprintf("::\n\n%s\n\n", indentString(cmd.Example, "  ")))
+	}
+
+	if err := printOptionsReST(buf, cmd, name); err != nil {
+		return err
+	}
+	if hasSeeAlso(cmd) {
+		buf.WriteString("SEE ALSO\n")
+		buf.WriteString("~~~~~~~~\n\n")
+		if cmd.HasParent() {
+			parent := cmd.Parent()
+			pname := parent.CommandPath()
+			ref = strings.Replace(pname, " ", "_", -1)
+			buf.WriteString(fmt.Sprintf("* %s \t - %s\n", linkHandler(pname, ref), parent.Short))
+			cmd.VisitParents(func(c *cobra.Command) {
+				if c.DisableAutoGenTag {
+					cmd.DisableAutoGenTag = c.DisableAutoGenTag
+				}
+			})
+		}
+
+		children := cmd.Commands()
+		sort.Sort(byName(children))
+
+		for _, child := range children {
+			if !child.IsAvailableCommand() || child.IsAdditionalHelpTopicCommand() {
+				continue
+			}
+			cname := name + " " + child.Name()
+			ref = strings.Replace(cname, " ", "_", -1)
+			buf.WriteString(fmt.Sprintf("* %s \t - %s\n", linkHandler(cname, ref), child.Short))
+		}
+		buf.WriteString("\n")
+	}
+	if !cmd.DisableAutoGenTag {
+		buf.WriteString("*Auto generated by spf13/cobra on " + time.Now().Format("2-Jan-2006") + "*\n")
+	}
+	_, err := buf.WriteTo(w)
+	return err
+}
+
+// GenReSTTree will generate a ReST page for this command and all
+// descendants in the directory given.
+// This function may not work correctly if your command names have `-` in them.
+// If you have `cmd` with two subcmds, `sub` and `sub-third`,
+// and `sub` has a subcommand called `third`, it is undefined which
+// help output will be in the file `cmd-sub-third.1`.
+func GenReSTTree(cmd *cobra.Command, dir string) error {
+	emptyStr := func(s string) string { return "" }
+	return GenReSTTreeCustom(cmd, dir, emptyStr, defaultLinkHandler)
+}
+
+// GenReSTTreeCustom is the the same as GenReSTTree, but
+// with custom filePrepender and linkHandler.
+func GenReSTTreeCustom(cmd *cobra.Command, dir string, filePrepender func(string) string, linkHandler func(string, string) string) error {
+	for _, c := range cmd.Commands() {
+		if !c.IsAvailableCommand() || c.IsAdditionalHelpTopicCommand() {
+			continue
+		}
+		if err := GenReSTTreeCustom(c, dir, filePrepender, linkHandler); err != nil {
+			return err
+		}
+	}
+
+	basename := strings.Replace(cmd.CommandPath(), " ", "_", -1) + ".rst"
+	filename := filepath.Join(dir, basename)
+	f, err := os.Create(filename)
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+
+	if _, err := io.WriteString(f, filePrepender(filename)); err != nil {
+		return err
+	}
+	if err := GenReSTCustom(cmd, f, linkHandler); err != nil {
+		return err
+	}
+	return nil
+}
+
+// adapted from: https://github.com/kr/text/blob/main/indent.go
+func indentString(s, p string) string {
+	var res []byte
+	b := []byte(s)
+	prefix := []byte(p)
+	bol := true
+	for _, c := range b {
+		if bol && c != '\n' {
+			res = append(res, prefix...)
+		}
+		res = append(res, c)
+		bol = c == '\n'
+	}
+	return string(res)
+}
diff --git a/vendor/github.com/spf13/cobra/doc/rest_docs.md b/vendor/github.com/spf13/cobra/doc/rest_docs.md
new file mode 100644
index 000000000000..6098430eff67
--- /dev/null
+++ b/vendor/github.com/spf13/cobra/doc/rest_docs.md
@@ -0,0 +1,114 @@
+# Generating ReStructured Text Docs For Your Own cobra.Command
+
+Generating ReST pages from a cobra command is incredibly easy. An example is as follows:
+
+```go
+package main
+
+import (
+	"log"
+
+	"github.com/spf13/cobra"
+	"github.com/spf13/cobra/doc"
+)
+
+func main() {
+	cmd := &cobra.Command{
+		Use:   "test",
+		Short: "my test program",
+	}
+	err := doc.GenReSTTree(cmd, "/tmp")
+	if err != nil {
+		log.Fatal(err)
+	}
+}
+```
+
+That will get you a ReST document `/tmp/test.rst`
+
+## Generate ReST docs for the entire command tree
+
+This program can actually generate docs for the kubectl command in the kubernetes project
+
+```go
+package main
+
+import (
+	"log"
+	"io/ioutil"
+	"os"
+
+	"k8s.io/kubernetes/pkg/kubectl/cmd"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+
+	"github.com/spf13/cobra/doc"
+)
+
+func main() {
+	kubectl := cmd.NewKubectlCommand(cmdutil.NewFactory(nil), os.Stdin, ioutil.Discard, ioutil.Discard)
+	err := doc.GenReSTTree(kubectl, "./")
+	if err != nil {
+		log.Fatal(err)
+	}
+}
+```
+
+This will generate a whole series of files, one for each command in the tree, in the directory specified (in this case "./")
+
+## Generate ReST docs for a single command
+
+You may wish to have more control over the output, or only generate for a single command, instead of the entire command tree. If this is the case you may prefer to `GenReST` instead of `GenReSTTree`
+
+```go
+	out := new(bytes.Buffer)
+	err := doc.GenReST(cmd, out)
+	if err != nil {
+		log.Fatal(err)
+	}
+```
+
+This will write the ReST doc for ONLY "cmd" into the out, buffer.
+
+## Customize the output
+
+Both `GenReST` and `GenReSTTree` have alternate versions with callbacks to get some control of the output:
+
+```go
+func GenReSTTreeCustom(cmd *Command, dir string, filePrepender func(string) string, linkHandler func(string, string) string) error {
+	//...
+}
+```
+
+```go
+func GenReSTCustom(cmd *Command, out *bytes.Buffer, linkHandler func(string, string) string) error {
+	//...
+}
+```
+
+The `filePrepender` will prepend the return value given the full filepath to the rendered ReST file. A common use case is to add front matter to use the generated documentation with [Hugo](http://gohugo.io/):
+
+```go
+const fmTemplate = `---
+date: %s
+title: "%s"
+slug: %s
+url: %s
+---
+`
+filePrepender := func(filename string) string {
+	now := time.Now().Format(time.RFC3339)
+	name := filepath.Base(filename)
+	base := strings.TrimSuffix(name, path.Ext(name))
+	url := "/commands/" + strings.ToLower(base) + "/"
+	return fmt.Sprintf(fmTemplate, now, strings.Replace(base, "_", " ", -1), base, url)
+}
+```
+
+The `linkHandler` can be used to customize the rendered links to the commands, given a command name and reference. This is useful while converting rst to html or while generating documentation with tools like Sphinx where `:ref:` is used:
+
+```go
+// Sphinx cross-referencing format
+linkHandler := func(name, ref string) string {
+    return fmt.Sprintf(":ref:`%s <%s>`", name, ref)
+}
+```
diff --git a/vendor/github.com/spf13/cobra/doc/util.go b/vendor/github.com/spf13/cobra/doc/util.go
index a1c6b89ba6cb..8d3dbecec829 100644
--- a/vendor/github.com/spf13/cobra/doc/util.go
+++ b/vendor/github.com/spf13/cobra/doc/util.go
@@ -13,7 +13,11 @@
 
 package doc
 
-import "github.com/spf13/cobra"
+import (
+	"strings"
+
+	"github.com/spf13/cobra"
+)
 
 // Test to see if we have a reason to print See Also information in docs
 // Basically this is a test for a parent commend or a subcommand which is
@@ -23,7 +27,7 @@ func hasSeeAlso(cmd *cobra.Command) bool {
 		return true
 	}
 	for _, c := range cmd.Commands() {
-		if !c.IsAvailableCommand() || c.IsHelpCommand() {
+		if !c.IsAvailableCommand() || c.IsAdditionalHelpTopicCommand() {
 			continue
 		}
 		return true
@@ -31,6 +35,15 @@ func hasSeeAlso(cmd *cobra.Command) bool {
 	return false
 }
 
+// Temporary workaround for yaml lib generating incorrect yaml with long strings
+// that do not contain \n.
+func forceMultiLine(s string) string {
+	if len(s) > 60 && !strings.Contains(s, "\n") {
+		s = s + "\n"
+	}
+	return s
+}
+
 type byName []*cobra.Command
 
 func (s byName) Len() int           { return len(s) }
diff --git a/vendor/github.com/spf13/cobra/doc/yaml_docs.go b/vendor/github.com/spf13/cobra/doc/yaml_docs.go
new file mode 100644
index 000000000000..ea00af07e817
--- /dev/null
+++ b/vendor/github.com/spf13/cobra/doc/yaml_docs.go
@@ -0,0 +1,169 @@
+// Copyright 2016 French Ben. All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package doc
+
+import (
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+	"sort"
+	"strings"
+
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+	"gopkg.in/yaml.v2"
+)
+
+type cmdOption struct {
+	Name         string
+	Shorthand    string `yaml:",omitempty"`
+	DefaultValue string `yaml:"default_value,omitempty"`
+	Usage        string `yaml:",omitempty"`
+}
+
+type cmdDoc struct {
+	Name             string
+	Synopsis         string      `yaml:",omitempty"`
+	Description      string      `yaml:",omitempty"`
+	Options          []cmdOption `yaml:",omitempty"`
+	InheritedOptions []cmdOption `yaml:"inherited_options,omitempty"`
+	Example          string      `yaml:",omitempty"`
+	SeeAlso          []string    `yaml:"see_also,omitempty"`
+}
+
+// GenYamlTree creates yaml structured ref files for this command and all descendants
+// in the directory given. This function may not work
+// correctly if your command names have `-` in them. If you have `cmd` with two
+// subcmds, `sub` and `sub-third`, and `sub` has a subcommand called `third`
+// it is undefined which help output will be in the file `cmd-sub-third.1`.
+func GenYamlTree(cmd *cobra.Command, dir string) error {
+	identity := func(s string) string { return s }
+	emptyStr := func(s string) string { return "" }
+	return GenYamlTreeCustom(cmd, dir, emptyStr, identity)
+}
+
+// GenYamlTreeCustom creates yaml structured ref files.
+func GenYamlTreeCustom(cmd *cobra.Command, dir string, filePrepender, linkHandler func(string) string) error {
+	for _, c := range cmd.Commands() {
+		if !c.IsAvailableCommand() || c.IsAdditionalHelpTopicCommand() {
+			continue
+		}
+		if err := GenYamlTreeCustom(c, dir, filePrepender, linkHandler); err != nil {
+			return err
+		}
+	}
+
+	basename := strings.Replace(cmd.CommandPath(), " ", "_", -1) + ".yaml"
+	filename := filepath.Join(dir, basename)
+	f, err := os.Create(filename)
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+
+	if _, err := io.WriteString(f, filePrepender(filename)); err != nil {
+		return err
+	}
+	if err := GenYamlCustom(cmd, f, linkHandler); err != nil {
+		return err
+	}
+	return nil
+}
+
+// GenYaml creates yaml output.
+func GenYaml(cmd *cobra.Command, w io.Writer) error {
+	return GenYamlCustom(cmd, w, func(s string) string { return s })
+}
+
+// GenYamlCustom creates custom yaml output.
+func GenYamlCustom(cmd *cobra.Command, w io.Writer, linkHandler func(string) string) error {
+	cmd.InitDefaultHelpCmd()
+	cmd.InitDefaultHelpFlag()
+
+	yamlDoc := cmdDoc{}
+	yamlDoc.Name = cmd.CommandPath()
+
+	yamlDoc.Synopsis = forceMultiLine(cmd.Short)
+	yamlDoc.Description = forceMultiLine(cmd.Long)
+
+	if len(cmd.Example) > 0 {
+		yamlDoc.Example = cmd.Example
+	}
+
+	flags := cmd.NonInheritedFlags()
+	if flags.HasFlags() {
+		yamlDoc.Options = genFlagResult(flags)
+	}
+	flags = cmd.InheritedFlags()
+	if flags.HasFlags() {
+		yamlDoc.InheritedOptions = genFlagResult(flags)
+	}
+
+	if hasSeeAlso(cmd) {
+		result := []string{}
+		if cmd.HasParent() {
+			parent := cmd.Parent()
+			result = append(result, parent.CommandPath()+" - "+parent.Short)
+		}
+		children := cmd.Commands()
+		sort.Sort(byName(children))
+		for _, child := range children {
+			if !child.IsAvailableCommand() || child.IsAdditionalHelpTopicCommand() {
+				continue
+			}
+			result = append(result, child.Name()+" - "+child.Short)
+		}
+		yamlDoc.SeeAlso = result
+	}
+
+	final, err := yaml.Marshal(&yamlDoc)
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(1)
+	}
+
+	if _, err := w.Write(final); err != nil {
+		return err
+	}
+	return nil
+}
+
+func genFlagResult(flags *pflag.FlagSet) []cmdOption {
+	var result []cmdOption
+
+	flags.VisitAll(func(flag *pflag.Flag) {
+		// Todo, when we mark a shorthand is deprecated, but specify an empty message.
+		// The flag.ShorthandDeprecated is empty as the shorthand is deprecated.
+		// Using len(flag.ShorthandDeprecated) > 0 can't handle this, others are ok.
+		if !(len(flag.ShorthandDeprecated) > 0) && len(flag.Shorthand) > 0 {
+			opt := cmdOption{
+				flag.Name,
+				flag.Shorthand,
+				flag.DefValue,
+				forceMultiLine(flag.Usage),
+			}
+			result = append(result, opt)
+		} else {
+			opt := cmdOption{
+				Name:         flag.Name,
+				DefaultValue: forceMultiLine(flag.DefValue),
+				Usage:        forceMultiLine(flag.Usage),
+			}
+			result = append(result, opt)
+		}
+	})
+
+	return result
+}
diff --git a/vendor/github.com/spf13/cobra/doc/yaml_docs.md b/vendor/github.com/spf13/cobra/doc/yaml_docs.md
new file mode 100644
index 000000000000..1a9b7c6a3c9d
--- /dev/null
+++ b/vendor/github.com/spf13/cobra/doc/yaml_docs.md
@@ -0,0 +1,112 @@
+# Generating Yaml Docs For Your Own cobra.Command
+
+Generating yaml files from a cobra command is incredibly easy. An example is as follows:
+
+```go
+package main
+
+import (
+	"log"
+
+	"github.com/spf13/cobra"
+	"github.com/spf13/cobra/doc"
+)
+
+func main() {
+	cmd := &cobra.Command{
+		Use:   "test",
+		Short: "my test program",
+	}
+	err := doc.GenYamlTree(cmd, "/tmp")
+	if err != nil {
+		log.Fatal(err)
+	}
+}
+```
+
+That will get you a Yaml document `/tmp/test.yaml`
+
+## Generate yaml docs for the entire command tree
+
+This program can actually generate docs for the kubectl command in the kubernetes project
+
+```go
+package main
+
+import (
+	"io/ioutil"
+	"log"
+	"os"
+
+	"k8s.io/kubernetes/pkg/kubectl/cmd"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+
+	"github.com/spf13/cobra/doc"
+)
+
+func main() {
+	kubectl := cmd.NewKubectlCommand(cmdutil.NewFactory(nil), os.Stdin, ioutil.Discard, ioutil.Discard)
+	err := doc.GenYamlTree(kubectl, "./")
+	if err != nil {
+		log.Fatal(err)
+	}
+}
+```
+
+This will generate a whole series of files, one for each command in the tree, in the directory specified (in this case "./")
+
+## Generate yaml docs for a single command
+
+You may wish to have more control over the output, or only generate for a single command, instead of the entire command tree. If this is the case you may prefer to `GenYaml` instead of `GenYamlTree`
+
+```go
+	out := new(bytes.Buffer)
+	doc.GenYaml(cmd, out)
+```
+
+This will write the yaml doc for ONLY "cmd" into the out, buffer.
+
+## Customize the output
+
+Both `GenYaml` and `GenYamlTree` have alternate versions with callbacks to get some control of the output:
+
+```go
+func GenYamlTreeCustom(cmd *Command, dir string, filePrepender, linkHandler func(string) string) error {
+	//...
+}
+```
+
+```go
+func GenYamlCustom(cmd *Command, out *bytes.Buffer, linkHandler func(string) string) error {
+	//...
+}
+```
+
+The `filePrepender` will prepend the return value given the full filepath to the rendered Yaml file. A common use case is to add front matter to use the generated documentation with [Hugo](http://gohugo.io/):
+
+```go
+const fmTemplate = `---
+date: %s
+title: "%s"
+slug: %s
+url: %s
+---
+`
+
+filePrepender := func(filename string) string {
+	now := time.Now().Format(time.RFC3339)
+	name := filepath.Base(filename)
+	base := strings.TrimSuffix(name, path.Ext(name))
+	url := "/commands/" + strings.ToLower(base) + "/"
+	return fmt.Sprintf(fmTemplate, now, strings.Replace(base, "_", " ", -1), base, url)
+}
+```
+
+The `linkHandler` can be used to customize the rendered internal links to the commands, given a filename:
+
+```go
+linkHandler := func(name string) string {
+	base := strings.TrimSuffix(name, path.Ext(name))
+	return "/commands/" + strings.ToLower(base) + "/"
+}
+```
diff --git a/vendor/github.com/spf13/cobra/zsh_completions.go b/vendor/github.com/spf13/cobra/zsh_completions.go
new file mode 100644
index 000000000000..889c22e273c4
--- /dev/null
+++ b/vendor/github.com/spf13/cobra/zsh_completions.go
@@ -0,0 +1,126 @@
+package cobra
+
+import (
+	"bytes"
+	"fmt"
+	"io"
+	"os"
+	"strings"
+)
+
+// GenZshCompletionFile generates zsh completion file.
+func (c *Command) GenZshCompletionFile(filename string) error {
+	outFile, err := os.Create(filename)
+	if err != nil {
+		return err
+	}
+	defer outFile.Close()
+
+	return c.GenZshCompletion(outFile)
+}
+
+// GenZshCompletion generates a zsh completion file and writes to the passed writer.
+func (c *Command) GenZshCompletion(w io.Writer) error {
+	buf := new(bytes.Buffer)
+
+	writeHeader(buf, c)
+	maxDepth := maxDepth(c)
+	writeLevelMapping(buf, maxDepth)
+	writeLevelCases(buf, maxDepth, c)
+
+	_, err := buf.WriteTo(w)
+	return err
+}
+
+func writeHeader(w io.Writer, cmd *Command) {
+	fmt.Fprintf(w, "#compdef %s\n\n", cmd.Name())
+}
+
+func maxDepth(c *Command) int {
+	if len(c.Commands()) == 0 {
+		return 0
+	}
+	maxDepthSub := 0
+	for _, s := range c.Commands() {
+		subDepth := maxDepth(s)
+		if subDepth > maxDepthSub {
+			maxDepthSub = subDepth
+		}
+	}
+	return 1 + maxDepthSub
+}
+
+func writeLevelMapping(w io.Writer, numLevels int) {
+	fmt.Fprintln(w, `_arguments \`)
+	for i := 1; i <= numLevels; i++ {
+		fmt.Fprintf(w, `  '%d: :->level%d' \`, i, i)
+		fmt.Fprintln(w)
+	}
+	fmt.Fprintf(w, `  '%d: :%s'`, numLevels+1, "_files")
+	fmt.Fprintln(w)
+}
+
+func writeLevelCases(w io.Writer, maxDepth int, root *Command) {
+	fmt.Fprintln(w, "case $state in")
+	defer fmt.Fprintln(w, "esac")
+
+	for i := 1; i <= maxDepth; i++ {
+		fmt.Fprintf(w, "  level%d)\n", i)
+		writeLevel(w, root, i)
+		fmt.Fprintln(w, "  ;;")
+	}
+	fmt.Fprintln(w, "  *)")
+	fmt.Fprintln(w, "    _arguments '*: :_files'")
+	fmt.Fprintln(w, "  ;;")
+}
+
+func writeLevel(w io.Writer, root *Command, i int) {
+	fmt.Fprintf(w, "    case $words[%d] in\n", i)
+	defer fmt.Fprintln(w, "    esac")
+
+	commands := filterByLevel(root, i)
+	byParent := groupByParent(commands)
+
+	for p, c := range byParent {
+		names := names(c)
+		fmt.Fprintf(w, "      %s)\n", p)
+		fmt.Fprintf(w, "        _arguments '%d: :(%s)'\n", i, strings.Join(names, " "))
+		fmt.Fprintln(w, "      ;;")
+	}
+	fmt.Fprintln(w, "      *)")
+	fmt.Fprintln(w, "        _arguments '*: :_files'")
+	fmt.Fprintln(w, "      ;;")
+
+}
+
+func filterByLevel(c *Command, l int) []*Command {
+	cs := make([]*Command, 0)
+	if l == 0 {
+		cs = append(cs, c)
+		return cs
+	}
+	for _, s := range c.Commands() {
+		cs = append(cs, filterByLevel(s, l-1)...)
+	}
+	return cs
+}
+
+func groupByParent(commands []*Command) map[string][]*Command {
+	m := make(map[string][]*Command)
+	for _, c := range commands {
+		parent := c.Parent()
+		if parent == nil {
+			continue
+		}
+		m[parent.Name()] = append(m[parent.Name()], c)
+	}
+	return m
+}
+
+func names(commands []*Command) []string {
+	ns := make([]string, len(commands))
+	for i, c := range commands {
+		ns[i] = c.Name()
+	}
+	return ns
+}
diff --git a/vendor/github.com/spf13/pflag/.travis.yml b/vendor/github.com/spf13/pflag/.travis.yml
index 707bdc39a7f1..f8a63b308ba5 100644
--- a/vendor/github.com/spf13/pflag/.travis.yml
+++ b/vendor/github.com/spf13/pflag/.travis.yml
@@ -3,18 +3,19 @@ sudo: false
 language: go
 
 go:
-        - 1.6.3
-        - 1.7.3
-        - tip
+  - 1.7.3
+  - 1.8.1
+  - tip
 
 matrix:
-        allow_failures:
-                  - go: tip
+  allow_failures:
+    - go: tip
+
 install:
-        - go get github.com/golang/lint/golint
-        - export PATH=$GOPATH/bin:$PATH
-        - go install ./...
+  - go get github.com/golang/lint/golint
+  - export PATH=$GOPATH/bin:$PATH
+  - go install ./...
 
 script:
-        - verify/all.sh -v
-        - go test ./...
+  - verify/all.sh -v
+  - go test ./...
diff --git a/vendor/github.com/spf13/pflag/README.md b/vendor/github.com/spf13/pflag/README.md
index eefb46dec83e..b052414d1295 100644
--- a/vendor/github.com/spf13/pflag/README.md
+++ b/vendor/github.com/spf13/pflag/README.md
@@ -246,6 +246,25 @@ It is possible to mark a flag as hidden, meaning it will still function as norma
 flags.MarkHidden("secretFlag")
 ```
 
+## Disable sorting of flags
+`pflag` allows you to disable sorting of flags for help and usage message.
+
+**Example**:
+```go
+flags.BoolP("verbose", "v", false, "verbose output")
+flags.String("coolflag", "yeaah", "it's really cool flag")
+flags.Int("usefulflag", 777, "sometimes it's very useful")
+flags.SortFlags = false
+flags.PrintDefaults()
+```
+**Output**:
+```
+  -v, --verbose           verbose output
+      --coolflag string   it's really cool flag (default "yeaah")
+      --usefulflag int    sometimes it's very useful (default 777)
+```
+
+
 ## Supporting Go flags when using pflag
 In order to support flags defined using Go's `flag` package, they must be added to the `pflag` flagset. This is usually necessary
 to support flags defined by third-party dependencies (e.g. `golang/glog`).
@@ -270,8 +289,8 @@ func main() {
 You can see the full reference documentation of the pflag package
 [at godoc.org][3], or through go's standard documentation system by
 running `godoc -http=:6060` and browsing to
-[http://localhost:6060/pkg/github.com/ogier/pflag][2] after
+[http://localhost:6060/pkg/github.com/spf13/pflag][2] after
 installation.
 
-[2]: http://localhost:6060/pkg/github.com/ogier/pflag
-[3]: http://godoc.org/github.com/ogier/pflag
+[2]: http://localhost:6060/pkg/github.com/spf13/pflag
+[3]: http://godoc.org/github.com/spf13/pflag
diff --git a/vendor/github.com/spf13/pflag/count.go b/vendor/github.com/spf13/pflag/count.go
index d22be41f29f5..aa126e44d1c8 100644
--- a/vendor/github.com/spf13/pflag/count.go
+++ b/vendor/github.com/spf13/pflag/count.go
@@ -11,13 +11,13 @@ func newCountValue(val int, p *int) *countValue {
 }
 
 func (i *countValue) Set(s string) error {
-	v, err := strconv.ParseInt(s, 0, 64)
-	// -1 means that no specific value was passed, so increment
-	if v == -1 {
+	// "+1" means that no specific value was passed, so increment
+	if s == "+1" {
 		*i = countValue(*i + 1)
-	} else {
-		*i = countValue(v)
+		return nil
 	}
+	v, err := strconv.ParseInt(s, 0, 0)
+	*i = countValue(v)
 	return err
 }
 
@@ -54,7 +54,7 @@ func (f *FlagSet) CountVar(p *int, name string, usage string) {
 // CountVarP is like CountVar only take a shorthand for the flag name.
 func (f *FlagSet) CountVarP(p *int, name, shorthand string, usage string) {
 	flag := f.VarPF(newCountValue(0, p), name, shorthand, usage)
-	flag.NoOptDefVal = "-1"
+	flag.NoOptDefVal = "+1"
 }
 
 // CountVar like CountVar only the flag is placed on the CommandLine instead of a given flag set
@@ -83,7 +83,9 @@ func (f *FlagSet) CountP(name, shorthand string, usage string) *int {
 	return p
 }
 
-// Count like Count only the flag is placed on the CommandLine isntead of a given flag set
+// Count defines a count flag with specified name, default value, and usage string.
+// The return value is the address of an int variable that stores the value of the flag.
+// A count flag will add 1 to its value evey time it is found on the command line
 func Count(name string, usage string) *int {
 	return CommandLine.CountP(name, "", usage)
 }
diff --git a/vendor/github.com/spf13/pflag/flag.go b/vendor/github.com/spf13/pflag/flag.go
index 746af6327e4b..28538c0750ba 100644
--- a/vendor/github.com/spf13/pflag/flag.go
+++ b/vendor/github.com/spf13/pflag/flag.go
@@ -16,9 +16,9 @@ pflag is a drop-in replacement of Go's native flag package. If you import
 pflag under the name "flag" then all code should continue to function
 with no changes.
 
-	import flag "github.com/ogier/pflag"
+	import flag "github.com/spf13/pflag"
 
-	There is one exception to this: if you directly instantiate the Flag struct
+There is one exception to this: if you directly instantiate the Flag struct
 there is one more field "Shorthand" that you will need to set.
 Most code never instantiates this struct directly, and instead uses
 functions such as String(), BoolVar(), and Var(), and is therefore
@@ -134,14 +134,21 @@ type FlagSet struct {
 	// a custom error handler.
 	Usage func()
 
+	// SortFlags is used to indicate, if user wants to have sorted flags in
+	// help/usage messages.
+	SortFlags bool
+
 	name              string
 	parsed            bool
 	actual            map[NormalizedName]*Flag
+	orderedActual     []*Flag
+	sortedActual      []*Flag
 	formal            map[NormalizedName]*Flag
+	orderedFormal     []*Flag
+	sortedFormal      []*Flag
 	shorthands        map[byte]*Flag
 	args              []string // arguments after flags
 	argsLenAtDash     int      // len(args) when a '--' was located when parsing, or -1 if no --
-	exitOnError       bool     // does the program exit if there's an error?
 	errorHandling     ErrorHandling
 	output            io.Writer // nil means stderr; use out() accessor
 	interspersed      bool      // allow interspersed option/non-option args
@@ -156,7 +163,7 @@ type Flag struct {
 	Value               Value               // value as set
 	DefValue            string              // default value (as text); for usage message
 	Changed             bool                // If the user set the value (or if left to default)
-	NoOptDefVal         string              //default value (as text); if the flag is on the command line without any options
+	NoOptDefVal         string              // default value (as text); if the flag is on the command line without any options
 	Deprecated          string              // If this flag is deprecated, this string is the new or now thing to use
 	Hidden              bool                // used by cobra.Command to allow flags to be hidden from help/usage text
 	ShorthandDeprecated string              // If the shorthand of this flag is deprecated, this string is the new or now thing to use
@@ -194,11 +201,19 @@ func sortFlags(flags map[NormalizedName]*Flag) []*Flag {
 // "--getUrl" which may also be translated to "geturl" and everything will work.
 func (f *FlagSet) SetNormalizeFunc(n func(f *FlagSet, name string) NormalizedName) {
 	f.normalizeNameFunc = n
-	for k, v := range f.formal {
-		delete(f.formal, k)
-		nname := f.normalizeFlagName(string(k))
-		f.formal[nname] = v
-		v.Name = string(nname)
+	f.sortedFormal = f.sortedFormal[:0]
+	for fname, flag := range f.formal {
+		nname := f.normalizeFlagName(flag.Name)
+		if fname == nname {
+			continue
+		}
+		flag.Name = string(nname)
+		delete(f.formal, fname)
+		f.formal[nname] = flag
+		if _, set := f.actual[fname]; set {
+			delete(f.actual, fname)
+			f.actual[nname] = flag
+		}
 	}
 }
 
@@ -229,10 +244,25 @@ func (f *FlagSet) SetOutput(output io.Writer) {
 	f.output = output
 }
 
-// VisitAll visits the flags in lexicographical order, calling fn for each.
+// VisitAll visits the flags in lexicographical order or
+// in primordial order if f.SortFlags is false, calling fn for each.
 // It visits all flags, even those not set.
 func (f *FlagSet) VisitAll(fn func(*Flag)) {
-	for _, flag := range sortFlags(f.formal) {
+	if len(f.formal) == 0 {
+		return
+	}
+
+	var flags []*Flag
+	if f.SortFlags {
+		if len(f.formal) != len(f.sortedFormal) {
+			f.sortedFormal = sortFlags(f.formal)
+		}
+		flags = f.sortedFormal
+	} else {
+		flags = f.orderedFormal
+	}
+
+	for _, flag := range flags {
 		fn(flag)
 	}
 }
@@ -253,22 +283,39 @@ func (f *FlagSet) HasAvailableFlags() bool {
 	return false
 }
 
-// VisitAll visits the command-line flags in lexicographical order, calling
-// fn for each.  It visits all flags, even those not set.
+// VisitAll visits the command-line flags in lexicographical order or
+// in primordial order if f.SortFlags is false, calling fn for each.
+// It visits all flags, even those not set.
 func VisitAll(fn func(*Flag)) {
 	CommandLine.VisitAll(fn)
 }
 
-// Visit visits the flags in lexicographical order, calling fn for each.
+// Visit visits the flags in lexicographical order or
+// in primordial order if f.SortFlags is false, calling fn for each.
 // It visits only those flags that have been set.
 func (f *FlagSet) Visit(fn func(*Flag)) {
-	for _, flag := range sortFlags(f.actual) {
+	if len(f.actual) == 0 {
+		return
+	}
+
+	var flags []*Flag
+	if f.SortFlags {
+		if len(f.actual) != len(f.sortedActual) {
+			f.sortedActual = sortFlags(f.actual)
+		}
+		flags = f.sortedActual
+	} else {
+		flags = f.orderedActual
+	}
+
+	for _, flag := range flags {
 		fn(flag)
 	}
 }
 
-// Visit visits the command-line flags in lexicographical order, calling fn
-// for each.  It visits only those flags that have been set.
+// Visit visits the command-line flags in lexicographical order or
+// in primordial order if f.SortFlags is false, calling fn for each.
+// It visits only those flags that have been set.
 func Visit(fn func(*Flag)) {
 	CommandLine.Visit(fn)
 }
@@ -278,6 +325,22 @@ func (f *FlagSet) Lookup(name string) *Flag {
 	return f.lookup(f.normalizeFlagName(name))
 }
 
+// ShorthandLookup returns the Flag structure of the short handed flag,
+// returning nil if none exists.
+// It panics, if len(name) > 1.
+func (f *FlagSet) ShorthandLookup(name string) *Flag {
+	if name == "" {
+		return nil
+	}
+	if len(name) > 1 {
+		msg := fmt.Sprintf("can not look up shorthand which is more than one ASCII character: %q", name)
+		fmt.Fprintf(f.out(), msg)
+		panic(msg)
+	}
+	c := name[0]
+	return f.shorthands[c]
+}
+
 // lookup returns the Flag structure of the named flag, returning nil if none exists.
 func (f *FlagSet) lookup(name NormalizedName) *Flag {
 	return f.formal[name]
@@ -319,7 +382,7 @@ func (f *FlagSet) MarkDeprecated(name string, usageMessage string) error {
 	if flag == nil {
 		return fmt.Errorf("flag %q does not exist", name)
 	}
-	if len(usageMessage) == 0 {
+	if usageMessage == "" {
 		return fmt.Errorf("deprecated message for flag %q must be set", name)
 	}
 	flag.Deprecated = usageMessage
@@ -334,7 +397,7 @@ func (f *FlagSet) MarkShorthandDeprecated(name string, usageMessage string) erro
 	if flag == nil {
 		return fmt.Errorf("flag %q does not exist", name)
 	}
-	if len(usageMessage) == 0 {
+	if usageMessage == "" {
 		return fmt.Errorf("deprecated message for flag %q must be set", name)
 	}
 	flag.ShorthandDeprecated = usageMessage
@@ -358,6 +421,12 @@ func Lookup(name string) *Flag {
 	return CommandLine.Lookup(name)
 }
 
+// ShorthandLookup returns the Flag structure of the short handed flag,
+// returning nil if none exists.
+func ShorthandLookup(name string) *Flag {
+	return CommandLine.ShorthandLookup(name)
+}
+
 // Set sets the value of the named flag.
 func (f *FlagSet) Set(name, value string) error {
 	normalName := f.normalizeFlagName(name)
@@ -365,17 +434,30 @@ func (f *FlagSet) Set(name, value string) error {
 	if !ok {
 		return fmt.Errorf("no such flag -%v", name)
 	}
+
 	err := flag.Value.Set(value)
 	if err != nil {
-		return err
+		var flagName string
+		if flag.Shorthand != "" && flag.ShorthandDeprecated == "" {
+			flagName = fmt.Sprintf("-%s, --%s", flag.Shorthand, flag.Name)
+		} else {
+			flagName = fmt.Sprintf("--%s", flag.Name)
+		}
+		return fmt.Errorf("invalid argument %q for %q flag: %v", value, flagName, err)
 	}
-	if f.actual == nil {
-		f.actual = make(map[NormalizedName]*Flag)
+
+	if !flag.Changed {
+		if f.actual == nil {
+			f.actual = make(map[NormalizedName]*Flag)
+		}
+		f.actual[normalName] = flag
+		f.orderedActual = append(f.orderedActual, flag)
+
+		flag.Changed = true
 	}
-	f.actual[normalName] = flag
-	flag.Changed = true
-	if len(flag.Deprecated) > 0 {
-		fmt.Fprintf(os.Stderr, "Flag --%s has been deprecated, %s\n", flag.Name, flag.Deprecated)
+
+	if flag.Deprecated != "" {
+		fmt.Fprintf(f.out(), "Flag --%s has been deprecated, %s\n", flag.Name, flag.Deprecated)
 	}
 	return nil
 }
@@ -482,6 +564,14 @@ func UnquoteUsage(flag *Flag) (name string, usage string) {
 		name = "int"
 	case "uint64":
 		name = "uint"
+	case "stringSlice":
+		name = "strings"
+	case "intSlice":
+		name = "ints"
+	case "uintSlice":
+		name = "uints"
+	case "boolSlice":
+		name = "bools"
 	}
 
 	return
@@ -557,28 +647,28 @@ func wrap(i, w int, s string) string {
 // for all flags in the FlagSet. Wrapped to `cols` columns (0 for no
 // wrapping)
 func (f *FlagSet) FlagUsagesWrapped(cols int) string {
-	x := new(bytes.Buffer)
+	buf := new(bytes.Buffer)
 
 	lines := make([]string, 0, len(f.formal))
 
 	maxlen := 0
 	f.VisitAll(func(flag *Flag) {
-		if len(flag.Deprecated) > 0 || flag.Hidden {
+		if flag.Deprecated != "" || flag.Hidden {
 			return
 		}
 
 		line := ""
-		if len(flag.Shorthand) > 0 && len(flag.ShorthandDeprecated) == 0 {
+		if flag.Shorthand != "" && flag.ShorthandDeprecated == "" {
 			line = fmt.Sprintf("  -%s, --%s", flag.Shorthand, flag.Name)
 		} else {
 			line = fmt.Sprintf("      --%s", flag.Name)
 		}
 
 		varname, usage := UnquoteUsage(flag)
-		if len(varname) > 0 {
+		if varname != "" {
 			line += " " + varname
 		}
-		if len(flag.NoOptDefVal) > 0 {
+		if flag.NoOptDefVal != "" {
 			switch flag.Value.Type() {
 			case "string":
 				line += fmt.Sprintf("[=\"%s\"]", flag.NoOptDefVal)
@@ -586,6 +676,10 @@ func (f *FlagSet) FlagUsagesWrapped(cols int) string {
 				if flag.NoOptDefVal != "true" {
 					line += fmt.Sprintf("[=%s]", flag.NoOptDefVal)
 				}
+			case "count":
+				if flag.NoOptDefVal != "+1" {
+					line += fmt.Sprintf("[=%s]", flag.NoOptDefVal)
+				}
 			default:
 				line += fmt.Sprintf("[=%s]", flag.NoOptDefVal)
 			}
@@ -601,7 +695,7 @@ func (f *FlagSet) FlagUsagesWrapped(cols int) string {
 		line += usage
 		if !flag.defaultIsZeroValue() {
 			if flag.Value.Type() == "string" {
-				line += fmt.Sprintf(" (default \"%s\")", flag.DefValue)
+				line += fmt.Sprintf(" (default %q)", flag.DefValue)
 			} else {
 				line += fmt.Sprintf(" (default %s)", flag.DefValue)
 			}
@@ -614,10 +708,10 @@ func (f *FlagSet) FlagUsagesWrapped(cols int) string {
 		sidx := strings.Index(line, "\x00")
 		spacing := strings.Repeat(" ", maxlen-sidx)
 		// maxlen + 2 comes from + 1 for the \x00 and + 1 for the (deliberate) off-by-one in maxlen-sidx
-		fmt.Fprintln(x, line[:sidx], spacing, wrap(maxlen+2, cols, line[sidx+1:]))
+		fmt.Fprintln(buf, line[:sidx], spacing, wrap(maxlen+2, cols, line[sidx+1:]))
 	}
 
-	return x.String()
+	return buf.String()
 }
 
 // FlagUsages returns a string containing the usage information for all flags in
@@ -714,11 +808,10 @@ func (f *FlagSet) VarP(value Value, name, shorthand, usage string) {
 
 // AddFlag will add the flag to the FlagSet
 func (f *FlagSet) AddFlag(flag *Flag) {
-	// Call normalizeFlagName function only once
 	normalizedFlagName := f.normalizeFlagName(flag.Name)
 
-	_, alreadythere := f.formal[normalizedFlagName]
-	if alreadythere {
+	_, alreadyThere := f.formal[normalizedFlagName]
+	if alreadyThere {
 		msg := fmt.Sprintf("%s flag redefined: %s", f.name, flag.Name)
 		fmt.Fprintln(f.out(), msg)
 		panic(msg) // Happens only if flags are declared with identical names
@@ -729,28 +822,31 @@ func (f *FlagSet) AddFlag(flag *Flag) {
 
 	flag.Name = string(normalizedFlagName)
 	f.formal[normalizedFlagName] = flag
+	f.orderedFormal = append(f.orderedFormal, flag)
 
-	if len(flag.Shorthand) == 0 {
+	if flag.Shorthand == "" {
 		return
 	}
 	if len(flag.Shorthand) > 1 {
-		fmt.Fprintf(f.out(), "%s shorthand more than ASCII character: %s\n", f.name, flag.Shorthand)
-		panic("shorthand is more than one character")
+		msg := fmt.Sprintf("%q shorthand is more than one ASCII character", flag.Shorthand)
+		fmt.Fprintf(f.out(), msg)
+		panic(msg)
 	}
 	if f.shorthands == nil {
 		f.shorthands = make(map[byte]*Flag)
 	}
 	c := flag.Shorthand[0]
-	old, alreadythere := f.shorthands[c]
-	if alreadythere {
-		fmt.Fprintf(f.out(), "%s shorthand reused: %q for %s already used for %s\n", f.name, c, flag.Name, old.Name)
-		panic("shorthand redefinition")
+	used, alreadyThere := f.shorthands[c]
+	if alreadyThere {
+		msg := fmt.Sprintf("unable to redefine %q shorthand in %q flagset: it's already used for %q flag", c, f.name, used.Name)
+		fmt.Fprintf(f.out(), msg)
+		panic(msg)
 	}
 	f.shorthands[c] = flag
 }
 
 // AddFlagSet adds one FlagSet to another. If a flag is already present in f
-// the flag from newSet will be ignored
+// the flag from newSet will be ignored.
 func (f *FlagSet) AddFlagSet(newSet *FlagSet) {
 	if newSet == nil {
 		return
@@ -781,8 +877,10 @@ func VarP(value Value, name, shorthand, usage string) {
 // returns the error.
 func (f *FlagSet) failf(format string, a ...interface{}) error {
 	err := fmt.Errorf(format, a...)
-	fmt.Fprintln(f.out(), err)
-	f.usage()
+	if f.errorHandling != ContinueOnError {
+		fmt.Fprintln(f.out(), err)
+		f.usage()
+	}
 	return err
 }
 
@@ -798,34 +896,6 @@ func (f *FlagSet) usage() {
 	}
 }
 
-func (f *FlagSet) setFlag(flag *Flag, value string, origArg string) error {
-	if err := flag.Value.Set(value); err != nil {
-		return f.failf("invalid argument %q for %s: %v", value, origArg, err)
-	}
-	// mark as visited for Visit()
-	if f.actual == nil {
-		f.actual = make(map[NormalizedName]*Flag)
-	}
-	f.actual[f.normalizeFlagName(flag.Name)] = flag
-	flag.Changed = true
-	if len(flag.Deprecated) > 0 {
-		fmt.Fprintf(os.Stderr, "Flag --%s has been deprecated, %s\n", flag.Name, flag.Deprecated)
-	}
-	if len(flag.ShorthandDeprecated) > 0 && containsShorthand(origArg, flag.Shorthand) {
-		fmt.Fprintf(os.Stderr, "Flag shorthand -%s has been deprecated, %s\n", flag.Shorthand, flag.ShorthandDeprecated)
-	}
-	return nil
-}
-
-func containsShorthand(arg, shorthand string) bool {
-	// filter out flags --<flag_name>
-	if strings.HasPrefix(arg, "-") {
-		return false
-	}
-	arg = strings.SplitN(arg, "=", 2)[0]
-	return strings.Contains(arg, shorthand)
-}
-
 func (f *FlagSet) parseLongArg(s string, args []string, fn parseFunc) (a []string, err error) {
 	a = args
 	name := s[2:]
@@ -833,10 +903,11 @@ func (f *FlagSet) parseLongArg(s string, args []string, fn parseFunc) (a []strin
 		err = f.failf("bad flag syntax: %s", s)
 		return
 	}
+
 	split := strings.SplitN(name, "=", 2)
 	name = split[0]
-	flag, alreadythere := f.formal[f.normalizeFlagName(name)]
-	if !alreadythere {
+	flag, exists := f.formal[f.normalizeFlagName(name)]
+	if !exists {
 		if name == "help" { // special case for nice help message.
 			f.usage()
 			return a, ErrHelp
@@ -844,11 +915,12 @@ func (f *FlagSet) parseLongArg(s string, args []string, fn parseFunc) (a []strin
 		err = f.failf("unknown flag: --%s", name)
 		return
 	}
+
 	var value string
 	if len(split) == 2 {
 		// '--flag=arg'
 		value = split[1]
-	} else if len(flag.NoOptDefVal) > 0 {
+	} else if flag.NoOptDefVal != "" {
 		// '--flag' (arg was optional)
 		value = flag.NoOptDefVal
 	} else if len(a) > 0 {
@@ -860,7 +932,11 @@ func (f *FlagSet) parseLongArg(s string, args []string, fn parseFunc) (a []strin
 		err = f.failf("flag needs an argument: %s", s)
 		return
 	}
-	err = fn(flag, value, s)
+
+	err = fn(flag, value)
+	if err != nil {
+		f.failf(err.Error())
+	}
 	return
 }
 
@@ -868,38 +944,52 @@ func (f *FlagSet) parseSingleShortArg(shorthands string, args []string, fn parse
 	if strings.HasPrefix(shorthands, "test.") {
 		return
 	}
+
 	outArgs = args
 	outShorts = shorthands[1:]
 	c := shorthands[0]
 
-	flag, alreadythere := f.shorthands[c]
-	if !alreadythere {
+	flag, exists := f.shorthands[c]
+	if !exists {
 		if c == 'h' { // special case for nice help message.
 			f.usage()
 			err = ErrHelp
 			return
 		}
-		//TODO continue on error
 		err = f.failf("unknown shorthand flag: %q in -%s", c, shorthands)
 		return
 	}
+
 	var value string
 	if len(shorthands) > 2 && shorthands[1] == '=' {
+		// '-f=arg'
 		value = shorthands[2:]
 		outShorts = ""
-	} else if len(flag.NoOptDefVal) > 0 {
+	} else if flag.NoOptDefVal != "" {
+		// '-f' (arg was optional)
 		value = flag.NoOptDefVal
 	} else if len(shorthands) > 1 {
+		// '-farg'
 		value = shorthands[1:]
 		outShorts = ""
 	} else if len(args) > 0 {
+		// '-f arg'
 		value = args[0]
 		outArgs = args[1:]
 	} else {
+		// '-f' (arg was required)
 		err = f.failf("flag needs an argument: %q in -%s", c, shorthands)
 		return
 	}
-	err = fn(flag, value, shorthands)
+
+	if flag.ShorthandDeprecated != "" {
+		fmt.Fprintf(f.out(), "Flag shorthand -%s has been deprecated, %s\n", flag.Shorthand, flag.ShorthandDeprecated)
+	}
+
+	err = fn(flag, value)
+	if err != nil {
+		f.failf(err.Error())
+	}
 	return
 }
 
@@ -907,6 +997,7 @@ func (f *FlagSet) parseShortArg(s string, args []string, fn parseFunc) (a []stri
 	a = args
 	shorthands := s[1:]
 
+	// "shorthands" can be a series of shorthand letters of flags (e.g. "-vvv").
 	for len(shorthands) > 0 {
 		shorthands, a, err = f.parseSingleShortArg(shorthands, args, fn)
 		if err != nil {
@@ -954,18 +1045,24 @@ func (f *FlagSet) parseArgs(args []string, fn parseFunc) (err error) {
 // The return value will be ErrHelp if -help was set but not defined.
 func (f *FlagSet) Parse(arguments []string) error {
 	f.parsed = true
+
+	if len(arguments) < 0 {
+		return nil
+	}
+
 	f.args = make([]string, 0, len(arguments))
 
-	assign := func(flag *Flag, value, origArg string) error {
-		return f.setFlag(flag, value, origArg)
+	set := func(flag *Flag, value string) error {
+		return f.Set(flag.Name, value)
 	}
 
-	err := f.parseArgs(arguments, assign)
+	err := f.parseArgs(arguments, set)
 	if err != nil {
 		switch f.errorHandling {
 		case ContinueOnError:
 			return err
 		case ExitOnError:
+			fmt.Println(err)
 			os.Exit(2)
 		case PanicOnError:
 			panic(err)
@@ -974,7 +1071,7 @@ func (f *FlagSet) Parse(arguments []string) error {
 	return nil
 }
 
-type parseFunc func(flag *Flag, value, origArg string) error
+type parseFunc func(flag *Flag, value string) error
 
 // ParseAll parses flag definitions from the argument list, which should not
 // include the command name. The arguments for fn are flag and value. Must be
@@ -985,11 +1082,7 @@ func (f *FlagSet) ParseAll(arguments []string, fn func(flag *Flag, value string)
 	f.parsed = true
 	f.args = make([]string, 0, len(arguments))
 
-	assign := func(flag *Flag, value, origArg string) error {
-		return fn(flag, value)
-	}
-
-	err := f.parseArgs(arguments, assign)
+	err := f.parseArgs(arguments, fn)
 	if err != nil {
 		switch f.errorHandling {
 		case ContinueOnError:
@@ -1036,14 +1129,15 @@ func Parsed() bool {
 // CommandLine is the default set of command-line flags, parsed from os.Args.
 var CommandLine = NewFlagSet(os.Args[0], ExitOnError)
 
-// NewFlagSet returns a new, empty flag set with the specified name and
-// error handling property.
+// NewFlagSet returns a new, empty flag set with the specified name,
+// error handling property and SortFlags set to true.
 func NewFlagSet(name string, errorHandling ErrorHandling) *FlagSet {
 	f := &FlagSet{
 		name:          name,
 		errorHandling: errorHandling,
 		argsLenAtDash: -1,
 		interspersed:  true,
+		SortFlags:     true,
 	}
 	return f
 }
diff --git a/vendor/github.com/spf13/pflag/int16.go b/vendor/github.com/spf13/pflag/int16.go
new file mode 100644
index 000000000000..f1a01d05e694
--- /dev/null
+++ b/vendor/github.com/spf13/pflag/int16.go
@@ -0,0 +1,88 @@
+package pflag
+
+import "strconv"
+
+// -- int16 Value
+type int16Value int16
+
+func newInt16Value(val int16, p *int16) *int16Value {
+	*p = val
+	return (*int16Value)(p)
+}
+
+func (i *int16Value) Set(s string) error {
+	v, err := strconv.ParseInt(s, 0, 16)
+	*i = int16Value(v)
+	return err
+}
+
+func (i *int16Value) Type() string {
+	return "int16"
+}
+
+func (i *int16Value) String() string { return strconv.FormatInt(int64(*i), 10) }
+
+func int16Conv(sval string) (interface{}, error) {
+	v, err := strconv.ParseInt(sval, 0, 16)
+	if err != nil {
+		return 0, err
+	}
+	return int16(v), nil
+}
+
+// GetInt16 returns the int16 value of a flag with the given name
+func (f *FlagSet) GetInt16(name string) (int16, error) {
+	val, err := f.getFlagType(name, "int16", int16Conv)
+	if err != nil {
+		return 0, err
+	}
+	return val.(int16), nil
+}
+
+// Int16Var defines an int16 flag with specified name, default value, and usage string.
+// The argument p points to an int16 variable in which to store the value of the flag.
+func (f *FlagSet) Int16Var(p *int16, name string, value int16, usage string) {
+	f.VarP(newInt16Value(value, p), name, "", usage)
+}
+
+// Int16VarP is like Int16Var, but accepts a shorthand letter that can be used after a single dash.
+func (f *FlagSet) Int16VarP(p *int16, name, shorthand string, value int16, usage string) {
+	f.VarP(newInt16Value(value, p), name, shorthand, usage)
+}
+
+// Int16Var defines an int16 flag with specified name, default value, and usage string.
+// The argument p points to an int16 variable in which to store the value of the flag.
+func Int16Var(p *int16, name string, value int16, usage string) {
+	CommandLine.VarP(newInt16Value(value, p), name, "", usage)
+}
+
+// Int16VarP is like Int16Var, but accepts a shorthand letter that can be used after a single dash.
+func Int16VarP(p *int16, name, shorthand string, value int16, usage string) {
+	CommandLine.VarP(newInt16Value(value, p), name, shorthand, usage)
+}
+
+// Int16 defines an int16 flag with specified name, default value, and usage string.
+// The return value is the address of an int16 variable that stores the value of the flag.
+func (f *FlagSet) Int16(name string, value int16, usage string) *int16 {
+	p := new(int16)
+	f.Int16VarP(p, name, "", value, usage)
+	return p
+}
+
+// Int16P is like Int16, but accepts a shorthand letter that can be used after a single dash.
+func (f *FlagSet) Int16P(name, shorthand string, value int16, usage string) *int16 {
+	p := new(int16)
+	f.Int16VarP(p, name, shorthand, value, usage)
+	return p
+}
+
+// Int16 defines an int16 flag with specified name, default value, and usage string.
+// The return value is the address of an int16 variable that stores the value of the flag.
+func Int16(name string, value int16, usage string) *int16 {
+	return CommandLine.Int16P(name, "", value, usage)
+}
+
+// Int16P is like Int16, but accepts a shorthand letter that can be used after a single dash.
+func Int16P(name, shorthand string, value int16, usage string) *int16 {
+	return CommandLine.Int16P(name, shorthand, value, usage)
+}
diff --git a/vendor/github.com/square/go-jose/README.md b/vendor/github.com/square/go-jose/README.md
deleted file mode 100644
index 60293ffa26bf..000000000000
--- a/vendor/github.com/square/go-jose/README.md
+++ /dev/null
@@ -1,212 +0,0 @@
-# Go JOSE 
-
-[![godoc](http://img.shields.io/badge/godoc-reference-blue.svg?style=flat)](https://godoc.org/gopkg.in/square/go-jose.v1) [![license](http://img.shields.io/badge/license-apache_2.0-blue.svg?style=flat)](https://raw.githubusercontent.com/square/go-jose/master/LICENSE)
-[![release](https://img.shields.io/github/release/square/go-jose.svg?style=flat)](https://github.com/square/go-jose/releases)
-[![build](https://travis-ci.org/square/go-jose.svg?branch=master)](https://travis-ci.org/square/go-jose)
-[![coverage](https://coveralls.io/repos/github/square/go-jose/badge.svg?branch=master)](https://coveralls.io/r/square/go-jose)
-
-Package jose aims to provide an implementation of the Javascript Object Signing
-and Encryption set of standards. For the moment, it mainly focuses on encryption
-and signing based on the JSON Web Encryption and JSON Web Signature standards.
-
-**Disclaimer**: This library contains encryption software that is subject to
-the U.S. Export Administration Regulations. You may not export, re-export,
-transfer or download this code or any part of it in violation of any United
-States law, directive or regulation. In particular this software may not be
-exported or re-exported in any form or on any media to Iran, North Sudan,
-Syria, Cuba, or North Korea, or to denied persons or entities mentioned on any
-US maintained blocked list.
-
-## Overview
-
-The implementation follows the
-[JSON Web Encryption](http://dx.doi.org/10.17487/RFC7516)
-standard (RFC 7516) and
-[JSON Web Signature](http://dx.doi.org/10.17487/RFC7515)
-standard (RFC 7515). Tables of supported algorithms are shown below.
-The library supports both the compact and full serialization formats, and has
-optional support for multiple recipients. It also comes with a small
-command-line utility
-([`jose-util`](https://github.com/square/go-jose/tree/master/jose-util))
-for dealing with JOSE messages in a shell.
-
-**Note**: We use a forked version of the `encoding/json` package from the Go
-standard library which uses case-sensitive matching for member names (instead
-of [case-insensitive matching](https://www.ietf.org/mail-archive/web/json/current/msg03763.html)).
-This is to avoid differences in interpretation of messages between go-jose and
-libraries in other languages. If you do not like this behavior, you can use the
-`std_json` build tag to disable it (though we do not recommend doing so).
-
-### Versions
-
-We use [gopkg.in](https://gopkg.in) for versioning.
-
-[Version 1](https://gopkg.in/square/go-jose.v1) is the current stable version:
-
-    import "gopkg.in/square/go-jose.v1"
-
-The interface for [go-jose.v1](https://gopkg.in/square/go-jose.v1) will remain
-backwards compatible. We're currently sketching out ideas for a new version, to
-clean up the interface a bit. If you have ideas or feature requests [please let
-us know](https://github.com/square/go-jose/issues/64)!
-
-### Supported algorithms
-
-See below for a table of supported algorithms. Algorithm identifiers match
-the names in the
-[JSON Web Algorithms](http://dx.doi.org/10.17487/RFC7518)
-standard where possible. The
-[Godoc reference](https://godoc.org/github.com/square/go-jose#pkg-constants)
-has a list of constants.
-
- Key encryption             | Algorithm identifier(s)
- :------------------------- | :------------------------------
- RSA-PKCS#1v1.5             | RSA1_5
- RSA-OAEP                   | RSA-OAEP, RSA-OAEP-256
- AES key wrap               | A128KW, A192KW, A256KW
- AES-GCM key wrap           | A128GCMKW, A192GCMKW, A256GCMKW
- ECDH-ES + AES key wrap     | ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW
- ECDH-ES (direct)           | ECDH-ES<sup>1</sup>
- Direct encryption          | dir<sup>1</sup>
-
-<sup>1. Not supported in multi-recipient mode</sup>
-
- Signing / MAC              | Algorithm identifier(s)
- :------------------------- | :------------------------------
- RSASSA-PKCS#1v1.5          | RS256, RS384, RS512
- RSASSA-PSS                 | PS256, PS384, PS512
- HMAC                       | HS256, HS384, HS512
- ECDSA                      | ES256, ES384, ES512
-
- Content encryption         | Algorithm identifier(s)
- :------------------------- | :------------------------------
- AES-CBC+HMAC               | A128CBC-HS256, A192CBC-HS384, A256CBC-HS512
- AES-GCM                    | A128GCM, A192GCM, A256GCM 
-
- Compression                | Algorithm identifiers(s)
- :------------------------- | -------------------------------
- DEFLATE (RFC 1951)         | DEF
-
-### Supported key types
-
-See below for a table of supported key types. These are understood by the
-library, and can be passed to corresponding functions such as `NewEncrypter` or
-`NewSigner`. Note that if you are creating a new encrypter or signer with a
-JsonWebKey, the key id of the JsonWebKey (if present) will be added to any
-resulting messages.
-
- Algorithm(s)               | Corresponding types
- :------------------------- | -------------------------------
- RSA                        | *[rsa.PublicKey](http://golang.org/pkg/crypto/rsa/#PublicKey), *[rsa.PrivateKey](http://golang.org/pkg/crypto/rsa/#PrivateKey), *[jose.JsonWebKey](https://godoc.org/github.com/square/go-jose#JsonWebKey)
- ECDH, ECDSA                | *[ecdsa.PublicKey](http://golang.org/pkg/crypto/ecdsa/#PublicKey), *[ecdsa.PrivateKey](http://golang.org/pkg/crypto/ecdsa/#PrivateKey), *[jose.JsonWebKey](https://godoc.org/github.com/square/go-jose#JsonWebKey)
- AES, HMAC                  | []byte, *[jose.JsonWebKey](https://godoc.org/github.com/square/go-jose#JsonWebKey)
-
-## Examples
-
-Encryption/decryption example using RSA:
-
-```Go
-// Generate a public/private key pair to use for this example. The library
-// also provides two utility functions (LoadPublicKey and LoadPrivateKey)
-// that can be used to load keys from PEM/DER-encoded data.
-privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
-if err != nil {
-	panic(err)
-}
-
-// Instantiate an encrypter using RSA-OAEP with AES128-GCM. An error would
-// indicate that the selected algorithm(s) are not currently supported.
-publicKey := &privateKey.PublicKey
-encrypter, err := NewEncrypter(RSA_OAEP, A128GCM, publicKey)
-if err != nil {
-	panic(err)
-}
-
-// Encrypt a sample plaintext. Calling the encrypter returns an encrypted
-// JWE object, which can then be serialized for output afterwards. An error
-// would indicate a problem in an underlying cryptographic primitive.
-var plaintext = []byte("Lorem ipsum dolor sit amet")
-object, err := encrypter.Encrypt(plaintext)
-if err != nil {
-	panic(err)
-}
-
-// Serialize the encrypted object using the full serialization format.
-// Alternatively you can also use the compact format here by calling
-// object.CompactSerialize() instead.
-serialized := object.FullSerialize()
-
-// Parse the serialized, encrypted JWE object. An error would indicate that
-// the given input did not represent a valid message.
-object, err = ParseEncrypted(serialized)
-if err != nil {
-	panic(err)
-}
-
-// Now we can decrypt and get back our original plaintext. An error here
-// would indicate the the message failed to decrypt, e.g. because the auth
-// tag was broken or the message was tampered with.
-decrypted, err := object.Decrypt(privateKey)
-if err != nil {
-	panic(err)
-}
-
-fmt.Printf(string(decrypted))
-// output: Lorem ipsum dolor sit amet
-```
-
-Signing/verification example using RSA:
-
-```Go
-// Generate a public/private key pair to use for this example. The library
-// also provides two utility functions (LoadPublicKey and LoadPrivateKey)
-// that can be used to load keys from PEM/DER-encoded data.
-privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
-if err != nil {
-	panic(err)
-}
-
-// Instantiate a signer using RSASSA-PSS (SHA512) with the given private key.
-signer, err := NewSigner(PS512, privateKey)
-if err != nil {
-	panic(err)
-}
-
-// Sign a sample payload. Calling the signer returns a protected JWS object,
-// which can then be serialized for output afterwards. An error would
-// indicate a problem in an underlying cryptographic primitive.
-var payload = []byte("Lorem ipsum dolor sit amet")
-object, err := signer.Sign(payload)
-if err != nil {
-	panic(err)
-}
-
-// Serialize the encrypted object using the full serialization format.
-// Alternatively you can also use the compact format here by calling
-// object.CompactSerialize() instead.
-serialized := object.FullSerialize()
-
-// Parse the serialized, protected JWS object. An error would indicate that
-// the given input did not represent a valid message.
-object, err = ParseSigned(serialized)
-if err != nil {
-	panic(err)
-}
-
-// Now we can verify the signature on the payload. An error here would
-// indicate the the message failed to verify, e.g. because the signature was
-// broken or the message was tampered with.
-output, err := object.Verify(&privateKey.PublicKey)
-if err != nil {
-	panic(err)
-}
-
-fmt.Printf(string(output))
-// output: Lorem ipsum dolor sit amet
-```
-
-More examples can be found in the [Godoc
-reference](https://godoc.org/github.com/square/go-jose) for this package. The
-[`jose-util`](https://github.com/square/go-jose/tree/master/jose-util)
-subdirectory also contains a small command-line utility which might
-be useful as an example.
diff --git a/vendor/github.com/square/go-jose/crypter.go b/vendor/github.com/square/go-jose/crypter.go
deleted file mode 100644
index a38632ddc65e..000000000000
--- a/vendor/github.com/square/go-jose/crypter.go
+++ /dev/null
@@ -1,349 +0,0 @@
-/*-
- * Copyright 2014 Square Inc.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package jose
-
-import (
-	"crypto/ecdsa"
-	"crypto/rsa"
-	"fmt"
-	"reflect"
-)
-
-// Encrypter represents an encrypter which produces an encrypted JWE object.
-type Encrypter interface {
-	Encrypt(plaintext []byte) (*JsonWebEncryption, error)
-	EncryptWithAuthData(plaintext []byte, aad []byte) (*JsonWebEncryption, error)
-	SetCompression(alg CompressionAlgorithm)
-}
-
-// MultiEncrypter represents an encrypter which supports multiple recipients.
-type MultiEncrypter interface {
-	Encrypt(plaintext []byte) (*JsonWebEncryption, error)
-	EncryptWithAuthData(plaintext []byte, aad []byte) (*JsonWebEncryption, error)
-	SetCompression(alg CompressionAlgorithm)
-	AddRecipient(alg KeyAlgorithm, encryptionKey interface{}) error
-}
-
-// A generic content cipher
-type contentCipher interface {
-	keySize() int
-	encrypt(cek []byte, aad, plaintext []byte) (*aeadParts, error)
-	decrypt(cek []byte, aad []byte, parts *aeadParts) ([]byte, error)
-}
-
-// A key generator (for generating/getting a CEK)
-type keyGenerator interface {
-	keySize() int
-	genKey() ([]byte, rawHeader, error)
-}
-
-// A generic key encrypter
-type keyEncrypter interface {
-	encryptKey(cek []byte, alg KeyAlgorithm) (recipientInfo, error) // Encrypt a key
-}
-
-// A generic key decrypter
-type keyDecrypter interface {
-	decryptKey(headers rawHeader, recipient *recipientInfo, generator keyGenerator) ([]byte, error) // Decrypt a key
-}
-
-// A generic encrypter based on the given key encrypter and content cipher.
-type genericEncrypter struct {
-	contentAlg     ContentEncryption
-	compressionAlg CompressionAlgorithm
-	cipher         contentCipher
-	recipients     []recipientKeyInfo
-	keyGenerator   keyGenerator
-}
-
-type recipientKeyInfo struct {
-	keyID        string
-	keyAlg       KeyAlgorithm
-	keyEncrypter keyEncrypter
-}
-
-// SetCompression sets a compression algorithm to be applied before encryption.
-func (ctx *genericEncrypter) SetCompression(compressionAlg CompressionAlgorithm) {
-	ctx.compressionAlg = compressionAlg
-}
-
-// NewEncrypter creates an appropriate encrypter based on the key type
-func NewEncrypter(alg KeyAlgorithm, enc ContentEncryption, encryptionKey interface{}) (Encrypter, error) {
-	encrypter := &genericEncrypter{
-		contentAlg:     enc,
-		compressionAlg: NONE,
-		recipients:     []recipientKeyInfo{},
-		cipher:         getContentCipher(enc),
-	}
-
-	if encrypter.cipher == nil {
-		return nil, ErrUnsupportedAlgorithm
-	}
-
-	var keyID string
-	var rawKey interface{}
-	switch encryptionKey := encryptionKey.(type) {
-	case *JsonWebKey:
-		keyID = encryptionKey.KeyID
-		rawKey = encryptionKey.Key
-	default:
-		rawKey = encryptionKey
-	}
-
-	switch alg {
-	case DIRECT:
-		// Direct encryption mode must be treated differently
-		if reflect.TypeOf(rawKey) != reflect.TypeOf([]byte{}) {
-			return nil, ErrUnsupportedKeyType
-		}
-		encrypter.keyGenerator = staticKeyGenerator{
-			key: rawKey.([]byte),
-		}
-		recipient, _ := newSymmetricRecipient(alg, rawKey.([]byte))
-		if keyID != "" {
-			recipient.keyID = keyID
-		}
-		encrypter.recipients = []recipientKeyInfo{recipient}
-		return encrypter, nil
-	case ECDH_ES:
-		// ECDH-ES (w/o key wrapping) is similar to DIRECT mode
-		typeOf := reflect.TypeOf(rawKey)
-		if typeOf != reflect.TypeOf(&ecdsa.PublicKey{}) {
-			return nil, ErrUnsupportedKeyType
-		}
-		encrypter.keyGenerator = ecKeyGenerator{
-			size:      encrypter.cipher.keySize(),
-			algID:     string(enc),
-			publicKey: rawKey.(*ecdsa.PublicKey),
-		}
-		recipient, _ := newECDHRecipient(alg, rawKey.(*ecdsa.PublicKey))
-		if keyID != "" {
-			recipient.keyID = keyID
-		}
-		encrypter.recipients = []recipientKeyInfo{recipient}
-		return encrypter, nil
-	default:
-		// Can just add a standard recipient
-		encrypter.keyGenerator = randomKeyGenerator{
-			size: encrypter.cipher.keySize(),
-		}
-		err := encrypter.AddRecipient(alg, encryptionKey)
-		return encrypter, err
-	}
-}
-
-// NewMultiEncrypter creates a multi-encrypter based on the given parameters
-func NewMultiEncrypter(enc ContentEncryption) (MultiEncrypter, error) {
-	cipher := getContentCipher(enc)
-
-	if cipher == nil {
-		return nil, ErrUnsupportedAlgorithm
-	}
-
-	encrypter := &genericEncrypter{
-		contentAlg:     enc,
-		compressionAlg: NONE,
-		recipients:     []recipientKeyInfo{},
-		cipher:         cipher,
-		keyGenerator: randomKeyGenerator{
-			size: cipher.keySize(),
-		},
-	}
-
-	return encrypter, nil
-}
-
-func (ctx *genericEncrypter) AddRecipient(alg KeyAlgorithm, encryptionKey interface{}) (err error) {
-	var recipient recipientKeyInfo
-
-	switch alg {
-	case DIRECT, ECDH_ES:
-		return fmt.Errorf("square/go-jose: key algorithm '%s' not supported in multi-recipient mode", alg)
-	}
-
-	recipient, err = makeJWERecipient(alg, encryptionKey)
-
-	if err == nil {
-		ctx.recipients = append(ctx.recipients, recipient)
-	}
-	return err
-}
-
-func makeJWERecipient(alg KeyAlgorithm, encryptionKey interface{}) (recipientKeyInfo, error) {
-	switch encryptionKey := encryptionKey.(type) {
-	case *rsa.PublicKey:
-		return newRSARecipient(alg, encryptionKey)
-	case *ecdsa.PublicKey:
-		return newECDHRecipient(alg, encryptionKey)
-	case []byte:
-		return newSymmetricRecipient(alg, encryptionKey)
-	case *JsonWebKey:
-		recipient, err := makeJWERecipient(alg, encryptionKey.Key)
-		if err == nil && encryptionKey.KeyID != "" {
-			recipient.keyID = encryptionKey.KeyID
-		}
-		return recipient, err
-	default:
-		return recipientKeyInfo{}, ErrUnsupportedKeyType
-	}
-}
-
-// newDecrypter creates an appropriate decrypter based on the key type
-func newDecrypter(decryptionKey interface{}) (keyDecrypter, error) {
-	switch decryptionKey := decryptionKey.(type) {
-	case *rsa.PrivateKey:
-		return &rsaDecrypterSigner{
-			privateKey: decryptionKey,
-		}, nil
-	case *ecdsa.PrivateKey:
-		return &ecDecrypterSigner{
-			privateKey: decryptionKey,
-		}, nil
-	case []byte:
-		return &symmetricKeyCipher{
-			key: decryptionKey,
-		}, nil
-	case *JsonWebKey:
-		return newDecrypter(decryptionKey.Key)
-	default:
-		return nil, ErrUnsupportedKeyType
-	}
-}
-
-// Implementation of encrypt method producing a JWE object.
-func (ctx *genericEncrypter) Encrypt(plaintext []byte) (*JsonWebEncryption, error) {
-	return ctx.EncryptWithAuthData(plaintext, nil)
-}
-
-// Implementation of encrypt method producing a JWE object.
-func (ctx *genericEncrypter) EncryptWithAuthData(plaintext, aad []byte) (*JsonWebEncryption, error) {
-	obj := &JsonWebEncryption{}
-	obj.aad = aad
-
-	obj.protected = &rawHeader{
-		Enc: ctx.contentAlg,
-	}
-	obj.recipients = make([]recipientInfo, len(ctx.recipients))
-
-	if len(ctx.recipients) == 0 {
-		return nil, fmt.Errorf("square/go-jose: no recipients to encrypt to")
-	}
-
-	cek, headers, err := ctx.keyGenerator.genKey()
-	if err != nil {
-		return nil, err
-	}
-
-	obj.protected.merge(&headers)
-
-	for i, info := range ctx.recipients {
-		recipient, err := info.keyEncrypter.encryptKey(cek, info.keyAlg)
-		if err != nil {
-			return nil, err
-		}
-
-		recipient.header.Alg = string(info.keyAlg)
-		if info.keyID != "" {
-			recipient.header.Kid = info.keyID
-		}
-		obj.recipients[i] = recipient
-	}
-
-	if len(ctx.recipients) == 1 {
-		// Move per-recipient headers into main protected header if there's
-		// only a single recipient.
-		obj.protected.merge(obj.recipients[0].header)
-		obj.recipients[0].header = nil
-	}
-
-	if ctx.compressionAlg != NONE {
-		plaintext, err = compress(ctx.compressionAlg, plaintext)
-		if err != nil {
-			return nil, err
-		}
-
-		obj.protected.Zip = ctx.compressionAlg
-	}
-
-	authData := obj.computeAuthData()
-	parts, err := ctx.cipher.encrypt(cek, authData, plaintext)
-	if err != nil {
-		return nil, err
-	}
-
-	obj.iv = parts.iv
-	obj.ciphertext = parts.ciphertext
-	obj.tag = parts.tag
-
-	return obj, nil
-}
-
-// Decrypt and validate the object and return the plaintext.
-func (obj JsonWebEncryption) Decrypt(decryptionKey interface{}) ([]byte, error) {
-	headers := obj.mergedHeaders(nil)
-
-	if len(headers.Crit) > 0 {
-		return nil, fmt.Errorf("square/go-jose: unsupported crit header")
-	}
-
-	decrypter, err := newDecrypter(decryptionKey)
-	if err != nil {
-		return nil, err
-	}
-
-	cipher := getContentCipher(headers.Enc)
-	if cipher == nil {
-		return nil, fmt.Errorf("square/go-jose: unsupported enc value '%s'", string(headers.Enc))
-	}
-
-	generator := randomKeyGenerator{
-		size: cipher.keySize(),
-	}
-
-	parts := &aeadParts{
-		iv:         obj.iv,
-		ciphertext: obj.ciphertext,
-		tag:        obj.tag,
-	}
-
-	authData := obj.computeAuthData()
-
-	var plaintext []byte
-	for _, recipient := range obj.recipients {
-		recipientHeaders := obj.mergedHeaders(&recipient)
-
-		cek, err := decrypter.decryptKey(recipientHeaders, &recipient, generator)
-		if err == nil {
-			// Found a valid CEK -- let's try to decrypt.
-			plaintext, err = cipher.decrypt(cek, authData, parts)
-			if err == nil {
-				break
-			}
-		}
-	}
-
-	if plaintext == nil {
-		return nil, ErrCryptoFailure
-	}
-
-	// The "zip" header parameter may only be present in the protected header.
-	if obj.protected.Zip != "" {
-		plaintext, err = decompress(obj.protected.Zip, plaintext)
-	}
-
-	return plaintext, err
-}
diff --git a/vendor/github.com/square/go-jose/shared.go b/vendor/github.com/square/go-jose/shared.go
deleted file mode 100644
index 9d895a912cff..000000000000
--- a/vendor/github.com/square/go-jose/shared.go
+++ /dev/null
@@ -1,224 +0,0 @@
-/*-
- * Copyright 2014 Square Inc.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package jose
-
-import (
-	"crypto/elliptic"
-	"errors"
-	"fmt"
-)
-
-// KeyAlgorithm represents a key management algorithm.
-type KeyAlgorithm string
-
-// SignatureAlgorithm represents a signature (or MAC) algorithm.
-type SignatureAlgorithm string
-
-// ContentEncryption represents a content encryption algorithm.
-type ContentEncryption string
-
-// CompressionAlgorithm represents an algorithm used for plaintext compression.
-type CompressionAlgorithm string
-
-var (
-	// ErrCryptoFailure represents an error in cryptographic primitive. This
-	// occurs when, for example, a message had an invalid authentication tag or
-	// could not be decrypted.
-	ErrCryptoFailure = errors.New("square/go-jose: error in cryptographic primitive")
-
-	// ErrUnsupportedAlgorithm indicates that a selected algorithm is not
-	// supported. This occurs when trying to instantiate an encrypter for an
-	// algorithm that is not yet implemented.
-	ErrUnsupportedAlgorithm = errors.New("square/go-jose: unknown/unsupported algorithm")
-
-	// ErrUnsupportedKeyType indicates that the given key type/format is not
-	// supported. This occurs when trying to instantiate an encrypter and passing
-	// it a key of an unrecognized type or with unsupported parameters, such as
-	// an RSA private key with more than two primes.
-	ErrUnsupportedKeyType = errors.New("square/go-jose: unsupported key type/format")
-
-	// ErrNotSupported serialization of object is not supported. This occurs when
-	// trying to compact-serialize an object which can't be represented in
-	// compact form.
-	ErrNotSupported = errors.New("square/go-jose: compact serialization not supported for object")
-
-	// ErrUnprotectedNonce indicates that while parsing a JWS or JWE object, a
-	// nonce header parameter was included in an unprotected header object.
-	ErrUnprotectedNonce = errors.New("square/go-jose: Nonce parameter included in unprotected header")
-)
-
-// Key management algorithms
-const (
-	RSA1_5             = KeyAlgorithm("RSA1_5")             // RSA-PKCS1v1.5
-	RSA_OAEP           = KeyAlgorithm("RSA-OAEP")           // RSA-OAEP-SHA1
-	RSA_OAEP_256       = KeyAlgorithm("RSA-OAEP-256")       // RSA-OAEP-SHA256
-	A128KW             = KeyAlgorithm("A128KW")             // AES key wrap (128)
-	A192KW             = KeyAlgorithm("A192KW")             // AES key wrap (192)
-	A256KW             = KeyAlgorithm("A256KW")             // AES key wrap (256)
-	DIRECT             = KeyAlgorithm("dir")                // Direct encryption
-	ECDH_ES            = KeyAlgorithm("ECDH-ES")            // ECDH-ES
-	ECDH_ES_A128KW     = KeyAlgorithm("ECDH-ES+A128KW")     // ECDH-ES + AES key wrap (128)
-	ECDH_ES_A192KW     = KeyAlgorithm("ECDH-ES+A192KW")     // ECDH-ES + AES key wrap (192)
-	ECDH_ES_A256KW     = KeyAlgorithm("ECDH-ES+A256KW")     // ECDH-ES + AES key wrap (256)
-	A128GCMKW          = KeyAlgorithm("A128GCMKW")          // AES-GCM key wrap (128)
-	A192GCMKW          = KeyAlgorithm("A192GCMKW")          // AES-GCM key wrap (192)
-	A256GCMKW          = KeyAlgorithm("A256GCMKW")          // AES-GCM key wrap (256)
-	PBES2_HS256_A128KW = KeyAlgorithm("PBES2-HS256+A128KW") // PBES2 + HMAC-SHA256 + AES key wrap (128)
-	PBES2_HS384_A192KW = KeyAlgorithm("PBES2-HS384+A192KW") // PBES2 + HMAC-SHA384 + AES key wrap (192)
-	PBES2_HS512_A256KW = KeyAlgorithm("PBES2-HS512+A256KW") // PBES2 + HMAC-SHA512 + AES key wrap (256)
-)
-
-// Signature algorithms
-const (
-	HS256 = SignatureAlgorithm("HS256") // HMAC using SHA-256
-	HS384 = SignatureAlgorithm("HS384") // HMAC using SHA-384
-	HS512 = SignatureAlgorithm("HS512") // HMAC using SHA-512
-	RS256 = SignatureAlgorithm("RS256") // RSASSA-PKCS-v1.5 using SHA-256
-	RS384 = SignatureAlgorithm("RS384") // RSASSA-PKCS-v1.5 using SHA-384
-	RS512 = SignatureAlgorithm("RS512") // RSASSA-PKCS-v1.5 using SHA-512
-	ES256 = SignatureAlgorithm("ES256") // ECDSA using P-256 and SHA-256
-	ES384 = SignatureAlgorithm("ES384") // ECDSA using P-384 and SHA-384
-	ES512 = SignatureAlgorithm("ES512") // ECDSA using P-521 and SHA-512
-	PS256 = SignatureAlgorithm("PS256") // RSASSA-PSS using SHA256 and MGF1-SHA256
-	PS384 = SignatureAlgorithm("PS384") // RSASSA-PSS using SHA384 and MGF1-SHA384
-	PS512 = SignatureAlgorithm("PS512") // RSASSA-PSS using SHA512 and MGF1-SHA512
-)
-
-// Content encryption algorithms
-const (
-	A128CBC_HS256 = ContentEncryption("A128CBC-HS256") // AES-CBC + HMAC-SHA256 (128)
-	A192CBC_HS384 = ContentEncryption("A192CBC-HS384") // AES-CBC + HMAC-SHA384 (192)
-	A256CBC_HS512 = ContentEncryption("A256CBC-HS512") // AES-CBC + HMAC-SHA512 (256)
-	A128GCM       = ContentEncryption("A128GCM")       // AES-GCM (128)
-	A192GCM       = ContentEncryption("A192GCM")       // AES-GCM (192)
-	A256GCM       = ContentEncryption("A256GCM")       // AES-GCM (256)
-)
-
-// Compression algorithms
-const (
-	NONE    = CompressionAlgorithm("")    // No compression
-	DEFLATE = CompressionAlgorithm("DEF") // DEFLATE (RFC 1951)
-)
-
-// rawHeader represents the JOSE header for JWE/JWS objects (used for parsing).
-type rawHeader struct {
-	Alg   string               `json:"alg,omitempty"`
-	Enc   ContentEncryption    `json:"enc,omitempty"`
-	Zip   CompressionAlgorithm `json:"zip,omitempty"`
-	Crit  []string             `json:"crit,omitempty"`
-	Apu   *byteBuffer          `json:"apu,omitempty"`
-	Apv   *byteBuffer          `json:"apv,omitempty"`
-	Epk   *JsonWebKey          `json:"epk,omitempty"`
-	Iv    *byteBuffer          `json:"iv,omitempty"`
-	Tag   *byteBuffer          `json:"tag,omitempty"`
-	Jwk   *JsonWebKey          `json:"jwk,omitempty"`
-	Kid   string               `json:"kid,omitempty"`
-	Nonce string               `json:"nonce,omitempty"`
-}
-
-// JoseHeader represents the read-only JOSE header for JWE/JWS objects.
-type JoseHeader struct {
-	KeyID      string
-	JsonWebKey *JsonWebKey
-	Algorithm  string
-	Nonce      string
-}
-
-// sanitized produces a cleaned-up header object from the raw JSON.
-func (parsed rawHeader) sanitized() JoseHeader {
-	return JoseHeader{
-		KeyID:      parsed.Kid,
-		JsonWebKey: parsed.Jwk,
-		Algorithm:  parsed.Alg,
-		Nonce:      parsed.Nonce,
-	}
-}
-
-// Merge headers from src into dst, giving precedence to headers from l.
-func (dst *rawHeader) merge(src *rawHeader) {
-	if src == nil {
-		return
-	}
-
-	if dst.Alg == "" {
-		dst.Alg = src.Alg
-	}
-	if dst.Enc == "" {
-		dst.Enc = src.Enc
-	}
-	if dst.Zip == "" {
-		dst.Zip = src.Zip
-	}
-	if dst.Crit == nil {
-		dst.Crit = src.Crit
-	}
-	if dst.Crit == nil {
-		dst.Crit = src.Crit
-	}
-	if dst.Apu == nil {
-		dst.Apu = src.Apu
-	}
-	if dst.Apv == nil {
-		dst.Apv = src.Apv
-	}
-	if dst.Epk == nil {
-		dst.Epk = src.Epk
-	}
-	if dst.Iv == nil {
-		dst.Iv = src.Iv
-	}
-	if dst.Tag == nil {
-		dst.Tag = src.Tag
-	}
-	if dst.Kid == "" {
-		dst.Kid = src.Kid
-	}
-	if dst.Jwk == nil {
-		dst.Jwk = src.Jwk
-	}
-	if dst.Nonce == "" {
-		dst.Nonce = src.Nonce
-	}
-}
-
-// Get JOSE name of curve
-func curveName(crv elliptic.Curve) (string, error) {
-	switch crv {
-	case elliptic.P256():
-		return "P-256", nil
-	case elliptic.P384():
-		return "P-384", nil
-	case elliptic.P521():
-		return "P-521", nil
-	default:
-		return "", fmt.Errorf("square/go-jose: unsupported/unknown elliptic curve")
-	}
-}
-
-// Get size of curve in bytes
-func curveSize(crv elliptic.Curve) int {
-	bits := crv.Params().BitSize
-
-	div := bits / 8
-	mod := bits % 8
-
-	if mod == 0 {
-		return div
-	}
-
-	return div + 1
-}
diff --git a/vendor/github.com/square/go-jose/signing.go b/vendor/github.com/square/go-jose/signing.go
deleted file mode 100644
index c6ed2c92b1c8..000000000000
--- a/vendor/github.com/square/go-jose/signing.go
+++ /dev/null
@@ -1,218 +0,0 @@
-/*-
- * Copyright 2014 Square Inc.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package jose
-
-import (
-	"crypto/ecdsa"
-	"crypto/rsa"
-	"fmt"
-)
-
-// NonceSource represents a source of random nonces to go into JWS objects
-type NonceSource interface {
-	Nonce() (string, error)
-}
-
-// Signer represents a signer which takes a payload and produces a signed JWS object.
-type Signer interface {
-	Sign(payload []byte) (*JsonWebSignature, error)
-	SetNonceSource(source NonceSource)
-	SetEmbedJwk(embed bool)
-}
-
-// MultiSigner represents a signer which supports multiple recipients.
-type MultiSigner interface {
-	Sign(payload []byte) (*JsonWebSignature, error)
-	SetNonceSource(source NonceSource)
-	SetEmbedJwk(embed bool)
-	AddRecipient(alg SignatureAlgorithm, signingKey interface{}) error
-}
-
-type payloadSigner interface {
-	signPayload(payload []byte, alg SignatureAlgorithm) (Signature, error)
-}
-
-type payloadVerifier interface {
-	verifyPayload(payload []byte, signature []byte, alg SignatureAlgorithm) error
-}
-
-type genericSigner struct {
-	recipients  []recipientSigInfo
-	nonceSource NonceSource
-	embedJwk    bool
-}
-
-type recipientSigInfo struct {
-	sigAlg    SignatureAlgorithm
-	keyID     string
-	publicKey *JsonWebKey
-	signer    payloadSigner
-}
-
-// NewSigner creates an appropriate signer based on the key type
-func NewSigner(alg SignatureAlgorithm, signingKey interface{}) (Signer, error) {
-	// NewMultiSigner never fails (currently)
-	signer := NewMultiSigner()
-
-	err := signer.AddRecipient(alg, signingKey)
-	if err != nil {
-		return nil, err
-	}
-
-	return signer, nil
-}
-
-// NewMultiSigner creates a signer for multiple recipients
-func NewMultiSigner() MultiSigner {
-	return &genericSigner{
-		recipients: []recipientSigInfo{},
-		embedJwk:   true,
-	}
-}
-
-// newVerifier creates a verifier based on the key type
-func newVerifier(verificationKey interface{}) (payloadVerifier, error) {
-	switch verificationKey := verificationKey.(type) {
-	case *rsa.PublicKey:
-		return &rsaEncrypterVerifier{
-			publicKey: verificationKey,
-		}, nil
-	case *ecdsa.PublicKey:
-		return &ecEncrypterVerifier{
-			publicKey: verificationKey,
-		}, nil
-	case []byte:
-		return &symmetricMac{
-			key: verificationKey,
-		}, nil
-	case *JsonWebKey:
-		return newVerifier(verificationKey.Key)
-	default:
-		return nil, ErrUnsupportedKeyType
-	}
-}
-
-func (ctx *genericSigner) AddRecipient(alg SignatureAlgorithm, signingKey interface{}) error {
-	recipient, err := makeJWSRecipient(alg, signingKey)
-	if err != nil {
-		return err
-	}
-
-	ctx.recipients = append(ctx.recipients, recipient)
-	return nil
-}
-
-func makeJWSRecipient(alg SignatureAlgorithm, signingKey interface{}) (recipientSigInfo, error) {
-	switch signingKey := signingKey.(type) {
-	case *rsa.PrivateKey:
-		return newRSASigner(alg, signingKey)
-	case *ecdsa.PrivateKey:
-		return newECDSASigner(alg, signingKey)
-	case []byte:
-		return newSymmetricSigner(alg, signingKey)
-	case *JsonWebKey:
-		recipient, err := makeJWSRecipient(alg, signingKey.Key)
-		if err != nil {
-			return recipientSigInfo{}, err
-		}
-		recipient.keyID = signingKey.KeyID
-		return recipient, nil
-	default:
-		return recipientSigInfo{}, ErrUnsupportedKeyType
-	}
-}
-
-func (ctx *genericSigner) Sign(payload []byte) (*JsonWebSignature, error) {
-	obj := &JsonWebSignature{}
-	obj.payload = payload
-	obj.Signatures = make([]Signature, len(ctx.recipients))
-
-	for i, recipient := range ctx.recipients {
-		protected := &rawHeader{
-			Alg: string(recipient.sigAlg),
-		}
-
-		if recipient.publicKey != nil && ctx.embedJwk {
-			protected.Jwk = recipient.publicKey
-		}
-		if recipient.keyID != "" {
-			protected.Kid = recipient.keyID
-		}
-
-		if ctx.nonceSource != nil {
-			nonce, err := ctx.nonceSource.Nonce()
-			if err != nil {
-				return nil, fmt.Errorf("square/go-jose: Error generating nonce: %v", err)
-			}
-			protected.Nonce = nonce
-		}
-
-		serializedProtected := mustSerializeJSON(protected)
-
-		input := []byte(fmt.Sprintf("%s.%s",
-			base64URLEncode(serializedProtected),
-			base64URLEncode(payload)))
-
-		signatureInfo, err := recipient.signer.signPayload(input, recipient.sigAlg)
-		if err != nil {
-			return nil, err
-		}
-
-		signatureInfo.protected = protected
-		obj.Signatures[i] = signatureInfo
-	}
-
-	return obj, nil
-}
-
-// SetNonceSource provides or updates a nonce pool to the first recipients.
-// After this method is called, the signer will consume one nonce per
-// signature, returning an error it is unable to get a nonce.
-func (ctx *genericSigner) SetNonceSource(source NonceSource) {
-	ctx.nonceSource = source
-}
-
-// SetEmbedJwk specifies if the signing key should be embedded in the protected header,
-// if any. It defaults to 'true'.
-func (ctx *genericSigner) SetEmbedJwk(embed bool) {
-	ctx.embedJwk = embed
-}
-
-// Verify validates the signature on the object and returns the payload.
-func (obj JsonWebSignature) Verify(verificationKey interface{}) ([]byte, error) {
-	verifier, err := newVerifier(verificationKey)
-	if err != nil {
-		return nil, err
-	}
-
-	for _, signature := range obj.Signatures {
-		headers := signature.mergedHeaders()
-		if len(headers.Crit) > 0 {
-			// Unsupported crit header
-			continue
-		}
-
-		input := obj.computeAuthData(&signature)
-		alg := SignatureAlgorithm(headers.Alg)
-		err := verifier.verifyPayload(input, signature.Signature, alg)
-		if err == nil {
-			return obj.payload, nil
-		}
-	}
-
-	return nil, ErrCryptoFailure
-}
diff --git a/vendor/github.com/square/go-jose/utils.go b/vendor/github.com/square/go-jose/utils.go
deleted file mode 100644
index 4ca2bc06bae7..000000000000
--- a/vendor/github.com/square/go-jose/utils.go
+++ /dev/null
@@ -1,74 +0,0 @@
-/*-
- * Copyright 2014 Square Inc.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package jose
-
-import (
-	"crypto/x509"
-	"encoding/pem"
-	"fmt"
-)
-
-// LoadPublicKey loads a public key from PEM/DER-encoded data.
-func LoadPublicKey(data []byte) (interface{}, error) {
-	input := data
-
-	block, _ := pem.Decode(data)
-	if block != nil {
-		input = block.Bytes
-	}
-
-	// Try to load SubjectPublicKeyInfo
-	pub, err0 := x509.ParsePKIXPublicKey(input)
-	if err0 == nil {
-		return pub, nil
-	}
-
-	cert, err1 := x509.ParseCertificate(input)
-	if err1 == nil {
-		return cert.PublicKey, nil
-	}
-
-	return nil, fmt.Errorf("square/go-jose: parse error, got '%s' and '%s'", err0, err1)
-}
-
-// LoadPrivateKey loads a private key from PEM/DER-encoded data.
-func LoadPrivateKey(data []byte) (interface{}, error) {
-	input := data
-
-	block, _ := pem.Decode(data)
-	if block != nil {
-		input = block.Bytes
-	}
-
-	var priv interface{}
-	priv, err0 := x509.ParsePKCS1PrivateKey(input)
-	if err0 == nil {
-		return priv, nil
-	}
-
-	priv, err1 := x509.ParsePKCS8PrivateKey(input)
-	if err1 == nil {
-		return priv, nil
-	}
-
-	priv, err2 := x509.ParseECPrivateKey(input)
-	if err2 == nil {
-		return priv, nil
-	}
-
-	return nil, fmt.Errorf("square/go-jose: parse error, got '%s', '%s' and '%s'", err0, err1, err2)
-}
diff --git a/vendor/github.com/storageos/go-api/README.md b/vendor/github.com/storageos/go-api/README.md
index 15869239da2e..15ebd60eb05e 100644
--- a/vendor/github.com/storageos/go-api/README.md
+++ b/vendor/github.com/storageos/go-api/README.md
@@ -1,2 +1,5 @@
 # StorageOS API client library
 
+## Swagger Spec
+Swagger specification for this repo is available in the [StorageOS public documentation](https://github.com/storageos/storageos.github.io/blob/master/swagger.yaml).
+
diff --git a/vendor/github.com/storageos/go-api/client.go b/vendor/github.com/storageos/go-api/client.go
index 2b0b2fbb5762..5be9924f3dce 100644
--- a/vendor/github.com/storageos/go-api/client.go
+++ b/vendor/github.com/storageos/go-api/client.go
@@ -4,16 +4,16 @@ import (
 	"bytes"
 	"context"
 	"crypto/tls"
-	"crypto/x509"
 	"encoding/json"
 	"errors"
 	"fmt"
+	"github.com/storageos/go-api/netutil"
+	"github.com/storageos/go-api/serror"
 	"io"
 	"io/ioutil"
 	"net"
 	"net/http"
 	"net/url"
-	"os"
 	"reflect"
 	"strconv"
 	"strings"
@@ -22,17 +22,11 @@ import (
 
 const (
 	userAgent         = "go-storageosclient"
-	unixProtocol      = "unix"
-	namedPipeProtocol = "npipe"
 	DefaultVersionStr = "1"
 	DefaultVersion    = 1
-	defaultNamespace  = "default"
 )
 
 var (
-	// ErrInvalidEndpoint is returned when the endpoint is not a valid HTTP URL.
-	ErrInvalidEndpoint = errors.New("invalid endpoint")
-
 	// ErrConnectionRefused is returned when the client cannot connect to the given endpoint.
 	ErrConnectionRefused = errors.New("cannot connect to StorageOS API endpoint")
 
@@ -42,8 +36,14 @@ var (
 	// ErrInvalidVersion is returned when a versioned client was requested but no version specified.
 	ErrInvalidVersion = errors.New("invalid version")
 
+	// DefaultPort is the default API port
+	DefaultPort = "5705"
+
+	// DataplaneHealthPort is the the port used by the dataplane health-check service
+	DataplaneHealthPort = "5704"
+
 	// DefaultHost is the default API host
-	DefaultHost = "tcp://localhost:5705"
+	DefaultHost = "tcp://localhost:" + DefaultPort
 )
 
 // APIVersion is an internal representation of a version of the Remote API.
@@ -73,15 +73,13 @@ type Client struct {
 	SkipServerVersionCheck bool
 	HTTPClient             *http.Client
 	TLSConfig              *tls.Config
-	Dialer                 Dialer
-	endpoint               string
-	endpointURL            *url.URL
 	username               string
 	secret                 string
 	requestedAPIVersion    APIVersion
 	serverAPIVersion       APIVersion
 	expectedAPIVersion     APIVersion
 	nativeHTTPClient       *http.Client
+	useTLS                 bool
 }
 
 // ClientVersion returns the API version of the client
@@ -99,20 +97,8 @@ type Dialer interface {
 // NewClient returns a Client instance ready for communication with the given
 // server endpoint. It will use the latest remote API version available in the
 // server.
-func NewClient(endpoint string) (*Client, error) {
-	client, err := NewVersionedClient(endpoint, "")
-	if err != nil {
-		return nil, err
-	}
-	client.SkipServerVersionCheck = true
-	return client, nil
-}
-
-// NewTLSClient returns a Client instance ready for TLS communications with the given
-// server endpoint, key and certificates . It will use the latest remote API version
-// available in the server.
-func NewTLSClient(endpoint string, cert, key, ca string) (*Client, error) {
-	client, err := NewVersionedTLSClient(endpoint, cert, key, ca, "")
+func NewClient(nodes string) (*Client, error) {
+	client, err := NewVersionedClient(nodes, "")
 	if err != nil {
 		return nil, err
 	}
@@ -122,95 +108,24 @@ func NewTLSClient(endpoint string, cert, key, ca string) (*Client, error) {
 
 // NewVersionedClient returns a Client instance ready for communication with
 // the given server endpoint, using a specific remote API version.
-func NewVersionedClient(endpoint string, apiVersionString string) (*Client, error) {
-	u, err := parseEndpoint(endpoint, false)
-	if err != nil {
-		return nil, err
-	}
-
-	c := &Client{
-		HTTPClient:  defaultClient(),
-		Dialer:      &net.Dialer{},
-		endpoint:    endpoint,
-		endpointURL: u,
-	}
-
-	if apiVersionString != "" {
-		version, err := strconv.Atoi(apiVersionString)
-		if err != nil {
-			return nil, err
-		}
-		c.requestedAPIVersion = APIVersion(version)
-	}
+func NewVersionedClient(nodestring string, apiVersionString string) (*Client, error) {
+	nodes := strings.Split(nodestring, ",")
 
-	c.initializeNativeClient()
-	return c, nil
-}
-
-// NewVersionedTLSClient returns a Client instance ready for TLS communications with the givens
-// server endpoint, key and certificates, using a specific remote API version.
-func NewVersionedTLSClient(endpoint string, cert, key, ca, apiVersionString string) (*Client, error) {
-	var certPEMBlock []byte
-	var keyPEMBlock []byte
-	var caPEMCert []byte
-	if _, err := os.Stat(cert); !os.IsNotExist(err) {
-		certPEMBlock, err = ioutil.ReadFile(cert)
-		if err != nil {
-			return nil, err
-		}
-	}
-	if _, err := os.Stat(key); !os.IsNotExist(err) {
-		keyPEMBlock, err = ioutil.ReadFile(key)
-		if err != nil {
-			return nil, err
-		}
-	}
-	if _, err := os.Stat(ca); !os.IsNotExist(err) {
-		caPEMCert, err = ioutil.ReadFile(ca)
-		if err != nil {
-			return nil, err
-		}
-	}
-	return NewVersionedTLSClientFromBytes(endpoint, certPEMBlock, keyPEMBlock, caPEMCert, apiVersionString)
-}
-
-// NewVersionedTLSClientFromBytes returns a Client instance ready for TLS communications with the givens
-// server endpoint, key and certificates (passed inline to the function as opposed to being
-// read from a local file), using a specific remote API version.
-func NewVersionedTLSClientFromBytes(endpoint string, certPEMBlock, keyPEMBlock, caPEMCert []byte, apiVersionString string) (*Client, error) {
-	u, err := parseEndpoint(endpoint, true)
+	d, err := netutil.NewMultiDialer(nodes, nil)
 	if err != nil {
 		return nil, err
 	}
 
-	tlsConfig := &tls.Config{}
-	if certPEMBlock != nil && keyPEMBlock != nil {
-		tlsCert, err := tls.X509KeyPair(certPEMBlock, keyPEMBlock)
-		if err != nil {
-			return nil, err
-		}
-		tlsConfig.Certificates = []tls.Certificate{tlsCert}
-	}
-	if caPEMCert == nil {
-		tlsConfig.InsecureSkipVerify = true
-	} else {
-		caPool := x509.NewCertPool()
-		if !caPool.AppendCertsFromPEM(caPEMCert) {
-			return nil, errors.New("Could not add RootCA pem")
+	var useTLS bool
+	if len(nodes) > 0 {
+		if u, err := url.Parse(nodes[0]); err != nil && u.Scheme == "https" {
+			useTLS = true
 		}
-		tlsConfig.RootCAs = caPool
-	}
-	tr := defaultTransport()
-	tr.TLSClientConfig = tlsConfig
-	if err != nil {
-		return nil, err
 	}
+
 	c := &Client{
-		HTTPClient:  &http.Client{Transport: tr},
-		TLSConfig:   tlsConfig,
-		Dialer:      &net.Dialer{},
-		endpoint:    endpoint,
-		endpointURL: u,
+		HTTPClient: defaultClient(d),
+		useTLS:     useTLS,
 	}
 
 	if apiVersionString != "" {
@@ -221,7 +136,6 @@ func NewVersionedTLSClientFromBytes(endpoint string, certPEMBlock, keyPEMBlock,
 		c.requestedAPIVersion = APIVersion(version)
 	}
 
-	c.initializeNativeClient()
 	return c, nil
 }
 
@@ -265,13 +179,6 @@ func (c *Client) checkAPIVersion() error {
 	return nil
 }
 
-// Endpoint returns the current endpoint. It's useful for getting the endpoint
-// when using functions that get this data from the environment (like
-// NewClientFromEnv.
-func (c *Client) Endpoint() string {
-	return c.endpoint
-}
-
 // Ping pings the API server
 //
 // See https://goo.gl/wYfgY1 for more details.
@@ -341,15 +248,7 @@ func (c *Client) do(method, urlpath string, doOptions doOptions) (*http.Response
 	}
 
 	httpClient := c.HTTPClient
-	protocol := c.endpointURL.Scheme
-	var u string
-	switch protocol {
-	case unixProtocol, namedPipeProtocol:
-		httpClient = c.nativeHTTPClient
-		u = c.getFakeNativeURL(urlpath, doOptions.unversioned)
-	default:
-		u = c.getAPIPath(urlpath, query, doOptions.unversioned)
-	}
+	u := c.getAPIPath(urlpath, query, doOptions.unversioned)
 
 	req, err := http.NewRequest(method, u, params)
 	if err != nil {
@@ -376,6 +275,11 @@ func (c *Client) do(method, urlpath string, doOptions doOptions) (*http.Response
 
 	resp, err := httpClient.Do(req.WithContext(ctx))
 	if err != nil {
+		// If it is a custom error, return it. It probably knows more than us
+		if serror.IsStorageOSError(err) {
+			return nil, err
+		}
+
 		if strings.Contains(err.Error(), "connection refused") {
 			return nil, ErrConnectionRefused
 		}
@@ -397,27 +301,18 @@ func chooseError(ctx context.Context, err error) error {
 	}
 }
 
-func (c *Client) getURL(path string, unversioned bool) string {
-
-	urlStr := strings.TrimRight(c.endpointURL.String(), "/")
-	path = strings.TrimLeft(path, "/")
-	if c.endpointURL.Scheme == unixProtocol || c.endpointURL.Scheme == namedPipeProtocol {
-		urlStr = ""
-	}
-	if unversioned {
-		return fmt.Sprintf("%s/%s", urlStr, path)
+func (c *Client) getAPIPath(path string, query url.Values, unversioned bool) string {
+	// The custom dialer contacts the hosts for us, making this hosname irrelevant
+	var urlStr string
+	if c.useTLS {
+		urlStr = "https://storageos-cluster"
+	} else {
+		urlStr = "http://storageos-cluster"
 	}
-	return fmt.Sprintf("%s/%s/%s", urlStr, c.requestedAPIVersion, path)
 
-}
-
-func (c *Client) getAPIPath(path string, query url.Values, unversioned bool) string {
 	var apiPath string
-	urlStr := strings.TrimRight(c.endpointURL.String(), "/")
+
 	path = strings.TrimLeft(path, "/")
-	if c.endpointURL.Scheme == unixProtocol || c.endpointURL.Scheme == namedPipeProtocol {
-		urlStr = ""
-	}
 	if unversioned {
 		apiPath = fmt.Sprintf("%s/%s", urlStr, path)
 	} else {
@@ -431,30 +326,6 @@ func (c *Client) getAPIPath(path string, query url.Values, unversioned bool) str
 	return apiPath
 }
 
-// getFakeNativeURL returns the URL needed to make an HTTP request over a UNIX
-// domain socket to the given path.
-func (c *Client) getFakeNativeURL(path string, unversioned bool) string {
-	u := *c.endpointURL // Copy.
-
-	// Override URL so that net/http will not complain.
-	u.Scheme = "http"
-	u.Host = "unix.sock" // Doesn't matter what this is - it's not used.
-	u.Path = ""
-	urlStr := strings.TrimRight(u.String(), "/")
-	path = strings.TrimLeft(path, "/")
-	if unversioned {
-		return fmt.Sprintf("%s/%s", urlStr, path)
-	}
-	return fmt.Sprintf("%s/%s/%s", urlStr, c.requestedAPIVersion, path)
-}
-
-type jsonMessage struct {
-	Status   string `json:"status,omitempty"`
-	Progress string `json:"progress,omitempty"`
-	Error    string `json:"error,omitempty"`
-	Stream   string `json:"stream,omitempty"`
-}
-
 func queryString(opts interface{}) string {
 	if opts == nil {
 		return ""
@@ -530,63 +401,50 @@ type Error struct {
 }
 
 func newError(resp *http.Response) *Error {
+	type jsonError struct {
+		Message string `json:"message"`
+	}
+
 	defer resp.Body.Close()
 	data, err := ioutil.ReadAll(resp.Body)
 	if err != nil {
 		return &Error{Status: resp.StatusCode, Message: fmt.Sprintf("cannot read body, err: %v", err)}
 	}
-	return &Error{Status: resp.StatusCode, Message: string(data)}
+
+	// attempt to unmarshal the error if in json format
+	jerr := &jsonError{}
+	err = json.Unmarshal(data, jerr)
+	if err != nil {
+		return &Error{Status: resp.StatusCode, Message: string(data)} // Failed, just return string
+	}
+
+	return &Error{Status: resp.StatusCode, Message: jerr.Message}
 }
 
 func (e *Error) Error() string {
-	return fmt.Sprintf("API error (%d): %s", e.Status, e.Message)
-}
+	var niceStatus string
 
-func parseEndpoint(endpoint string, tls bool) (*url.URL, error) {
-	if endpoint != "" && !strings.Contains(endpoint, "://") {
-		endpoint = "tcp://" + endpoint
-	}
-	u, err := url.Parse(endpoint)
-	if err != nil {
-		return nil, ErrInvalidEndpoint
-	}
-	if tls && u.Scheme != "unix" {
-		u.Scheme = "https"
+	switch e.Status {
+	case 400, 500:
+		niceStatus = "Server failed to process your request. Was the data correct?"
+	case 401:
+		niceStatus = "Unauthenticated access of secure endpoint, please retry after authentication"
+	case 403:
+		niceStatus = "Forbidden request. Your user cannot perform this action"
+	case 404:
+		niceStatus = "Requested object not found. Does this item exist?"
 	}
-	switch u.Scheme {
-	case unixProtocol, namedPipeProtocol:
-		return u, nil
-	case "http", "https", "tcp":
-		_, port, err := net.SplitHostPort(u.Host)
-		if err != nil {
-			if e, ok := err.(*net.AddrError); ok {
-				if e.Err == "missing port in address" {
-					return u, nil
-				}
-			}
-			return nil, ErrInvalidEndpoint
-		}
-		number, err := strconv.ParseInt(port, 10, 64)
-		if err == nil && number > 0 && number < 65536 {
-			if u.Scheme == "tcp" {
-				if tls {
-					u.Scheme = "https"
-				} else {
-					u.Scheme = "http"
-				}
-			}
-			return u, nil
-		}
-		return nil, ErrInvalidEndpoint
-	default:
-		return nil, ErrInvalidEndpoint
+
+	if niceStatus != "" {
+		return fmt.Sprintf("API error (%s): %s", niceStatus, e.Message)
 	}
+	return fmt.Sprintf("API error (%s): %s", http.StatusText(e.Status), e.Message)
 }
 
 // defaultTransport returns a new http.Transport with the same default values
 // as http.DefaultTransport, but with idle connections and keepalives disabled.
-func defaultTransport() *http.Transport {
-	transport := defaultPooledTransport()
+func defaultTransport(d Dialer) *http.Transport {
+	transport := defaultPooledTransport(d)
 	transport.DisableKeepAlives = true
 	transport.MaxIdleConnsPerHost = -1
 	return transport
@@ -596,14 +454,11 @@ func defaultTransport() *http.Transport {
 // values to http.DefaultTransport. Do not use this for transient transports as
 // it can leak file descriptors over time. Only use this for transports that
 // will be re-used for the same host(s).
-func defaultPooledTransport() *http.Transport {
+func defaultPooledTransport(d Dialer) *http.Transport {
 	transport := &http.Transport{
-		Proxy: http.ProxyFromEnvironment,
-		Dial: (&net.Dialer{
-			Timeout:   30 * time.Second,
-			KeepAlive: 30 * time.Second,
-		}).Dial,
-		TLSHandshakeTimeout: 10 * time.Second,
+		Proxy:               http.ProxyFromEnvironment,
+		Dial:                d.Dial,
+		TLSHandshakeTimeout: 5 * time.Second,
 		DisableKeepAlives:   false,
 		MaxIdleConnsPerHost: 1,
 	}
@@ -613,8 +468,16 @@ func defaultPooledTransport() *http.Transport {
 // defaultClient returns a new http.Client with similar default values to
 // http.Client, but with a non-shared Transport, idle connections disabled, and
 // keepalives disabled.
-func defaultClient() *http.Client {
+// If a custom dialer is not provided, one with sane defaults will be created.
+func defaultClient(d Dialer) *http.Client {
+	if d == nil {
+		d = &net.Dialer{
+			Timeout:   5 * time.Second,
+			KeepAlive: 5 * time.Second,
+		}
+	}
+
 	return &http.Client{
-		Transport: defaultTransport(),
+		Transport: defaultTransport(d),
 	}
 }
diff --git a/vendor/github.com/storageos/go-api/client_unix.go b/vendor/github.com/storageos/go-api/client_unix.go
deleted file mode 100644
index 07eb65120e16..000000000000
--- a/vendor/github.com/storageos/go-api/client_unix.go
+++ /dev/null
@@ -1,25 +0,0 @@
-// +build !windows
-// Copyright 2016 go-dockerclient authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package storageos
-
-import (
-	"net"
-	"net/http"
-)
-
-// initializeNativeClient initializes the native Unix domain socket client on
-// Unix-style operating systems
-func (c *Client) initializeNativeClient() {
-	if c.endpointURL.Scheme != unixProtocol {
-		return
-	}
-	socketPath := c.endpointURL.Path
-	tr := defaultTransport()
-	tr.Dial = func(network, addr string) (net.Conn, error) {
-		return c.Dialer.Dial(unixProtocol, socketPath)
-	}
-	c.nativeHTTPClient = &http.Client{Transport: tr}
-}
diff --git a/vendor/github.com/storageos/go-api/client_windows.go b/vendor/github.com/storageos/go-api/client_windows.go
deleted file mode 100644
index 7951463a3145..000000000000
--- a/vendor/github.com/storageos/go-api/client_windows.go
+++ /dev/null
@@ -1,40 +0,0 @@
-// +build windows
-// Copyright 2016 go-dockerclient authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package storageos
-
-import (
-	"net"
-	"net/http"
-	"time"
-
-	"github.com/Microsoft/go-winio"
-)
-
-const namedPipeConnectTimeout = 2 * time.Second
-
-type pipeDialer struct {
-	dialFunc func(network, addr string) (net.Conn, error)
-}
-
-func (p pipeDialer) Dial(network, address string) (net.Conn, error) {
-	return p.dialFunc(network, address)
-}
-
-// initializeNativeClient initializes the native Named Pipe client for Windows
-func (c *Client) initializeNativeClient() {
-	if c.endpointURL.Scheme != namedPipeProtocol {
-		return
-	}
-	namedPipePath := c.endpointURL.Path
-	dialFunc := func(network, addr string) (net.Conn, error) {
-		timeout := namedPipeConnectTimeout
-		return winio.DialPipe(namedPipePath, &timeout)
-	}
-	tr := defaultTransport()
-	tr.Dial = dialFunc
-	c.Dialer = &pipeDialer{dialFunc}
-	c.nativeHTTPClient = &http.Client{Transport: tr}
-}
diff --git a/vendor/github.com/storageos/go-api/controller.go b/vendor/github.com/storageos/go-api/controller.go
index 1d8e0bfee676..1b4f9ea12893 100644
--- a/vendor/github.com/storageos/go-api/controller.go
+++ b/vendor/github.com/storageos/go-api/controller.go
@@ -26,7 +26,6 @@ func (c *Client) ControllerList(opts types.ListOptions) ([]*types.Controller, er
 	listOpts := doOptions{
 		fieldSelector: opts.FieldSelector,
 		labelSelector: opts.LabelSelector,
-		namespace:     opts.Namespace,
 		context:       opts.Context,
 	}
 
diff --git a/vendor/github.com/storageos/go-api/health.go b/vendor/github.com/storageos/go-api/health.go
new file mode 100644
index 000000000000..f4a37807d59b
--- /dev/null
+++ b/vendor/github.com/storageos/go-api/health.go
@@ -0,0 +1,71 @@
+package storageos
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"net/http"
+
+	"github.com/storageos/go-api/types"
+)
+
+var (
+	// HealthAPIPrefix is a partial path to the HTTP endpoint.
+	HealthAPIPrefix = "health"
+)
+
+// CPHealth returns the health of the control plane server at a given url.
+func (c *Client) CPHealth(ctx context.Context, hostname string) (*types.CPHealthStatus, error) {
+
+	url := fmt.Sprintf("http://%s:%s/v1/%s", hostname, DefaultPort, HealthAPIPrefix)
+	req, err := http.NewRequest("GET", url, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	req.Header.Set("User-Agent", userAgent)
+	if c.username != "" && c.secret != "" {
+		req.SetBasicAuth(c.username, c.secret)
+	}
+
+	resp, err := c.HTTPClient.Do(req.WithContext(ctx))
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	var status *types.CPHealthStatus
+	if err := json.NewDecoder(resp.Body).Decode(&status); err != nil {
+		return nil, err
+	}
+
+	return status, nil
+}
+
+// DPHealth returns the health of the data plane server at a given url.
+func (c *Client) DPHealth(ctx context.Context, hostname string) (*types.DPHealthStatus, error) {
+
+	url := fmt.Sprintf("http://%s:%s/v1/%s", hostname, DataplaneHealthPort, HealthAPIPrefix)
+	req, err := http.NewRequest("GET", url, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	req.Header.Set("User-Agent", userAgent)
+	if c.username != "" && c.secret != "" {
+		req.SetBasicAuth(c.username, c.secret)
+	}
+
+	resp, err := c.HTTPClient.Do(req.WithContext(ctx))
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	var status *types.DPHealthStatus
+	if err := json.NewDecoder(resp.Body).Decode(&status); err != nil {
+		return nil, err
+	}
+
+	return status, nil
+}
diff --git a/vendor/github.com/storageos/go-api/logger.go b/vendor/github.com/storageos/go-api/logger.go
new file mode 100644
index 000000000000..6db812312638
--- /dev/null
+++ b/vendor/github.com/storageos/go-api/logger.go
@@ -0,0 +1,62 @@
+package storageos
+
+import (
+	"context"
+	"encoding/json"
+	"net/url"
+
+	"github.com/storageos/go-api/types"
+)
+
+var (
+	// LoggerAPIPrefix is a partial path to the HTTP endpoint.
+	LoggerAPIPrefix = "logs"
+)
+
+// LoggerConfig returns every cluster node's logging configuration.
+func (c *Client) LoggerConfig(opts types.ListOptions) ([]*types.Logger, error) {
+
+	listOpts := doOptions{
+		fieldSelector: opts.FieldSelector,
+		labelSelector: opts.LabelSelector,
+		context:       opts.Context,
+	}
+
+	if opts.LabelSelector != "" {
+		query := url.Values{}
+		query.Add("labelSelector", opts.LabelSelector)
+		listOpts.values = query
+	}
+
+	resp, err := c.do("GET", LoggerAPIPrefix+"/cluster/config", listOpts)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+	var loggers []*types.Logger
+	if err := json.NewDecoder(resp.Body).Decode(&loggers); err != nil {
+		return nil, err
+	}
+	return loggers, nil
+
+}
+
+// LoggerUpdate patches updates to logging configuration.  Fields to update must
+// be listed in the Fields value, and if a list of Nodes is given it will only
+// apply to the nodes listed.  Returns the updated configuration.
+func (c *Client) LoggerUpdate(opts types.LoggerUpdateOptions) ([]*types.Logger, error) {
+
+	resp, err := c.do("PATCH", LoggerAPIPrefix+"/cluster/config", doOptions{
+		data:    opts,
+		context: context.Background(),
+	})
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+	var loggers []*types.Logger
+	if err := json.NewDecoder(resp.Body).Decode(&loggers); err != nil {
+		return nil, err
+	}
+	return loggers, nil
+}
diff --git a/vendor/github.com/storageos/go-api/login.go b/vendor/github.com/storageos/go-api/login.go
new file mode 100644
index 000000000000..31b0a471f928
--- /dev/null
+++ b/vendor/github.com/storageos/go-api/login.go
@@ -0,0 +1,46 @@
+package storageos
+
+import (
+	"encoding/json"
+	"errors"
+)
+
+var (
+	// LoginAPIPrefix is a partial path to the HTTP endpoint.
+	LoginAPIPrefix = "auth/login"
+	ErrLoginFailed = errors.New("Failed to get token from API endpoint")
+)
+
+// Login attemps to get a token from the API
+func (c *Client) Login() (token string, err error) {
+	resp, err := c.do("POST", LoginAPIPrefix, doOptions{data: struct {
+		User string `json:"username"`
+		Pass string `json:"password"`
+	}{c.username, c.secret}})
+
+	if err != nil {
+		if _, ok := err.(*Error); ok {
+			return "", ErrLoginFailed
+		}
+
+		return "", err
+	}
+
+	if resp.StatusCode != 200 {
+		return "", ErrLoginFailed
+	}
+
+	unmarsh := struct {
+		Token string `json:"token"`
+	}{}
+
+	if err := json.NewDecoder(resp.Body).Decode(&unmarsh); err != nil {
+		return "", err
+	}
+
+	if unmarsh.Token == "" {
+		return "", ErrLoginFailed
+	}
+
+	return unmarsh.Token, nil
+}
diff --git a/vendor/github.com/storageos/go-api/netutil/errors.go b/vendor/github.com/storageos/go-api/netutil/errors.go
new file mode 100644
index 000000000000..245001e72c5d
--- /dev/null
+++ b/vendor/github.com/storageos/go-api/netutil/errors.go
@@ -0,0 +1,26 @@
+package netutil
+
+import (
+	"errors"
+	"fmt"
+	"github.com/storageos/go-api/serror"
+	"strings"
+)
+
+func errAllFailed(addrs []string) error {
+	msg := fmt.Sprintf("failed to dial all known cluster members, (%s)", strings.Join(addrs, ","))
+	help := "ensure that the value of $STORAGEOS_HOST (or the -H flag) is correct, and that there are healthy StorageOS nodes in this cluster"
+
+	return serror.NewTypedStorageOSError(serror.APIUncontactable, nil, msg, help)
+}
+
+func newInvalidNodeError(err error) error {
+	msg := fmt.Sprintf("invalid node format: %s", err)
+	help := "please check the format of $STORAGEOS_HOST (or the -H flag) complies with the StorageOS JOIN format"
+
+	return serror.NewTypedStorageOSError(serror.InvalidHostConfig, err, msg, help)
+}
+
+var errNoAddresses = errors.New("the MultiDialer instance has not been initialised with client addresses")
+var errUnsupportedScheme = errors.New("unsupported URL scheme")
+var errInvalidPortNumber = errors.New("invalid port number")
diff --git a/vendor/github.com/storageos/go-api/netutil/multidialer.go b/vendor/github.com/storageos/go-api/netutil/multidialer.go
new file mode 100644
index 000000000000..30a8226b1375
--- /dev/null
+++ b/vendor/github.com/storageos/go-api/netutil/multidialer.go
@@ -0,0 +1,109 @@
+package netutil
+
+import (
+	"context"
+	"math/rand"
+	"net"
+	"time"
+)
+
+var DefaultDialPort = "5705"
+
+func init() {
+	rand.Seed(time.Now().UnixNano())
+}
+
+// Dialer is an interface that matches *net.Dialer. The intention is to allow either the stdlib
+// dialer or a custom implementation to be passed to the MultiDialer constructor. This also makes
+// the component easier to test.
+type Dialer interface {
+	DialContext(context.Context, string, string) (net.Conn, error)
+}
+
+// MultiDialer is a custom net Dialer (to be used in a net.Transport field) that attemps to dial
+// out to any (potentialy many) of a set of pre-defined addresses. The intended use of this
+// function is to extend the functionality of the stdlib http.Client to transparently support
+// requests to any member of a given storageos cluster.
+type MultiDialer struct {
+	Addresses []string
+	Dialer    *net.Dialer
+}
+
+// NewMultiDialer returns a new MultiDialer instance, configured to dial out to the given set of
+// nodes. Nodes can be provided using a URL format (e.g. http://google.com:80), or a host-port pair
+// (e.g. localhost:4567).
+//
+// If a port number is omitted, the value of DefaultDialPort is used.
+// Given hostnames are resolved to IP addresses, and IP addresses are used verbatim.
+//
+// If called with a non-nil dialer, the MultiDialer instance will use this for internall dial
+// requests. If this value is nil, the function will initialise one with sane defaults.
+func NewMultiDialer(nodes []string, dialer *net.Dialer) (*MultiDialer, error) {
+	// If a dialer is not provided, initialise one with sane defaults
+	if dialer == nil {
+		dialer = &net.Dialer{
+			Timeout:   5 * time.Second,
+			KeepAlive: 5 * time.Second,
+		}
+	}
+
+	addrs, err := addrsFromNodes(nodes)
+	if err != nil {
+		return nil, err
+	}
+
+	return &MultiDialer{
+		Addresses: addrs,
+		Dialer:    dialer,
+	}, nil
+}
+
+// DialContext will dial each of the MultiDialer's internal addresses in a random order until one
+// successfully returns a connection, it has run out of addresses (returning ErrAllFailed), or the
+// given context has been closed.
+//
+// Due to the intrinsic behaviour of this function, any address passed to this function will be
+// ignored.
+func (m *MultiDialer) DialContext(ctx context.Context, network, ignoredAddress string) (net.Conn, error) {
+	if len(m.Addresses) == 0 {
+		return nil, newInvalidNodeError(errNoAddresses)
+	}
+
+	// Shuffle a copy of the addresses (for even load balancing)
+	addrs := make([]string, len(m.Addresses))
+	copy(addrs, m.Addresses)
+
+	// Fisher–Yates shuffle algorithm
+	for i := len(addrs) - 1; i > 0; i-- {
+		j := rand.Intn(i + 1)
+		addrs[i], addrs[j] = addrs[j], addrs[i]
+	}
+
+	// Try to dial each of these addresses in turn, or return on closed context
+	for _, addr := range addrs {
+		select {
+		case <-ctx.Done():
+			return nil, ctx.Err()
+
+		default:
+			// Create new child context for a single dial
+			dctx, cancel := context.WithTimeout(ctx, time.Second)
+			defer cancel()
+
+			conn, err := m.Dialer.DialContext(dctx, network, addr)
+			if err != nil {
+				continue
+			}
+
+			return conn, nil
+		}
+	}
+
+	// We failed to dail all of the addresses we have
+	return nil, errAllFailed(m.Addresses)
+}
+
+// Dial returns the result of a call to m.DialContext passing in the background context
+func (m *MultiDialer) Dial(network, addr string) (net.Conn, error) {
+	return m.DialContext(context.Background(), network, addr)
+}
diff --git a/vendor/github.com/storageos/go-api/netutil/parsers.go b/vendor/github.com/storageos/go-api/netutil/parsers.go
new file mode 100644
index 000000000000..a8a8701ffa07
--- /dev/null
+++ b/vendor/github.com/storageos/go-api/netutil/parsers.go
@@ -0,0 +1,142 @@
+package netutil
+
+import (
+	"net"
+	"net/url"
+	"strconv"
+	"strings"
+)
+
+// addrsFromNodes takes a list of node hosts and attempts to return a list of hosts in ip:port
+// format along with any error encountered.
+//
+// The function accepts node hosts in URL, ip, ip:port, resolvable-name and resolvable-name:port
+// formats and will append the default port value if needed.
+func addrsFromNodes(nodes []string) ([]string, error) {
+	var addrs []string
+
+	for _, n := range nodes {
+		switch {
+		// Assume that the node is provided as a URL
+		case strings.Contains(n, "://"):
+			newAddrs, err := parseURL(n)
+			if err != nil {
+				return nil, newInvalidNodeError(err)
+			}
+
+			addrs = append(addrs, newAddrs...)
+
+		// Assume the node is in hostname:port or ip:port format
+		case strings.Contains(n, ":"):
+			newAddrs, err := parseHostPort(n)
+			if err != nil {
+				return nil, newInvalidNodeError(err)
+			}
+
+			addrs = append(addrs, newAddrs...)
+
+		// Assume hostname or ip
+		default:
+			newAddrs, err := parseHost(n)
+			if err != nil {
+				return nil, newInvalidNodeError(err)
+			}
+
+			addrs = append(addrs, newAddrs...)
+		}
+	}
+
+	return addrs, nil
+}
+
+func validPort(port string) bool {
+	intPort, err := strconv.Atoi(port)
+
+	return (err == nil) &&
+		(intPort > 0) &&
+		(intPort <= 65535)
+}
+
+// parseURL takes a valid URL and verifies that it is using a correct scheme, has a resolvable
+// address (or is an IP) and has a valid port (or adds the default if the port is omitted). The
+// function then returns a list of addresses in ip:port format along with any error encountered.
+//
+// The function may return multiple addresses depending on the dns answer received when resolving
+// the host.
+func parseURL(node string) ([]string, error) {
+	url, err := url.Parse(node)
+	if err != nil {
+		return nil, err
+	}
+
+	// Verify a valid scheme
+	switch url.Scheme {
+	case "tcp", "http", "https":
+		host, port, err := net.SplitHostPort(url.Host)
+		if err != nil {
+			// We could be here as there is no port, lets try one last time with default port added
+			host, port, err = net.SplitHostPort(url.Host + ":" + DefaultDialPort)
+			if err != nil {
+				return nil, err
+			}
+		}
+
+		if !validPort(port) {
+			return nil, errInvalidPortNumber
+		}
+
+		// LookupHost works for IP addr too
+		addrs, err := net.LookupHost(host)
+		if err != nil {
+			return nil, err
+		}
+
+		for i, a := range addrs {
+			addrs[i] = a + ":" + port
+		}
+
+		return addrs, nil
+
+	default:
+		return nil, errUnsupportedScheme
+	}
+}
+
+// parseHostPort takes a string in host:port format and checks it has a resolvable address (or is
+// an IP) and a valid port (or adds the default if the port is omitted). The function then returns
+// a list of addresses in ip:port format along with any error encountered.
+//
+// The function may return multiple addresses depending on the dns answer received when resolving
+// the host.
+func parseHostPort(node string) ([]string, error) {
+	host, port, err := net.SplitHostPort(node)
+	if err != nil {
+		return nil, err
+	}
+
+	if !validPort(port) {
+		return nil, errInvalidPortNumber
+	}
+
+	// LookupHost works for IP addr too
+	addrs, err := net.LookupHost(host)
+	if err != nil {
+		return nil, err
+	}
+
+	for i, a := range addrs {
+		addrs[i] = a + ":" + port
+	}
+
+	return addrs, nil
+}
+
+// parseHostPort takes a hostname string and checks it is resolvable to an address (or is already
+// an IP) The function then returns a list of addresses in ip:port format (where port is the
+// default port) along with any error encountered.
+//
+// The function may return multiple addresses depending on the dns answer received when resolving
+// the host.
+func parseHost(node string) ([]string, error) {
+	return parseHostPort(node + ":" + DefaultDialPort)
+}
diff --git a/vendor/github.com/storageos/go-api/policy.go b/vendor/github.com/storageos/go-api/policy.go
new file mode 100644
index 000000000000..e2539c5b113a
--- /dev/null
+++ b/vendor/github.com/storageos/go-api/policy.go
@@ -0,0 +1,103 @@
+package storageos
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"github.com/storageos/go-api/types"
+	"net/http"
+	"net/url"
+)
+
+var (
+
+	// PolicyAPIPrefix is a partial path to the HTTP endpoint.
+	PolicyAPIPrefix = "policies"
+
+	// ErrNoSuchPolicy is the error returned when the policy does not exist.
+	ErrNoSuchPolicy = errors.New("no such policy")
+)
+
+// nopMarshaler is an alias to a []byte that implements json.Marshaler
+// it bypasses the base64 encoded string representation that json will give byte slices.
+// It should only be used to wrap []byte types containing pre-rendered valid json that will later
+// (out of the caller's control) be run through json.Marshal
+type nopMarshaler []byte
+
+func (n *nopMarshaler) MarshalJSON() ([]byte, error) {
+	return *n, nil
+}
+
+// PolicyCreate creates a policy on the server.
+func (c *Client) PolicyCreate(jsonl []byte, ctx context.Context) error {
+	nopm := nopMarshaler(jsonl)
+	_, err := c.do("POST", PolicyAPIPrefix, doOptions{
+		data:    &nopm,
+		context: ctx,
+		headers: map[string]string{"Content-Type": "application/x-jsonlines"},
+	})
+	return err
+}
+
+// Policy returns a policy on the server by ID.
+func (c *Client) Policy(id string) (*types.Policy, error) {
+	path := fmt.Sprintf("%s/%s", PolicyAPIPrefix, id)
+	resp, err := c.do("GET", path, doOptions{})
+	if err != nil {
+		if e, ok := err.(*Error); ok && e.Status == http.StatusNotFound {
+			return nil, ErrNoSuchPolicy
+		}
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	var policy *types.Policy
+	if err := json.NewDecoder(resp.Body).Decode(&policy); err != nil {
+		return nil, err
+	}
+	return policy, nil
+}
+
+// PolicyList returns the list of policies on the server.
+func (c *Client) PolicyList(opts types.ListOptions) (types.PolicySet, error) {
+	listOpts := doOptions{
+		fieldSelector: opts.FieldSelector,
+		labelSelector: opts.LabelSelector,
+		namespace:     opts.Namespace,
+		context:       opts.Context,
+	}
+
+	if opts.LabelSelector != "" {
+		query := url.Values{}
+		query.Add("labelSelector", opts.LabelSelector)
+		listOpts.values = query
+	}
+
+	resp, err := c.do("GET", PolicyAPIPrefix, listOpts)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	var policies types.PolicySet
+	if err := json.NewDecoder(resp.Body).Decode(&policies); err != nil {
+		return nil, err
+	}
+	return policies, nil
+}
+
+// PolicyDelete deletes a policy on the server by ID.
+func (c *Client) PolicyDelete(opts types.DeleteOptions) error {
+	resp, err := c.do("DELETE", PolicyAPIPrefix+"/"+opts.Name, doOptions{})
+	if err != nil {
+		if e, ok := err.(*Error); ok {
+			if e.Status == http.StatusNotFound {
+				return ErrNoSuchPolicy
+			}
+		}
+		return err
+	}
+	defer resp.Body.Close()
+	return nil
+}
diff --git a/vendor/github.com/storageos/go-api/rule.go b/vendor/github.com/storageos/go-api/rule.go
index d1d8f4e00bb3..a187e2569c29 100644
--- a/vendor/github.com/storageos/go-api/rule.go
+++ b/vendor/github.com/storageos/go-api/rule.go
@@ -72,10 +72,15 @@ func (c *Client) Rule(namespace string, ref string) (*types.Rule, error) {
 
 // RuleCreate creates a rule on the server and returns the new object.
 func (c *Client) RuleCreate(opts types.RuleCreateOptions) (*types.Rule, error) {
-	resp, err := c.do("POST", RuleAPIPrefix, doOptions{
-		data:      opts,
-		namespace: opts.Namespace,
-		context:   opts.Context,
+	path, err := namespacedPath(opts.Namespace, RuleAPIPrefix)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := c.do("POST", path, doOptions{
+		data: opts,
+		// namespace: opts.Namespace,
+		context: opts.Context,
 	})
 	if err != nil {
 		return nil, err
diff --git a/vendor/github.com/storageos/go-api/serror/error_kind.go b/vendor/github.com/storageos/go-api/serror/error_kind.go
new file mode 100644
index 000000000000..53531398769f
--- /dev/null
+++ b/vendor/github.com/storageos/go-api/serror/error_kind.go
@@ -0,0 +1,11 @@
+package serror
+
+//go:generate stringer -type=StorageOSErrorKind error_kind.go
+type StorageOSErrorKind int
+
+// Known error kinds
+const (
+	UnknownError StorageOSErrorKind = iota
+	APIUncontactable
+	InvalidHostConfig
+)
diff --git a/vendor/github.com/storageos/go-api/serror/kind_lookup_map.go b/vendor/github.com/storageos/go-api/serror/kind_lookup_map.go
new file mode 100644
index 000000000000..f96ce6a9d9ad
--- /dev/null
+++ b/vendor/github.com/storageos/go-api/serror/kind_lookup_map.go
@@ -0,0 +1,37 @@
+package serror
+
+import (
+	"encoding/json"
+	"fmt"
+	"strings"
+)
+
+var kindLookupMap map[string]StorageOSErrorKind
+
+func init() {
+	kindLookupMap = make(map[string]StorageOSErrorKind)
+
+	// Populate the lookup map with all the known constants
+	for i := StorageOSErrorKind(0); !strings.HasPrefix(i.String(), "StorageOSErrorKind("); i++ {
+		kindLookupMap[i.String()] = i
+	}
+}
+
+func (s *StorageOSErrorKind) UnmarshalJSON(b []byte) error {
+	str := ""
+	if err := json.Unmarshal(b, &str); err != nil {
+		return err
+	}
+
+	v, ok := kindLookupMap[str]
+	if !ok {
+		return fmt.Errorf("Failed to unmarshal ErrorKind %s", s)
+	}
+
+	*s = v
+	return nil
+}
+
+func (s *StorageOSErrorKind) MarshalJSON() ([]byte, error) {
+	return json.Marshal(s.String())
+}
diff --git a/vendor/github.com/storageos/go-api/serror/storageos_error.go b/vendor/github.com/storageos/go-api/serror/storageos_error.go
new file mode 100644
index 000000000000..332c19ad677a
--- /dev/null
+++ b/vendor/github.com/storageos/go-api/serror/storageos_error.go
@@ -0,0 +1,34 @@
+package serror
+
+import (
+	"encoding/json"
+)
+
+type StorageOSError interface {
+	// embedding error provides compatibility with standard error handling code
+	error
+
+	// Encoding/decoding methods to help errors traverse API boundaries
+	json.Marshaler
+	json.Unmarshaler
+
+	Err() error               // Returns the underlying error that caused this event
+	String() string           // A short string representing the error (for logging etc)
+	Help() string             // A larger string that should provide informative debug instruction to users
+	Kind() StorageOSErrorKind // A type representing a set of known error conditions, helpful to switch on
+	Extra() map[string]string // A container for error specific information
+
+	// TODO: should we include callstack traces here? We could have a debug mode for it.
+}
+
+func ErrorKind(err error) StorageOSErrorKind {
+	if serr, ok := err.(StorageOSError); ok {
+		return serr.Kind()
+	}
+	return UnknownError
+}
+
+func IsStorageOSError(err error) bool {
+	_, ok := err.(StorageOSError)
+	return ok
+}
diff --git a/vendor/github.com/storageos/go-api/serror/storageoserrorkind_string.go b/vendor/github.com/storageos/go-api/serror/storageoserrorkind_string.go
new file mode 100644
index 000000000000..fafdccc74609
--- /dev/null
+++ b/vendor/github.com/storageos/go-api/serror/storageoserrorkind_string.go
@@ -0,0 +1,16 @@
+// Code generated by "stringer -type=StorageOSErrorKind error_kind.go"; DO NOT EDIT.
+
+package serror
+
+import "strconv"
+
+const _StorageOSErrorKind_name = "UnknownErrorAPIUncontactableInvalidHostConfig"
+
+var _StorageOSErrorKind_index = [...]uint8{0, 12, 28, 45}
+
+func (i StorageOSErrorKind) String() string {
+	if i < 0 || i >= StorageOSErrorKind(len(_StorageOSErrorKind_index)-1) {
+		return "StorageOSErrorKind(" + strconv.FormatInt(int64(i), 10) + ")"
+	}
+	return _StorageOSErrorKind_name[_StorageOSErrorKind_index[i]:_StorageOSErrorKind_index[i+1]]
+}
diff --git a/vendor/github.com/storageos/go-api/serror/typed_error.go b/vendor/github.com/storageos/go-api/serror/typed_error.go
new file mode 100644
index 000000000000..553adec43981
--- /dev/null
+++ b/vendor/github.com/storageos/go-api/serror/typed_error.go
@@ -0,0 +1,64 @@
+package serror
+
+import (
+	"encoding/json"
+)
+
+func NewTypedStorageOSError(kind StorageOSErrorKind, err error, msg string, help string) StorageOSError {
+	return &typedStorageOSError{
+		internal: &internal_TypedStorageOSError{
+			ErrorKind:   &kind,
+			Cause:       err,
+			ErrMessage:  msg,
+			HelpMessage: help,
+		},
+	}
+}
+
+func NewUntypedStorageOSError(err error, msg string, help string) StorageOSError {
+	var kind StorageOSErrorKind = UnknownError
+
+	return &typedStorageOSError{
+		internal: &internal_TypedStorageOSError{
+			ErrorKind:   &kind,
+			Cause:       err,
+			ErrMessage:  msg,
+			HelpMessage: help,
+		},
+	}
+}
+
+type internal_TypedStorageOSError struct {
+	ErrorKind   *StorageOSErrorKind `json:"error_kind"`
+	Cause       error               `json:"caused_by"`
+	ErrMessage  string              `json:"error_message"`
+	HelpMessage string              `json:"help_message"`
+	ExtraMap    map[string]string   `json:"extra"`
+}
+
+type typedStorageOSError struct {
+	internal *internal_TypedStorageOSError
+}
+
+func (t *typedStorageOSError) MarshalJSON() ([]byte, error) {
+	return json.Marshal(t.internal)
+}
+
+func (t *typedStorageOSError) UnmarshalJSON(d []byte) error {
+	internal := &internal_TypedStorageOSError{}
+
+	err := json.Unmarshal(d, internal)
+	if err != nil {
+		return err
+	}
+
+	t.internal = internal
+	return nil
+}
+
+func (t *typedStorageOSError) Error() string            { return t.String() }
+func (t *typedStorageOSError) Err() error               { return t.internal.Cause }
+func (t *typedStorageOSError) String() string           { return t.internal.ErrMessage }
+func (t *typedStorageOSError) Help() string             { return t.internal.HelpMessage }
+func (t *typedStorageOSError) Kind() StorageOSErrorKind { return *t.internal.ErrorKind }
+func (t *typedStorageOSError) Extra() map[string]string { return t.internal.ExtraMap }
diff --git a/vendor/github.com/storageos/go-api/swagger-gen.yaml b/vendor/github.com/storageos/go-api/swagger-gen.yaml
deleted file mode 100644
index f07a02737f73..000000000000
--- a/vendor/github.com/storageos/go-api/swagger-gen.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-
-layout:
-  models:
-    - name: definition
-      source: asset:model
-      target: "{{ joinFilePath .Target .ModelPackage }}"
-      file_name: "{{ (snakize (pascalize .Name)) }}.go"
-  operations:
-    - name: handler
-      source: asset:serverOperation
-      target: "{{ joinFilePath .Target .APIPackage .Package }}"
-      file_name: "{{ (snakize (pascalize .Name)) }}.go"
diff --git a/vendor/github.com/storageos/go-api/swagger.yaml b/vendor/github.com/storageos/go-api/swagger.yaml
deleted file mode 100644
index 0b7d28b1a3cd..000000000000
--- a/vendor/github.com/storageos/go-api/swagger.yaml
+++ /dev/null
@@ -1,854 +0,0 @@
-
-# A Swagger 2.0 (a.k.a. OpenAPI) definition of the StorageOS API.
-#
-# This is used for generating API documentation and the types used by the
-# client/server. See api/README.md for more information.
-#
-# Some style notes:
-# - This file is used by ReDoc, which allows GitHub Flavored Markdown in
-#   descriptions.
-# - There is no maximum line length, for ease of editing and pretty diffs.
-# - operationIds are in the format "NounVerb", with a singular noun.
-
-swagger: "2.0"
-schemes:
-  - "http"
-  - "https"
-produces:
-  - "application/json"
-  - "text/plain"
-consumes:
-  - "application/json"
-  - "text/plain"
-basePath: "/v1"
-info:
-  title: "StorageOS API"
-  version: "0.7"
-  x-logo:
-    url: "http://storageos.wpengine.com/wp-content/uploads/2017/03/cropped-logo-1.png"
-  description: |
-    The StorageOS API is an HTTP API used for managing volumes and StorageOS services. It is the API that the StorageOS UI, CLI and platform integrations use to communicate with the StorageOS backend.
-
-    # Errors
-
-    The API uses standard HTTP status codes to indicate the success or failure of the API call. The body of the response will be JSON in the following format:
-    ```
-    {
-      "message": "page not found"
-    }
-    ```
-# The tags on paths define the menu sections in the ReDoc documentation, so
-# the usage of tags must make sense for that:
-# - They should be singular, not plural.
-# - There should not be too many tags, or the menu becomes unwieldy. For
-#   example, it is preferable to add a path to the "System" tag instead of
-#   creating a tag with a single path in it.
-# - The order of tags in this list defines the order in the menu.
-tags:
-  # Primary objects
-  - name: "Volume"
-    x-displayName: "Volumes"
-    description: |
-      Create and manage volumes.
-  - name: "Pool"
-    x-displayName: "Pools"
-    description: |
-      Create and manage distributed capacity pools.
-
-definitions:
-
-  ErrorResponse:
-    description: "Represents an error."
-    type: "object"
-    required: ["message"]
-    properties:
-      message:
-        description: "The error message."
-        type: "string"
-        x-nullable: false
-    example:
-      message: "Something went wrong."
-
-  Deployment:
-    type: "object"
-    description: "Volume master or replica deployment details."
-    properties:
-      ID:
-        type: "string"
-        readOnly: true
-      Controller:
-        type: "string"
-        readOnly: true
-      Inode:
-        type: "integer"
-        format: "uint32"
-        readOnly: true
-      Status:
-        type: "string"
-        readOnly: true
-      Health:
-        type: "string"
-        readOnly: true
-      CreatedAt:
-        type: "string"
-        format: "datetime"
-        readOnly: true
-
-  VolumeCreateOptions:
-    type: "object"
-    description: "Parameters available for creating new volumes."
-    required: [Name]
-    properties:
-      Name:
-        description: "Volume name."
-        type: "string"
-        x-nullable: false
-      Description:
-        type: "string"
-        x-nullable: false
-        description: "Volume description."
-      Size:
-        type: "integer"
-        description: "Size in GB (if 0 or not specified, then defaults to 10 GB)."
-        x-nullable: false
-      Pool:
-        type: "string"
-        description: "Name of capacity pool to provision the volume in, or the name of the current pool."
-      Labels:
-        type: "object"
-        description: "User-defined key/value metadata."
-        x-nullable: false
-        additionalProperties:
-          type: "string"
-
-  VolumeUpdateOptions:
-    type: "object"
-    description: "Parameters available for updating existing volumes."
-    properties:
-      Description:
-        type: "string"
-        x-nullable: false
-        description: "Volume description."
-      Size:
-        type: "integer"
-        description: "Size in GB."
-        x-nullable: false
-      Labels:
-        type: "object"
-        description: "User-defined key/value metadata."
-        x-nullable: false
-        additionalProperties:
-          type: "string"
-
-  # VolumeMountOptions:
-  #   type: "object"
-  #   description: "Parameters available for mounting volumes."
-  #   properties:
-  #     ID:
-  #       type: "string"
-  #       x-nullable: false
-  #       description: "Volume unique ID."
-  #     Name:
-  #       description: "Volume name."
-  #       type: "string"
-  #       x-nullable: false
-  #     Namespace:
-  #       description: "The object scope, such as for teams and projects."
-  #       type: "string"
-  #       x-nullable: false
-  #     Client:
-  #       type: "string"
-  #       x-nullable: false
-  #       description: "Hostname of the client performing the mount."
-  #
-  # VolumeUnmountOptions:
-  #   type: "object"
-  #   description: "Parameters available for unmounting volumes."
-  #   properties:
-  #     ID:
-  #       type: "string"
-  #       x-nullable: false
-  #       description: "Volume unique ID."
-  #     Name:
-  #       description: "Volume name."
-  #       type: "string"
-  #       x-nullable: false
-  #     Namespace:
-  #       description: "The object scope, such as for teams and projects."
-  #       type: "string"
-  #       x-nullable: false
-  #     Client:
-  #       type: "string"
-  #       x-nullable: false
-  #       description: "Hostname of the client performing the unmount."
-
-  # ListOptions:
-  #   type: "object"
-  #   description: "Parameters for finding volumes."
-  #   properties:
-  #     LabelSelector:
-  #       description: "A selector to restrict the list of returned objects by their labels. Defaults to everything."
-  #       type: "string"
-  #     FieldSelector:
-  #       type: "string"
-  #       description: "A selector to restrict the list of returned objects by their fields. Defaults to everything."
-  #     TimeoutSeconds:
-  #       type: "integer"
-  #       description: "Timeout for the list call."
-  #     Namespace:
-  #       type: "string"
-  #       description: "Object name and auth scope, such as for teams and projects"
-
-  Volume:
-    type: "object"
-    description: "A storage volume."
-    required: [Name, Size]
-    properties:
-      ID:
-        description: "Volume unique ID."
-        type: "string"
-        x-nullable: false
-        readOnly: true
-      Name:
-        description: "Volume name."
-        type: "string"
-        x-nullable: false
-      Description:
-        type: "string"
-        x-nullable: false
-        description: "Volume description."
-      Size:
-        type: integer
-        description: "Size in GB."
-        x-nullable: false
-      Pool:
-        type: "string"
-        description: "Name of capacity pool to provision the volume in, or the name of the current pool."
-      Labels:
-        type: "object"
-        description: "User-defined key/value metadata."
-        x-nullable: false
-        additionalProperties:
-          type: "string"
-      Master:
-        $ref: "#/definitions/Deployment"
-      Replicas:
-        type: "array"
-        description: "Volume deployment information for the replica volumes."
-        items:
-          $ref: "#/definitions/Deployment"
-        readOnly: true
-      Status:
-        type: "string"
-        description: "Short status, one of: pending, evaluating, deploying, active, unavailable, failed, updating, deleting."
-        readOnly: true
-      StatusMessage:
-        type: "string"
-        description: "Status message explaining current status."
-        readOnly: true
-      Health:
-        type: "string"
-        description: "Volume health, one of: healthy, degraded or dead."
-        readOnly: true
-      Inode:
-        type: "integer"
-        format: "uint32"
-        description: "Block device inode."
-        readOnly: true
-      Deleted:
-        type: "boolean"
-        description: "Flag indicating if the volume has been deleted and is waiting for scrubbing."
-        readOnly: true
-      Mounted:
-        type: "boolean"
-        description: "Flag indicating if the volume is mounted and in use."
-        readOnly: true
-      MountedBy:
-        type: "string"
-        description: "Reference to the node that has the volume mounted."
-        readOnly: true
-      Mountpoint:
-        type: "string"
-        description: "Mountpoint where the volume was mounted."
-        readOnly: true  
-      MountedAt:
-        type: "string"
-        format: "dateTime"
-        description: "When the volume was mounted."
-        readOnly: true
-      CreatedBy:
-        type: "string"
-        description: "User that created the volume."
-        readOnly: true
-      CreatedAt:
-        type: "string"
-        format: "dateTime"
-        description: "When the volume was created."
-        readOnly: true
-    example:
-      Name: vol01
-      Size: 5
-      Labels:
-        com.example.some-label: "some-value"
-        com.example.some-other-label: "some-other-value"
-
-  PoolCreateOptions:
-    type: "object"
-    description: "Parameters available for creating new pools."
-    required: [Name]
-    properties:
-      Name:
-        description: "Pool name."
-        type: "string"
-        x-nullable: false
-      Description:
-        type: "string"
-        x-nullable: false
-        description: "Pool description."
-      Default:
-        type: "boolean"
-        description: "Default determines whether this pool is the default if a volume is provisioned without a pool specified.  There can only be one default pool."
-        x-nullable: false
-      DefaultDriver:
-        type: "string"
-        x-nullable: false
-        description: "DefaultDriver specifies the storage driver to use by default if there are multiple drivers in the pool and no driver was specified in the provisioning request or assigned by rules.  If no driver was specified and no default set, driver weight is used to determine the default."
-      ControllerNames:
-        type: "array"
-        description: "ControllerNames is a list of controller names that are participating in the storage pool."
-        items:
-          type: "string"
-      DriverNames:
-        type: "array"
-        description: "DriverNames is a list of backend storage drivers that are available in the storage pool."
-        items:
-          type: "string"
-      Active:
-        type: "boolean"
-        x-nullable: false
-        description: "Flag describing whether rule is active."
-        default: false
-      Labels:
-        type: "object"
-        description: "Labels define a list of labels that describe the pool."
-        additionalProperties:
-          type: "string"
-
-  Pool:
-    type: "object"
-    description: |
-      Pools are used to define distributed capacity that can be used to provision
-      volumes from.  Typically, each server that makes storage available will be
-      added to one or more pools.
-
-      Capacity drivers are also added to the pool to determine which backend
-      storage driver to use.  Currently this is limited to a single type of
-      driver per pool, but in the future we will allow multiple, allowing for
-      dynamic tiering and snapshots from one driver type to another.
-    required: [Name]
-    properties:
-      ID:
-        description: "Pool unique ID."
-        type: "string"
-        x-nullable: false
-        readOnly: true
-      Name:
-        description: "Pool name."
-        type: "string"
-        x-nullable: false
-      Description:
-        type: "string"
-        x-nullable: false
-        description: "Pool description."
-      Default:
-        type: "boolean"
-        x-nullable: false
-        description: |
-          Default determines whether this pool is the default if a volume is
-          provisioned without a pool specified.  There can only be one default
-          pool.
-      DefaultDriver:
-        type: "string"
-        description: |
-          DefaultDriver specifies the storage driver to use by default if there
-          are multiple drivers in the pool and no driver was specified in the
-          provisioning request or assigned by rules.  If no driver was specified
-          and no default set, driver weight is used to determine the default.
-      ControllerNames:
-        type: "array"
-        description: "ControllerNames is a list of controller names that are participating in the storage pool."
-        items:
-          type: "string"
-      DriverNames:
-        type: "array"
-        description: "DriverNames is a list of backend storage drivers that are available in the storage pool."
-        items:
-          type: "string"
-      DriverInstances:
-        $ref: "#/definitions/DriverInstances"
-      Active:
-        type: "boolean"
-        x-nullable: false
-        description: "Flag describing whether rule is active."
-        default: false
-      CapacityStats:
-        $ref: "#/definitions/CapacityStats"
-      Labels:
-        type: "object"
-        description: "Labels define a list of labels that describe the pool."
-        additionalProperties:
-          type: "string"
-
-  Rule:
-    type: "object"
-    description: "A policy rule."
-    required: [Name]
-    properties:
-      ID:
-        description: "Rule unique ID."
-        type: "string"
-        x-nullable: false
-        readOnly: true
-      Name:
-        description: "Rule name."
-        type: "string"
-        x-nullable: false
-      Description:
-        type: "string"
-        x-nullable: false
-        description: "Rule description."
-      Active:
-        type: "boolean"
-        x-nullable: false
-        description: "Flag describing whether rule is active."
-        default: false
-      Weight:
-        type: "integer"
-        x-nullable: false
-        description: |
-          "Weight is used to determine order during rule processing.  Rules with heavier weights are processed later."
-        default: 0
-      Operator:
-        type: "string"
-        description: "Operator is used to compare objects or labels."
-        enum:
-          - "!"
-          - "="
-          - "=="
-          - "in"
-          - "!="
-          - "notin"
-          - "exists"
-          - "gt"
-          - "lt"
-      RuleAction:
-        type: "string"
-        description: "RuleAction controls whether the action is to add or remove a label from the matching object(s)."
-        enum:
-          - "add"
-          - "remove"
-        default: "add"
-      Selectors:
-        type: "object"
-        description: "Selectors defines the list of labels that should trigger a rule."
-        additionalProperties:
-          type: "string"
-      Labels:
-        type: "object"
-        description: "Labels define the list of labels that will be added or removed from the matching object(s).."
-        additionalProperties:
-          type: "string"
-
-  CapacityStats:
-    type: "object"
-    description: "CapacityStats is used to report capacity statistics on pools and controllers."
-    properties:
-      TotalCapacityBytes:
-        description: "TotalCapacityBytes is the object's total capacity in bytes."
-        type: "integer"
-        readOnly: true
-      AvailableCapacityBytes:
-        description: "AvailableCapacityBytes is the object's available capacity in bytes."
-        type: "integer"
-        readOnly: true
-      ProvisionedCapacityBytes:
-        description: "ProvisionedCapacityBytes is the object's provisioned capacity in bytes."
-        type: "integer"
-        readOnly: true
-
-  DriverInstances:
-    type: "object"
-    description: "DriverInstances shows the internal configuration and state of each driver on all the nodes in the pool. Data within DriverInstances can not be modified directly."
-    properties:
-      ID:
-        description: "Instance unique ID."
-        type: "string"
-        x-nullable: false
-        readOnly: true
-      Name:
-        description: "Instance name."
-        type: "string"
-        x-nullable: false
-        readOnly: true
-      Description:
-        description: "Instance description."
-        type: "string"
-        x-nullable: false
-        readOnly: true
-      Active:
-        description: "Flag describing whether the template is active."
-        type: "boolean"
-        x-nullable: false
-        readOnly: true
-      Config:
-        description: "Config is JSON struct that is passed directly to the driver.  There is no specific format, and the driver is responsible for validation."
-        type: "object"
-        readOnly: true
-        additionalProperties:
-          type: "string"
-      Labels:
-        description: "Labels define a list of labels that describe the driver instance.  These are inherited from the pool when the driver instance is created."
-        type: "object"
-        readOnly: true
-        additionalProperties:
-          type: "string"
-      ControllerName:
-        description: "ControllerName specifies the controller that this instance is running on."
-        type: "string"
-        x-nullable: false
-        readOnly: true
-      PoolID:
-        description: "PoolID refers to the pool that this driver instance relates to."
-        type: "string"
-        x-nullable: false
-        readOnly: true
-      DriverName:
-        description: "DriverName specifies which capacity driver this is an instance of."
-        type: "string"
-        x-nullable: false
-        readOnly: true
-      CapacityStats:
-        $ref: "#/definitions/CapacityStats"
-
-parameters:
-  Name:
-    name: "name"
-    in: "path"
-    type: "string"
-    description: "Volume name or ID."
-    required: true
-  Namespace:
-    name: "namespace"
-    in: "path"
-    type: "string"
-    description: "Object name and auth scope, such as for teams and projects."
-    required: true
-  NamespaceQuery:
-    name: "namespace"
-    in: "query"
-    type: "string"
-    description: "Object name and auth scope, such as for teams and projects."
-    default: "default"
-  LabelSelector:
-    name: "labelSelector"
-    in: "query"
-    description: "A selector to restrict the list of returned objects by their labels. Defaults to everything."
-    type: "string"
-  FieldSelector:
-    name: "fieldSelector"
-    in: "query"
-    type: "string"
-    description: "A selector to restrict the list of returned objects by their fields. Defaults to everything."
-  TimeoutSeconds:
-    name: "timeoutSeconds"
-    in: "query"
-    type: "integer"
-    description: "Timeout for the list call."
-
-paths:
-  /namespaces/{namespace}/volumes:
-    get:
-      summary: "List volumes"
-      description: "List of volumes that match the query."
-      produces:
-        - "application/json"
-      tags: ["Volume"]
-      parameters:
-        - name: "namespace"
-          in: "path"
-          required: true
-          description: "The object scope, such as for teams and projects."
-          type: "string"
-        - $ref: "#/parameters/LabelSelector"
-        - $ref: "#/parameters/FieldSelector"
-        - $ref: "#/parameters/TimeoutSeconds"
-        - $ref: "#/parameters/NamespaceQuery"
-      responses:
-        200:
-          description: "Success"
-          schema:
-            type: "array"
-            items:
-              $ref: "#/definitions/Volume"
-        500:
-          description: "Server error"
-          schema:
-            $ref: "#/definitions/ErrorResponse"
-    post:
-      summary: "Create volume"
-      description: "Provisions a new volume."
-      produces:
-        - "application/json"
-      tags: ["Volume"]
-      parameters:
-        - $ref: "#/parameters/Namespace"
-        - name: "VolumeCreateOptions"
-          in: "body"
-          schema:
-            $ref: "#/definitions/VolumeCreateOptions"
-      responses:
-        201:
-          description: "Volume created successfully"
-          schema:
-            $ref: "#/definitions/Volume"
-        401:
-          description: "Unauthorized"
-        409:
-          description: "Volume with name already exists"
-        500:
-          description: "Server error"
-          schema:
-            $ref: "#/definitions/ErrorResponse"
-  /namespaces/{namespace}/volumes/{name}:
-    get:
-      summary: "Get a volume"
-      description: "Gets a volume by name or ID.  Returns to whole volume object."
-      produces:
-        - "application/json"
-      tags: ["Volume"]
-      parameters:
-        - $ref: "#/parameters/Name"
-        - $ref: "#/parameters/Namespace"
-      responses:
-        200:
-          description: "Success"
-          schema:
-            $ref: "#/definitions/Volume"
-        401:
-          description: "Unauthorized"
-        404:
-          description: "Not found"
-          schema:
-            $ref: "#/definitions/ErrorResponse"
-        407:
-          description: "Volume already exists"
-        500:
-          description: "Server error"
-          schema:
-            $ref: "#/definitions/ErrorResponse"
-    put:
-      summary: "Update volume"
-      description: "Updates an existing volume."
-      produces:
-        - "application/json"
-      tags: ["Volume"]
-      parameters:
-        - $ref: "#/parameters/Name"
-        - $ref: "#/parameters/Namespace"
-        - name: "VolumeUpdateOptions"
-          in: "body"
-          schema:
-            $ref: "#/definitions/VolumeUpdateOptions"
-      responses:
-        200:
-          description: "Success"
-          schema:
-            $ref: "#/definitions/Volume"
-        401:
-          description: "Unauthorized"
-        500:
-          description: "Server error"
-          schema:
-            $ref: "#/definitions/ErrorResponse"
-    delete:
-      summary: "Delete volume"
-      description: "Deletes a volume."
-      produces:
-        - "application/json"
-      tags: ["Volume"]
-      parameters:
-        - name: "namespace"
-          in: "path"
-          required: true
-          description: "The object scope, such as for teams and projects."
-          type: "string"
-        - name: "name"
-          in: "path"
-          required: true
-          description: "Volume name or ID."
-          type: "string"
-      responses:
-        200:
-          description: "Success"
-        401:
-          description: "Unauthorized"
-        407:
-          description: "Volume in use"
-        500:
-          description: "Server error"
-          schema:
-            $ref: "#/definitions/ErrorResponse"
-  /namespaces/{namespace}/volumes/{name}/mount:
-    post:
-      summary: "Mount volume"
-      description: "Updates the mount reference for the volume."
-      produces:
-        - "application/json"
-      tags: ["Volume"]
-      parameters:
-        - $ref: "#/parameters/Name"
-        - $ref: "#/parameters/Namespace"
-        - name: "client"
-          in: "body"
-          description: "Hostname of the client mounting the volume"
-          required: true
-          schema:
-            type: "string"
-      responses:
-        200:
-          description: "Success"
-          schema:
-            $ref: "#/definitions/Volume"
-        401:
-          description: "Unauthorized"
-        407:
-          description: "Volume already mounted"
-        500:
-          description: "Server error"
-          schema:
-            $ref: "#/definitions/ErrorResponse"
-  /namespaces/{namespace}/volumes/{name}/unmount:
-    post:
-      summary: "Mount volume"
-      description: "Updates the mount reference for the volume."
-      produces:
-        - "application/json"
-      tags: ["Volume"]
-      parameters:
-        - $ref: "#/parameters/Name"
-        - $ref: "#/parameters/Namespace"
-        - name: "client"
-          in: "body"
-          description: "Hostname of the client mounting the volume"
-          required: true
-          schema:
-            type: "string"
-      responses:
-        200:
-          description: "Success"
-          schema:
-            $ref: "#/definitions/Volume"
-        401:
-          description: "Unauthorized"
-        407:
-          description: "Volume not mounted"
-        500:
-          description: "Server error"
-          schema:
-            $ref: "#/definitions/ErrorResponse"
-  /pools:
-    get:
-      summary: "List pools"
-      description: "List of pools that match the query."
-      produces:
-        - "application/json"
-      tags: ["Pool"]
-      #parameters:
-      #  - $ref: "#/parameters/LabelSelector"
-      #  - $ref: "#/parameters/FieldSelector"
-      #  - $ref: "#/parameters/TimeoutSeconds"
-      #  - $ref: "#/parameters/NamespaceQuery"
-      responses:
-        200:
-          description: "Success"
-          schema:
-            type: "array"
-            items:
-              $ref: "#/definitions/Pool"
-        500:
-          description: "Server error"
-          schema:
-            $ref: "#/definitions/ErrorResponse"
-    post:
-      summary: "Create pool"
-      description: "Provisions a new pool."
-      produces:
-        - "application/json"
-      tags: ["Pool"]
-      parameters:
-        - name: "PoolCreateOptions"
-          in: "body"
-          schema:
-            $ref: "#/definitions/PoolCreateOptions"
-      responses:
-        201:
-          description: "Pool created successfully"
-          schema:
-            $ref: "#/definitions/Pool"
-        401:
-          description: "Unauthorized"
-        409:
-          description: "Pool with name already exists"
-        500:
-          description: "Server error"
-          schema:
-            $ref: "#/definitions/ErrorResponse"
-  /pools/{name}:
-    get:
-      summary: "Get a pool"
-      description: "Gets a pool by name or ID.  Returns to whole pool object."
-      produces:
-        - "application/json"
-      tags: ["Pool"]
-      parameters:
-        - $ref: "#/parameters/Name"
-      responses:
-        200:
-          description: "Success"
-          schema:
-            $ref: "#/definitions/Pool"
-        401:
-          description: "Unauthorized"
-        404:
-          description: "Not found"
-          schema:
-            $ref: "#/definitions/ErrorResponse"
-        407:
-          description: "Pool already exists"
-        500:
-          description: "Server error"
-          schema:
-            $ref: "#/definitions/ErrorResponse"
-    delete:
-      summary: "Delete pool"
-      description: "Deletes a pool."
-      produces:
-        - "application/json"
-      tags: ["Pool"]
-      parameters:
-        - name: "name"
-          in: "path"
-          required: true
-          description: "Pool name or ID."
-          type: "string"
-      responses:
-        200:
-          description: "Success"
-        401:
-          description: "Unauthorized"
-        407:
-          description: "Pool in use"
-        500:
-          description: "Server error"
-          schema:
-            $ref: "#/definitions/ErrorResponse"
diff --git a/vendor/github.com/storageos/go-api/types/controller.go b/vendor/github.com/storageos/go-api/types/controller.go
index b6381f174f1d..e32df7690721 100644
--- a/vendor/github.com/storageos/go-api/types/controller.go
+++ b/vendor/github.com/storageos/go-api/types/controller.go
@@ -41,6 +41,7 @@ type Controller struct {
 	Scheduler        bool                   `json:"scheduler"`
 	Name             string                 `json:"name"`
 	Address          string                 `json:"address"`
+	DeviceDir        string                 `json:"deviceDir"`
 	APIPort          int                    `json:"apiPort"`
 	NatsPort         int                    `json:"natsPort"`
 	NatsClusterPort  int                    `json:"natsClusterPort"`
@@ -59,6 +60,9 @@ type Controller struct {
 	VersionInfo     map[string]VersionInfo `json:"versionInfo"`
 	Version         string                 `json:"version"`
 
+	// Cordon true if in an unschedulable state
+	Cordon bool `json:"unschedulable"`
+
 	// high level stats that combine info from all driver instances
 	CapacityStats CapacityStats `json:"capacityStats"`
 }
diff --git a/vendor/github.com/storageos/go-api/types/controller_update_options.go b/vendor/github.com/storageos/go-api/types/controller_update_options.go
index 8c17ade8c56f..a55b8160d33d 100644
--- a/vendor/github.com/storageos/go-api/types/controller_update_options.go
+++ b/vendor/github.com/storageos/go-api/types/controller_update_options.go
@@ -19,6 +19,9 @@ type ControllerUpdateOptions struct {
 	// Labels are user-defined key/value metadata.
 	Labels map[string]string `json:"labels"`
 
+	// Cordon sets the controler into an unschedulable state if true
+	Cordon bool `json:"unschedulable"`
+
 	// Context can be set with a timeout or can be used to cancel a request.
 	Context context.Context `json:"-"`
 }
diff --git a/vendor/github.com/storageos/go-api/types/deployment.go b/vendor/github.com/storageos/go-api/types/deployment.go
index 9707246273d2..63f63f2a4efb 100644
--- a/vendor/github.com/storageos/go-api/types/deployment.go
+++ b/vendor/github.com/storageos/go-api/types/deployment.go
@@ -18,6 +18,10 @@ type Deployment struct {
 	// Read Only: true
 	Controller string `json:"controller"`
 
+	// Controller name
+	// Read Only: true
+	ControllerName string `json:"controllerName"`
+
 	// Health
 	// Read Only: true
 	Health string `json:"health"`
diff --git a/vendor/github.com/storageos/go-api/types/logger.go b/vendor/github.com/storageos/go-api/types/logger.go
new file mode 100644
index 000000000000..f02bad96eb5f
--- /dev/null
+++ b/vendor/github.com/storageos/go-api/types/logger.go
@@ -0,0 +1,40 @@
+package types
+
+import "context"
+
+// Logger is the runtime configuration of the node's logging services.
+// swagger:model Logger
+type Logger struct {
+
+	// Node name
+	Node string `json:"node"`
+
+	// Log level
+	Level string `json:"level"`
+
+	// Log filter
+	Filter string `json:"filter"`
+
+	// Log filters by category
+	// Read Only: true
+	Categories map[string]string `json:"categories"`
+}
+
+// LoggerUpdateOptions are the available parameters for updating loggers.
+type LoggerUpdateOptions struct {
+
+	// Log level
+	Level string `json:"level"`
+
+	// Log filter
+	Filter string `json:"filter"`
+
+	// List of nodes to update.  All if not set.
+	Nodes []string `json:"nodes"`
+
+	// List of fields to update.  Must be set.
+	Fields []string `json:"fields"`
+
+	// Context can be set with a timeout or can be used to cancel a request.
+	Context context.Context `json:"-"`
+}
diff --git a/vendor/github.com/storageos/go-api/types/node.go b/vendor/github.com/storageos/go-api/types/node.go
new file mode 100644
index 000000000000..52f5da63d39e
--- /dev/null
+++ b/vendor/github.com/storageos/go-api/types/node.go
@@ -0,0 +1,97 @@
+package types
+
+import (
+	"encoding/json"
+)
+
+type SubModuleStatus struct {
+	Status    string `json:"status"`
+	UpdatedAt string `json:"updatedAt"`
+	ChangedAt string `json:"changedAt"`
+	Message   string `json:"message"`
+}
+
+type NamedSubModuleStatus struct {
+	Name string
+	SubModuleStatus
+}
+
+type CPHealthStatus struct {
+	KV        SubModuleStatus
+	KVWrite   SubModuleStatus
+	NATS      SubModuleStatus
+	Scheduler SubModuleStatus
+}
+
+func (c *CPHealthStatus) ToNamedSubmodules() []NamedSubModuleStatus {
+	return []NamedSubModuleStatus{
+		{Name: "nats", SubModuleStatus: c.NATS},
+		{Name: "kv", SubModuleStatus: c.KV},
+		{Name: "kv_write", SubModuleStatus: c.KVWrite},
+		{Name: "scheduler", SubModuleStatus: c.Scheduler},
+	}
+}
+
+func (c *CPHealthStatus) UnmarshalJSON(data []byte) error {
+	unmarsh := struct {
+		Submodules struct {
+			KV        SubModuleStatus `json:"kv"`
+			KVWrite   SubModuleStatus `json:"kv_write"`
+			NATS      SubModuleStatus `json:"nats"`
+			Scheduler SubModuleStatus `json:"scheduler"`
+		} `json:"submodules"`
+	}{}
+
+	if err := json.Unmarshal(data, &unmarsh); err != nil {
+		return err
+	}
+
+	c.KV = unmarsh.Submodules.KV
+	c.KVWrite = unmarsh.Submodules.KVWrite
+	c.NATS = unmarsh.Submodules.NATS
+	c.Scheduler = unmarsh.Submodules.Scheduler
+
+	return nil
+}
+
+type DPHealthStatus struct {
+	DirectFSClient SubModuleStatus
+	DirectFSServer SubModuleStatus
+	Director       SubModuleStatus
+	FSDriver       SubModuleStatus
+	FS             SubModuleStatus
+}
+
+func (d *DPHealthStatus) ToNamedSubmodules() []NamedSubModuleStatus {
+	return []NamedSubModuleStatus{
+		{Name: "dfs_client", SubModuleStatus: d.DirectFSClient},
+		{Name: "dfs_server", SubModuleStatus: d.DirectFSServer},
+		{Name: "director", SubModuleStatus: d.Director},
+		{Name: "fs_driver", SubModuleStatus: d.FSDriver},
+		{Name: "fs", SubModuleStatus: d.FS},
+	}
+}
+
+func (d *DPHealthStatus) UnmarshalJSON(data []byte) error {
+	unmarsh := struct {
+		Submodules struct {
+			DirectFSClient SubModuleStatus `json:"directfs-client"`
+			DirectFSServer SubModuleStatus `json:"directfs-server"`
+			Director       SubModuleStatus `json:"director"`
+			FSDriver       SubModuleStatus `json:"filesystem-driver"`
+			FS             SubModuleStatus `json:"fs"`
+		} `json:"submodules"`
+	}{}
+
+	if err := json.Unmarshal(data, &unmarsh); err != nil {
+		return err
+	}
+
+	d.DirectFSClient = unmarsh.Submodules.DirectFSClient
+	d.DirectFSServer = unmarsh.Submodules.DirectFSServer
+	d.Director = unmarsh.Submodules.Director
+	d.FSDriver = unmarsh.Submodules.FSDriver
+	d.FS = unmarsh.Submodules.FS
+
+	return nil
+}
diff --git a/vendor/github.com/storageos/go-api/types/policy.go b/vendor/github.com/storageos/go-api/types/policy.go
new file mode 100644
index 000000000000..6441939d5e45
--- /dev/null
+++ b/vendor/github.com/storageos/go-api/types/policy.go
@@ -0,0 +1,45 @@
+package types
+
+import (
+	"encoding/json"
+)
+
+type Policy struct {
+	Spec struct {
+		User            string `json:"user,omitempty"`
+		Group           string `json:"group,omitempty"`
+		Readonly        bool   `json:"readonly,omitempty"`
+		APIGroup        string `json:"apiGroup,omitempty"`
+		Resource        string `json:"resource,omitempty"`
+		Namespace       string `json:"namespace,omitempty"`
+		NonResourcePath string `json:"nonResourcePath,omitempty"`
+	} `json:"spec"`
+}
+
+// PolicyWithId is used as an internal type to render table formated versions of the json response
+type PolicyWithID struct {
+	Policy
+	ID string
+}
+
+// MarshalJSON returns a marshaled copy of the internal policy object, so it is still valid to use
+// with the REST API
+func (p *PolicyWithID) MarshalJSON() ([]byte, error) {
+	return json.Marshal(p.Policy)
+}
+
+// PolicySet is a representation of the data structure returned from the REST API
+type PolicySet map[string]Policy
+
+func (p PolicySet) GetPoliciesWithID() []*PolicyWithID {
+	rtn := make([]*PolicyWithID, 0, len(p))
+
+	for k, v := range p {
+		rtn = append(rtn, &PolicyWithID{
+			Policy: v,
+			ID:     k,
+		})
+	}
+
+	return rtn
+}
diff --git a/vendor/github.com/storageos/go-api/types/user.go b/vendor/github.com/storageos/go-api/types/user.go
new file mode 100644
index 000000000000..aa4bca8ce5bb
--- /dev/null
+++ b/vendor/github.com/storageos/go-api/types/user.go
@@ -0,0 +1,79 @@
+package types
+
+import (
+	"context"
+	"encoding/json"
+	"strings"
+)
+
+type User struct {
+	UUID     string   `json:"id"`
+	Username string   `json:"username"`
+	Groups   []string `json:"groups"`
+	Password string   `json:"password,omitempty"`
+	Role     string   `json:"role"`
+}
+
+func (u *User) MarshalJSON() ([]byte, error) {
+	return json.Marshal(&struct {
+		UUID     string `json:"id"`
+		Username string `json:"username"`
+		Groups   string `json:"groups"`
+		Password string `json:"password,omitempty"`
+		Role     string `json:"role"`
+	}{
+		UUID:     u.UUID,
+		Username: u.Username,
+		Groups:   strings.Join(u.Groups, ","),
+		Password: u.Password,
+		Role:     u.Role,
+	})
+
+}
+
+func (u *User) UnmarshalJSON(data []byte) error {
+	temp := &struct {
+		UUID     string `json:"id"`
+		Username string `json:"username"`
+		Groups   string `json:"groups"`
+		Password string `json:"password"`
+		Role     string `json:"role"`
+	}{}
+
+	if err := json.Unmarshal(data, temp); err != nil {
+		return err
+	}
+
+	u.UUID = temp.UUID
+	u.Username = temp.Username
+	u.Password = temp.Password
+	u.Role = temp.Role
+	u.Groups = strings.Split(temp.Groups, ",")
+
+	return nil
+}
+
+type UserCreateOptions struct {
+	Username string   `json:"username"`
+	Groups   []string `json:"groups"`
+	Password string   `json:"password"`
+	Role     string   `json:"role"`
+
+	// Context can be set with a timeout or can be used to cancel a request.
+	Context context.Context `json:"-"`
+}
+
+func (u UserCreateOptions) MarshalJSON() ([]byte, error) {
+	return json.Marshal(&struct {
+		Username string `json:"username"`
+		Groups   string `json:"groups"`
+		Password string `json:"password"`
+		Role     string `json:"role"`
+	}{
+		Username: u.Username,
+		Groups:   strings.Join(u.Groups, ","),
+		Password: u.Password,
+		Role:     u.Role,
+	})
+
+}
diff --git a/vendor/github.com/storageos/go-api/types/volume.go b/vendor/github.com/storageos/go-api/types/volume.go
index 62665c2576f5..698d7a92d724 100644
--- a/vendor/github.com/storageos/go-api/types/volume.go
+++ b/vendor/github.com/storageos/go-api/types/volume.go
@@ -43,6 +43,9 @@ type Volume struct {
 	// Namespace is the object name and authentication scope, such as for teams and projects.
 	Namespace string `json:"namespace"`
 
+	// node selector (where volumes should land)
+	NodeSelector string `json:"nodeSelector"`
+
 	// Volume deployment information for the master volume.
 	// Read Only: true
 	Master *Deployment `json:"master,omitempty"`
@@ -51,6 +54,9 @@ type Volume struct {
 	// Read Only: true
 	Mounted bool `json:"mounted"`
 
+	// MountDevice, where the device is located
+	MountDevice string `json:"mountDevice"`
+
 	// Mountpoint, where the volume is mounted
 	Mountpoint string `json:"mountpoint"`
 
@@ -78,6 +84,10 @@ type Volume struct {
 	// Read Only: true
 	StatusMessage string `json:"statusMessage"`
 
+	// mkfs performed on new volumes
+	MkfsDone   bool      `json:"mkfsDone"`
+	MkfsDoneAt time.Time `json:"mkfsDoneAt"`
+
 	// When the volume was created.
 	// Read Only: true
 	CreatedAt time.Time `json:"createdAt"`
diff --git a/vendor/github.com/storageos/go-api/types/volume_create_options.go b/vendor/github.com/storageos/go-api/types/volume_create_options.go
index f767b1d8f52c..d7096e1e89a8 100644
--- a/vendor/github.com/storageos/go-api/types/volume_create_options.go
+++ b/vendor/github.com/storageos/go-api/types/volume_create_options.go
@@ -25,6 +25,9 @@ type VolumeCreateOptions struct {
 	// Namespace is the object scope, such as for teams and projects.
 	Namespace string `json:"namespace"`
 
+	// node selector (where volumes should land)
+	NodeSelector string `json:"nodeSelector"`
+
 	// Labels are user-defined key/value metadata.
 	Labels map[string]string `json:"labels"`
 
diff --git a/vendor/github.com/storageos/go-api/types/volume_update_options.go b/vendor/github.com/storageos/go-api/types/volume_update_options.go
index d0c8d6b4f1bc..3c73c6b904e5 100644
--- a/vendor/github.com/storageos/go-api/types/volume_update_options.go
+++ b/vendor/github.com/storageos/go-api/types/volume_update_options.go
@@ -23,6 +23,9 @@ type VolumeUpdateOptions struct {
 	// Namespace is the object scope, such as for teams and projects.
 	Namespace string `json:"namespace"`
 
+	// node selector (where volumes should land)
+	NodeSelector string `json:"nodeSelector"`
+
 	// Labels are user-defined key/value metadata.
 	Labels map[string]string `json:"labels"`
 
diff --git a/vendor/github.com/storageos/go-api/user.go b/vendor/github.com/storageos/go-api/user.go
new file mode 100644
index 000000000000..19688203aa08
--- /dev/null
+++ b/vendor/github.com/storageos/go-api/user.go
@@ -0,0 +1,119 @@
+package storageos
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"net/http"
+	"net/url"
+
+	"github.com/storageos/go-api/types"
+)
+
+var (
+
+	// UserAPIPrefix is a partial path to the HTTP endpoint.
+	UserAPIPrefix = "users"
+
+	// ErrNoSuchUser is the error returned when the user does not exist.
+	ErrNoSuchUser = errors.New("no such user")
+)
+
+// UserList returns the list of available users.
+func (c *Client) UserList(opts types.ListOptions) ([]*types.User, error) {
+	listOpts := doOptions{
+		fieldSelector: opts.FieldSelector,
+		labelSelector: opts.LabelSelector,
+		namespace:     opts.Namespace,
+		context:       opts.Context,
+	}
+
+	if opts.LabelSelector != "" {
+		query := url.Values{}
+		query.Add("labelSelector", opts.LabelSelector)
+		listOpts.values = query
+	}
+
+	resp, err := c.do("GET", UserAPIPrefix, listOpts)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	users := make([]*types.User, 0)
+	if err := json.NewDecoder(resp.Body).Decode(&users); err != nil {
+		return nil, err
+	}
+	return users, nil
+}
+
+// User returns a user by its username/id.
+func (c *Client) User(username string) (*types.User, error) {
+	path := fmt.Sprintf("%s/%s", UserAPIPrefix, username)
+	resp, err := c.do("GET", path, doOptions{})
+	if err != nil {
+		if e, ok := err.(*Error); ok && e.Status == http.StatusNotFound {
+			return nil, ErrNoSuchUser
+		}
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	var user *types.User
+	if err := json.NewDecoder(resp.Body).Decode(&user); err != nil {
+		return nil, err
+	}
+	return user, nil
+}
+
+// UserCreate creates a user on the server.
+func (c *Client) UserCreate(opts types.UserCreateOptions) error {
+	_, err := c.do("POST", UserAPIPrefix, doOptions{
+		data:    opts,
+		context: opts.Context,
+	})
+	return err
+}
+
+// UserUpdate updates a user on the server.
+func (c *Client) UserUpdate(user *types.User, ctx context.Context) error {
+	var ref string
+	switch {
+	case user.UUID != "":
+		ref = user.UUID
+	case user.Username != "":
+		ref = user.Username
+	default:
+		return ErrNoSuchUser
+	}
+
+	path := fmt.Sprintf("%s/%s", UserAPIPrefix, ref)
+	resp, err := c.do("POST", path, doOptions{
+		data:    user,
+		context: ctx,
+	})
+	if err != nil {
+		if e, ok := err.(*Error); ok && e.Status == http.StatusNotFound {
+			return ErrNoSuchUser
+		}
+		return err
+	}
+	defer resp.Body.Close()
+	return nil
+}
+
+// UserDelete removes a user by its reference.
+func (c *Client) UserDelete(opts types.DeleteOptions) error {
+	resp, err := c.do("DELETE", UserAPIPrefix+"/"+opts.Name, doOptions{})
+	if err != nil {
+		if e, ok := err.(*Error); ok {
+			if e.Status == http.StatusNotFound {
+				return ErrNoSuchUser
+			}
+		}
+		return err
+	}
+	defer resp.Body.Close()
+	return nil
+}
diff --git a/vendor/github.com/vishvananda/netlink/Makefile b/vendor/github.com/vishvananda/netlink/Makefile
index 6c8413b13a52..a0e68e7a9aaa 100644
--- a/vendor/github.com/vishvananda/netlink/Makefile
+++ b/vendor/github.com/vishvananda/netlink/Makefile
@@ -3,7 +3,8 @@ DIRS := \
 	nl
 
 DEPS = \
-	github.com/vishvananda/netns
+	github.com/vishvananda/netns \
+	golang.org/x/sys/unix
 
 uniq = $(if $1,$(firstword $1) $(call uniq,$(filter-out $(firstword $1),$1)))
 testdirs = $(call uniq,$(foreach d,$(1),$(dir $(wildcard $(d)/*_test.go))))
@@ -18,7 +19,7 @@ $(call goroot,$(DEPS)):
 
 .PHONY: $(call testdirs,$(DIRS))
 $(call testdirs,$(DIRS)):
-	sudo -E go test -test.parallel 4 -timeout 60s -v github.com/vishvananda/netlink/$@
+	go test -test.exec sudo -test.parallel 4 -timeout 60s -test.v github.com/vishvananda/netlink/$@
 
 $(call fmt,$(call testdirs,$(DIRS))):
 	! gofmt -l $(subst fmt-,,$@)/*.go | grep -q .
diff --git a/vendor/github.com/vishvananda/netlink/README.md b/vendor/github.com/vishvananda/netlink/README.md
index 0b61be217e0b..a88e2f418409 100644
--- a/vendor/github.com/vishvananda/netlink/README.md
+++ b/vendor/github.com/vishvananda/netlink/README.md
@@ -89,3 +89,4 @@ There are also a few pieces of low level netlink functionality that still
 need to be implemented. Routing rules are not in place and some of the
 more advanced link types. Hopefully there is decent structure and testing
 in place to make these fairly straightforward to add.
+
diff --git a/vendor/github.com/vishvananda/netlink/addr_linux.go b/vendor/github.com/vishvananda/netlink/addr_linux.go
index 92edb90d09f3..8597ab7fcbcc 100644
--- a/vendor/github.com/vishvananda/netlink/addr_linux.go
+++ b/vendor/github.com/vishvananda/netlink/addr_linux.go
@@ -2,13 +2,12 @@ package netlink
 
 import (
 	"fmt"
-	"log"
 	"net"
 	"strings"
-	"syscall"
 
 	"github.com/vishvananda/netlink/nl"
 	"github.com/vishvananda/netns"
+	"golang.org/x/sys/unix"
 )
 
 // IFA_FLAGS is a u32 attribute.
@@ -23,7 +22,7 @@ func AddrAdd(link Link, addr *Addr) error {
 // AddrAdd will add an IP address to a link device.
 // Equivalent to: `ip addr add $addr dev $link`
 func (h *Handle) AddrAdd(link Link, addr *Addr) error {
-	req := h.newNetlinkRequest(syscall.RTM_NEWADDR, syscall.NLM_F_CREATE|syscall.NLM_F_EXCL|syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_NEWADDR, unix.NLM_F_CREATE|unix.NLM_F_EXCL|unix.NLM_F_ACK)
 	return h.addrHandle(link, addr, req)
 }
 
@@ -36,7 +35,7 @@ func AddrReplace(link Link, addr *Addr) error {
 // AddrReplace will replace (or, if not present, add) an IP address on a link device.
 // Equivalent to: `ip addr replace $addr dev $link`
 func (h *Handle) AddrReplace(link Link, addr *Addr) error {
-	req := h.newNetlinkRequest(syscall.RTM_NEWADDR, syscall.NLM_F_CREATE|syscall.NLM_F_REPLACE|syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_NEWADDR, unix.NLM_F_CREATE|unix.NLM_F_REPLACE|unix.NLM_F_ACK)
 	return h.addrHandle(link, addr, req)
 }
 
@@ -49,7 +48,7 @@ func AddrDel(link Link, addr *Addr) error {
 // AddrDel will delete an IP address from a link device.
 // Equivalent to: `ip addr del $addr dev $link`
 func (h *Handle) AddrDel(link Link, addr *Addr) error {
-	req := h.newNetlinkRequest(syscall.RTM_DELADDR, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_DELADDR, unix.NLM_F_ACK)
 	return h.addrHandle(link, addr, req)
 }
 
@@ -76,7 +75,7 @@ func (h *Handle) addrHandle(link Link, addr *Addr, req *nl.NetlinkRequest) error
 		localAddrData = addr.IP.To16()
 	}
 
-	localData := nl.NewRtAttr(syscall.IFA_LOCAL, localAddrData)
+	localData := nl.NewRtAttr(unix.IFA_LOCAL, localAddrData)
 	req.AddData(localData)
 	var peerAddrData []byte
 	if addr.Peer != nil {
@@ -89,7 +88,7 @@ func (h *Handle) addrHandle(link Link, addr *Addr, req *nl.NetlinkRequest) error
 		peerAddrData = localAddrData
 	}
 
-	addressData := nl.NewRtAttr(syscall.IFA_ADDRESS, peerAddrData)
+	addressData := nl.NewRtAttr(unix.IFA_ADDRESS, peerAddrData)
 	req.AddData(addressData)
 
 	if addr.Flags != 0 {
@@ -110,14 +109,14 @@ func (h *Handle) addrHandle(link Link, addr *Addr, req *nl.NetlinkRequest) error
 		}
 		addr.Broadcast = calcBroadcast
 	}
-	req.AddData(nl.NewRtAttr(syscall.IFA_BROADCAST, addr.Broadcast))
+	req.AddData(nl.NewRtAttr(unix.IFA_BROADCAST, addr.Broadcast))
 
 	if addr.Label != "" {
-		labelData := nl.NewRtAttr(syscall.IFA_LABEL, nl.ZeroTerminated(addr.Label))
+		labelData := nl.NewRtAttr(unix.IFA_LABEL, nl.ZeroTerminated(addr.Label))
 		req.AddData(labelData)
 	}
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -132,11 +131,11 @@ func AddrList(link Link, family int) ([]Addr, error) {
 // Equivalent to: `ip addr show`.
 // The list can be filtered by link and ip family.
 func (h *Handle) AddrList(link Link, family int) ([]Addr, error) {
-	req := h.newNetlinkRequest(syscall.RTM_GETADDR, syscall.NLM_F_DUMP)
+	req := h.newNetlinkRequest(unix.RTM_GETADDR, unix.NLM_F_DUMP)
 	msg := nl.NewIfInfomsg(family)
 	req.AddData(msg)
 
-	msgs, err := req.Execute(syscall.NETLINK_ROUTE, syscall.RTM_NEWADDR)
+	msgs, err := req.Execute(unix.NETLINK_ROUTE, unix.RTM_NEWADDR)
 	if err != nil {
 		return nil, err
 	}
@@ -188,21 +187,21 @@ func parseAddr(m []byte) (addr Addr, family, index int, err error) {
 	var local, dst *net.IPNet
 	for _, attr := range attrs {
 		switch attr.Attr.Type {
-		case syscall.IFA_ADDRESS:
+		case unix.IFA_ADDRESS:
 			dst = &net.IPNet{
 				IP:   attr.Value,
 				Mask: net.CIDRMask(int(msg.Prefixlen), 8*len(attr.Value)),
 			}
 			addr.Peer = dst
-		case syscall.IFA_LOCAL:
+		case unix.IFA_LOCAL:
 			local = &net.IPNet{
 				IP:   attr.Value,
 				Mask: net.CIDRMask(int(msg.Prefixlen), 8*len(attr.Value)),
 			}
 			addr.IPNet = local
-		case syscall.IFA_BROADCAST:
+		case unix.IFA_BROADCAST:
 			addr.Broadcast = attr.Value
-		case syscall.IFA_LABEL:
+		case unix.IFA_LABEL:
 			addr.Label = string(attr.Value[:len(attr.Value)-1])
 		case IFA_FLAGS:
 			addr.Flags = int(native.Uint32(attr.Value[0:4]))
@@ -237,17 +236,35 @@ type AddrUpdate struct {
 // AddrSubscribe takes a chan down which notifications will be sent
 // when addresses change.  Close the 'done' chan to stop subscription.
 func AddrSubscribe(ch chan<- AddrUpdate, done <-chan struct{}) error {
-	return addrSubscribe(netns.None(), netns.None(), ch, done)
+	return addrSubscribeAt(netns.None(), netns.None(), ch, done, nil)
 }
 
 // AddrSubscribeAt works like AddrSubscribe plus it allows the caller
 // to choose the network namespace in which to subscribe (ns).
 func AddrSubscribeAt(ns netns.NsHandle, ch chan<- AddrUpdate, done <-chan struct{}) error {
-	return addrSubscribe(ns, netns.None(), ch, done)
+	return addrSubscribeAt(ns, netns.None(), ch, done, nil)
 }
 
-func addrSubscribe(newNs, curNs netns.NsHandle, ch chan<- AddrUpdate, done <-chan struct{}) error {
-	s, err := nl.SubscribeAt(newNs, curNs, syscall.NETLINK_ROUTE, syscall.RTNLGRP_IPV4_IFADDR, syscall.RTNLGRP_IPV6_IFADDR)
+// AddrSubscribeOptions contains a set of options to use with
+// AddrSubscribeWithOptions.
+type AddrSubscribeOptions struct {
+	Namespace     *netns.NsHandle
+	ErrorCallback func(error)
+}
+
+// AddrSubscribeWithOptions work like AddrSubscribe but enable to
+// provide additional options to modify the behavior. Currently, the
+// namespace can be provided as well as an error callback.
+func AddrSubscribeWithOptions(ch chan<- AddrUpdate, done <-chan struct{}, options AddrSubscribeOptions) error {
+	if options.Namespace == nil {
+		none := netns.None()
+		options.Namespace = &none
+	}
+	return addrSubscribeAt(*options.Namespace, netns.None(), ch, done, options.ErrorCallback)
+}
+
+func addrSubscribeAt(newNs, curNs netns.NsHandle, ch chan<- AddrUpdate, done <-chan struct{}, cberr func(error)) error {
+	s, err := nl.SubscribeAt(newNs, curNs, unix.NETLINK_ROUTE, unix.RTNLGRP_IPV4_IFADDR, unix.RTNLGRP_IPV6_IFADDR)
 	if err != nil {
 		return err
 	}
@@ -262,25 +279,31 @@ func addrSubscribe(newNs, curNs netns.NsHandle, ch chan<- AddrUpdate, done <-cha
 		for {
 			msgs, err := s.Receive()
 			if err != nil {
-				log.Printf("netlink.AddrSubscribe: Receive() error: %v", err)
+				if cberr != nil {
+					cberr(err)
+				}
 				return
 			}
 			for _, m := range msgs {
 				msgType := m.Header.Type
-				if msgType != syscall.RTM_NEWADDR && msgType != syscall.RTM_DELADDR {
-					log.Printf("netlink.AddrSubscribe: bad message type: %d", msgType)
-					continue
+				if msgType != unix.RTM_NEWADDR && msgType != unix.RTM_DELADDR {
+					if cberr != nil {
+						cberr(fmt.Errorf("bad message type: %d", msgType))
+					}
+					return
 				}
 
 				addr, _, ifindex, err := parseAddr(m.Data)
 				if err != nil {
-					log.Printf("netlink.AddrSubscribe: could not parse address: %v", err)
-					continue
+					if cberr != nil {
+						cberr(fmt.Errorf("could not parse address: %v", err))
+					}
+					return
 				}
 
 				ch <- AddrUpdate{LinkAddress: *addr.IPNet,
 					LinkIndex:   ifindex,
-					NewAddr:     msgType == syscall.RTM_NEWADDR,
+					NewAddr:     msgType == unix.RTM_NEWADDR,
 					Flags:       addr.Flags,
 					Scope:       addr.Scope,
 					PreferedLft: addr.PreferedLft,
diff --git a/vendor/github.com/vishvananda/netlink/bridge_linux.go b/vendor/github.com/vishvananda/netlink/bridge_linux.go
index a65d6a1319a5..6eb331ef1545 100644
--- a/vendor/github.com/vishvananda/netlink/bridge_linux.go
+++ b/vendor/github.com/vishvananda/netlink/bridge_linux.go
@@ -2,9 +2,9 @@ package netlink
 
 import (
 	"fmt"
-	"syscall"
 
 	"github.com/vishvananda/netlink/nl"
+	"golang.org/x/sys/unix"
 )
 
 // BridgeVlanList gets a map of device id to bridge vlan infos.
@@ -16,12 +16,12 @@ func BridgeVlanList() (map[int32][]*nl.BridgeVlanInfo, error) {
 // BridgeVlanList gets a map of device id to bridge vlan infos.
 // Equivalent to: `bridge vlan show`
 func (h *Handle) BridgeVlanList() (map[int32][]*nl.BridgeVlanInfo, error) {
-	req := h.newNetlinkRequest(syscall.RTM_GETLINK, syscall.NLM_F_DUMP)
-	msg := nl.NewIfInfomsg(syscall.AF_BRIDGE)
+	req := h.newNetlinkRequest(unix.RTM_GETLINK, unix.NLM_F_DUMP)
+	msg := nl.NewIfInfomsg(unix.AF_BRIDGE)
 	req.AddData(msg)
 	req.AddData(nl.NewRtAttr(nl.IFLA_EXT_MASK, nl.Uint32Attr(uint32(nl.RTEXT_FILTER_BRVLAN))))
 
-	msgs, err := req.Execute(syscall.NETLINK_ROUTE, syscall.RTM_NEWLINK)
+	msgs, err := req.Execute(unix.NETLINK_ROUTE, unix.RTM_NEWLINK)
 	if err != nil {
 		return nil, err
 	}
@@ -63,7 +63,7 @@ func BridgeVlanAdd(link Link, vid uint16, pvid, untagged, self, master bool) err
 // BridgeVlanAdd adds a new vlan filter entry
 // Equivalent to: `bridge vlan add dev DEV vid VID [ pvid ] [ untagged ] [ self ] [ master ]`
 func (h *Handle) BridgeVlanAdd(link Link, vid uint16, pvid, untagged, self, master bool) error {
-	return h.bridgeVlanModify(syscall.RTM_SETLINK, link, vid, pvid, untagged, self, master)
+	return h.bridgeVlanModify(unix.RTM_SETLINK, link, vid, pvid, untagged, self, master)
 }
 
 // BridgeVlanDel adds a new vlan filter entry
@@ -75,15 +75,15 @@ func BridgeVlanDel(link Link, vid uint16, pvid, untagged, self, master bool) err
 // BridgeVlanDel adds a new vlan filter entry
 // Equivalent to: `bridge vlan del dev DEV vid VID [ pvid ] [ untagged ] [ self ] [ master ]`
 func (h *Handle) BridgeVlanDel(link Link, vid uint16, pvid, untagged, self, master bool) error {
-	return h.bridgeVlanModify(syscall.RTM_DELLINK, link, vid, pvid, untagged, self, master)
+	return h.bridgeVlanModify(unix.RTM_DELLINK, link, vid, pvid, untagged, self, master)
 }
 
 func (h *Handle) bridgeVlanModify(cmd int, link Link, vid uint16, pvid, untagged, self, master bool) error {
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(cmd, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(cmd, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_BRIDGE)
+	msg := nl.NewIfInfomsg(unix.AF_BRIDGE)
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
@@ -107,7 +107,7 @@ func (h *Handle) bridgeVlanModify(cmd int, link Link, vid uint16, pvid, untagged
 	}
 	nl.NewRtAttrChild(br, nl.IFLA_BRIDGE_VLAN_INFO, vlanInfo.Serialize())
 	req.AddData(br)
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	if err != nil {
 		return err
 	}
diff --git a/vendor/github.com/vishvananda/netlink/class_linux.go b/vendor/github.com/vishvananda/netlink/class_linux.go
index 91cd3883de90..a4997740e292 100644
--- a/vendor/github.com/vishvananda/netlink/class_linux.go
+++ b/vendor/github.com/vishvananda/netlink/class_linux.go
@@ -5,6 +5,7 @@ import (
 	"syscall"
 
 	"github.com/vishvananda/netlink/nl"
+	"golang.org/x/sys/unix"
 )
 
 // NOTE: function is in here because it uses other linux functions
@@ -50,7 +51,7 @@ func ClassDel(class Class) error {
 // ClassDel will delete a class from the system.
 // Equivalent to: `tc class del $class`
 func (h *Handle) ClassDel(class Class) error {
-	return h.classModify(syscall.RTM_DELTCLASS, 0, class)
+	return h.classModify(unix.RTM_DELTCLASS, 0, class)
 }
 
 // ClassChange will change a class in place
@@ -64,7 +65,7 @@ func ClassChange(class Class) error {
 // Equivalent to: `tc class change $class`
 // The parent and handle MUST NOT be changed.
 func (h *Handle) ClassChange(class Class) error {
-	return h.classModify(syscall.RTM_NEWTCLASS, 0, class)
+	return h.classModify(unix.RTM_NEWTCLASS, 0, class)
 }
 
 // ClassReplace will replace a class to the system.
@@ -82,7 +83,7 @@ func ClassReplace(class Class) error {
 // If a class already exist with this parent/handle pair, the class is changed.
 // If a class does not already exist with this parent/handle, a new class is created.
 func (h *Handle) ClassReplace(class Class) error {
-	return h.classModify(syscall.RTM_NEWTCLASS, syscall.NLM_F_CREATE, class)
+	return h.classModify(unix.RTM_NEWTCLASS, unix.NLM_F_CREATE, class)
 }
 
 // ClassAdd will add a class to the system.
@@ -95,14 +96,14 @@ func ClassAdd(class Class) error {
 // Equivalent to: `tc class add $class`
 func (h *Handle) ClassAdd(class Class) error {
 	return h.classModify(
-		syscall.RTM_NEWTCLASS,
-		syscall.NLM_F_CREATE|syscall.NLM_F_EXCL,
+		unix.RTM_NEWTCLASS,
+		unix.NLM_F_CREATE|unix.NLM_F_EXCL,
 		class,
 	)
 }
 
 func (h *Handle) classModify(cmd, flags int, class Class) error {
-	req := h.newNetlinkRequest(cmd, flags|syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(cmd, flags|unix.NLM_F_ACK)
 	base := class.Attrs()
 	msg := &nl.TcMsg{
 		Family:  nl.FAMILY_ALL,
@@ -112,12 +113,12 @@ func (h *Handle) classModify(cmd, flags int, class Class) error {
 	}
 	req.AddData(msg)
 
-	if cmd != syscall.RTM_DELTCLASS {
+	if cmd != unix.RTM_DELTCLASS {
 		if err := classPayload(req, class); err != nil {
 			return err
 		}
 	}
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -141,12 +142,12 @@ func classPayload(req *nl.NetlinkRequest, class Class) error {
 		var rtab [256]uint32
 		var ctab [256]uint32
 		tcrate := nl.TcRateSpec{Rate: uint32(htb.Rate)}
-		if CalcRtable(&tcrate, rtab, cellLog, uint32(mtu), linklayer) < 0 {
+		if CalcRtable(&tcrate, rtab[:], cellLog, uint32(mtu), linklayer) < 0 {
 			return errors.New("HTB: failed to calculate rate table")
 		}
 		opt.Rate = tcrate
 		tcceil := nl.TcRateSpec{Rate: uint32(htb.Ceil)}
-		if CalcRtable(&tcceil, ctab, ccellLog, uint32(mtu), linklayer) < 0 {
+		if CalcRtable(&tcceil, ctab[:], ccellLog, uint32(mtu), linklayer) < 0 {
 			return errors.New("HTB: failed to calculate ceil rate table")
 		}
 		opt.Ceil = tcceil
@@ -169,7 +170,7 @@ func ClassList(link Link, parent uint32) ([]Class, error) {
 // Equivalent to: `tc class show`.
 // Generally returns nothing if link and parent are not specified.
 func (h *Handle) ClassList(link Link, parent uint32) ([]Class, error) {
-	req := h.newNetlinkRequest(syscall.RTM_GETTCLASS, syscall.NLM_F_DUMP)
+	req := h.newNetlinkRequest(unix.RTM_GETTCLASS, unix.NLM_F_DUMP)
 	msg := &nl.TcMsg{
 		Family: nl.FAMILY_ALL,
 		Parent: parent,
@@ -181,7 +182,7 @@ func (h *Handle) ClassList(link Link, parent uint32) ([]Class, error) {
 	}
 	req.AddData(msg)
 
-	msgs, err := req.Execute(syscall.NETLINK_ROUTE, syscall.RTM_NEWTCLASS)
+	msgs, err := req.Execute(unix.NETLINK_ROUTE, unix.RTM_NEWTCLASS)
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/github.com/vishvananda/netlink/conntrack_linux.go b/vendor/github.com/vishvananda/netlink/conntrack_linux.go
index ecf044565909..a0fc74a37224 100644
--- a/vendor/github.com/vishvananda/netlink/conntrack_linux.go
+++ b/vendor/github.com/vishvananda/netlink/conntrack_linux.go
@@ -6,9 +6,9 @@ import (
 	"errors"
 	"fmt"
 	"net"
-	"syscall"
 
 	"github.com/vishvananda/netlink/nl"
+	"golang.org/x/sys/unix"
 )
 
 // ConntrackTableType Conntrack table for the netlink operation
@@ -85,8 +85,8 @@ func (h *Handle) ConntrackTableList(table ConntrackTableType, family InetFamily)
 // conntrack -F [table]            Flush table
 // The flush operation applies to all the family types
 func (h *Handle) ConntrackTableFlush(table ConntrackTableType) error {
-	req := h.newConntrackRequest(table, syscall.AF_INET, nl.IPCTNL_MSG_CT_DELETE, syscall.NLM_F_ACK)
-	_, err := req.Execute(syscall.NETLINK_NETFILTER, 0)
+	req := h.newConntrackRequest(table, unix.AF_INET, nl.IPCTNL_MSG_CT_DELETE, unix.NLM_F_ACK)
+	_, err := req.Execute(unix.NETLINK_NETFILTER, 0)
 	return err
 }
 
@@ -102,10 +102,10 @@ func (h *Handle) ConntrackDeleteFilter(table ConntrackTableType, family InetFami
 	for _, dataRaw := range res {
 		flow := parseRawData(dataRaw)
 		if match := filter.MatchConntrackFlow(flow); match {
-			req2 := h.newConntrackRequest(table, family, nl.IPCTNL_MSG_CT_DELETE, syscall.NLM_F_ACK)
+			req2 := h.newConntrackRequest(table, family, nl.IPCTNL_MSG_CT_DELETE, unix.NLM_F_ACK)
 			// skip the first 4 byte that are the netfilter header, the newConntrackRequest is adding it already
 			req2.AddRawData(dataRaw[4:])
-			req2.Execute(syscall.NETLINK_NETFILTER, 0)
+			req2.Execute(unix.NETLINK_NETFILTER, 0)
 			matched++
 		}
 	}
@@ -127,8 +127,8 @@ func (h *Handle) newConntrackRequest(table ConntrackTableType, family InetFamily
 }
 
 func (h *Handle) dumpConntrackTable(table ConntrackTableType, family InetFamily) ([][]byte, error) {
-	req := h.newConntrackRequest(table, family, nl.IPCTNL_MSG_CT_GET, syscall.NLM_F_DUMP)
-	return req.Execute(syscall.NETLINK_NETFILTER, 0)
+	req := h.newConntrackRequest(table, family, nl.IPCTNL_MSG_CT_GET, unix.NLM_F_DUMP)
+	return req.Execute(unix.NETLINK_NETFILTER, 0)
 }
 
 // The full conntrack flow structure is very complicated and can be found in the file:
diff --git a/vendor/github.com/vishvananda/netlink/filter.go b/vendor/github.com/vishvananda/netlink/filter.go
index 938b28b0b03b..30b541494e24 100644
--- a/vendor/github.com/vishvananda/netlink/filter.go
+++ b/vendor/github.com/vishvananda/netlink/filter.go
@@ -2,8 +2,6 @@ package netlink
 
 import (
 	"fmt"
-
-	"github.com/vishvananda/netlink/nl"
 )
 
 type Filter interface {
@@ -19,7 +17,7 @@ type FilterAttrs struct {
 	Handle    uint32
 	Parent    uint32
 	Priority  uint16 // lower is higher priority
-	Protocol  uint16 // syscall.ETH_P_*
+	Protocol  uint16 // unix.ETH_P_*
 }
 
 func (q FilterAttrs) String() string {
@@ -184,14 +182,6 @@ func NewMirredAction(redirIndex int) *MirredAction {
 	}
 }
 
-// Constants used in TcU32Sel.Flags.
-const (
-	TC_U32_TERMINAL  = nl.TC_U32_TERMINAL
-	TC_U32_OFFSET    = nl.TC_U32_OFFSET
-	TC_U32_VAROFFSET = nl.TC_U32_VAROFFSET
-	TC_U32_EAT       = nl.TC_U32_EAT
-)
-
 // Sel of the U32 filters that contains multiple TcU32Key. This is the copy
 // and the frontend representation of nl.TcU32Sel. It is serialized into canonical
 // nl.TcU32Sel with the appropriate endianness.
diff --git a/vendor/github.com/vishvananda/netlink/filter_linux.go b/vendor/github.com/vishvananda/netlink/filter_linux.go
index dc0f90af8804..7cb7a4fd9400 100644
--- a/vendor/github.com/vishvananda/netlink/filter_linux.go
+++ b/vendor/github.com/vishvananda/netlink/filter_linux.go
@@ -9,6 +9,15 @@ import (
 	"unsafe"
 
 	"github.com/vishvananda/netlink/nl"
+	"golang.org/x/sys/unix"
+)
+
+// Constants used in TcU32Sel.Flags.
+const (
+	TC_U32_TERMINAL  = nl.TC_U32_TERMINAL
+	TC_U32_OFFSET    = nl.TC_U32_OFFSET
+	TC_U32_VAROFFSET = nl.TC_U32_VAROFFSET
+	TC_U32_EAT       = nl.TC_U32_EAT
 )
 
 // Fw filter filters on firewall marks
@@ -47,7 +56,7 @@ func NewFw(attrs FilterAttrs, fattrs FilterFwAttrs) (*Fw, error) {
 	if police.Rate.Rate != 0 {
 		police.Rate.Mpu = fattrs.Mpu
 		police.Rate.Overhead = fattrs.Overhead
-		if CalcRtable(&police.Rate, rtab, rcellLog, fattrs.Mtu, linklayer) < 0 {
+		if CalcRtable(&police.Rate, rtab[:], rcellLog, fattrs.Mtu, linklayer) < 0 {
 			return nil, errors.New("TBF: failed to calculate rate table")
 		}
 		police.Burst = uint32(Xmittime(uint64(police.Rate.Rate), uint32(buffer)))
@@ -56,7 +65,7 @@ func NewFw(attrs FilterAttrs, fattrs FilterFwAttrs) (*Fw, error) {
 	if police.PeakRate.Rate != 0 {
 		police.PeakRate.Mpu = fattrs.Mpu
 		police.PeakRate.Overhead = fattrs.Overhead
-		if CalcRtable(&police.PeakRate, ptab, pcellLog, fattrs.Mtu, linklayer) < 0 {
+		if CalcRtable(&police.PeakRate, ptab[:], pcellLog, fattrs.Mtu, linklayer) < 0 {
 			return nil, errors.New("POLICE: failed to calculate peak rate table")
 		}
 	}
@@ -90,7 +99,7 @@ func FilterDel(filter Filter) error {
 // FilterDel will delete a filter from the system.
 // Equivalent to: `tc filter del $filter`
 func (h *Handle) FilterDel(filter Filter) error {
-	req := h.newNetlinkRequest(syscall.RTM_DELTFILTER, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_DELTFILTER, unix.NLM_F_ACK)
 	base := filter.Attrs()
 	msg := &nl.TcMsg{
 		Family:  nl.FAMILY_ALL,
@@ -101,7 +110,7 @@ func (h *Handle) FilterDel(filter Filter) error {
 	}
 	req.AddData(msg)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -115,7 +124,7 @@ func FilterAdd(filter Filter) error {
 // Equivalent to: `tc filter add $filter`
 func (h *Handle) FilterAdd(filter Filter) error {
 	native = nl.NativeEndian()
-	req := h.newNetlinkRequest(syscall.RTM_NEWTFILTER, syscall.NLM_F_CREATE|syscall.NLM_F_EXCL|syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_NEWTFILTER, unix.NLM_F_CREATE|unix.NLM_F_EXCL|unix.NLM_F_ACK)
 	base := filter.Attrs()
 	msg := &nl.TcMsg{
 		Family:  nl.FAMILY_ALL,
@@ -128,9 +137,11 @@ func (h *Handle) FilterAdd(filter Filter) error {
 	req.AddData(nl.NewRtAttr(nl.TCA_KIND, nl.ZeroTerminated(filter.Type())))
 
 	options := nl.NewRtAttr(nl.TCA_OPTIONS, nil)
-	if u32, ok := filter.(*U32); ok {
+
+	switch filter := filter.(type) {
+	case *U32:
 		// Convert TcU32Sel into nl.TcU32Sel as it is without copy.
-		sel := (*nl.TcU32Sel)(unsafe.Pointer(u32.Sel))
+		sel := (*nl.TcU32Sel)(unsafe.Pointer(filter.Sel))
 		if sel == nil {
 			// match all
 			sel = &nl.TcU32Sel{
@@ -158,63 +169,63 @@ func (h *Handle) FilterAdd(filter Filter) error {
 		}
 		sel.Nkeys = uint8(len(sel.Keys))
 		nl.NewRtAttrChild(options, nl.TCA_U32_SEL, sel.Serialize())
-		if u32.ClassId != 0 {
-			nl.NewRtAttrChild(options, nl.TCA_U32_CLASSID, nl.Uint32Attr(u32.ClassId))
+		if filter.ClassId != 0 {
+			nl.NewRtAttrChild(options, nl.TCA_U32_CLASSID, nl.Uint32Attr(filter.ClassId))
 		}
 		actionsAttr := nl.NewRtAttrChild(options, nl.TCA_U32_ACT, nil)
 		// backwards compatibility
-		if u32.RedirIndex != 0 {
-			u32.Actions = append([]Action{NewMirredAction(u32.RedirIndex)}, u32.Actions...)
+		if filter.RedirIndex != 0 {
+			filter.Actions = append([]Action{NewMirredAction(filter.RedirIndex)}, filter.Actions...)
 		}
-		if err := EncodeActions(actionsAttr, u32.Actions); err != nil {
+		if err := EncodeActions(actionsAttr, filter.Actions); err != nil {
 			return err
 		}
-	} else if fw, ok := filter.(*Fw); ok {
-		if fw.Mask != 0 {
+	case *Fw:
+		if filter.Mask != 0 {
 			b := make([]byte, 4)
-			native.PutUint32(b, fw.Mask)
+			native.PutUint32(b, filter.Mask)
 			nl.NewRtAttrChild(options, nl.TCA_FW_MASK, b)
 		}
-		if fw.InDev != "" {
-			nl.NewRtAttrChild(options, nl.TCA_FW_INDEV, nl.ZeroTerminated(fw.InDev))
+		if filter.InDev != "" {
+			nl.NewRtAttrChild(options, nl.TCA_FW_INDEV, nl.ZeroTerminated(filter.InDev))
 		}
-		if (fw.Police != nl.TcPolice{}) {
+		if (filter.Police != nl.TcPolice{}) {
 
 			police := nl.NewRtAttrChild(options, nl.TCA_FW_POLICE, nil)
-			nl.NewRtAttrChild(police, nl.TCA_POLICE_TBF, fw.Police.Serialize())
-			if (fw.Police.Rate != nl.TcRateSpec{}) {
-				payload := SerializeRtab(fw.Rtab)
+			nl.NewRtAttrChild(police, nl.TCA_POLICE_TBF, filter.Police.Serialize())
+			if (filter.Police.Rate != nl.TcRateSpec{}) {
+				payload := SerializeRtab(filter.Rtab)
 				nl.NewRtAttrChild(police, nl.TCA_POLICE_RATE, payload)
 			}
-			if (fw.Police.PeakRate != nl.TcRateSpec{}) {
-				payload := SerializeRtab(fw.Ptab)
+			if (filter.Police.PeakRate != nl.TcRateSpec{}) {
+				payload := SerializeRtab(filter.Ptab)
 				nl.NewRtAttrChild(police, nl.TCA_POLICE_PEAKRATE, payload)
 			}
 		}
-		if fw.ClassId != 0 {
+		if filter.ClassId != 0 {
 			b := make([]byte, 4)
-			native.PutUint32(b, fw.ClassId)
+			native.PutUint32(b, filter.ClassId)
 			nl.NewRtAttrChild(options, nl.TCA_FW_CLASSID, b)
 		}
-	} else if bpf, ok := filter.(*BpfFilter); ok {
+	case *BpfFilter:
 		var bpfFlags uint32
-		if bpf.ClassId != 0 {
-			nl.NewRtAttrChild(options, nl.TCA_BPF_CLASSID, nl.Uint32Attr(bpf.ClassId))
+		if filter.ClassId != 0 {
+			nl.NewRtAttrChild(options, nl.TCA_BPF_CLASSID, nl.Uint32Attr(filter.ClassId))
 		}
-		if bpf.Fd >= 0 {
-			nl.NewRtAttrChild(options, nl.TCA_BPF_FD, nl.Uint32Attr((uint32(bpf.Fd))))
+		if filter.Fd >= 0 {
+			nl.NewRtAttrChild(options, nl.TCA_BPF_FD, nl.Uint32Attr((uint32(filter.Fd))))
 		}
-		if bpf.Name != "" {
-			nl.NewRtAttrChild(options, nl.TCA_BPF_NAME, nl.ZeroTerminated(bpf.Name))
+		if filter.Name != "" {
+			nl.NewRtAttrChild(options, nl.TCA_BPF_NAME, nl.ZeroTerminated(filter.Name))
 		}
-		if bpf.DirectAction {
+		if filter.DirectAction {
 			bpfFlags |= nl.TCA_BPF_FLAG_ACT_DIRECT
 		}
 		nl.NewRtAttrChild(options, nl.TCA_BPF_FLAGS, nl.Uint32Attr(bpfFlags))
 	}
 
 	req.AddData(options)
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -229,7 +240,7 @@ func FilterList(link Link, parent uint32) ([]Filter, error) {
 // Equivalent to: `tc filter show`.
 // Generally returns nothing if link and parent are not specified.
 func (h *Handle) FilterList(link Link, parent uint32) ([]Filter, error) {
-	req := h.newNetlinkRequest(syscall.RTM_GETTFILTER, syscall.NLM_F_DUMP)
+	req := h.newNetlinkRequest(unix.RTM_GETTFILTER, unix.NLM_F_DUMP)
 	msg := &nl.TcMsg{
 		Family: nl.FAMILY_ALL,
 		Parent: parent,
@@ -241,7 +252,7 @@ func (h *Handle) FilterList(link Link, parent uint32) ([]Filter, error) {
 	}
 	req.AddData(msg)
 
-	msgs, err := req.Execute(syscall.NETLINK_ROUTE, syscall.RTM_NEWTFILTER)
+	msgs, err := req.Execute(unix.NETLINK_ROUTE, unix.RTM_NEWTFILTER)
 	if err != nil {
 		return nil, err
 	}
@@ -552,7 +563,7 @@ func AdjustSize(sz uint, mpu uint, linklayer int) uint {
 	}
 }
 
-func CalcRtable(rate *nl.TcRateSpec, rtab [256]uint32, cellLog int, mtu uint32, linklayer int) int {
+func CalcRtable(rate *nl.TcRateSpec, rtab []uint32, cellLog int, mtu uint32, linklayer int) int {
 	bps := rate.Rate
 	mpu := rate.Mpu
 	var sz uint
diff --git a/vendor/github.com/vishvananda/netlink/fou.go b/vendor/github.com/vishvananda/netlink/fou.go
new file mode 100644
index 000000000000..71e73c37a0a3
--- /dev/null
+++ b/vendor/github.com/vishvananda/netlink/fou.go
@@ -0,0 +1,21 @@
+package netlink
+
+import (
+	"errors"
+)
+
+var (
+	// ErrAttrHeaderTruncated is returned when a netlink attribute's header is
+	// truncated.
+	ErrAttrHeaderTruncated = errors.New("attribute header truncated")
+	// ErrAttrBodyTruncated is returned when a netlink attribute's body is
+	// truncated.
+	ErrAttrBodyTruncated = errors.New("attribute body truncated")
+)
+
+type Fou struct {
+	Family    int
+	Port      int
+	Protocol  int
+	EncapType int
+}
diff --git a/vendor/github.com/vishvananda/netlink/fou_linux.go b/vendor/github.com/vishvananda/netlink/fou_linux.go
new file mode 100644
index 000000000000..62d59bd2d093
--- /dev/null
+++ b/vendor/github.com/vishvananda/netlink/fou_linux.go
@@ -0,0 +1,215 @@
+// +build linux
+
+package netlink
+
+import (
+	"encoding/binary"
+	"errors"
+
+	"github.com/vishvananda/netlink/nl"
+	"golang.org/x/sys/unix"
+)
+
+const (
+	FOU_GENL_NAME = "fou"
+)
+
+const (
+	FOU_CMD_UNSPEC uint8 = iota
+	FOU_CMD_ADD
+	FOU_CMD_DEL
+	FOU_CMD_GET
+	FOU_CMD_MAX = FOU_CMD_GET
+)
+
+const (
+	FOU_ATTR_UNSPEC = iota
+	FOU_ATTR_PORT
+	FOU_ATTR_AF
+	FOU_ATTR_IPPROTO
+	FOU_ATTR_TYPE
+	FOU_ATTR_REMCSUM_NOPARTIAL
+	FOU_ATTR_MAX = FOU_ATTR_REMCSUM_NOPARTIAL
+)
+
+const (
+	FOU_ENCAP_UNSPEC = iota
+	FOU_ENCAP_DIRECT
+	FOU_ENCAP_GUE
+	FOU_ENCAP_MAX = FOU_ENCAP_GUE
+)
+
+var fouFamilyId int
+
+func FouFamilyId() (int, error) {
+	if fouFamilyId != 0 {
+		return fouFamilyId, nil
+	}
+
+	fam, err := GenlFamilyGet(FOU_GENL_NAME)
+	if err != nil {
+		return -1, err
+	}
+
+	fouFamilyId = int(fam.ID)
+	return fouFamilyId, nil
+}
+
+func FouAdd(f Fou) error {
+	return pkgHandle.FouAdd(f)
+}
+
+func (h *Handle) FouAdd(f Fou) error {
+	fam_id, err := FouFamilyId()
+	if err != nil {
+		return err
+	}
+
+	// setting ip protocol conflicts with encapsulation type GUE
+	if f.EncapType == FOU_ENCAP_GUE && f.Protocol != 0 {
+		return errors.New("GUE encapsulation doesn't specify an IP protocol")
+	}
+
+	req := h.newNetlinkRequest(fam_id, unix.NLM_F_ACK)
+
+	// int to byte for port
+	bp := make([]byte, 2)
+	binary.BigEndian.PutUint16(bp[0:2], uint16(f.Port))
+
+	attrs := []*nl.RtAttr{
+		nl.NewRtAttr(FOU_ATTR_PORT, bp),
+		nl.NewRtAttr(FOU_ATTR_TYPE, []byte{uint8(f.EncapType)}),
+		nl.NewRtAttr(FOU_ATTR_AF, []byte{uint8(f.Family)}),
+		nl.NewRtAttr(FOU_ATTR_IPPROTO, []byte{uint8(f.Protocol)}),
+	}
+	raw := []byte{FOU_CMD_ADD, 1, 0, 0}
+	for _, a := range attrs {
+		raw = append(raw, a.Serialize()...)
+	}
+
+	req.AddRawData(raw)
+
+	_, err = req.Execute(unix.NETLINK_GENERIC, 0)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func FouDel(f Fou) error {
+	return pkgHandle.FouDel(f)
+}
+
+func (h *Handle) FouDel(f Fou) error {
+	fam_id, err := FouFamilyId()
+	if err != nil {
+		return err
+	}
+
+	req := h.newNetlinkRequest(fam_id, unix.NLM_F_ACK)
+
+	// int to byte for port
+	bp := make([]byte, 2)
+	binary.BigEndian.PutUint16(bp[0:2], uint16(f.Port))
+
+	attrs := []*nl.RtAttr{
+		nl.NewRtAttr(FOU_ATTR_PORT, bp),
+		nl.NewRtAttr(FOU_ATTR_AF, []byte{uint8(f.Family)}),
+	}
+	raw := []byte{FOU_CMD_DEL, 1, 0, 0}
+	for _, a := range attrs {
+		raw = append(raw, a.Serialize()...)
+	}
+
+	req.AddRawData(raw)
+
+	_, err = req.Execute(unix.NETLINK_GENERIC, 0)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func FouList(fam int) ([]Fou, error) {
+	return pkgHandle.FouList(fam)
+}
+
+func (h *Handle) FouList(fam int) ([]Fou, error) {
+	fam_id, err := FouFamilyId()
+	if err != nil {
+		return nil, err
+	}
+
+	req := h.newNetlinkRequest(fam_id, unix.NLM_F_DUMP)
+
+	attrs := []*nl.RtAttr{
+		nl.NewRtAttr(FOU_ATTR_AF, []byte{uint8(fam)}),
+	}
+	raw := []byte{FOU_CMD_GET, 1, 0, 0}
+	for _, a := range attrs {
+		raw = append(raw, a.Serialize()...)
+	}
+
+	req.AddRawData(raw)
+
+	msgs, err := req.Execute(unix.NETLINK_GENERIC, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	fous := make([]Fou, 0, len(msgs))
+	for _, m := range msgs {
+		f, err := deserializeFouMsg(m)
+		if err != nil {
+			return fous, err
+		}
+
+		fous = append(fous, f)
+	}
+
+	return fous, nil
+}
+
+func deserializeFouMsg(msg []byte) (Fou, error) {
+	// we'll skip to byte 4 to first attribute
+	msg = msg[3:]
+	var shift int
+	fou := Fou{}
+
+	for {
+		// attribute header is at least 16 bits
+		if len(msg) < 4 {
+			return fou, ErrAttrHeaderTruncated
+		}
+
+		lgt := int(binary.BigEndian.Uint16(msg[0:2]))
+		if len(msg) < lgt+4 {
+			return fou, ErrAttrBodyTruncated
+		}
+		attr := binary.BigEndian.Uint16(msg[2:4])
+
+		shift = lgt + 3
+		switch attr {
+		case FOU_ATTR_AF:
+			fou.Family = int(msg[5])
+		case FOU_ATTR_PORT:
+			fou.Port = int(binary.BigEndian.Uint16(msg[5:7]))
+			// port is 2 bytes
+			shift = lgt + 2
+		case FOU_ATTR_IPPROTO:
+			fou.Protocol = int(msg[5])
+		case FOU_ATTR_TYPE:
+			fou.EncapType = int(msg[5])
+		}
+
+		msg = msg[shift:]
+
+		if len(msg) < 4 {
+			break
+		}
+	}
+
+	return fou, nil
+}
diff --git a/vendor/github.com/vishvananda/netlink/fou_unspecified.go b/vendor/github.com/vishvananda/netlink/fou_unspecified.go
new file mode 100644
index 000000000000..3a8365bfe623
--- /dev/null
+++ b/vendor/github.com/vishvananda/netlink/fou_unspecified.go
@@ -0,0 +1,15 @@
+// +build !linux
+
+package netlink
+
+func FouAdd(f Fou) error {
+	return ErrNotImplemented
+}
+
+func FouDel(f Fou) error {
+	return ErrNotImplemented
+}
+
+func FouList(fam int) ([]Fou, error) {
+	return nil, ErrNotImplemented
+}
diff --git a/vendor/github.com/vishvananda/netlink/genetlink_linux.go b/vendor/github.com/vishvananda/netlink/genetlink_linux.go
index a388a87001ce..ce7969907d43 100644
--- a/vendor/github.com/vishvananda/netlink/genetlink_linux.go
+++ b/vendor/github.com/vishvananda/netlink/genetlink_linux.go
@@ -5,6 +5,7 @@ import (
 	"syscall"
 
 	"github.com/vishvananda/netlink/nl"
+	"golang.org/x/sys/unix"
 )
 
 type GenlOp struct {
@@ -130,9 +131,9 @@ func (h *Handle) GenlFamilyList() ([]*GenlFamily, error) {
 		Command: nl.GENL_CTRL_CMD_GETFAMILY,
 		Version: nl.GENL_CTRL_VERSION,
 	}
-	req := h.newNetlinkRequest(nl.GENL_ID_CTRL, syscall.NLM_F_DUMP)
+	req := h.newNetlinkRequest(nl.GENL_ID_CTRL, unix.NLM_F_DUMP)
 	req.AddData(msg)
-	msgs, err := req.Execute(syscall.NETLINK_GENERIC, 0)
+	msgs, err := req.Execute(unix.NETLINK_GENERIC, 0)
 	if err != nil {
 		return nil, err
 	}
@@ -151,7 +152,7 @@ func (h *Handle) GenlFamilyGet(name string) (*GenlFamily, error) {
 	req := h.newNetlinkRequest(nl.GENL_ID_CTRL, 0)
 	req.AddData(msg)
 	req.AddData(nl.NewRtAttr(nl.GENL_CTRL_ATTR_FAMILY_NAME, nl.ZeroTerminated(name)))
-	msgs, err := req.Execute(syscall.NETLINK_GENERIC, 0)
+	msgs, err := req.Execute(unix.NETLINK_GENERIC, 0)
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/github.com/vishvananda/netlink/gtp_linux.go b/vendor/github.com/vishvananda/netlink/gtp_linux.go
index 7331303ecbe1..f5e160ba5c06 100644
--- a/vendor/github.com/vishvananda/netlink/gtp_linux.go
+++ b/vendor/github.com/vishvananda/netlink/gtp_linux.go
@@ -7,6 +7,7 @@ import (
 	"syscall"
 
 	"github.com/vishvananda/netlink/nl"
+	"golang.org/x/sys/unix"
 )
 
 type PDP struct {
@@ -82,9 +83,9 @@ func (h *Handle) GTPPDPList() ([]*PDP, error) {
 		Command: nl.GENL_GTP_CMD_GETPDP,
 		Version: nl.GENL_GTP_VERSION,
 	}
-	req := h.newNetlinkRequest(int(f.ID), syscall.NLM_F_DUMP)
+	req := h.newNetlinkRequest(int(f.ID), unix.NLM_F_DUMP)
 	req.AddData(msg)
-	msgs, err := req.Execute(syscall.NETLINK_GENERIC, 0)
+	msgs, err := req.Execute(unix.NETLINK_GENERIC, 0)
 	if err != nil {
 		return nil, err
 	}
@@ -96,7 +97,7 @@ func GTPPDPList() ([]*PDP, error) {
 }
 
 func gtpPDPGet(req *nl.NetlinkRequest) (*PDP, error) {
-	msgs, err := req.Execute(syscall.NETLINK_GENERIC, 0)
+	msgs, err := req.Execute(unix.NETLINK_GENERIC, 0)
 	if err != nil {
 		return nil, err
 	}
@@ -182,7 +183,7 @@ func (h *Handle) GTPPDPAdd(link Link, pdp *PDP) error {
 		Command: nl.GENL_GTP_CMD_NEWPDP,
 		Version: nl.GENL_GTP_VERSION,
 	}
-	req := h.newNetlinkRequest(int(f.ID), syscall.NLM_F_EXCL|syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(int(f.ID), unix.NLM_F_EXCL|unix.NLM_F_ACK)
 	req.AddData(msg)
 	req.AddData(nl.NewRtAttr(nl.GENL_GTP_ATTR_VERSION, nl.Uint32Attr(pdp.Version)))
 	req.AddData(nl.NewRtAttr(nl.GENL_GTP_ATTR_LINK, nl.Uint32Attr(uint32(link.Attrs().Index))))
@@ -199,7 +200,7 @@ func (h *Handle) GTPPDPAdd(link Link, pdp *PDP) error {
 	default:
 		return fmt.Errorf("unsupported GTP version: %d", pdp.Version)
 	}
-	_, err = req.Execute(syscall.NETLINK_GENERIC, 0)
+	_, err = req.Execute(unix.NETLINK_GENERIC, 0)
 	return err
 }
 
@@ -216,7 +217,7 @@ func (h *Handle) GTPPDPDel(link Link, pdp *PDP) error {
 		Command: nl.GENL_GTP_CMD_DELPDP,
 		Version: nl.GENL_GTP_VERSION,
 	}
-	req := h.newNetlinkRequest(int(f.ID), syscall.NLM_F_EXCL|syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(int(f.ID), unix.NLM_F_EXCL|unix.NLM_F_ACK)
 	req.AddData(msg)
 	req.AddData(nl.NewRtAttr(nl.GENL_GTP_ATTR_VERSION, nl.Uint32Attr(pdp.Version)))
 	req.AddData(nl.NewRtAttr(nl.GENL_GTP_ATTR_LINK, nl.Uint32Attr(uint32(link.Attrs().Index))))
@@ -229,7 +230,7 @@ func (h *Handle) GTPPDPDel(link Link, pdp *PDP) error {
 	default:
 		return fmt.Errorf("unsupported GTP version: %d", pdp.Version)
 	}
-	_, err = req.Execute(syscall.NETLINK_GENERIC, 0)
+	_, err = req.Execute(unix.NETLINK_GENERIC, 0)
 	return err
 }
 
diff --git a/vendor/github.com/vishvananda/netlink/handle_linux.go b/vendor/github.com/vishvananda/netlink/handle_linux.go
index a04ceae6b619..9f6d7fe0fbd1 100644
--- a/vendor/github.com/vishvananda/netlink/handle_linux.go
+++ b/vendor/github.com/vishvananda/netlink/handle_linux.go
@@ -2,11 +2,11 @@ package netlink
 
 import (
 	"fmt"
-	"syscall"
 	"time"
 
 	"github.com/vishvananda/netlink/nl"
 	"github.com/vishvananda/netns"
+	"golang.org/x/sys/unix"
 )
 
 // Empty handle used by the netlink package methods
@@ -43,14 +43,29 @@ func (h *Handle) SetSocketTimeout(to time.Duration) error {
 	if to < time.Microsecond {
 		return fmt.Errorf("invalid timeout, minimul value is %s", time.Microsecond)
 	}
-	tv := syscall.NsecToTimeval(to.Nanoseconds())
+	tv := unix.NsecToTimeval(to.Nanoseconds())
 	for _, sh := range h.sockets {
-		fd := sh.Socket.GetFd()
-		err := syscall.SetsockoptTimeval(fd, syscall.SOL_SOCKET, syscall.SO_RCVTIMEO, &tv)
-		if err != nil {
+		if err := sh.Socket.SetSendTimeout(&tv); err != nil {
 			return err
 		}
-		err = syscall.SetsockoptTimeval(fd, syscall.SOL_SOCKET, syscall.SO_SNDTIMEO, &tv)
+		if err := sh.Socket.SetReceiveTimeout(&tv); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// SetSocketReceiveBufferSize sets the receive buffer size for each
+// socket in the netlink handle. The maximum value is capped by
+// /proc/sys/net/core/rmem_max.
+func (h *Handle) SetSocketReceiveBufferSize(size int, force bool) error {
+	opt := unix.SO_RCVBUF
+	if force {
+		opt = unix.SO_RCVBUFFORCE
+	}
+	for _, sh := range h.sockets {
+		fd := sh.Socket.GetFd()
+		err := unix.SetsockoptInt(fd, unix.SOL_SOCKET, opt, size)
 		if err != nil {
 			return err
 		}
@@ -58,6 +73,24 @@ func (h *Handle) SetSocketTimeout(to time.Duration) error {
 	return nil
 }
 
+// GetSocketReceiveBufferSize gets the receiver buffer size for each
+// socket in the netlink handle. The retrieved value should be the
+// double to the one set for SetSocketReceiveBufferSize.
+func (h *Handle) GetSocketReceiveBufferSize() ([]int, error) {
+	results := make([]int, len(h.sockets))
+	i := 0
+	for _, sh := range h.sockets {
+		fd := sh.Socket.GetFd()
+		size, err := unix.GetsockoptInt(fd, unix.SOL_SOCKET, unix.SO_RCVBUF)
+		if err != nil {
+			return nil, err
+		}
+		results[i] = size
+		i++
+	}
+	return results, nil
+}
+
 // NewHandle returns a netlink handle on the network namespace
 // specified by ns. If ns=netns.None(), current network namespace
 // will be assumed
@@ -101,10 +134,10 @@ func (h *Handle) newNetlinkRequest(proto, flags int) *nl.NetlinkRequest {
 		return nl.NewNetlinkRequest(proto, flags)
 	}
 	return &nl.NetlinkRequest{
-		NlMsghdr: syscall.NlMsghdr{
-			Len:   uint32(syscall.SizeofNlMsghdr),
+		NlMsghdr: unix.NlMsghdr{
+			Len:   uint32(unix.SizeofNlMsghdr),
 			Type:  uint16(proto),
-			Flags: syscall.NLM_F_REQUEST | uint16(flags),
+			Flags: unix.NLM_F_REQUEST | uint16(flags),
 		},
 		Sockets: h.sockets,
 	}
diff --git a/vendor/github.com/vishvananda/netlink/handle_unspecified.go b/vendor/github.com/vishvananda/netlink/handle_unspecified.go
index 32cf022732de..7da21a6a1847 100644
--- a/vendor/github.com/vishvananda/netlink/handle_unspecified.go
+++ b/vendor/github.com/vishvananda/netlink/handle_unspecified.go
@@ -145,6 +145,10 @@ func (h *Handle) LinkSetFlood(link Link, mode bool) error {
 	return ErrNotImplemented
 }
 
+func (h *Handle) LinkSetTxQLen(link Link, qlen int) error {
+	return ErrNotImplemented
+}
+
 func (h *Handle) setProtinfoAttr(link Link, mode bool, attr int) error {
 	return ErrNotImplemented
 }
diff --git a/vendor/github.com/vishvananda/netlink/link.go b/vendor/github.com/vishvananda/netlink/link.go
index 4e77037b5c3b..d8ba16a948f5 100644
--- a/vendor/github.com/vishvananda/netlink/link.go
+++ b/vendor/github.com/vishvananda/netlink/link.go
@@ -3,6 +3,7 @@ package netlink
 import (
 	"fmt"
 	"net"
+	"os"
 )
 
 // Link represents a link device from netlink. Shared link attributes
@@ -37,6 +38,9 @@ type LinkAttrs struct {
 	EncapType    string
 	Protinfo     *Protinfo
 	OperState    LinkOperState
+	NetNsID      int
+	NumTxQueues  int
+	NumRxQueues  int
 }
 
 // LinkOperState represents the values of the IFLA_OPERSTATE link
@@ -258,6 +262,9 @@ const (
 type Macvlan struct {
 	LinkAttrs
 	Mode MacvlanMode
+
+	// MACAddrs is only populated for Macvlan SOURCE links
+	MACAddrs []net.HardwareAddr
 }
 
 func (macvlan *Macvlan) Attrs() *LinkAttrs {
@@ -283,8 +290,10 @@ type TuntapFlag uint16
 // Tuntap links created via /dev/tun/tap, but can be destroyed via netlink
 type Tuntap struct {
 	LinkAttrs
-	Mode  TuntapMode
-	Flags TuntapFlag
+	Mode   TuntapMode
+	Flags  TuntapFlag
+	Queues int
+	Fds    []*os.File
 }
 
 func (tuntap *Tuntap) Attrs() *LinkAttrs {
@@ -326,26 +335,28 @@ func (generic *GenericLink) Type() string {
 
 type Vxlan struct {
 	LinkAttrs
-	VxlanId      int
-	VtepDevIndex int
-	SrcAddr      net.IP
-	Group        net.IP
-	TTL          int
-	TOS          int
-	Learning     bool
-	Proxy        bool
-	RSC          bool
-	L2miss       bool
-	L3miss       bool
-	UDPCSum      bool
-	NoAge        bool
-	GBP          bool
-	FlowBased    bool
-	Age          int
-	Limit        int
-	Port         int
-	PortLow      int
-	PortHigh     int
+	VxlanId        int
+	VtepDevIndex   int
+	SrcAddr        net.IP
+	Group          net.IP
+	TTL            int
+	TOS            int
+	Learning       bool
+	Proxy          bool
+	RSC            bool
+	L2miss         bool
+	L3miss         bool
+	UDPCSum        bool
+	UDP6ZeroCSumTx bool
+	UDP6ZeroCSumRx bool
+	NoAge          bool
+	GBP            bool
+	FlowBased      bool
+	Age            int
+	Limit          int
+	Port           int
+	PortLow        int
+	PortHigh       int
 }
 
 func (vxlan *Vxlan) Attrs() *LinkAttrs {
@@ -699,12 +710,17 @@ func (gretap *Gretap) Type() string {
 
 type Iptun struct {
 	LinkAttrs
-	Ttl      uint8
-	Tos      uint8
-	PMtuDisc uint8
-	Link     uint32
-	Local    net.IP
-	Remote   net.IP
+	Ttl        uint8
+	Tos        uint8
+	PMtuDisc   uint8
+	Link       uint32
+	Local      net.IP
+	Remote     net.IP
+	EncapSport uint16
+	EncapDport uint16
+	EncapType  uint16
+	EncapFlags uint16
+	FlowBased  bool
 }
 
 func (iptun *Iptun) Attrs() *LinkAttrs {
@@ -715,6 +731,28 @@ func (iptun *Iptun) Type() string {
 	return "ipip"
 }
 
+type Sittun struct {
+	LinkAttrs
+	Link       uint32
+	Local      net.IP
+	Remote     net.IP
+	Ttl        uint8
+	Tos        uint8
+	PMtuDisc   uint8
+	EncapType  uint16
+	EncapFlags uint16
+	EncapSport uint16
+	EncapDport uint16
+}
+
+func (sittun *Sittun) Attrs() *LinkAttrs {
+	return &sittun.LinkAttrs
+}
+
+func (sittun *Sittun) Type() string {
+	return "sit"
+}
+
 type Vti struct {
 	LinkAttrs
 	IKey   uint32
@@ -732,6 +770,32 @@ func (iptun *Vti) Type() string {
 	return "vti"
 }
 
+type Gretun struct {
+	LinkAttrs
+	Link       uint32
+	IFlags     uint16
+	OFlags     uint16
+	IKey       uint32
+	OKey       uint32
+	Local      net.IP
+	Remote     net.IP
+	Ttl        uint8
+	Tos        uint8
+	PMtuDisc   uint8
+	EncapType  uint16
+	EncapFlags uint16
+	EncapSport uint16
+	EncapDport uint16
+}
+
+func (gretun *Gretun) Attrs() *LinkAttrs {
+	return &gretun.LinkAttrs
+}
+
+func (gretun *Gretun) Type() string {
+	return "gre"
+}
+
 type Vrf struct {
 	LinkAttrs
 	Table uint32
diff --git a/vendor/github.com/vishvananda/netlink/link_linux.go b/vendor/github.com/vishvananda/netlink/link_linux.go
index 0fe70295ef26..a6ae10418772 100644
--- a/vendor/github.com/vishvananda/netlink/link_linux.go
+++ b/vendor/github.com/vishvananda/netlink/link_linux.go
@@ -11,6 +11,7 @@ import (
 
 	"github.com/vishvananda/netlink/nl"
 	"github.com/vishvananda/netns"
+	"golang.org/x/sys/unix"
 )
 
 const (
@@ -20,13 +21,15 @@ const (
 )
 
 const (
-	TUNTAP_MODE_TUN  TuntapMode = syscall.IFF_TUN
-	TUNTAP_MODE_TAP  TuntapMode = syscall.IFF_TAP
-	TUNTAP_DEFAULTS  TuntapFlag = syscall.IFF_TUN_EXCL | syscall.IFF_ONE_QUEUE
-	TUNTAP_VNET_HDR  TuntapFlag = syscall.IFF_VNET_HDR
-	TUNTAP_TUN_EXCL  TuntapFlag = syscall.IFF_TUN_EXCL
-	TUNTAP_NO_PI     TuntapFlag = syscall.IFF_NO_PI
-	TUNTAP_ONE_QUEUE TuntapFlag = syscall.IFF_ONE_QUEUE
+	TUNTAP_MODE_TUN             TuntapMode = unix.IFF_TUN
+	TUNTAP_MODE_TAP             TuntapMode = unix.IFF_TAP
+	TUNTAP_DEFAULTS             TuntapFlag = unix.IFF_TUN_EXCL | unix.IFF_ONE_QUEUE
+	TUNTAP_VNET_HDR             TuntapFlag = unix.IFF_VNET_HDR
+	TUNTAP_TUN_EXCL             TuntapFlag = unix.IFF_TUN_EXCL
+	TUNTAP_NO_PI                TuntapFlag = unix.IFF_NO_PI
+	TUNTAP_ONE_QUEUE            TuntapFlag = unix.IFF_ONE_QUEUE
+	TUNTAP_MULTI_QUEUE          TuntapFlag = 0x0100
+	TUNTAP_MULTI_QUEUE_DEFAULTS TuntapFlag = TUNTAP_MULTI_QUEUE | TUNTAP_NO_PI
 )
 
 var lookupByDump = false
@@ -61,15 +64,15 @@ func (h *Handle) ensureIndex(link *LinkAttrs) {
 func (h *Handle) LinkSetARPOff(link Link) error {
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_SETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
-	msg.Change |= syscall.IFF_NOARP
-	msg.Flags |= syscall.IFF_NOARP
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
+	msg.Change |= unix.IFF_NOARP
+	msg.Flags |= unix.IFF_NOARP
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -80,15 +83,15 @@ func LinkSetARPOff(link Link) error {
 func (h *Handle) LinkSetARPOn(link Link) error {
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_SETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
-	msg.Change |= syscall.IFF_NOARP
-	msg.Flags &= ^uint32(syscall.IFF_NOARP)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
+	msg.Change |= unix.IFF_NOARP
+	msg.Flags &= ^uint32(unix.IFF_NOARP)
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -99,15 +102,84 @@ func LinkSetARPOn(link Link) error {
 func (h *Handle) SetPromiscOn(link Link) error {
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_SETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
-	msg.Change = syscall.IFF_PROMISC
-	msg.Flags = syscall.IFF_PROMISC
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
+	msg.Change = unix.IFF_PROMISC
+	msg.Flags = unix.IFF_PROMISC
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
+	return err
+}
+
+func MacvlanMACAddrAdd(link Link, addr net.HardwareAddr) error {
+	return pkgHandle.MacvlanMACAddrAdd(link, addr)
+}
+
+func (h *Handle) MacvlanMACAddrAdd(link Link, addr net.HardwareAddr) error {
+	return h.macvlanMACAddrChange(link, []net.HardwareAddr{addr}, nl.MACVLAN_MACADDR_ADD)
+}
+
+func MacvlanMACAddrDel(link Link, addr net.HardwareAddr) error {
+	return pkgHandle.MacvlanMACAddrDel(link, addr)
+}
+
+func (h *Handle) MacvlanMACAddrDel(link Link, addr net.HardwareAddr) error {
+	return h.macvlanMACAddrChange(link, []net.HardwareAddr{addr}, nl.MACVLAN_MACADDR_DEL)
+}
+
+func MacvlanMACAddrFlush(link Link) error {
+	return pkgHandle.MacvlanMACAddrFlush(link)
+}
+
+func (h *Handle) MacvlanMACAddrFlush(link Link) error {
+	return h.macvlanMACAddrChange(link, nil, nl.MACVLAN_MACADDR_FLUSH)
+}
+
+func MacvlanMACAddrSet(link Link, addrs []net.HardwareAddr) error {
+	return pkgHandle.MacvlanMACAddrSet(link, addrs)
+}
+
+func (h *Handle) MacvlanMACAddrSet(link Link, addrs []net.HardwareAddr) error {
+	return h.macvlanMACAddrChange(link, addrs, nl.MACVLAN_MACADDR_SET)
+}
+
+func (h *Handle) macvlanMACAddrChange(link Link, addrs []net.HardwareAddr, mode uint32) error {
+	base := link.Attrs()
+	h.ensureIndex(base)
+	req := h.newNetlinkRequest(unix.RTM_NEWLINK, unix.NLM_F_ACK)
+
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
+	msg.Index = int32(base.Index)
+	req.AddData(msg)
+
+	linkInfo := nl.NewRtAttr(unix.IFLA_LINKINFO, nil)
+	nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_KIND, nl.NonZeroTerminated(link.Type()))
+	inner := nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_DATA, nil)
+
+	// IFLA_MACVLAN_MACADDR_MODE = mode
+	b := make([]byte, 4)
+	native.PutUint32(b, mode)
+	nl.NewRtAttrChild(inner, nl.IFLA_MACVLAN_MACADDR_MODE, b)
+
+	// populate message with MAC addrs, if necessary
+	switch mode {
+	case nl.MACVLAN_MACADDR_ADD, nl.MACVLAN_MACADDR_DEL:
+		if len(addrs) == 1 {
+			nl.NewRtAttrChild(inner, nl.IFLA_MACVLAN_MACADDR, []byte(addrs[0]))
+		}
+	case nl.MACVLAN_MACADDR_SET:
+		mad := nl.NewRtAttrChild(inner, nl.IFLA_MACVLAN_MACADDR_DATA, nil)
+		for _, addr := range addrs {
+			nl.NewRtAttrChild(mad, nl.IFLA_MACVLAN_MACADDR, []byte(addr))
+		}
+	}
+
+	req.AddData(linkInfo)
+
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -118,7 +190,7 @@ func BridgeSetMcastSnoop(link Link, on bool) error {
 func (h *Handle) BridgeSetMcastSnoop(link Link, on bool) error {
 	bridge := link.(*Bridge)
 	bridge.MulticastSnooping = &on
-	return h.linkModify(bridge, syscall.NLM_F_ACK)
+	return h.linkModify(bridge, unix.NLM_F_ACK)
 }
 
 func SetPromiscOn(link Link) error {
@@ -128,15 +200,15 @@ func SetPromiscOn(link Link) error {
 func (h *Handle) SetPromiscOff(link Link) error {
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_SETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
-	msg.Change = syscall.IFF_PROMISC
-	msg.Flags = 0 & ^syscall.IFF_PROMISC
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
+	msg.Change = unix.IFF_PROMISC
+	msg.Flags = 0 & ^unix.IFF_PROMISC
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -155,15 +227,15 @@ func LinkSetUp(link Link) error {
 func (h *Handle) LinkSetUp(link Link) error {
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(syscall.RTM_NEWLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_NEWLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
-	msg.Change = syscall.IFF_UP
-	msg.Flags = syscall.IFF_UP
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
+	msg.Change = unix.IFF_UP
+	msg.Flags = unix.IFF_UP
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -178,15 +250,15 @@ func LinkSetDown(link Link) error {
 func (h *Handle) LinkSetDown(link Link) error {
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(syscall.RTM_NEWLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_NEWLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
-	msg.Change = syscall.IFF_UP
-	msg.Flags = 0 & ^syscall.IFF_UP
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
+	msg.Change = unix.IFF_UP
+	msg.Flags = 0 & ^unix.IFF_UP
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -201,19 +273,19 @@ func LinkSetMTU(link Link, mtu int) error {
 func (h *Handle) LinkSetMTU(link Link, mtu int) error {
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_SETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
 	b := make([]byte, 4)
 	native.PutUint32(b, uint32(mtu))
 
-	data := nl.NewRtAttr(syscall.IFLA_MTU, b)
+	data := nl.NewRtAttr(unix.IFLA_MTU, b)
 	req.AddData(data)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -228,16 +300,16 @@ func LinkSetName(link Link, name string) error {
 func (h *Handle) LinkSetName(link Link, name string) error {
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_SETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
-	data := nl.NewRtAttr(syscall.IFLA_IFNAME, []byte(name))
+	data := nl.NewRtAttr(unix.IFLA_IFNAME, []byte(name))
 	req.AddData(data)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -252,16 +324,16 @@ func LinkSetAlias(link Link, name string) error {
 func (h *Handle) LinkSetAlias(link Link, name string) error {
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_SETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
-	data := nl.NewRtAttr(syscall.IFLA_IFALIAS, []byte(name))
+	data := nl.NewRtAttr(unix.IFLA_IFALIAS, []byte(name))
 	req.AddData(data)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -276,16 +348,16 @@ func LinkSetHardwareAddr(link Link, hwaddr net.HardwareAddr) error {
 func (h *Handle) LinkSetHardwareAddr(link Link, hwaddr net.HardwareAddr) error {
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_SETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
-	data := nl.NewRtAttr(syscall.IFLA_ADDRESS, []byte(hwaddr))
+	data := nl.NewRtAttr(unix.IFLA_ADDRESS, []byte(hwaddr))
 	req.AddData(data)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -300,9 +372,9 @@ func LinkSetVfHardwareAddr(link Link, vf int, hwaddr net.HardwareAddr) error {
 func (h *Handle) LinkSetVfHardwareAddr(link Link, vf int, hwaddr net.HardwareAddr) error {
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_SETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
@@ -315,7 +387,7 @@ func (h *Handle) LinkSetVfHardwareAddr(link Link, vf int, hwaddr net.HardwareAdd
 	nl.NewRtAttrChild(info, nl.IFLA_VF_MAC, vfmsg.Serialize())
 	req.AddData(data)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -330,9 +402,9 @@ func LinkSetVfVlan(link Link, vf, vlan int) error {
 func (h *Handle) LinkSetVfVlan(link Link, vf, vlan int) error {
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_SETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
@@ -345,7 +417,7 @@ func (h *Handle) LinkSetVfVlan(link Link, vf, vlan int) error {
 	nl.NewRtAttrChild(info, nl.IFLA_VF_VLAN, vfmsg.Serialize())
 	req.AddData(data)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -360,9 +432,9 @@ func LinkSetVfTxRate(link Link, vf, rate int) error {
 func (h *Handle) LinkSetVfTxRate(link Link, vf, rate int) error {
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_SETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
@@ -375,7 +447,7 @@ func (h *Handle) LinkSetVfTxRate(link Link, vf, rate int) error {
 	nl.NewRtAttrChild(info, nl.IFLA_VF_TX_RATE, vfmsg.Serialize())
 	req.AddData(data)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -391,9 +463,9 @@ func (h *Handle) LinkSetVfSpoofchk(link Link, vf int, check bool) error {
 	var setting uint32
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_SETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
@@ -409,7 +481,7 @@ func (h *Handle) LinkSetVfSpoofchk(link Link, vf int, check bool) error {
 	nl.NewRtAttrChild(info, nl.IFLA_VF_SPOOFCHK, vfmsg.Serialize())
 	req.AddData(data)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -425,9 +497,9 @@ func (h *Handle) LinkSetVfTrust(link Link, vf int, state bool) error {
 	var setting uint32
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_SETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
@@ -443,7 +515,7 @@ func (h *Handle) LinkSetVfTrust(link Link, vf int, state bool) error {
 	nl.NewRtAttrChild(info, nl.IFLA_VF_TRUST, vfmsg.Serialize())
 	req.AddData(data)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -491,19 +563,19 @@ func LinkSetMasterByIndex(link Link, masterIndex int) error {
 func (h *Handle) LinkSetMasterByIndex(link Link, masterIndex int) error {
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_SETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
 	b := make([]byte, 4)
 	native.PutUint32(b, uint32(masterIndex))
 
-	data := nl.NewRtAttr(syscall.IFLA_MASTER, b)
+	data := nl.NewRtAttr(unix.IFLA_MASTER, b)
 	req.AddData(data)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -520,19 +592,19 @@ func LinkSetNsPid(link Link, nspid int) error {
 func (h *Handle) LinkSetNsPid(link Link, nspid int) error {
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_SETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
 	b := make([]byte, 4)
 	native.PutUint32(b, uint32(nspid))
 
-	data := nl.NewRtAttr(syscall.IFLA_NET_NS_PID, b)
+	data := nl.NewRtAttr(unix.IFLA_NET_NS_PID, b)
 	req.AddData(data)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -549,9 +621,9 @@ func LinkSetNsFd(link Link, fd int) error {
 func (h *Handle) LinkSetNsFd(link Link, fd int) error {
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_SETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
@@ -561,24 +633,30 @@ func (h *Handle) LinkSetNsFd(link Link, fd int) error {
 	data := nl.NewRtAttr(nl.IFLA_NET_NS_FD, b)
 	req.AddData(data)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
 // LinkSetXdpFd adds a bpf function to the driver. The fd must be a bpf
 // program loaded with bpf(type=BPF_PROG_TYPE_XDP)
 func LinkSetXdpFd(link Link, fd int) error {
+	return LinkSetXdpFdWithFlags(link, fd, 0)
+}
+
+// LinkSetXdpFdWithFlags adds a bpf function to the driver with the given
+// options. The fd must be a bpf program loaded with bpf(type=BPF_PROG_TYPE_XDP)
+func LinkSetXdpFdWithFlags(link Link, fd, flags int) error {
 	base := link.Attrs()
 	ensureIndex(base)
-	req := nl.NewNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
+	req := nl.NewNetlinkRequest(unix.RTM_SETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
-	addXdpAttrs(&LinkXdp{Fd: fd}, req)
+	addXdpAttrs(&LinkXdp{Fd: fd, Flags: uint32(flags)}, req)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -636,6 +714,8 @@ func addVxlanAttrs(vxlan *Vxlan, linkInfo *nl.RtAttr) {
 	nl.NewRtAttrChild(data, nl.IFLA_VXLAN_RSC, boolAttr(vxlan.RSC))
 	nl.NewRtAttrChild(data, nl.IFLA_VXLAN_L2MISS, boolAttr(vxlan.L2miss))
 	nl.NewRtAttrChild(data, nl.IFLA_VXLAN_L3MISS, boolAttr(vxlan.L3miss))
+	nl.NewRtAttrChild(data, nl.IFLA_VXLAN_UDP_ZERO_CSUM6_TX, boolAttr(vxlan.UDP6ZeroCSumTx))
+	nl.NewRtAttrChild(data, nl.IFLA_VXLAN_UDP_ZERO_CSUM6_RX, boolAttr(vxlan.UDP6ZeroCSumRx))
 
 	if vxlan.UDPCSum {
 		nl.NewRtAttrChild(data, nl.IFLA_VXLAN_UDP_CSUM, boolAttr(vxlan.UDPCSum))
@@ -760,6 +840,12 @@ func addBondAttrs(bond *Bond, linkInfo *nl.RtAttr) {
 	}
 }
 
+func cleanupFds(fds []*os.File) {
+	for _, f := range fds {
+		f.Close()
+	}
+}
+
 // LinkAdd adds a new link device. The type and features of the device
 // are taken from the parameters in the link object.
 // Equivalent to: `ip link add $link`
@@ -771,7 +857,7 @@ func LinkAdd(link Link) error {
 // are taken fromt the parameters in the link object.
 // Equivalent to: `ip link add $link`
 func (h *Handle) LinkAdd(link Link) error {
-	return h.linkModify(link, syscall.NLM_F_CREATE|syscall.NLM_F_EXCL|syscall.NLM_F_ACK)
+	return h.linkModify(link, unix.NLM_F_CREATE|unix.NLM_F_EXCL|unix.NLM_F_ACK)
 }
 
 func (h *Handle) linkModify(link Link, flags int) error {
@@ -785,101 +871,152 @@ func (h *Handle) linkModify(link Link, flags int) error {
 	if tuntap, ok := link.(*Tuntap); ok {
 		// TODO: support user
 		// TODO: support group
-		// TODO: multi_queue
 		// TODO: support non- persistent
-		if tuntap.Mode < syscall.IFF_TUN || tuntap.Mode > syscall.IFF_TAP {
+		if tuntap.Mode < unix.IFF_TUN || tuntap.Mode > unix.IFF_TAP {
 			return fmt.Errorf("Tuntap.Mode %v unknown!", tuntap.Mode)
 		}
-		file, err := os.OpenFile("/dev/net/tun", os.O_RDWR, 0)
-		if err != nil {
-			return err
-		}
-		defer file.Close()
+
+		queues := tuntap.Queues
+
+		var fds []*os.File
 		var req ifReq
-		if tuntap.Flags == 0 {
-			req.Flags = uint16(TUNTAP_DEFAULTS)
+		copy(req.Name[:15], base.Name)
+
+		req.Flags = uint16(tuntap.Flags)
+
+		if queues == 0 { //Legacy compatibility
+			queues = 1
+			if tuntap.Flags == 0 {
+				req.Flags = uint16(TUNTAP_DEFAULTS)
+			}
 		} else {
-			req.Flags = uint16(tuntap.Flags)
+			// For best peformance set Flags to TUNTAP_MULTI_QUEUE_DEFAULTS | TUNTAP_VNET_HDR
+			// when a) KVM has support for this ABI and
+			//      b) the value of the flag is queryable using the TUNGETIFF ioctl
+			if tuntap.Flags == 0 {
+				req.Flags = uint16(TUNTAP_MULTI_QUEUE_DEFAULTS)
+			}
 		}
+
 		req.Flags |= uint16(tuntap.Mode)
-		copy(req.Name[:15], base.Name)
-		_, _, errno := syscall.Syscall(syscall.SYS_IOCTL, file.Fd(), uintptr(syscall.TUNSETIFF), uintptr(unsafe.Pointer(&req)))
-		if errno != 0 {
-			return fmt.Errorf("Tuntap IOCTL TUNSETIFF failed, errno %v", errno)
+
+		for i := 0; i < queues; i++ {
+			localReq := req
+			file, err := os.OpenFile("/dev/net/tun", os.O_RDWR, 0)
+			if err != nil {
+				cleanupFds(fds)
+				return err
+			}
+
+			fds = append(fds, file)
+			_, _, errno := unix.Syscall(unix.SYS_IOCTL, file.Fd(), uintptr(unix.TUNSETIFF), uintptr(unsafe.Pointer(&localReq)))
+			if errno != 0 {
+				cleanupFds(fds)
+				return fmt.Errorf("Tuntap IOCTL TUNSETIFF failed [%d], errno %v", i, errno)
+			}
 		}
-		_, _, errno = syscall.Syscall(syscall.SYS_IOCTL, file.Fd(), uintptr(syscall.TUNSETPERSIST), 1)
+
+		_, _, errno := unix.Syscall(unix.SYS_IOCTL, fds[0].Fd(), uintptr(unix.TUNSETPERSIST), 1)
 		if errno != 0 {
+			cleanupFds(fds)
 			return fmt.Errorf("Tuntap IOCTL TUNSETPERSIST failed, errno %v", errno)
 		}
+
 		h.ensureIndex(base)
 
 		// can't set master during create, so set it afterwards
 		if base.MasterIndex != 0 {
 			// TODO: verify MasterIndex is actually a bridge?
-			return h.LinkSetMasterByIndex(link, base.MasterIndex)
+			err := h.LinkSetMasterByIndex(link, base.MasterIndex)
+			if err != nil {
+				_, _, _ = unix.Syscall(unix.SYS_IOCTL, fds[0].Fd(), uintptr(unix.TUNSETPERSIST), 0)
+				cleanupFds(fds)
+				return err
+			}
+		}
+
+		if tuntap.Queues == 0 {
+			cleanupFds(fds)
+		} else {
+			tuntap.Fds = fds
 		}
+
 		return nil
 	}
 
-	req := h.newNetlinkRequest(syscall.RTM_NEWLINK, flags)
+	req := h.newNetlinkRequest(unix.RTM_NEWLINK, flags)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
 	// TODO: make it shorter
 	if base.Flags&net.FlagUp != 0 {
-		msg.Change = syscall.IFF_UP
-		msg.Flags = syscall.IFF_UP
+		msg.Change = unix.IFF_UP
+		msg.Flags = unix.IFF_UP
 	}
 	if base.Flags&net.FlagBroadcast != 0 {
-		msg.Change |= syscall.IFF_BROADCAST
-		msg.Flags |= syscall.IFF_BROADCAST
+		msg.Change |= unix.IFF_BROADCAST
+		msg.Flags |= unix.IFF_BROADCAST
 	}
 	if base.Flags&net.FlagLoopback != 0 {
-		msg.Change |= syscall.IFF_LOOPBACK
-		msg.Flags |= syscall.IFF_LOOPBACK
+		msg.Change |= unix.IFF_LOOPBACK
+		msg.Flags |= unix.IFF_LOOPBACK
 	}
 	if base.Flags&net.FlagPointToPoint != 0 {
-		msg.Change |= syscall.IFF_POINTOPOINT
-		msg.Flags |= syscall.IFF_POINTOPOINT
+		msg.Change |= unix.IFF_POINTOPOINT
+		msg.Flags |= unix.IFF_POINTOPOINT
 	}
 	if base.Flags&net.FlagMulticast != 0 {
-		msg.Change |= syscall.IFF_MULTICAST
-		msg.Flags |= syscall.IFF_MULTICAST
+		msg.Change |= unix.IFF_MULTICAST
+		msg.Flags |= unix.IFF_MULTICAST
 	}
+	if base.Index != 0 {
+		msg.Index = int32(base.Index)
+	}
+
 	req.AddData(msg)
 
 	if base.ParentIndex != 0 {
 		b := make([]byte, 4)
 		native.PutUint32(b, uint32(base.ParentIndex))
-		data := nl.NewRtAttr(syscall.IFLA_LINK, b)
+		data := nl.NewRtAttr(unix.IFLA_LINK, b)
 		req.AddData(data)
 	} else if link.Type() == "ipvlan" {
 		return fmt.Errorf("Can't create ipvlan link without ParentIndex")
 	}
 
-	nameData := nl.NewRtAttr(syscall.IFLA_IFNAME, nl.ZeroTerminated(base.Name))
+	nameData := nl.NewRtAttr(unix.IFLA_IFNAME, nl.ZeroTerminated(base.Name))
 	req.AddData(nameData)
 
 	if base.MTU > 0 {
-		mtu := nl.NewRtAttr(syscall.IFLA_MTU, nl.Uint32Attr(uint32(base.MTU)))
+		mtu := nl.NewRtAttr(unix.IFLA_MTU, nl.Uint32Attr(uint32(base.MTU)))
 		req.AddData(mtu)
 	}
 
 	if base.TxQLen >= 0 {
-		qlen := nl.NewRtAttr(syscall.IFLA_TXQLEN, nl.Uint32Attr(uint32(base.TxQLen)))
+		qlen := nl.NewRtAttr(unix.IFLA_TXQLEN, nl.Uint32Attr(uint32(base.TxQLen)))
 		req.AddData(qlen)
 	}
 
 	if base.HardwareAddr != nil {
-		hwaddr := nl.NewRtAttr(syscall.IFLA_ADDRESS, []byte(base.HardwareAddr))
+		hwaddr := nl.NewRtAttr(unix.IFLA_ADDRESS, []byte(base.HardwareAddr))
 		req.AddData(hwaddr)
 	}
 
+	if base.NumTxQueues > 0 {
+		txqueues := nl.NewRtAttr(nl.IFLA_NUM_TX_QUEUES, nl.Uint32Attr(uint32(base.NumTxQueues)))
+		req.AddData(txqueues)
+	}
+
+	if base.NumRxQueues > 0 {
+		rxqueues := nl.NewRtAttr(nl.IFLA_NUM_RX_QUEUES, nl.Uint32Attr(uint32(base.NumRxQueues)))
+		req.AddData(rxqueues)
+	}
+
 	if base.Namespace != nil {
 		var attr *nl.RtAttr
 		switch base.Namespace.(type) {
 		case NsPid:
 			val := nl.Uint32Attr(uint32(base.Namespace.(NsPid)))
-			attr = nl.NewRtAttr(syscall.IFLA_NET_NS_PID, val)
+			attr = nl.NewRtAttr(unix.IFLA_NET_NS_PID, val)
 		case NsFd:
 			val := nl.Uint32Attr(uint32(base.Namespace.(NsFd)))
 			attr = nl.NewRtAttr(nl.IFLA_NET_NS_FD, val)
@@ -892,60 +1029,65 @@ func (h *Handle) linkModify(link Link, flags int) error {
 		addXdpAttrs(base.Xdp, req)
 	}
 
-	linkInfo := nl.NewRtAttr(syscall.IFLA_LINKINFO, nil)
+	linkInfo := nl.NewRtAttr(unix.IFLA_LINKINFO, nil)
 	nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_KIND, nl.NonZeroTerminated(link.Type()))
 
-	if vlan, ok := link.(*Vlan); ok {
+	switch link := link.(type) {
+	case *Vlan:
 		b := make([]byte, 2)
-		native.PutUint16(b, uint16(vlan.VlanId))
+		native.PutUint16(b, uint16(link.VlanId))
 		data := nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_DATA, nil)
 		nl.NewRtAttrChild(data, nl.IFLA_VLAN_ID, b)
-	} else if veth, ok := link.(*Veth); ok {
+	case *Veth:
 		data := nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_DATA, nil)
 		peer := nl.NewRtAttrChild(data, nl.VETH_INFO_PEER, nil)
-		nl.NewIfInfomsgChild(peer, syscall.AF_UNSPEC)
-		nl.NewRtAttrChild(peer, syscall.IFLA_IFNAME, nl.ZeroTerminated(veth.PeerName))
+		nl.NewIfInfomsgChild(peer, unix.AF_UNSPEC)
+		nl.NewRtAttrChild(peer, unix.IFLA_IFNAME, nl.ZeroTerminated(link.PeerName))
 		if base.TxQLen >= 0 {
-			nl.NewRtAttrChild(peer, syscall.IFLA_TXQLEN, nl.Uint32Attr(uint32(base.TxQLen)))
+			nl.NewRtAttrChild(peer, unix.IFLA_TXQLEN, nl.Uint32Attr(uint32(base.TxQLen)))
 		}
 		if base.MTU > 0 {
-			nl.NewRtAttrChild(peer, syscall.IFLA_MTU, nl.Uint32Attr(uint32(base.MTU)))
+			nl.NewRtAttrChild(peer, unix.IFLA_MTU, nl.Uint32Attr(uint32(base.MTU)))
 		}
 
-	} else if vxlan, ok := link.(*Vxlan); ok {
-		addVxlanAttrs(vxlan, linkInfo)
-	} else if bond, ok := link.(*Bond); ok {
-		addBondAttrs(bond, linkInfo)
-	} else if ipv, ok := link.(*IPVlan); ok {
+	case *Vxlan:
+		addVxlanAttrs(link, linkInfo)
+	case *Bond:
+		addBondAttrs(link, linkInfo)
+	case *IPVlan:
 		data := nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_DATA, nil)
-		nl.NewRtAttrChild(data, nl.IFLA_IPVLAN_MODE, nl.Uint16Attr(uint16(ipv.Mode)))
-	} else if macv, ok := link.(*Macvlan); ok {
-		if macv.Mode != MACVLAN_MODE_DEFAULT {
+		nl.NewRtAttrChild(data, nl.IFLA_IPVLAN_MODE, nl.Uint16Attr(uint16(link.Mode)))
+	case *Macvlan:
+		if link.Mode != MACVLAN_MODE_DEFAULT {
 			data := nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_DATA, nil)
-			nl.NewRtAttrChild(data, nl.IFLA_MACVLAN_MODE, nl.Uint32Attr(macvlanModes[macv.Mode]))
+			nl.NewRtAttrChild(data, nl.IFLA_MACVLAN_MODE, nl.Uint32Attr(macvlanModes[link.Mode]))
 		}
-	} else if macv, ok := link.(*Macvtap); ok {
-		if macv.Mode != MACVLAN_MODE_DEFAULT {
+	case *Macvtap:
+		if link.Mode != MACVLAN_MODE_DEFAULT {
 			data := nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_DATA, nil)
-			nl.NewRtAttrChild(data, nl.IFLA_MACVLAN_MODE, nl.Uint32Attr(macvlanModes[macv.Mode]))
+			nl.NewRtAttrChild(data, nl.IFLA_MACVLAN_MODE, nl.Uint32Attr(macvlanModes[link.Mode]))
 		}
-	} else if gretap, ok := link.(*Gretap); ok {
-		addGretapAttrs(gretap, linkInfo)
-	} else if iptun, ok := link.(*Iptun); ok {
-		addIptunAttrs(iptun, linkInfo)
-	} else if vti, ok := link.(*Vti); ok {
-		addVtiAttrs(vti, linkInfo)
-	} else if vrf, ok := link.(*Vrf); ok {
-		addVrfAttrs(vrf, linkInfo)
-	} else if bridge, ok := link.(*Bridge); ok {
-		addBridgeAttrs(bridge, linkInfo)
-	} else if gtp, ok := link.(*GTP); ok {
-		addGTPAttrs(gtp, linkInfo)
+	case *Gretap:
+		addGretapAttrs(link, linkInfo)
+	case *Iptun:
+		addIptunAttrs(link, linkInfo)
+	case *Sittun:
+		addSittunAttrs(link, linkInfo)
+	case *Gretun:
+		addGretunAttrs(link, linkInfo)
+	case *Vti:
+		addVtiAttrs(link, linkInfo)
+	case *Vrf:
+		addVrfAttrs(link, linkInfo)
+	case *Bridge:
+		addBridgeAttrs(link, linkInfo)
+	case *GTP:
+		addGTPAttrs(link, linkInfo)
 	}
 
 	req.AddData(linkInfo)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	if err != nil {
 		return err
 	}
@@ -975,13 +1117,13 @@ func (h *Handle) LinkDel(link Link) error {
 
 	h.ensureIndex(base)
 
-	req := h.newNetlinkRequest(syscall.RTM_DELLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_DELLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -1024,16 +1166,16 @@ func (h *Handle) LinkByName(name string) (Link, error) {
 		return h.linkByNameDump(name)
 	}
 
-	req := h.newNetlinkRequest(syscall.RTM_GETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_GETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
 	req.AddData(msg)
 
-	nameData := nl.NewRtAttr(syscall.IFLA_IFNAME, nl.ZeroTerminated(name))
+	nameData := nl.NewRtAttr(unix.IFLA_IFNAME, nl.ZeroTerminated(name))
 	req.AddData(nameData)
 
 	link, err := execGetLink(req)
-	if err == syscall.EINVAL {
+	if err == unix.EINVAL {
 		// older kernels don't support looking up via IFLA_IFNAME
 		// so fall back to dumping all links
 		h.lookupByDump = true
@@ -1056,16 +1198,16 @@ func (h *Handle) LinkByAlias(alias string) (Link, error) {
 		return h.linkByAliasDump(alias)
 	}
 
-	req := h.newNetlinkRequest(syscall.RTM_GETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_GETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
 	req.AddData(msg)
 
-	nameData := nl.NewRtAttr(syscall.IFLA_IFALIAS, nl.ZeroTerminated(alias))
+	nameData := nl.NewRtAttr(unix.IFLA_IFALIAS, nl.ZeroTerminated(alias))
 	req.AddData(nameData)
 
 	link, err := execGetLink(req)
-	if err == syscall.EINVAL {
+	if err == unix.EINVAL {
 		// older kernels don't support looking up via IFLA_IFALIAS
 		// so fall back to dumping all links
 		h.lookupByDump = true
@@ -1082,9 +1224,9 @@ func LinkByIndex(index int) (Link, error) {
 
 // LinkByIndex finds a link by index and returns a pointer to the object.
 func (h *Handle) LinkByIndex(index int) (Link, error) {
-	req := h.newNetlinkRequest(syscall.RTM_GETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_GETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
 	msg.Index = int32(index)
 	req.AddData(msg)
 
@@ -1092,10 +1234,10 @@ func (h *Handle) LinkByIndex(index int) (Link, error) {
 }
 
 func execGetLink(req *nl.NetlinkRequest) (Link, error) {
-	msgs, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	msgs, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	if err != nil {
 		if errno, ok := err.(syscall.Errno); ok {
-			if errno == syscall.ENODEV {
+			if errno == unix.ENODEV {
 				return nil, LinkNotFoundError{fmt.Errorf("Link not found")}
 			}
 		}
@@ -1116,7 +1258,7 @@ func execGetLink(req *nl.NetlinkRequest) (Link, error) {
 
 // linkDeserialize deserializes a raw message received from netlink into
 // a link object.
-func LinkDeserialize(hdr *syscall.NlMsghdr, m []byte) (Link, error) {
+func LinkDeserialize(hdr *unix.NlMsghdr, m []byte) (Link, error) {
 	msg := nl.DeserializeIfInfomsg(m)
 
 	attrs, err := nl.ParseRouteAttr(m[msg.Len():])
@@ -1125,7 +1267,7 @@ func LinkDeserialize(hdr *syscall.NlMsghdr, m []byte) (Link, error) {
 	}
 
 	base := LinkAttrs{Index: int(msg.Index), RawFlags: msg.Flags, Flags: linkFlags(msg.Flags), EncapType: msg.EncapType()}
-	if msg.Flags&syscall.IFF_PROMISC != 0 {
+	if msg.Flags&unix.IFF_PROMISC != 0 {
 		base.Promisc = 1
 	}
 	var (
@@ -1136,7 +1278,7 @@ func LinkDeserialize(hdr *syscall.NlMsghdr, m []byte) (Link, error) {
 	)
 	for _, attr := range attrs {
 		switch attr.Attr.Type {
-		case syscall.IFLA_LINKINFO:
+		case unix.IFLA_LINKINFO:
 			infos, err := nl.ParseRouteAttr(attr.Value)
 			if err != nil {
 				return nil, err
@@ -1170,6 +1312,10 @@ func LinkDeserialize(hdr *syscall.NlMsghdr, m []byte) (Link, error) {
 						link = &Gretap{}
 					case "ipip":
 						link = &Iptun{}
+					case "sit":
+						link = &Sittun{}
+					case "gre":
+						link = &Gretun{}
 					case "vti":
 						link = &Vti{}
 					case "vrf":
@@ -1201,6 +1347,10 @@ func LinkDeserialize(hdr *syscall.NlMsghdr, m []byte) (Link, error) {
 						parseGretapData(link, data)
 					case "ipip":
 						parseIptunData(link, data)
+					case "sit":
+						parseSittunData(link, data)
+					case "gre":
+						parseGretunData(link, data)
 					case "vti":
 						parseVtiData(link, data)
 					case "vrf":
@@ -1212,7 +1362,7 @@ func LinkDeserialize(hdr *syscall.NlMsghdr, m []byte) (Link, error) {
 					}
 				}
 			}
-		case syscall.IFLA_ADDRESS:
+		case unix.IFLA_ADDRESS:
 			var nonzero bool
 			for _, b := range attr.Value {
 				if b != 0 {
@@ -1222,19 +1372,19 @@ func LinkDeserialize(hdr *syscall.NlMsghdr, m []byte) (Link, error) {
 			if nonzero {
 				base.HardwareAddr = attr.Value[:]
 			}
-		case syscall.IFLA_IFNAME:
+		case unix.IFLA_IFNAME:
 			base.Name = string(attr.Value[:len(attr.Value)-1])
-		case syscall.IFLA_MTU:
+		case unix.IFLA_MTU:
 			base.MTU = int(native.Uint32(attr.Value[0:4]))
-		case syscall.IFLA_LINK:
+		case unix.IFLA_LINK:
 			base.ParentIndex = int(native.Uint32(attr.Value[0:4]))
-		case syscall.IFLA_MASTER:
+		case unix.IFLA_MASTER:
 			base.MasterIndex = int(native.Uint32(attr.Value[0:4]))
-		case syscall.IFLA_TXQLEN:
+		case unix.IFLA_TXQLEN:
 			base.TxQLen = int(native.Uint32(attr.Value[0:4]))
-		case syscall.IFLA_IFALIAS:
+		case unix.IFLA_IFALIAS:
 			base.Alias = string(attr.Value[:len(attr.Value)-1])
-		case syscall.IFLA_STATS:
+		case unix.IFLA_STATS:
 			stats32 = attr.Value[:]
 		case IFLA_STATS64:
 			stats64 = attr.Value[:]
@@ -1244,17 +1394,19 @@ func LinkDeserialize(hdr *syscall.NlMsghdr, m []byte) (Link, error) {
 				return nil, err
 			}
 			base.Xdp = xdp
-		case syscall.IFLA_PROTINFO | syscall.NLA_F_NESTED:
-			if hdr != nil && hdr.Type == syscall.RTM_NEWLINK &&
-				msg.Family == syscall.AF_BRIDGE {
+		case unix.IFLA_PROTINFO | unix.NLA_F_NESTED:
+			if hdr != nil && hdr.Type == unix.RTM_NEWLINK &&
+				msg.Family == unix.AF_BRIDGE {
 				attrs, err := nl.ParseRouteAttr(attr.Value[:])
 				if err != nil {
 					return nil, err
 				}
 				base.Protinfo = parseProtinfo(attrs)
 			}
-		case syscall.IFLA_OPERSTATE:
+		case unix.IFLA_OPERSTATE:
 			base.OperState = LinkOperState(uint8(attr.Value[0]))
+		case nl.IFLA_LINK_NETNSID:
+			base.NetNsID = int(native.Uint32(attr.Value[0:4]))
 		}
 	}
 
@@ -1284,12 +1436,12 @@ func LinkList() ([]Link, error) {
 func (h *Handle) LinkList() ([]Link, error) {
 	// NOTE(vish): This duplicates functionality in net/iface_linux.go, but we need
 	//             to get the message ourselves to parse link type.
-	req := h.newNetlinkRequest(syscall.RTM_GETLINK, syscall.NLM_F_DUMP)
+	req := h.newNetlinkRequest(unix.RTM_GETLINK, unix.NLM_F_DUMP)
 
-	msg := nl.NewIfInfomsg(syscall.AF_UNSPEC)
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
 	req.AddData(msg)
 
-	msgs, err := req.Execute(syscall.NETLINK_ROUTE, syscall.RTM_NEWLINK)
+	msgs, err := req.Execute(unix.NETLINK_ROUTE, unix.RTM_NEWLINK)
 	if err != nil {
 		return nil, err
 	}
@@ -1309,24 +1461,42 @@ func (h *Handle) LinkList() ([]Link, error) {
 // LinkUpdate is used to pass information back from LinkSubscribe()
 type LinkUpdate struct {
 	nl.IfInfomsg
-	Header syscall.NlMsghdr
+	Header unix.NlMsghdr
 	Link
 }
 
 // LinkSubscribe takes a chan down which notifications will be sent
 // when links change.  Close the 'done' chan to stop subscription.
 func LinkSubscribe(ch chan<- LinkUpdate, done <-chan struct{}) error {
-	return linkSubscribe(netns.None(), netns.None(), ch, done)
+	return linkSubscribeAt(netns.None(), netns.None(), ch, done, nil)
 }
 
 // LinkSubscribeAt works like LinkSubscribe plus it allows the caller
 // to choose the network namespace in which to subscribe (ns).
 func LinkSubscribeAt(ns netns.NsHandle, ch chan<- LinkUpdate, done <-chan struct{}) error {
-	return linkSubscribe(ns, netns.None(), ch, done)
+	return linkSubscribeAt(ns, netns.None(), ch, done, nil)
+}
+
+// LinkSubscribeOptions contains a set of options to use with
+// LinkSubscribeWithOptions.
+type LinkSubscribeOptions struct {
+	Namespace     *netns.NsHandle
+	ErrorCallback func(error)
+}
+
+// LinkSubscribeWithOptions work like LinkSubscribe but enable to
+// provide additional options to modify the behavior. Currently, the
+// namespace can be provided as well as an error callback.
+func LinkSubscribeWithOptions(ch chan<- LinkUpdate, done <-chan struct{}, options LinkSubscribeOptions) error {
+	if options.Namespace == nil {
+		none := netns.None()
+		options.Namespace = &none
+	}
+	return linkSubscribeAt(*options.Namespace, netns.None(), ch, done, options.ErrorCallback)
 }
 
-func linkSubscribe(newNs, curNs netns.NsHandle, ch chan<- LinkUpdate, done <-chan struct{}) error {
-	s, err := nl.SubscribeAt(newNs, curNs, syscall.NETLINK_ROUTE, syscall.RTNLGRP_LINK)
+func linkSubscribeAt(newNs, curNs netns.NsHandle, ch chan<- LinkUpdate, done <-chan struct{}, cberr func(error)) error {
+	s, err := nl.SubscribeAt(newNs, curNs, unix.NETLINK_ROUTE, unix.RTNLGRP_LINK)
 	if err != nil {
 		return err
 	}
@@ -1341,15 +1511,22 @@ func linkSubscribe(newNs, curNs netns.NsHandle, ch chan<- LinkUpdate, done <-cha
 		for {
 			msgs, err := s.Receive()
 			if err != nil {
+				if cberr != nil {
+					cberr(err)
+				}
 				return
 			}
 			for _, m := range msgs {
 				ifmsg := nl.DeserializeIfInfomsg(m.Data)
-				link, err := LinkDeserialize(&m.Header, m.Data)
+				header := unix.NlMsghdr(m.Header)
+				link, err := LinkDeserialize(&header, m.Data)
 				if err != nil {
+					if cberr != nil {
+						cberr(err)
+					}
 					return
 				}
-				ch <- LinkUpdate{IfInfomsg: *ifmsg, Header: m.Header, Link: link}
+				ch <- LinkUpdate{IfInfomsg: *ifmsg, Header: header, Link: link}
 			}
 		}
 	}()
@@ -1424,22 +1601,49 @@ func (h *Handle) LinkSetBrProxyArpWiFi(link Link, mode bool) error {
 func (h *Handle) setProtinfoAttr(link Link, mode bool, attr int) error {
 	base := link.Attrs()
 	h.ensureIndex(base)
-	req := h.newNetlinkRequest(syscall.RTM_SETLINK, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_SETLINK, unix.NLM_F_ACK)
 
-	msg := nl.NewIfInfomsg(syscall.AF_BRIDGE)
+	msg := nl.NewIfInfomsg(unix.AF_BRIDGE)
 	msg.Index = int32(base.Index)
 	req.AddData(msg)
 
-	br := nl.NewRtAttr(syscall.IFLA_PROTINFO|syscall.NLA_F_NESTED, nil)
+	br := nl.NewRtAttr(unix.IFLA_PROTINFO|unix.NLA_F_NESTED, nil)
 	nl.NewRtAttrChild(br, attr, boolToByte(mode))
 	req.AddData(br)
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	if err != nil {
 		return err
 	}
 	return nil
 }
 
+// LinkSetTxQLen sets the transaction queue length for the link.
+// Equivalent to: `ip link set $link txqlen $qlen`
+func LinkSetTxQLen(link Link, qlen int) error {
+	return pkgHandle.LinkSetTxQLen(link, qlen)
+}
+
+// LinkSetTxQLen sets the transaction queue length for the link.
+// Equivalent to: `ip link set $link txqlen $qlen`
+func (h *Handle) LinkSetTxQLen(link Link, qlen int) error {
+	base := link.Attrs()
+	h.ensureIndex(base)
+	req := h.newNetlinkRequest(unix.RTM_SETLINK, unix.NLM_F_ACK)
+
+	msg := nl.NewIfInfomsg(unix.AF_UNSPEC)
+	msg.Index = int32(base.Index)
+	req.AddData(msg)
+
+	b := make([]byte, 4)
+	native.PutUint32(b, uint32(qlen))
+
+	data := nl.NewRtAttr(unix.IFLA_TXQLEN, b)
+	req.AddData(data)
+
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
+	return err
+}
+
 func parseVlanData(link Link, data []syscall.NetlinkRouteAttr) {
 	vlan := link.(*Vlan)
 	for _, datum := range data {
@@ -1482,6 +1686,10 @@ func parseVxlanData(link Link, data []syscall.NetlinkRouteAttr) {
 			vxlan.L3miss = int8(datum.Value[0]) != 0
 		case nl.IFLA_VXLAN_UDP_CSUM:
 			vxlan.UDPCSum = int8(datum.Value[0]) != 0
+		case nl.IFLA_VXLAN_UDP_ZERO_CSUM6_TX:
+			vxlan.UDP6ZeroCSumTx = int8(datum.Value[0]) != 0
+		case nl.IFLA_VXLAN_UDP_ZERO_CSUM6_RX:
+			vxlan.UDP6ZeroCSumRx = int8(datum.Value[0]) != 0
 		case nl.IFLA_VXLAN_GBP:
 			vxlan.GBP = true
 		case nl.IFLA_VXLAN_FLOWBASED:
@@ -1584,7 +1792,8 @@ func parseMacvtapData(link Link, data []syscall.NetlinkRouteAttr) {
 func parseMacvlanData(link Link, data []syscall.NetlinkRouteAttr) {
 	macv := link.(*Macvlan)
 	for _, datum := range data {
-		if datum.Attr.Type == nl.IFLA_MACVLAN_MODE {
+		switch datum.Attr.Type {
+		case nl.IFLA_MACVLAN_MODE:
 			switch native.Uint32(datum.Value[0:4]) {
 			case nl.MACVLAN_MODE_PRIVATE:
 				macv.Mode = MACVLAN_MODE_PRIVATE
@@ -1597,7 +1806,16 @@ func parseMacvlanData(link Link, data []syscall.NetlinkRouteAttr) {
 			case nl.MACVLAN_MODE_SOURCE:
 				macv.Mode = MACVLAN_MODE_SOURCE
 			}
-			return
+		case nl.IFLA_MACVLAN_MACADDR_COUNT:
+			macv.MACAddrs = make([]net.HardwareAddr, 0, int(native.Uint32(datum.Value[0:4])))
+		case nl.IFLA_MACVLAN_MACADDR_DATA:
+			macs, err := nl.ParseRouteAttr(datum.Value[:])
+			if err != nil {
+				panic(fmt.Sprintf("failed to ParseRouteAttr for IFLA_MACVLAN_MACADDR_DATA: %v", err))
+			}
+			for _, macDatum := range macs {
+				macv.MACAddrs = append(macv.MACAddrs, net.HardwareAddr(macDatum.Value[0:6]))
+			}
 		}
 	}
 }
@@ -1605,19 +1823,19 @@ func parseMacvlanData(link Link, data []syscall.NetlinkRouteAttr) {
 // copied from pkg/net_linux.go
 func linkFlags(rawFlags uint32) net.Flags {
 	var f net.Flags
-	if rawFlags&syscall.IFF_UP != 0 {
+	if rawFlags&unix.IFF_UP != 0 {
 		f |= net.FlagUp
 	}
-	if rawFlags&syscall.IFF_BROADCAST != 0 {
+	if rawFlags&unix.IFF_BROADCAST != 0 {
 		f |= net.FlagBroadcast
 	}
-	if rawFlags&syscall.IFF_LOOPBACK != 0 {
+	if rawFlags&unix.IFF_LOOPBACK != 0 {
 		f |= net.FlagLoopback
 	}
-	if rawFlags&syscall.IFF_POINTOPOINT != 0 {
+	if rawFlags&unix.IFF_POINTOPOINT != 0 {
 		f |= net.FlagPointToPoint
 	}
-	if rawFlags&syscall.IFF_MULTICAST != 0 {
+	if rawFlags&unix.IFF_MULTICAST != 0 {
 		f |= net.FlagMulticast
 	}
 	return f
@@ -1699,7 +1917,82 @@ func parseGretapData(link Link, data []syscall.NetlinkRouteAttr) {
 		case nl.IFLA_GRE_ENCAP_FLAGS:
 			gre.EncapFlags = native.Uint16(datum.Value[0:2])
 		case nl.IFLA_GRE_COLLECT_METADATA:
-			gre.FlowBased = int8(datum.Value[0]) != 0
+			if len(datum.Value) > 0 {
+				gre.FlowBased = int8(datum.Value[0]) != 0
+			}
+		}
+	}
+}
+
+func addGretunAttrs(gre *Gretun, linkInfo *nl.RtAttr) {
+	data := nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_DATA, nil)
+
+	ip := gre.Local.To4()
+	if ip != nil {
+		nl.NewRtAttrChild(data, nl.IFLA_GRE_LOCAL, []byte(ip))
+	}
+	ip = gre.Remote.To4()
+	if ip != nil {
+		nl.NewRtAttrChild(data, nl.IFLA_GRE_REMOTE, []byte(ip))
+	}
+
+	if gre.IKey != 0 {
+		nl.NewRtAttrChild(data, nl.IFLA_GRE_IKEY, htonl(gre.IKey))
+		gre.IFlags |= uint16(nl.GRE_KEY)
+	}
+
+	if gre.OKey != 0 {
+		nl.NewRtAttrChild(data, nl.IFLA_GRE_OKEY, htonl(gre.OKey))
+		gre.OFlags |= uint16(nl.GRE_KEY)
+	}
+
+	nl.NewRtAttrChild(data, nl.IFLA_GRE_IFLAGS, htons(gre.IFlags))
+	nl.NewRtAttrChild(data, nl.IFLA_GRE_OFLAGS, htons(gre.OFlags))
+
+	if gre.Link != 0 {
+		nl.NewRtAttrChild(data, nl.IFLA_GRE_LINK, nl.Uint32Attr(gre.Link))
+	}
+
+	nl.NewRtAttrChild(data, nl.IFLA_GRE_PMTUDISC, nl.Uint8Attr(gre.PMtuDisc))
+	nl.NewRtAttrChild(data, nl.IFLA_GRE_TTL, nl.Uint8Attr(gre.Ttl))
+	nl.NewRtAttrChild(data, nl.IFLA_GRE_TOS, nl.Uint8Attr(gre.Tos))
+	nl.NewRtAttrChild(data, nl.IFLA_GRE_ENCAP_TYPE, nl.Uint16Attr(gre.EncapType))
+	nl.NewRtAttrChild(data, nl.IFLA_GRE_ENCAP_FLAGS, nl.Uint16Attr(gre.EncapFlags))
+	nl.NewRtAttrChild(data, nl.IFLA_GRE_ENCAP_SPORT, htons(gre.EncapSport))
+	nl.NewRtAttrChild(data, nl.IFLA_GRE_ENCAP_DPORT, htons(gre.EncapDport))
+}
+
+func parseGretunData(link Link, data []syscall.NetlinkRouteAttr) {
+	gre := link.(*Gretun)
+	for _, datum := range data {
+		switch datum.Attr.Type {
+		case nl.IFLA_GRE_OKEY:
+			gre.IKey = ntohl(datum.Value[0:4])
+		case nl.IFLA_GRE_IKEY:
+			gre.OKey = ntohl(datum.Value[0:4])
+		case nl.IFLA_GRE_LOCAL:
+			gre.Local = net.IP(datum.Value[0:4])
+		case nl.IFLA_GRE_REMOTE:
+			gre.Remote = net.IP(datum.Value[0:4])
+		case nl.IFLA_GRE_IFLAGS:
+			gre.IFlags = ntohs(datum.Value[0:2])
+		case nl.IFLA_GRE_OFLAGS:
+			gre.OFlags = ntohs(datum.Value[0:2])
+
+		case nl.IFLA_GRE_TTL:
+			gre.Ttl = uint8(datum.Value[0])
+		case nl.IFLA_GRE_TOS:
+			gre.Tos = uint8(datum.Value[0])
+		case nl.IFLA_GRE_PMTUDISC:
+			gre.PMtuDisc = uint8(datum.Value[0])
+		case nl.IFLA_GRE_ENCAP_TYPE:
+			gre.EncapType = native.Uint16(datum.Value[0:2])
+		case nl.IFLA_GRE_ENCAP_FLAGS:
+			gre.EncapFlags = native.Uint16(datum.Value[0:2])
+		case nl.IFLA_GRE_ENCAP_SPORT:
+			gre.EncapSport = ntohs(datum.Value[0:2])
+		case nl.IFLA_GRE_ENCAP_DPORT:
+			gre.EncapDport = ntohs(datum.Value[0:2])
 		}
 	}
 }
@@ -1713,12 +2006,14 @@ func parseLinkStats64(data []byte) *LinkStatistics {
 }
 
 func addXdpAttrs(xdp *LinkXdp, req *nl.NetlinkRequest) {
-	attrs := nl.NewRtAttr(nl.IFLA_XDP|syscall.NLA_F_NESTED, nil)
+	attrs := nl.NewRtAttr(nl.IFLA_XDP|unix.NLA_F_NESTED, nil)
 	b := make([]byte, 4)
 	native.PutUint32(b, uint32(xdp.Fd))
 	nl.NewRtAttrChild(attrs, nl.IFLA_XDP_FD, b)
-	native.PutUint32(b, xdp.Flags)
-	nl.NewRtAttrChild(attrs, nl.IFLA_XDP_FLAGS, b)
+	if xdp.Flags != 0 {
+		native.PutUint32(b, xdp.Flags)
+		nl.NewRtAttrChild(attrs, nl.IFLA_XDP_FLAGS, b)
+	}
 	req.AddData(attrs)
 }
 
@@ -1744,6 +2039,12 @@ func parseLinkXdp(data []byte) (*LinkXdp, error) {
 }
 
 func addIptunAttrs(iptun *Iptun, linkInfo *nl.RtAttr) {
+	if iptun.FlowBased {
+		// In flow based mode, no other attributes need to be configured
+		nl.NewRtAttrChild(linkInfo, nl.IFLA_IPTUN_COLLECT_METADATA, boolAttr(iptun.FlowBased))
+		return
+	}
+
 	data := nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_DATA, nil)
 
 	ip := iptun.Local.To4()
@@ -1762,6 +2063,10 @@ func addIptunAttrs(iptun *Iptun, linkInfo *nl.RtAttr) {
 	nl.NewRtAttrChild(data, nl.IFLA_IPTUN_PMTUDISC, nl.Uint8Attr(iptun.PMtuDisc))
 	nl.NewRtAttrChild(data, nl.IFLA_IPTUN_TTL, nl.Uint8Attr(iptun.Ttl))
 	nl.NewRtAttrChild(data, nl.IFLA_IPTUN_TOS, nl.Uint8Attr(iptun.Tos))
+	nl.NewRtAttrChild(data, nl.IFLA_IPTUN_ENCAP_TYPE, nl.Uint16Attr(iptun.EncapType))
+	nl.NewRtAttrChild(data, nl.IFLA_IPTUN_ENCAP_FLAGS, nl.Uint16Attr(iptun.EncapFlags))
+	nl.NewRtAttrChild(data, nl.IFLA_IPTUN_ENCAP_SPORT, htons(iptun.EncapSport))
+	nl.NewRtAttrChild(data, nl.IFLA_IPTUN_ENCAP_DPORT, htons(iptun.EncapDport))
 }
 
 func parseIptunData(link Link, data []syscall.NetlinkRouteAttr) {
@@ -1778,6 +2083,72 @@ func parseIptunData(link Link, data []syscall.NetlinkRouteAttr) {
 			iptun.Tos = uint8(datum.Value[0])
 		case nl.IFLA_IPTUN_PMTUDISC:
 			iptun.PMtuDisc = uint8(datum.Value[0])
+		case nl.IFLA_IPTUN_ENCAP_SPORT:
+			iptun.EncapSport = ntohs(datum.Value[0:2])
+		case nl.IFLA_IPTUN_ENCAP_DPORT:
+			iptun.EncapDport = ntohs(datum.Value[0:2])
+		case nl.IFLA_IPTUN_ENCAP_TYPE:
+			iptun.EncapType = native.Uint16(datum.Value[0:2])
+		case nl.IFLA_IPTUN_ENCAP_FLAGS:
+			iptun.EncapFlags = native.Uint16(datum.Value[0:2])
+		case nl.IFLA_IPTUN_COLLECT_METADATA:
+			iptun.FlowBased = int8(datum.Value[0]) != 0
+		}
+	}
+}
+
+func addSittunAttrs(sittun *Sittun, linkInfo *nl.RtAttr) {
+	data := nl.NewRtAttrChild(linkInfo, nl.IFLA_INFO_DATA, nil)
+
+	if sittun.Link != 0 {
+		nl.NewRtAttrChild(data, nl.IFLA_IPTUN_LINK, nl.Uint32Attr(sittun.Link))
+	}
+
+	ip := sittun.Local.To4()
+	if ip != nil {
+		nl.NewRtAttrChild(data, nl.IFLA_IPTUN_LOCAL, []byte(ip))
+	}
+
+	ip = sittun.Remote.To4()
+	if ip != nil {
+		nl.NewRtAttrChild(data, nl.IFLA_IPTUN_REMOTE, []byte(ip))
+	}
+
+	if sittun.Ttl > 0 {
+		// Would otherwise fail on 3.10 kernel
+		nl.NewRtAttrChild(data, nl.IFLA_IPTUN_TTL, nl.Uint8Attr(sittun.Ttl))
+	}
+
+	nl.NewRtAttrChild(data, nl.IFLA_IPTUN_TOS, nl.Uint8Attr(sittun.Tos))
+	nl.NewRtAttrChild(data, nl.IFLA_IPTUN_PMTUDISC, nl.Uint8Attr(sittun.PMtuDisc))
+	nl.NewRtAttrChild(data, nl.IFLA_IPTUN_ENCAP_TYPE, nl.Uint16Attr(sittun.EncapType))
+	nl.NewRtAttrChild(data, nl.IFLA_IPTUN_ENCAP_FLAGS, nl.Uint16Attr(sittun.EncapFlags))
+	nl.NewRtAttrChild(data, nl.IFLA_IPTUN_ENCAP_SPORT, htons(sittun.EncapSport))
+	nl.NewRtAttrChild(data, nl.IFLA_IPTUN_ENCAP_DPORT, htons(sittun.EncapDport))
+}
+
+func parseSittunData(link Link, data []syscall.NetlinkRouteAttr) {
+	sittun := link.(*Sittun)
+	for _, datum := range data {
+		switch datum.Attr.Type {
+		case nl.IFLA_IPTUN_LOCAL:
+			sittun.Local = net.IP(datum.Value[0:4])
+		case nl.IFLA_IPTUN_REMOTE:
+			sittun.Remote = net.IP(datum.Value[0:4])
+		case nl.IFLA_IPTUN_TTL:
+			sittun.Ttl = uint8(datum.Value[0])
+		case nl.IFLA_IPTUN_TOS:
+			sittun.Tos = uint8(datum.Value[0])
+		case nl.IFLA_IPTUN_PMTUDISC:
+			sittun.PMtuDisc = uint8(datum.Value[0])
+		case nl.IFLA_IPTUN_ENCAP_TYPE:
+			sittun.EncapType = native.Uint16(datum.Value[0:2])
+		case nl.IFLA_IPTUN_ENCAP_FLAGS:
+			sittun.EncapFlags = native.Uint16(datum.Value[0:2])
+		case nl.IFLA_IPTUN_ENCAP_SPORT:
+			sittun.EncapSport = ntohs(datum.Value[0:2])
+		case nl.IFLA_IPTUN_ENCAP_DPORT:
+			sittun.EncapDport = ntohs(datum.Value[0:2])
 		}
 	}
 }
diff --git a/vendor/github.com/vishvananda/netlink/neigh.go b/vendor/github.com/vishvananda/netlink/neigh.go
index 0e5eb90c9ebe..3f5cd497a739 100644
--- a/vendor/github.com/vishvananda/netlink/neigh.go
+++ b/vendor/github.com/vishvananda/netlink/neigh.go
@@ -14,6 +14,9 @@ type Neigh struct {
 	Flags        int
 	IP           net.IP
 	HardwareAddr net.HardwareAddr
+	LLIPAddr     net.IP //Used in the case of NHRP
+	Vlan         int
+	VNI          int
 }
 
 // String returns $ip/$hwaddr $label
diff --git a/vendor/github.com/vishvananda/netlink/neigh_linux.go b/vendor/github.com/vishvananda/netlink/neigh_linux.go
index f069db257338..f75c22649f90 100644
--- a/vendor/github.com/vishvananda/netlink/neigh_linux.go
+++ b/vendor/github.com/vishvananda/netlink/neigh_linux.go
@@ -2,10 +2,10 @@ package netlink
 
 import (
 	"net"
-	"syscall"
 	"unsafe"
 
 	"github.com/vishvananda/netlink/nl"
+	"golang.org/x/sys/unix"
 )
 
 const (
@@ -73,7 +73,7 @@ func NeighAdd(neigh *Neigh) error {
 // NeighAdd will add an IP to MAC mapping to the ARP table
 // Equivalent to: `ip neigh add ....`
 func (h *Handle) NeighAdd(neigh *Neigh) error {
-	return h.neighAdd(neigh, syscall.NLM_F_CREATE|syscall.NLM_F_EXCL)
+	return h.neighAdd(neigh, unix.NLM_F_CREATE|unix.NLM_F_EXCL)
 }
 
 // NeighSet will add or replace an IP to MAC mapping to the ARP table
@@ -85,7 +85,7 @@ func NeighSet(neigh *Neigh) error {
 // NeighSet will add or replace an IP to MAC mapping to the ARP table
 // Equivalent to: `ip neigh replace....`
 func (h *Handle) NeighSet(neigh *Neigh) error {
-	return h.neighAdd(neigh, syscall.NLM_F_CREATE|syscall.NLM_F_REPLACE)
+	return h.neighAdd(neigh, unix.NLM_F_CREATE|unix.NLM_F_REPLACE)
 }
 
 // NeighAppend will append an entry to FDB
@@ -97,7 +97,7 @@ func NeighAppend(neigh *Neigh) error {
 // NeighAppend will append an entry to FDB
 // Equivalent to: `bridge fdb append...`
 func (h *Handle) NeighAppend(neigh *Neigh) error {
-	return h.neighAdd(neigh, syscall.NLM_F_CREATE|syscall.NLM_F_APPEND)
+	return h.neighAdd(neigh, unix.NLM_F_CREATE|unix.NLM_F_APPEND)
 }
 
 // NeighAppend will append an entry to FDB
@@ -109,7 +109,7 @@ func neighAdd(neigh *Neigh, mode int) error {
 // NeighAppend will append an entry to FDB
 // Equivalent to: `bridge fdb append...`
 func (h *Handle) neighAdd(neigh *Neigh, mode int) error {
-	req := h.newNetlinkRequest(syscall.RTM_NEWNEIGH, mode|syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_NEWNEIGH, mode|unix.NLM_F_ACK)
 	return neighHandle(neigh, req)
 }
 
@@ -122,12 +122,13 @@ func NeighDel(neigh *Neigh) error {
 // NeighDel will delete an IP address from a link device.
 // Equivalent to: `ip addr del $addr dev $link`
 func (h *Handle) NeighDel(neigh *Neigh) error {
-	req := h.newNetlinkRequest(syscall.RTM_DELNEIGH, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_DELNEIGH, unix.NLM_F_ACK)
 	return neighHandle(neigh, req)
 }
 
 func neighHandle(neigh *Neigh, req *nl.NetlinkRequest) error {
 	var family int
+
 	if neigh.Family > 0 {
 		family = neigh.Family
 	} else {
@@ -151,12 +152,25 @@ func neighHandle(neigh *Neigh, req *nl.NetlinkRequest) error {
 	dstData := nl.NewRtAttr(NDA_DST, ipData)
 	req.AddData(dstData)
 
-	if neigh.Flags != NTF_PROXY || neigh.HardwareAddr != nil {
+	if neigh.LLIPAddr != nil {
+		llIPData := nl.NewRtAttr(NDA_LLADDR, neigh.LLIPAddr.To4())
+		req.AddData(llIPData)
+	} else if neigh.Flags != NTF_PROXY || neigh.HardwareAddr != nil {
 		hwData := nl.NewRtAttr(NDA_LLADDR, []byte(neigh.HardwareAddr))
 		req.AddData(hwData)
 	}
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	if neigh.Vlan != 0 {
+		vlanData := nl.NewRtAttr(NDA_VLAN, nl.Uint16Attr(uint16(neigh.Vlan)))
+		req.AddData(vlanData)
+	}
+
+	if neigh.VNI != 0 {
+		vniData := nl.NewRtAttr(NDA_VNI, nl.Uint32Attr(uint32(neigh.VNI)))
+		req.AddData(vniData)
+	}
+
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -189,7 +203,7 @@ func (h *Handle) NeighProxyList(linkIndex, family int) ([]Neigh, error) {
 }
 
 func (h *Handle) neighList(linkIndex, family, flags int) ([]Neigh, error) {
-	req := h.newNetlinkRequest(syscall.RTM_GETNEIGH, syscall.NLM_F_DUMP)
+	req := h.newNetlinkRequest(unix.RTM_GETNEIGH, unix.NLM_F_DUMP)
 	msg := Ndmsg{
 		Family: uint8(family),
 		Index:  uint32(linkIndex),
@@ -197,7 +211,7 @@ func (h *Handle) neighList(linkIndex, family, flags int) ([]Neigh, error) {
 	}
 	req.AddData(&msg)
 
-	msgs, err := req.Execute(syscall.NETLINK_ROUTE, syscall.RTM_NEWNEIGH)
+	msgs, err := req.Execute(unix.NETLINK_ROUTE, unix.RTM_NEWNEIGH)
 	if err != nil {
 		return nil, err
 	}
@@ -237,12 +251,37 @@ func NeighDeserialize(m []byte) (*Neigh, error) {
 		return nil, err
 	}
 
+	// This should be cached for perfomance
+	// once per table dump
+	link, err := LinkByIndex(neigh.LinkIndex)
+	if err != nil {
+		return nil, err
+	}
+	encapType := link.Attrs().EncapType
+
 	for _, attr := range attrs {
 		switch attr.Attr.Type {
 		case NDA_DST:
 			neigh.IP = net.IP(attr.Value)
 		case NDA_LLADDR:
-			neigh.HardwareAddr = net.HardwareAddr(attr.Value)
+			// BUG: Is this a bug in the netlink library?
+			// #define RTA_LENGTH(len) (RTA_ALIGN(sizeof(struct rtattr)) + (len))
+			// #define RTA_PAYLOAD(rta) ((int)((rta)->rta_len) - RTA_LENGTH(0))
+			attrLen := attr.Attr.Len - unix.SizeofRtAttr
+			if attrLen == 4 && (encapType == "ipip" ||
+				encapType == "sit" ||
+				encapType == "gre") {
+				neigh.LLIPAddr = net.IP(attr.Value)
+			} else if attrLen == 16 &&
+				encapType == "tunnel6" {
+				neigh.IP = net.IP(attr.Value)
+			} else {
+				neigh.HardwareAddr = net.HardwareAddr(attr.Value)
+			}
+		case NDA_VLAN:
+			neigh.Vlan = int(native.Uint16(attr.Value[0:2]))
+		case NDA_VNI:
+			neigh.VNI = int(native.Uint32(attr.Value[0:4]))
 		}
 	}
 
diff --git a/vendor/github.com/vishvananda/netlink/netlink_unspecified.go b/vendor/github.com/vishvananda/netlink/netlink_unspecified.go
index 2d57c16d7411..86111b92ce16 100644
--- a/vendor/github.com/vishvananda/netlink/netlink_unspecified.go
+++ b/vendor/github.com/vishvananda/netlink/netlink_unspecified.go
@@ -108,6 +108,10 @@ func LinkSetFlood(link Link, mode bool) error {
 	return ErrNotImplemented
 }
 
+func LinkSetTxQLen(link Link, qlen int) error {
+	return ErrNotImplemented
+}
+
 func LinkAdd(link Link) error {
 	return ErrNotImplemented
 }
diff --git a/vendor/github.com/vishvananda/netlink/nl/addr_linux.go b/vendor/github.com/vishvananda/netlink/nl/addr_linux.go
index fe362e9fa7c3..50db3b4cdd87 100644
--- a/vendor/github.com/vishvananda/netlink/nl/addr_linux.go
+++ b/vendor/github.com/vishvananda/netlink/nl/addr_linux.go
@@ -1,17 +1,18 @@
 package nl
 
 import (
-	"syscall"
 	"unsafe"
+
+	"golang.org/x/sys/unix"
 )
 
 type IfAddrmsg struct {
-	syscall.IfAddrmsg
+	unix.IfAddrmsg
 }
 
 func NewIfAddrmsg(family int) *IfAddrmsg {
 	return &IfAddrmsg{
-		IfAddrmsg: syscall.IfAddrmsg{
+		IfAddrmsg: unix.IfAddrmsg{
 			Family: uint8(family),
 		},
 	}
@@ -35,15 +36,15 @@ func NewIfAddrmsg(family int) *IfAddrmsg {
 // SizeofIfAddrmsg     = 0x8
 
 func DeserializeIfAddrmsg(b []byte) *IfAddrmsg {
-	return (*IfAddrmsg)(unsafe.Pointer(&b[0:syscall.SizeofIfAddrmsg][0]))
+	return (*IfAddrmsg)(unsafe.Pointer(&b[0:unix.SizeofIfAddrmsg][0]))
 }
 
 func (msg *IfAddrmsg) Serialize() []byte {
-	return (*(*[syscall.SizeofIfAddrmsg]byte)(unsafe.Pointer(msg)))[:]
+	return (*(*[unix.SizeofIfAddrmsg]byte)(unsafe.Pointer(msg)))[:]
 }
 
 func (msg *IfAddrmsg) Len() int {
-	return syscall.SizeofIfAddrmsg
+	return unix.SizeofIfAddrmsg
 }
 
 // struct ifa_cacheinfo {
diff --git a/vendor/github.com/vishvananda/netlink/nl/link_linux.go b/vendor/github.com/vishvananda/netlink/nl/link_linux.go
index e4a192f8eafb..ba0b3e19c676 100644
--- a/vendor/github.com/vishvananda/netlink/nl/link_linux.go
+++ b/vendor/github.com/vishvananda/netlink/nl/link_linux.go
@@ -1,14 +1,15 @@
 package nl
 
 import (
-	"syscall"
 	"unsafe"
+
+	"golang.org/x/sys/unix"
 )
 
 const (
 	DEFAULT_CHANGE = 0xFFFFFFFF
 	// doesn't exist in syscall
-	IFLA_VFINFO_LIST = syscall.IFLA_IFALIAS + 1 + iota
+	IFLA_VFINFO_LIST = unix.IFLA_IFALIAS + 1 + iota
 	IFLA_STATS64
 	IFLA_VF_PORTS
 	IFLA_PORT_SELF
@@ -118,6 +119,10 @@ const (
 	IFLA_MACVLAN_UNSPEC = iota
 	IFLA_MACVLAN_MODE
 	IFLA_MACVLAN_FLAGS
+	IFLA_MACVLAN_MACADDR_MODE
+	IFLA_MACVLAN_MACADDR
+	IFLA_MACVLAN_MACADDR_DATA
+	IFLA_MACVLAN_MACADDR_COUNT
 	IFLA_MACVLAN_MAX = IFLA_MACVLAN_FLAGS
 )
 
@@ -129,6 +134,13 @@ const (
 	MACVLAN_MODE_SOURCE   = 16
 )
 
+const (
+	MACVLAN_MACADDR_ADD = iota
+	MACVLAN_MACADDR_DEL
+	MACVLAN_MACADDR_FLUSH
+	MACVLAN_MACADDR_SET
+)
+
 const (
 	IFLA_BOND_UNSPEC = iota
 	IFLA_BOND_MODE
@@ -443,6 +455,13 @@ func (msg *VfTrust) Serialize() []byte {
 	return (*(*[SizeofVfTrust]byte)(unsafe.Pointer(msg)))[:]
 }
 
+const (
+	XDP_FLAGS_UPDATE_IF_NOEXIST = 1 << iota
+	XDP_FLAGS_SKB_MODE
+	XDP_FLAGS_DRV_MODE
+	XDP_FLAGS_MASK = XDP_FLAGS_UPDATE_IF_NOEXIST | XDP_FLAGS_SKB_MODE | XDP_FLAGS_DRV_MODE
+)
+
 const (
 	IFLA_XDP_UNSPEC   = iota
 	IFLA_XDP_FD       /* fd of xdp program to attach, or -1 to remove */
@@ -468,7 +487,12 @@ const (
 	IFLA_IPTUN_6RD_RELAY_PREFIX
 	IFLA_IPTUN_6RD_PREFIXLEN
 	IFLA_IPTUN_6RD_RELAY_PREFIXLEN
-	IFLA_IPTUN_MAX = IFLA_IPTUN_6RD_RELAY_PREFIXLEN
+	IFLA_IPTUN_ENCAP_TYPE
+	IFLA_IPTUN_ENCAP_FLAGS
+	IFLA_IPTUN_ENCAP_SPORT
+	IFLA_IPTUN_ENCAP_DPORT
+	IFLA_IPTUN_COLLECT_METADATA
+	IFLA_IPTUN_MAX = IFLA_IPTUN_COLLECT_METADATA
 )
 
 const (
diff --git a/vendor/github.com/vishvananda/netlink/nl/nl_linux.go b/vendor/github.com/vishvananda/netlink/nl/nl_linux.go
index 1329acd86435..bc8e82c2cc4d 100644
--- a/vendor/github.com/vishvananda/netlink/nl/nl_linux.go
+++ b/vendor/github.com/vishvananda/netlink/nl/nl_linux.go
@@ -13,18 +13,19 @@ import (
 	"unsafe"
 
 	"github.com/vishvananda/netns"
+	"golang.org/x/sys/unix"
 )
 
 const (
 	// Family type definitions
-	FAMILY_ALL  = syscall.AF_UNSPEC
-	FAMILY_V4   = syscall.AF_INET
-	FAMILY_V6   = syscall.AF_INET6
+	FAMILY_ALL  = unix.AF_UNSPEC
+	FAMILY_V4   = unix.AF_INET
+	FAMILY_V6   = unix.AF_INET6
 	FAMILY_MPLS = AF_MPLS
 )
 
 // SupportedNlFamilies contains the list of netlink families this netlink package supports
-var SupportedNlFamilies = []int{syscall.NETLINK_ROUTE, syscall.NETLINK_XFRM, syscall.NETLINK_NETFILTER}
+var SupportedNlFamilies = []int{unix.NETLINK_ROUTE, unix.NETLINK_XFRM, unix.NETLINK_NETFILTER}
 
 var nextSeqNr uint32
 
@@ -77,161 +78,161 @@ type NetlinkRequestData interface {
 
 // IfInfomsg is related to links, but it is used for list requests as well
 type IfInfomsg struct {
-	syscall.IfInfomsg
+	unix.IfInfomsg
 }
 
 // Create an IfInfomsg with family specified
 func NewIfInfomsg(family int) *IfInfomsg {
 	return &IfInfomsg{
-		IfInfomsg: syscall.IfInfomsg{
+		IfInfomsg: unix.IfInfomsg{
 			Family: uint8(family),
 		},
 	}
 }
 
 func DeserializeIfInfomsg(b []byte) *IfInfomsg {
-	return (*IfInfomsg)(unsafe.Pointer(&b[0:syscall.SizeofIfInfomsg][0]))
+	return (*IfInfomsg)(unsafe.Pointer(&b[0:unix.SizeofIfInfomsg][0]))
 }
 
 func (msg *IfInfomsg) Serialize() []byte {
-	return (*(*[syscall.SizeofIfInfomsg]byte)(unsafe.Pointer(msg)))[:]
+	return (*(*[unix.SizeofIfInfomsg]byte)(unsafe.Pointer(msg)))[:]
 }
 
 func (msg *IfInfomsg) Len() int {
-	return syscall.SizeofIfInfomsg
+	return unix.SizeofIfInfomsg
 }
 
 func (msg *IfInfomsg) EncapType() string {
 	switch msg.Type {
 	case 0:
 		return "generic"
-	case syscall.ARPHRD_ETHER:
+	case unix.ARPHRD_ETHER:
 		return "ether"
-	case syscall.ARPHRD_EETHER:
+	case unix.ARPHRD_EETHER:
 		return "eether"
-	case syscall.ARPHRD_AX25:
+	case unix.ARPHRD_AX25:
 		return "ax25"
-	case syscall.ARPHRD_PRONET:
+	case unix.ARPHRD_PRONET:
 		return "pronet"
-	case syscall.ARPHRD_CHAOS:
+	case unix.ARPHRD_CHAOS:
 		return "chaos"
-	case syscall.ARPHRD_IEEE802:
+	case unix.ARPHRD_IEEE802:
 		return "ieee802"
-	case syscall.ARPHRD_ARCNET:
+	case unix.ARPHRD_ARCNET:
 		return "arcnet"
-	case syscall.ARPHRD_APPLETLK:
+	case unix.ARPHRD_APPLETLK:
 		return "atalk"
-	case syscall.ARPHRD_DLCI:
+	case unix.ARPHRD_DLCI:
 		return "dlci"
-	case syscall.ARPHRD_ATM:
+	case unix.ARPHRD_ATM:
 		return "atm"
-	case syscall.ARPHRD_METRICOM:
+	case unix.ARPHRD_METRICOM:
 		return "metricom"
-	case syscall.ARPHRD_IEEE1394:
+	case unix.ARPHRD_IEEE1394:
 		return "ieee1394"
-	case syscall.ARPHRD_INFINIBAND:
+	case unix.ARPHRD_INFINIBAND:
 		return "infiniband"
-	case syscall.ARPHRD_SLIP:
+	case unix.ARPHRD_SLIP:
 		return "slip"
-	case syscall.ARPHRD_CSLIP:
+	case unix.ARPHRD_CSLIP:
 		return "cslip"
-	case syscall.ARPHRD_SLIP6:
+	case unix.ARPHRD_SLIP6:
 		return "slip6"
-	case syscall.ARPHRD_CSLIP6:
+	case unix.ARPHRD_CSLIP6:
 		return "cslip6"
-	case syscall.ARPHRD_RSRVD:
+	case unix.ARPHRD_RSRVD:
 		return "rsrvd"
-	case syscall.ARPHRD_ADAPT:
+	case unix.ARPHRD_ADAPT:
 		return "adapt"
-	case syscall.ARPHRD_ROSE:
+	case unix.ARPHRD_ROSE:
 		return "rose"
-	case syscall.ARPHRD_X25:
+	case unix.ARPHRD_X25:
 		return "x25"
-	case syscall.ARPHRD_HWX25:
+	case unix.ARPHRD_HWX25:
 		return "hwx25"
-	case syscall.ARPHRD_PPP:
+	case unix.ARPHRD_PPP:
 		return "ppp"
-	case syscall.ARPHRD_HDLC:
+	case unix.ARPHRD_HDLC:
 		return "hdlc"
-	case syscall.ARPHRD_LAPB:
+	case unix.ARPHRD_LAPB:
 		return "lapb"
-	case syscall.ARPHRD_DDCMP:
+	case unix.ARPHRD_DDCMP:
 		return "ddcmp"
-	case syscall.ARPHRD_RAWHDLC:
+	case unix.ARPHRD_RAWHDLC:
 		return "rawhdlc"
-	case syscall.ARPHRD_TUNNEL:
+	case unix.ARPHRD_TUNNEL:
 		return "ipip"
-	case syscall.ARPHRD_TUNNEL6:
+	case unix.ARPHRD_TUNNEL6:
 		return "tunnel6"
-	case syscall.ARPHRD_FRAD:
+	case unix.ARPHRD_FRAD:
 		return "frad"
-	case syscall.ARPHRD_SKIP:
+	case unix.ARPHRD_SKIP:
 		return "skip"
-	case syscall.ARPHRD_LOOPBACK:
+	case unix.ARPHRD_LOOPBACK:
 		return "loopback"
-	case syscall.ARPHRD_LOCALTLK:
+	case unix.ARPHRD_LOCALTLK:
 		return "ltalk"
-	case syscall.ARPHRD_FDDI:
+	case unix.ARPHRD_FDDI:
 		return "fddi"
-	case syscall.ARPHRD_BIF:
+	case unix.ARPHRD_BIF:
 		return "bif"
-	case syscall.ARPHRD_SIT:
+	case unix.ARPHRD_SIT:
 		return "sit"
-	case syscall.ARPHRD_IPDDP:
+	case unix.ARPHRD_IPDDP:
 		return "ip/ddp"
-	case syscall.ARPHRD_IPGRE:
+	case unix.ARPHRD_IPGRE:
 		return "gre"
-	case syscall.ARPHRD_PIMREG:
+	case unix.ARPHRD_PIMREG:
 		return "pimreg"
-	case syscall.ARPHRD_HIPPI:
+	case unix.ARPHRD_HIPPI:
 		return "hippi"
-	case syscall.ARPHRD_ASH:
+	case unix.ARPHRD_ASH:
 		return "ash"
-	case syscall.ARPHRD_ECONET:
+	case unix.ARPHRD_ECONET:
 		return "econet"
-	case syscall.ARPHRD_IRDA:
+	case unix.ARPHRD_IRDA:
 		return "irda"
-	case syscall.ARPHRD_FCPP:
+	case unix.ARPHRD_FCPP:
 		return "fcpp"
-	case syscall.ARPHRD_FCAL:
+	case unix.ARPHRD_FCAL:
 		return "fcal"
-	case syscall.ARPHRD_FCPL:
+	case unix.ARPHRD_FCPL:
 		return "fcpl"
-	case syscall.ARPHRD_FCFABRIC:
+	case unix.ARPHRD_FCFABRIC:
 		return "fcfb0"
-	case syscall.ARPHRD_FCFABRIC + 1:
+	case unix.ARPHRD_FCFABRIC + 1:
 		return "fcfb1"
-	case syscall.ARPHRD_FCFABRIC + 2:
+	case unix.ARPHRD_FCFABRIC + 2:
 		return "fcfb2"
-	case syscall.ARPHRD_FCFABRIC + 3:
+	case unix.ARPHRD_FCFABRIC + 3:
 		return "fcfb3"
-	case syscall.ARPHRD_FCFABRIC + 4:
+	case unix.ARPHRD_FCFABRIC + 4:
 		return "fcfb4"
-	case syscall.ARPHRD_FCFABRIC + 5:
+	case unix.ARPHRD_FCFABRIC + 5:
 		return "fcfb5"
-	case syscall.ARPHRD_FCFABRIC + 6:
+	case unix.ARPHRD_FCFABRIC + 6:
 		return "fcfb6"
-	case syscall.ARPHRD_FCFABRIC + 7:
+	case unix.ARPHRD_FCFABRIC + 7:
 		return "fcfb7"
-	case syscall.ARPHRD_FCFABRIC + 8:
+	case unix.ARPHRD_FCFABRIC + 8:
 		return "fcfb8"
-	case syscall.ARPHRD_FCFABRIC + 9:
+	case unix.ARPHRD_FCFABRIC + 9:
 		return "fcfb9"
-	case syscall.ARPHRD_FCFABRIC + 10:
+	case unix.ARPHRD_FCFABRIC + 10:
 		return "fcfb10"
-	case syscall.ARPHRD_FCFABRIC + 11:
+	case unix.ARPHRD_FCFABRIC + 11:
 		return "fcfb11"
-	case syscall.ARPHRD_FCFABRIC + 12:
+	case unix.ARPHRD_FCFABRIC + 12:
 		return "fcfb12"
-	case syscall.ARPHRD_IEEE802_TR:
+	case unix.ARPHRD_IEEE802_TR:
 		return "tr"
-	case syscall.ARPHRD_IEEE80211:
+	case unix.ARPHRD_IEEE80211:
 		return "ieee802.11"
-	case syscall.ARPHRD_IEEE80211_PRISM:
+	case unix.ARPHRD_IEEE80211_PRISM:
 		return "ieee802.11/prism"
-	case syscall.ARPHRD_IEEE80211_RADIOTAP:
+	case unix.ARPHRD_IEEE80211_RADIOTAP:
 		return "ieee802.11/radiotap"
-	case syscall.ARPHRD_IEEE802154:
+	case unix.ARPHRD_IEEE802154:
 		return "ieee802.15.4"
 
 	case 65534:
@@ -243,7 +244,7 @@ func (msg *IfInfomsg) EncapType() string {
 }
 
 func rtaAlignOf(attrlen int) int {
-	return (attrlen + syscall.RTA_ALIGNTO - 1) & ^(syscall.RTA_ALIGNTO - 1)
+	return (attrlen + unix.RTA_ALIGNTO - 1) & ^(unix.RTA_ALIGNTO - 1)
 }
 
 func NewIfInfomsgChild(parent *RtAttr, family int) *IfInfomsg {
@@ -254,7 +255,7 @@ func NewIfInfomsgChild(parent *RtAttr, family int) *IfInfomsg {
 
 // Extend RtAttr to handle data and children
 type RtAttr struct {
-	syscall.RtAttr
+	unix.RtAttr
 	Data     []byte
 	children []NetlinkRequestData
 }
@@ -262,7 +263,7 @@ type RtAttr struct {
 // Create a new Extended RtAttr object
 func NewRtAttr(attrType int, data []byte) *RtAttr {
 	return &RtAttr{
-		RtAttr: syscall.RtAttr{
+		RtAttr: unix.RtAttr{
 			Type: uint16(attrType),
 		},
 		children: []NetlinkRequestData{},
@@ -277,16 +278,21 @@ func NewRtAttrChild(parent *RtAttr, attrType int, data []byte) *RtAttr {
 	return attr
 }
 
+// AddChild adds an existing RtAttr as a child.
+func (a *RtAttr) AddChild(attr *RtAttr) {
+	a.children = append(a.children, attr)
+}
+
 func (a *RtAttr) Len() int {
 	if len(a.children) == 0 {
-		return (syscall.SizeofRtAttr + len(a.Data))
+		return (unix.SizeofRtAttr + len(a.Data))
 	}
 
 	l := 0
 	for _, child := range a.children {
 		l += rtaAlignOf(child.Len())
 	}
-	l += syscall.SizeofRtAttr
+	l += unix.SizeofRtAttr
 	return rtaAlignOf(l + len(a.Data))
 }
 
@@ -319,7 +325,7 @@ func (a *RtAttr) Serialize() []byte {
 }
 
 type NetlinkRequest struct {
-	syscall.NlMsghdr
+	unix.NlMsghdr
 	Data    []NetlinkRequestData
 	RawData []byte
 	Sockets map[int]*SocketHandle
@@ -327,7 +333,7 @@ type NetlinkRequest struct {
 
 // Serialize the Netlink Request into a byte array
 func (req *NetlinkRequest) Serialize() []byte {
-	length := syscall.SizeofNlMsghdr
+	length := unix.SizeofNlMsghdr
 	dataBytes := make([][]byte, len(req.Data))
 	for i, data := range req.Data {
 		dataBytes[i] = data.Serialize()
@@ -337,8 +343,8 @@ func (req *NetlinkRequest) Serialize() []byte {
 
 	req.Len = uint32(length)
 	b := make([]byte, length)
-	hdr := (*(*[syscall.SizeofNlMsghdr]byte)(unsafe.Pointer(req)))[:]
-	next := syscall.SizeofNlMsghdr
+	hdr := (*(*[unix.SizeofNlMsghdr]byte)(unsafe.Pointer(req)))[:]
+	next := unix.SizeofNlMsghdr
 	copy(b[0:next], hdr)
 	for _, data := range dataBytes {
 		for _, dataByte := range data {
@@ -421,10 +427,10 @@ done:
 			if m.Header.Pid != pid {
 				return nil, fmt.Errorf("Wrong pid %d, expected %d", m.Header.Pid, pid)
 			}
-			if m.Header.Type == syscall.NLMSG_DONE {
+			if m.Header.Type == unix.NLMSG_DONE {
 				break done
 			}
-			if m.Header.Type == syscall.NLMSG_ERROR {
+			if m.Header.Type == unix.NLMSG_ERROR {
 				native := NativeEndian()
 				error := int32(native.Uint32(m.Data[0:4]))
 				if error == 0 {
@@ -436,7 +442,7 @@ done:
 				continue
 			}
 			res = append(res, m.Data)
-			if m.Header.Flags&syscall.NLM_F_MULTI == 0 {
+			if m.Header.Flags&unix.NLM_F_MULTI == 0 {
 				break done
 			}
 		}
@@ -449,10 +455,10 @@ done:
 // the message is serialized
 func NewNetlinkRequest(proto, flags int) *NetlinkRequest {
 	return &NetlinkRequest{
-		NlMsghdr: syscall.NlMsghdr{
-			Len:   uint32(syscall.SizeofNlMsghdr),
+		NlMsghdr: unix.NlMsghdr{
+			Len:   uint32(unix.SizeofNlMsghdr),
 			Type:  uint16(proto),
-			Flags: syscall.NLM_F_REQUEST | uint16(flags),
+			Flags: unix.NLM_F_REQUEST | uint16(flags),
 			Seq:   atomic.AddUint32(&nextSeqNr, 1),
 		},
 	}
@@ -460,21 +466,21 @@ func NewNetlinkRequest(proto, flags int) *NetlinkRequest {
 
 type NetlinkSocket struct {
 	fd  int32
-	lsa syscall.SockaddrNetlink
+	lsa unix.SockaddrNetlink
 	sync.Mutex
 }
 
 func getNetlinkSocket(protocol int) (*NetlinkSocket, error) {
-	fd, err := syscall.Socket(syscall.AF_NETLINK, syscall.SOCK_RAW|syscall.SOCK_CLOEXEC, protocol)
+	fd, err := unix.Socket(unix.AF_NETLINK, unix.SOCK_RAW|unix.SOCK_CLOEXEC, protocol)
 	if err != nil {
 		return nil, err
 	}
 	s := &NetlinkSocket{
 		fd: int32(fd),
 	}
-	s.lsa.Family = syscall.AF_NETLINK
-	if err := syscall.Bind(fd, &s.lsa); err != nil {
-		syscall.Close(fd)
+	s.lsa.Family = unix.AF_NETLINK
+	if err := unix.Bind(fd, &s.lsa); err != nil {
+		unix.Close(fd)
 		return nil, err
 	}
 
@@ -551,21 +557,21 @@ func executeInNetns(newNs, curNs netns.NsHandle) (func(), error) {
 // Returns the netlink socket on which Receive() method can be called
 // to retrieve the messages from the kernel.
 func Subscribe(protocol int, groups ...uint) (*NetlinkSocket, error) {
-	fd, err := syscall.Socket(syscall.AF_NETLINK, syscall.SOCK_RAW, protocol)
+	fd, err := unix.Socket(unix.AF_NETLINK, unix.SOCK_RAW, protocol)
 	if err != nil {
 		return nil, err
 	}
 	s := &NetlinkSocket{
 		fd: int32(fd),
 	}
-	s.lsa.Family = syscall.AF_NETLINK
+	s.lsa.Family = unix.AF_NETLINK
 
 	for _, g := range groups {
 		s.lsa.Groups |= (1 << (g - 1))
 	}
 
-	if err := syscall.Bind(fd, &s.lsa); err != nil {
-		syscall.Close(fd)
+	if err := unix.Bind(fd, &s.lsa); err != nil {
+		unix.Close(fd)
 		return nil, err
 	}
 
@@ -586,7 +592,7 @@ func SubscribeAt(newNs, curNs netns.NsHandle, protocol int, groups ...uint) (*Ne
 
 func (s *NetlinkSocket) Close() {
 	fd := int(atomic.SwapInt32(&s.fd, -1))
-	syscall.Close(fd)
+	unix.Close(fd)
 }
 
 func (s *NetlinkSocket) GetFd() int {
@@ -598,7 +604,7 @@ func (s *NetlinkSocket) Send(request *NetlinkRequest) error {
 	if fd < 0 {
 		return fmt.Errorf("Send called on a closed socket")
 	}
-	if err := syscall.Sendto(fd, request.Serialize(), 0, &s.lsa); err != nil {
+	if err := unix.Sendto(fd, request.Serialize(), 0, &s.lsa); err != nil {
 		return err
 	}
 	return nil
@@ -609,26 +615,40 @@ func (s *NetlinkSocket) Receive() ([]syscall.NetlinkMessage, error) {
 	if fd < 0 {
 		return nil, fmt.Errorf("Receive called on a closed socket")
 	}
-	rb := make([]byte, syscall.Getpagesize())
-	nr, _, err := syscall.Recvfrom(fd, rb, 0)
+	rb := make([]byte, unix.Getpagesize())
+	nr, _, err := unix.Recvfrom(fd, rb, 0)
 	if err != nil {
 		return nil, err
 	}
-	if nr < syscall.NLMSG_HDRLEN {
+	if nr < unix.NLMSG_HDRLEN {
 		return nil, fmt.Errorf("Got short response from netlink")
 	}
 	rb = rb[:nr]
 	return syscall.ParseNetlinkMessage(rb)
 }
 
+// SetSendTimeout allows to set a send timeout on the socket
+func (s *NetlinkSocket) SetSendTimeout(timeout *unix.Timeval) error {
+	// Set a send timeout of SOCKET_SEND_TIMEOUT, this will allow the Send to periodically unblock and avoid that a routine
+	// remains stuck on a send on a closed fd
+	return unix.SetsockoptTimeval(int(s.fd), unix.SOL_SOCKET, unix.SO_SNDTIMEO, timeout)
+}
+
+// SetReceiveTimeout allows to set a receive timeout on the socket
+func (s *NetlinkSocket) SetReceiveTimeout(timeout *unix.Timeval) error {
+	// Set a read timeout of SOCKET_READ_TIMEOUT, this will allow the Read to periodically unblock and avoid that a routine
+	// remains stuck on a recvmsg on a closed fd
+	return unix.SetsockoptTimeval(int(s.fd), unix.SOL_SOCKET, unix.SO_RCVTIMEO, timeout)
+}
+
 func (s *NetlinkSocket) GetPid() (uint32, error) {
 	fd := int(atomic.LoadInt32(&s.fd))
-	lsa, err := syscall.Getsockname(fd)
+	lsa, err := unix.Getsockname(fd)
 	if err != nil {
 		return 0, err
 	}
 	switch v := lsa.(type) {
-	case *syscall.SockaddrNetlink:
+	case *unix.SockaddrNetlink:
 		return v.Pid, nil
 	}
 	return 0, fmt.Errorf("Wrong socket type")
@@ -683,24 +703,24 @@ func Uint64Attr(v uint64) []byte {
 
 func ParseRouteAttr(b []byte) ([]syscall.NetlinkRouteAttr, error) {
 	var attrs []syscall.NetlinkRouteAttr
-	for len(b) >= syscall.SizeofRtAttr {
+	for len(b) >= unix.SizeofRtAttr {
 		a, vbuf, alen, err := netlinkRouteAttrAndValue(b)
 		if err != nil {
 			return nil, err
 		}
-		ra := syscall.NetlinkRouteAttr{Attr: *a, Value: vbuf[:int(a.Len)-syscall.SizeofRtAttr]}
+		ra := syscall.NetlinkRouteAttr{Attr: syscall.RtAttr(*a), Value: vbuf[:int(a.Len)-unix.SizeofRtAttr]}
 		attrs = append(attrs, ra)
 		b = b[alen:]
 	}
 	return attrs, nil
 }
 
-func netlinkRouteAttrAndValue(b []byte) (*syscall.RtAttr, []byte, int, error) {
-	a := (*syscall.RtAttr)(unsafe.Pointer(&b[0]))
-	if int(a.Len) < syscall.SizeofRtAttr || int(a.Len) > len(b) {
-		return nil, nil, 0, syscall.EINVAL
+func netlinkRouteAttrAndValue(b []byte) (*unix.RtAttr, []byte, int, error) {
+	a := (*unix.RtAttr)(unsafe.Pointer(&b[0]))
+	if int(a.Len) < unix.SizeofRtAttr || int(a.Len) > len(b) {
+		return nil, nil, 0, unix.EINVAL
 	}
-	return a, b[syscall.SizeofRtAttr:], rtaAlignOf(int(a.Len)), nil
+	return a, b[unix.SizeofRtAttr:], rtaAlignOf(int(a.Len)), nil
 }
 
 // SocketHandle contains the netlink socket and the associated
diff --git a/vendor/github.com/vishvananda/netlink/nl/route_linux.go b/vendor/github.com/vishvananda/netlink/nl/route_linux.go
index 1a064d65d2fb..f6906fcaf7e0 100644
--- a/vendor/github.com/vishvananda/netlink/nl/route_linux.go
+++ b/vendor/github.com/vishvananda/netlink/nl/route_linux.go
@@ -1,65 +1,66 @@
 package nl
 
 import (
-	"syscall"
 	"unsafe"
+
+	"golang.org/x/sys/unix"
 )
 
 type RtMsg struct {
-	syscall.RtMsg
+	unix.RtMsg
 }
 
 func NewRtMsg() *RtMsg {
 	return &RtMsg{
-		RtMsg: syscall.RtMsg{
-			Table:    syscall.RT_TABLE_MAIN,
-			Scope:    syscall.RT_SCOPE_UNIVERSE,
-			Protocol: syscall.RTPROT_BOOT,
-			Type:     syscall.RTN_UNICAST,
+		RtMsg: unix.RtMsg{
+			Table:    unix.RT_TABLE_MAIN,
+			Scope:    unix.RT_SCOPE_UNIVERSE,
+			Protocol: unix.RTPROT_BOOT,
+			Type:     unix.RTN_UNICAST,
 		},
 	}
 }
 
 func NewRtDelMsg() *RtMsg {
 	return &RtMsg{
-		RtMsg: syscall.RtMsg{
-			Table: syscall.RT_TABLE_MAIN,
-			Scope: syscall.RT_SCOPE_NOWHERE,
+		RtMsg: unix.RtMsg{
+			Table: unix.RT_TABLE_MAIN,
+			Scope: unix.RT_SCOPE_NOWHERE,
 		},
 	}
 }
 
 func (msg *RtMsg) Len() int {
-	return syscall.SizeofRtMsg
+	return unix.SizeofRtMsg
 }
 
 func DeserializeRtMsg(b []byte) *RtMsg {
-	return (*RtMsg)(unsafe.Pointer(&b[0:syscall.SizeofRtMsg][0]))
+	return (*RtMsg)(unsafe.Pointer(&b[0:unix.SizeofRtMsg][0]))
 }
 
 func (msg *RtMsg) Serialize() []byte {
-	return (*(*[syscall.SizeofRtMsg]byte)(unsafe.Pointer(msg)))[:]
+	return (*(*[unix.SizeofRtMsg]byte)(unsafe.Pointer(msg)))[:]
 }
 
 type RtNexthop struct {
-	syscall.RtNexthop
+	unix.RtNexthop
 	Children []NetlinkRequestData
 }
 
 func DeserializeRtNexthop(b []byte) *RtNexthop {
-	return (*RtNexthop)(unsafe.Pointer(&b[0:syscall.SizeofRtNexthop][0]))
+	return (*RtNexthop)(unsafe.Pointer(&b[0:unix.SizeofRtNexthop][0]))
 }
 
 func (msg *RtNexthop) Len() int {
 	if len(msg.Children) == 0 {
-		return syscall.SizeofRtNexthop
+		return unix.SizeofRtNexthop
 	}
 
 	l := 0
 	for _, child := range msg.Children {
 		l += rtaAlignOf(child.Len())
 	}
-	l += syscall.SizeofRtNexthop
+	l += unix.SizeofRtNexthop
 	return rtaAlignOf(l)
 }
 
@@ -67,8 +68,8 @@ func (msg *RtNexthop) Serialize() []byte {
 	length := msg.Len()
 	msg.RtNexthop.Len = uint16(length)
 	buf := make([]byte, length)
-	copy(buf, (*(*[syscall.SizeofRtNexthop]byte)(unsafe.Pointer(msg)))[:])
-	next := rtaAlignOf(syscall.SizeofRtNexthop)
+	copy(buf, (*(*[unix.SizeofRtNexthop]byte)(unsafe.Pointer(msg)))[:])
+	next := rtaAlignOf(unix.SizeofRtNexthop)
 	if len(msg.Children) > 0 {
 		for _, child := range msg.Children {
 			childBuf := child.Serialize()
diff --git a/vendor/github.com/vishvananda/netlink/nl/seg6_linux.go b/vendor/github.com/vishvananda/netlink/nl/seg6_linux.go
new file mode 100644
index 000000000000..b3425f6b0ecc
--- /dev/null
+++ b/vendor/github.com/vishvananda/netlink/nl/seg6_linux.go
@@ -0,0 +1,111 @@
+package nl
+
+import (
+	"errors"
+	"fmt"
+	"net"
+)
+
+type IPv6SrHdr struct {
+	nextHdr      uint8
+	hdrLen       uint8
+	routingType  uint8
+	segmentsLeft uint8
+	firstSegment uint8
+	flags        uint8
+	reserved     uint16
+
+	Segments []net.IP
+}
+
+func (s1 *IPv6SrHdr) Equal(s2 IPv6SrHdr) bool {
+	if len(s1.Segments) != len(s2.Segments) {
+		return false
+	}
+	for i := range s1.Segments {
+		if s1.Segments[i].Equal(s2.Segments[i]) != true {
+			return false
+		}
+	}
+	return s1.nextHdr == s2.nextHdr &&
+		s1.hdrLen == s2.hdrLen &&
+		s1.routingType == s2.routingType &&
+		s1.segmentsLeft == s2.segmentsLeft &&
+		s1.firstSegment == s2.firstSegment &&
+		s1.flags == s2.flags
+	// reserved doesn't need to be identical.
+}
+
+// seg6 encap mode
+const (
+	SEG6_IPTUN_MODE_INLINE = iota
+	SEG6_IPTUN_MODE_ENCAP
+)
+
+// number of nested RTATTR
+// from include/uapi/linux/seg6_iptunnel.h
+const (
+	SEG6_IPTUNNEL_UNSPEC = iota
+	SEG6_IPTUNNEL_SRH
+	__SEG6_IPTUNNEL_MAX
+)
+const (
+	SEG6_IPTUNNEL_MAX = __SEG6_IPTUNNEL_MAX - 1
+)
+
+func EncodeSEG6Encap(mode int, segments []net.IP) ([]byte, error) {
+	nsegs := len(segments) // nsegs: number of segments
+	if nsegs == 0 {
+		return nil, errors.New("EncodeSEG6Encap: No Segment in srh")
+	}
+	b := make([]byte, 12, 12+len(segments)*16)
+	native := NativeEndian()
+	native.PutUint32(b, uint32(mode))
+	b[4] = 0                      // srh.nextHdr (0 when calling netlink)
+	b[5] = uint8(16 * nsegs >> 3) // srh.hdrLen (in 8-octets unit)
+	b[6] = IPV6_SRCRT_TYPE_4      // srh.routingType (assigned by IANA)
+	b[7] = uint8(nsegs - 1)       // srh.segmentsLeft
+	b[8] = uint8(nsegs - 1)       // srh.firstSegment
+	b[9] = 0                      // srh.flags (SR6_FLAG1_HMAC for srh_hmac)
+	// srh.reserved: Defined as "Tag" in draft-ietf-6man-segment-routing-header-07
+	native.PutUint16(b[10:], 0) // srh.reserved
+	for _, netIP := range segments {
+		b = append(b, netIP...) // srh.Segments
+	}
+	return b, nil
+}
+
+func DecodeSEG6Encap(buf []byte) (int, []net.IP, error) {
+	native := NativeEndian()
+	mode := int(native.Uint32(buf))
+	srh := IPv6SrHdr{
+		nextHdr:      buf[4],
+		hdrLen:       buf[5],
+		routingType:  buf[6],
+		segmentsLeft: buf[7],
+		firstSegment: buf[8],
+		flags:        buf[9],
+		reserved:     native.Uint16(buf[10:12]),
+	}
+	buf = buf[12:]
+	if len(buf)%16 != 0 {
+		err := fmt.Errorf("DecodeSEG6Encap: error parsing Segment List (buf len: %d)\n", len(buf))
+		return mode, nil, err
+	}
+	for len(buf) > 0 {
+		srh.Segments = append(srh.Segments, net.IP(buf[:16]))
+		buf = buf[16:]
+	}
+	return mode, srh.Segments, nil
+}
+
+// Helper functions
+func SEG6EncapModeString(mode int) string {
+	switch mode {
+	case SEG6_IPTUN_MODE_INLINE:
+		return "inline"
+	case SEG6_IPTUN_MODE_ENCAP:
+		return "encap"
+	}
+	return "unknown"
+}
diff --git a/vendor/github.com/vishvananda/netlink/nl/syscall.go b/vendor/github.com/vishvananda/netlink/nl/syscall.go
index 3473e536384d..fc631e0e505f 100644
--- a/vendor/github.com/vishvananda/netlink/nl/syscall.go
+++ b/vendor/github.com/vishvananda/netlink/nl/syscall.go
@@ -65,4 +65,14 @@ const (
 	LWTUNNEL_ENCAP_IP
 	LWTUNNEL_ENCAP_ILA
 	LWTUNNEL_ENCAP_IP6
+	LWTUNNEL_ENCAP_SEG6
+	LWTUNNEL_ENCAP_BPF
+)
+
+// routing header types
+const (
+	IPV6_SRCRT_STRICT = 0x01 // Deprecated; will be removed
+	IPV6_SRCRT_TYPE_0 = 0    // Deprecated; will be removed
+	IPV6_SRCRT_TYPE_2 = 2    // IPv6 type 2 Routing Header
+	IPV6_SRCRT_TYPE_4 = 4    // Segment Routing with IPv6
 )
diff --git a/vendor/github.com/vishvananda/netlink/protinfo_linux.go b/vendor/github.com/vishvananda/netlink/protinfo_linux.go
index 10dd0d53357c..43c465f05758 100644
--- a/vendor/github.com/vishvananda/netlink/protinfo_linux.go
+++ b/vendor/github.com/vishvananda/netlink/protinfo_linux.go
@@ -5,6 +5,7 @@ import (
 	"syscall"
 
 	"github.com/vishvananda/netlink/nl"
+	"golang.org/x/sys/unix"
 )
 
 func LinkGetProtinfo(link Link) (Protinfo, error) {
@@ -15,10 +16,10 @@ func (h *Handle) LinkGetProtinfo(link Link) (Protinfo, error) {
 	base := link.Attrs()
 	h.ensureIndex(base)
 	var pi Protinfo
-	req := h.newNetlinkRequest(syscall.RTM_GETLINK, syscall.NLM_F_DUMP)
-	msg := nl.NewIfInfomsg(syscall.AF_BRIDGE)
+	req := h.newNetlinkRequest(unix.RTM_GETLINK, unix.NLM_F_DUMP)
+	msg := nl.NewIfInfomsg(unix.AF_BRIDGE)
 	req.AddData(msg)
-	msgs, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	msgs, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	if err != nil {
 		return pi, err
 	}
@@ -33,7 +34,7 @@ func (h *Handle) LinkGetProtinfo(link Link) (Protinfo, error) {
 			return pi, err
 		}
 		for _, attr := range attrs {
-			if attr.Attr.Type != syscall.IFLA_PROTINFO|syscall.NLA_F_NESTED {
+			if attr.Attr.Type != unix.IFLA_PROTINFO|unix.NLA_F_NESTED {
 				continue
 			}
 			infos, err := nl.ParseRouteAttr(attr.Value)
diff --git a/vendor/github.com/vishvananda/netlink/qdisc_linux.go b/vendor/github.com/vishvananda/netlink/qdisc_linux.go
index 2c0deddb3236..91193145ae75 100644
--- a/vendor/github.com/vishvananda/netlink/qdisc_linux.go
+++ b/vendor/github.com/vishvananda/netlink/qdisc_linux.go
@@ -8,6 +8,7 @@ import (
 	"syscall"
 
 	"github.com/vishvananda/netlink/nl"
+	"golang.org/x/sys/unix"
 )
 
 // NOTE function is here because it uses other linux functions
@@ -84,7 +85,7 @@ func QdiscDel(qdisc Qdisc) error {
 // QdiscDel will delete a qdisc from the system.
 // Equivalent to: `tc qdisc del $qdisc`
 func (h *Handle) QdiscDel(qdisc Qdisc) error {
-	return h.qdiscModify(syscall.RTM_DELQDISC, 0, qdisc)
+	return h.qdiscModify(unix.RTM_DELQDISC, 0, qdisc)
 }
 
 // QdiscChange will change a qdisc in place
@@ -98,7 +99,7 @@ func QdiscChange(qdisc Qdisc) error {
 // Equivalent to: `tc qdisc change $qdisc`
 // The parent and handle MUST NOT be changed.
 func (h *Handle) QdiscChange(qdisc Qdisc) error {
-	return h.qdiscModify(syscall.RTM_NEWQDISC, 0, qdisc)
+	return h.qdiscModify(unix.RTM_NEWQDISC, 0, qdisc)
 }
 
 // QdiscReplace will replace a qdisc to the system.
@@ -113,8 +114,8 @@ func QdiscReplace(qdisc Qdisc) error {
 // The handle MUST change.
 func (h *Handle) QdiscReplace(qdisc Qdisc) error {
 	return h.qdiscModify(
-		syscall.RTM_NEWQDISC,
-		syscall.NLM_F_CREATE|syscall.NLM_F_REPLACE,
+		unix.RTM_NEWQDISC,
+		unix.NLM_F_CREATE|unix.NLM_F_REPLACE,
 		qdisc)
 }
 
@@ -128,13 +129,13 @@ func QdiscAdd(qdisc Qdisc) error {
 // Equivalent to: `tc qdisc add $qdisc`
 func (h *Handle) QdiscAdd(qdisc Qdisc) error {
 	return h.qdiscModify(
-		syscall.RTM_NEWQDISC,
-		syscall.NLM_F_CREATE|syscall.NLM_F_EXCL,
+		unix.RTM_NEWQDISC,
+		unix.NLM_F_CREATE|unix.NLM_F_EXCL,
 		qdisc)
 }
 
 func (h *Handle) qdiscModify(cmd, flags int, qdisc Qdisc) error {
-	req := h.newNetlinkRequest(cmd, flags|syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(cmd, flags|unix.NLM_F_ACK)
 	base := qdisc.Attrs()
 	msg := &nl.TcMsg{
 		Family:  nl.FAMILY_ALL,
@@ -145,13 +146,13 @@ func (h *Handle) qdiscModify(cmd, flags int, qdisc Qdisc) error {
 	req.AddData(msg)
 
 	// When deleting don't bother building the rest of the netlink payload
-	if cmd != syscall.RTM_DELQDISC {
+	if cmd != unix.RTM_DELQDISC {
 		if err := qdiscPayload(req, qdisc); err != nil {
 			return err
 		}
 	}
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -160,71 +161,73 @@ func qdiscPayload(req *nl.NetlinkRequest, qdisc Qdisc) error {
 	req.AddData(nl.NewRtAttr(nl.TCA_KIND, nl.ZeroTerminated(qdisc.Type())))
 
 	options := nl.NewRtAttr(nl.TCA_OPTIONS, nil)
-	if prio, ok := qdisc.(*Prio); ok {
+
+	switch qdisc := qdisc.(type) {
+	case *Prio:
 		tcmap := nl.TcPrioMap{
-			Bands:   int32(prio.Bands),
-			Priomap: prio.PriorityMap,
+			Bands:   int32(qdisc.Bands),
+			Priomap: qdisc.PriorityMap,
 		}
 		options = nl.NewRtAttr(nl.TCA_OPTIONS, tcmap.Serialize())
-	} else if tbf, ok := qdisc.(*Tbf); ok {
+	case *Tbf:
 		opt := nl.TcTbfQopt{}
-		opt.Rate.Rate = uint32(tbf.Rate)
-		opt.Peakrate.Rate = uint32(tbf.Peakrate)
-		opt.Limit = tbf.Limit
-		opt.Buffer = tbf.Buffer
+		opt.Rate.Rate = uint32(qdisc.Rate)
+		opt.Peakrate.Rate = uint32(qdisc.Peakrate)
+		opt.Limit = qdisc.Limit
+		opt.Buffer = qdisc.Buffer
 		nl.NewRtAttrChild(options, nl.TCA_TBF_PARMS, opt.Serialize())
-		if tbf.Rate >= uint64(1<<32) {
-			nl.NewRtAttrChild(options, nl.TCA_TBF_RATE64, nl.Uint64Attr(tbf.Rate))
+		if qdisc.Rate >= uint64(1<<32) {
+			nl.NewRtAttrChild(options, nl.TCA_TBF_RATE64, nl.Uint64Attr(qdisc.Rate))
 		}
-		if tbf.Peakrate >= uint64(1<<32) {
-			nl.NewRtAttrChild(options, nl.TCA_TBF_PRATE64, nl.Uint64Attr(tbf.Peakrate))
+		if qdisc.Peakrate >= uint64(1<<32) {
+			nl.NewRtAttrChild(options, nl.TCA_TBF_PRATE64, nl.Uint64Attr(qdisc.Peakrate))
 		}
-		if tbf.Peakrate > 0 {
-			nl.NewRtAttrChild(options, nl.TCA_TBF_PBURST, nl.Uint32Attr(tbf.Minburst))
+		if qdisc.Peakrate > 0 {
+			nl.NewRtAttrChild(options, nl.TCA_TBF_PBURST, nl.Uint32Attr(qdisc.Minburst))
 		}
-	} else if htb, ok := qdisc.(*Htb); ok {
+	case *Htb:
 		opt := nl.TcHtbGlob{}
-		opt.Version = htb.Version
-		opt.Rate2Quantum = htb.Rate2Quantum
-		opt.Defcls = htb.Defcls
+		opt.Version = qdisc.Version
+		opt.Rate2Quantum = qdisc.Rate2Quantum
+		opt.Defcls = qdisc.Defcls
 		// TODO: Handle Debug properly. For now default to 0
-		opt.Debug = htb.Debug
-		opt.DirectPkts = htb.DirectPkts
+		opt.Debug = qdisc.Debug
+		opt.DirectPkts = qdisc.DirectPkts
 		nl.NewRtAttrChild(options, nl.TCA_HTB_INIT, opt.Serialize())
 		// nl.NewRtAttrChild(options, nl.TCA_HTB_DIRECT_QLEN, opt.Serialize())
-	} else if netem, ok := qdisc.(*Netem); ok {
+	case *Netem:
 		opt := nl.TcNetemQopt{}
-		opt.Latency = netem.Latency
-		opt.Limit = netem.Limit
-		opt.Loss = netem.Loss
-		opt.Gap = netem.Gap
-		opt.Duplicate = netem.Duplicate
-		opt.Jitter = netem.Jitter
+		opt.Latency = qdisc.Latency
+		opt.Limit = qdisc.Limit
+		opt.Loss = qdisc.Loss
+		opt.Gap = qdisc.Gap
+		opt.Duplicate = qdisc.Duplicate
+		opt.Jitter = qdisc.Jitter
 		options = nl.NewRtAttr(nl.TCA_OPTIONS, opt.Serialize())
 		// Correlation
 		corr := nl.TcNetemCorr{}
-		corr.DelayCorr = netem.DelayCorr
-		corr.LossCorr = netem.LossCorr
-		corr.DupCorr = netem.DuplicateCorr
+		corr.DelayCorr = qdisc.DelayCorr
+		corr.LossCorr = qdisc.LossCorr
+		corr.DupCorr = qdisc.DuplicateCorr
 
 		if corr.DelayCorr > 0 || corr.LossCorr > 0 || corr.DupCorr > 0 {
 			nl.NewRtAttrChild(options, nl.TCA_NETEM_CORR, corr.Serialize())
 		}
 		// Corruption
 		corruption := nl.TcNetemCorrupt{}
-		corruption.Probability = netem.CorruptProb
-		corruption.Correlation = netem.CorruptCorr
+		corruption.Probability = qdisc.CorruptProb
+		corruption.Correlation = qdisc.CorruptCorr
 		if corruption.Probability > 0 {
 			nl.NewRtAttrChild(options, nl.TCA_NETEM_CORRUPT, corruption.Serialize())
 		}
 		// Reorder
 		reorder := nl.TcNetemReorder{}
-		reorder.Probability = netem.ReorderProb
-		reorder.Correlation = netem.ReorderCorr
+		reorder.Probability = qdisc.ReorderProb
+		reorder.Correlation = qdisc.ReorderCorr
 		if reorder.Probability > 0 {
 			nl.NewRtAttrChild(options, nl.TCA_NETEM_REORDER, reorder.Serialize())
 		}
-	} else if _, ok := qdisc.(*Ingress); ok {
+	case *Ingress:
 		// ingress filters must use the proper handle
 		if qdisc.Attrs().Parent != HANDLE_INGRESS {
 			return fmt.Errorf("Ingress filters must set Parent to HANDLE_INGRESS")
@@ -246,7 +249,7 @@ func QdiscList(link Link) ([]Qdisc, error) {
 // Equivalent to: `tc qdisc show`.
 // The list can be filtered by link.
 func (h *Handle) QdiscList(link Link) ([]Qdisc, error) {
-	req := h.newNetlinkRequest(syscall.RTM_GETQDISC, syscall.NLM_F_DUMP)
+	req := h.newNetlinkRequest(unix.RTM_GETQDISC, unix.NLM_F_DUMP)
 	index := int32(0)
 	if link != nil {
 		base := link.Attrs()
@@ -259,7 +262,7 @@ func (h *Handle) QdiscList(link Link) ([]Qdisc, error) {
 	}
 	req.AddData(msg)
 
-	msgs, err := req.Execute(syscall.NETLINK_ROUTE, syscall.RTM_NEWQDISC)
+	msgs, err := req.Execute(unix.NETLINK_ROUTE, unix.RTM_NEWQDISC)
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/github.com/vishvananda/netlink/route.go b/vendor/github.com/vishvananda/netlink/route.go
index 03ac4b23916d..2cd58ee33424 100644
--- a/vendor/github.com/vishvananda/netlink/route.go
+++ b/vendor/github.com/vishvananda/netlink/route.go
@@ -16,6 +16,7 @@ type Destination interface {
 	Decode([]byte) error
 	Encode() ([]byte, error)
 	String() string
+	Equal(Destination) bool
 }
 
 type Encap interface {
@@ -23,6 +24,7 @@ type Encap interface {
 	Decode([]byte) error
 	Encode() ([]byte, error)
 	String() string
+	Equal(Encap) bool
 }
 
 // Route represents a netlink route.
@@ -43,6 +45,8 @@ type Route struct {
 	MPLSDst    *int
 	NewDst     Destination
 	Encap      Encap
+	MTU        int
+	AdvMSS     int
 }
 
 func (r Route) String() string {
@@ -72,6 +76,25 @@ func (r Route) String() string {
 	return fmt.Sprintf("{%s}", strings.Join(elems, " "))
 }
 
+func (r Route) Equal(x Route) bool {
+	return r.LinkIndex == x.LinkIndex &&
+		r.ILinkIndex == x.ILinkIndex &&
+		r.Scope == x.Scope &&
+		ipNetEqual(r.Dst, x.Dst) &&
+		r.Src.Equal(x.Src) &&
+		r.Gw.Equal(x.Gw) &&
+		nexthopInfoSlice(r.MultiPath).Equal(x.MultiPath) &&
+		r.Protocol == x.Protocol &&
+		r.Priority == x.Priority &&
+		r.Table == x.Table &&
+		r.Type == x.Type &&
+		r.Tos == x.Tos &&
+		r.Flags == x.Flags &&
+		(r.MPLSDst == x.MPLSDst || (r.MPLSDst != nil && x.MPLSDst != nil && *r.MPLSDst == *x.MPLSDst)) &&
+		(r.NewDst == x.NewDst || (r.NewDst != nil && r.NewDst.Equal(x.NewDst))) &&
+		(r.Encap == x.Encap || (r.Encap != nil && r.Encap.Equal(x.Encap)))
+}
+
 func (r *Route) SetFlag(flag NextHopFlag) {
 	r.Flags |= int(flag)
 }
@@ -110,7 +133,46 @@ func (n *NexthopInfo) String() string {
 		elems = append(elems, fmt.Sprintf("Encap: %s", n.Encap))
 	}
 	elems = append(elems, fmt.Sprintf("Weight: %d", n.Hops+1))
-	elems = append(elems, fmt.Sprintf("Gw: %d", n.Gw))
+	elems = append(elems, fmt.Sprintf("Gw: %s", n.Gw))
 	elems = append(elems, fmt.Sprintf("Flags: %s", n.ListFlags()))
 	return fmt.Sprintf("{%s}", strings.Join(elems, " "))
 }
+
+func (n NexthopInfo) Equal(x NexthopInfo) bool {
+	return n.LinkIndex == x.LinkIndex &&
+		n.Hops == x.Hops &&
+		n.Gw.Equal(x.Gw) &&
+		n.Flags == x.Flags &&
+		(n.NewDst == x.NewDst || (n.NewDst != nil && n.NewDst.Equal(x.NewDst))) &&
+		(n.Encap == x.Encap || (n.Encap != nil && n.Encap.Equal(x.Encap)))
+}
+
+type nexthopInfoSlice []*NexthopInfo
+
+func (n nexthopInfoSlice) Equal(x []*NexthopInfo) bool {
+	if len(n) != len(x) {
+		return false
+	}
+	for i := range n {
+		if n[i] == nil || x[i] == nil {
+			return false
+		}
+		if !n[i].Equal(*x[i]) {
+			return false
+		}
+	}
+	return true
+}
+
+// ipNetEqual returns true iff both IPNet are equal
+func ipNetEqual(ipn1 *net.IPNet, ipn2 *net.IPNet) bool {
+	if ipn1 == ipn2 {
+		return true
+	}
+	if ipn1 == nil || ipn2 == nil {
+		return false
+	}
+	m1, _ := ipn1.Mask.Size()
+	m2, _ := ipn2.Mask.Size()
+	return m1 == m2 && ipn1.IP.Equal(ipn2.IP)
+}
diff --git a/vendor/github.com/vishvananda/netlink/route_linux.go b/vendor/github.com/vishvananda/netlink/route_linux.go
index cd739e714694..fd5ac8983540 100644
--- a/vendor/github.com/vishvananda/netlink/route_linux.go
+++ b/vendor/github.com/vishvananda/netlink/route_linux.go
@@ -8,16 +8,17 @@ import (
 
 	"github.com/vishvananda/netlink/nl"
 	"github.com/vishvananda/netns"
+	"golang.org/x/sys/unix"
 )
 
 // RtAttr is shared so it is in netlink_linux.go
 
 const (
-	SCOPE_UNIVERSE Scope = syscall.RT_SCOPE_UNIVERSE
-	SCOPE_SITE     Scope = syscall.RT_SCOPE_SITE
-	SCOPE_LINK     Scope = syscall.RT_SCOPE_LINK
-	SCOPE_HOST     Scope = syscall.RT_SCOPE_HOST
-	SCOPE_NOWHERE  Scope = syscall.RT_SCOPE_NOWHERE
+	SCOPE_UNIVERSE Scope = unix.RT_SCOPE_UNIVERSE
+	SCOPE_SITE     Scope = unix.RT_SCOPE_SITE
+	SCOPE_LINK     Scope = unix.RT_SCOPE_LINK
+	SCOPE_HOST     Scope = unix.RT_SCOPE_HOST
+	SCOPE_NOWHERE  Scope = unix.RT_SCOPE_NOWHERE
 )
 
 const (
@@ -34,8 +35,8 @@ const (
 )
 
 const (
-	FLAG_ONLINK    NextHopFlag = syscall.RTNH_F_ONLINK
-	FLAG_PERVASIVE NextHopFlag = syscall.RTNH_F_PERVASIVE
+	FLAG_ONLINK    NextHopFlag = unix.RTNH_F_ONLINK
+	FLAG_PERVASIVE NextHopFlag = unix.RTNH_F_PERVASIVE
 )
 
 var testFlags = []flagString{
@@ -86,6 +87,34 @@ func (d *MPLSDestination) String() string {
 	return strings.Join(s, "/")
 }
 
+func (d *MPLSDestination) Equal(x Destination) bool {
+	o, ok := x.(*MPLSDestination)
+	if !ok {
+		return false
+	}
+	if d == nil && o == nil {
+		return true
+	}
+	if d == nil || o == nil {
+		return false
+	}
+	if d.Labels == nil && o.Labels == nil {
+		return true
+	}
+	if d.Labels == nil || o.Labels == nil {
+		return false
+	}
+	if len(d.Labels) != len(o.Labels) {
+		return false
+	}
+	for i := range d.Labels {
+		if d.Labels[i] != o.Labels[i] {
+			return false
+		}
+	}
+	return true
+}
+
 type MPLSEncap struct {
 	Labels []int
 }
@@ -96,17 +125,17 @@ func (e *MPLSEncap) Type() int {
 
 func (e *MPLSEncap) Decode(buf []byte) error {
 	if len(buf) < 4 {
-		return fmt.Errorf("Lack of bytes")
+		return fmt.Errorf("lack of bytes")
 	}
 	native := nl.NativeEndian()
 	l := native.Uint16(buf)
 	if len(buf) < int(l) {
-		return fmt.Errorf("Lack of bytes")
+		return fmt.Errorf("lack of bytes")
 	}
 	buf = buf[:l]
 	typ := native.Uint16(buf[2:])
 	if typ != nl.MPLS_IPTUNNEL_DST {
-		return fmt.Errorf("Unknown MPLS Encap Type: %d", typ)
+		return fmt.Errorf("unknown MPLS Encap Type: %d", typ)
 	}
 	e.Labels = nl.DecodeMPLSStack(buf[4:])
 	return nil
@@ -129,6 +158,107 @@ func (e *MPLSEncap) String() string {
 	return strings.Join(s, "/")
 }
 
+func (e *MPLSEncap) Equal(x Encap) bool {
+	o, ok := x.(*MPLSEncap)
+	if !ok {
+		return false
+	}
+	if e == nil && o == nil {
+		return true
+	}
+	if e == nil || o == nil {
+		return false
+	}
+	if e.Labels == nil && o.Labels == nil {
+		return true
+	}
+	if e.Labels == nil || o.Labels == nil {
+		return false
+	}
+	if len(e.Labels) != len(o.Labels) {
+		return false
+	}
+	for i := range e.Labels {
+		if e.Labels[i] != o.Labels[i] {
+			return false
+		}
+	}
+	return true
+}
+
+// SEG6 definitions
+type SEG6Encap struct {
+	Mode     int
+	Segments []net.IP
+}
+
+func (e *SEG6Encap) Type() int {
+	return nl.LWTUNNEL_ENCAP_SEG6
+}
+func (e *SEG6Encap) Decode(buf []byte) error {
+	if len(buf) < 4 {
+		return fmt.Errorf("lack of bytes")
+	}
+	native := nl.NativeEndian()
+	// Get Length(l) & Type(typ) : 2 + 2 bytes
+	l := native.Uint16(buf)
+	if len(buf) < int(l) {
+		return fmt.Errorf("lack of bytes")
+	}
+	buf = buf[:l] // make sure buf size upper limit is Length
+	typ := native.Uint16(buf[2:])
+	if typ != nl.SEG6_IPTUNNEL_SRH {
+		return fmt.Errorf("unknown SEG6 Type: %d", typ)
+	}
+
+	var err error
+	e.Mode, e.Segments, err = nl.DecodeSEG6Encap(buf[4:])
+
+	return err
+}
+func (e *SEG6Encap) Encode() ([]byte, error) {
+	s, err := nl.EncodeSEG6Encap(e.Mode, e.Segments)
+	native := nl.NativeEndian()
+	hdr := make([]byte, 4)
+	native.PutUint16(hdr, uint16(len(s)+4))
+	native.PutUint16(hdr[2:], nl.SEG6_IPTUNNEL_SRH)
+	return append(hdr, s...), err
+}
+func (e *SEG6Encap) String() string {
+	segs := make([]string, 0, len(e.Segments))
+	// append segment backwards (from n to 0) since seg#0 is the last segment.
+	for i := len(e.Segments); i > 0; i-- {
+		segs = append(segs, fmt.Sprintf("%s", e.Segments[i-1]))
+	}
+	str := fmt.Sprintf("mode %s segs %d [ %s ]", nl.SEG6EncapModeString(e.Mode),
+		len(e.Segments), strings.Join(segs, " "))
+	return str
+}
+func (e *SEG6Encap) Equal(x Encap) bool {
+	o, ok := x.(*SEG6Encap)
+	if !ok {
+		return false
+	}
+	if e == o {
+		return true
+	}
+	if e == nil || o == nil {
+		return false
+	}
+	if e.Mode != o.Mode {
+		return false
+	}
+	if len(e.Segments) != len(o.Segments) {
+		return false
+	}
+	for i := range e.Segments {
+		if !e.Segments[i].Equal(o.Segments[i]) {
+			return false
+		}
+	}
+	return true
+}
+
 // RouteAdd will add a route to the system.
 // Equivalent to: `ip route add $route`
 func RouteAdd(route *Route) error {
@@ -138,8 +268,8 @@ func RouteAdd(route *Route) error {
 // RouteAdd will add a route to the system.
 // Equivalent to: `ip route add $route`
 func (h *Handle) RouteAdd(route *Route) error {
-	flags := syscall.NLM_F_CREATE | syscall.NLM_F_EXCL | syscall.NLM_F_ACK
-	req := h.newNetlinkRequest(syscall.RTM_NEWROUTE, flags)
+	flags := unix.NLM_F_CREATE | unix.NLM_F_EXCL | unix.NLM_F_ACK
+	req := h.newNetlinkRequest(unix.RTM_NEWROUTE, flags)
 	return h.routeHandle(route, req, nl.NewRtMsg())
 }
 
@@ -152,8 +282,8 @@ func RouteReplace(route *Route) error {
 // RouteReplace will add a route to the system.
 // Equivalent to: `ip route replace $route`
 func (h *Handle) RouteReplace(route *Route) error {
-	flags := syscall.NLM_F_CREATE | syscall.NLM_F_REPLACE | syscall.NLM_F_ACK
-	req := h.newNetlinkRequest(syscall.RTM_NEWROUTE, flags)
+	flags := unix.NLM_F_CREATE | unix.NLM_F_REPLACE | unix.NLM_F_ACK
+	req := h.newNetlinkRequest(unix.RTM_NEWROUTE, flags)
 	return h.routeHandle(route, req, nl.NewRtMsg())
 }
 
@@ -166,7 +296,7 @@ func RouteDel(route *Route) error {
 // RouteDel will delete a route from the system.
 // Equivalent to: `ip route del $route`
 func (h *Handle) RouteDel(route *Route) error {
-	req := h.newNetlinkRequest(syscall.RTM_DELROUTE, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_DELROUTE, unix.NLM_F_ACK)
 	return h.routeHandle(route, req, nl.NewRtDelMsg())
 }
 
@@ -189,12 +319,12 @@ func (h *Handle) routeHandle(route *Route, req *nl.NetlinkRequest, msg *nl.RtMsg
 		} else {
 			dstData = route.Dst.IP.To16()
 		}
-		rtAttrs = append(rtAttrs, nl.NewRtAttr(syscall.RTA_DST, dstData))
+		rtAttrs = append(rtAttrs, nl.NewRtAttr(unix.RTA_DST, dstData))
 	} else if route.MPLSDst != nil {
 		family = nl.FAMILY_MPLS
 		msg.Dst_len = uint8(20)
-		msg.Type = syscall.RTN_UNICAST
-		rtAttrs = append(rtAttrs, nl.NewRtAttr(syscall.RTA_DST, nl.EncodeMPLSStack(*route.MPLSDst)))
+		msg.Type = unix.RTN_UNICAST
+		rtAttrs = append(rtAttrs, nl.NewRtAttr(unix.RTA_DST, nl.EncodeMPLSStack(*route.MPLSDst)))
 	}
 
 	if route.NewDst != nil {
@@ -232,7 +362,7 @@ func (h *Handle) routeHandle(route *Route, req *nl.NetlinkRequest, msg *nl.RtMsg
 			srcData = route.Src.To16()
 		}
 		// The commonly used src ip for routes is actually PREFSRC
-		rtAttrs = append(rtAttrs, nl.NewRtAttr(syscall.RTA_PREFSRC, srcData))
+		rtAttrs = append(rtAttrs, nl.NewRtAttr(unix.RTA_PREFSRC, srcData))
 	}
 
 	if route.Gw != nil {
@@ -247,14 +377,14 @@ func (h *Handle) routeHandle(route *Route, req *nl.NetlinkRequest, msg *nl.RtMsg
 		} else {
 			gwData = route.Gw.To16()
 		}
-		rtAttrs = append(rtAttrs, nl.NewRtAttr(syscall.RTA_GATEWAY, gwData))
+		rtAttrs = append(rtAttrs, nl.NewRtAttr(unix.RTA_GATEWAY, gwData))
 	}
 
 	if len(route.MultiPath) > 0 {
 		buf := []byte{}
 		for _, nh := range route.MultiPath {
 			rtnh := &nl.RtNexthop{
-				RtNexthop: syscall.RtNexthop{
+				RtNexthop: unix.RtNexthop{
 					Hops:    uint8(nh.Hops),
 					Ifindex: int32(nh.LinkIndex),
 					Flags:   uint8(nh.Flags),
@@ -267,9 +397,9 @@ func (h *Handle) routeHandle(route *Route, req *nl.NetlinkRequest, msg *nl.RtMsg
 					return fmt.Errorf("gateway, source, and destination ip are not the same IP family")
 				}
 				if gwFamily == FAMILY_V4 {
-					children = append(children, nl.NewRtAttr(syscall.RTA_GATEWAY, []byte(nh.Gw.To4())))
+					children = append(children, nl.NewRtAttr(unix.RTA_GATEWAY, []byte(nh.Gw.To4())))
 				} else {
-					children = append(children, nl.NewRtAttr(syscall.RTA_GATEWAY, []byte(nh.Gw.To16())))
+					children = append(children, nl.NewRtAttr(unix.RTA_GATEWAY, []byte(nh.Gw.To16())))
 				}
 			}
 			if nh.NewDst != nil {
@@ -295,15 +425,15 @@ func (h *Handle) routeHandle(route *Route, req *nl.NetlinkRequest, msg *nl.RtMsg
 			rtnh.Children = children
 			buf = append(buf, rtnh.Serialize()...)
 		}
-		rtAttrs = append(rtAttrs, nl.NewRtAttr(syscall.RTA_MULTIPATH, buf))
+		rtAttrs = append(rtAttrs, nl.NewRtAttr(unix.RTA_MULTIPATH, buf))
 	}
 
 	if route.Table > 0 {
 		if route.Table >= 256 {
-			msg.Table = syscall.RT_TABLE_UNSPEC
+			msg.Table = unix.RT_TABLE_UNSPEC
 			b := make([]byte, 4)
 			native.PutUint32(b, uint32(route.Table))
-			rtAttrs = append(rtAttrs, nl.NewRtAttr(syscall.RTA_TABLE, b))
+			rtAttrs = append(rtAttrs, nl.NewRtAttr(unix.RTA_TABLE, b))
 		} else {
 			msg.Table = uint8(route.Table)
 		}
@@ -312,7 +442,7 @@ func (h *Handle) routeHandle(route *Route, req *nl.NetlinkRequest, msg *nl.RtMsg
 	if route.Priority > 0 {
 		b := make([]byte, 4)
 		native.PutUint32(b, uint32(route.Priority))
-		rtAttrs = append(rtAttrs, nl.NewRtAttr(syscall.RTA_PRIORITY, b))
+		rtAttrs = append(rtAttrs, nl.NewRtAttr(unix.RTA_PRIORITY, b))
 	}
 	if route.Tos > 0 {
 		msg.Tos = uint8(route.Tos)
@@ -324,6 +454,25 @@ func (h *Handle) routeHandle(route *Route, req *nl.NetlinkRequest, msg *nl.RtMsg
 		msg.Type = uint8(route.Type)
 	}
 
+	var metrics []*nl.RtAttr
+	// TODO: support other rta_metric values
+	if route.MTU > 0 {
+		b := nl.Uint32Attr(uint32(route.MTU))
+		metrics = append(metrics, nl.NewRtAttr(unix.RTAX_MTU, b))
+	}
+	if route.AdvMSS > 0 {
+		b := nl.Uint32Attr(uint32(route.AdvMSS))
+		metrics = append(metrics, nl.NewRtAttr(unix.RTAX_ADVMSS, b))
+	}
+
+	if metrics != nil {
+		attr := nl.NewRtAttr(unix.RTA_METRICS, nil)
+		for _, metric := range metrics {
+			attr.AddChild(metric)
+		}
+		rtAttrs = append(rtAttrs, attr)
+	}
+
 	msg.Flags = uint32(route.Flags)
 	msg.Scope = uint8(route.Scope)
 	msg.Family = uint8(family)
@@ -338,9 +487,9 @@ func (h *Handle) routeHandle(route *Route, req *nl.NetlinkRequest, msg *nl.RtMsg
 	)
 	native.PutUint32(b, uint32(route.LinkIndex))
 
-	req.AddData(nl.NewRtAttr(syscall.RTA_OIF, b))
+	req.AddData(nl.NewRtAttr(unix.RTA_OIF, b))
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -373,11 +522,11 @@ func RouteListFiltered(family int, filter *Route, filterMask uint64) ([]Route, e
 // RouteListFiltered gets a list of routes in the system filtered with specified rules.
 // All rules must be defined in RouteFilter struct
 func (h *Handle) RouteListFiltered(family int, filter *Route, filterMask uint64) ([]Route, error) {
-	req := h.newNetlinkRequest(syscall.RTM_GETROUTE, syscall.NLM_F_DUMP)
+	req := h.newNetlinkRequest(unix.RTM_GETROUTE, unix.NLM_F_DUMP)
 	infmsg := nl.NewIfInfomsg(family)
 	req.AddData(infmsg)
 
-	msgs, err := req.Execute(syscall.NETLINK_ROUTE, syscall.RTM_NEWROUTE)
+	msgs, err := req.Execute(unix.NETLINK_ROUTE, unix.RTM_NEWROUTE)
 	if err != nil {
 		return nil, err
 	}
@@ -385,11 +534,11 @@ func (h *Handle) RouteListFiltered(family int, filter *Route, filterMask uint64)
 	var res []Route
 	for _, m := range msgs {
 		msg := nl.DeserializeRtMsg(m)
-		if msg.Flags&syscall.RTM_F_CLONED != 0 {
+		if msg.Flags&unix.RTM_F_CLONED != 0 {
 			// Ignore cloned routes
 			continue
 		}
-		if msg.Table != syscall.RT_TABLE_MAIN {
+		if msg.Table != unix.RT_TABLE_MAIN {
 			if filter == nil || filter != nil && filterMask&RT_FILTER_TABLE == 0 {
 				// Ignore non-main tables
 				continue
@@ -401,7 +550,7 @@ func (h *Handle) RouteListFiltered(family int, filter *Route, filterMask uint64)
 		}
 		if filter != nil {
 			switch {
-			case filterMask&RT_FILTER_TABLE != 0 && filter.Table != syscall.RT_TABLE_UNSPEC && route.Table != filter.Table:
+			case filterMask&RT_FILTER_TABLE != 0 && filter.Table != unix.RT_TABLE_UNSPEC && route.Table != filter.Table:
 				continue
 			case filterMask&RT_FILTER_PROTOCOL != 0 && route.Protocol != filter.Protocol:
 				continue
@@ -421,19 +570,8 @@ func (h *Handle) RouteListFiltered(family int, filter *Route, filterMask uint64)
 				continue
 			case filterMask&RT_FILTER_DST != 0:
 				if filter.MPLSDst == nil || route.MPLSDst == nil || (*filter.MPLSDst) != (*route.MPLSDst) {
-					if filter.Dst == nil {
-						if route.Dst != nil {
-							continue
-						}
-					} else {
-						if route.Dst == nil {
-							continue
-						}
-						aMaskLen, aMaskBits := route.Dst.Mask.Size()
-						bMaskLen, bMaskBits := filter.Dst.Mask.Size()
-						if !(route.Dst.IP.Equal(filter.Dst.IP) && aMaskLen == bMaskLen && aMaskBits == bMaskBits) {
-							continue
-						}
+					if !ipNetEqual(route.Dst, filter.Dst) {
+						continue
 					}
 				}
 			}
@@ -463,11 +601,11 @@ func deserializeRoute(m []byte) (Route, error) {
 	var encap, encapType syscall.NetlinkRouteAttr
 	for _, attr := range attrs {
 		switch attr.Attr.Type {
-		case syscall.RTA_GATEWAY:
+		case unix.RTA_GATEWAY:
 			route.Gw = net.IP(attr.Value)
-		case syscall.RTA_PREFSRC:
+		case unix.RTA_PREFSRC:
 			route.Src = net.IP(attr.Value)
-		case syscall.RTA_DST:
+		case unix.RTA_DST:
 			if msg.Family == nl.FAMILY_MPLS {
 				stack := nl.DecodeMPLSStack(attr.Value)
 				if len(stack) == 0 || len(stack) > 1 {
@@ -480,36 +618,36 @@ func deserializeRoute(m []byte) (Route, error) {
 					Mask: net.CIDRMask(int(msg.Dst_len), 8*len(attr.Value)),
 				}
 			}
-		case syscall.RTA_OIF:
+		case unix.RTA_OIF:
 			route.LinkIndex = int(native.Uint32(attr.Value[0:4]))
-		case syscall.RTA_IIF:
+		case unix.RTA_IIF:
 			route.ILinkIndex = int(native.Uint32(attr.Value[0:4]))
-		case syscall.RTA_PRIORITY:
+		case unix.RTA_PRIORITY:
 			route.Priority = int(native.Uint32(attr.Value[0:4]))
-		case syscall.RTA_TABLE:
+		case unix.RTA_TABLE:
 			route.Table = int(native.Uint32(attr.Value[0:4]))
-		case syscall.RTA_MULTIPATH:
+		case unix.RTA_MULTIPATH:
 			parseRtNexthop := func(value []byte) (*NexthopInfo, []byte, error) {
-				if len(value) < syscall.SizeofRtNexthop {
-					return nil, nil, fmt.Errorf("Lack of bytes")
+				if len(value) < unix.SizeofRtNexthop {
+					return nil, nil, fmt.Errorf("lack of bytes")
 				}
 				nh := nl.DeserializeRtNexthop(value)
 				if len(value) < int(nh.RtNexthop.Len) {
-					return nil, nil, fmt.Errorf("Lack of bytes")
+					return nil, nil, fmt.Errorf("lack of bytes")
 				}
 				info := &NexthopInfo{
 					LinkIndex: int(nh.RtNexthop.Ifindex),
 					Hops:      int(nh.RtNexthop.Hops),
 					Flags:     int(nh.RtNexthop.Flags),
 				}
-				attrs, err := nl.ParseRouteAttr(value[syscall.SizeofRtNexthop:int(nh.RtNexthop.Len)])
+				attrs, err := nl.ParseRouteAttr(value[unix.SizeofRtNexthop:int(nh.RtNexthop.Len)])
 				if err != nil {
 					return nil, nil, err
 				}
 				var encap, encapType syscall.NetlinkRouteAttr
 				for _, attr := range attrs {
 					switch attr.Attr.Type {
-					case syscall.RTA_GATEWAY:
+					case unix.RTA_GATEWAY:
 						info.Gw = net.IP(attr.Value)
 					case nl.RTA_NEWDST:
 						var d Destination
@@ -566,6 +704,19 @@ func deserializeRoute(m []byte) (Route, error) {
 			encapType = attr
 		case nl.RTA_ENCAP:
 			encap = attr
+		case unix.RTA_METRICS:
+			metrics, err := nl.ParseRouteAttr(attr.Value)
+			if err != nil {
+				return route, err
+			}
+			for _, metric := range metrics {
+				switch metric.Attr.Type {
+				case unix.RTAX_MTU:
+					route.MTU = int(native.Uint32(metric.Value[0:4]))
+				case unix.RTAX_ADVMSS:
+					route.AdvMSS = int(native.Uint32(metric.Value[0:4]))
+				}
+			}
 		}
 	}
 
@@ -578,6 +729,11 @@ func deserializeRoute(m []byte) (Route, error) {
 			if err := e.Decode(encap.Value); err != nil {
 				return route, err
 			}
+		case nl.LWTUNNEL_ENCAP_SEG6:
+			e = &SEG6Encap{}
+			if err := e.Decode(encap.Value); err != nil {
+				return route, err
+			}
 		}
 		route.Encap = e
 	}
@@ -594,7 +750,7 @@ func RouteGet(destination net.IP) ([]Route, error) {
 // RouteGet gets a route to a specific destination from the host system.
 // Equivalent to: 'ip route get'.
 func (h *Handle) RouteGet(destination net.IP) ([]Route, error) {
-	req := h.newNetlinkRequest(syscall.RTM_GETROUTE, syscall.NLM_F_REQUEST)
+	req := h.newNetlinkRequest(unix.RTM_GETROUTE, unix.NLM_F_REQUEST)
 	family := nl.GetIPFamily(destination)
 	var destinationData []byte
 	var bitlen uint8
@@ -610,10 +766,10 @@ func (h *Handle) RouteGet(destination net.IP) ([]Route, error) {
 	msg.Dst_len = bitlen
 	req.AddData(msg)
 
-	rtaDst := nl.NewRtAttr(syscall.RTA_DST, destinationData)
+	rtaDst := nl.NewRtAttr(unix.RTA_DST, destinationData)
 	req.AddData(rtaDst)
 
-	msgs, err := req.Execute(syscall.NETLINK_ROUTE, syscall.RTM_NEWROUTE)
+	msgs, err := req.Execute(unix.NETLINK_ROUTE, unix.RTM_NEWROUTE)
 	if err != nil {
 		return nil, err
 	}
@@ -633,17 +789,35 @@ func (h *Handle) RouteGet(destination net.IP) ([]Route, error) {
 // RouteSubscribe takes a chan down which notifications will be sent
 // when routes are added or deleted. Close the 'done' chan to stop subscription.
 func RouteSubscribe(ch chan<- RouteUpdate, done <-chan struct{}) error {
-	return routeSubscribeAt(netns.None(), netns.None(), ch, done)
+	return routeSubscribeAt(netns.None(), netns.None(), ch, done, nil)
 }
 
 // RouteSubscribeAt works like RouteSubscribe plus it allows the caller
 // to choose the network namespace in which to subscribe (ns).
 func RouteSubscribeAt(ns netns.NsHandle, ch chan<- RouteUpdate, done <-chan struct{}) error {
-	return routeSubscribeAt(ns, netns.None(), ch, done)
+	return routeSubscribeAt(ns, netns.None(), ch, done, nil)
 }
 
-func routeSubscribeAt(newNs, curNs netns.NsHandle, ch chan<- RouteUpdate, done <-chan struct{}) error {
-	s, err := nl.SubscribeAt(newNs, curNs, syscall.NETLINK_ROUTE, syscall.RTNLGRP_IPV4_ROUTE, syscall.RTNLGRP_IPV6_ROUTE)
+// RouteSubscribeOptions contains a set of options to use with
+// RouteSubscribeWithOptions.
+type RouteSubscribeOptions struct {
+	Namespace     *netns.NsHandle
+	ErrorCallback func(error)
+}
+
+// RouteSubscribeWithOptions work like RouteSubscribe but enable to
+// provide additional options to modify the behavior. Currently, the
+// namespace can be provided as well as an error callback.
+func RouteSubscribeWithOptions(ch chan<- RouteUpdate, done <-chan struct{}, options RouteSubscribeOptions) error {
+	if options.Namespace == nil {
+		none := netns.None()
+		options.Namespace = &none
+	}
+	return routeSubscribeAt(*options.Namespace, netns.None(), ch, done, options.ErrorCallback)
+}
+
+func routeSubscribeAt(newNs, curNs netns.NsHandle, ch chan<- RouteUpdate, done <-chan struct{}, cberr func(error)) error {
+	s, err := nl.SubscribeAt(newNs, curNs, unix.NETLINK_ROUTE, unix.RTNLGRP_IPV4_ROUTE, unix.RTNLGRP_IPV6_ROUTE)
 	if err != nil {
 		return err
 	}
@@ -658,11 +832,17 @@ func routeSubscribeAt(newNs, curNs netns.NsHandle, ch chan<- RouteUpdate, done <
 		for {
 			msgs, err := s.Receive()
 			if err != nil {
+				if cberr != nil {
+					cberr(err)
+				}
 				return
 			}
 			for _, m := range msgs {
 				route, err := deserializeRoute(m.Data)
 				if err != nil {
+					if cberr != nil {
+						cberr(err)
+					}
 					return
 				}
 				ch <- RouteUpdate{Type: m.Header.Type, Route: route}
diff --git a/vendor/github.com/vishvananda/netlink/rule.go b/vendor/github.com/vishvananda/netlink/rule.go
index f0243defd7d0..7fc8ae5df15e 100644
--- a/vendor/github.com/vishvananda/netlink/rule.go
+++ b/vendor/github.com/vishvananda/netlink/rule.go
@@ -8,6 +8,7 @@ import (
 // Rule represents a netlink rule.
 type Rule struct {
 	Priority          int
+	Family            int
 	Table             int
 	Mark              int
 	Mask              int
@@ -20,6 +21,7 @@ type Rule struct {
 	OifName           string
 	SuppressIfgroup   int
 	SuppressPrefixlen int
+	Invert            bool
 }
 
 func (r Rule) String() string {
diff --git a/vendor/github.com/vishvananda/netlink/rule_linux.go b/vendor/github.com/vishvananda/netlink/rule_linux.go
index f9cdc855f1fc..6238ae458642 100644
--- a/vendor/github.com/vishvananda/netlink/rule_linux.go
+++ b/vendor/github.com/vishvananda/netlink/rule_linux.go
@@ -3,11 +3,13 @@ package netlink
 import (
 	"fmt"
 	"net"
-	"syscall"
 
 	"github.com/vishvananda/netlink/nl"
+	"golang.org/x/sys/unix"
 )
 
+const FibRuleInvert = 0x2
+
 // RuleAdd adds a rule to the system.
 // Equivalent to: ip rule add
 func RuleAdd(rule *Rule) error {
@@ -17,7 +19,7 @@ func RuleAdd(rule *Rule) error {
 // RuleAdd adds a rule to the system.
 // Equivalent to: ip rule add
 func (h *Handle) RuleAdd(rule *Rule) error {
-	req := h.newNetlinkRequest(syscall.RTM_NEWRULE, syscall.NLM_F_CREATE|syscall.NLM_F_EXCL|syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_NEWRULE, unix.NLM_F_CREATE|unix.NLM_F_EXCL|unix.NLM_F_ACK)
 	return ruleHandle(rule, req)
 }
 
@@ -30,15 +32,31 @@ func RuleDel(rule *Rule) error {
 // RuleDel deletes a rule from the system.
 // Equivalent to: ip rule del
 func (h *Handle) RuleDel(rule *Rule) error {
-	req := h.newNetlinkRequest(syscall.RTM_DELRULE, syscall.NLM_F_CREATE|syscall.NLM_F_EXCL|syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(unix.RTM_DELRULE, unix.NLM_F_ACK)
 	return ruleHandle(rule, req)
 }
 
 func ruleHandle(rule *Rule, req *nl.NetlinkRequest) error {
 	msg := nl.NewRtMsg()
-	msg.Family = syscall.AF_INET
-	var dstFamily uint8
+	msg.Family = unix.AF_INET
+	msg.Protocol = unix.RTPROT_BOOT
+	msg.Scope = unix.RT_SCOPE_UNIVERSE
+	msg.Table = unix.RT_TABLE_UNSPEC
+	msg.Type = unix.RTN_UNSPEC
+	if req.NlMsghdr.Flags&unix.NLM_F_CREATE > 0 {
+		msg.Type = unix.RTN_UNICAST
+	}
+	if rule.Invert {
+		msg.Flags |= FibRuleInvert
+	}
+	if rule.Family != 0 {
+		msg.Family = uint8(rule.Family)
+	}
+	if rule.Table >= 0 && rule.Table < 256 {
+		msg.Table = uint8(rule.Table)
+	}
 
+	var dstFamily uint8
 	var rtAttrs []*nl.RtAttr
 	if rule.Dst != nil && rule.Dst.IP != nil {
 		dstLen, _ := rule.Dst.Mask.Size()
@@ -46,12 +64,12 @@ func ruleHandle(rule *Rule, req *nl.NetlinkRequest) error {
 		msg.Family = uint8(nl.GetIPFamily(rule.Dst.IP))
 		dstFamily = msg.Family
 		var dstData []byte
-		if msg.Family == syscall.AF_INET {
+		if msg.Family == unix.AF_INET {
 			dstData = rule.Dst.IP.To4()
 		} else {
 			dstData = rule.Dst.IP.To16()
 		}
-		rtAttrs = append(rtAttrs, nl.NewRtAttr(syscall.RTA_DST, dstData))
+		rtAttrs = append(rtAttrs, nl.NewRtAttr(unix.RTA_DST, dstData))
 	}
 
 	if rule.Src != nil && rule.Src.IP != nil {
@@ -62,19 +80,12 @@ func ruleHandle(rule *Rule, req *nl.NetlinkRequest) error {
 		srcLen, _ := rule.Src.Mask.Size()
 		msg.Src_len = uint8(srcLen)
 		var srcData []byte
-		if msg.Family == syscall.AF_INET {
+		if msg.Family == unix.AF_INET {
 			srcData = rule.Src.IP.To4()
 		} else {
 			srcData = rule.Src.IP.To16()
 		}
-		rtAttrs = append(rtAttrs, nl.NewRtAttr(syscall.RTA_SRC, srcData))
-	}
-
-	if rule.Table >= 0 {
-		msg.Table = uint8(rule.Table)
-		if rule.Table >= 256 {
-			msg.Table = syscall.RT_TABLE_UNSPEC
-		}
+		rtAttrs = append(rtAttrs, nl.NewRtAttr(unix.RTA_SRC, srcData))
 	}
 
 	req.AddData(msg)
@@ -139,7 +150,7 @@ func ruleHandle(rule *Rule, req *nl.NetlinkRequest) error {
 		req.AddData(nl.NewRtAttr(nl.FRA_GOTO, b))
 	}
 
-	_, err := req.Execute(syscall.NETLINK_ROUTE, 0)
+	_, err := req.Execute(unix.NETLINK_ROUTE, 0)
 	return err
 }
 
@@ -152,11 +163,11 @@ func RuleList(family int) ([]Rule, error) {
 // RuleList lists rules in the system.
 // Equivalent to: ip rule list
 func (h *Handle) RuleList(family int) ([]Rule, error) {
-	req := h.newNetlinkRequest(syscall.RTM_GETRULE, syscall.NLM_F_DUMP|syscall.NLM_F_REQUEST)
+	req := h.newNetlinkRequest(unix.RTM_GETRULE, unix.NLM_F_DUMP|unix.NLM_F_REQUEST)
 	msg := nl.NewIfInfomsg(family)
 	req.AddData(msg)
 
-	msgs, err := req.Execute(syscall.NETLINK_ROUTE, syscall.RTM_NEWRULE)
+	msgs, err := req.Execute(unix.NETLINK_ROUTE, unix.RTM_NEWRULE)
 	if err != nil {
 		return nil, err
 	}
@@ -172,9 +183,11 @@ func (h *Handle) RuleList(family int) ([]Rule, error) {
 
 		rule := NewRule()
 
+		rule.Invert = msg.Flags&FibRuleInvert > 0
+
 		for j := range attrs {
 			switch attrs[j].Attr.Type {
-			case syscall.RTA_TABLE:
+			case unix.RTA_TABLE:
 				rule.Table = int(native.Uint32(attrs[j].Value[0:4]))
 			case nl.FRA_SRC:
 				rule.Src = &net.IPNet{
diff --git a/vendor/github.com/vishvananda/netlink/socket_linux.go b/vendor/github.com/vishvananda/netlink/socket_linux.go
index b42b84f0cfe4..99e9fb4d8979 100644
--- a/vendor/github.com/vishvananda/netlink/socket_linux.go
+++ b/vendor/github.com/vishvananda/netlink/socket_linux.go
@@ -4,9 +4,9 @@ import (
 	"errors"
 	"fmt"
 	"net"
-	"syscall"
 
 	"github.com/vishvananda/netlink/nl"
+	"golang.org/x/sys/unix"
 )
 
 const (
@@ -123,15 +123,15 @@ func SocketGet(local, remote net.Addr) (*Socket, error) {
 		return nil, ErrNotImplemented
 	}
 
-	s, err := nl.Subscribe(syscall.NETLINK_INET_DIAG)
+	s, err := nl.Subscribe(unix.NETLINK_INET_DIAG)
 	if err != nil {
 		return nil, err
 	}
 	defer s.Close()
 	req := nl.NewNetlinkRequest(nl.SOCK_DIAG_BY_FAMILY, 0)
 	req.AddData(&socketRequest{
-		Family:   syscall.AF_INET,
-		Protocol: syscall.IPPROTO_TCP,
+		Family:   unix.AF_INET,
+		Protocol: unix.IPPROTO_TCP,
 		ID: SocketID{
 			SourcePort:      uint16(localTCP.Port),
 			DestinationPort: uint16(remoteTCP.Port),
diff --git a/vendor/github.com/vishvananda/netlink/xfrm.go b/vendor/github.com/vishvananda/netlink/xfrm.go
index 9962dcf7006d..02b41842e102 100644
--- a/vendor/github.com/vishvananda/netlink/xfrm.go
+++ b/vendor/github.com/vishvananda/netlink/xfrm.go
@@ -2,19 +2,20 @@ package netlink
 
 import (
 	"fmt"
-	"syscall"
+
+	"golang.org/x/sys/unix"
 )
 
 // Proto is an enum representing an ipsec protocol.
 type Proto uint8
 
 const (
-	XFRM_PROTO_ROUTE2    Proto = syscall.IPPROTO_ROUTING
-	XFRM_PROTO_ESP       Proto = syscall.IPPROTO_ESP
-	XFRM_PROTO_AH        Proto = syscall.IPPROTO_AH
-	XFRM_PROTO_HAO       Proto = syscall.IPPROTO_DSTOPTS
+	XFRM_PROTO_ROUTE2    Proto = unix.IPPROTO_ROUTING
+	XFRM_PROTO_ESP       Proto = unix.IPPROTO_ESP
+	XFRM_PROTO_AH        Proto = unix.IPPROTO_AH
+	XFRM_PROTO_HAO       Proto = unix.IPPROTO_DSTOPTS
 	XFRM_PROTO_COMP      Proto = 0x6c // NOTE not defined on darwin
-	XFRM_PROTO_IPSEC_ANY Proto = syscall.IPPROTO_RAW
+	XFRM_PROTO_IPSEC_ANY Proto = unix.IPPROTO_RAW
 )
 
 func (p Proto) String() string {
diff --git a/vendor/github.com/vishvananda/netlink/xfrm_monitor_linux.go b/vendor/github.com/vishvananda/netlink/xfrm_monitor_linux.go
index 7b98c9cb6d3b..efe72ddf29ce 100644
--- a/vendor/github.com/vishvananda/netlink/xfrm_monitor_linux.go
+++ b/vendor/github.com/vishvananda/netlink/xfrm_monitor_linux.go
@@ -2,11 +2,10 @@ package netlink
 
 import (
 	"fmt"
-	"syscall"
-
-	"github.com/vishvananda/netns"
 
 	"github.com/vishvananda/netlink/nl"
+	"github.com/vishvananda/netns"
+	"golang.org/x/sys/unix"
 )
 
 type XfrmMsg interface {
@@ -39,7 +38,7 @@ func XfrmMonitor(ch chan<- XfrmMsg, done <-chan struct{}, errorChan chan<- error
 	if err != nil {
 		return nil
 	}
-	s, err := nl.SubscribeAt(netns.None(), netns.None(), syscall.NETLINK_XFRM, groups...)
+	s, err := nl.SubscribeAt(netns.None(), netns.None(), unix.NETLINK_XFRM, groups...)
 	if err != nil {
 		return err
 	}
diff --git a/vendor/github.com/vishvananda/netlink/xfrm_policy_linux.go b/vendor/github.com/vishvananda/netlink/xfrm_policy_linux.go
index c3d4e4222724..fde0c2ca5ad0 100644
--- a/vendor/github.com/vishvananda/netlink/xfrm_policy_linux.go
+++ b/vendor/github.com/vishvananda/netlink/xfrm_policy_linux.go
@@ -1,9 +1,8 @@
 package netlink
 
 import (
-	"syscall"
-
 	"github.com/vishvananda/netlink/nl"
+	"golang.org/x/sys/unix"
 )
 
 func selFromPolicy(sel *nl.XfrmSelector, policy *XfrmPolicy) {
@@ -55,7 +54,7 @@ func (h *Handle) XfrmPolicyUpdate(policy *XfrmPolicy) error {
 }
 
 func (h *Handle) xfrmPolicyAddOrUpdate(policy *XfrmPolicy, nlProto int) error {
-	req := h.newNetlinkRequest(nlProto, syscall.NLM_F_CREATE|syscall.NLM_F_EXCL|syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(nlProto, unix.NLM_F_CREATE|unix.NLM_F_EXCL|unix.NLM_F_ACK)
 
 	msg := &nl.XfrmUserpolicyInfo{}
 	selFromPolicy(&msg.Sel, policy)
@@ -91,7 +90,7 @@ func (h *Handle) xfrmPolicyAddOrUpdate(policy *XfrmPolicy, nlProto int) error {
 		req.AddData(out)
 	}
 
-	_, err := req.Execute(syscall.NETLINK_XFRM, 0)
+	_, err := req.Execute(unix.NETLINK_XFRM, 0)
 	return err
 }
 
@@ -121,12 +120,12 @@ func XfrmPolicyList(family int) ([]XfrmPolicy, error) {
 // Equivalent to: `ip xfrm policy show`.
 // The list can be filtered by ip family.
 func (h *Handle) XfrmPolicyList(family int) ([]XfrmPolicy, error) {
-	req := h.newNetlinkRequest(nl.XFRM_MSG_GETPOLICY, syscall.NLM_F_DUMP)
+	req := h.newNetlinkRequest(nl.XFRM_MSG_GETPOLICY, unix.NLM_F_DUMP)
 
 	msg := nl.NewIfInfomsg(family)
 	req.AddData(msg)
 
-	msgs, err := req.Execute(syscall.NETLINK_XFRM, nl.XFRM_MSG_NEWPOLICY)
+	msgs, err := req.Execute(unix.NETLINK_XFRM, nl.XFRM_MSG_NEWPOLICY)
 	if err != nil {
 		return nil, err
 	}
@@ -165,13 +164,13 @@ func XfrmPolicyFlush() error {
 // XfrmPolicyFlush will flush the policies on the system.
 // Equivalent to: `ip xfrm policy flush`
 func (h *Handle) XfrmPolicyFlush() error {
-	req := h.newNetlinkRequest(nl.XFRM_MSG_FLUSHPOLICY, syscall.NLM_F_ACK)
-	_, err := req.Execute(syscall.NETLINK_XFRM, 0)
+	req := h.newNetlinkRequest(nl.XFRM_MSG_FLUSHPOLICY, unix.NLM_F_ACK)
+	_, err := req.Execute(unix.NETLINK_XFRM, 0)
 	return err
 }
 
 func (h *Handle) xfrmPolicyGetOrDelete(policy *XfrmPolicy, nlProto int) (*XfrmPolicy, error) {
-	req := h.newNetlinkRequest(nlProto, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(nlProto, unix.NLM_F_ACK)
 
 	msg := &nl.XfrmUserpolicyId{}
 	selFromPolicy(&msg.Sel, policy)
@@ -189,7 +188,7 @@ func (h *Handle) xfrmPolicyGetOrDelete(policy *XfrmPolicy, nlProto int) (*XfrmPo
 		resType = 0
 	}
 
-	msgs, err := req.Execute(syscall.NETLINK_XFRM, uint16(resType))
+	msgs, err := req.Execute(unix.NETLINK_XFRM, uint16(resType))
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/github.com/vishvananda/netlink/xfrm_state.go b/vendor/github.com/vishvananda/netlink/xfrm_state.go
index 368a9b986d61..d14740dc55b3 100644
--- a/vendor/github.com/vishvananda/netlink/xfrm_state.go
+++ b/vendor/github.com/vishvananda/netlink/xfrm_state.go
@@ -3,6 +3,7 @@ package netlink
 import (
 	"fmt"
 	"net"
+	"time"
 )
 
 // XfrmStateAlgo represents the algorithm to use for the ipsec encryption.
@@ -67,6 +68,19 @@ type XfrmStateLimits struct {
 	TimeUseHard uint64
 }
 
+// XfrmStateStats represents the current number of bytes/packets
+// processed by this State, the State's installation and first use
+// time and the replay window counters.
+type XfrmStateStats struct {
+	ReplayWindow uint32
+	Replay       uint32
+	Failed       uint32
+	Bytes        uint64
+	Packets      uint64
+	AddTime      uint64
+	UseTime      uint64
+}
+
 // XfrmState represents the state of an ipsec policy. It optionally
 // contains an XfrmStateAlgo for encryption and one for authentication.
 type XfrmState struct {
@@ -78,6 +92,7 @@ type XfrmState struct {
 	Reqid        int
 	ReplayWindow int
 	Limits       XfrmStateLimits
+	Statistics   XfrmStateStats
 	Mark         *XfrmMark
 	Auth         *XfrmStateAlgo
 	Crypt        *XfrmStateAlgo
@@ -94,10 +109,16 @@ func (sa XfrmState) Print(stats bool) string {
 	if !stats {
 		return sa.String()
 	}
-
-	return fmt.Sprintf("%s, ByteSoft: %s, ByteHard: %s, PacketSoft: %s, PacketHard: %s, TimeSoft: %d, TimeHard: %d, TimeUseSoft: %d, TimeUseHard: %d",
+	at := time.Unix(int64(sa.Statistics.AddTime), 0).Format(time.UnixDate)
+	ut := "-"
+	if sa.Statistics.UseTime > 0 {
+		ut = time.Unix(int64(sa.Statistics.UseTime), 0).Format(time.UnixDate)
+	}
+	return fmt.Sprintf("%s, ByteSoft: %s, ByteHard: %s, PacketSoft: %s, PacketHard: %s, TimeSoft: %d, TimeHard: %d, TimeUseSoft: %d, TimeUseHard: %d, Bytes: %d, Packets: %d, "+
+		"AddTime: %s, UseTime: %s, ReplayWindow: %d, Replay: %d, Failed: %d",
 		sa.String(), printLimit(sa.Limits.ByteSoft), printLimit(sa.Limits.ByteHard), printLimit(sa.Limits.PacketSoft), printLimit(sa.Limits.PacketHard),
-		sa.Limits.TimeSoft, sa.Limits.TimeHard, sa.Limits.TimeUseSoft, sa.Limits.TimeUseHard)
+		sa.Limits.TimeSoft, sa.Limits.TimeHard, sa.Limits.TimeUseSoft, sa.Limits.TimeUseHard, sa.Statistics.Bytes, sa.Statistics.Packets, at, ut,
+		sa.Statistics.ReplayWindow, sa.Statistics.Replay, sa.Statistics.Failed)
 }
 
 func printLimit(lmt uint64) string {
diff --git a/vendor/github.com/vishvananda/netlink/xfrm_state_linux.go b/vendor/github.com/vishvananda/netlink/xfrm_state_linux.go
index 6a7bc0deca24..7fc92900c058 100644
--- a/vendor/github.com/vishvananda/netlink/xfrm_state_linux.go
+++ b/vendor/github.com/vishvananda/netlink/xfrm_state_linux.go
@@ -2,10 +2,10 @@ package netlink
 
 import (
 	"fmt"
-	"syscall"
 	"unsafe"
 
 	"github.com/vishvananda/netlink/nl"
+	"golang.org/x/sys/unix"
 )
 
 func writeStateAlgo(a *XfrmStateAlgo) []byte {
@@ -111,7 +111,7 @@ func (h *Handle) xfrmStateAddOrUpdate(state *XfrmState, nlProto int) error {
 	if state.Spi == 0 {
 		return fmt.Errorf("Spi must be set when adding xfrm state.")
 	}
-	req := h.newNetlinkRequest(nlProto, syscall.NLM_F_CREATE|syscall.NLM_F_EXCL|syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(nlProto, unix.NLM_F_CREATE|unix.NLM_F_EXCL|unix.NLM_F_ACK)
 
 	msg := xfrmUsersaInfoFromXfrmState(state)
 
@@ -157,13 +157,13 @@ func (h *Handle) xfrmStateAddOrUpdate(state *XfrmState, nlProto int) error {
 		req.AddData(out)
 	}
 
-	_, err := req.Execute(syscall.NETLINK_XFRM, 0)
+	_, err := req.Execute(unix.NETLINK_XFRM, 0)
 	return err
 }
 
 func (h *Handle) xfrmStateAllocSpi(state *XfrmState) (*XfrmState, error) {
 	req := h.newNetlinkRequest(nl.XFRM_MSG_ALLOCSPI,
-		syscall.NLM_F_CREATE|syscall.NLM_F_EXCL|syscall.NLM_F_ACK)
+		unix.NLM_F_CREATE|unix.NLM_F_EXCL|unix.NLM_F_ACK)
 
 	msg := &nl.XfrmUserSpiInfo{}
 	msg.XfrmUsersaInfo = *(xfrmUsersaInfoFromXfrmState(state))
@@ -177,7 +177,7 @@ func (h *Handle) xfrmStateAllocSpi(state *XfrmState) (*XfrmState, error) {
 		req.AddData(out)
 	}
 
-	msgs, err := req.Execute(syscall.NETLINK_XFRM, 0)
+	msgs, err := req.Execute(unix.NETLINK_XFRM, 0)
 	if err != nil {
 		return nil, err
 	}
@@ -216,9 +216,9 @@ func XfrmStateList(family int) ([]XfrmState, error) {
 // Equivalent to: `ip xfrm state show`.
 // The list can be filtered by ip family.
 func (h *Handle) XfrmStateList(family int) ([]XfrmState, error) {
-	req := h.newNetlinkRequest(nl.XFRM_MSG_GETSA, syscall.NLM_F_DUMP)
+	req := h.newNetlinkRequest(nl.XFRM_MSG_GETSA, unix.NLM_F_DUMP)
 
-	msgs, err := req.Execute(syscall.NETLINK_XFRM, nl.XFRM_MSG_NEWSA)
+	msgs, err := req.Execute(unix.NETLINK_XFRM, nl.XFRM_MSG_NEWSA)
 	if err != nil {
 		return nil, err
 	}
@@ -255,7 +255,7 @@ func (h *Handle) XfrmStateGet(state *XfrmState) (*XfrmState, error) {
 }
 
 func (h *Handle) xfrmStateGetOrDelete(state *XfrmState, nlProto int) (*XfrmState, error) {
-	req := h.newNetlinkRequest(nlProto, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(nlProto, unix.NLM_F_ACK)
 
 	msg := &nl.XfrmUsersaId{}
 	msg.Family = uint16(nl.GetIPFamily(state.Dst))
@@ -278,7 +278,7 @@ func (h *Handle) xfrmStateGetOrDelete(state *XfrmState, nlProto int) (*XfrmState
 		resType = 0
 	}
 
-	msgs, err := req.Execute(syscall.NETLINK_XFRM, uint16(resType))
+	msgs, err := req.Execute(unix.NETLINK_XFRM, uint16(resType))
 	if err != nil {
 		return nil, err
 	}
@@ -308,6 +308,7 @@ func xfrmStateFromXfrmUsersaInfo(msg *nl.XfrmUsersaInfo) *XfrmState {
 	state.Reqid = int(msg.Reqid)
 	state.ReplayWindow = int(msg.ReplayWindow)
 	lftToLimits(&msg.Lft, &state.Limits)
+	curToStats(&msg.Curlft, &msg.Stats, &state.Statistics)
 
 	return &state
 }
@@ -386,11 +387,11 @@ func XfrmStateFlush(proto Proto) error {
 // proto = 0 means any transformation protocols
 // Equivalent to: `ip xfrm state flush [ proto XFRM-PROTO ]`
 func (h *Handle) XfrmStateFlush(proto Proto) error {
-	req := h.newNetlinkRequest(nl.XFRM_MSG_FLUSHSA, syscall.NLM_F_ACK)
+	req := h.newNetlinkRequest(nl.XFRM_MSG_FLUSHSA, unix.NLM_F_ACK)
 
 	req.AddData(&nl.XfrmUsersaFlush{Proto: uint8(proto)})
 
-	_, err := req.Execute(syscall.NETLINK_XFRM, 0)
+	_, err := req.Execute(unix.NETLINK_XFRM, 0)
 	if err != nil {
 		return err
 	}
@@ -429,6 +430,16 @@ func lftToLimits(lft *nl.XfrmLifetimeCfg, lmts *XfrmStateLimits) {
 	*lmts = *(*XfrmStateLimits)(unsafe.Pointer(lft))
 }
 
+func curToStats(cur *nl.XfrmLifetimeCur, wstats *nl.XfrmStats, stats *XfrmStateStats) {
+	stats.Bytes = cur.Bytes
+	stats.Packets = cur.Packets
+	stats.AddTime = cur.AddTime
+	stats.UseTime = cur.UseTime
+	stats.ReplayWindow = wstats.ReplayWindow
+	stats.Replay = wstats.Replay
+	stats.Failed = wstats.IntegrityFailed
+}
+
 func xfrmUsersaInfoFromXfrmState(state *XfrmState) *nl.XfrmUsersaInfo {
 	msg := &nl.XfrmUsersaInfo{}
 	msg.Family = uint16(nl.GetIPFamily(state.Dst))
diff --git a/vendor/github.com/vishvananda/netns/netns_linux.go b/vendor/github.com/vishvananda/netns/netns_linux.go
index a267c7105954..34af6e28b309 100644
--- a/vendor/github.com/vishvananda/netns/netns_linux.go
+++ b/vendor/github.com/vishvananda/netns/netns_linux.go
@@ -188,6 +188,8 @@ func getPidForContainer(id string) (int, error) {
 		filepath.Join(cgroupRoot, "system.slice", "docker-"+id+".scope", "tasks"),
 		// Even more recent docker versions under cgroup/systemd/docker/<id>/
 		filepath.Join(cgroupRoot, "..", "systemd", "docker", id, "tasks"),
+		// Kubernetes with docker and CNI is even more different
+		filepath.Join(cgroupRoot, "..", "systemd", "kubepods", "*", "pod*", id, "tasks"),
 	}
 
 	var filename string
diff --git a/vendor/github.com/vmware/govmomi/.drone.sec b/vendor/github.com/vmware/govmomi/.drone.sec
deleted file mode 100644
index ad52e59ac874..000000000000
--- a/vendor/github.com/vmware/govmomi/.drone.sec
+++ /dev/null
@@ -1 +0,0 @@
-eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkExMjhHQ00ifQ.kK6pryC8R-O1R0Gj9ydLvQuIZlcYLGze23WdW7xbpiEEKdz6nweJrMm7ysy8lgu1tM47JVo19p2_b26bNKSQshCUOETvd7Hb2UMZOjnyUnqdyAAyoi6UkIquXfUUbHTNS0iMxwSxxW9KMp2GXNq8-o6T8xQZTDirBJFKKd8ZNUasTaoa5j8U9IfdR1aCavTBuOhvk8IVs-jSbY5TVJMJiE0IOPXois7aRJ6uAiANQBk9VKLegEcZD_qAewecXHDsHi-u0jbmg3o3PPaJaK_Qv5dsPlR2M-E2kE3AGUn0-zn5zYRngoAZ8WZr2O4GvLdltJKq9i2z7jOrdOzzRcDRow.96qvwl_E1Hj15u7Q.hWs-jQ8FsqQFD7pE9N-UEP1BWQ9rsJIcCaPvQRIp8Fukm_vvlw9YEaEq0ERLrsUWsJWpd1ca8_h8x7xD6f_d5YppwRqRHIeGIsdBOTMhNs0lG8ikkQXLat-UroCpy8EC17nuUtDE2E2Kdxrk4Cdd6Bk-dKk0Ta4w3Ud0YBKa.P8zrO7xizgv0i98eVWWzEg
\ No newline at end of file
diff --git a/vendor/github.com/vmware/govmomi/.drone.yml b/vendor/github.com/vmware/govmomi/.drone.yml
deleted file mode 100644
index dee4bf5b389d..000000000000
--- a/vendor/github.com/vmware/govmomi/.drone.yml
+++ /dev/null
@@ -1,17 +0,0 @@
-clone:
-  tags: true
-  path: github.com/vmware/govmomi
-build:
-  image: golang:1.7
-  pull: true
-  environment:
-    - GOVC_TEST_URL=$$GOVC_TEST_URL
-    - GOVC_INSECURE=1
-    - VCA=1
-  commands:
-    - make all install
-    - git clone https://github.com/sstephenson/bats.git /tmp/bats
-    - /tmp/bats/install.sh /usr/local
-    - apt-get -qq update && apt-get install -yqq uuid-runtime bsdmainutils jq
-    - govc/test/images/update.sh
-    - bats govc/test
diff --git a/vendor/github.com/vmware/govmomi/.mailmap b/vendor/github.com/vmware/govmomi/.mailmap
index 31a0bd55aadd..c0e235c57838 100644
--- a/vendor/github.com/vmware/govmomi/.mailmap
+++ b/vendor/github.com/vmware/govmomi/.mailmap
@@ -13,4 +13,7 @@ Pieter Noordhuis <pnoordhuis@vmware.com> <pcnoordhuis@gmail.com>
 Takaaki Furukawa <takaaki.frkw@gmail.com> takaaki.furukawa <takaaki.furukawa@mail.rakuten.com>
 Takaaki Furukawa <takaaki.frkw@gmail.com> tkak <takaaki.frkw@gmail.com>
 Vadim Egorov <vegorov@vmware.com> <egorovv@gmail.com>
+Anfernee Yongkun Gui <agui@vmware.com> <anfernee.gui@gmail.com>
+Anfernee Yongkun Gui <agui@vmware.com> Yongkun Anfernee Gui <agui@vmware.com>
+Zach Tucker <ztucker@vmware.com> <jzt@users.noreply.github.com>
 Zee Yang <zeey@vmware.com> <zee.yang@gmail.com>
diff --git a/vendor/github.com/vmware/govmomi/.travis.yml b/vendor/github.com/vmware/govmomi/.travis.yml
index a7fba0350b8e..773ef660927a 100644
--- a/vendor/github.com/vmware/govmomi/.travis.yml
+++ b/vendor/github.com/vmware/govmomi/.travis.yml
@@ -3,10 +3,11 @@ sudo: false
 language: go
 
 go:
-   - 1.7
+   - 1.8
 
 before_install:
   - make vendor
 
 script:
   - make check test
+  - GOOS=windows make install
diff --git a/vendor/github.com/vmware/govmomi/CHANGELOG.md b/vendor/github.com/vmware/govmomi/CHANGELOG.md
index ea4dd68db020..42c7cc113bb5 100644
--- a/vendor/github.com/vmware/govmomi/CHANGELOG.md
+++ b/vendor/github.com/vmware/govmomi/CHANGELOG.md
@@ -1,5 +1,36 @@
 # changelog
 
+### 0.16.0 (2017-11-08)
+
+* Add support for SOAP request operation ID header
+
+* Moved ovf helpers from govc import.ovf command to ovf and nfc packages
+
+* Added guest/toolbox (client) package
+
+* Added toolbox package and toolbox command
+
+* Added simulator package and vcsim command
+
+### 0.15.0 (2017-06-19)
+
+* WaitOptions.MaxWaitSeconds is now optional
+
+* Support removal of ExtraConfig entries
+
+* GuestPosixFileAttributes OwnerId and GroupId fields are now pointers,
+  rather than omitempty ints to allow chown with root uid:gid
+
+* Updated examples/ using view package
+
+* Add DatastoreFile.TailFunc method
+
+* Export VirtualMachine.FindSnapshot method
+
+* Add AuthorizationManager {Enable,Disable}Methods
+
+* Add PBM client
+
 ### 0.14.0 (2017-04-08)
 
 * Add view.ContainerView type and methods
diff --git a/vendor/github.com/vmware/govmomi/CONTRIBUTING.md b/vendor/github.com/vmware/govmomi/CONTRIBUTING.md
index f87c60610297..f6645cbf4f10 100644
--- a/vendor/github.com/vmware/govmomi/CONTRIBUTING.md
+++ b/vendor/github.com/vmware/govmomi/CONTRIBUTING.md
@@ -17,6 +17,16 @@ git remote add $USER git@github.com:$USER/govmomi.git
 git fetch $USER
 ```
 
+## Installing from source
+
+Compile the govmomi libraries and install govc using:
+
+``` shell
+go install -v github.com/vmware/govmomi/govc
+```
+
+Note that **govc/build.sh** is only used for building release binaries.
+
 ## Contribution flow
 
 This is a rough outline of what a contributor's workflow looks like:
diff --git a/vendor/github.com/vmware/govmomi/CONTRIBUTORS b/vendor/github.com/vmware/govmomi/CONTRIBUTORS
index 6afdb9f56f01..c37dc9398498 100644
--- a/vendor/github.com/vmware/govmomi/CONTRIBUTORS
+++ b/vendor/github.com/vmware/govmomi/CONTRIBUTORS
@@ -3,12 +3,20 @@
 # This script is generated by contributors.sh
 #
 
+Abhijeet Kasurde <akasurde@redhat.com>
 abrarshivani <abrarshivani@users.noreply.github.com>
+Adam Shannon <adamkshannon@gmail.com>
 Alvaro Miranda <kikitux@gmail.com>
+amandahla <amanda.andrade@serpro.gov.br>
 Amit Bathla <abathla@.vmware.com>
+amit bezalel <amit.bezalel@hpe.com>
 Andrew Chin <andrew@andrewtchin.com>
+Anfernee Yongkun Gui <agui@vmware.com>
+aniketGslab <aniket.shinde@gslab.com>
 Arran Walker <arran.walker@zopa.com>
+Aryeh Weinreb <aryehweinreb@gmail.com>
 Austin Parker <aparker@apprenda.com>
+Balu Dontu <bdontu@vmware.com>
 bastienbc <bastien.barbe.creuly@gmail.com>
 Bob Killen <killen.bob@gmail.com>
 Brad Fitzpatrick <bradfitz@golang.org>
@@ -35,8 +43,10 @@ gthombare <gthombare@vmware.com>
 Hasan Mahmood <mahmoodh@vmware.com>
 Henrik Hodne <henrik@travis-ci.com>
 Isaac Rodman <isaac@eyz.us>
+Ivan Porto Carrero <icarrero@vmware.com>
 Jason Kincl <jkincl@gmail.com>
 Jeremy Canady <jcanady@jackhenry.com>
+João Pereira <joaodrp@gmail.com>
 Louie Jiang <jiangl@vmware.com>
 Marc Carmier <mcarmier@gmail.com>
 Mevan Samaratunga <mevansam@gmail.com>
@@ -47,7 +57,9 @@ S.Çağlar Onur <conur@vmware.com>
 Sergey Ignatov <sergey.ignatov@jetbrains.com>
 Steve Purcell <steve@sanityinc.com>
 Takaaki Furukawa <takaaki.frkw@gmail.com>
+tanishi <tanishi503@gmail.com>
 Ted Zlatanov <tzz@lifelogs.com>
+Thibaut Ackermann <thibaut.ackermann@alcatel-lucent.com>
 Vadim Egorov <vegorov@vmware.com>
 Yang Yang <yangy@vmware.com>
 Yuya Kusakabe <yuya.kusakabe@gmail.com>
diff --git a/vendor/github.com/vmware/govmomi/Makefile b/vendor/github.com/vmware/govmomi/Makefile
index cbaa36249948..e0e03ecd3f5f 100644
--- a/vendor/github.com/vmware/govmomi/Makefile
+++ b/vendor/github.com/vmware/govmomi/Makefile
@@ -11,13 +11,19 @@ goimports:
 
 govet:
 	@echo checking go vet...
-	@go tool vet -structtags=false -methods=false .
-
-test:
-	go test -v $(TEST_OPTS) ./...
+	@go tool vet -structtags=false -methods=false $$(find . -mindepth 1 -maxdepth 1 -type d -not -name vendor)
 
 install:
-	go install github.com/vmware/govmomi/govc
+	go install -v github.com/vmware/govmomi/govc
+	go install -v github.com/vmware/govmomi/vcsim
+
+go-test:
+	go test -race -v $(TEST_OPTS) ./...
+
+govc-test: install
+	(cd govc/test && ./vendor/github.com/sstephenson/bats/libexec/bats -t .)
+
+test: go-test govc-test
 
 doc: install
 	./govc/usage.sh > ./govc/USAGE.md
diff --git a/vendor/github.com/vmware/govmomi/README.md b/vendor/github.com/vmware/govmomi/README.md
index 7ebdf1b17c89..02901ea4fba2 100644
--- a/vendor/github.com/vmware/govmomi/README.md
+++ b/vendor/github.com/vmware/govmomi/README.md
@@ -5,14 +5,19 @@
 
 A Go library for interacting with VMware vSphere APIs (ESXi and/or vCenter).
 
-For `govc`, a CLI built on top of govmomi, check out the [govc](./govc) directory and [USAGE](./govc/USAGE.md) document.
+In addition to the vSphere API client, this repository includes:
+
+* [govc](./govc) - vSphere CLI
+
+* [vcsim](./vcsim) - vSphere API mock framework
+
+* [toolbox](./toolbox) - VM guest tools framework
 
 ## Compatibility
 
-This library is built for and tested against ESXi and vCenter 5.5, 6.0 and 6.5.
+This library is built for and tested against ESXi and vCenter 6.0 and 6.5.
 
-If you're able to use it against older versions of ESXi and/or vCenter, please
-leave a note and we'll include it in this compatibility list.
+It should work with versions 5.5 and 5.1, but neither are officially supported.
 
 ## Documentation
 
@@ -23,19 +28,14 @@ The code in the `govmomi` package is a wrapper for the code that is generated fr
 It primarily provides convenience functions for working with the vSphere API.
 See [godoc.org][godoc] for documentation.
 
-[apiref]:http://pubs.vmware.com/vsphere-60/index.jsp#com.vmware.wssdk.apiref.doc/right-pane.html
+[apiref]:http://pubs.vmware.com/vsphere-6-5/index.jsp#com.vmware.wssdk.apiref.doc/right-pane.html
 [godoc]:http://godoc.org/github.com/vmware/govmomi
-[drone]:https://drone.io
-[dronesrc]:https://github.com/drone/drone
-[dronecli]:http://readme.drone.io/devs/cli/
 
-#### Building with CI
-Merges to this repository will trigger builds in both Travis and [Drone][drone].
+## Installation
 
-To build locally with Drone:
-- Ensure that you have Docker 1.6 or higher installed.
-- Install the [Drone command line tools][dronecli].
-- Run `drone exec` from within the root directory of the govmomi repository.
+```sh
+go get -u github.com/vmware/govmomi
+```
 
 ## Discussion
 
@@ -53,9 +53,17 @@ Refer to the [CHANGELOG](CHANGELOG.md) for version to version changes.
 
 * [Docker Machine](https://github.com/docker/machine/tree/master/drivers/vmwarevsphere)
 
+* [Docker InfraKit](https://github.com/docker/infrakit/tree/master/pkg/provider/vsphere)
+
+* [Docker LinuxKit](https://github.com/linuxkit/linuxkit/tree/master/src/cmd/linuxkit)
+
 * [Kubernetes](https://github.com/kubernetes/kubernetes/tree/master/pkg/cloudprovider/providers/vsphere)
 
-* [Terraform](https://github.com/hashicorp/terraform/tree/master/builtin/providers/vsphere)
+* [Kubernetes kops](https://github.com/kubernetes/kops/tree/master/upup/pkg/fi/cloudup/vsphere)
+
+* [Terraform](https://github.com/terraform-providers/terraform-provider-vsphere)
+
+* [Packer](https://github.com/jetbrains-infra/packer-builder-vsphere)
 
 * [VMware VIC Engine](https://github.com/vmware/vic)
 
diff --git a/vendor/github.com/vmware/govmomi/find/finder.go b/vendor/github.com/vmware/govmomi/find/finder.go
index 04d0e891a9b1..2e9727e48447 100644
--- a/vendor/github.com/vmware/govmomi/find/finder.go
+++ b/vendor/github.com/vmware/govmomi/find/finder.go
@@ -625,6 +625,15 @@ func (f *Finder) ClusterComputeResourceList(ctx context.Context, path string) ([
 	return ccrs, nil
 }
 
+func (f *Finder) DefaultClusterComputeResource(ctx context.Context) (*object.ClusterComputeResource, error) {
+	cr, err := f.ClusterComputeResource(ctx, "*")
+	if err != nil {
+		return nil, toDefaultError(err)
+	}
+
+	return cr, nil
+}
+
 func (f *Finder) ClusterComputeResource(ctx context.Context, path string) (*object.ClusterComputeResource, error) {
 	ccrs, err := f.ClusterComputeResourceList(ctx, path)
 	if err != nil {
@@ -638,6 +647,18 @@ func (f *Finder) ClusterComputeResource(ctx context.Context, path string) (*obje
 	return ccrs[0], nil
 }
 
+func (f *Finder) ClusterComputeResourceOrDefault(ctx context.Context, path string) (*object.ClusterComputeResource, error) {
+	if path != "" {
+		cr, err := f.ClusterComputeResource(ctx, path)
+		if err != nil {
+			return nil, err
+		}
+		return cr, nil
+	}
+
+	return f.DefaultClusterComputeResource(ctx)
+}
+
 func (f *Finder) HostSystemList(ctx context.Context, path string) ([]*object.HostSystem, error) {
 	s := &spec{
 		Relative: f.hostFolder,
diff --git a/vendor/github.com/vmware/govmomi/find/recurser.go b/vendor/github.com/vmware/govmomi/find/recurser.go
index b62e93a6f827..80d958a264f4 100644
--- a/vendor/github.com/vmware/govmomi/find/recurser.go
+++ b/vendor/github.com/vmware/govmomi/find/recurser.go
@@ -20,6 +20,7 @@ import (
 	"context"
 	"os"
 	"path"
+	"strings"
 
 	"github.com/vmware/govmomi/list"
 	"github.com/vmware/govmomi/object"
@@ -177,6 +178,7 @@ func (r recurser) List(ctx context.Context, s *spec, root list.Element, parts []
 		return in, nil
 	}
 
+	all := parts
 	pattern := parts[0]
 	parts = parts[1:]
 
@@ -188,6 +190,12 @@ func (r recurser) List(ctx context.Context, s *spec, root list.Element, parts []
 		}
 
 		if !matched {
+			matched = strings.HasSuffix(e.Path, "/"+path.Join(all...))
+			if matched {
+				// name contains a '/'
+				out = append(out, e)
+			}
+
 			continue
 		}
 
diff --git a/vendor/github.com/vmware/govmomi/nfc/lease.go b/vendor/github.com/vmware/govmomi/nfc/lease.go
new file mode 100644
index 000000000000..3fb85ee6f6e1
--- /dev/null
+++ b/vendor/github.com/vmware/govmomi/nfc/lease.go
@@ -0,0 +1,238 @@
+/*
+Copyright (c) 2015-2017 VMware, Inc. All Rights Reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package nfc
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"io"
+	"path"
+
+	"github.com/vmware/govmomi/property"
+	"github.com/vmware/govmomi/vim25"
+	"github.com/vmware/govmomi/vim25/methods"
+	"github.com/vmware/govmomi/vim25/mo"
+	"github.com/vmware/govmomi/vim25/progress"
+	"github.com/vmware/govmomi/vim25/soap"
+	"github.com/vmware/govmomi/vim25/types"
+)
+
+type Lease struct {
+	types.ManagedObjectReference
+
+	c *vim25.Client
+}
+
+func NewLease(c *vim25.Client, ref types.ManagedObjectReference) *Lease {
+	return &Lease{ref, c}
+}
+
+// Abort wraps methods.Abort
+func (l *Lease) Abort(ctx context.Context, fault *types.LocalizedMethodFault) error {
+	req := types.HttpNfcLeaseAbort{
+		This:  l.Reference(),
+		Fault: fault,
+	}
+
+	_, err := methods.HttpNfcLeaseAbort(ctx, l.c, &req)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// Complete wraps methods.Complete
+func (l *Lease) Complete(ctx context.Context) error {
+	req := types.HttpNfcLeaseComplete{
+		This: l.Reference(),
+	}
+
+	_, err := methods.HttpNfcLeaseComplete(ctx, l.c, &req)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// GetManifest wraps methods.GetManifest
+func (l *Lease) GetManifest(ctx context.Context) error {
+	req := types.HttpNfcLeaseGetManifest{
+		This: l.Reference(),
+	}
+
+	_, err := methods.HttpNfcLeaseGetManifest(ctx, l.c, &req)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// Progress wraps methods.Progress
+func (l *Lease) Progress(ctx context.Context, percent int32) error {
+	req := types.HttpNfcLeaseProgress{
+		This:    l.Reference(),
+		Percent: percent,
+	}
+
+	_, err := methods.HttpNfcLeaseProgress(ctx, l.c, &req)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+type LeaseInfo struct {
+	types.HttpNfcLeaseInfo
+
+	Items []FileItem
+}
+
+func (l *Lease) newLeaseInfo(li *types.HttpNfcLeaseInfo, items []types.OvfFileItem) (*LeaseInfo, error) {
+	info := &LeaseInfo{
+		HttpNfcLeaseInfo: *li,
+	}
+
+	for _, device := range li.DeviceUrl {
+		u, err := l.c.ParseURL(device.Url)
+		if err != nil {
+			return nil, err
+		}
+
+		if device.SslThumbprint != "" {
+			// TODO: prefer host management IP
+			l.c.SetThumbprint(u.Host, device.SslThumbprint)
+		}
+
+		if len(items) == 0 {
+			// this is an export
+			item := types.OvfFileItem{
+				DeviceId: device.Key,
+				Path:     device.TargetId,
+				Size:     device.FileSize,
+			}
+
+			if item.Size == 0 {
+				item.Size = li.TotalDiskCapacityInKB * 1024
+			}
+
+			if item.Path == "" {
+				item.Path = path.Base(device.Url)
+			}
+
+			info.Items = append(info.Items, NewFileItem(u, item))
+
+			continue
+		}
+
+		// this is an import
+		for _, item := range items {
+			if device.ImportKey == item.DeviceId {
+				info.Items = append(info.Items, NewFileItem(u, item))
+				break
+			}
+		}
+	}
+
+	return info, nil
+}
+
+func (l *Lease) Wait(ctx context.Context, items []types.OvfFileItem) (*LeaseInfo, error) {
+	var lease mo.HttpNfcLease
+
+	pc := property.DefaultCollector(l.c)
+	err := property.Wait(ctx, pc, l.Reference(), []string{"state", "info", "error"}, func(pc []types.PropertyChange) bool {
+		done := false
+
+		for _, c := range pc {
+			if c.Val == nil {
+				continue
+			}
+
+			switch c.Name {
+			case "error":
+				val := c.Val.(types.LocalizedMethodFault)
+				lease.Error = &val
+				done = true
+			case "info":
+				val := c.Val.(types.HttpNfcLeaseInfo)
+				lease.Info = &val
+			case "state":
+				lease.State = c.Val.(types.HttpNfcLeaseState)
+				if lease.State != types.HttpNfcLeaseStateInitializing {
+					done = true
+				}
+			}
+		}
+
+		return done
+	})
+
+	if err != nil {
+		return nil, err
+	}
+
+	if lease.State == types.HttpNfcLeaseStateReady {
+		return l.newLeaseInfo(lease.Info, items)
+	}
+
+	if lease.Error != nil {
+		return nil, errors.New(lease.Error.LocalizedMessage)
+	}
+
+	return nil, fmt.Errorf("unexpected nfc lease state: %s", lease.State)
+}
+
+func (l *Lease) StartUpdater(ctx context.Context, info *LeaseInfo) *LeaseUpdater {
+	return newLeaseUpdater(ctx, l, info)
+}
+
+func (l *Lease) Upload(ctx context.Context, item FileItem, f io.Reader, opts soap.Upload) error {
+	if opts.Progress == nil {
+		opts.Progress = item
+	} else {
+		opts.Progress = progress.Tee(item, opts.Progress)
+	}
+
+	// Non-disk files (such as .iso) use the PUT method.
+	// Overwrite: t header is also required in this case (ovftool does the same)
+	if item.Create {
+		opts.Method = "PUT"
+		opts.Headers = map[string]string{
+			"Overwrite": "t",
+		}
+	} else {
+		opts.Method = "POST"
+		opts.Type = "application/x-vnd.vmware-streamVmdk"
+	}
+
+	return l.c.Upload(ctx, f, item.URL, &opts)
+}
+
+func (l *Lease) DownloadFile(ctx context.Context, file string, item FileItem, opts soap.Download) error {
+	if opts.Progress == nil {
+		opts.Progress = item
+	} else {
+		opts.Progress = progress.Tee(item, opts.Progress)
+	}
+
+	return l.c.DownloadFile(ctx, file, item.URL, &opts)
+}
diff --git a/vendor/github.com/vmware/govmomi/nfc/lease_updater.go b/vendor/github.com/vmware/govmomi/nfc/lease_updater.go
new file mode 100644
index 000000000000..d3face81a4c4
--- /dev/null
+++ b/vendor/github.com/vmware/govmomi/nfc/lease_updater.go
@@ -0,0 +1,146 @@
+/*
+Copyright (c) 2014-2015 VMware, Inc. All Rights Reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package nfc
+
+import (
+	"context"
+	"log"
+	"net/url"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"github.com/vmware/govmomi/vim25/progress"
+	"github.com/vmware/govmomi/vim25/types"
+)
+
+type FileItem struct {
+	types.OvfFileItem
+	URL *url.URL
+
+	ch chan progress.Report
+}
+
+func NewFileItem(u *url.URL, item types.OvfFileItem) FileItem {
+	return FileItem{
+		OvfFileItem: item,
+		URL:         u,
+		ch:          make(chan progress.Report),
+	}
+}
+
+func (o FileItem) Sink() chan<- progress.Report {
+	return o.ch
+}
+
+// File converts the FileItem.OvfFileItem to an OvfFile
+func (o FileItem) File() types.OvfFile {
+	return types.OvfFile{
+		DeviceId: o.DeviceId,
+		Path:     o.Path,
+		Size:     o.Size,
+	}
+}
+
+type LeaseUpdater struct {
+	lease *Lease
+
+	pos   int64 // Number of bytes
+	total int64 // Total number of bytes
+
+	done chan struct{} // When lease updater should stop
+
+	wg sync.WaitGroup // Track when update loop is done
+}
+
+func newLeaseUpdater(ctx context.Context, lease *Lease, info *LeaseInfo) *LeaseUpdater {
+	l := LeaseUpdater{
+		lease: lease,
+
+		done: make(chan struct{}),
+	}
+
+	for _, item := range info.Items {
+		l.total += item.Size
+		go l.waitForProgress(item)
+	}
+
+	// Kickstart update loop
+	l.wg.Add(1)
+	go l.run()
+
+	return &l
+}
+
+func (l *LeaseUpdater) waitForProgress(item FileItem) {
+	var pos, total int64
+
+	total = item.Size
+
+	for {
+		select {
+		case <-l.done:
+			return
+		case p, ok := <-item.ch:
+			// Return in case of error
+			if ok && p.Error() != nil {
+				return
+			}
+
+			if !ok {
+				// Last element on the channel, add to total
+				atomic.AddInt64(&l.pos, total-pos)
+				return
+			}
+
+			// Approximate progress in number of bytes
+			x := int64(float32(total) * (p.Percentage() / 100.0))
+			atomic.AddInt64(&l.pos, x-pos)
+			pos = x
+		}
+	}
+}
+
+func (l *LeaseUpdater) run() {
+	defer l.wg.Done()
+
+	tick := time.NewTicker(2 * time.Second)
+	defer tick.Stop()
+
+	for {
+		select {
+		case <-l.done:
+			return
+		case <-tick.C:
+			// From the vim api HttpNfcLeaseProgress(percent) doc, percent ==
+			// "Completion status represented as an integer in the 0-100 range."
+			// Always report the current value of percent, as it will renew the
+			// lease even if the value hasn't changed or is 0.
+			percent := int32(float32(100*atomic.LoadInt64(&l.pos)) / float32(l.total))
+			err := l.lease.Progress(context.TODO(), percent)
+			if err != nil {
+				log.Printf("NFC lease progress: %s", err)
+				return
+			}
+		}
+	}
+}
+
+func (l *LeaseUpdater) Done() {
+	close(l.done)
+	l.wg.Wait()
+}
diff --git a/vendor/github.com/vmware/govmomi/object/cluster_compute_resource.go b/vendor/github.com/vmware/govmomi/object/cluster_compute_resource.go
index 225f41b6d19c..c9fe3aa035b1 100644
--- a/vendor/github.com/vmware/govmomi/object/cluster_compute_resource.go
+++ b/vendor/github.com/vmware/govmomi/object/cluster_compute_resource.go
@@ -21,6 +21,7 @@ import (
 
 	"github.com/vmware/govmomi/vim25"
 	"github.com/vmware/govmomi/vim25/methods"
+	"github.com/vmware/govmomi/vim25/mo"
 	"github.com/vmware/govmomi/vim25/types"
 )
 
@@ -34,19 +35,15 @@ func NewClusterComputeResource(c *vim25.Client, ref types.ManagedObjectReference
 	}
 }
 
-func (c ClusterComputeResource) ReconfigureCluster(ctx context.Context, spec types.ClusterConfigSpec) (*Task, error) {
-	req := types.ReconfigureCluster_Task{
-		This:   c.Reference(),
-		Spec:   spec,
-		Modify: true,
-	}
+func (c ClusterComputeResource) Configuration(ctx context.Context) (*types.ClusterConfigInfoEx, error) {
+	var obj mo.ClusterComputeResource
 
-	res, err := methods.ReconfigureCluster_Task(ctx, c.c, &req)
+	err := c.Properties(ctx, c.Reference(), []string{"configurationEx"}, &obj)
 	if err != nil {
 		return nil, err
 	}
 
-	return NewTask(c.c, res.Returnval), nil
+	return obj.ConfigurationEx.(*types.ClusterConfigInfoEx), nil
 }
 
 func (c ClusterComputeResource) AddHost(ctx context.Context, spec types.HostConnectSpec, asConnected bool, license *string, resourcePool *types.ManagedObjectReference) (*Task, error) {
@@ -71,16 +68,3 @@ func (c ClusterComputeResource) AddHost(ctx context.Context, spec types.HostConn
 
 	return NewTask(c.c, res.Returnval), nil
 }
-
-func (c ClusterComputeResource) Destroy(ctx context.Context) (*Task, error) {
-	req := types.Destroy_Task{
-		This: c.Reference(),
-	}
-
-	res, err := methods.Destroy_Task(ctx, c.c, &req)
-	if err != nil {
-		return nil, err
-	}
-
-	return NewTask(c.c, res.Returnval), nil
-}
diff --git a/vendor/github.com/vmware/govmomi/object/common.go b/vendor/github.com/vmware/govmomi/object/common.go
index 52feeed6503e..dfeee4a365ed 100644
--- a/vendor/github.com/vmware/govmomi/object/common.go
+++ b/vendor/github.com/vmware/govmomi/object/common.go
@@ -80,17 +80,24 @@ func (c *Common) SetInventoryPath(p string) {
 func (c Common) ObjectName(ctx context.Context) (string, error) {
 	var o mo.ManagedEntity
 
-	name := c.Name()
-	if name != "" {
-		return name, nil
+	err := c.Properties(ctx, c.Reference(), []string{"name"}, &o)
+	if err != nil {
+		return "", err
 	}
 
-	err := c.Properties(ctx, c.Reference(), []string{"name"}, &o)
+	if o.Name != "" {
+		return o.Name, nil
+	}
+
+	// Network has its own "name" field...
+	var n mo.Network
+
+	err = c.Properties(ctx, c.Reference(), []string{"name"}, &n)
 	if err != nil {
 		return "", err
 	}
 
-	return o.Name, nil
+	return n.Name, nil
 }
 
 func (c Common) Properties(ctx context.Context, r types.ManagedObjectReference, ps []string, dst interface{}) error {
diff --git a/vendor/github.com/vmware/govmomi/object/compute_resource.go b/vendor/github.com/vmware/govmomi/object/compute_resource.go
index ac1c73019fcd..7645fddaf313 100644
--- a/vendor/github.com/vmware/govmomi/object/compute_resource.go
+++ b/vendor/github.com/vmware/govmomi/object/compute_resource.go
@@ -109,16 +109,3 @@ func (c ComputeResource) Reconfigure(ctx context.Context, spec types.BaseCompute
 
 	return NewTask(c.c, res.Returnval), nil
 }
-
-func (c ComputeResource) Destroy(ctx context.Context) (*Task, error) {
-	req := types.Destroy_Task{
-		This: c.Reference(),
-	}
-
-	res, err := methods.Destroy_Task(ctx, c.c, &req)
-	if err != nil {
-		return nil, err
-	}
-
-	return NewTask(c.c, res.Returnval), nil
-}
diff --git a/vendor/github.com/vmware/govmomi/object/custom_fields_manager.go b/vendor/github.com/vmware/govmomi/object/custom_fields_manager.go
index 60b78df2b4b6..ef748ef2c131 100644
--- a/vendor/github.com/vmware/govmomi/object/custom_fields_manager.go
+++ b/vendor/github.com/vmware/govmomi/object/custom_fields_manager.go
@@ -102,7 +102,9 @@ func (m CustomFieldsManager) Set(ctx context.Context, entity types.ManagedObject
 	return err
 }
 
-func (m CustomFieldsManager) Field(ctx context.Context) ([]types.CustomFieldDef, error) {
+type CustomFieldDefList []types.CustomFieldDef
+
+func (m CustomFieldsManager) Field(ctx context.Context) (CustomFieldDefList, error) {
 	var fm mo.CustomFieldsManager
 
 	err := m.Properties(ctx, m.Reference(), []string{"field"}, &fm)
@@ -113,19 +115,19 @@ func (m CustomFieldsManager) Field(ctx context.Context) ([]types.CustomFieldDef,
 	return fm.Field, nil
 }
 
-func (m CustomFieldsManager) FindKey(ctx context.Context, key string) (int32, error) {
+func (m CustomFieldsManager) FindKey(ctx context.Context, name string) (int32, error) {
 	field, err := m.Field(ctx)
 	if err != nil {
 		return -1, err
 	}
 
 	for _, def := range field {
-		if def.Name == key {
+		if def.Name == name {
 			return def.Key, nil
 		}
 	}
 
-	k, err := strconv.Atoi(key)
+	k, err := strconv.Atoi(name)
 	if err == nil {
 		// assume literal int key
 		return int32(k), nil
@@ -133,3 +135,12 @@ func (m CustomFieldsManager) FindKey(ctx context.Context, key string) (int32, er
 
 	return -1, ErrKeyNameNotFound
 }
+
+func (l CustomFieldDefList) ByKey(key int32) *types.CustomFieldDef {
+	for _, def := range l {
+		if def.Key == key {
+			return &def
+		}
+	}
+	return nil
+}
diff --git a/vendor/github.com/vmware/govmomi/object/datacenter.go b/vendor/github.com/vmware/govmomi/object/datacenter.go
index adddc5ffa5de..41fa3526571b 100644
--- a/vendor/github.com/vmware/govmomi/object/datacenter.go
+++ b/vendor/github.com/vmware/govmomi/object/datacenter.go
@@ -88,3 +88,42 @@ func (d Datacenter) Destroy(ctx context.Context) (*Task, error) {
 
 	return NewTask(d.c, res.Returnval), nil
 }
+
+// PowerOnVM powers on multiple virtual machines with a single vCenter call.
+// If called against ESX, serially powers on the list of VMs and the returned *Task will always be nil.
+func (d Datacenter) PowerOnVM(ctx context.Context, vm []types.ManagedObjectReference, option ...types.BaseOptionValue) (*Task, error) {
+	if d.Client().IsVC() {
+		req := types.PowerOnMultiVM_Task{
+			This:   d.Reference(),
+			Vm:     vm,
+			Option: option,
+		}
+
+		res, err := methods.PowerOnMultiVM_Task(ctx, d.c, &req)
+		if err != nil {
+			return nil, err
+		}
+
+		return NewTask(d.c, res.Returnval), nil
+	}
+
+	for _, ref := range vm {
+		obj := NewVirtualMachine(d.Client(), ref)
+		task, err := obj.PowerOn(ctx)
+		if err != nil {
+			return nil, err
+		}
+
+		err = task.Wait(ctx)
+		if err != nil {
+			// Ignore any InvalidPowerState fault, as it indicates the VM is already powered on
+			if f, ok := err.(types.HasFault); ok {
+				if _, ok = f.Fault().(*types.InvalidPowerState); !ok {
+					return nil, err
+				}
+			}
+		}
+	}
+
+	return nil, nil
+}
diff --git a/vendor/github.com/vmware/govmomi/object/datastore.go b/vendor/github.com/vmware/govmomi/object/datastore.go
index fc696cdf2131..dfe6603aa5c8 100644
--- a/vendor/github.com/vmware/govmomi/object/datastore.go
+++ b/vendor/github.com/vmware/govmomi/object/datastore.go
@@ -284,7 +284,7 @@ func (d Datastore) Upload(ctx context.Context, f io.Reader, path string, param *
 	if err != nil {
 		return err
 	}
-	return d.Client().Upload(f, u, p)
+	return d.Client().Upload(ctx, f, u, p)
 }
 
 // UploadFile via soap.Upload with an http service ticket
@@ -293,7 +293,7 @@ func (d Datastore) UploadFile(ctx context.Context, file string, path string, par
 	if err != nil {
 		return err
 	}
-	return d.Client().UploadFile(file, u, p)
+	return d.Client().UploadFile(ctx, file, u, p)
 }
 
 // Download via soap.Download with an http service ticket
@@ -302,7 +302,7 @@ func (d Datastore) Download(ctx context.Context, path string, param *soap.Downlo
 	if err != nil {
 		return nil, 0, err
 	}
-	return d.Client().Download(u, p)
+	return d.Client().Download(ctx, u, p)
 }
 
 // DownloadFile via soap.Download with an http service ticket
@@ -311,7 +311,7 @@ func (d Datastore) DownloadFile(ctx context.Context, path string, file string, p
 	if err != nil {
 		return err
 	}
-	return d.Client().DownloadFile(file, u, p)
+	return d.Client().DownloadFile(ctx, file, u, p)
 }
 
 // AttachedHosts returns hosts that have this Datastore attached, accessible and writable.
@@ -406,12 +406,9 @@ func (d Datastore) Stat(ctx context.Context, file string) (types.BaseFileInfo, e
 
 	info, err := task.WaitForResult(ctx, nil)
 	if err != nil {
-		if info == nil || info.Error != nil {
-			_, ok := info.Error.Fault.(*types.FileNotFound)
-			if ok {
-				// FileNotFound means the base path doesn't exist.
-				return nil, DatastoreNoSuchDirectoryError{"stat", dsPath}
-			}
+		if types.IsFileNotFound(err) {
+			// FileNotFound means the base path doesn't exist.
+			return nil, DatastoreNoSuchDirectoryError{"stat", dsPath}
 		}
 
 		return nil, err
diff --git a/vendor/github.com/vmware/govmomi/object/datastore_file.go b/vendor/github.com/vmware/govmomi/object/datastore_file.go
index 36c952348552..bc010fc36e81 100644
--- a/vendor/github.com/vmware/govmomi/object/datastore_file.go
+++ b/vendor/github.com/vmware/govmomi/object/datastore_file.go
@@ -1,5 +1,5 @@
 /*
-Copyright (c) 2016 VMware, Inc. All Rights Reserved.
+Copyright (c) 2016-2017 VMware, Inc. All Rights Reserved.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -25,6 +25,7 @@ import (
 	"net/http"
 	"os"
 	"path"
+	"sync"
 	"time"
 
 	"github.com/vmware/govmomi/vim25/soap"
@@ -171,7 +172,7 @@ func (f *DatastoreFile) Stat() (os.FileInfo, error) {
 		return nil, err
 	}
 
-	res, err := f.d.Client().DownloadRequest(u, p)
+	res, err := f.d.Client().DownloadRequest(f.ctx, u, p)
 	if err != nil {
 		return nil, err
 	}
@@ -201,7 +202,7 @@ func (f *DatastoreFile) get() (io.Reader, error) {
 		}
 	}
 
-	res, err := f.d.Client().DownloadRequest(u, p)
+	res, err := f.d.Client().DownloadRequest(f.ctx, u, p)
 	if err != nil {
 		return nil, err
 	}
@@ -232,8 +233,9 @@ func (f *DatastoreFile) get() (io.Reader, error) {
 	return f.body, nil
 }
 
-func lastIndexLines(s []byte, n *int) int64 {
+func lastIndexLines(s []byte, line *int, include func(l int, m string) bool) (int64, bool) {
 	i := len(s) - 1
+	done := false
 
 	for i > 0 {
 		o := bytes.LastIndexByte(s[:i], '\n')
@@ -241,18 +243,27 @@ func lastIndexLines(s []byte, n *int) int64 {
 			break
 		}
 
-		i = o
-		*n--
-		if *n == 0 {
+		msg := string(s[o+1 : i+1])
+		if !include(*line, msg) {
+			done = true
 			break
+		} else {
+			i = o
+			*line++
 		}
 	}
 
-	return int64(i)
+	return int64(i), done
 }
 
 // Tail seeks to the position of the last N lines of the file.
 func (f *DatastoreFile) Tail(n int) error {
+	return f.TailFunc(n, func(line int, _ string) bool { return n > line })
+}
+
+// TailFunc will seek backwards in the datastore file until it hits a line that does
+// not satisfy the supplied `include` function.
+func (f *DatastoreFile) TailFunc(lines int, include func(line int, message string) bool) error {
 	// Read the file in reverse using bsize chunks
 	const bsize = int64(1024 * 16)
 
@@ -261,13 +272,14 @@ func (f *DatastoreFile) Tail(n int) error {
 		return err
 	}
 
-	if n == 0 {
+	if lines == 0 {
 		return nil
 	}
 
 	chunk := int64(-1)
 
 	buf := bytes.NewBuffer(make([]byte, 0, bsize))
+	line := 0
 
 	for {
 		var eof bool
@@ -298,19 +310,19 @@ func (f *DatastoreFile) Tail(n int) error {
 		}
 
 		b := buf.Bytes()
-		idx := lastIndexLines(b, &n) + 1
+		idx, done := lastIndexLines(b, &line, include)
 
-		if n == 0 {
+		if done {
 			if chunk == -1 {
 				// We found all N lines in the last chunk of the file.
 				// The seek offset is also now at the current end of file.
 				// Save this buffer to avoid another GET request when Read() is called.
-				buf.Next(int(idx))
+				buf.Next(int(idx + 1))
 				f.buf = buf
 				return nil
 			}
 
-			if _, err = f.Seek(pos+idx, io.SeekStart); err != nil {
+			if _, err = f.Seek(pos+idx+1, io.SeekStart); err != nil {
 				return err
 			}
 
@@ -336,6 +348,7 @@ type followDatastoreFile struct {
 	r *DatastoreFile
 	c chan struct{}
 	i time.Duration
+	o sync.Once
 }
 
 // Read reads up to len(b) bytes from the DatastoreFile being followed.
@@ -387,11 +400,15 @@ func (f *followDatastoreFile) Read(p []byte) (int, error) {
 
 // Close will stop Follow polling and close the underlying DatastoreFile.
 func (f *followDatastoreFile) Close() error {
-	close(f.c)
+	f.o.Do(func() { close(f.c) })
 	return nil
 }
 
 // Follow returns an io.ReadCloser to stream the file contents as data is appended.
 func (f *DatastoreFile) Follow(interval time.Duration) io.ReadCloser {
-	return &followDatastoreFile{f, make(chan struct{}), interval}
+	return &followDatastoreFile{
+		r: f,
+		c: make(chan struct{}),
+		i: interval,
+	}
 }
diff --git a/vendor/github.com/vmware/govmomi/object/datastore_file_manager.go b/vendor/github.com/vmware/govmomi/object/datastore_file_manager.go
index 7164fbbed7d0..a6e29c2c5634 100644
--- a/vendor/github.com/vmware/govmomi/object/datastore_file_manager.go
+++ b/vendor/github.com/vmware/govmomi/object/datastore_file_manager.go
@@ -1,5 +1,5 @@
 /*
-Copyright (c) 2017 VMware, Inc. All Rights Reserved.
+Copyright (c) 2017-2018 VMware, Inc. All Rights Reserved.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -26,6 +26,7 @@ import (
 	"path"
 	"strings"
 
+	"github.com/vmware/govmomi/vim25/progress"
 	"github.com/vmware/govmomi/vim25/soap"
 )
 
@@ -36,7 +37,8 @@ type DatastoreFileManager struct {
 	FileManager        *FileManager
 	VirtualDiskManager *VirtualDiskManager
 
-	Force bool
+	Force            bool
+	DatacenterTarget *Datacenter
 }
 
 // NewFileManager creates a new instance of DatastoreFileManager
@@ -49,11 +51,25 @@ func (d Datastore) NewFileManager(dc *Datacenter, force bool) *DatastoreFileMana
 		FileManager:        NewFileManager(c),
 		VirtualDiskManager: NewVirtualDiskManager(c),
 		Force:              force,
+		DatacenterTarget:   dc,
 	}
 
 	return m
 }
 
+func (m *DatastoreFileManager) WithProgress(ctx context.Context, s progress.Sinker) context.Context {
+	return context.WithValue(ctx, m, s)
+}
+
+func (m *DatastoreFileManager) wait(ctx context.Context, task *Task) error {
+	var logger progress.Sinker
+	if s, ok := ctx.Value(m).(progress.Sinker); ok {
+		logger = s
+	}
+	_, err := task.WaitForResult(ctx, logger)
+	return err
+}
+
 // Delete dispatches to the appropriate Delete method based on file name extension
 func (m *DatastoreFileManager) Delete(ctx context.Context, name string) error {
 	switch path.Ext(name) {
@@ -73,7 +89,7 @@ func (m *DatastoreFileManager) DeleteFile(ctx context.Context, name string) erro
 		return err
 	}
 
-	return task.Wait(ctx)
+	return m.wait(ctx, task)
 }
 
 // DeleteVirtualDisk calls VirtualDiskManager.DeleteVirtualDisk
@@ -94,7 +110,74 @@ func (m *DatastoreFileManager) DeleteVirtualDisk(ctx context.Context, name strin
 		return err
 	}
 
-	return task.Wait(ctx)
+	return m.wait(ctx, task)
+}
+
+// CopyFile calls FileManager.CopyDatastoreFile
+func (m *DatastoreFileManager) CopyFile(ctx context.Context, src string, dst string) error {
+	srcp := m.Path(src)
+	dstp := m.Path(dst)
+
+	task, err := m.FileManager.CopyDatastoreFile(ctx, srcp.String(), m.Datacenter, dstp.String(), m.DatacenterTarget, m.Force)
+	if err != nil {
+		return err
+	}
+
+	return m.wait(ctx, task)
+}
+
+// Copy dispatches to the appropriate FileManager or VirtualDiskManager Copy method based on file name extension
+func (m *DatastoreFileManager) Copy(ctx context.Context, src string, dst string) error {
+	srcp := m.Path(src)
+	dstp := m.Path(dst)
+
+	f := m.FileManager.CopyDatastoreFile
+
+	if srcp.IsVMDK() {
+		// types.VirtualDiskSpec=nil as it is not implemented by vCenter
+		f = func(ctx context.Context, src string, srcDC *Datacenter, dst string, dstDC *Datacenter, force bool) (*Task, error) {
+			return m.VirtualDiskManager.CopyVirtualDisk(ctx, src, srcDC, dst, dstDC, nil, force)
+		}
+	}
+
+	task, err := f(ctx, srcp.String(), m.Datacenter, dstp.String(), m.DatacenterTarget, m.Force)
+	if err != nil {
+		return err
+	}
+
+	return m.wait(ctx, task)
+}
+
+// MoveFile calls FileManager.MoveDatastoreFile
+func (m *DatastoreFileManager) MoveFile(ctx context.Context, src string, dst string) error {
+	srcp := m.Path(src)
+	dstp := m.Path(dst)
+
+	task, err := m.FileManager.MoveDatastoreFile(ctx, srcp.String(), m.Datacenter, dstp.String(), m.DatacenterTarget, m.Force)
+	if err != nil {
+		return err
+	}
+
+	return m.wait(ctx, task)
+}
+
+// Move dispatches to the appropriate FileManager or VirtualDiskManager Move method based on file name extension
+func (m *DatastoreFileManager) Move(ctx context.Context, src string, dst string) error {
+	srcp := m.Path(src)
+	dstp := m.Path(dst)
+
+	f := m.FileManager.MoveDatastoreFile
+
+	if srcp.IsVMDK() {
+		f = m.VirtualDiskManager.MoveVirtualDisk
+	}
+
+	task, err := f(ctx, srcp.String(), m.Datacenter, dstp.String(), m.DatacenterTarget, m.Force)
+	if err != nil {
+		return err
+	}
+
+	return m.wait(ctx, task)
 }
 
 // Path converts path name to a DatastorePath
diff --git a/vendor/github.com/vmware/govmomi/object/datastore_path.go b/vendor/github.com/vmware/govmomi/object/datastore_path.go
index ea152103df50..1563ee1e11db 100644
--- a/vendor/github.com/vmware/govmomi/object/datastore_path.go
+++ b/vendor/github.com/vmware/govmomi/object/datastore_path.go
@@ -18,6 +18,7 @@ package object
 
 import (
 	"fmt"
+	"path"
 	"strings"
 )
 
@@ -63,3 +64,8 @@ func (p *DatastorePath) String() string {
 
 	return strings.Join([]string{s, p.Path}, " ")
 }
+
+// IsVMDK returns true if Path has a ".vmdk" extension
+func (p *DatastorePath) IsVMDK() bool {
+	return path.Ext(p.Path) == ".vmdk"
+}
diff --git a/vendor/github.com/vmware/govmomi/object/distributed_virtual_portgroup.go b/vendor/github.com/vmware/govmomi/object/distributed_virtual_portgroup.go
index 864bb783f385..86c9fc1c7a88 100644
--- a/vendor/github.com/vmware/govmomi/object/distributed_virtual_portgroup.go
+++ b/vendor/github.com/vmware/govmomi/object/distributed_virtual_portgroup.go
@@ -38,7 +38,7 @@ func NewDistributedVirtualPortgroup(c *vim25.Client, ref types.ManagedObjectRefe
 // EthernetCardBackingInfo returns the VirtualDeviceBackingInfo for this DistributedVirtualPortgroup
 func (p DistributedVirtualPortgroup) EthernetCardBackingInfo(ctx context.Context) (types.BaseVirtualDeviceBackingInfo, error) {
 	var dvp mo.DistributedVirtualPortgroup
-	var dvs mo.VmwareDistributedVirtualSwitch // TODO: should be mo.BaseDistributedVirtualSwitch
+	var dvs mo.DistributedVirtualSwitch
 
 	if err := p.Properties(ctx, p.Reference(), []string{"key", "config.distributedVirtualSwitch"}, &dvp); err != nil {
 		return nil, err
diff --git a/vendor/github.com/vmware/govmomi/object/distributed_virtual_switch.go b/vendor/github.com/vmware/govmomi/object/distributed_virtual_switch.go
index 29ee52d95013..7a41258799d8 100644
--- a/vendor/github.com/vmware/govmomi/object/distributed_virtual_switch.go
+++ b/vendor/github.com/vmware/govmomi/object/distributed_virtual_switch.go
@@ -65,3 +65,15 @@ func (s DistributedVirtualSwitch) AddPortgroup(ctx context.Context, spec []types
 
 	return NewTask(s.Client(), res.Returnval), nil
 }
+
+func (s DistributedVirtualSwitch) FetchDVPorts(ctx context.Context) ([]types.DistributedVirtualPort, error) {
+	req := &types.FetchDVPorts{
+		This: s.Reference(),
+	}
+
+	res, err := methods.FetchDVPorts(ctx, s.Client(), req)
+	if err != nil {
+		return nil, err
+	}
+	return res.Returnval, nil
+}
diff --git a/vendor/github.com/vmware/govmomi/object/host_storage_system.go b/vendor/github.com/vmware/govmomi/object/host_storage_system.go
index 2a433ff2a886..5990a1d4e6bb 100644
--- a/vendor/github.com/vmware/govmomi/object/host_storage_system.go
+++ b/vendor/github.com/vmware/govmomi/object/host_storage_system.go
@@ -88,6 +88,24 @@ func (s HostStorageSystem) RescanAllHba(ctx context.Context) error {
 	return err
 }
 
+func (s HostStorageSystem) Refresh(ctx context.Context) error {
+	req := types.RefreshStorageSystem{
+		This: s.Reference(),
+	}
+
+	_, err := methods.RefreshStorageSystem(ctx, s.c, &req)
+	return err
+}
+
+func (s HostStorageSystem) RescanVmfs(ctx context.Context) error {
+	req := types.RescanVmfs{
+		This: s.Reference(),
+	}
+
+	_, err := methods.RescanVmfs(ctx, s.c, &req)
+	return err
+}
+
 func (s HostStorageSystem) MarkAsSsd(ctx context.Context, uuid string) (*Task, error) {
 	req := types.MarkAsSsd_Task{
 		This:         s.Reference(),
@@ -143,3 +161,14 @@ func (s HostStorageSystem) MarkAsNonLocal(ctx context.Context, uuid string) (*Ta
 
 	return NewTask(s.c, res.Returnval), nil
 }
+
+func (s HostStorageSystem) AttachScsiLun(ctx context.Context, uuid string) error {
+	req := types.AttachScsiLun{
+		This:    s.Reference(),
+		LunUuid: uuid,
+	}
+
+	_, err := methods.AttachScsiLun(ctx, s.c, &req)
+
+	return err
+}
diff --git a/vendor/github.com/vmware/govmomi/object/host_vsan_internal_system.go b/vendor/github.com/vmware/govmomi/object/host_vsan_internal_system.go
index 65e4587f6c80..1430e8a88221 100644
--- a/vendor/github.com/vmware/govmomi/object/host_vsan_internal_system.go
+++ b/vendor/github.com/vmware/govmomi/object/host_vsan_internal_system.go
@@ -42,7 +42,7 @@ func (m HostVsanInternalSystem) QueryVsanObjectUuidsByFilter(ctx context.Context
 	req := types.QueryVsanObjectUuidsByFilter{
 		This:    m.Reference(),
 		Uuids:   uuids,
-		Limit:   limit,
+		Limit:   &limit,
 		Version: version,
 	}
 
diff --git a/vendor/github.com/vmware/govmomi/object/http_nfc_lease.go b/vendor/github.com/vmware/govmomi/object/http_nfc_lease.go
deleted file mode 100644
index 3ca53558b3fc..000000000000
--- a/vendor/github.com/vmware/govmomi/object/http_nfc_lease.go
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
-Copyright (c) 2015 VMware, Inc. All Rights Reserved.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package object
-
-import (
-	"context"
-	"errors"
-	"fmt"
-
-	"github.com/vmware/govmomi/property"
-	"github.com/vmware/govmomi/vim25"
-	"github.com/vmware/govmomi/vim25/methods"
-	"github.com/vmware/govmomi/vim25/mo"
-	"github.com/vmware/govmomi/vim25/types"
-)
-
-type HttpNfcLease struct {
-	Common
-}
-
-func NewHttpNfcLease(c *vim25.Client, ref types.ManagedObjectReference) *HttpNfcLease {
-	return &HttpNfcLease{
-		Common: NewCommon(c, ref),
-	}
-}
-
-// HttpNfcLeaseAbort wraps methods.HttpNfcLeaseAbort
-func (o HttpNfcLease) HttpNfcLeaseAbort(ctx context.Context, fault *types.LocalizedMethodFault) error {
-	req := types.HttpNfcLeaseAbort{
-		This:  o.Reference(),
-		Fault: fault,
-	}
-
-	_, err := methods.HttpNfcLeaseAbort(ctx, o.c, &req)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-// HttpNfcLeaseComplete wraps methods.HttpNfcLeaseComplete
-func (o HttpNfcLease) HttpNfcLeaseComplete(ctx context.Context) error {
-	req := types.HttpNfcLeaseComplete{
-		This: o.Reference(),
-	}
-
-	_, err := methods.HttpNfcLeaseComplete(ctx, o.c, &req)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-// HttpNfcLeaseGetManifest wraps methods.HttpNfcLeaseGetManifest
-func (o HttpNfcLease) HttpNfcLeaseGetManifest(ctx context.Context) error {
-	req := types.HttpNfcLeaseGetManifest{
-		This: o.Reference(),
-	}
-
-	_, err := methods.HttpNfcLeaseGetManifest(ctx, o.c, &req)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-// HttpNfcLeaseProgress wraps methods.HttpNfcLeaseProgress
-func (o HttpNfcLease) HttpNfcLeaseProgress(ctx context.Context, percent int32) error {
-	req := types.HttpNfcLeaseProgress{
-		This:    o.Reference(),
-		Percent: percent,
-	}
-
-	_, err := methods.HttpNfcLeaseProgress(ctx, o.c, &req)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (o HttpNfcLease) Wait(ctx context.Context) (*types.HttpNfcLeaseInfo, error) {
-	var lease mo.HttpNfcLease
-
-	pc := property.DefaultCollector(o.c)
-	err := property.Wait(ctx, pc, o.Reference(), []string{"state", "info", "error"}, func(pc []types.PropertyChange) bool {
-		done := false
-
-		for _, c := range pc {
-			if c.Val == nil {
-				continue
-			}
-
-			switch c.Name {
-			case "error":
-				val := c.Val.(types.LocalizedMethodFault)
-				lease.Error = &val
-				done = true
-			case "info":
-				val := c.Val.(types.HttpNfcLeaseInfo)
-				lease.Info = &val
-			case "state":
-				lease.State = c.Val.(types.HttpNfcLeaseState)
-				if lease.State != types.HttpNfcLeaseStateInitializing {
-					done = true
-				}
-			}
-		}
-
-		return done
-	})
-
-	if err != nil {
-		return nil, err
-	}
-
-	if lease.State == types.HttpNfcLeaseStateReady {
-		return lease.Info, nil
-	}
-
-	if lease.Error != nil {
-		return nil, errors.New(lease.Error.LocalizedMessage)
-	}
-
-	return nil, fmt.Errorf("unexpected nfc lease state: %s", lease.State)
-}
diff --git a/vendor/github.com/vmware/govmomi/object/network.go b/vendor/github.com/vmware/govmomi/object/network.go
index a76b17d91c25..d1dc7ce01f61 100644
--- a/vendor/github.com/vmware/govmomi/object/network.go
+++ b/vendor/github.com/vmware/govmomi/object/network.go
@@ -20,6 +20,7 @@ import (
 	"context"
 
 	"github.com/vmware/govmomi/vim25"
+	"github.com/vmware/govmomi/vim25/mo"
 	"github.com/vmware/govmomi/vim25/types"
 )
 
@@ -34,12 +35,20 @@ func NewNetwork(c *vim25.Client, ref types.ManagedObjectReference) *Network {
 }
 
 // EthernetCardBackingInfo returns the VirtualDeviceBackingInfo for this Network
-func (n Network) EthernetCardBackingInfo(_ context.Context) (types.BaseVirtualDeviceBackingInfo, error) {
-	name := n.Name()
+func (n Network) EthernetCardBackingInfo(ctx context.Context) (types.BaseVirtualDeviceBackingInfo, error) {
+	var e mo.Network
+
+	// Use Network.Name rather than Common.Name as the latter does not return the complete name if it contains a '/'
+	// We can't use Common.ObjectName here either as we need the ManagedEntity.Name field is not set since mo.Network
+	// has its own Name field.
+	err := n.Properties(ctx, n.Reference(), []string{"name"}, &e)
+	if err != nil {
+		return nil, err
+	}
 
 	backing := &types.VirtualEthernetCardNetworkBackingInfo{
 		VirtualDeviceDeviceBackingInfo: types.VirtualDeviceDeviceBackingInfo{
-			DeviceName: name,
+			DeviceName: e.Name,
 		},
 	}
 
diff --git a/vendor/github.com/vmware/govmomi/object/ovf_manager.go b/vendor/github.com/vmware/govmomi/object/ovf_manager.go
deleted file mode 100644
index 7fedf689ff38..000000000000
--- a/vendor/github.com/vmware/govmomi/object/ovf_manager.go
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
-Copyright (c) 2015 VMware, Inc. All Rights Reserved.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package object
-
-import (
-	"context"
-
-	"github.com/vmware/govmomi/vim25"
-	"github.com/vmware/govmomi/vim25/methods"
-	"github.com/vmware/govmomi/vim25/types"
-)
-
-type OvfManager struct {
-	Common
-}
-
-func NewOvfManager(c *vim25.Client) *OvfManager {
-	o := OvfManager{
-		Common: NewCommon(c, *c.ServiceContent.OvfManager),
-	}
-
-	return &o
-}
-
-// CreateDescriptor wraps methods.CreateDescriptor
-func (o OvfManager) CreateDescriptor(ctx context.Context, obj Reference, cdp types.OvfCreateDescriptorParams) (*types.OvfCreateDescriptorResult, error) {
-	req := types.CreateDescriptor{
-		This: o.Reference(),
-		Obj:  obj.Reference(),
-		Cdp:  cdp,
-	}
-
-	res, err := methods.CreateDescriptor(ctx, o.c, &req)
-	if err != nil {
-		return nil, err
-	}
-
-	return &res.Returnval, nil
-}
-
-// CreateImportSpec wraps methods.CreateImportSpec
-func (o OvfManager) CreateImportSpec(ctx context.Context, ovfDescriptor string, resourcePool Reference, datastore Reference, cisp types.OvfCreateImportSpecParams) (*types.OvfCreateImportSpecResult, error) {
-	req := types.CreateImportSpec{
-		This:          o.Reference(),
-		OvfDescriptor: ovfDescriptor,
-		ResourcePool:  resourcePool.Reference(),
-		Datastore:     datastore.Reference(),
-		Cisp:          cisp,
-	}
-
-	res, err := methods.CreateImportSpec(ctx, o.c, &req)
-	if err != nil {
-		return nil, err
-	}
-
-	return &res.Returnval, nil
-}
-
-// ParseDescriptor wraps methods.ParseDescriptor
-func (o OvfManager) ParseDescriptor(ctx context.Context, ovfDescriptor string, pdp types.OvfParseDescriptorParams) (*types.OvfParseDescriptorResult, error) {
-	req := types.ParseDescriptor{
-		This:          o.Reference(),
-		OvfDescriptor: ovfDescriptor,
-		Pdp:           pdp,
-	}
-
-	res, err := methods.ParseDescriptor(ctx, o.c, &req)
-	if err != nil {
-		return nil, err
-	}
-
-	return &res.Returnval, nil
-}
-
-// ValidateHost wraps methods.ValidateHost
-func (o OvfManager) ValidateHost(ctx context.Context, ovfDescriptor string, host Reference, vhp types.OvfValidateHostParams) (*types.OvfValidateHostResult, error) {
-	req := types.ValidateHost{
-		This:          o.Reference(),
-		OvfDescriptor: ovfDescriptor,
-		Host:          host.Reference(),
-		Vhp:           vhp,
-	}
-
-	res, err := methods.ValidateHost(ctx, o.c, &req)
-	if err != nil {
-		return nil, err
-	}
-
-	return &res.Returnval, nil
-}
diff --git a/vendor/github.com/vmware/govmomi/object/resource_pool.go b/vendor/github.com/vmware/govmomi/object/resource_pool.go
index 791fd38229db..55c2e2b2fdea 100644
--- a/vendor/github.com/vmware/govmomi/object/resource_pool.go
+++ b/vendor/github.com/vmware/govmomi/object/resource_pool.go
@@ -19,6 +19,7 @@ package object
 import (
 	"context"
 
+	"github.com/vmware/govmomi/nfc"
 	"github.com/vmware/govmomi/vim25"
 	"github.com/vmware/govmomi/vim25/methods"
 	"github.com/vmware/govmomi/vim25/types"
@@ -34,7 +35,7 @@ func NewResourcePool(c *vim25.Client, ref types.ManagedObjectReference) *Resourc
 	}
 }
 
-func (p ResourcePool) ImportVApp(ctx context.Context, spec types.BaseImportSpec, folder *Folder, host *HostSystem) (*HttpNfcLease, error) {
+func (p ResourcePool) ImportVApp(ctx context.Context, spec types.BaseImportSpec, folder *Folder, host *HostSystem) (*nfc.Lease, error) {
 	req := types.ImportVApp{
 		This: p.Reference(),
 		Spec: spec,
@@ -55,7 +56,7 @@ func (p ResourcePool) ImportVApp(ctx context.Context, spec types.BaseImportSpec,
 		return nil, err
 	}
 
-	return NewHttpNfcLease(p.c, res.Returnval), nil
+	return nfc.NewLease(p.c, res.Returnval), nil
 }
 
 func (p ResourcePool) Create(ctx context.Context, name string, spec types.ResourceConfigSpec) (*ResourcePool, error) {
diff --git a/vendor/github.com/vmware/govmomi/object/task.go b/vendor/github.com/vmware/govmomi/object/task.go
index 8572b4363bd0..2b66aa93b7f7 100644
--- a/vendor/github.com/vmware/govmomi/object/task.go
+++ b/vendor/github.com/vmware/govmomi/object/task.go
@@ -22,6 +22,7 @@ import (
 	"github.com/vmware/govmomi/property"
 	"github.com/vmware/govmomi/task"
 	"github.com/vmware/govmomi/vim25"
+	"github.com/vmware/govmomi/vim25/methods"
 	"github.com/vmware/govmomi/vim25/progress"
 	"github.com/vmware/govmomi/vim25/types"
 )
@@ -51,3 +52,11 @@ func (t *Task) WaitForResult(ctx context.Context, s progress.Sinker) (*types.Tas
 	p := property.DefaultCollector(t.c)
 	return task.Wait(ctx, t.Reference(), p, s)
 }
+
+func (t *Task) Cancel(ctx context.Context) error {
+	_, err := methods.CancelTask(ctx, t.Client(), &types.CancelTask{
+		This: t.Reference(),
+	})
+
+	return err
+}
diff --git a/vendor/github.com/vmware/govmomi/object/types.go b/vendor/github.com/vmware/govmomi/object/types.go
index aefb611fded6..4eb8d1b8bbf7 100644
--- a/vendor/github.com/vmware/govmomi/object/types.go
+++ b/vendor/github.com/vmware/govmomi/object/types.go
@@ -47,8 +47,10 @@ func NewReference(c *vim25.Client, e types.ManagedObjectReference) Reference {
 		return NewClusterComputeResource(c, e)
 	case "HostSystem":
 		return NewHostSystem(c, e)
-	case "Network", "OpaqueNetwork":
+	case "Network":
 		return NewNetwork(c, e)
+	case "OpaqueNetwork":
+		return NewOpaqueNetwork(c, e)
 	case "ResourcePool":
 		return NewResourcePool(c, e)
 	case "DistributedVirtualSwitch":
diff --git a/vendor/github.com/vmware/govmomi/object/virtual_device_list.go b/vendor/github.com/vmware/govmomi/object/virtual_device_list.go
index 24821aa6b9c8..6fe083561586 100644
--- a/vendor/github.com/vmware/govmomi/object/virtual_device_list.go
+++ b/vendor/github.com/vmware/govmomi/object/virtual_device_list.go
@@ -1,5 +1,5 @@
 /*
-Copyright (c) 2015 VMware, Inc. All Rights Reserved.
+Copyright (c) 2015-2017 VMware, Inc. All Rights Reserved.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -30,6 +30,7 @@ import (
 
 // Type values for use in BootOrder
 const (
+	DeviceTypeNone     = "-"
 	DeviceTypeCdrom    = "cdrom"
 	DeviceTypeDisk     = "disk"
 	DeviceTypeEthernet = "ethernet"
@@ -754,6 +755,9 @@ func (l VirtualDeviceList) PrimaryMacAddress() string {
 
 // convert a BaseVirtualDevice to a BaseVirtualMachineBootOptionsBootableDevice
 var bootableDevices = map[string]func(device types.BaseVirtualDevice) types.BaseVirtualMachineBootOptionsBootableDevice{
+	DeviceTypeNone: func(types.BaseVirtualDevice) types.BaseVirtualMachineBootOptionsBootableDevice {
+		return &types.VirtualMachineBootOptionsBootableDevice{}
+	},
 	DeviceTypeCdrom: func(types.BaseVirtualDevice) types.BaseVirtualMachineBootOptionsBootableDevice {
 		return &types.VirtualMachineBootOptionsBootableCdromDevice{}
 	},
@@ -773,17 +777,23 @@ var bootableDevices = map[string]func(device types.BaseVirtualDevice) types.Base
 }
 
 // BootOrder returns a list of devices which can be used to set boot order via VirtualMachine.SetBootOptions.
-// The order can any of "ethernet", "cdrom", "floppy" or "disk" or by specific device name.
+// The order can be any of "ethernet", "cdrom", "floppy" or "disk" or by specific device name.
+// A value of "-" will clear the existing boot order on the VC/ESX side.
 func (l VirtualDeviceList) BootOrder(order []string) []types.BaseVirtualMachineBootOptionsBootableDevice {
 	var devices []types.BaseVirtualMachineBootOptionsBootableDevice
 
 	for _, name := range order {
 		if kind, ok := bootableDevices[name]; ok {
+			if name == DeviceTypeNone {
+				// Not covered in the API docs, nor obvious, but this clears the boot order on the VC/ESX side.
+				devices = append(devices, new(types.VirtualMachineBootOptionsBootableDevice))
+				continue
+			}
+
 			for _, device := range l {
 				if l.Type(device) == name {
 					devices = append(devices, kind(device))
 				}
-
 			}
 			continue
 		}
diff --git a/vendor/github.com/vmware/govmomi/object/virtual_disk_manager.go b/vendor/github.com/vmware/govmomi/object/virtual_disk_manager.go
index b26e2f71c252..7bea49d51e20 100644
--- a/vendor/github.com/vmware/govmomi/object/virtual_disk_manager.go
+++ b/vendor/github.com/vmware/govmomi/object/virtual_disk_manager.go
@@ -145,6 +145,47 @@ func (m VirtualDiskManager) DeleteVirtualDisk(ctx context.Context, name string,
 	return NewTask(m.c, res.Returnval), nil
 }
 
+// InflateVirtualDisk inflates a virtual disk.
+func (m VirtualDiskManager) InflateVirtualDisk(ctx context.Context, name string, dc *Datacenter) (*Task, error) {
+	req := types.InflateVirtualDisk_Task{
+		This: m.Reference(),
+		Name: name,
+	}
+
+	if dc != nil {
+		ref := dc.Reference()
+		req.Datacenter = &ref
+	}
+
+	res, err := methods.InflateVirtualDisk_Task(ctx, m.c, &req)
+	if err != nil {
+		return nil, err
+	}
+
+	return NewTask(m.c, res.Returnval), nil
+}
+
+// ShrinkVirtualDisk shrinks a virtual disk.
+func (m VirtualDiskManager) ShrinkVirtualDisk(ctx context.Context, name string, dc *Datacenter, copy *bool) (*Task, error) {
+	req := types.ShrinkVirtualDisk_Task{
+		This: m.Reference(),
+		Name: name,
+		Copy: copy,
+	}
+
+	if dc != nil {
+		ref := dc.Reference()
+		req.Datacenter = &ref
+	}
+
+	res, err := methods.ShrinkVirtualDisk_Task(ctx, m.c, &req)
+	if err != nil {
+		return nil, err
+	}
+
+	return NewTask(m.c, res.Returnval), nil
+}
+
 // Queries virtual disk uuid
 func (m VirtualDiskManager) QueryVirtualDiskUuid(ctx context.Context, name string, dc *Datacenter) (string, error) {
 	req := types.QueryVirtualDiskUuid{
diff --git a/vendor/github.com/vmware/govmomi/object/virtual_disk_manager_internal.go b/vendor/github.com/vmware/govmomi/object/virtual_disk_manager_internal.go
index 642cd62f6e9c..dc747c121baa 100644
--- a/vendor/github.com/vmware/govmomi/object/virtual_disk_manager_internal.go
+++ b/vendor/github.com/vmware/govmomi/object/virtual_disk_manager_internal.go
@@ -95,3 +95,67 @@ func (m VirtualDiskManager) QueryVirtualDiskInfo(ctx context.Context, name strin
 
 	return info.Result.(arrayOfVirtualDiskInfo).VirtualDiskInfo, nil
 }
+
+type createChildDiskTaskRequest struct {
+	This             types.ManagedObjectReference  `xml:"_this"`
+	ChildName        string                        `xml:"childName"`
+	ChildDatacenter  *types.ManagedObjectReference `xml:"childDatacenter,omitempty"`
+	ParentName       string                        `xml:"parentName"`
+	ParentDatacenter *types.ManagedObjectReference `xml:"parentDatacenter,omitempty"`
+	IsLinkedClone    bool                          `xml:"isLinkedClone"`
+}
+
+type createChildDiskTaskResponse struct {
+	Returnval types.ManagedObjectReference `xml:"returnval"`
+}
+
+type createChildDiskTaskBody struct {
+	Req         *createChildDiskTaskRequest  `xml:"urn:internalvim25 CreateChildDisk_Task,omitempty"`
+	Res         *createChildDiskTaskResponse `xml:"urn:vim25 CreateChildDisk_TaskResponse,omitempty"`
+	InternalRes *createChildDiskTaskResponse `xml:"urn:internalvim25 CreateChildDisk_TaskResponse,omitempty"`
+	Err         *soap.Fault                  `xml:"http://schemas.xmlsoap.org/soap/envelope/ Fault,omitempty"`
+}
+
+func (b *createChildDiskTaskBody) Fault() *soap.Fault { return b.Err }
+
+func createChildDiskTask(ctx context.Context, r soap.RoundTripper, req *createChildDiskTaskRequest) (*createChildDiskTaskResponse, error) {
+	var reqBody, resBody createChildDiskTaskBody
+
+	reqBody.Req = req
+
+	if err := r.RoundTrip(ctx, &reqBody, &resBody); err != nil {
+		return nil, err
+	}
+
+	if resBody.Res != nil {
+		return resBody.Res, nil // vim-version <= 6.5
+	}
+
+	return resBody.InternalRes, nil // vim-version >= 6.7
+}
+
+func (m VirtualDiskManager) CreateChildDisk(ctx context.Context, parent string, pdc *Datacenter, name string, dc *Datacenter, linked bool) (*Task, error) {
+	req := createChildDiskTaskRequest{
+		This:          m.Reference(),
+		ChildName:     name,
+		ParentName:    parent,
+		IsLinkedClone: linked,
+	}
+
+	if dc != nil {
+		ref := dc.Reference()
+		req.ChildDatacenter = &ref
+	}
+
+	if pdc != nil {
+		ref := pdc.Reference()
+		req.ParentDatacenter = &ref
+	}
+
+	res, err := createChildDiskTask(ctx, m.Client(), &req)
+	if err != nil {
+		return nil, err
+	}
+
+	return NewTask(m.Client(), res.Returnval), nil
+}
diff --git a/vendor/github.com/vmware/govmomi/object/virtual_machine.go b/vendor/github.com/vmware/govmomi/object/virtual_machine.go
index 8fd6a421b284..511f55723571 100644
--- a/vendor/github.com/vmware/govmomi/object/virtual_machine.go
+++ b/vendor/github.com/vmware/govmomi/object/virtual_machine.go
@@ -1,5 +1,5 @@
 /*
-Copyright (c) 2015 VMware, Inc. All Rights Reserved.
+Copyright (c) 2015-2017 VMware, Inc. All Rights Reserved.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -23,6 +23,7 @@ import (
 	"net"
 	"path"
 
+	"github.com/vmware/govmomi/nfc"
 	"github.com/vmware/govmomi/property"
 	"github.com/vmware/govmomi/vim25"
 	"github.com/vmware/govmomi/vim25/methods"
@@ -464,6 +465,20 @@ func (v VirtualMachine) Answer(ctx context.Context, id, answer string) error {
 	return nil
 }
 
+func (v VirtualMachine) AcquireTicket(ctx context.Context, kind string) (*types.VirtualMachineTicket, error) {
+	req := types.AcquireTicket{
+		This:       v.Reference(),
+		TicketType: kind,
+	}
+
+	res, err := methods.AcquireTicket(ctx, v.c, &req)
+	if err != nil {
+		return nil, err
+	}
+
+	return &res.Returnval, nil
+}
+
 // CreateSnapshot creates a new snapshot of a virtual machine.
 func (v VirtualMachine) CreateSnapshot(ctx context.Context, name string, description string, memory bool, quiesce bool) (*Task, error) {
 	req := types.CreateSnapshot_Task{
@@ -497,7 +512,7 @@ func (v VirtualMachine) RemoveAllSnapshot(ctx context.Context, consolidate *bool
 	return NewTask(v.c, res.Returnval), nil
 }
 
-type snapshotMap map[string][]Reference
+type snapshotMap map[string][]types.ManagedObjectReference
 
 func (m snapshotMap) add(parent string, tree []types.VirtualMachineSnapshotTree) {
 	for i, st := range tree {
@@ -511,18 +526,18 @@ func (m snapshotMap) add(parent string, tree []types.VirtualMachineSnapshotTree)
 		}
 
 		for _, name := range names {
-			m[name] = append(m[name], &tree[i].Snapshot)
+			m[name] = append(m[name], tree[i].Snapshot)
 		}
 
 		m.add(sname, st.ChildSnapshotList)
 	}
 }
 
-// findSnapshot supports snapshot lookup by name, where name can be:
+// FindSnapshot supports snapshot lookup by name, where name can be:
 // 1) snapshot ManagedObjectReference.Value (unique)
 // 2) snapshot name (may not be unique)
 // 3) snapshot tree path (may not be unique)
-func (v VirtualMachine) findSnapshot(ctx context.Context, name string) (Reference, error) {
+func (v VirtualMachine) FindSnapshot(ctx context.Context, name string) (*types.ManagedObjectReference, error) {
 	var o mo.VirtualMachine
 
 	err := v.Properties(ctx, v.Reference(), []string{"snapshot"}, &o)
@@ -542,7 +557,7 @@ func (v VirtualMachine) findSnapshot(ctx context.Context, name string) (Referenc
 	case 0:
 		return nil, fmt.Errorf("snapshot %q not found", name)
 	case 1:
-		return s[0], nil
+		return &s[0], nil
 	default:
 		return nil, fmt.Errorf("%q resolves to %d snapshots", name, len(s))
 	}
@@ -550,7 +565,7 @@ func (v VirtualMachine) findSnapshot(ctx context.Context, name string) (Referenc
 
 // RemoveSnapshot removes a named snapshot
 func (v VirtualMachine) RemoveSnapshot(ctx context.Context, name string, removeChildren bool, consolidate *bool) (*Task, error) {
-	snapshot, err := v.findSnapshot(ctx, name)
+	snapshot, err := v.FindSnapshot(ctx, name)
 	if err != nil {
 		return nil, err
 	}
@@ -586,7 +601,7 @@ func (v VirtualMachine) RevertToCurrentSnapshot(ctx context.Context, suppressPow
 
 // RevertToSnapshot reverts to a named snapshot
 func (v VirtualMachine) RevertToSnapshot(ctx context.Context, name string, suppressPowerOn bool) (*Task, error) {
-	snapshot, err := v.findSnapshot(ctx, name)
+	snapshot, err := v.FindSnapshot(ctx, name)
 	if err != nil {
 		return nil, err
 	}
@@ -757,3 +772,30 @@ func (v VirtualMachine) UpgradeTools(ctx context.Context, options string) (*Task
 
 	return NewTask(v.c, res.Returnval), nil
 }
+
+func (v VirtualMachine) Export(ctx context.Context) (*nfc.Lease, error) {
+	req := types.ExportVm{
+		This: v.Reference(),
+	}
+
+	res, err := methods.ExportVm(ctx, v.Client(), &req)
+	if err != nil {
+		return nil, err
+	}
+
+	return nfc.NewLease(v.c, res.Returnval), nil
+}
+
+func (v VirtualMachine) UpgradeVM(ctx context.Context, version string) (*Task, error) {
+	req := types.UpgradeVM_Task{
+		This:    v.Reference(),
+		Version: version,
+	}
+
+	res, err := methods.UpgradeVM_Task(ctx, v.Client(), &req)
+	if err != nil {
+		return nil, err
+	}
+
+	return NewTask(v.c, res.Returnval), nil
+}
diff --git a/vendor/github.com/vmware/govmomi/property/collector.go b/vendor/github.com/vmware/govmomi/property/collector.go
index e2059d923f91..ccf712cf9d3b 100644
--- a/vendor/github.com/vmware/govmomi/property/collector.go
+++ b/vendor/github.com/vmware/govmomi/property/collector.go
@@ -30,7 +30,7 @@ import (
 // Collector models the PropertyCollector managed object.
 //
 // For more information, see:
-// http://pubs.vmware.com/vsphere-55/index.jsp#com.vmware.wssdk.apiref.doc/vmodl.query.PropertyCollector.html
+// http://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.wssdk.apiref.doc%2Fvmodl.query.PropertyCollector.html
 //
 type Collector struct {
 	roundTripper soap.RoundTripper
@@ -121,6 +121,10 @@ func (p *Collector) RetrieveProperties(ctx context.Context, req types.RetrievePr
 // of the specified managed objects, with the relevant properties filled in. If
 // the properties slice is nil, all properties are loaded.
 func (p *Collector) Retrieve(ctx context.Context, objs []types.ManagedObjectReference, ps []string, dst interface{}) error {
+	if len(objs) == 0 {
+		return errors.New("object references is empty")
+	}
+
 	var propSpec *types.PropertySpec
 	var objectSet []types.ObjectSpec
 
diff --git a/vendor/github.com/vmware/govmomi/property/filter.go b/vendor/github.com/vmware/govmomi/property/filter.go
index a6fa1de9ffd6..8284b0c7d82b 100644
--- a/vendor/github.com/vmware/govmomi/property/filter.go
+++ b/vendor/github.com/vmware/govmomi/property/filter.go
@@ -18,7 +18,7 @@ package property
 
 import (
 	"fmt"
-	"path/filepath"
+	"path"
 	"reflect"
 	"strconv"
 	"strings"
@@ -103,7 +103,11 @@ func (f Filter) MatchProperty(prop types.DynamicProperty) bool {
 
 	switch pval := prop.Val.(type) {
 	case string:
-		m, _ := filepath.Match(match.(string), pval)
+		s := match.(string)
+		if s == "*" {
+			return true // TODO: path.Match fails if s contains a '/'
+		}
+		m, _ := path.Match(s, pval)
 		return m
 	default:
 		return reflect.DeepEqual(match, pval)
diff --git a/vendor/github.com/vmware/govmomi/property/wait.go b/vendor/github.com/vmware/govmomi/property/wait.go
index 689477bfb85d..fe847926ce9c 100644
--- a/vendor/github.com/vmware/govmomi/property/wait.go
+++ b/vendor/github.com/vmware/govmomi/property/wait.go
@@ -1,5 +1,5 @@
 /*
-Copyright (c) 2015 VMware, Inc. All Rights Reserved.
+Copyright (c) 2015-2017 VMware, Inc. All Rights Reserved.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -22,73 +22,63 @@ import (
 	"github.com/vmware/govmomi/vim25/types"
 )
 
-// Wait waits for any of the specified properties of the specified managed
-// object to change. It calls the specified function for every update it
-// receives. If this function returns false, it continues waiting for
-// subsequent updates. If this function returns true, it stops waiting and
-// returns.
-//
-// To only receive updates for the specified managed object, the function
-// creates a new property collector and calls CreateFilter. A new property
-// collector is required because filters can only be added, not removed.
-//
-// The newly created collector is destroyed before this function returns (both
-// in case of success or error).
-//
-func Wait(ctx context.Context, c *Collector, obj types.ManagedObjectReference, ps []string, f func([]types.PropertyChange) bool) error {
-	p, err := c.Create(ctx)
-	if err != nil {
-		return err
-	}
+// WaitFilter provides helpers to construct a types.CreateFilter for use with property.Wait
+type WaitFilter struct {
+	types.CreateFilter
+}
 
-	// Attempt to destroy the collector using the background context, as the
-	// specified context may have timed out or have been cancelled.
-	defer p.Destroy(context.Background())
+// Add a new ObjectSpec and PropertySpec to the WaitFilter
+func (f *WaitFilter) Add(obj types.ManagedObjectReference, kind string, ps []string, set ...types.BaseSelectionSpec) *WaitFilter {
+	spec := types.ObjectSpec{
+		Obj:       obj,
+		SelectSet: set,
+	}
 
-	req := types.CreateFilter{
-		Spec: types.PropertyFilterSpec{
-			ObjectSet: []types.ObjectSpec{
-				{
-					Obj: obj,
-				},
-			},
-			PropSet: []types.PropertySpec{
-				{
-					PathSet: ps,
-					Type:    obj.Type,
-				},
-			},
-		},
+	pset := types.PropertySpec{
+		Type:    kind,
+		PathSet: ps,
 	}
 
 	if len(ps) == 0 {
-		req.Spec.PropSet[0].All = types.NewBool(true)
+		pset.All = types.NewBool(true)
 	}
 
-	err = p.CreateFilter(ctx, req)
-	if err != nil {
-		return err
-	}
-	return waitLoop(ctx, p, func(_ types.ManagedObjectReference, pc []types.PropertyChange) bool {
-		return f(pc)
+	f.Spec.ObjectSet = append(f.Spec.ObjectSet, spec)
+
+	f.Spec.PropSet = append(f.Spec.PropSet, pset)
+
+	return f
+}
+
+// Wait creates a new WaitFilter and calls the specified function for each ObjectUpdate via WaitForUpdates
+func Wait(ctx context.Context, c *Collector, obj types.ManagedObjectReference, ps []string, f func([]types.PropertyChange) bool) error {
+	filter := new(WaitFilter).Add(obj, obj.Type, ps)
+
+	return WaitForUpdates(ctx, c, filter, func(updates []types.ObjectUpdate) bool {
+		for _, update := range updates {
+			if f(update.ChangeSet) {
+				return true
+			}
+		}
+
+		return false
 	})
 }
 
-// WaitForView waits for any of the specified properties of the managed
-// objects in the View to change. It calls the specified function for every update it
+// WaitForUpdates waits for any of the specified properties of the specified managed
+// object to change. It calls the specified function for every update it
 // receives. If this function returns false, it continues waiting for
 // subsequent updates. If this function returns true, it stops waiting and
 // returns.
 //
-// To only receive updates for the View's specified managed objects, the function
+// To only receive updates for the specified managed object, the function
 // creates a new property collector and calls CreateFilter. A new property
 // collector is required because filters can only be added, not removed.
 //
 // The newly created collector is destroyed before this function returns (both
 // in case of success or error).
 //
-// The code assumes that all objects in the View are the same type
-func WaitForView(ctx context.Context, c *Collector, view types.ManagedObjectReference, obj types.ManagedObjectReference, ps []string, f func(types.ManagedObjectReference, []types.PropertyChange) bool) error {
+func WaitForUpdates(ctx context.Context, c *Collector, filter *WaitFilter, f func([]types.ObjectUpdate) bool) error {
 	p, err := c.Create(ctx)
 	if err != nil {
 		return err
@@ -98,38 +88,13 @@ func WaitForView(ctx context.Context, c *Collector, view types.ManagedObjectRefe
 	// specified context may have timed out or have been cancelled.
 	defer p.Destroy(context.Background())
 
-	req := types.CreateFilter{
-		Spec: types.PropertyFilterSpec{
-			ObjectSet: []types.ObjectSpec{
-				{
-					Obj: view,
-					SelectSet: []types.BaseSelectionSpec{
-						&types.TraversalSpec{
-							SelectionSpec: types.SelectionSpec{
-								Name: "traverseEntities",
-							},
-							Path: "view",
-							Type: view.Type}},
-				},
-			},
-			PropSet: []types.PropertySpec{
-				{
-					Type:    obj.Type,
-					PathSet: ps,
-				},
-			},
-		}}
-
-	err = p.CreateFilter(ctx, req)
+	err = p.CreateFilter(ctx, filter.CreateFilter)
 	if err != nil {
 		return err
 	}
-	return waitLoop(ctx, p, f)
-}
 
-func waitLoop(ctx context.Context, c *Collector, f func(types.ManagedObjectReference, []types.PropertyChange) bool) error {
 	for version := ""; ; {
-		res, err := c.WaitForUpdates(ctx, version)
+		res, err := p.WaitForUpdates(ctx, version)
 		if err != nil {
 			return err
 		}
@@ -142,12 +107,9 @@ func waitLoop(ctx context.Context, c *Collector, f func(types.ManagedObjectRefer
 		version = res.Version
 
 		for _, fs := range res.FilterSet {
-			for _, os := range fs.ObjectSet {
-				if f(os.Obj, os.ChangeSet) {
-					return nil
-				}
+			if f(fs.ObjectSet) {
+				return nil
 			}
 		}
 	}
-
 }
diff --git a/vendor/github.com/vmware/govmomi/session/manager.go b/vendor/github.com/vmware/govmomi/session/manager.go
index b4591c1c4dc2..3cbfa9384197 100644
--- a/vendor/github.com/vmware/govmomi/session/manager.go
+++ b/vendor/github.com/vmware/govmomi/session/manager.go
@@ -199,3 +199,31 @@ func (sm *Manager) AcquireLocalTicket(ctx context.Context, userName string) (*ty
 
 	return &res.Returnval, nil
 }
+
+func (sm *Manager) AcquireCloneTicket(ctx context.Context) (string, error) {
+	req := types.AcquireCloneTicket{
+		This: sm.Reference(),
+	}
+
+	res, err := methods.AcquireCloneTicket(ctx, sm.client, &req)
+	if err != nil {
+		return "", err
+	}
+
+	return res.Returnval, nil
+}
+
+func (sm *Manager) CloneSession(ctx context.Context, ticket string) error {
+	req := types.CloneSession{
+		This:        sm.Reference(),
+		CloneTicket: ticket,
+	}
+
+	res, err := methods.CloneSession(ctx, sm.client, &req)
+	if err != nil {
+		return err
+	}
+
+	sm.userSession = &res.Returnval
+	return nil
+}
diff --git a/vendor/github.com/vmware/govmomi/vim25/methods/internal.go b/vendor/github.com/vmware/govmomi/vim25/methods/internal.go
deleted file mode 100644
index a79adf3a874f..000000000000
--- a/vendor/github.com/vmware/govmomi/vim25/methods/internal.go
+++ /dev/null
@@ -1,124 +0,0 @@
-/*
-Copyright (c) 2014-2015 VMware, Inc. All Rights Reserved.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package methods
-
-import (
-	"context"
-
-	"github.com/vmware/govmomi/vim25/soap"
-	"github.com/vmware/govmomi/vim25/types"
-)
-
-type RetrieveDynamicTypeManagerBody struct {
-	Req    *types.RetrieveDynamicTypeManager         `xml:"urn:vim25 RetrieveDynamicTypeManager"`
-	Res    *types.RetrieveDynamicTypeManagerResponse `xml:"urn:vim25 RetrieveDynamicTypeManagerResponse"`
-	Fault_ *soap.Fault
-}
-
-func (b *RetrieveDynamicTypeManagerBody) Fault() *soap.Fault { return b.Fault_ }
-
-func RetrieveDynamicTypeManager(ctx context.Context, r soap.RoundTripper, req *types.RetrieveDynamicTypeManager) (*types.RetrieveDynamicTypeManagerResponse, error) {
-	var reqBody, resBody RetrieveDynamicTypeManagerBody
-
-	reqBody.Req = req
-
-	if err := r.RoundTrip(ctx, &reqBody, &resBody); err != nil {
-		return nil, err
-	}
-
-	return resBody.Res, nil
-}
-
-type RetrieveManagedMethodExecuterBody struct {
-	Req    *types.RetrieveManagedMethodExecuter         `xml:"urn:vim25 RetrieveManagedMethodExecuter"`
-	Res    *types.RetrieveManagedMethodExecuterResponse `xml:"urn:vim25 RetrieveManagedMethodExecuterResponse"`
-	Fault_ *soap.Fault
-}
-
-func (b *RetrieveManagedMethodExecuterBody) Fault() *soap.Fault { return b.Fault_ }
-
-func RetrieveManagedMethodExecuter(ctx context.Context, r soap.RoundTripper, req *types.RetrieveManagedMethodExecuter) (*types.RetrieveManagedMethodExecuterResponse, error) {
-	var reqBody, resBody RetrieveManagedMethodExecuterBody
-
-	reqBody.Req = req
-
-	if err := r.RoundTrip(ctx, &reqBody, &resBody); err != nil {
-		return nil, err
-	}
-
-	return resBody.Res, nil
-}
-
-type DynamicTypeMgrQueryMoInstancesBody struct {
-	Req    *types.DynamicTypeMgrQueryMoInstances         `xml:"urn:vim25 DynamicTypeMgrQueryMoInstances"`
-	Res    *types.DynamicTypeMgrQueryMoInstancesResponse `xml:"urn:vim25 DynamicTypeMgrQueryMoInstancesResponse"`
-	Fault_ *soap.Fault
-}
-
-func (b *DynamicTypeMgrQueryMoInstancesBody) Fault() *soap.Fault { return b.Fault_ }
-
-func DynamicTypeMgrQueryMoInstances(ctx context.Context, r soap.RoundTripper, req *types.DynamicTypeMgrQueryMoInstances) (*types.DynamicTypeMgrQueryMoInstancesResponse, error) {
-	var reqBody, resBody DynamicTypeMgrQueryMoInstancesBody
-
-	reqBody.Req = req
-
-	if err := r.RoundTrip(ctx, &reqBody, &resBody); err != nil {
-		return nil, err
-	}
-
-	return resBody.Res, nil
-}
-
-type DynamicTypeMgrQueryTypeInfoBody struct {
-	Req    *types.DynamicTypeMgrQueryTypeInfo         `xml:"urn:vim25 DynamicTypeMgrQueryTypeInfo"`
-	Res    *types.DynamicTypeMgrQueryTypeInfoResponse `xml:"urn:vim25 DynamicTypeMgrQueryTypeInfoResponse"`
-	Fault_ *soap.Fault
-}
-
-func (b *DynamicTypeMgrQueryTypeInfoBody) Fault() *soap.Fault { return b.Fault_ }
-
-func DynamicTypeMgrQueryTypeInfo(ctx context.Context, r soap.RoundTripper, req *types.DynamicTypeMgrQueryTypeInfo) (*types.DynamicTypeMgrQueryTypeInfoResponse, error) {
-	var reqBody, resBody DynamicTypeMgrQueryTypeInfoBody
-
-	reqBody.Req = req
-
-	if err := r.RoundTrip(ctx, &reqBody, &resBody); err != nil {
-		return nil, err
-	}
-
-	return resBody.Res, nil
-}
-
-type ExecuteSoapBody struct {
-	Req    *types.ExecuteSoap         `xml:"urn:vim25 ExecuteSoap"`
-	Res    *types.ExecuteSoapResponse `xml:"urn:vim25 ExecuteSoapResponse"`
-	Fault_ *soap.Fault
-}
-
-func (b *ExecuteSoapBody) Fault() *soap.Fault { return b.Fault_ }
-
-func ExecuteSoap(ctx context.Context, r soap.RoundTripper, req *types.ExecuteSoap) (*types.ExecuteSoapResponse, error) {
-	var reqBody, resBody ExecuteSoapBody
-
-	reqBody.Req = req
-
-	if err := r.RoundTrip(ctx, &reqBody, &resBody); err != nil {
-		return nil, err
-	}
-
-	return resBody.Res, nil
-}
diff --git a/vendor/github.com/vmware/govmomi/vim25/progress/reader.go b/vendor/github.com/vmware/govmomi/vim25/progress/reader.go
index a981cb4e1529..ba8867508227 100644
--- a/vendor/github.com/vmware/govmomi/vim25/progress/reader.go
+++ b/vendor/github.com/vmware/govmomi/vim25/progress/reader.go
@@ -18,6 +18,7 @@ package progress
 
 import (
 	"container/list"
+	"context"
 	"fmt"
 	"io"
 	"sync/atomic"
@@ -75,16 +76,16 @@ type reader struct {
 
 	pos  int64
 	size int64
+	bps  uint64
 
-	bps uint64
-
-	ch chan<- Report
+	ch  chan<- Report
+	ctx context.Context
 }
 
-func NewReader(s Sinker, r io.Reader, size int64) *reader {
+func NewReader(ctx context.Context, s Sinker, r io.Reader, size int64) *reader {
 	pr := reader{
-		r: r,
-
+		r:    r,
+		ctx:  ctx,
 		size: size,
 	}
 
@@ -111,7 +112,10 @@ func (r *reader) Read(b []byte) (int, error) {
 		bps:  &r.bps,
 	}
 
-	r.ch <- q
+	select {
+	case r.ch <- q:
+	case <-r.ctx.Done():
+	}
 
 	return n, err
 }
@@ -127,8 +131,11 @@ func (r *reader) Done(err error) {
 		err:  err,
 	}
 
-	r.ch <- q
-	close(r.ch)
+	select {
+	case r.ch <- q:
+		close(r.ch)
+	case <-r.ctx.Done():
+	}
 }
 
 // newBpsLoop returns a sink that monitors and stores throughput.
diff --git a/vendor/github.com/vmware/govmomi/vim25/soap/client.go b/vendor/github.com/vmware/govmomi/vim25/soap/client.go
index 9ac3cc4d6d90..76592493ccd5 100644
--- a/vendor/github.com/vmware/govmomi/vim25/soap/client.go
+++ b/vendor/github.com/vmware/govmomi/vim25/soap/client.go
@@ -1,5 +1,5 @@
 /*
-Copyright (c) 2014-2015 VMware, Inc. All Rights Reserved.
+Copyright (c) 2014-2018 VMware, Inc. All Rights Reserved.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -56,10 +56,12 @@ const (
 	DefaultVimNamespace  = "urn:vim25"
 	DefaultVimVersion    = "6.5"
 	DefaultMinVimVersion = "5.5"
+	SessionCookieName    = "vmware_soap_session"
 )
 
 type header struct {
 	Cookie string `xml:"vcSessionCookie,omitempty"`
+	ID     string `xml:"operationID,omitempty"`
 }
 
 type Client struct {
@@ -78,7 +80,7 @@ type Client struct {
 	Version   string // Vim version
 	UserAgent string
 
-	header *header
+	cookie string
 }
 
 var schemeMatch = regexp.MustCompile(`^\w+://`)
@@ -167,11 +169,8 @@ func (c *Client) NewServiceClient(path string, namespace string) *Client {
 
 	// Set SOAP Header cookie
 	for _, cookie := range client.Jar.Cookies(u) {
-		if cookie.Name == "vmware_soap_session" {
-			client.header = &header{
-				Cookie: cookie.Value,
-			}
-
+		if cookie.Name == SessionCookieName {
+			client.cookie = cookie.Value
 			break
 		}
 	}
@@ -433,7 +432,15 @@ func (c *Client) RoundTrip(ctx context.Context, reqBody, resBody HasFault) error
 	reqEnv := Envelope{Body: reqBody}
 	resEnv := Envelope{Body: resBody}
 
-	reqEnv.Header = c.header
+	h := &header{
+		Cookie: c.cookie,
+	}
+
+	if id, ok := ctx.Value(types.ID{}).(string); ok {
+		h.ID = id
+	}
+
+	reqEnv.Header = h
 
 	// Create debugging context for this round trip
 	d := c.d.newRoundTrip()
@@ -452,6 +459,8 @@ func (c *Client) RoundTrip(ctx context.Context, reqBody, resBody HasFault) error
 		panic(err)
 	}
 
+	req = req.WithContext(ctx)
+
 	req.Header.Set(`Content-Type`, `text/xml; charset="utf-8"`)
 	soapAction := fmt.Sprintf("%s/%s", c.Namespace, c.Version)
 	req.Header.Set(`SOAPAction`, soapAction)
@@ -542,11 +551,11 @@ var DefaultUpload = Upload{
 }
 
 // Upload PUTs the local file to the given URL
-func (c *Client) Upload(f io.Reader, u *url.URL, param *Upload) error {
+func (c *Client) Upload(ctx context.Context, f io.Reader, u *url.URL, param *Upload) error {
 	var err error
 
 	if param.Progress != nil {
-		pr := progress.NewReader(param.Progress, f, param.ContentLength)
+		pr := progress.NewReader(ctx, param.Progress, f, param.ContentLength)
 		f = pr
 
 		// Mark progress reader as done when returning from this function.
@@ -560,6 +569,8 @@ func (c *Client) Upload(f io.Reader, u *url.URL, param *Upload) error {
 		return err
 	}
 
+	req = req.WithContext(ctx)
+
 	req.ContentLength = param.ContentLength
 	req.Header.Set("Content-Type", param.Type)
 
@@ -587,7 +598,7 @@ func (c *Client) Upload(f io.Reader, u *url.URL, param *Upload) error {
 }
 
 // UploadFile PUTs the local file to the given URL
-func (c *Client) UploadFile(file string, u *url.URL, param *Upload) error {
+func (c *Client) UploadFile(ctx context.Context, file string, u *url.URL, param *Upload) error {
 	if param == nil {
 		p := DefaultUpload // Copy since we set ContentLength
 		param = &p
@@ -606,7 +617,7 @@ func (c *Client) UploadFile(file string, u *url.URL, param *Upload) error {
 
 	param.ContentLength = s.Size()
 
-	return c.Upload(f, u, param)
+	return c.Upload(ctx, f, u, param)
 }
 
 type Download struct {
@@ -614,6 +625,7 @@ type Download struct {
 	Headers  map[string]string
 	Ticket   *http.Cookie
 	Progress progress.Sinker
+	Writer   io.Writer
 }
 
 var DefaultDownload = Download{
@@ -621,12 +633,14 @@ var DefaultDownload = Download{
 }
 
 // DownloadRequest wraps http.Client.Do, returning the http.Response without checking its StatusCode
-func (c *Client) DownloadRequest(u *url.URL, param *Download) (*http.Response, error) {
+func (c *Client) DownloadRequest(ctx context.Context, u *url.URL, param *Download) (*http.Response, error) {
 	req, err := http.NewRequest(param.Method, u.String(), nil)
 	if err != nil {
 		return nil, err
 	}
 
+	req = req.WithContext(ctx)
+
 	for k, v := range param.Headers {
 		req.Header.Add(k, v)
 	}
@@ -639,8 +653,8 @@ func (c *Client) DownloadRequest(u *url.URL, param *Download) (*http.Response, e
 }
 
 // Download GETs the remote file from the given URL
-func (c *Client) Download(u *url.URL, param *Download) (io.ReadCloser, int64, error) {
-	res, err := c.DownloadRequest(u, param)
+func (c *Client) Download(ctx context.Context, u *url.URL, param *Download) (io.ReadCloser, int64, error) {
+	res, err := c.DownloadRequest(ctx, u, param)
 	if err != nil {
 		return nil, 0, err
 	}
@@ -655,33 +669,24 @@ func (c *Client) Download(u *url.URL, param *Download) (io.ReadCloser, int64, er
 		return nil, 0, err
 	}
 
-	return res.Body, res.ContentLength, nil
+	r := res.Body
+
+	return r, res.ContentLength, nil
 }
 
-// DownloadFile GETs the given URL to a local file
-func (c *Client) DownloadFile(file string, u *url.URL, param *Download) error {
+func (c *Client) WriteFile(ctx context.Context, file string, src io.Reader, size int64, s progress.Sinker, w io.Writer) error {
 	var err error
-	if param == nil {
-		param = &DefaultDownload
-	}
 
-	rc, contentLength, err := c.Download(u, param)
-	if err != nil {
-		return err
-	}
-	defer rc.Close()
-
-	var r io.Reader = rc
+	r := src
 
 	fh, err := os.Create(file)
 	if err != nil {
 		return err
 	}
-	defer fh.Close()
 
-	if param.Progress != nil {
-		pr := progress.NewReader(param.Progress, r, contentLength)
-		r = pr
+	if s != nil {
+		pr := progress.NewReader(ctx, s, src, size)
+		src = pr
 
 		// Mark progress reader as done when returning from this function.
 		defer func() {
@@ -689,17 +694,34 @@ func (c *Client) DownloadFile(file string, u *url.URL, param *Download) error {
 		}()
 	}
 
-	_, err = io.Copy(fh, r)
-	if err != nil {
-		return err
+	if w == nil {
+		w = fh
+	} else {
+		w = io.MultiWriter(w, fh)
+	}
+
+	_, err = io.Copy(w, r)
+
+	cerr := fh.Close()
+
+	if err == nil {
+		err = cerr
+	}
+
+	return err
+}
+
+// DownloadFile GETs the given URL to a local file
+func (c *Client) DownloadFile(ctx context.Context, file string, u *url.URL, param *Download) error {
+	var err error
+	if param == nil {
+		param = &DefaultDownload
 	}
 
-	// Assign error before returning so that it gets picked up by the deferred
-	// function marking the progress reader as done.
-	err = fh.Close()
+	rc, contentLength, err := c.Download(ctx, u, param)
 	if err != nil {
 		return err
 	}
 
-	return nil
+	return c.WriteFile(ctx, file, rc, contentLength, param.Progress, param.Writer)
 }
diff --git a/vendor/github.com/vmware/govmomi/vim25/types/helpers.go b/vendor/github.com/vmware/govmomi/vim25/types/helpers.go
index 2364ed4213cd..7ccfd29b634a 100644
--- a/vendor/github.com/vmware/govmomi/vim25/types/helpers.go
+++ b/vendor/github.com/vmware/govmomi/vim25/types/helpers.go
@@ -1,5 +1,5 @@
 /*
-Copyright (c) 2015 VMware, Inc. All Rights Reserved.
+Copyright (c) 2015-2017 VMware, Inc. All Rights Reserved.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -16,12 +16,28 @@ limitations under the License.
 
 package types
 
-import "strings"
+import (
+	"reflect"
+	"strings"
+	"time"
+)
 
 func NewBool(v bool) *bool {
 	return &v
 }
 
+func NewInt32(v int32) *int32 {
+	return &v
+}
+
+func NewInt64(v int64) *int64 {
+	return &v
+}
+
+func NewTime(v time.Time) *time.Time {
+	return &v
+}
+
 func NewReference(r ManagedObjectReference) *ManagedObjectReference {
 	return &r
 }
@@ -50,3 +66,30 @@ func (r *ManagedObjectReference) FromString(o string) bool {
 func (c *PerfCounterInfo) Name() string {
 	return c.GroupInfo.GetElementDescription().Key + "." + c.NameInfo.GetElementDescription().Key + "." + string(c.RollupType)
 }
+
+func defaultResourceAllocationInfo() ResourceAllocationInfo {
+	return ResourceAllocationInfo{
+		Reservation:           NewInt64(0),
+		ExpandableReservation: NewBool(true),
+		Limit: NewInt64(-1),
+		Shares: &SharesInfo{
+			Level: SharesLevelNormal,
+		},
+	}
+}
+
+// DefaultResourceConfigSpec returns a ResourceConfigSpec populated with the same default field values as vCenter.
+// Note that the wsdl marks these fields as optional, but they are required to be set when creating a resource pool.
+// They are only optional when updating a resource pool.
+func DefaultResourceConfigSpec() ResourceConfigSpec {
+	return ResourceConfigSpec{
+		CpuAllocation:    defaultResourceAllocationInfo(),
+		MemoryAllocation: defaultResourceAllocationInfo(),
+	}
+}
+
+func init() {
+	// Known 6.5 issue where this event type is sent even though it is internal.
+	// This workaround allows us to unmarshal and avoid NPEs.
+	t["HostSubSpecificationUpdateEvent"] = reflect.TypeOf((*HostEvent)(nil)).Elem()
+}
diff --git a/vendor/github.com/vmware/govmomi/vim25/types/if.go b/vendor/github.com/vmware/govmomi/vim25/types/if.go
index dbf594cfc0a5..5b93cb433f13 100644
--- a/vendor/github.com/vmware/govmomi/vim25/types/if.go
+++ b/vendor/github.com/vmware/govmomi/vim25/types/if.go
@@ -2360,16 +2360,6 @@ func init() {
 	t["BaseReplicationVmFault"] = reflect.TypeOf((*ReplicationVmFault)(nil)).Elem()
 }
 
-func (b *ResourceAllocationInfo) GetResourceAllocationInfo() *ResourceAllocationInfo { return b }
-
-type BaseResourceAllocationInfo interface {
-	GetResourceAllocationInfo() *ResourceAllocationInfo
-}
-
-func init() {
-	t["BaseResourceAllocationInfo"] = reflect.TypeOf((*ResourceAllocationInfo)(nil)).Elem()
-}
-
 func (b *ResourceInUse) GetResourceInUse() *ResourceInUse { return b }
 
 type BaseResourceInUse interface {
diff --git a/vendor/github.com/vmware/govmomi/vim25/types/internal.go b/vendor/github.com/vmware/govmomi/vim25/types/internal.go
deleted file mode 100644
index 0c2693499b67..000000000000
--- a/vendor/github.com/vmware/govmomi/vim25/types/internal.go
+++ /dev/null
@@ -1,266 +0,0 @@
-/*
-Copyright (c) 2014 VMware, Inc. All Rights Reserved.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package types
-
-import "reflect"
-
-type DynamicTypeMgrQueryMoInstances struct {
-	This       ManagedObjectReference       `xml:"_this"`
-	FilterSpec BaseDynamicTypeMgrFilterSpec `xml:"filterSpec,omitempty,typeattr"`
-}
-
-type DynamicTypeMgrQueryMoInstancesResponse struct {
-	Returnval []DynamicTypeMgrMoInstance `xml:"urn:vim25 returnval"`
-}
-
-type DynamicTypeEnumTypeInfo struct {
-	DynamicData
-
-	Name       string                     `xml:"name"`
-	WsdlName   string                     `xml:"wsdlName"`
-	Version    string                     `xml:"version"`
-	Value      []string                   `xml:"value,omitempty"`
-	Annotation []DynamicTypeMgrAnnotation `xml:"annotation,omitempty"`
-}
-
-func init() {
-	t["DynamicTypeEnumTypeInfo"] = reflect.TypeOf((*DynamicTypeEnumTypeInfo)(nil)).Elem()
-}
-
-type DynamicTypeMgrAllTypeInfo struct {
-	DynamicData
-
-	ManagedTypeInfo []DynamicTypeMgrManagedTypeInfo `xml:"managedTypeInfo,omitempty"`
-	EnumTypeInfo    []DynamicTypeEnumTypeInfo       `xml:"enumTypeInfo,omitempty"`
-	DataTypeInfo    []DynamicTypeMgrDataTypeInfo    `xml:"dataTypeInfo,omitempty"`
-}
-
-func init() {
-	t["DynamicTypeMgrAllTypeInfo"] = reflect.TypeOf((*DynamicTypeMgrAllTypeInfo)(nil)).Elem()
-}
-
-type DynamicTypeMgrAnnotation struct {
-	DynamicData
-
-	Name      string   `xml:"name"`
-	Parameter []string `xml:"parameter,omitempty"`
-}
-
-func init() {
-	t["DynamicTypeMgrAnnotation"] = reflect.TypeOf((*DynamicTypeMgrAnnotation)(nil)).Elem()
-}
-
-type DynamicTypeMgrDataTypeInfo struct {
-	DynamicData
-
-	Name       string                           `xml:"name"`
-	WsdlName   string                           `xml:"wsdlName"`
-	Version    string                           `xml:"version"`
-	Base       []string                         `xml:"base,omitempty"`
-	Property   []DynamicTypeMgrPropertyTypeInfo `xml:"property,omitempty"`
-	Annotation []DynamicTypeMgrAnnotation       `xml:"annotation,omitempty"`
-}
-
-func init() {
-	t["DynamicTypeMgrDataTypeInfo"] = reflect.TypeOf((*DynamicTypeMgrDataTypeInfo)(nil)).Elem()
-}
-
-func (b *DynamicTypeMgrFilterSpec) GetDynamicTypeMgrFilterSpec() *DynamicTypeMgrFilterSpec { return b }
-
-type BaseDynamicTypeMgrFilterSpec interface {
-	GetDynamicTypeMgrFilterSpec() *DynamicTypeMgrFilterSpec
-}
-
-type DynamicTypeMgrFilterSpec struct {
-	DynamicData
-}
-
-func init() {
-	t["DynamicTypeMgrFilterSpec"] = reflect.TypeOf((*DynamicTypeMgrFilterSpec)(nil)).Elem()
-}
-
-type DynamicTypeMgrManagedTypeInfo struct {
-	DynamicData
-
-	Name       string                           `xml:"name"`
-	WsdlName   string                           `xml:"wsdlName"`
-	Version    string                           `xml:"version"`
-	Base       []string                         `xml:"base,omitempty"`
-	Property   []DynamicTypeMgrPropertyTypeInfo `xml:"property,omitempty"`
-	Method     []DynamicTypeMgrMethodTypeInfo   `xml:"method,omitempty"`
-	Annotation []DynamicTypeMgrAnnotation       `xml:"annotation,omitempty"`
-}
-
-func init() {
-	t["DynamicTypeMgrManagedTypeInfo"] = reflect.TypeOf((*DynamicTypeMgrManagedTypeInfo)(nil)).Elem()
-}
-
-type DynamicTypeMgrMethodTypeInfo struct {
-	DynamicData
-
-	Name           string                        `xml:"name"`
-	WsdlName       string                        `xml:"wsdlName"`
-	Version        string                        `xml:"version"`
-	ParamTypeInfo  []DynamicTypeMgrParamTypeInfo `xml:"paramTypeInfo,omitempty"`
-	ReturnTypeInfo *DynamicTypeMgrParamTypeInfo  `xml:"returnTypeInfo,omitempty"`
-	Fault          []string                      `xml:"fault,omitempty"`
-	PrivId         string                        `xml:"privId,omitempty"`
-	Annotation     []DynamicTypeMgrAnnotation    `xml:"annotation,omitempty"`
-}
-
-func init() {
-	t["DynamicTypeMgrMethodTypeInfo"] = reflect.TypeOf((*DynamicTypeMgrMethodTypeInfo)(nil)).Elem()
-}
-
-type DynamicTypeMgrMoFilterSpec struct {
-	DynamicTypeMgrFilterSpec
-
-	Id         string `xml:"id,omitempty"`
-	TypeSubstr string `xml:"typeSubstr,omitempty"`
-}
-
-func init() {
-	t["DynamicTypeMgrMoFilterSpec"] = reflect.TypeOf((*DynamicTypeMgrMoFilterSpec)(nil)).Elem()
-}
-
-type DynamicTypeMgrMoInstance struct {
-	DynamicData
-
-	Id     string `xml:"id"`
-	MoType string `xml:"moType"`
-}
-
-func init() {
-	t["DynamicTypeMgrMoInstance"] = reflect.TypeOf((*DynamicTypeMgrMoInstance)(nil)).Elem()
-}
-
-type DynamicTypeMgrParamTypeInfo struct {
-	DynamicData
-
-	Name       string                     `xml:"name"`
-	Version    string                     `xml:"version"`
-	Type       string                     `xml:"type"`
-	PrivId     string                     `xml:"privId,omitempty"`
-	Annotation []DynamicTypeMgrAnnotation `xml:"annotation,omitempty"`
-}
-
-func init() {
-	t["DynamicTypeMgrParamTypeInfo"] = reflect.TypeOf((*DynamicTypeMgrParamTypeInfo)(nil)).Elem()
-}
-
-type DynamicTypeMgrPropertyTypeInfo struct {
-	DynamicData
-
-	Name        string                     `xml:"name"`
-	Version     string                     `xml:"version"`
-	Type        string                     `xml:"type"`
-	PrivId      string                     `xml:"privId,omitempty"`
-	MsgIdFormat string                     `xml:"msgIdFormat,omitempty"`
-	Annotation  []DynamicTypeMgrAnnotation `xml:"annotation,omitempty"`
-}
-
-type DynamicTypeMgrQueryTypeInfo struct {
-	This       ManagedObjectReference       `xml:"_this"`
-	FilterSpec BaseDynamicTypeMgrFilterSpec `xml:"filterSpec,omitempty,typeattr"`
-}
-
-type DynamicTypeMgrQueryTypeInfoResponse struct {
-	Returnval DynamicTypeMgrAllTypeInfo `xml:"urn:vim25 returnval"`
-}
-
-func init() {
-	t["DynamicTypeMgrPropertyTypeInfo"] = reflect.TypeOf((*DynamicTypeMgrPropertyTypeInfo)(nil)).Elem()
-}
-
-type DynamicTypeMgrTypeFilterSpec struct {
-	DynamicTypeMgrFilterSpec
-
-	TypeSubstr string `xml:"typeSubstr,omitempty"`
-}
-
-func init() {
-	t["DynamicTypeMgrTypeFilterSpec"] = reflect.TypeOf((*DynamicTypeMgrTypeFilterSpec)(nil)).Elem()
-}
-
-type ReflectManagedMethodExecuterSoapArgument struct {
-	DynamicData
-
-	Name string `xml:"name"`
-	Val  string `xml:"val"`
-}
-
-func init() {
-	t["ReflectManagedMethodExecuterSoapArgument"] = reflect.TypeOf((*ReflectManagedMethodExecuterSoapArgument)(nil)).Elem()
-}
-
-type ReflectManagedMethodExecuterSoapFault struct {
-	DynamicData
-
-	FaultMsg    string `xml:"faultMsg"`
-	FaultDetail string `xml:"faultDetail,omitempty"`
-}
-
-func init() {
-	t["ReflectManagedMethodExecuterSoapFault"] = reflect.TypeOf((*ReflectManagedMethodExecuterSoapFault)(nil)).Elem()
-}
-
-type ReflectManagedMethodExecuterSoapResult struct {
-	DynamicData
-
-	Response string                                 `xml:"response,omitempty"`
-	Fault    *ReflectManagedMethodExecuterSoapFault `xml:"fault,omitempty"`
-}
-
-type RetrieveDynamicTypeManager struct {
-	This ManagedObjectReference `xml:"_this"`
-}
-
-type RetrieveDynamicTypeManagerResponse struct {
-	Returnval *InternalDynamicTypeManager `xml:"urn:vim25 returnval"`
-}
-
-type RetrieveManagedMethodExecuter struct {
-	This ManagedObjectReference `xml:"_this"`
-}
-
-func init() {
-	t["RetrieveManagedMethodExecuter"] = reflect.TypeOf((*RetrieveManagedMethodExecuter)(nil)).Elem()
-}
-
-type RetrieveManagedMethodExecuterResponse struct {
-	Returnval *ReflectManagedMethodExecuter `xml:"urn:vim25 returnval"`
-}
-
-type InternalDynamicTypeManager struct {
-	ManagedObjectReference
-}
-
-type ReflectManagedMethodExecuter struct {
-	ManagedObjectReference
-}
-
-type ExecuteSoap struct {
-	This     ManagedObjectReference                     `xml:"_this"`
-	Moid     string                                     `xml:"moid"`
-	Version  string                                     `xml:"version"`
-	Method   string                                     `xml:"method"`
-	Argument []ReflectManagedMethodExecuterSoapArgument `xml:"argument,omitempty"`
-}
-
-type ExecuteSoapResponse struct {
-	Returnval *ReflectManagedMethodExecuterSoapResult `xml:"urn:vim25 returnval"`
-}
diff --git a/vendor/github.com/vmware/govmomi/vim25/types/types.go b/vendor/github.com/vmware/govmomi/vim25/types/types.go
index fa62c01815d2..564fd18ea9e5 100644
--- a/vendor/github.com/vmware/govmomi/vim25/types/types.go
+++ b/vendor/github.com/vmware/govmomi/vim25/types/types.go
@@ -11331,7 +11331,7 @@ func init() {
 type DVSNetworkResourcePoolAllocationInfo struct {
 	DynamicData
 
-	Limit       int64       `xml:"limit,omitempty"`
+	Limit       *int64      `xml:"limit"`
 	Shares      *SharesInfo `xml:"shares,omitempty"`
 	PriorityTag int32       `xml:"priorityTag,omitempty"`
 }
@@ -14165,9 +14165,9 @@ func init() {
 type DvsHostInfrastructureTrafficResourceAllocation struct {
 	DynamicData
 
-	Limit       int64       `xml:"limit,omitempty"`
+	Limit       *int64      `xml:"limit"`
 	Shares      *SharesInfo `xml:"shares,omitempty"`
-	Reservation int64       `xml:"reservation,omitempty"`
+	Reservation *int64      `xml:"reservation"`
 }
 
 func init() {
@@ -14846,7 +14846,7 @@ type DvsVnicAllocatedResource struct {
 
 	Vm          ManagedObjectReference `xml:"vm"`
 	VnicKey     string                 `xml:"vnicKey"`
-	Reservation int64                  `xml:"reservation,omitempty"`
+	Reservation *int64                 `xml:"reservation"`
 }
 
 func init() {
@@ -18341,9 +18341,9 @@ func init() {
 type GuestPosixFileAttributes struct {
 	GuestFileAttributes
 
-	OwnerId     int32 `xml:"ownerId,omitempty"`
-	GroupId     int32 `xml:"groupId,omitempty"`
-	Permissions int64 `xml:"permissions,omitempty"`
+	OwnerId     *int32 `xml:"ownerId"`
+	GroupId     *int32 `xml:"groupId"`
+	Permissions int64  `xml:"permissions,omitempty"`
 }
 
 func init() {
@@ -22589,7 +22589,7 @@ type HostPlacedVirtualNicIdentifier struct {
 
 	Vm          ManagedObjectReference `xml:"vm"`
 	VnicKey     string                 `xml:"vnicKey"`
-	Reservation int32                  `xml:"reservation,omitempty"`
+	Reservation *int32                 `xml:"reservation"`
 }
 
 func init() {
@@ -27456,7 +27456,7 @@ type LimitExceeded struct {
 	VimFault
 
 	Property string `xml:"property,omitempty"`
-	Limit    int32  `xml:"limit,omitempty"`
+	Limit    *int32 `xml:"limit"`
 }
 
 func init() {
@@ -27624,7 +27624,7 @@ func init() {
 
 type ListKeysRequestType struct {
 	This  ManagedObjectReference `xml:"_this"`
-	Limit int32                  `xml:"limit,omitempty"`
+	Limit *int32                 `xml:"limit"`
 }
 
 func init() {
@@ -27643,7 +27643,7 @@ func init() {
 
 type ListKmipServersRequestType struct {
 	This  ManagedObjectReference `xml:"_this"`
-	Limit int32                  `xml:"limit,omitempty"`
+	Limit *int32                 `xml:"limit"`
 }
 
 func init() {
@@ -28546,7 +28546,7 @@ func init() {
 type MethodActionArgument struct {
 	DynamicData
 
-	Value AnyType `xml:"value,omitempty,typeattr"`
+	Value AnyType `xml:"value,typeattr"`
 }
 
 func init() {
@@ -29452,7 +29452,7 @@ func init() {
 type NamespaceLimitReached struct {
 	VimFault
 
-	Limit int32 `xml:"limit,omitempty"`
+	Limit *int32 `xml:"limit"`
 }
 
 func init() {
@@ -31074,7 +31074,7 @@ type OptionValue struct {
 	DynamicData
 
 	Key   string  `xml:"key"`
-	Value AnyType `xml:"value,omitempty,typeattr"`
+	Value AnyType `xml:"value,typeattr"`
 }
 
 func init() {
@@ -34231,7 +34231,7 @@ type PropertyChange struct {
 
 	Name string           `xml:"name"`
 	Op   PropertyChangeOp `xml:"op"`
-	Val  AnyType          `xml:"val,omitempty,typeattr"`
+	Val  AnyType          `xml:"val,typeattr"`
 }
 
 func init() {
@@ -36332,7 +36332,7 @@ func init() {
 type QueryVsanObjectUuidsByFilterRequestType struct {
 	This    ManagedObjectReference `xml:"_this"`
 	Uuids   []string               `xml:"uuids,omitempty"`
-	Limit   int32                  `xml:"limit,omitempty"`
+	Limit   *int32                 `xml:"limit"`
 	Version int32                  `xml:"version,omitempty"`
 }
 
@@ -39065,11 +39065,11 @@ type ResolveMultipleUnresolvedVmfsVolumesResponse struct {
 type ResourceAllocationInfo struct {
 	DynamicData
 
-	Reservation           int64       `xml:"reservation,omitempty"`
+	Reservation           *int64      `xml:"reservation"`
 	ExpandableReservation *bool       `xml:"expandableReservation"`
-	Limit                 int64       `xml:"limit,omitempty"`
+	Limit                 *int64      `xml:"limit"`
 	Shares                *SharesInfo `xml:"shares,omitempty"`
-	OverheadLimit         int64       `xml:"overheadLimit,omitempty"`
+	OverheadLimit         *int64      `xml:"overheadLimit"`
 }
 
 func init() {
@@ -39100,11 +39100,11 @@ func init() {
 type ResourceConfigSpec struct {
 	DynamicData
 
-	Entity           *ManagedObjectReference    `xml:"entity,omitempty"`
-	ChangeVersion    string                     `xml:"changeVersion,omitempty"`
-	LastModified     *time.Time                 `xml:"lastModified"`
-	CpuAllocation    BaseResourceAllocationInfo `xml:"cpuAllocation,typeattr"`
-	MemoryAllocation BaseResourceAllocationInfo `xml:"memoryAllocation,typeattr"`
+	Entity           *ManagedObjectReference `xml:"entity,omitempty"`
+	ChangeVersion    string                  `xml:"changeVersion,omitempty"`
+	LastModified     *time.Time              `xml:"lastModified"`
+	CpuAllocation    ResourceAllocationInfo  `xml:"cpuAllocation"`
+	MemoryAllocation ResourceAllocationInfo  `xml:"memoryAllocation"`
 }
 
 func init() {
@@ -42322,9 +42322,9 @@ func init() {
 type StorageIOAllocationInfo struct {
 	DynamicData
 
-	Limit       int64       `xml:"limit,omitempty"`
+	Limit       *int64      `xml:"limit"`
 	Shares      *SharesInfo `xml:"shares,omitempty"`
-	Reservation int32       `xml:"reservation,omitempty"`
+	Reservation *int32      `xml:"reservation"`
 }
 
 func init() {
@@ -47957,9 +47957,9 @@ func init() {
 type VirtualEthernetCardResourceAllocation struct {
 	DynamicData
 
-	Reservation int64      `xml:"reservation,omitempty"`
+	Reservation *int64     `xml:"reservation"`
 	Share       SharesInfo `xml:"share"`
-	Limit       int64      `xml:"limit,omitempty"`
+	Limit       *int64     `xml:"limit"`
 }
 
 func init() {
@@ -48188,7 +48188,7 @@ func init() {
 type VirtualMachineAffinityInfo struct {
 	DynamicData
 
-	AffinitySet []int32 `xml:"affinitySet,omitempty"`
+	AffinitySet []int32 `xml:"affinitySet"`
 }
 
 func init() {
@@ -48356,8 +48356,8 @@ type VirtualMachineConfigInfo struct {
 	ConsolePreferences           *VirtualMachineConsolePreferences          `xml:"consolePreferences,omitempty"`
 	DefaultPowerOps              VirtualMachineDefaultPowerOpInfo           `xml:"defaultPowerOps"`
 	Hardware                     VirtualHardware                            `xml:"hardware"`
-	CpuAllocation                BaseResourceAllocationInfo                 `xml:"cpuAllocation,omitempty,typeattr"`
-	MemoryAllocation             BaseResourceAllocationInfo                 `xml:"memoryAllocation,omitempty,typeattr"`
+	CpuAllocation                *ResourceAllocationInfo                    `xml:"cpuAllocation,omitempty"`
+	MemoryAllocation             *ResourceAllocationInfo                    `xml:"memoryAllocation,omitempty"`
 	LatencySensitivity           *LatencySensitivity                        `xml:"latencySensitivity,omitempty"`
 	MemoryHotAddEnabled          *bool                                      `xml:"memoryHotAddEnabled"`
 	CpuHotAddEnabled             *bool                                      `xml:"cpuHotAddEnabled"`
@@ -48493,8 +48493,8 @@ type VirtualMachineConfigSpec struct {
 	VirtualICH7MPresent          *bool                             `xml:"virtualICH7MPresent"`
 	VirtualSMCPresent            *bool                             `xml:"virtualSMCPresent"`
 	DeviceChange                 []BaseVirtualDeviceConfigSpec     `xml:"deviceChange,omitempty,typeattr"`
-	CpuAllocation                BaseResourceAllocationInfo        `xml:"cpuAllocation,omitempty,typeattr"`
-	MemoryAllocation             BaseResourceAllocationInfo        `xml:"memoryAllocation,omitempty,typeattr"`
+	CpuAllocation                *ResourceAllocationInfo           `xml:"cpuAllocation,omitempty"`
+	MemoryAllocation             *ResourceAllocationInfo           `xml:"memoryAllocation,omitempty"`
 	LatencySensitivity           *LatencySensitivity               `xml:"latencySensitivity,omitempty"`
 	CpuAffinity                  *VirtualMachineAffinityInfo       `xml:"cpuAffinity,omitempty"`
 	MemoryAffinity               *VirtualMachineAffinityInfo       `xml:"memoryAffinity,omitempty"`
@@ -53154,8 +53154,8 @@ type WaitForUpdatesResponse struct {
 type WaitOptions struct {
 	DynamicData
 
-	MaxWaitSeconds   int32 `xml:"maxWaitSeconds,omitempty"`
-	MaxObjectUpdates int32 `xml:"maxObjectUpdates,omitempty"`
+	MaxWaitSeconds   *int32 `xml:"maxWaitSeconds"`
+	MaxObjectUpdates int32  `xml:"maxObjectUpdates,omitempty"`
 }
 
 func init() {
diff --git a/vendor/golang.org/x/sys/windows/svc/event.go b/vendor/golang.org/x/sys/windows/svc/event.go
new file mode 100644
index 000000000000..0508e2288184
--- /dev/null
+++ b/vendor/golang.org/x/sys/windows/svc/event.go
@@ -0,0 +1,48 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build windows
+
+package svc
+
+import (
+	"errors"
+
+	"golang.org/x/sys/windows"
+)
+
+// event represents auto-reset, initially non-signaled Windows event.
+// It is used to communicate between go and asm parts of this package.
+type event struct {
+	h windows.Handle
+}
+
+func newEvent() (*event, error) {
+	h, err := windows.CreateEvent(nil, 0, 0, nil)
+	if err != nil {
+		return nil, err
+	}
+	return &event{h: h}, nil
+}
+
+func (e *event) Close() error {
+	return windows.CloseHandle(e.h)
+}
+
+func (e *event) Set() error {
+	return windows.SetEvent(e.h)
+}
+
+func (e *event) Wait() error {
+	s, err := windows.WaitForSingleObject(e.h, windows.INFINITE)
+	switch s {
+	case windows.WAIT_OBJECT_0:
+		break
+	case windows.WAIT_FAILED:
+		return err
+	default:
+		return errors.New("unexpected result from WaitForSingleObject")
+	}
+	return nil
+}
diff --git a/vendor/golang.org/x/sys/windows/svc/go12.c b/vendor/golang.org/x/sys/windows/svc/go12.c
new file mode 100644
index 000000000000..6f1be1fa3bcb
--- /dev/null
+++ b/vendor/golang.org/x/sys/windows/svc/go12.c
@@ -0,0 +1,24 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build windows
+// +build !go1.3
+
+// copied from pkg/runtime
+typedef	unsigned int	uint32;
+typedef	unsigned long long int	uint64;
+#ifdef _64BIT
+typedef	uint64		uintptr;
+#else
+typedef	uint32		uintptr;
+#endif
+
+// from sys_386.s or sys_amd64.s
+void ·servicemain(void);
+
+void
+·getServiceMain(uintptr *r)
+{
+	*r = (uintptr)·servicemain;
+}
diff --git a/vendor/golang.org/x/sys/windows/svc/go12.go b/vendor/golang.org/x/sys/windows/svc/go12.go
new file mode 100644
index 000000000000..cd8b913c99d4
--- /dev/null
+++ b/vendor/golang.org/x/sys/windows/svc/go12.go
@@ -0,0 +1,11 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build windows
+// +build !go1.3
+
+package svc
+
+// from go12.c
+func getServiceMain(r *uintptr)
diff --git a/vendor/golang.org/x/sys/windows/svc/go13.go b/vendor/golang.org/x/sys/windows/svc/go13.go
new file mode 100644
index 000000000000..9d7f3cec54cd
--- /dev/null
+++ b/vendor/golang.org/x/sys/windows/svc/go13.go
@@ -0,0 +1,31 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build windows
+// +build go1.3
+
+package svc
+
+import "unsafe"
+
+const ptrSize = 4 << (^uintptr(0) >> 63) // unsafe.Sizeof(uintptr(0)) but an ideal const
+
+// Should be a built-in for unsafe.Pointer?
+func add(p unsafe.Pointer, x uintptr) unsafe.Pointer {
+	return unsafe.Pointer(uintptr(p) + x)
+}
+
+// funcPC returns the entry PC of the function f.
+// It assumes that f is a func value. Otherwise the behavior is undefined.
+func funcPC(f interface{}) uintptr {
+	return **(**uintptr)(add(unsafe.Pointer(&f), ptrSize))
+}
+
+// from sys_386.s and sys_amd64.s
+func servicectlhandler(ctl uint32) uintptr
+func servicemain(argc uint32, argv **uint16)
+
+func getServiceMain(r *uintptr) {
+	*r = funcPC(servicemain)
+}
diff --git a/vendor/golang.org/x/sys/windows/svc/security.go b/vendor/golang.org/x/sys/windows/svc/security.go
new file mode 100644
index 000000000000..6fbc9236ed53
--- /dev/null
+++ b/vendor/golang.org/x/sys/windows/svc/security.go
@@ -0,0 +1,62 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build windows
+
+package svc
+
+import (
+	"unsafe"
+
+	"golang.org/x/sys/windows"
+)
+
+func allocSid(subAuth0 uint32) (*windows.SID, error) {
+	var sid *windows.SID
+	err := windows.AllocateAndInitializeSid(&windows.SECURITY_NT_AUTHORITY,
+		1, subAuth0, 0, 0, 0, 0, 0, 0, 0, &sid)
+	if err != nil {
+		return nil, err
+	}
+	return sid, nil
+}
+
+// IsAnInteractiveSession determines if calling process is running interactively.
+// It queries the process token for membership in the Interactive group.
+// http://stackoverflow.com/questions/2668851/how-do-i-detect-that-my-application-is-running-as-service-or-in-an-interactive-s
+func IsAnInteractiveSession() (bool, error) {
+	interSid, err := allocSid(windows.SECURITY_INTERACTIVE_RID)
+	if err != nil {
+		return false, err
+	}
+	defer windows.FreeSid(interSid)
+
+	serviceSid, err := allocSid(windows.SECURITY_SERVICE_RID)
+	if err != nil {
+		return false, err
+	}
+	defer windows.FreeSid(serviceSid)
+
+	t, err := windows.OpenCurrentProcessToken()
+	if err != nil {
+		return false, err
+	}
+	defer t.Close()
+
+	gs, err := t.GetTokenGroups()
+	if err != nil {
+		return false, err
+	}
+	p := unsafe.Pointer(&gs.Groups[0])
+	groups := (*[2 << 20]windows.SIDAndAttributes)(p)[:gs.GroupCount]
+	for _, g := range groups {
+		if windows.EqualSid(g.Sid, interSid) {
+			return true, nil
+		}
+		if windows.EqualSid(g.Sid, serviceSid) {
+			return false, nil
+		}
+	}
+	return false, nil
+}
diff --git a/vendor/golang.org/x/sys/windows/svc/service.go b/vendor/golang.org/x/sys/windows/svc/service.go
new file mode 100644
index 000000000000..903cba3f1213
--- /dev/null
+++ b/vendor/golang.org/x/sys/windows/svc/service.go
@@ -0,0 +1,363 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build windows
+
+// Package svc provides everything required to build Windows service.
+//
+package svc
+
+import (
+	"errors"
+	"runtime"
+	"syscall"
+	"unsafe"
+
+	"golang.org/x/sys/windows"
+)
+
+// State describes service execution state (Stopped, Running and so on).
+type State uint32
+
+const (
+	Stopped         = State(windows.SERVICE_STOPPED)
+	StartPending    = State(windows.SERVICE_START_PENDING)
+	StopPending     = State(windows.SERVICE_STOP_PENDING)
+	Running         = State(windows.SERVICE_RUNNING)
+	ContinuePending = State(windows.SERVICE_CONTINUE_PENDING)
+	PausePending    = State(windows.SERVICE_PAUSE_PENDING)
+	Paused          = State(windows.SERVICE_PAUSED)
+)
+
+// Cmd represents service state change request. It is sent to a service
+// by the service manager, and should be actioned upon by the service.
+type Cmd uint32
+
+const (
+	Stop                  = Cmd(windows.SERVICE_CONTROL_STOP)
+	Pause                 = Cmd(windows.SERVICE_CONTROL_PAUSE)
+	Continue              = Cmd(windows.SERVICE_CONTROL_CONTINUE)
+	Interrogate           = Cmd(windows.SERVICE_CONTROL_INTERROGATE)
+	Shutdown              = Cmd(windows.SERVICE_CONTROL_SHUTDOWN)
+	ParamChange           = Cmd(windows.SERVICE_CONTROL_PARAMCHANGE)
+	NetBindAdd            = Cmd(windows.SERVICE_CONTROL_NETBINDADD)
+	NetBindRemove         = Cmd(windows.SERVICE_CONTROL_NETBINDREMOVE)
+	NetBindEnable         = Cmd(windows.SERVICE_CONTROL_NETBINDENABLE)
+	NetBindDisable        = Cmd(windows.SERVICE_CONTROL_NETBINDDISABLE)
+	DeviceEvent           = Cmd(windows.SERVICE_CONTROL_DEVICEEVENT)
+	HardwareProfileChange = Cmd(windows.SERVICE_CONTROL_HARDWAREPROFILECHANGE)
+	PowerEvent            = Cmd(windows.SERVICE_CONTROL_POWEREVENT)
+	SessionChange         = Cmd(windows.SERVICE_CONTROL_SESSIONCHANGE)
+)
+
+// Accepted is used to describe commands accepted by the service.
+// Note that Interrogate is always accepted.
+type Accepted uint32
+
+const (
+	AcceptStop                  = Accepted(windows.SERVICE_ACCEPT_STOP)
+	AcceptShutdown              = Accepted(windows.SERVICE_ACCEPT_SHUTDOWN)
+	AcceptPauseAndContinue      = Accepted(windows.SERVICE_ACCEPT_PAUSE_CONTINUE)
+	AcceptParamChange           = Accepted(windows.SERVICE_ACCEPT_PARAMCHANGE)
+	AcceptNetBindChange         = Accepted(windows.SERVICE_ACCEPT_NETBINDCHANGE)
+	AcceptHardwareProfileChange = Accepted(windows.SERVICE_ACCEPT_HARDWAREPROFILECHANGE)
+	AcceptPowerEvent            = Accepted(windows.SERVICE_ACCEPT_POWEREVENT)
+	AcceptSessionChange         = Accepted(windows.SERVICE_ACCEPT_SESSIONCHANGE)
+)
+
+// Status combines State and Accepted commands to fully describe running service.
+type Status struct {
+	State      State
+	Accepts    Accepted
+	CheckPoint uint32 // used to report progress during a lengthy operation
+	WaitHint   uint32 // estimated time required for a pending operation, in milliseconds
+}
+
+// ChangeRequest is sent to the service Handler to request service status change.
+type ChangeRequest struct {
+	Cmd           Cmd
+	EventType     uint32
+	EventData     uintptr
+	CurrentStatus Status
+}
+
+// Handler is the interface that must be implemented to build Windows service.
+type Handler interface {
+
+	// Execute will be called by the package code at the start of
+	// the service, and the service will exit once Execute completes.
+	// Inside Execute you must read service change requests from r and
+	// act accordingly. You must keep service control manager up to date
+	// about state of your service by writing into s as required.
+	// args contains service name followed by argument strings passed
+	// to the service.
+	// You can provide service exit code in exitCode return parameter,
+	// with 0 being "no error". You can also indicate if exit code,
+	// if any, is service specific or not by using svcSpecificEC
+	// parameter.
+	Execute(args []string, r <-chan ChangeRequest, s chan<- Status) (svcSpecificEC bool, exitCode uint32)
+}
+
+var (
+	// These are used by asm code.
+	goWaitsH                       uintptr
+	cWaitsH                        uintptr
+	ssHandle                       uintptr
+	sName                          *uint16
+	sArgc                          uintptr
+	sArgv                          **uint16
+	ctlHandlerExProc               uintptr
+	cSetEvent                      uintptr
+	cWaitForSingleObject           uintptr
+	cRegisterServiceCtrlHandlerExW uintptr
+)
+
+func init() {
+	k := syscall.MustLoadDLL("kernel32.dll")
+	cSetEvent = k.MustFindProc("SetEvent").Addr()
+	cWaitForSingleObject = k.MustFindProc("WaitForSingleObject").Addr()
+	a := syscall.MustLoadDLL("advapi32.dll")
+	cRegisterServiceCtrlHandlerExW = a.MustFindProc("RegisterServiceCtrlHandlerExW").Addr()
+}
+
+// The HandlerEx prototype also has a context pointer but since we don't use
+// it at start-up time we don't have to pass it over either.
+type ctlEvent struct {
+	cmd       Cmd
+	eventType uint32
+	eventData uintptr
+	errno     uint32
+}
+
+// service provides access to windows service api.
+type service struct {
+	name    string
+	h       windows.Handle
+	cWaits  *event
+	goWaits *event
+	c       chan ctlEvent
+	handler Handler
+}
+
+func newService(name string, handler Handler) (*service, error) {
+	var s service
+	var err error
+	s.name = name
+	s.c = make(chan ctlEvent)
+	s.handler = handler
+	s.cWaits, err = newEvent()
+	if err != nil {
+		return nil, err
+	}
+	s.goWaits, err = newEvent()
+	if err != nil {
+		s.cWaits.Close()
+		return nil, err
+	}
+	return &s, nil
+}
+
+func (s *service) close() error {
+	s.cWaits.Close()
+	s.goWaits.Close()
+	return nil
+}
+
+type exitCode struct {
+	isSvcSpecific bool
+	errno         uint32
+}
+
+func (s *service) updateStatus(status *Status, ec *exitCode) error {
+	if s.h == 0 {
+		return errors.New("updateStatus with no service status handle")
+	}
+	var t windows.SERVICE_STATUS
+	t.ServiceType = windows.SERVICE_WIN32_OWN_PROCESS
+	t.CurrentState = uint32(status.State)
+	if status.Accepts&AcceptStop != 0 {
+		t.ControlsAccepted |= windows.SERVICE_ACCEPT_STOP
+	}
+	if status.Accepts&AcceptShutdown != 0 {
+		t.ControlsAccepted |= windows.SERVICE_ACCEPT_SHUTDOWN
+	}
+	if status.Accepts&AcceptPauseAndContinue != 0 {
+		t.ControlsAccepted |= windows.SERVICE_ACCEPT_PAUSE_CONTINUE
+	}
+	if status.Accepts&AcceptParamChange != 0 {
+		t.ControlsAccepted |= windows.SERVICE_ACCEPT_PARAMCHANGE
+	}
+	if status.Accepts&AcceptNetBindChange != 0 {
+		t.ControlsAccepted |= windows.SERVICE_ACCEPT_NETBINDCHANGE
+	}
+	if status.Accepts&AcceptHardwareProfileChange != 0 {
+		t.ControlsAccepted |= windows.SERVICE_ACCEPT_HARDWAREPROFILECHANGE
+	}
+	if status.Accepts&AcceptPowerEvent != 0 {
+		t.ControlsAccepted |= windows.SERVICE_ACCEPT_POWEREVENT
+	}
+	if status.Accepts&AcceptSessionChange != 0 {
+		t.ControlsAccepted |= windows.SERVICE_ACCEPT_SESSIONCHANGE
+	}
+	if ec.errno == 0 {
+		t.Win32ExitCode = windows.NO_ERROR
+		t.ServiceSpecificExitCode = windows.NO_ERROR
+	} else if ec.isSvcSpecific {
+		t.Win32ExitCode = uint32(windows.ERROR_SERVICE_SPECIFIC_ERROR)
+		t.ServiceSpecificExitCode = ec.errno
+	} else {
+		t.Win32ExitCode = ec.errno
+		t.ServiceSpecificExitCode = windows.NO_ERROR
+	}
+	t.CheckPoint = status.CheckPoint
+	t.WaitHint = status.WaitHint
+	return windows.SetServiceStatus(s.h, &t)
+}
+
+const (
+	sysErrSetServiceStatusFailed = uint32(syscall.APPLICATION_ERROR) + iota
+	sysErrNewThreadInCallback
+)
+
+func (s *service) run() {
+	s.goWaits.Wait()
+	s.h = windows.Handle(ssHandle)
+	argv := (*[100]*int16)(unsafe.Pointer(sArgv))[:sArgc]
+	args := make([]string, len(argv))
+	for i, a := range argv {
+		args[i] = syscall.UTF16ToString((*[1 << 20]uint16)(unsafe.Pointer(a))[:])
+	}
+
+	cmdsToHandler := make(chan ChangeRequest)
+	changesFromHandler := make(chan Status)
+	exitFromHandler := make(chan exitCode)
+
+	go func() {
+		ss, errno := s.handler.Execute(args, cmdsToHandler, changesFromHandler)
+		exitFromHandler <- exitCode{ss, errno}
+	}()
+
+	status := Status{State: Stopped}
+	ec := exitCode{isSvcSpecific: true, errno: 0}
+	var outch chan ChangeRequest
+	inch := s.c
+	var cmd Cmd
+	var evtype uint32
+	var evdata uintptr
+loop:
+	for {
+		select {
+		case r := <-inch:
+			if r.errno != 0 {
+				ec.errno = r.errno
+				break loop
+			}
+			inch = nil
+			outch = cmdsToHandler
+			cmd = r.cmd
+			evtype = r.eventType
+			evdata = r.eventData
+		case outch <- ChangeRequest{cmd, evtype, evdata, status}:
+			inch = s.c
+			outch = nil
+		case c := <-changesFromHandler:
+			err := s.updateStatus(&c, &ec)
+			if err != nil {
+				// best suitable error number
+				ec.errno = sysErrSetServiceStatusFailed
+				if err2, ok := err.(syscall.Errno); ok {
+					ec.errno = uint32(err2)
+				}
+				break loop
+			}
+			status = c
+		case ec = <-exitFromHandler:
+			break loop
+		}
+	}
+
+	s.updateStatus(&Status{State: Stopped}, &ec)
+	s.cWaits.Set()
+}
+
+func newCallback(fn interface{}) (cb uintptr, err error) {
+	defer func() {
+		r := recover()
+		if r == nil {
+			return
+		}
+		cb = 0
+		switch v := r.(type) {
+		case string:
+			err = errors.New(v)
+		case error:
+			err = v
+		default:
+			err = errors.New("unexpected panic in syscall.NewCallback")
+		}
+	}()
+	return syscall.NewCallback(fn), nil
+}
+
+// BUG(brainman): There is no mechanism to run multiple services
+// inside one single executable. Perhaps, it can be overcome by
+// using RegisterServiceCtrlHandlerEx Windows api.
+
+// Run executes service name by calling appropriate handler function.
+func Run(name string, handler Handler) error {
+	runtime.LockOSThread()
+
+	tid := windows.GetCurrentThreadId()
+
+	s, err := newService(name, handler)
+	if err != nil {
+		return err
+	}
+
+	ctlHandler := func(ctl uint32, evtype uint32, evdata uintptr, context uintptr) uintptr {
+		e := ctlEvent{cmd: Cmd(ctl), eventType: evtype, eventData: evdata}
+		// We assume that this callback function is running on
+		// the same thread as Run. Nowhere in MS documentation
+		// I could find statement to guarantee that. So putting
+		// check here to verify, otherwise things will go bad
+		// quickly, if ignored.
+		i := windows.GetCurrentThreadId()
+		if i != tid {
+			e.errno = sysErrNewThreadInCallback
+		}
+		s.c <- e
+		// Always return NO_ERROR (0) for now.
+		return 0
+	}
+
+	var svcmain uintptr
+	getServiceMain(&svcmain)
+	t := []windows.SERVICE_TABLE_ENTRY{
+		{syscall.StringToUTF16Ptr(s.name), svcmain},
+		{nil, 0},
+	}
+
+	goWaitsH = uintptr(s.goWaits.h)
+	cWaitsH = uintptr(s.cWaits.h)
+	sName = t[0].ServiceName
+	ctlHandlerExProc, err = newCallback(ctlHandler)
+	if err != nil {
+		return err
+	}
+
+	go s.run()
+
+	err = windows.StartServiceCtrlDispatcher(&t[0])
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+// StatusHandle returns service status handle. It is safe to call this function
+// from inside the Handler.Execute because then it is guaranteed to be set.
+// This code will have to change once multiple services are possible per process.
+func StatusHandle() windows.Handle {
+	return windows.Handle(ssHandle)
+}
diff --git a/vendor/golang.org/x/sys/windows/svc/sys_386.s b/vendor/golang.org/x/sys/windows/svc/sys_386.s
new file mode 100644
index 000000000000..2c82a9d91d7f
--- /dev/null
+++ b/vendor/golang.org/x/sys/windows/svc/sys_386.s
@@ -0,0 +1,68 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build windows
+
+// func servicemain(argc uint32, argv **uint16)
+TEXT ·servicemain(SB),7,$0
+	MOVL	argc+0(FP), AX
+	MOVL	AX, ·sArgc(SB)
+	MOVL	argv+4(FP), AX
+	MOVL	AX, ·sArgv(SB)
+
+	PUSHL	BP
+	PUSHL	BX
+	PUSHL	SI
+	PUSHL	DI
+
+	SUBL	$12, SP
+
+	MOVL	·sName(SB), AX
+	MOVL	AX, (SP)
+	MOVL	$·servicectlhandler(SB), AX
+	MOVL	AX, 4(SP)
+	MOVL	$0, 8(SP)
+	MOVL	·cRegisterServiceCtrlHandlerExW(SB), AX
+	MOVL	SP, BP
+	CALL	AX
+	MOVL	BP, SP
+	CMPL	AX, $0
+	JE	exit
+	MOVL	AX, ·ssHandle(SB)
+
+	MOVL	·goWaitsH(SB), AX
+	MOVL	AX, (SP)
+	MOVL	·cSetEvent(SB), AX
+	MOVL	SP, BP
+	CALL	AX
+	MOVL	BP, SP
+
+	MOVL	·cWaitsH(SB), AX
+	MOVL	AX, (SP)
+	MOVL	$-1, AX
+	MOVL	AX, 4(SP)
+	MOVL	·cWaitForSingleObject(SB), AX
+	MOVL	SP, BP
+	CALL	AX
+	MOVL	BP, SP
+
+exit:
+	ADDL	$12, SP
+
+	POPL	DI
+	POPL	SI
+	POPL	BX
+	POPL	BP
+
+	MOVL	0(SP), CX
+	ADDL	$12, SP
+	JMP	CX
+
+// I do not know why, but this seems to be the only way to call
+// ctlHandlerProc on Windows 7.
+
+// func servicectlhandler(ctl uint32, evtype uint32, evdata uintptr, context uintptr) uintptr {
+TEXT ·servicectlhandler(SB),7,$0
+	MOVL	·ctlHandlerExProc(SB), CX
+	JMP	CX
diff --git a/vendor/golang.org/x/sys/windows/svc/sys_amd64.s b/vendor/golang.org/x/sys/windows/svc/sys_amd64.s
new file mode 100644
index 000000000000..06b425900df4
--- /dev/null
+++ b/vendor/golang.org/x/sys/windows/svc/sys_amd64.s
@@ -0,0 +1,42 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build windows
+
+// func servicemain(argc uint32, argv **uint16)
+TEXT ·servicemain(SB),7,$0
+	MOVL	CX, ·sArgc(SB)
+	MOVL	DX, ·sArgv(SB)
+
+	SUBQ	$32, SP		// stack for the first 4 syscall params
+
+	MOVQ	·sName(SB), CX
+	MOVQ	$·servicectlhandler(SB), DX
+	// BUG(pastarmovj): Figure out a way to pass in context in R8.
+	MOVQ	·cRegisterServiceCtrlHandlerExW(SB), AX
+	CALL	AX
+	CMPQ	AX, $0
+	JE	exit
+	MOVQ	AX, ·ssHandle(SB)
+
+	MOVQ	·goWaitsH(SB), CX
+	MOVQ	·cSetEvent(SB), AX
+	CALL	AX
+
+	MOVQ	·cWaitsH(SB), CX
+	MOVQ	$4294967295, DX
+	MOVQ	·cWaitForSingleObject(SB), AX
+	CALL	AX
+
+exit:
+	ADDQ	$32, SP
+	RET
+
+// I do not know why, but this seems to be the only way to call
+// ctlHandlerProc on Windows 7.
+
+// func ·servicectlhandler(ctl uint32, evtype uint32, evdata uintptr, context uintptr) uintptr {
+TEXT ·servicectlhandler(SB),7,$0
+	MOVQ	·ctlHandlerExProc(SB), AX
+	JMP	AX
diff --git a/vendor/golang.org/x/time/AUTHORS b/vendor/golang.org/x/time/AUTHORS
new file mode 100644
index 000000000000..15167cd746c5
--- /dev/null
+++ b/vendor/golang.org/x/time/AUTHORS
@@ -0,0 +1,3 @@
+# This source code refers to The Go Authors for copyright purposes.
+# The master list of authors is in the main Go distribution,
+# visible at http://tip.golang.org/AUTHORS.
diff --git a/vendor/golang.org/x/time/CONTRIBUTORS b/vendor/golang.org/x/time/CONTRIBUTORS
new file mode 100644
index 000000000000..1c4577e96806
--- /dev/null
+++ b/vendor/golang.org/x/time/CONTRIBUTORS
@@ -0,0 +1,3 @@
+# This source code was written by the Go contributors.
+# The master list of contributors is in the main Go distribution,
+# visible at http://tip.golang.org/CONTRIBUTORS.
diff --git a/vendor/github.com/docker/docker/pkg/symlink/LICENSE.BSD b/vendor/golang.org/x/time/LICENSE
similarity index 95%
rename from vendor/github.com/docker/docker/pkg/symlink/LICENSE.BSD
rename to vendor/golang.org/x/time/LICENSE
index 4c056c5ed277..6a66aea5eafe 100644
--- a/vendor/github.com/docker/docker/pkg/symlink/LICENSE.BSD
+++ b/vendor/golang.org/x/time/LICENSE
@@ -1,4 +1,4 @@
-Copyright (c) 2014-2017 The Docker & Go Authors. All rights reserved.
+Copyright (c) 2009 The Go Authors. All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
diff --git a/vendor/google.golang.org/grpc/PATENTS b/vendor/golang.org/x/time/PATENTS
similarity index 75%
rename from vendor/google.golang.org/grpc/PATENTS
rename to vendor/golang.org/x/time/PATENTS
index 69b47959faba..733099041f84 100644
--- a/vendor/google.golang.org/grpc/PATENTS
+++ b/vendor/golang.org/x/time/PATENTS
@@ -1,22 +1,22 @@
 Additional IP Rights Grant (Patents)
 
 "This implementation" means the copyrightable works distributed by
-Google as part of the gRPC project.
+Google as part of the Go project.
 
 Google hereby grants to You a perpetual, worldwide, non-exclusive,
 no-charge, royalty-free, irrevocable (except as stated in this section)
 patent license to make, have made, use, offer to sell, sell, import,
 transfer and otherwise run, modify and propagate the contents of this
-implementation of gRPC, where such license applies only to those patent
+implementation of Go, where such license applies only to those patent
 claims, both currently owned or controlled by Google and acquired in
 the future, licensable by Google that are necessarily infringed by this
-implementation of gRPC.  This grant does not include claims that would be
+implementation of Go.  This grant does not include claims that would be
 infringed only as a consequence of further modification of this
 implementation.  If you or your agent or exclusive licensee institute or
 order or agree to the institution of patent litigation against any
 entity (including a cross-claim or counterclaim in a lawsuit) alleging
-that this implementation of gRPC or any code incorporated within this
-implementation of gRPC constitutes direct or contributory patent
+that this implementation of Go or any code incorporated within this
+implementation of Go constitutes direct or contributory patent
 infringement, or inducement of patent infringement, then any patent
-rights granted to you under this License for this implementation of gRPC
+rights granted to you under this License for this implementation of Go
 shall terminate as of the date such litigation is filed.
diff --git a/vendor/golang.org/x/time/rate/rate.go b/vendor/golang.org/x/time/rate/rate.go
new file mode 100644
index 000000000000..938feaffe9b2
--- /dev/null
+++ b/vendor/golang.org/x/time/rate/rate.go
@@ -0,0 +1,371 @@
+// Copyright 2015 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package rate provides a rate limiter.
+package rate
+
+import (
+	"fmt"
+	"math"
+	"sync"
+	"time"
+
+	"golang.org/x/net/context"
+)
+
+// Limit defines the maximum frequency of some events.
+// Limit is represented as number of events per second.
+// A zero Limit allows no events.
+type Limit float64
+
+// Inf is the infinite rate limit; it allows all events (even if burst is zero).
+const Inf = Limit(math.MaxFloat64)
+
+// Every converts a minimum time interval between events to a Limit.
+func Every(interval time.Duration) Limit {
+	if interval <= 0 {
+		return Inf
+	}
+	return 1 / Limit(interval.Seconds())
+}
+
+// A Limiter controls how frequently events are allowed to happen.
+// It implements a "token bucket" of size b, initially full and refilled
+// at rate r tokens per second.
+// Informally, in any large enough time interval, the Limiter limits the
+// rate to r tokens per second, with a maximum burst size of b events.
+// As a special case, if r == Inf (the infinite rate), b is ignored.
+// See https://en.wikipedia.org/wiki/Token_bucket for more about token buckets.
+//
+// The zero value is a valid Limiter, but it will reject all events.
+// Use NewLimiter to create non-zero Limiters.
+//
+// Limiter has three main methods, Allow, Reserve, and Wait.
+// Most callers should use Wait.
+//
+// Each of the three methods consumes a single token.
+// They differ in their behavior when no token is available.
+// If no token is available, Allow returns false.
+// If no token is available, Reserve returns a reservation for a future token
+// and the amount of time the caller must wait before using it.
+// If no token is available, Wait blocks until one can be obtained
+// or its associated context.Context is canceled.
+//
+// The methods AllowN, ReserveN, and WaitN consume n tokens.
+type Limiter struct {
+	limit Limit
+	burst int
+
+	mu     sync.Mutex
+	tokens float64
+	// last is the last time the limiter's tokens field was updated
+	last time.Time
+	// lastEvent is the latest time of a rate-limited event (past or future)
+	lastEvent time.Time
+}
+
+// Limit returns the maximum overall event rate.
+func (lim *Limiter) Limit() Limit {
+	lim.mu.Lock()
+	defer lim.mu.Unlock()
+	return lim.limit
+}
+
+// Burst returns the maximum burst size. Burst is the maximum number of tokens
+// that can be consumed in a single call to Allow, Reserve, or Wait, so higher
+// Burst values allow more events to happen at once.
+// A zero Burst allows no events, unless limit == Inf.
+func (lim *Limiter) Burst() int {
+	return lim.burst
+}
+
+// NewLimiter returns a new Limiter that allows events up to rate r and permits
+// bursts of at most b tokens.
+func NewLimiter(r Limit, b int) *Limiter {
+	return &Limiter{
+		limit: r,
+		burst: b,
+	}
+}
+
+// Allow is shorthand for AllowN(time.Now(), 1).
+func (lim *Limiter) Allow() bool {
+	return lim.AllowN(time.Now(), 1)
+}
+
+// AllowN reports whether n events may happen at time now.
+// Use this method if you intend to drop / skip events that exceed the rate limit.
+// Otherwise use Reserve or Wait.
+func (lim *Limiter) AllowN(now time.Time, n int) bool {
+	return lim.reserveN(now, n, 0).ok
+}
+
+// A Reservation holds information about events that are permitted by a Limiter to happen after a delay.
+// A Reservation may be canceled, which may enable the Limiter to permit additional events.
+type Reservation struct {
+	ok        bool
+	lim       *Limiter
+	tokens    int
+	timeToAct time.Time
+	// This is the Limit at reservation time, it can change later.
+	limit Limit
+}
+
+// OK returns whether the limiter can provide the requested number of tokens
+// within the maximum wait time.  If OK is false, Delay returns InfDuration, and
+// Cancel does nothing.
+func (r *Reservation) OK() bool {
+	return r.ok
+}
+
+// Delay is shorthand for DelayFrom(time.Now()).
+func (r *Reservation) Delay() time.Duration {
+	return r.DelayFrom(time.Now())
+}
+
+// InfDuration is the duration returned by Delay when a Reservation is not OK.
+const InfDuration = time.Duration(1<<63 - 1)
+
+// DelayFrom returns the duration for which the reservation holder must wait
+// before taking the reserved action.  Zero duration means act immediately.
+// InfDuration means the limiter cannot grant the tokens requested in this
+// Reservation within the maximum wait time.
+func (r *Reservation) DelayFrom(now time.Time) time.Duration {
+	if !r.ok {
+		return InfDuration
+	}
+	delay := r.timeToAct.Sub(now)
+	if delay < 0 {
+		return 0
+	}
+	return delay
+}
+
+// Cancel is shorthand for CancelAt(time.Now()).
+func (r *Reservation) Cancel() {
+	r.CancelAt(time.Now())
+	return
+}
+
+// CancelAt indicates that the reservation holder will not perform the reserved action
+// and reverses the effects of this Reservation on the rate limit as much as possible,
+// considering that other reservations may have already been made.
+func (r *Reservation) CancelAt(now time.Time) {
+	if !r.ok {
+		return
+	}
+
+	r.lim.mu.Lock()
+	defer r.lim.mu.Unlock()
+
+	if r.lim.limit == Inf || r.tokens == 0 || r.timeToAct.Before(now) {
+		return
+	}
+
+	// calculate tokens to restore
+	// The duration between lim.lastEvent and r.timeToAct tells us how many tokens were reserved
+	// after r was obtained. These tokens should not be restored.
+	restoreTokens := float64(r.tokens) - r.limit.tokensFromDuration(r.lim.lastEvent.Sub(r.timeToAct))
+	if restoreTokens <= 0 {
+		return
+	}
+	// advance time to now
+	now, _, tokens := r.lim.advance(now)
+	// calculate new number of tokens
+	tokens += restoreTokens
+	if burst := float64(r.lim.burst); tokens > burst {
+		tokens = burst
+	}
+	// update state
+	r.lim.last = now
+	r.lim.tokens = tokens
+	if r.timeToAct == r.lim.lastEvent {
+		prevEvent := r.timeToAct.Add(r.limit.durationFromTokens(float64(-r.tokens)))
+		if !prevEvent.Before(now) {
+			r.lim.lastEvent = prevEvent
+		}
+	}
+
+	return
+}
+
+// Reserve is shorthand for ReserveN(time.Now(), 1).
+func (lim *Limiter) Reserve() *Reservation {
+	return lim.ReserveN(time.Now(), 1)
+}
+
+// ReserveN returns a Reservation that indicates how long the caller must wait before n events happen.
+// The Limiter takes this Reservation into account when allowing future events.
+// ReserveN returns false if n exceeds the Limiter's burst size.
+// Usage example:
+//   r := lim.ReserveN(time.Now(), 1)
+//   if !r.OK() {
+//     // Not allowed to act! Did you remember to set lim.burst to be > 0 ?
+//     return
+//   }
+//   time.Sleep(r.Delay())
+//   Act()
+// Use this method if you wish to wait and slow down in accordance with the rate limit without dropping events.
+// If you need to respect a deadline or cancel the delay, use Wait instead.
+// To drop or skip events exceeding rate limit, use Allow instead.
+func (lim *Limiter) ReserveN(now time.Time, n int) *Reservation {
+	r := lim.reserveN(now, n, InfDuration)
+	return &r
+}
+
+// Wait is shorthand for WaitN(ctx, 1).
+func (lim *Limiter) Wait(ctx context.Context) (err error) {
+	return lim.WaitN(ctx, 1)
+}
+
+// WaitN blocks until lim permits n events to happen.
+// It returns an error if n exceeds the Limiter's burst size, the Context is
+// canceled, or the expected wait time exceeds the Context's Deadline.
+// The burst limit is ignored if the rate limit is Inf.
+func (lim *Limiter) WaitN(ctx context.Context, n int) (err error) {
+	if n > lim.burst && lim.limit != Inf {
+		return fmt.Errorf("rate: Wait(n=%d) exceeds limiter's burst %d", n, lim.burst)
+	}
+	// Check if ctx is already cancelled
+	select {
+	case <-ctx.Done():
+		return ctx.Err()
+	default:
+	}
+	// Determine wait limit
+	now := time.Now()
+	waitLimit := InfDuration
+	if deadline, ok := ctx.Deadline(); ok {
+		waitLimit = deadline.Sub(now)
+	}
+	// Reserve
+	r := lim.reserveN(now, n, waitLimit)
+	if !r.ok {
+		return fmt.Errorf("rate: Wait(n=%d) would exceed context deadline", n)
+	}
+	// Wait
+	t := time.NewTimer(r.DelayFrom(now))
+	defer t.Stop()
+	select {
+	case <-t.C:
+		// We can proceed.
+		return nil
+	case <-ctx.Done():
+		// Context was canceled before we could proceed.  Cancel the
+		// reservation, which may permit other events to proceed sooner.
+		r.Cancel()
+		return ctx.Err()
+	}
+}
+
+// SetLimit is shorthand for SetLimitAt(time.Now(), newLimit).
+func (lim *Limiter) SetLimit(newLimit Limit) {
+	lim.SetLimitAt(time.Now(), newLimit)
+}
+
+// SetLimitAt sets a new Limit for the limiter. The new Limit, and Burst, may be violated
+// or underutilized by those which reserved (using Reserve or Wait) but did not yet act
+// before SetLimitAt was called.
+func (lim *Limiter) SetLimitAt(now time.Time, newLimit Limit) {
+	lim.mu.Lock()
+	defer lim.mu.Unlock()
+
+	now, _, tokens := lim.advance(now)
+
+	lim.last = now
+	lim.tokens = tokens
+	lim.limit = newLimit
+}
+
+// reserveN is a helper method for AllowN, ReserveN, and WaitN.
+// maxFutureReserve specifies the maximum reservation wait duration allowed.
+// reserveN returns Reservation, not *Reservation, to avoid allocation in AllowN and WaitN.
+func (lim *Limiter) reserveN(now time.Time, n int, maxFutureReserve time.Duration) Reservation {
+	lim.mu.Lock()
+
+	if lim.limit == Inf {
+		lim.mu.Unlock()
+		return Reservation{
+			ok:        true,
+			lim:       lim,
+			tokens:    n,
+			timeToAct: now,
+		}
+	}
+
+	now, last, tokens := lim.advance(now)
+
+	// Calculate the remaining number of tokens resulting from the request.
+	tokens -= float64(n)
+
+	// Calculate the wait duration
+	var waitDuration time.Duration
+	if tokens < 0 {
+		waitDuration = lim.limit.durationFromTokens(-tokens)
+	}
+
+	// Decide result
+	ok := n <= lim.burst && waitDuration <= maxFutureReserve
+
+	// Prepare reservation
+	r := Reservation{
+		ok:    ok,
+		lim:   lim,
+		limit: lim.limit,
+	}
+	if ok {
+		r.tokens = n
+		r.timeToAct = now.Add(waitDuration)
+	}
+
+	// Update state
+	if ok {
+		lim.last = now
+		lim.tokens = tokens
+		lim.lastEvent = r.timeToAct
+	} else {
+		lim.last = last
+	}
+
+	lim.mu.Unlock()
+	return r
+}
+
+// advance calculates and returns an updated state for lim resulting from the passage of time.
+// lim is not changed.
+func (lim *Limiter) advance(now time.Time) (newNow time.Time, newLast time.Time, newTokens float64) {
+	last := lim.last
+	if now.Before(last) {
+		last = now
+	}
+
+	// Avoid making delta overflow below when last is very old.
+	maxElapsed := lim.limit.durationFromTokens(float64(lim.burst) - lim.tokens)
+	elapsed := now.Sub(last)
+	if elapsed > maxElapsed {
+		elapsed = maxElapsed
+	}
+
+	// Calculate the new number of tokens, due to time that passed.
+	delta := lim.limit.tokensFromDuration(elapsed)
+	tokens := lim.tokens + delta
+	if burst := float64(lim.burst); tokens > burst {
+		tokens = burst
+	}
+
+	return now, last, tokens
+}
+
+// durationFromTokens is a unit conversion function from the number of tokens to the duration
+// of time it takes to accumulate them at a rate of limit tokens per second.
+func (limit Limit) durationFromTokens(tokens float64) time.Duration {
+	seconds := tokens / float64(limit)
+	return time.Nanosecond * time.Duration(1e9*seconds)
+}
+
+// tokensFromDuration is a unit conversion function from a time duration to the number of tokens
+// which could be accumulated during that duration at a rate of limit tokens per second.
+func (limit Limit) tokensFromDuration(d time.Duration) float64 {
+	return d.Seconds() * float64(limit)
+}
diff --git a/vendor/google.golang.org/api/CONTRIBUTORS b/vendor/google.golang.org/api/CONTRIBUTORS
index 2d4679e398a7..b8928e61641e 100644
--- a/vendor/google.golang.org/api/CONTRIBUTORS
+++ b/vendor/google.golang.org/api/CONTRIBUTORS
@@ -44,6 +44,7 @@ Ivan Krasin <krasin@golang.org>
 Jason Hall <jasonhall@google.com>
 Johan Euphrosine <proppy@google.com>
 Kostik Shtoyk <kostik@google.com>
+Kunpei Sakai <namusyaka@gmail.com>
 Matthew Whisenhunt <matt.whisenhunt@gmail.com>
 Michael McGreevy <mcgreevy@golang.org>
 Nick Craig-Wood <nickcw@gmail.com>
diff --git a/vendor/google.golang.org/api/cloudmonitoring/v2beta2/cloudmonitoring-gen.go b/vendor/google.golang.org/api/cloudmonitoring/v2beta2/cloudmonitoring-gen.go
index f2cca47ed2c4..c7127d0dfad6 100644
--- a/vendor/google.golang.org/api/cloudmonitoring/v2beta2/cloudmonitoring-gen.go
+++ b/vendor/google.golang.org/api/cloudmonitoring/v2beta2/cloudmonitoring-gen.go
@@ -141,8 +141,8 @@ type DeleteMetricDescriptorResponse struct {
 }
 
 func (s *DeleteMetricDescriptorResponse) MarshalJSON() ([]byte, error) {
-	type noMethod DeleteMetricDescriptorResponse
-	raw := noMethod(*s)
+	type NoMethod DeleteMetricDescriptorResponse
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
@@ -171,8 +171,8 @@ type ListMetricDescriptorsRequest struct {
 }
 
 func (s *ListMetricDescriptorsRequest) MarshalJSON() ([]byte, error) {
-	type noMethod ListMetricDescriptorsRequest
-	raw := noMethod(*s)
+	type NoMethod ListMetricDescriptorsRequest
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
@@ -214,8 +214,8 @@ type ListMetricDescriptorsResponse struct {
 }
 
 func (s *ListMetricDescriptorsResponse) MarshalJSON() ([]byte, error) {
-	type noMethod ListMetricDescriptorsResponse
-	raw := noMethod(*s)
+	type NoMethod ListMetricDescriptorsResponse
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
@@ -244,8 +244,8 @@ type ListTimeseriesDescriptorsRequest struct {
 }
 
 func (s *ListTimeseriesDescriptorsRequest) MarshalJSON() ([]byte, error) {
-	type noMethod ListTimeseriesDescriptorsRequest
-	raw := noMethod(*s)
+	type NoMethod ListTimeseriesDescriptorsRequest
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
@@ -295,8 +295,8 @@ type ListTimeseriesDescriptorsResponse struct {
 }
 
 func (s *ListTimeseriesDescriptorsResponse) MarshalJSON() ([]byte, error) {
-	type noMethod ListTimeseriesDescriptorsResponse
-	raw := noMethod(*s)
+	type NoMethod ListTimeseriesDescriptorsResponse
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
@@ -324,8 +324,8 @@ type ListTimeseriesRequest struct {
 }
 
 func (s *ListTimeseriesRequest) MarshalJSON() ([]byte, error) {
-	type noMethod ListTimeseriesRequest
-	raw := noMethod(*s)
+	type NoMethod ListTimeseriesRequest
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
@@ -376,8 +376,8 @@ type ListTimeseriesResponse struct {
 }
 
 func (s *ListTimeseriesResponse) MarshalJSON() ([]byte, error) {
-	type noMethod ListTimeseriesResponse
-	raw := noMethod(*s)
+	type NoMethod ListTimeseriesResponse
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
@@ -421,8 +421,8 @@ type MetricDescriptor struct {
 }
 
 func (s *MetricDescriptor) MarshalJSON() ([]byte, error) {
-	type noMethod MetricDescriptor
-	raw := noMethod(*s)
+	type NoMethod MetricDescriptor
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
@@ -454,8 +454,8 @@ type MetricDescriptorLabelDescriptor struct {
 }
 
 func (s *MetricDescriptorLabelDescriptor) MarshalJSON() ([]byte, error) {
-	type noMethod MetricDescriptorLabelDescriptor
-	raw := noMethod(*s)
+	type NoMethod MetricDescriptorLabelDescriptor
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
@@ -489,8 +489,8 @@ type MetricDescriptorTypeDescriptor struct {
 }
 
 func (s *MetricDescriptorTypeDescriptor) MarshalJSON() ([]byte, error) {
-	type noMethod MetricDescriptorTypeDescriptor
-	raw := noMethod(*s)
+	type NoMethod MetricDescriptorTypeDescriptor
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
@@ -550,18 +550,18 @@ type Point struct {
 }
 
 func (s *Point) MarshalJSON() ([]byte, error) {
-	type noMethod Point
-	raw := noMethod(*s)
+	type NoMethod Point
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
 func (s *Point) UnmarshalJSON(data []byte) error {
-	type noMethod Point
+	type NoMethod Point
 	var s1 struct {
 		DoubleValue *gensupport.JSONFloat64 `json:"doubleValue"`
-		*noMethod
+		*NoMethod
 	}
-	s1.noMethod = (*noMethod)(s)
+	s1.NoMethod = (*NoMethod)(s)
 	if err := json.Unmarshal(data, &s1); err != nil {
 		return err
 	}
@@ -603,8 +603,8 @@ type PointDistribution struct {
 }
 
 func (s *PointDistribution) MarshalJSON() ([]byte, error) {
-	type noMethod PointDistribution
-	raw := noMethod(*s)
+	type NoMethod PointDistribution
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
@@ -643,19 +643,19 @@ type PointDistributionBucket struct {
 }
 
 func (s *PointDistributionBucket) MarshalJSON() ([]byte, error) {
-	type noMethod PointDistributionBucket
-	raw := noMethod(*s)
+	type NoMethod PointDistributionBucket
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
 func (s *PointDistributionBucket) UnmarshalJSON(data []byte) error {
-	type noMethod PointDistributionBucket
+	type NoMethod PointDistributionBucket
 	var s1 struct {
 		LowerBound gensupport.JSONFloat64 `json:"lowerBound"`
 		UpperBound gensupport.JSONFloat64 `json:"upperBound"`
-		*noMethod
+		*NoMethod
 	}
-	s1.noMethod = (*noMethod)(s)
+	s1.NoMethod = (*NoMethod)(s)
 	if err := json.Unmarshal(data, &s1); err != nil {
 		return err
 	}
@@ -694,18 +694,18 @@ type PointDistributionOverflowBucket struct {
 }
 
 func (s *PointDistributionOverflowBucket) MarshalJSON() ([]byte, error) {
-	type noMethod PointDistributionOverflowBucket
-	raw := noMethod(*s)
+	type NoMethod PointDistributionOverflowBucket
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
 func (s *PointDistributionOverflowBucket) UnmarshalJSON(data []byte) error {
-	type noMethod PointDistributionOverflowBucket
+	type NoMethod PointDistributionOverflowBucket
 	var s1 struct {
 		LowerBound gensupport.JSONFloat64 `json:"lowerBound"`
-		*noMethod
+		*NoMethod
 	}
-	s1.noMethod = (*noMethod)(s)
+	s1.NoMethod = (*NoMethod)(s)
 	if err := json.Unmarshal(data, &s1); err != nil {
 		return err
 	}
@@ -743,18 +743,18 @@ type PointDistributionUnderflowBucket struct {
 }
 
 func (s *PointDistributionUnderflowBucket) MarshalJSON() ([]byte, error) {
-	type noMethod PointDistributionUnderflowBucket
-	raw := noMethod(*s)
+	type NoMethod PointDistributionUnderflowBucket
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
 func (s *PointDistributionUnderflowBucket) UnmarshalJSON(data []byte) error {
-	type noMethod PointDistributionUnderflowBucket
+	type NoMethod PointDistributionUnderflowBucket
 	var s1 struct {
 		UpperBound gensupport.JSONFloat64 `json:"upperBound"`
-		*noMethod
+		*NoMethod
 	}
-	s1.noMethod = (*noMethod)(s)
+	s1.NoMethod = (*NoMethod)(s)
 	if err := json.Unmarshal(data, &s1); err != nil {
 		return err
 	}
@@ -792,8 +792,8 @@ type Timeseries struct {
 }
 
 func (s *Timeseries) MarshalJSON() ([]byte, error) {
-	type noMethod Timeseries
-	raw := noMethod(*s)
+	type NoMethod Timeseries
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
@@ -828,8 +828,8 @@ type TimeseriesDescriptor struct {
 }
 
 func (s *TimeseriesDescriptor) MarshalJSON() ([]byte, error) {
-	type noMethod TimeseriesDescriptor
-	raw := noMethod(*s)
+	type NoMethod TimeseriesDescriptor
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
@@ -858,8 +858,8 @@ type TimeseriesDescriptorLabel struct {
 }
 
 func (s *TimeseriesDescriptorLabel) MarshalJSON() ([]byte, error) {
-	type noMethod TimeseriesDescriptorLabel
-	raw := noMethod(*s)
+	type NoMethod TimeseriesDescriptorLabel
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
@@ -891,8 +891,8 @@ type TimeseriesPoint struct {
 }
 
 func (s *TimeseriesPoint) MarshalJSON() ([]byte, error) {
-	type noMethod TimeseriesPoint
-	raw := noMethod(*s)
+	type NoMethod TimeseriesPoint
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
@@ -925,8 +925,8 @@ type WriteTimeseriesRequest struct {
 }
 
 func (s *WriteTimeseriesRequest) MarshalJSON() ([]byte, error) {
-	type noMethod WriteTimeseriesRequest
-	raw := noMethod(*s)
+	type NoMethod WriteTimeseriesRequest
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
@@ -959,8 +959,8 @@ type WriteTimeseriesResponse struct {
 }
 
 func (s *WriteTimeseriesResponse) MarshalJSON() ([]byte, error) {
-	type noMethod WriteTimeseriesResponse
-	raw := noMethod(*s)
+	type NoMethod WriteTimeseriesResponse
+	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
@@ -1064,7 +1064,7 @@ func (c *MetricDescriptorsCreateCall) Do(opts ...googleapi.CallOption) (*MetricD
 		},
 	}
 	target := &ret
-	if err := json.NewDecoder(res.Body).Decode(target); err != nil {
+	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
@@ -1194,7 +1194,7 @@ func (c *MetricDescriptorsDeleteCall) Do(opts ...googleapi.CallOption) (*DeleteM
 		},
 	}
 	target := &ret
-	if err := json.NewDecoder(res.Body).Decode(target); err != nil {
+	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
@@ -1373,7 +1373,7 @@ func (c *MetricDescriptorsListCall) Do(opts ...googleapi.CallOption) (*ListMetri
 		},
 	}
 	target := &ret
-	if err := json.NewDecoder(res.Body).Decode(target); err != nil {
+	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
@@ -1651,7 +1651,7 @@ func (c *TimeseriesListCall) Do(opts ...googleapi.CallOption) (*ListTimeseriesRe
 		},
 	}
 	target := &ret
-	if err := json.NewDecoder(res.Body).Decode(target); err != nil {
+	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
@@ -1882,7 +1882,7 @@ func (c *TimeseriesWriteCall) Do(opts ...googleapi.CallOption) (*WriteTimeseries
 		},
 	}
 	target := &ret
-	if err := json.NewDecoder(res.Body).Decode(target); err != nil {
+	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
@@ -2122,7 +2122,7 @@ func (c *TimeseriesDescriptorsListCall) Do(opts ...googleapi.CallOption) (*ListT
 		},
 	}
 	target := &ret
-	if err := json.NewDecoder(res.Body).Decode(target); err != nil {
+	if err := gensupport.DecodeResponse(target, res); err != nil {
 		return nil, err
 	}
 	return ret, nil
diff --git a/vendor/google.golang.org/api/compute/v0.alpha/compute-api.json b/vendor/google.golang.org/api/compute/v0.alpha/compute-api.json
index 5b39417753bf..be9d128bef8c 100644
--- a/vendor/google.golang.org/api/compute/v0.alpha/compute-api.json
+++ b/vendor/google.golang.org/api/compute/v0.alpha/compute-api.json
@@ -1,42352 +1,42878 @@
 {
- "kind": "discovery#restDescription",
- "etag": "\"YWOzh2SDasdU84ArJnpYek-OMdg/8LXjCsGzTRkw9pxlAZsYlHn9Eew\"",
- "discoveryVersion": "v1",
- "id": "compute:alpha",
- "name": "compute",
- "version": "alpha",
- "revision": "20171207",
- "title": "Compute Engine API",
- "description": "Creates and runs virtual machines on Google Cloud Platform.",
- "ownerDomain": "google.com",
- "ownerName": "Google",
- "icons": {
-  "x16": "https://www.google.com/images/icons/product/compute_engine-16.png",
-  "x32": "https://www.google.com/images/icons/product/compute_engine-32.png"
- },
- "documentationLink": "https://developers.google.com/compute/docs/reference/latest/",
- "protocol": "rest",
- "baseUrl": "https://www.googleapis.com/compute/alpha/projects/",
- "basePath": "/compute/alpha/projects/",
- "rootUrl": "https://www.googleapis.com/",
- "servicePath": "compute/alpha/projects/",
- "batchPath": "batch/compute/alpha",
- "parameters": {
-  "alt": {
-   "type": "string",
-   "description": "Data format for the response.",
-   "default": "json",
-   "enum": [
-    "json"
-   ],
-   "enumDescriptions": [
-    "Responses with Content-Type of application/json"
-   ],
-   "location": "query"
-  },
-  "fields": {
-   "type": "string",
-   "description": "Selector specifying which fields to include in a partial response.",
-   "location": "query"
-  },
-  "key": {
-   "type": "string",
-   "description": "API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.",
-   "location": "query"
-  },
-  "oauth_token": {
-   "type": "string",
-   "description": "OAuth 2.0 token for the current user.",
-   "location": "query"
-  },
-  "prettyPrint": {
-   "type": "boolean",
-   "description": "Returns response with indentations and line breaks.",
-   "default": "true",
-   "location": "query"
-  },
-  "quotaUser": {
-   "type": "string",
-   "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. Overrides userIp if both are provided.",
-   "location": "query"
-  },
-  "userIp": {
-   "type": "string",
-   "description": "IP address of the site where the request originates. Use this if you want to enforce per-user limits.",
-   "location": "query"
-  }
- },
- "auth": {
-  "oauth2": {
-   "scopes": {
-    "https://www.googleapis.com/auth/cloud-platform": {
-     "description": "View and manage your data across Google Cloud Platform services"
-    },
-    "https://www.googleapis.com/auth/compute": {
-     "description": "View and manage your Google Compute Engine resources"
-    },
-    "https://www.googleapis.com/auth/compute.readonly": {
-     "description": "View your Google Compute Engine resources"
-    },
-    "https://www.googleapis.com/auth/devstorage.full_control": {
-     "description": "Manage your data and permissions in Google Cloud Storage"
-    },
-    "https://www.googleapis.com/auth/devstorage.read_only": {
-     "description": "View your data in Google Cloud Storage"
-    },
-    "https://www.googleapis.com/auth/devstorage.read_write": {
-     "description": "Manage your data in Google Cloud Storage"
-    }
-   }
-  }
- },
- "schemas": {
-  "AcceleratorConfig": {
-   "id": "AcceleratorConfig",
-   "type": "object",
-   "description": "A specification of the type and number of accelerator cards attached to the instance.",
-   "properties": {
-    "acceleratorCount": {
-     "type": "integer",
-     "description": "The number of the guest accelerator cards exposed to this instance.",
-     "format": "int32"
-    },
-    "acceleratorType": {
-     "type": "string",
-     "description": "Full or partial URL of the accelerator type resource to expose to this instance."
-    }
-   }
-  },
-  "AcceleratorType": {
-   "id": "AcceleratorType",
-   "type": "object",
-   "description": "An Accelerator Type resource. (== resource_for beta.acceleratorTypes ==) (== resource_for v1.acceleratorTypes ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "deprecated": {
-     "$ref": "DeprecationStatus",
-     "description": "[Output Only] The deprecation status associated with this accelerator type."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] An optional textual description of the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The type of the resource. Always compute#acceleratorType for accelerator types.",
-     "default": "compute#acceleratorType"
-    },
-    "maximumCardsPerInstance": {
-     "type": "integer",
-     "description": "[Output Only] Maximum accelerator cards allowed per instance.",
-     "format": "int32"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined fully-qualified URL for this resource."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] The name of the zone where the accelerator type resides, such as us-central1-a."
-    }
-   }
-  },
-  "AcceleratorTypeAggregatedList": {
-   "id": "AcceleratorTypeAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of AcceleratorTypesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "AcceleratorTypesScopedList",
-      "description": "[Output Only] Name of the scope containing this set of accelerator types."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#acceleratorTypeAggregatedList for aggregated lists of accelerator types.",
-     "default": "compute#acceleratorTypeAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AcceleratorTypeList": {
-   "id": "AcceleratorTypeList",
-   "type": "object",
-   "description": "Contains a list of accelerator types.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of AcceleratorType resources.",
-     "items": {
-      "$ref": "AcceleratorType"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#acceleratorTypeList for lists of accelerator types.",
-     "default": "compute#acceleratorTypeList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AcceleratorTypesScopedList": {
-   "id": "AcceleratorTypesScopedList",
-   "type": "object",
-   "properties": {
-    "acceleratorTypes": {
-     "type": "array",
-     "description": "[Output Only] List of accelerator types contained in this scope.",
-     "items": {
-      "$ref": "AcceleratorType"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] An informational warning that appears when the accelerator types list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+  "auth": {
+    "oauth2": {
+      "scopes": {
+        "https://www.googleapis.com/auth/cloud-platform": {
+          "description": "View and manage your data across Google Cloud Platform services"
+        },
+        "https://www.googleapis.com/auth/compute": {
+          "description": "View and manage your Google Compute Engine resources"
+        },
+        "https://www.googleapis.com/auth/compute.readonly": {
+          "description": "View your Google Compute Engine resources"
+        },
+        "https://www.googleapis.com/auth/devstorage.full_control": {
+          "description": "Manage your data and permissions in Google Cloud Storage"
+        },
+        "https://www.googleapis.com/auth/devstorage.read_only": {
+          "description": "View your data in Google Cloud Storage"
+        },
+        "https://www.googleapis.com/auth/devstorage.read_write": {
+          "description": "Manage your data in Google Cloud Storage"
+        }
       }
-     }
-    }
-   }
-  },
-  "AccessConfig": {
-   "id": "AccessConfig",
-   "type": "object",
-   "description": "An access configuration attached to an instance's network interface. Only one access config per instance is supported.",
-   "properties": {
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#accessConfig for access configs.",
-     "default": "compute#accessConfig"
-    },
-    "name": {
-     "type": "string",
-     "description": "The name of this access configuration. The default and recommended name is External NAT but you can use any arbitrary string you would like. For example, My external IP or Network Access."
-    },
-    "natIP": {
-     "type": "string",
-     "description": "An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance."
-    },
-    "networkTier": {
-     "type": "string",
-     "description": "This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.\n\nIf an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.\n\nIf an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.",
-     "enum": [
-      "PREMIUM",
-      "SELECT",
-      "STANDARD"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "publicDnsName": {
-     "type": "string",
-     "description": "[Output Only] The public DNS domain name for the instance."
-    },
-    "publicPtrDomainName": {
-     "type": "string",
-     "description": "The DNS domain name for the public PTR record. This field can only be set when the set_public_ptr field is enabled."
-    },
-    "setPublicDns": {
-     "type": "boolean",
-     "description": "Specifies whether a public DNS ?A? record should be created for the external IP address of this access configuration."
-    },
-    "setPublicPtr": {
-     "type": "boolean",
-     "description": "Specifies whether a public DNS ?PTR? record should be created to map the external IP address of the instance to a DNS domain name."
-    },
-    "type": {
-     "type": "string",
-     "description": "The type of configuration. The default and only option is ONE_TO_ONE_NAT.",
-     "default": "ONE_TO_ONE_NAT",
-     "enum": [
-      "ONE_TO_ONE_NAT"
-     ],
-     "enumDescriptions": [
-      ""
-     ]
     }
-   }
   },
-  "Address": {
-   "id": "Address",
-   "type": "object",
-   "description": "A reserved address resource. (== resource_for beta.addresses ==) (== resource_for v1.addresses ==) (== resource_for beta.globalAddresses ==) (== resource_for v1.globalAddresses ==)",
-   "properties": {
-    "address": {
-     "type": "string",
-     "description": "The static IP address represented by this resource."
-    },
-    "addressType": {
-     "type": "string",
-     "description": "The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.",
-     "enum": [
-      "DNS_FORWARDING",
-      "EXTERNAL",
-      "INTERNAL",
-      "UNSPECIFIED_TYPE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "ipVersion": {
-     "type": "string",
-     "description": "The IP Version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.",
-     "enum": [
-      "IPV4",
-      "IPV6",
-      "UNSPECIFIED_VERSION"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#address for addresses.",
-     "default": "compute#address"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an Address.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this Address resource. These can be later modified by the setLabels method. Each label key/value must comply with RFC1035. Label values may be empty.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.addresses.insert"
-      ]
-     }
-    },
-    "networkTier": {
-     "type": "string",
-     "description": "This signifies the networking tier used for configuring this Address and can only take the following values: PREMIUM , STANDARD.\n\nIf this field is not specified, it is assumed to be PREMIUM.",
-     "enum": [
-      "PREMIUM",
-      "SELECT",
-      "STANDARD"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the regional address resides. This field is not applicable to global addresses."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.",
-     "enum": [
-      "IN_USE",
-      "RESERVED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "subnetwork": {
-     "type": "string",
-     "description": "The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with GCE_ENDPOINT/DNS_RESOLVER purposes."
-    },
-    "users": {
-     "type": "array",
-     "description": "[Output Only] The URLs of the resources that are using this address.",
-     "items": {
+  "basePath": "/compute/alpha/projects/",
+  "baseUrl": "https://www.googleapis.com/compute/alpha/projects/",
+  "batchPath": "batch/compute/alpha",
+  "description": "Creates and runs virtual machines on Google Cloud Platform.",
+  "discoveryVersion": "v1",
+  "documentationLink": "https://developers.google.com/compute/docs/reference/latest/",
+  "etag": "\"-iA1DTNe4s-I6JZXPt1t1Ypy8IU/N-OFBDyIh2rjB3cbDrFel2ULy4k\"",
+  "icons": {
+    "x16": "https://www.google.com/images/icons/product/compute_engine-16.png",
+    "x32": "https://www.google.com/images/icons/product/compute_engine-32.png"
+  },
+  "id": "compute:alpha",
+  "kind": "discovery#restDescription",
+  "name": "compute",
+  "ownerDomain": "google.com",
+  "ownerName": "Google",
+  "parameters": {
+    "alt": {
+      "default": "json",
+      "description": "Data format for the response.",
+      "enum": [
+        "json"
+      ],
+      "enumDescriptions": [
+        "Responses with Content-Type of application/json"
+      ],
+      "location": "query",
       "type": "string"
-     }
-    }
-   }
-  },
-  "AddressAggregatedList": {
-   "id": "AddressAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of AddressesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "AddressesScopedList",
-      "description": "[Output Only] Name of the scope containing this set of addresses."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#addressAggregatedList for aggregated lists of addresses.",
-     "default": "compute#addressAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AddressList": {
-   "id": "AddressList",
-   "type": "object",
-   "description": "Contains a list of addresses.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Address resources.",
-     "items": {
-      "$ref": "Address"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#addressList for lists of addresses.",
-     "default": "compute#addressList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AddressesScopedList": {
-   "id": "AddressesScopedList",
-   "type": "object",
-   "properties": {
-    "addresses": {
-     "type": "array",
-     "description": "[Output Only] List of addresses contained in this scope.",
-     "items": {
-      "$ref": "Address"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of addresses when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AliasIpRange": {
-   "id": "AliasIpRange",
-   "type": "object",
-   "description": "An alias IP range attached to an instance's network interface.",
-   "properties": {
-    "ipCidrRange": {
-     "type": "string",
-     "description": "The IP CIDR range represented by this alias IP range. This IP CIDR range must belong to the specified subnetwork and cannot contain IP addresses reserved by system or used by other network interfaces. This range may be a single IP address (e.g. 10.2.3.4), a netmask (e.g. /24) or a CIDR format string (e.g. 10.1.2.0/24)."
-    },
-    "subnetworkRangeName": {
-     "type": "string",
-     "description": "Optional subnetwork secondary range name specifying the secondary range from which to allocate the IP CIDR range for this alias IP range. If left unspecified, the primary range of the subnetwork will be used."
-    }
-   }
-  },
-  "AttachedDisk": {
-   "id": "AttachedDisk",
-   "type": "object",
-   "description": "An instance-attached disk resource.",
-   "properties": {
-    "autoDelete": {
-     "type": "boolean",
-     "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)."
-    },
-    "boot": {
-     "type": "boolean",
-     "description": "Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem."
-    },
-    "deviceName": {
-     "type": "string",
-     "description": "Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.\n\nIf not specified, the server chooses a default device name to apply to this disk, in the form persistent-disks-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks."
-    },
-    "diskEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "Encrypts or decrypts a disk using a customer-supplied encryption key.\n\nIf you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.\n\nIf you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.\n\nIf you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.\n\nInstance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group."
-    },
-    "diskSizeGb": {
-     "type": "string",
-     "description": "The size of the disk in base-2 GB. This supersedes disk_size_gb in InitializeParams.",
-     "format": "int64"
-    },
-    "guestOsFeatures": {
-     "type": "array",
-     "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.",
-     "items": {
-      "$ref": "GuestOsFeature"
-     }
-    },
-    "index": {
-     "type": "integer",
-     "description": "[Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.",
-     "format": "int32"
-    },
-    "initializeParams": {
-     "$ref": "AttachedDiskInitializeParams",
-     "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.\n\nThis property is mutually exclusive with the source property; you can only define one or the other, but not both."
-    },
-    "interface": {
-     "type": "string",
-     "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. Persistent disks must always use SCSI and the request will fail if you attempt to attach a persistent disk in any other format than SCSI. Local SSDs can use either NVME or SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance.",
-     "enum": [
-      "NVME",
-      "SCSI"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#attachedDisk for attached disks.",
-     "default": "compute#attachedDisk"
     },
-    "licenses": {
-     "type": "array",
-     "description": "[Output Only] Any valid publicly visible licenses.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "mode": {
-     "type": "string",
-     "description": "The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode.",
-     "enum": [
-      "READ_ONLY",
-      "READ_WRITE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "savedState": {
-     "type": "string",
-     "description": "For LocalSSD disks on VM Instances in STOPPED or SUSPENDED state, this field is set to PRESERVED iff the LocalSSD data has been saved to a persistent location by customer request. (see the discard_local_ssd option on Stop/Suspend). Read-only in the api.",
-     "enum": [
-      "DISK_SAVED_STATE_UNSPECIFIED",
-      "PRESERVED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "source": {
-     "type": "string",
-     "description": "Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or disks.source is required except for local SSD.\n\nIf desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.\n\nNote that for InstanceTemplate, specify the disk name, not the URL for the disk."
-    },
-    "type": {
-     "type": "string",
-     "description": "Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.",
-     "enum": [
-      "PERSISTENT",
-      "SCRATCH"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "AttachedDiskInitializeParams": {
-   "id": "AttachedDiskInitializeParams",
-   "type": "object",
-   "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.\n\nThis property is mutually exclusive with the source property; you can only define one or the other, but not both.",
-   "properties": {
-    "diskName": {
-     "type": "string",
-     "description": "Specifies the disk name. If not specified, the default is to use the name of the instance."
-    },
-    "diskSizeGb": {
-     "type": "string",
-     "description": "Specifies the size of the disk in base-2 GB.",
-     "format": "int64"
-    },
-    "diskStorageType": {
-     "type": "string",
-     "description": "[Deprecated] Storage type of the disk.",
-     "enum": [
-      "HDD",
-      "SSD"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "diskType": {
-     "type": "string",
-     "description": "Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:\n\nhttps://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard \n\nOther values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType \n- projects/project/zones/zone/diskTypes/diskType \n- zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL."
-    },
-    "sourceImage": {
-     "type": "string",
-     "description": "The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or disks.source is required except for local SSD.\n\nTo create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-8 to use the latest Debian 8 image:\n\nprojects/debian-cloud/global/images/family/debian-8 \n\nAlternatively, use a specific version of a public operating system image:\n\nprojects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD \n\nTo create a disk with a custom image that you created, specify the image name in the following format:\n\nglobal/images/my-custom-image \n\nYou can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:\n\nglobal/images/family/my-image-family \n\nIf the source image is deleted later, this field will not be set."
-    },
-    "sourceImageEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.\n\nInstance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys."
-    }
-   }
-  },
-  "AuditConfig": {
-   "id": "AuditConfig",
-   "type": "object",
-   "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.\n\nIf there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditConfig are exempted.\n\nExample Policy with multiple AuditConfigs:\n\n{ \"audit_configs\": [ { \"service\": \"allServices\" \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:foo@gmail.com\" ] }, { \"log_type\": \"DATA_WRITE\", }, { \"log_type\": \"ADMIN_READ\", } ] }, { \"service\": \"fooservice.googleapis.com\" \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:bar@gmail.com\" ] } ] } ] }\n\nFor fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts foo@gmail.com from DATA_READ logging, and bar@gmail.com from DATA_WRITE logging.",
-   "properties": {
-    "auditLogConfigs": {
-     "type": "array",
-     "description": "The configuration for logging of each type of permission.",
-     "items": {
-      "$ref": "AuditLogConfig"
-     }
-    },
-    "exemptedMembers": {
-     "type": "array",
-     "description": "",
-     "items": {
+    "fields": {
+      "description": "Selector specifying which fields to include in a partial response.",
+      "location": "query",
       "type": "string"
-     }
     },
-    "service": {
-     "type": "string",
-     "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services."
-    }
-   }
-  },
-  "AuditLogConfig": {
-   "id": "AuditLogConfig",
-   "type": "object",
-   "description": "Provides the configuration for logging a type of permissions. Example:\n\n{ \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:foo@gmail.com\" ] }, { \"log_type\": \"DATA_WRITE\", } ] }\n\nThis enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting foo@gmail.com from DATA_READ logging.",
-   "properties": {
-    "exemptedMembers": {
-     "type": "array",
-     "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].",
-     "items": {
-      "type": "string"
-     }
-    },
-    "logType": {
-     "type": "string",
-     "description": "The log type that this config enables.",
-     "enum": [
-      "ADMIN_READ",
-      "DATA_READ",
-      "DATA_WRITE",
-      "LOG_TYPE_UNSPECIFIED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "AuthorizationLoggingOptions": {
-   "id": "AuthorizationLoggingOptions",
-   "type": "object",
-   "description": "Authorization-related information used by Cloud Audit Logging.",
-   "properties": {
-    "permissionType": {
-     "type": "string",
-     "description": "The type of the permission that was checked.",
-     "enum": [
-      "ADMIN_READ",
-      "ADMIN_WRITE",
-      "DATA_READ",
-      "DATA_WRITE",
-      "PERMISSION_TYPE_UNSPECIFIED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "Autoscaler": {
-   "id": "Autoscaler",
-   "type": "object",
-   "description": "Represents an Autoscaler resource. Autoscalers allow you to automatically scale virtual machine instances in managed instance groups according to an autoscaling policy that you define. For more information, read Autoscaling Groups of Instances. (== resource_for beta.autoscalers ==) (== resource_for v1.autoscalers ==) (== resource_for beta.regionAutoscalers ==) (== resource_for v1.regionAutoscalers ==)",
-   "properties": {
-    "autoscalingPolicy": {
-     "$ref": "AutoscalingPolicy",
-     "description": "The configuration parameters for the autoscaling algorithm. You can define one or more of the policies for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.\n\nIf none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#autoscaler for autoscalers.",
-     "default": "compute#autoscaler"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.instanceGroups.insert"
-      ]
-     }
-    },
-    "recommendedSize": {
-     "type": "integer",
-     "description": "[Output Only] Target recommended MIG size computed by autoscaler. Autoscaler calculates recommended MIG size even when autoscaling policy mode is different from ON. This field is empty when autoscaler is not connected to the existing managed instance group or autoscaler did not generate its first prediction.",
-     "format": "int32"
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the instance group resides (for autoscalers living in regional scope)."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the autoscaler configuration.",
-     "enum": [
-      "ACTIVE",
-      "DELETING",
-      "ERROR",
-      "PENDING"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "statusDetails": {
-     "type": "array",
-     "description": "[Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.",
-     "items": {
-      "$ref": "AutoscalerStatusDetails"
-     }
-    },
-    "target": {
-     "type": "string",
-     "description": "URL of the managed instance group that this autoscaler will scale."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] URL of the zone where the instance group resides (for autoscalers living in zonal scope)."
-    }
-   }
-  },
-  "AutoscalerAggregatedList": {
-   "id": "AutoscalerAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of AutoscalersScopedList resources.",
-     "additionalProperties": {
-      "$ref": "AutoscalersScopedList",
-      "description": "[Output Only] Name of the scope containing this set of autoscalers."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#autoscalerAggregatedList for aggregated lists of autoscalers.",
-     "default": "compute#autoscalerAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AutoscalerList": {
-   "id": "AutoscalerList",
-   "type": "object",
-   "description": "Contains a list of Autoscaler resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Autoscaler resources.",
-     "items": {
-      "$ref": "Autoscaler"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#autoscalerList for lists of autoscalers.",
-     "default": "compute#autoscalerList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AutoscalerStatusDetails": {
-   "id": "AutoscalerStatusDetails",
-   "type": "object",
-   "properties": {
-    "message": {
-     "type": "string",
-     "description": "The status message."
-    },
-    "type": {
-     "type": "string",
-     "description": "The type of error returned.",
-     "enum": [
-      "ALL_INSTANCES_UNHEALTHY",
-      "BACKEND_SERVICE_DOES_NOT_EXIST",
-      "CAPPED_AT_MAX_NUM_REPLICAS",
-      "CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE",
-      "CUSTOM_METRIC_INVALID",
-      "MIN_EQUALS_MAX",
-      "MISSING_CUSTOM_METRIC_DATA_POINTS",
-      "MISSING_LOAD_BALANCING_DATA_POINTS",
-      "MORE_THAN_ONE_BACKEND_SERVICE",
-      "NOT_ENOUGH_QUOTA_AVAILABLE",
-      "REGION_RESOURCE_STOCKOUT",
-      "SCALING_TARGET_DOES_NOT_EXIST",
-      "UNKNOWN",
-      "UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION",
-      "ZONE_RESOURCE_STOCKOUT"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "AutoscalersScopedList": {
-   "id": "AutoscalersScopedList",
-   "type": "object",
-   "properties": {
-    "autoscalers": {
-     "type": "array",
-     "description": "[Output Only] List of autoscalers contained in this scope.",
-     "items": {
-      "$ref": "Autoscaler"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of autoscalers when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AutoscalingPolicy": {
-   "id": "AutoscalingPolicy",
-   "type": "object",
-   "description": "Cloud Autoscaler policy.",
-   "properties": {
-    "coolDownPeriodSec": {
-     "type": "integer",
-     "description": "The number of seconds that the autoscaler should wait before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.\n\nVirtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.",
-     "format": "int32"
-    },
-    "cpuUtilization": {
-     "$ref": "AutoscalingPolicyCpuUtilization",
-     "description": "Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group."
-    },
-    "customMetricUtilizations": {
-     "type": "array",
-     "description": "Configuration parameters of autoscaling based on a custom metric.",
-     "items": {
-      "$ref": "AutoscalingPolicyCustomMetricUtilization"
-     }
-    },
-    "loadBalancingUtilization": {
-     "$ref": "AutoscalingPolicyLoadBalancingUtilization",
-     "description": "Configuration parameters of autoscaling based on load balancer."
-    },
-    "maxNumReplicas": {
-     "type": "integer",
-     "description": "The maximum number of instances that the autoscaler can scale up to. This is required when creating or updating an autoscaler. The maximum number of replicas should not be lower than minimal number of replicas.",
-     "format": "int32"
-    },
-    "minNumReplicas": {
-     "type": "integer",
-     "description": "The minimum number of replicas that the autoscaler can scale down to. This cannot be less than 0. If not provided, autoscaler will choose a default value depending on maximum number of instances allowed.",
-     "format": "int32"
-    },
-    "mode": {
-     "type": "string",
-     "description": "Defines operating mode for this policy.",
-     "enum": [
-      "OFF",
-      "ON",
-      "ONLY_DOWN",
-      "ONLY_UP"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "queueBasedScaling": {
-     "$ref": "AutoscalingPolicyQueueBasedScaling",
-     "description": "Configuration parameters of autoscaling based on queuing system."
-    }
-   }
-  },
-  "AutoscalingPolicyCpuUtilization": {
-   "id": "AutoscalingPolicyCpuUtilization",
-   "type": "object",
-   "description": "CPU utilization policy.",
-   "properties": {
-    "utilizationTarget": {
-     "type": "number",
-     "description": "The target CPU utilization that the autoscaler should maintain. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.\n\nIf the CPU level is below the target utilization, the autoscaler scales down the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.\n\nIf the average CPU is above the target utilization, the autoscaler scales up until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.",
-     "format": "double"
-    }
-   }
-  },
-  "AutoscalingPolicyCustomMetricUtilization": {
-   "id": "AutoscalingPolicyCustomMetricUtilization",
-   "type": "object",
-   "description": "Custom utilization metric policy.",
-   "properties": {
-    "filter": {
-     "type": "string",
-     "description": "A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.\n\nFor the filter to be valid for autoscaling purposes, the following rules apply:  \n- You can only use the AND operator for joining selectors. \n- You can only use direct equality comparison operator (=) without any functions for each selector. \n- You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. \n- The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.\nIf the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.\n\nIf not specified, the type defaults to gce_instance.  \n\nYou should provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value."
-    },
-    "metric": {
-     "type": "string",
-     "description": "The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.\n\nThe metric must have a value type of INT64 or DOUBLE."
-    },
-    "singleInstanceAssignment": {
-     "type": "number",
-     "description": "If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler will keep the number of instances proportional to the value of this metric, the metric itself should not change value due to group resizing.\n\nA good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.\n\nA bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.",
-     "format": "double"
-    },
-    "utilizationTarget": {
-     "type": "number",
-     "description": "The target value of the metric that autoscaler should maintain. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.\n\nFor example, a good metric to use as a utilization_target is compute.googleapis.com/instance/network/received_bytes_count. The autoscaler will work to keep this value constant for each of the instances.",
-     "format": "double"
-    },
-    "utilizationTargetType": {
-     "type": "string",
-     "description": "Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE. If not specified, the default is GAUGE.",
-     "enum": [
-      "DELTA_PER_MINUTE",
-      "DELTA_PER_SECOND",
-      "GAUGE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "AutoscalingPolicyLoadBalancingUtilization": {
-   "id": "AutoscalingPolicyLoadBalancingUtilization",
-   "type": "object",
-   "description": "Configuration parameters of autoscaling based on load balancing.",
-   "properties": {
-    "utilizationTarget": {
-     "type": "number",
-     "description": "Fraction of backend capacity utilization (set in HTTP(s) load balancing configuration) that autoscaler should maintain. Must be a positive float value. If not defined, the default is 0.8.",
-     "format": "double"
-    }
-   }
-  },
-  "AutoscalingPolicyQueueBasedScaling": {
-   "id": "AutoscalingPolicyQueueBasedScaling",
-   "type": "object",
-   "description": "Configuration parameters of autoscaling based on queuing system.",
-   "properties": {
-    "acceptableBacklogPerInstance": {
-     "type": "number",
-     "description": "Scaling based on the average number of tasks in the queue per each active instance. The autoscaler keeps the average number of tasks per instance below this number, based on data collected in the last couple of minutes. The autoscaler will also take into account incoming tasks when calculating when to scale.",
-     "format": "double"
-    },
-    "cloudPubSub": {
-     "$ref": "AutoscalingPolicyQueueBasedScalingCloudPubSub",
-     "description": "Configuration for Cloud Pub/Sub subscription queue."
-    },
-    "singleWorkerThroughputPerSec": {
-     "type": "number",
-     "description": "The scaling algorithm will also calculate throughput estimates on its own; if you explicitly provide this value, the autoscaler will take into account your value as well as automatic estimates when deciding how to scale.",
-     "format": "double"
-    }
-   }
-  },
-  "AutoscalingPolicyQueueBasedScalingCloudPubSub": {
-   "id": "AutoscalingPolicyQueueBasedScalingCloudPubSub",
-   "type": "object",
-   "description": "Configuration parameters for scaling based on Cloud Pub/Sub subscription queue.",
-   "properties": {
-    "subscription": {
-     "type": "string",
-     "description": "Cloud Pub/Sub subscription used for scaling. Provide the partial URL (starting with projects/) or just the subscription name. The subscription must be assigned to the topic specified in topicName and must be in a pull configuration. The subscription must belong to the same project as the Autoscaler."
-    },
-    "topic": {
-     "type": "string",
-     "description": "Cloud Pub/Sub topic used for scaling. Provide the partial URL or partial URL (starting with projects/) or just the topic name. The topic must belong to the same project as the Autoscaler resource."
-    }
-   }
-  },
-  "Backend": {
-   "id": "Backend",
-   "type": "object",
-   "description": "Message containing information of one individual backend.",
-   "properties": {
-    "balancingMode": {
-     "type": "string",
-     "description": "Specifies the balancing mode for this backend. For global HTTP(S) or TCP/SSL load balancing, the default is UTILIZATION. Valid values are UTILIZATION, RATE (for HTTP(S)) and CONNECTION (for TCP/SSL).\n\nFor Internal Load Balancing, the default and only supported mode is CONNECTION.",
-     "enum": [
-      "CONNECTION",
-      "RATE",
-      "UTILIZATION"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "capacityScaler": {
-     "type": "number",
-     "description": "A multiplier applied to the group's maximum servicing capacity (based on UTILIZATION, RATE or CONNECTION). Default value is 1, which means the group will serve up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available Capacity. Valid range is [0.0,1.0].\n\nThis cannot be used for internal load balancing.",
-     "format": "float"
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "failover": {
-     "type": "boolean",
-     "description": "This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService."
-    },
-    "group": {
-     "type": "string",
-     "description": "The fully-qualified URL of a Instance Group resource. This instance group defines the list of instances that serve traffic. Member virtual machine instances from each instance group must live in the same zone as the instance group itself. No two backends in a backend service are allowed to use same Instance Group resource.\n\nNote that you must specify an Instance Group resource using the fully-qualified URL, rather than a partial URL.\n\nWhen the BackendService has load balancing scheme INTERNAL, the instance group must be within the same region as the BackendService."
-    },
-    "maxConnections": {
-     "type": "integer",
-     "description": "The max number of simultaneous connections for the group. Can be used with either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set.\n\nThis cannot be used for internal load balancing.",
-     "format": "int32"
-    },
-    "maxConnectionsPerEndpoint": {
-     "type": "integer",
-     "description": "The max number of simultaneous connections that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerEndpoint must be set.\n\nThis cannot be used for internal load balancing.",
-     "format": "int32"
-    },
-    "maxConnectionsPerInstance": {
-     "type": "integer",
-     "description": "The max number of simultaneous connections that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set.\n\nThis cannot be used for internal load balancing.",
-     "format": "int32"
-    },
-    "maxRate": {
-     "type": "integer",
-     "description": "The max requests per second (RPS) of the group. Can be used with either RATE or UTILIZATION balancing modes, but required if RATE mode. For RATE mode, either maxRate or maxRatePerInstance must be set.\n\nThis cannot be used for internal load balancing.",
-     "format": "int32"
-    },
-    "maxRatePerEndpoint": {
-     "type": "number",
-     "description": "The max requests per second (RPS) that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerEndpoint must be set.\n\nThis cannot be used for internal load balancing.",
-     "format": "float"
-    },
-    "maxRatePerInstance": {
-     "type": "number",
-     "description": "The max requests per second (RPS) that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerInstance must be set.\n\nThis cannot be used for internal load balancing.",
-     "format": "float"
-    },
-    "maxUtilization": {
-     "type": "number",
-     "description": "Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization target for the group. The default is 0.8. Valid range is [0.0, 1.0].\n\nThis cannot be used for internal load balancing.",
-     "format": "float"
-    }
-   }
-  },
-  "BackendBucket": {
-   "id": "BackendBucket",
-   "type": "object",
-   "description": "A BackendBucket resource. This resource defines a Cloud Storage bucket.",
-   "properties": {
-    "bucketName": {
-     "type": "string",
-     "description": "Cloud Storage bucket name."
-    },
-    "cdnPolicy": {
-     "$ref": "BackendBucketCdnPolicy",
-     "description": "Cloud CDN Coniguration for this BackendBucket."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional textual description of the resource; provided by the client when the resource is created."
-    },
-    "enableCdn": {
-     "type": "boolean",
-     "description": "If true, enable Cloud CDN for this BackendBucket."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of the resource.",
-     "default": "compute#backendBucket"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "BackendBucketCdnPolicy": {
-   "id": "BackendBucketCdnPolicy",
-   "type": "object",
-   "description": "Message containing Cloud CDN configuration for a backend bucket.",
-   "properties": {
-    "signedUrlCacheMaxAgeSec": {
-     "type": "string",
-     "description": "Number of seconds up to which the response to a signed URL request will be cached in the CDN. After this time period, the Signed URL will be revalidated before being served. Defaults to 1hr (3600s). If this field is set, Cloud CDN will internally act as though all responses from this bucket had a ?Cache-Control: public, max-age=[TTL]? header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered.",
-     "format": "int64"
-    },
-    "signedUrlKeyNames": {
-     "type": "array",
-     "description": "[Output Only] Names of the keys currently configured for Cloud CDN Signed URL on this backend bucket.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "BackendBucketList": {
-   "id": "BackendBucketList",
-   "type": "object",
-   "description": "Contains a list of BackendBucket resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of BackendBucket resources.",
-     "items": {
-      "$ref": "BackendBucket"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#backendBucketList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "BackendService": {
-   "id": "BackendService",
-   "type": "object",
-   "description": "A BackendService resource. This resource defines a group of backend virtual machines and their serving capacity. (== resource_for v1.backendService ==) (== resource_for beta.backendService ==)",
-   "properties": {
-    "affinityCookieTtlSec": {
-     "type": "integer",
-     "description": "Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day.\n\nWhen the load balancing scheme is INTERNAL, this field is not used.",
-     "format": "int32"
-    },
-    "appEngineBackend": {
-     "$ref": "BackendServiceAppEngineBackend",
-     "description": "Directs request to an App Engine app. cloudFunctionBackend and backends[] must be empty if this is set."
-    },
-    "backends": {
-     "type": "array",
-     "description": "The list of backends that serve this BackendService.",
-     "items": {
-      "$ref": "Backend"
-     }
-    },
-    "cdnPolicy": {
-     "$ref": "BackendServiceCdnPolicy",
-     "description": "Cloud CDN configuration for this BackendService."
-    },
-    "cloudFunctionBackend": {
-     "$ref": "BackendServiceCloudFunctionBackend",
-     "description": "Directs request to a cloud function. appEngineBackend and backends[] must be empty if this is set."
-    },
-    "connectionDraining": {
-     "$ref": "ConnectionDraining"
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "customRequestHeaders": {
-     "type": "array",
-     "description": "Headers that the HTTP/S load balancer should add to proxied requests.",
-     "items": {
+    "key": {
+      "description": "API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.",
+      "location": "query",
       "type": "string"
-     }
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
     },
-    "enableCDN": {
-     "type": "boolean",
-     "description": "If true, enable Cloud CDN for this BackendService.\n\nWhen the load balancing scheme is INTERNAL, this field is not used."
-    },
-    "failoverPolicy": {
-     "$ref": "BackendServiceFailoverPolicy"
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService.",
-     "format": "byte"
-    },
-    "healthChecks": {
-     "type": "array",
-     "description": "The list of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified, and a health check is required for Compute Engine backend services. A health check must not be specified for App Engine backend and Cloud Function backend.\n\nFor internal load balancing, a URL to a HealthCheck resource must be specified instead.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "iap": {
-     "$ref": "BackendServiceIAP"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#backendService for backend services.",
-     "default": "compute#backendService"
-    },
-    "loadBalancingScheme": {
-     "type": "string",
-     "description": "Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. Possible values are INTERNAL and EXTERNAL.",
-     "enum": [
-      "EXTERNAL",
-      "INTERNAL",
-      "INVALID_LOAD_BALANCING_SCHEME"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "port": {
-     "type": "integer",
-     "description": "Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.\n\nThis cannot be used for internal load balancing.",
-     "format": "int32"
-    },
-    "portName": {
-     "type": "string",
-     "description": "Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.\n\nWhen the load balancing scheme is INTERNAL, this field is not used."
-    },
-    "protocol": {
-     "type": "string",
-     "description": "The protocol this BackendService uses to communicate with backends.\n\nPossible values are HTTP, HTTPS, TCP, and SSL. The default is HTTP.\n\nFor internal load balancing, the possible values are TCP and UDP, and the default is TCP.",
-     "enum": [
-      "HTTP",
-      "HTTP2",
-      "HTTPS",
-      "SSL",
-      "TCP",
-      "UDP"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services."
-    },
-    "securityPolicy": {
-     "type": "string",
-     "description": "[Output Only] The resource URL for the security policy associated with this backend service."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sessionAffinity": {
-     "type": "string",
-     "description": "Type of session affinity to use. The default is NONE.\n\nWhen the load balancing scheme is EXTERNAL, can be NONE, CLIENT_IP, or GENERATED_COOKIE.\n\nWhen the load balancing scheme is INTERNAL, can be NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.\n\nWhen the protocol is UDP, this field is not used.",
-     "enum": [
-      "CLIENT_IP",
-      "CLIENT_IP_PORT_PROTO",
-      "CLIENT_IP_PROTO",
-      "GENERATED_COOKIE",
-      "NONE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "timeoutSec": {
-     "type": "integer",
-     "description": "How many seconds to wait for the backend before considering it a failed request. Default is 30 seconds.",
-     "format": "int32"
-    }
-   }
-  },
-  "BackendServiceAggregatedList": {
-   "id": "BackendServiceAggregatedList",
-   "type": "object",
-   "description": "Contains a list of BackendServicesScopedList.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of BackendServicesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "BackendServicesScopedList",
-      "description": "Name of the scope containing this set of BackendServices."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#backendServiceAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "BackendServiceAppEngineBackend": {
-   "id": "BackendServiceAppEngineBackend",
-   "type": "object",
-   "description": "Configuration of a App Engine backend.",
-   "properties": {
-    "appEngineService": {
-     "type": "string",
-     "description": "Optional. App Engine app service name."
-    },
-    "targetProject": {
-     "type": "string",
-     "description": "Required. Project ID of the project hosting the app. This is the project ID of this project. Reference to another project is not allowed."
-    },
-    "version": {
-     "type": "string",
-     "description": "Optional. Version of App Engine app service. When empty, App Engine will do its normal traffic split."
-    }
-   }
-  },
-  "BackendServiceCdnPolicy": {
-   "id": "BackendServiceCdnPolicy",
-   "type": "object",
-   "description": "Message containing Cloud CDN configuration for a backend service.",
-   "properties": {
-    "cacheKeyPolicy": {
-     "$ref": "CacheKeyPolicy",
-     "description": "The CacheKeyPolicy for this CdnPolicy."
-    },
-    "signedUrlCacheMaxAgeSec": {
-     "type": "string",
-     "description": "Number of seconds up to which the response to a signed URL request will be cached in the CDN. After this time period, the Signed URL will be revalidated before being served. Defaults to 1hr (3600s). If this field is set, Cloud CDN will internally act as though all responses from this backend had a ?Cache-Control: public, max-age=[TTL]? header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered.",
-     "format": "int64"
-    },
-    "signedUrlKeyNames": {
-     "type": "array",
-     "description": "[Output Only] Names of the keys currently configured for Cloud CDN Signed URL on this backend service.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "BackendServiceCloudFunctionBackend": {
-   "id": "BackendServiceCloudFunctionBackend",
-   "type": "object",
-   "description": "Configuration of a Cloud Function backend.",
-   "properties": {
-    "functionName": {
-     "type": "string",
-     "description": "Required. A cloud function name. Special value ?*? represents all cloud functions in the project."
-    },
-    "targetProject": {
-     "type": "string",
-     "description": "Required. Project ID of the project hosting the cloud function."
-    }
-   }
-  },
-  "BackendServiceFailoverPolicy": {
-   "id": "BackendServiceFailoverPolicy",
-   "type": "object",
-   "properties": {
-    "disableConnectionDrainOnFailover": {
-     "type": "boolean",
-     "description": "On failover or failback, this field indicates whether connection drain will be honored. Setting this to true has the following effect: connections to the old active pool are not drained. Connections to the new active pool use the timeout of 10 min (currently fixed). Setting to false has the following effect: both old and new connections will have a drain timeout of 10 min.\n\nThis can be set to true only if the protocol is TCP.\n\nThe default is false."
-    },
-    "dropTrafficIfUnhealthy": {
-     "type": "boolean",
-     "description": "This option is used only when no healthy VMs are detected in the primary and backup instance groups. When set to true, traffic is dropped. When set to false, new connections are sent across all VMs in the primary group.\n\nThe default is false."
-    },
-    "failoverRatio": {
-     "type": "number",
-     "description": "The value of the field must be in [0, 1]. If the ratio of the healthy VMs in the primary backend is at or below this number, traffic arriving at the load-balanced IP will be directed to the failover backend.\n\nIn case where 'failoverRatio' is not set or all the VMs in the backup backend are unhealthy, the traffic will be directed back to the primary backend in the \"force\" mode, where traffic will be spread to the healthy VMs with the best effort, or to all VMs when no VM is healthy.\n\nThis field is only used with l4 load balancing.",
-     "format": "float"
-    }
-   }
-  },
-  "BackendServiceGroupHealth": {
-   "id": "BackendServiceGroupHealth",
-   "type": "object",
-   "properties": {
-    "healthStatus": {
-     "type": "array",
-     "items": {
-      "$ref": "HealthStatus"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#backendServiceGroupHealth for the health of backend services.",
-     "default": "compute#backendServiceGroupHealth"
-    }
-   }
-  },
-  "BackendServiceIAP": {
-   "id": "BackendServiceIAP",
-   "type": "object",
-   "description": "Identity-Aware Proxy",
-   "properties": {
-    "enabled": {
-     "type": "boolean"
-    },
-    "oauth2ClientId": {
-     "type": "string"
-    },
-    "oauth2ClientSecret": {
-     "type": "string"
-    },
-    "oauth2ClientSecretSha256": {
-     "type": "string",
-     "description": "[Output Only] SHA256 hash value for the field oauth2_client_secret above."
-    }
-   }
-  },
-  "BackendServiceList": {
-   "id": "BackendServiceList",
-   "type": "object",
-   "description": "Contains a list of BackendService resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of BackendService resources.",
-     "items": {
-      "$ref": "BackendService"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#backendServiceList for lists of backend services.",
-     "default": "compute#backendServiceList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "BackendServiceReference": {
-   "id": "BackendServiceReference",
-   "type": "object",
-   "properties": {
-    "backendService": {
-     "type": "string"
-    }
-   }
-  },
-  "BackendServicesScopedList": {
-   "id": "BackendServicesScopedList",
-   "type": "object",
-   "properties": {
-    "backendServices": {
-     "type": "array",
-     "description": "List of BackendServices contained in this scope.",
-     "items": {
-      "$ref": "BackendService"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of backend services when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "Binding": {
-   "id": "Binding",
-   "type": "object",
-   "description": "Associates `members` with a `role`.",
-   "properties": {
-    "condition": {
-     "$ref": "Expr",
-     "description": "The condition that is associated with this binding. NOTE: an unsatisfied condition will not allow user access via current binding. Different bindings, including their conditions, are examined independently. This field is GOOGLE_INTERNAL."
-    },
-    "members": {
-     "type": "array",
-     "description": "Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:\n\n* `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.\n\n* `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n\n* `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@gmail.com` or `joe@example.com`.\n\n\n\n* `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.\n\n* `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.\n\n\n\n* `domain:{domain}`: A Google Apps domain name that represents all the users of that domain. For example, `google.com` or `example.com`.",
-     "items": {
+    "oauth_token": {
+      "description": "OAuth 2.0 token for the current user.",
+      "location": "query",
       "type": "string"
-     }
     },
-    "role": {
-     "type": "string",
-     "description": "Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`."
-    }
-   }
-  },
-  "CacheInvalidationRule": {
-   "id": "CacheInvalidationRule",
-   "type": "object",
-   "properties": {
-    "host": {
-     "type": "string",
-     "description": "If set, this invalidation rule will only apply to requests with a Host header matching host."
-    },
-    "path": {
-     "type": "string"
-    }
-   }
-  },
-  "CacheKeyPolicy": {
-   "id": "CacheKeyPolicy",
-   "type": "object",
-   "description": "Message containing what to include in the cache key for a request for Cloud CDN.",
-   "properties": {
-    "includeHost": {
-     "type": "boolean",
-     "description": "If true, requests to different hosts will be cached separately."
-    },
-    "includeProtocol": {
-     "type": "boolean",
-     "description": "If true, http and https requests will be cached separately."
-    },
-    "includeQueryString": {
-     "type": "boolean",
-     "description": "If true, include query string parameters in the cache key according to query_string_whitelist and query_string_blacklist. If neither is set, the entire query string will be included. If false, the query string will be excluded from the cache key entirely."
-    },
-    "queryStringBlacklist": {
-     "type": "array",
-     "description": "Names of query string parameters to exclude in cache keys. All other parameters will be included. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters.",
-     "items": {
-      "type": "string"
-     }
+    "prettyPrint": {
+      "default": "true",
+      "description": "Returns response with indentations and line breaks.",
+      "location": "query",
+      "type": "boolean"
     },
-    "queryStringWhitelist": {
-     "type": "array",
-     "description": "Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "Commitment": {
-   "id": "Commitment",
-   "type": "object",
-   "description": "Represents a Commitment resource. Creating a Commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts.\n\nCommitted use discounts are subject to Google Cloud Platform's Service Specific Terms. By purchasing a committed use discount, you agree to these terms. Committed use discounts will not renew, so you must purchase a new commitment to continue receiving discounts. (== resource_for beta.commitments ==) (== resource_for v1.commitments ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "endTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Commitment end time in RFC3339 text format."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#commitment for commitments.",
-     "default": "compute#commitment"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "plan": {
-     "type": "string",
-     "description": "The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).",
-     "enum": [
-      "INVALID",
-      "THIRTY_SIX_MONTH",
-      "TWELVE_MONTH"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where this commitment may be used."
-    },
-    "resources": {
-     "type": "array",
-     "description": "List of commitment amounts for particular resources. Note that VCPU and MEMORY resource commitments must occur together.",
-     "items": {
-      "$ref": "ResourceCommitment"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "startTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Commitment start time in RFC3339 text format."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] Status of the commitment with regards to eventual expiration (each commitment has an end date defined). One of the following values: NOT_YET_ACTIVE, ACTIVE, EXPIRED.",
-     "enum": [
-      "ACTIVE",
-      "CREATING",
-      "EXPIRED",
-      "NOT_YET_ACTIVE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "statusMessage": {
-     "type": "string",
-     "description": "[Output Only] An optional, human-readable explanation of the status."
-    }
-   }
-  },
-  "CommitmentAggregatedList": {
-   "id": "CommitmentAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of CommitmentsScopedList resources.",
-     "additionalProperties": {
-      "$ref": "CommitmentsScopedList",
-      "description": "[Output Only] Name of the scope containing this set of commitments."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#commitmentAggregatedList for aggregated lists of commitments.",
-     "default": "compute#commitmentAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "CommitmentList": {
-   "id": "CommitmentList",
-   "type": "object",
-   "description": "Contains a list of Commitment resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Commitment resources.",
-     "items": {
-      "$ref": "Commitment"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#commitmentList for lists of commitments.",
-     "default": "compute#commitmentList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "CommitmentsScopedList": {
-   "id": "CommitmentsScopedList",
-   "type": "object",
-   "properties": {
-    "commitments": {
-     "type": "array",
-     "description": "[Output Only] List of commitments contained in this scope.",
-     "items": {
-      "$ref": "Commitment"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of commitments when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "Condition": {
-   "id": "Condition",
-   "type": "object",
-   "description": "A condition to be met.",
-   "properties": {
-    "iam": {
-     "type": "string",
-     "description": "Trusted attributes supplied by the IAM system.",
-     "enum": [
-      "APPROVER",
-      "ATTRIBUTION",
-      "AUTHORITY",
-      "JUSTIFICATION_TYPE",
-      "NO_ATTR",
-      "SECURITY_REALM"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "op": {
-     "type": "string",
-     "description": "An operator to apply the subject with.",
-     "enum": [
-      "DISCHARGED",
-      "EQUALS",
-      "IN",
-      "NOT_EQUALS",
-      "NOT_IN",
-      "NO_OP"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "svc": {
-     "type": "string",
-     "description": "Trusted attributes discharged by the service."
-    },
-    "sys": {
-     "type": "string",
-     "description": "Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.",
-     "enum": [
-      "IP",
-      "NAME",
-      "NO_ATTR",
-      "REGION",
-      "SERVICE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "value": {
-     "type": "string",
-     "description": "DEPRECATED. Use 'values' instead."
-    },
-    "values": {
-     "type": "array",
-     "description": "The objects of the condition. This is mutually exclusive with 'value'.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "ConnectionDraining": {
-   "id": "ConnectionDraining",
-   "type": "object",
-   "description": "Message containing connection draining configuration.",
-   "properties": {
-    "drainingTimeoutSec": {
-     "type": "integer",
-     "description": "Time for which instance will be drained (not accept new connections, but still work to finish started).",
-     "format": "int32"
-    }
-   }
-  },
-  "CustomerEncryptionKey": {
-   "id": "CustomerEncryptionKey",
-   "type": "object",
-   "description": "Represents a customer-supplied encryption key",
-   "properties": {
-    "kmsKeyName": {
-     "type": "string",
-     "description": "The name of the encryption key that is stored in Google Cloud KMS."
-    },
-    "rawKey": {
-     "type": "string",
-     "description": "Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource."
-    },
-    "rsaEncryptedKey": {
-     "type": "string",
-     "description": "Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.\n\nThe key must meet the following requirements before you can provide it to Compute Engine:  \n- The key is wrapped using a RSA public key certificate provided by Google. \n- After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Get the RSA public key certificate provided by Google at:\nhttps://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem"
-    },
-    "sha256": {
-     "type": "string",
-     "description": "[Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource."
-    }
-   }
-  },
-  "CustomerEncryptionKeyProtectedDisk": {
-   "id": "CustomerEncryptionKeyProtectedDisk",
-   "type": "object",
-   "properties": {
-    "diskEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "Decrypts data associated with the disk with a customer-supplied encryption key."
-    },
-    "source": {
-     "type": "string",
-     "description": "Specifies a valid partial or full URL to an existing Persistent Disk resource. This field is only applicable for persistent disks."
-    }
-   }
-  },
-  "DailyMaintenanceWindow": {
-   "id": "DailyMaintenanceWindow",
-   "type": "object",
-   "description": "Time window specified for daily maintenance operations.",
-   "properties": {
-    "daysInCycle": {
-     "type": "integer",
-     "description": "Allows to define schedule that runs every nth day of the month.",
-     "format": "int32"
-    },
-    "duration": {
-     "type": "string",
-     "description": "[Output only] Duration of the time window, automatically chosen to be smallest possible in the given scenario."
-    },
-    "startTime": {
-     "type": "string",
-     "description": "Time within the maintenance window to start the maintenance operations. It must be in format \"HH:MM?, where HH : [00-23] and MM : [00-59] GMT."
-    }
-   }
-  },
-  "DeprecationStatus": {
-   "id": "DeprecationStatus",
-   "type": "object",
-   "description": "Deprecation status for a public resource.",
-   "properties": {
-    "deleted": {
-     "type": "string",
-     "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it."
-    },
-    "deprecated": {
-     "type": "string",
-     "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DEPRECATED. This is only informational and the status will not change unless the client explicitly changes it."
-    },
-    "obsolete": {
-     "type": "string",
-     "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to OBSOLETE. This is only informational and the status will not change unless the client explicitly changes it."
-    },
-    "replacement": {
-     "type": "string",
-     "description": "The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource."
-    },
-    "state": {
-     "type": "string",
-     "description": "The deprecation state of this resource. This can be DEPRECATED, OBSOLETE, or DELETED. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.",
-     "enum": [
-      "DELETED",
-      "DEPRECATED",
-      "OBSOLETE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "Disk": {
-   "id": "Disk",
-   "type": "object",
-   "description": "A Disk resource. (== resource_for beta.disks ==) (== resource_for v1.disks ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "diskEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "Encrypts the disk using a customer-supplied encryption key.\n\nAfter you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot or an image, or to attach the disk to a virtual machine).\n\nCustomer-supplied encryption keys do not protect access to metadata of the disk.\n\nIf you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later."
-    },
-    "guestOsFeatures": {
-     "type": "array",
-     "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.",
-     "items": {
-      "$ref": "GuestOsFeature"
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#disk for disks.",
-     "default": "compute#disk"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a disk.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this disk. These can be later modified by the setLabels method.",
-     "additionalProperties": {
+    "quotaUser": {
+      "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. Overrides userIp if both are provided.",
+      "location": "query",
       "type": "string"
-     }
-    },
-    "lastAttachTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Last attach timestamp in RFC3339 text format."
-    },
-    "lastDetachTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Last detach timestamp in RFC3339 text format."
     },
-    "licenseCodes": {
-     "type": "array",
-     "description": "Integer license codes indicating which licenses are attached to this disk.",
-     "items": {
-      "type": "string",
-      "format": "int64"
-     }
-    },
-    "licenses": {
-     "type": "array",
-     "description": "Any applicable publicly visible licenses.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.disks.insert"
-      ]
-     }
-    },
-    "options": {
-     "type": "string",
-     "description": "Internal use only."
-    },
-    "physicalBlockSizeBytes": {
-     "type": "string",
-     "description": "Physical block size of the persistent disk, in bytes. If not present in a request, a default value is used. Initially only 4096 is supported, but other powers of two may be added. If an unsupported value is requested, the error message will list the supported values, but even a supported value may be allowed for only some projects.",
-     "format": "int64"
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the disk resides. Only applicable for regional resources."
-    },
-    "replicaZones": {
-     "type": "array",
-     "description": "URLs of the zones where the disk should be replicated to. Only applicable for regional resources.",
-     "items": {
+    "userIp": {
+      "description": "IP address of the site where the request originates. Use this if you want to enforce per-user limits.",
+      "location": "query",
       "type": "string"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined fully-qualified URL for this resource."
-    },
-    "sizeGb": {
-     "type": "string",
-     "description": "Size of the persistent disk, specified in GB. You can specify this field when creating a persistent disk using the sourceImage or sourceSnapshot parameter, or specify it alone to create an empty persistent disk.\n\nIf you specify this field along with sourceImage or sourceSnapshot, the value of sizeGb must not be less than the size of the sourceImage or the size of the snapshot. Acceptable values are 1 to 65536, inclusive.",
-     "format": "int64"
-    },
-    "sourceImage": {
-     "type": "string",
-     "description": "The source image used to create this disk. If the source image is deleted, this field will not be set.\n\nTo create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-8 to use the latest Debian 8 image:\n\nprojects/debian-cloud/global/images/family/debian-8 \n\nAlternatively, use a specific version of a public operating system image:\n\nprojects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD \n\nTo create a disk with a custom image that you created, specify the image name in the following format:\n\nglobal/images/my-custom-image \n\nYou can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:\n\nglobal/images/family/my-image-family"
-    },
-    "sourceImageEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key."
-    },
-    "sourceImageId": {
-     "type": "string",
-     "description": "[Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used."
-    },
-    "sourceSnapshot": {
-     "type": "string",
-     "description": "The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot \n- projects/project/global/snapshots/snapshot \n- global/snapshots/snapshot"
-    },
-    "sourceSnapshotEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key."
-    },
-    "sourceSnapshotId": {
-     "type": "string",
-     "description": "[Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of disk creation.",
-     "enum": [
-      "CREATING",
-      "FAILED",
-      "READY",
-      "RESTORING"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "storageType": {
-     "type": "string",
-     "description": "[Deprecated] Storage type of the persistent disk.",
-     "enum": [
-      "HDD",
-      "SSD"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "type": {
-     "type": "string",
-     "description": "URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk."
-    },
-    "users": {
-     "type": "array",
-     "description": "[Output Only] Links to the users of the disk (attached instances) in form: project/zones/zone/instances/instance",
-     "items": {
-      "type": "string"
-     }
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] URL of the zone where the disk resides."
-    }
-   }
-  },
-  "DiskAggregatedList": {
-   "id": "DiskAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of DisksScopedList resources.",
-     "additionalProperties": {
-      "$ref": "DisksScopedList",
-      "description": "[Output Only] Name of the scope containing this set of disks."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#diskAggregatedList for aggregated lists of persistent disks.",
-     "default": "compute#diskAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "DiskInstantiationConfig": {
-   "id": "DiskInstantiationConfig",
-   "type": "object",
-   "description": "A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.",
-   "properties": {
-    "autoDelete": {
-     "type": "boolean",
-     "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)."
-    },
-    "deviceName": {
-     "type": "string",
-     "description": "Specifies the device name of the disk to which the configurations apply to."
-    },
-    "instantiateFrom": {
-     "type": "string",
-     "description": "Specifies whether to include the disk and what image to use.",
-     "enum": [
-      "ATTACH_READ_ONLY",
-      "BLANK",
-      "DEFAULT",
-      "DO_NOT_INCLUDE",
-      "IMAGE_URL",
-      "SOURCE_IMAGE",
-      "SOURCE_IMAGE_FAMILY"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "sourceImage": {
-     "type": "string",
-     "description": "The custom source image to be used to restore this disk when instantiating this instance template."
-    }
-   }
-  },
-  "DiskList": {
-   "id": "DiskList",
-   "type": "object",
-   "description": "A list of Disk resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Disk resources.",
-     "items": {
-      "$ref": "Disk"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#diskList for lists of disks.",
-     "default": "compute#diskList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "DiskMoveRequest": {
-   "id": "DiskMoveRequest",
-   "type": "object",
-   "properties": {
-    "destinationZone": {
-     "type": "string",
-     "description": "The URL of the destination zone to move the disk. This can be a full or partial URL. For example, the following are all valid URLs to a zone:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone \n- projects/project/zones/zone \n- zones/zone"
-    },
-    "targetDisk": {
-     "type": "string",
-     "description": "The URL of the target disk to move. This can be a full or partial URL. For example, the following are all valid URLs to a disk:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk \n- projects/project/zones/zone/disks/disk \n- zones/zone/disks/disk"
-    }
-   }
-  },
-  "DiskType": {
-   "id": "DiskType",
-   "type": "object",
-   "description": "A DiskType resource. (== resource_for beta.diskTypes ==) (== resource_for v1.diskTypes ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "defaultDiskSizeGb": {
-     "type": "string",
-     "description": "[Output Only] Server-defined default disk size in GB.",
-     "format": "int64"
-    },
-    "deprecated": {
-     "$ref": "DeprecationStatus",
-     "description": "[Output Only] The deprecation status associated with this disk type."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] An optional description of this resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#diskType for disk types.",
-     "default": "compute#diskType"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "validDiskSize": {
-     "type": "string",
-     "description": "[Output Only] An optional textual description of the valid disk size, such as \"10GB-10TB\"."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] URL of the zone where the disk type resides."
     }
-   }
   },
-  "DiskTypeAggregatedList": {
-   "id": "DiskTypeAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of DiskTypesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "DiskTypesScopedList",
-      "description": "[Output Only] Name of the scope containing this set of disk types."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#diskTypeAggregatedList.",
-     "default": "compute#diskTypeAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "DiskTypeList": {
-   "id": "DiskTypeList",
-   "type": "object",
-   "description": "Contains a list of disk types.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of DiskType resources.",
-     "items": {
-      "$ref": "DiskType"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#diskTypeList for disk types.",
-     "default": "compute#diskTypeList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "DiskTypesScopedList": {
-   "id": "DiskTypesScopedList",
-   "type": "object",
-   "properties": {
-    "diskTypes": {
-     "type": "array",
-     "description": "[Output Only] List of disk types contained in this scope.",
-     "items": {
-      "$ref": "DiskType"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of disk types when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "DisksResizeRequest": {
-   "id": "DisksResizeRequest",
-   "type": "object",
-   "properties": {
-    "sizeGb": {
-     "type": "string",
-     "description": "The new size of the persistent disk, which is specified in GB.",
-     "format": "int64"
-    }
-   }
-  },
-  "DisksScopedList": {
-   "id": "DisksScopedList",
-   "type": "object",
-   "properties": {
-    "disks": {
-     "type": "array",
-     "description": "[Output Only] List of disks contained in this scope.",
-     "items": {
-      "$ref": "Disk"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of disks when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "DistributionPolicy": {
-   "id": "DistributionPolicy",
-   "type": "object",
-   "properties": {
-    "zones": {
-     "type": "array",
-     "items": {
-      "$ref": "DistributionPolicyZoneConfiguration"
-     }
-    }
-   }
-  },
-  "DistributionPolicyZoneConfiguration": {
-   "id": "DistributionPolicyZoneConfiguration",
-   "type": "object",
-   "properties": {
-    "zone": {
-     "type": "string",
-     "description": "URL of the zone where managed instance group is spawning instances (for regional resources). Zone has to belong to the region where managed instance group is located.",
-     "annotations": {
-      "required": [
-       "compute.regionInstanceGroupManagers.insert",
-       "compute.regionInstanceGroupManagers.update"
-      ]
-     }
-    }
-   }
-  },
-  "Expr": {
-   "id": "Expr",
-   "type": "object",
-   "description": "Represents an expression text. Example:\n\ntitle: \"User account presence\" description: \"Determines whether the request has a user account\" expression: \"size(request.user) \u003e 0\"",
-   "properties": {
-    "description": {
-     "type": "string",
-     "description": "An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI."
-    },
-    "expression": {
-     "type": "string",
-     "description": "Textual representation of an expression in Common Expression Language syntax.\n\nThe application context of the containing message determines which well-known feature set of CEL is supported."
-    },
-    "location": {
-     "type": "string",
-     "description": "An optional string indicating the location of the expression for error reporting, e.g. a file name and a position in the file."
-    },
-    "title": {
-     "type": "string",
-     "description": "An optional title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression."
-    }
-   }
-  },
-  "Firewall": {
-   "id": "Firewall",
-   "type": "object",
-   "description": "Represents a Firewall resource.",
-   "properties": {
-    "allowed": {
-     "type": "array",
-     "description": "The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.",
-     "items": {
-      "type": "object",
-      "properties": {
-       "IPProtocol": {
-        "type": "string",
-        "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number."
-       },
-       "ports": {
-        "type": "array",
-        "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.\n\nExample inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"].",
-        "items": {
-         "type": "string"
+  "protocol": "rest",
+  "resources": {
+    "acceleratorTypes": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of accelerator types.",
+          "httpMethod": "GET",
+          "id": "compute.acceleratorTypes.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/acceleratorTypes",
+          "response": {
+            "$ref": "AcceleratorTypeAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified accelerator type. Get a list of available accelerator types by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.acceleratorTypes.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "acceleratorType"
+          ],
+          "parameters": {
+            "acceleratorType": {
+              "description": "Name of the accelerator type to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/acceleratorTypes/{acceleratorType}",
+          "response": {
+            "$ref": "AcceleratorType"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of accelerator types available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.acceleratorTypes.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/acceleratorTypes",
+          "response": {
+            "$ref": "AcceleratorTypeList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
         }
-       }
       }
-     }
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "denied": {
-     "type": "array",
-     "description": "The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.",
-     "items": {
-      "type": "object",
-      "properties": {
-       "IPProtocol": {
-        "type": "string",
-        "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number."
-       },
-       "ports": {
-        "type": "array",
-        "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.\n\nExample inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"].",
-        "items": {
-         "type": "string"
+    },
+    "addresses": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of addresses.",
+          "httpMethod": "GET",
+          "id": "compute.addresses.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/addresses",
+          "response": {
+            "$ref": "AddressAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified address resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.addresses.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "address"
+          ],
+          "parameters": {
+            "address": {
+              "description": "Name of the address resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/addresses/{address}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified address resource.",
+          "httpMethod": "GET",
+          "id": "compute.addresses.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "address"
+          ],
+          "parameters": {
+            "address": {
+              "description": "Name of the address resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/addresses/{address}",
+          "response": {
+            "$ref": "Address"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an address resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.addresses.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/addresses",
+          "request": {
+            "$ref": "Address"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of addresses contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.addresses.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/addresses",
+          "response": {
+            "$ref": "AddressList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on an Address. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.addresses.setLabels",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/addresses/{resource}/setLabels",
+          "request": {
+            "$ref": "RegionSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.addresses.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/addresses/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
         }
-       }
       }
-     }
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
     },
-    "destinationRanges": {
-     "type": "array",
-     "description": "If destination ranges are specified, the firewall will apply only to traffic that has destination IP address in these ranges. These ranges must be expressed in CIDR format. Only IPv4 is supported.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "direction": {
-     "type": "string",
-     "description": "Direction of traffic to which this firewall applies; default is INGRESS. Note: For INGRESS traffic, it is NOT supported to specify destinationRanges; For EGRESS traffic, it is NOT supported to specify sourceRanges OR sourceTags.",
-     "enum": [
-      "EGRESS",
-      "INGRESS"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "disabled": {
-     "type": "boolean",
-     "description": "Denotes whether the firewall rule is disabled, i.e not applied to the network it is associated with. When set to true, the firewall rule is not enforced and the network behaves as if it did not exist. If this is unspecified, the firewall rule will be enabled."
-    },
-    "enableLogging": {
-     "type": "boolean",
-     "description": "This field denotes whether to enable logging for a particular firewall rule. If logging is enabled, logs will be exported to the configured export destination for all firewall logs in the network. Logs may be exported to BigQuery or Pub/Sub."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#firewall for firewall rules.",
-     "default": "compute#firewall"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.firewalls.insert",
-       "compute.firewalls.patch"
-      ]
-     }
-    },
-    "network": {
-     "type": "string",
-     "description": "URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:\nglobal/networks/default\nIf you choose to specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network \n- projects/myproject/global/networks/my-network \n- global/networks/default"
-    },
-    "priority": {
-     "type": "integer",
-     "description": "Priority for this rule. This is an integer between 0 and 65535, both inclusive. When not specified, the value assumed is 1000. Relative priorities determine precedence of conflicting rules. Lower value of priority implies higher precedence (eg, a rule with priority 0 has higher precedence than a rule with priority 1). DENY rules take precedence over ALLOW rules having equal priority.",
-     "format": "int32"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sourceRanges": {
-     "type": "array",
-     "description": "If source ranges are specified, the firewall will apply only to traffic that has source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply. Only IPv4 is supported.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "sourceServiceAccounts": {
-     "type": "array",
-     "description": "If source service accounts are specified, the firewall will apply only to traffic originating from an instance with a service account in this list. Source service accounts cannot be used to control traffic to an instance's external IP address because service accounts are associated with an instance, not an IP address. sourceRanges can be set at the same time as sourceServiceAccounts. If both are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP belongs to an instance with service account listed in sourceServiceAccount. The connection does not need to match both properties for the firewall to apply. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "sourceTags": {
-     "type": "array",
-     "description": "If source tags are specified, the firewall rule applies only to traffic with source IPs that match the primary network interfaces of VM instances that have the tag and are in the same VPC network. Source tags cannot be used to control traffic to an instance's external IP address, it only applies to traffic between instances in the same virtual network. Because tags are associated with instances, not IP addresses. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "targetServiceAccounts": {
-     "type": "array",
-     "description": "A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[]. targetServiceAccounts cannot be used at the same time as targetTags or sourceTags. If neither targetServiceAccounts nor targetTags are specified, the firewall rule applies to all instances on the specified network.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "targetTags": {
-     "type": "array",
-     "description": "A list of tags that controls which instances the firewall rule applies to. If targetTags are specified, then the firewall rule applies only to instances in the VPC network that have one of those tags. If no targetTags are specified, the firewall rule applies to all instances on the specified network.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "FirewallList": {
-   "id": "FirewallList",
-   "type": "object",
-   "description": "Contains a list of firewalls.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Firewall resources.",
-     "items": {
-      "$ref": "Firewall"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#firewallList for lists of firewalls.",
-     "default": "compute#firewallList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "autoscalers": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of autoscalers.",
+          "httpMethod": "GET",
+          "id": "compute.autoscalers.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/autoscalers",
+          "response": {
+            "$ref": "AutoscalerAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified autoscaler.",
+          "httpMethod": "DELETE",
+          "id": "compute.autoscalers.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "autoscaler"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers/{autoscaler}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified autoscaler resource. Get a list of available autoscalers by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.autoscalers.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "autoscaler"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers/{autoscaler}",
+          "response": {
+            "$ref": "Autoscaler"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an autoscaler in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.autoscalers.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers",
+          "request": {
+            "$ref": "Autoscaler"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of autoscalers contained within the specified zone.",
+          "httpMethod": "GET",
+          "id": "compute.autoscalers.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers",
+          "response": {
+            "$ref": "AutoscalerList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.autoscalers.patch",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to patch.",
+              "location": "query",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers",
+          "request": {
+            "$ref": "Autoscaler"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.autoscalers.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates an autoscaler in the specified project using the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.autoscalers.update",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to update.",
+              "location": "query",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers",
+          "request": {
+            "$ref": "Autoscaler"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "FixedOrPercent": {
-   "id": "FixedOrPercent",
-   "type": "object",
-   "description": "Encapsulates numeric value that can be either absolute or relative.",
-   "properties": {
-    "calculated": {
-     "type": "integer",
-     "description": "[Output Only] Absolute value of VM instances calculated based on the specific mode.\n\n \n- If the value is fixed, then the caculated value is equal to the fixed value. \n- If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded up.",
-     "format": "int32"
-    },
-    "fixed": {
-     "type": "integer",
-     "description": "Specifies a fixed number of VM instances. This must be a positive integer.",
-     "format": "int32"
-    },
-    "percent": {
-     "type": "integer",
-     "description": "Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.",
-     "format": "int32"
-    }
-   }
-  },
-  "ForwardingRule": {
-   "id": "ForwardingRule",
-   "type": "object",
-   "description": "A ForwardingRule resource. A ForwardingRule resource specifies which pool of target virtual machines to forward a packet to if it matches the given [IPAddress, IPProtocol, ports] tuple. (== resource_for beta.forwardingRules ==) (== resource_for v1.forwardingRules ==) (== resource_for beta.globalForwardingRules ==) (== resource_for v1.globalForwardingRules ==) (== resource_for beta.regionForwardingRules ==) (== resource_for v1.regionForwardingRules ==)",
-   "properties": {
-    "IPAddress": {
-     "type": "string",
-     "description": "The IP address that this forwarding rule is serving on behalf of.\n\nAddresses are restricted based on the forwarding rule's load balancing scheme (EXTERNAL or INTERNAL) and scope (global or regional).\n\nWhen the load balancing scheme is EXTERNAL, for global forwarding rules, the address must be a global IP, and for regional forwarding rules, the address must live in the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 address from the same scope (global or regional) will be assigned. A regional forwarding rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6.\n\nWhen the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address belonging to the network/subnet configured for the forwarding rule. By default, if this field is empty, an ephemeral internal IP address will be automatically allocated from the IP range of the subnet or network configured for this forwarding rule.\n\nAn address can be specified either by a literal IP address or a URL reference to an existing Address resource. The following examples are all valid:  \n- 100.1.2.3 \n- https://www.googleapis.com/compute/v1/projects/project/regions/region/addresses/address \n- projects/project/regions/region/addresses/address \n- regions/region/addresses/address \n- global/addresses/address \n- address"
-    },
-    "IPProtocol": {
-     "type": "string",
-     "description": "The IP protocol to which this rule applies. Valid options are TCP, UDP, ESP, AH, SCTP or ICMP.\n\nWhen the load balancing scheme is INTERNAL, only TCP and UDP are valid.",
-     "enum": [
-      "AH",
-      "ESP",
-      "ICMP",
-      "SCTP",
-      "TCP",
-      "UDP"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "backendService": {
-     "type": "string",
-     "description": "This field is not used for external load balancing.\n\nFor internal load balancing, this field identifies the BackendService resource to receive the matched traffic."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.\n\nTo see the latest fingerprint, make a get() request to retrieve a ForwardingRule.",
-     "format": "byte"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "ipVersion": {
-     "type": "string",
-     "description": "The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for a global forwarding rule.",
-     "enum": [
-      "IPV4",
-      "IPV6",
-      "UNSPECIFIED_VERSION"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.",
-     "default": "compute#forwardingRule"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a ForwardingRule.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this resource. These can be later modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    },
-    "loadBalancingScheme": {
-     "type": "string",
-     "description": "This signifies what the ForwardingRule will be used for and can only take the following values: INTERNAL, EXTERNAL The value of INTERNAL means that this will be used for Internal Network Load Balancing (TCP, UDP). The value of EXTERNAL means that this will be used for External Load Balancing (HTTP(S) LB, External TCP/UDP LB, SSL Proxy)",
-     "enum": [
-      "EXTERNAL",
-      "INTERNAL",
-      "INVALID"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "network": {
-     "type": "string",
-     "description": "This field is not used for external load balancing.\n\nFor internal load balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used."
-    },
-    "networkTier": {
-     "type": "string",
-     "description": "This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM , STANDARD.\n\nFor regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.\n\nIf this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.",
-     "enum": [
-      "PREMIUM",
-      "SELECT",
-      "STANDARD"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "portRange": {
-     "type": "string",
-     "description": "This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance.\n\nApplicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to ports in the specified range will be forwarded to target. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port ranges.\n\nSome types of forwarding target have constraints on the acceptable ports:  \n- TargetHttpProxy: 80, 8080 \n- TargetHttpsProxy: 443 \n- TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 \n- TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 \n- TargetVpnGateway: 500, 4500\n-"
-    },
-    "ports": {
-     "type": "array",
-     "description": "This field is used along with the backend_service field for internal load balancing.\n\nWhen the load balancing scheme is INTERNAL, a single port or a comma separated list of ports can be configured. Only packets addressed to these ports will be forwarded to the backends configured with this forwarding rule.\n\nYou may specify a maximum of up to 5 ports.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules."
     },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
+    "backendBuckets": {
+      "methods": {
+        "addSignedUrlKey": {
+          "description": "Adds the given Signed URL Key to the backend bucket.",
+          "httpMethod": "POST",
+          "id": "compute.backendBuckets.addSignedUrlKey",
+          "parameterOrder": [
+            "project",
+            "backendBucket"
+          ],
+          "parameters": {
+            "backendBucket": {
+              "description": "Name of the BackendBucket resource to which the Signed URL Key should be added. The name should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets/{backendBucket}/addSignedUrlKey",
+          "request": {
+            "$ref": "SignedUrlKey"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified BackendBucket resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.backendBuckets.delete",
+          "parameterOrder": [
+            "project",
+            "backendBucket"
+          ],
+          "parameters": {
+            "backendBucket": {
+              "description": "Name of the BackendBucket resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets/{backendBucket}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "deleteSignedUrlKey": {
+          "description": "Deletes the given Signed URL Key from the backend bucket.",
+          "httpMethod": "POST",
+          "id": "compute.backendBuckets.deleteSignedUrlKey",
+          "parameterOrder": [
+            "project",
+            "backendBucket",
+            "keyName"
+          ],
+          "parameters": {
+            "backendBucket": {
+              "description": "Name of the BackendBucket resource to which the Signed URL Key should be added. The name should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "keyName": {
+              "description": "The name of the Signed URL Key to delete.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets/{backendBucket}/deleteSignedUrlKey",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified BackendBucket resource. Get a list of available backend buckets by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.backendBuckets.get",
+          "parameterOrder": [
+            "project",
+            "backendBucket"
+          ],
+          "parameters": {
+            "backendBucket": {
+              "description": "Name of the BackendBucket resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets/{backendBucket}",
+          "response": {
+            "$ref": "BackendBucket"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getIamPolicy": {
+          "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
+          "httpMethod": "GET",
+          "id": "compute.backendBuckets.getIamPolicy",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets/{resource}/getIamPolicy",
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a BackendBucket resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.backendBuckets.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets",
+          "request": {
+            "$ref": "BackendBucket"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of BackendBucket resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.backendBuckets.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets",
+          "response": {
+            "$ref": "BackendBucketList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates the specified BackendBucket resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.backendBuckets.patch",
+          "parameterOrder": [
+            "project",
+            "backendBucket"
+          ],
+          "parameters": {
+            "backendBucket": {
+              "description": "Name of the BackendBucket resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets/{backendBucket}",
+          "request": {
+            "$ref": "BackendBucket"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setIamPolicy": {
+          "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
+          "httpMethod": "POST",
+          "id": "compute.backendBuckets.setIamPolicy",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets/{resource}/setIamPolicy",
+          "request": {
+            "$ref": "Policy"
+          },
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.backendBuckets.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates the specified BackendBucket resource with the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.backendBuckets.update",
+          "parameterOrder": [
+            "project",
+            "backendBucket"
+          ],
+          "parameters": {
+            "backendBucket": {
+              "description": "Name of the BackendBucket resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets/{backendBucket}",
+          "request": {
+            "$ref": "BackendBucket"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
+      }
     },
-    "serviceLabel": {
-     "type": "string",
-     "description": "An optional prefix to the service name for this Forwarding Rule. If specified, will be the first label of the fully qualified service name.\n\nThe label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.\n\nThis field is only used for internal load balancing.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
+    "backendServices": {
+      "methods": {
+        "addSignedUrlKey": {
+          "description": "Adds the given Signed URL Key to the specified backend service.",
+          "httpMethod": "POST",
+          "id": "compute.backendServices.addSignedUrlKey",
+          "parameterOrder": [
+            "project",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to which the Signed URL Key should be added. The name should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}/addSignedUrlKey",
+          "request": {
+            "$ref": "SignedUrlKey"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "aggregatedList": {
+          "description": "Retrieves the list of all BackendService resources, regional and global, available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.backendServices.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Name of the project scoping this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/backendServices",
+          "response": {
+            "$ref": "BackendServiceAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified BackendService resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.backendServices.delete",
+          "parameterOrder": [
+            "project",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "deleteSignedUrlKey": {
+          "description": "Deletes the given Signed URL Key from the specified backend service.",
+          "httpMethod": "POST",
+          "id": "compute.backendServices.deleteSignedUrlKey",
+          "parameterOrder": [
+            "project",
+            "backendService",
+            "keyName"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to which the Signed URL Key should be added. The name should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "keyName": {
+              "description": "The name of the Signed URL Key to delete.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}/deleteSignedUrlKey",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified BackendService resource. Get a list of available backend services by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.backendServices.get",
+          "parameterOrder": [
+            "project",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}",
+          "response": {
+            "$ref": "BackendService"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getHealth": {
+          "description": "Gets the most recent health check results for this BackendService.",
+          "httpMethod": "POST",
+          "id": "compute.backendServices.getHealth",
+          "parameterOrder": [
+            "project",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to which the queried instance belongs.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}/getHealth",
+          "request": {
+            "$ref": "ResourceGroupReference"
+          },
+          "response": {
+            "$ref": "BackendServiceGroupHealth"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a BackendService resource in the specified project using the data included in the request. There are several restrictions and guidelines to keep in mind when creating a backend service. Read  Restrictions and Guidelines for more information.",
+          "httpMethod": "POST",
+          "id": "compute.backendServices.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices",
+          "request": {
+            "$ref": "BackendService"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of BackendService resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.backendServices.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices",
+          "response": {
+            "$ref": "BackendServiceList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Patches the specified BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.backendServices.patch",
+          "parameterOrder": [
+            "project",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}",
+          "request": {
+            "$ref": "BackendService"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setSecurityPolicy": {
+          "description": "Sets the security policy for the specified backend service.",
+          "httpMethod": "POST",
+          "id": "compute.backendServices.setSecurityPolicy",
+          "parameterOrder": [
+            "project",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to which the security policy should be set. The name should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}/setSecurityPolicy",
+          "request": {
+            "$ref": "SecurityPolicyReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.backendServices.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates the specified BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information.",
+          "httpMethod": "PUT",
+          "id": "compute.backendServices.update",
+          "parameterOrder": [
+            "project",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}",
+          "request": {
+            "$ref": "BackendService"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
+      }
     },
-    "serviceName": {
-     "type": "string",
-     "description": "[Output Only] The internal fully qualified service name for this Forwarding Rule.\n\nThis field is only used for internal load balancing."
+    "clientSslPolicies": {
+      "methods": {
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.clientSslPolicies.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/clientSslPolicies/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
+      }
     },
-    "subnetwork": {
-     "type": "string",
-     "description": "This field is not used for external load balancing.\n\nFor internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.\n\nIf the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified."
+    "diskTypes": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of disk types.",
+          "httpMethod": "GET",
+          "id": "compute.diskTypes.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/diskTypes",
+          "response": {
+            "$ref": "DiskTypeAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified disk type. Get a list of available disk types by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.diskTypes.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "diskType"
+          ],
+          "parameters": {
+            "diskType": {
+              "description": "Name of the disk type to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/diskTypes/{diskType}",
+          "response": {
+            "$ref": "DiskType"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of disk types available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.diskTypes.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/diskTypes",
+          "response": {
+            "$ref": "DiskTypeList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
+      }
     },
-    "target": {
-     "type": "string",
-     "description": "The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must live in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object.\n\nThis field is not used for internal load balancing."
-    }
-   }
-  },
-  "ForwardingRuleAggregatedList": {
-   "id": "ForwardingRuleAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of ForwardingRulesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "ForwardingRulesScopedList",
-      "description": "Name of the scope containing this set of addresses."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#forwardingRuleAggregatedList for lists of forwarding rules.",
-     "default": "compute#forwardingRuleAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "disks": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of persistent disks.",
+          "httpMethod": "GET",
+          "id": "compute.disks.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/disks",
+          "response": {
+            "$ref": "DiskAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "createSnapshot": {
+          "description": "Creates a snapshot of a specified persistent disk.",
+          "httpMethod": "POST",
+          "id": "compute.disks.createSnapshot",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "Name of the persistent disk to snapshot.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "guestFlush": {
+              "location": "query",
+              "type": "boolean"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks/{disk}/createSnapshot",
+          "request": {
+            "$ref": "Snapshot"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified persistent disk. Deleting a disk removes its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.",
+          "httpMethod": "DELETE",
+          "id": "compute.disks.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "Name of the persistent disk to delete.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks/{disk}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns a specified persistent disk. Get a list of available persistent disks by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.disks.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "Name of the persistent disk to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks/{disk}",
+          "response": {
+            "$ref": "Disk"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getIamPolicy": {
+          "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
+          "httpMethod": "GET",
+          "id": "compute.disks.getIamPolicy",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks/{resource}/getIamPolicy",
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a persistent disk in the specified project using the data in the request. You can create a disk with a sourceImage, a sourceSnapshot, or create an empty 500 GB data disk by omitting all properties. You can also create a disk that is larger than the default size by specifying the sizeGb property.",
+          "httpMethod": "POST",
+          "id": "compute.disks.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "sourceImage": {
+              "description": "Optional. Source image to restore onto a disk.",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks",
+          "request": {
+            "$ref": "Disk"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of persistent disks contained within the specified zone.",
+          "httpMethod": "GET",
+          "id": "compute.disks.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks",
+          "response": {
+            "$ref": "DiskList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "resize": {
+          "description": "Resizes the specified persistent disk. You can only increase the size of the disk.",
+          "httpMethod": "POST",
+          "id": "compute.disks.resize",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "The name of the persistent disk.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks/{disk}/resize",
+          "request": {
+            "$ref": "DisksResizeRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setIamPolicy": {
+          "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
+          "httpMethod": "POST",
+          "id": "compute.disks.setIamPolicy",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks/{resource}/setIamPolicy",
+          "request": {
+            "$ref": "Policy"
+          },
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on a disk. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.disks.setLabels",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks/{resource}/setLabels",
+          "request": {
+            "$ref": "ZoneSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.disks.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "ForwardingRuleList": {
-   "id": "ForwardingRuleList",
-   "type": "object",
-   "description": "Contains a list of ForwardingRule resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of ForwardingRule resources.",
-     "items": {
-      "$ref": "ForwardingRule"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#forwardingRuleList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "firewalls": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified firewall.",
+          "httpMethod": "DELETE",
+          "id": "compute.firewalls.delete",
+          "parameterOrder": [
+            "project",
+            "firewall"
+          ],
+          "parameters": {
+            "firewall": {
+              "description": "Name of the firewall rule to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls/{firewall}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified firewall.",
+          "httpMethod": "GET",
+          "id": "compute.firewalls.get",
+          "parameterOrder": [
+            "project",
+            "firewall"
+          ],
+          "parameters": {
+            "firewall": {
+              "description": "Name of the firewall rule to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls/{firewall}",
+          "response": {
+            "$ref": "Firewall"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a firewall rule in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.firewalls.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls",
+          "request": {
+            "$ref": "Firewall"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of firewall rules available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.firewalls.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls",
+          "response": {
+            "$ref": "FirewallList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates the specified firewall rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.firewalls.patch",
+          "parameterOrder": [
+            "project",
+            "firewall"
+          ],
+          "parameters": {
+            "firewall": {
+              "description": "Name of the firewall rule to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls/{firewall}",
+          "request": {
+            "$ref": "Firewall"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.firewalls.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates the specified firewall rule with the data included in the request. The PUT method can only update the following fields of firewall rule: allowed, description, sourceRanges, sourceTags, targetTags.",
+          "httpMethod": "PUT",
+          "id": "compute.firewalls.update",
+          "parameterOrder": [
+            "project",
+            "firewall"
+          ],
+          "parameters": {
+            "firewall": {
+              "description": "Name of the firewall rule to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls/{firewall}",
+          "request": {
+            "$ref": "Firewall"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "ForwardingRuleReference": {
-   "id": "ForwardingRuleReference",
-   "type": "object",
-   "properties": {
-    "forwardingRule": {
-     "type": "string"
-    }
-   }
-  },
-  "ForwardingRulesScopedList": {
-   "id": "ForwardingRulesScopedList",
-   "type": "object",
-   "properties": {
+    },
     "forwardingRules": {
-     "type": "array",
-     "description": "List of forwarding rules contained in this scope.",
-     "items": {
-      "$ref": "ForwardingRule"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of forwarding rules when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "GlobalSetLabelsRequest": {
-   "id": "GlobalSetLabelsRequest",
-   "type": "object",
-   "properties": {
-    "labelFingerprint": {
-     "type": "string",
-     "description": "The fingerprint of the previous set of labels for this resource, used to detect conflicts. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash when updating or changing labels. Make a get() request to the resource to get the latest fingerprint.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "A list of labels to apply for this resource. Each label key & value must comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For example, \"webserver-frontend\": \"images\". A label value can also be empty (e.g. \"my-label\": \"\").",
-     "additionalProperties": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "GuestAttributes": {
-   "id": "GuestAttributes",
-   "type": "object",
-   "description": "A guest attributes entry.",
-   "properties": {
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#guestAttributes for guest attributes entry.",
-     "default": "compute#guestAttributes"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "variableKey": {
-     "type": "string",
-     "description": "The key to search for."
-    },
-    "variableValue": {
-     "type": "string",
-     "description": "[Output Only] The value found for the requested key."
-    }
-   }
-  },
-  "GuestOsFeature": {
-   "id": "GuestOsFeature",
-   "type": "object",
-   "description": "Guest OS features.",
-   "properties": {
-    "type": {
-     "type": "string",
-     "description": "The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.",
-     "enum": [
-      "FEATURE_TYPE_UNSPECIFIED",
-      "MULTI_IP_SUBNET",
-      "SECURE_BOOT",
-      "UEFI_COMPATIBLE",
-      "VIRTIO_SCSI_MULTIQUEUE",
-      "WINDOWS"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "HTTP2HealthCheck": {
-   "id": "HTTP2HealthCheck",
-   "type": "object",
-   "properties": {
-    "host": {
-     "type": "string",
-     "description": "The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used."
-    },
-    "port": {
-     "type": "integer",
-     "description": "The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.",
-     "format": "int32"
-    },
-    "portName": {
-     "type": "string",
-     "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence."
-    },
-    "portSpecification": {
-     "type": "string",
-     "description": "Specifies how port is selected for health checking, can be one of following values:\nUSE_FIXED_PORT: The port number in\nport\nis used for health checking.\nUSE_NAMED_PORT: The\nportName\nis used for health checking.\nUSE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.\n\n\nIf not specified, HTTP2 health check follows behavior specified in\nport\nand\nportName\nfields.",
-     "enum": [
-      "USE_FIXED_PORT",
-      "USE_NAMED_PORT",
-      "USE_SERVING_PORT"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "proxyHeader": {
-     "type": "string",
-     "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "requestPath": {
-     "type": "string",
-     "description": "The request path of the HTTP/2 health check request. The default value is /."
-    },
-    "response": {
-     "type": "string",
-     "description": "The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII."
-    }
-   }
-  },
-  "HTTPHealthCheck": {
-   "id": "HTTPHealthCheck",
-   "type": "object",
-   "properties": {
-    "host": {
-     "type": "string",
-     "description": "The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used."
-    },
-    "port": {
-     "type": "integer",
-     "description": "The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.",
-     "format": "int32"
-    },
-    "portName": {
-     "type": "string",
-     "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence."
-    },
-    "portSpecification": {
-     "type": "string",
-     "description": "Specifies how port is selected for health checking, can be one of following values:\nUSE_FIXED_PORT: The port number in\nport\nis used for health checking.\nUSE_NAMED_PORT: The\nportName\nis used for health checking.\nUSE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.\n\n\nIf not specified, HTTP health check follows behavior specified in\nport\nand\nportName\nfields.",
-     "enum": [
-      "USE_FIXED_PORT",
-      "USE_NAMED_PORT",
-      "USE_SERVING_PORT"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "proxyHeader": {
-     "type": "string",
-     "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "requestPath": {
-     "type": "string",
-     "description": "The request path of the HTTP health check request. The default value is /."
-    },
-    "response": {
-     "type": "string",
-     "description": "The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII."
-    }
-   }
-  },
-  "HTTPSHealthCheck": {
-   "id": "HTTPSHealthCheck",
-   "type": "object",
-   "properties": {
-    "host": {
-     "type": "string",
-     "description": "The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used."
-    },
-    "port": {
-     "type": "integer",
-     "description": "The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.",
-     "format": "int32"
-    },
-    "portName": {
-     "type": "string",
-     "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence."
-    },
-    "portSpecification": {
-     "type": "string",
-     "description": "Specifies how port is selected for health checking, can be one of following values:\nUSE_FIXED_PORT: The port number in\nport\nis used for health checking.\nUSE_NAMED_PORT: The\nportName\nis used for health checking.\nUSE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.\n\n\nIf not specified, HTTPS health check follows behavior specified in\nport\nand\nportName\nfields.",
-     "enum": [
-      "USE_FIXED_PORT",
-      "USE_NAMED_PORT",
-      "USE_SERVING_PORT"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "proxyHeader": {
-     "type": "string",
-     "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "requestPath": {
-     "type": "string",
-     "description": "The request path of the HTTPS health check request. The default value is /."
-    },
-    "response": {
-     "type": "string",
-     "description": "The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII."
-    }
-   }
-  },
-  "HealthCheck": {
-   "id": "HealthCheck",
-   "type": "object",
-   "description": "An HealthCheck resource. This resource defines a template for how individual virtual machines should be checked for health, via one of the supported protocols.",
-   "properties": {
-    "checkIntervalSec": {
-     "type": "integer",
-     "description": "How often (in seconds) to send a health check. The default value is 5 seconds.",
-     "format": "int32"
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in 3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "healthyThreshold": {
-     "type": "integer",
-     "description": "A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.",
-     "format": "int32"
-    },
-    "http2HealthCheck": {
-     "$ref": "HTTP2HealthCheck"
-    },
-    "httpHealthCheck": {
-     "$ref": "HTTPHealthCheck"
-    },
-    "httpsHealthCheck": {
-     "$ref": "HTTPSHealthCheck"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of the resource.",
-     "default": "compute#healthCheck"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sslHealthCheck": {
-     "$ref": "SSLHealthCheck"
-    },
-    "tcpHealthCheck": {
-     "$ref": "TCPHealthCheck"
-    },
-    "timeoutSec": {
-     "type": "integer",
-     "description": "How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.",
-     "format": "int32"
-    },
-    "type": {
-     "type": "string",
-     "description": "Specifies the type of the healthCheck, either TCP, SSL, HTTP or HTTPS. If not specified, the default is TCP. Exactly one of the protocol-specific health check field must be specified, which must match type field.",
-     "enum": [
-      "HTTP",
-      "HTTP2",
-      "HTTPS",
-      "INVALID",
-      "SSL",
-      "TCP",
-      "UDP"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "udpHealthCheck": {
-     "$ref": "UDPHealthCheck"
-    },
-    "unhealthyThreshold": {
-     "type": "integer",
-     "description": "A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.",
-     "format": "int32"
-    }
-   }
-  },
-  "HealthCheckList": {
-   "id": "HealthCheckList",
-   "type": "object",
-   "description": "Contains a list of HealthCheck resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of HealthCheck resources.",
-     "items": {
-      "$ref": "HealthCheck"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#healthCheckList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of forwarding rules.",
+          "httpMethod": "GET",
+          "id": "compute.forwardingRules.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/forwardingRules",
+          "response": {
+            "$ref": "ForwardingRuleAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified ForwardingRule resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.forwardingRules.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified ForwardingRule resource.",
+          "httpMethod": "GET",
+          "id": "compute.forwardingRules.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}",
+          "response": {
+            "$ref": "ForwardingRule"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a ForwardingRule resource in the specified project and region using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.forwardingRules.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules",
+          "request": {
+            "$ref": "ForwardingRule"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of ForwardingRule resources available to the specified project and region.",
+          "httpMethod": "GET",
+          "id": "compute.forwardingRules.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules",
+          "response": {
+            "$ref": "ForwardingRuleList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates the specified forwarding rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules. Currently, you can only patch the network_tier field.",
+          "httpMethod": "PATCH",
+          "id": "compute.forwardingRules.patch",
+          "parameterOrder": [
+            "project",
+            "region",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}",
+          "request": {
+            "$ref": "ForwardingRule"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.forwardingRules.setLabels",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules/{resource}/setLabels",
+          "request": {
+            "$ref": "RegionSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setTarget": {
+          "description": "Changes target URL for forwarding rule. The new target should be of the same type as the old target.",
+          "httpMethod": "POST",
+          "id": "compute.forwardingRules.setTarget",
+          "parameterOrder": [
+            "project",
+            "region",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource in which target is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}/setTarget",
+          "request": {
+            "$ref": "TargetReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.forwardingRules.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "HealthCheckReference": {
-   "id": "HealthCheckReference",
-   "type": "object",
-   "description": "A full or valid partial URL to a health check. For example, the following are valid URLs:  \n- https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check \n- projects/project-id/global/httpHealthChecks/health-check \n- global/httpHealthChecks/health-check",
-   "properties": {
-    "healthCheck": {
-     "type": "string"
-    }
-   }
-  },
-  "HealthStatus": {
-   "id": "HealthStatus",
-   "type": "object",
-   "properties": {
-    "healthState": {
-     "type": "string",
-     "description": "Health state of the instance.",
-     "enum": [
-      "HEALTHY",
-      "UNHEALTHY"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "instance": {
-     "type": "string",
-     "description": "URL of the instance resource."
-    },
-    "ipAddress": {
-     "type": "string",
-     "description": "The IP address represented by this resource."
-    },
-    "port": {
-     "type": "integer",
-     "description": "The port on the instance.",
-     "format": "int32"
-    }
-   }
-  },
-  "HealthStatusForNetworkEndpoint": {
-   "id": "HealthStatusForNetworkEndpoint",
-   "type": "object",
-   "properties": {
-    "backendService": {
-     "$ref": "BackendServiceReference",
-     "description": "URL of the backend service associated with the health state of the network endpoint."
-    },
-    "forwardingRule": {
-     "$ref": "ForwardingRuleReference",
-     "description": "URL of the forwarding rule associated with the health state of the network endpoint."
-    },
-    "healthCheck": {
-     "$ref": "HealthCheckReference",
-     "description": "URL of the health check associated with the health state of the network endpoint."
-    },
-    "healthState": {
-     "type": "string",
-     "description": "Health state of the network endpoint determined based on the health checks configured.",
-     "enum": [
-      "DRAINING",
-      "HEALTHY",
-      "UNHEALTHY",
-      "UNKNOWN"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "Host": {
-   "id": "Host",
-   "type": "object",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] An optional textual description of the resource."
-    },
-    "hostType": {
-     "type": "string",
-     "description": "Full or partial URL of the host type resource to use for this host, in the format: zones/zone/hostTypes/host-type. This is provided by the client when the host is created. For example, the following is a valid partial url to a predefined host type:\n\nzones/us-central1-b/hostTypes/n1-host-64-416"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
     },
-    "instances": {
-     "type": "array",
-     "description": "A list of resource URLs to the virtual machine instances in this host. They must live in zones contained in the same region as this host.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The type of the resource. Always compute#host for host.",
-     "default": "compute#host"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.\n\nTo see the latest fingerprint, make get() request to the host.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this host.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the host. One of the following values: CREATING, READY, REPAIR, and DELETING.",
-     "enum": [
-      "CREATING",
-      "DELETING",
-      "INVALID",
-      "READY",
-      "REPAIR"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "statusMessage": {
-     "type": "string",
-     "description": "[Output Only] An optional, human-readable explanation of the status."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] The name of the zone where the host resides, such as us-central1-a."
-    }
-   }
-  },
-  "HostAggregatedList": {
-   "id": "HostAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of HostsScopedList resources.",
-     "additionalProperties": {
-      "$ref": "HostsScopedList",
-      "description": "[Output Only] Name of the scope containing this set of hosts."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#hostAggregatedList for aggregated lists of hosts.",
-     "default": "compute#hostAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "HostList": {
-   "id": "HostList",
-   "type": "object",
-   "description": "Contains a list of hosts.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Host resources.",
-     "items": {
-      "$ref": "Host"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#hostList for lists of hosts.",
-     "default": "compute#hostList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "globalAddresses": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified address resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.globalAddresses.delete",
+          "parameterOrder": [
+            "project",
+            "address"
+          ],
+          "parameters": {
+            "address": {
+              "description": "Name of the address resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/addresses/{address}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified address resource. Get a list of available addresses by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.globalAddresses.get",
+          "parameterOrder": [
+            "project",
+            "address"
+          ],
+          "parameters": {
+            "address": {
+              "description": "Name of the address resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/addresses/{address}",
+          "response": {
+            "$ref": "Address"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an address resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.globalAddresses.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/addresses",
+          "request": {
+            "$ref": "Address"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of global addresses.",
+          "httpMethod": "GET",
+          "id": "compute.globalAddresses.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/addresses",
+          "response": {
+            "$ref": "AddressList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on a GlobalAddress. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.globalAddresses.setLabels",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/addresses/{resource}/setLabels",
+          "request": {
+            "$ref": "GlobalSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.globalAddresses.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/addresses/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "HostRule": {
-   "id": "HostRule",
-   "type": "object",
-   "description": "UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.",
-   "properties": {
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "hosts": {
-     "type": "array",
-     "description": "The list of host patterns to match. They must be valid hostnames, except * will match any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..",
-     "items": {
-      "type": "string"
-     }
     },
-    "pathMatcher": {
-     "type": "string",
-     "description": "The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion."
-    }
-   }
-  },
-  "HostType": {
-   "id": "HostType",
-   "type": "object",
-   "description": "A Host Type resource.",
-   "properties": {
-    "cpuPlatform": {
-     "type": "string",
-     "description": "[Output Only] The CPU platform used by this host type."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "deprecated": {
-     "$ref": "DeprecationStatus",
-     "description": "[Output Only] The deprecation status associated with this host type."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] An optional textual description of the resource."
-    },
-    "guestCpus": {
-     "type": "integer",
-     "description": "[Output Only] The number of virtual CPUs that are available to the host type.",
-     "format": "int32"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The type of the resource. Always compute#hostType for host types.",
-     "default": "compute#hostType"
-    },
-    "localSsdGb": {
-     "type": "integer",
-     "description": "[Output Only] Local SSD available to the host type, defined in GB.",
-     "format": "int32"
-    },
-    "memoryMb": {
-     "type": "integer",
-     "description": "[Output Only] The amount of physical memory available to the host type, defined in MB.",
-     "format": "int32"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] The name of the zone where the host type resides, such as us-central1-a."
-    }
-   }
-  },
-  "HostTypeAggregatedList": {
-   "id": "HostTypeAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of HostTypesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "HostTypesScopedList",
-      "description": "[Output Only] Name of the scope containing this set of host types."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource.Always compute#hostTypeAggregatedList for aggregated lists of host types.",
-     "default": "compute#hostTypeAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "globalForwardingRules": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified GlobalForwardingRule resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.globalForwardingRules.delete",
+          "parameterOrder": [
+            "project",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules/{forwardingRule}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified GlobalForwardingRule resource. Get a list of available forwarding rules by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.globalForwardingRules.get",
+          "parameterOrder": [
+            "project",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules/{forwardingRule}",
+          "response": {
+            "$ref": "ForwardingRule"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a GlobalForwardingRule resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.globalForwardingRules.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules",
+          "request": {
+            "$ref": "ForwardingRule"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of GlobalForwardingRule resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.globalForwardingRules.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules",
+          "response": {
+            "$ref": "ForwardingRuleList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates the specified forwarding rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules. Currently, you can only patch the network_tier field.",
+          "httpMethod": "PATCH",
+          "id": "compute.globalForwardingRules.patch",
+          "parameterOrder": [
+            "project",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules/{forwardingRule}",
+          "request": {
+            "$ref": "ForwardingRule"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.globalForwardingRules.setLabels",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules/{resource}/setLabels",
+          "request": {
+            "$ref": "GlobalSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setTarget": {
+          "description": "Changes target URL for the GlobalForwardingRule resource. The new target should be of the same type as the old target.",
+          "httpMethod": "POST",
+          "id": "compute.globalForwardingRules.setTarget",
+          "parameterOrder": [
+            "project",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource in which target is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules/{forwardingRule}/setTarget",
+          "request": {
+            "$ref": "TargetReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.globalForwardingRules.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "HostTypeList": {
-   "id": "HostTypeList",
-   "type": "object",
-   "description": "Contains a list of host types.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of HostType resources.",
-     "items": {
-      "$ref": "HostType"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource.Always compute#hostTypeList for lists of host types.",
-     "default": "compute#hostTypeList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "globalOperations": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of all operations.",
+          "httpMethod": "GET",
+          "id": "compute.globalOperations.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/operations",
+          "response": {
+            "$ref": "OperationAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified Operations resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.globalOperations.delete",
+          "parameterOrder": [
+            "project",
+            "operation"
+          ],
+          "parameters": {
+            "operation": {
+              "description": "Name of the Operations resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/operations/{operation}",
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Retrieves the specified Operations resource. Get a list of operations by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.globalOperations.get",
+          "parameterOrder": [
+            "project",
+            "operation"
+          ],
+          "parameters": {
+            "operation": {
+              "description": "Name of the Operations resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/operations/{operation}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of Operation resources contained within the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.globalOperations.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/operations",
+          "response": {
+            "$ref": "OperationList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "HostTypesScopedList": {
-   "id": "HostTypesScopedList",
-   "type": "object",
-   "properties": {
+    },
+    "healthChecks": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified HealthCheck resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.healthChecks.delete",
+          "parameterOrder": [
+            "project",
+            "healthCheck"
+          ],
+          "parameters": {
+            "healthCheck": {
+              "description": "Name of the HealthCheck resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks/{healthCheck}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified HealthCheck resource. Get a list of available health checks by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.healthChecks.get",
+          "parameterOrder": [
+            "project",
+            "healthCheck"
+          ],
+          "parameters": {
+            "healthCheck": {
+              "description": "Name of the HealthCheck resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks/{healthCheck}",
+          "response": {
+            "$ref": "HealthCheck"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a HealthCheck resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.healthChecks.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks",
+          "request": {
+            "$ref": "HealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of HealthCheck resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.healthChecks.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks",
+          "response": {
+            "$ref": "HealthCheckList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates a HealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.healthChecks.patch",
+          "parameterOrder": [
+            "project",
+            "healthCheck"
+          ],
+          "parameters": {
+            "healthCheck": {
+              "description": "Name of the HealthCheck resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks/{healthCheck}",
+          "request": {
+            "$ref": "HealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.healthChecks.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates a HealthCheck resource in the specified project using the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.healthChecks.update",
+          "parameterOrder": [
+            "project",
+            "healthCheck"
+          ],
+          "parameters": {
+            "healthCheck": {
+              "description": "Name of the HealthCheck resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks/{healthCheck}",
+          "request": {
+            "$ref": "HealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
+      }
+    },
     "hostTypes": {
-     "type": "array",
-     "description": "[Output Only] List of host types contained in this scope.",
-     "items": {
-      "$ref": "HostType"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] An informational warning that appears when the host types list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of host types.",
+          "httpMethod": "GET",
+          "id": "compute.hostTypes.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/hostTypes",
+          "response": {
+            "$ref": "HostTypeAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified host type. Get a list of available host types by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.hostTypes.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "hostType"
+          ],
+          "parameters": {
+            "hostType": {
+              "description": "Name of the host type to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/hostTypes/{hostType}",
+          "response": {
+            "$ref": "HostType"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of host types available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.hostTypes.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/hostTypes",
+          "response": {
+            "$ref": "HostTypeList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "HostsScopedList": {
-   "id": "HostsScopedList",
-   "type": "object",
-   "properties": {
+    },
     "hosts": {
-     "type": "array",
-     "description": "[Output Only] List of hosts contained in this scope.",
-     "items": {
-      "$ref": "Host"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] An informational warning that appears when the host list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "HourlyMaintenanceWindow": {
-   "id": "HourlyMaintenanceWindow",
-   "type": "object",
-   "description": "Time window specified for hourly maintenance operations.",
-   "properties": {
-    "duration": {
-     "type": "string",
-     "description": "[Output only] Duration of the time window, automatically chosen to be smallest possible in the given scenario."
-    },
-    "hoursInCycle": {
-     "type": "integer",
-     "description": "Allows to define schedule that runs every nth hour.",
-     "format": "int32"
-    },
-    "startTime": {
-     "type": "string",
-     "description": "Time within the maintenance window to start the maintenance operations. It must be in format \"HH:MM?, where HH : [00-23] and MM : [00-59] GMT."
-    }
-   }
-  },
-  "HttpHealthCheck": {
-   "id": "HttpHealthCheck",
-   "type": "object",
-   "description": "An HttpHealthCheck resource. This resource defines a template for how individual instances should be checked for health, via HTTP.",
-   "properties": {
-    "checkIntervalSec": {
-     "type": "integer",
-     "description": "How often (in seconds) to send a health check. The default value is 5 seconds.",
-     "format": "int32"
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "healthyThreshold": {
-     "type": "integer",
-     "description": "A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.",
-     "format": "int32"
-    },
-    "host": {
-     "type": "string",
-     "description": "The value of the host header in the HTTP health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#httpHealthCheck for HTTP health checks.",
-     "default": "compute#httpHealthCheck"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "port": {
-     "type": "integer",
-     "description": "The TCP port number for the HTTP health check request. The default value is 80.",
-     "format": "int32"
-    },
-    "requestPath": {
-     "type": "string",
-     "description": "The request path of the HTTP health check request. The default value is /."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "timeoutSec": {
-     "type": "integer",
-     "description": "How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.",
-     "format": "int32"
-    },
-    "unhealthyThreshold": {
-     "type": "integer",
-     "description": "A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.",
-     "format": "int32"
-    }
-   }
-  },
-  "HttpHealthCheckList": {
-   "id": "HttpHealthCheckList",
-   "type": "object",
-   "description": "Contains a list of HttpHealthCheck resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of HttpHealthCheck resources.",
-     "items": {
-      "$ref": "HttpHealthCheck"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#httpHealthCheckList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "HttpsHealthCheck": {
-   "id": "HttpsHealthCheck",
-   "type": "object",
-   "description": "An HttpsHealthCheck resource. This resource defines a template for how individual instances should be checked for health, via HTTPS.",
-   "properties": {
-    "checkIntervalSec": {
-     "type": "integer",
-     "description": "How often (in seconds) to send a health check. The default value is 5 seconds.",
-     "format": "int32"
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "healthyThreshold": {
-     "type": "integer",
-     "description": "A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.",
-     "format": "int32"
-    },
-    "host": {
-     "type": "string",
-     "description": "The value of the host header in the HTTPS health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of the resource.",
-     "default": "compute#httpsHealthCheck"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "port": {
-     "type": "integer",
-     "description": "The TCP port number for the HTTPS health check request. The default value is 443.",
-     "format": "int32"
-    },
-    "requestPath": {
-     "type": "string",
-     "description": "The request path of the HTTPS health check request. The default value is \"/\"."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "timeoutSec": {
-     "type": "integer",
-     "description": "How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have a greater value than checkIntervalSec.",
-     "format": "int32"
-    },
-    "unhealthyThreshold": {
-     "type": "integer",
-     "description": "A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.",
-     "format": "int32"
-    }
-   }
-  },
-  "HttpsHealthCheckList": {
-   "id": "HttpsHealthCheckList",
-   "type": "object",
-   "description": "Contains a list of HttpsHealthCheck resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of HttpsHealthCheck resources.",
-     "items": {
-      "$ref": "HttpsHealthCheck"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#httpsHealthCheckList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of hosts.",
+          "httpMethod": "GET",
+          "id": "compute.hosts.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/hosts",
+          "response": {
+            "$ref": "HostAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified Host resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.hosts.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "host"
+          ],
+          "parameters": {
+            "host": {
+              "description": "Name of the Host resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/hosts/{host}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified host. Get a list of available hosts by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.hosts.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "host"
+          ],
+          "parameters": {
+            "host": {
+              "description": "Name of the host to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/hosts/{host}",
+          "response": {
+            "$ref": "Host"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getIamPolicy": {
+          "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
+          "httpMethod": "GET",
+          "id": "compute.hosts.getIamPolicy",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/hosts/{resource}/getIamPolicy",
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a host resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.hosts.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/hosts",
+          "request": {
+            "$ref": "Host"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of hosts available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.hosts.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/hosts",
+          "response": {
+            "$ref": "HostList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setIamPolicy": {
+          "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
+          "httpMethod": "POST",
+          "id": "compute.hosts.setIamPolicy",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/hosts/{resource}/setIamPolicy",
+          "request": {
+            "$ref": "Policy"
+          },
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.hosts.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/hosts/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "Image": {
-   "id": "Image",
-   "type": "object",
-   "description": "An Image resource. (== resource_for beta.images ==) (== resource_for v1.images ==)",
-   "properties": {
-    "archiveSizeBytes": {
-     "type": "string",
-     "description": "Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).",
-     "format": "int64"
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "deprecated": {
-     "$ref": "DeprecationStatus",
-     "description": "The deprecation status associated with this image."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "diskSizeGb": {
-     "type": "string",
-     "description": "Size of the image when restored onto a persistent disk (in GB).",
-     "format": "int64"
-    },
-    "family": {
-     "type": "string",
-     "description": "The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035."
-    },
-    "guestOsFeatures": {
-     "type": "array",
-     "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.",
-     "items": {
-      "$ref": "GuestOsFeature"
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "imageEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "Encrypts the image using a customer-supplied encryption key.\n\nAfter you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).\n\nCustomer-supplied encryption keys do not protect access to metadata of the disk.\n\nIf you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#image for images.",
-     "default": "compute#image"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an image.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this image. These can be later modified by the setLabels method.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    },
-    "licenseCodes": {
-     "type": "array",
-     "description": "Integer license codes indicating which licenses are attached to this image.",
-     "items": {
-      "type": "string",
-      "format": "int64"
-     }
     },
-    "licenses": {
-     "type": "array",
-     "description": "Any applicable license URI.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.images.insert"
-      ]
-     }
-    },
-    "rawDisk": {
-     "type": "object",
-     "description": "The parameters of the raw disk image.",
-     "properties": {
-      "containerType": {
-       "type": "string",
-       "description": "The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.",
-       "enum": [
-        "TAR"
-       ],
-       "enumDescriptions": [
-        ""
-       ]
-      },
-      "sha1Checksum": {
-       "type": "string",
-       "description": "An optional SHA1 checksum of the disk image before unpackaging; provided by the client when the disk image is created.",
-       "pattern": "[a-f0-9]{40}"
-      },
-      "source": {
-       "type": "string",
-       "description": "The full Google Cloud Storage URL where the disk image is stored. You must provide either this property or the sourceDisk property but not both.",
-       "annotations": {
-        "required": [
-         "compute.images.insert"
-        ]
-       }
-      }
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sourceDisk": {
-     "type": "string",
-     "description": "URL of the source disk used to create this image. This can be a full or valid partial URL. You must provide either this property or the rawDisk.source property but not both to create an image. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk \n- projects/project/zones/zone/disks/disk \n- zones/zone/disks/disk"
-    },
-    "sourceDiskEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key."
-    },
-    "sourceDiskId": {
-     "type": "string",
-     "description": "The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name."
-    },
-    "sourceImage": {
-     "type": "string",
-     "description": "URL of the source image used to create this image. This can be a full or valid partial URL. You must provide exactly one of:  \n- this property, or  \n- the rawDisk.source property, or  \n- the sourceDisk property   in order to create an image."
-    },
-    "sourceImageEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key."
-    },
-    "sourceImageId": {
-     "type": "string",
-     "description": "[Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name."
-    },
-    "sourceSnapshot": {
-     "type": "string",
-     "description": "URL of the source snapshot used to create this image. This can be a full or valid partial URL. You must provide exactly one of:  \n- this property, or  \n- the sourceImage property, or  \n- the rawDisk.source property, or  \n- the sourceDisk property   in order to create an image."
-    },
-    "sourceSnapshotEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key."
-    },
-    "sourceSnapshotId": {
-     "type": "string",
-     "description": "[Output Only] The ID value of the snapshot used to create this image. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given snapshot name."
-    },
-    "sourceType": {
-     "type": "string",
-     "description": "The type of the image used to create this disk. The default and only value is RAW",
-     "default": "RAW",
-     "enum": [
-      "RAW"
-     ],
-     "enumDescriptions": [
-      ""
-     ]
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the image. An image can be used to create other resources, such as instances, only after the image has been successfully created and the status is set to READY. Possible values are FAILED, PENDING, or READY.",
-     "enum": [
-      "FAILED",
-      "PENDING",
-      "READY"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "ImageList": {
-   "id": "ImageList",
-   "type": "object",
-   "description": "Contains a list of images.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Image resources.",
-     "items": {
-      "$ref": "Image"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#imageList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "httpHealthChecks": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified HttpHealthCheck resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.httpHealthChecks.delete",
+          "parameterOrder": [
+            "project",
+            "httpHealthCheck"
+          ],
+          "parameters": {
+            "httpHealthCheck": {
+              "description": "Name of the HttpHealthCheck resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified HttpHealthCheck resource. Get a list of available HTTP health checks by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.httpHealthChecks.get",
+          "parameterOrder": [
+            "project",
+            "httpHealthCheck"
+          ],
+          "parameters": {
+            "httpHealthCheck": {
+              "description": "Name of the HttpHealthCheck resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
+          "response": {
+            "$ref": "HttpHealthCheck"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a HttpHealthCheck resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.httpHealthChecks.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks",
+          "request": {
+            "$ref": "HttpHealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of HttpHealthCheck resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.httpHealthChecks.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks",
+          "response": {
+            "$ref": "HttpHealthCheckList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates a HttpHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.httpHealthChecks.patch",
+          "parameterOrder": [
+            "project",
+            "httpHealthCheck"
+          ],
+          "parameters": {
+            "httpHealthCheck": {
+              "description": "Name of the HttpHealthCheck resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
+          "request": {
+            "$ref": "HttpHealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.httpHealthChecks.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates a HttpHealthCheck resource in the specified project using the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.httpHealthChecks.update",
+          "parameterOrder": [
+            "project",
+            "httpHealthCheck"
+          ],
+          "parameters": {
+            "httpHealthCheck": {
+              "description": "Name of the HttpHealthCheck resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
+          "request": {
+            "$ref": "HttpHealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "Instance": {
-   "id": "Instance",
-   "type": "object",
-   "description": "An Instance resource. (== resource_for beta.instances ==) (== resource_for v1.instances ==)",
-   "properties": {
-    "canIpForward": {
-     "type": "boolean",
-     "description": "Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding."
-    },
-    "cpuPlatform": {
-     "type": "string",
-     "description": "[Output Only] The CPU platform used by this instance."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "deletionProtection": {
-     "type": "boolean",
-     "description": "Whether the resource should be protected against deletion."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "disks": {
-     "type": "array",
-     "description": "Array of disks associated with this instance. Persistent disks must be created before you can assign them.",
-     "items": {
-      "$ref": "AttachedDisk"
-     }
-    },
-    "guestAccelerators": {
-     "type": "array",
-     "description": "List of the type and count of accelerator cards attached to the instance.",
-     "items": {
-      "$ref": "AcceleratorConfig"
-     }
-    },
-    "host": {
-     "type": "string",
-     "description": "Full or partial URL of the host resource that the instance should be placed on, in the format: zones/zone/hosts/host.\n\nOptional, sole-tenant Host (physical machine) that the instance will be placed on when it's created. The instance is guaranteed to be placed on the same machine as other instances with the same sole-tenant host.\n\nThe request will be rejected if the sole-tenant host has run out of resources."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "instanceEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "Encrypts or decrypts data for an instance with a customer-supplied encryption key.\n\nIf you are creating a new instance, this field encrypts the local SSD and in-memory contents of the instance using a key that you provide.\n\nIf you are restarting an instance protected with a customer-supplied encryption key, you must provide the correct key in order to successfully restart the instance.\n\nIf you do not provide an encryption key when creating the instance, then the local SSD and in-memory contents will be encrypted using an automatically generated key and you do not need to provide a key to start the instance later.\n\nInstance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt local SSDs and in-memory content in a managed instance group."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#instance for instances.",
-     "default": "compute#instance"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.\n\nTo see the latest fingerprint, make get() request to the instance.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this instance. These can be later modified by the setLabels method.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    },
-    "machineType": {
-     "type": "string",
-     "description": "Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:\n\nzones/us-central1-f/machineTypes/n1-standard-1 \n\nTo create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):\n\nzones/zone/machineTypes/custom-CPUS-MEMORY \n\nFor example: zones/us-central1-f/machineTypes/custom-4-5120 \n\nFor a full list of restrictions, read the Specifications for custom machine types.",
-     "annotations": {
-      "required": [
-       "compute.instances.insert"
-      ]
-     }
     },
-    "maintenancePolicies": {
-     "type": "array",
-     "description": "Maintenance policies applied to this instance.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "metadata": {
-     "$ref": "Metadata",
-     "description": "The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys."
-    },
-    "minCpuPlatform": {
-     "type": "string",
-     "description": "Specifies a minimum CPU platform for the VM instance. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\"."
-    },
-    "name": {
-     "type": "string",
-     "description": "The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.instances.insert"
-      ]
-     }
-    },
-    "networkInterfaces": {
-     "type": "array",
-     "description": "An array of network configurations for this instance. These specify how interfaces are configured to interact with other network services, such as connecting to the internet. Multiple interfaces are supported per instance.",
-     "items": {
-      "$ref": "NetworkInterface"
-     }
-    },
-    "scheduling": {
-     "$ref": "Scheduling",
-     "description": "Sets the scheduling options for this instance."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "serviceAccounts": {
-     "type": "array",
-     "description": "A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.\n\nService accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.",
-     "items": {
-      "$ref": "ServiceAccount"
-     }
-    },
-    "shieldedVmConfig": {
-     "$ref": "ShieldedVmConfig"
-    },
-    "startRestricted": {
-     "type": "boolean",
-     "description": "[Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, STOPPED, SUSPENDING, SUSPENDED, and TERMINATED.",
-     "enum": [
-      "PROVISIONING",
-      "RUNNING",
-      "STAGING",
-      "STOPPED",
-      "STOPPING",
-      "SUSPENDED",
-      "SUSPENDING",
-      "TERMINATED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "statusMessage": {
-     "type": "string",
-     "description": "[Output Only] An optional, human-readable explanation of the status."
-    },
-    "tags": {
-     "$ref": "Tags",
-     "description": "A list of tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] URL of the zone where the instance resides."
-    }
-   }
-  },
-  "InstanceAggregatedList": {
-   "id": "InstanceAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of InstancesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "InstancesScopedList",
-      "description": "[Output Only] Name of the scope containing this set of instances."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#instanceAggregatedList for aggregated lists of Instance resources.",
-     "default": "compute#instanceAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InstanceGroup": {
-   "id": "InstanceGroup",
-   "type": "object",
-   "description": "InstanceGroups (== resource_for beta.instanceGroups ==) (== resource_for v1.instanceGroups ==) (== resource_for beta.regionInstanceGroups ==) (== resource_for v1.regionInstanceGroups ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] The creation timestamp for this instance group in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "[Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.",
-     "format": "byte"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] A unique identifier for this instance group, generated by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroup for instance groups.",
-     "default": "compute#instanceGroup"
-    },
-    "name": {
-     "type": "string",
-     "description": "The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.instanceGroupManagers.insert"
-      ]
-     }
-    },
-    "namedPorts": {
-     "type": "array",
-     "description": "Assigns a name to a port number. For example: {name: \"http\", port: 80}\n\nThis allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: \"http\", port: 80},{name: \"http\", port: 8080}] \n\nNamed ports apply to all instances in this instance group.",
-     "items": {
-      "$ref": "NamedPort"
-     }
-    },
-    "network": {
-     "type": "string",
-     "description": "The URL of the network to which all instances in the instance group belong."
-    },
-    "region": {
-     "type": "string",
-     "description": "The URL of the region where the instance group is located (for regional resources)."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] The URL for this instance group. The server generates this URL."
-    },
-    "size": {
-     "type": "integer",
-     "description": "[Output Only] The total number of instances in the instance group.",
-     "format": "int32"
-    },
-    "subnetwork": {
-     "type": "string",
-     "description": "The URL of the subnetwork to which all instances in the instance group belong."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] The URL of the zone where the instance group is located (for zonal resources)."
-    }
-   }
-  },
-  "InstanceGroupAggregatedList": {
-   "id": "InstanceGroupAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of InstanceGroupsScopedList resources.",
-     "additionalProperties": {
-      "$ref": "InstanceGroupsScopedList",
-      "description": "The name of the scope that contains this set of instance groups."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupAggregatedList for aggregated lists of instance groups.",
-     "default": "compute#instanceGroupAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InstanceGroupList": {
-   "id": "InstanceGroupList",
-   "type": "object",
-   "description": "A list of InstanceGroup resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceGroup resources.",
-     "items": {
-      "$ref": "InstanceGroup"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupList for instance group lists.",
-     "default": "compute#instanceGroupList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "httpsHealthChecks": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified HttpsHealthCheck resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.httpsHealthChecks.delete",
+          "parameterOrder": [
+            "project",
+            "httpsHealthCheck"
+          ],
+          "parameters": {
+            "httpsHealthCheck": {
+              "description": "Name of the HttpsHealthCheck resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified HttpsHealthCheck resource. Get a list of available HTTPS health checks by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.httpsHealthChecks.get",
+          "parameterOrder": [
+            "project",
+            "httpsHealthCheck"
+          ],
+          "parameters": {
+            "httpsHealthCheck": {
+              "description": "Name of the HttpsHealthCheck resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
+          "response": {
+            "$ref": "HttpsHealthCheck"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a HttpsHealthCheck resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.httpsHealthChecks.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks",
+          "request": {
+            "$ref": "HttpsHealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of HttpsHealthCheck resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.httpsHealthChecks.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks",
+          "response": {
+            "$ref": "HttpsHealthCheckList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates a HttpsHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.httpsHealthChecks.patch",
+          "parameterOrder": [
+            "project",
+            "httpsHealthCheck"
+          ],
+          "parameters": {
+            "httpsHealthCheck": {
+              "description": "Name of the HttpsHealthCheck resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
+          "request": {
+            "$ref": "HttpsHealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.httpsHealthChecks.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates a HttpsHealthCheck resource in the specified project using the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.httpsHealthChecks.update",
+          "parameterOrder": [
+            "project",
+            "httpsHealthCheck"
+          ],
+          "parameters": {
+            "httpsHealthCheck": {
+              "description": "Name of the HttpsHealthCheck resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
+          "request": {
+            "$ref": "HttpsHealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InstanceGroupManager": {
-   "id": "InstanceGroupManager",
-   "type": "object",
-   "description": "An Instance Group Manager resource. (== resource_for beta.instanceGroupManagers ==) (== resource_for v1.instanceGroupManagers ==) (== resource_for beta.regionInstanceGroupManagers ==) (== resource_for v1.regionInstanceGroupManagers ==)",
-   "properties": {
-    "activities": {
-     "$ref": "InstanceGroupManagerActivities"
-    },
-    "autoHealingPolicies": {
-     "type": "array",
-     "description": "The autohealing policy for this managed instance group. You can specify only one value.",
-     "items": {
-      "$ref": "InstanceGroupManagerAutoHealingPolicy"
-     }
-    },
-    "baseInstanceName": {
-     "type": "string",
-     "description": "The base instance name to use for instances in this group. The value must be 1-58 characters long. Instances are named by appending a hyphen and a random four-character string to the base instance name. The base instance name must comply with RFC1035.",
-     "pattern": "[a-z][-a-z0-9]{0,57}",
-     "annotations": {
-      "required": [
-       "compute.instanceGroupManagers.insert"
-      ]
-     }
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] The creation timestamp for this managed instance group in RFC3339 text format."
-    },
-    "currentActions": {
-     "$ref": "InstanceGroupManagerActionsSummary",
-     "description": "[Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "distributionPolicy": {
-     "$ref": "DistributionPolicy",
-     "description": "Policy valid only for regional managed instance groups."
-    },
-    "failoverAction": {
-     "type": "string",
-     "description": "The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.",
-     "enum": [
-      "NO_FAILOVER",
-      "UNKNOWN"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "[Output Only] The fingerprint of the resource data. You can use this optional field for optimistic locking when you update the resource.",
-     "format": "byte"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] A unique identifier for this resource type. The server generates this identifier.",
-     "format": "uint64"
-    },
-    "instanceGroup": {
-     "type": "string",
-     "description": "[Output Only] The URL of the Instance Group resource."
-    },
-    "instanceTemplate": {
-     "type": "string",
-     "description": "The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.",
-     "default": "compute#instanceGroupManager"
-    },
-    "name": {
-     "type": "string",
-     "description": "The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.instanceGroupManagers.insert",
-       "compute.regionInstanceGroupManagers.insert"
-      ]
-     }
-    },
-    "namedPorts": {
-     "type": "array",
-     "description": "Named ports configured for the Instance Groups complementary to this Instance Group Manager.",
-     "items": {
-      "$ref": "NamedPort"
-     }
-    },
-    "pendingActions": {
-     "$ref": "InstanceGroupManagerPendingActionsSummary",
-     "description": "[Output Only] The list of instance actions and the number of instances in this managed instance group that are pending for each of those actions."
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] The URL of the region where the managed instance group resides (for regional resources)."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] The URL for this managed instance group. The server defines this URL."
-    },
-    "serviceAccount": {
-     "type": "string",
-     "description": "[Output Only] The service account to be used as credentials for all operations performed by the managed instance group on instances. The service accounts needs all permissions required to create and delete instances. By default, the service account {projectNumber}@cloudservices.gserviceaccount.com is used."
-    },
-    "statefulPolicy": {
-     "$ref": "StatefulPolicy",
-     "description": "Stateful configuration for this Instanced Group Manager"
     },
-    "targetPools": {
-     "type": "array",
-     "description": "The URLs for all TargetPool resources to which instances in the instanceGroup field are added. The target pools automatically apply to all of the instances in the managed instance group.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "targetSize": {
-     "type": "integer",
-     "description": "The target number of running instances for this managed instance group. Deleting or abandoning instances reduces this number. Resizing the group changes this number.",
-     "format": "int32",
-     "annotations": {
-      "required": [
-       "compute.instanceGroupManagers.insert",
-       "compute.regionInstanceGroupManagers.insert"
-      ]
-     }
-    },
-    "updatePolicy": {
-     "$ref": "InstanceGroupManagerUpdatePolicy",
-     "description": "The update policy for this managed instance group."
-    },
-    "versions": {
-     "type": "array",
-     "description": "Specifies the instance templates used by this managed instance group to create instances.\n\nEach version is defined by an instanceTemplate. Every template can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.",
-     "items": {
-      "$ref": "InstanceGroupManagerVersion"
-     }
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] The URL of the zone where the managed instance group is located (for zonal resources)."
-    }
-   }
-  },
-  "InstanceGroupManagerActionsSummary": {
-   "id": "InstanceGroupManagerActionsSummary",
-   "type": "object",
-   "properties": {
-    "abandoning": {
-     "type": "integer",
-     "description": "[Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.",
-     "format": "int32"
-    },
-    "creating": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.\n\nIf you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.",
-     "format": "int32"
-    },
-    "creatingWithoutRetries": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.",
-     "format": "int32"
-    },
-    "deleting": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.",
-     "format": "int32"
-    },
-    "none": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.",
-     "format": "int32"
-    },
-    "recreating": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be recreated or are currently being being recreated. Recreating an instance deletes the existing root persistent disk and creates a new disk from the image that is defined in the instance template.",
-     "format": "int32"
-    },
-    "refreshing": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are being reconfigured with properties that do not require a restart or a recreate action. For example, setting or removing target pools for the instance.",
-     "format": "int32"
-    },
-    "restarting": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be restarted or are currently being restarted.",
-     "format": "int32"
-    },
-    "verifying": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are being verified. More details regarding verification process are covered in the documentation of ManagedInstance.InstanceAction.VERIFYING enum field.",
-     "format": "int32"
-    }
-   }
-  },
-  "InstanceGroupManagerActivities": {
-   "id": "InstanceGroupManagerActivities",
-   "type": "object",
-   "properties": {
-    "autohealing": {
-     "type": "string",
-     "enum": [
-      "PERMITTED",
-      "PROHIBITED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "autohealingHealthCheckBased": {
-     "type": "string",
-     "enum": [
-      "PERMITTED",
-      "PROHIBITED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "autoscalingDown": {
-     "type": "string",
-     "enum": [
-      "PERMITTED",
-      "PROHIBITED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "autoscalingUp": {
-     "type": "string",
-     "enum": [
-      "PERMITTED",
-      "PROHIBITED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "creatingInstances": {
-     "type": "string",
-     "enum": [
-      "PERMITTED",
-      "PROHIBITED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "deletingInstances": {
-     "type": "string",
-     "enum": [
-      "PERMITTED",
-      "PROHIBITED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "recreatingInstances": {
-     "type": "string",
-     "enum": [
-      "PERMITTED",
-      "PROHIBITED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "InstanceGroupManagerAggregatedList": {
-   "id": "InstanceGroupManagerAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of InstanceGroupManagersScopedList resources.",
-     "additionalProperties": {
-      "$ref": "InstanceGroupManagersScopedList",
-      "description": "[Output Only] The name of the scope that contains this set of managed instance groups."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupManagerAggregatedList for an aggregated list of managed instance groups.",
-     "default": "compute#instanceGroupManagerAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InstanceGroupManagerAutoHealingPolicy": {
-   "id": "InstanceGroupManagerAutoHealingPolicy",
-   "type": "object",
-   "properties": {
-    "healthCheck": {
-     "type": "string",
-     "description": "The URL for the health check that signals autohealing."
-    },
-    "initialDelaySec": {
-     "type": "integer",
-     "description": "The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances. This initial delay allows instances to initialize and run their startup scripts before the instance group determines that they are UNHEALTHY. This prevents the managed instance group from recreating its instances prematurely. This value must be from range [0, 3600].",
-     "format": "int32"
-    },
-    "maxUnavailable": {
-     "$ref": "FixedOrPercent",
-     "description": "Maximum number of instances that can be unavailable when autohealing. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's liveness health check result was observed to be HEALTHY at least once. By default, a percent value of 100% is used."
-    },
-    "mode": {
-     "type": "string",
-     "description": "Defines operating mode for this policy.",
-     "enum": [
-      "OFF",
-      "ON"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "InstanceGroupManagerList": {
-   "id": "InstanceGroupManagerList",
-   "type": "object",
-   "description": "[Output Only] A list of managed instance groups.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceGroupManager resources.",
-     "items": {
-      "$ref": "InstanceGroupManager"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupManagerList for a list of managed instance groups.",
-     "default": "compute#instanceGroupManagerList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InstanceGroupManagerPendingActionsSummary": {
-   "id": "InstanceGroupManagerPendingActionsSummary",
-   "type": "object",
-   "properties": {
-    "creating": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are pending to be created.",
-     "format": "int32"
-    },
-    "deleting": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are pending to be deleted.",
-     "format": "int32"
-    },
-    "recreating": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are pending to be recreated.",
-     "format": "int32"
-    },
-    "restarting": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are pending to be restarted.",
-     "format": "int32"
-    }
-   }
-  },
-  "InstanceGroupManagerUpdatePolicy": {
-   "id": "InstanceGroupManagerUpdatePolicy",
-   "type": "object",
-   "properties": {
-    "maxSurge": {
-     "$ref": "FixedOrPercent",
-     "description": "The maximum number of instances that can be created above the specified targetSize during the update process. By default, a fixed value of 1 is used. This value can be either a fixed number or a percentage if the instance group has 10 or more instances. If you set a percentage, the number of instances will be rounded up if necessary.\n\nAt least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge."
-    },
-    "maxUnavailable": {
-     "$ref": "FixedOrPercent",
-     "description": "The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:\n\n \n- The instance's status is RUNNING. \n- If there is a health check on the instance group, the instance's liveness health check result must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  By default, a fixed value of 1 is used. This value can be either a fixed number or a percentage if the instance group has 10 or more instances. If you set a percentage, the number of instances will be rounded up if necessary.\n\nAt least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable."
-    },
-    "minReadySec": {
-     "type": "integer",
-     "description": "Minimum number of seconds to wait for after a newly created instance becomes available. This value must be from range [0, 3600].",
-     "format": "int32"
-    },
-    "minimalAction": {
-     "type": "string",
-     "description": "Minimal action to be taken on an instance. You can specify either RESTART to restart existing instances or REPLACE to delete and create new instances from the target template. If you specify a code\u003eRESTART, the Updater will attempt to perform that action only. However, if the Updater determines that the minimal action you specify is not enough to perform the update, it might perform a more disruptive action.",
-     "enum": [
-      "NONE",
-      "REFRESH",
-      "REPLACE",
-      "RESTART"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "type": {
-     "type": "string",
-     "enum": [
-      "OPPORTUNISTIC",
-      "PROACTIVE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "InstanceGroupManagerVersion": {
-   "id": "InstanceGroupManagerVersion",
-   "type": "object",
-   "properties": {
-    "instanceTemplate": {
-     "type": "string"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the version. Unique among all versions in the scope of this managed instance group."
-    },
-    "tag": {
-     "type": "string",
-     "description": "Tag describing the version. Used to trigger rollout of a target version even if instance_template remains unchanged. Deprecated in favor of 'name'."
-    },
-    "targetSize": {
-     "$ref": "FixedOrPercent",
-     "description": "Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:  \n- If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. \n- if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded up.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information."
-    }
-   }
-  },
-  "InstanceGroupManagersAbandonInstancesRequest": {
-   "id": "InstanceGroupManagersAbandonInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The URLs of one or more instances to abandon. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstanceGroupManagersApplyUpdatesRequest": {
-   "id": "InstanceGroupManagersApplyUpdatesRequest",
-   "type": "object",
-   "description": "InstanceGroupManagers.applyUpdatesToInstances",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The list of URLs of one or more instances for which we want to apply updates on this managed instance group. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
-     "items": {
-      "type": "string"
-     }
-    },
-    "maximalAction": {
-     "type": "string",
-     "description": "The maximal action that should be perfomed on the instances. By default REPLACE.",
-     "enum": [
-      "NONE",
-      "REFRESH",
-      "REPLACE",
-      "RESTART"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "minimalAction": {
-     "type": "string",
-     "description": "The minimal action that should be perfomed on the instances. By default NONE.",
-     "enum": [
-      "NONE",
-      "REFRESH",
-      "REPLACE",
-      "RESTART"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "InstanceGroupManagersDeleteInstancesRequest": {
-   "id": "InstanceGroupManagersDeleteInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The URLs of one or more instances to delete. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstanceGroupManagersDeletePerInstanceConfigsReq": {
-   "id": "InstanceGroupManagersDeletePerInstanceConfigsReq",
-   "type": "object",
-   "description": "InstanceGroupManagers.deletePerInstanceConfigs",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The list of instances for which we want to delete per-instance configs on this managed instance group.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstanceGroupManagersListManagedInstancesResponse": {
-   "id": "InstanceGroupManagersListManagedInstancesResponse",
-   "type": "object",
-   "properties": {
-    "managedInstances": {
-     "type": "array",
-     "description": "[Output Only] The list of instances in the managed instance group.",
-     "items": {
-      "$ref": "ManagedInstance"
-     }
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    }
-   }
-  },
-  "InstanceGroupManagersListPerInstanceConfigsResp": {
-   "id": "InstanceGroupManagersListPerInstanceConfigsResp",
-   "type": "object",
-   "properties": {
-    "items": {
-     "type": "array",
-     "description": "[Output Only] The list of PerInstanceConfig.",
-     "items": {
-      "$ref": "PerInstanceConfig"
-     }
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "images": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified image.",
+          "httpMethod": "DELETE",
+          "id": "compute.images.delete",
+          "parameterOrder": [
+            "project",
+            "image"
+          ],
+          "parameters": {
+            "image": {
+              "description": "Name of the image resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images/{image}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "deprecate": {
+          "description": "Sets the deprecation status of an image.\n\nIf an empty request body is given, clears the deprecation status instead.",
+          "httpMethod": "POST",
+          "id": "compute.images.deprecate",
+          "parameterOrder": [
+            "project",
+            "image"
+          ],
+          "parameters": {
+            "image": {
+              "description": "Image name.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images/{image}/deprecate",
+          "request": {
+            "$ref": "DeprecationStatus"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified image. Get a list of available images by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.images.get",
+          "parameterOrder": [
+            "project",
+            "image"
+          ],
+          "parameters": {
+            "image": {
+              "description": "Name of the image resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images/{image}",
+          "response": {
+            "$ref": "Image"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getFromFamily": {
+          "description": "Returns the latest image that is part of an image family and is not deprecated.",
+          "httpMethod": "GET",
+          "id": "compute.images.getFromFamily",
+          "parameterOrder": [
+            "project",
+            "family"
+          ],
+          "parameters": {
+            "family": {
+              "description": "Name of the image family to search for.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images/family/{family}",
+          "response": {
+            "$ref": "Image"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getIamPolicy": {
+          "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
+          "httpMethod": "GET",
+          "id": "compute.images.getIamPolicy",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images/{resource}/getIamPolicy",
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an image in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.images.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "forceCreate": {
+              "description": "Force image creation if true.",
+              "location": "query",
+              "type": "boolean"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images",
+          "request": {
+            "$ref": "Image"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/devstorage.full_control",
+            "https://www.googleapis.com/auth/devstorage.read_only",
+            "https://www.googleapis.com/auth/devstorage.read_write"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of custom images available to the specified project. Custom images are images you create that belong to your project. This method does not get any images that belong to other projects, including publicly-available images, like Debian 8. If you want to get a list of publicly-available images, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.",
+          "httpMethod": "GET",
+          "id": "compute.images.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images",
+          "response": {
+            "$ref": "ImageList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setIamPolicy": {
+          "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
+          "httpMethod": "POST",
+          "id": "compute.images.setIamPolicy",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images/{resource}/setIamPolicy",
+          "request": {
+            "$ref": "Policy"
+          },
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on an image. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.images.setLabels",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images/{resource}/setLabels",
+          "request": {
+            "$ref": "GlobalSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.images.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InstanceGroupManagersRecreateInstancesRequest": {
-   "id": "InstanceGroupManagersRecreateInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The URLs of one or more instances to recreate. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstanceGroupManagersResizeAdvancedRequest": {
-   "id": "InstanceGroupManagersResizeAdvancedRequest",
-   "type": "object",
-   "properties": {
-    "noCreationRetries": {
-     "type": "boolean",
-     "description": "If this flag is true, the managed instance group attempts to create all instances initiated by this resize request only once. If there is an error during creation, the managed instance group does not retry create this instance, and we will decrease the targetSize of the request instead. If the flag is false, the group attemps to recreate each instance continuously until it succeeds.\n\nThis flag matters only in the first attempt of creation of an instance. After an instance is successfully created while this flag is enabled, the instance behaves the same way as all the other instances created with a regular resize request. In particular, if a running instance dies unexpectedly at a later time and needs to be recreated, this mode does not affect the recreation behavior in that scenario.\n\nThis flag is applicable only to the current resize request. It does not influence other resize requests in any way.\n\nYou can see which instances is being creating in which mode by calling the get or listManagedInstances API."
-    },
-    "targetSize": {
-     "type": "integer",
-     "description": "The number of running instances that the managed instance group should maintain at any given time. The group automatically adds or removes instances to maintain the number of instances specified by this parameter.",
-     "format": "int32"
-    }
-   }
-  },
-  "InstanceGroupManagersScopedList": {
-   "id": "InstanceGroupManagersScopedList",
-   "type": "object",
-   "properties": {
+    },
     "instanceGroupManagers": {
-     "type": "array",
-     "description": "[Output Only] The list of managed instance groups that are contained in the specified project and zone.",
-     "items": {
-      "$ref": "InstanceGroupManager"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] The warning that replaces the list of managed instance groups when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+      "methods": {
+        "abandonInstances": {
+          "description": "Schedules a group action to remove the specified instances from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.abandonInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/abandonInstances",
+          "request": {
+            "$ref": "InstanceGroupManagersAbandonInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "aggregatedList": {
+          "description": "Retrieves the list of managed instance groups and groups them by zone.",
+          "httpMethod": "GET",
+          "id": "compute.instanceGroupManagers.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/instanceGroupManagers",
+          "response": {
+            "$ref": "InstanceGroupManagerAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "applyUpdatesToInstances": {
+          "description": "Apply changes to selected instances on the managed instance group. This method can be used to apply new overrides and/or new versions.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.applyUpdatesToInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group, should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located. Should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/applyUpdatesToInstances",
+          "request": {
+            "$ref": "InstanceGroupManagersApplyUpdatesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified managed instance group and all of the instances in that group. Note that the instance group must not belong to a backend service. Read  Deleting an instance group for more information.",
+          "httpMethod": "DELETE",
+          "id": "compute.instanceGroupManagers.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group to delete.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "deleteInstances": {
+          "description": "Schedules a group action to delete the specified instances in the managed instance group. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.deleteInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/deleteInstances",
+          "request": {
+            "$ref": "InstanceGroupManagersDeleteInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "deletePerInstanceConfigs": {
+          "description": "Delete selected per-instance configs for the managed instance group.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.deletePerInstanceConfigs",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group. It should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located. It should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/deletePerInstanceConfigs",
+          "request": {
+            "$ref": "InstanceGroupManagersDeletePerInstanceConfigsReq"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns all of the details about the specified managed instance group. Get a list of available managed instance groups by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.instanceGroupManagers.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
+          "response": {
+            "$ref": "InstanceGroupManager"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a managed instance group using the information that you specify in the request. After the group is created, it schedules an action to create instances in the group using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.\n\nA managed instance group can have up to 1000 VM instances per group. Please contact Cloud Support if you need an increase in this limit.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where you want to create the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers",
+          "request": {
+            "$ref": "InstanceGroupManager"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of managed instance groups that are contained within the specified project and zone.",
+          "httpMethod": "GET",
+          "id": "compute.instanceGroupManagers.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers",
+          "response": {
+            "$ref": "InstanceGroupManagerList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listManagedInstances": {
+          "description": "Lists all of the instances in the managed instance group. Each instance in the list has a currentAction, which indicates the action that the managed instance group is performing on the instance. For example, if the group is still creating an instance, the currentAction is CREATING. If a previous action failed, the list displays the errors for that failed action.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.listManagedInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "filter": {
+              "location": "query",
+              "type": "string"
+            },
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "order_by": {
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/listManagedInstances",
+          "response": {
+            "$ref": "InstanceGroupManagersListManagedInstancesResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listPerInstanceConfigs": {
+          "description": "Lists all of the per-instance configs defined for the managed instance group.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.listPerInstanceConfigs",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group. It should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located. It should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/listPerInstanceConfigs",
+          "response": {
+            "$ref": "InstanceGroupManagersListPerInstanceConfigsResp"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listManagedInstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.instanceGroupManagers.patch",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the instance group manager.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where you want to create the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
+          "request": {
+            "$ref": "InstanceGroupManager"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "recreateInstances": {
+          "description": "Schedules a group action to recreate the specified instances in the managed instance group. The instances are deleted and recreated using the current instance template for the managed instance group. This operation is marked as DONE when the action is scheduled even if the instances have not yet been recreated. You must separately verify the status of the recreating action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.recreateInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/recreateInstances",
+          "request": {
+            "$ref": "InstanceGroupManagersRecreateInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "resize": {
+          "description": "Resizes the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.resize",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager",
+            "size"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "size": {
+              "description": "The number of running instances that the managed instance group should maintain at any given time. The group automatically adds or removes instances to maintain the number of instances specified by this parameter.",
+              "format": "int32",
+              "location": "query",
+              "required": true,
+              "type": "integer"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/resize",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "resizeAdvanced": {
+          "description": "Resizes the managed instance group with advanced configuration options like disabling creation retries. This is an extended version of the resize method.\n\nIf you increase the size of the instance group, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating, creatingWithoutRetries, or deleting actions with the get or listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.resizeAdvanced",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/resizeAdvanced",
+          "request": {
+            "$ref": "InstanceGroupManagersResizeAdvancedRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setAutoHealingPolicies": {
+          "description": "Modifies the autohealing policies.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.setAutoHealingPolicies",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the instance group manager.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/setAutoHealingPolicies",
+          "request": {
+            "$ref": "InstanceGroupManagersSetAutoHealingRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setInstanceTemplate": {
+          "description": "Specifies the instance template to use when creating new instances in this group. The templates for existing instances in the group do not change unless you recreate them.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.setInstanceTemplate",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/setInstanceTemplate",
+          "request": {
+            "$ref": "InstanceGroupManagersSetInstanceTemplateRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setTargetPools": {
+          "description": "Modifies the target pools to which all instances in this managed instance group are assigned. The target pools automatically apply to all of the instances in the managed instance group. This operation is marked DONE when you make the request even if the instances have not yet been added to their target pools. The change might take some time to apply to all of the instances in the group depending on the size of the group.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.setTargetPools",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/setTargetPools",
+          "request": {
+            "$ref": "InstanceGroupManagersSetTargetPoolsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is updated even if the instances in the group have not yet been updated. You must separately verify the status of the individual instances with the listManagedInstances method.",
+          "httpMethod": "PUT",
+          "id": "compute.instanceGroupManagers.update",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the instance group manager.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where you want to create the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
+          "request": {
+            "$ref": "InstanceGroupManager"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "updatePerInstanceConfigs": {
+          "description": "Insert or patch (for the ones that already exist) per-instance configs for the managed instance group. perInstanceConfig.instance serves as a key used to distinguish whether to perform insert or patch.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.updatePerInstanceConfigs",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group. It should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located. It should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/updatePerInstanceConfigs",
+          "request": {
+            "$ref": "InstanceGroupManagersUpdatePerInstanceConfigsReq"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InstanceGroupManagersSetAutoHealingRequest": {
-   "id": "InstanceGroupManagersSetAutoHealingRequest",
-   "type": "object",
-   "properties": {
-    "autoHealingPolicies": {
-     "type": "array",
-     "items": {
-      "$ref": "InstanceGroupManagerAutoHealingPolicy"
-     }
-    }
-   }
-  },
-  "InstanceGroupManagersSetInstanceTemplateRequest": {
-   "id": "InstanceGroupManagersSetInstanceTemplateRequest",
-   "type": "object",
-   "properties": {
-    "instanceTemplate": {
-     "type": "string",
-     "description": "The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group."
-    }
-   }
-  },
-  "InstanceGroupManagersSetTargetPoolsRequest": {
-   "id": "InstanceGroupManagersSetTargetPoolsRequest",
-   "type": "object",
-   "properties": {
-    "fingerprint": {
-     "type": "string",
-     "description": "The fingerprint of the target pools information. Use this optional property to prevent conflicts when multiple users change the target pools settings concurrently. Obtain the fingerprint with the instanceGroupManagers.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.",
-     "format": "byte"
     },
-    "targetPools": {
-     "type": "array",
-     "description": "The list of target pool URLs that instances in this managed instance group belong to. The managed instance group applies these target pools to all of the instances in the group. Existing instances and new instances in the group all receive these target pool settings.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstanceGroupManagersUpdatePerInstanceConfigsReq": {
-   "id": "InstanceGroupManagersUpdatePerInstanceConfigsReq",
-   "type": "object",
-   "description": "InstanceGroupManagers.updatePerInstanceConfigs",
-   "properties": {
-    "perInstanceConfigs": {
-     "type": "array",
-     "description": "The list of per-instance configs to insert or patch on this managed instance group.",
-     "items": {
-      "$ref": "PerInstanceConfig"
-     }
-    }
-   }
-  },
-  "InstanceGroupsAddInstancesRequest": {
-   "id": "InstanceGroupsAddInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The list of instances to add to the instance group.",
-     "items": {
-      "$ref": "InstanceReference"
-     }
-    }
-   }
-  },
-  "InstanceGroupsListInstances": {
-   "id": "InstanceGroupsListInstances",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceWithNamedPorts resources.",
-     "items": {
-      "$ref": "InstanceWithNamedPorts"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupsListInstances for the list of instances in the specified instance group.",
-     "default": "compute#instanceGroupsListInstances"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InstanceGroupsListInstancesRequest": {
-   "id": "InstanceGroupsListInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instanceState": {
-     "type": "string",
-     "description": "A filter for the state of the instances in the instance group. Valid options are ALL or RUNNING. If you do not specify this parameter the list includes all instances regardless of their state.",
-     "enum": [
-      "ALL",
-      "RUNNING"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "InstanceGroupsRemoveInstancesRequest": {
-   "id": "InstanceGroupsRemoveInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The list of instances to remove from the instance group.",
-     "items": {
-      "$ref": "InstanceReference"
-     }
-    }
-   }
-  },
-  "InstanceGroupsScopedList": {
-   "id": "InstanceGroupsScopedList",
-   "type": "object",
-   "properties": {
     "instanceGroups": {
-     "type": "array",
-     "description": "[Output Only] The list of instance groups that are contained in this scope.",
-     "items": {
-      "$ref": "InstanceGroup"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] An informational warning that replaces the list of instance groups when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InstanceGroupsSetNamedPortsRequest": {
-   "id": "InstanceGroupsSetNamedPortsRequest",
-   "type": "object",
-   "properties": {
-    "fingerprint": {
-     "type": "string",
-     "description": "The fingerprint of the named ports information for this instance group. Use this optional property to prevent conflicts when multiple users change the named ports settings concurrently. Obtain the fingerprint with the instanceGroups.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.",
-     "format": "byte"
-    },
-    "namedPorts": {
-     "type": "array",
-     "description": "The list of named ports to set for this instance group.",
-     "items": {
-      "$ref": "NamedPort"
-     }
-    }
-   }
-  },
-  "InstanceList": {
-   "id": "InstanceList",
-   "type": "object",
-   "description": "Contains a list of instances.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Instance resources.",
-     "items": {
-      "$ref": "Instance"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#instanceList for lists of Instance resources.",
-     "default": "compute#instanceList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InstanceListReferrers": {
-   "id": "InstanceListReferrers",
-   "type": "object",
-   "description": "Contains a list of instance referrers.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Reference resources.",
-     "items": {
-      "$ref": "Reference"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#instanceListReferrers for lists of Instance referrers.",
-     "default": "compute#instanceListReferrers"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InstanceMoveRequest": {
-   "id": "InstanceMoveRequest",
-   "type": "object",
-   "properties": {
-    "destinationZone": {
-     "type": "string",
-     "description": "The URL of the destination zone to move the instance. This can be a full or partial URL. For example, the following are all valid URLs to a zone:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone \n- projects/project/zones/zone \n- zones/zone"
-    },
-    "targetInstance": {
-     "type": "string",
-     "description": "The URL of the target instance to move. This can be a full or partial URL. For example, the following are all valid URLs to an instance:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance \n- projects/project/zones/zone/instances/instance \n- zones/zone/instances/instance"
-    }
-   }
-  },
-  "InstanceProperties": {
-   "id": "InstanceProperties",
-   "type": "object",
-   "description": "",
-   "properties": {
-    "canIpForward": {
-     "type": "boolean",
-     "description": "Enables instances created based on this template to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional text description for the instances that are created from this instance template."
-    },
-    "disks": {
-     "type": "array",
-     "description": "An array of disks that are associated with the instances that are created from this template.",
-     "items": {
-      "$ref": "AttachedDisk"
-     }
-    },
-    "guestAccelerators": {
-     "type": "array",
-     "description": "A list of guest accelerator cards' type and count to use for instances created from the instance template.",
-     "items": {
-      "$ref": "AcceleratorConfig"
-     }
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to instances that are created from this template.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    },
-    "machineType": {
-     "type": "string",
-     "description": "The machine type to use for instances that are created from this template.",
-     "annotations": {
-      "required": [
-       "compute.instanceTemplates.insert"
-      ]
-     }
-    },
-    "metadata": {
-     "$ref": "Metadata",
-     "description": "The metadata key/value pairs to assign to instances that are created from this template. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information."
-    },
-    "minCpuPlatform": {
-     "type": "string",
-     "description": "Minimum cpu/platform to be used by this instance. The instance may be scheduled on the specified or newer cpu/platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\". For more information, read Specifying a Minimum CPU Platform."
-    },
-    "networkInterfaces": {
-     "type": "array",
-     "description": "An array of network access configurations for this interface.",
-     "items": {
-      "$ref": "NetworkInterface"
-     }
-    },
-    "scheduling": {
-     "$ref": "Scheduling",
-     "description": "Specifies the scheduling options for the instances that are created from this template."
-    },
-    "serviceAccounts": {
-     "type": "array",
-     "description": "A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from this template. Use metadata queries to obtain the access tokens for these instances.",
-     "items": {
-      "$ref": "ServiceAccount"
-     }
-    },
-    "tags": {
-     "$ref": "Tags",
-     "description": "A list of tags to apply to the instances that are created from this template. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035."
-    }
-   }
-  },
-  "InstanceReference": {
-   "id": "InstanceReference",
-   "type": "object",
-   "properties": {
-    "instance": {
-     "type": "string",
-     "description": "The URL for a specific instance."
-    }
-   }
-  },
-  "InstanceTemplate": {
-   "id": "InstanceTemplate",
-   "type": "object",
-   "description": "An Instance Template resource. (== resource_for beta.instanceTemplates ==) (== resource_for v1.instanceTemplates ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] The creation timestamp for this instance template in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] A unique identifier for this instance template. The server defines this identifier.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceTemplate for instance templates.",
-     "default": "compute#instanceTemplate"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.instanceTemplates.insert"
-      ]
-     }
-    },
-    "properties": {
-     "$ref": "InstanceProperties",
-     "description": "The instance properties for this instance template."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] The URL for this instance template. The server defines this URL."
-    },
-    "sourceInstance": {
-     "type": "string",
-     "description": "The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance \n- projects/project/zones/zone/instances/instance"
-    },
-    "sourceInstanceParams": {
-     "$ref": "SourceInstanceParams",
-     "description": "The source instance params to use to create this instance template."
-    }
-   }
-  },
-  "InstanceTemplateList": {
-   "id": "InstanceTemplateList",
-   "type": "object",
-   "description": "A list of instance templates.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceTemplate resources.",
-     "items": {
-      "$ref": "InstanceTemplate"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceTemplatesListResponse for instance template lists.",
-     "default": "compute#instanceTemplateList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InstanceWithNamedPorts": {
-   "id": "InstanceWithNamedPorts",
-   "type": "object",
-   "properties": {
-    "instance": {
-     "type": "string",
-     "description": "[Output Only] The URL of the instance."
-    },
-    "namedPorts": {
-     "type": "array",
-     "description": "[Output Only] The named ports that belong to this instance group.",
-     "items": {
-      "$ref": "NamedPort"
-     }
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the instance.",
-     "enum": [
-      "PROVISIONING",
-      "RUNNING",
-      "STAGING",
-      "STOPPED",
-      "STOPPING",
-      "SUSPENDED",
-      "SUSPENDING",
-      "TERMINATED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "InstancesAddMaintenancePoliciesRequest": {
-   "id": "InstancesAddMaintenancePoliciesRequest",
-   "type": "object",
-   "properties": {
-    "maintenancePolicies": {
-     "type": "array",
-     "description": "Maintenance policies to be added to this instance.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstancesRemoveMaintenancePoliciesRequest": {
-   "id": "InstancesRemoveMaintenancePoliciesRequest",
-   "type": "object",
-   "properties": {
-    "maintenancePolicies": {
-     "type": "array",
-     "description": "Maintenance policies to be removed from this instance.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstancesResumeRequest": {
-   "id": "InstancesResumeRequest",
-   "type": "object",
-   "properties": {
-    "disks": {
-     "type": "array",
-     "description": "Array of disks associated with this instance that are protected with a customer-supplied encryption key.\n\nIn order to resume the instance, the disk url and its corresponding key must be provided.\n\nIf the disk is not protected with a customer-supplied encryption key it should not be specified.",
-     "items": {
-      "$ref": "CustomerEncryptionKeyProtectedDisk"
-     }
-    },
-    "instanceEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "Decrypts data associated with an instance that is protected with a customer-supplied encryption key.\n\nIf the instance you are starting is protected with a customer-supplied encryption key, the correct key must be provided otherwise the instance resume will not succeed."
-    }
-   }
-  },
-  "InstancesScopedList": {
-   "id": "InstancesScopedList",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "[Output Only] List of instances contained in this scope.",
-     "items": {
-      "$ref": "Instance"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of instances when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+      "methods": {
+        "addInstances": {
+          "description": "Adds a list of instances to the specified instance group. All of the instances in the instance group must be in the same network/subnetwork. Read  Adding instances for more information.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroups.addInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "The name of the instance group where you are adding instances.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/addInstances",
+          "request": {
+            "$ref": "InstanceGroupsAddInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "aggregatedList": {
+          "description": "Retrieves the list of instance groups and sorts them by zone.",
+          "httpMethod": "GET",
+          "id": "compute.instanceGroups.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/instanceGroups",
+          "response": {
+            "$ref": "InstanceGroupAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified instance group. The instances in the group are not deleted. Note that instance group must not belong to a backend service. Read  Deleting an instance group for more information.",
+          "httpMethod": "DELETE",
+          "id": "compute.instanceGroups.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "The name of the instance group to delete.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified instance group. Get a list of available instance groups by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.instanceGroups.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "The name of the instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}",
+          "response": {
+            "$ref": "InstanceGroup"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an instance group in the specified project using the parameters that are included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroups.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where you want to create the instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups",
+          "request": {
+            "$ref": "InstanceGroup"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of instance groups that are located in the specified project and zone.",
+          "httpMethod": "GET",
+          "id": "compute.instanceGroups.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups",
+          "response": {
+            "$ref": "InstanceGroupList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listInstances": {
+          "description": "Lists the instances in the specified instance group.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroups.listInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "instanceGroup": {
+              "description": "The name of the instance group from which you want to generate a list of included instances.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/listInstances",
+          "request": {
+            "$ref": "InstanceGroupsListInstancesRequest"
+          },
+          "response": {
+            "$ref": "InstanceGroupsListInstances"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "removeInstances": {
+          "description": "Removes one or more instances from the specified instance group, but does not delete those instances.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration before the VM instance is removed or deleted.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroups.removeInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "The name of the instance group where the specified instances will be removed.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/removeInstances",
+          "request": {
+            "$ref": "InstanceGroupsRemoveInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setNamedPorts": {
+          "description": "Sets the named ports for the specified instance group.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroups.setNamedPorts",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "The name of the instance group where the named ports are updated.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/setNamedPorts",
+          "request": {
+            "$ref": "InstanceGroupsSetNamedPortsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroups.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InstancesSetLabelsRequest": {
-   "id": "InstancesSetLabelsRequest",
-   "type": "object",
-   "properties": {
-    "labelFingerprint": {
-     "type": "string",
-     "description": "Fingerprint of the previous set of labels for this resource, used to prevent conflicts. Provide the latest fingerprint value when making a request to add or change labels.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "additionalProperties": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstancesSetMachineResourcesRequest": {
-   "id": "InstancesSetMachineResourcesRequest",
-   "type": "object",
-   "properties": {
-    "guestAccelerators": {
-     "type": "array",
-     "description": "List of the type and count of accelerator cards attached to the instance.",
-     "items": {
-      "$ref": "AcceleratorConfig"
-     }
-    }
-   }
-  },
-  "InstancesSetMachineTypeRequest": {
-   "id": "InstancesSetMachineTypeRequest",
-   "type": "object",
-   "properties": {
-    "machineType": {
-     "type": "string",
-     "description": "Full or partial URL of the machine type resource. See Machine Types for a full list of machine types. For example: zones/us-central1-f/machineTypes/n1-standard-1"
-    }
-   }
-  },
-  "InstancesSetMinCpuPlatformRequest": {
-   "id": "InstancesSetMinCpuPlatformRequest",
-   "type": "object",
-   "properties": {
-    "minCpuPlatform": {
-     "type": "string",
-     "description": "Minimum cpu/platform this instance should be started at."
-    }
-   }
-  },
-  "InstancesSetServiceAccountRequest": {
-   "id": "InstancesSetServiceAccountRequest",
-   "type": "object",
-   "properties": {
-    "email": {
-     "type": "string",
-     "description": "Email address of the service account."
-    },
-    "scopes": {
-     "type": "array",
-     "description": "The list of scopes to be made available for this service account.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstancesStartWithEncryptionKeyRequest": {
-   "id": "InstancesStartWithEncryptionKeyRequest",
-   "type": "object",
-   "properties": {
-    "disks": {
-     "type": "array",
-     "description": "Array of disks associated with this instance that are protected with a customer-supplied encryption key.\n\nIn order to start the instance, the disk url and its corresponding key must be provided.\n\nIf the disk is not protected with a customer-supplied encryption key it should not be specified.",
-     "items": {
-      "$ref": "CustomerEncryptionKeyProtectedDisk"
-     }
-    },
-    "instanceEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "Decrypts data associated with an instance that is protected with a customer-supplied encryption key.\n\nIf the instance you are starting is protected with a customer-supplied encryption key, the correct key must be provided otherwise the instance start will not succeed."
-    }
-   }
-  },
-  "Interconnect": {
-   "id": "Interconnect",
-   "type": "object",
-   "description": "Represents an Interconnects resource. The Interconnects resource is a dedicated connection between Google's network and your on-premises network. For more information, see the  Dedicated overview page. (== resource_for v1.interconnects ==) (== resource_for beta.interconnects ==)",
-   "properties": {
-    "adminEnabled": {
-     "type": "boolean",
-     "description": "Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true."
-    },
-    "circuitInfos": {
-     "type": "array",
-     "description": "[Output Only] List of CircuitInfo objects, that describe the individual circuits in this LAG.",
-     "items": {
-      "$ref": "InterconnectCircuitInfo"
-     }
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "customerName": {
-     "type": "string",
-     "description": "Customer name, to put in the Letter of Authorization as the party authorized to request a crossconnect."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "expectedOutages": {
-     "type": "array",
-     "description": "[Output Only] List of outages expected for this Interconnect.",
-     "items": {
-      "$ref": "InterconnectOutageNotification"
-     }
-    },
-    "googleIpAddress": {
-     "type": "string",
-     "description": "[Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests."
-    },
-    "googleReferenceId": {
-     "type": "string",
-     "description": "[Output Only] Google reference ID; to be used when raising support tickets with Google or otherwise to debug backend connectivity issues."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
     },
-    "interconnectAttachments": {
-     "type": "array",
-     "description": "[Output Only] A list of the URLs of all InterconnectAttachments configured to use this Interconnect.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "interconnectType": {
-     "type": "string",
-     "description": "Type of interconnect. Note that \"IT_PRIVATE\" has been deprecated in favor of \"DEDICATED\"",
-     "enum": [
-      "DEDICATED",
-      "IT_PRIVATE",
-      "PARTNER"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#interconnect for interconnects.",
-     "default": "compute#interconnect"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an Interconnect.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this Interconnect resource. These can be later modified by the setLabels method. Each label key/value must comply with RFC1035. Label values may be empty.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    },
-    "linkType": {
-     "type": "string",
-     "description": "Type of link requested. This field indicates speed of each of the links in the bundle, not the entire bundle. Only 10G per link is allowed for a dedicated interconnect. Options: Ethernet_10G_LR",
-     "enum": [
-      "LINK_TYPE_ETHERNET_10G_LR"
-     ],
-     "enumDescriptions": [
-      ""
-     ]
-    },
-    "location": {
-     "type": "string",
-     "description": "URL of the InterconnectLocation object that represents where this connection is to be provisioned."
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.interconnects.insert"
-      ]
-     }
-    },
-    "nocContactEmail": {
-     "type": "string",
-     "description": "Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Stackdriver logs alerting and Cloud Notifications."
-    },
-    "operationalStatus": {
-     "type": "string",
-     "description": "[Output Only] The current status of whether or not this Interconnect is functional.",
-     "enum": [
-      "OS_ACTIVE",
-      "OS_UNPROVISIONED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "peerIpAddress": {
-     "type": "string",
-     "description": "[Output Only] IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests."
-    },
-    "provisionedLinkCount": {
-     "type": "integer",
-     "description": "[Output Only] Number of links actually provisioned in this interconnect.",
-     "format": "int32"
-    },
-    "requestedLinkCount": {
-     "type": "integer",
-     "description": "Target number of physical links in the link bundle, as requested by the customer.",
-     "format": "int32"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "state": {
-     "type": "string",
-     "description": "[Output Only] The current state of whether or not this Interconnect is functional.",
-     "enum": [
-      "ACTIVE",
-      "UNPROVISIONED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "InterconnectAttachment": {
-   "id": "InterconnectAttachment",
-   "type": "object",
-   "description": "Represents an InterconnectAttachment (VLAN attachment) resource. For more information, see  Creating VLAN Attachments. (== resource_for beta.interconnectAttachments ==) (== resource_for v1.interconnectAttachments ==)",
-   "properties": {
-    "adminEnabled": {
-     "type": "boolean",
-     "description": "Determines whether this Attachment will carry packets. Not present for PARTNER_PROVIDER."
-    },
-    "availabilityZone": {
-     "type": "string",
-     "enum": [
-      "ZONE_1",
-      "ZONE_2",
-      "ZONE_ANY"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "bandwidth": {
-     "type": "string",
-     "enum": [
-      "BPS_100M",
-      "BPS_10G",
-      "BPS_1G",
-      "BPS_200M",
-      "BPS_2G",
-      "BPS_300M",
-      "BPS_400M",
-      "BPS_500M",
-      "BPS_50M",
-      "BPS_5G"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "candidateSubnets": {
-     "type": "array",
-     "description": "Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space (169.254.0.0/16) and must be /29 or shorter (/28, /27, etc). Google will attempt to select an unused /29 from the supplied candidate prefix(es). The request will fail if all possible /29s are in use on Google?s edge. If not supplied, Google will randomly select an unused /29 from all of link-local space.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "cloudRouterIpAddress": {
-     "type": "string",
-     "description": "[Output Only] IPv4 address + prefix length to be configured on Cloud Router Interface for this interconnect attachment."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "customerRouterIpAddress": {
-     "type": "string",
-     "description": "[Output Only] IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource."
-    },
-    "googleReferenceId": {
-     "type": "string",
-     "description": "[Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "interconnect": {
-     "type": "string",
-     "description": "URL of the underlying Interconnect object that this attachment's traffic will traverse through."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.",
-     "default": "compute#interconnectAttachment"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this InterconnectAttachment resource. These can be later modified by the setLabels method. Each label key/value must comply with RFC1035. Label values may be empty.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "operationalStatus": {
-     "type": "string",
-     "description": "[Output Only] The current status of whether or not this interconnect attachment is functional.",
-     "enum": [
-      "OS_ACTIVE",
-      "OS_UNPROVISIONED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "pairingKey": {
-     "type": "string",
-     "description": "[Output only for type PARTNER. Input only for PARTNER_PROVIDER. Not present for DEDICATED]. Opaque string identifying an PARTNER attachment. Of the form ?cloud-region/XXXXXX?."
-    },
-    "partnerAsn": {
-     "type": "string",
-     "description": "[Output only for PARTNER. Input for PARTNER_PROVIDER. Not present for DEDICATED] BGP ASN of the Partner. A layer 3 Partner should supply this if they configured BGP on behalf of the customer.",
-     "format": "int64"
-    },
-    "partnerMetadata": {
-     "$ref": "InterconnectAttachmentPartnerMetadata"
-    },
-    "privateInterconnectInfo": {
-     "$ref": "InterconnectAttachmentPrivateInfo",
-     "description": "[Output Only] Information specific to an InterconnectAttachment. This property is populated if the interconnect that this is attached to is of type DEDICATED."
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the regional interconnect attachment resides."
-    },
-    "router": {
-     "type": "string",
-     "description": "URL of the cloud router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network & region within which the Cloud Router is configured."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "state": {
-     "type": "string",
-     "description": "[Output Only] The current state of whether or not this interconnect attachment is functional.",
-     "enum": [
-      "ACTIVE",
-      "DEFUNCT",
-      "PARTNER_REQUEST_RECEIVED",
-      "PENDING_CUSTOMER",
-      "PENDING_PARTNER",
-      "STATE_UNSPECIFIED",
-      "UNPROVISIONED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "type": {
-     "type": "string",
-     "enum": [
-      "DEDICATED",
-      "PARTNER",
-      "PARTNER_PROVIDER"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "vlanTag8021q": {
-     "type": "integer",
-     "description": "Available only for DEDICATED and PARTNER_PROVIDER. Desired VLAN tag for this attachment, in the range 2-4094. This field refers to 802.1q VLAN tag, also known as IEEE 802.1Q Only specified at creation time.",
-     "format": "int32"
-    }
-   }
-  },
-  "InterconnectAttachmentAggregatedList": {
-   "id": "InterconnectAttachmentAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of InterconnectAttachmentsScopedList resources.",
-     "additionalProperties": {
-      "$ref": "InterconnectAttachmentsScopedList",
-      "description": "Name of the scope containing this set of interconnect attachments."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#interconnectAttachmentAggregatedList for aggregated lists of interconnect attachments.",
-     "default": "compute#interconnectAttachmentAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InterconnectAttachmentList": {
-   "id": "InterconnectAttachmentList",
-   "type": "object",
-   "description": "Response to the list request, and contains a list of interconnect attachments.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InterconnectAttachment resources.",
-     "items": {
-      "$ref": "InterconnectAttachment"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#interconnectAttachmentList for lists of interconnect attachments.",
-     "default": "compute#interconnectAttachmentList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InterconnectAttachmentPartnerMetadata": {
-   "id": "InterconnectAttachmentPartnerMetadata",
-   "type": "object",
-   "description": "Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments. Only mutable for PARTNER_PROVIDER type, output-only for PARTNER, not available for DEDICATED.",
-   "properties": {
-    "interconnectName": {
-     "type": "string",
-     "description": "Plain text name of the Interconnect this attachment is connected to, as displayed in the Partner?s portal. For instance ?Chicago 1?. This value may be validated to match approved Partner values."
-    },
-    "partnerName": {
-     "type": "string",
-     "description": "Plain text name of the Partner providing this attachment. This value may be validated to match approved Partner values."
-    },
-    "portalUrl": {
-     "type": "string",
-     "description": "URL of the Partner?s portal for this Attachment. Partners may customise this to be a deep-link to the specific resource on the Partner portal. This value may be validated to match approved Partner values."
-    }
-   }
-  },
-  "InterconnectAttachmentPrivateInfo": {
-   "id": "InterconnectAttachmentPrivateInfo",
-   "type": "object",
-   "description": "Information for an interconnect attachment when this belongs to an interconnect of type DEDICATED.",
-   "properties": {
-    "tag8021q": {
-     "type": "integer",
-     "description": "[Output Only] 802.1q encapsulation tag to be used for traffic between Google and the customer, going to and from this network and region.",
-     "format": "uint32"
-    }
-   }
-  },
-  "InterconnectAttachmentsScopedList": {
-   "id": "InterconnectAttachmentsScopedList",
-   "type": "object",
-   "properties": {
-    "interconnectAttachments": {
-     "type": "array",
-     "description": "List of interconnect attachments contained in this scope.",
-     "items": {
-      "$ref": "InterconnectAttachment"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of addresses when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InterconnectCircuitInfo": {
-   "id": "InterconnectCircuitInfo",
-   "type": "object",
-   "description": "Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only. Next id: 4",
-   "properties": {
-    "customerDemarcId": {
-     "type": "string",
-     "description": "Customer-side demarc ID for this circuit."
-    },
-    "googleCircuitId": {
-     "type": "string",
-     "description": "Google-assigned unique ID for this circuit. Assigned at circuit turn-up."
-    },
-    "googleDemarcId": {
-     "type": "string",
-     "description": "Google-side demarc ID for this circuit. Assigned at circuit turn-up and provided by Google to the customer in the LOA."
-    }
-   }
-  },
-  "InterconnectList": {
-   "id": "InterconnectList",
-   "type": "object",
-   "description": "Response to the list request, and contains a list of interconnects.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Interconnect resources.",
-     "items": {
-      "$ref": "Interconnect"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#interconnectList for lists of interconnects.",
-     "default": "compute#interconnectList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InterconnectLocation": {
-   "id": "InterconnectLocation",
-   "type": "object",
-   "description": "Represents an InterconnectLocations resource. The InterconnectLocations resource describes the locations where you can connect to Google's networks. For more information, see  Colocation Facilities.",
-   "properties": {
-    "address": {
-     "type": "string",
-     "description": "[Output Only] The postal address of the Point of Presence, each line in the address is separated by a newline character."
-    },
-    "availabilityZone": {
-     "type": "string",
-     "description": "[Output Only] Availability zone for this location. Within a metropolitan area (metro), maintenance will not be simultaneously scheduled in more than one availability zone. Example: \"zone1\" or \"zone2\"."
-    },
-    "city": {
-     "type": "string",
-     "description": "[Output Only] Metropolitan area designator that indicates which city an interconnect is located. For example: \"Chicago, IL\", \"Amsterdam, Netherlands\"."
-    },
-    "continent": {
-     "type": "string",
-     "description": "[Output Only] Continent for this location.",
-     "enum": [
-      "AFRICA",
-      "ASIA_PAC",
-      "C_AFRICA",
-      "C_ASIA_PAC",
-      "C_EUROPE",
-      "C_NORTH_AMERICA",
-      "C_SOUTH_AMERICA",
-      "EUROPE",
-      "NORTH_AMERICA",
-      "SOUTH_AMERICA"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] An optional description of the resource."
-    },
-    "facilityProvider": {
-     "type": "string",
-     "description": "[Output Only] The name of the provider for this facility (e.g., EQUINIX)."
-    },
-    "facilityProviderFacilityId": {
-     "type": "string",
-     "description": "[Output Only] A provider-assigned Identifier for this facility (e.g., Ashburn-DC1)."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#interconnectLocation for interconnect locations.",
-     "default": "compute#interconnectLocation"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource."
-    },
-    "peeringdbFacilityId": {
-     "type": "string",
-     "description": "[Output Only] The peeringdb identifier for this facility (corresponding with a netfac type in peeringdb)."
-    },
-    "regionInfos": {
-     "type": "array",
-     "description": "[Output Only] A list of InterconnectLocation.RegionInfo objects, that describe parameters pertaining to the relation between this InterconnectLocation and various Google Cloud regions.",
-     "items": {
-      "$ref": "InterconnectLocationRegionInfo"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "InterconnectLocationList": {
-   "id": "InterconnectLocationList",
-   "type": "object",
-   "description": "Response to the list request, and contains a list of interconnect locations.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InterconnectLocation resources.",
-     "items": {
-      "$ref": "InterconnectLocation"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#interconnectLocationList for lists of interconnect locations.",
-     "default": "compute#interconnectLocationList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "instanceTemplates": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified instance template. Deleting an instance template is permanent and cannot be undone. It's not possible to delete templates which are in use by an instance group.",
+          "httpMethod": "DELETE",
+          "id": "compute.instanceTemplates.delete",
+          "parameterOrder": [
+            "project",
+            "instanceTemplate"
+          ],
+          "parameters": {
+            "instanceTemplate": {
+              "description": "The name of the instance template to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/instanceTemplates/{instanceTemplate}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified instance template. Get a list of available instance templates by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.instanceTemplates.get",
+          "parameterOrder": [
+            "project",
+            "instanceTemplate"
+          ],
+          "parameters": {
+            "instanceTemplate": {
+              "description": "The name of the instance template.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/instanceTemplates/{instanceTemplate}",
+          "response": {
+            "$ref": "InstanceTemplate"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an instance template in the specified project using the data that is included in the request. If you are creating a new template to update an existing instance group, your new instance template must use the same network or, if applicable, the same subnetwork as the original template.",
+          "httpMethod": "POST",
+          "id": "compute.instanceTemplates.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/instanceTemplates",
+          "request": {
+            "$ref": "InstanceTemplate"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of instance templates that are contained within the specified project and zone.",
+          "httpMethod": "GET",
+          "id": "compute.instanceTemplates.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/instanceTemplates",
+          "response": {
+            "$ref": "InstanceTemplateList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.instanceTemplates.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/instanceTemplates/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InterconnectLocationRegionInfo": {
-   "id": "InterconnectLocationRegionInfo",
-   "type": "object",
-   "description": "Information about any potential InterconnectAttachments between an Interconnect at a specific InterconnectLocation, and a specific Cloud Region.",
-   "properties": {
-    "expectedRttMs": {
-     "type": "string",
-     "description": "Expected round-trip time in milliseconds, from this InterconnectLocation to a VM in this region.",
-     "format": "int64"
-    },
-    "locationPresence": {
-     "type": "string",
-     "description": "Identifies the network presence of this location.",
-     "enum": [
-      "GLOBAL",
-      "LOCAL_REGION",
-      "LP_GLOBAL",
-      "LP_LOCAL_REGION"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "region": {
-     "type": "string",
-     "description": "URL for the region of this location."
-    }
-   }
-  },
-  "InterconnectOutageNotification": {
-   "id": "InterconnectOutageNotification",
-   "type": "object",
-   "description": "Description of a planned outage on this Interconnect. Next id: 9",
-   "properties": {
-    "affectedCircuits": {
-     "type": "array",
-     "description": "Iff issue_type is IT_PARTIAL_OUTAGE, a list of the Google-side circuit IDs that will be affected.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "description": {
-     "type": "string",
-     "description": "A description about the purpose of the outage."
-    },
-    "endTime": {
-     "type": "string",
-     "description": "Scheduled end time for the outage (milliseconds since Unix epoch).",
-     "format": "int64"
-    },
-    "issueType": {
-     "type": "string",
-     "description": "Form this outage is expected to take. Note that the \"IT_\" versions of this enum have been deprecated in favor of the unprefixed values.",
-     "enum": [
-      "IT_OUTAGE",
-      "IT_PARTIAL_OUTAGE",
-      "OUTAGE",
-      "PARTIAL_OUTAGE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "name": {
-     "type": "string",
-     "description": "Unique identifier for this outage notification."
-    },
-    "source": {
-     "type": "string",
-     "description": "The party that generated this notification. Note that \"NSRC_GOOGLE\" has been deprecated in favor of \"GOOGLE\"",
-     "enum": [
-      "GOOGLE",
-      "NSRC_GOOGLE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "startTime": {
-     "type": "string",
-     "description": "Scheduled start time for the outage (milliseconds since Unix epoch).",
-     "format": "int64"
-    },
-    "state": {
-     "type": "string",
-     "description": "State of this notification. Note that the \"NS_\" versions of this enum have been deprecated in favor of the unprefixed values.",
-     "enum": [
-      "ACTIVE",
-      "CANCELLED",
-      "NS_ACTIVE",
-      "NS_CANCELED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "InternalIpOwner": {
-   "id": "InternalIpOwner",
-   "type": "object",
-   "properties": {
-    "ipCidrRange": {
-     "type": "string",
-     "description": "IP CIDR range being owned."
-    },
-    "owners": {
-     "type": "array",
-     "description": "URLs of the IP owners of the IP CIDR range.",
-     "items": {
-      "type": "string"
-     }
     },
-    "systemOwned": {
-     "type": "boolean",
-     "description": "Whether this IP CIDR range is reserved for system use."
-    }
-   }
-  },
-  "IpOwnerList": {
-   "id": "IpOwnerList",
-   "type": "object",
-   "description": "Contains a list of IP owners.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InternalIpOwner resources.",
-     "items": {
-      "$ref": "InternalIpOwner"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#ipOwnerList for lists of IP owners.",
-     "default": "compute#ipOwnerList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "License": {
-   "id": "License",
-   "type": "object",
-   "description": "A license resource.",
-   "properties": {
-    "chargesUseFee": {
-     "type": "boolean",
-     "description": "[Output Only] Deprecated. This field no longer reflects whether a license charges a usage fee."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional textual description of the resource; provided by the client when the resource is created."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#license for licenses.",
-     "default": "compute#license"
-    },
-    "licenseCode": {
-     "type": "string",
-     "description": "[Output Only] The unique code used to attach this license to images, snapshots, and disks.",
-     "format": "uint64"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource. The name is 1-63 characters long and complies with RFC1035.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.images.insert"
-      ]
-     }
-    },
-    "resourceRequirements": {
-     "$ref": "LicenseResourceRequirements"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "transferable": {
-     "type": "boolean",
-     "description": "If false, licenses will not be copied from the source resource when creating an image from a disk, disk from snapshot, or snapshot from disk."
-    }
-   }
-  },
-  "LicenseCode": {
-   "id": "LicenseCode",
-   "type": "object",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] Description of this License Code."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#licenseCode for licenses.",
-     "default": "compute#licenseCode"
-    },
-    "licenseAlias": {
-     "type": "array",
-     "description": "[Output Only] URL and description aliases of Licenses with the same License Code.",
-     "items": {
-      "$ref": "LicenseCodeLicenseAlias"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource. The name is 1-20 characters long and must be a valid 64 bit integer.",
-     "pattern": "[0-9]{0,20}?",
-     "annotations": {
-      "required": [
-       "compute.licenses.insert"
-      ]
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "state": {
-     "type": "string",
-     "description": "[Output Only] Current state of this License Code.",
-     "enum": [
-      "DISABLED",
-      "ENABLED",
-      "RESTRICTED",
-      "STATE_UNSPECIFIED",
-      "TERMINATED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "transferable": {
-     "type": "boolean",
-     "description": "[Output Only] If true, the license will remain attached when creating images or snapshots from disks. Otherwise, the license is not transferred."
-    }
-   }
-  },
-  "LicenseCodeLicenseAlias": {
-   "id": "LicenseCodeLicenseAlias",
-   "type": "object",
-   "properties": {
-    "description": {
-     "type": "string",
-     "description": "[Output Only] Description of this License Code."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] URL of license corresponding to this License Code."
-    }
-   }
-  },
-  "LicenseResourceRequirements": {
-   "id": "LicenseResourceRequirements",
-   "type": "object",
-   "properties": {
-    "minGuestCpuCount": {
-     "type": "integer",
-     "description": "Minimum number of guest cpus required to use the Instance. Enforced at Instance creation and Instance start.",
-     "format": "int32"
-    },
-    "minMemoryMb": {
-     "type": "integer",
-     "description": "Minimum memory required to use the Instance. Enforced at Instance creation and Instance start.",
-     "format": "int32"
-    }
-   }
-  },
-  "LicensesListResponse": {
-   "id": "LicensesListResponse",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of License resources.",
-     "items": {
-      "$ref": "License"
-     }
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "LogConfig": {
-   "id": "LogConfig",
-   "type": "object",
-   "description": "Specifies what kind of log the caller must write",
-   "properties": {
-    "cloudAudit": {
-     "$ref": "LogConfigCloudAuditOptions",
-     "description": "Cloud audit options."
-    },
-    "counter": {
-     "$ref": "LogConfigCounterOptions",
-     "description": "Counter options."
-    },
-    "dataAccess": {
-     "$ref": "LogConfigDataAccessOptions",
-     "description": "Data access options."
-    }
-   }
-  },
-  "LogConfigCloudAuditOptions": {
-   "id": "LogConfigCloudAuditOptions",
-   "type": "object",
-   "description": "Write a Cloud Audit log",
-   "properties": {
-    "authorizationLoggingOptions": {
-     "$ref": "AuthorizationLoggingOptions",
-     "description": "Information used by the Cloud Audit Logging pipeline."
-    },
-    "logName": {
-     "type": "string",
-     "description": "The log_name to populate in the Cloud Audit Record.",
-     "enum": [
-      "ADMIN_ACTIVITY",
-      "DATA_ACCESS",
-      "UNSPECIFIED_LOG_NAME"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "LogConfigCounterOptions": {
-   "id": "LogConfigCounterOptions",
-   "type": "object",
-   "description": "Increment a streamz counter with the specified metric and field names.\n\nMetric names should start with a '/', generally be lowercase-only, and end in \"_count\". Field names should not contain an initial slash. The actual exported metric names will have \"/iam/policy\" prepended.\n\nField names correspond to IAM request parameters and field values are their respective values.\n\nAt present the only supported field names are - \"iam_principal\", corresponding to IAMContext.principal; - \"\" (empty string), resulting in one aggretated counter with no field.\n\nExamples: counter { metric: \"/debug_access_count\" field: \"iam_principal\" } ==\u003e increment counter /iam/policy/backend_debug_access_count {iam_principal=[value of IAMContext.principal]}\n\nAt this time we do not support: * multiple field names (though this may be supported in the future) * decrementing the counter * incrementing it by anything other than 1",
-   "properties": {
-    "field": {
-     "type": "string",
-     "description": "The field value to attribute."
-    },
-    "metric": {
-     "type": "string",
-     "description": "The metric to update."
-    }
-   }
-  },
-  "LogConfigDataAccessOptions": {
-   "id": "LogConfigDataAccessOptions",
-   "type": "object",
-   "description": "Write a Data Access (Gin) log",
-   "properties": {
-    "logMode": {
-     "type": "string",
-     "description": "Whether Gin logging should happen in a fail-closed manner at the caller. This is relevant only in the LocalIAM implementation, for now.",
-     "enum": [
-      "LOG_FAIL_CLOSED",
-      "LOG_MODE_UNSPECIFIED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "MachineType": {
-   "id": "MachineType",
-   "type": "object",
-   "description": "A Machine Type resource. (== resource_for v1.machineTypes ==) (== resource_for beta.machineTypes ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "deprecated": {
-     "$ref": "DeprecationStatus",
-     "description": "[Output Only] The deprecation status associated with this machine type."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] An optional textual description of the resource."
-    },
-    "guestCpus": {
-     "type": "integer",
-     "description": "[Output Only] The number of virtual CPUs that are available to the instance.",
-     "format": "int32"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "isSharedCpu": {
-     "type": "boolean",
-     "description": "[Output Only] Whether this machine type has a shared CPU. See Shared-core machine types for more information."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The type of the resource. Always compute#machineType for machine types.",
-     "default": "compute#machineType"
-    },
-    "maximumPersistentDisks": {
-     "type": "integer",
-     "description": "[Output Only] Maximum persistent disks allowed.",
-     "format": "int32"
-    },
-    "maximumPersistentDisksSizeGb": {
-     "type": "string",
-     "description": "[Output Only] Maximum total persistent disks size (GB) allowed.",
-     "format": "int64"
-    },
-    "memoryMb": {
-     "type": "integer",
-     "description": "[Output Only] The amount of physical memory available to the instance, defined in MB.",
-     "format": "int32"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] The name of the zone where the machine type resides, such as us-central1-a."
-    }
-   }
-  },
-  "MachineTypeAggregatedList": {
-   "id": "MachineTypeAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of MachineTypesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "MachineTypesScopedList",
-      "description": "[Output Only] Name of the scope containing this set of machine types."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#machineTypeAggregatedList for aggregated lists of machine types.",
-     "default": "compute#machineTypeAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "MachineTypeList": {
-   "id": "MachineTypeList",
-   "type": "object",
-   "description": "Contains a list of machine types.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of MachineType resources.",
-     "items": {
-      "$ref": "MachineType"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#machineTypeList for lists of machine types.",
-     "default": "compute#machineTypeList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "MachineTypesScopedList": {
-   "id": "MachineTypesScopedList",
-   "type": "object",
-   "properties": {
-    "machineTypes": {
-     "type": "array",
-     "description": "[Output Only] List of machine types contained in this scope.",
-     "items": {
-      "$ref": "MachineType"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] An informational warning that appears when the machine types list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "MaintenancePoliciesList": {
-   "id": "MaintenancePoliciesList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "[Output Only] A list of MaintenancePolicy resources.",
-     "items": {
-      "$ref": "MaintenancePolicy"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource.Always compute#maintenancePoliciesList for listsof maintenancePolicies",
-     "default": "compute#maintenancePoliciesList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "instances": {
+      "methods": {
+        "addAccessConfig": {
+          "description": "Adds an access config to an instance's network interface.",
+          "httpMethod": "POST",
+          "id": "compute.instances.addAccessConfig",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance",
+            "networkInterface"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "The instance name for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "networkInterface": {
+              "description": "The name of the network interface to add to this instance.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/addAccessConfig",
+          "request": {
+            "$ref": "AccessConfig"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "addMaintenancePolicies": {
+          "description": "Adds existing maintenance policies to an instance. You can only add one policy right now which will be applied to this instance for scheduling live migrations.",
+          "httpMethod": "POST",
+          "id": "compute.instances.addMaintenancePolicies",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "The instance name for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/addMaintenancePolicies",
+          "request": {
+            "$ref": "InstancesAddMaintenancePoliciesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "aggregatedList": {
+          "description": "Retrieves aggregated list of instances.",
+          "httpMethod": "GET",
+          "id": "compute.instances.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/instances",
+          "response": {
+            "$ref": "InstanceAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "attachDisk": {
+          "description": "Attaches an existing Disk resource to an instance. You must first create the disk before you can attach it. It is not possible to create and attach a disk at the same time. For more information, read Adding a persistent disk to your instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.attachDisk",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "forceAttach": {
+              "description": "Whether to force attach the disk even if it's currently attached to another instance. This is only available for regional disks.",
+              "location": "query",
+              "type": "boolean"
+            },
+            "instance": {
+              "description": "The instance name for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/attachDisk",
+          "request": {
+            "$ref": "AttachedDisk"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified Instance resource. For more information, see Stopping or Deleting an Instance.",
+          "httpMethod": "DELETE",
+          "id": "compute.instances.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "deleteAccessConfig": {
+          "description": "Deletes an access config from an instance's network interface.",
+          "httpMethod": "POST",
+          "id": "compute.instances.deleteAccessConfig",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance",
+            "accessConfig",
+            "networkInterface"
+          ],
+          "parameters": {
+            "accessConfig": {
+              "description": "The name of the access config to delete.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "instance": {
+              "description": "The instance name for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "networkInterface": {
+              "description": "The name of the network interface.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/deleteAccessConfig",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "detachDisk": {
+          "description": "Detaches a disk from an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.detachDisk",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance",
+            "deviceName"
+          ],
+          "parameters": {
+            "deviceName": {
+              "description": "Disk device name to detach.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "instance": {
+              "description": "Instance name.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/detachDisk",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified Instance resource. Get a list of available instances by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.instances.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}",
+          "response": {
+            "$ref": "Instance"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getGuestAttributes": {
+          "description": "Returns the specified guest attributes entry.",
+          "httpMethod": "GET",
+          "id": "compute.instances.getGuestAttributes",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "variableKey": {
+              "description": "Specifies the key for the guest attributes entry.",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/getGuestAttributes",
+          "response": {
+            "$ref": "GuestAttributes"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getIamPolicy": {
+          "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
+          "httpMethod": "GET",
+          "id": "compute.instances.getIamPolicy",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{resource}/getIamPolicy",
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getSerialPortOutput": {
+          "description": "Returns the specified instance's serial port output.",
+          "httpMethod": "GET",
+          "id": "compute.instances.getSerialPortOutput",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "port": {
+              "default": "1",
+              "description": "Specifies which COM or serial port to retrieve data from.",
+              "format": "int32",
+              "location": "query",
+              "maximum": "4",
+              "minimum": "1",
+              "type": "integer"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "start": {
+              "description": "Returns output starting from a specific byte position. Use this to page through output when the output is too large to return in a single request. For the initial request, leave this field unspecified. For subsequent calls, this field should be set to the next value returned in the previous call.",
+              "format": "int64",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/serialPort",
+          "response": {
+            "$ref": "SerialPortOutput"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an instance resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.instances.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "sourceInstanceTemplate": {
+              "description": "Specifies instance template to create the instance.\n\nThis field is optional. It can be a full or partial URL. For example, the following are all valid URLs to an instance template:  \n- https://www.googleapis.com/compute/v1/projects/project/global/global/instanceTemplates/instanceTemplate \n- projects/project/global/global/instanceTemplates/instanceTemplate \n- global/instancesTemplates/instanceTemplate",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances",
+          "request": {
+            "$ref": "Instance"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of instances contained within the specified zone.",
+          "httpMethod": "GET",
+          "id": "compute.instances.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances",
+          "response": {
+            "$ref": "InstanceList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listReferrers": {
+          "description": "Retrieves the list of referrers to instances contained within the specified zone.",
+          "httpMethod": "GET",
+          "id": "compute.instances.listReferrers",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "instance": {
+              "description": "Name of the target instance scoping this request, or '-' if the request should span over all instances in the container.",
+              "location": "path",
+              "pattern": "-|[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/referrers",
+          "response": {
+            "$ref": "InstanceListReferrers"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "removeMaintenancePolicies": {
+          "description": "Removes maintenance policies from an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.removeMaintenancePolicies",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "The instance name for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/removeMaintenancePolicies",
+          "request": {
+            "$ref": "InstancesRemoveMaintenancePoliciesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "reset": {
+          "description": "Performs a reset on the instance. For more information, see Resetting an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.reset",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/reset",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "resume": {
+          "description": "Resumes an instance that was suspended using the instances().suspend method.",
+          "httpMethod": "POST",
+          "id": "compute.instances.resume",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance resource to resume.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/resume",
+          "request": {
+            "$ref": "InstancesResumeRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setDeletionProtection": {
+          "description": "Sets deletion protection on the instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setDeletionProtection",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "deletionProtection": {
+              "default": "true",
+              "description": "Whether the resource should be protected against deletion.",
+              "location": "query",
+              "type": "boolean"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{resource}/setDeletionProtection",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setDiskAutoDelete": {
+          "description": "Sets the auto-delete flag for a disk attached to an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setDiskAutoDelete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance",
+            "autoDelete",
+            "deviceName"
+          ],
+          "parameters": {
+            "autoDelete": {
+              "description": "Whether to auto-delete the disk when the instance is deleted.",
+              "location": "query",
+              "required": true,
+              "type": "boolean"
+            },
+            "deviceName": {
+              "description": "The device name of the disk to modify.",
+              "location": "query",
+              "pattern": "\\w[\\w.-]{0,254}",
+              "required": true,
+              "type": "string"
+            },
+            "instance": {
+              "description": "The instance name.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setDiskAutoDelete",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setIamPolicy": {
+          "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setIamPolicy",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{resource}/setIamPolicy",
+          "request": {
+            "$ref": "Policy"
+          },
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets labels on an instance. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setLabels",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setLabels",
+          "request": {
+            "$ref": "InstancesSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setMachineResources": {
+          "description": "Changes the number and/or type of accelerator for a stopped instance to the values specified in the request.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setMachineResources",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setMachineResources",
+          "request": {
+            "$ref": "InstancesSetMachineResourcesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setMachineType": {
+          "description": "Changes the machine type for a stopped instance to the machine type specified in the request.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setMachineType",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setMachineType",
+          "request": {
+            "$ref": "InstancesSetMachineTypeRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setMetadata": {
+          "description": "Sets metadata for the specified instance to the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setMetadata",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setMetadata",
+          "request": {
+            "$ref": "Metadata"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setMinCpuPlatform": {
+          "description": "Changes the minimum CPU platform that this instance should use. This method can only be called on a stopped instance. For more information, read Specifying a Minimum CPU Platform.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setMinCpuPlatform",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setMinCpuPlatform",
+          "request": {
+            "$ref": "InstancesSetMinCpuPlatformRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setScheduling": {
+          "description": "Sets an instance's scheduling options.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setScheduling",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Instance name.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setScheduling",
+          "request": {
+            "$ref": "Scheduling"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setServiceAccount": {
+          "description": "Sets the service account on the instance. For more information, read Changing the service account and access scopes for an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setServiceAccount",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance resource to start.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setServiceAccount",
+          "request": {
+            "$ref": "InstancesSetServiceAccountRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setTags": {
+          "description": "Sets tags for the specified instance to the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setTags",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setTags",
+          "request": {
+            "$ref": "Tags"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "simulateMaintenanceEvent": {
+          "description": "Simulates a maintenance event on the instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.simulateMaintenanceEvent",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/simulateMaintenanceEvent",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "start": {
+          "description": "Starts an instance that was stopped using the using the instances().stop method. For more information, see Restart an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.start",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance resource to start.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/start",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "startWithEncryptionKey": {
+          "description": "Starts an instance that was stopped using the using the instances().stop method. For more information, see Restart an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.startWithEncryptionKey",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance resource to start.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/startWithEncryptionKey",
+          "request": {
+            "$ref": "InstancesStartWithEncryptionKeyRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "stop": {
+          "description": "Stops a running instance, shutting it down cleanly, and allows you to restart the instance at a later time. Stopped instances do not incur VM usage charges while they are stopped. However, resources that the VM is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted. For more information, see Stopping an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.stop",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "discardLocalSsd": {
+              "description": "If true, discard the contents of any attached localSSD partitions. Default value is false (== preserve localSSD data).",
+              "location": "query",
+              "type": "boolean"
+            },
+            "instance": {
+              "description": "Name of the instance resource to stop.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/stop",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "suspend": {
+          "description": "This method suspends a running instance, saving its state to persistent storage, and allows you to resume the instance at a later time. Suspended instances incur reduced per-minute, virtual machine usage charges while they are suspended. Any resources the virtual machine is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted.",
+          "httpMethod": "POST",
+          "id": "compute.instances.suspend",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "discardLocalSsd": {
+              "description": "If true, discard the contents of any attached localSSD partitions. Default value is false (== preserve localSSD data).",
+              "location": "query",
+              "type": "boolean"
+            },
+            "instance": {
+              "description": "Name of the instance resource to suspend.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/suspend",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.instances.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "updateAccessConfig": {
+          "description": "Updates the specified access config from an instance's network interface with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "POST",
+          "id": "compute.instances.updateAccessConfig",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance",
+            "networkInterface"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "The instance name for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "networkInterface": {
+              "description": "The name of the network interface where the access config is attached.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/updateAccessConfig",
+          "request": {
+            "$ref": "AccessConfig"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "updateNetworkInterface": {
+          "description": "Updates an instance's network interface. This method follows PATCH semantics.",
+          "httpMethod": "PATCH",
+          "id": "compute.instances.updateNetworkInterface",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance",
+            "networkInterface"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "The instance name for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "networkInterface": {
+              "description": "The name of the network interface to update.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/updateNetworkInterface",
+          "request": {
+            "$ref": "NetworkInterface"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "updateShieldedVmConfig": {
+          "description": "Updates the Shielded VM config for an instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.instances.updateShieldedVmConfig",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/updateShieldedVmConfig",
+          "request": {
+            "$ref": "ShieldedVmConfig"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "MaintenancePoliciesScopedList": {
-   "id": "MaintenancePoliciesScopedList",
-   "type": "object",
-   "properties": {
-    "maintenancePolicies": {
-     "type": "array",
-     "description": "List of maintenancePolicies contained in this scope.",
-     "items": {
-      "$ref": "MaintenancePolicy"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of maintenancePolicies when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "interconnectAttachments": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of interconnect attachments.",
+          "httpMethod": "GET",
+          "id": "compute.interconnectAttachments.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/interconnectAttachments",
+          "response": {
+            "$ref": "InterconnectAttachmentAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified interconnect attachment.",
+          "httpMethod": "DELETE",
+          "id": "compute.interconnectAttachments.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "interconnectAttachment"
+          ],
+          "parameters": {
+            "interconnectAttachment": {
+              "description": "Name of the interconnect attachment to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments/{interconnectAttachment}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified interconnect attachment.",
+          "httpMethod": "GET",
+          "id": "compute.interconnectAttachments.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "interconnectAttachment"
+          ],
+          "parameters": {
+            "interconnectAttachment": {
+              "description": "Name of the interconnect attachment to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments/{interconnectAttachment}",
+          "response": {
+            "$ref": "InterconnectAttachment"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getIamPolicy": {
+          "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
+          "httpMethod": "GET",
+          "id": "compute.interconnectAttachments.getIamPolicy",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments/{resource}/getIamPolicy",
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an InterconnectAttachment in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.interconnectAttachments.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments",
+          "request": {
+            "$ref": "InterconnectAttachment"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of interconnect attachments contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.interconnectAttachments.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments",
+          "response": {
+            "$ref": "InterconnectAttachmentList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates the specified interconnect attachment with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.interconnectAttachments.patch",
+          "parameterOrder": [
+            "project",
+            "region",
+            "interconnectAttachment"
+          ],
+          "parameters": {
+            "interconnectAttachment": {
+              "description": "Name of the interconnect attachment to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments/{interconnectAttachment}",
+          "request": {
+            "$ref": "InterconnectAttachment"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setIamPolicy": {
+          "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
+          "httpMethod": "POST",
+          "id": "compute.interconnectAttachments.setIamPolicy",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments/{resource}/setIamPolicy",
+          "request": {
+            "$ref": "Policy"
+          },
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on an InterconnectAttachment. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.interconnectAttachments.setLabels",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments/{resource}/setLabels",
+          "request": {
+            "$ref": "RegionSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.interconnectAttachments.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "MaintenancePolicy": {
-   "id": "MaintenancePolicy",
-   "type": "object",
-   "description": "A maintenance policy for an instance. This specifies what kind of maintenance operations our infrastructure may perform on this instance and when.",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#maintenance_policies for maintenance policies.",
-     "default": "compute#maintenancePolicy"
-    },
-    "name": {
-     "type": "string",
-     "description": "The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.instances.insert"
-      ]
-     }
-    },
-    "region": {
-     "type": "string"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined fully-qualified URL for this resource."
-    },
-    "vmMaintenancePolicy": {
-     "$ref": "VmMaintenancePolicy",
-     "description": "Maintenance policy applicable to VMs for infrastructure maintenance."
-    }
-   }
-  },
-  "MaintenancePolicyAggregatedList": {
-   "id": "MaintenancePolicyAggregatedList",
-   "type": "object",
-   "description": "Contains a list of maintenancePolicies.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of MaintenancePolicy resources.",
-     "additionalProperties": {
-      "$ref": "MaintenancePoliciesScopedList",
-      "description": "Name of the scope containing this set of maintenancePolicies."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#maintenancePolicyAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "interconnectLocations": {
+      "methods": {
+        "get": {
+          "description": "Returns the details for the specified interconnect location. Get a list of available interconnect locations by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.interconnectLocations.get",
+          "parameterOrder": [
+            "project",
+            "interconnectLocation"
+          ],
+          "parameters": {
+            "interconnectLocation": {
+              "description": "Name of the interconnect location to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnectLocations/{interconnectLocation}",
+          "response": {
+            "$ref": "InterconnectLocation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of interconnect locations available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.interconnectLocations.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnectLocations",
+          "response": {
+            "$ref": "InterconnectLocationList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.interconnectLocations.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnectLocations/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "MaintenanceWindow": {
-   "id": "MaintenanceWindow",
-   "type": "object",
-   "description": "A maintenance window for VMs and disks. When set, we restrict our maintenance operations to this window.",
-   "properties": {
-    "dailyMaintenanceWindow": {
-     "$ref": "DailyMaintenanceWindow"
-    },
-    "hourlyMaintenanceWindow": {
-     "$ref": "HourlyMaintenanceWindow"
-    }
-   }
-  },
-  "ManagedInstance": {
-   "id": "ManagedInstance",
-   "type": "object",
-   "properties": {
-    "currentAction": {
-     "type": "string",
-     "description": "[Output Only] The current action that the managed instance group has scheduled for the instance. Possible values: \n- NONE The instance is running, and the managed instance group does not have any scheduled actions for this instance. \n- CREATING The managed instance group is creating this instance. If the group fails to create this instance, it will try again until it is successful. \n- CREATING_WITHOUT_RETRIES The managed instance group is attempting to create this instance only once. If the group fails to create this instance, it does not try again and the group's targetSize value is decreased instead. \n- RECREATING The managed instance group is recreating this instance. \n- DELETING The managed instance group is permanently deleting this instance. \n- ABANDONING The managed instance group is abandoning this instance. The instance will be removed from the instance group and from any target pools that are associated with this group. \n- RESTARTING The managed instance group is restarting the instance. \n- REFRESHING The managed instance group is applying configuration changes to the instance without stopping it. For example, the group can update the target pool list for an instance without stopping that instance.",
-     "enum": [
-      "ABANDONING",
-      "CREATING",
-      "CREATING_WITHOUT_RETRIES",
-      "DELETING",
-      "NONE",
-      "RECREATING",
-      "REFRESHING",
-      "RESTARTING",
-      "VERIFYING"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output only] The unique identifier for this resource. This field is empty when instance does not exist.",
-     "format": "uint64"
-    },
-    "instance": {
-     "type": "string",
-     "description": "[Output Only] The URL of the instance. The URL can exist even if the instance has not yet been created."
-    },
-    "instanceStatus": {
-     "type": "string",
-     "description": "[Output Only] The status of the instance. This field is empty when the instance does not exist.",
-     "enum": [
-      "PROVISIONING",
-      "RUNNING",
-      "STAGING",
-      "STOPPED",
-      "STOPPING",
-      "SUSPENDED",
-      "SUSPENDING",
-      "TERMINATED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "instanceTemplate": {
-     "type": "string",
-     "description": "[Output Only] The intended template of the instance. This field is empty when current_action is one of { DELETING, ABANDONING }."
-    },
-    "lastAttempt": {
-     "$ref": "ManagedInstanceLastAttempt",
-     "description": "[Output Only] Information about the last attempt to create or delete the instance."
-    },
-    "override": {
-     "$ref": "ManagedInstanceOverride",
-     "description": "[Output Only] Override defined for this instance."
-    },
-    "standbyMode": {
-     "type": "string",
-     "description": "[Output Only] Standby mode of the instance. This field is non-empty iff the instance is a standby.",
-     "enum": [
-      "DRAINED"
-     ],
-     "enumDescriptions": [
-      ""
-     ]
-    },
-    "tag": {
-     "type": "string",
-     "description": "[Output Only] Tag describing the version."
-    },
-    "version": {
-     "$ref": "ManagedInstanceVersion",
-     "description": "[Output Only] Intended version of this instance."
-    }
-   }
-  },
-  "ManagedInstanceLastAttempt": {
-   "id": "ManagedInstanceLastAttempt",
-   "type": "object",
-   "properties": {
-    "errors": {
-     "type": "object",
-     "description": "[Output Only] Encountered errors during the last attempt to create or delete the instance.",
-     "properties": {
-      "errors": {
-       "type": "array",
-       "description": "[Output Only] The array of errors encountered while processing this operation.",
-       "items": {
-        "type": "object",
-        "properties": {
-         "code": {
-          "type": "string",
-          "description": "[Output Only] The error type identifier for this error."
-         },
-         "location": {
-          "type": "string",
-          "description": "[Output Only] Indicates the field in the request that caused the error. This property is optional."
-         },
-         "message": {
-          "type": "string",
-          "description": "[Output Only] An optional, human-readable error message."
-         }
-        }
-       }
+    },
+    "interconnects": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified interconnect.",
+          "httpMethod": "DELETE",
+          "id": "compute.interconnects.delete",
+          "parameterOrder": [
+            "project",
+            "interconnect"
+          ],
+          "parameters": {
+            "interconnect": {
+              "description": "Name of the interconnect to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects/{interconnect}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified interconnect. Get a list of available interconnects by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.interconnects.get",
+          "parameterOrder": [
+            "project",
+            "interconnect"
+          ],
+          "parameters": {
+            "interconnect": {
+              "description": "Name of the interconnect to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects/{interconnect}",
+          "response": {
+            "$ref": "Interconnect"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getIamPolicy": {
+          "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
+          "httpMethod": "GET",
+          "id": "compute.interconnects.getIamPolicy",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects/{resource}/getIamPolicy",
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a Interconnect in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.interconnects.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects",
+          "request": {
+            "$ref": "Interconnect"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of interconnect available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.interconnects.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects",
+          "response": {
+            "$ref": "InterconnectList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates the specified interconnect with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.interconnects.patch",
+          "parameterOrder": [
+            "project",
+            "interconnect"
+          ],
+          "parameters": {
+            "interconnect": {
+              "description": "Name of the interconnect to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects/{interconnect}",
+          "request": {
+            "$ref": "Interconnect"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setIamPolicy": {
+          "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
+          "httpMethod": "POST",
+          "id": "compute.interconnects.setIamPolicy",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects/{resource}/setIamPolicy",
+          "request": {
+            "$ref": "Policy"
+          },
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on an Interconnect. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.interconnects.setLabels",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects/{resource}/setLabels",
+          "request": {
+            "$ref": "GlobalSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.interconnects.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "ManagedInstanceOverride": {
-   "id": "ManagedInstanceOverride",
-   "type": "object",
-   "description": "Overrides of stateful properties for a given instance",
-   "properties": {
-    "disks": {
-     "type": "array",
-     "description": "Disk overrides defined for this instance",
-     "items": {
-      "$ref": "ManagedInstanceOverrideDiskOverride"
-     }
-    },
-    "origin": {
-     "type": "string",
-     "description": "[Output Only] Indicates where does the override come from.",
-     "enum": [
-      "AUTO_GENERATED",
-      "USER_PROVIDED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "ManagedInstanceOverrideDiskOverride": {
-   "id": "ManagedInstanceOverrideDiskOverride",
-   "type": "object",
-   "properties": {
-    "deviceName": {
-     "type": "string",
-     "description": "The name of the device on the VM"
-    },
-    "mode": {
-     "type": "string",
-     "description": "The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode.",
-     "enum": [
-      "READ_ONLY",
-      "READ_WRITE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "source": {
-     "type": "string",
-     "description": "The disk that is/will be mounted"
-    }
-   }
-  },
-  "ManagedInstanceVersion": {
-   "id": "ManagedInstanceVersion",
-   "type": "object",
-   "properties": {
-    "instanceTemplate": {
-     "type": "string",
-     "description": "[Output Only] The intended template of the instance. This field is empty when current_action is one of { DELETING, ABANDONING }."
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the version."
-    }
-   }
-  },
-  "Metadata": {
-   "id": "Metadata",
-   "type": "object",
-   "description": "A metadata key/value entry.",
-   "properties": {
-    "fingerprint": {
-     "type": "string",
-     "description": "Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.",
-     "format": "byte"
-    },
-    "items": {
-     "type": "array",
-     "description": "Array of key/value pairs. The total size of all keys and values must be less than 512 KB.",
-     "items": {
-      "type": "object",
-      "properties": {
-       "key": {
-        "type": "string",
-        "description": "Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.",
-        "pattern": "[a-zA-Z0-9-_]{1,128}",
-        "annotations": {
-         "required": [
-          "compute.instances.insert",
-          "compute.projects.setCommonInstanceMetadata"
-         ]
-        }
-       },
-       "value": {
-        "type": "string",
-        "description": "Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).",
-        "annotations": {
-         "required": [
-          "compute.instances.insert",
-          "compute.projects.setCommonInstanceMetadata"
-         ]
-        }
-       }
+    },
+    "licenseCodes": {
+      "methods": {
+        "get": {
+          "description": "Return a specified license code. License codes are mirrored across all projects that have permissions to read the License Code.",
+          "httpMethod": "GET",
+          "id": "compute.licenseCodes.get",
+          "parameterOrder": [
+            "project",
+            "licenseCode"
+          ],
+          "parameters": {
+            "licenseCode": {
+              "description": "Number corresponding to the License code resource to return.",
+              "location": "path",
+              "pattern": "[0-9]{0,61}?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/licenseCodes/{licenseCode}",
+          "response": {
+            "$ref": "LicenseCode"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getIamPolicy": {
+          "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
+          "httpMethod": "GET",
+          "id": "compute.licenseCodes.getIamPolicy",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/licenseCodes/{resource}/getIamPolicy",
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setIamPolicy": {
+          "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
+          "httpMethod": "POST",
+          "id": "compute.licenseCodes.setIamPolicy",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/licenseCodes/{resource}/setIamPolicy",
+          "request": {
+            "$ref": "Policy"
+          },
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.licenseCodes.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/licenseCodes/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
     },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#metadata for metadata.",
-     "default": "compute#metadata"
-    }
-   }
-  },
-  "NamedPort": {
-   "id": "NamedPort",
-   "type": "object",
-   "description": "The named port. For example: .",
-   "properties": {
-    "name": {
-     "type": "string",
-     "description": "The name for this named port. The name must be 1-63 characters long, and comply with RFC1035."
-    },
-    "port": {
-     "type": "integer",
-     "description": "The port number, which can be a value between 1 and 65535.",
-     "format": "int32"
-    }
-   }
-  },
-  "Network": {
-   "id": "Network",
-   "type": "object",
-   "description": "Represents a Network resource. Read Networks and Firewalls for more information. (== resource_for v1.networks ==) (== resource_for beta.networks ==)",
-   "properties": {
-    "IPv4Range": {
-     "type": "string",
-     "description": "The range of internal addresses that are legal on this network. This range is a CIDR specification, for example: 192.168.0.0/16. Provided by the client when the network is created.",
-     "pattern": "[0-9]{1,3}(?:\\.[0-9]{1,3}){3}/[0-9]{1,2}"
-    },
-    "autoCreateSubnetworks": {
-     "type": "boolean",
-     "description": "When set to true, the network is created in \"auto subnet mode\". When set to false, the network is in \"custom subnet mode\".\n\nIn \"auto subnet mode\", a newly created network is assigned the default CIDR of 10.128.0.0/9 and it automatically creates one subnetwork per region."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "crossVmEncryption": {
-     "type": "string",
-     "description": "[Output Only] Type of VM-to-VM traffic encryption for this network.",
-     "enum": [
-      "ENCRYPTED",
-      "UNENCRYPTED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "gatewayIPv4": {
-     "type": "string",
-     "description": "A gateway address for default routing to other networks. This value is read only and is selected by the Google Compute Engine, typically as the first usable address in the IPv4Range.",
-     "pattern": "[0-9]{1,3}(?:\\.[0-9]{1,3}){3}"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#network for networks.",
-     "default": "compute#network"
-    },
-    "loadBalancerVmEncryption": {
-     "type": "string",
-     "description": "[Output Only] Type of LB-to-VM traffic encryption for this network.",
-     "enum": [
-      "ENCRYPTED",
-      "UNENCRYPTED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.networks.insert"
-      ]
-     }
-    },
-    "peerings": {
-     "type": "array",
-     "description": "[Output Only] List of network peerings for the resource.",
-     "items": {
-      "$ref": "NetworkPeering"
-     }
-    },
-    "routingConfig": {
-     "$ref": "NetworkRoutingConfig",
-     "description": "The network-level routing configuration for this network. Used by Cloud Router to determine what type of network-wide routing behavior to enforce."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
+    "licenses": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified license.",
+          "httpMethod": "DELETE",
+          "id": "compute.licenses.delete",
+          "parameterOrder": [
+            "project",
+            "license"
+          ],
+          "parameters": {
+            "license": {
+              "description": "Name of the license resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/licenses/{license}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified License resource.",
+          "httpMethod": "GET",
+          "id": "compute.licenses.get",
+          "parameterOrder": [
+            "project",
+            "license"
+          ],
+          "parameters": {
+            "license": {
+              "description": "Name of the License resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/licenses/{license}",
+          "response": {
+            "$ref": "License"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getIamPolicy": {
+          "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
+          "httpMethod": "GET",
+          "id": "compute.licenses.getIamPolicy",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/licenses/{resource}/getIamPolicy",
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Create a License resource in the specified project.",
+          "httpMethod": "POST",
+          "id": "compute.licenses.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/licenses",
+          "request": {
+            "$ref": "License"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/devstorage.full_control",
+            "https://www.googleapis.com/auth/devstorage.read_only",
+            "https://www.googleapis.com/auth/devstorage.read_write"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of licenses available in the specified project. This method does not get any licenses that belong to other projects, including licenses attached to publicly-available images, like Debian 8. If you want to get a list of publicly-available licenses, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.",
+          "httpMethod": "GET",
+          "id": "compute.licenses.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/licenses",
+          "response": {
+            "$ref": "LicensesListResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setIamPolicy": {
+          "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
+          "httpMethod": "POST",
+          "id": "compute.licenses.setIamPolicy",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/licenses/{resource}/setIamPolicy",
+          "request": {
+            "$ref": "Policy"
+          },
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.licenses.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/licenses/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
+      }
     },
-    "subnetworks": {
-     "type": "array",
-     "description": "[Output Only] Server-defined fully-qualified URLs for all subnetworks in this network.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "NetworkEndpoint": {
-   "id": "NetworkEndpoint",
-   "type": "object",
-   "description": "The network endpoint.",
-   "properties": {
-    "instance": {
-     "type": "string",
-     "description": "The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP and GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.\n\nThe name must be 1-63 characters long, and comply with RFC1035."
-    },
-    "ipAddress": {
-     "type": "string",
-     "description": "Optional IPv4 address of network endpoint. The IP address must belong to a VM in GCE (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used."
-    },
-    "port": {
-     "type": "integer",
-     "description": "Optional port number of network endpoint. If not specified and the NetworkEndpointGroup.network_endpoint_type is GCE_IP_PORT, the defaultPort for the network endpoint group will be used.",
-     "format": "int32"
-    }
-   }
-  },
-  "NetworkEndpointGroup": {
-   "id": "NetworkEndpointGroup",
-   "type": "object",
-   "description": "Represents a collection of network endpoints.",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#networkEndpointGroup for network endpoint group.",
-     "default": "compute#networkEndpointGroup"
-    },
-    "loadBalancer": {
-     "$ref": "NetworkEndpointGroupLbNetworkEndpointGroup",
-     "description": "This field is only valid when the network endpoint group type is LOAD_BALANCING."
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash."
-    },
-    "networkEndpointType": {
-     "type": "string",
-     "description": "Type of network endpoints in this network endpoint group. Only supported values for LOAD_BALANCING are GCE_VM_IP or GCE_VM_IP_PORT.",
-     "enum": [
-      "GCE_VM_IP_PORT"
-     ],
-     "enumDescriptions": [
-      ""
-     ]
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "size": {
-     "type": "integer",
-     "description": "[Output only] Number of network endpoints in the network endpoint group.",
-     "format": "int32"
-    },
-    "type": {
-     "type": "string",
-     "description": "Specify the type of this network endpoint group. Only LOAD_BALANCING is valid for now.",
-     "enum": [
-      "LOAD_BALANCING"
-     ],
-     "enumDescriptions": [
-      ""
-     ]
-    }
-   }
-  },
-  "NetworkEndpointGroupAggregatedList": {
-   "id": "NetworkEndpointGroupAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of NetworkEndpointGroupsScopedList resources.",
-     "additionalProperties": {
-      "$ref": "NetworkEndpointGroupsScopedList",
-      "description": "The name of the scope that contains this set of network endpoint groups."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#networkEndpointGroupAggregatedList for aggregated lists of network endpoint groups.",
-     "default": "compute#networkEndpointGroupAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "machineTypes": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of machine types.",
+          "httpMethod": "GET",
+          "id": "compute.machineTypes.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/machineTypes",
+          "response": {
+            "$ref": "MachineTypeAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified machine type. Get a list of available machine types by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.machineTypes.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "machineType"
+          ],
+          "parameters": {
+            "machineType": {
+              "description": "Name of the machine type to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/machineTypes/{machineType}",
+          "response": {
+            "$ref": "MachineType"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of machine types available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.machineTypes.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/machineTypes",
+          "response": {
+            "$ref": "MachineTypeList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "NetworkEndpointGroupLbNetworkEndpointGroup": {
-   "id": "NetworkEndpointGroupLbNetworkEndpointGroup",
-   "type": "object",
-   "description": "Load balancing specific fields for network endpoint group of type LOAD_BALANCING.",
-   "properties": {
-    "defaultPort": {
-     "type": "integer",
-     "description": "The default port used if the port number is not specified in the network endpoint. If the network endpoint type is GCE_VM_IP, this field must not be specified.",
-     "format": "int32"
-    },
-    "network": {
-     "type": "string",
-     "description": "The URL of the network to which all network endpoints in the NEG belong. Uses \"default\" project network if unspecified."
-    },
-    "subnetwork": {
-     "type": "string",
-     "description": "Optional URL of the subnetwork to which all network endpoints in the NEG belong."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] The URL of the zone where the network endpoint group is located."
-    }
-   }
-  },
-  "NetworkEndpointGroupList": {
-   "id": "NetworkEndpointGroupList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of NetworkEndpointGroup resources.",
-     "items": {
-      "$ref": "NetworkEndpointGroup"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#networkEndpointGroupList for network endpoint group lists.",
-     "default": "compute#networkEndpointGroupList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "NetworkEndpointGroupsAttachEndpointsRequest": {
-   "id": "NetworkEndpointGroupsAttachEndpointsRequest",
-   "type": "object",
-   "properties": {
-    "networkEndpoints": {
-     "type": "array",
-     "description": "The list of network endpoints to be attached.",
-     "items": {
-      "$ref": "NetworkEndpoint"
-     }
-    }
-   }
-  },
-  "NetworkEndpointGroupsDetachEndpointsRequest": {
-   "id": "NetworkEndpointGroupsDetachEndpointsRequest",
-   "type": "object",
-   "properties": {
-    "networkEndpoints": {
-     "type": "array",
-     "description": "The list of network endpoints to be detached.",
-     "items": {
-      "$ref": "NetworkEndpoint"
-     }
-    }
-   }
-  },
-  "NetworkEndpointGroupsListEndpointsRequest": {
-   "id": "NetworkEndpointGroupsListEndpointsRequest",
-   "type": "object",
-   "properties": {
-    "healthStatus": {
-     "type": "string",
-     "description": "Optional query parameter for showing the health status of each network endpoint. Valid options are SKIP or SHOW. If you don't specifiy this parameter, the health status of network endpoints will not be provided.",
-     "enum": [
-      "SHOW",
-      "SKIP"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "NetworkEndpointGroupsListNetworkEndpoints": {
-   "id": "NetworkEndpointGroupsListNetworkEndpoints",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of NetworkEndpointWithHealthStatus resources.",
-     "items": {
-      "$ref": "NetworkEndpointWithHealthStatus"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#networkEndpointGroupsListNetworkEndpoints for the list of network endpoints in the specified network endpoint group.",
-     "default": "compute#networkEndpointGroupsListNetworkEndpoints"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "maintenancePolicies": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of maintenance policies.",
+          "httpMethod": "GET",
+          "id": "compute.maintenancePolicies.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/maintenancePolicies",
+          "response": {
+            "$ref": "MaintenancePolicyAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified maintenance policy.",
+          "httpMethod": "DELETE",
+          "id": "compute.maintenancePolicies.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "maintenancePolicy"
+          ],
+          "parameters": {
+            "maintenancePolicy": {
+              "description": "Name of the maintenance policy to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/maintenancePolicies/{maintenancePolicy}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Retrieves all information of the specified maintenance policy.",
+          "httpMethod": "GET",
+          "id": "compute.maintenancePolicies.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "maintenancePolicy"
+          ],
+          "parameters": {
+            "maintenancePolicy": {
+              "description": "Name of the maintenance policy to retrieve.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/maintenancePolicies/{maintenancePolicy}",
+          "response": {
+            "$ref": "MaintenancePolicy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getIamPolicy": {
+          "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
+          "httpMethod": "GET",
+          "id": "compute.maintenancePolicies.getIamPolicy",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/maintenancePolicies/{resource}/getIamPolicy",
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a new maintenance policy.",
+          "httpMethod": "POST",
+          "id": "compute.maintenancePolicies.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/maintenancePolicies",
+          "request": {
+            "$ref": "MaintenancePolicy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "List all the maintenance policies that have been configured for the specified project in specified region.",
+          "httpMethod": "GET",
+          "id": "compute.maintenancePolicies.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/maintenancePolicies",
+          "response": {
+            "$ref": "MaintenancePoliciesList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setIamPolicy": {
+          "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
+          "httpMethod": "POST",
+          "id": "compute.maintenancePolicies.setIamPolicy",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/maintenancePolicies/{resource}/setIamPolicy",
+          "request": {
+            "$ref": "Policy"
+          },
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.maintenancePolicies.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/maintenancePolicies/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "NetworkEndpointGroupsScopedList": {
-   "id": "NetworkEndpointGroupsScopedList",
-   "type": "object",
-   "properties": {
+    },
     "networkEndpointGroups": {
-     "type": "array",
-     "description": "[Output Only] The list of network endpoint groups that are contained in this scope.",
-     "items": {
-      "$ref": "NetworkEndpointGroup"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] An informational warning that replaces the list of network endpoint groups when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "NetworkEndpointWithHealthStatus": {
-   "id": "NetworkEndpointWithHealthStatus",
-   "type": "object",
-   "properties": {
-    "healths": {
-     "type": "array",
-     "description": "[Output only] The health status of network endpoint;",
-     "items": {
-      "$ref": "HealthStatusForNetworkEndpoint"
-     }
-    },
-    "networkEndpoint": {
-     "$ref": "NetworkEndpoint",
-     "description": "[Output only] The network endpoint;"
-    }
-   }
-  },
-  "NetworkInterface": {
-   "id": "NetworkInterface",
-   "type": "object",
-   "description": "A network interface resource attached to an instance.",
-   "properties": {
-    "accessConfigs": {
-     "type": "array",
-     "description": "An array of configurations for this interface. Currently, only one access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this instance will have no external internet access.",
-     "items": {
-      "$ref": "AccessConfig"
-     }
-    },
-    "aliasIpRanges": {
-     "type": "array",
-     "description": "An array of alias IP ranges for this network interface. Can only be specified for network interfaces on subnet-mode networks.",
-     "items": {
-      "$ref": "AliasIpRange"
-     }
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "Fingerprint hash of contents stored in this network interface. This field will be ignored when inserting an Instance or adding a NetworkInterface. An up-to-date fingerprint must be provided in order to update the NetworkInterface.",
-     "format": "byte"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#networkInterface for network interfaces.",
-     "default": "compute#networkInterface"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] The name of the network interface, generated by the server. For network devices, these are eth0, eth1, etc."
-    },
-    "network": {
-     "type": "string",
-     "description": "URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.\n\nThis field is optional when creating a firewall rule. If not specified when creating a firewall rule, the default network global/networks/default is used.\n\nIf you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/project/global/networks/network \n- projects/project/global/networks/network \n- global/networks/default"
-    },
-    "networkIP": {
-     "type": "string",
-     "description": "An IPv4 internal network address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system."
-    },
-    "subnetwork": {
-     "type": "string",
-     "description": "The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not provide this property. If the network is in auto subnet mode, providing the subnetwork is optional. If the network is in custom subnet mode, then this field should be specified. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork \n- regions/region/subnetworks/subnetwork"
-    }
-   }
-  },
-  "NetworkList": {
-   "id": "NetworkList",
-   "type": "object",
-   "description": "Contains a list of networks.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Network resources.",
-     "items": {
-      "$ref": "Network"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#networkList for lists of networks.",
-     "default": "compute#networkList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "NetworkPeering": {
-   "id": "NetworkPeering",
-   "type": "object",
-   "description": "A network peering attached to a network resource. The message includes the peering name, peer network, peering state, and a flag indicating whether Google Compute Engine should automatically create routes for the peering.",
-   "properties": {
-    "autoCreateRoutes": {
-     "type": "boolean",
-     "description": "Whether full mesh connectivity is created and managed automatically. When it is set to true, Google Compute Engine will automatically create and manage the routes between two networks when the state is ACTIVE. Otherwise, user needs to create routes manually to route packets to peer network."
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of this peering. Provided by the client when the peering is created. The name must comply with RFC1035. Specifically, the name must be 1-63 characters long and match regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all the following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash."
-    },
-    "network": {
-     "type": "string",
-     "description": "The URL of the peer network. It can be either full URL or partial URL. The peer network may belong to a different project. If the partial URL does not contain project, it is assumed that the peer network is in the same project as the current network."
-    },
-    "state": {
-     "type": "string",
-     "description": "[Output Only] State for the peering.",
-     "enum": [
-      "ACTIVE",
-      "INACTIVE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "stateDetails": {
-     "type": "string",
-     "description": "[Output Only] Details about the current state of the peering."
-    }
-   }
-  },
-  "NetworkRoutingConfig": {
-   "id": "NetworkRoutingConfig",
-   "type": "object",
-   "description": "A routing configuration attached to a network resource. The message includes the list of routers associated with the network, and a flag indicating the type of routing behavior to enforce network-wide.",
-   "properties": {
-    "routingMode": {
-     "type": "string",
-     "description": "The network-wide routing mode to use. If set to REGIONAL, this network's cloud routers will only advertise routes with subnetworks of this network in the same region as the router. If set to GLOBAL, this network's cloud routers will advertise routes with all subnetworks of this network, across regions.",
-     "enum": [
-      "GLOBAL",
-      "REGIONAL"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "NetworksAddPeeringRequest": {
-   "id": "NetworksAddPeeringRequest",
-   "type": "object",
-   "properties": {
-    "autoCreateRoutes": {
-     "type": "boolean",
-     "description": "Whether Google Compute Engine manages the routes automatically."
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the peering, which should conform to RFC1035.",
-     "annotations": {
-      "required": [
-       "compute.networks.addPeering"
-      ]
-     }
-    },
-    "peerNetwork": {
-     "type": "string",
-     "description": "URL of the peer network. It can be either full URL or partial URL. The peer network may belong to a different project. If the partial URL does not contain project, it is assumed that the peer network is in the same project as the current network."
-    }
-   }
-  },
-  "NetworksRemovePeeringRequest": {
-   "id": "NetworksRemovePeeringRequest",
-   "type": "object",
-   "properties": {
-    "name": {
-     "type": "string",
-     "description": "Name of the peering, which should conform to RFC1035."
-    }
-   }
-  },
-  "Operation": {
-   "id": "Operation",
-   "type": "object",
-   "description": "An Operation resource, used to manage asynchronous API requests. (== resource_for v1.globalOperations ==) (== resource_for beta.globalOperations ==) (== resource_for v1.regionOperations ==) (== resource_for beta.regionOperations ==) (== resource_for v1.zoneOperations ==) (== resource_for beta.zoneOperations ==)",
-   "properties": {
-    "clientOperationId": {
-     "type": "string",
-     "description": "[Output Only] Reserved for future use."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Deprecated] This field is deprecated."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] A textual description of the operation, which is set when the operation is created."
-    },
-    "endTime": {
-     "type": "string",
-     "description": "[Output Only] The time that this operation was completed. This value is in RFC3339 text format."
-    },
-    "error": {
-     "type": "object",
-     "description": "[Output Only] If errors are generated during processing of the operation, this field will be populated.",
-     "properties": {
-      "errors": {
-       "type": "array",
-       "description": "[Output Only] The array of errors encountered while processing this operation.",
-       "items": {
-        "type": "object",
-        "properties": {
-         "code": {
-          "type": "string",
-          "description": "[Output Only] The error type identifier for this error."
-         },
-         "location": {
-          "type": "string",
-          "description": "[Output Only] Indicates the field in the request that caused the error. This property is optional."
-         },
-         "message": {
-          "type": "string",
-          "description": "[Output Only] An optional, human-readable error message."
-         }
-        }
-       }
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves the list of network endpoint groups and sorts them by zone.",
+          "httpMethod": "GET",
+          "id": "compute.networkEndpointGroups.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/networkEndpointGroups",
+          "response": {
+            "$ref": "NetworkEndpointGroupAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "attachNetworkEndpoints": {
+          "description": "Attach a list of network endpoints to the specified network endpoint group.",
+          "httpMethod": "POST",
+          "id": "compute.networkEndpointGroups.attachNetworkEndpoints",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "networkEndpointGroup"
+          ],
+          "parameters": {
+            "networkEndpointGroup": {
+              "description": "The name of the network endpoint group where you are attaching network endpoints to. It should comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the network endpoint group is located. It should comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/networkEndpointGroups/{networkEndpointGroup}/attachNetworkEndpoints",
+          "request": {
+            "$ref": "NetworkEndpointGroupsAttachEndpointsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified network endpoint group. The network endpoints in the NEG and the VM instances they belong to are not terminated when the NEG is deleted. Note that the NEG cannot be deleted if there are backend services referencing it.",
+          "httpMethod": "DELETE",
+          "id": "compute.networkEndpointGroups.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "networkEndpointGroup"
+          ],
+          "parameters": {
+            "networkEndpointGroup": {
+              "description": "The name of the network endpoint group to delete. It should comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the network endpoint group is located. It should comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/networkEndpointGroups/{networkEndpointGroup}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "detachNetworkEndpoints": {
+          "description": "Detach a list of network endpoints from the specified network endpoint group.",
+          "httpMethod": "POST",
+          "id": "compute.networkEndpointGroups.detachNetworkEndpoints",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "networkEndpointGroup"
+          ],
+          "parameters": {
+            "networkEndpointGroup": {
+              "description": "The name of the network endpoint group where you are removing network endpoints. It should comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the network endpoint group is located. It should comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/networkEndpointGroups/{networkEndpointGroup}/detachNetworkEndpoints",
+          "request": {
+            "$ref": "NetworkEndpointGroupsDetachEndpointsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified network endpoint group. Get a list of available network endpoint groups by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.networkEndpointGroups.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "networkEndpointGroup"
+          ],
+          "parameters": {
+            "networkEndpointGroup": {
+              "description": "The name of the network endpoint group. It should comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the network endpoint group is located. It should comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/networkEndpointGroups/{networkEndpointGroup}",
+          "response": {
+            "$ref": "NetworkEndpointGroup"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a network endpoint group in the specified project using the parameters that are included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.networkEndpointGroups.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where you want to create the network endpoint group. It should comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/networkEndpointGroups",
+          "request": {
+            "$ref": "NetworkEndpointGroup"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of network endpoint groups that are located in the specified project and zone.",
+          "httpMethod": "GET",
+          "id": "compute.networkEndpointGroups.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the network endpoint group is located. It should comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/networkEndpointGroups",
+          "response": {
+            "$ref": "NetworkEndpointGroupList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listNetworkEndpoints": {
+          "description": "List the network endpoints in the specified network endpoint group.",
+          "httpMethod": "POST",
+          "id": "compute.networkEndpointGroups.listNetworkEndpoints",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "networkEndpointGroup"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "networkEndpointGroup": {
+              "description": "The name of the network endpoint group from which you want to generate a list of included network endpoints. It should comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the network endpoint group is located. It should comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/networkEndpointGroups/{networkEndpointGroup}/listNetworkEndpoints",
+          "request": {
+            "$ref": "NetworkEndpointGroupsListEndpointsRequest"
+          },
+          "response": {
+            "$ref": "NetworkEndpointGroupsListNetworkEndpoints"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.networkEndpointGroups.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/networkEndpointGroups/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    },
-    "httpErrorMessage": {
-     "type": "string",
-     "description": "[Output Only] If the operation fails, this field contains the HTTP error message that was returned, such as NOT FOUND."
-    },
-    "httpErrorStatusCode": {
-     "type": "integer",
-     "description": "[Output Only] If the operation fails, this field contains the HTTP error status code that was returned. For example, a 404 means the resource was not found.",
-     "format": "int32"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "insertTime": {
-     "type": "string",
-     "description": "[Output Only] The time that this operation was requested. This value is in RFC3339 text format."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#operation for Operation resources.",
-     "default": "compute#operation"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource."
-    },
-    "operationType": {
-     "type": "string",
-     "description": "[Output Only] The type of operation, such as insert, update, or delete, and so on."
-    },
-    "progress": {
-     "type": "integer",
-     "description": "[Output Only] An optional progress indicator that ranges from 0 to 100. There is no requirement that this be linear or support any granularity of operations. This should not be used to guess when the operation will be complete. This number should monotonically increase as the operation progresses.",
-     "format": "int32"
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] The URL of the region where the operation resides. Only available when performing regional operations."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "startTime": {
-     "type": "string",
-     "description": "[Output Only] The time that this operation was started by the server. This value is in RFC3339 text format."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the operation, which can be one of the following: PENDING, RUNNING, or DONE.",
-     "enum": [
-      "DONE",
-      "PENDING",
-      "RUNNING"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "statusMessage": {
-     "type": "string",
-     "description": "[Output Only] An optional textual description of the current status of the operation."
-    },
-    "targetId": {
-     "type": "string",
-     "description": "[Output Only] The unique target ID, which identifies a specific incarnation of the target resource.",
-     "format": "uint64"
-    },
-    "targetLink": {
-     "type": "string",
-     "description": "[Output Only] The URL of the resource that the operation modifies. For operations related to creating a snapshot, this points to the persistent disk that the snapshot was created from."
-    },
-    "user": {
-     "type": "string",
-     "description": "[Output Only] User who requested the operation, for example: user@example.com."
-    },
-    "warnings": {
-     "type": "array",
-     "description": "[Output Only] If warning messages are generated during processing of the operation, this field will be populated.",
-     "items": {
-      "type": "object",
-      "properties": {
-       "code": {
-        "type": "string",
-        "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-        "enum": [
-         "CLEANUP_FAILED",
-         "DEPRECATED_RESOURCE_USED",
-         "DEPRECATED_TYPE_USED",
-         "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-         "EXPERIMENTAL_TYPE_USED",
-         "EXTERNAL_API_WARNING",
-         "FIELD_VALUE_OVERRIDEN",
-         "INJECTED_KERNELS_DEPRECATED",
-         "MISSING_TYPE_DEPENDENCY",
-         "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-         "NEXT_HOP_CANNOT_IP_FORWARD",
-         "NEXT_HOP_INSTANCE_NOT_FOUND",
-         "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-         "NEXT_HOP_NOT_RUNNING",
-         "NOT_CRITICAL_ERROR",
-         "NO_RESULTS_ON_PAGE",
-         "REQUIRED_TOS_AGREEMENT",
-         "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-         "RESOURCE_NOT_DELETED",
-         "SCHEMA_VALIDATION_IGNORED",
-         "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-         "UNDECLARED_PROPERTIES",
-         "UNREACHABLE"
-        ],
-        "enumDescriptions": [
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         ""
-        ]
-       },
-       "data": {
-        "type": "array",
-        "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-        "items": {
-         "type": "object",
-         "properties": {
-          "key": {
-           "type": "string",
-           "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-          },
-          "value": {
-           "type": "string",
-           "description": "[Output Only] A warning data value corresponding to the key."
-          }
-         }
-        }
-       },
-       "message": {
-        "type": "string",
-        "description": "[Output Only] A human-readable description of the warning code."
-       }
+    },
+    "networks": {
+      "methods": {
+        "addPeering": {
+          "description": "Adds a peering to the specified network.",
+          "httpMethod": "POST",
+          "id": "compute.networks.addPeering",
+          "parameterOrder": [
+            "project",
+            "network"
+          ],
+          "parameters": {
+            "network": {
+              "description": "Name of the network resource to add peering to.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{network}/addPeering",
+          "request": {
+            "$ref": "NetworksAddPeeringRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified network.",
+          "httpMethod": "DELETE",
+          "id": "compute.networks.delete",
+          "parameterOrder": [
+            "project",
+            "network"
+          ],
+          "parameters": {
+            "network": {
+              "description": "Name of the network to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{network}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified network. Get a list of available networks by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.networks.get",
+          "parameterOrder": [
+            "project",
+            "network"
+          ],
+          "parameters": {
+            "network": {
+              "description": "Name of the network to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{network}",
+          "response": {
+            "$ref": "Network"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a network in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.networks.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks",
+          "request": {
+            "$ref": "Network"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of networks available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.networks.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks",
+          "response": {
+            "$ref": "NetworkList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listIpOwners": {
+          "description": "List the internal IP owners in the specified network.",
+          "httpMethod": "GET",
+          "id": "compute.networks.listIpOwners",
+          "parameterOrder": [
+            "project",
+            "network"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "ipCidrRange": {
+              "description": "(Optional) IP CIDR range filter, example: \"10.128.10.0/30\".",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "network": {
+              "description": "Name of the network to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "ownerProjects": {
+              "description": "(Optional) Project IDs filter, example: \"project-1,project-2\".",
+              "location": "query",
+              "type": "string"
+            },
+            "ownerTypes": {
+              "description": "(Optional) Owner types filter, example: \"instance,forwardingRule\".",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "subnetName": {
+              "description": "(Optional) Subnetwork name filter.",
+              "location": "query",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "type": "string"
+            },
+            "subnetRegion": {
+              "description": "(Optional) Subnetwork region filter.",
+              "location": "query",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{network}/listIpOwners",
+          "response": {
+            "$ref": "IpOwnerList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Patches the specified network with the data included in the request. Only the following fields can be modified: routingConfig.routingMode.",
+          "httpMethod": "PATCH",
+          "id": "compute.networks.patch",
+          "parameterOrder": [
+            "project",
+            "network"
+          ],
+          "parameters": {
+            "network": {
+              "description": "Name of the network to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{network}",
+          "request": {
+            "$ref": "Network"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "removePeering": {
+          "description": "Removes a peering from the specified network.",
+          "httpMethod": "POST",
+          "id": "compute.networks.removePeering",
+          "parameterOrder": [
+            "project",
+            "network"
+          ],
+          "parameters": {
+            "network": {
+              "description": "Name of the network resource to remove peering from.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{network}/removePeering",
+          "request": {
+            "$ref": "NetworksRemovePeeringRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "switchToCustomMode": {
+          "description": "Switches the network mode from auto subnet mode to custom subnet mode.",
+          "httpMethod": "POST",
+          "id": "compute.networks.switchToCustomMode",
+          "parameterOrder": [
+            "project",
+            "network"
+          ],
+          "parameters": {
+            "network": {
+              "description": "Name of the network to be updated.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{network}/switchToCustomMode",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.networks.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
     },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] The URL of the zone where the operation resides. Only available when performing per-zone operations."
-    }
-   }
-  },
-  "OperationAggregatedList": {
-   "id": "OperationAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "[Output Only] A map of scoped operation lists.",
-     "additionalProperties": {
-      "$ref": "OperationsScopedList",
-      "description": "[Output Only] Name of the scope containing this set of operations."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#operationAggregatedList for aggregated lists of operations.",
-     "default": "compute#operationAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "nodeGroups": {
+      "methods": {
+        "getIamPolicy": {
+          "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
+          "httpMethod": "GET",
+          "id": "compute.nodeGroups.getIamPolicy",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/nodeGroups/{resource}/getIamPolicy",
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setIamPolicy": {
+          "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
+          "httpMethod": "POST",
+          "id": "compute.nodeGroups.setIamPolicy",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/nodeGroups/{resource}/setIamPolicy",
+          "request": {
+            "$ref": "Policy"
+          },
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.nodeGroups.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/nodeGroups/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "OperationList": {
-   "id": "OperationList",
-   "type": "object",
-   "description": "Contains a list of Operation resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "[Output Only] A list of Operation resources.",
-     "items": {
-      "$ref": "Operation"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#operations for Operations resource.",
-     "default": "compute#operationList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "nodeTemplates": {
+      "methods": {
+        "getIamPolicy": {
+          "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
+          "httpMethod": "GET",
+          "id": "compute.nodeTemplates.getIamPolicy",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/nodeTemplates/{resource}/getIamPolicy",
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setIamPolicy": {
+          "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
+          "httpMethod": "POST",
+          "id": "compute.nodeTemplates.setIamPolicy",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/nodeTemplates/{resource}/setIamPolicy",
+          "request": {
+            "$ref": "Policy"
+          },
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.nodeTemplates.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/nodeTemplates/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "OperationsScopedList": {
-   "id": "OperationsScopedList",
-   "type": "object",
-   "properties": {
-    "operations": {
-     "type": "array",
-     "description": "[Output Only] List of operations contained in this scope.",
-     "items": {
-      "$ref": "Operation"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of operations when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "projects": {
+      "methods": {
+        "disableXpnHost": {
+          "description": "Disable this project as a shared VPC host project.",
+          "httpMethod": "POST",
+          "id": "compute.projects.disableXpnHost",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/disableXpnHost",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "disableXpnResource": {
+          "description": "Disable a serivce resource (a.k.a service project) associated with this host project.",
+          "httpMethod": "POST",
+          "id": "compute.projects.disableXpnResource",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/disableXpnResource",
+          "request": {
+            "$ref": "ProjectsDisableXpnResourceRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "enableXpnHost": {
+          "description": "Enable this project as a shared VPC host project.",
+          "httpMethod": "POST",
+          "id": "compute.projects.enableXpnHost",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/enableXpnHost",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "enableXpnResource": {
+          "description": "Enable service resource (a.k.a service project) for a host project, so that subnets in the host project can be used by instances in the service project.",
+          "httpMethod": "POST",
+          "id": "compute.projects.enableXpnResource",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/enableXpnResource",
+          "request": {
+            "$ref": "ProjectsEnableXpnResourceRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified Project resource.",
+          "httpMethod": "GET",
+          "id": "compute.projects.get",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}",
+          "response": {
+            "$ref": "Project"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getXpnHost": {
+          "description": "Get the shared VPC host project that this project links to. May be empty if no link exists.",
+          "httpMethod": "GET",
+          "id": "compute.projects.getXpnHost",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/getXpnHost",
+          "response": {
+            "$ref": "Project"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "getXpnResources": {
+          "description": "Get service resources (a.k.a service project) associated with this host project.",
+          "httpMethod": "GET",
+          "id": "compute.projects.getXpnResources",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "order_by": {
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/getXpnResources",
+          "response": {
+            "$ref": "ProjectsGetXpnResources"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "listXpnHosts": {
+          "description": "List all shared VPC host projects visible to the user in an organization.",
+          "httpMethod": "POST",
+          "id": "compute.projects.listXpnHosts",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "order_by": {
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/listXpnHosts",
+          "request": {
+            "$ref": "ProjectsListXpnHostsRequest"
+          },
+          "response": {
+            "$ref": "XpnHostList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "moveDisk": {
+          "description": "Moves a persistent disk from one zone to another.",
+          "httpMethod": "POST",
+          "id": "compute.projects.moveDisk",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/moveDisk",
+          "request": {
+            "$ref": "DiskMoveRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "moveInstance": {
+          "description": "Moves an instance and its attached persistent disks from one zone to another.",
+          "httpMethod": "POST",
+          "id": "compute.projects.moveInstance",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/moveInstance",
+          "request": {
+            "$ref": "InstanceMoveRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setCommonInstanceMetadata": {
+          "description": "Sets metadata common to all instances within the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.projects.setCommonInstanceMetadata",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/setCommonInstanceMetadata",
+          "request": {
+            "$ref": "Metadata"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setDefaultNetworkTier": {
+          "description": "Sets the default network tier of the project. The default network tier is used when an address/forwardingRule/instance is created without specifying the network tier field.",
+          "httpMethod": "POST",
+          "id": "compute.projects.setDefaultNetworkTier",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/setDefaultNetworkTier",
+          "request": {
+            "$ref": "ProjectsSetDefaultNetworkTierRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setDefaultServiceAccount": {
+          "description": "Sets the default service account of the project. The default service account is used when a VM instance is created with the service account email address set to \"default\".",
+          "httpMethod": "POST",
+          "id": "compute.projects.setDefaultServiceAccount",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/setDefaultServiceAccount",
+          "request": {
+            "$ref": "ProjectsSetDefaultServiceAccountRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setUsageExportBucket": {
+          "description": "Enables the usage export feature and sets the usage export bucket where reports are stored. If you provide an empty request body using this method, the usage export feature will be disabled.",
+          "httpMethod": "POST",
+          "id": "compute.projects.setUsageExportBucket",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/setUsageExportBucket",
+          "request": {
+            "$ref": "UsageExportLocation"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/devstorage.full_control",
+            "https://www.googleapis.com/auth/devstorage.read_only",
+            "https://www.googleapis.com/auth/devstorage.read_write"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "PathMatcher": {
-   "id": "PathMatcher",
-   "type": "object",
-   "description": "A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.",
-   "properties": {
-    "defaultService": {
-     "type": "string",
-     "description": "The full or partial URL to the BackendService resource. This will be used if none of the pathRules defined by this PathMatcher is matched by the URL's path portion. For example, the following are all valid URLs to a BackendService resource:  \n- https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService \n- compute/v1/projects/project/global/backendServices/backendService \n- global/backendServices/backendService"
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "name": {
-     "type": "string",
-     "description": "The name to which this PathMatcher is referred by the HostRule."
-    },
-    "pathRules": {
-     "type": "array",
-     "description": "The list of path rules.",
-     "items": {
-      "$ref": "PathRule"
-     }
-    }
-   }
-  },
-  "PathRule": {
-   "id": "PathRule",
-   "type": "object",
-   "description": "A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.",
-   "properties": {
-    "paths": {
-     "type": "array",
-     "description": "The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.",
-     "items": {
-      "type": "string"
-     }
     },
-    "service": {
-     "type": "string",
-     "description": "The URL of the BackendService resource if this rule is matched."
-    }
-   }
-  },
-  "PerInstanceConfig": {
-   "id": "PerInstanceConfig",
-   "type": "object",
-   "properties": {
-    "instance": {
-     "type": "string",
-     "description": "The URL of the instance. Serves as a merge key during UpdatePerInstanceConfigs operation."
-    },
-    "override": {
-     "$ref": "ManagedInstanceOverride"
-    }
-   }
-  },
-  "Policy": {
-   "id": "Policy",
-   "type": "object",
-   "description": "Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources.\n\n\n\nA `Policy` consists of a list of `bindings`. A `Binding` binds a list of `members` to a `role`, where the members can be user accounts, Google groups, Google domains, and service accounts. A `role` is a named list of permissions defined by IAM.\n\n**Example**\n\n{ \"bindings\": [ { \"role\": \"roles/owner\", \"members\": [ \"user:mike@example.com\", \"group:admins@example.com\", \"domain:google.com\", \"serviceAccount:my-other-app@appspot.gserviceaccount.com\", ] }, { \"role\": \"roles/viewer\", \"members\": [\"user:sean@example.com\"] } ] }\n\nFor a description of IAM and its features, see the [IAM developer's guide](https://cloud.google.com/iam).",
-   "properties": {
-    "auditConfigs": {
-     "type": "array",
-     "description": "Specifies cloud audit logging configuration for this policy.",
-     "items": {
-      "$ref": "AuditConfig"
-     }
-    },
-    "bindings": {
-     "type": "array",
-     "description": "Associates a list of `members` to a `role`. `bindings` with no members will result in an error.",
-     "items": {
-      "$ref": "Binding"
-     }
-    },
-    "etag": {
-     "type": "string",
-     "description": "`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.\n\nIf no `etag` is provided in the call to `setIamPolicy`, then the existing policy is overwritten blindly.",
-     "format": "byte"
-    },
-    "iamOwned": {
-     "type": "boolean",
-     "description": ""
-    },
-    "rules": {
-     "type": "array",
-     "description": "If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.",
-     "items": {
-      "$ref": "Rule"
-     }
-    },
-    "version": {
-     "type": "integer",
-     "description": "Version of the `Policy`. The default version is 0.",
-     "format": "int32"
-    }
-   }
-  },
-  "Project": {
-   "id": "Project",
-   "type": "object",
-   "description": "A Project resource. Projects can only be created in the Google Cloud Platform Console. Unless marked otherwise, values can only be modified in the console. (== resource_for v1.projects ==) (== resource_for beta.projects ==)",
-   "properties": {
-    "commonInstanceMetadata": {
-     "$ref": "Metadata",
-     "description": "Metadata key/value pairs available to all instances contained in this project. See Custom metadata for more information."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "defaultNetworkTier": {
-     "type": "string",
-     "description": "This signifies the default network tier used for configuring resources of the project and can only take the following values: PREMIUM, STANDARD. Initially the default network tier is PREMIUM.",
-     "enum": [
-      "PREMIUM",
-      "SELECT",
-      "STANDARD"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "defaultServiceAccount": {
-     "type": "string",
-     "description": "[Output Only] Default service account used by VMs running in this project."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional textual description of the resource."
-    },
-    "enabledFeatures": {
-     "type": "array",
-     "description": "Restricted features enabled for use on this project.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server. This is not the project ID, and is just a unique ID used by Compute Engine to identify resources.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#project for projects.",
-     "default": "compute#project"
-    },
-    "name": {
-     "type": "string",
-     "description": "The project ID. For example: my-example-project. Use the project ID to make requests to Compute Engine."
-    },
-    "quotas": {
-     "type": "array",
-     "description": "[Output Only] Quotas assigned to this project.",
-     "items": {
-      "$ref": "Quota"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "usageExportLocation": {
-     "$ref": "UsageExportLocation",
-     "description": "The naming prefix for daily usage reports and the Google Cloud Storage bucket where they are stored."
-    },
-    "xpnProjectStatus": {
-     "type": "string",
-     "description": "[Output Only] The role this project has in a shared VPC configuration. Currently only HOST projects are differentiated.",
-     "enum": [
-      "HOST",
-      "UNSPECIFIED_XPN_PROJECT_STATUS"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "ProjectsDisableXpnResourceRequest": {
-   "id": "ProjectsDisableXpnResourceRequest",
-   "type": "object",
-   "properties": {
-    "xpnResource": {
-     "$ref": "XpnResourceId",
-     "description": "Service resource (a.k.a service project) ID."
-    }
-   }
-  },
-  "ProjectsEnableXpnResourceRequest": {
-   "id": "ProjectsEnableXpnResourceRequest",
-   "type": "object",
-   "properties": {
-    "xpnResource": {
-     "$ref": "XpnResourceId",
-     "description": "Service resource (a.k.a service project) ID."
-    }
-   }
-  },
-  "ProjectsGetXpnResources": {
-   "id": "ProjectsGetXpnResources",
-   "type": "object",
-   "properties": {
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#projectsGetXpnResources for lists of service resources (a.k.a service projects)",
-     "default": "compute#projectsGetXpnResources"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "resources": {
-     "type": "array",
-     "description": "Service resources (a.k.a service projects) attached to this project as their shared VPC host.",
-     "items": {
-      "$ref": "XpnResourceId"
-     }
-    }
-   }
-  },
-  "ProjectsListXpnHostsRequest": {
-   "id": "ProjectsListXpnHostsRequest",
-   "type": "object",
-   "properties": {
-    "organization": {
-     "type": "string",
-     "description": "Optional organization ID managed by Cloud Resource Manager, for which to list shared VPC host projects. If not specified, the organization will be inferred from the project."
-    }
-   }
-  },
-  "ProjectsSetDefaultNetworkTierRequest": {
-   "id": "ProjectsSetDefaultNetworkTierRequest",
-   "type": "object",
-   "properties": {
-    "networkTier": {
-     "type": "string",
-     "description": "Default network tier to be set.",
-     "enum": [
-      "PREMIUM",
-      "SELECT",
-      "STANDARD"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "ProjectsSetDefaultServiceAccountRequest": {
-   "id": "ProjectsSetDefaultServiceAccountRequest",
-   "type": "object",
-   "properties": {
-    "email": {
-     "type": "string",
-     "description": "Email address of the service account."
-    }
-   }
-  },
-  "Quota": {
-   "id": "Quota",
-   "type": "object",
-   "description": "A quotas entry.",
-   "properties": {
-    "limit": {
-     "type": "number",
-     "description": "[Output Only] Quota limit for this metric.",
-     "format": "double"
-    },
-    "metric": {
-     "type": "string",
-     "description": "[Output Only] Name of the quota metric.",
-     "enum": [
-      "AMD_S9300_GPUS",
-      "AUTOSCALERS",
-      "BACKEND_BUCKETS",
-      "BACKEND_SERVICES",
-      "COMMITMENTS",
-      "CPUS",
-      "CPUS_ALL_REGIONS",
-      "DISKS_TOTAL_GB",
-      "FIREWALLS",
-      "FORWARDING_RULES",
-      "HEALTH_CHECKS",
-      "IMAGES",
-      "INSTANCES",
-      "INSTANCE_GROUPS",
-      "INSTANCE_GROUP_MANAGERS",
-      "INSTANCE_TEMPLATES",
-      "INTERCONNECTS",
-      "INTERNAL_ADDRESSES",
-      "IN_USE_ADDRESSES",
-      "LOCAL_SSD_TOTAL_GB",
-      "MAINTENANCE_POLICIES",
-      "NETWORKS",
-      "NVIDIA_K80_GPUS",
-      "NVIDIA_P100_GPUS",
-      "PREEMPTIBLE_CPUS",
-      "PREEMPTIBLE_LOCAL_SSD_GB",
-      "PREEMPTIBLE_NVIDIA_K80_GPUS",
-      "PREEMPTIBLE_NVIDIA_P100_GPUS",
-      "REGIONAL_AUTOSCALERS",
-      "REGIONAL_INSTANCE_GROUP_MANAGERS",
-      "ROUTERS",
-      "ROUTES",
-      "SECURITY_POLICIES",
-      "SECURITY_POLICY_RULES",
-      "SNAPSHOTS",
-      "SSD_TOTAL_GB",
-      "SSL_CERTIFICATES",
-      "STATIC_ADDRESSES",
-      "SUBNETWORKS",
-      "TARGET_HTTPS_PROXIES",
-      "TARGET_HTTP_PROXIES",
-      "TARGET_INSTANCES",
-      "TARGET_POOLS",
-      "TARGET_SSL_PROXIES",
-      "TARGET_TCP_PROXIES",
-      "TARGET_VPN_GATEWAYS",
-      "URL_MAPS",
-      "VPN_TUNNELS"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "usage": {
-     "type": "number",
-     "description": "[Output Only] Current usage of this metric.",
-     "format": "double"
-    }
-   }
-  },
-  "Reference": {
-   "id": "Reference",
-   "type": "object",
-   "description": "Represents a reference to a resource.",
-   "properties": {
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#reference for references.",
-     "default": "compute#reference"
-    },
-    "referenceType": {
-     "type": "string",
-     "description": "A description of the reference type with no implied semantics. Possible values include:  \n- MEMBER_OF"
-    },
-    "referrer": {
-     "type": "string",
-     "description": "URL of the resource which refers to the target."
-    },
-    "target": {
-     "type": "string",
-     "description": "URL of the resource to which this reference points."
-    }
-   }
-  },
-  "Region": {
-   "id": "Region",
-   "type": "object",
-   "description": "Region resource. (== resource_for beta.regions ==) (== resource_for v1.regions ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "deprecated": {
-     "$ref": "DeprecationStatus",
-     "description": "[Output Only] The deprecation status associated with this region."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] Textual description of the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#region for regions.",
-     "default": "compute#region"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource."
-    },
-    "quotas": {
-     "type": "array",
-     "description": "[Output Only] Quotas assigned to this region.",
-     "items": {
-      "$ref": "Quota"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] Status of the region, either UP or DOWN.",
-     "enum": [
-      "DOWN",
-      "UP"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
+    "regionAutoscalers": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified autoscaler.",
+          "httpMethod": "DELETE",
+          "id": "compute.regionAutoscalers.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "autoscaler"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers/{autoscaler}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified autoscaler.",
+          "httpMethod": "GET",
+          "id": "compute.regionAutoscalers.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "autoscaler"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers/{autoscaler}",
+          "response": {
+            "$ref": "Autoscaler"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an autoscaler in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.regionAutoscalers.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers",
+          "request": {
+            "$ref": "Autoscaler"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of autoscalers contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.regionAutoscalers.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers",
+          "response": {
+            "$ref": "RegionAutoscalerList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.regionAutoscalers.patch",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to patch.",
+              "location": "query",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers",
+          "request": {
+            "$ref": "Autoscaler"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.regionAutoscalers.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates an autoscaler in the specified project using the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.regionAutoscalers.update",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to update.",
+              "location": "query",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers",
+          "request": {
+            "$ref": "Autoscaler"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
+      }
     },
-    "zones": {
-     "type": "array",
-     "description": "[Output Only] A list of zones available in this region, in the form of resource URLs.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "RegionAutoscalerList": {
-   "id": "RegionAutoscalerList",
-   "type": "object",
-   "description": "Contains a list of autoscalers.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Autoscaler resources.",
-     "items": {
-      "$ref": "Autoscaler"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#regionAutoscalerList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "regionBackendServices": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified regional BackendService resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.regionBackendServices.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices/{backendService}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified regional BackendService resource.",
+          "httpMethod": "GET",
+          "id": "compute.regionBackendServices.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices/{backendService}",
+          "response": {
+            "$ref": "BackendService"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getHealth": {
+          "description": "Gets the most recent health check results for this regional BackendService.",
+          "httpMethod": "POST",
+          "id": "compute.regionBackendServices.getHealth",
+          "parameterOrder": [
+            "project",
+            "region",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource for which to get health.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices/{backendService}/getHealth",
+          "request": {
+            "$ref": "ResourceGroupReference"
+          },
+          "response": {
+            "$ref": "BackendServiceGroupHealth"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a regional BackendService resource in the specified project using the data included in the request. There are several restrictions and guidelines to keep in mind when creating a regional backend service. Read  Restrictions and Guidelines for more information.",
+          "httpMethod": "POST",
+          "id": "compute.regionBackendServices.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices",
+          "request": {
+            "$ref": "BackendService"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of regional BackendService resources available to the specified project in the given region.",
+          "httpMethod": "GET",
+          "id": "compute.regionBackendServices.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices",
+          "response": {
+            "$ref": "BackendServiceList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates the specified regional BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.regionBackendServices.patch",
+          "parameterOrder": [
+            "project",
+            "region",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices/{backendService}",
+          "request": {
+            "$ref": "BackendService"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.regionBackendServices.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates the specified regional BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information.",
+          "httpMethod": "PUT",
+          "id": "compute.regionBackendServices.update",
+          "parameterOrder": [
+            "project",
+            "region",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices/{backendService}",
+          "request": {
+            "$ref": "BackendService"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "RegionDiskTypeList": {
-   "id": "RegionDiskTypeList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of DiskType resources.",
-     "items": {
-      "$ref": "DiskType"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#regionDiskTypeList for region disk types.",
-     "default": "compute#regionDiskTypeList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "RegionDisksResizeRequest": {
-   "id": "RegionDisksResizeRequest",
-   "type": "object",
-   "properties": {
-    "sizeGb": {
-     "type": "string",
-     "description": "The new size of the regional persistent disk, which is specified in GB.",
-     "format": "int64"
-    }
-   }
-  },
-  "RegionInstanceGroupList": {
-   "id": "RegionInstanceGroupList",
-   "type": "object",
-   "description": "Contains a list of InstanceGroup resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceGroup resources.",
-     "items": {
-      "$ref": "InstanceGroup"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "The resource type.",
-     "default": "compute#regionInstanceGroupList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagerDeleteInstanceConfigReq": {
-   "id": "RegionInstanceGroupManagerDeleteInstanceConfigReq",
-   "type": "object",
-   "description": "RegionInstanceGroupManagers.deletePerInstanceConfigs",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The list of instances for which we want to delete per-instance configs on this managed instance group.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagerList": {
-   "id": "RegionInstanceGroupManagerList",
-   "type": "object",
-   "description": "Contains a list of managed instance groups.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceGroupManager resources.",
-     "items": {
-      "$ref": "InstanceGroupManager"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupManagerList for a list of managed instance groups that exist in th regional scope.",
-     "default": "compute#regionInstanceGroupManagerList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagerUpdateInstanceConfigReq": {
-   "id": "RegionInstanceGroupManagerUpdateInstanceConfigReq",
-   "type": "object",
-   "description": "RegionInstanceGroupManagers.updatePerInstanceConfigs",
-   "properties": {
-    "perInstanceConfigs": {
-     "type": "array",
-     "description": "The list of per-instance configs to insert or patch on this managed instance group.",
-     "items": {
-      "$ref": "PerInstanceConfig"
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagersAbandonInstancesRequest": {
-   "id": "RegionInstanceGroupManagersAbandonInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The URLs of one or more instances to abandon. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagersApplyUpdatesRequest": {
-   "id": "RegionInstanceGroupManagersApplyUpdatesRequest",
-   "type": "object",
-   "description": "InstanceGroupManagers.applyUpdatesToInstances",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The list of instances for which we want to apply changes on this managed instance group.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "maximalAction": {
-     "type": "string",
-     "description": "The maximal action that should be perfomed on the instances. By default REPLACE.",
-     "enum": [
-      "NONE",
-      "REFRESH",
-      "REPLACE",
-      "RESTART"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "minimalAction": {
-     "type": "string",
-     "description": "The minimal action that should be perfomed on the instances. By default NONE.",
-     "enum": [
-      "NONE",
-      "REFRESH",
-      "REPLACE",
-      "RESTART"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "RegionInstanceGroupManagersDeleteInstancesRequest": {
-   "id": "RegionInstanceGroupManagersDeleteInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The URLs of one or more instances to delete. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagersListInstanceConfigsResp": {
-   "id": "RegionInstanceGroupManagersListInstanceConfigsResp",
-   "type": "object",
-   "properties": {
-    "items": {
-     "type": "array",
-     "description": "[Output Only] The list of PerInstanceConfig.",
-     "items": {
-      "$ref": "PerInstanceConfig"
-     }
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagersListInstancesResponse": {
-   "id": "RegionInstanceGroupManagersListInstancesResponse",
-   "type": "object",
-   "properties": {
-    "managedInstances": {
-     "type": "array",
-     "description": "List of managed instances.",
-     "items": {
-      "$ref": "ManagedInstance"
-     }
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    }
-   }
-  },
-  "RegionInstanceGroupManagersRecreateRequest": {
-   "id": "RegionInstanceGroupManagersRecreateRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The URLs of one or more instances to recreate. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagersSetAutoHealingRequest": {
-   "id": "RegionInstanceGroupManagersSetAutoHealingRequest",
-   "type": "object",
-   "properties": {
-    "autoHealingPolicies": {
-     "type": "array",
-     "items": {
-      "$ref": "InstanceGroupManagerAutoHealingPolicy"
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagersSetTargetPoolsRequest": {
-   "id": "RegionInstanceGroupManagersSetTargetPoolsRequest",
-   "type": "object",
-   "properties": {
-    "fingerprint": {
-     "type": "string",
-     "description": "Fingerprint of the target pools information, which is a hash of the contents. This field is used for optimistic locking when you update the target pool entries. This field is optional.",
-     "format": "byte"
     },
-    "targetPools": {
-     "type": "array",
-     "description": "The URL of all TargetPool resources to which instances in the instanceGroup field are added. The target pools automatically apply to all of the instances in the managed instance group.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagersSetTemplateRequest": {
-   "id": "RegionInstanceGroupManagersSetTemplateRequest",
-   "type": "object",
-   "properties": {
-    "instanceTemplate": {
-     "type": "string",
-     "description": "URL of the InstanceTemplate resource from which all new instances will be created."
-    }
-   }
-  },
-  "RegionInstanceGroupsListInstances": {
-   "id": "RegionInstanceGroupsListInstances",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceWithNamedPorts resources.",
-     "items": {
-      "$ref": "InstanceWithNamedPorts"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "The resource type.",
-     "default": "compute#regionInstanceGroupsListInstances"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupsListInstancesRequest": {
-   "id": "RegionInstanceGroupsListInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instanceState": {
-     "type": "string",
-     "description": "Instances in which state should be returned. Valid options are: 'ALL', 'RUNNING'. By default, it lists all instances.",
-     "enum": [
-      "ALL",
-      "RUNNING"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "portName": {
-     "type": "string",
-     "description": "Name of port user is interested in. It is optional. If it is set, only information about this ports will be returned. If it is not set, all the named ports will be returned. Always lists all instances.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    }
-   }
-  },
-  "RegionInstanceGroupsSetNamedPortsRequest": {
-   "id": "RegionInstanceGroupsSetNamedPortsRequest",
-   "type": "object",
-   "properties": {
-    "fingerprint": {
-     "type": "string",
-     "description": "The fingerprint of the named ports information for this instance group. Use this optional property to prevent conflicts when multiple users change the named ports settings concurrently. Obtain the fingerprint with the instanceGroups.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.",
-     "format": "byte"
-    },
-    "namedPorts": {
-     "type": "array",
-     "description": "The list of named ports to set for this instance group.",
-     "items": {
-      "$ref": "NamedPort"
-     }
-    }
-   }
-  },
-  "RegionList": {
-   "id": "RegionList",
-   "type": "object",
-   "description": "Contains a list of region resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Region resources.",
-     "items": {
-      "$ref": "Region"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#regionList for lists of regions.",
-     "default": "compute#regionList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "RegionSetLabelsRequest": {
-   "id": "RegionSetLabelsRequest",
-   "type": "object",
-   "properties": {
-    "labelFingerprint": {
-     "type": "string",
-     "description": "The fingerprint of the previous set of labels for this resource, used to detect conflicts. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. Make a get() request to the resource to get the latest fingerprint.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "The labels to set for this resource.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "ResourceCommitment": {
-   "id": "ResourceCommitment",
-   "type": "object",
-   "description": "Commitment for a particular resource (a Commitment is composed of one or more of these).",
-   "properties": {
-    "amount": {
-     "type": "string",
-     "description": "The amount of the resource purchased (in a type-dependent unit, such as bytes). For vCPUs, this can just be an integer. For memory, this must be provided in MB. Memory must be a multiple of 256 MB, with up to 6.5GB of memory per every vCPU.",
-     "format": "int64"
-    },
-    "type": {
-     "type": "string",
-     "description": "Type of resource for which this commitment applies. Possible values are VCPU and MEMORY",
-     "enum": [
-      "LOCAL_SSD",
-      "MEMORY",
-      "UNSPECIFIED",
-      "VCPU"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "ResourceGroupReference": {
-   "id": "ResourceGroupReference",
-   "type": "object",
-   "properties": {
-    "group": {
-     "type": "string",
-     "description": "A URI referencing one of the instance groups listed in the backend service."
-    }
-   }
-  },
-  "Route": {
-   "id": "Route",
-   "type": "object",
-   "description": "Represents a Route resource. A route specifies how certain packets should be handled by the network. Routes are associated with instances by tags and the set of routes for a particular instance is called its routing table.\n\nFor each packet leaving an instance, the system searches that instance's routing table for a single best matching route. Routes match packets by destination IP address, preferring smaller or more specific ranges over larger ones. If there is a tie, the system selects the route with the smallest priority value. If there is still a tie, it uses the layer three and four packet headers to select just one of the remaining matching routes. The packet is then forwarded as specified by the nextHop field of the winning route - either to another instance destination, an instance gateway, or a Google Compute Engine-operated gateway.\n\nPackets that do not match any route in the sending instance's routing table are dropped. (== resource_for beta.routes ==) (== resource_for v1.routes ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "destRange": {
-     "type": "string",
-     "description": "The destination range of outgoing packets that this route applies to. Only IPv4 is supported.",
-     "annotations": {
-      "required": [
-       "compute.routes.insert"
-      ]
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of this resource. Always compute#routes for Route resources.",
-     "default": "compute#route"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.routes.insert"
-      ]
-     }
-    },
-    "network": {
-     "type": "string",
-     "description": "Fully-qualified URL of the network that this route applies to.",
-     "annotations": {
-      "required": [
-       "compute.routes.insert"
-      ]
-     }
-    },
-    "nextHopGateway": {
-     "type": "string",
-     "description": "The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/\u003cproject-id\u003e/global/gateways/default-internet-gateway"
-    },
-    "nextHopInstance": {
-     "type": "string",
-     "description": "The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:\nhttps://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/"
-    },
-    "nextHopIp": {
-     "type": "string",
-     "description": "The network IP address of an instance that should handle matching packets. Only IPv4 is supported."
-    },
-    "nextHopNetwork": {
-     "type": "string",
-     "description": "The URL of the local network if it should handle matching packets."
-    },
-    "nextHopPeering": {
-     "type": "string",
-     "description": "[Output Only] The network peering name that should handle matching packets, which should conform to RFC1035."
-    },
-    "nextHopVpnTunnel": {
-     "type": "string",
-     "description": "The URL to a VpnTunnel that should handle matching packets."
-    },
-    "priority": {
-     "type": "integer",
-     "description": "The priority of this route. Priority is used to break ties in cases where there is more than one matching route of equal prefix length. In the case of two routes with equal prefix length, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.",
-     "format": "uint32",
-     "annotations": {
-      "required": [
-       "compute.routes.insert"
-      ]
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined fully-qualified URL for this resource."
-    },
-    "tags": {
-     "type": "array",
-     "description": "A list of instance tags to which this route applies.",
-     "items": {
-      "type": "string"
-     },
-     "annotations": {
-      "required": [
-       "compute.routes.insert"
-      ]
-     }
-    },
-    "warnings": {
-     "type": "array",
-     "description": "[Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.",
-     "items": {
-      "type": "object",
-      "properties": {
-       "code": {
-        "type": "string",
-        "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-        "enum": [
-         "CLEANUP_FAILED",
-         "DEPRECATED_RESOURCE_USED",
-         "DEPRECATED_TYPE_USED",
-         "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-         "EXPERIMENTAL_TYPE_USED",
-         "EXTERNAL_API_WARNING",
-         "FIELD_VALUE_OVERRIDEN",
-         "INJECTED_KERNELS_DEPRECATED",
-         "MISSING_TYPE_DEPENDENCY",
-         "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-         "NEXT_HOP_CANNOT_IP_FORWARD",
-         "NEXT_HOP_INSTANCE_NOT_FOUND",
-         "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-         "NEXT_HOP_NOT_RUNNING",
-         "NOT_CRITICAL_ERROR",
-         "NO_RESULTS_ON_PAGE",
-         "REQUIRED_TOS_AGREEMENT",
-         "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-         "RESOURCE_NOT_DELETED",
-         "SCHEMA_VALIDATION_IGNORED",
-         "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-         "UNDECLARED_PROPERTIES",
-         "UNREACHABLE"
-        ],
-        "enumDescriptions": [
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         ""
-        ]
-       },
-       "data": {
-        "type": "array",
-        "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-        "items": {
-         "type": "object",
-         "properties": {
-          "key": {
-           "type": "string",
-           "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-          },
-          "value": {
-           "type": "string",
-           "description": "[Output Only] A warning data value corresponding to the key."
-          }
-         }
-        }
-       },
-       "message": {
-        "type": "string",
-        "description": "[Output Only] A human-readable description of the warning code."
-       }
+    "regionCommitments": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of commitments.",
+          "httpMethod": "GET",
+          "id": "compute.regionCommitments.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/commitments",
+          "response": {
+            "$ref": "CommitmentAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified commitment resource. Get a list of available commitments by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.regionCommitments.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "commitment"
+          ],
+          "parameters": {
+            "commitment": {
+              "description": "Name of the commitment to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/commitments/{commitment}",
+          "response": {
+            "$ref": "Commitment"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a commitment in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.regionCommitments.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/commitments",
+          "request": {
+            "$ref": "Commitment"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of commitments contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.regionCommitments.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/commitments",
+          "response": {
+            "$ref": "CommitmentList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.regionCommitments.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/commitments/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "RouteList": {
-   "id": "RouteList",
-   "type": "object",
-   "description": "Contains a list of Route resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Route resources.",
-     "items": {
-      "$ref": "Route"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#routeList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "regionDiskTypes": {
+      "methods": {
+        "get": {
+          "description": "Returns the specified regional disk type. Get a list of available disk types by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.regionDiskTypes.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "diskType"
+          ],
+          "parameters": {
+            "diskType": {
+              "description": "Name of the disk type to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/diskTypes/{diskType}",
+          "response": {
+            "$ref": "DiskType"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of regional disk types available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.regionDiskTypes.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/diskTypes",
+          "response": {
+            "$ref": "RegionDiskTypeList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "Router": {
-   "id": "Router",
-   "type": "object",
-   "description": "Router resource.",
-   "properties": {
-    "bgp": {
-     "$ref": "RouterBgp",
-     "description": "BGP information specific to this router."
-    },
-    "bgpPeers": {
-     "type": "array",
-     "description": "BGP information that needs to be configured into the routing stack to establish the BGP peering. It must specify peer ASN and either interface name, IP, or peer IP. Please refer to RFC4273.",
-     "items": {
-      "$ref": "RouterBgpPeer"
-     }
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "interfaces": {
-     "type": "array",
-     "description": "Router interfaces. Each interface requires either one linked resource (e.g. linkedVpnTunnel), or IP address and IP address range (e.g. ipRange), or both.",
-     "items": {
-      "$ref": "RouterInterface"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#router for routers.",
-     "default": "compute#router"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.routers.insert"
-      ]
-     }
-    },
-    "nats": {
-     "type": "array",
-     "description": "List of Nat services created in this router. The maximum number of Nat services within a Router is 3 for Alpha.",
-     "items": {
-      "$ref": "RouterNat"
-     }
-    },
-    "network": {
-     "type": "string",
-     "description": "URI of the network to which this router belongs.",
-     "annotations": {
-      "required": [
-       "compute.routers.insert"
-      ]
-     }
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URI of the region where the router resides."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "RouterAdvertisedIpRange": {
-   "id": "RouterAdvertisedIpRange",
-   "type": "object",
-   "description": "Description-tagged IP ranges for the router to advertise.",
-   "properties": {
-    "description": {
-     "type": "string",
-     "description": "User-specified description for the IP range."
-    },
-    "range": {
-     "type": "string",
-     "description": "The IP range to advertise. The value must be a CIDR-formatted string."
-    }
-   }
-  },
-  "RouterAdvertisedPrefix": {
-   "id": "RouterAdvertisedPrefix",
-   "type": "object",
-   "description": "Description-tagged prefixes for the router to advertise.",
-   "properties": {
-    "description": {
-     "type": "string",
-     "description": "User-specified description for the prefix."
-    },
-    "prefix": {
-     "type": "string",
-     "description": "The prefix to advertise. The value must be a CIDR-formatted string."
-    }
-   }
-  },
-  "RouterAggregatedList": {
-   "id": "RouterAggregatedList",
-   "type": "object",
-   "description": "Contains a list of routers.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of Router resources.",
-     "additionalProperties": {
-      "$ref": "RoutersScopedList",
-      "description": "Name of the scope containing this set of routers."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#routerAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "regionDisks": {
+      "methods": {
+        "createSnapshot": {
+          "description": "Creates a snapshot of this regional disk.",
+          "httpMethod": "POST",
+          "id": "compute.regionDisks.createSnapshot",
+          "parameterOrder": [
+            "project",
+            "region",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "Name of the regional persistent disk to snapshot.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "guestFlush": {
+              "location": "query",
+              "type": "boolean"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/disks/{disk}/createSnapshot",
+          "request": {
+            "$ref": "Snapshot"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified regional persistent disk. Deleting a regional disk removes all the replicas of its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.",
+          "httpMethod": "DELETE",
+          "id": "compute.regionDisks.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "Name of the regional persistent disk to delete.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/disks/{disk}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns a specified regional persistent disk.",
+          "httpMethod": "GET",
+          "id": "compute.regionDisks.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "Name of the regional persistent disk to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/disks/{disk}",
+          "response": {
+            "$ref": "Disk"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a persistent regional disk in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.regionDisks.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "sourceImage": {
+              "description": "Optional. Source image to restore onto a disk.",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/disks",
+          "request": {
+            "$ref": "Disk"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of persistent disks contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.regionDisks.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/disks",
+          "response": {
+            "$ref": "DiskList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "resize": {
+          "description": "Resizes the specified regional persistent disk.",
+          "httpMethod": "POST",
+          "id": "compute.regionDisks.resize",
+          "parameterOrder": [
+            "project",
+            "region",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "Name of the regional persistent disk.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "The project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/disks/{disk}/resize",
+          "request": {
+            "$ref": "RegionDisksResizeRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on the target regional disk.",
+          "httpMethod": "POST",
+          "id": "compute.regionDisks.setLabels",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/disks/{resource}/setLabels",
+          "request": {
+            "$ref": "RegionSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.regionDisks.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/disks/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "RouterBgp": {
-   "id": "RouterBgp",
-   "type": "object",
-   "properties": {
-    "advertiseMode": {
-     "type": "string",
-     "description": "User-specified flag to indicate which mode to use for advertisement.",
-     "enum": [
-      "CUSTOM",
-      "DEFAULT"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "advertisedGroups": {
-     "type": "array",
-     "description": "User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.",
-     "items": {
-      "type": "string",
-      "enum": [
-       "ALL_SUBNETS"
-      ],
-      "enumDescriptions": [
-       ""
-      ]
-     }
-    },
-    "advertisedIpRanges": {
-     "type": "array",
-     "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.",
-     "items": {
-      "$ref": "RouterAdvertisedIpRange"
-     }
-    },
-    "advertisedPrefixs": {
-     "type": "array",
-     "description": "User-specified list of individual prefixes to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These prefixes will be advertised in addition to any specified groups. Leave this field blank to advertise no custom prefixes.",
-     "items": {
-      "$ref": "RouterAdvertisedPrefix"
-     }
-    },
-    "asn": {
-     "type": "integer",
-     "description": "Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.",
-     "format": "uint32"
-    }
-   }
-  },
-  "RouterBgpPeer": {
-   "id": "RouterBgpPeer",
-   "type": "object",
-   "properties": {
-    "advertiseMode": {
-     "type": "string",
-     "description": "User-specified flag to indicate which mode to use for advertisement.",
-     "enum": [
-      "CUSTOM",
-      "DEFAULT"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "advertisedGroups": {
-     "type": "array",
-     "description": "User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in Bgp message). These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.",
-     "items": {
-      "type": "string",
-      "enum": [
-       "ALL_SUBNETS"
-      ],
-      "enumDescriptions": [
-       ""
-      ]
-     }
-    },
-    "advertisedIpRanges": {
-     "type": "array",
-     "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in Bgp message). These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.",
-     "items": {
-      "$ref": "RouterAdvertisedIpRange"
-     }
-    },
-    "advertisedPrefixs": {
-     "type": "array",
-     "description": "User-specified list of individual prefixes to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in Bgp message). These prefixes will be advertised in addition to any specified groups. Leave this field blank to advertise no custom prefixes.",
-     "items": {
-      "$ref": "RouterAdvertisedPrefix"
-     }
-    },
-    "advertisedRoutePriority": {
-     "type": "integer",
-     "description": "The priority of routes advertised to this BGP peer. In the case where there is more than one matching route of maximum length, the routes with lowest priority value win.",
-     "format": "uint32"
-    },
-    "interfaceName": {
-     "type": "string",
-     "description": "Name of the interface the BGP peer is associated with."
-    },
-    "ipAddress": {
-     "type": "string",
-     "description": "IP address of the interface inside Google Cloud Platform. Only IPv4 is supported."
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of this BGP peer. The name must be 1-63 characters long and comply with RFC1035.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "peerAsn": {
-     "type": "integer",
-     "description": "Peer BGP Autonomous System Number (ASN). For VPN use case, this value can be different for every tunnel.",
-     "format": "uint32"
-    },
-    "peerIpAddress": {
-     "type": "string",
-     "description": "IP address of the BGP interface outside Google cloud. Only IPv4 is supported."
-    }
-   }
-  },
-  "RouterInterface": {
-   "id": "RouterInterface",
-   "type": "object",
-   "properties": {
-    "ipRange": {
-     "type": "string",
-     "description": "IP address and range of the interface. The IP range must be in the RFC3927 link-local IP space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface."
-    },
-    "linkedInterconnectAttachment": {
-     "type": "string",
-     "description": "URI of the linked interconnect attachment. It must be in the same region as the router. Each interface can have at most one linked resource and it could either be a VPN Tunnel or an interconnect attachment."
-    },
-    "linkedVpnTunnel": {
-     "type": "string",
-     "description": "URI of the linked VPN tunnel. It must be in the same region as the router. Each interface can have at most one linked resource and it could either be a VPN Tunnel or an interconnect attachment."
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of this interface entry. The name must be 1-63 characters long and comply with RFC1035.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    }
-   }
-  },
-  "RouterList": {
-   "id": "RouterList",
-   "type": "object",
-   "description": "Contains a list of Router resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Router resources.",
-     "items": {
-      "$ref": "Router"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#router for routers.",
-     "default": "compute#routerList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "regionInstanceGroupManagers": {
+      "methods": {
+        "abandonInstances": {
+          "description": "Schedules a group action to remove the specified instances from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.abandonInstances",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/abandonInstances",
+          "request": {
+            "$ref": "RegionInstanceGroupManagersAbandonInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "applyUpdatesToInstances": {
+          "description": "Apply updates to selected instances the managed instance group.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.applyUpdatesToInstances",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group, should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request, should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/applyUpdatesToInstances",
+          "request": {
+            "$ref": "RegionInstanceGroupManagersApplyUpdatesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified managed instance group and all of the instances in that group.",
+          "httpMethod": "DELETE",
+          "id": "compute.regionInstanceGroupManagers.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group to delete.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "deleteInstances": {
+          "description": "Schedules a group action to delete the specified instances in the managed instance group. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.deleteInstances",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/deleteInstances",
+          "request": {
+            "$ref": "RegionInstanceGroupManagersDeleteInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "deletePerInstanceConfigs": {
+          "description": "Delete selected per-instance configs for the managed instance group.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.deletePerInstanceConfigs",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group. It should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request, should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/deletePerInstanceConfigs",
+          "request": {
+            "$ref": "RegionInstanceGroupManagerDeleteInstanceConfigReq"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns all of the details about the specified managed instance group.",
+          "httpMethod": "GET",
+          "id": "compute.regionInstanceGroupManagers.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group to return.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
+          "response": {
+            "$ref": "InstanceGroupManager"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a managed instance group using the information that you specify in the request. After the group is created, it schedules an action to create instances in the group using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.\n\nA regional managed instance group can contain up to 2000 instances.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers",
+          "request": {
+            "$ref": "InstanceGroupManager"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of managed instance groups that are contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.regionInstanceGroupManagers.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers",
+          "response": {
+            "$ref": "RegionInstanceGroupManagerList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listManagedInstances": {
+          "description": "Lists the instances in the managed instance group and instances that are scheduled to be created. The list includes any current actions that the group has scheduled for its instances.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.listManagedInstances",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "filter": {
+              "location": "query",
+              "type": "string"
+            },
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "order_by": {
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/listManagedInstances",
+          "response": {
+            "$ref": "RegionInstanceGroupManagersListInstancesResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listPerInstanceConfigs": {
+          "description": "Lists all of the per-instance configs defined for the managed instance group.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.listPerInstanceConfigs",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group. It should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request, should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/listPerInstanceConfigs",
+          "response": {
+            "$ref": "RegionInstanceGroupManagersListInstanceConfigsResp"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listmanagedinstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.regionInstanceGroupManagers.patch",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the instance group manager.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
+          "request": {
+            "$ref": "InstanceGroupManager"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "recreateInstances": {
+          "description": "Schedules a group action to recreate the specified instances in the managed instance group. The instances are deleted and recreated using the current instance template for the managed instance group. This operation is marked as DONE when the action is scheduled even if the instances have not yet been recreated. You must separately verify the status of the recreating action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.recreateInstances",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/recreateInstances",
+          "request": {
+            "$ref": "RegionInstanceGroupManagersRecreateRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "resize": {
+          "description": "Changes the intended size for the managed instance group. If you increase the size, the group schedules actions to create new instances using the current instance template. If you decrease the size, the group schedules delete actions on one or more instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.resize",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager",
+            "size"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "size": {
+              "description": "Number of instances that should exist in this instance group manager.",
+              "format": "int32",
+              "location": "query",
+              "minimum": "0",
+              "required": true,
+              "type": "integer"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/resize",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setAutoHealingPolicies": {
+          "description": "Modifies the autohealing policy for the instances in this managed instance group.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.setAutoHealingPolicies",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/setAutoHealingPolicies",
+          "request": {
+            "$ref": "RegionInstanceGroupManagersSetAutoHealingRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setInstanceTemplate": {
+          "description": "Sets the instance template to use when creating new instances or recreating instances in this group. Existing instances are not affected.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.setInstanceTemplate",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/setInstanceTemplate",
+          "request": {
+            "$ref": "RegionInstanceGroupManagersSetTemplateRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setTargetPools": {
+          "description": "Modifies the target pools to which all new instances in this group are assigned. Existing instances in the group are not affected.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.setTargetPools",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/setTargetPools",
+          "request": {
+            "$ref": "RegionInstanceGroupManagersSetTargetPoolsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is updated even if the instances in the group have not yet been updated. You must separately verify the status of the individual instances with the listmanagedinstances method.",
+          "httpMethod": "PUT",
+          "id": "compute.regionInstanceGroupManagers.update",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the instance group manager.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
+          "request": {
+            "$ref": "InstanceGroupManager"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "updatePerInstanceConfigs": {
+          "description": "Insert or patch (for the ones that already exist) per-instance configs for the managed instance group. perInstanceConfig.instance serves as a key used to distinguish whether to perform insert or patch.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.updatePerInstanceConfigs",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group. It should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request, should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/updatePerInstanceConfigs",
+          "request": {
+            "$ref": "RegionInstanceGroupManagerUpdateInstanceConfigReq"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "RouterNat": {
-   "id": "RouterNat",
-   "type": "object",
-   "description": "Represents a Nat resource. It enables the VMs within the specified subnetworks to access Internet without external IP addresses. It specifies a list of subnetworks (and the ranges within) that want to use NAT. Customers can also provide the external IPs that would be used for NAT. GCP would auto-allocate ephemeral IPs if no external IPs are provided.",
-   "properties": {
-    "autoAllocatedNatIps": {
-     "type": "array",
-     "description": "[Output Only] List of IPs allocated automatically by GCP for this Nat service. They will be raw IP strings like \"179.12.26.133\". They are ephemeral IPs allocated from the IP blocks managed by the NAT manager. This list can grow and shrink based on the number of VMs configured to use NAT.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "natIpAllocateOption": {
-     "type": "string",
-     "description": "Specify the NatIpAllocateOption. If it is AUTO_ONLY, then nat_ip should be empty.",
-     "enum": [
-      "AUTO_ONLY",
-      "MANUAL_ONLY"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "natIps": {
-     "type": "array",
-     "description": "List of URLs of the IP resources used for this Nat service. These IPs must be valid static external IP addresses assigned to the project. max_length is subject to change post alpha.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "sourceSubnetworkIpRangesToNat": {
-     "type": "string",
-     "description": "Specify the Nat option. If this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.",
-     "enum": [
-      "ALL_SUBNETWORKS_ALL_IP_RANGES",
-      "ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES",
-      "LIST_OF_SUBNETWORKS"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
     },
-    "subnetworks": {
-     "type": "array",
-     "description": "List of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.",
-     "items": {
-      "$ref": "RouterNatSubnetworkToNat"
-     }
-    }
-   }
-  },
-  "RouterNatSubnetworkToNat": {
-   "id": "RouterNatSubnetworkToNat",
-   "type": "object",
-   "description": "Defines the IP ranges that want to use NAT for a subnetwork.",
-   "properties": {
-    "name": {
-     "type": "string",
-     "description": "URL for the subnetwork resource to use NAT."
-    },
-    "secondaryIpRangeNames": {
-     "type": "array",
-     "description": "List of the secondary ranges of the Subnetwork that are allowed to use NAT. This can be populated only if \"LIST_OF_SECONDARY_IP_RANGES\" is one of the values in source_ip_ranges_to_nat.",
-     "items": {
-      "type": "string"
-     }
+    "regionInstanceGroups": {
+      "methods": {
+        "get": {
+          "description": "Returns the specified instance group resource.",
+          "httpMethod": "GET",
+          "id": "compute.regionInstanceGroups.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "Name of the instance group resource to return.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroups/{instanceGroup}",
+          "response": {
+            "$ref": "InstanceGroup"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of instance group resources contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.regionInstanceGroups.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroups",
+          "response": {
+            "$ref": "RegionInstanceGroupList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listInstances": {
+          "description": "Lists the instances in the specified instance group and displays information about the named ports. Depending on the specified options, this method can list all instances or only the instances that are running.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroups.listInstances",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "instanceGroup": {
+              "description": "Name of the regional instance group for which we want to list the instances.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroups/{instanceGroup}/listInstances",
+          "request": {
+            "$ref": "RegionInstanceGroupsListInstancesRequest"
+          },
+          "response": {
+            "$ref": "RegionInstanceGroupsListInstances"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setNamedPorts": {
+          "description": "Sets the named ports for the specified regional instance group.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroups.setNamedPorts",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "The name of the regional instance group where the named ports are updated.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroups/{instanceGroup}/setNamedPorts",
+          "request": {
+            "$ref": "RegionInstanceGroupsSetNamedPortsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroups.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroups/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
+      }
     },
-    "sourceIpRangesToNats": {
-     "type": "array",
-     "description": "Specify the options for NAT ranges in the Subnetwork. All usages of single value are valid except NAT_IP_RANGE_OPTION_UNSPECIFIED. The only valid option with multiple values is: [\"PRIMARY_IP_RANGE\", \"LIST_OF_SECONDARY_IP_RANGES\"] Default: [ALL_IP_RANGES]",
-     "items": {
-      "type": "string",
-      "enum": [
-       "ALL_IP_RANGES",
-       "LIST_OF_SECONDARY_IP_RANGES",
-       "PRIMARY_IP_RANGE"
-      ],
-      "enumDescriptions": [
-       "",
-       "",
-       ""
-      ]
-     }
-    }
-   }
-  },
-  "RouterStatus": {
-   "id": "RouterStatus",
-   "type": "object",
-   "properties": {
-    "bestRoutes": {
-     "type": "array",
-     "description": "Best routes for this router's network.",
-     "items": {
-      "$ref": "Route"
-     }
-    },
-    "bestRoutesForRouter": {
-     "type": "array",
-     "description": "Best routes learned by this router.",
-     "items": {
-      "$ref": "Route"
-     }
-    },
-    "bgpPeerStatus": {
-     "type": "array",
-     "items": {
-      "$ref": "RouterStatusBgpPeerStatus"
-     }
-    },
-    "natStatus": {
-     "type": "array",
-     "items": {
-      "$ref": "RouterStatusNatStatus"
-     }
-    },
-    "network": {
-     "type": "string",
-     "description": "URI of the network to which this router belongs."
-    }
-   }
-  },
-  "RouterStatusBgpPeerStatus": {
-   "id": "RouterStatusBgpPeerStatus",
-   "type": "object",
-   "properties": {
-    "advertisedRoutes": {
-     "type": "array",
-     "description": "Routes that were advertised to the remote BGP peer",
-     "items": {
-      "$ref": "Route"
-     }
-    },
-    "ipAddress": {
-     "type": "string",
-     "description": "IP address of the local BGP interface."
-    },
-    "linkedVpnTunnel": {
-     "type": "string",
-     "description": "URL of the VPN tunnel that this BGP peer controls."
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of this BGP peer. Unique within the Routers resource."
-    },
-    "numLearnedRoutes": {
-     "type": "integer",
-     "description": "Number of routes learned from the remote BGP Peer.",
-     "format": "uint32"
-    },
-    "peerIpAddress": {
-     "type": "string",
-     "description": "IP address of the remote BGP interface."
-    },
-    "state": {
-     "type": "string",
-     "description": "BGP state as specified in RFC1771."
-    },
-    "status": {
-     "type": "string",
-     "description": "Status of the BGP peer: {UP, DOWN}",
-     "enum": [
-      "DOWN",
-      "UNKNOWN",
-      "UP"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "uptime": {
-     "type": "string",
-     "description": "Time this session has been up. Format: 14 years, 51 weeks, 6 days, 23 hours, 59 minutes, 59 seconds"
-    },
-    "uptimeSeconds": {
-     "type": "string",
-     "description": "Time this session has been up, in seconds. Format: 145"
-    }
-   }
-  },
-  "RouterStatusNatStatus": {
-   "id": "RouterStatusNatStatus",
-   "type": "object",
-   "description": "Status of a NAT contained in this router.",
-   "properties": {
-    "autoAllocatedNatIps": {
-     "type": "array",
-     "description": "List of IPs auto-allocated for NAT. Example: [\"1.1.1.1\", \"129.2.16.89\"]",
-     "items": {
-      "type": "string"
-     }
-    },
-    "minExtraNatIpsNeeded": {
-     "type": "integer",
-     "description": "The number of extra IPs to allocate. This will be greater than 0 only if user-specified IPs are NOT enough to allow all configured VMs to use NAT. This value is meaningful only when auto-allocation of NAT IPs is *not* used.",
-     "format": "int32"
-    },
-    "name": {
-     "type": "string",
-     "description": "Unique name of this NAT."
-    },
-    "numVmEndpointsWithNatMappings": {
-     "type": "integer",
-     "description": "Number of VM endpoints (i.e., Nics) that can use NAT.",
-     "format": "int32"
-    },
-    "userAllocatedNatIpResources": {
-     "type": "array",
-     "description": "List of fully qualified URLs of reserved IP address resources.",
-     "items": {
-      "type": "string"
-     }
+    "regionOperations": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified region-specific Operations resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.regionOperations.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "operation"
+          ],
+          "parameters": {
+            "operation": {
+              "description": "Name of the Operations resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/operations/{operation}",
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Retrieves the specified region-specific Operations resource.",
+          "httpMethod": "GET",
+          "id": "compute.regionOperations.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "operation"
+          ],
+          "parameters": {
+            "operation": {
+              "description": "Name of the Operations resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/operations/{operation}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of Operation resources contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.regionOperations.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/operations",
+          "response": {
+            "$ref": "OperationList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
+      }
     },
-    "userAllocatedNatIps": {
-     "type": "array",
-     "description": "List of IPs user-allocated for NAT. They will be raw IP strings like \"179.12.26.133\".",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "RouterStatusResponse": {
-   "id": "RouterStatusResponse",
-   "type": "object",
-   "properties": {
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#routerStatusResponse"
-    },
-    "result": {
-     "$ref": "RouterStatus"
-    }
-   }
-  },
-  "RoutersPreviewResponse": {
-   "id": "RoutersPreviewResponse",
-   "type": "object",
-   "properties": {
-    "resource": {
-     "$ref": "Router",
-     "description": "Preview of given router."
-    }
-   }
-  },
-  "RoutersScopedList": {
-   "id": "RoutersScopedList",
-   "type": "object",
-   "properties": {
-    "routers": {
-     "type": "array",
-     "description": "List of routers contained in this scope.",
-     "items": {
-      "$ref": "Router"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of routers when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "regions": {
+      "methods": {
+        "get": {
+          "description": "Returns the specified Region resource. Get a list of available regions by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.regions.get",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}",
+          "response": {
+            "$ref": "Region"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of region resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.regions.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions",
+          "response": {
+            "$ref": "RegionList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "Rule": {
-   "id": "Rule",
-   "type": "object",
-   "description": "A rule to be applied in a Policy.",
-   "properties": {
-    "action": {
-     "type": "string",
-     "description": "Required",
-     "enum": [
-      "ALLOW",
-      "ALLOW_WITH_LOG",
-      "DENY",
-      "DENY_WITH_LOG",
-      "LOG",
-      "NO_ACTION"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "conditions": {
-     "type": "array",
-     "description": "Additional restrictions that must be met. All conditions must pass for the rule to match.",
-     "items": {
-      "$ref": "Condition"
-     }
-    },
-    "description": {
-     "type": "string",
-     "description": "Human-readable description of the rule."
-    },
-    "ins": {
-     "type": "array",
-     "description": "If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "logConfigs": {
-     "type": "array",
-     "description": "The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.",
-     "items": {
-      "$ref": "LogConfig"
-     }
-    },
-    "notIns": {
-     "type": "array",
-     "description": "If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.",
-     "items": {
-      "type": "string"
-     }
     },
-    "permissions": {
-     "type": "array",
-     "description": "A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "SSLHealthCheck": {
-   "id": "SSLHealthCheck",
-   "type": "object",
-   "properties": {
-    "port": {
-     "type": "integer",
-     "description": "The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.",
-     "format": "int32"
-    },
-    "portName": {
-     "type": "string",
-     "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence."
-    },
-    "portSpecification": {
-     "type": "string",
-     "description": "Specifies how port is selected for health checking, can be one of following values:\nUSE_FIXED_PORT: The port number in\nport\nis used for health checking.\nUSE_NAMED_PORT: The\nportName\nis used for health checking.\nUSE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.\n\n\nIf not specified, SSL health check follows behavior specified in\nport\nand\nportName\nfields.",
-     "enum": [
-      "USE_FIXED_PORT",
-      "USE_NAMED_PORT",
-      "USE_SERVING_PORT"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "proxyHeader": {
-     "type": "string",
-     "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "request": {
-     "type": "string",
-     "description": "The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII."
-    },
-    "response": {
-     "type": "string",
-     "description": "The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII."
-    }
-   }
-  },
-  "Scheduling": {
-   "id": "Scheduling",
-   "type": "object",
-   "description": "Sets the scheduling options for an Instance.",
-   "properties": {
-    "automaticRestart": {
-     "type": "boolean",
-     "description": "Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.\n\nBy default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine."
-    },
-    "onHostMaintenance": {
-     "type": "string",
-     "description": "Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Setting Instance Scheduling Options.",
-     "enum": [
-      "MIGRATE",
-      "TERMINATE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "preemptible": {
-     "type": "boolean",
-     "description": "Defines whether the instance is preemptible. This can only be set during instance creation, it cannot be set or changed after the instance has been created."
-    }
-   }
-  },
-  "SecurityPolicy": {
-   "id": "SecurityPolicy",
-   "type": "object",
-   "description": "A security policy is comprised of one or more rules. It can also be associated with one or more 'targets'.",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.\n\nTo see the latest fingerprint, make get() request to the security policy.",
-     "format": "byte"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output only] Type of the resource. Always compute#securityPolicyfor security policies",
-     "default": "compute#securityPolicy"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "rules": {
-     "type": "array",
-     "description": "List of rules that belong to this policy. There must always be a default rule (rule with priority 2147483647 and match \"*\"). If no rules are provided when creating a security policy, a default rule with action \"allow\" will be added.",
-     "items": {
-      "$ref": "SecurityPolicyRule"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "SecurityPolicyList": {
-   "id": "SecurityPolicyList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of SecurityPolicy resources.",
-     "items": {
-      "$ref": "SecurityPolicy"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#securityPolicyList for listsof securityPolicies",
-     "default": "compute#securityPolicyList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "routers": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of routers.",
+          "httpMethod": "GET",
+          "id": "compute.routers.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/routers",
+          "response": {
+            "$ref": "RouterAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified Router resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.routers.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "router"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "router": {
+              "description": "Name of the Router resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{router}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified Router resource. Get a list of available routers by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.routers.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "router"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "router": {
+              "description": "Name of the Router resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{router}",
+          "response": {
+            "$ref": "Router"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getRouterStatus": {
+          "description": "Retrieves runtime information of the specified router.",
+          "httpMethod": "GET",
+          "id": "compute.routers.getRouterStatus",
+          "parameterOrder": [
+            "project",
+            "region",
+            "router"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "router": {
+              "description": "Name of the Router resource to query.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{router}/getRouterStatus",
+          "response": {
+            "$ref": "RouterStatusResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a Router resource in the specified project and region using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.routers.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers",
+          "request": {
+            "$ref": "Router"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of Router resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.routers.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers",
+          "response": {
+            "$ref": "RouterList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Patches the specified Router resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.routers.patch",
+          "parameterOrder": [
+            "project",
+            "region",
+            "router"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "router": {
+              "description": "Name of the Router resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{router}",
+          "request": {
+            "$ref": "Router"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "preview": {
+          "description": "Preview fields auto-generated during router create and update operations. Calling this method does NOT create or update the router.",
+          "httpMethod": "POST",
+          "id": "compute.routers.preview",
+          "parameterOrder": [
+            "project",
+            "region",
+            "router"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "router": {
+              "description": "Name of the Router resource to query.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{router}/preview",
+          "request": {
+            "$ref": "Router"
+          },
+          "response": {
+            "$ref": "RoutersPreviewResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.routers.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates the specified Router resource with the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.routers.update",
+          "parameterOrder": [
+            "project",
+            "region",
+            "router"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "router": {
+              "description": "Name of the Router resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{router}",
+          "request": {
+            "$ref": "Router"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "SecurityPolicyReference": {
-   "id": "SecurityPolicyReference",
-   "type": "object",
-   "properties": {
-    "securityPolicy": {
-     "type": "string"
-    }
-   }
-  },
-  "SecurityPolicyRule": {
-   "id": "SecurityPolicyRule",
-   "type": "object",
-   "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).",
-   "properties": {
-    "action": {
-     "type": "string",
-     "description": "The Action to preform when the client connection triggers the rule. Can currently be either \"allow\" or \"deny()\" where valid values for status are 403, 404, and 502."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules",
-     "default": "compute#securityPolicyRule"
-    },
-    "match": {
-     "$ref": "SecurityPolicyRuleMatcher",
-     "description": "A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding ?action? is enforced."
-    },
-    "preview": {
-     "type": "boolean",
-     "description": "If set to true, the specified action is not enforced."
-    },
-    "priority": {
-     "type": "integer",
-     "description": "An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated in the increasing order of priority.",
-     "format": "int32"
-    }
-   }
-  },
-  "SecurityPolicyRuleMatcher": {
-   "id": "SecurityPolicyRuleMatcher",
-   "type": "object",
-   "description": "Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.",
-   "properties": {
-    "config": {
-     "$ref": "SecurityPolicyRuleMatcherConfig",
-     "description": "The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified."
-    },
-    "expr": {
-     "$ref": "Expr",
-     "description": "User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header."
-    },
-    "srcIpRanges": {
-     "type": "array",
-     "description": "CIDR IP address range. Only IPv4 is supported.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "versionedExpr": {
-     "type": "string",
-     "description": "Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.",
-     "enum": [
-      "SRC_IPS_V1",
-      "VERSIONED_EXPR_UNSPECIFIED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "SecurityPolicyRuleMatcherConfig": {
-   "id": "SecurityPolicyRuleMatcherConfig",
-   "type": "object",
-   "properties": {
-    "srcIpRanges": {
-     "type": "array",
-     "description": "CIDR IP address range. Only IPv4 is supported.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "SerialPortOutput": {
-   "id": "SerialPortOutput",
-   "type": "object",
-   "description": "An instance's serial console output.",
-   "properties": {
-    "contents": {
-     "type": "string",
-     "description": "[Output Only] The contents of the console output."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#serialPortOutput for serial port output.",
-     "default": "compute#serialPortOutput"
-    },
-    "next": {
-     "type": "string",
-     "description": "[Output Only] The position of the next byte of content from the serial console output. Use this value in the next request as the start parameter.",
-     "format": "int64"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "start": {
-     "type": "string",
-     "description": "The starting byte position of the output that was returned. This should match the start parameter sent with the request. If the serial console output exceeds the size of the buffer, older output will be overwritten by newer content and the start values will be mismatched.",
-     "format": "int64"
-    }
-   }
-  },
-  "ServiceAccount": {
-   "id": "ServiceAccount",
-   "type": "object",
-   "description": "A service account.",
-   "properties": {
-    "email": {
-     "type": "string",
-     "description": "Email address of the service account."
-    },
-    "scopes": {
-     "type": "array",
-     "description": "The list of scopes to be made available for this service account.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "ShieldedVmConfig": {
-   "id": "ShieldedVmConfig",
-   "type": "object",
-   "description": "A set of Shielded VM options.",
-   "properties": {
-    "enableSecureBoot": {
-     "type": "boolean",
-     "description": "Defines whether the instance should have secure boot enabled."
-    },
-    "enableVtpm": {
-     "type": "boolean",
-     "description": "Defines whether the instance should have the TPM enabled."
-    }
-   }
-  },
-  "SignedUrlKey": {
-   "id": "SignedUrlKey",
-   "type": "object",
-   "description": "Represents a customer-supplied Signing Key used by Cloud CDN Signed URLs",
-   "properties": {
-    "keyName": {
-     "type": "string",
-     "description": "Name of the key. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "keyValue": {
-     "type": "string",
-     "description": "128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string."
-    }
-   }
-  },
-  "Snapshot": {
-   "id": "Snapshot",
-   "type": "object",
-   "description": "A persistent disk snapshot resource. (== resource_for beta.snapshots ==) (== resource_for v1.snapshots ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "diskSizeGb": {
-     "type": "string",
-     "description": "[Output Only] Size of the snapshot, specified in GB.",
-     "format": "int64"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.",
-     "default": "compute#snapshot"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a snapshot.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    },
-    "licenseCodes": {
-     "type": "array",
-     "description": "Integer license codes indicating which licenses are attached to this snapshot.",
-     "items": {
-      "type": "string",
-      "format": "int64"
-     }
     },
-    "licenses": {
-     "type": "array",
-     "description": "[Output Only] A list of public visible licenses that apply to this snapshot. This can be because the original image had licenses attached (such as a Windows image).",
-     "items": {
-      "type": "string"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "snapshotEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "Encrypts the snapshot using a customer-supplied encryption key.\n\nAfter you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the image later For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.\n\nCustomer-supplied encryption keys do not protect access to metadata of the disk.\n\nIf you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later."
-    },
-    "sourceDisk": {
-     "type": "string",
-     "description": "[Output Only] The source disk used to create this snapshot."
-    },
-    "sourceDiskEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key."
-    },
-    "sourceDiskId": {
-     "type": "string",
-     "description": "[Output Only] The ID value of the disk used to create this snapshot. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given disk name."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the snapshot. This can be CREATING, DELETING, FAILED, READY, or UPLOADING.",
-     "enum": [
-      "CREATING",
-      "DELETING",
-      "FAILED",
-      "READY",
-      "UPLOADING"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "storageBytes": {
-     "type": "string",
-     "description": "[Output Only] A size of the storage used by the snapshot. As snapshots share storage, this number is expected to change with snapshot creation/deletion.",
-     "format": "int64"
-    },
-    "storageBytesStatus": {
-     "type": "string",
-     "description": "[Output Only] An indicator whether storageBytes is in a stable state or it is being adjusted as a result of shared storage reallocation. This status can either be UPDATING, meaning the size of the snapshot is being updated, or UP_TO_DATE, meaning the size of the snapshot is up-to-date.",
-     "enum": [
-      "UPDATING",
-      "UP_TO_DATE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "storageLocations": {
-     "type": "array",
-     "description": "GCS bucket storage location of the snapshot (regional or multi-regional).",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "SnapshotList": {
-   "id": "SnapshotList",
-   "type": "object",
-   "description": "Contains a list of Snapshot resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Snapshot resources.",
-     "items": {
-      "$ref": "Snapshot"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#snapshotList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "SourceInstanceParams": {
-   "id": "SourceInstanceParams",
-   "type": "object",
-   "description": "A specification of the parameters to use when creating the instance template from a source instance.",
-   "properties": {
-    "diskConfigs": {
-     "type": "array",
-     "description": "Attached disks configuration. If not provided, defaults are applied: For boot disk and any other R/W disks, new custom images will be created from each disk. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes.",
-     "items": {
-      "$ref": "DiskInstantiationConfig"
-     }
-    }
-   }
-  },
-  "SslCertificate": {
-   "id": "SslCertificate",
-   "type": "object",
-   "description": "An SslCertificate resource. This resource provides a mechanism to upload an SSL key and certificate to the load balancer to serve secure connections from the user. (== resource_for beta.sslCertificates ==) (== resource_for v1.sslCertificates ==)",
-   "properties": {
-    "certificate": {
-     "type": "string",
-     "description": "A local certificate file. The certificate must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#sslCertificate for SSL certificates.",
-     "default": "compute#sslCertificate"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "privateKey": {
-     "type": "string",
-     "description": "A write-only private key in PEM format. Only insert requests will include this field."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "SslCertificateList": {
-   "id": "SslCertificateList",
-   "type": "object",
-   "description": "Contains a list of SslCertificate resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of SslCertificate resources.",
-     "items": {
-      "$ref": "SslCertificate"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#sslCertificateList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "SslPoliciesList": {
-   "id": "SslPoliciesList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of SslPolicy resources.",
-     "items": {
-      "$ref": "SslPolicy"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#sslPoliciesList for lists of sslPolicies.",
-     "default": "compute#sslPoliciesList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "routes": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified Route resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.routes.delete",
+          "parameterOrder": [
+            "project",
+            "route"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "route": {
+              "description": "Name of the Route resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/routes/{route}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified Route resource. Get a list of available routes by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.routes.get",
+          "parameterOrder": [
+            "project",
+            "route"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "route": {
+              "description": "Name of the Route resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/routes/{route}",
+          "response": {
+            "$ref": "Route"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a Route resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.routes.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/routes",
+          "request": {
+            "$ref": "Route"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of Route resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.routes.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/routes",
+          "response": {
+            "$ref": "RouteList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.routes.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/routes/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "SslPoliciesListAvailableFeaturesResponse": {
-   "id": "SslPoliciesListAvailableFeaturesResponse",
-   "type": "object",
-   "properties": {
-    "features": {
-     "type": "array",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "SslPolicy": {
-   "id": "SslPolicy",
-   "type": "object",
-   "description": "A SSL policy specifies the server-side support for SSL features. This can be attached to a TargetHttpsProxy or a TargetSslProxy. This affects connections between clients and the HTTPS or SSL proxy load balancer. They do not affect the connection between the load balancers and the backends.",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "customFeatures": {
-     "type": "array",
-     "description": "List of features enabled when the selected profile is CUSTOM. The\n- method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.",
-     "items": {
-      "type": "string"
-     }
     },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "enabledFeatures": {
-     "type": "array",
-     "description": "[Output Only] The list of features enabled in the SSL policy.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy.",
-     "format": "byte"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output only] Type of the resource. Always compute#sslPolicyfor SSL policies.",
-     "default": "compute#sslPolicy"
-    },
-    "minTlsVersion": {
-     "type": "string",
-     "description": "The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2, TLS_1_3.",
-     "enum": [
-      "TLS_1_0",
-      "TLS_1_1",
-      "TLS_1_2",
-      "TLS_1_3"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "profile": {
-     "type": "string",
-     "description": "Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field.",
-     "enum": [
-      "COMPATIBLE",
-      "CUSTOM",
-      "MODERN",
-      "RESTRICTED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "warnings": {
-     "type": "array",
-     "description": "[Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.",
-     "items": {
-      "type": "object",
-      "properties": {
-       "code": {
-        "type": "string",
-        "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-        "enum": [
-         "CLEANUP_FAILED",
-         "DEPRECATED_RESOURCE_USED",
-         "DEPRECATED_TYPE_USED",
-         "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-         "EXPERIMENTAL_TYPE_USED",
-         "EXTERNAL_API_WARNING",
-         "FIELD_VALUE_OVERRIDEN",
-         "INJECTED_KERNELS_DEPRECATED",
-         "MISSING_TYPE_DEPENDENCY",
-         "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-         "NEXT_HOP_CANNOT_IP_FORWARD",
-         "NEXT_HOP_INSTANCE_NOT_FOUND",
-         "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-         "NEXT_HOP_NOT_RUNNING",
-         "NOT_CRITICAL_ERROR",
-         "NO_RESULTS_ON_PAGE",
-         "REQUIRED_TOS_AGREEMENT",
-         "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-         "RESOURCE_NOT_DELETED",
-         "SCHEMA_VALIDATION_IGNORED",
-         "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-         "UNDECLARED_PROPERTIES",
-         "UNREACHABLE"
-        ],
-        "enumDescriptions": [
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         ""
-        ]
-       },
-       "data": {
-        "type": "array",
-        "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-        "items": {
-         "type": "object",
-         "properties": {
-          "key": {
-           "type": "string",
-           "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-          },
-          "value": {
-           "type": "string",
-           "description": "[Output Only] A warning data value corresponding to the key."
-          }
-         }
-        }
-       },
-       "message": {
-        "type": "string",
-        "description": "[Output Only] A human-readable description of the warning code."
-       }
-      }
-     }
-    }
-   }
-  },
-  "SslPolicyReference": {
-   "id": "SslPolicyReference",
-   "type": "object",
-   "properties": {
-    "sslPolicy": {
-     "type": "string",
-     "description": "URL of the SSL policy resource. Set this to empty string to clear any existing SSL policy associated with the target proxy resource."
-    }
-   }
-  },
-  "StatefulPolicy": {
-   "id": "StatefulPolicy",
-   "type": "object",
-   "properties": {
-    "preservedResources": {
-     "$ref": "StatefulPolicyPreservedResources"
-    }
-   }
-  },
-  "StatefulPolicyPreservedDisk": {
-   "id": "StatefulPolicyPreservedDisk",
-   "type": "object",
-   "properties": {
-    "deviceName": {
-     "type": "string",
-     "description": "Device name of the disk to be preserved"
-    }
-   }
-  },
-  "StatefulPolicyPreservedResources": {
-   "id": "StatefulPolicyPreservedResources",
-   "type": "object",
-   "description": "Configuration of all preserved resources.",
-   "properties": {
-    "disks": {
-     "type": "array",
-     "description": "Disks created on the instances that will be preserved on instance delete, resize down, etc.",
-     "items": {
-      "$ref": "StatefulPolicyPreservedDisk"
-     }
-    }
-   }
-  },
-  "Subnetwork": {
-   "id": "Subnetwork",
-   "type": "object",
-   "description": "A Subnetwork resource. (== resource_for beta.subnetworks ==) (== resource_for v1.subnetworks ==)",
-   "properties": {
-    "allowSubnetCidrRoutesOverlap": {
-     "type": "boolean",
-     "description": "Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length.\n\nAlso, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature.\n\nThe default value is false and applies to all existing subnetworks and automatically created subnetworks.\n\nThis field cannot be set to true at resource creation time."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time."
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork.",
-     "format": "byte"
-    },
-    "gatewayAddress": {
-     "type": "string",
-     "description": "[Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork. This field can be set only at resource creation time."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "ipCidrRange": {
-     "type": "string",
-     "description": "The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or 192.168.0.0/16. Ranges must be unique and non-overlapping within a network. Only IPv4 is supported. This field can be set only at resource creation time."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#subnetwork for Subnetwork resources.",
-     "default": "compute#subnetwork"
-    },
-    "name": {
-     "type": "string",
-     "description": "The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "network": {
-     "type": "string",
-     "description": "The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time."
-    },
-    "privateIpGoogleAccess": {
-     "type": "boolean",
-     "description": "Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess."
-    },
-    "region": {
-     "type": "string",
-     "description": "URL of the region where the Subnetwork resides. This field can be set only at resource creation time."
-    },
-    "secondaryIpRanges": {
-     "type": "array",
-     "description": "An array of configurations for secondary IP ranges for VM instances contained in this subnetwork. The primary IP of such VM must belong to the primary ipCidrRange of the subnetwork. The alias IPs may belong to either primary or secondary ranges.",
-     "items": {
-      "$ref": "SubnetworkSecondaryRange"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "SubnetworkAggregatedList": {
-   "id": "SubnetworkAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of SubnetworksScopedList resources.",
-     "additionalProperties": {
-      "$ref": "SubnetworksScopedList",
-      "description": "Name of the scope containing this set of Subnetworks."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#subnetworkAggregatedList for aggregated lists of subnetworks.",
-     "default": "compute#subnetworkAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "SubnetworkList": {
-   "id": "SubnetworkList",
-   "type": "object",
-   "description": "Contains a list of Subnetwork resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Subnetwork resources.",
-     "items": {
-      "$ref": "Subnetwork"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#subnetworkList for lists of subnetworks.",
-     "default": "compute#subnetworkList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "SubnetworkSecondaryRange": {
-   "id": "SubnetworkSecondaryRange",
-   "type": "object",
-   "description": "Represents a secondary IP range of a subnetwork.",
-   "properties": {
-    "ipCidrRange": {
-     "type": "string",
-     "description": "The range of IP addresses belonging to this subnetwork secondary range. Provide this property when you create the subnetwork. Ranges must be unique and non-overlapping with all primary and secondary IP ranges within a network. Only IPv4 is supported."
-    },
-    "rangeName": {
-     "type": "string",
-     "description": "The name associated with this subnetwork secondary range, used when adding an alias IP range to a VM instance. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the subnetwork."
-    }
-   }
-  },
-  "SubnetworksExpandIpCidrRangeRequest": {
-   "id": "SubnetworksExpandIpCidrRangeRequest",
-   "type": "object",
-   "properties": {
-    "ipCidrRange": {
-     "type": "string",
-     "description": "The IP (in CIDR format or netmask) of internal addresses that are legal on this Subnetwork. This range should be disjoint from other subnetworks within this network. This range can only be larger than (i.e. a superset of) the range previously defined before the update."
-    }
-   }
-  },
-  "SubnetworksScopedList": {
-   "id": "SubnetworksScopedList",
-   "type": "object",
-   "properties": {
-    "subnetworks": {
-     "type": "array",
-     "description": "List of subnetworks contained in this scope.",
-     "items": {
-      "$ref": "Subnetwork"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "An informational warning that appears when the list of addresses is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "securityPolicies": {
+      "methods": {
+        "addRule": {
+          "description": "Inserts a rule into a security policy.",
+          "httpMethod": "POST",
+          "id": "compute.securityPolicies.addRule",
+          "parameterOrder": [
+            "project",
+            "securityPolicy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "securityPolicy": {
+              "description": "Name of the security policy to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "validateOnly": {
+              "description": "If true, the request will not be committed.",
+              "location": "query",
+              "type": "boolean"
+            }
+          },
+          "path": "{project}/global/securityPolicies/{securityPolicy}/addRule",
+          "request": {
+            "$ref": "SecurityPolicyRule"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified policy.",
+          "httpMethod": "DELETE",
+          "id": "compute.securityPolicies.delete",
+          "parameterOrder": [
+            "project",
+            "securityPolicy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "securityPolicy": {
+              "description": "Name of the security policy to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/securityPolicies/{securityPolicy}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "List all of the ordered rules present in a single specified policy.",
+          "httpMethod": "GET",
+          "id": "compute.securityPolicies.get",
+          "parameterOrder": [
+            "project",
+            "securityPolicy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "securityPolicy": {
+              "description": "Name of the security policy to get.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/securityPolicies/{securityPolicy}",
+          "response": {
+            "$ref": "SecurityPolicy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getRule": {
+          "description": "Gets a rule at the specified priority.",
+          "httpMethod": "GET",
+          "id": "compute.securityPolicies.getRule",
+          "parameterOrder": [
+            "project",
+            "securityPolicy"
+          ],
+          "parameters": {
+            "priority": {
+              "description": "The priority of the rule to get from the security policy.",
+              "format": "int32",
+              "location": "query",
+              "type": "integer"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "securityPolicy": {
+              "description": "Name of the security policy to which the queried rule belongs.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/securityPolicies/{securityPolicy}/getRule",
+          "response": {
+            "$ref": "SecurityPolicyRule"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a new policy in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.securityPolicies.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/securityPolicies",
+          "request": {
+            "$ref": "SecurityPolicy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "List all the policies that have been configured for the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.securityPolicies.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/securityPolicies",
+          "response": {
+            "$ref": "SecurityPolicyList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Patches the specified policy with the data included in the request.",
+          "httpMethod": "PATCH",
+          "id": "compute.securityPolicies.patch",
+          "parameterOrder": [
+            "project",
+            "securityPolicy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "securityPolicy": {
+              "description": "Name of the security policy to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/securityPolicies/{securityPolicy}",
+          "request": {
+            "$ref": "SecurityPolicy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "patchRule": {
+          "description": "Patches a rule at the specified priority.",
+          "httpMethod": "POST",
+          "id": "compute.securityPolicies.patchRule",
+          "parameterOrder": [
+            "project",
+            "securityPolicy"
+          ],
+          "parameters": {
+            "priority": {
+              "description": "The priority of the rule to patch.",
+              "format": "int32",
+              "location": "query",
+              "type": "integer"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "securityPolicy": {
+              "description": "Name of the security policy to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "validateOnly": {
+              "description": "If true, the request will not be committed.",
+              "location": "query",
+              "type": "boolean"
+            }
+          },
+          "path": "{project}/global/securityPolicies/{securityPolicy}/patchRule",
+          "request": {
+            "$ref": "SecurityPolicyRule"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "removeRule": {
+          "description": "Deletes a rule at the specified priority.",
+          "httpMethod": "POST",
+          "id": "compute.securityPolicies.removeRule",
+          "parameterOrder": [
+            "project",
+            "securityPolicy"
+          ],
+          "parameters": {
+            "priority": {
+              "description": "The priority of the rule to remove from the security policy.",
+              "format": "int32",
+              "location": "query",
+              "type": "integer"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "securityPolicy": {
+              "description": "Name of the security policy to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/securityPolicies/{securityPolicy}/removeRule",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.securityPolicies.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/securityPolicies/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "SubnetworksSetPrivateIpGoogleAccessRequest": {
-   "id": "SubnetworksSetPrivateIpGoogleAccessRequest",
-   "type": "object",
-   "properties": {
-    "privateIpGoogleAccess": {
-     "type": "boolean"
-    }
-   }
-  },
-  "TCPHealthCheck": {
-   "id": "TCPHealthCheck",
-   "type": "object",
-   "properties": {
-    "port": {
-     "type": "integer",
-     "description": "The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.",
-     "format": "int32"
-    },
-    "portName": {
-     "type": "string",
-     "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence."
-    },
-    "portSpecification": {
-     "type": "string",
-     "description": "Specifies how port is selected for health checking, can be one of following values:\nUSE_FIXED_PORT: The port number in\nport\nis used for health checking.\nUSE_NAMED_PORT: The\nportName\nis used for health checking.\nUSE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.\n\n\nIf not specified, TCP health check follows behavior specified in\nport\nand\nportName\nfields.",
-     "enum": [
-      "USE_FIXED_PORT",
-      "USE_NAMED_PORT",
-      "USE_SERVING_PORT"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "proxyHeader": {
-     "type": "string",
-     "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "request": {
-     "type": "string",
-     "description": "The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII."
-    },
-    "response": {
-     "type": "string",
-     "description": "The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII."
-    }
-   }
-  },
-  "Tags": {
-   "id": "Tags",
-   "type": "object",
-   "description": "A set of instance tags.",
-   "properties": {
-    "fingerprint": {
-     "type": "string",
-     "description": "Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.\n\nTo see the latest fingerprint, make get() request to the instance.",
-     "format": "byte"
-    },
-    "items": {
-     "type": "array",
-     "description": "An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "TargetHttpProxy": {
-   "id": "TargetHttpProxy",
-   "type": "object",
-   "description": "A TargetHttpProxy resource. This resource defines an HTTP proxy. (== resource_for beta.targetHttpProxies ==) (== resource_for v1.targetHttpProxies ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.",
-     "default": "compute#targetHttpProxy"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "urlMap": {
-     "type": "string",
-     "description": "URL to the UrlMap resource that defines the mapping from URL to the BackendService."
-    }
-   }
-  },
-  "TargetHttpProxyList": {
-   "id": "TargetHttpProxyList",
-   "type": "object",
-   "description": "A list of TargetHttpProxy resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetHttpProxy resources.",
-     "items": {
-      "$ref": "TargetHttpProxy"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource. Always compute#targetHttpProxyList for lists of target HTTP proxies.",
-     "default": "compute#targetHttpProxyList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "snapshots": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified Snapshot resource. Keep in mind that deleting a single snapshot might not necessarily delete all the data on that snapshot. If any data on the snapshot that is marked for deletion is needed for subsequent snapshots, the data will be moved to the next corresponding snapshot.\n\nFor more information, see Deleting snaphots.",
+          "httpMethod": "DELETE",
+          "id": "compute.snapshots.delete",
+          "parameterOrder": [
+            "project",
+            "snapshot"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "snapshot": {
+              "description": "Name of the Snapshot resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/snapshots/{snapshot}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified Snapshot resource. Get a list of available snapshots by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.snapshots.get",
+          "parameterOrder": [
+            "project",
+            "snapshot"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "snapshot": {
+              "description": "Name of the Snapshot resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/snapshots/{snapshot}",
+          "response": {
+            "$ref": "Snapshot"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getIamPolicy": {
+          "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
+          "httpMethod": "GET",
+          "id": "compute.snapshots.getIamPolicy",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/snapshots/{resource}/getIamPolicy",
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of Snapshot resources contained within the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.snapshots.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/snapshots",
+          "response": {
+            "$ref": "SnapshotList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setIamPolicy": {
+          "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
+          "httpMethod": "POST",
+          "id": "compute.snapshots.setIamPolicy",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/snapshots/{resource}/setIamPolicy",
+          "request": {
+            "$ref": "Policy"
+          },
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on a snapshot. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.snapshots.setLabels",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/snapshots/{resource}/setLabels",
+          "request": {
+            "$ref": "GlobalSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.snapshots.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/snapshots/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "TargetHttpsProxiesSetQuicOverrideRequest": {
-   "id": "TargetHttpsProxiesSetQuicOverrideRequest",
-   "type": "object",
-   "properties": {
-    "quicOverride": {
-     "type": "string",
-     "description": "QUIC policy for the TargetHttpsProxy resource.",
-     "enum": [
-      "DISABLE",
-      "ENABLE",
-      "NONE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "TargetHttpsProxiesSetSslCertificatesRequest": {
-   "id": "TargetHttpsProxiesSetSslCertificatesRequest",
-   "type": "object",
-   "properties": {
-    "sslCertificates": {
-     "type": "array",
-     "description": "New set of SslCertificate resources to associate with this TargetHttpsProxy resource. Currently exactly one SslCertificate resource must be specified.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "TargetHttpsProxy": {
-   "id": "TargetHttpsProxy",
-   "type": "object",
-   "description": "A TargetHttpsProxy resource. This resource defines an HTTPS proxy. (== resource_for beta.targetHttpsProxies ==) (== resource_for v1.targetHttpsProxies ==)",
-   "properties": {
-    "clientSslPolicy": {
-     "type": "string",
-     "description": "URL to ClientSslPolicy resource which controls the set of allowed SSL versions and ciphers."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.",
-     "default": "compute#targetHttpsProxy"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "quicOverride": {
-     "type": "string",
-     "description": "Specifies the QUIC override policy for this TargetHttpsProxy resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. Specify ENABLE to always enable QUIC, Enables QUIC when set to ENABLE, and disables QUIC when set to DISABLE. If NONE is specified, uses the QUIC policy with no user overrides, which is equivalent to DISABLE. Not specifying this field is equivalent to specifying NONE.",
-     "enum": [
-      "DISABLE",
-      "ENABLE",
-      "NONE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
     },
     "sslCertificates": {
-     "type": "array",
-     "description": "URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, exactly one SSL certificate must be specified.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "sslPolicy": {
-     "type": "string",
-     "description": "URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured."
-    },
-    "urlMap": {
-     "type": "string",
-     "description": "A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:  \n- https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map \n- projects/project/global/urlMaps/url-map \n- global/urlMaps/url-map"
-    }
-   }
-  },
-  "TargetHttpsProxyList": {
-   "id": "TargetHttpsProxyList",
-   "type": "object",
-   "description": "Contains a list of TargetHttpsProxy resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetHttpsProxy resources.",
-     "items": {
-      "$ref": "TargetHttpsProxy"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource. Always compute#targetHttpsProxyList for lists of target HTTPS proxies.",
-     "default": "compute#targetHttpsProxyList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetInstance": {
-   "id": "TargetInstance",
-   "type": "object",
-   "description": "A TargetInstance resource. This resource defines an endpoint instance that terminates traffic of certain protocols. (== resource_for beta.targetInstances ==) (== resource_for v1.targetInstances ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "instance": {
-     "type": "string",
-     "description": "A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs: \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance \n- projects/project/zones/zone/instances/instance \n- zones/zone/instances/instance"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The type of the resource. Always compute#targetInstance for target instances.",
-     "default": "compute#targetInstance"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "natPolicy": {
-     "type": "string",
-     "description": "NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported.",
-     "enum": [
-      "NO_NAT"
-     ],
-     "enumDescriptions": [
-      ""
-     ]
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] URL of the zone where the target instance resides."
-    }
-   }
-  },
-  "TargetInstanceAggregatedList": {
-   "id": "TargetInstanceAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of TargetInstance resources.",
-     "additionalProperties": {
-      "$ref": "TargetInstancesScopedList",
-      "description": "Name of the scope containing this set of target instances."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#targetInstanceAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetInstanceList": {
-   "id": "TargetInstanceList",
-   "type": "object",
-   "description": "Contains a list of TargetInstance resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetInstance resources.",
-     "items": {
-      "$ref": "TargetInstance"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#targetInstanceList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetInstancesScopedList": {
-   "id": "TargetInstancesScopedList",
-   "type": "object",
-   "properties": {
-    "targetInstances": {
-     "type": "array",
-     "description": "List of target instances contained in this scope.",
-     "items": {
-      "$ref": "TargetInstance"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of addresses when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified SslCertificate resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.sslCertificates.delete",
+          "parameterOrder": [
+            "project",
+            "sslCertificate"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "sslCertificate": {
+              "description": "Name of the SslCertificate resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslCertificates/{sslCertificate}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified SslCertificate resource. Get a list of available SSL certificates by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.sslCertificates.get",
+          "parameterOrder": [
+            "project",
+            "sslCertificate"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "sslCertificate": {
+              "description": "Name of the SslCertificate resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslCertificates/{sslCertificate}",
+          "response": {
+            "$ref": "SslCertificate"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a SslCertificate resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.sslCertificates.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslCertificates",
+          "request": {
+            "$ref": "SslCertificate"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of SslCertificate resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.sslCertificates.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslCertificates",
+          "response": {
+            "$ref": "SslCertificateList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.sslCertificates.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslCertificates/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "TargetPool": {
-   "id": "TargetPool",
-   "type": "object",
-   "description": "A TargetPool resource. This resource defines a pool of instances, an associated HttpHealthCheck resource, and the fallback target pool. (== resource_for beta.targetPools ==) (== resource_for v1.targetPools ==)",
-   "properties": {
-    "backupPool": {
-     "type": "string",
-     "description": "This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1].\n\nbackupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool.\n\nIn case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the \"force\" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "failoverRatio": {
-     "type": "number",
-     "description": "This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1].\n\nIf set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool.\n\nIn case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the \"force\" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.",
-     "format": "float"
-    },
-    "healthChecks": {
-     "type": "array",
-     "description": "The URL of the HttpHealthCheck resource. A member instance in this pool is considered healthy if and only if the health checks pass. An empty list means all member instances will be considered healthy at all times. Only HttpHealthChecks are supported. Only one health check may be specified.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
     },
-    "instances": {
-     "type": "array",
-     "description": "A list of resource URLs to the virtual machine instances serving this pool. They must live in zones contained in the same region as this pool.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#targetPool for target pools.",
-     "default": "compute#targetPool"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the target pool resides."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sessionAffinity": {
-     "type": "string",
-     "description": "Sesssion affinity option, must be one of the following values:\nNONE: Connections from the same client IP may go to any instance in the pool.\nCLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy.\nCLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.",
-     "enum": [
-      "CLIENT_IP",
-      "CLIENT_IP_PORT_PROTO",
-      "CLIENT_IP_PROTO",
-      "GENERATED_COOKIE",
-      "NONE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "TargetPoolAggregatedList": {
-   "id": "TargetPoolAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of TargetPool resources.",
-     "additionalProperties": {
-      "$ref": "TargetPoolsScopedList",
-      "description": "Name of the scope containing this set of target pools."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetPoolAggregatedList for aggregated lists of target pools.",
-     "default": "compute#targetPoolAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "sslPolicies": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified SSL policy. The SSL policy resource can be deleted only if it is not in use by any TargetHttpsProxy or TargetSslProxy resources.",
+          "httpMethod": "DELETE",
+          "id": "compute.sslPolicies.delete",
+          "parameterOrder": [
+            "project",
+            "sslPolicy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "sslPolicy": {
+              "description": "Name of the SSL policy to delete. The name must be 1-63 characters long, and comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslPolicies/{sslPolicy}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "List all of the ordered rules present in a single specified policy.",
+          "httpMethod": "GET",
+          "id": "compute.sslPolicies.get",
+          "parameterOrder": [
+            "project",
+            "sslPolicy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "sslPolicy": {
+              "description": "Name of the SSL policy to update. The name must be 1-63 characters long, and comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslPolicies/{sslPolicy}",
+          "response": {
+            "$ref": "SslPolicy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Returns the specified SSL policy resource. Get a list of available SSL policies by making a list() request.",
+          "httpMethod": "POST",
+          "id": "compute.sslPolicies.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslPolicies",
+          "request": {
+            "$ref": "SslPolicy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "List all the SSL policies that have been configured for the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.sslPolicies.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslPolicies",
+          "response": {
+            "$ref": "SslPoliciesList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listAvailableFeatures": {
+          "description": "Lists all features that can be specified in the SSL policy when using custom profile.",
+          "httpMethod": "GET",
+          "id": "compute.sslPolicies.listAvailableFeatures",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslPolicies/listAvailableFeatures",
+          "response": {
+            "$ref": "SslPoliciesListAvailableFeaturesResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Patches the specified SSL policy with the data included in the request.",
+          "httpMethod": "PATCH",
+          "id": "compute.sslPolicies.patch",
+          "parameterOrder": [
+            "project",
+            "sslPolicy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "sslPolicy": {
+              "description": "Name of the SSL policy to update. The name must be 1-63 characters long, and comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslPolicies/{sslPolicy}",
+          "request": {
+            "$ref": "SslPolicy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.sslPolicies.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslPolicies/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "TargetPoolInstanceHealth": {
-   "id": "TargetPoolInstanceHealth",
-   "type": "object",
-   "properties": {
-    "healthStatus": {
-     "type": "array",
-     "items": {
-      "$ref": "HealthStatus"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetPoolInstanceHealth when checking the health of an instance.",
-     "default": "compute#targetPoolInstanceHealth"
-    }
-   }
-  },
-  "TargetPoolList": {
-   "id": "TargetPoolList",
-   "type": "object",
-   "description": "Contains a list of TargetPool resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetPool resources.",
-     "items": {
-      "$ref": "TargetPool"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetPoolList for lists of target pools.",
-     "default": "compute#targetPoolList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "subnetworks": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of subnetworks.",
+          "httpMethod": "GET",
+          "id": "compute.subnetworks.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/subnetworks",
+          "response": {
+            "$ref": "SubnetworkAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified subnetwork.",
+          "httpMethod": "DELETE",
+          "id": "compute.subnetworks.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "subnetwork"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "subnetwork": {
+              "description": "Name of the Subnetwork resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{subnetwork}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "expandIpCidrRange": {
+          "description": "Expands the IP CIDR range of the subnetwork to a specified value.",
+          "httpMethod": "POST",
+          "id": "compute.subnetworks.expandIpCidrRange",
+          "parameterOrder": [
+            "project",
+            "region",
+            "subnetwork"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "subnetwork": {
+              "description": "Name of the Subnetwork resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{subnetwork}/expandIpCidrRange",
+          "request": {
+            "$ref": "SubnetworksExpandIpCidrRangeRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified subnetwork. Get a list of available subnetworks list() request.",
+          "httpMethod": "GET",
+          "id": "compute.subnetworks.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "subnetwork"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "subnetwork": {
+              "description": "Name of the Subnetwork resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{subnetwork}",
+          "response": {
+            "$ref": "Subnetwork"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getIamPolicy": {
+          "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
+          "httpMethod": "GET",
+          "id": "compute.subnetworks.getIamPolicy",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{resource}/getIamPolicy",
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a subnetwork in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.subnetworks.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks",
+          "request": {
+            "$ref": "Subnetwork"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of subnetworks available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.subnetworks.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks",
+          "response": {
+            "$ref": "SubnetworkList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listUsable": {
+          "description": "Retrieves an aggregated list of usable subnetworks.",
+          "httpMethod": "GET",
+          "id": "compute.subnetworks.listUsable",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/subnetworks/listUsable",
+          "response": {
+            "$ref": "UsableSubnetworksAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Patches the specified subnetwork with the data included in the request. Only the following fields within the subnetwork resource can be specified in the request: secondary_ip_range and allow_subnet_cidr_routes_overlap. It is also mandatory to specify the current fingeprint of the subnetwork resource being patched.",
+          "httpMethod": "PATCH",
+          "id": "compute.subnetworks.patch",
+          "parameterOrder": [
+            "project",
+            "region",
+            "subnetwork"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "subnetwork": {
+              "description": "Name of the Subnetwork resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{subnetwork}",
+          "request": {
+            "$ref": "Subnetwork"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setIamPolicy": {
+          "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
+          "httpMethod": "POST",
+          "id": "compute.subnetworks.setIamPolicy",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{resource}/setIamPolicy",
+          "request": {
+            "$ref": "Policy"
+          },
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setPrivateIpGoogleAccess": {
+          "description": "Set whether VMs in this subnet can access Google services without assigning external IP addresses through Private Google Access.",
+          "httpMethod": "POST",
+          "id": "compute.subnetworks.setPrivateIpGoogleAccess",
+          "parameterOrder": [
+            "project",
+            "region",
+            "subnetwork"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "subnetwork": {
+              "description": "Name of the Subnetwork resource.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{subnetwork}/setPrivateIpGoogleAccess",
+          "request": {
+            "$ref": "SubnetworksSetPrivateIpGoogleAccessRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.subnetworks.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "TargetPoolsAddHealthCheckRequest": {
-   "id": "TargetPoolsAddHealthCheckRequest",
-   "type": "object",
-   "properties": {
-    "healthChecks": {
-     "type": "array",
-     "description": "The HttpHealthCheck to add to the target pool.",
-     "items": {
-      "$ref": "HealthCheckReference"
-     }
-    }
-   }
-  },
-  "TargetPoolsAddInstanceRequest": {
-   "id": "TargetPoolsAddInstanceRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "A full or partial URL to an instance to add to this target pool. This can be a full or partial URL. For example, the following are valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/project-id/zones/zone/instances/instance-name \n- projects/project-id/zones/zone/instances/instance-name \n- zones/zone/instances/instance-name",
-     "items": {
-      "$ref": "InstanceReference"
-     }
-    }
-   }
-  },
-  "TargetPoolsRemoveHealthCheckRequest": {
-   "id": "TargetPoolsRemoveHealthCheckRequest",
-   "type": "object",
-   "properties": {
-    "healthChecks": {
-     "type": "array",
-     "description": "Health check URL to be removed. This can be a full or valid partial URL. For example, the following are valid URLs:  \n- https://www.googleapis.com/compute/beta/projects/project/global/httpHealthChecks/health-check \n- projects/project/global/httpHealthChecks/health-check \n- global/httpHealthChecks/health-check",
-     "items": {
-      "$ref": "HealthCheckReference"
-     }
-    }
-   }
-  },
-  "TargetPoolsRemoveInstanceRequest": {
-   "id": "TargetPoolsRemoveInstanceRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "URLs of the instances to be removed from target pool.",
-     "items": {
-      "$ref": "InstanceReference"
-     }
-    }
-   }
-  },
-  "TargetPoolsScopedList": {
-   "id": "TargetPoolsScopedList",
-   "type": "object",
-   "properties": {
-    "targetPools": {
-     "type": "array",
-     "description": "List of target pools contained in this scope.",
-     "items": {
-      "$ref": "TargetPool"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of addresses when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "targetHttpProxies": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified TargetHttpProxy resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetHttpProxies.delete",
+          "parameterOrder": [
+            "project",
+            "targetHttpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetHttpProxy": {
+              "description": "Name of the TargetHttpProxy resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpProxies/{targetHttpProxy}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified TargetHttpProxy resource. Get a list of available target HTTP proxies by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetHttpProxies.get",
+          "parameterOrder": [
+            "project",
+            "targetHttpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "targetHttpProxy": {
+              "description": "Name of the TargetHttpProxy resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpProxies/{targetHttpProxy}",
+          "response": {
+            "$ref": "TargetHttpProxy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a TargetHttpProxy resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpProxies.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpProxies",
+          "request": {
+            "$ref": "TargetHttpProxy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of TargetHttpProxy resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.targetHttpProxies.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpProxies",
+          "response": {
+            "$ref": "TargetHttpProxyList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setUrlMap": {
+          "description": "Changes the URL map for TargetHttpProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpProxies.setUrlMap",
+          "parameterOrder": [
+            "project",
+            "targetHttpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetHttpProxy": {
+              "description": "Name of the TargetHttpProxy to set a URL map for.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/targetHttpProxies/{targetHttpProxy}/setUrlMap",
+          "request": {
+            "$ref": "UrlMapReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpProxies.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpProxies/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "TargetReference": {
-   "id": "TargetReference",
-   "type": "object",
-   "properties": {
-    "target": {
-     "type": "string"
-    }
-   }
-  },
-  "TargetSslProxiesSetBackendServiceRequest": {
-   "id": "TargetSslProxiesSetBackendServiceRequest",
-   "type": "object",
-   "properties": {
-    "service": {
-     "type": "string",
-     "description": "The URL of the new BackendService resource for the targetSslProxy."
-    }
-   }
-  },
-  "TargetSslProxiesSetProxyHeaderRequest": {
-   "id": "TargetSslProxiesSetProxyHeaderRequest",
-   "type": "object",
-   "properties": {
-    "proxyHeader": {
-     "type": "string",
-     "description": "The new type of proxy header to append before sending data to the backend. NONE or PROXY_V1 are allowed.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "TargetSslProxiesSetSslCertificatesRequest": {
-   "id": "TargetSslProxiesSetSslCertificatesRequest",
-   "type": "object",
-   "properties": {
-    "sslCertificates": {
-     "type": "array",
-     "description": "New set of URLs to SslCertificate resources to associate with this TargetSslProxy. Currently exactly one ssl certificate must be specified.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "TargetSslProxy": {
-   "id": "TargetSslProxy",
-   "type": "object",
-   "description": "A TargetSslProxy resource. This resource defines an SSL proxy. (== resource_for beta.targetSslProxies ==) (== resource_for v1.targetSslProxies ==)",
-   "properties": {
-    "clientSslPolicy": {
-     "type": "string",
-     "description": "URL to ClientSslPolicy resource which controls the set of allowed SSL versions and ciphers."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#targetSslProxy for target SSL proxies.",
-     "default": "compute#targetSslProxy"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "proxyHeader": {
-     "type": "string",
-     "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "service": {
-     "type": "string",
-     "description": "URL to the BackendService resource."
     },
-    "sslCertificates": {
-     "type": "array",
-     "description": "URLs to SslCertificate resources that are used to authenticate connections to Backends. Currently exactly one SSL certificate must be specified.",
-     "items": {
-      "type": "string"
-     }
+    "targetHttpsProxies": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified TargetHttpsProxy resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetHttpsProxies.delete",
+          "parameterOrder": [
+            "project",
+            "targetHttpsProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetHttpsProxy": {
+              "description": "Name of the TargetHttpsProxy resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified TargetHttpsProxy resource. Get a list of available target HTTPS proxies by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetHttpsProxies.get",
+          "parameterOrder": [
+            "project",
+            "targetHttpsProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "targetHttpsProxy": {
+              "description": "Name of the TargetHttpsProxy resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}",
+          "response": {
+            "$ref": "TargetHttpsProxy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a TargetHttpsProxy resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpsProxies.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpsProxies",
+          "request": {
+            "$ref": "TargetHttpsProxy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of TargetHttpsProxy resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.targetHttpsProxies.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpsProxies",
+          "response": {
+            "$ref": "TargetHttpsProxyList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setQuicOverride": {
+          "description": "Sets the QUIC override policy for TargetHttpsProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpsProxies.setQuicOverride",
+          "parameterOrder": [
+            "project",
+            "targetHttpsProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetHttpsProxy": {
+              "description": "Name of the TargetHttpsProxy resource to set the QUIC override policy for. The name should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}/setQuicOverride",
+          "request": {
+            "$ref": "TargetHttpsProxiesSetQuicOverrideRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setSslCertificates": {
+          "description": "Replaces SslCertificates for TargetHttpsProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpsProxies.setSslCertificates",
+          "parameterOrder": [
+            "project",
+            "targetHttpsProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetHttpsProxy": {
+              "description": "Name of the TargetHttpsProxy resource to set an SslCertificates resource for.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/targetHttpsProxies/{targetHttpsProxy}/setSslCertificates",
+          "request": {
+            "$ref": "TargetHttpsProxiesSetSslCertificatesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setSslPolicy": {
+          "description": "Sets the SSL policy for TargetHttpsProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the HTTPS proxy load balancer. They do not affect the connection between the load balancer and the backends.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpsProxies.setSslPolicy",
+          "parameterOrder": [
+            "project",
+            "targetHttpsProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetHttpsProxy": {
+              "description": "Name of the TargetHttpsProxy resource whose SSL policy is to be set. The name must be 1-63 characters long, and comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}/setSslPolicy",
+          "request": {
+            "$ref": "SslPolicyReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setUrlMap": {
+          "description": "Changes the URL map for TargetHttpsProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpsProxies.setUrlMap",
+          "parameterOrder": [
+            "project",
+            "targetHttpsProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetHttpsProxy": {
+              "description": "Name of the TargetHttpsProxy resource whose URL map is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/targetHttpsProxies/{targetHttpsProxy}/setUrlMap",
+          "request": {
+            "$ref": "UrlMapReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpsProxies.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpsProxies/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
+      }
     },
-    "sslPolicy": {
-     "type": "string",
-     "description": "URL of SslPolicy resource that will be associated with the TargetSslProxy resource. If not set, the TargetSslProxy resource will not have any SSL policy configured."
-    }
-   }
-  },
-  "TargetSslProxyList": {
-   "id": "TargetSslProxyList",
-   "type": "object",
-   "description": "Contains a list of TargetSslProxy resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetSslProxy resources.",
-     "items": {
-      "$ref": "TargetSslProxy"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#targetSslProxyList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "targetInstances": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of target instances.",
+          "httpMethod": "GET",
+          "id": "compute.targetInstances.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/targetInstances",
+          "response": {
+            "$ref": "TargetInstanceAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified TargetInstance resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetInstances.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "targetInstance"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetInstance": {
+              "description": "Name of the TargetInstance resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/targetInstances/{targetInstance}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified TargetInstance resource. Get a list of available target instances by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetInstances.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "targetInstance"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "targetInstance": {
+              "description": "Name of the TargetInstance resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/targetInstances/{targetInstance}",
+          "response": {
+            "$ref": "TargetInstance"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a TargetInstance resource in the specified project and zone using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetInstances.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/targetInstances",
+          "request": {
+            "$ref": "TargetInstance"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of TargetInstance resources available to the specified project and zone.",
+          "httpMethod": "GET",
+          "id": "compute.targetInstances.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/targetInstances",
+          "response": {
+            "$ref": "TargetInstanceList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.targetInstances.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/targetInstances/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "TargetTcpProxiesSetBackendServiceRequest": {
-   "id": "TargetTcpProxiesSetBackendServiceRequest",
-   "type": "object",
-   "properties": {
-    "service": {
-     "type": "string",
-     "description": "The URL of the new BackendService resource for the targetTcpProxy."
-    }
-   }
-  },
-  "TargetTcpProxiesSetProxyHeaderRequest": {
-   "id": "TargetTcpProxiesSetProxyHeaderRequest",
-   "type": "object",
-   "properties": {
-    "proxyHeader": {
-     "type": "string",
-     "description": "The new type of proxy header to append before sending data to the backend. NONE or PROXY_V1 are allowed.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "TargetTcpProxy": {
-   "id": "TargetTcpProxy",
-   "type": "object",
-   "description": "A TargetTcpProxy resource. This resource defines a TCP proxy. (== resource_for beta.targetTcpProxies ==) (== resource_for v1.targetTcpProxies ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#targetTcpProxy for target TCP proxies.",
-     "default": "compute#targetTcpProxy"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "proxyHeader": {
-     "type": "string",
-     "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "service": {
-     "type": "string",
-     "description": "URL to the BackendService resource."
-    }
-   }
-  },
-  "TargetTcpProxyList": {
-   "id": "TargetTcpProxyList",
-   "type": "object",
-   "description": "Contains a list of TargetTcpProxy resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetTcpProxy resources.",
-     "items": {
-      "$ref": "TargetTcpProxy"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#targetTcpProxyList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "targetPools": {
+      "methods": {
+        "addHealthCheck": {
+          "description": "Adds health check URLs to a target pool.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.addHealthCheck",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the target pool to add a health check to.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}/addHealthCheck",
+          "request": {
+            "$ref": "TargetPoolsAddHealthCheckRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "addInstance": {
+          "description": "Adds an instance to a target pool.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.addInstance",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the TargetPool resource to add instances to.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}/addInstance",
+          "request": {
+            "$ref": "TargetPoolsAddInstanceRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of target pools.",
+          "httpMethod": "GET",
+          "id": "compute.targetPools.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/targetPools",
+          "response": {
+            "$ref": "TargetPoolAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified target pool.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetPools.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the TargetPool resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified target pool. Get a list of available target pools by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetPools.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the TargetPool resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}",
+          "response": {
+            "$ref": "TargetPool"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getHealth": {
+          "description": "Gets the most recent health check results for each IP for the instance that is referenced by the given target pool.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.getHealth",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the TargetPool resource to which the queried instance belongs.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}/getHealth",
+          "request": {
+            "$ref": "InstanceReference"
+          },
+          "response": {
+            "$ref": "TargetPoolInstanceHealth"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a target pool in the specified project and region using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools",
+          "request": {
+            "$ref": "TargetPool"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of target pools available to the specified project and region.",
+          "httpMethod": "GET",
+          "id": "compute.targetPools.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools",
+          "response": {
+            "$ref": "TargetPoolList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "removeHealthCheck": {
+          "description": "Removes health check URL from a target pool.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.removeHealthCheck",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the target pool to remove health checks from.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}/removeHealthCheck",
+          "request": {
+            "$ref": "TargetPoolsRemoveHealthCheckRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "removeInstance": {
+          "description": "Removes instance URL from a target pool.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.removeInstance",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the TargetPool resource to remove instances from.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}/removeInstance",
+          "request": {
+            "$ref": "TargetPoolsRemoveInstanceRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setBackup": {
+          "description": "Changes a backup target pool's configurations.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.setBackup",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "failoverRatio": {
+              "description": "New failoverRatio value for the target pool.",
+              "format": "float",
+              "location": "query",
+              "type": "number"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the TargetPool resource to set a backup pool for.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}/setBackup",
+          "request": {
+            "$ref": "TargetReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "TargetVpnGateway": {
-   "id": "TargetVpnGateway",
-   "type": "object",
-   "description": "Represents a Target VPN gateway resource. (== resource_for beta.targetVpnGateways ==) (== resource_for v1.targetVpnGateways ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
     },
-    "forwardingRules": {
-     "type": "array",
-     "description": "[Output Only] A list of URLs to the ForwardingRule resources. ForwardingRules are created using compute.forwardingRules.insert and associated to a VPN gateway.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.",
-     "default": "compute#targetVpnGateway"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an TargetVpnGateway.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this TargetVpnGateway resource. These can be later modified by the setLabels method. Each label key/value must comply with RFC1035. Label values may be empty.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.targetVpnGateways.insert"
-      ]
-     }
-    },
-    "network": {
-     "type": "string",
-     "description": "URL of the network to which this VPN gateway is attached. Provided by the client when the VPN gateway is created.",
-     "annotations": {
-      "required": [
-       "compute.targetVpnGateways.insert"
-      ]
-     }
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the target VPN gateway resides."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the VPN gateway.",
-     "enum": [
-      "CREATING",
-      "DELETING",
-      "FAILED",
-      "READY"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "tunnels": {
-     "type": "array",
-     "description": "[Output Only] A list of URLs to VpnTunnel resources. VpnTunnels are created using compute.vpntunnels.insert method and associated to a VPN gateway.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "TargetVpnGatewayAggregatedList": {
-   "id": "TargetVpnGatewayAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of TargetVpnGateway resources.",
-     "additionalProperties": {
-      "$ref": "TargetVpnGatewaysScopedList",
-      "description": "[Output Only] Name of the scope containing this set of target VPN gateways."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.",
-     "default": "compute#targetVpnGatewayAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "targetSslProxies": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified TargetSslProxy resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetSslProxies.delete",
+          "parameterOrder": [
+            "project",
+            "targetSslProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetSslProxy": {
+              "description": "Name of the TargetSslProxy resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies/{targetSslProxy}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified TargetSslProxy resource. Get a list of available target SSL proxies by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetSslProxies.get",
+          "parameterOrder": [
+            "project",
+            "targetSslProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "targetSslProxy": {
+              "description": "Name of the TargetSslProxy resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies/{targetSslProxy}",
+          "response": {
+            "$ref": "TargetSslProxy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a TargetSslProxy resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetSslProxies.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies",
+          "request": {
+            "$ref": "TargetSslProxy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of TargetSslProxy resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.targetSslProxies.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies",
+          "response": {
+            "$ref": "TargetSslProxyList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setBackendService": {
+          "description": "Changes the BackendService for TargetSslProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetSslProxies.setBackendService",
+          "parameterOrder": [
+            "project",
+            "targetSslProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetSslProxy": {
+              "description": "Name of the TargetSslProxy resource whose BackendService resource is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies/{targetSslProxy}/setBackendService",
+          "request": {
+            "$ref": "TargetSslProxiesSetBackendServiceRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setProxyHeader": {
+          "description": "Changes the ProxyHeaderType for TargetSslProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetSslProxies.setProxyHeader",
+          "parameterOrder": [
+            "project",
+            "targetSslProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetSslProxy": {
+              "description": "Name of the TargetSslProxy resource whose ProxyHeader is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies/{targetSslProxy}/setProxyHeader",
+          "request": {
+            "$ref": "TargetSslProxiesSetProxyHeaderRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setSslCertificates": {
+          "description": "Changes SslCertificates for TargetSslProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetSslProxies.setSslCertificates",
+          "parameterOrder": [
+            "project",
+            "targetSslProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetSslProxy": {
+              "description": "Name of the TargetSslProxy resource whose SslCertificate resource is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies/{targetSslProxy}/setSslCertificates",
+          "request": {
+            "$ref": "TargetSslProxiesSetSslCertificatesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setSslPolicy": {
+          "description": "Sets the SSL policy for TargetSslProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the SSL proxy load balancer. They do not affect the connection between the load balancer and the backends.",
+          "httpMethod": "POST",
+          "id": "compute.targetSslProxies.setSslPolicy",
+          "parameterOrder": [
+            "project",
+            "targetSslProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetSslProxy": {
+              "description": "Name of the TargetSslProxy resource whose SSL policy is to be set. The name must be 1-63 characters long, and comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies/{targetSslProxy}/setSslPolicy",
+          "request": {
+            "$ref": "SslPolicyReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.targetSslProxies.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "TargetVpnGatewayList": {
-   "id": "TargetVpnGatewayList",
-   "type": "object",
-   "description": "Contains a list of TargetVpnGateway resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetVpnGateway resources.",
-     "items": {
-      "$ref": "TargetVpnGateway"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.",
-     "default": "compute#targetVpnGatewayList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "targetTcpProxies": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified TargetTcpProxy resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetTcpProxies.delete",
+          "parameterOrder": [
+            "project",
+            "targetTcpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetTcpProxy": {
+              "description": "Name of the TargetTcpProxy resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetTcpProxies/{targetTcpProxy}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified TargetTcpProxy resource. Get a list of available target TCP proxies by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetTcpProxies.get",
+          "parameterOrder": [
+            "project",
+            "targetTcpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "targetTcpProxy": {
+              "description": "Name of the TargetTcpProxy resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetTcpProxies/{targetTcpProxy}",
+          "response": {
+            "$ref": "TargetTcpProxy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a TargetTcpProxy resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetTcpProxies.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetTcpProxies",
+          "request": {
+            "$ref": "TargetTcpProxy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of TargetTcpProxy resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.targetTcpProxies.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetTcpProxies",
+          "response": {
+            "$ref": "TargetTcpProxyList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setBackendService": {
+          "description": "Changes the BackendService for TargetTcpProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetTcpProxies.setBackendService",
+          "parameterOrder": [
+            "project",
+            "targetTcpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetTcpProxy": {
+              "description": "Name of the TargetTcpProxy resource whose BackendService resource is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetTcpProxies/{targetTcpProxy}/setBackendService",
+          "request": {
+            "$ref": "TargetTcpProxiesSetBackendServiceRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setProxyHeader": {
+          "description": "Changes the ProxyHeaderType for TargetTcpProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetTcpProxies.setProxyHeader",
+          "parameterOrder": [
+            "project",
+            "targetTcpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetTcpProxy": {
+              "description": "Name of the TargetTcpProxy resource whose ProxyHeader is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetTcpProxies/{targetTcpProxy}/setProxyHeader",
+          "request": {
+            "$ref": "TargetTcpProxiesSetProxyHeaderRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.targetTcpProxies.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetTcpProxies/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "TargetVpnGatewaysScopedList": {
-   "id": "TargetVpnGatewaysScopedList",
-   "type": "object",
-   "properties": {
+    },
     "targetVpnGateways": {
-     "type": "array",
-     "description": "[Output Only] List of target vpn gateways contained in this scope.",
-     "items": {
-      "$ref": "TargetVpnGateway"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of addresses when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of target VPN gateways.",
+          "httpMethod": "GET",
+          "id": "compute.targetVpnGateways.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/targetVpnGateways",
+          "response": {
+            "$ref": "TargetVpnGatewayAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified target VPN gateway.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetVpnGateways.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetVpnGateway"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetVpnGateway": {
+              "description": "Name of the target VPN gateway to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetVpnGateways/{targetVpnGateway}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified target VPN gateway. Get a list of available target VPN gateways by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetVpnGateways.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetVpnGateway"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "targetVpnGateway": {
+              "description": "Name of the target VPN gateway to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetVpnGateways/{targetVpnGateway}",
+          "response": {
+            "$ref": "TargetVpnGateway"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a target VPN gateway in the specified project and region using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetVpnGateways.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetVpnGateways",
+          "request": {
+            "$ref": "TargetVpnGateway"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of target VPN gateways available to the specified project and region.",
+          "httpMethod": "GET",
+          "id": "compute.targetVpnGateways.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetVpnGateways",
+          "response": {
+            "$ref": "TargetVpnGatewayList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on a TargetVpnGateway. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.targetVpnGateways.setLabels",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetVpnGateways/{resource}/setLabels",
+          "request": {
+            "$ref": "RegionSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.targetVpnGateways.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetVpnGateways/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "TestFailure": {
-   "id": "TestFailure",
-   "type": "object",
-   "properties": {
-    "actualService": {
-     "type": "string"
     },
-    "expectedService": {
-     "type": "string"
-    },
-    "host": {
-     "type": "string"
-    },
-    "path": {
-     "type": "string"
-    }
-   }
-  },
-  "TestPermissionsRequest": {
-   "id": "TestPermissionsRequest",
-   "type": "object",
-   "properties": {
-    "permissions": {
-     "type": "array",
-     "description": "The set of permissions to check for the 'resource'. Permissions with wildcards (such as '*' or 'storage.*') are not allowed.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "TestPermissionsResponse": {
-   "id": "TestPermissionsResponse",
-   "type": "object",
-   "properties": {
-    "permissions": {
-     "type": "array",
-     "description": "A subset of `TestPermissionsRequest.permissions` that the caller is allowed.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "UDPHealthCheck": {
-   "id": "UDPHealthCheck",
-   "type": "object",
-   "properties": {
-    "port": {
-     "type": "integer",
-     "description": "The UDP port number for the health check request. Valid values are 1 through 65535.",
-     "format": "int32"
-    },
-    "portName": {
-     "type": "string",
-     "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence."
-    },
-    "request": {
-     "type": "string",
-     "description": "Raw data of request to send in payload of UDP packet. It is an error if this is empty. The request data can only be ASCII."
-    },
-    "response": {
-     "type": "string",
-     "description": "The bytes to match against the beginning of the response data. It is an error if this is empty. The response data can only be ASCII."
-    }
-   }
-  },
-  "UrlMap": {
-   "id": "UrlMap",
-   "type": "object",
-   "description": "A UrlMap resource. This resource defines the mapping from URL to the BackendService resource, based on the \"longest-match\" of the URL's host and path.",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "defaultService": {
-     "type": "string",
-     "description": "The URL of the BackendService resource if none of the hostRules match."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap.",
-     "format": "byte"
-    },
-    "hostRules": {
-     "type": "array",
-     "description": "The list of HostRules to use against the URL.",
-     "items": {
-      "$ref": "HostRule"
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#urlMaps for url maps.",
-     "default": "compute#urlMap"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "pathMatchers": {
-     "type": "array",
-     "description": "The list of named PathMatchers to use against the URL.",
-     "items": {
-      "$ref": "PathMatcher"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "tests": {
-     "type": "array",
-     "description": "The list of expected URL mappings. Request to update this UrlMap will succeed only if all of the test cases pass.",
-     "items": {
-      "$ref": "UrlMapTest"
-     }
-    }
-   }
-  },
-  "UrlMapList": {
-   "id": "UrlMapList",
-   "type": "object",
-   "description": "Contains a list of UrlMap resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of UrlMap resources.",
-     "items": {
-      "$ref": "UrlMap"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#urlMapList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "UrlMapReference": {
-   "id": "UrlMapReference",
-   "type": "object",
-   "properties": {
-    "urlMap": {
-     "type": "string"
-    }
-   }
-  },
-  "UrlMapTest": {
-   "id": "UrlMapTest",
-   "type": "object",
-   "description": "Message for the expected URL mappings.",
-   "properties": {
-    "description": {
-     "type": "string",
-     "description": "Description of this test case."
-    },
-    "host": {
-     "type": "string",
-     "description": "Host portion of the URL."
-    },
-    "path": {
-     "type": "string",
-     "description": "Path portion of the URL."
-    },
-    "service": {
-     "type": "string",
-     "description": "Expected BackendService resource the given URL should be mapped to."
-    }
-   }
-  },
-  "UrlMapValidationResult": {
-   "id": "UrlMapValidationResult",
-   "type": "object",
-   "description": "Message representing the validation result for a UrlMap.",
-   "properties": {
-    "loadErrors": {
-     "type": "array",
-     "items": {
-      "type": "string"
-     }
-    },
-    "loadSucceeded": {
-     "type": "boolean",
-     "description": "Whether the given UrlMap can be successfully loaded. If false, 'loadErrors' indicates the reasons."
-    },
-    "testFailures": {
-     "type": "array",
-     "items": {
-      "$ref": "TestFailure"
-     }
-    },
-    "testPassed": {
-     "type": "boolean",
-     "description": "If successfully loaded, this field indicates whether the test passed. If false, 'testFailures's indicate the reason of failure."
-    }
-   }
-  },
-  "UrlMapsValidateRequest": {
-   "id": "UrlMapsValidateRequest",
-   "type": "object",
-   "properties": {
-    "resource": {
-     "$ref": "UrlMap",
-     "description": "Content of the UrlMap to be validated."
-    }
-   }
-  },
-  "UrlMapsValidateResponse": {
-   "id": "UrlMapsValidateResponse",
-   "type": "object",
-   "properties": {
-    "result": {
-     "$ref": "UrlMapValidationResult"
-    }
-   }
-  },
-  "UsableSubnetwork": {
-   "id": "UsableSubnetwork",
-   "type": "object",
-   "description": "Subnetwork which the current user has compute.subnetworks.use permission on.",
-   "properties": {
-    "ipCidrRange": {
-     "type": "string",
-     "description": "The range of internal addresses that are owned by this subnetwork."
-    },
-    "network": {
-     "type": "string",
-     "description": "Network URL."
-    },
-    "subnetwork": {
-     "type": "string",
-     "description": "Subnetwork URL."
-    }
-   }
-  },
-  "UsableSubnetworksAggregatedList": {
-   "id": "UsableSubnetworksAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "[Output] A list of usable subnetwork URLs.",
-     "items": {
-      "$ref": "UsableSubnetwork"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#usableSubnetworksAggregatedList for aggregated lists of usable subnetworks.",
-     "default": "compute#usableSubnetworksAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "urlMaps": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified UrlMap resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.urlMaps.delete",
+          "parameterOrder": [
+            "project",
+            "urlMap"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "urlMap": {
+              "description": "Name of the UrlMap resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{urlMap}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified UrlMap resource. Get a list of available URL maps by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.urlMaps.get",
+          "parameterOrder": [
+            "project",
+            "urlMap"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "urlMap": {
+              "description": "Name of the UrlMap resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{urlMap}",
+          "response": {
+            "$ref": "UrlMap"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a UrlMap resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.urlMaps.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps",
+          "request": {
+            "$ref": "UrlMap"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "invalidateCache": {
+          "description": "Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap.",
+          "httpMethod": "POST",
+          "id": "compute.urlMaps.invalidateCache",
+          "parameterOrder": [
+            "project",
+            "urlMap"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "urlMap": {
+              "description": "Name of the UrlMap scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{urlMap}/invalidateCache",
+          "request": {
+            "$ref": "CacheInvalidationRule"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of UrlMap resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.urlMaps.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps",
+          "response": {
+            "$ref": "UrlMapList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Patches the specified UrlMap resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.urlMaps.patch",
+          "parameterOrder": [
+            "project",
+            "urlMap"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "urlMap": {
+              "description": "Name of the UrlMap resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{urlMap}",
+          "request": {
+            "$ref": "UrlMap"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.urlMaps.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates the specified UrlMap resource with the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.urlMaps.update",
+          "parameterOrder": [
+            "project",
+            "urlMap"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "urlMap": {
+              "description": "Name of the UrlMap resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{urlMap}",
+          "request": {
+            "$ref": "UrlMap"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "validate": {
+          "description": "Runs static validation for the UrlMap. In particular, the tests of the provided UrlMap will be run. Calling this method does NOT create the UrlMap.",
+          "httpMethod": "POST",
+          "id": "compute.urlMaps.validate",
+          "parameterOrder": [
+            "project",
+            "urlMap"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "urlMap": {
+              "description": "Name of the UrlMap resource to be validated as.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{urlMap}/validate",
+          "request": {
+            "$ref": "UrlMapsValidateRequest"
+          },
+          "response": {
+            "$ref": "UrlMapsValidateResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "UsageExportLocation": {
-   "id": "UsageExportLocation",
-   "type": "object",
-   "description": "The location in Cloud Storage and naming method of the daily usage report. Contains bucket_name and report_name prefix.",
-   "properties": {
-    "bucketName": {
-     "type": "string",
-     "description": "The name of an existing bucket in Cloud Storage where the usage report object is stored. The Google Service Account is granted write access to this bucket. This can either be the bucket name by itself, such as example-bucket, or the bucket name with gs:// or https://storage.googleapis.com/ in front of it, such as gs://example-bucket."
-    },
-    "reportNamePrefix": {
-     "type": "string",
-     "description": "An optional prefix for the name of the usage report object stored in bucketName. If not supplied, defaults to usage. The report is stored as a CSV file named report_name_prefix_gce_YYYYMMDD.csv where YYYYMMDD is the day of the usage according to Pacific Time. If you supply a prefix, it should conform to Cloud Storage object naming conventions."
-    }
-   }
-  },
-  "VmMaintenancePolicy": {
-   "id": "VmMaintenancePolicy",
-   "type": "object",
-   "description": "A Vm Maintenance Policy specifies what kind of infrastructure maintenance we are allowed to perform on this VM and when.",
-   "properties": {
-    "maintenanceWindow": {
-     "$ref": "MaintenanceWindow",
-     "description": "Maintenance windows that are applied to VMs covered by this policy."
-    }
-   }
-  },
-  "VpnTunnel": {
-   "id": "VpnTunnel",
-   "type": "object",
-   "description": "VPN tunnel resource. (== resource_for beta.vpnTunnels ==) (== resource_for v1.vpnTunnels ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "detailedStatus": {
-     "type": "string",
-     "description": "[Output Only] Detailed status message for the VPN tunnel."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "ikeVersion": {
-     "type": "integer",
-     "description": "IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.",
-     "format": "int32"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.",
-     "default": "compute#vpnTunnel"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a VpnTunnel.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this VpnTunnel. These can be later modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.",
-     "additionalProperties": {
-      "type": "string"
-     }
     },
-    "localTrafficSelector": {
-     "type": "array",
-     "description": "Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example: 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.vpnTunnels.insert"
-      ]
-     }
-    },
-    "peerIp": {
-     "type": "string",
-     "description": "IP address of the peer VPN gateway. Only IPv4 is supported."
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the VPN tunnel resides."
-    },
-    "remoteTrafficSelector": {
-     "type": "array",
-     "description": "Remote traffic selectors to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example: 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "router": {
-     "type": "string",
-     "description": "URL of router resource to be used for dynamic routing."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sharedSecret": {
-     "type": "string",
-     "description": "Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway."
-    },
-    "sharedSecretHash": {
-     "type": "string",
-     "description": "Hash of the shared secret."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the VPN tunnel.",
-     "enum": [
-      "ALLOCATING_RESOURCES",
-      "AUTHORIZATION_ERROR",
-      "DEPROVISIONING",
-      "ESTABLISHED",
-      "FAILED",
-      "FIRST_HANDSHAKE",
-      "NEGOTIATION_FAILURE",
-      "NETWORK_ERROR",
-      "NO_INCOMING_PACKETS",
-      "PROVISIONING",
-      "REJECTED",
-      "WAITING_FOR_FULL_CONFIG"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "targetVpnGateway": {
-     "type": "string",
-     "description": "URL of the VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created.",
-     "annotations": {
-      "required": [
-       "compute.vpnTunnels.insert"
-      ]
-     }
-    }
-   }
-  },
-  "VpnTunnelAggregatedList": {
-   "id": "VpnTunnelAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of VpnTunnelsScopedList resources.",
-     "additionalProperties": {
-      "$ref": "VpnTunnelsScopedList",
-      "description": "Name of the scope containing this set of vpn tunnels."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.",
-     "default": "compute#vpnTunnelAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "VpnTunnelList": {
-   "id": "VpnTunnelList",
-   "type": "object",
-   "description": "Contains a list of VpnTunnel resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of VpnTunnel resources.",
-     "items": {
-      "$ref": "VpnTunnel"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.",
-     "default": "compute#vpnTunnelList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "VpnTunnelsScopedList": {
-   "id": "VpnTunnelsScopedList",
-   "type": "object",
-   "properties": {
     "vpnTunnels": {
-     "type": "array",
-     "description": "List of vpn tunnels contained in this scope.",
-     "items": {
-      "$ref": "VpnTunnel"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of addresses when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "XpnHostList": {
-   "id": "XpnHostList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "[Output Only] A list of shared VPC host project URLs.",
-     "items": {
-      "$ref": "Project"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#xpnHostList for lists of shared VPC hosts.",
-     "default": "compute#xpnHostList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "XpnResourceId": {
-   "id": "XpnResourceId",
-   "type": "object",
-   "description": "Service resource (a.k.a service project) ID.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "The ID of the service resource. In the case of projects, this field matches the project ID (e.g., my-project), not the project number (e.g., 12345678)."
-    },
-    "type": {
-     "type": "string",
-     "description": "The type of the service resource.",
-     "enum": [
-      "PROJECT",
-      "XPN_RESOURCE_TYPE_UNSPECIFIED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "Zone": {
-   "id": "Zone",
-   "type": "object",
-   "description": "A Zone resource. (== resource_for beta.zones ==) (== resource_for v1.zones ==)",
-   "properties": {
-    "availableCpuPlatforms": {
-     "type": "array",
-     "description": "[Output Only] Available cpu/platform selections for the zone.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "deprecated": {
-     "$ref": "DeprecationStatus",
-     "description": "[Output Only] The deprecation status associated with this zone."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] Textual description of the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#zone for zones.",
-     "default": "compute#zone"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource."
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] Full URL reference to the region which hosts the zone."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] Status of the zone, either UP or DOWN.",
-     "enum": [
-      "DOWN",
-      "UP"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "ZoneList": {
-   "id": "ZoneList",
-   "type": "object",
-   "description": "Contains a list of zone resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Zone resources.",
-     "items": {
-      "$ref": "Zone"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#zoneList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "ZoneSetLabelsRequest": {
-   "id": "ZoneSetLabelsRequest",
-   "type": "object",
-   "properties": {
-    "labelFingerprint": {
-     "type": "string",
-     "description": "The fingerprint of the previous set of labels for this resource, used to detect conflicts. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. Make a get() request to the resource to get the latest fingerprint.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "The labels to set for this resource.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    }
-   }
-  }
- },
- "resources": {
-  "acceleratorTypes": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.acceleratorTypes.aggregatedList",
-     "path": "{project}/aggregated/acceleratorTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of accelerator types.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "AcceleratorTypeAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "get": {
-     "id": "compute.acceleratorTypes.get",
-     "path": "{project}/zones/{zone}/acceleratorTypes/{acceleratorType}",
-     "httpMethod": "GET",
-     "description": "Returns the specified accelerator type. Get a list of available accelerator types by making a list() request.",
-     "parameters": {
-      "acceleratorType": {
-       "type": "string",
-       "description": "Name of the accelerator type to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "acceleratorType"
-     ],
-     "response": {
-      "$ref": "AcceleratorType"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.acceleratorTypes.list",
-     "path": "{project}/zones/{zone}/acceleratorTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of accelerator types available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "AcceleratorTypeList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "addresses": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.addresses.aggregatedList",
-     "path": "{project}/aggregated/addresses",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of addresses.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "AddressAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.addresses.delete",
-     "path": "{project}/regions/{region}/addresses/{address}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified address resource.",
-     "parameters": {
-      "address": {
-       "type": "string",
-       "description": "Name of the address resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "address"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.addresses.get",
-     "path": "{project}/regions/{region}/addresses/{address}",
-     "httpMethod": "GET",
-     "description": "Returns the specified address resource.",
-     "parameters": {
-      "address": {
-       "type": "string",
-       "description": "Name of the address resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "address"
-     ],
-     "response": {
-      "$ref": "Address"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.addresses.insert",
-     "path": "{project}/regions/{region}/addresses",
-     "httpMethod": "POST",
-     "description": "Creates an address resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Address"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.addresses.list",
-     "path": "{project}/regions/{region}/addresses",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of addresses contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "AddressList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.addresses.setLabels",
-     "path": "{project}/regions/{region}/addresses/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on an Address. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "RegionSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.addresses.testIamPermissions",
-     "path": "{project}/regions/{region}/addresses/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "autoscalers": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.autoscalers.aggregatedList",
-     "path": "{project}/aggregated/autoscalers",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of autoscalers.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "AutoscalerAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.autoscalers.delete",
-     "path": "{project}/zones/{zone}/autoscalers/{autoscaler}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified autoscaler.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "autoscaler"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.autoscalers.get",
-     "path": "{project}/zones/{zone}/autoscalers/{autoscaler}",
-     "httpMethod": "GET",
-     "description": "Returns the specified autoscaler resource. Get a list of available autoscalers by making a list() request.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "autoscaler"
-     ],
-     "response": {
-      "$ref": "Autoscaler"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.autoscalers.insert",
-     "path": "{project}/zones/{zone}/autoscalers",
-     "httpMethod": "POST",
-     "description": "Creates an autoscaler in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "Autoscaler"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.autoscalers.list",
-     "path": "{project}/zones/{zone}/autoscalers",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of autoscalers contained within the specified zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "AutoscalerList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.autoscalers.patch",
-     "path": "{project}/zones/{zone}/autoscalers",
-     "httpMethod": "PATCH",
-     "description": "Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to patch.",
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "Autoscaler"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.autoscalers.testIamPermissions",
-     "path": "{project}/zones/{zone}/autoscalers/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.autoscalers.update",
-     "path": "{project}/zones/{zone}/autoscalers",
-     "httpMethod": "PUT",
-     "description": "Updates an autoscaler in the specified project using the data included in the request.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to update.",
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "Autoscaler"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "backendBuckets": {
-   "methods": {
-    "addSignedUrlKey": {
-     "id": "compute.backendBuckets.addSignedUrlKey",
-     "path": "{project}/global/backendBuckets/{backendBucket}/addSignedUrlKey",
-     "httpMethod": "POST",
-     "description": "Adds the given Signed URL Key to the backend bucket.",
-     "parameters": {
-      "backendBucket": {
-       "type": "string",
-       "description": "Name of the BackendBucket resource to which the Signed URL Key should be added. The name should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendBucket"
-     ],
-     "request": {
-      "$ref": "SignedUrlKey"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "delete": {
-     "id": "compute.backendBuckets.delete",
-     "path": "{project}/global/backendBuckets/{backendBucket}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified BackendBucket resource.",
-     "parameters": {
-      "backendBucket": {
-       "type": "string",
-       "description": "Name of the BackendBucket resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendBucket"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "deleteSignedUrlKey": {
-     "id": "compute.backendBuckets.deleteSignedUrlKey",
-     "path": "{project}/global/backendBuckets/{backendBucket}/deleteSignedUrlKey",
-     "httpMethod": "POST",
-     "description": "Deletes the given Signed URL Key from the backend bucket.",
-     "parameters": {
-      "backendBucket": {
-       "type": "string",
-       "description": "Name of the BackendBucket resource to which the Signed URL Key should be added. The name should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "keyName": {
-       "type": "string",
-       "description": "The name of the Signed URL Key to delete.",
-       "required": true,
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendBucket",
-      "keyName"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.backendBuckets.get",
-     "path": "{project}/global/backendBuckets/{backendBucket}",
-     "httpMethod": "GET",
-     "description": "Returns the specified BackendBucket resource. Get a list of available backend buckets by making a list() request.",
-     "parameters": {
-      "backendBucket": {
-       "type": "string",
-       "description": "Name of the BackendBucket resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendBucket"
-     ],
-     "response": {
-      "$ref": "BackendBucket"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getIamPolicy": {
-     "id": "compute.backendBuckets.getIamPolicy",
-     "path": "{project}/global/backendBuckets/{resource}/getIamPolicy",
-     "httpMethod": "GET",
-     "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.backendBuckets.insert",
-     "path": "{project}/global/backendBuckets",
-     "httpMethod": "POST",
-     "description": "Creates a BackendBucket resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "BackendBucket"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.backendBuckets.list",
-     "path": "{project}/global/backendBuckets",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of BackendBucket resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "BackendBucketList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.backendBuckets.patch",
-     "path": "{project}/global/backendBuckets/{backendBucket}",
-     "httpMethod": "PATCH",
-     "description": "Updates the specified BackendBucket resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "backendBucket": {
-       "type": "string",
-       "description": "Name of the BackendBucket resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendBucket"
-     ],
-     "request": {
-      "$ref": "BackendBucket"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setIamPolicy": {
-     "id": "compute.backendBuckets.setIamPolicy",
-     "path": "{project}/global/backendBuckets/{resource}/setIamPolicy",
-     "httpMethod": "POST",
-     "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "Policy"
-     },
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.backendBuckets.testIamPermissions",
-     "path": "{project}/global/backendBuckets/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.backendBuckets.update",
-     "path": "{project}/global/backendBuckets/{backendBucket}",
-     "httpMethod": "PUT",
-     "description": "Updates the specified BackendBucket resource with the data included in the request.",
-     "parameters": {
-      "backendBucket": {
-       "type": "string",
-       "description": "Name of the BackendBucket resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendBucket"
-     ],
-     "request": {
-      "$ref": "BackendBucket"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "backendServices": {
-   "methods": {
-    "addSignedUrlKey": {
-     "id": "compute.backendServices.addSignedUrlKey",
-     "path": "{project}/global/backendServices/{backendService}/addSignedUrlKey",
-     "httpMethod": "POST",
-     "description": "Adds the given Signed URL Key to the specified backend service.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to which the Signed URL Key should be added. The name should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "SignedUrlKey"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "aggregatedList": {
-     "id": "compute.backendServices.aggregatedList",
-     "path": "{project}/aggregated/backendServices",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of all BackendService resources, regional and global, available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Name of the project scoping this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "BackendServiceAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.backendServices.delete",
-     "path": "{project}/global/backendServices/{backendService}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified BackendService resource.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "deleteSignedUrlKey": {
-     "id": "compute.backendServices.deleteSignedUrlKey",
-     "path": "{project}/global/backendServices/{backendService}/deleteSignedUrlKey",
-     "httpMethod": "POST",
-     "description": "Deletes the given Signed URL Key from the specified backend service.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to which the Signed URL Key should be added. The name should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "keyName": {
-       "type": "string",
-       "description": "The name of the Signed URL Key to delete.",
-       "required": true,
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService",
-      "keyName"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.backendServices.get",
-     "path": "{project}/global/backendServices/{backendService}",
-     "httpMethod": "GET",
-     "description": "Returns the specified BackendService resource. Get a list of available backend services by making a list() request.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService"
-     ],
-     "response": {
-      "$ref": "BackendService"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getHealth": {
-     "id": "compute.backendServices.getHealth",
-     "path": "{project}/global/backendServices/{backendService}/getHealth",
-     "httpMethod": "POST",
-     "description": "Gets the most recent health check results for this BackendService.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to which the queried instance belongs.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "ResourceGroupReference"
-     },
-     "response": {
-      "$ref": "BackendServiceGroupHealth"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.backendServices.insert",
-     "path": "{project}/global/backendServices",
-     "httpMethod": "POST",
-     "description": "Creates a BackendService resource in the specified project using the data included in the request. There are several restrictions and guidelines to keep in mind when creating a backend service. Read  Restrictions and Guidelines for more information.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "BackendService"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.backendServices.list",
-     "path": "{project}/global/backendServices",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of BackendService resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "BackendServiceList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.backendServices.patch",
-     "path": "{project}/global/backendServices/{backendService}",
-     "httpMethod": "PATCH",
-     "description": "Patches the specified BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "BackendService"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setSecurityPolicy": {
-     "id": "compute.backendServices.setSecurityPolicy",
-     "path": "{project}/global/backendServices/{backendService}/setSecurityPolicy",
-     "httpMethod": "POST",
-     "description": "Sets the security policy for the specified backend service.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to which the security policy should be set. The name should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "SecurityPolicyReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.backendServices.testIamPermissions",
-     "path": "{project}/global/backendServices/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.backendServices.update",
-     "path": "{project}/global/backendServices/{backendService}",
-     "httpMethod": "PUT",
-     "description": "Updates the specified BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "BackendService"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "clientSslPolicies": {
-   "methods": {
-    "testIamPermissions": {
-     "id": "compute.clientSslPolicies.testIamPermissions",
-     "path": "{project}/global/clientSslPolicies/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "diskTypes": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.diskTypes.aggregatedList",
-     "path": "{project}/aggregated/diskTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of disk types.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "DiskTypeAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "get": {
-     "id": "compute.diskTypes.get",
-     "path": "{project}/zones/{zone}/diskTypes/{diskType}",
-     "httpMethod": "GET",
-     "description": "Returns the specified disk type. Get a list of available disk types by making a list() request.",
-     "parameters": {
-      "diskType": {
-       "type": "string",
-       "description": "Name of the disk type to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "diskType"
-     ],
-     "response": {
-      "$ref": "DiskType"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.diskTypes.list",
-     "path": "{project}/zones/{zone}/diskTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of disk types available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "DiskTypeList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "disks": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.disks.aggregatedList",
-     "path": "{project}/aggregated/disks",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of persistent disks.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "DiskAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "createSnapshot": {
-     "id": "compute.disks.createSnapshot",
-     "path": "{project}/zones/{zone}/disks/{disk}/createSnapshot",
-     "httpMethod": "POST",
-     "description": "Creates a snapshot of a specified persistent disk.",
-     "parameters": {
-      "disk": {
-       "type": "string",
-       "description": "Name of the persistent disk to snapshot.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "guestFlush": {
-       "type": "boolean",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "disk"
-     ],
-     "request": {
-      "$ref": "Snapshot"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "delete": {
-     "id": "compute.disks.delete",
-     "path": "{project}/zones/{zone}/disks/{disk}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified persistent disk. Deleting a disk removes its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.",
-     "parameters": {
-      "disk": {
-       "type": "string",
-       "description": "Name of the persistent disk to delete.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "disk"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.disks.get",
-     "path": "{project}/zones/{zone}/disks/{disk}",
-     "httpMethod": "GET",
-     "description": "Returns a specified persistent disk. Get a list of available persistent disks by making a list() request.",
-     "parameters": {
-      "disk": {
-       "type": "string",
-       "description": "Name of the persistent disk to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "disk"
-     ],
-     "response": {
-      "$ref": "Disk"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getIamPolicy": {
-     "id": "compute.disks.getIamPolicy",
-     "path": "{project}/zones/{zone}/disks/{resource}/getIamPolicy",
-     "httpMethod": "GET",
-     "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.disks.insert",
-     "path": "{project}/zones/{zone}/disks",
-     "httpMethod": "POST",
-     "description": "Creates a persistent disk in the specified project using the data in the request. You can create a disk with a sourceImage, a sourceSnapshot, or create an empty 500 GB data disk by omitting all properties. You can also create a disk that is larger than the default size by specifying the sizeGb property.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "sourceImage": {
-       "type": "string",
-       "description": "Optional. Source image to restore onto a disk.",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "Disk"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.disks.list",
-     "path": "{project}/zones/{zone}/disks",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of persistent disks contained within the specified zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "DiskList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "resize": {
-     "id": "compute.disks.resize",
-     "path": "{project}/zones/{zone}/disks/{disk}/resize",
-     "httpMethod": "POST",
-     "description": "Resizes the specified persistent disk. You can only increase the size of the disk.",
-     "parameters": {
-      "disk": {
-       "type": "string",
-       "description": "The name of the persistent disk.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "disk"
-     ],
-     "request": {
-      "$ref": "DisksResizeRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setIamPolicy": {
-     "id": "compute.disks.setIamPolicy",
-     "path": "{project}/zones/{zone}/disks/{resource}/setIamPolicy",
-     "httpMethod": "POST",
-     "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "Policy"
-     },
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.disks.setLabels",
-     "path": "{project}/zones/{zone}/disks/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on a disk. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "ZoneSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.disks.testIamPermissions",
-     "path": "{project}/zones/{zone}/disks/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "firewalls": {
-   "methods": {
-    "delete": {
-     "id": "compute.firewalls.delete",
-     "path": "{project}/global/firewalls/{firewall}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified firewall.",
-     "parameters": {
-      "firewall": {
-       "type": "string",
-       "description": "Name of the firewall rule to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "firewall"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.firewalls.get",
-     "path": "{project}/global/firewalls/{firewall}",
-     "httpMethod": "GET",
-     "description": "Returns the specified firewall.",
-     "parameters": {
-      "firewall": {
-       "type": "string",
-       "description": "Name of the firewall rule to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "firewall"
-     ],
-     "response": {
-      "$ref": "Firewall"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.firewalls.insert",
-     "path": "{project}/global/firewalls",
-     "httpMethod": "POST",
-     "description": "Creates a firewall rule in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Firewall"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.firewalls.list",
-     "path": "{project}/global/firewalls",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of firewall rules available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "FirewallList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.firewalls.patch",
-     "path": "{project}/global/firewalls/{firewall}",
-     "httpMethod": "PATCH",
-     "description": "Updates the specified firewall rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "firewall": {
-       "type": "string",
-       "description": "Name of the firewall rule to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "firewall"
-     ],
-     "request": {
-      "$ref": "Firewall"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.firewalls.testIamPermissions",
-     "path": "{project}/global/firewalls/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.firewalls.update",
-     "path": "{project}/global/firewalls/{firewall}",
-     "httpMethod": "PUT",
-     "description": "Updates the specified firewall rule with the data included in the request. Using PUT method, can only update following fields of firewall rule: allowed, description, sourceRanges, sourceTags, targetTags.",
-     "parameters": {
-      "firewall": {
-       "type": "string",
-       "description": "Name of the firewall rule to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "firewall"
-     ],
-     "request": {
-      "$ref": "Firewall"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "forwardingRules": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.forwardingRules.aggregatedList",
-     "path": "{project}/aggregated/forwardingRules",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of forwarding rules.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "ForwardingRuleAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.forwardingRules.delete",
-     "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified ForwardingRule resource.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "forwardingRule"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.forwardingRules.get",
-     "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}",
-     "httpMethod": "GET",
-     "description": "Returns the specified ForwardingRule resource.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "forwardingRule"
-     ],
-     "response": {
-      "$ref": "ForwardingRule"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.forwardingRules.insert",
-     "path": "{project}/regions/{region}/forwardingRules",
-     "httpMethod": "POST",
-     "description": "Creates a ForwardingRule resource in the specified project and region using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "ForwardingRule"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.forwardingRules.list",
-     "path": "{project}/regions/{region}/forwardingRules",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of ForwardingRule resources available to the specified project and region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "ForwardingRuleList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.forwardingRules.patch",
-     "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}",
-     "httpMethod": "PATCH",
-     "description": "Updates the specified forwarding rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules. Currently, you can only patch the network_tier field.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "forwardingRule"
-     ],
-     "request": {
-      "$ref": "ForwardingRule"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.forwardingRules.setLabels",
-     "path": "{project}/regions/{region}/forwardingRules/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "RegionSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setTarget": {
-     "id": "compute.forwardingRules.setTarget",
-     "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}/setTarget",
-     "httpMethod": "POST",
-     "description": "Changes target URL for forwarding rule. The new target should be of the same type as the old target.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource in which target is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "forwardingRule"
-     ],
-     "request": {
-      "$ref": "TargetReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.forwardingRules.testIamPermissions",
-     "path": "{project}/regions/{region}/forwardingRules/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "globalAddresses": {
-   "methods": {
-    "delete": {
-     "id": "compute.globalAddresses.delete",
-     "path": "{project}/global/addresses/{address}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified address resource.",
-     "parameters": {
-      "address": {
-       "type": "string",
-       "description": "Name of the address resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "address"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.globalAddresses.get",
-     "path": "{project}/global/addresses/{address}",
-     "httpMethod": "GET",
-     "description": "Returns the specified address resource. Get a list of available addresses by making a list() request.",
-     "parameters": {
-      "address": {
-       "type": "string",
-       "description": "Name of the address resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "address"
-     ],
-     "response": {
-      "$ref": "Address"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.globalAddresses.insert",
-     "path": "{project}/global/addresses",
-     "httpMethod": "POST",
-     "description": "Creates an address resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Address"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.globalAddresses.list",
-     "path": "{project}/global/addresses",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of global addresses.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "AddressList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.globalAddresses.setLabels",
-     "path": "{project}/global/addresses/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on a GlobalAddress. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "GlobalSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.globalAddresses.testIamPermissions",
-     "path": "{project}/global/addresses/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "globalForwardingRules": {
-   "methods": {
-    "delete": {
-     "id": "compute.globalForwardingRules.delete",
-     "path": "{project}/global/forwardingRules/{forwardingRule}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified GlobalForwardingRule resource.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "forwardingRule"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.globalForwardingRules.get",
-     "path": "{project}/global/forwardingRules/{forwardingRule}",
-     "httpMethod": "GET",
-     "description": "Returns the specified GlobalForwardingRule resource. Get a list of available forwarding rules by making a list() request.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "forwardingRule"
-     ],
-     "response": {
-      "$ref": "ForwardingRule"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.globalForwardingRules.insert",
-     "path": "{project}/global/forwardingRules",
-     "httpMethod": "POST",
-     "description": "Creates a GlobalForwardingRule resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "ForwardingRule"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.globalForwardingRules.list",
-     "path": "{project}/global/forwardingRules",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of GlobalForwardingRule resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "ForwardingRuleList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.globalForwardingRules.patch",
-     "path": "{project}/global/forwardingRules/{forwardingRule}",
-     "httpMethod": "PATCH",
-     "description": "Updates the specified forwarding rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules. Currently, you can only patch the network_tier field.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "forwardingRule"
-     ],
-     "request": {
-      "$ref": "ForwardingRule"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.globalForwardingRules.setLabels",
-     "path": "{project}/global/forwardingRules/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "GlobalSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setTarget": {
-     "id": "compute.globalForwardingRules.setTarget",
-     "path": "{project}/global/forwardingRules/{forwardingRule}/setTarget",
-     "httpMethod": "POST",
-     "description": "Changes target URL for the GlobalForwardingRule resource. The new target should be of the same type as the old target.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource in which target is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "forwardingRule"
-     ],
-     "request": {
-      "$ref": "TargetReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.globalForwardingRules.testIamPermissions",
-     "path": "{project}/global/forwardingRules/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "globalOperations": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.globalOperations.aggregatedList",
-     "path": "{project}/aggregated/operations",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of all operations.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "OperationAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.globalOperations.delete",
-     "path": "{project}/global/operations/{operation}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified Operations resource.",
-     "parameters": {
-      "operation": {
-       "type": "string",
-       "description": "Name of the Operations resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "operation"
-     ],
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.globalOperations.get",
-     "path": "{project}/global/operations/{operation}",
-     "httpMethod": "GET",
-     "description": "Retrieves the specified Operations resource. Get a list of operations by making a list() request.",
-     "parameters": {
-      "operation": {
-       "type": "string",
-       "description": "Name of the Operations resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "operation"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.globalOperations.list",
-     "path": "{project}/global/operations",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of Operation resources contained within the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "OperationList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "healthChecks": {
-   "methods": {
-    "delete": {
-     "id": "compute.healthChecks.delete",
-     "path": "{project}/global/healthChecks/{healthCheck}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified HealthCheck resource.",
-     "parameters": {
-      "healthCheck": {
-       "type": "string",
-       "description": "Name of the HealthCheck resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "healthCheck"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.healthChecks.get",
-     "path": "{project}/global/healthChecks/{healthCheck}",
-     "httpMethod": "GET",
-     "description": "Returns the specified HealthCheck resource. Get a list of available health checks by making a list() request.",
-     "parameters": {
-      "healthCheck": {
-       "type": "string",
-       "description": "Name of the HealthCheck resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "healthCheck"
-     ],
-     "response": {
-      "$ref": "HealthCheck"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.healthChecks.insert",
-     "path": "{project}/global/healthChecks",
-     "httpMethod": "POST",
-     "description": "Creates a HealthCheck resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "HealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.healthChecks.list",
-     "path": "{project}/global/healthChecks",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of HealthCheck resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "HealthCheckList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.healthChecks.patch",
-     "path": "{project}/global/healthChecks/{healthCheck}",
-     "httpMethod": "PATCH",
-     "description": "Updates a HealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "healthCheck": {
-       "type": "string",
-       "description": "Name of the HealthCheck resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "healthCheck"
-     ],
-     "request": {
-      "$ref": "HealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.healthChecks.testIamPermissions",
-     "path": "{project}/global/healthChecks/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.healthChecks.update",
-     "path": "{project}/global/healthChecks/{healthCheck}",
-     "httpMethod": "PUT",
-     "description": "Updates a HealthCheck resource in the specified project using the data included in the request.",
-     "parameters": {
-      "healthCheck": {
-       "type": "string",
-       "description": "Name of the HealthCheck resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "healthCheck"
-     ],
-     "request": {
-      "$ref": "HealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "hostTypes": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.hostTypes.aggregatedList",
-     "path": "{project}/aggregated/hostTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of host types.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of VPN tunnels.",
+          "httpMethod": "GET",
+          "id": "compute.vpnTunnels.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/vpnTunnels",
+          "response": {
+            "$ref": "VpnTunnelAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified VpnTunnel resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.vpnTunnels.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "vpnTunnel"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "vpnTunnel": {
+              "description": "Name of the VpnTunnel resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/vpnTunnels/{vpnTunnel}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified VpnTunnel resource. Get a list of available VPN tunnels by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.vpnTunnels.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "vpnTunnel"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "vpnTunnel": {
+              "description": "Name of the VpnTunnel resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/vpnTunnels/{vpnTunnel}",
+          "response": {
+            "$ref": "VpnTunnel"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a VpnTunnel resource in the specified project and region using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.vpnTunnels.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/vpnTunnels",
+          "request": {
+            "$ref": "VpnTunnel"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of VpnTunnel resources contained in the specified project and region.",
+          "httpMethod": "GET",
+          "id": "compute.vpnTunnels.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/vpnTunnels",
+          "response": {
+            "$ref": "VpnTunnelList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on a VpnTunnel. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.vpnTunnels.setLabels",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/vpnTunnels/{resource}/setLabels",
+          "request": {
+            "$ref": "RegionSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.vpnTunnels.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/vpnTunnels/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "HostTypeAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "get": {
-     "id": "compute.hostTypes.get",
-     "path": "{project}/zones/{zone}/hostTypes/{hostType}",
-     "httpMethod": "GET",
-     "description": "Returns the specified host type. Get a list of available host types by making a list() request.",
-     "parameters": {
-      "hostType": {
-       "type": "string",
-       "description": "Name of the host type to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+    },
+    "zoneOperations": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified zone-specific Operations resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.zoneOperations.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "operation"
+          ],
+          "parameters": {
+            "operation": {
+              "description": "Name of the Operations resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/operations/{operation}",
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Retrieves the specified zone-specific Operations resource.",
+          "httpMethod": "GET",
+          "id": "compute.zoneOperations.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "operation"
+          ],
+          "parameters": {
+            "operation": {
+              "description": "Name of the Operations resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/operations/{operation}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of Operation resources contained within the specified zone.",
+          "httpMethod": "GET",
+          "id": "compute.zoneOperations.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/operations",
+          "response": {
+            "$ref": "OperationList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "hostType"
-     ],
-     "response": {
-      "$ref": "HostType"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.hostTypes.list",
-     "path": "{project}/zones/{zone}/hostTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of host types available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+    },
+    "zones": {
+      "methods": {
+        "get": {
+          "description": "Returns the specified Zone resource. Get a list of available zones by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.zones.get",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}",
+          "response": {
+            "$ref": "Zone"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of Zone resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.zones.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones",
+          "response": {
+            "$ref": "ZoneList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "HostTypeList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
     }
-   }
   },
-  "hosts": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.hosts.aggregatedList",
-     "path": "{project}/aggregated/hosts",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of hosts.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "HostAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.hosts.delete",
-     "path": "{project}/zones/{zone}/hosts/{host}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified Host resource.",
-     "parameters": {
-      "host": {
-       "type": "string",
-       "description": "Name of the Host resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "host"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.hosts.get",
-     "path": "{project}/zones/{zone}/hosts/{host}",
-     "httpMethod": "GET",
-     "description": "Returns the specified host. Get a list of available hosts by making a list() request.",
-     "parameters": {
-      "host": {
-       "type": "string",
-       "description": "Name of the host to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "host"
-     ],
-     "response": {
-      "$ref": "Host"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getIamPolicy": {
-     "id": "compute.hosts.getIamPolicy",
-     "path": "{project}/zones/{zone}/hosts/{resource}/getIamPolicy",
-     "httpMethod": "GET",
-     "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.hosts.insert",
-     "path": "{project}/zones/{zone}/hosts",
-     "httpMethod": "POST",
-     "description": "Creates a host resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "Host"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.hosts.list",
-     "path": "{project}/zones/{zone}/hosts",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of hosts available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "HostList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setIamPolicy": {
-     "id": "compute.hosts.setIamPolicy",
-     "path": "{project}/zones/{zone}/hosts/{resource}/setIamPolicy",
-     "httpMethod": "POST",
-     "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "Policy"
-     },
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.hosts.testIamPermissions",
-     "path": "{project}/zones/{zone}/hosts/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "httpHealthChecks": {
-   "methods": {
-    "delete": {
-     "id": "compute.httpHealthChecks.delete",
-     "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified HttpHealthCheck resource.",
-     "parameters": {
-      "httpHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpHealthCheck resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpHealthCheck"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.httpHealthChecks.get",
-     "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
-     "httpMethod": "GET",
-     "description": "Returns the specified HttpHealthCheck resource. Get a list of available HTTP health checks by making a list() request.",
-     "parameters": {
-      "httpHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpHealthCheck resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpHealthCheck"
-     ],
-     "response": {
-      "$ref": "HttpHealthCheck"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.httpHealthChecks.insert",
-     "path": "{project}/global/httpHealthChecks",
-     "httpMethod": "POST",
-     "description": "Creates a HttpHealthCheck resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "HttpHealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.httpHealthChecks.list",
-     "path": "{project}/global/httpHealthChecks",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of HttpHealthCheck resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "HttpHealthCheckList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.httpHealthChecks.patch",
-     "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
-     "httpMethod": "PATCH",
-     "description": "Updates a HttpHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "httpHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpHealthCheck resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpHealthCheck"
-     ],
-     "request": {
-      "$ref": "HttpHealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.httpHealthChecks.testIamPermissions",
-     "path": "{project}/global/httpHealthChecks/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.httpHealthChecks.update",
-     "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
-     "httpMethod": "PUT",
-     "description": "Updates a HttpHealthCheck resource in the specified project using the data included in the request.",
-     "parameters": {
-      "httpHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpHealthCheck resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpHealthCheck"
-     ],
-     "request": {
-      "$ref": "HttpHealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "httpsHealthChecks": {
-   "methods": {
-    "delete": {
-     "id": "compute.httpsHealthChecks.delete",
-     "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified HttpsHealthCheck resource.",
-     "parameters": {
-      "httpsHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpsHealthCheck resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpsHealthCheck"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.httpsHealthChecks.get",
-     "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
-     "httpMethod": "GET",
-     "description": "Returns the specified HttpsHealthCheck resource. Get a list of available HTTPS health checks by making a list() request.",
-     "parameters": {
-      "httpsHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpsHealthCheck resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpsHealthCheck"
-     ],
-     "response": {
-      "$ref": "HttpsHealthCheck"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.httpsHealthChecks.insert",
-     "path": "{project}/global/httpsHealthChecks",
-     "httpMethod": "POST",
-     "description": "Creates a HttpsHealthCheck resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "HttpsHealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.httpsHealthChecks.list",
-     "path": "{project}/global/httpsHealthChecks",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of HttpsHealthCheck resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "HttpsHealthCheckList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.httpsHealthChecks.patch",
-     "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
-     "httpMethod": "PATCH",
-     "description": "Updates a HttpsHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "httpsHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpsHealthCheck resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpsHealthCheck"
-     ],
-     "request": {
-      "$ref": "HttpsHealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.httpsHealthChecks.testIamPermissions",
-     "path": "{project}/global/httpsHealthChecks/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.httpsHealthChecks.update",
-     "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
-     "httpMethod": "PUT",
-     "description": "Updates a HttpsHealthCheck resource in the specified project using the data included in the request.",
-     "parameters": {
-      "httpsHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpsHealthCheck resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpsHealthCheck"
-     ],
-     "request": {
-      "$ref": "HttpsHealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "images": {
-   "methods": {
-    "delete": {
-     "id": "compute.images.delete",
-     "path": "{project}/global/images/{image}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified image.",
-     "parameters": {
-      "image": {
-       "type": "string",
-       "description": "Name of the image resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "image"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "deprecate": {
-     "id": "compute.images.deprecate",
-     "path": "{project}/global/images/{image}/deprecate",
-     "httpMethod": "POST",
-     "description": "Sets the deprecation status of an image.\n\nIf an empty request body is given, clears the deprecation status instead.",
-     "parameters": {
-      "image": {
-       "type": "string",
-       "description": "Image name.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "image"
-     ],
-     "request": {
-      "$ref": "DeprecationStatus"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.images.get",
-     "path": "{project}/global/images/{image}",
-     "httpMethod": "GET",
-     "description": "Returns the specified image. Get a list of available images by making a list() request.",
-     "parameters": {
-      "image": {
-       "type": "string",
-       "description": "Name of the image resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "image"
-     ],
-     "response": {
-      "$ref": "Image"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getFromFamily": {
-     "id": "compute.images.getFromFamily",
-     "path": "{project}/global/images/family/{family}",
-     "httpMethod": "GET",
-     "description": "Returns the latest image that is part of an image family and is not deprecated.",
-     "parameters": {
-      "family": {
-       "type": "string",
-       "description": "Name of the image family to search for.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "family"
-     ],
-     "response": {
-      "$ref": "Image"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getIamPolicy": {
-     "id": "compute.images.getIamPolicy",
-     "path": "{project}/global/images/{resource}/getIamPolicy",
-     "httpMethod": "GET",
-     "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.images.insert",
-     "path": "{project}/global/images",
-     "httpMethod": "POST",
-     "description": "Creates an image in the specified project using the data included in the request.",
-     "parameters": {
-      "forceCreate": {
-       "type": "boolean",
-       "description": "Force image creation if true.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Image"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/devstorage.full_control",
-      "https://www.googleapis.com/auth/devstorage.read_only",
-      "https://www.googleapis.com/auth/devstorage.read_write"
-     ]
-    },
-    "list": {
-     "id": "compute.images.list",
-     "path": "{project}/global/images",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of custom images available to the specified project. Custom images are images you create that belong to your project. This method does not get any images that belong to other projects, including publicly-available images, like Debian 8. If you want to get a list of publicly-available images, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "ImageList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setIamPolicy": {
-     "id": "compute.images.setIamPolicy",
-     "path": "{project}/global/images/{resource}/setIamPolicy",
-     "httpMethod": "POST",
-     "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "Policy"
-     },
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.images.setLabels",
-     "path": "{project}/global/images/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on an image. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "GlobalSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.images.testIamPermissions",
-     "path": "{project}/global/images/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "instanceGroupManagers": {
-   "methods": {
-    "abandonInstances": {
-     "id": "compute.instanceGroupManagers.abandonInstances",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/abandonInstances",
-     "httpMethod": "POST",
-     "description": "Schedules a group action to remove the specified instances from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersAbandonInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "aggregatedList": {
-     "id": "compute.instanceGroupManagers.aggregatedList",
-     "path": "{project}/aggregated/instanceGroupManagers",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of managed instance groups and groups them by zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InstanceGroupManagerAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "applyUpdatesToInstances": {
-     "id": "compute.instanceGroupManagers.applyUpdatesToInstances",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/applyUpdatesToInstances",
-     "httpMethod": "POST",
-     "description": "Apply changes to selected instances on the managed instance group. This method can be used to apply new overrides and/or new versions.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group, should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located. Should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersApplyUpdatesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "delete": {
-     "id": "compute.instanceGroupManagers.delete",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified managed instance group and all of the instances in that group. Note that the instance group must not belong to a backend service. Read  Deleting an instance group for more information.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group to delete.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "deleteInstances": {
-     "id": "compute.instanceGroupManagers.deleteInstances",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/deleteInstances",
-     "httpMethod": "POST",
-     "description": "Schedules a group action to delete the specified instances in the managed instance group. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersDeleteInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "deletePerInstanceConfigs": {
-     "id": "compute.instanceGroupManagers.deletePerInstanceConfigs",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/deletePerInstanceConfigs",
-     "httpMethod": "POST",
-     "description": "Delete selected per-instance configs for the managed instance group.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group. It should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located. It should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersDeletePerInstanceConfigsReq"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.instanceGroupManagers.get",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "GET",
-     "description": "Returns all of the details about the specified managed instance group. Get a list of available managed instance groups by making a list() request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "InstanceGroupManager"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.instanceGroupManagers.insert",
-     "path": "{project}/zones/{zone}/instanceGroupManagers",
-     "httpMethod": "POST",
-     "description": "Creates a managed instance group using the information that you specify in the request. After the group is created, it schedules an action to create instances in the group using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.\n\nA managed instance group can have up to 1000 VM instances per group. Please contact Cloud Support if you need an increase in this limit.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where you want to create the managed instance group.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManager"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.instanceGroupManagers.list",
-     "path": "{project}/zones/{zone}/instanceGroupManagers",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of managed instance groups that are contained within the specified project and zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "InstanceGroupManagerList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listManagedInstances": {
-     "id": "compute.instanceGroupManagers.listManagedInstances",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/listManagedInstances",
-     "httpMethod": "POST",
-     "description": "Lists all of the instances in the managed instance group. Each instance in the list has a currentAction, which indicates the action that the managed instance group is performing on the instance. For example, if the group is still creating an instance, the currentAction is CREATING. If a previous action failed, the list displays the errors for that failed action.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "location": "query"
-      },
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "maxResults": {
-       "type": "integer",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "order_by": {
-       "type": "string",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "InstanceGroupManagersListManagedInstancesResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listPerInstanceConfigs": {
-     "id": "compute.instanceGroupManagers.listPerInstanceConfigs",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/listPerInstanceConfigs",
-     "httpMethod": "POST",
-     "description": "Lists all of the per-instance configs defined for the managed instance group.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group. It should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located. It should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "InstanceGroupManagersListPerInstanceConfigsResp"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.instanceGroupManagers.patch",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "PATCH",
-     "description": "Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listManagedInstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the instance group manager.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where you want to create the managed instance group.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManager"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "recreateInstances": {
-     "id": "compute.instanceGroupManagers.recreateInstances",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/recreateInstances",
-     "httpMethod": "POST",
-     "description": "Schedules a group action to recreate the specified instances in the managed instance group. The instances are deleted and recreated using the current instance template for the managed instance group. This operation is marked as DONE when the action is scheduled even if the instances have not yet been recreated. You must separately verify the status of the recreating action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersRecreateInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "resize": {
-     "id": "compute.instanceGroupManagers.resize",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/resize",
-     "httpMethod": "POST",
-     "description": "Resizes the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "size": {
-       "type": "integer",
-       "description": "The number of running instances that the managed instance group should maintain at any given time. The group automatically adds or removes instances to maintain the number of instances specified by this parameter.",
-       "required": true,
-       "format": "int32",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager",
-      "size"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "resizeAdvanced": {
-     "id": "compute.instanceGroupManagers.resizeAdvanced",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/resizeAdvanced",
-     "httpMethod": "POST",
-     "description": "Resizes the managed instance group with advanced configuration options like disabling creation retries. This is an extended version of the resize method.\n\nIf you increase the size of the instance group, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating, creatingWithoutRetries, or deleting actions with the get or listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersResizeAdvancedRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setAutoHealingPolicies": {
-     "id": "compute.instanceGroupManagers.setAutoHealingPolicies",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/setAutoHealingPolicies",
-     "httpMethod": "POST",
-     "description": "Modifies the autohealing policies.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the instance group manager.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersSetAutoHealingRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setInstanceTemplate": {
-     "id": "compute.instanceGroupManagers.setInstanceTemplate",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/setInstanceTemplate",
-     "httpMethod": "POST",
-     "description": "Specifies the instance template to use when creating new instances in this group. The templates for existing instances in the group do not change unless you recreate them.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersSetInstanceTemplateRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setTargetPools": {
-     "id": "compute.instanceGroupManagers.setTargetPools",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/setTargetPools",
-     "httpMethod": "POST",
-     "description": "Modifies the target pools to which all instances in this managed instance group are assigned. The target pools automatically apply to all of the instances in the managed instance group. This operation is marked DONE when you make the request even if the instances have not yet been added to their target pools. The change might take some time to apply to all of the instances in the group depending on the size of the group.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersSetTargetPoolsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.instanceGroupManagers.testIamPermissions",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.instanceGroupManagers.update",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "PUT",
-     "description": "Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is updated even if the instances in the group have not yet been updated. You must separately verify the status of the individual instances with the listManagedInstances method.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the instance group manager.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where you want to create the managed instance group.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManager"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "updatePerInstanceConfigs": {
-     "id": "compute.instanceGroupManagers.updatePerInstanceConfigs",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/updatePerInstanceConfigs",
-     "httpMethod": "POST",
-     "description": "Insert or patch (for the ones that already exist) per-instance configs for the managed instance group. perInstanceConfig.instance serves as a key used to distinguish whether to perform insert or patch.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group. It should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located. It should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersUpdatePerInstanceConfigsReq"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "instanceGroups": {
-   "methods": {
-    "addInstances": {
-     "id": "compute.instanceGroups.addInstances",
-     "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/addInstances",
-     "httpMethod": "POST",
-     "description": "Adds a list of instances to the specified instance group. All of the instances in the instance group must be in the same network/subnetwork. Read  Adding instances for more information.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the instance group where you are adding instances.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroup"
-     ],
-     "request": {
-      "$ref": "InstanceGroupsAddInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "aggregatedList": {
-     "id": "compute.instanceGroups.aggregatedList",
-     "path": "{project}/aggregated/instanceGroups",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of instance groups and sorts them by zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InstanceGroupAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.instanceGroups.delete",
-     "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified instance group. The instances in the group are not deleted. Note that instance group must not belong to a backend service. Read  Deleting an instance group for more information.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the instance group to delete.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroup"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.instanceGroups.get",
-     "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}",
-     "httpMethod": "GET",
-     "description": "Returns the specified instance group. Get a list of available instance groups by making a list() request.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroup"
-     ],
-     "response": {
-      "$ref": "InstanceGroup"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.instanceGroups.insert",
-     "path": "{project}/zones/{zone}/instanceGroups",
-     "httpMethod": "POST",
-     "description": "Creates an instance group in the specified project using the parameters that are included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where you want to create the instance group.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "InstanceGroup"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.instanceGroups.list",
-     "path": "{project}/zones/{zone}/instanceGroups",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of instance groups that are located in the specified project and zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "InstanceGroupList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listInstances": {
-     "id": "compute.instanceGroups.listInstances",
-     "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/listInstances",
-     "httpMethod": "POST",
-     "description": "Lists the instances in the specified instance group.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the instance group from which you want to generate a list of included instances.",
-       "required": true,
-       "location": "path"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroup"
-     ],
-     "request": {
-      "$ref": "InstanceGroupsListInstancesRequest"
-     },
-     "response": {
-      "$ref": "InstanceGroupsListInstances"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "removeInstances": {
-     "id": "compute.instanceGroups.removeInstances",
-     "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/removeInstances",
-     "httpMethod": "POST",
-     "description": "Removes one or more instances from the specified instance group, but does not delete those instances.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration before the VM instance is removed or deleted.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the instance group where the specified instances will be removed.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroup"
-     ],
-     "request": {
-      "$ref": "InstanceGroupsRemoveInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setNamedPorts": {
-     "id": "compute.instanceGroups.setNamedPorts",
-     "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/setNamedPorts",
-     "httpMethod": "POST",
-     "description": "Sets the named ports for the specified instance group.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the instance group where the named ports are updated.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroup"
-     ],
-     "request": {
-      "$ref": "InstanceGroupsSetNamedPortsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.instanceGroups.testIamPermissions",
-     "path": "{project}/zones/{zone}/instanceGroups/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "instanceTemplates": {
-   "methods": {
-    "delete": {
-     "id": "compute.instanceTemplates.delete",
-     "path": "{project}/global/instanceTemplates/{instanceTemplate}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified instance template. If you delete an instance template that is being referenced from another instance group, the instance group will not be able to create or recreate virtual machine instances. Deleting an instance template is permanent and cannot be undone.",
-     "parameters": {
-      "instanceTemplate": {
-       "type": "string",
-       "description": "The name of the instance template to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "instanceTemplate"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.instanceTemplates.get",
-     "path": "{project}/global/instanceTemplates/{instanceTemplate}",
-     "httpMethod": "GET",
-     "description": "Returns the specified instance template. Get a list of available instance templates by making a list() request.",
-     "parameters": {
-      "instanceTemplate": {
-       "type": "string",
-       "description": "The name of the instance template.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "instanceTemplate"
-     ],
-     "response": {
-      "$ref": "InstanceTemplate"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.instanceTemplates.insert",
-     "path": "{project}/global/instanceTemplates",
-     "httpMethod": "POST",
-     "description": "Creates an instance template in the specified project using the data that is included in the request. If you are creating a new template to update an existing instance group, your new instance template must use the same network or, if applicable, the same subnetwork as the original template.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "InstanceTemplate"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.instanceTemplates.list",
-     "path": "{project}/global/instanceTemplates",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of instance templates that are contained within the specified project and zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InstanceTemplateList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.instanceTemplates.testIamPermissions",
-     "path": "{project}/global/instanceTemplates/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "instances": {
-   "methods": {
-    "addAccessConfig": {
-     "id": "compute.instances.addAccessConfig",
-     "path": "{project}/zones/{zone}/instances/{instance}/addAccessConfig",
-     "httpMethod": "POST",
-     "description": "Adds an access config to an instance's network interface.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "The instance name for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "networkInterface": {
-       "type": "string",
-       "description": "The name of the network interface to add to this instance.",
-       "required": true,
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance",
-      "networkInterface"
-     ],
-     "request": {
-      "$ref": "AccessConfig"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "addMaintenancePolicies": {
-     "id": "compute.instances.addMaintenancePolicies",
-     "path": "{project}/zones/{zone}/instances/{instance}/addMaintenancePolicies",
-     "httpMethod": "POST",
-     "description": "Adds existing maintenance policies to an instance. You can only add one policy right now which will be applied to this instance for scheduling live migrations.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "The instance name for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesAddMaintenancePoliciesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "aggregatedList": {
-     "id": "compute.instances.aggregatedList",
-     "path": "{project}/aggregated/instances",
-     "httpMethod": "GET",
-     "description": "Retrieves aggregated list of instances.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InstanceAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "attachDisk": {
-     "id": "compute.instances.attachDisk",
-     "path": "{project}/zones/{zone}/instances/{instance}/attachDisk",
-     "httpMethod": "POST",
-     "description": "Attaches an existing Disk resource to an instance. You must first create the disk before you can attach it. It is not possible to create and attach a disk at the same time. For more information, read Adding a persistent disk to your instance.",
-     "parameters": {
-      "forceAttach": {
-       "type": "boolean",
-       "description": "Whether to force attach the disk even if it's currently attached to another instance. This is only available for regional disks.",
-       "location": "query"
-      },
-      "instance": {
-       "type": "string",
-       "description": "The instance name for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "AttachedDisk"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "delete": {
-     "id": "compute.instances.delete",
-     "path": "{project}/zones/{zone}/instances/{instance}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified Instance resource. For more information, see Stopping or Deleting an Instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "deleteAccessConfig": {
-     "id": "compute.instances.deleteAccessConfig",
-     "path": "{project}/zones/{zone}/instances/{instance}/deleteAccessConfig",
-     "httpMethod": "POST",
-     "description": "Deletes an access config from an instance's network interface.",
-     "parameters": {
-      "accessConfig": {
-       "type": "string",
-       "description": "The name of the access config to delete.",
-       "required": true,
-       "location": "query"
-      },
-      "instance": {
-       "type": "string",
-       "description": "The instance name for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "networkInterface": {
-       "type": "string",
-       "description": "The name of the network interface.",
-       "required": true,
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance",
-      "accessConfig",
-      "networkInterface"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "detachDisk": {
-     "id": "compute.instances.detachDisk",
-     "path": "{project}/zones/{zone}/instances/{instance}/detachDisk",
-     "httpMethod": "POST",
-     "description": "Detaches a disk from an instance.",
-     "parameters": {
-      "deviceName": {
-       "type": "string",
-       "description": "Disk device name to detach.",
-       "required": true,
-       "location": "query"
-      },
-      "instance": {
-       "type": "string",
-       "description": "Instance name.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance",
-      "deviceName"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.instances.get",
-     "path": "{project}/zones/{zone}/instances/{instance}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Instance resource. Get a list of available instances by making a list() request.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "Instance"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getGuestAttributes": {
-     "id": "compute.instances.getGuestAttributes",
-     "path": "{project}/zones/{zone}/instances/{instance}/getGuestAttributes",
-     "httpMethod": "GET",
-     "description": "Returns the specified guest attributes entry.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "variableKey": {
-       "type": "string",
-       "description": "Specifies the key for the guest attributes entry.",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "GuestAttributes"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getIamPolicy": {
-     "id": "compute.instances.getIamPolicy",
-     "path": "{project}/zones/{zone}/instances/{resource}/getIamPolicy",
-     "httpMethod": "GET",
-     "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getSerialPortOutput": {
-     "id": "compute.instances.getSerialPortOutput",
-     "path": "{project}/zones/{zone}/instances/{instance}/serialPort",
-     "httpMethod": "GET",
-     "description": "Returns the specified instance's serial port output.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "port": {
-       "type": "integer",
-       "description": "Specifies which COM or serial port to retrieve data from.",
-       "default": "1",
-       "format": "int32",
-       "minimum": "1",
-       "maximum": "4",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "start": {
-       "type": "string",
-       "description": "Returns output starting from a specific byte position. Use this to page through output when the output is too large to return in a single request. For the initial request, leave this field unspecified. For subsequent calls, this field should be set to the next value returned in the previous call.",
-       "format": "int64",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "SerialPortOutput"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.instances.insert",
-     "path": "{project}/zones/{zone}/instances",
-     "httpMethod": "POST",
-     "description": "Creates an instance resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "sourceInstanceTemplate": {
-       "type": "string",
-       "description": "Specifies instance template to create the instance.\n\nThis field is optional. It can be a full or partial URL. For example, the following are all valid URLs to an instance template:  \n- https://www.googleapis.com/compute/v1/projects/project/global/global/instanceTemplates/instanceTemplate \n- projects/project/global/global/instanceTemplates/instanceTemplate \n- global/instancesTemplates/instanceTemplate",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "Instance"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.instances.list",
-     "path": "{project}/zones/{zone}/instances",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of instances contained within the specified zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "InstanceList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listReferrers": {
-     "id": "compute.instances.listReferrers",
-     "path": "{project}/zones/{zone}/instances/{instance}/referrers",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of referrers to instances contained within the specified zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "instance": {
-       "type": "string",
-       "description": "Name of the target instance scoping this request, or '-' if the request should span over all instances in the container.",
-       "required": true,
-       "pattern": "-|[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "InstanceListReferrers"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "removeMaintenancePolicies": {
-     "id": "compute.instances.removeMaintenancePolicies",
-     "path": "{project}/zones/{zone}/instances/{instance}/removeMaintenancePolicies",
-     "httpMethod": "POST",
-     "description": "Removes maintenance policies from an instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "The instance name for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesRemoveMaintenancePoliciesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "reset": {
-     "id": "compute.instances.reset",
-     "path": "{project}/zones/{zone}/instances/{instance}/reset",
-     "httpMethod": "POST",
-     "description": "Performs a reset on the instance. For more information, see Resetting an instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "resume": {
-     "id": "compute.instances.resume",
-     "path": "{project}/zones/{zone}/instances/{instance}/resume",
-     "httpMethod": "POST",
-     "description": "Resumes an instance that was suspended using the instances().suspend method.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to resume.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesResumeRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setDeletionProtection": {
-     "id": "compute.instances.setDeletionProtection",
-     "path": "{project}/zones/{zone}/instances/{resource}/setDeletionProtection",
-     "httpMethod": "POST",
-     "description": "Sets deletion protection on the instance.",
-     "parameters": {
-      "deletionProtection": {
-       "type": "boolean",
-       "description": "Whether the resource should be protected against deletion.",
-       "default": "true",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setDiskAutoDelete": {
-     "id": "compute.instances.setDiskAutoDelete",
-     "path": "{project}/zones/{zone}/instances/{instance}/setDiskAutoDelete",
-     "httpMethod": "POST",
-     "description": "Sets the auto-delete flag for a disk attached to an instance.",
-     "parameters": {
-      "autoDelete": {
-       "type": "boolean",
-       "description": "Whether to auto-delete the disk when the instance is deleted.",
-       "required": true,
-       "location": "query"
-      },
-      "deviceName": {
-       "type": "string",
-       "description": "The device name of the disk to modify.",
-       "required": true,
-       "pattern": "\\w[\\w.-]{0,254}",
-       "location": "query"
-      },
-      "instance": {
-       "type": "string",
-       "description": "The instance name.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance",
-      "autoDelete",
-      "deviceName"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setIamPolicy": {
-     "id": "compute.instances.setIamPolicy",
-     "path": "{project}/zones/{zone}/instances/{resource}/setIamPolicy",
-     "httpMethod": "POST",
-     "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "Policy"
-     },
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.instances.setLabels",
-     "path": "{project}/zones/{zone}/instances/{instance}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets labels on an instance. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setMachineResources": {
-     "id": "compute.instances.setMachineResources",
-     "path": "{project}/zones/{zone}/instances/{instance}/setMachineResources",
-     "httpMethod": "POST",
-     "description": "Changes the number and/or type of accelerator for a stopped instance to the values specified in the request.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesSetMachineResourcesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setMachineType": {
-     "id": "compute.instances.setMachineType",
-     "path": "{project}/zones/{zone}/instances/{instance}/setMachineType",
-     "httpMethod": "POST",
-     "description": "Changes the machine type for a stopped instance to the machine type specified in the request.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesSetMachineTypeRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setMetadata": {
-     "id": "compute.instances.setMetadata",
-     "path": "{project}/zones/{zone}/instances/{instance}/setMetadata",
-     "httpMethod": "POST",
-     "description": "Sets metadata for the specified instance to the data included in the request.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "Metadata"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setMinCpuPlatform": {
-     "id": "compute.instances.setMinCpuPlatform",
-     "path": "{project}/zones/{zone}/instances/{instance}/setMinCpuPlatform",
-     "httpMethod": "POST",
-     "description": "Changes the minimum CPU platform that this instance should use. This method can only be called on a stopped instance. For more information, read Specifying a Minimum CPU Platform.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesSetMinCpuPlatformRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setScheduling": {
-     "id": "compute.instances.setScheduling",
-     "path": "{project}/zones/{zone}/instances/{instance}/setScheduling",
-     "httpMethod": "POST",
-     "description": "Sets an instance's scheduling options.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Instance name.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "Scheduling"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setServiceAccount": {
-     "id": "compute.instances.setServiceAccount",
-     "path": "{project}/zones/{zone}/instances/{instance}/setServiceAccount",
-     "httpMethod": "POST",
-     "description": "Sets the service account on the instance. For more information, read Changing the service account and access scopes for an instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to start.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesSetServiceAccountRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setTags": {
-     "id": "compute.instances.setTags",
-     "path": "{project}/zones/{zone}/instances/{instance}/setTags",
-     "httpMethod": "POST",
-     "description": "Sets tags for the specified instance to the data included in the request.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "Tags"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "simulateMaintenanceEvent": {
-     "id": "compute.instances.simulateMaintenanceEvent",
-     "path": "{project}/zones/{zone}/instances/{instance}/simulateMaintenanceEvent",
-     "httpMethod": "POST",
-     "description": "Simulates a maintenance event on the instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "start": {
-     "id": "compute.instances.start",
-     "path": "{project}/zones/{zone}/instances/{instance}/start",
-     "httpMethod": "POST",
-     "description": "Starts an instance that was stopped using the using the instances().stop method. For more information, see Restart an instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to start.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "startWithEncryptionKey": {
-     "id": "compute.instances.startWithEncryptionKey",
-     "path": "{project}/zones/{zone}/instances/{instance}/startWithEncryptionKey",
-     "httpMethod": "POST",
-     "description": "Starts an instance that was stopped using the using the instances().stop method. For more information, see Restart an instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to start.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesStartWithEncryptionKeyRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "stop": {
-     "id": "compute.instances.stop",
-     "path": "{project}/zones/{zone}/instances/{instance}/stop",
-     "httpMethod": "POST",
-     "description": "Stops a running instance, shutting it down cleanly, and allows you to restart the instance at a later time. Stopped instances do not incur VM usage charges while they are stopped. However, resources that the VM is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted. For more information, see Stopping an instance.",
-     "parameters": {
-      "discardLocalSsd": {
-       "type": "boolean",
-       "description": "If true, discard the contents of any attached localSSD partitions. Default value is false (== preserve localSSD data).",
-       "location": "query"
-      },
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to stop.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "suspend": {
-     "id": "compute.instances.suspend",
-     "path": "{project}/zones/{zone}/instances/{instance}/suspend",
-     "httpMethod": "POST",
-     "description": "This method suspends a running instance, saving its state to persistent storage, and allows you to resume the instance at a later time. Suspended instances incur reduced per-minute, virtual machine usage charges while they are suspended. Any resources the virtual machine is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted.",
-     "parameters": {
-      "discardLocalSsd": {
-       "type": "boolean",
-       "description": "If true, discard the contents of any attached localSSD partitions. Default value is false (== preserve localSSD data).",
-       "location": "query"
-      },
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to suspend.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.instances.testIamPermissions",
-     "path": "{project}/zones/{zone}/instances/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "updateAccessConfig": {
-     "id": "compute.instances.updateAccessConfig",
-     "path": "{project}/zones/{zone}/instances/{instance}/updateAccessConfig",
-     "httpMethod": "POST",
-     "description": "Updates the specified access config from an instance's network interface with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "The instance name for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "networkInterface": {
-       "type": "string",
-       "description": "The name of the network interface where the access config is attached.",
-       "required": true,
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance",
-      "networkInterface"
-     ],
-     "request": {
-      "$ref": "AccessConfig"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "updateNetworkInterface": {
-     "id": "compute.instances.updateNetworkInterface",
-     "path": "{project}/zones/{zone}/instances/{instance}/updateNetworkInterface",
-     "httpMethod": "PATCH",
-     "description": "Updates an instance's network interface. This method follows PATCH semantics.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "The instance name for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "networkInterface": {
-       "type": "string",
-       "description": "The name of the network interface to update.",
-       "required": true,
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance",
-      "networkInterface"
-     ],
-     "request": {
-      "$ref": "NetworkInterface"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "updateShieldedVmConfig": {
-     "id": "compute.instances.updateShieldedVmConfig",
-     "path": "{project}/zones/{zone}/instances/{instance}/updateShieldedVmConfig",
-     "httpMethod": "PATCH",
-     "description": "Updates the Shielded VM config for an instance. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "ShieldedVmConfig"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "interconnectAttachments": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.interconnectAttachments.aggregatedList",
-     "path": "{project}/aggregated/interconnectAttachments",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of interconnect attachments.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InterconnectAttachmentAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.interconnectAttachments.delete",
-     "path": "{project}/regions/{region}/interconnectAttachments/{interconnectAttachment}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified interconnect attachment.",
-     "parameters": {
-      "interconnectAttachment": {
-       "type": "string",
-       "description": "Name of the interconnect attachment to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "interconnectAttachment"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.interconnectAttachments.get",
-     "path": "{project}/regions/{region}/interconnectAttachments/{interconnectAttachment}",
-     "httpMethod": "GET",
-     "description": "Returns the specified interconnect attachment.",
-     "parameters": {
-      "interconnectAttachment": {
-       "type": "string",
-       "description": "Name of the interconnect attachment to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "interconnectAttachment"
-     ],
-     "response": {
-      "$ref": "InterconnectAttachment"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getIamPolicy": {
-     "id": "compute.interconnectAttachments.getIamPolicy",
-     "path": "{project}/regions/{region}/interconnectAttachments/{resource}/getIamPolicy",
-     "httpMethod": "GET",
-     "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.interconnectAttachments.insert",
-     "path": "{project}/regions/{region}/interconnectAttachments",
-     "httpMethod": "POST",
-     "description": "Creates an InterconnectAttachment in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "InterconnectAttachment"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.interconnectAttachments.list",
-     "path": "{project}/regions/{region}/interconnectAttachments",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of interconnect attachments contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "InterconnectAttachmentList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.interconnectAttachments.patch",
-     "path": "{project}/regions/{region}/interconnectAttachments/{interconnectAttachment}",
-     "httpMethod": "PATCH",
-     "description": "Updates the specified interconnect attachment with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "interconnectAttachment": {
-       "type": "string",
-       "description": "Name of the interconnect attachment to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "interconnectAttachment"
-     ],
-     "request": {
-      "$ref": "InterconnectAttachment"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setIamPolicy": {
-     "id": "compute.interconnectAttachments.setIamPolicy",
-     "path": "{project}/regions/{region}/interconnectAttachments/{resource}/setIamPolicy",
-     "httpMethod": "POST",
-     "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "Policy"
-     },
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.interconnectAttachments.setLabels",
-     "path": "{project}/regions/{region}/interconnectAttachments/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on an InterconnectAttachment. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "RegionSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.interconnectAttachments.testIamPermissions",
-     "path": "{project}/regions/{region}/interconnectAttachments/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "interconnectLocations": {
-   "methods": {
-    "get": {
-     "id": "compute.interconnectLocations.get",
-     "path": "{project}/global/interconnectLocations/{interconnectLocation}",
-     "httpMethod": "GET",
-     "description": "Returns the details for the specified interconnect location. Get a list of available interconnect locations by making a list() request.",
-     "parameters": {
-      "interconnectLocation": {
-       "type": "string",
-       "description": "Name of the interconnect location to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "interconnectLocation"
-     ],
-     "response": {
-      "$ref": "InterconnectLocation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.interconnectLocations.list",
-     "path": "{project}/global/interconnectLocations",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of interconnect locations available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InterconnectLocationList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.interconnectLocations.testIamPermissions",
-     "path": "{project}/global/interconnectLocations/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "interconnects": {
-   "methods": {
-    "delete": {
-     "id": "compute.interconnects.delete",
-     "path": "{project}/global/interconnects/{interconnect}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified interconnect.",
-     "parameters": {
-      "interconnect": {
-       "type": "string",
-       "description": "Name of the interconnect to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "interconnect"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.interconnects.get",
-     "path": "{project}/global/interconnects/{interconnect}",
-     "httpMethod": "GET",
-     "description": "Returns the specified interconnect. Get a list of available interconnects by making a list() request.",
-     "parameters": {
-      "interconnect": {
-       "type": "string",
-       "description": "Name of the interconnect to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "interconnect"
-     ],
-     "response": {
-      "$ref": "Interconnect"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getIamPolicy": {
-     "id": "compute.interconnects.getIamPolicy",
-     "path": "{project}/global/interconnects/{resource}/getIamPolicy",
-     "httpMethod": "GET",
-     "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.interconnects.insert",
-     "path": "{project}/global/interconnects",
-     "httpMethod": "POST",
-     "description": "Creates a Interconnect in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Interconnect"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.interconnects.list",
-     "path": "{project}/global/interconnects",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of interconnect available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InterconnectList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.interconnects.patch",
-     "path": "{project}/global/interconnects/{interconnect}",
-     "httpMethod": "PATCH",
-     "description": "Updates the specified interconnect with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "interconnect": {
-       "type": "string",
-       "description": "Name of the interconnect to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "interconnect"
-     ],
-     "request": {
-      "$ref": "Interconnect"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setIamPolicy": {
-     "id": "compute.interconnects.setIamPolicy",
-     "path": "{project}/global/interconnects/{resource}/setIamPolicy",
-     "httpMethod": "POST",
-     "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "Policy"
-     },
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.interconnects.setLabels",
-     "path": "{project}/global/interconnects/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on an Interconnect. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "GlobalSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.interconnects.testIamPermissions",
-     "path": "{project}/global/interconnects/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "licenseCodes": {
-   "methods": {
-    "get": {
-     "id": "compute.licenseCodes.get",
-     "path": "{project}/global/licenseCodes/{licenseCode}",
-     "httpMethod": "GET",
-     "description": "Return a specified license code. License codes are mirrored across all projects that have permissions to read the License Code.",
-     "parameters": {
-      "licenseCode": {
-       "type": "string",
-       "description": "Number corresponding to the License code resource to return.",
-       "required": true,
-       "pattern": "[0-9]{0,61}?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "licenseCode"
-     ],
-     "response": {
-      "$ref": "LicenseCode"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getIamPolicy": {
-     "id": "compute.licenseCodes.getIamPolicy",
-     "path": "{project}/global/licenseCodes/{resource}/getIamPolicy",
-     "httpMethod": "GET",
-     "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setIamPolicy": {
-     "id": "compute.licenseCodes.setIamPolicy",
-     "path": "{project}/global/licenseCodes/{resource}/setIamPolicy",
-     "httpMethod": "POST",
-     "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "Policy"
-     },
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.licenseCodes.testIamPermissions",
-     "path": "{project}/global/licenseCodes/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "licenses": {
-   "methods": {
-    "delete": {
-     "id": "compute.licenses.delete",
-     "path": "{project}/global/licenses/{license}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified license.",
-     "parameters": {
-      "license": {
-       "type": "string",
-       "description": "Name of the license resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "license"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.licenses.get",
-     "path": "{project}/global/licenses/{license}",
-     "httpMethod": "GET",
-     "description": "Returns the specified License resource.",
-     "parameters": {
-      "license": {
-       "type": "string",
-       "description": "Name of the License resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "license"
-     ],
-     "response": {
-      "$ref": "License"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getIamPolicy": {
-     "id": "compute.licenses.getIamPolicy",
-     "path": "{project}/global/licenses/{resource}/getIamPolicy",
-     "httpMethod": "GET",
-     "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.licenses.insert",
-     "path": "{project}/global/licenses",
-     "httpMethod": "POST",
-     "description": "Create a License resource in the specified project.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "License"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/devstorage.full_control",
-      "https://www.googleapis.com/auth/devstorage.read_only",
-      "https://www.googleapis.com/auth/devstorage.read_write"
-     ]
-    },
-    "list": {
-     "id": "compute.licenses.list",
-     "path": "{project}/global/licenses",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of licenses available in the specified project. This method does not get any licenses that belong to other projects, including licenses attached to publicly-available images, like Debian 8. If you want to get a list of publicly-available licenses, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "LicensesListResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setIamPolicy": {
-     "id": "compute.licenses.setIamPolicy",
-     "path": "{project}/global/licenses/{resource}/setIamPolicy",
-     "httpMethod": "POST",
-     "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "Policy"
-     },
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.licenses.testIamPermissions",
-     "path": "{project}/global/licenses/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "machineTypes": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.machineTypes.aggregatedList",
-     "path": "{project}/aggregated/machineTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of machine types.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "MachineTypeAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "get": {
-     "id": "compute.machineTypes.get",
-     "path": "{project}/zones/{zone}/machineTypes/{machineType}",
-     "httpMethod": "GET",
-     "description": "Returns the specified machine type. Get a list of available machine types by making a list() request.",
-     "parameters": {
-      "machineType": {
-       "type": "string",
-       "description": "Name of the machine type to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "machineType"
-     ],
-     "response": {
-      "$ref": "MachineType"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.machineTypes.list",
-     "path": "{project}/zones/{zone}/machineTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of machine types available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "MachineTypeList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "maintenancePolicies": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.maintenancePolicies.aggregatedList",
-     "path": "{project}/aggregated/maintenancePolicies",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of maintenance policies.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "MaintenancePolicyAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.maintenancePolicies.delete",
-     "path": "{project}/regions/{region}/maintenancePolicies/{maintenancePolicy}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified maintenance policy.",
-     "parameters": {
-      "maintenancePolicy": {
-       "type": "string",
-       "description": "Name of the maintenance policy to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "maintenancePolicy"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.maintenancePolicies.get",
-     "path": "{project}/regions/{region}/maintenancePolicies/{maintenancePolicy}",
-     "httpMethod": "GET",
-     "description": "Retrieves all information of the specified maintenance policy.",
-     "parameters": {
-      "maintenancePolicy": {
-       "type": "string",
-       "description": "Name of the maintenance policy to retrieve.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "maintenancePolicy"
-     ],
-     "response": {
-      "$ref": "MaintenancePolicy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getIamPolicy": {
-     "id": "compute.maintenancePolicies.getIamPolicy",
-     "path": "{project}/regions/{region}/maintenancePolicies/{resource}/getIamPolicy",
-     "httpMethod": "GET",
-     "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.maintenancePolicies.insert",
-     "path": "{project}/regions/{region}/maintenancePolicies",
-     "httpMethod": "POST",
-     "description": "Creates a new maintenance policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "MaintenancePolicy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.maintenancePolicies.list",
-     "path": "{project}/regions/{region}/maintenancePolicies",
-     "httpMethod": "GET",
-     "description": "List all the maintenance policies that have been configured for the specified project in specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "MaintenancePoliciesList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setIamPolicy": {
-     "id": "compute.maintenancePolicies.setIamPolicy",
-     "path": "{project}/regions/{region}/maintenancePolicies/{resource}/setIamPolicy",
-     "httpMethod": "POST",
-     "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "Policy"
-     },
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.maintenancePolicies.testIamPermissions",
-     "path": "{project}/regions/{region}/maintenancePolicies/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "networkEndpointGroups": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.networkEndpointGroups.aggregatedList",
-     "path": "{project}/aggregated/networkEndpointGroups",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of network endpoint groups and sorts them by zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "NetworkEndpointGroupAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "attachNetworkEndpoints": {
-     "id": "compute.networkEndpointGroups.attachNetworkEndpoints",
-     "path": "{project}/zones/{zone}/networkEndpointGroups/{networkEndpointGroup}/attachNetworkEndpoints",
-     "httpMethod": "POST",
-     "description": "Attach a list of network endpoints to the specified network endpoint group.",
-     "parameters": {
-      "networkEndpointGroup": {
-       "type": "string",
-       "description": "The name of the network endpoint group where you are attaching network endpoints to. It should comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the network endpoint group is located. It should comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "networkEndpointGroup"
-     ],
-     "request": {
-      "$ref": "NetworkEndpointGroupsAttachEndpointsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "delete": {
-     "id": "compute.networkEndpointGroups.delete",
-     "path": "{project}/zones/{zone}/networkEndpointGroups/{networkEndpointGroup}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified network endpoint group. The network endpoints in the NEG and the VM instances they belong to are not terminated when the NEG is deleted. Note that the NEG cannot be deleted if there are backend services referencing it.",
-     "parameters": {
-      "networkEndpointGroup": {
-       "type": "string",
-       "description": "The name of the network endpoint group to delete. It should comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the network endpoint group is located. It should comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "networkEndpointGroup"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "detachNetworkEndpoints": {
-     "id": "compute.networkEndpointGroups.detachNetworkEndpoints",
-     "path": "{project}/zones/{zone}/networkEndpointGroups/{networkEndpointGroup}/detachNetworkEndpoints",
-     "httpMethod": "POST",
-     "description": "Detach a list of network endpoints from the specified network endpoint group.",
-     "parameters": {
-      "networkEndpointGroup": {
-       "type": "string",
-       "description": "The name of the network endpoint group where you are removing network endpoints. It should comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the network endpoint group is located. It should comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "networkEndpointGroup"
-     ],
-     "request": {
-      "$ref": "NetworkEndpointGroupsDetachEndpointsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.networkEndpointGroups.get",
-     "path": "{project}/zones/{zone}/networkEndpointGroups/{networkEndpointGroup}",
-     "httpMethod": "GET",
-     "description": "Returns the specified network endpoint group. Get a list of available network endpoint groups by making a list() request.",
-     "parameters": {
-      "networkEndpointGroup": {
-       "type": "string",
-       "description": "The name of the network endpoint group. It should comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the network endpoint group is located. It should comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "networkEndpointGroup"
-     ],
-     "response": {
-      "$ref": "NetworkEndpointGroup"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.networkEndpointGroups.insert",
-     "path": "{project}/zones/{zone}/networkEndpointGroups",
-     "httpMethod": "POST",
-     "description": "Creates a network endpoint group in the specified project using the parameters that are included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where you want to create the network endpoint group. It should comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "NetworkEndpointGroup"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.networkEndpointGroups.list",
-     "path": "{project}/zones/{zone}/networkEndpointGroups",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of network endpoint groups that are located in the specified project and zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the network endpoint group is located. It should comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "NetworkEndpointGroupList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listNetworkEndpoints": {
-     "id": "compute.networkEndpointGroups.listNetworkEndpoints",
-     "path": "{project}/zones/{zone}/networkEndpointGroups/{networkEndpointGroup}/listNetworkEndpoints",
-     "httpMethod": "POST",
-     "description": "List the network endpoints in the specified network endpoint group.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "networkEndpointGroup": {
-       "type": "string",
-       "description": "The name of the network endpoint group from which you want to generate a list of included network endpoints. It should comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the network endpoint group is located. It should comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "networkEndpointGroup"
-     ],
-     "request": {
-      "$ref": "NetworkEndpointGroupsListEndpointsRequest"
-     },
-     "response": {
-      "$ref": "NetworkEndpointGroupsListNetworkEndpoints"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.networkEndpointGroups.testIamPermissions",
-     "path": "{project}/zones/{zone}/networkEndpointGroups/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "networks": {
-   "methods": {
-    "addPeering": {
-     "id": "compute.networks.addPeering",
-     "path": "{project}/global/networks/{network}/addPeering",
-     "httpMethod": "POST",
-     "description": "Adds a peering to the specified network.",
-     "parameters": {
-      "network": {
-       "type": "string",
-       "description": "Name of the network resource to add peering to.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "network"
-     ],
-     "request": {
-      "$ref": "NetworksAddPeeringRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "delete": {
-     "id": "compute.networks.delete",
-     "path": "{project}/global/networks/{network}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified network.",
-     "parameters": {
-      "network": {
-       "type": "string",
-       "description": "Name of the network to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "network"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.networks.get",
-     "path": "{project}/global/networks/{network}",
-     "httpMethod": "GET",
-     "description": "Returns the specified network. Get a list of available networks by making a list() request.",
-     "parameters": {
-      "network": {
-       "type": "string",
-       "description": "Name of the network to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "network"
-     ],
-     "response": {
-      "$ref": "Network"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.networks.insert",
-     "path": "{project}/global/networks",
-     "httpMethod": "POST",
-     "description": "Creates a network in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Network"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.networks.list",
-     "path": "{project}/global/networks",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of networks available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "NetworkList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listIpOwners": {
-     "id": "compute.networks.listIpOwners",
-     "path": "{project}/global/networks/{network}/listIpOwners",
-     "httpMethod": "GET",
-     "description": "List the internal IP owners in the specified network.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "ipCidrRange": {
-       "type": "string",
-       "description": "(Optional) IP CIDR range filter, example: \"10.128.10.0/30\".",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "network": {
-       "type": "string",
-       "description": "Name of the network to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "ownerProjects": {
-       "type": "string",
-       "description": "(Optional) Project IDs filter, example: \"project-1,project-2\".",
-       "location": "query"
-      },
-      "ownerTypes": {
-       "type": "string",
-       "description": "(Optional) Owner types filter, example: \"instance,forwardingRule\".",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "subnetName": {
-       "type": "string",
-       "description": "(Optional) Subnetwork name filter.",
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "query"
-      },
-      "subnetRegion": {
-       "type": "string",
-       "description": "(Optional) Subnetwork region filter.",
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "network"
-     ],
-     "response": {
-      "$ref": "IpOwnerList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.networks.patch",
-     "path": "{project}/global/networks/{network}",
-     "httpMethod": "PATCH",
-     "description": "Patches the specified network with the data included in the request. Only the following fields can be modified: routingConfig.routingMode.",
-     "parameters": {
-      "network": {
-       "type": "string",
-       "description": "Name of the network to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "network"
-     ],
-     "request": {
-      "$ref": "Network"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "removePeering": {
-     "id": "compute.networks.removePeering",
-     "path": "{project}/global/networks/{network}/removePeering",
-     "httpMethod": "POST",
-     "description": "Removes a peering from the specified network.",
-     "parameters": {
-      "network": {
-       "type": "string",
-       "description": "Name of the network resource to remove peering from.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "network"
-     ],
-     "request": {
-      "$ref": "NetworksRemovePeeringRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "switchToCustomMode": {
-     "id": "compute.networks.switchToCustomMode",
-     "path": "{project}/global/networks/{network}/switchToCustomMode",
-     "httpMethod": "POST",
-     "description": "Switches the network mode from auto subnet mode to custom subnet mode.",
-     "parameters": {
-      "network": {
-       "type": "string",
-       "description": "Name of the network to be updated.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "network"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.networks.testIamPermissions",
-     "path": "{project}/global/networks/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "projects": {
-   "methods": {
-    "disableXpnHost": {
-     "id": "compute.projects.disableXpnHost",
-     "path": "{project}/disableXpnHost",
-     "httpMethod": "POST",
-     "description": "Disable this project as a shared VPC host project.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "disableXpnResource": {
-     "id": "compute.projects.disableXpnResource",
-     "path": "{project}/disableXpnResource",
-     "httpMethod": "POST",
-     "description": "Disable a serivce resource (a.k.a service project) associated with this host project.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "ProjectsDisableXpnResourceRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "enableXpnHost": {
-     "id": "compute.projects.enableXpnHost",
-     "path": "{project}/enableXpnHost",
-     "httpMethod": "POST",
-     "description": "Enable this project as a shared VPC host project.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "enableXpnResource": {
-     "id": "compute.projects.enableXpnResource",
-     "path": "{project}/enableXpnResource",
-     "httpMethod": "POST",
-     "description": "Enable service resource (a.k.a service project) for a host project, so that subnets in the host project can be used by instances in the service project.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "ProjectsEnableXpnResourceRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.projects.get",
-     "path": "{project}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Project resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "Project"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getXpnHost": {
-     "id": "compute.projects.getXpnHost",
-     "path": "{project}/getXpnHost",
-     "httpMethod": "GET",
-     "description": "Get the shared VPC host project that this project links to. May be empty if no link exists.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "Project"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "getXpnResources": {
-     "id": "compute.projects.getXpnResources",
-     "path": "{project}/getXpnResources",
-     "httpMethod": "GET",
-     "description": "Get service resources (a.k.a service project) associated with this host project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "order_by": {
-       "type": "string",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "ProjectsGetXpnResources"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "listXpnHosts": {
-     "id": "compute.projects.listXpnHosts",
-     "path": "{project}/listXpnHosts",
-     "httpMethod": "POST",
-     "description": "List all shared VPC host projects visible to the user in an organization.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "order_by": {
-       "type": "string",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "ProjectsListXpnHostsRequest"
-     },
-     "response": {
-      "$ref": "XpnHostList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "moveDisk": {
-     "id": "compute.projects.moveDisk",
-     "path": "{project}/moveDisk",
-     "httpMethod": "POST",
-     "description": "Moves a persistent disk from one zone to another.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "DiskMoveRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "moveInstance": {
-     "id": "compute.projects.moveInstance",
-     "path": "{project}/moveInstance",
-     "httpMethod": "POST",
-     "description": "Moves an instance and its attached persistent disks from one zone to another.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "InstanceMoveRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setCommonInstanceMetadata": {
-     "id": "compute.projects.setCommonInstanceMetadata",
-     "path": "{project}/setCommonInstanceMetadata",
-     "httpMethod": "POST",
-     "description": "Sets metadata common to all instances within the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Metadata"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setDefaultNetworkTier": {
-     "id": "compute.projects.setDefaultNetworkTier",
-     "path": "{project}/setDefaultNetworkTier",
-     "httpMethod": "POST",
-     "description": "Sets the default network tier of the project. The default network tier is used when an address/forwardingRule/instance is created without specifying the network tier field.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "ProjectsSetDefaultNetworkTierRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setDefaultServiceAccount": {
-     "id": "compute.projects.setDefaultServiceAccount",
-     "path": "{project}/setDefaultServiceAccount",
-     "httpMethod": "POST",
-     "description": "Sets the default service account of the project. The default service account is used when a VM instance is created with the service account email address set to \"default\".",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "ProjectsSetDefaultServiceAccountRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setUsageExportBucket": {
-     "id": "compute.projects.setUsageExportBucket",
-     "path": "{project}/setUsageExportBucket",
-     "httpMethod": "POST",
-     "description": "Enables the usage export feature and sets the usage export bucket where reports are stored. If you provide an empty request body using this method, the usage export feature will be disabled.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "UsageExportLocation"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/devstorage.full_control",
-      "https://www.googleapis.com/auth/devstorage.read_only",
-      "https://www.googleapis.com/auth/devstorage.read_write"
-     ]
-    }
-   }
-  },
-  "regionAutoscalers": {
-   "methods": {
-    "delete": {
-     "id": "compute.regionAutoscalers.delete",
-     "path": "{project}/regions/{region}/autoscalers/{autoscaler}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified autoscaler.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "autoscaler"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.regionAutoscalers.get",
-     "path": "{project}/regions/{region}/autoscalers/{autoscaler}",
-     "httpMethod": "GET",
-     "description": "Returns the specified autoscaler.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "autoscaler"
-     ],
-     "response": {
-      "$ref": "Autoscaler"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.regionAutoscalers.insert",
-     "path": "{project}/regions/{region}/autoscalers",
-     "httpMethod": "POST",
-     "description": "Creates an autoscaler in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Autoscaler"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.regionAutoscalers.list",
-     "path": "{project}/regions/{region}/autoscalers",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of autoscalers contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "RegionAutoscalerList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.regionAutoscalers.patch",
-     "path": "{project}/regions/{region}/autoscalers",
-     "httpMethod": "PATCH",
-     "description": "Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to patch.",
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Autoscaler"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.regionAutoscalers.testIamPermissions",
-     "path": "{project}/regions/{region}/autoscalers/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.regionAutoscalers.update",
-     "path": "{project}/regions/{region}/autoscalers",
-     "httpMethod": "PUT",
-     "description": "Updates an autoscaler in the specified project using the data included in the request.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to update.",
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Autoscaler"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "regionBackendServices": {
-   "methods": {
-    "delete": {
-     "id": "compute.regionBackendServices.delete",
-     "path": "{project}/regions/{region}/backendServices/{backendService}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified regional BackendService resource.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "backendService"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.regionBackendServices.get",
-     "path": "{project}/regions/{region}/backendServices/{backendService}",
-     "httpMethod": "GET",
-     "description": "Returns the specified regional BackendService resource.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "backendService"
-     ],
-     "response": {
-      "$ref": "BackendService"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getHealth": {
-     "id": "compute.regionBackendServices.getHealth",
-     "path": "{project}/regions/{region}/backendServices/{backendService}/getHealth",
-     "httpMethod": "POST",
-     "description": "Gets the most recent health check results for this regional BackendService.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to which the queried instance belongs.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "ResourceGroupReference"
-     },
-     "response": {
-      "$ref": "BackendServiceGroupHealth"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.regionBackendServices.insert",
-     "path": "{project}/regions/{region}/backendServices",
-     "httpMethod": "POST",
-     "description": "Creates a regional BackendService resource in the specified project using the data included in the request. There are several restrictions and guidelines to keep in mind when creating a regional backend service. Read  Restrictions and Guidelines for more information.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "BackendService"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.regionBackendServices.list",
-     "path": "{project}/regions/{region}/backendServices",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of regional BackendService resources available to the specified project in the given region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "BackendServiceList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.regionBackendServices.patch",
-     "path": "{project}/regions/{region}/backendServices/{backendService}",
-     "httpMethod": "PATCH",
-     "description": "Updates the specified regional BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "BackendService"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.regionBackendServices.testIamPermissions",
-     "path": "{project}/regions/{region}/backendServices/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.regionBackendServices.update",
-     "path": "{project}/regions/{region}/backendServices/{backendService}",
-     "httpMethod": "PUT",
-     "description": "Updates the specified regional BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "BackendService"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "regionCommitments": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.regionCommitments.aggregatedList",
-     "path": "{project}/aggregated/commitments",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of commitments.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "CommitmentAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "get": {
-     "id": "compute.regionCommitments.get",
-     "path": "{project}/regions/{region}/commitments/{commitment}",
-     "httpMethod": "GET",
-     "description": "Returns the specified commitment resource. Get a list of available commitments by making a list() request.",
-     "parameters": {
-      "commitment": {
-       "type": "string",
-       "description": "Name of the commitment to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "commitment"
-     ],
-     "response": {
-      "$ref": "Commitment"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.regionCommitments.insert",
-     "path": "{project}/regions/{region}/commitments",
-     "httpMethod": "POST",
-     "description": "Creates a commitment in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Commitment"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.regionCommitments.list",
-     "path": "{project}/regions/{region}/commitments",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of commitments contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "CommitmentList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.regionCommitments.testIamPermissions",
-     "path": "{project}/regions/{region}/commitments/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "regionDiskTypes": {
-   "methods": {
-    "get": {
-     "id": "compute.regionDiskTypes.get",
-     "path": "{project}/regions/{region}/diskTypes/{diskType}",
-     "httpMethod": "GET",
-     "description": "Returns the specified regional disk type. Get a list of available disk types by making a list() request.",
-     "parameters": {
-      "diskType": {
-       "type": "string",
-       "description": "Name of the disk type to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "diskType"
-     ],
-     "response": {
-      "$ref": "DiskType"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.regionDiskTypes.list",
-     "path": "{project}/regions/{region}/diskTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of regional disk types available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "RegionDiskTypeList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "regionDisks": {
-   "methods": {
-    "createSnapshot": {
-     "id": "compute.regionDisks.createSnapshot",
-     "path": "{project}/regions/{region}/disks/{disk}/createSnapshot",
-     "httpMethod": "POST",
-     "description": "Creates a snapshot of this regional disk.",
-     "parameters": {
-      "disk": {
-       "type": "string",
-       "description": "Name of the regional persistent disk to snapshot.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "guestFlush": {
-       "type": "boolean",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "disk"
-     ],
-     "request": {
-      "$ref": "Snapshot"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "delete": {
-     "id": "compute.regionDisks.delete",
-     "path": "{project}/regions/{region}/disks/{disk}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified regional persistent disk. Deleting a regional disk removes all the replicas of its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.",
-     "parameters": {
-      "disk": {
-       "type": "string",
-       "description": "Name of the regional persistent disk to delete.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "disk"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.regionDisks.get",
-     "path": "{project}/regions/{region}/disks/{disk}",
-     "httpMethod": "GET",
-     "description": "Returns a specified regional persistent disk.",
-     "parameters": {
-      "disk": {
-       "type": "string",
-       "description": "Name of the regional persistent disk to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "disk"
-     ],
-     "response": {
-      "$ref": "Disk"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.regionDisks.insert",
-     "path": "{project}/regions/{region}/disks",
-     "httpMethod": "POST",
-     "description": "Creates a persistent regional disk in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "sourceImage": {
-       "type": "string",
-       "description": "Optional. Source image to restore onto a disk.",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Disk"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.regionDisks.list",
-     "path": "{project}/regions/{region}/disks",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of persistent disks contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "DiskList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "resize": {
-     "id": "compute.regionDisks.resize",
-     "path": "{project}/regions/{region}/disks/{disk}/resize",
-     "httpMethod": "POST",
-     "description": "Resizes the specified regional persistent disk.",
-     "parameters": {
-      "disk": {
-       "type": "string",
-       "description": "Name of the regional persistent disk.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "The project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "disk"
-     ],
-     "request": {
-      "$ref": "RegionDisksResizeRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.regionDisks.setLabels",
-     "path": "{project}/regions/{region}/disks/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on the target regional disk.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "RegionSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.regionDisks.testIamPermissions",
-     "path": "{project}/regions/{region}/disks/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "regionInstanceGroupManagers": {
-   "methods": {
-    "abandonInstances": {
-     "id": "compute.regionInstanceGroupManagers.abandonInstances",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/abandonInstances",
-     "httpMethod": "POST",
-     "description": "Schedules a group action to remove the specified instances from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagersAbandonInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "applyUpdatesToInstances": {
-     "id": "compute.regionInstanceGroupManagers.applyUpdatesToInstances",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/applyUpdatesToInstances",
-     "httpMethod": "POST",
-     "description": "Apply updates to selected instances the managed instance group.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group, should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request, should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagersApplyUpdatesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "delete": {
-     "id": "compute.regionInstanceGroupManagers.delete",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified managed instance group and all of the instances in that group.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group to delete.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "deleteInstances": {
-     "id": "compute.regionInstanceGroupManagers.deleteInstances",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/deleteInstances",
-     "httpMethod": "POST",
-     "description": "Schedules a group action to delete the specified instances in the managed instance group. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagersDeleteInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "deletePerInstanceConfigs": {
-     "id": "compute.regionInstanceGroupManagers.deletePerInstanceConfigs",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/deletePerInstanceConfigs",
-     "httpMethod": "POST",
-     "description": "Delete selected per-instance configs for the managed instance group.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group. It should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request, should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagerDeleteInstanceConfigReq"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.regionInstanceGroupManagers.get",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "GET",
-     "description": "Returns all of the details about the specified managed instance group.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group to return.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "InstanceGroupManager"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.regionInstanceGroupManagers.insert",
-     "path": "{project}/regions/{region}/instanceGroupManagers",
-     "httpMethod": "POST",
-     "description": "Creates a managed instance group using the information that you specify in the request. After the group is created, it schedules an action to create instances in the group using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.\n\nA regional managed instance group can contain up to 2000 instances.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManager"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.regionInstanceGroupManagers.list",
-     "path": "{project}/regions/{region}/instanceGroupManagers",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of managed instance groups that are contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "RegionInstanceGroupManagerList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listManagedInstances": {
-     "id": "compute.regionInstanceGroupManagers.listManagedInstances",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/listManagedInstances",
-     "httpMethod": "POST",
-     "description": "Lists the instances in the managed instance group and instances that are scheduled to be created. The list includes any current actions that the group has scheduled for its instances.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "location": "query"
-      },
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "maxResults": {
-       "type": "integer",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "order_by": {
-       "type": "string",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "RegionInstanceGroupManagersListInstancesResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listPerInstanceConfigs": {
-     "id": "compute.regionInstanceGroupManagers.listPerInstanceConfigs",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/listPerInstanceConfigs",
-     "httpMethod": "POST",
-     "description": "Lists all of the per-instance configs defined for the managed instance group.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group. It should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request, should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "RegionInstanceGroupManagersListInstanceConfigsResp"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.regionInstanceGroupManagers.patch",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "PATCH",
-     "description": "Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listmanagedinstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the instance group manager.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManager"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "recreateInstances": {
-     "id": "compute.regionInstanceGroupManagers.recreateInstances",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/recreateInstances",
-     "httpMethod": "POST",
-     "description": "Schedules a group action to recreate the specified instances in the managed instance group. The instances are deleted and recreated using the current instance template for the managed instance group. This operation is marked as DONE when the action is scheduled even if the instances have not yet been recreated. You must separately verify the status of the recreating action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagersRecreateRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "resize": {
-     "id": "compute.regionInstanceGroupManagers.resize",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/resize",
-     "httpMethod": "POST",
-     "description": "Changes the intended size for the managed instance group. If you increase the size, the group schedules actions to create new instances using the current instance template. If you decrease the size, the group schedules delete actions on one or more instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "size": {
-       "type": "integer",
-       "description": "Number of instances that should exist in this instance group manager.",
-       "required": true,
-       "format": "int32",
-       "minimum": "0",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager",
-      "size"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setAutoHealingPolicies": {
-     "id": "compute.regionInstanceGroupManagers.setAutoHealingPolicies",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/setAutoHealingPolicies",
-     "httpMethod": "POST",
-     "description": "Modifies the autohealing policy for the instances in this managed instance group.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagersSetAutoHealingRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setInstanceTemplate": {
-     "id": "compute.regionInstanceGroupManagers.setInstanceTemplate",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/setInstanceTemplate",
-     "httpMethod": "POST",
-     "description": "Sets the instance template to use when creating new instances or recreating instances in this group. Existing instances are not affected.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagersSetTemplateRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setTargetPools": {
-     "id": "compute.regionInstanceGroupManagers.setTargetPools",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/setTargetPools",
-     "httpMethod": "POST",
-     "description": "Modifies the target pools to which all new instances in this group are assigned. Existing instances in the group are not affected.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagersSetTargetPoolsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.regionInstanceGroupManagers.testIamPermissions",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.regionInstanceGroupManagers.update",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "PUT",
-     "description": "Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is updated even if the instances in the group have not yet been updated. You must separately verify the status of the individual instances with the listmanagedinstances method.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the instance group manager.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManager"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "updatePerInstanceConfigs": {
-     "id": "compute.regionInstanceGroupManagers.updatePerInstanceConfigs",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/updatePerInstanceConfigs",
-     "httpMethod": "POST",
-     "description": "Insert or patch (for the ones that already exist) per-instance configs for the managed instance group. perInstanceConfig.instance serves as a key used to distinguish whether to perform insert or patch.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group. It should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request, should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagerUpdateInstanceConfigReq"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "regionInstanceGroups": {
-   "methods": {
-    "get": {
-     "id": "compute.regionInstanceGroups.get",
-     "path": "{project}/regions/{region}/instanceGroups/{instanceGroup}",
-     "httpMethod": "GET",
-     "description": "Returns the specified instance group resource.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "Name of the instance group resource to return.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroup"
-     ],
-     "response": {
-      "$ref": "InstanceGroup"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.regionInstanceGroups.list",
-     "path": "{project}/regions/{region}/instanceGroups",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of instance group resources contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "RegionInstanceGroupList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listInstances": {
-     "id": "compute.regionInstanceGroups.listInstances",
-     "path": "{project}/regions/{region}/instanceGroups/{instanceGroup}/listInstances",
-     "httpMethod": "POST",
-     "description": "Lists the instances in the specified instance group and displays information about the named ports. Depending on the specified options, this method can list all instances or only the instances that are running.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "instanceGroup": {
-       "type": "string",
-       "description": "Name of the regional instance group for which we want to list the instances.",
-       "required": true,
-       "location": "path"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroup"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupsListInstancesRequest"
-     },
-     "response": {
-      "$ref": "RegionInstanceGroupsListInstances"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setNamedPorts": {
-     "id": "compute.regionInstanceGroups.setNamedPorts",
-     "path": "{project}/regions/{region}/instanceGroups/{instanceGroup}/setNamedPorts",
-     "httpMethod": "POST",
-     "description": "Sets the named ports for the specified regional instance group.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the regional instance group where the named ports are updated.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroup"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupsSetNamedPortsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.regionInstanceGroups.testIamPermissions",
-     "path": "{project}/regions/{region}/instanceGroups/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "regionOperations": {
-   "methods": {
-    "delete": {
-     "id": "compute.regionOperations.delete",
-     "path": "{project}/regions/{region}/operations/{operation}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified region-specific Operations resource.",
-     "parameters": {
-      "operation": {
-       "type": "string",
-       "description": "Name of the Operations resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "operation"
-     ],
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.regionOperations.get",
-     "path": "{project}/regions/{region}/operations/{operation}",
-     "httpMethod": "GET",
-     "description": "Retrieves the specified region-specific Operations resource.",
-     "parameters": {
-      "operation": {
-       "type": "string",
-       "description": "Name of the Operations resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "operation"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.regionOperations.list",
-     "path": "{project}/regions/{region}/operations",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of Operation resources contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "OperationList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "regions": {
-   "methods": {
-    "get": {
-     "id": "compute.regions.get",
-     "path": "{project}/regions/{region}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Region resource. Get a list of available regions by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "Region"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.regions.list",
-     "path": "{project}/regions",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of region resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "RegionList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "routers": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.routers.aggregatedList",
-     "path": "{project}/aggregated/routers",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of routers.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "RouterAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.routers.delete",
-     "path": "{project}/regions/{region}/routers/{router}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified Router resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "router": {
-       "type": "string",
-       "description": "Name of the Router resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "router"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.routers.get",
-     "path": "{project}/regions/{region}/routers/{router}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Router resource. Get a list of available routers by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "router": {
-       "type": "string",
-       "description": "Name of the Router resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "router"
-     ],
-     "response": {
-      "$ref": "Router"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getRouterStatus": {
-     "id": "compute.routers.getRouterStatus",
-     "path": "{project}/regions/{region}/routers/{router}/getRouterStatus",
-     "httpMethod": "GET",
-     "description": "Retrieves runtime information of the specified router.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "router": {
-       "type": "string",
-       "description": "Name of the Router resource to query.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "router"
-     ],
-     "response": {
-      "$ref": "RouterStatusResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.routers.insert",
-     "path": "{project}/regions/{region}/routers",
-     "httpMethod": "POST",
-     "description": "Creates a Router resource in the specified project and region using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Router"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.routers.list",
-     "path": "{project}/regions/{region}/routers",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of Router resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "RouterList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.routers.patch",
-     "path": "{project}/regions/{region}/routers/{router}",
-     "httpMethod": "PATCH",
-     "description": "Patches the specified Router resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "router": {
-       "type": "string",
-       "description": "Name of the Router resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "router"
-     ],
-     "request": {
-      "$ref": "Router"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "preview": {
-     "id": "compute.routers.preview",
-     "path": "{project}/regions/{region}/routers/{router}/preview",
-     "httpMethod": "POST",
-     "description": "Preview fields auto-generated during router create and update operations. Calling this method does NOT create or update the router.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "router": {
-       "type": "string",
-       "description": "Name of the Router resource to query.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "router"
-     ],
-     "request": {
-      "$ref": "Router"
-     },
-     "response": {
-      "$ref": "RoutersPreviewResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.routers.testIamPermissions",
-     "path": "{project}/regions/{region}/routers/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.routers.update",
-     "path": "{project}/regions/{region}/routers/{router}",
-     "httpMethod": "PUT",
-     "description": "Updates the specified Router resource with the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "router": {
-       "type": "string",
-       "description": "Name of the Router resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "router"
-     ],
-     "request": {
-      "$ref": "Router"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "routes": {
-   "methods": {
-    "delete": {
-     "id": "compute.routes.delete",
-     "path": "{project}/global/routes/{route}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified Route resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "route": {
-       "type": "string",
-       "description": "Name of the Route resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "route"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.routes.get",
-     "path": "{project}/global/routes/{route}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Route resource. Get a list of available routes by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "route": {
-       "type": "string",
-       "description": "Name of the Route resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "route"
-     ],
-     "response": {
-      "$ref": "Route"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.routes.insert",
-     "path": "{project}/global/routes",
-     "httpMethod": "POST",
-     "description": "Creates a Route resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Route"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.routes.list",
-     "path": "{project}/global/routes",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of Route resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "RouteList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.routes.testIamPermissions",
-     "path": "{project}/global/routes/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "securityPolicies": {
-   "methods": {
-    "addRule": {
-     "id": "compute.securityPolicies.addRule",
-     "path": "{project}/global/securityPolicies/{securityPolicy}/addRule",
-     "httpMethod": "POST",
-     "description": "Inserts a rule into a security policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "securityPolicy": {
-       "type": "string",
-       "description": "Name of the security policy to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "securityPolicy"
-     ],
-     "request": {
-      "$ref": "SecurityPolicyRule"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "delete": {
-     "id": "compute.securityPolicies.delete",
-     "path": "{project}/global/securityPolicies/{securityPolicy}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "securityPolicy": {
-       "type": "string",
-       "description": "Name of the security policy to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "securityPolicy"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.securityPolicies.get",
-     "path": "{project}/global/securityPolicies/{securityPolicy}",
-     "httpMethod": "GET",
-     "description": "List all of the ordered rules present in a single specified policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "securityPolicy": {
-       "type": "string",
-       "description": "Name of the security policy to get.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "securityPolicy"
-     ],
-     "response": {
-      "$ref": "SecurityPolicy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getRule": {
-     "id": "compute.securityPolicies.getRule",
-     "path": "{project}/global/securityPolicies/{securityPolicy}/getRule",
-     "httpMethod": "GET",
-     "description": "Gets a rule at the specified priority.",
-     "parameters": {
-      "priority": {
-       "type": "integer",
-       "description": "The priority of the rule to get from the security policy.",
-       "format": "int32",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "securityPolicy": {
-       "type": "string",
-       "description": "Name of the security policy to which the queried rule belongs.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "securityPolicy"
-     ],
-     "response": {
-      "$ref": "SecurityPolicyRule"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.securityPolicies.insert",
-     "path": "{project}/global/securityPolicies",
-     "httpMethod": "POST",
-     "description": "Creates a new policy in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "SecurityPolicy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.securityPolicies.list",
-     "path": "{project}/global/securityPolicies",
-     "httpMethod": "GET",
-     "description": "List all the policies that have been configured for the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "SecurityPolicyList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.securityPolicies.patch",
-     "path": "{project}/global/securityPolicies/{securityPolicy}",
-     "httpMethod": "PATCH",
-     "description": "Patches the specified policy with the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "securityPolicy": {
-       "type": "string",
-       "description": "Name of the security policy to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "securityPolicy"
-     ],
-     "request": {
-      "$ref": "SecurityPolicy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "patchRule": {
-     "id": "compute.securityPolicies.patchRule",
-     "path": "{project}/global/securityPolicies/{securityPolicy}/patchRule",
-     "httpMethod": "POST",
-     "description": "Patches a rule at the specified priority.",
-     "parameters": {
-      "priority": {
-       "type": "integer",
-       "description": "The priority of the rule to patch.",
-       "format": "int32",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "securityPolicy": {
-       "type": "string",
-       "description": "Name of the security policy to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "securityPolicy"
-     ],
-     "request": {
-      "$ref": "SecurityPolicyRule"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "removeRule": {
-     "id": "compute.securityPolicies.removeRule",
-     "path": "{project}/global/securityPolicies/{securityPolicy}/removeRule",
-     "httpMethod": "POST",
-     "description": "Deletes a rule at the specified priority.",
-     "parameters": {
-      "priority": {
-       "type": "integer",
-       "description": "The priority of the rule to remove from the security policy.",
-       "format": "int32",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "securityPolicy": {
-       "type": "string",
-       "description": "Name of the security policy to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "securityPolicy"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.securityPolicies.testIamPermissions",
-     "path": "{project}/global/securityPolicies/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "snapshots": {
-   "methods": {
-    "delete": {
-     "id": "compute.snapshots.delete",
-     "path": "{project}/global/snapshots/{snapshot}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified Snapshot resource. Keep in mind that deleting a single snapshot might not necessarily delete all the data on that snapshot. If any data on the snapshot that is marked for deletion is needed for subsequent snapshots, the data will be moved to the next corresponding snapshot.\n\nFor more information, see Deleting snaphots.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "snapshot": {
-       "type": "string",
-       "description": "Name of the Snapshot resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "snapshot"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.snapshots.get",
-     "path": "{project}/global/snapshots/{snapshot}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Snapshot resource. Get a list of available snapshots by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "snapshot": {
-       "type": "string",
-       "description": "Name of the Snapshot resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "snapshot"
-     ],
-     "response": {
-      "$ref": "Snapshot"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getIamPolicy": {
-     "id": "compute.snapshots.getIamPolicy",
-     "path": "{project}/global/snapshots/{resource}/getIamPolicy",
-     "httpMethod": "GET",
-     "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.snapshots.list",
-     "path": "{project}/global/snapshots",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of Snapshot resources contained within the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "SnapshotList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setIamPolicy": {
-     "id": "compute.snapshots.setIamPolicy",
-     "path": "{project}/global/snapshots/{resource}/setIamPolicy",
-     "httpMethod": "POST",
-     "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z0-9](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "Policy"
-     },
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.snapshots.setLabels",
-     "path": "{project}/global/snapshots/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on a snapshot. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "GlobalSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.snapshots.testIamPermissions",
-     "path": "{project}/global/snapshots/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "sslCertificates": {
-   "methods": {
-    "delete": {
-     "id": "compute.sslCertificates.delete",
-     "path": "{project}/global/sslCertificates/{sslCertificate}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified SslCertificate resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "sslCertificate": {
-       "type": "string",
-       "description": "Name of the SslCertificate resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "sslCertificate"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.sslCertificates.get",
-     "path": "{project}/global/sslCertificates/{sslCertificate}",
-     "httpMethod": "GET",
-     "description": "Returns the specified SslCertificate resource. Get a list of available SSL certificates by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "sslCertificate": {
-       "type": "string",
-       "description": "Name of the SslCertificate resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "sslCertificate"
-     ],
-     "response": {
-      "$ref": "SslCertificate"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.sslCertificates.insert",
-     "path": "{project}/global/sslCertificates",
-     "httpMethod": "POST",
-     "description": "Creates a SslCertificate resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "SslCertificate"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.sslCertificates.list",
-     "path": "{project}/global/sslCertificates",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of SslCertificate resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "SslCertificateList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.sslCertificates.testIamPermissions",
-     "path": "{project}/global/sslCertificates/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "sslPolicies": {
-   "methods": {
-    "delete": {
-     "id": "compute.sslPolicies.delete",
-     "path": "{project}/global/sslPolicies/{sslPolicy}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified SSL policy. The SSL policy resource can be deleted only if it is not in use by any TargetHttpsProxy or TargetSslProxy resources.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "sslPolicy": {
-       "type": "string",
-       "description": "Name of the SSL policy to delete. The name must be 1-63 characters long, and comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "sslPolicy"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.sslPolicies.get",
-     "path": "{project}/global/sslPolicies/{sslPolicy}",
-     "httpMethod": "GET",
-     "description": "List all of the ordered rules present in a single specified policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "sslPolicy": {
-       "type": "string",
-       "description": "Name of the SSL policy to update. The name must be 1-63 characters long, and comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "sslPolicy"
-     ],
-     "response": {
-      "$ref": "SslPolicy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.sslPolicies.insert",
-     "path": "{project}/global/sslPolicies",
-     "httpMethod": "POST",
-     "description": "Returns the specified SSL policy resource. Get a list of available SSL policies by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "SslPolicy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.sslPolicies.list",
-     "path": "{project}/global/sslPolicies",
-     "httpMethod": "GET",
-     "description": "List all the SSL policies that have been configured for the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "SslPoliciesList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listAvailableFeatures": {
-     "id": "compute.sslPolicies.listAvailableFeatures",
-     "path": "{project}/global/sslPolicies/listAvailableFeatures",
-     "httpMethod": "GET",
-     "description": "Lists all features that can be specified in the SSL policy when using custom profile.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "SslPoliciesListAvailableFeaturesResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.sslPolicies.patch",
-     "path": "{project}/global/sslPolicies/{sslPolicy}",
-     "httpMethod": "PATCH",
-     "description": "Patches the specified SSL policy with the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "sslPolicy": {
-       "type": "string",
-       "description": "Name of the SSL policy to update. The name must be 1-63 characters long, and comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "sslPolicy"
-     ],
-     "request": {
-      "$ref": "SslPolicy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.sslPolicies.testIamPermissions",
-     "path": "{project}/global/sslPolicies/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "subnetworks": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.subnetworks.aggregatedList",
-     "path": "{project}/aggregated/subnetworks",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of subnetworks.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "SubnetworkAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.subnetworks.delete",
-     "path": "{project}/regions/{region}/subnetworks/{subnetwork}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified subnetwork.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "subnetwork": {
-       "type": "string",
-       "description": "Name of the Subnetwork resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "subnetwork"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "expandIpCidrRange": {
-     "id": "compute.subnetworks.expandIpCidrRange",
-     "path": "{project}/regions/{region}/subnetworks/{subnetwork}/expandIpCidrRange",
-     "httpMethod": "POST",
-     "description": "Expands the IP CIDR range of the subnetwork to a specified value.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "subnetwork": {
-       "type": "string",
-       "description": "Name of the Subnetwork resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "subnetwork"
-     ],
-     "request": {
-      "$ref": "SubnetworksExpandIpCidrRangeRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.subnetworks.get",
-     "path": "{project}/regions/{region}/subnetworks/{subnetwork}",
-     "httpMethod": "GET",
-     "description": "Returns the specified subnetwork. Get a list of available subnetworks list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "subnetwork": {
-       "type": "string",
-       "description": "Name of the Subnetwork resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "subnetwork"
-     ],
-     "response": {
-      "$ref": "Subnetwork"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getIamPolicy": {
-     "id": "compute.subnetworks.getIamPolicy",
-     "path": "{project}/regions/{region}/subnetworks/{resource}/getIamPolicy",
-     "httpMethod": "GET",
-     "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.subnetworks.insert",
-     "path": "{project}/regions/{region}/subnetworks",
-     "httpMethod": "POST",
-     "description": "Creates a subnetwork in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Subnetwork"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.subnetworks.list",
-     "path": "{project}/regions/{region}/subnetworks",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of subnetworks available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "SubnetworkList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listUsable": {
-     "id": "compute.subnetworks.listUsable",
-     "path": "{project}/aggregated/subnetworks/listUsable",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of usable subnetworks.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "UsableSubnetworksAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.subnetworks.patch",
-     "path": "{project}/regions/{region}/subnetworks/{subnetwork}",
-     "httpMethod": "PATCH",
-     "description": "Patches the specified subnetwork with the data included in the request. Only the following fields within the subnetwork resource can be specified in the request: secondary_ip_range and allow_subnet_cidr_routes_overlap. It is also mandatory to specify the current fingeprint of the subnetwork resource being patched.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "subnetwork": {
-       "type": "string",
-       "description": "Name of the Subnetwork resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "subnetwork"
-     ],
-     "request": {
-      "$ref": "Subnetwork"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setIamPolicy": {
-     "id": "compute.subnetworks.setIamPolicy",
-     "path": "{project}/regions/{region}/subnetworks/{resource}/setIamPolicy",
-     "httpMethod": "POST",
-     "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "Policy"
-     },
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setPrivateIpGoogleAccess": {
-     "id": "compute.subnetworks.setPrivateIpGoogleAccess",
-     "path": "{project}/regions/{region}/subnetworks/{subnetwork}/setPrivateIpGoogleAccess",
-     "httpMethod": "POST",
-     "description": "Set whether VMs in this subnet can access Google services without assigning external IP addresses through Private Google Access.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "subnetwork": {
-       "type": "string",
-       "description": "Name of the Subnetwork resource.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "subnetwork"
-     ],
-     "request": {
-      "$ref": "SubnetworksSetPrivateIpGoogleAccessRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.subnetworks.testIamPermissions",
-     "path": "{project}/regions/{region}/subnetworks/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "targetHttpProxies": {
-   "methods": {
-    "delete": {
-     "id": "compute.targetHttpProxies.delete",
-     "path": "{project}/global/targetHttpProxies/{targetHttpProxy}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified TargetHttpProxy resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetHttpProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpProxy resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpProxy"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetHttpProxies.get",
-     "path": "{project}/global/targetHttpProxies/{targetHttpProxy}",
-     "httpMethod": "GET",
-     "description": "Returns the specified TargetHttpProxy resource. Get a list of available target HTTP proxies by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "targetHttpProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpProxy resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpProxy"
-     ],
-     "response": {
-      "$ref": "TargetHttpProxy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetHttpProxies.insert",
-     "path": "{project}/global/targetHttpProxies",
-     "httpMethod": "POST",
-     "description": "Creates a TargetHttpProxy resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "TargetHttpProxy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetHttpProxies.list",
-     "path": "{project}/global/targetHttpProxies",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of TargetHttpProxy resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetHttpProxyList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setUrlMap": {
-     "id": "compute.targetHttpProxies.setUrlMap",
-     "path": "{project}/targetHttpProxies/{targetHttpProxy}/setUrlMap",
-     "httpMethod": "POST",
-     "description": "Changes the URL map for TargetHttpProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetHttpProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpProxy to set a URL map for.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpProxy"
-     ],
-     "request": {
-      "$ref": "UrlMapReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.targetHttpProxies.testIamPermissions",
-     "path": "{project}/global/targetHttpProxies/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "targetHttpsProxies": {
-   "methods": {
-    "delete": {
-     "id": "compute.targetHttpsProxies.delete",
-     "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified TargetHttpsProxy resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetHttpsProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpsProxy resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpsProxy"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetHttpsProxies.get",
-     "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}",
-     "httpMethod": "GET",
-     "description": "Returns the specified TargetHttpsProxy resource. Get a list of available target HTTPS proxies by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "targetHttpsProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpsProxy resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpsProxy"
-     ],
-     "response": {
-      "$ref": "TargetHttpsProxy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetHttpsProxies.insert",
-     "path": "{project}/global/targetHttpsProxies",
-     "httpMethod": "POST",
-     "description": "Creates a TargetHttpsProxy resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "TargetHttpsProxy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetHttpsProxies.list",
-     "path": "{project}/global/targetHttpsProxies",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of TargetHttpsProxy resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetHttpsProxyList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setQuicOverride": {
-     "id": "compute.targetHttpsProxies.setQuicOverride",
-     "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}/setQuicOverride",
-     "httpMethod": "POST",
-     "description": "Sets the QUIC override policy for TargetHttpsProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetHttpsProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpsProxy resource to set the QUIC override policy for. The name should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpsProxy"
-     ],
-     "request": {
-      "$ref": "TargetHttpsProxiesSetQuicOverrideRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setSslCertificates": {
-     "id": "compute.targetHttpsProxies.setSslCertificates",
-     "path": "{project}/targetHttpsProxies/{targetHttpsProxy}/setSslCertificates",
-     "httpMethod": "POST",
-     "description": "Replaces SslCertificates for TargetHttpsProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetHttpsProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpsProxy resource to set an SslCertificates resource for.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpsProxy"
-     ],
-     "request": {
-      "$ref": "TargetHttpsProxiesSetSslCertificatesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setSslPolicy": {
-     "id": "compute.targetHttpsProxies.setSslPolicy",
-     "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}/setSslPolicy",
-     "httpMethod": "POST",
-     "description": "Sets the SSL policy for TargetHttpsProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the HTTPS proxy load balancer. They do not affect the connection between the load balancer and the backends.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetHttpsProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpsProxy resource whose SSL policy is to be set. The name must be 1-63 characters long, and comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpsProxy"
-     ],
-     "request": {
-      "$ref": "SslPolicyReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setUrlMap": {
-     "id": "compute.targetHttpsProxies.setUrlMap",
-     "path": "{project}/targetHttpsProxies/{targetHttpsProxy}/setUrlMap",
-     "httpMethod": "POST",
-     "description": "Changes the URL map for TargetHttpsProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetHttpsProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpsProxy resource whose URL map is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpsProxy"
-     ],
-     "request": {
-      "$ref": "UrlMapReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.targetHttpsProxies.testIamPermissions",
-     "path": "{project}/global/targetHttpsProxies/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "targetInstances": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.targetInstances.aggregatedList",
-     "path": "{project}/aggregated/targetInstances",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of target instances.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetInstanceAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.targetInstances.delete",
-     "path": "{project}/zones/{zone}/targetInstances/{targetInstance}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified TargetInstance resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetInstance": {
-       "type": "string",
-       "description": "Name of the TargetInstance resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "targetInstance"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetInstances.get",
-     "path": "{project}/zones/{zone}/targetInstances/{targetInstance}",
-     "httpMethod": "GET",
-     "description": "Returns the specified TargetInstance resource. Get a list of available target instances by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "targetInstance": {
-       "type": "string",
-       "description": "Name of the TargetInstance resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "targetInstance"
-     ],
-     "response": {
-      "$ref": "TargetInstance"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetInstances.insert",
-     "path": "{project}/zones/{zone}/targetInstances",
-     "httpMethod": "POST",
-     "description": "Creates a TargetInstance resource in the specified project and zone using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "TargetInstance"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetInstances.list",
-     "path": "{project}/zones/{zone}/targetInstances",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of TargetInstance resources available to the specified project and zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "TargetInstanceList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.targetInstances.testIamPermissions",
-     "path": "{project}/zones/{zone}/targetInstances/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "targetPools": {
-   "methods": {
-    "addHealthCheck": {
-     "id": "compute.targetPools.addHealthCheck",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}/addHealthCheck",
-     "httpMethod": "POST",
-     "description": "Adds health check URLs to a target pool.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the target pool to add a health check to.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "request": {
-      "$ref": "TargetPoolsAddHealthCheckRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "addInstance": {
-     "id": "compute.targetPools.addInstance",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}/addInstance",
-     "httpMethod": "POST",
-     "description": "Adds an instance to a target pool.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the TargetPool resource to add instances to.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "request": {
-      "$ref": "TargetPoolsAddInstanceRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "aggregatedList": {
-     "id": "compute.targetPools.aggregatedList",
-     "path": "{project}/aggregated/targetPools",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of target pools.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetPoolAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.targetPools.delete",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified target pool.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the TargetPool resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetPools.get",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}",
-     "httpMethod": "GET",
-     "description": "Returns the specified target pool. Get a list of available target pools by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the TargetPool resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "response": {
-      "$ref": "TargetPool"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getHealth": {
-     "id": "compute.targetPools.getHealth",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}/getHealth",
-     "httpMethod": "POST",
-     "description": "Gets the most recent health check results for each IP for the instance that is referenced by the given target pool.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the TargetPool resource to which the queried instance belongs.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "request": {
-      "$ref": "InstanceReference"
-     },
-     "response": {
-      "$ref": "TargetPoolInstanceHealth"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetPools.insert",
-     "path": "{project}/regions/{region}/targetPools",
-     "httpMethod": "POST",
-     "description": "Creates a target pool in the specified project and region using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "TargetPool"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetPools.list",
-     "path": "{project}/regions/{region}/targetPools",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of target pools available to the specified project and region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "TargetPoolList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "removeHealthCheck": {
-     "id": "compute.targetPools.removeHealthCheck",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}/removeHealthCheck",
-     "httpMethod": "POST",
-     "description": "Removes health check URL from a target pool.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the target pool to remove health checks from.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "request": {
-      "$ref": "TargetPoolsRemoveHealthCheckRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "removeInstance": {
-     "id": "compute.targetPools.removeInstance",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}/removeInstance",
-     "httpMethod": "POST",
-     "description": "Removes instance URL from a target pool.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the TargetPool resource to remove instances from.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "request": {
-      "$ref": "TargetPoolsRemoveInstanceRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setBackup": {
-     "id": "compute.targetPools.setBackup",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}/setBackup",
-     "httpMethod": "POST",
-     "description": "Changes a backup target pool's configurations.",
-     "parameters": {
-      "failoverRatio": {
-       "type": "number",
-       "description": "New failoverRatio value for the target pool.",
-       "format": "float",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the TargetPool resource to set a backup pool for.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "request": {
-      "$ref": "TargetReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.targetPools.testIamPermissions",
-     "path": "{project}/regions/{region}/targetPools/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "targetSslProxies": {
-   "methods": {
-    "delete": {
-     "id": "compute.targetSslProxies.delete",
-     "path": "{project}/global/targetSslProxies/{targetSslProxy}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified TargetSslProxy resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetSslProxy": {
-       "type": "string",
-       "description": "Name of the TargetSslProxy resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetSslProxy"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetSslProxies.get",
-     "path": "{project}/global/targetSslProxies/{targetSslProxy}",
-     "httpMethod": "GET",
-     "description": "Returns the specified TargetSslProxy resource. Get a list of available target SSL proxies by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "targetSslProxy": {
-       "type": "string",
-       "description": "Name of the TargetSslProxy resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetSslProxy"
-     ],
-     "response": {
-      "$ref": "TargetSslProxy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetSslProxies.insert",
-     "path": "{project}/global/targetSslProxies",
-     "httpMethod": "POST",
-     "description": "Creates a TargetSslProxy resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "TargetSslProxy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetSslProxies.list",
-     "path": "{project}/global/targetSslProxies",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of TargetSslProxy resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetSslProxyList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setBackendService": {
-     "id": "compute.targetSslProxies.setBackendService",
-     "path": "{project}/global/targetSslProxies/{targetSslProxy}/setBackendService",
-     "httpMethod": "POST",
-     "description": "Changes the BackendService for TargetSslProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetSslProxy": {
-       "type": "string",
-       "description": "Name of the TargetSslProxy resource whose BackendService resource is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetSslProxy"
-     ],
-     "request": {
-      "$ref": "TargetSslProxiesSetBackendServiceRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setProxyHeader": {
-     "id": "compute.targetSslProxies.setProxyHeader",
-     "path": "{project}/global/targetSslProxies/{targetSslProxy}/setProxyHeader",
-     "httpMethod": "POST",
-     "description": "Changes the ProxyHeaderType for TargetSslProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetSslProxy": {
-       "type": "string",
-       "description": "Name of the TargetSslProxy resource whose ProxyHeader is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetSslProxy"
-     ],
-     "request": {
-      "$ref": "TargetSslProxiesSetProxyHeaderRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setSslCertificates": {
-     "id": "compute.targetSslProxies.setSslCertificates",
-     "path": "{project}/global/targetSslProxies/{targetSslProxy}/setSslCertificates",
-     "httpMethod": "POST",
-     "description": "Changes SslCertificates for TargetSslProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetSslProxy": {
-       "type": "string",
-       "description": "Name of the TargetSslProxy resource whose SslCertificate resource is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetSslProxy"
-     ],
-     "request": {
-      "$ref": "TargetSslProxiesSetSslCertificatesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setSslPolicy": {
-     "id": "compute.targetSslProxies.setSslPolicy",
-     "path": "{project}/global/targetSslProxies/{targetSslProxy}/setSslPolicy",
-     "httpMethod": "POST",
-     "description": "Sets the SSL policy for TargetSslProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the SSL proxy load balancer. They do not affect the connection between the load balancer and the backends.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetSslProxy": {
-       "type": "string",
-       "description": "Name of the TargetSslProxy resource whose SSL policy is to be set. The name must be 1-63 characters long, and comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetSslProxy"
-     ],
-     "request": {
-      "$ref": "SslPolicyReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.targetSslProxies.testIamPermissions",
-     "path": "{project}/global/targetSslProxies/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "targetTcpProxies": {
-   "methods": {
-    "delete": {
-     "id": "compute.targetTcpProxies.delete",
-     "path": "{project}/global/targetTcpProxies/{targetTcpProxy}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified TargetTcpProxy resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetTcpProxy": {
-       "type": "string",
-       "description": "Name of the TargetTcpProxy resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetTcpProxy"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetTcpProxies.get",
-     "path": "{project}/global/targetTcpProxies/{targetTcpProxy}",
-     "httpMethod": "GET",
-     "description": "Returns the specified TargetTcpProxy resource. Get a list of available target TCP proxies by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "targetTcpProxy": {
-       "type": "string",
-       "description": "Name of the TargetTcpProxy resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetTcpProxy"
-     ],
-     "response": {
-      "$ref": "TargetTcpProxy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetTcpProxies.insert",
-     "path": "{project}/global/targetTcpProxies",
-     "httpMethod": "POST",
-     "description": "Creates a TargetTcpProxy resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "TargetTcpProxy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetTcpProxies.list",
-     "path": "{project}/global/targetTcpProxies",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of TargetTcpProxy resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetTcpProxyList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setBackendService": {
-     "id": "compute.targetTcpProxies.setBackendService",
-     "path": "{project}/global/targetTcpProxies/{targetTcpProxy}/setBackendService",
-     "httpMethod": "POST",
-     "description": "Changes the BackendService for TargetTcpProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetTcpProxy": {
-       "type": "string",
-       "description": "Name of the TargetTcpProxy resource whose BackendService resource is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetTcpProxy"
-     ],
-     "request": {
-      "$ref": "TargetTcpProxiesSetBackendServiceRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setProxyHeader": {
-     "id": "compute.targetTcpProxies.setProxyHeader",
-     "path": "{project}/global/targetTcpProxies/{targetTcpProxy}/setProxyHeader",
-     "httpMethod": "POST",
-     "description": "Changes the ProxyHeaderType for TargetTcpProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetTcpProxy": {
-       "type": "string",
-       "description": "Name of the TargetTcpProxy resource whose ProxyHeader is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetTcpProxy"
-     ],
-     "request": {
-      "$ref": "TargetTcpProxiesSetProxyHeaderRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.targetTcpProxies.testIamPermissions",
-     "path": "{project}/global/targetTcpProxies/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "targetVpnGateways": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.targetVpnGateways.aggregatedList",
-     "path": "{project}/aggregated/targetVpnGateways",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of target VPN gateways.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetVpnGatewayAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.targetVpnGateways.delete",
-     "path": "{project}/regions/{region}/targetVpnGateways/{targetVpnGateway}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified target VPN gateway.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetVpnGateway": {
-       "type": "string",
-       "description": "Name of the target VPN gateway to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetVpnGateway"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetVpnGateways.get",
-     "path": "{project}/regions/{region}/targetVpnGateways/{targetVpnGateway}",
-     "httpMethod": "GET",
-     "description": "Returns the specified target VPN gateway. Get a list of available target VPN gateways by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "targetVpnGateway": {
-       "type": "string",
-       "description": "Name of the target VPN gateway to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetVpnGateway"
-     ],
-     "response": {
-      "$ref": "TargetVpnGateway"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetVpnGateways.insert",
-     "path": "{project}/regions/{region}/targetVpnGateways",
-     "httpMethod": "POST",
-     "description": "Creates a target VPN gateway in the specified project and region using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "TargetVpnGateway"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetVpnGateways.list",
-     "path": "{project}/regions/{region}/targetVpnGateways",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of target VPN gateways available to the specified project and region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "TargetVpnGatewayList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.targetVpnGateways.setLabels",
-     "path": "{project}/regions/{region}/targetVpnGateways/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on a TargetVpnGateway. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "RegionSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.targetVpnGateways.testIamPermissions",
-     "path": "{project}/regions/{region}/targetVpnGateways/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "urlMaps": {
-   "methods": {
-    "delete": {
-     "id": "compute.urlMaps.delete",
-     "path": "{project}/global/urlMaps/{urlMap}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified UrlMap resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "urlMap": {
-       "type": "string",
-       "description": "Name of the UrlMap resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "urlMap"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.urlMaps.get",
-     "path": "{project}/global/urlMaps/{urlMap}",
-     "httpMethod": "GET",
-     "description": "Returns the specified UrlMap resource. Get a list of available URL maps by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "urlMap": {
-       "type": "string",
-       "description": "Name of the UrlMap resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "urlMap"
-     ],
-     "response": {
-      "$ref": "UrlMap"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.urlMaps.insert",
-     "path": "{project}/global/urlMaps",
-     "httpMethod": "POST",
-     "description": "Creates a UrlMap resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "UrlMap"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "invalidateCache": {
-     "id": "compute.urlMaps.invalidateCache",
-     "path": "{project}/global/urlMaps/{urlMap}/invalidateCache",
-     "httpMethod": "POST",
-     "description": "Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "urlMap": {
-       "type": "string",
-       "description": "Name of the UrlMap scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "urlMap"
-     ],
-     "request": {
-      "$ref": "CacheInvalidationRule"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.urlMaps.list",
-     "path": "{project}/global/urlMaps",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of UrlMap resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "UrlMapList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.urlMaps.patch",
-     "path": "{project}/global/urlMaps/{urlMap}",
-     "httpMethod": "PATCH",
-     "description": "Patches the specified UrlMap resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "urlMap": {
-       "type": "string",
-       "description": "Name of the UrlMap resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "urlMap"
-     ],
-     "request": {
-      "$ref": "UrlMap"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.urlMaps.testIamPermissions",
-     "path": "{project}/global/urlMaps/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.urlMaps.update",
-     "path": "{project}/global/urlMaps/{urlMap}",
-     "httpMethod": "PUT",
-     "description": "Updates the specified UrlMap resource with the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "urlMap": {
-       "type": "string",
-       "description": "Name of the UrlMap resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "urlMap"
-     ],
-     "request": {
-      "$ref": "UrlMap"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "validate": {
-     "id": "compute.urlMaps.validate",
-     "path": "{project}/global/urlMaps/{urlMap}/validate",
-     "httpMethod": "POST",
-     "description": "Runs static validation for the UrlMap. In particular, the tests of the provided UrlMap will be run. Calling this method does NOT create the UrlMap.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "urlMap": {
-       "type": "string",
-       "description": "Name of the UrlMap resource to be validated as.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "urlMap"
-     ],
-     "request": {
-      "$ref": "UrlMapsValidateRequest"
-     },
-     "response": {
-      "$ref": "UrlMapsValidateResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "vpnTunnels": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.vpnTunnels.aggregatedList",
-     "path": "{project}/aggregated/vpnTunnels",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of VPN tunnels.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "VpnTunnelAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.vpnTunnels.delete",
-     "path": "{project}/regions/{region}/vpnTunnels/{vpnTunnel}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified VpnTunnel resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "vpnTunnel": {
-       "type": "string",
-       "description": "Name of the VpnTunnel resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "vpnTunnel"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.vpnTunnels.get",
-     "path": "{project}/regions/{region}/vpnTunnels/{vpnTunnel}",
-     "httpMethod": "GET",
-     "description": "Returns the specified VpnTunnel resource. Get a list of available VPN tunnels by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "vpnTunnel": {
-       "type": "string",
-       "description": "Name of the VpnTunnel resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "vpnTunnel"
-     ],
-     "response": {
-      "$ref": "VpnTunnel"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.vpnTunnels.insert",
-     "path": "{project}/regions/{region}/vpnTunnels",
-     "httpMethod": "POST",
-     "description": "Creates a VpnTunnel resource in the specified project and region using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "VpnTunnel"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.vpnTunnels.list",
-     "path": "{project}/regions/{region}/vpnTunnels",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of VpnTunnel resources contained in the specified project and region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "VpnTunnelList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.vpnTunnels.setLabels",
-     "path": "{project}/regions/{region}/vpnTunnels/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on a VpnTunnel. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "RegionSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.vpnTunnels.testIamPermissions",
-     "path": "{project}/regions/{region}/vpnTunnels/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "zoneOperations": {
-   "methods": {
-    "delete": {
-     "id": "compute.zoneOperations.delete",
-     "path": "{project}/zones/{zone}/operations/{operation}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified zone-specific Operations resource.",
-     "parameters": {
-      "operation": {
-       "type": "string",
-       "description": "Name of the Operations resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "operation"
-     ],
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.zoneOperations.get",
-     "path": "{project}/zones/{zone}/operations/{operation}",
-     "httpMethod": "GET",
-     "description": "Retrieves the specified zone-specific Operations resource.",
-     "parameters": {
-      "operation": {
-       "type": "string",
-       "description": "Name of the Operations resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "operation"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.zoneOperations.list",
-     "path": "{project}/zones/{zone}/operations",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of Operation resources contained within the specified zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "OperationList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
+  "revision": "20180220",
+  "rootUrl": "https://www.googleapis.com/",
+  "schemas": {
+    "AcceleratorConfig": {
+      "description": "A specification of the type and number of accelerator cards attached to the instance.",
+      "id": "AcceleratorConfig",
+      "properties": {
+        "acceleratorCount": {
+          "description": "The number of the guest accelerator cards exposed to this instance.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "acceleratorType": {
+          "description": "Full or partial URL of the accelerator type resource to attach to this instance. If you are creating an instance template, specify only the accelerator name.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "AcceleratorType": {
+      "description": "An Accelerator Type resource. (== resource_for beta.acceleratorTypes ==) (== resource_for v1.acceleratorTypes ==)",
+      "id": "AcceleratorType",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "deprecated": {
+          "$ref": "DeprecationStatus",
+          "description": "[Output Only] The deprecation status associated with this accelerator type."
+        },
+        "description": {
+          "description": "[Output Only] An optional textual description of the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#acceleratorType",
+          "description": "[Output Only] The type of the resource. Always compute#acceleratorType for accelerator types.",
+          "type": "string"
+        },
+        "maximumCardsPerInstance": {
+          "description": "[Output Only] Maximum accelerator cards allowed per instance.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined fully-qualified URL for this resource.",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] The name of the zone where the accelerator type resides, such as us-central1-a. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "AcceleratorTypeAggregatedList": {
+      "id": "AcceleratorTypeAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "AcceleratorTypesScopedList",
+            "description": "[Output Only] Name of the scope containing this set of accelerator types."
+          },
+          "description": "A list of AcceleratorTypesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#acceleratorTypeAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#acceleratorTypeAggregatedList for aggregated lists of accelerator types.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "AcceleratorTypeList": {
+      "description": "Contains a list of accelerator types.",
+      "id": "AcceleratorTypeList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of AcceleratorType resources.",
+          "items": {
+            "$ref": "AcceleratorType"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#acceleratorTypeList",
+          "description": "[Output Only] Type of resource. Always compute#acceleratorTypeList for lists of accelerator types.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "AcceleratorTypesScopedList": {
+      "id": "AcceleratorTypesScopedList",
+      "properties": {
+        "acceleratorTypes": {
+          "description": "[Output Only] List of accelerator types contained in this scope.",
+          "items": {
+            "$ref": "AcceleratorType"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] An informational warning that appears when the accelerator types list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "AccessConfig": {
+      "description": "An access configuration attached to an instance's network interface. Only one access config per instance is supported.",
+      "id": "AccessConfig",
+      "properties": {
+        "kind": {
+          "default": "compute#accessConfig",
+          "description": "[Output Only] Type of the resource. Always compute#accessConfig for access configs.",
+          "type": "string"
+        },
+        "name": {
+          "description": "The name of this access configuration. The default and recommended name is External NAT but you can use any arbitrary string you would like. For example, My external IP or Network Access.",
+          "type": "string"
+        },
+        "natIP": {
+          "description": "An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.",
+          "type": "string"
+        },
+        "networkTier": {
+          "description": "This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.\n\nIf an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.\n\nIf an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.",
+          "enum": [
+            "PREMIUM",
+            "SELECT",
+            "STANDARD"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "publicDnsName": {
+          "description": "[Output Only] The public DNS domain name for the instance.",
+          "type": "string"
+        },
+        "publicPtrDomainName": {
+          "description": "The DNS domain name for the public PTR record. This field can only be set when the set_public_ptr field is enabled.",
+          "type": "string"
+        },
+        "setPublicDns": {
+          "description": "Specifies whether a public DNS ?A? record should be created for the external IP address of this access configuration.",
+          "type": "boolean"
+        },
+        "setPublicPtr": {
+          "description": "Specifies whether a public DNS ?PTR? record should be created to map the external IP address of the instance to a DNS domain name.",
+          "type": "boolean"
+        },
+        "type": {
+          "default": "ONE_TO_ONE_NAT",
+          "description": "The type of configuration. The default and only option is ONE_TO_ONE_NAT.",
+          "enum": [
+            "ONE_TO_ONE_NAT"
+          ],
+          "enumDescriptions": [
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Address": {
+      "description": "A reserved address resource. (== resource_for beta.addresses ==) (== resource_for v1.addresses ==) (== resource_for beta.globalAddresses ==) (== resource_for v1.globalAddresses ==)",
+      "id": "Address",
+      "properties": {
+        "address": {
+          "description": "The static IP address represented by this resource.",
+          "type": "string"
+        },
+        "addressType": {
+          "description": "The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.",
+          "enum": [
+            "DNS_FORWARDING",
+            "EXTERNAL",
+            "INTERNAL",
+            "UNSPECIFIED_TYPE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "ipVersion": {
+          "description": "The IP Version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.",
+          "enum": [
+            "IPV4",
+            "IPV6",
+            "UNSPECIFIED_VERSION"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#address",
+          "description": "[Output Only] Type of the resource. Always compute#address for addresses.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an Address.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this Address resource. These can be later modified by the setLabels method. Each label key/value must comply with RFC1035. Label values may be empty.",
+          "type": "object"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.addresses.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "network": {
+          "description": "The URL of the network in which to reserve the address. This field can only be used with INTERNAL type with VPC_PEERING purpose.",
+          "type": "string"
+        },
+        "networkTier": {
+          "description": "This signifies the networking tier used for configuring this Address and can only take the following values: PREMIUM , STANDARD.\n\nIf this field is not specified, it is assumed to be PREMIUM.",
+          "enum": [
+            "PREMIUM",
+            "SELECT",
+            "STANDARD"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "prefixLength": {
+          "description": "The prefix length if the resource reprensents an IP range.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "purpose": {
+          "description": "The purpose of resource, only used with INTERNAL type.",
+          "enum": [
+            "DNS_RESOLVER",
+            "GCE_ENDPOINT",
+            "UNSPECIFIED_PURPOSE",
+            "VPC_PEERING"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the regional address resides. This field is not applicable to global addresses. You must specify this field as part of the HTTP request URL. You cannot set this field in the request body.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.",
+          "enum": [
+            "IN_USE",
+            "RESERVED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "subnetwork": {
+          "description": "The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with GCE_ENDPOINT/DNS_RESOLVER purposes.",
+          "type": "string"
+        },
+        "users": {
+          "description": "[Output Only] The URLs of the resources that are using this address.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "AddressAggregatedList": {
+      "id": "AddressAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "AddressesScopedList",
+            "description": "[Output Only] Name of the scope containing this set of addresses."
+          },
+          "description": "A list of AddressesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#addressAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#addressAggregatedList for aggregated lists of addresses.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "AddressList": {
+      "description": "Contains a list of addresses.",
+      "id": "AddressList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Address resources.",
+          "items": {
+            "$ref": "Address"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#addressList",
+          "description": "[Output Only] Type of resource. Always compute#addressList for lists of addresses.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "AddressesScopedList": {
+      "id": "AddressesScopedList",
+      "properties": {
+        "addresses": {
+          "description": "[Output Only] List of addresses contained in this scope.",
+          "items": {
+            "$ref": "Address"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of addresses when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "AliasIpRange": {
+      "description": "An alias IP range attached to an instance's network interface.",
+      "id": "AliasIpRange",
+      "properties": {
+        "ipCidrRange": {
+          "description": "The IP CIDR range represented by this alias IP range. This IP CIDR range must belong to the specified subnetwork and cannot contain IP addresses reserved by system or used by other network interfaces. This range may be a single IP address (e.g. 10.2.3.4), a netmask (e.g. /24) or a CIDR format string (e.g. 10.1.2.0/24).",
+          "type": "string"
+        },
+        "subnetworkRangeName": {
+          "description": "Optional subnetwork secondary range name specifying the secondary range from which to allocate the IP CIDR range for this alias IP range. If left unspecified, the primary range of the subnetwork will be used.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "AttachedDisk": {
+      "description": "An instance-attached disk resource.",
+      "id": "AttachedDisk",
+      "properties": {
+        "autoDelete": {
+          "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).",
+          "type": "boolean"
+        },
+        "boot": {
+          "description": "Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.",
+          "type": "boolean"
+        },
+        "deviceName": {
+          "description": "Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.\n\nIf not specified, the server chooses a default device name to apply to this disk, in the form persistent-disks-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.",
+          "type": "string"
+        },
+        "diskEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "Encrypts or decrypts a disk using a customer-supplied encryption key.\n\nIf you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.\n\nIf you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.\n\nIf you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.\n\nInstance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group."
+        },
+        "diskSizeGb": {
+          "description": "The size of the disk in base-2 GB. This supersedes disk_size_gb in InitializeParams.",
+          "format": "int64",
+          "type": "string"
+        },
+        "guestOsFeatures": {
+          "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.",
+          "items": {
+            "$ref": "GuestOsFeature"
+          },
+          "type": "array"
+        },
+        "index": {
+          "description": "[Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "initializeParams": {
+          "$ref": "AttachedDiskInitializeParams",
+          "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.\n\nThis property is mutually exclusive with the source property; you can only define one or the other, but not both."
+        },
+        "interface": {
+          "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. Persistent disks must always use SCSI and the request will fail if you attempt to attach a persistent disk in any other format than SCSI. Local SSDs can use either NVME or SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance.",
+          "enum": [
+            "NVME",
+            "SCSI"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#attachedDisk",
+          "description": "[Output Only] Type of the resource. Always compute#attachedDisk for attached disks.",
+          "type": "string"
+        },
+        "licenses": {
+          "description": "[Output Only] Any valid publicly visible licenses.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "mode": {
+          "description": "The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode.",
+          "enum": [
+            "READ_ONLY",
+            "READ_WRITE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "savedState": {
+          "description": "For LocalSSD disks on VM Instances in STOPPED or SUSPENDED state, this field is set to PRESERVED iff the LocalSSD data has been saved to a persistent location by customer request. (see the discard_local_ssd option on Stop/Suspend). Read-only in the api.",
+          "enum": [
+            "DISK_SAVED_STATE_UNSPECIFIED",
+            "PRESERVED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "source": {
+          "description": "Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or disks.source is required except for local SSD.\n\nIf desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.\n\nNote that for InstanceTemplate, specify the disk name, not the URL for the disk.",
+          "type": "string"
+        },
+        "type": {
+          "description": "Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.",
+          "enum": [
+            "PERSISTENT",
+            "SCRATCH"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "AttachedDiskInitializeParams": {
+      "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.\n\nThis property is mutually exclusive with the source property; you can only define one or the other, but not both.",
+      "id": "AttachedDiskInitializeParams",
+      "properties": {
+        "diskName": {
+          "description": "Specifies the disk name. If not specified, the default is to use the name of the instance.",
+          "type": "string"
+        },
+        "diskSizeGb": {
+          "description": "Specifies the size of the disk in base-2 GB.",
+          "format": "int64",
+          "type": "string"
+        },
+        "diskStorageType": {
+          "description": "[Deprecated] Storage type of the disk.",
+          "enum": [
+            "HDD",
+            "SSD"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "diskType": {
+          "description": "Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:\nhttps://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard\n\n\nOther values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType \n- projects/project/zones/zone/diskTypes/diskType \n- zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.",
+          "type": "object"
+        },
+        "sourceImage": {
+          "description": "The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or disks.source is required except for local SSD.\n\nTo create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-8 to use the latest Debian 8 image:\nprojects/debian-cloud/global/images/family/debian-8\n\n\nAlternatively, use a specific version of a public operating system image:\nprojects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD\n\n\nTo create a disk with a custom image that you created, specify the image name in the following format:\nglobal/images/my-custom-image\n\n\nYou can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:\nglobal/images/family/my-image-family\n\n\nIf the source image is deleted later, this field will not be set.",
+          "type": "string"
+        },
+        "sourceImageEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.\n\nInstance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys."
+        }
+      },
+      "type": "object"
+    },
+    "AuditConfig": {
+      "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.\n\nIf there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.\n\nExample Policy with multiple AuditConfigs:\n\n{ \"audit_configs\": [ { \"service\": \"allServices\" \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:foo@gmail.com\" ] }, { \"log_type\": \"DATA_WRITE\", }, { \"log_type\": \"ADMIN_READ\", } ] }, { \"service\": \"fooservice.googleapis.com\" \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:bar@gmail.com\" ] } ] } ] }\n\nFor fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts foo@gmail.com from DATA_READ logging, and bar@gmail.com from DATA_WRITE logging.",
+      "id": "AuditConfig",
+      "properties": {
+        "auditLogConfigs": {
+          "description": "The configuration for logging of each type of permission.",
+          "items": {
+            "$ref": "AuditLogConfig"
+          },
+          "type": "array"
+        },
+        "exemptedMembers": {
+          "description": "",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "service": {
+          "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "AuditLogConfig": {
+      "description": "Provides the configuration for logging a type of permissions. Example:\n\n{ \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:foo@gmail.com\" ] }, { \"log_type\": \"DATA_WRITE\", } ] }\n\nThis enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting foo@gmail.com from DATA_READ logging.",
+      "id": "AuditLogConfig",
+      "properties": {
+        "exemptedMembers": {
+          "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "logType": {
+          "description": "The log type that this config enables.",
+          "enum": [
+            "ADMIN_READ",
+            "DATA_READ",
+            "DATA_WRITE",
+            "LOG_TYPE_UNSPECIFIED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "AuthorizationLoggingOptions": {
+      "description": "Authorization-related information used by Cloud Audit Logging.",
+      "id": "AuthorizationLoggingOptions",
+      "properties": {
+        "permissionType": {
+          "description": "The type of the permission that was checked.",
+          "enum": [
+            "ADMIN_READ",
+            "ADMIN_WRITE",
+            "DATA_READ",
+            "DATA_WRITE",
+            "PERMISSION_TYPE_UNSPECIFIED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Autoscaler": {
+      "description": "Represents an Autoscaler resource. Autoscalers allow you to automatically scale virtual machine instances in managed instance groups according to an autoscaling policy that you define. For more information, read Autoscaling Groups of Instances. (== resource_for beta.autoscalers ==) (== resource_for v1.autoscalers ==) (== resource_for beta.regionAutoscalers ==) (== resource_for v1.regionAutoscalers ==)",
+      "id": "Autoscaler",
+      "properties": {
+        "autoscalingPolicy": {
+          "$ref": "AutoscalingPolicy",
+          "description": "The configuration parameters for the autoscaling algorithm. You can define one or more of the policies for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.\n\nIf none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%."
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#autoscaler",
+          "description": "[Output Only] Type of the resource. Always compute#autoscaler for autoscalers.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.instanceGroups.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "recommendedSize": {
+          "description": "[Output Only] Target recommended MIG size computed by autoscaler. Autoscaler calculates recommended MIG size even when autoscaling policy mode is different from ON. This field is empty when autoscaler is not connected to the existing managed instance group or autoscaler did not generate its first prediction.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the instance group resides (for autoscalers living in regional scope).",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the autoscaler configuration.",
+          "enum": [
+            "ACTIVE",
+            "DELETING",
+            "ERROR",
+            "PENDING"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "statusDetails": {
+          "description": "[Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.",
+          "items": {
+            "$ref": "AutoscalerStatusDetails"
+          },
+          "type": "array"
+        },
+        "target": {
+          "description": "URL of the managed instance group that this autoscaler will scale.",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] URL of the zone where the instance group resides (for autoscalers living in zonal scope).",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "AutoscalerAggregatedList": {
+      "id": "AutoscalerAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "AutoscalersScopedList",
+            "description": "[Output Only] Name of the scope containing this set of autoscalers."
+          },
+          "description": "A list of AutoscalersScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#autoscalerAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#autoscalerAggregatedList for aggregated lists of autoscalers.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "AutoscalerList": {
+      "description": "Contains a list of Autoscaler resources.",
+      "id": "AutoscalerList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Autoscaler resources.",
+          "items": {
+            "$ref": "Autoscaler"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#autoscalerList",
+          "description": "[Output Only] Type of resource. Always compute#autoscalerList for lists of autoscalers.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "AutoscalerStatusDetails": {
+      "id": "AutoscalerStatusDetails",
+      "properties": {
+        "message": {
+          "description": "The status message.",
+          "type": "string"
+        },
+        "type": {
+          "description": "The type of error returned.",
+          "enum": [
+            "ALL_INSTANCES_UNHEALTHY",
+            "BACKEND_SERVICE_DOES_NOT_EXIST",
+            "CAPPED_AT_MAX_NUM_REPLICAS",
+            "CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE",
+            "CUSTOM_METRIC_INVALID",
+            "MIN_EQUALS_MAX",
+            "MISSING_CUSTOM_METRIC_DATA_POINTS",
+            "MISSING_LOAD_BALANCING_DATA_POINTS",
+            "MORE_THAN_ONE_BACKEND_SERVICE",
+            "NOT_ENOUGH_QUOTA_AVAILABLE",
+            "REGION_RESOURCE_STOCKOUT",
+            "SCALING_TARGET_DOES_NOT_EXIST",
+            "UNKNOWN",
+            "UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION",
+            "ZONE_RESOURCE_STOCKOUT"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "AutoscalersScopedList": {
+      "id": "AutoscalersScopedList",
+      "properties": {
+        "autoscalers": {
+          "description": "[Output Only] List of autoscalers contained in this scope.",
+          "items": {
+            "$ref": "Autoscaler"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of autoscalers when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "AutoscalingPolicy": {
+      "description": "Cloud Autoscaler policy.",
+      "id": "AutoscalingPolicy",
+      "properties": {
+        "coolDownPeriodSec": {
+          "description": "The number of seconds that the autoscaler should wait before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.\n\nVirtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "cpuUtilization": {
+          "$ref": "AutoscalingPolicyCpuUtilization",
+          "description": "Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group."
+        },
+        "customMetricUtilizations": {
+          "description": "Configuration parameters of autoscaling based on a custom metric.",
+          "items": {
+            "$ref": "AutoscalingPolicyCustomMetricUtilization"
+          },
+          "type": "array"
+        },
+        "loadBalancingUtilization": {
+          "$ref": "AutoscalingPolicyLoadBalancingUtilization",
+          "description": "Configuration parameters of autoscaling based on load balancer."
+        },
+        "maxNumReplicas": {
+          "description": "The maximum number of instances that the autoscaler can scale up to. This is required when creating or updating an autoscaler. The maximum number of replicas should not be lower than minimal number of replicas.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "minNumReplicas": {
+          "description": "The minimum number of replicas that the autoscaler can scale down to. This cannot be less than 0. If not provided, autoscaler will choose a default value depending on maximum number of instances allowed.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "mode": {
+          "description": "Defines operating mode for this policy.",
+          "enum": [
+            "OFF",
+            "ON",
+            "ONLY_DOWN",
+            "ONLY_UP"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "queueBasedScaling": {
+          "$ref": "AutoscalingPolicyQueueBasedScaling",
+          "description": "Configuration parameters of autoscaling based on queuing system."
+        }
+      },
+      "type": "object"
+    },
+    "AutoscalingPolicyCpuUtilization": {
+      "description": "CPU utilization policy.",
+      "id": "AutoscalingPolicyCpuUtilization",
+      "properties": {
+        "utilizationTarget": {
+          "description": "The target CPU utilization that the autoscaler should maintain. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.\n\nIf the CPU level is below the target utilization, the autoscaler scales down the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.\n\nIf the average CPU is above the target utilization, the autoscaler scales up until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.",
+          "format": "double",
+          "type": "number"
+        }
+      },
+      "type": "object"
+    },
+    "AutoscalingPolicyCustomMetricUtilization": {
+      "description": "Custom utilization metric policy.",
+      "id": "AutoscalingPolicyCustomMetricUtilization",
+      "properties": {
+        "filter": {
+          "description": "A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.\n\nFor the filter to be valid for autoscaling purposes, the following rules apply:  \n- You can only use the AND operator for joining selectors. \n- You can only use direct equality comparison operator (=) without any functions for each selector. \n- You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. \n- The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.\nIf the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.\n\nIf not specified, the type defaults to gce_instance.  \n\nYou should provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.",
+          "type": "string"
+        },
+        "metric": {
+          "description": "The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.\n\nThe metric must have a value type of INT64 or DOUBLE.",
+          "type": "string"
+        },
+        "singleInstanceAssignment": {
+          "description": "If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler will keep the number of instances proportional to the value of this metric, the metric itself should not change value due to group resizing.\n\nA good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.\n\nA bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.",
+          "format": "double",
+          "type": "number"
+        },
+        "utilizationTarget": {
+          "description": "The target value of the metric that autoscaler should maintain. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.\n\nFor example, a good metric to use as a utilization_target is compute.googleapis.com/instance/network/received_bytes_count. The autoscaler will work to keep this value constant for each of the instances.",
+          "format": "double",
+          "type": "number"
+        },
+        "utilizationTargetType": {
+          "description": "Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE. If not specified, the default is GAUGE.",
+          "enum": [
+            "DELTA_PER_MINUTE",
+            "DELTA_PER_SECOND",
+            "GAUGE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "AutoscalingPolicyLoadBalancingUtilization": {
+      "description": "Configuration parameters of autoscaling based on load balancing.",
+      "id": "AutoscalingPolicyLoadBalancingUtilization",
+      "properties": {
+        "utilizationTarget": {
+          "description": "Fraction of backend capacity utilization (set in HTTP(s) load balancing configuration) that autoscaler should maintain. Must be a positive float value. If not defined, the default is 0.8.",
+          "format": "double",
+          "type": "number"
+        }
+      },
+      "type": "object"
+    },
+    "AutoscalingPolicyQueueBasedScaling": {
+      "description": "Configuration parameters of autoscaling based on queuing system.",
+      "id": "AutoscalingPolicyQueueBasedScaling",
+      "properties": {
+        "acceptableBacklogPerInstance": {
+          "description": "Scaling based on the average number of tasks in the queue per each active instance. The autoscaler keeps the average number of tasks per instance below this number, based on data collected in the last couple of minutes. The autoscaler will also take into account incoming tasks when calculating when to scale.",
+          "format": "double",
+          "type": "number"
+        },
+        "cloudPubSub": {
+          "$ref": "AutoscalingPolicyQueueBasedScalingCloudPubSub",
+          "description": "Configuration for Cloud Pub/Sub subscription queue."
+        },
+        "singleWorkerThroughputPerSec": {
+          "description": "The scaling algorithm will also calculate throughput estimates on its own; if you explicitly provide this value, the autoscaler will take into account your value as well as automatic estimates when deciding how to scale.",
+          "format": "double",
+          "type": "number"
+        }
+      },
+      "type": "object"
+    },
+    "AutoscalingPolicyQueueBasedScalingCloudPubSub": {
+      "description": "Configuration parameters for scaling based on Cloud Pub/Sub subscription queue.",
+      "id": "AutoscalingPolicyQueueBasedScalingCloudPubSub",
+      "properties": {
+        "subscription": {
+          "description": "Cloud Pub/Sub subscription used for scaling. Provide the partial URL (starting with projects/) or just the subscription name. The subscription must be assigned to the topic specified in topicName and must be in a pull configuration. The subscription must belong to the same project as the Autoscaler.",
+          "type": "string"
+        },
+        "topic": {
+          "description": "Cloud Pub/Sub topic used for scaling. Provide the partial URL or partial URL (starting with projects/) or just the topic name. The topic must belong to the same project as the Autoscaler resource.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Backend": {
+      "description": "Message containing information of one individual backend.",
+      "id": "Backend",
+      "properties": {
+        "balancingMode": {
+          "description": "Specifies the balancing mode for this backend. For global HTTP(S) or TCP/SSL load balancing, the default is UTILIZATION. Valid values are UTILIZATION, RATE (for HTTP(S)) and CONNECTION (for TCP/SSL).\n\nFor Internal Load Balancing, the default and only supported mode is CONNECTION.",
+          "enum": [
+            "CONNECTION",
+            "RATE",
+            "UTILIZATION"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "capacityScaler": {
+          "description": "A multiplier applied to the group's maximum servicing capacity (based on UTILIZATION, RATE or CONNECTION). Default value is 1, which means the group will serve up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available Capacity. Valid range is [0.0,1.0].\n\nThis cannot be used for internal load balancing.",
+          "format": "float",
+          "type": "number"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "failover": {
+          "description": "This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService.",
+          "type": "boolean"
+        },
+        "group": {
+          "description": "The fully-qualified URL of a Instance Group resource. This instance group defines the list of instances that serve traffic. Member virtual machine instances from each instance group must live in the same zone as the instance group itself. No two backends in a backend service are allowed to use same Instance Group resource.\n\nNote that you must specify an Instance Group resource using the fully-qualified URL, rather than a partial URL.\n\nWhen the BackendService has load balancing scheme INTERNAL, the instance group must be within the same region as the BackendService.",
+          "type": "string"
+        },
+        "maxConnections": {
+          "description": "The max number of simultaneous connections for the group. Can be used with either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set.\n\nThis cannot be used for internal load balancing.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "maxConnectionsPerEndpoint": {
+          "description": "The max number of simultaneous connections that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerEndpoint must be set.\n\nThis cannot be used for internal load balancing.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "maxConnectionsPerInstance": {
+          "description": "The max number of simultaneous connections that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set.\n\nThis cannot be used for internal load balancing.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "maxRate": {
+          "description": "The max requests per second (RPS) of the group. Can be used with either RATE or UTILIZATION balancing modes, but required if RATE mode. For RATE mode, either maxRate or maxRatePerInstance must be set.\n\nThis cannot be used for internal load balancing.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "maxRatePerEndpoint": {
+          "description": "The max requests per second (RPS) that a single backend network endpoint can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerEndpoint must be set.\n\nThis cannot be used for internal load balancing.",
+          "format": "float",
+          "type": "number"
+        },
+        "maxRatePerInstance": {
+          "description": "The max requests per second (RPS) that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerInstance must be set.\n\nThis cannot be used for internal load balancing.",
+          "format": "float",
+          "type": "number"
+        },
+        "maxUtilization": {
+          "description": "Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization target for the group. The default is 0.8. Valid range is [0.0, 1.0].\n\nThis cannot be used for internal load balancing.",
+          "format": "float",
+          "type": "number"
+        }
+      },
+      "type": "object"
+    },
+    "BackendBucket": {
+      "description": "A BackendBucket resource. This resource defines a Cloud Storage bucket.",
+      "id": "BackendBucket",
+      "properties": {
+        "bucketName": {
+          "description": "Cloud Storage bucket name.",
+          "type": "string"
+        },
+        "cdnPolicy": {
+          "$ref": "BackendBucketCdnPolicy",
+          "description": "Cloud CDN Coniguration for this BackendBucket."
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional textual description of the resource; provided by the client when the resource is created.",
+          "type": "string"
+        },
+        "enableCdn": {
+          "description": "If true, enable Cloud CDN for this BackendBucket.",
+          "type": "boolean"
+        },
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#backendBucket",
+          "description": "Type of the resource.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "BackendBucketCdnPolicy": {
+      "description": "Message containing Cloud CDN configuration for a backend bucket.",
+      "id": "BackendBucketCdnPolicy",
+      "properties": {
+        "signedUrlCacheMaxAgeSec": {
+          "description": "Number of seconds up to which the response to a signed URL request will be cached in the CDN. After this time period, the Signed URL will be revalidated before being served. Defaults to 1hr (3600s). If this field is set, Cloud CDN will internally act as though all responses from this bucket had a ?Cache-Control: public, max-age=[TTL]? header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered.",
+          "format": "int64",
+          "type": "string"
+        },
+        "signedUrlKeyNames": {
+          "description": "[Output Only] Names of the keys currently configured for Cloud CDN Signed URL on this backend bucket.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "BackendBucketList": {
+      "description": "Contains a list of BackendBucket resources.",
+      "id": "BackendBucketList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of BackendBucket resources.",
+          "items": {
+            "$ref": "BackendBucket"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#backendBucketList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "BackendService": {
+      "description": "A BackendService resource. This resource defines a group of backend virtual machines and their serving capacity. (== resource_for v1.backendService ==) (== resource_for beta.backendService ==)",
+      "id": "BackendService",
+      "properties": {
+        "affinityCookieTtlSec": {
+          "description": "Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day.\n\nWhen the load balancing scheme is INTERNAL, this field is not used.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "appEngineBackend": {
+          "$ref": "BackendServiceAppEngineBackend",
+          "description": "Directs request to an App Engine app. cloudFunctionBackend and backends[] must be empty if this is set."
+        },
+        "backends": {
+          "description": "The list of backends that serve this BackendService.",
+          "items": {
+            "$ref": "Backend"
+          },
+          "type": "array"
+        },
+        "cdnPolicy": {
+          "$ref": "BackendServiceCdnPolicy",
+          "description": "Cloud CDN configuration for this BackendService."
+        },
+        "cloudFunctionBackend": {
+          "$ref": "BackendServiceCloudFunctionBackend",
+          "description": "Directs request to a cloud function. appEngineBackend and backends[] must be empty if this is set."
+        },
+        "connectionDraining": {
+          "$ref": "ConnectionDraining"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "customRequestHeaders": {
+          "description": "Headers that the HTTP/S load balancer should add to proxied requests.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "enableCDN": {
+          "description": "If true, enable Cloud CDN for this BackendService.\n\nWhen the load balancing scheme is INTERNAL, this field is not used.",
+          "type": "boolean"
+        },
+        "failoverPolicy": {
+          "$ref": "BackendServiceFailoverPolicy"
+        },
+        "fingerprint": {
+          "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService.",
+          "format": "byte",
+          "type": "string"
+        },
+        "healthChecks": {
+          "description": "The list of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified, and a health check is required for Compute Engine backend services. A health check must not be specified for App Engine backend and Cloud Function backend.\n\nFor internal load balancing, a URL to a HealthCheck resource must be specified instead.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "iap": {
+          "$ref": "BackendServiceIAP"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#backendService",
+          "description": "[Output Only] Type of resource. Always compute#backendService for backend services.",
+          "type": "string"
+        },
+        "loadBalancingScheme": {
+          "description": "Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. Possible values are INTERNAL and EXTERNAL.",
+          "enum": [
+            "EXTERNAL",
+            "INTERNAL",
+            "INVALID_LOAD_BALANCING_SCHEME"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "port": {
+          "description": "Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.\n\nThis cannot be used for internal load balancing.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "portName": {
+          "description": "Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.\n\nWhen the load balancing scheme is INTERNAL, this field is not used.",
+          "type": "string"
+        },
+        "protocol": {
+          "description": "The protocol this BackendService uses to communicate with backends.\n\nPossible values are HTTP, HTTPS, TCP, and SSL. The default is HTTP.\n\nFor internal load balancing, the possible values are TCP and UDP, and the default is TCP.",
+          "enum": [
+            "HTTP",
+            "HTTP2",
+            "HTTPS",
+            "SSL",
+            "TCP",
+            "UDP"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "securityPolicy": {
+          "description": "[Output Only] The resource URL for the security policy associated with this backend service.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sessionAffinity": {
+          "description": "Type of session affinity to use. The default is NONE.\n\nWhen the load balancing scheme is EXTERNAL, can be NONE, CLIENT_IP, or GENERATED_COOKIE.\n\nWhen the load balancing scheme is INTERNAL, can be NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.\n\nWhen the protocol is UDP, this field is not used.",
+          "enum": [
+            "CLIENT_IP",
+            "CLIENT_IP_PORT_PROTO",
+            "CLIENT_IP_PROTO",
+            "GENERATED_COOKIE",
+            "NONE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "timeoutSec": {
+          "description": "How many seconds to wait for the backend before considering it a failed request. Default is 30 seconds.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "BackendServiceAggregatedList": {
+      "description": "Contains a list of BackendServicesScopedList.",
+      "id": "BackendServiceAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "BackendServicesScopedList",
+            "description": "Name of the scope containing this set of BackendServices."
+          },
+          "description": "A list of BackendServicesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#backendServiceAggregatedList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "BackendServiceAppEngineBackend": {
+      "description": "Configuration of a App Engine backend.",
+      "id": "BackendServiceAppEngineBackend",
+      "properties": {
+        "appEngineService": {
+          "description": "Optional. App Engine app service name.",
+          "type": "string"
+        },
+        "targetProject": {
+          "description": "Required. Project ID of the project hosting the app. This is the project ID of this project. Reference to another project is not allowed.",
+          "type": "string"
+        },
+        "version": {
+          "description": "Optional. Version of App Engine app service. When empty, App Engine will do its normal traffic split.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "BackendServiceCdnPolicy": {
+      "description": "Message containing Cloud CDN configuration for a backend service.",
+      "id": "BackendServiceCdnPolicy",
+      "properties": {
+        "cacheKeyPolicy": {
+          "$ref": "CacheKeyPolicy",
+          "description": "The CacheKeyPolicy for this CdnPolicy."
+        },
+        "signedUrlCacheMaxAgeSec": {
+          "description": "Number of seconds up to which the response to a signed URL request will be cached in the CDN. After this time period, the Signed URL will be revalidated before being served. Defaults to 1hr (3600s). If this field is set, Cloud CDN will internally act as though all responses from this backend had a ?Cache-Control: public, max-age=[TTL]? header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered.",
+          "format": "int64",
+          "type": "string"
+        },
+        "signedUrlKeyNames": {
+          "description": "[Output Only] Names of the keys currently configured for Cloud CDN Signed URL on this backend service.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "BackendServiceCloudFunctionBackend": {
+      "description": "Configuration of a Cloud Function backend.",
+      "id": "BackendServiceCloudFunctionBackend",
+      "properties": {
+        "functionName": {
+          "description": "Required. A cloud function name. Special value ?*? represents all cloud functions in the project.",
+          "type": "string"
+        },
+        "targetProject": {
+          "description": "Required. Project ID of the project hosting the cloud function.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "BackendServiceFailoverPolicy": {
+      "id": "BackendServiceFailoverPolicy",
+      "properties": {
+        "disableConnectionDrainOnFailover": {
+          "description": "On failover or failback, this field indicates whether connection drain will be honored. Setting this to true has the following effect: connections to the old active pool are not drained. Connections to the new active pool use the timeout of 10 min (currently fixed). Setting to false has the following effect: both old and new connections will have a drain timeout of 10 min.\n\nThis can be set to true only if the protocol is TCP.\n\nThe default is false.",
+          "type": "boolean"
+        },
+        "dropTrafficIfUnhealthy": {
+          "description": "This option is used only when no healthy VMs are detected in the primary and backup instance groups. When set to true, traffic is dropped. When set to false, new connections are sent across all VMs in the primary group.\n\nThe default is false.",
+          "type": "boolean"
+        },
+        "failoverRatio": {
+          "description": "The value of the field must be in [0, 1]. If the ratio of the healthy VMs in the primary backend is at or below this number, traffic arriving at the load-balanced IP will be directed to the failover backend.\n\nIn case where 'failoverRatio' is not set or all the VMs in the backup backend are unhealthy, the traffic will be directed back to the primary backend in the \"force\" mode, where traffic will be spread to the healthy VMs with the best effort, or to all VMs when no VM is healthy.\n\nThis field is only used with l4 load balancing.",
+          "format": "float",
+          "type": "number"
+        }
+      },
+      "type": "object"
+    },
+    "BackendServiceGroupHealth": {
+      "id": "BackendServiceGroupHealth",
+      "properties": {
+        "healthStatus": {
+          "items": {
+            "$ref": "HealthStatus"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#backendServiceGroupHealth",
+          "description": "[Output Only] Type of resource. Always compute#backendServiceGroupHealth for the health of backend services.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "BackendServiceIAP": {
+      "description": "Identity-Aware Proxy",
+      "id": "BackendServiceIAP",
+      "properties": {
+        "enabled": {
+          "type": "boolean"
+        },
+        "oauth2ClientId": {
+          "type": "string"
+        },
+        "oauth2ClientSecret": {
+          "type": "string"
+        },
+        "oauth2ClientSecretSha256": {
+          "description": "[Output Only] SHA256 hash value for the field oauth2_client_secret above.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "BackendServiceList": {
+      "description": "Contains a list of BackendService resources.",
+      "id": "BackendServiceList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of BackendService resources.",
+          "items": {
+            "$ref": "BackendService"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#backendServiceList",
+          "description": "[Output Only] Type of resource. Always compute#backendServiceList for lists of backend services.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "BackendServiceReference": {
+      "id": "BackendServiceReference",
+      "properties": {
+        "backendService": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "BackendServicesScopedList": {
+      "id": "BackendServicesScopedList",
+      "properties": {
+        "backendServices": {
+          "description": "List of BackendServices contained in this scope.",
+          "items": {
+            "$ref": "BackendService"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of backend services when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "Binding": {
+      "description": "Associates `members` with a `role`.",
+      "id": "Binding",
+      "properties": {
+        "condition": {
+          "$ref": "Expr",
+          "description": "The condition that is associated with this binding. NOTE: an unsatisfied condition will not allow user access via current binding. Different bindings, including their conditions, are examined independently. This field is only visible as GOOGLE_INTERNAL or CONDITION_TRUSTED_TESTER."
+        },
+        "members": {
+          "description": "Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:\n\n* `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.\n\n* `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n\n* `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@gmail.com` or `joe@example.com`.\n\n\n\n* `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.\n\n* `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.\n\n\n\n* `domain:{domain}`: A Google Apps domain name that represents all the users of that domain. For example, `google.com` or `example.com`.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "role": {
+          "description": "Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "CacheInvalidationRule": {
+      "id": "CacheInvalidationRule",
+      "properties": {
+        "host": {
+          "description": "If set, this invalidation rule will only apply to requests with a Host header matching host.",
+          "type": "string"
+        },
+        "path": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "CacheKeyPolicy": {
+      "description": "Message containing what to include in the cache key for a request for Cloud CDN.",
+      "id": "CacheKeyPolicy",
+      "properties": {
+        "includeHost": {
+          "description": "If true, requests to different hosts will be cached separately.",
+          "type": "boolean"
+        },
+        "includeProtocol": {
+          "description": "If true, http and https requests will be cached separately.",
+          "type": "boolean"
+        },
+        "includeQueryString": {
+          "description": "If true, include query string parameters in the cache key according to query_string_whitelist and query_string_blacklist. If neither is set, the entire query string will be included. If false, the query string will be excluded from the cache key entirely.",
+          "type": "boolean"
+        },
+        "queryStringBlacklist": {
+          "description": "Names of query string parameters to exclude in cache keys. All other parameters will be included. Either specify query_string_whitelist or query_string_blacklist, not both. '\u0026' and '=' will be percent encoded and not treated as delimiters.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "queryStringWhitelist": {
+          "description": "Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify query_string_whitelist or query_string_blacklist, not both. '\u0026' and '=' will be percent encoded and not treated as delimiters.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "Commitment": {
+      "description": "Represents a Commitment resource. Creating a Commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts.\n\nCommitted use discounts are subject to Google Cloud Platform's Service Specific Terms. By purchasing a committed use discount, you agree to these terms. Committed use discounts will not renew, so you must purchase a new commitment to continue receiving discounts. (== resource_for beta.commitments ==) (== resource_for v1.commitments ==)",
+      "id": "Commitment",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "endTimestamp": {
+          "description": "[Output Only] Commitment end time in RFC3339 text format.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#commitment",
+          "description": "[Output Only] Type of the resource. Always compute#commitment for commitments.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "plan": {
+          "description": "The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).",
+          "enum": [
+            "INVALID",
+            "THIRTY_SIX_MONTH",
+            "TWELVE_MONTH"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where this commitment may be used.",
+          "type": "string"
+        },
+        "resources": {
+          "description": "List of commitment amounts for particular resources. Note that VCPU and MEMORY resource commitments must occur together.",
+          "items": {
+            "$ref": "ResourceCommitment"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "startTimestamp": {
+          "description": "[Output Only] Commitment start time in RFC3339 text format.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] Status of the commitment with regards to eventual expiration (each commitment has an end date defined). One of the following values: NOT_YET_ACTIVE, ACTIVE, EXPIRED.",
+          "enum": [
+            "ACTIVE",
+            "CREATING",
+            "EXPIRED",
+            "NOT_YET_ACTIVE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "statusMessage": {
+          "description": "[Output Only] An optional, human-readable explanation of the status.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "CommitmentAggregatedList": {
+      "id": "CommitmentAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "CommitmentsScopedList",
+            "description": "[Output Only] Name of the scope containing this set of commitments."
+          },
+          "description": "A list of CommitmentsScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#commitmentAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#commitmentAggregatedList for aggregated lists of commitments.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "CommitmentList": {
+      "description": "Contains a list of Commitment resources.",
+      "id": "CommitmentList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Commitment resources.",
+          "items": {
+            "$ref": "Commitment"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#commitmentList",
+          "description": "[Output Only] Type of resource. Always compute#commitmentList for lists of commitments.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "CommitmentsScopedList": {
+      "id": "CommitmentsScopedList",
+      "properties": {
+        "commitments": {
+          "description": "[Output Only] List of commitments contained in this scope.",
+          "items": {
+            "$ref": "Commitment"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of commitments when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "Condition": {
+      "description": "A condition to be met.",
+      "id": "Condition",
+      "properties": {
+        "iam": {
+          "description": "Trusted attributes supplied by the IAM system.",
+          "enum": [
+            "APPROVER",
+            "ATTRIBUTION",
+            "AUTHORITY",
+            "CREDENTIALS_TYPE",
+            "JUSTIFICATION_TYPE",
+            "NO_ATTR",
+            "SECURITY_REALM"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "op": {
+          "description": "An operator to apply the subject with.",
+          "enum": [
+            "DISCHARGED",
+            "EQUALS",
+            "IN",
+            "NOT_EQUALS",
+            "NOT_IN",
+            "NO_OP"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "svc": {
+          "description": "Trusted attributes discharged by the service.",
+          "type": "string"
+        },
+        "sys": {
+          "description": "Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.",
+          "enum": [
+            "IP",
+            "NAME",
+            "NO_ATTR",
+            "REGION",
+            "SERVICE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "value": {
+          "description": "DEPRECATED. Use 'values' instead.",
+          "type": "string"
+        },
+        "values": {
+          "description": "The objects of the condition. This is mutually exclusive with 'value'.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "ConnectionDraining": {
+      "description": "Message containing connection draining configuration.",
+      "id": "ConnectionDraining",
+      "properties": {
+        "drainingTimeoutSec": {
+          "description": "Time for which instance will be drained (not accept new connections, but still work to finish started).",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "CustomerEncryptionKey": {
+      "description": "Represents a customer-supplied encryption key",
+      "id": "CustomerEncryptionKey",
+      "properties": {
+        "kmsKeyName": {
+          "description": "The name of the encryption key that is stored in Google Cloud KMS.",
+          "type": "string"
+        },
+        "rawKey": {
+          "description": "Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.",
+          "type": "string"
+        },
+        "rsaEncryptedKey": {
+          "description": "Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.\n\nThe key must meet the following requirements before you can provide it to Compute Engine:  \n- The key is wrapped using a RSA public key certificate provided by Google. \n- After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Get the RSA public key certificate provided by Google at:\nhttps://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem",
+          "type": "string"
+        },
+        "sha256": {
+          "description": "[Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "CustomerEncryptionKeyProtectedDisk": {
+      "id": "CustomerEncryptionKeyProtectedDisk",
+      "properties": {
+        "diskEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "Decrypts data associated with the disk with a customer-supplied encryption key."
+        },
+        "source": {
+          "description": "Specifies a valid partial or full URL to an existing Persistent Disk resource. This field is only applicable for persistent disks.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "DailyMaintenanceWindow": {
+      "description": "Time window specified for daily maintenance operations.",
+      "id": "DailyMaintenanceWindow",
+      "properties": {
+        "daysInCycle": {
+          "description": "Allows to define schedule that runs every nth day of the month.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "duration": {
+          "description": "[Output only] Duration of the time window, automatically chosen to be smallest possible in the given scenario.",
+          "type": "string"
+        },
+        "startTime": {
+          "description": "Time within the maintenance window to start the maintenance operations. It must be in format \"HH:MM?, where HH : [00-23] and MM : [00-59] GMT.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "DeprecationStatus": {
+      "description": "Deprecation status for a public resource.",
+      "id": "DeprecationStatus",
+      "properties": {
+        "deleted": {
+          "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it.",
+          "type": "string"
+        },
+        "deprecated": {
+          "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DEPRECATED. This is only informational and the status will not change unless the client explicitly changes it.",
+          "type": "string"
+        },
+        "obsolete": {
+          "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to OBSOLETE. This is only informational and the status will not change unless the client explicitly changes it.",
+          "type": "string"
+        },
+        "replacement": {
+          "description": "The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource.",
+          "type": "string"
+        },
+        "state": {
+          "description": "The deprecation state of this resource. This can be DEPRECATED, OBSOLETE, or DELETED. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.",
+          "enum": [
+            "DELETED",
+            "DEPRECATED",
+            "OBSOLETE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Disk": {
+      "description": "A Disk resource. (== resource_for beta.disks ==) (== resource_for v1.disks ==)",
+      "id": "Disk",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "diskEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "Encrypts the disk using a customer-supplied encryption key.\n\nAfter you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot or an image, or to attach the disk to a virtual machine).\n\nCustomer-supplied encryption keys do not protect access to metadata of the disk.\n\nIf you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later."
+        },
+        "guestOsFeatures": {
+          "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.",
+          "items": {
+            "$ref": "GuestOsFeature"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#disk",
+          "description": "[Output Only] Type of the resource. Always compute#disk for disks.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a disk.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this disk. These can be later modified by the setLabels method.",
+          "type": "object"
+        },
+        "lastAttachTimestamp": {
+          "description": "[Output Only] Last attach timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "lastDetachTimestamp": {
+          "description": "[Output Only] Last detach timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "licenseCodes": {
+          "description": "Integer license codes indicating which licenses are attached to this disk.",
+          "items": {
+            "format": "int64",
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "licenses": {
+          "description": "Any applicable publicly visible licenses.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.disks.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "options": {
+          "description": "Internal use only.",
+          "type": "string"
+        },
+        "physicalBlockSizeBytes": {
+          "description": "Physical block size of the persistent disk, in bytes. If not present in a request, a default value is used. Initially only 4096 is supported, but other powers of two may be added. If an unsupported value is requested, the error message will list the supported values, but even a supported value may be allowed for only some projects.",
+          "format": "int64",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the disk resides. Only applicable for regional resources. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "replicaZones": {
+          "description": "URLs of the zones where the disk should be replicated to. Only applicable for regional resources.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined fully-qualified URL for this resource.",
+          "type": "string"
+        },
+        "sizeGb": {
+          "description": "Size of the persistent disk, specified in GB. You can specify this field when creating a persistent disk using the sourceImage or sourceSnapshot parameter, or specify it alone to create an empty persistent disk.\n\nIf you specify this field along with sourceImage or sourceSnapshot, the value of sizeGb must not be less than the size of the sourceImage or the size of the snapshot. Acceptable values are 1 to 65536, inclusive.",
+          "format": "int64",
+          "type": "string"
+        },
+        "sourceImage": {
+          "description": "The source image used to create this disk. If the source image is deleted, this field will not be set.\n\nTo create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-8 to use the latest Debian 8 image:\nprojects/debian-cloud/global/images/family/debian-8\n\n\nAlternatively, use a specific version of a public operating system image:\nprojects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD\n\n\nTo create a disk with a custom image that you created, specify the image name in the following format:\nglobal/images/my-custom-image\n\n\nYou can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:\nglobal/images/family/my-image-family",
+          "type": "string"
+        },
+        "sourceImageEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key."
+        },
+        "sourceImageId": {
+          "description": "[Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.",
+          "type": "string"
+        },
+        "sourceSnapshot": {
+          "description": "The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot \n- projects/project/global/snapshots/snapshot \n- global/snapshots/snapshot",
+          "type": "string"
+        },
+        "sourceSnapshotEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key."
+        },
+        "sourceSnapshotId": {
+          "description": "[Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of disk creation.",
+          "enum": [
+            "CREATING",
+            "FAILED",
+            "READY",
+            "RESTORING"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "storageType": {
+          "description": "[Deprecated] Storage type of the persistent disk.",
+          "enum": [
+            "HDD",
+            "SSD"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "type": {
+          "description": "URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: project/zones/zone/diskTypes/pd-standard or pd-ssd",
+          "type": "string"
+        },
+        "users": {
+          "description": "[Output Only] Links to the users of the disk (attached instances) in form: project/zones/zone/instances/instance",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "zone": {
+          "description": "[Output Only] URL of the zone where the disk resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "DiskAggregatedList": {
+      "id": "DiskAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "DisksScopedList",
+            "description": "[Output Only] Name of the scope containing this set of disks."
+          },
+          "description": "A list of DisksScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#diskAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#diskAggregatedList for aggregated lists of persistent disks.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "DiskInstantiationConfig": {
+      "description": "A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.",
+      "id": "DiskInstantiationConfig",
+      "properties": {
+        "autoDelete": {
+          "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).",
+          "type": "boolean"
+        },
+        "customImage": {
+          "description": "The custom source image to be used to restore this disk when instantiating this instance template.",
+          "type": "string"
+        },
+        "deviceName": {
+          "description": "Specifies the device name of the disk to which the configurations apply to.",
+          "type": "string"
+        },
+        "instantiateFrom": {
+          "description": "Specifies whether to include the disk and what image to use. Possible values are:  \n- source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. \n- source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. \n- custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. \n- attach-read-only: to attach a read-only disk. Applicable to read-only disks. \n- do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.",
+          "enum": [
+            "ATTACH_READ_ONLY",
+            "BLANK",
+            "CUSTOM_IMAGE",
+            "DEFAULT",
+            "DO_NOT_INCLUDE",
+            "SOURCE_IMAGE",
+            "SOURCE_IMAGE_FAMILY"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "DiskList": {
+      "description": "A list of Disk resources.",
+      "id": "DiskList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Disk resources.",
+          "items": {
+            "$ref": "Disk"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#diskList",
+          "description": "[Output Only] Type of resource. Always compute#diskList for lists of disks.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "DiskMoveRequest": {
+      "id": "DiskMoveRequest",
+      "properties": {
+        "destinationZone": {
+          "description": "The URL of the destination zone to move the disk. This can be a full or partial URL. For example, the following are all valid URLs to a zone:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone \n- projects/project/zones/zone \n- zones/zone",
+          "type": "string"
+        },
+        "targetDisk": {
+          "description": "The URL of the target disk to move. This can be a full or partial URL. For example, the following are all valid URLs to a disk:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk \n- projects/project/zones/zone/disks/disk \n- zones/zone/disks/disk",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "DiskType": {
+      "description": "A DiskType resource. (== resource_for beta.diskTypes ==) (== resource_for v1.diskTypes ==)",
+      "id": "DiskType",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "defaultDiskSizeGb": {
+          "description": "[Output Only] Server-defined default disk size in GB.",
+          "format": "int64",
+          "type": "string"
+        },
+        "deprecated": {
+          "$ref": "DeprecationStatus",
+          "description": "[Output Only] The deprecation status associated with this disk type."
+        },
+        "description": {
+          "description": "[Output Only] An optional description of this resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#diskType",
+          "description": "[Output Only] Type of the resource. Always compute#diskType for disk types.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "validDiskSize": {
+          "description": "[Output Only] An optional textual description of the valid disk size, such as \"10GB-10TB\".",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] URL of the zone where the disk type resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "DiskTypeAggregatedList": {
+      "id": "DiskTypeAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "DiskTypesScopedList",
+            "description": "[Output Only] Name of the scope containing this set of disk types."
+          },
+          "description": "A list of DiskTypesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#diskTypeAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#diskTypeAggregatedList.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "DiskTypeList": {
+      "description": "Contains a list of disk types.",
+      "id": "DiskTypeList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of DiskType resources.",
+          "items": {
+            "$ref": "DiskType"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#diskTypeList",
+          "description": "[Output Only] Type of resource. Always compute#diskTypeList for disk types.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "DiskTypesScopedList": {
+      "id": "DiskTypesScopedList",
+      "properties": {
+        "diskTypes": {
+          "description": "[Output Only] List of disk types contained in this scope.",
+          "items": {
+            "$ref": "DiskType"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of disk types when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "DisksResizeRequest": {
+      "id": "DisksResizeRequest",
+      "properties": {
+        "sizeGb": {
+          "description": "The new size of the persistent disk, which is specified in GB.",
+          "format": "int64",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "DisksScopedList": {
+      "id": "DisksScopedList",
+      "properties": {
+        "disks": {
+          "description": "[Output Only] List of disks contained in this scope.",
+          "items": {
+            "$ref": "Disk"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of disks when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "DistributionPolicy": {
+      "id": "DistributionPolicy",
+      "properties": {
+        "zones": {
+          "items": {
+            "$ref": "DistributionPolicyZoneConfiguration"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "DistributionPolicyZoneConfiguration": {
+      "id": "DistributionPolicyZoneConfiguration",
+      "properties": {
+        "zone": {
+          "annotations": {
+            "required": [
+              "compute.regionInstanceGroupManagers.insert",
+              "compute.regionInstanceGroupManagers.update"
+            ]
+          },
+          "description": "URL of the zone where managed instance group is spawning instances (for regional resources). Zone has to belong to the region where managed instance group is located.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Expr": {
+      "description": "Represents an expression text. Example:\n\ntitle: \"User account presence\" description: \"Determines whether the request has a user account\" expression: \"size(request.user) \u003e 0\"",
+      "id": "Expr",
+      "properties": {
+        "description": {
+          "description": "An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.",
+          "type": "string"
+        },
+        "expression": {
+          "description": "Textual representation of an expression in Common Expression Language syntax.\n\nThe application context of the containing message determines which well-known feature set of CEL is supported.",
+          "type": "string"
+        },
+        "location": {
+          "description": "An optional string indicating the location of the expression for error reporting, e.g. a file name and a position in the file.",
+          "type": "string"
+        },
+        "title": {
+          "description": "An optional title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Firewall": {
+      "description": "Represents a Firewall resource.",
+      "id": "Firewall",
+      "properties": {
+        "allowed": {
+          "description": "The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.",
+          "items": {
+            "properties": {
+              "IPProtocol": {
+                "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.",
+                "type": "string"
+              },
+              "ports": {
+                "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.\n\nExample inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"].",
+                "items": {
+                  "type": "string"
+                },
+                "type": "array"
+              }
+            },
+            "type": "object"
+          },
+          "type": "array"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "denied": {
+          "description": "The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.",
+          "items": {
+            "properties": {
+              "IPProtocol": {
+                "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.",
+                "type": "string"
+              },
+              "ports": {
+                "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.\n\nExample inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"].",
+                "items": {
+                  "type": "string"
+                },
+                "type": "array"
+              }
+            },
+            "type": "object"
+          },
+          "type": "array"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "destinationRanges": {
+          "description": "If destination ranges are specified, the firewall will apply only to traffic that has destination IP address in these ranges. These ranges must be expressed in CIDR format. Only IPv4 is supported.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "direction": {
+          "description": "Direction of traffic to which this firewall applies; default is INGRESS. Note: For INGRESS traffic, it is NOT supported to specify destinationRanges; For EGRESS traffic, it is NOT supported to specify sourceRanges OR sourceTags.",
+          "enum": [
+            "EGRESS",
+            "INGRESS"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "disabled": {
+          "description": "Denotes whether the firewall rule is disabled, i.e not applied to the network it is associated with. When set to true, the firewall rule is not enforced and the network behaves as if it did not exist. If this is unspecified, the firewall rule will be enabled.",
+          "type": "boolean"
+        },
+        "enableLogging": {
+          "description": "This field denotes whether to enable logging for a particular firewall rule. If logging is enabled, logs will be exported to the configured export destination for all firewall logs in the network. Logs may be exported to BigQuery or Pub/Sub.",
+          "type": "boolean"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#firewall",
+          "description": "[Output Only] Type of the resource. Always compute#firewall for firewall rules.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.firewalls.insert",
+              "compute.firewalls.patch"
+            ]
+          },
+          "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "network": {
+          "description": "URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:\nglobal/networks/default\nIf you choose to specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network \n- projects/myproject/global/networks/my-network \n- global/networks/default",
+          "type": "string"
+        },
+        "priority": {
+          "description": "Priority for this rule. This is an integer between 0 and 65535, both inclusive. When not specified, the value assumed is 1000. Relative priorities determine precedence of conflicting rules. Lower value of priority implies higher precedence (eg, a rule with priority 0 has higher precedence than a rule with priority 1). DENY rules take precedence over ALLOW rules having equal priority.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sourceRanges": {
+          "description": "If source ranges are specified, the firewall will apply only to traffic that has source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply. Only IPv4 is supported.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "sourceServiceAccounts": {
+          "description": "If source service accounts are specified, the firewall will apply only to traffic originating from an instance with a service account in this list. Source service accounts cannot be used to control traffic to an instance's external IP address because service accounts are associated with an instance, not an IP address. sourceRanges can be set at the same time as sourceServiceAccounts. If both are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP belongs to an instance with service account listed in sourceServiceAccount. The connection does not need to match both properties for the firewall to apply. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "sourceTags": {
+          "description": "If source tags are specified, the firewall rule applies only to traffic with source IPs that match the primary network interfaces of VM instances that have the tag and are in the same VPC network. Source tags cannot be used to control traffic to an instance's external IP address, it only applies to traffic between instances in the same virtual network. Because tags are associated with instances, not IP addresses. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "targetServiceAccounts": {
+          "description": "A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[]. targetServiceAccounts cannot be used at the same time as targetTags or sourceTags. If neither targetServiceAccounts nor targetTags are specified, the firewall rule applies to all instances on the specified network.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "targetTags": {
+          "description": "A list of tags that controls which instances the firewall rule applies to. If targetTags are specified, then the firewall rule applies only to instances in the VPC network that have one of those tags. If no targetTags are specified, the firewall rule applies to all instances on the specified network.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "FirewallList": {
+      "description": "Contains a list of firewalls.",
+      "id": "FirewallList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Firewall resources.",
+          "items": {
+            "$ref": "Firewall"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#firewallList",
+          "description": "[Output Only] Type of resource. Always compute#firewallList for lists of firewalls.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "FixedOrPercent": {
+      "description": "Encapsulates numeric value that can be either absolute or relative.",
+      "id": "FixedOrPercent",
+      "properties": {
+        "calculated": {
+          "description": "[Output Only] Absolute value of VM instances calculated based on the specific mode.\n\n \n- If the value is fixed, then the caculated value is equal to the fixed value. \n- If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded up.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "fixed": {
+          "description": "Specifies a fixed number of VM instances. This must be a positive integer.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "percent": {
+          "description": "Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "ForwardingRule": {
+      "description": "A ForwardingRule resource. A ForwardingRule resource specifies which pool of target virtual machines to forward a packet to if it matches the given [IPAddress, IPProtocol, ports] tuple. (== resource_for beta.forwardingRules ==) (== resource_for v1.forwardingRules ==) (== resource_for beta.globalForwardingRules ==) (== resource_for v1.globalForwardingRules ==) (== resource_for beta.regionForwardingRules ==) (== resource_for v1.regionForwardingRules ==)",
+      "id": "ForwardingRule",
+      "properties": {
+        "IPAddress": {
+          "description": "The IP address that this forwarding rule is serving on behalf of.\n\nAddresses are restricted based on the forwarding rule's load balancing scheme (EXTERNAL or INTERNAL) and scope (global or regional).\n\nWhen the load balancing scheme is EXTERNAL, for global forwarding rules, the address must be a global IP, and for regional forwarding rules, the address must live in the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 address from the same scope (global or regional) will be assigned. A regional forwarding rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6.\n\nWhen the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address belonging to the network/subnet configured for the forwarding rule. By default, if this field is empty, an ephemeral internal IP address will be automatically allocated from the IP range of the subnet or network configured for this forwarding rule.\n\nAn address can be specified either by a literal IP address or a URL reference to an existing Address resource. The following examples are all valid:  \n- 100.1.2.3 \n- https://www.googleapis.com/compute/v1/projects/project/regions/region/addresses/address \n- projects/project/regions/region/addresses/address \n- regions/region/addresses/address \n- global/addresses/address \n- address",
+          "type": "string"
+        },
+        "IPProtocol": {
+          "description": "The IP protocol to which this rule applies. Valid options are TCP, UDP, ESP, AH, SCTP or ICMP.\n\nWhen the load balancing scheme is INTERNAL, only TCP and UDP are valid.",
+          "enum": [
+            "AH",
+            "ESP",
+            "ICMP",
+            "SCTP",
+            "TCP",
+            "UDP"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "backendService": {
+          "description": "This field is not used for external load balancing.\n\nFor internal load balancing, this field identifies the BackendService resource to receive the matched traffic.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "fingerprint": {
+          "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a ForwardingRule. Include the fingerprint in patch request to ensure that you do not overwrite changes that were applied from another concurrent request.\n\nTo see the latest fingerprint, make a get() request to retrieve a ForwardingRule.",
+          "format": "byte",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "ipVersion": {
+          "description": "The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for a global forwarding rule.",
+          "enum": [
+            "IPV4",
+            "IPV6",
+            "UNSPECIFIED_VERSION"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#forwardingRule",
+          "description": "[Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a ForwardingRule.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this resource. These can be later modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.",
+          "type": "object"
+        },
+        "loadBalancingScheme": {
+          "description": "This signifies what the ForwardingRule will be used for and can only take the following values: INTERNAL, EXTERNAL The value of INTERNAL means that this will be used for Internal Network Load Balancing (TCP, UDP). The value of EXTERNAL means that this will be used for External Load Balancing (HTTP(S) LB, External TCP/UDP LB, SSL Proxy)",
+          "enum": [
+            "EXTERNAL",
+            "INTERNAL",
+            "INTERNAL_SELF_MANAGED",
+            "INVALID"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "network": {
+          "description": "This field is not used for external load balancing.\n\nFor internal load balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.",
+          "type": "string"
+        },
+        "networkTier": {
+          "description": "This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM , STANDARD.\n\nFor regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.\n\nIf this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.",
+          "enum": [
+            "PREMIUM",
+            "SELECT",
+            "STANDARD"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "portRange": {
+          "description": "This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance.\n\nApplicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to ports in the specified range will be forwarded to target. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port ranges.\n\nSome types of forwarding target have constraints on the acceptable ports:  \n- TargetHttpProxy: 80, 8080 \n- TargetHttpsProxy: 443 \n- TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 \n- TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 \n- TargetVpnGateway: 500, 4500",
+          "type": "string"
+        },
+        "ports": {
+          "description": "This field is used along with the backend_service field for internal load balancing.\n\nWhen the load balancing scheme is INTERNAL, a single port or a comma separated list of ports can be configured. Only packets addressed to these ports will be forwarded to the backends configured with this forwarding rule.\n\nYou may specify a maximum of up to 5 ports.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "serviceLabel": {
+          "description": "An optional prefix to the service name for this Forwarding Rule. If specified, will be the first label of the fully qualified service name.\n\nThe label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.\n\nThis field is only used for internal load balancing.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "serviceName": {
+          "description": "[Output Only] The internal fully qualified service name for this Forwarding Rule.\n\nThis field is only used for internal load balancing.",
+          "type": "string"
+        },
+        "subnetwork": {
+          "description": "This field is not used for external load balancing.\n\nFor internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.\n\nIf the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.",
+          "type": "string"
+        },
+        "target": {
+          "description": "The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must live in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ForwardingRuleAggregatedList": {
+      "id": "ForwardingRuleAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "ForwardingRulesScopedList",
+            "description": "Name of the scope containing this set of addresses."
+          },
+          "description": "A list of ForwardingRulesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#forwardingRuleAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#forwardingRuleAggregatedList for lists of forwarding rules.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "ForwardingRuleList": {
+      "description": "Contains a list of ForwardingRule resources.",
+      "id": "ForwardingRuleList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of ForwardingRule resources.",
+          "items": {
+            "$ref": "ForwardingRule"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#forwardingRuleList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "ForwardingRuleReference": {
+      "id": "ForwardingRuleReference",
+      "properties": {
+        "forwardingRule": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ForwardingRulesScopedList": {
+      "id": "ForwardingRulesScopedList",
+      "properties": {
+        "forwardingRules": {
+          "description": "List of forwarding rules contained in this scope.",
+          "items": {
+            "$ref": "ForwardingRule"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of forwarding rules when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "GlobalSetLabelsRequest": {
+      "id": "GlobalSetLabelsRequest",
+      "properties": {
+        "labelFingerprint": {
+          "description": "The fingerprint of the previous set of labels for this resource, used to detect conflicts. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash when updating or changing labels. Make a get() request to the resource to get the latest fingerprint.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "A list of labels to apply for this resource. Each label key \u0026 value must comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For example, \"webserver-frontend\": \"images\". A label value can also be empty (e.g. \"my-label\": \"\").",
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "GuestAttributes": {
+      "description": "A guest attributes entry.",
+      "id": "GuestAttributes",
+      "properties": {
+        "kind": {
+          "default": "compute#guestAttributes",
+          "description": "[Output Only] Type of the resource. Always compute#guestAttributes for guest attributes entry.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "variableKey": {
+          "description": "The key to search for.",
+          "type": "string"
+        },
+        "variableValue": {
+          "description": "[Output Only] The value found for the requested key.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GuestOsFeature": {
+      "description": "Guest OS features.",
+      "id": "GuestOsFeature",
+      "properties": {
+        "type": {
+          "description": "The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.",
+          "enum": [
+            "FEATURE_TYPE_UNSPECIFIED",
+            "MULTI_IP_SUBNET",
+            "SECURE_BOOT",
+            "UEFI_COMPATIBLE",
+            "VIRTIO_SCSI_MULTIQUEUE",
+            "WINDOWS"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "HTTP2HealthCheck": {
+      "id": "HTTP2HealthCheck",
+      "properties": {
+        "host": {
+          "description": "The value of the host header in the HTTP/2 health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.",
+          "type": "string"
+        },
+        "port": {
+          "description": "The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "portName": {
+          "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.",
+          "type": "string"
+        },
+        "portSpecification": {
+          "description": "Specifies how port is selected for health checking, can be one of following values:\nUSE_FIXED_PORT: The port number in\nport\nis used for health checking.\nUSE_NAMED_PORT: The\nportName\nis used for health checking.\nUSE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.\n\n\nIf not specified, HTTP2 health check follows behavior specified in\nport\nand\nportName\nfields.",
+          "enum": [
+            "USE_FIXED_PORT",
+            "USE_NAMED_PORT",
+            "USE_SERVING_PORT"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "proxyHeader": {
+          "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "requestPath": {
+          "description": "The request path of the HTTP/2 health check request. The default value is /.",
+          "type": "string"
+        },
+        "response": {
+          "description": "The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "HTTPHealthCheck": {
+      "id": "HTTPHealthCheck",
+      "properties": {
+        "host": {
+          "description": "The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.",
+          "type": "string"
+        },
+        "port": {
+          "description": "The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "portName": {
+          "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.",
+          "type": "string"
+        },
+        "portSpecification": {
+          "description": "Specifies how port is selected for health checking, can be one of following values:\nUSE_FIXED_PORT: The port number in\nport\nis used for health checking.\nUSE_NAMED_PORT: The\nportName\nis used for health checking.\nUSE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.\n\n\nIf not specified, HTTP health check follows behavior specified in\nport\nand\nportName\nfields.",
+          "enum": [
+            "USE_FIXED_PORT",
+            "USE_NAMED_PORT",
+            "USE_SERVING_PORT"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "proxyHeader": {
+          "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "requestPath": {
+          "description": "The request path of the HTTP health check request. The default value is /.",
+          "type": "string"
+        },
+        "response": {
+          "description": "The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "HTTPSHealthCheck": {
+      "id": "HTTPSHealthCheck",
+      "properties": {
+        "host": {
+          "description": "The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.",
+          "type": "string"
+        },
+        "port": {
+          "description": "The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "portName": {
+          "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.",
+          "type": "string"
+        },
+        "portSpecification": {
+          "description": "Specifies how port is selected for health checking, can be one of following values:\nUSE_FIXED_PORT: The port number in\nport\nis used for health checking.\nUSE_NAMED_PORT: The\nportName\nis used for health checking.\nUSE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.\n\n\nIf not specified, HTTPS health check follows behavior specified in\nport\nand\nportName\nfields.",
+          "enum": [
+            "USE_FIXED_PORT",
+            "USE_NAMED_PORT",
+            "USE_SERVING_PORT"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "proxyHeader": {
+          "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "requestPath": {
+          "description": "The request path of the HTTPS health check request. The default value is /.",
+          "type": "string"
+        },
+        "response": {
+          "description": "The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "HealthCheck": {
+      "description": "An HealthCheck resource. This resource defines a template for how individual virtual machines should be checked for health, via one of the supported protocols.",
+      "id": "HealthCheck",
+      "properties": {
+        "checkIntervalSec": {
+          "description": "How often (in seconds) to send a health check. The default value is 5 seconds.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in 3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "healthyThreshold": {
+          "description": "A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "http2HealthCheck": {
+          "$ref": "HTTP2HealthCheck"
+        },
+        "httpHealthCheck": {
+          "$ref": "HTTPHealthCheck"
+        },
+        "httpsHealthCheck": {
+          "$ref": "HTTPSHealthCheck"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#healthCheck",
+          "description": "Type of the resource.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sslHealthCheck": {
+          "$ref": "SSLHealthCheck"
+        },
+        "tcpHealthCheck": {
+          "$ref": "TCPHealthCheck"
+        },
+        "timeoutSec": {
+          "description": "How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "type": {
+          "description": "Specifies the type of the healthCheck, either TCP, SSL, HTTP or HTTPS. If not specified, the default is TCP. Exactly one of the protocol-specific health check field must be specified, which must match type field.",
+          "enum": [
+            "HTTP",
+            "HTTP2",
+            "HTTPS",
+            "INVALID",
+            "SSL",
+            "TCP",
+            "UDP"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "udpHealthCheck": {
+          "$ref": "UDPHealthCheck"
+        },
+        "unhealthyThreshold": {
+          "description": "A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "HealthCheckList": {
+      "description": "Contains a list of HealthCheck resources.",
+      "id": "HealthCheckList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of HealthCheck resources.",
+          "items": {
+            "$ref": "HealthCheck"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#healthCheckList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "HealthCheckReference": {
+      "description": "A full or valid partial URL to a health check. For example, the following are valid URLs:  \n- https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check \n- projects/project-id/global/httpHealthChecks/health-check \n- global/httpHealthChecks/health-check",
+      "id": "HealthCheckReference",
+      "properties": {
+        "healthCheck": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "HealthStatus": {
+      "id": "HealthStatus",
+      "properties": {
+        "healthState": {
+          "description": "Health state of the instance.",
+          "enum": [
+            "HEALTHY",
+            "UNHEALTHY"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "instance": {
+          "description": "URL of the instance resource.",
+          "type": "string"
+        },
+        "ipAddress": {
+          "description": "The IP address represented by this resource.",
+          "type": "string"
+        },
+        "port": {
+          "description": "The port on the instance.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "HealthStatusForNetworkEndpoint": {
+      "id": "HealthStatusForNetworkEndpoint",
+      "properties": {
+        "backendService": {
+          "$ref": "BackendServiceReference",
+          "description": "URL of the backend service associated with the health state of the network endpoint."
+        },
+        "forwardingRule": {
+          "$ref": "ForwardingRuleReference",
+          "description": "URL of the forwarding rule associated with the health state of the network endpoint."
+        },
+        "healthCheck": {
+          "$ref": "HealthCheckReference",
+          "description": "URL of the health check associated with the health state of the network endpoint."
+        },
+        "healthState": {
+          "description": "Health state of the network endpoint determined based on the health checks configured.",
+          "enum": [
+            "DRAINING",
+            "HEALTHY",
+            "UNHEALTHY",
+            "UNKNOWN"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Host": {
+      "id": "Host",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "[Output Only] An optional textual description of the resource.",
+          "type": "string"
+        },
+        "hostType": {
+          "description": "Full or partial URL of the host type resource to use for this host, in the format: zones/zone/hostTypes/host-type. This is provided by the client when the host is created. For example, the following is a valid partial url to a predefined host type:\nzones/us-central1-b/hostTypes/n1-host-64-416",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "instances": {
+          "description": "A list of resource URLs to the virtual machine instances in this host. They must live in zones contained in the same region as this host.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#host",
+          "description": "[Output Only] The type of the resource. Always compute#host for host.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.\n\nTo see the latest fingerprint, make get() request to the host.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this host.",
+          "type": "object"
+        },
+        "name": {
+          "description": "The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the host. One of the following values: CREATING, READY, REPAIR, and DELETING.",
+          "enum": [
+            "CREATING",
+            "DELETING",
+            "INVALID",
+            "READY",
+            "REPAIR"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "statusMessage": {
+          "description": "[Output Only] An optional, human-readable explanation of the status.",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] The name of the zone where the host resides, such as us-central1-a.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "HostAggregatedList": {
+      "id": "HostAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "HostsScopedList",
+            "description": "[Output Only] Name of the scope containing this set of hosts."
+          },
+          "description": "A list of HostsScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#hostAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#hostAggregatedList for aggregated lists of hosts.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "HostList": {
+      "description": "Contains a list of hosts.",
+      "id": "HostList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Host resources.",
+          "items": {
+            "$ref": "Host"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#hostList",
+          "description": "[Output Only] Type of resource. Always compute#hostList for lists of hosts.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "HostRule": {
+      "description": "UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.",
+      "id": "HostRule",
+      "properties": {
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "hosts": {
+          "description": "The list of host patterns to match. They must be valid hostnames, except * will match any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "pathMatcher": {
+          "description": "The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "HostType": {
+      "description": "A Host Type resource.",
+      "id": "HostType",
+      "properties": {
+        "cpuPlatform": {
+          "description": "[Output Only] The CPU platform used by this host type.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "deprecated": {
+          "$ref": "DeprecationStatus",
+          "description": "[Output Only] The deprecation status associated with this host type."
+        },
+        "description": {
+          "description": "[Output Only] An optional textual description of the resource.",
+          "type": "string"
+        },
+        "guestCpus": {
+          "description": "[Output Only] The number of virtual CPUs that are available to the host type.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#hostType",
+          "description": "[Output Only] The type of the resource. Always compute#hostType for host types.",
+          "type": "string"
+        },
+        "localSsdGb": {
+          "description": "[Output Only] Local SSD available to the host type, defined in GB.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "memoryMb": {
+          "description": "[Output Only] The amount of physical memory available to the host type, defined in MB.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] The name of the zone where the host type resides, such as us-central1-a.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "HostTypeAggregatedList": {
+      "id": "HostTypeAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "HostTypesScopedList",
+            "description": "[Output Only] Name of the scope containing this set of host types."
+          },
+          "description": "A list of HostTypesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#hostTypeAggregatedList",
+          "description": "[Output Only] Type of resource.Always compute#hostTypeAggregatedList for aggregated lists of host types.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "HostTypeList": {
+      "description": "Contains a list of host types.",
+      "id": "HostTypeList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of HostType resources.",
+          "items": {
+            "$ref": "HostType"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#hostTypeList",
+          "description": "[Output Only] Type of resource.Always compute#hostTypeList for lists of host types.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "HostTypesScopedList": {
+      "id": "HostTypesScopedList",
+      "properties": {
+        "hostTypes": {
+          "description": "[Output Only] List of host types contained in this scope.",
+          "items": {
+            "$ref": "HostType"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] An informational warning that appears when the host types list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "HostsScopedList": {
+      "id": "HostsScopedList",
+      "properties": {
+        "hosts": {
+          "description": "[Output Only] List of hosts contained in this scope.",
+          "items": {
+            "$ref": "Host"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] An informational warning that appears when the host list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "HourlyMaintenanceWindow": {
+      "description": "Time window specified for hourly maintenance operations.",
+      "id": "HourlyMaintenanceWindow",
+      "properties": {
+        "duration": {
+          "description": "[Output only] Duration of the time window, automatically chosen to be smallest possible in the given scenario.",
+          "type": "string"
+        },
+        "hoursInCycle": {
+          "description": "Allows to define schedule that runs every nth hour.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "startTime": {
+          "description": "Time within the maintenance window to start the maintenance operations. It must be in format \"HH:MM?, where HH : [00-23] and MM : [00-59] GMT.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "HttpHealthCheck": {
+      "description": "An HttpHealthCheck resource. This resource defines a template for how individual instances should be checked for health, via HTTP.",
+      "id": "HttpHealthCheck",
+      "properties": {
+        "checkIntervalSec": {
+          "description": "How often (in seconds) to send a health check. The default value is 5 seconds.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "healthyThreshold": {
+          "description": "A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "host": {
+          "description": "The value of the host header in the HTTP health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#httpHealthCheck",
+          "description": "[Output Only] Type of the resource. Always compute#httpHealthCheck for HTTP health checks.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "port": {
+          "description": "The TCP port number for the HTTP health check request. The default value is 80.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "requestPath": {
+          "description": "The request path of the HTTP health check request. The default value is /.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "timeoutSec": {
+          "description": "How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "unhealthyThreshold": {
+          "description": "A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "HttpHealthCheckList": {
+      "description": "Contains a list of HttpHealthCheck resources.",
+      "id": "HttpHealthCheckList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of HttpHealthCheck resources.",
+          "items": {
+            "$ref": "HttpHealthCheck"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#httpHealthCheckList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "HttpsHealthCheck": {
+      "description": "An HttpsHealthCheck resource. This resource defines a template for how individual instances should be checked for health, via HTTPS.",
+      "id": "HttpsHealthCheck",
+      "properties": {
+        "checkIntervalSec": {
+          "description": "How often (in seconds) to send a health check. The default value is 5 seconds.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "healthyThreshold": {
+          "description": "A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "host": {
+          "description": "The value of the host header in the HTTPS health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#httpsHealthCheck",
+          "description": "Type of the resource.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "port": {
+          "description": "The TCP port number for the HTTPS health check request. The default value is 443.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "requestPath": {
+          "description": "The request path of the HTTPS health check request. The default value is \"/\".",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "timeoutSec": {
+          "description": "How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have a greater value than checkIntervalSec.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "unhealthyThreshold": {
+          "description": "A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "HttpsHealthCheckList": {
+      "description": "Contains a list of HttpsHealthCheck resources.",
+      "id": "HttpsHealthCheckList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of HttpsHealthCheck resources.",
+          "items": {
+            "$ref": "HttpsHealthCheck"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#httpsHealthCheckList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "Image": {
+      "description": "An Image resource. (== resource_for beta.images ==) (== resource_for v1.images ==)",
+      "id": "Image",
+      "properties": {
+        "archiveSizeBytes": {
+          "description": "Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).",
+          "format": "int64",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "deprecated": {
+          "$ref": "DeprecationStatus",
+          "description": "The deprecation status associated with this image."
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "diskSizeGb": {
+          "description": "Size of the image when restored onto a persistent disk (in GB).",
+          "format": "int64",
+          "type": "string"
+        },
+        "family": {
+          "description": "The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.",
+          "type": "string"
+        },
+        "guestOsFeatures": {
+          "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.",
+          "items": {
+            "$ref": "GuestOsFeature"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "imageEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "Encrypts the image using a customer-supplied encryption key.\n\nAfter you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).\n\nCustomer-supplied encryption keys do not protect access to metadata of the disk.\n\nIf you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later."
+        },
+        "kind": {
+          "default": "compute#image",
+          "description": "[Output Only] Type of the resource. Always compute#image for images.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an image.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this image. These can be later modified by the setLabels method.",
+          "type": "object"
+        },
+        "licenseCodes": {
+          "description": "Integer license codes indicating which licenses are attached to this image.",
+          "items": {
+            "format": "int64",
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "licenses": {
+          "description": "Any applicable license URI.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.images.insert"
+            ]
+          },
+          "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "rawDisk": {
+          "description": "The parameters of the raw disk image.",
+          "properties": {
+            "containerType": {
+              "description": "The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.",
+              "enum": [
+                "TAR"
+              ],
+              "enumDescriptions": [
+                ""
+              ],
+              "type": "string"
+            },
+            "sha1Checksum": {
+              "description": "An optional SHA1 checksum of the disk image before unpackaging; provided by the client when the disk image is created.",
+              "pattern": "[a-f0-9]{40}",
+              "type": "string"
+            },
+            "source": {
+              "annotations": {
+                "required": [
+                  "compute.images.insert"
+                ]
+              },
+              "description": "The full Google Cloud Storage URL where the disk image is stored. You must provide either this property or the sourceDisk property but not both.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sourceDisk": {
+          "description": "URL of the source disk used to create this image. This can be a full or valid partial URL. You must provide either this property or the rawDisk.source property but not both to create an image. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk \n- projects/project/zones/zone/disks/disk \n- zones/zone/disks/disk",
+          "type": "string"
+        },
+        "sourceDiskEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key."
+        },
+        "sourceDiskId": {
+          "description": "The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.",
+          "type": "string"
+        },
+        "sourceImage": {
+          "description": "URL of the source image used to create this image. This can be a full or valid partial URL. You must provide exactly one of:  \n- this property, or  \n- the rawDisk.source property, or  \n- the sourceDisk property   in order to create an image.",
+          "type": "string"
+        },
+        "sourceImageEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key."
+        },
+        "sourceImageId": {
+          "description": "[Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.",
+          "type": "string"
+        },
+        "sourceSnapshot": {
+          "description": "URL of the source snapshot used to create this image. This can be a full or valid partial URL. You must provide exactly one of:  \n- this property, or  \n- the sourceImage property, or  \n- the rawDisk.source property, or  \n- the sourceDisk property   in order to create an image.",
+          "type": "string"
+        },
+        "sourceSnapshotEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key."
+        },
+        "sourceSnapshotId": {
+          "description": "[Output Only] The ID value of the snapshot used to create this image. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given snapshot name.",
+          "type": "string"
+        },
+        "sourceType": {
+          "default": "RAW",
+          "description": "The type of the image used to create this disk. The default and only value is RAW",
+          "enum": [
+            "RAW"
+          ],
+          "enumDescriptions": [
+            ""
+          ],
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the image. An image can be used to create other resources, such as instances, only after the image has been successfully created and the status is set to READY. Possible values are FAILED, PENDING, or READY.",
+          "enum": [
+            "FAILED",
+            "PENDING",
+            "READY"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ImageList": {
+      "description": "Contains a list of images.",
+      "id": "ImageList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Image resources.",
+          "items": {
+            "$ref": "Image"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#imageList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "Instance": {
+      "description": "An Instance resource. (== resource_for beta.instances ==) (== resource_for v1.instances ==)",
+      "id": "Instance",
+      "properties": {
+        "canIpForward": {
+          "description": "Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.",
+          "type": "boolean"
+        },
+        "cpuPlatform": {
+          "description": "[Output Only] The CPU platform used by this instance.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "deletionProtection": {
+          "description": "Whether the resource should be protected against deletion.",
+          "type": "boolean"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "disks": {
+          "description": "Array of disks associated with this instance. Persistent disks must be created before you can assign them.",
+          "items": {
+            "$ref": "AttachedDisk"
+          },
+          "type": "array"
+        },
+        "guestAccelerators": {
+          "description": "List of the type and count of accelerator cards attached to the instance.",
+          "items": {
+            "$ref": "AcceleratorConfig"
+          },
+          "type": "array"
+        },
+        "host": {
+          "description": "Full or partial URL of the host resource that the instance should be placed on, in the format: zones/zone/hosts/host.\n\nOptional, sole-tenant Host (physical machine) that the instance will be placed on when it's created. The instance is guaranteed to be placed on the same machine as other instances with the same sole-tenant host.\n\nThe request will be rejected if the sole-tenant host has run out of resources.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "instanceEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "Encrypts or decrypts data for an instance with a customer-supplied encryption key.\n\nIf you are creating a new instance, this field encrypts the local SSD and in-memory contents of the instance using a key that you provide.\n\nIf you are restarting an instance protected with a customer-supplied encryption key, you must provide the correct key in order to successfully restart the instance.\n\nIf you do not provide an encryption key when creating the instance, then the local SSD and in-memory contents will be encrypted using an automatically generated key and you do not need to provide a key to start the instance later.\n\nInstance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt local SSDs and in-memory content in a managed instance group."
+        },
+        "kind": {
+          "default": "compute#instance",
+          "description": "[Output Only] Type of the resource. Always compute#instance for instances.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.\n\nTo see the latest fingerprint, make get() request to the instance.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this instance. These can be later modified by the setLabels method.",
+          "type": "object"
+        },
+        "machineType": {
+          "annotations": {
+            "required": [
+              "compute.instances.insert"
+            ]
+          },
+          "description": "Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:\nzones/us-central1-f/machineTypes/n1-standard-1\n\n\nTo create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):\nzones/zone/machineTypes/custom-CPUS-MEMORY\n\n\nFor example: zones/us-central1-f/machineTypes/custom-4-5120 \n\nFor a full list of restrictions, read the Specifications for custom machine types.",
+          "type": "string"
+        },
+        "maintenancePolicies": {
+          "description": "Maintenance policies applied to this instance.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "metadata": {
+          "$ref": "Metadata",
+          "description": "The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys."
+        },
+        "minCpuPlatform": {
+          "description": "Specifies a minimum CPU platform for the VM instance. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\".",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.instances.insert"
+            ]
+          },
+          "description": "The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "networkInterfaces": {
+          "description": "An array of network configurations for this instance. These specify how interfaces are configured to interact with other network services, such as connecting to the internet. Multiple interfaces are supported per instance.",
+          "items": {
+            "$ref": "NetworkInterface"
+          },
+          "type": "array"
+        },
+        "preservedStateSizeGb": {
+          "description": "Total amount of preserved state for SUSPENDED instances. Read-only in the api.",
+          "format": "int64",
+          "type": "string"
+        },
+        "scheduling": {
+          "$ref": "Scheduling",
+          "description": "Sets the scheduling options for this instance."
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "serviceAccounts": {
+          "description": "A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.\n\nService accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.",
+          "items": {
+            "$ref": "ServiceAccount"
+          },
+          "type": "array"
+        },
+        "shieldedVmConfig": {
+          "$ref": "ShieldedVmConfig"
+        },
+        "startRestricted": {
+          "description": "[Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.",
+          "type": "boolean"
+        },
+        "status": {
+          "description": "[Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, STOPPED, SUSPENDING, SUSPENDED, and TERMINATED.",
+          "enum": [
+            "PROVISIONING",
+            "RUNNING",
+            "STAGING",
+            "STOPPED",
+            "STOPPING",
+            "SUSPENDED",
+            "SUSPENDING",
+            "TERMINATED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "statusMessage": {
+          "description": "[Output Only] An optional, human-readable explanation of the status.",
+          "type": "string"
+        },
+        "tags": {
+          "$ref": "Tags",
+          "description": "A list of tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035."
+        },
+        "zone": {
+          "description": "[Output Only] URL of the zone where the instance resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceAggregatedList": {
+      "id": "InstanceAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "InstancesScopedList",
+            "description": "[Output Only] Name of the scope containing this set of instances."
+          },
+          "description": "A list of InstancesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#instanceAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#instanceAggregatedList for aggregated lists of Instance resources.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroup": {
+      "description": "InstanceGroups (== resource_for beta.instanceGroups ==) (== resource_for v1.instanceGroups ==) (== resource_for beta.regionInstanceGroups ==) (== resource_for v1.regionInstanceGroups ==)",
+      "id": "InstanceGroup",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] The creation timestamp for this instance group in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "fingerprint": {
+          "description": "[Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.",
+          "format": "byte",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] A unique identifier for this instance group, generated by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#instanceGroup",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroup for instance groups.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.instanceGroupManagers.insert"
+            ]
+          },
+          "description": "The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "namedPorts": {
+          "description": "Assigns a name to a port number. For example: {name: \"http\", port: 80}\n\nThis allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: \"http\", port: 80},{name: \"http\", port: 8080}] \n\nNamed ports apply to all instances in this instance group.",
+          "items": {
+            "$ref": "NamedPort"
+          },
+          "type": "array"
+        },
+        "network": {
+          "description": "The URL of the network to which all instances in the instance group belong.",
+          "type": "string"
+        },
+        "region": {
+          "description": "The URL of the region where the instance group is located (for regional resources).",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] The URL for this instance group. The server generates this URL.",
+          "type": "string"
+        },
+        "size": {
+          "description": "[Output Only] The total number of instances in the instance group.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "subnetwork": {
+          "description": "The URL of the subnetwork to which all instances in the instance group belong.",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] The URL of the zone where the instance group is located (for zonal resources).",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupAggregatedList": {
+      "id": "InstanceGroupAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "InstanceGroupsScopedList",
+            "description": "The name of the scope that contains this set of instance groups."
+          },
+          "description": "A list of InstanceGroupsScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#instanceGroupAggregatedList",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupAggregatedList for aggregated lists of instance groups.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupList": {
+      "description": "A list of InstanceGroup resources.",
+      "id": "InstanceGroupList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceGroup resources.",
+          "items": {
+            "$ref": "InstanceGroup"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#instanceGroupList",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupList for instance group lists.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManager": {
+      "description": "An Instance Group Manager resource. (== resource_for beta.instanceGroupManagers ==) (== resource_for v1.instanceGroupManagers ==) (== resource_for beta.regionInstanceGroupManagers ==) (== resource_for v1.regionInstanceGroupManagers ==)",
+      "id": "InstanceGroupManager",
+      "properties": {
+        "activities": {
+          "$ref": "InstanceGroupManagerActivities"
+        },
+        "autoHealingPolicies": {
+          "description": "The autohealing policy for this managed instance group. You can specify only one value.",
+          "items": {
+            "$ref": "InstanceGroupManagerAutoHealingPolicy"
+          },
+          "type": "array"
+        },
+        "baseInstanceName": {
+          "annotations": {
+            "required": [
+              "compute.instanceGroupManagers.insert"
+            ]
+          },
+          "description": "The base instance name to use for instances in this group. The value must be 1-58 characters long. Instances are named by appending a hyphen and a random four-character string to the base instance name. The base instance name must comply with RFC1035.",
+          "pattern": "[a-z][-a-z0-9]{0,57}",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] The creation timestamp for this managed instance group in RFC3339 text format.",
+          "type": "string"
+        },
+        "currentActions": {
+          "$ref": "InstanceGroupManagerActionsSummary",
+          "description": "[Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions."
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "distributionPolicy": {
+          "$ref": "DistributionPolicy",
+          "description": "Policy valid only for regional managed instance groups."
+        },
+        "failoverAction": {
+          "description": "The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.",
+          "enum": [
+            "NO_FAILOVER",
+            "UNKNOWN"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "fingerprint": {
+          "description": "[Output Only] The fingerprint of the resource data. You can use this optional field for optimistic locking when you update the resource.",
+          "format": "byte",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] A unique identifier for this resource type. The server generates this identifier.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "instanceGroup": {
+          "description": "[Output Only] The URL of the Instance Group resource.",
+          "type": "string"
+        },
+        "instanceTemplate": {
+          "description": "The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group.",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#instanceGroupManager",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.instanceGroupManagers.insert",
+              "compute.regionInstanceGroupManagers.insert"
+            ]
+          },
+          "description": "The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "namedPorts": {
+          "description": "Named ports configured for the Instance Groups complementary to this Instance Group Manager.",
+          "items": {
+            "$ref": "NamedPort"
+          },
+          "type": "array"
+        },
+        "pendingActions": {
+          "$ref": "InstanceGroupManagerPendingActionsSummary",
+          "description": "[Output Only] The list of instance actions and the number of instances in this managed instance group that are pending for each of those actions."
+        },
+        "region": {
+          "description": "[Output Only] The URL of the region where the managed instance group resides (for regional resources).",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] The URL for this managed instance group. The server defines this URL.",
+          "type": "string"
+        },
+        "serviceAccount": {
+          "description": "[Output Only] The service account to be used as credentials for all operations performed by the managed instance group on instances. The service accounts needs all permissions required to create and delete instances. By default, the service account {projectNumber}@cloudservices.gserviceaccount.com is used.",
+          "type": "string"
+        },
+        "statefulPolicy": {
+          "$ref": "StatefulPolicy",
+          "description": "Stateful configuration for this Instanced Group Manager"
+        },
+        "targetPools": {
+          "description": "The URLs for all TargetPool resources to which instances in the instanceGroup field are added. The target pools automatically apply to all of the instances in the managed instance group.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "targetSize": {
+          "annotations": {
+            "required": [
+              "compute.instanceGroupManagers.insert",
+              "compute.regionInstanceGroupManagers.insert"
+            ]
+          },
+          "description": "The target number of running instances for this managed instance group. Deleting or abandoning instances reduces this number. Resizing the group changes this number.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "updatePolicy": {
+          "$ref": "InstanceGroupManagerUpdatePolicy",
+          "description": "The update policy for this managed instance group."
+        },
+        "versions": {
+          "description": "Specifies the instance templates used by this managed instance group to create instances.\n\nEach version is defined by an instanceTemplate. Every template can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.",
+          "items": {
+            "$ref": "InstanceGroupManagerVersion"
+          },
+          "type": "array"
+        },
+        "zone": {
+          "description": "[Output Only] The URL of the zone where the managed instance group is located (for zonal resources).",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagerActionsSummary": {
+      "id": "InstanceGroupManagerActionsSummary",
+      "properties": {
+        "abandoning": {
+          "description": "[Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "creating": {
+          "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.\n\nIf you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "creatingWithoutRetries": {
+          "description": "[Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "deleting": {
+          "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "none": {
+          "description": "[Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "recreating": {
+          "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be recreated or are currently being being recreated. Recreating an instance deletes the existing root persistent disk and creates a new disk from the image that is defined in the instance template.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "refreshing": {
+          "description": "[Output Only] The number of instances in the managed instance group that are being reconfigured with properties that do not require a restart or a recreate action. For example, setting or removing target pools for the instance.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "restarting": {
+          "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be restarted or are currently being restarted.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "verifying": {
+          "description": "[Output Only] The number of instances in the managed instance group that are being verified. See the managedInstances[].currentAction property in the listManagedInstances method documentation.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagerActivities": {
+      "id": "InstanceGroupManagerActivities",
+      "properties": {
+        "autohealing": {
+          "enum": [
+            "PERMITTED",
+            "PROHIBITED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "autohealingHealthCheckBased": {
+          "enum": [
+            "PERMITTED",
+            "PROHIBITED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "autoscalingDown": {
+          "enum": [
+            "PERMITTED",
+            "PROHIBITED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "autoscalingUp": {
+          "enum": [
+            "PERMITTED",
+            "PROHIBITED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "creatingInstances": {
+          "enum": [
+            "PERMITTED",
+            "PROHIBITED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "deletingInstances": {
+          "enum": [
+            "PERMITTED",
+            "PROHIBITED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "recreatingInstances": {
+          "enum": [
+            "PERMITTED",
+            "PROHIBITED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagerAggregatedList": {
+      "id": "InstanceGroupManagerAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "InstanceGroupManagersScopedList",
+            "description": "[Output Only] The name of the scope that contains this set of managed instance groups."
+          },
+          "description": "A list of InstanceGroupManagersScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#instanceGroupManagerAggregatedList",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupManagerAggregatedList for an aggregated list of managed instance groups.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagerAutoHealingPolicy": {
+      "id": "InstanceGroupManagerAutoHealingPolicy",
+      "properties": {
+        "healthCheck": {
+          "description": "The URL for the health check that signals autohealing.",
+          "type": "string"
+        },
+        "initialDelaySec": {
+          "description": "The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances. This initial delay allows instances to initialize and run their startup scripts before the instance group determines that they are UNHEALTHY. This prevents the managed instance group from recreating its instances prematurely. This value must be from range [0, 3600].",
+          "format": "int32",
+          "type": "integer"
+        },
+        "maxUnavailable": {
+          "$ref": "FixedOrPercent",
+          "description": "Maximum number of instances that can be unavailable when autohealing. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's liveness health check result was observed to be HEALTHY at least once. By default, a percent value of 100% is used."
+        },
+        "mode": {
+          "description": "Defines operating mode for this policy.",
+          "enum": [
+            "OFF",
+            "ON"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagerList": {
+      "description": "[Output Only] A list of managed instance groups.",
+      "id": "InstanceGroupManagerList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceGroupManager resources.",
+          "items": {
+            "$ref": "InstanceGroupManager"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#instanceGroupManagerList",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupManagerList for a list of managed instance groups.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagerPendingActionsSummary": {
+      "id": "InstanceGroupManagerPendingActionsSummary",
+      "properties": {
+        "creating": {
+          "description": "[Output Only] The number of instances in the managed instance group that are pending to be created.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "deleting": {
+          "description": "[Output Only] The number of instances in the managed instance group that are pending to be deleted.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "recreating": {
+          "description": "[Output Only] The number of instances in the managed instance group that are pending to be recreated.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "restarting": {
+          "description": "[Output Only] The number of instances in the managed instance group that are pending to be restarted.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagerUpdatePolicy": {
+      "id": "InstanceGroupManagerUpdatePolicy",
+      "properties": {
+        "maxSurge": {
+          "$ref": "FixedOrPercent",
+          "description": "The maximum number of instances that can be created above the specified targetSize during the update process. By default, a fixed value of 1 is used. This value can be either a fixed number or a percentage if the instance group has 10 or more instances. If you set a percentage, the number of instances will be rounded up if necessary.\n\nAt least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge."
+        },
+        "maxUnavailable": {
+          "$ref": "FixedOrPercent",
+          "description": "The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:\n\n \n- The instance's status is RUNNING. \n- If there is a health check on the instance group, the instance's liveness health check result must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  By default, a fixed value of 1 is used. This value can be either a fixed number or a percentage if the instance group has 10 or more instances. If you set a percentage, the number of instances will be rounded up if necessary.\n\nAt least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable."
+        },
+        "minReadySec": {
+          "description": "Minimum number of seconds to wait for after a newly created instance becomes available. This value must be from range [0, 3600].",
+          "format": "int32",
+          "type": "integer"
+        },
+        "minimalAction": {
+          "description": "Minimal action to be taken on an instance. You can specify either RESTART to restart existing instances or REPLACE to delete and create new instances from the target template. If you specify a code\u003eRESTART, the Updater will attempt to perform that action only. However, if the Updater determines that the minimal action you specify is not enough to perform the update, it might perform a more disruptive action.",
+          "enum": [
+            "NONE",
+            "REFRESH",
+            "REPLACE",
+            "RESTART"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "type": {
+          "enum": [
+            "OPPORTUNISTIC",
+            "PROACTIVE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagerVersion": {
+      "id": "InstanceGroupManagerVersion",
+      "properties": {
+        "instanceTemplate": {
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the version. Unique among all versions in the scope of this managed instance group.",
+          "type": "string"
+        },
+        "tag": {
+          "description": "Tag describing the version. Used to trigger rollout of a target version even if instance_template remains unchanged. Deprecated in favor of 'name'.",
+          "type": "string"
+        },
+        "targetSize": {
+          "$ref": "FixedOrPercent",
+          "description": "Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:  \n- If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. \n- if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded up.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information."
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersAbandonInstancesRequest": {
+      "id": "InstanceGroupManagersAbandonInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The URLs of one or more instances to abandon. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersApplyUpdatesRequest": {
+      "description": "InstanceGroupManagers.applyUpdatesToInstances",
+      "id": "InstanceGroupManagersApplyUpdatesRequest",
+      "properties": {
+        "instances": {
+          "description": "The list of URLs of one or more instances for which we want to apply updates on this managed instance group. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "maximalAction": {
+          "description": "The maximal action that should be perfomed on the instances. By default REPLACE.",
+          "enum": [
+            "NONE",
+            "REFRESH",
+            "REPLACE",
+            "RESTART"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "minimalAction": {
+          "description": "The minimal action that should be perfomed on the instances. By default NONE.",
+          "enum": [
+            "NONE",
+            "REFRESH",
+            "REPLACE",
+            "RESTART"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersDeleteInstancesRequest": {
+      "id": "InstanceGroupManagersDeleteInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The URLs of one or more instances to delete. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersDeletePerInstanceConfigsReq": {
+      "description": "InstanceGroupManagers.deletePerInstanceConfigs",
+      "id": "InstanceGroupManagersDeletePerInstanceConfigsReq",
+      "properties": {
+        "instances": {
+          "description": "The list of instances for which we want to delete per-instance configs on this managed instance group.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersListManagedInstancesResponse": {
+      "id": "InstanceGroupManagersListManagedInstancesResponse",
+      "properties": {
+        "managedInstances": {
+          "description": "[Output Only] The list of instances in the managed instance group.",
+          "items": {
+            "$ref": "ManagedInstance"
+          },
+          "type": "array"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersListPerInstanceConfigsResp": {
+      "id": "InstanceGroupManagersListPerInstanceConfigsResp",
+      "properties": {
+        "items": {
+          "description": "[Output Only] The list of PerInstanceConfig.",
+          "items": {
+            "$ref": "PerInstanceConfig"
+          },
+          "type": "array"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersRecreateInstancesRequest": {
+      "id": "InstanceGroupManagersRecreateInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The URLs of one or more instances to recreate. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersResizeAdvancedRequest": {
+      "id": "InstanceGroupManagersResizeAdvancedRequest",
+      "properties": {
+        "noCreationRetries": {
+          "description": "If this flag is true, the managed instance group attempts to create all instances initiated by this resize request only once. If there is an error during creation, the managed instance group does not retry create this instance, and we will decrease the targetSize of the request instead. If the flag is false, the group attemps to recreate each instance continuously until it succeeds.\n\nThis flag matters only in the first attempt of creation of an instance. After an instance is successfully created while this flag is enabled, the instance behaves the same way as all the other instances created with a regular resize request. In particular, if a running instance dies unexpectedly at a later time and needs to be recreated, this mode does not affect the recreation behavior in that scenario.\n\nThis flag is applicable only to the current resize request. It does not influence other resize requests in any way.\n\nYou can see which instances is being creating in which mode by calling the get or listManagedInstances API.",
+          "type": "boolean"
+        },
+        "targetSize": {
+          "description": "The number of running instances that the managed instance group should maintain at any given time. The group automatically adds or removes instances to maintain the number of instances specified by this parameter.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersScopedList": {
+      "id": "InstanceGroupManagersScopedList",
+      "properties": {
+        "instanceGroupManagers": {
+          "description": "[Output Only] The list of managed instance groups that are contained in the specified project and zone.",
+          "items": {
+            "$ref": "InstanceGroupManager"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] The warning that replaces the list of managed instance groups when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersSetAutoHealingRequest": {
+      "id": "InstanceGroupManagersSetAutoHealingRequest",
+      "properties": {
+        "autoHealingPolicies": {
+          "items": {
+            "$ref": "InstanceGroupManagerAutoHealingPolicy"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersSetInstanceTemplateRequest": {
+      "id": "InstanceGroupManagersSetInstanceTemplateRequest",
+      "properties": {
+        "instanceTemplate": {
+          "description": "The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersSetTargetPoolsRequest": {
+      "id": "InstanceGroupManagersSetTargetPoolsRequest",
+      "properties": {
+        "fingerprint": {
+          "description": "The fingerprint of the target pools information. Use this optional property to prevent conflicts when multiple users change the target pools settings concurrently. Obtain the fingerprint with the instanceGroupManagers.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.",
+          "format": "byte",
+          "type": "string"
+        },
+        "targetPools": {
+          "description": "The list of target pool URLs that instances in this managed instance group belong to. The managed instance group applies these target pools to all of the instances in the group. Existing instances and new instances in the group all receive these target pool settings.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersUpdatePerInstanceConfigsReq": {
+      "description": "InstanceGroupManagers.updatePerInstanceConfigs",
+      "id": "InstanceGroupManagersUpdatePerInstanceConfigsReq",
+      "properties": {
+        "perInstanceConfigs": {
+          "description": "The list of per-instance configs to insert or patch on this managed instance group.",
+          "items": {
+            "$ref": "PerInstanceConfig"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupsAddInstancesRequest": {
+      "id": "InstanceGroupsAddInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The list of instances to add to the instance group.",
+          "items": {
+            "$ref": "InstanceReference"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupsListInstances": {
+      "id": "InstanceGroupsListInstances",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceWithNamedPorts resources.",
+          "items": {
+            "$ref": "InstanceWithNamedPorts"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#instanceGroupsListInstances",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupsListInstances for the list of instances in the specified instance group.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupsListInstancesRequest": {
+      "id": "InstanceGroupsListInstancesRequest",
+      "properties": {
+        "instanceState": {
+          "description": "A filter for the state of the instances in the instance group. Valid options are ALL or RUNNING. If you do not specify this parameter the list includes all instances regardless of their state.",
+          "enum": [
+            "ALL",
+            "RUNNING"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupsRemoveInstancesRequest": {
+      "id": "InstanceGroupsRemoveInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The list of instances to remove from the instance group.",
+          "items": {
+            "$ref": "InstanceReference"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupsScopedList": {
+      "id": "InstanceGroupsScopedList",
+      "properties": {
+        "instanceGroups": {
+          "description": "[Output Only] The list of instance groups that are contained in this scope.",
+          "items": {
+            "$ref": "InstanceGroup"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] An informational warning that replaces the list of instance groups when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupsSetNamedPortsRequest": {
+      "id": "InstanceGroupsSetNamedPortsRequest",
+      "properties": {
+        "fingerprint": {
+          "description": "The fingerprint of the named ports information for this instance group. Use this optional property to prevent conflicts when multiple users change the named ports settings concurrently. Obtain the fingerprint with the instanceGroups.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.",
+          "format": "byte",
+          "type": "string"
+        },
+        "namedPorts": {
+          "description": "The list of named ports to set for this instance group.",
+          "items": {
+            "$ref": "NamedPort"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceList": {
+      "description": "Contains a list of instances.",
+      "id": "InstanceList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Instance resources.",
+          "items": {
+            "$ref": "Instance"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#instanceList",
+          "description": "[Output Only] Type of resource. Always compute#instanceList for lists of Instance resources.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceListReferrers": {
+      "description": "Contains a list of instance referrers.",
+      "id": "InstanceListReferrers",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Reference resources.",
+          "items": {
+            "$ref": "Reference"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#instanceListReferrers",
+          "description": "[Output Only] Type of resource. Always compute#instanceListReferrers for lists of Instance referrers.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceMoveRequest": {
+      "id": "InstanceMoveRequest",
+      "properties": {
+        "destinationZone": {
+          "description": "The URL of the destination zone to move the instance. This can be a full or partial URL. For example, the following are all valid URLs to a zone:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone \n- projects/project/zones/zone \n- zones/zone",
+          "type": "string"
+        },
+        "targetInstance": {
+          "description": "The URL of the target instance to move. This can be a full or partial URL. For example, the following are all valid URLs to an instance:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance \n- projects/project/zones/zone/instances/instance \n- zones/zone/instances/instance",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceProperties": {
+      "description": "",
+      "id": "InstanceProperties",
+      "properties": {
+        "canIpForward": {
+          "description": "Enables instances created based on this template to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.",
+          "type": "boolean"
+        },
+        "description": {
+          "description": "An optional text description for the instances that are created from this instance template.",
+          "type": "string"
+        },
+        "disks": {
+          "description": "An array of disks that are associated with the instances that are created from this template.",
+          "items": {
+            "$ref": "AttachedDisk"
+          },
+          "type": "array"
+        },
+        "guestAccelerators": {
+          "description": "A list of guest accelerator cards' type and count to use for instances created from the instance template.",
+          "items": {
+            "$ref": "AcceleratorConfig"
+          },
+          "type": "array"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to instances that are created from this template.",
+          "type": "object"
+        },
+        "machineType": {
+          "annotations": {
+            "required": [
+              "compute.instanceTemplates.insert"
+            ]
+          },
+          "description": "The machine type to use for instances that are created from this template.",
+          "type": "string"
+        },
+        "metadata": {
+          "$ref": "Metadata",
+          "description": "The metadata key/value pairs to assign to instances that are created from this template. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information."
+        },
+        "minCpuPlatform": {
+          "description": "Minimum cpu/platform to be used by this instance. The instance may be scheduled on the specified or newer cpu/platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\". For more information, read Specifying a Minimum CPU Platform.",
+          "type": "string"
+        },
+        "networkInterfaces": {
+          "description": "An array of network access configurations for this interface.",
+          "items": {
+            "$ref": "NetworkInterface"
+          },
+          "type": "array"
+        },
+        "scheduling": {
+          "$ref": "Scheduling",
+          "description": "Specifies the scheduling options for the instances that are created from this template."
+        },
+        "serviceAccounts": {
+          "description": "A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from this template. Use metadata queries to obtain the access tokens for these instances.",
+          "items": {
+            "$ref": "ServiceAccount"
+          },
+          "type": "array"
+        },
+        "shieldedVmConfig": {
+          "$ref": "ShieldedVmConfig",
+          "description": "Specifies the Shielded VM options for the instances that are created from this template."
+        },
+        "tags": {
+          "$ref": "Tags",
+          "description": "A list of tags to apply to the instances that are created from this template. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035."
+        }
+      },
+      "type": "object"
+    },
+    "InstanceReference": {
+      "id": "InstanceReference",
+      "properties": {
+        "instance": {
+          "description": "The URL for a specific instance.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceTemplate": {
+      "description": "An Instance Template resource. (== resource_for beta.instanceTemplates ==) (== resource_for v1.instanceTemplates ==)",
+      "id": "InstanceTemplate",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] The creation timestamp for this instance template in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] A unique identifier for this instance template. The server defines this identifier.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#instanceTemplate",
+          "description": "[Output Only] The resource type, which is always compute#instanceTemplate for instance templates.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.instanceTemplates.insert"
+            ]
+          },
+          "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "properties": {
+          "$ref": "InstanceProperties",
+          "description": "The instance properties for this instance template."
+        },
+        "selfLink": {
+          "description": "[Output Only] The URL for this instance template. The server defines this URL.",
+          "type": "string"
+        },
+        "sourceInstance": {
+          "description": "The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance \n- projects/project/zones/zone/instances/instance",
+          "type": "string"
+        },
+        "sourceInstanceParams": {
+          "$ref": "SourceInstanceParams",
+          "description": "The source instance params to use to create this instance template."
+        }
+      },
+      "type": "object"
+    },
+    "InstanceTemplateList": {
+      "description": "A list of instance templates.",
+      "id": "InstanceTemplateList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceTemplate resources.",
+          "items": {
+            "$ref": "InstanceTemplate"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#instanceTemplateList",
+          "description": "[Output Only] The resource type, which is always compute#instanceTemplatesListResponse for instance template lists.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceWithNamedPorts": {
+      "id": "InstanceWithNamedPorts",
+      "properties": {
+        "instance": {
+          "description": "[Output Only] The URL of the instance.",
+          "type": "string"
+        },
+        "namedPorts": {
+          "description": "[Output Only] The named ports that belong to this instance group.",
+          "items": {
+            "$ref": "NamedPort"
+          },
+          "type": "array"
+        },
+        "status": {
+          "description": "[Output Only] The status of the instance.",
+          "enum": [
+            "PROVISIONING",
+            "RUNNING",
+            "STAGING",
+            "STOPPED",
+            "STOPPING",
+            "SUSPENDED",
+            "SUSPENDING",
+            "TERMINATED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstancesAddMaintenancePoliciesRequest": {
+      "id": "InstancesAddMaintenancePoliciesRequest",
+      "properties": {
+        "maintenancePolicies": {
+          "description": "Maintenance policies to be added to this instance.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstancesRemoveMaintenancePoliciesRequest": {
+      "id": "InstancesRemoveMaintenancePoliciesRequest",
+      "properties": {
+        "maintenancePolicies": {
+          "description": "Maintenance policies to be removed from this instance.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstancesResumeRequest": {
+      "id": "InstancesResumeRequest",
+      "properties": {
+        "disks": {
+          "description": "Array of disks associated with this instance that are protected with a customer-supplied encryption key.\n\nIn order to resume the instance, the disk url and its corresponding key must be provided.\n\nIf the disk is not protected with a customer-supplied encryption key it should not be specified.",
+          "items": {
+            "$ref": "CustomerEncryptionKeyProtectedDisk"
+          },
+          "type": "array"
+        },
+        "instanceEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "Decrypts data associated with an instance that is protected with a customer-supplied encryption key.\n\nIf the instance you are starting is protected with a customer-supplied encryption key, the correct key must be provided otherwise the instance resume will not succeed."
+        }
+      },
+      "type": "object"
+    },
+    "InstancesScopedList": {
+      "id": "InstancesScopedList",
+      "properties": {
+        "instances": {
+          "description": "[Output Only] List of instances contained in this scope.",
+          "items": {
+            "$ref": "Instance"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of instances when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstancesSetLabelsRequest": {
+      "id": "InstancesSetLabelsRequest",
+      "properties": {
+        "labelFingerprint": {
+          "description": "Fingerprint of the previous set of labels for this resource, used to prevent conflicts. Provide the latest fingerprint value when making a request to add or change labels.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstancesSetMachineResourcesRequest": {
+      "id": "InstancesSetMachineResourcesRequest",
+      "properties": {
+        "guestAccelerators": {
+          "description": "List of the type and count of accelerator cards attached to the instance.",
+          "items": {
+            "$ref": "AcceleratorConfig"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstancesSetMachineTypeRequest": {
+      "id": "InstancesSetMachineTypeRequest",
+      "properties": {
+        "machineType": {
+          "description": "Full or partial URL of the machine type resource. See Machine Types for a full list of machine types. For example: zones/us-central1-f/machineTypes/n1-standard-1",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstancesSetMinCpuPlatformRequest": {
+      "id": "InstancesSetMinCpuPlatformRequest",
+      "properties": {
+        "minCpuPlatform": {
+          "description": "Minimum cpu/platform this instance should be started at.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstancesSetServiceAccountRequest": {
+      "id": "InstancesSetServiceAccountRequest",
+      "properties": {
+        "email": {
+          "description": "Email address of the service account.",
+          "type": "string"
+        },
+        "scopes": {
+          "description": "The list of scopes to be made available for this service account.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstancesStartWithEncryptionKeyRequest": {
+      "id": "InstancesStartWithEncryptionKeyRequest",
+      "properties": {
+        "disks": {
+          "description": "Array of disks associated with this instance that are protected with a customer-supplied encryption key.\n\nIn order to start the instance, the disk url and its corresponding key must be provided.\n\nIf the disk is not protected with a customer-supplied encryption key it should not be specified.",
+          "items": {
+            "$ref": "CustomerEncryptionKeyProtectedDisk"
+          },
+          "type": "array"
+        },
+        "instanceEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "Decrypts data associated with an instance that is protected with a customer-supplied encryption key.\n\nIf the instance you are starting is protected with a customer-supplied encryption key, the correct key must be provided otherwise the instance start will not succeed."
+        }
+      },
+      "type": "object"
+    },
+    "Interconnect": {
+      "description": "Represents an Interconnects resource. The Interconnects resource is a dedicated connection between Google's network and your on-premises network. For more information, see the  Dedicated overview page. (== resource_for v1.interconnects ==) (== resource_for beta.interconnects ==)",
+      "id": "Interconnect",
+      "properties": {
+        "adminEnabled": {
+          "description": "Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true.",
+          "type": "boolean"
+        },
+        "circuitInfos": {
+          "description": "[Output Only] List of CircuitInfo objects, that describe the individual circuits in this LAG.",
+          "items": {
+            "$ref": "InterconnectCircuitInfo"
+          },
+          "type": "array"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "customerName": {
+          "description": "Customer name, to put in the Letter of Authorization as the party authorized to request a crossconnect.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "expectedOutages": {
+          "description": "[Output Only] List of outages expected for this Interconnect.",
+          "items": {
+            "$ref": "InterconnectOutageNotification"
+          },
+          "type": "array"
+        },
+        "googleIpAddress": {
+          "description": "[Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests.",
+          "type": "string"
+        },
+        "googleReferenceId": {
+          "description": "[Output Only] Google reference ID; to be used when raising support tickets with Google or otherwise to debug backend connectivity issues.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "interconnectAttachments": {
+          "description": "[Output Only] A list of the URLs of all InterconnectAttachments configured to use this Interconnect.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "interconnectType": {
+          "description": "Type of interconnect. Note that \"IT_PRIVATE\" has been deprecated in favor of \"DEDICATED\"",
+          "enum": [
+            "DEDICATED",
+            "IT_PRIVATE",
+            "PARTNER"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#interconnect",
+          "description": "[Output Only] Type of the resource. Always compute#interconnect for interconnects.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an Interconnect.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this Interconnect resource. These can be later modified by the setLabels method. Each label key/value must comply with RFC1035. Label values may be empty.",
+          "type": "object"
+        },
+        "linkType": {
+          "description": "Type of link requested. This field indicates speed of each of the links in the bundle, not the entire bundle. Only 10G per link is allowed for a dedicated interconnect. Options: Ethernet_10G_LR",
+          "enum": [
+            "LINK_TYPE_ETHERNET_10G_LR"
+          ],
+          "enumDescriptions": [
+            ""
+          ],
+          "type": "string"
+        },
+        "location": {
+          "description": "URL of the InterconnectLocation object that represents where this connection is to be provisioned.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.interconnects.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "nocContactEmail": {
+          "description": "Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Stackdriver logs alerting and Cloud Notifications.",
+          "type": "string"
+        },
+        "operationalStatus": {
+          "description": "[Output Only] The current status of whether or not this Interconnect is functional.",
+          "enum": [
+            "OS_ACTIVE",
+            "OS_UNPROVISIONED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "peerIpAddress": {
+          "description": "[Output Only] IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests.",
+          "type": "string"
+        },
+        "provisionedLinkCount": {
+          "description": "[Output Only] Number of links actually provisioned in this interconnect.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "requestedLinkCount": {
+          "description": "Target number of physical links in the link bundle, as requested by the customer.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "state": {
+          "description": "[Output Only] The current state of whether or not this Interconnect is functional.",
+          "enum": [
+            "ACTIVE",
+            "UNPROVISIONED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectAttachment": {
+      "description": "Represents an InterconnectAttachment (VLAN attachment) resource. For more information, see  Creating VLAN Attachments. (== resource_for beta.interconnectAttachments ==) (== resource_for v1.interconnectAttachments ==)",
+      "id": "InterconnectAttachment",
+      "properties": {
+        "adminEnabled": {
+          "description": "Determines whether this Attachment will carry packets. Not present for PARTNER_PROVIDER.",
+          "type": "boolean"
+        },
+        "availabilityZone": {
+          "enum": [
+            "ZONE_1",
+            "ZONE_2",
+            "ZONE_ANY"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "bandwidth": {
+          "enum": [
+            "BPS_100M",
+            "BPS_10G",
+            "BPS_1G",
+            "BPS_200M",
+            "BPS_2G",
+            "BPS_300M",
+            "BPS_400M",
+            "BPS_500M",
+            "BPS_50M",
+            "BPS_5G"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "candidateSubnets": {
+          "description": "Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space (169.254.0.0/16) and must be /29 or shorter (/28, /27, etc). Google will attempt to select an unused /29 from the supplied candidate prefix(es). The request will fail if all possible /29s are in use on Google?s edge. If not supplied, Google will randomly select an unused /29 from all of link-local space.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "cloudRouterIpAddress": {
+          "description": "[Output Only] IPv4 address + prefix length to be configured on Cloud Router Interface for this interconnect attachment.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "customerRouterIpAddress": {
+          "description": "[Output Only] IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource.",
+          "type": "string"
+        },
+        "edgeAvailabilityDomain": {
+          "description": "Desired availability domain for the attachment. Can only be specified when creating PARTNER-type InterconnectAttachments.\n\nFor improved reliability, customers should configure a pair of attachments with one per availability domain. The selected availability domain will be provided to the Partner via the pairing key so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.",
+          "enum": [
+            "AVAILABILITY_DOMAIN_1",
+            "AVAILABILITY_DOMAIN_2",
+            "AVAILABILITY_DOMAIN_ANY"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "googleReferenceId": {
+          "description": "[Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "interconnect": {
+          "description": "URL of the underlying Interconnect object that this attachment's traffic will traverse through.",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#interconnectAttachment",
+          "description": "[Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this InterconnectAttachment resource. These can be later modified by the setLabels method. Each label key/value must comply with RFC1035. Label values may be empty.",
+          "type": "object"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "operationalStatus": {
+          "description": "[Output Only] The current status of whether or not this interconnect attachment is functional.",
+          "enum": [
+            "OS_ACTIVE",
+            "OS_UNPROVISIONED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "pairingKey": {
+          "description": "[Output only for type PARTNER. Input only for PARTNER_PROVIDER. Not present for DEDICATED]. Opaque string identifying an PARTNER attachment. Of the form ?cloud-region/XXXXXX?.",
+          "type": "string"
+        },
+        "partnerAsn": {
+          "description": "[Output only for PARTNER. Input for PARTNER_PROVIDER. Not present for DEDICATED] BGP ASN of the Partner. A layer 3 Partner should supply this if they configured BGP on behalf of the customer.",
+          "format": "int64",
+          "type": "string"
+        },
+        "partnerMetadata": {
+          "$ref": "InterconnectAttachmentPartnerMetadata"
+        },
+        "privateInterconnectInfo": {
+          "$ref": "InterconnectAttachmentPrivateInfo",
+          "description": "[Output Only] Information specific to an InterconnectAttachment. This property is populated if the interconnect that this is attached to is of type DEDICATED."
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the regional interconnect attachment resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "router": {
+          "description": "URL of the cloud router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network \u0026 region within which the Cloud Router is configured.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "state": {
+          "description": "[Output Only] The current state of whether or not this interconnect attachment is functional.",
+          "enum": [
+            "ACTIVE",
+            "DEFUNCT",
+            "PARTNER_REQUEST_RECEIVED",
+            "PENDING_CUSTOMER",
+            "PENDING_PARTNER",
+            "STATE_UNSPECIFIED",
+            "UNPROVISIONED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "type": {
+          "enum": [
+            "DEDICATED",
+            "PARTNER",
+            "PARTNER_PROVIDER"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "vlanTag8021q": {
+          "description": "Available only for DEDICATED and PARTNER_PROVIDER. Desired VLAN tag for this attachment, in the range 2-4094. This field refers to 802.1q VLAN tag, also known as IEEE 802.1Q Only specified at creation time.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectAttachmentAggregatedList": {
+      "id": "InterconnectAttachmentAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "InterconnectAttachmentsScopedList",
+            "description": "Name of the scope containing this set of interconnect attachments."
+          },
+          "description": "A list of InterconnectAttachmentsScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#interconnectAttachmentAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#interconnectAttachmentAggregatedList for aggregated lists of interconnect attachments.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectAttachmentList": {
+      "description": "Response to the list request, and contains a list of interconnect attachments.",
+      "id": "InterconnectAttachmentList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InterconnectAttachment resources.",
+          "items": {
+            "$ref": "InterconnectAttachment"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#interconnectAttachmentList",
+          "description": "[Output Only] Type of resource. Always compute#interconnectAttachmentList for lists of interconnect attachments.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectAttachmentPartnerMetadata": {
+      "description": "Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments. Only mutable for PARTNER_PROVIDER type, output-only for PARTNER, not available for DEDICATED.",
+      "id": "InterconnectAttachmentPartnerMetadata",
+      "properties": {
+        "interconnectName": {
+          "description": "Plain text name of the Interconnect this attachment is connected to, as displayed in the Partner?s portal. For instance ?Chicago 1?. This value may be validated to match approved Partner values.",
+          "type": "string"
+        },
+        "partnerName": {
+          "description": "Plain text name of the Partner providing this attachment. This value may be validated to match approved Partner values.",
+          "type": "string"
+        },
+        "portalUrl": {
+          "description": "URL of the Partner?s portal for this Attachment. Partners may customise this to be a deep-link to the specific resource on the Partner portal. This value may be validated to match approved Partner values.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectAttachmentPrivateInfo": {
+      "description": "Information for an interconnect attachment when this belongs to an interconnect of type DEDICATED.",
+      "id": "InterconnectAttachmentPrivateInfo",
+      "properties": {
+        "tag8021q": {
+          "description": "[Output Only] 802.1q encapsulation tag to be used for traffic between Google and the customer, going to and from this network and region.",
+          "format": "uint32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectAttachmentsScopedList": {
+      "id": "InterconnectAttachmentsScopedList",
+      "properties": {
+        "interconnectAttachments": {
+          "description": "List of interconnect attachments contained in this scope.",
+          "items": {
+            "$ref": "InterconnectAttachment"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of addresses when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectCircuitInfo": {
+      "description": "Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only. Next id: 4",
+      "id": "InterconnectCircuitInfo",
+      "properties": {
+        "customerDemarcId": {
+          "description": "Customer-side demarc ID for this circuit.",
+          "type": "string"
+        },
+        "googleCircuitId": {
+          "description": "Google-assigned unique ID for this circuit. Assigned at circuit turn-up.",
+          "type": "string"
+        },
+        "googleDemarcId": {
+          "description": "Google-side demarc ID for this circuit. Assigned at circuit turn-up and provided by Google to the customer in the LOA.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectList": {
+      "description": "Response to the list request, and contains a list of interconnects.",
+      "id": "InterconnectList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Interconnect resources.",
+          "items": {
+            "$ref": "Interconnect"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#interconnectList",
+          "description": "[Output Only] Type of resource. Always compute#interconnectList for lists of interconnects.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectLocation": {
+      "description": "Represents an InterconnectLocations resource. The InterconnectLocations resource describes the locations where you can connect to Google's networks. For more information, see  Colocation Facilities.",
+      "id": "InterconnectLocation",
+      "properties": {
+        "address": {
+          "description": "[Output Only] The postal address of the Point of Presence, each line in the address is separated by a newline character.",
+          "type": "string"
+        },
+        "availabilityZone": {
+          "description": "[Output Only] Availability zone for this location. Within a metropolitan area (metro), maintenance will not be simultaneously scheduled in more than one availability zone. Example: \"zone1\" or \"zone2\".",
+          "type": "string"
+        },
+        "city": {
+          "description": "[Output Only] Metropolitan area designator that indicates which city an interconnect is located. For example: \"Chicago, IL\", \"Amsterdam, Netherlands\".",
+          "type": "string"
+        },
+        "continent": {
+          "description": "[Output Only] Continent for this location.",
+          "enum": [
+            "AFRICA",
+            "ASIA_PAC",
+            "C_AFRICA",
+            "C_ASIA_PAC",
+            "C_EUROPE",
+            "C_NORTH_AMERICA",
+            "C_SOUTH_AMERICA",
+            "EUROPE",
+            "NORTH_AMERICA",
+            "SOUTH_AMERICA"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "[Output Only] An optional description of the resource.",
+          "type": "string"
+        },
+        "facilityProvider": {
+          "description": "[Output Only] The name of the provider for this facility (e.g., EQUINIX).",
+          "type": "string"
+        },
+        "facilityProviderFacilityId": {
+          "description": "[Output Only] A provider-assigned Identifier for this facility (e.g., Ashburn-DC1).",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#interconnectLocation",
+          "description": "[Output Only] Type of the resource. Always compute#interconnectLocation for interconnect locations.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "type": "string"
+        },
+        "peeringdbFacilityId": {
+          "description": "[Output Only] The peeringdb identifier for this facility (corresponding with a netfac type in peeringdb).",
+          "type": "string"
+        },
+        "regionInfos": {
+          "description": "[Output Only] A list of InterconnectLocation.RegionInfo objects, that describe parameters pertaining to the relation between this InterconnectLocation and various Google Cloud regions.",
+          "items": {
+            "$ref": "InterconnectLocationRegionInfo"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectLocationList": {
+      "description": "Response to the list request, and contains a list of interconnect locations.",
+      "id": "InterconnectLocationList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InterconnectLocation resources.",
+          "items": {
+            "$ref": "InterconnectLocation"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#interconnectLocationList",
+          "description": "[Output Only] Type of resource. Always compute#interconnectLocationList for lists of interconnect locations.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectLocationRegionInfo": {
+      "description": "Information about any potential InterconnectAttachments between an Interconnect at a specific InterconnectLocation, and a specific Cloud Region.",
+      "id": "InterconnectLocationRegionInfo",
+      "properties": {
+        "expectedRttMs": {
+          "description": "Expected round-trip time in milliseconds, from this InterconnectLocation to a VM in this region.",
+          "format": "int64",
+          "type": "string"
+        },
+        "locationPresence": {
+          "description": "Identifies the network presence of this location.",
+          "enum": [
+            "GLOBAL",
+            "LOCAL_REGION",
+            "LP_GLOBAL",
+            "LP_LOCAL_REGION"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "region": {
+          "description": "URL for the region of this location.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectOutageNotification": {
+      "description": "Description of a planned outage on this Interconnect. Next id: 9",
+      "id": "InterconnectOutageNotification",
+      "properties": {
+        "affectedCircuits": {
+          "description": "Iff issue_type is IT_PARTIAL_OUTAGE, a list of the Google-side circuit IDs that will be affected.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "description": {
+          "description": "A description about the purpose of the outage.",
+          "type": "string"
+        },
+        "endTime": {
+          "description": "Scheduled end time for the outage (milliseconds since Unix epoch).",
+          "format": "int64",
+          "type": "string"
+        },
+        "issueType": {
+          "description": "Form this outage is expected to take. Note that the \"IT_\" versions of this enum have been deprecated in favor of the unprefixed values.",
+          "enum": [
+            "IT_OUTAGE",
+            "IT_PARTIAL_OUTAGE",
+            "OUTAGE",
+            "PARTIAL_OUTAGE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "name": {
+          "description": "Unique identifier for this outage notification.",
+          "type": "string"
+        },
+        "source": {
+          "description": "The party that generated this notification. Note that \"NSRC_GOOGLE\" has been deprecated in favor of \"GOOGLE\"",
+          "enum": [
+            "GOOGLE",
+            "NSRC_GOOGLE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "startTime": {
+          "description": "Scheduled start time for the outage (milliseconds since Unix epoch).",
+          "format": "int64",
+          "type": "string"
+        },
+        "state": {
+          "description": "State of this notification. Note that the \"NS_\" versions of this enum have been deprecated in favor of the unprefixed values.",
+          "enum": [
+            "ACTIVE",
+            "CANCELLED",
+            "NS_ACTIVE",
+            "NS_CANCELED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InternalIpOwner": {
+      "id": "InternalIpOwner",
+      "properties": {
+        "ipCidrRange": {
+          "description": "IP CIDR range being owned.",
+          "type": "string"
+        },
+        "owners": {
+          "description": "URLs of the IP owners of the IP CIDR range.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "systemOwned": {
+          "description": "Whether this IP CIDR range is reserved for system use.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "IpOwnerList": {
+      "description": "Contains a list of IP owners.",
+      "id": "IpOwnerList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InternalIpOwner resources.",
+          "items": {
+            "$ref": "InternalIpOwner"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#ipOwnerList",
+          "description": "[Output Only] Type of resource. Always compute#ipOwnerList for lists of IP owners.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "License": {
+      "description": "A license resource.",
+      "id": "License",
+      "properties": {
+        "chargesUseFee": {
+          "description": "[Output Only] Deprecated. This field no longer reflects whether a license charges a usage fee.",
+          "type": "boolean"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional textual description of the resource; provided by the client when the resource is created.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#license",
+          "description": "[Output Only] Type of resource. Always compute#license for licenses.",
+          "type": "string"
+        },
+        "licenseCode": {
+          "description": "[Output Only] The unique code used to attach this license to images, snapshots, and disks.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.images.insert"
+            ]
+          },
+          "description": "[Output Only] Name of the resource. The name is 1-63 characters long and complies with RFC1035.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "resourceRequirements": {
+          "$ref": "LicenseResourceRequirements"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "transferable": {
+          "description": "If false, licenses will not be copied from the source resource when creating an image from a disk, disk from snapshot, or snapshot from disk.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "LicenseCode": {
+      "id": "LicenseCode",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "[Output Only] Description of this License Code.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#licenseCode",
+          "description": "[Output Only] Type of resource. Always compute#licenseCode for licenses.",
+          "type": "string"
+        },
+        "licenseAlias": {
+          "description": "[Output Only] URL and description aliases of Licenses with the same License Code.",
+          "items": {
+            "$ref": "LicenseCodeLicenseAlias"
+          },
+          "type": "array"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.licenses.insert"
+            ]
+          },
+          "description": "[Output Only] Name of the resource. The name is 1-20 characters long and must be a valid 64 bit integer.",
+          "pattern": "[0-9]{0,20}?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "state": {
+          "description": "[Output Only] Current state of this License Code.",
+          "enum": [
+            "DISABLED",
+            "ENABLED",
+            "RESTRICTED",
+            "STATE_UNSPECIFIED",
+            "TERMINATED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "transferable": {
+          "description": "[Output Only] If true, the license will remain attached when creating images or snapshots from disks. Otherwise, the license is not transferred.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "LicenseCodeLicenseAlias": {
+      "id": "LicenseCodeLicenseAlias",
+      "properties": {
+        "description": {
+          "description": "[Output Only] Description of this License Code.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] URL of license corresponding to this License Code.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "LicenseResourceRequirements": {
+      "id": "LicenseResourceRequirements",
+      "properties": {
+        "minGuestCpuCount": {
+          "description": "Minimum number of guest cpus required to use the Instance. Enforced at Instance creation and Instance start.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "minMemoryMb": {
+          "description": "Minimum memory required to use the Instance. Enforced at Instance creation and Instance start.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "LicensesListResponse": {
+      "id": "LicensesListResponse",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of License resources.",
+          "items": {
+            "$ref": "License"
+          },
+          "type": "array"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "LogConfig": {
+      "description": "Specifies what kind of log the caller must write",
+      "id": "LogConfig",
+      "properties": {
+        "cloudAudit": {
+          "$ref": "LogConfigCloudAuditOptions",
+          "description": "Cloud audit options."
+        },
+        "counter": {
+          "$ref": "LogConfigCounterOptions",
+          "description": "Counter options."
+        },
+        "dataAccess": {
+          "$ref": "LogConfigDataAccessOptions",
+          "description": "Data access options."
+        }
+      },
+      "type": "object"
+    },
+    "LogConfigCloudAuditOptions": {
+      "description": "Write a Cloud Audit log",
+      "id": "LogConfigCloudAuditOptions",
+      "properties": {
+        "authorizationLoggingOptions": {
+          "$ref": "AuthorizationLoggingOptions",
+          "description": "Information used by the Cloud Audit Logging pipeline."
+        },
+        "logName": {
+          "description": "The log_name to populate in the Cloud Audit Record.",
+          "enum": [
+            "ADMIN_ACTIVITY",
+            "DATA_ACCESS",
+            "UNSPECIFIED_LOG_NAME"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "LogConfigCounterOptions": {
+      "description": "Increment a streamz counter with the specified metric and field names.\n\nMetric names should start with a '/', generally be lowercase-only, and end in \"_count\". Field names should not contain an initial slash. The actual exported metric names will have \"/iam/policy\" prepended.\n\nField names correspond to IAM request parameters and field values are their respective values.\n\nAt present the only supported field names are - \"iam_principal\", corresponding to IAMContext.principal; - \"\" (empty string), resulting in one aggretated counter with no field.\n\nExamples: counter { metric: \"/debug_access_count\" field: \"iam_principal\" } ==\u003e increment counter /iam/policy/backend_debug_access_count {iam_principal=[value of IAMContext.principal]}\n\nAt this time we do not support: * multiple field names (though this may be supported in the future) * decrementing the counter * incrementing it by anything other than 1",
+      "id": "LogConfigCounterOptions",
+      "properties": {
+        "field": {
+          "description": "The field value to attribute.",
+          "type": "string"
+        },
+        "metric": {
+          "description": "The metric to update.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "LogConfigDataAccessOptions": {
+      "description": "Write a Data Access (Gin) log",
+      "id": "LogConfigDataAccessOptions",
+      "properties": {
+        "logMode": {
+          "description": "Whether Gin logging should happen in a fail-closed manner at the caller. This is relevant only in the LocalIAM implementation, for now.",
+          "enum": [
+            "LOG_FAIL_CLOSED",
+            "LOG_MODE_UNSPECIFIED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "MachineType": {
+      "description": "A Machine Type resource. (== resource_for v1.machineTypes ==) (== resource_for beta.machineTypes ==)",
+      "id": "MachineType",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "deprecated": {
+          "$ref": "DeprecationStatus",
+          "description": "[Output Only] The deprecation status associated with this machine type."
+        },
+        "description": {
+          "description": "[Output Only] An optional textual description of the resource.",
+          "type": "string"
+        },
+        "guestCpus": {
+          "description": "[Output Only] The number of virtual CPUs that are available to the instance.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "isSharedCpu": {
+          "description": "[Output Only] Whether this machine type has a shared CPU. See Shared-core machine types for more information.",
+          "type": "boolean"
+        },
+        "kind": {
+          "default": "compute#machineType",
+          "description": "[Output Only] The type of the resource. Always compute#machineType for machine types.",
+          "type": "string"
+        },
+        "maximumPersistentDisks": {
+          "description": "[Output Only] Maximum persistent disks allowed.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "maximumPersistentDisksSizeGb": {
+          "description": "[Output Only] Maximum total persistent disks size (GB) allowed.",
+          "format": "int64",
+          "type": "string"
+        },
+        "memoryMb": {
+          "description": "[Output Only] The amount of physical memory available to the instance, defined in MB.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] The name of the zone where the machine type resides, such as us-central1-a.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "MachineTypeAggregatedList": {
+      "id": "MachineTypeAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "MachineTypesScopedList",
+            "description": "[Output Only] Name of the scope containing this set of machine types."
+          },
+          "description": "A list of MachineTypesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#machineTypeAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#machineTypeAggregatedList for aggregated lists of machine types.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "MachineTypeList": {
+      "description": "Contains a list of machine types.",
+      "id": "MachineTypeList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of MachineType resources.",
+          "items": {
+            "$ref": "MachineType"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#machineTypeList",
+          "description": "[Output Only] Type of resource. Always compute#machineTypeList for lists of machine types.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "MachineTypesScopedList": {
+      "id": "MachineTypesScopedList",
+      "properties": {
+        "machineTypes": {
+          "description": "[Output Only] List of machine types contained in this scope.",
+          "items": {
+            "$ref": "MachineType"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] An informational warning that appears when the machine types list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "MaintenancePoliciesList": {
+      "id": "MaintenancePoliciesList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "[Output Only] A list of MaintenancePolicy resources.",
+          "items": {
+            "$ref": "MaintenancePolicy"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#maintenancePoliciesList",
+          "description": "[Output Only] Type of resource.Always compute#maintenancePoliciesList for listsof maintenancePolicies",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "MaintenancePoliciesScopedList": {
+      "id": "MaintenancePoliciesScopedList",
+      "properties": {
+        "maintenancePolicies": {
+          "description": "List of maintenancePolicies contained in this scope.",
+          "items": {
+            "$ref": "MaintenancePolicy"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of maintenancePolicies when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "MaintenancePolicy": {
+      "description": "A maintenance policy for an instance. This specifies what kind of maintenance operations our infrastructure may perform on this instance and when.",
+      "id": "MaintenancePolicy",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#maintenancePolicy",
+          "description": "[Output Only] Type of the resource. Always compute#maintenance_policies for maintenance policies.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.instances.insert"
+            ]
+          },
+          "description": "The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "region": {
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined fully-qualified URL for this resource.",
+          "type": "string"
+        },
+        "vmMaintenancePolicy": {
+          "$ref": "VmMaintenancePolicy",
+          "description": "Maintenance policy applicable to VMs for infrastructure maintenance."
+        }
+      },
+      "type": "object"
+    },
+    "MaintenancePolicyAggregatedList": {
+      "description": "Contains a list of maintenancePolicies.",
+      "id": "MaintenancePolicyAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "MaintenancePoliciesScopedList",
+            "description": "Name of the scope containing this set of maintenancePolicies."
+          },
+          "description": "A list of MaintenancePolicy resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#maintenancePolicyAggregatedList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "MaintenanceWindow": {
+      "description": "A maintenance window for VMs and disks. When set, we restrict our maintenance operations to this window.",
+      "id": "MaintenanceWindow",
+      "properties": {
+        "dailyMaintenanceWindow": {
+          "$ref": "DailyMaintenanceWindow"
+        },
+        "hourlyMaintenanceWindow": {
+          "$ref": "HourlyMaintenanceWindow"
+        }
+      },
+      "type": "object"
+    },
+    "ManagedInstance": {
+      "description": "Next available tag: 12",
+      "id": "ManagedInstance",
+      "properties": {
+        "currentAction": {
+          "description": "[Output Only] The current action that the managed instance group has scheduled for the instance. Possible values: \n- NONE The instance is running, and the managed instance group does not have any scheduled actions for this instance. \n- CREATING The managed instance group is creating this instance. If the group fails to create this instance, it will try again until it is successful. \n- CREATING_WITHOUT_RETRIES The managed instance group is attempting to create this instance only once. If the group fails to create this instance, it does not try again and the group's targetSize value is decreased instead. \n- RECREATING The managed instance group is recreating this instance. \n- DELETING The managed instance group is permanently deleting this instance. \n- ABANDONING The managed instance group is abandoning this instance. The instance will be removed from the instance group and from any target pools that are associated with this group. \n- RESTARTING The managed instance group is restarting the instance. \n- REFRESHING The managed instance group is applying configuration changes to the instance without stopping it. For example, the group can update the target pool list for an instance without stopping that instance. \n- VERIFYING The managed instance group has created the instance and it is in the process of being verified.",
+          "enum": [
+            "ABANDONING",
+            "CREATING",
+            "CREATING_WITHOUT_RETRIES",
+            "DELETING",
+            "NONE",
+            "RECREATING",
+            "REFRESHING",
+            "RESTARTING",
+            "VERIFYING"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output only] The unique identifier for this resource. This field is empty when instance does not exist.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "instance": {
+          "description": "[Output Only] The URL of the instance. The URL can exist even if the instance has not yet been created.",
+          "type": "string"
+        },
+        "instanceStatus": {
+          "description": "[Output Only] The status of the instance. This field is empty when the instance does not exist.",
+          "enum": [
+            "PROVISIONING",
+            "RUNNING",
+            "STAGING",
+            "STOPPED",
+            "STOPPING",
+            "SUSPENDED",
+            "SUSPENDING",
+            "TERMINATED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "instanceTemplate": {
+          "description": "[Output Only] The intended template of the instance. This field is empty when current_action is one of { DELETING, ABANDONING }.",
+          "type": "string"
+        },
+        "lastAttempt": {
+          "$ref": "ManagedInstanceLastAttempt",
+          "description": "[Output Only] Information about the last attempt to create or delete the instance."
+        },
+        "override": {
+          "$ref": "ManagedInstanceOverride",
+          "description": "[Output Only] Override defined for this instance."
+        },
+        "tag": {
+          "description": "[Output Only] Tag describing the version.",
+          "type": "string"
+        },
+        "version": {
+          "$ref": "ManagedInstanceVersion",
+          "description": "[Output Only] Intended version of this instance."
+        }
+      },
+      "type": "object"
+    },
+    "ManagedInstanceLastAttempt": {
+      "id": "ManagedInstanceLastAttempt",
+      "properties": {
+        "errors": {
+          "description": "[Output Only] Encountered errors during the last attempt to create or delete the instance.",
+          "properties": {
+            "errors": {
+              "description": "[Output Only] The array of errors encountered while processing this operation.",
+              "items": {
+                "properties": {
+                  "code": {
+                    "description": "[Output Only] The error type identifier for this error.",
+                    "type": "string"
+                  },
+                  "location": {
+                    "description": "[Output Only] Indicates the field in the request that caused the error. This property is optional.",
+                    "type": "string"
+                  },
+                  "message": {
+                    "description": "[Output Only] An optional, human-readable error message.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "ManagedInstanceOverride": {
+      "description": "Overrides of stateful properties for a given instance",
+      "id": "ManagedInstanceOverride",
+      "properties": {
+        "disks": {
+          "description": "Disk overrides defined for this instance. According to documentation the maximum number of disks attached to an instance is 128: https://cloud.google.com/compute/docs/disks/ However, compute API defines the limit at 140, so this is what we check.",
+          "items": {
+            "$ref": "ManagedInstanceOverrideDiskOverride"
+          },
+          "type": "array"
+        },
+        "metadata": {
+          "description": "Metadata overrides defined for this instance. TODO(b/69785416) validate the total length is \u003c9 KB",
+          "items": {
+            "properties": {
+              "key": {
+                "annotations": {
+                  "required": [
+                    "compute.instances.insert",
+                    "compute.projects.setCommonInstanceMetadata"
+                  ]
+                },
+                "description": "Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.",
+                "pattern": "[a-zA-Z0-9-_]{1,128}",
+                "type": "string"
+              },
+              "value": {
+                "annotations": {
+                  "required": [
+                    "compute.instances.insert",
+                    "compute.projects.setCommonInstanceMetadata"
+                  ]
+                },
+                "description": "Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).",
+                "type": "string"
+              }
+            },
+            "type": "object"
+          },
+          "type": "array"
+        },
+        "origin": {
+          "description": "[Output Only] Indicates where does the override come from.",
+          "enum": [
+            "AUTO_GENERATED",
+            "USER_PROVIDED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ManagedInstanceOverrideDiskOverride": {
+      "id": "ManagedInstanceOverrideDiskOverride",
+      "properties": {
+        "deviceName": {
+          "description": "The name of the device on the VM",
+          "type": "string"
+        },
+        "mode": {
+          "description": "The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode.",
+          "enum": [
+            "READ_ONLY",
+            "READ_WRITE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "source": {
+          "description": "The disk that is/will be mounted",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ManagedInstanceVersion": {
+      "id": "ManagedInstanceVersion",
+      "properties": {
+        "instanceTemplate": {
+          "description": "[Output Only] The intended template of the instance. This field is empty when current_action is one of { DELETING, ABANDONING }.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] Name of the version.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Metadata": {
+      "description": "A metadata key/value entry.",
+      "id": "Metadata",
+      "properties": {
+        "fingerprint": {
+          "description": "Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.",
+          "format": "byte",
+          "type": "string"
+        },
+        "items": {
+          "description": "Array of key/value pairs. The total size of all keys and values must be less than 512 KB.",
+          "items": {
+            "properties": {
+              "key": {
+                "annotations": {
+                  "required": [
+                    "compute.instances.insert",
+                    "compute.projects.setCommonInstanceMetadata"
+                  ]
+                },
+                "description": "Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.",
+                "pattern": "[a-zA-Z0-9-_]{1,128}",
+                "type": "string"
+              },
+              "value": {
+                "annotations": {
+                  "required": [
+                    "compute.instances.insert",
+                    "compute.projects.setCommonInstanceMetadata"
+                  ]
+                },
+                "description": "Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).",
+                "type": "string"
+              }
+            },
+            "type": "object"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#metadata",
+          "description": "[Output Only] Type of the resource. Always compute#metadata for metadata.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "NamedPort": {
+      "description": "The named port. For example: .",
+      "id": "NamedPort",
+      "properties": {
+        "name": {
+          "description": "The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.",
+          "type": "string"
+        },
+        "port": {
+          "description": "The port number, which can be a value between 1 and 65535.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "Network": {
+      "description": "Represents a Network resource. Read Networks and Firewalls for more information. (== resource_for v1.networks ==) (== resource_for beta.networks ==)",
+      "id": "Network",
+      "properties": {
+        "IPv4Range": {
+          "description": "The range of internal addresses that are legal on this network. This range is a CIDR specification, for example: 192.168.0.0/16. Provided by the client when the network is created.",
+          "pattern": "[0-9]{1,3}(?:\\.[0-9]{1,3}){3}/[0-9]{1,2}",
+          "type": "string"
+        },
+        "autoCreateSubnetworks": {
+          "description": "When set to true, the network is created in \"auto subnet mode\". When set to false, the network is in \"custom subnet mode\".\n\nIn \"auto subnet mode\", a newly created network is assigned the default CIDR of 10.128.0.0/9 and it automatically creates one subnetwork per region.",
+          "type": "boolean"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "crossVmEncryption": {
+          "description": "[Output Only] Type of VM-to-VM traffic encryption for this network.",
+          "enum": [
+            "ENCRYPTED",
+            "UNENCRYPTED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "gatewayIPv4": {
+          "description": "A gateway address for default routing to other networks. This value is read only and is selected by the Google Compute Engine, typically as the first usable address in the IPv4Range.",
+          "pattern": "[0-9]{1,3}(?:\\.[0-9]{1,3}){3}",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#network",
+          "description": "[Output Only] Type of the resource. Always compute#network for networks.",
+          "type": "string"
+        },
+        "loadBalancerVmEncryption": {
+          "description": "[Output Only] Type of LB-to-VM traffic encryption for this network.",
+          "enum": [
+            "ENCRYPTED",
+            "UNENCRYPTED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.networks.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "peerings": {
+          "description": "[Output Only] List of network peerings for the resource.",
+          "items": {
+            "$ref": "NetworkPeering"
+          },
+          "type": "array"
+        },
+        "routingConfig": {
+          "$ref": "NetworkRoutingConfig",
+          "description": "The network-level routing configuration for this network. Used by Cloud Router to determine what type of network-wide routing behavior to enforce."
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "subnetworks": {
+          "description": "[Output Only] Server-defined fully-qualified URLs for all subnetworks in this network.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkEndpoint": {
+      "description": "The network endpoint.",
+      "id": "NetworkEndpoint",
+      "properties": {
+        "instance": {
+          "description": "The name for a specific VM instance that the IP address belongs to. This is required for network endpoints of type GCE_VM_IP and GCE_VM_IP_PORT. The instance must be in the same zone of network endpoint group.\n\nThe name must be 1-63 characters long, and comply with RFC1035.",
+          "type": "string"
+        },
+        "ipAddress": {
+          "description": "Optional IPv4 address of network endpoint. The IP address must belong to a VM in GCE (either the primary IP or as part of an aliased IP range). If the IP address is not specified, then the primary IP address for the VM instance in the network that the network endpoint group belongs to will be used.",
+          "type": "string"
+        },
+        "port": {
+          "description": "Optional port number of network endpoint. If not specified and the NetworkEndpointGroup.network_endpoint_type is GCE_IP_PORT, the defaultPort for the network endpoint group will be used.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkEndpointGroup": {
+      "description": "Represents a collection of network endpoints.",
+      "id": "NetworkEndpointGroup",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#networkEndpointGroup",
+          "description": "[Output Only] Type of the resource. Always compute#networkEndpointGroup for network endpoint group.",
+          "type": "string"
+        },
+        "loadBalancer": {
+          "$ref": "NetworkEndpointGroupLbNetworkEndpointGroup",
+          "description": "This field is only valid when the network endpoint group type is LOAD_BALANCING."
+        },
+        "name": {
+          "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "type": "string"
+        },
+        "networkEndpointType": {
+          "description": "Type of network endpoints in this network endpoint group. Only supported values for LOAD_BALANCING are GCE_VM_IP or GCE_VM_IP_PORT.",
+          "enum": [
+            "GCE_VM_IP_PORT"
+          ],
+          "enumDescriptions": [
+            ""
+          ],
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "size": {
+          "description": "[Output only] Number of network endpoints in the network endpoint group.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "type": {
+          "description": "Specify the type of this network endpoint group. Only LOAD_BALANCING is valid for now.",
+          "enum": [
+            "LOAD_BALANCING"
+          ],
+          "enumDescriptions": [
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkEndpointGroupAggregatedList": {
+      "id": "NetworkEndpointGroupAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "NetworkEndpointGroupsScopedList",
+            "description": "The name of the scope that contains this set of network endpoint groups."
+          },
+          "description": "A list of NetworkEndpointGroupsScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#networkEndpointGroupAggregatedList",
+          "description": "[Output Only] The resource type, which is always compute#networkEndpointGroupAggregatedList for aggregated lists of network endpoint groups.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkEndpointGroupLbNetworkEndpointGroup": {
+      "description": "Load balancing specific fields for network endpoint group of type LOAD_BALANCING.",
+      "id": "NetworkEndpointGroupLbNetworkEndpointGroup",
+      "properties": {
+        "defaultPort": {
+          "description": "The default port used if the port number is not specified in the network endpoint. If the network endpoint type is GCE_VM_IP, this field must not be specified.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "network": {
+          "description": "The URL of the network to which all network endpoints in the NEG belong. Uses \"default\" project network if unspecified.",
+          "type": "string"
+        },
+        "subnetwork": {
+          "description": "Optional URL of the subnetwork to which all network endpoints in the NEG belong.",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] The URL of the zone where the network endpoint group is located.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkEndpointGroupList": {
+      "id": "NetworkEndpointGroupList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of NetworkEndpointGroup resources.",
+          "items": {
+            "$ref": "NetworkEndpointGroup"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#networkEndpointGroupList",
+          "description": "[Output Only] The resource type, which is always compute#networkEndpointGroupList for network endpoint group lists.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkEndpointGroupsAttachEndpointsRequest": {
+      "id": "NetworkEndpointGroupsAttachEndpointsRequest",
+      "properties": {
+        "networkEndpoints": {
+          "description": "The list of network endpoints to be attached.",
+          "items": {
+            "$ref": "NetworkEndpoint"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkEndpointGroupsDetachEndpointsRequest": {
+      "id": "NetworkEndpointGroupsDetachEndpointsRequest",
+      "properties": {
+        "networkEndpoints": {
+          "description": "The list of network endpoints to be detached.",
+          "items": {
+            "$ref": "NetworkEndpoint"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkEndpointGroupsListEndpointsRequest": {
+      "id": "NetworkEndpointGroupsListEndpointsRequest",
+      "properties": {
+        "healthStatus": {
+          "description": "Optional query parameter for showing the health status of each network endpoint. Valid options are SKIP or SHOW. If you don't specifiy this parameter, the health status of network endpoints will not be provided.",
+          "enum": [
+            "SHOW",
+            "SKIP"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkEndpointGroupsListNetworkEndpoints": {
+      "id": "NetworkEndpointGroupsListNetworkEndpoints",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of NetworkEndpointWithHealthStatus resources.",
+          "items": {
+            "$ref": "NetworkEndpointWithHealthStatus"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#networkEndpointGroupsListNetworkEndpoints",
+          "description": "[Output Only] The resource type, which is always compute#networkEndpointGroupsListNetworkEndpoints for the list of network endpoints in the specified network endpoint group.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkEndpointGroupsScopedList": {
+      "id": "NetworkEndpointGroupsScopedList",
+      "properties": {
+        "networkEndpointGroups": {
+          "description": "[Output Only] The list of network endpoint groups that are contained in this scope.",
+          "items": {
+            "$ref": "NetworkEndpointGroup"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] An informational warning that replaces the list of network endpoint groups when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkEndpointWithHealthStatus": {
+      "id": "NetworkEndpointWithHealthStatus",
+      "properties": {
+        "healths": {
+          "description": "[Output only] The health status of network endpoint;",
+          "items": {
+            "$ref": "HealthStatusForNetworkEndpoint"
+          },
+          "type": "array"
+        },
+        "networkEndpoint": {
+          "$ref": "NetworkEndpoint",
+          "description": "[Output only] The network endpoint;"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkInterface": {
+      "description": "A network interface resource attached to an instance.",
+      "id": "NetworkInterface",
+      "properties": {
+        "accessConfigs": {
+          "description": "An array of configurations for this interface. Currently, only one access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this instance will have no external internet access.",
+          "items": {
+            "$ref": "AccessConfig"
+          },
+          "type": "array"
+        },
+        "aliasIpRanges": {
+          "description": "An array of alias IP ranges for this network interface. Can only be specified for network interfaces on subnet-mode networks.",
+          "items": {
+            "$ref": "AliasIpRange"
+          },
+          "type": "array"
+        },
+        "fingerprint": {
+          "description": "Fingerprint hash of contents stored in this network interface. This field will be ignored when inserting an Instance or adding a NetworkInterface. An up-to-date fingerprint must be provided in order to update the NetworkInterface.",
+          "format": "byte",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#networkInterface",
+          "description": "[Output Only] Type of the resource. Always compute#networkInterface for network interfaces.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] The name of the network interface, generated by the server. For network devices, these are eth0, eth1, etc.",
+          "type": "string"
+        },
+        "network": {
+          "description": "URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.\n\nThis field is optional when creating a firewall rule. If not specified when creating a firewall rule, the default network global/networks/default is used.\n\nIf you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/project/global/networks/network \n- projects/project/global/networks/network \n- global/networks/default",
+          "type": "string"
+        },
+        "networkIP": {
+          "description": "An IPv4 internal network address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.",
+          "type": "string"
+        },
+        "subnetwork": {
+          "description": "The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not provide this property. If the network is in auto subnet mode, providing the subnetwork is optional. If the network is in custom subnet mode, then this field should be specified. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork \n- regions/region/subnetworks/subnetwork",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkList": {
+      "description": "Contains a list of networks.",
+      "id": "NetworkList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Network resources.",
+          "items": {
+            "$ref": "Network"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#networkList",
+          "description": "[Output Only] Type of resource. Always compute#networkList for lists of networks.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkPeering": {
+      "description": "A network peering attached to a network resource. The message includes the peering name, peer network, peering state, and a flag indicating whether Google Compute Engine should automatically create routes for the peering.",
+      "id": "NetworkPeering",
+      "properties": {
+        "autoCreateRoutes": {
+          "description": "Whether full mesh connectivity is created and managed automatically. When it is set to true, Google Compute Engine will automatically create and manage the routes between two networks when the state is ACTIVE. Otherwise, user needs to create routes manually to route packets to peer network.",
+          "type": "boolean"
+        },
+        "name": {
+          "description": "Name of this peering. Provided by the client when the peering is created. The name must comply with RFC1035. Specifically, the name must be 1-63 characters long and match regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all the following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "type": "string"
+        },
+        "network": {
+          "description": "The URL of the peer network. It can be either full URL or partial URL. The peer network may belong to a different project. If the partial URL does not contain project, it is assumed that the peer network is in the same project as the current network.",
+          "type": "string"
+        },
+        "state": {
+          "description": "[Output Only] State for the peering.",
+          "enum": [
+            "ACTIVE",
+            "INACTIVE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "stateDetails": {
+          "description": "[Output Only] Details about the current state of the peering.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkRoutingConfig": {
+      "description": "A routing configuration attached to a network resource. The message includes the list of routers associated with the network, and a flag indicating the type of routing behavior to enforce network-wide.",
+      "id": "NetworkRoutingConfig",
+      "properties": {
+        "routingMode": {
+          "description": "The network-wide routing mode to use. If set to REGIONAL, this network's cloud routers will only advertise routes with subnetworks of this network in the same region as the router. If set to GLOBAL, this network's cloud routers will advertise routes with all subnetworks of this network, across regions.",
+          "enum": [
+            "GLOBAL",
+            "REGIONAL"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "NetworksAddPeeringRequest": {
+      "id": "NetworksAddPeeringRequest",
+      "properties": {
+        "autoCreateRoutes": {
+          "description": "Whether Google Compute Engine manages the routes automatically.",
+          "type": "boolean"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.networks.addPeering"
+            ]
+          },
+          "description": "Name of the peering, which should conform to RFC1035.",
+          "type": "string"
+        },
+        "peerNetwork": {
+          "description": "URL of the peer network. It can be either full URL or partial URL. The peer network may belong to a different project. If the partial URL does not contain project, it is assumed that the peer network is in the same project as the current network.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "NetworksRemovePeeringRequest": {
+      "id": "NetworksRemovePeeringRequest",
+      "properties": {
+        "name": {
+          "description": "Name of the peering, which should conform to RFC1035.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Operation": {
+      "description": "An Operation resource, used to manage asynchronous API requests. (== resource_for v1.globalOperations ==) (== resource_for beta.globalOperations ==) (== resource_for v1.regionOperations ==) (== resource_for beta.regionOperations ==) (== resource_for v1.zoneOperations ==) (== resource_for beta.zoneOperations ==)",
+      "id": "Operation",
+      "properties": {
+        "clientOperationId": {
+          "description": "[Output Only] Reserved for future use.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Deprecated] This field is deprecated.",
+          "type": "string"
+        },
+        "description": {
+          "description": "[Output Only] A textual description of the operation, which is set when the operation is created.",
+          "type": "string"
+        },
+        "endTime": {
+          "description": "[Output Only] The time that this operation was completed. This value is in RFC3339 text format.",
+          "type": "string"
+        },
+        "error": {
+          "description": "[Output Only] If errors are generated during processing of the operation, this field will be populated.",
+          "properties": {
+            "errors": {
+              "description": "[Output Only] The array of errors encountered while processing this operation.",
+              "items": {
+                "properties": {
+                  "code": {
+                    "description": "[Output Only] The error type identifier for this error.",
+                    "type": "string"
+                  },
+                  "location": {
+                    "description": "[Output Only] Indicates the field in the request that caused the error. This property is optional.",
+                    "type": "string"
+                  },
+                  "message": {
+                    "description": "[Output Only] An optional, human-readable error message.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            }
+          },
+          "type": "object"
+        },
+        "httpErrorMessage": {
+          "description": "[Output Only] If the operation fails, this field contains the HTTP error message that was returned, such as NOT FOUND.",
+          "type": "string"
+        },
+        "httpErrorStatusCode": {
+          "description": "[Output Only] If the operation fails, this field contains the HTTP error status code that was returned. For example, a 404 means the resource was not found.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "insertTime": {
+          "description": "[Output Only] The time that this operation was requested. This value is in RFC3339 text format.",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#operation",
+          "description": "[Output Only] Type of the resource. Always compute#operation for Operation resources.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "type": "string"
+        },
+        "operationType": {
+          "description": "[Output Only] The type of operation, such as insert, update, or delete, and so on.",
+          "type": "string"
+        },
+        "progress": {
+          "description": "[Output Only] An optional progress indicator that ranges from 0 to 100. There is no requirement that this be linear or support any granularity of operations. This should not be used to guess when the operation will be complete. This number should monotonically increase as the operation progresses.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "region": {
+          "description": "[Output Only] The URL of the region where the operation resides. Only available when performing regional operations. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "startTime": {
+          "description": "[Output Only] The time that this operation was started by the server. This value is in RFC3339 text format.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the operation, which can be one of the following: PENDING, RUNNING, or DONE.",
+          "enum": [
+            "DONE",
+            "PENDING",
+            "RUNNING"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "statusMessage": {
+          "description": "[Output Only] An optional textual description of the current status of the operation.",
+          "type": "string"
+        },
+        "targetId": {
+          "description": "[Output Only] The unique target ID, which identifies a specific incarnation of the target resource.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "targetLink": {
+          "description": "[Output Only] The URL of the resource that the operation modifies. For operations related to creating a snapshot, this points to the persistent disk that the snapshot was created from.",
+          "type": "string"
+        },
+        "user": {
+          "description": "[Output Only] User who requested the operation, for example: user@example.com.",
+          "type": "string"
+        },
+        "warnings": {
+          "description": "[Output Only] If warning messages are generated during processing of the operation, this field will be populated.",
+          "items": {
+            "properties": {
+              "code": {
+                "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+                "enum": [
+                  "CLEANUP_FAILED",
+                  "DEPRECATED_RESOURCE_USED",
+                  "DEPRECATED_TYPE_USED",
+                  "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                  "EXPERIMENTAL_TYPE_USED",
+                  "EXTERNAL_API_WARNING",
+                  "FIELD_VALUE_OVERRIDEN",
+                  "INJECTED_KERNELS_DEPRECATED",
+                  "MISSING_TYPE_DEPENDENCY",
+                  "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                  "NEXT_HOP_CANNOT_IP_FORWARD",
+                  "NEXT_HOP_INSTANCE_NOT_FOUND",
+                  "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                  "NEXT_HOP_NOT_RUNNING",
+                  "NOT_CRITICAL_ERROR",
+                  "NO_RESULTS_ON_PAGE",
+                  "REQUIRED_TOS_AGREEMENT",
+                  "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                  "RESOURCE_NOT_DELETED",
+                  "SCHEMA_VALIDATION_IGNORED",
+                  "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                  "UNDECLARED_PROPERTIES",
+                  "UNREACHABLE"
+                ],
+                "enumDescriptions": [
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  ""
+                ],
+                "type": "string"
+              },
+              "data": {
+                "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+                "items": {
+                  "properties": {
+                    "key": {
+                      "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                      "type": "string"
+                    },
+                    "value": {
+                      "description": "[Output Only] A warning data value corresponding to the key.",
+                      "type": "string"
+                    }
+                  },
+                  "type": "object"
+                },
+                "type": "array"
+              },
+              "message": {
+                "description": "[Output Only] A human-readable description of the warning code.",
+                "type": "string"
+              }
+            },
+            "type": "object"
+          },
+          "type": "array"
+        },
+        "zone": {
+          "description": "[Output Only] The URL of the zone where the operation resides. Only available when performing per-zone operations. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "OperationAggregatedList": {
+      "id": "OperationAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "OperationsScopedList",
+            "description": "[Output Only] Name of the scope containing this set of operations."
+          },
+          "description": "[Output Only] A map of scoped operation lists.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#operationAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#operationAggregatedList for aggregated lists of operations.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "OperationList": {
+      "description": "Contains a list of Operation resources.",
+      "id": "OperationList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "[Output Only] A list of Operation resources.",
+          "items": {
+            "$ref": "Operation"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#operationList",
+          "description": "[Output Only] Type of resource. Always compute#operations for Operations resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "OperationsScopedList": {
+      "id": "OperationsScopedList",
+      "properties": {
+        "operations": {
+          "description": "[Output Only] List of operations contained in this scope.",
+          "items": {
+            "$ref": "Operation"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of operations when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "PathMatcher": {
+      "description": "A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.",
+      "id": "PathMatcher",
+      "properties": {
+        "defaultService": {
+          "description": "The full or partial URL to the BackendService resource. This will be used if none of the pathRules defined by this PathMatcher is matched by the URL's path portion. For example, the following are all valid URLs to a BackendService resource:  \n- https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService \n- compute/v1/projects/project/global/backendServices/backendService \n- global/backendServices/backendService",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "name": {
+          "description": "The name to which this PathMatcher is referred by the HostRule.",
+          "type": "string"
+        },
+        "pathRules": {
+          "description": "The list of path rules.",
+          "items": {
+            "$ref": "PathRule"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "PathRule": {
+      "description": "A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.",
+      "id": "PathRule",
+      "properties": {
+        "paths": {
+          "description": "The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "service": {
+          "description": "The URL of the BackendService resource if this rule is matched.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "PerInstanceConfig": {
+      "id": "PerInstanceConfig",
+      "properties": {
+        "instance": {
+          "description": "The URL of the instance. Serves as a merge key during UpdatePerInstanceConfigs operation.",
+          "type": "string"
+        },
+        "override": {
+          "$ref": "ManagedInstanceOverride"
+        }
+      },
+      "type": "object"
+    },
+    "Policy": {
+      "description": "Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources.\n\n\n\nA `Policy` consists of a list of `bindings`. A `Binding` binds a list of `members` to a `role`, where the members can be user accounts, Google groups, Google domains, and service accounts. A `role` is a named list of permissions defined by IAM.\n\n**Example**\n\n{ \"bindings\": [ { \"role\": \"roles/owner\", \"members\": [ \"user:mike@example.com\", \"group:admins@example.com\", \"domain:google.com\", \"serviceAccount:my-other-app@appspot.gserviceaccount.com\", ] }, { \"role\": \"roles/viewer\", \"members\": [\"user:sean@example.com\"] } ] }\n\nFor a description of IAM and its features, see the [IAM developer's guide](https://cloud.google.com/iam/docs).",
+      "id": "Policy",
+      "properties": {
+        "auditConfigs": {
+          "description": "Specifies cloud audit logging configuration for this policy.",
+          "items": {
+            "$ref": "AuditConfig"
+          },
+          "type": "array"
+        },
+        "bindings": {
+          "description": "Associates a list of `members` to a `role`. `bindings` with no members will result in an error.",
+          "items": {
+            "$ref": "Binding"
+          },
+          "type": "array"
+        },
+        "etag": {
+          "description": "`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.\n\nIf no `etag` is provided in the call to `setIamPolicy`, then the existing policy is overwritten blindly.",
+          "format": "byte",
+          "type": "string"
+        },
+        "iamOwned": {
+          "description": "",
+          "type": "boolean"
+        },
+        "rules": {
+          "description": "If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.",
+          "items": {
+            "$ref": "Rule"
+          },
+          "type": "array"
+        },
+        "version": {
+          "description": "Deprecated.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "Project": {
+      "description": "A Project resource. For an overview of projects, see  Cloud Platform Resource Hierarchy. (== resource_for v1.projects ==) (== resource_for beta.projects ==)",
+      "id": "Project",
+      "properties": {
+        "commonInstanceMetadata": {
+          "$ref": "Metadata",
+          "description": "Metadata key/value pairs available to all instances contained in this project. See Custom metadata for more information."
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "defaultNetworkTier": {
+          "description": "This signifies the default network tier used for configuring resources of the project and can only take the following values: PREMIUM, STANDARD. Initially the default network tier is PREMIUM.",
+          "enum": [
+            "PREMIUM",
+            "SELECT",
+            "STANDARD"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "defaultServiceAccount": {
+          "description": "[Output Only] Default service account used by VMs running in this project.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional textual description of the resource.",
+          "type": "string"
+        },
+        "enabledFeatures": {
+          "description": "Restricted features enabled for use on this project.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server. This is not the project ID, and is just a unique ID used by Compute Engine to identify resources.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#project",
+          "description": "[Output Only] Type of the resource. Always compute#project for projects.",
+          "type": "string"
+        },
+        "name": {
+          "description": "The project ID. For example: my-example-project. Use the project ID to make requests to Compute Engine.",
+          "type": "string"
+        },
+        "quotas": {
+          "description": "[Output Only] Quotas assigned to this project.",
+          "items": {
+            "$ref": "Quota"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "usageExportLocation": {
+          "$ref": "UsageExportLocation",
+          "description": "The naming prefix for daily usage reports and the Google Cloud Storage bucket where they are stored."
+        },
+        "xpnProjectStatus": {
+          "description": "[Output Only] The role this project has in a shared VPC configuration. Currently only HOST projects are differentiated.",
+          "enum": [
+            "HOST",
+            "UNSPECIFIED_XPN_PROJECT_STATUS"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ProjectsDisableXpnResourceRequest": {
+      "id": "ProjectsDisableXpnResourceRequest",
+      "properties": {
+        "xpnResource": {
+          "$ref": "XpnResourceId",
+          "description": "Service resource (a.k.a service project) ID."
+        }
+      },
+      "type": "object"
+    },
+    "ProjectsEnableXpnResourceRequest": {
+      "id": "ProjectsEnableXpnResourceRequest",
+      "properties": {
+        "xpnResource": {
+          "$ref": "XpnResourceId",
+          "description": "Service resource (a.k.a service project) ID."
+        }
+      },
+      "type": "object"
+    },
+    "ProjectsGetXpnResources": {
+      "id": "ProjectsGetXpnResources",
+      "properties": {
+        "kind": {
+          "default": "compute#projectsGetXpnResources",
+          "description": "[Output Only] Type of resource. Always compute#projectsGetXpnResources for lists of service resources (a.k.a service projects)",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "resources": {
+          "description": "Service resources (a.k.a service projects) attached to this project as their shared VPC host.",
+          "items": {
+            "$ref": "XpnResourceId"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "ProjectsListXpnHostsRequest": {
+      "id": "ProjectsListXpnHostsRequest",
+      "properties": {
+        "organization": {
+          "description": "Optional organization ID managed by Cloud Resource Manager, for which to list shared VPC host projects. If not specified, the organization will be inferred from the project.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ProjectsSetDefaultNetworkTierRequest": {
+      "id": "ProjectsSetDefaultNetworkTierRequest",
+      "properties": {
+        "networkTier": {
+          "description": "Default network tier to be set.",
+          "enum": [
+            "PREMIUM",
+            "SELECT",
+            "STANDARD"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ProjectsSetDefaultServiceAccountRequest": {
+      "id": "ProjectsSetDefaultServiceAccountRequest",
+      "properties": {
+        "email": {
+          "description": "Email address of the service account.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Quota": {
+      "description": "A quotas entry.",
+      "id": "Quota",
+      "properties": {
+        "limit": {
+          "description": "[Output Only] Quota limit for this metric.",
+          "format": "double",
+          "type": "number"
+        },
+        "metric": {
+          "description": "[Output Only] Name of the quota metric.",
+          "enum": [
+            "AMD_S9300_GPUS",
+            "AUTOSCALERS",
+            "BACKEND_BUCKETS",
+            "BACKEND_SERVICES",
+            "COMMITMENTS",
+            "CPUS",
+            "CPUS_ALL_REGIONS",
+            "DISKS_TOTAL_GB",
+            "FIREWALLS",
+            "FORWARDING_RULES",
+            "HEALTH_CHECKS",
+            "IMAGES",
+            "INSTANCES",
+            "INSTANCE_GROUPS",
+            "INSTANCE_GROUP_MANAGERS",
+            "INSTANCE_TEMPLATES",
+            "INTERCONNECTS",
+            "INTERNAL_ADDRESSES",
+            "IN_USE_ADDRESSES",
+            "LOCAL_SSD_TOTAL_GB",
+            "MAINTENANCE_POLICIES",
+            "NETWORKS",
+            "NVIDIA_K80_GPUS",
+            "NVIDIA_P100_GPUS",
+            "NVIDIA_P100_VWS_GPUS",
+            "NVIDIA_V100_GPUS",
+            "PREEMPTIBLE_CPUS",
+            "PREEMPTIBLE_LOCAL_SSD_GB",
+            "PREEMPTIBLE_NVIDIA_K80_GPUS",
+            "PREEMPTIBLE_NVIDIA_P100_GPUS",
+            "REGIONAL_AUTOSCALERS",
+            "REGIONAL_INSTANCE_GROUP_MANAGERS",
+            "ROUTERS",
+            "ROUTES",
+            "SECURITY_POLICIES",
+            "SECURITY_POLICY_RULES",
+            "SNAPSHOTS",
+            "SSD_TOTAL_GB",
+            "SSL_CERTIFICATES",
+            "STATIC_ADDRESSES",
+            "SUBNETWORKS",
+            "TARGET_HTTPS_PROXIES",
+            "TARGET_HTTP_PROXIES",
+            "TARGET_INSTANCES",
+            "TARGET_POOLS",
+            "TARGET_SSL_PROXIES",
+            "TARGET_TCP_PROXIES",
+            "TARGET_VPN_GATEWAYS",
+            "URL_MAPS",
+            "VPN_TUNNELS"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "usage": {
+          "description": "[Output Only] Current usage of this metric.",
+          "format": "double",
+          "type": "number"
+        }
+      },
+      "type": "object"
+    },
+    "Reference": {
+      "description": "Represents a reference to a resource.",
+      "id": "Reference",
+      "properties": {
+        "kind": {
+          "default": "compute#reference",
+          "description": "[Output Only] Type of the resource. Always compute#reference for references.",
+          "type": "string"
+        },
+        "referenceType": {
+          "description": "A description of the reference type with no implied semantics. Possible values include:  \n- MEMBER_OF",
+          "type": "string"
+        },
+        "referrer": {
+          "description": "URL of the resource which refers to the target.",
+          "type": "string"
+        },
+        "target": {
+          "description": "URL of the resource to which this reference points.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Region": {
+      "description": "Region resource. (== resource_for beta.regions ==) (== resource_for v1.regions ==)",
+      "id": "Region",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "deprecated": {
+          "$ref": "DeprecationStatus",
+          "description": "[Output Only] The deprecation status associated with this region."
+        },
+        "description": {
+          "description": "[Output Only] Textual description of the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#region",
+          "description": "[Output Only] Type of the resource. Always compute#region for regions.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "type": "string"
+        },
+        "quotas": {
+          "description": "[Output Only] Quotas assigned to this region.",
+          "items": {
+            "$ref": "Quota"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] Status of the region, either UP or DOWN.",
+          "enum": [
+            "DOWN",
+            "UP"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "zones": {
+          "description": "[Output Only] A list of zones available in this region, in the form of resource URLs.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RegionAutoscalerList": {
+      "description": "Contains a list of autoscalers.",
+      "id": "RegionAutoscalerList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Autoscaler resources.",
+          "items": {
+            "$ref": "Autoscaler"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#regionAutoscalerList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "RegionDiskTypeList": {
+      "id": "RegionDiskTypeList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of DiskType resources.",
+          "items": {
+            "$ref": "DiskType"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#regionDiskTypeList",
+          "description": "[Output Only] Type of resource. Always compute#regionDiskTypeList for region disk types.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "RegionDisksResizeRequest": {
+      "id": "RegionDisksResizeRequest",
+      "properties": {
+        "sizeGb": {
+          "description": "The new size of the regional persistent disk, which is specified in GB.",
+          "format": "int64",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupList": {
+      "description": "Contains a list of InstanceGroup resources.",
+      "id": "RegionInstanceGroupList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceGroup resources.",
+          "items": {
+            "$ref": "InstanceGroup"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#regionInstanceGroupList",
+          "description": "The resource type.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagerDeleteInstanceConfigReq": {
+      "description": "RegionInstanceGroupManagers.deletePerInstanceConfigs",
+      "id": "RegionInstanceGroupManagerDeleteInstanceConfigReq",
+      "properties": {
+        "instances": {
+          "description": "The list of instances for which we want to delete per-instance configs on this managed instance group.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagerList": {
+      "description": "Contains a list of managed instance groups.",
+      "id": "RegionInstanceGroupManagerList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceGroupManager resources.",
+          "items": {
+            "$ref": "InstanceGroupManager"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#regionInstanceGroupManagerList",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupManagerList for a list of managed instance groups that exist in th regional scope.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagerUpdateInstanceConfigReq": {
+      "description": "RegionInstanceGroupManagers.updatePerInstanceConfigs",
+      "id": "RegionInstanceGroupManagerUpdateInstanceConfigReq",
+      "properties": {
+        "perInstanceConfigs": {
+          "description": "The list of per-instance configs to insert or patch on this managed instance group.",
+          "items": {
+            "$ref": "PerInstanceConfig"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersAbandonInstancesRequest": {
+      "id": "RegionInstanceGroupManagersAbandonInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The URLs of one or more instances to abandon. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersApplyUpdatesRequest": {
+      "description": "InstanceGroupManagers.applyUpdatesToInstances",
+      "id": "RegionInstanceGroupManagersApplyUpdatesRequest",
+      "properties": {
+        "instances": {
+          "description": "The list of instances for which we want to apply changes on this managed instance group.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "maximalAction": {
+          "description": "The maximal action that should be perfomed on the instances. By default REPLACE.",
+          "enum": [
+            "NONE",
+            "REFRESH",
+            "REPLACE",
+            "RESTART"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "minimalAction": {
+          "description": "The minimal action that should be perfomed on the instances. By default NONE.",
+          "enum": [
+            "NONE",
+            "REFRESH",
+            "REPLACE",
+            "RESTART"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersDeleteInstancesRequest": {
+      "id": "RegionInstanceGroupManagersDeleteInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The URLs of one or more instances to delete. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersListInstanceConfigsResp": {
+      "id": "RegionInstanceGroupManagersListInstanceConfigsResp",
+      "properties": {
+        "items": {
+          "description": "[Output Only] The list of PerInstanceConfig.",
+          "items": {
+            "$ref": "PerInstanceConfig"
+          },
+          "type": "array"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersListInstancesResponse": {
+      "id": "RegionInstanceGroupManagersListInstancesResponse",
+      "properties": {
+        "managedInstances": {
+          "description": "List of managed instances.",
+          "items": {
+            "$ref": "ManagedInstance"
+          },
+          "type": "array"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersRecreateRequest": {
+      "id": "RegionInstanceGroupManagersRecreateRequest",
+      "properties": {
+        "instances": {
+          "description": "The URLs of one or more instances to recreate. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersSetAutoHealingRequest": {
+      "id": "RegionInstanceGroupManagersSetAutoHealingRequest",
+      "properties": {
+        "autoHealingPolicies": {
+          "items": {
+            "$ref": "InstanceGroupManagerAutoHealingPolicy"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersSetTargetPoolsRequest": {
+      "id": "RegionInstanceGroupManagersSetTargetPoolsRequest",
+      "properties": {
+        "fingerprint": {
+          "description": "Fingerprint of the target pools information, which is a hash of the contents. This field is used for optimistic locking when you update the target pool entries. This field is optional.",
+          "format": "byte",
+          "type": "string"
+        },
+        "targetPools": {
+          "description": "The URL of all TargetPool resources to which instances in the instanceGroup field are added. The target pools automatically apply to all of the instances in the managed instance group.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersSetTemplateRequest": {
+      "id": "RegionInstanceGroupManagersSetTemplateRequest",
+      "properties": {
+        "instanceTemplate": {
+          "description": "URL of the InstanceTemplate resource from which all new instances will be created.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupsListInstances": {
+      "id": "RegionInstanceGroupsListInstances",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceWithNamedPorts resources.",
+          "items": {
+            "$ref": "InstanceWithNamedPorts"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#regionInstanceGroupsListInstances",
+          "description": "The resource type.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupsListInstancesRequest": {
+      "id": "RegionInstanceGroupsListInstancesRequest",
+      "properties": {
+        "instanceState": {
+          "description": "Instances in which state should be returned. Valid options are: 'ALL', 'RUNNING'. By default, it lists all instances.",
+          "enum": [
+            "ALL",
+            "RUNNING"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "portName": {
+          "description": "Name of port user is interested in. It is optional. If it is set, only information about this ports will be returned. If it is not set, all the named ports will be returned. Always lists all instances.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupsSetNamedPortsRequest": {
+      "id": "RegionInstanceGroupsSetNamedPortsRequest",
+      "properties": {
+        "fingerprint": {
+          "description": "The fingerprint of the named ports information for this instance group. Use this optional property to prevent conflicts when multiple users change the named ports settings concurrently. Obtain the fingerprint with the instanceGroups.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.",
+          "format": "byte",
+          "type": "string"
+        },
+        "namedPorts": {
+          "description": "The list of named ports to set for this instance group.",
+          "items": {
+            "$ref": "NamedPort"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RegionList": {
+      "description": "Contains a list of region resources.",
+      "id": "RegionList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Region resources.",
+          "items": {
+            "$ref": "Region"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#regionList",
+          "description": "[Output Only] Type of resource. Always compute#regionList for lists of regions.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "RegionSetLabelsRequest": {
+      "id": "RegionSetLabelsRequest",
+      "properties": {
+        "labelFingerprint": {
+          "description": "The fingerprint of the previous set of labels for this resource, used to detect conflicts. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. Make a get() request to the resource to get the latest fingerprint.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "The labels to set for this resource.",
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "ResourceCommitment": {
+      "description": "Commitment for a particular resource (a Commitment is composed of one or more of these).",
+      "id": "ResourceCommitment",
+      "properties": {
+        "amount": {
+          "description": "The amount of the resource purchased (in a type-dependent unit, such as bytes). For vCPUs, this can just be an integer. For memory, this must be provided in MB. Memory must be a multiple of 256 MB, with up to 6.5GB of memory per every vCPU.",
+          "format": "int64",
+          "type": "string"
+        },
+        "type": {
+          "description": "Type of resource for which this commitment applies. Possible values are VCPU and MEMORY",
+          "enum": [
+            "LOCAL_SSD",
+            "MEMORY",
+            "UNSPECIFIED",
+            "VCPU"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ResourceGroupReference": {
+      "id": "ResourceGroupReference",
+      "properties": {
+        "group": {
+          "description": "A URI referencing one of the instance groups listed in the backend service.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Route": {
+      "description": "Represents a Route resource. A route specifies how certain packets should be handled by the network. Routes are associated with instances by tags and the set of routes for a particular instance is called its routing table.\n\nFor each packet leaving an instance, the system searches that instance's routing table for a single best matching route. Routes match packets by destination IP address, preferring smaller or more specific ranges over larger ones. If there is a tie, the system selects the route with the smallest priority value. If there is still a tie, it uses the layer three and four packet headers to select just one of the remaining matching routes. The packet is then forwarded as specified by the nextHop field of the winning route - either to another instance destination, an instance gateway, or a Google Compute Engine-operated gateway.\n\nPackets that do not match any route in the sending instance's routing table are dropped. (== resource_for beta.routes ==) (== resource_for v1.routes ==)",
+      "id": "Route",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "destRange": {
+          "annotations": {
+            "required": [
+              "compute.routes.insert"
+            ]
+          },
+          "description": "The destination range of outgoing packets that this route applies to. Only IPv4 is supported.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#route",
+          "description": "[Output Only] Type of this resource. Always compute#routes for Route resources.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.routes.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "network": {
+          "annotations": {
+            "required": [
+              "compute.routes.insert"
+            ]
+          },
+          "description": "Fully-qualified URL of the network that this route applies to.",
+          "type": "string"
+        },
+        "nextHopGateway": {
+          "description": "The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/\u003cproject-id\u003e/global/gateways/default-internet-gateway",
+          "type": "string"
+        },
+        "nextHopInstance": {
+          "description": "The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:\nhttps://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/",
+          "type": "string"
+        },
+        "nextHopIp": {
+          "description": "The network IP address of an instance that should handle matching packets. Only IPv4 is supported.",
+          "type": "string"
+        },
+        "nextHopNetwork": {
+          "description": "The URL of the local network if it should handle matching packets.",
+          "type": "string"
+        },
+        "nextHopPeering": {
+          "description": "[Output Only] The network peering name that should handle matching packets, which should conform to RFC1035.",
+          "type": "string"
+        },
+        "nextHopVpnTunnel": {
+          "description": "The URL to a VpnTunnel that should handle matching packets.",
+          "type": "string"
+        },
+        "priority": {
+          "annotations": {
+            "required": [
+              "compute.routes.insert"
+            ]
+          },
+          "description": "The priority of this route. Priority is used to break ties in cases where there is more than one matching route of equal prefix length. In the case of two routes with equal prefix length, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.",
+          "format": "uint32",
+          "type": "integer"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined fully-qualified URL for this resource.",
+          "type": "string"
+        },
+        "tags": {
+          "annotations": {
+            "required": [
+              "compute.routes.insert"
+            ]
+          },
+          "description": "A list of instance tags to which this route applies.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "warnings": {
+          "description": "[Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.",
+          "items": {
+            "properties": {
+              "code": {
+                "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+                "enum": [
+                  "CLEANUP_FAILED",
+                  "DEPRECATED_RESOURCE_USED",
+                  "DEPRECATED_TYPE_USED",
+                  "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                  "EXPERIMENTAL_TYPE_USED",
+                  "EXTERNAL_API_WARNING",
+                  "FIELD_VALUE_OVERRIDEN",
+                  "INJECTED_KERNELS_DEPRECATED",
+                  "MISSING_TYPE_DEPENDENCY",
+                  "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                  "NEXT_HOP_CANNOT_IP_FORWARD",
+                  "NEXT_HOP_INSTANCE_NOT_FOUND",
+                  "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                  "NEXT_HOP_NOT_RUNNING",
+                  "NOT_CRITICAL_ERROR",
+                  "NO_RESULTS_ON_PAGE",
+                  "REQUIRED_TOS_AGREEMENT",
+                  "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                  "RESOURCE_NOT_DELETED",
+                  "SCHEMA_VALIDATION_IGNORED",
+                  "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                  "UNDECLARED_PROPERTIES",
+                  "UNREACHABLE"
+                ],
+                "enumDescriptions": [
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  ""
+                ],
+                "type": "string"
+              },
+              "data": {
+                "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+                "items": {
+                  "properties": {
+                    "key": {
+                      "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                      "type": "string"
+                    },
+                    "value": {
+                      "description": "[Output Only] A warning data value corresponding to the key.",
+                      "type": "string"
+                    }
+                  },
+                  "type": "object"
+                },
+                "type": "array"
+              },
+              "message": {
+                "description": "[Output Only] A human-readable description of the warning code.",
+                "type": "string"
+              }
+            },
+            "type": "object"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RouteList": {
+      "description": "Contains a list of Route resources.",
+      "id": "RouteList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Route resources.",
+          "items": {
+            "$ref": "Route"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#routeList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "Router": {
+      "description": "Router resource.",
+      "id": "Router",
+      "properties": {
+        "bgp": {
+          "$ref": "RouterBgp",
+          "description": "BGP information specific to this router."
+        },
+        "bgpPeers": {
+          "description": "BGP information that needs to be configured into the routing stack to establish the BGP peering. It must specify peer ASN and either interface name, IP, or peer IP. Please refer to RFC4273.",
+          "items": {
+            "$ref": "RouterBgpPeer"
+          },
+          "type": "array"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "interfaces": {
+          "description": "Router interfaces. Each interface requires either one linked resource (e.g. linkedVpnTunnel), or IP address and IP address range (e.g. ipRange), or both.",
+          "items": {
+            "$ref": "RouterInterface"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#router",
+          "description": "[Output Only] Type of resource. Always compute#router for routers.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.routers.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "nats": {
+          "description": "List of Nat services created in this router. The maximum number of Nat services within a Router is 3 for Alpha.",
+          "items": {
+            "$ref": "RouterNat"
+          },
+          "type": "array"
+        },
+        "network": {
+          "annotations": {
+            "required": [
+              "compute.routers.insert"
+            ]
+          },
+          "description": "URI of the network to which this router belongs.",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URI of the region where the router resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RouterAdvertisedIpRange": {
+      "description": "Description-tagged IP ranges for the router to advertise.",
+      "id": "RouterAdvertisedIpRange",
+      "properties": {
+        "description": {
+          "description": "User-specified description for the IP range.",
+          "type": "string"
+        },
+        "range": {
+          "description": "The IP range to advertise. The value must be a CIDR-formatted string.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RouterAdvertisedPrefix": {
+      "description": "Description-tagged prefixes for the router to advertise.",
+      "id": "RouterAdvertisedPrefix",
+      "properties": {
+        "description": {
+          "description": "User-specified description for the prefix.",
+          "type": "string"
+        },
+        "prefix": {
+          "description": "The prefix to advertise. The value must be a CIDR-formatted string.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RouterAggregatedList": {
+      "description": "Contains a list of routers.",
+      "id": "RouterAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "RoutersScopedList",
+            "description": "Name of the scope containing this set of routers."
+          },
+          "description": "A list of Router resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#routerAggregatedList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "RouterBgp": {
+      "id": "RouterBgp",
+      "properties": {
+        "advertiseMode": {
+          "description": "User-specified flag to indicate which mode to use for advertisement.",
+          "enum": [
+            "CUSTOM",
+            "DEFAULT"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "advertisedGroups": {
+          "description": "User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.",
+          "items": {
+            "enum": [
+              "ALL_SUBNETS"
+            ],
+            "enumDescriptions": [
+              ""
+            ],
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "advertisedIpRanges": {
+          "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.",
+          "items": {
+            "$ref": "RouterAdvertisedIpRange"
+          },
+          "type": "array"
+        },
+        "advertisedPrefixs": {
+          "description": "User-specified list of individual prefixes to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These prefixes will be advertised in addition to any specified groups. Leave this field blank to advertise no custom prefixes.",
+          "items": {
+            "$ref": "RouterAdvertisedPrefix"
+          },
+          "type": "array"
+        },
+        "asn": {
+          "description": "Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.",
+          "format": "uint32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "RouterBgpPeer": {
+      "id": "RouterBgpPeer",
+      "properties": {
+        "advertiseMode": {
+          "description": "User-specified flag to indicate which mode to use for advertisement.",
+          "enum": [
+            "CUSTOM",
+            "DEFAULT"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "advertisedGroups": {
+          "description": "User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in Bgp message). These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.",
+          "items": {
+            "enum": [
+              "ALL_SUBNETS"
+            ],
+            "enumDescriptions": [
+              ""
+            ],
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "advertisedIpRanges": {
+          "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in Bgp message). These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.",
+          "items": {
+            "$ref": "RouterAdvertisedIpRange"
+          },
+          "type": "array"
+        },
+        "advertisedPrefixs": {
+          "description": "User-specified list of individual prefixes to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in Bgp message). These prefixes will be advertised in addition to any specified groups. Leave this field blank to advertise no custom prefixes.",
+          "items": {
+            "$ref": "RouterAdvertisedPrefix"
+          },
+          "type": "array"
+        },
+        "advertisedRoutePriority": {
+          "description": "The priority of routes advertised to this BGP peer. In the case where there is more than one matching route of maximum length, the routes with lowest priority value win.",
+          "format": "uint32",
+          "type": "integer"
+        },
+        "interfaceName": {
+          "description": "Name of the interface the BGP peer is associated with.",
+          "type": "string"
+        },
+        "ipAddress": {
+          "description": "IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of this BGP peer. The name must be 1-63 characters long and comply with RFC1035.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "peerAsn": {
+          "description": "Peer BGP Autonomous System Number (ASN). For VPN use case, this value can be different for every tunnel.",
+          "format": "uint32",
+          "type": "integer"
+        },
+        "peerIpAddress": {
+          "description": "IP address of the BGP interface outside Google cloud. Only IPv4 is supported.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RouterInterface": {
+      "id": "RouterInterface",
+      "properties": {
+        "ipRange": {
+          "description": "IP address and range of the interface. The IP range must be in the RFC3927 link-local IP space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.",
+          "type": "string"
+        },
+        "linkedInterconnectAttachment": {
+          "description": "URI of the linked interconnect attachment. It must be in the same region as the router. Each interface can have at most one linked resource and it could either be a VPN Tunnel or an interconnect attachment.",
+          "type": "string"
+        },
+        "linkedVpnTunnel": {
+          "description": "URI of the linked VPN tunnel. It must be in the same region as the router. Each interface can have at most one linked resource and it could either be a VPN Tunnel or an interconnect attachment.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of this interface entry. The name must be 1-63 characters long and comply with RFC1035.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RouterList": {
+      "description": "Contains a list of Router resources.",
+      "id": "RouterList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Router resources.",
+          "items": {
+            "$ref": "Router"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#routerList",
+          "description": "[Output Only] Type of resource. Always compute#router for routers.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "RouterNat": {
+      "description": "Represents a Nat resource. It enables the VMs within the specified subnetworks to access Internet without external IP addresses. It specifies a list of subnetworks (and the ranges within) that want to use NAT. Customers can also provide the external IPs that would be used for NAT. GCP would auto-allocate ephemeral IPs if no external IPs are provided.",
+      "id": "RouterNat",
+      "properties": {
+        "autoAllocatedNatIps": {
+          "description": "[Output Only] List of IPs allocated automatically by GCP for this Nat service. They will be raw IP strings like \"179.12.26.133\". They are ephemeral IPs allocated from the IP blocks managed by the NAT manager. This list can grow and shrink based on the number of VMs configured to use NAT.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "name": {
+          "description": "Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "natIpAllocateOption": {
+          "description": "Specify the NatIpAllocateOption. If it is AUTO_ONLY, then nat_ip should be empty.",
+          "enum": [
+            "AUTO_ONLY",
+            "MANUAL_ONLY"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "natIps": {
+          "description": "List of URLs of the IP resources used for this Nat service. These IPs must be valid static external IP addresses assigned to the project. max_length is subject to change post alpha.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "sourceSubnetworkIpRangesToNat": {
+          "description": "Specify the Nat option. If this field contains ALL_SUBNETWORKS_ALL_IP_RANGES or ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES, then there should not be any other Router.Nat section in any Router for this network in this region.",
+          "enum": [
+            "ALL_SUBNETWORKS_ALL_IP_RANGES",
+            "ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES",
+            "LIST_OF_SUBNETWORKS"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "subnetworks": {
+          "description": "List of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.",
+          "items": {
+            "$ref": "RouterNatSubnetworkToNat"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RouterNatSubnetworkToNat": {
+      "description": "Defines the IP ranges that want to use NAT for a subnetwork.",
+      "id": "RouterNatSubnetworkToNat",
+      "properties": {
+        "name": {
+          "description": "URL for the subnetwork resource to use NAT.",
+          "type": "string"
+        },
+        "secondaryIpRangeNames": {
+          "description": "List of the secondary ranges of the Subnetwork that are allowed to use NAT. This can be populated only if \"LIST_OF_SECONDARY_IP_RANGES\" is one of the values in source_ip_ranges_to_nat.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "sourceIpRangesToNats": {
+          "description": "Specify the options for NAT ranges in the Subnetwork. All usages of single value are valid except NAT_IP_RANGE_OPTION_UNSPECIFIED. The only valid option with multiple values is: [\"PRIMARY_IP_RANGE\", \"LIST_OF_SECONDARY_IP_RANGES\"] Default: [ALL_IP_RANGES]",
+          "items": {
+            "enum": [
+              "ALL_IP_RANGES",
+              "LIST_OF_SECONDARY_IP_RANGES",
+              "PRIMARY_IP_RANGE"
+            ],
+            "enumDescriptions": [
+              "",
+              "",
+              ""
+            ],
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RouterStatus": {
+      "id": "RouterStatus",
+      "properties": {
+        "bestRoutes": {
+          "description": "Best routes for this router's network.",
+          "items": {
+            "$ref": "Route"
+          },
+          "type": "array"
+        },
+        "bestRoutesForRouter": {
+          "description": "Best routes learned by this router.",
+          "items": {
+            "$ref": "Route"
+          },
+          "type": "array"
+        },
+        "bgpPeerStatus": {
+          "items": {
+            "$ref": "RouterStatusBgpPeerStatus"
+          },
+          "type": "array"
+        },
+        "natStatus": {
+          "items": {
+            "$ref": "RouterStatusNatStatus"
+          },
+          "type": "array"
+        },
+        "network": {
+          "description": "URI of the network to which this router belongs.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RouterStatusBgpPeerStatus": {
+      "id": "RouterStatusBgpPeerStatus",
+      "properties": {
+        "advertisedRoutes": {
+          "description": "Routes that were advertised to the remote BGP peer",
+          "items": {
+            "$ref": "Route"
+          },
+          "type": "array"
+        },
+        "ipAddress": {
+          "description": "IP address of the local BGP interface.",
+          "type": "string"
+        },
+        "linkedVpnTunnel": {
+          "description": "URL of the VPN tunnel that this BGP peer controls.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of this BGP peer. Unique within the Routers resource.",
+          "type": "string"
+        },
+        "numLearnedRoutes": {
+          "description": "Number of routes learned from the remote BGP Peer.",
+          "format": "uint32",
+          "type": "integer"
+        },
+        "peerIpAddress": {
+          "description": "IP address of the remote BGP interface.",
+          "type": "string"
+        },
+        "state": {
+          "description": "BGP state as specified in RFC1771.",
+          "type": "string"
+        },
+        "status": {
+          "description": "Status of the BGP peer: {UP, DOWN}",
+          "enum": [
+            "DOWN",
+            "UNKNOWN",
+            "UP"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "uptime": {
+          "description": "Time this session has been up. Format: 14 years, 51 weeks, 6 days, 23 hours, 59 minutes, 59 seconds",
+          "type": "string"
+        },
+        "uptimeSeconds": {
+          "description": "Time this session has been up, in seconds. Format: 145",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RouterStatusNatStatus": {
+      "description": "Status of a NAT contained in this router.",
+      "id": "RouterStatusNatStatus",
+      "properties": {
+        "autoAllocatedNatIps": {
+          "description": "List of IPs auto-allocated for NAT. Example: [\"1.1.1.1\", \"129.2.16.89\"]",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "minExtraNatIpsNeeded": {
+          "description": "The number of extra IPs to allocate. This will be greater than 0 only if user-specified IPs are NOT enough to allow all configured VMs to use NAT. This value is meaningful only when auto-allocation of NAT IPs is *not* used.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "name": {
+          "description": "Unique name of this NAT.",
+          "type": "string"
+        },
+        "numVmEndpointsWithNatMappings": {
+          "description": "Number of VM endpoints (i.e., Nics) that can use NAT.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "userAllocatedNatIpResources": {
+          "description": "List of fully qualified URLs of reserved IP address resources.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "userAllocatedNatIps": {
+          "description": "List of IPs user-allocated for NAT. They will be raw IP strings like \"179.12.26.133\".",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RouterStatusResponse": {
+      "id": "RouterStatusResponse",
+      "properties": {
+        "kind": {
+          "default": "compute#routerStatusResponse",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "result": {
+          "$ref": "RouterStatus"
+        }
+      },
+      "type": "object"
+    },
+    "RoutersPreviewResponse": {
+      "id": "RoutersPreviewResponse",
+      "properties": {
+        "resource": {
+          "$ref": "Router",
+          "description": "Preview of given router."
+        }
+      },
+      "type": "object"
+    },
+    "RoutersScopedList": {
+      "id": "RoutersScopedList",
+      "properties": {
+        "routers": {
+          "description": "List of routers contained in this scope.",
+          "items": {
+            "$ref": "Router"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of routers when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "Rule": {
+      "description": "A rule to be applied in a Policy.",
+      "id": "Rule",
+      "properties": {
+        "action": {
+          "description": "Required",
+          "enum": [
+            "ALLOW",
+            "ALLOW_WITH_LOG",
+            "DENY",
+            "DENY_WITH_LOG",
+            "LOG",
+            "NO_ACTION"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "conditions": {
+          "description": "Additional restrictions that must be met. All conditions must pass for the rule to match.",
+          "items": {
+            "$ref": "Condition"
+          },
+          "type": "array"
+        },
+        "description": {
+          "description": "Human-readable description of the rule.",
+          "type": "string"
+        },
+        "ins": {
+          "description": "If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "logConfigs": {
+          "description": "The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.",
+          "items": {
+            "$ref": "LogConfig"
+          },
+          "type": "array"
+        },
+        "notIns": {
+          "description": "If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "permissions": {
+          "description": "A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "SSLHealthCheck": {
+      "id": "SSLHealthCheck",
+      "properties": {
+        "port": {
+          "description": "The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "portName": {
+          "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.",
+          "type": "string"
+        },
+        "portSpecification": {
+          "description": "Specifies how port is selected for health checking, can be one of following values:\nUSE_FIXED_PORT: The port number in\nport\nis used for health checking.\nUSE_NAMED_PORT: The\nportName\nis used for health checking.\nUSE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.\n\n\nIf not specified, SSL health check follows behavior specified in\nport\nand\nportName\nfields.",
+          "enum": [
+            "USE_FIXED_PORT",
+            "USE_NAMED_PORT",
+            "USE_SERVING_PORT"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "proxyHeader": {
+          "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "request": {
+          "description": "The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.",
+          "type": "string"
+        },
+        "response": {
+          "description": "The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Scheduling": {
+      "description": "Sets the scheduling options for an Instance.",
+      "id": "Scheduling",
+      "properties": {
+        "automaticRestart": {
+          "description": "Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.\n\nBy default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.",
+          "type": "boolean"
+        },
+        "nodeAffinities": {
+          "description": "A set of node affinity and anti-affinity.",
+          "items": {
+            "$ref": "SchedulingNodeAffinity"
+          },
+          "type": "array"
+        },
+        "onHostMaintenance": {
+          "description": "Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Setting Instance Scheduling Options.",
+          "enum": [
+            "MIGRATE",
+            "TERMINATE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "preemptible": {
+          "description": "Defines whether the instance is preemptible. This can only be set during instance creation, it cannot be set or changed after the instance has been created.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "SchedulingNodeAffinity": {
+      "description": "Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled.",
+      "id": "SchedulingNodeAffinity",
+      "properties": {
+        "key": {
+          "description": "Corresponds to the label key of Node resource.",
+          "type": "string"
+        },
+        "operator": {
+          "description": "Defines the operation of node selection.",
+          "enum": [
+            "IN",
+            "NOT_IN",
+            "OPERATOR_UNSPECIFIED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "values": {
+          "description": "Corresponds to the label values of Node resource.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "SecurityPolicy": {
+      "description": "A security policy is comprised of one or more rules. It can also be associated with one or more 'targets'.",
+      "id": "SecurityPolicy",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "fingerprint": {
+          "description": "Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.\n\nTo see the latest fingerprint, make get() request to the security policy.",
+          "format": "byte",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#securityPolicy",
+          "description": "[Output only] Type of the resource. Always compute#securityPolicyfor security policies",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "rules": {
+          "description": "List of rules that belong to this policy. There must always be a default rule (rule with priority 2147483647 and match \"*\"). If no rules are provided when creating a security policy, a default rule with action \"allow\" will be added.",
+          "items": {
+            "$ref": "SecurityPolicyRule"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "SecurityPolicyList": {
+      "id": "SecurityPolicyList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of SecurityPolicy resources.",
+          "items": {
+            "$ref": "SecurityPolicy"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#securityPolicyList",
+          "description": "[Output Only] Type of resource. Always compute#securityPolicyList for listsof securityPolicies",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "SecurityPolicyReference": {
+      "id": "SecurityPolicyReference",
+      "properties": {
+        "securityPolicy": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "SecurityPolicyRule": {
+      "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).",
+      "id": "SecurityPolicyRule",
+      "properties": {
+        "action": {
+          "description": "The Action to preform when the client connection triggers the rule. Can currently be either \"allow\" or \"deny()\" where valid values for status are 403, 404, and 502.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#securityPolicyRule",
+          "description": "[Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules",
+          "type": "string"
+        },
+        "match": {
+          "$ref": "SecurityPolicyRuleMatcher",
+          "description": "A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding ?action? is enforced."
+        },
+        "preview": {
+          "description": "If set to true, the specified action is not enforced.",
+          "type": "boolean"
+        },
+        "priority": {
+          "description": "An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated in the increasing order of priority.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "SecurityPolicyRuleMatcher": {
+      "description": "Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.",
+      "id": "SecurityPolicyRuleMatcher",
+      "properties": {
+        "config": {
+          "$ref": "SecurityPolicyRuleMatcherConfig",
+          "description": "The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified."
+        },
+        "expr": {
+          "$ref": "Expr",
+          "description": "User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header."
+        },
+        "srcIpRanges": {
+          "description": "CIDR IP address range.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "versionedExpr": {
+          "description": "Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.",
+          "enum": [
+            "SRC_IPS_V1",
+            "VERSIONED_EXPR_UNSPECIFIED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "SecurityPolicyRuleMatcherConfig": {
+      "id": "SecurityPolicyRuleMatcherConfig",
+      "properties": {
+        "srcIpRanges": {
+          "description": "CIDR IP address range.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "SerialPortOutput": {
+      "description": "An instance's serial console output.",
+      "id": "SerialPortOutput",
+      "properties": {
+        "contents": {
+          "description": "[Output Only] The contents of the console output.",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#serialPortOutput",
+          "description": "[Output Only] Type of the resource. Always compute#serialPortOutput for serial port output.",
+          "type": "string"
+        },
+        "next": {
+          "description": "[Output Only] The position of the next byte of content from the serial console output. Use this value in the next request as the start parameter.",
+          "format": "int64",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "start": {
+          "description": "The starting byte position of the output that was returned. This should match the start parameter sent with the request. If the serial console output exceeds the size of the buffer, older output will be overwritten by newer content and the start values will be mismatched.",
+          "format": "int64",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ServiceAccount": {
+      "description": "A service account.",
+      "id": "ServiceAccount",
+      "properties": {
+        "email": {
+          "description": "Email address of the service account.",
+          "type": "string"
+        },
+        "scopes": {
+          "description": "The list of scopes to be made available for this service account.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "ShieldedVmConfig": {
+      "description": "A set of Shielded VM options.",
+      "id": "ShieldedVmConfig",
+      "properties": {
+        "enableIntegrityMonitoring": {
+          "description": "Defines whether the instance should have integrity monitoring enabled.",
+          "type": "boolean"
+        },
+        "enableSecureBoot": {
+          "description": "Defines whether the instance should have secure boot enabled.",
+          "type": "boolean"
+        },
+        "enableVtpm": {
+          "description": "Defines whether the instance should have the TPM enabled.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "SignedUrlKey": {
+      "description": "Represents a customer-supplied Signing Key used by Cloud CDN Signed URLs",
+      "id": "SignedUrlKey",
+      "properties": {
+        "keyName": {
+          "description": "Name of the key. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "keyValue": {
+          "description": "128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Snapshot": {
+      "description": "A persistent disk snapshot resource. (== resource_for beta.snapshots ==) (== resource_for v1.snapshots ==)",
+      "id": "Snapshot",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "diskSizeGb": {
+          "description": "[Output Only] Size of the snapshot, specified in GB.",
+          "format": "int64",
+          "type": "string"
+        },
+        "guestOsFeatures": {
+          "description": "[Output Only] A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.",
+          "items": {
+            "$ref": "GuestOsFeature"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#snapshot",
+          "description": "[Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a snapshot.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.",
+          "type": "object"
+        },
+        "licenseCodes": {
+          "description": "Integer license codes indicating which licenses are attached to this snapshot.",
+          "items": {
+            "format": "int64",
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "licenses": {
+          "description": "[Output Only] A list of public visible licenses that apply to this snapshot. This can be because the original image had licenses attached (such as a Windows image).",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "name": {
+          "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "snapshotEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "Encrypts the snapshot using a customer-supplied encryption key.\n\nAfter you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the image later For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.\n\nCustomer-supplied encryption keys do not protect access to metadata of the disk.\n\nIf you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later."
+        },
+        "sourceDisk": {
+          "description": "[Output Only] The source disk used to create this snapshot.",
+          "type": "string"
+        },
+        "sourceDiskEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key."
+        },
+        "sourceDiskId": {
+          "description": "[Output Only] The ID value of the disk used to create this snapshot. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given disk name.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the snapshot. This can be CREATING, DELETING, FAILED, READY, or UPLOADING.",
+          "enum": [
+            "CREATING",
+            "DELETING",
+            "FAILED",
+            "READY",
+            "UPLOADING"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "storageBytes": {
+          "description": "[Output Only] A size of the storage used by the snapshot. As snapshots share storage, this number is expected to change with snapshot creation/deletion.",
+          "format": "int64",
+          "type": "string"
+        },
+        "storageBytesStatus": {
+          "description": "[Output Only] An indicator whether storageBytes is in a stable state or it is being adjusted as a result of shared storage reallocation. This status can either be UPDATING, meaning the size of the snapshot is being updated, or UP_TO_DATE, meaning the size of the snapshot is up-to-date.",
+          "enum": [
+            "UPDATING",
+            "UP_TO_DATE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "storageLocations": {
+          "description": "GCS bucket storage location of the snapshot (regional or multi-regional).",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "SnapshotList": {
+      "description": "Contains a list of Snapshot resources.",
+      "id": "SnapshotList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Snapshot resources.",
+          "items": {
+            "$ref": "Snapshot"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#snapshotList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "SourceInstanceParams": {
+      "description": "A specification of the parameters to use when creating the instance template from a source instance.",
+      "id": "SourceInstanceParams",
+      "properties": {
+        "diskConfigs": {
+          "description": "Attached disks configuration. If not provided, defaults are applied: For boot disk and any other R/W disks, new custom images will be created from each disk. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes.",
+          "items": {
+            "$ref": "DiskInstantiationConfig"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "SslCertificate": {
+      "description": "An SslCertificate resource. This resource provides a mechanism to upload an SSL key and certificate to the load balancer to serve secure connections from the user. (== resource_for beta.sslCertificates ==) (== resource_for v1.sslCertificates ==)",
+      "id": "SslCertificate",
+      "properties": {
+        "certificate": {
+          "description": "A local certificate file. The certificate must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "expireTime": {
+          "description": "[Output Only] Expire time of the certificate. RFC3339",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#sslCertificate",
+          "description": "[Output Only] Type of the resource. Always compute#sslCertificate for SSL certificates.",
+          "type": "string"
+        },
+        "managed": {
+          "$ref": "SslCertificateManagedSslCertificate",
+          "description": "Configuration and status of a managed SSL certificate."
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "privateKey": {
+          "description": "A write-only private key in PEM format. Only insert requests will include this field.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "selfManaged": {
+          "$ref": "SslCertificateSelfManagedSslCertificate",
+          "description": "Configuration and status of a self-managed SSL certificate."
+        },
+        "subjectAlternativeNames": {
+          "description": "[Output Only] Domains associated with the certificate via Subject Alternative Name.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "type": {
+          "description": "(Optional) Specifies the type of SSL certificate, either \"SELF_MANAGED\" or \"MANAGED\". If not specified, the certificate is self-managed and the fields certificate and private_key are used.",
+          "enum": [
+            "MANAGED",
+            "SELF_MANAGED",
+            "TYPE_UNSPECIFIED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "SslCertificateList": {
+      "description": "Contains a list of SslCertificate resources.",
+      "id": "SslCertificateList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of SslCertificate resources.",
+          "items": {
+            "$ref": "SslCertificate"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#sslCertificateList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "SslCertificateManagedSslCertificate": {
+      "description": "Configuration and status of a managed SSL certificate.",
+      "id": "SslCertificateManagedSslCertificate",
+      "properties": {
+        "domainStatus": {
+          "additionalProperties": {
+            "enum": [
+              "ACTIVE",
+              "DOMAIN_STATUS_UNSPECIFIED",
+              "FAILED_CAA_FORBIDDEN",
+              "FAILED_NOT_VISIBLE",
+              "FAILED_RATE_LIMITED",
+              "PROVISIONING"
+            ],
+            "enumDescriptions": [
+              "",
+              "",
+              "",
+              "",
+              "",
+              ""
+            ],
+            "type": "string"
+          },
+          "description": "[Output only] Detailed statuses of the domains specified for managed certificate resource.",
+          "type": "object"
+        },
+        "domains": {
+          "description": "The domains for which a managed SSL certificate will be generated. Currently only single-domain certs are supported.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "status": {
+          "description": "[Output only] Status of the managed certificate resource.",
+          "enum": [
+            "ACTIVE",
+            "MANAGED_CERTIFICATE_STATUS_UNSPECIFIED",
+            "PROVISIONING",
+            "PROVISIONING_FAILED",
+            "PROVISIONING_FAILED_PERMANENTLY",
+            "RENEWAL_FAILED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "SslCertificateSelfManagedSslCertificate": {
+      "description": "Configuration and status of a self-managed SSL certificate..",
+      "id": "SslCertificateSelfManagedSslCertificate",
+      "properties": {
+        "certificate": {
+          "description": "A local certificate file. The certificate must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.",
+          "type": "string"
+        },
+        "privateKey": {
+          "description": "A write-only private key in PEM format. Only insert requests will include this field.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "SslPoliciesList": {
+      "id": "SslPoliciesList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of SslPolicy resources.",
+          "items": {
+            "$ref": "SslPolicy"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#sslPoliciesList",
+          "description": "[Output Only] Type of the resource. Always compute#sslPoliciesList for lists of sslPolicies.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "SslPoliciesListAvailableFeaturesResponse": {
+      "id": "SslPoliciesListAvailableFeaturesResponse",
+      "properties": {
+        "features": {
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "SslPolicy": {
+      "description": "A SSL policy specifies the server-side support for SSL features. This can be attached to a TargetHttpsProxy or a TargetSslProxy. This affects connections between clients and the HTTPS or SSL proxy load balancer. They do not affect the connection between the load balancers and the backends.",
+      "id": "SslPolicy",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "customFeatures": {
+          "description": "List of features enabled when the selected profile is CUSTOM. The\n- method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "enabledFeatures": {
+          "description": "[Output Only] The list of features enabled in the SSL policy.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "fingerprint": {
+          "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy.",
+          "format": "byte",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#sslPolicy",
+          "description": "[Output only] Type of the resource. Always compute#sslPolicyfor SSL policies.",
+          "type": "string"
+        },
+        "minTlsVersion": {
+          "description": "The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2, TLS_1_3.",
+          "enum": [
+            "TLS_1_0",
+            "TLS_1_1",
+            "TLS_1_2",
+            "TLS_1_3"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "profile": {
+          "description": "Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field.",
+          "enum": [
+            "COMPATIBLE",
+            "CUSTOM",
+            "MODERN",
+            "RESTRICTED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "warnings": {
+          "description": "[Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.",
+          "items": {
+            "properties": {
+              "code": {
+                "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+                "enum": [
+                  "CLEANUP_FAILED",
+                  "DEPRECATED_RESOURCE_USED",
+                  "DEPRECATED_TYPE_USED",
+                  "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                  "EXPERIMENTAL_TYPE_USED",
+                  "EXTERNAL_API_WARNING",
+                  "FIELD_VALUE_OVERRIDEN",
+                  "INJECTED_KERNELS_DEPRECATED",
+                  "MISSING_TYPE_DEPENDENCY",
+                  "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                  "NEXT_HOP_CANNOT_IP_FORWARD",
+                  "NEXT_HOP_INSTANCE_NOT_FOUND",
+                  "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                  "NEXT_HOP_NOT_RUNNING",
+                  "NOT_CRITICAL_ERROR",
+                  "NO_RESULTS_ON_PAGE",
+                  "REQUIRED_TOS_AGREEMENT",
+                  "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                  "RESOURCE_NOT_DELETED",
+                  "SCHEMA_VALIDATION_IGNORED",
+                  "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                  "UNDECLARED_PROPERTIES",
+                  "UNREACHABLE"
+                ],
+                "enumDescriptions": [
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  ""
+                ],
+                "type": "string"
+              },
+              "data": {
+                "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+                "items": {
+                  "properties": {
+                    "key": {
+                      "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                      "type": "string"
+                    },
+                    "value": {
+                      "description": "[Output Only] A warning data value corresponding to the key.",
+                      "type": "string"
+                    }
+                  },
+                  "type": "object"
+                },
+                "type": "array"
+              },
+              "message": {
+                "description": "[Output Only] A human-readable description of the warning code.",
+                "type": "string"
+              }
+            },
+            "type": "object"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "SslPolicyReference": {
+      "id": "SslPolicyReference",
+      "properties": {
+        "sslPolicy": {
+          "description": "URL of the SSL policy resource. Set this to empty string to clear any existing SSL policy associated with the target proxy resource.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "StatefulPolicy": {
+      "id": "StatefulPolicy",
+      "properties": {
+        "preservedResources": {
+          "$ref": "StatefulPolicyPreservedResources"
+        }
+      },
+      "type": "object"
+    },
+    "StatefulPolicyPreservedDisk": {
+      "id": "StatefulPolicyPreservedDisk",
+      "properties": {
+        "deviceName": {
+          "description": "Device name of the disk to be preserved",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "StatefulPolicyPreservedResources": {
+      "description": "Configuration of all preserved resources.",
+      "id": "StatefulPolicyPreservedResources",
+      "properties": {
+        "disks": {
+          "description": "Disks created on the instances that will be preserved on instance delete, resize down, etc.",
+          "items": {
+            "$ref": "StatefulPolicyPreservedDisk"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "Subnetwork": {
+      "description": "A Subnetwork resource. (== resource_for beta.subnetworks ==) (== resource_for v1.subnetworks ==)",
+      "id": "Subnetwork",
+      "properties": {
+        "allowSubnetCidrRoutesOverlap": {
+          "description": "Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length.\n\nAlso, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature.\n\nThe default value is false and applies to all existing subnetworks and automatically created subnetworks.\n\nThis field cannot be set to true at resource creation time.",
+          "type": "boolean"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.",
+          "type": "string"
+        },
+        "enableFlowLogs": {
+          "description": "Whether to enable flow logging for this subnetwork.",
+          "type": "boolean"
+        },
+        "enablePrivateV6Access": {
+          "description": "Whether the VMs in this subnet can directly access Google services via internal IPv6 addresses. This field can be both set at resource creation time and updated using patch.",
+          "type": "boolean"
+        },
+        "fingerprint": {
+          "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork.",
+          "format": "byte",
+          "type": "string"
+        },
+        "gatewayAddress": {
+          "description": "[Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "ipCidrRange": {
+          "description": "The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or 192.168.0.0/16. Ranges must be unique and non-overlapping within a network. Only IPv4 is supported. This field can be set only at resource creation time.",
+          "type": "string"
+        },
+        "ipv6CidrRange": {
+          "description": "[Output Only] The range of internal IPv6 addresses that are owned by this subnetwork.",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#subnetwork",
+          "description": "[Output Only] Type of the resource. Always compute#subnetwork for Subnetwork resources.",
+          "type": "string"
+        },
+        "name": {
+          "description": "The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "network": {
+          "description": "The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time.",
+          "type": "string"
+        },
+        "privateIpGoogleAccess": {
+          "description": "Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess.",
+          "type": "boolean"
+        },
+        "region": {
+          "description": "URL of the region where the Subnetwork resides. This field can be set only at resource creation time.",
+          "type": "string"
+        },
+        "secondaryIpRanges": {
+          "description": "An array of configurations for secondary IP ranges for VM instances contained in this subnetwork. The primary IP of such VM must belong to the primary ipCidrRange of the subnetwork. The alias IPs may belong to either primary or secondary ranges.",
+          "items": {
+            "$ref": "SubnetworkSecondaryRange"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "SubnetworkAggregatedList": {
+      "id": "SubnetworkAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "SubnetworksScopedList",
+            "description": "Name of the scope containing this set of Subnetworks."
+          },
+          "description": "A list of SubnetworksScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#subnetworkAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#subnetworkAggregatedList for aggregated lists of subnetworks.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "SubnetworkList": {
+      "description": "Contains a list of Subnetwork resources.",
+      "id": "SubnetworkList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Subnetwork resources.",
+          "items": {
+            "$ref": "Subnetwork"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#subnetworkList",
+          "description": "[Output Only] Type of resource. Always compute#subnetworkList for lists of subnetworks.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "SubnetworkSecondaryRange": {
+      "description": "Represents a secondary IP range of a subnetwork.",
+      "id": "SubnetworkSecondaryRange",
+      "properties": {
+        "ipCidrRange": {
+          "description": "The range of IP addresses belonging to this subnetwork secondary range. Provide this property when you create the subnetwork. Ranges must be unique and non-overlapping with all primary and secondary IP ranges within a network. Only IPv4 is supported.",
+          "type": "string"
+        },
+        "rangeName": {
+          "description": "The name associated with this subnetwork secondary range, used when adding an alias IP range to a VM instance. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the subnetwork.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "SubnetworksExpandIpCidrRangeRequest": {
+      "id": "SubnetworksExpandIpCidrRangeRequest",
+      "properties": {
+        "ipCidrRange": {
+          "description": "The IP (in CIDR format or netmask) of internal addresses that are legal on this Subnetwork. This range should be disjoint from other subnetworks within this network. This range can only be larger than (i.e. a superset of) the range previously defined before the update.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "SubnetworksScopedList": {
+      "id": "SubnetworksScopedList",
+      "properties": {
+        "subnetworks": {
+          "description": "List of subnetworks contained in this scope.",
+          "items": {
+            "$ref": "Subnetwork"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "An informational warning that appears when the list of addresses is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "SubnetworksSetPrivateIpGoogleAccessRequest": {
+      "id": "SubnetworksSetPrivateIpGoogleAccessRequest",
+      "properties": {
+        "privateIpGoogleAccess": {
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "TCPHealthCheck": {
+      "id": "TCPHealthCheck",
+      "properties": {
+        "port": {
+          "description": "The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "portName": {
+          "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.",
+          "type": "string"
+        },
+        "portSpecification": {
+          "description": "Specifies how port is selected for health checking, can be one of following values:\nUSE_FIXED_PORT: The port number in\nport\nis used for health checking.\nUSE_NAMED_PORT: The\nportName\nis used for health checking.\nUSE_SERVING_PORT: For NetworkEndpointGroup, the port specified for each network endpoint is used for health checking. For other backends, the port or named port specified in the Backend Service is used for health checking.\n\n\nIf not specified, TCP health check follows behavior specified in\nport\nand\nportName\nfields.",
+          "enum": [
+            "USE_FIXED_PORT",
+            "USE_NAMED_PORT",
+            "USE_SERVING_PORT"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "proxyHeader": {
+          "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "request": {
+          "description": "The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.",
+          "type": "string"
+        },
+        "response": {
+          "description": "The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Tags": {
+      "description": "A set of instance tags.",
+      "id": "Tags",
+      "properties": {
+        "fingerprint": {
+          "description": "Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.\n\nTo see the latest fingerprint, make get() request to the instance.",
+          "format": "byte",
+          "type": "string"
+        },
+        "items": {
+          "description": "An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "TargetHttpProxy": {
+      "description": "A TargetHttpProxy resource. This resource defines an HTTP proxy. (== resource_for beta.targetHttpProxies ==) (== resource_for v1.targetHttpProxies ==)",
+      "id": "TargetHttpProxy",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#targetHttpProxy",
+          "description": "[Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "urlMap": {
+          "description": "URL to the UrlMap resource that defines the mapping from URL to the BackendService.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetHttpProxyList": {
+      "description": "A list of TargetHttpProxy resources.",
+      "id": "TargetHttpProxyList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetHttpProxy resources.",
+          "items": {
+            "$ref": "TargetHttpProxy"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetHttpProxyList",
+          "description": "Type of resource. Always compute#targetHttpProxyList for lists of target HTTP proxies.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetHttpsProxiesSetQuicOverrideRequest": {
+      "id": "TargetHttpsProxiesSetQuicOverrideRequest",
+      "properties": {
+        "quicOverride": {
+          "description": "QUIC policy for the TargetHttpsProxy resource.",
+          "enum": [
+            "DISABLE",
+            "ENABLE",
+            "NONE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetHttpsProxiesSetSslCertificatesRequest": {
+      "id": "TargetHttpsProxiesSetSslCertificatesRequest",
+      "properties": {
+        "sslCertificates": {
+          "description": "New set of SslCertificate resources to associate with this TargetHttpsProxy resource. Currently exactly one SslCertificate resource must be specified.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "TargetHttpsProxy": {
+      "description": "A TargetHttpsProxy resource. This resource defines an HTTPS proxy. (== resource_for beta.targetHttpsProxies ==) (== resource_for v1.targetHttpsProxies ==)",
+      "id": "TargetHttpsProxy",
+      "properties": {
+        "clientSslPolicy": {
+          "description": "URL to ClientSslPolicy resource which controls the set of allowed SSL versions and ciphers.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#targetHttpsProxy",
+          "description": "[Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "quicOverride": {
+          "description": "Specifies the QUIC override policy for this TargetHttpsProxy resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. Specify ENABLE to always enable QUIC, Enables QUIC when set to ENABLE, and disables QUIC when set to DISABLE. If NONE is specified, uses the QUIC policy with no user overrides, which is equivalent to DISABLE. Not specifying this field is equivalent to specifying NONE.",
+          "enum": [
+            "DISABLE",
+            "ENABLE",
+            "NONE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sslCertificates": {
+          "description": "URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, exactly one SSL certificate must be specified.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "sslPolicy": {
+          "description": "URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.",
+          "type": "string"
+        },
+        "urlMap": {
+          "description": "A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:  \n- https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map \n- projects/project/global/urlMaps/url-map \n- global/urlMaps/url-map",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetHttpsProxyList": {
+      "description": "Contains a list of TargetHttpsProxy resources.",
+      "id": "TargetHttpsProxyList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetHttpsProxy resources.",
+          "items": {
+            "$ref": "TargetHttpsProxy"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetHttpsProxyList",
+          "description": "Type of resource. Always compute#targetHttpsProxyList for lists of target HTTPS proxies.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetInstance": {
+      "description": "A TargetInstance resource. This resource defines an endpoint instance that terminates traffic of certain protocols. (== resource_for beta.targetInstances ==) (== resource_for v1.targetInstances ==)",
+      "id": "TargetInstance",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "instance": {
+          "description": "A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs: \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance \n- projects/project/zones/zone/instances/instance \n- zones/zone/instances/instance",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#targetInstance",
+          "description": "[Output Only] The type of the resource. Always compute#targetInstance for target instances.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "natPolicy": {
+          "description": "NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported.",
+          "enum": [
+            "NO_NAT"
+          ],
+          "enumDescriptions": [
+            ""
+          ],
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] URL of the zone where the target instance resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetInstanceAggregatedList": {
+      "id": "TargetInstanceAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "TargetInstancesScopedList",
+            "description": "Name of the scope containing this set of target instances."
+          },
+          "description": "A list of TargetInstance resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#targetInstanceAggregatedList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetInstanceList": {
+      "description": "Contains a list of TargetInstance resources.",
+      "id": "TargetInstanceList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetInstance resources.",
+          "items": {
+            "$ref": "TargetInstance"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetInstanceList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetInstancesScopedList": {
+      "id": "TargetInstancesScopedList",
+      "properties": {
+        "targetInstances": {
+          "description": "List of target instances contained in this scope.",
+          "items": {
+            "$ref": "TargetInstance"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of addresses when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetPool": {
+      "description": "A TargetPool resource. This resource defines a pool of instances, an associated HttpHealthCheck resource, and the fallback target pool. (== resource_for beta.targetPools ==) (== resource_for v1.targetPools ==)",
+      "id": "TargetPool",
+      "properties": {
+        "backupPool": {
+          "description": "This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1].\n\nbackupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool.\n\nIn case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the \"force\" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "failoverRatio": {
+          "description": "This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1].\n\nIf set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool.\n\nIn case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the \"force\" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.",
+          "format": "float",
+          "type": "number"
+        },
+        "healthChecks": {
+          "description": "The URL of the HttpHealthCheck resource. A member instance in this pool is considered healthy if and only if the health checks pass. An empty list means all member instances will be considered healthy at all times. Only HttpHealthChecks are supported. Only one health check may be specified.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "instances": {
+          "description": "A list of resource URLs to the virtual machine instances serving this pool. They must live in zones contained in the same region as this pool.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetPool",
+          "description": "[Output Only] Type of the resource. Always compute#targetPool for target pools.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the target pool resides.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sessionAffinity": {
+          "description": "Sesssion affinity option, must be one of the following values:\nNONE: Connections from the same client IP may go to any instance in the pool.\nCLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy.\nCLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.",
+          "enum": [
+            "CLIENT_IP",
+            "CLIENT_IP_PORT_PROTO",
+            "CLIENT_IP_PROTO",
+            "GENERATED_COOKIE",
+            "NONE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetPoolAggregatedList": {
+      "id": "TargetPoolAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "TargetPoolsScopedList",
+            "description": "Name of the scope containing this set of target pools."
+          },
+          "description": "A list of TargetPool resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#targetPoolAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#targetPoolAggregatedList for aggregated lists of target pools.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetPoolInstanceHealth": {
+      "id": "TargetPoolInstanceHealth",
+      "properties": {
+        "healthStatus": {
+          "items": {
+            "$ref": "HealthStatus"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetPoolInstanceHealth",
+          "description": "[Output Only] Type of resource. Always compute#targetPoolInstanceHealth when checking the health of an instance.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetPoolList": {
+      "description": "Contains a list of TargetPool resources.",
+      "id": "TargetPoolList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetPool resources.",
+          "items": {
+            "$ref": "TargetPool"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetPoolList",
+          "description": "[Output Only] Type of resource. Always compute#targetPoolList for lists of target pools.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetPoolsAddHealthCheckRequest": {
+      "id": "TargetPoolsAddHealthCheckRequest",
+      "properties": {
+        "healthChecks": {
+          "description": "The HttpHealthCheck to add to the target pool.",
+          "items": {
+            "$ref": "HealthCheckReference"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "TargetPoolsAddInstanceRequest": {
+      "id": "TargetPoolsAddInstanceRequest",
+      "properties": {
+        "instances": {
+          "description": "A full or partial URL to an instance to add to this target pool. This can be a full or partial URL. For example, the following are valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/project-id/zones/zone/instances/instance-name \n- projects/project-id/zones/zone/instances/instance-name \n- zones/zone/instances/instance-name",
+          "items": {
+            "$ref": "InstanceReference"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "TargetPoolsRemoveHealthCheckRequest": {
+      "id": "TargetPoolsRemoveHealthCheckRequest",
+      "properties": {
+        "healthChecks": {
+          "description": "Health check URL to be removed. This can be a full or valid partial URL. For example, the following are valid URLs:  \n- https://www.googleapis.com/compute/beta/projects/project/global/httpHealthChecks/health-check \n- projects/project/global/httpHealthChecks/health-check \n- global/httpHealthChecks/health-check",
+          "items": {
+            "$ref": "HealthCheckReference"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "TargetPoolsRemoveInstanceRequest": {
+      "id": "TargetPoolsRemoveInstanceRequest",
+      "properties": {
+        "instances": {
+          "description": "URLs of the instances to be removed from target pool.",
+          "items": {
+            "$ref": "InstanceReference"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "TargetPoolsScopedList": {
+      "id": "TargetPoolsScopedList",
+      "properties": {
+        "targetPools": {
+          "description": "List of target pools contained in this scope.",
+          "items": {
+            "$ref": "TargetPool"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of addresses when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetReference": {
+      "id": "TargetReference",
+      "properties": {
+        "target": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetSslProxiesSetBackendServiceRequest": {
+      "id": "TargetSslProxiesSetBackendServiceRequest",
+      "properties": {
+        "service": {
+          "description": "The URL of the new BackendService resource for the targetSslProxy.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetSslProxiesSetProxyHeaderRequest": {
+      "id": "TargetSslProxiesSetProxyHeaderRequest",
+      "properties": {
+        "proxyHeader": {
+          "description": "The new type of proxy header to append before sending data to the backend. NONE or PROXY_V1 are allowed.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetSslProxiesSetSslCertificatesRequest": {
+      "id": "TargetSslProxiesSetSslCertificatesRequest",
+      "properties": {
+        "sslCertificates": {
+          "description": "New set of URLs to SslCertificate resources to associate with this TargetSslProxy. Currently exactly one ssl certificate must be specified.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "TargetSslProxy": {
+      "description": "A TargetSslProxy resource. This resource defines an SSL proxy. (== resource_for beta.targetSslProxies ==) (== resource_for v1.targetSslProxies ==)",
+      "id": "TargetSslProxy",
+      "properties": {
+        "clientSslPolicy": {
+          "description": "URL to ClientSslPolicy resource which controls the set of allowed SSL versions and ciphers.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#targetSslProxy",
+          "description": "[Output Only] Type of the resource. Always compute#targetSslProxy for target SSL proxies.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "proxyHeader": {
+          "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "service": {
+          "description": "URL to the BackendService resource.",
+          "type": "string"
+        },
+        "sslCertificates": {
+          "description": "URLs to SslCertificate resources that are used to authenticate connections to Backends. Currently exactly one SSL certificate must be specified.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "sslPolicy": {
+          "description": "URL of SslPolicy resource that will be associated with the TargetSslProxy resource. If not set, the TargetSslProxy resource will not have any SSL policy configured.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetSslProxyList": {
+      "description": "Contains a list of TargetSslProxy resources.",
+      "id": "TargetSslProxyList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetSslProxy resources.",
+          "items": {
+            "$ref": "TargetSslProxy"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetSslProxyList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetTcpProxiesSetBackendServiceRequest": {
+      "id": "TargetTcpProxiesSetBackendServiceRequest",
+      "properties": {
+        "service": {
+          "description": "The URL of the new BackendService resource for the targetTcpProxy.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetTcpProxiesSetProxyHeaderRequest": {
+      "id": "TargetTcpProxiesSetProxyHeaderRequest",
+      "properties": {
+        "proxyHeader": {
+          "description": "The new type of proxy header to append before sending data to the backend. NONE or PROXY_V1 are allowed.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetTcpProxy": {
+      "description": "A TargetTcpProxy resource. This resource defines a TCP proxy. (== resource_for beta.targetTcpProxies ==) (== resource_for v1.targetTcpProxies ==)",
+      "id": "TargetTcpProxy",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#targetTcpProxy",
+          "description": "[Output Only] Type of the resource. Always compute#targetTcpProxy for target TCP proxies.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "proxyHeader": {
+          "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "service": {
+          "description": "URL to the BackendService resource.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetTcpProxyList": {
+      "description": "Contains a list of TargetTcpProxy resources.",
+      "id": "TargetTcpProxyList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetTcpProxy resources.",
+          "items": {
+            "$ref": "TargetTcpProxy"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetTcpProxyList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetVpnGateway": {
+      "description": "Represents a Target VPN gateway resource. (== resource_for beta.targetVpnGateways ==) (== resource_for v1.targetVpnGateways ==)",
+      "id": "TargetVpnGateway",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "forwardingRules": {
+          "description": "[Output Only] A list of URLs to the ForwardingRule resources. ForwardingRules are created using compute.forwardingRules.insert and associated to a VPN gateway.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#targetVpnGateway",
+          "description": "[Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an TargetVpnGateway.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this TargetVpnGateway resource. These can be later modified by the setLabels method. Each label key/value must comply with RFC1035. Label values may be empty.",
+          "type": "object"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.targetVpnGateways.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "network": {
+          "annotations": {
+            "required": [
+              "compute.targetVpnGateways.insert"
+            ]
+          },
+          "description": "URL of the network to which this VPN gateway is attached. Provided by the client when the VPN gateway is created.",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the target VPN gateway resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the VPN gateway.",
+          "enum": [
+            "CREATING",
+            "DELETING",
+            "FAILED",
+            "READY"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "tunnels": {
+          "description": "[Output Only] A list of URLs to VpnTunnel resources. VpnTunnels are created using compute.vpntunnels.insert method and associated to a VPN gateway.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "TargetVpnGatewayAggregatedList": {
+      "id": "TargetVpnGatewayAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "TargetVpnGatewaysScopedList",
+            "description": "[Output Only] Name of the scope containing this set of target VPN gateways."
+          },
+          "description": "A list of TargetVpnGateway resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#targetVpnGatewayAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetVpnGatewayList": {
+      "description": "Contains a list of TargetVpnGateway resources.",
+      "id": "TargetVpnGatewayList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetVpnGateway resources.",
+          "items": {
+            "$ref": "TargetVpnGateway"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetVpnGatewayList",
+          "description": "[Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetVpnGatewaysScopedList": {
+      "id": "TargetVpnGatewaysScopedList",
+      "properties": {
+        "targetVpnGateways": {
+          "description": "[Output Only] List of target vpn gateways contained in this scope.",
+          "items": {
+            "$ref": "TargetVpnGateway"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of addresses when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TestFailure": {
+      "id": "TestFailure",
+      "properties": {
+        "actualService": {
+          "type": "string"
+        },
+        "expectedService": {
+          "type": "string"
+        },
+        "host": {
+          "type": "string"
+        },
+        "path": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TestPermissionsRequest": {
+      "id": "TestPermissionsRequest",
+      "properties": {
+        "permissions": {
+          "description": "The set of permissions to check for the 'resource'. Permissions with wildcards (such as '*' or 'storage.*') are not allowed.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "TestPermissionsResponse": {
+      "id": "TestPermissionsResponse",
+      "properties": {
+        "permissions": {
+          "description": "A subset of `TestPermissionsRequest.permissions` that the caller is allowed.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "UDPHealthCheck": {
+      "id": "UDPHealthCheck",
+      "properties": {
+        "port": {
+          "description": "The UDP port number for the health check request. Valid values are 1 through 65535.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "portName": {
+          "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.",
+          "type": "string"
+        },
+        "request": {
+          "description": "Raw data of request to send in payload of UDP packet. It is an error if this is empty. The request data can only be ASCII.",
+          "type": "string"
+        },
+        "response": {
+          "description": "The bytes to match against the beginning of the response data. It is an error if this is empty. The response data can only be ASCII.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "UrlMap": {
+      "description": "A UrlMap resource. This resource defines the mapping from URL to the BackendService resource, based on the \"longest-match\" of the URL's host and path.",
+      "id": "UrlMap",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "defaultService": {
+          "description": "The URL of the BackendService resource if none of the hostRules match.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "fingerprint": {
+          "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap.",
+          "format": "byte",
+          "type": "string"
+        },
+        "hostRules": {
+          "description": "The list of HostRules to use against the URL.",
+          "items": {
+            "$ref": "HostRule"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#urlMap",
+          "description": "[Output Only] Type of the resource. Always compute#urlMaps for url maps.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "pathMatchers": {
+          "description": "The list of named PathMatchers to use against the URL.",
+          "items": {
+            "$ref": "PathMatcher"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "tests": {
+          "description": "The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.",
+          "items": {
+            "$ref": "UrlMapTest"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "UrlMapList": {
+      "description": "Contains a list of UrlMap resources.",
+      "id": "UrlMapList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of UrlMap resources.",
+          "items": {
+            "$ref": "UrlMap"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#urlMapList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "UrlMapReference": {
+      "id": "UrlMapReference",
+      "properties": {
+        "urlMap": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "UrlMapTest": {
+      "description": "Message for the expected URL mappings.",
+      "id": "UrlMapTest",
+      "properties": {
+        "description": {
+          "description": "Description of this test case.",
+          "type": "string"
+        },
+        "host": {
+          "description": "Host portion of the URL.",
+          "type": "string"
+        },
+        "path": {
+          "description": "Path portion of the URL.",
+          "type": "string"
+        },
+        "service": {
+          "description": "Expected BackendService resource the given URL should be mapped to.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "UrlMapValidationResult": {
+      "description": "Message representing the validation result for a UrlMap.",
+      "id": "UrlMapValidationResult",
+      "properties": {
+        "loadErrors": {
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "loadSucceeded": {
+          "description": "Whether the given UrlMap can be successfully loaded. If false, 'loadErrors' indicates the reasons.",
+          "type": "boolean"
+        },
+        "testFailures": {
+          "items": {
+            "$ref": "TestFailure"
+          },
+          "type": "array"
+        },
+        "testPassed": {
+          "description": "If successfully loaded, this field indicates whether the test passed. If false, 'testFailures's indicate the reason of failure.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "UrlMapsValidateRequest": {
+      "id": "UrlMapsValidateRequest",
+      "properties": {
+        "resource": {
+          "$ref": "UrlMap",
+          "description": "Content of the UrlMap to be validated."
+        }
+      },
+      "type": "object"
+    },
+    "UrlMapsValidateResponse": {
+      "id": "UrlMapsValidateResponse",
+      "properties": {
+        "result": {
+          "$ref": "UrlMapValidationResult"
+        }
+      },
+      "type": "object"
+    },
+    "UsableSubnetwork": {
+      "description": "Subnetwork which the current user has compute.subnetworks.use permission on.",
+      "id": "UsableSubnetwork",
+      "properties": {
+        "ipCidrRange": {
+          "description": "The range of internal addresses that are owned by this subnetwork.",
+          "type": "string"
+        },
+        "network": {
+          "description": "Network URL.",
+          "type": "string"
+        },
+        "subnetwork": {
+          "description": "Subnetwork URL.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "UsableSubnetworksAggregatedList": {
+      "id": "UsableSubnetworksAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "[Output] A list of usable subnetwork URLs.",
+          "items": {
+            "$ref": "UsableSubnetwork"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#usableSubnetworksAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#usableSubnetworksAggregatedList for aggregated lists of usable subnetworks.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "UsageExportLocation": {
+      "description": "The location in Cloud Storage and naming method of the daily usage report. Contains bucket_name and report_name prefix.",
+      "id": "UsageExportLocation",
+      "properties": {
+        "bucketName": {
+          "description": "The name of an existing bucket in Cloud Storage where the usage report object is stored. The Google Service Account is granted write access to this bucket. This can either be the bucket name by itself, such as example-bucket, or the bucket name with gs:// or https://storage.googleapis.com/ in front of it, such as gs://example-bucket.",
+          "type": "string"
+        },
+        "reportNamePrefix": {
+          "description": "An optional prefix for the name of the usage report object stored in bucketName. If not supplied, defaults to usage. The report is stored as a CSV file named report_name_prefix_gce_YYYYMMDD.csv where YYYYMMDD is the day of the usage according to Pacific Time. If you supply a prefix, it should conform to Cloud Storage object naming conventions.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "VmMaintenancePolicy": {
+      "description": "A Vm Maintenance Policy specifies what kind of infrastructure maintenance we are allowed to perform on this VM and when.",
+      "id": "VmMaintenancePolicy",
+      "properties": {
+        "maintenanceWindow": {
+          "$ref": "MaintenanceWindow",
+          "description": "Maintenance windows that are applied to VMs covered by this policy."
+        }
+      },
+      "type": "object"
+    },
+    "VpnTunnel": {
+      "description": "VPN tunnel resource. (== resource_for beta.vpnTunnels ==) (== resource_for v1.vpnTunnels ==)",
+      "id": "VpnTunnel",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "detailedStatus": {
+          "description": "[Output Only] Detailed status message for the VPN tunnel.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "ikeVersion": {
+          "description": "IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "kind": {
+          "default": "compute#vpnTunnel",
+          "description": "[Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a VpnTunnel.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this VpnTunnel. These can be later modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.",
+          "type": "object"
+        },
+        "localTrafficSelector": {
+          "description": "Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example: 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.vpnTunnels.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "peerIp": {
+          "description": "IP address of the peer VPN gateway. Only IPv4 is supported.",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the VPN tunnel resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "remoteTrafficSelector": {
+          "description": "Remote traffic selectors to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example: 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "router": {
+          "description": "URL of router resource to be used for dynamic routing.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sharedSecret": {
+          "description": "Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway.",
+          "type": "string"
+        },
+        "sharedSecretHash": {
+          "description": "Hash of the shared secret.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the VPN tunnel.",
+          "enum": [
+            "ALLOCATING_RESOURCES",
+            "AUTHORIZATION_ERROR",
+            "DEPROVISIONING",
+            "ESTABLISHED",
+            "FAILED",
+            "FIRST_HANDSHAKE",
+            "NEGOTIATION_FAILURE",
+            "NETWORK_ERROR",
+            "NO_INCOMING_PACKETS",
+            "PROVISIONING",
+            "REJECTED",
+            "WAITING_FOR_FULL_CONFIG"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "targetVpnGateway": {
+          "description": "URL of the Target VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "VpnTunnelAggregatedList": {
+      "id": "VpnTunnelAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "VpnTunnelsScopedList",
+            "description": "Name of the scope containing this set of vpn tunnels."
+          },
+          "description": "A list of VpnTunnelsScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#vpnTunnelAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "VpnTunnelList": {
+      "description": "Contains a list of VpnTunnel resources.",
+      "id": "VpnTunnelList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of VpnTunnel resources.",
+          "items": {
+            "$ref": "VpnTunnel"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#vpnTunnelList",
+          "description": "[Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "VpnTunnelsScopedList": {
+      "id": "VpnTunnelsScopedList",
+      "properties": {
+        "vpnTunnels": {
+          "description": "List of vpn tunnels contained in this scope.",
+          "items": {
+            "$ref": "VpnTunnel"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of addresses when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "XpnHostList": {
+      "id": "XpnHostList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "[Output Only] A list of shared VPC host project URLs.",
+          "items": {
+            "$ref": "Project"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#xpnHostList",
+          "description": "[Output Only] Type of resource. Always compute#xpnHostList for lists of shared VPC hosts.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "XpnResourceId": {
+      "description": "Service resource (a.k.a service project) ID.",
+      "id": "XpnResourceId",
+      "properties": {
+        "id": {
+          "description": "The ID of the service resource. In the case of projects, this field matches the project ID (e.g., my-project), not the project number (e.g., 12345678).",
+          "type": "string"
+        },
+        "type": {
+          "description": "The type of the service resource.",
+          "enum": [
+            "PROJECT",
+            "XPN_RESOURCE_TYPE_UNSPECIFIED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Zone": {
+      "description": "A Zone resource. (== resource_for beta.zones ==) (== resource_for v1.zones ==)",
+      "id": "Zone",
+      "properties": {
+        "availableCpuPlatforms": {
+          "description": "[Output Only] Available cpu/platform selections for the zone.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "deprecated": {
+          "$ref": "DeprecationStatus",
+          "description": "[Output Only] The deprecation status associated with this zone."
+        },
+        "description": {
+          "description": "[Output Only] Textual description of the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#zone",
+          "description": "[Output Only] Type of the resource. Always compute#zone for zones.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] Full URL reference to the region which hosts the zone.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] Status of the zone, either UP or DOWN.",
+          "enum": [
+            "DOWN",
+            "UP"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ZoneList": {
+      "description": "Contains a list of zone resources.",
+      "id": "ZoneList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Zone resources.",
+          "items": {
+            "$ref": "Zone"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#zoneList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "ZoneSetLabelsRequest": {
+      "id": "ZoneSetLabelsRequest",
+      "properties": {
+        "labelFingerprint": {
+          "description": "The fingerprint of the previous set of labels for this resource, used to detect conflicts. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. Make a get() request to the resource to get the latest fingerprint.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "The labels to set for this resource.",
+          "type": "object"
+        }
+      },
+      "type": "object"
     }
-   }
   },
-  "zones": {
-   "methods": {
-    "get": {
-     "id": "compute.zones.get",
-     "path": "{project}/zones/{zone}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Zone resource. Get a list of available zones by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "Zone"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.zones.list",
-     "path": "{project}/zones",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of Zone resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "ZoneList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  }
- }
-}
+  "servicePath": "compute/alpha/projects/",
+  "title": "Compute Engine API",
+  "version": "alpha"
+}
\ No newline at end of file
diff --git a/vendor/google.golang.org/api/compute/v0.alpha/compute-gen.go b/vendor/google.golang.org/api/compute/v0.alpha/compute-gen.go
index 80301b1273ef..497ac423ba9b 100644
--- a/vendor/google.golang.org/api/compute/v0.alpha/compute-gen.go
+++ b/vendor/google.golang.org/api/compute/v0.alpha/compute-gen.go
@@ -103,6 +103,8 @@ func New(client *http.Client) (*Service, error) {
 	s.MaintenancePolicies = NewMaintenancePoliciesService(s)
 	s.NetworkEndpointGroups = NewNetworkEndpointGroupsService(s)
 	s.Networks = NewNetworksService(s)
+	s.NodeGroups = NewNodeGroupsService(s)
+	s.NodeTemplates = NewNodeTemplatesService(s)
 	s.Projects = NewProjectsService(s)
 	s.RegionAutoscalers = NewRegionAutoscalersService(s)
 	s.RegionBackendServices = NewRegionBackendServicesService(s)
@@ -203,6 +205,10 @@ type Service struct {
 
 	Networks *NetworksService
 
+	NodeGroups *NodeGroupsService
+
+	NodeTemplates *NodeTemplatesService
+
 	Projects *ProjectsService
 
 	RegionAutoscalers *RegionAutoscalersService
@@ -555,6 +561,24 @@ type NetworksService struct {
 	s *Service
 }
 
+func NewNodeGroupsService(s *Service) *NodeGroupsService {
+	rs := &NodeGroupsService{s: s}
+	return rs
+}
+
+type NodeGroupsService struct {
+	s *Service
+}
+
+func NewNodeTemplatesService(s *Service) *NodeTemplatesService {
+	rs := &NodeTemplatesService{s: s}
+	return rs
+}
+
+type NodeTemplatesService struct {
+	s *Service
+}
+
 func NewProjectsService(s *Service) *ProjectsService {
 	rs := &ProjectsService{s: s}
 	return rs
@@ -815,7 +839,8 @@ type AcceleratorConfig struct {
 	AcceleratorCount int64 `json:"acceleratorCount,omitempty"`
 
 	// AcceleratorType: Full or partial URL of the accelerator type resource
-	// to expose to this instance.
+	// to attach to this instance. If you are creating an instance template,
+	// specify only the accelerator name.
 	AcceleratorType string `json:"acceleratorType,omitempty"`
 
 	// ForceSendFields is a list of field names (e.g. "AcceleratorCount") to
@@ -877,7 +902,9 @@ type AcceleratorType struct {
 	SelfLink string `json:"selfLink,omitempty"`
 
 	// Zone: [Output Only] The name of the zone where the accelerator type
-	// resides, such as us-central1-a.
+	// resides, such as us-central1-a. You must specify this field as part
+	// of the HTTP request URL. It is not settable as a field in the request
+	// body.
 	Zone string `json:"zone,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -1500,12 +1527,16 @@ type Address struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
 	Name string `json:"name,omitempty"`
 
+	// Network: The URL of the network in which to reserve the address. This
+	// field can only be used with INTERNAL type with VPC_PEERING purpose.
+	Network string `json:"network,omitempty"`
+
 	// NetworkTier: This signifies the networking tier used for configuring
 	// this Address and can only take the following values: PREMIUM ,
 	// STANDARD.
@@ -1518,8 +1549,23 @@ type Address struct {
 	//   "STANDARD"
 	NetworkTier string `json:"networkTier,omitempty"`
 
+	// PrefixLength: The prefix length if the resource reprensents an IP
+	// range.
+	PrefixLength int64 `json:"prefixLength,omitempty"`
+
+	// Purpose: The purpose of resource, only used with INTERNAL type.
+	//
+	// Possible values:
+	//   "DNS_RESOLVER"
+	//   "GCE_ENDPOINT"
+	//   "UNSPECIFIED_PURPOSE"
+	//   "VPC_PEERING"
+	Purpose string `json:"purpose,omitempty"`
+
 	// Region: [Output Only] URL of the region where the regional address
-	// resides. This field is not applicable to global addresses.
+	// resides. This field is not applicable to global addresses. You must
+	// specify this field as part of the HTTP request URL. You cannot set
+	// this field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// SelfLink: [Output Only] Server-defined URL for the resource.
@@ -2232,9 +2278,9 @@ type AttachedDiskInitializeParams struct {
 	// not specified, the default is pd-standard, specified using the full
 	// URL. For
 	// example:
+	// https://www.googleapis.com/compute/v1/projects/project/zones/
+	// zone/diskTypes/pd-standard
 	//
-	// https://www.googleapis.com/compute/v1/projects/project/zones
-	// /zone/diskTypes/pd-standard
 	//
 	// Other values include pd-ssd and local-ssd. If you define this field,
 	// you can provide either the full or partial URL. For example, the
@@ -2246,6 +2292,11 @@ type AttachedDiskInitializeParams struct {
 	// is the name of the disk type, not URL.
 	DiskType string `json:"diskType,omitempty"`
 
+	// Labels: Labels to apply to this disk. These can be later modified by
+	// the disks.setLabels method. This field is only applicable for
+	// persistent disks.
+	Labels map[string]string `json:"labels,omitempty"`
+
 	// SourceImage: The source image to create this disk. When creating a
 	// new instance, one of initializeParams.sourceImage or disks.source is
 	// required except for local SSD.
@@ -2254,26 +2305,29 @@ type AttachedDiskInitializeParams struct {
 	// specify the image by its family name. For example, specify
 	// family/debian-8 to use the latest Debian 8
 	// image:
-	//
 	// projects/debian-cloud/global/images/family/debian-8
 	//
-	// Alternatively, use a specific version of a public operating system
-	// image:
 	//
+	// Alternati
+	// vely, use a specific version of a public operating system
+	// image:
 	// projects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD
 	//
-	// To create a disk with a custom image that you created, specify the
-	// image name in the following format:
 	//
+	//
+	// To create a disk with a custom image that you created, specify the
+	// image name in the following
+	// format:
 	// global/images/my-custom-image
 	//
+	//
 	// You can also specify a custom image by its image family, which
 	// returns the latest version of the image in that family. Replace the
 	// image name with
 	// family/family-name:
-	//
 	// global/images/family/my-image-family
 	//
+	//
 	// If the source image is deleted later, this field will not be set.
 	SourceImage string `json:"sourceImage,omitempty"`
 
@@ -2317,7 +2371,7 @@ func (s *AttachedDiskInitializeParams) MarshalJSON() ([]byte, error) {
 // If there are AuditConfigs for both `allServices` and a specific
 // service, the union of the two AuditConfigs is used for that service:
 // the log_types specified in each AuditConfig are enabled, and the
-// exempted_members in each AuditConfig are exempted.
+// exempted_members in each AuditLogConfig are exempted.
 //
 // Example Policy with multiple AuditConfigs:
 //
@@ -2489,7 +2543,7 @@ type Autoscaler struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -3627,7 +3681,7 @@ type BackendBucket struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -3949,7 +4003,7 @@ type BackendService struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -3988,7 +4042,8 @@ type BackendService struct {
 
 	// Region: [Output Only] URL of the region where the regional backend
 	// service resides. This field is not applicable to global backend
-	// services.
+	// services. You must specify this field as part of the HTTP request
+	// URL. It is not settable as a field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// SecurityPolicy: [Output Only] The resource URL for the security
@@ -4789,7 +4844,8 @@ type Binding struct {
 	// Condition: The condition that is associated with this binding. NOTE:
 	// an unsatisfied condition will not allow user access via current
 	// binding. Different bindings, including their conditions, are examined
-	// independently. This field is GOOGLE_INTERNAL.
+	// independently. This field is only visible as GOOGLE_INTERNAL or
+	// CONDITION_TRUSTED_TESTER.
 	Condition *Expr `json:"condition,omitempty"`
 
 	// Members: Specifies the identities requesting access for a Cloud
@@ -4966,7 +5022,7 @@ type Commitment struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -5492,6 +5548,7 @@ type Condition struct {
 	//   "APPROVER"
 	//   "ATTRIBUTION"
 	//   "AUTHORITY"
+	//   "CREDENTIALS_TYPE"
 	//   "JUSTIFICATION_TYPE"
 	//   "NO_ATTR"
 	//   "SECURITY_REALM"
@@ -5842,7 +5899,7 @@ type Disk struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -5860,7 +5917,9 @@ type Disk struct {
 	PhysicalBlockSizeBytes int64 `json:"physicalBlockSizeBytes,omitempty,string"`
 
 	// Region: [Output Only] URL of the region where the disk resides. Only
-	// applicable for regional resources.
+	// applicable for regional resources. You must specify this field as
+	// part of the HTTP request URL. It is not settable as a field in the
+	// request body.
 	Region string `json:"region,omitempty"`
 
 	// ReplicaZones: URLs of the zones where the disk should be replicated
@@ -5889,24 +5948,26 @@ type Disk struct {
 	// specify the image by its family name. For example, specify
 	// family/debian-8 to use the latest Debian 8
 	// image:
-	//
 	// projects/debian-cloud/global/images/family/debian-8
 	//
-	// Alternatively, use a specific version of a public operating system
-	// image:
 	//
+	// Alternati
+	// vely, use a specific version of a public operating system
+	// image:
 	// projects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD
 	//
-	// To create a disk with a custom image that you created, specify the
-	// image name in the following format:
 	//
+	//
+	// To create a disk with a custom image that you created, specify the
+	// image name in the following
+	// format:
 	// global/images/my-custom-image
 	//
+	//
 	// You can also specify a custom image by its image family, which
 	// returns the latest version of the image in that family. Replace the
 	// image name with
 	// family/family-name:
-	//
 	// global/images/family/my-image-family
 	SourceImage string `json:"sourceImage,omitempty"`
 
@@ -5962,14 +6023,17 @@ type Disk struct {
 	StorageType string `json:"storageType,omitempty"`
 
 	// Type: URL of the disk type resource describing which disk type to use
-	// to create the disk. Provide this when creating the disk.
+	// to create the disk. Provide this when creating the disk. For example:
+	// project/zones/zone/diskTypes/pd-standard or pd-ssd
 	Type string `json:"type,omitempty"`
 
 	// Users: [Output Only] Links to the users of the disk (attached
 	// instances) in form: project/zones/zone/instances/instance
 	Users []string `json:"users,omitempty"`
 
-	// Zone: [Output Only] URL of the zone where the disk resides.
+	// Zone: [Output Only] URL of the zone where the disk resides. You must
+	// specify this field as part of the HTTP request URL. It is not
+	// settable as a field in the request body.
 	Zone string `json:"zone,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -6164,27 +6228,39 @@ type DiskInstantiationConfig struct {
 	// instance).
 	AutoDelete bool `json:"autoDelete,omitempty"`
 
+	// CustomImage: The custom source image to be used to restore this disk
+	// when instantiating this instance template.
+	CustomImage string `json:"customImage,omitempty"`
+
 	// DeviceName: Specifies the device name of the disk to which the
 	// configurations apply to.
 	DeviceName string `json:"deviceName,omitempty"`
 
 	// InstantiateFrom: Specifies whether to include the disk and what image
-	// to use.
+	// to use. Possible values are:
+	// - source-image: to use the same image that was used to create the
+	// source instance's corresponding disk. Applicable to the boot disk and
+	// additional read-write disks.
+	// - source-image-family: to use the same image family that was used to
+	// create the source instance's corresponding disk. Applicable to the
+	// boot disk and additional read-write disks.
+	// - custom-image: to use a user-provided image url for disk creation.
+	// Applicable to the boot disk and additional read-write disks.
+	// - attach-read-only: to attach a read-only disk. Applicable to
+	// read-only disks.
+	// - do-not-include: to exclude a disk from the template. Applicable to
+	// additional read-write disks, local SSDs, and read-only disks.
 	//
 	// Possible values:
 	//   "ATTACH_READ_ONLY"
 	//   "BLANK"
+	//   "CUSTOM_IMAGE"
 	//   "DEFAULT"
 	//   "DO_NOT_INCLUDE"
-	//   "IMAGE_URL"
 	//   "SOURCE_IMAGE"
 	//   "SOURCE_IMAGE_FAMILY"
 	InstantiateFrom string `json:"instantiateFrom,omitempty"`
 
-	// SourceImage: The custom source image to be used to restore this disk
-	// when instantiating this instance template.
-	SourceImage string `json:"sourceImage,omitempty"`
-
 	// ForceSendFields is a list of field names (e.g. "AutoDelete") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
@@ -6442,7 +6518,9 @@ type DiskType struct {
 	// valid disk size, such as "10GB-10TB".
 	ValidDiskSize string `json:"validDiskSize,omitempty"`
 
-	// Zone: [Output Only] URL of the zone where the disk type resides.
+	// Zone: [Output Only] URL of the zone where the disk type resides. You
+	// must specify this field as part of the HTTP request URL. It is not
+	// settable as a field in the request body.
 	Zone string `json:"zone,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -7194,7 +7272,7 @@ type Firewall struct {
 	CreationTimestamp string `json:"creationTimestamp,omitempty"`
 
 	// Denied: The list of DENY rules specified by this firewall. Each rule
-	// specifies a protocol and port-range tuple that describes a permitted
+	// specifies a protocol and port-range tuple that describes a denied
 	// connection.
 	Denied []*FirewallDenied `json:"denied,omitempty"`
 
@@ -7241,7 +7319,7 @@ type Firewall struct {
 	// Name: Name of the resource; provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -7754,13 +7832,14 @@ type ForwardingRule struct {
 	// Possible values:
 	//   "EXTERNAL"
 	//   "INTERNAL"
+	//   "INTERNAL_SELF_MANAGED"
 	//   "INVALID"
 	LoadBalancingScheme string `json:"loadBalancingScheme,omitempty"`
 
 	// Name: Name of the resource; provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -7804,11 +7883,10 @@ type ForwardingRule struct {
 	// - TargetHttpProxy: 80, 8080
 	// - TargetHttpsProxy: 443
 	// - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993,
-	// 995, 1883, 5222
+	// 995, 1688, 1883, 5222
 	// - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993,
-	// 995, 1883, 5222
+	// 995, 1688, 1883, 5222
 	// - TargetVpnGateway: 500, 4500
-	// -
 	PortRange string `json:"portRange,omitempty"`
 
 	// Ports: This field is used along with the backend_service field for
@@ -7824,7 +7902,8 @@ type ForwardingRule struct {
 
 	// Region: [Output Only] URL of the region where the regional forwarding
 	// rule resides. This field is not applicable to global forwarding
-	// rules.
+	// rules. You must specify this field as part of the HTTP request URL.
+	// It is not settable as a field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// SelfLink: [Output Only] Server-defined URL for the resource.
@@ -7836,7 +7915,7 @@ type ForwardingRule struct {
 	//
 	// The label must be 1-63 characters long, and comply with RFC1035.
 	// Specifically, the label must be 1-63 characters long and match the
-	// regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first
+	// regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first
 	// character must be a lowercase letter, and all following characters
 	// must be a dash, lowercase letter, or digit, except the last
 	// character, which cannot be a dash.
@@ -7866,8 +7945,6 @@ type ForwardingRule struct {
 	// same region as the forwarding rule. For global forwarding rules, this
 	// target must be a global load balancing resource. The forwarded
 	// traffic must be of a type appropriate to the target object.
-	//
-	// This field is not used for internal load balancing.
 	Target string `json:"target,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -8380,8 +8457,8 @@ type GlobalSetLabelsRequest struct {
 	// Labels: A list of labels to apply for this resource. Each label key &
 	// value must comply with RFC1035. Specifically, the name must be 1-63
 	// characters long and match the regular expression
-	// [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a
-	// lowercase letter, and all following characters must be a dash,
+	// `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be
+	// a lowercase letter, and all following characters must be a dash,
 	// lowercase letter, or digit, except the last character, which cannot
 	// be a dash. For example, "webserver-frontend": "images". A label value
 	// can also be empty (e.g. "my-label": "").
@@ -8772,7 +8849,7 @@ type HealthCheck struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -9127,7 +9204,6 @@ type Host struct {
 	// provided by the client when the host is created. For example, the
 	// following is a valid partial url to a predefined host
 	// type:
-	//
 	// zones/us-central1-b/hostTypes/n1-host-64-416
 	HostType string `json:"hostType,omitempty"`
 
@@ -9161,8 +9237,8 @@ type Host struct {
 	// creating the resource. The resource name must be 1-63 characters
 	// long, and comply with RFC1035. Specifically, the name must be 1-63
 	// characters long and match the regular expression
-	// [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a
-	// lowercase letter, and all following characters must be a dash,
+	// `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be
+	// a lowercase letter, and all following characters must be a dash,
 	// lowercase letter, or digit, except the last character, which cannot
 	// be a dash.
 	Name string `json:"name,omitempty"`
@@ -10291,7 +10367,7 @@ type HttpHealthCheck struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -10536,7 +10612,7 @@ type HttpsHealthCheck struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -10828,7 +10904,7 @@ type Image struct {
 	// Name: Name of the resource; provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -11234,18 +11310,18 @@ type Instance struct {
 	// when the instance is created. For example, the following is a valid
 	// partial url to a predefined machine
 	// type:
-	//
 	// zones/us-central1-f/machineTypes/n1-standard-1
 	//
+	//
 	// To create a custom machine type, provide a URL to a machine type in
 	// the following format, where CPUS is 1 or an even number up to 32 (2,
 	// 4, 6, ... 24, etc), and MEMORY is the total memory for this instance.
 	// Memory must be a multiple of 256 MB and must be supplied in MB (e.g.
 	// 5 GB of memory is 5120
 	// MB):
-	//
 	// zones/zone/machineTypes/custom-CPUS-MEMORY
 	//
+	//
 	// For example: zones/us-central1-f/machineTypes/custom-4-5120
 	//
 	// For a full list of restrictions, read the Specifications for custom
@@ -11269,8 +11345,8 @@ type Instance struct {
 	// creating the resource. The resource name must be 1-63 characters
 	// long, and comply with RFC1035. Specifically, the name must be 1-63
 	// characters long and match the regular expression
-	// [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a
-	// lowercase letter, and all following characters must be a dash,
+	// `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be
+	// a lowercase letter, and all following characters must be a dash,
 	// lowercase letter, or digit, except the last character, which cannot
 	// be a dash.
 	Name string `json:"name,omitempty"`
@@ -11281,6 +11357,10 @@ type Instance struct {
 	// Multiple interfaces are supported per instance.
 	NetworkInterfaces []*NetworkInterface `json:"networkInterfaces,omitempty"`
 
+	// PreservedStateSizeGb: Total amount of preserved state for SUSPENDED
+	// instances. Read-only in the api.
+	PreservedStateSizeGb int64 `json:"preservedStateSizeGb,omitempty,string"`
+
 	// Scheduling: Sets the scheduling options for this instance.
 	Scheduling *Scheduling `json:"scheduling,omitempty"`
 
@@ -11328,7 +11408,9 @@ type Instance struct {
 	// comply with RFC1035.
 	Tags *Tags `json:"tags,omitempty"`
 
-	// Zone: [Output Only] URL of the zone where the instance resides.
+	// Zone: [Output Only] URL of the zone where the instance resides. You
+	// must specify this field as part of the HTTP request URL. It is not
+	// settable as a field in the request body.
 	Zone string `json:"zone,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -12122,9 +12204,9 @@ type InstanceGroupManagerActionsSummary struct {
 	Restarting int64 `json:"restarting,omitempty"`
 
 	// Verifying: [Output Only] The number of instances in the managed
-	// instance group that are being verified. More details regarding
-	// verification process are covered in the documentation of
-	// ManagedInstance.InstanceAction.VERIFYING enum field.
+	// instance group that are being verified. See the
+	// managedInstances[].currentAction property in the listManagedInstances
+	// method documentation.
 	Verifying int64 `json:"verifying,omitempty"`
 
 	// ForceSendFields is a list of field names (e.g. "Abandoning") to
@@ -14239,6 +14321,10 @@ type InstanceProperties struct {
 	// to obtain the access tokens for these instances.
 	ServiceAccounts []*ServiceAccount `json:"serviceAccounts,omitempty"`
 
+	// ShieldedVmConfig: Specifies the Shielded VM options for the instances
+	// that are created from this template.
+	ShieldedVmConfig *ShieldedVmConfig `json:"shieldedVmConfig,omitempty"`
+
 	// Tags: A list of tags to apply to the instances that are created from
 	// this template. The tags identify valid sources or targets for network
 	// firewalls. The setTags method can modify this list of tags. Each tag
@@ -14317,7 +14403,7 @@ type InstanceTemplate struct {
 	// Name: Name of the resource; provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -15089,7 +15175,7 @@ type Interconnect struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -15217,6 +15303,22 @@ type InterconnectAttachment struct {
 	// Description: An optional description of this resource.
 	Description string `json:"description,omitempty"`
 
+	// EdgeAvailabilityDomain: Desired availability domain for the
+	// attachment. Can only be specified when creating PARTNER-type
+	// InterconnectAttachments.
+	//
+	// For improved reliability, customers should configure a pair of
+	// attachments with one per availability domain. The selected
+	// availability domain will be provided to the Partner via the pairing
+	// key so that the provisioned circuit will lie in the specified domain.
+	// If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.
+	//
+	// Possible values:
+	//   "AVAILABILITY_DOMAIN_1"
+	//   "AVAILABILITY_DOMAIN_2"
+	//   "AVAILABILITY_DOMAIN_ANY"
+	EdgeAvailabilityDomain string `json:"edgeAvailabilityDomain,omitempty"`
+
 	// GoogleReferenceId: [Output Only] Google reference ID, to be used when
 	// raising support tickets with Google or otherwise to debug backend
 	// connectivity issues.
@@ -15253,7 +15355,7 @@ type InterconnectAttachment struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -15285,7 +15387,9 @@ type InterconnectAttachment struct {
 	PrivateInterconnectInfo *InterconnectAttachmentPrivateInfo `json:"privateInterconnectInfo,omitempty"`
 
 	// Region: [Output Only] URL of the region where the regional
-	// interconnect attachment resides.
+	// interconnect attachment resides. You must specify this field as part
+	// of the HTTP request URL. It is not settable as a field in the request
+	// body.
 	Region string `json:"region,omitempty"`
 
 	// Router: URL of the cloud router to be used for dynamic routing. This
@@ -17984,8 +18088,8 @@ type MaintenancePolicy struct {
 	// creating the resource. The resource name must be 1-63 characters
 	// long, and comply with RFC1035. Specifically, the name must be 1-63
 	// characters long and match the regular expression
-	// [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a
-	// lowercase letter, and all following characters must be a dash,
+	// `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be
+	// a lowercase letter, and all following characters must be a dash,
 	// lowercase letter, or digit, except the last character, which cannot
 	// be a dash.
 	Name string `json:"name,omitempty"`
@@ -18216,6 +18320,7 @@ func (s *MaintenanceWindow) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
+// ManagedInstance: Next available tag: 12
 type ManagedInstance struct {
 	// CurrentAction: [Output Only] The current action that the managed
 	// instance group has scheduled for the instance. Possible values:
@@ -18241,6 +18346,8 @@ type ManagedInstance struct {
 	// changes to the instance without stopping it. For example, the group
 	// can update the target pool list for an instance without stopping that
 	// instance.
+	// - VERIFYING The managed instance group has created the instance and
+	// it is in the process of being verified.
 	//
 	// Possible values:
 	//   "ABANDONING"
@@ -18288,13 +18395,6 @@ type ManagedInstance struct {
 	// Override: [Output Only] Override defined for this instance.
 	Override *ManagedInstanceOverride `json:"override,omitempty"`
 
-	// StandbyMode: [Output Only] Standby mode of the instance. This field
-	// is non-empty iff the instance is a standby.
-	//
-	// Possible values:
-	//   "DRAINED"
-	StandbyMode string `json:"standbyMode,omitempty"`
-
 	// Tag: [Output Only] Tag describing the version.
 	Tag string `json:"tag,omitempty"`
 
@@ -18419,9 +18519,16 @@ func (s *ManagedInstanceLastAttemptErrorsErrors) MarshalJSON() ([]byte, error) {
 // ManagedInstanceOverride: Overrides of stateful properties for a given
 // instance
 type ManagedInstanceOverride struct {
-	// Disks: Disk overrides defined for this instance
+	// Disks: Disk overrides defined for this instance. According to
+	// documentation the maximum number of disks attached to an instance is
+	// 128: https://cloud.google.com/compute/docs/disks/ However, compute
+	// API defines the limit at 140, so this is what we check.
 	Disks []*ManagedInstanceOverrideDiskOverride `json:"disks,omitempty"`
 
+	// Metadata: Metadata overrides defined for this instance.
+	// TODO(b/69785416) validate the total length is <9 KB
+	Metadata []*ManagedInstanceOverrideMetadata `json:"metadata,omitempty"`
+
 	// Origin: [Output Only] Indicates where does the override come from.
 	//
 	// Possible values:
@@ -18452,6 +18559,43 @@ func (s *ManagedInstanceOverride) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
+type ManagedInstanceOverrideMetadata struct {
+	// Key: Key for the metadata entry. Keys must conform to the following
+	// regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is
+	// reflected as part of a URL in the metadata server. Additionally, to
+	// avoid ambiguity, keys must not conflict with any other metadata keys
+	// for the project.
+	Key string `json:"key,omitempty"`
+
+	// Value: Value for the metadata entry. These are free-form strings, and
+	// only have meaning as interpreted by the image running in the
+	// instance. The only restriction placed on values is that their size
+	// must be less than or equal to 262144 bytes (256 KiB).
+	Value string `json:"value,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "Key") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Key") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *ManagedInstanceOverrideMetadata) MarshalJSON() ([]byte, error) {
+	type NoMethod ManagedInstanceOverrideMetadata
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
 type ManagedInstanceOverrideDiskOverride struct {
 	// DeviceName: The name of the device on the VM
 	DeviceName string `json:"deviceName,omitempty"`
@@ -18692,7 +18836,7 @@ type Network struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -18810,7 +18954,7 @@ type NetworkEndpointGroup struct {
 	// Name: Name of the resource; provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -19886,8 +20030,8 @@ type NetworkPeering struct {
 	// Name: Name of this peering. Provided by the client when the peering
 	// is created. The name must comply with RFC1035. Specifically, the name
 	// must be 1-63 characters long and match regular expression
-	// [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a
-	// lowercase letter, and all the following characters must be a dash,
+	// `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be
+	// a lowercase letter, and all the following characters must be a dash,
 	// lowercase letter, or digit, except the last character, which cannot
 	// be a dash.
 	Name string `json:"name,omitempty"`
@@ -20097,7 +20241,9 @@ type Operation struct {
 	Progress int64 `json:"progress,omitempty"`
 
 	// Region: [Output Only] The URL of the region where the operation
-	// resides. Only available when performing regional operations.
+	// resides. Only available when performing regional operations. You must
+	// specify this field as part of the HTTP request URL. It is not
+	// settable as a field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// SelfLink: [Output Only] Server-defined URL for the resource.
@@ -20138,7 +20284,9 @@ type Operation struct {
 	Warnings []*OperationWarnings `json:"warnings,omitempty"`
 
 	// Zone: [Output Only] The URL of the zone where the operation resides.
-	// Only available when performing per-zone operations.
+	// Only available when performing per-zone operations. You must specify
+	// this field as part of the HTTP request URL. It is not settable as a
+	// field in the request body.
 	Zone string `json:"zone,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -20912,7 +21060,7 @@ func (s *PerInstanceConfig) MarshalJSON() ([]byte, error) {
 // }
 //
 // For a description of IAM and its features, see the [IAM developer's
-// guide](https://cloud.google.com/iam).
+// guide](https://cloud.google.com/iam/docs).
 type Policy struct {
 	// AuditConfigs: Specifies cloud audit logging configuration for this
 	// policy.
@@ -20947,7 +21095,7 @@ type Policy struct {
 	// denied.
 	Rules []*Rule `json:"rules,omitempty"`
 
-	// Version: Version of the `Policy`. The default version is 0.
+	// Version: Deprecated.
 	Version int64 `json:"version,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -20977,9 +21125,8 @@ func (s *Policy) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
-// Project: A Project resource. Projects can only be created in the
-// Google Cloud Platform Console. Unless marked otherwise, values can
-// only be modified in the console. (== resource_for v1.projects ==) (==
+// Project: A Project resource. For an overview of projects, see  Cloud
+// Platform Resource Hierarchy. (== resource_for v1.projects ==) (==
 // resource_for beta.projects ==)
 type Project struct {
 	// CommonInstanceMetadata: Metadata key/value pairs available to all
@@ -21291,6 +21438,8 @@ type Quota struct {
 	//   "NETWORKS"
 	//   "NVIDIA_K80_GPUS"
 	//   "NVIDIA_P100_GPUS"
+	//   "NVIDIA_P100_VWS_GPUS"
+	//   "NVIDIA_V100_GPUS"
 	//   "PREEMPTIBLE_CPUS"
 	//   "PREEMPTIBLE_LOCAL_SSD_GB"
 	//   "PREEMPTIBLE_NVIDIA_K80_GPUS"
@@ -23123,7 +23272,7 @@ type Route struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -23496,7 +23645,7 @@ type Router struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -23509,7 +23658,9 @@ type Router struct {
 	// Network: URI of the network to which this router belongs.
 	Network string `json:"network,omitempty"`
 
-	// Region: [Output Only] URI of the region where the router resides.
+	// Region: [Output Only] URI of the region where the router resides. You
+	// must specify this field as part of the HTTP request URL. It is not
+	// settable as a field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// SelfLink: [Output Only] Server-defined URL for the resource.
@@ -24729,6 +24880,9 @@ type Scheduling struct {
 	// restarted if it is terminated by Compute Engine.
 	AutomaticRestart *bool `json:"automaticRestart,omitempty"`
 
+	// NodeAffinities: A set of node affinity and anti-affinity.
+	NodeAffinities []*SchedulingNodeAffinity `json:"nodeAffinities,omitempty"`
+
 	// OnHostMaintenance: Defines the maintenance behavior for this
 	// instance. For standard instances, the default behavior is MIGRATE.
 	// For preemptible instances, the default and only possible behavior is
@@ -24769,6 +24923,46 @@ func (s *Scheduling) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
+// SchedulingNodeAffinity: Node Affinity: the configuration of desired
+// nodes onto which this Instance could be scheduled.
+type SchedulingNodeAffinity struct {
+	// Key: Corresponds to the label key of Node resource.
+	Key string `json:"key,omitempty"`
+
+	// Operator: Defines the operation of node selection.
+	//
+	// Possible values:
+	//   "IN"
+	//   "NOT_IN"
+	//   "OPERATOR_UNSPECIFIED"
+	Operator string `json:"operator,omitempty"`
+
+	// Values: Corresponds to the label values of Node resource.
+	Values []string `json:"values,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "Key") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Key") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *SchedulingNodeAffinity) MarshalJSON() ([]byte, error) {
+	type NoMethod SchedulingNodeAffinity
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
 // SecurityPolicy: A security policy is comprised of one or more rules.
 // It can also be associated with one or more 'targets'.
 type SecurityPolicy struct {
@@ -24802,7 +24996,7 @@ type SecurityPolicy struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -25093,7 +25287,7 @@ type SecurityPolicyRuleMatcher struct {
 	// contents in the request header.
 	Expr *Expr `json:"expr,omitempty"`
 
-	// SrcIpRanges: CIDR IP address range. Only IPv4 is supported.
+	// SrcIpRanges: CIDR IP address range.
 	SrcIpRanges []string `json:"srcIpRanges,omitempty"`
 
 	// VersionedExpr: Preconfigured versioned expression. If this field is
@@ -25130,7 +25324,7 @@ func (s *SecurityPolicyRuleMatcher) MarshalJSON() ([]byte, error) {
 }
 
 type SecurityPolicyRuleMatcherConfig struct {
-	// SrcIpRanges: CIDR IP address range. Only IPv4 is supported.
+	// SrcIpRanges: CIDR IP address range.
 	SrcIpRanges []string `json:"srcIpRanges,omitempty"`
 
 	// ForceSendFields is a list of field names (e.g. "SrcIpRanges") to
@@ -25241,6 +25435,10 @@ func (s *ServiceAccount) MarshalJSON() ([]byte, error) {
 
 // ShieldedVmConfig: A set of Shielded VM options.
 type ShieldedVmConfig struct {
+	// EnableIntegrityMonitoring: Defines whether the instance should have
+	// integrity monitoring enabled.
+	EnableIntegrityMonitoring bool `json:"enableIntegrityMonitoring,omitempty"`
+
 	// EnableSecureBoot: Defines whether the instance should have secure
 	// boot enabled.
 	EnableSecureBoot bool `json:"enableSecureBoot,omitempty"`
@@ -25248,21 +25446,22 @@ type ShieldedVmConfig struct {
 	// EnableVtpm: Defines whether the instance should have the TPM enabled.
 	EnableVtpm bool `json:"enableVtpm,omitempty"`
 
-	// ForceSendFields is a list of field names (e.g. "EnableSecureBoot") to
-	// unconditionally include in API requests. By default, fields with
-	// empty values are omitted from API requests. However, any non-pointer,
-	// non-interface field appearing in ForceSendFields will be sent to the
-	// server regardless of whether the field is empty or not. This may be
-	// used to include empty fields in Patch requests.
+	// ForceSendFields is a list of field names (e.g.
+	// "EnableIntegrityMonitoring") to unconditionally include in API
+	// requests. By default, fields with empty values are omitted from API
+	// requests. However, any non-pointer, non-interface field appearing in
+	// ForceSendFields will be sent to the server regardless of whether the
+	// field is empty or not. This may be used to include empty fields in
+	// Patch requests.
 	ForceSendFields []string `json:"-"`
 
-	// NullFields is a list of field names (e.g. "EnableSecureBoot") to
-	// include in API requests with the JSON null value. By default, fields
-	// with empty values are omitted from API requests. However, any field
-	// with an empty value appearing in NullFields will be sent to the
-	// server as null. It is an error if a field in this list has a
-	// non-empty value. This may be used to include null fields in Patch
-	// requests.
+	// NullFields is a list of field names (e.g.
+	// "EnableIntegrityMonitoring") to include in API requests with the JSON
+	// null value. By default, fields with empty values are omitted from API
+	// requests. However, any field with an empty value appearing in
+	// NullFields will be sent to the server as null. It is an error if a
+	// field in this list has a non-empty value. This may be used to include
+	// null fields in Patch requests.
 	NullFields []string `json:"-"`
 }
 
@@ -25277,7 +25476,7 @@ func (s *ShieldedVmConfig) MarshalJSON() ([]byte, error) {
 type SignedUrlKey struct {
 	// KeyName: Name of the key. The name must be 1-63 characters long, and
 	// comply with RFC1035. Specifically, the name must be 1-63 characters
-	// long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?
+	// long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
 	// which means the first character must be a lowercase letter, and all
 	// following characters must be a dash, lowercase letter, or digit,
 	// except the last character, which cannot be a dash.
@@ -25324,6 +25523,12 @@ type Snapshot struct {
 	// DiskSizeGb: [Output Only] Size of the snapshot, specified in GB.
 	DiskSizeGb int64 `json:"diskSizeGb,omitempty,string"`
 
+	// GuestOsFeatures: [Output Only] A list of features to enable on the
+	// guest operating system. Applicable only for bootable images. Read
+	// Enabling guest operating system features to see a list of available
+	// options.
+	GuestOsFeatures []*GuestOsFeature `json:"guestOsFeatures,omitempty"`
+
 	// Id: [Output Only] The unique identifier for the resource. This
 	// identifier is defined by the server.
 	Id uint64 `json:"id,omitempty,string"`
@@ -25359,7 +25564,7 @@ type Snapshot struct {
 	// Name: Name of the resource; provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -25663,6 +25868,9 @@ type SslCertificate struct {
 	// property when you create the resource.
 	Description string `json:"description,omitempty"`
 
+	// ExpireTime: [Output Only] Expire time of the certificate. RFC3339
+	ExpireTime string `json:"expireTime,omitempty"`
+
 	// Id: [Output Only] The unique identifier for the resource. This
 	// identifier is defined by the server.
 	Id uint64 `json:"id,omitempty,string"`
@@ -25671,10 +25879,13 @@ type SslCertificate struct {
 	// compute#sslCertificate for SSL certificates.
 	Kind string `json:"kind,omitempty"`
 
+	// Managed: Configuration and status of a managed SSL certificate.
+	Managed *SslCertificateManagedSslCertificate `json:"managed,omitempty"`
+
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -25687,6 +25898,24 @@ type SslCertificate struct {
 	// SelfLink: [Output only] Server-defined URL for the resource.
 	SelfLink string `json:"selfLink,omitempty"`
 
+	// SelfManaged: Configuration and status of a self-managed SSL
+	// certificate.
+	SelfManaged *SslCertificateSelfManagedSslCertificate `json:"selfManaged,omitempty"`
+
+	// SubjectAlternativeNames: [Output Only] Domains associated with the
+	// certificate via Subject Alternative Name.
+	SubjectAlternativeNames []string `json:"subjectAlternativeNames,omitempty"`
+
+	// Type: (Optional) Specifies the type of SSL certificate, either
+	// "SELF_MANAGED" or "MANAGED". If not specified, the certificate is
+	// self-managed and the fields certificate and private_key are used.
+	//
+	// Possible values:
+	//   "MANAGED"
+	//   "SELF_MANAGED"
+	//   "TYPE_UNSPECIFIED"
+	Type string `json:"type,omitempty"`
+
 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
 	googleapi.ServerResponse `json:"-"`
@@ -25869,101 +26098,29 @@ func (s *SslCertificateListWarningData) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
-type SslPoliciesList struct {
-	// Id: [Output Only] Unique identifier for the resource; defined by the
-	// server.
-	Id string `json:"id,omitempty"`
-
-	// Items: A list of SslPolicy resources.
-	Items []*SslPolicy `json:"items,omitempty"`
-
-	// Kind: [Output Only] Type of the resource. Always
-	// compute#sslPoliciesList for lists of sslPolicies.
-	Kind string `json:"kind,omitempty"`
-
-	// NextPageToken: [Output Only] This token allows you to get the next
-	// page of results for list requests. If the number of results is larger
-	// than maxResults, use the nextPageToken as a value for the query
-	// parameter pageToken in the next list request. Subsequent list
-	// requests will have their own nextPageToken to continue paging through
-	// the results.
-	NextPageToken string `json:"nextPageToken,omitempty"`
-
-	// SelfLink: [Output Only] Server-defined URL for this resource.
-	SelfLink string `json:"selfLink,omitempty"`
-
-	// Warning: [Output Only] Informational warning message.
-	Warning *SslPoliciesListWarning `json:"warning,omitempty"`
-
-	// ServerResponse contains the HTTP response code and headers from the
-	// server.
-	googleapi.ServerResponse `json:"-"`
-
-	// ForceSendFields is a list of field names (e.g. "Id") to
-	// unconditionally include in API requests. By default, fields with
-	// empty values are omitted from API requests. However, any non-pointer,
-	// non-interface field appearing in ForceSendFields will be sent to the
-	// server regardless of whether the field is empty or not. This may be
-	// used to include empty fields in Patch requests.
-	ForceSendFields []string `json:"-"`
+// SslCertificateManagedSslCertificate: Configuration and status of a
+// managed SSL certificate.
+type SslCertificateManagedSslCertificate struct {
+	// DomainStatus: [Output only] Detailed statuses of the domains
+	// specified for managed certificate resource.
+	DomainStatus map[string]string `json:"domainStatus,omitempty"`
 
-	// NullFields is a list of field names (e.g. "Id") to include in API
-	// requests with the JSON null value. By default, fields with empty
-	// values are omitted from API requests. However, any field with an
-	// empty value appearing in NullFields will be sent to the server as
-	// null. It is an error if a field in this list has a non-empty value.
-	// This may be used to include null fields in Patch requests.
-	NullFields []string `json:"-"`
-}
+	// Domains: The domains for which a managed SSL certificate will be
+	// generated. Currently only single-domain certs are supported.
+	Domains []string `json:"domains,omitempty"`
 
-func (s *SslPoliciesList) MarshalJSON() ([]byte, error) {
-	type NoMethod SslPoliciesList
-	raw := NoMethod(*s)
-	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
-}
-
-// SslPoliciesListWarning: [Output Only] Informational warning message.
-type SslPoliciesListWarning struct {
-	// Code: [Output Only] A warning code, if applicable. For example,
-	// Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in
-	// the response.
+	// Status: [Output only] Status of the managed certificate resource.
 	//
 	// Possible values:
-	//   "CLEANUP_FAILED"
-	//   "DEPRECATED_RESOURCE_USED"
-	//   "DEPRECATED_TYPE_USED"
-	//   "DISK_SIZE_LARGER_THAN_IMAGE_SIZE"
-	//   "EXPERIMENTAL_TYPE_USED"
-	//   "EXTERNAL_API_WARNING"
-	//   "FIELD_VALUE_OVERRIDEN"
-	//   "INJECTED_KERNELS_DEPRECATED"
-	//   "MISSING_TYPE_DEPENDENCY"
-	//   "NEXT_HOP_ADDRESS_NOT_ASSIGNED"
-	//   "NEXT_HOP_CANNOT_IP_FORWARD"
-	//   "NEXT_HOP_INSTANCE_NOT_FOUND"
-	//   "NEXT_HOP_INSTANCE_NOT_ON_NETWORK"
-	//   "NEXT_HOP_NOT_RUNNING"
-	//   "NOT_CRITICAL_ERROR"
-	//   "NO_RESULTS_ON_PAGE"
-	//   "REQUIRED_TOS_AGREEMENT"
-	//   "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING"
-	//   "RESOURCE_NOT_DELETED"
-	//   "SCHEMA_VALIDATION_IGNORED"
-	//   "SINGLE_INSTANCE_PROPERTY_TEMPLATE"
-	//   "UNDECLARED_PROPERTIES"
-	//   "UNREACHABLE"
-	Code string `json:"code,omitempty"`
-
-	// Data: [Output Only] Metadata about this warning in key: value format.
-	// For example:
-	// "data": [ { "key": "scope", "value": "zones/us-east1-d" }
-	Data []*SslPoliciesListWarningData `json:"data,omitempty"`
-
-	// Message: [Output Only] A human-readable description of the warning
-	// code.
-	Message string `json:"message,omitempty"`
+	//   "ACTIVE"
+	//   "MANAGED_CERTIFICATE_STATUS_UNSPECIFIED"
+	//   "PROVISIONING"
+	//   "PROVISIONING_FAILED"
+	//   "PROVISIONING_FAILED_PERMANENTLY"
+	//   "RENEWAL_FAILED"
+	Status string `json:"status,omitempty"`
 
-	// ForceSendFields is a list of field names (e.g. "Code") to
+	// ForceSendFields is a list of field names (e.g. "DomainStatus") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
@@ -25971,36 +26128,34 @@ type SslPoliciesListWarning struct {
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`
 
-	// NullFields is a list of field names (e.g. "Code") to include in API
-	// requests with the JSON null value. By default, fields with empty
-	// values are omitted from API requests. However, any field with an
-	// empty value appearing in NullFields will be sent to the server as
+	// NullFields is a list of field names (e.g. "DomainStatus") to include
+	// in API requests with the JSON null value. By default, fields with
+	// empty values are omitted from API requests. However, any field with
+	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }
 
-func (s *SslPoliciesListWarning) MarshalJSON() ([]byte, error) {
-	type NoMethod SslPoliciesListWarning
+func (s *SslCertificateManagedSslCertificate) MarshalJSON() ([]byte, error) {
+	type NoMethod SslCertificateManagedSslCertificate
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
-type SslPoliciesListWarningData struct {
-	// Key: [Output Only] A key that provides more detail on the warning
-	// being returned. For example, for warnings where there are no results
-	// in a list request for a particular zone, this key might be scope and
-	// the key value might be the zone name. Other examples might be a key
-	// indicating a deprecated resource and a suggested replacement, or a
-	// warning about invalid network settings (for example, if an instance
-	// attempts to perform IP forwarding but is not enabled for IP
-	// forwarding).
-	Key string `json:"key,omitempty"`
+// SslCertificateSelfManagedSslCertificate: Configuration and status of
+// a self-managed SSL certificate..
+type SslCertificateSelfManagedSslCertificate struct {
+	// Certificate: A local certificate file. The certificate must be in PEM
+	// format. The certificate chain must be no greater than 5 certs long.
+	// The chain must include at least one intermediate cert.
+	Certificate string `json:"certificate,omitempty"`
 
-	// Value: [Output Only] A warning data value corresponding to the key.
-	Value string `json:"value,omitempty"`
+	// PrivateKey: A write-only private key in PEM format. Only insert
+	// requests will include this field.
+	PrivateKey string `json:"privateKey,omitempty"`
 
-	// ForceSendFields is a list of field names (e.g. "Key") to
+	// ForceSendFields is a list of field names (e.g. "Certificate") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
@@ -26008,159 +26163,313 @@ type SslPoliciesListWarningData struct {
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`
 
-	// NullFields is a list of field names (e.g. "Key") to include in API
-	// requests with the JSON null value. By default, fields with empty
-	// values are omitted from API requests. However, any field with an
-	// empty value appearing in NullFields will be sent to the server as
+	// NullFields is a list of field names (e.g. "Certificate") to include
+	// in API requests with the JSON null value. By default, fields with
+	// empty values are omitted from API requests. However, any field with
+	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }
 
-func (s *SslPoliciesListWarningData) MarshalJSON() ([]byte, error) {
-	type NoMethod SslPoliciesListWarningData
+func (s *SslCertificateSelfManagedSslCertificate) MarshalJSON() ([]byte, error) {
+	type NoMethod SslCertificateSelfManagedSslCertificate
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
-type SslPoliciesListAvailableFeaturesResponse struct {
-	Features []string `json:"features,omitempty"`
-
-	// ServerResponse contains the HTTP response code and headers from the
+type SslPoliciesList struct {
+	// Id: [Output Only] Unique identifier for the resource; defined by the
 	// server.
-	googleapi.ServerResponse `json:"-"`
-
-	// ForceSendFields is a list of field names (e.g. "Features") to
-	// unconditionally include in API requests. By default, fields with
-	// empty values are omitted from API requests. However, any non-pointer,
-	// non-interface field appearing in ForceSendFields will be sent to the
-	// server regardless of whether the field is empty or not. This may be
-	// used to include empty fields in Patch requests.
-	ForceSendFields []string `json:"-"`
-
-	// NullFields is a list of field names (e.g. "Features") to include in
-	// API requests with the JSON null value. By default, fields with empty
-	// values are omitted from API requests. However, any field with an
-	// empty value appearing in NullFields will be sent to the server as
-	// null. It is an error if a field in this list has a non-empty value.
-	// This may be used to include null fields in Patch requests.
-	NullFields []string `json:"-"`
-}
-
-func (s *SslPoliciesListAvailableFeaturesResponse) MarshalJSON() ([]byte, error) {
-	type NoMethod SslPoliciesListAvailableFeaturesResponse
-	raw := NoMethod(*s)
-	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
-}
-
-// SslPolicy: A SSL policy specifies the server-side support for SSL
-// features. This can be attached to a TargetHttpsProxy or a
-// TargetSslProxy. This affects connections between clients and the
-// HTTPS or SSL proxy load balancer. They do not affect the connection
-// between the load balancers and the backends.
-type SslPolicy struct {
-	// CreationTimestamp: [Output Only] Creation timestamp in RFC3339 text
-	// format.
-	CreationTimestamp string `json:"creationTimestamp,omitempty"`
-
-	// CustomFeatures: List of features enabled when the selected profile is
-	// CUSTOM. The
-	// - method returns the set of features that can be specified in this
-	// list. This field must be empty if the profile is not CUSTOM.
-	CustomFeatures []string `json:"customFeatures,omitempty"`
-
-	// Description: An optional description of this resource. Provide this
-	// property when you create the resource.
-	Description string `json:"description,omitempty"`
-
-	// EnabledFeatures: [Output Only] The list of features enabled in the
-	// SSL policy.
-	EnabledFeatures []string `json:"enabledFeatures,omitempty"`
-
-	// Fingerprint: Fingerprint of this resource. A hash of the contents
-	// stored in this object. This field is used in optimistic locking. This
-	// field will be ignored when inserting a SslPolicy. An up-to-date
-	// fingerprint must be provided in order to update the SslPolicy.
-	Fingerprint string `json:"fingerprint,omitempty"`
+	Id string `json:"id,omitempty"`
 
-	// Id: [Output Only] The unique identifier for the resource. This
-	// identifier is defined by the server.
-	Id uint64 `json:"id,omitempty,string"`
+	// Items: A list of SslPolicy resources.
+	Items []*SslPolicy `json:"items,omitempty"`
 
-	// Kind: [Output only] Type of the resource. Always compute#sslPolicyfor
-	// SSL policies.
+	// Kind: [Output Only] Type of the resource. Always
+	// compute#sslPoliciesList for lists of sslPolicies.
 	Kind string `json:"kind,omitempty"`
 
-	// MinTlsVersion: The minimum version of SSL protocol that can be used
-	// by the clients to establish a connection with the load balancer. This
-	// can be one of TLS_1_0, TLS_1_1, TLS_1_2, TLS_1_3.
-	//
-	// Possible values:
-	//   "TLS_1_0"
-	//   "TLS_1_1"
-	//   "TLS_1_2"
-	//   "TLS_1_3"
-	MinTlsVersion string `json:"minTlsVersion,omitempty"`
-
-	// Name: Name of the resource. The name must be 1-63 characters long,
-	// and comply with RFC1035. Specifically, the name must be 1-63
-	// characters long and match the regular expression
-	// [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a
-	// lowercase letter, and all following characters must be a dash,
-	// lowercase letter, or digit, except the last character, which cannot
-	// be a dash.
-	Name string `json:"name,omitempty"`
-
-	// Profile: Profile specifies the set of SSL features that can be used
-	// by the load balancer when negotiating SSL with clients. This can be
-	// one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM,
-	// the set of SSL features to enable must be specified in the
-	// customFeatures field.
-	//
-	// Possible values:
-	//   "COMPATIBLE"
-	//   "CUSTOM"
-	//   "MODERN"
-	//   "RESTRICTED"
-	Profile string `json:"profile,omitempty"`
+	// NextPageToken: [Output Only] This token allows you to get the next
+	// page of results for list requests. If the number of results is larger
+	// than maxResults, use the nextPageToken as a value for the query
+	// parameter pageToken in the next list request. Subsequent list
+	// requests will have their own nextPageToken to continue paging through
+	// the results.
+	NextPageToken string `json:"nextPageToken,omitempty"`
 
-	// SelfLink: [Output Only] Server-defined URL for the resource.
+	// SelfLink: [Output Only] Server-defined URL for this resource.
 	SelfLink string `json:"selfLink,omitempty"`
 
-	// Warnings: [Output Only] If potential misconfigurations are detected
-	// for this SSL policy, this field will be populated with warning
-	// messages.
-	Warnings []*SslPolicyWarnings `json:"warnings,omitempty"`
+	// Warning: [Output Only] Informational warning message.
+	Warning *SslPoliciesListWarning `json:"warning,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
 	googleapi.ServerResponse `json:"-"`
 
-	// ForceSendFields is a list of field names (e.g. "CreationTimestamp")
-	// to unconditionally include in API requests. By default, fields with
+	// ForceSendFields is a list of field names (e.g. "Id") to
+	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
 	// server regardless of whether the field is empty or not. This may be
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`
 
-	// NullFields is a list of field names (e.g. "CreationTimestamp") to
-	// include in API requests with the JSON null value. By default, fields
-	// with empty values are omitted from API requests. However, any field
-	// with an empty value appearing in NullFields will be sent to the
-	// server as null. It is an error if a field in this list has a
-	// non-empty value. This may be used to include null fields in Patch
-	// requests.
+	// NullFields is a list of field names (e.g. "Id") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }
 
-func (s *SslPolicy) MarshalJSON() ([]byte, error) {
-	type NoMethod SslPolicy
+func (s *SslPoliciesList) MarshalJSON() ([]byte, error) {
+	type NoMethod SslPoliciesList
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
-type SslPolicyWarnings struct {
+// SslPoliciesListWarning: [Output Only] Informational warning message.
+type SslPoliciesListWarning struct {
+	// Code: [Output Only] A warning code, if applicable. For example,
+	// Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in
+	// the response.
+	//
+	// Possible values:
+	//   "CLEANUP_FAILED"
+	//   "DEPRECATED_RESOURCE_USED"
+	//   "DEPRECATED_TYPE_USED"
+	//   "DISK_SIZE_LARGER_THAN_IMAGE_SIZE"
+	//   "EXPERIMENTAL_TYPE_USED"
+	//   "EXTERNAL_API_WARNING"
+	//   "FIELD_VALUE_OVERRIDEN"
+	//   "INJECTED_KERNELS_DEPRECATED"
+	//   "MISSING_TYPE_DEPENDENCY"
+	//   "NEXT_HOP_ADDRESS_NOT_ASSIGNED"
+	//   "NEXT_HOP_CANNOT_IP_FORWARD"
+	//   "NEXT_HOP_INSTANCE_NOT_FOUND"
+	//   "NEXT_HOP_INSTANCE_NOT_ON_NETWORK"
+	//   "NEXT_HOP_NOT_RUNNING"
+	//   "NOT_CRITICAL_ERROR"
+	//   "NO_RESULTS_ON_PAGE"
+	//   "REQUIRED_TOS_AGREEMENT"
+	//   "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING"
+	//   "RESOURCE_NOT_DELETED"
+	//   "SCHEMA_VALIDATION_IGNORED"
+	//   "SINGLE_INSTANCE_PROPERTY_TEMPLATE"
+	//   "UNDECLARED_PROPERTIES"
+	//   "UNREACHABLE"
+	Code string `json:"code,omitempty"`
+
+	// Data: [Output Only] Metadata about this warning in key: value format.
+	// For example:
+	// "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+	Data []*SslPoliciesListWarningData `json:"data,omitempty"`
+
+	// Message: [Output Only] A human-readable description of the warning
+	// code.
+	Message string `json:"message,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "Code") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Code") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *SslPoliciesListWarning) MarshalJSON() ([]byte, error) {
+	type NoMethod SslPoliciesListWarning
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+type SslPoliciesListWarningData struct {
+	// Key: [Output Only] A key that provides more detail on the warning
+	// being returned. For example, for warnings where there are no results
+	// in a list request for a particular zone, this key might be scope and
+	// the key value might be the zone name. Other examples might be a key
+	// indicating a deprecated resource and a suggested replacement, or a
+	// warning about invalid network settings (for example, if an instance
+	// attempts to perform IP forwarding but is not enabled for IP
+	// forwarding).
+	Key string `json:"key,omitempty"`
+
+	// Value: [Output Only] A warning data value corresponding to the key.
+	Value string `json:"value,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "Key") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Key") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *SslPoliciesListWarningData) MarshalJSON() ([]byte, error) {
+	type NoMethod SslPoliciesListWarningData
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+type SslPoliciesListAvailableFeaturesResponse struct {
+	Features []string `json:"features,omitempty"`
+
+	// ServerResponse contains the HTTP response code and headers from the
+	// server.
+	googleapi.ServerResponse `json:"-"`
+
+	// ForceSendFields is a list of field names (e.g. "Features") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Features") to include in
+	// API requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *SslPoliciesListAvailableFeaturesResponse) MarshalJSON() ([]byte, error) {
+	type NoMethod SslPoliciesListAvailableFeaturesResponse
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// SslPolicy: A SSL policy specifies the server-side support for SSL
+// features. This can be attached to a TargetHttpsProxy or a
+// TargetSslProxy. This affects connections between clients and the
+// HTTPS or SSL proxy load balancer. They do not affect the connection
+// between the load balancers and the backends.
+type SslPolicy struct {
+	// CreationTimestamp: [Output Only] Creation timestamp in RFC3339 text
+	// format.
+	CreationTimestamp string `json:"creationTimestamp,omitempty"`
+
+	// CustomFeatures: List of features enabled when the selected profile is
+	// CUSTOM. The
+	// - method returns the set of features that can be specified in this
+	// list. This field must be empty if the profile is not CUSTOM.
+	CustomFeatures []string `json:"customFeatures,omitempty"`
+
+	// Description: An optional description of this resource. Provide this
+	// property when you create the resource.
+	Description string `json:"description,omitempty"`
+
+	// EnabledFeatures: [Output Only] The list of features enabled in the
+	// SSL policy.
+	EnabledFeatures []string `json:"enabledFeatures,omitempty"`
+
+	// Fingerprint: Fingerprint of this resource. A hash of the contents
+	// stored in this object. This field is used in optimistic locking. This
+	// field will be ignored when inserting a SslPolicy. An up-to-date
+	// fingerprint must be provided in order to update the SslPolicy.
+	Fingerprint string `json:"fingerprint,omitempty"`
+
+	// Id: [Output Only] The unique identifier for the resource. This
+	// identifier is defined by the server.
+	Id uint64 `json:"id,omitempty,string"`
+
+	// Kind: [Output only] Type of the resource. Always compute#sslPolicyfor
+	// SSL policies.
+	Kind string `json:"kind,omitempty"`
+
+	// MinTlsVersion: The minimum version of SSL protocol that can be used
+	// by the clients to establish a connection with the load balancer. This
+	// can be one of TLS_1_0, TLS_1_1, TLS_1_2, TLS_1_3.
+	//
+	// Possible values:
+	//   "TLS_1_0"
+	//   "TLS_1_1"
+	//   "TLS_1_2"
+	//   "TLS_1_3"
+	MinTlsVersion string `json:"minTlsVersion,omitempty"`
+
+	// Name: Name of the resource. The name must be 1-63 characters long,
+	// and comply with RFC1035. Specifically, the name must be 1-63
+	// characters long and match the regular expression
+	// `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be
+	// a lowercase letter, and all following characters must be a dash,
+	// lowercase letter, or digit, except the last character, which cannot
+	// be a dash.
+	Name string `json:"name,omitempty"`
+
+	// Profile: Profile specifies the set of SSL features that can be used
+	// by the load balancer when negotiating SSL with clients. This can be
+	// one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM,
+	// the set of SSL features to enable must be specified in the
+	// customFeatures field.
+	//
+	// Possible values:
+	//   "COMPATIBLE"
+	//   "CUSTOM"
+	//   "MODERN"
+	//   "RESTRICTED"
+	Profile string `json:"profile,omitempty"`
+
+	// SelfLink: [Output Only] Server-defined URL for the resource.
+	SelfLink string `json:"selfLink,omitempty"`
+
+	// Warnings: [Output Only] If potential misconfigurations are detected
+	// for this SSL policy, this field will be populated with warning
+	// messages.
+	Warnings []*SslPolicyWarnings `json:"warnings,omitempty"`
+
+	// ServerResponse contains the HTTP response code and headers from the
+	// server.
+	googleapi.ServerResponse `json:"-"`
+
+	// ForceSendFields is a list of field names (e.g. "CreationTimestamp")
+	// to unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "CreationTimestamp") to
+	// include in API requests with the JSON null value. By default, fields
+	// with empty values are omitted from API requests. However, any field
+	// with an empty value appearing in NullFields will be sent to the
+	// server as null. It is an error if a field in this list has a
+	// non-empty value. This may be used to include null fields in Patch
+	// requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *SslPolicy) MarshalJSON() ([]byte, error) {
+	type NoMethod SslPolicy
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+type SslPolicyWarnings struct {
 	// Code: [Output Only] A warning code, if applicable. For example,
 	// Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in
 	// the response.
@@ -26402,6 +26711,14 @@ type Subnetwork struct {
 	// resource creation time.
 	Description string `json:"description,omitempty"`
 
+	// EnableFlowLogs: Whether to enable flow logging for this subnetwork.
+	EnableFlowLogs bool `json:"enableFlowLogs,omitempty"`
+
+	// EnablePrivateV6Access: Whether the VMs in this subnet can directly
+	// access Google services via internal IPv6 addresses. This field can be
+	// both set at resource creation time and updated using patch.
+	EnablePrivateV6Access bool `json:"enablePrivateV6Access,omitempty"`
+
 	// Fingerprint: Fingerprint of this resource. A hash of the contents
 	// stored in this object. This field is used in optimistic locking. This
 	// field will be ignored when inserting a Subnetwork. An up-to-date
@@ -26409,8 +26726,7 @@ type Subnetwork struct {
 	Fingerprint string `json:"fingerprint,omitempty"`
 
 	// GatewayAddress: [Output Only] The gateway address for default routes
-	// to reach destination addresses outside this subnetwork. This field
-	// can be set only at resource creation time.
+	// to reach destination addresses outside this subnetwork.
 	GatewayAddress string `json:"gatewayAddress,omitempty"`
 
 	// Id: [Output Only] The unique identifier for the resource. This
@@ -26424,6 +26740,10 @@ type Subnetwork struct {
 	// can be set only at resource creation time.
 	IpCidrRange string `json:"ipCidrRange,omitempty"`
 
+	// Ipv6CidrRange: [Output Only] The range of internal IPv6 addresses
+	// that are owned by this subnetwork.
+	Ipv6CidrRange string `json:"ipv6CidrRange,omitempty"`
+
 	// Kind: [Output Only] Type of the resource. Always compute#subnetwork
 	// for Subnetwork resources.
 	Kind string `json:"kind,omitempty"`
@@ -26431,7 +26751,7 @@ type Subnetwork struct {
 	// Name: The name of the resource, provided by the client when initially
 	// creating the resource. The name must be 1-63 characters long, and
 	// comply with RFC1035. Specifically, the name must be 1-63 characters
-	// long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?
+	// long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
 	// which means the first character must be a lowercase letter, and all
 	// following characters must be a dash, lowercase letter, or digit,
 	// except the last character, which cannot be a dash.
@@ -27173,7 +27493,7 @@ type TargetHttpProxy struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -27459,7 +27779,7 @@ type TargetHttpsProxy struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -27720,7 +28040,7 @@ type TargetInstance struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -27737,7 +28057,8 @@ type TargetInstance struct {
 	SelfLink string `json:"selfLink,omitempty"`
 
 	// Zone: [Output Only] URL of the zone where the target instance
-	// resides.
+	// resides. You must specify this field as part of the HTTP request URL.
+	// It is not settable as a field in the request body.
 	Zone string `json:"zone,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -28282,7 +28603,7 @@ type TargetPool struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -29096,7 +29417,7 @@ type TargetSslProxy struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -29393,7 +29714,7 @@ type TargetTcpProxy struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -29641,7 +29962,7 @@ type TargetVpnGateway struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -29652,7 +29973,8 @@ type TargetVpnGateway struct {
 	Network string `json:"network,omitempty"`
 
 	// Region: [Output Only] URL of the region where the target VPN gateway
-	// resides.
+	// resides. You must specify this field as part of the HTTP request URL.
+	// It is not settable as a field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// SelfLink: [Output Only] Server-defined URL for the resource.
@@ -30316,7 +30638,7 @@ type UrlMap struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -30328,8 +30650,9 @@ type UrlMap struct {
 	// SelfLink: [Output Only] Server-defined URL for the resource.
 	SelfLink string `json:"selfLink,omitempty"`
 
-	// Tests: The list of expected URL mappings. Request to update this
-	// UrlMap will succeed only if all of the test cases pass.
+	// Tests: The list of expected URL mapping tests. Request to update this
+	// UrlMap will succeed only if all of the test cases pass. You can
+	// specify a maximum of 100 tests per UrlMap.
 	Tests []*UrlMapTest `json:"tests,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -30994,7 +31317,7 @@ type VpnTunnel struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -31004,6 +31327,8 @@ type VpnTunnel struct {
 	PeerIp string `json:"peerIp,omitempty"`
 
 	// Region: [Output Only] URL of the region where the VPN tunnel resides.
+	// You must specify this field as part of the HTTP request URL. It is
+	// not settable as a field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// RemoteTrafficSelector: Remote traffic selectors to use when
@@ -31042,8 +31367,9 @@ type VpnTunnel struct {
 	//   "WAITING_FOR_FULL_CONFIG"
 	Status string `json:"status,omitempty"`
 
-	// TargetVpnGateway: URL of the VPN gateway with which this VPN tunnel
-	// is associated. Provided by the client when the VPN tunnel is created.
+	// TargetVpnGateway: URL of the Target VPN gateway with which this VPN
+	// tunnel is associated. Provided by the client when the VPN tunnel is
+	// created.
 	TargetVpnGateway string `json:"targetVpnGateway,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -43511,7 +43837,7 @@ type FirewallsUpdateCall struct {
 }
 
 // Update: Updates the specified firewall rule with the data included in
-// the request. Using PUT method, can only update following fields of
+// the request. The PUT method can only update the following fields of
 // firewall rule: allowed, description, sourceRanges, sourceTags,
 // targetTags.
 // For details, see https://cloud.google.com/compute/docs/reference/latest/firewalls/update
@@ -43629,7 +43955,7 @@ func (c *FirewallsUpdateCall) Do(opts ...googleapi.CallOption) (*Operation, erro
 	}
 	return ret, nil
 	// {
-	//   "description": "Updates the specified firewall rule with the data included in the request. Using PUT method, can only update following fields of firewall rule: allowed, description, sourceRanges, sourceTags, targetTags.",
+	//   "description": "Updates the specified firewall rule with the data included in the request. The PUT method can only update the following fields of firewall rule: allowed, description, sourceRanges, sourceTags, targetTags.",
 	//   "httpMethod": "PUT",
 	//   "id": "compute.firewalls.update",
 	//   "parameterOrder": [
@@ -62086,11 +62412,9 @@ type InstanceTemplatesDeleteCall struct {
 	header_          http.Header
 }
 
-// Delete: Deletes the specified instance template. If you delete an
-// instance template that is being referenced from another instance
-// group, the instance group will not be able to create or recreate
-// virtual machine instances. Deleting an instance template is permanent
-// and cannot be undone.
+// Delete: Deletes the specified instance template. Deleting an instance
+// template is permanent and cannot be undone. It's not possible to
+// delete templates which are in use by an instance group.
 // For details, see https://cloud.google.com/compute/docs/reference/latest/instanceTemplates/delete
 func (r *InstanceTemplatesService) Delete(project string, instanceTemplate string) *InstanceTemplatesDeleteCall {
 	c := &InstanceTemplatesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
@@ -62200,7 +62524,7 @@ func (c *InstanceTemplatesDeleteCall) Do(opts ...googleapi.CallOption) (*Operati
 	}
 	return ret, nil
 	// {
-	//   "description": "Deletes the specified instance template. If you delete an instance template that is being referenced from another instance group, the instance group will not be able to create or recreate virtual machine instances. Deleting an instance template is permanent and cannot be undone.",
+	//   "description": "Deletes the specified instance template. Deleting an instance template is permanent and cannot be undone. It's not possible to delete templates which are in use by an instance group.",
 	//   "httpMethod": "DELETE",
 	//   "id": "compute.instanceTemplates.delete",
 	//   "parameterOrder": [
@@ -81432,93 +81756,95 @@ func (c *NetworksTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*Test
 
 }
 
-// method id "compute.projects.disableXpnHost":
+// method id "compute.nodeGroups.getIamPolicy":
 
-type ProjectsDisableXpnHostCall struct {
-	s          *Service
-	project    string
-	urlParams_ gensupport.URLParams
-	ctx_       context.Context
-	header_    http.Header
+type NodeGroupsGetIamPolicyCall struct {
+	s            *Service
+	project      string
+	zone         string
+	resource     string
+	urlParams_   gensupport.URLParams
+	ifNoneMatch_ string
+	ctx_         context.Context
+	header_      http.Header
 }
 
-// DisableXpnHost: Disable this project as a shared VPC host project.
-func (r *ProjectsService) DisableXpnHost(project string) *ProjectsDisableXpnHostCall {
-	c := &ProjectsDisableXpnHostCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+// GetIamPolicy: Gets the access control policy for a resource. May be
+// empty if no such policy or resource exists.
+func (r *NodeGroupsService) GetIamPolicy(project string, zone string, resource string) *NodeGroupsGetIamPolicyCall {
+	c := &NodeGroupsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.project = project
-	return c
-}
-
-// RequestId sets the optional parameter "requestId": An optional
-// request ID to identify requests. Specify a unique request ID so that
-// if you must retry your request, the server will know to ignore the
-// request if it has already been completed.
-//
-// For example, consider a situation where you make an initial request
-// and the request times out. If you make the request again with the
-// same request ID, the server can check if original operation with the
-// same request ID was received, and if so, will ignore the second
-// request. This prevents clients from accidentally creating duplicate
-// commitments.
-//
-// The request ID must be a valid UUID with the exception that zero UUID
-// is not supported (00000000-0000-0000-0000-000000000000).
-func (c *ProjectsDisableXpnHostCall) RequestId(requestId string) *ProjectsDisableXpnHostCall {
-	c.urlParams_.Set("requestId", requestId)
+	c.zone = zone
+	c.resource = resource
 	return c
 }
 
 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
-func (c *ProjectsDisableXpnHostCall) Fields(s ...googleapi.Field) *ProjectsDisableXpnHostCall {
+func (c *NodeGroupsGetIamPolicyCall) Fields(s ...googleapi.Field) *NodeGroupsGetIamPolicyCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }
 
+// IfNoneMatch sets the optional parameter which makes the operation
+// fail if the object's ETag matches the given value. This is useful for
+// getting updates only after the object has changed since the last
+// request. Use googleapi.IsNotModified to check whether the response
+// error from Do is the result of In-None-Match.
+func (c *NodeGroupsGetIamPolicyCall) IfNoneMatch(entityTag string) *NodeGroupsGetIamPolicyCall {
+	c.ifNoneMatch_ = entityTag
+	return c
+}
+
 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
-func (c *ProjectsDisableXpnHostCall) Context(ctx context.Context) *ProjectsDisableXpnHostCall {
+func (c *NodeGroupsGetIamPolicyCall) Context(ctx context.Context) *NodeGroupsGetIamPolicyCall {
 	c.ctx_ = ctx
 	return c
 }
 
 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
-func (c *ProjectsDisableXpnHostCall) Header() http.Header {
+func (c *NodeGroupsGetIamPolicyCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }
 
-func (c *ProjectsDisableXpnHostCall) doRequest(alt string) (*http.Response, error) {
+func (c *NodeGroupsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
+	if c.ifNoneMatch_ != "" {
+		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
+	}
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
-	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/disableXpnHost")
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/nodeGroups/{resource}/getIamPolicy")
 	urls += "?" + c.urlParams_.Encode()
-	req, _ := http.NewRequest("POST", urls, body)
+	req, _ := http.NewRequest("GET", urls, body)
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
-		"project": c.project,
+		"project":  c.project,
+		"zone":     c.zone,
+		"resource": c.resource,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }
 
-// Do executes the "compute.projects.disableXpnHost" call.
-// Exactly one of *Operation or error will be non-nil. Any non-2xx
-// status code is an error. Response headers are in either
-// *Operation.ServerResponse.Header or (if a response was returned at
-// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
-// to check whether the returned error was because
-// http.StatusNotModified was returned.
-func (c *ProjectsDisableXpnHostCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+// Do executes the "compute.nodeGroups.getIamPolicy" call.
+// Exactly one of *Policy or error will be non-nil. Any non-2xx status
+// code is an error. Response headers are in either
+// *Policy.ServerResponse.Header or (if a response was returned at all)
+// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
+// check whether the returned error was because http.StatusNotModified
+// was returned.
+func (c *NodeGroupsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
@@ -81537,7 +81863,7 @@ func (c *ProjectsDisableXpnHostCall) Do(opts ...googleapi.CallOption) (*Operatio
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
-	ret := &Operation{
+	ret := &Policy{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
@@ -81549,11 +81875,13 @@ func (c *ProjectsDisableXpnHostCall) Do(opts ...googleapi.CallOption) (*Operatio
 	}
 	return ret, nil
 	// {
-	//   "description": "Disable this project as a shared VPC host project.",
-	//   "httpMethod": "POST",
-	//   "id": "compute.projects.disableXpnHost",
+	//   "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
+	//   "httpMethod": "GET",
+	//   "id": "compute.nodeGroups.getIamPolicy",
 	//   "parameterOrder": [
-	//     "project"
+	//     "project",
+	//     "zone",
+	//     "resource"
 	//   ],
 	//   "parameters": {
 	//     "project": {
@@ -81563,67 +81891,62 @@ func (c *ProjectsDisableXpnHostCall) Do(opts ...googleapi.CallOption) (*Operatio
 	//       "required": true,
 	//       "type": "string"
 	//     },
-	//     "requestId": {
-	//       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-	//       "location": "query",
+	//     "resource": {
+	//       "description": "Name of the resource for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "zone": {
+	//       "description": "The name of the zone for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
-	//   "path": "{project}/disableXpnHost",
+	//   "path": "{project}/zones/{zone}/nodeGroups/{resource}/getIamPolicy",
 	//   "response": {
-	//     "$ref": "Operation"
+	//     "$ref": "Policy"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform",
-	//     "https://www.googleapis.com/auth/compute"
+	//     "https://www.googleapis.com/auth/compute",
+	//     "https://www.googleapis.com/auth/compute.readonly"
 	//   ]
 	// }
 
 }
 
-// method id "compute.projects.disableXpnResource":
+// method id "compute.nodeGroups.setIamPolicy":
 
-type ProjectsDisableXpnResourceCall struct {
-	s                                 *Service
-	project                           string
-	projectsdisablexpnresourcerequest *ProjectsDisableXpnResourceRequest
-	urlParams_                        gensupport.URLParams
-	ctx_                              context.Context
-	header_                           http.Header
+type NodeGroupsSetIamPolicyCall struct {
+	s          *Service
+	project    string
+	zone       string
+	resource   string
+	policy     *Policy
+	urlParams_ gensupport.URLParams
+	ctx_       context.Context
+	header_    http.Header
 }
 
-// DisableXpnResource: Disable a serivce resource (a.k.a service
-// project) associated with this host project.
-func (r *ProjectsService) DisableXpnResource(project string, projectsdisablexpnresourcerequest *ProjectsDisableXpnResourceRequest) *ProjectsDisableXpnResourceCall {
-	c := &ProjectsDisableXpnResourceCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+// SetIamPolicy: Sets the access control policy on the specified
+// resource. Replaces any existing policy.
+func (r *NodeGroupsService) SetIamPolicy(project string, zone string, resource string, policy *Policy) *NodeGroupsSetIamPolicyCall {
+	c := &NodeGroupsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.project = project
-	c.projectsdisablexpnresourcerequest = projectsdisablexpnresourcerequest
-	return c
-}
-
-// RequestId sets the optional parameter "requestId": An optional
-// request ID to identify requests. Specify a unique request ID so that
-// if you must retry your request, the server will know to ignore the
-// request if it has already been completed.
-//
-// For example, consider a situation where you make an initial request
-// and the request times out. If you make the request again with the
-// same request ID, the server can check if original operation with the
-// same request ID was received, and if so, will ignore the second
-// request. This prevents clients from accidentally creating duplicate
-// commitments.
-//
-// The request ID must be a valid UUID with the exception that zero UUID
-// is not supported (00000000-0000-0000-0000-000000000000).
-func (c *ProjectsDisableXpnResourceCall) RequestId(requestId string) *ProjectsDisableXpnResourceCall {
-	c.urlParams_.Set("requestId", requestId)
+	c.zone = zone
+	c.resource = resource
+	c.policy = policy
 	return c
 }
 
 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
-func (c *ProjectsDisableXpnResourceCall) Fields(s ...googleapi.Field) *ProjectsDisableXpnResourceCall {
+func (c *NodeGroupsSetIamPolicyCall) Fields(s ...googleapi.Field) *NodeGroupsSetIamPolicyCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }
@@ -81631,51 +81954,53 @@ func (c *ProjectsDisableXpnResourceCall) Fields(s ...googleapi.Field) *ProjectsD
 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
-func (c *ProjectsDisableXpnResourceCall) Context(ctx context.Context) *ProjectsDisableXpnResourceCall {
+func (c *NodeGroupsSetIamPolicyCall) Context(ctx context.Context) *NodeGroupsSetIamPolicyCall {
 	c.ctx_ = ctx
 	return c
 }
 
 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
-func (c *ProjectsDisableXpnResourceCall) Header() http.Header {
+func (c *NodeGroupsSetIamPolicyCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }
 
-func (c *ProjectsDisableXpnResourceCall) doRequest(alt string) (*http.Response, error) {
+func (c *NodeGroupsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
-	body, err := googleapi.WithoutDataWrapper.JSONReader(c.projectsdisablexpnresourcerequest)
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.policy)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
-	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/disableXpnResource")
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/nodeGroups/{resource}/setIamPolicy")
 	urls += "?" + c.urlParams_.Encode()
 	req, _ := http.NewRequest("POST", urls, body)
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
-		"project": c.project,
+		"project":  c.project,
+		"zone":     c.zone,
+		"resource": c.resource,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }
 
-// Do executes the "compute.projects.disableXpnResource" call.
-// Exactly one of *Operation or error will be non-nil. Any non-2xx
-// status code is an error. Response headers are in either
-// *Operation.ServerResponse.Header or (if a response was returned at
-// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
-// to check whether the returned error was because
-// http.StatusNotModified was returned.
-func (c *ProjectsDisableXpnResourceCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+// Do executes the "compute.nodeGroups.setIamPolicy" call.
+// Exactly one of *Policy or error will be non-nil. Any non-2xx status
+// code is an error. Response headers are in either
+// *Policy.ServerResponse.Header or (if a response was returned at all)
+// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
+// check whether the returned error was because http.StatusNotModified
+// was returned.
+func (c *NodeGroupsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
@@ -81694,7 +82019,7 @@ func (c *ProjectsDisableXpnResourceCall) Do(opts ...googleapi.CallOption) (*Oper
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
-	ret := &Operation{
+	ret := &Policy{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
@@ -81706,11 +82031,13 @@ func (c *ProjectsDisableXpnResourceCall) Do(opts ...googleapi.CallOption) (*Oper
 	}
 	return ret, nil
 	// {
-	//   "description": "Disable a serivce resource (a.k.a service project) associated with this host project.",
+	//   "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
 	//   "httpMethod": "POST",
-	//   "id": "compute.projects.disableXpnResource",
+	//   "id": "compute.nodeGroups.setIamPolicy",
 	//   "parameterOrder": [
-	//     "project"
+	//     "project",
+	//     "zone",
+	//     "resource"
 	//   ],
 	//   "parameters": {
 	//     "project": {
@@ -81720,18 +82047,27 @@ func (c *ProjectsDisableXpnResourceCall) Do(opts ...googleapi.CallOption) (*Oper
 	//       "required": true,
 	//       "type": "string"
 	//     },
-	//     "requestId": {
-	//       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-	//       "location": "query",
+	//     "resource": {
+	//       "description": "Name of the resource for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "zone": {
+	//       "description": "The name of the zone for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
 	//       "type": "string"
 	//     }
 	//   },
-	//   "path": "{project}/disableXpnResource",
+	//   "path": "{project}/zones/{zone}/nodeGroups/{resource}/setIamPolicy",
 	//   "request": {
-	//     "$ref": "ProjectsDisableXpnResourceRequest"
+	//     "$ref": "Policy"
 	//   },
 	//   "response": {
-	//     "$ref": "Operation"
+	//     "$ref": "Policy"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform",
@@ -81741,46 +82077,34 @@ func (c *ProjectsDisableXpnResourceCall) Do(opts ...googleapi.CallOption) (*Oper
 
 }
 
-// method id "compute.projects.enableXpnHost":
+// method id "compute.nodeGroups.testIamPermissions":
 
-type ProjectsEnableXpnHostCall struct {
-	s          *Service
-	project    string
-	urlParams_ gensupport.URLParams
-	ctx_       context.Context
-	header_    http.Header
+type NodeGroupsTestIamPermissionsCall struct {
+	s                      *Service
+	project                string
+	zone                   string
+	resource               string
+	testpermissionsrequest *TestPermissionsRequest
+	urlParams_             gensupport.URLParams
+	ctx_                   context.Context
+	header_                http.Header
 }
 
-// EnableXpnHost: Enable this project as a shared VPC host project.
-func (r *ProjectsService) EnableXpnHost(project string) *ProjectsEnableXpnHostCall {
-	c := &ProjectsEnableXpnHostCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+// TestIamPermissions: Returns permissions that a caller has on the
+// specified resource.
+func (r *NodeGroupsService) TestIamPermissions(project string, zone string, resource string, testpermissionsrequest *TestPermissionsRequest) *NodeGroupsTestIamPermissionsCall {
+	c := &NodeGroupsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.project = project
-	return c
-}
-
-// RequestId sets the optional parameter "requestId": An optional
-// request ID to identify requests. Specify a unique request ID so that
-// if you must retry your request, the server will know to ignore the
-// request if it has already been completed.
-//
-// For example, consider a situation where you make an initial request
-// and the request times out. If you make the request again with the
-// same request ID, the server can check if original operation with the
-// same request ID was received, and if so, will ignore the second
-// request. This prevents clients from accidentally creating duplicate
-// commitments.
-//
-// The request ID must be a valid UUID with the exception that zero UUID
-// is not supported (00000000-0000-0000-0000-000000000000).
-func (c *ProjectsEnableXpnHostCall) RequestId(requestId string) *ProjectsEnableXpnHostCall {
-	c.urlParams_.Set("requestId", requestId)
+	c.zone = zone
+	c.resource = resource
+	c.testpermissionsrequest = testpermissionsrequest
 	return c
 }
 
 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
-func (c *ProjectsEnableXpnHostCall) Fields(s ...googleapi.Field) *ProjectsEnableXpnHostCall {
+func (c *NodeGroupsTestIamPermissionsCall) Fields(s ...googleapi.Field) *NodeGroupsTestIamPermissionsCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }
@@ -81788,44 +82112,1004 @@ func (c *ProjectsEnableXpnHostCall) Fields(s ...googleapi.Field) *ProjectsEnable
 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
-func (c *ProjectsEnableXpnHostCall) Context(ctx context.Context) *ProjectsEnableXpnHostCall {
+func (c *NodeGroupsTestIamPermissionsCall) Context(ctx context.Context) *NodeGroupsTestIamPermissionsCall {
 	c.ctx_ = ctx
 	return c
 }
 
 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
-func (c *ProjectsEnableXpnHostCall) Header() http.Header {
+func (c *NodeGroupsTestIamPermissionsCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }
 
-func (c *ProjectsEnableXpnHostCall) doRequest(alt string) (*http.Response, error) {
+func (c *NodeGroupsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.testpermissionsrequest)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
-	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/enableXpnHost")
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/nodeGroups/{resource}/testIamPermissions")
 	urls += "?" + c.urlParams_.Encode()
 	req, _ := http.NewRequest("POST", urls, body)
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
-		"project": c.project,
+		"project":  c.project,
+		"zone":     c.zone,
+		"resource": c.resource,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }
 
-// Do executes the "compute.projects.enableXpnHost" call.
-// Exactly one of *Operation or error will be non-nil. Any non-2xx
-// status code is an error. Response headers are in either
-// *Operation.ServerResponse.Header or (if a response was returned at
-// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
-// to check whether the returned error was because
+// Do executes the "compute.nodeGroups.testIamPermissions" call.
+// Exactly one of *TestPermissionsResponse or error will be non-nil. Any
+// non-2xx status code is an error. Response headers are in either
+// *TestPermissionsResponse.ServerResponse.Header or (if a response was
+// returned at all) in error.(*googleapi.Error).Header. Use
+// googleapi.IsNotModified to check whether the returned error was
+// because http.StatusNotModified was returned.
+func (c *NodeGroupsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestPermissionsResponse, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &TestPermissionsResponse{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Returns permissions that a caller has on the specified resource.",
+	//   "httpMethod": "POST",
+	//   "id": "compute.nodeGroups.testIamPermissions",
+	//   "parameterOrder": [
+	//     "project",
+	//     "zone",
+	//     "resource"
+	//   ],
+	//   "parameters": {
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "resource": {
+	//       "description": "Name of the resource for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "zone": {
+	//       "description": "The name of the zone for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/zones/{zone}/nodeGroups/{resource}/testIamPermissions",
+	//   "request": {
+	//     "$ref": "TestPermissionsRequest"
+	//   },
+	//   "response": {
+	//     "$ref": "TestPermissionsResponse"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute",
+	//     "https://www.googleapis.com/auth/compute.readonly"
+	//   ]
+	// }
+
+}
+
+// method id "compute.nodeTemplates.getIamPolicy":
+
+type NodeTemplatesGetIamPolicyCall struct {
+	s            *Service
+	project      string
+	region       string
+	resource     string
+	urlParams_   gensupport.URLParams
+	ifNoneMatch_ string
+	ctx_         context.Context
+	header_      http.Header
+}
+
+// GetIamPolicy: Gets the access control policy for a resource. May be
+// empty if no such policy or resource exists.
+func (r *NodeTemplatesService) GetIamPolicy(project string, region string, resource string) *NodeTemplatesGetIamPolicyCall {
+	c := &NodeTemplatesGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.region = region
+	c.resource = resource
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *NodeTemplatesGetIamPolicyCall) Fields(s ...googleapi.Field) *NodeTemplatesGetIamPolicyCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// IfNoneMatch sets the optional parameter which makes the operation
+// fail if the object's ETag matches the given value. This is useful for
+// getting updates only after the object has changed since the last
+// request. Use googleapi.IsNotModified to check whether the response
+// error from Do is the result of In-None-Match.
+func (c *NodeTemplatesGetIamPolicyCall) IfNoneMatch(entityTag string) *NodeTemplatesGetIamPolicyCall {
+	c.ifNoneMatch_ = entityTag
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *NodeTemplatesGetIamPolicyCall) Context(ctx context.Context) *NodeTemplatesGetIamPolicyCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *NodeTemplatesGetIamPolicyCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *NodeTemplatesGetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	if c.ifNoneMatch_ != "" {
+		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
+	}
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/nodeTemplates/{resource}/getIamPolicy")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("GET", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project":  c.project,
+		"region":   c.region,
+		"resource": c.resource,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.nodeTemplates.getIamPolicy" call.
+// Exactly one of *Policy or error will be non-nil. Any non-2xx status
+// code is an error. Response headers are in either
+// *Policy.ServerResponse.Header or (if a response was returned at all)
+// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
+// check whether the returned error was because http.StatusNotModified
+// was returned.
+func (c *NodeTemplatesGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Policy{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
+	//   "httpMethod": "GET",
+	//   "id": "compute.nodeTemplates.getIamPolicy",
+	//   "parameterOrder": [
+	//     "project",
+	//     "region",
+	//     "resource"
+	//   ],
+	//   "parameters": {
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "region": {
+	//       "description": "The name of the region for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "resource": {
+	//       "description": "Name of the resource for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/regions/{region}/nodeTemplates/{resource}/getIamPolicy",
+	//   "response": {
+	//     "$ref": "Policy"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute",
+	//     "https://www.googleapis.com/auth/compute.readonly"
+	//   ]
+	// }
+
+}
+
+// method id "compute.nodeTemplates.setIamPolicy":
+
+type NodeTemplatesSetIamPolicyCall struct {
+	s          *Service
+	project    string
+	region     string
+	resource   string
+	policy     *Policy
+	urlParams_ gensupport.URLParams
+	ctx_       context.Context
+	header_    http.Header
+}
+
+// SetIamPolicy: Sets the access control policy on the specified
+// resource. Replaces any existing policy.
+func (r *NodeTemplatesService) SetIamPolicy(project string, region string, resource string, policy *Policy) *NodeTemplatesSetIamPolicyCall {
+	c := &NodeTemplatesSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.region = region
+	c.resource = resource
+	c.policy = policy
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *NodeTemplatesSetIamPolicyCall) Fields(s ...googleapi.Field) *NodeTemplatesSetIamPolicyCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *NodeTemplatesSetIamPolicyCall) Context(ctx context.Context) *NodeTemplatesSetIamPolicyCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *NodeTemplatesSetIamPolicyCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *NodeTemplatesSetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.policy)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/nodeTemplates/{resource}/setIamPolicy")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project":  c.project,
+		"region":   c.region,
+		"resource": c.resource,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.nodeTemplates.setIamPolicy" call.
+// Exactly one of *Policy or error will be non-nil. Any non-2xx status
+// code is an error. Response headers are in either
+// *Policy.ServerResponse.Header or (if a response was returned at all)
+// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
+// check whether the returned error was because http.StatusNotModified
+// was returned.
+func (c *NodeTemplatesSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Policy{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
+	//   "httpMethod": "POST",
+	//   "id": "compute.nodeTemplates.setIamPolicy",
+	//   "parameterOrder": [
+	//     "project",
+	//     "region",
+	//     "resource"
+	//   ],
+	//   "parameters": {
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "region": {
+	//       "description": "The name of the region for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "resource": {
+	//       "description": "Name of the resource for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/regions/{region}/nodeTemplates/{resource}/setIamPolicy",
+	//   "request": {
+	//     "$ref": "Policy"
+	//   },
+	//   "response": {
+	//     "$ref": "Policy"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute"
+	//   ]
+	// }
+
+}
+
+// method id "compute.nodeTemplates.testIamPermissions":
+
+type NodeTemplatesTestIamPermissionsCall struct {
+	s                      *Service
+	project                string
+	region                 string
+	resource               string
+	testpermissionsrequest *TestPermissionsRequest
+	urlParams_             gensupport.URLParams
+	ctx_                   context.Context
+	header_                http.Header
+}
+
+// TestIamPermissions: Returns permissions that a caller has on the
+// specified resource.
+func (r *NodeTemplatesService) TestIamPermissions(project string, region string, resource string, testpermissionsrequest *TestPermissionsRequest) *NodeTemplatesTestIamPermissionsCall {
+	c := &NodeTemplatesTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.region = region
+	c.resource = resource
+	c.testpermissionsrequest = testpermissionsrequest
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *NodeTemplatesTestIamPermissionsCall) Fields(s ...googleapi.Field) *NodeTemplatesTestIamPermissionsCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *NodeTemplatesTestIamPermissionsCall) Context(ctx context.Context) *NodeTemplatesTestIamPermissionsCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *NodeTemplatesTestIamPermissionsCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *NodeTemplatesTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.testpermissionsrequest)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/nodeTemplates/{resource}/testIamPermissions")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project":  c.project,
+		"region":   c.region,
+		"resource": c.resource,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.nodeTemplates.testIamPermissions" call.
+// Exactly one of *TestPermissionsResponse or error will be non-nil. Any
+// non-2xx status code is an error. Response headers are in either
+// *TestPermissionsResponse.ServerResponse.Header or (if a response was
+// returned at all) in error.(*googleapi.Error).Header. Use
+// googleapi.IsNotModified to check whether the returned error was
+// because http.StatusNotModified was returned.
+func (c *NodeTemplatesTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestPermissionsResponse, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &TestPermissionsResponse{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Returns permissions that a caller has on the specified resource.",
+	//   "httpMethod": "POST",
+	//   "id": "compute.nodeTemplates.testIamPermissions",
+	//   "parameterOrder": [
+	//     "project",
+	//     "region",
+	//     "resource"
+	//   ],
+	//   "parameters": {
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "region": {
+	//       "description": "The name of the region for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "resource": {
+	//       "description": "Name of the resource for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/regions/{region}/nodeTemplates/{resource}/testIamPermissions",
+	//   "request": {
+	//     "$ref": "TestPermissionsRequest"
+	//   },
+	//   "response": {
+	//     "$ref": "TestPermissionsResponse"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute",
+	//     "https://www.googleapis.com/auth/compute.readonly"
+	//   ]
+	// }
+
+}
+
+// method id "compute.projects.disableXpnHost":
+
+type ProjectsDisableXpnHostCall struct {
+	s          *Service
+	project    string
+	urlParams_ gensupport.URLParams
+	ctx_       context.Context
+	header_    http.Header
+}
+
+// DisableXpnHost: Disable this project as a shared VPC host project.
+func (r *ProjectsService) DisableXpnHost(project string) *ProjectsDisableXpnHostCall {
+	c := &ProjectsDisableXpnHostCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	return c
+}
+
+// RequestId sets the optional parameter "requestId": An optional
+// request ID to identify requests. Specify a unique request ID so that
+// if you must retry your request, the server will know to ignore the
+// request if it has already been completed.
+//
+// For example, consider a situation where you make an initial request
+// and the request times out. If you make the request again with the
+// same request ID, the server can check if original operation with the
+// same request ID was received, and if so, will ignore the second
+// request. This prevents clients from accidentally creating duplicate
+// commitments.
+//
+// The request ID must be a valid UUID with the exception that zero UUID
+// is not supported (00000000-0000-0000-0000-000000000000).
+func (c *ProjectsDisableXpnHostCall) RequestId(requestId string) *ProjectsDisableXpnHostCall {
+	c.urlParams_.Set("requestId", requestId)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsDisableXpnHostCall) Fields(s ...googleapi.Field) *ProjectsDisableXpnHostCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsDisableXpnHostCall) Context(ctx context.Context) *ProjectsDisableXpnHostCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsDisableXpnHostCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsDisableXpnHostCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/disableXpnHost")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project": c.project,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.projects.disableXpnHost" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *ProjectsDisableXpnHostCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Disable this project as a shared VPC host project.",
+	//   "httpMethod": "POST",
+	//   "id": "compute.projects.disableXpnHost",
+	//   "parameterOrder": [
+	//     "project"
+	//   ],
+	//   "parameters": {
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "requestId": {
+	//       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+	//       "location": "query",
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/disableXpnHost",
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute"
+	//   ]
+	// }
+
+}
+
+// method id "compute.projects.disableXpnResource":
+
+type ProjectsDisableXpnResourceCall struct {
+	s                                 *Service
+	project                           string
+	projectsdisablexpnresourcerequest *ProjectsDisableXpnResourceRequest
+	urlParams_                        gensupport.URLParams
+	ctx_                              context.Context
+	header_                           http.Header
+}
+
+// DisableXpnResource: Disable a serivce resource (a.k.a service
+// project) associated with this host project.
+func (r *ProjectsService) DisableXpnResource(project string, projectsdisablexpnresourcerequest *ProjectsDisableXpnResourceRequest) *ProjectsDisableXpnResourceCall {
+	c := &ProjectsDisableXpnResourceCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.projectsdisablexpnresourcerequest = projectsdisablexpnresourcerequest
+	return c
+}
+
+// RequestId sets the optional parameter "requestId": An optional
+// request ID to identify requests. Specify a unique request ID so that
+// if you must retry your request, the server will know to ignore the
+// request if it has already been completed.
+//
+// For example, consider a situation where you make an initial request
+// and the request times out. If you make the request again with the
+// same request ID, the server can check if original operation with the
+// same request ID was received, and if so, will ignore the second
+// request. This prevents clients from accidentally creating duplicate
+// commitments.
+//
+// The request ID must be a valid UUID with the exception that zero UUID
+// is not supported (00000000-0000-0000-0000-000000000000).
+func (c *ProjectsDisableXpnResourceCall) RequestId(requestId string) *ProjectsDisableXpnResourceCall {
+	c.urlParams_.Set("requestId", requestId)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsDisableXpnResourceCall) Fields(s ...googleapi.Field) *ProjectsDisableXpnResourceCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsDisableXpnResourceCall) Context(ctx context.Context) *ProjectsDisableXpnResourceCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsDisableXpnResourceCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsDisableXpnResourceCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.projectsdisablexpnresourcerequest)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/disableXpnResource")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project": c.project,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.projects.disableXpnResource" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *ProjectsDisableXpnResourceCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Disable a serivce resource (a.k.a service project) associated with this host project.",
+	//   "httpMethod": "POST",
+	//   "id": "compute.projects.disableXpnResource",
+	//   "parameterOrder": [
+	//     "project"
+	//   ],
+	//   "parameters": {
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "requestId": {
+	//       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+	//       "location": "query",
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/disableXpnResource",
+	//   "request": {
+	//     "$ref": "ProjectsDisableXpnResourceRequest"
+	//   },
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute"
+	//   ]
+	// }
+
+}
+
+// method id "compute.projects.enableXpnHost":
+
+type ProjectsEnableXpnHostCall struct {
+	s          *Service
+	project    string
+	urlParams_ gensupport.URLParams
+	ctx_       context.Context
+	header_    http.Header
+}
+
+// EnableXpnHost: Enable this project as a shared VPC host project.
+func (r *ProjectsService) EnableXpnHost(project string) *ProjectsEnableXpnHostCall {
+	c := &ProjectsEnableXpnHostCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	return c
+}
+
+// RequestId sets the optional parameter "requestId": An optional
+// request ID to identify requests. Specify a unique request ID so that
+// if you must retry your request, the server will know to ignore the
+// request if it has already been completed.
+//
+// For example, consider a situation where you make an initial request
+// and the request times out. If you make the request again with the
+// same request ID, the server can check if original operation with the
+// same request ID was received, and if so, will ignore the second
+// request. This prevents clients from accidentally creating duplicate
+// commitments.
+//
+// The request ID must be a valid UUID with the exception that zero UUID
+// is not supported (00000000-0000-0000-0000-000000000000).
+func (c *ProjectsEnableXpnHostCall) RequestId(requestId string) *ProjectsEnableXpnHostCall {
+	c.urlParams_.Set("requestId", requestId)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsEnableXpnHostCall) Fields(s ...googleapi.Field) *ProjectsEnableXpnHostCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsEnableXpnHostCall) Context(ctx context.Context) *ProjectsEnableXpnHostCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsEnableXpnHostCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsEnableXpnHostCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/enableXpnHost")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project": c.project,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.projects.enableXpnHost" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
 // http.StatusNotModified was returned.
 func (c *ProjectsEnableXpnHostCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
@@ -85455,7 +86739,7 @@ func (c *RegionBackendServicesGetHealthCall) Do(opts ...googleapi.CallOption) (*
 	//   ],
 	//   "parameters": {
 	//     "backendService": {
-	//       "description": "Name of the BackendService resource to which the queried instance belongs.",
+	//       "description": "Name of the BackendService resource for which to get health.",
 	//       "location": "path",
 	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
 	//       "required": true,
@@ -97687,6 +98971,13 @@ func (r *SecurityPoliciesService) AddRule(project string, securityPolicy string,
 	return c
 }
 
+// ValidateOnly sets the optional parameter "validateOnly": If true, the
+// request will not be committed.
+func (c *SecurityPoliciesAddRuleCall) ValidateOnly(validateOnly bool) *SecurityPoliciesAddRuleCall {
+	c.urlParams_.Set("validateOnly", fmt.Sprint(validateOnly))
+	return c
+}
+
 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
@@ -97795,6 +99086,11 @@ func (c *SecurityPoliciesAddRuleCall) Do(opts ...googleapi.CallOption) (*Operati
 	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
 	//       "required": true,
 	//       "type": "string"
+	//     },
+	//     "validateOnly": {
+	//       "description": "If true, the request will not be committed.",
+	//       "location": "query",
+	//       "type": "boolean"
 	//     }
 	//   },
 	//   "path": "{project}/global/securityPolicies/{securityPolicy}/addRule",
@@ -98899,6 +100195,13 @@ func (c *SecurityPoliciesPatchRuleCall) Priority(priority int64) *SecurityPolici
 	return c
 }
 
+// ValidateOnly sets the optional parameter "validateOnly": If true, the
+// request will not be committed.
+func (c *SecurityPoliciesPatchRuleCall) ValidateOnly(validateOnly bool) *SecurityPoliciesPatchRuleCall {
+	c.urlParams_.Set("validateOnly", fmt.Sprint(validateOnly))
+	return c
+}
+
 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
@@ -99013,6 +100316,11 @@ func (c *SecurityPoliciesPatchRuleCall) Do(opts ...googleapi.CallOption) (*Opera
 	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
 	//       "required": true,
 	//       "type": "string"
+	//     },
+	//     "validateOnly": {
+	//       "description": "If true, the request will not be committed.",
+	//       "location": "query",
+	//       "type": "boolean"
 	//     }
 	//   },
 	//   "path": "{project}/global/securityPolicies/{securityPolicy}/patchRule",
diff --git a/vendor/google.golang.org/api/compute/v0.beta/compute-api.json b/vendor/google.golang.org/api/compute/v0.beta/compute-api.json
index 5779593b74fe..690984a15411 100644
--- a/vendor/google.golang.org/api/compute/v0.beta/compute-api.json
+++ b/vendor/google.golang.org/api/compute/v0.beta/compute-api.json
@@ -1,34693 +1,35812 @@
 {
- "kind": "discovery#restDescription",
- "etag": "\"YWOzh2SDasdU84ArJnpYek-OMdg/HIjKZ2H1Lvje9CpaMVbiW03yMTM\"",
- "discoveryVersion": "v1",
- "id": "compute:beta",
- "name": "compute",
- "version": "beta",
- "revision": "20171207",
- "title": "Compute Engine API",
- "description": "Creates and runs virtual machines on Google Cloud Platform.",
- "ownerDomain": "google.com",
- "ownerName": "Google",
- "icons": {
-  "x16": "https://www.google.com/images/icons/product/compute_engine-16.png",
-  "x32": "https://www.google.com/images/icons/product/compute_engine-32.png"
- },
- "documentationLink": "https://developers.google.com/compute/docs/reference/latest/",
- "protocol": "rest",
- "baseUrl": "https://www.googleapis.com/compute/beta/projects/",
- "basePath": "/compute/beta/projects/",
- "rootUrl": "https://www.googleapis.com/",
- "servicePath": "compute/beta/projects/",
- "batchPath": "batch/compute/beta",
- "parameters": {
-  "alt": {
-   "type": "string",
-   "description": "Data format for the response.",
-   "default": "json",
-   "enum": [
-    "json"
-   ],
-   "enumDescriptions": [
-    "Responses with Content-Type of application/json"
-   ],
-   "location": "query"
-  },
-  "fields": {
-   "type": "string",
-   "description": "Selector specifying which fields to include in a partial response.",
-   "location": "query"
-  },
-  "key": {
-   "type": "string",
-   "description": "API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.",
-   "location": "query"
-  },
-  "oauth_token": {
-   "type": "string",
-   "description": "OAuth 2.0 token for the current user.",
-   "location": "query"
-  },
-  "prettyPrint": {
-   "type": "boolean",
-   "description": "Returns response with indentations and line breaks.",
-   "default": "true",
-   "location": "query"
-  },
-  "quotaUser": {
-   "type": "string",
-   "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. Overrides userIp if both are provided.",
-   "location": "query"
-  },
-  "userIp": {
-   "type": "string",
-   "description": "IP address of the site where the request originates. Use this if you want to enforce per-user limits.",
-   "location": "query"
-  }
- },
- "auth": {
-  "oauth2": {
-   "scopes": {
-    "https://www.googleapis.com/auth/cloud-platform": {
-     "description": "View and manage your data across Google Cloud Platform services"
-    },
-    "https://www.googleapis.com/auth/compute": {
-     "description": "View and manage your Google Compute Engine resources"
-    },
-    "https://www.googleapis.com/auth/compute.readonly": {
-     "description": "View your Google Compute Engine resources"
-    },
-    "https://www.googleapis.com/auth/devstorage.full_control": {
-     "description": "Manage your data and permissions in Google Cloud Storage"
-    },
-    "https://www.googleapis.com/auth/devstorage.read_only": {
-     "description": "View your data in Google Cloud Storage"
-    },
-    "https://www.googleapis.com/auth/devstorage.read_write": {
-     "description": "Manage your data in Google Cloud Storage"
-    }
-   }
-  }
- },
- "schemas": {
-  "AcceleratorConfig": {
-   "id": "AcceleratorConfig",
-   "type": "object",
-   "description": "A specification of the type and number of accelerator cards attached to the instance.",
-   "properties": {
-    "acceleratorCount": {
-     "type": "integer",
-     "description": "The number of the guest accelerator cards exposed to this instance.",
-     "format": "int32"
-    },
-    "acceleratorType": {
-     "type": "string",
-     "description": "Full or partial URL of the accelerator type resource to expose to this instance."
-    }
-   }
-  },
-  "AcceleratorType": {
-   "id": "AcceleratorType",
-   "type": "object",
-   "description": "An Accelerator Type resource. (== resource_for beta.acceleratorTypes ==) (== resource_for v1.acceleratorTypes ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "deprecated": {
-     "$ref": "DeprecationStatus",
-     "description": "[Output Only] The deprecation status associated with this accelerator type."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] An optional textual description of the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The type of the resource. Always compute#acceleratorType for accelerator types.",
-     "default": "compute#acceleratorType"
-    },
-    "maximumCardsPerInstance": {
-     "type": "integer",
-     "description": "[Output Only] Maximum accelerator cards allowed per instance.",
-     "format": "int32"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined fully-qualified URL for this resource."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] The name of the zone where the accelerator type resides, such as us-central1-a."
-    }
-   }
-  },
-  "AcceleratorTypeAggregatedList": {
-   "id": "AcceleratorTypeAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of AcceleratorTypesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "AcceleratorTypesScopedList",
-      "description": "[Output Only] Name of the scope containing this set of accelerator types."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#acceleratorTypeAggregatedList for aggregated lists of accelerator types.",
-     "default": "compute#acceleratorTypeAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AcceleratorTypeList": {
-   "id": "AcceleratorTypeList",
-   "type": "object",
-   "description": "Contains a list of accelerator types.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of AcceleratorType resources.",
-     "items": {
-      "$ref": "AcceleratorType"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#acceleratorTypeList for lists of accelerator types.",
-     "default": "compute#acceleratorTypeList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AcceleratorTypesScopedList": {
-   "id": "AcceleratorTypesScopedList",
-   "type": "object",
-   "properties": {
-    "acceleratorTypes": {
-     "type": "array",
-     "description": "[Output Only] List of accelerator types contained in this scope.",
-     "items": {
-      "$ref": "AcceleratorType"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] An informational warning that appears when the accelerator types list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+  "auth": {
+    "oauth2": {
+      "scopes": {
+        "https://www.googleapis.com/auth/cloud-platform": {
+          "description": "View and manage your data across Google Cloud Platform services"
+        },
+        "https://www.googleapis.com/auth/compute": {
+          "description": "View and manage your Google Compute Engine resources"
+        },
+        "https://www.googleapis.com/auth/compute.readonly": {
+          "description": "View your Google Compute Engine resources"
+        },
+        "https://www.googleapis.com/auth/devstorage.full_control": {
+          "description": "Manage your data and permissions in Google Cloud Storage"
+        },
+        "https://www.googleapis.com/auth/devstorage.read_only": {
+          "description": "View your data in Google Cloud Storage"
+        },
+        "https://www.googleapis.com/auth/devstorage.read_write": {
+          "description": "Manage your data in Google Cloud Storage"
+        }
       }
-     }
-    }
-   }
-  },
-  "AccessConfig": {
-   "id": "AccessConfig",
-   "type": "object",
-   "description": "An access configuration attached to an instance's network interface. Only one access config per instance is supported.",
-   "properties": {
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#accessConfig for access configs.",
-     "default": "compute#accessConfig"
-    },
-    "name": {
-     "type": "string",
-     "description": "The name of this access configuration. The default and recommended name is External NAT but you can use any arbitrary string you would like. For example, My external IP or Network Access."
-    },
-    "natIP": {
-     "type": "string",
-     "description": "An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance."
-    },
-    "publicPtrDomainName": {
-     "type": "string",
-     "description": "The DNS domain name for the public PTR record. This field can only be set when the set_public_ptr field is enabled."
-    },
-    "setPublicPtr": {
-     "type": "boolean",
-     "description": "Specifies whether a public DNS ?PTR? record should be created to map the external IP address of the instance to a DNS domain name."
-    },
-    "type": {
-     "type": "string",
-     "description": "The type of configuration. The default and only option is ONE_TO_ONE_NAT.",
-     "default": "ONE_TO_ONE_NAT",
-     "enum": [
-      "ONE_TO_ONE_NAT"
-     ],
-     "enumDescriptions": [
-      ""
-     ]
     }
-   }
   },
-  "Address": {
-   "id": "Address",
-   "type": "object",
-   "description": "A reserved address resource. (== resource_for beta.addresses ==) (== resource_for v1.addresses ==) (== resource_for beta.globalAddresses ==) (== resource_for v1.globalAddresses ==)",
-   "properties": {
-    "address": {
-     "type": "string",
-     "description": "The static IP address represented by this resource."
-    },
-    "addressType": {
-     "type": "string",
-     "description": "The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.",
-     "enum": [
-      "EXTERNAL",
-      "INTERNAL",
-      "UNSPECIFIED_TYPE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "ipVersion": {
-     "type": "string",
-     "description": "The IP Version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.",
-     "enum": [
-      "IPV4",
-      "IPV6",
-      "UNSPECIFIED_VERSION"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#address for addresses.",
-     "default": "compute#address"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an Address.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this Address resource. These can be later modified by the setLabels method. Each label key/value must comply with RFC1035. Label values may be empty.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.addresses.insert"
-      ]
-     }
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the regional address resides. This field is not applicable to global addresses."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.",
-     "enum": [
-      "IN_USE",
-      "RESERVED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "subnetwork": {
-     "type": "string",
-     "description": "The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with GCE_ENDPOINT/DNS_RESOLVER purposes."
-    },
-    "users": {
-     "type": "array",
-     "description": "[Output Only] The URLs of the resources that are using this address.",
-     "items": {
+  "basePath": "/compute/beta/projects/",
+  "baseUrl": "https://www.googleapis.com/compute/beta/projects/",
+  "batchPath": "batch/compute/beta",
+  "description": "Creates and runs virtual machines on Google Cloud Platform.",
+  "discoveryVersion": "v1",
+  "documentationLink": "https://developers.google.com/compute/docs/reference/latest/",
+  "etag": "\"-iA1DTNe4s-I6JZXPt1t1Ypy8IU/JrYQUQoo567cA8hFPPaVrcEEzOY\"",
+  "icons": {
+    "x16": "https://www.google.com/images/icons/product/compute_engine-16.png",
+    "x32": "https://www.google.com/images/icons/product/compute_engine-32.png"
+  },
+  "id": "compute:beta",
+  "kind": "discovery#restDescription",
+  "name": "compute",
+  "ownerDomain": "google.com",
+  "ownerName": "Google",
+  "parameters": {
+    "alt": {
+      "default": "json",
+      "description": "Data format for the response.",
+      "enum": [
+        "json"
+      ],
+      "enumDescriptions": [
+        "Responses with Content-Type of application/json"
+      ],
+      "location": "query",
       "type": "string"
-     }
-    }
-   }
-  },
-  "AddressAggregatedList": {
-   "id": "AddressAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of AddressesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "AddressesScopedList",
-      "description": "[Output Only] Name of the scope containing this set of addresses."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#addressAggregatedList for aggregated lists of addresses.",
-     "default": "compute#addressAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AddressList": {
-   "id": "AddressList",
-   "type": "object",
-   "description": "Contains a list of addresses.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Address resources.",
-     "items": {
-      "$ref": "Address"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#addressList for lists of addresses.",
-     "default": "compute#addressList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AddressesScopedList": {
-   "id": "AddressesScopedList",
-   "type": "object",
-   "properties": {
-    "addresses": {
-     "type": "array",
-     "description": "[Output Only] List of addresses contained in this scope.",
-     "items": {
-      "$ref": "Address"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of addresses when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AliasIpRange": {
-   "id": "AliasIpRange",
-   "type": "object",
-   "description": "An alias IP range attached to an instance's network interface.",
-   "properties": {
-    "ipCidrRange": {
-     "type": "string",
-     "description": "The IP CIDR range represented by this alias IP range. This IP CIDR range must belong to the specified subnetwork and cannot contain IP addresses reserved by system or used by other network interfaces. This range may be a single IP address (e.g. 10.2.3.4), a netmask (e.g. /24) or a CIDR format string (e.g. 10.1.2.0/24)."
-    },
-    "subnetworkRangeName": {
-     "type": "string",
-     "description": "Optional subnetwork secondary range name specifying the secondary range from which to allocate the IP CIDR range for this alias IP range. If left unspecified, the primary range of the subnetwork will be used."
-    }
-   }
-  },
-  "AttachedDisk": {
-   "id": "AttachedDisk",
-   "type": "object",
-   "description": "An instance-attached disk resource.",
-   "properties": {
-    "autoDelete": {
-     "type": "boolean",
-     "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)."
-    },
-    "boot": {
-     "type": "boolean",
-     "description": "Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem."
-    },
-    "deviceName": {
-     "type": "string",
-     "description": "Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.\n\nIf not specified, the server chooses a default device name to apply to this disk, in the form persistent-disks-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks."
-    },
-    "diskEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "Encrypts or decrypts a disk using a customer-supplied encryption key.\n\nIf you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.\n\nIf you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.\n\nIf you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.\n\nInstance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group."
-    },
-    "index": {
-     "type": "integer",
-     "description": "[Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.",
-     "format": "int32"
-    },
-    "initializeParams": {
-     "$ref": "AttachedDiskInitializeParams",
-     "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.\n\nThis property is mutually exclusive with the source property; you can only define one or the other, but not both."
-    },
-    "interface": {
-     "type": "string",
-     "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. Persistent disks must always use SCSI and the request will fail if you attempt to attach a persistent disk in any other format than SCSI. Local SSDs can use either NVME or SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance.",
-     "enum": [
-      "NVME",
-      "SCSI"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#attachedDisk for attached disks.",
-     "default": "compute#attachedDisk"
     },
-    "licenses": {
-     "type": "array",
-     "description": "[Output Only] Any valid publicly visible licenses.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "mode": {
-     "type": "string",
-     "description": "The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode.",
-     "enum": [
-      "READ_ONLY",
-      "READ_WRITE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "source": {
-     "type": "string",
-     "description": "Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or disks.source is required except for local SSD.\n\nIf desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.\n\nNote that for InstanceTemplate, specify the disk name, not the URL for the disk."
-    },
-    "type": {
-     "type": "string",
-     "description": "Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.",
-     "enum": [
-      "PERSISTENT",
-      "SCRATCH"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "AttachedDiskInitializeParams": {
-   "id": "AttachedDiskInitializeParams",
-   "type": "object",
-   "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.\n\nThis property is mutually exclusive with the source property; you can only define one or the other, but not both.",
-   "properties": {
-    "diskName": {
-     "type": "string",
-     "description": "Specifies the disk name. If not specified, the default is to use the name of the instance."
-    },
-    "diskSizeGb": {
-     "type": "string",
-     "description": "Specifies the size of the disk in base-2 GB.",
-     "format": "int64"
-    },
-    "diskStorageType": {
-     "type": "string",
-     "description": "[Deprecated] Storage type of the disk.",
-     "enum": [
-      "HDD",
-      "SSD"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "diskType": {
-     "type": "string",
-     "description": "Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:\n\nhttps://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard \n\nOther values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType \n- projects/project/zones/zone/diskTypes/diskType \n- zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL."
-    },
-    "sourceImage": {
-     "type": "string",
-     "description": "The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or disks.source is required except for local SSD.\n\nTo create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-8 to use the latest Debian 8 image:\n\nprojects/debian-cloud/global/images/family/debian-8 \n\nAlternatively, use a specific version of a public operating system image:\n\nprojects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD \n\nTo create a disk with a custom image that you created, specify the image name in the following format:\n\nglobal/images/my-custom-image \n\nYou can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:\n\nglobal/images/family/my-image-family \n\nIf the source image is deleted later, this field will not be set."
-    },
-    "sourceImageEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.\n\nInstance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys."
-    }
-   }
-  },
-  "AuditConfig": {
-   "id": "AuditConfig",
-   "type": "object",
-   "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.\n\nIf there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditConfig are exempted.\n\nExample Policy with multiple AuditConfigs:\n\n{ \"audit_configs\": [ { \"service\": \"allServices\" \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:foo@gmail.com\" ] }, { \"log_type\": \"DATA_WRITE\", }, { \"log_type\": \"ADMIN_READ\", } ] }, { \"service\": \"fooservice.googleapis.com\" \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:bar@gmail.com\" ] } ] } ] }\n\nFor fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts foo@gmail.com from DATA_READ logging, and bar@gmail.com from DATA_WRITE logging.",
-   "properties": {
-    "auditLogConfigs": {
-     "type": "array",
-     "description": "The configuration for logging of each type of permission.",
-     "items": {
-      "$ref": "AuditLogConfig"
-     }
-    },
-    "exemptedMembers": {
-     "type": "array",
-     "description": "",
-     "items": {
+    "fields": {
+      "description": "Selector specifying which fields to include in a partial response.",
+      "location": "query",
       "type": "string"
-     }
     },
-    "service": {
-     "type": "string",
-     "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services."
-    }
-   }
-  },
-  "AuditLogConfig": {
-   "id": "AuditLogConfig",
-   "type": "object",
-   "description": "Provides the configuration for logging a type of permissions. Example:\n\n{ \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:foo@gmail.com\" ] }, { \"log_type\": \"DATA_WRITE\", } ] }\n\nThis enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting foo@gmail.com from DATA_READ logging.",
-   "properties": {
-    "exemptedMembers": {
-     "type": "array",
-     "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].",
-     "items": {
-      "type": "string"
-     }
-    },
-    "logType": {
-     "type": "string",
-     "description": "The log type that this config enables.",
-     "enum": [
-      "ADMIN_READ",
-      "DATA_READ",
-      "DATA_WRITE",
-      "LOG_TYPE_UNSPECIFIED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "AuthorizationLoggingOptions": {
-   "id": "AuthorizationLoggingOptions",
-   "type": "object",
-   "description": "Authorization-related information used by Cloud Audit Logging.",
-   "properties": {
-    "permissionType": {
-     "type": "string",
-     "description": "The type of the permission that was checked.",
-     "enum": [
-      "ADMIN_READ",
-      "ADMIN_WRITE",
-      "DATA_READ",
-      "DATA_WRITE",
-      "PERMISSION_TYPE_UNSPECIFIED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "Autoscaler": {
-   "id": "Autoscaler",
-   "type": "object",
-   "description": "Represents an Autoscaler resource. Autoscalers allow you to automatically scale virtual machine instances in managed instance groups according to an autoscaling policy that you define. For more information, read Autoscaling Groups of Instances. (== resource_for beta.autoscalers ==) (== resource_for v1.autoscalers ==) (== resource_for beta.regionAutoscalers ==) (== resource_for v1.regionAutoscalers ==)",
-   "properties": {
-    "autoscalingPolicy": {
-     "$ref": "AutoscalingPolicy",
-     "description": "The configuration parameters for the autoscaling algorithm. You can define one or more of the policies for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.\n\nIf none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#autoscaler for autoscalers.",
-     "default": "compute#autoscaler"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.instanceGroups.insert"
-      ]
-     }
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the instance group resides (for autoscalers living in regional scope)."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the autoscaler configuration.",
-     "enum": [
-      "ACTIVE",
-      "DELETING",
-      "ERROR",
-      "PENDING"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "statusDetails": {
-     "type": "array",
-     "description": "[Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.",
-     "items": {
-      "$ref": "AutoscalerStatusDetails"
-     }
-    },
-    "target": {
-     "type": "string",
-     "description": "URL of the managed instance group that this autoscaler will scale."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] URL of the zone where the instance group resides (for autoscalers living in zonal scope)."
-    }
-   }
-  },
-  "AutoscalerAggregatedList": {
-   "id": "AutoscalerAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of AutoscalersScopedList resources.",
-     "additionalProperties": {
-      "$ref": "AutoscalersScopedList",
-      "description": "[Output Only] Name of the scope containing this set of autoscalers."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#autoscalerAggregatedList for aggregated lists of autoscalers.",
-     "default": "compute#autoscalerAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AutoscalerList": {
-   "id": "AutoscalerList",
-   "type": "object",
-   "description": "Contains a list of Autoscaler resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Autoscaler resources.",
-     "items": {
-      "$ref": "Autoscaler"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#autoscalerList for lists of autoscalers.",
-     "default": "compute#autoscalerList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AutoscalerStatusDetails": {
-   "id": "AutoscalerStatusDetails",
-   "type": "object",
-   "properties": {
-    "message": {
-     "type": "string",
-     "description": "The status message."
-    },
-    "type": {
-     "type": "string",
-     "description": "The type of error returned.",
-     "enum": [
-      "ALL_INSTANCES_UNHEALTHY",
-      "BACKEND_SERVICE_DOES_NOT_EXIST",
-      "CAPPED_AT_MAX_NUM_REPLICAS",
-      "CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE",
-      "CUSTOM_METRIC_INVALID",
-      "MIN_EQUALS_MAX",
-      "MISSING_CUSTOM_METRIC_DATA_POINTS",
-      "MISSING_LOAD_BALANCING_DATA_POINTS",
-      "MORE_THAN_ONE_BACKEND_SERVICE",
-      "NOT_ENOUGH_QUOTA_AVAILABLE",
-      "REGION_RESOURCE_STOCKOUT",
-      "SCALING_TARGET_DOES_NOT_EXIST",
-      "UNKNOWN",
-      "UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION",
-      "ZONE_RESOURCE_STOCKOUT"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "AutoscalersScopedList": {
-   "id": "AutoscalersScopedList",
-   "type": "object",
-   "properties": {
-    "autoscalers": {
-     "type": "array",
-     "description": "[Output Only] List of autoscalers contained in this scope.",
-     "items": {
-      "$ref": "Autoscaler"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of autoscalers when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AutoscalingPolicy": {
-   "id": "AutoscalingPolicy",
-   "type": "object",
-   "description": "Cloud Autoscaler policy.",
-   "properties": {
-    "coolDownPeriodSec": {
-     "type": "integer",
-     "description": "The number of seconds that the autoscaler should wait before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.\n\nVirtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.",
-     "format": "int32"
-    },
-    "cpuUtilization": {
-     "$ref": "AutoscalingPolicyCpuUtilization",
-     "description": "Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group."
-    },
-    "customMetricUtilizations": {
-     "type": "array",
-     "description": "Configuration parameters of autoscaling based on a custom metric.",
-     "items": {
-      "$ref": "AutoscalingPolicyCustomMetricUtilization"
-     }
-    },
-    "loadBalancingUtilization": {
-     "$ref": "AutoscalingPolicyLoadBalancingUtilization",
-     "description": "Configuration parameters of autoscaling based on load balancer."
-    },
-    "maxNumReplicas": {
-     "type": "integer",
-     "description": "The maximum number of instances that the autoscaler can scale up to. This is required when creating or updating an autoscaler. The maximum number of replicas should not be lower than minimal number of replicas.",
-     "format": "int32"
-    },
-    "minNumReplicas": {
-     "type": "integer",
-     "description": "The minimum number of replicas that the autoscaler can scale down to. This cannot be less than 0. If not provided, autoscaler will choose a default value depending on maximum number of instances allowed.",
-     "format": "int32"
-    }
-   }
-  },
-  "AutoscalingPolicyCpuUtilization": {
-   "id": "AutoscalingPolicyCpuUtilization",
-   "type": "object",
-   "description": "CPU utilization policy.",
-   "properties": {
-    "utilizationTarget": {
-     "type": "number",
-     "description": "The target CPU utilization that the autoscaler should maintain. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.\n\nIf the CPU level is below the target utilization, the autoscaler scales down the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.\n\nIf the average CPU is above the target utilization, the autoscaler scales up until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.",
-     "format": "double"
-    }
-   }
-  },
-  "AutoscalingPolicyCustomMetricUtilization": {
-   "id": "AutoscalingPolicyCustomMetricUtilization",
-   "type": "object",
-   "description": "Custom utilization metric policy.",
-   "properties": {
-    "filter": {
-     "type": "string",
-     "description": "A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.\n\nFor the filter to be valid for autoscaling purposes, the following rules apply:  \n- You can only use the AND operator for joining selectors. \n- You can only use direct equality comparison operator (=) without any functions for each selector. \n- You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. \n- The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.\nIf the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.\n\nIf not specified, the type defaults to gce_instance.  \n\nYou should provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value."
-    },
-    "metric": {
-     "type": "string",
-     "description": "The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.\n\nThe metric must have a value type of INT64 or DOUBLE."
-    },
-    "singleInstanceAssignment": {
-     "type": "number",
-     "description": "If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler will keep the number of instances proportional to the value of this metric, the metric itself should not change value due to group resizing.\n\nA good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.\n\nA bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.",
-     "format": "double"
-    },
-    "utilizationTarget": {
-     "type": "number",
-     "description": "The target value of the metric that autoscaler should maintain. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.\n\nFor example, a good metric to use as a utilization_target is compute.googleapis.com/instance/network/received_bytes_count. The autoscaler will work to keep this value constant for each of the instances.",
-     "format": "double"
-    },
-    "utilizationTargetType": {
-     "type": "string",
-     "description": "Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE. If not specified, the default is GAUGE.",
-     "enum": [
-      "DELTA_PER_MINUTE",
-      "DELTA_PER_SECOND",
-      "GAUGE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "AutoscalingPolicyLoadBalancingUtilization": {
-   "id": "AutoscalingPolicyLoadBalancingUtilization",
-   "type": "object",
-   "description": "Configuration parameters of autoscaling based on load balancing.",
-   "properties": {
-    "utilizationTarget": {
-     "type": "number",
-     "description": "Fraction of backend capacity utilization (set in HTTP(s) load balancing configuration) that autoscaler should maintain. Must be a positive float value. If not defined, the default is 0.8.",
-     "format": "double"
-    }
-   }
-  },
-  "Backend": {
-   "id": "Backend",
-   "type": "object",
-   "description": "Message containing information of one individual backend.",
-   "properties": {
-    "balancingMode": {
-     "type": "string",
-     "description": "Specifies the balancing mode for this backend. For global HTTP(S) or TCP/SSL load balancing, the default is UTILIZATION. Valid values are UTILIZATION, RATE (for HTTP(S)) and CONNECTION (for TCP/SSL).\n\nFor Internal Load Balancing, the default and only supported mode is CONNECTION.",
-     "enum": [
-      "CONNECTION",
-      "RATE",
-      "UTILIZATION"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "capacityScaler": {
-     "type": "number",
-     "description": "A multiplier applied to the group's maximum servicing capacity (based on UTILIZATION, RATE or CONNECTION). Default value is 1, which means the group will serve up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available Capacity. Valid range is [0.0,1.0].\n\nThis cannot be used for internal load balancing.",
-     "format": "float"
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "group": {
-     "type": "string",
-     "description": "The fully-qualified URL of a Instance Group resource. This instance group defines the list of instances that serve traffic. Member virtual machine instances from each instance group must live in the same zone as the instance group itself. No two backends in a backend service are allowed to use same Instance Group resource.\n\nNote that you must specify an Instance Group resource using the fully-qualified URL, rather than a partial URL.\n\nWhen the BackendService has load balancing scheme INTERNAL, the instance group must be within the same region as the BackendService."
-    },
-    "maxConnections": {
-     "type": "integer",
-     "description": "The max number of simultaneous connections for the group. Can be used with either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set.\n\nThis cannot be used for internal load balancing.",
-     "format": "int32"
-    },
-    "maxConnectionsPerInstance": {
-     "type": "integer",
-     "description": "The max number of simultaneous connections that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set.\n\nThis cannot be used for internal load balancing.",
-     "format": "int32"
-    },
-    "maxRate": {
-     "type": "integer",
-     "description": "The max requests per second (RPS) of the group. Can be used with either RATE or UTILIZATION balancing modes, but required if RATE mode. For RATE mode, either maxRate or maxRatePerInstance must be set.\n\nThis cannot be used for internal load balancing.",
-     "format": "int32"
-    },
-    "maxRatePerInstance": {
-     "type": "number",
-     "description": "The max requests per second (RPS) that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerInstance must be set.\n\nThis cannot be used for internal load balancing.",
-     "format": "float"
-    },
-    "maxUtilization": {
-     "type": "number",
-     "description": "Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization target for the group. The default is 0.8. Valid range is [0.0, 1.0].\n\nThis cannot be used for internal load balancing.",
-     "format": "float"
-    }
-   }
-  },
-  "BackendBucket": {
-   "id": "BackendBucket",
-   "type": "object",
-   "description": "A BackendBucket resource. This resource defines a Cloud Storage bucket.",
-   "properties": {
-    "bucketName": {
-     "type": "string",
-     "description": "Cloud Storage bucket name."
-    },
-    "cdnPolicy": {
-     "$ref": "BackendBucketCdnPolicy",
-     "description": "Cloud CDN Coniguration for this BackendBucket."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional textual description of the resource; provided by the client when the resource is created."
-    },
-    "enableCdn": {
-     "type": "boolean",
-     "description": "If true, enable Cloud CDN for this BackendBucket."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of the resource.",
-     "default": "compute#backendBucket"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "BackendBucketCdnPolicy": {
-   "id": "BackendBucketCdnPolicy",
-   "type": "object",
-   "description": "Message containing Cloud CDN configuration for a backend bucket.",
-   "properties": {
-    "signedUrlCacheMaxAgeSec": {
-     "type": "string",
-     "description": "Number of seconds up to which the response to a signed URL request will be cached in the CDN. After this time period, the Signed URL will be revalidated before being served. Defaults to 1hr (3600s). If this field is set, Cloud CDN will internally act as though all responses from this bucket had a ?Cache-Control: public, max-age=[TTL]? header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered.",
-     "format": "int64"
-    },
-    "signedUrlKeyNames": {
-     "type": "array",
-     "description": "[Output Only] Names of the keys currently configured for Cloud CDN Signed URL on this backend bucket.",
-     "items": {
+    "key": {
+      "description": "API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.",
+      "location": "query",
       "type": "string"
-     }
-    }
-   }
-  },
-  "BackendBucketList": {
-   "id": "BackendBucketList",
-   "type": "object",
-   "description": "Contains a list of BackendBucket resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of BackendBucket resources.",
-     "items": {
-      "$ref": "BackendBucket"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#backendBucketList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "BackendService": {
-   "id": "BackendService",
-   "type": "object",
-   "description": "A BackendService resource. This resource defines a group of backend virtual machines and their serving capacity. (== resource_for v1.backendService ==) (== resource_for beta.backendService ==)",
-   "properties": {
-    "affinityCookieTtlSec": {
-     "type": "integer",
-     "description": "Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day.\n\nWhen the load balancing scheme is INTERNAL, this field is not used.",
-     "format": "int32"
-    },
-    "backends": {
-     "type": "array",
-     "description": "The list of backends that serve this BackendService.",
-     "items": {
-      "$ref": "Backend"
-     }
-    },
-    "cdnPolicy": {
-     "$ref": "BackendServiceCdnPolicy",
-     "description": "Cloud CDN configuration for this BackendService."
-    },
-    "connectionDraining": {
-     "$ref": "ConnectionDraining"
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "enableCDN": {
-     "type": "boolean",
-     "description": "If true, enable Cloud CDN for this BackendService.\n\nWhen the load balancing scheme is INTERNAL, this field is not used."
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService.",
-     "format": "byte"
     },
-    "healthChecks": {
-     "type": "array",
-     "description": "The list of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified, and a health check is required for Compute Engine backend services. A health check must not be specified for App Engine backend and Cloud Function backend.\n\nFor internal load balancing, a URL to a HealthCheck resource must be specified instead.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "iap": {
-     "$ref": "BackendServiceIAP"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#backendService for backend services.",
-     "default": "compute#backendService"
-    },
-    "loadBalancingScheme": {
-     "type": "string",
-     "description": "Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. Possible values are INTERNAL and EXTERNAL.",
-     "enum": [
-      "EXTERNAL",
-      "INTERNAL",
-      "INVALID_LOAD_BALANCING_SCHEME"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "port": {
-     "type": "integer",
-     "description": "Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.\n\nThis cannot be used for internal load balancing.",
-     "format": "int32"
-    },
-    "portName": {
-     "type": "string",
-     "description": "Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.\n\nWhen the load balancing scheme is INTERNAL, this field is not used."
-    },
-    "protocol": {
-     "type": "string",
-     "description": "The protocol this BackendService uses to communicate with backends.\n\nPossible values are HTTP, HTTPS, TCP, and SSL. The default is HTTP.\n\nFor internal load balancing, the possible values are TCP and UDP, and the default is TCP.",
-     "enum": [
-      "HTTP",
-      "HTTPS",
-      "SSL",
-      "TCP",
-      "UDP"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services."
-    },
-    "securityPolicy": {
-     "type": "string",
-     "description": "[Output Only] The resource URL for the security policy associated with this backend service."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sessionAffinity": {
-     "type": "string",
-     "description": "Type of session affinity to use. The default is NONE.\n\nWhen the load balancing scheme is EXTERNAL, can be NONE, CLIENT_IP, or GENERATED_COOKIE.\n\nWhen the load balancing scheme is INTERNAL, can be NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.\n\nWhen the protocol is UDP, this field is not used.",
-     "enum": [
-      "CLIENT_IP",
-      "CLIENT_IP_PORT_PROTO",
-      "CLIENT_IP_PROTO",
-      "GENERATED_COOKIE",
-      "NONE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "timeoutSec": {
-     "type": "integer",
-     "description": "How many seconds to wait for the backend before considering it a failed request. Default is 30 seconds.",
-     "format": "int32"
-    }
-   }
-  },
-  "BackendServiceAggregatedList": {
-   "id": "BackendServiceAggregatedList",
-   "type": "object",
-   "description": "Contains a list of BackendServicesScopedList.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of BackendServicesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "BackendServicesScopedList",
-      "description": "Name of the scope containing this set of BackendServices."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#backendServiceAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "BackendServiceCdnPolicy": {
-   "id": "BackendServiceCdnPolicy",
-   "type": "object",
-   "description": "Message containing Cloud CDN configuration for a backend service.",
-   "properties": {
-    "cacheKeyPolicy": {
-     "$ref": "CacheKeyPolicy",
-     "description": "The CacheKeyPolicy for this CdnPolicy."
-    },
-    "signedUrlCacheMaxAgeSec": {
-     "type": "string",
-     "description": "Number of seconds up to which the response to a signed URL request will be cached in the CDN. After this time period, the Signed URL will be revalidated before being served. Defaults to 1hr (3600s). If this field is set, Cloud CDN will internally act as though all responses from this backend had a ?Cache-Control: public, max-age=[TTL]? header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered.",
-     "format": "int64"
-    },
-    "signedUrlKeyNames": {
-     "type": "array",
-     "description": "[Output Only] Names of the keys currently configured for Cloud CDN Signed URL on this backend service.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "BackendServiceGroupHealth": {
-   "id": "BackendServiceGroupHealth",
-   "type": "object",
-   "properties": {
-    "healthStatus": {
-     "type": "array",
-     "items": {
-      "$ref": "HealthStatus"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#backendServiceGroupHealth for the health of backend services.",
-     "default": "compute#backendServiceGroupHealth"
-    }
-   }
-  },
-  "BackendServiceIAP": {
-   "id": "BackendServiceIAP",
-   "type": "object",
-   "description": "Identity-Aware Proxy",
-   "properties": {
-    "enabled": {
-     "type": "boolean"
-    },
-    "oauth2ClientId": {
-     "type": "string"
-    },
-    "oauth2ClientSecret": {
-     "type": "string"
-    },
-    "oauth2ClientSecretSha256": {
-     "type": "string",
-     "description": "[Output Only] SHA256 hash value for the field oauth2_client_secret above."
-    }
-   }
-  },
-  "BackendServiceList": {
-   "id": "BackendServiceList",
-   "type": "object",
-   "description": "Contains a list of BackendService resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of BackendService resources.",
-     "items": {
-      "$ref": "BackendService"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#backendServiceList for lists of backend services.",
-     "default": "compute#backendServiceList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "BackendServicesScopedList": {
-   "id": "BackendServicesScopedList",
-   "type": "object",
-   "properties": {
-    "backendServices": {
-     "type": "array",
-     "description": "List of BackendServices contained in this scope.",
-     "items": {
-      "$ref": "BackendService"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of backend services when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "Binding": {
-   "id": "Binding",
-   "type": "object",
-   "description": "Associates `members` with a `role`.",
-   "properties": {
-    "condition": {
-     "$ref": "Expr",
-     "description": "The condition that is associated with this binding. NOTE: an unsatisfied condition will not allow user access via current binding. Different bindings, including their conditions, are examined independently. This field is GOOGLE_INTERNAL."
-    },
-    "members": {
-     "type": "array",
-     "description": "Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:\n\n* `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.\n\n* `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n\n* `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@gmail.com` or `joe@example.com`.\n\n\n\n* `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.\n\n* `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.\n\n\n\n* `domain:{domain}`: A Google Apps domain name that represents all the users of that domain. For example, `google.com` or `example.com`.",
-     "items": {
+    "oauth_token": {
+      "description": "OAuth 2.0 token for the current user.",
+      "location": "query",
       "type": "string"
-     }
     },
-    "role": {
-     "type": "string",
-     "description": "Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`."
-    }
-   }
-  },
-  "CacheInvalidationRule": {
-   "id": "CacheInvalidationRule",
-   "type": "object",
-   "properties": {
-    "host": {
-     "type": "string",
-     "description": "If set, this invalidation rule will only apply to requests with a Host header matching host."
-    },
-    "path": {
-     "type": "string"
-    }
-   }
-  },
-  "CacheKeyPolicy": {
-   "id": "CacheKeyPolicy",
-   "type": "object",
-   "description": "Message containing what to include in the cache key for a request for Cloud CDN.",
-   "properties": {
-    "includeHost": {
-     "type": "boolean",
-     "description": "If true, requests to different hosts will be cached separately."
-    },
-    "includeProtocol": {
-     "type": "boolean",
-     "description": "If true, http and https requests will be cached separately."
-    },
-    "includeQueryString": {
-     "type": "boolean",
-     "description": "If true, include query string parameters in the cache key according to query_string_whitelist and query_string_blacklist. If neither is set, the entire query string will be included. If false, the query string will be excluded from the cache key entirely."
-    },
-    "queryStringBlacklist": {
-     "type": "array",
-     "description": "Names of query string parameters to exclude in cache keys. All other parameters will be included. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters.",
-     "items": {
-      "type": "string"
-     }
+    "prettyPrint": {
+      "default": "true",
+      "description": "Returns response with indentations and line breaks.",
+      "location": "query",
+      "type": "boolean"
     },
-    "queryStringWhitelist": {
-     "type": "array",
-     "description": "Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "Commitment": {
-   "id": "Commitment",
-   "type": "object",
-   "description": "Represents a Commitment resource. Creating a Commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts.\n\nCommitted use discounts are subject to Google Cloud Platform's Service Specific Terms. By purchasing a committed use discount, you agree to these terms. Committed use discounts will not renew, so you must purchase a new commitment to continue receiving discounts. (== resource_for beta.commitments ==) (== resource_for v1.commitments ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "endTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Commitment end time in RFC3339 text format."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#commitment for commitments.",
-     "default": "compute#commitment"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "plan": {
-     "type": "string",
-     "description": "The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).",
-     "enum": [
-      "INVALID",
-      "THIRTY_SIX_MONTH",
-      "TWELVE_MONTH"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where this commitment may be used."
-    },
-    "resources": {
-     "type": "array",
-     "description": "List of commitment amounts for particular resources. Note that VCPU and MEMORY resource commitments must occur together.",
-     "items": {
-      "$ref": "ResourceCommitment"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "startTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Commitment start time in RFC3339 text format."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] Status of the commitment with regards to eventual expiration (each commitment has an end date defined). One of the following values: NOT_YET_ACTIVE, ACTIVE, EXPIRED.",
-     "enum": [
-      "ACTIVE",
-      "CREATING",
-      "EXPIRED",
-      "NOT_YET_ACTIVE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "statusMessage": {
-     "type": "string",
-     "description": "[Output Only] An optional, human-readable explanation of the status."
-    }
-   }
-  },
-  "CommitmentAggregatedList": {
-   "id": "CommitmentAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of CommitmentsScopedList resources.",
-     "additionalProperties": {
-      "$ref": "CommitmentsScopedList",
-      "description": "[Output Only] Name of the scope containing this set of commitments."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#commitmentAggregatedList for aggregated lists of commitments.",
-     "default": "compute#commitmentAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "CommitmentList": {
-   "id": "CommitmentList",
-   "type": "object",
-   "description": "Contains a list of Commitment resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Commitment resources.",
-     "items": {
-      "$ref": "Commitment"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#commitmentList for lists of commitments.",
-     "default": "compute#commitmentList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "CommitmentsScopedList": {
-   "id": "CommitmentsScopedList",
-   "type": "object",
-   "properties": {
-    "commitments": {
-     "type": "array",
-     "description": "[Output Only] List of commitments contained in this scope.",
-     "items": {
-      "$ref": "Commitment"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of commitments when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "Condition": {
-   "id": "Condition",
-   "type": "object",
-   "description": "A condition to be met.",
-   "properties": {
-    "iam": {
-     "type": "string",
-     "description": "Trusted attributes supplied by the IAM system.",
-     "enum": [
-      "APPROVER",
-      "ATTRIBUTION",
-      "AUTHORITY",
-      "JUSTIFICATION_TYPE",
-      "NO_ATTR",
-      "SECURITY_REALM"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "op": {
-     "type": "string",
-     "description": "An operator to apply the subject with.",
-     "enum": [
-      "DISCHARGED",
-      "EQUALS",
-      "IN",
-      "NOT_EQUALS",
-      "NOT_IN",
-      "NO_OP"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "svc": {
-     "type": "string",
-     "description": "Trusted attributes discharged by the service."
-    },
-    "sys": {
-     "type": "string",
-     "description": "Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.",
-     "enum": [
-      "IP",
-      "NAME",
-      "NO_ATTR",
-      "REGION",
-      "SERVICE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "value": {
-     "type": "string",
-     "description": "DEPRECATED. Use 'values' instead."
-    },
-    "values": {
-     "type": "array",
-     "description": "The objects of the condition. This is mutually exclusive with 'value'.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "ConnectionDraining": {
-   "id": "ConnectionDraining",
-   "type": "object",
-   "description": "Message containing connection draining configuration.",
-   "properties": {
-    "drainingTimeoutSec": {
-     "type": "integer",
-     "description": "Time for which instance will be drained (not accept new connections, but still work to finish started).",
-     "format": "int32"
-    }
-   }
-  },
-  "CustomerEncryptionKey": {
-   "id": "CustomerEncryptionKey",
-   "type": "object",
-   "description": "Represents a customer-supplied encryption key",
-   "properties": {
-    "rawKey": {
-     "type": "string",
-     "description": "Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource."
-    },
-    "rsaEncryptedKey": {
-     "type": "string",
-     "description": "Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.\n\nThe key must meet the following requirements before you can provide it to Compute Engine:  \n- The key is wrapped using a RSA public key certificate provided by Google. \n- After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Get the RSA public key certificate provided by Google at:\nhttps://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem"
-    },
-    "sha256": {
-     "type": "string",
-     "description": "[Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource."
-    }
-   }
-  },
-  "CustomerEncryptionKeyProtectedDisk": {
-   "id": "CustomerEncryptionKeyProtectedDisk",
-   "type": "object",
-   "properties": {
-    "diskEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "Decrypts data associated with the disk with a customer-supplied encryption key."
-    },
-    "source": {
-     "type": "string",
-     "description": "Specifies a valid partial or full URL to an existing Persistent Disk resource. This field is only applicable for persistent disks."
-    }
-   }
-  },
-  "DeprecationStatus": {
-   "id": "DeprecationStatus",
-   "type": "object",
-   "description": "Deprecation status for a public resource.",
-   "properties": {
-    "deleted": {
-     "type": "string",
-     "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it."
-    },
-    "deprecated": {
-     "type": "string",
-     "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DEPRECATED. This is only informational and the status will not change unless the client explicitly changes it."
-    },
-    "obsolete": {
-     "type": "string",
-     "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to OBSOLETE. This is only informational and the status will not change unless the client explicitly changes it."
-    },
-    "replacement": {
-     "type": "string",
-     "description": "The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource."
-    },
-    "state": {
-     "type": "string",
-     "description": "The deprecation state of this resource. This can be DEPRECATED, OBSOLETE, or DELETED. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.",
-     "enum": [
-      "DELETED",
-      "DEPRECATED",
-      "OBSOLETE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "Disk": {
-   "id": "Disk",
-   "type": "object",
-   "description": "A Disk resource. (== resource_for beta.disks ==) (== resource_for v1.disks ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "diskEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "Encrypts the disk using a customer-supplied encryption key.\n\nAfter you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot or an image, or to attach the disk to a virtual machine).\n\nCustomer-supplied encryption keys do not protect access to metadata of the disk.\n\nIf you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#disk for disks.",
-     "default": "compute#disk"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a disk.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this disk. These can be later modified by the setLabels method.",
-     "additionalProperties": {
+    "quotaUser": {
+      "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. Overrides userIp if both are provided.",
+      "location": "query",
       "type": "string"
-     }
-    },
-    "lastAttachTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Last attach timestamp in RFC3339 text format."
     },
-    "lastDetachTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Last detach timestamp in RFC3339 text format."
-    },
-    "licenseCodes": {
-     "type": "array",
-     "description": "Integer license codes indicating which licenses are attached to this disk.",
-     "items": {
-      "type": "string",
-      "format": "int64"
-     }
-    },
-    "licenses": {
-     "type": "array",
-     "description": "Any applicable publicly visible licenses.",
-     "items": {
+    "userIp": {
+      "description": "IP address of the site where the request originates. Use this if you want to enforce per-user limits.",
+      "location": "query",
       "type": "string"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.disks.insert"
-      ]
-     }
-    },
-    "options": {
-     "type": "string",
-     "description": "Internal use only."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined fully-qualified URL for this resource."
-    },
-    "sizeGb": {
-     "type": "string",
-     "description": "Size of the persistent disk, specified in GB. You can specify this field when creating a persistent disk using the sourceImage or sourceSnapshot parameter, or specify it alone to create an empty persistent disk.\n\nIf you specify this field along with sourceImage or sourceSnapshot, the value of sizeGb must not be less than the size of the sourceImage or the size of the snapshot. Acceptable values are 1 to 65536, inclusive.",
-     "format": "int64"
-    },
-    "sourceImage": {
-     "type": "string",
-     "description": "The source image used to create this disk. If the source image is deleted, this field will not be set.\n\nTo create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-8 to use the latest Debian 8 image:\n\nprojects/debian-cloud/global/images/family/debian-8 \n\nAlternatively, use a specific version of a public operating system image:\n\nprojects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD \n\nTo create a disk with a custom image that you created, specify the image name in the following format:\n\nglobal/images/my-custom-image \n\nYou can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:\n\nglobal/images/family/my-image-family"
-    },
-    "sourceImageEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key."
-    },
-    "sourceImageId": {
-     "type": "string",
-     "description": "[Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used."
-    },
-    "sourceSnapshot": {
-     "type": "string",
-     "description": "The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot \n- projects/project/global/snapshots/snapshot \n- global/snapshots/snapshot"
-    },
-    "sourceSnapshotEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key."
-    },
-    "sourceSnapshotId": {
-     "type": "string",
-     "description": "[Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of disk creation.",
-     "enum": [
-      "CREATING",
-      "FAILED",
-      "READY",
-      "RESTORING"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "storageType": {
-     "type": "string",
-     "description": "[Deprecated] Storage type of the persistent disk.",
-     "enum": [
-      "HDD",
-      "SSD"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "type": {
-     "type": "string",
-     "description": "URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk."
-    },
-    "users": {
-     "type": "array",
-     "description": "[Output Only] Links to the users of the disk (attached instances) in form: project/zones/zone/instances/instance",
-     "items": {
-      "type": "string"
-     }
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] URL of the zone where the disk resides."
-    }
-   }
-  },
-  "DiskAggregatedList": {
-   "id": "DiskAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of DisksScopedList resources.",
-     "additionalProperties": {
-      "$ref": "DisksScopedList",
-      "description": "[Output Only] Name of the scope containing this set of disks."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#diskAggregatedList for aggregated lists of persistent disks.",
-     "default": "compute#diskAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "DiskInstantiationConfig": {
-   "id": "DiskInstantiationConfig",
-   "type": "object",
-   "description": "A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.",
-   "properties": {
-    "autoDelete": {
-     "type": "boolean",
-     "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)."
-    },
-    "deviceName": {
-     "type": "string",
-     "description": "Specifies the device name of the disk to which the configurations apply to."
-    },
-    "instantiateFrom": {
-     "type": "string",
-     "description": "Specifies whether to include the disk and what image to use.",
-     "enum": [
-      "ATTACH_READ_ONLY",
-      "BLANK",
-      "DEFAULT",
-      "DO_NOT_INCLUDE",
-      "IMAGE_URL",
-      "SOURCE_IMAGE",
-      "SOURCE_IMAGE_FAMILY"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "sourceImage": {
-     "type": "string",
-     "description": "The custom source image to be used to restore this disk when instantiating this instance template."
-    }
-   }
-  },
-  "DiskList": {
-   "id": "DiskList",
-   "type": "object",
-   "description": "A list of Disk resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Disk resources.",
-     "items": {
-      "$ref": "Disk"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#diskList for lists of disks.",
-     "default": "compute#diskList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "DiskMoveRequest": {
-   "id": "DiskMoveRequest",
-   "type": "object",
-   "properties": {
-    "destinationZone": {
-     "type": "string",
-     "description": "The URL of the destination zone to move the disk. This can be a full or partial URL. For example, the following are all valid URLs to a zone:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone \n- projects/project/zones/zone \n- zones/zone"
-    },
-    "targetDisk": {
-     "type": "string",
-     "description": "The URL of the target disk to move. This can be a full or partial URL. For example, the following are all valid URLs to a disk:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk \n- projects/project/zones/zone/disks/disk \n- zones/zone/disks/disk"
-    }
-   }
-  },
-  "DiskType": {
-   "id": "DiskType",
-   "type": "object",
-   "description": "A DiskType resource. (== resource_for beta.diskTypes ==) (== resource_for v1.diskTypes ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "defaultDiskSizeGb": {
-     "type": "string",
-     "description": "[Output Only] Server-defined default disk size in GB.",
-     "format": "int64"
-    },
-    "deprecated": {
-     "$ref": "DeprecationStatus",
-     "description": "[Output Only] The deprecation status associated with this disk type."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] An optional description of this resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#diskType for disk types.",
-     "default": "compute#diskType"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "validDiskSize": {
-     "type": "string",
-     "description": "[Output Only] An optional textual description of the valid disk size, such as \"10GB-10TB\"."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] URL of the zone where the disk type resides."
-    }
-   }
-  },
-  "DiskTypeAggregatedList": {
-   "id": "DiskTypeAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of DiskTypesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "DiskTypesScopedList",
-      "description": "[Output Only] Name of the scope containing this set of disk types."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#diskTypeAggregatedList.",
-     "default": "compute#diskTypeAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "DiskTypeList": {
-   "id": "DiskTypeList",
-   "type": "object",
-   "description": "Contains a list of disk types.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of DiskType resources.",
-     "items": {
-      "$ref": "DiskType"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#diskTypeList for disk types.",
-     "default": "compute#diskTypeList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "DiskTypesScopedList": {
-   "id": "DiskTypesScopedList",
-   "type": "object",
-   "properties": {
-    "diskTypes": {
-     "type": "array",
-     "description": "[Output Only] List of disk types contained in this scope.",
-     "items": {
-      "$ref": "DiskType"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of disk types when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "DisksResizeRequest": {
-   "id": "DisksResizeRequest",
-   "type": "object",
-   "properties": {
-    "sizeGb": {
-     "type": "string",
-     "description": "The new size of the persistent disk, which is specified in GB.",
-     "format": "int64"
-    }
-   }
-  },
-  "DisksScopedList": {
-   "id": "DisksScopedList",
-   "type": "object",
-   "properties": {
-    "disks": {
-     "type": "array",
-     "description": "[Output Only] List of disks contained in this scope.",
-     "items": {
-      "$ref": "Disk"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of disks when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
     }
-   }
   },
-  "DistributionPolicy": {
-   "id": "DistributionPolicy",
-   "type": "object",
-   "properties": {
-    "zones": {
-     "type": "array",
-     "items": {
-      "$ref": "DistributionPolicyZoneConfiguration"
-     }
-    }
-   }
-  },
-  "DistributionPolicyZoneConfiguration": {
-   "id": "DistributionPolicyZoneConfiguration",
-   "type": "object",
-   "properties": {
-    "zone": {
-     "type": "string",
-     "description": "URL of the zone where managed instance group is spawning instances (for regional resources). Zone has to belong to the region where managed instance group is located.",
-     "annotations": {
-      "required": [
-       "compute.regionInstanceGroupManagers.insert",
-       "compute.regionInstanceGroupManagers.update"
-      ]
-     }
-    }
-   }
-  },
-  "Expr": {
-   "id": "Expr",
-   "type": "object",
-   "description": "Represents an expression text. Example:\n\ntitle: \"User account presence\" description: \"Determines whether the request has a user account\" expression: \"size(request.user) \u003e 0\"",
-   "properties": {
-    "description": {
-     "type": "string",
-     "description": "An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI."
-    },
-    "expression": {
-     "type": "string",
-     "description": "Textual representation of an expression in Common Expression Language syntax.\n\nThe application context of the containing message determines which well-known feature set of CEL is supported."
-    },
-    "location": {
-     "type": "string",
-     "description": "An optional string indicating the location of the expression for error reporting, e.g. a file name and a position in the file."
-    },
-    "title": {
-     "type": "string",
-     "description": "An optional title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression."
-    }
-   }
-  },
-  "Firewall": {
-   "id": "Firewall",
-   "type": "object",
-   "description": "Represents a Firewall resource.",
-   "properties": {
-    "allowed": {
-     "type": "array",
-     "description": "The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.",
-     "items": {
-      "type": "object",
-      "properties": {
-       "IPProtocol": {
-        "type": "string",
-        "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number."
-       },
-       "ports": {
-        "type": "array",
-        "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.\n\nExample inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"].",
-        "items": {
-         "type": "string"
+  "protocol": "rest",
+  "resources": {
+    "acceleratorTypes": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of accelerator types.",
+          "httpMethod": "GET",
+          "id": "compute.acceleratorTypes.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/acceleratorTypes",
+          "response": {
+            "$ref": "AcceleratorTypeAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified accelerator type. Get a list of available accelerator types by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.acceleratorTypes.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "acceleratorType"
+          ],
+          "parameters": {
+            "acceleratorType": {
+              "description": "Name of the accelerator type to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/acceleratorTypes/{acceleratorType}",
+          "response": {
+            "$ref": "AcceleratorType"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of accelerator types available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.acceleratorTypes.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/acceleratorTypes",
+          "response": {
+            "$ref": "AcceleratorTypeList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
         }
-       }
       }
-     }
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "denied": {
-     "type": "array",
-     "description": "The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.",
-     "items": {
-      "type": "object",
-      "properties": {
-       "IPProtocol": {
-        "type": "string",
-        "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number."
-       },
-       "ports": {
-        "type": "array",
-        "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.\n\nExample inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"].",
-        "items": {
-         "type": "string"
+    },
+    "addresses": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of addresses.",
+          "httpMethod": "GET",
+          "id": "compute.addresses.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/addresses",
+          "response": {
+            "$ref": "AddressAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified address resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.addresses.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "address"
+          ],
+          "parameters": {
+            "address": {
+              "description": "Name of the address resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/addresses/{address}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified address resource.",
+          "httpMethod": "GET",
+          "id": "compute.addresses.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "address"
+          ],
+          "parameters": {
+            "address": {
+              "description": "Name of the address resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/addresses/{address}",
+          "response": {
+            "$ref": "Address"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an address resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.addresses.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/addresses",
+          "request": {
+            "$ref": "Address"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of addresses contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.addresses.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/addresses",
+          "response": {
+            "$ref": "AddressList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on an Address. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.addresses.setLabels",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/addresses/{resource}/setLabels",
+          "request": {
+            "$ref": "RegionSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.addresses.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/addresses/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
         }
-       }
       }
-     }
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
     },
-    "destinationRanges": {
-     "type": "array",
-     "description": "If destination ranges are specified, the firewall will apply only to traffic that has destination IP address in these ranges. These ranges must be expressed in CIDR format. Only IPv4 is supported.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "direction": {
-     "type": "string",
-     "description": "Direction of traffic to which this firewall applies; default is INGRESS. Note: For INGRESS traffic, it is NOT supported to specify destinationRanges; For EGRESS traffic, it is NOT supported to specify sourceRanges OR sourceTags.",
-     "enum": [
-      "EGRESS",
-      "INGRESS"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#firewall for firewall rules.",
-     "default": "compute#firewall"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.firewalls.insert",
-       "compute.firewalls.patch"
-      ]
-     }
-    },
-    "network": {
-     "type": "string",
-     "description": "URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:\nglobal/networks/default\nIf you choose to specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network \n- projects/myproject/global/networks/my-network \n- global/networks/default"
-    },
-    "priority": {
-     "type": "integer",
-     "description": "Priority for this rule. This is an integer between 0 and 65535, both inclusive. When not specified, the value assumed is 1000. Relative priorities determine precedence of conflicting rules. Lower value of priority implies higher precedence (eg, a rule with priority 0 has higher precedence than a rule with priority 1). DENY rules take precedence over ALLOW rules having equal priority.",
-     "format": "int32"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sourceRanges": {
-     "type": "array",
-     "description": "If source ranges are specified, the firewall will apply only to traffic that has source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply. Only IPv4 is supported.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "sourceServiceAccounts": {
-     "type": "array",
-     "description": "If source service accounts are specified, the firewall will apply only to traffic originating from an instance with a service account in this list. Source service accounts cannot be used to control traffic to an instance's external IP address because service accounts are associated with an instance, not an IP address. sourceRanges can be set at the same time as sourceServiceAccounts. If both are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP belongs to an instance with service account listed in sourceServiceAccount. The connection does not need to match both properties for the firewall to apply. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags.",
-     "items": {
-      "type": "string"
-     }
+    "autoscalers": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of autoscalers.",
+          "httpMethod": "GET",
+          "id": "compute.autoscalers.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/autoscalers",
+          "response": {
+            "$ref": "AutoscalerAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified autoscaler.",
+          "httpMethod": "DELETE",
+          "id": "compute.autoscalers.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "autoscaler"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers/{autoscaler}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified autoscaler resource. Get a list of available autoscalers by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.autoscalers.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "autoscaler"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers/{autoscaler}",
+          "response": {
+            "$ref": "Autoscaler"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an autoscaler in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.autoscalers.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers",
+          "request": {
+            "$ref": "Autoscaler"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of autoscalers contained within the specified zone.",
+          "httpMethod": "GET",
+          "id": "compute.autoscalers.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers",
+          "response": {
+            "$ref": "AutoscalerList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.autoscalers.patch",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to patch.",
+              "location": "query",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers",
+          "request": {
+            "$ref": "Autoscaler"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.autoscalers.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates an autoscaler in the specified project using the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.autoscalers.update",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to update.",
+              "location": "query",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers",
+          "request": {
+            "$ref": "Autoscaler"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
+      }
     },
-    "sourceTags": {
-     "type": "array",
-     "description": "If source tags are specified, the firewall rule applies only to traffic with source IPs that match the primary network interfaces of VM instances that have the tag and are in the same VPC network. Source tags cannot be used to control traffic to an instance's external IP address, it only applies to traffic between instances in the same virtual network. Because tags are associated with instances, not IP addresses. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "targetServiceAccounts": {
-     "type": "array",
-     "description": "A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[]. targetServiceAccounts cannot be used at the same time as targetTags or sourceTags. If neither targetServiceAccounts nor targetTags are specified, the firewall rule applies to all instances on the specified network.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "targetTags": {
-     "type": "array",
-     "description": "A list of tags that controls which instances the firewall rule applies to. If targetTags are specified, then the firewall rule applies only to instances in the VPC network that have one of those tags. If no targetTags are specified, the firewall rule applies to all instances on the specified network.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "FirewallList": {
-   "id": "FirewallList",
-   "type": "object",
-   "description": "Contains a list of firewalls.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Firewall resources.",
-     "items": {
-      "$ref": "Firewall"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#firewallList for lists of firewalls.",
-     "default": "compute#firewallList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "backendBuckets": {
+      "methods": {
+        "addSignedUrlKey": {
+          "description": "Adds the given Signed URL Key to the backend bucket.",
+          "httpMethod": "POST",
+          "id": "compute.backendBuckets.addSignedUrlKey",
+          "parameterOrder": [
+            "project",
+            "backendBucket"
+          ],
+          "parameters": {
+            "backendBucket": {
+              "description": "Name of the BackendBucket resource to which the Signed URL Key should be added. The name should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets/{backendBucket}/addSignedUrlKey",
+          "request": {
+            "$ref": "SignedUrlKey"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified BackendBucket resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.backendBuckets.delete",
+          "parameterOrder": [
+            "project",
+            "backendBucket"
+          ],
+          "parameters": {
+            "backendBucket": {
+              "description": "Name of the BackendBucket resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets/{backendBucket}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "deleteSignedUrlKey": {
+          "description": "Deletes the given Signed URL Key from the backend bucket.",
+          "httpMethod": "POST",
+          "id": "compute.backendBuckets.deleteSignedUrlKey",
+          "parameterOrder": [
+            "project",
+            "backendBucket",
+            "keyName"
+          ],
+          "parameters": {
+            "backendBucket": {
+              "description": "Name of the BackendBucket resource to which the Signed URL Key should be added. The name should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "keyName": {
+              "description": "The name of the Signed URL Key to delete.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets/{backendBucket}/deleteSignedUrlKey",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified BackendBucket resource. Get a list of available backend buckets by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.backendBuckets.get",
+          "parameterOrder": [
+            "project",
+            "backendBucket"
+          ],
+          "parameters": {
+            "backendBucket": {
+              "description": "Name of the BackendBucket resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets/{backendBucket}",
+          "response": {
+            "$ref": "BackendBucket"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a BackendBucket resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.backendBuckets.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets",
+          "request": {
+            "$ref": "BackendBucket"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of BackendBucket resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.backendBuckets.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets",
+          "response": {
+            "$ref": "BackendBucketList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates the specified BackendBucket resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.backendBuckets.patch",
+          "parameterOrder": [
+            "project",
+            "backendBucket"
+          ],
+          "parameters": {
+            "backendBucket": {
+              "description": "Name of the BackendBucket resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets/{backendBucket}",
+          "request": {
+            "$ref": "BackendBucket"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "update": {
+          "description": "Updates the specified BackendBucket resource with the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.backendBuckets.update",
+          "parameterOrder": [
+            "project",
+            "backendBucket"
+          ],
+          "parameters": {
+            "backendBucket": {
+              "description": "Name of the BackendBucket resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets/{backendBucket}",
+          "request": {
+            "$ref": "BackendBucket"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "FixedOrPercent": {
-   "id": "FixedOrPercent",
-   "type": "object",
-   "description": "Encapsulates numeric value that can be either absolute or relative.",
-   "properties": {
-    "calculated": {
-     "type": "integer",
-     "description": "[Output Only] Absolute value of VM instances calculated based on the specific mode.\n\n \n- If the value is fixed, then the caculated value is equal to the fixed value. \n- If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded up.",
-     "format": "int32"
-    },
-    "fixed": {
-     "type": "integer",
-     "description": "Specifies a fixed number of VM instances. This must be a positive integer.",
-     "format": "int32"
-    },
-    "percent": {
-     "type": "integer",
-     "description": "Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.",
-     "format": "int32"
-    }
-   }
-  },
-  "ForwardingRule": {
-   "id": "ForwardingRule",
-   "type": "object",
-   "description": "A ForwardingRule resource. A ForwardingRule resource specifies which pool of target virtual machines to forward a packet to if it matches the given [IPAddress, IPProtocol, ports] tuple. (== resource_for beta.forwardingRules ==) (== resource_for v1.forwardingRules ==) (== resource_for beta.globalForwardingRules ==) (== resource_for v1.globalForwardingRules ==) (== resource_for beta.regionForwardingRules ==) (== resource_for v1.regionForwardingRules ==)",
-   "properties": {
-    "IPAddress": {
-     "type": "string",
-     "description": "The IP address that this forwarding rule is serving on behalf of.\n\nAddresses are restricted based on the forwarding rule's load balancing scheme (EXTERNAL or INTERNAL) and scope (global or regional).\n\nWhen the load balancing scheme is EXTERNAL, for global forwarding rules, the address must be a global IP, and for regional forwarding rules, the address must live in the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 address from the same scope (global or regional) will be assigned. A regional forwarding rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6.\n\nWhen the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address belonging to the network/subnet configured for the forwarding rule. By default, if this field is empty, an ephemeral internal IP address will be automatically allocated from the IP range of the subnet or network configured for this forwarding rule.\n\nAn address can be specified either by a literal IP address or a URL reference to an existing Address resource. The following examples are all valid:  \n- 100.1.2.3 \n- https://www.googleapis.com/compute/v1/projects/project/regions/region/addresses/address \n- projects/project/regions/region/addresses/address \n- regions/region/addresses/address \n- global/addresses/address \n- address"
-    },
-    "IPProtocol": {
-     "type": "string",
-     "description": "The IP protocol to which this rule applies. Valid options are TCP, UDP, ESP, AH, SCTP or ICMP.\n\nWhen the load balancing scheme is INTERNAL, only TCP and UDP are valid.",
-     "enum": [
-      "AH",
-      "ESP",
-      "ICMP",
-      "SCTP",
-      "TCP",
-      "UDP"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "backendService": {
-     "type": "string",
-     "description": "This field is not used for external load balancing.\n\nFor internal load balancing, this field identifies the BackendService resource to receive the matched traffic."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "ipVersion": {
-     "type": "string",
-     "description": "The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for a global forwarding rule.",
-     "enum": [
-      "IPV4",
-      "IPV6",
-      "UNSPECIFIED_VERSION"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.",
-     "default": "compute#forwardingRule"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a ForwardingRule.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this resource. These can be later modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    },
-    "loadBalancingScheme": {
-     "type": "string",
-     "description": "This signifies what the ForwardingRule will be used for and can only take the following values: INTERNAL, EXTERNAL The value of INTERNAL means that this will be used for Internal Network Load Balancing (TCP, UDP). The value of EXTERNAL means that this will be used for External Load Balancing (HTTP(S) LB, External TCP/UDP LB, SSL Proxy)",
-     "enum": [
-      "EXTERNAL",
-      "INTERNAL",
-      "INVALID"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "network": {
-     "type": "string",
-     "description": "This field is not used for external load balancing.\n\nFor internal load balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used."
-    },
-    "portRange": {
-     "type": "string",
-     "description": "This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance.\n\nApplicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to ports in the specified range will be forwarded to target. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port ranges.\n\nSome types of forwarding target have constraints on the acceptable ports:  \n- TargetHttpProxy: 80, 8080 \n- TargetHttpsProxy: 443 \n- TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 \n- TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 \n- TargetVpnGateway: 500, 4500\n-"
-    },
-    "ports": {
-     "type": "array",
-     "description": "This field is used along with the backend_service field for internal load balancing.\n\nWhen the load balancing scheme is INTERNAL, a single port or a comma separated list of ports can be configured. Only packets addressed to these ports will be forwarded to the backends configured with this forwarding rule.\n\nYou may specify a maximum of up to 5 ports.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
     },
-    "serviceLabel": {
-     "type": "string",
-     "description": "An optional prefix to the service name for this Forwarding Rule. If specified, will be the first label of the fully qualified service name.\n\nThe label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.\n\nThis field is only used for internal load balancing.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "serviceName": {
-     "type": "string",
-     "description": "[Output Only] The internal fully qualified service name for this Forwarding Rule.\n\nThis field is only used for internal load balancing."
+    "backendServices": {
+      "methods": {
+        "addSignedUrlKey": {
+          "description": "Adds the given Signed URL Key to the specified backend service.",
+          "httpMethod": "POST",
+          "id": "compute.backendServices.addSignedUrlKey",
+          "parameterOrder": [
+            "project",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to which the Signed URL Key should be added. The name should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}/addSignedUrlKey",
+          "request": {
+            "$ref": "SignedUrlKey"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "aggregatedList": {
+          "description": "Retrieves the list of all BackendService resources, regional and global, available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.backendServices.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Name of the project scoping this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/backendServices",
+          "response": {
+            "$ref": "BackendServiceAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified BackendService resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.backendServices.delete",
+          "parameterOrder": [
+            "project",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "deleteSignedUrlKey": {
+          "description": "Deletes the given Signed URL Key from the specified backend service.",
+          "httpMethod": "POST",
+          "id": "compute.backendServices.deleteSignedUrlKey",
+          "parameterOrder": [
+            "project",
+            "backendService",
+            "keyName"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to which the Signed URL Key should be added. The name should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "keyName": {
+              "description": "The name of the Signed URL Key to delete.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}/deleteSignedUrlKey",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified BackendService resource. Get a list of available backend services by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.backendServices.get",
+          "parameterOrder": [
+            "project",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}",
+          "response": {
+            "$ref": "BackendService"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getHealth": {
+          "description": "Gets the most recent health check results for this BackendService.",
+          "httpMethod": "POST",
+          "id": "compute.backendServices.getHealth",
+          "parameterOrder": [
+            "project",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to which the queried instance belongs.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}/getHealth",
+          "request": {
+            "$ref": "ResourceGroupReference"
+          },
+          "response": {
+            "$ref": "BackendServiceGroupHealth"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a BackendService resource in the specified project using the data included in the request. There are several restrictions and guidelines to keep in mind when creating a backend service. Read  Restrictions and Guidelines for more information.",
+          "httpMethod": "POST",
+          "id": "compute.backendServices.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices",
+          "request": {
+            "$ref": "BackendService"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of BackendService resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.backendServices.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices",
+          "response": {
+            "$ref": "BackendServiceList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Patches the specified BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.backendServices.patch",
+          "parameterOrder": [
+            "project",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}",
+          "request": {
+            "$ref": "BackendService"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setSecurityPolicy": {
+          "description": "Sets the security policy for the specified backend service.",
+          "httpMethod": "POST",
+          "id": "compute.backendServices.setSecurityPolicy",
+          "parameterOrder": [
+            "project",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to which the security policy should be set. The name should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}/setSecurityPolicy",
+          "request": {
+            "$ref": "SecurityPolicyReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.backendServices.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates the specified BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information.",
+          "httpMethod": "PUT",
+          "id": "compute.backendServices.update",
+          "parameterOrder": [
+            "project",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}",
+          "request": {
+            "$ref": "BackendService"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
+      }
     },
-    "subnetwork": {
-     "type": "string",
-     "description": "This field is not used for external load balancing.\n\nFor internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.\n\nIf the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified."
+    "diskTypes": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of disk types.",
+          "httpMethod": "GET",
+          "id": "compute.diskTypes.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/diskTypes",
+          "response": {
+            "$ref": "DiskTypeAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified disk type. Get a list of available disk types by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.diskTypes.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "diskType"
+          ],
+          "parameters": {
+            "diskType": {
+              "description": "Name of the disk type to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/diskTypes/{diskType}",
+          "response": {
+            "$ref": "DiskType"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of disk types available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.diskTypes.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/diskTypes",
+          "response": {
+            "$ref": "DiskTypeList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
+      }
     },
-    "target": {
-     "type": "string",
-     "description": "The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must live in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object.\n\nThis field is not used for internal load balancing."
-    }
-   }
-  },
-  "ForwardingRuleAggregatedList": {
-   "id": "ForwardingRuleAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of ForwardingRulesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "ForwardingRulesScopedList",
-      "description": "Name of the scope containing this set of addresses."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#forwardingRuleAggregatedList for lists of forwarding rules.",
-     "default": "compute#forwardingRuleAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "disks": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of persistent disks.",
+          "httpMethod": "GET",
+          "id": "compute.disks.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/disks",
+          "response": {
+            "$ref": "DiskAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "createSnapshot": {
+          "description": "Creates a snapshot of a specified persistent disk.",
+          "httpMethod": "POST",
+          "id": "compute.disks.createSnapshot",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "Name of the persistent disk to snapshot.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "guestFlush": {
+              "location": "query",
+              "type": "boolean"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks/{disk}/createSnapshot",
+          "request": {
+            "$ref": "Snapshot"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified persistent disk. Deleting a disk removes its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.",
+          "httpMethod": "DELETE",
+          "id": "compute.disks.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "Name of the persistent disk to delete.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks/{disk}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns a specified persistent disk. Get a list of available persistent disks by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.disks.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "Name of the persistent disk to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks/{disk}",
+          "response": {
+            "$ref": "Disk"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a persistent disk in the specified project using the data in the request. You can create a disk with a sourceImage, a sourceSnapshot, or create an empty 500 GB data disk by omitting all properties. You can also create a disk that is larger than the default size by specifying the sizeGb property.",
+          "httpMethod": "POST",
+          "id": "compute.disks.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "sourceImage": {
+              "description": "Optional. Source image to restore onto a disk.",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks",
+          "request": {
+            "$ref": "Disk"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of persistent disks contained within the specified zone.",
+          "httpMethod": "GET",
+          "id": "compute.disks.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks",
+          "response": {
+            "$ref": "DiskList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "resize": {
+          "description": "Resizes the specified persistent disk. You can only increase the size of the disk.",
+          "httpMethod": "POST",
+          "id": "compute.disks.resize",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "The name of the persistent disk.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks/{disk}/resize",
+          "request": {
+            "$ref": "DisksResizeRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on a disk. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.disks.setLabels",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks/{resource}/setLabels",
+          "request": {
+            "$ref": "ZoneSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.disks.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "ForwardingRuleList": {
-   "id": "ForwardingRuleList",
-   "type": "object",
-   "description": "Contains a list of ForwardingRule resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of ForwardingRule resources.",
-     "items": {
-      "$ref": "ForwardingRule"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#forwardingRuleList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "firewalls": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified firewall.",
+          "httpMethod": "DELETE",
+          "id": "compute.firewalls.delete",
+          "parameterOrder": [
+            "project",
+            "firewall"
+          ],
+          "parameters": {
+            "firewall": {
+              "description": "Name of the firewall rule to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls/{firewall}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified firewall.",
+          "httpMethod": "GET",
+          "id": "compute.firewalls.get",
+          "parameterOrder": [
+            "project",
+            "firewall"
+          ],
+          "parameters": {
+            "firewall": {
+              "description": "Name of the firewall rule to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls/{firewall}",
+          "response": {
+            "$ref": "Firewall"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a firewall rule in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.firewalls.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls",
+          "request": {
+            "$ref": "Firewall"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of firewall rules available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.firewalls.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls",
+          "response": {
+            "$ref": "FirewallList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates the specified firewall rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.firewalls.patch",
+          "parameterOrder": [
+            "project",
+            "firewall"
+          ],
+          "parameters": {
+            "firewall": {
+              "description": "Name of the firewall rule to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls/{firewall}",
+          "request": {
+            "$ref": "Firewall"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.firewalls.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates the specified firewall rule with the data included in the request. The PUT method can only update the following fields of firewall rule: allowed, description, sourceRanges, sourceTags, targetTags.",
+          "httpMethod": "PUT",
+          "id": "compute.firewalls.update",
+          "parameterOrder": [
+            "project",
+            "firewall"
+          ],
+          "parameters": {
+            "firewall": {
+              "description": "Name of the firewall rule to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls/{firewall}",
+          "request": {
+            "$ref": "Firewall"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "ForwardingRulesScopedList": {
-   "id": "ForwardingRulesScopedList",
-   "type": "object",
-   "properties": {
+    },
     "forwardingRules": {
-     "type": "array",
-     "description": "List of forwarding rules contained in this scope.",
-     "items": {
-      "$ref": "ForwardingRule"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of forwarding rules when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "GlobalSetLabelsRequest": {
-   "id": "GlobalSetLabelsRequest",
-   "type": "object",
-   "properties": {
-    "labelFingerprint": {
-     "type": "string",
-     "description": "The fingerprint of the previous set of labels for this resource, used to detect conflicts. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash when updating or changing labels. Make a get() request to the resource to get the latest fingerprint.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "A list of labels to apply for this resource. Each label key & value must comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For example, \"webserver-frontend\": \"images\". A label value can also be empty (e.g. \"my-label\": \"\").",
-     "additionalProperties": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "GuestOsFeature": {
-   "id": "GuestOsFeature",
-   "type": "object",
-   "description": "Guest OS features.",
-   "properties": {
-    "type": {
-     "type": "string",
-     "description": "The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.",
-     "enum": [
-      "FEATURE_TYPE_UNSPECIFIED",
-      "MULTI_IP_SUBNET",
-      "SECURE_BOOT",
-      "UEFI_COMPATIBLE",
-      "VIRTIO_SCSI_MULTIQUEUE",
-      "WINDOWS"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "HTTPHealthCheck": {
-   "id": "HTTPHealthCheck",
-   "type": "object",
-   "properties": {
-    "host": {
-     "type": "string",
-     "description": "The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used."
-    },
-    "port": {
-     "type": "integer",
-     "description": "The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.",
-     "format": "int32"
-    },
-    "portName": {
-     "type": "string",
-     "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence."
-    },
-    "proxyHeader": {
-     "type": "string",
-     "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "requestPath": {
-     "type": "string",
-     "description": "The request path of the HTTP health check request. The default value is /."
-    },
-    "response": {
-     "type": "string",
-     "description": "The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII."
-    }
-   }
-  },
-  "HTTPSHealthCheck": {
-   "id": "HTTPSHealthCheck",
-   "type": "object",
-   "properties": {
-    "host": {
-     "type": "string",
-     "description": "The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used."
-    },
-    "port": {
-     "type": "integer",
-     "description": "The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.",
-     "format": "int32"
-    },
-    "portName": {
-     "type": "string",
-     "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence."
-    },
-    "proxyHeader": {
-     "type": "string",
-     "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "requestPath": {
-     "type": "string",
-     "description": "The request path of the HTTPS health check request. The default value is /."
-    },
-    "response": {
-     "type": "string",
-     "description": "The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII."
-    }
-   }
-  },
-  "HealthCheck": {
-   "id": "HealthCheck",
-   "type": "object",
-   "description": "An HealthCheck resource. This resource defines a template for how individual virtual machines should be checked for health, via one of the supported protocols.",
-   "properties": {
-    "checkIntervalSec": {
-     "type": "integer",
-     "description": "How often (in seconds) to send a health check. The default value is 5 seconds.",
-     "format": "int32"
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in 3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "healthyThreshold": {
-     "type": "integer",
-     "description": "A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.",
-     "format": "int32"
-    },
-    "httpHealthCheck": {
-     "$ref": "HTTPHealthCheck"
-    },
-    "httpsHealthCheck": {
-     "$ref": "HTTPSHealthCheck"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of the resource.",
-     "default": "compute#healthCheck"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sslHealthCheck": {
-     "$ref": "SSLHealthCheck"
-    },
-    "tcpHealthCheck": {
-     "$ref": "TCPHealthCheck"
-    },
-    "timeoutSec": {
-     "type": "integer",
-     "description": "How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.",
-     "format": "int32"
-    },
-    "type": {
-     "type": "string",
-     "description": "Specifies the type of the healthCheck, either TCP, SSL, HTTP or HTTPS. If not specified, the default is TCP. Exactly one of the protocol-specific health check field must be specified, which must match type field.",
-     "enum": [
-      "HTTP",
-      "HTTPS",
-      "INVALID",
-      "SSL",
-      "TCP",
-      "UDP"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "udpHealthCheck": {
-     "$ref": "UDPHealthCheck"
-    },
-    "unhealthyThreshold": {
-     "type": "integer",
-     "description": "A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.",
-     "format": "int32"
-    }
-   }
-  },
-  "HealthCheckList": {
-   "id": "HealthCheckList",
-   "type": "object",
-   "description": "Contains a list of HealthCheck resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of HealthCheck resources.",
-     "items": {
-      "$ref": "HealthCheck"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#healthCheckList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of forwarding rules.",
+          "httpMethod": "GET",
+          "id": "compute.forwardingRules.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/forwardingRules",
+          "response": {
+            "$ref": "ForwardingRuleAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified ForwardingRule resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.forwardingRules.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified ForwardingRule resource.",
+          "httpMethod": "GET",
+          "id": "compute.forwardingRules.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}",
+          "response": {
+            "$ref": "ForwardingRule"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a ForwardingRule resource in the specified project and region using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.forwardingRules.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules",
+          "request": {
+            "$ref": "ForwardingRule"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of ForwardingRule resources available to the specified project and region.",
+          "httpMethod": "GET",
+          "id": "compute.forwardingRules.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules",
+          "response": {
+            "$ref": "ForwardingRuleList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.forwardingRules.setLabels",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules/{resource}/setLabels",
+          "request": {
+            "$ref": "RegionSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setTarget": {
+          "description": "Changes target URL for forwarding rule. The new target should be of the same type as the old target.",
+          "httpMethod": "POST",
+          "id": "compute.forwardingRules.setTarget",
+          "parameterOrder": [
+            "project",
+            "region",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource in which target is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}/setTarget",
+          "request": {
+            "$ref": "TargetReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.forwardingRules.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "HealthCheckReference": {
-   "id": "HealthCheckReference",
-   "type": "object",
-   "description": "A full or valid partial URL to a health check. For example, the following are valid URLs:  \n- https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check \n- projects/project-id/global/httpHealthChecks/health-check \n- global/httpHealthChecks/health-check",
-   "properties": {
-    "healthCheck": {
-     "type": "string"
-    }
-   }
-  },
-  "HealthStatus": {
-   "id": "HealthStatus",
-   "type": "object",
-   "properties": {
-    "healthState": {
-     "type": "string",
-     "description": "Health state of the instance.",
-     "enum": [
-      "HEALTHY",
-      "UNHEALTHY"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "instance": {
-     "type": "string",
-     "description": "URL of the instance resource."
-    },
-    "ipAddress": {
-     "type": "string",
-     "description": "The IP address represented by this resource."
-    },
-    "port": {
-     "type": "integer",
-     "description": "The port on the instance.",
-     "format": "int32"
-    }
-   }
-  },
-  "HostRule": {
-   "id": "HostRule",
-   "type": "object",
-   "description": "UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.",
-   "properties": {
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "hosts": {
-     "type": "array",
-     "description": "The list of host patterns to match. They must be valid hostnames, except * will match any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..",
-     "items": {
-      "type": "string"
-     }
     },
-    "pathMatcher": {
-     "type": "string",
-     "description": "The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion."
-    }
-   }
-  },
-  "HttpHealthCheck": {
-   "id": "HttpHealthCheck",
-   "type": "object",
-   "description": "An HttpHealthCheck resource. This resource defines a template for how individual instances should be checked for health, via HTTP.",
-   "properties": {
-    "checkIntervalSec": {
-     "type": "integer",
-     "description": "How often (in seconds) to send a health check. The default value is 5 seconds.",
-     "format": "int32"
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "healthyThreshold": {
-     "type": "integer",
-     "description": "A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.",
-     "format": "int32"
-    },
-    "host": {
-     "type": "string",
-     "description": "The value of the host header in the HTTP health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#httpHealthCheck for HTTP health checks.",
-     "default": "compute#httpHealthCheck"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "port": {
-     "type": "integer",
-     "description": "The TCP port number for the HTTP health check request. The default value is 80.",
-     "format": "int32"
-    },
-    "requestPath": {
-     "type": "string",
-     "description": "The request path of the HTTP health check request. The default value is /."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "timeoutSec": {
-     "type": "integer",
-     "description": "How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.",
-     "format": "int32"
-    },
-    "unhealthyThreshold": {
-     "type": "integer",
-     "description": "A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.",
-     "format": "int32"
-    }
-   }
-  },
-  "HttpHealthCheckList": {
-   "id": "HttpHealthCheckList",
-   "type": "object",
-   "description": "Contains a list of HttpHealthCheck resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of HttpHealthCheck resources.",
-     "items": {
-      "$ref": "HttpHealthCheck"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#httpHealthCheckList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "HttpsHealthCheck": {
-   "id": "HttpsHealthCheck",
-   "type": "object",
-   "description": "An HttpsHealthCheck resource. This resource defines a template for how individual instances should be checked for health, via HTTPS.",
-   "properties": {
-    "checkIntervalSec": {
-     "type": "integer",
-     "description": "How often (in seconds) to send a health check. The default value is 5 seconds.",
-     "format": "int32"
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "healthyThreshold": {
-     "type": "integer",
-     "description": "A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.",
-     "format": "int32"
-    },
-    "host": {
-     "type": "string",
-     "description": "The value of the host header in the HTTPS health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of the resource.",
-     "default": "compute#httpsHealthCheck"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "port": {
-     "type": "integer",
-     "description": "The TCP port number for the HTTPS health check request. The default value is 443.",
-     "format": "int32"
-    },
-    "requestPath": {
-     "type": "string",
-     "description": "The request path of the HTTPS health check request. The default value is \"/\"."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "timeoutSec": {
-     "type": "integer",
-     "description": "How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have a greater value than checkIntervalSec.",
-     "format": "int32"
-    },
-    "unhealthyThreshold": {
-     "type": "integer",
-     "description": "A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.",
-     "format": "int32"
-    }
-   }
-  },
-  "HttpsHealthCheckList": {
-   "id": "HttpsHealthCheckList",
-   "type": "object",
-   "description": "Contains a list of HttpsHealthCheck resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of HttpsHealthCheck resources.",
-     "items": {
-      "$ref": "HttpsHealthCheck"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#httpsHealthCheckList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "globalAddresses": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified address resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.globalAddresses.delete",
+          "parameterOrder": [
+            "project",
+            "address"
+          ],
+          "parameters": {
+            "address": {
+              "description": "Name of the address resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/addresses/{address}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified address resource. Get a list of available addresses by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.globalAddresses.get",
+          "parameterOrder": [
+            "project",
+            "address"
+          ],
+          "parameters": {
+            "address": {
+              "description": "Name of the address resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/addresses/{address}",
+          "response": {
+            "$ref": "Address"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an address resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.globalAddresses.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/addresses",
+          "request": {
+            "$ref": "Address"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of global addresses.",
+          "httpMethod": "GET",
+          "id": "compute.globalAddresses.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/addresses",
+          "response": {
+            "$ref": "AddressList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on a GlobalAddress. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.globalAddresses.setLabels",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/addresses/{resource}/setLabels",
+          "request": {
+            "$ref": "GlobalSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.globalAddresses.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/addresses/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "Image": {
-   "id": "Image",
-   "type": "object",
-   "description": "An Image resource. (== resource_for beta.images ==) (== resource_for v1.images ==)",
-   "properties": {
-    "archiveSizeBytes": {
-     "type": "string",
-     "description": "Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).",
-     "format": "int64"
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "deprecated": {
-     "$ref": "DeprecationStatus",
-     "description": "The deprecation status associated with this image."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "diskSizeGb": {
-     "type": "string",
-     "description": "Size of the image when restored onto a persistent disk (in GB).",
-     "format": "int64"
-    },
-    "family": {
-     "type": "string",
-     "description": "The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035."
-    },
-    "guestOsFeatures": {
-     "type": "array",
-     "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.",
-     "items": {
-      "$ref": "GuestOsFeature"
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "imageEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "Encrypts the image using a customer-supplied encryption key.\n\nAfter you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).\n\nCustomer-supplied encryption keys do not protect access to metadata of the disk.\n\nIf you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#image for images.",
-     "default": "compute#image"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an image.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this image. These can be later modified by the setLabels method.",
-     "additionalProperties": {
-      "type": "string"
-     }
     },
-    "licenseCodes": {
-     "type": "array",
-     "description": "Integer license codes indicating which licenses are attached to this image.",
-     "items": {
-      "type": "string",
-      "format": "int64"
-     }
-    },
-    "licenses": {
-     "type": "array",
-     "description": "Any applicable license URI.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.images.insert"
-      ]
-     }
-    },
-    "rawDisk": {
-     "type": "object",
-     "description": "The parameters of the raw disk image.",
-     "properties": {
-      "containerType": {
-       "type": "string",
-       "description": "The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.",
-       "enum": [
-        "TAR"
-       ],
-       "enumDescriptions": [
-        ""
-       ]
-      },
-      "sha1Checksum": {
-       "type": "string",
-       "description": "An optional SHA1 checksum of the disk image before unpackaging; provided by the client when the disk image is created.",
-       "pattern": "[a-f0-9]{40}"
-      },
-      "source": {
-       "type": "string",
-       "description": "The full Google Cloud Storage URL where the disk image is stored. You must provide either this property or the sourceDisk property but not both.",
-       "annotations": {
-        "required": [
-         "compute.images.insert"
-        ]
-       }
-      }
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sourceDisk": {
-     "type": "string",
-     "description": "URL of the source disk used to create this image. This can be a full or valid partial URL. You must provide either this property or the rawDisk.source property but not both to create an image. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk \n- projects/project/zones/zone/disks/disk \n- zones/zone/disks/disk"
-    },
-    "sourceDiskEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key."
-    },
-    "sourceDiskId": {
-     "type": "string",
-     "description": "The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name."
-    },
-    "sourceImage": {
-     "type": "string",
-     "description": "URL of the source image used to create this image. This can be a full or valid partial URL. You must provide exactly one of:  \n- this property, or  \n- the rawDisk.source property, or  \n- the sourceDisk property   in order to create an image."
-    },
-    "sourceImageEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key."
-    },
-    "sourceImageId": {
-     "type": "string",
-     "description": "[Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name."
-    },
-    "sourceType": {
-     "type": "string",
-     "description": "The type of the image used to create this disk. The default and only value is RAW",
-     "default": "RAW",
-     "enum": [
-      "RAW"
-     ],
-     "enumDescriptions": [
-      ""
-     ]
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the image. An image can be used to create other resources, such as instances, only after the image has been successfully created and the status is set to READY. Possible values are FAILED, PENDING, or READY.",
-     "enum": [
-      "FAILED",
-      "PENDING",
-      "READY"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "ImageList": {
-   "id": "ImageList",
-   "type": "object",
-   "description": "Contains a list of images.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Image resources.",
-     "items": {
-      "$ref": "Image"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#imageList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "globalForwardingRules": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified GlobalForwardingRule resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.globalForwardingRules.delete",
+          "parameterOrder": [
+            "project",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules/{forwardingRule}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified GlobalForwardingRule resource. Get a list of available forwarding rules by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.globalForwardingRules.get",
+          "parameterOrder": [
+            "project",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules/{forwardingRule}",
+          "response": {
+            "$ref": "ForwardingRule"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a GlobalForwardingRule resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.globalForwardingRules.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules",
+          "request": {
+            "$ref": "ForwardingRule"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of GlobalForwardingRule resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.globalForwardingRules.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules",
+          "response": {
+            "$ref": "ForwardingRuleList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.globalForwardingRules.setLabels",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules/{resource}/setLabels",
+          "request": {
+            "$ref": "GlobalSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setTarget": {
+          "description": "Changes target URL for the GlobalForwardingRule resource. The new target should be of the same type as the old target.",
+          "httpMethod": "POST",
+          "id": "compute.globalForwardingRules.setTarget",
+          "parameterOrder": [
+            "project",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource in which target is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules/{forwardingRule}/setTarget",
+          "request": {
+            "$ref": "TargetReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.globalForwardingRules.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "Instance": {
-   "id": "Instance",
-   "type": "object",
-   "description": "An Instance resource. (== resource_for beta.instances ==) (== resource_for v1.instances ==)",
-   "properties": {
-    "canIpForward": {
-     "type": "boolean",
-     "description": "Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding."
-    },
-    "cpuPlatform": {
-     "type": "string",
-     "description": "[Output Only] The CPU platform used by this instance."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "deletionProtection": {
-     "type": "boolean",
-     "description": "Whether the resource should be protected against deletion."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
     },
-    "disks": {
-     "type": "array",
-     "description": "Array of disks associated with this instance. Persistent disks must be created before you can assign them.",
-     "items": {
-      "$ref": "AttachedDisk"
-     }
-    },
-    "guestAccelerators": {
-     "type": "array",
-     "description": "List of the type and count of accelerator cards attached to the instance.",
-     "items": {
-      "$ref": "AcceleratorConfig"
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#instance for instances.",
-     "default": "compute#instance"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.\n\nTo see the latest fingerprint, make get() request to the instance.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this instance. These can be later modified by the setLabels method.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    },
-    "machineType": {
-     "type": "string",
-     "description": "Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:\n\nzones/us-central1-f/machineTypes/n1-standard-1 \n\nTo create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):\n\nzones/zone/machineTypes/custom-CPUS-MEMORY \n\nFor example: zones/us-central1-f/machineTypes/custom-4-5120 \n\nFor a full list of restrictions, read the Specifications for custom machine types.",
-     "annotations": {
-      "required": [
-       "compute.instances.insert"
-      ]
-     }
-    },
-    "metadata": {
-     "$ref": "Metadata",
-     "description": "The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys."
-    },
-    "minCpuPlatform": {
-     "type": "string",
-     "description": "Specifies a minimum CPU platform for the VM instance. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\"."
-    },
-    "name": {
-     "type": "string",
-     "description": "The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.instances.insert"
-      ]
-     }
-    },
-    "networkInterfaces": {
-     "type": "array",
-     "description": "An array of network configurations for this instance. These specify how interfaces are configured to interact with other network services, such as connecting to the internet. Multiple interfaces are supported per instance.",
-     "items": {
-      "$ref": "NetworkInterface"
-     }
-    },
-    "scheduling": {
-     "$ref": "Scheduling",
-     "description": "Sets the scheduling options for this instance."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "serviceAccounts": {
-     "type": "array",
-     "description": "A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.\n\nService accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.",
-     "items": {
-      "$ref": "ServiceAccount"
-     }
-    },
-    "startRestricted": {
-     "type": "boolean",
-     "description": "[Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, STOPPED, SUSPENDING, SUSPENDED, and TERMINATED.",
-     "enum": [
-      "PROVISIONING",
-      "RUNNING",
-      "STAGING",
-      "STOPPED",
-      "STOPPING",
-      "SUSPENDED",
-      "SUSPENDING",
-      "TERMINATED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "statusMessage": {
-     "type": "string",
-     "description": "[Output Only] An optional, human-readable explanation of the status."
-    },
-    "tags": {
-     "$ref": "Tags",
-     "description": "A list of tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] URL of the zone where the instance resides."
-    }
-   }
-  },
-  "InstanceAggregatedList": {
-   "id": "InstanceAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of InstancesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "InstancesScopedList",
-      "description": "[Output Only] Name of the scope containing this set of instances."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#instanceAggregatedList for aggregated lists of Instance resources.",
-     "default": "compute#instanceAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InstanceGroup": {
-   "id": "InstanceGroup",
-   "type": "object",
-   "description": "InstanceGroups (== resource_for beta.instanceGroups ==) (== resource_for v1.instanceGroups ==) (== resource_for beta.regionInstanceGroups ==) (== resource_for v1.regionInstanceGroups ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] The creation timestamp for this instance group in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "[Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.",
-     "format": "byte"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] A unique identifier for this instance group, generated by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroup for instance groups.",
-     "default": "compute#instanceGroup"
-    },
-    "name": {
-     "type": "string",
-     "description": "The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.instanceGroupManagers.insert"
-      ]
-     }
-    },
-    "namedPorts": {
-     "type": "array",
-     "description": "Assigns a name to a port number. For example: {name: \"http\", port: 80}\n\nThis allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: \"http\", port: 80},{name: \"http\", port: 8080}] \n\nNamed ports apply to all instances in this instance group.",
-     "items": {
-      "$ref": "NamedPort"
-     }
-    },
-    "network": {
-     "type": "string",
-     "description": "The URL of the network to which all instances in the instance group belong."
-    },
-    "region": {
-     "type": "string",
-     "description": "The URL of the region where the instance group is located (for regional resources)."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] The URL for this instance group. The server generates this URL."
-    },
-    "size": {
-     "type": "integer",
-     "description": "[Output Only] The total number of instances in the instance group.",
-     "format": "int32"
-    },
-    "subnetwork": {
-     "type": "string",
-     "description": "The URL of the subnetwork to which all instances in the instance group belong."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] The URL of the zone where the instance group is located (for zonal resources)."
-    }
-   }
-  },
-  "InstanceGroupAggregatedList": {
-   "id": "InstanceGroupAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of InstanceGroupsScopedList resources.",
-     "additionalProperties": {
-      "$ref": "InstanceGroupsScopedList",
-      "description": "The name of the scope that contains this set of instance groups."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupAggregatedList for aggregated lists of instance groups.",
-     "default": "compute#instanceGroupAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "globalOperations": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of all operations.",
+          "httpMethod": "GET",
+          "id": "compute.globalOperations.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/operations",
+          "response": {
+            "$ref": "OperationAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified Operations resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.globalOperations.delete",
+          "parameterOrder": [
+            "project",
+            "operation"
+          ],
+          "parameters": {
+            "operation": {
+              "description": "Name of the Operations resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/operations/{operation}",
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Retrieves the specified Operations resource. Get a list of operations by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.globalOperations.get",
+          "parameterOrder": [
+            "project",
+            "operation"
+          ],
+          "parameters": {
+            "operation": {
+              "description": "Name of the Operations resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/operations/{operation}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of Operation resources contained within the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.globalOperations.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/operations",
+          "response": {
+            "$ref": "OperationList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InstanceGroupList": {
-   "id": "InstanceGroupList",
-   "type": "object",
-   "description": "A list of InstanceGroup resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceGroup resources.",
-     "items": {
-      "$ref": "InstanceGroup"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupList for instance group lists.",
-     "default": "compute#instanceGroupList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "healthChecks": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified HealthCheck resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.healthChecks.delete",
+          "parameterOrder": [
+            "project",
+            "healthCheck"
+          ],
+          "parameters": {
+            "healthCheck": {
+              "description": "Name of the HealthCheck resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks/{healthCheck}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified HealthCheck resource. Get a list of available health checks by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.healthChecks.get",
+          "parameterOrder": [
+            "project",
+            "healthCheck"
+          ],
+          "parameters": {
+            "healthCheck": {
+              "description": "Name of the HealthCheck resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks/{healthCheck}",
+          "response": {
+            "$ref": "HealthCheck"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a HealthCheck resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.healthChecks.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks",
+          "request": {
+            "$ref": "HealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of HealthCheck resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.healthChecks.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks",
+          "response": {
+            "$ref": "HealthCheckList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates a HealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.healthChecks.patch",
+          "parameterOrder": [
+            "project",
+            "healthCheck"
+          ],
+          "parameters": {
+            "healthCheck": {
+              "description": "Name of the HealthCheck resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks/{healthCheck}",
+          "request": {
+            "$ref": "HealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.healthChecks.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates a HealthCheck resource in the specified project using the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.healthChecks.update",
+          "parameterOrder": [
+            "project",
+            "healthCheck"
+          ],
+          "parameters": {
+            "healthCheck": {
+              "description": "Name of the HealthCheck resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks/{healthCheck}",
+          "request": {
+            "$ref": "HealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InstanceGroupManager": {
-   "id": "InstanceGroupManager",
-   "type": "object",
-   "description": "An Instance Group Manager resource. (== resource_for beta.instanceGroupManagers ==) (== resource_for v1.instanceGroupManagers ==) (== resource_for beta.regionInstanceGroupManagers ==) (== resource_for v1.regionInstanceGroupManagers ==)",
-   "properties": {
-    "autoHealingPolicies": {
-     "type": "array",
-     "description": "The autohealing policy for this managed instance group. You can specify only one value.",
-     "items": {
-      "$ref": "InstanceGroupManagerAutoHealingPolicy"
-     }
-    },
-    "baseInstanceName": {
-     "type": "string",
-     "description": "The base instance name to use for instances in this group. The value must be 1-58 characters long. Instances are named by appending a hyphen and a random four-character string to the base instance name. The base instance name must comply with RFC1035.",
-     "pattern": "[a-z][-a-z0-9]{0,57}",
-     "annotations": {
-      "required": [
-       "compute.instanceGroupManagers.insert"
-      ]
-     }
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] The creation timestamp for this managed instance group in RFC3339 text format."
-    },
-    "currentActions": {
-     "$ref": "InstanceGroupManagerActionsSummary",
-     "description": "[Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "distributionPolicy": {
-     "$ref": "DistributionPolicy",
-     "description": "Policy valid only for regional managed instance groups."
-    },
-    "failoverAction": {
-     "type": "string",
-     "description": "The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.",
-     "enum": [
-      "NO_FAILOVER",
-      "UNKNOWN"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "[Output Only] The fingerprint of the resource data. You can use this optional field for optimistic locking when you update the resource.",
-     "format": "byte"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] A unique identifier for this resource type. The server generates this identifier.",
-     "format": "uint64"
-    },
-    "instanceGroup": {
-     "type": "string",
-     "description": "[Output Only] The URL of the Instance Group resource."
-    },
-    "instanceTemplate": {
-     "type": "string",
-     "description": "The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.",
-     "default": "compute#instanceGroupManager"
-    },
-    "name": {
-     "type": "string",
-     "description": "The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.instanceGroupManagers.insert",
-       "compute.regionInstanceGroupManagers.insert"
-      ]
-     }
-    },
-    "namedPorts": {
-     "type": "array",
-     "description": "Named ports configured for the Instance Groups complementary to this Instance Group Manager.",
-     "items": {
-      "$ref": "NamedPort"
-     }
-    },
-    "pendingActions": {
-     "$ref": "InstanceGroupManagerPendingActionsSummary",
-     "description": "[Output Only] The list of instance actions and the number of instances in this managed instance group that are pending for each of those actions."
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] The URL of the region where the managed instance group resides (for regional resources)."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] The URL for this managed instance group. The server defines this URL."
-    },
-    "serviceAccount": {
-     "type": "string",
-     "description": "[Output Only] The service account to be used as credentials for all operations performed by the managed instance group on instances. The service accounts needs all permissions required to create and delete instances. By default, the service account {projectNumber}@cloudservices.gserviceaccount.com is used."
     },
-    "targetPools": {
-     "type": "array",
-     "description": "The URLs for all TargetPool resources to which instances in the instanceGroup field are added. The target pools automatically apply to all of the instances in the managed instance group.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "targetSize": {
-     "type": "integer",
-     "description": "The target number of running instances for this managed instance group. Deleting or abandoning instances reduces this number. Resizing the group changes this number.",
-     "format": "int32",
-     "annotations": {
-      "required": [
-       "compute.instanceGroupManagers.insert",
-       "compute.regionInstanceGroupManagers.insert"
-      ]
-     }
-    },
-    "updatePolicy": {
-     "$ref": "InstanceGroupManagerUpdatePolicy",
-     "description": "The update policy for this managed instance group."
-    },
-    "versions": {
-     "type": "array",
-     "description": "Specifies the instance templates used by this managed instance group to create instances.\n\nEach version is defined by an instanceTemplate. Every template can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.",
-     "items": {
-      "$ref": "InstanceGroupManagerVersion"
-     }
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] The URL of the zone where the managed instance group is located (for zonal resources)."
-    }
-   }
-  },
-  "InstanceGroupManagerActionsSummary": {
-   "id": "InstanceGroupManagerActionsSummary",
-   "type": "object",
-   "properties": {
-    "abandoning": {
-     "type": "integer",
-     "description": "[Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.",
-     "format": "int32"
-    },
-    "creating": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.\n\nIf you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.",
-     "format": "int32"
-    },
-    "creatingWithoutRetries": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.",
-     "format": "int32"
-    },
-    "deleting": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.",
-     "format": "int32"
-    },
-    "none": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.",
-     "format": "int32"
-    },
-    "recreating": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be recreated or are currently being being recreated. Recreating an instance deletes the existing root persistent disk and creates a new disk from the image that is defined in the instance template.",
-     "format": "int32"
-    },
-    "refreshing": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are being reconfigured with properties that do not require a restart or a recreate action. For example, setting or removing target pools for the instance.",
-     "format": "int32"
-    },
-    "restarting": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be restarted or are currently being restarted.",
-     "format": "int32"
-    },
-    "verifying": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are being verified. More details regarding verification process are covered in the documentation of ManagedInstance.InstanceAction.VERIFYING enum field.",
-     "format": "int32"
-    }
-   }
-  },
-  "InstanceGroupManagerAggregatedList": {
-   "id": "InstanceGroupManagerAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of InstanceGroupManagersScopedList resources.",
-     "additionalProperties": {
-      "$ref": "InstanceGroupManagersScopedList",
-      "description": "[Output Only] The name of the scope that contains this set of managed instance groups."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupManagerAggregatedList for an aggregated list of managed instance groups.",
-     "default": "compute#instanceGroupManagerAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "httpHealthChecks": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified HttpHealthCheck resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.httpHealthChecks.delete",
+          "parameterOrder": [
+            "project",
+            "httpHealthCheck"
+          ],
+          "parameters": {
+            "httpHealthCheck": {
+              "description": "Name of the HttpHealthCheck resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified HttpHealthCheck resource. Get a list of available HTTP health checks by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.httpHealthChecks.get",
+          "parameterOrder": [
+            "project",
+            "httpHealthCheck"
+          ],
+          "parameters": {
+            "httpHealthCheck": {
+              "description": "Name of the HttpHealthCheck resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
+          "response": {
+            "$ref": "HttpHealthCheck"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a HttpHealthCheck resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.httpHealthChecks.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks",
+          "request": {
+            "$ref": "HttpHealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of HttpHealthCheck resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.httpHealthChecks.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks",
+          "response": {
+            "$ref": "HttpHealthCheckList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates a HttpHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.httpHealthChecks.patch",
+          "parameterOrder": [
+            "project",
+            "httpHealthCheck"
+          ],
+          "parameters": {
+            "httpHealthCheck": {
+              "description": "Name of the HttpHealthCheck resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
+          "request": {
+            "$ref": "HttpHealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.httpHealthChecks.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates a HttpHealthCheck resource in the specified project using the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.httpHealthChecks.update",
+          "parameterOrder": [
+            "project",
+            "httpHealthCheck"
+          ],
+          "parameters": {
+            "httpHealthCheck": {
+              "description": "Name of the HttpHealthCheck resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
+          "request": {
+            "$ref": "HttpHealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InstanceGroupManagerAutoHealingPolicy": {
-   "id": "InstanceGroupManagerAutoHealingPolicy",
-   "type": "object",
-   "properties": {
-    "healthCheck": {
-     "type": "string",
-     "description": "The URL for the health check that signals autohealing."
-    },
-    "initialDelaySec": {
-     "type": "integer",
-     "description": "The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances. This initial delay allows instances to initialize and run their startup scripts before the instance group determines that they are UNHEALTHY. This prevents the managed instance group from recreating its instances prematurely. This value must be from range [0, 3600].",
-     "format": "int32"
-    }
-   }
-  },
-  "InstanceGroupManagerList": {
-   "id": "InstanceGroupManagerList",
-   "type": "object",
-   "description": "[Output Only] A list of managed instance groups.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceGroupManager resources.",
-     "items": {
-      "$ref": "InstanceGroupManager"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupManagerList for a list of managed instance groups.",
-     "default": "compute#instanceGroupManagerList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "httpsHealthChecks": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified HttpsHealthCheck resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.httpsHealthChecks.delete",
+          "parameterOrder": [
+            "project",
+            "httpsHealthCheck"
+          ],
+          "parameters": {
+            "httpsHealthCheck": {
+              "description": "Name of the HttpsHealthCheck resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified HttpsHealthCheck resource. Get a list of available HTTPS health checks by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.httpsHealthChecks.get",
+          "parameterOrder": [
+            "project",
+            "httpsHealthCheck"
+          ],
+          "parameters": {
+            "httpsHealthCheck": {
+              "description": "Name of the HttpsHealthCheck resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
+          "response": {
+            "$ref": "HttpsHealthCheck"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a HttpsHealthCheck resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.httpsHealthChecks.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks",
+          "request": {
+            "$ref": "HttpsHealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of HttpsHealthCheck resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.httpsHealthChecks.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks",
+          "response": {
+            "$ref": "HttpsHealthCheckList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates a HttpsHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.httpsHealthChecks.patch",
+          "parameterOrder": [
+            "project",
+            "httpsHealthCheck"
+          ],
+          "parameters": {
+            "httpsHealthCheck": {
+              "description": "Name of the HttpsHealthCheck resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
+          "request": {
+            "$ref": "HttpsHealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.httpsHealthChecks.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates a HttpsHealthCheck resource in the specified project using the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.httpsHealthChecks.update",
+          "parameterOrder": [
+            "project",
+            "httpsHealthCheck"
+          ],
+          "parameters": {
+            "httpsHealthCheck": {
+              "description": "Name of the HttpsHealthCheck resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
+          "request": {
+            "$ref": "HttpsHealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InstanceGroupManagerPendingActionsSummary": {
-   "id": "InstanceGroupManagerPendingActionsSummary",
-   "type": "object",
-   "properties": {
-    "creating": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are pending to be created.",
-     "format": "int32"
-    },
-    "deleting": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are pending to be deleted.",
-     "format": "int32"
-    },
-    "recreating": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are pending to be recreated.",
-     "format": "int32"
-    },
-    "restarting": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are pending to be restarted.",
-     "format": "int32"
-    }
-   }
-  },
-  "InstanceGroupManagerUpdatePolicy": {
-   "id": "InstanceGroupManagerUpdatePolicy",
-   "type": "object",
-   "properties": {
-    "maxSurge": {
-     "$ref": "FixedOrPercent",
-     "description": "The maximum number of instances that can be created above the specified targetSize during the update process. By default, a fixed value of 1 is used. This value can be either a fixed number or a percentage if the instance group has 10 or more instances. If you set a percentage, the number of instances will be rounded up if necessary.\n\nAt least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge."
-    },
-    "maxUnavailable": {
-     "$ref": "FixedOrPercent",
-     "description": "The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:\n\n \n- The instance's status is RUNNING. \n- If there is a health check on the instance group, the instance's liveness health check result must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  By default, a fixed value of 1 is used. This value can be either a fixed number or a percentage if the instance group has 10 or more instances. If you set a percentage, the number of instances will be rounded up if necessary.\n\nAt least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable."
-    },
-    "minReadySec": {
-     "type": "integer",
-     "description": "Minimum number of seconds to wait for after a newly created instance becomes available. This value must be from range [0, 3600].",
-     "format": "int32"
-    },
-    "minimalAction": {
-     "type": "string",
-     "description": "Minimal action to be taken on an instance. You can specify either RESTART to restart existing instances or REPLACE to delete and create new instances from the target template. If you specify a code\u003eRESTART, the Updater will attempt to perform that action only. However, if the Updater determines that the minimal action you specify is not enough to perform the update, it might perform a more disruptive action.",
-     "enum": [
-      "REPLACE",
-      "RESTART"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "type": {
-     "type": "string",
-     "enum": [
-      "OPPORTUNISTIC",
-      "PROACTIVE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "InstanceGroupManagerVersion": {
-   "id": "InstanceGroupManagerVersion",
-   "type": "object",
-   "properties": {
-    "instanceTemplate": {
-     "type": "string"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the version. Unique among all versions in the scope of this managed instance group."
-    },
-    "targetSize": {
-     "$ref": "FixedOrPercent",
-     "description": "Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:  \n- If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. \n- if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded up.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information."
-    }
-   }
-  },
-  "InstanceGroupManagersAbandonInstancesRequest": {
-   "id": "InstanceGroupManagersAbandonInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The URLs of one or more instances to abandon. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstanceGroupManagersDeleteInstancesRequest": {
-   "id": "InstanceGroupManagersDeleteInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The URLs of one or more instances to delete. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstanceGroupManagersListManagedInstancesResponse": {
-   "id": "InstanceGroupManagersListManagedInstancesResponse",
-   "type": "object",
-   "properties": {
-    "managedInstances": {
-     "type": "array",
-     "description": "[Output Only] The list of instances in the managed instance group.",
-     "items": {
-      "$ref": "ManagedInstance"
-     }
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    }
-   }
-  },
-  "InstanceGroupManagersRecreateInstancesRequest": {
-   "id": "InstanceGroupManagersRecreateInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The URLs of one or more instances to recreate. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstanceGroupManagersResizeAdvancedRequest": {
-   "id": "InstanceGroupManagersResizeAdvancedRequest",
-   "type": "object",
-   "properties": {
-    "noCreationRetries": {
-     "type": "boolean",
-     "description": "If this flag is true, the managed instance group attempts to create all instances initiated by this resize request only once. If there is an error during creation, the managed instance group does not retry create this instance, and we will decrease the targetSize of the request instead. If the flag is false, the group attemps to recreate each instance continuously until it succeeds.\n\nThis flag matters only in the first attempt of creation of an instance. After an instance is successfully created while this flag is enabled, the instance behaves the same way as all the other instances created with a regular resize request. In particular, if a running instance dies unexpectedly at a later time and needs to be recreated, this mode does not affect the recreation behavior in that scenario.\n\nThis flag is applicable only to the current resize request. It does not influence other resize requests in any way.\n\nYou can see which instances is being creating in which mode by calling the get or listManagedInstances API."
-    },
-    "targetSize": {
-     "type": "integer",
-     "description": "The number of running instances that the managed instance group should maintain at any given time. The group automatically adds or removes instances to maintain the number of instances specified by this parameter.",
-     "format": "int32"
-    }
-   }
-  },
-  "InstanceGroupManagersScopedList": {
-   "id": "InstanceGroupManagersScopedList",
-   "type": "object",
-   "properties": {
-    "instanceGroupManagers": {
-     "type": "array",
-     "description": "[Output Only] The list of managed instance groups that are contained in the specified project and zone.",
-     "items": {
-      "$ref": "InstanceGroupManager"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] The warning that replaces the list of managed instance groups when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "images": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified image.",
+          "httpMethod": "DELETE",
+          "id": "compute.images.delete",
+          "parameterOrder": [
+            "project",
+            "image"
+          ],
+          "parameters": {
+            "image": {
+              "description": "Name of the image resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images/{image}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "deprecate": {
+          "description": "Sets the deprecation status of an image.\n\nIf an empty request body is given, clears the deprecation status instead.",
+          "httpMethod": "POST",
+          "id": "compute.images.deprecate",
+          "parameterOrder": [
+            "project",
+            "image"
+          ],
+          "parameters": {
+            "image": {
+              "description": "Image name.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images/{image}/deprecate",
+          "request": {
+            "$ref": "DeprecationStatus"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified image. Get a list of available images by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.images.get",
+          "parameterOrder": [
+            "project",
+            "image"
+          ],
+          "parameters": {
+            "image": {
+              "description": "Name of the image resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images/{image}",
+          "response": {
+            "$ref": "Image"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getFromFamily": {
+          "description": "Returns the latest image that is part of an image family and is not deprecated.",
+          "httpMethod": "GET",
+          "id": "compute.images.getFromFamily",
+          "parameterOrder": [
+            "project",
+            "family"
+          ],
+          "parameters": {
+            "family": {
+              "description": "Name of the image family to search for.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images/family/{family}",
+          "response": {
+            "$ref": "Image"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an image in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.images.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "forceCreate": {
+              "description": "Force image creation if true.",
+              "location": "query",
+              "type": "boolean"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images",
+          "request": {
+            "$ref": "Image"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/devstorage.full_control",
+            "https://www.googleapis.com/auth/devstorage.read_only",
+            "https://www.googleapis.com/auth/devstorage.read_write"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of custom images available to the specified project. Custom images are images you create that belong to your project. This method does not get any images that belong to other projects, including publicly-available images, like Debian 8. If you want to get a list of publicly-available images, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.",
+          "httpMethod": "GET",
+          "id": "compute.images.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images",
+          "response": {
+            "$ref": "ImageList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on an image. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.images.setLabels",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images/{resource}/setLabels",
+          "request": {
+            "$ref": "GlobalSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.images.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InstanceGroupManagersSetAutoHealingRequest": {
-   "id": "InstanceGroupManagersSetAutoHealingRequest",
-   "type": "object",
-   "properties": {
-    "autoHealingPolicies": {
-     "type": "array",
-     "items": {
-      "$ref": "InstanceGroupManagerAutoHealingPolicy"
-     }
-    }
-   }
-  },
-  "InstanceGroupManagersSetInstanceTemplateRequest": {
-   "id": "InstanceGroupManagersSetInstanceTemplateRequest",
-   "type": "object",
-   "properties": {
-    "instanceTemplate": {
-     "type": "string",
-     "description": "The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group."
-    }
-   }
-  },
-  "InstanceGroupManagersSetTargetPoolsRequest": {
-   "id": "InstanceGroupManagersSetTargetPoolsRequest",
-   "type": "object",
-   "properties": {
-    "fingerprint": {
-     "type": "string",
-     "description": "The fingerprint of the target pools information. Use this optional property to prevent conflicts when multiple users change the target pools settings concurrently. Obtain the fingerprint with the instanceGroupManagers.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.",
-     "format": "byte"
     },
-    "targetPools": {
-     "type": "array",
-     "description": "The list of target pool URLs that instances in this managed instance group belong to. The managed instance group applies these target pools to all of the instances in the group. Existing instances and new instances in the group all receive these target pool settings.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstanceGroupsAddInstancesRequest": {
-   "id": "InstanceGroupsAddInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The list of instances to add to the instance group.",
-     "items": {
-      "$ref": "InstanceReference"
-     }
-    }
-   }
-  },
-  "InstanceGroupsListInstances": {
-   "id": "InstanceGroupsListInstances",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceWithNamedPorts resources.",
-     "items": {
-      "$ref": "InstanceWithNamedPorts"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupsListInstances for the list of instances in the specified instance group.",
-     "default": "compute#instanceGroupsListInstances"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "instanceGroupManagers": {
+      "methods": {
+        "abandonInstances": {
+          "description": "Schedules a group action to remove the specified instances from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.abandonInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/abandonInstances",
+          "request": {
+            "$ref": "InstanceGroupManagersAbandonInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "aggregatedList": {
+          "description": "Retrieves the list of managed instance groups and groups them by zone.",
+          "httpMethod": "GET",
+          "id": "compute.instanceGroupManagers.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/instanceGroupManagers",
+          "response": {
+            "$ref": "InstanceGroupManagerAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified managed instance group and all of the instances in that group. Note that the instance group must not belong to a backend service. Read  Deleting an instance group for more information.",
+          "httpMethod": "DELETE",
+          "id": "compute.instanceGroupManagers.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group to delete.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "deleteInstances": {
+          "description": "Schedules a group action to delete the specified instances in the managed instance group. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.deleteInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/deleteInstances",
+          "request": {
+            "$ref": "InstanceGroupManagersDeleteInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns all of the details about the specified managed instance group. Get a list of available managed instance groups by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.instanceGroupManagers.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
+          "response": {
+            "$ref": "InstanceGroupManager"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a managed instance group using the information that you specify in the request. After the group is created, it schedules an action to create instances in the group using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.\n\nA managed instance group can have up to 1000 VM instances per group. Please contact Cloud Support if you need an increase in this limit.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where you want to create the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers",
+          "request": {
+            "$ref": "InstanceGroupManager"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of managed instance groups that are contained within the specified project and zone.",
+          "httpMethod": "GET",
+          "id": "compute.instanceGroupManagers.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers",
+          "response": {
+            "$ref": "InstanceGroupManagerList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listManagedInstances": {
+          "description": "Lists all of the instances in the managed instance group. Each instance in the list has a currentAction, which indicates the action that the managed instance group is performing on the instance. For example, if the group is still creating an instance, the currentAction is CREATING. If a previous action failed, the list displays the errors for that failed action.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.listManagedInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "filter": {
+              "location": "query",
+              "type": "string"
+            },
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "order_by": {
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/listManagedInstances",
+          "response": {
+            "$ref": "InstanceGroupManagersListManagedInstancesResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listManagedInstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.instanceGroupManagers.patch",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the instance group manager.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where you want to create the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
+          "request": {
+            "$ref": "InstanceGroupManager"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "recreateInstances": {
+          "description": "Schedules a group action to recreate the specified instances in the managed instance group. The instances are deleted and recreated using the current instance template for the managed instance group. This operation is marked as DONE when the action is scheduled even if the instances have not yet been recreated. You must separately verify the status of the recreating action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.recreateInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/recreateInstances",
+          "request": {
+            "$ref": "InstanceGroupManagersRecreateInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "resize": {
+          "description": "Resizes the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.resize",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager",
+            "size"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "size": {
+              "description": "The number of running instances that the managed instance group should maintain at any given time. The group automatically adds or removes instances to maintain the number of instances specified by this parameter.",
+              "format": "int32",
+              "location": "query",
+              "required": true,
+              "type": "integer"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/resize",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "resizeAdvanced": {
+          "description": "Resizes the managed instance group with advanced configuration options like disabling creation retries. This is an extended version of the resize method.\n\nIf you increase the size of the instance group, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating, creatingWithoutRetries, or deleting actions with the get or listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.resizeAdvanced",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/resizeAdvanced",
+          "request": {
+            "$ref": "InstanceGroupManagersResizeAdvancedRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setAutoHealingPolicies": {
+          "description": "Modifies the autohealing policies.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.setAutoHealingPolicies",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the instance group manager.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/setAutoHealingPolicies",
+          "request": {
+            "$ref": "InstanceGroupManagersSetAutoHealingRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setInstanceTemplate": {
+          "description": "Specifies the instance template to use when creating new instances in this group. The templates for existing instances in the group do not change unless you recreate them.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.setInstanceTemplate",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/setInstanceTemplate",
+          "request": {
+            "$ref": "InstanceGroupManagersSetInstanceTemplateRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setTargetPools": {
+          "description": "Modifies the target pools to which all instances in this managed instance group are assigned. The target pools automatically apply to all of the instances in the managed instance group. This operation is marked DONE when you make the request even if the instances have not yet been added to their target pools. The change might take some time to apply to all of the instances in the group depending on the size of the group.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.setTargetPools",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/setTargetPools",
+          "request": {
+            "$ref": "InstanceGroupManagersSetTargetPoolsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is updated even if the instances in the group have not yet been updated. You must separately verify the status of the individual instances with the listManagedInstances method.",
+          "httpMethod": "PUT",
+          "id": "compute.instanceGroupManagers.update",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the instance group manager.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where you want to create the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
+          "request": {
+            "$ref": "InstanceGroupManager"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InstanceGroupsListInstancesRequest": {
-   "id": "InstanceGroupsListInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instanceState": {
-     "type": "string",
-     "description": "A filter for the state of the instances in the instance group. Valid options are ALL or RUNNING. If you do not specify this parameter the list includes all instances regardless of their state.",
-     "enum": [
-      "ALL",
-      "RUNNING"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "InstanceGroupsRemoveInstancesRequest": {
-   "id": "InstanceGroupsRemoveInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The list of instances to remove from the instance group.",
-     "items": {
-      "$ref": "InstanceReference"
-     }
-    }
-   }
-  },
-  "InstanceGroupsScopedList": {
-   "id": "InstanceGroupsScopedList",
-   "type": "object",
-   "properties": {
+    },
     "instanceGroups": {
-     "type": "array",
-     "description": "[Output Only] The list of instance groups that are contained in this scope.",
-     "items": {
-      "$ref": "InstanceGroup"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] An informational warning that replaces the list of instance groups when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InstanceGroupsSetNamedPortsRequest": {
-   "id": "InstanceGroupsSetNamedPortsRequest",
-   "type": "object",
-   "properties": {
-    "fingerprint": {
-     "type": "string",
-     "description": "The fingerprint of the named ports information for this instance group. Use this optional property to prevent conflicts when multiple users change the named ports settings concurrently. Obtain the fingerprint with the instanceGroups.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.",
-     "format": "byte"
-    },
-    "namedPorts": {
-     "type": "array",
-     "description": "The list of named ports to set for this instance group.",
-     "items": {
-      "$ref": "NamedPort"
-     }
-    }
-   }
-  },
-  "InstanceList": {
-   "id": "InstanceList",
-   "type": "object",
-   "description": "Contains a list of instances.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Instance resources.",
-     "items": {
-      "$ref": "Instance"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#instanceList for lists of Instance resources.",
-     "default": "compute#instanceList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+      "methods": {
+        "addInstances": {
+          "description": "Adds a list of instances to the specified instance group. All of the instances in the instance group must be in the same network/subnetwork. Read  Adding instances for more information.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroups.addInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "The name of the instance group where you are adding instances.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/addInstances",
+          "request": {
+            "$ref": "InstanceGroupsAddInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "aggregatedList": {
+          "description": "Retrieves the list of instance groups and sorts them by zone.",
+          "httpMethod": "GET",
+          "id": "compute.instanceGroups.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/instanceGroups",
+          "response": {
+            "$ref": "InstanceGroupAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified instance group. The instances in the group are not deleted. Note that instance group must not belong to a backend service. Read  Deleting an instance group for more information.",
+          "httpMethod": "DELETE",
+          "id": "compute.instanceGroups.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "The name of the instance group to delete.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified instance group. Get a list of available instance groups by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.instanceGroups.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "The name of the instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}",
+          "response": {
+            "$ref": "InstanceGroup"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an instance group in the specified project using the parameters that are included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroups.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where you want to create the instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups",
+          "request": {
+            "$ref": "InstanceGroup"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of instance groups that are located in the specified project and zone.",
+          "httpMethod": "GET",
+          "id": "compute.instanceGroups.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups",
+          "response": {
+            "$ref": "InstanceGroupList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listInstances": {
+          "description": "Lists the instances in the specified instance group.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroups.listInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "instanceGroup": {
+              "description": "The name of the instance group from which you want to generate a list of included instances.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/listInstances",
+          "request": {
+            "$ref": "InstanceGroupsListInstancesRequest"
+          },
+          "response": {
+            "$ref": "InstanceGroupsListInstances"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "removeInstances": {
+          "description": "Removes one or more instances from the specified instance group, but does not delete those instances.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration before the VM instance is removed or deleted.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroups.removeInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "The name of the instance group where the specified instances will be removed.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/removeInstances",
+          "request": {
+            "$ref": "InstanceGroupsRemoveInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setNamedPorts": {
+          "description": "Sets the named ports for the specified instance group.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroups.setNamedPorts",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "The name of the instance group where the named ports are updated.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/setNamedPorts",
+          "request": {
+            "$ref": "InstanceGroupsSetNamedPortsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroups.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InstanceListReferrers": {
-   "id": "InstanceListReferrers",
-   "type": "object",
-   "description": "Contains a list of instance referrers.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Reference resources.",
-     "items": {
-      "$ref": "Reference"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#instanceListReferrers for lists of Instance referrers.",
-     "default": "compute#instanceListReferrers"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "instanceTemplates": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified instance template. Deleting an instance template is permanent and cannot be undone. It's not possible to delete templates which are in use by an instance group.",
+          "httpMethod": "DELETE",
+          "id": "compute.instanceTemplates.delete",
+          "parameterOrder": [
+            "project",
+            "instanceTemplate"
+          ],
+          "parameters": {
+            "instanceTemplate": {
+              "description": "The name of the instance template to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/instanceTemplates/{instanceTemplate}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified instance template. Get a list of available instance templates by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.instanceTemplates.get",
+          "parameterOrder": [
+            "project",
+            "instanceTemplate"
+          ],
+          "parameters": {
+            "instanceTemplate": {
+              "description": "The name of the instance template.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/instanceTemplates/{instanceTemplate}",
+          "response": {
+            "$ref": "InstanceTemplate"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an instance template in the specified project using the data that is included in the request. If you are creating a new template to update an existing instance group, your new instance template must use the same network or, if applicable, the same subnetwork as the original template.",
+          "httpMethod": "POST",
+          "id": "compute.instanceTemplates.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/instanceTemplates",
+          "request": {
+            "$ref": "InstanceTemplate"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of instance templates that are contained within the specified project and zone.",
+          "httpMethod": "GET",
+          "id": "compute.instanceTemplates.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/instanceTemplates",
+          "response": {
+            "$ref": "InstanceTemplateList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.instanceTemplates.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/instanceTemplates/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InstanceMoveRequest": {
-   "id": "InstanceMoveRequest",
-   "type": "object",
-   "properties": {
-    "destinationZone": {
-     "type": "string",
-     "description": "The URL of the destination zone to move the instance. This can be a full or partial URL. For example, the following are all valid URLs to a zone:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone \n- projects/project/zones/zone \n- zones/zone"
-    },
-    "targetInstance": {
-     "type": "string",
-     "description": "The URL of the target instance to move. This can be a full or partial URL. For example, the following are all valid URLs to an instance:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance \n- projects/project/zones/zone/instances/instance \n- zones/zone/instances/instance"
-    }
-   }
-  },
-  "InstanceProperties": {
-   "id": "InstanceProperties",
-   "type": "object",
-   "description": "",
-   "properties": {
-    "canIpForward": {
-     "type": "boolean",
-     "description": "Enables instances created based on this template to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional text description for the instances that are created from this instance template."
     },
-    "disks": {
-     "type": "array",
-     "description": "An array of disks that are associated with the instances that are created from this template.",
-     "items": {
-      "$ref": "AttachedDisk"
-     }
-    },
-    "guestAccelerators": {
-     "type": "array",
-     "description": "A list of guest accelerator cards' type and count to use for instances created from the instance template.",
-     "items": {
-      "$ref": "AcceleratorConfig"
-     }
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to instances that are created from this template.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    },
-    "machineType": {
-     "type": "string",
-     "description": "The machine type to use for instances that are created from this template.",
-     "annotations": {
-      "required": [
-       "compute.instanceTemplates.insert"
-      ]
-     }
-    },
-    "metadata": {
-     "$ref": "Metadata",
-     "description": "The metadata key/value pairs to assign to instances that are created from this template. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information."
-    },
-    "minCpuPlatform": {
-     "type": "string",
-     "description": "Minimum cpu/platform to be used by this instance. The instance may be scheduled on the specified or newer cpu/platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\". For more information, read Specifying a Minimum CPU Platform."
-    },
-    "networkInterfaces": {
-     "type": "array",
-     "description": "An array of network access configurations for this interface.",
-     "items": {
-      "$ref": "NetworkInterface"
-     }
-    },
-    "scheduling": {
-     "$ref": "Scheduling",
-     "description": "Specifies the scheduling options for the instances that are created from this template."
-    },
-    "serviceAccounts": {
-     "type": "array",
-     "description": "A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from this template. Use metadata queries to obtain the access tokens for these instances.",
-     "items": {
-      "$ref": "ServiceAccount"
-     }
-    },
-    "tags": {
-     "$ref": "Tags",
-     "description": "A list of tags to apply to the instances that are created from this template. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035."
-    }
-   }
-  },
-  "InstanceReference": {
-   "id": "InstanceReference",
-   "type": "object",
-   "properties": {
-    "instance": {
-     "type": "string",
-     "description": "The URL for a specific instance."
-    }
-   }
-  },
-  "InstanceTemplate": {
-   "id": "InstanceTemplate",
-   "type": "object",
-   "description": "An Instance Template resource. (== resource_for beta.instanceTemplates ==) (== resource_for v1.instanceTemplates ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] The creation timestamp for this instance template in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] A unique identifier for this instance template. The server defines this identifier.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceTemplate for instance templates.",
-     "default": "compute#instanceTemplate"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.instanceTemplates.insert"
-      ]
-     }
-    },
-    "properties": {
-     "$ref": "InstanceProperties",
-     "description": "The instance properties for this instance template."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] The URL for this instance template. The server defines this URL."
-    },
-    "sourceInstance": {
-     "type": "string",
-     "description": "The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance \n- projects/project/zones/zone/instances/instance"
-    },
-    "sourceInstanceParams": {
-     "$ref": "SourceInstanceParams",
-     "description": "The source instance params to use to create this instance template."
-    }
-   }
-  },
-  "InstanceTemplateList": {
-   "id": "InstanceTemplateList",
-   "type": "object",
-   "description": "A list of instance templates.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceTemplate resources.",
-     "items": {
-      "$ref": "InstanceTemplate"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceTemplatesListResponse for instance template lists.",
-     "default": "compute#instanceTemplateList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InstanceWithNamedPorts": {
-   "id": "InstanceWithNamedPorts",
-   "type": "object",
-   "properties": {
-    "instance": {
-     "type": "string",
-     "description": "[Output Only] The URL of the instance."
-    },
-    "namedPorts": {
-     "type": "array",
-     "description": "[Output Only] The named ports that belong to this instance group.",
-     "items": {
-      "$ref": "NamedPort"
-     }
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the instance.",
-     "enum": [
-      "PROVISIONING",
-      "RUNNING",
-      "STAGING",
-      "STOPPED",
-      "STOPPING",
-      "SUSPENDED",
-      "SUSPENDING",
-      "TERMINATED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "InstancesScopedList": {
-   "id": "InstancesScopedList",
-   "type": "object",
-   "properties": {
     "instances": {
-     "type": "array",
-     "description": "[Output Only] List of instances contained in this scope.",
-     "items": {
-      "$ref": "Instance"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of instances when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+      "methods": {
+        "addAccessConfig": {
+          "description": "Adds an access config to an instance's network interface.",
+          "httpMethod": "POST",
+          "id": "compute.instances.addAccessConfig",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance",
+            "networkInterface"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "The instance name for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "networkInterface": {
+              "description": "The name of the network interface to add to this instance.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/addAccessConfig",
+          "request": {
+            "$ref": "AccessConfig"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "aggregatedList": {
+          "description": "Retrieves aggregated list of instances.",
+          "httpMethod": "GET",
+          "id": "compute.instances.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/instances",
+          "response": {
+            "$ref": "InstanceAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "attachDisk": {
+          "description": "Attaches an existing Disk resource to an instance. You must first create the disk before you can attach it. It is not possible to create and attach a disk at the same time. For more information, read Adding a persistent disk to your instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.attachDisk",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "forceAttach": {
+              "description": "Whether to force attach the disk even if it's currently attached to another instance. This is only available for regional disks.",
+              "location": "query",
+              "type": "boolean"
+            },
+            "instance": {
+              "description": "The instance name for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/attachDisk",
+          "request": {
+            "$ref": "AttachedDisk"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified Instance resource. For more information, see Stopping or Deleting an Instance.",
+          "httpMethod": "DELETE",
+          "id": "compute.instances.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "deleteAccessConfig": {
+          "description": "Deletes an access config from an instance's network interface.",
+          "httpMethod": "POST",
+          "id": "compute.instances.deleteAccessConfig",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance",
+            "accessConfig",
+            "networkInterface"
+          ],
+          "parameters": {
+            "accessConfig": {
+              "description": "The name of the access config to delete.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "instance": {
+              "description": "The instance name for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "networkInterface": {
+              "description": "The name of the network interface.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/deleteAccessConfig",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "detachDisk": {
+          "description": "Detaches a disk from an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.detachDisk",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance",
+            "deviceName"
+          ],
+          "parameters": {
+            "deviceName": {
+              "description": "Disk device name to detach.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "instance": {
+              "description": "Instance name.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/detachDisk",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified Instance resource. Get a list of available instances by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.instances.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}",
+          "response": {
+            "$ref": "Instance"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getSerialPortOutput": {
+          "description": "Returns the specified instance's serial port output.",
+          "httpMethod": "GET",
+          "id": "compute.instances.getSerialPortOutput",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "port": {
+              "default": "1",
+              "description": "Specifies which COM or serial port to retrieve data from.",
+              "format": "int32",
+              "location": "query",
+              "maximum": "4",
+              "minimum": "1",
+              "type": "integer"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "start": {
+              "description": "Returns output starting from a specific byte position. Use this to page through output when the output is too large to return in a single request. For the initial request, leave this field unspecified. For subsequent calls, this field should be set to the next value returned in the previous call.",
+              "format": "int64",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/serialPort",
+          "response": {
+            "$ref": "SerialPortOutput"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an instance resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.instances.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "sourceInstanceTemplate": {
+              "description": "Specifies instance template to create the instance.\n\nThis field is optional. It can be a full or partial URL. For example, the following are all valid URLs to an instance template:  \n- https://www.googleapis.com/compute/v1/projects/project/global/global/instanceTemplates/instanceTemplate \n- projects/project/global/global/instanceTemplates/instanceTemplate \n- global/instancesTemplates/instanceTemplate",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances",
+          "request": {
+            "$ref": "Instance"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of instances contained within the specified zone.",
+          "httpMethod": "GET",
+          "id": "compute.instances.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances",
+          "response": {
+            "$ref": "InstanceList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listReferrers": {
+          "description": "Retrieves the list of referrers to instances contained within the specified zone.",
+          "httpMethod": "GET",
+          "id": "compute.instances.listReferrers",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "instance": {
+              "description": "Name of the target instance scoping this request, or '-' if the request should span over all instances in the container.",
+              "location": "path",
+              "pattern": "-|[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/referrers",
+          "response": {
+            "$ref": "InstanceListReferrers"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "reset": {
+          "description": "Performs a reset on the instance. For more information, see Resetting an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.reset",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/reset",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setDeletionProtection": {
+          "description": "Sets deletion protection on the instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setDeletionProtection",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "deletionProtection": {
+              "default": "true",
+              "description": "Whether the resource should be protected against deletion.",
+              "location": "query",
+              "type": "boolean"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{resource}/setDeletionProtection",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setDiskAutoDelete": {
+          "description": "Sets the auto-delete flag for a disk attached to an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setDiskAutoDelete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance",
+            "autoDelete",
+            "deviceName"
+          ],
+          "parameters": {
+            "autoDelete": {
+              "description": "Whether to auto-delete the disk when the instance is deleted.",
+              "location": "query",
+              "required": true,
+              "type": "boolean"
+            },
+            "deviceName": {
+              "description": "The device name of the disk to modify.",
+              "location": "query",
+              "pattern": "\\w[\\w.-]{0,254}",
+              "required": true,
+              "type": "string"
+            },
+            "instance": {
+              "description": "The instance name.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setDiskAutoDelete",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets labels on an instance. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setLabels",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setLabels",
+          "request": {
+            "$ref": "InstancesSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setMachineResources": {
+          "description": "Changes the number and/or type of accelerator for a stopped instance to the values specified in the request.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setMachineResources",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setMachineResources",
+          "request": {
+            "$ref": "InstancesSetMachineResourcesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setMachineType": {
+          "description": "Changes the machine type for a stopped instance to the machine type specified in the request.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setMachineType",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setMachineType",
+          "request": {
+            "$ref": "InstancesSetMachineTypeRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setMetadata": {
+          "description": "Sets metadata for the specified instance to the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setMetadata",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setMetadata",
+          "request": {
+            "$ref": "Metadata"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setMinCpuPlatform": {
+          "description": "Changes the minimum CPU platform that this instance should use. This method can only be called on a stopped instance. For more information, read Specifying a Minimum CPU Platform.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setMinCpuPlatform",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setMinCpuPlatform",
+          "request": {
+            "$ref": "InstancesSetMinCpuPlatformRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setScheduling": {
+          "description": "Sets an instance's scheduling options.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setScheduling",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Instance name.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setScheduling",
+          "request": {
+            "$ref": "Scheduling"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setServiceAccount": {
+          "description": "Sets the service account on the instance. For more information, read Changing the service account and access scopes for an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setServiceAccount",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance resource to start.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setServiceAccount",
+          "request": {
+            "$ref": "InstancesSetServiceAccountRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setTags": {
+          "description": "Sets tags for the specified instance to the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setTags",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setTags",
+          "request": {
+            "$ref": "Tags"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "start": {
+          "description": "Starts an instance that was stopped using the using the instances().stop method. For more information, see Restart an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.start",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance resource to start.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/start",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "startWithEncryptionKey": {
+          "description": "Starts an instance that was stopped using the using the instances().stop method. For more information, see Restart an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.startWithEncryptionKey",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance resource to start.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/startWithEncryptionKey",
+          "request": {
+            "$ref": "InstancesStartWithEncryptionKeyRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "stop": {
+          "description": "Stops a running instance, shutting it down cleanly, and allows you to restart the instance at a later time. Stopped instances do not incur VM usage charges while they are stopped. However, resources that the VM is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted. For more information, see Stopping an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.stop",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance resource to stop.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/stop",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.instances.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "updateAccessConfig": {
+          "description": "Updates the specified access config from an instance's network interface with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "POST",
+          "id": "compute.instances.updateAccessConfig",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance",
+            "networkInterface"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "The instance name for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "networkInterface": {
+              "description": "The name of the network interface where the access config is attached.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/updateAccessConfig",
+          "request": {
+            "$ref": "AccessConfig"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "updateNetworkInterface": {
+          "description": "Updates an instance's network interface. This method follows PATCH semantics.",
+          "httpMethod": "PATCH",
+          "id": "compute.instances.updateNetworkInterface",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance",
+            "networkInterface"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "The instance name for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "networkInterface": {
+              "description": "The name of the network interface to update.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/updateNetworkInterface",
+          "request": {
+            "$ref": "NetworkInterface"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InstancesSetLabelsRequest": {
-   "id": "InstancesSetLabelsRequest",
-   "type": "object",
-   "properties": {
-    "labelFingerprint": {
-     "type": "string",
-     "description": "Fingerprint of the previous set of labels for this resource, used to prevent conflicts. Provide the latest fingerprint value when making a request to add or change labels.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "additionalProperties": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstancesSetMachineResourcesRequest": {
-   "id": "InstancesSetMachineResourcesRequest",
-   "type": "object",
-   "properties": {
-    "guestAccelerators": {
-     "type": "array",
-     "description": "List of the type and count of accelerator cards attached to the instance.",
-     "items": {
-      "$ref": "AcceleratorConfig"
-     }
-    }
-   }
-  },
-  "InstancesSetMachineTypeRequest": {
-   "id": "InstancesSetMachineTypeRequest",
-   "type": "object",
-   "properties": {
-    "machineType": {
-     "type": "string",
-     "description": "Full or partial URL of the machine type resource. See Machine Types for a full list of machine types. For example: zones/us-central1-f/machineTypes/n1-standard-1"
-    }
-   }
-  },
-  "InstancesSetMinCpuPlatformRequest": {
-   "id": "InstancesSetMinCpuPlatformRequest",
-   "type": "object",
-   "properties": {
-    "minCpuPlatform": {
-     "type": "string",
-     "description": "Minimum cpu/platform this instance should be started at."
-    }
-   }
-  },
-  "InstancesSetServiceAccountRequest": {
-   "id": "InstancesSetServiceAccountRequest",
-   "type": "object",
-   "properties": {
-    "email": {
-     "type": "string",
-     "description": "Email address of the service account."
-    },
-    "scopes": {
-     "type": "array",
-     "description": "The list of scopes to be made available for this service account.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstancesStartWithEncryptionKeyRequest": {
-   "id": "InstancesStartWithEncryptionKeyRequest",
-   "type": "object",
-   "properties": {
-    "disks": {
-     "type": "array",
-     "description": "Array of disks associated with this instance that are protected with a customer-supplied encryption key.\n\nIn order to start the instance, the disk url and its corresponding key must be provided.\n\nIf the disk is not protected with a customer-supplied encryption key it should not be specified.",
-     "items": {
-      "$ref": "CustomerEncryptionKeyProtectedDisk"
-     }
-    }
-   }
-  },
-  "Interconnect": {
-   "id": "Interconnect",
-   "type": "object",
-   "description": "Represents an Interconnects resource. The Interconnects resource is a dedicated connection between Google's network and your on-premises network. For more information, see the  Dedicated overview page. (== resource_for v1.interconnects ==) (== resource_for beta.interconnects ==)",
-   "properties": {
-    "adminEnabled": {
-     "type": "boolean",
-     "description": "Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true."
-    },
-    "circuitInfos": {
-     "type": "array",
-     "description": "[Output Only] List of CircuitInfo objects, that describe the individual circuits in this LAG.",
-     "items": {
-      "$ref": "InterconnectCircuitInfo"
-     }
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "customerName": {
-     "type": "string",
-     "description": "Customer name, to put in the Letter of Authorization as the party authorized to request a crossconnect."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "expectedOutages": {
-     "type": "array",
-     "description": "[Output Only] List of outages expected for this Interconnect.",
-     "items": {
-      "$ref": "InterconnectOutageNotification"
-     }
-    },
-    "googleIpAddress": {
-     "type": "string",
-     "description": "[Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests."
-    },
-    "googleReferenceId": {
-     "type": "string",
-     "description": "[Output Only] Google reference ID; to be used when raising support tickets with Google or otherwise to debug backend connectivity issues."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
     },
     "interconnectAttachments": {
-     "type": "array",
-     "description": "[Output Only] A list of the URLs of all InterconnectAttachments configured to use this Interconnect.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "interconnectType": {
-     "type": "string",
-     "description": "Type of interconnect. Note that \"IT_PRIVATE\" has been deprecated in favor of \"DEDICATED\"",
-     "enum": [
-      "DEDICATED",
-      "IT_PRIVATE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#interconnect for interconnects.",
-     "default": "compute#interconnect"
-    },
-    "linkType": {
-     "type": "string",
-     "description": "Type of link requested. This field indicates speed of each of the links in the bundle, not the entire bundle. Only 10G per link is allowed for a dedicated interconnect. Options: Ethernet_10G_LR",
-     "enum": [
-      "LINK_TYPE_ETHERNET_10G_LR"
-     ],
-     "enumDescriptions": [
-      ""
-     ]
-    },
-    "location": {
-     "type": "string",
-     "description": "URL of the InterconnectLocation object that represents where this connection is to be provisioned."
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.interconnects.insert"
-      ]
-     }
-    },
-    "nocContactEmail": {
-     "type": "string",
-     "description": "Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Stackdriver logs alerting and Cloud Notifications."
-    },
-    "operationalStatus": {
-     "type": "string",
-     "description": "[Output Only] The current status of whether or not this Interconnect is functional.",
-     "enum": [
-      "OS_ACTIVE",
-      "OS_UNPROVISIONED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "peerIpAddress": {
-     "type": "string",
-     "description": "[Output Only] IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests."
-    },
-    "provisionedLinkCount": {
-     "type": "integer",
-     "description": "[Output Only] Number of links actually provisioned in this interconnect.",
-     "format": "int32"
-    },
-    "requestedLinkCount": {
-     "type": "integer",
-     "description": "Target number of physical links in the link bundle, as requested by the customer.",
-     "format": "int32"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "InterconnectAttachment": {
-   "id": "InterconnectAttachment",
-   "type": "object",
-   "description": "Represents an InterconnectAttachment (VLAN attachment) resource. For more information, see  Creating VLAN Attachments. (== resource_for beta.interconnectAttachments ==) (== resource_for v1.interconnectAttachments ==)",
-   "properties": {
-    "cloudRouterIpAddress": {
-     "type": "string",
-     "description": "[Output Only] IPv4 address + prefix length to be configured on Cloud Router Interface for this interconnect attachment."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "customerRouterIpAddress": {
-     "type": "string",
-     "description": "[Output Only] IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource."
-    },
-    "googleReferenceId": {
-     "type": "string",
-     "description": "[Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "interconnect": {
-     "type": "string",
-     "description": "URL of the underlying Interconnect object that this attachment's traffic will traverse through."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.",
-     "default": "compute#interconnectAttachment"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "operationalStatus": {
-     "type": "string",
-     "description": "[Output Only] The current status of whether or not this interconnect attachment is functional.",
-     "enum": [
-      "OS_ACTIVE",
-      "OS_UNPROVISIONED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "privateInterconnectInfo": {
-     "$ref": "InterconnectAttachmentPrivateInfo",
-     "description": "[Output Only] Information specific to an InterconnectAttachment. This property is populated if the interconnect that this is attached to is of type DEDICATED."
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the regional interconnect attachment resides."
-    },
-    "router": {
-     "type": "string",
-     "description": "URL of the cloud router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network & region within which the Cloud Router is configured."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "InterconnectAttachmentAggregatedList": {
-   "id": "InterconnectAttachmentAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of InterconnectAttachmentsScopedList resources.",
-     "additionalProperties": {
-      "$ref": "InterconnectAttachmentsScopedList",
-      "description": "Name of the scope containing this set of interconnect attachments."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#interconnectAttachmentAggregatedList for aggregated lists of interconnect attachments.",
-     "default": "compute#interconnectAttachmentAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InterconnectAttachmentList": {
-   "id": "InterconnectAttachmentList",
-   "type": "object",
-   "description": "Response to the list request, and contains a list of interconnect attachments.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InterconnectAttachment resources.",
-     "items": {
-      "$ref": "InterconnectAttachment"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#interconnectAttachmentList for lists of interconnect attachments.",
-     "default": "compute#interconnectAttachmentList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InterconnectAttachmentPrivateInfo": {
-   "id": "InterconnectAttachmentPrivateInfo",
-   "type": "object",
-   "description": "Information for an interconnect attachment when this belongs to an interconnect of type DEDICATED.",
-   "properties": {
-    "tag8021q": {
-     "type": "integer",
-     "description": "[Output Only] 802.1q encapsulation tag to be used for traffic between Google and the customer, going to and from this network and region.",
-     "format": "uint32"
-    }
-   }
-  },
-  "InterconnectAttachmentsScopedList": {
-   "id": "InterconnectAttachmentsScopedList",
-   "type": "object",
-   "properties": {
-    "interconnectAttachments": {
-     "type": "array",
-     "description": "List of interconnect attachments contained in this scope.",
-     "items": {
-      "$ref": "InterconnectAttachment"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of addresses when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InterconnectCircuitInfo": {
-   "id": "InterconnectCircuitInfo",
-   "type": "object",
-   "description": "Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only. Next id: 4",
-   "properties": {
-    "customerDemarcId": {
-     "type": "string",
-     "description": "Customer-side demarc ID for this circuit."
-    },
-    "googleCircuitId": {
-     "type": "string",
-     "description": "Google-assigned unique ID for this circuit. Assigned at circuit turn-up."
-    },
-    "googleDemarcId": {
-     "type": "string",
-     "description": "Google-side demarc ID for this circuit. Assigned at circuit turn-up and provided by Google to the customer in the LOA."
-    }
-   }
-  },
-  "InterconnectList": {
-   "id": "InterconnectList",
-   "type": "object",
-   "description": "Response to the list request, and contains a list of interconnects.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Interconnect resources.",
-     "items": {
-      "$ref": "Interconnect"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#interconnectList for lists of interconnects.",
-     "default": "compute#interconnectList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of interconnect attachments.",
+          "httpMethod": "GET",
+          "id": "compute.interconnectAttachments.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/interconnectAttachments",
+          "response": {
+            "$ref": "InterconnectAttachmentAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified interconnect attachment.",
+          "httpMethod": "DELETE",
+          "id": "compute.interconnectAttachments.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "interconnectAttachment"
+          ],
+          "parameters": {
+            "interconnectAttachment": {
+              "description": "Name of the interconnect attachment to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments/{interconnectAttachment}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified interconnect attachment.",
+          "httpMethod": "GET",
+          "id": "compute.interconnectAttachments.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "interconnectAttachment"
+          ],
+          "parameters": {
+            "interconnectAttachment": {
+              "description": "Name of the interconnect attachment to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments/{interconnectAttachment}",
+          "response": {
+            "$ref": "InterconnectAttachment"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an InterconnectAttachment in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.interconnectAttachments.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments",
+          "request": {
+            "$ref": "InterconnectAttachment"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of interconnect attachments contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.interconnectAttachments.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments",
+          "response": {
+            "$ref": "InterconnectAttachmentList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates the specified interconnect attachment with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.interconnectAttachments.patch",
+          "parameterOrder": [
+            "project",
+            "region",
+            "interconnectAttachment"
+          ],
+          "parameters": {
+            "interconnectAttachment": {
+              "description": "Name of the interconnect attachment to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments/{interconnectAttachment}",
+          "request": {
+            "$ref": "InterconnectAttachment"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on an InterconnectAttachment. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.interconnectAttachments.setLabels",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments/{resource}/setLabels",
+          "request": {
+            "$ref": "RegionSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.interconnectAttachments.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InterconnectLocation": {
-   "id": "InterconnectLocation",
-   "type": "object",
-   "description": "Represents an InterconnectLocations resource. The InterconnectLocations resource describes the locations where you can connect to Google's networks. For more information, see  Colocation Facilities.",
-   "properties": {
-    "address": {
-     "type": "string",
-     "description": "[Output Only] The postal address of the Point of Presence, each line in the address is separated by a newline character."
-    },
-    "availabilityZone": {
-     "type": "string",
-     "description": "[Output Only] Availability zone for this location. Within a metropolitan area (metro), maintenance will not be simultaneously scheduled in more than one availability zone. Example: \"zone1\" or \"zone2\"."
-    },
-    "city": {
-     "type": "string",
-     "description": "[Output Only] Metropolitan area designator that indicates which city an interconnect is located. For example: \"Chicago, IL\", \"Amsterdam, Netherlands\"."
-    },
-    "continent": {
-     "type": "string",
-     "description": "[Output Only] Continent for this location.",
-     "enum": [
-      "AFRICA",
-      "ASIA_PAC",
-      "C_AFRICA",
-      "C_ASIA_PAC",
-      "C_EUROPE",
-      "C_NORTH_AMERICA",
-      "C_SOUTH_AMERICA",
-      "EUROPE",
-      "NORTH_AMERICA",
-      "SOUTH_AMERICA"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] An optional description of the resource."
-    },
-    "facilityProvider": {
-     "type": "string",
-     "description": "[Output Only] The name of the provider for this facility (e.g., EQUINIX)."
-    },
-    "facilityProviderFacilityId": {
-     "type": "string",
-     "description": "[Output Only] A provider-assigned Identifier for this facility (e.g., Ashburn-DC1)."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#interconnectLocation for interconnect locations.",
-     "default": "compute#interconnectLocation"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource."
-    },
-    "peeringdbFacilityId": {
-     "type": "string",
-     "description": "[Output Only] The peeringdb identifier for this facility (corresponding with a netfac type in peeringdb)."
-    },
-    "regionInfos": {
-     "type": "array",
-     "description": "[Output Only] A list of InterconnectLocation.RegionInfo objects, that describe parameters pertaining to the relation between this InterconnectLocation and various Google Cloud regions.",
-     "items": {
-      "$ref": "InterconnectLocationRegionInfo"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "InterconnectLocationList": {
-   "id": "InterconnectLocationList",
-   "type": "object",
-   "description": "Response to the list request, and contains a list of interconnect locations.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InterconnectLocation resources.",
-     "items": {
-      "$ref": "InterconnectLocation"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#interconnectLocationList for lists of interconnect locations.",
-     "default": "compute#interconnectLocationList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "interconnectLocations": {
+      "methods": {
+        "get": {
+          "description": "Returns the details for the specified interconnect location. Get a list of available interconnect locations by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.interconnectLocations.get",
+          "parameterOrder": [
+            "project",
+            "interconnectLocation"
+          ],
+          "parameters": {
+            "interconnectLocation": {
+              "description": "Name of the interconnect location to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnectLocations/{interconnectLocation}",
+          "response": {
+            "$ref": "InterconnectLocation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of interconnect locations available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.interconnectLocations.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnectLocations",
+          "response": {
+            "$ref": "InterconnectLocationList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InterconnectLocationRegionInfo": {
-   "id": "InterconnectLocationRegionInfo",
-   "type": "object",
-   "description": "Information about any potential InterconnectAttachments between an Interconnect at a specific InterconnectLocation, and a specific Cloud Region.",
-   "properties": {
-    "expectedRttMs": {
-     "type": "string",
-     "description": "Expected round-trip time in milliseconds, from this InterconnectLocation to a VM in this region.",
-     "format": "int64"
-    },
-    "locationPresence": {
-     "type": "string",
-     "description": "Identifies the network presence of this location.",
-     "enum": [
-      "GLOBAL",
-      "LOCAL_REGION",
-      "LP_GLOBAL",
-      "LP_LOCAL_REGION"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "region": {
-     "type": "string",
-     "description": "URL for the region of this location."
-    }
-   }
-  },
-  "InterconnectOutageNotification": {
-   "id": "InterconnectOutageNotification",
-   "type": "object",
-   "description": "Description of a planned outage on this Interconnect. Next id: 9",
-   "properties": {
-    "affectedCircuits": {
-     "type": "array",
-     "description": "Iff issue_type is IT_PARTIAL_OUTAGE, a list of the Google-side circuit IDs that will be affected.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "description": {
-     "type": "string",
-     "description": "A description about the purpose of the outage."
-    },
-    "endTime": {
-     "type": "string",
-     "description": "Scheduled end time for the outage (milliseconds since Unix epoch).",
-     "format": "int64"
-    },
-    "issueType": {
-     "type": "string",
-     "description": "Form this outage is expected to take. Note that the \"IT_\" versions of this enum have been deprecated in favor of the unprefixed values.",
-     "enum": [
-      "IT_OUTAGE",
-      "IT_PARTIAL_OUTAGE",
-      "OUTAGE",
-      "PARTIAL_OUTAGE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "name": {
-     "type": "string",
-     "description": "Unique identifier for this outage notification."
-    },
-    "source": {
-     "type": "string",
-     "description": "The party that generated this notification. Note that \"NSRC_GOOGLE\" has been deprecated in favor of \"GOOGLE\"",
-     "enum": [
-      "GOOGLE",
-      "NSRC_GOOGLE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "startTime": {
-     "type": "string",
-     "description": "Scheduled start time for the outage (milliseconds since Unix epoch).",
-     "format": "int64"
-    },
-    "state": {
-     "type": "string",
-     "description": "State of this notification. Note that the \"NS_\" versions of this enum have been deprecated in favor of the unprefixed values.",
-     "enum": [
-      "ACTIVE",
-      "CANCELLED",
-      "NS_ACTIVE",
-      "NS_CANCELED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "License": {
-   "id": "License",
-   "type": "object",
-   "description": "A license resource.",
-   "properties": {
-    "chargesUseFee": {
-     "type": "boolean",
-     "description": "[Output Only] Deprecated. This field no longer reflects whether a license charges a usage fee."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional textual description of the resource; provided by the client when the resource is created."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#license for licenses.",
-     "default": "compute#license"
-    },
-    "licenseCode": {
-     "type": "string",
-     "description": "[Output Only] The unique code used to attach this license to images, snapshots, and disks.",
-     "format": "uint64"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource. The name is 1-63 characters long and complies with RFC1035.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.images.insert"
-      ]
-     }
-    },
-    "resourceRequirements": {
-     "$ref": "LicenseResourceRequirements"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "transferable": {
-     "type": "boolean",
-     "description": "If false, licenses will not be copied from the source resource when creating an image from a disk, disk from snapshot, or snapshot from disk."
-    }
-   }
-  },
-  "LicenseCode": {
-   "id": "LicenseCode",
-   "type": "object",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] Description of this License Code."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#licenseCode for licenses.",
-     "default": "compute#licenseCode"
-    },
-    "licenseAlias": {
-     "type": "array",
-     "description": "[Output Only] URL and description aliases of Licenses with the same License Code.",
-     "items": {
-      "$ref": "LicenseCodeLicenseAlias"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource. The name is 1-20 characters long and must be a valid 64 bit integer.",
-     "pattern": "[0-9]{0,20}?",
-     "annotations": {
-      "required": [
-       "compute.licenses.insert"
-      ]
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "state": {
-     "type": "string",
-     "description": "[Output Only] Current state of this License Code.",
-     "enum": [
-      "DISABLED",
-      "ENABLED",
-      "RESTRICTED",
-      "STATE_UNSPECIFIED",
-      "TERMINATED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "transferable": {
-     "type": "boolean",
-     "description": "[Output Only] If true, the license will remain attached when creating images or snapshots from disks. Otherwise, the license is not transferred."
-    }
-   }
-  },
-  "LicenseCodeLicenseAlias": {
-   "id": "LicenseCodeLicenseAlias",
-   "type": "object",
-   "properties": {
-    "description": {
-     "type": "string",
-     "description": "[Output Only] Description of this License Code."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] URL of license corresponding to this License Code."
-    }
-   }
-  },
-  "LicenseResourceRequirements": {
-   "id": "LicenseResourceRequirements",
-   "type": "object",
-   "properties": {
-    "minGuestCpuCount": {
-     "type": "integer",
-     "description": "Minimum number of guest cpus required to use the Instance. Enforced at Instance creation and Instance start.",
-     "format": "int32"
-    },
-    "minMemoryMb": {
-     "type": "integer",
-     "description": "Minimum memory required to use the Instance. Enforced at Instance creation and Instance start.",
-     "format": "int32"
-    }
-   }
-  },
-  "LicensesListResponse": {
-   "id": "LicensesListResponse",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of License resources.",
-     "items": {
-      "$ref": "License"
-     }
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "interconnects": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified interconnect.",
+          "httpMethod": "DELETE",
+          "id": "compute.interconnects.delete",
+          "parameterOrder": [
+            "project",
+            "interconnect"
+          ],
+          "parameters": {
+            "interconnect": {
+              "description": "Name of the interconnect to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects/{interconnect}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified interconnect. Get a list of available interconnects by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.interconnects.get",
+          "parameterOrder": [
+            "project",
+            "interconnect"
+          ],
+          "parameters": {
+            "interconnect": {
+              "description": "Name of the interconnect to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects/{interconnect}",
+          "response": {
+            "$ref": "Interconnect"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a Interconnect in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.interconnects.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects",
+          "request": {
+            "$ref": "Interconnect"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of interconnect available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.interconnects.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects",
+          "response": {
+            "$ref": "InterconnectList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates the specified interconnect with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.interconnects.patch",
+          "parameterOrder": [
+            "project",
+            "interconnect"
+          ],
+          "parameters": {
+            "interconnect": {
+              "description": "Name of the interconnect to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects/{interconnect}",
+          "request": {
+            "$ref": "Interconnect"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on an Interconnect. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.interconnects.setLabels",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects/{resource}/setLabels",
+          "request": {
+            "$ref": "GlobalSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.interconnects.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "LogConfig": {
-   "id": "LogConfig",
-   "type": "object",
-   "description": "Specifies what kind of log the caller must write",
-   "properties": {
-    "cloudAudit": {
-     "$ref": "LogConfigCloudAuditOptions",
-     "description": "Cloud audit options."
-    },
-    "counter": {
-     "$ref": "LogConfigCounterOptions",
-     "description": "Counter options."
-    },
-    "dataAccess": {
-     "$ref": "LogConfigDataAccessOptions",
-     "description": "Data access options."
-    }
-   }
-  },
-  "LogConfigCloudAuditOptions": {
-   "id": "LogConfigCloudAuditOptions",
-   "type": "object",
-   "description": "Write a Cloud Audit log",
-   "properties": {
-    "authorizationLoggingOptions": {
-     "$ref": "AuthorizationLoggingOptions",
-     "description": "Information used by the Cloud Audit Logging pipeline."
-    },
-    "logName": {
-     "type": "string",
-     "description": "The log_name to populate in the Cloud Audit Record.",
-     "enum": [
-      "ADMIN_ACTIVITY",
-      "DATA_ACCESS",
-      "UNSPECIFIED_LOG_NAME"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "LogConfigCounterOptions": {
-   "id": "LogConfigCounterOptions",
-   "type": "object",
-   "description": "Increment a streamz counter with the specified metric and field names.\n\nMetric names should start with a '/', generally be lowercase-only, and end in \"_count\". Field names should not contain an initial slash. The actual exported metric names will have \"/iam/policy\" prepended.\n\nField names correspond to IAM request parameters and field values are their respective values.\n\nAt present the only supported field names are - \"iam_principal\", corresponding to IAMContext.principal; - \"\" (empty string), resulting in one aggretated counter with no field.\n\nExamples: counter { metric: \"/debug_access_count\" field: \"iam_principal\" } ==\u003e increment counter /iam/policy/backend_debug_access_count {iam_principal=[value of IAMContext.principal]}\n\nAt this time we do not support: * multiple field names (though this may be supported in the future) * decrementing the counter * incrementing it by anything other than 1",
-   "properties": {
-    "field": {
-     "type": "string",
-     "description": "The field value to attribute."
-    },
-    "metric": {
-     "type": "string",
-     "description": "The metric to update."
-    }
-   }
-  },
-  "LogConfigDataAccessOptions": {
-   "id": "LogConfigDataAccessOptions",
-   "type": "object",
-   "description": "Write a Data Access (Gin) log",
-   "properties": {
-    "logMode": {
-     "type": "string",
-     "description": "Whether Gin logging should happen in a fail-closed manner at the caller. This is relevant only in the LocalIAM implementation, for now.",
-     "enum": [
-      "LOG_FAIL_CLOSED",
-      "LOG_MODE_UNSPECIFIED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "MachineType": {
-   "id": "MachineType",
-   "type": "object",
-   "description": "A Machine Type resource. (== resource_for v1.machineTypes ==) (== resource_for beta.machineTypes ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "deprecated": {
-     "$ref": "DeprecationStatus",
-     "description": "[Output Only] The deprecation status associated with this machine type."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] An optional textual description of the resource."
-    },
-    "guestCpus": {
-     "type": "integer",
-     "description": "[Output Only] The number of virtual CPUs that are available to the instance.",
-     "format": "int32"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "isSharedCpu": {
-     "type": "boolean",
-     "description": "[Output Only] Whether this machine type has a shared CPU. See Shared-core machine types for more information."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The type of the resource. Always compute#machineType for machine types.",
-     "default": "compute#machineType"
-    },
-    "maximumPersistentDisks": {
-     "type": "integer",
-     "description": "[Output Only] Maximum persistent disks allowed.",
-     "format": "int32"
-    },
-    "maximumPersistentDisksSizeGb": {
-     "type": "string",
-     "description": "[Output Only] Maximum total persistent disks size (GB) allowed.",
-     "format": "int64"
-    },
-    "memoryMb": {
-     "type": "integer",
-     "description": "[Output Only] The amount of physical memory available to the instance, defined in MB.",
-     "format": "int32"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] The name of the zone where the machine type resides, such as us-central1-a."
-    }
-   }
-  },
-  "MachineTypeAggregatedList": {
-   "id": "MachineTypeAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of MachineTypesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "MachineTypesScopedList",
-      "description": "[Output Only] Name of the scope containing this set of machine types."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#machineTypeAggregatedList for aggregated lists of machine types.",
-     "default": "compute#machineTypeAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "licenseCodes": {
+      "methods": {
+        "get": {
+          "description": "Return a specified license code. License codes are mirrored across all projects that have permissions to read the License Code.",
+          "httpMethod": "GET",
+          "id": "compute.licenseCodes.get",
+          "parameterOrder": [
+            "project",
+            "licenseCode"
+          ],
+          "parameters": {
+            "licenseCode": {
+              "description": "Number corresponding to the License code resource to return.",
+              "location": "path",
+              "pattern": "[0-9]{0,61}?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/licenseCodes/{licenseCode}",
+          "response": {
+            "$ref": "LicenseCode"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "MachineTypeList": {
-   "id": "MachineTypeList",
-   "type": "object",
-   "description": "Contains a list of machine types.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of MachineType resources.",
-     "items": {
-      "$ref": "MachineType"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#machineTypeList for lists of machine types.",
-     "default": "compute#machineTypeList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "licenses": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified license.",
+          "httpMethod": "DELETE",
+          "id": "compute.licenses.delete",
+          "parameterOrder": [
+            "project",
+            "license"
+          ],
+          "parameters": {
+            "license": {
+              "description": "Name of the license resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/licenses/{license}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified License resource.",
+          "httpMethod": "GET",
+          "id": "compute.licenses.get",
+          "parameterOrder": [
+            "project",
+            "license"
+          ],
+          "parameters": {
+            "license": {
+              "description": "Name of the License resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/licenses/{license}",
+          "response": {
+            "$ref": "License"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Create a License resource in the specified project.",
+          "httpMethod": "POST",
+          "id": "compute.licenses.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/licenses",
+          "request": {
+            "$ref": "License"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/devstorage.full_control",
+            "https://www.googleapis.com/auth/devstorage.read_only",
+            "https://www.googleapis.com/auth/devstorage.read_write"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of licenses available in the specified project. This method does not get any licenses that belong to other projects, including licenses attached to publicly-available images, like Debian 8. If you want to get a list of publicly-available licenses, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.",
+          "httpMethod": "GET",
+          "id": "compute.licenses.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/licenses",
+          "response": {
+            "$ref": "LicensesListResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "MachineTypesScopedList": {
-   "id": "MachineTypesScopedList",
-   "type": "object",
-   "properties": {
+    },
     "machineTypes": {
-     "type": "array",
-     "description": "[Output Only] List of machine types contained in this scope.",
-     "items": {
-      "$ref": "MachineType"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] An informational warning that appears when the machine types list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "ManagedInstance": {
-   "id": "ManagedInstance",
-   "type": "object",
-   "properties": {
-    "currentAction": {
-     "type": "string",
-     "description": "[Output Only] The current action that the managed instance group has scheduled for the instance. Possible values: \n- NONE The instance is running, and the managed instance group does not have any scheduled actions for this instance. \n- CREATING The managed instance group is creating this instance. If the group fails to create this instance, it will try again until it is successful. \n- CREATING_WITHOUT_RETRIES The managed instance group is attempting to create this instance only once. If the group fails to create this instance, it does not try again and the group's targetSize value is decreased instead. \n- RECREATING The managed instance group is recreating this instance. \n- DELETING The managed instance group is permanently deleting this instance. \n- ABANDONING The managed instance group is abandoning this instance. The instance will be removed from the instance group and from any target pools that are associated with this group. \n- RESTARTING The managed instance group is restarting the instance. \n- REFRESHING The managed instance group is applying configuration changes to the instance without stopping it. For example, the group can update the target pool list for an instance without stopping that instance.",
-     "enum": [
-      "ABANDONING",
-      "CREATING",
-      "CREATING_WITHOUT_RETRIES",
-      "DELETING",
-      "NONE",
-      "RECREATING",
-      "REFRESHING",
-      "RESTARTING",
-      "VERIFYING"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output only] The unique identifier for this resource. This field is empty when instance does not exist.",
-     "format": "uint64"
-    },
-    "instance": {
-     "type": "string",
-     "description": "[Output Only] The URL of the instance. The URL can exist even if the instance has not yet been created."
-    },
-    "instanceStatus": {
-     "type": "string",
-     "description": "[Output Only] The status of the instance. This field is empty when the instance does not exist.",
-     "enum": [
-      "PROVISIONING",
-      "RUNNING",
-      "STAGING",
-      "STOPPED",
-      "STOPPING",
-      "SUSPENDED",
-      "SUSPENDING",
-      "TERMINATED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "lastAttempt": {
-     "$ref": "ManagedInstanceLastAttempt",
-     "description": "[Output Only] Information about the last attempt to create or delete the instance."
-    },
-    "version": {
-     "$ref": "ManagedInstanceVersion",
-     "description": "[Output Only] Intended version of this instance."
-    }
-   }
-  },
-  "ManagedInstanceLastAttempt": {
-   "id": "ManagedInstanceLastAttempt",
-   "type": "object",
-   "properties": {
-    "errors": {
-     "type": "object",
-     "description": "[Output Only] Encountered errors during the last attempt to create or delete the instance.",
-     "properties": {
-      "errors": {
-       "type": "array",
-       "description": "[Output Only] The array of errors encountered while processing this operation.",
-       "items": {
-        "type": "object",
-        "properties": {
-         "code": {
-          "type": "string",
-          "description": "[Output Only] The error type identifier for this error."
-         },
-         "location": {
-          "type": "string",
-          "description": "[Output Only] Indicates the field in the request that caused the error. This property is optional."
-         },
-         "message": {
-          "type": "string",
-          "description": "[Output Only] An optional, human-readable error message."
-         }
-        }
-       }
-      }
-     }
-    }
-   }
-  },
-  "ManagedInstanceVersion": {
-   "id": "ManagedInstanceVersion",
-   "type": "object",
-   "properties": {
-    "instanceTemplate": {
-     "type": "string",
-     "description": "[Output Only] The intended template of the instance. This field is empty when current_action is one of { DELETING, ABANDONING }."
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the version."
-    }
-   }
-  },
-  "Metadata": {
-   "id": "Metadata",
-   "type": "object",
-   "description": "A metadata key/value entry.",
-   "properties": {
-    "fingerprint": {
-     "type": "string",
-     "description": "Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.",
-     "format": "byte"
-    },
-    "items": {
-     "type": "array",
-     "description": "Array of key/value pairs. The total size of all keys and values must be less than 512 KB.",
-     "items": {
-      "type": "object",
-      "properties": {
-       "key": {
-        "type": "string",
-        "description": "Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.",
-        "pattern": "[a-zA-Z0-9-_]{1,128}",
-        "annotations": {
-         "required": [
-          "compute.instances.insert",
-          "compute.projects.setCommonInstanceMetadata"
-         ]
-        }
-       },
-       "value": {
-        "type": "string",
-        "description": "Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).",
-        "annotations": {
-         "required": [
-          "compute.instances.insert",
-          "compute.projects.setCommonInstanceMetadata"
-         ]
-        }
-       }
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of machine types.",
+          "httpMethod": "GET",
+          "id": "compute.machineTypes.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/machineTypes",
+          "response": {
+            "$ref": "MachineTypeAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified machine type. Get a list of available machine types by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.machineTypes.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "machineType"
+          ],
+          "parameters": {
+            "machineType": {
+              "description": "Name of the machine type to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/machineTypes/{machineType}",
+          "response": {
+            "$ref": "MachineType"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of machine types available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.machineTypes.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/machineTypes",
+          "response": {
+            "$ref": "MachineTypeList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#metadata for metadata.",
-     "default": "compute#metadata"
-    }
-   }
-  },
-  "NamedPort": {
-   "id": "NamedPort",
-   "type": "object",
-   "description": "The named port. For example: .",
-   "properties": {
-    "name": {
-     "type": "string",
-     "description": "The name for this named port. The name must be 1-63 characters long, and comply with RFC1035."
-    },
-    "port": {
-     "type": "integer",
-     "description": "The port number, which can be a value between 1 and 65535.",
-     "format": "int32"
-    }
-   }
-  },
-  "Network": {
-   "id": "Network",
-   "type": "object",
-   "description": "Represents a Network resource. Read Networks and Firewalls for more information. (== resource_for v1.networks ==) (== resource_for beta.networks ==)",
-   "properties": {
-    "IPv4Range": {
-     "type": "string",
-     "description": "The range of internal addresses that are legal on this network. This range is a CIDR specification, for example: 192.168.0.0/16. Provided by the client when the network is created.",
-     "pattern": "[0-9]{1,3}(?:\\.[0-9]{1,3}){3}/[0-9]{1,2}"
-    },
-    "autoCreateSubnetworks": {
-     "type": "boolean",
-     "description": "When set to true, the network is created in \"auto subnet mode\". When set to false, the network is in \"custom subnet mode\".\n\nIn \"auto subnet mode\", a newly created network is assigned the default CIDR of 10.128.0.0/9 and it automatically creates one subnetwork per region."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "gatewayIPv4": {
-     "type": "string",
-     "description": "A gateway address for default routing to other networks. This value is read only and is selected by the Google Compute Engine, typically as the first usable address in the IPv4Range.",
-     "pattern": "[0-9]{1,3}(?:\\.[0-9]{1,3}){3}"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#network for networks.",
-     "default": "compute#network"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.networks.insert"
-      ]
-     }
-    },
-    "peerings": {
-     "type": "array",
-     "description": "[Output Only] List of network peerings for the resource.",
-     "items": {
-      "$ref": "NetworkPeering"
-     }
-    },
-    "routingConfig": {
-     "$ref": "NetworkRoutingConfig",
-     "description": "The network-level routing configuration for this network. Used by Cloud Router to determine what type of network-wide routing behavior to enforce."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
     },
-    "subnetworks": {
-     "type": "array",
-     "description": "[Output Only] Server-defined fully-qualified URLs for all subnetworks in this network.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "NetworkInterface": {
-   "id": "NetworkInterface",
-   "type": "object",
-   "description": "A network interface resource attached to an instance.",
-   "properties": {
-    "accessConfigs": {
-     "type": "array",
-     "description": "An array of configurations for this interface. Currently, only one access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this instance will have no external internet access.",
-     "items": {
-      "$ref": "AccessConfig"
-     }
-    },
-    "aliasIpRanges": {
-     "type": "array",
-     "description": "An array of alias IP ranges for this network interface. Can only be specified for network interfaces on subnet-mode networks.",
-     "items": {
-      "$ref": "AliasIpRange"
-     }
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "Fingerprint hash of contents stored in this network interface. This field will be ignored when inserting an Instance or adding a NetworkInterface. An up-to-date fingerprint must be provided in order to update the NetworkInterface.",
-     "format": "byte"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#networkInterface for network interfaces.",
-     "default": "compute#networkInterface"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] The name of the network interface, generated by the server. For network devices, these are eth0, eth1, etc."
-    },
-    "network": {
-     "type": "string",
-     "description": "URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.\n\nThis field is optional when creating a firewall rule. If not specified when creating a firewall rule, the default network global/networks/default is used.\n\nIf you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/project/global/networks/network \n- projects/project/global/networks/network \n- global/networks/default"
-    },
-    "networkIP": {
-     "type": "string",
-     "description": "An IPv4 internal network address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system."
-    },
-    "subnetwork": {
-     "type": "string",
-     "description": "The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not provide this property. If the network is in auto subnet mode, providing the subnetwork is optional. If the network is in custom subnet mode, then this field should be specified. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork \n- regions/region/subnetworks/subnetwork"
-    }
-   }
-  },
-  "NetworkList": {
-   "id": "NetworkList",
-   "type": "object",
-   "description": "Contains a list of networks.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Network resources.",
-     "items": {
-      "$ref": "Network"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#networkList for lists of networks.",
-     "default": "compute#networkList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "NetworkPeering": {
-   "id": "NetworkPeering",
-   "type": "object",
-   "description": "A network peering attached to a network resource. The message includes the peering name, peer network, peering state, and a flag indicating whether Google Compute Engine should automatically create routes for the peering.",
-   "properties": {
-    "autoCreateRoutes": {
-     "type": "boolean",
-     "description": "Whether full mesh connectivity is created and managed automatically. When it is set to true, Google Compute Engine will automatically create and manage the routes between two networks when the state is ACTIVE. Otherwise, user needs to create routes manually to route packets to peer network."
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of this peering. Provided by the client when the peering is created. The name must comply with RFC1035. Specifically, the name must be 1-63 characters long and match regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all the following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash."
-    },
-    "network": {
-     "type": "string",
-     "description": "The URL of the peer network. It can be either full URL or partial URL. The peer network may belong to a different project. If the partial URL does not contain project, it is assumed that the peer network is in the same project as the current network."
-    },
-    "state": {
-     "type": "string",
-     "description": "[Output Only] State for the peering.",
-     "enum": [
-      "ACTIVE",
-      "INACTIVE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "stateDetails": {
-     "type": "string",
-     "description": "[Output Only] Details about the current state of the peering."
-    }
-   }
-  },
-  "NetworkRoutingConfig": {
-   "id": "NetworkRoutingConfig",
-   "type": "object",
-   "description": "A routing configuration attached to a network resource. The message includes the list of routers associated with the network, and a flag indicating the type of routing behavior to enforce network-wide.",
-   "properties": {
-    "routingMode": {
-     "type": "string",
-     "description": "The network-wide routing mode to use. If set to REGIONAL, this network's cloud routers will only advertise routes with subnetworks of this network in the same region as the router. If set to GLOBAL, this network's cloud routers will advertise routes with all subnetworks of this network, across regions.",
-     "enum": [
-      "GLOBAL",
-      "REGIONAL"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "NetworksAddPeeringRequest": {
-   "id": "NetworksAddPeeringRequest",
-   "type": "object",
-   "properties": {
-    "autoCreateRoutes": {
-     "type": "boolean",
-     "description": "Whether Google Compute Engine manages the routes automatically."
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the peering, which should conform to RFC1035.",
-     "annotations": {
-      "required": [
-       "compute.networks.addPeering"
-      ]
-     }
-    },
-    "peerNetwork": {
-     "type": "string",
-     "description": "URL of the peer network. It can be either full URL or partial URL. The peer network may belong to a different project. If the partial URL does not contain project, it is assumed that the peer network is in the same project as the current network."
-    }
-   }
-  },
-  "NetworksRemovePeeringRequest": {
-   "id": "NetworksRemovePeeringRequest",
-   "type": "object",
-   "properties": {
-    "name": {
-     "type": "string",
-     "description": "Name of the peering, which should conform to RFC1035."
-    }
-   }
-  },
-  "Operation": {
-   "id": "Operation",
-   "type": "object",
-   "description": "An Operation resource, used to manage asynchronous API requests. (== resource_for v1.globalOperations ==) (== resource_for beta.globalOperations ==) (== resource_for v1.regionOperations ==) (== resource_for beta.regionOperations ==) (== resource_for v1.zoneOperations ==) (== resource_for beta.zoneOperations ==)",
-   "properties": {
-    "clientOperationId": {
-     "type": "string",
-     "description": "[Output Only] Reserved for future use."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Deprecated] This field is deprecated."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] A textual description of the operation, which is set when the operation is created."
-    },
-    "endTime": {
-     "type": "string",
-     "description": "[Output Only] The time that this operation was completed. This value is in RFC3339 text format."
-    },
-    "error": {
-     "type": "object",
-     "description": "[Output Only] If errors are generated during processing of the operation, this field will be populated.",
-     "properties": {
-      "errors": {
-       "type": "array",
-       "description": "[Output Only] The array of errors encountered while processing this operation.",
-       "items": {
-        "type": "object",
-        "properties": {
-         "code": {
-          "type": "string",
-          "description": "[Output Only] The error type identifier for this error."
-         },
-         "location": {
-          "type": "string",
-          "description": "[Output Only] Indicates the field in the request that caused the error. This property is optional."
-         },
-         "message": {
-          "type": "string",
-          "description": "[Output Only] An optional, human-readable error message."
-         }
-        }
-       }
+    "networks": {
+      "methods": {
+        "addPeering": {
+          "description": "Adds a peering to the specified network.",
+          "httpMethod": "POST",
+          "id": "compute.networks.addPeering",
+          "parameterOrder": [
+            "project",
+            "network"
+          ],
+          "parameters": {
+            "network": {
+              "description": "Name of the network resource to add peering to.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{network}/addPeering",
+          "request": {
+            "$ref": "NetworksAddPeeringRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified network.",
+          "httpMethod": "DELETE",
+          "id": "compute.networks.delete",
+          "parameterOrder": [
+            "project",
+            "network"
+          ],
+          "parameters": {
+            "network": {
+              "description": "Name of the network to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{network}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified network. Get a list of available networks by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.networks.get",
+          "parameterOrder": [
+            "project",
+            "network"
+          ],
+          "parameters": {
+            "network": {
+              "description": "Name of the network to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{network}",
+          "response": {
+            "$ref": "Network"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a network in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.networks.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks",
+          "request": {
+            "$ref": "Network"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of networks available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.networks.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks",
+          "response": {
+            "$ref": "NetworkList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Patches the specified network with the data included in the request. Only the following fields can be modified: routingConfig.routingMode.",
+          "httpMethod": "PATCH",
+          "id": "compute.networks.patch",
+          "parameterOrder": [
+            "project",
+            "network"
+          ],
+          "parameters": {
+            "network": {
+              "description": "Name of the network to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{network}",
+          "request": {
+            "$ref": "Network"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "removePeering": {
+          "description": "Removes a peering from the specified network.",
+          "httpMethod": "POST",
+          "id": "compute.networks.removePeering",
+          "parameterOrder": [
+            "project",
+            "network"
+          ],
+          "parameters": {
+            "network": {
+              "description": "Name of the network resource to remove peering from.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{network}/removePeering",
+          "request": {
+            "$ref": "NetworksRemovePeeringRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "switchToCustomMode": {
+          "description": "Switches the network mode from auto subnet mode to custom subnet mode.",
+          "httpMethod": "POST",
+          "id": "compute.networks.switchToCustomMode",
+          "parameterOrder": [
+            "project",
+            "network"
+          ],
+          "parameters": {
+            "network": {
+              "description": "Name of the network to be updated.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{network}/switchToCustomMode",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.networks.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    },
-    "httpErrorMessage": {
-     "type": "string",
-     "description": "[Output Only] If the operation fails, this field contains the HTTP error message that was returned, such as NOT FOUND."
-    },
-    "httpErrorStatusCode": {
-     "type": "integer",
-     "description": "[Output Only] If the operation fails, this field contains the HTTP error status code that was returned. For example, a 404 means the resource was not found.",
-     "format": "int32"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "insertTime": {
-     "type": "string",
-     "description": "[Output Only] The time that this operation was requested. This value is in RFC3339 text format."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#operation for Operation resources.",
-     "default": "compute#operation"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource."
-    },
-    "operationType": {
-     "type": "string",
-     "description": "[Output Only] The type of operation, such as insert, update, or delete, and so on."
-    },
-    "progress": {
-     "type": "integer",
-     "description": "[Output Only] An optional progress indicator that ranges from 0 to 100. There is no requirement that this be linear or support any granularity of operations. This should not be used to guess when the operation will be complete. This number should monotonically increase as the operation progresses.",
-     "format": "int32"
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] The URL of the region where the operation resides. Only available when performing regional operations."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "startTime": {
-     "type": "string",
-     "description": "[Output Only] The time that this operation was started by the server. This value is in RFC3339 text format."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the operation, which can be one of the following: PENDING, RUNNING, or DONE.",
-     "enum": [
-      "DONE",
-      "PENDING",
-      "RUNNING"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "statusMessage": {
-     "type": "string",
-     "description": "[Output Only] An optional textual description of the current status of the operation."
-    },
-    "targetId": {
-     "type": "string",
-     "description": "[Output Only] The unique target ID, which identifies a specific incarnation of the target resource.",
-     "format": "uint64"
-    },
-    "targetLink": {
-     "type": "string",
-     "description": "[Output Only] The URL of the resource that the operation modifies. For operations related to creating a snapshot, this points to the persistent disk that the snapshot was created from."
-    },
-    "user": {
-     "type": "string",
-     "description": "[Output Only] User who requested the operation, for example: user@example.com."
-    },
-    "warnings": {
-     "type": "array",
-     "description": "[Output Only] If warning messages are generated during processing of the operation, this field will be populated.",
-     "items": {
-      "type": "object",
-      "properties": {
-       "code": {
-        "type": "string",
-        "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-        "enum": [
-         "CLEANUP_FAILED",
-         "DEPRECATED_RESOURCE_USED",
-         "DEPRECATED_TYPE_USED",
-         "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-         "EXPERIMENTAL_TYPE_USED",
-         "EXTERNAL_API_WARNING",
-         "FIELD_VALUE_OVERRIDEN",
-         "INJECTED_KERNELS_DEPRECATED",
-         "MISSING_TYPE_DEPENDENCY",
-         "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-         "NEXT_HOP_CANNOT_IP_FORWARD",
-         "NEXT_HOP_INSTANCE_NOT_FOUND",
-         "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-         "NEXT_HOP_NOT_RUNNING",
-         "NOT_CRITICAL_ERROR",
-         "NO_RESULTS_ON_PAGE",
-         "REQUIRED_TOS_AGREEMENT",
-         "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-         "RESOURCE_NOT_DELETED",
-         "SCHEMA_VALIDATION_IGNORED",
-         "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-         "UNDECLARED_PROPERTIES",
-         "UNREACHABLE"
-        ],
-        "enumDescriptions": [
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         ""
-        ]
-       },
-       "data": {
-        "type": "array",
-        "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-        "items": {
-         "type": "object",
-         "properties": {
-          "key": {
-           "type": "string",
-           "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-          },
-          "value": {
-           "type": "string",
-           "description": "[Output Only] A warning data value corresponding to the key."
-          }
-         }
-        }
-       },
-       "message": {
-        "type": "string",
-        "description": "[Output Only] A human-readable description of the warning code."
-       }
+    },
+    "projects": {
+      "methods": {
+        "disableXpnHost": {
+          "description": "Disable this project as a shared VPC host project.",
+          "httpMethod": "POST",
+          "id": "compute.projects.disableXpnHost",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/disableXpnHost",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "disableXpnResource": {
+          "description": "Disable a serivce resource (a.k.a service project) associated with this host project.",
+          "httpMethod": "POST",
+          "id": "compute.projects.disableXpnResource",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/disableXpnResource",
+          "request": {
+            "$ref": "ProjectsDisableXpnResourceRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "enableXpnHost": {
+          "description": "Enable this project as a shared VPC host project.",
+          "httpMethod": "POST",
+          "id": "compute.projects.enableXpnHost",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/enableXpnHost",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "enableXpnResource": {
+          "description": "Enable service resource (a.k.a service project) for a host project, so that subnets in the host project can be used by instances in the service project.",
+          "httpMethod": "POST",
+          "id": "compute.projects.enableXpnResource",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/enableXpnResource",
+          "request": {
+            "$ref": "ProjectsEnableXpnResourceRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified Project resource.",
+          "httpMethod": "GET",
+          "id": "compute.projects.get",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}",
+          "response": {
+            "$ref": "Project"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getXpnHost": {
+          "description": "Get the shared VPC host project that this project links to. May be empty if no link exists.",
+          "httpMethod": "GET",
+          "id": "compute.projects.getXpnHost",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/getXpnHost",
+          "response": {
+            "$ref": "Project"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "getXpnResources": {
+          "description": "Get service resources (a.k.a service project) associated with this host project.",
+          "httpMethod": "GET",
+          "id": "compute.projects.getXpnResources",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "order_by": {
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/getXpnResources",
+          "response": {
+            "$ref": "ProjectsGetXpnResources"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "listXpnHosts": {
+          "description": "List all shared VPC host projects visible to the user in an organization.",
+          "httpMethod": "POST",
+          "id": "compute.projects.listXpnHosts",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "order_by": {
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/listXpnHosts",
+          "request": {
+            "$ref": "ProjectsListXpnHostsRequest"
+          },
+          "response": {
+            "$ref": "XpnHostList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "moveDisk": {
+          "description": "Moves a persistent disk from one zone to another.",
+          "httpMethod": "POST",
+          "id": "compute.projects.moveDisk",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/moveDisk",
+          "request": {
+            "$ref": "DiskMoveRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "moveInstance": {
+          "description": "Moves an instance and its attached persistent disks from one zone to another.",
+          "httpMethod": "POST",
+          "id": "compute.projects.moveInstance",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/moveInstance",
+          "request": {
+            "$ref": "InstanceMoveRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setCommonInstanceMetadata": {
+          "description": "Sets metadata common to all instances within the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.projects.setCommonInstanceMetadata",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/setCommonInstanceMetadata",
+          "request": {
+            "$ref": "Metadata"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setDefaultNetworkTier": {
+          "description": "Sets the default network tier of the project. The default network tier is used when an address/forwardingRule/instance is created without specifying the network tier field.",
+          "httpMethod": "POST",
+          "id": "compute.projects.setDefaultNetworkTier",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/setDefaultNetworkTier",
+          "request": {
+            "$ref": "ProjectsSetDefaultNetworkTierRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setUsageExportBucket": {
+          "description": "Enables the usage export feature and sets the usage export bucket where reports are stored. If you provide an empty request body using this method, the usage export feature will be disabled.",
+          "httpMethod": "POST",
+          "id": "compute.projects.setUsageExportBucket",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/setUsageExportBucket",
+          "request": {
+            "$ref": "UsageExportLocation"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/devstorage.full_control",
+            "https://www.googleapis.com/auth/devstorage.read_only",
+            "https://www.googleapis.com/auth/devstorage.read_write"
+          ]
+        }
       }
-     }
     },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] The URL of the zone where the operation resides. Only available when performing per-zone operations."
-    }
-   }
-  },
-  "OperationAggregatedList": {
-   "id": "OperationAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "[Output Only] A map of scoped operation lists.",
-     "additionalProperties": {
-      "$ref": "OperationsScopedList",
-      "description": "[Output Only] Name of the scope containing this set of operations."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#operationAggregatedList for aggregated lists of operations.",
-     "default": "compute#operationAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "regionAutoscalers": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified autoscaler.",
+          "httpMethod": "DELETE",
+          "id": "compute.regionAutoscalers.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "autoscaler"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers/{autoscaler}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified autoscaler.",
+          "httpMethod": "GET",
+          "id": "compute.regionAutoscalers.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "autoscaler"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers/{autoscaler}",
+          "response": {
+            "$ref": "Autoscaler"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an autoscaler in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.regionAutoscalers.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers",
+          "request": {
+            "$ref": "Autoscaler"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of autoscalers contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.regionAutoscalers.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers",
+          "response": {
+            "$ref": "RegionAutoscalerList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.regionAutoscalers.patch",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to patch.",
+              "location": "query",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers",
+          "request": {
+            "$ref": "Autoscaler"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.regionAutoscalers.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates an autoscaler in the specified project using the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.regionAutoscalers.update",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to update.",
+              "location": "query",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers",
+          "request": {
+            "$ref": "Autoscaler"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "OperationList": {
-   "id": "OperationList",
-   "type": "object",
-   "description": "Contains a list of Operation resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "[Output Only] A list of Operation resources.",
-     "items": {
-      "$ref": "Operation"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#operations for Operations resource.",
-     "default": "compute#operationList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "regionBackendServices": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified regional BackendService resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.regionBackendServices.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices/{backendService}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified regional BackendService resource.",
+          "httpMethod": "GET",
+          "id": "compute.regionBackendServices.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices/{backendService}",
+          "response": {
+            "$ref": "BackendService"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getHealth": {
+          "description": "Gets the most recent health check results for this regional BackendService.",
+          "httpMethod": "POST",
+          "id": "compute.regionBackendServices.getHealth",
+          "parameterOrder": [
+            "project",
+            "region",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource for which to get health.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices/{backendService}/getHealth",
+          "request": {
+            "$ref": "ResourceGroupReference"
+          },
+          "response": {
+            "$ref": "BackendServiceGroupHealth"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a regional BackendService resource in the specified project using the data included in the request. There are several restrictions and guidelines to keep in mind when creating a regional backend service. Read  Restrictions and Guidelines for more information.",
+          "httpMethod": "POST",
+          "id": "compute.regionBackendServices.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices",
+          "request": {
+            "$ref": "BackendService"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of regional BackendService resources available to the specified project in the given region.",
+          "httpMethod": "GET",
+          "id": "compute.regionBackendServices.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices",
+          "response": {
+            "$ref": "BackendServiceList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates the specified regional BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.regionBackendServices.patch",
+          "parameterOrder": [
+            "project",
+            "region",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices/{backendService}",
+          "request": {
+            "$ref": "BackendService"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.regionBackendServices.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates the specified regional BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information.",
+          "httpMethod": "PUT",
+          "id": "compute.regionBackendServices.update",
+          "parameterOrder": [
+            "project",
+            "region",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices/{backendService}",
+          "request": {
+            "$ref": "BackendService"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "OperationsScopedList": {
-   "id": "OperationsScopedList",
-   "type": "object",
-   "properties": {
-    "operations": {
-     "type": "array",
-     "description": "[Output Only] List of operations contained in this scope.",
-     "items": {
-      "$ref": "Operation"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of operations when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "regionCommitments": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of commitments.",
+          "httpMethod": "GET",
+          "id": "compute.regionCommitments.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/commitments",
+          "response": {
+            "$ref": "CommitmentAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified commitment resource. Get a list of available commitments by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.regionCommitments.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "commitment"
+          ],
+          "parameters": {
+            "commitment": {
+              "description": "Name of the commitment to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/commitments/{commitment}",
+          "response": {
+            "$ref": "Commitment"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a commitment in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.regionCommitments.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/commitments",
+          "request": {
+            "$ref": "Commitment"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of commitments contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.regionCommitments.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/commitments",
+          "response": {
+            "$ref": "CommitmentList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "PathMatcher": {
-   "id": "PathMatcher",
-   "type": "object",
-   "description": "A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.",
-   "properties": {
-    "defaultService": {
-     "type": "string",
-     "description": "The full or partial URL to the BackendService resource. This will be used if none of the pathRules defined by this PathMatcher is matched by the URL's path portion. For example, the following are all valid URLs to a BackendService resource:  \n- https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService \n- compute/v1/projects/project/global/backendServices/backendService \n- global/backendServices/backendService"
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "name": {
-     "type": "string",
-     "description": "The name to which this PathMatcher is referred by the HostRule."
-    },
-    "pathRules": {
-     "type": "array",
-     "description": "The list of path rules.",
-     "items": {
-      "$ref": "PathRule"
-     }
-    }
-   }
-  },
-  "PathRule": {
-   "id": "PathRule",
-   "type": "object",
-   "description": "A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.",
-   "properties": {
-    "paths": {
-     "type": "array",
-     "description": "The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.",
-     "items": {
-      "type": "string"
-     }
     },
-    "service": {
-     "type": "string",
-     "description": "The URL of the BackendService resource if this rule is matched."
-    }
-   }
-  },
-  "Policy": {
-   "id": "Policy",
-   "type": "object",
-   "description": "Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources.\n\n\n\nA `Policy` consists of a list of `bindings`. A `Binding` binds a list of `members` to a `role`, where the members can be user accounts, Google groups, Google domains, and service accounts. A `role` is a named list of permissions defined by IAM.\n\n**Example**\n\n{ \"bindings\": [ { \"role\": \"roles/owner\", \"members\": [ \"user:mike@example.com\", \"group:admins@example.com\", \"domain:google.com\", \"serviceAccount:my-other-app@appspot.gserviceaccount.com\", ] }, { \"role\": \"roles/viewer\", \"members\": [\"user:sean@example.com\"] } ] }\n\nFor a description of IAM and its features, see the [IAM developer's guide](https://cloud.google.com/iam).",
-   "properties": {
-    "auditConfigs": {
-     "type": "array",
-     "description": "Specifies cloud audit logging configuration for this policy.",
-     "items": {
-      "$ref": "AuditConfig"
-     }
-    },
-    "bindings": {
-     "type": "array",
-     "description": "Associates a list of `members` to a `role`. `bindings` with no members will result in an error.",
-     "items": {
-      "$ref": "Binding"
-     }
-    },
-    "etag": {
-     "type": "string",
-     "description": "`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.\n\nIf no `etag` is provided in the call to `setIamPolicy`, then the existing policy is overwritten blindly.",
-     "format": "byte"
-    },
-    "iamOwned": {
-     "type": "boolean",
-     "description": ""
-    },
-    "rules": {
-     "type": "array",
-     "description": "If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.",
-     "items": {
-      "$ref": "Rule"
-     }
-    },
-    "version": {
-     "type": "integer",
-     "description": "Version of the `Policy`. The default version is 0.",
-     "format": "int32"
-    }
-   }
-  },
-  "Project": {
-   "id": "Project",
-   "type": "object",
-   "description": "A Project resource. Projects can only be created in the Google Cloud Platform Console. Unless marked otherwise, values can only be modified in the console. (== resource_for v1.projects ==) (== resource_for beta.projects ==)",
-   "properties": {
-    "commonInstanceMetadata": {
-     "$ref": "Metadata",
-     "description": "Metadata key/value pairs available to all instances contained in this project. See Custom metadata for more information."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "defaultServiceAccount": {
-     "type": "string",
-     "description": "[Output Only] Default service account used by VMs running in this project."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional textual description of the resource."
-    },
-    "enabledFeatures": {
-     "type": "array",
-     "description": "Restricted features enabled for use on this project.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server. This is not the project ID, and is just a unique ID used by Compute Engine to identify resources.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#project for projects.",
-     "default": "compute#project"
-    },
-    "name": {
-     "type": "string",
-     "description": "The project ID. For example: my-example-project. Use the project ID to make requests to Compute Engine."
-    },
-    "quotas": {
-     "type": "array",
-     "description": "[Output Only] Quotas assigned to this project.",
-     "items": {
-      "$ref": "Quota"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "usageExportLocation": {
-     "$ref": "UsageExportLocation",
-     "description": "The naming prefix for daily usage reports and the Google Cloud Storage bucket where they are stored."
-    },
-    "xpnProjectStatus": {
-     "type": "string",
-     "description": "[Output Only] The role this project has in a shared VPC configuration. Currently only HOST projects are differentiated.",
-     "enum": [
-      "HOST",
-      "UNSPECIFIED_XPN_PROJECT_STATUS"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "ProjectsDisableXpnResourceRequest": {
-   "id": "ProjectsDisableXpnResourceRequest",
-   "type": "object",
-   "properties": {
-    "xpnResource": {
-     "$ref": "XpnResourceId",
-     "description": "Service resource (a.k.a service project) ID."
-    }
-   }
-  },
-  "ProjectsEnableXpnResourceRequest": {
-   "id": "ProjectsEnableXpnResourceRequest",
-   "type": "object",
-   "properties": {
-    "xpnResource": {
-     "$ref": "XpnResourceId",
-     "description": "Service resource (a.k.a service project) ID."
-    }
-   }
-  },
-  "ProjectsGetXpnResources": {
-   "id": "ProjectsGetXpnResources",
-   "type": "object",
-   "properties": {
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#projectsGetXpnResources for lists of service resources (a.k.a service projects)",
-     "default": "compute#projectsGetXpnResources"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "resources": {
-     "type": "array",
-     "description": "Service resources (a.k.a service projects) attached to this project as their shared VPC host.",
-     "items": {
-      "$ref": "XpnResourceId"
-     }
-    }
-   }
-  },
-  "ProjectsListXpnHostsRequest": {
-   "id": "ProjectsListXpnHostsRequest",
-   "type": "object",
-   "properties": {
-    "organization": {
-     "type": "string",
-     "description": "Optional organization ID managed by Cloud Resource Manager, for which to list shared VPC host projects. If not specified, the organization will be inferred from the project."
-    }
-   }
-  },
-  "Quota": {
-   "id": "Quota",
-   "type": "object",
-   "description": "A quotas entry.",
-   "properties": {
-    "limit": {
-     "type": "number",
-     "description": "[Output Only] Quota limit for this metric.",
-     "format": "double"
-    },
-    "metric": {
-     "type": "string",
-     "description": "[Output Only] Name of the quota metric.",
-     "enum": [
-      "AUTOSCALERS",
-      "BACKEND_BUCKETS",
-      "BACKEND_SERVICES",
-      "COMMITMENTS",
-      "CPUS",
-      "CPUS_ALL_REGIONS",
-      "DISKS_TOTAL_GB",
-      "FIREWALLS",
-      "FORWARDING_RULES",
-      "HEALTH_CHECKS",
-      "IMAGES",
-      "INSTANCES",
-      "INSTANCE_GROUPS",
-      "INSTANCE_GROUP_MANAGERS",
-      "INSTANCE_TEMPLATES",
-      "INTERCONNECTS",
-      "INTERNAL_ADDRESSES",
-      "IN_USE_ADDRESSES",
-      "LOCAL_SSD_TOTAL_GB",
-      "NETWORKS",
-      "NVIDIA_K80_GPUS",
-      "NVIDIA_P100_GPUS",
-      "PREEMPTIBLE_CPUS",
-      "PREEMPTIBLE_LOCAL_SSD_GB",
-      "PREEMPTIBLE_NVIDIA_K80_GPUS",
-      "PREEMPTIBLE_NVIDIA_P100_GPUS",
-      "REGIONAL_AUTOSCALERS",
-      "REGIONAL_INSTANCE_GROUP_MANAGERS",
-      "ROUTERS",
-      "ROUTES",
-      "SECURITY_POLICIES",
-      "SECURITY_POLICY_RULES",
-      "SNAPSHOTS",
-      "SSD_TOTAL_GB",
-      "SSL_CERTIFICATES",
-      "STATIC_ADDRESSES",
-      "SUBNETWORKS",
-      "TARGET_HTTPS_PROXIES",
-      "TARGET_HTTP_PROXIES",
-      "TARGET_INSTANCES",
-      "TARGET_POOLS",
-      "TARGET_SSL_PROXIES",
-      "TARGET_TCP_PROXIES",
-      "TARGET_VPN_GATEWAYS",
-      "URL_MAPS",
-      "VPN_TUNNELS"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "usage": {
-     "type": "number",
-     "description": "[Output Only] Current usage of this metric.",
-     "format": "double"
-    }
-   }
-  },
-  "Reference": {
-   "id": "Reference",
-   "type": "object",
-   "description": "Represents a reference to a resource.",
-   "properties": {
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#reference for references.",
-     "default": "compute#reference"
-    },
-    "referenceType": {
-     "type": "string",
-     "description": "A description of the reference type with no implied semantics. Possible values include:  \n- MEMBER_OF"
-    },
-    "referrer": {
-     "type": "string",
-     "description": "URL of the resource which refers to the target."
-    },
-    "target": {
-     "type": "string",
-     "description": "URL of the resource to which this reference points."
-    }
-   }
-  },
-  "Region": {
-   "id": "Region",
-   "type": "object",
-   "description": "Region resource. (== resource_for beta.regions ==) (== resource_for v1.regions ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "deprecated": {
-     "$ref": "DeprecationStatus",
-     "description": "[Output Only] The deprecation status associated with this region."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] Textual description of the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#region for regions.",
-     "default": "compute#region"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource."
-    },
-    "quotas": {
-     "type": "array",
-     "description": "[Output Only] Quotas assigned to this region.",
-     "items": {
-      "$ref": "Quota"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] Status of the region, either UP or DOWN.",
-     "enum": [
-      "DOWN",
-      "UP"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
+    "regionDiskTypes": {
+      "methods": {
+        "get": {
+          "description": "Returns the specified regional disk type. Get a list of available disk types by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.regionDiskTypes.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "diskType"
+          ],
+          "parameters": {
+            "diskType": {
+              "description": "Name of the disk type to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/diskTypes/{diskType}",
+          "response": {
+            "$ref": "DiskType"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of regional disk types available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.regionDiskTypes.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/diskTypes",
+          "response": {
+            "$ref": "RegionDiskTypeList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
+      }
     },
-    "zones": {
-     "type": "array",
-     "description": "[Output Only] A list of zones available in this region, in the form of resource URLs.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "RegionAutoscalerList": {
-   "id": "RegionAutoscalerList",
-   "type": "object",
-   "description": "Contains a list of autoscalers.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Autoscaler resources.",
-     "items": {
-      "$ref": "Autoscaler"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#regionAutoscalerList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "regionDisks": {
+      "methods": {
+        "createSnapshot": {
+          "description": "Creates a snapshot of this regional disk.",
+          "httpMethod": "POST",
+          "id": "compute.regionDisks.createSnapshot",
+          "parameterOrder": [
+            "project",
+            "region",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "Name of the regional persistent disk to snapshot.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/disks/{disk}/createSnapshot",
+          "request": {
+            "$ref": "Snapshot"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified regional persistent disk. Deleting a regional disk removes all the replicas of its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.",
+          "httpMethod": "DELETE",
+          "id": "compute.regionDisks.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "Name of the regional persistent disk to delete.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/disks/{disk}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns a specified regional persistent disk.",
+          "httpMethod": "GET",
+          "id": "compute.regionDisks.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "Name of the regional persistent disk to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/disks/{disk}",
+          "response": {
+            "$ref": "Disk"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a persistent regional disk in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.regionDisks.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "sourceImage": {
+              "description": "Optional. Source image to restore onto a disk.",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/disks",
+          "request": {
+            "$ref": "Disk"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of persistent disks contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.regionDisks.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/disks",
+          "response": {
+            "$ref": "DiskList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "resize": {
+          "description": "Resizes the specified regional persistent disk.",
+          "httpMethod": "POST",
+          "id": "compute.regionDisks.resize",
+          "parameterOrder": [
+            "project",
+            "region",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "Name of the regional persistent disk.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "The project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/disks/{disk}/resize",
+          "request": {
+            "$ref": "RegionDisksResizeRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on the target regional disk.",
+          "httpMethod": "POST",
+          "id": "compute.regionDisks.setLabels",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/disks/{resource}/setLabels",
+          "request": {
+            "$ref": "RegionSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.regionDisks.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/disks/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupList": {
-   "id": "RegionInstanceGroupList",
-   "type": "object",
-   "description": "Contains a list of InstanceGroup resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceGroup resources.",
-     "items": {
-      "$ref": "InstanceGroup"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "The resource type.",
-     "default": "compute#regionInstanceGroupList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "regionInstanceGroupManagers": {
+      "methods": {
+        "abandonInstances": {
+          "description": "Schedules a group action to remove the specified instances from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.abandonInstances",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/abandonInstances",
+          "request": {
+            "$ref": "RegionInstanceGroupManagersAbandonInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified managed instance group and all of the instances in that group.",
+          "httpMethod": "DELETE",
+          "id": "compute.regionInstanceGroupManagers.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group to delete.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "deleteInstances": {
+          "description": "Schedules a group action to delete the specified instances in the managed instance group. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.deleteInstances",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/deleteInstances",
+          "request": {
+            "$ref": "RegionInstanceGroupManagersDeleteInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns all of the details about the specified managed instance group.",
+          "httpMethod": "GET",
+          "id": "compute.regionInstanceGroupManagers.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group to return.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
+          "response": {
+            "$ref": "InstanceGroupManager"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a managed instance group using the information that you specify in the request. After the group is created, it schedules an action to create instances in the group using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.\n\nA regional managed instance group can contain up to 2000 instances.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers",
+          "request": {
+            "$ref": "InstanceGroupManager"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of managed instance groups that are contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.regionInstanceGroupManagers.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers",
+          "response": {
+            "$ref": "RegionInstanceGroupManagerList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listManagedInstances": {
+          "description": "Lists the instances in the managed instance group and instances that are scheduled to be created. The list includes any current actions that the group has scheduled for its instances.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.listManagedInstances",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "filter": {
+              "location": "query",
+              "type": "string"
+            },
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "order_by": {
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/listManagedInstances",
+          "response": {
+            "$ref": "RegionInstanceGroupManagersListInstancesResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listmanagedinstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.regionInstanceGroupManagers.patch",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the instance group manager.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
+          "request": {
+            "$ref": "InstanceGroupManager"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "recreateInstances": {
+          "description": "Schedules a group action to recreate the specified instances in the managed instance group. The instances are deleted and recreated using the current instance template for the managed instance group. This operation is marked as DONE when the action is scheduled even if the instances have not yet been recreated. You must separately verify the status of the recreating action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.recreateInstances",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/recreateInstances",
+          "request": {
+            "$ref": "RegionInstanceGroupManagersRecreateRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "resize": {
+          "description": "Changes the intended size for the managed instance group. If you increase the size, the group schedules actions to create new instances using the current instance template. If you decrease the size, the group schedules delete actions on one or more instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.resize",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager",
+            "size"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "size": {
+              "description": "Number of instances that should exist in this instance group manager.",
+              "format": "int32",
+              "location": "query",
+              "minimum": "0",
+              "required": true,
+              "type": "integer"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/resize",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setAutoHealingPolicies": {
+          "description": "Modifies the autohealing policy for the instances in this managed instance group.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.setAutoHealingPolicies",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/setAutoHealingPolicies",
+          "request": {
+            "$ref": "RegionInstanceGroupManagersSetAutoHealingRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setInstanceTemplate": {
+          "description": "Sets the instance template to use when creating new instances or recreating instances in this group. Existing instances are not affected.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.setInstanceTemplate",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/setInstanceTemplate",
+          "request": {
+            "$ref": "RegionInstanceGroupManagersSetTemplateRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setTargetPools": {
+          "description": "Modifies the target pools to which all new instances in this group are assigned. Existing instances in the group are not affected.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.setTargetPools",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/setTargetPools",
+          "request": {
+            "$ref": "RegionInstanceGroupManagersSetTargetPoolsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is updated even if the instances in the group have not yet been updated. You must separately verify the status of the individual instances with the listmanagedinstances method.",
+          "httpMethod": "PUT",
+          "id": "compute.regionInstanceGroupManagers.update",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the instance group manager.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
+          "request": {
+            "$ref": "InstanceGroupManager"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagerList": {
-   "id": "RegionInstanceGroupManagerList",
-   "type": "object",
-   "description": "Contains a list of managed instance groups.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceGroupManager resources.",
-     "items": {
-      "$ref": "InstanceGroupManager"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupManagerList for a list of managed instance groups that exist in th regional scope.",
-     "default": "compute#regionInstanceGroupManagerList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "regionInstanceGroups": {
+      "methods": {
+        "get": {
+          "description": "Returns the specified instance group resource.",
+          "httpMethod": "GET",
+          "id": "compute.regionInstanceGroups.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "Name of the instance group resource to return.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroups/{instanceGroup}",
+          "response": {
+            "$ref": "InstanceGroup"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of instance group resources contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.regionInstanceGroups.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroups",
+          "response": {
+            "$ref": "RegionInstanceGroupList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listInstances": {
+          "description": "Lists the instances in the specified instance group and displays information about the named ports. Depending on the specified options, this method can list all instances or only the instances that are running.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroups.listInstances",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "instanceGroup": {
+              "description": "Name of the regional instance group for which we want to list the instances.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroups/{instanceGroup}/listInstances",
+          "request": {
+            "$ref": "RegionInstanceGroupsListInstancesRequest"
+          },
+          "response": {
+            "$ref": "RegionInstanceGroupsListInstances"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setNamedPorts": {
+          "description": "Sets the named ports for the specified regional instance group.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroups.setNamedPorts",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "The name of the regional instance group where the named ports are updated.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroups/{instanceGroup}/setNamedPorts",
+          "request": {
+            "$ref": "RegionInstanceGroupsSetNamedPortsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroups.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroups/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagersAbandonInstancesRequest": {
-   "id": "RegionInstanceGroupManagersAbandonInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The URLs of one or more instances to abandon. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagersDeleteInstancesRequest": {
-   "id": "RegionInstanceGroupManagersDeleteInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The URLs of one or more instances to delete. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagersListInstancesResponse": {
-   "id": "RegionInstanceGroupManagersListInstancesResponse",
-   "type": "object",
-   "properties": {
-    "managedInstances": {
-     "type": "array",
-     "description": "List of managed instances.",
-     "items": {
-      "$ref": "ManagedInstance"
-     }
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    }
-   }
-  },
-  "RegionInstanceGroupManagersRecreateRequest": {
-   "id": "RegionInstanceGroupManagersRecreateRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The URLs of one or more instances to recreate. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagersSetAutoHealingRequest": {
-   "id": "RegionInstanceGroupManagersSetAutoHealingRequest",
-   "type": "object",
-   "properties": {
-    "autoHealingPolicies": {
-     "type": "array",
-     "items": {
-      "$ref": "InstanceGroupManagerAutoHealingPolicy"
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagersSetTargetPoolsRequest": {
-   "id": "RegionInstanceGroupManagersSetTargetPoolsRequest",
-   "type": "object",
-   "properties": {
-    "fingerprint": {
-     "type": "string",
-     "description": "Fingerprint of the target pools information, which is a hash of the contents. This field is used for optimistic locking when you update the target pool entries. This field is optional.",
-     "format": "byte"
     },
-    "targetPools": {
-     "type": "array",
-     "description": "The URL of all TargetPool resources to which instances in the instanceGroup field are added. The target pools automatically apply to all of the instances in the managed instance group.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagersSetTemplateRequest": {
-   "id": "RegionInstanceGroupManagersSetTemplateRequest",
-   "type": "object",
-   "properties": {
-    "instanceTemplate": {
-     "type": "string",
-     "description": "URL of the InstanceTemplate resource from which all new instances will be created."
-    }
-   }
-  },
-  "RegionInstanceGroupsListInstances": {
-   "id": "RegionInstanceGroupsListInstances",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceWithNamedPorts resources.",
-     "items": {
-      "$ref": "InstanceWithNamedPorts"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "The resource type.",
-     "default": "compute#regionInstanceGroupsListInstances"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupsListInstancesRequest": {
-   "id": "RegionInstanceGroupsListInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instanceState": {
-     "type": "string",
-     "description": "Instances in which state should be returned. Valid options are: 'ALL', 'RUNNING'. By default, it lists all instances.",
-     "enum": [
-      "ALL",
-      "RUNNING"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "portName": {
-     "type": "string",
-     "description": "Name of port user is interested in. It is optional. If it is set, only information about this ports will be returned. If it is not set, all the named ports will be returned. Always lists all instances.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    }
-   }
-  },
-  "RegionInstanceGroupsSetNamedPortsRequest": {
-   "id": "RegionInstanceGroupsSetNamedPortsRequest",
-   "type": "object",
-   "properties": {
-    "fingerprint": {
-     "type": "string",
-     "description": "The fingerprint of the named ports information for this instance group. Use this optional property to prevent conflicts when multiple users change the named ports settings concurrently. Obtain the fingerprint with the instanceGroups.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.",
-     "format": "byte"
-    },
-    "namedPorts": {
-     "type": "array",
-     "description": "The list of named ports to set for this instance group.",
-     "items": {
-      "$ref": "NamedPort"
-     }
-    }
-   }
-  },
-  "RegionList": {
-   "id": "RegionList",
-   "type": "object",
-   "description": "Contains a list of region resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Region resources.",
-     "items": {
-      "$ref": "Region"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#regionList for lists of regions.",
-     "default": "compute#regionList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "RegionSetLabelsRequest": {
-   "id": "RegionSetLabelsRequest",
-   "type": "object",
-   "properties": {
-    "labelFingerprint": {
-     "type": "string",
-     "description": "The fingerprint of the previous set of labels for this resource, used to detect conflicts. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. Make a get() request to the resource to get the latest fingerprint.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "The labels to set for this resource.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "ResourceCommitment": {
-   "id": "ResourceCommitment",
-   "type": "object",
-   "description": "Commitment for a particular resource (a Commitment is composed of one or more of these).",
-   "properties": {
-    "amount": {
-     "type": "string",
-     "description": "The amount of the resource purchased (in a type-dependent unit, such as bytes). For vCPUs, this can just be an integer. For memory, this must be provided in MB. Memory must be a multiple of 256 MB, with up to 6.5GB of memory per every vCPU.",
-     "format": "int64"
-    },
-    "type": {
-     "type": "string",
-     "description": "Type of resource for which this commitment applies. Possible values are VCPU and MEMORY",
-     "enum": [
-      "MEMORY",
-      "UNSPECIFIED",
-      "VCPU"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "ResourceGroupReference": {
-   "id": "ResourceGroupReference",
-   "type": "object",
-   "properties": {
-    "group": {
-     "type": "string",
-     "description": "A URI referencing one of the instance groups listed in the backend service."
-    }
-   }
-  },
-  "Route": {
-   "id": "Route",
-   "type": "object",
-   "description": "Represents a Route resource. A route specifies how certain packets should be handled by the network. Routes are associated with instances by tags and the set of routes for a particular instance is called its routing table.\n\nFor each packet leaving an instance, the system searches that instance's routing table for a single best matching route. Routes match packets by destination IP address, preferring smaller or more specific ranges over larger ones. If there is a tie, the system selects the route with the smallest priority value. If there is still a tie, it uses the layer three and four packet headers to select just one of the remaining matching routes. The packet is then forwarded as specified by the nextHop field of the winning route - either to another instance destination, an instance gateway, or a Google Compute Engine-operated gateway.\n\nPackets that do not match any route in the sending instance's routing table are dropped. (== resource_for beta.routes ==) (== resource_for v1.routes ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "destRange": {
-     "type": "string",
-     "description": "The destination range of outgoing packets that this route applies to. Only IPv4 is supported.",
-     "annotations": {
-      "required": [
-       "compute.routes.insert"
-      ]
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of this resource. Always compute#routes for Route resources.",
-     "default": "compute#route"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.routes.insert"
-      ]
-     }
-    },
-    "network": {
-     "type": "string",
-     "description": "Fully-qualified URL of the network that this route applies to.",
-     "annotations": {
-      "required": [
-       "compute.routes.insert"
-      ]
-     }
-    },
-    "nextHopGateway": {
-     "type": "string",
-     "description": "The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/\u003cproject-id\u003e/global/gateways/default-internet-gateway"
-    },
-    "nextHopInstance": {
-     "type": "string",
-     "description": "The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:\nhttps://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/"
-    },
-    "nextHopIp": {
-     "type": "string",
-     "description": "The network IP address of an instance that should handle matching packets. Only IPv4 is supported."
-    },
-    "nextHopNetwork": {
-     "type": "string",
-     "description": "The URL of the local network if it should handle matching packets."
-    },
-    "nextHopPeering": {
-     "type": "string",
-     "description": "[Output Only] The network peering name that should handle matching packets, which should conform to RFC1035."
-    },
-    "nextHopVpnTunnel": {
-     "type": "string",
-     "description": "The URL to a VpnTunnel that should handle matching packets."
-    },
-    "priority": {
-     "type": "integer",
-     "description": "The priority of this route. Priority is used to break ties in cases where there is more than one matching route of equal prefix length. In the case of two routes with equal prefix length, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.",
-     "format": "uint32",
-     "annotations": {
-      "required": [
-       "compute.routes.insert"
-      ]
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined fully-qualified URL for this resource."
-    },
-    "tags": {
-     "type": "array",
-     "description": "A list of instance tags to which this route applies.",
-     "items": {
-      "type": "string"
-     },
-     "annotations": {
-      "required": [
-       "compute.routes.insert"
-      ]
-     }
-    },
-    "warnings": {
-     "type": "array",
-     "description": "[Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.",
-     "items": {
-      "type": "object",
-      "properties": {
-       "code": {
-        "type": "string",
-        "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-        "enum": [
-         "CLEANUP_FAILED",
-         "DEPRECATED_RESOURCE_USED",
-         "DEPRECATED_TYPE_USED",
-         "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-         "EXPERIMENTAL_TYPE_USED",
-         "EXTERNAL_API_WARNING",
-         "FIELD_VALUE_OVERRIDEN",
-         "INJECTED_KERNELS_DEPRECATED",
-         "MISSING_TYPE_DEPENDENCY",
-         "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-         "NEXT_HOP_CANNOT_IP_FORWARD",
-         "NEXT_HOP_INSTANCE_NOT_FOUND",
-         "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-         "NEXT_HOP_NOT_RUNNING",
-         "NOT_CRITICAL_ERROR",
-         "NO_RESULTS_ON_PAGE",
-         "REQUIRED_TOS_AGREEMENT",
-         "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-         "RESOURCE_NOT_DELETED",
-         "SCHEMA_VALIDATION_IGNORED",
-         "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-         "UNDECLARED_PROPERTIES",
-         "UNREACHABLE"
-        ],
-        "enumDescriptions": [
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         ""
-        ]
-       },
-       "data": {
-        "type": "array",
-        "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-        "items": {
-         "type": "object",
-         "properties": {
-          "key": {
-           "type": "string",
-           "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-          },
-          "value": {
-           "type": "string",
-           "description": "[Output Only] A warning data value corresponding to the key."
-          }
-         }
-        }
-       },
-       "message": {
-        "type": "string",
-        "description": "[Output Only] A human-readable description of the warning code."
-       }
-      }
-     }
-    }
-   }
-  },
-  "RouteList": {
-   "id": "RouteList",
-   "type": "object",
-   "description": "Contains a list of Route resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Route resources.",
-     "items": {
-      "$ref": "Route"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#routeList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "Router": {
-   "id": "Router",
-   "type": "object",
-   "description": "Router resource.",
-   "properties": {
-    "bgp": {
-     "$ref": "RouterBgp",
-     "description": "BGP information specific to this router."
-    },
-    "bgpPeers": {
-     "type": "array",
-     "description": "BGP information that needs to be configured into the routing stack to establish the BGP peering. It must specify peer ASN and either interface name, IP, or peer IP. Please refer to RFC4273.",
-     "items": {
-      "$ref": "RouterBgpPeer"
-     }
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "interfaces": {
-     "type": "array",
-     "description": "Router interfaces. Each interface requires either one linked resource (e.g. linkedVpnTunnel), or IP address and IP address range (e.g. ipRange), or both.",
-     "items": {
-      "$ref": "RouterInterface"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#router for routers.",
-     "default": "compute#router"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.routers.insert"
-      ]
-     }
-    },
-    "network": {
-     "type": "string",
-     "description": "URI of the network to which this router belongs.",
-     "annotations": {
-      "required": [
-       "compute.routers.insert"
-      ]
-     }
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URI of the region where the router resides."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "RouterAdvertisedIpRange": {
-   "id": "RouterAdvertisedIpRange",
-   "type": "object",
-   "description": "Description-tagged IP ranges for the router to advertise.",
-   "properties": {
-    "description": {
-     "type": "string",
-     "description": "User-specified description for the IP range."
-    },
-    "range": {
-     "type": "string",
-     "description": "The IP range to advertise. The value must be a CIDR-formatted string."
-    }
-   }
-  },
-  "RouterAggregatedList": {
-   "id": "RouterAggregatedList",
-   "type": "object",
-   "description": "Contains a list of routers.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of Router resources.",
-     "additionalProperties": {
-      "$ref": "RoutersScopedList",
-      "description": "Name of the scope containing this set of routers."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#routerAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "regionOperations": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified region-specific Operations resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.regionOperations.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "operation"
+          ],
+          "parameters": {
+            "operation": {
+              "description": "Name of the Operations resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/operations/{operation}",
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Retrieves the specified region-specific Operations resource.",
+          "httpMethod": "GET",
+          "id": "compute.regionOperations.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "operation"
+          ],
+          "parameters": {
+            "operation": {
+              "description": "Name of the Operations resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/operations/{operation}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of Operation resources contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.regionOperations.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/operations",
+          "response": {
+            "$ref": "OperationList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "RouterBgp": {
-   "id": "RouterBgp",
-   "type": "object",
-   "properties": {
-    "advertiseMode": {
-     "type": "string",
-     "description": "User-specified flag to indicate which mode to use for advertisement.",
-     "enum": [
-      "CUSTOM",
-      "DEFAULT"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "advertisedGroups": {
-     "type": "array",
-     "description": "User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.",
-     "items": {
-      "type": "string",
-      "enum": [
-       "ALL_SUBNETS"
-      ],
-      "enumDescriptions": [
-       ""
-      ]
-     }
-    },
-    "advertisedIpRanges": {
-     "type": "array",
-     "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.",
-     "items": {
-      "$ref": "RouterAdvertisedIpRange"
-     }
-    },
-    "asn": {
-     "type": "integer",
-     "description": "Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.",
-     "format": "uint32"
-    }
-   }
-  },
-  "RouterBgpPeer": {
-   "id": "RouterBgpPeer",
-   "type": "object",
-   "properties": {
-    "advertiseMode": {
-     "type": "string",
-     "description": "User-specified flag to indicate which mode to use for advertisement.",
-     "enum": [
-      "CUSTOM",
-      "DEFAULT"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "advertisedGroups": {
-     "type": "array",
-     "description": "User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in Bgp message). These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.",
-     "items": {
-      "type": "string",
-      "enum": [
-       "ALL_SUBNETS"
-      ],
-      "enumDescriptions": [
-       ""
-      ]
-     }
-    },
-    "advertisedIpRanges": {
-     "type": "array",
-     "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in Bgp message). These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.",
-     "items": {
-      "$ref": "RouterAdvertisedIpRange"
-     }
-    },
-    "advertisedRoutePriority": {
-     "type": "integer",
-     "description": "The priority of routes advertised to this BGP peer. In the case where there is more than one matching route of maximum length, the routes with lowest priority value win.",
-     "format": "uint32"
-    },
-    "interfaceName": {
-     "type": "string",
-     "description": "Name of the interface the BGP peer is associated with."
-    },
-    "ipAddress": {
-     "type": "string",
-     "description": "IP address of the interface inside Google Cloud Platform. Only IPv4 is supported."
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of this BGP peer. The name must be 1-63 characters long and comply with RFC1035.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "peerAsn": {
-     "type": "integer",
-     "description": "Peer BGP Autonomous System Number (ASN). For VPN use case, this value can be different for every tunnel.",
-     "format": "uint32"
-    },
-    "peerIpAddress": {
-     "type": "string",
-     "description": "IP address of the BGP interface outside Google cloud. Only IPv4 is supported."
-    }
-   }
-  },
-  "RouterInterface": {
-   "id": "RouterInterface",
-   "type": "object",
-   "properties": {
-    "ipRange": {
-     "type": "string",
-     "description": "IP address and range of the interface. The IP range must be in the RFC3927 link-local IP space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface."
-    },
-    "linkedInterconnectAttachment": {
-     "type": "string",
-     "description": "URI of the linked interconnect attachment. It must be in the same region as the router. Each interface can have at most one linked resource and it could either be a VPN Tunnel or an interconnect attachment."
-    },
-    "linkedVpnTunnel": {
-     "type": "string",
-     "description": "URI of the linked VPN tunnel. It must be in the same region as the router. Each interface can have at most one linked resource and it could either be a VPN Tunnel or an interconnect attachment."
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of this interface entry. The name must be 1-63 characters long and comply with RFC1035.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    }
-   }
-  },
-  "RouterList": {
-   "id": "RouterList",
-   "type": "object",
-   "description": "Contains a list of Router resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Router resources.",
-     "items": {
-      "$ref": "Router"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#router for routers.",
-     "default": "compute#routerList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "regions": {
+      "methods": {
+        "get": {
+          "description": "Returns the specified Region resource. Get a list of available regions by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.regions.get",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}",
+          "response": {
+            "$ref": "Region"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of region resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.regions.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions",
+          "response": {
+            "$ref": "RegionList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "RouterStatus": {
-   "id": "RouterStatus",
-   "type": "object",
-   "properties": {
-    "bestRoutes": {
-     "type": "array",
-     "description": "Best routes for this router's network.",
-     "items": {
-      "$ref": "Route"
-     }
-    },
-    "bestRoutesForRouter": {
-     "type": "array",
-     "description": "Best routes learned by this router.",
-     "items": {
-      "$ref": "Route"
-     }
-    },
-    "bgpPeerStatus": {
-     "type": "array",
-     "items": {
-      "$ref": "RouterStatusBgpPeerStatus"
-     }
-    },
-    "network": {
-     "type": "string",
-     "description": "URI of the network to which this router belongs."
-    }
-   }
-  },
-  "RouterStatusBgpPeerStatus": {
-   "id": "RouterStatusBgpPeerStatus",
-   "type": "object",
-   "properties": {
-    "advertisedRoutes": {
-     "type": "array",
-     "description": "Routes that were advertised to the remote BGP peer",
-     "items": {
-      "$ref": "Route"
-     }
-    },
-    "ipAddress": {
-     "type": "string",
-     "description": "IP address of the local BGP interface."
-    },
-    "linkedVpnTunnel": {
-     "type": "string",
-     "description": "URL of the VPN tunnel that this BGP peer controls."
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of this BGP peer. Unique within the Routers resource."
-    },
-    "numLearnedRoutes": {
-     "type": "integer",
-     "description": "Number of routes learned from the remote BGP Peer.",
-     "format": "uint32"
-    },
-    "peerIpAddress": {
-     "type": "string",
-     "description": "IP address of the remote BGP interface."
-    },
-    "state": {
-     "type": "string",
-     "description": "BGP state as specified in RFC1771."
-    },
-    "status": {
-     "type": "string",
-     "description": "Status of the BGP peer: {UP, DOWN}",
-     "enum": [
-      "DOWN",
-      "UNKNOWN",
-      "UP"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "uptime": {
-     "type": "string",
-     "description": "Time this session has been up. Format: 14 years, 51 weeks, 6 days, 23 hours, 59 minutes, 59 seconds"
-    },
-    "uptimeSeconds": {
-     "type": "string",
-     "description": "Time this session has been up, in seconds. Format: 145"
-    }
-   }
-  },
-  "RouterStatusResponse": {
-   "id": "RouterStatusResponse",
-   "type": "object",
-   "properties": {
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#routerStatusResponse"
-    },
-    "result": {
-     "$ref": "RouterStatus"
-    }
-   }
-  },
-  "RoutersPreviewResponse": {
-   "id": "RoutersPreviewResponse",
-   "type": "object",
-   "properties": {
-    "resource": {
-     "$ref": "Router",
-     "description": "Preview of given router."
-    }
-   }
-  },
-  "RoutersScopedList": {
-   "id": "RoutersScopedList",
-   "type": "object",
-   "properties": {
+    },
     "routers": {
-     "type": "array",
-     "description": "List of routers contained in this scope.",
-     "items": {
-      "$ref": "Router"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of routers when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of routers.",
+          "httpMethod": "GET",
+          "id": "compute.routers.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/routers",
+          "response": {
+            "$ref": "RouterAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified Router resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.routers.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "router"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "router": {
+              "description": "Name of the Router resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{router}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified Router resource. Get a list of available routers by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.routers.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "router"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "router": {
+              "description": "Name of the Router resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{router}",
+          "response": {
+            "$ref": "Router"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getRouterStatus": {
+          "description": "Retrieves runtime information of the specified router.",
+          "httpMethod": "GET",
+          "id": "compute.routers.getRouterStatus",
+          "parameterOrder": [
+            "project",
+            "region",
+            "router"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "router": {
+              "description": "Name of the Router resource to query.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{router}/getRouterStatus",
+          "response": {
+            "$ref": "RouterStatusResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a Router resource in the specified project and region using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.routers.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers",
+          "request": {
+            "$ref": "Router"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of Router resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.routers.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers",
+          "response": {
+            "$ref": "RouterList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Patches the specified Router resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.routers.patch",
+          "parameterOrder": [
+            "project",
+            "region",
+            "router"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "router": {
+              "description": "Name of the Router resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{router}",
+          "request": {
+            "$ref": "Router"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "preview": {
+          "description": "Preview fields auto-generated during router create and update operations. Calling this method does NOT create or update the router.",
+          "httpMethod": "POST",
+          "id": "compute.routers.preview",
+          "parameterOrder": [
+            "project",
+            "region",
+            "router"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "router": {
+              "description": "Name of the Router resource to query.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{router}/preview",
+          "request": {
+            "$ref": "Router"
+          },
+          "response": {
+            "$ref": "RoutersPreviewResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.routers.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates the specified Router resource with the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.routers.update",
+          "parameterOrder": [
+            "project",
+            "region",
+            "router"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "router": {
+              "description": "Name of the Router resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{router}",
+          "request": {
+            "$ref": "Router"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "Rule": {
-   "id": "Rule",
-   "type": "object",
-   "description": "A rule to be applied in a Policy.",
-   "properties": {
-    "action": {
-     "type": "string",
-     "description": "Required",
-     "enum": [
-      "ALLOW",
-      "ALLOW_WITH_LOG",
-      "DENY",
-      "DENY_WITH_LOG",
-      "LOG",
-      "NO_ACTION"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "conditions": {
-     "type": "array",
-     "description": "Additional restrictions that must be met. All conditions must pass for the rule to match.",
-     "items": {
-      "$ref": "Condition"
-     }
-    },
-    "description": {
-     "type": "string",
-     "description": "Human-readable description of the rule."
-    },
-    "ins": {
-     "type": "array",
-     "description": "If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "logConfigs": {
-     "type": "array",
-     "description": "The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.",
-     "items": {
-      "$ref": "LogConfig"
-     }
-    },
-    "notIns": {
-     "type": "array",
-     "description": "If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.",
-     "items": {
-      "type": "string"
-     }
     },
-    "permissions": {
-     "type": "array",
-     "description": "A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "SSLHealthCheck": {
-   "id": "SSLHealthCheck",
-   "type": "object",
-   "properties": {
-    "port": {
-     "type": "integer",
-     "description": "The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.",
-     "format": "int32"
-    },
-    "portName": {
-     "type": "string",
-     "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence."
-    },
-    "proxyHeader": {
-     "type": "string",
-     "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "request": {
-     "type": "string",
-     "description": "The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII."
-    },
-    "response": {
-     "type": "string",
-     "description": "The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII."
-    }
-   }
-  },
-  "Scheduling": {
-   "id": "Scheduling",
-   "type": "object",
-   "description": "Sets the scheduling options for an Instance.",
-   "properties": {
-    "automaticRestart": {
-     "type": "boolean",
-     "description": "Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.\n\nBy default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine."
-    },
-    "onHostMaintenance": {
-     "type": "string",
-     "description": "Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Setting Instance Scheduling Options.",
-     "enum": [
-      "MIGRATE",
-      "TERMINATE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "preemptible": {
-     "type": "boolean",
-     "description": "Defines whether the instance is preemptible. This can only be set during instance creation, it cannot be set or changed after the instance has been created."
-    }
-   }
-  },
-  "SecurityPolicy": {
-   "id": "SecurityPolicy",
-   "type": "object",
-   "description": "A security policy is comprised of one or more rules. It can also be associated with one or more 'targets'.",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.\n\nTo see the latest fingerprint, make get() request to the security policy.",
-     "format": "byte"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output only] Type of the resource. Always compute#securityPolicyfor security policies",
-     "default": "compute#securityPolicy"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "rules": {
-     "type": "array",
-     "description": "List of rules that belong to this policy. There must always be a default rule (rule with priority 2147483647 and match \"*\"). If no rules are provided when creating a security policy, a default rule with action \"allow\" will be added.",
-     "items": {
-      "$ref": "SecurityPolicyRule"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "SecurityPolicyList": {
-   "id": "SecurityPolicyList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of SecurityPolicy resources.",
-     "items": {
-      "$ref": "SecurityPolicy"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#securityPolicyList for listsof securityPolicies",
-     "default": "compute#securityPolicyList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "routes": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified Route resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.routes.delete",
+          "parameterOrder": [
+            "project",
+            "route"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "route": {
+              "description": "Name of the Route resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/routes/{route}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified Route resource. Get a list of available routes by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.routes.get",
+          "parameterOrder": [
+            "project",
+            "route"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "route": {
+              "description": "Name of the Route resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/routes/{route}",
+          "response": {
+            "$ref": "Route"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a Route resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.routes.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/routes",
+          "request": {
+            "$ref": "Route"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of Route resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.routes.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/routes",
+          "response": {
+            "$ref": "RouteList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.routes.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/routes/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "SecurityPolicyReference": {
-   "id": "SecurityPolicyReference",
-   "type": "object",
-   "properties": {
-    "securityPolicy": {
-     "type": "string"
-    }
-   }
-  },
-  "SecurityPolicyRule": {
-   "id": "SecurityPolicyRule",
-   "type": "object",
-   "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).",
-   "properties": {
-    "action": {
-     "type": "string",
-     "description": "The Action to preform when the client connection triggers the rule. Can currently be either \"allow\" or \"deny()\" where valid values for status are 403, 404, and 502."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules",
-     "default": "compute#securityPolicyRule"
-    },
-    "match": {
-     "$ref": "SecurityPolicyRuleMatcher",
-     "description": "A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding ?action? is enforced."
-    },
-    "preview": {
-     "type": "boolean",
-     "description": "If set to true, the specified action is not enforced."
-    },
-    "priority": {
-     "type": "integer",
-     "description": "An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated in the increasing order of priority.",
-     "format": "int32"
-    }
-   }
-  },
-  "SecurityPolicyRuleMatcher": {
-   "id": "SecurityPolicyRuleMatcher",
-   "type": "object",
-   "description": "Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.",
-   "properties": {
-    "config": {
-     "$ref": "SecurityPolicyRuleMatcherConfig",
-     "description": "The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified."
-    },
-    "srcIpRanges": {
-     "type": "array",
-     "description": "CIDR IP address range. Only IPv4 is supported.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "versionedExpr": {
-     "type": "string",
-     "description": "Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.",
-     "enum": [
-      "SRC_IPS_V1",
-      "VERSIONED_EXPR_UNSPECIFIED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "SecurityPolicyRuleMatcherConfig": {
-   "id": "SecurityPolicyRuleMatcherConfig",
-   "type": "object",
-   "properties": {
-    "srcIpRanges": {
-     "type": "array",
-     "description": "CIDR IP address range. Only IPv4 is supported.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "SerialPortOutput": {
-   "id": "SerialPortOutput",
-   "type": "object",
-   "description": "An instance's serial console output.",
-   "properties": {
-    "contents": {
-     "type": "string",
-     "description": "[Output Only] The contents of the console output."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#serialPortOutput for serial port output.",
-     "default": "compute#serialPortOutput"
-    },
-    "next": {
-     "type": "string",
-     "description": "[Output Only] The position of the next byte of content from the serial console output. Use this value in the next request as the start parameter.",
-     "format": "int64"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "start": {
-     "type": "string",
-     "description": "The starting byte position of the output that was returned. This should match the start parameter sent with the request. If the serial console output exceeds the size of the buffer, older output will be overwritten by newer content and the start values will be mismatched.",
-     "format": "int64"
-    }
-   }
-  },
-  "ServiceAccount": {
-   "id": "ServiceAccount",
-   "type": "object",
-   "description": "A service account.",
-   "properties": {
-    "email": {
-     "type": "string",
-     "description": "Email address of the service account."
-    },
-    "scopes": {
-     "type": "array",
-     "description": "The list of scopes to be made available for this service account.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "SignedUrlKey": {
-   "id": "SignedUrlKey",
-   "type": "object",
-   "description": "Represents a customer-supplied Signing Key used by Cloud CDN Signed URLs",
-   "properties": {
-    "keyName": {
-     "type": "string",
-     "description": "Name of the key. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "keyValue": {
-     "type": "string",
-     "description": "128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string."
-    }
-   }
-  },
-  "Snapshot": {
-   "id": "Snapshot",
-   "type": "object",
-   "description": "A persistent disk snapshot resource. (== resource_for beta.snapshots ==) (== resource_for v1.snapshots ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "diskSizeGb": {
-     "type": "string",
-     "description": "[Output Only] Size of the snapshot, specified in GB.",
-     "format": "int64"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.",
-     "default": "compute#snapshot"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a snapshot.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    },
-    "licenseCodes": {
-     "type": "array",
-     "description": "Integer license codes indicating which licenses are attached to this snapshot.",
-     "items": {
-      "type": "string",
-      "format": "int64"
-     }
     },
-    "licenses": {
-     "type": "array",
-     "description": "[Output Only] A list of public visible licenses that apply to this snapshot. This can be because the original image had licenses attached (such as a Windows image).",
-     "items": {
-      "type": "string"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "snapshotEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "Encrypts the snapshot using a customer-supplied encryption key.\n\nAfter you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the image later For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.\n\nCustomer-supplied encryption keys do not protect access to metadata of the disk.\n\nIf you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later."
-    },
-    "sourceDisk": {
-     "type": "string",
-     "description": "[Output Only] The source disk used to create this snapshot."
-    },
-    "sourceDiskEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key."
-    },
-    "sourceDiskId": {
-     "type": "string",
-     "description": "[Output Only] The ID value of the disk used to create this snapshot. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given disk name."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the snapshot. This can be CREATING, DELETING, FAILED, READY, or UPLOADING.",
-     "enum": [
-      "CREATING",
-      "DELETING",
-      "FAILED",
-      "READY",
-      "UPLOADING"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "storageBytes": {
-     "type": "string",
-     "description": "[Output Only] A size of the storage used by the snapshot. As snapshots share storage, this number is expected to change with snapshot creation/deletion.",
-     "format": "int64"
-    },
-    "storageBytesStatus": {
-     "type": "string",
-     "description": "[Output Only] An indicator whether storageBytes is in a stable state or it is being adjusted as a result of shared storage reallocation. This status can either be UPDATING, meaning the size of the snapshot is being updated, or UP_TO_DATE, meaning the size of the snapshot is up-to-date.",
-     "enum": [
-      "UPDATING",
-      "UP_TO_DATE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "SnapshotList": {
-   "id": "SnapshotList",
-   "type": "object",
-   "description": "Contains a list of Snapshot resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Snapshot resources.",
-     "items": {
-      "$ref": "Snapshot"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#snapshotList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "SourceInstanceParams": {
-   "id": "SourceInstanceParams",
-   "type": "object",
-   "description": "A specification of the parameters to use when creating the instance template from a source instance.",
-   "properties": {
-    "diskConfigs": {
-     "type": "array",
-     "description": "Attached disks configuration. If not provided, defaults are applied: For boot disk and any other R/W disks, new custom images will be created from each disk. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes.",
-     "items": {
-      "$ref": "DiskInstantiationConfig"
-     }
-    }
-   }
-  },
-  "SslCertificate": {
-   "id": "SslCertificate",
-   "type": "object",
-   "description": "An SslCertificate resource. This resource provides a mechanism to upload an SSL key and certificate to the load balancer to serve secure connections from the user. (== resource_for beta.sslCertificates ==) (== resource_for v1.sslCertificates ==)",
-   "properties": {
-    "certificate": {
-     "type": "string",
-     "description": "A local certificate file. The certificate must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#sslCertificate for SSL certificates.",
-     "default": "compute#sslCertificate"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "privateKey": {
-     "type": "string",
-     "description": "A write-only private key in PEM format. Only insert requests will include this field."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "SslCertificateList": {
-   "id": "SslCertificateList",
-   "type": "object",
-   "description": "Contains a list of SslCertificate resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of SslCertificate resources.",
-     "items": {
-      "$ref": "SslCertificate"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#sslCertificateList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "SslPoliciesList": {
-   "id": "SslPoliciesList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of SslPolicy resources.",
-     "items": {
-      "$ref": "SslPolicy"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#sslPoliciesList for lists of sslPolicies.",
-     "default": "compute#sslPoliciesList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "securityPolicies": {
+      "methods": {
+        "addRule": {
+          "description": "Inserts a rule into a security policy.",
+          "httpMethod": "POST",
+          "id": "compute.securityPolicies.addRule",
+          "parameterOrder": [
+            "project",
+            "securityPolicy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "securityPolicy": {
+              "description": "Name of the security policy to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/securityPolicies/{securityPolicy}/addRule",
+          "request": {
+            "$ref": "SecurityPolicyRule"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified policy.",
+          "httpMethod": "DELETE",
+          "id": "compute.securityPolicies.delete",
+          "parameterOrder": [
+            "project",
+            "securityPolicy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "securityPolicy": {
+              "description": "Name of the security policy to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/securityPolicies/{securityPolicy}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "List all of the ordered rules present in a single specified policy.",
+          "httpMethod": "GET",
+          "id": "compute.securityPolicies.get",
+          "parameterOrder": [
+            "project",
+            "securityPolicy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "securityPolicy": {
+              "description": "Name of the security policy to get.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/securityPolicies/{securityPolicy}",
+          "response": {
+            "$ref": "SecurityPolicy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getRule": {
+          "description": "Gets a rule at the specified priority.",
+          "httpMethod": "GET",
+          "id": "compute.securityPolicies.getRule",
+          "parameterOrder": [
+            "project",
+            "securityPolicy"
+          ],
+          "parameters": {
+            "priority": {
+              "description": "The priority of the rule to get from the security policy.",
+              "format": "int32",
+              "location": "query",
+              "type": "integer"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "securityPolicy": {
+              "description": "Name of the security policy to which the queried rule belongs.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/securityPolicies/{securityPolicy}/getRule",
+          "response": {
+            "$ref": "SecurityPolicyRule"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a new policy in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.securityPolicies.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/securityPolicies",
+          "request": {
+            "$ref": "SecurityPolicy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "List all the policies that have been configured for the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.securityPolicies.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/securityPolicies",
+          "response": {
+            "$ref": "SecurityPolicyList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Patches the specified policy with the data included in the request.",
+          "httpMethod": "PATCH",
+          "id": "compute.securityPolicies.patch",
+          "parameterOrder": [
+            "project",
+            "securityPolicy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "securityPolicy": {
+              "description": "Name of the security policy to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/securityPolicies/{securityPolicy}",
+          "request": {
+            "$ref": "SecurityPolicy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "patchRule": {
+          "description": "Patches a rule at the specified priority.",
+          "httpMethod": "POST",
+          "id": "compute.securityPolicies.patchRule",
+          "parameterOrder": [
+            "project",
+            "securityPolicy"
+          ],
+          "parameters": {
+            "priority": {
+              "description": "The priority of the rule to patch.",
+              "format": "int32",
+              "location": "query",
+              "type": "integer"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "securityPolicy": {
+              "description": "Name of the security policy to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/securityPolicies/{securityPolicy}/patchRule",
+          "request": {
+            "$ref": "SecurityPolicyRule"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "removeRule": {
+          "description": "Deletes a rule at the specified priority.",
+          "httpMethod": "POST",
+          "id": "compute.securityPolicies.removeRule",
+          "parameterOrder": [
+            "project",
+            "securityPolicy"
+          ],
+          "parameters": {
+            "priority": {
+              "description": "The priority of the rule to remove from the security policy.",
+              "format": "int32",
+              "location": "query",
+              "type": "integer"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "securityPolicy": {
+              "description": "Name of the security policy to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/securityPolicies/{securityPolicy}/removeRule",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.securityPolicies.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/securityPolicies/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "SslPoliciesListAvailableFeaturesResponse": {
-   "id": "SslPoliciesListAvailableFeaturesResponse",
-   "type": "object",
-   "properties": {
-    "features": {
-     "type": "array",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "SslPolicy": {
-   "id": "SslPolicy",
-   "type": "object",
-   "description": "A SSL policy specifies the server-side support for SSL features. This can be attached to a TargetHttpsProxy or a TargetSslProxy. This affects connections between clients and the HTTPS or SSL proxy load balancer. They do not affect the connection between the load balancers and the backends.",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "customFeatures": {
-     "type": "array",
-     "description": "List of features enabled when the selected profile is CUSTOM. The\n- method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.",
-     "items": {
-      "type": "string"
-     }
     },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "enabledFeatures": {
-     "type": "array",
-     "description": "[Output Only] The list of features enabled in the SSL policy.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy.",
-     "format": "byte"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output only] Type of the resource. Always compute#sslPolicyfor SSL policies.",
-     "default": "compute#sslPolicy"
-    },
-    "minTlsVersion": {
-     "type": "string",
-     "description": "The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2, TLS_1_3.",
-     "enum": [
-      "TLS_1_0",
-      "TLS_1_1",
-      "TLS_1_2",
-      "TLS_1_3"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "profile": {
-     "type": "string",
-     "description": "Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field.",
-     "enum": [
-      "COMPATIBLE",
-      "CUSTOM",
-      "MODERN",
-      "RESTRICTED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "warnings": {
-     "type": "array",
-     "description": "[Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.",
-     "items": {
-      "type": "object",
-      "properties": {
-       "code": {
-        "type": "string",
-        "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-        "enum": [
-         "CLEANUP_FAILED",
-         "DEPRECATED_RESOURCE_USED",
-         "DEPRECATED_TYPE_USED",
-         "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-         "EXPERIMENTAL_TYPE_USED",
-         "EXTERNAL_API_WARNING",
-         "FIELD_VALUE_OVERRIDEN",
-         "INJECTED_KERNELS_DEPRECATED",
-         "MISSING_TYPE_DEPENDENCY",
-         "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-         "NEXT_HOP_CANNOT_IP_FORWARD",
-         "NEXT_HOP_INSTANCE_NOT_FOUND",
-         "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-         "NEXT_HOP_NOT_RUNNING",
-         "NOT_CRITICAL_ERROR",
-         "NO_RESULTS_ON_PAGE",
-         "REQUIRED_TOS_AGREEMENT",
-         "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-         "RESOURCE_NOT_DELETED",
-         "SCHEMA_VALIDATION_IGNORED",
-         "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-         "UNDECLARED_PROPERTIES",
-         "UNREACHABLE"
-        ],
-        "enumDescriptions": [
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         ""
-        ]
-       },
-       "data": {
-        "type": "array",
-        "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-        "items": {
-         "type": "object",
-         "properties": {
-          "key": {
-           "type": "string",
-           "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-          },
-          "value": {
-           "type": "string",
-           "description": "[Output Only] A warning data value corresponding to the key."
-          }
-         }
-        }
-       },
-       "message": {
-        "type": "string",
-        "description": "[Output Only] A human-readable description of the warning code."
-       }
+    "snapshots": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified Snapshot resource. Keep in mind that deleting a single snapshot might not necessarily delete all the data on that snapshot. If any data on the snapshot that is marked for deletion is needed for subsequent snapshots, the data will be moved to the next corresponding snapshot.\n\nFor more information, see Deleting snaphots.",
+          "httpMethod": "DELETE",
+          "id": "compute.snapshots.delete",
+          "parameterOrder": [
+            "project",
+            "snapshot"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "snapshot": {
+              "description": "Name of the Snapshot resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/snapshots/{snapshot}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified Snapshot resource. Get a list of available snapshots by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.snapshots.get",
+          "parameterOrder": [
+            "project",
+            "snapshot"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "snapshot": {
+              "description": "Name of the Snapshot resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/snapshots/{snapshot}",
+          "response": {
+            "$ref": "Snapshot"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of Snapshot resources contained within the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.snapshots.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/snapshots",
+          "response": {
+            "$ref": "SnapshotList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on a snapshot. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.snapshots.setLabels",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/snapshots/{resource}/setLabels",
+          "request": {
+            "$ref": "GlobalSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.snapshots.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/snapshots/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "SslPolicyReference": {
-   "id": "SslPolicyReference",
-   "type": "object",
-   "properties": {
-    "sslPolicy": {
-     "type": "string",
-     "description": "URL of the SSL policy resource. Set this to empty string to clear any existing SSL policy associated with the target proxy resource."
-    }
-   }
-  },
-  "Subnetwork": {
-   "id": "Subnetwork",
-   "type": "object",
-   "description": "A Subnetwork resource. (== resource_for beta.subnetworks ==) (== resource_for v1.subnetworks ==)",
-   "properties": {
-    "allowSubnetCidrRoutesOverlap": {
-     "type": "boolean",
-     "description": "Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length.\n\nAlso, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature.\n\nThe default value is false and applies to all existing subnetworks and automatically created subnetworks.\n\nThis field cannot be set to true at resource creation time."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time."
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork.",
-     "format": "byte"
-    },
-    "gatewayAddress": {
-     "type": "string",
-     "description": "[Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork. This field can be set only at resource creation time."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "ipCidrRange": {
-     "type": "string",
-     "description": "The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or 192.168.0.0/16. Ranges must be unique and non-overlapping within a network. Only IPv4 is supported. This field can be set only at resource creation time."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#subnetwork for Subnetwork resources.",
-     "default": "compute#subnetwork"
-    },
-    "name": {
-     "type": "string",
-     "description": "The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "network": {
-     "type": "string",
-     "description": "The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time."
-    },
-    "privateIpGoogleAccess": {
-     "type": "boolean",
-     "description": "Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess."
-    },
-    "region": {
-     "type": "string",
-     "description": "URL of the region where the Subnetwork resides. This field can be set only at resource creation time."
-    },
-    "secondaryIpRanges": {
-     "type": "array",
-     "description": "An array of configurations for secondary IP ranges for VM instances contained in this subnetwork. The primary IP of such VM must belong to the primary ipCidrRange of the subnetwork. The alias IPs may belong to either primary or secondary ranges.",
-     "items": {
-      "$ref": "SubnetworkSecondaryRange"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "SubnetworkAggregatedList": {
-   "id": "SubnetworkAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of SubnetworksScopedList resources.",
-     "additionalProperties": {
-      "$ref": "SubnetworksScopedList",
-      "description": "Name of the scope containing this set of Subnetworks."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#subnetworkAggregatedList for aggregated lists of subnetworks.",
-     "default": "compute#subnetworkAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "sslCertificates": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified SslCertificate resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.sslCertificates.delete",
+          "parameterOrder": [
+            "project",
+            "sslCertificate"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "sslCertificate": {
+              "description": "Name of the SslCertificate resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslCertificates/{sslCertificate}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified SslCertificate resource. Get a list of available SSL certificates by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.sslCertificates.get",
+          "parameterOrder": [
+            "project",
+            "sslCertificate"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "sslCertificate": {
+              "description": "Name of the SslCertificate resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslCertificates/{sslCertificate}",
+          "response": {
+            "$ref": "SslCertificate"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a SslCertificate resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.sslCertificates.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslCertificates",
+          "request": {
+            "$ref": "SslCertificate"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of SslCertificate resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.sslCertificates.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslCertificates",
+          "response": {
+            "$ref": "SslCertificateList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.sslCertificates.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslCertificates/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "SubnetworkList": {
-   "id": "SubnetworkList",
-   "type": "object",
-   "description": "Contains a list of Subnetwork resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Subnetwork resources.",
-     "items": {
-      "$ref": "Subnetwork"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#subnetworkList for lists of subnetworks.",
-     "default": "compute#subnetworkList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "sslPolicies": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified SSL policy. The SSL policy resource can be deleted only if it is not in use by any TargetHttpsProxy or TargetSslProxy resources.",
+          "httpMethod": "DELETE",
+          "id": "compute.sslPolicies.delete",
+          "parameterOrder": [
+            "project",
+            "sslPolicy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "sslPolicy": {
+              "description": "Name of the SSL policy to delete. The name must be 1-63 characters long, and comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslPolicies/{sslPolicy}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "List all of the ordered rules present in a single specified policy.",
+          "httpMethod": "GET",
+          "id": "compute.sslPolicies.get",
+          "parameterOrder": [
+            "project",
+            "sslPolicy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "sslPolicy": {
+              "description": "Name of the SSL policy to update. The name must be 1-63 characters long, and comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslPolicies/{sslPolicy}",
+          "response": {
+            "$ref": "SslPolicy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Returns the specified SSL policy resource. Get a list of available SSL policies by making a list() request.",
+          "httpMethod": "POST",
+          "id": "compute.sslPolicies.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslPolicies",
+          "request": {
+            "$ref": "SslPolicy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "List all the SSL policies that have been configured for the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.sslPolicies.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslPolicies",
+          "response": {
+            "$ref": "SslPoliciesList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listAvailableFeatures": {
+          "description": "Lists all features that can be specified in the SSL policy when using custom profile.",
+          "httpMethod": "GET",
+          "id": "compute.sslPolicies.listAvailableFeatures",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslPolicies/listAvailableFeatures",
+          "response": {
+            "$ref": "SslPoliciesListAvailableFeaturesResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Patches the specified SSL policy with the data included in the request.",
+          "httpMethod": "PATCH",
+          "id": "compute.sslPolicies.patch",
+          "parameterOrder": [
+            "project",
+            "sslPolicy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "sslPolicy": {
+              "description": "Name of the SSL policy to update. The name must be 1-63 characters long, and comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslPolicies/{sslPolicy}",
+          "request": {
+            "$ref": "SslPolicy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.sslPolicies.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslPolicies/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "SubnetworkSecondaryRange": {
-   "id": "SubnetworkSecondaryRange",
-   "type": "object",
-   "description": "Represents a secondary IP range of a subnetwork.",
-   "properties": {
-    "ipCidrRange": {
-     "type": "string",
-     "description": "The range of IP addresses belonging to this subnetwork secondary range. Provide this property when you create the subnetwork. Ranges must be unique and non-overlapping with all primary and secondary IP ranges within a network. Only IPv4 is supported."
-    },
-    "rangeName": {
-     "type": "string",
-     "description": "The name associated with this subnetwork secondary range, used when adding an alias IP range to a VM instance. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the subnetwork."
-    }
-   }
-  },
-  "SubnetworksExpandIpCidrRangeRequest": {
-   "id": "SubnetworksExpandIpCidrRangeRequest",
-   "type": "object",
-   "properties": {
-    "ipCidrRange": {
-     "type": "string",
-     "description": "The IP (in CIDR format or netmask) of internal addresses that are legal on this Subnetwork. This range should be disjoint from other subnetworks within this network. This range can only be larger than (i.e. a superset of) the range previously defined before the update."
-    }
-   }
-  },
-  "SubnetworksScopedList": {
-   "id": "SubnetworksScopedList",
-   "type": "object",
-   "properties": {
+    },
     "subnetworks": {
-     "type": "array",
-     "description": "List of subnetworks contained in this scope.",
-     "items": {
-      "$ref": "Subnetwork"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "An informational warning that appears when the list of addresses is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "SubnetworksSetPrivateIpGoogleAccessRequest": {
-   "id": "SubnetworksSetPrivateIpGoogleAccessRequest",
-   "type": "object",
-   "properties": {
-    "privateIpGoogleAccess": {
-     "type": "boolean"
-    }
-   }
-  },
-  "TCPHealthCheck": {
-   "id": "TCPHealthCheck",
-   "type": "object",
-   "properties": {
-    "port": {
-     "type": "integer",
-     "description": "The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.",
-     "format": "int32"
-    },
-    "portName": {
-     "type": "string",
-     "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence."
-    },
-    "proxyHeader": {
-     "type": "string",
-     "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "request": {
-     "type": "string",
-     "description": "The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII."
-    },
-    "response": {
-     "type": "string",
-     "description": "The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII."
-    }
-   }
-  },
-  "Tags": {
-   "id": "Tags",
-   "type": "object",
-   "description": "A set of instance tags.",
-   "properties": {
-    "fingerprint": {
-     "type": "string",
-     "description": "Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.\n\nTo see the latest fingerprint, make get() request to the instance.",
-     "format": "byte"
-    },
-    "items": {
-     "type": "array",
-     "description": "An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "TargetHttpProxy": {
-   "id": "TargetHttpProxy",
-   "type": "object",
-   "description": "A TargetHttpProxy resource. This resource defines an HTTP proxy. (== resource_for beta.targetHttpProxies ==) (== resource_for v1.targetHttpProxies ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.",
-     "default": "compute#targetHttpProxy"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "urlMap": {
-     "type": "string",
-     "description": "URL to the UrlMap resource that defines the mapping from URL to the BackendService."
-    }
-   }
-  },
-  "TargetHttpProxyList": {
-   "id": "TargetHttpProxyList",
-   "type": "object",
-   "description": "A list of TargetHttpProxy resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetHttpProxy resources.",
-     "items": {
-      "$ref": "TargetHttpProxy"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource. Always compute#targetHttpProxyList for lists of target HTTP proxies.",
-     "default": "compute#targetHttpProxyList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of subnetworks.",
+          "httpMethod": "GET",
+          "id": "compute.subnetworks.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/subnetworks",
+          "response": {
+            "$ref": "SubnetworkAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified subnetwork.",
+          "httpMethod": "DELETE",
+          "id": "compute.subnetworks.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "subnetwork"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "subnetwork": {
+              "description": "Name of the Subnetwork resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{subnetwork}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "expandIpCidrRange": {
+          "description": "Expands the IP CIDR range of the subnetwork to a specified value.",
+          "httpMethod": "POST",
+          "id": "compute.subnetworks.expandIpCidrRange",
+          "parameterOrder": [
+            "project",
+            "region",
+            "subnetwork"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "subnetwork": {
+              "description": "Name of the Subnetwork resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{subnetwork}/expandIpCidrRange",
+          "request": {
+            "$ref": "SubnetworksExpandIpCidrRangeRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified subnetwork. Get a list of available subnetworks list() request.",
+          "httpMethod": "GET",
+          "id": "compute.subnetworks.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "subnetwork"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "subnetwork": {
+              "description": "Name of the Subnetwork resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{subnetwork}",
+          "response": {
+            "$ref": "Subnetwork"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getIamPolicy": {
+          "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
+          "httpMethod": "GET",
+          "id": "compute.subnetworks.getIamPolicy",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{resource}/getIamPolicy",
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a subnetwork in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.subnetworks.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks",
+          "request": {
+            "$ref": "Subnetwork"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of subnetworks available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.subnetworks.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks",
+          "response": {
+            "$ref": "SubnetworkList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listUsable": {
+          "description": "Retrieves an aggregated list of usable subnetworks.",
+          "httpMethod": "GET",
+          "id": "compute.subnetworks.listUsable",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/subnetworks/listUsable",
+          "response": {
+            "$ref": "UsableSubnetworksAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Patches the specified subnetwork with the data included in the request. Only the following fields within the subnetwork resource can be specified in the request: secondary_ip_range and allow_subnet_cidr_routes_overlap. It is also mandatory to specify the current fingeprint of the subnetwork resource being patched.",
+          "httpMethod": "PATCH",
+          "id": "compute.subnetworks.patch",
+          "parameterOrder": [
+            "project",
+            "region",
+            "subnetwork"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "subnetwork": {
+              "description": "Name of the Subnetwork resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{subnetwork}",
+          "request": {
+            "$ref": "Subnetwork"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setIamPolicy": {
+          "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
+          "httpMethod": "POST",
+          "id": "compute.subnetworks.setIamPolicy",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{resource}/setIamPolicy",
+          "request": {
+            "$ref": "Policy"
+          },
+          "response": {
+            "$ref": "Policy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setPrivateIpGoogleAccess": {
+          "description": "Set whether VMs in this subnet can access Google services without assigning external IP addresses through Private Google Access.",
+          "httpMethod": "POST",
+          "id": "compute.subnetworks.setPrivateIpGoogleAccess",
+          "parameterOrder": [
+            "project",
+            "region",
+            "subnetwork"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "subnetwork": {
+              "description": "Name of the Subnetwork resource.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{subnetwork}/setPrivateIpGoogleAccess",
+          "request": {
+            "$ref": "SubnetworksSetPrivateIpGoogleAccessRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.subnetworks.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "TargetHttpsProxiesSetQuicOverrideRequest": {
-   "id": "TargetHttpsProxiesSetQuicOverrideRequest",
-   "type": "object",
-   "properties": {
-    "quicOverride": {
-     "type": "string",
-     "description": "QUIC policy for the TargetHttpsProxy resource.",
-     "enum": [
-      "DISABLE",
-      "ENABLE",
-      "NONE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "TargetHttpsProxiesSetSslCertificatesRequest": {
-   "id": "TargetHttpsProxiesSetSslCertificatesRequest",
-   "type": "object",
-   "properties": {
-    "sslCertificates": {
-     "type": "array",
-     "description": "New set of SslCertificate resources to associate with this TargetHttpsProxy resource. Currently exactly one SslCertificate resource must be specified.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "TargetHttpsProxy": {
-   "id": "TargetHttpsProxy",
-   "type": "object",
-   "description": "A TargetHttpsProxy resource. This resource defines an HTTPS proxy. (== resource_for beta.targetHttpsProxies ==) (== resource_for v1.targetHttpsProxies ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.",
-     "default": "compute#targetHttpsProxy"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "quicOverride": {
-     "type": "string",
-     "description": "Specifies the QUIC override policy for this TargetHttpsProxy resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. Specify ENABLE to always enable QUIC, Enables QUIC when set to ENABLE, and disables QUIC when set to DISABLE. If NONE is specified, uses the QUIC policy with no user overrides, which is equivalent to DISABLE. Not specifying this field is equivalent to specifying NONE.",
-     "enum": [
-      "DISABLE",
-      "ENABLE",
-      "NONE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sslCertificates": {
-     "type": "array",
-     "description": "URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, exactly one SSL certificate must be specified.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "sslPolicy": {
-     "type": "string",
-     "description": "URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured."
     },
-    "urlMap": {
-     "type": "string",
-     "description": "A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:  \n- https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map \n- projects/project/global/urlMaps/url-map \n- global/urlMaps/url-map"
-    }
-   }
-  },
-  "TargetHttpsProxyList": {
-   "id": "TargetHttpsProxyList",
-   "type": "object",
-   "description": "Contains a list of TargetHttpsProxy resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetHttpsProxy resources.",
-     "items": {
-      "$ref": "TargetHttpsProxy"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource. Always compute#targetHttpsProxyList for lists of target HTTPS proxies.",
-     "default": "compute#targetHttpsProxyList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetInstance": {
-   "id": "TargetInstance",
-   "type": "object",
-   "description": "A TargetInstance resource. This resource defines an endpoint instance that terminates traffic of certain protocols. (== resource_for beta.targetInstances ==) (== resource_for v1.targetInstances ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "instance": {
-     "type": "string",
-     "description": "A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs: \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance \n- projects/project/zones/zone/instances/instance \n- zones/zone/instances/instance"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The type of the resource. Always compute#targetInstance for target instances.",
-     "default": "compute#targetInstance"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "natPolicy": {
-     "type": "string",
-     "description": "NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported.",
-     "enum": [
-      "NO_NAT"
-     ],
-     "enumDescriptions": [
-      ""
-     ]
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] URL of the zone where the target instance resides."
-    }
-   }
-  },
-  "TargetInstanceAggregatedList": {
-   "id": "TargetInstanceAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of TargetInstance resources.",
-     "additionalProperties": {
-      "$ref": "TargetInstancesScopedList",
-      "description": "Name of the scope containing this set of target instances."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#targetInstanceAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "targetHttpProxies": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified TargetHttpProxy resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetHttpProxies.delete",
+          "parameterOrder": [
+            "project",
+            "targetHttpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetHttpProxy": {
+              "description": "Name of the TargetHttpProxy resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpProxies/{targetHttpProxy}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified TargetHttpProxy resource. Get a list of available target HTTP proxies by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetHttpProxies.get",
+          "parameterOrder": [
+            "project",
+            "targetHttpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "targetHttpProxy": {
+              "description": "Name of the TargetHttpProxy resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpProxies/{targetHttpProxy}",
+          "response": {
+            "$ref": "TargetHttpProxy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a TargetHttpProxy resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpProxies.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpProxies",
+          "request": {
+            "$ref": "TargetHttpProxy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of TargetHttpProxy resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.targetHttpProxies.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpProxies",
+          "response": {
+            "$ref": "TargetHttpProxyList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setUrlMap": {
+          "description": "Changes the URL map for TargetHttpProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpProxies.setUrlMap",
+          "parameterOrder": [
+            "project",
+            "targetHttpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetHttpProxy": {
+              "description": "Name of the TargetHttpProxy to set a URL map for.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/targetHttpProxies/{targetHttpProxy}/setUrlMap",
+          "request": {
+            "$ref": "UrlMapReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpProxies.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpProxies/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "TargetInstanceList": {
-   "id": "TargetInstanceList",
-   "type": "object",
-   "description": "Contains a list of TargetInstance resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetInstance resources.",
-     "items": {
-      "$ref": "TargetInstance"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#targetInstanceList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "targetHttpsProxies": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified TargetHttpsProxy resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetHttpsProxies.delete",
+          "parameterOrder": [
+            "project",
+            "targetHttpsProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetHttpsProxy": {
+              "description": "Name of the TargetHttpsProxy resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified TargetHttpsProxy resource. Get a list of available target HTTPS proxies by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetHttpsProxies.get",
+          "parameterOrder": [
+            "project",
+            "targetHttpsProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "targetHttpsProxy": {
+              "description": "Name of the TargetHttpsProxy resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}",
+          "response": {
+            "$ref": "TargetHttpsProxy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a TargetHttpsProxy resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpsProxies.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpsProxies",
+          "request": {
+            "$ref": "TargetHttpsProxy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of TargetHttpsProxy resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.targetHttpsProxies.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpsProxies",
+          "response": {
+            "$ref": "TargetHttpsProxyList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setQuicOverride": {
+          "description": "Sets the QUIC override policy for TargetHttpsProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpsProxies.setQuicOverride",
+          "parameterOrder": [
+            "project",
+            "targetHttpsProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetHttpsProxy": {
+              "description": "Name of the TargetHttpsProxy resource to set the QUIC override policy for. The name should conform to RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}/setQuicOverride",
+          "request": {
+            "$ref": "TargetHttpsProxiesSetQuicOverrideRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setSslCertificates": {
+          "description": "Replaces SslCertificates for TargetHttpsProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpsProxies.setSslCertificates",
+          "parameterOrder": [
+            "project",
+            "targetHttpsProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetHttpsProxy": {
+              "description": "Name of the TargetHttpsProxy resource to set an SslCertificates resource for.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/targetHttpsProxies/{targetHttpsProxy}/setSslCertificates",
+          "request": {
+            "$ref": "TargetHttpsProxiesSetSslCertificatesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setSslPolicy": {
+          "description": "Sets the SSL policy for TargetHttpsProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the HTTPS proxy load balancer. They do not affect the connection between the load balancer and the backends.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpsProxies.setSslPolicy",
+          "parameterOrder": [
+            "project",
+            "targetHttpsProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetHttpsProxy": {
+              "description": "Name of the TargetHttpsProxy resource whose SSL policy is to be set. The name must be 1-63 characters long, and comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}/setSslPolicy",
+          "request": {
+            "$ref": "SslPolicyReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setUrlMap": {
+          "description": "Changes the URL map for TargetHttpsProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpsProxies.setUrlMap",
+          "parameterOrder": [
+            "project",
+            "targetHttpsProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetHttpsProxy": {
+              "description": "Name of the TargetHttpsProxy resource whose URL map is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/targetHttpsProxies/{targetHttpsProxy}/setUrlMap",
+          "request": {
+            "$ref": "UrlMapReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpsProxies.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpsProxies/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "TargetInstancesScopedList": {
-   "id": "TargetInstancesScopedList",
-   "type": "object",
-   "properties": {
+    },
     "targetInstances": {
-     "type": "array",
-     "description": "List of target instances contained in this scope.",
-     "items": {
-      "$ref": "TargetInstance"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of addresses when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of target instances.",
+          "httpMethod": "GET",
+          "id": "compute.targetInstances.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/targetInstances",
+          "response": {
+            "$ref": "TargetInstanceAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified TargetInstance resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetInstances.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "targetInstance"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetInstance": {
+              "description": "Name of the TargetInstance resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/targetInstances/{targetInstance}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified TargetInstance resource. Get a list of available target instances by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetInstances.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "targetInstance"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "targetInstance": {
+              "description": "Name of the TargetInstance resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/targetInstances/{targetInstance}",
+          "response": {
+            "$ref": "TargetInstance"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a TargetInstance resource in the specified project and zone using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetInstances.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/targetInstances",
+          "request": {
+            "$ref": "TargetInstance"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of TargetInstance resources available to the specified project and zone.",
+          "httpMethod": "GET",
+          "id": "compute.targetInstances.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/targetInstances",
+          "response": {
+            "$ref": "TargetInstanceList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.targetInstances.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/targetInstances/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "TargetPool": {
-   "id": "TargetPool",
-   "type": "object",
-   "description": "A TargetPool resource. This resource defines a pool of instances, an associated HttpHealthCheck resource, and the fallback target pool. (== resource_for beta.targetPools ==) (== resource_for v1.targetPools ==)",
-   "properties": {
-    "backupPool": {
-     "type": "string",
-     "description": "This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1].\n\nbackupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool.\n\nIn case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the \"force\" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "failoverRatio": {
-     "type": "number",
-     "description": "This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1].\n\nIf set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool.\n\nIn case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the \"force\" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.",
-     "format": "float"
-    },
-    "healthChecks": {
-     "type": "array",
-     "description": "The URL of the HttpHealthCheck resource. A member instance in this pool is considered healthy if and only if the health checks pass. An empty list means all member instances will be considered healthy at all times. Only HttpHealthChecks are supported. Only one health check may be specified.",
-     "items": {
-      "type": "string"
-     }
     },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "instances": {
-     "type": "array",
-     "description": "A list of resource URLs to the virtual machine instances serving this pool. They must live in zones contained in the same region as this pool.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#targetPool for target pools.",
-     "default": "compute#targetPool"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the target pool resides."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sessionAffinity": {
-     "type": "string",
-     "description": "Sesssion affinity option, must be one of the following values:\nNONE: Connections from the same client IP may go to any instance in the pool.\nCLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy.\nCLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.",
-     "enum": [
-      "CLIENT_IP",
-      "CLIENT_IP_PORT_PROTO",
-      "CLIENT_IP_PROTO",
-      "GENERATED_COOKIE",
-      "NONE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "TargetPoolAggregatedList": {
-   "id": "TargetPoolAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of TargetPool resources.",
-     "additionalProperties": {
-      "$ref": "TargetPoolsScopedList",
-      "description": "Name of the scope containing this set of target pools."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetPoolAggregatedList for aggregated lists of target pools.",
-     "default": "compute#targetPoolAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetPoolInstanceHealth": {
-   "id": "TargetPoolInstanceHealth",
-   "type": "object",
-   "properties": {
-    "healthStatus": {
-     "type": "array",
-     "items": {
-      "$ref": "HealthStatus"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetPoolInstanceHealth when checking the health of an instance.",
-     "default": "compute#targetPoolInstanceHealth"
-    }
-   }
-  },
-  "TargetPoolList": {
-   "id": "TargetPoolList",
-   "type": "object",
-   "description": "Contains a list of TargetPool resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetPool resources.",
-     "items": {
-      "$ref": "TargetPool"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetPoolList for lists of target pools.",
-     "default": "compute#targetPoolList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetPoolsAddHealthCheckRequest": {
-   "id": "TargetPoolsAddHealthCheckRequest",
-   "type": "object",
-   "properties": {
-    "healthChecks": {
-     "type": "array",
-     "description": "The HttpHealthCheck to add to the target pool.",
-     "items": {
-      "$ref": "HealthCheckReference"
-     }
-    }
-   }
-  },
-  "TargetPoolsAddInstanceRequest": {
-   "id": "TargetPoolsAddInstanceRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "A full or partial URL to an instance to add to this target pool. This can be a full or partial URL. For example, the following are valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/project-id/zones/zone/instances/instance-name \n- projects/project-id/zones/zone/instances/instance-name \n- zones/zone/instances/instance-name",
-     "items": {
-      "$ref": "InstanceReference"
-     }
-    }
-   }
-  },
-  "TargetPoolsRemoveHealthCheckRequest": {
-   "id": "TargetPoolsRemoveHealthCheckRequest",
-   "type": "object",
-   "properties": {
-    "healthChecks": {
-     "type": "array",
-     "description": "Health check URL to be removed. This can be a full or valid partial URL. For example, the following are valid URLs:  \n- https://www.googleapis.com/compute/beta/projects/project/global/httpHealthChecks/health-check \n- projects/project/global/httpHealthChecks/health-check \n- global/httpHealthChecks/health-check",
-     "items": {
-      "$ref": "HealthCheckReference"
-     }
-    }
-   }
-  },
-  "TargetPoolsRemoveInstanceRequest": {
-   "id": "TargetPoolsRemoveInstanceRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "URLs of the instances to be removed from target pool.",
-     "items": {
-      "$ref": "InstanceReference"
-     }
-    }
-   }
-  },
-  "TargetPoolsScopedList": {
-   "id": "TargetPoolsScopedList",
-   "type": "object",
-   "properties": {
     "targetPools": {
-     "type": "array",
-     "description": "List of target pools contained in this scope.",
-     "items": {
-      "$ref": "TargetPool"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of addresses when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+      "methods": {
+        "addHealthCheck": {
+          "description": "Adds health check URLs to a target pool.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.addHealthCheck",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the target pool to add a health check to.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}/addHealthCheck",
+          "request": {
+            "$ref": "TargetPoolsAddHealthCheckRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "addInstance": {
+          "description": "Adds an instance to a target pool.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.addInstance",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the TargetPool resource to add instances to.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}/addInstance",
+          "request": {
+            "$ref": "TargetPoolsAddInstanceRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of target pools.",
+          "httpMethod": "GET",
+          "id": "compute.targetPools.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/targetPools",
+          "response": {
+            "$ref": "TargetPoolAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified target pool.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetPools.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the TargetPool resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified target pool. Get a list of available target pools by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetPools.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the TargetPool resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}",
+          "response": {
+            "$ref": "TargetPool"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getHealth": {
+          "description": "Gets the most recent health check results for each IP for the instance that is referenced by the given target pool.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.getHealth",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the TargetPool resource to which the queried instance belongs.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}/getHealth",
+          "request": {
+            "$ref": "InstanceReference"
+          },
+          "response": {
+            "$ref": "TargetPoolInstanceHealth"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a target pool in the specified project and region using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools",
+          "request": {
+            "$ref": "TargetPool"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of target pools available to the specified project and region.",
+          "httpMethod": "GET",
+          "id": "compute.targetPools.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools",
+          "response": {
+            "$ref": "TargetPoolList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "removeHealthCheck": {
+          "description": "Removes health check URL from a target pool.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.removeHealthCheck",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the target pool to remove health checks from.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}/removeHealthCheck",
+          "request": {
+            "$ref": "TargetPoolsRemoveHealthCheckRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "removeInstance": {
+          "description": "Removes instance URL from a target pool.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.removeInstance",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the TargetPool resource to remove instances from.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}/removeInstance",
+          "request": {
+            "$ref": "TargetPoolsRemoveInstanceRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setBackup": {
+          "description": "Changes a backup target pool's configurations.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.setBackup",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "failoverRatio": {
+              "description": "New failoverRatio value for the target pool.",
+              "format": "float",
+              "location": "query",
+              "type": "number"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the TargetPool resource to set a backup pool for.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}/setBackup",
+          "request": {
+            "$ref": "TargetReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "TargetReference": {
-   "id": "TargetReference",
-   "type": "object",
-   "properties": {
-    "target": {
-     "type": "string"
-    }
-   }
-  },
-  "TargetSslProxiesSetBackendServiceRequest": {
-   "id": "TargetSslProxiesSetBackendServiceRequest",
-   "type": "object",
-   "properties": {
-    "service": {
-     "type": "string",
-     "description": "The URL of the new BackendService resource for the targetSslProxy."
-    }
-   }
-  },
-  "TargetSslProxiesSetProxyHeaderRequest": {
-   "id": "TargetSslProxiesSetProxyHeaderRequest",
-   "type": "object",
-   "properties": {
-    "proxyHeader": {
-     "type": "string",
-     "description": "The new type of proxy header to append before sending data to the backend. NONE or PROXY_V1 are allowed.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "TargetSslProxiesSetSslCertificatesRequest": {
-   "id": "TargetSslProxiesSetSslCertificatesRequest",
-   "type": "object",
-   "properties": {
-    "sslCertificates": {
-     "type": "array",
-     "description": "New set of URLs to SslCertificate resources to associate with this TargetSslProxy. Currently exactly one ssl certificate must be specified.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "TargetSslProxy": {
-   "id": "TargetSslProxy",
-   "type": "object",
-   "description": "A TargetSslProxy resource. This resource defines an SSL proxy. (== resource_for beta.targetSslProxies ==) (== resource_for v1.targetSslProxies ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#targetSslProxy for target SSL proxies.",
-     "default": "compute#targetSslProxy"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "proxyHeader": {
-     "type": "string",
-     "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "service": {
-     "type": "string",
-     "description": "URL to the BackendService resource."
-    },
-    "sslCertificates": {
-     "type": "array",
-     "description": "URLs to SslCertificate resources that are used to authenticate connections to Backends. Currently exactly one SSL certificate must be specified.",
-     "items": {
-      "type": "string"
-     }
     },
-    "sslPolicy": {
-     "type": "string",
-     "description": "URL of SslPolicy resource that will be associated with the TargetSslProxy resource. If not set, the TargetSslProxy resource will not have any SSL policy configured."
-    }
-   }
-  },
-  "TargetSslProxyList": {
-   "id": "TargetSslProxyList",
-   "type": "object",
-   "description": "Contains a list of TargetSslProxy resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetSslProxy resources.",
-     "items": {
-      "$ref": "TargetSslProxy"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#targetSslProxyList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetTcpProxiesSetBackendServiceRequest": {
-   "id": "TargetTcpProxiesSetBackendServiceRequest",
-   "type": "object",
-   "properties": {
-    "service": {
-     "type": "string",
-     "description": "The URL of the new BackendService resource for the targetTcpProxy."
-    }
-   }
-  },
-  "TargetTcpProxiesSetProxyHeaderRequest": {
-   "id": "TargetTcpProxiesSetProxyHeaderRequest",
-   "type": "object",
-   "properties": {
-    "proxyHeader": {
-     "type": "string",
-     "description": "The new type of proxy header to append before sending data to the backend. NONE or PROXY_V1 are allowed.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "TargetTcpProxy": {
-   "id": "TargetTcpProxy",
-   "type": "object",
-   "description": "A TargetTcpProxy resource. This resource defines a TCP proxy. (== resource_for beta.targetTcpProxies ==) (== resource_for v1.targetTcpProxies ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#targetTcpProxy for target TCP proxies.",
-     "default": "compute#targetTcpProxy"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "proxyHeader": {
-     "type": "string",
-     "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "service": {
-     "type": "string",
-     "description": "URL to the BackendService resource."
-    }
-   }
-  },
-  "TargetTcpProxyList": {
-   "id": "TargetTcpProxyList",
-   "type": "object",
-   "description": "Contains a list of TargetTcpProxy resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetTcpProxy resources.",
-     "items": {
-      "$ref": "TargetTcpProxy"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#targetTcpProxyList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetVpnGateway": {
-   "id": "TargetVpnGateway",
-   "type": "object",
-   "description": "Represents a Target VPN gateway resource. (== resource_for beta.targetVpnGateways ==) (== resource_for v1.targetVpnGateways ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "forwardingRules": {
-     "type": "array",
-     "description": "[Output Only] A list of URLs to the ForwardingRule resources. ForwardingRules are created using compute.forwardingRules.insert and associated to a VPN gateway.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.",
-     "default": "compute#targetVpnGateway"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an TargetVpnGateway.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this TargetVpnGateway resource. These can be later modified by the setLabels method. Each label key/value must comply with RFC1035. Label values may be empty.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.targetVpnGateways.insert"
-      ]
-     }
-    },
-    "network": {
-     "type": "string",
-     "description": "URL of the network to which this VPN gateway is attached. Provided by the client when the VPN gateway is created.",
-     "annotations": {
-      "required": [
-       "compute.targetVpnGateways.insert"
-      ]
-     }
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the target VPN gateway resides."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the VPN gateway.",
-     "enum": [
-      "CREATING",
-      "DELETING",
-      "FAILED",
-      "READY"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "tunnels": {
-     "type": "array",
-     "description": "[Output Only] A list of URLs to VpnTunnel resources. VpnTunnels are created using compute.vpntunnels.insert method and associated to a VPN gateway.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "TargetVpnGatewayAggregatedList": {
-   "id": "TargetVpnGatewayAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of TargetVpnGateway resources.",
-     "additionalProperties": {
-      "$ref": "TargetVpnGatewaysScopedList",
-      "description": "[Output Only] Name of the scope containing this set of target VPN gateways."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.",
-     "default": "compute#targetVpnGatewayAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "targetSslProxies": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified TargetSslProxy resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetSslProxies.delete",
+          "parameterOrder": [
+            "project",
+            "targetSslProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetSslProxy": {
+              "description": "Name of the TargetSslProxy resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies/{targetSslProxy}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified TargetSslProxy resource. Get a list of available target SSL proxies by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetSslProxies.get",
+          "parameterOrder": [
+            "project",
+            "targetSslProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "targetSslProxy": {
+              "description": "Name of the TargetSslProxy resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies/{targetSslProxy}",
+          "response": {
+            "$ref": "TargetSslProxy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a TargetSslProxy resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetSslProxies.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies",
+          "request": {
+            "$ref": "TargetSslProxy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of TargetSslProxy resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.targetSslProxies.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies",
+          "response": {
+            "$ref": "TargetSslProxyList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setBackendService": {
+          "description": "Changes the BackendService for TargetSslProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetSslProxies.setBackendService",
+          "parameterOrder": [
+            "project",
+            "targetSslProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetSslProxy": {
+              "description": "Name of the TargetSslProxy resource whose BackendService resource is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies/{targetSslProxy}/setBackendService",
+          "request": {
+            "$ref": "TargetSslProxiesSetBackendServiceRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setProxyHeader": {
+          "description": "Changes the ProxyHeaderType for TargetSslProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetSslProxies.setProxyHeader",
+          "parameterOrder": [
+            "project",
+            "targetSslProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetSslProxy": {
+              "description": "Name of the TargetSslProxy resource whose ProxyHeader is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies/{targetSslProxy}/setProxyHeader",
+          "request": {
+            "$ref": "TargetSslProxiesSetProxyHeaderRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setSslCertificates": {
+          "description": "Changes SslCertificates for TargetSslProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetSslProxies.setSslCertificates",
+          "parameterOrder": [
+            "project",
+            "targetSslProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetSslProxy": {
+              "description": "Name of the TargetSslProxy resource whose SslCertificate resource is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies/{targetSslProxy}/setSslCertificates",
+          "request": {
+            "$ref": "TargetSslProxiesSetSslCertificatesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setSslPolicy": {
+          "description": "Sets the SSL policy for TargetSslProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the SSL proxy load balancer. They do not affect the connection between the load balancer and the backends.",
+          "httpMethod": "POST",
+          "id": "compute.targetSslProxies.setSslPolicy",
+          "parameterOrder": [
+            "project",
+            "targetSslProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetSslProxy": {
+              "description": "Name of the TargetSslProxy resource whose SSL policy is to be set. The name must be 1-63 characters long, and comply with RFC1035.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies/{targetSslProxy}/setSslPolicy",
+          "request": {
+            "$ref": "SslPolicyReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.targetSslProxies.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "TargetVpnGatewayList": {
-   "id": "TargetVpnGatewayList",
-   "type": "object",
-   "description": "Contains a list of TargetVpnGateway resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetVpnGateway resources.",
-     "items": {
-      "$ref": "TargetVpnGateway"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.",
-     "default": "compute#targetVpnGatewayList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "targetTcpProxies": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified TargetTcpProxy resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetTcpProxies.delete",
+          "parameterOrder": [
+            "project",
+            "targetTcpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetTcpProxy": {
+              "description": "Name of the TargetTcpProxy resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetTcpProxies/{targetTcpProxy}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified TargetTcpProxy resource. Get a list of available target TCP proxies by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetTcpProxies.get",
+          "parameterOrder": [
+            "project",
+            "targetTcpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "targetTcpProxy": {
+              "description": "Name of the TargetTcpProxy resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetTcpProxies/{targetTcpProxy}",
+          "response": {
+            "$ref": "TargetTcpProxy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a TargetTcpProxy resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetTcpProxies.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetTcpProxies",
+          "request": {
+            "$ref": "TargetTcpProxy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of TargetTcpProxy resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.targetTcpProxies.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetTcpProxies",
+          "response": {
+            "$ref": "TargetTcpProxyList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setBackendService": {
+          "description": "Changes the BackendService for TargetTcpProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetTcpProxies.setBackendService",
+          "parameterOrder": [
+            "project",
+            "targetTcpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetTcpProxy": {
+              "description": "Name of the TargetTcpProxy resource whose BackendService resource is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetTcpProxies/{targetTcpProxy}/setBackendService",
+          "request": {
+            "$ref": "TargetTcpProxiesSetBackendServiceRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setProxyHeader": {
+          "description": "Changes the ProxyHeaderType for TargetTcpProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetTcpProxies.setProxyHeader",
+          "parameterOrder": [
+            "project",
+            "targetTcpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetTcpProxy": {
+              "description": "Name of the TargetTcpProxy resource whose ProxyHeader is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetTcpProxies/{targetTcpProxy}/setProxyHeader",
+          "request": {
+            "$ref": "TargetTcpProxiesSetProxyHeaderRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "TargetVpnGatewaysScopedList": {
-   "id": "TargetVpnGatewaysScopedList",
-   "type": "object",
-   "properties": {
+    },
     "targetVpnGateways": {
-     "type": "array",
-     "description": "[Output Only] List of target vpn gateways contained in this scope.",
-     "items": {
-      "$ref": "TargetVpnGateway"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of addresses when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of target VPN gateways.",
+          "httpMethod": "GET",
+          "id": "compute.targetVpnGateways.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/targetVpnGateways",
+          "response": {
+            "$ref": "TargetVpnGatewayAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified target VPN gateway.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetVpnGateways.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetVpnGateway"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetVpnGateway": {
+              "description": "Name of the target VPN gateway to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetVpnGateways/{targetVpnGateway}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified target VPN gateway. Get a list of available target VPN gateways by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetVpnGateways.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetVpnGateway"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "targetVpnGateway": {
+              "description": "Name of the target VPN gateway to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetVpnGateways/{targetVpnGateway}",
+          "response": {
+            "$ref": "TargetVpnGateway"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a target VPN gateway in the specified project and region using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetVpnGateways.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetVpnGateways",
+          "request": {
+            "$ref": "TargetVpnGateway"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of target VPN gateways available to the specified project and region.",
+          "httpMethod": "GET",
+          "id": "compute.targetVpnGateways.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetVpnGateways",
+          "response": {
+            "$ref": "TargetVpnGatewayList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on a TargetVpnGateway. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.targetVpnGateways.setLabels",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetVpnGateways/{resource}/setLabels",
+          "request": {
+            "$ref": "RegionSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.targetVpnGateways.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetVpnGateways/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "TestFailure": {
-   "id": "TestFailure",
-   "type": "object",
-   "properties": {
-    "actualService": {
-     "type": "string"
     },
-    "expectedService": {
-     "type": "string"
+    "urlMaps": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified UrlMap resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.urlMaps.delete",
+          "parameterOrder": [
+            "project",
+            "urlMap"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "urlMap": {
+              "description": "Name of the UrlMap resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{urlMap}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified UrlMap resource. Get a list of available URL maps by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.urlMaps.get",
+          "parameterOrder": [
+            "project",
+            "urlMap"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "urlMap": {
+              "description": "Name of the UrlMap resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{urlMap}",
+          "response": {
+            "$ref": "UrlMap"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a UrlMap resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.urlMaps.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps",
+          "request": {
+            "$ref": "UrlMap"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "invalidateCache": {
+          "description": "Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap.",
+          "httpMethod": "POST",
+          "id": "compute.urlMaps.invalidateCache",
+          "parameterOrder": [
+            "project",
+            "urlMap"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "urlMap": {
+              "description": "Name of the UrlMap scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{urlMap}/invalidateCache",
+          "request": {
+            "$ref": "CacheInvalidationRule"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of UrlMap resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.urlMaps.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps",
+          "response": {
+            "$ref": "UrlMapList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Patches the specified UrlMap resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.urlMaps.patch",
+          "parameterOrder": [
+            "project",
+            "urlMap"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "urlMap": {
+              "description": "Name of the UrlMap resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{urlMap}",
+          "request": {
+            "$ref": "UrlMap"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.urlMaps.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates the specified UrlMap resource with the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.urlMaps.update",
+          "parameterOrder": [
+            "project",
+            "urlMap"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "urlMap": {
+              "description": "Name of the UrlMap resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{urlMap}",
+          "request": {
+            "$ref": "UrlMap"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "validate": {
+          "description": "Runs static validation for the UrlMap. In particular, the tests of the provided UrlMap will be run. Calling this method does NOT create the UrlMap.",
+          "httpMethod": "POST",
+          "id": "compute.urlMaps.validate",
+          "parameterOrder": [
+            "project",
+            "urlMap"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "urlMap": {
+              "description": "Name of the UrlMap resource to be validated as.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{urlMap}/validate",
+          "request": {
+            "$ref": "UrlMapsValidateRequest"
+          },
+          "response": {
+            "$ref": "UrlMapsValidateResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
+      }
     },
-    "host": {
-     "type": "string"
+    "vpnTunnels": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of VPN tunnels.",
+          "httpMethod": "GET",
+          "id": "compute.vpnTunnels.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/vpnTunnels",
+          "response": {
+            "$ref": "VpnTunnelAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified VpnTunnel resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.vpnTunnels.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "vpnTunnel"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "vpnTunnel": {
+              "description": "Name of the VpnTunnel resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/vpnTunnels/{vpnTunnel}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified VpnTunnel resource. Get a list of available VPN tunnels by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.vpnTunnels.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "vpnTunnel"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "vpnTunnel": {
+              "description": "Name of the VpnTunnel resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/vpnTunnels/{vpnTunnel}",
+          "response": {
+            "$ref": "VpnTunnel"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a VpnTunnel resource in the specified project and region using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.vpnTunnels.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/vpnTunnels",
+          "request": {
+            "$ref": "VpnTunnel"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of VpnTunnel resources contained in the specified project and region.",
+          "httpMethod": "GET",
+          "id": "compute.vpnTunnels.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/vpnTunnels",
+          "response": {
+            "$ref": "VpnTunnelList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on a VpnTunnel. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.vpnTunnels.setLabels",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/vpnTunnels/{resource}/setLabels",
+          "request": {
+            "$ref": "RegionSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "testIamPermissions": {
+          "description": "Returns permissions that a caller has on the specified resource.",
+          "httpMethod": "POST",
+          "id": "compute.vpnTunnels.testIamPermissions",
+          "parameterOrder": [
+            "project",
+            "region",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "The name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/vpnTunnels/{resource}/testIamPermissions",
+          "request": {
+            "$ref": "TestPermissionsRequest"
+          },
+          "response": {
+            "$ref": "TestPermissionsResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
+      }
     },
-    "path": {
-     "type": "string"
-    }
-   }
-  },
-  "TestPermissionsRequest": {
-   "id": "TestPermissionsRequest",
-   "type": "object",
-   "properties": {
-    "permissions": {
-     "type": "array",
-     "description": "The set of permissions to check for the 'resource'. Permissions with wildcards (such as '*' or 'storage.*') are not allowed.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "TestPermissionsResponse": {
-   "id": "TestPermissionsResponse",
-   "type": "object",
-   "properties": {
-    "permissions": {
-     "type": "array",
-     "description": "A subset of `TestPermissionsRequest.permissions` that the caller is allowed.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "UDPHealthCheck": {
-   "id": "UDPHealthCheck",
-   "type": "object",
-   "properties": {
-    "port": {
-     "type": "integer",
-     "description": "The UDP port number for the health check request. Valid values are 1 through 65535.",
-     "format": "int32"
-    },
-    "portName": {
-     "type": "string",
-     "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence."
-    },
-    "request": {
-     "type": "string",
-     "description": "Raw data of request to send in payload of UDP packet. It is an error if this is empty. The request data can only be ASCII."
-    },
-    "response": {
-     "type": "string",
-     "description": "The bytes to match against the beginning of the response data. It is an error if this is empty. The response data can only be ASCII."
-    }
-   }
-  },
-  "UrlMap": {
-   "id": "UrlMap",
-   "type": "object",
-   "description": "A UrlMap resource. This resource defines the mapping from URL to the BackendService resource, based on the \"longest-match\" of the URL's host and path.",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "defaultService": {
-     "type": "string",
-     "description": "The URL of the BackendService resource if none of the hostRules match."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap.",
-     "format": "byte"
-    },
-    "hostRules": {
-     "type": "array",
-     "description": "The list of HostRules to use against the URL.",
-     "items": {
-      "$ref": "HostRule"
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#urlMaps for url maps.",
-     "default": "compute#urlMap"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "pathMatchers": {
-     "type": "array",
-     "description": "The list of named PathMatchers to use against the URL.",
-     "items": {
-      "$ref": "PathMatcher"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "tests": {
-     "type": "array",
-     "description": "The list of expected URL mappings. Request to update this UrlMap will succeed only if all of the test cases pass.",
-     "items": {
-      "$ref": "UrlMapTest"
-     }
-    }
-   }
-  },
-  "UrlMapList": {
-   "id": "UrlMapList",
-   "type": "object",
-   "description": "Contains a list of UrlMap resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of UrlMap resources.",
-     "items": {
-      "$ref": "UrlMap"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#urlMapList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "zoneOperations": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified zone-specific Operations resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.zoneOperations.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "operation"
+          ],
+          "parameters": {
+            "operation": {
+              "description": "Name of the Operations resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/operations/{operation}",
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Retrieves the specified zone-specific Operations resource.",
+          "httpMethod": "GET",
+          "id": "compute.zoneOperations.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "operation"
+          ],
+          "parameters": {
+            "operation": {
+              "description": "Name of the Operations resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/operations/{operation}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of Operation resources contained within the specified zone.",
+          "httpMethod": "GET",
+          "id": "compute.zoneOperations.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/operations",
+          "response": {
+            "$ref": "OperationList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
+      }
+    },
+    "zones": {
+      "methods": {
+        "get": {
+          "description": "Returns the specified Zone resource. Get a list of available zones by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.zones.get",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}",
+          "response": {
+            "$ref": "Zone"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of Zone resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.zones.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones",
+          "response": {
+            "$ref": "ZoneList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "UrlMapReference": {
-   "id": "UrlMapReference",
-   "type": "object",
-   "properties": {
-    "urlMap": {
-     "type": "string"
-    }
-   }
-  },
-  "UrlMapTest": {
-   "id": "UrlMapTest",
-   "type": "object",
-   "description": "Message for the expected URL mappings.",
-   "properties": {
-    "description": {
-     "type": "string",
-     "description": "Description of this test case."
-    },
-    "host": {
-     "type": "string",
-     "description": "Host portion of the URL."
-    },
-    "path": {
-     "type": "string",
-     "description": "Path portion of the URL."
-    },
-    "service": {
-     "type": "string",
-     "description": "Expected BackendService resource the given URL should be mapped to."
     }
-   }
   },
-  "UrlMapValidationResult": {
-   "id": "UrlMapValidationResult",
-   "type": "object",
-   "description": "Message representing the validation result for a UrlMap.",
-   "properties": {
-    "loadErrors": {
-     "type": "array",
-     "items": {
-      "type": "string"
-     }
+  "revision": "20180220",
+  "rootUrl": "https://www.googleapis.com/",
+  "schemas": {
+    "AcceleratorConfig": {
+      "description": "A specification of the type and number of accelerator cards attached to the instance.",
+      "id": "AcceleratorConfig",
+      "properties": {
+        "acceleratorCount": {
+          "description": "The number of the guest accelerator cards exposed to this instance.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "acceleratorType": {
+          "description": "Full or partial URL of the accelerator type resource to attach to this instance. If you are creating an instance template, specify only the accelerator name.",
+          "type": "string"
+        }
+      },
+      "type": "object"
     },
-    "loadSucceeded": {
-     "type": "boolean",
-     "description": "Whether the given UrlMap can be successfully loaded. If false, 'loadErrors' indicates the reasons."
+    "AcceleratorType": {
+      "description": "An Accelerator Type resource. (== resource_for beta.acceleratorTypes ==) (== resource_for v1.acceleratorTypes ==)",
+      "id": "AcceleratorType",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "deprecated": {
+          "$ref": "DeprecationStatus",
+          "description": "[Output Only] The deprecation status associated with this accelerator type."
+        },
+        "description": {
+          "description": "[Output Only] An optional textual description of the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#acceleratorType",
+          "description": "[Output Only] The type of the resource. Always compute#acceleratorType for accelerator types.",
+          "type": "string"
+        },
+        "maximumCardsPerInstance": {
+          "description": "[Output Only] Maximum accelerator cards allowed per instance.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined fully-qualified URL for this resource.",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] The name of the zone where the accelerator type resides, such as us-central1-a. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        }
+      },
+      "type": "object"
     },
-    "testFailures": {
-     "type": "array",
-     "items": {
-      "$ref": "TestFailure"
-     }
+    "AcceleratorTypeAggregatedList": {
+      "id": "AcceleratorTypeAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "AcceleratorTypesScopedList",
+            "description": "[Output Only] Name of the scope containing this set of accelerator types."
+          },
+          "description": "A list of AcceleratorTypesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#acceleratorTypeAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#acceleratorTypeAggregatedList for aggregated lists of accelerator types.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
     },
-    "testPassed": {
-     "type": "boolean",
-     "description": "If successfully loaded, this field indicates whether the test passed. If false, 'testFailures's indicate the reason of failure."
-    }
-   }
-  },
-  "UrlMapsValidateRequest": {
-   "id": "UrlMapsValidateRequest",
-   "type": "object",
-   "properties": {
-    "resource": {
-     "$ref": "UrlMap",
-     "description": "Content of the UrlMap to be validated."
-    }
-   }
-  },
-  "UrlMapsValidateResponse": {
-   "id": "UrlMapsValidateResponse",
-   "type": "object",
-   "properties": {
-    "result": {
-     "$ref": "UrlMapValidationResult"
-    }
-   }
-  },
-  "UsageExportLocation": {
-   "id": "UsageExportLocation",
-   "type": "object",
-   "description": "The location in Cloud Storage and naming method of the daily usage report. Contains bucket_name and report_name prefix.",
-   "properties": {
-    "bucketName": {
-     "type": "string",
-     "description": "The name of an existing bucket in Cloud Storage where the usage report object is stored. The Google Service Account is granted write access to this bucket. This can either be the bucket name by itself, such as example-bucket, or the bucket name with gs:// or https://storage.googleapis.com/ in front of it, such as gs://example-bucket."
-    },
-    "reportNamePrefix": {
-     "type": "string",
-     "description": "An optional prefix for the name of the usage report object stored in bucketName. If not supplied, defaults to usage. The report is stored as a CSV file named report_name_prefix_gce_YYYYMMDD.csv where YYYYMMDD is the day of the usage according to Pacific Time. If you supply a prefix, it should conform to Cloud Storage object naming conventions."
-    }
-   }
-  },
-  "VpnTunnel": {
-   "id": "VpnTunnel",
-   "type": "object",
-   "description": "VPN tunnel resource. (== resource_for beta.vpnTunnels ==) (== resource_for v1.vpnTunnels ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "detailedStatus": {
-     "type": "string",
-     "description": "[Output Only] Detailed status message for the VPN tunnel."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "ikeVersion": {
-     "type": "integer",
-     "description": "IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.",
-     "format": "int32"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.",
-     "default": "compute#vpnTunnel"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a VpnTunnel.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this VpnTunnel. These can be later modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.",
-     "additionalProperties": {
-      "type": "string"
-     }
+    "AcceleratorTypeList": {
+      "description": "Contains a list of accelerator types.",
+      "id": "AcceleratorTypeList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of AcceleratorType resources.",
+          "items": {
+            "$ref": "AcceleratorType"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#acceleratorTypeList",
+          "description": "[Output Only] Type of resource. Always compute#acceleratorTypeList for lists of accelerator types.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
     },
-    "localTrafficSelector": {
-     "type": "array",
-     "description": "Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example: 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.vpnTunnels.insert"
-      ]
-     }
-    },
-    "peerIp": {
-     "type": "string",
-     "description": "IP address of the peer VPN gateway. Only IPv4 is supported."
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the VPN tunnel resides."
-    },
-    "remoteTrafficSelector": {
-     "type": "array",
-     "description": "Remote traffic selectors to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example: 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "router": {
-     "type": "string",
-     "description": "URL of router resource to be used for dynamic routing."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sharedSecret": {
-     "type": "string",
-     "description": "Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway."
-    },
-    "sharedSecretHash": {
-     "type": "string",
-     "description": "Hash of the shared secret."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the VPN tunnel.",
-     "enum": [
-      "ALLOCATING_RESOURCES",
-      "AUTHORIZATION_ERROR",
-      "DEPROVISIONING",
-      "ESTABLISHED",
-      "FAILED",
-      "FIRST_HANDSHAKE",
-      "NEGOTIATION_FAILURE",
-      "NETWORK_ERROR",
-      "NO_INCOMING_PACKETS",
-      "PROVISIONING",
-      "REJECTED",
-      "WAITING_FOR_FULL_CONFIG"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "targetVpnGateway": {
-     "type": "string",
-     "description": "URL of the VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created.",
-     "annotations": {
-      "required": [
-       "compute.vpnTunnels.insert"
-      ]
-     }
-    }
-   }
-  },
-  "VpnTunnelAggregatedList": {
-   "id": "VpnTunnelAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of VpnTunnelsScopedList resources.",
-     "additionalProperties": {
-      "$ref": "VpnTunnelsScopedList",
-      "description": "Name of the scope containing this set of vpn tunnels."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.",
-     "default": "compute#vpnTunnelAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "VpnTunnelList": {
-   "id": "VpnTunnelList",
-   "type": "object",
-   "description": "Contains a list of VpnTunnel resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of VpnTunnel resources.",
-     "items": {
-      "$ref": "VpnTunnel"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.",
-     "default": "compute#vpnTunnelList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "VpnTunnelsScopedList": {
-   "id": "VpnTunnelsScopedList",
-   "type": "object",
-   "properties": {
-    "vpnTunnels": {
-     "type": "array",
-     "description": "List of vpn tunnels contained in this scope.",
-     "items": {
-      "$ref": "VpnTunnel"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of addresses when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "XpnHostList": {
-   "id": "XpnHostList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "[Output Only] A list of shared VPC host project URLs.",
-     "items": {
-      "$ref": "Project"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#xpnHostList for lists of shared VPC hosts.",
-     "default": "compute#xpnHostList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "XpnResourceId": {
-   "id": "XpnResourceId",
-   "type": "object",
-   "description": "Service resource (a.k.a service project) ID.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "The ID of the service resource. In the case of projects, this field matches the project ID (e.g., my-project), not the project number (e.g., 12345678)."
-    },
-    "type": {
-     "type": "string",
-     "description": "The type of the service resource.",
-     "enum": [
-      "PROJECT",
-      "XPN_RESOURCE_TYPE_UNSPECIFIED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "Zone": {
-   "id": "Zone",
-   "type": "object",
-   "description": "A Zone resource. (== resource_for beta.zones ==) (== resource_for v1.zones ==)",
-   "properties": {
-    "availableCpuPlatforms": {
-     "type": "array",
-     "description": "[Output Only] Available cpu/platform selections for the zone.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "deprecated": {
-     "$ref": "DeprecationStatus",
-     "description": "[Output Only] The deprecation status associated with this zone."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] Textual description of the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#zone for zones.",
-     "default": "compute#zone"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource."
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] Full URL reference to the region which hosts the zone."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] Status of the zone, either UP or DOWN.",
-     "enum": [
-      "DOWN",
-      "UP"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "ZoneList": {
-   "id": "ZoneList",
-   "type": "object",
-   "description": "Contains a list of zone resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Zone resources.",
-     "items": {
-      "$ref": "Zone"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#zoneList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "ZoneSetLabelsRequest": {
-   "id": "ZoneSetLabelsRequest",
-   "type": "object",
-   "properties": {
-    "labelFingerprint": {
-     "type": "string",
-     "description": "The fingerprint of the previous set of labels for this resource, used to detect conflicts. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. Make a get() request to the resource to get the latest fingerprint.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "The labels to set for this resource.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    }
-   }
-  }
- },
- "resources": {
-  "acceleratorTypes": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.acceleratorTypes.aggregatedList",
-     "path": "{project}/aggregated/acceleratorTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of accelerator types.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "AcceleratorTypeAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "get": {
-     "id": "compute.acceleratorTypes.get",
-     "path": "{project}/zones/{zone}/acceleratorTypes/{acceleratorType}",
-     "httpMethod": "GET",
-     "description": "Returns the specified accelerator type. Get a list of available accelerator types by making a list() request.",
-     "parameters": {
-      "acceleratorType": {
-       "type": "string",
-       "description": "Name of the accelerator type to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "acceleratorType"
-     ],
-     "response": {
-      "$ref": "AcceleratorType"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.acceleratorTypes.list",
-     "path": "{project}/zones/{zone}/acceleratorTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of accelerator types available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "AcceleratorTypeList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "addresses": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.addresses.aggregatedList",
-     "path": "{project}/aggregated/addresses",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of addresses.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "AddressAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.addresses.delete",
-     "path": "{project}/regions/{region}/addresses/{address}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified address resource.",
-     "parameters": {
-      "address": {
-       "type": "string",
-       "description": "Name of the address resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "address"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.addresses.get",
-     "path": "{project}/regions/{region}/addresses/{address}",
-     "httpMethod": "GET",
-     "description": "Returns the specified address resource.",
-     "parameters": {
-      "address": {
-       "type": "string",
-       "description": "Name of the address resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "address"
-     ],
-     "response": {
-      "$ref": "Address"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.addresses.insert",
-     "path": "{project}/regions/{region}/addresses",
-     "httpMethod": "POST",
-     "description": "Creates an address resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Address"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.addresses.list",
-     "path": "{project}/regions/{region}/addresses",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of addresses contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "AddressList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.addresses.setLabels",
-     "path": "{project}/regions/{region}/addresses/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on an Address. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "RegionSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.addresses.testIamPermissions",
-     "path": "{project}/regions/{region}/addresses/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "autoscalers": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.autoscalers.aggregatedList",
-     "path": "{project}/aggregated/autoscalers",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of autoscalers.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "AutoscalerAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.autoscalers.delete",
-     "path": "{project}/zones/{zone}/autoscalers/{autoscaler}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified autoscaler.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "autoscaler"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.autoscalers.get",
-     "path": "{project}/zones/{zone}/autoscalers/{autoscaler}",
-     "httpMethod": "GET",
-     "description": "Returns the specified autoscaler resource. Get a list of available autoscalers by making a list() request.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "autoscaler"
-     ],
-     "response": {
-      "$ref": "Autoscaler"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.autoscalers.insert",
-     "path": "{project}/zones/{zone}/autoscalers",
-     "httpMethod": "POST",
-     "description": "Creates an autoscaler in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "Autoscaler"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.autoscalers.list",
-     "path": "{project}/zones/{zone}/autoscalers",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of autoscalers contained within the specified zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "AutoscalerList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.autoscalers.patch",
-     "path": "{project}/zones/{zone}/autoscalers",
-     "httpMethod": "PATCH",
-     "description": "Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to patch.",
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "Autoscaler"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.autoscalers.testIamPermissions",
-     "path": "{project}/zones/{zone}/autoscalers/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.autoscalers.update",
-     "path": "{project}/zones/{zone}/autoscalers",
-     "httpMethod": "PUT",
-     "description": "Updates an autoscaler in the specified project using the data included in the request.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to update.",
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "Autoscaler"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "backendBuckets": {
-   "methods": {
-    "addSignedUrlKey": {
-     "id": "compute.backendBuckets.addSignedUrlKey",
-     "path": "{project}/global/backendBuckets/{backendBucket}/addSignedUrlKey",
-     "httpMethod": "POST",
-     "description": "Adds the given Signed URL Key to the backend bucket.",
-     "parameters": {
-      "backendBucket": {
-       "type": "string",
-       "description": "Name of the BackendBucket resource to which the Signed URL Key should be added. The name should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendBucket"
-     ],
-     "request": {
-      "$ref": "SignedUrlKey"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "delete": {
-     "id": "compute.backendBuckets.delete",
-     "path": "{project}/global/backendBuckets/{backendBucket}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified BackendBucket resource.",
-     "parameters": {
-      "backendBucket": {
-       "type": "string",
-       "description": "Name of the BackendBucket resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendBucket"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "deleteSignedUrlKey": {
-     "id": "compute.backendBuckets.deleteSignedUrlKey",
-     "path": "{project}/global/backendBuckets/{backendBucket}/deleteSignedUrlKey",
-     "httpMethod": "POST",
-     "description": "Deletes the given Signed URL Key from the backend bucket.",
-     "parameters": {
-      "backendBucket": {
-       "type": "string",
-       "description": "Name of the BackendBucket resource to which the Signed URL Key should be added. The name should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "keyName": {
-       "type": "string",
-       "description": "The name of the Signed URL Key to delete.",
-       "required": true,
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendBucket",
-      "keyName"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.backendBuckets.get",
-     "path": "{project}/global/backendBuckets/{backendBucket}",
-     "httpMethod": "GET",
-     "description": "Returns the specified BackendBucket resource. Get a list of available backend buckets by making a list() request.",
-     "parameters": {
-      "backendBucket": {
-       "type": "string",
-       "description": "Name of the BackendBucket resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendBucket"
-     ],
-     "response": {
-      "$ref": "BackendBucket"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.backendBuckets.insert",
-     "path": "{project}/global/backendBuckets",
-     "httpMethod": "POST",
-     "description": "Creates a BackendBucket resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "BackendBucket"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.backendBuckets.list",
-     "path": "{project}/global/backendBuckets",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of BackendBucket resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "BackendBucketList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.backendBuckets.patch",
-     "path": "{project}/global/backendBuckets/{backendBucket}",
-     "httpMethod": "PATCH",
-     "description": "Updates the specified BackendBucket resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "backendBucket": {
-       "type": "string",
-       "description": "Name of the BackendBucket resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendBucket"
-     ],
-     "request": {
-      "$ref": "BackendBucket"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "update": {
-     "id": "compute.backendBuckets.update",
-     "path": "{project}/global/backendBuckets/{backendBucket}",
-     "httpMethod": "PUT",
-     "description": "Updates the specified BackendBucket resource with the data included in the request.",
-     "parameters": {
-      "backendBucket": {
-       "type": "string",
-       "description": "Name of the BackendBucket resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendBucket"
-     ],
-     "request": {
-      "$ref": "BackendBucket"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "backendServices": {
-   "methods": {
-    "addSignedUrlKey": {
-     "id": "compute.backendServices.addSignedUrlKey",
-     "path": "{project}/global/backendServices/{backendService}/addSignedUrlKey",
-     "httpMethod": "POST",
-     "description": "Adds the given Signed URL Key to the specified backend service.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to which the Signed URL Key should be added. The name should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "SignedUrlKey"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "aggregatedList": {
-     "id": "compute.backendServices.aggregatedList",
-     "path": "{project}/aggregated/backendServices",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of all BackendService resources, regional and global, available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Name of the project scoping this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "BackendServiceAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.backendServices.delete",
-     "path": "{project}/global/backendServices/{backendService}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified BackendService resource.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "deleteSignedUrlKey": {
-     "id": "compute.backendServices.deleteSignedUrlKey",
-     "path": "{project}/global/backendServices/{backendService}/deleteSignedUrlKey",
-     "httpMethod": "POST",
-     "description": "Deletes the given Signed URL Key from the specified backend service.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to which the Signed URL Key should be added. The name should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "keyName": {
-       "type": "string",
-       "description": "The name of the Signed URL Key to delete.",
-       "required": true,
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService",
-      "keyName"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.backendServices.get",
-     "path": "{project}/global/backendServices/{backendService}",
-     "httpMethod": "GET",
-     "description": "Returns the specified BackendService resource. Get a list of available backend services by making a list() request.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService"
-     ],
-     "response": {
-      "$ref": "BackendService"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getHealth": {
-     "id": "compute.backendServices.getHealth",
-     "path": "{project}/global/backendServices/{backendService}/getHealth",
-     "httpMethod": "POST",
-     "description": "Gets the most recent health check results for this BackendService.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to which the queried instance belongs.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "ResourceGroupReference"
-     },
-     "response": {
-      "$ref": "BackendServiceGroupHealth"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.backendServices.insert",
-     "path": "{project}/global/backendServices",
-     "httpMethod": "POST",
-     "description": "Creates a BackendService resource in the specified project using the data included in the request. There are several restrictions and guidelines to keep in mind when creating a backend service. Read  Restrictions and Guidelines for more information.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "BackendService"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.backendServices.list",
-     "path": "{project}/global/backendServices",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of BackendService resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "BackendServiceList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.backendServices.patch",
-     "path": "{project}/global/backendServices/{backendService}",
-     "httpMethod": "PATCH",
-     "description": "Patches the specified BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "BackendService"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setSecurityPolicy": {
-     "id": "compute.backendServices.setSecurityPolicy",
-     "path": "{project}/global/backendServices/{backendService}/setSecurityPolicy",
-     "httpMethod": "POST",
-     "description": "Sets the security policy for the specified backend service.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to which the security policy should be set. The name should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "SecurityPolicyReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.backendServices.testIamPermissions",
-     "path": "{project}/global/backendServices/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.backendServices.update",
-     "path": "{project}/global/backendServices/{backendService}",
-     "httpMethod": "PUT",
-     "description": "Updates the specified BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "BackendService"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "diskTypes": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.diskTypes.aggregatedList",
-     "path": "{project}/aggregated/diskTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of disk types.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "DiskTypeAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "get": {
-     "id": "compute.diskTypes.get",
-     "path": "{project}/zones/{zone}/diskTypes/{diskType}",
-     "httpMethod": "GET",
-     "description": "Returns the specified disk type. Get a list of available disk types by making a list() request.",
-     "parameters": {
-      "diskType": {
-       "type": "string",
-       "description": "Name of the disk type to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "diskType"
-     ],
-     "response": {
-      "$ref": "DiskType"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.diskTypes.list",
-     "path": "{project}/zones/{zone}/diskTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of disk types available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "DiskTypeList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "disks": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.disks.aggregatedList",
-     "path": "{project}/aggregated/disks",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of persistent disks.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "DiskAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "createSnapshot": {
-     "id": "compute.disks.createSnapshot",
-     "path": "{project}/zones/{zone}/disks/{disk}/createSnapshot",
-     "httpMethod": "POST",
-     "description": "Creates a snapshot of a specified persistent disk.",
-     "parameters": {
-      "disk": {
-       "type": "string",
-       "description": "Name of the persistent disk to snapshot.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "guestFlush": {
-       "type": "boolean",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "disk"
-     ],
-     "request": {
-      "$ref": "Snapshot"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "delete": {
-     "id": "compute.disks.delete",
-     "path": "{project}/zones/{zone}/disks/{disk}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified persistent disk. Deleting a disk removes its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.",
-     "parameters": {
-      "disk": {
-       "type": "string",
-       "description": "Name of the persistent disk to delete.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "disk"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.disks.get",
-     "path": "{project}/zones/{zone}/disks/{disk}",
-     "httpMethod": "GET",
-     "description": "Returns a specified persistent disk. Get a list of available persistent disks by making a list() request.",
-     "parameters": {
-      "disk": {
-       "type": "string",
-       "description": "Name of the persistent disk to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "disk"
-     ],
-     "response": {
-      "$ref": "Disk"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.disks.insert",
-     "path": "{project}/zones/{zone}/disks",
-     "httpMethod": "POST",
-     "description": "Creates a persistent disk in the specified project using the data in the request. You can create a disk with a sourceImage, a sourceSnapshot, or create an empty 500 GB data disk by omitting all properties. You can also create a disk that is larger than the default size by specifying the sizeGb property.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "sourceImage": {
-       "type": "string",
-       "description": "Optional. Source image to restore onto a disk.",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "Disk"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.disks.list",
-     "path": "{project}/zones/{zone}/disks",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of persistent disks contained within the specified zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "DiskList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "resize": {
-     "id": "compute.disks.resize",
-     "path": "{project}/zones/{zone}/disks/{disk}/resize",
-     "httpMethod": "POST",
-     "description": "Resizes the specified persistent disk. You can only increase the size of the disk.",
-     "parameters": {
-      "disk": {
-       "type": "string",
-       "description": "The name of the persistent disk.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "disk"
-     ],
-     "request": {
-      "$ref": "DisksResizeRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.disks.setLabels",
-     "path": "{project}/zones/{zone}/disks/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on a disk. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "ZoneSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.disks.testIamPermissions",
-     "path": "{project}/zones/{zone}/disks/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "firewalls": {
-   "methods": {
-    "delete": {
-     "id": "compute.firewalls.delete",
-     "path": "{project}/global/firewalls/{firewall}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified firewall.",
-     "parameters": {
-      "firewall": {
-       "type": "string",
-       "description": "Name of the firewall rule to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "firewall"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.firewalls.get",
-     "path": "{project}/global/firewalls/{firewall}",
-     "httpMethod": "GET",
-     "description": "Returns the specified firewall.",
-     "parameters": {
-      "firewall": {
-       "type": "string",
-       "description": "Name of the firewall rule to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "firewall"
-     ],
-     "response": {
-      "$ref": "Firewall"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.firewalls.insert",
-     "path": "{project}/global/firewalls",
-     "httpMethod": "POST",
-     "description": "Creates a firewall rule in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Firewall"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.firewalls.list",
-     "path": "{project}/global/firewalls",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of firewall rules available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "FirewallList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.firewalls.patch",
-     "path": "{project}/global/firewalls/{firewall}",
-     "httpMethod": "PATCH",
-     "description": "Updates the specified firewall rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "firewall": {
-       "type": "string",
-       "description": "Name of the firewall rule to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "firewall"
-     ],
-     "request": {
-      "$ref": "Firewall"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.firewalls.testIamPermissions",
-     "path": "{project}/global/firewalls/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.firewalls.update",
-     "path": "{project}/global/firewalls/{firewall}",
-     "httpMethod": "PUT",
-     "description": "Updates the specified firewall rule with the data included in the request. Using PUT method, can only update following fields of firewall rule: allowed, description, sourceRanges, sourceTags, targetTags.",
-     "parameters": {
-      "firewall": {
-       "type": "string",
-       "description": "Name of the firewall rule to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "firewall"
-     ],
-     "request": {
-      "$ref": "Firewall"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "forwardingRules": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.forwardingRules.aggregatedList",
-     "path": "{project}/aggregated/forwardingRules",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of forwarding rules.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "ForwardingRuleAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.forwardingRules.delete",
-     "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified ForwardingRule resource.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "forwardingRule"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.forwardingRules.get",
-     "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}",
-     "httpMethod": "GET",
-     "description": "Returns the specified ForwardingRule resource.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "forwardingRule"
-     ],
-     "response": {
-      "$ref": "ForwardingRule"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.forwardingRules.insert",
-     "path": "{project}/regions/{region}/forwardingRules",
-     "httpMethod": "POST",
-     "description": "Creates a ForwardingRule resource in the specified project and region using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "ForwardingRule"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.forwardingRules.list",
-     "path": "{project}/regions/{region}/forwardingRules",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of ForwardingRule resources available to the specified project and region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "ForwardingRuleList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.forwardingRules.setLabels",
-     "path": "{project}/regions/{region}/forwardingRules/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "RegionSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setTarget": {
-     "id": "compute.forwardingRules.setTarget",
-     "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}/setTarget",
-     "httpMethod": "POST",
-     "description": "Changes target URL for forwarding rule. The new target should be of the same type as the old target.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource in which target is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "forwardingRule"
-     ],
-     "request": {
-      "$ref": "TargetReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.forwardingRules.testIamPermissions",
-     "path": "{project}/regions/{region}/forwardingRules/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "globalAddresses": {
-   "methods": {
-    "delete": {
-     "id": "compute.globalAddresses.delete",
-     "path": "{project}/global/addresses/{address}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified address resource.",
-     "parameters": {
-      "address": {
-       "type": "string",
-       "description": "Name of the address resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "address"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.globalAddresses.get",
-     "path": "{project}/global/addresses/{address}",
-     "httpMethod": "GET",
-     "description": "Returns the specified address resource. Get a list of available addresses by making a list() request.",
-     "parameters": {
-      "address": {
-       "type": "string",
-       "description": "Name of the address resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "address"
-     ],
-     "response": {
-      "$ref": "Address"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.globalAddresses.insert",
-     "path": "{project}/global/addresses",
-     "httpMethod": "POST",
-     "description": "Creates an address resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Address"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.globalAddresses.list",
-     "path": "{project}/global/addresses",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of global addresses.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "AddressList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.globalAddresses.setLabels",
-     "path": "{project}/global/addresses/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on a GlobalAddress. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "GlobalSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.globalAddresses.testIamPermissions",
-     "path": "{project}/global/addresses/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "globalForwardingRules": {
-   "methods": {
-    "delete": {
-     "id": "compute.globalForwardingRules.delete",
-     "path": "{project}/global/forwardingRules/{forwardingRule}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified GlobalForwardingRule resource.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "forwardingRule"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.globalForwardingRules.get",
-     "path": "{project}/global/forwardingRules/{forwardingRule}",
-     "httpMethod": "GET",
-     "description": "Returns the specified GlobalForwardingRule resource. Get a list of available forwarding rules by making a list() request.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "forwardingRule"
-     ],
-     "response": {
-      "$ref": "ForwardingRule"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.globalForwardingRules.insert",
-     "path": "{project}/global/forwardingRules",
-     "httpMethod": "POST",
-     "description": "Creates a GlobalForwardingRule resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "ForwardingRule"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.globalForwardingRules.list",
-     "path": "{project}/global/forwardingRules",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of GlobalForwardingRule resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "ForwardingRuleList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.globalForwardingRules.setLabels",
-     "path": "{project}/global/forwardingRules/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on the specified resource. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "GlobalSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setTarget": {
-     "id": "compute.globalForwardingRules.setTarget",
-     "path": "{project}/global/forwardingRules/{forwardingRule}/setTarget",
-     "httpMethod": "POST",
-     "description": "Changes target URL for the GlobalForwardingRule resource. The new target should be of the same type as the old target.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource in which target is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "forwardingRule"
-     ],
-     "request": {
-      "$ref": "TargetReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.globalForwardingRules.testIamPermissions",
-     "path": "{project}/global/forwardingRules/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "globalOperations": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.globalOperations.aggregatedList",
-     "path": "{project}/aggregated/operations",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of all operations.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "OperationAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.globalOperations.delete",
-     "path": "{project}/global/operations/{operation}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified Operations resource.",
-     "parameters": {
-      "operation": {
-       "type": "string",
-       "description": "Name of the Operations resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "operation"
-     ],
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.globalOperations.get",
-     "path": "{project}/global/operations/{operation}",
-     "httpMethod": "GET",
-     "description": "Retrieves the specified Operations resource. Get a list of operations by making a list() request.",
-     "parameters": {
-      "operation": {
-       "type": "string",
-       "description": "Name of the Operations resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "operation"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.globalOperations.list",
-     "path": "{project}/global/operations",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of Operation resources contained within the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "OperationList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "healthChecks": {
-   "methods": {
-    "delete": {
-     "id": "compute.healthChecks.delete",
-     "path": "{project}/global/healthChecks/{healthCheck}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified HealthCheck resource.",
-     "parameters": {
-      "healthCheck": {
-       "type": "string",
-       "description": "Name of the HealthCheck resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "healthCheck"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.healthChecks.get",
-     "path": "{project}/global/healthChecks/{healthCheck}",
-     "httpMethod": "GET",
-     "description": "Returns the specified HealthCheck resource. Get a list of available health checks by making a list() request.",
-     "parameters": {
-      "healthCheck": {
-       "type": "string",
-       "description": "Name of the HealthCheck resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "healthCheck"
-     ],
-     "response": {
-      "$ref": "HealthCheck"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.healthChecks.insert",
-     "path": "{project}/global/healthChecks",
-     "httpMethod": "POST",
-     "description": "Creates a HealthCheck resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "HealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.healthChecks.list",
-     "path": "{project}/global/healthChecks",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of HealthCheck resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "HealthCheckList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.healthChecks.patch",
-     "path": "{project}/global/healthChecks/{healthCheck}",
-     "httpMethod": "PATCH",
-     "description": "Updates a HealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "healthCheck": {
-       "type": "string",
-       "description": "Name of the HealthCheck resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "healthCheck"
-     ],
-     "request": {
-      "$ref": "HealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.healthChecks.testIamPermissions",
-     "path": "{project}/global/healthChecks/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.healthChecks.update",
-     "path": "{project}/global/healthChecks/{healthCheck}",
-     "httpMethod": "PUT",
-     "description": "Updates a HealthCheck resource in the specified project using the data included in the request.",
-     "parameters": {
-      "healthCheck": {
-       "type": "string",
-       "description": "Name of the HealthCheck resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "healthCheck"
-     ],
-     "request": {
-      "$ref": "HealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "httpHealthChecks": {
-   "methods": {
-    "delete": {
-     "id": "compute.httpHealthChecks.delete",
-     "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified HttpHealthCheck resource.",
-     "parameters": {
-      "httpHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpHealthCheck resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpHealthCheck"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.httpHealthChecks.get",
-     "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
-     "httpMethod": "GET",
-     "description": "Returns the specified HttpHealthCheck resource. Get a list of available HTTP health checks by making a list() request.",
-     "parameters": {
-      "httpHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpHealthCheck resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpHealthCheck"
-     ],
-     "response": {
-      "$ref": "HttpHealthCheck"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.httpHealthChecks.insert",
-     "path": "{project}/global/httpHealthChecks",
-     "httpMethod": "POST",
-     "description": "Creates a HttpHealthCheck resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "HttpHealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.httpHealthChecks.list",
-     "path": "{project}/global/httpHealthChecks",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of HttpHealthCheck resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "HttpHealthCheckList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.httpHealthChecks.patch",
-     "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
-     "httpMethod": "PATCH",
-     "description": "Updates a HttpHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "httpHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpHealthCheck resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpHealthCheck"
-     ],
-     "request": {
-      "$ref": "HttpHealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.httpHealthChecks.testIamPermissions",
-     "path": "{project}/global/httpHealthChecks/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.httpHealthChecks.update",
-     "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
-     "httpMethod": "PUT",
-     "description": "Updates a HttpHealthCheck resource in the specified project using the data included in the request.",
-     "parameters": {
-      "httpHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpHealthCheck resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpHealthCheck"
-     ],
-     "request": {
-      "$ref": "HttpHealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "httpsHealthChecks": {
-   "methods": {
-    "delete": {
-     "id": "compute.httpsHealthChecks.delete",
-     "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified HttpsHealthCheck resource.",
-     "parameters": {
-      "httpsHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpsHealthCheck resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpsHealthCheck"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.httpsHealthChecks.get",
-     "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
-     "httpMethod": "GET",
-     "description": "Returns the specified HttpsHealthCheck resource. Get a list of available HTTPS health checks by making a list() request.",
-     "parameters": {
-      "httpsHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpsHealthCheck resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpsHealthCheck"
-     ],
-     "response": {
-      "$ref": "HttpsHealthCheck"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.httpsHealthChecks.insert",
-     "path": "{project}/global/httpsHealthChecks",
-     "httpMethod": "POST",
-     "description": "Creates a HttpsHealthCheck resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "HttpsHealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.httpsHealthChecks.list",
-     "path": "{project}/global/httpsHealthChecks",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of HttpsHealthCheck resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "HttpsHealthCheckList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.httpsHealthChecks.patch",
-     "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
-     "httpMethod": "PATCH",
-     "description": "Updates a HttpsHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "httpsHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpsHealthCheck resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpsHealthCheck"
-     ],
-     "request": {
-      "$ref": "HttpsHealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.httpsHealthChecks.testIamPermissions",
-     "path": "{project}/global/httpsHealthChecks/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.httpsHealthChecks.update",
-     "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
-     "httpMethod": "PUT",
-     "description": "Updates a HttpsHealthCheck resource in the specified project using the data included in the request.",
-     "parameters": {
-      "httpsHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpsHealthCheck resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpsHealthCheck"
-     ],
-     "request": {
-      "$ref": "HttpsHealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "images": {
-   "methods": {
-    "delete": {
-     "id": "compute.images.delete",
-     "path": "{project}/global/images/{image}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified image.",
-     "parameters": {
-      "image": {
-       "type": "string",
-       "description": "Name of the image resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "image"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "deprecate": {
-     "id": "compute.images.deprecate",
-     "path": "{project}/global/images/{image}/deprecate",
-     "httpMethod": "POST",
-     "description": "Sets the deprecation status of an image.\n\nIf an empty request body is given, clears the deprecation status instead.",
-     "parameters": {
-      "image": {
-       "type": "string",
-       "description": "Image name.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "image"
-     ],
-     "request": {
-      "$ref": "DeprecationStatus"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.images.get",
-     "path": "{project}/global/images/{image}",
-     "httpMethod": "GET",
-     "description": "Returns the specified image. Get a list of available images by making a list() request.",
-     "parameters": {
-      "image": {
-       "type": "string",
-       "description": "Name of the image resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "image"
-     ],
-     "response": {
-      "$ref": "Image"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getFromFamily": {
-     "id": "compute.images.getFromFamily",
-     "path": "{project}/global/images/family/{family}",
-     "httpMethod": "GET",
-     "description": "Returns the latest image that is part of an image family and is not deprecated.",
-     "parameters": {
-      "family": {
-       "type": "string",
-       "description": "Name of the image family to search for.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "family"
-     ],
-     "response": {
-      "$ref": "Image"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.images.insert",
-     "path": "{project}/global/images",
-     "httpMethod": "POST",
-     "description": "Creates an image in the specified project using the data included in the request.",
-     "parameters": {
-      "forceCreate": {
-       "type": "boolean",
-       "description": "Force image creation if true.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Image"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/devstorage.full_control",
-      "https://www.googleapis.com/auth/devstorage.read_only",
-      "https://www.googleapis.com/auth/devstorage.read_write"
-     ]
-    },
-    "list": {
-     "id": "compute.images.list",
-     "path": "{project}/global/images",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of custom images available to the specified project. Custom images are images you create that belong to your project. This method does not get any images that belong to other projects, including publicly-available images, like Debian 8. If you want to get a list of publicly-available images, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "ImageList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.images.setLabels",
-     "path": "{project}/global/images/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on an image. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "GlobalSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.images.testIamPermissions",
-     "path": "{project}/global/images/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "instanceGroupManagers": {
-   "methods": {
-    "abandonInstances": {
-     "id": "compute.instanceGroupManagers.abandonInstances",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/abandonInstances",
-     "httpMethod": "POST",
-     "description": "Schedules a group action to remove the specified instances from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersAbandonInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "aggregatedList": {
-     "id": "compute.instanceGroupManagers.aggregatedList",
-     "path": "{project}/aggregated/instanceGroupManagers",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of managed instance groups and groups them by zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InstanceGroupManagerAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.instanceGroupManagers.delete",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified managed instance group and all of the instances in that group. Note that the instance group must not belong to a backend service. Read  Deleting an instance group for more information.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group to delete.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "deleteInstances": {
-     "id": "compute.instanceGroupManagers.deleteInstances",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/deleteInstances",
-     "httpMethod": "POST",
-     "description": "Schedules a group action to delete the specified instances in the managed instance group. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersDeleteInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.instanceGroupManagers.get",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "GET",
-     "description": "Returns all of the details about the specified managed instance group. Get a list of available managed instance groups by making a list() request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "InstanceGroupManager"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.instanceGroupManagers.insert",
-     "path": "{project}/zones/{zone}/instanceGroupManagers",
-     "httpMethod": "POST",
-     "description": "Creates a managed instance group using the information that you specify in the request. After the group is created, it schedules an action to create instances in the group using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.\n\nA managed instance group can have up to 1000 VM instances per group. Please contact Cloud Support if you need an increase in this limit.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where you want to create the managed instance group.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManager"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.instanceGroupManagers.list",
-     "path": "{project}/zones/{zone}/instanceGroupManagers",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of managed instance groups that are contained within the specified project and zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "InstanceGroupManagerList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listManagedInstances": {
-     "id": "compute.instanceGroupManagers.listManagedInstances",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/listManagedInstances",
-     "httpMethod": "POST",
-     "description": "Lists all of the instances in the managed instance group. Each instance in the list has a currentAction, which indicates the action that the managed instance group is performing on the instance. For example, if the group is still creating an instance, the currentAction is CREATING. If a previous action failed, the list displays the errors for that failed action.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "location": "query"
-      },
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "maxResults": {
-       "type": "integer",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "order_by": {
-       "type": "string",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "InstanceGroupManagersListManagedInstancesResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.instanceGroupManagers.patch",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "PATCH",
-     "description": "Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listManagedInstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the instance group manager.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where you want to create the managed instance group.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManager"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "recreateInstances": {
-     "id": "compute.instanceGroupManagers.recreateInstances",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/recreateInstances",
-     "httpMethod": "POST",
-     "description": "Schedules a group action to recreate the specified instances in the managed instance group. The instances are deleted and recreated using the current instance template for the managed instance group. This operation is marked as DONE when the action is scheduled even if the instances have not yet been recreated. You must separately verify the status of the recreating action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersRecreateInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "resize": {
-     "id": "compute.instanceGroupManagers.resize",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/resize",
-     "httpMethod": "POST",
-     "description": "Resizes the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "size": {
-       "type": "integer",
-       "description": "The number of running instances that the managed instance group should maintain at any given time. The group automatically adds or removes instances to maintain the number of instances specified by this parameter.",
-       "required": true,
-       "format": "int32",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager",
-      "size"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "resizeAdvanced": {
-     "id": "compute.instanceGroupManagers.resizeAdvanced",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/resizeAdvanced",
-     "httpMethod": "POST",
-     "description": "Resizes the managed instance group with advanced configuration options like disabling creation retries. This is an extended version of the resize method.\n\nIf you increase the size of the instance group, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating, creatingWithoutRetries, or deleting actions with the get or listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersResizeAdvancedRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setAutoHealingPolicies": {
-     "id": "compute.instanceGroupManagers.setAutoHealingPolicies",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/setAutoHealingPolicies",
-     "httpMethod": "POST",
-     "description": "Modifies the autohealing policies.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the instance group manager.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersSetAutoHealingRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setInstanceTemplate": {
-     "id": "compute.instanceGroupManagers.setInstanceTemplate",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/setInstanceTemplate",
-     "httpMethod": "POST",
-     "description": "Specifies the instance template to use when creating new instances in this group. The templates for existing instances in the group do not change unless you recreate them.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersSetInstanceTemplateRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setTargetPools": {
-     "id": "compute.instanceGroupManagers.setTargetPools",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/setTargetPools",
-     "httpMethod": "POST",
-     "description": "Modifies the target pools to which all instances in this managed instance group are assigned. The target pools automatically apply to all of the instances in the managed instance group. This operation is marked DONE when you make the request even if the instances have not yet been added to their target pools. The change might take some time to apply to all of the instances in the group depending on the size of the group.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersSetTargetPoolsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.instanceGroupManagers.testIamPermissions",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.instanceGroupManagers.update",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "PUT",
-     "description": "Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is updated even if the instances in the group have not yet been updated. You must separately verify the status of the individual instances with the listManagedInstances method.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the instance group manager.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where you want to create the managed instance group.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManager"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "instanceGroups": {
-   "methods": {
-    "addInstances": {
-     "id": "compute.instanceGroups.addInstances",
-     "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/addInstances",
-     "httpMethod": "POST",
-     "description": "Adds a list of instances to the specified instance group. All of the instances in the instance group must be in the same network/subnetwork. Read  Adding instances for more information.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the instance group where you are adding instances.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroup"
-     ],
-     "request": {
-      "$ref": "InstanceGroupsAddInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "aggregatedList": {
-     "id": "compute.instanceGroups.aggregatedList",
-     "path": "{project}/aggregated/instanceGroups",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of instance groups and sorts them by zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InstanceGroupAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.instanceGroups.delete",
-     "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified instance group. The instances in the group are not deleted. Note that instance group must not belong to a backend service. Read  Deleting an instance group for more information.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the instance group to delete.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroup"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.instanceGroups.get",
-     "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}",
-     "httpMethod": "GET",
-     "description": "Returns the specified instance group. Get a list of available instance groups by making a list() request.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroup"
-     ],
-     "response": {
-      "$ref": "InstanceGroup"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.instanceGroups.insert",
-     "path": "{project}/zones/{zone}/instanceGroups",
-     "httpMethod": "POST",
-     "description": "Creates an instance group in the specified project using the parameters that are included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where you want to create the instance group.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "InstanceGroup"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.instanceGroups.list",
-     "path": "{project}/zones/{zone}/instanceGroups",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of instance groups that are located in the specified project and zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "InstanceGroupList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listInstances": {
-     "id": "compute.instanceGroups.listInstances",
-     "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/listInstances",
-     "httpMethod": "POST",
-     "description": "Lists the instances in the specified instance group.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the instance group from which you want to generate a list of included instances.",
-       "required": true,
-       "location": "path"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroup"
-     ],
-     "request": {
-      "$ref": "InstanceGroupsListInstancesRequest"
-     },
-     "response": {
-      "$ref": "InstanceGroupsListInstances"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "removeInstances": {
-     "id": "compute.instanceGroups.removeInstances",
-     "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/removeInstances",
-     "httpMethod": "POST",
-     "description": "Removes one or more instances from the specified instance group, but does not delete those instances.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration before the VM instance is removed or deleted.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the instance group where the specified instances will be removed.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroup"
-     ],
-     "request": {
-      "$ref": "InstanceGroupsRemoveInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setNamedPorts": {
-     "id": "compute.instanceGroups.setNamedPorts",
-     "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/setNamedPorts",
-     "httpMethod": "POST",
-     "description": "Sets the named ports for the specified instance group.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the instance group where the named ports are updated.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroup"
-     ],
-     "request": {
-      "$ref": "InstanceGroupsSetNamedPortsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.instanceGroups.testIamPermissions",
-     "path": "{project}/zones/{zone}/instanceGroups/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "instanceTemplates": {
-   "methods": {
-    "delete": {
-     "id": "compute.instanceTemplates.delete",
-     "path": "{project}/global/instanceTemplates/{instanceTemplate}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified instance template. If you delete an instance template that is being referenced from another instance group, the instance group will not be able to create or recreate virtual machine instances. Deleting an instance template is permanent and cannot be undone.",
-     "parameters": {
-      "instanceTemplate": {
-       "type": "string",
-       "description": "The name of the instance template to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "instanceTemplate"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.instanceTemplates.get",
-     "path": "{project}/global/instanceTemplates/{instanceTemplate}",
-     "httpMethod": "GET",
-     "description": "Returns the specified instance template. Get a list of available instance templates by making a list() request.",
-     "parameters": {
-      "instanceTemplate": {
-       "type": "string",
-       "description": "The name of the instance template.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "instanceTemplate"
-     ],
-     "response": {
-      "$ref": "InstanceTemplate"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.instanceTemplates.insert",
-     "path": "{project}/global/instanceTemplates",
-     "httpMethod": "POST",
-     "description": "Creates an instance template in the specified project using the data that is included in the request. If you are creating a new template to update an existing instance group, your new instance template must use the same network or, if applicable, the same subnetwork as the original template.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "InstanceTemplate"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.instanceTemplates.list",
-     "path": "{project}/global/instanceTemplates",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of instance templates that are contained within the specified project and zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InstanceTemplateList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.instanceTemplates.testIamPermissions",
-     "path": "{project}/global/instanceTemplates/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "instances": {
-   "methods": {
-    "addAccessConfig": {
-     "id": "compute.instances.addAccessConfig",
-     "path": "{project}/zones/{zone}/instances/{instance}/addAccessConfig",
-     "httpMethod": "POST",
-     "description": "Adds an access config to an instance's network interface.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "The instance name for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "networkInterface": {
-       "type": "string",
-       "description": "The name of the network interface to add to this instance.",
-       "required": true,
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance",
-      "networkInterface"
-     ],
-     "request": {
-      "$ref": "AccessConfig"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "aggregatedList": {
-     "id": "compute.instances.aggregatedList",
-     "path": "{project}/aggregated/instances",
-     "httpMethod": "GET",
-     "description": "Retrieves aggregated list of instances.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InstanceAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "attachDisk": {
-     "id": "compute.instances.attachDisk",
-     "path": "{project}/zones/{zone}/instances/{instance}/attachDisk",
-     "httpMethod": "POST",
-     "description": "Attaches an existing Disk resource to an instance. You must first create the disk before you can attach it. It is not possible to create and attach a disk at the same time. For more information, read Adding a persistent disk to your instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "The instance name for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "AttachedDisk"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "delete": {
-     "id": "compute.instances.delete",
-     "path": "{project}/zones/{zone}/instances/{instance}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified Instance resource. For more information, see Stopping or Deleting an Instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "deleteAccessConfig": {
-     "id": "compute.instances.deleteAccessConfig",
-     "path": "{project}/zones/{zone}/instances/{instance}/deleteAccessConfig",
-     "httpMethod": "POST",
-     "description": "Deletes an access config from an instance's network interface.",
-     "parameters": {
-      "accessConfig": {
-       "type": "string",
-       "description": "The name of the access config to delete.",
-       "required": true,
-       "location": "query"
-      },
-      "instance": {
-       "type": "string",
-       "description": "The instance name for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "networkInterface": {
-       "type": "string",
-       "description": "The name of the network interface.",
-       "required": true,
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance",
-      "accessConfig",
-      "networkInterface"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "detachDisk": {
-     "id": "compute.instances.detachDisk",
-     "path": "{project}/zones/{zone}/instances/{instance}/detachDisk",
-     "httpMethod": "POST",
-     "description": "Detaches a disk from an instance.",
-     "parameters": {
-      "deviceName": {
-       "type": "string",
-       "description": "Disk device name to detach.",
-       "required": true,
-       "location": "query"
-      },
-      "instance": {
-       "type": "string",
-       "description": "Instance name.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance",
-      "deviceName"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.instances.get",
-     "path": "{project}/zones/{zone}/instances/{instance}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Instance resource. Get a list of available instances by making a list() request.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "Instance"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getSerialPortOutput": {
-     "id": "compute.instances.getSerialPortOutput",
-     "path": "{project}/zones/{zone}/instances/{instance}/serialPort",
-     "httpMethod": "GET",
-     "description": "Returns the specified instance's serial port output.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "port": {
-       "type": "integer",
-       "description": "Specifies which COM or serial port to retrieve data from.",
-       "default": "1",
-       "format": "int32",
-       "minimum": "1",
-       "maximum": "4",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "start": {
-       "type": "string",
-       "description": "Returns output starting from a specific byte position. Use this to page through output when the output is too large to return in a single request. For the initial request, leave this field unspecified. For subsequent calls, this field should be set to the next value returned in the previous call.",
-       "format": "int64",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "SerialPortOutput"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.instances.insert",
-     "path": "{project}/zones/{zone}/instances",
-     "httpMethod": "POST",
-     "description": "Creates an instance resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "sourceInstanceTemplate": {
-       "type": "string",
-       "description": "Specifies instance template to create the instance.\n\nThis field is optional. It can be a full or partial URL. For example, the following are all valid URLs to an instance template:  \n- https://www.googleapis.com/compute/v1/projects/project/global/global/instanceTemplates/instanceTemplate \n- projects/project/global/global/instanceTemplates/instanceTemplate \n- global/instancesTemplates/instanceTemplate",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "Instance"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.instances.list",
-     "path": "{project}/zones/{zone}/instances",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of instances contained within the specified zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "InstanceList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listReferrers": {
-     "id": "compute.instances.listReferrers",
-     "path": "{project}/zones/{zone}/instances/{instance}/referrers",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of referrers to instances contained within the specified zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "instance": {
-       "type": "string",
-       "description": "Name of the target instance scoping this request, or '-' if the request should span over all instances in the container.",
-       "required": true,
-       "pattern": "-|[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "InstanceListReferrers"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "reset": {
-     "id": "compute.instances.reset",
-     "path": "{project}/zones/{zone}/instances/{instance}/reset",
-     "httpMethod": "POST",
-     "description": "Performs a reset on the instance. For more information, see Resetting an instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setDeletionProtection": {
-     "id": "compute.instances.setDeletionProtection",
-     "path": "{project}/zones/{zone}/instances/{resource}/setDeletionProtection",
-     "httpMethod": "POST",
-     "description": "Sets deletion protection on the instance.",
-     "parameters": {
-      "deletionProtection": {
-       "type": "boolean",
-       "description": "Whether the resource should be protected against deletion.",
-       "default": "true",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setDiskAutoDelete": {
-     "id": "compute.instances.setDiskAutoDelete",
-     "path": "{project}/zones/{zone}/instances/{instance}/setDiskAutoDelete",
-     "httpMethod": "POST",
-     "description": "Sets the auto-delete flag for a disk attached to an instance.",
-     "parameters": {
-      "autoDelete": {
-       "type": "boolean",
-       "description": "Whether to auto-delete the disk when the instance is deleted.",
-       "required": true,
-       "location": "query"
-      },
-      "deviceName": {
-       "type": "string",
-       "description": "The device name of the disk to modify.",
-       "required": true,
-       "pattern": "\\w[\\w.-]{0,254}",
-       "location": "query"
-      },
-      "instance": {
-       "type": "string",
-       "description": "The instance name.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance",
-      "autoDelete",
-      "deviceName"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.instances.setLabels",
-     "path": "{project}/zones/{zone}/instances/{instance}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets labels on an instance. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setMachineResources": {
-     "id": "compute.instances.setMachineResources",
-     "path": "{project}/zones/{zone}/instances/{instance}/setMachineResources",
-     "httpMethod": "POST",
-     "description": "Changes the number and/or type of accelerator for a stopped instance to the values specified in the request.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesSetMachineResourcesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setMachineType": {
-     "id": "compute.instances.setMachineType",
-     "path": "{project}/zones/{zone}/instances/{instance}/setMachineType",
-     "httpMethod": "POST",
-     "description": "Changes the machine type for a stopped instance to the machine type specified in the request.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesSetMachineTypeRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setMetadata": {
-     "id": "compute.instances.setMetadata",
-     "path": "{project}/zones/{zone}/instances/{instance}/setMetadata",
-     "httpMethod": "POST",
-     "description": "Sets metadata for the specified instance to the data included in the request.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "Metadata"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setMinCpuPlatform": {
-     "id": "compute.instances.setMinCpuPlatform",
-     "path": "{project}/zones/{zone}/instances/{instance}/setMinCpuPlatform",
-     "httpMethod": "POST",
-     "description": "Changes the minimum CPU platform that this instance should use. This method can only be called on a stopped instance. For more information, read Specifying a Minimum CPU Platform.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesSetMinCpuPlatformRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setScheduling": {
-     "id": "compute.instances.setScheduling",
-     "path": "{project}/zones/{zone}/instances/{instance}/setScheduling",
-     "httpMethod": "POST",
-     "description": "Sets an instance's scheduling options.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Instance name.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "Scheduling"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setServiceAccount": {
-     "id": "compute.instances.setServiceAccount",
-     "path": "{project}/zones/{zone}/instances/{instance}/setServiceAccount",
-     "httpMethod": "POST",
-     "description": "Sets the service account on the instance. For more information, read Changing the service account and access scopes for an instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to start.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesSetServiceAccountRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setTags": {
-     "id": "compute.instances.setTags",
-     "path": "{project}/zones/{zone}/instances/{instance}/setTags",
-     "httpMethod": "POST",
-     "description": "Sets tags for the specified instance to the data included in the request.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "Tags"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "start": {
-     "id": "compute.instances.start",
-     "path": "{project}/zones/{zone}/instances/{instance}/start",
-     "httpMethod": "POST",
-     "description": "Starts an instance that was stopped using the using the instances().stop method. For more information, see Restart an instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to start.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "startWithEncryptionKey": {
-     "id": "compute.instances.startWithEncryptionKey",
-     "path": "{project}/zones/{zone}/instances/{instance}/startWithEncryptionKey",
-     "httpMethod": "POST",
-     "description": "Starts an instance that was stopped using the using the instances().stop method. For more information, see Restart an instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to start.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesStartWithEncryptionKeyRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "stop": {
-     "id": "compute.instances.stop",
-     "path": "{project}/zones/{zone}/instances/{instance}/stop",
-     "httpMethod": "POST",
-     "description": "Stops a running instance, shutting it down cleanly, and allows you to restart the instance at a later time. Stopped instances do not incur VM usage charges while they are stopped. However, resources that the VM is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted. For more information, see Stopping an instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to stop.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.instances.testIamPermissions",
-     "path": "{project}/zones/{zone}/instances/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "updateAccessConfig": {
-     "id": "compute.instances.updateAccessConfig",
-     "path": "{project}/zones/{zone}/instances/{instance}/updateAccessConfig",
-     "httpMethod": "POST",
-     "description": "Updates the specified access config from an instance's network interface with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "The instance name for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "networkInterface": {
-       "type": "string",
-       "description": "The name of the network interface where the access config is attached.",
-       "required": true,
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance",
-      "networkInterface"
-     ],
-     "request": {
-      "$ref": "AccessConfig"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "updateNetworkInterface": {
-     "id": "compute.instances.updateNetworkInterface",
-     "path": "{project}/zones/{zone}/instances/{instance}/updateNetworkInterface",
-     "httpMethod": "PATCH",
-     "description": "Updates an instance's network interface. This method follows PATCH semantics.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "The instance name for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "networkInterface": {
-       "type": "string",
-       "description": "The name of the network interface to update.",
-       "required": true,
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance",
-      "networkInterface"
-     ],
-     "request": {
-      "$ref": "NetworkInterface"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "interconnectAttachments": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.interconnectAttachments.aggregatedList",
-     "path": "{project}/aggregated/interconnectAttachments",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of interconnect attachments.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InterconnectAttachmentAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.interconnectAttachments.delete",
-     "path": "{project}/regions/{region}/interconnectAttachments/{interconnectAttachment}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified interconnect attachment.",
-     "parameters": {
-      "interconnectAttachment": {
-       "type": "string",
-       "description": "Name of the interconnect attachment to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "interconnectAttachment"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.interconnectAttachments.get",
-     "path": "{project}/regions/{region}/interconnectAttachments/{interconnectAttachment}",
-     "httpMethod": "GET",
-     "description": "Returns the specified interconnect attachment.",
-     "parameters": {
-      "interconnectAttachment": {
-       "type": "string",
-       "description": "Name of the interconnect attachment to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "interconnectAttachment"
-     ],
-     "response": {
-      "$ref": "InterconnectAttachment"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.interconnectAttachments.insert",
-     "path": "{project}/regions/{region}/interconnectAttachments",
-     "httpMethod": "POST",
-     "description": "Creates an InterconnectAttachment in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "InterconnectAttachment"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.interconnectAttachments.list",
-     "path": "{project}/regions/{region}/interconnectAttachments",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of interconnect attachments contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "InterconnectAttachmentList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.interconnectAttachments.testIamPermissions",
-     "path": "{project}/regions/{region}/interconnectAttachments/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "interconnectLocations": {
-   "methods": {
-    "get": {
-     "id": "compute.interconnectLocations.get",
-     "path": "{project}/global/interconnectLocations/{interconnectLocation}",
-     "httpMethod": "GET",
-     "description": "Returns the details for the specified interconnect location. Get a list of available interconnect locations by making a list() request.",
-     "parameters": {
-      "interconnectLocation": {
-       "type": "string",
-       "description": "Name of the interconnect location to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "interconnectLocation"
-     ],
-     "response": {
-      "$ref": "InterconnectLocation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.interconnectLocations.list",
-     "path": "{project}/global/interconnectLocations",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of interconnect locations available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InterconnectLocationList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "interconnects": {
-   "methods": {
-    "delete": {
-     "id": "compute.interconnects.delete",
-     "path": "{project}/global/interconnects/{interconnect}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified interconnect.",
-     "parameters": {
-      "interconnect": {
-       "type": "string",
-       "description": "Name of the interconnect to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "interconnect"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.interconnects.get",
-     "path": "{project}/global/interconnects/{interconnect}",
-     "httpMethod": "GET",
-     "description": "Returns the specified interconnect. Get a list of available interconnects by making a list() request.",
-     "parameters": {
-      "interconnect": {
-       "type": "string",
-       "description": "Name of the interconnect to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "interconnect"
-     ],
-     "response": {
-      "$ref": "Interconnect"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.interconnects.insert",
-     "path": "{project}/global/interconnects",
-     "httpMethod": "POST",
-     "description": "Creates a Interconnect in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Interconnect"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.interconnects.list",
-     "path": "{project}/global/interconnects",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of interconnect available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InterconnectList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.interconnects.patch",
-     "path": "{project}/global/interconnects/{interconnect}",
-     "httpMethod": "PATCH",
-     "description": "Updates the specified interconnect with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "interconnect": {
-       "type": "string",
-       "description": "Name of the interconnect to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "interconnect"
-     ],
-     "request": {
-      "$ref": "Interconnect"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.interconnects.testIamPermissions",
-     "path": "{project}/global/interconnects/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "licenseCodes": {
-   "methods": {
-    "get": {
-     "id": "compute.licenseCodes.get",
-     "path": "{project}/global/licenseCodes/{licenseCode}",
-     "httpMethod": "GET",
-     "description": "Return a specified license code. License codes are mirrored across all projects that have permissions to read the License Code.",
-     "parameters": {
-      "licenseCode": {
-       "type": "string",
-       "description": "Number corresponding to the License code resource to return.",
-       "required": true,
-       "pattern": "[0-9]{0,61}?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "licenseCode"
-     ],
-     "response": {
-      "$ref": "LicenseCode"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "licenses": {
-   "methods": {
-    "delete": {
-     "id": "compute.licenses.delete",
-     "path": "{project}/global/licenses/{license}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified license.",
-     "parameters": {
-      "license": {
-       "type": "string",
-       "description": "Name of the license resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "license"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.licenses.get",
-     "path": "{project}/global/licenses/{license}",
-     "httpMethod": "GET",
-     "description": "Returns the specified License resource.",
-     "parameters": {
-      "license": {
-       "type": "string",
-       "description": "Name of the License resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "license"
-     ],
-     "response": {
-      "$ref": "License"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.licenses.insert",
-     "path": "{project}/global/licenses",
-     "httpMethod": "POST",
-     "description": "Create a License resource in the specified project.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "License"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/devstorage.full_control",
-      "https://www.googleapis.com/auth/devstorage.read_only",
-      "https://www.googleapis.com/auth/devstorage.read_write"
-     ]
-    },
-    "list": {
-     "id": "compute.licenses.list",
-     "path": "{project}/global/licenses",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of licenses available in the specified project. This method does not get any licenses that belong to other projects, including licenses attached to publicly-available images, like Debian 8. If you want to get a list of publicly-available licenses, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "LicensesListResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "machineTypes": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.machineTypes.aggregatedList",
-     "path": "{project}/aggregated/machineTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of machine types.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "MachineTypeAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "get": {
-     "id": "compute.machineTypes.get",
-     "path": "{project}/zones/{zone}/machineTypes/{machineType}",
-     "httpMethod": "GET",
-     "description": "Returns the specified machine type. Get a list of available machine types by making a list() request.",
-     "parameters": {
-      "machineType": {
-       "type": "string",
-       "description": "Name of the machine type to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "machineType"
-     ],
-     "response": {
-      "$ref": "MachineType"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.machineTypes.list",
-     "path": "{project}/zones/{zone}/machineTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of machine types available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "MachineTypeList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "networks": {
-   "methods": {
-    "addPeering": {
-     "id": "compute.networks.addPeering",
-     "path": "{project}/global/networks/{network}/addPeering",
-     "httpMethod": "POST",
-     "description": "Adds a peering to the specified network.",
-     "parameters": {
-      "network": {
-       "type": "string",
-       "description": "Name of the network resource to add peering to.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "network"
-     ],
-     "request": {
-      "$ref": "NetworksAddPeeringRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "delete": {
-     "id": "compute.networks.delete",
-     "path": "{project}/global/networks/{network}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified network.",
-     "parameters": {
-      "network": {
-       "type": "string",
-       "description": "Name of the network to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "network"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.networks.get",
-     "path": "{project}/global/networks/{network}",
-     "httpMethod": "GET",
-     "description": "Returns the specified network. Get a list of available networks by making a list() request.",
-     "parameters": {
-      "network": {
-       "type": "string",
-       "description": "Name of the network to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "network"
-     ],
-     "response": {
-      "$ref": "Network"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.networks.insert",
-     "path": "{project}/global/networks",
-     "httpMethod": "POST",
-     "description": "Creates a network in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Network"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.networks.list",
-     "path": "{project}/global/networks",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of networks available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "NetworkList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.networks.patch",
-     "path": "{project}/global/networks/{network}",
-     "httpMethod": "PATCH",
-     "description": "Patches the specified network with the data included in the request. Only the following fields can be modified: routingConfig.routingMode.",
-     "parameters": {
-      "network": {
-       "type": "string",
-       "description": "Name of the network to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "network"
-     ],
-     "request": {
-      "$ref": "Network"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "removePeering": {
-     "id": "compute.networks.removePeering",
-     "path": "{project}/global/networks/{network}/removePeering",
-     "httpMethod": "POST",
-     "description": "Removes a peering from the specified network.",
-     "parameters": {
-      "network": {
-       "type": "string",
-       "description": "Name of the network resource to remove peering from.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "network"
-     ],
-     "request": {
-      "$ref": "NetworksRemovePeeringRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "switchToCustomMode": {
-     "id": "compute.networks.switchToCustomMode",
-     "path": "{project}/global/networks/{network}/switchToCustomMode",
-     "httpMethod": "POST",
-     "description": "Switches the network mode from auto subnet mode to custom subnet mode.",
-     "parameters": {
-      "network": {
-       "type": "string",
-       "description": "Name of the network to be updated.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "network"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.networks.testIamPermissions",
-     "path": "{project}/global/networks/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "projects": {
-   "methods": {
-    "disableXpnHost": {
-     "id": "compute.projects.disableXpnHost",
-     "path": "{project}/disableXpnHost",
-     "httpMethod": "POST",
-     "description": "Disable this project as a shared VPC host project.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "disableXpnResource": {
-     "id": "compute.projects.disableXpnResource",
-     "path": "{project}/disableXpnResource",
-     "httpMethod": "POST",
-     "description": "Disable a serivce resource (a.k.a service project) associated with this host project.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "ProjectsDisableXpnResourceRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "enableXpnHost": {
-     "id": "compute.projects.enableXpnHost",
-     "path": "{project}/enableXpnHost",
-     "httpMethod": "POST",
-     "description": "Enable this project as a shared VPC host project.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "enableXpnResource": {
-     "id": "compute.projects.enableXpnResource",
-     "path": "{project}/enableXpnResource",
-     "httpMethod": "POST",
-     "description": "Enable service resource (a.k.a service project) for a host project, so that subnets in the host project can be used by instances in the service project.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "ProjectsEnableXpnResourceRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.projects.get",
-     "path": "{project}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Project resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "Project"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getXpnHost": {
-     "id": "compute.projects.getXpnHost",
-     "path": "{project}/getXpnHost",
-     "httpMethod": "GET",
-     "description": "Get the shared VPC host project that this project links to. May be empty if no link exists.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "Project"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "getXpnResources": {
-     "id": "compute.projects.getXpnResources",
-     "path": "{project}/getXpnResources",
-     "httpMethod": "GET",
-     "description": "Get service resources (a.k.a service project) associated with this host project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "order_by": {
-       "type": "string",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "ProjectsGetXpnResources"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "listXpnHosts": {
-     "id": "compute.projects.listXpnHosts",
-     "path": "{project}/listXpnHosts",
-     "httpMethod": "POST",
-     "description": "List all shared VPC host projects visible to the user in an organization.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "order_by": {
-       "type": "string",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "ProjectsListXpnHostsRequest"
-     },
-     "response": {
-      "$ref": "XpnHostList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "moveDisk": {
-     "id": "compute.projects.moveDisk",
-     "path": "{project}/moveDisk",
-     "httpMethod": "POST",
-     "description": "Moves a persistent disk from one zone to another.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "DiskMoveRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "moveInstance": {
-     "id": "compute.projects.moveInstance",
-     "path": "{project}/moveInstance",
-     "httpMethod": "POST",
-     "description": "Moves an instance and its attached persistent disks from one zone to another.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "InstanceMoveRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setCommonInstanceMetadata": {
-     "id": "compute.projects.setCommonInstanceMetadata",
-     "path": "{project}/setCommonInstanceMetadata",
-     "httpMethod": "POST",
-     "description": "Sets metadata common to all instances within the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Metadata"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setUsageExportBucket": {
-     "id": "compute.projects.setUsageExportBucket",
-     "path": "{project}/setUsageExportBucket",
-     "httpMethod": "POST",
-     "description": "Enables the usage export feature and sets the usage export bucket where reports are stored. If you provide an empty request body using this method, the usage export feature will be disabled.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "UsageExportLocation"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/devstorage.full_control",
-      "https://www.googleapis.com/auth/devstorage.read_only",
-      "https://www.googleapis.com/auth/devstorage.read_write"
-     ]
-    }
-   }
-  },
-  "regionAutoscalers": {
-   "methods": {
-    "delete": {
-     "id": "compute.regionAutoscalers.delete",
-     "path": "{project}/regions/{region}/autoscalers/{autoscaler}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified autoscaler.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "autoscaler"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.regionAutoscalers.get",
-     "path": "{project}/regions/{region}/autoscalers/{autoscaler}",
-     "httpMethod": "GET",
-     "description": "Returns the specified autoscaler.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "autoscaler"
-     ],
-     "response": {
-      "$ref": "Autoscaler"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.regionAutoscalers.insert",
-     "path": "{project}/regions/{region}/autoscalers",
-     "httpMethod": "POST",
-     "description": "Creates an autoscaler in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Autoscaler"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.regionAutoscalers.list",
-     "path": "{project}/regions/{region}/autoscalers",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of autoscalers contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "RegionAutoscalerList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.regionAutoscalers.patch",
-     "path": "{project}/regions/{region}/autoscalers",
-     "httpMethod": "PATCH",
-     "description": "Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to patch.",
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Autoscaler"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.regionAutoscalers.testIamPermissions",
-     "path": "{project}/regions/{region}/autoscalers/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.regionAutoscalers.update",
-     "path": "{project}/regions/{region}/autoscalers",
-     "httpMethod": "PUT",
-     "description": "Updates an autoscaler in the specified project using the data included in the request.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to update.",
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Autoscaler"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "regionBackendServices": {
-   "methods": {
-    "delete": {
-     "id": "compute.regionBackendServices.delete",
-     "path": "{project}/regions/{region}/backendServices/{backendService}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified regional BackendService resource.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "backendService"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.regionBackendServices.get",
-     "path": "{project}/regions/{region}/backendServices/{backendService}",
-     "httpMethod": "GET",
-     "description": "Returns the specified regional BackendService resource.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "backendService"
-     ],
-     "response": {
-      "$ref": "BackendService"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getHealth": {
-     "id": "compute.regionBackendServices.getHealth",
-     "path": "{project}/regions/{region}/backendServices/{backendService}/getHealth",
-     "httpMethod": "POST",
-     "description": "Gets the most recent health check results for this regional BackendService.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to which the queried instance belongs.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "ResourceGroupReference"
-     },
-     "response": {
-      "$ref": "BackendServiceGroupHealth"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.regionBackendServices.insert",
-     "path": "{project}/regions/{region}/backendServices",
-     "httpMethod": "POST",
-     "description": "Creates a regional BackendService resource in the specified project using the data included in the request. There are several restrictions and guidelines to keep in mind when creating a regional backend service. Read  Restrictions and Guidelines for more information.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "BackendService"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.regionBackendServices.list",
-     "path": "{project}/regions/{region}/backendServices",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of regional BackendService resources available to the specified project in the given region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "BackendServiceList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.regionBackendServices.patch",
-     "path": "{project}/regions/{region}/backendServices/{backendService}",
-     "httpMethod": "PATCH",
-     "description": "Updates the specified regional BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "BackendService"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.regionBackendServices.testIamPermissions",
-     "path": "{project}/regions/{region}/backendServices/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.regionBackendServices.update",
-     "path": "{project}/regions/{region}/backendServices/{backendService}",
-     "httpMethod": "PUT",
-     "description": "Updates the specified regional BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "BackendService"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "regionCommitments": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.regionCommitments.aggregatedList",
-     "path": "{project}/aggregated/commitments",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of commitments.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "CommitmentAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "get": {
-     "id": "compute.regionCommitments.get",
-     "path": "{project}/regions/{region}/commitments/{commitment}",
-     "httpMethod": "GET",
-     "description": "Returns the specified commitment resource. Get a list of available commitments by making a list() request.",
-     "parameters": {
-      "commitment": {
-       "type": "string",
-       "description": "Name of the commitment to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "commitment"
-     ],
-     "response": {
-      "$ref": "Commitment"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.regionCommitments.insert",
-     "path": "{project}/regions/{region}/commitments",
-     "httpMethod": "POST",
-     "description": "Creates a commitment in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Commitment"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.regionCommitments.list",
-     "path": "{project}/regions/{region}/commitments",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of commitments contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "CommitmentList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "regionInstanceGroupManagers": {
-   "methods": {
-    "abandonInstances": {
-     "id": "compute.regionInstanceGroupManagers.abandonInstances",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/abandonInstances",
-     "httpMethod": "POST",
-     "description": "Schedules a group action to remove the specified instances from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagersAbandonInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "delete": {
-     "id": "compute.regionInstanceGroupManagers.delete",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified managed instance group and all of the instances in that group.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group to delete.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "deleteInstances": {
-     "id": "compute.regionInstanceGroupManagers.deleteInstances",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/deleteInstances",
-     "httpMethod": "POST",
-     "description": "Schedules a group action to delete the specified instances in the managed instance group. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagersDeleteInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.regionInstanceGroupManagers.get",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "GET",
-     "description": "Returns all of the details about the specified managed instance group.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group to return.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "InstanceGroupManager"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.regionInstanceGroupManagers.insert",
-     "path": "{project}/regions/{region}/instanceGroupManagers",
-     "httpMethod": "POST",
-     "description": "Creates a managed instance group using the information that you specify in the request. After the group is created, it schedules an action to create instances in the group using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.\n\nA regional managed instance group can contain up to 2000 instances.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManager"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.regionInstanceGroupManagers.list",
-     "path": "{project}/regions/{region}/instanceGroupManagers",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of managed instance groups that are contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "RegionInstanceGroupManagerList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listManagedInstances": {
-     "id": "compute.regionInstanceGroupManagers.listManagedInstances",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/listManagedInstances",
-     "httpMethod": "POST",
-     "description": "Lists the instances in the managed instance group and instances that are scheduled to be created. The list includes any current actions that the group has scheduled for its instances.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "location": "query"
-      },
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "maxResults": {
-       "type": "integer",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "order_by": {
-       "type": "string",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "RegionInstanceGroupManagersListInstancesResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.regionInstanceGroupManagers.patch",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "PATCH",
-     "description": "Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is patched even if the instances in the group are still in the process of being patched. You must separately verify the status of the individual instances with the listmanagedinstances method. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the instance group manager.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManager"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "recreateInstances": {
-     "id": "compute.regionInstanceGroupManagers.recreateInstances",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/recreateInstances",
-     "httpMethod": "POST",
-     "description": "Schedules a group action to recreate the specified instances in the managed instance group. The instances are deleted and recreated using the current instance template for the managed instance group. This operation is marked as DONE when the action is scheduled even if the instances have not yet been recreated. You must separately verify the status of the recreating action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagersRecreateRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "resize": {
-     "id": "compute.regionInstanceGroupManagers.resize",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/resize",
-     "httpMethod": "POST",
-     "description": "Changes the intended size for the managed instance group. If you increase the size, the group schedules actions to create new instances using the current instance template. If you decrease the size, the group schedules delete actions on one or more instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "size": {
-       "type": "integer",
-       "description": "Number of instances that should exist in this instance group manager.",
-       "required": true,
-       "format": "int32",
-       "minimum": "0",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager",
-      "size"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setAutoHealingPolicies": {
-     "id": "compute.regionInstanceGroupManagers.setAutoHealingPolicies",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/setAutoHealingPolicies",
-     "httpMethod": "POST",
-     "description": "Modifies the autohealing policy for the instances in this managed instance group.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagersSetAutoHealingRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setInstanceTemplate": {
-     "id": "compute.regionInstanceGroupManagers.setInstanceTemplate",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/setInstanceTemplate",
-     "httpMethod": "POST",
-     "description": "Sets the instance template to use when creating new instances or recreating instances in this group. Existing instances are not affected.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagersSetTemplateRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setTargetPools": {
-     "id": "compute.regionInstanceGroupManagers.setTargetPools",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/setTargetPools",
-     "httpMethod": "POST",
-     "description": "Modifies the target pools to which all new instances in this group are assigned. Existing instances in the group are not affected.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagersSetTargetPoolsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.regionInstanceGroupManagers.testIamPermissions",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.regionInstanceGroupManagers.update",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "PUT",
-     "description": "Updates a managed instance group using the information that you specify in the request. This operation is marked as DONE when the group is updated even if the instances in the group have not yet been updated. You must separately verify the status of the individual instances with the listmanagedinstances method.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the instance group manager.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManager"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "regionInstanceGroups": {
-   "methods": {
-    "get": {
-     "id": "compute.regionInstanceGroups.get",
-     "path": "{project}/regions/{region}/instanceGroups/{instanceGroup}",
-     "httpMethod": "GET",
-     "description": "Returns the specified instance group resource.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "Name of the instance group resource to return.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroup"
-     ],
-     "response": {
-      "$ref": "InstanceGroup"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.regionInstanceGroups.list",
-     "path": "{project}/regions/{region}/instanceGroups",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of instance group resources contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "RegionInstanceGroupList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listInstances": {
-     "id": "compute.regionInstanceGroups.listInstances",
-     "path": "{project}/regions/{region}/instanceGroups/{instanceGroup}/listInstances",
-     "httpMethod": "POST",
-     "description": "Lists the instances in the specified instance group and displays information about the named ports. Depending on the specified options, this method can list all instances or only the instances that are running.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "instanceGroup": {
-       "type": "string",
-       "description": "Name of the regional instance group for which we want to list the instances.",
-       "required": true,
-       "location": "path"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroup"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupsListInstancesRequest"
-     },
-     "response": {
-      "$ref": "RegionInstanceGroupsListInstances"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setNamedPorts": {
-     "id": "compute.regionInstanceGroups.setNamedPorts",
-     "path": "{project}/regions/{region}/instanceGroups/{instanceGroup}/setNamedPorts",
-     "httpMethod": "POST",
-     "description": "Sets the named ports for the specified regional instance group.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the regional instance group where the named ports are updated.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroup"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupsSetNamedPortsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.regionInstanceGroups.testIamPermissions",
-     "path": "{project}/regions/{region}/instanceGroups/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "regionOperations": {
-   "methods": {
-    "delete": {
-     "id": "compute.regionOperations.delete",
-     "path": "{project}/regions/{region}/operations/{operation}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified region-specific Operations resource.",
-     "parameters": {
-      "operation": {
-       "type": "string",
-       "description": "Name of the Operations resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "operation"
-     ],
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.regionOperations.get",
-     "path": "{project}/regions/{region}/operations/{operation}",
-     "httpMethod": "GET",
-     "description": "Retrieves the specified region-specific Operations resource.",
-     "parameters": {
-      "operation": {
-       "type": "string",
-       "description": "Name of the Operations resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "operation"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.regionOperations.list",
-     "path": "{project}/regions/{region}/operations",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of Operation resources contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "OperationList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "regions": {
-   "methods": {
-    "get": {
-     "id": "compute.regions.get",
-     "path": "{project}/regions/{region}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Region resource. Get a list of available regions by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "Region"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.regions.list",
-     "path": "{project}/regions",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of region resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "RegionList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "routers": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.routers.aggregatedList",
-     "path": "{project}/aggregated/routers",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of routers.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "RouterAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.routers.delete",
-     "path": "{project}/regions/{region}/routers/{router}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified Router resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "router": {
-       "type": "string",
-       "description": "Name of the Router resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "router"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.routers.get",
-     "path": "{project}/regions/{region}/routers/{router}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Router resource. Get a list of available routers by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "router": {
-       "type": "string",
-       "description": "Name of the Router resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "router"
-     ],
-     "response": {
-      "$ref": "Router"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getRouterStatus": {
-     "id": "compute.routers.getRouterStatus",
-     "path": "{project}/regions/{region}/routers/{router}/getRouterStatus",
-     "httpMethod": "GET",
-     "description": "Retrieves runtime information of the specified router.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "router": {
-       "type": "string",
-       "description": "Name of the Router resource to query.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "router"
-     ],
-     "response": {
-      "$ref": "RouterStatusResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.routers.insert",
-     "path": "{project}/regions/{region}/routers",
-     "httpMethod": "POST",
-     "description": "Creates a Router resource in the specified project and region using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Router"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.routers.list",
-     "path": "{project}/regions/{region}/routers",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of Router resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "RouterList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.routers.patch",
-     "path": "{project}/regions/{region}/routers/{router}",
-     "httpMethod": "PATCH",
-     "description": "Patches the specified Router resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "router": {
-       "type": "string",
-       "description": "Name of the Router resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "router"
-     ],
-     "request": {
-      "$ref": "Router"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "preview": {
-     "id": "compute.routers.preview",
-     "path": "{project}/regions/{region}/routers/{router}/preview",
-     "httpMethod": "POST",
-     "description": "Preview fields auto-generated during router create and update operations. Calling this method does NOT create or update the router.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "router": {
-       "type": "string",
-       "description": "Name of the Router resource to query.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "router"
-     ],
-     "request": {
-      "$ref": "Router"
-     },
-     "response": {
-      "$ref": "RoutersPreviewResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.routers.testIamPermissions",
-     "path": "{project}/regions/{region}/routers/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.routers.update",
-     "path": "{project}/regions/{region}/routers/{router}",
-     "httpMethod": "PUT",
-     "description": "Updates the specified Router resource with the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "router": {
-       "type": "string",
-       "description": "Name of the Router resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "router"
-     ],
-     "request": {
-      "$ref": "Router"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "routes": {
-   "methods": {
-    "delete": {
-     "id": "compute.routes.delete",
-     "path": "{project}/global/routes/{route}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified Route resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "route": {
-       "type": "string",
-       "description": "Name of the Route resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "route"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.routes.get",
-     "path": "{project}/global/routes/{route}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Route resource. Get a list of available routes by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "route": {
-       "type": "string",
-       "description": "Name of the Route resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "route"
-     ],
-     "response": {
-      "$ref": "Route"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.routes.insert",
-     "path": "{project}/global/routes",
-     "httpMethod": "POST",
-     "description": "Creates a Route resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Route"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.routes.list",
-     "path": "{project}/global/routes",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of Route resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "RouteList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.routes.testIamPermissions",
-     "path": "{project}/global/routes/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "securityPolicies": {
-   "methods": {
-    "addRule": {
-     "id": "compute.securityPolicies.addRule",
-     "path": "{project}/global/securityPolicies/{securityPolicy}/addRule",
-     "httpMethod": "POST",
-     "description": "Inserts a rule into a security policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "securityPolicy": {
-       "type": "string",
-       "description": "Name of the security policy to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "securityPolicy"
-     ],
-     "request": {
-      "$ref": "SecurityPolicyRule"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "delete": {
-     "id": "compute.securityPolicies.delete",
-     "path": "{project}/global/securityPolicies/{securityPolicy}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "securityPolicy": {
-       "type": "string",
-       "description": "Name of the security policy to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "securityPolicy"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.securityPolicies.get",
-     "path": "{project}/global/securityPolicies/{securityPolicy}",
-     "httpMethod": "GET",
-     "description": "List all of the ordered rules present in a single specified policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "securityPolicy": {
-       "type": "string",
-       "description": "Name of the security policy to get.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "securityPolicy"
-     ],
-     "response": {
-      "$ref": "SecurityPolicy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getRule": {
-     "id": "compute.securityPolicies.getRule",
-     "path": "{project}/global/securityPolicies/{securityPolicy}/getRule",
-     "httpMethod": "GET",
-     "description": "Gets a rule at the specified priority.",
-     "parameters": {
-      "priority": {
-       "type": "integer",
-       "description": "The priority of the rule to get from the security policy.",
-       "format": "int32",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "securityPolicy": {
-       "type": "string",
-       "description": "Name of the security policy to which the queried rule belongs.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "securityPolicy"
-     ],
-     "response": {
-      "$ref": "SecurityPolicyRule"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.securityPolicies.insert",
-     "path": "{project}/global/securityPolicies",
-     "httpMethod": "POST",
-     "description": "Creates a new policy in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "SecurityPolicy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.securityPolicies.list",
-     "path": "{project}/global/securityPolicies",
-     "httpMethod": "GET",
-     "description": "List all the policies that have been configured for the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "SecurityPolicyList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.securityPolicies.patch",
-     "path": "{project}/global/securityPolicies/{securityPolicy}",
-     "httpMethod": "PATCH",
-     "description": "Patches the specified policy with the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "securityPolicy": {
-       "type": "string",
-       "description": "Name of the security policy to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "securityPolicy"
-     ],
-     "request": {
-      "$ref": "SecurityPolicy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "patchRule": {
-     "id": "compute.securityPolicies.patchRule",
-     "path": "{project}/global/securityPolicies/{securityPolicy}/patchRule",
-     "httpMethod": "POST",
-     "description": "Patches a rule at the specified priority.",
-     "parameters": {
-      "priority": {
-       "type": "integer",
-       "description": "The priority of the rule to patch.",
-       "format": "int32",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "securityPolicy": {
-       "type": "string",
-       "description": "Name of the security policy to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "securityPolicy"
-     ],
-     "request": {
-      "$ref": "SecurityPolicyRule"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "removeRule": {
-     "id": "compute.securityPolicies.removeRule",
-     "path": "{project}/global/securityPolicies/{securityPolicy}/removeRule",
-     "httpMethod": "POST",
-     "description": "Deletes a rule at the specified priority.",
-     "parameters": {
-      "priority": {
-       "type": "integer",
-       "description": "The priority of the rule to remove from the security policy.",
-       "format": "int32",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "securityPolicy": {
-       "type": "string",
-       "description": "Name of the security policy to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "securityPolicy"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.securityPolicies.testIamPermissions",
-     "path": "{project}/global/securityPolicies/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "snapshots": {
-   "methods": {
-    "delete": {
-     "id": "compute.snapshots.delete",
-     "path": "{project}/global/snapshots/{snapshot}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified Snapshot resource. Keep in mind that deleting a single snapshot might not necessarily delete all the data on that snapshot. If any data on the snapshot that is marked for deletion is needed for subsequent snapshots, the data will be moved to the next corresponding snapshot.\n\nFor more information, see Deleting snaphots.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "snapshot": {
-       "type": "string",
-       "description": "Name of the Snapshot resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "snapshot"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.snapshots.get",
-     "path": "{project}/global/snapshots/{snapshot}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Snapshot resource. Get a list of available snapshots by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "snapshot": {
-       "type": "string",
-       "description": "Name of the Snapshot resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "snapshot"
-     ],
-     "response": {
-      "$ref": "Snapshot"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.snapshots.list",
-     "path": "{project}/global/snapshots",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of Snapshot resources contained within the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "SnapshotList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.snapshots.setLabels",
-     "path": "{project}/global/snapshots/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on a snapshot. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "GlobalSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.snapshots.testIamPermissions",
-     "path": "{project}/global/snapshots/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "sslCertificates": {
-   "methods": {
-    "delete": {
-     "id": "compute.sslCertificates.delete",
-     "path": "{project}/global/sslCertificates/{sslCertificate}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified SslCertificate resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "sslCertificate": {
-       "type": "string",
-       "description": "Name of the SslCertificate resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "sslCertificate"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.sslCertificates.get",
-     "path": "{project}/global/sslCertificates/{sslCertificate}",
-     "httpMethod": "GET",
-     "description": "Returns the specified SslCertificate resource. Get a list of available SSL certificates by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "sslCertificate": {
-       "type": "string",
-       "description": "Name of the SslCertificate resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "sslCertificate"
-     ],
-     "response": {
-      "$ref": "SslCertificate"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.sslCertificates.insert",
-     "path": "{project}/global/sslCertificates",
-     "httpMethod": "POST",
-     "description": "Creates a SslCertificate resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "SslCertificate"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.sslCertificates.list",
-     "path": "{project}/global/sslCertificates",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of SslCertificate resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "SslCertificateList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.sslCertificates.testIamPermissions",
-     "path": "{project}/global/sslCertificates/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "sslPolicies": {
-   "methods": {
-    "delete": {
-     "id": "compute.sslPolicies.delete",
-     "path": "{project}/global/sslPolicies/{sslPolicy}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified SSL policy. The SSL policy resource can be deleted only if it is not in use by any TargetHttpsProxy or TargetSslProxy resources.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "sslPolicy": {
-       "type": "string",
-       "description": "Name of the SSL policy to delete. The name must be 1-63 characters long, and comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "sslPolicy"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.sslPolicies.get",
-     "path": "{project}/global/sslPolicies/{sslPolicy}",
-     "httpMethod": "GET",
-     "description": "List all of the ordered rules present in a single specified policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "sslPolicy": {
-       "type": "string",
-       "description": "Name of the SSL policy to update. The name must be 1-63 characters long, and comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "sslPolicy"
-     ],
-     "response": {
-      "$ref": "SslPolicy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.sslPolicies.insert",
-     "path": "{project}/global/sslPolicies",
-     "httpMethod": "POST",
-     "description": "Returns the specified SSL policy resource. Get a list of available SSL policies by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "SslPolicy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.sslPolicies.list",
-     "path": "{project}/global/sslPolicies",
-     "httpMethod": "GET",
-     "description": "List all the SSL policies that have been configured for the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "SslPoliciesList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listAvailableFeatures": {
-     "id": "compute.sslPolicies.listAvailableFeatures",
-     "path": "{project}/global/sslPolicies/listAvailableFeatures",
-     "httpMethod": "GET",
-     "description": "Lists all features that can be specified in the SSL policy when using custom profile.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "SslPoliciesListAvailableFeaturesResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.sslPolicies.patch",
-     "path": "{project}/global/sslPolicies/{sslPolicy}",
-     "httpMethod": "PATCH",
-     "description": "Patches the specified SSL policy with the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "sslPolicy": {
-       "type": "string",
-       "description": "Name of the SSL policy to update. The name must be 1-63 characters long, and comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "sslPolicy"
-     ],
-     "request": {
-      "$ref": "SslPolicy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.sslPolicies.testIamPermissions",
-     "path": "{project}/global/sslPolicies/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "subnetworks": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.subnetworks.aggregatedList",
-     "path": "{project}/aggregated/subnetworks",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of subnetworks.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "SubnetworkAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.subnetworks.delete",
-     "path": "{project}/regions/{region}/subnetworks/{subnetwork}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified subnetwork.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "subnetwork": {
-       "type": "string",
-       "description": "Name of the Subnetwork resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "subnetwork"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "expandIpCidrRange": {
-     "id": "compute.subnetworks.expandIpCidrRange",
-     "path": "{project}/regions/{region}/subnetworks/{subnetwork}/expandIpCidrRange",
-     "httpMethod": "POST",
-     "description": "Expands the IP CIDR range of the subnetwork to a specified value.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "subnetwork": {
-       "type": "string",
-       "description": "Name of the Subnetwork resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "subnetwork"
-     ],
-     "request": {
-      "$ref": "SubnetworksExpandIpCidrRangeRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.subnetworks.get",
-     "path": "{project}/regions/{region}/subnetworks/{subnetwork}",
-     "httpMethod": "GET",
-     "description": "Returns the specified subnetwork. Get a list of available subnetworks list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "subnetwork": {
-       "type": "string",
-       "description": "Name of the Subnetwork resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "subnetwork"
-     ],
-     "response": {
-      "$ref": "Subnetwork"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getIamPolicy": {
-     "id": "compute.subnetworks.getIamPolicy",
-     "path": "{project}/regions/{region}/subnetworks/{resource}/getIamPolicy",
-     "httpMethod": "GET",
-     "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.subnetworks.insert",
-     "path": "{project}/regions/{region}/subnetworks",
-     "httpMethod": "POST",
-     "description": "Creates a subnetwork in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Subnetwork"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.subnetworks.list",
-     "path": "{project}/regions/{region}/subnetworks",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of subnetworks available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "SubnetworkList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.subnetworks.patch",
-     "path": "{project}/regions/{region}/subnetworks/{subnetwork}",
-     "httpMethod": "PATCH",
-     "description": "Patches the specified subnetwork with the data included in the request. Only the following fields within the subnetwork resource can be specified in the request: secondary_ip_range and allow_subnet_cidr_routes_overlap. It is also mandatory to specify the current fingeprint of the subnetwork resource being patched.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "subnetwork": {
-       "type": "string",
-       "description": "Name of the Subnetwork resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "subnetwork"
-     ],
-     "request": {
-      "$ref": "Subnetwork"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setIamPolicy": {
-     "id": "compute.subnetworks.setIamPolicy",
-     "path": "{project}/regions/{region}/subnetworks/{resource}/setIamPolicy",
-     "httpMethod": "POST",
-     "description": "Sets the access control policy on the specified resource. Replaces any existing policy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "Policy"
-     },
-     "response": {
-      "$ref": "Policy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setPrivateIpGoogleAccess": {
-     "id": "compute.subnetworks.setPrivateIpGoogleAccess",
-     "path": "{project}/regions/{region}/subnetworks/{subnetwork}/setPrivateIpGoogleAccess",
-     "httpMethod": "POST",
-     "description": "Set whether VMs in this subnet can access Google services without assigning external IP addresses through Private Google Access.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "subnetwork": {
-       "type": "string",
-       "description": "Name of the Subnetwork resource.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "subnetwork"
-     ],
-     "request": {
-      "$ref": "SubnetworksSetPrivateIpGoogleAccessRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.subnetworks.testIamPermissions",
-     "path": "{project}/regions/{region}/subnetworks/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "targetHttpProxies": {
-   "methods": {
-    "delete": {
-     "id": "compute.targetHttpProxies.delete",
-     "path": "{project}/global/targetHttpProxies/{targetHttpProxy}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified TargetHttpProxy resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetHttpProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpProxy resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpProxy"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetHttpProxies.get",
-     "path": "{project}/global/targetHttpProxies/{targetHttpProxy}",
-     "httpMethod": "GET",
-     "description": "Returns the specified TargetHttpProxy resource. Get a list of available target HTTP proxies by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "targetHttpProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpProxy resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpProxy"
-     ],
-     "response": {
-      "$ref": "TargetHttpProxy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetHttpProxies.insert",
-     "path": "{project}/global/targetHttpProxies",
-     "httpMethod": "POST",
-     "description": "Creates a TargetHttpProxy resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "TargetHttpProxy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetHttpProxies.list",
-     "path": "{project}/global/targetHttpProxies",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of TargetHttpProxy resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetHttpProxyList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setUrlMap": {
-     "id": "compute.targetHttpProxies.setUrlMap",
-     "path": "{project}/targetHttpProxies/{targetHttpProxy}/setUrlMap",
-     "httpMethod": "POST",
-     "description": "Changes the URL map for TargetHttpProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetHttpProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpProxy to set a URL map for.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpProxy"
-     ],
-     "request": {
-      "$ref": "UrlMapReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.targetHttpProxies.testIamPermissions",
-     "path": "{project}/global/targetHttpProxies/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "targetHttpsProxies": {
-   "methods": {
-    "delete": {
-     "id": "compute.targetHttpsProxies.delete",
-     "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified TargetHttpsProxy resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetHttpsProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpsProxy resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpsProxy"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetHttpsProxies.get",
-     "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}",
-     "httpMethod": "GET",
-     "description": "Returns the specified TargetHttpsProxy resource. Get a list of available target HTTPS proxies by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "targetHttpsProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpsProxy resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpsProxy"
-     ],
-     "response": {
-      "$ref": "TargetHttpsProxy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetHttpsProxies.insert",
-     "path": "{project}/global/targetHttpsProxies",
-     "httpMethod": "POST",
-     "description": "Creates a TargetHttpsProxy resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "TargetHttpsProxy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetHttpsProxies.list",
-     "path": "{project}/global/targetHttpsProxies",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of TargetHttpsProxy resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetHttpsProxyList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setQuicOverride": {
-     "id": "compute.targetHttpsProxies.setQuicOverride",
-     "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}/setQuicOverride",
-     "httpMethod": "POST",
-     "description": "Sets the QUIC override policy for TargetHttpsProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetHttpsProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpsProxy resource to set the QUIC override policy for. The name should conform to RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpsProxy"
-     ],
-     "request": {
-      "$ref": "TargetHttpsProxiesSetQuicOverrideRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setSslCertificates": {
-     "id": "compute.targetHttpsProxies.setSslCertificates",
-     "path": "{project}/targetHttpsProxies/{targetHttpsProxy}/setSslCertificates",
-     "httpMethod": "POST",
-     "description": "Replaces SslCertificates for TargetHttpsProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetHttpsProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpsProxy resource to set an SslCertificates resource for.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpsProxy"
-     ],
-     "request": {
-      "$ref": "TargetHttpsProxiesSetSslCertificatesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setSslPolicy": {
-     "id": "compute.targetHttpsProxies.setSslPolicy",
-     "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}/setSslPolicy",
-     "httpMethod": "POST",
-     "description": "Sets the SSL policy for TargetHttpsProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the HTTPS proxy load balancer. They do not affect the connection between the load balancer and the backends.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetHttpsProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpsProxy resource whose SSL policy is to be set. The name must be 1-63 characters long, and comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpsProxy"
-     ],
-     "request": {
-      "$ref": "SslPolicyReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setUrlMap": {
-     "id": "compute.targetHttpsProxies.setUrlMap",
-     "path": "{project}/targetHttpsProxies/{targetHttpsProxy}/setUrlMap",
-     "httpMethod": "POST",
-     "description": "Changes the URL map for TargetHttpsProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetHttpsProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpsProxy resource whose URL map is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpsProxy"
-     ],
-     "request": {
-      "$ref": "UrlMapReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.targetHttpsProxies.testIamPermissions",
-     "path": "{project}/global/targetHttpsProxies/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "targetInstances": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.targetInstances.aggregatedList",
-     "path": "{project}/aggregated/targetInstances",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of target instances.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetInstanceAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.targetInstances.delete",
-     "path": "{project}/zones/{zone}/targetInstances/{targetInstance}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified TargetInstance resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetInstance": {
-       "type": "string",
-       "description": "Name of the TargetInstance resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "targetInstance"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetInstances.get",
-     "path": "{project}/zones/{zone}/targetInstances/{targetInstance}",
-     "httpMethod": "GET",
-     "description": "Returns the specified TargetInstance resource. Get a list of available target instances by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "targetInstance": {
-       "type": "string",
-       "description": "Name of the TargetInstance resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "targetInstance"
-     ],
-     "response": {
-      "$ref": "TargetInstance"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetInstances.insert",
-     "path": "{project}/zones/{zone}/targetInstances",
-     "httpMethod": "POST",
-     "description": "Creates a TargetInstance resource in the specified project and zone using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "TargetInstance"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetInstances.list",
-     "path": "{project}/zones/{zone}/targetInstances",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of TargetInstance resources available to the specified project and zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "TargetInstanceList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.targetInstances.testIamPermissions",
-     "path": "{project}/zones/{zone}/targetInstances/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "targetPools": {
-   "methods": {
-    "addHealthCheck": {
-     "id": "compute.targetPools.addHealthCheck",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}/addHealthCheck",
-     "httpMethod": "POST",
-     "description": "Adds health check URLs to a target pool.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the target pool to add a health check to.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "request": {
-      "$ref": "TargetPoolsAddHealthCheckRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "addInstance": {
-     "id": "compute.targetPools.addInstance",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}/addInstance",
-     "httpMethod": "POST",
-     "description": "Adds an instance to a target pool.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the TargetPool resource to add instances to.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "request": {
-      "$ref": "TargetPoolsAddInstanceRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "aggregatedList": {
-     "id": "compute.targetPools.aggregatedList",
-     "path": "{project}/aggregated/targetPools",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of target pools.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetPoolAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.targetPools.delete",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified target pool.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the TargetPool resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetPools.get",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}",
-     "httpMethod": "GET",
-     "description": "Returns the specified target pool. Get a list of available target pools by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the TargetPool resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "response": {
-      "$ref": "TargetPool"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getHealth": {
-     "id": "compute.targetPools.getHealth",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}/getHealth",
-     "httpMethod": "POST",
-     "description": "Gets the most recent health check results for each IP for the instance that is referenced by the given target pool.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the TargetPool resource to which the queried instance belongs.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "request": {
-      "$ref": "InstanceReference"
-     },
-     "response": {
-      "$ref": "TargetPoolInstanceHealth"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetPools.insert",
-     "path": "{project}/regions/{region}/targetPools",
-     "httpMethod": "POST",
-     "description": "Creates a target pool in the specified project and region using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "TargetPool"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetPools.list",
-     "path": "{project}/regions/{region}/targetPools",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of target pools available to the specified project and region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "TargetPoolList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "removeHealthCheck": {
-     "id": "compute.targetPools.removeHealthCheck",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}/removeHealthCheck",
-     "httpMethod": "POST",
-     "description": "Removes health check URL from a target pool.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the target pool to remove health checks from.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "request": {
-      "$ref": "TargetPoolsRemoveHealthCheckRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "removeInstance": {
-     "id": "compute.targetPools.removeInstance",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}/removeInstance",
-     "httpMethod": "POST",
-     "description": "Removes instance URL from a target pool.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the TargetPool resource to remove instances from.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "request": {
-      "$ref": "TargetPoolsRemoveInstanceRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setBackup": {
-     "id": "compute.targetPools.setBackup",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}/setBackup",
-     "httpMethod": "POST",
-     "description": "Changes a backup target pool's configurations.",
-     "parameters": {
-      "failoverRatio": {
-       "type": "number",
-       "description": "New failoverRatio value for the target pool.",
-       "format": "float",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the TargetPool resource to set a backup pool for.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "request": {
-      "$ref": "TargetReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.targetPools.testIamPermissions",
-     "path": "{project}/regions/{region}/targetPools/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "targetSslProxies": {
-   "methods": {
-    "delete": {
-     "id": "compute.targetSslProxies.delete",
-     "path": "{project}/global/targetSslProxies/{targetSslProxy}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified TargetSslProxy resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetSslProxy": {
-       "type": "string",
-       "description": "Name of the TargetSslProxy resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetSslProxy"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetSslProxies.get",
-     "path": "{project}/global/targetSslProxies/{targetSslProxy}",
-     "httpMethod": "GET",
-     "description": "Returns the specified TargetSslProxy resource. Get a list of available target SSL proxies by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "targetSslProxy": {
-       "type": "string",
-       "description": "Name of the TargetSslProxy resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetSslProxy"
-     ],
-     "response": {
-      "$ref": "TargetSslProxy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetSslProxies.insert",
-     "path": "{project}/global/targetSslProxies",
-     "httpMethod": "POST",
-     "description": "Creates a TargetSslProxy resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "TargetSslProxy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetSslProxies.list",
-     "path": "{project}/global/targetSslProxies",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of TargetSslProxy resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetSslProxyList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setBackendService": {
-     "id": "compute.targetSslProxies.setBackendService",
-     "path": "{project}/global/targetSslProxies/{targetSslProxy}/setBackendService",
-     "httpMethod": "POST",
-     "description": "Changes the BackendService for TargetSslProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetSslProxy": {
-       "type": "string",
-       "description": "Name of the TargetSslProxy resource whose BackendService resource is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetSslProxy"
-     ],
-     "request": {
-      "$ref": "TargetSslProxiesSetBackendServiceRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setProxyHeader": {
-     "id": "compute.targetSslProxies.setProxyHeader",
-     "path": "{project}/global/targetSslProxies/{targetSslProxy}/setProxyHeader",
-     "httpMethod": "POST",
-     "description": "Changes the ProxyHeaderType for TargetSslProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetSslProxy": {
-       "type": "string",
-       "description": "Name of the TargetSslProxy resource whose ProxyHeader is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetSslProxy"
-     ],
-     "request": {
-      "$ref": "TargetSslProxiesSetProxyHeaderRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setSslCertificates": {
-     "id": "compute.targetSslProxies.setSslCertificates",
-     "path": "{project}/global/targetSslProxies/{targetSslProxy}/setSslCertificates",
-     "httpMethod": "POST",
-     "description": "Changes SslCertificates for TargetSslProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetSslProxy": {
-       "type": "string",
-       "description": "Name of the TargetSslProxy resource whose SslCertificate resource is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetSslProxy"
-     ],
-     "request": {
-      "$ref": "TargetSslProxiesSetSslCertificatesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setSslPolicy": {
-     "id": "compute.targetSslProxies.setSslPolicy",
-     "path": "{project}/global/targetSslProxies/{targetSslProxy}/setSslPolicy",
-     "httpMethod": "POST",
-     "description": "Sets the SSL policy for TargetSslProxy. The SSL policy specifies the server-side support for SSL features. This affects connections between clients and the SSL proxy load balancer. They do not affect the connection between the load balancer and the backends.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetSslProxy": {
-       "type": "string",
-       "description": "Name of the TargetSslProxy resource whose SSL policy is to be set. The name must be 1-63 characters long, and comply with RFC1035.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetSslProxy"
-     ],
-     "request": {
-      "$ref": "SslPolicyReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.targetSslProxies.testIamPermissions",
-     "path": "{project}/global/targetSslProxies/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "targetTcpProxies": {
-   "methods": {
-    "delete": {
-     "id": "compute.targetTcpProxies.delete",
-     "path": "{project}/global/targetTcpProxies/{targetTcpProxy}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified TargetTcpProxy resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetTcpProxy": {
-       "type": "string",
-       "description": "Name of the TargetTcpProxy resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetTcpProxy"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetTcpProxies.get",
-     "path": "{project}/global/targetTcpProxies/{targetTcpProxy}",
-     "httpMethod": "GET",
-     "description": "Returns the specified TargetTcpProxy resource. Get a list of available target TCP proxies by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "targetTcpProxy": {
-       "type": "string",
-       "description": "Name of the TargetTcpProxy resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetTcpProxy"
-     ],
-     "response": {
-      "$ref": "TargetTcpProxy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetTcpProxies.insert",
-     "path": "{project}/global/targetTcpProxies",
-     "httpMethod": "POST",
-     "description": "Creates a TargetTcpProxy resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "TargetTcpProxy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetTcpProxies.list",
-     "path": "{project}/global/targetTcpProxies",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of TargetTcpProxy resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetTcpProxyList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setBackendService": {
-     "id": "compute.targetTcpProxies.setBackendService",
-     "path": "{project}/global/targetTcpProxies/{targetTcpProxy}/setBackendService",
-     "httpMethod": "POST",
-     "description": "Changes the BackendService for TargetTcpProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetTcpProxy": {
-       "type": "string",
-       "description": "Name of the TargetTcpProxy resource whose BackendService resource is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetTcpProxy"
-     ],
-     "request": {
-      "$ref": "TargetTcpProxiesSetBackendServiceRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setProxyHeader": {
-     "id": "compute.targetTcpProxies.setProxyHeader",
-     "path": "{project}/global/targetTcpProxies/{targetTcpProxy}/setProxyHeader",
-     "httpMethod": "POST",
-     "description": "Changes the ProxyHeaderType for TargetTcpProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetTcpProxy": {
-       "type": "string",
-       "description": "Name of the TargetTcpProxy resource whose ProxyHeader is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetTcpProxy"
-     ],
-     "request": {
-      "$ref": "TargetTcpProxiesSetProxyHeaderRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "targetVpnGateways": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.targetVpnGateways.aggregatedList",
-     "path": "{project}/aggregated/targetVpnGateways",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of target VPN gateways.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetVpnGatewayAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.targetVpnGateways.delete",
-     "path": "{project}/regions/{region}/targetVpnGateways/{targetVpnGateway}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified target VPN gateway.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "targetVpnGateway": {
-       "type": "string",
-       "description": "Name of the target VPN gateway to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetVpnGateway"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetVpnGateways.get",
-     "path": "{project}/regions/{region}/targetVpnGateways/{targetVpnGateway}",
-     "httpMethod": "GET",
-     "description": "Returns the specified target VPN gateway. Get a list of available target VPN gateways by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "targetVpnGateway": {
-       "type": "string",
-       "description": "Name of the target VPN gateway to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetVpnGateway"
-     ],
-     "response": {
-      "$ref": "TargetVpnGateway"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetVpnGateways.insert",
-     "path": "{project}/regions/{region}/targetVpnGateways",
-     "httpMethod": "POST",
-     "description": "Creates a target VPN gateway in the specified project and region using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "TargetVpnGateway"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetVpnGateways.list",
-     "path": "{project}/regions/{region}/targetVpnGateways",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of target VPN gateways available to the specified project and region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "TargetVpnGatewayList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.targetVpnGateways.setLabels",
-     "path": "{project}/regions/{region}/targetVpnGateways/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on a TargetVpnGateway. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "RegionSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.targetVpnGateways.testIamPermissions",
-     "path": "{project}/regions/{region}/targetVpnGateways/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "urlMaps": {
-   "methods": {
-    "delete": {
-     "id": "compute.urlMaps.delete",
-     "path": "{project}/global/urlMaps/{urlMap}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified UrlMap resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "urlMap": {
-       "type": "string",
-       "description": "Name of the UrlMap resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "urlMap"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.urlMaps.get",
-     "path": "{project}/global/urlMaps/{urlMap}",
-     "httpMethod": "GET",
-     "description": "Returns the specified UrlMap resource. Get a list of available URL maps by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "urlMap": {
-       "type": "string",
-       "description": "Name of the UrlMap resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "urlMap"
-     ],
-     "response": {
-      "$ref": "UrlMap"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.urlMaps.insert",
-     "path": "{project}/global/urlMaps",
-     "httpMethod": "POST",
-     "description": "Creates a UrlMap resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "UrlMap"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "invalidateCache": {
-     "id": "compute.urlMaps.invalidateCache",
-     "path": "{project}/global/urlMaps/{urlMap}/invalidateCache",
-     "httpMethod": "POST",
-     "description": "Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "urlMap": {
-       "type": "string",
-       "description": "Name of the UrlMap scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "urlMap"
-     ],
-     "request": {
-      "$ref": "CacheInvalidationRule"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.urlMaps.list",
-     "path": "{project}/global/urlMaps",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of UrlMap resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "UrlMapList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.urlMaps.patch",
-     "path": "{project}/global/urlMaps/{urlMap}",
-     "httpMethod": "PATCH",
-     "description": "Patches the specified UrlMap resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "urlMap": {
-       "type": "string",
-       "description": "Name of the UrlMap resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "urlMap"
-     ],
-     "request": {
-      "$ref": "UrlMap"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.urlMaps.testIamPermissions",
-     "path": "{project}/global/urlMaps/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "(?:[-a-z0-9_]{0,62}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.urlMaps.update",
-     "path": "{project}/global/urlMaps/{urlMap}",
-     "httpMethod": "PUT",
-     "description": "Updates the specified UrlMap resource with the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "urlMap": {
-       "type": "string",
-       "description": "Name of the UrlMap resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "urlMap"
-     ],
-     "request": {
-      "$ref": "UrlMap"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "validate": {
-     "id": "compute.urlMaps.validate",
-     "path": "{project}/global/urlMaps/{urlMap}/validate",
-     "httpMethod": "POST",
-     "description": "Runs static validation for the UrlMap. In particular, the tests of the provided UrlMap will be run. Calling this method does NOT create the UrlMap.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "urlMap": {
-       "type": "string",
-       "description": "Name of the UrlMap resource to be validated as.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "urlMap"
-     ],
-     "request": {
-      "$ref": "UrlMapsValidateRequest"
-     },
-     "response": {
-      "$ref": "UrlMapsValidateResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "vpnTunnels": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.vpnTunnels.aggregatedList",
-     "path": "{project}/aggregated/vpnTunnels",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of VPN tunnels.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "VpnTunnelAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.vpnTunnels.delete",
-     "path": "{project}/regions/{region}/vpnTunnels/{vpnTunnel}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified VpnTunnel resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "vpnTunnel": {
-       "type": "string",
-       "description": "Name of the VpnTunnel resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "vpnTunnel"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.vpnTunnels.get",
-     "path": "{project}/regions/{region}/vpnTunnels/{vpnTunnel}",
-     "httpMethod": "GET",
-     "description": "Returns the specified VpnTunnel resource. Get a list of available VPN tunnels by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "vpnTunnel": {
-       "type": "string",
-       "description": "Name of the VpnTunnel resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "vpnTunnel"
-     ],
-     "response": {
-      "$ref": "VpnTunnel"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.vpnTunnels.insert",
-     "path": "{project}/regions/{region}/vpnTunnels",
-     "httpMethod": "POST",
-     "description": "Creates a VpnTunnel resource in the specified project and region using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "VpnTunnel"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.vpnTunnels.list",
-     "path": "{project}/regions/{region}/vpnTunnels",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of VpnTunnel resources contained in the specified project and region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "VpnTunnelList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.vpnTunnels.setLabels",
-     "path": "{project}/regions/{region}/vpnTunnels/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on a VpnTunnel. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "RegionSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "testIamPermissions": {
-     "id": "compute.vpnTunnels.testIamPermissions",
-     "path": "{project}/regions/{region}/vpnTunnels/{resource}/testIamPermissions",
-     "httpMethod": "POST",
-     "description": "Returns permissions that a caller has on the specified resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "The name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "resource"
-     ],
-     "request": {
-      "$ref": "TestPermissionsRequest"
-     },
-     "response": {
-      "$ref": "TestPermissionsResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "zoneOperations": {
-   "methods": {
-    "delete": {
-     "id": "compute.zoneOperations.delete",
-     "path": "{project}/zones/{zone}/operations/{operation}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified zone-specific Operations resource.",
-     "parameters": {
-      "operation": {
-       "type": "string",
-       "description": "Name of the Operations resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "operation"
-     ],
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.zoneOperations.get",
-     "path": "{project}/zones/{zone}/operations/{operation}",
-     "httpMethod": "GET",
-     "description": "Retrieves the specified zone-specific Operations resource.",
-     "parameters": {
-      "operation": {
-       "type": "string",
-       "description": "Name of the Operations resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "operation"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.zoneOperations.list",
-     "path": "{project}/zones/{zone}/operations",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of Operation resources contained within the specified zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "OperationList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
+    "AcceleratorTypesScopedList": {
+      "id": "AcceleratorTypesScopedList",
+      "properties": {
+        "acceleratorTypes": {
+          "description": "[Output Only] List of accelerator types contained in this scope.",
+          "items": {
+            "$ref": "AcceleratorType"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] An informational warning that appears when the accelerator types list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "AccessConfig": {
+      "description": "An access configuration attached to an instance's network interface. Only one access config per instance is supported.",
+      "id": "AccessConfig",
+      "properties": {
+        "kind": {
+          "default": "compute#accessConfig",
+          "description": "[Output Only] Type of the resource. Always compute#accessConfig for access configs.",
+          "type": "string"
+        },
+        "name": {
+          "description": "The name of this access configuration. The default and recommended name is External NAT but you can use any arbitrary string you would like. For example, My external IP or Network Access.",
+          "type": "string"
+        },
+        "natIP": {
+          "description": "An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.",
+          "type": "string"
+        },
+        "networkTier": {
+          "description": "This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.\n\nIf an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.\n\nIf an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.",
+          "enum": [
+            "PREMIUM",
+            "STANDARD"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "publicPtrDomainName": {
+          "description": "The DNS domain name for the public PTR record. This field can only be set when the set_public_ptr field is enabled.",
+          "type": "string"
+        },
+        "setPublicPtr": {
+          "description": "Specifies whether a public DNS ?PTR? record should be created to map the external IP address of the instance to a DNS domain name.",
+          "type": "boolean"
+        },
+        "type": {
+          "default": "ONE_TO_ONE_NAT",
+          "description": "The type of configuration. The default and only option is ONE_TO_ONE_NAT.",
+          "enum": [
+            "ONE_TO_ONE_NAT"
+          ],
+          "enumDescriptions": [
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Address": {
+      "description": "A reserved address resource. (== resource_for beta.addresses ==) (== resource_for v1.addresses ==) (== resource_for beta.globalAddresses ==) (== resource_for v1.globalAddresses ==)",
+      "id": "Address",
+      "properties": {
+        "address": {
+          "description": "The static IP address represented by this resource.",
+          "type": "string"
+        },
+        "addressType": {
+          "description": "The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.",
+          "enum": [
+            "EXTERNAL",
+            "INTERNAL",
+            "UNSPECIFIED_TYPE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "ipVersion": {
+          "description": "The IP Version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.",
+          "enum": [
+            "IPV4",
+            "IPV6",
+            "UNSPECIFIED_VERSION"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#address",
+          "description": "[Output Only] Type of the resource. Always compute#address for addresses.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this Address, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an Address.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this Address resource. These can be later modified by the setLabels method. Each label key/value must comply with RFC1035. Label values may be empty.",
+          "type": "object"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.addresses.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "networkTier": {
+          "description": "This signifies the networking tier used for configuring this Address and can only take the following values: PREMIUM , STANDARD.\n\nIf this field is not specified, it is assumed to be PREMIUM.",
+          "enum": [
+            "PREMIUM",
+            "STANDARD"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the regional address resides. This field is not applicable to global addresses. You must specify this field as part of the HTTP request URL. You cannot set this field in the request body.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.",
+          "enum": [
+            "IN_USE",
+            "RESERVED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "subnetwork": {
+          "description": "The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with GCE_ENDPOINT/DNS_RESOLVER purposes.",
+          "type": "string"
+        },
+        "users": {
+          "description": "[Output Only] The URLs of the resources that are using this address.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "AddressAggregatedList": {
+      "id": "AddressAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "AddressesScopedList",
+            "description": "[Output Only] Name of the scope containing this set of addresses."
+          },
+          "description": "A list of AddressesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#addressAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#addressAggregatedList for aggregated lists of addresses.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "AddressList": {
+      "description": "Contains a list of addresses.",
+      "id": "AddressList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Address resources.",
+          "items": {
+            "$ref": "Address"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#addressList",
+          "description": "[Output Only] Type of resource. Always compute#addressList for lists of addresses.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "AddressesScopedList": {
+      "id": "AddressesScopedList",
+      "properties": {
+        "addresses": {
+          "description": "[Output Only] List of addresses contained in this scope.",
+          "items": {
+            "$ref": "Address"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of addresses when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "AliasIpRange": {
+      "description": "An alias IP range attached to an instance's network interface.",
+      "id": "AliasIpRange",
+      "properties": {
+        "ipCidrRange": {
+          "description": "The IP CIDR range represented by this alias IP range. This IP CIDR range must belong to the specified subnetwork and cannot contain IP addresses reserved by system or used by other network interfaces. This range may be a single IP address (e.g. 10.2.3.4), a netmask (e.g. /24) or a CIDR format string (e.g. 10.1.2.0/24).",
+          "type": "string"
+        },
+        "subnetworkRangeName": {
+          "description": "Optional subnetwork secondary range name specifying the secondary range from which to allocate the IP CIDR range for this alias IP range. If left unspecified, the primary range of the subnetwork will be used.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "AttachedDisk": {
+      "description": "An instance-attached disk resource.",
+      "id": "AttachedDisk",
+      "properties": {
+        "autoDelete": {
+          "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).",
+          "type": "boolean"
+        },
+        "boot": {
+          "description": "Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.",
+          "type": "boolean"
+        },
+        "deviceName": {
+          "description": "Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.\n\nIf not specified, the server chooses a default device name to apply to this disk, in the form persistent-disks-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.",
+          "type": "string"
+        },
+        "diskEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "Encrypts or decrypts a disk using a customer-supplied encryption key.\n\nIf you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.\n\nIf you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.\n\nIf you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.\n\nInstance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group."
+        },
+        "guestOsFeatures": {
+          "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.",
+          "items": {
+            "$ref": "GuestOsFeature"
+          },
+          "type": "array"
+        },
+        "index": {
+          "description": "[Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "initializeParams": {
+          "$ref": "AttachedDiskInitializeParams",
+          "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.\n\nThis property is mutually exclusive with the source property; you can only define one or the other, but not both."
+        },
+        "interface": {
+          "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. Persistent disks must always use SCSI and the request will fail if you attempt to attach a persistent disk in any other format than SCSI. Local SSDs can use either NVME or SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance.",
+          "enum": [
+            "NVME",
+            "SCSI"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#attachedDisk",
+          "description": "[Output Only] Type of the resource. Always compute#attachedDisk for attached disks.",
+          "type": "string"
+        },
+        "licenses": {
+          "description": "[Output Only] Any valid publicly visible licenses.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "mode": {
+          "description": "The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode.",
+          "enum": [
+            "READ_ONLY",
+            "READ_WRITE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "source": {
+          "description": "Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or disks.source is required except for local SSD.\n\nIf desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.\n\nNote that for InstanceTemplate, specify the disk name, not the URL for the disk.",
+          "type": "string"
+        },
+        "type": {
+          "description": "Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.",
+          "enum": [
+            "PERSISTENT",
+            "SCRATCH"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "AttachedDiskInitializeParams": {
+      "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.\n\nThis property is mutually exclusive with the source property; you can only define one or the other, but not both.",
+      "id": "AttachedDiskInitializeParams",
+      "properties": {
+        "diskName": {
+          "description": "Specifies the disk name. If not specified, the default is to use the name of the instance.",
+          "type": "string"
+        },
+        "diskSizeGb": {
+          "description": "Specifies the size of the disk in base-2 GB.",
+          "format": "int64",
+          "type": "string"
+        },
+        "diskStorageType": {
+          "description": "[Deprecated] Storage type of the disk.",
+          "enum": [
+            "HDD",
+            "SSD"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "diskType": {
+          "description": "Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:\nhttps://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard\n\n\nOther values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType \n- projects/project/zones/zone/diskTypes/diskType \n- zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.",
+          "type": "object"
+        },
+        "sourceImage": {
+          "description": "The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or disks.source is required except for local SSD.\n\nTo create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-8 to use the latest Debian 8 image:\nprojects/debian-cloud/global/images/family/debian-8\n\n\nAlternatively, use a specific version of a public operating system image:\nprojects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD\n\n\nTo create a disk with a custom image that you created, specify the image name in the following format:\nglobal/images/my-custom-image\n\n\nYou can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:\nglobal/images/family/my-image-family\n\n\nIf the source image is deleted later, this field will not be set.",
+          "type": "string"
+        },
+        "sourceImageEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.\n\nInstance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys."
+        }
+      },
+      "type": "object"
+    },
+    "AuditConfig": {
+      "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.\n\nIf there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.\n\nExample Policy with multiple AuditConfigs:\n\n{ \"audit_configs\": [ { \"service\": \"allServices\" \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:foo@gmail.com\" ] }, { \"log_type\": \"DATA_WRITE\", }, { \"log_type\": \"ADMIN_READ\", } ] }, { \"service\": \"fooservice.googleapis.com\" \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:bar@gmail.com\" ] } ] } ] }\n\nFor fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts foo@gmail.com from DATA_READ logging, and bar@gmail.com from DATA_WRITE logging.",
+      "id": "AuditConfig",
+      "properties": {
+        "auditLogConfigs": {
+          "description": "The configuration for logging of each type of permission.",
+          "items": {
+            "$ref": "AuditLogConfig"
+          },
+          "type": "array"
+        },
+        "exemptedMembers": {
+          "description": "",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "service": {
+          "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "AuditLogConfig": {
+      "description": "Provides the configuration for logging a type of permissions. Example:\n\n{ \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:foo@gmail.com\" ] }, { \"log_type\": \"DATA_WRITE\", } ] }\n\nThis enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting foo@gmail.com from DATA_READ logging.",
+      "id": "AuditLogConfig",
+      "properties": {
+        "exemptedMembers": {
+          "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "logType": {
+          "description": "The log type that this config enables.",
+          "enum": [
+            "ADMIN_READ",
+            "DATA_READ",
+            "DATA_WRITE",
+            "LOG_TYPE_UNSPECIFIED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "AuthorizationLoggingOptions": {
+      "description": "Authorization-related information used by Cloud Audit Logging.",
+      "id": "AuthorizationLoggingOptions",
+      "properties": {
+        "permissionType": {
+          "description": "The type of the permission that was checked.",
+          "enum": [
+            "ADMIN_READ",
+            "ADMIN_WRITE",
+            "DATA_READ",
+            "DATA_WRITE",
+            "PERMISSION_TYPE_UNSPECIFIED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Autoscaler": {
+      "description": "Represents an Autoscaler resource. Autoscalers allow you to automatically scale virtual machine instances in managed instance groups according to an autoscaling policy that you define. For more information, read Autoscaling Groups of Instances. (== resource_for beta.autoscalers ==) (== resource_for v1.autoscalers ==) (== resource_for beta.regionAutoscalers ==) (== resource_for v1.regionAutoscalers ==)",
+      "id": "Autoscaler",
+      "properties": {
+        "autoscalingPolicy": {
+          "$ref": "AutoscalingPolicy",
+          "description": "The configuration parameters for the autoscaling algorithm. You can define one or more of the policies for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.\n\nIf none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%."
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#autoscaler",
+          "description": "[Output Only] Type of the resource. Always compute#autoscaler for autoscalers.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.instanceGroups.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the instance group resides (for autoscalers living in regional scope).",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the autoscaler configuration.",
+          "enum": [
+            "ACTIVE",
+            "DELETING",
+            "ERROR",
+            "PENDING"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "statusDetails": {
+          "description": "[Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.",
+          "items": {
+            "$ref": "AutoscalerStatusDetails"
+          },
+          "type": "array"
+        },
+        "target": {
+          "description": "URL of the managed instance group that this autoscaler will scale.",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] URL of the zone where the instance group resides (for autoscalers living in zonal scope).",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "AutoscalerAggregatedList": {
+      "id": "AutoscalerAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "AutoscalersScopedList",
+            "description": "[Output Only] Name of the scope containing this set of autoscalers."
+          },
+          "description": "A list of AutoscalersScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#autoscalerAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#autoscalerAggregatedList for aggregated lists of autoscalers.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "AutoscalerList": {
+      "description": "Contains a list of Autoscaler resources.",
+      "id": "AutoscalerList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Autoscaler resources.",
+          "items": {
+            "$ref": "Autoscaler"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#autoscalerList",
+          "description": "[Output Only] Type of resource. Always compute#autoscalerList for lists of autoscalers.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "AutoscalerStatusDetails": {
+      "id": "AutoscalerStatusDetails",
+      "properties": {
+        "message": {
+          "description": "The status message.",
+          "type": "string"
+        },
+        "type": {
+          "description": "The type of error returned.",
+          "enum": [
+            "ALL_INSTANCES_UNHEALTHY",
+            "BACKEND_SERVICE_DOES_NOT_EXIST",
+            "CAPPED_AT_MAX_NUM_REPLICAS",
+            "CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE",
+            "CUSTOM_METRIC_INVALID",
+            "MIN_EQUALS_MAX",
+            "MISSING_CUSTOM_METRIC_DATA_POINTS",
+            "MISSING_LOAD_BALANCING_DATA_POINTS",
+            "MORE_THAN_ONE_BACKEND_SERVICE",
+            "NOT_ENOUGH_QUOTA_AVAILABLE",
+            "REGION_RESOURCE_STOCKOUT",
+            "SCALING_TARGET_DOES_NOT_EXIST",
+            "UNKNOWN",
+            "UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION",
+            "ZONE_RESOURCE_STOCKOUT"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "AutoscalersScopedList": {
+      "id": "AutoscalersScopedList",
+      "properties": {
+        "autoscalers": {
+          "description": "[Output Only] List of autoscalers contained in this scope.",
+          "items": {
+            "$ref": "Autoscaler"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of autoscalers when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "AutoscalingPolicy": {
+      "description": "Cloud Autoscaler policy.",
+      "id": "AutoscalingPolicy",
+      "properties": {
+        "coolDownPeriodSec": {
+          "description": "The number of seconds that the autoscaler should wait before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.\n\nVirtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "cpuUtilization": {
+          "$ref": "AutoscalingPolicyCpuUtilization",
+          "description": "Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group."
+        },
+        "customMetricUtilizations": {
+          "description": "Configuration parameters of autoscaling based on a custom metric.",
+          "items": {
+            "$ref": "AutoscalingPolicyCustomMetricUtilization"
+          },
+          "type": "array"
+        },
+        "loadBalancingUtilization": {
+          "$ref": "AutoscalingPolicyLoadBalancingUtilization",
+          "description": "Configuration parameters of autoscaling based on load balancer."
+        },
+        "maxNumReplicas": {
+          "description": "The maximum number of instances that the autoscaler can scale up to. This is required when creating or updating an autoscaler. The maximum number of replicas should not be lower than minimal number of replicas.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "minNumReplicas": {
+          "description": "The minimum number of replicas that the autoscaler can scale down to. This cannot be less than 0. If not provided, autoscaler will choose a default value depending on maximum number of instances allowed.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "AutoscalingPolicyCpuUtilization": {
+      "description": "CPU utilization policy.",
+      "id": "AutoscalingPolicyCpuUtilization",
+      "properties": {
+        "utilizationTarget": {
+          "description": "The target CPU utilization that the autoscaler should maintain. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.\n\nIf the CPU level is below the target utilization, the autoscaler scales down the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.\n\nIf the average CPU is above the target utilization, the autoscaler scales up until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.",
+          "format": "double",
+          "type": "number"
+        }
+      },
+      "type": "object"
+    },
+    "AutoscalingPolicyCustomMetricUtilization": {
+      "description": "Custom utilization metric policy.",
+      "id": "AutoscalingPolicyCustomMetricUtilization",
+      "properties": {
+        "filter": {
+          "description": "A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data.\n\nFor the filter to be valid for autoscaling purposes, the following rules apply:  \n- You can only use the AND operator for joining selectors. \n- You can only use direct equality comparison operator (=) without any functions for each selector. \n- You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. \n- The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels.\nIf the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a per-group metric for the purpose of autoscaling.\n\nIf not specified, the type defaults to gce_instance.  \n\nYou should provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value.",
+          "type": "string"
+        },
+        "metric": {
+          "description": "The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.\n\nThe metric must have a value type of INT64 or DOUBLE.",
+          "type": "string"
+        },
+        "singleInstanceAssignment": {
+          "description": "If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler will keep the number of instances proportional to the value of this metric, the metric itself should not change value due to group resizing.\n\nA good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances.\n\nA bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead.",
+          "format": "double",
+          "type": "number"
+        },
+        "utilizationTarget": {
+          "description": "The target value of the metric that autoscaler should maintain. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.\n\nFor example, a good metric to use as a utilization_target is compute.googleapis.com/instance/network/received_bytes_count. The autoscaler will work to keep this value constant for each of the instances.",
+          "format": "double",
+          "type": "number"
+        },
+        "utilizationTargetType": {
+          "description": "Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE. If not specified, the default is GAUGE.",
+          "enum": [
+            "DELTA_PER_MINUTE",
+            "DELTA_PER_SECOND",
+            "GAUGE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "AutoscalingPolicyLoadBalancingUtilization": {
+      "description": "Configuration parameters of autoscaling based on load balancing.",
+      "id": "AutoscalingPolicyLoadBalancingUtilization",
+      "properties": {
+        "utilizationTarget": {
+          "description": "Fraction of backend capacity utilization (set in HTTP(s) load balancing configuration) that autoscaler should maintain. Must be a positive float value. If not defined, the default is 0.8.",
+          "format": "double",
+          "type": "number"
+        }
+      },
+      "type": "object"
+    },
+    "Backend": {
+      "description": "Message containing information of one individual backend.",
+      "id": "Backend",
+      "properties": {
+        "balancingMode": {
+          "description": "Specifies the balancing mode for this backend. For global HTTP(S) or TCP/SSL load balancing, the default is UTILIZATION. Valid values are UTILIZATION, RATE (for HTTP(S)) and CONNECTION (for TCP/SSL).\n\nFor Internal Load Balancing, the default and only supported mode is CONNECTION.",
+          "enum": [
+            "CONNECTION",
+            "RATE",
+            "UTILIZATION"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "capacityScaler": {
+          "description": "A multiplier applied to the group's maximum servicing capacity (based on UTILIZATION, RATE or CONNECTION). Default value is 1, which means the group will serve up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available Capacity. Valid range is [0.0,1.0].\n\nThis cannot be used for internal load balancing.",
+          "format": "float",
+          "type": "number"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "group": {
+          "description": "The fully-qualified URL of a Instance Group resource. This instance group defines the list of instances that serve traffic. Member virtual machine instances from each instance group must live in the same zone as the instance group itself. No two backends in a backend service are allowed to use same Instance Group resource.\n\nNote that you must specify an Instance Group resource using the fully-qualified URL, rather than a partial URL.\n\nWhen the BackendService has load balancing scheme INTERNAL, the instance group must be within the same region as the BackendService.",
+          "type": "string"
+        },
+        "maxConnections": {
+          "description": "The max number of simultaneous connections for the group. Can be used with either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set.\n\nThis cannot be used for internal load balancing.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "maxConnectionsPerInstance": {
+          "description": "The max number of simultaneous connections that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set.\n\nThis cannot be used for internal load balancing.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "maxRate": {
+          "description": "The max requests per second (RPS) of the group. Can be used with either RATE or UTILIZATION balancing modes, but required if RATE mode. For RATE mode, either maxRate or maxRatePerInstance must be set.\n\nThis cannot be used for internal load balancing.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "maxRatePerInstance": {
+          "description": "The max requests per second (RPS) that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerInstance must be set.\n\nThis cannot be used for internal load balancing.",
+          "format": "float",
+          "type": "number"
+        },
+        "maxUtilization": {
+          "description": "Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization target for the group. The default is 0.8. Valid range is [0.0, 1.0].\n\nThis cannot be used for internal load balancing.",
+          "format": "float",
+          "type": "number"
+        }
+      },
+      "type": "object"
+    },
+    "BackendBucket": {
+      "description": "A BackendBucket resource. This resource defines a Cloud Storage bucket.",
+      "id": "BackendBucket",
+      "properties": {
+        "bucketName": {
+          "description": "Cloud Storage bucket name.",
+          "type": "string"
+        },
+        "cdnPolicy": {
+          "$ref": "BackendBucketCdnPolicy",
+          "description": "Cloud CDN Coniguration for this BackendBucket."
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional textual description of the resource; provided by the client when the resource is created.",
+          "type": "string"
+        },
+        "enableCdn": {
+          "description": "If true, enable Cloud CDN for this BackendBucket.",
+          "type": "boolean"
+        },
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#backendBucket",
+          "description": "Type of the resource.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "BackendBucketCdnPolicy": {
+      "description": "Message containing Cloud CDN configuration for a backend bucket.",
+      "id": "BackendBucketCdnPolicy",
+      "properties": {
+        "signedUrlCacheMaxAgeSec": {
+          "description": "Number of seconds up to which the response to a signed URL request will be cached in the CDN. After this time period, the Signed URL will be revalidated before being served. Defaults to 1hr (3600s). If this field is set, Cloud CDN will internally act as though all responses from this bucket had a ?Cache-Control: public, max-age=[TTL]? header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered.",
+          "format": "int64",
+          "type": "string"
+        },
+        "signedUrlKeyNames": {
+          "description": "[Output Only] Names of the keys currently configured for Cloud CDN Signed URL on this backend bucket.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "BackendBucketList": {
+      "description": "Contains a list of BackendBucket resources.",
+      "id": "BackendBucketList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of BackendBucket resources.",
+          "items": {
+            "$ref": "BackendBucket"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#backendBucketList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "BackendService": {
+      "description": "A BackendService resource. This resource defines a group of backend virtual machines and their serving capacity. (== resource_for v1.backendService ==) (== resource_for beta.backendService ==)",
+      "id": "BackendService",
+      "properties": {
+        "affinityCookieTtlSec": {
+          "description": "Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day.\n\nWhen the load balancing scheme is INTERNAL, this field is not used.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "backends": {
+          "description": "The list of backends that serve this BackendService.",
+          "items": {
+            "$ref": "Backend"
+          },
+          "type": "array"
+        },
+        "cdnPolicy": {
+          "$ref": "BackendServiceCdnPolicy",
+          "description": "Cloud CDN configuration for this BackendService."
+        },
+        "connectionDraining": {
+          "$ref": "ConnectionDraining"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "enableCDN": {
+          "description": "If true, enable Cloud CDN for this BackendService.\n\nWhen the load balancing scheme is INTERNAL, this field is not used.",
+          "type": "boolean"
+        },
+        "fingerprint": {
+          "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService.",
+          "format": "byte",
+          "type": "string"
+        },
+        "healthChecks": {
+          "description": "The list of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified, and a health check is required for Compute Engine backend services. A health check must not be specified for App Engine backend and Cloud Function backend.\n\nFor internal load balancing, a URL to a HealthCheck resource must be specified instead.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "iap": {
+          "$ref": "BackendServiceIAP"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#backendService",
+          "description": "[Output Only] Type of resource. Always compute#backendService for backend services.",
+          "type": "string"
+        },
+        "loadBalancingScheme": {
+          "description": "Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. Possible values are INTERNAL and EXTERNAL.",
+          "enum": [
+            "EXTERNAL",
+            "INTERNAL",
+            "INVALID_LOAD_BALANCING_SCHEME"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "port": {
+          "description": "Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.\n\nThis cannot be used for internal load balancing.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "portName": {
+          "description": "Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.\n\nWhen the load balancing scheme is INTERNAL, this field is not used.",
+          "type": "string"
+        },
+        "protocol": {
+          "description": "The protocol this BackendService uses to communicate with backends.\n\nPossible values are HTTP, HTTPS, TCP, and SSL. The default is HTTP.\n\nFor internal load balancing, the possible values are TCP and UDP, and the default is TCP.",
+          "enum": [
+            "HTTP",
+            "HTTPS",
+            "SSL",
+            "TCP",
+            "UDP"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "securityPolicy": {
+          "description": "[Output Only] The resource URL for the security policy associated with this backend service.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sessionAffinity": {
+          "description": "Type of session affinity to use. The default is NONE.\n\nWhen the load balancing scheme is EXTERNAL, can be NONE, CLIENT_IP, or GENERATED_COOKIE.\n\nWhen the load balancing scheme is INTERNAL, can be NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.\n\nWhen the protocol is UDP, this field is not used.",
+          "enum": [
+            "CLIENT_IP",
+            "CLIENT_IP_PORT_PROTO",
+            "CLIENT_IP_PROTO",
+            "GENERATED_COOKIE",
+            "NONE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "timeoutSec": {
+          "description": "How many seconds to wait for the backend before considering it a failed request. Default is 30 seconds.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "BackendServiceAggregatedList": {
+      "description": "Contains a list of BackendServicesScopedList.",
+      "id": "BackendServiceAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "BackendServicesScopedList",
+            "description": "Name of the scope containing this set of BackendServices."
+          },
+          "description": "A list of BackendServicesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#backendServiceAggregatedList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "BackendServiceCdnPolicy": {
+      "description": "Message containing Cloud CDN configuration for a backend service.",
+      "id": "BackendServiceCdnPolicy",
+      "properties": {
+        "cacheKeyPolicy": {
+          "$ref": "CacheKeyPolicy",
+          "description": "The CacheKeyPolicy for this CdnPolicy."
+        },
+        "signedUrlCacheMaxAgeSec": {
+          "description": "Number of seconds up to which the response to a signed URL request will be cached in the CDN. After this time period, the Signed URL will be revalidated before being served. Defaults to 1hr (3600s). If this field is set, Cloud CDN will internally act as though all responses from this backend had a ?Cache-Control: public, max-age=[TTL]? header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered.",
+          "format": "int64",
+          "type": "string"
+        },
+        "signedUrlKeyNames": {
+          "description": "[Output Only] Names of the keys currently configured for Cloud CDN Signed URL on this backend service.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "BackendServiceGroupHealth": {
+      "id": "BackendServiceGroupHealth",
+      "properties": {
+        "healthStatus": {
+          "items": {
+            "$ref": "HealthStatus"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#backendServiceGroupHealth",
+          "description": "[Output Only] Type of resource. Always compute#backendServiceGroupHealth for the health of backend services.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "BackendServiceIAP": {
+      "description": "Identity-Aware Proxy",
+      "id": "BackendServiceIAP",
+      "properties": {
+        "enabled": {
+          "type": "boolean"
+        },
+        "oauth2ClientId": {
+          "type": "string"
+        },
+        "oauth2ClientSecret": {
+          "type": "string"
+        },
+        "oauth2ClientSecretSha256": {
+          "description": "[Output Only] SHA256 hash value for the field oauth2_client_secret above.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "BackendServiceList": {
+      "description": "Contains a list of BackendService resources.",
+      "id": "BackendServiceList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of BackendService resources.",
+          "items": {
+            "$ref": "BackendService"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#backendServiceList",
+          "description": "[Output Only] Type of resource. Always compute#backendServiceList for lists of backend services.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "BackendServicesScopedList": {
+      "id": "BackendServicesScopedList",
+      "properties": {
+        "backendServices": {
+          "description": "List of BackendServices contained in this scope.",
+          "items": {
+            "$ref": "BackendService"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of backend services when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "Binding": {
+      "description": "Associates `members` with a `role`.",
+      "id": "Binding",
+      "properties": {
+        "condition": {
+          "$ref": "Expr",
+          "description": "The condition that is associated with this binding. NOTE: an unsatisfied condition will not allow user access via current binding. Different bindings, including their conditions, are examined independently. This field is only visible as GOOGLE_INTERNAL or CONDITION_TRUSTED_TESTER."
+        },
+        "members": {
+          "description": "Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:\n\n* `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.\n\n* `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n\n* `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@gmail.com` or `joe@example.com`.\n\n\n\n* `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.\n\n* `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.\n\n\n\n* `domain:{domain}`: A Google Apps domain name that represents all the users of that domain. For example, `google.com` or `example.com`.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "role": {
+          "description": "Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "CacheInvalidationRule": {
+      "id": "CacheInvalidationRule",
+      "properties": {
+        "host": {
+          "description": "If set, this invalidation rule will only apply to requests with a Host header matching host.",
+          "type": "string"
+        },
+        "path": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "CacheKeyPolicy": {
+      "description": "Message containing what to include in the cache key for a request for Cloud CDN.",
+      "id": "CacheKeyPolicy",
+      "properties": {
+        "includeHost": {
+          "description": "If true, requests to different hosts will be cached separately.",
+          "type": "boolean"
+        },
+        "includeProtocol": {
+          "description": "If true, http and https requests will be cached separately.",
+          "type": "boolean"
+        },
+        "includeQueryString": {
+          "description": "If true, include query string parameters in the cache key according to query_string_whitelist and query_string_blacklist. If neither is set, the entire query string will be included. If false, the query string will be excluded from the cache key entirely.",
+          "type": "boolean"
+        },
+        "queryStringBlacklist": {
+          "description": "Names of query string parameters to exclude in cache keys. All other parameters will be included. Either specify query_string_whitelist or query_string_blacklist, not both. '\u0026' and '=' will be percent encoded and not treated as delimiters.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "queryStringWhitelist": {
+          "description": "Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify query_string_whitelist or query_string_blacklist, not both. '\u0026' and '=' will be percent encoded and not treated as delimiters.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "Commitment": {
+      "description": "Represents a Commitment resource. Creating a Commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts.\n\nCommitted use discounts are subject to Google Cloud Platform's Service Specific Terms. By purchasing a committed use discount, you agree to these terms. Committed use discounts will not renew, so you must purchase a new commitment to continue receiving discounts. (== resource_for beta.commitments ==) (== resource_for v1.commitments ==)",
+      "id": "Commitment",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "endTimestamp": {
+          "description": "[Output Only] Commitment end time in RFC3339 text format.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#commitment",
+          "description": "[Output Only] Type of the resource. Always compute#commitment for commitments.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "plan": {
+          "description": "The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).",
+          "enum": [
+            "INVALID",
+            "THIRTY_SIX_MONTH",
+            "TWELVE_MONTH"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where this commitment may be used.",
+          "type": "string"
+        },
+        "resources": {
+          "description": "List of commitment amounts for particular resources. Note that VCPU and MEMORY resource commitments must occur together.",
+          "items": {
+            "$ref": "ResourceCommitment"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "startTimestamp": {
+          "description": "[Output Only] Commitment start time in RFC3339 text format.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] Status of the commitment with regards to eventual expiration (each commitment has an end date defined). One of the following values: NOT_YET_ACTIVE, ACTIVE, EXPIRED.",
+          "enum": [
+            "ACTIVE",
+            "CREATING",
+            "EXPIRED",
+            "NOT_YET_ACTIVE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "statusMessage": {
+          "description": "[Output Only] An optional, human-readable explanation of the status.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "CommitmentAggregatedList": {
+      "id": "CommitmentAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "CommitmentsScopedList",
+            "description": "[Output Only] Name of the scope containing this set of commitments."
+          },
+          "description": "A list of CommitmentsScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#commitmentAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#commitmentAggregatedList for aggregated lists of commitments.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "CommitmentList": {
+      "description": "Contains a list of Commitment resources.",
+      "id": "CommitmentList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Commitment resources.",
+          "items": {
+            "$ref": "Commitment"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#commitmentList",
+          "description": "[Output Only] Type of resource. Always compute#commitmentList for lists of commitments.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "CommitmentsScopedList": {
+      "id": "CommitmentsScopedList",
+      "properties": {
+        "commitments": {
+          "description": "[Output Only] List of commitments contained in this scope.",
+          "items": {
+            "$ref": "Commitment"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of commitments when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "Condition": {
+      "description": "A condition to be met.",
+      "id": "Condition",
+      "properties": {
+        "iam": {
+          "description": "Trusted attributes supplied by the IAM system.",
+          "enum": [
+            "APPROVER",
+            "ATTRIBUTION",
+            "AUTHORITY",
+            "CREDENTIALS_TYPE",
+            "JUSTIFICATION_TYPE",
+            "NO_ATTR",
+            "SECURITY_REALM"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "op": {
+          "description": "An operator to apply the subject with.",
+          "enum": [
+            "DISCHARGED",
+            "EQUALS",
+            "IN",
+            "NOT_EQUALS",
+            "NOT_IN",
+            "NO_OP"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "svc": {
+          "description": "Trusted attributes discharged by the service.",
+          "type": "string"
+        },
+        "sys": {
+          "description": "Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.",
+          "enum": [
+            "IP",
+            "NAME",
+            "NO_ATTR",
+            "REGION",
+            "SERVICE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "value": {
+          "description": "DEPRECATED. Use 'values' instead.",
+          "type": "string"
+        },
+        "values": {
+          "description": "The objects of the condition. This is mutually exclusive with 'value'.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "ConnectionDraining": {
+      "description": "Message containing connection draining configuration.",
+      "id": "ConnectionDraining",
+      "properties": {
+        "drainingTimeoutSec": {
+          "description": "Time for which instance will be drained (not accept new connections, but still work to finish started).",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "CustomerEncryptionKey": {
+      "description": "Represents a customer-supplied encryption key",
+      "id": "CustomerEncryptionKey",
+      "properties": {
+        "rawKey": {
+          "description": "Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.",
+          "type": "string"
+        },
+        "rsaEncryptedKey": {
+          "description": "Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.\n\nThe key must meet the following requirements before you can provide it to Compute Engine:  \n- The key is wrapped using a RSA public key certificate provided by Google. \n- After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Get the RSA public key certificate provided by Google at:\nhttps://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem",
+          "type": "string"
+        },
+        "sha256": {
+          "description": "[Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "CustomerEncryptionKeyProtectedDisk": {
+      "id": "CustomerEncryptionKeyProtectedDisk",
+      "properties": {
+        "diskEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "Decrypts data associated with the disk with a customer-supplied encryption key."
+        },
+        "source": {
+          "description": "Specifies a valid partial or full URL to an existing Persistent Disk resource. This field is only applicable for persistent disks.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "DeprecationStatus": {
+      "description": "Deprecation status for a public resource.",
+      "id": "DeprecationStatus",
+      "properties": {
+        "deleted": {
+          "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it.",
+          "type": "string"
+        },
+        "deprecated": {
+          "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DEPRECATED. This is only informational and the status will not change unless the client explicitly changes it.",
+          "type": "string"
+        },
+        "obsolete": {
+          "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to OBSOLETE. This is only informational and the status will not change unless the client explicitly changes it.",
+          "type": "string"
+        },
+        "replacement": {
+          "description": "The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource.",
+          "type": "string"
+        },
+        "state": {
+          "description": "The deprecation state of this resource. This can be DEPRECATED, OBSOLETE, or DELETED. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.",
+          "enum": [
+            "DELETED",
+            "DEPRECATED",
+            "OBSOLETE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Disk": {
+      "description": "A Disk resource. (== resource_for beta.disks ==) (== resource_for v1.disks ==)",
+      "id": "Disk",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "diskEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "Encrypts the disk using a customer-supplied encryption key.\n\nAfter you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot or an image, or to attach the disk to a virtual machine).\n\nCustomer-supplied encryption keys do not protect access to metadata of the disk.\n\nIf you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later."
+        },
+        "guestOsFeatures": {
+          "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.",
+          "items": {
+            "$ref": "GuestOsFeature"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#disk",
+          "description": "[Output Only] Type of the resource. Always compute#disk for disks.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a disk.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this disk. These can be later modified by the setLabels method.",
+          "type": "object"
+        },
+        "lastAttachTimestamp": {
+          "description": "[Output Only] Last attach timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "lastDetachTimestamp": {
+          "description": "[Output Only] Last detach timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "licenseCodes": {
+          "description": "Integer license codes indicating which licenses are attached to this disk.",
+          "items": {
+            "format": "int64",
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "licenses": {
+          "description": "Any applicable publicly visible licenses.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.disks.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "options": {
+          "description": "Internal use only.",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the disk resides. Only applicable for regional resources. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "replicaZones": {
+          "description": "URLs of the zones where the disk should be replicated to. Only applicable for regional resources.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined fully-qualified URL for this resource.",
+          "type": "string"
+        },
+        "sizeGb": {
+          "description": "Size of the persistent disk, specified in GB. You can specify this field when creating a persistent disk using the sourceImage or sourceSnapshot parameter, or specify it alone to create an empty persistent disk.\n\nIf you specify this field along with sourceImage or sourceSnapshot, the value of sizeGb must not be less than the size of the sourceImage or the size of the snapshot. Acceptable values are 1 to 65536, inclusive.",
+          "format": "int64",
+          "type": "string"
+        },
+        "sourceImage": {
+          "description": "The source image used to create this disk. If the source image is deleted, this field will not be set.\n\nTo create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-8 to use the latest Debian 8 image:\nprojects/debian-cloud/global/images/family/debian-8\n\n\nAlternatively, use a specific version of a public operating system image:\nprojects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD\n\n\nTo create a disk with a custom image that you created, specify the image name in the following format:\nglobal/images/my-custom-image\n\n\nYou can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:\nglobal/images/family/my-image-family",
+          "type": "string"
+        },
+        "sourceImageEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key."
+        },
+        "sourceImageId": {
+          "description": "[Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.",
+          "type": "string"
+        },
+        "sourceSnapshot": {
+          "description": "The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot \n- projects/project/global/snapshots/snapshot \n- global/snapshots/snapshot",
+          "type": "string"
+        },
+        "sourceSnapshotEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key."
+        },
+        "sourceSnapshotId": {
+          "description": "[Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of disk creation.",
+          "enum": [
+            "CREATING",
+            "FAILED",
+            "READY",
+            "RESTORING"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "storageType": {
+          "description": "[Deprecated] Storage type of the persistent disk.",
+          "enum": [
+            "HDD",
+            "SSD"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "type": {
+          "description": "URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: project/zones/zone/diskTypes/pd-standard or pd-ssd",
+          "type": "string"
+        },
+        "users": {
+          "description": "[Output Only] Links to the users of the disk (attached instances) in form: project/zones/zone/instances/instance",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "zone": {
+          "description": "[Output Only] URL of the zone where the disk resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "DiskAggregatedList": {
+      "id": "DiskAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "DisksScopedList",
+            "description": "[Output Only] Name of the scope containing this set of disks."
+          },
+          "description": "A list of DisksScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#diskAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#diskAggregatedList for aggregated lists of persistent disks.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "DiskInstantiationConfig": {
+      "description": "A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.",
+      "id": "DiskInstantiationConfig",
+      "properties": {
+        "autoDelete": {
+          "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).",
+          "type": "boolean"
+        },
+        "customImage": {
+          "description": "The custom source image to be used to restore this disk when instantiating this instance template.",
+          "type": "string"
+        },
+        "deviceName": {
+          "description": "Specifies the device name of the disk to which the configurations apply to.",
+          "type": "string"
+        },
+        "instantiateFrom": {
+          "description": "Specifies whether to include the disk and what image to use. Possible values are:  \n- source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. \n- source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. \n- custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. \n- attach-read-only: to attach a read-only disk. Applicable to read-only disks. \n- do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks.",
+          "enum": [
+            "ATTACH_READ_ONLY",
+            "BLANK",
+            "CUSTOM_IMAGE",
+            "DEFAULT",
+            "DO_NOT_INCLUDE",
+            "SOURCE_IMAGE",
+            "SOURCE_IMAGE_FAMILY"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "DiskList": {
+      "description": "A list of Disk resources.",
+      "id": "DiskList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Disk resources.",
+          "items": {
+            "$ref": "Disk"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#diskList",
+          "description": "[Output Only] Type of resource. Always compute#diskList for lists of disks.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "DiskMoveRequest": {
+      "id": "DiskMoveRequest",
+      "properties": {
+        "destinationZone": {
+          "description": "The URL of the destination zone to move the disk. This can be a full or partial URL. For example, the following are all valid URLs to a zone:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone \n- projects/project/zones/zone \n- zones/zone",
+          "type": "string"
+        },
+        "targetDisk": {
+          "description": "The URL of the target disk to move. This can be a full or partial URL. For example, the following are all valid URLs to a disk:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk \n- projects/project/zones/zone/disks/disk \n- zones/zone/disks/disk",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "DiskType": {
+      "description": "A DiskType resource. (== resource_for beta.diskTypes ==) (== resource_for v1.diskTypes ==)",
+      "id": "DiskType",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "defaultDiskSizeGb": {
+          "description": "[Output Only] Server-defined default disk size in GB.",
+          "format": "int64",
+          "type": "string"
+        },
+        "deprecated": {
+          "$ref": "DeprecationStatus",
+          "description": "[Output Only] The deprecation status associated with this disk type."
+        },
+        "description": {
+          "description": "[Output Only] An optional description of this resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#diskType",
+          "description": "[Output Only] Type of the resource. Always compute#diskType for disk types.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "validDiskSize": {
+          "description": "[Output Only] An optional textual description of the valid disk size, such as \"10GB-10TB\".",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] URL of the zone where the disk type resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "DiskTypeAggregatedList": {
+      "id": "DiskTypeAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "DiskTypesScopedList",
+            "description": "[Output Only] Name of the scope containing this set of disk types."
+          },
+          "description": "A list of DiskTypesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#diskTypeAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#diskTypeAggregatedList.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "DiskTypeList": {
+      "description": "Contains a list of disk types.",
+      "id": "DiskTypeList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of DiskType resources.",
+          "items": {
+            "$ref": "DiskType"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#diskTypeList",
+          "description": "[Output Only] Type of resource. Always compute#diskTypeList for disk types.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "DiskTypesScopedList": {
+      "id": "DiskTypesScopedList",
+      "properties": {
+        "diskTypes": {
+          "description": "[Output Only] List of disk types contained in this scope.",
+          "items": {
+            "$ref": "DiskType"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of disk types when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "DisksResizeRequest": {
+      "id": "DisksResizeRequest",
+      "properties": {
+        "sizeGb": {
+          "description": "The new size of the persistent disk, which is specified in GB.",
+          "format": "int64",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "DisksScopedList": {
+      "id": "DisksScopedList",
+      "properties": {
+        "disks": {
+          "description": "[Output Only] List of disks contained in this scope.",
+          "items": {
+            "$ref": "Disk"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of disks when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "DistributionPolicy": {
+      "id": "DistributionPolicy",
+      "properties": {
+        "zones": {
+          "items": {
+            "$ref": "DistributionPolicyZoneConfiguration"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "DistributionPolicyZoneConfiguration": {
+      "id": "DistributionPolicyZoneConfiguration",
+      "properties": {
+        "zone": {
+          "annotations": {
+            "required": [
+              "compute.regionInstanceGroupManagers.insert",
+              "compute.regionInstanceGroupManagers.update"
+            ]
+          },
+          "description": "URL of the zone where managed instance group is spawning instances (for regional resources). Zone has to belong to the region where managed instance group is located.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Expr": {
+      "description": "Represents an expression text. Example:\n\ntitle: \"User account presence\" description: \"Determines whether the request has a user account\" expression: \"size(request.user) \u003e 0\"",
+      "id": "Expr",
+      "properties": {
+        "description": {
+          "description": "An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.",
+          "type": "string"
+        },
+        "expression": {
+          "description": "Textual representation of an expression in Common Expression Language syntax.\n\nThe application context of the containing message determines which well-known feature set of CEL is supported.",
+          "type": "string"
+        },
+        "location": {
+          "description": "An optional string indicating the location of the expression for error reporting, e.g. a file name and a position in the file.",
+          "type": "string"
+        },
+        "title": {
+          "description": "An optional title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Firewall": {
+      "description": "Represents a Firewall resource.",
+      "id": "Firewall",
+      "properties": {
+        "allowed": {
+          "description": "The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.",
+          "items": {
+            "properties": {
+              "IPProtocol": {
+                "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.",
+                "type": "string"
+              },
+              "ports": {
+                "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.\n\nExample inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"].",
+                "items": {
+                  "type": "string"
+                },
+                "type": "array"
+              }
+            },
+            "type": "object"
+          },
+          "type": "array"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "denied": {
+          "description": "The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.",
+          "items": {
+            "properties": {
+              "IPProtocol": {
+                "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.",
+                "type": "string"
+              },
+              "ports": {
+                "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.\n\nExample inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"].",
+                "items": {
+                  "type": "string"
+                },
+                "type": "array"
+              }
+            },
+            "type": "object"
+          },
+          "type": "array"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "destinationRanges": {
+          "description": "If destination ranges are specified, the firewall will apply only to traffic that has destination IP address in these ranges. These ranges must be expressed in CIDR format. Only IPv4 is supported.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "direction": {
+          "description": "Direction of traffic to which this firewall applies; default is INGRESS. Note: For INGRESS traffic, it is NOT supported to specify destinationRanges; For EGRESS traffic, it is NOT supported to specify sourceRanges OR sourceTags.",
+          "enum": [
+            "EGRESS",
+            "INGRESS"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#firewall",
+          "description": "[Output Only] Type of the resource. Always compute#firewall for firewall rules.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.firewalls.insert",
+              "compute.firewalls.patch"
+            ]
+          },
+          "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "network": {
+          "description": "URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:\nglobal/networks/default\nIf you choose to specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network \n- projects/myproject/global/networks/my-network \n- global/networks/default",
+          "type": "string"
+        },
+        "priority": {
+          "description": "Priority for this rule. This is an integer between 0 and 65535, both inclusive. When not specified, the value assumed is 1000. Relative priorities determine precedence of conflicting rules. Lower value of priority implies higher precedence (eg, a rule with priority 0 has higher precedence than a rule with priority 1). DENY rules take precedence over ALLOW rules having equal priority.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sourceRanges": {
+          "description": "If source ranges are specified, the firewall will apply only to traffic that has source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply. Only IPv4 is supported.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "sourceServiceAccounts": {
+          "description": "If source service accounts are specified, the firewall will apply only to traffic originating from an instance with a service account in this list. Source service accounts cannot be used to control traffic to an instance's external IP address because service accounts are associated with an instance, not an IP address. sourceRanges can be set at the same time as sourceServiceAccounts. If both are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP belongs to an instance with service account listed in sourceServiceAccount. The connection does not need to match both properties for the firewall to apply. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "sourceTags": {
+          "description": "If source tags are specified, the firewall rule applies only to traffic with source IPs that match the primary network interfaces of VM instances that have the tag and are in the same VPC network. Source tags cannot be used to control traffic to an instance's external IP address, it only applies to traffic between instances in the same virtual network. Because tags are associated with instances, not IP addresses. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "targetServiceAccounts": {
+          "description": "A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[]. targetServiceAccounts cannot be used at the same time as targetTags or sourceTags. If neither targetServiceAccounts nor targetTags are specified, the firewall rule applies to all instances on the specified network.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "targetTags": {
+          "description": "A list of tags that controls which instances the firewall rule applies to. If targetTags are specified, then the firewall rule applies only to instances in the VPC network that have one of those tags. If no targetTags are specified, the firewall rule applies to all instances on the specified network.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "FirewallList": {
+      "description": "Contains a list of firewalls.",
+      "id": "FirewallList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Firewall resources.",
+          "items": {
+            "$ref": "Firewall"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#firewallList",
+          "description": "[Output Only] Type of resource. Always compute#firewallList for lists of firewalls.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "FixedOrPercent": {
+      "description": "Encapsulates numeric value that can be either absolute or relative.",
+      "id": "FixedOrPercent",
+      "properties": {
+        "calculated": {
+          "description": "[Output Only] Absolute value of VM instances calculated based on the specific mode.\n\n \n- If the value is fixed, then the caculated value is equal to the fixed value. \n- If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded up.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "fixed": {
+          "description": "Specifies a fixed number of VM instances. This must be a positive integer.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "percent": {
+          "description": "Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "ForwardingRule": {
+      "description": "A ForwardingRule resource. A ForwardingRule resource specifies which pool of target virtual machines to forward a packet to if it matches the given [IPAddress, IPProtocol, ports] tuple. (== resource_for beta.forwardingRules ==) (== resource_for v1.forwardingRules ==) (== resource_for beta.globalForwardingRules ==) (== resource_for v1.globalForwardingRules ==) (== resource_for beta.regionForwardingRules ==) (== resource_for v1.regionForwardingRules ==)",
+      "id": "ForwardingRule",
+      "properties": {
+        "IPAddress": {
+          "description": "The IP address that this forwarding rule is serving on behalf of.\n\nAddresses are restricted based on the forwarding rule's load balancing scheme (EXTERNAL or INTERNAL) and scope (global or regional).\n\nWhen the load balancing scheme is EXTERNAL, for global forwarding rules, the address must be a global IP, and for regional forwarding rules, the address must live in the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 address from the same scope (global or regional) will be assigned. A regional forwarding rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6.\n\nWhen the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address belonging to the network/subnet configured for the forwarding rule. By default, if this field is empty, an ephemeral internal IP address will be automatically allocated from the IP range of the subnet or network configured for this forwarding rule.\n\nAn address can be specified either by a literal IP address or a URL reference to an existing Address resource. The following examples are all valid:  \n- 100.1.2.3 \n- https://www.googleapis.com/compute/v1/projects/project/regions/region/addresses/address \n- projects/project/regions/region/addresses/address \n- regions/region/addresses/address \n- global/addresses/address \n- address",
+          "type": "string"
+        },
+        "IPProtocol": {
+          "description": "The IP protocol to which this rule applies. Valid options are TCP, UDP, ESP, AH, SCTP or ICMP.\n\nWhen the load balancing scheme is INTERNAL, only TCP and UDP are valid.",
+          "enum": [
+            "AH",
+            "ESP",
+            "ICMP",
+            "SCTP",
+            "TCP",
+            "UDP"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "backendService": {
+          "description": "This field is not used for external load balancing.\n\nFor internal load balancing, this field identifies the BackendService resource to receive the matched traffic.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "ipVersion": {
+          "description": "The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for a global forwarding rule.",
+          "enum": [
+            "IPV4",
+            "IPV6",
+            "UNSPECIFIED_VERSION"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#forwardingRule",
+          "description": "[Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this resource, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a ForwardingRule.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this resource. These can be later modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.",
+          "type": "object"
+        },
+        "loadBalancingScheme": {
+          "description": "This signifies what the ForwardingRule will be used for and can only take the following values: INTERNAL, EXTERNAL The value of INTERNAL means that this will be used for Internal Network Load Balancing (TCP, UDP). The value of EXTERNAL means that this will be used for External Load Balancing (HTTP(S) LB, External TCP/UDP LB, SSL Proxy)",
+          "enum": [
+            "EXTERNAL",
+            "INTERNAL",
+            "INVALID"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "network": {
+          "description": "This field is not used for external load balancing.\n\nFor internal load balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.",
+          "type": "string"
+        },
+        "networkTier": {
+          "description": "This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM , STANDARD.\n\nFor regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.\n\nIf this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.",
+          "enum": [
+            "PREMIUM",
+            "STANDARD"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "portRange": {
+          "description": "This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance.\n\nApplicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to ports in the specified range will be forwarded to target. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port ranges.\n\nSome types of forwarding target have constraints on the acceptable ports:  \n- TargetHttpProxy: 80, 8080 \n- TargetHttpsProxy: 443 \n- TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 \n- TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 \n- TargetVpnGateway: 500, 4500",
+          "type": "string"
+        },
+        "ports": {
+          "description": "This field is used along with the backend_service field for internal load balancing.\n\nWhen the load balancing scheme is INTERNAL, a single port or a comma separated list of ports can be configured. Only packets addressed to these ports will be forwarded to the backends configured with this forwarding rule.\n\nYou may specify a maximum of up to 5 ports.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "serviceLabel": {
+          "description": "An optional prefix to the service name for this Forwarding Rule. If specified, will be the first label of the fully qualified service name.\n\nThe label must be 1-63 characters long, and comply with RFC1035. Specifically, the label must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.\n\nThis field is only used for internal load balancing.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "serviceName": {
+          "description": "[Output Only] The internal fully qualified service name for this Forwarding Rule.\n\nThis field is only used for internal load balancing.",
+          "type": "string"
+        },
+        "subnetwork": {
+          "description": "This field is not used for external load balancing.\n\nFor internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.\n\nIf the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.",
+          "type": "string"
+        },
+        "target": {
+          "description": "The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must live in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ForwardingRuleAggregatedList": {
+      "id": "ForwardingRuleAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "ForwardingRulesScopedList",
+            "description": "Name of the scope containing this set of addresses."
+          },
+          "description": "A list of ForwardingRulesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#forwardingRuleAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#forwardingRuleAggregatedList for lists of forwarding rules.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "ForwardingRuleList": {
+      "description": "Contains a list of ForwardingRule resources.",
+      "id": "ForwardingRuleList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of ForwardingRule resources.",
+          "items": {
+            "$ref": "ForwardingRule"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#forwardingRuleList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "ForwardingRulesScopedList": {
+      "id": "ForwardingRulesScopedList",
+      "properties": {
+        "forwardingRules": {
+          "description": "List of forwarding rules contained in this scope.",
+          "items": {
+            "$ref": "ForwardingRule"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of forwarding rules when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "GlobalSetLabelsRequest": {
+      "id": "GlobalSetLabelsRequest",
+      "properties": {
+        "labelFingerprint": {
+          "description": "The fingerprint of the previous set of labels for this resource, used to detect conflicts. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash when updating or changing labels. Make a get() request to the resource to get the latest fingerprint.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "A list of labels to apply for this resource. Each label key \u0026 value must comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For example, \"webserver-frontend\": \"images\". A label value can also be empty (e.g. \"my-label\": \"\").",
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "GuestOsFeature": {
+      "description": "Guest OS features.",
+      "id": "GuestOsFeature",
+      "properties": {
+        "type": {
+          "description": "The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.",
+          "enum": [
+            "FEATURE_TYPE_UNSPECIFIED",
+            "MULTI_IP_SUBNET",
+            "SECURE_BOOT",
+            "UEFI_COMPATIBLE",
+            "VIRTIO_SCSI_MULTIQUEUE",
+            "WINDOWS"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "HTTPHealthCheck": {
+      "id": "HTTPHealthCheck",
+      "properties": {
+        "host": {
+          "description": "The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.",
+          "type": "string"
+        },
+        "port": {
+          "description": "The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "portName": {
+          "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.",
+          "type": "string"
+        },
+        "proxyHeader": {
+          "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "requestPath": {
+          "description": "The request path of the HTTP health check request. The default value is /.",
+          "type": "string"
+        },
+        "response": {
+          "description": "The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "HTTPSHealthCheck": {
+      "id": "HTTPSHealthCheck",
+      "properties": {
+        "host": {
+          "description": "The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.",
+          "type": "string"
+        },
+        "port": {
+          "description": "The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "portName": {
+          "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.",
+          "type": "string"
+        },
+        "proxyHeader": {
+          "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "requestPath": {
+          "description": "The request path of the HTTPS health check request. The default value is /.",
+          "type": "string"
+        },
+        "response": {
+          "description": "The string to match anywhere in the first 1024 bytes of the response body. If left empty (the default value), the status code determines health. The response data can only be ASCII.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "HealthCheck": {
+      "description": "An HealthCheck resource. This resource defines a template for how individual virtual machines should be checked for health, via one of the supported protocols.",
+      "id": "HealthCheck",
+      "properties": {
+        "checkIntervalSec": {
+          "description": "How often (in seconds) to send a health check. The default value is 5 seconds.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in 3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "healthyThreshold": {
+          "description": "A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "httpHealthCheck": {
+          "$ref": "HTTPHealthCheck"
+        },
+        "httpsHealthCheck": {
+          "$ref": "HTTPSHealthCheck"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#healthCheck",
+          "description": "Type of the resource.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sslHealthCheck": {
+          "$ref": "SSLHealthCheck"
+        },
+        "tcpHealthCheck": {
+          "$ref": "TCPHealthCheck"
+        },
+        "timeoutSec": {
+          "description": "How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "type": {
+          "description": "Specifies the type of the healthCheck, either TCP, SSL, HTTP or HTTPS. If not specified, the default is TCP. Exactly one of the protocol-specific health check field must be specified, which must match type field.",
+          "enum": [
+            "HTTP",
+            "HTTPS",
+            "INVALID",
+            "SSL",
+            "TCP",
+            "UDP"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "udpHealthCheck": {
+          "$ref": "UDPHealthCheck"
+        },
+        "unhealthyThreshold": {
+          "description": "A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "HealthCheckList": {
+      "description": "Contains a list of HealthCheck resources.",
+      "id": "HealthCheckList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of HealthCheck resources.",
+          "items": {
+            "$ref": "HealthCheck"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#healthCheckList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "HealthCheckReference": {
+      "description": "A full or valid partial URL to a health check. For example, the following are valid URLs:  \n- https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check \n- projects/project-id/global/httpHealthChecks/health-check \n- global/httpHealthChecks/health-check",
+      "id": "HealthCheckReference",
+      "properties": {
+        "healthCheck": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "HealthStatus": {
+      "id": "HealthStatus",
+      "properties": {
+        "healthState": {
+          "description": "Health state of the instance.",
+          "enum": [
+            "HEALTHY",
+            "UNHEALTHY"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "instance": {
+          "description": "URL of the instance resource.",
+          "type": "string"
+        },
+        "ipAddress": {
+          "description": "The IP address represented by this resource.",
+          "type": "string"
+        },
+        "port": {
+          "description": "The port on the instance.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "HostRule": {
+      "description": "UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.",
+      "id": "HostRule",
+      "properties": {
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "hosts": {
+          "description": "The list of host patterns to match. They must be valid hostnames, except * will match any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "pathMatcher": {
+          "description": "The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "HttpHealthCheck": {
+      "description": "An HttpHealthCheck resource. This resource defines a template for how individual instances should be checked for health, via HTTP.",
+      "id": "HttpHealthCheck",
+      "properties": {
+        "checkIntervalSec": {
+          "description": "How often (in seconds) to send a health check. The default value is 5 seconds.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "healthyThreshold": {
+          "description": "A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "host": {
+          "description": "The value of the host header in the HTTP health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#httpHealthCheck",
+          "description": "[Output Only] Type of the resource. Always compute#httpHealthCheck for HTTP health checks.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "port": {
+          "description": "The TCP port number for the HTTP health check request. The default value is 80.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "requestPath": {
+          "description": "The request path of the HTTP health check request. The default value is /.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "timeoutSec": {
+          "description": "How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "unhealthyThreshold": {
+          "description": "A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "HttpHealthCheckList": {
+      "description": "Contains a list of HttpHealthCheck resources.",
+      "id": "HttpHealthCheckList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of HttpHealthCheck resources.",
+          "items": {
+            "$ref": "HttpHealthCheck"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#httpHealthCheckList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "HttpsHealthCheck": {
+      "description": "An HttpsHealthCheck resource. This resource defines a template for how individual instances should be checked for health, via HTTPS.",
+      "id": "HttpsHealthCheck",
+      "properties": {
+        "checkIntervalSec": {
+          "description": "How often (in seconds) to send a health check. The default value is 5 seconds.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "healthyThreshold": {
+          "description": "A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "host": {
+          "description": "The value of the host header in the HTTPS health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#httpsHealthCheck",
+          "description": "Type of the resource.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "port": {
+          "description": "The TCP port number for the HTTPS health check request. The default value is 443.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "requestPath": {
+          "description": "The request path of the HTTPS health check request. The default value is \"/\".",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "timeoutSec": {
+          "description": "How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have a greater value than checkIntervalSec.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "unhealthyThreshold": {
+          "description": "A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "HttpsHealthCheckList": {
+      "description": "Contains a list of HttpsHealthCheck resources.",
+      "id": "HttpsHealthCheckList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of HttpsHealthCheck resources.",
+          "items": {
+            "$ref": "HttpsHealthCheck"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#httpsHealthCheckList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "Image": {
+      "description": "An Image resource. (== resource_for beta.images ==) (== resource_for v1.images ==)",
+      "id": "Image",
+      "properties": {
+        "archiveSizeBytes": {
+          "description": "Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).",
+          "format": "int64",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "deprecated": {
+          "$ref": "DeprecationStatus",
+          "description": "The deprecation status associated with this image."
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "diskSizeGb": {
+          "description": "Size of the image when restored onto a persistent disk (in GB).",
+          "format": "int64",
+          "type": "string"
+        },
+        "family": {
+          "description": "The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.",
+          "type": "string"
+        },
+        "guestOsFeatures": {
+          "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.",
+          "items": {
+            "$ref": "GuestOsFeature"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "imageEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "Encrypts the image using a customer-supplied encryption key.\n\nAfter you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).\n\nCustomer-supplied encryption keys do not protect access to metadata of the disk.\n\nIf you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later."
+        },
+        "kind": {
+          "default": "compute#image",
+          "description": "[Output Only] Type of the resource. Always compute#image for images.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an image.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this image. These can be later modified by the setLabels method.",
+          "type": "object"
+        },
+        "licenseCodes": {
+          "description": "Integer license codes indicating which licenses are attached to this image.",
+          "items": {
+            "format": "int64",
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "licenses": {
+          "description": "Any applicable license URI.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.images.insert"
+            ]
+          },
+          "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "rawDisk": {
+          "description": "The parameters of the raw disk image.",
+          "properties": {
+            "containerType": {
+              "description": "The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.",
+              "enum": [
+                "TAR"
+              ],
+              "enumDescriptions": [
+                ""
+              ],
+              "type": "string"
+            },
+            "sha1Checksum": {
+              "description": "An optional SHA1 checksum of the disk image before unpackaging; provided by the client when the disk image is created.",
+              "pattern": "[a-f0-9]{40}",
+              "type": "string"
+            },
+            "source": {
+              "annotations": {
+                "required": [
+                  "compute.images.insert"
+                ]
+              },
+              "description": "The full Google Cloud Storage URL where the disk image is stored. You must provide either this property or the sourceDisk property but not both.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sourceDisk": {
+          "description": "URL of the source disk used to create this image. This can be a full or valid partial URL. You must provide either this property or the rawDisk.source property but not both to create an image. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk \n- projects/project/zones/zone/disks/disk \n- zones/zone/disks/disk",
+          "type": "string"
+        },
+        "sourceDiskEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key."
+        },
+        "sourceDiskId": {
+          "description": "The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.",
+          "type": "string"
+        },
+        "sourceImage": {
+          "description": "URL of the source image used to create this image. This can be a full or valid partial URL. You must provide exactly one of:  \n- this property, or  \n- the rawDisk.source property, or  \n- the sourceDisk property   in order to create an image.",
+          "type": "string"
+        },
+        "sourceImageEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key."
+        },
+        "sourceImageId": {
+          "description": "[Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.",
+          "type": "string"
+        },
+        "sourceSnapshot": {
+          "description": "URL of the source snapshot used to create this image. This can be a full or valid partial URL. You must provide exactly one of:  \n- this property, or  \n- the sourceImage property, or  \n- the rawDisk.source property, or  \n- the sourceDisk property   in order to create an image.",
+          "type": "string"
+        },
+        "sourceSnapshotEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key."
+        },
+        "sourceSnapshotId": {
+          "description": "[Output Only] The ID value of the snapshot used to create this image. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given snapshot name.",
+          "type": "string"
+        },
+        "sourceType": {
+          "default": "RAW",
+          "description": "The type of the image used to create this disk. The default and only value is RAW",
+          "enum": [
+            "RAW"
+          ],
+          "enumDescriptions": [
+            ""
+          ],
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the image. An image can be used to create other resources, such as instances, only after the image has been successfully created and the status is set to READY. Possible values are FAILED, PENDING, or READY.",
+          "enum": [
+            "FAILED",
+            "PENDING",
+            "READY"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ImageList": {
+      "description": "Contains a list of images.",
+      "id": "ImageList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Image resources.",
+          "items": {
+            "$ref": "Image"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#imageList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "Instance": {
+      "description": "An Instance resource. (== resource_for beta.instances ==) (== resource_for v1.instances ==)",
+      "id": "Instance",
+      "properties": {
+        "canIpForward": {
+          "description": "Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.",
+          "type": "boolean"
+        },
+        "cpuPlatform": {
+          "description": "[Output Only] The CPU platform used by this instance.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "deletionProtection": {
+          "description": "Whether the resource should be protected against deletion.",
+          "type": "boolean"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "disks": {
+          "description": "Array of disks associated with this instance. Persistent disks must be created before you can assign them.",
+          "items": {
+            "$ref": "AttachedDisk"
+          },
+          "type": "array"
+        },
+        "guestAccelerators": {
+          "description": "List of the type and count of accelerator cards attached to the instance.",
+          "items": {
+            "$ref": "AcceleratorConfig"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#instance",
+          "description": "[Output Only] Type of the resource. Always compute#instance for instances.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.\n\nTo see the latest fingerprint, make get() request to the instance.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this instance. These can be later modified by the setLabels method.",
+          "type": "object"
+        },
+        "machineType": {
+          "annotations": {
+            "required": [
+              "compute.instances.insert"
+            ]
+          },
+          "description": "Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:\nzones/us-central1-f/machineTypes/n1-standard-1\n\n\nTo create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):\nzones/zone/machineTypes/custom-CPUS-MEMORY\n\n\nFor example: zones/us-central1-f/machineTypes/custom-4-5120 \n\nFor a full list of restrictions, read the Specifications for custom machine types.",
+          "type": "string"
+        },
+        "metadata": {
+          "$ref": "Metadata",
+          "description": "The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys."
+        },
+        "minCpuPlatform": {
+          "description": "Specifies a minimum CPU platform for the VM instance. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\".",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.instances.insert"
+            ]
+          },
+          "description": "The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "networkInterfaces": {
+          "description": "An array of network configurations for this instance. These specify how interfaces are configured to interact with other network services, such as connecting to the internet. Multiple interfaces are supported per instance.",
+          "items": {
+            "$ref": "NetworkInterface"
+          },
+          "type": "array"
+        },
+        "scheduling": {
+          "$ref": "Scheduling",
+          "description": "Sets the scheduling options for this instance."
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "serviceAccounts": {
+          "description": "A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.\n\nService accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.",
+          "items": {
+            "$ref": "ServiceAccount"
+          },
+          "type": "array"
+        },
+        "startRestricted": {
+          "description": "[Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.",
+          "type": "boolean"
+        },
+        "status": {
+          "description": "[Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, STOPPED, SUSPENDING, SUSPENDED, and TERMINATED.",
+          "enum": [
+            "PROVISIONING",
+            "RUNNING",
+            "STAGING",
+            "STOPPED",
+            "STOPPING",
+            "SUSPENDED",
+            "SUSPENDING",
+            "TERMINATED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "statusMessage": {
+          "description": "[Output Only] An optional, human-readable explanation of the status.",
+          "type": "string"
+        },
+        "tags": {
+          "$ref": "Tags",
+          "description": "A list of tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035."
+        },
+        "zone": {
+          "description": "[Output Only] URL of the zone where the instance resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceAggregatedList": {
+      "id": "InstanceAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "InstancesScopedList",
+            "description": "[Output Only] Name of the scope containing this set of instances."
+          },
+          "description": "A list of InstancesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#instanceAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#instanceAggregatedList for aggregated lists of Instance resources.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroup": {
+      "description": "InstanceGroups (== resource_for beta.instanceGroups ==) (== resource_for v1.instanceGroups ==) (== resource_for beta.regionInstanceGroups ==) (== resource_for v1.regionInstanceGroups ==)",
+      "id": "InstanceGroup",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] The creation timestamp for this instance group in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "fingerprint": {
+          "description": "[Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.",
+          "format": "byte",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] A unique identifier for this instance group, generated by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#instanceGroup",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroup for instance groups.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.instanceGroupManagers.insert"
+            ]
+          },
+          "description": "The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "namedPorts": {
+          "description": "Assigns a name to a port number. For example: {name: \"http\", port: 80}\n\nThis allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: \"http\", port: 80},{name: \"http\", port: 8080}] \n\nNamed ports apply to all instances in this instance group.",
+          "items": {
+            "$ref": "NamedPort"
+          },
+          "type": "array"
+        },
+        "network": {
+          "description": "The URL of the network to which all instances in the instance group belong.",
+          "type": "string"
+        },
+        "region": {
+          "description": "The URL of the region where the instance group is located (for regional resources).",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] The URL for this instance group. The server generates this URL.",
+          "type": "string"
+        },
+        "size": {
+          "description": "[Output Only] The total number of instances in the instance group.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "subnetwork": {
+          "description": "The URL of the subnetwork to which all instances in the instance group belong.",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] The URL of the zone where the instance group is located (for zonal resources).",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupAggregatedList": {
+      "id": "InstanceGroupAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "InstanceGroupsScopedList",
+            "description": "The name of the scope that contains this set of instance groups."
+          },
+          "description": "A list of InstanceGroupsScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#instanceGroupAggregatedList",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupAggregatedList for aggregated lists of instance groups.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupList": {
+      "description": "A list of InstanceGroup resources.",
+      "id": "InstanceGroupList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceGroup resources.",
+          "items": {
+            "$ref": "InstanceGroup"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#instanceGroupList",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupList for instance group lists.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManager": {
+      "description": "An Instance Group Manager resource. (== resource_for beta.instanceGroupManagers ==) (== resource_for v1.instanceGroupManagers ==) (== resource_for beta.regionInstanceGroupManagers ==) (== resource_for v1.regionInstanceGroupManagers ==)",
+      "id": "InstanceGroupManager",
+      "properties": {
+        "autoHealingPolicies": {
+          "description": "The autohealing policy for this managed instance group. You can specify only one value.",
+          "items": {
+            "$ref": "InstanceGroupManagerAutoHealingPolicy"
+          },
+          "type": "array"
+        },
+        "baseInstanceName": {
+          "annotations": {
+            "required": [
+              "compute.instanceGroupManagers.insert"
+            ]
+          },
+          "description": "The base instance name to use for instances in this group. The value must be 1-58 characters long. Instances are named by appending a hyphen and a random four-character string to the base instance name. The base instance name must comply with RFC1035.",
+          "pattern": "[a-z][-a-z0-9]{0,57}",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] The creation timestamp for this managed instance group in RFC3339 text format.",
+          "type": "string"
+        },
+        "currentActions": {
+          "$ref": "InstanceGroupManagerActionsSummary",
+          "description": "[Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions."
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "distributionPolicy": {
+          "$ref": "DistributionPolicy",
+          "description": "Policy valid only for regional managed instance groups."
+        },
+        "failoverAction": {
+          "description": "The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.",
+          "enum": [
+            "NO_FAILOVER",
+            "UNKNOWN"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "fingerprint": {
+          "description": "[Output Only] The fingerprint of the resource data. You can use this optional field for optimistic locking when you update the resource.",
+          "format": "byte",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] A unique identifier for this resource type. The server generates this identifier.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "instanceGroup": {
+          "description": "[Output Only] The URL of the Instance Group resource.",
+          "type": "string"
+        },
+        "instanceTemplate": {
+          "description": "The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group.",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#instanceGroupManager",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.instanceGroupManagers.insert",
+              "compute.regionInstanceGroupManagers.insert"
+            ]
+          },
+          "description": "The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "namedPorts": {
+          "description": "Named ports configured for the Instance Groups complementary to this Instance Group Manager.",
+          "items": {
+            "$ref": "NamedPort"
+          },
+          "type": "array"
+        },
+        "pendingActions": {
+          "$ref": "InstanceGroupManagerPendingActionsSummary",
+          "description": "[Output Only] The list of instance actions and the number of instances in this managed instance group that are pending for each of those actions."
+        },
+        "region": {
+          "description": "[Output Only] The URL of the region where the managed instance group resides (for regional resources).",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] The URL for this managed instance group. The server defines this URL.",
+          "type": "string"
+        },
+        "serviceAccount": {
+          "description": "[Output Only] The service account to be used as credentials for all operations performed by the managed instance group on instances. The service accounts needs all permissions required to create and delete instances. By default, the service account {projectNumber}@cloudservices.gserviceaccount.com is used.",
+          "type": "string"
+        },
+        "targetPools": {
+          "description": "The URLs for all TargetPool resources to which instances in the instanceGroup field are added. The target pools automatically apply to all of the instances in the managed instance group.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "targetSize": {
+          "annotations": {
+            "required": [
+              "compute.instanceGroupManagers.insert",
+              "compute.regionInstanceGroupManagers.insert"
+            ]
+          },
+          "description": "The target number of running instances for this managed instance group. Deleting or abandoning instances reduces this number. Resizing the group changes this number.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "updatePolicy": {
+          "$ref": "InstanceGroupManagerUpdatePolicy",
+          "description": "The update policy for this managed instance group."
+        },
+        "versions": {
+          "description": "Specifies the instance templates used by this managed instance group to create instances.\n\nEach version is defined by an instanceTemplate. Every template can appear at most once per instance group. This field overrides the top-level instanceTemplate field. Read more about the relationships between these fields. Exactly one version must leave the targetSize field unset. That version will be applied to all remaining instances. For more information, read about canary updates.",
+          "items": {
+            "$ref": "InstanceGroupManagerVersion"
+          },
+          "type": "array"
+        },
+        "zone": {
+          "description": "[Output Only] The URL of the zone where the managed instance group is located (for zonal resources).",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagerActionsSummary": {
+      "id": "InstanceGroupManagerActionsSummary",
+      "properties": {
+        "abandoning": {
+          "description": "[Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "creating": {
+          "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.\n\nIf you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "creatingWithoutRetries": {
+          "description": "[Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "deleting": {
+          "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "none": {
+          "description": "[Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "recreating": {
+          "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be recreated or are currently being being recreated. Recreating an instance deletes the existing root persistent disk and creates a new disk from the image that is defined in the instance template.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "refreshing": {
+          "description": "[Output Only] The number of instances in the managed instance group that are being reconfigured with properties that do not require a restart or a recreate action. For example, setting or removing target pools for the instance.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "restarting": {
+          "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be restarted or are currently being restarted.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "verifying": {
+          "description": "[Output Only] The number of instances in the managed instance group that are being verified. See the managedInstances[].currentAction property in the listManagedInstances method documentation.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagerAggregatedList": {
+      "id": "InstanceGroupManagerAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "InstanceGroupManagersScopedList",
+            "description": "[Output Only] The name of the scope that contains this set of managed instance groups."
+          },
+          "description": "A list of InstanceGroupManagersScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#instanceGroupManagerAggregatedList",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupManagerAggregatedList for an aggregated list of managed instance groups.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagerAutoHealingPolicy": {
+      "id": "InstanceGroupManagerAutoHealingPolicy",
+      "properties": {
+        "healthCheck": {
+          "description": "The URL for the health check that signals autohealing.",
+          "type": "string"
+        },
+        "initialDelaySec": {
+          "description": "The number of seconds that the managed instance group waits before it applies autohealing policies to new instances or recently recreated instances. This initial delay allows instances to initialize and run their startup scripts before the instance group determines that they are UNHEALTHY. This prevents the managed instance group from recreating its instances prematurely. This value must be from range [0, 3600].",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagerList": {
+      "description": "[Output Only] A list of managed instance groups.",
+      "id": "InstanceGroupManagerList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceGroupManager resources.",
+          "items": {
+            "$ref": "InstanceGroupManager"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#instanceGroupManagerList",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupManagerList for a list of managed instance groups.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagerPendingActionsSummary": {
+      "id": "InstanceGroupManagerPendingActionsSummary",
+      "properties": {
+        "creating": {
+          "description": "[Output Only] The number of instances in the managed instance group that are pending to be created.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "deleting": {
+          "description": "[Output Only] The number of instances in the managed instance group that are pending to be deleted.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "recreating": {
+          "description": "[Output Only] The number of instances in the managed instance group that are pending to be recreated.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "restarting": {
+          "description": "[Output Only] The number of instances in the managed instance group that are pending to be restarted.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagerUpdatePolicy": {
+      "id": "InstanceGroupManagerUpdatePolicy",
+      "properties": {
+        "maxSurge": {
+          "$ref": "FixedOrPercent",
+          "description": "The maximum number of instances that can be created above the specified targetSize during the update process. By default, a fixed value of 1 is used. This value can be either a fixed number or a percentage if the instance group has 10 or more instances. If you set a percentage, the number of instances will be rounded up if necessary.\n\nAt least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge."
+        },
+        "maxUnavailable": {
+          "$ref": "FixedOrPercent",
+          "description": "The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied:\n\n \n- The instance's status is RUNNING. \n- If there is a health check on the instance group, the instance's liveness health check result must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available.  By default, a fixed value of 1 is used. This value can be either a fixed number or a percentage if the instance group has 10 or more instances. If you set a percentage, the number of instances will be rounded up if necessary.\n\nAt least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable."
+        },
+        "minReadySec": {
+          "description": "Minimum number of seconds to wait for after a newly created instance becomes available. This value must be from range [0, 3600].",
+          "format": "int32",
+          "type": "integer"
+        },
+        "minimalAction": {
+          "description": "Minimal action to be taken on an instance. You can specify either RESTART to restart existing instances or REPLACE to delete and create new instances from the target template. If you specify a code\u003eRESTART, the Updater will attempt to perform that action only. However, if the Updater determines that the minimal action you specify is not enough to perform the update, it might perform a more disruptive action.",
+          "enum": [
+            "REPLACE",
+            "RESTART"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "type": {
+          "enum": [
+            "OPPORTUNISTIC",
+            "PROACTIVE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagerVersion": {
+      "id": "InstanceGroupManagerVersion",
+      "properties": {
+        "instanceTemplate": {
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the version. Unique among all versions in the scope of this managed instance group.",
+          "type": "string"
+        },
+        "targetSize": {
+          "$ref": "FixedOrPercent",
+          "description": "Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to:  \n- If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. \n- if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded up.  If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information."
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersAbandonInstancesRequest": {
+      "id": "InstanceGroupManagersAbandonInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The URLs of one or more instances to abandon. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersDeleteInstancesRequest": {
+      "id": "InstanceGroupManagersDeleteInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The URLs of one or more instances to delete. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersListManagedInstancesResponse": {
+      "id": "InstanceGroupManagersListManagedInstancesResponse",
+      "properties": {
+        "managedInstances": {
+          "description": "[Output Only] The list of instances in the managed instance group.",
+          "items": {
+            "$ref": "ManagedInstance"
+          },
+          "type": "array"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersRecreateInstancesRequest": {
+      "id": "InstanceGroupManagersRecreateInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The URLs of one or more instances to recreate. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersResizeAdvancedRequest": {
+      "id": "InstanceGroupManagersResizeAdvancedRequest",
+      "properties": {
+        "noCreationRetries": {
+          "description": "If this flag is true, the managed instance group attempts to create all instances initiated by this resize request only once. If there is an error during creation, the managed instance group does not retry create this instance, and we will decrease the targetSize of the request instead. If the flag is false, the group attemps to recreate each instance continuously until it succeeds.\n\nThis flag matters only in the first attempt of creation of an instance. After an instance is successfully created while this flag is enabled, the instance behaves the same way as all the other instances created with a regular resize request. In particular, if a running instance dies unexpectedly at a later time and needs to be recreated, this mode does not affect the recreation behavior in that scenario.\n\nThis flag is applicable only to the current resize request. It does not influence other resize requests in any way.\n\nYou can see which instances is being creating in which mode by calling the get or listManagedInstances API.",
+          "type": "boolean"
+        },
+        "targetSize": {
+          "description": "The number of running instances that the managed instance group should maintain at any given time. The group automatically adds or removes instances to maintain the number of instances specified by this parameter.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersScopedList": {
+      "id": "InstanceGroupManagersScopedList",
+      "properties": {
+        "instanceGroupManagers": {
+          "description": "[Output Only] The list of managed instance groups that are contained in the specified project and zone.",
+          "items": {
+            "$ref": "InstanceGroupManager"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] The warning that replaces the list of managed instance groups when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersSetAutoHealingRequest": {
+      "id": "InstanceGroupManagersSetAutoHealingRequest",
+      "properties": {
+        "autoHealingPolicies": {
+          "items": {
+            "$ref": "InstanceGroupManagerAutoHealingPolicy"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersSetInstanceTemplateRequest": {
+      "id": "InstanceGroupManagersSetInstanceTemplateRequest",
+      "properties": {
+        "instanceTemplate": {
+          "description": "The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupManagersSetTargetPoolsRequest": {
+      "id": "InstanceGroupManagersSetTargetPoolsRequest",
+      "properties": {
+        "fingerprint": {
+          "description": "The fingerprint of the target pools information. Use this optional property to prevent conflicts when multiple users change the target pools settings concurrently. Obtain the fingerprint with the instanceGroupManagers.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.",
+          "format": "byte",
+          "type": "string"
+        },
+        "targetPools": {
+          "description": "The list of target pool URLs that instances in this managed instance group belong to. The managed instance group applies these target pools to all of the instances in the group. Existing instances and new instances in the group all receive these target pool settings.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupsAddInstancesRequest": {
+      "id": "InstanceGroupsAddInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The list of instances to add to the instance group.",
+          "items": {
+            "$ref": "InstanceReference"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupsListInstances": {
+      "id": "InstanceGroupsListInstances",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceWithNamedPorts resources.",
+          "items": {
+            "$ref": "InstanceWithNamedPorts"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#instanceGroupsListInstances",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupsListInstances for the list of instances in the specified instance group.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupsListInstancesRequest": {
+      "id": "InstanceGroupsListInstancesRequest",
+      "properties": {
+        "instanceState": {
+          "description": "A filter for the state of the instances in the instance group. Valid options are ALL or RUNNING. If you do not specify this parameter the list includes all instances regardless of their state.",
+          "enum": [
+            "ALL",
+            "RUNNING"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupsRemoveInstancesRequest": {
+      "id": "InstanceGroupsRemoveInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The list of instances to remove from the instance group.",
+          "items": {
+            "$ref": "InstanceReference"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupsScopedList": {
+      "id": "InstanceGroupsScopedList",
+      "properties": {
+        "instanceGroups": {
+          "description": "[Output Only] The list of instance groups that are contained in this scope.",
+          "items": {
+            "$ref": "InstanceGroup"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] An informational warning that replaces the list of instance groups when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceGroupsSetNamedPortsRequest": {
+      "id": "InstanceGroupsSetNamedPortsRequest",
+      "properties": {
+        "fingerprint": {
+          "description": "The fingerprint of the named ports information for this instance group. Use this optional property to prevent conflicts when multiple users change the named ports settings concurrently. Obtain the fingerprint with the instanceGroups.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.",
+          "format": "byte",
+          "type": "string"
+        },
+        "namedPorts": {
+          "description": "The list of named ports to set for this instance group.",
+          "items": {
+            "$ref": "NamedPort"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceList": {
+      "description": "Contains a list of instances.",
+      "id": "InstanceList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Instance resources.",
+          "items": {
+            "$ref": "Instance"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#instanceList",
+          "description": "[Output Only] Type of resource. Always compute#instanceList for lists of Instance resources.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceListReferrers": {
+      "description": "Contains a list of instance referrers.",
+      "id": "InstanceListReferrers",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Reference resources.",
+          "items": {
+            "$ref": "Reference"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#instanceListReferrers",
+          "description": "[Output Only] Type of resource. Always compute#instanceListReferrers for lists of Instance referrers.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceMoveRequest": {
+      "id": "InstanceMoveRequest",
+      "properties": {
+        "destinationZone": {
+          "description": "The URL of the destination zone to move the instance. This can be a full or partial URL. For example, the following are all valid URLs to a zone:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone \n- projects/project/zones/zone \n- zones/zone",
+          "type": "string"
+        },
+        "targetInstance": {
+          "description": "The URL of the target instance to move. This can be a full or partial URL. For example, the following are all valid URLs to an instance:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance \n- projects/project/zones/zone/instances/instance \n- zones/zone/instances/instance",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceProperties": {
+      "description": "",
+      "id": "InstanceProperties",
+      "properties": {
+        "canIpForward": {
+          "description": "Enables instances created based on this template to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.",
+          "type": "boolean"
+        },
+        "description": {
+          "description": "An optional text description for the instances that are created from this instance template.",
+          "type": "string"
+        },
+        "disks": {
+          "description": "An array of disks that are associated with the instances that are created from this template.",
+          "items": {
+            "$ref": "AttachedDisk"
+          },
+          "type": "array"
+        },
+        "guestAccelerators": {
+          "description": "A list of guest accelerator cards' type and count to use for instances created from the instance template.",
+          "items": {
+            "$ref": "AcceleratorConfig"
+          },
+          "type": "array"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to instances that are created from this template.",
+          "type": "object"
+        },
+        "machineType": {
+          "annotations": {
+            "required": [
+              "compute.instanceTemplates.insert"
+            ]
+          },
+          "description": "The machine type to use for instances that are created from this template.",
+          "type": "string"
+        },
+        "metadata": {
+          "$ref": "Metadata",
+          "description": "The metadata key/value pairs to assign to instances that are created from this template. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information."
+        },
+        "minCpuPlatform": {
+          "description": "Minimum cpu/platform to be used by this instance. The instance may be scheduled on the specified or newer cpu/platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\". For more information, read Specifying a Minimum CPU Platform.",
+          "type": "string"
+        },
+        "networkInterfaces": {
+          "description": "An array of network access configurations for this interface.",
+          "items": {
+            "$ref": "NetworkInterface"
+          },
+          "type": "array"
+        },
+        "scheduling": {
+          "$ref": "Scheduling",
+          "description": "Specifies the scheduling options for the instances that are created from this template."
+        },
+        "serviceAccounts": {
+          "description": "A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from this template. Use metadata queries to obtain the access tokens for these instances.",
+          "items": {
+            "$ref": "ServiceAccount"
+          },
+          "type": "array"
+        },
+        "tags": {
+          "$ref": "Tags",
+          "description": "A list of tags to apply to the instances that are created from this template. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035."
+        }
+      },
+      "type": "object"
+    },
+    "InstanceReference": {
+      "id": "InstanceReference",
+      "properties": {
+        "instance": {
+          "description": "The URL for a specific instance.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceTemplate": {
+      "description": "An Instance Template resource. (== resource_for beta.instanceTemplates ==) (== resource_for v1.instanceTemplates ==)",
+      "id": "InstanceTemplate",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] The creation timestamp for this instance template in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] A unique identifier for this instance template. The server defines this identifier.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#instanceTemplate",
+          "description": "[Output Only] The resource type, which is always compute#instanceTemplate for instance templates.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.instanceTemplates.insert"
+            ]
+          },
+          "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "properties": {
+          "$ref": "InstanceProperties",
+          "description": "The instance properties for this instance template."
+        },
+        "selfLink": {
+          "description": "[Output Only] The URL for this instance template. The server defines this URL.",
+          "type": "string"
+        },
+        "sourceInstance": {
+          "description": "The source instance used to create the template. You can provide this as a partial or full URL to the resource. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance \n- projects/project/zones/zone/instances/instance",
+          "type": "string"
+        },
+        "sourceInstanceParams": {
+          "$ref": "SourceInstanceParams",
+          "description": "The source instance params to use to create this instance template."
+        }
+      },
+      "type": "object"
+    },
+    "InstanceTemplateList": {
+      "description": "A list of instance templates.",
+      "id": "InstanceTemplateList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceTemplate resources.",
+          "items": {
+            "$ref": "InstanceTemplate"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#instanceTemplateList",
+          "description": "[Output Only] The resource type, which is always compute#instanceTemplatesListResponse for instance template lists.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstanceWithNamedPorts": {
+      "id": "InstanceWithNamedPorts",
+      "properties": {
+        "instance": {
+          "description": "[Output Only] The URL of the instance.",
+          "type": "string"
+        },
+        "namedPorts": {
+          "description": "[Output Only] The named ports that belong to this instance group.",
+          "items": {
+            "$ref": "NamedPort"
+          },
+          "type": "array"
+        },
+        "status": {
+          "description": "[Output Only] The status of the instance.",
+          "enum": [
+            "PROVISIONING",
+            "RUNNING",
+            "STAGING",
+            "STOPPED",
+            "STOPPING",
+            "SUSPENDED",
+            "SUSPENDING",
+            "TERMINATED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstancesScopedList": {
+      "id": "InstancesScopedList",
+      "properties": {
+        "instances": {
+          "description": "[Output Only] List of instances contained in this scope.",
+          "items": {
+            "$ref": "Instance"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of instances when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstancesSetLabelsRequest": {
+      "id": "InstancesSetLabelsRequest",
+      "properties": {
+        "labelFingerprint": {
+          "description": "Fingerprint of the previous set of labels for this resource, used to prevent conflicts. Provide the latest fingerprint value when making a request to add or change labels.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InstancesSetMachineResourcesRequest": {
+      "id": "InstancesSetMachineResourcesRequest",
+      "properties": {
+        "guestAccelerators": {
+          "description": "List of the type and count of accelerator cards attached to the instance.",
+          "items": {
+            "$ref": "AcceleratorConfig"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstancesSetMachineTypeRequest": {
+      "id": "InstancesSetMachineTypeRequest",
+      "properties": {
+        "machineType": {
+          "description": "Full or partial URL of the machine type resource. See Machine Types for a full list of machine types. For example: zones/us-central1-f/machineTypes/n1-standard-1",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstancesSetMinCpuPlatformRequest": {
+      "id": "InstancesSetMinCpuPlatformRequest",
+      "properties": {
+        "minCpuPlatform": {
+          "description": "Minimum cpu/platform this instance should be started at.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InstancesSetServiceAccountRequest": {
+      "id": "InstancesSetServiceAccountRequest",
+      "properties": {
+        "email": {
+          "description": "Email address of the service account.",
+          "type": "string"
+        },
+        "scopes": {
+          "description": "The list of scopes to be made available for this service account.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "InstancesStartWithEncryptionKeyRequest": {
+      "id": "InstancesStartWithEncryptionKeyRequest",
+      "properties": {
+        "disks": {
+          "description": "Array of disks associated with this instance that are protected with a customer-supplied encryption key.\n\nIn order to start the instance, the disk url and its corresponding key must be provided.\n\nIf the disk is not protected with a customer-supplied encryption key it should not be specified.",
+          "items": {
+            "$ref": "CustomerEncryptionKeyProtectedDisk"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "Interconnect": {
+      "description": "Represents an Interconnects resource. The Interconnects resource is a dedicated connection between Google's network and your on-premises network. For more information, see the  Dedicated overview page. (== resource_for v1.interconnects ==) (== resource_for beta.interconnects ==)",
+      "id": "Interconnect",
+      "properties": {
+        "adminEnabled": {
+          "description": "Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true.",
+          "type": "boolean"
+        },
+        "circuitInfos": {
+          "description": "[Output Only] List of CircuitInfo objects, that describe the individual circuits in this LAG.",
+          "items": {
+            "$ref": "InterconnectCircuitInfo"
+          },
+          "type": "array"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "customerName": {
+          "description": "Customer name, to put in the Letter of Authorization as the party authorized to request a crossconnect.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "expectedOutages": {
+          "description": "[Output Only] List of outages expected for this Interconnect.",
+          "items": {
+            "$ref": "InterconnectOutageNotification"
+          },
+          "type": "array"
+        },
+        "googleIpAddress": {
+          "description": "[Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests.",
+          "type": "string"
+        },
+        "googleReferenceId": {
+          "description": "[Output Only] Google reference ID; to be used when raising support tickets with Google or otherwise to debug backend connectivity issues.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "interconnectAttachments": {
+          "description": "[Output Only] A list of the URLs of all InterconnectAttachments configured to use this Interconnect.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "interconnectType": {
+          "description": "Type of interconnect. Note that \"IT_PRIVATE\" has been deprecated in favor of \"DEDICATED\"",
+          "enum": [
+            "DEDICATED",
+            "IT_PRIVATE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#interconnect",
+          "description": "[Output Only] Type of the resource. Always compute#interconnect for interconnects.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an Interconnect.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this Interconnect resource. These can be later modified by the setLabels method. Each label key/value must comply with RFC1035. Label values may be empty.",
+          "type": "object"
+        },
+        "linkType": {
+          "description": "Type of link requested. This field indicates speed of each of the links in the bundle, not the entire bundle. Only 10G per link is allowed for a dedicated interconnect. Options: Ethernet_10G_LR",
+          "enum": [
+            "LINK_TYPE_ETHERNET_10G_LR"
+          ],
+          "enumDescriptions": [
+            ""
+          ],
+          "type": "string"
+        },
+        "location": {
+          "description": "URL of the InterconnectLocation object that represents where this connection is to be provisioned.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.interconnects.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "nocContactEmail": {
+          "description": "Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Stackdriver logs alerting and Cloud Notifications.",
+          "type": "string"
+        },
+        "operationalStatus": {
+          "description": "[Output Only] The current status of whether or not this Interconnect is functional.",
+          "enum": [
+            "OS_ACTIVE",
+            "OS_UNPROVISIONED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "peerIpAddress": {
+          "description": "[Output Only] IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests.",
+          "type": "string"
+        },
+        "provisionedLinkCount": {
+          "description": "[Output Only] Number of links actually provisioned in this interconnect.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "requestedLinkCount": {
+          "description": "Target number of physical links in the link bundle, as requested by the customer.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectAttachment": {
+      "description": "Represents an InterconnectAttachment (VLAN attachment) resource. For more information, see  Creating VLAN Attachments. (== resource_for beta.interconnectAttachments ==) (== resource_for v1.interconnectAttachments ==)",
+      "id": "InterconnectAttachment",
+      "properties": {
+        "adminEnabled": {
+          "description": "Determines whether this Attachment will carry packets. Not present for PARTNER_PROVIDER.",
+          "type": "boolean"
+        },
+        "candidateSubnets": {
+          "description": "Up to 16 candidate prefixes that can be used to restrict the allocation of cloudRouterIpAddress and customerRouterIpAddress for this attachment. All prefixes must be within link-local address space (169.254.0.0/16) and must be /29 or shorter (/28, /27, etc). Google will attempt to select an unused /29 from the supplied candidate prefix(es). The request will fail if all possible /29s are in use on Google?s edge. If not supplied, Google will randomly select an unused /29 from all of link-local space.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "cloudRouterIpAddress": {
+          "description": "[Output Only] IPv4 address + prefix length to be configured on Cloud Router Interface for this interconnect attachment.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "customerRouterIpAddress": {
+          "description": "[Output Only] IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource.",
+          "type": "string"
+        },
+        "googleReferenceId": {
+          "description": "[Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "interconnect": {
+          "description": "URL of the underlying Interconnect object that this attachment's traffic will traverse through.",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#interconnectAttachment",
+          "description": "[Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this InterconnectAttachment, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an InterconnectAttachment.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this InterconnectAttachment resource. These can be later modified by the setLabels method. Each label key/value must comply with RFC1035. Label values may be empty.",
+          "type": "object"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "operationalStatus": {
+          "description": "[Output Only] The current status of whether or not this interconnect attachment is functional.",
+          "enum": [
+            "OS_ACTIVE",
+            "OS_UNPROVISIONED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "privateInterconnectInfo": {
+          "$ref": "InterconnectAttachmentPrivateInfo",
+          "description": "[Output Only] Information specific to an InterconnectAttachment. This property is populated if the interconnect that this is attached to is of type DEDICATED."
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the regional interconnect attachment resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "router": {
+          "description": "URL of the cloud router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network \u0026 region within which the Cloud Router is configured.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "type": {
+          "enum": [
+            "DEDICATED"
+          ],
+          "enumDescriptions": [
+            ""
+          ],
+          "type": "string"
+        },
+        "vlanTag8021q": {
+          "description": "Available only for DEDICATED and PARTNER_PROVIDER. Desired VLAN tag for this attachment, in the range 2-4094. This field refers to 802.1q VLAN tag, also known as IEEE 802.1Q Only specified at creation time.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectAttachmentAggregatedList": {
+      "id": "InterconnectAttachmentAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "InterconnectAttachmentsScopedList",
+            "description": "Name of the scope containing this set of interconnect attachments."
+          },
+          "description": "A list of InterconnectAttachmentsScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#interconnectAttachmentAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#interconnectAttachmentAggregatedList for aggregated lists of interconnect attachments.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectAttachmentList": {
+      "description": "Response to the list request, and contains a list of interconnect attachments.",
+      "id": "InterconnectAttachmentList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InterconnectAttachment resources.",
+          "items": {
+            "$ref": "InterconnectAttachment"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#interconnectAttachmentList",
+          "description": "[Output Only] Type of resource. Always compute#interconnectAttachmentList for lists of interconnect attachments.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectAttachmentPrivateInfo": {
+      "description": "Information for an interconnect attachment when this belongs to an interconnect of type DEDICATED.",
+      "id": "InterconnectAttachmentPrivateInfo",
+      "properties": {
+        "tag8021q": {
+          "description": "[Output Only] 802.1q encapsulation tag to be used for traffic between Google and the customer, going to and from this network and region.",
+          "format": "uint32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectAttachmentsScopedList": {
+      "id": "InterconnectAttachmentsScopedList",
+      "properties": {
+        "interconnectAttachments": {
+          "description": "List of interconnect attachments contained in this scope.",
+          "items": {
+            "$ref": "InterconnectAttachment"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of addresses when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectCircuitInfo": {
+      "description": "Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only. Next id: 4",
+      "id": "InterconnectCircuitInfo",
+      "properties": {
+        "customerDemarcId": {
+          "description": "Customer-side demarc ID for this circuit.",
+          "type": "string"
+        },
+        "googleCircuitId": {
+          "description": "Google-assigned unique ID for this circuit. Assigned at circuit turn-up.",
+          "type": "string"
+        },
+        "googleDemarcId": {
+          "description": "Google-side demarc ID for this circuit. Assigned at circuit turn-up and provided by Google to the customer in the LOA.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectList": {
+      "description": "Response to the list request, and contains a list of interconnects.",
+      "id": "InterconnectList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Interconnect resources.",
+          "items": {
+            "$ref": "Interconnect"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#interconnectList",
+          "description": "[Output Only] Type of resource. Always compute#interconnectList for lists of interconnects.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectLocation": {
+      "description": "Represents an InterconnectLocations resource. The InterconnectLocations resource describes the locations where you can connect to Google's networks. For more information, see  Colocation Facilities.",
+      "id": "InterconnectLocation",
+      "properties": {
+        "address": {
+          "description": "[Output Only] The postal address of the Point of Presence, each line in the address is separated by a newline character.",
+          "type": "string"
+        },
+        "availabilityZone": {
+          "description": "[Output Only] Availability zone for this location. Within a metropolitan area (metro), maintenance will not be simultaneously scheduled in more than one availability zone. Example: \"zone1\" or \"zone2\".",
+          "type": "string"
+        },
+        "city": {
+          "description": "[Output Only] Metropolitan area designator that indicates which city an interconnect is located. For example: \"Chicago, IL\", \"Amsterdam, Netherlands\".",
+          "type": "string"
+        },
+        "continent": {
+          "description": "[Output Only] Continent for this location.",
+          "enum": [
+            "AFRICA",
+            "ASIA_PAC",
+            "C_AFRICA",
+            "C_ASIA_PAC",
+            "C_EUROPE",
+            "C_NORTH_AMERICA",
+            "C_SOUTH_AMERICA",
+            "EUROPE",
+            "NORTH_AMERICA",
+            "SOUTH_AMERICA"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "[Output Only] An optional description of the resource.",
+          "type": "string"
+        },
+        "facilityProvider": {
+          "description": "[Output Only] The name of the provider for this facility (e.g., EQUINIX).",
+          "type": "string"
+        },
+        "facilityProviderFacilityId": {
+          "description": "[Output Only] A provider-assigned Identifier for this facility (e.g., Ashburn-DC1).",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#interconnectLocation",
+          "description": "[Output Only] Type of the resource. Always compute#interconnectLocation for interconnect locations.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "type": "string"
+        },
+        "peeringdbFacilityId": {
+          "description": "[Output Only] The peeringdb identifier for this facility (corresponding with a netfac type in peeringdb).",
+          "type": "string"
+        },
+        "regionInfos": {
+          "description": "[Output Only] A list of InterconnectLocation.RegionInfo objects, that describe parameters pertaining to the relation between this InterconnectLocation and various Google Cloud regions.",
+          "items": {
+            "$ref": "InterconnectLocationRegionInfo"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectLocationList": {
+      "description": "Response to the list request, and contains a list of interconnect locations.",
+      "id": "InterconnectLocationList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InterconnectLocation resources.",
+          "items": {
+            "$ref": "InterconnectLocation"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#interconnectLocationList",
+          "description": "[Output Only] Type of resource. Always compute#interconnectLocationList for lists of interconnect locations.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectLocationRegionInfo": {
+      "description": "Information about any potential InterconnectAttachments between an Interconnect at a specific InterconnectLocation, and a specific Cloud Region.",
+      "id": "InterconnectLocationRegionInfo",
+      "properties": {
+        "expectedRttMs": {
+          "description": "Expected round-trip time in milliseconds, from this InterconnectLocation to a VM in this region.",
+          "format": "int64",
+          "type": "string"
+        },
+        "locationPresence": {
+          "description": "Identifies the network presence of this location.",
+          "enum": [
+            "GLOBAL",
+            "LOCAL_REGION",
+            "LP_GLOBAL",
+            "LP_LOCAL_REGION"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "region": {
+          "description": "URL for the region of this location.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "InterconnectOutageNotification": {
+      "description": "Description of a planned outage on this Interconnect. Next id: 9",
+      "id": "InterconnectOutageNotification",
+      "properties": {
+        "affectedCircuits": {
+          "description": "Iff issue_type is IT_PARTIAL_OUTAGE, a list of the Google-side circuit IDs that will be affected.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "description": {
+          "description": "A description about the purpose of the outage.",
+          "type": "string"
+        },
+        "endTime": {
+          "description": "Scheduled end time for the outage (milliseconds since Unix epoch).",
+          "format": "int64",
+          "type": "string"
+        },
+        "issueType": {
+          "description": "Form this outage is expected to take. Note that the \"IT_\" versions of this enum have been deprecated in favor of the unprefixed values.",
+          "enum": [
+            "IT_OUTAGE",
+            "IT_PARTIAL_OUTAGE",
+            "OUTAGE",
+            "PARTIAL_OUTAGE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "name": {
+          "description": "Unique identifier for this outage notification.",
+          "type": "string"
+        },
+        "source": {
+          "description": "The party that generated this notification. Note that \"NSRC_GOOGLE\" has been deprecated in favor of \"GOOGLE\"",
+          "enum": [
+            "GOOGLE",
+            "NSRC_GOOGLE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "startTime": {
+          "description": "Scheduled start time for the outage (milliseconds since Unix epoch).",
+          "format": "int64",
+          "type": "string"
+        },
+        "state": {
+          "description": "State of this notification. Note that the \"NS_\" versions of this enum have been deprecated in favor of the unprefixed values.",
+          "enum": [
+            "ACTIVE",
+            "CANCELLED",
+            "NS_ACTIVE",
+            "NS_CANCELED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "License": {
+      "description": "A license resource.",
+      "id": "License",
+      "properties": {
+        "chargesUseFee": {
+          "description": "[Output Only] Deprecated. This field no longer reflects whether a license charges a usage fee.",
+          "type": "boolean"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional textual description of the resource; provided by the client when the resource is created.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#license",
+          "description": "[Output Only] Type of resource. Always compute#license for licenses.",
+          "type": "string"
+        },
+        "licenseCode": {
+          "description": "[Output Only] The unique code used to attach this license to images, snapshots, and disks.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.images.insert"
+            ]
+          },
+          "description": "[Output Only] Name of the resource. The name is 1-63 characters long and complies with RFC1035.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "resourceRequirements": {
+          "$ref": "LicenseResourceRequirements"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "transferable": {
+          "description": "If false, licenses will not be copied from the source resource when creating an image from a disk, disk from snapshot, or snapshot from disk.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "LicenseCode": {
+      "id": "LicenseCode",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "[Output Only] Description of this License Code.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#licenseCode",
+          "description": "[Output Only] Type of resource. Always compute#licenseCode for licenses.",
+          "type": "string"
+        },
+        "licenseAlias": {
+          "description": "[Output Only] URL and description aliases of Licenses with the same License Code.",
+          "items": {
+            "$ref": "LicenseCodeLicenseAlias"
+          },
+          "type": "array"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.licenses.insert"
+            ]
+          },
+          "description": "[Output Only] Name of the resource. The name is 1-20 characters long and must be a valid 64 bit integer.",
+          "pattern": "[0-9]{0,20}?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "state": {
+          "description": "[Output Only] Current state of this License Code.",
+          "enum": [
+            "DISABLED",
+            "ENABLED",
+            "RESTRICTED",
+            "STATE_UNSPECIFIED",
+            "TERMINATED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "transferable": {
+          "description": "[Output Only] If true, the license will remain attached when creating images or snapshots from disks. Otherwise, the license is not transferred.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "LicenseCodeLicenseAlias": {
+      "id": "LicenseCodeLicenseAlias",
+      "properties": {
+        "description": {
+          "description": "[Output Only] Description of this License Code.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] URL of license corresponding to this License Code.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "LicenseResourceRequirements": {
+      "id": "LicenseResourceRequirements",
+      "properties": {
+        "minGuestCpuCount": {
+          "description": "Minimum number of guest cpus required to use the Instance. Enforced at Instance creation and Instance start.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "minMemoryMb": {
+          "description": "Minimum memory required to use the Instance. Enforced at Instance creation and Instance start.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "LicensesListResponse": {
+      "id": "LicensesListResponse",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of License resources.",
+          "items": {
+            "$ref": "License"
+          },
+          "type": "array"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "LogConfig": {
+      "description": "Specifies what kind of log the caller must write",
+      "id": "LogConfig",
+      "properties": {
+        "cloudAudit": {
+          "$ref": "LogConfigCloudAuditOptions",
+          "description": "Cloud audit options."
+        },
+        "counter": {
+          "$ref": "LogConfigCounterOptions",
+          "description": "Counter options."
+        },
+        "dataAccess": {
+          "$ref": "LogConfigDataAccessOptions",
+          "description": "Data access options."
+        }
+      },
+      "type": "object"
+    },
+    "LogConfigCloudAuditOptions": {
+      "description": "Write a Cloud Audit log",
+      "id": "LogConfigCloudAuditOptions",
+      "properties": {
+        "authorizationLoggingOptions": {
+          "$ref": "AuthorizationLoggingOptions",
+          "description": "Information used by the Cloud Audit Logging pipeline."
+        },
+        "logName": {
+          "description": "The log_name to populate in the Cloud Audit Record.",
+          "enum": [
+            "ADMIN_ACTIVITY",
+            "DATA_ACCESS",
+            "UNSPECIFIED_LOG_NAME"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "LogConfigCounterOptions": {
+      "description": "Increment a streamz counter with the specified metric and field names.\n\nMetric names should start with a '/', generally be lowercase-only, and end in \"_count\". Field names should not contain an initial slash. The actual exported metric names will have \"/iam/policy\" prepended.\n\nField names correspond to IAM request parameters and field values are their respective values.\n\nAt present the only supported field names are - \"iam_principal\", corresponding to IAMContext.principal; - \"\" (empty string), resulting in one aggretated counter with no field.\n\nExamples: counter { metric: \"/debug_access_count\" field: \"iam_principal\" } ==\u003e increment counter /iam/policy/backend_debug_access_count {iam_principal=[value of IAMContext.principal]}\n\nAt this time we do not support: * multiple field names (though this may be supported in the future) * decrementing the counter * incrementing it by anything other than 1",
+      "id": "LogConfigCounterOptions",
+      "properties": {
+        "field": {
+          "description": "The field value to attribute.",
+          "type": "string"
+        },
+        "metric": {
+          "description": "The metric to update.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "LogConfigDataAccessOptions": {
+      "description": "Write a Data Access (Gin) log",
+      "id": "LogConfigDataAccessOptions",
+      "properties": {
+        "logMode": {
+          "description": "Whether Gin logging should happen in a fail-closed manner at the caller. This is relevant only in the LocalIAM implementation, for now.",
+          "enum": [
+            "LOG_FAIL_CLOSED",
+            "LOG_MODE_UNSPECIFIED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "MachineType": {
+      "description": "A Machine Type resource. (== resource_for v1.machineTypes ==) (== resource_for beta.machineTypes ==)",
+      "id": "MachineType",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "deprecated": {
+          "$ref": "DeprecationStatus",
+          "description": "[Output Only] The deprecation status associated with this machine type."
+        },
+        "description": {
+          "description": "[Output Only] An optional textual description of the resource.",
+          "type": "string"
+        },
+        "guestCpus": {
+          "description": "[Output Only] The number of virtual CPUs that are available to the instance.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "isSharedCpu": {
+          "description": "[Output Only] Whether this machine type has a shared CPU. See Shared-core machine types for more information.",
+          "type": "boolean"
+        },
+        "kind": {
+          "default": "compute#machineType",
+          "description": "[Output Only] The type of the resource. Always compute#machineType for machine types.",
+          "type": "string"
+        },
+        "maximumPersistentDisks": {
+          "description": "[Output Only] Maximum persistent disks allowed.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "maximumPersistentDisksSizeGb": {
+          "description": "[Output Only] Maximum total persistent disks size (GB) allowed.",
+          "format": "int64",
+          "type": "string"
+        },
+        "memoryMb": {
+          "description": "[Output Only] The amount of physical memory available to the instance, defined in MB.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] The name of the zone where the machine type resides, such as us-central1-a.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "MachineTypeAggregatedList": {
+      "id": "MachineTypeAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "MachineTypesScopedList",
+            "description": "[Output Only] Name of the scope containing this set of machine types."
+          },
+          "description": "A list of MachineTypesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#machineTypeAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#machineTypeAggregatedList for aggregated lists of machine types.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "MachineTypeList": {
+      "description": "Contains a list of machine types.",
+      "id": "MachineTypeList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of MachineType resources.",
+          "items": {
+            "$ref": "MachineType"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#machineTypeList",
+          "description": "[Output Only] Type of resource. Always compute#machineTypeList for lists of machine types.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "MachineTypesScopedList": {
+      "id": "MachineTypesScopedList",
+      "properties": {
+        "machineTypes": {
+          "description": "[Output Only] List of machine types contained in this scope.",
+          "items": {
+            "$ref": "MachineType"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] An informational warning that appears when the machine types list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "ManagedInstance": {
+      "description": "Next available tag: 12",
+      "id": "ManagedInstance",
+      "properties": {
+        "currentAction": {
+          "description": "[Output Only] The current action that the managed instance group has scheduled for the instance. Possible values: \n- NONE The instance is running, and the managed instance group does not have any scheduled actions for this instance. \n- CREATING The managed instance group is creating this instance. If the group fails to create this instance, it will try again until it is successful. \n- CREATING_WITHOUT_RETRIES The managed instance group is attempting to create this instance only once. If the group fails to create this instance, it does not try again and the group's targetSize value is decreased instead. \n- RECREATING The managed instance group is recreating this instance. \n- DELETING The managed instance group is permanently deleting this instance. \n- ABANDONING The managed instance group is abandoning this instance. The instance will be removed from the instance group and from any target pools that are associated with this group. \n- RESTARTING The managed instance group is restarting the instance. \n- REFRESHING The managed instance group is applying configuration changes to the instance without stopping it. For example, the group can update the target pool list for an instance without stopping that instance. \n- VERIFYING The managed instance group has created the instance and it is in the process of being verified.",
+          "enum": [
+            "ABANDONING",
+            "CREATING",
+            "CREATING_WITHOUT_RETRIES",
+            "DELETING",
+            "NONE",
+            "RECREATING",
+            "REFRESHING",
+            "RESTARTING",
+            "VERIFYING"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output only] The unique identifier for this resource. This field is empty when instance does not exist.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "instance": {
+          "description": "[Output Only] The URL of the instance. The URL can exist even if the instance has not yet been created.",
+          "type": "string"
+        },
+        "instanceStatus": {
+          "description": "[Output Only] The status of the instance. This field is empty when the instance does not exist.",
+          "enum": [
+            "PROVISIONING",
+            "RUNNING",
+            "STAGING",
+            "STOPPED",
+            "STOPPING",
+            "SUSPENDED",
+            "SUSPENDING",
+            "TERMINATED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "lastAttempt": {
+          "$ref": "ManagedInstanceLastAttempt",
+          "description": "[Output Only] Information about the last attempt to create or delete the instance."
+        },
+        "version": {
+          "$ref": "ManagedInstanceVersion",
+          "description": "[Output Only] Intended version of this instance."
+        }
+      },
+      "type": "object"
+    },
+    "ManagedInstanceLastAttempt": {
+      "id": "ManagedInstanceLastAttempt",
+      "properties": {
+        "errors": {
+          "description": "[Output Only] Encountered errors during the last attempt to create or delete the instance.",
+          "properties": {
+            "errors": {
+              "description": "[Output Only] The array of errors encountered while processing this operation.",
+              "items": {
+                "properties": {
+                  "code": {
+                    "description": "[Output Only] The error type identifier for this error.",
+                    "type": "string"
+                  },
+                  "location": {
+                    "description": "[Output Only] Indicates the field in the request that caused the error. This property is optional.",
+                    "type": "string"
+                  },
+                  "message": {
+                    "description": "[Output Only] An optional, human-readable error message.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "ManagedInstanceVersion": {
+      "id": "ManagedInstanceVersion",
+      "properties": {
+        "instanceTemplate": {
+          "description": "[Output Only] The intended template of the instance. This field is empty when current_action is one of { DELETING, ABANDONING }.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] Name of the version.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Metadata": {
+      "description": "A metadata key/value entry.",
+      "id": "Metadata",
+      "properties": {
+        "fingerprint": {
+          "description": "Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.",
+          "format": "byte",
+          "type": "string"
+        },
+        "items": {
+          "description": "Array of key/value pairs. The total size of all keys and values must be less than 512 KB.",
+          "items": {
+            "properties": {
+              "key": {
+                "annotations": {
+                  "required": [
+                    "compute.instances.insert",
+                    "compute.projects.setCommonInstanceMetadata"
+                  ]
+                },
+                "description": "Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.",
+                "pattern": "[a-zA-Z0-9-_]{1,128}",
+                "type": "string"
+              },
+              "value": {
+                "annotations": {
+                  "required": [
+                    "compute.instances.insert",
+                    "compute.projects.setCommonInstanceMetadata"
+                  ]
+                },
+                "description": "Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).",
+                "type": "string"
+              }
+            },
+            "type": "object"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#metadata",
+          "description": "[Output Only] Type of the resource. Always compute#metadata for metadata.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "NamedPort": {
+      "description": "The named port. For example: .",
+      "id": "NamedPort",
+      "properties": {
+        "name": {
+          "description": "The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.",
+          "type": "string"
+        },
+        "port": {
+          "description": "The port number, which can be a value between 1 and 65535.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "Network": {
+      "description": "Represents a Network resource. Read Networks and Firewalls for more information. (== resource_for v1.networks ==) (== resource_for beta.networks ==)",
+      "id": "Network",
+      "properties": {
+        "IPv4Range": {
+          "description": "The range of internal addresses that are legal on this network. This range is a CIDR specification, for example: 192.168.0.0/16. Provided by the client when the network is created.",
+          "pattern": "[0-9]{1,3}(?:\\.[0-9]{1,3}){3}/[0-9]{1,2}",
+          "type": "string"
+        },
+        "autoCreateSubnetworks": {
+          "description": "When set to true, the network is created in \"auto subnet mode\". When set to false, the network is in \"custom subnet mode\".\n\nIn \"auto subnet mode\", a newly created network is assigned the default CIDR of 10.128.0.0/9 and it automatically creates one subnetwork per region.",
+          "type": "boolean"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "gatewayIPv4": {
+          "description": "A gateway address for default routing to other networks. This value is read only and is selected by the Google Compute Engine, typically as the first usable address in the IPv4Range.",
+          "pattern": "[0-9]{1,3}(?:\\.[0-9]{1,3}){3}",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#network",
+          "description": "[Output Only] Type of the resource. Always compute#network for networks.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.networks.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "peerings": {
+          "description": "[Output Only] List of network peerings for the resource.",
+          "items": {
+            "$ref": "NetworkPeering"
+          },
+          "type": "array"
+        },
+        "routingConfig": {
+          "$ref": "NetworkRoutingConfig",
+          "description": "The network-level routing configuration for this network. Used by Cloud Router to determine what type of network-wide routing behavior to enforce."
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "subnetworks": {
+          "description": "[Output Only] Server-defined fully-qualified URLs for all subnetworks in this network.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkInterface": {
+      "description": "A network interface resource attached to an instance.",
+      "id": "NetworkInterface",
+      "properties": {
+        "accessConfigs": {
+          "description": "An array of configurations for this interface. Currently, only one access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this instance will have no external internet access.",
+          "items": {
+            "$ref": "AccessConfig"
+          },
+          "type": "array"
+        },
+        "aliasIpRanges": {
+          "description": "An array of alias IP ranges for this network interface. Can only be specified for network interfaces on subnet-mode networks.",
+          "items": {
+            "$ref": "AliasIpRange"
+          },
+          "type": "array"
+        },
+        "fingerprint": {
+          "description": "Fingerprint hash of contents stored in this network interface. This field will be ignored when inserting an Instance or adding a NetworkInterface. An up-to-date fingerprint must be provided in order to update the NetworkInterface.",
+          "format": "byte",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#networkInterface",
+          "description": "[Output Only] Type of the resource. Always compute#networkInterface for network interfaces.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] The name of the network interface, generated by the server. For network devices, these are eth0, eth1, etc.",
+          "type": "string"
+        },
+        "network": {
+          "description": "URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.\n\nThis field is optional when creating a firewall rule. If not specified when creating a firewall rule, the default network global/networks/default is used.\n\nIf you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/project/global/networks/network \n- projects/project/global/networks/network \n- global/networks/default",
+          "type": "string"
+        },
+        "networkIP": {
+          "description": "An IPv4 internal network address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.",
+          "type": "string"
+        },
+        "subnetwork": {
+          "description": "The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not provide this property. If the network is in auto subnet mode, providing the subnetwork is optional. If the network is in custom subnet mode, then this field should be specified. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork \n- regions/region/subnetworks/subnetwork",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkList": {
+      "description": "Contains a list of networks.",
+      "id": "NetworkList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Network resources.",
+          "items": {
+            "$ref": "Network"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#networkList",
+          "description": "[Output Only] Type of resource. Always compute#networkList for lists of networks.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkPeering": {
+      "description": "A network peering attached to a network resource. The message includes the peering name, peer network, peering state, and a flag indicating whether Google Compute Engine should automatically create routes for the peering.",
+      "id": "NetworkPeering",
+      "properties": {
+        "autoCreateRoutes": {
+          "description": "Whether full mesh connectivity is created and managed automatically. When it is set to true, Google Compute Engine will automatically create and manage the routes between two networks when the state is ACTIVE. Otherwise, user needs to create routes manually to route packets to peer network.",
+          "type": "boolean"
+        },
+        "name": {
+          "description": "Name of this peering. Provided by the client when the peering is created. The name must comply with RFC1035. Specifically, the name must be 1-63 characters long and match regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all the following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "type": "string"
+        },
+        "network": {
+          "description": "The URL of the peer network. It can be either full URL or partial URL. The peer network may belong to a different project. If the partial URL does not contain project, it is assumed that the peer network is in the same project as the current network.",
+          "type": "string"
+        },
+        "state": {
+          "description": "[Output Only] State for the peering.",
+          "enum": [
+            "ACTIVE",
+            "INACTIVE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "stateDetails": {
+          "description": "[Output Only] Details about the current state of the peering.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkRoutingConfig": {
+      "description": "A routing configuration attached to a network resource. The message includes the list of routers associated with the network, and a flag indicating the type of routing behavior to enforce network-wide.",
+      "id": "NetworkRoutingConfig",
+      "properties": {
+        "routingMode": {
+          "description": "The network-wide routing mode to use. If set to REGIONAL, this network's cloud routers will only advertise routes with subnetworks of this network in the same region as the router. If set to GLOBAL, this network's cloud routers will advertise routes with all subnetworks of this network, across regions.",
+          "enum": [
+            "GLOBAL",
+            "REGIONAL"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "NetworksAddPeeringRequest": {
+      "id": "NetworksAddPeeringRequest",
+      "properties": {
+        "autoCreateRoutes": {
+          "description": "Whether Google Compute Engine manages the routes automatically.",
+          "type": "boolean"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.networks.addPeering"
+            ]
+          },
+          "description": "Name of the peering, which should conform to RFC1035.",
+          "type": "string"
+        },
+        "peerNetwork": {
+          "description": "URL of the peer network. It can be either full URL or partial URL. The peer network may belong to a different project. If the partial URL does not contain project, it is assumed that the peer network is in the same project as the current network.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "NetworksRemovePeeringRequest": {
+      "id": "NetworksRemovePeeringRequest",
+      "properties": {
+        "name": {
+          "description": "Name of the peering, which should conform to RFC1035.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Operation": {
+      "description": "An Operation resource, used to manage asynchronous API requests. (== resource_for v1.globalOperations ==) (== resource_for beta.globalOperations ==) (== resource_for v1.regionOperations ==) (== resource_for beta.regionOperations ==) (== resource_for v1.zoneOperations ==) (== resource_for beta.zoneOperations ==)",
+      "id": "Operation",
+      "properties": {
+        "clientOperationId": {
+          "description": "[Output Only] Reserved for future use.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Deprecated] This field is deprecated.",
+          "type": "string"
+        },
+        "description": {
+          "description": "[Output Only] A textual description of the operation, which is set when the operation is created.",
+          "type": "string"
+        },
+        "endTime": {
+          "description": "[Output Only] The time that this operation was completed. This value is in RFC3339 text format.",
+          "type": "string"
+        },
+        "error": {
+          "description": "[Output Only] If errors are generated during processing of the operation, this field will be populated.",
+          "properties": {
+            "errors": {
+              "description": "[Output Only] The array of errors encountered while processing this operation.",
+              "items": {
+                "properties": {
+                  "code": {
+                    "description": "[Output Only] The error type identifier for this error.",
+                    "type": "string"
+                  },
+                  "location": {
+                    "description": "[Output Only] Indicates the field in the request that caused the error. This property is optional.",
+                    "type": "string"
+                  },
+                  "message": {
+                    "description": "[Output Only] An optional, human-readable error message.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            }
+          },
+          "type": "object"
+        },
+        "httpErrorMessage": {
+          "description": "[Output Only] If the operation fails, this field contains the HTTP error message that was returned, such as NOT FOUND.",
+          "type": "string"
+        },
+        "httpErrorStatusCode": {
+          "description": "[Output Only] If the operation fails, this field contains the HTTP error status code that was returned. For example, a 404 means the resource was not found.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "insertTime": {
+          "description": "[Output Only] The time that this operation was requested. This value is in RFC3339 text format.",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#operation",
+          "description": "[Output Only] Type of the resource. Always compute#operation for Operation resources.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "type": "string"
+        },
+        "operationType": {
+          "description": "[Output Only] The type of operation, such as insert, update, or delete, and so on.",
+          "type": "string"
+        },
+        "progress": {
+          "description": "[Output Only] An optional progress indicator that ranges from 0 to 100. There is no requirement that this be linear or support any granularity of operations. This should not be used to guess when the operation will be complete. This number should monotonically increase as the operation progresses.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "region": {
+          "description": "[Output Only] The URL of the region where the operation resides. Only available when performing regional operations. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "startTime": {
+          "description": "[Output Only] The time that this operation was started by the server. This value is in RFC3339 text format.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the operation, which can be one of the following: PENDING, RUNNING, or DONE.",
+          "enum": [
+            "DONE",
+            "PENDING",
+            "RUNNING"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "statusMessage": {
+          "description": "[Output Only] An optional textual description of the current status of the operation.",
+          "type": "string"
+        },
+        "targetId": {
+          "description": "[Output Only] The unique target ID, which identifies a specific incarnation of the target resource.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "targetLink": {
+          "description": "[Output Only] The URL of the resource that the operation modifies. For operations related to creating a snapshot, this points to the persistent disk that the snapshot was created from.",
+          "type": "string"
+        },
+        "user": {
+          "description": "[Output Only] User who requested the operation, for example: user@example.com.",
+          "type": "string"
+        },
+        "warnings": {
+          "description": "[Output Only] If warning messages are generated during processing of the operation, this field will be populated.",
+          "items": {
+            "properties": {
+              "code": {
+                "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+                "enum": [
+                  "CLEANUP_FAILED",
+                  "DEPRECATED_RESOURCE_USED",
+                  "DEPRECATED_TYPE_USED",
+                  "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                  "EXPERIMENTAL_TYPE_USED",
+                  "EXTERNAL_API_WARNING",
+                  "FIELD_VALUE_OVERRIDEN",
+                  "INJECTED_KERNELS_DEPRECATED",
+                  "MISSING_TYPE_DEPENDENCY",
+                  "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                  "NEXT_HOP_CANNOT_IP_FORWARD",
+                  "NEXT_HOP_INSTANCE_NOT_FOUND",
+                  "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                  "NEXT_HOP_NOT_RUNNING",
+                  "NOT_CRITICAL_ERROR",
+                  "NO_RESULTS_ON_PAGE",
+                  "REQUIRED_TOS_AGREEMENT",
+                  "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                  "RESOURCE_NOT_DELETED",
+                  "SCHEMA_VALIDATION_IGNORED",
+                  "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                  "UNDECLARED_PROPERTIES",
+                  "UNREACHABLE"
+                ],
+                "enumDescriptions": [
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  ""
+                ],
+                "type": "string"
+              },
+              "data": {
+                "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+                "items": {
+                  "properties": {
+                    "key": {
+                      "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                      "type": "string"
+                    },
+                    "value": {
+                      "description": "[Output Only] A warning data value corresponding to the key.",
+                      "type": "string"
+                    }
+                  },
+                  "type": "object"
+                },
+                "type": "array"
+              },
+              "message": {
+                "description": "[Output Only] A human-readable description of the warning code.",
+                "type": "string"
+              }
+            },
+            "type": "object"
+          },
+          "type": "array"
+        },
+        "zone": {
+          "description": "[Output Only] The URL of the zone where the operation resides. Only available when performing per-zone operations. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "OperationAggregatedList": {
+      "id": "OperationAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "OperationsScopedList",
+            "description": "[Output Only] Name of the scope containing this set of operations."
+          },
+          "description": "[Output Only] A map of scoped operation lists.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#operationAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#operationAggregatedList for aggregated lists of operations.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "OperationList": {
+      "description": "Contains a list of Operation resources.",
+      "id": "OperationList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "[Output Only] A list of Operation resources.",
+          "items": {
+            "$ref": "Operation"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#operationList",
+          "description": "[Output Only] Type of resource. Always compute#operations for Operations resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "OperationsScopedList": {
+      "id": "OperationsScopedList",
+      "properties": {
+        "operations": {
+          "description": "[Output Only] List of operations contained in this scope.",
+          "items": {
+            "$ref": "Operation"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of operations when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "PathMatcher": {
+      "description": "A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.",
+      "id": "PathMatcher",
+      "properties": {
+        "defaultService": {
+          "description": "The full or partial URL to the BackendService resource. This will be used if none of the pathRules defined by this PathMatcher is matched by the URL's path portion. For example, the following are all valid URLs to a BackendService resource:  \n- https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService \n- compute/v1/projects/project/global/backendServices/backendService \n- global/backendServices/backendService",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "name": {
+          "description": "The name to which this PathMatcher is referred by the HostRule.",
+          "type": "string"
+        },
+        "pathRules": {
+          "description": "The list of path rules.",
+          "items": {
+            "$ref": "PathRule"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "PathRule": {
+      "description": "A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.",
+      "id": "PathRule",
+      "properties": {
+        "paths": {
+          "description": "The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "service": {
+          "description": "The URL of the BackendService resource if this rule is matched.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Policy": {
+      "description": "Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources.\n\n\n\nA `Policy` consists of a list of `bindings`. A `Binding` binds a list of `members` to a `role`, where the members can be user accounts, Google groups, Google domains, and service accounts. A `role` is a named list of permissions defined by IAM.\n\n**Example**\n\n{ \"bindings\": [ { \"role\": \"roles/owner\", \"members\": [ \"user:mike@example.com\", \"group:admins@example.com\", \"domain:google.com\", \"serviceAccount:my-other-app@appspot.gserviceaccount.com\", ] }, { \"role\": \"roles/viewer\", \"members\": [\"user:sean@example.com\"] } ] }\n\nFor a description of IAM and its features, see the [IAM developer's guide](https://cloud.google.com/iam/docs).",
+      "id": "Policy",
+      "properties": {
+        "auditConfigs": {
+          "description": "Specifies cloud audit logging configuration for this policy.",
+          "items": {
+            "$ref": "AuditConfig"
+          },
+          "type": "array"
+        },
+        "bindings": {
+          "description": "Associates a list of `members` to a `role`. `bindings` with no members will result in an error.",
+          "items": {
+            "$ref": "Binding"
+          },
+          "type": "array"
+        },
+        "etag": {
+          "description": "`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.\n\nIf no `etag` is provided in the call to `setIamPolicy`, then the existing policy is overwritten blindly.",
+          "format": "byte",
+          "type": "string"
+        },
+        "iamOwned": {
+          "description": "",
+          "type": "boolean"
+        },
+        "rules": {
+          "description": "If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.",
+          "items": {
+            "$ref": "Rule"
+          },
+          "type": "array"
+        },
+        "version": {
+          "description": "Deprecated.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "Project": {
+      "description": "A Project resource. For an overview of projects, see  Cloud Platform Resource Hierarchy. (== resource_for v1.projects ==) (== resource_for beta.projects ==)",
+      "id": "Project",
+      "properties": {
+        "commonInstanceMetadata": {
+          "$ref": "Metadata",
+          "description": "Metadata key/value pairs available to all instances contained in this project. See Custom metadata for more information."
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "defaultNetworkTier": {
+          "description": "This signifies the default network tier used for configuring resources of the project and can only take the following values: PREMIUM, STANDARD. Initially the default network tier is PREMIUM.",
+          "enum": [
+            "PREMIUM",
+            "STANDARD"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "defaultServiceAccount": {
+          "description": "[Output Only] Default service account used by VMs running in this project.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional textual description of the resource.",
+          "type": "string"
+        },
+        "enabledFeatures": {
+          "description": "Restricted features enabled for use on this project.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server. This is not the project ID, and is just a unique ID used by Compute Engine to identify resources.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#project",
+          "description": "[Output Only] Type of the resource. Always compute#project for projects.",
+          "type": "string"
+        },
+        "name": {
+          "description": "The project ID. For example: my-example-project. Use the project ID to make requests to Compute Engine.",
+          "type": "string"
+        },
+        "quotas": {
+          "description": "[Output Only] Quotas assigned to this project.",
+          "items": {
+            "$ref": "Quota"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "usageExportLocation": {
+          "$ref": "UsageExportLocation",
+          "description": "The naming prefix for daily usage reports and the Google Cloud Storage bucket where they are stored."
+        },
+        "xpnProjectStatus": {
+          "description": "[Output Only] The role this project has in a shared VPC configuration. Currently only HOST projects are differentiated.",
+          "enum": [
+            "HOST",
+            "UNSPECIFIED_XPN_PROJECT_STATUS"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ProjectsDisableXpnResourceRequest": {
+      "id": "ProjectsDisableXpnResourceRequest",
+      "properties": {
+        "xpnResource": {
+          "$ref": "XpnResourceId",
+          "description": "Service resource (a.k.a service project) ID."
+        }
+      },
+      "type": "object"
+    },
+    "ProjectsEnableXpnResourceRequest": {
+      "id": "ProjectsEnableXpnResourceRequest",
+      "properties": {
+        "xpnResource": {
+          "$ref": "XpnResourceId",
+          "description": "Service resource (a.k.a service project) ID."
+        }
+      },
+      "type": "object"
+    },
+    "ProjectsGetXpnResources": {
+      "id": "ProjectsGetXpnResources",
+      "properties": {
+        "kind": {
+          "default": "compute#projectsGetXpnResources",
+          "description": "[Output Only] Type of resource. Always compute#projectsGetXpnResources for lists of service resources (a.k.a service projects)",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "resources": {
+          "description": "Service resources (a.k.a service projects) attached to this project as their shared VPC host.",
+          "items": {
+            "$ref": "XpnResourceId"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "ProjectsListXpnHostsRequest": {
+      "id": "ProjectsListXpnHostsRequest",
+      "properties": {
+        "organization": {
+          "description": "Optional organization ID managed by Cloud Resource Manager, for which to list shared VPC host projects. If not specified, the organization will be inferred from the project.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ProjectsSetDefaultNetworkTierRequest": {
+      "id": "ProjectsSetDefaultNetworkTierRequest",
+      "properties": {
+        "networkTier": {
+          "description": "Default network tier to be set.",
+          "enum": [
+            "PREMIUM",
+            "STANDARD"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Quota": {
+      "description": "A quotas entry.",
+      "id": "Quota",
+      "properties": {
+        "limit": {
+          "description": "[Output Only] Quota limit for this metric.",
+          "format": "double",
+          "type": "number"
+        },
+        "metric": {
+          "description": "[Output Only] Name of the quota metric.",
+          "enum": [
+            "AUTOSCALERS",
+            "BACKEND_BUCKETS",
+            "BACKEND_SERVICES",
+            "COMMITMENTS",
+            "CPUS",
+            "CPUS_ALL_REGIONS",
+            "DISKS_TOTAL_GB",
+            "FIREWALLS",
+            "FORWARDING_RULES",
+            "HEALTH_CHECKS",
+            "IMAGES",
+            "INSTANCES",
+            "INSTANCE_GROUPS",
+            "INSTANCE_GROUP_MANAGERS",
+            "INSTANCE_TEMPLATES",
+            "INTERCONNECTS",
+            "INTERNAL_ADDRESSES",
+            "IN_USE_ADDRESSES",
+            "LOCAL_SSD_TOTAL_GB",
+            "NETWORKS",
+            "NVIDIA_K80_GPUS",
+            "NVIDIA_P100_GPUS",
+            "PREEMPTIBLE_CPUS",
+            "PREEMPTIBLE_LOCAL_SSD_GB",
+            "PREEMPTIBLE_NVIDIA_K80_GPUS",
+            "PREEMPTIBLE_NVIDIA_P100_GPUS",
+            "REGIONAL_AUTOSCALERS",
+            "REGIONAL_INSTANCE_GROUP_MANAGERS",
+            "ROUTERS",
+            "ROUTES",
+            "SECURITY_POLICIES",
+            "SECURITY_POLICY_RULES",
+            "SNAPSHOTS",
+            "SSD_TOTAL_GB",
+            "SSL_CERTIFICATES",
+            "STATIC_ADDRESSES",
+            "SUBNETWORKS",
+            "TARGET_HTTPS_PROXIES",
+            "TARGET_HTTP_PROXIES",
+            "TARGET_INSTANCES",
+            "TARGET_POOLS",
+            "TARGET_SSL_PROXIES",
+            "TARGET_TCP_PROXIES",
+            "TARGET_VPN_GATEWAYS",
+            "URL_MAPS",
+            "VPN_TUNNELS"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "usage": {
+          "description": "[Output Only] Current usage of this metric.",
+          "format": "double",
+          "type": "number"
+        }
+      },
+      "type": "object"
+    },
+    "Reference": {
+      "description": "Represents a reference to a resource.",
+      "id": "Reference",
+      "properties": {
+        "kind": {
+          "default": "compute#reference",
+          "description": "[Output Only] Type of the resource. Always compute#reference for references.",
+          "type": "string"
+        },
+        "referenceType": {
+          "description": "A description of the reference type with no implied semantics. Possible values include:  \n- MEMBER_OF",
+          "type": "string"
+        },
+        "referrer": {
+          "description": "URL of the resource which refers to the target.",
+          "type": "string"
+        },
+        "target": {
+          "description": "URL of the resource to which this reference points.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Region": {
+      "description": "Region resource. (== resource_for beta.regions ==) (== resource_for v1.regions ==)",
+      "id": "Region",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "deprecated": {
+          "$ref": "DeprecationStatus",
+          "description": "[Output Only] The deprecation status associated with this region."
+        },
+        "description": {
+          "description": "[Output Only] Textual description of the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#region",
+          "description": "[Output Only] Type of the resource. Always compute#region for regions.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "type": "string"
+        },
+        "quotas": {
+          "description": "[Output Only] Quotas assigned to this region.",
+          "items": {
+            "$ref": "Quota"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] Status of the region, either UP or DOWN.",
+          "enum": [
+            "DOWN",
+            "UP"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "zones": {
+          "description": "[Output Only] A list of zones available in this region, in the form of resource URLs.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RegionAutoscalerList": {
+      "description": "Contains a list of autoscalers.",
+      "id": "RegionAutoscalerList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Autoscaler resources.",
+          "items": {
+            "$ref": "Autoscaler"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#regionAutoscalerList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "RegionDiskTypeList": {
+      "id": "RegionDiskTypeList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of DiskType resources.",
+          "items": {
+            "$ref": "DiskType"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#regionDiskTypeList",
+          "description": "[Output Only] Type of resource. Always compute#regionDiskTypeList for region disk types.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "RegionDisksResizeRequest": {
+      "id": "RegionDisksResizeRequest",
+      "properties": {
+        "sizeGb": {
+          "description": "The new size of the regional persistent disk, which is specified in GB.",
+          "format": "int64",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupList": {
+      "description": "Contains a list of InstanceGroup resources.",
+      "id": "RegionInstanceGroupList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceGroup resources.",
+          "items": {
+            "$ref": "InstanceGroup"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#regionInstanceGroupList",
+          "description": "The resource type.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagerList": {
+      "description": "Contains a list of managed instance groups.",
+      "id": "RegionInstanceGroupManagerList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceGroupManager resources.",
+          "items": {
+            "$ref": "InstanceGroupManager"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#regionInstanceGroupManagerList",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupManagerList for a list of managed instance groups that exist in th regional scope.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersAbandonInstancesRequest": {
+      "id": "RegionInstanceGroupManagersAbandonInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The URLs of one or more instances to abandon. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersDeleteInstancesRequest": {
+      "id": "RegionInstanceGroupManagersDeleteInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The URLs of one or more instances to delete. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersListInstancesResponse": {
+      "id": "RegionInstanceGroupManagersListInstancesResponse",
+      "properties": {
+        "managedInstances": {
+          "description": "List of managed instances.",
+          "items": {
+            "$ref": "ManagedInstance"
+          },
+          "type": "array"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersRecreateRequest": {
+      "id": "RegionInstanceGroupManagersRecreateRequest",
+      "properties": {
+        "instances": {
+          "description": "The URLs of one or more instances to recreate. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersSetAutoHealingRequest": {
+      "id": "RegionInstanceGroupManagersSetAutoHealingRequest",
+      "properties": {
+        "autoHealingPolicies": {
+          "items": {
+            "$ref": "InstanceGroupManagerAutoHealingPolicy"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersSetTargetPoolsRequest": {
+      "id": "RegionInstanceGroupManagersSetTargetPoolsRequest",
+      "properties": {
+        "fingerprint": {
+          "description": "Fingerprint of the target pools information, which is a hash of the contents. This field is used for optimistic locking when you update the target pool entries. This field is optional.",
+          "format": "byte",
+          "type": "string"
+        },
+        "targetPools": {
+          "description": "The URL of all TargetPool resources to which instances in the instanceGroup field are added. The target pools automatically apply to all of the instances in the managed instance group.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersSetTemplateRequest": {
+      "id": "RegionInstanceGroupManagersSetTemplateRequest",
+      "properties": {
+        "instanceTemplate": {
+          "description": "URL of the InstanceTemplate resource from which all new instances will be created.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupsListInstances": {
+      "id": "RegionInstanceGroupsListInstances",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceWithNamedPorts resources.",
+          "items": {
+            "$ref": "InstanceWithNamedPorts"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#regionInstanceGroupsListInstances",
+          "description": "The resource type.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupsListInstancesRequest": {
+      "id": "RegionInstanceGroupsListInstancesRequest",
+      "properties": {
+        "instanceState": {
+          "description": "Instances in which state should be returned. Valid options are: 'ALL', 'RUNNING'. By default, it lists all instances.",
+          "enum": [
+            "ALL",
+            "RUNNING"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "portName": {
+          "description": "Name of port user is interested in. It is optional. If it is set, only information about this ports will be returned. If it is not set, all the named ports will be returned. Always lists all instances.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RegionInstanceGroupsSetNamedPortsRequest": {
+      "id": "RegionInstanceGroupsSetNamedPortsRequest",
+      "properties": {
+        "fingerprint": {
+          "description": "The fingerprint of the named ports information for this instance group. Use this optional property to prevent conflicts when multiple users change the named ports settings concurrently. Obtain the fingerprint with the instanceGroups.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.",
+          "format": "byte",
+          "type": "string"
+        },
+        "namedPorts": {
+          "description": "The list of named ports to set for this instance group.",
+          "items": {
+            "$ref": "NamedPort"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RegionList": {
+      "description": "Contains a list of region resources.",
+      "id": "RegionList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Region resources.",
+          "items": {
+            "$ref": "Region"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#regionList",
+          "description": "[Output Only] Type of resource. Always compute#regionList for lists of regions.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "RegionSetLabelsRequest": {
+      "id": "RegionSetLabelsRequest",
+      "properties": {
+        "labelFingerprint": {
+          "description": "The fingerprint of the previous set of labels for this resource, used to detect conflicts. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. Make a get() request to the resource to get the latest fingerprint.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "The labels to set for this resource.",
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "ResourceCommitment": {
+      "description": "Commitment for a particular resource (a Commitment is composed of one or more of these).",
+      "id": "ResourceCommitment",
+      "properties": {
+        "amount": {
+          "description": "The amount of the resource purchased (in a type-dependent unit, such as bytes). For vCPUs, this can just be an integer. For memory, this must be provided in MB. Memory must be a multiple of 256 MB, with up to 6.5GB of memory per every vCPU.",
+          "format": "int64",
+          "type": "string"
+        },
+        "type": {
+          "description": "Type of resource for which this commitment applies. Possible values are VCPU and MEMORY",
+          "enum": [
+            "MEMORY",
+            "UNSPECIFIED",
+            "VCPU"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ResourceGroupReference": {
+      "id": "ResourceGroupReference",
+      "properties": {
+        "group": {
+          "description": "A URI referencing one of the instance groups listed in the backend service.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Route": {
+      "description": "Represents a Route resource. A route specifies how certain packets should be handled by the network. Routes are associated with instances by tags and the set of routes for a particular instance is called its routing table.\n\nFor each packet leaving an instance, the system searches that instance's routing table for a single best matching route. Routes match packets by destination IP address, preferring smaller or more specific ranges over larger ones. If there is a tie, the system selects the route with the smallest priority value. If there is still a tie, it uses the layer three and four packet headers to select just one of the remaining matching routes. The packet is then forwarded as specified by the nextHop field of the winning route - either to another instance destination, an instance gateway, or a Google Compute Engine-operated gateway.\n\nPackets that do not match any route in the sending instance's routing table are dropped. (== resource_for beta.routes ==) (== resource_for v1.routes ==)",
+      "id": "Route",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "destRange": {
+          "annotations": {
+            "required": [
+              "compute.routes.insert"
+            ]
+          },
+          "description": "The destination range of outgoing packets that this route applies to. Only IPv4 is supported.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#route",
+          "description": "[Output Only] Type of this resource. Always compute#routes for Route resources.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.routes.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "network": {
+          "annotations": {
+            "required": [
+              "compute.routes.insert"
+            ]
+          },
+          "description": "Fully-qualified URL of the network that this route applies to.",
+          "type": "string"
+        },
+        "nextHopGateway": {
+          "description": "The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/\u003cproject-id\u003e/global/gateways/default-internet-gateway",
+          "type": "string"
+        },
+        "nextHopInstance": {
+          "description": "The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:\nhttps://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/",
+          "type": "string"
+        },
+        "nextHopIp": {
+          "description": "The network IP address of an instance that should handle matching packets. Only IPv4 is supported.",
+          "type": "string"
+        },
+        "nextHopNetwork": {
+          "description": "The URL of the local network if it should handle matching packets.",
+          "type": "string"
+        },
+        "nextHopPeering": {
+          "description": "[Output Only] The network peering name that should handle matching packets, which should conform to RFC1035.",
+          "type": "string"
+        },
+        "nextHopVpnTunnel": {
+          "description": "The URL to a VpnTunnel that should handle matching packets.",
+          "type": "string"
+        },
+        "priority": {
+          "annotations": {
+            "required": [
+              "compute.routes.insert"
+            ]
+          },
+          "description": "The priority of this route. Priority is used to break ties in cases where there is more than one matching route of equal prefix length. In the case of two routes with equal prefix length, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.",
+          "format": "uint32",
+          "type": "integer"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined fully-qualified URL for this resource.",
+          "type": "string"
+        },
+        "tags": {
+          "annotations": {
+            "required": [
+              "compute.routes.insert"
+            ]
+          },
+          "description": "A list of instance tags to which this route applies.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "warnings": {
+          "description": "[Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.",
+          "items": {
+            "properties": {
+              "code": {
+                "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+                "enum": [
+                  "CLEANUP_FAILED",
+                  "DEPRECATED_RESOURCE_USED",
+                  "DEPRECATED_TYPE_USED",
+                  "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                  "EXPERIMENTAL_TYPE_USED",
+                  "EXTERNAL_API_WARNING",
+                  "FIELD_VALUE_OVERRIDEN",
+                  "INJECTED_KERNELS_DEPRECATED",
+                  "MISSING_TYPE_DEPENDENCY",
+                  "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                  "NEXT_HOP_CANNOT_IP_FORWARD",
+                  "NEXT_HOP_INSTANCE_NOT_FOUND",
+                  "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                  "NEXT_HOP_NOT_RUNNING",
+                  "NOT_CRITICAL_ERROR",
+                  "NO_RESULTS_ON_PAGE",
+                  "REQUIRED_TOS_AGREEMENT",
+                  "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                  "RESOURCE_NOT_DELETED",
+                  "SCHEMA_VALIDATION_IGNORED",
+                  "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                  "UNDECLARED_PROPERTIES",
+                  "UNREACHABLE"
+                ],
+                "enumDescriptions": [
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  ""
+                ],
+                "type": "string"
+              },
+              "data": {
+                "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+                "items": {
+                  "properties": {
+                    "key": {
+                      "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                      "type": "string"
+                    },
+                    "value": {
+                      "description": "[Output Only] A warning data value corresponding to the key.",
+                      "type": "string"
+                    }
+                  },
+                  "type": "object"
+                },
+                "type": "array"
+              },
+              "message": {
+                "description": "[Output Only] A human-readable description of the warning code.",
+                "type": "string"
+              }
+            },
+            "type": "object"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "RouteList": {
+      "description": "Contains a list of Route resources.",
+      "id": "RouteList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Route resources.",
+          "items": {
+            "$ref": "Route"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#routeList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "Router": {
+      "description": "Router resource.",
+      "id": "Router",
+      "properties": {
+        "bgp": {
+          "$ref": "RouterBgp",
+          "description": "BGP information specific to this router."
+        },
+        "bgpPeers": {
+          "description": "BGP information that needs to be configured into the routing stack to establish the BGP peering. It must specify peer ASN and either interface name, IP, or peer IP. Please refer to RFC4273.",
+          "items": {
+            "$ref": "RouterBgpPeer"
+          },
+          "type": "array"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "interfaces": {
+          "description": "Router interfaces. Each interface requires either one linked resource (e.g. linkedVpnTunnel), or IP address and IP address range (e.g. ipRange), or both.",
+          "items": {
+            "$ref": "RouterInterface"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#router",
+          "description": "[Output Only] Type of resource. Always compute#router for routers.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.routers.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "network": {
+          "annotations": {
+            "required": [
+              "compute.routers.insert"
+            ]
+          },
+          "description": "URI of the network to which this router belongs.",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URI of the region where the router resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RouterAdvertisedIpRange": {
+      "description": "Description-tagged IP ranges for the router to advertise.",
+      "id": "RouterAdvertisedIpRange",
+      "properties": {
+        "description": {
+          "description": "User-specified description for the IP range.",
+          "type": "string"
+        },
+        "range": {
+          "description": "The IP range to advertise. The value must be a CIDR-formatted string.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RouterAggregatedList": {
+      "description": "Contains a list of routers.",
+      "id": "RouterAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "RoutersScopedList",
+            "description": "Name of the scope containing this set of routers."
+          },
+          "description": "A list of Router resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#routerAggregatedList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "RouterBgp": {
+      "id": "RouterBgp",
+      "properties": {
+        "advertiseMode": {
+          "description": "User-specified flag to indicate which mode to use for advertisement.",
+          "enum": [
+            "CUSTOM",
+            "DEFAULT"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "advertisedGroups": {
+          "description": "User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.",
+          "items": {
+            "enum": [
+              "ALL_SUBNETS"
+            ],
+            "enumDescriptions": [
+              ""
+            ],
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "advertisedIpRanges": {
+          "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.",
+          "items": {
+            "$ref": "RouterAdvertisedIpRange"
+          },
+          "type": "array"
+        },
+        "asn": {
+          "description": "Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.",
+          "format": "uint32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "RouterBgpPeer": {
+      "id": "RouterBgpPeer",
+      "properties": {
+        "advertiseMode": {
+          "description": "User-specified flag to indicate which mode to use for advertisement.",
+          "enum": [
+            "CUSTOM",
+            "DEFAULT"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "advertisedGroups": {
+          "description": "User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in Bgp message). These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.",
+          "items": {
+            "enum": [
+              "ALL_SUBNETS"
+            ],
+            "enumDescriptions": [
+              ""
+            ],
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "advertisedIpRanges": {
+          "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in Bgp message). These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.",
+          "items": {
+            "$ref": "RouterAdvertisedIpRange"
+          },
+          "type": "array"
+        },
+        "advertisedRoutePriority": {
+          "description": "The priority of routes advertised to this BGP peer. In the case where there is more than one matching route of maximum length, the routes with lowest priority value win.",
+          "format": "uint32",
+          "type": "integer"
+        },
+        "interfaceName": {
+          "description": "Name of the interface the BGP peer is associated with.",
+          "type": "string"
+        },
+        "ipAddress": {
+          "description": "IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of this BGP peer. The name must be 1-63 characters long and comply with RFC1035.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "peerAsn": {
+          "description": "Peer BGP Autonomous System Number (ASN). For VPN use case, this value can be different for every tunnel.",
+          "format": "uint32",
+          "type": "integer"
+        },
+        "peerIpAddress": {
+          "description": "IP address of the BGP interface outside Google cloud. Only IPv4 is supported.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RouterInterface": {
+      "id": "RouterInterface",
+      "properties": {
+        "ipRange": {
+          "description": "IP address and range of the interface. The IP range must be in the RFC3927 link-local IP space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.",
+          "type": "string"
+        },
+        "linkedInterconnectAttachment": {
+          "description": "URI of the linked interconnect attachment. It must be in the same region as the router. Each interface can have at most one linked resource and it could either be a VPN Tunnel or an interconnect attachment.",
+          "type": "string"
+        },
+        "linkedVpnTunnel": {
+          "description": "URI of the linked VPN tunnel. It must be in the same region as the router. Each interface can have at most one linked resource and it could either be a VPN Tunnel or an interconnect attachment.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of this interface entry. The name must be 1-63 characters long and comply with RFC1035.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RouterList": {
+      "description": "Contains a list of Router resources.",
+      "id": "RouterList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Router resources.",
+          "items": {
+            "$ref": "Router"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#routerList",
+          "description": "[Output Only] Type of resource. Always compute#router for routers.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "RouterStatus": {
+      "id": "RouterStatus",
+      "properties": {
+        "bestRoutes": {
+          "description": "Best routes for this router's network.",
+          "items": {
+            "$ref": "Route"
+          },
+          "type": "array"
+        },
+        "bestRoutesForRouter": {
+          "description": "Best routes learned by this router.",
+          "items": {
+            "$ref": "Route"
+          },
+          "type": "array"
+        },
+        "bgpPeerStatus": {
+          "items": {
+            "$ref": "RouterStatusBgpPeerStatus"
+          },
+          "type": "array"
+        },
+        "network": {
+          "description": "URI of the network to which this router belongs.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RouterStatusBgpPeerStatus": {
+      "id": "RouterStatusBgpPeerStatus",
+      "properties": {
+        "advertisedRoutes": {
+          "description": "Routes that were advertised to the remote BGP peer",
+          "items": {
+            "$ref": "Route"
+          },
+          "type": "array"
+        },
+        "ipAddress": {
+          "description": "IP address of the local BGP interface.",
+          "type": "string"
+        },
+        "linkedVpnTunnel": {
+          "description": "URL of the VPN tunnel that this BGP peer controls.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of this BGP peer. Unique within the Routers resource.",
+          "type": "string"
+        },
+        "numLearnedRoutes": {
+          "description": "Number of routes learned from the remote BGP Peer.",
+          "format": "uint32",
+          "type": "integer"
+        },
+        "peerIpAddress": {
+          "description": "IP address of the remote BGP interface.",
+          "type": "string"
+        },
+        "state": {
+          "description": "BGP state as specified in RFC1771.",
+          "type": "string"
+        },
+        "status": {
+          "description": "Status of the BGP peer: {UP, DOWN}",
+          "enum": [
+            "DOWN",
+            "UNKNOWN",
+            "UP"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "uptime": {
+          "description": "Time this session has been up. Format: 14 years, 51 weeks, 6 days, 23 hours, 59 minutes, 59 seconds",
+          "type": "string"
+        },
+        "uptimeSeconds": {
+          "description": "Time this session has been up, in seconds. Format: 145",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "RouterStatusResponse": {
+      "id": "RouterStatusResponse",
+      "properties": {
+        "kind": {
+          "default": "compute#routerStatusResponse",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "result": {
+          "$ref": "RouterStatus"
+        }
+      },
+      "type": "object"
+    },
+    "RoutersPreviewResponse": {
+      "id": "RoutersPreviewResponse",
+      "properties": {
+        "resource": {
+          "$ref": "Router",
+          "description": "Preview of given router."
+        }
+      },
+      "type": "object"
+    },
+    "RoutersScopedList": {
+      "id": "RoutersScopedList",
+      "properties": {
+        "routers": {
+          "description": "List of routers contained in this scope.",
+          "items": {
+            "$ref": "Router"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of routers when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "Rule": {
+      "description": "A rule to be applied in a Policy.",
+      "id": "Rule",
+      "properties": {
+        "action": {
+          "description": "Required",
+          "enum": [
+            "ALLOW",
+            "ALLOW_WITH_LOG",
+            "DENY",
+            "DENY_WITH_LOG",
+            "LOG",
+            "NO_ACTION"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "conditions": {
+          "description": "Additional restrictions that must be met. All conditions must pass for the rule to match.",
+          "items": {
+            "$ref": "Condition"
+          },
+          "type": "array"
+        },
+        "description": {
+          "description": "Human-readable description of the rule.",
+          "type": "string"
+        },
+        "ins": {
+          "description": "If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "logConfigs": {
+          "description": "The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.",
+          "items": {
+            "$ref": "LogConfig"
+          },
+          "type": "array"
+        },
+        "notIns": {
+          "description": "If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "permissions": {
+          "description": "A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "SSLHealthCheck": {
+      "id": "SSLHealthCheck",
+      "properties": {
+        "port": {
+          "description": "The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "portName": {
+          "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.",
+          "type": "string"
+        },
+        "proxyHeader": {
+          "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "request": {
+          "description": "The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.",
+          "type": "string"
+        },
+        "response": {
+          "description": "The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Scheduling": {
+      "description": "Sets the scheduling options for an Instance.",
+      "id": "Scheduling",
+      "properties": {
+        "automaticRestart": {
+          "description": "Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.\n\nBy default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.",
+          "type": "boolean"
+        },
+        "onHostMaintenance": {
+          "description": "Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Setting Instance Scheduling Options.",
+          "enum": [
+            "MIGRATE",
+            "TERMINATE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "preemptible": {
+          "description": "Defines whether the instance is preemptible. This can only be set during instance creation, it cannot be set or changed after the instance has been created.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "SecurityPolicy": {
+      "description": "A security policy is comprised of one or more rules. It can also be associated with one or more 'targets'.",
+      "id": "SecurityPolicy",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "fingerprint": {
+          "description": "Specifies a fingerprint for this resource, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.\n\nTo see the latest fingerprint, make get() request to the security policy.",
+          "format": "byte",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#securityPolicy",
+          "description": "[Output only] Type of the resource. Always compute#securityPolicyfor security policies",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "rules": {
+          "description": "List of rules that belong to this policy. There must always be a default rule (rule with priority 2147483647 and match \"*\"). If no rules are provided when creating a security policy, a default rule with action \"allow\" will be added.",
+          "items": {
+            "$ref": "SecurityPolicyRule"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "SecurityPolicyList": {
+      "id": "SecurityPolicyList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of SecurityPolicy resources.",
+          "items": {
+            "$ref": "SecurityPolicy"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#securityPolicyList",
+          "description": "[Output Only] Type of resource. Always compute#securityPolicyList for listsof securityPolicies",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "SecurityPolicyReference": {
+      "id": "SecurityPolicyReference",
+      "properties": {
+        "securityPolicy": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "SecurityPolicyRule": {
+      "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).",
+      "id": "SecurityPolicyRule",
+      "properties": {
+        "action": {
+          "description": "The Action to preform when the client connection triggers the rule. Can currently be either \"allow\" or \"deny()\" where valid values for status are 403, 404, and 502.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#securityPolicyRule",
+          "description": "[Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules",
+          "type": "string"
+        },
+        "match": {
+          "$ref": "SecurityPolicyRuleMatcher",
+          "description": "A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding ?action? is enforced."
+        },
+        "preview": {
+          "description": "If set to true, the specified action is not enforced.",
+          "type": "boolean"
+        },
+        "priority": {
+          "description": "An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated in the increasing order of priority.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "SecurityPolicyRuleMatcher": {
+      "description": "Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.",
+      "id": "SecurityPolicyRuleMatcher",
+      "properties": {
+        "config": {
+          "$ref": "SecurityPolicyRuleMatcherConfig",
+          "description": "The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified."
+        },
+        "srcIpRanges": {
+          "description": "CIDR IP address range.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "versionedExpr": {
+          "description": "Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.",
+          "enum": [
+            "SRC_IPS_V1",
+            "VERSIONED_EXPR_UNSPECIFIED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "SecurityPolicyRuleMatcherConfig": {
+      "id": "SecurityPolicyRuleMatcherConfig",
+      "properties": {
+        "srcIpRanges": {
+          "description": "CIDR IP address range.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "SerialPortOutput": {
+      "description": "An instance's serial console output.",
+      "id": "SerialPortOutput",
+      "properties": {
+        "contents": {
+          "description": "[Output Only] The contents of the console output.",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#serialPortOutput",
+          "description": "[Output Only] Type of the resource. Always compute#serialPortOutput for serial port output.",
+          "type": "string"
+        },
+        "next": {
+          "description": "[Output Only] The position of the next byte of content from the serial console output. Use this value in the next request as the start parameter.",
+          "format": "int64",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "start": {
+          "description": "The starting byte position of the output that was returned. This should match the start parameter sent with the request. If the serial console output exceeds the size of the buffer, older output will be overwritten by newer content and the start values will be mismatched.",
+          "format": "int64",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ServiceAccount": {
+      "description": "A service account.",
+      "id": "ServiceAccount",
+      "properties": {
+        "email": {
+          "description": "Email address of the service account.",
+          "type": "string"
+        },
+        "scopes": {
+          "description": "The list of scopes to be made available for this service account.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "SignedUrlKey": {
+      "description": "Represents a customer-supplied Signing Key used by Cloud CDN Signed URLs",
+      "id": "SignedUrlKey",
+      "properties": {
+        "keyName": {
+          "description": "Name of the key. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "keyValue": {
+          "description": "128-bit key value used for signing the URL. The key value must be a valid RFC 4648 Section 5 base64url encoded string.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Snapshot": {
+      "description": "A persistent disk snapshot resource. (== resource_for beta.snapshots ==) (== resource_for v1.snapshots ==)",
+      "id": "Snapshot",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "diskSizeGb": {
+          "description": "[Output Only] Size of the snapshot, specified in GB.",
+          "format": "int64",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#snapshot",
+          "description": "[Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a snapshot.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.",
+          "type": "object"
+        },
+        "licenseCodes": {
+          "description": "Integer license codes indicating which licenses are attached to this snapshot.",
+          "items": {
+            "format": "int64",
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "licenses": {
+          "description": "[Output Only] A list of public visible licenses that apply to this snapshot. This can be because the original image had licenses attached (such as a Windows image).",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "name": {
+          "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "snapshotEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "Encrypts the snapshot using a customer-supplied encryption key.\n\nAfter you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the image later For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.\n\nCustomer-supplied encryption keys do not protect access to metadata of the disk.\n\nIf you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later."
+        },
+        "sourceDisk": {
+          "description": "[Output Only] The source disk used to create this snapshot.",
+          "type": "string"
+        },
+        "sourceDiskEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key."
+        },
+        "sourceDiskId": {
+          "description": "[Output Only] The ID value of the disk used to create this snapshot. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given disk name.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the snapshot. This can be CREATING, DELETING, FAILED, READY, or UPLOADING.",
+          "enum": [
+            "CREATING",
+            "DELETING",
+            "FAILED",
+            "READY",
+            "UPLOADING"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "storageBytes": {
+          "description": "[Output Only] A size of the storage used by the snapshot. As snapshots share storage, this number is expected to change with snapshot creation/deletion.",
+          "format": "int64",
+          "type": "string"
+        },
+        "storageBytesStatus": {
+          "description": "[Output Only] An indicator whether storageBytes is in a stable state or it is being adjusted as a result of shared storage reallocation. This status can either be UPDATING, meaning the size of the snapshot is being updated, or UP_TO_DATE, meaning the size of the snapshot is up-to-date.",
+          "enum": [
+            "UPDATING",
+            "UP_TO_DATE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "SnapshotList": {
+      "description": "Contains a list of Snapshot resources.",
+      "id": "SnapshotList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Snapshot resources.",
+          "items": {
+            "$ref": "Snapshot"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#snapshotList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "SourceInstanceParams": {
+      "description": "A specification of the parameters to use when creating the instance template from a source instance.",
+      "id": "SourceInstanceParams",
+      "properties": {
+        "diskConfigs": {
+          "description": "Attached disks configuration. If not provided, defaults are applied: For boot disk and any other R/W disks, new custom images will be created from each disk. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes.",
+          "items": {
+            "$ref": "DiskInstantiationConfig"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "SslCertificate": {
+      "description": "An SslCertificate resource. This resource provides a mechanism to upload an SSL key and certificate to the load balancer to serve secure connections from the user. (== resource_for beta.sslCertificates ==) (== resource_for v1.sslCertificates ==)",
+      "id": "SslCertificate",
+      "properties": {
+        "certificate": {
+          "description": "A local certificate file. The certificate must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#sslCertificate",
+          "description": "[Output Only] Type of the resource. Always compute#sslCertificate for SSL certificates.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "privateKey": {
+          "description": "A write-only private key in PEM format. Only insert requests will include this field.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output only] Server-defined URL for the resource.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "SslCertificateList": {
+      "description": "Contains a list of SslCertificate resources.",
+      "id": "SslCertificateList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of SslCertificate resources.",
+          "items": {
+            "$ref": "SslCertificate"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#sslCertificateList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "SslPoliciesList": {
+      "id": "SslPoliciesList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of SslPolicy resources.",
+          "items": {
+            "$ref": "SslPolicy"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#sslPoliciesList",
+          "description": "[Output Only] Type of the resource. Always compute#sslPoliciesList for lists of sslPolicies.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "SslPoliciesListAvailableFeaturesResponse": {
+      "id": "SslPoliciesListAvailableFeaturesResponse",
+      "properties": {
+        "features": {
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "SslPolicy": {
+      "description": "A SSL policy specifies the server-side support for SSL features. This can be attached to a TargetHttpsProxy or a TargetSslProxy. This affects connections between clients and the HTTPS or SSL proxy load balancer. They do not affect the connection between the load balancers and the backends.",
+      "id": "SslPolicy",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "customFeatures": {
+          "description": "List of features enabled when the selected profile is CUSTOM. The\n- method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "enabledFeatures": {
+          "description": "[Output Only] The list of features enabled in the SSL policy.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "fingerprint": {
+          "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy.",
+          "format": "byte",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#sslPolicy",
+          "description": "[Output only] Type of the resource. Always compute#sslPolicyfor SSL policies.",
+          "type": "string"
+        },
+        "minTlsVersion": {
+          "description": "The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2, TLS_1_3.",
+          "enum": [
+            "TLS_1_0",
+            "TLS_1_1",
+            "TLS_1_2",
+            "TLS_1_3"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "profile": {
+          "description": "Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field.",
+          "enum": [
+            "COMPATIBLE",
+            "CUSTOM",
+            "MODERN",
+            "RESTRICTED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "warnings": {
+          "description": "[Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.",
+          "items": {
+            "properties": {
+              "code": {
+                "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+                "enum": [
+                  "CLEANUP_FAILED",
+                  "DEPRECATED_RESOURCE_USED",
+                  "DEPRECATED_TYPE_USED",
+                  "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                  "EXPERIMENTAL_TYPE_USED",
+                  "EXTERNAL_API_WARNING",
+                  "FIELD_VALUE_OVERRIDEN",
+                  "INJECTED_KERNELS_DEPRECATED",
+                  "MISSING_TYPE_DEPENDENCY",
+                  "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                  "NEXT_HOP_CANNOT_IP_FORWARD",
+                  "NEXT_HOP_INSTANCE_NOT_FOUND",
+                  "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                  "NEXT_HOP_NOT_RUNNING",
+                  "NOT_CRITICAL_ERROR",
+                  "NO_RESULTS_ON_PAGE",
+                  "REQUIRED_TOS_AGREEMENT",
+                  "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                  "RESOURCE_NOT_DELETED",
+                  "SCHEMA_VALIDATION_IGNORED",
+                  "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                  "UNDECLARED_PROPERTIES",
+                  "UNREACHABLE"
+                ],
+                "enumDescriptions": [
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  ""
+                ],
+                "type": "string"
+              },
+              "data": {
+                "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+                "items": {
+                  "properties": {
+                    "key": {
+                      "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                      "type": "string"
+                    },
+                    "value": {
+                      "description": "[Output Only] A warning data value corresponding to the key.",
+                      "type": "string"
+                    }
+                  },
+                  "type": "object"
+                },
+                "type": "array"
+              },
+              "message": {
+                "description": "[Output Only] A human-readable description of the warning code.",
+                "type": "string"
+              }
+            },
+            "type": "object"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "SslPolicyReference": {
+      "id": "SslPolicyReference",
+      "properties": {
+        "sslPolicy": {
+          "description": "URL of the SSL policy resource. Set this to empty string to clear any existing SSL policy associated with the target proxy resource.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Subnetwork": {
+      "description": "A Subnetwork resource. (== resource_for beta.subnetworks ==) (== resource_for v1.subnetworks ==)",
+      "id": "Subnetwork",
+      "properties": {
+        "allowSubnetCidrRoutesOverlap": {
+          "description": "Whether this subnetwork can conflict with static routes. Setting this to true allows this subnetwork's primary and secondary ranges to conflict with routes that have already been configured on the corresponding network. Static routes will take precedence over the subnetwork route if the route prefix length is at least as large as the subnetwork prefix length.\n\nAlso, packets destined to IPs within subnetwork may contain private/sensitive data and are prevented from leaving the virtual network. Setting this field to true will disable this feature.\n\nThe default value is false and applies to all existing subnetworks and automatically created subnetworks.\n\nThis field cannot be set to true at resource creation time.",
+          "type": "boolean"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.",
+          "type": "string"
+        },
+        "fingerprint": {
+          "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork.",
+          "format": "byte",
+          "type": "string"
+        },
+        "gatewayAddress": {
+          "description": "[Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "ipCidrRange": {
+          "description": "The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or 192.168.0.0/16. Ranges must be unique and non-overlapping within a network. Only IPv4 is supported. This field can be set only at resource creation time.",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#subnetwork",
+          "description": "[Output Only] Type of the resource. Always compute#subnetwork for Subnetwork resources.",
+          "type": "string"
+        },
+        "name": {
+          "description": "The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "network": {
+          "description": "The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time.",
+          "type": "string"
+        },
+        "privateIpGoogleAccess": {
+          "description": "Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess.",
+          "type": "boolean"
+        },
+        "region": {
+          "description": "URL of the region where the Subnetwork resides. This field can be set only at resource creation time.",
+          "type": "string"
+        },
+        "secondaryIpRanges": {
+          "description": "An array of configurations for secondary IP ranges for VM instances contained in this subnetwork. The primary IP of such VM must belong to the primary ipCidrRange of the subnetwork. The alias IPs may belong to either primary or secondary ranges.",
+          "items": {
+            "$ref": "SubnetworkSecondaryRange"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "SubnetworkAggregatedList": {
+      "id": "SubnetworkAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "SubnetworksScopedList",
+            "description": "Name of the scope containing this set of Subnetworks."
+          },
+          "description": "A list of SubnetworksScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#subnetworkAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#subnetworkAggregatedList for aggregated lists of subnetworks.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "SubnetworkList": {
+      "description": "Contains a list of Subnetwork resources.",
+      "id": "SubnetworkList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Subnetwork resources.",
+          "items": {
+            "$ref": "Subnetwork"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#subnetworkList",
+          "description": "[Output Only] Type of resource. Always compute#subnetworkList for lists of subnetworks.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "SubnetworkSecondaryRange": {
+      "description": "Represents a secondary IP range of a subnetwork.",
+      "id": "SubnetworkSecondaryRange",
+      "properties": {
+        "ipCidrRange": {
+          "description": "The range of IP addresses belonging to this subnetwork secondary range. Provide this property when you create the subnetwork. Ranges must be unique and non-overlapping with all primary and secondary IP ranges within a network. Only IPv4 is supported.",
+          "type": "string"
+        },
+        "rangeName": {
+          "description": "The name associated with this subnetwork secondary range, used when adding an alias IP range to a VM instance. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the subnetwork.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "SubnetworksExpandIpCidrRangeRequest": {
+      "id": "SubnetworksExpandIpCidrRangeRequest",
+      "properties": {
+        "ipCidrRange": {
+          "description": "The IP (in CIDR format or netmask) of internal addresses that are legal on this Subnetwork. This range should be disjoint from other subnetworks within this network. This range can only be larger than (i.e. a superset of) the range previously defined before the update.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "SubnetworksScopedList": {
+      "id": "SubnetworksScopedList",
+      "properties": {
+        "subnetworks": {
+          "description": "List of subnetworks contained in this scope.",
+          "items": {
+            "$ref": "Subnetwork"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "An informational warning that appears when the list of addresses is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "SubnetworksSetPrivateIpGoogleAccessRequest": {
+      "id": "SubnetworksSetPrivateIpGoogleAccessRequest",
+      "properties": {
+        "privateIpGoogleAccess": {
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "TCPHealthCheck": {
+      "id": "TCPHealthCheck",
+      "properties": {
+        "port": {
+          "description": "The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "portName": {
+          "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.",
+          "type": "string"
+        },
+        "proxyHeader": {
+          "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "request": {
+          "description": "The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.",
+          "type": "string"
+        },
+        "response": {
+          "description": "The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Tags": {
+      "description": "A set of instance tags.",
+      "id": "Tags",
+      "properties": {
+        "fingerprint": {
+          "description": "Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.\n\nTo see the latest fingerprint, make get() request to the instance.",
+          "format": "byte",
+          "type": "string"
+        },
+        "items": {
+          "description": "An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "TargetHttpProxy": {
+      "description": "A TargetHttpProxy resource. This resource defines an HTTP proxy. (== resource_for beta.targetHttpProxies ==) (== resource_for v1.targetHttpProxies ==)",
+      "id": "TargetHttpProxy",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#targetHttpProxy",
+          "description": "[Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "urlMap": {
+          "description": "URL to the UrlMap resource that defines the mapping from URL to the BackendService.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetHttpProxyList": {
+      "description": "A list of TargetHttpProxy resources.",
+      "id": "TargetHttpProxyList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetHttpProxy resources.",
+          "items": {
+            "$ref": "TargetHttpProxy"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetHttpProxyList",
+          "description": "Type of resource. Always compute#targetHttpProxyList for lists of target HTTP proxies.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetHttpsProxiesSetQuicOverrideRequest": {
+      "id": "TargetHttpsProxiesSetQuicOverrideRequest",
+      "properties": {
+        "quicOverride": {
+          "description": "QUIC policy for the TargetHttpsProxy resource.",
+          "enum": [
+            "DISABLE",
+            "ENABLE",
+            "NONE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetHttpsProxiesSetSslCertificatesRequest": {
+      "id": "TargetHttpsProxiesSetSslCertificatesRequest",
+      "properties": {
+        "sslCertificates": {
+          "description": "New set of SslCertificate resources to associate with this TargetHttpsProxy resource. Currently exactly one SslCertificate resource must be specified.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "TargetHttpsProxy": {
+      "description": "A TargetHttpsProxy resource. This resource defines an HTTPS proxy. (== resource_for beta.targetHttpsProxies ==) (== resource_for v1.targetHttpsProxies ==)",
+      "id": "TargetHttpsProxy",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#targetHttpsProxy",
+          "description": "[Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "quicOverride": {
+          "description": "Specifies the QUIC override policy for this TargetHttpsProxy resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. Specify ENABLE to always enable QUIC, Enables QUIC when set to ENABLE, and disables QUIC when set to DISABLE. If NONE is specified, uses the QUIC policy with no user overrides, which is equivalent to DISABLE. Not specifying this field is equivalent to specifying NONE.",
+          "enum": [
+            "DISABLE",
+            "ENABLE",
+            "NONE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sslCertificates": {
+          "description": "URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, exactly one SSL certificate must be specified.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "sslPolicy": {
+          "description": "URL of SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.",
+          "type": "string"
+        },
+        "urlMap": {
+          "description": "A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:  \n- https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map \n- projects/project/global/urlMaps/url-map \n- global/urlMaps/url-map",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetHttpsProxyList": {
+      "description": "Contains a list of TargetHttpsProxy resources.",
+      "id": "TargetHttpsProxyList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetHttpsProxy resources.",
+          "items": {
+            "$ref": "TargetHttpsProxy"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetHttpsProxyList",
+          "description": "Type of resource. Always compute#targetHttpsProxyList for lists of target HTTPS proxies.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetInstance": {
+      "description": "A TargetInstance resource. This resource defines an endpoint instance that terminates traffic of certain protocols. (== resource_for beta.targetInstances ==) (== resource_for v1.targetInstances ==)",
+      "id": "TargetInstance",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "instance": {
+          "description": "A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs: \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance \n- projects/project/zones/zone/instances/instance \n- zones/zone/instances/instance",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#targetInstance",
+          "description": "[Output Only] The type of the resource. Always compute#targetInstance for target instances.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "natPolicy": {
+          "description": "NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported.",
+          "enum": [
+            "NO_NAT"
+          ],
+          "enumDescriptions": [
+            ""
+          ],
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] URL of the zone where the target instance resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetInstanceAggregatedList": {
+      "id": "TargetInstanceAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "TargetInstancesScopedList",
+            "description": "Name of the scope containing this set of target instances."
+          },
+          "description": "A list of TargetInstance resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#targetInstanceAggregatedList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetInstanceList": {
+      "description": "Contains a list of TargetInstance resources.",
+      "id": "TargetInstanceList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetInstance resources.",
+          "items": {
+            "$ref": "TargetInstance"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetInstanceList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetInstancesScopedList": {
+      "id": "TargetInstancesScopedList",
+      "properties": {
+        "targetInstances": {
+          "description": "List of target instances contained in this scope.",
+          "items": {
+            "$ref": "TargetInstance"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of addresses when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetPool": {
+      "description": "A TargetPool resource. This resource defines a pool of instances, an associated HttpHealthCheck resource, and the fallback target pool. (== resource_for beta.targetPools ==) (== resource_for v1.targetPools ==)",
+      "id": "TargetPool",
+      "properties": {
+        "backupPool": {
+          "description": "This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1].\n\nbackupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool.\n\nIn case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the \"force\" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "failoverRatio": {
+          "description": "This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1].\n\nIf set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool.\n\nIn case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the \"force\" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.",
+          "format": "float",
+          "type": "number"
+        },
+        "healthChecks": {
+          "description": "The URL of the HttpHealthCheck resource. A member instance in this pool is considered healthy if and only if the health checks pass. An empty list means all member instances will be considered healthy at all times. Only HttpHealthChecks are supported. Only one health check may be specified.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "instances": {
+          "description": "A list of resource URLs to the virtual machine instances serving this pool. They must live in zones contained in the same region as this pool.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetPool",
+          "description": "[Output Only] Type of the resource. Always compute#targetPool for target pools.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the target pool resides.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sessionAffinity": {
+          "description": "Sesssion affinity option, must be one of the following values:\nNONE: Connections from the same client IP may go to any instance in the pool.\nCLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy.\nCLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.",
+          "enum": [
+            "CLIENT_IP",
+            "CLIENT_IP_PORT_PROTO",
+            "CLIENT_IP_PROTO",
+            "GENERATED_COOKIE",
+            "NONE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetPoolAggregatedList": {
+      "id": "TargetPoolAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "TargetPoolsScopedList",
+            "description": "Name of the scope containing this set of target pools."
+          },
+          "description": "A list of TargetPool resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#targetPoolAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#targetPoolAggregatedList for aggregated lists of target pools.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetPoolInstanceHealth": {
+      "id": "TargetPoolInstanceHealth",
+      "properties": {
+        "healthStatus": {
+          "items": {
+            "$ref": "HealthStatus"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetPoolInstanceHealth",
+          "description": "[Output Only] Type of resource. Always compute#targetPoolInstanceHealth when checking the health of an instance.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetPoolList": {
+      "description": "Contains a list of TargetPool resources.",
+      "id": "TargetPoolList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetPool resources.",
+          "items": {
+            "$ref": "TargetPool"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetPoolList",
+          "description": "[Output Only] Type of resource. Always compute#targetPoolList for lists of target pools.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetPoolsAddHealthCheckRequest": {
+      "id": "TargetPoolsAddHealthCheckRequest",
+      "properties": {
+        "healthChecks": {
+          "description": "The HttpHealthCheck to add to the target pool.",
+          "items": {
+            "$ref": "HealthCheckReference"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "TargetPoolsAddInstanceRequest": {
+      "id": "TargetPoolsAddInstanceRequest",
+      "properties": {
+        "instances": {
+          "description": "A full or partial URL to an instance to add to this target pool. This can be a full or partial URL. For example, the following are valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/project-id/zones/zone/instances/instance-name \n- projects/project-id/zones/zone/instances/instance-name \n- zones/zone/instances/instance-name",
+          "items": {
+            "$ref": "InstanceReference"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "TargetPoolsRemoveHealthCheckRequest": {
+      "id": "TargetPoolsRemoveHealthCheckRequest",
+      "properties": {
+        "healthChecks": {
+          "description": "Health check URL to be removed. This can be a full or valid partial URL. For example, the following are valid URLs:  \n- https://www.googleapis.com/compute/beta/projects/project/global/httpHealthChecks/health-check \n- projects/project/global/httpHealthChecks/health-check \n- global/httpHealthChecks/health-check",
+          "items": {
+            "$ref": "HealthCheckReference"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "TargetPoolsRemoveInstanceRequest": {
+      "id": "TargetPoolsRemoveInstanceRequest",
+      "properties": {
+        "instances": {
+          "description": "URLs of the instances to be removed from target pool.",
+          "items": {
+            "$ref": "InstanceReference"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "TargetPoolsScopedList": {
+      "id": "TargetPoolsScopedList",
+      "properties": {
+        "targetPools": {
+          "description": "List of target pools contained in this scope.",
+          "items": {
+            "$ref": "TargetPool"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of addresses when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetReference": {
+      "id": "TargetReference",
+      "properties": {
+        "target": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetSslProxiesSetBackendServiceRequest": {
+      "id": "TargetSslProxiesSetBackendServiceRequest",
+      "properties": {
+        "service": {
+          "description": "The URL of the new BackendService resource for the targetSslProxy.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetSslProxiesSetProxyHeaderRequest": {
+      "id": "TargetSslProxiesSetProxyHeaderRequest",
+      "properties": {
+        "proxyHeader": {
+          "description": "The new type of proxy header to append before sending data to the backend. NONE or PROXY_V1 are allowed.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetSslProxiesSetSslCertificatesRequest": {
+      "id": "TargetSslProxiesSetSslCertificatesRequest",
+      "properties": {
+        "sslCertificates": {
+          "description": "New set of URLs to SslCertificate resources to associate with this TargetSslProxy. Currently exactly one ssl certificate must be specified.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "TargetSslProxy": {
+      "description": "A TargetSslProxy resource. This resource defines an SSL proxy. (== resource_for beta.targetSslProxies ==) (== resource_for v1.targetSslProxies ==)",
+      "id": "TargetSslProxy",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#targetSslProxy",
+          "description": "[Output Only] Type of the resource. Always compute#targetSslProxy for target SSL proxies.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "proxyHeader": {
+          "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "service": {
+          "description": "URL to the BackendService resource.",
+          "type": "string"
+        },
+        "sslCertificates": {
+          "description": "URLs to SslCertificate resources that are used to authenticate connections to Backends. Currently exactly one SSL certificate must be specified.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "sslPolicy": {
+          "description": "URL of SslPolicy resource that will be associated with the TargetSslProxy resource. If not set, the TargetSslProxy resource will not have any SSL policy configured.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetSslProxyList": {
+      "description": "Contains a list of TargetSslProxy resources.",
+      "id": "TargetSslProxyList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetSslProxy resources.",
+          "items": {
+            "$ref": "TargetSslProxy"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetSslProxyList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetTcpProxiesSetBackendServiceRequest": {
+      "id": "TargetTcpProxiesSetBackendServiceRequest",
+      "properties": {
+        "service": {
+          "description": "The URL of the new BackendService resource for the targetTcpProxy.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetTcpProxiesSetProxyHeaderRequest": {
+      "id": "TargetTcpProxiesSetProxyHeaderRequest",
+      "properties": {
+        "proxyHeader": {
+          "description": "The new type of proxy header to append before sending data to the backend. NONE or PROXY_V1 are allowed.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetTcpProxy": {
+      "description": "A TargetTcpProxy resource. This resource defines a TCP proxy. (== resource_for beta.targetTcpProxies ==) (== resource_for v1.targetTcpProxies ==)",
+      "id": "TargetTcpProxy",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#targetTcpProxy",
+          "description": "[Output Only] Type of the resource. Always compute#targetTcpProxy for target TCP proxies.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "proxyHeader": {
+          "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "service": {
+          "description": "URL to the BackendService resource.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TargetTcpProxyList": {
+      "description": "Contains a list of TargetTcpProxy resources.",
+      "id": "TargetTcpProxyList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetTcpProxy resources.",
+          "items": {
+            "$ref": "TargetTcpProxy"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetTcpProxyList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetVpnGateway": {
+      "description": "Represents a Target VPN gateway resource. (== resource_for beta.targetVpnGateways ==) (== resource_for v1.targetVpnGateways ==)",
+      "id": "TargetVpnGateway",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "forwardingRules": {
+          "description": "[Output Only] A list of URLs to the ForwardingRule resources. ForwardingRules are created using compute.forwardingRules.insert and associated to a VPN gateway.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#targetVpnGateway",
+          "description": "[Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this TargetVpnGateway, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an TargetVpnGateway.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this TargetVpnGateway resource. These can be later modified by the setLabels method. Each label key/value must comply with RFC1035. Label values may be empty.",
+          "type": "object"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.targetVpnGateways.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "network": {
+          "annotations": {
+            "required": [
+              "compute.targetVpnGateways.insert"
+            ]
+          },
+          "description": "URL of the network to which this VPN gateway is attached. Provided by the client when the VPN gateway is created.",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the target VPN gateway resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the VPN gateway.",
+          "enum": [
+            "CREATING",
+            "DELETING",
+            "FAILED",
+            "READY"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "tunnels": {
+          "description": "[Output Only] A list of URLs to VpnTunnel resources. VpnTunnels are created using compute.vpntunnels.insert method and associated to a VPN gateway.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "TargetVpnGatewayAggregatedList": {
+      "id": "TargetVpnGatewayAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "TargetVpnGatewaysScopedList",
+            "description": "[Output Only] Name of the scope containing this set of target VPN gateways."
+          },
+          "description": "A list of TargetVpnGateway resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#targetVpnGatewayAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetVpnGatewayList": {
+      "description": "Contains a list of TargetVpnGateway resources.",
+      "id": "TargetVpnGatewayList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetVpnGateway resources.",
+          "items": {
+            "$ref": "TargetVpnGateway"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetVpnGatewayList",
+          "description": "[Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TargetVpnGatewaysScopedList": {
+      "id": "TargetVpnGatewaysScopedList",
+      "properties": {
+        "targetVpnGateways": {
+          "description": "[Output Only] List of target vpn gateways contained in this scope.",
+          "items": {
+            "$ref": "TargetVpnGateway"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of addresses when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "TestFailure": {
+      "id": "TestFailure",
+      "properties": {
+        "actualService": {
+          "type": "string"
+        },
+        "expectedService": {
+          "type": "string"
+        },
+        "host": {
+          "type": "string"
+        },
+        "path": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "TestPermissionsRequest": {
+      "id": "TestPermissionsRequest",
+      "properties": {
+        "permissions": {
+          "description": "The set of permissions to check for the 'resource'. Permissions with wildcards (such as '*' or 'storage.*') are not allowed.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "TestPermissionsResponse": {
+      "id": "TestPermissionsResponse",
+      "properties": {
+        "permissions": {
+          "description": "A subset of `TestPermissionsRequest.permissions` that the caller is allowed.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "UDPHealthCheck": {
+      "id": "UDPHealthCheck",
+      "properties": {
+        "port": {
+          "description": "The UDP port number for the health check request. Valid values are 1 through 65535.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "portName": {
+          "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.",
+          "type": "string"
+        },
+        "request": {
+          "description": "Raw data of request to send in payload of UDP packet. It is an error if this is empty. The request data can only be ASCII.",
+          "type": "string"
+        },
+        "response": {
+          "description": "The bytes to match against the beginning of the response data. It is an error if this is empty. The response data can only be ASCII.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "UrlMap": {
+      "description": "A UrlMap resource. This resource defines the mapping from URL to the BackendService resource, based on the \"longest-match\" of the URL's host and path.",
+      "id": "UrlMap",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "defaultService": {
+          "description": "The URL of the BackendService resource if none of the hostRules match.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "fingerprint": {
+          "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap.",
+          "format": "byte",
+          "type": "string"
+        },
+        "hostRules": {
+          "description": "The list of HostRules to use against the URL.",
+          "items": {
+            "$ref": "HostRule"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#urlMap",
+          "description": "[Output Only] Type of the resource. Always compute#urlMaps for url maps.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "pathMatchers": {
+          "description": "The list of named PathMatchers to use against the URL.",
+          "items": {
+            "$ref": "PathMatcher"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "tests": {
+          "description": "The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.",
+          "items": {
+            "$ref": "UrlMapTest"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "UrlMapList": {
+      "description": "Contains a list of UrlMap resources.",
+      "id": "UrlMapList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of UrlMap resources.",
+          "items": {
+            "$ref": "UrlMap"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#urlMapList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "UrlMapReference": {
+      "id": "UrlMapReference",
+      "properties": {
+        "urlMap": {
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "UrlMapTest": {
+      "description": "Message for the expected URL mappings.",
+      "id": "UrlMapTest",
+      "properties": {
+        "description": {
+          "description": "Description of this test case.",
+          "type": "string"
+        },
+        "host": {
+          "description": "Host portion of the URL.",
+          "type": "string"
+        },
+        "path": {
+          "description": "Path portion of the URL.",
+          "type": "string"
+        },
+        "service": {
+          "description": "Expected BackendService resource the given URL should be mapped to.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "UrlMapValidationResult": {
+      "description": "Message representing the validation result for a UrlMap.",
+      "id": "UrlMapValidationResult",
+      "properties": {
+        "loadErrors": {
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "loadSucceeded": {
+          "description": "Whether the given UrlMap can be successfully loaded. If false, 'loadErrors' indicates the reasons.",
+          "type": "boolean"
+        },
+        "testFailures": {
+          "items": {
+            "$ref": "TestFailure"
+          },
+          "type": "array"
+        },
+        "testPassed": {
+          "description": "If successfully loaded, this field indicates whether the test passed. If false, 'testFailures's indicate the reason of failure.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "UrlMapsValidateRequest": {
+      "id": "UrlMapsValidateRequest",
+      "properties": {
+        "resource": {
+          "$ref": "UrlMap",
+          "description": "Content of the UrlMap to be validated."
+        }
+      },
+      "type": "object"
+    },
+    "UrlMapsValidateResponse": {
+      "id": "UrlMapsValidateResponse",
+      "properties": {
+        "result": {
+          "$ref": "UrlMapValidationResult"
+        }
+      },
+      "type": "object"
+    },
+    "UsableSubnetwork": {
+      "description": "Subnetwork which the current user has compute.subnetworks.use permission on.",
+      "id": "UsableSubnetwork",
+      "properties": {
+        "ipCidrRange": {
+          "description": "The range of internal addresses that are owned by this subnetwork.",
+          "type": "string"
+        },
+        "network": {
+          "description": "Network URL.",
+          "type": "string"
+        },
+        "subnetwork": {
+          "description": "Subnetwork URL.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "UsableSubnetworksAggregatedList": {
+      "id": "UsableSubnetworksAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "[Output] A list of usable subnetwork URLs.",
+          "items": {
+            "$ref": "UsableSubnetwork"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#usableSubnetworksAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#usableSubnetworksAggregatedList for aggregated lists of usable subnetworks.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "UsageExportLocation": {
+      "description": "The location in Cloud Storage and naming method of the daily usage report. Contains bucket_name and report_name prefix.",
+      "id": "UsageExportLocation",
+      "properties": {
+        "bucketName": {
+          "description": "The name of an existing bucket in Cloud Storage where the usage report object is stored. The Google Service Account is granted write access to this bucket. This can either be the bucket name by itself, such as example-bucket, or the bucket name with gs:// or https://storage.googleapis.com/ in front of it, such as gs://example-bucket.",
+          "type": "string"
+        },
+        "reportNamePrefix": {
+          "description": "An optional prefix for the name of the usage report object stored in bucketName. If not supplied, defaults to usage. The report is stored as a CSV file named report_name_prefix_gce_YYYYMMDD.csv where YYYYMMDD is the day of the usage according to Pacific Time. If you supply a prefix, it should conform to Cloud Storage object naming conventions.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "VpnTunnel": {
+      "description": "VPN tunnel resource. (== resource_for beta.vpnTunnels ==) (== resource_for v1.vpnTunnels ==)",
+      "id": "VpnTunnel",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "detailedStatus": {
+          "description": "[Output Only] Detailed status message for the VPN tunnel.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "ikeVersion": {
+          "description": "IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "kind": {
+          "default": "compute#vpnTunnel",
+          "description": "[Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this VpnTunnel, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a VpnTunnel.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this VpnTunnel. These can be later modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.",
+          "type": "object"
+        },
+        "localTrafficSelector": {
+          "description": "Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example: 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.vpnTunnels.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "peerIp": {
+          "description": "IP address of the peer VPN gateway. Only IPv4 is supported.",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the VPN tunnel resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "remoteTrafficSelector": {
+          "description": "Remote traffic selectors to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example: 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "router": {
+          "description": "URL of router resource to be used for dynamic routing.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sharedSecret": {
+          "description": "Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway.",
+          "type": "string"
+        },
+        "sharedSecretHash": {
+          "description": "Hash of the shared secret.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the VPN tunnel.",
+          "enum": [
+            "ALLOCATING_RESOURCES",
+            "AUTHORIZATION_ERROR",
+            "DEPROVISIONING",
+            "ESTABLISHED",
+            "FAILED",
+            "FIRST_HANDSHAKE",
+            "NEGOTIATION_FAILURE",
+            "NETWORK_ERROR",
+            "NO_INCOMING_PACKETS",
+            "PROVISIONING",
+            "REJECTED",
+            "WAITING_FOR_FULL_CONFIG"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "targetVpnGateway": {
+          "description": "URL of the Target VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "VpnTunnelAggregatedList": {
+      "id": "VpnTunnelAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "VpnTunnelsScopedList",
+            "description": "Name of the scope containing this set of vpn tunnels."
+          },
+          "description": "A list of VpnTunnelsScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#vpnTunnelAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "VpnTunnelList": {
+      "description": "Contains a list of VpnTunnel resources.",
+      "id": "VpnTunnelList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of VpnTunnel resources.",
+          "items": {
+            "$ref": "VpnTunnel"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#vpnTunnelList",
+          "description": "[Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "VpnTunnelsScopedList": {
+      "id": "VpnTunnelsScopedList",
+      "properties": {
+        "vpnTunnels": {
+          "description": "List of vpn tunnels contained in this scope.",
+          "items": {
+            "$ref": "VpnTunnel"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of addresses when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "XpnHostList": {
+      "id": "XpnHostList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "[Output Only] A list of shared VPC host project URLs.",
+          "items": {
+            "$ref": "Project"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#xpnHostList",
+          "description": "[Output Only] Type of resource. Always compute#xpnHostList for lists of shared VPC hosts.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "XpnResourceId": {
+      "description": "Service resource (a.k.a service project) ID.",
+      "id": "XpnResourceId",
+      "properties": {
+        "id": {
+          "description": "The ID of the service resource. In the case of projects, this field matches the project ID (e.g., my-project), not the project number (e.g., 12345678).",
+          "type": "string"
+        },
+        "type": {
+          "description": "The type of the service resource.",
+          "enum": [
+            "PROJECT",
+            "XPN_RESOURCE_TYPE_UNSPECIFIED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Zone": {
+      "description": "A Zone resource. (== resource_for beta.zones ==) (== resource_for v1.zones ==)",
+      "id": "Zone",
+      "properties": {
+        "availableCpuPlatforms": {
+          "description": "[Output Only] Available cpu/platform selections for the zone.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "deprecated": {
+          "$ref": "DeprecationStatus",
+          "description": "[Output Only] The deprecation status associated with this zone."
+        },
+        "description": {
+          "description": "[Output Only] Textual description of the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#zone",
+          "description": "[Output Only] Type of the resource. Always compute#zone for zones.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] Full URL reference to the region which hosts the zone.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] Status of the zone, either UP or DOWN.",
+          "enum": [
+            "DOWN",
+            "UP"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ZoneList": {
+      "description": "Contains a list of zone resources.",
+      "id": "ZoneList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Zone resources.",
+          "items": {
+            "$ref": "Zone"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#zoneList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "ZoneSetLabelsRequest": {
+      "id": "ZoneSetLabelsRequest",
+      "properties": {
+        "labelFingerprint": {
+          "description": "The fingerprint of the previous set of labels for this resource, used to detect conflicts. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. Make a get() request to the resource to get the latest fingerprint.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "The labels to set for this resource.",
+          "type": "object"
+        }
+      },
+      "type": "object"
     }
-   }
   },
-  "zones": {
-   "methods": {
-    "get": {
-     "id": "compute.zones.get",
-     "path": "{project}/zones/{zone}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Zone resource. Get a list of available zones by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "Zone"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.zones.list",
-     "path": "{project}/zones",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of Zone resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "ZoneList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  }
- }
-}
+  "servicePath": "compute/beta/projects/",
+  "title": "Compute Engine API",
+  "version": "beta"
+}
\ No newline at end of file
diff --git a/vendor/google.golang.org/api/compute/v0.beta/compute-gen.go b/vendor/google.golang.org/api/compute/v0.beta/compute-gen.go
index ee8cc7254f07..1332bf10f075 100644
--- a/vendor/google.golang.org/api/compute/v0.beta/compute-gen.go
+++ b/vendor/google.golang.org/api/compute/v0.beta/compute-gen.go
@@ -102,6 +102,8 @@ func New(client *http.Client) (*Service, error) {
 	s.RegionAutoscalers = NewRegionAutoscalersService(s)
 	s.RegionBackendServices = NewRegionBackendServicesService(s)
 	s.RegionCommitments = NewRegionCommitmentsService(s)
+	s.RegionDiskTypes = NewRegionDiskTypesService(s)
+	s.RegionDisks = NewRegionDisksService(s)
 	s.RegionInstanceGroupManagers = NewRegionInstanceGroupManagersService(s)
 	s.RegionInstanceGroups = NewRegionInstanceGroupsService(s)
 	s.RegionOperations = NewRegionOperationsService(s)
@@ -194,6 +196,10 @@ type Service struct {
 
 	RegionCommitments *RegionCommitmentsService
 
+	RegionDiskTypes *RegionDiskTypesService
+
+	RegionDisks *RegionDisksService
+
 	RegionInstanceGroupManagers *RegionInstanceGroupManagersService
 
 	RegionInstanceGroups *RegionInstanceGroupsService
@@ -525,6 +531,24 @@ type RegionCommitmentsService struct {
 	s *Service
 }
 
+func NewRegionDiskTypesService(s *Service) *RegionDiskTypesService {
+	rs := &RegionDiskTypesService{s: s}
+	return rs
+}
+
+type RegionDiskTypesService struct {
+	s *Service
+}
+
+func NewRegionDisksService(s *Service) *RegionDisksService {
+	rs := &RegionDisksService{s: s}
+	return rs
+}
+
+type RegionDisksService struct {
+	s *Service
+}
+
 func NewRegionInstanceGroupManagersService(s *Service) *RegionInstanceGroupManagersService {
 	rs := &RegionInstanceGroupManagersService{s: s}
 	return rs
@@ -731,7 +755,8 @@ type AcceleratorConfig struct {
 	AcceleratorCount int64 `json:"acceleratorCount,omitempty"`
 
 	// AcceleratorType: Full or partial URL of the accelerator type resource
-	// to expose to this instance.
+	// to attach to this instance. If you are creating an instance template,
+	// specify only the accelerator name.
 	AcceleratorType string `json:"acceleratorType,omitempty"`
 
 	// ForceSendFields is a list of field names (e.g. "AcceleratorCount") to
@@ -793,7 +818,9 @@ type AcceleratorType struct {
 	SelfLink string `json:"selfLink,omitempty"`
 
 	// Zone: [Output Only] The name of the zone where the accelerator type
-	// resides, such as us-central1-a.
+	// resides, such as us-central1-a. You must specify this field as part
+	// of the HTTP request URL. It is not settable as a field in the request
+	// body.
 	Zone string `json:"zone,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -1290,6 +1317,22 @@ type AccessConfig struct {
 	// live in the same region as the zone of the instance.
 	NatIP string `json:"natIP,omitempty"`
 
+	// NetworkTier: This signifies the networking tier used for configuring
+	// this access configuration and can only take the following values:
+	// PREMIUM, STANDARD.
+	//
+	// If an AccessConfig is specified without a valid external IP address,
+	// an ephemeral IP will be created with this networkTier.
+	//
+	// If an AccessConfig with a valid external IP address is specified, it
+	// must match that of the networkTier associated with the Address
+	// resource owning that IP.
+	//
+	// Possible values:
+	//   "PREMIUM"
+	//   "STANDARD"
+	NetworkTier string `json:"networkTier,omitempty"`
+
 	// PublicPtrDomainName: The DNS domain name for the public PTR record.
 	// This field can only be set when the set_public_ptr field is enabled.
 	PublicPtrDomainName string `json:"publicPtrDomainName,omitempty"`
@@ -1390,14 +1433,27 @@ type Address struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
 	Name string `json:"name,omitempty"`
 
+	// NetworkTier: This signifies the networking tier used for configuring
+	// this Address and can only take the following values: PREMIUM ,
+	// STANDARD.
+	//
+	// If this field is not specified, it is assumed to be PREMIUM.
+	//
+	// Possible values:
+	//   "PREMIUM"
+	//   "STANDARD"
+	NetworkTier string `json:"networkTier,omitempty"`
+
 	// Region: [Output Only] URL of the region where the regional address
-	// resides. This field is not applicable to global addresses.
+	// resides. This field is not applicable to global addresses. You must
+	// specify this field as part of the HTTP request URL. You cannot set
+	// this field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// SelfLink: [Output Only] Server-defined URL for the resource.
@@ -1979,6 +2035,11 @@ type AttachedDisk struct {
 	// group.
 	DiskEncryptionKey *CustomerEncryptionKey `json:"diskEncryptionKey,omitempty"`
 
+	// GuestOsFeatures: A list of features to enable on the guest operating
+	// system. Applicable only for bootable images. Read  Enabling guest
+	// operating system features to see a list of available options.
+	GuestOsFeatures []*GuestOsFeature `json:"guestOsFeatures,omitempty"`
+
 	// Index: [Output Only] A zero-based index to this disk, where 0 is
 	// reserved for the boot disk. If you have many disks attached to an
 	// instance, each disk would have a unique index number.
@@ -2091,9 +2152,9 @@ type AttachedDiskInitializeParams struct {
 	// not specified, the default is pd-standard, specified using the full
 	// URL. For
 	// example:
+	// https://www.googleapis.com/compute/v1/projects/project/zones/
+	// zone/diskTypes/pd-standard
 	//
-	// https://www.googleapis.com/compute/v1/projects/project/zones
-	// /zone/diskTypes/pd-standard
 	//
 	// Other values include pd-ssd and local-ssd. If you define this field,
 	// you can provide either the full or partial URL. For example, the
@@ -2105,6 +2166,11 @@ type AttachedDiskInitializeParams struct {
 	// is the name of the disk type, not URL.
 	DiskType string `json:"diskType,omitempty"`
 
+	// Labels: Labels to apply to this disk. These can be later modified by
+	// the disks.setLabels method. This field is only applicable for
+	// persistent disks.
+	Labels map[string]string `json:"labels,omitempty"`
+
 	// SourceImage: The source image to create this disk. When creating a
 	// new instance, one of initializeParams.sourceImage or disks.source is
 	// required except for local SSD.
@@ -2113,26 +2179,29 @@ type AttachedDiskInitializeParams struct {
 	// specify the image by its family name. For example, specify
 	// family/debian-8 to use the latest Debian 8
 	// image:
-	//
 	// projects/debian-cloud/global/images/family/debian-8
 	//
-	// Alternatively, use a specific version of a public operating system
-	// image:
 	//
+	// Alternati
+	// vely, use a specific version of a public operating system
+	// image:
 	// projects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD
 	//
-	// To create a disk with a custom image that you created, specify the
-	// image name in the following format:
 	//
+	//
+	// To create a disk with a custom image that you created, specify the
+	// image name in the following
+	// format:
 	// global/images/my-custom-image
 	//
+	//
 	// You can also specify a custom image by its image family, which
 	// returns the latest version of the image in that family. Replace the
 	// image name with
 	// family/family-name:
-	//
 	// global/images/family/my-image-family
 	//
+	//
 	// If the source image is deleted later, this field will not be set.
 	SourceImage string `json:"sourceImage,omitempty"`
 
@@ -2176,7 +2245,7 @@ func (s *AttachedDiskInitializeParams) MarshalJSON() ([]byte, error) {
 // If there are AuditConfigs for both `allServices` and a specific
 // service, the union of the two AuditConfigs is used for that service:
 // the log_types specified in each AuditConfig are enabled, and the
-// exempted_members in each AuditConfig are exempted.
+// exempted_members in each AuditLogConfig are exempted.
 //
 // Example Policy with multiple AuditConfigs:
 //
@@ -2348,7 +2417,7 @@ type Autoscaler struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -3344,7 +3413,7 @@ type BackendBucket struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -3652,7 +3721,7 @@ type BackendService struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -3690,7 +3759,8 @@ type BackendService struct {
 
 	// Region: [Output Only] URL of the region where the regional backend
 	// service resides. This field is not applicable to global backend
-	// services.
+	// services. You must specify this field as part of the HTTP request
+	// URL. It is not settable as a field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// SecurityPolicy: [Output Only] The resource URL for the security
@@ -4316,7 +4386,8 @@ type Binding struct {
 	// Condition: The condition that is associated with this binding. NOTE:
 	// an unsatisfied condition will not allow user access via current
 	// binding. Different bindings, including their conditions, are examined
-	// independently. This field is GOOGLE_INTERNAL.
+	// independently. This field is only visible as GOOGLE_INTERNAL or
+	// CONDITION_TRUSTED_TESTER.
 	Condition *Expr `json:"condition,omitempty"`
 
 	// Members: Specifies the identities requesting access for a Cloud
@@ -4493,7 +4564,7 @@ type Commitment struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -5019,6 +5090,7 @@ type Condition struct {
 	//   "APPROVER"
 	//   "ATTRIBUTION"
 	//   "AUTHORITY"
+	//   "CREDENTIALS_TYPE"
 	//   "JUSTIFICATION_TYPE"
 	//   "NO_ATTR"
 	//   "SECURITY_REALM"
@@ -5280,6 +5352,11 @@ type Disk struct {
 	// you do not need to provide a key to use the disk later.
 	DiskEncryptionKey *CustomerEncryptionKey `json:"diskEncryptionKey,omitempty"`
 
+	// GuestOsFeatures: A list of features to enable on the guest operating
+	// system. Applicable only for bootable images. Read  Enabling guest
+	// operating system features to see a list of available options.
+	GuestOsFeatures []*GuestOsFeature `json:"guestOsFeatures,omitempty"`
+
 	// Id: [Output Only] The unique identifier for the resource. This
 	// identifier is defined by the server.
 	Id uint64 `json:"id,omitempty,string"`
@@ -5321,7 +5398,7 @@ type Disk struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -5330,6 +5407,16 @@ type Disk struct {
 	// Options: Internal use only.
 	Options string `json:"options,omitempty"`
 
+	// Region: [Output Only] URL of the region where the disk resides. Only
+	// applicable for regional resources. You must specify this field as
+	// part of the HTTP request URL. It is not settable as a field in the
+	// request body.
+	Region string `json:"region,omitempty"`
+
+	// ReplicaZones: URLs of the zones where the disk should be replicated
+	// to. Only applicable for regional resources.
+	ReplicaZones []string `json:"replicaZones,omitempty"`
+
 	// SelfLink: [Output Only] Server-defined fully-qualified URL for this
 	// resource.
 	SelfLink string `json:"selfLink,omitempty"`
@@ -5352,24 +5439,26 @@ type Disk struct {
 	// specify the image by its family name. For example, specify
 	// family/debian-8 to use the latest Debian 8
 	// image:
-	//
 	// projects/debian-cloud/global/images/family/debian-8
 	//
-	// Alternatively, use a specific version of a public operating system
-	// image:
 	//
+	// Alternati
+	// vely, use a specific version of a public operating system
+	// image:
 	// projects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD
 	//
-	// To create a disk with a custom image that you created, specify the
-	// image name in the following format:
 	//
+	//
+	// To create a disk with a custom image that you created, specify the
+	// image name in the following
+	// format:
 	// global/images/my-custom-image
 	//
+	//
 	// You can also specify a custom image by its image family, which
 	// returns the latest version of the image in that family. Replace the
 	// image name with
 	// family/family-name:
-	//
 	// global/images/family/my-image-family
 	SourceImage string `json:"sourceImage,omitempty"`
 
@@ -5425,14 +5514,17 @@ type Disk struct {
 	StorageType string `json:"storageType,omitempty"`
 
 	// Type: URL of the disk type resource describing which disk type to use
-	// to create the disk. Provide this when creating the disk.
+	// to create the disk. Provide this when creating the disk. For example:
+	// project/zones/zone/diskTypes/pd-standard or pd-ssd
 	Type string `json:"type,omitempty"`
 
 	// Users: [Output Only] Links to the users of the disk (attached
 	// instances) in form: project/zones/zone/instances/instance
 	Users []string `json:"users,omitempty"`
 
-	// Zone: [Output Only] URL of the zone where the disk resides.
+	// Zone: [Output Only] URL of the zone where the disk resides. You must
+	// specify this field as part of the HTTP request URL. It is not
+	// settable as a field in the request body.
 	Zone string `json:"zone,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -5627,27 +5719,39 @@ type DiskInstantiationConfig struct {
 	// instance).
 	AutoDelete bool `json:"autoDelete,omitempty"`
 
+	// CustomImage: The custom source image to be used to restore this disk
+	// when instantiating this instance template.
+	CustomImage string `json:"customImage,omitempty"`
+
 	// DeviceName: Specifies the device name of the disk to which the
 	// configurations apply to.
 	DeviceName string `json:"deviceName,omitempty"`
 
 	// InstantiateFrom: Specifies whether to include the disk and what image
-	// to use.
+	// to use. Possible values are:
+	// - source-image: to use the same image that was used to create the
+	// source instance's corresponding disk. Applicable to the boot disk and
+	// additional read-write disks.
+	// - source-image-family: to use the same image family that was used to
+	// create the source instance's corresponding disk. Applicable to the
+	// boot disk and additional read-write disks.
+	// - custom-image: to use a user-provided image url for disk creation.
+	// Applicable to the boot disk and additional read-write disks.
+	// - attach-read-only: to attach a read-only disk. Applicable to
+	// read-only disks.
+	// - do-not-include: to exclude a disk from the template. Applicable to
+	// additional read-write disks, local SSDs, and read-only disks.
 	//
 	// Possible values:
 	//   "ATTACH_READ_ONLY"
 	//   "BLANK"
+	//   "CUSTOM_IMAGE"
 	//   "DEFAULT"
 	//   "DO_NOT_INCLUDE"
-	//   "IMAGE_URL"
 	//   "SOURCE_IMAGE"
 	//   "SOURCE_IMAGE_FAMILY"
 	InstantiateFrom string `json:"instantiateFrom,omitempty"`
 
-	// SourceImage: The custom source image to be used to restore this disk
-	// when instantiating this instance template.
-	SourceImage string `json:"sourceImage,omitempty"`
-
 	// ForceSendFields is a list of field names (e.g. "AutoDelete") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
@@ -5905,7 +6009,9 @@ type DiskType struct {
 	// valid disk size, such as "10GB-10TB".
 	ValidDiskSize string `json:"validDiskSize,omitempty"`
 
-	// Zone: [Output Only] URL of the zone where the disk type resides.
+	// Zone: [Output Only] URL of the zone where the disk type resides. You
+	// must specify this field as part of the HTTP request URL. It is not
+	// settable as a field in the request body.
 	Zone string `json:"zone,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -6657,7 +6763,7 @@ type Firewall struct {
 	CreationTimestamp string `json:"creationTimestamp,omitempty"`
 
 	// Denied: The list of DENY rules specified by this firewall. Each rule
-	// specifies a protocol and port-range tuple that describes a permitted
+	// specifies a protocol and port-range tuple that describes a denied
 	// connection.
 	Denied []*FirewallDenied `json:"denied,omitempty"`
 
@@ -6692,7 +6798,7 @@ type Firewall struct {
 	// Name: Name of the resource; provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -7201,7 +7307,7 @@ type ForwardingRule struct {
 	// Name: Name of the resource; provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -7214,6 +7320,22 @@ type ForwardingRule struct {
 	// this field is not specified, the default network will be used.
 	Network string `json:"network,omitempty"`
 
+	// NetworkTier: This signifies the networking tier used for configuring
+	// this load balancer and can only take the following values: PREMIUM ,
+	// STANDARD.
+	//
+	// For regional ForwardingRule, the valid values are PREMIUM and
+	// STANDARD. For GlobalForwardingRule, the valid value is PREMIUM.
+	//
+	// If this field is not specified, it is assumed to be PREMIUM. If
+	// IPAddress is specified, this value must be equal to the networkTier
+	// of the Address.
+	//
+	// Possible values:
+	//   "PREMIUM"
+	//   "STANDARD"
+	NetworkTier string `json:"networkTier,omitempty"`
+
 	// PortRange: This field is used along with the target field for
 	// TargetHttpProxy, TargetHttpsProxy, TargetSslProxy, TargetTcpProxy,
 	// TargetVpnGateway, TargetPool, TargetInstance.
@@ -7228,11 +7350,10 @@ type ForwardingRule struct {
 	// - TargetHttpProxy: 80, 8080
 	// - TargetHttpsProxy: 443
 	// - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993,
-	// 995, 1883, 5222
+	// 995, 1688, 1883, 5222
 	// - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993,
-	// 995, 1883, 5222
+	// 995, 1688, 1883, 5222
 	// - TargetVpnGateway: 500, 4500
-	// -
 	PortRange string `json:"portRange,omitempty"`
 
 	// Ports: This field is used along with the backend_service field for
@@ -7248,7 +7369,8 @@ type ForwardingRule struct {
 
 	// Region: [Output Only] URL of the region where the regional forwarding
 	// rule resides. This field is not applicable to global forwarding
-	// rules.
+	// rules. You must specify this field as part of the HTTP request URL.
+	// It is not settable as a field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// SelfLink: [Output Only] Server-defined URL for the resource.
@@ -7260,7 +7382,7 @@ type ForwardingRule struct {
 	//
 	// The label must be 1-63 characters long, and comply with RFC1035.
 	// Specifically, the label must be 1-63 characters long and match the
-	// regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first
+	// regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first
 	// character must be a lowercase letter, and all following characters
 	// must be a dash, lowercase letter, or digit, except the last
 	// character, which cannot be a dash.
@@ -7290,8 +7412,6 @@ type ForwardingRule struct {
 	// same region as the forwarding rule. For global forwarding rules, this
 	// target must be a global load balancing resource. The forwarded
 	// traffic must be of a type appropriate to the target object.
-	//
-	// This field is not used for internal load balancing.
 	Target string `json:"target,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -7777,8 +7897,8 @@ type GlobalSetLabelsRequest struct {
 	// Labels: A list of labels to apply for this resource. Each label key &
 	// value must comply with RFC1035. Specifically, the name must be 1-63
 	// characters long and match the regular expression
-	// [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a
-	// lowercase letter, and all following characters must be a dash,
+	// `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be
+	// a lowercase letter, and all following characters must be a dash,
 	// lowercase letter, or digit, except the last character, which cannot
 	// be a dash. For example, "webserver-frontend": "images". A label value
 	// can also be empty (e.g. "my-label": "").
@@ -7989,7 +8109,7 @@ type HealthCheck struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -8358,7 +8478,7 @@ type HttpHealthCheck struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -8603,7 +8723,7 @@ type HttpsHealthCheck struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -8895,7 +9015,7 @@ type Image struct {
 	// Name: Name of the resource; provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -8945,6 +9065,26 @@ type Image struct {
 	// taken from the current or a previous instance of a given image name.
 	SourceImageId string `json:"sourceImageId,omitempty"`
 
+	// SourceSnapshot: URL of the source snapshot used to create this image.
+	// This can be a full or valid partial URL. You must provide exactly one
+	// of:
+	// - this property, or
+	// - the sourceImage property, or
+	// - the rawDisk.source property, or
+	// - the sourceDisk property   in order to create an image.
+	SourceSnapshot string `json:"sourceSnapshot,omitempty"`
+
+	// SourceSnapshotEncryptionKey: The customer-supplied encryption key of
+	// the source snapshot. Required if the source snapshot is protected by
+	// a customer-supplied encryption key.
+	SourceSnapshotEncryptionKey *CustomerEncryptionKey `json:"sourceSnapshotEncryptionKey,omitempty"`
+
+	// SourceSnapshotId: [Output Only] The ID value of the snapshot used to
+	// create this image. This value may be used to determine whether the
+	// snapshot was taken from the current or a previous instance of a given
+	// snapshot name.
+	SourceSnapshotId string `json:"sourceSnapshotId,omitempty"`
+
 	// SourceType: The type of the image used to create this disk. The
 	// default and only value is RAW
 	//
@@ -9248,18 +9388,18 @@ type Instance struct {
 	// when the instance is created. For example, the following is a valid
 	// partial url to a predefined machine
 	// type:
-	//
 	// zones/us-central1-f/machineTypes/n1-standard-1
 	//
+	//
 	// To create a custom machine type, provide a URL to a machine type in
 	// the following format, where CPUS is 1 or an even number up to 32 (2,
 	// 4, 6, ... 24, etc), and MEMORY is the total memory for this instance.
 	// Memory must be a multiple of 256 MB and must be supplied in MB (e.g.
 	// 5 GB of memory is 5120
 	// MB):
-	//
 	// zones/zone/machineTypes/custom-CPUS-MEMORY
 	//
+	//
 	// For example: zones/us-central1-f/machineTypes/custom-4-5120
 	//
 	// For a full list of restrictions, read the Specifications for custom
@@ -9280,8 +9420,8 @@ type Instance struct {
 	// creating the resource. The resource name must be 1-63 characters
 	// long, and comply with RFC1035. Specifically, the name must be 1-63
 	// characters long and match the regular expression
-	// [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a
-	// lowercase letter, and all following characters must be a dash,
+	// `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be
+	// a lowercase letter, and all following characters must be a dash,
 	// lowercase letter, or digit, except the last character, which cannot
 	// be a dash.
 	Name string `json:"name,omitempty"`
@@ -9337,7 +9477,9 @@ type Instance struct {
 	// comply with RFC1035.
 	Tags *Tags `json:"tags,omitempty"`
 
-	// Zone: [Output Only] URL of the zone where the instance resides.
+	// Zone: [Output Only] URL of the zone where the instance resides. You
+	// must specify this field as part of the HTTP request URL. It is not
+	// settable as a field in the request body.
 	Zone string `json:"zone,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -10126,9 +10268,9 @@ type InstanceGroupManagerActionsSummary struct {
 	Restarting int64 `json:"restarting,omitempty"`
 
 	// Verifying: [Output Only] The number of instances in the managed
-	// instance group that are being verified. More details regarding
-	// verification process are covered in the documentation of
-	// ManagedInstance.InstanceAction.VERIFYING enum field.
+	// instance group that are being verified. See the
+	// managedInstances[].currentAction property in the listManagedInstances
+	// method documentation.
 	Verifying int64 `json:"verifying,omitempty"`
 
 	// ForceSendFields is a list of field names (e.g. "Abandoning") to
@@ -11984,7 +12126,7 @@ type InstanceTemplate struct {
 	// Name: Name of the resource; provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -12616,6 +12758,22 @@ type Interconnect struct {
 	// for interconnects.
 	Kind string `json:"kind,omitempty"`
 
+	// LabelFingerprint: A fingerprint for the labels being applied to this
+	// Interconnect, which is essentially a hash of the labels set used for
+	// optimistic locking. The fingerprint is initially generated by Compute
+	// Engine and changes after every request to modify or update labels.
+	// You must always provide an up-to-date fingerprint hash in order to
+	// update or change labels.
+	//
+	// To see the latest fingerprint, make a get() request to retrieve an
+	// Interconnect.
+	LabelFingerprint string `json:"labelFingerprint,omitempty"`
+
+	// Labels: Labels to apply to this Interconnect resource. These can be
+	// later modified by the setLabels method. Each label key/value must
+	// comply with RFC1035. Label values may be empty.
+	Labels map[string]string `json:"labels,omitempty"`
+
 	// LinkType: Type of link requested. This field indicates speed of each
 	// of the links in the bundle, not the entire bundle. Only 10G per link
 	// is allowed for a dedicated interconnect. Options: Ethernet_10G_LR
@@ -12631,7 +12789,7 @@ type Interconnect struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -12701,6 +12859,20 @@ func (s *Interconnect) MarshalJSON() ([]byte, error) {
 // Attachments. (== resource_for beta.interconnectAttachments ==) (==
 // resource_for v1.interconnectAttachments ==)
 type InterconnectAttachment struct {
+	// AdminEnabled: Determines whether this Attachment will carry packets.
+	// Not present for PARTNER_PROVIDER.
+	AdminEnabled bool `json:"adminEnabled,omitempty"`
+
+	// CandidateSubnets: Up to 16 candidate prefixes that can be used to
+	// restrict the allocation of cloudRouterIpAddress and
+	// customerRouterIpAddress for this attachment. All prefixes must be
+	// within link-local address space (169.254.0.0/16) and must be /29 or
+	// shorter (/28, /27, etc). Google will attempt to select an unused /29
+	// from the supplied candidate prefix(es). The request will fail if all
+	// possible /29s are in use on Google?s edge. If not supplied, Google
+	// will randomly select an unused /29 from all of link-local space.
+	CandidateSubnets []string `json:"candidateSubnets,omitempty"`
+
 	// CloudRouterIpAddress: [Output Only] IPv4 address + prefix length to
 	// be configured on Cloud Router Interface for this interconnect
 	// attachment.
@@ -12735,10 +12907,26 @@ type InterconnectAttachment struct {
 	// compute#interconnectAttachment for interconnect attachments.
 	Kind string `json:"kind,omitempty"`
 
+	// LabelFingerprint: A fingerprint for the labels being applied to this
+	// InterconnectAttachment, which is essentially a hash of the labels set
+	// used for optimistic locking. The fingerprint is initially generated
+	// by Compute Engine and changes after every request to modify or update
+	// labels. You must always provide an up-to-date fingerprint hash in
+	// order to update or change labels.
+	//
+	// To see the latest fingerprint, make a get() request to retrieve an
+	// InterconnectAttachment.
+	LabelFingerprint string `json:"labelFingerprint,omitempty"`
+
+	// Labels: Labels to apply to this InterconnectAttachment resource.
+	// These can be later modified by the setLabels method. Each label
+	// key/value must comply with RFC1035. Label values may be empty.
+	Labels map[string]string `json:"labels,omitempty"`
+
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -12758,7 +12946,9 @@ type InterconnectAttachment struct {
 	PrivateInterconnectInfo *InterconnectAttachmentPrivateInfo `json:"privateInterconnectInfo,omitempty"`
 
 	// Region: [Output Only] URL of the region where the regional
-	// interconnect attachment resides.
+	// interconnect attachment resides. You must specify this field as part
+	// of the HTTP request URL. It is not settable as a field in the request
+	// body.
 	Region string `json:"region,omitempty"`
 
 	// Router: URL of the cloud router to be used for dynamic routing. This
@@ -12770,169 +12960,21 @@ type InterconnectAttachment struct {
 	// SelfLink: [Output Only] Server-defined URL for the resource.
 	SelfLink string `json:"selfLink,omitempty"`
 
-	// ServerResponse contains the HTTP response code and headers from the
-	// server.
-	googleapi.ServerResponse `json:"-"`
-
-	// ForceSendFields is a list of field names (e.g.
-	// "CloudRouterIpAddress") to unconditionally include in API requests.
-	// By default, fields with empty values are omitted from API requests.
-	// However, any non-pointer, non-interface field appearing in
-	// ForceSendFields will be sent to the server regardless of whether the
-	// field is empty or not. This may be used to include empty fields in
-	// Patch requests.
-	ForceSendFields []string `json:"-"`
-
-	// NullFields is a list of field names (e.g. "CloudRouterIpAddress") to
-	// include in API requests with the JSON null value. By default, fields
-	// with empty values are omitted from API requests. However, any field
-	// with an empty value appearing in NullFields will be sent to the
-	// server as null. It is an error if a field in this list has a
-	// non-empty value. This may be used to include null fields in Patch
-	// requests.
-	NullFields []string `json:"-"`
-}
-
-func (s *InterconnectAttachment) MarshalJSON() ([]byte, error) {
-	type NoMethod InterconnectAttachment
-	raw := NoMethod(*s)
-	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
-}
-
-type InterconnectAttachmentAggregatedList struct {
-	// Id: [Output Only] Unique identifier for the resource; defined by the
-	// server.
-	Id string `json:"id,omitempty"`
-
-	// Items: A list of InterconnectAttachmentsScopedList resources.
-	Items map[string]InterconnectAttachmentsScopedList `json:"items,omitempty"`
-
-	// Kind: [Output Only] Type of resource. Always
-	// compute#interconnectAttachmentAggregatedList for aggregated lists of
-	// interconnect attachments.
-	Kind string `json:"kind,omitempty"`
-
-	// NextPageToken: [Output Only] This token allows you to get the next
-	// page of results for list requests. If the number of results is larger
-	// than maxResults, use the nextPageToken as a value for the query
-	// parameter pageToken in the next list request. Subsequent list
-	// requests will have their own nextPageToken to continue paging through
-	// the results.
-	NextPageToken string `json:"nextPageToken,omitempty"`
-
-	// SelfLink: [Output Only] Server-defined URL for this resource.
-	SelfLink string `json:"selfLink,omitempty"`
+	// Possible values:
+	//   "DEDICATED"
+	Type string `json:"type,omitempty"`
 
-	// Warning: [Output Only] Informational warning message.
-	Warning *InterconnectAttachmentAggregatedListWarning `json:"warning,omitempty"`
+	// VlanTag8021q: Available only for DEDICATED and PARTNER_PROVIDER.
+	// Desired VLAN tag for this attachment, in the range 2-4094. This field
+	// refers to 802.1q VLAN tag, also known as IEEE 802.1Q Only specified
+	// at creation time.
+	VlanTag8021q int64 `json:"vlanTag8021q,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
 	googleapi.ServerResponse `json:"-"`
 
-	// ForceSendFields is a list of field names (e.g. "Id") to
-	// unconditionally include in API requests. By default, fields with
-	// empty values are omitted from API requests. However, any non-pointer,
-	// non-interface field appearing in ForceSendFields will be sent to the
-	// server regardless of whether the field is empty or not. This may be
-	// used to include empty fields in Patch requests.
-	ForceSendFields []string `json:"-"`
-
-	// NullFields is a list of field names (e.g. "Id") to include in API
-	// requests with the JSON null value. By default, fields with empty
-	// values are omitted from API requests. However, any field with an
-	// empty value appearing in NullFields will be sent to the server as
-	// null. It is an error if a field in this list has a non-empty value.
-	// This may be used to include null fields in Patch requests.
-	NullFields []string `json:"-"`
-}
-
-func (s *InterconnectAttachmentAggregatedList) MarshalJSON() ([]byte, error) {
-	type NoMethod InterconnectAttachmentAggregatedList
-	raw := NoMethod(*s)
-	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
-}
-
-// InterconnectAttachmentAggregatedListWarning: [Output Only]
-// Informational warning message.
-type InterconnectAttachmentAggregatedListWarning struct {
-	// Code: [Output Only] A warning code, if applicable. For example,
-	// Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in
-	// the response.
-	//
-	// Possible values:
-	//   "CLEANUP_FAILED"
-	//   "DEPRECATED_RESOURCE_USED"
-	//   "DEPRECATED_TYPE_USED"
-	//   "DISK_SIZE_LARGER_THAN_IMAGE_SIZE"
-	//   "EXPERIMENTAL_TYPE_USED"
-	//   "EXTERNAL_API_WARNING"
-	//   "FIELD_VALUE_OVERRIDEN"
-	//   "INJECTED_KERNELS_DEPRECATED"
-	//   "MISSING_TYPE_DEPENDENCY"
-	//   "NEXT_HOP_ADDRESS_NOT_ASSIGNED"
-	//   "NEXT_HOP_CANNOT_IP_FORWARD"
-	//   "NEXT_HOP_INSTANCE_NOT_FOUND"
-	//   "NEXT_HOP_INSTANCE_NOT_ON_NETWORK"
-	//   "NEXT_HOP_NOT_RUNNING"
-	//   "NOT_CRITICAL_ERROR"
-	//   "NO_RESULTS_ON_PAGE"
-	//   "REQUIRED_TOS_AGREEMENT"
-	//   "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING"
-	//   "RESOURCE_NOT_DELETED"
-	//   "SCHEMA_VALIDATION_IGNORED"
-	//   "SINGLE_INSTANCE_PROPERTY_TEMPLATE"
-	//   "UNDECLARED_PROPERTIES"
-	//   "UNREACHABLE"
-	Code string `json:"code,omitempty"`
-
-	// Data: [Output Only] Metadata about this warning in key: value format.
-	// For example:
-	// "data": [ { "key": "scope", "value": "zones/us-east1-d" }
-	Data []*InterconnectAttachmentAggregatedListWarningData `json:"data,omitempty"`
-
-	// Message: [Output Only] A human-readable description of the warning
-	// code.
-	Message string `json:"message,omitempty"`
-
-	// ForceSendFields is a list of field names (e.g. "Code") to
-	// unconditionally include in API requests. By default, fields with
-	// empty values are omitted from API requests. However, any non-pointer,
-	// non-interface field appearing in ForceSendFields will be sent to the
-	// server regardless of whether the field is empty or not. This may be
-	// used to include empty fields in Patch requests.
-	ForceSendFields []string `json:"-"`
-
-	// NullFields is a list of field names (e.g. "Code") to include in API
-	// requests with the JSON null value. By default, fields with empty
-	// values are omitted from API requests. However, any field with an
-	// empty value appearing in NullFields will be sent to the server as
-	// null. It is an error if a field in this list has a non-empty value.
-	// This may be used to include null fields in Patch requests.
-	NullFields []string `json:"-"`
-}
-
-func (s *InterconnectAttachmentAggregatedListWarning) MarshalJSON() ([]byte, error) {
-	type NoMethod InterconnectAttachmentAggregatedListWarning
-	raw := NoMethod(*s)
-	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
-}
-
-type InterconnectAttachmentAggregatedListWarningData struct {
-	// Key: [Output Only] A key that provides more detail on the warning
-	// being returned. For example, for warnings where there are no results
-	// in a list request for a particular zone, this key might be scope and
-	// the key value might be the zone name. Other examples might be a key
-	// indicating a deprecated resource and a suggested replacement, or a
-	// warning about invalid network settings (for example, if an instance
-	// attempts to perform IP forwarding but is not enabled for IP
-	// forwarding).
-	Key string `json:"key,omitempty"`
-
-	// Value: [Output Only] A warning data value corresponding to the key.
-	Value string `json:"value,omitempty"`
-
-	// ForceSendFields is a list of field names (e.g. "Key") to
+	// ForceSendFields is a list of field names (e.g. "AdminEnabled") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
@@ -12940,34 +12982,32 @@ type InterconnectAttachmentAggregatedListWarningData struct {
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`
 
-	// NullFields is a list of field names (e.g. "Key") to include in API
-	// requests with the JSON null value. By default, fields with empty
-	// values are omitted from API requests. However, any field with an
-	// empty value appearing in NullFields will be sent to the server as
+	// NullFields is a list of field names (e.g. "AdminEnabled") to include
+	// in API requests with the JSON null value. By default, fields with
+	// empty values are omitted from API requests. However, any field with
+	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }
 
-func (s *InterconnectAttachmentAggregatedListWarningData) MarshalJSON() ([]byte, error) {
-	type NoMethod InterconnectAttachmentAggregatedListWarningData
+func (s *InterconnectAttachment) MarshalJSON() ([]byte, error) {
+	type NoMethod InterconnectAttachment
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
-// InterconnectAttachmentList: Response to the list request, and
-// contains a list of interconnect attachments.
-type InterconnectAttachmentList struct {
+type InterconnectAttachmentAggregatedList struct {
 	// Id: [Output Only] Unique identifier for the resource; defined by the
 	// server.
 	Id string `json:"id,omitempty"`
 
-	// Items: A list of InterconnectAttachment resources.
-	Items []*InterconnectAttachment `json:"items,omitempty"`
+	// Items: A list of InterconnectAttachmentsScopedList resources.
+	Items map[string]InterconnectAttachmentsScopedList `json:"items,omitempty"`
 
 	// Kind: [Output Only] Type of resource. Always
-	// compute#interconnectAttachmentList for lists of interconnect
-	// attachments.
+	// compute#interconnectAttachmentAggregatedList for aggregated lists of
+	// interconnect attachments.
 	Kind string `json:"kind,omitempty"`
 
 	// NextPageToken: [Output Only] This token allows you to get the next
@@ -12982,7 +13022,165 @@ type InterconnectAttachmentList struct {
 	SelfLink string `json:"selfLink,omitempty"`
 
 	// Warning: [Output Only] Informational warning message.
-	Warning *InterconnectAttachmentListWarning `json:"warning,omitempty"`
+	Warning *InterconnectAttachmentAggregatedListWarning `json:"warning,omitempty"`
+
+	// ServerResponse contains the HTTP response code and headers from the
+	// server.
+	googleapi.ServerResponse `json:"-"`
+
+	// ForceSendFields is a list of field names (e.g. "Id") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Id") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *InterconnectAttachmentAggregatedList) MarshalJSON() ([]byte, error) {
+	type NoMethod InterconnectAttachmentAggregatedList
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// InterconnectAttachmentAggregatedListWarning: [Output Only]
+// Informational warning message.
+type InterconnectAttachmentAggregatedListWarning struct {
+	// Code: [Output Only] A warning code, if applicable. For example,
+	// Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in
+	// the response.
+	//
+	// Possible values:
+	//   "CLEANUP_FAILED"
+	//   "DEPRECATED_RESOURCE_USED"
+	//   "DEPRECATED_TYPE_USED"
+	//   "DISK_SIZE_LARGER_THAN_IMAGE_SIZE"
+	//   "EXPERIMENTAL_TYPE_USED"
+	//   "EXTERNAL_API_WARNING"
+	//   "FIELD_VALUE_OVERRIDEN"
+	//   "INJECTED_KERNELS_DEPRECATED"
+	//   "MISSING_TYPE_DEPENDENCY"
+	//   "NEXT_HOP_ADDRESS_NOT_ASSIGNED"
+	//   "NEXT_HOP_CANNOT_IP_FORWARD"
+	//   "NEXT_HOP_INSTANCE_NOT_FOUND"
+	//   "NEXT_HOP_INSTANCE_NOT_ON_NETWORK"
+	//   "NEXT_HOP_NOT_RUNNING"
+	//   "NOT_CRITICAL_ERROR"
+	//   "NO_RESULTS_ON_PAGE"
+	//   "REQUIRED_TOS_AGREEMENT"
+	//   "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING"
+	//   "RESOURCE_NOT_DELETED"
+	//   "SCHEMA_VALIDATION_IGNORED"
+	//   "SINGLE_INSTANCE_PROPERTY_TEMPLATE"
+	//   "UNDECLARED_PROPERTIES"
+	//   "UNREACHABLE"
+	Code string `json:"code,omitempty"`
+
+	// Data: [Output Only] Metadata about this warning in key: value format.
+	// For example:
+	// "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+	Data []*InterconnectAttachmentAggregatedListWarningData `json:"data,omitempty"`
+
+	// Message: [Output Only] A human-readable description of the warning
+	// code.
+	Message string `json:"message,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "Code") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Code") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *InterconnectAttachmentAggregatedListWarning) MarshalJSON() ([]byte, error) {
+	type NoMethod InterconnectAttachmentAggregatedListWarning
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+type InterconnectAttachmentAggregatedListWarningData struct {
+	// Key: [Output Only] A key that provides more detail on the warning
+	// being returned. For example, for warnings where there are no results
+	// in a list request for a particular zone, this key might be scope and
+	// the key value might be the zone name. Other examples might be a key
+	// indicating a deprecated resource and a suggested replacement, or a
+	// warning about invalid network settings (for example, if an instance
+	// attempts to perform IP forwarding but is not enabled for IP
+	// forwarding).
+	Key string `json:"key,omitempty"`
+
+	// Value: [Output Only] A warning data value corresponding to the key.
+	Value string `json:"value,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "Key") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Key") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *InterconnectAttachmentAggregatedListWarningData) MarshalJSON() ([]byte, error) {
+	type NoMethod InterconnectAttachmentAggregatedListWarningData
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// InterconnectAttachmentList: Response to the list request, and
+// contains a list of interconnect attachments.
+type InterconnectAttachmentList struct {
+	// Id: [Output Only] Unique identifier for the resource; defined by the
+	// server.
+	Id string `json:"id,omitempty"`
+
+	// Items: A list of InterconnectAttachment resources.
+	Items []*InterconnectAttachment `json:"items,omitempty"`
+
+	// Kind: [Output Only] Type of resource. Always
+	// compute#interconnectAttachmentList for lists of interconnect
+	// attachments.
+	Kind string `json:"kind,omitempty"`
+
+	// NextPageToken: [Output Only] This token allows you to get the next
+	// page of results for list requests. If the number of results is larger
+	// than maxResults, use the nextPageToken as a value for the query
+	// parameter pageToken in the next list request. Subsequent list
+	// requests will have their own nextPageToken to continue paging through
+	// the results.
+	NextPageToken string `json:"nextPageToken,omitempty"`
+
+	// SelfLink: [Output Only] Server-defined URL for this resource.
+	SelfLink string `json:"selfLink,omitempty"`
+
+	// Warning: [Output Only] Informational warning message.
+	Warning *InterconnectAttachmentListWarning `json:"warning,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
@@ -14887,6 +15085,7 @@ func (s *MachineTypesScopedListWarningData) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
+// ManagedInstance: Next available tag: 12
 type ManagedInstance struct {
 	// CurrentAction: [Output Only] The current action that the managed
 	// instance group has scheduled for the instance. Possible values:
@@ -14912,6 +15111,8 @@ type ManagedInstance struct {
 	// changes to the instance without stopping it. For example, the group
 	// can update the target pool list for an instance without stopping that
 	// instance.
+	// - VERIFYING The managed instance group has created the instance and
+	// it is in the process of being verified.
 	//
 	// Possible values:
 	//   "ABANDONING"
@@ -15254,7 +15455,7 @@ type Network struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -15558,8 +15759,8 @@ type NetworkPeering struct {
 	// Name: Name of this peering. Provided by the client when the peering
 	// is created. The name must comply with RFC1035. Specifically, the name
 	// must be 1-63 characters long and match regular expression
-	// [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a
-	// lowercase letter, and all the following characters must be a dash,
+	// `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be
+	// a lowercase letter, and all the following characters must be a dash,
 	// lowercase letter, or digit, except the last character, which cannot
 	// be a dash.
 	Name string `json:"name,omitempty"`
@@ -15769,7 +15970,9 @@ type Operation struct {
 	Progress int64 `json:"progress,omitempty"`
 
 	// Region: [Output Only] The URL of the region where the operation
-	// resides. Only available when performing regional operations.
+	// resides. Only available when performing regional operations. You must
+	// specify this field as part of the HTTP request URL. It is not
+	// settable as a field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// SelfLink: [Output Only] Server-defined URL for the resource.
@@ -15810,7 +16013,9 @@ type Operation struct {
 	Warnings []*OperationWarnings `json:"warnings,omitempty"`
 
 	// Zone: [Output Only] The URL of the zone where the operation resides.
-	// Only available when performing per-zone operations.
+	// Only available when performing per-zone operations. You must specify
+	// this field as part of the HTTP request URL. It is not settable as a
+	// field in the request body.
 	Zone string `json:"zone,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -16554,7 +16759,7 @@ func (s *PathRule) MarshalJSON() ([]byte, error) {
 // }
 //
 // For a description of IAM and its features, see the [IAM developer's
-// guide](https://cloud.google.com/iam).
+// guide](https://cloud.google.com/iam/docs).
 type Policy struct {
 	// AuditConfigs: Specifies cloud audit logging configuration for this
 	// policy.
@@ -16589,7 +16794,7 @@ type Policy struct {
 	// denied.
 	Rules []*Rule `json:"rules,omitempty"`
 
-	// Version: Version of the `Policy`. The default version is 0.
+	// Version: Deprecated.
 	Version int64 `json:"version,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -16619,9 +16824,8 @@ func (s *Policy) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
-// Project: A Project resource. Projects can only be created in the
-// Google Cloud Platform Console. Unless marked otherwise, values can
-// only be modified in the console. (== resource_for v1.projects ==) (==
+// Project: A Project resource. For an overview of projects, see  Cloud
+// Platform Resource Hierarchy. (== resource_for v1.projects ==) (==
 // resource_for beta.projects ==)
 type Project struct {
 	// CommonInstanceMetadata: Metadata key/value pairs available to all
@@ -16633,6 +16837,16 @@ type Project struct {
 	// format.
 	CreationTimestamp string `json:"creationTimestamp,omitempty"`
 
+	// DefaultNetworkTier: This signifies the default network tier used for
+	// configuring resources of the project and can only take the following
+	// values: PREMIUM, STANDARD. Initially the default network tier is
+	// PREMIUM.
+	//
+	// Possible values:
+	//   "PREMIUM"
+	//   "STANDARD"
+	DefaultNetworkTier string `json:"defaultNetworkTier,omitempty"`
+
 	// DefaultServiceAccount: [Output Only] Default service account used by
 	// VMs running in this project.
 	DefaultServiceAccount string `json:"defaultServiceAccount,omitempty"`
@@ -16831,6 +17045,37 @@ func (s *ProjectsListXpnHostsRequest) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
+type ProjectsSetDefaultNetworkTierRequest struct {
+	// NetworkTier: Default network tier to be set.
+	//
+	// Possible values:
+	//   "PREMIUM"
+	//   "STANDARD"
+	NetworkTier string `json:"networkTier,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "NetworkTier") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "NetworkTier") to include
+	// in API requests with the JSON null value. By default, fields with
+	// empty values are omitted from API requests. However, any field with
+	// an empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *ProjectsSetDefaultNetworkTierRequest) MarshalJSON() ([]byte, error) {
+	type NoMethod ProjectsSetDefaultNetworkTierRequest
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
 // Quota: A quotas entry.
 type Quota struct {
 	// Limit: [Output Only] Quota limit for this metric.
@@ -17194,16 +17439,16 @@ func (s *RegionAutoscalerListWarningData) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
-// RegionInstanceGroupList: Contains a list of InstanceGroup resources.
-type RegionInstanceGroupList struct {
+type RegionDiskTypeList struct {
 	// Id: [Output Only] Unique identifier for the resource; defined by the
 	// server.
 	Id string `json:"id,omitempty"`
 
-	// Items: A list of InstanceGroup resources.
-	Items []*InstanceGroup `json:"items,omitempty"`
+	// Items: A list of DiskType resources.
+	Items []*DiskType `json:"items,omitempty"`
 
-	// Kind: The resource type.
+	// Kind: [Output Only] Type of resource. Always
+	// compute#regionDiskTypeList for region disk types.
 	Kind string `json:"kind,omitempty"`
 
 	// NextPageToken: [Output Only] This token allows you to get the next
@@ -17218,7 +17463,7 @@ type RegionInstanceGroupList struct {
 	SelfLink string `json:"selfLink,omitempty"`
 
 	// Warning: [Output Only] Informational warning message.
-	Warning *RegionInstanceGroupListWarning `json:"warning,omitempty"`
+	Warning *RegionDiskTypeListWarning `json:"warning,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
@@ -17241,15 +17486,15 @@ type RegionInstanceGroupList struct {
 	NullFields []string `json:"-"`
 }
 
-func (s *RegionInstanceGroupList) MarshalJSON() ([]byte, error) {
-	type NoMethod RegionInstanceGroupList
+func (s *RegionDiskTypeList) MarshalJSON() ([]byte, error) {
+	type NoMethod RegionDiskTypeList
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
-// RegionInstanceGroupListWarning: [Output Only] Informational warning
+// RegionDiskTypeListWarning: [Output Only] Informational warning
 // message.
-type RegionInstanceGroupListWarning struct {
+type RegionDiskTypeListWarning struct {
 	// Code: [Output Only] A warning code, if applicable. For example,
 	// Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in
 	// the response.
@@ -17283,7 +17528,7 @@ type RegionInstanceGroupListWarning struct {
 	// Data: [Output Only] Metadata about this warning in key: value format.
 	// For example:
 	// "data": [ { "key": "scope", "value": "zones/us-east1-d" }
-	Data []*RegionInstanceGroupListWarningData `json:"data,omitempty"`
+	Data []*RegionDiskTypeListWarningData `json:"data,omitempty"`
 
 	// Message: [Output Only] A human-readable description of the warning
 	// code.
@@ -17306,13 +17551,13 @@ type RegionInstanceGroupListWarning struct {
 	NullFields []string `json:"-"`
 }
 
-func (s *RegionInstanceGroupListWarning) MarshalJSON() ([]byte, error) {
-	type NoMethod RegionInstanceGroupListWarning
+func (s *RegionDiskTypeListWarning) MarshalJSON() ([]byte, error) {
+	type NoMethod RegionDiskTypeListWarning
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
-type RegionInstanceGroupListWarningData struct {
+type RegionDiskTypeListWarningData struct {
 	// Key: [Output Only] A key that provides more detail on the warning
 	// being returned. For example, for warnings where there are no results
 	// in a list request for a particular zone, this key might be scope and
@@ -17343,25 +17588,50 @@ type RegionInstanceGroupListWarningData struct {
 	NullFields []string `json:"-"`
 }
 
-func (s *RegionInstanceGroupListWarningData) MarshalJSON() ([]byte, error) {
-	type NoMethod RegionInstanceGroupListWarningData
+func (s *RegionDiskTypeListWarningData) MarshalJSON() ([]byte, error) {
+	type NoMethod RegionDiskTypeListWarningData
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
-// RegionInstanceGroupManagerList: Contains a list of managed instance
-// groups.
-type RegionInstanceGroupManagerList struct {
+type RegionDisksResizeRequest struct {
+	// SizeGb: The new size of the regional persistent disk, which is
+	// specified in GB.
+	SizeGb int64 `json:"sizeGb,omitempty,string"`
+
+	// ForceSendFields is a list of field names (e.g. "SizeGb") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "SizeGb") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *RegionDisksResizeRequest) MarshalJSON() ([]byte, error) {
+	type NoMethod RegionDisksResizeRequest
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// RegionInstanceGroupList: Contains a list of InstanceGroup resources.
+type RegionInstanceGroupList struct {
 	// Id: [Output Only] Unique identifier for the resource; defined by the
 	// server.
 	Id string `json:"id,omitempty"`
 
-	// Items: A list of InstanceGroupManager resources.
-	Items []*InstanceGroupManager `json:"items,omitempty"`
+	// Items: A list of InstanceGroup resources.
+	Items []*InstanceGroup `json:"items,omitempty"`
 
-	// Kind: [Output Only] The resource type, which is always
-	// compute#instanceGroupManagerList for a list of managed instance
-	// groups that exist in th regional scope.
+	// Kind: The resource type.
 	Kind string `json:"kind,omitempty"`
 
 	// NextPageToken: [Output Only] This token allows you to get the next
@@ -17376,7 +17646,7 @@ type RegionInstanceGroupManagerList struct {
 	SelfLink string `json:"selfLink,omitempty"`
 
 	// Warning: [Output Only] Informational warning message.
-	Warning *RegionInstanceGroupManagerListWarning `json:"warning,omitempty"`
+	Warning *RegionInstanceGroupListWarning `json:"warning,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
 	// server.
@@ -17399,15 +17669,15 @@ type RegionInstanceGroupManagerList struct {
 	NullFields []string `json:"-"`
 }
 
-func (s *RegionInstanceGroupManagerList) MarshalJSON() ([]byte, error) {
-	type NoMethod RegionInstanceGroupManagerList
+func (s *RegionInstanceGroupList) MarshalJSON() ([]byte, error) {
+	type NoMethod RegionInstanceGroupList
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
-// RegionInstanceGroupManagerListWarning: [Output Only] Informational
-// warning message.
-type RegionInstanceGroupManagerListWarning struct {
+// RegionInstanceGroupListWarning: [Output Only] Informational warning
+// message.
+type RegionInstanceGroupListWarning struct {
 	// Code: [Output Only] A warning code, if applicable. For example,
 	// Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in
 	// the response.
@@ -17441,7 +17711,7 @@ type RegionInstanceGroupManagerListWarning struct {
 	// Data: [Output Only] Metadata about this warning in key: value format.
 	// For example:
 	// "data": [ { "key": "scope", "value": "zones/us-east1-d" }
-	Data []*RegionInstanceGroupManagerListWarningData `json:"data,omitempty"`
+	Data []*RegionInstanceGroupListWarningData `json:"data,omitempty"`
 
 	// Message: [Output Only] A human-readable description of the warning
 	// code.
@@ -17464,13 +17734,171 @@ type RegionInstanceGroupManagerListWarning struct {
 	NullFields []string `json:"-"`
 }
 
-func (s *RegionInstanceGroupManagerListWarning) MarshalJSON() ([]byte, error) {
-	type NoMethod RegionInstanceGroupManagerListWarning
+func (s *RegionInstanceGroupListWarning) MarshalJSON() ([]byte, error) {
+	type NoMethod RegionInstanceGroupListWarning
 	raw := NoMethod(*s)
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
-type RegionInstanceGroupManagerListWarningData struct {
+type RegionInstanceGroupListWarningData struct {
+	// Key: [Output Only] A key that provides more detail on the warning
+	// being returned. For example, for warnings where there are no results
+	// in a list request for a particular zone, this key might be scope and
+	// the key value might be the zone name. Other examples might be a key
+	// indicating a deprecated resource and a suggested replacement, or a
+	// warning about invalid network settings (for example, if an instance
+	// attempts to perform IP forwarding but is not enabled for IP
+	// forwarding).
+	Key string `json:"key,omitempty"`
+
+	// Value: [Output Only] A warning data value corresponding to the key.
+	Value string `json:"value,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "Key") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Key") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *RegionInstanceGroupListWarningData) MarshalJSON() ([]byte, error) {
+	type NoMethod RegionInstanceGroupListWarningData
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// RegionInstanceGroupManagerList: Contains a list of managed instance
+// groups.
+type RegionInstanceGroupManagerList struct {
+	// Id: [Output Only] Unique identifier for the resource; defined by the
+	// server.
+	Id string `json:"id,omitempty"`
+
+	// Items: A list of InstanceGroupManager resources.
+	Items []*InstanceGroupManager `json:"items,omitempty"`
+
+	// Kind: [Output Only] The resource type, which is always
+	// compute#instanceGroupManagerList for a list of managed instance
+	// groups that exist in th regional scope.
+	Kind string `json:"kind,omitempty"`
+
+	// NextPageToken: [Output Only] This token allows you to get the next
+	// page of results for list requests. If the number of results is larger
+	// than maxResults, use the nextPageToken as a value for the query
+	// parameter pageToken in the next list request. Subsequent list
+	// requests will have their own nextPageToken to continue paging through
+	// the results.
+	NextPageToken string `json:"nextPageToken,omitempty"`
+
+	// SelfLink: [Output Only] Server-defined URL for this resource.
+	SelfLink string `json:"selfLink,omitempty"`
+
+	// Warning: [Output Only] Informational warning message.
+	Warning *RegionInstanceGroupManagerListWarning `json:"warning,omitempty"`
+
+	// ServerResponse contains the HTTP response code and headers from the
+	// server.
+	googleapi.ServerResponse `json:"-"`
+
+	// ForceSendFields is a list of field names (e.g. "Id") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Id") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *RegionInstanceGroupManagerList) MarshalJSON() ([]byte, error) {
+	type NoMethod RegionInstanceGroupManagerList
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// RegionInstanceGroupManagerListWarning: [Output Only] Informational
+// warning message.
+type RegionInstanceGroupManagerListWarning struct {
+	// Code: [Output Only] A warning code, if applicable. For example,
+	// Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in
+	// the response.
+	//
+	// Possible values:
+	//   "CLEANUP_FAILED"
+	//   "DEPRECATED_RESOURCE_USED"
+	//   "DEPRECATED_TYPE_USED"
+	//   "DISK_SIZE_LARGER_THAN_IMAGE_SIZE"
+	//   "EXPERIMENTAL_TYPE_USED"
+	//   "EXTERNAL_API_WARNING"
+	//   "FIELD_VALUE_OVERRIDEN"
+	//   "INJECTED_KERNELS_DEPRECATED"
+	//   "MISSING_TYPE_DEPENDENCY"
+	//   "NEXT_HOP_ADDRESS_NOT_ASSIGNED"
+	//   "NEXT_HOP_CANNOT_IP_FORWARD"
+	//   "NEXT_HOP_INSTANCE_NOT_FOUND"
+	//   "NEXT_HOP_INSTANCE_NOT_ON_NETWORK"
+	//   "NEXT_HOP_NOT_RUNNING"
+	//   "NOT_CRITICAL_ERROR"
+	//   "NO_RESULTS_ON_PAGE"
+	//   "REQUIRED_TOS_AGREEMENT"
+	//   "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING"
+	//   "RESOURCE_NOT_DELETED"
+	//   "SCHEMA_VALIDATION_IGNORED"
+	//   "SINGLE_INSTANCE_PROPERTY_TEMPLATE"
+	//   "UNDECLARED_PROPERTIES"
+	//   "UNREACHABLE"
+	Code string `json:"code,omitempty"`
+
+	// Data: [Output Only] Metadata about this warning in key: value format.
+	// For example:
+	// "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+	Data []*RegionInstanceGroupManagerListWarningData `json:"data,omitempty"`
+
+	// Message: [Output Only] A human-readable description of the warning
+	// code.
+	Message string `json:"message,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "Code") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Code") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *RegionInstanceGroupManagerListWarning) MarshalJSON() ([]byte, error) {
+	type NoMethod RegionInstanceGroupManagerListWarning
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+type RegionInstanceGroupManagerListWarningData struct {
 	// Key: [Output Only] A key that provides more detail on the warning
 	// being returned. For example, for warnings where there are no results
 	// in a list request for a particular zone, this key might be scope and
@@ -18254,7 +18682,7 @@ type Route struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -18627,7 +19055,7 @@ type Router struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -18636,7 +19064,9 @@ type Router struct {
 	// Network: URI of the network to which this router belongs.
 	Network string `json:"network,omitempty"`
 
-	// Region: [Output Only] URI of the region where the router resides.
+	// Region: [Output Only] URI of the region where the router resides. You
+	// must specify this field as part of the HTTP request URL. It is not
+	// settable as a field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// SelfLink: [Output Only] Server-defined URL for the resource.
@@ -19681,7 +20111,7 @@ type SecurityPolicy struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -19967,7 +20397,7 @@ type SecurityPolicyRuleMatcher struct {
 	// specified and cannot be specified if versioned_expr is not specified.
 	Config *SecurityPolicyRuleMatcherConfig `json:"config,omitempty"`
 
-	// SrcIpRanges: CIDR IP address range. Only IPv4 is supported.
+	// SrcIpRanges: CIDR IP address range.
 	SrcIpRanges []string `json:"srcIpRanges,omitempty"`
 
 	// VersionedExpr: Preconfigured versioned expression. If this field is
@@ -20004,7 +20434,7 @@ func (s *SecurityPolicyRuleMatcher) MarshalJSON() ([]byte, error) {
 }
 
 type SecurityPolicyRuleMatcherConfig struct {
-	// SrcIpRanges: CIDR IP address range. Only IPv4 is supported.
+	// SrcIpRanges: CIDR IP address range.
 	SrcIpRanges []string `json:"srcIpRanges,omitempty"`
 
 	// ForceSendFields is a list of field names (e.g. "SrcIpRanges") to
@@ -20118,7 +20548,7 @@ func (s *ServiceAccount) MarshalJSON() ([]byte, error) {
 type SignedUrlKey struct {
 	// KeyName: Name of the key. The name must be 1-63 characters long, and
 	// comply with RFC1035. Specifically, the name must be 1-63 characters
-	// long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?
+	// long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
 	// which means the first character must be a lowercase letter, and all
 	// following characters must be a dash, lowercase letter, or digit,
 	// except the last character, which cannot be a dash.
@@ -20200,7 +20630,7 @@ type Snapshot struct {
 	// Name: Name of the resource; provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -20511,7 +20941,7 @@ type SslCertificate struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -20942,8 +21372,8 @@ type SslPolicy struct {
 	// Name: Name of the resource. The name must be 1-63 characters long,
 	// and comply with RFC1035. Specifically, the name must be 1-63
 	// characters long and match the regular expression
-	// [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a
-	// lowercase letter, and all following characters must be a dash,
+	// `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be
+	// a lowercase letter, and all following characters must be a dash,
 	// lowercase letter, or digit, except the last character, which cannot
 	// be a dash.
 	Name string `json:"name,omitempty"`
@@ -21162,8 +21592,7 @@ type Subnetwork struct {
 	Fingerprint string `json:"fingerprint,omitempty"`
 
 	// GatewayAddress: [Output Only] The gateway address for default routes
-	// to reach destination addresses outside this subnetwork. This field
-	// can be set only at resource creation time.
+	// to reach destination addresses outside this subnetwork.
 	GatewayAddress string `json:"gatewayAddress,omitempty"`
 
 	// Id: [Output Only] The unique identifier for the resource. This
@@ -21184,7 +21613,7 @@ type Subnetwork struct {
 	// Name: The name of the resource, provided by the client when initially
 	// creating the resource. The name must be 1-63 characters long, and
 	// comply with RFC1035. Specifically, the name must be 1-63 characters
-	// long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?
+	// long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
 	// which means the first character must be a lowercase letter, and all
 	// following characters must be a dash, lowercase letter, or digit,
 	// except the last character, which cannot be a dash.
@@ -21899,7 +22328,7 @@ type TargetHttpProxy struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -22181,7 +22610,7 @@ type TargetHttpsProxy struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -22442,7 +22871,7 @@ type TargetInstance struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -22459,7 +22888,8 @@ type TargetInstance struct {
 	SelfLink string `json:"selfLink,omitempty"`
 
 	// Zone: [Output Only] URL of the zone where the target instance
-	// resides.
+	// resides. You must specify this field as part of the HTTP request URL.
+	// It is not settable as a field in the request body.
 	Zone string `json:"zone,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -23004,7 +23434,7 @@ type TargetPool struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -23814,7 +24244,7 @@ type TargetSslProxy struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -24111,7 +24541,7 @@ type TargetTcpProxy struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -24359,7 +24789,7 @@ type TargetVpnGateway struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -24370,7 +24800,8 @@ type TargetVpnGateway struct {
 	Network string `json:"network,omitempty"`
 
 	// Region: [Output Only] URL of the region where the target VPN gateway
-	// resides.
+	// resides. You must specify this field as part of the HTTP request URL.
+	// It is not settable as a field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// SelfLink: [Output Only] Server-defined URL for the resource.
@@ -25034,7 +25465,7 @@ type UrlMap struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -25046,8 +25477,9 @@ type UrlMap struct {
 	// SelfLink: [Output Only] Server-defined URL for the resource.
 	SelfLink string `json:"selfLink,omitempty"`
 
-	// Tests: The list of expected URL mappings. Request to update this
-	// UrlMap will succeed only if all of the test cases pass.
+	// Tests: The list of expected URL mapping tests. Request to update this
+	// UrlMap will succeed only if all of the test cases pass. You can
+	// specify a maximum of 100 tests per UrlMap.
 	Tests []*UrlMapTest `json:"tests,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -25392,6 +25824,198 @@ func (s *UrlMapsValidateResponse) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
+// UsableSubnetwork: Subnetwork which the current user has
+// compute.subnetworks.use permission on.
+type UsableSubnetwork struct {
+	// IpCidrRange: The range of internal addresses that are owned by this
+	// subnetwork.
+	IpCidrRange string `json:"ipCidrRange,omitempty"`
+
+	// Network: Network URL.
+	Network string `json:"network,omitempty"`
+
+	// Subnetwork: Subnetwork URL.
+	Subnetwork string `json:"subnetwork,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "IpCidrRange") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "IpCidrRange") to include
+	// in API requests with the JSON null value. By default, fields with
+	// empty values are omitted from API requests. However, any field with
+	// an empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *UsableSubnetwork) MarshalJSON() ([]byte, error) {
+	type NoMethod UsableSubnetwork
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+type UsableSubnetworksAggregatedList struct {
+	// Id: [Output Only] The unique identifier for the resource. This
+	// identifier is defined by the server.
+	Id string `json:"id,omitempty"`
+
+	// Items: [Output] A list of usable subnetwork URLs.
+	Items []*UsableSubnetwork `json:"items,omitempty"`
+
+	// Kind: [Output Only] Type of resource. Always
+	// compute#usableSubnetworksAggregatedList for aggregated lists of
+	// usable subnetworks.
+	Kind string `json:"kind,omitempty"`
+
+	// NextPageToken: [Output Only] This token allows you to get the next
+	// page of results for list requests. If the number of results is larger
+	// than maxResults, use the nextPageToken as a value for the query
+	// parameter pageToken in the next list request. Subsequent list
+	// requests will have their own nextPageToken to continue paging through
+	// the results.
+	NextPageToken string `json:"nextPageToken,omitempty"`
+
+	// SelfLink: [Output Only] Server-defined URL for this resource.
+	SelfLink string `json:"selfLink,omitempty"`
+
+	// Warning: [Output Only] Informational warning message.
+	Warning *UsableSubnetworksAggregatedListWarning `json:"warning,omitempty"`
+
+	// ServerResponse contains the HTTP response code and headers from the
+	// server.
+	googleapi.ServerResponse `json:"-"`
+
+	// ForceSendFields is a list of field names (e.g. "Id") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Id") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *UsableSubnetworksAggregatedList) MarshalJSON() ([]byte, error) {
+	type NoMethod UsableSubnetworksAggregatedList
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// UsableSubnetworksAggregatedListWarning: [Output Only] Informational
+// warning message.
+type UsableSubnetworksAggregatedListWarning struct {
+	// Code: [Output Only] A warning code, if applicable. For example,
+	// Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in
+	// the response.
+	//
+	// Possible values:
+	//   "CLEANUP_FAILED"
+	//   "DEPRECATED_RESOURCE_USED"
+	//   "DEPRECATED_TYPE_USED"
+	//   "DISK_SIZE_LARGER_THAN_IMAGE_SIZE"
+	//   "EXPERIMENTAL_TYPE_USED"
+	//   "EXTERNAL_API_WARNING"
+	//   "FIELD_VALUE_OVERRIDEN"
+	//   "INJECTED_KERNELS_DEPRECATED"
+	//   "MISSING_TYPE_DEPENDENCY"
+	//   "NEXT_HOP_ADDRESS_NOT_ASSIGNED"
+	//   "NEXT_HOP_CANNOT_IP_FORWARD"
+	//   "NEXT_HOP_INSTANCE_NOT_FOUND"
+	//   "NEXT_HOP_INSTANCE_NOT_ON_NETWORK"
+	//   "NEXT_HOP_NOT_RUNNING"
+	//   "NOT_CRITICAL_ERROR"
+	//   "NO_RESULTS_ON_PAGE"
+	//   "REQUIRED_TOS_AGREEMENT"
+	//   "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING"
+	//   "RESOURCE_NOT_DELETED"
+	//   "SCHEMA_VALIDATION_IGNORED"
+	//   "SINGLE_INSTANCE_PROPERTY_TEMPLATE"
+	//   "UNDECLARED_PROPERTIES"
+	//   "UNREACHABLE"
+	Code string `json:"code,omitempty"`
+
+	// Data: [Output Only] Metadata about this warning in key: value format.
+	// For example:
+	// "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+	Data []*UsableSubnetworksAggregatedListWarningData `json:"data,omitempty"`
+
+	// Message: [Output Only] A human-readable description of the warning
+	// code.
+	Message string `json:"message,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "Code") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Code") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *UsableSubnetworksAggregatedListWarning) MarshalJSON() ([]byte, error) {
+	type NoMethod UsableSubnetworksAggregatedListWarning
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+type UsableSubnetworksAggregatedListWarningData struct {
+	// Key: [Output Only] A key that provides more detail on the warning
+	// being returned. For example, for warnings where there are no results
+	// in a list request for a particular zone, this key might be scope and
+	// the key value might be the zone name. Other examples might be a key
+	// indicating a deprecated resource and a suggested replacement, or a
+	// warning about invalid network settings (for example, if an instance
+	// attempts to perform IP forwarding but is not enabled for IP
+	// forwarding).
+	Key string `json:"key,omitempty"`
+
+	// Value: [Output Only] A warning data value corresponding to the key.
+	Value string `json:"value,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "Key") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Key") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *UsableSubnetworksAggregatedListWarningData) MarshalJSON() ([]byte, error) {
+	type NoMethod UsableSubnetworksAggregatedListWarningData
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
 // UsageExportLocation: The location in Cloud Storage and naming method
 // of the daily usage report. Contains bucket_name and report_name
 // prefix.
@@ -25488,7 +26112,7 @@ type VpnTunnel struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -25498,6 +26122,8 @@ type VpnTunnel struct {
 	PeerIp string `json:"peerIp,omitempty"`
 
 	// Region: [Output Only] URL of the region where the VPN tunnel resides.
+	// You must specify this field as part of the HTTP request URL. It is
+	// not settable as a field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// RemoteTrafficSelector: Remote traffic selectors to use when
@@ -25536,8 +26162,9 @@ type VpnTunnel struct {
 	//   "WAITING_FOR_FULL_CONFIG"
 	Status string `json:"status,omitempty"`
 
-	// TargetVpnGateway: URL of the VPN gateway with which this VPN tunnel
-	// is associated. Provided by the client when the VPN tunnel is created.
+	// TargetVpnGateway: URL of the Target VPN gateway with which this VPN
+	// tunnel is associated. Provided by the client when the VPN tunnel is
+	// created.
 	TargetVpnGateway string `json:"targetVpnGateway,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -37089,7 +37716,7 @@ type FirewallsUpdateCall struct {
 }
 
 // Update: Updates the specified firewall rule with the data included in
-// the request. Using PUT method, can only update following fields of
+// the request. The PUT method can only update the following fields of
 // firewall rule: allowed, description, sourceRanges, sourceTags,
 // targetTags.
 // For details, see https://cloud.google.com/compute/docs/reference/latest/firewalls/update
@@ -37207,7 +37834,7 @@ func (c *FirewallsUpdateCall) Do(opts ...googleapi.CallOption) (*Operation, erro
 	}
 	return ret, nil
 	// {
-	//   "description": "Updates the specified firewall rule with the data included in the request. Using PUT method, can only update following fields of firewall rule: allowed, description, sourceRanges, sourceTags, targetTags.",
+	//   "description": "Updates the specified firewall rule with the data included in the request. The PUT method can only update the following fields of firewall rule: allowed, description, sourceRanges, sourceTags, targetTags.",
 	//   "httpMethod": "PUT",
 	//   "id": "compute.firewalls.update",
 	//   "parameterOrder": [
@@ -52078,11 +52705,9 @@ type InstanceTemplatesDeleteCall struct {
 	header_          http.Header
 }
 
-// Delete: Deletes the specified instance template. If you delete an
-// instance template that is being referenced from another instance
-// group, the instance group will not be able to create or recreate
-// virtual machine instances. Deleting an instance template is permanent
-// and cannot be undone.
+// Delete: Deletes the specified instance template. Deleting an instance
+// template is permanent and cannot be undone. It's not possible to
+// delete templates which are in use by an instance group.
 // For details, see https://cloud.google.com/compute/docs/reference/latest/instanceTemplates/delete
 func (r *InstanceTemplatesService) Delete(project string, instanceTemplate string) *InstanceTemplatesDeleteCall {
 	c := &InstanceTemplatesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
@@ -52192,7 +52817,7 @@ func (c *InstanceTemplatesDeleteCall) Do(opts ...googleapi.CallOption) (*Operati
 	}
 	return ret, nil
 	// {
-	//   "description": "Deletes the specified instance template. If you delete an instance template that is being referenced from another instance group, the instance group will not be able to create or recreate virtual machine instances. Deleting an instance template is permanent and cannot be undone.",
+	//   "description": "Deletes the specified instance template. Deleting an instance template is permanent and cannot be undone. It's not possible to delete templates which are in use by an instance group.",
 	//   "httpMethod": "DELETE",
 	//   "id": "compute.instanceTemplates.delete",
 	//   "parameterOrder": [
@@ -53420,6 +54045,14 @@ func (r *InstancesService) AttachDisk(project string, zone string, instance stri
 	return c
 }
 
+// ForceAttach sets the optional parameter "forceAttach": Whether to
+// force attach the disk even if it's currently attached to another
+// instance. This is only available for regional disks.
+func (c *InstancesAttachDiskCall) ForceAttach(forceAttach bool) *InstancesAttachDiskCall {
+	c.urlParams_.Set("forceAttach", fmt.Sprint(forceAttach))
+	return c
+}
+
 // RequestId sets the optional parameter "requestId": An optional
 // request ID to identify requests. Specify a unique request ID so that
 // if you must retry your request, the server will know to ignore the
@@ -53536,6 +54169,11 @@ func (c *InstancesAttachDiskCall) Do(opts ...googleapi.CallOption) (*Operation,
 	//     "instance"
 	//   ],
 	//   "parameters": {
+	//     "forceAttach": {
+	//       "description": "Whether to force attach the disk even if it's currently attached to another instance. This is only available for regional disks.",
+	//       "location": "query",
+	//       "type": "boolean"
+	//     },
 	//     "instance": {
 	//       "description": "The instance name for this request.",
 	//       "location": "path",
@@ -59315,6 +59953,371 @@ func (c *InterconnectAttachmentsListCall) Pages(ctx context.Context, f func(*Int
 	}
 }
 
+// method id "compute.interconnectAttachments.patch":
+
+type InterconnectAttachmentsPatchCall struct {
+	s                      *Service
+	project                string
+	region                 string
+	interconnectAttachment string
+	interconnectattachment *InterconnectAttachment
+	urlParams_             gensupport.URLParams
+	ctx_                   context.Context
+	header_                http.Header
+}
+
+// Patch: Updates the specified interconnect attachment with the data
+// included in the request. This method supports PATCH semantics and
+// uses the JSON merge patch format and processing rules.
+func (r *InterconnectAttachmentsService) Patch(project string, region string, interconnectAttachment string, interconnectattachment *InterconnectAttachment) *InterconnectAttachmentsPatchCall {
+	c := &InterconnectAttachmentsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.region = region
+	c.interconnectAttachment = interconnectAttachment
+	c.interconnectattachment = interconnectattachment
+	return c
+}
+
+// RequestId sets the optional parameter "requestId": An optional
+// request ID to identify requests. Specify a unique request ID so that
+// if you must retry your request, the server will know to ignore the
+// request if it has already been completed.
+//
+// For example, consider a situation where you make an initial request
+// and the request times out. If you make the request again with the
+// same request ID, the server can check if original operation with the
+// same request ID was received, and if so, will ignore the second
+// request. This prevents clients from accidentally creating duplicate
+// commitments.
+//
+// The request ID must be a valid UUID with the exception that zero UUID
+// is not supported (00000000-0000-0000-0000-000000000000).
+func (c *InterconnectAttachmentsPatchCall) RequestId(requestId string) *InterconnectAttachmentsPatchCall {
+	c.urlParams_.Set("requestId", requestId)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *InterconnectAttachmentsPatchCall) Fields(s ...googleapi.Field) *InterconnectAttachmentsPatchCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *InterconnectAttachmentsPatchCall) Context(ctx context.Context) *InterconnectAttachmentsPatchCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *InterconnectAttachmentsPatchCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *InterconnectAttachmentsPatchCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.interconnectattachment)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/interconnectAttachments/{interconnectAttachment}")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("PATCH", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project":                c.project,
+		"region":                 c.region,
+		"interconnectAttachment": c.interconnectAttachment,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.interconnectAttachments.patch" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *InterconnectAttachmentsPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Updates the specified interconnect attachment with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+	//   "httpMethod": "PATCH",
+	//   "id": "compute.interconnectAttachments.patch",
+	//   "parameterOrder": [
+	//     "project",
+	//     "region",
+	//     "interconnectAttachment"
+	//   ],
+	//   "parameters": {
+	//     "interconnectAttachment": {
+	//       "description": "Name of the interconnect attachment to patch.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "region": {
+	//       "description": "Name of the region scoping this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "requestId": {
+	//       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+	//       "location": "query",
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/regions/{region}/interconnectAttachments/{interconnectAttachment}",
+	//   "request": {
+	//     "$ref": "InterconnectAttachment"
+	//   },
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute"
+	//   ]
+	// }
+
+}
+
+// method id "compute.interconnectAttachments.setLabels":
+
+type InterconnectAttachmentsSetLabelsCall struct {
+	s                      *Service
+	project                string
+	region                 string
+	resource               string
+	regionsetlabelsrequest *RegionSetLabelsRequest
+	urlParams_             gensupport.URLParams
+	ctx_                   context.Context
+	header_                http.Header
+}
+
+// SetLabels: Sets the labels on an InterconnectAttachment. To learn
+// more about labels, read the Labeling Resources documentation.
+func (r *InterconnectAttachmentsService) SetLabels(project string, region string, resource string, regionsetlabelsrequest *RegionSetLabelsRequest) *InterconnectAttachmentsSetLabelsCall {
+	c := &InterconnectAttachmentsSetLabelsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.region = region
+	c.resource = resource
+	c.regionsetlabelsrequest = regionsetlabelsrequest
+	return c
+}
+
+// RequestId sets the optional parameter "requestId": An optional
+// request ID to identify requests. Specify a unique request ID so that
+// if you must retry your request, the server will know to ignore the
+// request if it has already been completed.
+//
+// For example, consider a situation where you make an initial request
+// and the request times out. If you make the request again with the
+// same request ID, the server can check if original operation with the
+// same request ID was received, and if so, will ignore the second
+// request. This prevents clients from accidentally creating duplicate
+// commitments.
+//
+// The request ID must be a valid UUID with the exception that zero UUID
+// is not supported (00000000-0000-0000-0000-000000000000).
+func (c *InterconnectAttachmentsSetLabelsCall) RequestId(requestId string) *InterconnectAttachmentsSetLabelsCall {
+	c.urlParams_.Set("requestId", requestId)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *InterconnectAttachmentsSetLabelsCall) Fields(s ...googleapi.Field) *InterconnectAttachmentsSetLabelsCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *InterconnectAttachmentsSetLabelsCall) Context(ctx context.Context) *InterconnectAttachmentsSetLabelsCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *InterconnectAttachmentsSetLabelsCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *InterconnectAttachmentsSetLabelsCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.regionsetlabelsrequest)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/interconnectAttachments/{resource}/setLabels")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project":  c.project,
+		"region":   c.region,
+		"resource": c.resource,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.interconnectAttachments.setLabels" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *InterconnectAttachmentsSetLabelsCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Sets the labels on an InterconnectAttachment. To learn more about labels, read the Labeling Resources documentation.",
+	//   "httpMethod": "POST",
+	//   "id": "compute.interconnectAttachments.setLabels",
+	//   "parameterOrder": [
+	//     "project",
+	//     "region",
+	//     "resource"
+	//   ],
+	//   "parameters": {
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "region": {
+	//       "description": "The region for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "requestId": {
+	//       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "resource": {
+	//       "description": "Name of the resource for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/regions/{region}/interconnectAttachments/{resource}/setLabels",
+	//   "request": {
+	//     "$ref": "RegionSetLabelsRequest"
+	//   },
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute"
+	//   ]
+	// }
+
+}
+
 // method id "compute.interconnectAttachments.testIamPermissions":
 
 type InterconnectAttachmentsTestIamPermissionsCall struct {
@@ -60775,6 +61778,153 @@ func (c *InterconnectsPatchCall) Do(opts ...googleapi.CallOption) (*Operation, e
 
 }
 
+// method id "compute.interconnects.setLabels":
+
+type InterconnectsSetLabelsCall struct {
+	s                      *Service
+	project                string
+	resource               string
+	globalsetlabelsrequest *GlobalSetLabelsRequest
+	urlParams_             gensupport.URLParams
+	ctx_                   context.Context
+	header_                http.Header
+}
+
+// SetLabels: Sets the labels on an Interconnect. To learn more about
+// labels, read the Labeling Resources documentation.
+func (r *InterconnectsService) SetLabels(project string, resource string, globalsetlabelsrequest *GlobalSetLabelsRequest) *InterconnectsSetLabelsCall {
+	c := &InterconnectsSetLabelsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.resource = resource
+	c.globalsetlabelsrequest = globalsetlabelsrequest
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *InterconnectsSetLabelsCall) Fields(s ...googleapi.Field) *InterconnectsSetLabelsCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *InterconnectsSetLabelsCall) Context(ctx context.Context) *InterconnectsSetLabelsCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *InterconnectsSetLabelsCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *InterconnectsSetLabelsCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.globalsetlabelsrequest)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/global/interconnects/{resource}/setLabels")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project":  c.project,
+		"resource": c.resource,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.interconnects.setLabels" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *InterconnectsSetLabelsCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Sets the labels on an Interconnect. To learn more about labels, read the Labeling Resources documentation.",
+	//   "httpMethod": "POST",
+	//   "id": "compute.interconnects.setLabels",
+	//   "parameterOrder": [
+	//     "project",
+	//     "resource"
+	//   ],
+	//   "parameters": {
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "resource": {
+	//       "description": "Name of the resource for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/global/interconnects/{resource}/setLabels",
+	//   "request": {
+	//     "$ref": "GlobalSetLabelsRequest"
+	//   },
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute"
+	//   ]
+	// }
+
+}
+
 // method id "compute.interconnects.testIamPermissions":
 
 type InterconnectsTestIamPermissionsCall struct {
@@ -65818,6 +66968,168 @@ func (c *ProjectsSetCommonInstanceMetadataCall) Do(opts ...googleapi.CallOption)
 
 }
 
+// method id "compute.projects.setDefaultNetworkTier":
+
+type ProjectsSetDefaultNetworkTierCall struct {
+	s                                    *Service
+	project                              string
+	projectssetdefaultnetworktierrequest *ProjectsSetDefaultNetworkTierRequest
+	urlParams_                           gensupport.URLParams
+	ctx_                                 context.Context
+	header_                              http.Header
+}
+
+// SetDefaultNetworkTier: Sets the default network tier of the project.
+// The default network tier is used when an
+// address/forwardingRule/instance is created without specifying the
+// network tier field.
+func (r *ProjectsService) SetDefaultNetworkTier(project string, projectssetdefaultnetworktierrequest *ProjectsSetDefaultNetworkTierRequest) *ProjectsSetDefaultNetworkTierCall {
+	c := &ProjectsSetDefaultNetworkTierCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.projectssetdefaultnetworktierrequest = projectssetdefaultnetworktierrequest
+	return c
+}
+
+// RequestId sets the optional parameter "requestId": An optional
+// request ID to identify requests. Specify a unique request ID so that
+// if you must retry your request, the server will know to ignore the
+// request if it has already been completed.
+//
+// For example, consider a situation where you make an initial request
+// and the request times out. If you make the request again with the
+// same request ID, the server can check if original operation with the
+// same request ID was received, and if so, will ignore the second
+// request. This prevents clients from accidentally creating duplicate
+// commitments.
+//
+// The request ID must be a valid UUID with the exception that zero UUID
+// is not supported (00000000-0000-0000-0000-000000000000).
+func (c *ProjectsSetDefaultNetworkTierCall) RequestId(requestId string) *ProjectsSetDefaultNetworkTierCall {
+	c.urlParams_.Set("requestId", requestId)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsSetDefaultNetworkTierCall) Fields(s ...googleapi.Field) *ProjectsSetDefaultNetworkTierCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsSetDefaultNetworkTierCall) Context(ctx context.Context) *ProjectsSetDefaultNetworkTierCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsSetDefaultNetworkTierCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsSetDefaultNetworkTierCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.projectssetdefaultnetworktierrequest)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/setDefaultNetworkTier")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project": c.project,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.projects.setDefaultNetworkTier" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *ProjectsSetDefaultNetworkTierCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Sets the default network tier of the project. The default network tier is used when an address/forwardingRule/instance is created without specifying the network tier field.",
+	//   "httpMethod": "POST",
+	//   "id": "compute.projects.setDefaultNetworkTier",
+	//   "parameterOrder": [
+	//     "project"
+	//   ],
+	//   "parameters": {
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "requestId": {
+	//       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+	//       "location": "query",
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/setDefaultNetworkTier",
+	//   "request": {
+	//     "$ref": "ProjectsSetDefaultNetworkTierRequest"
+	//   },
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute"
+	//   ]
+	// }
+
+}
+
 // method id "compute.projects.setUsageExportBucket":
 
 type ProjectsSetUsageExportBucketCall struct {
@@ -67734,7 +69046,7 @@ func (c *RegionBackendServicesGetHealthCall) Do(opts ...googleapi.CallOption) (*
 	//   ],
 	//   "parameters": {
 	//     "backendService": {
-	//       "description": "Name of the BackendService resource to which the queried instance belongs.",
+	//       "description": "Name of the BackendService resource for which to get health.",
 	//       "location": "path",
 	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
 	//       "required": true,
@@ -69584,122 +70896,95 @@ func (c *RegionCommitmentsListCall) Pages(ctx context.Context, f func(*Commitmen
 	}
 }
 
-// method id "compute.regionInstanceGroupManagers.abandonInstances":
+// method id "compute.regionDiskTypes.get":
 
-type RegionInstanceGroupManagersAbandonInstancesCall struct {
-	s                                                  *Service
-	project                                            string
-	region                                             string
-	instanceGroupManager                               string
-	regioninstancegroupmanagersabandoninstancesrequest *RegionInstanceGroupManagersAbandonInstancesRequest
-	urlParams_                                         gensupport.URLParams
-	ctx_                                               context.Context
-	header_                                            http.Header
+type RegionDiskTypesGetCall struct {
+	s            *Service
+	project      string
+	region       string
+	diskType     string
+	urlParams_   gensupport.URLParams
+	ifNoneMatch_ string
+	ctx_         context.Context
+	header_      http.Header
 }
 
-// AbandonInstances: Schedules a group action to remove the specified
-// instances from the managed instance group. Abandoning an instance
-// does not delete the instance, but it does remove the instance from
-// any target pools that are applied by the managed instance group. This
-// method reduces the targetSize of the managed instance group by the
-// number of instances that you abandon. This operation is marked as
-// DONE when the action is scheduled even if the instances have not yet
-// been removed from the group. You must separately verify the status of
-// the abandoning action with the listmanagedinstances method.
-//
-// If the group is part of a backend service that has enabled connection
-// draining, it can take up to 60 seconds after the connection draining
-// duration has elapsed before the VM instance is removed or
-// deleted.
-//
-// You can specify a maximum of 1000 instances with this method per
-// request.
-func (r *RegionInstanceGroupManagersService) AbandonInstances(project string, region string, instanceGroupManager string, regioninstancegroupmanagersabandoninstancesrequest *RegionInstanceGroupManagersAbandonInstancesRequest) *RegionInstanceGroupManagersAbandonInstancesCall {
-	c := &RegionInstanceGroupManagersAbandonInstancesCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+// Get: Returns the specified regional disk type. Get a list of
+// available disk types by making a list() request.
+func (r *RegionDiskTypesService) Get(project string, region string, diskType string) *RegionDiskTypesGetCall {
+	c := &RegionDiskTypesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.project = project
 	c.region = region
-	c.instanceGroupManager = instanceGroupManager
-	c.regioninstancegroupmanagersabandoninstancesrequest = regioninstancegroupmanagersabandoninstancesrequest
-	return c
-}
-
-// RequestId sets the optional parameter "requestId": An optional
-// request ID to identify requests. Specify a unique request ID so that
-// if you must retry your request, the server will know to ignore the
-// request if it has already been completed.
-//
-// For example, consider a situation where you make an initial request
-// and the request times out. If you make the request again with the
-// same request ID, the server can check if original operation with the
-// same request ID was received, and if so, will ignore the second
-// request. This prevents clients from accidentally creating duplicate
-// commitments.
-//
-// The request ID must be a valid UUID with the exception that zero UUID
-// is not supported (00000000-0000-0000-0000-000000000000).
-func (c *RegionInstanceGroupManagersAbandonInstancesCall) RequestId(requestId string) *RegionInstanceGroupManagersAbandonInstancesCall {
-	c.urlParams_.Set("requestId", requestId)
+	c.diskType = diskType
 	return c
 }
 
 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
-func (c *RegionInstanceGroupManagersAbandonInstancesCall) Fields(s ...googleapi.Field) *RegionInstanceGroupManagersAbandonInstancesCall {
+func (c *RegionDiskTypesGetCall) Fields(s ...googleapi.Field) *RegionDiskTypesGetCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }
 
+// IfNoneMatch sets the optional parameter which makes the operation
+// fail if the object's ETag matches the given value. This is useful for
+// getting updates only after the object has changed since the last
+// request. Use googleapi.IsNotModified to check whether the response
+// error from Do is the result of In-None-Match.
+func (c *RegionDiskTypesGetCall) IfNoneMatch(entityTag string) *RegionDiskTypesGetCall {
+	c.ifNoneMatch_ = entityTag
+	return c
+}
+
 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
-func (c *RegionInstanceGroupManagersAbandonInstancesCall) Context(ctx context.Context) *RegionInstanceGroupManagersAbandonInstancesCall {
+func (c *RegionDiskTypesGetCall) Context(ctx context.Context) *RegionDiskTypesGetCall {
 	c.ctx_ = ctx
 	return c
 }
 
 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
-func (c *RegionInstanceGroupManagersAbandonInstancesCall) Header() http.Header {
+func (c *RegionDiskTypesGetCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }
 
-func (c *RegionInstanceGroupManagersAbandonInstancesCall) doRequest(alt string) (*http.Response, error) {
+func (c *RegionDiskTypesGetCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
-	var body io.Reader = nil
-	body, err := googleapi.WithoutDataWrapper.JSONReader(c.regioninstancegroupmanagersabandoninstancesrequest)
-	if err != nil {
-		return nil, err
+	if c.ifNoneMatch_ != "" {
+		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 	}
-	reqHeaders.Set("Content-Type", "application/json")
+	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
-	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/abandonInstances")
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/diskTypes/{diskType}")
 	urls += "?" + c.urlParams_.Encode()
-	req, _ := http.NewRequest("POST", urls, body)
+	req, _ := http.NewRequest("GET", urls, body)
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
-		"project":              c.project,
-		"region":               c.region,
-		"instanceGroupManager": c.instanceGroupManager,
+		"project":  c.project,
+		"region":   c.region,
+		"diskType": c.diskType,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }
 
-// Do executes the "compute.regionInstanceGroupManagers.abandonInstances" call.
-// Exactly one of *Operation or error will be non-nil. Any non-2xx
-// status code is an error. Response headers are in either
-// *Operation.ServerResponse.Header or (if a response was returned at
+// Do executes the "compute.regionDiskTypes.get" call.
+// Exactly one of *DiskType or error will be non-nil. Any non-2xx status
+// code is an error. Response headers are in either
+// *DiskType.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
-func (c *RegionInstanceGroupManagersAbandonInstancesCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+func (c *RegionDiskTypesGetCall) Do(opts ...googleapi.CallOption) (*DiskType, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
@@ -69718,7 +71003,7 @@ func (c *RegionInstanceGroupManagersAbandonInstancesCall) Do(opts ...googleapi.C
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
-	ret := &Operation{
+	ret := &DiskType{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
@@ -69730,18 +71015,19 @@ func (c *RegionInstanceGroupManagersAbandonInstancesCall) Do(opts ...googleapi.C
 	}
 	return ret, nil
 	// {
-	//   "description": "Schedules a group action to remove the specified instances from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
-	//   "httpMethod": "POST",
-	//   "id": "compute.regionInstanceGroupManagers.abandonInstances",
+	//   "description": "Returns the specified regional disk type. Get a list of available disk types by making a list() request.",
+	//   "httpMethod": "GET",
+	//   "id": "compute.regionDiskTypes.get",
 	//   "parameterOrder": [
 	//     "project",
 	//     "region",
-	//     "instanceGroupManager"
+	//     "diskType"
 	//   ],
 	//   "parameters": {
-	//     "instanceGroupManager": {
-	//       "description": "Name of the managed instance group.",
+	//     "diskType": {
+	//       "description": "Name of the disk type to return.",
 	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
 	//       "required": true,
 	//       "type": "string"
 	//     },
@@ -69753,126 +71039,179 @@ func (c *RegionInstanceGroupManagersAbandonInstancesCall) Do(opts ...googleapi.C
 	//       "type": "string"
 	//     },
 	//     "region": {
-	//       "description": "Name of the region scoping this request.",
+	//       "description": "The name of the region for this request.",
 	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
 	//       "required": true,
 	//       "type": "string"
-	//     },
-	//     "requestId": {
-	//       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-	//       "location": "query",
-	//       "type": "string"
 	//     }
 	//   },
-	//   "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/abandonInstances",
-	//   "request": {
-	//     "$ref": "RegionInstanceGroupManagersAbandonInstancesRequest"
-	//   },
+	//   "path": "{project}/regions/{region}/diskTypes/{diskType}",
 	//   "response": {
-	//     "$ref": "Operation"
+	//     "$ref": "DiskType"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform",
-	//     "https://www.googleapis.com/auth/compute"
+	//     "https://www.googleapis.com/auth/compute",
+	//     "https://www.googleapis.com/auth/compute.readonly"
 	//   ]
 	// }
 
 }
 
-// method id "compute.regionInstanceGroupManagers.delete":
+// method id "compute.regionDiskTypes.list":
 
-type RegionInstanceGroupManagersDeleteCall struct {
-	s                    *Service
-	project              string
-	region               string
-	instanceGroupManager string
-	urlParams_           gensupport.URLParams
-	ctx_                 context.Context
-	header_              http.Header
+type RegionDiskTypesListCall struct {
+	s            *Service
+	project      string
+	region       string
+	urlParams_   gensupport.URLParams
+	ifNoneMatch_ string
+	ctx_         context.Context
+	header_      http.Header
 }
 
-// Delete: Deletes the specified managed instance group and all of the
-// instances in that group.
-func (r *RegionInstanceGroupManagersService) Delete(project string, region string, instanceGroupManager string) *RegionInstanceGroupManagersDeleteCall {
-	c := &RegionInstanceGroupManagersDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+// List: Retrieves a list of regional disk types available to the
+// specified project.
+func (r *RegionDiskTypesService) List(project string, region string) *RegionDiskTypesListCall {
+	c := &RegionDiskTypesListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.project = project
 	c.region = region
-	c.instanceGroupManager = instanceGroupManager
 	return c
 }
 
-// RequestId sets the optional parameter "requestId": An optional
-// request ID to identify requests. Specify a unique request ID so that
-// if you must retry your request, the server will know to ignore the
-// request if it has already been completed.
+// Filter sets the optional parameter "filter": Sets a filter
+// {expression} for filtering listed resources. Your {expression} must
+// be in the format: field_name comparison_string literal_string.
 //
-// For example, consider a situation where you make an initial request
-// and the request times out. If you make the request again with the
-// same request ID, the server can check if original operation with the
-// same request ID was received, and if so, will ignore the second
-// request. This prevents clients from accidentally creating duplicate
-// commitments.
+// The field_name is the name of the field you want to compare. Only
+// atomic field types are supported (string, number, boolean). The
+// comparison_string must be either eq (equals) or ne (not equals). The
+// literal_string is the string value to filter to. The literal value
+// must be valid for the type of field you are filtering by (string,
+// number, boolean). For string fields, the literal value is interpreted
+// as a regular expression using RE2 syntax. The literal value must
+// match the entire field.
 //
-// The request ID must be a valid UUID with the exception that zero UUID
-// is not supported (00000000-0000-0000-0000-000000000000).
-func (c *RegionInstanceGroupManagersDeleteCall) RequestId(requestId string) *RegionInstanceGroupManagersDeleteCall {
-	c.urlParams_.Set("requestId", requestId)
+// For example, to filter for instances that do not have a name of
+// example-instance, you would use name ne example-instance.
+//
+// You can filter on nested fields. For example, you could filter on
+// instances that have set the scheduling.automaticRestart field to
+// true. Use filtering on nested fields to take advantage of labels to
+// organize and search for results based on label values.
+//
+// To filter on multiple expressions, provide each separate expression
+// within parentheses. For example, (scheduling.automaticRestart eq
+// true) (zone eq us-central1-f). Multiple expressions are treated as
+// AND expressions, meaning that resources must match all expressions to
+// pass the filters.
+func (c *RegionDiskTypesListCall) Filter(filter string) *RegionDiskTypesListCall {
+	c.urlParams_.Set("filter", filter)
+	return c
+}
+
+// MaxResults sets the optional parameter "maxResults": The maximum
+// number of results per page that should be returned. If the number of
+// available results is larger than maxResults, Compute Engine returns a
+// nextPageToken that can be used to get the next page of results in
+// subsequent list requests. Acceptable values are 0 to 500, inclusive.
+// (Default: 500)
+func (c *RegionDiskTypesListCall) MaxResults(maxResults int64) *RegionDiskTypesListCall {
+	c.urlParams_.Set("maxResults", fmt.Sprint(maxResults))
+	return c
+}
+
+// OrderBy sets the optional parameter "orderBy": Sorts list results by
+// a certain order. By default, results are returned in alphanumerical
+// order based on the resource name.
+//
+// You can also sort results in descending order based on the creation
+// timestamp using orderBy="creationTimestamp desc". This sorts results
+// based on the creationTimestamp field in reverse chronological order
+// (newest result first). Use this to sort resources like operations so
+// that the newest operation is returned first.
+//
+// Currently, only sorting by name or creationTimestamp desc is
+// supported.
+func (c *RegionDiskTypesListCall) OrderBy(orderBy string) *RegionDiskTypesListCall {
+	c.urlParams_.Set("orderBy", orderBy)
+	return c
+}
+
+// PageToken sets the optional parameter "pageToken": Specifies a page
+// token to use. Set pageToken to the nextPageToken returned by a
+// previous list request to get the next page of results.
+func (c *RegionDiskTypesListCall) PageToken(pageToken string) *RegionDiskTypesListCall {
+	c.urlParams_.Set("pageToken", pageToken)
 	return c
 }
 
 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
-func (c *RegionInstanceGroupManagersDeleteCall) Fields(s ...googleapi.Field) *RegionInstanceGroupManagersDeleteCall {
+func (c *RegionDiskTypesListCall) Fields(s ...googleapi.Field) *RegionDiskTypesListCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }
 
+// IfNoneMatch sets the optional parameter which makes the operation
+// fail if the object's ETag matches the given value. This is useful for
+// getting updates only after the object has changed since the last
+// request. Use googleapi.IsNotModified to check whether the response
+// error from Do is the result of In-None-Match.
+func (c *RegionDiskTypesListCall) IfNoneMatch(entityTag string) *RegionDiskTypesListCall {
+	c.ifNoneMatch_ = entityTag
+	return c
+}
+
 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
-func (c *RegionInstanceGroupManagersDeleteCall) Context(ctx context.Context) *RegionInstanceGroupManagersDeleteCall {
+func (c *RegionDiskTypesListCall) Context(ctx context.Context) *RegionDiskTypesListCall {
 	c.ctx_ = ctx
 	return c
 }
 
 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
-func (c *RegionInstanceGroupManagersDeleteCall) Header() http.Header {
+func (c *RegionDiskTypesListCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }
 
-func (c *RegionInstanceGroupManagersDeleteCall) doRequest(alt string) (*http.Response, error) {
+func (c *RegionDiskTypesListCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
+	if c.ifNoneMatch_ != "" {
+		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
+	}
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
-	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}")
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/diskTypes")
 	urls += "?" + c.urlParams_.Encode()
-	req, _ := http.NewRequest("DELETE", urls, body)
+	req, _ := http.NewRequest("GET", urls, body)
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
-		"project":              c.project,
-		"region":               c.region,
-		"instanceGroupManager": c.instanceGroupManager,
+		"project": c.project,
+		"region":  c.region,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }
 
-// Do executes the "compute.regionInstanceGroupManagers.delete" call.
-// Exactly one of *Operation or error will be non-nil. Any non-2xx
-// status code is an error. Response headers are in either
-// *Operation.ServerResponse.Header or (if a response was returned at
-// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
-// to check whether the returned error was because
-// http.StatusNotModified was returned.
-func (c *RegionInstanceGroupManagersDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+// Do executes the "compute.regionDiskTypes.list" call.
+// Exactly one of *RegionDiskTypeList or error will be non-nil. Any
+// non-2xx status code is an error. Response headers are in either
+// *RegionDiskTypeList.ServerResponse.Header or (if a response was
+// returned at all) in error.(*googleapi.Error).Header. Use
+// googleapi.IsNotModified to check whether the returned error was
+// because http.StatusNotModified was returned.
+func (c *RegionDiskTypesListCall) Do(opts ...googleapi.CallOption) (*RegionDiskTypeList, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
@@ -69891,7 +71230,7 @@ func (c *RegionInstanceGroupManagersDeleteCall) Do(opts ...googleapi.CallOption)
 	if err := googleapi.CheckResponse(res); err != nil {
 		return nil, err
 	}
-	ret := &Operation{
+	ret := &RegionDiskTypeList{
 		ServerResponse: googleapi.ServerResponse{
 			Header:         res.Header,
 			HTTPStatusCode: res.StatusCode,
@@ -69903,19 +71242,35 @@ func (c *RegionInstanceGroupManagersDeleteCall) Do(opts ...googleapi.CallOption)
 	}
 	return ret, nil
 	// {
-	//   "description": "Deletes the specified managed instance group and all of the instances in that group.",
-	//   "httpMethod": "DELETE",
-	//   "id": "compute.regionInstanceGroupManagers.delete",
+	//   "description": "Retrieves a list of regional disk types available to the specified project.",
+	//   "httpMethod": "GET",
+	//   "id": "compute.regionDiskTypes.list",
 	//   "parameterOrder": [
 	//     "project",
-	//     "region",
-	//     "instanceGroupManager"
+	//     "region"
 	//   ],
 	//   "parameters": {
-	//     "instanceGroupManager": {
-	//       "description": "Name of the managed instance group to delete.",
-	//       "location": "path",
-	//       "required": true,
+	//     "filter": {
+	//       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "maxResults": {
+	//       "default": "500",
+	//       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+	//       "format": "uint32",
+	//       "location": "query",
+	//       "minimum": "0",
+	//       "type": "integer"
+	//     },
+	//     "orderBy": {
+	//       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "pageToken": {
+	//       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+	//       "location": "query",
 	//       "type": "string"
 	//     },
 	//     "project": {
@@ -69926,64 +71281,67 @@ func (c *RegionInstanceGroupManagersDeleteCall) Do(opts ...googleapi.CallOption)
 	//       "type": "string"
 	//     },
 	//     "region": {
-	//       "description": "Name of the region scoping this request.",
+	//       "description": "The name of the region for this request.",
 	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
 	//       "required": true,
 	//       "type": "string"
-	//     },
-	//     "requestId": {
-	//       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-	//       "location": "query",
-	//       "type": "string"
 	//     }
 	//   },
-	//   "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
+	//   "path": "{project}/regions/{region}/diskTypes",
 	//   "response": {
-	//     "$ref": "Operation"
+	//     "$ref": "RegionDiskTypeList"
 	//   },
 	//   "scopes": [
 	//     "https://www.googleapis.com/auth/cloud-platform",
-	//     "https://www.googleapis.com/auth/compute"
+	//     "https://www.googleapis.com/auth/compute",
+	//     "https://www.googleapis.com/auth/compute.readonly"
 	//   ]
 	// }
 
 }
 
-// method id "compute.regionInstanceGroupManagers.deleteInstances":
+// Pages invokes f for each page of results.
+// A non-nil error returned from f will halt the iteration.
+// The provided context supersedes any context provided to the Context method.
+func (c *RegionDiskTypesListCall) Pages(ctx context.Context, f func(*RegionDiskTypeList) error) error {
+	c.ctx_ = ctx
+	defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point
+	for {
+		x, err := c.Do()
+		if err != nil {
+			return err
+		}
+		if err := f(x); err != nil {
+			return err
+		}
+		if x.NextPageToken == "" {
+			return nil
+		}
+		c.PageToken(x.NextPageToken)
+	}
+}
 
-type RegionInstanceGroupManagersDeleteInstancesCall struct {
-	s                                                 *Service
-	project                                           string
-	region                                            string
-	instanceGroupManager                              string
-	regioninstancegroupmanagersdeleteinstancesrequest *RegionInstanceGroupManagersDeleteInstancesRequest
-	urlParams_                                        gensupport.URLParams
-	ctx_                                              context.Context
-	header_                                           http.Header
+// method id "compute.regionDisks.createSnapshot":
+
+type RegionDisksCreateSnapshotCall struct {
+	s          *Service
+	project    string
+	region     string
+	disk       string
+	snapshot   *Snapshot
+	urlParams_ gensupport.URLParams
+	ctx_       context.Context
+	header_    http.Header
 }
 
-// DeleteInstances: Schedules a group action to delete the specified
-// instances in the managed instance group. The instances are also
-// removed from any target pools of which they were a member. This
-// method reduces the targetSize of the managed instance group by the
-// number of instances that you delete. This operation is marked as DONE
-// when the action is scheduled even if the instances are still being
-// deleted. You must separately verify the status of the deleting action
-// with the listmanagedinstances method.
-//
-// If the group is part of a backend service that has enabled connection
-// draining, it can take up to 60 seconds after the connection draining
-// duration has elapsed before the VM instance is removed or
-// deleted.
-//
-// You can specify a maximum of 1000 instances with this method per
-// request.
-func (r *RegionInstanceGroupManagersService) DeleteInstances(project string, region string, instanceGroupManager string, regioninstancegroupmanagersdeleteinstancesrequest *RegionInstanceGroupManagersDeleteInstancesRequest) *RegionInstanceGroupManagersDeleteInstancesCall {
-	c := &RegionInstanceGroupManagersDeleteInstancesCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+// CreateSnapshot: Creates a snapshot of this regional disk.
+func (r *RegionDisksService) CreateSnapshot(project string, region string, disk string, snapshot *Snapshot) *RegionDisksCreateSnapshotCall {
+	c := &RegionDisksCreateSnapshotCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.project = project
 	c.region = region
-	c.instanceGroupManager = instanceGroupManager
-	c.regioninstancegroupmanagersdeleteinstancesrequest = regioninstancegroupmanagersdeleteinstancesrequest
+	c.disk = disk
+	c.snapshot = snapshot
 	return c
 }
 
@@ -70001,7 +71359,7 @@ func (r *RegionInstanceGroupManagersService) DeleteInstances(project string, reg
 //
 // The request ID must be a valid UUID with the exception that zero UUID
 // is not supported (00000000-0000-0000-0000-000000000000).
-func (c *RegionInstanceGroupManagersDeleteInstancesCall) RequestId(requestId string) *RegionInstanceGroupManagersDeleteInstancesCall {
+func (c *RegionDisksCreateSnapshotCall) RequestId(requestId string) *RegionDisksCreateSnapshotCall {
 	c.urlParams_.Set("requestId", requestId)
 	return c
 }
@@ -70009,7 +71367,7 @@ func (c *RegionInstanceGroupManagersDeleteInstancesCall) RequestId(requestId str
 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
-func (c *RegionInstanceGroupManagersDeleteInstancesCall) Fields(s ...googleapi.Field) *RegionInstanceGroupManagersDeleteInstancesCall {
+func (c *RegionDisksCreateSnapshotCall) Fields(s ...googleapi.Field) *RegionDisksCreateSnapshotCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }
@@ -70017,53 +71375,1916 @@ func (c *RegionInstanceGroupManagersDeleteInstancesCall) Fields(s ...googleapi.F
 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
-func (c *RegionInstanceGroupManagersDeleteInstancesCall) Context(ctx context.Context) *RegionInstanceGroupManagersDeleteInstancesCall {
+func (c *RegionDisksCreateSnapshotCall) Context(ctx context.Context) *RegionDisksCreateSnapshotCall {
 	c.ctx_ = ctx
 	return c
 }
 
 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
-func (c *RegionInstanceGroupManagersDeleteInstancesCall) Header() http.Header {
+func (c *RegionDisksCreateSnapshotCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }
 
-func (c *RegionInstanceGroupManagersDeleteInstancesCall) doRequest(alt string) (*http.Response, error) {
+func (c *RegionDisksCreateSnapshotCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
-	body, err := googleapi.WithoutDataWrapper.JSONReader(c.regioninstancegroupmanagersdeleteinstancesrequest)
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.snapshot)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
-	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/deleteInstances")
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/disks/{disk}/createSnapshot")
 	urls += "?" + c.urlParams_.Encode()
 	req, _ := http.NewRequest("POST", urls, body)
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
-		"project":              c.project,
-		"region":               c.region,
-		"instanceGroupManager": c.instanceGroupManager,
+		"project": c.project,
+		"region":  c.region,
+		"disk":    c.disk,
 	})
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }
 
-// Do executes the "compute.regionInstanceGroupManagers.deleteInstances" call.
+// Do executes the "compute.regionDisks.createSnapshot" call.
 // Exactly one of *Operation or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Operation.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
-func (c *RegionInstanceGroupManagersDeleteInstancesCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+func (c *RegionDisksCreateSnapshotCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Creates a snapshot of this regional disk.",
+	//   "httpMethod": "POST",
+	//   "id": "compute.regionDisks.createSnapshot",
+	//   "parameterOrder": [
+	//     "project",
+	//     "region",
+	//     "disk"
+	//   ],
+	//   "parameters": {
+	//     "disk": {
+	//       "description": "Name of the regional persistent disk to snapshot.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "region": {
+	//       "description": "Name of the region for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "requestId": {
+	//       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+	//       "location": "query",
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/regions/{region}/disks/{disk}/createSnapshot",
+	//   "request": {
+	//     "$ref": "Snapshot"
+	//   },
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute"
+	//   ]
+	// }
+
+}
+
+// method id "compute.regionDisks.delete":
+
+type RegionDisksDeleteCall struct {
+	s          *Service
+	project    string
+	region     string
+	disk       string
+	urlParams_ gensupport.URLParams
+	ctx_       context.Context
+	header_    http.Header
+}
+
+// Delete: Deletes the specified regional persistent disk. Deleting a
+// regional disk removes all the replicas of its data permanently and is
+// irreversible. However, deleting a disk does not delete any snapshots
+// previously made from the disk. You must separately delete snapshots.
+func (r *RegionDisksService) Delete(project string, region string, disk string) *RegionDisksDeleteCall {
+	c := &RegionDisksDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.region = region
+	c.disk = disk
+	return c
+}
+
+// RequestId sets the optional parameter "requestId": An optional
+// request ID to identify requests. Specify a unique request ID so that
+// if you must retry your request, the server will know to ignore the
+// request if it has already been completed.
+//
+// For example, consider a situation where you make an initial request
+// and the request times out. If you make the request again with the
+// same request ID, the server can check if original operation with the
+// same request ID was received, and if so, will ignore the second
+// request. This prevents clients from accidentally creating duplicate
+// commitments.
+//
+// The request ID must be a valid UUID with the exception that zero UUID
+// is not supported (00000000-0000-0000-0000-000000000000).
+func (c *RegionDisksDeleteCall) RequestId(requestId string) *RegionDisksDeleteCall {
+	c.urlParams_.Set("requestId", requestId)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *RegionDisksDeleteCall) Fields(s ...googleapi.Field) *RegionDisksDeleteCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *RegionDisksDeleteCall) Context(ctx context.Context) *RegionDisksDeleteCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *RegionDisksDeleteCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *RegionDisksDeleteCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/disks/{disk}")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("DELETE", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project": c.project,
+		"region":  c.region,
+		"disk":    c.disk,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.regionDisks.delete" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *RegionDisksDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Deletes the specified regional persistent disk. Deleting a regional disk removes all the replicas of its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.",
+	//   "httpMethod": "DELETE",
+	//   "id": "compute.regionDisks.delete",
+	//   "parameterOrder": [
+	//     "project",
+	//     "region",
+	//     "disk"
+	//   ],
+	//   "parameters": {
+	//     "disk": {
+	//       "description": "Name of the regional persistent disk to delete.",
+	//       "location": "path",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "region": {
+	//       "description": "Name of the region for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "requestId": {
+	//       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+	//       "location": "query",
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/regions/{region}/disks/{disk}",
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute"
+	//   ]
+	// }
+
+}
+
+// method id "compute.regionDisks.get":
+
+type RegionDisksGetCall struct {
+	s            *Service
+	project      string
+	region       string
+	disk         string
+	urlParams_   gensupport.URLParams
+	ifNoneMatch_ string
+	ctx_         context.Context
+	header_      http.Header
+}
+
+// Get: Returns a specified regional persistent disk.
+func (r *RegionDisksService) Get(project string, region string, disk string) *RegionDisksGetCall {
+	c := &RegionDisksGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.region = region
+	c.disk = disk
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *RegionDisksGetCall) Fields(s ...googleapi.Field) *RegionDisksGetCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// IfNoneMatch sets the optional parameter which makes the operation
+// fail if the object's ETag matches the given value. This is useful for
+// getting updates only after the object has changed since the last
+// request. Use googleapi.IsNotModified to check whether the response
+// error from Do is the result of In-None-Match.
+func (c *RegionDisksGetCall) IfNoneMatch(entityTag string) *RegionDisksGetCall {
+	c.ifNoneMatch_ = entityTag
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *RegionDisksGetCall) Context(ctx context.Context) *RegionDisksGetCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *RegionDisksGetCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *RegionDisksGetCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	if c.ifNoneMatch_ != "" {
+		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
+	}
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/disks/{disk}")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("GET", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project": c.project,
+		"region":  c.region,
+		"disk":    c.disk,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.regionDisks.get" call.
+// Exactly one of *Disk or error will be non-nil. Any non-2xx status
+// code is an error. Response headers are in either
+// *Disk.ServerResponse.Header or (if a response was returned at all) in
+// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
+// whether the returned error was because http.StatusNotModified was
+// returned.
+func (c *RegionDisksGetCall) Do(opts ...googleapi.CallOption) (*Disk, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Disk{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Returns a specified regional persistent disk.",
+	//   "httpMethod": "GET",
+	//   "id": "compute.regionDisks.get",
+	//   "parameterOrder": [
+	//     "project",
+	//     "region",
+	//     "disk"
+	//   ],
+	//   "parameters": {
+	//     "disk": {
+	//       "description": "Name of the regional persistent disk to return.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "region": {
+	//       "description": "Name of the region for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/regions/{region}/disks/{disk}",
+	//   "response": {
+	//     "$ref": "Disk"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute",
+	//     "https://www.googleapis.com/auth/compute.readonly"
+	//   ]
+	// }
+
+}
+
+// method id "compute.regionDisks.insert":
+
+type RegionDisksInsertCall struct {
+	s          *Service
+	project    string
+	region     string
+	disk       *Disk
+	urlParams_ gensupport.URLParams
+	ctx_       context.Context
+	header_    http.Header
+}
+
+// Insert: Creates a persistent regional disk in the specified project
+// using the data included in the request.
+func (r *RegionDisksService) Insert(project string, region string, disk *Disk) *RegionDisksInsertCall {
+	c := &RegionDisksInsertCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.region = region
+	c.disk = disk
+	return c
+}
+
+// RequestId sets the optional parameter "requestId": An optional
+// request ID to identify requests. Specify a unique request ID so that
+// if you must retry your request, the server will know to ignore the
+// request if it has already been completed.
+//
+// For example, consider a situation where you make an initial request
+// and the request times out. If you make the request again with the
+// same request ID, the server can check if original operation with the
+// same request ID was received, and if so, will ignore the second
+// request. This prevents clients from accidentally creating duplicate
+// commitments.
+//
+// The request ID must be a valid UUID with the exception that zero UUID
+// is not supported (00000000-0000-0000-0000-000000000000).
+func (c *RegionDisksInsertCall) RequestId(requestId string) *RegionDisksInsertCall {
+	c.urlParams_.Set("requestId", requestId)
+	return c
+}
+
+// SourceImage sets the optional parameter "sourceImage": Source image
+// to restore onto a disk.
+func (c *RegionDisksInsertCall) SourceImage(sourceImage string) *RegionDisksInsertCall {
+	c.urlParams_.Set("sourceImage", sourceImage)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *RegionDisksInsertCall) Fields(s ...googleapi.Field) *RegionDisksInsertCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *RegionDisksInsertCall) Context(ctx context.Context) *RegionDisksInsertCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *RegionDisksInsertCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *RegionDisksInsertCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.disk)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/disks")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project": c.project,
+		"region":  c.region,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.regionDisks.insert" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *RegionDisksInsertCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Creates a persistent regional disk in the specified project using the data included in the request.",
+	//   "httpMethod": "POST",
+	//   "id": "compute.regionDisks.insert",
+	//   "parameterOrder": [
+	//     "project",
+	//     "region"
+	//   ],
+	//   "parameters": {
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "region": {
+	//       "description": "Name of the region for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "requestId": {
+	//       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "sourceImage": {
+	//       "description": "Optional. Source image to restore onto a disk.",
+	//       "location": "query",
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/regions/{region}/disks",
+	//   "request": {
+	//     "$ref": "Disk"
+	//   },
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute"
+	//   ]
+	// }
+
+}
+
+// method id "compute.regionDisks.list":
+
+type RegionDisksListCall struct {
+	s            *Service
+	project      string
+	region       string
+	urlParams_   gensupport.URLParams
+	ifNoneMatch_ string
+	ctx_         context.Context
+	header_      http.Header
+}
+
+// List: Retrieves the list of persistent disks contained within the
+// specified region.
+func (r *RegionDisksService) List(project string, region string) *RegionDisksListCall {
+	c := &RegionDisksListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.region = region
+	return c
+}
+
+// Filter sets the optional parameter "filter": Sets a filter
+// {expression} for filtering listed resources. Your {expression} must
+// be in the format: field_name comparison_string literal_string.
+//
+// The field_name is the name of the field you want to compare. Only
+// atomic field types are supported (string, number, boolean). The
+// comparison_string must be either eq (equals) or ne (not equals). The
+// literal_string is the string value to filter to. The literal value
+// must be valid for the type of field you are filtering by (string,
+// number, boolean). For string fields, the literal value is interpreted
+// as a regular expression using RE2 syntax. The literal value must
+// match the entire field.
+//
+// For example, to filter for instances that do not have a name of
+// example-instance, you would use name ne example-instance.
+//
+// You can filter on nested fields. For example, you could filter on
+// instances that have set the scheduling.automaticRestart field to
+// true. Use filtering on nested fields to take advantage of labels to
+// organize and search for results based on label values.
+//
+// To filter on multiple expressions, provide each separate expression
+// within parentheses. For example, (scheduling.automaticRestart eq
+// true) (zone eq us-central1-f). Multiple expressions are treated as
+// AND expressions, meaning that resources must match all expressions to
+// pass the filters.
+func (c *RegionDisksListCall) Filter(filter string) *RegionDisksListCall {
+	c.urlParams_.Set("filter", filter)
+	return c
+}
+
+// MaxResults sets the optional parameter "maxResults": The maximum
+// number of results per page that should be returned. If the number of
+// available results is larger than maxResults, Compute Engine returns a
+// nextPageToken that can be used to get the next page of results in
+// subsequent list requests. Acceptable values are 0 to 500, inclusive.
+// (Default: 500)
+func (c *RegionDisksListCall) MaxResults(maxResults int64) *RegionDisksListCall {
+	c.urlParams_.Set("maxResults", fmt.Sprint(maxResults))
+	return c
+}
+
+// OrderBy sets the optional parameter "orderBy": Sorts list results by
+// a certain order. By default, results are returned in alphanumerical
+// order based on the resource name.
+//
+// You can also sort results in descending order based on the creation
+// timestamp using orderBy="creationTimestamp desc". This sorts results
+// based on the creationTimestamp field in reverse chronological order
+// (newest result first). Use this to sort resources like operations so
+// that the newest operation is returned first.
+//
+// Currently, only sorting by name or creationTimestamp desc is
+// supported.
+func (c *RegionDisksListCall) OrderBy(orderBy string) *RegionDisksListCall {
+	c.urlParams_.Set("orderBy", orderBy)
+	return c
+}
+
+// PageToken sets the optional parameter "pageToken": Specifies a page
+// token to use. Set pageToken to the nextPageToken returned by a
+// previous list request to get the next page of results.
+func (c *RegionDisksListCall) PageToken(pageToken string) *RegionDisksListCall {
+	c.urlParams_.Set("pageToken", pageToken)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *RegionDisksListCall) Fields(s ...googleapi.Field) *RegionDisksListCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// IfNoneMatch sets the optional parameter which makes the operation
+// fail if the object's ETag matches the given value. This is useful for
+// getting updates only after the object has changed since the last
+// request. Use googleapi.IsNotModified to check whether the response
+// error from Do is the result of In-None-Match.
+func (c *RegionDisksListCall) IfNoneMatch(entityTag string) *RegionDisksListCall {
+	c.ifNoneMatch_ = entityTag
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *RegionDisksListCall) Context(ctx context.Context) *RegionDisksListCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *RegionDisksListCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *RegionDisksListCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	if c.ifNoneMatch_ != "" {
+		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
+	}
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/disks")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("GET", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project": c.project,
+		"region":  c.region,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.regionDisks.list" call.
+// Exactly one of *DiskList or error will be non-nil. Any non-2xx status
+// code is an error. Response headers are in either
+// *DiskList.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *RegionDisksListCall) Do(opts ...googleapi.CallOption) (*DiskList, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &DiskList{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Retrieves the list of persistent disks contained within the specified region.",
+	//   "httpMethod": "GET",
+	//   "id": "compute.regionDisks.list",
+	//   "parameterOrder": [
+	//     "project",
+	//     "region"
+	//   ],
+	//   "parameters": {
+	//     "filter": {
+	//       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "maxResults": {
+	//       "default": "500",
+	//       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+	//       "format": "uint32",
+	//       "location": "query",
+	//       "minimum": "0",
+	//       "type": "integer"
+	//     },
+	//     "orderBy": {
+	//       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "pageToken": {
+	//       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "region": {
+	//       "description": "Name of the region for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/regions/{region}/disks",
+	//   "response": {
+	//     "$ref": "DiskList"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute",
+	//     "https://www.googleapis.com/auth/compute.readonly"
+	//   ]
+	// }
+
+}
+
+// Pages invokes f for each page of results.
+// A non-nil error returned from f will halt the iteration.
+// The provided context supersedes any context provided to the Context method.
+func (c *RegionDisksListCall) Pages(ctx context.Context, f func(*DiskList) error) error {
+	c.ctx_ = ctx
+	defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point
+	for {
+		x, err := c.Do()
+		if err != nil {
+			return err
+		}
+		if err := f(x); err != nil {
+			return err
+		}
+		if x.NextPageToken == "" {
+			return nil
+		}
+		c.PageToken(x.NextPageToken)
+	}
+}
+
+// method id "compute.regionDisks.resize":
+
+type RegionDisksResizeCall struct {
+	s                        *Service
+	project                  string
+	region                   string
+	disk                     string
+	regiondisksresizerequest *RegionDisksResizeRequest
+	urlParams_               gensupport.URLParams
+	ctx_                     context.Context
+	header_                  http.Header
+}
+
+// Resize: Resizes the specified regional persistent disk.
+func (r *RegionDisksService) Resize(project string, region string, disk string, regiondisksresizerequest *RegionDisksResizeRequest) *RegionDisksResizeCall {
+	c := &RegionDisksResizeCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.region = region
+	c.disk = disk
+	c.regiondisksresizerequest = regiondisksresizerequest
+	return c
+}
+
+// RequestId sets the optional parameter "requestId": An optional
+// request ID to identify requests. Specify a unique request ID so that
+// if you must retry your request, the server will know to ignore the
+// request if it has already been completed.
+//
+// For example, consider a situation where you make an initial request
+// and the request times out. If you make the request again with the
+// same request ID, the server can check if original operation with the
+// same request ID was received, and if so, will ignore the second
+// request. This prevents clients from accidentally creating duplicate
+// commitments.
+//
+// The request ID must be a valid UUID with the exception that zero UUID
+// is not supported (00000000-0000-0000-0000-000000000000).
+func (c *RegionDisksResizeCall) RequestId(requestId string) *RegionDisksResizeCall {
+	c.urlParams_.Set("requestId", requestId)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *RegionDisksResizeCall) Fields(s ...googleapi.Field) *RegionDisksResizeCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *RegionDisksResizeCall) Context(ctx context.Context) *RegionDisksResizeCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *RegionDisksResizeCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *RegionDisksResizeCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.regiondisksresizerequest)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/disks/{disk}/resize")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project": c.project,
+		"region":  c.region,
+		"disk":    c.disk,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.regionDisks.resize" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *RegionDisksResizeCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Resizes the specified regional persistent disk.",
+	//   "httpMethod": "POST",
+	//   "id": "compute.regionDisks.resize",
+	//   "parameterOrder": [
+	//     "project",
+	//     "region",
+	//     "disk"
+	//   ],
+	//   "parameters": {
+	//     "disk": {
+	//       "description": "Name of the regional persistent disk.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "project": {
+	//       "description": "The project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "region": {
+	//       "description": "Name of the region for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "requestId": {
+	//       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+	//       "location": "query",
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/regions/{region}/disks/{disk}/resize",
+	//   "request": {
+	//     "$ref": "RegionDisksResizeRequest"
+	//   },
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute"
+	//   ]
+	// }
+
+}
+
+// method id "compute.regionDisks.setLabels":
+
+type RegionDisksSetLabelsCall struct {
+	s                      *Service
+	project                string
+	region                 string
+	resource               string
+	regionsetlabelsrequest *RegionSetLabelsRequest
+	urlParams_             gensupport.URLParams
+	ctx_                   context.Context
+	header_                http.Header
+}
+
+// SetLabels: Sets the labels on the target regional disk.
+func (r *RegionDisksService) SetLabels(project string, region string, resource string, regionsetlabelsrequest *RegionSetLabelsRequest) *RegionDisksSetLabelsCall {
+	c := &RegionDisksSetLabelsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.region = region
+	c.resource = resource
+	c.regionsetlabelsrequest = regionsetlabelsrequest
+	return c
+}
+
+// RequestId sets the optional parameter "requestId": An optional
+// request ID to identify requests. Specify a unique request ID so that
+// if you must retry your request, the server will know to ignore the
+// request if it has already been completed.
+//
+// For example, consider a situation where you make an initial request
+// and the request times out. If you make the request again with the
+// same request ID, the server can check if original operation with the
+// same request ID was received, and if so, will ignore the second
+// request. This prevents clients from accidentally creating duplicate
+// commitments.
+//
+// The request ID must be a valid UUID with the exception that zero UUID
+// is not supported (00000000-0000-0000-0000-000000000000).
+func (c *RegionDisksSetLabelsCall) RequestId(requestId string) *RegionDisksSetLabelsCall {
+	c.urlParams_.Set("requestId", requestId)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *RegionDisksSetLabelsCall) Fields(s ...googleapi.Field) *RegionDisksSetLabelsCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *RegionDisksSetLabelsCall) Context(ctx context.Context) *RegionDisksSetLabelsCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *RegionDisksSetLabelsCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *RegionDisksSetLabelsCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.regionsetlabelsrequest)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/disks/{resource}/setLabels")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project":  c.project,
+		"region":   c.region,
+		"resource": c.resource,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.regionDisks.setLabels" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *RegionDisksSetLabelsCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Sets the labels on the target regional disk.",
+	//   "httpMethod": "POST",
+	//   "id": "compute.regionDisks.setLabels",
+	//   "parameterOrder": [
+	//     "project",
+	//     "region",
+	//     "resource"
+	//   ],
+	//   "parameters": {
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "region": {
+	//       "description": "The region for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "requestId": {
+	//       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "resource": {
+	//       "description": "Name of the resource for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/regions/{region}/disks/{resource}/setLabels",
+	//   "request": {
+	//     "$ref": "RegionSetLabelsRequest"
+	//   },
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute"
+	//   ]
+	// }
+
+}
+
+// method id "compute.regionDisks.testIamPermissions":
+
+type RegionDisksTestIamPermissionsCall struct {
+	s                      *Service
+	project                string
+	region                 string
+	resource               string
+	testpermissionsrequest *TestPermissionsRequest
+	urlParams_             gensupport.URLParams
+	ctx_                   context.Context
+	header_                http.Header
+}
+
+// TestIamPermissions: Returns permissions that a caller has on the
+// specified resource.
+func (r *RegionDisksService) TestIamPermissions(project string, region string, resource string, testpermissionsrequest *TestPermissionsRequest) *RegionDisksTestIamPermissionsCall {
+	c := &RegionDisksTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.region = region
+	c.resource = resource
+	c.testpermissionsrequest = testpermissionsrequest
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *RegionDisksTestIamPermissionsCall) Fields(s ...googleapi.Field) *RegionDisksTestIamPermissionsCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *RegionDisksTestIamPermissionsCall) Context(ctx context.Context) *RegionDisksTestIamPermissionsCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *RegionDisksTestIamPermissionsCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *RegionDisksTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.testpermissionsrequest)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/disks/{resource}/testIamPermissions")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project":  c.project,
+		"region":   c.region,
+		"resource": c.resource,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.regionDisks.testIamPermissions" call.
+// Exactly one of *TestPermissionsResponse or error will be non-nil. Any
+// non-2xx status code is an error. Response headers are in either
+// *TestPermissionsResponse.ServerResponse.Header or (if a response was
+// returned at all) in error.(*googleapi.Error).Header. Use
+// googleapi.IsNotModified to check whether the returned error was
+// because http.StatusNotModified was returned.
+func (c *RegionDisksTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestPermissionsResponse, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &TestPermissionsResponse{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Returns permissions that a caller has on the specified resource.",
+	//   "httpMethod": "POST",
+	//   "id": "compute.regionDisks.testIamPermissions",
+	//   "parameterOrder": [
+	//     "project",
+	//     "region",
+	//     "resource"
+	//   ],
+	//   "parameters": {
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "region": {
+	//       "description": "The name of the region for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "resource": {
+	//       "description": "Name of the resource for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/regions/{region}/disks/{resource}/testIamPermissions",
+	//   "request": {
+	//     "$ref": "TestPermissionsRequest"
+	//   },
+	//   "response": {
+	//     "$ref": "TestPermissionsResponse"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute",
+	//     "https://www.googleapis.com/auth/compute.readonly"
+	//   ]
+	// }
+
+}
+
+// method id "compute.regionInstanceGroupManagers.abandonInstances":
+
+type RegionInstanceGroupManagersAbandonInstancesCall struct {
+	s                                                  *Service
+	project                                            string
+	region                                             string
+	instanceGroupManager                               string
+	regioninstancegroupmanagersabandoninstancesrequest *RegionInstanceGroupManagersAbandonInstancesRequest
+	urlParams_                                         gensupport.URLParams
+	ctx_                                               context.Context
+	header_                                            http.Header
+}
+
+// AbandonInstances: Schedules a group action to remove the specified
+// instances from the managed instance group. Abandoning an instance
+// does not delete the instance, but it does remove the instance from
+// any target pools that are applied by the managed instance group. This
+// method reduces the targetSize of the managed instance group by the
+// number of instances that you abandon. This operation is marked as
+// DONE when the action is scheduled even if the instances have not yet
+// been removed from the group. You must separately verify the status of
+// the abandoning action with the listmanagedinstances method.
+//
+// If the group is part of a backend service that has enabled connection
+// draining, it can take up to 60 seconds after the connection draining
+// duration has elapsed before the VM instance is removed or
+// deleted.
+//
+// You can specify a maximum of 1000 instances with this method per
+// request.
+func (r *RegionInstanceGroupManagersService) AbandonInstances(project string, region string, instanceGroupManager string, regioninstancegroupmanagersabandoninstancesrequest *RegionInstanceGroupManagersAbandonInstancesRequest) *RegionInstanceGroupManagersAbandonInstancesCall {
+	c := &RegionInstanceGroupManagersAbandonInstancesCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.region = region
+	c.instanceGroupManager = instanceGroupManager
+	c.regioninstancegroupmanagersabandoninstancesrequest = regioninstancegroupmanagersabandoninstancesrequest
+	return c
+}
+
+// RequestId sets the optional parameter "requestId": An optional
+// request ID to identify requests. Specify a unique request ID so that
+// if you must retry your request, the server will know to ignore the
+// request if it has already been completed.
+//
+// For example, consider a situation where you make an initial request
+// and the request times out. If you make the request again with the
+// same request ID, the server can check if original operation with the
+// same request ID was received, and if so, will ignore the second
+// request. This prevents clients from accidentally creating duplicate
+// commitments.
+//
+// The request ID must be a valid UUID with the exception that zero UUID
+// is not supported (00000000-0000-0000-0000-000000000000).
+func (c *RegionInstanceGroupManagersAbandonInstancesCall) RequestId(requestId string) *RegionInstanceGroupManagersAbandonInstancesCall {
+	c.urlParams_.Set("requestId", requestId)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *RegionInstanceGroupManagersAbandonInstancesCall) Fields(s ...googleapi.Field) *RegionInstanceGroupManagersAbandonInstancesCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *RegionInstanceGroupManagersAbandonInstancesCall) Context(ctx context.Context) *RegionInstanceGroupManagersAbandonInstancesCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *RegionInstanceGroupManagersAbandonInstancesCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *RegionInstanceGroupManagersAbandonInstancesCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.regioninstancegroupmanagersabandoninstancesrequest)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/abandonInstances")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project":              c.project,
+		"region":               c.region,
+		"instanceGroupManager": c.instanceGroupManager,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.regionInstanceGroupManagers.abandonInstances" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *RegionInstanceGroupManagersAbandonInstancesCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Schedules a group action to remove the specified instances from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
+	//   "httpMethod": "POST",
+	//   "id": "compute.regionInstanceGroupManagers.abandonInstances",
+	//   "parameterOrder": [
+	//     "project",
+	//     "region",
+	//     "instanceGroupManager"
+	//   ],
+	//   "parameters": {
+	//     "instanceGroupManager": {
+	//       "description": "Name of the managed instance group.",
+	//       "location": "path",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "region": {
+	//       "description": "Name of the region scoping this request.",
+	//       "location": "path",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "requestId": {
+	//       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+	//       "location": "query",
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/abandonInstances",
+	//   "request": {
+	//     "$ref": "RegionInstanceGroupManagersAbandonInstancesRequest"
+	//   },
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute"
+	//   ]
+	// }
+
+}
+
+// method id "compute.regionInstanceGroupManagers.delete":
+
+type RegionInstanceGroupManagersDeleteCall struct {
+	s                    *Service
+	project              string
+	region               string
+	instanceGroupManager string
+	urlParams_           gensupport.URLParams
+	ctx_                 context.Context
+	header_              http.Header
+}
+
+// Delete: Deletes the specified managed instance group and all of the
+// instances in that group.
+func (r *RegionInstanceGroupManagersService) Delete(project string, region string, instanceGroupManager string) *RegionInstanceGroupManagersDeleteCall {
+	c := &RegionInstanceGroupManagersDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.region = region
+	c.instanceGroupManager = instanceGroupManager
+	return c
+}
+
+// RequestId sets the optional parameter "requestId": An optional
+// request ID to identify requests. Specify a unique request ID so that
+// if you must retry your request, the server will know to ignore the
+// request if it has already been completed.
+//
+// For example, consider a situation where you make an initial request
+// and the request times out. If you make the request again with the
+// same request ID, the server can check if original operation with the
+// same request ID was received, and if so, will ignore the second
+// request. This prevents clients from accidentally creating duplicate
+// commitments.
+//
+// The request ID must be a valid UUID with the exception that zero UUID
+// is not supported (00000000-0000-0000-0000-000000000000).
+func (c *RegionInstanceGroupManagersDeleteCall) RequestId(requestId string) *RegionInstanceGroupManagersDeleteCall {
+	c.urlParams_.Set("requestId", requestId)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *RegionInstanceGroupManagersDeleteCall) Fields(s ...googleapi.Field) *RegionInstanceGroupManagersDeleteCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *RegionInstanceGroupManagersDeleteCall) Context(ctx context.Context) *RegionInstanceGroupManagersDeleteCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *RegionInstanceGroupManagersDeleteCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *RegionInstanceGroupManagersDeleteCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("DELETE", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project":              c.project,
+		"region":               c.region,
+		"instanceGroupManager": c.instanceGroupManager,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.regionInstanceGroupManagers.delete" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *RegionInstanceGroupManagersDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Deletes the specified managed instance group and all of the instances in that group.",
+	//   "httpMethod": "DELETE",
+	//   "id": "compute.regionInstanceGroupManagers.delete",
+	//   "parameterOrder": [
+	//     "project",
+	//     "region",
+	//     "instanceGroupManager"
+	//   ],
+	//   "parameters": {
+	//     "instanceGroupManager": {
+	//       "description": "Name of the managed instance group to delete.",
+	//       "location": "path",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "region": {
+	//       "description": "Name of the region scoping this request.",
+	//       "location": "path",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "requestId": {
+	//       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+	//       "location": "query",
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute"
+	//   ]
+	// }
+
+}
+
+// method id "compute.regionInstanceGroupManagers.deleteInstances":
+
+type RegionInstanceGroupManagersDeleteInstancesCall struct {
+	s                                                 *Service
+	project                                           string
+	region                                            string
+	instanceGroupManager                              string
+	regioninstancegroupmanagersdeleteinstancesrequest *RegionInstanceGroupManagersDeleteInstancesRequest
+	urlParams_                                        gensupport.URLParams
+	ctx_                                              context.Context
+	header_                                           http.Header
+}
+
+// DeleteInstances: Schedules a group action to delete the specified
+// instances in the managed instance group. The instances are also
+// removed from any target pools of which they were a member. This
+// method reduces the targetSize of the managed instance group by the
+// number of instances that you delete. This operation is marked as DONE
+// when the action is scheduled even if the instances are still being
+// deleted. You must separately verify the status of the deleting action
+// with the listmanagedinstances method.
+//
+// If the group is part of a backend service that has enabled connection
+// draining, it can take up to 60 seconds after the connection draining
+// duration has elapsed before the VM instance is removed or
+// deleted.
+//
+// You can specify a maximum of 1000 instances with this method per
+// request.
+func (r *RegionInstanceGroupManagersService) DeleteInstances(project string, region string, instanceGroupManager string, regioninstancegroupmanagersdeleteinstancesrequest *RegionInstanceGroupManagersDeleteInstancesRequest) *RegionInstanceGroupManagersDeleteInstancesCall {
+	c := &RegionInstanceGroupManagersDeleteInstancesCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.region = region
+	c.instanceGroupManager = instanceGroupManager
+	c.regioninstancegroupmanagersdeleteinstancesrequest = regioninstancegroupmanagersdeleteinstancesrequest
+	return c
+}
+
+// RequestId sets the optional parameter "requestId": An optional
+// request ID to identify requests. Specify a unique request ID so that
+// if you must retry your request, the server will know to ignore the
+// request if it has already been completed.
+//
+// For example, consider a situation where you make an initial request
+// and the request times out. If you make the request again with the
+// same request ID, the server can check if original operation with the
+// same request ID was received, and if so, will ignore the second
+// request. This prevents clients from accidentally creating duplicate
+// commitments.
+//
+// The request ID must be a valid UUID with the exception that zero UUID
+// is not supported (00000000-0000-0000-0000-000000000000).
+func (c *RegionInstanceGroupManagersDeleteInstancesCall) RequestId(requestId string) *RegionInstanceGroupManagersDeleteInstancesCall {
+	c.urlParams_.Set("requestId", requestId)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *RegionInstanceGroupManagersDeleteInstancesCall) Fields(s ...googleapi.Field) *RegionInstanceGroupManagersDeleteInstancesCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *RegionInstanceGroupManagersDeleteInstancesCall) Context(ctx context.Context) *RegionInstanceGroupManagersDeleteInstancesCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *RegionInstanceGroupManagersDeleteInstancesCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *RegionInstanceGroupManagersDeleteInstancesCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.regioninstancegroupmanagersdeleteinstancesrequest)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/deleteInstances")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project":              c.project,
+		"region":               c.region,
+		"instanceGroupManager": c.instanceGroupManager,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.regionInstanceGroupManagers.deleteInstances" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *RegionInstanceGroupManagersDeleteInstancesCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
@@ -83177,6 +86398,257 @@ func (c *SubnetworksListCall) Pages(ctx context.Context, f func(*SubnetworkList)
 	}
 }
 
+// method id "compute.subnetworks.listUsable":
+
+type SubnetworksListUsableCall struct {
+	s            *Service
+	project      string
+	urlParams_   gensupport.URLParams
+	ifNoneMatch_ string
+	ctx_         context.Context
+	header_      http.Header
+}
+
+// ListUsable: Retrieves an aggregated list of usable subnetworks.
+func (r *SubnetworksService) ListUsable(project string) *SubnetworksListUsableCall {
+	c := &SubnetworksListUsableCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	return c
+}
+
+// Filter sets the optional parameter "filter": Sets a filter
+// {expression} for filtering listed resources. Your {expression} must
+// be in the format: field_name comparison_string literal_string.
+//
+// The field_name is the name of the field you want to compare. Only
+// atomic field types are supported (string, number, boolean). The
+// comparison_string must be either eq (equals) or ne (not equals). The
+// literal_string is the string value to filter to. The literal value
+// must be valid for the type of field you are filtering by (string,
+// number, boolean). For string fields, the literal value is interpreted
+// as a regular expression using RE2 syntax. The literal value must
+// match the entire field.
+//
+// For example, to filter for instances that do not have a name of
+// example-instance, you would use name ne example-instance.
+//
+// You can filter on nested fields. For example, you could filter on
+// instances that have set the scheduling.automaticRestart field to
+// true. Use filtering on nested fields to take advantage of labels to
+// organize and search for results based on label values.
+//
+// To filter on multiple expressions, provide each separate expression
+// within parentheses. For example, (scheduling.automaticRestart eq
+// true) (zone eq us-central1-f). Multiple expressions are treated as
+// AND expressions, meaning that resources must match all expressions to
+// pass the filters.
+func (c *SubnetworksListUsableCall) Filter(filter string) *SubnetworksListUsableCall {
+	c.urlParams_.Set("filter", filter)
+	return c
+}
+
+// MaxResults sets the optional parameter "maxResults": The maximum
+// number of results per page that should be returned. If the number of
+// available results is larger than maxResults, Compute Engine returns a
+// nextPageToken that can be used to get the next page of results in
+// subsequent list requests. Acceptable values are 0 to 500, inclusive.
+// (Default: 500)
+func (c *SubnetworksListUsableCall) MaxResults(maxResults int64) *SubnetworksListUsableCall {
+	c.urlParams_.Set("maxResults", fmt.Sprint(maxResults))
+	return c
+}
+
+// OrderBy sets the optional parameter "orderBy": Sorts list results by
+// a certain order. By default, results are returned in alphanumerical
+// order based on the resource name.
+//
+// You can also sort results in descending order based on the creation
+// timestamp using orderBy="creationTimestamp desc". This sorts results
+// based on the creationTimestamp field in reverse chronological order
+// (newest result first). Use this to sort resources like operations so
+// that the newest operation is returned first.
+//
+// Currently, only sorting by name or creationTimestamp desc is
+// supported.
+func (c *SubnetworksListUsableCall) OrderBy(orderBy string) *SubnetworksListUsableCall {
+	c.urlParams_.Set("orderBy", orderBy)
+	return c
+}
+
+// PageToken sets the optional parameter "pageToken": Specifies a page
+// token to use. Set pageToken to the nextPageToken returned by a
+// previous list request to get the next page of results.
+func (c *SubnetworksListUsableCall) PageToken(pageToken string) *SubnetworksListUsableCall {
+	c.urlParams_.Set("pageToken", pageToken)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *SubnetworksListUsableCall) Fields(s ...googleapi.Field) *SubnetworksListUsableCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// IfNoneMatch sets the optional parameter which makes the operation
+// fail if the object's ETag matches the given value. This is useful for
+// getting updates only after the object has changed since the last
+// request. Use googleapi.IsNotModified to check whether the response
+// error from Do is the result of In-None-Match.
+func (c *SubnetworksListUsableCall) IfNoneMatch(entityTag string) *SubnetworksListUsableCall {
+	c.ifNoneMatch_ = entityTag
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *SubnetworksListUsableCall) Context(ctx context.Context) *SubnetworksListUsableCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *SubnetworksListUsableCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *SubnetworksListUsableCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	if c.ifNoneMatch_ != "" {
+		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
+	}
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/aggregated/subnetworks/listUsable")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("GET", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project": c.project,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.subnetworks.listUsable" call.
+// Exactly one of *UsableSubnetworksAggregatedList or error will be
+// non-nil. Any non-2xx status code is an error. Response headers are in
+// either *UsableSubnetworksAggregatedList.ServerResponse.Header or (if
+// a response was returned at all) in error.(*googleapi.Error).Header.
+// Use googleapi.IsNotModified to check whether the returned error was
+// because http.StatusNotModified was returned.
+func (c *SubnetworksListUsableCall) Do(opts ...googleapi.CallOption) (*UsableSubnetworksAggregatedList, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &UsableSubnetworksAggregatedList{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Retrieves an aggregated list of usable subnetworks.",
+	//   "httpMethod": "GET",
+	//   "id": "compute.subnetworks.listUsable",
+	//   "parameterOrder": [
+	//     "project"
+	//   ],
+	//   "parameters": {
+	//     "filter": {
+	//       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "maxResults": {
+	//       "default": "500",
+	//       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+	//       "format": "uint32",
+	//       "location": "query",
+	//       "minimum": "0",
+	//       "type": "integer"
+	//     },
+	//     "orderBy": {
+	//       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "pageToken": {
+	//       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/aggregated/subnetworks/listUsable",
+	//   "response": {
+	//     "$ref": "UsableSubnetworksAggregatedList"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute",
+	//     "https://www.googleapis.com/auth/compute.readonly"
+	//   ]
+	// }
+
+}
+
+// Pages invokes f for each page of results.
+// A non-nil error returned from f will halt the iteration.
+// The provided context supersedes any context provided to the Context method.
+func (c *SubnetworksListUsableCall) Pages(ctx context.Context, f func(*UsableSubnetworksAggregatedList) error) error {
+	c.ctx_ = ctx
+	defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point
+	for {
+		x, err := c.Do()
+		if err != nil {
+			return err
+		}
+		if err := f(x); err != nil {
+			return err
+		}
+		if x.NextPageToken == "" {
+			return nil
+		}
+		c.PageToken(x.NextPageToken)
+	}
+}
+
 // method id "compute.subnetworks.patch":
 
 type SubnetworksPatchCall struct {
diff --git a/vendor/google.golang.org/api/compute/v1/compute-api.json b/vendor/google.golang.org/api/compute/v1/compute-api.json
index 96edf85352d9..a188c6df4cfc 100644
--- a/vendor/google.golang.org/api/compute/v1/compute-api.json
+++ b/vendor/google.golang.org/api/compute/v1/compute-api.json
@@ -1,29134 +1,29628 @@
 {
- "kind": "discovery#restDescription",
- "etag": "\"YWOzh2SDasdU84ArJnpYek-OMdg/BzHLXiml7t9ltKStcz-Ic74UmRU\"",
- "discoveryVersion": "v1",
- "id": "compute:v1",
- "name": "compute",
- "version": "v1",
- "revision": "20171122",
- "title": "Compute Engine API",
- "description": "Creates and runs virtual machines on Google Cloud Platform.",
- "ownerDomain": "google.com",
- "ownerName": "Google",
- "icons": {
-  "x16": "https://www.google.com/images/icons/product/compute_engine-16.png",
-  "x32": "https://www.google.com/images/icons/product/compute_engine-32.png"
- },
- "documentationLink": "https://developers.google.com/compute/docs/reference/latest/",
- "protocol": "rest",
- "baseUrl": "https://www.googleapis.com/compute/v1/projects/",
- "basePath": "/compute/v1/projects/",
- "rootUrl": "https://www.googleapis.com/",
- "servicePath": "compute/v1/projects/",
- "batchPath": "batch/compute/v1",
- "parameters": {
-  "alt": {
-   "type": "string",
-   "description": "Data format for the response.",
-   "default": "json",
-   "enum": [
-    "json"
-   ],
-   "enumDescriptions": [
-    "Responses with Content-Type of application/json"
-   ],
-   "location": "query"
-  },
-  "fields": {
-   "type": "string",
-   "description": "Selector specifying which fields to include in a partial response.",
-   "location": "query"
-  },
-  "key": {
-   "type": "string",
-   "description": "API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.",
-   "location": "query"
-  },
-  "oauth_token": {
-   "type": "string",
-   "description": "OAuth 2.0 token for the current user.",
-   "location": "query"
-  },
-  "prettyPrint": {
-   "type": "boolean",
-   "description": "Returns response with indentations and line breaks.",
-   "default": "true",
-   "location": "query"
-  },
-  "quotaUser": {
-   "type": "string",
-   "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. Overrides userIp if both are provided.",
-   "location": "query"
-  },
-  "userIp": {
-   "type": "string",
-   "description": "IP address of the site where the request originates. Use this if you want to enforce per-user limits.",
-   "location": "query"
-  }
- },
- "auth": {
-  "oauth2": {
-   "scopes": {
-    "https://www.googleapis.com/auth/cloud-platform": {
-     "description": "View and manage your data across Google Cloud Platform services"
-    },
-    "https://www.googleapis.com/auth/compute": {
-     "description": "View and manage your Google Compute Engine resources"
-    },
-    "https://www.googleapis.com/auth/compute.readonly": {
-     "description": "View your Google Compute Engine resources"
-    },
-    "https://www.googleapis.com/auth/devstorage.full_control": {
-     "description": "Manage your data and permissions in Google Cloud Storage"
-    },
-    "https://www.googleapis.com/auth/devstorage.read_only": {
-     "description": "View your data in Google Cloud Storage"
-    },
-    "https://www.googleapis.com/auth/devstorage.read_write": {
-     "description": "Manage your data in Google Cloud Storage"
-    }
-   }
-  }
- },
- "schemas": {
-  "AcceleratorConfig": {
-   "id": "AcceleratorConfig",
-   "type": "object",
-   "description": "A specification of the type and number of accelerator cards attached to the instance.",
-   "properties": {
-    "acceleratorCount": {
-     "type": "integer",
-     "description": "The number of the guest accelerator cards exposed to this instance.",
-     "format": "int32"
-    },
-    "acceleratorType": {
-     "type": "string",
-     "description": "Full or partial URL of the accelerator type resource to expose to this instance."
-    }
-   }
-  },
-  "AcceleratorType": {
-   "id": "AcceleratorType",
-   "type": "object",
-   "description": "An Accelerator Type resource. (== resource_for beta.acceleratorTypes ==) (== resource_for v1.acceleratorTypes ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "deprecated": {
-     "$ref": "DeprecationStatus",
-     "description": "[Output Only] The deprecation status associated with this accelerator type."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] An optional textual description of the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The type of the resource. Always compute#acceleratorType for accelerator types.",
-     "default": "compute#acceleratorType"
-    },
-    "maximumCardsPerInstance": {
-     "type": "integer",
-     "description": "[Output Only] Maximum accelerator cards allowed per instance.",
-     "format": "int32"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined fully-qualified URL for this resource."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] The name of the zone where the accelerator type resides, such as us-central1-a."
-    }
-   }
-  },
-  "AcceleratorTypeAggregatedList": {
-   "id": "AcceleratorTypeAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of AcceleratorTypesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "AcceleratorTypesScopedList",
-      "description": "[Output Only] Name of the scope containing this set of accelerator types."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#acceleratorTypeAggregatedList for aggregated lists of accelerator types.",
-     "default": "compute#acceleratorTypeAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AcceleratorTypeList": {
-   "id": "AcceleratorTypeList",
-   "type": "object",
-   "description": "Contains a list of accelerator types.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of AcceleratorType resources.",
-     "items": {
-      "$ref": "AcceleratorType"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#acceleratorTypeList for lists of accelerator types.",
-     "default": "compute#acceleratorTypeList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AcceleratorTypesScopedList": {
-   "id": "AcceleratorTypesScopedList",
-   "type": "object",
-   "properties": {
-    "acceleratorTypes": {
-     "type": "array",
-     "description": "[Output Only] List of accelerator types contained in this scope.",
-     "items": {
-      "$ref": "AcceleratorType"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] An informational warning that appears when the accelerator types list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+  "auth": {
+    "oauth2": {
+      "scopes": {
+        "https://www.googleapis.com/auth/cloud-platform": {
+          "description": "View and manage your data across Google Cloud Platform services"
+        },
+        "https://www.googleapis.com/auth/compute": {
+          "description": "View and manage your Google Compute Engine resources"
+        },
+        "https://www.googleapis.com/auth/compute.readonly": {
+          "description": "View your Google Compute Engine resources"
+        },
+        "https://www.googleapis.com/auth/devstorage.full_control": {
+          "description": "Manage your data and permissions in Google Cloud Storage"
+        },
+        "https://www.googleapis.com/auth/devstorage.read_only": {
+          "description": "View your data in Google Cloud Storage"
+        },
+        "https://www.googleapis.com/auth/devstorage.read_write": {
+          "description": "Manage your data in Google Cloud Storage"
+        }
       }
-     }
     }
-   }
   },
-  "AccessConfig": {
-   "id": "AccessConfig",
-   "type": "object",
-   "description": "An access configuration attached to an instance's network interface. Only one access config per instance is supported.",
-   "properties": {
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#accessConfig for access configs.",
-     "default": "compute#accessConfig"
-    },
-    "name": {
-     "type": "string",
-     "description": "The name of this access configuration. The default and recommended name is External NAT but you can use any arbitrary string you would like. For example, My external IP or Network Access."
-    },
-    "natIP": {
-     "type": "string",
-     "description": "An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance."
-    },
-    "type": {
-     "type": "string",
-     "description": "The type of configuration. The default and only option is ONE_TO_ONE_NAT.",
-     "default": "ONE_TO_ONE_NAT",
-     "enum": [
-      "ONE_TO_ONE_NAT"
-     ],
-     "enumDescriptions": [
-      ""
-     ]
-    }
-   }
-  },
-  "Address": {
-   "id": "Address",
-   "type": "object",
-   "description": "A reserved address resource. (== resource_for beta.addresses ==) (== resource_for v1.addresses ==) (== resource_for beta.globalAddresses ==) (== resource_for v1.globalAddresses ==)",
-   "properties": {
-    "address": {
-     "type": "string",
-     "description": "The static IP address represented by this resource."
-    },
-    "addressType": {
-     "type": "string",
-     "description": "The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.",
-     "enum": [
-      "EXTERNAL",
-      "INTERNAL",
-      "UNSPECIFIED_TYPE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "ipVersion": {
-     "type": "string",
-     "description": "The IP Version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.",
-     "enum": [
-      "IPV4",
-      "IPV6",
-      "UNSPECIFIED_VERSION"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#address for addresses.",
-     "default": "compute#address"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.addresses.insert"
-      ]
-     }
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the regional address resides. This field is not applicable to global addresses."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.",
-     "enum": [
-      "IN_USE",
-      "RESERVED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "subnetwork": {
-     "type": "string",
-     "description": "The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with GCE_ENDPOINT/DNS_RESOLVER purposes."
-    },
-    "users": {
-     "type": "array",
-     "description": "[Output Only] The URLs of the resources that are using this address.",
-     "items": {
+  "basePath": "/compute/v1/projects/",
+  "baseUrl": "https://www.googleapis.com/compute/v1/projects/",
+  "batchPath": "batch/compute/v1",
+  "description": "Creates and runs virtual machines on Google Cloud Platform.",
+  "discoveryVersion": "v1",
+  "documentationLink": "https://developers.google.com/compute/docs/reference/latest/",
+  "etag": "\"-iA1DTNe4s-I6JZXPt1t1Ypy8IU/-YzN1b0_oAWbrk9rmdu60A0nf94\"",
+  "icons": {
+    "x16": "https://www.google.com/images/icons/product/compute_engine-16.png",
+    "x32": "https://www.google.com/images/icons/product/compute_engine-32.png"
+  },
+  "id": "compute:v1",
+  "kind": "discovery#restDescription",
+  "name": "compute",
+  "ownerDomain": "google.com",
+  "ownerName": "Google",
+  "parameters": {
+    "alt": {
+      "default": "json",
+      "description": "Data format for the response.",
+      "enum": [
+        "json"
+      ],
+      "enumDescriptions": [
+        "Responses with Content-Type of application/json"
+      ],
+      "location": "query",
       "type": "string"
-     }
-    }
-   }
-  },
-  "AddressAggregatedList": {
-   "id": "AddressAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of AddressesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "AddressesScopedList",
-      "description": "[Output Only] Name of the scope containing this set of addresses."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#addressAggregatedList for aggregated lists of addresses.",
-     "default": "compute#addressAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AddressList": {
-   "id": "AddressList",
-   "type": "object",
-   "description": "Contains a list of addresses.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Address resources.",
-     "items": {
-      "$ref": "Address"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#addressList for lists of addresses.",
-     "default": "compute#addressList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AddressesScopedList": {
-   "id": "AddressesScopedList",
-   "type": "object",
-   "properties": {
-    "addresses": {
-     "type": "array",
-     "description": "[Output Only] List of addresses contained in this scope.",
-     "items": {
-      "$ref": "Address"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of addresses when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AliasIpRange": {
-   "id": "AliasIpRange",
-   "type": "object",
-   "description": "An alias IP range attached to an instance's network interface.",
-   "properties": {
-    "ipCidrRange": {
-     "type": "string",
-     "description": "The IP CIDR range represented by this alias IP range. This IP CIDR range must belong to the specified subnetwork and cannot contain IP addresses reserved by system or used by other network interfaces. This range may be a single IP address (e.g. 10.2.3.4), a netmask (e.g. /24) or a CIDR format string (e.g. 10.1.2.0/24)."
-    },
-    "subnetworkRangeName": {
-     "type": "string",
-     "description": "Optional subnetwork secondary range name specifying the secondary range from which to allocate the IP CIDR range for this alias IP range. If left unspecified, the primary range of the subnetwork will be used."
-    }
-   }
-  },
-  "AttachedDisk": {
-   "id": "AttachedDisk",
-   "type": "object",
-   "description": "An instance-attached disk resource.",
-   "properties": {
-    "autoDelete": {
-     "type": "boolean",
-     "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)."
-    },
-    "boot": {
-     "type": "boolean",
-     "description": "Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem."
-    },
-    "deviceName": {
-     "type": "string",
-     "description": "Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.\n\nIf not specified, the server chooses a default device name to apply to this disk, in the form persistent-disks-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks."
-    },
-    "diskEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "Encrypts or decrypts a disk using a customer-supplied encryption key.\n\nIf you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.\n\nIf you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.\n\nIf you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.\n\nInstance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group."
-    },
-    "index": {
-     "type": "integer",
-     "description": "[Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.",
-     "format": "int32"
-    },
-    "initializeParams": {
-     "$ref": "AttachedDiskInitializeParams",
-     "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.\n\nThis property is mutually exclusive with the source property; you can only define one or the other, but not both."
-    },
-    "interface": {
-     "type": "string",
-     "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. Persistent disks must always use SCSI and the request will fail if you attempt to attach a persistent disk in any other format than SCSI. Local SSDs can use either NVME or SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance.",
-     "enum": [
-      "NVME",
-      "SCSI"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#attachedDisk for attached disks.",
-     "default": "compute#attachedDisk"
     },
-    "licenses": {
-     "type": "array",
-     "description": "[Output Only] Any valid publicly visible licenses.",
-     "items": {
+    "fields": {
+      "description": "Selector specifying which fields to include in a partial response.",
+      "location": "query",
       "type": "string"
-     }
-    },
-    "mode": {
-     "type": "string",
-     "description": "The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode.",
-     "enum": [
-      "READ_ONLY",
-      "READ_WRITE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "source": {
-     "type": "string",
-     "description": "Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or disks.source is required except for local SSD.\n\nIf desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.\n\nNote that for InstanceTemplate, specify the disk name, not the URL for the disk."
-    },
-    "type": {
-     "type": "string",
-     "description": "Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.",
-     "enum": [
-      "PERSISTENT",
-      "SCRATCH"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "AttachedDiskInitializeParams": {
-   "id": "AttachedDiskInitializeParams",
-   "type": "object",
-   "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.\n\nThis property is mutually exclusive with the source property; you can only define one or the other, but not both.",
-   "properties": {
-    "diskName": {
-     "type": "string",
-     "description": "Specifies the disk name. If not specified, the default is to use the name of the instance."
-    },
-    "diskSizeGb": {
-     "type": "string",
-     "description": "Specifies the size of the disk in base-2 GB.",
-     "format": "int64"
-    },
-    "diskType": {
-     "type": "string",
-     "description": "Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:\n\nhttps://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard \n\nOther values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType \n- projects/project/zones/zone/diskTypes/diskType \n- zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL."
-    },
-    "sourceImage": {
-     "type": "string",
-     "description": "The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or disks.source is required except for local SSD.\n\nTo create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-8 to use the latest Debian 8 image:\n\nprojects/debian-cloud/global/images/family/debian-8 \n\nAlternatively, use a specific version of a public operating system image:\n\nprojects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD \n\nTo create a disk with a custom image that you created, specify the image name in the following format:\n\nglobal/images/my-custom-image \n\nYou can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:\n\nglobal/images/family/my-image-family \n\nIf the source image is deleted later, this field will not be set."
-    },
-    "sourceImageEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.\n\nInstance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys."
-    }
-   }
-  },
-  "Autoscaler": {
-   "id": "Autoscaler",
-   "type": "object",
-   "description": "Represents an Autoscaler resource. Autoscalers allow you to automatically scale virtual machine instances in managed instance groups according to an autoscaling policy that you define. For more information, read Autoscaling Groups of Instances. (== resource_for beta.autoscalers ==) (== resource_for v1.autoscalers ==) (== resource_for beta.regionAutoscalers ==) (== resource_for v1.regionAutoscalers ==)",
-   "properties": {
-    "autoscalingPolicy": {
-     "$ref": "AutoscalingPolicy",
-     "description": "The configuration parameters for the autoscaling algorithm. You can define one or more of the policies for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.\n\nIf none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#autoscaler for autoscalers.",
-     "default": "compute#autoscaler"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.instanceGroups.insert"
-      ]
-     }
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the instance group resides (for autoscalers living in regional scope)."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the autoscaler configuration.",
-     "enum": [
-      "ACTIVE",
-      "DELETING",
-      "ERROR",
-      "PENDING"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "statusDetails": {
-     "type": "array",
-     "description": "[Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.",
-     "items": {
-      "$ref": "AutoscalerStatusDetails"
-     }
-    },
-    "target": {
-     "type": "string",
-     "description": "URL of the managed instance group that this autoscaler will scale."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] URL of the zone where the instance group resides (for autoscalers living in zonal scope)."
-    }
-   }
-  },
-  "AutoscalerAggregatedList": {
-   "id": "AutoscalerAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of AutoscalersScopedList resources.",
-     "additionalProperties": {
-      "$ref": "AutoscalersScopedList",
-      "description": "[Output Only] Name of the scope containing this set of autoscalers."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#autoscalerAggregatedList for aggregated lists of autoscalers.",
-     "default": "compute#autoscalerAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AutoscalerList": {
-   "id": "AutoscalerList",
-   "type": "object",
-   "description": "Contains a list of Autoscaler resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Autoscaler resources.",
-     "items": {
-      "$ref": "Autoscaler"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#autoscalerList for lists of autoscalers.",
-     "default": "compute#autoscalerList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AutoscalerStatusDetails": {
-   "id": "AutoscalerStatusDetails",
-   "type": "object",
-   "properties": {
-    "message": {
-     "type": "string",
-     "description": "The status message."
-    },
-    "type": {
-     "type": "string",
-     "description": "The type of error returned.",
-     "enum": [
-      "ALL_INSTANCES_UNHEALTHY",
-      "BACKEND_SERVICE_DOES_NOT_EXIST",
-      "CAPPED_AT_MAX_NUM_REPLICAS",
-      "CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE",
-      "CUSTOM_METRIC_INVALID",
-      "MIN_EQUALS_MAX",
-      "MISSING_CUSTOM_METRIC_DATA_POINTS",
-      "MISSING_LOAD_BALANCING_DATA_POINTS",
-      "MORE_THAN_ONE_BACKEND_SERVICE",
-      "NOT_ENOUGH_QUOTA_AVAILABLE",
-      "REGION_RESOURCE_STOCKOUT",
-      "SCALING_TARGET_DOES_NOT_EXIST",
-      "UNKNOWN",
-      "UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION",
-      "ZONE_RESOURCE_STOCKOUT"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "AutoscalersScopedList": {
-   "id": "AutoscalersScopedList",
-   "type": "object",
-   "properties": {
-    "autoscalers": {
-     "type": "array",
-     "description": "[Output Only] List of autoscalers contained in this scope.",
-     "items": {
-      "$ref": "Autoscaler"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of autoscalers when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "AutoscalingPolicy": {
-   "id": "AutoscalingPolicy",
-   "type": "object",
-   "description": "Cloud Autoscaler policy.",
-   "properties": {
-    "coolDownPeriodSec": {
-     "type": "integer",
-     "description": "The number of seconds that the autoscaler should wait before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.\n\nVirtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.",
-     "format": "int32"
-    },
-    "cpuUtilization": {
-     "$ref": "AutoscalingPolicyCpuUtilization",
-     "description": "Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group."
-    },
-    "customMetricUtilizations": {
-     "type": "array",
-     "description": "Configuration parameters of autoscaling based on a custom metric.",
-     "items": {
-      "$ref": "AutoscalingPolicyCustomMetricUtilization"
-     }
-    },
-    "loadBalancingUtilization": {
-     "$ref": "AutoscalingPolicyLoadBalancingUtilization",
-     "description": "Configuration parameters of autoscaling based on load balancer."
-    },
-    "maxNumReplicas": {
-     "type": "integer",
-     "description": "The maximum number of instances that the autoscaler can scale up to. This is required when creating or updating an autoscaler. The maximum number of replicas should not be lower than minimal number of replicas.",
-     "format": "int32"
-    },
-    "minNumReplicas": {
-     "type": "integer",
-     "description": "The minimum number of replicas that the autoscaler can scale down to. This cannot be less than 0. If not provided, autoscaler will choose a default value depending on maximum number of instances allowed.",
-     "format": "int32"
-    }
-   }
-  },
-  "AutoscalingPolicyCpuUtilization": {
-   "id": "AutoscalingPolicyCpuUtilization",
-   "type": "object",
-   "description": "CPU utilization policy.",
-   "properties": {
-    "utilizationTarget": {
-     "type": "number",
-     "description": "The target CPU utilization that the autoscaler should maintain. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.\n\nIf the CPU level is below the target utilization, the autoscaler scales down the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.\n\nIf the average CPU is above the target utilization, the autoscaler scales up until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.",
-     "format": "double"
-    }
-   }
-  },
-  "AutoscalingPolicyCustomMetricUtilization": {
-   "id": "AutoscalingPolicyCustomMetricUtilization",
-   "type": "object",
-   "description": "Custom utilization metric policy.",
-   "properties": {
-    "metric": {
-     "type": "string",
-     "description": "The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.\n\nThe metric must have a value type of INT64 or DOUBLE."
-    },
-    "utilizationTarget": {
-     "type": "number",
-     "description": "The target value of the metric that autoscaler should maintain. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.\n\nFor example, a good metric to use as a utilization_target is compute.googleapis.com/instance/network/received_bytes_count. The autoscaler will work to keep this value constant for each of the instances.",
-     "format": "double"
-    },
-    "utilizationTargetType": {
-     "type": "string",
-     "description": "Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE. If not specified, the default is GAUGE.",
-     "enum": [
-      "DELTA_PER_MINUTE",
-      "DELTA_PER_SECOND",
-      "GAUGE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "AutoscalingPolicyLoadBalancingUtilization": {
-   "id": "AutoscalingPolicyLoadBalancingUtilization",
-   "type": "object",
-   "description": "Configuration parameters of autoscaling based on load balancing.",
-   "properties": {
-    "utilizationTarget": {
-     "type": "number",
-     "description": "Fraction of backend capacity utilization (set in HTTP(s) load balancing configuration) that autoscaler should maintain. Must be a positive float value. If not defined, the default is 0.8.",
-     "format": "double"
-    }
-   }
-  },
-  "Backend": {
-   "id": "Backend",
-   "type": "object",
-   "description": "Message containing information of one individual backend.",
-   "properties": {
-    "balancingMode": {
-     "type": "string",
-     "description": "Specifies the balancing mode for this backend. For global HTTP(S) or TCP/SSL load balancing, the default is UTILIZATION. Valid values are UTILIZATION, RATE (for HTTP(S)) and CONNECTION (for TCP/SSL).\n\nFor Internal Load Balancing, the default and only supported mode is CONNECTION.",
-     "enum": [
-      "CONNECTION",
-      "RATE",
-      "UTILIZATION"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "capacityScaler": {
-     "type": "number",
-     "description": "A multiplier applied to the group's maximum servicing capacity (based on UTILIZATION, RATE or CONNECTION). Default value is 1, which means the group will serve up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available Capacity. Valid range is [0.0,1.0].\n\nThis cannot be used for internal load balancing.",
-     "format": "float"
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "group": {
-     "type": "string",
-     "description": "The fully-qualified URL of a Instance Group resource. This instance group defines the list of instances that serve traffic. Member virtual machine instances from each instance group must live in the same zone as the instance group itself. No two backends in a backend service are allowed to use same Instance Group resource.\n\nNote that you must specify an Instance Group resource using the fully-qualified URL, rather than a partial URL.\n\nWhen the BackendService has load balancing scheme INTERNAL, the instance group must be within the same region as the BackendService."
-    },
-    "maxConnections": {
-     "type": "integer",
-     "description": "The max number of simultaneous connections for the group. Can be used with either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set.\n\nThis cannot be used for internal load balancing.",
-     "format": "int32"
-    },
-    "maxConnectionsPerInstance": {
-     "type": "integer",
-     "description": "The max number of simultaneous connections that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set.\n\nThis cannot be used for internal load balancing.",
-     "format": "int32"
-    },
-    "maxRate": {
-     "type": "integer",
-     "description": "The max requests per second (RPS) of the group. Can be used with either RATE or UTILIZATION balancing modes, but required if RATE mode. For RATE mode, either maxRate or maxRatePerInstance must be set.\n\nThis cannot be used for internal load balancing.",
-     "format": "int32"
-    },
-    "maxRatePerInstance": {
-     "type": "number",
-     "description": "The max requests per second (RPS) that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerInstance must be set.\n\nThis cannot be used for internal load balancing.",
-     "format": "float"
-    },
-    "maxUtilization": {
-     "type": "number",
-     "description": "Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization target for the group. The default is 0.8. Valid range is [0.0, 1.0].\n\nThis cannot be used for internal load balancing.",
-     "format": "float"
-    }
-   }
-  },
-  "BackendBucket": {
-   "id": "BackendBucket",
-   "type": "object",
-   "description": "A BackendBucket resource. This resource defines a Cloud Storage bucket.",
-   "properties": {
-    "bucketName": {
-     "type": "string",
-     "description": "Cloud Storage bucket name."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional textual description of the resource; provided by the client when the resource is created."
-    },
-    "enableCdn": {
-     "type": "boolean",
-     "description": "If true, enable Cloud CDN for this BackendBucket."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of the resource.",
-     "default": "compute#backendBucket"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "BackendBucketList": {
-   "id": "BackendBucketList",
-   "type": "object",
-   "description": "Contains a list of BackendBucket resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of BackendBucket resources.",
-     "items": {
-      "$ref": "BackendBucket"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#backendBucketList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "BackendService": {
-   "id": "BackendService",
-   "type": "object",
-   "description": "A BackendService resource. This resource defines a group of backend virtual machines and their serving capacity. (== resource_for v1.backendService ==) (== resource_for beta.backendService ==)",
-   "properties": {
-    "affinityCookieTtlSec": {
-     "type": "integer",
-     "description": "Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day.\n\nWhen the load balancing scheme is INTERNAL, this field is not used.",
-     "format": "int32"
-    },
-    "backends": {
-     "type": "array",
-     "description": "The list of backends that serve this BackendService.",
-     "items": {
-      "$ref": "Backend"
-     }
-    },
-    "cdnPolicy": {
-     "$ref": "BackendServiceCdnPolicy",
-     "description": "Cloud CDN configuration for this BackendService."
-    },
-    "connectionDraining": {
-     "$ref": "ConnectionDraining"
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "enableCDN": {
-     "type": "boolean",
-     "description": "If true, enable Cloud CDN for this BackendService.\n\nWhen the load balancing scheme is INTERNAL, this field is not used."
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService.",
-     "format": "byte"
     },
-    "healthChecks": {
-     "type": "array",
-     "description": "The list of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified, and a health check is required for Compute Engine backend services. A health check must not be specified for App Engine backend and Cloud Function backend.\n\nFor internal load balancing, a URL to a HealthCheck resource must be specified instead.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "iap": {
-     "$ref": "BackendServiceIAP"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#backendService for backend services.",
-     "default": "compute#backendService"
-    },
-    "loadBalancingScheme": {
-     "type": "string",
-     "description": "Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. Possible values are INTERNAL and EXTERNAL.",
-     "enum": [
-      "EXTERNAL",
-      "INTERNAL",
-      "INVALID_LOAD_BALANCING_SCHEME"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "port": {
-     "type": "integer",
-     "description": "Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.\n\nThis cannot be used for internal load balancing.",
-     "format": "int32"
-    },
-    "portName": {
-     "type": "string",
-     "description": "Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.\n\nWhen the load balancing scheme is INTERNAL, this field is not used."
-    },
-    "protocol": {
-     "type": "string",
-     "description": "The protocol this BackendService uses to communicate with backends.\n\nPossible values are HTTP, HTTPS, TCP, and SSL. The default is HTTP.\n\nFor internal load balancing, the possible values are TCP and UDP, and the default is TCP.",
-     "enum": [
-      "HTTP",
-      "HTTPS",
-      "SSL",
-      "TCP",
-      "UDP"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sessionAffinity": {
-     "type": "string",
-     "description": "Type of session affinity to use. The default is NONE.\n\nWhen the load balancing scheme is EXTERNAL, can be NONE, CLIENT_IP, or GENERATED_COOKIE.\n\nWhen the load balancing scheme is INTERNAL, can be NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.\n\nWhen the protocol is UDP, this field is not used.",
-     "enum": [
-      "CLIENT_IP",
-      "CLIENT_IP_PORT_PROTO",
-      "CLIENT_IP_PROTO",
-      "GENERATED_COOKIE",
-      "NONE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "timeoutSec": {
-     "type": "integer",
-     "description": "How many seconds to wait for the backend before considering it a failed request. Default is 30 seconds.",
-     "format": "int32"
-    }
-   }
-  },
-  "BackendServiceAggregatedList": {
-   "id": "BackendServiceAggregatedList",
-   "type": "object",
-   "description": "Contains a list of BackendServicesScopedList.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of BackendServicesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "BackendServicesScopedList",
-      "description": "Name of the scope containing this set of BackendServices."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#backendServiceAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "BackendServiceCdnPolicy": {
-   "id": "BackendServiceCdnPolicy",
-   "type": "object",
-   "description": "Message containing Cloud CDN configuration for a backend service.",
-   "properties": {
-    "cacheKeyPolicy": {
-     "$ref": "CacheKeyPolicy",
-     "description": "The CacheKeyPolicy for this CdnPolicy."
-    }
-   }
-  },
-  "BackendServiceGroupHealth": {
-   "id": "BackendServiceGroupHealth",
-   "type": "object",
-   "properties": {
-    "healthStatus": {
-     "type": "array",
-     "items": {
-      "$ref": "HealthStatus"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#backendServiceGroupHealth for the health of backend services.",
-     "default": "compute#backendServiceGroupHealth"
-    }
-   }
-  },
-  "BackendServiceIAP": {
-   "id": "BackendServiceIAP",
-   "type": "object",
-   "description": "Identity-Aware Proxy",
-   "properties": {
-    "enabled": {
-     "type": "boolean"
-    },
-    "oauth2ClientId": {
-     "type": "string"
-    },
-    "oauth2ClientSecret": {
-     "type": "string"
-    },
-    "oauth2ClientSecretSha256": {
-     "type": "string",
-     "description": "[Output Only] SHA256 hash value for the field oauth2_client_secret above."
-    }
-   }
-  },
-  "BackendServiceList": {
-   "id": "BackendServiceList",
-   "type": "object",
-   "description": "Contains a list of BackendService resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of BackendService resources.",
-     "items": {
-      "$ref": "BackendService"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#backendServiceList for lists of backend services.",
-     "default": "compute#backendServiceList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "BackendServicesScopedList": {
-   "id": "BackendServicesScopedList",
-   "type": "object",
-   "properties": {
-    "backendServices": {
-     "type": "array",
-     "description": "List of BackendServices contained in this scope.",
-     "items": {
-      "$ref": "BackendService"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of backend services when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "CacheInvalidationRule": {
-   "id": "CacheInvalidationRule",
-   "type": "object",
-   "properties": {
-    "host": {
-     "type": "string",
-     "description": "If set, this invalidation rule will only apply to requests with a Host header matching host."
-    },
-    "path": {
-     "type": "string"
-    }
-   }
-  },
-  "CacheKeyPolicy": {
-   "id": "CacheKeyPolicy",
-   "type": "object",
-   "description": "Message containing what to include in the cache key for a request for Cloud CDN.",
-   "properties": {
-    "includeHost": {
-     "type": "boolean",
-     "description": "If true, requests to different hosts will be cached separately."
-    },
-    "includeProtocol": {
-     "type": "boolean",
-     "description": "If true, http and https requests will be cached separately."
-    },
-    "includeQueryString": {
-     "type": "boolean",
-     "description": "If true, include query string parameters in the cache key according to query_string_whitelist and query_string_blacklist. If neither is set, the entire query string will be included. If false, the query string will be excluded from the cache key entirely."
-    },
-    "queryStringBlacklist": {
-     "type": "array",
-     "description": "Names of query string parameters to exclude in cache keys. All other parameters will be included. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters.",
-     "items": {
+    "key": {
+      "description": "API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.",
+      "location": "query",
       "type": "string"
-     }
     },
-    "queryStringWhitelist": {
-     "type": "array",
-     "description": "Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "Commitment": {
-   "id": "Commitment",
-   "type": "object",
-   "description": "Represents a Commitment resource. Creating a Commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts.\n\nCommitted use discounts are subject to Google Cloud Platform's Service Specific Terms. By purchasing a committed use discount, you agree to these terms. Committed use discounts will not renew, so you must purchase a new commitment to continue receiving discounts. (== resource_for beta.commitments ==) (== resource_for v1.commitments ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "endTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Commitment end time in RFC3339 text format."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#commitment for commitments.",
-     "default": "compute#commitment"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "plan": {
-     "type": "string",
-     "description": "The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).",
-     "enum": [
-      "INVALID",
-      "THIRTY_SIX_MONTH",
-      "TWELVE_MONTH"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where this commitment may be used."
-    },
-    "resources": {
-     "type": "array",
-     "description": "List of commitment amounts for particular resources. Note that VCPU and MEMORY resource commitments must occur together.",
-     "items": {
-      "$ref": "ResourceCommitment"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "startTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Commitment start time in RFC3339 text format."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] Status of the commitment with regards to eventual expiration (each commitment has an end date defined). One of the following values: NOT_YET_ACTIVE, ACTIVE, EXPIRED.",
-     "enum": [
-      "ACTIVE",
-      "CREATING",
-      "EXPIRED",
-      "NOT_YET_ACTIVE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "statusMessage": {
-     "type": "string",
-     "description": "[Output Only] An optional, human-readable explanation of the status."
-    }
-   }
-  },
-  "CommitmentAggregatedList": {
-   "id": "CommitmentAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of CommitmentsScopedList resources.",
-     "additionalProperties": {
-      "$ref": "CommitmentsScopedList",
-      "description": "[Output Only] Name of the scope containing this set of commitments."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#commitmentAggregatedList for aggregated lists of commitments.",
-     "default": "compute#commitmentAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "CommitmentList": {
-   "id": "CommitmentList",
-   "type": "object",
-   "description": "Contains a list of Commitment resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Commitment resources.",
-     "items": {
-      "$ref": "Commitment"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#commitmentList for lists of commitments.",
-     "default": "compute#commitmentList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "CommitmentsScopedList": {
-   "id": "CommitmentsScopedList",
-   "type": "object",
-   "properties": {
-    "commitments": {
-     "type": "array",
-     "description": "[Output Only] List of commitments contained in this scope.",
-     "items": {
-      "$ref": "Commitment"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of commitments when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "ConnectionDraining": {
-   "id": "ConnectionDraining",
-   "type": "object",
-   "description": "Message containing connection draining configuration.",
-   "properties": {
-    "drainingTimeoutSec": {
-     "type": "integer",
-     "description": "Time for which instance will be drained (not accept new connections, but still work to finish started).",
-     "format": "int32"
-    }
-   }
-  },
-  "CustomerEncryptionKey": {
-   "id": "CustomerEncryptionKey",
-   "type": "object",
-   "description": "Represents a customer-supplied encryption key",
-   "properties": {
-    "rawKey": {
-     "type": "string",
-     "description": "Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource."
-    },
-    "sha256": {
-     "type": "string",
-     "description": "[Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource."
-    }
-   }
-  },
-  "CustomerEncryptionKeyProtectedDisk": {
-   "id": "CustomerEncryptionKeyProtectedDisk",
-   "type": "object",
-   "properties": {
-    "diskEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "Decrypts data associated with the disk with a customer-supplied encryption key."
-    },
-    "source": {
-     "type": "string",
-     "description": "Specifies a valid partial or full URL to an existing Persistent Disk resource. This field is only applicable for persistent disks."
-    }
-   }
-  },
-  "DeprecationStatus": {
-   "id": "DeprecationStatus",
-   "type": "object",
-   "description": "Deprecation status for a public resource.",
-   "properties": {
-    "deleted": {
-     "type": "string",
-     "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it."
-    },
-    "deprecated": {
-     "type": "string",
-     "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DEPRECATED. This is only informational and the status will not change unless the client explicitly changes it."
-    },
-    "obsolete": {
-     "type": "string",
-     "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to OBSOLETE. This is only informational and the status will not change unless the client explicitly changes it."
-    },
-    "replacement": {
-     "type": "string",
-     "description": "The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource."
-    },
-    "state": {
-     "type": "string",
-     "description": "The deprecation state of this resource. This can be DEPRECATED, OBSOLETE, or DELETED. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.",
-     "enum": [
-      "DELETED",
-      "DEPRECATED",
-      "OBSOLETE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "Disk": {
-   "id": "Disk",
-   "type": "object",
-   "description": "A Disk resource. (== resource_for beta.disks ==) (== resource_for v1.disks ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "diskEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "Encrypts the disk using a customer-supplied encryption key.\n\nAfter you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot or an image, or to attach the disk to a virtual machine).\n\nCustomer-supplied encryption keys do not protect access to metadata of the disk.\n\nIf you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#disk for disks.",
-     "default": "compute#disk"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a disk.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this disk. These can be later modified by the setLabels method.",
-     "additionalProperties": {
+    "oauth_token": {
+      "description": "OAuth 2.0 token for the current user.",
+      "location": "query",
       "type": "string"
-     }
-    },
-    "lastAttachTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Last attach timestamp in RFC3339 text format."
     },
-    "lastDetachTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Last detach timestamp in RFC3339 text format."
+    "prettyPrint": {
+      "default": "true",
+      "description": "Returns response with indentations and line breaks.",
+      "location": "query",
+      "type": "boolean"
     },
-    "licenses": {
-     "type": "array",
-     "description": "Any applicable publicly visible licenses.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.disks.insert"
-      ]
-     }
-    },
-    "options": {
-     "type": "string",
-     "description": "Internal use only."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined fully-qualified URL for this resource."
-    },
-    "sizeGb": {
-     "type": "string",
-     "description": "Size of the persistent disk, specified in GB. You can specify this field when creating a persistent disk using the sourceImage or sourceSnapshot parameter, or specify it alone to create an empty persistent disk.\n\nIf you specify this field along with sourceImage or sourceSnapshot, the value of sizeGb must not be less than the size of the sourceImage or the size of the snapshot. Acceptable values are 1 to 65536, inclusive.",
-     "format": "int64"
-    },
-    "sourceImage": {
-     "type": "string",
-     "description": "The source image used to create this disk. If the source image is deleted, this field will not be set.\n\nTo create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-8 to use the latest Debian 8 image:\n\nprojects/debian-cloud/global/images/family/debian-8 \n\nAlternatively, use a specific version of a public operating system image:\n\nprojects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD \n\nTo create a disk with a custom image that you created, specify the image name in the following format:\n\nglobal/images/my-custom-image \n\nYou can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:\n\nglobal/images/family/my-image-family"
-    },
-    "sourceImageEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key."
-    },
-    "sourceImageId": {
-     "type": "string",
-     "description": "[Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used."
-    },
-    "sourceSnapshot": {
-     "type": "string",
-     "description": "The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot \n- projects/project/global/snapshots/snapshot \n- global/snapshots/snapshot"
-    },
-    "sourceSnapshotEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key."
-    },
-    "sourceSnapshotId": {
-     "type": "string",
-     "description": "[Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of disk creation.",
-     "enum": [
-      "CREATING",
-      "FAILED",
-      "READY",
-      "RESTORING"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "type": {
-     "type": "string",
-     "description": "URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk."
-    },
-    "users": {
-     "type": "array",
-     "description": "[Output Only] Links to the users of the disk (attached instances) in form: project/zones/zone/instances/instance",
-     "items": {
+    "quotaUser": {
+      "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. Overrides userIp if both are provided.",
+      "location": "query",
       "type": "string"
-     }
     },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] URL of the zone where the disk resides."
-    }
-   }
-  },
-  "DiskAggregatedList": {
-   "id": "DiskAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of DisksScopedList resources.",
-     "additionalProperties": {
-      "$ref": "DisksScopedList",
-      "description": "[Output Only] Name of the scope containing this set of disks."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#diskAggregatedList for aggregated lists of persistent disks.",
-     "default": "compute#diskAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "DiskList": {
-   "id": "DiskList",
-   "type": "object",
-   "description": "A list of Disk resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Disk resources.",
-     "items": {
-      "$ref": "Disk"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#diskList for lists of disks.",
-     "default": "compute#diskList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "DiskMoveRequest": {
-   "id": "DiskMoveRequest",
-   "type": "object",
-   "properties": {
-    "destinationZone": {
-     "type": "string",
-     "description": "The URL of the destination zone to move the disk. This can be a full or partial URL. For example, the following are all valid URLs to a zone:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone \n- projects/project/zones/zone \n- zones/zone"
-    },
-    "targetDisk": {
-     "type": "string",
-     "description": "The URL of the target disk to move. This can be a full or partial URL. For example, the following are all valid URLs to a disk:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk \n- projects/project/zones/zone/disks/disk \n- zones/zone/disks/disk"
-    }
-   }
-  },
-  "DiskType": {
-   "id": "DiskType",
-   "type": "object",
-   "description": "A DiskType resource. (== resource_for beta.diskTypes ==) (== resource_for v1.diskTypes ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "defaultDiskSizeGb": {
-     "type": "string",
-     "description": "[Output Only] Server-defined default disk size in GB.",
-     "format": "int64"
-    },
-    "deprecated": {
-     "$ref": "DeprecationStatus",
-     "description": "[Output Only] The deprecation status associated with this disk type."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] An optional description of this resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#diskType for disk types.",
-     "default": "compute#diskType"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "validDiskSize": {
-     "type": "string",
-     "description": "[Output Only] An optional textual description of the valid disk size, such as \"10GB-10TB\"."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] URL of the zone where the disk type resides."
-    }
-   }
-  },
-  "DiskTypeAggregatedList": {
-   "id": "DiskTypeAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of DiskTypesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "DiskTypesScopedList",
-      "description": "[Output Only] Name of the scope containing this set of disk types."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#diskTypeAggregatedList.",
-     "default": "compute#diskTypeAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "DiskTypeList": {
-   "id": "DiskTypeList",
-   "type": "object",
-   "description": "Contains a list of disk types.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of DiskType resources.",
-     "items": {
-      "$ref": "DiskType"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#diskTypeList for disk types.",
-     "default": "compute#diskTypeList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "DiskTypesScopedList": {
-   "id": "DiskTypesScopedList",
-   "type": "object",
-   "properties": {
-    "diskTypes": {
-     "type": "array",
-     "description": "[Output Only] List of disk types contained in this scope.",
-     "items": {
-      "$ref": "DiskType"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of disk types when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "DisksResizeRequest": {
-   "id": "DisksResizeRequest",
-   "type": "object",
-   "properties": {
-    "sizeGb": {
-     "type": "string",
-     "description": "The new size of the persistent disk, which is specified in GB.",
-     "format": "int64"
-    }
-   }
-  },
-  "DisksScopedList": {
-   "id": "DisksScopedList",
-   "type": "object",
-   "properties": {
-    "disks": {
-     "type": "array",
-     "description": "[Output Only] List of disks contained in this scope.",
-     "items": {
-      "$ref": "Disk"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of disks when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
+    "userIp": {
+      "description": "IP address of the site where the request originates. Use this if you want to enforce per-user limits.",
+      "location": "query",
+      "type": "string"
     }
-   }
   },
-  "Firewall": {
-   "id": "Firewall",
-   "type": "object",
-   "description": "Represents a Firewall resource.",
-   "properties": {
-    "allowed": {
-     "type": "array",
-     "description": "The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.",
-     "items": {
-      "type": "object",
-      "properties": {
-       "IPProtocol": {
-        "type": "string",
-        "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number."
-       },
-       "ports": {
-        "type": "array",
-        "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.\n\nExample inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"].",
-        "items": {
-         "type": "string"
+  "protocol": "rest",
+  "resources": {
+    "acceleratorTypes": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of accelerator types.",
+          "httpMethod": "GET",
+          "id": "compute.acceleratorTypes.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/acceleratorTypes",
+          "response": {
+            "$ref": "AcceleratorTypeAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified accelerator type. Get a list of available accelerator types by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.acceleratorTypes.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "acceleratorType"
+          ],
+          "parameters": {
+            "acceleratorType": {
+              "description": "Name of the accelerator type to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/acceleratorTypes/{acceleratorType}",
+          "response": {
+            "$ref": "AcceleratorType"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of accelerator types available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.acceleratorTypes.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/acceleratorTypes",
+          "response": {
+            "$ref": "AcceleratorTypeList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
         }
-       }
       }
-     }
     },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "denied": {
-     "type": "array",
-     "description": "The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.",
-     "items": {
-      "type": "object",
-      "properties": {
-       "IPProtocol": {
-        "type": "string",
-        "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number."
-       },
-       "ports": {
-        "type": "array",
-        "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.\n\nExample inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"].",
-        "items": {
-         "type": "string"
+    "addresses": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of addresses.",
+          "httpMethod": "GET",
+          "id": "compute.addresses.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/addresses",
+          "response": {
+            "$ref": "AddressAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified address resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.addresses.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "address"
+          ],
+          "parameters": {
+            "address": {
+              "description": "Name of the address resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/addresses/{address}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified address resource.",
+          "httpMethod": "GET",
+          "id": "compute.addresses.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "address"
+          ],
+          "parameters": {
+            "address": {
+              "description": "Name of the address resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/addresses/{address}",
+          "response": {
+            "$ref": "Address"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an address resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.addresses.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/addresses",
+          "request": {
+            "$ref": "Address"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of addresses contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.addresses.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/addresses",
+          "response": {
+            "$ref": "AddressList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
         }
-       }
       }
-     }
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
     },
-    "destinationRanges": {
-     "type": "array",
-     "description": "If destination ranges are specified, the firewall will apply only to traffic that has destination IP address in these ranges. These ranges must be expressed in CIDR format. Only IPv4 is supported.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "direction": {
-     "type": "string",
-     "description": "Direction of traffic to which this firewall applies; default is INGRESS. Note: For INGRESS traffic, it is NOT supported to specify destinationRanges; For EGRESS traffic, it is NOT supported to specify sourceRanges OR sourceTags.",
-     "enum": [
-      "EGRESS",
-      "INGRESS"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#firewall for firewall rules.",
-     "default": "compute#firewall"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.firewalls.insert",
-       "compute.firewalls.patch"
-      ]
-     }
-    },
-    "network": {
-     "type": "string",
-     "description": "URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:\nglobal/networks/default\nIf you choose to specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network \n- projects/myproject/global/networks/my-network \n- global/networks/default"
-    },
-    "priority": {
-     "type": "integer",
-     "description": "Priority for this rule. This is an integer between 0 and 65535, both inclusive. When not specified, the value assumed is 1000. Relative priorities determine precedence of conflicting rules. Lower value of priority implies higher precedence (eg, a rule with priority 0 has higher precedence than a rule with priority 1). DENY rules take precedence over ALLOW rules having equal priority.",
-     "format": "int32"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sourceRanges": {
-     "type": "array",
-     "description": "If source ranges are specified, the firewall will apply only to traffic that has source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply. Only IPv4 is supported.",
-     "items": {
-      "type": "string"
-     }
+    "autoscalers": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of autoscalers.",
+          "httpMethod": "GET",
+          "id": "compute.autoscalers.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/autoscalers",
+          "response": {
+            "$ref": "AutoscalerAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified autoscaler.",
+          "httpMethod": "DELETE",
+          "id": "compute.autoscalers.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "autoscaler"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers/{autoscaler}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified autoscaler resource. Get a list of available autoscalers by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.autoscalers.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "autoscaler"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers/{autoscaler}",
+          "response": {
+            "$ref": "Autoscaler"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an autoscaler in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.autoscalers.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers",
+          "request": {
+            "$ref": "Autoscaler"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of autoscalers contained within the specified zone.",
+          "httpMethod": "GET",
+          "id": "compute.autoscalers.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers",
+          "response": {
+            "$ref": "AutoscalerList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.autoscalers.patch",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to patch.",
+              "location": "query",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers",
+          "request": {
+            "$ref": "Autoscaler"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "update": {
+          "description": "Updates an autoscaler in the specified project using the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.autoscalers.update",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to update.",
+              "location": "query",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/autoscalers",
+          "request": {
+            "$ref": "Autoscaler"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
+      }
     },
-    "sourceServiceAccounts": {
-     "type": "array",
-     "description": "If source service accounts are specified, the firewall will apply only to traffic originating from an instance with a service account in this list. Source service accounts cannot be used to control traffic to an instance's external IP address because service accounts are associated with an instance, not an IP address. sourceRanges can be set at the same time as sourceServiceAccounts. If both are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP belongs to an instance with service account listed in sourceServiceAccount. The connection does not need to match both properties for the firewall to apply. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "sourceTags": {
-     "type": "array",
-     "description": "If source tags are specified, the firewall rule applies only to traffic with source IPs that match the primary network interfaces of VM instances that have the tag and are in the same VPC network. Source tags cannot be used to control traffic to an instance's external IP address, it only applies to traffic between instances in the same virtual network. Because tags are associated with instances, not IP addresses. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "targetServiceAccounts": {
-     "type": "array",
-     "description": "A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[]. targetServiceAccounts cannot be used at the same time as targetTags or sourceTags. If neither targetServiceAccounts nor targetTags are specified, the firewall rule applies to all instances on the specified network.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "targetTags": {
-     "type": "array",
-     "description": "A list of tags that controls which instances the firewall rule applies to. If targetTags are specified, then the firewall rule applies only to instances in the VPC network that have one of those tags. If no targetTags are specified, the firewall rule applies to all instances on the specified network.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "FirewallList": {
-   "id": "FirewallList",
-   "type": "object",
-   "description": "Contains a list of firewalls.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Firewall resources.",
-     "items": {
-      "$ref": "Firewall"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#firewallList for lists of firewalls.",
-     "default": "compute#firewallList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "backendBuckets": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified BackendBucket resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.backendBuckets.delete",
+          "parameterOrder": [
+            "project",
+            "backendBucket"
+          ],
+          "parameters": {
+            "backendBucket": {
+              "description": "Name of the BackendBucket resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets/{backendBucket}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified BackendBucket resource. Get a list of available backend buckets by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.backendBuckets.get",
+          "parameterOrder": [
+            "project",
+            "backendBucket"
+          ],
+          "parameters": {
+            "backendBucket": {
+              "description": "Name of the BackendBucket resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets/{backendBucket}",
+          "response": {
+            "$ref": "BackendBucket"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a BackendBucket resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.backendBuckets.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets",
+          "request": {
+            "$ref": "BackendBucket"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of BackendBucket resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.backendBuckets.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets",
+          "response": {
+            "$ref": "BackendBucketList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates the specified BackendBucket resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.backendBuckets.patch",
+          "parameterOrder": [
+            "project",
+            "backendBucket"
+          ],
+          "parameters": {
+            "backendBucket": {
+              "description": "Name of the BackendBucket resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets/{backendBucket}",
+          "request": {
+            "$ref": "BackendBucket"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "update": {
+          "description": "Updates the specified BackendBucket resource with the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.backendBuckets.update",
+          "parameterOrder": [
+            "project",
+            "backendBucket"
+          ],
+          "parameters": {
+            "backendBucket": {
+              "description": "Name of the BackendBucket resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendBuckets/{backendBucket}",
+          "request": {
+            "$ref": "BackendBucket"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "ForwardingRule": {
-   "id": "ForwardingRule",
-   "type": "object",
-   "description": "A ForwardingRule resource. A ForwardingRule resource specifies which pool of target virtual machines to forward a packet to if it matches the given [IPAddress, IPProtocol, ports] tuple. (== resource_for beta.forwardingRules ==) (== resource_for v1.forwardingRules ==) (== resource_for beta.globalForwardingRules ==) (== resource_for v1.globalForwardingRules ==) (== resource_for beta.regionForwardingRules ==) (== resource_for v1.regionForwardingRules ==)",
-   "properties": {
-    "IPAddress": {
-     "type": "string",
-     "description": "The IP address that this forwarding rule is serving on behalf of.\n\nAddresses are restricted based on the forwarding rule's load balancing scheme (EXTERNAL or INTERNAL) and scope (global or regional).\n\nWhen the load balancing scheme is EXTERNAL, for global forwarding rules, the address must be a global IP, and for regional forwarding rules, the address must live in the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 address from the same scope (global or regional) will be assigned. A regional forwarding rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6.\n\nWhen the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address belonging to the network/subnet configured for the forwarding rule. By default, if this field is empty, an ephemeral internal IP address will be automatically allocated from the IP range of the subnet or network configured for this forwarding rule.\n\nAn address can be specified either by a literal IP address or a URL reference to an existing Address resource. The following examples are all valid:  \n- 100.1.2.3 \n- https://www.googleapis.com/compute/v1/projects/project/regions/region/addresses/address \n- projects/project/regions/region/addresses/address \n- regions/region/addresses/address \n- global/addresses/address \n- address"
-    },
-    "IPProtocol": {
-     "type": "string",
-     "description": "The IP protocol to which this rule applies. Valid options are TCP, UDP, ESP, AH, SCTP or ICMP.\n\nWhen the load balancing scheme is INTERNAL, only TCP and UDP are valid.",
-     "enum": [
-      "AH",
-      "ESP",
-      "ICMP",
-      "SCTP",
-      "TCP",
-      "UDP"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "backendService": {
-     "type": "string",
-     "description": "This field is not used for external load balancing.\n\nFor internal load balancing, this field identifies the BackendService resource to receive the matched traffic."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "ipVersion": {
-     "type": "string",
-     "description": "The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for a global forwarding rule.",
-     "enum": [
-      "IPV4",
-      "IPV6",
-      "UNSPECIFIED_VERSION"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.",
-     "default": "compute#forwardingRule"
-    },
-    "loadBalancingScheme": {
-     "type": "string",
-     "description": "This signifies what the ForwardingRule will be used for and can only take the following values: INTERNAL, EXTERNAL The value of INTERNAL means that this will be used for Internal Network Load Balancing (TCP, UDP). The value of EXTERNAL means that this will be used for External Load Balancing (HTTP(S) LB, External TCP/UDP LB, SSL Proxy)",
-     "enum": [
-      "EXTERNAL",
-      "INTERNAL",
-      "INVALID"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "network": {
-     "type": "string",
-     "description": "This field is not used for external load balancing.\n\nFor internal load balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used."
-    },
-    "portRange": {
-     "type": "string",
-     "description": "This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance.\n\nApplicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to ports in the specified range will be forwarded to target. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port ranges.\n\nSome types of forwarding target have constraints on the acceptable ports:  \n- TargetHttpProxy: 80, 8080 \n- TargetHttpsProxy: 443 \n- TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 \n- TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222 \n- TargetVpnGateway: 500, 4500\n-"
-    },
-    "ports": {
-     "type": "array",
-     "description": "This field is used along with the backend_service field for internal load balancing.\n\nWhen the load balancing scheme is INTERNAL, a single port or a comma separated list of ports can be configured. Only packets addressed to these ports will be forwarded to the backends configured with this forwarding rule.\n\nYou may specify a maximum of up to 5 ports.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules."
     },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
+    "backendServices": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves the list of all BackendService resources, regional and global, available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.backendServices.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Name of the project scoping this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/backendServices",
+          "response": {
+            "$ref": "BackendServiceAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified BackendService resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.backendServices.delete",
+          "parameterOrder": [
+            "project",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified BackendService resource. Get a list of available backend services by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.backendServices.get",
+          "parameterOrder": [
+            "project",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}",
+          "response": {
+            "$ref": "BackendService"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getHealth": {
+          "description": "Gets the most recent health check results for this BackendService.",
+          "httpMethod": "POST",
+          "id": "compute.backendServices.getHealth",
+          "parameterOrder": [
+            "project",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to which the queried instance belongs.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}/getHealth",
+          "request": {
+            "$ref": "ResourceGroupReference"
+          },
+          "response": {
+            "$ref": "BackendServiceGroupHealth"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a BackendService resource in the specified project using the data included in the request. There are several restrictions and guidelines to keep in mind when creating a backend service. Read  Restrictions and Guidelines for more information.",
+          "httpMethod": "POST",
+          "id": "compute.backendServices.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices",
+          "request": {
+            "$ref": "BackendService"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of BackendService resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.backendServices.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices",
+          "response": {
+            "$ref": "BackendServiceList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Patches the specified BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.backendServices.patch",
+          "parameterOrder": [
+            "project",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}",
+          "request": {
+            "$ref": "BackendService"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "update": {
+          "description": "Updates the specified BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information.",
+          "httpMethod": "PUT",
+          "id": "compute.backendServices.update",
+          "parameterOrder": [
+            "project",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/backendServices/{backendService}",
+          "request": {
+            "$ref": "BackendService"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
+      }
     },
-    "subnetwork": {
-     "type": "string",
-     "description": "This field is not used for external load balancing.\n\nFor internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.\n\nIf the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified."
+    "diskTypes": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of disk types.",
+          "httpMethod": "GET",
+          "id": "compute.diskTypes.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/diskTypes",
+          "response": {
+            "$ref": "DiskTypeAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified disk type. Get a list of available disk types by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.diskTypes.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "diskType"
+          ],
+          "parameters": {
+            "diskType": {
+              "description": "Name of the disk type to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/diskTypes/{diskType}",
+          "response": {
+            "$ref": "DiskType"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of disk types available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.diskTypes.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/diskTypes",
+          "response": {
+            "$ref": "DiskTypeList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
+      }
     },
-    "target": {
-     "type": "string",
-     "description": "The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must live in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object.\n\nThis field is not used for internal load balancing."
-    }
-   }
-  },
-  "ForwardingRuleAggregatedList": {
-   "id": "ForwardingRuleAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of ForwardingRulesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "ForwardingRulesScopedList",
-      "description": "Name of the scope containing this set of addresses."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#forwardingRuleAggregatedList for lists of forwarding rules.",
-     "default": "compute#forwardingRuleAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "disks": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of persistent disks.",
+          "httpMethod": "GET",
+          "id": "compute.disks.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/disks",
+          "response": {
+            "$ref": "DiskAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "createSnapshot": {
+          "description": "Creates a snapshot of a specified persistent disk.",
+          "httpMethod": "POST",
+          "id": "compute.disks.createSnapshot",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "Name of the persistent disk to snapshot.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "guestFlush": {
+              "location": "query",
+              "type": "boolean"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks/{disk}/createSnapshot",
+          "request": {
+            "$ref": "Snapshot"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified persistent disk. Deleting a disk removes its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.",
+          "httpMethod": "DELETE",
+          "id": "compute.disks.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "Name of the persistent disk to delete.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks/{disk}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns a specified persistent disk. Get a list of available persistent disks by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.disks.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "Name of the persistent disk to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks/{disk}",
+          "response": {
+            "$ref": "Disk"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a persistent disk in the specified project using the data in the request. You can create a disk with a sourceImage, a sourceSnapshot, or create an empty 500 GB data disk by omitting all properties. You can also create a disk that is larger than the default size by specifying the sizeGb property.",
+          "httpMethod": "POST",
+          "id": "compute.disks.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "sourceImage": {
+              "description": "Optional. Source image to restore onto a disk.",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks",
+          "request": {
+            "$ref": "Disk"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of persistent disks contained within the specified zone.",
+          "httpMethod": "GET",
+          "id": "compute.disks.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks",
+          "response": {
+            "$ref": "DiskList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "resize": {
+          "description": "Resizes the specified persistent disk. You can only increase the size of the disk.",
+          "httpMethod": "POST",
+          "id": "compute.disks.resize",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "disk"
+          ],
+          "parameters": {
+            "disk": {
+              "description": "The name of the persistent disk.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks/{disk}/resize",
+          "request": {
+            "$ref": "DisksResizeRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on a disk. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.disks.setLabels",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/disks/{resource}/setLabels",
+          "request": {
+            "$ref": "ZoneSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "ForwardingRuleList": {
-   "id": "ForwardingRuleList",
-   "type": "object",
-   "description": "Contains a list of ForwardingRule resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of ForwardingRule resources.",
-     "items": {
-      "$ref": "ForwardingRule"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#forwardingRuleList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "firewalls": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified firewall.",
+          "httpMethod": "DELETE",
+          "id": "compute.firewalls.delete",
+          "parameterOrder": [
+            "project",
+            "firewall"
+          ],
+          "parameters": {
+            "firewall": {
+              "description": "Name of the firewall rule to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls/{firewall}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified firewall.",
+          "httpMethod": "GET",
+          "id": "compute.firewalls.get",
+          "parameterOrder": [
+            "project",
+            "firewall"
+          ],
+          "parameters": {
+            "firewall": {
+              "description": "Name of the firewall rule to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls/{firewall}",
+          "response": {
+            "$ref": "Firewall"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a firewall rule in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.firewalls.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls",
+          "request": {
+            "$ref": "Firewall"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of firewall rules available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.firewalls.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls",
+          "response": {
+            "$ref": "FirewallList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates the specified firewall rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.firewalls.patch",
+          "parameterOrder": [
+            "project",
+            "firewall"
+          ],
+          "parameters": {
+            "firewall": {
+              "description": "Name of the firewall rule to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls/{firewall}",
+          "request": {
+            "$ref": "Firewall"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "update": {
+          "description": "Updates the specified firewall rule with the data included in the request. The PUT method can only update the following fields of firewall rule: allowed, description, sourceRanges, sourceTags, targetTags.",
+          "httpMethod": "PUT",
+          "id": "compute.firewalls.update",
+          "parameterOrder": [
+            "project",
+            "firewall"
+          ],
+          "parameters": {
+            "firewall": {
+              "description": "Name of the firewall rule to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/firewalls/{firewall}",
+          "request": {
+            "$ref": "Firewall"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "ForwardingRulesScopedList": {
-   "id": "ForwardingRulesScopedList",
-   "type": "object",
-   "properties": {
+    },
     "forwardingRules": {
-     "type": "array",
-     "description": "List of forwarding rules contained in this scope.",
-     "items": {
-      "$ref": "ForwardingRule"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of forwarding rules when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of forwarding rules.",
+          "httpMethod": "GET",
+          "id": "compute.forwardingRules.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/forwardingRules",
+          "response": {
+            "$ref": "ForwardingRuleAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified ForwardingRule resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.forwardingRules.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified ForwardingRule resource.",
+          "httpMethod": "GET",
+          "id": "compute.forwardingRules.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}",
+          "response": {
+            "$ref": "ForwardingRule"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a ForwardingRule resource in the specified project and region using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.forwardingRules.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules",
+          "request": {
+            "$ref": "ForwardingRule"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of ForwardingRule resources available to the specified project and region.",
+          "httpMethod": "GET",
+          "id": "compute.forwardingRules.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules",
+          "response": {
+            "$ref": "ForwardingRuleList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setTarget": {
+          "description": "Changes target URL for forwarding rule. The new target should be of the same type as the old target.",
+          "httpMethod": "POST",
+          "id": "compute.forwardingRules.setTarget",
+          "parameterOrder": [
+            "project",
+            "region",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource in which target is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}/setTarget",
+          "request": {
+            "$ref": "TargetReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "GlobalSetLabelsRequest": {
-   "id": "GlobalSetLabelsRequest",
-   "type": "object",
-   "properties": {
-    "labelFingerprint": {
-     "type": "string",
-     "description": "The fingerprint of the previous set of labels for this resource, used to detect conflicts. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash when updating or changing labels. Make a get() request to the resource to get the latest fingerprint.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "A list of labels to apply for this resource. Each label key & value must comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For example, \"webserver-frontend\": \"images\". A label value can also be empty (e.g. \"my-label\": \"\").",
-     "additionalProperties": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "GuestOsFeature": {
-   "id": "GuestOsFeature",
-   "type": "object",
-   "description": "Guest OS features.",
-   "properties": {
-    "type": {
-     "type": "string",
-     "description": "The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.",
-     "enum": [
-      "FEATURE_TYPE_UNSPECIFIED",
-      "VIRTIO_SCSI_MULTIQUEUE",
-      "WINDOWS"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "HTTPHealthCheck": {
-   "id": "HTTPHealthCheck",
-   "type": "object",
-   "properties": {
-    "host": {
-     "type": "string",
-     "description": "The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used."
-    },
-    "port": {
-     "type": "integer",
-     "description": "The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.",
-     "format": "int32"
-    },
-    "portName": {
-     "type": "string",
-     "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence."
-    },
-    "proxyHeader": {
-     "type": "string",
-     "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "requestPath": {
-     "type": "string",
-     "description": "The request path of the HTTP health check request. The default value is /."
-    }
-   }
-  },
-  "HTTPSHealthCheck": {
-   "id": "HTTPSHealthCheck",
-   "type": "object",
-   "properties": {
-    "host": {
-     "type": "string",
-     "description": "The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used."
-    },
-    "port": {
-     "type": "integer",
-     "description": "The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.",
-     "format": "int32"
-    },
-    "portName": {
-     "type": "string",
-     "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence."
-    },
-    "proxyHeader": {
-     "type": "string",
-     "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "requestPath": {
-     "type": "string",
-     "description": "The request path of the HTTPS health check request. The default value is /."
-    }
-   }
-  },
-  "HealthCheck": {
-   "id": "HealthCheck",
-   "type": "object",
-   "description": "An HealthCheck resource. This resource defines a template for how individual virtual machines should be checked for health, via one of the supported protocols.",
-   "properties": {
-    "checkIntervalSec": {
-     "type": "integer",
-     "description": "How often (in seconds) to send a health check. The default value is 5 seconds.",
-     "format": "int32"
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in 3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "healthyThreshold": {
-     "type": "integer",
-     "description": "A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.",
-     "format": "int32"
-    },
-    "httpHealthCheck": {
-     "$ref": "HTTPHealthCheck"
-    },
-    "httpsHealthCheck": {
-     "$ref": "HTTPSHealthCheck"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of the resource.",
-     "default": "compute#healthCheck"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sslHealthCheck": {
-     "$ref": "SSLHealthCheck"
-    },
-    "tcpHealthCheck": {
-     "$ref": "TCPHealthCheck"
-    },
-    "timeoutSec": {
-     "type": "integer",
-     "description": "How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.",
-     "format": "int32"
-    },
-    "type": {
-     "type": "string",
-     "description": "Specifies the type of the healthCheck, either TCP, SSL, HTTP or HTTPS. If not specified, the default is TCP. Exactly one of the protocol-specific health check field must be specified, which must match type field.",
-     "enum": [
-      "HTTP",
-      "HTTPS",
-      "INVALID",
-      "SSL",
-      "TCP"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "unhealthyThreshold": {
-     "type": "integer",
-     "description": "A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.",
-     "format": "int32"
-    }
-   }
-  },
-  "HealthCheckList": {
-   "id": "HealthCheckList",
-   "type": "object",
-   "description": "Contains a list of HealthCheck resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of HealthCheck resources.",
-     "items": {
-      "$ref": "HealthCheck"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#healthCheckList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "globalAddresses": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified address resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.globalAddresses.delete",
+          "parameterOrder": [
+            "project",
+            "address"
+          ],
+          "parameters": {
+            "address": {
+              "description": "Name of the address resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/addresses/{address}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified address resource. Get a list of available addresses by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.globalAddresses.get",
+          "parameterOrder": [
+            "project",
+            "address"
+          ],
+          "parameters": {
+            "address": {
+              "description": "Name of the address resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/addresses/{address}",
+          "response": {
+            "$ref": "Address"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an address resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.globalAddresses.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/addresses",
+          "request": {
+            "$ref": "Address"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of global addresses.",
+          "httpMethod": "GET",
+          "id": "compute.globalAddresses.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/addresses",
+          "response": {
+            "$ref": "AddressList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "HealthCheckReference": {
-   "id": "HealthCheckReference",
-   "type": "object",
-   "description": "A full or valid partial URL to a health check. For example, the following are valid URLs:  \n- https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check \n- projects/project-id/global/httpHealthChecks/health-check \n- global/httpHealthChecks/health-check",
-   "properties": {
-    "healthCheck": {
-     "type": "string"
-    }
-   }
-  },
-  "HealthStatus": {
-   "id": "HealthStatus",
-   "type": "object",
-   "properties": {
-    "healthState": {
-     "type": "string",
-     "description": "Health state of the instance.",
-     "enum": [
-      "HEALTHY",
-      "UNHEALTHY"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "instance": {
-     "type": "string",
-     "description": "URL of the instance resource."
-    },
-    "ipAddress": {
-     "type": "string",
-     "description": "The IP address represented by this resource."
-    },
-    "port": {
-     "type": "integer",
-     "description": "The port on the instance.",
-     "format": "int32"
-    }
-   }
-  },
-  "HostRule": {
-   "id": "HostRule",
-   "type": "object",
-   "description": "UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.",
-   "properties": {
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "hosts": {
-     "type": "array",
-     "description": "The list of host patterns to match. They must be valid hostnames, except * will match any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..",
-     "items": {
-      "type": "string"
-     }
     },
-    "pathMatcher": {
-     "type": "string",
-     "description": "The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion."
-    }
-   }
-  },
-  "HttpHealthCheck": {
-   "id": "HttpHealthCheck",
-   "type": "object",
-   "description": "An HttpHealthCheck resource. This resource defines a template for how individual instances should be checked for health, via HTTP.",
-   "properties": {
-    "checkIntervalSec": {
-     "type": "integer",
-     "description": "How often (in seconds) to send a health check. The default value is 5 seconds.",
-     "format": "int32"
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "healthyThreshold": {
-     "type": "integer",
-     "description": "A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.",
-     "format": "int32"
-    },
-    "host": {
-     "type": "string",
-     "description": "The value of the host header in the HTTP health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#httpHealthCheck for HTTP health checks.",
-     "default": "compute#httpHealthCheck"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "port": {
-     "type": "integer",
-     "description": "The TCP port number for the HTTP health check request. The default value is 80.",
-     "format": "int32"
-    },
-    "requestPath": {
-     "type": "string",
-     "description": "The request path of the HTTP health check request. The default value is /."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "timeoutSec": {
-     "type": "integer",
-     "description": "How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.",
-     "format": "int32"
-    },
-    "unhealthyThreshold": {
-     "type": "integer",
-     "description": "A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.",
-     "format": "int32"
-    }
-   }
-  },
-  "HttpHealthCheckList": {
-   "id": "HttpHealthCheckList",
-   "type": "object",
-   "description": "Contains a list of HttpHealthCheck resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of HttpHealthCheck resources.",
-     "items": {
-      "$ref": "HttpHealthCheck"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#httpHealthCheckList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "globalForwardingRules": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified GlobalForwardingRule resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.globalForwardingRules.delete",
+          "parameterOrder": [
+            "project",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules/{forwardingRule}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified GlobalForwardingRule resource. Get a list of available forwarding rules by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.globalForwardingRules.get",
+          "parameterOrder": [
+            "project",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules/{forwardingRule}",
+          "response": {
+            "$ref": "ForwardingRule"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a GlobalForwardingRule resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.globalForwardingRules.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules",
+          "request": {
+            "$ref": "ForwardingRule"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of GlobalForwardingRule resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.globalForwardingRules.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules",
+          "response": {
+            "$ref": "ForwardingRuleList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setTarget": {
+          "description": "Changes target URL for the GlobalForwardingRule resource. The new target should be of the same type as the old target.",
+          "httpMethod": "POST",
+          "id": "compute.globalForwardingRules.setTarget",
+          "parameterOrder": [
+            "project",
+            "forwardingRule"
+          ],
+          "parameters": {
+            "forwardingRule": {
+              "description": "Name of the ForwardingRule resource in which target is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/forwardingRules/{forwardingRule}/setTarget",
+          "request": {
+            "$ref": "TargetReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "HttpsHealthCheck": {
-   "id": "HttpsHealthCheck",
-   "type": "object",
-   "description": "An HttpsHealthCheck resource. This resource defines a template for how individual instances should be checked for health, via HTTPS.",
-   "properties": {
-    "checkIntervalSec": {
-     "type": "integer",
-     "description": "How often (in seconds) to send a health check. The default value is 5 seconds.",
-     "format": "int32"
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "healthyThreshold": {
-     "type": "integer",
-     "description": "A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.",
-     "format": "int32"
-    },
-    "host": {
-     "type": "string",
-     "description": "The value of the host header in the HTTPS health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of the resource.",
-     "default": "compute#httpsHealthCheck"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "port": {
-     "type": "integer",
-     "description": "The TCP port number for the HTTPS health check request. The default value is 443.",
-     "format": "int32"
-    },
-    "requestPath": {
-     "type": "string",
-     "description": "The request path of the HTTPS health check request. The default value is \"/\"."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "timeoutSec": {
-     "type": "integer",
-     "description": "How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have a greater value than checkIntervalSec.",
-     "format": "int32"
-    },
-    "unhealthyThreshold": {
-     "type": "integer",
-     "description": "A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.",
-     "format": "int32"
-    }
-   }
-  },
-  "HttpsHealthCheckList": {
-   "id": "HttpsHealthCheckList",
-   "type": "object",
-   "description": "Contains a list of HttpsHealthCheck resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of HttpsHealthCheck resources.",
-     "items": {
-      "$ref": "HttpsHealthCheck"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#httpsHealthCheckList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "globalOperations": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of all operations.",
+          "httpMethod": "GET",
+          "id": "compute.globalOperations.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/operations",
+          "response": {
+            "$ref": "OperationAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified Operations resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.globalOperations.delete",
+          "parameterOrder": [
+            "project",
+            "operation"
+          ],
+          "parameters": {
+            "operation": {
+              "description": "Name of the Operations resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/operations/{operation}",
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Retrieves the specified Operations resource. Get a list of operations by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.globalOperations.get",
+          "parameterOrder": [
+            "project",
+            "operation"
+          ],
+          "parameters": {
+            "operation": {
+              "description": "Name of the Operations resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/operations/{operation}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of Operation resources contained within the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.globalOperations.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/operations",
+          "response": {
+            "$ref": "OperationList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "Image": {
-   "id": "Image",
-   "type": "object",
-   "description": "An Image resource. (== resource_for beta.images ==) (== resource_for v1.images ==)",
-   "properties": {
-    "archiveSizeBytes": {
-     "type": "string",
-     "description": "Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).",
-     "format": "int64"
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "deprecated": {
-     "$ref": "DeprecationStatus",
-     "description": "The deprecation status associated with this image."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "diskSizeGb": {
-     "type": "string",
-     "description": "Size of the image when restored onto a persistent disk (in GB).",
-     "format": "int64"
-    },
-    "family": {
-     "type": "string",
-     "description": "The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035."
-    },
-    "guestOsFeatures": {
-     "type": "array",
-     "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.",
-     "items": {
-      "$ref": "GuestOsFeature"
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "imageEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "Encrypts the image using a customer-supplied encryption key.\n\nAfter you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).\n\nCustomer-supplied encryption keys do not protect access to metadata of the disk.\n\nIf you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#image for images.",
-     "default": "compute#image"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an image.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this image. These can be later modified by the setLabels method.",
-     "additionalProperties": {
-      "type": "string"
-     }
     },
-    "licenses": {
-     "type": "array",
-     "description": "Any applicable license URI.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.images.insert"
-      ]
-     }
-    },
-    "rawDisk": {
-     "type": "object",
-     "description": "The parameters of the raw disk image.",
-     "properties": {
-      "containerType": {
-       "type": "string",
-       "description": "The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.",
-       "enum": [
-        "TAR"
-       ],
-       "enumDescriptions": [
-        ""
-       ]
-      },
-      "sha1Checksum": {
-       "type": "string",
-       "description": "An optional SHA1 checksum of the disk image before unpackaging; provided by the client when the disk image is created.",
-       "pattern": "[a-f0-9]{40}"
-      },
-      "source": {
-       "type": "string",
-       "description": "The full Google Cloud Storage URL where the disk image is stored. You must provide either this property or the sourceDisk property but not both.",
-       "annotations": {
-        "required": [
-         "compute.images.insert"
-        ]
-       }
+    "healthChecks": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified HealthCheck resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.healthChecks.delete",
+          "parameterOrder": [
+            "project",
+            "healthCheck"
+          ],
+          "parameters": {
+            "healthCheck": {
+              "description": "Name of the HealthCheck resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks/{healthCheck}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified HealthCheck resource. Get a list of available health checks by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.healthChecks.get",
+          "parameterOrder": [
+            "project",
+            "healthCheck"
+          ],
+          "parameters": {
+            "healthCheck": {
+              "description": "Name of the HealthCheck resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks/{healthCheck}",
+          "response": {
+            "$ref": "HealthCheck"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a HealthCheck resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.healthChecks.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks",
+          "request": {
+            "$ref": "HealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of HealthCheck resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.healthChecks.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks",
+          "response": {
+            "$ref": "HealthCheckList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates a HealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.healthChecks.patch",
+          "parameterOrder": [
+            "project",
+            "healthCheck"
+          ],
+          "parameters": {
+            "healthCheck": {
+              "description": "Name of the HealthCheck resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks/{healthCheck}",
+          "request": {
+            "$ref": "HealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "update": {
+          "description": "Updates a HealthCheck resource in the specified project using the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.healthChecks.update",
+          "parameterOrder": [
+            "project",
+            "healthCheck"
+          ],
+          "parameters": {
+            "healthCheck": {
+              "description": "Name of the HealthCheck resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/healthChecks/{healthCheck}",
+          "request": {
+            "$ref": "HealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sourceDisk": {
-     "type": "string",
-     "description": "URL of the source disk used to create this image. This can be a full or valid partial URL. You must provide either this property or the rawDisk.source property but not both to create an image. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk \n- projects/project/zones/zone/disks/disk \n- zones/zone/disks/disk"
-    },
-    "sourceDiskEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key."
-    },
-    "sourceDiskId": {
-     "type": "string",
-     "description": "The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name."
-    },
-    "sourceImage": {
-     "type": "string",
-     "description": "URL of the source image used to create this image. This can be a full or valid partial URL. You must provide exactly one of:  \n- this property, or  \n- the rawDisk.source property, or  \n- the sourceDisk property   in order to create an image."
-    },
-    "sourceImageEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key."
-    },
-    "sourceImageId": {
-     "type": "string",
-     "description": "[Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name."
-    },
-    "sourceType": {
-     "type": "string",
-     "description": "The type of the image used to create this disk. The default and only value is RAW",
-     "default": "RAW",
-     "enum": [
-      "RAW"
-     ],
-     "enumDescriptions": [
-      ""
-     ]
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the image. An image can be used to create other resources, such as instances, only after the image has been successfully created and the status is set to READY. Possible values are FAILED, PENDING, or READY.",
-     "enum": [
-      "FAILED",
-      "PENDING",
-      "READY"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "ImageList": {
-   "id": "ImageList",
-   "type": "object",
-   "description": "Contains a list of images.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Image resources.",
-     "items": {
-      "$ref": "Image"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#imageList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    },
+    "httpHealthChecks": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified HttpHealthCheck resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.httpHealthChecks.delete",
+          "parameterOrder": [
+            "project",
+            "httpHealthCheck"
+          ],
+          "parameters": {
+            "httpHealthCheck": {
+              "description": "Name of the HttpHealthCheck resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified HttpHealthCheck resource. Get a list of available HTTP health checks by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.httpHealthChecks.get",
+          "parameterOrder": [
+            "project",
+            "httpHealthCheck"
+          ],
+          "parameters": {
+            "httpHealthCheck": {
+              "description": "Name of the HttpHealthCheck resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
+          "response": {
+            "$ref": "HttpHealthCheck"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a HttpHealthCheck resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.httpHealthChecks.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks",
+          "request": {
+            "$ref": "HttpHealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of HttpHealthCheck resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.httpHealthChecks.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks",
+          "response": {
+            "$ref": "HttpHealthCheckList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates a HttpHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.httpHealthChecks.patch",
+          "parameterOrder": [
+            "project",
+            "httpHealthCheck"
+          ],
+          "parameters": {
+            "httpHealthCheck": {
+              "description": "Name of the HttpHealthCheck resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
+          "request": {
+            "$ref": "HttpHealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "update": {
+          "description": "Updates a HttpHealthCheck resource in the specified project using the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.httpHealthChecks.update",
+          "parameterOrder": [
+            "project",
+            "httpHealthCheck"
+          ],
+          "parameters": {
+            "httpHealthCheck": {
+              "description": "Name of the HttpHealthCheck resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
+          "request": {
+            "$ref": "HttpHealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "Instance": {
-   "id": "Instance",
-   "type": "object",
-   "description": "An Instance resource. (== resource_for beta.instances ==) (== resource_for v1.instances ==)",
-   "properties": {
-    "canIpForward": {
-     "type": "boolean",
-     "description": "Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding."
-    },
-    "cpuPlatform": {
-     "type": "string",
-     "description": "[Output Only] The CPU platform used by this instance."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "deletionProtection": {
-     "type": "boolean",
-     "description": "Whether the resource should be protected against deletion."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
     },
-    "disks": {
-     "type": "array",
-     "description": "Array of disks associated with this instance. Persistent disks must be created before you can assign them.",
-     "items": {
-      "$ref": "AttachedDisk"
-     }
-    },
-    "guestAccelerators": {
-     "type": "array",
-     "description": "List of the type and count of accelerator cards attached to the instance.",
-     "items": {
-      "$ref": "AcceleratorConfig"
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#instance for instances.",
-     "default": "compute#instance"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.\n\nTo see the latest fingerprint, make get() request to the instance.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this instance. These can be later modified by the setLabels method.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    },
-    "machineType": {
-     "type": "string",
-     "description": "Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:\n\nzones/us-central1-f/machineTypes/n1-standard-1 \n\nTo create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):\n\nzones/zone/machineTypes/custom-CPUS-MEMORY \n\nFor example: zones/us-central1-f/machineTypes/custom-4-5120 \n\nFor a full list of restrictions, read the Specifications for custom machine types.",
-     "annotations": {
-      "required": [
-       "compute.instances.insert"
-      ]
-     }
-    },
-    "metadata": {
-     "$ref": "Metadata",
-     "description": "The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys."
-    },
-    "minCpuPlatform": {
-     "type": "string",
-     "description": "Specifies a minimum CPU platform for the VM instance. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\"."
-    },
-    "name": {
-     "type": "string",
-     "description": "The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.instances.insert"
-      ]
-     }
-    },
-    "networkInterfaces": {
-     "type": "array",
-     "description": "An array of network configurations for this instance. These specify how interfaces are configured to interact with other network services, such as connecting to the internet. Multiple interfaces are supported per instance.",
-     "items": {
-      "$ref": "NetworkInterface"
-     }
-    },
-    "scheduling": {
-     "$ref": "Scheduling",
-     "description": "Sets the scheduling options for this instance."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "serviceAccounts": {
-     "type": "array",
-     "description": "A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.\n\nService accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.",
-     "items": {
-      "$ref": "ServiceAccount"
-     }
-    },
-    "startRestricted": {
-     "type": "boolean",
-     "description": "[Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, STOPPED, SUSPENDING, SUSPENDED, and TERMINATED.",
-     "enum": [
-      "PROVISIONING",
-      "RUNNING",
-      "STAGING",
-      "STOPPED",
-      "STOPPING",
-      "SUSPENDED",
-      "SUSPENDING",
-      "TERMINATED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "statusMessage": {
-     "type": "string",
-     "description": "[Output Only] An optional, human-readable explanation of the status."
-    },
-    "tags": {
-     "$ref": "Tags",
-     "description": "A list of tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] URL of the zone where the instance resides."
-    }
-   }
-  },
-  "InstanceAggregatedList": {
-   "id": "InstanceAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of InstancesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "InstancesScopedList",
-      "description": "[Output Only] Name of the scope containing this set of instances."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#instanceAggregatedList for aggregated lists of Instance resources.",
-     "default": "compute#instanceAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InstanceGroup": {
-   "id": "InstanceGroup",
-   "type": "object",
-   "description": "InstanceGroups (== resource_for beta.instanceGroups ==) (== resource_for v1.instanceGroups ==) (== resource_for beta.regionInstanceGroups ==) (== resource_for v1.regionInstanceGroups ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] The creation timestamp for this instance group in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "[Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.",
-     "format": "byte"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] A unique identifier for this instance group, generated by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroup for instance groups.",
-     "default": "compute#instanceGroup"
-    },
-    "name": {
-     "type": "string",
-     "description": "The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.instanceGroupManagers.insert"
-      ]
-     }
-    },
-    "namedPorts": {
-     "type": "array",
-     "description": "Assigns a name to a port number. For example: {name: \"http\", port: 80}\n\nThis allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: \"http\", port: 80},{name: \"http\", port: 8080}] \n\nNamed ports apply to all instances in this instance group.",
-     "items": {
-      "$ref": "NamedPort"
-     }
-    },
-    "network": {
-     "type": "string",
-     "description": "The URL of the network to which all instances in the instance group belong."
-    },
-    "region": {
-     "type": "string",
-     "description": "The URL of the region where the instance group is located (for regional resources)."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] The URL for this instance group. The server generates this URL."
-    },
-    "size": {
-     "type": "integer",
-     "description": "[Output Only] The total number of instances in the instance group.",
-     "format": "int32"
-    },
-    "subnetwork": {
-     "type": "string",
-     "description": "The URL of the subnetwork to which all instances in the instance group belong."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] The URL of the zone where the instance group is located (for zonal resources)."
-    }
-   }
-  },
-  "InstanceGroupAggregatedList": {
-   "id": "InstanceGroupAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of InstanceGroupsScopedList resources.",
-     "additionalProperties": {
-      "$ref": "InstanceGroupsScopedList",
-      "description": "The name of the scope that contains this set of instance groups."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupAggregatedList for aggregated lists of instance groups.",
-     "default": "compute#instanceGroupAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InstanceGroupList": {
-   "id": "InstanceGroupList",
-   "type": "object",
-   "description": "A list of InstanceGroup resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceGroup resources.",
-     "items": {
-      "$ref": "InstanceGroup"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupList for instance group lists.",
-     "default": "compute#instanceGroupList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "httpsHealthChecks": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified HttpsHealthCheck resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.httpsHealthChecks.delete",
+          "parameterOrder": [
+            "project",
+            "httpsHealthCheck"
+          ],
+          "parameters": {
+            "httpsHealthCheck": {
+              "description": "Name of the HttpsHealthCheck resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified HttpsHealthCheck resource. Get a list of available HTTPS health checks by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.httpsHealthChecks.get",
+          "parameterOrder": [
+            "project",
+            "httpsHealthCheck"
+          ],
+          "parameters": {
+            "httpsHealthCheck": {
+              "description": "Name of the HttpsHealthCheck resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
+          "response": {
+            "$ref": "HttpsHealthCheck"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a HttpsHealthCheck resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.httpsHealthChecks.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks",
+          "request": {
+            "$ref": "HttpsHealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of HttpsHealthCheck resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.httpsHealthChecks.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks",
+          "response": {
+            "$ref": "HttpsHealthCheckList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates a HttpsHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.httpsHealthChecks.patch",
+          "parameterOrder": [
+            "project",
+            "httpsHealthCheck"
+          ],
+          "parameters": {
+            "httpsHealthCheck": {
+              "description": "Name of the HttpsHealthCheck resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
+          "request": {
+            "$ref": "HttpsHealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "update": {
+          "description": "Updates a HttpsHealthCheck resource in the specified project using the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.httpsHealthChecks.update",
+          "parameterOrder": [
+            "project",
+            "httpsHealthCheck"
+          ],
+          "parameters": {
+            "httpsHealthCheck": {
+              "description": "Name of the HttpsHealthCheck resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
+          "request": {
+            "$ref": "HttpsHealthCheck"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InstanceGroupManager": {
-   "id": "InstanceGroupManager",
-   "type": "object",
-   "description": "An Instance Group Manager resource. (== resource_for beta.instanceGroupManagers ==) (== resource_for v1.instanceGroupManagers ==) (== resource_for beta.regionInstanceGroupManagers ==) (== resource_for v1.regionInstanceGroupManagers ==)",
-   "properties": {
-    "baseInstanceName": {
-     "type": "string",
-     "description": "The base instance name to use for instances in this group. The value must be 1-58 characters long. Instances are named by appending a hyphen and a random four-character string to the base instance name. The base instance name must comply with RFC1035.",
-     "pattern": "[a-z][-a-z0-9]{0,57}",
-     "annotations": {
-      "required": [
-       "compute.instanceGroupManagers.insert"
-      ]
-     }
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] The creation timestamp for this managed instance group in RFC3339 text format."
-    },
-    "currentActions": {
-     "$ref": "InstanceGroupManagerActionsSummary",
-     "description": "[Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "[Output Only] The fingerprint of the resource data. You can use this optional field for optimistic locking when you update the resource.",
-     "format": "byte"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] A unique identifier for this resource type. The server generates this identifier.",
-     "format": "uint64"
-    },
-    "instanceGroup": {
-     "type": "string",
-     "description": "[Output Only] The URL of the Instance Group resource."
-    },
-    "instanceTemplate": {
-     "type": "string",
-     "description": "The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.",
-     "default": "compute#instanceGroupManager"
-    },
-    "name": {
-     "type": "string",
-     "description": "The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.instanceGroupManagers.insert",
-       "compute.regionInstanceGroupManagers.insert"
-      ]
-     }
-    },
-    "namedPorts": {
-     "type": "array",
-     "description": "Named ports configured for the Instance Groups complementary to this Instance Group Manager.",
-     "items": {
-      "$ref": "NamedPort"
-     }
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] The URL of the region where the managed instance group resides (for regional resources)."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] The URL for this managed instance group. The server defines this URL."
     },
-    "targetPools": {
-     "type": "array",
-     "description": "The URLs for all TargetPool resources to which instances in the instanceGroup field are added. The target pools automatically apply to all of the instances in the managed instance group.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "targetSize": {
-     "type": "integer",
-     "description": "The target number of running instances for this managed instance group. Deleting or abandoning instances reduces this number. Resizing the group changes this number.",
-     "format": "int32",
-     "annotations": {
-      "required": [
-       "compute.instanceGroupManagers.insert",
-       "compute.regionInstanceGroupManagers.insert"
-      ]
-     }
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] The URL of the zone where the managed instance group is located (for zonal resources)."
-    }
-   }
-  },
-  "InstanceGroupManagerActionsSummary": {
-   "id": "InstanceGroupManagerActionsSummary",
-   "type": "object",
-   "properties": {
-    "abandoning": {
-     "type": "integer",
-     "description": "[Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.",
-     "format": "int32"
-    },
-    "creating": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.\n\nIf you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.",
-     "format": "int32"
-    },
-    "creatingWithoutRetries": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.",
-     "format": "int32"
-    },
-    "deleting": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.",
-     "format": "int32"
-    },
-    "none": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.",
-     "format": "int32"
-    },
-    "recreating": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be recreated or are currently being being recreated. Recreating an instance deletes the existing root persistent disk and creates a new disk from the image that is defined in the instance template.",
-     "format": "int32"
-    },
-    "refreshing": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are being reconfigured with properties that do not require a restart or a recreate action. For example, setting or removing target pools for the instance.",
-     "format": "int32"
-    },
-    "restarting": {
-     "type": "integer",
-     "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be restarted or are currently being restarted.",
-     "format": "int32"
-    }
-   }
-  },
-  "InstanceGroupManagerAggregatedList": {
-   "id": "InstanceGroupManagerAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of InstanceGroupManagersScopedList resources.",
-     "additionalProperties": {
-      "$ref": "InstanceGroupManagersScopedList",
-      "description": "[Output Only] The name of the scope that contains this set of managed instance groups."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupManagerAggregatedList for an aggregated list of managed instance groups.",
-     "default": "compute#instanceGroupManagerAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InstanceGroupManagerList": {
-   "id": "InstanceGroupManagerList",
-   "type": "object",
-   "description": "[Output Only] A list of managed instance groups.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceGroupManager resources.",
-     "items": {
-      "$ref": "InstanceGroupManager"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupManagerList for a list of managed instance groups.",
-     "default": "compute#instanceGroupManagerList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "images": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified image.",
+          "httpMethod": "DELETE",
+          "id": "compute.images.delete",
+          "parameterOrder": [
+            "project",
+            "image"
+          ],
+          "parameters": {
+            "image": {
+              "description": "Name of the image resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images/{image}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "deprecate": {
+          "description": "Sets the deprecation status of an image.\n\nIf an empty request body is given, clears the deprecation status instead.",
+          "httpMethod": "POST",
+          "id": "compute.images.deprecate",
+          "parameterOrder": [
+            "project",
+            "image"
+          ],
+          "parameters": {
+            "image": {
+              "description": "Image name.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images/{image}/deprecate",
+          "request": {
+            "$ref": "DeprecationStatus"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified image. Get a list of available images by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.images.get",
+          "parameterOrder": [
+            "project",
+            "image"
+          ],
+          "parameters": {
+            "image": {
+              "description": "Name of the image resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images/{image}",
+          "response": {
+            "$ref": "Image"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getFromFamily": {
+          "description": "Returns the latest image that is part of an image family and is not deprecated.",
+          "httpMethod": "GET",
+          "id": "compute.images.getFromFamily",
+          "parameterOrder": [
+            "project",
+            "family"
+          ],
+          "parameters": {
+            "family": {
+              "description": "Name of the image family to search for.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images/family/{family}",
+          "response": {
+            "$ref": "Image"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an image in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.images.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "forceCreate": {
+              "description": "Force image creation if true.",
+              "location": "query",
+              "type": "boolean"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images",
+          "request": {
+            "$ref": "Image"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/devstorage.full_control",
+            "https://www.googleapis.com/auth/devstorage.read_only",
+            "https://www.googleapis.com/auth/devstorage.read_write"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of custom images available to the specified project. Custom images are images you create that belong to your project. This method does not get any images that belong to other projects, including publicly-available images, like Debian 8. If you want to get a list of publicly-available images, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.",
+          "httpMethod": "GET",
+          "id": "compute.images.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images",
+          "response": {
+            "$ref": "ImageList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on an image. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.images.setLabels",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/images/{resource}/setLabels",
+          "request": {
+            "$ref": "GlobalSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InstanceGroupManagersAbandonInstancesRequest": {
-   "id": "InstanceGroupManagersAbandonInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The URLs of one or more instances to abandon. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstanceGroupManagersDeleteInstancesRequest": {
-   "id": "InstanceGroupManagersDeleteInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The URLs of one or more instances to delete. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstanceGroupManagersListManagedInstancesResponse": {
-   "id": "InstanceGroupManagersListManagedInstancesResponse",
-   "type": "object",
-   "properties": {
-    "managedInstances": {
-     "type": "array",
-     "description": "[Output Only] The list of instances in the managed instance group.",
-     "items": {
-      "$ref": "ManagedInstance"
-     }
-    }
-   }
-  },
-  "InstanceGroupManagersRecreateInstancesRequest": {
-   "id": "InstanceGroupManagersRecreateInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The URLs of one or more instances to recreate. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstanceGroupManagersScopedList": {
-   "id": "InstanceGroupManagersScopedList",
-   "type": "object",
-   "properties": {
+    },
     "instanceGroupManagers": {
-     "type": "array",
-     "description": "[Output Only] The list of managed instance groups that are contained in the specified project and zone.",
-     "items": {
-      "$ref": "InstanceGroupManager"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] The warning that replaces the list of managed instance groups when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+      "methods": {
+        "abandonInstances": {
+          "description": "Schedules a group action to remove the specified instances from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.abandonInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/abandonInstances",
+          "request": {
+            "$ref": "InstanceGroupManagersAbandonInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "aggregatedList": {
+          "description": "Retrieves the list of managed instance groups and groups them by zone.",
+          "httpMethod": "GET",
+          "id": "compute.instanceGroupManagers.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/instanceGroupManagers",
+          "response": {
+            "$ref": "InstanceGroupManagerAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified managed instance group and all of the instances in that group. Note that the instance group must not belong to a backend service. Read  Deleting an instance group for more information.",
+          "httpMethod": "DELETE",
+          "id": "compute.instanceGroupManagers.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group to delete.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "deleteInstances": {
+          "description": "Schedules a group action to delete the specified instances in the managed instance group. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.deleteInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/deleteInstances",
+          "request": {
+            "$ref": "InstanceGroupManagersDeleteInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns all of the details about the specified managed instance group. Get a list of available managed instance groups by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.instanceGroupManagers.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
+          "response": {
+            "$ref": "InstanceGroupManager"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a managed instance group using the information that you specify in the request. After the group is created, it schedules an action to create instances in the group using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.\n\nA managed instance group can have up to 1000 VM instances per group. Please contact Cloud Support if you need an increase in this limit.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where you want to create the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers",
+          "request": {
+            "$ref": "InstanceGroupManager"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of managed instance groups that are contained within the specified project and zone.",
+          "httpMethod": "GET",
+          "id": "compute.instanceGroupManagers.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers",
+          "response": {
+            "$ref": "InstanceGroupManagerList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listManagedInstances": {
+          "description": "Lists all of the instances in the managed instance group. Each instance in the list has a currentAction, which indicates the action that the managed instance group is performing on the instance. For example, if the group is still creating an instance, the currentAction is CREATING. If a previous action failed, the list displays the errors for that failed action.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.listManagedInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "filter": {
+              "location": "query",
+              "type": "string"
+            },
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "order_by": {
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/listManagedInstances",
+          "response": {
+            "$ref": "InstanceGroupManagersListManagedInstancesResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "recreateInstances": {
+          "description": "Schedules a group action to recreate the specified instances in the managed instance group. The instances are deleted and recreated using the current instance template for the managed instance group. This operation is marked as DONE when the action is scheduled even if the instances have not yet been recreated. You must separately verify the status of the recreating action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.recreateInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/recreateInstances",
+          "request": {
+            "$ref": "InstanceGroupManagersRecreateInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "resize": {
+          "description": "Resizes the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.resize",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager",
+            "size"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "size": {
+              "description": "The number of running instances that the managed instance group should maintain at any given time. The group automatically adds or removes instances to maintain the number of instances specified by this parameter.",
+              "format": "int32",
+              "location": "query",
+              "required": true,
+              "type": "integer"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/resize",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setInstanceTemplate": {
+          "description": "Specifies the instance template to use when creating new instances in this group. The templates for existing instances in the group do not change unless you recreate them.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.setInstanceTemplate",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/setInstanceTemplate",
+          "request": {
+            "$ref": "InstanceGroupManagersSetInstanceTemplateRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setTargetPools": {
+          "description": "Modifies the target pools to which all instances in this managed instance group are assigned. The target pools automatically apply to all of the instances in the managed instance group. This operation is marked DONE when you make the request even if the instances have not yet been added to their target pools. The change might take some time to apply to all of the instances in the group depending on the size of the group.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroupManagers.setTargetPools",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the managed instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/setTargetPools",
+          "request": {
+            "$ref": "InstanceGroupManagersSetTargetPoolsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InstanceGroupManagersSetInstanceTemplateRequest": {
-   "id": "InstanceGroupManagersSetInstanceTemplateRequest",
-   "type": "object",
-   "properties": {
-    "instanceTemplate": {
-     "type": "string",
-     "description": "The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group."
-    }
-   }
-  },
-  "InstanceGroupManagersSetTargetPoolsRequest": {
-   "id": "InstanceGroupManagersSetTargetPoolsRequest",
-   "type": "object",
-   "properties": {
-    "fingerprint": {
-     "type": "string",
-     "description": "The fingerprint of the target pools information. Use this optional property to prevent conflicts when multiple users change the target pools settings concurrently. Obtain the fingerprint with the instanceGroupManagers.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.",
-     "format": "byte"
     },
-    "targetPools": {
-     "type": "array",
-     "description": "The list of target pool URLs that instances in this managed instance group belong to. The managed instance group applies these target pools to all of the instances in the group. Existing instances and new instances in the group all receive these target pool settings.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstanceGroupsAddInstancesRequest": {
-   "id": "InstanceGroupsAddInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The list of instances to add to the instance group.",
-     "items": {
-      "$ref": "InstanceReference"
-     }
-    }
-   }
-  },
-  "InstanceGroupsListInstances": {
-   "id": "InstanceGroupsListInstances",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceWithNamedPorts resources.",
-     "items": {
-      "$ref": "InstanceWithNamedPorts"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupsListInstances for the list of instances in the specified instance group.",
-     "default": "compute#instanceGroupsListInstances"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InstanceGroupsListInstancesRequest": {
-   "id": "InstanceGroupsListInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instanceState": {
-     "type": "string",
-     "description": "A filter for the state of the instances in the instance group. Valid options are ALL or RUNNING. If you do not specify this parameter the list includes all instances regardless of their state.",
-     "enum": [
-      "ALL",
-      "RUNNING"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "InstanceGroupsRemoveInstancesRequest": {
-   "id": "InstanceGroupsRemoveInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The list of instances to remove from the instance group.",
-     "items": {
-      "$ref": "InstanceReference"
-     }
-    }
-   }
-  },
-  "InstanceGroupsScopedList": {
-   "id": "InstanceGroupsScopedList",
-   "type": "object",
-   "properties": {
     "instanceGroups": {
-     "type": "array",
-     "description": "[Output Only] The list of instance groups that are contained in this scope.",
-     "items": {
-      "$ref": "InstanceGroup"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] An informational warning that replaces the list of instance groups when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InstanceGroupsSetNamedPortsRequest": {
-   "id": "InstanceGroupsSetNamedPortsRequest",
-   "type": "object",
-   "properties": {
-    "fingerprint": {
-     "type": "string",
-     "description": "The fingerprint of the named ports information for this instance group. Use this optional property to prevent conflicts when multiple users change the named ports settings concurrently. Obtain the fingerprint with the instanceGroups.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.",
-     "format": "byte"
-    },
-    "namedPorts": {
-     "type": "array",
-     "description": "The list of named ports to set for this instance group.",
-     "items": {
-      "$ref": "NamedPort"
-     }
-    }
-   }
-  },
-  "InstanceList": {
-   "id": "InstanceList",
-   "type": "object",
-   "description": "Contains a list of instances.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Instance resources.",
-     "items": {
-      "$ref": "Instance"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#instanceList for lists of Instance resources.",
-     "default": "compute#instanceList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+      "methods": {
+        "addInstances": {
+          "description": "Adds a list of instances to the specified instance group. All of the instances in the instance group must be in the same network/subnetwork. Read  Adding instances for more information.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroups.addInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "The name of the instance group where you are adding instances.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/addInstances",
+          "request": {
+            "$ref": "InstanceGroupsAddInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "aggregatedList": {
+          "description": "Retrieves the list of instance groups and sorts them by zone.",
+          "httpMethod": "GET",
+          "id": "compute.instanceGroups.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/instanceGroups",
+          "response": {
+            "$ref": "InstanceGroupAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified instance group. The instances in the group are not deleted. Note that instance group must not belong to a backend service. Read  Deleting an instance group for more information.",
+          "httpMethod": "DELETE",
+          "id": "compute.instanceGroups.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "The name of the instance group to delete.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified instance group. Get a list of available instance groups by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.instanceGroups.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "The name of the instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}",
+          "response": {
+            "$ref": "InstanceGroup"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an instance group in the specified project using the parameters that are included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroups.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where you want to create the instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups",
+          "request": {
+            "$ref": "InstanceGroup"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of instance groups that are located in the specified project and zone.",
+          "httpMethod": "GET",
+          "id": "compute.instanceGroups.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups",
+          "response": {
+            "$ref": "InstanceGroupList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listInstances": {
+          "description": "Lists the instances in the specified instance group.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroups.listInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "instanceGroup": {
+              "description": "The name of the instance group from which you want to generate a list of included instances.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/listInstances",
+          "request": {
+            "$ref": "InstanceGroupsListInstancesRequest"
+          },
+          "response": {
+            "$ref": "InstanceGroupsListInstances"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "removeInstances": {
+          "description": "Removes one or more instances from the specified instance group, but does not delete those instances.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration before the VM instance is removed or deleted.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroups.removeInstances",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "The name of the instance group where the specified instances will be removed.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/removeInstances",
+          "request": {
+            "$ref": "InstanceGroupsRemoveInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setNamedPorts": {
+          "description": "Sets the named ports for the specified instance group.",
+          "httpMethod": "POST",
+          "id": "compute.instanceGroups.setNamedPorts",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "The name of the instance group where the named ports are updated.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone where the instance group is located.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/setNamedPorts",
+          "request": {
+            "$ref": "InstanceGroupsSetNamedPortsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InstanceMoveRequest": {
-   "id": "InstanceMoveRequest",
-   "type": "object",
-   "properties": {
-    "destinationZone": {
-     "type": "string",
-     "description": "The URL of the destination zone to move the instance. This can be a full or partial URL. For example, the following are all valid URLs to a zone:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone \n- projects/project/zones/zone \n- zones/zone"
-    },
-    "targetInstance": {
-     "type": "string",
-     "description": "The URL of the target instance to move. This can be a full or partial URL. For example, the following are all valid URLs to an instance:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance \n- projects/project/zones/zone/instances/instance \n- zones/zone/instances/instance"
-    }
-   }
-  },
-  "InstanceProperties": {
-   "id": "InstanceProperties",
-   "type": "object",
-   "description": "",
-   "properties": {
-    "canIpForward": {
-     "type": "boolean",
-     "description": "Enables instances created based on this template to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional text description for the instances that are created from this instance template."
     },
-    "disks": {
-     "type": "array",
-     "description": "An array of disks that are associated with the instances that are created from this template.",
-     "items": {
-      "$ref": "AttachedDisk"
-     }
-    },
-    "guestAccelerators": {
-     "type": "array",
-     "description": "A list of guest accelerator cards' type and count to use for instances created from the instance template.",
-     "items": {
-      "$ref": "AcceleratorConfig"
-     }
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to instances that are created from this template.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    },
-    "machineType": {
-     "type": "string",
-     "description": "The machine type to use for instances that are created from this template.",
-     "annotations": {
-      "required": [
-       "compute.instanceTemplates.insert"
-      ]
-     }
-    },
-    "metadata": {
-     "$ref": "Metadata",
-     "description": "The metadata key/value pairs to assign to instances that are created from this template. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information."
-    },
-    "minCpuPlatform": {
-     "type": "string",
-     "description": "Minimum cpu/platform to be used by this instance. The instance may be scheduled on the specified or newer cpu/platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\". For more information, read Specifying a Minimum CPU Platform."
-    },
-    "networkInterfaces": {
-     "type": "array",
-     "description": "An array of network access configurations for this interface.",
-     "items": {
-      "$ref": "NetworkInterface"
-     }
-    },
-    "scheduling": {
-     "$ref": "Scheduling",
-     "description": "Specifies the scheduling options for the instances that are created from this template."
-    },
-    "serviceAccounts": {
-     "type": "array",
-     "description": "A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from this template. Use metadata queries to obtain the access tokens for these instances.",
-     "items": {
-      "$ref": "ServiceAccount"
-     }
-    },
-    "tags": {
-     "$ref": "Tags",
-     "description": "A list of tags to apply to the instances that are created from this template. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035."
-    }
-   }
-  },
-  "InstanceReference": {
-   "id": "InstanceReference",
-   "type": "object",
-   "properties": {
-    "instance": {
-     "type": "string",
-     "description": "The URL for a specific instance."
-    }
-   }
-  },
-  "InstanceTemplate": {
-   "id": "InstanceTemplate",
-   "type": "object",
-   "description": "An Instance Template resource. (== resource_for beta.instanceTemplates ==) (== resource_for v1.instanceTemplates ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] The creation timestamp for this instance template in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] A unique identifier for this instance template. The server defines this identifier.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceTemplate for instance templates.",
-     "default": "compute#instanceTemplate"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.instanceTemplates.insert"
-      ]
-     }
-    },
-    "properties": {
-     "$ref": "InstanceProperties",
-     "description": "The instance properties for this instance template."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] The URL for this instance template. The server defines this URL."
-    }
-   }
-  },
-  "InstanceTemplateList": {
-   "id": "InstanceTemplateList",
-   "type": "object",
-   "description": "A list of instance templates.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceTemplate resources.",
-     "items": {
-      "$ref": "InstanceTemplate"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceTemplatesListResponse for instance template lists.",
-     "default": "compute#instanceTemplateList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InstanceWithNamedPorts": {
-   "id": "InstanceWithNamedPorts",
-   "type": "object",
-   "properties": {
-    "instance": {
-     "type": "string",
-     "description": "[Output Only] The URL of the instance."
-    },
-    "namedPorts": {
-     "type": "array",
-     "description": "[Output Only] The named ports that belong to this instance group.",
-     "items": {
-      "$ref": "NamedPort"
-     }
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the instance.",
-     "enum": [
-      "PROVISIONING",
-      "RUNNING",
-      "STAGING",
-      "STOPPED",
-      "STOPPING",
-      "SUSPENDED",
-      "SUSPENDING",
-      "TERMINATED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "InstancesScopedList": {
-   "id": "InstancesScopedList",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "[Output Only] List of instances contained in this scope.",
-     "items": {
-      "$ref": "Instance"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of instances when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "instanceTemplates": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified instance template. Deleting an instance template is permanent and cannot be undone. It's not possible to delete templates which are in use by an instance group.",
+          "httpMethod": "DELETE",
+          "id": "compute.instanceTemplates.delete",
+          "parameterOrder": [
+            "project",
+            "instanceTemplate"
+          ],
+          "parameters": {
+            "instanceTemplate": {
+              "description": "The name of the instance template to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/instanceTemplates/{instanceTemplate}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified instance template. Get a list of available instance templates by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.instanceTemplates.get",
+          "parameterOrder": [
+            "project",
+            "instanceTemplate"
+          ],
+          "parameters": {
+            "instanceTemplate": {
+              "description": "The name of the instance template.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/instanceTemplates/{instanceTemplate}",
+          "response": {
+            "$ref": "InstanceTemplate"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an instance template in the specified project using the data that is included in the request. If you are creating a new template to update an existing instance group, your new instance template must use the same network or, if applicable, the same subnetwork as the original template.",
+          "httpMethod": "POST",
+          "id": "compute.instanceTemplates.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/instanceTemplates",
+          "request": {
+            "$ref": "InstanceTemplate"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of instance templates that are contained within the specified project and zone.",
+          "httpMethod": "GET",
+          "id": "compute.instanceTemplates.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/instanceTemplates",
+          "response": {
+            "$ref": "InstanceTemplateList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "InstancesSetLabelsRequest": {
-   "id": "InstancesSetLabelsRequest",
-   "type": "object",
-   "properties": {
-    "labelFingerprint": {
-     "type": "string",
-     "description": "Fingerprint of the previous set of labels for this resource, used to prevent conflicts. Provide the latest fingerprint value when making a request to add or change labels.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "additionalProperties": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstancesSetMachineResourcesRequest": {
-   "id": "InstancesSetMachineResourcesRequest",
-   "type": "object",
-   "properties": {
-    "guestAccelerators": {
-     "type": "array",
-     "description": "List of the type and count of accelerator cards attached to the instance.",
-     "items": {
-      "$ref": "AcceleratorConfig"
-     }
-    }
-   }
-  },
-  "InstancesSetMachineTypeRequest": {
-   "id": "InstancesSetMachineTypeRequest",
-   "type": "object",
-   "properties": {
-    "machineType": {
-     "type": "string",
-     "description": "Full or partial URL of the machine type resource. See Machine Types for a full list of machine types. For example: zones/us-central1-f/machineTypes/n1-standard-1"
-    }
-   }
-  },
-  "InstancesSetMinCpuPlatformRequest": {
-   "id": "InstancesSetMinCpuPlatformRequest",
-   "type": "object",
-   "properties": {
-    "minCpuPlatform": {
-     "type": "string",
-     "description": "Minimum cpu/platform this instance should be started at."
-    }
-   }
-  },
-  "InstancesSetServiceAccountRequest": {
-   "id": "InstancesSetServiceAccountRequest",
-   "type": "object",
-   "properties": {
-    "email": {
-     "type": "string",
-     "description": "Email address of the service account."
-    },
-    "scopes": {
-     "type": "array",
-     "description": "The list of scopes to be made available for this service account.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "InstancesStartWithEncryptionKeyRequest": {
-   "id": "InstancesStartWithEncryptionKeyRequest",
-   "type": "object",
-   "properties": {
-    "disks": {
-     "type": "array",
-     "description": "Array of disks associated with this instance that are protected with a customer-supplied encryption key.\n\nIn order to start the instance, the disk url and its corresponding key must be provided.\n\nIf the disk is not protected with a customer-supplied encryption key it should not be specified.",
-     "items": {
-      "$ref": "CustomerEncryptionKeyProtectedDisk"
-     }
-    }
-   }
-  },
-  "Interconnect": {
-   "id": "Interconnect",
-   "type": "object",
-   "description": "Represents an Interconnects resource. The Interconnects resource is a dedicated connection between Google's network and your on-premises network. For more information, see the  Dedicated overview page. (== resource_for v1.interconnects ==) (== resource_for beta.interconnects ==)",
-   "properties": {
-    "adminEnabled": {
-     "type": "boolean",
-     "description": "Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true."
-    },
-    "circuitInfos": {
-     "type": "array",
-     "description": "[Output Only] List of CircuitInfo objects, that describe the individual circuits in this LAG.",
-     "items": {
-      "$ref": "InterconnectCircuitInfo"
-     }
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "customerName": {
-     "type": "string",
-     "description": "Customer name, to put in the Letter of Authorization as the party authorized to request a crossconnect."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "expectedOutages": {
-     "type": "array",
-     "description": "[Output Only] List of outages expected for this Interconnect.",
-     "items": {
-      "$ref": "InterconnectOutageNotification"
-     }
-    },
-    "googleIpAddress": {
-     "type": "string",
-     "description": "[Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests."
-    },
-    "googleReferenceId": {
-     "type": "string",
-     "description": "[Output Only] Google reference ID; to be used when raising support tickets with Google or otherwise to debug backend connectivity issues."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
     },
-    "interconnectAttachments": {
-     "type": "array",
-     "description": "[Output Only] A list of the URLs of all InterconnectAttachments configured to use this Interconnect.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "interconnectType": {
-     "type": "string",
-     "description": "Type of interconnect. Note that \"IT_PRIVATE\" has been deprecated in favor of \"DEDICATED\"",
-     "enum": [
-      "DEDICATED",
-      "IT_PRIVATE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#interconnect for interconnects.",
-     "default": "compute#interconnect"
-    },
-    "linkType": {
-     "type": "string",
-     "description": "Type of link requested. This field indicates speed of each of the links in the bundle, not the entire bundle. Only 10G per link is allowed for a dedicated interconnect. Options: Ethernet_10G_LR",
-     "enum": [
-      "LINK_TYPE_ETHERNET_10G_LR"
-     ],
-     "enumDescriptions": [
-      ""
-     ]
-    },
-    "location": {
-     "type": "string",
-     "description": "URL of the InterconnectLocation object that represents where this connection is to be provisioned."
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.interconnects.insert"
-      ]
-     }
-    },
-    "nocContactEmail": {
-     "type": "string",
-     "description": "Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Stackdriver logs alerting and Cloud Notifications."
-    },
-    "operationalStatus": {
-     "type": "string",
-     "description": "[Output Only] The current status of whether or not this Interconnect is functional.",
-     "enum": [
-      "OS_ACTIVE",
-      "OS_UNPROVISIONED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "peerIpAddress": {
-     "type": "string",
-     "description": "[Output Only] IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests."
-    },
-    "provisionedLinkCount": {
-     "type": "integer",
-     "description": "[Output Only] Number of links actually provisioned in this interconnect.",
-     "format": "int32"
-    },
-    "requestedLinkCount": {
-     "type": "integer",
-     "description": "Target number of physical links in the link bundle, as requested by the customer.",
-     "format": "int32"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "InterconnectAttachment": {
-   "id": "InterconnectAttachment",
-   "type": "object",
-   "description": "Represents an InterconnectAttachment (VLAN attachment) resource. For more information, see  Creating VLAN Attachments. (== resource_for beta.interconnectAttachments ==) (== resource_for v1.interconnectAttachments ==)",
-   "properties": {
-    "cloudRouterIpAddress": {
-     "type": "string",
-     "description": "[Output Only] IPv4 address + prefix length to be configured on Cloud Router Interface for this interconnect attachment."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "customerRouterIpAddress": {
-     "type": "string",
-     "description": "[Output Only] IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource."
-    },
-    "googleReferenceId": {
-     "type": "string",
-     "description": "[Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "interconnect": {
-     "type": "string",
-     "description": "URL of the underlying Interconnect object that this attachment's traffic will traverse through."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.",
-     "default": "compute#interconnectAttachment"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "operationalStatus": {
-     "type": "string",
-     "description": "[Output Only] The current status of whether or not this interconnect attachment is functional.",
-     "enum": [
-      "OS_ACTIVE",
-      "OS_UNPROVISIONED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "privateInterconnectInfo": {
-     "$ref": "InterconnectAttachmentPrivateInfo",
-     "description": "[Output Only] Information specific to an InterconnectAttachment. This property is populated if the interconnect that this is attached to is of type DEDICATED."
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the regional interconnect attachment resides."
-    },
-    "router": {
-     "type": "string",
-     "description": "URL of the cloud router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network & region within which the Cloud Router is configured."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "InterconnectAttachmentAggregatedList": {
-   "id": "InterconnectAttachmentAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of InterconnectAttachmentsScopedList resources.",
-     "additionalProperties": {
-      "$ref": "InterconnectAttachmentsScopedList",
-      "description": "Name of the scope containing this set of interconnect attachments."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#interconnectAttachmentAggregatedList for aggregated lists of interconnect attachments.",
-     "default": "compute#interconnectAttachmentAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InterconnectAttachmentList": {
-   "id": "InterconnectAttachmentList",
-   "type": "object",
-   "description": "Response to the list request, and contains a list of interconnect attachments.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InterconnectAttachment resources.",
-     "items": {
-      "$ref": "InterconnectAttachment"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#interconnectAttachmentList for lists of interconnect attachments.",
-     "default": "compute#interconnectAttachmentList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InterconnectAttachmentPrivateInfo": {
-   "id": "InterconnectAttachmentPrivateInfo",
-   "type": "object",
-   "description": "Information for an interconnect attachment when this belongs to an interconnect of type DEDICATED.",
-   "properties": {
-    "tag8021q": {
-     "type": "integer",
-     "description": "[Output Only] 802.1q encapsulation tag to be used for traffic between Google and the customer, going to and from this network and region.",
-     "format": "uint32"
-    }
-   }
-  },
-  "InterconnectAttachmentsScopedList": {
-   "id": "InterconnectAttachmentsScopedList",
-   "type": "object",
-   "properties": {
-    "interconnectAttachments": {
-     "type": "array",
-     "description": "List of interconnect attachments contained in this scope.",
-     "items": {
-      "$ref": "InterconnectAttachment"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of addresses when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InterconnectCircuitInfo": {
-   "id": "InterconnectCircuitInfo",
-   "type": "object",
-   "description": "Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only. Next id: 4",
-   "properties": {
-    "customerDemarcId": {
-     "type": "string",
-     "description": "Customer-side demarc ID for this circuit."
-    },
-    "googleCircuitId": {
-     "type": "string",
-     "description": "Google-assigned unique ID for this circuit. Assigned at circuit turn-up."
-    },
-    "googleDemarcId": {
-     "type": "string",
-     "description": "Google-side demarc ID for this circuit. Assigned at circuit turn-up and provided by Google to the customer in the LOA."
-    }
-   }
-  },
-  "InterconnectList": {
-   "id": "InterconnectList",
-   "type": "object",
-   "description": "Response to the list request, and contains a list of interconnects.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Interconnect resources.",
-     "items": {
-      "$ref": "Interconnect"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#interconnectList for lists of interconnects.",
-     "default": "compute#interconnectList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InterconnectLocation": {
-   "id": "InterconnectLocation",
-   "type": "object",
-   "description": "Represents an InterconnectLocations resource. The InterconnectLocations resource describes the locations where you can connect to Google's networks. For more information, see  Colocation Facilities.",
-   "properties": {
-    "address": {
-     "type": "string",
-     "description": "[Output Only] The postal address of the Point of Presence, each line in the address is separated by a newline character."
-    },
-    "availabilityZone": {
-     "type": "string",
-     "description": "[Output Only] Availability zone for this location. Within a metropolitan area (metro), maintenance will not be simultaneously scheduled in more than one availability zone. Example: \"zone1\" or \"zone2\"."
-    },
-    "city": {
-     "type": "string",
-     "description": "[Output Only] Metropolitan area designator that indicates which city an interconnect is located. For example: \"Chicago, IL\", \"Amsterdam, Netherlands\"."
-    },
-    "continent": {
-     "type": "string",
-     "description": "[Output Only] Continent for this location.",
-     "enum": [
-      "AFRICA",
-      "ASIA_PAC",
-      "C_AFRICA",
-      "C_ASIA_PAC",
-      "C_EUROPE",
-      "C_NORTH_AMERICA",
-      "C_SOUTH_AMERICA",
-      "EUROPE",
-      "NORTH_AMERICA",
-      "SOUTH_AMERICA"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] An optional description of the resource."
-    },
-    "facilityProvider": {
-     "type": "string",
-     "description": "[Output Only] The name of the provider for this facility (e.g., EQUINIX)."
-    },
-    "facilityProviderFacilityId": {
-     "type": "string",
-     "description": "[Output Only] A provider-assigned Identifier for this facility (e.g., Ashburn-DC1)."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#interconnectLocation for interconnect locations.",
-     "default": "compute#interconnectLocation"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource."
-    },
-    "peeringdbFacilityId": {
-     "type": "string",
-     "description": "[Output Only] The peeringdb identifier for this facility (corresponding with a netfac type in peeringdb)."
-    },
-    "regionInfos": {
-     "type": "array",
-     "description": "[Output Only] A list of InterconnectLocation.RegionInfo objects, that describe parameters pertaining to the relation between this InterconnectLocation and various Google Cloud regions.",
-     "items": {
-      "$ref": "InterconnectLocationRegionInfo"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "InterconnectLocationList": {
-   "id": "InterconnectLocationList",
-   "type": "object",
-   "description": "Response to the list request, and contains a list of interconnect locations.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InterconnectLocation resources.",
-     "items": {
-      "$ref": "InterconnectLocation"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#interconnectLocationList for lists of interconnect locations.",
-     "default": "compute#interconnectLocationList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "InterconnectLocationRegionInfo": {
-   "id": "InterconnectLocationRegionInfo",
-   "type": "object",
-   "description": "Information about any potential InterconnectAttachments between an Interconnect at a specific InterconnectLocation, and a specific Cloud Region.",
-   "properties": {
-    "expectedRttMs": {
-     "type": "string",
-     "description": "Expected round-trip time in milliseconds, from this InterconnectLocation to a VM in this region.",
-     "format": "int64"
-    },
-    "locationPresence": {
-     "type": "string",
-     "description": "Identifies the network presence of this location.",
-     "enum": [
-      "GLOBAL",
-      "LOCAL_REGION",
-      "LP_GLOBAL",
-      "LP_LOCAL_REGION"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "region": {
-     "type": "string",
-     "description": "URL for the region of this location."
-    }
-   }
-  },
-  "InterconnectOutageNotification": {
-   "id": "InterconnectOutageNotification",
-   "type": "object",
-   "description": "Description of a planned outage on this Interconnect. Next id: 9",
-   "properties": {
-    "affectedCircuits": {
-     "type": "array",
-     "description": "Iff issue_type is IT_PARTIAL_OUTAGE, a list of the Google-side circuit IDs that will be affected.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "description": {
-     "type": "string",
-     "description": "A description about the purpose of the outage."
-    },
-    "endTime": {
-     "type": "string",
-     "description": "Scheduled end time for the outage (milliseconds since Unix epoch).",
-     "format": "int64"
-    },
-    "issueType": {
-     "type": "string",
-     "description": "Form this outage is expected to take. Note that the \"IT_\" versions of this enum have been deprecated in favor of the unprefixed values.",
-     "enum": [
-      "IT_OUTAGE",
-      "IT_PARTIAL_OUTAGE",
-      "OUTAGE",
-      "PARTIAL_OUTAGE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "name": {
-     "type": "string",
-     "description": "Unique identifier for this outage notification."
-    },
-    "source": {
-     "type": "string",
-     "description": "The party that generated this notification. Note that \"NSRC_GOOGLE\" has been deprecated in favor of \"GOOGLE\"",
-     "enum": [
-      "GOOGLE",
-      "NSRC_GOOGLE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "startTime": {
-     "type": "string",
-     "description": "Scheduled start time for the outage (milliseconds since Unix epoch).",
-     "format": "int64"
-    },
-    "state": {
-     "type": "string",
-     "description": "State of this notification. Note that the \"NS_\" versions of this enum have been deprecated in favor of the unprefixed values.",
-     "enum": [
-      "ACTIVE",
-      "CANCELLED",
-      "NS_ACTIVE",
-      "NS_CANCELED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "License": {
-   "id": "License",
-   "type": "object",
-   "description": "A license resource.",
-   "properties": {
-    "chargesUseFee": {
-     "type": "boolean",
-     "description": "[Output Only] Deprecated. This field no longer reflects whether a license charges a usage fee."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#license for licenses.",
-     "default": "compute#license"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource. The name is 1-63 characters long and complies with RFC1035.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.images.insert"
-      ]
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "MachineType": {
-   "id": "MachineType",
-   "type": "object",
-   "description": "A Machine Type resource. (== resource_for v1.machineTypes ==) (== resource_for beta.machineTypes ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "deprecated": {
-     "$ref": "DeprecationStatus",
-     "description": "[Output Only] The deprecation status associated with this machine type."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] An optional textual description of the resource."
-    },
-    "guestCpus": {
-     "type": "integer",
-     "description": "[Output Only] The number of virtual CPUs that are available to the instance.",
-     "format": "int32"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "imageSpaceGb": {
-     "type": "integer",
-     "description": "[Deprecated] This property is deprecated and will never be populated with any relevant values.",
-     "format": "int32"
-    },
-    "isSharedCpu": {
-     "type": "boolean",
-     "description": "[Output Only] Whether this machine type has a shared CPU. See Shared-core machine types for more information."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The type of the resource. Always compute#machineType for machine types.",
-     "default": "compute#machineType"
-    },
-    "maximumPersistentDisks": {
-     "type": "integer",
-     "description": "[Output Only] Maximum persistent disks allowed.",
-     "format": "int32"
-    },
-    "maximumPersistentDisksSizeGb": {
-     "type": "string",
-     "description": "[Output Only] Maximum total persistent disks size (GB) allowed.",
-     "format": "int64"
-    },
-    "memoryMb": {
-     "type": "integer",
-     "description": "[Output Only] The amount of physical memory available to the instance, defined in MB.",
-     "format": "int32"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "scratchDisks": {
-     "type": "array",
-     "description": "[Output Only] List of extended scratch disks assigned to the instance.",
-     "items": {
-      "type": "object",
-      "properties": {
-       "diskGb": {
-        "type": "integer",
-        "description": "Size of the scratch disk, defined in GB.",
-        "format": "int32"
-       }
+    "instances": {
+      "methods": {
+        "addAccessConfig": {
+          "description": "Adds an access config to an instance's network interface.",
+          "httpMethod": "POST",
+          "id": "compute.instances.addAccessConfig",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance",
+            "networkInterface"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "The instance name for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "networkInterface": {
+              "description": "The name of the network interface to add to this instance.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/addAccessConfig",
+          "request": {
+            "$ref": "AccessConfig"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "aggregatedList": {
+          "description": "Retrieves aggregated list of instances.",
+          "httpMethod": "GET",
+          "id": "compute.instances.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/instances",
+          "response": {
+            "$ref": "InstanceAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "attachDisk": {
+          "description": "Attaches an existing Disk resource to an instance. You must first create the disk before you can attach it. It is not possible to create and attach a disk at the same time. For more information, read Adding a persistent disk to your instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.attachDisk",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "The instance name for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/attachDisk",
+          "request": {
+            "$ref": "AttachedDisk"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified Instance resource. For more information, see Stopping or Deleting an Instance.",
+          "httpMethod": "DELETE",
+          "id": "compute.instances.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "deleteAccessConfig": {
+          "description": "Deletes an access config from an instance's network interface.",
+          "httpMethod": "POST",
+          "id": "compute.instances.deleteAccessConfig",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance",
+            "accessConfig",
+            "networkInterface"
+          ],
+          "parameters": {
+            "accessConfig": {
+              "description": "The name of the access config to delete.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "instance": {
+              "description": "The instance name for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "networkInterface": {
+              "description": "The name of the network interface.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/deleteAccessConfig",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "detachDisk": {
+          "description": "Detaches a disk from an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.detachDisk",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance",
+            "deviceName"
+          ],
+          "parameters": {
+            "deviceName": {
+              "description": "Disk device name to detach.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "instance": {
+              "description": "Instance name.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/detachDisk",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified Instance resource. Get a list of available instances by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.instances.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}",
+          "response": {
+            "$ref": "Instance"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getSerialPortOutput": {
+          "description": "Returns the specified instance's serial port output.",
+          "httpMethod": "GET",
+          "id": "compute.instances.getSerialPortOutput",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "port": {
+              "default": "1",
+              "description": "Specifies which COM or serial port to retrieve data from.",
+              "format": "int32",
+              "location": "query",
+              "maximum": "4",
+              "minimum": "1",
+              "type": "integer"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "start": {
+              "description": "Returns output starting from a specific byte position. Use this to page through output when the output is too large to return in a single request. For the initial request, leave this field unspecified. For subsequent calls, this field should be set to the next value returned in the previous call.",
+              "format": "int64",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/serialPort",
+          "response": {
+            "$ref": "SerialPortOutput"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an instance resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.instances.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances",
+          "request": {
+            "$ref": "Instance"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of instances contained within the specified zone.",
+          "httpMethod": "GET",
+          "id": "compute.instances.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances",
+          "response": {
+            "$ref": "InstanceList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listReferrers": {
+          "description": "Retrieves the list of referrers to instances contained within the specified zone.",
+          "httpMethod": "GET",
+          "id": "compute.instances.listReferrers",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "instance": {
+              "description": "Name of the target instance scoping this request, or '-' if the request should span over all instances in the container.",
+              "location": "path",
+              "pattern": "-|[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/referrers",
+          "response": {
+            "$ref": "InstanceListReferrers"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "reset": {
+          "description": "Performs a reset on the instance. For more information, see Resetting an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.reset",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/reset",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setDeletionProtection": {
+          "description": "Sets deletion protection on the instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setDeletionProtection",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "resource"
+          ],
+          "parameters": {
+            "deletionProtection": {
+              "default": "true",
+              "description": "Whether the resource should be protected against deletion.",
+              "location": "query",
+              "type": "boolean"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{resource}/setDeletionProtection",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setDiskAutoDelete": {
+          "description": "Sets the auto-delete flag for a disk attached to an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setDiskAutoDelete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance",
+            "autoDelete",
+            "deviceName"
+          ],
+          "parameters": {
+            "autoDelete": {
+              "description": "Whether to auto-delete the disk when the instance is deleted.",
+              "location": "query",
+              "required": true,
+              "type": "boolean"
+            },
+            "deviceName": {
+              "description": "The device name of the disk to modify.",
+              "location": "query",
+              "pattern": "\\w[\\w.-]{0,254}",
+              "required": true,
+              "type": "string"
+            },
+            "instance": {
+              "description": "The instance name.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setDiskAutoDelete",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets labels on an instance. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setLabels",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setLabels",
+          "request": {
+            "$ref": "InstancesSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setMachineResources": {
+          "description": "Changes the number and/or type of accelerator for a stopped instance to the values specified in the request.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setMachineResources",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setMachineResources",
+          "request": {
+            "$ref": "InstancesSetMachineResourcesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setMachineType": {
+          "description": "Changes the machine type for a stopped instance to the machine type specified in the request.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setMachineType",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setMachineType",
+          "request": {
+            "$ref": "InstancesSetMachineTypeRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setMetadata": {
+          "description": "Sets metadata for the specified instance to the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setMetadata",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setMetadata",
+          "request": {
+            "$ref": "Metadata"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setMinCpuPlatform": {
+          "description": "Changes the minimum CPU platform that this instance should use. This method can only be called on a stopped instance. For more information, read Specifying a Minimum CPU Platform.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setMinCpuPlatform",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setMinCpuPlatform",
+          "request": {
+            "$ref": "InstancesSetMinCpuPlatformRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setScheduling": {
+          "description": "Sets an instance's scheduling options.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setScheduling",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Instance name.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setScheduling",
+          "request": {
+            "$ref": "Scheduling"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setServiceAccount": {
+          "description": "Sets the service account on the instance. For more information, read Changing the service account and access scopes for an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setServiceAccount",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance resource to start.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setServiceAccount",
+          "request": {
+            "$ref": "InstancesSetServiceAccountRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setTags": {
+          "description": "Sets tags for the specified instance to the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.instances.setTags",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/setTags",
+          "request": {
+            "$ref": "Tags"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "start": {
+          "description": "Starts an instance that was stopped using the using the instances().stop method. For more information, see Restart an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.start",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance resource to start.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/start",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "startWithEncryptionKey": {
+          "description": "Starts an instance that was stopped using the using the instances().stop method. For more information, see Restart an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.startWithEncryptionKey",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance resource to start.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/startWithEncryptionKey",
+          "request": {
+            "$ref": "InstancesStartWithEncryptionKeyRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "stop": {
+          "description": "Stops a running instance, shutting it down cleanly, and allows you to restart the instance at a later time. Stopped instances do not incur VM usage charges while they are stopped. However, resources that the VM is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted. For more information, see Stopping an instance.",
+          "httpMethod": "POST",
+          "id": "compute.instances.stop",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "Name of the instance resource to stop.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/stop",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "updateAccessConfig": {
+          "description": "Updates the specified access config from an instance's network interface with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "POST",
+          "id": "compute.instances.updateAccessConfig",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance",
+            "networkInterface"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "The instance name for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "networkInterface": {
+              "description": "The name of the network interface where the access config is attached.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/updateAccessConfig",
+          "request": {
+            "$ref": "AccessConfig"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "updateNetworkInterface": {
+          "description": "Updates an instance's network interface. This method follows PATCH semantics.",
+          "httpMethod": "PATCH",
+          "id": "compute.instances.updateNetworkInterface",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "instance",
+            "networkInterface"
+          ],
+          "parameters": {
+            "instance": {
+              "description": "The instance name for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "networkInterface": {
+              "description": "The name of the network interface to update.",
+              "location": "query",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/instances/{instance}/updateNetworkInterface",
+          "request": {
+            "$ref": "NetworkInterface"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
     },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] The name of the zone where the machine type resides, such as us-central1-a."
-    }
-   }
-  },
-  "MachineTypeAggregatedList": {
-   "id": "MachineTypeAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of MachineTypesScopedList resources.",
-     "additionalProperties": {
-      "$ref": "MachineTypesScopedList",
-      "description": "[Output Only] Name of the scope containing this set of machine types."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#machineTypeAggregatedList for aggregated lists of machine types.",
-     "default": "compute#machineTypeAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "MachineTypeList": {
-   "id": "MachineTypeList",
-   "type": "object",
-   "description": "Contains a list of machine types.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of MachineType resources.",
-     "items": {
-      "$ref": "MachineType"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#machineTypeList for lists of machine types.",
-     "default": "compute#machineTypeList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "MachineTypesScopedList": {
-   "id": "MachineTypesScopedList",
-   "type": "object",
-   "properties": {
-    "machineTypes": {
-     "type": "array",
-     "description": "[Output Only] List of machine types contained in this scope.",
-     "items": {
-      "$ref": "MachineType"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] An informational warning that appears when the machine types list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "ManagedInstance": {
-   "id": "ManagedInstance",
-   "type": "object",
-   "properties": {
-    "currentAction": {
-     "type": "string",
-     "description": "[Output Only] The current action that the managed instance group has scheduled for the instance. Possible values: \n- NONE The instance is running, and the managed instance group does not have any scheduled actions for this instance. \n- CREATING The managed instance group is creating this instance. If the group fails to create this instance, it will try again until it is successful. \n- CREATING_WITHOUT_RETRIES The managed instance group is attempting to create this instance only once. If the group fails to create this instance, it does not try again and the group's targetSize value is decreased instead. \n- RECREATING The managed instance group is recreating this instance. \n- DELETING The managed instance group is permanently deleting this instance. \n- ABANDONING The managed instance group is abandoning this instance. The instance will be removed from the instance group and from any target pools that are associated with this group. \n- RESTARTING The managed instance group is restarting the instance. \n- REFRESHING The managed instance group is applying configuration changes to the instance without stopping it. For example, the group can update the target pool list for an instance without stopping that instance.",
-     "enum": [
-      "ABANDONING",
-      "CREATING",
-      "CREATING_WITHOUT_RETRIES",
-      "DELETING",
-      "NONE",
-      "RECREATING",
-      "REFRESHING",
-      "RESTARTING"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output only] The unique identifier for this resource. This field is empty when instance does not exist.",
-     "format": "uint64"
-    },
-    "instance": {
-     "type": "string",
-     "description": "[Output Only] The URL of the instance. The URL can exist even if the instance has not yet been created."
-    },
-    "instanceStatus": {
-     "type": "string",
-     "description": "[Output Only] The status of the instance. This field is empty when the instance does not exist.",
-     "enum": [
-      "PROVISIONING",
-      "RUNNING",
-      "STAGING",
-      "STOPPED",
-      "STOPPING",
-      "SUSPENDED",
-      "SUSPENDING",
-      "TERMINATED"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "lastAttempt": {
-     "$ref": "ManagedInstanceLastAttempt",
-     "description": "[Output Only] Information about the last attempt to create or delete the instance."
-    }
-   }
-  },
-  "ManagedInstanceLastAttempt": {
-   "id": "ManagedInstanceLastAttempt",
-   "type": "object",
-   "properties": {
-    "errors": {
-     "type": "object",
-     "description": "[Output Only] Encountered errors during the last attempt to create or delete the instance.",
-     "properties": {
-      "errors": {
-       "type": "array",
-       "description": "[Output Only] The array of errors encountered while processing this operation.",
-       "items": {
-        "type": "object",
-        "properties": {
-         "code": {
-          "type": "string",
-          "description": "[Output Only] The error type identifier for this error."
-         },
-         "location": {
-          "type": "string",
-          "description": "[Output Only] Indicates the field in the request that caused the error. This property is optional."
-         },
-         "message": {
-          "type": "string",
-          "description": "[Output Only] An optional, human-readable error message."
-         }
-        }
-       }
-      }
-     }
-    }
-   }
-  },
-  "Metadata": {
-   "id": "Metadata",
-   "type": "object",
-   "description": "A metadata key/value entry.",
-   "properties": {
-    "fingerprint": {
-     "type": "string",
-     "description": "Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.",
-     "format": "byte"
-    },
-    "items": {
-     "type": "array",
-     "description": "Array of key/value pairs. The total size of all keys and values must be less than 512 KB.",
-     "items": {
-      "type": "object",
-      "properties": {
-       "key": {
-        "type": "string",
-        "description": "Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.",
-        "pattern": "[a-zA-Z0-9-_]{1,128}",
-        "annotations": {
-         "required": [
-          "compute.instances.insert",
-          "compute.projects.setCommonInstanceMetadata"
-         ]
-        }
-       },
-       "value": {
-        "type": "string",
-        "description": "Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).",
-        "annotations": {
-         "required": [
-          "compute.instances.insert",
-          "compute.projects.setCommonInstanceMetadata"
-         ]
-        }
-       }
+    "interconnectAttachments": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of interconnect attachments.",
+          "httpMethod": "GET",
+          "id": "compute.interconnectAttachments.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/interconnectAttachments",
+          "response": {
+            "$ref": "InterconnectAttachmentAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified interconnect attachment.",
+          "httpMethod": "DELETE",
+          "id": "compute.interconnectAttachments.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "interconnectAttachment"
+          ],
+          "parameters": {
+            "interconnectAttachment": {
+              "description": "Name of the interconnect attachment to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments/{interconnectAttachment}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified interconnect attachment.",
+          "httpMethod": "GET",
+          "id": "compute.interconnectAttachments.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "interconnectAttachment"
+          ],
+          "parameters": {
+            "interconnectAttachment": {
+              "description": "Name of the interconnect attachment to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments/{interconnectAttachment}",
+          "response": {
+            "$ref": "InterconnectAttachment"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an InterconnectAttachment in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.interconnectAttachments.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments",
+          "request": {
+            "$ref": "InterconnectAttachment"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of interconnect attachments contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.interconnectAttachments.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/interconnectAttachments",
+          "response": {
+            "$ref": "InterconnectAttachmentList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#metadata for metadata.",
-     "default": "compute#metadata"
-    }
-   }
-  },
-  "NamedPort": {
-   "id": "NamedPort",
-   "type": "object",
-   "description": "The named port. For example: .",
-   "properties": {
-    "name": {
-     "type": "string",
-     "description": "The name for this named port. The name must be 1-63 characters long, and comply with RFC1035."
-    },
-    "port": {
-     "type": "integer",
-     "description": "The port number, which can be a value between 1 and 65535.",
-     "format": "int32"
-    }
-   }
-  },
-  "Network": {
-   "id": "Network",
-   "type": "object",
-   "description": "Represents a Network resource. Read Networks and Firewalls for more information. (== resource_for v1.networks ==) (== resource_for beta.networks ==)",
-   "properties": {
-    "IPv4Range": {
-     "type": "string",
-     "description": "The range of internal addresses that are legal on this network. This range is a CIDR specification, for example: 192.168.0.0/16. Provided by the client when the network is created.",
-     "pattern": "[0-9]{1,3}(?:\\.[0-9]{1,3}){3}/[0-9]{1,2}"
-    },
-    "autoCreateSubnetworks": {
-     "type": "boolean",
-     "description": "When set to true, the network is created in \"auto subnet mode\". When set to false, the network is in \"custom subnet mode\".\n\nIn \"auto subnet mode\", a newly created network is assigned the default CIDR of 10.128.0.0/9 and it automatically creates one subnetwork per region."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "gatewayIPv4": {
-     "type": "string",
-     "description": "A gateway address for default routing to other networks. This value is read only and is selected by the Google Compute Engine, typically as the first usable address in the IPv4Range.",
-     "pattern": "[0-9]{1,3}(?:\\.[0-9]{1,3}){3}"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#network for networks.",
-     "default": "compute#network"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.networks.insert"
-      ]
-     }
-    },
-    "peerings": {
-     "type": "array",
-     "description": "[Output Only] List of network peerings for the resource.",
-     "items": {
-      "$ref": "NetworkPeering"
-     }
-    },
-    "routingConfig": {
-     "$ref": "NetworkRoutingConfig",
-     "description": "The network-level routing configuration for this network. Used by Cloud Router to determine what type of network-wide routing behavior to enforce."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
     },
-    "subnetworks": {
-     "type": "array",
-     "description": "[Output Only] Server-defined fully-qualified URLs for all subnetworks in this network.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "NetworkInterface": {
-   "id": "NetworkInterface",
-   "type": "object",
-   "description": "A network interface resource attached to an instance.",
-   "properties": {
-    "accessConfigs": {
-     "type": "array",
-     "description": "An array of configurations for this interface. Currently, only one access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this instance will have no external internet access.",
-     "items": {
-      "$ref": "AccessConfig"
-     }
-    },
-    "aliasIpRanges": {
-     "type": "array",
-     "description": "An array of alias IP ranges for this network interface. Can only be specified for network interfaces on subnet-mode networks.",
-     "items": {
-      "$ref": "AliasIpRange"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#networkInterface for network interfaces.",
-     "default": "compute#networkInterface"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] The name of the network interface, generated by the server. For network devices, these are eth0, eth1, etc."
-    },
-    "network": {
-     "type": "string",
-     "description": "URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.\n\nThis field is optional when creating a firewall rule. If not specified when creating a firewall rule, the default network global/networks/default is used.\n\nIf you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/project/global/networks/network \n- projects/project/global/networks/network \n- global/networks/default"
-    },
-    "networkIP": {
-     "type": "string",
-     "description": "An IPv4 internal network address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system."
-    },
-    "subnetwork": {
-     "type": "string",
-     "description": "The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not provide this property. If the network is in auto subnet mode, providing the subnetwork is optional. If the network is in custom subnet mode, then this field should be specified. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork \n- regions/region/subnetworks/subnetwork"
-    }
-   }
-  },
-  "NetworkList": {
-   "id": "NetworkList",
-   "type": "object",
-   "description": "Contains a list of networks.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Network resources.",
-     "items": {
-      "$ref": "Network"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#networkList for lists of networks.",
-     "default": "compute#networkList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "NetworkPeering": {
-   "id": "NetworkPeering",
-   "type": "object",
-   "description": "A network peering attached to a network resource. The message includes the peering name, peer network, peering state, and a flag indicating whether Google Compute Engine should automatically create routes for the peering.",
-   "properties": {
-    "autoCreateRoutes": {
-     "type": "boolean",
-     "description": "Whether full mesh connectivity is created and managed automatically. When it is set to true, Google Compute Engine will automatically create and manage the routes between two networks when the state is ACTIVE. Otherwise, user needs to create routes manually to route packets to peer network."
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of this peering. Provided by the client when the peering is created. The name must comply with RFC1035. Specifically, the name must be 1-63 characters long and match regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all the following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash."
-    },
-    "network": {
-     "type": "string",
-     "description": "The URL of the peer network. It can be either full URL or partial URL. The peer network may belong to a different project. If the partial URL does not contain project, it is assumed that the peer network is in the same project as the current network."
-    },
-    "state": {
-     "type": "string",
-     "description": "[Output Only] State for the peering.",
-     "enum": [
-      "ACTIVE",
-      "INACTIVE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "stateDetails": {
-     "type": "string",
-     "description": "[Output Only] Details about the current state of the peering."
-    }
-   }
-  },
-  "NetworkRoutingConfig": {
-   "id": "NetworkRoutingConfig",
-   "type": "object",
-   "description": "A routing configuration attached to a network resource. The message includes the list of routers associated with the network, and a flag indicating the type of routing behavior to enforce network-wide.",
-   "properties": {
-    "routingMode": {
-     "type": "string",
-     "description": "The network-wide routing mode to use. If set to REGIONAL, this network's cloud routers will only advertise routes with subnetworks of this network in the same region as the router. If set to GLOBAL, this network's cloud routers will advertise routes with all subnetworks of this network, across regions.",
-     "enum": [
-      "GLOBAL",
-      "REGIONAL"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "NetworksAddPeeringRequest": {
-   "id": "NetworksAddPeeringRequest",
-   "type": "object",
-   "properties": {
-    "autoCreateRoutes": {
-     "type": "boolean",
-     "description": "Whether Google Compute Engine manages the routes automatically."
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the peering, which should conform to RFC1035.",
-     "annotations": {
-      "required": [
-       "compute.networks.addPeering"
-      ]
-     }
-    },
-    "peerNetwork": {
-     "type": "string",
-     "description": "URL of the peer network. It can be either full URL or partial URL. The peer network may belong to a different project. If the partial URL does not contain project, it is assumed that the peer network is in the same project as the current network."
-    }
-   }
-  },
-  "NetworksRemovePeeringRequest": {
-   "id": "NetworksRemovePeeringRequest",
-   "type": "object",
-   "properties": {
-    "name": {
-     "type": "string",
-     "description": "Name of the peering, which should conform to RFC1035."
-    }
-   }
-  },
-  "Operation": {
-   "id": "Operation",
-   "type": "object",
-   "description": "An Operation resource, used to manage asynchronous API requests. (== resource_for v1.globalOperations ==) (== resource_for beta.globalOperations ==) (== resource_for v1.regionOperations ==) (== resource_for beta.regionOperations ==) (== resource_for v1.zoneOperations ==) (== resource_for beta.zoneOperations ==)",
-   "properties": {
-    "clientOperationId": {
-     "type": "string",
-     "description": "[Output Only] Reserved for future use."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Deprecated] This field is deprecated."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] A textual description of the operation, which is set when the operation is created."
-    },
-    "endTime": {
-     "type": "string",
-     "description": "[Output Only] The time that this operation was completed. This value is in RFC3339 text format."
-    },
-    "error": {
-     "type": "object",
-     "description": "[Output Only] If errors are generated during processing of the operation, this field will be populated.",
-     "properties": {
-      "errors": {
-       "type": "array",
-       "description": "[Output Only] The array of errors encountered while processing this operation.",
-       "items": {
-        "type": "object",
-        "properties": {
-         "code": {
-          "type": "string",
-          "description": "[Output Only] The error type identifier for this error."
-         },
-         "location": {
-          "type": "string",
-          "description": "[Output Only] Indicates the field in the request that caused the error. This property is optional."
-         },
-         "message": {
-          "type": "string",
-          "description": "[Output Only] An optional, human-readable error message."
-         }
-        }
-       }
-      }
-     }
-    },
-    "httpErrorMessage": {
-     "type": "string",
-     "description": "[Output Only] If the operation fails, this field contains the HTTP error message that was returned, such as NOT FOUND."
-    },
-    "httpErrorStatusCode": {
-     "type": "integer",
-     "description": "[Output Only] If the operation fails, this field contains the HTTP error status code that was returned. For example, a 404 means the resource was not found.",
-     "format": "int32"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "insertTime": {
-     "type": "string",
-     "description": "[Output Only] The time that this operation was requested. This value is in RFC3339 text format."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#operation for Operation resources.",
-     "default": "compute#operation"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource."
-    },
-    "operationType": {
-     "type": "string",
-     "description": "[Output Only] The type of operation, such as insert, update, or delete, and so on."
-    },
-    "progress": {
-     "type": "integer",
-     "description": "[Output Only] An optional progress indicator that ranges from 0 to 100. There is no requirement that this be linear or support any granularity of operations. This should not be used to guess when the operation will be complete. This number should monotonically increase as the operation progresses.",
-     "format": "int32"
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] The URL of the region where the operation resides. Only available when performing regional operations."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "startTime": {
-     "type": "string",
-     "description": "[Output Only] The time that this operation was started by the server. This value is in RFC3339 text format."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the operation, which can be one of the following: PENDING, RUNNING, or DONE.",
-     "enum": [
-      "DONE",
-      "PENDING",
-      "RUNNING"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "statusMessage": {
-     "type": "string",
-     "description": "[Output Only] An optional textual description of the current status of the operation."
-    },
-    "targetId": {
-     "type": "string",
-     "description": "[Output Only] The unique target ID, which identifies a specific incarnation of the target resource.",
-     "format": "uint64"
-    },
-    "targetLink": {
-     "type": "string",
-     "description": "[Output Only] The URL of the resource that the operation modifies. For operations related to creating a snapshot, this points to the persistent disk that the snapshot was created from."
-    },
-    "user": {
-     "type": "string",
-     "description": "[Output Only] User who requested the operation, for example: user@example.com."
-    },
-    "warnings": {
-     "type": "array",
-     "description": "[Output Only] If warning messages are generated during processing of the operation, this field will be populated.",
-     "items": {
-      "type": "object",
-      "properties": {
-       "code": {
-        "type": "string",
-        "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-        "enum": [
-         "CLEANUP_FAILED",
-         "DEPRECATED_RESOURCE_USED",
-         "DEPRECATED_TYPE_USED",
-         "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-         "EXPERIMENTAL_TYPE_USED",
-         "EXTERNAL_API_WARNING",
-         "FIELD_VALUE_OVERRIDEN",
-         "INJECTED_KERNELS_DEPRECATED",
-         "MISSING_TYPE_DEPENDENCY",
-         "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-         "NEXT_HOP_CANNOT_IP_FORWARD",
-         "NEXT_HOP_INSTANCE_NOT_FOUND",
-         "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-         "NEXT_HOP_NOT_RUNNING",
-         "NOT_CRITICAL_ERROR",
-         "NO_RESULTS_ON_PAGE",
-         "REQUIRED_TOS_AGREEMENT",
-         "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-         "RESOURCE_NOT_DELETED",
-         "SCHEMA_VALIDATION_IGNORED",
-         "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-         "UNDECLARED_PROPERTIES",
-         "UNREACHABLE"
-        ],
-        "enumDescriptions": [
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         ""
-        ]
-       },
-       "data": {
-        "type": "array",
-        "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-        "items": {
-         "type": "object",
-         "properties": {
-          "key": {
-           "type": "string",
-           "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-          },
-          "value": {
-           "type": "string",
-           "description": "[Output Only] A warning data value corresponding to the key."
-          }
-         }
-        }
-       },
-       "message": {
-        "type": "string",
-        "description": "[Output Only] A human-readable description of the warning code."
-       }
+    "interconnectLocations": {
+      "methods": {
+        "get": {
+          "description": "Returns the details for the specified interconnect location. Get a list of available interconnect locations by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.interconnectLocations.get",
+          "parameterOrder": [
+            "project",
+            "interconnectLocation"
+          ],
+          "parameters": {
+            "interconnectLocation": {
+              "description": "Name of the interconnect location to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnectLocations/{interconnectLocation}",
+          "response": {
+            "$ref": "InterconnectLocation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of interconnect locations available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.interconnectLocations.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnectLocations",
+          "response": {
+            "$ref": "InterconnectLocationList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
     },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] The URL of the zone where the operation resides. Only available when performing per-zone operations."
-    }
-   }
-  },
-  "OperationAggregatedList": {
-   "id": "OperationAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "[Output Only] A map of scoped operation lists.",
-     "additionalProperties": {
-      "$ref": "OperationsScopedList",
-      "description": "[Output Only] Name of the scope containing this set of operations."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#operationAggregatedList for aggregated lists of operations.",
-     "default": "compute#operationAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "OperationList": {
-   "id": "OperationList",
-   "type": "object",
-   "description": "Contains a list of Operation resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "[Output Only] A list of Operation resources.",
-     "items": {
-      "$ref": "Operation"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#operations for Operations resource.",
-     "default": "compute#operationList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "OperationsScopedList": {
-   "id": "OperationsScopedList",
-   "type": "object",
-   "properties": {
-    "operations": {
-     "type": "array",
-     "description": "[Output Only] List of operations contained in this scope.",
-     "items": {
-      "$ref": "Operation"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of operations when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "interconnects": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified interconnect.",
+          "httpMethod": "DELETE",
+          "id": "compute.interconnects.delete",
+          "parameterOrder": [
+            "project",
+            "interconnect"
+          ],
+          "parameters": {
+            "interconnect": {
+              "description": "Name of the interconnect to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects/{interconnect}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified interconnect. Get a list of available interconnects by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.interconnects.get",
+          "parameterOrder": [
+            "project",
+            "interconnect"
+          ],
+          "parameters": {
+            "interconnect": {
+              "description": "Name of the interconnect to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects/{interconnect}",
+          "response": {
+            "$ref": "Interconnect"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a Interconnect in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.interconnects.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects",
+          "request": {
+            "$ref": "Interconnect"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of interconnect available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.interconnects.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects",
+          "response": {
+            "$ref": "InterconnectList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates the specified interconnect with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.interconnects.patch",
+          "parameterOrder": [
+            "project",
+            "interconnect"
+          ],
+          "parameters": {
+            "interconnect": {
+              "description": "Name of the interconnect to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/interconnects/{interconnect}",
+          "request": {
+            "$ref": "Interconnect"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "PathMatcher": {
-   "id": "PathMatcher",
-   "type": "object",
-   "description": "A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.",
-   "properties": {
-    "defaultService": {
-     "type": "string",
-     "description": "The full or partial URL to the BackendService resource. This will be used if none of the pathRules defined by this PathMatcher is matched by the URL's path portion. For example, the following are all valid URLs to a BackendService resource:  \n- https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService \n- compute/v1/projects/project/global/backendServices/backendService \n- global/backendServices/backendService"
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "name": {
-     "type": "string",
-     "description": "The name to which this PathMatcher is referred by the HostRule."
-    },
-    "pathRules": {
-     "type": "array",
-     "description": "The list of path rules.",
-     "items": {
-      "$ref": "PathRule"
-     }
-    }
-   }
-  },
-  "PathRule": {
-   "id": "PathRule",
-   "type": "object",
-   "description": "A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.",
-   "properties": {
-    "paths": {
-     "type": "array",
-     "description": "The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "service": {
-     "type": "string",
-     "description": "The URL of the BackendService resource if this rule is matched."
-    }
-   }
-  },
-  "Project": {
-   "id": "Project",
-   "type": "object",
-   "description": "A Project resource. Projects can only be created in the Google Cloud Platform Console. Unless marked otherwise, values can only be modified in the console. (== resource_for v1.projects ==) (== resource_for beta.projects ==)",
-   "properties": {
-    "commonInstanceMetadata": {
-     "$ref": "Metadata",
-     "description": "Metadata key/value pairs available to all instances contained in this project. See Custom metadata for more information."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "defaultServiceAccount": {
-     "type": "string",
-     "description": "[Output Only] Default service account used by VMs running in this project."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional textual description of the resource."
-    },
-    "enabledFeatures": {
-     "type": "array",
-     "description": "Restricted features enabled for use on this project.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server. This is not the project ID, and is just a unique ID used by Compute Engine to identify resources.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#project for projects.",
-     "default": "compute#project"
-    },
-    "name": {
-     "type": "string",
-     "description": "The project ID. For example: my-example-project. Use the project ID to make requests to Compute Engine."
-    },
-    "quotas": {
-     "type": "array",
-     "description": "[Output Only] Quotas assigned to this project.",
-     "items": {
-      "$ref": "Quota"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "usageExportLocation": {
-     "$ref": "UsageExportLocation",
-     "description": "The naming prefix for daily usage reports and the Google Cloud Storage bucket where they are stored."
-    },
-    "xpnProjectStatus": {
-     "type": "string",
-     "description": "[Output Only] The role this project has in a shared VPC configuration. Currently only HOST projects are differentiated.",
-     "enum": [
-      "HOST",
-      "UNSPECIFIED_XPN_PROJECT_STATUS"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "ProjectsDisableXpnResourceRequest": {
-   "id": "ProjectsDisableXpnResourceRequest",
-   "type": "object",
-   "properties": {
-    "xpnResource": {
-     "$ref": "XpnResourceId",
-     "description": "Service resource (a.k.a service project) ID."
-    }
-   }
-  },
-  "ProjectsEnableXpnResourceRequest": {
-   "id": "ProjectsEnableXpnResourceRequest",
-   "type": "object",
-   "properties": {
-    "xpnResource": {
-     "$ref": "XpnResourceId",
-     "description": "Service resource (a.k.a service project) ID."
-    }
-   }
-  },
-  "ProjectsGetXpnResources": {
-   "id": "ProjectsGetXpnResources",
-   "type": "object",
-   "properties": {
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#projectsGetXpnResources for lists of service resources (a.k.a service projects)",
-     "default": "compute#projectsGetXpnResources"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "resources": {
-     "type": "array",
-     "description": "Service resources (a.k.a service projects) attached to this project as their shared VPC host.",
-     "items": {
-      "$ref": "XpnResourceId"
-     }
-    }
-   }
-  },
-  "ProjectsListXpnHostsRequest": {
-   "id": "ProjectsListXpnHostsRequest",
-   "type": "object",
-   "properties": {
-    "organization": {
-     "type": "string",
-     "description": "Optional organization ID managed by Cloud Resource Manager, for which to list shared VPC host projects. If not specified, the organization will be inferred from the project."
-    }
-   }
-  },
-  "Quota": {
-   "id": "Quota",
-   "type": "object",
-   "description": "A quotas entry.",
-   "properties": {
-    "limit": {
-     "type": "number",
-     "description": "[Output Only] Quota limit for this metric.",
-     "format": "double"
-    },
-    "metric": {
-     "type": "string",
-     "description": "[Output Only] Name of the quota metric.",
-     "enum": [
-      "AUTOSCALERS",
-      "BACKEND_BUCKETS",
-      "BACKEND_SERVICES",
-      "COMMITMENTS",
-      "CPUS",
-      "CPUS_ALL_REGIONS",
-      "DISKS_TOTAL_GB",
-      "FIREWALLS",
-      "FORWARDING_RULES",
-      "HEALTH_CHECKS",
-      "IMAGES",
-      "INSTANCES",
-      "INSTANCE_GROUPS",
-      "INSTANCE_GROUP_MANAGERS",
-      "INSTANCE_TEMPLATES",
-      "INTERCONNECTS",
-      "INTERNAL_ADDRESSES",
-      "IN_USE_ADDRESSES",
-      "LOCAL_SSD_TOTAL_GB",
-      "NETWORKS",
-      "NVIDIA_K80_GPUS",
-      "NVIDIA_P100_GPUS",
-      "PREEMPTIBLE_CPUS",
-      "PREEMPTIBLE_LOCAL_SSD_GB",
-      "PREEMPTIBLE_NVIDIA_K80_GPUS",
-      "PREEMPTIBLE_NVIDIA_P100_GPUS",
-      "REGIONAL_AUTOSCALERS",
-      "REGIONAL_INSTANCE_GROUP_MANAGERS",
-      "ROUTERS",
-      "ROUTES",
-      "SECURITY_POLICIES",
-      "SECURITY_POLICY_RULES",
-      "SNAPSHOTS",
-      "SSD_TOTAL_GB",
-      "SSL_CERTIFICATES",
-      "STATIC_ADDRESSES",
-      "SUBNETWORKS",
-      "TARGET_HTTPS_PROXIES",
-      "TARGET_HTTP_PROXIES",
-      "TARGET_INSTANCES",
-      "TARGET_POOLS",
-      "TARGET_SSL_PROXIES",
-      "TARGET_TCP_PROXIES",
-      "TARGET_VPN_GATEWAYS",
-      "URL_MAPS",
-      "VPN_TUNNELS"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "usage": {
-     "type": "number",
-     "description": "[Output Only] Current usage of this metric.",
-     "format": "double"
-    }
-   }
-  },
-  "Region": {
-   "id": "Region",
-   "type": "object",
-   "description": "Region resource. (== resource_for beta.regions ==) (== resource_for v1.regions ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "deprecated": {
-     "$ref": "DeprecationStatus",
-     "description": "[Output Only] The deprecation status associated with this region."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] Textual description of the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#region for regions.",
-     "default": "compute#region"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource."
-    },
-    "quotas": {
-     "type": "array",
-     "description": "[Output Only] Quotas assigned to this region.",
-     "items": {
-      "$ref": "Quota"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] Status of the region, either UP or DOWN.",
-     "enum": [
-      "DOWN",
-      "UP"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
     },
-    "zones": {
-     "type": "array",
-     "description": "[Output Only] A list of zones available in this region, in the form of resource URLs.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "RegionAutoscalerList": {
-   "id": "RegionAutoscalerList",
-   "type": "object",
-   "description": "Contains a list of autoscalers.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Autoscaler resources.",
-     "items": {
-      "$ref": "Autoscaler"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#regionAutoscalerList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupList": {
-   "id": "RegionInstanceGroupList",
-   "type": "object",
-   "description": "Contains a list of InstanceGroup resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceGroup resources.",
-     "items": {
-      "$ref": "InstanceGroup"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "The resource type.",
-     "default": "compute#regionInstanceGroupList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagerList": {
-   "id": "RegionInstanceGroupManagerList",
-   "type": "object",
-   "description": "Contains a list of managed instance groups.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceGroupManager resources.",
-     "items": {
-      "$ref": "InstanceGroupManager"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The resource type, which is always compute#instanceGroupManagerList for a list of managed instance groups that exist in th regional scope.",
-     "default": "compute#regionInstanceGroupManagerList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
+    "licenses": {
+      "methods": {
+        "get": {
+          "description": "Returns the specified License resource.",
+          "httpMethod": "GET",
+          "id": "compute.licenses.get",
+          "parameterOrder": [
+            "project",
+            "license"
+          ],
+          "parameters": {
+            "license": {
+              "description": "Name of the License resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/licenses/{license}",
+          "response": {
+            "$ref": "License"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagersAbandonInstancesRequest": {
-   "id": "RegionInstanceGroupManagersAbandonInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The URLs of one or more instances to abandon. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagersDeleteInstancesRequest": {
-   "id": "RegionInstanceGroupManagersDeleteInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The URLs of one or more instances to delete. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagersListInstancesResponse": {
-   "id": "RegionInstanceGroupManagersListInstancesResponse",
-   "type": "object",
-   "properties": {
-    "managedInstances": {
-     "type": "array",
-     "description": "List of managed instances.",
-     "items": {
-      "$ref": "ManagedInstance"
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagersRecreateRequest": {
-   "id": "RegionInstanceGroupManagersRecreateRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "The URLs of one or more instances to recreate. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagersSetTargetPoolsRequest": {
-   "id": "RegionInstanceGroupManagersSetTargetPoolsRequest",
-   "type": "object",
-   "properties": {
-    "fingerprint": {
-     "type": "string",
-     "description": "Fingerprint of the target pools information, which is a hash of the contents. This field is used for optimistic locking when you update the target pool entries. This field is optional.",
-     "format": "byte"
-    },
-    "targetPools": {
-     "type": "array",
-     "description": "The URL of all TargetPool resources to which instances in the instanceGroup field are added. The target pools automatically apply to all of the instances in the managed instance group.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupManagersSetTemplateRequest": {
-   "id": "RegionInstanceGroupManagersSetTemplateRequest",
-   "type": "object",
-   "properties": {
-    "instanceTemplate": {
-     "type": "string",
-     "description": "URL of the InstanceTemplate resource from which all new instances will be created."
-    }
-   }
-  },
-  "RegionInstanceGroupsListInstances": {
-   "id": "RegionInstanceGroupsListInstances",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of InstanceWithNamedPorts resources.",
-     "items": {
-      "$ref": "InstanceWithNamedPorts"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "The resource type.",
-     "default": "compute#regionInstanceGroupsListInstances"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "RegionInstanceGroupsListInstancesRequest": {
-   "id": "RegionInstanceGroupsListInstancesRequest",
-   "type": "object",
-   "properties": {
-    "instanceState": {
-     "type": "string",
-     "description": "Instances in which state should be returned. Valid options are: 'ALL', 'RUNNING'. By default, it lists all instances.",
-     "enum": [
-      "ALL",
-      "RUNNING"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "portName": {
-     "type": "string",
-     "description": "Name of port user is interested in. It is optional. If it is set, only information about this ports will be returned. If it is not set, all the named ports will be returned. Always lists all instances.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    }
-   }
-  },
-  "RegionInstanceGroupsSetNamedPortsRequest": {
-   "id": "RegionInstanceGroupsSetNamedPortsRequest",
-   "type": "object",
-   "properties": {
-    "fingerprint": {
-     "type": "string",
-     "description": "The fingerprint of the named ports information for this instance group. Use this optional property to prevent conflicts when multiple users change the named ports settings concurrently. Obtain the fingerprint with the instanceGroups.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.",
-     "format": "byte"
-    },
-    "namedPorts": {
-     "type": "array",
-     "description": "The list of named ports to set for this instance group.",
-     "items": {
-      "$ref": "NamedPort"
-     }
-    }
-   }
-  },
-  "RegionList": {
-   "id": "RegionList",
-   "type": "object",
-   "description": "Contains a list of region resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Region resources.",
-     "items": {
-      "$ref": "Region"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#regionList for lists of regions.",
-     "default": "compute#regionList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "ResourceCommitment": {
-   "id": "ResourceCommitment",
-   "type": "object",
-   "description": "Commitment for a particular resource (a Commitment is composed of one or more of these).",
-   "properties": {
-    "amount": {
-     "type": "string",
-     "description": "The amount of the resource purchased (in a type-dependent unit, such as bytes). For vCPUs, this can just be an integer. For memory, this must be provided in MB. Memory must be a multiple of 256 MB, with up to 6.5GB of memory per every vCPU.",
-     "format": "int64"
-    },
-    "type": {
-     "type": "string",
-     "description": "Type of resource for which this commitment applies. Possible values are VCPU and MEMORY",
-     "enum": [
-      "MEMORY",
-      "UNSPECIFIED",
-      "VCPU"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "ResourceGroupReference": {
-   "id": "ResourceGroupReference",
-   "type": "object",
-   "properties": {
-    "group": {
-     "type": "string",
-     "description": "A URI referencing one of the instance groups listed in the backend service."
-    }
-   }
-  },
-  "Route": {
-   "id": "Route",
-   "type": "object",
-   "description": "Represents a Route resource. A route specifies how certain packets should be handled by the network. Routes are associated with instances by tags and the set of routes for a particular instance is called its routing table.\n\nFor each packet leaving an instance, the system searches that instance's routing table for a single best matching route. Routes match packets by destination IP address, preferring smaller or more specific ranges over larger ones. If there is a tie, the system selects the route with the smallest priority value. If there is still a tie, it uses the layer three and four packet headers to select just one of the remaining matching routes. The packet is then forwarded as specified by the nextHop field of the winning route - either to another instance destination, an instance gateway, or a Google Compute Engine-operated gateway.\n\nPackets that do not match any route in the sending instance's routing table are dropped. (== resource_for beta.routes ==) (== resource_for v1.routes ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "destRange": {
-     "type": "string",
-     "description": "The destination range of outgoing packets that this route applies to. Only IPv4 is supported.",
-     "annotations": {
-      "required": [
-       "compute.routes.insert"
-      ]
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of this resource. Always compute#routes for Route resources.",
-     "default": "compute#route"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.routes.insert"
-      ]
-     }
-    },
-    "network": {
-     "type": "string",
-     "description": "Fully-qualified URL of the network that this route applies to.",
-     "annotations": {
-      "required": [
-       "compute.routes.insert"
-      ]
-     }
-    },
-    "nextHopGateway": {
-     "type": "string",
-     "description": "The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/\u003cproject-id\u003e/global/gateways/default-internet-gateway"
-    },
-    "nextHopInstance": {
-     "type": "string",
-     "description": "The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:\nhttps://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/"
-    },
-    "nextHopIp": {
-     "type": "string",
-     "description": "The network IP address of an instance that should handle matching packets. Only IPv4 is supported."
-    },
-    "nextHopNetwork": {
-     "type": "string",
-     "description": "The URL of the local network if it should handle matching packets."
-    },
-    "nextHopPeering": {
-     "type": "string",
-     "description": "[Output Only] The network peering name that should handle matching packets, which should conform to RFC1035."
-    },
-    "nextHopVpnTunnel": {
-     "type": "string",
-     "description": "The URL to a VpnTunnel that should handle matching packets."
-    },
-    "priority": {
-     "type": "integer",
-     "description": "The priority of this route. Priority is used to break ties in cases where there is more than one matching route of equal prefix length. In the case of two routes with equal prefix length, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.",
-     "format": "uint32",
-     "annotations": {
-      "required": [
-       "compute.routes.insert"
-      ]
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined fully-qualified URL for this resource."
-    },
-    "tags": {
-     "type": "array",
-     "description": "A list of instance tags to which this route applies.",
-     "items": {
-      "type": "string"
-     },
-     "annotations": {
-      "required": [
-       "compute.routes.insert"
-      ]
-     }
-    },
-    "warnings": {
-     "type": "array",
-     "description": "[Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.",
-     "items": {
-      "type": "object",
-      "properties": {
-       "code": {
-        "type": "string",
-        "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-        "enum": [
-         "CLEANUP_FAILED",
-         "DEPRECATED_RESOURCE_USED",
-         "DEPRECATED_TYPE_USED",
-         "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-         "EXPERIMENTAL_TYPE_USED",
-         "EXTERNAL_API_WARNING",
-         "FIELD_VALUE_OVERRIDEN",
-         "INJECTED_KERNELS_DEPRECATED",
-         "MISSING_TYPE_DEPENDENCY",
-         "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-         "NEXT_HOP_CANNOT_IP_FORWARD",
-         "NEXT_HOP_INSTANCE_NOT_FOUND",
-         "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-         "NEXT_HOP_NOT_RUNNING",
-         "NOT_CRITICAL_ERROR",
-         "NO_RESULTS_ON_PAGE",
-         "REQUIRED_TOS_AGREEMENT",
-         "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-         "RESOURCE_NOT_DELETED",
-         "SCHEMA_VALIDATION_IGNORED",
-         "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-         "UNDECLARED_PROPERTIES",
-         "UNREACHABLE"
-        ],
-        "enumDescriptions": [
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         "",
-         ""
-        ]
-       },
-       "data": {
-        "type": "array",
-        "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-        "items": {
-         "type": "object",
-         "properties": {
-          "key": {
-           "type": "string",
-           "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-          },
-          "value": {
-           "type": "string",
-           "description": "[Output Only] A warning data value corresponding to the key."
-          }
-         }
-        }
-       },
-       "message": {
-        "type": "string",
-        "description": "[Output Only] A human-readable description of the warning code."
-       }
-      }
-     }
-    }
-   }
-  },
-  "RouteList": {
-   "id": "RouteList",
-   "type": "object",
-   "description": "Contains a list of Route resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Route resources.",
-     "items": {
-      "$ref": "Route"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#routeList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "Router": {
-   "id": "Router",
-   "type": "object",
-   "description": "Router resource.",
-   "properties": {
-    "bgp": {
-     "$ref": "RouterBgp",
-     "description": "BGP information specific to this router."
-    },
-    "bgpPeers": {
-     "type": "array",
-     "description": "BGP information that needs to be configured into the routing stack to establish the BGP peering. It must specify peer ASN and either interface name, IP, or peer IP. Please refer to RFC4273.",
-     "items": {
-      "$ref": "RouterBgpPeer"
-     }
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "interfaces": {
-     "type": "array",
-     "description": "Router interfaces. Each interface requires either one linked resource (e.g. linkedVpnTunnel), or IP address and IP address range (e.g. ipRange), or both.",
-     "items": {
-      "$ref": "RouterInterface"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#router for routers.",
-     "default": "compute#router"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.routers.insert"
-      ]
-     }
-    },
-    "network": {
-     "type": "string",
-     "description": "URI of the network to which this router belongs.",
-     "annotations": {
-      "required": [
-       "compute.routers.insert"
-      ]
-     }
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URI of the region where the router resides."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "RouterAggregatedList": {
-   "id": "RouterAggregatedList",
-   "type": "object",
-   "description": "Contains a list of routers.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of Router resources.",
-     "additionalProperties": {
-      "$ref": "RoutersScopedList",
-      "description": "Name of the scope containing this set of routers."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#routerAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "RouterBgp": {
-   "id": "RouterBgp",
-   "type": "object",
-   "properties": {
-    "asn": {
-     "type": "integer",
-     "description": "Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.",
-     "format": "uint32"
-    }
-   }
-  },
-  "RouterBgpPeer": {
-   "id": "RouterBgpPeer",
-   "type": "object",
-   "properties": {
-    "advertisedRoutePriority": {
-     "type": "integer",
-     "description": "The priority of routes advertised to this BGP peer. In the case where there is more than one matching route of maximum length, the routes with lowest priority value win.",
-     "format": "uint32"
-    },
-    "interfaceName": {
-     "type": "string",
-     "description": "Name of the interface the BGP peer is associated with."
-    },
-    "ipAddress": {
-     "type": "string",
-     "description": "IP address of the interface inside Google Cloud Platform. Only IPv4 is supported."
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of this BGP peer. The name must be 1-63 characters long and comply with RFC1035.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "peerAsn": {
-     "type": "integer",
-     "description": "Peer BGP Autonomous System Number (ASN). For VPN use case, this value can be different for every tunnel.",
-     "format": "uint32"
-    },
-    "peerIpAddress": {
-     "type": "string",
-     "description": "IP address of the BGP interface outside Google cloud. Only IPv4 is supported."
-    }
-   }
-  },
-  "RouterInterface": {
-   "id": "RouterInterface",
-   "type": "object",
-   "properties": {
-    "ipRange": {
-     "type": "string",
-     "description": "IP address and range of the interface. The IP range must be in the RFC3927 link-local IP space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface."
-    },
-    "linkedInterconnectAttachment": {
-     "type": "string",
-     "description": "URI of the linked interconnect attachment. It must be in the same region as the router. Each interface can have at most one linked resource and it could either be a VPN Tunnel or an interconnect attachment."
-    },
-    "linkedVpnTunnel": {
-     "type": "string",
-     "description": "URI of the linked VPN tunnel. It must be in the same region as the router. Each interface can have at most one linked resource and it could either be a VPN Tunnel or an interconnect attachment."
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of this interface entry. The name must be 1-63 characters long and comply with RFC1035.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    }
-   }
-  },
-  "RouterList": {
-   "id": "RouterList",
-   "type": "object",
-   "description": "Contains a list of Router resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Router resources.",
-     "items": {
-      "$ref": "Router"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#router for routers.",
-     "default": "compute#routerList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "RouterStatus": {
-   "id": "RouterStatus",
-   "type": "object",
-   "properties": {
-    "bestRoutes": {
-     "type": "array",
-     "description": "Best routes for this router's network.",
-     "items": {
-      "$ref": "Route"
-     }
-    },
-    "bestRoutesForRouter": {
-     "type": "array",
-     "description": "Best routes learned by this router.",
-     "items": {
-      "$ref": "Route"
-     }
-    },
-    "bgpPeerStatus": {
-     "type": "array",
-     "items": {
-      "$ref": "RouterStatusBgpPeerStatus"
-     }
-    },
-    "network": {
-     "type": "string",
-     "description": "URI of the network to which this router belongs."
-    }
-   }
-  },
-  "RouterStatusBgpPeerStatus": {
-   "id": "RouterStatusBgpPeerStatus",
-   "type": "object",
-   "properties": {
-    "advertisedRoutes": {
-     "type": "array",
-     "description": "Routes that were advertised to the remote BGP peer",
-     "items": {
-      "$ref": "Route"
-     }
-    },
-    "ipAddress": {
-     "type": "string",
-     "description": "IP address of the local BGP interface."
-    },
-    "linkedVpnTunnel": {
-     "type": "string",
-     "description": "URL of the VPN tunnel that this BGP peer controls."
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of this BGP peer. Unique within the Routers resource."
-    },
-    "numLearnedRoutes": {
-     "type": "integer",
-     "description": "Number of routes learned from the remote BGP Peer.",
-     "format": "uint32"
-    },
-    "peerIpAddress": {
-     "type": "string",
-     "description": "IP address of the remote BGP interface."
-    },
-    "state": {
-     "type": "string",
-     "description": "BGP state as specified in RFC1771."
-    },
-    "status": {
-     "type": "string",
-     "description": "Status of the BGP peer: {UP, DOWN}",
-     "enum": [
-      "DOWN",
-      "UNKNOWN",
-      "UP"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      ""
-     ]
-    },
-    "uptime": {
-     "type": "string",
-     "description": "Time this session has been up. Format: 14 years, 51 weeks, 6 days, 23 hours, 59 minutes, 59 seconds"
-    },
-    "uptimeSeconds": {
-     "type": "string",
-     "description": "Time this session has been up, in seconds. Format: 145"
-    }
-   }
-  },
-  "RouterStatusResponse": {
-   "id": "RouterStatusResponse",
-   "type": "object",
-   "properties": {
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#routerStatusResponse"
-    },
-    "result": {
-     "$ref": "RouterStatus"
-    }
-   }
-  },
-  "RoutersPreviewResponse": {
-   "id": "RoutersPreviewResponse",
-   "type": "object",
-   "properties": {
-    "resource": {
-     "$ref": "Router",
-     "description": "Preview of given router."
-    }
-   }
-  },
-  "RoutersScopedList": {
-   "id": "RoutersScopedList",
-   "type": "object",
-   "properties": {
-    "routers": {
-     "type": "array",
-     "description": "List of routers contained in this scope.",
-     "items": {
-      "$ref": "Router"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of routers when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "SSLHealthCheck": {
-   "id": "SSLHealthCheck",
-   "type": "object",
-   "properties": {
-    "port": {
-     "type": "integer",
-     "description": "The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.",
-     "format": "int32"
-    },
-    "portName": {
-     "type": "string",
-     "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence."
-    },
-    "proxyHeader": {
-     "type": "string",
-     "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "request": {
-     "type": "string",
-     "description": "The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII."
-    },
-    "response": {
-     "type": "string",
-     "description": "The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII."
-    }
-   }
-  },
-  "Scheduling": {
-   "id": "Scheduling",
-   "type": "object",
-   "description": "Sets the scheduling options for an Instance.",
-   "properties": {
-    "automaticRestart": {
-     "type": "boolean",
-     "description": "Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.\n\nBy default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine."
-    },
-    "onHostMaintenance": {
-     "type": "string",
-     "description": "Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Setting Instance Scheduling Options.",
-     "enum": [
-      "MIGRATE",
-      "TERMINATE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "preemptible": {
-     "type": "boolean",
-     "description": "Defines whether the instance is preemptible. This can only be set during instance creation, it cannot be set or changed after the instance has been created."
-    }
-   }
-  },
-  "SerialPortOutput": {
-   "id": "SerialPortOutput",
-   "type": "object",
-   "description": "An instance's serial console output.",
-   "properties": {
-    "contents": {
-     "type": "string",
-     "description": "[Output Only] The contents of the console output."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#serialPortOutput for serial port output.",
-     "default": "compute#serialPortOutput"
-    },
-    "next": {
-     "type": "string",
-     "description": "[Output Only] The position of the next byte of content from the serial console output. Use this value in the next request as the start parameter.",
-     "format": "int64"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "start": {
-     "type": "string",
-     "description": "The starting byte position of the output that was returned. This should match the start parameter sent with the request. If the serial console output exceeds the size of the buffer, older output will be overwritten by newer content and the start values will be mismatched.",
-     "format": "int64"
-    }
-   }
-  },
-  "ServiceAccount": {
-   "id": "ServiceAccount",
-   "type": "object",
-   "description": "A service account.",
-   "properties": {
-    "email": {
-     "type": "string",
-     "description": "Email address of the service account."
-    },
-    "scopes": {
-     "type": "array",
-     "description": "The list of scopes to be made available for this service account.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "Snapshot": {
-   "id": "Snapshot",
-   "type": "object",
-   "description": "A persistent disk snapshot resource. (== resource_for beta.snapshots ==) (== resource_for v1.snapshots ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "diskSizeGb": {
-     "type": "string",
-     "description": "[Output Only] Size of the snapshot, specified in GB.",
-     "format": "int64"
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.",
-     "default": "compute#snapshot"
-    },
-    "labelFingerprint": {
-     "type": "string",
-     "description": "A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a snapshot.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    },
-    "licenses": {
-     "type": "array",
-     "description": "[Output Only] A list of public visible licenses that apply to this snapshot. This can be because the original image had licenses attached (such as a Windows image).",
-     "items": {
-      "type": "string"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "snapshotEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "Encrypts the snapshot using a customer-supplied encryption key.\n\nAfter you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the image later For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.\n\nCustomer-supplied encryption keys do not protect access to metadata of the disk.\n\nIf you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later."
-    },
-    "sourceDisk": {
-     "type": "string",
-     "description": "[Output Only] The source disk used to create this snapshot."
-    },
-    "sourceDiskEncryptionKey": {
-     "$ref": "CustomerEncryptionKey",
-     "description": "The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key."
-    },
-    "sourceDiskId": {
-     "type": "string",
-     "description": "[Output Only] The ID value of the disk used to create this snapshot. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given disk name."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the snapshot. This can be CREATING, DELETING, FAILED, READY, or UPLOADING.",
-     "enum": [
-      "CREATING",
-      "DELETING",
-      "FAILED",
-      "READY",
-      "UPLOADING"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "storageBytes": {
-     "type": "string",
-     "description": "[Output Only] A size of the storage used by the snapshot. As snapshots share storage, this number is expected to change with snapshot creation/deletion.",
-     "format": "int64"
-    },
-    "storageBytesStatus": {
-     "type": "string",
-     "description": "[Output Only] An indicator whether storageBytes is in a stable state or it is being adjusted as a result of shared storage reallocation. This status can either be UPDATING, meaning the size of the snapshot is being updated, or UP_TO_DATE, meaning the size of the snapshot is up-to-date.",
-     "enum": [
-      "UPDATING",
-      "UP_TO_DATE"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "SnapshotList": {
-   "id": "SnapshotList",
-   "type": "object",
-   "description": "Contains a list of Snapshot resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Snapshot resources.",
-     "items": {
-      "$ref": "Snapshot"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#snapshotList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "SslCertificate": {
-   "id": "SslCertificate",
-   "type": "object",
-   "description": "An SslCertificate resource. This resource provides a mechanism to upload an SSL key and certificate to the load balancer to serve secure connections from the user. (== resource_for beta.sslCertificates ==) (== resource_for v1.sslCertificates ==)",
-   "properties": {
-    "certificate": {
-     "type": "string",
-     "description": "A local certificate file. The certificate must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#sslCertificate for SSL certificates.",
-     "default": "compute#sslCertificate"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "privateKey": {
-     "type": "string",
-     "description": "A write-only private key in PEM format. Only insert requests will include this field."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "SslCertificateList": {
-   "id": "SslCertificateList",
-   "type": "object",
-   "description": "Contains a list of SslCertificate resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of SslCertificate resources.",
-     "items": {
-      "$ref": "SslCertificate"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#sslCertificateList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "Subnetwork": {
-   "id": "Subnetwork",
-   "type": "object",
-   "description": "A Subnetwork resource. (== resource_for beta.subnetworks ==) (== resource_for v1.subnetworks ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time."
-    },
-    "gatewayAddress": {
-     "type": "string",
-     "description": "[Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork. This field can be set only at resource creation time."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "ipCidrRange": {
-     "type": "string",
-     "description": "The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or 192.168.0.0/16. Ranges must be unique and non-overlapping within a network. Only IPv4 is supported. This field can be set only at resource creation time."
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#subnetwork for Subnetwork resources.",
-     "default": "compute#subnetwork"
-    },
-    "name": {
-     "type": "string",
-     "description": "The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "network": {
-     "type": "string",
-     "description": "The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time."
-    },
-    "privateIpGoogleAccess": {
-     "type": "boolean",
-     "description": "Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess."
-    },
-    "region": {
-     "type": "string",
-     "description": "URL of the region where the Subnetwork resides. This field can be set only at resource creation time."
-    },
-    "secondaryIpRanges": {
-     "type": "array",
-     "description": "An array of configurations for secondary IP ranges for VM instances contained in this subnetwork. The primary IP of such VM must belong to the primary ipCidrRange of the subnetwork. The alias IPs may belong to either primary or secondary ranges.",
-     "items": {
-      "$ref": "SubnetworkSecondaryRange"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    }
-   }
-  },
-  "SubnetworkAggregatedList": {
-   "id": "SubnetworkAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of SubnetworksScopedList resources.",
-     "additionalProperties": {
-      "$ref": "SubnetworksScopedList",
-      "description": "Name of the scope containing this set of Subnetworks."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#subnetworkAggregatedList for aggregated lists of subnetworks.",
-     "default": "compute#subnetworkAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "SubnetworkList": {
-   "id": "SubnetworkList",
-   "type": "object",
-   "description": "Contains a list of Subnetwork resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Subnetwork resources.",
-     "items": {
-      "$ref": "Subnetwork"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#subnetworkList for lists of subnetworks.",
-     "default": "compute#subnetworkList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "SubnetworkSecondaryRange": {
-   "id": "SubnetworkSecondaryRange",
-   "type": "object",
-   "description": "Represents a secondary IP range of a subnetwork.",
-   "properties": {
-    "ipCidrRange": {
-     "type": "string",
-     "description": "The range of IP addresses belonging to this subnetwork secondary range. Provide this property when you create the subnetwork. Ranges must be unique and non-overlapping with all primary and secondary IP ranges within a network. Only IPv4 is supported."
-    },
-    "rangeName": {
-     "type": "string",
-     "description": "The name associated with this subnetwork secondary range, used when adding an alias IP range to a VM instance. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the subnetwork."
-    }
-   }
-  },
-  "SubnetworksExpandIpCidrRangeRequest": {
-   "id": "SubnetworksExpandIpCidrRangeRequest",
-   "type": "object",
-   "properties": {
-    "ipCidrRange": {
-     "type": "string",
-     "description": "The IP (in CIDR format or netmask) of internal addresses that are legal on this Subnetwork. This range should be disjoint from other subnetworks within this network. This range can only be larger than (i.e. a superset of) the range previously defined before the update."
-    }
-   }
-  },
-  "SubnetworksScopedList": {
-   "id": "SubnetworksScopedList",
-   "type": "object",
-   "properties": {
-    "subnetworks": {
-     "type": "array",
-     "description": "List of subnetworks contained in this scope.",
-     "items": {
-      "$ref": "Subnetwork"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "An informational warning that appears when the list of addresses is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "SubnetworksSetPrivateIpGoogleAccessRequest": {
-   "id": "SubnetworksSetPrivateIpGoogleAccessRequest",
-   "type": "object",
-   "properties": {
-    "privateIpGoogleAccess": {
-     "type": "boolean"
-    }
-   }
-  },
-  "TCPHealthCheck": {
-   "id": "TCPHealthCheck",
-   "type": "object",
-   "properties": {
-    "port": {
-     "type": "integer",
-     "description": "The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.",
-     "format": "int32"
-    },
-    "portName": {
-     "type": "string",
-     "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence."
-    },
-    "proxyHeader": {
-     "type": "string",
-     "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "request": {
-     "type": "string",
-     "description": "The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII."
-    },
-    "response": {
-     "type": "string",
-     "description": "The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII."
-    }
-   }
-  },
-  "Tags": {
-   "id": "Tags",
-   "type": "object",
-   "description": "A set of instance tags.",
-   "properties": {
-    "fingerprint": {
-     "type": "string",
-     "description": "Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.\n\nTo see the latest fingerprint, make get() request to the instance.",
-     "format": "byte"
-    },
-    "items": {
-     "type": "array",
-     "description": "An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "TargetHttpProxy": {
-   "id": "TargetHttpProxy",
-   "type": "object",
-   "description": "A TargetHttpProxy resource. This resource defines an HTTP proxy. (== resource_for beta.targetHttpProxies ==) (== resource_for v1.targetHttpProxies ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.",
-     "default": "compute#targetHttpProxy"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "urlMap": {
-     "type": "string",
-     "description": "URL to the UrlMap resource that defines the mapping from URL to the BackendService."
-    }
-   }
-  },
-  "TargetHttpProxyList": {
-   "id": "TargetHttpProxyList",
-   "type": "object",
-   "description": "A list of TargetHttpProxy resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetHttpProxy resources.",
-     "items": {
-      "$ref": "TargetHttpProxy"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource. Always compute#targetHttpProxyList for lists of target HTTP proxies.",
-     "default": "compute#targetHttpProxyList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetHttpsProxiesSetSslCertificatesRequest": {
-   "id": "TargetHttpsProxiesSetSslCertificatesRequest",
-   "type": "object",
-   "properties": {
-    "sslCertificates": {
-     "type": "array",
-     "description": "New set of SslCertificate resources to associate with this TargetHttpsProxy resource. Currently exactly one SslCertificate resource must be specified.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "TargetHttpsProxy": {
-   "id": "TargetHttpsProxy",
-   "type": "object",
-   "description": "A TargetHttpsProxy resource. This resource defines an HTTPS proxy. (== resource_for beta.targetHttpsProxies ==) (== resource_for v1.targetHttpsProxies ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.",
-     "default": "compute#targetHttpsProxy"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sslCertificates": {
-     "type": "array",
-     "description": "URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, exactly one SSL certificate must be specified.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "urlMap": {
-     "type": "string",
-     "description": "A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:  \n- https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map \n- projects/project/global/urlMaps/url-map \n- global/urlMaps/url-map"
-    }
-   }
-  },
-  "TargetHttpsProxyList": {
-   "id": "TargetHttpsProxyList",
-   "type": "object",
-   "description": "Contains a list of TargetHttpsProxy resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetHttpsProxy resources.",
-     "items": {
-      "$ref": "TargetHttpsProxy"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource. Always compute#targetHttpsProxyList for lists of target HTTPS proxies.",
-     "default": "compute#targetHttpsProxyList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetInstance": {
-   "id": "TargetInstance",
-   "type": "object",
-   "description": "A TargetInstance resource. This resource defines an endpoint instance that terminates traffic of certain protocols. (== resource_for beta.targetInstances ==) (== resource_for v1.targetInstances ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "instance": {
-     "type": "string",
-     "description": "A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs: \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance \n- projects/project/zones/zone/instances/instance \n- zones/zone/instances/instance"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] The type of the resource. Always compute#targetInstance for target instances.",
-     "default": "compute#targetInstance"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "natPolicy": {
-     "type": "string",
-     "description": "NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported.",
-     "enum": [
-      "NO_NAT"
-     ],
-     "enumDescriptions": [
-      ""
-     ]
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "zone": {
-     "type": "string",
-     "description": "[Output Only] URL of the zone where the target instance resides."
-    }
-   }
-  },
-  "TargetInstanceAggregatedList": {
-   "id": "TargetInstanceAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of TargetInstance resources.",
-     "additionalProperties": {
-      "$ref": "TargetInstancesScopedList",
-      "description": "Name of the scope containing this set of target instances."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#targetInstanceAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetInstanceList": {
-   "id": "TargetInstanceList",
-   "type": "object",
-   "description": "Contains a list of TargetInstance resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetInstance resources.",
-     "items": {
-      "$ref": "TargetInstance"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#targetInstanceList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetInstancesScopedList": {
-   "id": "TargetInstancesScopedList",
-   "type": "object",
-   "properties": {
-    "targetInstances": {
-     "type": "array",
-     "description": "List of target instances contained in this scope.",
-     "items": {
-      "$ref": "TargetInstance"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of addresses when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetPool": {
-   "id": "TargetPool",
-   "type": "object",
-   "description": "A TargetPool resource. This resource defines a pool of instances, an associated HttpHealthCheck resource, and the fallback target pool. (== resource_for beta.targetPools ==) (== resource_for v1.targetPools ==)",
-   "properties": {
-    "backupPool": {
-     "type": "string",
-     "description": "This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1].\n\nbackupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool.\n\nIn case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the \"force\" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy."
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "failoverRatio": {
-     "type": "number",
-     "description": "This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1].\n\nIf set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool.\n\nIn case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the \"force\" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.",
-     "format": "float"
-    },
-    "healthChecks": {
-     "type": "array",
-     "description": "The URL of the HttpHealthCheck resource. A member instance in this pool is considered healthy if and only if the health checks pass. An empty list means all member instances will be considered healthy at all times. Only HttpHealthChecks are supported. Only one health check may be specified.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "instances": {
-     "type": "array",
-     "description": "A list of resource URLs to the virtual machine instances serving this pool. They must live in zones contained in the same region as this pool.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#targetPool for target pools.",
-     "default": "compute#targetPool"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the target pool resides."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sessionAffinity": {
-     "type": "string",
-     "description": "Sesssion affinity option, must be one of the following values:\nNONE: Connections from the same client IP may go to any instance in the pool.\nCLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy.\nCLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.",
-     "enum": [
-      "CLIENT_IP",
-      "CLIENT_IP_PORT_PROTO",
-      "CLIENT_IP_PROTO",
-      "GENERATED_COOKIE",
-      "NONE"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "TargetPoolAggregatedList": {
-   "id": "TargetPoolAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of TargetPool resources.",
-     "additionalProperties": {
-      "$ref": "TargetPoolsScopedList",
-      "description": "Name of the scope containing this set of target pools."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetPoolAggregatedList for aggregated lists of target pools.",
-     "default": "compute#targetPoolAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetPoolInstanceHealth": {
-   "id": "TargetPoolInstanceHealth",
-   "type": "object",
-   "properties": {
-    "healthStatus": {
-     "type": "array",
-     "items": {
-      "$ref": "HealthStatus"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetPoolInstanceHealth when checking the health of an instance.",
-     "default": "compute#targetPoolInstanceHealth"
-    }
-   }
-  },
-  "TargetPoolList": {
-   "id": "TargetPoolList",
-   "type": "object",
-   "description": "Contains a list of TargetPool resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetPool resources.",
-     "items": {
-      "$ref": "TargetPool"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetPoolList for lists of target pools.",
-     "default": "compute#targetPoolList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetPoolsAddHealthCheckRequest": {
-   "id": "TargetPoolsAddHealthCheckRequest",
-   "type": "object",
-   "properties": {
-    "healthChecks": {
-     "type": "array",
-     "description": "The HttpHealthCheck to add to the target pool.",
-     "items": {
-      "$ref": "HealthCheckReference"
-     }
-    }
-   }
-  },
-  "TargetPoolsAddInstanceRequest": {
-   "id": "TargetPoolsAddInstanceRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "A full or partial URL to an instance to add to this target pool. This can be a full or partial URL. For example, the following are valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/project-id/zones/zone/instances/instance-name \n- projects/project-id/zones/zone/instances/instance-name \n- zones/zone/instances/instance-name",
-     "items": {
-      "$ref": "InstanceReference"
-     }
-    }
-   }
-  },
-  "TargetPoolsRemoveHealthCheckRequest": {
-   "id": "TargetPoolsRemoveHealthCheckRequest",
-   "type": "object",
-   "properties": {
-    "healthChecks": {
-     "type": "array",
-     "description": "Health check URL to be removed. This can be a full or valid partial URL. For example, the following are valid URLs:  \n- https://www.googleapis.com/compute/beta/projects/project/global/httpHealthChecks/health-check \n- projects/project/global/httpHealthChecks/health-check \n- global/httpHealthChecks/health-check",
-     "items": {
-      "$ref": "HealthCheckReference"
-     }
-    }
-   }
-  },
-  "TargetPoolsRemoveInstanceRequest": {
-   "id": "TargetPoolsRemoveInstanceRequest",
-   "type": "object",
-   "properties": {
-    "instances": {
-     "type": "array",
-     "description": "URLs of the instances to be removed from target pool.",
-     "items": {
-      "$ref": "InstanceReference"
-     }
-    }
-   }
-  },
-  "TargetPoolsScopedList": {
-   "id": "TargetPoolsScopedList",
-   "type": "object",
-   "properties": {
-    "targetPools": {
-     "type": "array",
-     "description": "List of target pools contained in this scope.",
-     "items": {
-      "$ref": "TargetPool"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of addresses when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetReference": {
-   "id": "TargetReference",
-   "type": "object",
-   "properties": {
-    "target": {
-     "type": "string"
-    }
-   }
-  },
-  "TargetSslProxiesSetBackendServiceRequest": {
-   "id": "TargetSslProxiesSetBackendServiceRequest",
-   "type": "object",
-   "properties": {
-    "service": {
-     "type": "string",
-     "description": "The URL of the new BackendService resource for the targetSslProxy."
-    }
-   }
-  },
-  "TargetSslProxiesSetProxyHeaderRequest": {
-   "id": "TargetSslProxiesSetProxyHeaderRequest",
-   "type": "object",
-   "properties": {
-    "proxyHeader": {
-     "type": "string",
-     "description": "The new type of proxy header to append before sending data to the backend. NONE or PROXY_V1 are allowed.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "TargetSslProxiesSetSslCertificatesRequest": {
-   "id": "TargetSslProxiesSetSslCertificatesRequest",
-   "type": "object",
-   "properties": {
-    "sslCertificates": {
-     "type": "array",
-     "description": "New set of URLs to SslCertificate resources to associate with this TargetSslProxy. Currently exactly one ssl certificate must be specified.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "TargetSslProxy": {
-   "id": "TargetSslProxy",
-   "type": "object",
-   "description": "A TargetSslProxy resource. This resource defines an SSL proxy. (== resource_for beta.targetSslProxies ==) (== resource_for v1.targetSslProxies ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#targetSslProxy for target SSL proxies.",
-     "default": "compute#targetSslProxy"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "proxyHeader": {
-     "type": "string",
-     "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "service": {
-     "type": "string",
-     "description": "URL to the BackendService resource."
-    },
-    "sslCertificates": {
-     "type": "array",
-     "description": "URLs to SslCertificate resources that are used to authenticate connections to Backends. Currently exactly one SSL certificate must be specified.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "TargetSslProxyList": {
-   "id": "TargetSslProxyList",
-   "type": "object",
-   "description": "Contains a list of TargetSslProxy resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetSslProxy resources.",
-     "items": {
-      "$ref": "TargetSslProxy"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#targetSslProxyList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetTcpProxiesSetBackendServiceRequest": {
-   "id": "TargetTcpProxiesSetBackendServiceRequest",
-   "type": "object",
-   "properties": {
-    "service": {
-     "type": "string",
-     "description": "The URL of the new BackendService resource for the targetTcpProxy."
-    }
-   }
-  },
-  "TargetTcpProxiesSetProxyHeaderRequest": {
-   "id": "TargetTcpProxiesSetProxyHeaderRequest",
-   "type": "object",
-   "properties": {
-    "proxyHeader": {
-     "type": "string",
-     "description": "The new type of proxy header to append before sending data to the backend. NONE or PROXY_V1 are allowed.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "TargetTcpProxy": {
-   "id": "TargetTcpProxy",
-   "type": "object",
-   "description": "A TargetTcpProxy resource. This resource defines a TCP proxy. (== resource_for beta.targetTcpProxies ==) (== resource_for v1.targetTcpProxies ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#targetTcpProxy for target TCP proxies.",
-     "default": "compute#targetTcpProxy"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "proxyHeader": {
-     "type": "string",
-     "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
-     "enum": [
-      "NONE",
-      "PROXY_V1"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "service": {
-     "type": "string",
-     "description": "URL to the BackendService resource."
-    }
-   }
-  },
-  "TargetTcpProxyList": {
-   "id": "TargetTcpProxyList",
-   "type": "object",
-   "description": "Contains a list of TargetTcpProxy resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetTcpProxy resources.",
-     "items": {
-      "$ref": "TargetTcpProxy"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#targetTcpProxyList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetVpnGateway": {
-   "id": "TargetVpnGateway",
-   "type": "object",
-   "description": "Represents a Target VPN gateway resource. (== resource_for beta.targetVpnGateways ==) (== resource_for v1.targetVpnGateways ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "forwardingRules": {
-     "type": "array",
-     "description": "[Output Only] A list of URLs to the ForwardingRule resources. ForwardingRules are created using compute.forwardingRules.insert and associated to a VPN gateway.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.",
-     "default": "compute#targetVpnGateway"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.targetVpnGateways.insert"
-      ]
-     }
-    },
-    "network": {
-     "type": "string",
-     "description": "URL of the network to which this VPN gateway is attached. Provided by the client when the VPN gateway is created.",
-     "annotations": {
-      "required": [
-       "compute.targetVpnGateways.insert"
-      ]
-     }
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the target VPN gateway resides."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the VPN gateway.",
-     "enum": [
-      "CREATING",
-      "DELETING",
-      "FAILED",
-      "READY"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "tunnels": {
-     "type": "array",
-     "description": "[Output Only] A list of URLs to VpnTunnel resources. VpnTunnels are created using compute.vpntunnels.insert method and associated to a VPN gateway.",
-     "items": {
-      "type": "string"
-     }
-    }
-   }
-  },
-  "TargetVpnGatewayAggregatedList": {
-   "id": "TargetVpnGatewayAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of TargetVpnGateway resources.",
-     "additionalProperties": {
-      "$ref": "TargetVpnGatewaysScopedList",
-      "description": "[Output Only] Name of the scope containing this set of target VPN gateways."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.",
-     "default": "compute#targetVpnGatewayAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetVpnGatewayList": {
-   "id": "TargetVpnGatewayList",
-   "type": "object",
-   "description": "Contains a list of TargetVpnGateway resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of TargetVpnGateway resources.",
-     "items": {
-      "$ref": "TargetVpnGateway"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.",
-     "default": "compute#targetVpnGatewayList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TargetVpnGatewaysScopedList": {
-   "id": "TargetVpnGatewaysScopedList",
-   "type": "object",
-   "properties": {
-    "targetVpnGateways": {
-     "type": "array",
-     "description": "[Output Only] List of target vpn gateways contained in this scope.",
-     "items": {
-      "$ref": "TargetVpnGateway"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning which replaces the list of addresses when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "TestFailure": {
-   "id": "TestFailure",
-   "type": "object",
-   "properties": {
-    "actualService": {
-     "type": "string"
-    },
-    "expectedService": {
-     "type": "string"
-    },
-    "host": {
-     "type": "string"
-    },
-    "path": {
-     "type": "string"
-    }
-   }
-  },
-  "UrlMap": {
-   "id": "UrlMap",
-   "type": "object",
-   "description": "A UrlMap resource. This resource defines the mapping from URL to the BackendService resource, based on the \"longest-match\" of the URL's host and path.",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "defaultService": {
-     "type": "string",
-     "description": "The URL of the BackendService resource if none of the hostRules match."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "fingerprint": {
-     "type": "string",
-     "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap.",
-     "format": "byte"
-    },
-    "hostRules": {
-     "type": "array",
-     "description": "The list of HostRules to use against the URL.",
-     "items": {
-      "$ref": "HostRule"
-     }
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#urlMaps for url maps.",
-     "default": "compute#urlMap"
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?"
-    },
-    "pathMatchers": {
-     "type": "array",
-     "description": "The list of named PathMatchers to use against the URL.",
-     "items": {
-      "$ref": "PathMatcher"
-     }
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "tests": {
-     "type": "array",
-     "description": "The list of expected URL mappings. Request to update this UrlMap will succeed only if all of the test cases pass.",
-     "items": {
-      "$ref": "UrlMapTest"
-     }
-    }
-   }
-  },
-  "UrlMapList": {
-   "id": "UrlMapList",
-   "type": "object",
-   "description": "Contains a list of UrlMap resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of UrlMap resources.",
-     "items": {
-      "$ref": "UrlMap"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#urlMapList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "UrlMapReference": {
-   "id": "UrlMapReference",
-   "type": "object",
-   "properties": {
-    "urlMap": {
-     "type": "string"
-    }
-   }
-  },
-  "UrlMapTest": {
-   "id": "UrlMapTest",
-   "type": "object",
-   "description": "Message for the expected URL mappings.",
-   "properties": {
-    "description": {
-     "type": "string",
-     "description": "Description of this test case."
-    },
-    "host": {
-     "type": "string",
-     "description": "Host portion of the URL."
-    },
-    "path": {
-     "type": "string",
-     "description": "Path portion of the URL."
-    },
-    "service": {
-     "type": "string",
-     "description": "Expected BackendService resource the given URL should be mapped to."
-    }
-   }
-  },
-  "UrlMapValidationResult": {
-   "id": "UrlMapValidationResult",
-   "type": "object",
-   "description": "Message representing the validation result for a UrlMap.",
-   "properties": {
-    "loadErrors": {
-     "type": "array",
-     "items": {
-      "type": "string"
-     }
-    },
-    "loadSucceeded": {
-     "type": "boolean",
-     "description": "Whether the given UrlMap can be successfully loaded. If false, 'loadErrors' indicates the reasons."
-    },
-    "testFailures": {
-     "type": "array",
-     "items": {
-      "$ref": "TestFailure"
-     }
-    },
-    "testPassed": {
-     "type": "boolean",
-     "description": "If successfully loaded, this field indicates whether the test passed. If false, 'testFailures's indicate the reason of failure."
-    }
-   }
-  },
-  "UrlMapsValidateRequest": {
-   "id": "UrlMapsValidateRequest",
-   "type": "object",
-   "properties": {
-    "resource": {
-     "$ref": "UrlMap",
-     "description": "Content of the UrlMap to be validated."
-    }
-   }
-  },
-  "UrlMapsValidateResponse": {
-   "id": "UrlMapsValidateResponse",
-   "type": "object",
-   "properties": {
-    "result": {
-     "$ref": "UrlMapValidationResult"
-    }
-   }
-  },
-  "UsageExportLocation": {
-   "id": "UsageExportLocation",
-   "type": "object",
-   "description": "The location in Cloud Storage and naming method of the daily usage report. Contains bucket_name and report_name prefix.",
-   "properties": {
-    "bucketName": {
-     "type": "string",
-     "description": "The name of an existing bucket in Cloud Storage where the usage report object is stored. The Google Service Account is granted write access to this bucket. This can either be the bucket name by itself, such as example-bucket, or the bucket name with gs:// or https://storage.googleapis.com/ in front of it, such as gs://example-bucket."
-    },
-    "reportNamePrefix": {
-     "type": "string",
-     "description": "An optional prefix for the name of the usage report object stored in bucketName. If not supplied, defaults to usage. The report is stored as a CSV file named report_name_prefix_gce_YYYYMMDD.csv where YYYYMMDD is the day of the usage according to Pacific Time. If you supply a prefix, it should conform to Cloud Storage object naming conventions."
-    }
-   }
-  },
-  "VpnTunnel": {
-   "id": "VpnTunnel",
-   "type": "object",
-   "description": "VPN tunnel resource. (== resource_for beta.vpnTunnels ==) (== resource_for v1.vpnTunnels ==)",
-   "properties": {
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "description": {
-     "type": "string",
-     "description": "An optional description of this resource. Provide this property when you create the resource."
-    },
-    "detailedStatus": {
-     "type": "string",
-     "description": "[Output Only] Detailed status message for the VPN tunnel."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "ikeVersion": {
-     "type": "integer",
-     "description": "IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.",
-     "format": "int32"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.",
-     "default": "compute#vpnTunnel"
-    },
-    "localTrafficSelector": {
-     "type": "array",
-     "description": "Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example: 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "name": {
-     "type": "string",
-     "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
-     "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-     "annotations": {
-      "required": [
-       "compute.vpnTunnels.insert"
-      ]
-     }
-    },
-    "peerIp": {
-     "type": "string",
-     "description": "IP address of the peer VPN gateway. Only IPv4 is supported."
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] URL of the region where the VPN tunnel resides."
-    },
-    "remoteTrafficSelector": {
-     "type": "array",
-     "description": "Remote traffic selectors to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example: 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "router": {
-     "type": "string",
-     "description": "URL of router resource to be used for dynamic routing."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "sharedSecret": {
-     "type": "string",
-     "description": "Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway."
-    },
-    "sharedSecretHash": {
-     "type": "string",
-     "description": "Hash of the shared secret."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] The status of the VPN tunnel.",
-     "enum": [
-      "ALLOCATING_RESOURCES",
-      "AUTHORIZATION_ERROR",
-      "DEPROVISIONING",
-      "ESTABLISHED",
-      "FAILED",
-      "FIRST_HANDSHAKE",
-      "NEGOTIATION_FAILURE",
-      "NETWORK_ERROR",
-      "NO_INCOMING_PACKETS",
-      "PROVISIONING",
-      "REJECTED",
-      "WAITING_FOR_FULL_CONFIG"
-     ],
-     "enumDescriptions": [
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      "",
-      ""
-     ]
-    },
-    "targetVpnGateway": {
-     "type": "string",
-     "description": "URL of the VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created.",
-     "annotations": {
-      "required": [
-       "compute.vpnTunnels.insert"
-      ]
-     }
-    }
-   }
-  },
-  "VpnTunnelAggregatedList": {
-   "id": "VpnTunnelAggregatedList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "object",
-     "description": "A list of VpnTunnelsScopedList resources.",
-     "additionalProperties": {
-      "$ref": "VpnTunnelsScopedList",
-      "description": "Name of the scope containing this set of vpn tunnels."
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.",
-     "default": "compute#vpnTunnelAggregatedList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "VpnTunnelList": {
-   "id": "VpnTunnelList",
-   "type": "object",
-   "description": "Contains a list of VpnTunnel resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of VpnTunnel resources.",
-     "items": {
-      "$ref": "VpnTunnel"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.",
-     "default": "compute#vpnTunnelList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "VpnTunnelsScopedList": {
-   "id": "VpnTunnelsScopedList",
-   "type": "object",
-   "properties": {
-    "vpnTunnels": {
-     "type": "array",
-     "description": "List of vpn tunnels contained in this scope.",
-     "items": {
-      "$ref": "VpnTunnel"
-     }
-    },
-    "warning": {
-     "type": "object",
-     "description": "Informational warning which replaces the list of addresses when the list is empty.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "XpnHostList": {
-   "id": "XpnHostList",
-   "type": "object",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "[Output Only] A list of shared VPC host project URLs.",
-     "items": {
-      "$ref": "Project"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of resource. Always compute#xpnHostList for lists of shared VPC hosts.",
-     "default": "compute#xpnHostList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "XpnResourceId": {
-   "id": "XpnResourceId",
-   "type": "object",
-   "description": "Service resource (a.k.a service project) ID.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "The ID of the service resource. In the case of projects, this field matches the project ID (e.g., my-project), not the project number (e.g., 12345678)."
-    },
-    "type": {
-     "type": "string",
-     "description": "The type of the service resource.",
-     "enum": [
-      "PROJECT",
-      "XPN_RESOURCE_TYPE_UNSPECIFIED"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "Zone": {
-   "id": "Zone",
-   "type": "object",
-   "description": "A Zone resource. (== resource_for beta.zones ==) (== resource_for v1.zones ==)",
-   "properties": {
-    "availableCpuPlatforms": {
-     "type": "array",
-     "description": "[Output Only] Available cpu/platform selections for the zone.",
-     "items": {
-      "type": "string"
-     }
-    },
-    "creationTimestamp": {
-     "type": "string",
-     "description": "[Output Only] Creation timestamp in RFC3339 text format."
-    },
-    "deprecated": {
-     "$ref": "DeprecationStatus",
-     "description": "[Output Only] The deprecation status associated with this zone."
-    },
-    "description": {
-     "type": "string",
-     "description": "[Output Only] Textual description of the resource."
-    },
-    "id": {
-     "type": "string",
-     "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
-     "format": "uint64"
-    },
-    "kind": {
-     "type": "string",
-     "description": "[Output Only] Type of the resource. Always compute#zone for zones.",
-     "default": "compute#zone"
-    },
-    "name": {
-     "type": "string",
-     "description": "[Output Only] Name of the resource."
-    },
-    "region": {
-     "type": "string",
-     "description": "[Output Only] Full URL reference to the region which hosts the zone."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for the resource."
-    },
-    "status": {
-     "type": "string",
-     "description": "[Output Only] Status of the zone, either UP or DOWN.",
-     "enum": [
-      "DOWN",
-      "UP"
-     ],
-     "enumDescriptions": [
-      "",
-      ""
-     ]
-    }
-   }
-  },
-  "ZoneList": {
-   "id": "ZoneList",
-   "type": "object",
-   "description": "Contains a list of zone resources.",
-   "properties": {
-    "id": {
-     "type": "string",
-     "description": "[Output Only] Unique identifier for the resource; defined by the server."
-    },
-    "items": {
-     "type": "array",
-     "description": "A list of Zone resources.",
-     "items": {
-      "$ref": "Zone"
-     }
-    },
-    "kind": {
-     "type": "string",
-     "description": "Type of resource.",
-     "default": "compute#zoneList"
-    },
-    "nextPageToken": {
-     "type": "string",
-     "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results."
-    },
-    "selfLink": {
-     "type": "string",
-     "description": "[Output Only] Server-defined URL for this resource."
-    },
-    "warning": {
-     "type": "object",
-     "description": "[Output Only] Informational warning message.",
-     "properties": {
-      "code": {
-       "type": "string",
-       "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
-       "enum": [
-        "CLEANUP_FAILED",
-        "DEPRECATED_RESOURCE_USED",
-        "DEPRECATED_TYPE_USED",
-        "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
-        "EXPERIMENTAL_TYPE_USED",
-        "EXTERNAL_API_WARNING",
-        "FIELD_VALUE_OVERRIDEN",
-        "INJECTED_KERNELS_DEPRECATED",
-        "MISSING_TYPE_DEPENDENCY",
-        "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
-        "NEXT_HOP_CANNOT_IP_FORWARD",
-        "NEXT_HOP_INSTANCE_NOT_FOUND",
-        "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
-        "NEXT_HOP_NOT_RUNNING",
-        "NOT_CRITICAL_ERROR",
-        "NO_RESULTS_ON_PAGE",
-        "REQUIRED_TOS_AGREEMENT",
-        "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
-        "RESOURCE_NOT_DELETED",
-        "SCHEMA_VALIDATION_IGNORED",
-        "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
-        "UNDECLARED_PROPERTIES",
-        "UNREACHABLE"
-       ],
-       "enumDescriptions": [
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        "",
-        ""
-       ]
-      },
-      "data": {
-       "type": "array",
-       "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
-       "items": {
-        "type": "object",
-        "properties": {
-         "key": {
-          "type": "string",
-          "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)."
-         },
-         "value": {
-          "type": "string",
-          "description": "[Output Only] A warning data value corresponding to the key."
-         }
-        }
-       }
-      },
-      "message": {
-       "type": "string",
-       "description": "[Output Only] A human-readable description of the warning code."
-      }
-     }
-    }
-   }
-  },
-  "ZoneSetLabelsRequest": {
-   "id": "ZoneSetLabelsRequest",
-   "type": "object",
-   "properties": {
-    "labelFingerprint": {
-     "type": "string",
-     "description": "The fingerprint of the previous set of labels for this resource, used to detect conflicts. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. Make a get() request to the resource to get the latest fingerprint.",
-     "format": "byte"
-    },
-    "labels": {
-     "type": "object",
-     "description": "The labels to set for this resource.",
-     "additionalProperties": {
-      "type": "string"
-     }
-    }
-   }
-  }
- },
- "resources": {
-  "acceleratorTypes": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.acceleratorTypes.aggregatedList",
-     "path": "{project}/aggregated/acceleratorTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of accelerator types.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "AcceleratorTypeAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "get": {
-     "id": "compute.acceleratorTypes.get",
-     "path": "{project}/zones/{zone}/acceleratorTypes/{acceleratorType}",
-     "httpMethod": "GET",
-     "description": "Returns the specified accelerator type. Get a list of available accelerator types by making a list() request.",
-     "parameters": {
-      "acceleratorType": {
-       "type": "string",
-       "description": "Name of the accelerator type to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "acceleratorType"
-     ],
-     "response": {
-      "$ref": "AcceleratorType"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.acceleratorTypes.list",
-     "path": "{project}/zones/{zone}/acceleratorTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of accelerator types available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "AcceleratorTypeList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "addresses": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.addresses.aggregatedList",
-     "path": "{project}/aggregated/addresses",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of addresses.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "AddressAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.addresses.delete",
-     "path": "{project}/regions/{region}/addresses/{address}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified address resource.",
-     "parameters": {
-      "address": {
-       "type": "string",
-       "description": "Name of the address resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "address"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.addresses.get",
-     "path": "{project}/regions/{region}/addresses/{address}",
-     "httpMethod": "GET",
-     "description": "Returns the specified address resource.",
-     "parameters": {
-      "address": {
-       "type": "string",
-       "description": "Name of the address resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "address"
-     ],
-     "response": {
-      "$ref": "Address"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.addresses.insert",
-     "path": "{project}/regions/{region}/addresses",
-     "httpMethod": "POST",
-     "description": "Creates an address resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Address"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.addresses.list",
-     "path": "{project}/regions/{region}/addresses",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of addresses contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "AddressList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "autoscalers": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.autoscalers.aggregatedList",
-     "path": "{project}/aggregated/autoscalers",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of autoscalers.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "AutoscalerAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.autoscalers.delete",
-     "path": "{project}/zones/{zone}/autoscalers/{autoscaler}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified autoscaler.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "autoscaler"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.autoscalers.get",
-     "path": "{project}/zones/{zone}/autoscalers/{autoscaler}",
-     "httpMethod": "GET",
-     "description": "Returns the specified autoscaler resource. Get a list of available autoscalers by making a list() request.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "autoscaler"
-     ],
-     "response": {
-      "$ref": "Autoscaler"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.autoscalers.insert",
-     "path": "{project}/zones/{zone}/autoscalers",
-     "httpMethod": "POST",
-     "description": "Creates an autoscaler in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "Autoscaler"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.autoscalers.list",
-     "path": "{project}/zones/{zone}/autoscalers",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of autoscalers contained within the specified zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "AutoscalerList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.autoscalers.patch",
-     "path": "{project}/zones/{zone}/autoscalers",
-     "httpMethod": "PATCH",
-     "description": "Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to patch.",
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "Autoscaler"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "update": {
-     "id": "compute.autoscalers.update",
-     "path": "{project}/zones/{zone}/autoscalers",
-     "httpMethod": "PUT",
-     "description": "Updates an autoscaler in the specified project using the data included in the request.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to update.",
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "Autoscaler"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "backendBuckets": {
-   "methods": {
-    "delete": {
-     "id": "compute.backendBuckets.delete",
-     "path": "{project}/global/backendBuckets/{backendBucket}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified BackendBucket resource.",
-     "parameters": {
-      "backendBucket": {
-       "type": "string",
-       "description": "Name of the BackendBucket resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendBucket"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.backendBuckets.get",
-     "path": "{project}/global/backendBuckets/{backendBucket}",
-     "httpMethod": "GET",
-     "description": "Returns the specified BackendBucket resource. Get a list of available backend buckets by making a list() request.",
-     "parameters": {
-      "backendBucket": {
-       "type": "string",
-       "description": "Name of the BackendBucket resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendBucket"
-     ],
-     "response": {
-      "$ref": "BackendBucket"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.backendBuckets.insert",
-     "path": "{project}/global/backendBuckets",
-     "httpMethod": "POST",
-     "description": "Creates a BackendBucket resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "BackendBucket"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.backendBuckets.list",
-     "path": "{project}/global/backendBuckets",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of BackendBucket resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "BackendBucketList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.backendBuckets.patch",
-     "path": "{project}/global/backendBuckets/{backendBucket}",
-     "httpMethod": "PATCH",
-     "description": "Updates the specified BackendBucket resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "backendBucket": {
-       "type": "string",
-       "description": "Name of the BackendBucket resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendBucket"
-     ],
-     "request": {
-      "$ref": "BackendBucket"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "update": {
-     "id": "compute.backendBuckets.update",
-     "path": "{project}/global/backendBuckets/{backendBucket}",
-     "httpMethod": "PUT",
-     "description": "Updates the specified BackendBucket resource with the data included in the request.",
-     "parameters": {
-      "backendBucket": {
-       "type": "string",
-       "description": "Name of the BackendBucket resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendBucket"
-     ],
-     "request": {
-      "$ref": "BackendBucket"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "backendServices": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.backendServices.aggregatedList",
-     "path": "{project}/aggregated/backendServices",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of all BackendService resources, regional and global, available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Name of the project scoping this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "BackendServiceAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.backendServices.delete",
-     "path": "{project}/global/backendServices/{backendService}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified BackendService resource.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.backendServices.get",
-     "path": "{project}/global/backendServices/{backendService}",
-     "httpMethod": "GET",
-     "description": "Returns the specified BackendService resource. Get a list of available backend services by making a list() request.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService"
-     ],
-     "response": {
-      "$ref": "BackendService"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getHealth": {
-     "id": "compute.backendServices.getHealth",
-     "path": "{project}/global/backendServices/{backendService}/getHealth",
-     "httpMethod": "POST",
-     "description": "Gets the most recent health check results for this BackendService.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to which the queried instance belongs.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "ResourceGroupReference"
-     },
-     "response": {
-      "$ref": "BackendServiceGroupHealth"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.backendServices.insert",
-     "path": "{project}/global/backendServices",
-     "httpMethod": "POST",
-     "description": "Creates a BackendService resource in the specified project using the data included in the request. There are several restrictions and guidelines to keep in mind when creating a backend service. Read  Restrictions and Guidelines for more information.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "BackendService"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.backendServices.list",
-     "path": "{project}/global/backendServices",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of BackendService resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "BackendServiceList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.backendServices.patch",
-     "path": "{project}/global/backendServices/{backendService}",
-     "httpMethod": "PATCH",
-     "description": "Patches the specified BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "BackendService"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "update": {
-     "id": "compute.backendServices.update",
-     "path": "{project}/global/backendServices/{backendService}",
-     "httpMethod": "PUT",
-     "description": "Updates the specified BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "BackendService"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "diskTypes": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.diskTypes.aggregatedList",
-     "path": "{project}/aggregated/diskTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of disk types.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "DiskTypeAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "get": {
-     "id": "compute.diskTypes.get",
-     "path": "{project}/zones/{zone}/diskTypes/{diskType}",
-     "httpMethod": "GET",
-     "description": "Returns the specified disk type. Get a list of available disk types by making a list() request.",
-     "parameters": {
-      "diskType": {
-       "type": "string",
-       "description": "Name of the disk type to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "diskType"
-     ],
-     "response": {
-      "$ref": "DiskType"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.diskTypes.list",
-     "path": "{project}/zones/{zone}/diskTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of disk types available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "DiskTypeList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "disks": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.disks.aggregatedList",
-     "path": "{project}/aggregated/disks",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of persistent disks.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "DiskAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "createSnapshot": {
-     "id": "compute.disks.createSnapshot",
-     "path": "{project}/zones/{zone}/disks/{disk}/createSnapshot",
-     "httpMethod": "POST",
-     "description": "Creates a snapshot of a specified persistent disk.",
-     "parameters": {
-      "disk": {
-       "type": "string",
-       "description": "Name of the persistent disk to snapshot.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "guestFlush": {
-       "type": "boolean",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "disk"
-     ],
-     "request": {
-      "$ref": "Snapshot"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "delete": {
-     "id": "compute.disks.delete",
-     "path": "{project}/zones/{zone}/disks/{disk}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified persistent disk. Deleting a disk removes its data permanently and is irreversible. However, deleting a disk does not delete any snapshots previously made from the disk. You must separately delete snapshots.",
-     "parameters": {
-      "disk": {
-       "type": "string",
-       "description": "Name of the persistent disk to delete.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "disk"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.disks.get",
-     "path": "{project}/zones/{zone}/disks/{disk}",
-     "httpMethod": "GET",
-     "description": "Returns a specified persistent disk. Get a list of available persistent disks by making a list() request.",
-     "parameters": {
-      "disk": {
-       "type": "string",
-       "description": "Name of the persistent disk to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "disk"
-     ],
-     "response": {
-      "$ref": "Disk"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.disks.insert",
-     "path": "{project}/zones/{zone}/disks",
-     "httpMethod": "POST",
-     "description": "Creates a persistent disk in the specified project using the data in the request. You can create a disk with a sourceImage, a sourceSnapshot, or create an empty 500 GB data disk by omitting all properties. You can also create a disk that is larger than the default size by specifying the sizeGb property.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "sourceImage": {
-       "type": "string",
-       "description": "Optional. Source image to restore onto a disk.",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "Disk"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.disks.list",
-     "path": "{project}/zones/{zone}/disks",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of persistent disks contained within the specified zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "DiskList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "resize": {
-     "id": "compute.disks.resize",
-     "path": "{project}/zones/{zone}/disks/{disk}/resize",
-     "httpMethod": "POST",
-     "description": "Resizes the specified persistent disk. You can only increase the size of the disk.",
-     "parameters": {
-      "disk": {
-       "type": "string",
-       "description": "The name of the persistent disk.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "disk"
-     ],
-     "request": {
-      "$ref": "DisksResizeRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.disks.setLabels",
-     "path": "{project}/zones/{zone}/disks/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on a disk. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "request": {
-      "$ref": "ZoneSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "firewalls": {
-   "methods": {
-    "delete": {
-     "id": "compute.firewalls.delete",
-     "path": "{project}/global/firewalls/{firewall}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified firewall.",
-     "parameters": {
-      "firewall": {
-       "type": "string",
-       "description": "Name of the firewall rule to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "firewall"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.firewalls.get",
-     "path": "{project}/global/firewalls/{firewall}",
-     "httpMethod": "GET",
-     "description": "Returns the specified firewall.",
-     "parameters": {
-      "firewall": {
-       "type": "string",
-       "description": "Name of the firewall rule to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "firewall"
-     ],
-     "response": {
-      "$ref": "Firewall"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.firewalls.insert",
-     "path": "{project}/global/firewalls",
-     "httpMethod": "POST",
-     "description": "Creates a firewall rule in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Firewall"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.firewalls.list",
-     "path": "{project}/global/firewalls",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of firewall rules available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "FirewallList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.firewalls.patch",
-     "path": "{project}/global/firewalls/{firewall}",
-     "httpMethod": "PATCH",
-     "description": "Updates the specified firewall rule with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "firewall": {
-       "type": "string",
-       "description": "Name of the firewall rule to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "firewall"
-     ],
-     "request": {
-      "$ref": "Firewall"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "update": {
-     "id": "compute.firewalls.update",
-     "path": "{project}/global/firewalls/{firewall}",
-     "httpMethod": "PUT",
-     "description": "Updates the specified firewall rule with the data included in the request. Using PUT method, can only update following fields of firewall rule: allowed, description, sourceRanges, sourceTags, targetTags.",
-     "parameters": {
-      "firewall": {
-       "type": "string",
-       "description": "Name of the firewall rule to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "firewall"
-     ],
-     "request": {
-      "$ref": "Firewall"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "forwardingRules": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.forwardingRules.aggregatedList",
-     "path": "{project}/aggregated/forwardingRules",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of forwarding rules.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "ForwardingRuleAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.forwardingRules.delete",
-     "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified ForwardingRule resource.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "forwardingRule"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.forwardingRules.get",
-     "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}",
-     "httpMethod": "GET",
-     "description": "Returns the specified ForwardingRule resource.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "forwardingRule"
-     ],
-     "response": {
-      "$ref": "ForwardingRule"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.forwardingRules.insert",
-     "path": "{project}/regions/{region}/forwardingRules",
-     "httpMethod": "POST",
-     "description": "Creates a ForwardingRule resource in the specified project and region using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "ForwardingRule"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.forwardingRules.list",
-     "path": "{project}/regions/{region}/forwardingRules",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of ForwardingRule resources available to the specified project and region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "ForwardingRuleList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setTarget": {
-     "id": "compute.forwardingRules.setTarget",
-     "path": "{project}/regions/{region}/forwardingRules/{forwardingRule}/setTarget",
-     "httpMethod": "POST",
-     "description": "Changes target URL for forwarding rule. The new target should be of the same type as the old target.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource in which target is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "forwardingRule"
-     ],
-     "request": {
-      "$ref": "TargetReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "globalAddresses": {
-   "methods": {
-    "delete": {
-     "id": "compute.globalAddresses.delete",
-     "path": "{project}/global/addresses/{address}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified address resource.",
-     "parameters": {
-      "address": {
-       "type": "string",
-       "description": "Name of the address resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "address"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.globalAddresses.get",
-     "path": "{project}/global/addresses/{address}",
-     "httpMethod": "GET",
-     "description": "Returns the specified address resource. Get a list of available addresses by making a list() request.",
-     "parameters": {
-      "address": {
-       "type": "string",
-       "description": "Name of the address resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "address"
-     ],
-     "response": {
-      "$ref": "Address"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.globalAddresses.insert",
-     "path": "{project}/global/addresses",
-     "httpMethod": "POST",
-     "description": "Creates an address resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Address"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.globalAddresses.list",
-     "path": "{project}/global/addresses",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of global addresses.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "AddressList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "globalForwardingRules": {
-   "methods": {
-    "delete": {
-     "id": "compute.globalForwardingRules.delete",
-     "path": "{project}/global/forwardingRules/{forwardingRule}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified GlobalForwardingRule resource.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "forwardingRule"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.globalForwardingRules.get",
-     "path": "{project}/global/forwardingRules/{forwardingRule}",
-     "httpMethod": "GET",
-     "description": "Returns the specified GlobalForwardingRule resource. Get a list of available forwarding rules by making a list() request.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "forwardingRule"
-     ],
-     "response": {
-      "$ref": "ForwardingRule"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.globalForwardingRules.insert",
-     "path": "{project}/global/forwardingRules",
-     "httpMethod": "POST",
-     "description": "Creates a GlobalForwardingRule resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "ForwardingRule"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.globalForwardingRules.list",
-     "path": "{project}/global/forwardingRules",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of GlobalForwardingRule resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "ForwardingRuleList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setTarget": {
-     "id": "compute.globalForwardingRules.setTarget",
-     "path": "{project}/global/forwardingRules/{forwardingRule}/setTarget",
-     "httpMethod": "POST",
-     "description": "Changes target URL for the GlobalForwardingRule resource. The new target should be of the same type as the old target.",
-     "parameters": {
-      "forwardingRule": {
-       "type": "string",
-       "description": "Name of the ForwardingRule resource in which target is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "forwardingRule"
-     ],
-     "request": {
-      "$ref": "TargetReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "globalOperations": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.globalOperations.aggregatedList",
-     "path": "{project}/aggregated/operations",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of all operations.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "OperationAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.globalOperations.delete",
-     "path": "{project}/global/operations/{operation}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified Operations resource.",
-     "parameters": {
-      "operation": {
-       "type": "string",
-       "description": "Name of the Operations resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "operation"
-     ],
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.globalOperations.get",
-     "path": "{project}/global/operations/{operation}",
-     "httpMethod": "GET",
-     "description": "Retrieves the specified Operations resource. Get a list of operations by making a list() request.",
-     "parameters": {
-      "operation": {
-       "type": "string",
-       "description": "Name of the Operations resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "operation"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.globalOperations.list",
-     "path": "{project}/global/operations",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of Operation resources contained within the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "OperationList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "healthChecks": {
-   "methods": {
-    "delete": {
-     "id": "compute.healthChecks.delete",
-     "path": "{project}/global/healthChecks/{healthCheck}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified HealthCheck resource.",
-     "parameters": {
-      "healthCheck": {
-       "type": "string",
-       "description": "Name of the HealthCheck resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "healthCheck"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.healthChecks.get",
-     "path": "{project}/global/healthChecks/{healthCheck}",
-     "httpMethod": "GET",
-     "description": "Returns the specified HealthCheck resource. Get a list of available health checks by making a list() request.",
-     "parameters": {
-      "healthCheck": {
-       "type": "string",
-       "description": "Name of the HealthCheck resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "healthCheck"
-     ],
-     "response": {
-      "$ref": "HealthCheck"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.healthChecks.insert",
-     "path": "{project}/global/healthChecks",
-     "httpMethod": "POST",
-     "description": "Creates a HealthCheck resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "HealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.healthChecks.list",
-     "path": "{project}/global/healthChecks",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of HealthCheck resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "HealthCheckList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.healthChecks.patch",
-     "path": "{project}/global/healthChecks/{healthCheck}",
-     "httpMethod": "PATCH",
-     "description": "Updates a HealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "healthCheck": {
-       "type": "string",
-       "description": "Name of the HealthCheck resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "healthCheck"
-     ],
-     "request": {
-      "$ref": "HealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "update": {
-     "id": "compute.healthChecks.update",
-     "path": "{project}/global/healthChecks/{healthCheck}",
-     "httpMethod": "PUT",
-     "description": "Updates a HealthCheck resource in the specified project using the data included in the request.",
-     "parameters": {
-      "healthCheck": {
-       "type": "string",
-       "description": "Name of the HealthCheck resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "healthCheck"
-     ],
-     "request": {
-      "$ref": "HealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "httpHealthChecks": {
-   "methods": {
-    "delete": {
-     "id": "compute.httpHealthChecks.delete",
-     "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified HttpHealthCheck resource.",
-     "parameters": {
-      "httpHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpHealthCheck resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpHealthCheck"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.httpHealthChecks.get",
-     "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
-     "httpMethod": "GET",
-     "description": "Returns the specified HttpHealthCheck resource. Get a list of available HTTP health checks by making a list() request.",
-     "parameters": {
-      "httpHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpHealthCheck resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpHealthCheck"
-     ],
-     "response": {
-      "$ref": "HttpHealthCheck"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.httpHealthChecks.insert",
-     "path": "{project}/global/httpHealthChecks",
-     "httpMethod": "POST",
-     "description": "Creates a HttpHealthCheck resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "HttpHealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.httpHealthChecks.list",
-     "path": "{project}/global/httpHealthChecks",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of HttpHealthCheck resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "HttpHealthCheckList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.httpHealthChecks.patch",
-     "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
-     "httpMethod": "PATCH",
-     "description": "Updates a HttpHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "httpHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpHealthCheck resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpHealthCheck"
-     ],
-     "request": {
-      "$ref": "HttpHealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "update": {
-     "id": "compute.httpHealthChecks.update",
-     "path": "{project}/global/httpHealthChecks/{httpHealthCheck}",
-     "httpMethod": "PUT",
-     "description": "Updates a HttpHealthCheck resource in the specified project using the data included in the request.",
-     "parameters": {
-      "httpHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpHealthCheck resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpHealthCheck"
-     ],
-     "request": {
-      "$ref": "HttpHealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "httpsHealthChecks": {
-   "methods": {
-    "delete": {
-     "id": "compute.httpsHealthChecks.delete",
-     "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified HttpsHealthCheck resource.",
-     "parameters": {
-      "httpsHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpsHealthCheck resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpsHealthCheck"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.httpsHealthChecks.get",
-     "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
-     "httpMethod": "GET",
-     "description": "Returns the specified HttpsHealthCheck resource. Get a list of available HTTPS health checks by making a list() request.",
-     "parameters": {
-      "httpsHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpsHealthCheck resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpsHealthCheck"
-     ],
-     "response": {
-      "$ref": "HttpsHealthCheck"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.httpsHealthChecks.insert",
-     "path": "{project}/global/httpsHealthChecks",
-     "httpMethod": "POST",
-     "description": "Creates a HttpsHealthCheck resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "HttpsHealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.httpsHealthChecks.list",
-     "path": "{project}/global/httpsHealthChecks",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of HttpsHealthCheck resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "HttpsHealthCheckList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.httpsHealthChecks.patch",
-     "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
-     "httpMethod": "PATCH",
-     "description": "Updates a HttpsHealthCheck resource in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "httpsHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpsHealthCheck resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpsHealthCheck"
-     ],
-     "request": {
-      "$ref": "HttpsHealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "update": {
-     "id": "compute.httpsHealthChecks.update",
-     "path": "{project}/global/httpsHealthChecks/{httpsHealthCheck}",
-     "httpMethod": "PUT",
-     "description": "Updates a HttpsHealthCheck resource in the specified project using the data included in the request.",
-     "parameters": {
-      "httpsHealthCheck": {
-       "type": "string",
-       "description": "Name of the HttpsHealthCheck resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "httpsHealthCheck"
-     ],
-     "request": {
-      "$ref": "HttpsHealthCheck"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "images": {
-   "methods": {
-    "delete": {
-     "id": "compute.images.delete",
-     "path": "{project}/global/images/{image}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified image.",
-     "parameters": {
-      "image": {
-       "type": "string",
-       "description": "Name of the image resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "image"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "deprecate": {
-     "id": "compute.images.deprecate",
-     "path": "{project}/global/images/{image}/deprecate",
-     "httpMethod": "POST",
-     "description": "Sets the deprecation status of an image.\n\nIf an empty request body is given, clears the deprecation status instead.",
-     "parameters": {
-      "image": {
-       "type": "string",
-       "description": "Image name.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "image"
-     ],
-     "request": {
-      "$ref": "DeprecationStatus"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.images.get",
-     "path": "{project}/global/images/{image}",
-     "httpMethod": "GET",
-     "description": "Returns the specified image. Get a list of available images by making a list() request.",
-     "parameters": {
-      "image": {
-       "type": "string",
-       "description": "Name of the image resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "image"
-     ],
-     "response": {
-      "$ref": "Image"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getFromFamily": {
-     "id": "compute.images.getFromFamily",
-     "path": "{project}/global/images/family/{family}",
-     "httpMethod": "GET",
-     "description": "Returns the latest image that is part of an image family and is not deprecated.",
-     "parameters": {
-      "family": {
-       "type": "string",
-       "description": "Name of the image family to search for.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "family"
-     ],
-     "response": {
-      "$ref": "Image"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.images.insert",
-     "path": "{project}/global/images",
-     "httpMethod": "POST",
-     "description": "Creates an image in the specified project using the data included in the request.",
-     "parameters": {
-      "forceCreate": {
-       "type": "boolean",
-       "description": "Force image creation if true.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Image"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/devstorage.full_control",
-      "https://www.googleapis.com/auth/devstorage.read_only",
-      "https://www.googleapis.com/auth/devstorage.read_write"
-     ]
-    },
-    "list": {
-     "id": "compute.images.list",
-     "path": "{project}/global/images",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of custom images available to the specified project. Custom images are images you create that belong to your project. This method does not get any images that belong to other projects, including publicly-available images, like Debian 8. If you want to get a list of publicly-available images, use this method to make a request to the respective image project, such as debian-cloud or windows-cloud.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "ImageList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.images.setLabels",
-     "path": "{project}/global/images/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on an image. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "GlobalSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "instanceGroupManagers": {
-   "methods": {
-    "abandonInstances": {
-     "id": "compute.instanceGroupManagers.abandonInstances",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/abandonInstances",
-     "httpMethod": "POST",
-     "description": "Schedules a group action to remove the specified instances from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersAbandonInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "aggregatedList": {
-     "id": "compute.instanceGroupManagers.aggregatedList",
-     "path": "{project}/aggregated/instanceGroupManagers",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of managed instance groups and groups them by zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InstanceGroupManagerAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.instanceGroupManagers.delete",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified managed instance group and all of the instances in that group. Note that the instance group must not belong to a backend service. Read  Deleting an instance group for more information.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group to delete.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "deleteInstances": {
-     "id": "compute.instanceGroupManagers.deleteInstances",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/deleteInstances",
-     "httpMethod": "POST",
-     "description": "Schedules a group action to delete the specified instances in the managed instance group. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersDeleteInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.instanceGroupManagers.get",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "GET",
-     "description": "Returns all of the details about the specified managed instance group. Get a list of available managed instance groups by making a list() request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "InstanceGroupManager"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.instanceGroupManagers.insert",
-     "path": "{project}/zones/{zone}/instanceGroupManagers",
-     "httpMethod": "POST",
-     "description": "Creates a managed instance group using the information that you specify in the request. After the group is created, it schedules an action to create instances in the group using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.\n\nA managed instance group can have up to 1000 VM instances per group. Please contact Cloud Support if you need an increase in this limit.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where you want to create the managed instance group.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManager"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.instanceGroupManagers.list",
-     "path": "{project}/zones/{zone}/instanceGroupManagers",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of managed instance groups that are contained within the specified project and zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "InstanceGroupManagerList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listManagedInstances": {
-     "id": "compute.instanceGroupManagers.listManagedInstances",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/listManagedInstances",
-     "httpMethod": "POST",
-     "description": "Lists all of the instances in the managed instance group. Each instance in the list has a currentAction, which indicates the action that the managed instance group is performing on the instance. For example, if the group is still creating an instance, the currentAction is CREATING. If a previous action failed, the list displays the errors for that failed action.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "location": "query"
-      },
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "maxResults": {
-       "type": "integer",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "order_by": {
-       "type": "string",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "InstanceGroupManagersListManagedInstancesResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "recreateInstances": {
-     "id": "compute.instanceGroupManagers.recreateInstances",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/recreateInstances",
-     "httpMethod": "POST",
-     "description": "Schedules a group action to recreate the specified instances in the managed instance group. The instances are deleted and recreated using the current instance template for the managed instance group. This operation is marked as DONE when the action is scheduled even if the instances have not yet been recreated. You must separately verify the status of the recreating action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersRecreateInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "resize": {
-     "id": "compute.instanceGroupManagers.resize",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/resize",
-     "httpMethod": "POST",
-     "description": "Resizes the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "size": {
-       "type": "integer",
-       "description": "The number of running instances that the managed instance group should maintain at any given time. The group automatically adds or removes instances to maintain the number of instances specified by this parameter.",
-       "required": true,
-       "format": "int32",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager",
-      "size"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setInstanceTemplate": {
-     "id": "compute.instanceGroupManagers.setInstanceTemplate",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/setInstanceTemplate",
-     "httpMethod": "POST",
-     "description": "Specifies the instance template to use when creating new instances in this group. The templates for existing instances in the group do not change unless you recreate them.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersSetInstanceTemplateRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setTargetPools": {
-     "id": "compute.instanceGroupManagers.setTargetPools",
-     "path": "{project}/zones/{zone}/instanceGroupManagers/{instanceGroupManager}/setTargetPools",
-     "httpMethod": "POST",
-     "description": "Modifies the target pools to which all instances in this managed instance group are assigned. The target pools automatically apply to all of the instances in the managed instance group. This operation is marked DONE when you make the request even if the instances have not yet been added to their target pools. The change might take some time to apply to all of the instances in the group depending on the size of the group.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the managed instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManagersSetTargetPoolsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "instanceGroups": {
-   "methods": {
-    "addInstances": {
-     "id": "compute.instanceGroups.addInstances",
-     "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/addInstances",
-     "httpMethod": "POST",
-     "description": "Adds a list of instances to the specified instance group. All of the instances in the instance group must be in the same network/subnetwork. Read  Adding instances for more information.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the instance group where you are adding instances.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroup"
-     ],
-     "request": {
-      "$ref": "InstanceGroupsAddInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "aggregatedList": {
-     "id": "compute.instanceGroups.aggregatedList",
-     "path": "{project}/aggregated/instanceGroups",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of instance groups and sorts them by zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InstanceGroupAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.instanceGroups.delete",
-     "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified instance group. The instances in the group are not deleted. Note that instance group must not belong to a backend service. Read  Deleting an instance group for more information.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the instance group to delete.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroup"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.instanceGroups.get",
-     "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}",
-     "httpMethod": "GET",
-     "description": "Returns the specified instance group. Get a list of available instance groups by making a list() request.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroup"
-     ],
-     "response": {
-      "$ref": "InstanceGroup"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.instanceGroups.insert",
-     "path": "{project}/zones/{zone}/instanceGroups",
-     "httpMethod": "POST",
-     "description": "Creates an instance group in the specified project using the parameters that are included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where you want to create the instance group.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "InstanceGroup"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.instanceGroups.list",
-     "path": "{project}/zones/{zone}/instanceGroups",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of instance groups that are located in the specified project and zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "InstanceGroupList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listInstances": {
-     "id": "compute.instanceGroups.listInstances",
-     "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/listInstances",
-     "httpMethod": "POST",
-     "description": "Lists the instances in the specified instance group.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the instance group from which you want to generate a list of included instances.",
-       "required": true,
-       "location": "path"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroup"
-     ],
-     "request": {
-      "$ref": "InstanceGroupsListInstancesRequest"
-     },
-     "response": {
-      "$ref": "InstanceGroupsListInstances"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "removeInstances": {
-     "id": "compute.instanceGroups.removeInstances",
-     "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/removeInstances",
-     "httpMethod": "POST",
-     "description": "Removes one or more instances from the specified instance group, but does not delete those instances.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration before the VM instance is removed or deleted.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the instance group where the specified instances will be removed.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroup"
-     ],
-     "request": {
-      "$ref": "InstanceGroupsRemoveInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setNamedPorts": {
-     "id": "compute.instanceGroups.setNamedPorts",
-     "path": "{project}/zones/{zone}/instanceGroups/{instanceGroup}/setNamedPorts",
-     "httpMethod": "POST",
-     "description": "Sets the named ports for the specified instance group.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the instance group where the named ports are updated.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone where the instance group is located.",
-       "required": true,
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instanceGroup"
-     ],
-     "request": {
-      "$ref": "InstanceGroupsSetNamedPortsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "instanceTemplates": {
-   "methods": {
-    "delete": {
-     "id": "compute.instanceTemplates.delete",
-     "path": "{project}/global/instanceTemplates/{instanceTemplate}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified instance template. If you delete an instance template that is being referenced from another instance group, the instance group will not be able to create or recreate virtual machine instances. Deleting an instance template is permanent and cannot be undone.",
-     "parameters": {
-      "instanceTemplate": {
-       "type": "string",
-       "description": "The name of the instance template to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "instanceTemplate"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.instanceTemplates.get",
-     "path": "{project}/global/instanceTemplates/{instanceTemplate}",
-     "httpMethod": "GET",
-     "description": "Returns the specified instance template. Get a list of available instance templates by making a list() request.",
-     "parameters": {
-      "instanceTemplate": {
-       "type": "string",
-       "description": "The name of the instance template.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "instanceTemplate"
-     ],
-     "response": {
-      "$ref": "InstanceTemplate"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.instanceTemplates.insert",
-     "path": "{project}/global/instanceTemplates",
-     "httpMethod": "POST",
-     "description": "Creates an instance template in the specified project using the data that is included in the request. If you are creating a new template to update an existing instance group, your new instance template must use the same network or, if applicable, the same subnetwork as the original template.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "InstanceTemplate"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.instanceTemplates.list",
-     "path": "{project}/global/instanceTemplates",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of instance templates that are contained within the specified project and zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InstanceTemplateList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "instances": {
-   "methods": {
-    "addAccessConfig": {
-     "id": "compute.instances.addAccessConfig",
-     "path": "{project}/zones/{zone}/instances/{instance}/addAccessConfig",
-     "httpMethod": "POST",
-     "description": "Adds an access config to an instance's network interface.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "The instance name for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "networkInterface": {
-       "type": "string",
-       "description": "The name of the network interface to add to this instance.",
-       "required": true,
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance",
-      "networkInterface"
-     ],
-     "request": {
-      "$ref": "AccessConfig"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "aggregatedList": {
-     "id": "compute.instances.aggregatedList",
-     "path": "{project}/aggregated/instances",
-     "httpMethod": "GET",
-     "description": "Retrieves aggregated list of instances.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InstanceAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "attachDisk": {
-     "id": "compute.instances.attachDisk",
-     "path": "{project}/zones/{zone}/instances/{instance}/attachDisk",
-     "httpMethod": "POST",
-     "description": "Attaches an existing Disk resource to an instance. You must first create the disk before you can attach it. It is not possible to create and attach a disk at the same time. For more information, read Adding a persistent disk to your instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "The instance name for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "AttachedDisk"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "delete": {
-     "id": "compute.instances.delete",
-     "path": "{project}/zones/{zone}/instances/{instance}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified Instance resource. For more information, see Stopping or Deleting an Instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "deleteAccessConfig": {
-     "id": "compute.instances.deleteAccessConfig",
-     "path": "{project}/zones/{zone}/instances/{instance}/deleteAccessConfig",
-     "httpMethod": "POST",
-     "description": "Deletes an access config from an instance's network interface.",
-     "parameters": {
-      "accessConfig": {
-       "type": "string",
-       "description": "The name of the access config to delete.",
-       "required": true,
-       "location": "query"
-      },
-      "instance": {
-       "type": "string",
-       "description": "The instance name for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "networkInterface": {
-       "type": "string",
-       "description": "The name of the network interface.",
-       "required": true,
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance",
-      "accessConfig",
-      "networkInterface"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "detachDisk": {
-     "id": "compute.instances.detachDisk",
-     "path": "{project}/zones/{zone}/instances/{instance}/detachDisk",
-     "httpMethod": "POST",
-     "description": "Detaches a disk from an instance.",
-     "parameters": {
-      "deviceName": {
-       "type": "string",
-       "description": "Disk device name to detach.",
-       "required": true,
-       "location": "query"
-      },
-      "instance": {
-       "type": "string",
-       "description": "Instance name.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance",
-      "deviceName"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.instances.get",
-     "path": "{project}/zones/{zone}/instances/{instance}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Instance resource. Get a list of available instances by making a list() request.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "Instance"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getSerialPortOutput": {
-     "id": "compute.instances.getSerialPortOutput",
-     "path": "{project}/zones/{zone}/instances/{instance}/serialPort",
-     "httpMethod": "GET",
-     "description": "Returns the specified instance's serial port output.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "port": {
-       "type": "integer",
-       "description": "Specifies which COM or serial port to retrieve data from.",
-       "default": "1",
-       "format": "int32",
-       "minimum": "1",
-       "maximum": "4",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "start": {
-       "type": "string",
-       "description": "Returns output starting from a specific byte position. Use this to page through output when the output is too large to return in a single request. For the initial request, leave this field unspecified. For subsequent calls, this field should be set to the next value returned in the previous call.",
-       "format": "int64",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "SerialPortOutput"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.instances.insert",
-     "path": "{project}/zones/{zone}/instances",
-     "httpMethod": "POST",
-     "description": "Creates an instance resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "Instance"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.instances.list",
-     "path": "{project}/zones/{zone}/instances",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of instances contained within the specified zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "InstanceList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "reset": {
-     "id": "compute.instances.reset",
-     "path": "{project}/zones/{zone}/instances/{instance}/reset",
-     "httpMethod": "POST",
-     "description": "Performs a reset on the instance. For more information, see Resetting an instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setDeletionProtection": {
-     "id": "compute.instances.setDeletionProtection",
-     "path": "{project}/zones/{zone}/instances/{resource}/setDeletionProtection",
-     "httpMethod": "POST",
-     "description": "Sets deletion protection on the instance.",
-     "parameters": {
-      "deletionProtection": {
-       "type": "boolean",
-       "description": "Whether the resource should be protected against deletion.",
-       "default": "true",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "resource"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setDiskAutoDelete": {
-     "id": "compute.instances.setDiskAutoDelete",
-     "path": "{project}/zones/{zone}/instances/{instance}/setDiskAutoDelete",
-     "httpMethod": "POST",
-     "description": "Sets the auto-delete flag for a disk attached to an instance.",
-     "parameters": {
-      "autoDelete": {
-       "type": "boolean",
-       "description": "Whether to auto-delete the disk when the instance is deleted.",
-       "required": true,
-       "location": "query"
-      },
-      "deviceName": {
-       "type": "string",
-       "description": "The device name of the disk to modify.",
-       "required": true,
-       "pattern": "\\w[\\w.-]{0,254}",
-       "location": "query"
-      },
-      "instance": {
-       "type": "string",
-       "description": "The instance name.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance",
-      "autoDelete",
-      "deviceName"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.instances.setLabels",
-     "path": "{project}/zones/{zone}/instances/{instance}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets labels on an instance. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setMachineResources": {
-     "id": "compute.instances.setMachineResources",
-     "path": "{project}/zones/{zone}/instances/{instance}/setMachineResources",
-     "httpMethod": "POST",
-     "description": "Changes the number and/or type of accelerator for a stopped instance to the values specified in the request.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesSetMachineResourcesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setMachineType": {
-     "id": "compute.instances.setMachineType",
-     "path": "{project}/zones/{zone}/instances/{instance}/setMachineType",
-     "httpMethod": "POST",
-     "description": "Changes the machine type for a stopped instance to the machine type specified in the request.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesSetMachineTypeRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setMetadata": {
-     "id": "compute.instances.setMetadata",
-     "path": "{project}/zones/{zone}/instances/{instance}/setMetadata",
-     "httpMethod": "POST",
-     "description": "Sets metadata for the specified instance to the data included in the request.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "Metadata"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setMinCpuPlatform": {
-     "id": "compute.instances.setMinCpuPlatform",
-     "path": "{project}/zones/{zone}/instances/{instance}/setMinCpuPlatform",
-     "httpMethod": "POST",
-     "description": "Changes the minimum CPU platform that this instance should use. This method can only be called on a stopped instance. For more information, read Specifying a Minimum CPU Platform.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesSetMinCpuPlatformRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setScheduling": {
-     "id": "compute.instances.setScheduling",
-     "path": "{project}/zones/{zone}/instances/{instance}/setScheduling",
-     "httpMethod": "POST",
-     "description": "Sets an instance's scheduling options.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Instance name.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "Scheduling"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setServiceAccount": {
-     "id": "compute.instances.setServiceAccount",
-     "path": "{project}/zones/{zone}/instances/{instance}/setServiceAccount",
-     "httpMethod": "POST",
-     "description": "Sets the service account on the instance. For more information, read Changing the service account and access scopes for an instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to start.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesSetServiceAccountRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setTags": {
-     "id": "compute.instances.setTags",
-     "path": "{project}/zones/{zone}/instances/{instance}/setTags",
-     "httpMethod": "POST",
-     "description": "Sets tags for the specified instance to the data included in the request.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "Tags"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "start": {
-     "id": "compute.instances.start",
-     "path": "{project}/zones/{zone}/instances/{instance}/start",
-     "httpMethod": "POST",
-     "description": "Starts an instance that was stopped using the using the instances().stop method. For more information, see Restart an instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to start.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "startWithEncryptionKey": {
-     "id": "compute.instances.startWithEncryptionKey",
-     "path": "{project}/zones/{zone}/instances/{instance}/startWithEncryptionKey",
-     "httpMethod": "POST",
-     "description": "Starts an instance that was stopped using the using the instances().stop method. For more information, see Restart an instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to start.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "request": {
-      "$ref": "InstancesStartWithEncryptionKeyRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "stop": {
-     "id": "compute.instances.stop",
-     "path": "{project}/zones/{zone}/instances/{instance}/stop",
-     "httpMethod": "POST",
-     "description": "Stops a running instance, shutting it down cleanly, and allows you to restart the instance at a later time. Stopped instances do not incur VM usage charges while they are stopped. However, resources that the VM is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted. For more information, see Stopping an instance.",
-     "parameters": {
-      "instance": {
-       "type": "string",
-       "description": "Name of the instance resource to stop.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "instance"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "interconnectAttachments": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.interconnectAttachments.aggregatedList",
-     "path": "{project}/aggregated/interconnectAttachments",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of interconnect attachments.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InterconnectAttachmentAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.interconnectAttachments.delete",
-     "path": "{project}/regions/{region}/interconnectAttachments/{interconnectAttachment}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified interconnect attachment.",
-     "parameters": {
-      "interconnectAttachment": {
-       "type": "string",
-       "description": "Name of the interconnect attachment to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "interconnectAttachment"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.interconnectAttachments.get",
-     "path": "{project}/regions/{region}/interconnectAttachments/{interconnectAttachment}",
-     "httpMethod": "GET",
-     "description": "Returns the specified interconnect attachment.",
-     "parameters": {
-      "interconnectAttachment": {
-       "type": "string",
-       "description": "Name of the interconnect attachment to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "interconnectAttachment"
-     ],
-     "response": {
-      "$ref": "InterconnectAttachment"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.interconnectAttachments.insert",
-     "path": "{project}/regions/{region}/interconnectAttachments",
-     "httpMethod": "POST",
-     "description": "Creates an InterconnectAttachment in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "InterconnectAttachment"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.interconnectAttachments.list",
-     "path": "{project}/regions/{region}/interconnectAttachments",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of interconnect attachments contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "InterconnectAttachmentList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "interconnectLocations": {
-   "methods": {
-    "get": {
-     "id": "compute.interconnectLocations.get",
-     "path": "{project}/global/interconnectLocations/{interconnectLocation}",
-     "httpMethod": "GET",
-     "description": "Returns the details for the specified interconnect location. Get a list of available interconnect locations by making a list() request.",
-     "parameters": {
-      "interconnectLocation": {
-       "type": "string",
-       "description": "Name of the interconnect location to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "interconnectLocation"
-     ],
-     "response": {
-      "$ref": "InterconnectLocation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.interconnectLocations.list",
-     "path": "{project}/global/interconnectLocations",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of interconnect locations available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InterconnectLocationList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "interconnects": {
-   "methods": {
-    "delete": {
-     "id": "compute.interconnects.delete",
-     "path": "{project}/global/interconnects/{interconnect}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified interconnect.",
-     "parameters": {
-      "interconnect": {
-       "type": "string",
-       "description": "Name of the interconnect to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "interconnect"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.interconnects.get",
-     "path": "{project}/global/interconnects/{interconnect}",
-     "httpMethod": "GET",
-     "description": "Returns the specified interconnect. Get a list of available interconnects by making a list() request.",
-     "parameters": {
-      "interconnect": {
-       "type": "string",
-       "description": "Name of the interconnect to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "interconnect"
-     ],
-     "response": {
-      "$ref": "Interconnect"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.interconnects.insert",
-     "path": "{project}/global/interconnects",
-     "httpMethod": "POST",
-     "description": "Creates a Interconnect in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Interconnect"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.interconnects.list",
-     "path": "{project}/global/interconnects",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of interconnect available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "InterconnectList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.interconnects.patch",
-     "path": "{project}/global/interconnects/{interconnect}",
-     "httpMethod": "PATCH",
-     "description": "Updates the specified interconnect with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "interconnect": {
-       "type": "string",
-       "description": "Name of the interconnect to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "interconnect"
-     ],
-     "request": {
-      "$ref": "Interconnect"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "licenses": {
-   "methods": {
-    "get": {
-     "id": "compute.licenses.get",
-     "path": "{project}/global/licenses/{license}",
-     "httpMethod": "GET",
-     "description": "Returns the specified License resource.",
-     "parameters": {
-      "license": {
-       "type": "string",
-       "description": "Name of the License resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "license"
-     ],
-     "response": {
-      "$ref": "License"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "machineTypes": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.machineTypes.aggregatedList",
-     "path": "{project}/aggregated/machineTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of machine types.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "MachineTypeAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "get": {
-     "id": "compute.machineTypes.get",
-     "path": "{project}/zones/{zone}/machineTypes/{machineType}",
-     "httpMethod": "GET",
-     "description": "Returns the specified machine type. Get a list of available machine types by making a list() request.",
-     "parameters": {
-      "machineType": {
-       "type": "string",
-       "description": "Name of the machine type to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "machineType"
-     ],
-     "response": {
-      "$ref": "MachineType"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.machineTypes.list",
-     "path": "{project}/zones/{zone}/machineTypes",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of machine types available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "zone": {
-       "type": "string",
-       "description": "The name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "MachineTypeList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "networks": {
-   "methods": {
-    "addPeering": {
-     "id": "compute.networks.addPeering",
-     "path": "{project}/global/networks/{network}/addPeering",
-     "httpMethod": "POST",
-     "description": "Adds a peering to the specified network.",
-     "parameters": {
-      "network": {
-       "type": "string",
-       "description": "Name of the network resource to add peering to.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "network"
-     ],
-     "request": {
-      "$ref": "NetworksAddPeeringRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "delete": {
-     "id": "compute.networks.delete",
-     "path": "{project}/global/networks/{network}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified network.",
-     "parameters": {
-      "network": {
-       "type": "string",
-       "description": "Name of the network to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "network"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.networks.get",
-     "path": "{project}/global/networks/{network}",
-     "httpMethod": "GET",
-     "description": "Returns the specified network. Get a list of available networks by making a list() request.",
-     "parameters": {
-      "network": {
-       "type": "string",
-       "description": "Name of the network to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "network"
-     ],
-     "response": {
-      "$ref": "Network"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.networks.insert",
-     "path": "{project}/global/networks",
-     "httpMethod": "POST",
-     "description": "Creates a network in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Network"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.networks.list",
-     "path": "{project}/global/networks",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of networks available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "NetworkList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.networks.patch",
-     "path": "{project}/global/networks/{network}",
-     "httpMethod": "PATCH",
-     "description": "Patches the specified network with the data included in the request. Only the following fields can be modified: routingConfig.routingMode.",
-     "parameters": {
-      "network": {
-       "type": "string",
-       "description": "Name of the network to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "network"
-     ],
-     "request": {
-      "$ref": "Network"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "removePeering": {
-     "id": "compute.networks.removePeering",
-     "path": "{project}/global/networks/{network}/removePeering",
-     "httpMethod": "POST",
-     "description": "Removes a peering from the specified network.",
-     "parameters": {
-      "network": {
-       "type": "string",
-       "description": "Name of the network resource to remove peering from.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "network"
-     ],
-     "request": {
-      "$ref": "NetworksRemovePeeringRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "switchToCustomMode": {
-     "id": "compute.networks.switchToCustomMode",
-     "path": "{project}/global/networks/{network}/switchToCustomMode",
-     "httpMethod": "POST",
-     "description": "Switches the network mode from auto subnet mode to custom subnet mode.",
-     "parameters": {
-      "network": {
-       "type": "string",
-       "description": "Name of the network to be updated.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "network"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "projects": {
-   "methods": {
-    "disableXpnHost": {
-     "id": "compute.projects.disableXpnHost",
-     "path": "{project}/disableXpnHost",
-     "httpMethod": "POST",
-     "description": "Disable this project as a shared VPC host project.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "disableXpnResource": {
-     "id": "compute.projects.disableXpnResource",
-     "path": "{project}/disableXpnResource",
-     "httpMethod": "POST",
-     "description": "Disable a serivce resource (a.k.a service project) associated with this host project.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "ProjectsDisableXpnResourceRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "enableXpnHost": {
-     "id": "compute.projects.enableXpnHost",
-     "path": "{project}/enableXpnHost",
-     "httpMethod": "POST",
-     "description": "Enable this project as a shared VPC host project.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "enableXpnResource": {
-     "id": "compute.projects.enableXpnResource",
-     "path": "{project}/enableXpnResource",
-     "httpMethod": "POST",
-     "description": "Enable service resource (a.k.a service project) for a host project, so that subnets in the host project can be used by instances in the service project.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "ProjectsEnableXpnResourceRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.projects.get",
-     "path": "{project}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Project resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "Project"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getXpnHost": {
-     "id": "compute.projects.getXpnHost",
-     "path": "{project}/getXpnHost",
-     "httpMethod": "GET",
-     "description": "Get the shared VPC host project that this project links to. May be empty if no link exists.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "Project"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "getXpnResources": {
-     "id": "compute.projects.getXpnResources",
-     "path": "{project}/getXpnResources",
-     "httpMethod": "GET",
-     "description": "Get service resources (a.k.a service project) associated with this host project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "order_by": {
-       "type": "string",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "ProjectsGetXpnResources"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "listXpnHosts": {
-     "id": "compute.projects.listXpnHosts",
-     "path": "{project}/listXpnHosts",
-     "httpMethod": "POST",
-     "description": "List all shared VPC host projects visible to the user in an organization.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "order_by": {
-       "type": "string",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "ProjectsListXpnHostsRequest"
-     },
-     "response": {
-      "$ref": "XpnHostList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "moveDisk": {
-     "id": "compute.projects.moveDisk",
-     "path": "{project}/moveDisk",
-     "httpMethod": "POST",
-     "description": "Moves a persistent disk from one zone to another.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "DiskMoveRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "moveInstance": {
-     "id": "compute.projects.moveInstance",
-     "path": "{project}/moveInstance",
-     "httpMethod": "POST",
-     "description": "Moves an instance and its attached persistent disks from one zone to another.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "InstanceMoveRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setCommonInstanceMetadata": {
-     "id": "compute.projects.setCommonInstanceMetadata",
-     "path": "{project}/setCommonInstanceMetadata",
-     "httpMethod": "POST",
-     "description": "Sets metadata common to all instances within the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Metadata"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setUsageExportBucket": {
-     "id": "compute.projects.setUsageExportBucket",
-     "path": "{project}/setUsageExportBucket",
-     "httpMethod": "POST",
-     "description": "Enables the usage export feature and sets the usage export bucket where reports are stored. If you provide an empty request body using this method, the usage export feature will be disabled.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "UsageExportLocation"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/devstorage.full_control",
-      "https://www.googleapis.com/auth/devstorage.read_only",
-      "https://www.googleapis.com/auth/devstorage.read_write"
-     ]
-    }
-   }
-  },
-  "regionAutoscalers": {
-   "methods": {
-    "delete": {
-     "id": "compute.regionAutoscalers.delete",
-     "path": "{project}/regions/{region}/autoscalers/{autoscaler}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified autoscaler.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "autoscaler"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.regionAutoscalers.get",
-     "path": "{project}/regions/{region}/autoscalers/{autoscaler}",
-     "httpMethod": "GET",
-     "description": "Returns the specified autoscaler.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "autoscaler"
-     ],
-     "response": {
-      "$ref": "Autoscaler"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.regionAutoscalers.insert",
-     "path": "{project}/regions/{region}/autoscalers",
-     "httpMethod": "POST",
-     "description": "Creates an autoscaler in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Autoscaler"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.regionAutoscalers.list",
-     "path": "{project}/regions/{region}/autoscalers",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of autoscalers contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "RegionAutoscalerList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.regionAutoscalers.patch",
-     "path": "{project}/regions/{region}/autoscalers",
-     "httpMethod": "PATCH",
-     "description": "Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to patch.",
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Autoscaler"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "update": {
-     "id": "compute.regionAutoscalers.update",
-     "path": "{project}/regions/{region}/autoscalers",
-     "httpMethod": "PUT",
-     "description": "Updates an autoscaler in the specified project using the data included in the request.",
-     "parameters": {
-      "autoscaler": {
-       "type": "string",
-       "description": "Name of the autoscaler to update.",
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+    },
+    "machineTypes": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of machine types.",
+          "httpMethod": "GET",
+          "id": "compute.machineTypes.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/machineTypes",
+          "response": {
+            "$ref": "MachineTypeAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified machine type. Get a list of available machine types by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.machineTypes.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "machineType"
+          ],
+          "parameters": {
+            "machineType": {
+              "description": "Name of the machine type to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/machineTypes/{machineType}",
+          "response": {
+            "$ref": "MachineType"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of machine types available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.machineTypes.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "The name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/machineTypes",
+          "response": {
+            "$ref": "MachineTypeList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Autoscaler"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "regionBackendServices": {
-   "methods": {
-    "delete": {
-     "id": "compute.regionBackendServices.delete",
-     "path": "{project}/regions/{region}/backendServices/{backendService}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified regional BackendService resource.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+    },
+    "networks": {
+      "methods": {
+        "addPeering": {
+          "description": "Adds a peering to the specified network.",
+          "httpMethod": "POST",
+          "id": "compute.networks.addPeering",
+          "parameterOrder": [
+            "project",
+            "network"
+          ],
+          "parameters": {
+            "network": {
+              "description": "Name of the network resource to add peering to.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{network}/addPeering",
+          "request": {
+            "$ref": "NetworksAddPeeringRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified network.",
+          "httpMethod": "DELETE",
+          "id": "compute.networks.delete",
+          "parameterOrder": [
+            "project",
+            "network"
+          ],
+          "parameters": {
+            "network": {
+              "description": "Name of the network to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{network}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified network. Get a list of available networks by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.networks.get",
+          "parameterOrder": [
+            "project",
+            "network"
+          ],
+          "parameters": {
+            "network": {
+              "description": "Name of the network to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{network}",
+          "response": {
+            "$ref": "Network"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a network in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.networks.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks",
+          "request": {
+            "$ref": "Network"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of networks available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.networks.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks",
+          "response": {
+            "$ref": "NetworkList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Patches the specified network with the data included in the request. Only the following fields can be modified: routingConfig.routingMode.",
+          "httpMethod": "PATCH",
+          "id": "compute.networks.patch",
+          "parameterOrder": [
+            "project",
+            "network"
+          ],
+          "parameters": {
+            "network": {
+              "description": "Name of the network to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{network}",
+          "request": {
+            "$ref": "Network"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "removePeering": {
+          "description": "Removes a peering from the specified network.",
+          "httpMethod": "POST",
+          "id": "compute.networks.removePeering",
+          "parameterOrder": [
+            "project",
+            "network"
+          ],
+          "parameters": {
+            "network": {
+              "description": "Name of the network resource to remove peering from.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{network}/removePeering",
+          "request": {
+            "$ref": "NetworksRemovePeeringRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "switchToCustomMode": {
+          "description": "Switches the network mode from auto subnet mode to custom subnet mode.",
+          "httpMethod": "POST",
+          "id": "compute.networks.switchToCustomMode",
+          "parameterOrder": [
+            "project",
+            "network"
+          ],
+          "parameters": {
+            "network": {
+              "description": "Name of the network to be updated.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/networks/{network}/switchToCustomMode",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "backendService"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.regionBackendServices.get",
-     "path": "{project}/regions/{region}/backendServices/{backendService}",
-     "httpMethod": "GET",
-     "description": "Returns the specified regional BackendService resource.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+    },
+    "projects": {
+      "methods": {
+        "disableXpnHost": {
+          "description": "Disable this project as a shared VPC host project.",
+          "httpMethod": "POST",
+          "id": "compute.projects.disableXpnHost",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/disableXpnHost",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "disableXpnResource": {
+          "description": "Disable a serivce resource (a.k.a service project) associated with this host project.",
+          "httpMethod": "POST",
+          "id": "compute.projects.disableXpnResource",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/disableXpnResource",
+          "request": {
+            "$ref": "ProjectsDisableXpnResourceRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "enableXpnHost": {
+          "description": "Enable this project as a shared VPC host project.",
+          "httpMethod": "POST",
+          "id": "compute.projects.enableXpnHost",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/enableXpnHost",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "enableXpnResource": {
+          "description": "Enable service resource (a.k.a service project) for a host project, so that subnets in the host project can be used by instances in the service project.",
+          "httpMethod": "POST",
+          "id": "compute.projects.enableXpnResource",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/enableXpnResource",
+          "request": {
+            "$ref": "ProjectsEnableXpnResourceRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified Project resource.",
+          "httpMethod": "GET",
+          "id": "compute.projects.get",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}",
+          "response": {
+            "$ref": "Project"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getXpnHost": {
+          "description": "Get the shared VPC host project that this project links to. May be empty if no link exists.",
+          "httpMethod": "GET",
+          "id": "compute.projects.getXpnHost",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/getXpnHost",
+          "response": {
+            "$ref": "Project"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "getXpnResources": {
+          "description": "Get service resources (a.k.a service project) associated with this host project.",
+          "httpMethod": "GET",
+          "id": "compute.projects.getXpnResources",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "order_by": {
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/getXpnResources",
+          "response": {
+            "$ref": "ProjectsGetXpnResources"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "listXpnHosts": {
+          "description": "List all shared VPC host projects visible to the user in an organization.",
+          "httpMethod": "POST",
+          "id": "compute.projects.listXpnHosts",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "order_by": {
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/listXpnHosts",
+          "request": {
+            "$ref": "ProjectsListXpnHostsRequest"
+          },
+          "response": {
+            "$ref": "XpnHostList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "moveDisk": {
+          "description": "Moves a persistent disk from one zone to another.",
+          "httpMethod": "POST",
+          "id": "compute.projects.moveDisk",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/moveDisk",
+          "request": {
+            "$ref": "DiskMoveRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "moveInstance": {
+          "description": "Moves an instance and its attached persistent disks from one zone to another.",
+          "httpMethod": "POST",
+          "id": "compute.projects.moveInstance",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/moveInstance",
+          "request": {
+            "$ref": "InstanceMoveRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setCommonInstanceMetadata": {
+          "description": "Sets metadata common to all instances within the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.projects.setCommonInstanceMetadata",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/setCommonInstanceMetadata",
+          "request": {
+            "$ref": "Metadata"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setUsageExportBucket": {
+          "description": "Enables the usage export feature and sets the usage export bucket where reports are stored. If you provide an empty request body using this method, the usage export feature will be disabled.",
+          "httpMethod": "POST",
+          "id": "compute.projects.setUsageExportBucket",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/setUsageExportBucket",
+          "request": {
+            "$ref": "UsageExportLocation"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/devstorage.full_control",
+            "https://www.googleapis.com/auth/devstorage.read_only",
+            "https://www.googleapis.com/auth/devstorage.read_write"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "backendService"
-     ],
-     "response": {
-      "$ref": "BackendService"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getHealth": {
-     "id": "compute.regionBackendServices.getHealth",
-     "path": "{project}/regions/{region}/backendServices/{backendService}/getHealth",
-     "httpMethod": "POST",
-     "description": "Gets the most recent health check results for this regional BackendService.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to which the queried instance belongs.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+    },
+    "regionAutoscalers": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified autoscaler.",
+          "httpMethod": "DELETE",
+          "id": "compute.regionAutoscalers.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "autoscaler"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers/{autoscaler}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified autoscaler.",
+          "httpMethod": "GET",
+          "id": "compute.regionAutoscalers.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "autoscaler"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers/{autoscaler}",
+          "response": {
+            "$ref": "Autoscaler"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates an autoscaler in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.regionAutoscalers.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers",
+          "request": {
+            "$ref": "Autoscaler"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of autoscalers contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.regionAutoscalers.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers",
+          "response": {
+            "$ref": "RegionAutoscalerList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates an autoscaler in the specified project using the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.regionAutoscalers.patch",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to patch.",
+              "location": "query",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers",
+          "request": {
+            "$ref": "Autoscaler"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "update": {
+          "description": "Updates an autoscaler in the specified project using the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.regionAutoscalers.update",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "autoscaler": {
+              "description": "Name of the autoscaler to update.",
+              "location": "query",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/autoscalers",
+          "request": {
+            "$ref": "Autoscaler"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "ResourceGroupReference"
-     },
-     "response": {
-      "$ref": "BackendServiceGroupHealth"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.regionBackendServices.insert",
-     "path": "{project}/regions/{region}/backendServices",
-     "httpMethod": "POST",
-     "description": "Creates a regional BackendService resource in the specified project using the data included in the request. There are several restrictions and guidelines to keep in mind when creating a regional backend service. Read  Restrictions and Guidelines for more information.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+    },
+    "regionBackendServices": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified regional BackendService resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.regionBackendServices.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices/{backendService}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified regional BackendService resource.",
+          "httpMethod": "GET",
+          "id": "compute.regionBackendServices.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices/{backendService}",
+          "response": {
+            "$ref": "BackendService"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getHealth": {
+          "description": "Gets the most recent health check results for this regional BackendService.",
+          "httpMethod": "POST",
+          "id": "compute.regionBackendServices.getHealth",
+          "parameterOrder": [
+            "project",
+            "region",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource for which to get health.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices/{backendService}/getHealth",
+          "request": {
+            "$ref": "ResourceGroupReference"
+          },
+          "response": {
+            "$ref": "BackendServiceGroupHealth"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a regional BackendService resource in the specified project using the data included in the request. There are several restrictions and guidelines to keep in mind when creating a regional backend service. Read  Restrictions and Guidelines for more information.",
+          "httpMethod": "POST",
+          "id": "compute.regionBackendServices.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices",
+          "request": {
+            "$ref": "BackendService"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of regional BackendService resources available to the specified project in the given region.",
+          "httpMethod": "GET",
+          "id": "compute.regionBackendServices.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices",
+          "response": {
+            "$ref": "BackendServiceList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Updates the specified regional BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.regionBackendServices.patch",
+          "parameterOrder": [
+            "project",
+            "region",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices/{backendService}",
+          "request": {
+            "$ref": "BackendService"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "update": {
+          "description": "Updates the specified regional BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information.",
+          "httpMethod": "PUT",
+          "id": "compute.regionBackendServices.update",
+          "parameterOrder": [
+            "project",
+            "region",
+            "backendService"
+          ],
+          "parameters": {
+            "backendService": {
+              "description": "Name of the BackendService resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/backendServices/{backendService}",
+          "request": {
+            "$ref": "BackendService"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "BackendService"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.regionBackendServices.list",
-     "path": "{project}/regions/{region}/backendServices",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of regional BackendService resources available to the specified project in the given region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+    },
+    "regionCommitments": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of commitments.",
+          "httpMethod": "GET",
+          "id": "compute.regionCommitments.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/commitments",
+          "response": {
+            "$ref": "CommitmentAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified commitment resource. Get a list of available commitments by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.regionCommitments.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "commitment"
+          ],
+          "parameters": {
+            "commitment": {
+              "description": "Name of the commitment to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/commitments/{commitment}",
+          "response": {
+            "$ref": "Commitment"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a commitment in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.regionCommitments.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/commitments",
+          "request": {
+            "$ref": "Commitment"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of commitments contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.regionCommitments.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/commitments",
+          "response": {
+            "$ref": "CommitmentList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "BackendServiceList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.regionBackendServices.patch",
-     "path": "{project}/regions/{region}/backendServices/{backendService}",
-     "httpMethod": "PATCH",
-     "description": "Updates the specified regional BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+    },
+    "regionInstanceGroupManagers": {
+      "methods": {
+        "abandonInstances": {
+          "description": "Schedules a group action to remove the specified instances from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.abandonInstances",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/abandonInstances",
+          "request": {
+            "$ref": "RegionInstanceGroupManagersAbandonInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified managed instance group and all of the instances in that group.",
+          "httpMethod": "DELETE",
+          "id": "compute.regionInstanceGroupManagers.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group to delete.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "deleteInstances": {
+          "description": "Schedules a group action to delete the specified instances in the managed instance group. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.deleteInstances",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/deleteInstances",
+          "request": {
+            "$ref": "RegionInstanceGroupManagersDeleteInstancesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns all of the details about the specified managed instance group.",
+          "httpMethod": "GET",
+          "id": "compute.regionInstanceGroupManagers.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group to return.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
+          "response": {
+            "$ref": "InstanceGroupManager"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a managed instance group using the information that you specify in the request. After the group is created, it schedules an action to create instances in the group using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.\n\nA regional managed instance group can contain up to 2000 instances.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers",
+          "request": {
+            "$ref": "InstanceGroupManager"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of managed instance groups that are contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.regionInstanceGroupManagers.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers",
+          "response": {
+            "$ref": "RegionInstanceGroupManagerList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listManagedInstances": {
+          "description": "Lists the instances in the managed instance group and instances that are scheduled to be created. The list includes any current actions that the group has scheduled for its instances.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.listManagedInstances",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "filter": {
+              "location": "query",
+              "type": "string"
+            },
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "order_by": {
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/listManagedInstances",
+          "response": {
+            "$ref": "RegionInstanceGroupManagersListInstancesResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "recreateInstances": {
+          "description": "Schedules a group action to recreate the specified instances in the managed instance group. The instances are deleted and recreated using the current instance template for the managed instance group. This operation is marked as DONE when the action is scheduled even if the instances have not yet been recreated. You must separately verify the status of the recreating action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.recreateInstances",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/recreateInstances",
+          "request": {
+            "$ref": "RegionInstanceGroupManagersRecreateRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "resize": {
+          "description": "Changes the intended size for the managed instance group. If you increase the size, the group schedules actions to create new instances using the current instance template. If you decrease the size, the group schedules delete actions on one or more instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.resize",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager",
+            "size"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "size": {
+              "description": "Number of instances that should exist in this instance group manager.",
+              "format": "int32",
+              "location": "query",
+              "minimum": "0",
+              "required": true,
+              "type": "integer"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/resize",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setInstanceTemplate": {
+          "description": "Sets the instance template to use when creating new instances or recreating instances in this group. Existing instances are not affected.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.setInstanceTemplate",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "The name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/setInstanceTemplate",
+          "request": {
+            "$ref": "RegionInstanceGroupManagersSetTemplateRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setTargetPools": {
+          "description": "Modifies the target pools to which all new instances in this group are assigned. Existing instances in the group are not affected.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroupManagers.setTargetPools",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroupManager"
+          ],
+          "parameters": {
+            "instanceGroupManager": {
+              "description": "Name of the managed instance group.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/setTargetPools",
+          "request": {
+            "$ref": "RegionInstanceGroupManagersSetTargetPoolsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "BackendService"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "update": {
-     "id": "compute.regionBackendServices.update",
-     "path": "{project}/regions/{region}/backendServices/{backendService}",
-     "httpMethod": "PUT",
-     "description": "Updates the specified regional BackendService resource with the data included in the request. There are several restrictions and guidelines to keep in mind when updating a backend service. Read  Restrictions and Guidelines for more information.",
-     "parameters": {
-      "backendService": {
-       "type": "string",
-       "description": "Name of the BackendService resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+    },
+    "regionInstanceGroups": {
+      "methods": {
+        "get": {
+          "description": "Returns the specified instance group resource.",
+          "httpMethod": "GET",
+          "id": "compute.regionInstanceGroups.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "Name of the instance group resource to return.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroups/{instanceGroup}",
+          "response": {
+            "$ref": "InstanceGroup"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of instance group resources contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.regionInstanceGroups.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroups",
+          "response": {
+            "$ref": "RegionInstanceGroupList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "listInstances": {
+          "description": "Lists the instances in the specified instance group and displays information about the named ports. Depending on the specified options, this method can list all instances or only the instances that are running.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroups.listInstances",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "instanceGroup": {
+              "description": "Name of the regional instance group for which we want to list the instances.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroups/{instanceGroup}/listInstances",
+          "request": {
+            "$ref": "RegionInstanceGroupsListInstancesRequest"
+          },
+          "response": {
+            "$ref": "RegionInstanceGroupsListInstances"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setNamedPorts": {
+          "description": "Sets the named ports for the specified regional instance group.",
+          "httpMethod": "POST",
+          "id": "compute.regionInstanceGroups.setNamedPorts",
+          "parameterOrder": [
+            "project",
+            "region",
+            "instanceGroup"
+          ],
+          "parameters": {
+            "instanceGroup": {
+              "description": "The name of the regional instance group where the named ports are updated.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/instanceGroups/{instanceGroup}/setNamedPorts",
+          "request": {
+            "$ref": "RegionInstanceGroupsSetNamedPortsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "backendService"
-     ],
-     "request": {
-      "$ref": "BackendService"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "regionCommitments": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.regionCommitments.aggregatedList",
-     "path": "{project}/aggregated/commitments",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of commitments.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+    },
+    "regionOperations": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified region-specific Operations resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.regionOperations.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "operation"
+          ],
+          "parameters": {
+            "operation": {
+              "description": "Name of the Operations resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/operations/{operation}",
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Retrieves the specified region-specific Operations resource.",
+          "httpMethod": "GET",
+          "id": "compute.regionOperations.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "operation"
+          ],
+          "parameters": {
+            "operation": {
+              "description": "Name of the Operations resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/operations/{operation}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of Operation resources contained within the specified region.",
+          "httpMethod": "GET",
+          "id": "compute.regionOperations.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/operations",
+          "response": {
+            "$ref": "OperationList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "CommitmentAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "get": {
-     "id": "compute.regionCommitments.get",
-     "path": "{project}/regions/{region}/commitments/{commitment}",
-     "httpMethod": "GET",
-     "description": "Returns the specified commitment resource. Get a list of available commitments by making a list() request.",
-     "parameters": {
-      "commitment": {
-       "type": "string",
-       "description": "Name of the commitment to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+    },
+    "regions": {
+      "methods": {
+        "get": {
+          "description": "Returns the specified Region resource. Get a list of available regions by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.regions.get",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}",
+          "response": {
+            "$ref": "Region"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of region resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.regions.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions",
+          "response": {
+            "$ref": "RegionList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "commitment"
-     ],
-     "response": {
-      "$ref": "Commitment"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.regionCommitments.insert",
-     "path": "{project}/regions/{region}/commitments",
-     "httpMethod": "POST",
-     "description": "Creates a commitment in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+    },
+    "routers": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of routers.",
+          "httpMethod": "GET",
+          "id": "compute.routers.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/routers",
+          "response": {
+            "$ref": "RouterAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified Router resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.routers.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "router"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "router": {
+              "description": "Name of the Router resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{router}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified Router resource. Get a list of available routers by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.routers.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "router"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "router": {
+              "description": "Name of the Router resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{router}",
+          "response": {
+            "$ref": "Router"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getRouterStatus": {
+          "description": "Retrieves runtime information of the specified router.",
+          "httpMethod": "GET",
+          "id": "compute.routers.getRouterStatus",
+          "parameterOrder": [
+            "project",
+            "region",
+            "router"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "router": {
+              "description": "Name of the Router resource to query.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{router}/getRouterStatus",
+          "response": {
+            "$ref": "RouterStatusResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a Router resource in the specified project and region using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.routers.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers",
+          "request": {
+            "$ref": "Router"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of Router resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.routers.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers",
+          "response": {
+            "$ref": "RouterList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Patches the specified Router resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.routers.patch",
+          "parameterOrder": [
+            "project",
+            "region",
+            "router"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "router": {
+              "description": "Name of the Router resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{router}",
+          "request": {
+            "$ref": "Router"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "preview": {
+          "description": "Preview fields auto-generated during router create and update operations. Calling this method does NOT create or update the router.",
+          "httpMethod": "POST",
+          "id": "compute.routers.preview",
+          "parameterOrder": [
+            "project",
+            "region",
+            "router"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "router": {
+              "description": "Name of the Router resource to query.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{router}/preview",
+          "request": {
+            "$ref": "Router"
+          },
+          "response": {
+            "$ref": "RoutersPreviewResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "update": {
+          "description": "Updates the specified Router resource with the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.routers.update",
+          "parameterOrder": [
+            "project",
+            "region",
+            "router"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "router": {
+              "description": "Name of the Router resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/routers/{router}",
+          "request": {
+            "$ref": "Router"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Commitment"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.regionCommitments.list",
-     "path": "{project}/regions/{region}/commitments",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of commitments contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+    },
+    "routes": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified Route resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.routes.delete",
+          "parameterOrder": [
+            "project",
+            "route"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "route": {
+              "description": "Name of the Route resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/routes/{route}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified Route resource. Get a list of available routes by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.routes.get",
+          "parameterOrder": [
+            "project",
+            "route"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "route": {
+              "description": "Name of the Route resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/routes/{route}",
+          "response": {
+            "$ref": "Route"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a Route resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.routes.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/routes",
+          "request": {
+            "$ref": "Route"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of Route resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.routes.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/routes",
+          "response": {
+            "$ref": "RouteList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "CommitmentList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "regionInstanceGroupManagers": {
-   "methods": {
-    "abandonInstances": {
-     "id": "compute.regionInstanceGroupManagers.abandonInstances",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/abandonInstances",
-     "httpMethod": "POST",
-     "description": "Schedules a group action to remove the specified instances from the managed instance group. Abandoning an instance does not delete the instance, but it does remove the instance from any target pools that are applied by the managed instance group. This method reduces the targetSize of the managed instance group by the number of instances that you abandon. This operation is marked as DONE when the action is scheduled even if the instances have not yet been removed from the group. You must separately verify the status of the abandoning action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+    },
+    "snapshots": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified Snapshot resource. Keep in mind that deleting a single snapshot might not necessarily delete all the data on that snapshot. If any data on the snapshot that is marked for deletion is needed for subsequent snapshots, the data will be moved to the next corresponding snapshot.\n\nFor more information, see Deleting snaphots.",
+          "httpMethod": "DELETE",
+          "id": "compute.snapshots.delete",
+          "parameterOrder": [
+            "project",
+            "snapshot"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "snapshot": {
+              "description": "Name of the Snapshot resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/snapshots/{snapshot}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified Snapshot resource. Get a list of available snapshots by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.snapshots.get",
+          "parameterOrder": [
+            "project",
+            "snapshot"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "snapshot": {
+              "description": "Name of the Snapshot resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/snapshots/{snapshot}",
+          "response": {
+            "$ref": "Snapshot"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of Snapshot resources contained within the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.snapshots.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/snapshots",
+          "response": {
+            "$ref": "SnapshotList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setLabels": {
+          "description": "Sets the labels on a snapshot. To learn more about labels, read the Labeling Resources documentation.",
+          "httpMethod": "POST",
+          "id": "compute.snapshots.setLabels",
+          "parameterOrder": [
+            "project",
+            "resource"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "resource": {
+              "description": "Name of the resource for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/snapshots/{resource}/setLabels",
+          "request": {
+            "$ref": "GlobalSetLabelsRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagersAbandonInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "delete": {
-     "id": "compute.regionInstanceGroupManagers.delete",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified managed instance group and all of the instances in that group.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group to delete.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+    },
+    "sslCertificates": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified SslCertificate resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.sslCertificates.delete",
+          "parameterOrder": [
+            "project",
+            "sslCertificate"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "sslCertificate": {
+              "description": "Name of the SslCertificate resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslCertificates/{sslCertificate}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified SslCertificate resource. Get a list of available SSL certificates by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.sslCertificates.get",
+          "parameterOrder": [
+            "project",
+            "sslCertificate"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "sslCertificate": {
+              "description": "Name of the SslCertificate resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslCertificates/{sslCertificate}",
+          "response": {
+            "$ref": "SslCertificate"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a SslCertificate resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.sslCertificates.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslCertificates",
+          "request": {
+            "$ref": "SslCertificate"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of SslCertificate resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.sslCertificates.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/sslCertificates",
+          "response": {
+            "$ref": "SslCertificateList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "deleteInstances": {
-     "id": "compute.regionInstanceGroupManagers.deleteInstances",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/deleteInstances",
-     "httpMethod": "POST",
-     "description": "Schedules a group action to delete the specified instances in the managed instance group. The instances are also removed from any target pools of which they were a member. This method reduces the targetSize of the managed instance group by the number of instances that you delete. This operation is marked as DONE when the action is scheduled even if the instances are still being deleted. You must separately verify the status of the deleting action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+    },
+    "subnetworks": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of subnetworks.",
+          "httpMethod": "GET",
+          "id": "compute.subnetworks.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/subnetworks",
+          "response": {
+            "$ref": "SubnetworkAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified subnetwork.",
+          "httpMethod": "DELETE",
+          "id": "compute.subnetworks.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "subnetwork"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "subnetwork": {
+              "description": "Name of the Subnetwork resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{subnetwork}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "expandIpCidrRange": {
+          "description": "Expands the IP CIDR range of the subnetwork to a specified value.",
+          "httpMethod": "POST",
+          "id": "compute.subnetworks.expandIpCidrRange",
+          "parameterOrder": [
+            "project",
+            "region",
+            "subnetwork"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "subnetwork": {
+              "description": "Name of the Subnetwork resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{subnetwork}/expandIpCidrRange",
+          "request": {
+            "$ref": "SubnetworksExpandIpCidrRangeRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified subnetwork. Get a list of available subnetworks list() request.",
+          "httpMethod": "GET",
+          "id": "compute.subnetworks.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "subnetwork"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "subnetwork": {
+              "description": "Name of the Subnetwork resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{subnetwork}",
+          "response": {
+            "$ref": "Subnetwork"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a subnetwork in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.subnetworks.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks",
+          "request": {
+            "$ref": "Subnetwork"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of subnetworks available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.subnetworks.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks",
+          "response": {
+            "$ref": "SubnetworkList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Patches the specified subnetwork with the data included in the request. Only the following fields within the subnetwork resource can be specified in the request: secondary_ip_range and allow_subnet_cidr_routes_overlap. It is also mandatory to specify the current fingeprint of the subnetwork resource being patched.",
+          "httpMethod": "PATCH",
+          "id": "compute.subnetworks.patch",
+          "parameterOrder": [
+            "project",
+            "region",
+            "subnetwork"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "subnetwork": {
+              "description": "Name of the Subnetwork resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{subnetwork}",
+          "request": {
+            "$ref": "Subnetwork"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setPrivateIpGoogleAccess": {
+          "description": "Set whether VMs in this subnet can access Google services without assigning external IP addresses through Private Google Access.",
+          "httpMethod": "POST",
+          "id": "compute.subnetworks.setPrivateIpGoogleAccess",
+          "parameterOrder": [
+            "project",
+            "region",
+            "subnetwork"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "subnetwork": {
+              "description": "Name of the Subnetwork resource.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/subnetworks/{subnetwork}/setPrivateIpGoogleAccess",
+          "request": {
+            "$ref": "SubnetworksSetPrivateIpGoogleAccessRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagersDeleteInstancesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.regionInstanceGroupManagers.get",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}",
-     "httpMethod": "GET",
-     "description": "Returns all of the details about the specified managed instance group.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group to return.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
+    },
+    "targetHttpProxies": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified TargetHttpProxy resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetHttpProxies.delete",
+          "parameterOrder": [
+            "project",
+            "targetHttpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetHttpProxy": {
+              "description": "Name of the TargetHttpProxy resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpProxies/{targetHttpProxy}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified TargetHttpProxy resource. Get a list of available target HTTP proxies by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetHttpProxies.get",
+          "parameterOrder": [
+            "project",
+            "targetHttpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "targetHttpProxy": {
+              "description": "Name of the TargetHttpProxy resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpProxies/{targetHttpProxy}",
+          "response": {
+            "$ref": "TargetHttpProxy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a TargetHttpProxy resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpProxies.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpProxies",
+          "request": {
+            "$ref": "TargetHttpProxy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of TargetHttpProxy resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.targetHttpProxies.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpProxies",
+          "response": {
+            "$ref": "TargetHttpProxyList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setUrlMap": {
+          "description": "Changes the URL map for TargetHttpProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpProxies.setUrlMap",
+          "parameterOrder": [
+            "project",
+            "targetHttpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetHttpProxy": {
+              "description": "Name of the TargetHttpProxy to set a URL map for.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/targetHttpProxies/{targetHttpProxy}/setUrlMap",
+          "request": {
+            "$ref": "UrlMapReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "InstanceGroupManager"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.regionInstanceGroupManagers.insert",
-     "path": "{project}/regions/{region}/instanceGroupManagers",
-     "httpMethod": "POST",
-     "description": "Creates a managed instance group using the information that you specify in the request. After the group is created, it schedules an action to create instances in the group using the specified instance template. This operation is marked as DONE when the group is created even if the instances in the group have not yet been created. You must separately verify the status of the individual instances with the listmanagedinstances method.\n\nA regional managed instance group can contain up to 2000 instances.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+    },
+    "targetHttpsProxies": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified TargetHttpsProxy resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetHttpsProxies.delete",
+          "parameterOrder": [
+            "project",
+            "targetHttpsProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetHttpsProxy": {
+              "description": "Name of the TargetHttpsProxy resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified TargetHttpsProxy resource. Get a list of available target HTTPS proxies by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetHttpsProxies.get",
+          "parameterOrder": [
+            "project",
+            "targetHttpsProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "targetHttpsProxy": {
+              "description": "Name of the TargetHttpsProxy resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}",
+          "response": {
+            "$ref": "TargetHttpsProxy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a TargetHttpsProxy resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpsProxies.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpsProxies",
+          "request": {
+            "$ref": "TargetHttpsProxy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of TargetHttpsProxy resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.targetHttpsProxies.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetHttpsProxies",
+          "response": {
+            "$ref": "TargetHttpsProxyList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setSslCertificates": {
+          "description": "Replaces SslCertificates for TargetHttpsProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpsProxies.setSslCertificates",
+          "parameterOrder": [
+            "project",
+            "targetHttpsProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetHttpsProxy": {
+              "description": "Name of the TargetHttpsProxy resource to set an SslCertificates resource for.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/targetHttpsProxies/{targetHttpsProxy}/setSslCertificates",
+          "request": {
+            "$ref": "TargetHttpsProxiesSetSslCertificatesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setUrlMap": {
+          "description": "Changes the URL map for TargetHttpsProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetHttpsProxies.setUrlMap",
+          "parameterOrder": [
+            "project",
+            "targetHttpsProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetHttpsProxy": {
+              "description": "Name of the TargetHttpsProxy resource whose URL map is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/targetHttpsProxies/{targetHttpsProxy}/setUrlMap",
+          "request": {
+            "$ref": "UrlMapReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "InstanceGroupManager"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.regionInstanceGroupManagers.list",
-     "path": "{project}/regions/{region}/instanceGroupManagers",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of managed instance groups that are contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
+    },
+    "targetInstances": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of target instances.",
+          "httpMethod": "GET",
+          "id": "compute.targetInstances.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/targetInstances",
+          "response": {
+            "$ref": "TargetInstanceAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified TargetInstance resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetInstances.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "targetInstance"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetInstance": {
+              "description": "Name of the TargetInstance resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/targetInstances/{targetInstance}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified TargetInstance resource. Get a list of available target instances by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetInstances.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "targetInstance"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "targetInstance": {
+              "description": "Name of the TargetInstance resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/targetInstances/{targetInstance}",
+          "response": {
+            "$ref": "TargetInstance"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a TargetInstance resource in the specified project and zone using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetInstances.insert",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/targetInstances",
+          "request": {
+            "$ref": "TargetInstance"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of TargetInstance resources available to the specified project and zone.",
+          "httpMethod": "GET",
+          "id": "compute.targetInstances.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/targetInstances",
+          "response": {
+            "$ref": "TargetInstanceList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "RegionInstanceGroupManagerList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listManagedInstances": {
-     "id": "compute.regionInstanceGroupManagers.listManagedInstances",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/listManagedInstances",
-     "httpMethod": "POST",
-     "description": "Lists the instances in the managed instance group and instances that are scheduled to be created. The list includes any current actions that the group has scheduled for its instances.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "location": "query"
-      },
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "maxResults": {
-       "type": "integer",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "order_by": {
-       "type": "string",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
+    },
+    "targetPools": {
+      "methods": {
+        "addHealthCheck": {
+          "description": "Adds health check URLs to a target pool.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.addHealthCheck",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the target pool to add a health check to.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}/addHealthCheck",
+          "request": {
+            "$ref": "TargetPoolsAddHealthCheckRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "addInstance": {
+          "description": "Adds an instance to a target pool.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.addInstance",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the TargetPool resource to add instances to.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}/addInstance",
+          "request": {
+            "$ref": "TargetPoolsAddInstanceRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of target pools.",
+          "httpMethod": "GET",
+          "id": "compute.targetPools.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/targetPools",
+          "response": {
+            "$ref": "TargetPoolAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified target pool.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetPools.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the TargetPool resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified target pool. Get a list of available target pools by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetPools.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the TargetPool resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}",
+          "response": {
+            "$ref": "TargetPool"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "getHealth": {
+          "description": "Gets the most recent health check results for each IP for the instance that is referenced by the given target pool.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.getHealth",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the TargetPool resource to which the queried instance belongs.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}/getHealth",
+          "request": {
+            "$ref": "InstanceReference"
+          },
+          "response": {
+            "$ref": "TargetPoolInstanceHealth"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a target pool in the specified project and region using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools",
+          "request": {
+            "$ref": "TargetPool"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of target pools available to the specified project and region.",
+          "httpMethod": "GET",
+          "id": "compute.targetPools.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools",
+          "response": {
+            "$ref": "TargetPoolList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "removeHealthCheck": {
+          "description": "Removes health check URL from a target pool.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.removeHealthCheck",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the target pool to remove health checks from.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}/removeHealthCheck",
+          "request": {
+            "$ref": "TargetPoolsRemoveHealthCheckRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "removeInstance": {
+          "description": "Removes instance URL from a target pool.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.removeInstance",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the TargetPool resource to remove instances from.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}/removeInstance",
+          "request": {
+            "$ref": "TargetPoolsRemoveInstanceRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setBackup": {
+          "description": "Changes a backup target pool's configurations.",
+          "httpMethod": "POST",
+          "id": "compute.targetPools.setBackup",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetPool"
+          ],
+          "parameters": {
+            "failoverRatio": {
+              "description": "New failoverRatio value for the target pool.",
+              "format": "float",
+              "location": "query",
+              "type": "number"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetPool": {
+              "description": "Name of the TargetPool resource to set a backup pool for.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetPools/{targetPool}/setBackup",
+          "request": {
+            "$ref": "TargetReference"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "response": {
-      "$ref": "RegionInstanceGroupManagersListInstancesResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "recreateInstances": {
-     "id": "compute.regionInstanceGroupManagers.recreateInstances",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/recreateInstances",
-     "httpMethod": "POST",
-     "description": "Schedules a group action to recreate the specified instances in the managed instance group. The instances are deleted and recreated using the current instance template for the managed instance group. This operation is marked as DONE when the action is scheduled even if the instances have not yet been recreated. You must separately verify the status of the recreating action with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.\n\nYou can specify a maximum of 1000 instances with this method per request.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+    },
+    "targetSslProxies": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified TargetSslProxy resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetSslProxies.delete",
+          "parameterOrder": [
+            "project",
+            "targetSslProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetSslProxy": {
+              "description": "Name of the TargetSslProxy resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies/{targetSslProxy}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified TargetSslProxy resource. Get a list of available target SSL proxies by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetSslProxies.get",
+          "parameterOrder": [
+            "project",
+            "targetSslProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "targetSslProxy": {
+              "description": "Name of the TargetSslProxy resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies/{targetSslProxy}",
+          "response": {
+            "$ref": "TargetSslProxy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a TargetSslProxy resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetSslProxies.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies",
+          "request": {
+            "$ref": "TargetSslProxy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of TargetSslProxy resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.targetSslProxies.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies",
+          "response": {
+            "$ref": "TargetSslProxyList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setBackendService": {
+          "description": "Changes the BackendService for TargetSslProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetSslProxies.setBackendService",
+          "parameterOrder": [
+            "project",
+            "targetSslProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetSslProxy": {
+              "description": "Name of the TargetSslProxy resource whose BackendService resource is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies/{targetSslProxy}/setBackendService",
+          "request": {
+            "$ref": "TargetSslProxiesSetBackendServiceRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setProxyHeader": {
+          "description": "Changes the ProxyHeaderType for TargetSslProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetSslProxies.setProxyHeader",
+          "parameterOrder": [
+            "project",
+            "targetSslProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetSslProxy": {
+              "description": "Name of the TargetSslProxy resource whose ProxyHeader is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies/{targetSslProxy}/setProxyHeader",
+          "request": {
+            "$ref": "TargetSslProxiesSetProxyHeaderRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setSslCertificates": {
+          "description": "Changes SslCertificates for TargetSslProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetSslProxies.setSslCertificates",
+          "parameterOrder": [
+            "project",
+            "targetSslProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetSslProxy": {
+              "description": "Name of the TargetSslProxy resource whose SslCertificate resource is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetSslProxies/{targetSslProxy}/setSslCertificates",
+          "request": {
+            "$ref": "TargetSslProxiesSetSslCertificatesRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagersRecreateRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "resize": {
-     "id": "compute.regionInstanceGroupManagers.resize",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/resize",
-     "httpMethod": "POST",
-     "description": "Changes the intended size for the managed instance group. If you increase the size, the group schedules actions to create new instances using the current instance template. If you decrease the size, the group schedules delete actions on one or more instances. The resize operation is marked DONE when the resize actions are scheduled even if the group has not yet added or deleted any instances. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method.\n\nIf the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      },
-      "size": {
-       "type": "integer",
-       "description": "Number of instances that should exist in this instance group manager.",
-       "required": true,
-       "format": "int32",
-       "minimum": "0",
-       "location": "query"
+    },
+    "targetTcpProxies": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified TargetTcpProxy resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetTcpProxies.delete",
+          "parameterOrder": [
+            "project",
+            "targetTcpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetTcpProxy": {
+              "description": "Name of the TargetTcpProxy resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetTcpProxies/{targetTcpProxy}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified TargetTcpProxy resource. Get a list of available target TCP proxies by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetTcpProxies.get",
+          "parameterOrder": [
+            "project",
+            "targetTcpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "targetTcpProxy": {
+              "description": "Name of the TargetTcpProxy resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetTcpProxies/{targetTcpProxy}",
+          "response": {
+            "$ref": "TargetTcpProxy"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a TargetTcpProxy resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetTcpProxies.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetTcpProxies",
+          "request": {
+            "$ref": "TargetTcpProxy"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of TargetTcpProxy resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.targetTcpProxies.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetTcpProxies",
+          "response": {
+            "$ref": "TargetTcpProxyList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "setBackendService": {
+          "description": "Changes the BackendService for TargetTcpProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetTcpProxies.setBackendService",
+          "parameterOrder": [
+            "project",
+            "targetTcpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetTcpProxy": {
+              "description": "Name of the TargetTcpProxy resource whose BackendService resource is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetTcpProxies/{targetTcpProxy}/setBackendService",
+          "request": {
+            "$ref": "TargetTcpProxiesSetBackendServiceRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "setProxyHeader": {
+          "description": "Changes the ProxyHeaderType for TargetTcpProxy.",
+          "httpMethod": "POST",
+          "id": "compute.targetTcpProxies.setProxyHeader",
+          "parameterOrder": [
+            "project",
+            "targetTcpProxy"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetTcpProxy": {
+              "description": "Name of the TargetTcpProxy resource whose ProxyHeader is to be set.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/targetTcpProxies/{targetTcpProxy}/setProxyHeader",
+          "request": {
+            "$ref": "TargetTcpProxiesSetProxyHeaderRequest"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager",
-      "size"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setInstanceTemplate": {
-     "id": "compute.regionInstanceGroupManagers.setInstanceTemplate",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/setInstanceTemplate",
-     "httpMethod": "POST",
-     "description": "Sets the instance template to use when creating new instances or recreating instances in this group. Existing instances are not affected.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "The name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+    },
+    "targetVpnGateways": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of target VPN gateways.",
+          "httpMethod": "GET",
+          "id": "compute.targetVpnGateways.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/targetVpnGateways",
+          "response": {
+            "$ref": "TargetVpnGatewayAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified target VPN gateway.",
+          "httpMethod": "DELETE",
+          "id": "compute.targetVpnGateways.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetVpnGateway"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "targetVpnGateway": {
+              "description": "Name of the target VPN gateway to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetVpnGateways/{targetVpnGateway}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified target VPN gateway. Get a list of available target VPN gateways by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.targetVpnGateways.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "targetVpnGateway"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "targetVpnGateway": {
+              "description": "Name of the target VPN gateway to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetVpnGateways/{targetVpnGateway}",
+          "response": {
+            "$ref": "TargetVpnGateway"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a target VPN gateway in the specified project and region using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.targetVpnGateways.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetVpnGateways",
+          "request": {
+            "$ref": "TargetVpnGateway"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of target VPN gateways available to the specified project and region.",
+          "httpMethod": "GET",
+          "id": "compute.targetVpnGateways.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/targetVpnGateways",
+          "response": {
+            "$ref": "TargetVpnGatewayList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagersSetTemplateRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setTargetPools": {
-     "id": "compute.regionInstanceGroupManagers.setTargetPools",
-     "path": "{project}/regions/{region}/instanceGroupManagers/{instanceGroupManager}/setTargetPools",
-     "httpMethod": "POST",
-     "description": "Modifies the target pools to which all new instances in this group are assigned. Existing instances in the group are not affected.",
-     "parameters": {
-      "instanceGroupManager": {
-       "type": "string",
-       "description": "Name of the managed instance group.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
-      },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+    },
+    "urlMaps": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified UrlMap resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.urlMaps.delete",
+          "parameterOrder": [
+            "project",
+            "urlMap"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "urlMap": {
+              "description": "Name of the UrlMap resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{urlMap}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified UrlMap resource. Get a list of available URL maps by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.urlMaps.get",
+          "parameterOrder": [
+            "project",
+            "urlMap"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "urlMap": {
+              "description": "Name of the UrlMap resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{urlMap}",
+          "response": {
+            "$ref": "UrlMap"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a UrlMap resource in the specified project using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.urlMaps.insert",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps",
+          "request": {
+            "$ref": "UrlMap"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "invalidateCache": {
+          "description": "Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap.",
+          "httpMethod": "POST",
+          "id": "compute.urlMaps.invalidateCache",
+          "parameterOrder": [
+            "project",
+            "urlMap"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "urlMap": {
+              "description": "Name of the UrlMap scoping this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{urlMap}/invalidateCache",
+          "request": {
+            "$ref": "CacheInvalidationRule"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of UrlMap resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.urlMaps.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps",
+          "response": {
+            "$ref": "UrlMapList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "patch": {
+          "description": "Patches the specified UrlMap resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
+          "httpMethod": "PATCH",
+          "id": "compute.urlMaps.patch",
+          "parameterOrder": [
+            "project",
+            "urlMap"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "urlMap": {
+              "description": "Name of the UrlMap resource to patch.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{urlMap}",
+          "request": {
+            "$ref": "UrlMap"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "update": {
+          "description": "Updates the specified UrlMap resource with the data included in the request.",
+          "httpMethod": "PUT",
+          "id": "compute.urlMaps.update",
+          "parameterOrder": [
+            "project",
+            "urlMap"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "urlMap": {
+              "description": "Name of the UrlMap resource to update.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{urlMap}",
+          "request": {
+            "$ref": "UrlMap"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "validate": {
+          "description": "Runs static validation for the UrlMap. In particular, the tests of the provided UrlMap will be run. Calling this method does NOT create the UrlMap.",
+          "httpMethod": "POST",
+          "id": "compute.urlMaps.validate",
+          "parameterOrder": [
+            "project",
+            "urlMap"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "urlMap": {
+              "description": "Name of the UrlMap resource to be validated as.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/global/urlMaps/{urlMap}/validate",
+          "request": {
+            "$ref": "UrlMapsValidateRequest"
+          },
+          "response": {
+            "$ref": "UrlMapsValidateResponse"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroupManager"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupManagersSetTargetPoolsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "regionInstanceGroups": {
-   "methods": {
-    "get": {
-     "id": "compute.regionInstanceGroups.get",
-     "path": "{project}/regions/{region}/instanceGroups/{instanceGroup}",
-     "httpMethod": "GET",
-     "description": "Returns the specified instance group resource.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "Name of the instance group resource to return.",
-       "required": true,
-       "location": "path"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
+    },
+    "vpnTunnels": {
+      "methods": {
+        "aggregatedList": {
+          "description": "Retrieves an aggregated list of VPN tunnels.",
+          "httpMethod": "GET",
+          "id": "compute.vpnTunnels.aggregatedList",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/aggregated/vpnTunnels",
+          "response": {
+            "$ref": "VpnTunnelAggregatedList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "delete": {
+          "description": "Deletes the specified VpnTunnel resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.vpnTunnels.delete",
+          "parameterOrder": [
+            "project",
+            "region",
+            "vpnTunnel"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            },
+            "vpnTunnel": {
+              "description": "Name of the VpnTunnel resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/vpnTunnels/{vpnTunnel}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Returns the specified VpnTunnel resource. Get a list of available VPN tunnels by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.vpnTunnels.get",
+          "parameterOrder": [
+            "project",
+            "region",
+            "vpnTunnel"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "vpnTunnel": {
+              "description": "Name of the VpnTunnel resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/vpnTunnels/{vpnTunnel}",
+          "response": {
+            "$ref": "VpnTunnel"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "insert": {
+          "description": "Creates a VpnTunnel resource in the specified project and region using the data included in the request.",
+          "httpMethod": "POST",
+          "id": "compute.vpnTunnels.insert",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "requestId": {
+              "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+              "location": "query",
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/vpnTunnels",
+          "request": {
+            "$ref": "VpnTunnel"
+          },
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of VpnTunnel resources contained in the specified project and region.",
+          "httpMethod": "GET",
+          "id": "compute.vpnTunnels.list",
+          "parameterOrder": [
+            "project",
+            "region"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "region": {
+              "description": "Name of the region for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/regions/{region}/vpnTunnels",
+          "response": {
+            "$ref": "VpnTunnelList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroup"
-     ],
-     "response": {
-      "$ref": "InstanceGroup"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.regionInstanceGroups.list",
-     "path": "{project}/regions/{region}/instanceGroups",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of instance group resources contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
+    },
+    "zoneOperations": {
+      "methods": {
+        "delete": {
+          "description": "Deletes the specified zone-specific Operations resource.",
+          "httpMethod": "DELETE",
+          "id": "compute.zoneOperations.delete",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "operation"
+          ],
+          "parameters": {
+            "operation": {
+              "description": "Name of the Operations resource to delete.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/operations/{operation}",
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute"
+          ]
+        },
+        "get": {
+          "description": "Retrieves the specified zone-specific Operations resource.",
+          "httpMethod": "GET",
+          "id": "compute.zoneOperations.get",
+          "parameterOrder": [
+            "project",
+            "zone",
+            "operation"
+          ],
+          "parameters": {
+            "operation": {
+              "description": "Name of the Operations resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for this request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/operations/{operation}",
+          "response": {
+            "$ref": "Operation"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves a list of Operation resources contained within the specified zone.",
+          "httpMethod": "GET",
+          "id": "compute.zoneOperations.list",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone for request.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}/operations",
+          "response": {
+            "$ref": "OperationList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "RegionInstanceGroupList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "listInstances": {
-     "id": "compute.regionInstanceGroups.listInstances",
-     "path": "{project}/regions/{region}/instanceGroups/{instanceGroup}/listInstances",
-     "httpMethod": "POST",
-     "description": "Lists the instances in the specified instance group and displays information about the named ports. Depending on the specified options, this method can list all instances or only the instances that are running.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
-      },
-      "instanceGroup": {
-       "type": "string",
-       "description": "Name of the regional instance group for which we want to list the instances.",
-       "required": true,
-       "location": "path"
-      },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
-      },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
-      },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
-      },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
+    },
+    "zones": {
+      "methods": {
+        "get": {
+          "description": "Returns the specified Zone resource. Get a list of available zones by making a list() request.",
+          "httpMethod": "GET",
+          "id": "compute.zones.get",
+          "parameterOrder": [
+            "project",
+            "zone"
+          ],
+          "parameters": {
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            },
+            "zone": {
+              "description": "Name of the zone resource to return.",
+              "location": "path",
+              "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones/{zone}",
+          "response": {
+            "$ref": "Zone"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        },
+        "list": {
+          "description": "Retrieves the list of Zone resources available to the specified project.",
+          "httpMethod": "GET",
+          "id": "compute.zones.list",
+          "parameterOrder": [
+            "project"
+          ],
+          "parameters": {
+            "filter": {
+              "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+              "location": "query",
+              "type": "string"
+            },
+            "maxResults": {
+              "default": "500",
+              "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+              "format": "uint32",
+              "location": "query",
+              "minimum": "0",
+              "type": "integer"
+            },
+            "orderBy": {
+              "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+              "location": "query",
+              "type": "string"
+            },
+            "pageToken": {
+              "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+              "location": "query",
+              "type": "string"
+            },
+            "project": {
+              "description": "Project ID for this request.",
+              "location": "path",
+              "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+              "required": true,
+              "type": "string"
+            }
+          },
+          "path": "{project}/zones",
+          "response": {
+            "$ref": "ZoneList"
+          },
+          "scopes": [
+            "https://www.googleapis.com/auth/cloud-platform",
+            "https://www.googleapis.com/auth/compute",
+            "https://www.googleapis.com/auth/compute.readonly"
+          ]
+        }
       }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroup"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupsListInstancesRequest"
-     },
-     "response": {
-      "$ref": "RegionInstanceGroupsListInstances"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setNamedPorts": {
-     "id": "compute.regionInstanceGroups.setNamedPorts",
-     "path": "{project}/regions/{region}/instanceGroups/{instanceGroup}/setNamedPorts",
-     "httpMethod": "POST",
-     "description": "Sets the named ports for the specified regional instance group.",
-     "parameters": {
-      "instanceGroup": {
-       "type": "string",
-       "description": "The name of the regional instance group where the named ports are updated.",
-       "required": true,
-       "location": "path"
+    }
+  },
+  "revision": "20180220",
+  "rootUrl": "https://www.googleapis.com/",
+  "schemas": {
+    "AcceleratorConfig": {
+      "description": "A specification of the type and number of accelerator cards attached to the instance.",
+      "id": "AcceleratorConfig",
+      "properties": {
+        "acceleratorCount": {
+          "description": "The number of the guest accelerator cards exposed to this instance.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "acceleratorType": {
+          "description": "Full or partial URL of the accelerator type resource to attach to this instance. If you are creating an instance template, specify only the accelerator name.",
+          "type": "string"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "AcceleratorType": {
+      "description": "An Accelerator Type resource. (== resource_for beta.acceleratorTypes ==) (== resource_for v1.acceleratorTypes ==)",
+      "id": "AcceleratorType",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "deprecated": {
+          "$ref": "DeprecationStatus",
+          "description": "[Output Only] The deprecation status associated with this accelerator type."
+        },
+        "description": {
+          "description": "[Output Only] An optional textual description of the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#acceleratorType",
+          "description": "[Output Only] The type of the resource. Always compute#acceleratorType for accelerator types.",
+          "type": "string"
+        },
+        "maximumCardsPerInstance": {
+          "description": "[Output Only] Maximum accelerator cards allowed per instance.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined fully-qualified URL for this resource.",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] The name of the zone where the accelerator type resides, such as us-central1-a. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "location": "path"
+      "type": "object"
+    },
+    "AcceleratorTypeAggregatedList": {
+      "id": "AcceleratorTypeAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "AcceleratorTypesScopedList",
+            "description": "[Output Only] Name of the scope containing this set of accelerator types."
+          },
+          "description": "A list of AcceleratorTypesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#acceleratorTypeAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#acceleratorTypeAggregatedList for aggregated lists of accelerator types.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "instanceGroup"
-     ],
-     "request": {
-      "$ref": "RegionInstanceGroupsSetNamedPortsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "regionOperations": {
-   "methods": {
-    "delete": {
-     "id": "compute.regionOperations.delete",
-     "path": "{project}/regions/{region}/operations/{operation}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified region-specific Operations resource.",
-     "parameters": {
-      "operation": {
-       "type": "string",
-       "description": "Name of the Operations resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "AcceleratorTypeList": {
+      "description": "Contains a list of accelerator types.",
+      "id": "AcceleratorTypeList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of AcceleratorType resources.",
+          "items": {
+            "$ref": "AcceleratorType"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#acceleratorTypeList",
+          "description": "[Output Only] Type of resource. Always compute#acceleratorTypeList for lists of accelerator types.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "AcceleratorTypesScopedList": {
+      "id": "AcceleratorTypesScopedList",
+      "properties": {
+        "acceleratorTypes": {
+          "description": "[Output Only] List of accelerator types contained in this scope.",
+          "items": {
+            "$ref": "AcceleratorType"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] An informational warning that appears when the accelerator types list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "operation"
-     ],
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.regionOperations.get",
-     "path": "{project}/regions/{region}/operations/{operation}",
-     "httpMethod": "GET",
-     "description": "Retrieves the specified region-specific Operations resource.",
-     "parameters": {
-      "operation": {
-       "type": "string",
-       "description": "Name of the Operations resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "AccessConfig": {
+      "description": "An access configuration attached to an instance's network interface. Only one access config per instance is supported.",
+      "id": "AccessConfig",
+      "properties": {
+        "kind": {
+          "default": "compute#accessConfig",
+          "description": "[Output Only] Type of the resource. Always compute#accessConfig for access configs.",
+          "type": "string"
+        },
+        "name": {
+          "description": "The name of this access configuration. The default and recommended name is External NAT but you can use any arbitrary string you would like. For example, My external IP or Network Access.",
+          "type": "string"
+        },
+        "natIP": {
+          "description": "An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.",
+          "type": "string"
+        },
+        "publicPtrDomainName": {
+          "description": "The DNS domain name for the public PTR record. This field can only be set when the set_public_ptr field is enabled.",
+          "type": "string"
+        },
+        "setPublicPtr": {
+          "description": "Specifies whether a public DNS ?PTR? record should be created to map the external IP address of the instance to a DNS domain name.",
+          "type": "boolean"
+        },
+        "type": {
+          "default": "ONE_TO_ONE_NAT",
+          "description": "The type of configuration. The default and only option is ONE_TO_ONE_NAT.",
+          "enum": [
+            "ONE_TO_ONE_NAT"
+          ],
+          "enumDescriptions": [
+            ""
+          ],
+          "type": "string"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "Address": {
+      "description": "A reserved address resource. (== resource_for beta.addresses ==) (== resource_for v1.addresses ==) (== resource_for beta.globalAddresses ==) (== resource_for v1.globalAddresses ==)",
+      "id": "Address",
+      "properties": {
+        "address": {
+          "description": "The static IP address represented by this resource.",
+          "type": "string"
+        },
+        "addressType": {
+          "description": "The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.",
+          "enum": [
+            "EXTERNAL",
+            "INTERNAL",
+            "UNSPECIFIED_TYPE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "ipVersion": {
+          "description": "The IP Version that will be used by this address. Valid options are IPV4 or IPV6. This can only be specified for a global address.",
+          "enum": [
+            "IPV4",
+            "IPV6",
+            "UNSPECIFIED_VERSION"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#address",
+          "description": "[Output Only] Type of the resource. Always compute#address for addresses.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.addresses.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the regional address resides. This field is not applicable to global addresses. You must specify this field as part of the HTTP request URL. You cannot set this field in the request body.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the address, which can be one of RESERVING, RESERVED, or IN_USE. An address that is RESERVING is currently in the process of being reserved. A RESERVED address is currently reserved and available to use. An IN_USE address is currently being used by another resource and is not available.",
+          "enum": [
+            "IN_USE",
+            "RESERVED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "subnetwork": {
+          "description": "The URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with GCE_ENDPOINT/DNS_RESOLVER purposes.",
+          "type": "string"
+        },
+        "users": {
+          "description": "[Output Only] The URLs of the resources that are using this address.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "operation"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.regionOperations.list",
-     "path": "{project}/regions/{region}/operations",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of Operation resources contained within the specified region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "AddressAggregatedList": {
+      "id": "AddressAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "AddressesScopedList",
+            "description": "[Output Only] Name of the scope containing this set of addresses."
+          },
+          "description": "A list of AddressesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#addressAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#addressAggregatedList for aggregated lists of addresses.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "AddressList": {
+      "description": "Contains a list of addresses.",
+      "id": "AddressList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Address resources.",
+          "items": {
+            "$ref": "Address"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#addressList",
+          "description": "[Output Only] Type of resource. Always compute#addressList for lists of addresses.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "AddressesScopedList": {
+      "id": "AddressesScopedList",
+      "properties": {
+        "addresses": {
+          "description": "[Output Only] List of addresses contained in this scope.",
+          "items": {
+            "$ref": "Address"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of addresses when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "AliasIpRange": {
+      "description": "An alias IP range attached to an instance's network interface.",
+      "id": "AliasIpRange",
+      "properties": {
+        "ipCidrRange": {
+          "description": "The IP CIDR range represented by this alias IP range. This IP CIDR range must belong to the specified subnetwork and cannot contain IP addresses reserved by system or used by other network interfaces. This range may be a single IP address (e.g. 10.2.3.4), a netmask (e.g. /24) or a CIDR format string (e.g. 10.1.2.0/24).",
+          "type": "string"
+        },
+        "subnetworkRangeName": {
+          "description": "Optional subnetwork secondary range name specifying the secondary range from which to allocate the IP CIDR range for this alias IP range. If left unspecified, the primary range of the subnetwork will be used.",
+          "type": "string"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "AttachedDisk": {
+      "description": "An instance-attached disk resource.",
+      "id": "AttachedDisk",
+      "properties": {
+        "autoDelete": {
+          "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).",
+          "type": "boolean"
+        },
+        "boot": {
+          "description": "Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.",
+          "type": "boolean"
+        },
+        "deviceName": {
+          "description": "Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.\n\nIf not specified, the server chooses a default device name to apply to this disk, in the form persistent-disks-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.",
+          "type": "string"
+        },
+        "diskEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "Encrypts or decrypts a disk using a customer-supplied encryption key.\n\nIf you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.\n\nIf you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.\n\nIf you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.\n\nInstance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group."
+        },
+        "guestOsFeatures": {
+          "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.",
+          "items": {
+            "$ref": "GuestOsFeature"
+          },
+          "type": "array"
+        },
+        "index": {
+          "description": "[Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "initializeParams": {
+          "$ref": "AttachedDiskInitializeParams",
+          "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.\n\nThis property is mutually exclusive with the source property; you can only define one or the other, but not both."
+        },
+        "interface": {
+          "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. Persistent disks must always use SCSI and the request will fail if you attempt to attach a persistent disk in any other format than SCSI. Local SSDs can use either NVME or SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance.",
+          "enum": [
+            "NVME",
+            "SCSI"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#attachedDisk",
+          "description": "[Output Only] Type of the resource. Always compute#attachedDisk for attached disks.",
+          "type": "string"
+        },
+        "licenses": {
+          "description": "[Output Only] Any valid publicly visible licenses.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "mode": {
+          "description": "The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode.",
+          "enum": [
+            "READ_ONLY",
+            "READ_WRITE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "source": {
+          "description": "Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or disks.source is required except for local SSD.\n\nIf desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.\n\nNote that for InstanceTemplate, specify the disk name, not the URL for the disk.",
+          "type": "string"
+        },
+        "type": {
+          "description": "Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.",
+          "enum": [
+            "PERSISTENT",
+            "SCRATCH"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "OperationList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "regions": {
-   "methods": {
-    "get": {
-     "id": "compute.regions.get",
-     "path": "{project}/regions/{region}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Region resource. Get a list of available regions by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "AttachedDiskInitializeParams": {
+      "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.\n\nThis property is mutually exclusive with the source property; you can only define one or the other, but not both.",
+      "id": "AttachedDiskInitializeParams",
+      "properties": {
+        "diskName": {
+          "description": "Specifies the disk name. If not specified, the default is to use the name of the instance.",
+          "type": "string"
+        },
+        "diskSizeGb": {
+          "description": "Specifies the size of the disk in base-2 GB.",
+          "format": "int64",
+          "type": "string"
+        },
+        "diskType": {
+          "description": "Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:\nhttps://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard\n\n\nOther values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType \n- projects/project/zones/zone/diskTypes/diskType \n- zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.",
+          "type": "object"
+        },
+        "sourceImage": {
+          "description": "The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or disks.source is required except for local SSD.\n\nTo create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-8 to use the latest Debian 8 image:\nprojects/debian-cloud/global/images/family/debian-8\n\n\nAlternatively, use a specific version of a public operating system image:\nprojects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD\n\n\nTo create a disk with a custom image that you created, specify the image name in the following format:\nglobal/images/my-custom-image\n\n\nYou can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:\nglobal/images/family/my-image-family\n\n\nIf the source image is deleted later, this field will not be set.",
+          "type": "string"
+        },
+        "sourceImageEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.\n\nInstance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys."
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "Region"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.regions.list",
-     "path": "{project}/regions",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of region resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "Autoscaler": {
+      "description": "Represents an Autoscaler resource. Autoscalers allow you to automatically scale virtual machine instances in managed instance groups according to an autoscaling policy that you define. For more information, read Autoscaling Groups of Instances. (== resource_for beta.autoscalers ==) (== resource_for v1.autoscalers ==) (== resource_for beta.regionAutoscalers ==) (== resource_for v1.regionAutoscalers ==)",
+      "id": "Autoscaler",
+      "properties": {
+        "autoscalingPolicy": {
+          "$ref": "AutoscalingPolicy",
+          "description": "The configuration parameters for the autoscaling algorithm. You can define one or more of the policies for an autoscaler: cpuUtilization, customMetricUtilizations, and loadBalancingUtilization.\n\nIf none of these are specified, the default will be to autoscale based on cpuUtilization to 0.6 or 60%."
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#autoscaler",
+          "description": "[Output Only] Type of the resource. Always compute#autoscaler for autoscalers.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.instanceGroups.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the instance group resides (for autoscalers living in regional scope).",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the autoscaler configuration.",
+          "enum": [
+            "ACTIVE",
+            "DELETING",
+            "ERROR",
+            "PENDING"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "statusDetails": {
+          "description": "[Output Only] Human-readable details about the current state of the autoscaler. Read the documentation for Commonly returned status messages for examples of status messages you might encounter.",
+          "items": {
+            "$ref": "AutoscalerStatusDetails"
+          },
+          "type": "array"
+        },
+        "target": {
+          "description": "URL of the managed instance group that this autoscaler will scale.",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] URL of the zone where the instance group resides (for autoscalers living in zonal scope).",
+          "type": "string"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "AutoscalerAggregatedList": {
+      "id": "AutoscalerAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "AutoscalersScopedList",
+            "description": "[Output Only] Name of the scope containing this set of autoscalers."
+          },
+          "description": "A list of AutoscalersScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#autoscalerAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#autoscalerAggregatedList for aggregated lists of autoscalers.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "AutoscalerList": {
+      "description": "Contains a list of Autoscaler resources.",
+      "id": "AutoscalerList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Autoscaler resources.",
+          "items": {
+            "$ref": "Autoscaler"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#autoscalerList",
+          "description": "[Output Only] Type of resource. Always compute#autoscalerList for lists of autoscalers.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "AutoscalerStatusDetails": {
+      "id": "AutoscalerStatusDetails",
+      "properties": {
+        "message": {
+          "description": "The status message.",
+          "type": "string"
+        },
+        "type": {
+          "description": "The type of error returned.",
+          "enum": [
+            "ALL_INSTANCES_UNHEALTHY",
+            "BACKEND_SERVICE_DOES_NOT_EXIST",
+            "CAPPED_AT_MAX_NUM_REPLICAS",
+            "CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE",
+            "CUSTOM_METRIC_INVALID",
+            "MIN_EQUALS_MAX",
+            "MISSING_CUSTOM_METRIC_DATA_POINTS",
+            "MISSING_LOAD_BALANCING_DATA_POINTS",
+            "MORE_THAN_ONE_BACKEND_SERVICE",
+            "NOT_ENOUGH_QUOTA_AVAILABLE",
+            "REGION_RESOURCE_STOCKOUT",
+            "SCALING_TARGET_DOES_NOT_EXIST",
+            "UNKNOWN",
+            "UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION",
+            "ZONE_RESOURCE_STOCKOUT"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "RegionList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "routers": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.routers.aggregatedList",
-     "path": "{project}/aggregated/routers",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of routers.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "AutoscalersScopedList": {
+      "id": "AutoscalersScopedList",
+      "properties": {
+        "autoscalers": {
+          "description": "[Output Only] List of autoscalers contained in this scope.",
+          "items": {
+            "$ref": "Autoscaler"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of autoscalers when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "AutoscalingPolicy": {
+      "description": "Cloud Autoscaler policy.",
+      "id": "AutoscalingPolicy",
+      "properties": {
+        "coolDownPeriodSec": {
+          "description": "The number of seconds that the autoscaler should wait before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. The default time autoscaler waits is 60 seconds.\n\nVirtual machine initialization times might vary because of numerous factors. We recommend that you test how long an instance may take to initialize. To do this, create an instance and time the startup process.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "cpuUtilization": {
+          "$ref": "AutoscalingPolicyCpuUtilization",
+          "description": "Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group."
+        },
+        "customMetricUtilizations": {
+          "description": "Configuration parameters of autoscaling based on a custom metric.",
+          "items": {
+            "$ref": "AutoscalingPolicyCustomMetricUtilization"
+          },
+          "type": "array"
+        },
+        "loadBalancingUtilization": {
+          "$ref": "AutoscalingPolicyLoadBalancingUtilization",
+          "description": "Configuration parameters of autoscaling based on load balancer."
+        },
+        "maxNumReplicas": {
+          "description": "The maximum number of instances that the autoscaler can scale up to. This is required when creating or updating an autoscaler. The maximum number of replicas should not be lower than minimal number of replicas.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "minNumReplicas": {
+          "description": "The minimum number of replicas that the autoscaler can scale down to. This cannot be less than 0. If not provided, autoscaler will choose a default value depending on maximum number of instances allowed.",
+          "format": "int32",
+          "type": "integer"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "AutoscalingPolicyCpuUtilization": {
+      "description": "CPU utilization policy.",
+      "id": "AutoscalingPolicyCpuUtilization",
+      "properties": {
+        "utilizationTarget": {
+          "description": "The target CPU utilization that the autoscaler should maintain. Must be a float value in the range (0, 1]. If not specified, the default is 0.6.\n\nIf the CPU level is below the target utilization, the autoscaler scales down the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization.\n\nIf the average CPU is above the target utilization, the autoscaler scales up until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization.",
+          "format": "double",
+          "type": "number"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "AutoscalingPolicyCustomMetricUtilization": {
+      "description": "Custom utilization metric policy.",
+      "id": "AutoscalingPolicyCustomMetricUtilization",
+      "properties": {
+        "metric": {
+          "description": "The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values.\n\nThe metric must have a value type of INT64 or DOUBLE.",
+          "type": "string"
+        },
+        "utilizationTarget": {
+          "description": "The target value of the metric that autoscaler should maintain. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric.\n\nFor example, a good metric to use as a utilization_target is compute.googleapis.com/instance/network/received_bytes_count. The autoscaler will work to keep this value constant for each of the instances.",
+          "format": "double",
+          "type": "number"
+        },
+        "utilizationTargetType": {
+          "description": "Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE. If not specified, the default is GAUGE.",
+          "enum": [
+            "DELTA_PER_MINUTE",
+            "DELTA_PER_SECOND",
+            "GAUGE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "RouterAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.routers.delete",
-     "path": "{project}/regions/{region}/routers/{router}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified Router resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "AutoscalingPolicyLoadBalancingUtilization": {
+      "description": "Configuration parameters of autoscaling based on load balancing.",
+      "id": "AutoscalingPolicyLoadBalancingUtilization",
+      "properties": {
+        "utilizationTarget": {
+          "description": "Fraction of backend capacity utilization (set in HTTP(s) load balancing configuration) that autoscaler should maintain. Must be a positive float value. If not defined, the default is 0.8.",
+          "format": "double",
+          "type": "number"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "Backend": {
+      "description": "Message containing information of one individual backend.",
+      "id": "Backend",
+      "properties": {
+        "balancingMode": {
+          "description": "Specifies the balancing mode for this backend. For global HTTP(S) or TCP/SSL load balancing, the default is UTILIZATION. Valid values are UTILIZATION, RATE (for HTTP(S)) and CONNECTION (for TCP/SSL).\n\nFor Internal Load Balancing, the default and only supported mode is CONNECTION.",
+          "enum": [
+            "CONNECTION",
+            "RATE",
+            "UTILIZATION"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "capacityScaler": {
+          "description": "A multiplier applied to the group's maximum servicing capacity (based on UTILIZATION, RATE or CONNECTION). Default value is 1, which means the group will serve up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available Capacity. Valid range is [0.0,1.0].\n\nThis cannot be used for internal load balancing.",
+          "format": "float",
+          "type": "number"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "group": {
+          "description": "The fully-qualified URL of a Instance Group resource. This instance group defines the list of instances that serve traffic. Member virtual machine instances from each instance group must live in the same zone as the instance group itself. No two backends in a backend service are allowed to use same Instance Group resource.\n\nNote that you must specify an Instance Group resource using the fully-qualified URL, rather than a partial URL.\n\nWhen the BackendService has load balancing scheme INTERNAL, the instance group must be within the same region as the BackendService.",
+          "type": "string"
+        },
+        "maxConnections": {
+          "description": "The max number of simultaneous connections for the group. Can be used with either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set.\n\nThis cannot be used for internal load balancing.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "maxConnectionsPerInstance": {
+          "description": "The max number of simultaneous connections that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either CONNECTION or UTILIZATION balancing modes. For CONNECTION mode, either maxConnections or maxConnectionsPerInstance must be set.\n\nThis cannot be used for internal load balancing.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "maxRate": {
+          "description": "The max requests per second (RPS) of the group. Can be used with either RATE or UTILIZATION balancing modes, but required if RATE mode. For RATE mode, either maxRate or maxRatePerInstance must be set.\n\nThis cannot be used for internal load balancing.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "maxRatePerInstance": {
+          "description": "The max requests per second (RPS) that a single backend instance can handle. This is used to calculate the capacity of the group. Can be used in either balancing mode. For RATE mode, either maxRate or maxRatePerInstance must be set.\n\nThis cannot be used for internal load balancing.",
+          "format": "float",
+          "type": "number"
+        },
+        "maxUtilization": {
+          "description": "Used when balancingMode is UTILIZATION. This ratio defines the CPU utilization target for the group. The default is 0.8. Valid range is [0.0, 1.0].\n\nThis cannot be used for internal load balancing.",
+          "format": "float",
+          "type": "number"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "BackendBucket": {
+      "description": "A BackendBucket resource. This resource defines a Cloud Storage bucket.",
+      "id": "BackendBucket",
+      "properties": {
+        "bucketName": {
+          "description": "Cloud Storage bucket name.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional textual description of the resource; provided by the client when the resource is created.",
+          "type": "string"
+        },
+        "enableCdn": {
+          "description": "If true, enable Cloud CDN for this BackendBucket.",
+          "type": "boolean"
+        },
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#backendBucket",
+          "description": "Type of the resource.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        }
       },
-      "router": {
-       "type": "string",
-       "description": "Name of the Router resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "router"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.routers.get",
-     "path": "{project}/regions/{region}/routers/{router}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Router resource. Get a list of available routers by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "BackendBucketList": {
+      "description": "Contains a list of BackendBucket resources.",
+      "id": "BackendBucketList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of BackendBucket resources.",
+          "items": {
+            "$ref": "BackendBucket"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#backendBucketList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "BackendService": {
+      "description": "A BackendService resource. This resource defines a group of backend virtual machines and their serving capacity. (== resource_for v1.backendService ==) (== resource_for beta.backendService ==)",
+      "id": "BackendService",
+      "properties": {
+        "affinityCookieTtlSec": {
+          "description": "Lifetime of cookies in seconds if session_affinity is GENERATED_COOKIE. If set to 0, the cookie is non-persistent and lasts only until the end of the browser session (or equivalent). The maximum allowed value for TTL is one day.\n\nWhen the load balancing scheme is INTERNAL, this field is not used.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "backends": {
+          "description": "The list of backends that serve this BackendService.",
+          "items": {
+            "$ref": "Backend"
+          },
+          "type": "array"
+        },
+        "cdnPolicy": {
+          "$ref": "BackendServiceCdnPolicy",
+          "description": "Cloud CDN configuration for this BackendService."
+        },
+        "connectionDraining": {
+          "$ref": "ConnectionDraining"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "enableCDN": {
+          "description": "If true, enable Cloud CDN for this BackendService.\n\nWhen the load balancing scheme is INTERNAL, this field is not used.",
+          "type": "boolean"
+        },
+        "fingerprint": {
+          "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a BackendService. An up-to-date fingerprint must be provided in order to update the BackendService.",
+          "format": "byte",
+          "type": "string"
+        },
+        "healthChecks": {
+          "description": "The list of URLs to the HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. Currently at most one health check can be specified, and a health check is required for Compute Engine backend services. A health check must not be specified for App Engine backend and Cloud Function backend.\n\nFor internal load balancing, a URL to a HealthCheck resource must be specified instead.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "iap": {
+          "$ref": "BackendServiceIAP"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#backendService",
+          "description": "[Output Only] Type of resource. Always compute#backendService for backend services.",
+          "type": "string"
+        },
+        "loadBalancingScheme": {
+          "description": "Indicates whether the backend service will be used with internal or external load balancing. A backend service created for one type of load balancing cannot be used with the other. Possible values are INTERNAL and EXTERNAL.",
+          "enum": [
+            "EXTERNAL",
+            "INTERNAL",
+            "INVALID_LOAD_BALANCING_SCHEME"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "port": {
+          "description": "Deprecated in favor of portName. The TCP port to connect on the backend. The default value is 80.\n\nThis cannot be used for internal load balancing.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "portName": {
+          "description": "Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL.\n\nWhen the load balancing scheme is INTERNAL, this field is not used.",
+          "type": "string"
+        },
+        "protocol": {
+          "description": "The protocol this BackendService uses to communicate with backends.\n\nPossible values are HTTP, HTTPS, TCP, and SSL. The default is HTTP.\n\nFor internal load balancing, the possible values are TCP and UDP, and the default is TCP.",
+          "enum": [
+            "HTTP",
+            "HTTPS",
+            "SSL",
+            "TCP",
+            "UDP"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the regional backend service resides. This field is not applicable to global backend services. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sessionAffinity": {
+          "description": "Type of session affinity to use. The default is NONE.\n\nWhen the load balancing scheme is EXTERNAL, can be NONE, CLIENT_IP, or GENERATED_COOKIE.\n\nWhen the load balancing scheme is INTERNAL, can be NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.\n\nWhen the protocol is UDP, this field is not used.",
+          "enum": [
+            "CLIENT_IP",
+            "CLIENT_IP_PORT_PROTO",
+            "CLIENT_IP_PROTO",
+            "GENERATED_COOKIE",
+            "NONE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "timeoutSec": {
+          "description": "How many seconds to wait for the backend before considering it a failed request. Default is 30 seconds.",
+          "format": "int32",
+          "type": "integer"
+        }
       },
-      "router": {
-       "type": "string",
-       "description": "Name of the Router resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "router"
-     ],
-     "response": {
-      "$ref": "Router"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getRouterStatus": {
-     "id": "compute.routers.getRouterStatus",
-     "path": "{project}/regions/{region}/routers/{router}/getRouterStatus",
-     "httpMethod": "GET",
-     "description": "Retrieves runtime information of the specified router.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "BackendServiceAggregatedList": {
+      "description": "Contains a list of BackendServicesScopedList.",
+      "id": "BackendServiceAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "BackendServicesScopedList",
+            "description": "Name of the scope containing this set of BackendServices."
+          },
+          "description": "A list of BackendServicesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#backendServiceAggregatedList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "BackendServiceCdnPolicy": {
+      "description": "Message containing Cloud CDN configuration for a backend service.",
+      "id": "BackendServiceCdnPolicy",
+      "properties": {
+        "cacheKeyPolicy": {
+          "$ref": "CacheKeyPolicy",
+          "description": "The CacheKeyPolicy for this CdnPolicy."
+        }
       },
-      "router": {
-       "type": "string",
-       "description": "Name of the Router resource to query.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "router"
-     ],
-     "response": {
-      "$ref": "RouterStatusResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.routers.insert",
-     "path": "{project}/regions/{region}/routers",
-     "httpMethod": "POST",
-     "description": "Creates a Router resource in the specified project and region using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "BackendServiceGroupHealth": {
+      "id": "BackendServiceGroupHealth",
+      "properties": {
+        "healthStatus": {
+          "items": {
+            "$ref": "HealthStatus"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#backendServiceGroupHealth",
+          "description": "[Output Only] Type of resource. Always compute#backendServiceGroupHealth for the health of backend services.",
+          "type": "string"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "BackendServiceIAP": {
+      "description": "Identity-Aware Proxy",
+      "id": "BackendServiceIAP",
+      "properties": {
+        "enabled": {
+          "type": "boolean"
+        },
+        "oauth2ClientId": {
+          "type": "string"
+        },
+        "oauth2ClientSecret": {
+          "type": "string"
+        },
+        "oauth2ClientSecretSha256": {
+          "description": "[Output Only] SHA256 hash value for the field oauth2_client_secret above.",
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Router"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.routers.list",
-     "path": "{project}/regions/{region}/routers",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of Router resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "BackendServiceList": {
+      "description": "Contains a list of BackendService resources.",
+      "id": "BackendServiceList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of BackendService resources.",
+          "items": {
+            "$ref": "BackendService"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#backendServiceList",
+          "description": "[Output Only] Type of resource. Always compute#backendServiceList for lists of backend services.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "BackendServicesScopedList": {
+      "id": "BackendServicesScopedList",
+      "properties": {
+        "backendServices": {
+          "description": "List of BackendServices contained in this scope.",
+          "items": {
+            "$ref": "BackendService"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of backend services when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "CacheInvalidationRule": {
+      "id": "CacheInvalidationRule",
+      "properties": {
+        "host": {
+          "description": "If set, this invalidation rule will only apply to requests with a Host header matching host.",
+          "type": "string"
+        },
+        "path": {
+          "type": "string"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "CacheKeyPolicy": {
+      "description": "Message containing what to include in the cache key for a request for Cloud CDN.",
+      "id": "CacheKeyPolicy",
+      "properties": {
+        "includeHost": {
+          "description": "If true, requests to different hosts will be cached separately.",
+          "type": "boolean"
+        },
+        "includeProtocol": {
+          "description": "If true, http and https requests will be cached separately.",
+          "type": "boolean"
+        },
+        "includeQueryString": {
+          "description": "If true, include query string parameters in the cache key according to query_string_whitelist and query_string_blacklist. If neither is set, the entire query string will be included. If false, the query string will be excluded from the cache key entirely.",
+          "type": "boolean"
+        },
+        "queryStringBlacklist": {
+          "description": "Names of query string parameters to exclude in cache keys. All other parameters will be included. Either specify query_string_whitelist or query_string_blacklist, not both. '\u0026' and '=' will be percent encoded and not treated as delimiters.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "queryStringWhitelist": {
+          "description": "Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify query_string_whitelist or query_string_blacklist, not both. '\u0026' and '=' will be percent encoded and not treated as delimiters.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "Commitment": {
+      "description": "Represents a Commitment resource. Creating a Commitment resource means that you are purchasing a committed use contract with an explicit start and end time. You can create commitments based on vCPUs and memory usage and receive discounted rates. For full details, read Signing Up for Committed Use Discounts.\n\nCommitted use discounts are subject to Google Cloud Platform's Service Specific Terms. By purchasing a committed use discount, you agree to these terms. Committed use discounts will not renew, so you must purchase a new commitment to continue receiving discounts. (== resource_for beta.commitments ==) (== resource_for v1.commitments ==)",
+      "id": "Commitment",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "endTimestamp": {
+          "description": "[Output Only] Commitment end time in RFC3339 text format.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#commitment",
+          "description": "[Output Only] Type of the resource. Always compute#commitment for commitments.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "plan": {
+          "description": "The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).",
+          "enum": [
+            "INVALID",
+            "THIRTY_SIX_MONTH",
+            "TWELVE_MONTH"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where this commitment may be used.",
+          "type": "string"
+        },
+        "resources": {
+          "description": "List of commitment amounts for particular resources. Note that VCPU and MEMORY resource commitments must occur together.",
+          "items": {
+            "$ref": "ResourceCommitment"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "startTimestamp": {
+          "description": "[Output Only] Commitment start time in RFC3339 text format.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] Status of the commitment with regards to eventual expiration (each commitment has an end date defined). One of the following values: NOT_YET_ACTIVE, ACTIVE, EXPIRED.",
+          "enum": [
+            "ACTIVE",
+            "CREATING",
+            "EXPIRED",
+            "NOT_YET_ACTIVE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "statusMessage": {
+          "description": "[Output Only] An optional, human-readable explanation of the status.",
+          "type": "string"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "RouterList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.routers.patch",
-     "path": "{project}/regions/{region}/routers/{router}",
-     "httpMethod": "PATCH",
-     "description": "Patches the specified Router resource with the data included in the request. This method supports PATCH semantics and uses JSON merge patch format and processing rules.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "CommitmentAggregatedList": {
+      "id": "CommitmentAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "CommitmentsScopedList",
+            "description": "[Output Only] Name of the scope containing this set of commitments."
+          },
+          "description": "A list of CommitmentsScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#commitmentAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#commitmentAggregatedList for aggregated lists of commitments.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "CommitmentList": {
+      "description": "Contains a list of Commitment resources.",
+      "id": "CommitmentList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Commitment resources.",
+          "items": {
+            "$ref": "Commitment"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#commitmentList",
+          "description": "[Output Only] Type of resource. Always compute#commitmentList for lists of commitments.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "CommitmentsScopedList": {
+      "id": "CommitmentsScopedList",
+      "properties": {
+        "commitments": {
+          "description": "[Output Only] List of commitments contained in this scope.",
+          "items": {
+            "$ref": "Commitment"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of commitments when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "router": {
-       "type": "string",
-       "description": "Name of the Router resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "router"
-     ],
-     "request": {
-      "$ref": "Router"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "preview": {
-     "id": "compute.routers.preview",
-     "path": "{project}/regions/{region}/routers/{router}/preview",
-     "httpMethod": "POST",
-     "description": "Preview fields auto-generated during router create and update operations. Calling this method does NOT create or update the router.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "ConnectionDraining": {
+      "description": "Message containing connection draining configuration.",
+      "id": "ConnectionDraining",
+      "properties": {
+        "drainingTimeoutSec": {
+          "description": "Time for which instance will be drained (not accept new connections, but still work to finish started).",
+          "format": "int32",
+          "type": "integer"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "CustomerEncryptionKey": {
+      "description": "Represents a customer-supplied encryption key",
+      "id": "CustomerEncryptionKey",
+      "properties": {
+        "rawKey": {
+          "description": "Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.",
+          "type": "string"
+        },
+        "sha256": {
+          "description": "[Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.",
+          "type": "string"
+        }
       },
-      "router": {
-       "type": "string",
-       "description": "Name of the Router resource to query.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "router"
-     ],
-     "request": {
-      "$ref": "Router"
-     },
-     "response": {
-      "$ref": "RoutersPreviewResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "update": {
-     "id": "compute.routers.update",
-     "path": "{project}/regions/{region}/routers/{router}",
-     "httpMethod": "PUT",
-     "description": "Updates the specified Router resource with the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "CustomerEncryptionKeyProtectedDisk": {
+      "id": "CustomerEncryptionKeyProtectedDisk",
+      "properties": {
+        "diskEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "Decrypts data associated with the disk with a customer-supplied encryption key."
+        },
+        "source": {
+          "description": "Specifies a valid partial or full URL to an existing Persistent Disk resource. This field is only applicable for persistent disks.",
+          "type": "string"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "DeprecationStatus": {
+      "description": "Deprecation status for a public resource.",
+      "id": "DeprecationStatus",
+      "properties": {
+        "deleted": {
+          "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it.",
+          "type": "string"
+        },
+        "deprecated": {
+          "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DEPRECATED. This is only informational and the status will not change unless the client explicitly changes it.",
+          "type": "string"
+        },
+        "obsolete": {
+          "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to OBSOLETE. This is only informational and the status will not change unless the client explicitly changes it.",
+          "type": "string"
+        },
+        "replacement": {
+          "description": "The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource.",
+          "type": "string"
+        },
+        "state": {
+          "description": "The deprecation state of this resource. This can be DEPRECATED, OBSOLETE, or DELETED. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.",
+          "enum": [
+            "DELETED",
+            "DEPRECATED",
+            "OBSOLETE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "Disk": {
+      "description": "A Disk resource. (== resource_for beta.disks ==) (== resource_for v1.disks ==)",
+      "id": "Disk",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "diskEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "Encrypts the disk using a customer-supplied encryption key.\n\nAfter you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot or an image, or to attach the disk to a virtual machine).\n\nCustomer-supplied encryption keys do not protect access to metadata of the disk.\n\nIf you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later."
+        },
+        "guestOsFeatures": {
+          "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.",
+          "items": {
+            "$ref": "GuestOsFeature"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#disk",
+          "description": "[Output Only] Type of the resource. Always compute#disk for disks.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this disk, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a disk.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this disk. These can be later modified by the setLabels method.",
+          "type": "object"
+        },
+        "lastAttachTimestamp": {
+          "description": "[Output Only] Last attach timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "lastDetachTimestamp": {
+          "description": "[Output Only] Last detach timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "licenses": {
+          "description": "Any applicable publicly visible licenses.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.disks.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "options": {
+          "description": "Internal use only.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined fully-qualified URL for this resource.",
+          "type": "string"
+        },
+        "sizeGb": {
+          "description": "Size of the persistent disk, specified in GB. You can specify this field when creating a persistent disk using the sourceImage or sourceSnapshot parameter, or specify it alone to create an empty persistent disk.\n\nIf you specify this field along with sourceImage or sourceSnapshot, the value of sizeGb must not be less than the size of the sourceImage or the size of the snapshot. Acceptable values are 1 to 65536, inclusive.",
+          "format": "int64",
+          "type": "string"
+        },
+        "sourceImage": {
+          "description": "The source image used to create this disk. If the source image is deleted, this field will not be set.\n\nTo create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-8 to use the latest Debian 8 image:\nprojects/debian-cloud/global/images/family/debian-8\n\n\nAlternatively, use a specific version of a public operating system image:\nprojects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD\n\n\nTo create a disk with a custom image that you created, specify the image name in the following format:\nglobal/images/my-custom-image\n\n\nYou can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:\nglobal/images/family/my-image-family",
+          "type": "string"
+        },
+        "sourceImageEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key."
+        },
+        "sourceImageId": {
+          "description": "[Output Only] The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.",
+          "type": "string"
+        },
+        "sourceSnapshot": {
+          "description": "The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot \n- projects/project/global/snapshots/snapshot \n- global/snapshots/snapshot",
+          "type": "string"
+        },
+        "sourceSnapshotEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key."
+        },
+        "sourceSnapshotId": {
+          "description": "[Output Only] The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of disk creation.",
+          "enum": [
+            "CREATING",
+            "FAILED",
+            "READY",
+            "RESTORING"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "type": {
+          "description": "URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: project/zones/zone/diskTypes/pd-standard or pd-ssd",
+          "type": "string"
+        },
+        "users": {
+          "description": "[Output Only] Links to the users of the disk (attached instances) in form: project/zones/zone/instances/instance",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "zone": {
+          "description": "[Output Only] URL of the zone where the disk resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        }
       },
-      "router": {
-       "type": "string",
-       "description": "Name of the Router resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "router"
-     ],
-     "request": {
-      "$ref": "Router"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "routes": {
-   "methods": {
-    "delete": {
-     "id": "compute.routes.delete",
-     "path": "{project}/global/routes/{route}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified Route resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "DiskAggregatedList": {
+      "id": "DiskAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "DisksScopedList",
+            "description": "[Output Only] Name of the scope containing this set of disks."
+          },
+          "description": "A list of DisksScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#diskAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#diskAggregatedList for aggregated lists of persistent disks.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "DiskList": {
+      "description": "A list of Disk resources.",
+      "id": "DiskList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Disk resources.",
+          "items": {
+            "$ref": "Disk"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#diskList",
+          "description": "[Output Only] Type of resource. Always compute#diskList for lists of disks.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "route": {
-       "type": "string",
-       "description": "Name of the Route resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "route"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.routes.get",
-     "path": "{project}/global/routes/{route}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Route resource. Get a list of available routes by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "DiskMoveRequest": {
+      "id": "DiskMoveRequest",
+      "properties": {
+        "destinationZone": {
+          "description": "The URL of the destination zone to move the disk. This can be a full or partial URL. For example, the following are all valid URLs to a zone:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone \n- projects/project/zones/zone \n- zones/zone",
+          "type": "string"
+        },
+        "targetDisk": {
+          "description": "The URL of the target disk to move. This can be a full or partial URL. For example, the following are all valid URLs to a disk:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk \n- projects/project/zones/zone/disks/disk \n- zones/zone/disks/disk",
+          "type": "string"
+        }
       },
-      "route": {
-       "type": "string",
-       "description": "Name of the Route resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "route"
-     ],
-     "response": {
-      "$ref": "Route"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.routes.insert",
-     "path": "{project}/global/routes",
-     "httpMethod": "POST",
-     "description": "Creates a Route resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "DiskType": {
+      "description": "A DiskType resource. (== resource_for beta.diskTypes ==) (== resource_for v1.diskTypes ==)",
+      "id": "DiskType",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "defaultDiskSizeGb": {
+          "description": "[Output Only] Server-defined default disk size in GB.",
+          "format": "int64",
+          "type": "string"
+        },
+        "deprecated": {
+          "$ref": "DeprecationStatus",
+          "description": "[Output Only] The deprecation status associated with this disk type."
+        },
+        "description": {
+          "description": "[Output Only] An optional description of this resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#diskType",
+          "description": "[Output Only] Type of the resource. Always compute#diskType for disk types.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "validDiskSize": {
+          "description": "[Output Only] An optional textual description of the valid disk size, such as \"10GB-10TB\".",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] URL of the zone where the disk type resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "Route"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.routes.list",
-     "path": "{project}/global/routes",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of Route resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "DiskTypeAggregatedList": {
+      "id": "DiskTypeAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "DiskTypesScopedList",
+            "description": "[Output Only] Name of the scope containing this set of disk types."
+          },
+          "description": "A list of DiskTypesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#diskTypeAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#diskTypeAggregatedList.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "DiskTypeList": {
+      "description": "Contains a list of disk types.",
+      "id": "DiskTypeList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of DiskType resources.",
+          "items": {
+            "$ref": "DiskType"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#diskTypeList",
+          "description": "[Output Only] Type of resource. Always compute#diskTypeList for disk types.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "DiskTypesScopedList": {
+      "id": "DiskTypesScopedList",
+      "properties": {
+        "diskTypes": {
+          "description": "[Output Only] List of disk types contained in this scope.",
+          "items": {
+            "$ref": "DiskType"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of disk types when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "DisksResizeRequest": {
+      "id": "DisksResizeRequest",
+      "properties": {
+        "sizeGb": {
+          "description": "The new size of the persistent disk, which is specified in GB.",
+          "format": "int64",
+          "type": "string"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "RouteList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "snapshots": {
-   "methods": {
-    "delete": {
-     "id": "compute.snapshots.delete",
-     "path": "{project}/global/snapshots/{snapshot}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified Snapshot resource. Keep in mind that deleting a single snapshot might not necessarily delete all the data on that snapshot. If any data on the snapshot that is marked for deletion is needed for subsequent snapshots, the data will be moved to the next corresponding snapshot.\n\nFor more information, see Deleting snaphots.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "DisksScopedList": {
+      "id": "DisksScopedList",
+      "properties": {
+        "disks": {
+          "description": "[Output Only] List of disks contained in this scope.",
+          "items": {
+            "$ref": "Disk"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of disks when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "Firewall": {
+      "description": "Represents a Firewall resource.",
+      "id": "Firewall",
+      "properties": {
+        "allowed": {
+          "description": "The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.",
+          "items": {
+            "properties": {
+              "IPProtocol": {
+                "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.",
+                "type": "string"
+              },
+              "ports": {
+                "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.\n\nExample inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"].",
+                "items": {
+                  "type": "string"
+                },
+                "type": "array"
+              }
+            },
+            "type": "object"
+          },
+          "type": "array"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "denied": {
+          "description": "The list of DENY rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a denied connection.",
+          "items": {
+            "properties": {
+              "IPProtocol": {
+                "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.",
+                "type": "string"
+              },
+              "ports": {
+                "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.\n\nExample inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"].",
+                "items": {
+                  "type": "string"
+                },
+                "type": "array"
+              }
+            },
+            "type": "object"
+          },
+          "type": "array"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "destinationRanges": {
+          "description": "If destination ranges are specified, the firewall will apply only to traffic that has destination IP address in these ranges. These ranges must be expressed in CIDR format. Only IPv4 is supported.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "direction": {
+          "description": "Direction of traffic to which this firewall applies; default is INGRESS. Note: For INGRESS traffic, it is NOT supported to specify destinationRanges; For EGRESS traffic, it is NOT supported to specify sourceRanges OR sourceTags.",
+          "enum": [
+            "EGRESS",
+            "INGRESS"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#firewall",
+          "description": "[Output Only] Type of the resource. Always compute#firewall for firewall rules.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.firewalls.insert",
+              "compute.firewalls.patch"
+            ]
+          },
+          "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "network": {
+          "description": "URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used:\nglobal/networks/default\nIf you choose to specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network \n- projects/myproject/global/networks/my-network \n- global/networks/default",
+          "type": "string"
+        },
+        "priority": {
+          "description": "Priority for this rule. This is an integer between 0 and 65535, both inclusive. When not specified, the value assumed is 1000. Relative priorities determine precedence of conflicting rules. Lower value of priority implies higher precedence (eg, a rule with priority 0 has higher precedence than a rule with priority 1). DENY rules take precedence over ALLOW rules having equal priority.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sourceRanges": {
+          "description": "If source ranges are specified, the firewall will apply only to traffic that has source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply. Only IPv4 is supported.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "sourceServiceAccounts": {
+          "description": "If source service accounts are specified, the firewall will apply only to traffic originating from an instance with a service account in this list. Source service accounts cannot be used to control traffic to an instance's external IP address because service accounts are associated with an instance, not an IP address. sourceRanges can be set at the same time as sourceServiceAccounts. If both are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP belongs to an instance with service account listed in sourceServiceAccount. The connection does not need to match both properties for the firewall to apply. sourceServiceAccounts cannot be used at the same time as sourceTags or targetTags.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "sourceTags": {
+          "description": "If source tags are specified, the firewall rule applies only to traffic with source IPs that match the primary network interfaces of VM instances that have the tag and are in the same VPC network. Source tags cannot be used to control traffic to an instance's external IP address, it only applies to traffic between instances in the same virtual network. Because tags are associated with instances, not IP addresses. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "targetServiceAccounts": {
+          "description": "A list of service accounts indicating sets of instances located in the network that may make network connections as specified in allowed[]. targetServiceAccounts cannot be used at the same time as targetTags or sourceTags. If neither targetServiceAccounts nor targetTags are specified, the firewall rule applies to all instances on the specified network.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "targetTags": {
+          "description": "A list of tags that controls which instances the firewall rule applies to. If targetTags are specified, then the firewall rule applies only to instances in the VPC network that have one of those tags. If no targetTags are specified, the firewall rule applies to all instances on the specified network.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "snapshot": {
-       "type": "string",
-       "description": "Name of the Snapshot resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "snapshot"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.snapshots.get",
-     "path": "{project}/global/snapshots/{snapshot}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Snapshot resource. Get a list of available snapshots by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "FirewallList": {
+      "description": "Contains a list of firewalls.",
+      "id": "FirewallList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Firewall resources.",
+          "items": {
+            "$ref": "Firewall"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#firewallList",
+          "description": "[Output Only] Type of resource. Always compute#firewallList for lists of firewalls.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "snapshot": {
-       "type": "string",
-       "description": "Name of the Snapshot resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "snapshot"
-     ],
-     "response": {
-      "$ref": "Snapshot"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.snapshots.list",
-     "path": "{project}/global/snapshots",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of Snapshot resources contained within the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "ForwardingRule": {
+      "description": "A ForwardingRule resource. A ForwardingRule resource specifies which pool of target virtual machines to forward a packet to if it matches the given [IPAddress, IPProtocol, ports] tuple. (== resource_for beta.forwardingRules ==) (== resource_for v1.forwardingRules ==) (== resource_for beta.globalForwardingRules ==) (== resource_for v1.globalForwardingRules ==) (== resource_for beta.regionForwardingRules ==) (== resource_for v1.regionForwardingRules ==)",
+      "id": "ForwardingRule",
+      "properties": {
+        "IPAddress": {
+          "description": "The IP address that this forwarding rule is serving on behalf of.\n\nAddresses are restricted based on the forwarding rule's load balancing scheme (EXTERNAL or INTERNAL) and scope (global or regional).\n\nWhen the load balancing scheme is EXTERNAL, for global forwarding rules, the address must be a global IP, and for regional forwarding rules, the address must live in the same region as the forwarding rule. If this field is empty, an ephemeral IPv4 address from the same scope (global or regional) will be assigned. A regional forwarding rule supports IPv4 only. A global forwarding rule supports either IPv4 or IPv6.\n\nWhen the load balancing scheme is INTERNAL, this can only be an RFC 1918 IP address belonging to the network/subnet configured for the forwarding rule. By default, if this field is empty, an ephemeral internal IP address will be automatically allocated from the IP range of the subnet or network configured for this forwarding rule.\n\nAn address can be specified either by a literal IP address or a URL reference to an existing Address resource. The following examples are all valid:  \n- 100.1.2.3 \n- https://www.googleapis.com/compute/v1/projects/project/regions/region/addresses/address \n- projects/project/regions/region/addresses/address \n- regions/region/addresses/address \n- global/addresses/address \n- address",
+          "type": "string"
+        },
+        "IPProtocol": {
+          "description": "The IP protocol to which this rule applies. Valid options are TCP, UDP, ESP, AH, SCTP or ICMP.\n\nWhen the load balancing scheme is INTERNAL, only TCP and UDP are valid.",
+          "enum": [
+            "AH",
+            "ESP",
+            "ICMP",
+            "SCTP",
+            "TCP",
+            "UDP"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "backendService": {
+          "description": "This field is not used for external load balancing.\n\nFor internal load balancing, this field identifies the BackendService resource to receive the matched traffic.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "ipVersion": {
+          "description": "The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6. This can only be specified for a global forwarding rule.",
+          "enum": [
+            "IPV4",
+            "IPV6",
+            "UNSPECIFIED_VERSION"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#forwardingRule",
+          "description": "[Output Only] Type of the resource. Always compute#forwardingRule for Forwarding Rule resources.",
+          "type": "string"
+        },
+        "loadBalancingScheme": {
+          "description": "This signifies what the ForwardingRule will be used for and can only take the following values: INTERNAL, EXTERNAL The value of INTERNAL means that this will be used for Internal Network Load Balancing (TCP, UDP). The value of EXTERNAL means that this will be used for External Load Balancing (HTTP(S) LB, External TCP/UDP LB, SSL Proxy)",
+          "enum": [
+            "EXTERNAL",
+            "INTERNAL",
+            "INVALID"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "network": {
+          "description": "This field is not used for external load balancing.\n\nFor internal load balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule. If this field is not specified, the default network will be used.",
+          "type": "string"
+        },
+        "portRange": {
+          "description": "This field is used along with the target field for TargetHttpProxy, TargetHttpsProxy, TargetSslProxy, TargetTcpProxy, TargetVpnGateway, TargetPool, TargetInstance.\n\nApplicable only when IPProtocol is TCP, UDP, or SCTP, only packets addressed to ports in the specified range will be forwarded to target. Forwarding rules with the same [IPAddress, IPProtocol] pair must have disjoint port ranges.\n\nSome types of forwarding target have constraints on the acceptable ports:  \n- TargetHttpProxy: 80, 8080 \n- TargetHttpsProxy: 443 \n- TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 \n- TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1688, 1883, 5222 \n- TargetVpnGateway: 500, 4500",
+          "type": "string"
+        },
+        "ports": {
+          "description": "This field is used along with the backend_service field for internal load balancing.\n\nWhen the load balancing scheme is INTERNAL, a single port or a comma separated list of ports can be configured. Only packets addressed to these ports will be forwarded to the backends configured with this forwarding rule.\n\nYou may specify a maximum of up to 5 ports.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the regional forwarding rule resides. This field is not applicable to global forwarding rules. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "subnetwork": {
+          "description": "This field is not used for external load balancing.\n\nFor internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule.\n\nIf the network specified is in auto subnet mode, this field is optional. However, if the network is in custom subnet mode, a subnetwork must be specified.",
+          "type": "string"
+        },
+        "target": {
+          "description": "The URL of the target resource to receive the matched traffic. For regional forwarding rules, this target must live in the same region as the forwarding rule. For global forwarding rules, this target must be a global load balancing resource. The forwarded traffic must be of a type appropriate to the target object.",
+          "type": "string"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "ForwardingRuleAggregatedList": {
+      "id": "ForwardingRuleAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "ForwardingRulesScopedList",
+            "description": "Name of the scope containing this set of addresses."
+          },
+          "description": "A list of ForwardingRulesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#forwardingRuleAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#forwardingRuleAggregatedList for lists of forwarding rules.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "ForwardingRuleList": {
+      "description": "Contains a list of ForwardingRule resources.",
+      "id": "ForwardingRuleList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of ForwardingRule resources.",
+          "items": {
+            "$ref": "ForwardingRule"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#forwardingRuleList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "ForwardingRulesScopedList": {
+      "id": "ForwardingRulesScopedList",
+      "properties": {
+        "forwardingRules": {
+          "description": "List of forwarding rules contained in this scope.",
+          "items": {
+            "$ref": "ForwardingRule"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of forwarding rules when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "SnapshotList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setLabels": {
-     "id": "compute.snapshots.setLabels",
-     "path": "{project}/global/snapshots/{resource}/setLabels",
-     "httpMethod": "POST",
-     "description": "Sets the labels on a snapshot. To learn more about labels, read the Labeling Resources documentation.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "GlobalSetLabelsRequest": {
+      "id": "GlobalSetLabelsRequest",
+      "properties": {
+        "labelFingerprint": {
+          "description": "The fingerprint of the previous set of labels for this resource, used to detect conflicts. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash when updating or changing labels. Make a get() request to the resource to get the latest fingerprint.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "A list of labels to apply for this resource. Each label key \u0026 value must comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. For example, \"webserver-frontend\": \"images\". A label value can also be empty (e.g. \"my-label\": \"\").",
+          "type": "object"
+        }
       },
-      "resource": {
-       "type": "string",
-       "description": "Name of the resource for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "resource"
-     ],
-     "request": {
-      "$ref": "GlobalSetLabelsRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "sslCertificates": {
-   "methods": {
-    "delete": {
-     "id": "compute.sslCertificates.delete",
-     "path": "{project}/global/sslCertificates/{sslCertificate}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified SslCertificate resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "GuestOsFeature": {
+      "description": "Guest OS features.",
+      "id": "GuestOsFeature",
+      "properties": {
+        "type": {
+          "description": "The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.",
+          "enum": [
+            "FEATURE_TYPE_UNSPECIFIED",
+            "MULTI_IP_SUBNET",
+            "SECURE_BOOT",
+            "UEFI_COMPATIBLE",
+            "VIRTIO_SCSI_MULTIQUEUE",
+            "WINDOWS"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "HTTPHealthCheck": {
+      "id": "HTTPHealthCheck",
+      "properties": {
+        "host": {
+          "description": "The value of the host header in the HTTP health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.",
+          "type": "string"
+        },
+        "port": {
+          "description": "The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "portName": {
+          "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.",
+          "type": "string"
+        },
+        "proxyHeader": {
+          "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "requestPath": {
+          "description": "The request path of the HTTP health check request. The default value is /.",
+          "type": "string"
+        }
       },
-      "sslCertificate": {
-       "type": "string",
-       "description": "Name of the SslCertificate resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "sslCertificate"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.sslCertificates.get",
-     "path": "{project}/global/sslCertificates/{sslCertificate}",
-     "httpMethod": "GET",
-     "description": "Returns the specified SslCertificate resource. Get a list of available SSL certificates by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "HTTPSHealthCheck": {
+      "id": "HTTPSHealthCheck",
+      "properties": {
+        "host": {
+          "description": "The value of the host header in the HTTPS health check request. If left empty (default value), the IP on behalf of which this health check is performed will be used.",
+          "type": "string"
+        },
+        "port": {
+          "description": "The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "portName": {
+          "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.",
+          "type": "string"
+        },
+        "proxyHeader": {
+          "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "requestPath": {
+          "description": "The request path of the HTTPS health check request. The default value is /.",
+          "type": "string"
+        }
       },
-      "sslCertificate": {
-       "type": "string",
-       "description": "Name of the SslCertificate resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "sslCertificate"
-     ],
-     "response": {
-      "$ref": "SslCertificate"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.sslCertificates.insert",
-     "path": "{project}/global/sslCertificates",
-     "httpMethod": "POST",
-     "description": "Creates a SslCertificate resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "HealthCheck": {
+      "description": "An HealthCheck resource. This resource defines a template for how individual virtual machines should be checked for health, via one of the supported protocols.",
+      "id": "HealthCheck",
+      "properties": {
+        "checkIntervalSec": {
+          "description": "How often (in seconds) to send a health check. The default value is 5 seconds.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in 3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "healthyThreshold": {
+          "description": "A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "httpHealthCheck": {
+          "$ref": "HTTPHealthCheck"
+        },
+        "httpsHealthCheck": {
+          "$ref": "HTTPSHealthCheck"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#healthCheck",
+          "description": "Type of the resource.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sslHealthCheck": {
+          "$ref": "SSLHealthCheck"
+        },
+        "tcpHealthCheck": {
+          "$ref": "TCPHealthCheck"
+        },
+        "timeoutSec": {
+          "description": "How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "type": {
+          "description": "Specifies the type of the healthCheck, either TCP, SSL, HTTP or HTTPS. If not specified, the default is TCP. Exactly one of the protocol-specific health check field must be specified, which must match type field.",
+          "enum": [
+            "HTTP",
+            "HTTPS",
+            "INVALID",
+            "SSL",
+            "TCP"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "unhealthyThreshold": {
+          "description": "A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.",
+          "format": "int32",
+          "type": "integer"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "SslCertificate"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.sslCertificates.list",
-     "path": "{project}/global/sslCertificates",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of SslCertificate resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "HealthCheckList": {
+      "description": "Contains a list of HealthCheck resources.",
+      "id": "HealthCheckList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of HealthCheck resources.",
+          "items": {
+            "$ref": "HealthCheck"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#healthCheckList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "HealthCheckReference": {
+      "description": "A full or valid partial URL to a health check. For example, the following are valid URLs:  \n- https://www.googleapis.com/compute/beta/projects/project-id/global/httpHealthChecks/health-check \n- projects/project-id/global/httpHealthChecks/health-check \n- global/httpHealthChecks/health-check",
+      "id": "HealthCheckReference",
+      "properties": {
+        "healthCheck": {
+          "type": "string"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "HealthStatus": {
+      "id": "HealthStatus",
+      "properties": {
+        "healthState": {
+          "description": "Health state of the instance.",
+          "enum": [
+            "HEALTHY",
+            "UNHEALTHY"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "instance": {
+          "description": "URL of the instance resource.",
+          "type": "string"
+        },
+        "ipAddress": {
+          "description": "The IP address represented by this resource.",
+          "type": "string"
+        },
+        "port": {
+          "description": "The port on the instance.",
+          "format": "int32",
+          "type": "integer"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "HostRule": {
+      "description": "UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.",
+      "id": "HostRule",
+      "properties": {
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "hosts": {
+          "description": "The list of host patterns to match. They must be valid hostnames, except * will match any string of ([a-z0-9-.]*). In that case, * must be the first character and must be followed in the pattern by either - or ..",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "pathMatcher": {
+          "description": "The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion.",
+          "type": "string"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "SslCertificateList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "subnetworks": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.subnetworks.aggregatedList",
-     "path": "{project}/aggregated/subnetworks",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of subnetworks.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "HttpHealthCheck": {
+      "description": "An HttpHealthCheck resource. This resource defines a template for how individual instances should be checked for health, via HTTP.",
+      "id": "HttpHealthCheck",
+      "properties": {
+        "checkIntervalSec": {
+          "description": "How often (in seconds) to send a health check. The default value is 5 seconds.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "healthyThreshold": {
+          "description": "A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "host": {
+          "description": "The value of the host header in the HTTP health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#httpHealthCheck",
+          "description": "[Output Only] Type of the resource. Always compute#httpHealthCheck for HTTP health checks.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "port": {
+          "description": "The TCP port number for the HTTP health check request. The default value is 80.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "requestPath": {
+          "description": "The request path of the HTTP health check request. The default value is /.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "timeoutSec": {
+          "description": "How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have greater value than checkIntervalSec.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "unhealthyThreshold": {
+          "description": "A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.",
+          "format": "int32",
+          "type": "integer"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "HttpHealthCheckList": {
+      "description": "Contains a list of HttpHealthCheck resources.",
+      "id": "HttpHealthCheckList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of HttpHealthCheck resources.",
+          "items": {
+            "$ref": "HttpHealthCheck"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#httpHealthCheckList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "HttpsHealthCheck": {
+      "description": "An HttpsHealthCheck resource. This resource defines a template for how individual instances should be checked for health, via HTTPS.",
+      "id": "HttpsHealthCheck",
+      "properties": {
+        "checkIntervalSec": {
+          "description": "How often (in seconds) to send a health check. The default value is 5 seconds.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "healthyThreshold": {
+          "description": "A so-far unhealthy instance will be marked healthy after this many consecutive successes. The default value is 2.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "host": {
+          "description": "The value of the host header in the HTTPS health check request. If left empty (default value), the public IP on behalf of which this health check is performed will be used.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#httpsHealthCheck",
+          "description": "Type of the resource.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "port": {
+          "description": "The TCP port number for the HTTPS health check request. The default value is 443.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "requestPath": {
+          "description": "The request path of the HTTPS health check request. The default value is \"/\".",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "timeoutSec": {
+          "description": "How long (in seconds) to wait before claiming failure. The default value is 5 seconds. It is invalid for timeoutSec to have a greater value than checkIntervalSec.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "unhealthyThreshold": {
+          "description": "A so-far healthy instance will be marked unhealthy after this many consecutive failures. The default value is 2.",
+          "format": "int32",
+          "type": "integer"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "HttpsHealthCheckList": {
+      "description": "Contains a list of HttpsHealthCheck resources.",
+      "id": "HttpsHealthCheckList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of HttpsHealthCheck resources.",
+          "items": {
+            "$ref": "HttpsHealthCheck"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#httpsHealthCheckList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "SubnetworkAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.subnetworks.delete",
-     "path": "{project}/regions/{region}/subnetworks/{subnetwork}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified subnetwork.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "Image": {
+      "description": "An Image resource. (== resource_for beta.images ==) (== resource_for v1.images ==)",
+      "id": "Image",
+      "properties": {
+        "archiveSizeBytes": {
+          "description": "Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).",
+          "format": "int64",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "deprecated": {
+          "$ref": "DeprecationStatus",
+          "description": "The deprecation status associated with this image."
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "diskSizeGb": {
+          "description": "Size of the image when restored onto a persistent disk (in GB).",
+          "format": "int64",
+          "type": "string"
+        },
+        "family": {
+          "description": "The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.",
+          "type": "string"
+        },
+        "guestOsFeatures": {
+          "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.",
+          "items": {
+            "$ref": "GuestOsFeature"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "imageEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "Encrypts the image using a customer-supplied encryption key.\n\nAfter you encrypt an image with a customer-supplied key, you must provide the same key if you use the image later (e.g. to create a disk from the image).\n\nCustomer-supplied encryption keys do not protect access to metadata of the disk.\n\nIf you do not provide an encryption key when creating the image, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the image later."
+        },
+        "kind": {
+          "default": "compute#image",
+          "description": "[Output Only] Type of the resource. Always compute#image for images.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this image, which is essentially a hash of the labels used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve an image.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this image. These can be later modified by the setLabels method.",
+          "type": "object"
+        },
+        "licenses": {
+          "description": "Any applicable license URI.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.images.insert"
+            ]
+          },
+          "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "rawDisk": {
+          "description": "The parameters of the raw disk image.",
+          "properties": {
+            "containerType": {
+              "description": "The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.",
+              "enum": [
+                "TAR"
+              ],
+              "enumDescriptions": [
+                ""
+              ],
+              "type": "string"
+            },
+            "sha1Checksum": {
+              "description": "An optional SHA1 checksum of the disk image before unpackaging; provided by the client when the disk image is created.",
+              "pattern": "[a-f0-9]{40}",
+              "type": "string"
+            },
+            "source": {
+              "annotations": {
+                "required": [
+                  "compute.images.insert"
+                ]
+              },
+              "description": "The full Google Cloud Storage URL where the disk image is stored. You must provide either this property or the sourceDisk property but not both.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sourceDisk": {
+          "description": "URL of the source disk used to create this image. This can be a full or valid partial URL. You must provide either this property or the rawDisk.source property but not both to create an image. For example, the following are valid values:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk \n- projects/project/zones/zone/disks/disk \n- zones/zone/disks/disk",
+          "type": "string"
+        },
+        "sourceDiskEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key."
+        },
+        "sourceDiskId": {
+          "description": "The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.",
+          "type": "string"
+        },
+        "sourceImage": {
+          "description": "URL of the source image used to create this image. This can be a full or valid partial URL. You must provide exactly one of:  \n- this property, or  \n- the rawDisk.source property, or  \n- the sourceDisk property   in order to create an image.",
+          "type": "string"
+        },
+        "sourceImageEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key."
+        },
+        "sourceImageId": {
+          "description": "[Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.",
+          "type": "string"
+        },
+        "sourceSnapshot": {
+          "description": "URL of the source snapshot used to create this image. This can be a full or valid partial URL. You must provide exactly one of:  \n- this property, or  \n- the sourceImage property, or  \n- the rawDisk.source property, or  \n- the sourceDisk property   in order to create an image.",
+          "type": "string"
+        },
+        "sourceSnapshotEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key."
+        },
+        "sourceSnapshotId": {
+          "description": "[Output Only] The ID value of the snapshot used to create this image. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given snapshot name.",
+          "type": "string"
+        },
+        "sourceType": {
+          "default": "RAW",
+          "description": "The type of the image used to create this disk. The default and only value is RAW",
+          "enum": [
+            "RAW"
+          ],
+          "enumDescriptions": [
+            ""
+          ],
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the image. An image can be used to create other resources, such as instances, only after the image has been successfully created and the status is set to READY. Possible values are FAILED, PENDING, or READY.",
+          "enum": [
+            "FAILED",
+            "PENDING",
+            "READY"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "ImageList": {
+      "description": "Contains a list of images.",
+      "id": "ImageList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Image resources.",
+          "items": {
+            "$ref": "Image"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#imageList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "Instance": {
+      "description": "An Instance resource. (== resource_for beta.instances ==) (== resource_for v1.instances ==)",
+      "id": "Instance",
+      "properties": {
+        "canIpForward": {
+          "description": "Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.",
+          "type": "boolean"
+        },
+        "cpuPlatform": {
+          "description": "[Output Only] The CPU platform used by this instance.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "deletionProtection": {
+          "description": "Whether the resource should be protected against deletion.",
+          "type": "boolean"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "disks": {
+          "description": "Array of disks associated with this instance. Persistent disks must be created before you can assign them.",
+          "items": {
+            "$ref": "AttachedDisk"
+          },
+          "type": "array"
+        },
+        "guestAccelerators": {
+          "description": "List of the type and count of accelerator cards attached to the instance.",
+          "items": {
+            "$ref": "AcceleratorConfig"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#instance",
+          "description": "[Output Only] Type of the resource. Always compute#instance for instances.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.\n\nTo see the latest fingerprint, make get() request to the instance.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this instance. These can be later modified by the setLabels method.",
+          "type": "object"
+        },
+        "machineType": {
+          "annotations": {
+            "required": [
+              "compute.instances.insert"
+            ]
+          },
+          "description": "Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:\nzones/us-central1-f/machineTypes/n1-standard-1\n\n\nTo create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):\nzones/zone/machineTypes/custom-CPUS-MEMORY\n\n\nFor example: zones/us-central1-f/machineTypes/custom-4-5120 \n\nFor a full list of restrictions, read the Specifications for custom machine types.",
+          "type": "string"
+        },
+        "metadata": {
+          "$ref": "Metadata",
+          "description": "The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys."
+        },
+        "minCpuPlatform": {
+          "description": "Specifies a minimum CPU platform for the VM instance. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\".",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.instances.insert"
+            ]
+          },
+          "description": "The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "networkInterfaces": {
+          "description": "An array of network configurations for this instance. These specify how interfaces are configured to interact with other network services, such as connecting to the internet. Multiple interfaces are supported per instance.",
+          "items": {
+            "$ref": "NetworkInterface"
+          },
+          "type": "array"
+        },
+        "scheduling": {
+          "$ref": "Scheduling",
+          "description": "Sets the scheduling options for this instance."
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "serviceAccounts": {
+          "description": "A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.\n\nService accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.",
+          "items": {
+            "$ref": "ServiceAccount"
+          },
+          "type": "array"
+        },
+        "startRestricted": {
+          "description": "[Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.",
+          "type": "boolean"
+        },
+        "status": {
+          "description": "[Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, STOPPED, SUSPENDING, SUSPENDED, and TERMINATED.",
+          "enum": [
+            "PROVISIONING",
+            "RUNNING",
+            "STAGING",
+            "STOPPED",
+            "STOPPING",
+            "SUSPENDED",
+            "SUSPENDING",
+            "TERMINATED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "statusMessage": {
+          "description": "[Output Only] An optional, human-readable explanation of the status.",
+          "type": "string"
+        },
+        "tags": {
+          "$ref": "Tags",
+          "description": "A list of tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035."
+        },
+        "zone": {
+          "description": "[Output Only] URL of the zone where the instance resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        }
       },
-      "subnetwork": {
-       "type": "string",
-       "description": "Name of the Subnetwork resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "subnetwork"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "expandIpCidrRange": {
-     "id": "compute.subnetworks.expandIpCidrRange",
-     "path": "{project}/regions/{region}/subnetworks/{subnetwork}/expandIpCidrRange",
-     "httpMethod": "POST",
-     "description": "Expands the IP CIDR range of the subnetwork to a specified value.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "InstanceAggregatedList": {
+      "id": "InstanceAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "InstancesScopedList",
+            "description": "[Output Only] Name of the scope containing this set of instances."
+          },
+          "description": "A list of InstancesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#instanceAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#instanceAggregatedList for aggregated lists of Instance resources.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "InstanceGroup": {
+      "description": "InstanceGroups (== resource_for beta.instanceGroups ==) (== resource_for v1.instanceGroups ==) (== resource_for beta.regionInstanceGroups ==) (== resource_for v1.regionInstanceGroups ==)",
+      "id": "InstanceGroup",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] The creation timestamp for this instance group in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "fingerprint": {
+          "description": "[Output Only] The fingerprint of the named ports. The system uses this fingerprint to detect conflicts when multiple users change the named ports concurrently.",
+          "format": "byte",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] A unique identifier for this instance group, generated by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#instanceGroup",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroup for instance groups.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.instanceGroupManagers.insert"
+            ]
+          },
+          "description": "The name of the instance group. The name must be 1-63 characters long, and comply with RFC1035.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "namedPorts": {
+          "description": "Assigns a name to a port number. For example: {name: \"http\", port: 80}\n\nThis allows the system to reference ports by the assigned name instead of a port number. Named ports can also contain multiple ports. For example: [{name: \"http\", port: 80},{name: \"http\", port: 8080}] \n\nNamed ports apply to all instances in this instance group.",
+          "items": {
+            "$ref": "NamedPort"
+          },
+          "type": "array"
+        },
+        "network": {
+          "description": "The URL of the network to which all instances in the instance group belong.",
+          "type": "string"
+        },
+        "region": {
+          "description": "The URL of the region where the instance group is located (for regional resources).",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] The URL for this instance group. The server generates this URL.",
+          "type": "string"
+        },
+        "size": {
+          "description": "[Output Only] The total number of instances in the instance group.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "subnetwork": {
+          "description": "The URL of the subnetwork to which all instances in the instance group belong.",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] The URL of the zone where the instance group is located (for zonal resources).",
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "InstanceGroupAggregatedList": {
+      "id": "InstanceGroupAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "InstanceGroupsScopedList",
+            "description": "The name of the scope that contains this set of instance groups."
+          },
+          "description": "A list of InstanceGroupsScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#instanceGroupAggregatedList",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupAggregatedList for aggregated lists of instance groups.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "subnetwork": {
-       "type": "string",
-       "description": "Name of the Subnetwork resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "subnetwork"
-     ],
-     "request": {
-      "$ref": "SubnetworksExpandIpCidrRangeRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.subnetworks.get",
-     "path": "{project}/regions/{region}/subnetworks/{subnetwork}",
-     "httpMethod": "GET",
-     "description": "Returns the specified subnetwork. Get a list of available subnetworks list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "InstanceGroupList": {
+      "description": "A list of InstanceGroup resources.",
+      "id": "InstanceGroupList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceGroup resources.",
+          "items": {
+            "$ref": "InstanceGroup"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#instanceGroupList",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupList for instance group lists.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "InstanceGroupManager": {
+      "description": "An Instance Group Manager resource. (== resource_for beta.instanceGroupManagers ==) (== resource_for v1.instanceGroupManagers ==) (== resource_for beta.regionInstanceGroupManagers ==) (== resource_for v1.regionInstanceGroupManagers ==)",
+      "id": "InstanceGroupManager",
+      "properties": {
+        "baseInstanceName": {
+          "annotations": {
+            "required": [
+              "compute.instanceGroupManagers.insert"
+            ]
+          },
+          "description": "The base instance name to use for instances in this group. The value must be 1-58 characters long. Instances are named by appending a hyphen and a random four-character string to the base instance name. The base instance name must comply with RFC1035.",
+          "pattern": "[a-z][-a-z0-9]{0,57}",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] The creation timestamp for this managed instance group in RFC3339 text format.",
+          "type": "string"
+        },
+        "currentActions": {
+          "$ref": "InstanceGroupManagerActionsSummary",
+          "description": "[Output Only] The list of instance actions and the number of instances in this managed instance group that are scheduled for each of those actions."
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "fingerprint": {
+          "description": "[Output Only] The fingerprint of the resource data. You can use this optional field for optimistic locking when you update the resource.",
+          "format": "byte",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] A unique identifier for this resource type. The server generates this identifier.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "instanceGroup": {
+          "description": "[Output Only] The URL of the Instance Group resource.",
+          "type": "string"
+        },
+        "instanceTemplate": {
+          "description": "The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group.",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#instanceGroupManager",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupManager for managed instance groups.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.instanceGroupManagers.insert",
+              "compute.regionInstanceGroupManagers.insert"
+            ]
+          },
+          "description": "The name of the managed instance group. The name must be 1-63 characters long, and comply with RFC1035.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "namedPorts": {
+          "description": "Named ports configured for the Instance Groups complementary to this Instance Group Manager.",
+          "items": {
+            "$ref": "NamedPort"
+          },
+          "type": "array"
+        },
+        "region": {
+          "description": "[Output Only] The URL of the region where the managed instance group resides (for regional resources).",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] The URL for this managed instance group. The server defines this URL.",
+          "type": "string"
+        },
+        "targetPools": {
+          "description": "The URLs for all TargetPool resources to which instances in the instanceGroup field are added. The target pools automatically apply to all of the instances in the managed instance group.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "targetSize": {
+          "annotations": {
+            "required": [
+              "compute.instanceGroupManagers.insert",
+              "compute.regionInstanceGroupManagers.insert"
+            ]
+          },
+          "description": "The target number of running instances for this managed instance group. Deleting or abandoning instances reduces this number. Resizing the group changes this number.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "zone": {
+          "description": "[Output Only] The URL of the zone where the managed instance group is located (for zonal resources).",
+          "type": "string"
+        }
       },
-      "subnetwork": {
-       "type": "string",
-       "description": "Name of the Subnetwork resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "subnetwork"
-     ],
-     "response": {
-      "$ref": "Subnetwork"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.subnetworks.insert",
-     "path": "{project}/regions/{region}/subnetworks",
-     "httpMethod": "POST",
-     "description": "Creates a subnetwork in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "InstanceGroupManagerActionsSummary": {
+      "id": "InstanceGroupManagerActionsSummary",
+      "properties": {
+        "abandoning": {
+          "description": "[Output Only] The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "creating": {
+          "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully.\n\nIf you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "creatingWithoutRetries": {
+          "description": "[Output Only] The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "deleting": {
+          "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "none": {
+          "description": "[Output Only] The number of instances in the managed instance group that are running and have no scheduled actions.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "recreating": {
+          "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be recreated or are currently being being recreated. Recreating an instance deletes the existing root persistent disk and creates a new disk from the image that is defined in the instance template.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "refreshing": {
+          "description": "[Output Only] The number of instances in the managed instance group that are being reconfigured with properties that do not require a restart or a recreate action. For example, setting or removing target pools for the instance.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "restarting": {
+          "description": "[Output Only] The number of instances in the managed instance group that are scheduled to be restarted or are currently being restarted.",
+          "format": "int32",
+          "type": "integer"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "InstanceGroupManagerAggregatedList": {
+      "id": "InstanceGroupManagerAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "InstanceGroupManagersScopedList",
+            "description": "[Output Only] The name of the scope that contains this set of managed instance groups."
+          },
+          "description": "A list of InstanceGroupManagersScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#instanceGroupManagerAggregatedList",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupManagerAggregatedList for an aggregated list of managed instance groups.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "Subnetwork"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.subnetworks.list",
-     "path": "{project}/regions/{region}/subnetworks",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of subnetworks available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "InstanceGroupManagerList": {
+      "description": "[Output Only] A list of managed instance groups.",
+      "id": "InstanceGroupManagerList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceGroupManager resources.",
+          "items": {
+            "$ref": "InstanceGroupManager"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#instanceGroupManagerList",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupManagerList for a list of managed instance groups.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "InstanceGroupManagersAbandonInstancesRequest": {
+      "id": "InstanceGroupManagersAbandonInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The URLs of one or more instances to abandon. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "InstanceGroupManagersDeleteInstancesRequest": {
+      "id": "InstanceGroupManagersDeleteInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The URLs of one or more instances to delete. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "InstanceGroupManagersListManagedInstancesResponse": {
+      "id": "InstanceGroupManagersListManagedInstancesResponse",
+      "properties": {
+        "managedInstances": {
+          "description": "[Output Only] The list of instances in the managed instance group.",
+          "items": {
+            "$ref": "ManagedInstance"
+          },
+          "type": "array"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "InstanceGroupManagersRecreateInstancesRequest": {
+      "id": "InstanceGroupManagersRecreateInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The URLs of one or more instances to recreate. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "SubnetworkList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setPrivateIpGoogleAccess": {
-     "id": "compute.subnetworks.setPrivateIpGoogleAccess",
-     "path": "{project}/regions/{region}/subnetworks/{subnetwork}/setPrivateIpGoogleAccess",
-     "httpMethod": "POST",
-     "description": "Set whether VMs in this subnet can access Google services without assigning external IP addresses through Private Google Access.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "InstanceGroupManagersScopedList": {
+      "id": "InstanceGroupManagersScopedList",
+      "properties": {
+        "instanceGroupManagers": {
+          "description": "[Output Only] The list of managed instance groups that are contained in the specified project and zone.",
+          "items": {
+            "$ref": "InstanceGroupManager"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] The warning that replaces the list of managed instance groups when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "InstanceGroupManagersSetInstanceTemplateRequest": {
+      "id": "InstanceGroupManagersSetInstanceTemplateRequest",
+      "properties": {
+        "instanceTemplate": {
+          "description": "The URL of the instance template that is specified for this managed instance group. The group uses this template to create all new instances in the managed instance group.",
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "InstanceGroupManagersSetTargetPoolsRequest": {
+      "id": "InstanceGroupManagersSetTargetPoolsRequest",
+      "properties": {
+        "fingerprint": {
+          "description": "The fingerprint of the target pools information. Use this optional property to prevent conflicts when multiple users change the target pools settings concurrently. Obtain the fingerprint with the instanceGroupManagers.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.",
+          "format": "byte",
+          "type": "string"
+        },
+        "targetPools": {
+          "description": "The list of target pool URLs that instances in this managed instance group belong to. The managed instance group applies these target pools to all of the instances in the group. Existing instances and new instances in the group all receive these target pool settings.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "subnetwork": {
-       "type": "string",
-       "description": "Name of the Subnetwork resource.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "subnetwork"
-     ],
-     "request": {
-      "$ref": "SubnetworksSetPrivateIpGoogleAccessRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "targetHttpProxies": {
-   "methods": {
-    "delete": {
-     "id": "compute.targetHttpProxies.delete",
-     "path": "{project}/global/targetHttpProxies/{targetHttpProxy}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified TargetHttpProxy resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "InstanceGroupsAddInstancesRequest": {
+      "id": "InstanceGroupsAddInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The list of instances to add to the instance group.",
+          "items": {
+            "$ref": "InstanceReference"
+          },
+          "type": "array"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "InstanceGroupsListInstances": {
+      "id": "InstanceGroupsListInstances",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceWithNamedPorts resources.",
+          "items": {
+            "$ref": "InstanceWithNamedPorts"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#instanceGroupsListInstances",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupsListInstances for the list of instances in the specified instance group.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "targetHttpProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpProxy resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpProxy"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetHttpProxies.get",
-     "path": "{project}/global/targetHttpProxies/{targetHttpProxy}",
-     "httpMethod": "GET",
-     "description": "Returns the specified TargetHttpProxy resource. Get a list of available target HTTP proxies by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "InstanceGroupsListInstancesRequest": {
+      "id": "InstanceGroupsListInstancesRequest",
+      "properties": {
+        "instanceState": {
+          "description": "A filter for the state of the instances in the instance group. Valid options are ALL or RUNNING. If you do not specify this parameter the list includes all instances regardless of their state.",
+          "enum": [
+            "ALL",
+            "RUNNING"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
       },
-      "targetHttpProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpProxy resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpProxy"
-     ],
-     "response": {
-      "$ref": "TargetHttpProxy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetHttpProxies.insert",
-     "path": "{project}/global/targetHttpProxies",
-     "httpMethod": "POST",
-     "description": "Creates a TargetHttpProxy resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "InstanceGroupsRemoveInstancesRequest": {
+      "id": "InstanceGroupsRemoveInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The list of instances to remove from the instance group.",
+          "items": {
+            "$ref": "InstanceReference"
+          },
+          "type": "array"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "TargetHttpProxy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetHttpProxies.list",
-     "path": "{project}/global/targetHttpProxies",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of TargetHttpProxy resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "InstanceGroupsScopedList": {
+      "id": "InstanceGroupsScopedList",
+      "properties": {
+        "instanceGroups": {
+          "description": "[Output Only] The list of instance groups that are contained in this scope.",
+          "items": {
+            "$ref": "InstanceGroup"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] An informational warning that replaces the list of instance groups when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "InstanceGroupsSetNamedPortsRequest": {
+      "id": "InstanceGroupsSetNamedPortsRequest",
+      "properties": {
+        "fingerprint": {
+          "description": "The fingerprint of the named ports information for this instance group. Use this optional property to prevent conflicts when multiple users change the named ports settings concurrently. Obtain the fingerprint with the instanceGroups.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.",
+          "format": "byte",
+          "type": "string"
+        },
+        "namedPorts": {
+          "description": "The list of named ports to set for this instance group.",
+          "items": {
+            "$ref": "NamedPort"
+          },
+          "type": "array"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "InstanceList": {
+      "description": "Contains a list of instances.",
+      "id": "InstanceList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Instance resources.",
+          "items": {
+            "$ref": "Instance"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#instanceList",
+          "description": "[Output Only] Type of resource. Always compute#instanceList for lists of Instance resources.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "InstanceListReferrers": {
+      "description": "Contains a list of instance referrers.",
+      "id": "InstanceListReferrers",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Reference resources.",
+          "items": {
+            "$ref": "Reference"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#instanceListReferrers",
+          "description": "[Output Only] Type of resource. Always compute#instanceListReferrers for lists of Instance referrers.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetHttpProxyList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setUrlMap": {
-     "id": "compute.targetHttpProxies.setUrlMap",
-     "path": "{project}/targetHttpProxies/{targetHttpProxy}/setUrlMap",
-     "httpMethod": "POST",
-     "description": "Changes the URL map for TargetHttpProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "InstanceMoveRequest": {
+      "id": "InstanceMoveRequest",
+      "properties": {
+        "destinationZone": {
+          "description": "The URL of the destination zone to move the instance. This can be a full or partial URL. For example, the following are all valid URLs to a zone:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone \n- projects/project/zones/zone \n- zones/zone",
+          "type": "string"
+        },
+        "targetInstance": {
+          "description": "The URL of the target instance to move. This can be a full or partial URL. For example, the following are all valid URLs to an instance:  \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance \n- projects/project/zones/zone/instances/instance \n- zones/zone/instances/instance",
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "InstanceProperties": {
+      "description": "",
+      "id": "InstanceProperties",
+      "properties": {
+        "canIpForward": {
+          "description": "Enables instances created based on this template to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.",
+          "type": "boolean"
+        },
+        "description": {
+          "description": "An optional text description for the instances that are created from this instance template.",
+          "type": "string"
+        },
+        "disks": {
+          "description": "An array of disks that are associated with the instances that are created from this template.",
+          "items": {
+            "$ref": "AttachedDisk"
+          },
+          "type": "array"
+        },
+        "guestAccelerators": {
+          "description": "A list of guest accelerator cards' type and count to use for instances created from the instance template.",
+          "items": {
+            "$ref": "AcceleratorConfig"
+          },
+          "type": "array"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to instances that are created from this template.",
+          "type": "object"
+        },
+        "machineType": {
+          "annotations": {
+            "required": [
+              "compute.instanceTemplates.insert"
+            ]
+          },
+          "description": "The machine type to use for instances that are created from this template.",
+          "type": "string"
+        },
+        "metadata": {
+          "$ref": "Metadata",
+          "description": "The metadata key/value pairs to assign to instances that are created from this template. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information."
+        },
+        "minCpuPlatform": {
+          "description": "Minimum cpu/platform to be used by this instance. The instance may be scheduled on the specified or newer cpu/platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\". For more information, read Specifying a Minimum CPU Platform.",
+          "type": "string"
+        },
+        "networkInterfaces": {
+          "description": "An array of network access configurations for this interface.",
+          "items": {
+            "$ref": "NetworkInterface"
+          },
+          "type": "array"
+        },
+        "scheduling": {
+          "$ref": "Scheduling",
+          "description": "Specifies the scheduling options for the instances that are created from this template."
+        },
+        "serviceAccounts": {
+          "description": "A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from this template. Use metadata queries to obtain the access tokens for these instances.",
+          "items": {
+            "$ref": "ServiceAccount"
+          },
+          "type": "array"
+        },
+        "tags": {
+          "$ref": "Tags",
+          "description": "A list of tags to apply to the instances that are created from this template. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035."
+        }
       },
-      "targetHttpProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpProxy to set a URL map for.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpProxy"
-     ],
-     "request": {
-      "$ref": "UrlMapReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "targetHttpsProxies": {
-   "methods": {
-    "delete": {
-     "id": "compute.targetHttpsProxies.delete",
-     "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified TargetHttpsProxy resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "InstanceReference": {
+      "id": "InstanceReference",
+      "properties": {
+        "instance": {
+          "description": "The URL for a specific instance.",
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "InstanceTemplate": {
+      "description": "An Instance Template resource. (== resource_for beta.instanceTemplates ==) (== resource_for v1.instanceTemplates ==)",
+      "id": "InstanceTemplate",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] The creation timestamp for this instance template in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] A unique identifier for this instance template. The server defines this identifier.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#instanceTemplate",
+          "description": "[Output Only] The resource type, which is always compute#instanceTemplate for instance templates.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.instanceTemplates.insert"
+            ]
+          },
+          "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "properties": {
+          "$ref": "InstanceProperties",
+          "description": "The instance properties for this instance template."
+        },
+        "selfLink": {
+          "description": "[Output Only] The URL for this instance template. The server defines this URL.",
+          "type": "string"
+        }
       },
-      "targetHttpsProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpsProxy resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpsProxy"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetHttpsProxies.get",
-     "path": "{project}/global/targetHttpsProxies/{targetHttpsProxy}",
-     "httpMethod": "GET",
-     "description": "Returns the specified TargetHttpsProxy resource. Get a list of available target HTTPS proxies by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "InstanceTemplateList": {
+      "description": "A list of instance templates.",
+      "id": "InstanceTemplateList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceTemplate resources.",
+          "items": {
+            "$ref": "InstanceTemplate"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#instanceTemplateList",
+          "description": "[Output Only] The resource type, which is always compute#instanceTemplatesListResponse for instance template lists.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "targetHttpsProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpsProxy resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpsProxy"
-     ],
-     "response": {
-      "$ref": "TargetHttpsProxy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetHttpsProxies.insert",
-     "path": "{project}/global/targetHttpsProxies",
-     "httpMethod": "POST",
-     "description": "Creates a TargetHttpsProxy resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "InstanceWithNamedPorts": {
+      "id": "InstanceWithNamedPorts",
+      "properties": {
+        "instance": {
+          "description": "[Output Only] The URL of the instance.",
+          "type": "string"
+        },
+        "namedPorts": {
+          "description": "[Output Only] The named ports that belong to this instance group.",
+          "items": {
+            "$ref": "NamedPort"
+          },
+          "type": "array"
+        },
+        "status": {
+          "description": "[Output Only] The status of the instance.",
+          "enum": [
+            "PROVISIONING",
+            "RUNNING",
+            "STAGING",
+            "STOPPED",
+            "STOPPING",
+            "SUSPENDED",
+            "SUSPENDING",
+            "TERMINATED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "TargetHttpsProxy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetHttpsProxies.list",
-     "path": "{project}/global/targetHttpsProxies",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of TargetHttpsProxy resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "InstancesScopedList": {
+      "id": "InstancesScopedList",
+      "properties": {
+        "instances": {
+          "description": "[Output Only] List of instances contained in this scope.",
+          "items": {
+            "$ref": "Instance"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of instances when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "InstancesSetLabelsRequest": {
+      "id": "InstancesSetLabelsRequest",
+      "properties": {
+        "labelFingerprint": {
+          "description": "Fingerprint of the previous set of labels for this resource, used to prevent conflicts. Provide the latest fingerprint value when making a request to add or change labels.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "type": "object"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "InstancesSetMachineResourcesRequest": {
+      "id": "InstancesSetMachineResourcesRequest",
+      "properties": {
+        "guestAccelerators": {
+          "description": "List of the type and count of accelerator cards attached to the instance.",
+          "items": {
+            "$ref": "AcceleratorConfig"
+          },
+          "type": "array"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "InstancesSetMachineTypeRequest": {
+      "id": "InstancesSetMachineTypeRequest",
+      "properties": {
+        "machineType": {
+          "description": "Full or partial URL of the machine type resource. See Machine Types for a full list of machine types. For example: zones/us-central1-f/machineTypes/n1-standard-1",
+          "type": "string"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetHttpsProxyList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setSslCertificates": {
-     "id": "compute.targetHttpsProxies.setSslCertificates",
-     "path": "{project}/targetHttpsProxies/{targetHttpsProxy}/setSslCertificates",
-     "httpMethod": "POST",
-     "description": "Replaces SslCertificates for TargetHttpsProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "InstancesSetMinCpuPlatformRequest": {
+      "id": "InstancesSetMinCpuPlatformRequest",
+      "properties": {
+        "minCpuPlatform": {
+          "description": "Minimum cpu/platform this instance should be started at.",
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "InstancesSetServiceAccountRequest": {
+      "id": "InstancesSetServiceAccountRequest",
+      "properties": {
+        "email": {
+          "description": "Email address of the service account.",
+          "type": "string"
+        },
+        "scopes": {
+          "description": "The list of scopes to be made available for this service account.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "targetHttpsProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpsProxy resource to set an SslCertificates resource for.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpsProxy"
-     ],
-     "request": {
-      "$ref": "TargetHttpsProxiesSetSslCertificatesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setUrlMap": {
-     "id": "compute.targetHttpsProxies.setUrlMap",
-     "path": "{project}/targetHttpsProxies/{targetHttpsProxy}/setUrlMap",
-     "httpMethod": "POST",
-     "description": "Changes the URL map for TargetHttpsProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "InstancesStartWithEncryptionKeyRequest": {
+      "id": "InstancesStartWithEncryptionKeyRequest",
+      "properties": {
+        "disks": {
+          "description": "Array of disks associated with this instance that are protected with a customer-supplied encryption key.\n\nIn order to start the instance, the disk url and its corresponding key must be provided.\n\nIf the disk is not protected with a customer-supplied encryption key it should not be specified.",
+          "items": {
+            "$ref": "CustomerEncryptionKeyProtectedDisk"
+          },
+          "type": "array"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "Interconnect": {
+      "description": "Represents an Interconnects resource. The Interconnects resource is a dedicated connection between Google's network and your on-premises network. For more information, see the  Dedicated overview page. (== resource_for v1.interconnects ==) (== resource_for beta.interconnects ==)",
+      "id": "Interconnect",
+      "properties": {
+        "adminEnabled": {
+          "description": "Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true.",
+          "type": "boolean"
+        },
+        "circuitInfos": {
+          "description": "[Output Only] List of CircuitInfo objects, that describe the individual circuits in this LAG.",
+          "items": {
+            "$ref": "InterconnectCircuitInfo"
+          },
+          "type": "array"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "customerName": {
+          "description": "Customer name, to put in the Letter of Authorization as the party authorized to request a crossconnect.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "expectedOutages": {
+          "description": "[Output Only] List of outages expected for this Interconnect.",
+          "items": {
+            "$ref": "InterconnectOutageNotification"
+          },
+          "type": "array"
+        },
+        "googleIpAddress": {
+          "description": "[Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests.",
+          "type": "string"
+        },
+        "googleReferenceId": {
+          "description": "[Output Only] Google reference ID; to be used when raising support tickets with Google or otherwise to debug backend connectivity issues.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "interconnectAttachments": {
+          "description": "[Output Only] A list of the URLs of all InterconnectAttachments configured to use this Interconnect.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "interconnectType": {
+          "description": "Type of interconnect. Note that \"IT_PRIVATE\" has been deprecated in favor of \"DEDICATED\"",
+          "enum": [
+            "DEDICATED",
+            "IT_PRIVATE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#interconnect",
+          "description": "[Output Only] Type of the resource. Always compute#interconnect for interconnects.",
+          "type": "string"
+        },
+        "linkType": {
+          "description": "Type of link requested. This field indicates speed of each of the links in the bundle, not the entire bundle. Only 10G per link is allowed for a dedicated interconnect. Options: Ethernet_10G_LR",
+          "enum": [
+            "LINK_TYPE_ETHERNET_10G_LR"
+          ],
+          "enumDescriptions": [
+            ""
+          ],
+          "type": "string"
+        },
+        "location": {
+          "description": "URL of the InterconnectLocation object that represents where this connection is to be provisioned.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.interconnects.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "nocContactEmail": {
+          "description": "Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Stackdriver logs alerting and Cloud Notifications.",
+          "type": "string"
+        },
+        "operationalStatus": {
+          "description": "[Output Only] The current status of whether or not this Interconnect is functional.",
+          "enum": [
+            "OS_ACTIVE",
+            "OS_UNPROVISIONED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "peerIpAddress": {
+          "description": "[Output Only] IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests.",
+          "type": "string"
+        },
+        "provisionedLinkCount": {
+          "description": "[Output Only] Number of links actually provisioned in this interconnect.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "requestedLinkCount": {
+          "description": "Target number of physical links in the link bundle, as requested by the customer.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        }
       },
-      "targetHttpsProxy": {
-       "type": "string",
-       "description": "Name of the TargetHttpsProxy resource whose URL map is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetHttpsProxy"
-     ],
-     "request": {
-      "$ref": "UrlMapReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "targetInstances": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.targetInstances.aggregatedList",
-     "path": "{project}/aggregated/targetInstances",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of target instances.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "InterconnectAttachment": {
+      "description": "Represents an InterconnectAttachment (VLAN attachment) resource. For more information, see  Creating VLAN Attachments. (== resource_for beta.interconnectAttachments ==) (== resource_for v1.interconnectAttachments ==)",
+      "id": "InterconnectAttachment",
+      "properties": {
+        "cloudRouterIpAddress": {
+          "description": "[Output Only] IPv4 address + prefix length to be configured on Cloud Router Interface for this interconnect attachment.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "customerRouterIpAddress": {
+          "description": "[Output Only] IPv4 address + prefix length to be configured on the customer router subinterface for this interconnect attachment.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource.",
+          "type": "string"
+        },
+        "googleReferenceId": {
+          "description": "[Output Only] Google reference ID, to be used when raising support tickets with Google or otherwise to debug backend connectivity issues.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "interconnect": {
+          "description": "URL of the underlying Interconnect object that this attachment's traffic will traverse through.",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#interconnectAttachment",
+          "description": "[Output Only] Type of the resource. Always compute#interconnectAttachment for interconnect attachments.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "operationalStatus": {
+          "description": "[Output Only] The current status of whether or not this interconnect attachment is functional.",
+          "enum": [
+            "OS_ACTIVE",
+            "OS_UNPROVISIONED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "privateInterconnectInfo": {
+          "$ref": "InterconnectAttachmentPrivateInfo",
+          "description": "[Output Only] Information specific to an InterconnectAttachment. This property is populated if the interconnect that this is attached to is of type DEDICATED."
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the regional interconnect attachment resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "router": {
+          "description": "URL of the cloud router to be used for dynamic routing. This router must be in the same region as this InterconnectAttachment. The InterconnectAttachment will automatically connect the Interconnect to the network \u0026 region within which the Cloud Router is configured.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "InterconnectAttachmentAggregatedList": {
+      "id": "InterconnectAttachmentAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "InterconnectAttachmentsScopedList",
+            "description": "Name of the scope containing this set of interconnect attachments."
+          },
+          "description": "A list of InterconnectAttachmentsScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#interconnectAttachmentAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#interconnectAttachmentAggregatedList for aggregated lists of interconnect attachments.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "InterconnectAttachmentList": {
+      "description": "Response to the list request, and contains a list of interconnect attachments.",
+      "id": "InterconnectAttachmentList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InterconnectAttachment resources.",
+          "items": {
+            "$ref": "InterconnectAttachment"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#interconnectAttachmentList",
+          "description": "[Output Only] Type of resource. Always compute#interconnectAttachmentList for lists of interconnect attachments.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "InterconnectAttachmentPrivateInfo": {
+      "description": "Information for an interconnect attachment when this belongs to an interconnect of type DEDICATED.",
+      "id": "InterconnectAttachmentPrivateInfo",
+      "properties": {
+        "tag8021q": {
+          "description": "[Output Only] 802.1q encapsulation tag to be used for traffic between Google and the customer, going to and from this network and region.",
+          "format": "uint32",
+          "type": "integer"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetInstanceAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.targetInstances.delete",
-     "path": "{project}/zones/{zone}/targetInstances/{targetInstance}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified TargetInstance resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "InterconnectAttachmentsScopedList": {
+      "id": "InterconnectAttachmentsScopedList",
+      "properties": {
+        "interconnectAttachments": {
+          "description": "List of interconnect attachments contained in this scope.",
+          "items": {
+            "$ref": "InterconnectAttachment"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of addresses when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "InterconnectCircuitInfo": {
+      "description": "Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only. Next id: 4",
+      "id": "InterconnectCircuitInfo",
+      "properties": {
+        "customerDemarcId": {
+          "description": "Customer-side demarc ID for this circuit.",
+          "type": "string"
+        },
+        "googleCircuitId": {
+          "description": "Google-assigned unique ID for this circuit. Assigned at circuit turn-up.",
+          "type": "string"
+        },
+        "googleDemarcId": {
+          "description": "Google-side demarc ID for this circuit. Assigned at circuit turn-up and provided by Google to the customer in the LOA.",
+          "type": "string"
+        }
       },
-      "targetInstance": {
-       "type": "string",
-       "description": "Name of the TargetInstance resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "InterconnectList": {
+      "description": "Response to the list request, and contains a list of interconnects.",
+      "id": "InterconnectList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Interconnect resources.",
+          "items": {
+            "$ref": "Interconnect"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#interconnectList",
+          "description": "[Output Only] Type of resource. Always compute#interconnectList for lists of interconnects.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "targetInstance"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetInstances.get",
-     "path": "{project}/zones/{zone}/targetInstances/{targetInstance}",
-     "httpMethod": "GET",
-     "description": "Returns the specified TargetInstance resource. Get a list of available target instances by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "InterconnectLocation": {
+      "description": "Represents an InterconnectLocations resource. The InterconnectLocations resource describes the locations where you can connect to Google's networks. For more information, see  Colocation Facilities.",
+      "id": "InterconnectLocation",
+      "properties": {
+        "address": {
+          "description": "[Output Only] The postal address of the Point of Presence, each line in the address is separated by a newline character.",
+          "type": "string"
+        },
+        "availabilityZone": {
+          "description": "[Output Only] Availability zone for this location. Within a metropolitan area (metro), maintenance will not be simultaneously scheduled in more than one availability zone. Example: \"zone1\" or \"zone2\".",
+          "type": "string"
+        },
+        "city": {
+          "description": "[Output Only] Metropolitan area designator that indicates which city an interconnect is located. For example: \"Chicago, IL\", \"Amsterdam, Netherlands\".",
+          "type": "string"
+        },
+        "continent": {
+          "description": "[Output Only] Continent for this location.",
+          "enum": [
+            "AFRICA",
+            "ASIA_PAC",
+            "C_AFRICA",
+            "C_ASIA_PAC",
+            "C_EUROPE",
+            "C_NORTH_AMERICA",
+            "C_SOUTH_AMERICA",
+            "EUROPE",
+            "NORTH_AMERICA",
+            "SOUTH_AMERICA"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "[Output Only] An optional description of the resource.",
+          "type": "string"
+        },
+        "facilityProvider": {
+          "description": "[Output Only] The name of the provider for this facility (e.g., EQUINIX).",
+          "type": "string"
+        },
+        "facilityProviderFacilityId": {
+          "description": "[Output Only] A provider-assigned Identifier for this facility (e.g., Ashburn-DC1).",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#interconnectLocation",
+          "description": "[Output Only] Type of the resource. Always compute#interconnectLocation for interconnect locations.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "type": "string"
+        },
+        "peeringdbFacilityId": {
+          "description": "[Output Only] The peeringdb identifier for this facility (corresponding with a netfac type in peeringdb).",
+          "type": "string"
+        },
+        "regionInfos": {
+          "description": "[Output Only] A list of InterconnectLocation.RegionInfo objects, that describe parameters pertaining to the relation between this InterconnectLocation and various Google Cloud regions.",
+          "items": {
+            "$ref": "InterconnectLocationRegionInfo"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        }
       },
-      "targetInstance": {
-       "type": "string",
-       "description": "Name of the TargetInstance resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "InterconnectLocationList": {
+      "description": "Response to the list request, and contains a list of interconnect locations.",
+      "id": "InterconnectLocationList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InterconnectLocation resources.",
+          "items": {
+            "$ref": "InterconnectLocation"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#interconnectLocationList",
+          "description": "[Output Only] Type of resource. Always compute#interconnectLocationList for lists of interconnect locations.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "targetInstance"
-     ],
-     "response": {
-      "$ref": "TargetInstance"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetInstances.insert",
-     "path": "{project}/zones/{zone}/targetInstances",
-     "httpMethod": "POST",
-     "description": "Creates a TargetInstance resource in the specified project and zone using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "InterconnectLocationRegionInfo": {
+      "description": "Information about any potential InterconnectAttachments between an Interconnect at a specific InterconnectLocation, and a specific Cloud Region.",
+      "id": "InterconnectLocationRegionInfo",
+      "properties": {
+        "expectedRttMs": {
+          "description": "Expected round-trip time in milliseconds, from this InterconnectLocation to a VM in this region.",
+          "format": "int64",
+          "type": "string"
+        },
+        "locationPresence": {
+          "description": "Identifies the network presence of this location.",
+          "enum": [
+            "GLOBAL",
+            "LOCAL_REGION",
+            "LP_GLOBAL",
+            "LP_LOCAL_REGION"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "region": {
+          "description": "URL for the region of this location.",
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "InterconnectOutageNotification": {
+      "description": "Description of a planned outage on this Interconnect. Next id: 9",
+      "id": "InterconnectOutageNotification",
+      "properties": {
+        "affectedCircuits": {
+          "description": "Iff issue_type is IT_PARTIAL_OUTAGE, a list of the Google-side circuit IDs that will be affected.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "description": {
+          "description": "A description about the purpose of the outage.",
+          "type": "string"
+        },
+        "endTime": {
+          "description": "Scheduled end time for the outage (milliseconds since Unix epoch).",
+          "format": "int64",
+          "type": "string"
+        },
+        "issueType": {
+          "description": "Form this outage is expected to take. Note that the \"IT_\" versions of this enum have been deprecated in favor of the unprefixed values.",
+          "enum": [
+            "IT_OUTAGE",
+            "IT_PARTIAL_OUTAGE",
+            "OUTAGE",
+            "PARTIAL_OUTAGE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "name": {
+          "description": "Unique identifier for this outage notification.",
+          "type": "string"
+        },
+        "source": {
+          "description": "The party that generated this notification. Note that \"NSRC_GOOGLE\" has been deprecated in favor of \"GOOGLE\"",
+          "enum": [
+            "GOOGLE",
+            "NSRC_GOOGLE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "startTime": {
+          "description": "Scheduled start time for the outage (milliseconds since Unix epoch).",
+          "format": "int64",
+          "type": "string"
+        },
+        "state": {
+          "description": "State of this notification. Note that the \"NS_\" versions of this enum have been deprecated in favor of the unprefixed values.",
+          "enum": [
+            "ACTIVE",
+            "CANCELLED",
+            "NS_ACTIVE",
+            "NS_CANCELED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
       },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "request": {
-      "$ref": "TargetInstance"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetInstances.list",
-     "path": "{project}/zones/{zone}/targetInstances",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of TargetInstance resources available to the specified project and zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "License": {
+      "description": "A license resource.",
+      "id": "License",
+      "properties": {
+        "chargesUseFee": {
+          "description": "[Output Only] Deprecated. This field no longer reflects whether a license charges a usage fee.",
+          "type": "boolean"
+        },
+        "kind": {
+          "default": "compute#license",
+          "description": "[Output Only] Type of resource. Always compute#license for licenses.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.images.insert"
+            ]
+          },
+          "description": "[Output Only] Name of the resource. The name is 1-63 characters long and complies with RFC1035.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "MachineType": {
+      "description": "A Machine Type resource. (== resource_for v1.machineTypes ==) (== resource_for beta.machineTypes ==)",
+      "id": "MachineType",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "deprecated": {
+          "$ref": "DeprecationStatus",
+          "description": "[Output Only] The deprecation status associated with this machine type."
+        },
+        "description": {
+          "description": "[Output Only] An optional textual description of the resource.",
+          "type": "string"
+        },
+        "guestCpus": {
+          "description": "[Output Only] The number of virtual CPUs that are available to the instance.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "imageSpaceGb": {
+          "description": "[Deprecated] This property is deprecated and will never be populated with any relevant values.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "isSharedCpu": {
+          "description": "[Output Only] Whether this machine type has a shared CPU. See Shared-core machine types for more information.",
+          "type": "boolean"
+        },
+        "kind": {
+          "default": "compute#machineType",
+          "description": "[Output Only] The type of the resource. Always compute#machineType for machine types.",
+          "type": "string"
+        },
+        "maximumPersistentDisks": {
+          "description": "[Output Only] Maximum persistent disks allowed.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "maximumPersistentDisksSizeGb": {
+          "description": "[Output Only] Maximum total persistent disks size (GB) allowed.",
+          "format": "int64",
+          "type": "string"
+        },
+        "memoryMb": {
+          "description": "[Output Only] The amount of physical memory available to the instance, defined in MB.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "scratchDisks": {
+          "description": "[Output Only] List of extended scratch disks assigned to the instance.",
+          "items": {
+            "properties": {
+              "diskGb": {
+                "description": "Size of the scratch disk, defined in GB.",
+                "format": "int32",
+                "type": "integer"
+              }
+            },
+            "type": "object"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] The name of the zone where the machine type resides, such as us-central1-a.",
+          "type": "string"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "MachineTypeAggregatedList": {
+      "id": "MachineTypeAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "MachineTypesScopedList",
+            "description": "[Output Only] Name of the scope containing this set of machine types."
+          },
+          "description": "A list of MachineTypesScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#machineTypeAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#machineTypeAggregatedList for aggregated lists of machine types.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "MachineTypeList": {
+      "description": "Contains a list of machine types.",
+      "id": "MachineTypeList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of MachineType resources.",
+          "items": {
+            "$ref": "MachineType"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#machineTypeList",
+          "description": "[Output Only] Type of resource. Always compute#machineTypeList for lists of machine types.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "MachineTypesScopedList": {
+      "id": "MachineTypesScopedList",
+      "properties": {
+        "machineTypes": {
+          "description": "[Output Only] List of machine types contained in this scope.",
+          "items": {
+            "$ref": "MachineType"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] An informational warning that appears when the machine types list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "TargetInstanceList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "targetPools": {
-   "methods": {
-    "addHealthCheck": {
-     "id": "compute.targetPools.addHealthCheck",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}/addHealthCheck",
-     "httpMethod": "POST",
-     "description": "Adds health check URLs to a target pool.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "ManagedInstance": {
+      "description": "Next available tag: 12",
+      "id": "ManagedInstance",
+      "properties": {
+        "currentAction": {
+          "description": "[Output Only] The current action that the managed instance group has scheduled for the instance. Possible values: \n- NONE The instance is running, and the managed instance group does not have any scheduled actions for this instance. \n- CREATING The managed instance group is creating this instance. If the group fails to create this instance, it will try again until it is successful. \n- CREATING_WITHOUT_RETRIES The managed instance group is attempting to create this instance only once. If the group fails to create this instance, it does not try again and the group's targetSize value is decreased instead. \n- RECREATING The managed instance group is recreating this instance. \n- DELETING The managed instance group is permanently deleting this instance. \n- ABANDONING The managed instance group is abandoning this instance. The instance will be removed from the instance group and from any target pools that are associated with this group. \n- RESTARTING The managed instance group is restarting the instance. \n- REFRESHING The managed instance group is applying configuration changes to the instance without stopping it. For example, the group can update the target pool list for an instance without stopping that instance. \n- VERIFYING The managed instance group has created the instance and it is in the process of being verified.",
+          "enum": [
+            "ABANDONING",
+            "CREATING",
+            "CREATING_WITHOUT_RETRIES",
+            "DELETING",
+            "NONE",
+            "RECREATING",
+            "REFRESHING",
+            "RESTARTING"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output only] The unique identifier for this resource. This field is empty when instance does not exist.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "instance": {
+          "description": "[Output Only] The URL of the instance. The URL can exist even if the instance has not yet been created.",
+          "type": "string"
+        },
+        "instanceStatus": {
+          "description": "[Output Only] The status of the instance. This field is empty when the instance does not exist.",
+          "enum": [
+            "PROVISIONING",
+            "RUNNING",
+            "STAGING",
+            "STOPPED",
+            "STOPPING",
+            "SUSPENDED",
+            "SUSPENDING",
+            "TERMINATED"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "lastAttempt": {
+          "$ref": "ManagedInstanceLastAttempt",
+          "description": "[Output Only] Information about the last attempt to create or delete the instance."
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "ManagedInstanceLastAttempt": {
+      "id": "ManagedInstanceLastAttempt",
+      "properties": {
+        "errors": {
+          "description": "[Output Only] Encountered errors during the last attempt to create or delete the instance.",
+          "properties": {
+            "errors": {
+              "description": "[Output Only] The array of errors encountered while processing this operation.",
+              "items": {
+                "properties": {
+                  "code": {
+                    "description": "[Output Only] The error type identifier for this error.",
+                    "type": "string"
+                  },
+                  "location": {
+                    "description": "[Output Only] Indicates the field in the request that caused the error. This property is optional.",
+                    "type": "string"
+                  },
+                  "message": {
+                    "description": "[Output Only] An optional, human-readable error message.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            }
+          },
+          "type": "object"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "Metadata": {
+      "description": "A metadata key/value entry.",
+      "id": "Metadata",
+      "properties": {
+        "fingerprint": {
+          "description": "Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.",
+          "format": "byte",
+          "type": "string"
+        },
+        "items": {
+          "description": "Array of key/value pairs. The total size of all keys and values must be less than 512 KB.",
+          "items": {
+            "properties": {
+              "key": {
+                "annotations": {
+                  "required": [
+                    "compute.instances.insert",
+                    "compute.projects.setCommonInstanceMetadata"
+                  ]
+                },
+                "description": "Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.",
+                "pattern": "[a-zA-Z0-9-_]{1,128}",
+                "type": "string"
+              },
+              "value": {
+                "annotations": {
+                  "required": [
+                    "compute.instances.insert",
+                    "compute.projects.setCommonInstanceMetadata"
+                  ]
+                },
+                "description": "Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).",
+                "type": "string"
+              }
+            },
+            "type": "object"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#metadata",
+          "description": "[Output Only] Type of the resource. Always compute#metadata for metadata.",
+          "type": "string"
+        }
       },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the target pool to add a health check to.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "request": {
-      "$ref": "TargetPoolsAddHealthCheckRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "addInstance": {
-     "id": "compute.targetPools.addInstance",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}/addInstance",
-     "httpMethod": "POST",
-     "description": "Adds an instance to a target pool.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "NamedPort": {
+      "description": "The named port. For example: .",
+      "id": "NamedPort",
+      "properties": {
+        "name": {
+          "description": "The name for this named port. The name must be 1-63 characters long, and comply with RFC1035.",
+          "type": "string"
+        },
+        "port": {
+          "description": "The port number, which can be a value between 1 and 65535.",
+          "format": "int32",
+          "type": "integer"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "Network": {
+      "description": "Represents a Network resource. Read Networks and Firewalls for more information. (== resource_for v1.networks ==) (== resource_for beta.networks ==)",
+      "id": "Network",
+      "properties": {
+        "IPv4Range": {
+          "description": "The range of internal addresses that are legal on this network. This range is a CIDR specification, for example: 192.168.0.0/16. Provided by the client when the network is created.",
+          "pattern": "[0-9]{1,3}(?:\\.[0-9]{1,3}){3}/[0-9]{1,2}",
+          "type": "string"
+        },
+        "autoCreateSubnetworks": {
+          "description": "When set to true, the network is created in \"auto subnet mode\". When set to false, the network is in \"custom subnet mode\".\n\nIn \"auto subnet mode\", a newly created network is assigned the default CIDR of 10.128.0.0/9 and it automatically creates one subnetwork per region.",
+          "type": "boolean"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "gatewayIPv4": {
+          "description": "A gateway address for default routing to other networks. This value is read only and is selected by the Google Compute Engine, typically as the first usable address in the IPv4Range.",
+          "pattern": "[0-9]{1,3}(?:\\.[0-9]{1,3}){3}",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#network",
+          "description": "[Output Only] Type of the resource. Always compute#network for networks.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.networks.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "peerings": {
+          "description": "[Output Only] List of network peerings for the resource.",
+          "items": {
+            "$ref": "NetworkPeering"
+          },
+          "type": "array"
+        },
+        "routingConfig": {
+          "$ref": "NetworkRoutingConfig",
+          "description": "The network-level routing configuration for this network. Used by Cloud Router to determine what type of network-wide routing behavior to enforce."
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "subnetworks": {
+          "description": "[Output Only] Server-defined fully-qualified URLs for all subnetworks in this network.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "NetworkInterface": {
+      "description": "A network interface resource attached to an instance.",
+      "id": "NetworkInterface",
+      "properties": {
+        "accessConfigs": {
+          "description": "An array of configurations for this interface. Currently, only one access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this instance will have no external internet access.",
+          "items": {
+            "$ref": "AccessConfig"
+          },
+          "type": "array"
+        },
+        "aliasIpRanges": {
+          "description": "An array of alias IP ranges for this network interface. Can only be specified for network interfaces on subnet-mode networks.",
+          "items": {
+            "$ref": "AliasIpRange"
+          },
+          "type": "array"
+        },
+        "fingerprint": {
+          "description": "Fingerprint hash of contents stored in this network interface. This field will be ignored when inserting an Instance or adding a NetworkInterface. An up-to-date fingerprint must be provided in order to update the NetworkInterface.",
+          "format": "byte",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#networkInterface",
+          "description": "[Output Only] Type of the resource. Always compute#networkInterface for network interfaces.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] The name of the network interface, generated by the server. For network devices, these are eth0, eth1, etc.",
+          "type": "string"
+        },
+        "network": {
+          "description": "URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.\n\nThis field is optional when creating a firewall rule. If not specified when creating a firewall rule, the default network global/networks/default is used.\n\nIf you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/project/global/networks/network \n- projects/project/global/networks/network \n- global/networks/default",
+          "type": "string"
+        },
+        "networkIP": {
+          "description": "An IPv4 internal network address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.",
+          "type": "string"
+        },
+        "subnetwork": {
+          "description": "The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not provide this property. If the network is in auto subnet mode, providing the subnetwork is optional. If the network is in custom subnet mode, then this field should be specified. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork \n- regions/region/subnetworks/subnetwork",
+          "type": "string"
+        }
       },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the TargetPool resource to add instances to.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "request": {
-      "$ref": "TargetPoolsAddInstanceRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "aggregatedList": {
-     "id": "compute.targetPools.aggregatedList",
-     "path": "{project}/aggregated/targetPools",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of target pools.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "NetworkList": {
+      "description": "Contains a list of networks.",
+      "id": "NetworkList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Network resources.",
+          "items": {
+            "$ref": "Network"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#networkList",
+          "description": "[Output Only] Type of resource. Always compute#networkList for lists of networks.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "NetworkPeering": {
+      "description": "A network peering attached to a network resource. The message includes the peering name, peer network, peering state, and a flag indicating whether Google Compute Engine should automatically create routes for the peering.",
+      "id": "NetworkPeering",
+      "properties": {
+        "autoCreateRoutes": {
+          "description": "Whether full mesh connectivity is created and managed automatically. When it is set to true, Google Compute Engine will automatically create and manage the routes between two networks when the state is ACTIVE. Otherwise, user needs to create routes manually to route packets to peer network.",
+          "type": "boolean"
+        },
+        "name": {
+          "description": "Name of this peering. Provided by the client when the peering is created. The name must comply with RFC1035. Specifically, the name must be 1-63 characters long and match regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all the following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "type": "string"
+        },
+        "network": {
+          "description": "The URL of the peer network. It can be either full URL or partial URL. The peer network may belong to a different project. If the partial URL does not contain project, it is assumed that the peer network is in the same project as the current network.",
+          "type": "string"
+        },
+        "state": {
+          "description": "[Output Only] State for the peering.",
+          "enum": [
+            "ACTIVE",
+            "INACTIVE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "stateDetails": {
+          "description": "[Output Only] Details about the current state of the peering.",
+          "type": "string"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "NetworkRoutingConfig": {
+      "description": "A routing configuration attached to a network resource. The message includes the list of routers associated with the network, and a flag indicating the type of routing behavior to enforce network-wide.",
+      "id": "NetworkRoutingConfig",
+      "properties": {
+        "routingMode": {
+          "description": "The network-wide routing mode to use. If set to REGIONAL, this network's cloud routers will only advertise routes with subnetworks of this network in the same region as the router. If set to GLOBAL, this network's cloud routers will advertise routes with all subnetworks of this network, across regions.",
+          "enum": [
+            "GLOBAL",
+            "REGIONAL"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "NetworksAddPeeringRequest": {
+      "id": "NetworksAddPeeringRequest",
+      "properties": {
+        "autoCreateRoutes": {
+          "description": "Whether Google Compute Engine manages the routes automatically.",
+          "type": "boolean"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.networks.addPeering"
+            ]
+          },
+          "description": "Name of the peering, which should conform to RFC1035.",
+          "type": "string"
+        },
+        "peerNetwork": {
+          "description": "URL of the peer network. It can be either full URL or partial URL. The peer network may belong to a different project. If the partial URL does not contain project, it is assumed that the peer network is in the same project as the current network.",
+          "type": "string"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetPoolAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.targetPools.delete",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified target pool.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "NetworksRemovePeeringRequest": {
+      "id": "NetworksRemovePeeringRequest",
+      "properties": {
+        "name": {
+          "description": "Name of the peering, which should conform to RFC1035.",
+          "type": "string"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "Operation": {
+      "description": "An Operation resource, used to manage asynchronous API requests. (== resource_for v1.globalOperations ==) (== resource_for beta.globalOperations ==) (== resource_for v1.regionOperations ==) (== resource_for beta.regionOperations ==) (== resource_for v1.zoneOperations ==) (== resource_for beta.zoneOperations ==)",
+      "id": "Operation",
+      "properties": {
+        "clientOperationId": {
+          "description": "[Output Only] Reserved for future use.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Deprecated] This field is deprecated.",
+          "type": "string"
+        },
+        "description": {
+          "description": "[Output Only] A textual description of the operation, which is set when the operation is created.",
+          "type": "string"
+        },
+        "endTime": {
+          "description": "[Output Only] The time that this operation was completed. This value is in RFC3339 text format.",
+          "type": "string"
+        },
+        "error": {
+          "description": "[Output Only] If errors are generated during processing of the operation, this field will be populated.",
+          "properties": {
+            "errors": {
+              "description": "[Output Only] The array of errors encountered while processing this operation.",
+              "items": {
+                "properties": {
+                  "code": {
+                    "description": "[Output Only] The error type identifier for this error.",
+                    "type": "string"
+                  },
+                  "location": {
+                    "description": "[Output Only] Indicates the field in the request that caused the error. This property is optional.",
+                    "type": "string"
+                  },
+                  "message": {
+                    "description": "[Output Only] An optional, human-readable error message.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            }
+          },
+          "type": "object"
+        },
+        "httpErrorMessage": {
+          "description": "[Output Only] If the operation fails, this field contains the HTTP error message that was returned, such as NOT FOUND.",
+          "type": "string"
+        },
+        "httpErrorStatusCode": {
+          "description": "[Output Only] If the operation fails, this field contains the HTTP error status code that was returned. For example, a 404 means the resource was not found.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "insertTime": {
+          "description": "[Output Only] The time that this operation was requested. This value is in RFC3339 text format.",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#operation",
+          "description": "[Output Only] Type of the resource. Always compute#operation for Operation resources.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "type": "string"
+        },
+        "operationType": {
+          "description": "[Output Only] The type of operation, such as insert, update, or delete, and so on.",
+          "type": "string"
+        },
+        "progress": {
+          "description": "[Output Only] An optional progress indicator that ranges from 0 to 100. There is no requirement that this be linear or support any granularity of operations. This should not be used to guess when the operation will be complete. This number should monotonically increase as the operation progresses.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "region": {
+          "description": "[Output Only] The URL of the region where the operation resides. Only available when performing regional operations. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "startTime": {
+          "description": "[Output Only] The time that this operation was started by the server. This value is in RFC3339 text format.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the operation, which can be one of the following: PENDING, RUNNING, or DONE.",
+          "enum": [
+            "DONE",
+            "PENDING",
+            "RUNNING"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "statusMessage": {
+          "description": "[Output Only] An optional textual description of the current status of the operation.",
+          "type": "string"
+        },
+        "targetId": {
+          "description": "[Output Only] The unique target ID, which identifies a specific incarnation of the target resource.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "targetLink": {
+          "description": "[Output Only] The URL of the resource that the operation modifies. For operations related to creating a snapshot, this points to the persistent disk that the snapshot was created from.",
+          "type": "string"
+        },
+        "user": {
+          "description": "[Output Only] User who requested the operation, for example: user@example.com.",
+          "type": "string"
+        },
+        "warnings": {
+          "description": "[Output Only] If warning messages are generated during processing of the operation, this field will be populated.",
+          "items": {
+            "properties": {
+              "code": {
+                "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+                "enum": [
+                  "CLEANUP_FAILED",
+                  "DEPRECATED_RESOURCE_USED",
+                  "DEPRECATED_TYPE_USED",
+                  "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                  "EXPERIMENTAL_TYPE_USED",
+                  "EXTERNAL_API_WARNING",
+                  "FIELD_VALUE_OVERRIDEN",
+                  "INJECTED_KERNELS_DEPRECATED",
+                  "MISSING_TYPE_DEPENDENCY",
+                  "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                  "NEXT_HOP_CANNOT_IP_FORWARD",
+                  "NEXT_HOP_INSTANCE_NOT_FOUND",
+                  "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                  "NEXT_HOP_NOT_RUNNING",
+                  "NOT_CRITICAL_ERROR",
+                  "NO_RESULTS_ON_PAGE",
+                  "REQUIRED_TOS_AGREEMENT",
+                  "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                  "RESOURCE_NOT_DELETED",
+                  "SCHEMA_VALIDATION_IGNORED",
+                  "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                  "UNDECLARED_PROPERTIES",
+                  "UNREACHABLE"
+                ],
+                "enumDescriptions": [
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  ""
+                ],
+                "type": "string"
+              },
+              "data": {
+                "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+                "items": {
+                  "properties": {
+                    "key": {
+                      "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                      "type": "string"
+                    },
+                    "value": {
+                      "description": "[Output Only] A warning data value corresponding to the key.",
+                      "type": "string"
+                    }
+                  },
+                  "type": "object"
+                },
+                "type": "array"
+              },
+              "message": {
+                "description": "[Output Only] A human-readable description of the warning code.",
+                "type": "string"
+              }
+            },
+            "type": "object"
+          },
+          "type": "array"
+        },
+        "zone": {
+          "description": "[Output Only] The URL of the zone where the operation resides. Only available when performing per-zone operations. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "OperationAggregatedList": {
+      "id": "OperationAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "OperationsScopedList",
+            "description": "[Output Only] Name of the scope containing this set of operations."
+          },
+          "description": "[Output Only] A map of scoped operation lists.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#operationAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#operationAggregatedList for aggregated lists of operations.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the TargetPool resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetPools.get",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}",
-     "httpMethod": "GET",
-     "description": "Returns the specified target pool. Get a list of available target pools by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "OperationList": {
+      "description": "Contains a list of Operation resources.",
+      "id": "OperationList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "[Output Only] A list of Operation resources.",
+          "items": {
+            "$ref": "Operation"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#operationList",
+          "description": "[Output Only] Type of resource. Always compute#operations for Operations resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "OperationsScopedList": {
+      "id": "OperationsScopedList",
+      "properties": {
+        "operations": {
+          "description": "[Output Only] List of operations contained in this scope.",
+          "items": {
+            "$ref": "Operation"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of operations when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the TargetPool resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "response": {
-      "$ref": "TargetPool"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "getHealth": {
-     "id": "compute.targetPools.getHealth",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}/getHealth",
-     "httpMethod": "POST",
-     "description": "Gets the most recent health check results for each IP for the instance that is referenced by the given target pool.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "PathMatcher": {
+      "description": "A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service will be used.",
+      "id": "PathMatcher",
+      "properties": {
+        "defaultService": {
+          "description": "The full or partial URL to the BackendService resource. This will be used if none of the pathRules defined by this PathMatcher is matched by the URL's path portion. For example, the following are all valid URLs to a BackendService resource:  \n- https://www.googleapis.com/compute/v1/projects/project/global/backendServices/backendService \n- compute/v1/projects/project/global/backendServices/backendService \n- global/backendServices/backendService",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "name": {
+          "description": "The name to which this PathMatcher is referred by the HostRule.",
+          "type": "string"
+        },
+        "pathRules": {
+          "description": "The list of path rules.",
+          "items": {
+            "$ref": "PathRule"
+          },
+          "type": "array"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "PathRule": {
+      "description": "A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.",
+      "id": "PathRule",
+      "properties": {
+        "paths": {
+          "description": "The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "service": {
+          "description": "The URL of the BackendService resource if this rule is matched.",
+          "type": "string"
+        }
       },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the TargetPool resource to which the queried instance belongs.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "request": {
-      "$ref": "InstanceReference"
-     },
-     "response": {
-      "$ref": "TargetPoolInstanceHealth"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetPools.insert",
-     "path": "{project}/regions/{region}/targetPools",
-     "httpMethod": "POST",
-     "description": "Creates a target pool in the specified project and region using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "Project": {
+      "description": "A Project resource. For an overview of projects, see  Cloud Platform Resource Hierarchy. (== resource_for v1.projects ==) (== resource_for beta.projects ==)",
+      "id": "Project",
+      "properties": {
+        "commonInstanceMetadata": {
+          "$ref": "Metadata",
+          "description": "Metadata key/value pairs available to all instances contained in this project. See Custom metadata for more information."
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "defaultServiceAccount": {
+          "description": "[Output Only] Default service account used by VMs running in this project.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional textual description of the resource.",
+          "type": "string"
+        },
+        "enabledFeatures": {
+          "description": "Restricted features enabled for use on this project.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server. This is not the project ID, and is just a unique ID used by Compute Engine to identify resources.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#project",
+          "description": "[Output Only] Type of the resource. Always compute#project for projects.",
+          "type": "string"
+        },
+        "name": {
+          "description": "The project ID. For example: my-example-project. Use the project ID to make requests to Compute Engine.",
+          "type": "string"
+        },
+        "quotas": {
+          "description": "[Output Only] Quotas assigned to this project.",
+          "items": {
+            "$ref": "Quota"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "usageExportLocation": {
+          "$ref": "UsageExportLocation",
+          "description": "The naming prefix for daily usage reports and the Google Cloud Storage bucket where they are stored."
+        },
+        "xpnProjectStatus": {
+          "description": "[Output Only] The role this project has in a shared VPC configuration. Currently only HOST projects are differentiated.",
+          "enum": [
+            "HOST",
+            "UNSPECIFIED_XPN_PROJECT_STATUS"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "ProjectsDisableXpnResourceRequest": {
+      "id": "ProjectsDisableXpnResourceRequest",
+      "properties": {
+        "xpnResource": {
+          "$ref": "XpnResourceId",
+          "description": "Service resource (a.k.a service project) ID."
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "TargetPool"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetPools.list",
-     "path": "{project}/regions/{region}/targetPools",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of target pools available to the specified project and region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "ProjectsEnableXpnResourceRequest": {
+      "id": "ProjectsEnableXpnResourceRequest",
+      "properties": {
+        "xpnResource": {
+          "$ref": "XpnResourceId",
+          "description": "Service resource (a.k.a service project) ID."
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "ProjectsGetXpnResources": {
+      "id": "ProjectsGetXpnResources",
+      "properties": {
+        "kind": {
+          "default": "compute#projectsGetXpnResources",
+          "description": "[Output Only] Type of resource. Always compute#projectsGetXpnResources for lists of service resources (a.k.a service projects)",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "resources": {
+          "description": "Service resources (a.k.a service projects) attached to this project as their shared VPC host.",
+          "items": {
+            "$ref": "XpnResourceId"
+          },
+          "type": "array"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "ProjectsListXpnHostsRequest": {
+      "id": "ProjectsListXpnHostsRequest",
+      "properties": {
+        "organization": {
+          "description": "Optional organization ID managed by Cloud Resource Manager, for which to list shared VPC host projects. If not specified, the organization will be inferred from the project.",
+          "type": "string"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "Quota": {
+      "description": "A quotas entry.",
+      "id": "Quota",
+      "properties": {
+        "limit": {
+          "description": "[Output Only] Quota limit for this metric.",
+          "format": "double",
+          "type": "number"
+        },
+        "metric": {
+          "description": "[Output Only] Name of the quota metric.",
+          "enum": [
+            "AUTOSCALERS",
+            "BACKEND_BUCKETS",
+            "BACKEND_SERVICES",
+            "COMMITMENTS",
+            "CPUS",
+            "CPUS_ALL_REGIONS",
+            "DISKS_TOTAL_GB",
+            "FIREWALLS",
+            "FORWARDING_RULES",
+            "HEALTH_CHECKS",
+            "IMAGES",
+            "INSTANCES",
+            "INSTANCE_GROUPS",
+            "INSTANCE_GROUP_MANAGERS",
+            "INSTANCE_TEMPLATES",
+            "INTERCONNECTS",
+            "INTERNAL_ADDRESSES",
+            "IN_USE_ADDRESSES",
+            "LOCAL_SSD_TOTAL_GB",
+            "NETWORKS",
+            "NVIDIA_K80_GPUS",
+            "NVIDIA_P100_GPUS",
+            "PREEMPTIBLE_CPUS",
+            "PREEMPTIBLE_LOCAL_SSD_GB",
+            "PREEMPTIBLE_NVIDIA_K80_GPUS",
+            "PREEMPTIBLE_NVIDIA_P100_GPUS",
+            "REGIONAL_AUTOSCALERS",
+            "REGIONAL_INSTANCE_GROUP_MANAGERS",
+            "ROUTERS",
+            "ROUTES",
+            "SECURITY_POLICIES",
+            "SECURITY_POLICY_RULES",
+            "SNAPSHOTS",
+            "SSD_TOTAL_GB",
+            "SSL_CERTIFICATES",
+            "STATIC_ADDRESSES",
+            "SUBNETWORKS",
+            "TARGET_HTTPS_PROXIES",
+            "TARGET_HTTP_PROXIES",
+            "TARGET_INSTANCES",
+            "TARGET_POOLS",
+            "TARGET_SSL_PROXIES",
+            "TARGET_TCP_PROXIES",
+            "TARGET_VPN_GATEWAYS",
+            "URL_MAPS",
+            "VPN_TUNNELS"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "usage": {
+          "description": "[Output Only] Current usage of this metric.",
+          "format": "double",
+          "type": "number"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "Reference": {
+      "description": "Represents a reference to a resource.",
+      "id": "Reference",
+      "properties": {
+        "kind": {
+          "default": "compute#reference",
+          "description": "[Output Only] Type of the resource. Always compute#reference for references.",
+          "type": "string"
+        },
+        "referenceType": {
+          "description": "A description of the reference type with no implied semantics. Possible values include:  \n- MEMBER_OF",
+          "type": "string"
+        },
+        "referrer": {
+          "description": "URL of the resource which refers to the target.",
+          "type": "string"
+        },
+        "target": {
+          "description": "URL of the resource to which this reference points.",
+          "type": "string"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "TargetPoolList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "removeHealthCheck": {
-     "id": "compute.targetPools.removeHealthCheck",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}/removeHealthCheck",
-     "httpMethod": "POST",
-     "description": "Removes health check URL from a target pool.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "Region": {
+      "description": "Region resource. (== resource_for beta.regions ==) (== resource_for v1.regions ==)",
+      "id": "Region",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "deprecated": {
+          "$ref": "DeprecationStatus",
+          "description": "[Output Only] The deprecation status associated with this region."
+        },
+        "description": {
+          "description": "[Output Only] Textual description of the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#region",
+          "description": "[Output Only] Type of the resource. Always compute#region for regions.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "type": "string"
+        },
+        "quotas": {
+          "description": "[Output Only] Quotas assigned to this region.",
+          "items": {
+            "$ref": "Quota"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] Status of the region, either UP or DOWN.",
+          "enum": [
+            "DOWN",
+            "UP"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "zones": {
+          "description": "[Output Only] A list of zones available in this region, in the form of resource URLs.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "RegionAutoscalerList": {
+      "description": "Contains a list of autoscalers.",
+      "id": "RegionAutoscalerList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Autoscaler resources.",
+          "items": {
+            "$ref": "Autoscaler"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#regionAutoscalerList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "RegionInstanceGroupList": {
+      "description": "Contains a list of InstanceGroup resources.",
+      "id": "RegionInstanceGroupList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceGroup resources.",
+          "items": {
+            "$ref": "InstanceGroup"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#regionInstanceGroupList",
+          "description": "The resource type.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the target pool to remove health checks from.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "request": {
-      "$ref": "TargetPoolsRemoveHealthCheckRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "removeInstance": {
-     "id": "compute.targetPools.removeInstance",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}/removeInstance",
-     "httpMethod": "POST",
-     "description": "Removes instance URL from a target pool.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "RegionInstanceGroupManagerList": {
+      "description": "Contains a list of managed instance groups.",
+      "id": "RegionInstanceGroupManagerList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceGroupManager resources.",
+          "items": {
+            "$ref": "InstanceGroupManager"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#regionInstanceGroupManagerList",
+          "description": "[Output Only] The resource type, which is always compute#instanceGroupManagerList for a list of managed instance groups that exist in th regional scope.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersAbandonInstancesRequest": {
+      "id": "RegionInstanceGroupManagersAbandonInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The URLs of one or more instances to abandon. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersDeleteInstancesRequest": {
+      "id": "RegionInstanceGroupManagersDeleteInstancesRequest",
+      "properties": {
+        "instances": {
+          "description": "The URLs of one or more instances to delete. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the TargetPool resource to remove instances from.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "request": {
-      "$ref": "TargetPoolsRemoveInstanceRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setBackup": {
-     "id": "compute.targetPools.setBackup",
-     "path": "{project}/regions/{region}/targetPools/{targetPool}/setBackup",
-     "httpMethod": "POST",
-     "description": "Changes a backup target pool's configurations.",
-     "parameters": {
-      "failoverRatio": {
-       "type": "number",
-       "description": "New failoverRatio value for the target pool.",
-       "format": "float",
-       "location": "query"
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersListInstancesResponse": {
+      "id": "RegionInstanceGroupManagersListInstancesResponse",
+      "properties": {
+        "managedInstances": {
+          "description": "List of managed instances.",
+          "items": {
+            "$ref": "ManagedInstance"
+          },
+          "type": "array"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersRecreateRequest": {
+      "id": "RegionInstanceGroupManagersRecreateRequest",
+      "properties": {
+        "instances": {
+          "description": "The URLs of one or more instances to recreate. This can be a full URL or a partial URL, such as zones/[ZONE]/instances/[INSTANCE_NAME].",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersSetTargetPoolsRequest": {
+      "id": "RegionInstanceGroupManagersSetTargetPoolsRequest",
+      "properties": {
+        "fingerprint": {
+          "description": "Fingerprint of the target pools information, which is a hash of the contents. This field is used for optimistic locking when you update the target pool entries. This field is optional.",
+          "format": "byte",
+          "type": "string"
+        },
+        "targetPools": {
+          "description": "The URL of all TargetPool resources to which instances in the instanceGroup field are added. The target pools automatically apply to all of the instances in the managed instance group.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "RegionInstanceGroupManagersSetTemplateRequest": {
+      "id": "RegionInstanceGroupManagersSetTemplateRequest",
+      "properties": {
+        "instanceTemplate": {
+          "description": "URL of the InstanceTemplate resource from which all new instances will be created.",
+          "type": "string"
+        }
       },
-      "targetPool": {
-       "type": "string",
-       "description": "Name of the TargetPool resource to set a backup pool for.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetPool"
-     ],
-     "request": {
-      "$ref": "TargetReference"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "targetSslProxies": {
-   "methods": {
-    "delete": {
-     "id": "compute.targetSslProxies.delete",
-     "path": "{project}/global/targetSslProxies/{targetSslProxy}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified TargetSslProxy resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "RegionInstanceGroupsListInstances": {
+      "id": "RegionInstanceGroupsListInstances",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of InstanceWithNamedPorts resources.",
+          "items": {
+            "$ref": "InstanceWithNamedPorts"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#regionInstanceGroupsListInstances",
+          "description": "The resource type.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "RegionInstanceGroupsListInstancesRequest": {
+      "id": "RegionInstanceGroupsListInstancesRequest",
+      "properties": {
+        "instanceState": {
+          "description": "Instances in which state should be returned. Valid options are: 'ALL', 'RUNNING'. By default, it lists all instances.",
+          "enum": [
+            "ALL",
+            "RUNNING"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "portName": {
+          "description": "Name of port user is interested in. It is optional. If it is set, only information about this ports will be returned. If it is not set, all the named ports will be returned. Always lists all instances.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        }
       },
-      "targetSslProxy": {
-       "type": "string",
-       "description": "Name of the TargetSslProxy resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetSslProxy"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetSslProxies.get",
-     "path": "{project}/global/targetSslProxies/{targetSslProxy}",
-     "httpMethod": "GET",
-     "description": "Returns the specified TargetSslProxy resource. Get a list of available target SSL proxies by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "RegionInstanceGroupsSetNamedPortsRequest": {
+      "id": "RegionInstanceGroupsSetNamedPortsRequest",
+      "properties": {
+        "fingerprint": {
+          "description": "The fingerprint of the named ports information for this instance group. Use this optional property to prevent conflicts when multiple users change the named ports settings concurrently. Obtain the fingerprint with the instanceGroups.get method. Then, include the fingerprint in your request to ensure that you do not overwrite changes that were applied from another concurrent request.",
+          "format": "byte",
+          "type": "string"
+        },
+        "namedPorts": {
+          "description": "The list of named ports to set for this instance group.",
+          "items": {
+            "$ref": "NamedPort"
+          },
+          "type": "array"
+        }
       },
-      "targetSslProxy": {
-       "type": "string",
-       "description": "Name of the TargetSslProxy resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetSslProxy"
-     ],
-     "response": {
-      "$ref": "TargetSslProxy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetSslProxies.insert",
-     "path": "{project}/global/targetSslProxies",
-     "httpMethod": "POST",
-     "description": "Creates a TargetSslProxy resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "RegionList": {
+      "description": "Contains a list of region resources.",
+      "id": "RegionList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Region resources.",
+          "items": {
+            "$ref": "Region"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#regionList",
+          "description": "[Output Only] Type of resource. Always compute#regionList for lists of regions.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "TargetSslProxy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetSslProxies.list",
-     "path": "{project}/global/targetSslProxies",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of TargetSslProxy resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "ResourceCommitment": {
+      "description": "Commitment for a particular resource (a Commitment is composed of one or more of these).",
+      "id": "ResourceCommitment",
+      "properties": {
+        "amount": {
+          "description": "The amount of the resource purchased (in a type-dependent unit, such as bytes). For vCPUs, this can just be an integer. For memory, this must be provided in MB. Memory must be a multiple of 256 MB, with up to 6.5GB of memory per every vCPU.",
+          "format": "int64",
+          "type": "string"
+        },
+        "type": {
+          "description": "Type of resource for which this commitment applies. Possible values are VCPU and MEMORY",
+          "enum": [
+            "MEMORY",
+            "UNSPECIFIED",
+            "VCPU"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "ResourceGroupReference": {
+      "id": "ResourceGroupReference",
+      "properties": {
+        "group": {
+          "description": "A URI referencing one of the instance groups listed in the backend service.",
+          "type": "string"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "Route": {
+      "description": "Represents a Route resource. A route specifies how certain packets should be handled by the network. Routes are associated with instances by tags and the set of routes for a particular instance is called its routing table.\n\nFor each packet leaving an instance, the system searches that instance's routing table for a single best matching route. Routes match packets by destination IP address, preferring smaller or more specific ranges over larger ones. If there is a tie, the system selects the route with the smallest priority value. If there is still a tie, it uses the layer three and four packet headers to select just one of the remaining matching routes. The packet is then forwarded as specified by the nextHop field of the winning route - either to another instance destination, an instance gateway, or a Google Compute Engine-operated gateway.\n\nPackets that do not match any route in the sending instance's routing table are dropped. (== resource_for beta.routes ==) (== resource_for v1.routes ==)",
+      "id": "Route",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "destRange": {
+          "annotations": {
+            "required": [
+              "compute.routes.insert"
+            ]
+          },
+          "description": "The destination range of outgoing packets that this route applies to. Only IPv4 is supported.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#route",
+          "description": "[Output Only] Type of this resource. Always compute#routes for Route resources.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.routes.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "network": {
+          "annotations": {
+            "required": [
+              "compute.routes.insert"
+            ]
+          },
+          "description": "Fully-qualified URL of the network that this route applies to.",
+          "type": "string"
+        },
+        "nextHopGateway": {
+          "description": "The URL to a gateway that should handle matching packets. You can only specify the internet gateway using a full or partial valid URL:  projects/\u003cproject-id\u003e/global/gateways/default-internet-gateway",
+          "type": "string"
+        },
+        "nextHopInstance": {
+          "description": "The URL to an instance that should handle matching packets. You can specify this as a full or partial URL. For example:\nhttps://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/",
+          "type": "string"
+        },
+        "nextHopIp": {
+          "description": "The network IP address of an instance that should handle matching packets. Only IPv4 is supported.",
+          "type": "string"
+        },
+        "nextHopNetwork": {
+          "description": "The URL of the local network if it should handle matching packets.",
+          "type": "string"
+        },
+        "nextHopPeering": {
+          "description": "[Output Only] The network peering name that should handle matching packets, which should conform to RFC1035.",
+          "type": "string"
+        },
+        "nextHopVpnTunnel": {
+          "description": "The URL to a VpnTunnel that should handle matching packets.",
+          "type": "string"
+        },
+        "priority": {
+          "annotations": {
+            "required": [
+              "compute.routes.insert"
+            ]
+          },
+          "description": "The priority of this route. Priority is used to break ties in cases where there is more than one matching route of equal prefix length. In the case of two routes with equal prefix length, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535.",
+          "format": "uint32",
+          "type": "integer"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined fully-qualified URL for this resource.",
+          "type": "string"
+        },
+        "tags": {
+          "annotations": {
+            "required": [
+              "compute.routes.insert"
+            ]
+          },
+          "description": "A list of instance tags to which this route applies.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "warnings": {
+          "description": "[Output Only] If potential misconfigurations are detected for this route, this field will be populated with warning messages.",
+          "items": {
+            "properties": {
+              "code": {
+                "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+                "enum": [
+                  "CLEANUP_FAILED",
+                  "DEPRECATED_RESOURCE_USED",
+                  "DEPRECATED_TYPE_USED",
+                  "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                  "EXPERIMENTAL_TYPE_USED",
+                  "EXTERNAL_API_WARNING",
+                  "FIELD_VALUE_OVERRIDEN",
+                  "INJECTED_KERNELS_DEPRECATED",
+                  "MISSING_TYPE_DEPENDENCY",
+                  "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                  "NEXT_HOP_CANNOT_IP_FORWARD",
+                  "NEXT_HOP_INSTANCE_NOT_FOUND",
+                  "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                  "NEXT_HOP_NOT_RUNNING",
+                  "NOT_CRITICAL_ERROR",
+                  "NO_RESULTS_ON_PAGE",
+                  "REQUIRED_TOS_AGREEMENT",
+                  "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                  "RESOURCE_NOT_DELETED",
+                  "SCHEMA_VALIDATION_IGNORED",
+                  "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                  "UNDECLARED_PROPERTIES",
+                  "UNREACHABLE"
+                ],
+                "enumDescriptions": [
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  "",
+                  ""
+                ],
+                "type": "string"
+              },
+              "data": {
+                "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+                "items": {
+                  "properties": {
+                    "key": {
+                      "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                      "type": "string"
+                    },
+                    "value": {
+                      "description": "[Output Only] A warning data value corresponding to the key.",
+                      "type": "string"
+                    }
+                  },
+                  "type": "object"
+                },
+                "type": "array"
+              },
+              "message": {
+                "description": "[Output Only] A human-readable description of the warning code.",
+                "type": "string"
+              }
+            },
+            "type": "object"
+          },
+          "type": "array"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "RouteList": {
+      "description": "Contains a list of Route resources.",
+      "id": "RouteList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Route resources.",
+          "items": {
+            "$ref": "Route"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#routeList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetSslProxyList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setBackendService": {
-     "id": "compute.targetSslProxies.setBackendService",
-     "path": "{project}/global/targetSslProxies/{targetSslProxy}/setBackendService",
-     "httpMethod": "POST",
-     "description": "Changes the BackendService for TargetSslProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "Router": {
+      "description": "Router resource.",
+      "id": "Router",
+      "properties": {
+        "bgp": {
+          "$ref": "RouterBgp",
+          "description": "BGP information specific to this router."
+        },
+        "bgpPeers": {
+          "description": "BGP information that needs to be configured into the routing stack to establish the BGP peering. It must specify peer ASN and either interface name, IP, or peer IP. Please refer to RFC4273.",
+          "items": {
+            "$ref": "RouterBgpPeer"
+          },
+          "type": "array"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "interfaces": {
+          "description": "Router interfaces. Each interface requires either one linked resource (e.g. linkedVpnTunnel), or IP address and IP address range (e.g. ipRange), or both.",
+          "items": {
+            "$ref": "RouterInterface"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#router",
+          "description": "[Output Only] Type of resource. Always compute#router for routers.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.routers.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "network": {
+          "annotations": {
+            "required": [
+              "compute.routers.insert"
+            ]
+          },
+          "description": "URI of the network to which this router belongs.",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URI of the region where the router resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "RouterAdvertisedIpRange": {
+      "description": "Description-tagged IP ranges for the router to advertise.",
+      "id": "RouterAdvertisedIpRange",
+      "properties": {
+        "description": {
+          "description": "User-specified description for the IP range.",
+          "type": "string"
+        },
+        "range": {
+          "description": "The IP range to advertise. The value must be a CIDR-formatted string.",
+          "type": "string"
+        }
       },
-      "targetSslProxy": {
-       "type": "string",
-       "description": "Name of the TargetSslProxy resource whose BackendService resource is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetSslProxy"
-     ],
-     "request": {
-      "$ref": "TargetSslProxiesSetBackendServiceRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setProxyHeader": {
-     "id": "compute.targetSslProxies.setProxyHeader",
-     "path": "{project}/global/targetSslProxies/{targetSslProxy}/setProxyHeader",
-     "httpMethod": "POST",
-     "description": "Changes the ProxyHeaderType for TargetSslProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "RouterAggregatedList": {
+      "description": "Contains a list of routers.",
+      "id": "RouterAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "RoutersScopedList",
+            "description": "Name of the scope containing this set of routers."
+          },
+          "description": "A list of Router resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#routerAggregatedList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "RouterBgp": {
+      "id": "RouterBgp",
+      "properties": {
+        "advertiseMode": {
+          "description": "User-specified flag to indicate which mode to use for advertisement.",
+          "enum": [
+            "CUSTOM",
+            "DEFAULT"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "advertisedGroups": {
+          "description": "User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.",
+          "items": {
+            "enum": [
+              "ALL_SUBNETS"
+            ],
+            "enumDescriptions": [
+              ""
+            ],
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "advertisedIpRanges": {
+          "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.",
+          "items": {
+            "$ref": "RouterAdvertisedIpRange"
+          },
+          "type": "array"
+        },
+        "asn": {
+          "description": "Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.",
+          "format": "uint32",
+          "type": "integer"
+        }
       },
-      "targetSslProxy": {
-       "type": "string",
-       "description": "Name of the TargetSslProxy resource whose ProxyHeader is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetSslProxy"
-     ],
-     "request": {
-      "$ref": "TargetSslProxiesSetProxyHeaderRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setSslCertificates": {
-     "id": "compute.targetSslProxies.setSslCertificates",
-     "path": "{project}/global/targetSslProxies/{targetSslProxy}/setSslCertificates",
-     "httpMethod": "POST",
-     "description": "Changes SslCertificates for TargetSslProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "RouterBgpPeer": {
+      "id": "RouterBgpPeer",
+      "properties": {
+        "advertiseMode": {
+          "description": "User-specified flag to indicate which mode to use for advertisement.",
+          "enum": [
+            "CUSTOM",
+            "DEFAULT"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "advertisedGroups": {
+          "description": "User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in Bgp message). These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.",
+          "items": {
+            "enum": [
+              "ALL_SUBNETS"
+            ],
+            "enumDescriptions": [
+              ""
+            ],
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "advertisedIpRanges": {
+          "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in Bgp message). These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.",
+          "items": {
+            "$ref": "RouterAdvertisedIpRange"
+          },
+          "type": "array"
+        },
+        "advertisedRoutePriority": {
+          "description": "The priority of routes advertised to this BGP peer. In the case where there is more than one matching route of maximum length, the routes with lowest priority value win.",
+          "format": "uint32",
+          "type": "integer"
+        },
+        "interfaceName": {
+          "description": "Name of the interface the BGP peer is associated with.",
+          "type": "string"
+        },
+        "ipAddress": {
+          "description": "IP address of the interface inside Google Cloud Platform. Only IPv4 is supported.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of this BGP peer. The name must be 1-63 characters long and comply with RFC1035.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "peerAsn": {
+          "description": "Peer BGP Autonomous System Number (ASN). For VPN use case, this value can be different for every tunnel.",
+          "format": "uint32",
+          "type": "integer"
+        },
+        "peerIpAddress": {
+          "description": "IP address of the BGP interface outside Google cloud. Only IPv4 is supported.",
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "RouterInterface": {
+      "id": "RouterInterface",
+      "properties": {
+        "ipRange": {
+          "description": "IP address and range of the interface. The IP range must be in the RFC3927 link-local IP space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface.",
+          "type": "string"
+        },
+        "linkedInterconnectAttachment": {
+          "description": "URI of the linked interconnect attachment. It must be in the same region as the router. Each interface can have at most one linked resource and it could either be a VPN Tunnel or an interconnect attachment.",
+          "type": "string"
+        },
+        "linkedVpnTunnel": {
+          "description": "URI of the linked VPN tunnel. It must be in the same region as the router. Each interface can have at most one linked resource and it could either be a VPN Tunnel or an interconnect attachment.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of this interface entry. The name must be 1-63 characters long and comply with RFC1035.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        }
       },
-      "targetSslProxy": {
-       "type": "string",
-       "description": "Name of the TargetSslProxy resource whose SslCertificate resource is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetSslProxy"
-     ],
-     "request": {
-      "$ref": "TargetSslProxiesSetSslCertificatesRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "targetTcpProxies": {
-   "methods": {
-    "delete": {
-     "id": "compute.targetTcpProxies.delete",
-     "path": "{project}/global/targetTcpProxies/{targetTcpProxy}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified TargetTcpProxy resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "RouterList": {
+      "description": "Contains a list of Router resources.",
+      "id": "RouterList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Router resources.",
+          "items": {
+            "$ref": "Router"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#routerList",
+          "description": "[Output Only] Type of resource. Always compute#router for routers.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "RouterStatus": {
+      "id": "RouterStatus",
+      "properties": {
+        "bestRoutes": {
+          "description": "Best routes for this router's network.",
+          "items": {
+            "$ref": "Route"
+          },
+          "type": "array"
+        },
+        "bestRoutesForRouter": {
+          "description": "Best routes learned by this router.",
+          "items": {
+            "$ref": "Route"
+          },
+          "type": "array"
+        },
+        "bgpPeerStatus": {
+          "items": {
+            "$ref": "RouterStatusBgpPeerStatus"
+          },
+          "type": "array"
+        },
+        "network": {
+          "description": "URI of the network to which this router belongs.",
+          "type": "string"
+        }
       },
-      "targetTcpProxy": {
-       "type": "string",
-       "description": "Name of the TargetTcpProxy resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetTcpProxy"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetTcpProxies.get",
-     "path": "{project}/global/targetTcpProxies/{targetTcpProxy}",
-     "httpMethod": "GET",
-     "description": "Returns the specified TargetTcpProxy resource. Get a list of available target TCP proxies by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "RouterStatusBgpPeerStatus": {
+      "id": "RouterStatusBgpPeerStatus",
+      "properties": {
+        "advertisedRoutes": {
+          "description": "Routes that were advertised to the remote BGP peer",
+          "items": {
+            "$ref": "Route"
+          },
+          "type": "array"
+        },
+        "ipAddress": {
+          "description": "IP address of the local BGP interface.",
+          "type": "string"
+        },
+        "linkedVpnTunnel": {
+          "description": "URL of the VPN tunnel that this BGP peer controls.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of this BGP peer. Unique within the Routers resource.",
+          "type": "string"
+        },
+        "numLearnedRoutes": {
+          "description": "Number of routes learned from the remote BGP Peer.",
+          "format": "uint32",
+          "type": "integer"
+        },
+        "peerIpAddress": {
+          "description": "IP address of the remote BGP interface.",
+          "type": "string"
+        },
+        "state": {
+          "description": "BGP state as specified in RFC1771.",
+          "type": "string"
+        },
+        "status": {
+          "description": "Status of the BGP peer: {UP, DOWN}",
+          "enum": [
+            "DOWN",
+            "UNKNOWN",
+            "UP"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "uptime": {
+          "description": "Time this session has been up. Format: 14 years, 51 weeks, 6 days, 23 hours, 59 minutes, 59 seconds",
+          "type": "string"
+        },
+        "uptimeSeconds": {
+          "description": "Time this session has been up, in seconds. Format: 145",
+          "type": "string"
+        }
       },
-      "targetTcpProxy": {
-       "type": "string",
-       "description": "Name of the TargetTcpProxy resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetTcpProxy"
-     ],
-     "response": {
-      "$ref": "TargetTcpProxy"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetTcpProxies.insert",
-     "path": "{project}/global/targetTcpProxies",
-     "httpMethod": "POST",
-     "description": "Creates a TargetTcpProxy resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "RouterStatusResponse": {
+      "id": "RouterStatusResponse",
+      "properties": {
+        "kind": {
+          "default": "compute#routerStatusResponse",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "result": {
+          "$ref": "RouterStatus"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "TargetTcpProxy"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetTcpProxies.list",
-     "path": "{project}/global/targetTcpProxies",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of TargetTcpProxy resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "RoutersPreviewResponse": {
+      "id": "RoutersPreviewResponse",
+      "properties": {
+        "resource": {
+          "$ref": "Router",
+          "description": "Preview of given router."
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "RoutersScopedList": {
+      "id": "RoutersScopedList",
+      "properties": {
+        "routers": {
+          "description": "List of routers contained in this scope.",
+          "items": {
+            "$ref": "Router"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of routers when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "SSLHealthCheck": {
+      "id": "SSLHealthCheck",
+      "properties": {
+        "port": {
+          "description": "The TCP port number for the health check request. The default value is 443. Valid values are 1 through 65535.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "portName": {
+          "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.",
+          "type": "string"
+        },
+        "proxyHeader": {
+          "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "request": {
+          "description": "The application data to send once the SSL connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.",
+          "type": "string"
+        },
+        "response": {
+          "description": "The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.",
+          "type": "string"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "Scheduling": {
+      "description": "Sets the scheduling options for an Instance.",
+      "id": "Scheduling",
+      "properties": {
+        "automaticRestart": {
+          "description": "Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.\n\nBy default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.",
+          "type": "boolean"
+        },
+        "onHostMaintenance": {
+          "description": "Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Setting Instance Scheduling Options.",
+          "enum": [
+            "MIGRATE",
+            "TERMINATE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "preemptible": {
+          "description": "Defines whether the instance is preemptible. This can only be set during instance creation, it cannot be set or changed after the instance has been created.",
+          "type": "boolean"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetTcpProxyList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "setBackendService": {
-     "id": "compute.targetTcpProxies.setBackendService",
-     "path": "{project}/global/targetTcpProxies/{targetTcpProxy}/setBackendService",
-     "httpMethod": "POST",
-     "description": "Changes the BackendService for TargetTcpProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "SerialPortOutput": {
+      "description": "An instance's serial console output.",
+      "id": "SerialPortOutput",
+      "properties": {
+        "contents": {
+          "description": "[Output Only] The contents of the console output.",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#serialPortOutput",
+          "description": "[Output Only] Type of the resource. Always compute#serialPortOutput for serial port output.",
+          "type": "string"
+        },
+        "next": {
+          "description": "[Output Only] The position of the next byte of content from the serial console output. Use this value in the next request as the start parameter.",
+          "format": "int64",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "start": {
+          "description": "The starting byte position of the output that was returned. This should match the start parameter sent with the request. If the serial console output exceeds the size of the buffer, older output will be overwritten by newer content and the start values will be mismatched.",
+          "format": "int64",
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "ServiceAccount": {
+      "description": "A service account.",
+      "id": "ServiceAccount",
+      "properties": {
+        "email": {
+          "description": "Email address of the service account.",
+          "type": "string"
+        },
+        "scopes": {
+          "description": "The list of scopes to be made available for this service account.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "targetTcpProxy": {
-       "type": "string",
-       "description": "Name of the TargetTcpProxy resource whose BackendService resource is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetTcpProxy"
-     ],
-     "request": {
-      "$ref": "TargetTcpProxiesSetBackendServiceRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "setProxyHeader": {
-     "id": "compute.targetTcpProxies.setProxyHeader",
-     "path": "{project}/global/targetTcpProxies/{targetTcpProxy}/setProxyHeader",
-     "httpMethod": "POST",
-     "description": "Changes the ProxyHeaderType for TargetTcpProxy.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "Snapshot": {
+      "description": "A persistent disk snapshot resource. (== resource_for beta.snapshots ==) (== resource_for v1.snapshots ==)",
+      "id": "Snapshot",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "diskSizeGb": {
+          "description": "[Output Only] Size of the snapshot, specified in GB.",
+          "format": "int64",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#snapshot",
+          "description": "[Output Only] Type of the resource. Always compute#snapshot for Snapshot resources.",
+          "type": "string"
+        },
+        "labelFingerprint": {
+          "description": "A fingerprint for the labels being applied to this snapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.\n\nTo see the latest fingerprint, make a get() request to retrieve a snapshot.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Labels to apply to this snapshot. These can be later modified by the setLabels method. Label values may be empty.",
+          "type": "object"
+        },
+        "licenses": {
+          "description": "[Output Only] A list of public visible licenses that apply to this snapshot. This can be because the original image had licenses attached (such as a Windows image).",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "name": {
+          "description": "Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "snapshotEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "Encrypts the snapshot using a customer-supplied encryption key.\n\nAfter you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the image later For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request.\n\nCustomer-supplied encryption keys do not protect access to metadata of the disk.\n\nIf you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later."
+        },
+        "sourceDisk": {
+          "description": "[Output Only] The source disk used to create this snapshot.",
+          "type": "string"
+        },
+        "sourceDiskEncryptionKey": {
+          "$ref": "CustomerEncryptionKey",
+          "description": "The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key."
+        },
+        "sourceDiskId": {
+          "description": "[Output Only] The ID value of the disk used to create this snapshot. This value may be used to determine whether the snapshot was taken from the current or a previous instance of a given disk name.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the snapshot. This can be CREATING, DELETING, FAILED, READY, or UPLOADING.",
+          "enum": [
+            "CREATING",
+            "DELETING",
+            "FAILED",
+            "READY",
+            "UPLOADING"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "storageBytes": {
+          "description": "[Output Only] A size of the storage used by the snapshot. As snapshots share storage, this number is expected to change with snapshot creation/deletion.",
+          "format": "int64",
+          "type": "string"
+        },
+        "storageBytesStatus": {
+          "description": "[Output Only] An indicator whether storageBytes is in a stable state or it is being adjusted as a result of shared storage reallocation. This status can either be UPDATING, meaning the size of the snapshot is being updated, or UP_TO_DATE, meaning the size of the snapshot is up-to-date.",
+          "enum": [
+            "UPDATING",
+            "UP_TO_DATE"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "SnapshotList": {
+      "description": "Contains a list of Snapshot resources.",
+      "id": "SnapshotList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Snapshot resources.",
+          "items": {
+            "$ref": "Snapshot"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#snapshotList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "targetTcpProxy": {
-       "type": "string",
-       "description": "Name of the TargetTcpProxy resource whose ProxyHeader is to be set.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "targetTcpProxy"
-     ],
-     "request": {
-      "$ref": "TargetTcpProxiesSetProxyHeaderRequest"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "targetVpnGateways": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.targetVpnGateways.aggregatedList",
-     "path": "{project}/aggregated/targetVpnGateways",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of target VPN gateways.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "SslCertificate": {
+      "description": "An SslCertificate resource. This resource provides a mechanism to upload an SSL key and certificate to the load balancer to serve secure connections from the user. (== resource_for beta.sslCertificates ==) (== resource_for v1.sslCertificates ==)",
+      "id": "SslCertificate",
+      "properties": {
+        "certificate": {
+          "description": "A local certificate file. The certificate must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#sslCertificate",
+          "description": "[Output Only] Type of the resource. Always compute#sslCertificate for SSL certificates.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "privateKey": {
+          "description": "A write-only private key in PEM format. Only insert requests will include this field.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output only] Server-defined URL for the resource.",
+          "type": "string"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "SslCertificateList": {
+      "description": "Contains a list of SslCertificate resources.",
+      "id": "SslCertificateList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of SslCertificate resources.",
+          "items": {
+            "$ref": "SslCertificate"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#sslCertificateList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "Subnetwork": {
+      "description": "A Subnetwork resource. (== resource_for beta.subnetworks ==) (== resource_for v1.subnetworks ==)",
+      "id": "Subnetwork",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource. This field can be set only at resource creation time.",
+          "type": "string"
+        },
+        "fingerprint": {
+          "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a Subnetwork. An up-to-date fingerprint must be provided in order to update the Subnetwork.",
+          "format": "byte",
+          "type": "string"
+        },
+        "gatewayAddress": {
+          "description": "[Output Only] The gateway address for default routes to reach destination addresses outside this subnetwork.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "ipCidrRange": {
+          "description": "The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or 192.168.0.0/16. Ranges must be unique and non-overlapping within a network. Only IPv4 is supported. This field can be set only at resource creation time.",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#subnetwork",
+          "description": "[Output Only] Type of the resource. Always compute#subnetwork for Subnetwork resources.",
+          "type": "string"
+        },
+        "name": {
+          "description": "The name of the resource, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "network": {
+          "description": "The URL of the network to which this subnetwork belongs, provided by the client when initially creating the subnetwork. Only networks that are in the distributed mode can have subnetworks. This field can be set only at resource creation time.",
+          "type": "string"
+        },
+        "privateIpGoogleAccess": {
+          "description": "Whether the VMs in this subnet can access Google services without assigned external IP addresses. This field can be both set at resource creation time and updated using setPrivateIpGoogleAccess.",
+          "type": "boolean"
+        },
+        "region": {
+          "description": "URL of the region where the Subnetwork resides. This field can be set only at resource creation time.",
+          "type": "string"
+        },
+        "secondaryIpRanges": {
+          "description": "An array of configurations for secondary IP ranges for VM instances contained in this subnetwork. The primary IP of such VM must belong to the primary ipCidrRange of the subnetwork. The alias IPs may belong to either primary or secondary ranges.",
+          "items": {
+            "$ref": "SubnetworkSecondaryRange"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "SubnetworkAggregatedList": {
+      "id": "SubnetworkAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "SubnetworksScopedList",
+            "description": "Name of the scope containing this set of Subnetworks."
+          },
+          "description": "A list of SubnetworksScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#subnetworkAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#subnetworkAggregatedList for aggregated lists of subnetworks.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "TargetVpnGatewayAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.targetVpnGateways.delete",
-     "path": "{project}/regions/{region}/targetVpnGateways/{targetVpnGateway}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified target VPN gateway.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "SubnetworkList": {
+      "description": "Contains a list of Subnetwork resources.",
+      "id": "SubnetworkList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Subnetwork resources.",
+          "items": {
+            "$ref": "Subnetwork"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#subnetworkList",
+          "description": "[Output Only] Type of resource. Always compute#subnetworkList for lists of subnetworks.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "SubnetworkSecondaryRange": {
+      "description": "Represents a secondary IP range of a subnetwork.",
+      "id": "SubnetworkSecondaryRange",
+      "properties": {
+        "ipCidrRange": {
+          "description": "The range of IP addresses belonging to this subnetwork secondary range. Provide this property when you create the subnetwork. Ranges must be unique and non-overlapping with all primary and secondary IP ranges within a network. Only IPv4 is supported.",
+          "type": "string"
+        },
+        "rangeName": {
+          "description": "The name associated with this subnetwork secondary range, used when adding an alias IP range to a VM instance. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the subnetwork.",
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "SubnetworksExpandIpCidrRangeRequest": {
+      "id": "SubnetworksExpandIpCidrRangeRequest",
+      "properties": {
+        "ipCidrRange": {
+          "description": "The IP (in CIDR format or netmask) of internal addresses that are legal on this Subnetwork. This range should be disjoint from other subnetworks within this network. This range can only be larger than (i.e. a superset of) the range previously defined before the update.",
+          "type": "string"
+        }
       },
-      "targetVpnGateway": {
-       "type": "string",
-       "description": "Name of the target VPN gateway to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetVpnGateway"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.targetVpnGateways.get",
-     "path": "{project}/regions/{region}/targetVpnGateways/{targetVpnGateway}",
-     "httpMethod": "GET",
-     "description": "Returns the specified target VPN gateway. Get a list of available target VPN gateways by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "SubnetworksScopedList": {
+      "id": "SubnetworksScopedList",
+      "properties": {
+        "subnetworks": {
+          "description": "List of subnetworks contained in this scope.",
+          "items": {
+            "$ref": "Subnetwork"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "An informational warning that appears when the list of addresses is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "SubnetworksSetPrivateIpGoogleAccessRequest": {
+      "id": "SubnetworksSetPrivateIpGoogleAccessRequest",
+      "properties": {
+        "privateIpGoogleAccess": {
+          "type": "boolean"
+        }
       },
-      "targetVpnGateway": {
-       "type": "string",
-       "description": "Name of the target VPN gateway to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "targetVpnGateway"
-     ],
-     "response": {
-      "$ref": "TargetVpnGateway"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.targetVpnGateways.insert",
-     "path": "{project}/regions/{region}/targetVpnGateways",
-     "httpMethod": "POST",
-     "description": "Creates a target VPN gateway in the specified project and region using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "TCPHealthCheck": {
+      "id": "TCPHealthCheck",
+      "properties": {
+        "port": {
+          "description": "The TCP port number for the health check request. The default value is 80. Valid values are 1 through 65535.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "portName": {
+          "description": "Port name as defined in InstanceGroup#NamedPort#name. If both port and port_name are defined, port takes precedence.",
+          "type": "string"
+        },
+        "proxyHeader": {
+          "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "request": {
+          "description": "The application data to send once the TCP connection has been established (default value is empty). If both request and response are empty, the connection establishment alone will indicate health. The request data can only be ASCII.",
+          "type": "string"
+        },
+        "response": {
+          "description": "The bytes to match against the beginning of the response data. If left empty (the default value), any response will indicate health. The response data can only be ASCII.",
+          "type": "string"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "Tags": {
+      "description": "A set of instance tags.",
+      "id": "Tags",
+      "properties": {
+        "fingerprint": {
+          "description": "Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata.\n\nTo see the latest fingerprint, make get() request to the instance.",
+          "format": "byte",
+          "type": "string"
+        },
+        "items": {
+          "description": "An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "TargetVpnGateway"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.targetVpnGateways.list",
-     "path": "{project}/regions/{region}/targetVpnGateways",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of target VPN gateways available to the specified project and region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "TargetHttpProxy": {
+      "description": "A TargetHttpProxy resource. This resource defines an HTTP proxy. (== resource_for beta.targetHttpProxies ==) (== resource_for v1.targetHttpProxies ==)",
+      "id": "TargetHttpProxy",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#targetHttpProxy",
+          "description": "[Output Only] Type of resource. Always compute#targetHttpProxy for target HTTP proxies.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "urlMap": {
+          "description": "URL to the UrlMap resource that defines the mapping from URL to the BackendService.",
+          "type": "string"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "TargetHttpProxyList": {
+      "description": "A list of TargetHttpProxy resources.",
+      "id": "TargetHttpProxyList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetHttpProxy resources.",
+          "items": {
+            "$ref": "TargetHttpProxy"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetHttpProxyList",
+          "description": "Type of resource. Always compute#targetHttpProxyList for lists of target HTTP proxies.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "TargetHttpsProxiesSetSslCertificatesRequest": {
+      "id": "TargetHttpsProxiesSetSslCertificatesRequest",
+      "properties": {
+        "sslCertificates": {
+          "description": "New set of SslCertificate resources to associate with this TargetHttpsProxy resource. Currently exactly one SslCertificate resource must be specified.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "TargetHttpsProxy": {
+      "description": "A TargetHttpsProxy resource. This resource defines an HTTPS proxy. (== resource_for beta.targetHttpsProxies ==) (== resource_for v1.targetHttpsProxies ==)",
+      "id": "TargetHttpsProxy",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#targetHttpsProxy",
+          "description": "[Output Only] Type of resource. Always compute#targetHttpsProxy for target HTTPS proxies.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sslCertificates": {
+          "description": "URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, exactly one SSL certificate must be specified.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "urlMap": {
+          "description": "A fully-qualified or valid partial URL to the UrlMap resource that defines the mapping from URL to the BackendService. For example, the following are all valid URLs for specifying a URL map:  \n- https://www.googleapis.compute/v1/projects/project/global/urlMaps/url-map \n- projects/project/global/urlMaps/url-map \n- global/urlMaps/url-map",
+          "type": "string"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "TargetHttpsProxyList": {
+      "description": "Contains a list of TargetHttpsProxy resources.",
+      "id": "TargetHttpsProxyList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetHttpsProxy resources.",
+          "items": {
+            "$ref": "TargetHttpsProxy"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetHttpsProxyList",
+          "description": "Type of resource. Always compute#targetHttpsProxyList for lists of target HTTPS proxies.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "TargetVpnGatewayList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "urlMaps": {
-   "methods": {
-    "delete": {
-     "id": "compute.urlMaps.delete",
-     "path": "{project}/global/urlMaps/{urlMap}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified UrlMap resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "TargetInstance": {
+      "description": "A TargetInstance resource. This resource defines an endpoint instance that terminates traffic of certain protocols. (== resource_for beta.targetInstances ==) (== resource_for v1.targetInstances ==)",
+      "id": "TargetInstance",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "instance": {
+          "description": "A URL to the virtual machine instance that handles traffic for this target instance. When creating a target instance, you can provide the fully-qualified URL or a valid partial URL to the desired virtual machine. For example, the following are all valid URLs: \n- https://www.googleapis.com/compute/v1/projects/project/zones/zone/instances/instance \n- projects/project/zones/zone/instances/instance \n- zones/zone/instances/instance",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#targetInstance",
+          "description": "[Output Only] The type of the resource. Always compute#targetInstance for target instances.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "natPolicy": {
+          "description": "NAT option controlling how IPs are NAT'ed to the instance. Currently only NO_NAT (default value) is supported.",
+          "enum": [
+            "NO_NAT"
+          ],
+          "enumDescriptions": [
+            ""
+          ],
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "zone": {
+          "description": "[Output Only] URL of the zone where the target instance resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "TargetInstanceAggregatedList": {
+      "id": "TargetInstanceAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "TargetInstancesScopedList",
+            "description": "Name of the scope containing this set of target instances."
+          },
+          "description": "A list of TargetInstance resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#targetInstanceAggregatedList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "urlMap": {
-       "type": "string",
-       "description": "Name of the UrlMap resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "urlMap"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.urlMaps.get",
-     "path": "{project}/global/urlMaps/{urlMap}",
-     "httpMethod": "GET",
-     "description": "Returns the specified UrlMap resource. Get a list of available URL maps by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "TargetInstanceList": {
+      "description": "Contains a list of TargetInstance resources.",
+      "id": "TargetInstanceList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetInstance resources.",
+          "items": {
+            "$ref": "TargetInstance"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetInstanceList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "urlMap": {
-       "type": "string",
-       "description": "Name of the UrlMap resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "urlMap"
-     ],
-     "response": {
-      "$ref": "UrlMap"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.urlMaps.insert",
-     "path": "{project}/global/urlMaps",
-     "httpMethod": "POST",
-     "description": "Creates a UrlMap resource in the specified project using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "TargetInstancesScopedList": {
+      "id": "TargetInstancesScopedList",
+      "properties": {
+        "targetInstances": {
+          "description": "List of target instances contained in this scope.",
+          "items": {
+            "$ref": "TargetInstance"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of addresses when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "request": {
-      "$ref": "UrlMap"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "invalidateCache": {
-     "id": "compute.urlMaps.invalidateCache",
-     "path": "{project}/global/urlMaps/{urlMap}/invalidateCache",
-     "httpMethod": "POST",
-     "description": "Initiates a cache invalidation operation, invalidating the specified path, scoped to the specified UrlMap.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "TargetPool": {
+      "description": "A TargetPool resource. This resource defines a pool of instances, an associated HttpHealthCheck resource, and the fallback target pool. (== resource_for beta.targetPools ==) (== resource_for v1.targetPools ==)",
+      "id": "TargetPool",
+      "properties": {
+        "backupPool": {
+          "description": "This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool, and its failoverRatio field is properly set to a value between [0, 1].\n\nbackupPool and failoverRatio together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below failoverRatio, traffic arriving at the load-balanced IP will be directed to the backup pool.\n\nIn case where failoverRatio and backupPool are not set, or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the \"force\" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.",
+          "type": "string"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "failoverRatio": {
+          "description": "This field is applicable only when the containing target pool is serving a forwarding rule as the primary pool (i.e., not as a backup pool to some other target pool). The value of the field must be in [0, 1].\n\nIf set, backupPool must also be set. They together define the fallback behavior of the primary target pool: if the ratio of the healthy instances in the primary pool is at or below this number, traffic arriving at the load-balanced IP will be directed to the backup pool.\n\nIn case where failoverRatio is not set or all the instances in the backup pool are unhealthy, the traffic will be directed back to the primary pool in the \"force\" mode, where traffic will be spread to the healthy instances with the best effort, or to all instances when no instance is healthy.",
+          "format": "float",
+          "type": "number"
+        },
+        "healthChecks": {
+          "description": "The URL of the HttpHealthCheck resource. A member instance in this pool is considered healthy if and only if the health checks pass. An empty list means all member instances will be considered healthy at all times. Only HttpHealthChecks are supported. Only one health check may be specified.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "instances": {
+          "description": "A list of resource URLs to the virtual machine instances serving this pool. They must live in zones contained in the same region as this pool.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetPool",
+          "description": "[Output Only] Type of the resource. Always compute#targetPool for target pools.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the target pool resides.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sessionAffinity": {
+          "description": "Sesssion affinity option, must be one of the following values:\nNONE: Connections from the same client IP may go to any instance in the pool.\nCLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy.\nCLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.",
+          "enum": [
+            "CLIENT_IP",
+            "CLIENT_IP_PORT_PROTO",
+            "CLIENT_IP_PROTO",
+            "GENERATED_COOKIE",
+            "NONE"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "TargetPoolAggregatedList": {
+      "id": "TargetPoolAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "TargetPoolsScopedList",
+            "description": "Name of the scope containing this set of target pools."
+          },
+          "description": "A list of TargetPool resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#targetPoolAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#targetPoolAggregatedList for aggregated lists of target pools.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "urlMap": {
-       "type": "string",
-       "description": "Name of the UrlMap scoping this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "urlMap"
-     ],
-     "request": {
-      "$ref": "CacheInvalidationRule"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.urlMaps.list",
-     "path": "{project}/global/urlMaps",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of UrlMap resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "TargetPoolInstanceHealth": {
+      "id": "TargetPoolInstanceHealth",
+      "properties": {
+        "healthStatus": {
+          "items": {
+            "$ref": "HealthStatus"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetPoolInstanceHealth",
+          "description": "[Output Only] Type of resource. Always compute#targetPoolInstanceHealth when checking the health of an instance.",
+          "type": "string"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "TargetPoolList": {
+      "description": "Contains a list of TargetPool resources.",
+      "id": "TargetPoolList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetPool resources.",
+          "items": {
+            "$ref": "TargetPool"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetPoolList",
+          "description": "[Output Only] Type of resource. Always compute#targetPoolList for lists of target pools.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "TargetPoolsAddHealthCheckRequest": {
+      "id": "TargetPoolsAddHealthCheckRequest",
+      "properties": {
+        "healthChecks": {
+          "description": "The HttpHealthCheck to add to the target pool.",
+          "items": {
+            "$ref": "HealthCheckReference"
+          },
+          "type": "array"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "TargetPoolsAddInstanceRequest": {
+      "id": "TargetPoolsAddInstanceRequest",
+      "properties": {
+        "instances": {
+          "description": "A full or partial URL to an instance to add to this target pool. This can be a full or partial URL. For example, the following are valid URLs:  \n- https://www.googleapis.com/compute/v1/projects/project-id/zones/zone/instances/instance-name \n- projects/project-id/zones/zone/instances/instance-name \n- zones/zone/instances/instance-name",
+          "items": {
+            "$ref": "InstanceReference"
+          },
+          "type": "array"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "UrlMapList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "patch": {
-     "id": "compute.urlMaps.patch",
-     "path": "{project}/global/urlMaps/{urlMap}",
-     "httpMethod": "PATCH",
-     "description": "Patches the specified UrlMap resource with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "TargetPoolsRemoveHealthCheckRequest": {
+      "id": "TargetPoolsRemoveHealthCheckRequest",
+      "properties": {
+        "healthChecks": {
+          "description": "Health check URL to be removed. This can be a full or valid partial URL. For example, the following are valid URLs:  \n- https://www.googleapis.com/compute/beta/projects/project/global/httpHealthChecks/health-check \n- projects/project/global/httpHealthChecks/health-check \n- global/httpHealthChecks/health-check",
+          "items": {
+            "$ref": "HealthCheckReference"
+          },
+          "type": "array"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "TargetPoolsRemoveInstanceRequest": {
+      "id": "TargetPoolsRemoveInstanceRequest",
+      "properties": {
+        "instances": {
+          "description": "URLs of the instances to be removed from target pool.",
+          "items": {
+            "$ref": "InstanceReference"
+          },
+          "type": "array"
+        }
       },
-      "urlMap": {
-       "type": "string",
-       "description": "Name of the UrlMap resource to patch.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "urlMap"
-     ],
-     "request": {
-      "$ref": "UrlMap"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "update": {
-     "id": "compute.urlMaps.update",
-     "path": "{project}/global/urlMaps/{urlMap}",
-     "httpMethod": "PUT",
-     "description": "Updates the specified UrlMap resource with the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "TargetPoolsScopedList": {
+      "id": "TargetPoolsScopedList",
+      "properties": {
+        "targetPools": {
+          "description": "List of target pools contained in this scope.",
+          "items": {
+            "$ref": "TargetPool"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of addresses when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "TargetReference": {
+      "id": "TargetReference",
+      "properties": {
+        "target": {
+          "type": "string"
+        }
       },
-      "urlMap": {
-       "type": "string",
-       "description": "Name of the UrlMap resource to update.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "urlMap"
-     ],
-     "request": {
-      "$ref": "UrlMap"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "validate": {
-     "id": "compute.urlMaps.validate",
-     "path": "{project}/global/urlMaps/{urlMap}/validate",
-     "httpMethod": "POST",
-     "description": "Runs static validation for the UrlMap. In particular, the tests of the provided UrlMap will be run. Calling this method does NOT create the UrlMap.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "TargetSslProxiesSetBackendServiceRequest": {
+      "id": "TargetSslProxiesSetBackendServiceRequest",
+      "properties": {
+        "service": {
+          "description": "The URL of the new BackendService resource for the targetSslProxy.",
+          "type": "string"
+        }
       },
-      "urlMap": {
-       "type": "string",
-       "description": "Name of the UrlMap resource to be validated as.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "urlMap"
-     ],
-     "request": {
-      "$ref": "UrlMapsValidateRequest"
-     },
-     "response": {
-      "$ref": "UrlMapsValidateResponse"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    }
-   }
-  },
-  "vpnTunnels": {
-   "methods": {
-    "aggregatedList": {
-     "id": "compute.vpnTunnels.aggregatedList",
-     "path": "{project}/aggregated/vpnTunnels",
-     "httpMethod": "GET",
-     "description": "Retrieves an aggregated list of VPN tunnels.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "TargetSslProxiesSetProxyHeaderRequest": {
+      "id": "TargetSslProxiesSetProxyHeaderRequest",
+      "properties": {
+        "proxyHeader": {
+          "description": "The new type of proxy header to append before sending data to the backend. NONE or PROXY_V1 are allowed.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "TargetSslProxiesSetSslCertificatesRequest": {
+      "id": "TargetSslProxiesSetSslCertificatesRequest",
+      "properties": {
+        "sslCertificates": {
+          "description": "New set of URLs to SslCertificate resources to associate with this TargetSslProxy. Currently exactly one ssl certificate must be specified.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "TargetSslProxy": {
+      "description": "A TargetSslProxy resource. This resource defines an SSL proxy. (== resource_for beta.targetSslProxies ==) (== resource_for v1.targetSslProxies ==)",
+      "id": "TargetSslProxy",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#targetSslProxy",
+          "description": "[Output Only] Type of the resource. Always compute#targetSslProxy for target SSL proxies.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "proxyHeader": {
+          "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "service": {
+          "description": "URL to the BackendService resource.",
+          "type": "string"
+        },
+        "sslCertificates": {
+          "description": "URLs to SslCertificate resources that are used to authenticate connections to Backends. Currently exactly one SSL certificate must be specified.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "TargetSslProxyList": {
+      "description": "Contains a list of TargetSslProxy resources.",
+      "id": "TargetSslProxyList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetSslProxy resources.",
+          "items": {
+            "$ref": "TargetSslProxy"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetSslProxyList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "VpnTunnelAggregatedList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "delete": {
-     "id": "compute.vpnTunnels.delete",
-     "path": "{project}/regions/{region}/vpnTunnels/{vpnTunnel}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified VpnTunnel resource.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "TargetTcpProxiesSetBackendServiceRequest": {
+      "id": "TargetTcpProxiesSetBackendServiceRequest",
+      "properties": {
+        "service": {
+          "description": "The URL of the new BackendService resource for the targetTcpProxy.",
+          "type": "string"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "TargetTcpProxiesSetProxyHeaderRequest": {
+      "id": "TargetTcpProxiesSetProxyHeaderRequest",
+      "properties": {
+        "proxyHeader": {
+          "description": "The new type of proxy header to append before sending data to the backend. NONE or PROXY_V1 are allowed.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
+      "type": "object"
+    },
+    "TargetTcpProxy": {
+      "description": "A TargetTcpProxy resource. This resource defines a TCP proxy. (== resource_for beta.targetTcpProxies ==) (== resource_for v1.targetTcpProxies ==)",
+      "id": "TargetTcpProxy",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#targetTcpProxy",
+          "description": "[Output Only] Type of the resource. Always compute#targetTcpProxy for target TCP proxies.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "proxyHeader": {
+          "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.",
+          "enum": [
+            "NONE",
+            "PROXY_V1"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "service": {
+          "description": "URL to the BackendService resource.",
+          "type": "string"
+        }
       },
-      "vpnTunnel": {
-       "type": "string",
-       "description": "Name of the VpnTunnel resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "vpnTunnel"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.vpnTunnels.get",
-     "path": "{project}/regions/{region}/vpnTunnels/{vpnTunnel}",
-     "httpMethod": "GET",
-     "description": "Returns the specified VpnTunnel resource. Get a list of available VPN tunnels by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "TargetTcpProxyList": {
+      "description": "Contains a list of TargetTcpProxy resources.",
+      "id": "TargetTcpProxyList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetTcpProxy resources.",
+          "items": {
+            "$ref": "TargetTcpProxy"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetTcpProxyList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "TargetVpnGateway": {
+      "description": "Represents a Target VPN gateway resource. (== resource_for beta.targetVpnGateways ==) (== resource_for v1.targetVpnGateways ==)",
+      "id": "TargetVpnGateway",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "forwardingRules": {
+          "description": "[Output Only] A list of URLs to the ForwardingRule resources. ForwardingRules are created using compute.forwardingRules.insert and associated to a VPN gateway.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#targetVpnGateway",
+          "description": "[Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.",
+          "type": "string"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.targetVpnGateways.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "network": {
+          "annotations": {
+            "required": [
+              "compute.targetVpnGateways.insert"
+            ]
+          },
+          "description": "URL of the network to which this VPN gateway is attached. Provided by the client when the VPN gateway is created.",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the target VPN gateway resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the VPN gateway.",
+          "enum": [
+            "CREATING",
+            "DELETING",
+            "FAILED",
+            "READY"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "tunnels": {
+          "description": "[Output Only] A list of URLs to VpnTunnel resources. VpnTunnels are created using compute.vpntunnels.insert method and associated to a VPN gateway.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
       },
-      "vpnTunnel": {
-       "type": "string",
-       "description": "Name of the VpnTunnel resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region",
-      "vpnTunnel"
-     ],
-     "response": {
-      "$ref": "VpnTunnel"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "insert": {
-     "id": "compute.vpnTunnels.insert",
-     "path": "{project}/regions/{region}/vpnTunnels",
-     "httpMethod": "POST",
-     "description": "Creates a VpnTunnel resource in the specified project and region using the data included in the request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "TargetVpnGatewayAggregatedList": {
+      "id": "TargetVpnGatewayAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "TargetVpnGatewaysScopedList",
+            "description": "[Output Only] Name of the scope containing this set of target VPN gateways."
+          },
+          "description": "A list of TargetVpnGateway resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#targetVpnGatewayAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "TargetVpnGatewayList": {
+      "description": "Contains a list of TargetVpnGateway resources.",
+      "id": "TargetVpnGatewayList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of TargetVpnGateway resources.",
+          "items": {
+            "$ref": "TargetVpnGateway"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#targetVpnGatewayList",
+          "description": "[Output Only] Type of resource. Always compute#targetVpnGateway for target VPN gateways.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "requestId": {
-       "type": "string",
-       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
-       "location": "query"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "request": {
-      "$ref": "VpnTunnel"
-     },
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "list": {
-     "id": "compute.vpnTunnels.list",
-     "path": "{project}/regions/{region}/vpnTunnels",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of VpnTunnel resources contained in the specified project and region.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "TargetVpnGatewaysScopedList": {
+      "id": "TargetVpnGatewaysScopedList",
+      "properties": {
+        "targetVpnGateways": {
+          "description": "[Output Only] List of target vpn gateways contained in this scope.",
+          "items": {
+            "$ref": "TargetVpnGateway"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning which replaces the list of addresses when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "TestFailure": {
+      "id": "TestFailure",
+      "properties": {
+        "actualService": {
+          "type": "string"
+        },
+        "expectedService": {
+          "type": "string"
+        },
+        "host": {
+          "type": "string"
+        },
+        "path": {
+          "type": "string"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "UrlMap": {
+      "description": "A UrlMap resource. This resource defines the mapping from URL to the BackendService resource, based on the \"longest-match\" of the URL's host and path.",
+      "id": "UrlMap",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "defaultService": {
+          "description": "The URL of the BackendService resource if none of the hostRules match.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "fingerprint": {
+          "description": "Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a UrlMap. An up-to-date fingerprint must be provided in order to update the UrlMap.",
+          "format": "byte",
+          "type": "string"
+        },
+        "hostRules": {
+          "description": "The list of HostRules to use against the URL.",
+          "items": {
+            "$ref": "HostRule"
+          },
+          "type": "array"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#urlMap",
+          "description": "[Output Only] Type of the resource. Always compute#urlMaps for url maps.",
+          "type": "string"
+        },
+        "name": {
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "pathMatchers": {
+          "description": "The list of named PathMatchers to use against the URL.",
+          "items": {
+            "$ref": "PathMatcher"
+          },
+          "type": "array"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "tests": {
+          "description": "The list of expected URL mapping tests. Request to update this UrlMap will succeed only if all of the test cases pass. You can specify a maximum of 100 tests per UrlMap.",
+          "items": {
+            "$ref": "UrlMapTest"
+          },
+          "type": "array"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "UrlMapList": {
+      "description": "Contains a list of UrlMap resources.",
+      "id": "UrlMapList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of UrlMap resources.",
+          "items": {
+            "$ref": "UrlMap"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#urlMapList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "UrlMapReference": {
+      "id": "UrlMapReference",
+      "properties": {
+        "urlMap": {
+          "type": "string"
+        }
       },
-      "region": {
-       "type": "string",
-       "description": "Name of the region for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "region"
-     ],
-     "response": {
-      "$ref": "VpnTunnelList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "zoneOperations": {
-   "methods": {
-    "delete": {
-     "id": "compute.zoneOperations.delete",
-     "path": "{project}/zones/{zone}/operations/{operation}",
-     "httpMethod": "DELETE",
-     "description": "Deletes the specified zone-specific Operations resource.",
-     "parameters": {
-      "operation": {
-       "type": "string",
-       "description": "Name of the Operations resource to delete.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "UrlMapTest": {
+      "description": "Message for the expected URL mappings.",
+      "id": "UrlMapTest",
+      "properties": {
+        "description": {
+          "description": "Description of this test case.",
+          "type": "string"
+        },
+        "host": {
+          "description": "Host portion of the URL.",
+          "type": "string"
+        },
+        "path": {
+          "description": "Path portion of the URL.",
+          "type": "string"
+        },
+        "service": {
+          "description": "Expected BackendService resource the given URL should be mapped to.",
+          "type": "string"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "UrlMapValidationResult": {
+      "description": "Message representing the validation result for a UrlMap.",
+      "id": "UrlMapValidationResult",
+      "properties": {
+        "loadErrors": {
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "loadSucceeded": {
+          "description": "Whether the given UrlMap can be successfully loaded. If false, 'loadErrors' indicates the reasons.",
+          "type": "boolean"
+        },
+        "testFailures": {
+          "items": {
+            "$ref": "TestFailure"
+          },
+          "type": "array"
+        },
+        "testPassed": {
+          "description": "If successfully loaded, this field indicates whether the test passed. If false, 'testFailures's indicate the reason of failure.",
+          "type": "boolean"
+        }
       },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "operation"
-     ],
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute"
-     ]
-    },
-    "get": {
-     "id": "compute.zoneOperations.get",
-     "path": "{project}/zones/{zone}/operations/{operation}",
-     "httpMethod": "GET",
-     "description": "Retrieves the specified zone-specific Operations resource.",
-     "parameters": {
-      "operation": {
-       "type": "string",
-       "description": "Name of the Operations resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
+      "type": "object"
+    },
+    "UrlMapsValidateRequest": {
+      "id": "UrlMapsValidateRequest",
+      "properties": {
+        "resource": {
+          "$ref": "UrlMap",
+          "description": "Content of the UrlMap to be validated."
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "UrlMapsValidateResponse": {
+      "id": "UrlMapsValidateResponse",
+      "properties": {
+        "result": {
+          "$ref": "UrlMapValidationResult"
+        }
       },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for this request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone",
-      "operation"
-     ],
-     "response": {
-      "$ref": "Operation"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.zoneOperations.list",
-     "path": "{project}/zones/{zone}/operations",
-     "httpMethod": "GET",
-     "description": "Retrieves a list of Operation resources contained within the specified zone.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "UsageExportLocation": {
+      "description": "The location in Cloud Storage and naming method of the daily usage report. Contains bucket_name and report_name prefix.",
+      "id": "UsageExportLocation",
+      "properties": {
+        "bucketName": {
+          "description": "The name of an existing bucket in Cloud Storage where the usage report object is stored. The Google Service Account is granted write access to this bucket. This can either be the bucket name by itself, such as example-bucket, or the bucket name with gs:// or https://storage.googleapis.com/ in front of it, such as gs://example-bucket.",
+          "type": "string"
+        },
+        "reportNamePrefix": {
+          "description": "An optional prefix for the name of the usage report object stored in bucketName. If not supplied, defaults to usage. The report is stored as a CSV file named report_name_prefix_gce_YYYYMMDD.csv where YYYYMMDD is the day of the usage according to Pacific Time. If you supply a prefix, it should conform to Cloud Storage object naming conventions.",
+          "type": "string"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "VpnTunnel": {
+      "description": "VPN tunnel resource. (== resource_for beta.vpnTunnels ==) (== resource_for v1.vpnTunnels ==)",
+      "id": "VpnTunnel",
+      "properties": {
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "An optional description of this resource. Provide this property when you create the resource.",
+          "type": "string"
+        },
+        "detailedStatus": {
+          "description": "[Output Only] Detailed status message for the VPN tunnel.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "ikeVersion": {
+          "description": "IKE protocol version to use when establishing the VPN tunnel with peer VPN gateway. Acceptable IKE versions are 1 or 2. Default version is 2.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "kind": {
+          "default": "compute#vpnTunnel",
+          "description": "[Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.",
+          "type": "string"
+        },
+        "localTrafficSelector": {
+          "description": "Local traffic selector to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example: 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "name": {
+          "annotations": {
+            "required": [
+              "compute.vpnTunnels.insert"
+            ]
+          },
+          "description": "Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.",
+          "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+          "type": "string"
+        },
+        "peerIp": {
+          "description": "IP address of the peer VPN gateway. Only IPv4 is supported.",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] URL of the region where the VPN tunnel resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.",
+          "type": "string"
+        },
+        "remoteTrafficSelector": {
+          "description": "Remote traffic selectors to use when establishing the VPN tunnel with peer VPN gateway. The value should be a CIDR formatted string, for example: 192.168.0.0/16. The ranges should be disjoint. Only IPv4 is supported.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "router": {
+          "description": "URL of router resource to be used for dynamic routing.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "sharedSecret": {
+          "description": "Shared secret used to set the secure session between the Cloud VPN gateway and the peer VPN gateway.",
+          "type": "string"
+        },
+        "sharedSecretHash": {
+          "description": "Hash of the shared secret.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] The status of the VPN tunnel.",
+          "enum": [
+            "ALLOCATING_RESOURCES",
+            "AUTHORIZATION_ERROR",
+            "DEPROVISIONING",
+            "ESTABLISHED",
+            "FAILED",
+            "FIRST_HANDSHAKE",
+            "NEGOTIATION_FAILURE",
+            "NETWORK_ERROR",
+            "NO_INCOMING_PACKETS",
+            "PROVISIONING",
+            "REJECTED",
+            "WAITING_FOR_FULL_CONFIG"
+          ],
+          "enumDescriptions": [
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            "",
+            ""
+          ],
+          "type": "string"
+        },
+        "targetVpnGateway": {
+          "description": "URL of the Target VPN gateway with which this VPN tunnel is associated. Provided by the client when the VPN tunnel is created.",
+          "type": "string"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "VpnTunnelAggregatedList": {
+      "id": "VpnTunnelAggregatedList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "additionalProperties": {
+            "$ref": "VpnTunnelsScopedList",
+            "description": "Name of the scope containing this set of vpn tunnels."
+          },
+          "description": "A list of VpnTunnelsScopedList resources.",
+          "type": "object"
+        },
+        "kind": {
+          "default": "compute#vpnTunnelAggregatedList",
+          "description": "[Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "VpnTunnelList": {
+      "description": "Contains a list of VpnTunnel resources.",
+      "id": "VpnTunnelList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of VpnTunnel resources.",
+          "items": {
+            "$ref": "VpnTunnel"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#vpnTunnelList",
+          "description": "[Output Only] Type of resource. Always compute#vpnTunnel for VPN tunnels.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "VpnTunnelsScopedList": {
+      "id": "VpnTunnelsScopedList",
+      "properties": {
+        "vpnTunnels": {
+          "description": "List of vpn tunnels contained in this scope.",
+          "items": {
+            "$ref": "VpnTunnel"
+          },
+          "type": "array"
+        },
+        "warning": {
+          "description": "Informational warning which replaces the list of addresses when the list is empty.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone for request.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "OperationList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    }
-   }
-  },
-  "zones": {
-   "methods": {
-    "get": {
-     "id": "compute.zones.get",
-     "path": "{project}/zones/{zone}",
-     "httpMethod": "GET",
-     "description": "Returns the specified Zone resource. Get a list of available zones by making a list() request.",
-     "parameters": {
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
+      "type": "object"
+    },
+    "XpnHostList": {
+      "id": "XpnHostList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "[Output Only] A list of shared VPC host project URLs.",
+          "items": {
+            "$ref": "Project"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#xpnHostList",
+          "description": "[Output Only] Type of resource. Always compute#xpnHostList for lists of shared VPC hosts.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "zone": {
-       "type": "string",
-       "description": "Name of the zone resource to return.",
-       "required": true,
-       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project",
-      "zone"
-     ],
-     "response": {
-      "$ref": "Zone"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
-    },
-    "list": {
-     "id": "compute.zones.list",
-     "path": "{project}/zones",
-     "httpMethod": "GET",
-     "description": "Retrieves the list of Zone resources available to the specified project.",
-     "parameters": {
-      "filter": {
-       "type": "string",
-       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
-       "location": "query"
+      "type": "object"
+    },
+    "XpnResourceId": {
+      "description": "Service resource (a.k.a service project) ID.",
+      "id": "XpnResourceId",
+      "properties": {
+        "id": {
+          "description": "The ID of the service resource. In the case of projects, this field matches the project ID (e.g., my-project), not the project number (e.g., 12345678).",
+          "type": "string"
+        },
+        "type": {
+          "description": "The type of the service resource.",
+          "enum": [
+            "PROJECT",
+            "XPN_RESOURCE_TYPE_UNSPECIFIED"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
       },
-      "maxResults": {
-       "type": "integer",
-       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
-       "default": "500",
-       "format": "uint32",
-       "minimum": "0",
-       "location": "query"
+      "type": "object"
+    },
+    "Zone": {
+      "description": "A Zone resource. (== resource_for beta.zones ==) (== resource_for v1.zones ==)",
+      "id": "Zone",
+      "properties": {
+        "availableCpuPlatforms": {
+          "description": "[Output Only] Available cpu/platform selections for the zone.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "creationTimestamp": {
+          "description": "[Output Only] Creation timestamp in RFC3339 text format.",
+          "type": "string"
+        },
+        "deprecated": {
+          "$ref": "DeprecationStatus",
+          "description": "[Output Only] The deprecation status associated with this zone."
+        },
+        "description": {
+          "description": "[Output Only] Textual description of the resource.",
+          "type": "string"
+        },
+        "id": {
+          "description": "[Output Only] The unique identifier for the resource. This identifier is defined by the server.",
+          "format": "uint64",
+          "type": "string"
+        },
+        "kind": {
+          "default": "compute#zone",
+          "description": "[Output Only] Type of the resource. Always compute#zone for zones.",
+          "type": "string"
+        },
+        "name": {
+          "description": "[Output Only] Name of the resource.",
+          "type": "string"
+        },
+        "region": {
+          "description": "[Output Only] Full URL reference to the region which hosts the zone.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "status": {
+          "description": "[Output Only] Status of the zone, either UP or DOWN.",
+          "enum": [
+            "DOWN",
+            "UP"
+          ],
+          "enumDescriptions": [
+            "",
+            ""
+          ],
+          "type": "string"
+        }
       },
-      "orderBy": {
-       "type": "string",
-       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
-       "location": "query"
+      "type": "object"
+    },
+    "ZoneList": {
+      "description": "Contains a list of zone resources.",
+      "id": "ZoneList",
+      "properties": {
+        "id": {
+          "description": "[Output Only] Unique identifier for the resource; defined by the server.",
+          "type": "string"
+        },
+        "items": {
+          "description": "A list of Zone resources.",
+          "items": {
+            "$ref": "Zone"
+          },
+          "type": "array"
+        },
+        "kind": {
+          "default": "compute#zoneList",
+          "description": "Type of resource.",
+          "type": "string"
+        },
+        "nextPageToken": {
+          "description": "[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output Only] Server-defined URL for this resource.",
+          "type": "string"
+        },
+        "warning": {
+          "description": "[Output Only] Informational warning message.",
+          "properties": {
+            "code": {
+              "description": "[Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.",
+              "enum": [
+                "CLEANUP_FAILED",
+                "DEPRECATED_RESOURCE_USED",
+                "DEPRECATED_TYPE_USED",
+                "DISK_SIZE_LARGER_THAN_IMAGE_SIZE",
+                "EXPERIMENTAL_TYPE_USED",
+                "EXTERNAL_API_WARNING",
+                "FIELD_VALUE_OVERRIDEN",
+                "INJECTED_KERNELS_DEPRECATED",
+                "MISSING_TYPE_DEPENDENCY",
+                "NEXT_HOP_ADDRESS_NOT_ASSIGNED",
+                "NEXT_HOP_CANNOT_IP_FORWARD",
+                "NEXT_HOP_INSTANCE_NOT_FOUND",
+                "NEXT_HOP_INSTANCE_NOT_ON_NETWORK",
+                "NEXT_HOP_NOT_RUNNING",
+                "NOT_CRITICAL_ERROR",
+                "NO_RESULTS_ON_PAGE",
+                "REQUIRED_TOS_AGREEMENT",
+                "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING",
+                "RESOURCE_NOT_DELETED",
+                "SCHEMA_VALIDATION_IGNORED",
+                "SINGLE_INSTANCE_PROPERTY_TEMPLATE",
+                "UNDECLARED_PROPERTIES",
+                "UNREACHABLE"
+              ],
+              "enumDescriptions": [
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                "",
+                ""
+              ],
+              "type": "string"
+            },
+            "data": {
+              "description": "[Output Only] Metadata about this warning in key: value format. For example:\n\"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" }",
+              "items": {
+                "properties": {
+                  "key": {
+                    "description": "[Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).",
+                    "type": "string"
+                  },
+                  "value": {
+                    "description": "[Output Only] A warning data value corresponding to the key.",
+                    "type": "string"
+                  }
+                },
+                "type": "object"
+              },
+              "type": "array"
+            },
+            "message": {
+              "description": "[Output Only] A human-readable description of the warning code.",
+              "type": "string"
+            }
+          },
+          "type": "object"
+        }
       },
-      "pageToken": {
-       "type": "string",
-       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
-       "location": "query"
+      "type": "object"
+    },
+    "ZoneSetLabelsRequest": {
+      "id": "ZoneSetLabelsRequest",
+      "properties": {
+        "labelFingerprint": {
+          "description": "The fingerprint of the previous set of labels for this resource, used to detect conflicts. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels. Make a get() request to the resource to get the latest fingerprint.",
+          "format": "byte",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "The labels to set for this resource.",
+          "type": "object"
+        }
       },
-      "project": {
-       "type": "string",
-       "description": "Project ID for this request.",
-       "required": true,
-       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
-       "location": "path"
-      }
-     },
-     "parameterOrder": [
-      "project"
-     ],
-     "response": {
-      "$ref": "ZoneList"
-     },
-     "scopes": [
-      "https://www.googleapis.com/auth/cloud-platform",
-      "https://www.googleapis.com/auth/compute",
-      "https://www.googleapis.com/auth/compute.readonly"
-     ]
+      "type": "object"
     }
-   }
-  }
- }
-}
+  },
+  "servicePath": "compute/v1/projects/",
+  "title": "Compute Engine API",
+  "version": "v1"
+}
\ No newline at end of file
diff --git a/vendor/google.golang.org/api/compute/v1/compute-gen.go b/vendor/google.golang.org/api/compute/v1/compute-gen.go
index 643966ea140b..ec6bd5385496 100644
--- a/vendor/google.golang.org/api/compute/v1/compute-gen.go
+++ b/vendor/google.golang.org/api/compute/v1/compute-gen.go
@@ -695,7 +695,8 @@ type AcceleratorConfig struct {
 	AcceleratorCount int64 `json:"acceleratorCount,omitempty"`
 
 	// AcceleratorType: Full or partial URL of the accelerator type resource
-	// to expose to this instance.
+	// to attach to this instance. If you are creating an instance template,
+	// specify only the accelerator name.
 	AcceleratorType string `json:"acceleratorType,omitempty"`
 
 	// ForceSendFields is a list of field names (e.g. "AcceleratorCount") to
@@ -757,7 +758,9 @@ type AcceleratorType struct {
 	SelfLink string `json:"selfLink,omitempty"`
 
 	// Zone: [Output Only] The name of the zone where the accelerator type
-	// resides, such as us-central1-a.
+	// resides, such as us-central1-a. You must specify this field as part
+	// of the HTTP request URL. It is not settable as a field in the request
+	// body.
 	Zone string `json:"zone,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -1254,6 +1257,15 @@ type AccessConfig struct {
 	// live in the same region as the zone of the instance.
 	NatIP string `json:"natIP,omitempty"`
 
+	// PublicPtrDomainName: The DNS domain name for the public PTR record.
+	// This field can only be set when the set_public_ptr field is enabled.
+	PublicPtrDomainName string `json:"publicPtrDomainName,omitempty"`
+
+	// SetPublicPtr: Specifies whether a public DNS ?PTR? record should be
+	// created to map the external IP address of the instance to a DNS
+	// domain name.
+	SetPublicPtr bool `json:"setPublicPtr,omitempty"`
+
 	// Type: The type of configuration. The default and only option is
 	// ONE_TO_ONE_NAT.
 	//
@@ -1329,14 +1341,16 @@ type Address struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
 	Name string `json:"name,omitempty"`
 
 	// Region: [Output Only] URL of the region where the regional address
-	// resides. This field is not applicable to global addresses.
+	// resides. This field is not applicable to global addresses. You must
+	// specify this field as part of the HTTP request URL. You cannot set
+	// this field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// SelfLink: [Output Only] Server-defined URL for the resource.
@@ -1918,6 +1932,11 @@ type AttachedDisk struct {
 	// group.
 	DiskEncryptionKey *CustomerEncryptionKey `json:"diskEncryptionKey,omitempty"`
 
+	// GuestOsFeatures: A list of features to enable on the guest operating
+	// system. Applicable only for bootable images. Read  Enabling guest
+	// operating system features to see a list of available options.
+	GuestOsFeatures []*GuestOsFeature `json:"guestOsFeatures,omitempty"`
+
 	// Index: [Output Only] A zero-based index to this disk, where 0 is
 	// reserved for the boot disk. If you have many disks attached to an
 	// instance, each disk would have a unique index number.
@@ -2023,9 +2042,9 @@ type AttachedDiskInitializeParams struct {
 	// not specified, the default is pd-standard, specified using the full
 	// URL. For
 	// example:
+	// https://www.googleapis.com/compute/v1/projects/project/zones/
+	// zone/diskTypes/pd-standard
 	//
-	// https://www.googleapis.com/compute/v1/projects/project/zones
-	// /zone/diskTypes/pd-standard
 	//
 	// Other values include pd-ssd and local-ssd. If you define this field,
 	// you can provide either the full or partial URL. For example, the
@@ -2037,6 +2056,11 @@ type AttachedDiskInitializeParams struct {
 	// is the name of the disk type, not URL.
 	DiskType string `json:"diskType,omitempty"`
 
+	// Labels: Labels to apply to this disk. These can be later modified by
+	// the disks.setLabels method. This field is only applicable for
+	// persistent disks.
+	Labels map[string]string `json:"labels,omitempty"`
+
 	// SourceImage: The source image to create this disk. When creating a
 	// new instance, one of initializeParams.sourceImage or disks.source is
 	// required except for local SSD.
@@ -2045,26 +2069,29 @@ type AttachedDiskInitializeParams struct {
 	// specify the image by its family name. For example, specify
 	// family/debian-8 to use the latest Debian 8
 	// image:
-	//
 	// projects/debian-cloud/global/images/family/debian-8
 	//
-	// Alternatively, use a specific version of a public operating system
-	// image:
 	//
+	// Alternati
+	// vely, use a specific version of a public operating system
+	// image:
 	// projects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD
 	//
-	// To create a disk with a custom image that you created, specify the
-	// image name in the following format:
 	//
+	//
+	// To create a disk with a custom image that you created, specify the
+	// image name in the following
+	// format:
 	// global/images/my-custom-image
 	//
+	//
 	// You can also specify a custom image by its image family, which
 	// returns the latest version of the image in that family. Replace the
 	// image name with
 	// family/family-name:
-	//
 	// global/images/family/my-image-family
 	//
+	//
 	// If the source image is deleted later, this field will not be set.
 	SourceImage string `json:"sourceImage,omitempty"`
 
@@ -2136,7 +2163,7 @@ type Autoscaler struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -3076,7 +3103,7 @@ type BackendBucket struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -3342,7 +3369,7 @@ type BackendService struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -3380,7 +3407,8 @@ type BackendService struct {
 
 	// Region: [Output Only] URL of the region where the regional backend
 	// service resides. This field is not applicable to global backend
-	// services.
+	// services. You must specify this field as part of the HTTP request
+	// URL. It is not settable as a field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// SelfLink: [Output Only] Server-defined URL for the resource.
@@ -4101,7 +4129,7 @@ type Commitment struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -4805,6 +4833,11 @@ type Disk struct {
 	// you do not need to provide a key to use the disk later.
 	DiskEncryptionKey *CustomerEncryptionKey `json:"diskEncryptionKey,omitempty"`
 
+	// GuestOsFeatures: A list of features to enable on the guest operating
+	// system. Applicable only for bootable images. Read  Enabling guest
+	// operating system features to see a list of available options.
+	GuestOsFeatures []*GuestOsFeature `json:"guestOsFeatures,omitempty"`
+
 	// Id: [Output Only] The unique identifier for the resource. This
 	// identifier is defined by the server.
 	Id uint64 `json:"id,omitempty,string"`
@@ -4842,7 +4875,7 @@ type Disk struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -4873,24 +4906,26 @@ type Disk struct {
 	// specify the image by its family name. For example, specify
 	// family/debian-8 to use the latest Debian 8
 	// image:
-	//
 	// projects/debian-cloud/global/images/family/debian-8
 	//
-	// Alternatively, use a specific version of a public operating system
-	// image:
 	//
+	// Alternati
+	// vely, use a specific version of a public operating system
+	// image:
 	// projects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD
 	//
-	// To create a disk with a custom image that you created, specify the
-	// image name in the following format:
 	//
+	//
+	// To create a disk with a custom image that you created, specify the
+	// image name in the following
+	// format:
 	// global/images/my-custom-image
 	//
+	//
 	// You can also specify a custom image by its image family, which
 	// returns the latest version of the image in that family. Replace the
 	// image name with
 	// family/family-name:
-	//
 	// global/images/family/my-image-family
 	SourceImage string `json:"sourceImage,omitempty"`
 
@@ -4939,14 +4974,17 @@ type Disk struct {
 	Status string `json:"status,omitempty"`
 
 	// Type: URL of the disk type resource describing which disk type to use
-	// to create the disk. Provide this when creating the disk.
+	// to create the disk. Provide this when creating the disk. For example:
+	// project/zones/zone/diskTypes/pd-standard or pd-ssd
 	Type string `json:"type,omitempty"`
 
 	// Users: [Output Only] Links to the users of the disk (attached
 	// instances) in form: project/zones/zone/instances/instance
 	Users []string `json:"users,omitempty"`
 
-	// Zone: [Output Only] URL of the zone where the disk resides.
+	// Zone: [Output Only] URL of the zone where the disk resides. You must
+	// specify this field as part of the HTTP request URL. It is not
+	// settable as a field in the request body.
 	Zone string `json:"zone,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -5366,7 +5404,9 @@ type DiskType struct {
 	// valid disk size, such as "10GB-10TB".
 	ValidDiskSize string `json:"validDiskSize,omitempty"`
 
-	// Zone: [Output Only] URL of the zone where the disk type resides.
+	// Zone: [Output Only] URL of the zone where the disk type resides. You
+	// must specify this field as part of the HTTP request URL. It is not
+	// settable as a field in the request body.
 	Zone string `json:"zone,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -6013,7 +6053,7 @@ type Firewall struct {
 	CreationTimestamp string `json:"creationTimestamp,omitempty"`
 
 	// Denied: The list of DENY rules specified by this firewall. Each rule
-	// specifies a protocol and port-range tuple that describes a permitted
+	// specifies a protocol and port-range tuple that describes a denied
 	// connection.
 	Denied []*FirewallDenied `json:"denied,omitempty"`
 
@@ -6048,7 +6088,7 @@ type Firewall struct {
 	// Name: Name of the resource; provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -6495,7 +6535,7 @@ type ForwardingRule struct {
 	// Name: Name of the resource; provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -6522,11 +6562,10 @@ type ForwardingRule struct {
 	// - TargetHttpProxy: 80, 8080
 	// - TargetHttpsProxy: 443
 	// - TargetTcpProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993,
-	// 995, 1883, 5222
+	// 995, 1688, 1883, 5222
 	// - TargetSslProxy: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993,
-	// 995, 1883, 5222
+	// 995, 1688, 1883, 5222
 	// - TargetVpnGateway: 500, 4500
-	// -
 	PortRange string `json:"portRange,omitempty"`
 
 	// Ports: This field is used along with the backend_service field for
@@ -6542,7 +6581,8 @@ type ForwardingRule struct {
 
 	// Region: [Output Only] URL of the region where the regional forwarding
 	// rule resides. This field is not applicable to global forwarding
-	// rules.
+	// rules. You must specify this field as part of the HTTP request URL.
+	// It is not settable as a field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// SelfLink: [Output Only] Server-defined URL for the resource.
@@ -6564,8 +6604,6 @@ type ForwardingRule struct {
 	// same region as the forwarding rule. For global forwarding rules, this
 	// target must be a global load balancing resource. The forwarded
 	// traffic must be of a type appropriate to the target object.
-	//
-	// This field is not used for internal load balancing.
 	Target string `json:"target,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -7051,8 +7089,8 @@ type GlobalSetLabelsRequest struct {
 	// Labels: A list of labels to apply for this resource. Each label key &
 	// value must comply with RFC1035. Specifically, the name must be 1-63
 	// characters long and match the regular expression
-	// [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a
-	// lowercase letter, and all following characters must be a dash,
+	// `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be
+	// a lowercase letter, and all following characters must be a dash,
 	// lowercase letter, or digit, except the last character, which cannot
 	// be a dash. For example, "webserver-frontend": "images". A label value
 	// can also be empty (e.g. "my-label": "").
@@ -7089,6 +7127,9 @@ type GuestOsFeature struct {
 	//
 	// Possible values:
 	//   "FEATURE_TYPE_UNSPECIFIED"
+	//   "MULTI_IP_SUBNET"
+	//   "SECURE_BOOT"
+	//   "UEFI_COMPATIBLE"
 	//   "VIRTIO_SCSI_MULTIQUEUE"
 	//   "WINDOWS"
 	Type string `json:"type,omitempty"`
@@ -7250,7 +7291,7 @@ type HealthCheck struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -7616,7 +7657,7 @@ type HttpHealthCheck struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -7861,7 +7902,7 @@ type HttpsHealthCheck struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -8149,7 +8190,7 @@ type Image struct {
 	// Name: Name of the resource; provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -8199,6 +8240,26 @@ type Image struct {
 	// taken from the current or a previous instance of a given image name.
 	SourceImageId string `json:"sourceImageId,omitempty"`
 
+	// SourceSnapshot: URL of the source snapshot used to create this image.
+	// This can be a full or valid partial URL. You must provide exactly one
+	// of:
+	// - this property, or
+	// - the sourceImage property, or
+	// - the rawDisk.source property, or
+	// - the sourceDisk property   in order to create an image.
+	SourceSnapshot string `json:"sourceSnapshot,omitempty"`
+
+	// SourceSnapshotEncryptionKey: The customer-supplied encryption key of
+	// the source snapshot. Required if the source snapshot is protected by
+	// a customer-supplied encryption key.
+	SourceSnapshotEncryptionKey *CustomerEncryptionKey `json:"sourceSnapshotEncryptionKey,omitempty"`
+
+	// SourceSnapshotId: [Output Only] The ID value of the snapshot used to
+	// create this image. This value may be used to determine whether the
+	// snapshot was taken from the current or a previous instance of a given
+	// snapshot name.
+	SourceSnapshotId string `json:"sourceSnapshotId,omitempty"`
+
 	// SourceType: The type of the image used to create this disk. The
 	// default and only value is RAW
 	//
@@ -8502,18 +8563,18 @@ type Instance struct {
 	// when the instance is created. For example, the following is a valid
 	// partial url to a predefined machine
 	// type:
-	//
 	// zones/us-central1-f/machineTypes/n1-standard-1
 	//
+	//
 	// To create a custom machine type, provide a URL to a machine type in
 	// the following format, where CPUS is 1 or an even number up to 32 (2,
 	// 4, 6, ... 24, etc), and MEMORY is the total memory for this instance.
 	// Memory must be a multiple of 256 MB and must be supplied in MB (e.g.
 	// 5 GB of memory is 5120
 	// MB):
-	//
 	// zones/zone/machineTypes/custom-CPUS-MEMORY
 	//
+	//
 	// For example: zones/us-central1-f/machineTypes/custom-4-5120
 	//
 	// For a full list of restrictions, read the Specifications for custom
@@ -8534,8 +8595,8 @@ type Instance struct {
 	// creating the resource. The resource name must be 1-63 characters
 	// long, and comply with RFC1035. Specifically, the name must be 1-63
 	// characters long and match the regular expression
-	// [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a
-	// lowercase letter, and all following characters must be a dash,
+	// `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be
+	// a lowercase letter, and all following characters must be a dash,
 	// lowercase letter, or digit, except the last character, which cannot
 	// be a dash.
 	Name string `json:"name,omitempty"`
@@ -8591,7 +8652,9 @@ type Instance struct {
 	// comply with RFC1035.
 	Tags *Tags `json:"tags,omitempty"`
 
-	// Zone: [Output Only] URL of the zone where the instance resides.
+	// Zone: [Output Only] URL of the zone where the instance resides. You
+	// must specify this field as part of the HTTP request URL. It is not
+	// settable as a field in the request body.
 	Zone string `json:"zone,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -10570,6 +10633,162 @@ func (s *InstanceListWarningData) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
+// InstanceListReferrers: Contains a list of instance referrers.
+type InstanceListReferrers struct {
+	// Id: [Output Only] Unique identifier for the resource; defined by the
+	// server.
+	Id string `json:"id,omitempty"`
+
+	// Items: A list of Reference resources.
+	Items []*Reference `json:"items,omitempty"`
+
+	// Kind: [Output Only] Type of resource. Always
+	// compute#instanceListReferrers for lists of Instance referrers.
+	Kind string `json:"kind,omitempty"`
+
+	// NextPageToken: [Output Only] This token allows you to get the next
+	// page of results for list requests. If the number of results is larger
+	// than maxResults, use the nextPageToken as a value for the query
+	// parameter pageToken in the next list request. Subsequent list
+	// requests will have their own nextPageToken to continue paging through
+	// the results.
+	NextPageToken string `json:"nextPageToken,omitempty"`
+
+	// SelfLink: [Output Only] Server-defined URL for this resource.
+	SelfLink string `json:"selfLink,omitempty"`
+
+	// Warning: [Output Only] Informational warning message.
+	Warning *InstanceListReferrersWarning `json:"warning,omitempty"`
+
+	// ServerResponse contains the HTTP response code and headers from the
+	// server.
+	googleapi.ServerResponse `json:"-"`
+
+	// ForceSendFields is a list of field names (e.g. "Id") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Id") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *InstanceListReferrers) MarshalJSON() ([]byte, error) {
+	type NoMethod InstanceListReferrers
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// InstanceListReferrersWarning: [Output Only] Informational warning
+// message.
+type InstanceListReferrersWarning struct {
+	// Code: [Output Only] A warning code, if applicable. For example,
+	// Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in
+	// the response.
+	//
+	// Possible values:
+	//   "CLEANUP_FAILED"
+	//   "DEPRECATED_RESOURCE_USED"
+	//   "DEPRECATED_TYPE_USED"
+	//   "DISK_SIZE_LARGER_THAN_IMAGE_SIZE"
+	//   "EXPERIMENTAL_TYPE_USED"
+	//   "EXTERNAL_API_WARNING"
+	//   "FIELD_VALUE_OVERRIDEN"
+	//   "INJECTED_KERNELS_DEPRECATED"
+	//   "MISSING_TYPE_DEPENDENCY"
+	//   "NEXT_HOP_ADDRESS_NOT_ASSIGNED"
+	//   "NEXT_HOP_CANNOT_IP_FORWARD"
+	//   "NEXT_HOP_INSTANCE_NOT_FOUND"
+	//   "NEXT_HOP_INSTANCE_NOT_ON_NETWORK"
+	//   "NEXT_HOP_NOT_RUNNING"
+	//   "NOT_CRITICAL_ERROR"
+	//   "NO_RESULTS_ON_PAGE"
+	//   "REQUIRED_TOS_AGREEMENT"
+	//   "RESOURCE_IN_USE_BY_OTHER_RESOURCE_WARNING"
+	//   "RESOURCE_NOT_DELETED"
+	//   "SCHEMA_VALIDATION_IGNORED"
+	//   "SINGLE_INSTANCE_PROPERTY_TEMPLATE"
+	//   "UNDECLARED_PROPERTIES"
+	//   "UNREACHABLE"
+	Code string `json:"code,omitempty"`
+
+	// Data: [Output Only] Metadata about this warning in key: value format.
+	// For example:
+	// "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+	Data []*InstanceListReferrersWarningData `json:"data,omitempty"`
+
+	// Message: [Output Only] A human-readable description of the warning
+	// code.
+	Message string `json:"message,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "Code") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Code") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *InstanceListReferrersWarning) MarshalJSON() ([]byte, error) {
+	type NoMethod InstanceListReferrersWarning
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+type InstanceListReferrersWarningData struct {
+	// Key: [Output Only] A key that provides more detail on the warning
+	// being returned. For example, for warnings where there are no results
+	// in a list request for a particular zone, this key might be scope and
+	// the key value might be the zone name. Other examples might be a key
+	// indicating a deprecated resource and a suggested replacement, or a
+	// warning about invalid network settings (for example, if an instance
+	// attempts to perform IP forwarding but is not enabled for IP
+	// forwarding).
+	Key string `json:"key,omitempty"`
+
+	// Value: [Output Only] A warning data value corresponding to the key.
+	Value string `json:"value,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "Key") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Key") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *InstanceListReferrersWarningData) MarshalJSON() ([]byte, error) {
+	type NoMethod InstanceListReferrersWarningData
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
 type InstanceMoveRequest struct {
 	// DestinationZone: The URL of the destination zone to move the
 	// instance. This can be a full or partial URL. For example, the
@@ -10749,7 +10968,7 @@ type InstanceTemplate struct {
 	// Name: Name of the resource; provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -11384,7 +11603,7 @@ type Interconnect struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -11491,7 +11710,7 @@ type InterconnectAttachment struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -11511,7 +11730,9 @@ type InterconnectAttachment struct {
 	PrivateInterconnectInfo *InterconnectAttachmentPrivateInfo `json:"privateInterconnectInfo,omitempty"`
 
 	// Region: [Output Only] URL of the region where the regional
-	// interconnect attachment resides.
+	// interconnect attachment resides. You must specify this field as part
+	// of the HTTP request URL. It is not settable as a field in the request
+	// body.
 	Region string `json:"region,omitempty"`
 
 	// Router: URL of the cloud router to be used for dynamic routing. This
@@ -13207,6 +13428,7 @@ func (s *MachineTypesScopedListWarningData) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
+// ManagedInstance: Next available tag: 12
 type ManagedInstance struct {
 	// CurrentAction: [Output Only] The current action that the managed
 	// instance group has scheduled for the instance. Possible values:
@@ -13232,6 +13454,8 @@ type ManagedInstance struct {
 	// changes to the instance without stopping it. For example, the group
 	// can update the target pool list for an instance without stopping that
 	// instance.
+	// - VERIFYING The managed instance group has created the instance and
+	// it is in the process of being verified.
 	//
 	// Possible values:
 	//   "ABANDONING"
@@ -13537,7 +13761,7 @@ type Network struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -13599,6 +13823,12 @@ type NetworkInterface struct {
 	// subnet-mode networks.
 	AliasIpRanges []*AliasIpRange `json:"aliasIpRanges,omitempty"`
 
+	// Fingerprint: Fingerprint hash of contents stored in this network
+	// interface. This field will be ignored when inserting an Instance or
+	// adding a NetworkInterface. An up-to-date fingerprint must be provided
+	// in order to update the NetworkInterface.
+	Fingerprint string `json:"fingerprint,omitempty"`
+
 	// Kind: [Output Only] Type of the resource. Always
 	// compute#networkInterface for network interfaces.
 	Kind string `json:"kind,omitempty"`
@@ -13835,8 +14065,8 @@ type NetworkPeering struct {
 	// Name: Name of this peering. Provided by the client when the peering
 	// is created. The name must comply with RFC1035. Specifically, the name
 	// must be 1-63 characters long and match regular expression
-	// [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a
-	// lowercase letter, and all the following characters must be a dash,
+	// `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be
+	// a lowercase letter, and all the following characters must be a dash,
 	// lowercase letter, or digit, except the last character, which cannot
 	// be a dash.
 	Name string `json:"name,omitempty"`
@@ -14046,7 +14276,9 @@ type Operation struct {
 	Progress int64 `json:"progress,omitempty"`
 
 	// Region: [Output Only] The URL of the region where the operation
-	// resides. Only available when performing regional operations.
+	// resides. Only available when performing regional operations. You must
+	// specify this field as part of the HTTP request URL. It is not
+	// settable as a field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// SelfLink: [Output Only] Server-defined URL for the resource.
@@ -14087,7 +14319,9 @@ type Operation struct {
 	Warnings []*OperationWarnings `json:"warnings,omitempty"`
 
 	// Zone: [Output Only] The URL of the zone where the operation resides.
-	// Only available when performing per-zone operations.
+	// Only available when performing per-zone operations. You must specify
+	// this field as part of the HTTP request URL. It is not settable as a
+	// field in the request body.
 	Zone string `json:"zone,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -14810,9 +15044,8 @@ func (s *PathRule) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
-// Project: A Project resource. Projects can only be created in the
-// Google Cloud Platform Console. Unless marked otherwise, values can
-// only be modified in the console. (== resource_for v1.projects ==) (==
+// Project: A Project resource. For an overview of projects, see  Cloud
+// Platform Resource Hierarchy. (== resource_for v1.projects ==) (==
 // resource_for beta.projects ==)
 type Project struct {
 	// CommonInstanceMetadata: Metadata key/value pairs available to all
@@ -15120,6 +15353,46 @@ func (s *Quota) UnmarshalJSON(data []byte) error {
 	return nil
 }
 
+// Reference: Represents a reference to a resource.
+type Reference struct {
+	// Kind: [Output Only] Type of the resource. Always compute#reference
+	// for references.
+	Kind string `json:"kind,omitempty"`
+
+	// ReferenceType: A description of the reference type with no implied
+	// semantics. Possible values include:
+	// - MEMBER_OF
+	ReferenceType string `json:"referenceType,omitempty"`
+
+	// Referrer: URL of the resource which refers to the target.
+	Referrer string `json:"referrer,omitempty"`
+
+	// Target: URL of the resource to which this reference points.
+	Target string `json:"target,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "Kind") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Kind") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *Reference) MarshalJSON() ([]byte, error) {
+	type NoMethod Reference
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
 // Region: Region resource. (== resource_for beta.regions ==) (==
 // resource_for v1.regions ==)
 type Region struct {
@@ -16334,7 +16607,7 @@ type Route struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -16707,7 +16980,7 @@ type Router struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -16716,7 +16989,9 @@ type Router struct {
 	// Network: URI of the network to which this router belongs.
 	Network string `json:"network,omitempty"`
 
-	// Region: [Output Only] URI of the region where the router resides.
+	// Region: [Output Only] URI of the region where the router resides. You
+	// must specify this field as part of the HTTP request URL. It is not
+	// settable as a field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// SelfLink: [Output Only] Server-defined URL for the resource.
@@ -16749,6 +17024,39 @@ func (s *Router) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
 }
 
+// RouterAdvertisedIpRange: Description-tagged IP ranges for the router
+// to advertise.
+type RouterAdvertisedIpRange struct {
+	// Description: User-specified description for the IP range.
+	Description string `json:"description,omitempty"`
+
+	// Range: The IP range to advertise. The value must be a CIDR-formatted
+	// string.
+	Range string `json:"range,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "Description") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Description") to include
+	// in API requests with the JSON null value. By default, fields with
+	// empty values are omitted from API requests. However, any field with
+	// an empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *RouterAdvertisedIpRange) MarshalJSON() ([]byte, error) {
+	type NoMethod RouterAdvertisedIpRange
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
 // RouterAggregatedList: Contains a list of routers.
 type RouterAggregatedList struct {
 	// Id: [Output Only] Unique identifier for the resource; defined by the
@@ -16905,13 +17213,39 @@ func (s *RouterAggregatedListWarningData) MarshalJSON() ([]byte, error) {
 }
 
 type RouterBgp struct {
+	// AdvertiseMode: User-specified flag to indicate which mode to use for
+	// advertisement.
+	//
+	// Possible values:
+	//   "CUSTOM"
+	//   "DEFAULT"
+	AdvertiseMode string `json:"advertiseMode,omitempty"`
+
+	// AdvertisedGroups: User-specified list of prefix groups to advertise
+	// in custom mode. This field can only be populated if advertise_mode is
+	// CUSTOM and is advertised to all peers of the router. These groups
+	// will be advertised in addition to any specified prefixes. Leave this
+	// field blank to advertise no custom groups.
+	//
+	// Possible values:
+	//   "ALL_SUBNETS"
+	AdvertisedGroups []string `json:"advertisedGroups,omitempty"`
+
+	// AdvertisedIpRanges: User-specified list of individual IP ranges to
+	// advertise in custom mode. This field can only be populated if
+	// advertise_mode is CUSTOM and is advertised to all peers of the
+	// router. These IP ranges will be advertised in addition to any
+	// specified groups. Leave this field blank to advertise no custom IP
+	// ranges.
+	AdvertisedIpRanges []*RouterAdvertisedIpRange `json:"advertisedIpRanges,omitempty"`
+
 	// Asn: Local BGP Autonomous System Number (ASN). Must be an RFC6996
 	// private ASN, either 16-bit or 32-bit. The value will be fixed for
 	// this router resource. All VPN tunnels that link to this router will
 	// have the same local ASN.
 	Asn int64 `json:"asn,omitempty"`
 
-	// ForceSendFields is a list of field names (e.g. "Asn") to
+	// ForceSendFields is a list of field names (e.g. "AdvertiseMode") to
 	// unconditionally include in API requests. By default, fields with
 	// empty values are omitted from API requests. However, any non-pointer,
 	// non-interface field appearing in ForceSendFields will be sent to the
@@ -16919,10 +17253,10 @@ type RouterBgp struct {
 	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`
 
-	// NullFields is a list of field names (e.g. "Asn") to include in API
-	// requests with the JSON null value. By default, fields with empty
-	// values are omitted from API requests. However, any field with an
-	// empty value appearing in NullFields will be sent to the server as
+	// NullFields is a list of field names (e.g. "AdvertiseMode") to include
+	// in API requests with the JSON null value. By default, fields with
+	// empty values are omitted from API requests. However, any field with
+	// an empty value appearing in NullFields will be sent to the server as
 	// null. It is an error if a field in this list has a non-empty value.
 	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
@@ -16935,6 +17269,33 @@ func (s *RouterBgp) MarshalJSON() ([]byte, error) {
 }
 
 type RouterBgpPeer struct {
+	// AdvertiseMode: User-specified flag to indicate which mode to use for
+	// advertisement.
+	//
+	// Possible values:
+	//   "CUSTOM"
+	//   "DEFAULT"
+	AdvertiseMode string `json:"advertiseMode,omitempty"`
+
+	// AdvertisedGroups: User-specified list of prefix groups to advertise
+	// in custom mode. This field can only be populated if advertise_mode is
+	// CUSTOM and overrides the list defined for the router (in Bgp
+	// message). These groups will be advertised in addition to any
+	// specified prefixes. Leave this field blank to advertise no custom
+	// groups.
+	//
+	// Possible values:
+	//   "ALL_SUBNETS"
+	AdvertisedGroups []string `json:"advertisedGroups,omitempty"`
+
+	// AdvertisedIpRanges: User-specified list of individual IP ranges to
+	// advertise in custom mode. This field can only be populated if
+	// advertise_mode is CUSTOM and overrides the list defined for the
+	// router (in Bgp message). These IP ranges will be advertised in
+	// addition to any specified groups. Leave this field blank to advertise
+	// no custom IP ranges.
+	AdvertisedIpRanges []*RouterAdvertisedIpRange `json:"advertisedIpRanges,omitempty"`
+
 	// AdvertisedRoutePriority: The priority of routes advertised to this
 	// BGP peer. In the case where there is more than one matching route of
 	// maximum length, the routes with lowest priority value win.
@@ -16959,22 +17320,20 @@ type RouterBgpPeer struct {
 	// Only IPv4 is supported.
 	PeerIpAddress string `json:"peerIpAddress,omitempty"`
 
-	// ForceSendFields is a list of field names (e.g.
-	// "AdvertisedRoutePriority") to unconditionally include in API
-	// requests. By default, fields with empty values are omitted from API
-	// requests. However, any non-pointer, non-interface field appearing in
-	// ForceSendFields will be sent to the server regardless of whether the
-	// field is empty or not. This may be used to include empty fields in
-	// Patch requests.
+	// ForceSendFields is a list of field names (e.g. "AdvertiseMode") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
 	ForceSendFields []string `json:"-"`
 
-	// NullFields is a list of field names (e.g. "AdvertisedRoutePriority")
-	// to include in API requests with the JSON null value. By default,
-	// fields with empty values are omitted from API requests. However, any
-	// field with an empty value appearing in NullFields will be sent to the
-	// server as null. It is an error if a field in this list has a
-	// non-empty value. This may be used to include null fields in Patch
-	// requests.
+	// NullFields is a list of field names (e.g. "AdvertiseMode") to include
+	// in API requests with the JSON null value. By default, fields with
+	// empty values are omitted from API requests. However, any field with
+	// an empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
 	NullFields []string `json:"-"`
 }
 
@@ -17711,7 +18070,7 @@ type Snapshot struct {
 	// Name: Name of the resource; provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -17989,7 +18348,7 @@ type SslCertificate struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -18196,9 +18555,14 @@ type Subnetwork struct {
 	// resource creation time.
 	Description string `json:"description,omitempty"`
 
+	// Fingerprint: Fingerprint of this resource. A hash of the contents
+	// stored in this object. This field is used in optimistic locking. This
+	// field will be ignored when inserting a Subnetwork. An up-to-date
+	// fingerprint must be provided in order to update the Subnetwork.
+	Fingerprint string `json:"fingerprint,omitempty"`
+
 	// GatewayAddress: [Output Only] The gateway address for default routes
-	// to reach destination addresses outside this subnetwork. This field
-	// can be set only at resource creation time.
+	// to reach destination addresses outside this subnetwork.
 	GatewayAddress string `json:"gatewayAddress,omitempty"`
 
 	// Id: [Output Only] The unique identifier for the resource. This
@@ -18219,7 +18583,7 @@ type Subnetwork struct {
 	// Name: The name of the resource, provided by the client when initially
 	// creating the resource. The name must be 1-63 characters long, and
 	// comply with RFC1035. Specifically, the name must be 1-63 characters
-	// long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?
+	// long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`
 	// which means the first character must be a lowercase letter, and all
 	// following characters must be a dash, lowercase letter, or digit,
 	// except the last character, which cannot be a dash.
@@ -18933,7 +19297,7 @@ type TargetHttpProxy struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -19183,7 +19547,7 @@ type TargetHttpsProxy struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -19424,7 +19788,7 @@ type TargetInstance struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -19441,7 +19805,8 @@ type TargetInstance struct {
 	SelfLink string `json:"selfLink,omitempty"`
 
 	// Zone: [Output Only] URL of the zone where the target instance
-	// resides.
+	// resides. You must specify this field as part of the HTTP request URL.
+	// It is not settable as a field in the request body.
 	Zone string `json:"zone,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -19986,7 +20351,7 @@ type TargetPool struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -20796,7 +21161,7 @@ type TargetSslProxy struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -21088,7 +21453,7 @@ type TargetTcpProxy struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -21320,7 +21685,7 @@ type TargetVpnGateway struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -21331,7 +21696,8 @@ type TargetVpnGateway struct {
 	Network string `json:"network,omitempty"`
 
 	// Region: [Output Only] URL of the region where the target VPN gateway
-	// resides.
+	// resides. You must specify this field as part of the HTTP request URL.
+	// It is not settable as a field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// SelfLink: [Output Only] Server-defined URL for the resource.
@@ -21893,7 +22259,7 @@ type UrlMap struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -21905,8 +22271,9 @@ type UrlMap struct {
 	// SelfLink: [Output Only] Server-defined URL for the resource.
 	SelfLink string `json:"selfLink,omitempty"`
 
-	// Tests: The list of expected URL mappings. Request to update this
-	// UrlMap will succeed only if all of the test cases pass.
+	// Tests: The list of expected URL mapping tests. Request to update this
+	// UrlMap will succeed only if all of the test cases pass. You can
+	// specify a maximum of 100 tests per UrlMap.
 	Tests []*UrlMapTest `json:"tests,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -22331,7 +22698,7 @@ type VpnTunnel struct {
 	// Name: Name of the resource. Provided by the client when the resource
 	// is created. The name must be 1-63 characters long, and comply with
 	// RFC1035. Specifically, the name must be 1-63 characters long and
-	// match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means
+	// match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means
 	// the first character must be a lowercase letter, and all following
 	// characters must be a dash, lowercase letter, or digit, except the
 	// last character, which cannot be a dash.
@@ -22341,6 +22708,8 @@ type VpnTunnel struct {
 	PeerIp string `json:"peerIp,omitempty"`
 
 	// Region: [Output Only] URL of the region where the VPN tunnel resides.
+	// You must specify this field as part of the HTTP request URL. It is
+	// not settable as a field in the request body.
 	Region string `json:"region,omitempty"`
 
 	// RemoteTrafficSelector: Remote traffic selectors to use when
@@ -22379,8 +22748,9 @@ type VpnTunnel struct {
 	//   "WAITING_FOR_FULL_CONFIG"
 	Status string `json:"status,omitempty"`
 
-	// TargetVpnGateway: URL of the VPN gateway with which this VPN tunnel
-	// is associated. Provided by the client when the VPN tunnel is created.
+	// TargetVpnGateway: URL of the Target VPN gateway with which this VPN
+	// tunnel is associated. Provided by the client when the VPN tunnel is
+	// created.
 	TargetVpnGateway string `json:"targetVpnGateway,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the
@@ -32132,7 +32502,7 @@ type FirewallsUpdateCall struct {
 }
 
 // Update: Updates the specified firewall rule with the data included in
-// the request. Using PUT method, can only update following fields of
+// the request. The PUT method can only update the following fields of
 // firewall rule: allowed, description, sourceRanges, sourceTags,
 // targetTags.
 // For details, see https://cloud.google.com/compute/docs/reference/latest/firewalls/update
@@ -32250,7 +32620,7 @@ func (c *FirewallsUpdateCall) Do(opts ...googleapi.CallOption) (*Operation, erro
 	}
 	return ret, nil
 	// {
-	//   "description": "Updates the specified firewall rule with the data included in the request. Using PUT method, can only update following fields of firewall rule: allowed, description, sourceRanges, sourceTags, targetTags.",
+	//   "description": "Updates the specified firewall rule with the data included in the request. The PUT method can only update the following fields of firewall rule: allowed, description, sourceRanges, sourceTags, targetTags.",
 	//   "httpMethod": "PUT",
 	//   "id": "compute.firewalls.update",
 	//   "parameterOrder": [
@@ -44519,11 +44889,9 @@ type InstanceTemplatesDeleteCall struct {
 	header_          http.Header
 }
 
-// Delete: Deletes the specified instance template. If you delete an
-// instance template that is being referenced from another instance
-// group, the instance group will not be able to create or recreate
-// virtual machine instances. Deleting an instance template is permanent
-// and cannot be undone.
+// Delete: Deletes the specified instance template. Deleting an instance
+// template is permanent and cannot be undone. It's not possible to
+// delete templates which are in use by an instance group.
 // For details, see https://cloud.google.com/compute/docs/reference/latest/instanceTemplates/delete
 func (r *InstanceTemplatesService) Delete(project string, instanceTemplate string) *InstanceTemplatesDeleteCall {
 	c := &InstanceTemplatesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
@@ -44633,7 +45001,7 @@ func (c *InstanceTemplatesDeleteCall) Do(opts ...googleapi.CallOption) (*Operati
 	}
 	return ret, nil
 	// {
-	//   "description": "Deletes the specified instance template. If you delete an instance template that is being referenced from another instance group, the instance group will not be able to create or recreate virtual machine instances. Deleting an instance template is permanent and cannot be undone.",
+	//   "description": "Deletes the specified instance template. Deleting an instance template is permanent and cannot be undone. It's not possible to delete templates which are in use by an instance group.",
 	//   "httpMethod": "DELETE",
 	//   "id": "compute.instanceTemplates.delete",
 	//   "parameterOrder": [
@@ -47210,6 +47578,280 @@ func (c *InstancesListCall) Pages(ctx context.Context, f func(*InstanceList) err
 	}
 }
 
+// method id "compute.instances.listReferrers":
+
+type InstancesListReferrersCall struct {
+	s            *Service
+	project      string
+	zone         string
+	instance     string
+	urlParams_   gensupport.URLParams
+	ifNoneMatch_ string
+	ctx_         context.Context
+	header_      http.Header
+}
+
+// ListReferrers: Retrieves the list of referrers to instances contained
+// within the specified zone.
+func (r *InstancesService) ListReferrers(project string, zone string, instance string) *InstancesListReferrersCall {
+	c := &InstancesListReferrersCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.zone = zone
+	c.instance = instance
+	return c
+}
+
+// Filter sets the optional parameter "filter": Sets a filter
+// {expression} for filtering listed resources. Your {expression} must
+// be in the format: field_name comparison_string literal_string.
+//
+// The field_name is the name of the field you want to compare. Only
+// atomic field types are supported (string, number, boolean). The
+// comparison_string must be either eq (equals) or ne (not equals). The
+// literal_string is the string value to filter to. The literal value
+// must be valid for the type of field you are filtering by (string,
+// number, boolean). For string fields, the literal value is interpreted
+// as a regular expression using RE2 syntax. The literal value must
+// match the entire field.
+//
+// For example, to filter for instances that do not have a name of
+// example-instance, you would use name ne example-instance.
+//
+// You can filter on nested fields. For example, you could filter on
+// instances that have set the scheduling.automaticRestart field to
+// true. Use filtering on nested fields to take advantage of labels to
+// organize and search for results based on label values.
+//
+// To filter on multiple expressions, provide each separate expression
+// within parentheses. For example, (scheduling.automaticRestart eq
+// true) (zone eq us-central1-f). Multiple expressions are treated as
+// AND expressions, meaning that resources must match all expressions to
+// pass the filters.
+func (c *InstancesListReferrersCall) Filter(filter string) *InstancesListReferrersCall {
+	c.urlParams_.Set("filter", filter)
+	return c
+}
+
+// MaxResults sets the optional parameter "maxResults": The maximum
+// number of results per page that should be returned. If the number of
+// available results is larger than maxResults, Compute Engine returns a
+// nextPageToken that can be used to get the next page of results in
+// subsequent list requests. Acceptable values are 0 to 500, inclusive.
+// (Default: 500)
+func (c *InstancesListReferrersCall) MaxResults(maxResults int64) *InstancesListReferrersCall {
+	c.urlParams_.Set("maxResults", fmt.Sprint(maxResults))
+	return c
+}
+
+// OrderBy sets the optional parameter "orderBy": Sorts list results by
+// a certain order. By default, results are returned in alphanumerical
+// order based on the resource name.
+//
+// You can also sort results in descending order based on the creation
+// timestamp using orderBy="creationTimestamp desc". This sorts results
+// based on the creationTimestamp field in reverse chronological order
+// (newest result first). Use this to sort resources like operations so
+// that the newest operation is returned first.
+//
+// Currently, only sorting by name or creationTimestamp desc is
+// supported.
+func (c *InstancesListReferrersCall) OrderBy(orderBy string) *InstancesListReferrersCall {
+	c.urlParams_.Set("orderBy", orderBy)
+	return c
+}
+
+// PageToken sets the optional parameter "pageToken": Specifies a page
+// token to use. Set pageToken to the nextPageToken returned by a
+// previous list request to get the next page of results.
+func (c *InstancesListReferrersCall) PageToken(pageToken string) *InstancesListReferrersCall {
+	c.urlParams_.Set("pageToken", pageToken)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *InstancesListReferrersCall) Fields(s ...googleapi.Field) *InstancesListReferrersCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// IfNoneMatch sets the optional parameter which makes the operation
+// fail if the object's ETag matches the given value. This is useful for
+// getting updates only after the object has changed since the last
+// request. Use googleapi.IsNotModified to check whether the response
+// error from Do is the result of In-None-Match.
+func (c *InstancesListReferrersCall) IfNoneMatch(entityTag string) *InstancesListReferrersCall {
+	c.ifNoneMatch_ = entityTag
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *InstancesListReferrersCall) Context(ctx context.Context) *InstancesListReferrersCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *InstancesListReferrersCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *InstancesListReferrersCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	if c.ifNoneMatch_ != "" {
+		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
+	}
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/instances/{instance}/referrers")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("GET", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project":  c.project,
+		"zone":     c.zone,
+		"instance": c.instance,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.instances.listReferrers" call.
+// Exactly one of *InstanceListReferrers or error will be non-nil. Any
+// non-2xx status code is an error. Response headers are in either
+// *InstanceListReferrers.ServerResponse.Header or (if a response was
+// returned at all) in error.(*googleapi.Error).Header. Use
+// googleapi.IsNotModified to check whether the returned error was
+// because http.StatusNotModified was returned.
+func (c *InstancesListReferrersCall) Do(opts ...googleapi.CallOption) (*InstanceListReferrers, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &InstanceListReferrers{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Retrieves the list of referrers to instances contained within the specified zone.",
+	//   "httpMethod": "GET",
+	//   "id": "compute.instances.listReferrers",
+	//   "parameterOrder": [
+	//     "project",
+	//     "zone",
+	//     "instance"
+	//   ],
+	//   "parameters": {
+	//     "filter": {
+	//       "description": "Sets a filter {expression} for filtering listed resources. Your {expression} must be in the format: field_name comparison_string literal_string.\n\nThe field_name is the name of the field you want to compare. Only atomic field types are supported (string, number, boolean). The comparison_string must be either eq (equals) or ne (not equals). The literal_string is the string value to filter to. The literal value must be valid for the type of field you are filtering by (string, number, boolean). For string fields, the literal value is interpreted as a regular expression using RE2 syntax. The literal value must match the entire field.\n\nFor example, to filter for instances that do not have a name of example-instance, you would use name ne example-instance.\n\nYou can filter on nested fields. For example, you could filter on instances that have set the scheduling.automaticRestart field to true. Use filtering on nested fields to take advantage of labels to organize and search for results based on label values.\n\nTo filter on multiple expressions, provide each separate expression within parentheses. For example, (scheduling.automaticRestart eq true) (zone eq us-central1-f). Multiple expressions are treated as AND expressions, meaning that resources must match all expressions to pass the filters.",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "instance": {
+	//       "description": "Name of the target instance scoping this request, or '-' if the request should span over all instances in the container.",
+	//       "location": "path",
+	//       "pattern": "-|[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "maxResults": {
+	//       "default": "500",
+	//       "description": "The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)",
+	//       "format": "uint32",
+	//       "location": "query",
+	//       "minimum": "0",
+	//       "type": "integer"
+	//     },
+	//     "orderBy": {
+	//       "description": "Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name.\n\nYou can also sort results in descending order based on the creation timestamp using orderBy=\"creationTimestamp desc\". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first.\n\nCurrently, only sorting by name or creationTimestamp desc is supported.",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "pageToken": {
+	//       "description": "Specifies a page token to use. Set pageToken to the nextPageToken returned by a previous list request to get the next page of results.",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "zone": {
+	//       "description": "The name of the zone for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/zones/{zone}/instances/{instance}/referrers",
+	//   "response": {
+	//     "$ref": "InstanceListReferrers"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute",
+	//     "https://www.googleapis.com/auth/compute.readonly"
+	//   ]
+	// }
+
+}
+
+// Pages invokes f for each page of results.
+// A non-nil error returned from f will halt the iteration.
+// The provided context supersedes any context provided to the Context method.
+func (c *InstancesListReferrersCall) Pages(ctx context.Context, f func(*InstanceListReferrers) error) error {
+	c.ctx_ = ctx
+	defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point
+	for {
+		x, err := c.Do()
+		if err != nil {
+			return err
+		}
+		if err := f(x); err != nil {
+			return err
+		}
+		if x.NextPageToken == "" {
+			return nil
+		}
+		c.PageToken(x.NextPageToken)
+	}
+}
+
 // method id "compute.instances.reset":
 
 type InstancesResetCall struct {
@@ -48471,9 +49113,375 @@ func (c *InstancesSetMetadataCall) Do(opts ...googleapi.CallOption) (*Operation,
 	//       "type": "string"
 	//     }
 	//   },
-	//   "path": "{project}/zones/{zone}/instances/{instance}/setMetadata",
+	//   "path": "{project}/zones/{zone}/instances/{instance}/setMetadata",
+	//   "request": {
+	//     "$ref": "Metadata"
+	//   },
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute"
+	//   ]
+	// }
+
+}
+
+// method id "compute.instances.setMinCpuPlatform":
+
+type InstancesSetMinCpuPlatformCall struct {
+	s                                 *Service
+	project                           string
+	zone                              string
+	instance                          string
+	instancessetmincpuplatformrequest *InstancesSetMinCpuPlatformRequest
+	urlParams_                        gensupport.URLParams
+	ctx_                              context.Context
+	header_                           http.Header
+}
+
+// SetMinCpuPlatform: Changes the minimum CPU platform that this
+// instance should use. This method can only be called on a stopped
+// instance. For more information, read Specifying a Minimum CPU
+// Platform.
+func (r *InstancesService) SetMinCpuPlatform(project string, zone string, instance string, instancessetmincpuplatformrequest *InstancesSetMinCpuPlatformRequest) *InstancesSetMinCpuPlatformCall {
+	c := &InstancesSetMinCpuPlatformCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.zone = zone
+	c.instance = instance
+	c.instancessetmincpuplatformrequest = instancessetmincpuplatformrequest
+	return c
+}
+
+// RequestId sets the optional parameter "requestId": An optional
+// request ID to identify requests. Specify a unique request ID so that
+// if you must retry your request, the server will know to ignore the
+// request if it has already been completed.
+//
+// For example, consider a situation where you make an initial request
+// and the request times out. If you make the request again with the
+// same request ID, the server can check if original operation with the
+// same request ID was received, and if so, will ignore the second
+// request. This prevents clients from accidentally creating duplicate
+// commitments.
+//
+// The request ID must be a valid UUID with the exception that zero UUID
+// is not supported (00000000-0000-0000-0000-000000000000).
+func (c *InstancesSetMinCpuPlatformCall) RequestId(requestId string) *InstancesSetMinCpuPlatformCall {
+	c.urlParams_.Set("requestId", requestId)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *InstancesSetMinCpuPlatformCall) Fields(s ...googleapi.Field) *InstancesSetMinCpuPlatformCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *InstancesSetMinCpuPlatformCall) Context(ctx context.Context) *InstancesSetMinCpuPlatformCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *InstancesSetMinCpuPlatformCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *InstancesSetMinCpuPlatformCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.instancessetmincpuplatformrequest)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/instances/{instance}/setMinCpuPlatform")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project":  c.project,
+		"zone":     c.zone,
+		"instance": c.instance,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.instances.setMinCpuPlatform" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *InstancesSetMinCpuPlatformCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Changes the minimum CPU platform that this instance should use. This method can only be called on a stopped instance. For more information, read Specifying a Minimum CPU Platform.",
+	//   "httpMethod": "POST",
+	//   "id": "compute.instances.setMinCpuPlatform",
+	//   "parameterOrder": [
+	//     "project",
+	//     "zone",
+	//     "instance"
+	//   ],
+	//   "parameters": {
+	//     "instance": {
+	//       "description": "Name of the instance scoping this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "requestId": {
+	//       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "zone": {
+	//       "description": "The name of the zone for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/zones/{zone}/instances/{instance}/setMinCpuPlatform",
+	//   "request": {
+	//     "$ref": "InstancesSetMinCpuPlatformRequest"
+	//   },
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute"
+	//   ]
+	// }
+
+}
+
+// method id "compute.instances.setScheduling":
+
+type InstancesSetSchedulingCall struct {
+	s          *Service
+	project    string
+	zone       string
+	instance   string
+	scheduling *Scheduling
+	urlParams_ gensupport.URLParams
+	ctx_       context.Context
+	header_    http.Header
+}
+
+// SetScheduling: Sets an instance's scheduling options.
+// For details, see https://cloud.google.com/compute/docs/reference/latest/instances/setScheduling
+func (r *InstancesService) SetScheduling(project string, zone string, instance string, scheduling *Scheduling) *InstancesSetSchedulingCall {
+	c := &InstancesSetSchedulingCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.zone = zone
+	c.instance = instance
+	c.scheduling = scheduling
+	return c
+}
+
+// RequestId sets the optional parameter "requestId": An optional
+// request ID to identify requests. Specify a unique request ID so that
+// if you must retry your request, the server will know to ignore the
+// request if it has already been completed.
+//
+// For example, consider a situation where you make an initial request
+// and the request times out. If you make the request again with the
+// same request ID, the server can check if original operation with the
+// same request ID was received, and if so, will ignore the second
+// request. This prevents clients from accidentally creating duplicate
+// commitments.
+//
+// The request ID must be a valid UUID with the exception that zero UUID
+// is not supported (00000000-0000-0000-0000-000000000000).
+func (c *InstancesSetSchedulingCall) RequestId(requestId string) *InstancesSetSchedulingCall {
+	c.urlParams_.Set("requestId", requestId)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *InstancesSetSchedulingCall) Fields(s ...googleapi.Field) *InstancesSetSchedulingCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *InstancesSetSchedulingCall) Context(ctx context.Context) *InstancesSetSchedulingCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *InstancesSetSchedulingCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *InstancesSetSchedulingCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.scheduling)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/instances/{instance}/setScheduling")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project":  c.project,
+		"zone":     c.zone,
+		"instance": c.instance,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.instances.setScheduling" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *InstancesSetSchedulingCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Sets an instance's scheduling options.",
+	//   "httpMethod": "POST",
+	//   "id": "compute.instances.setScheduling",
+	//   "parameterOrder": [
+	//     "project",
+	//     "zone",
+	//     "instance"
+	//   ],
+	//   "parameters": {
+	//     "instance": {
+	//       "description": "Instance name.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "requestId": {
+	//       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "zone": {
+	//       "description": "The name of the zone for this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/zones/{zone}/instances/{instance}/setScheduling",
 	//   "request": {
-	//     "$ref": "Metadata"
+	//     "$ref": "Scheduling"
 	//   },
 	//   "response": {
 	//     "$ref": "Operation"
@@ -48486,29 +49494,28 @@ func (c *InstancesSetMetadataCall) Do(opts ...googleapi.CallOption) (*Operation,
 
 }
 
-// method id "compute.instances.setMinCpuPlatform":
+// method id "compute.instances.setServiceAccount":
 
-type InstancesSetMinCpuPlatformCall struct {
+type InstancesSetServiceAccountCall struct {
 	s                                 *Service
 	project                           string
 	zone                              string
 	instance                          string
-	instancessetmincpuplatformrequest *InstancesSetMinCpuPlatformRequest
+	instancessetserviceaccountrequest *InstancesSetServiceAccountRequest
 	urlParams_                        gensupport.URLParams
 	ctx_                              context.Context
 	header_                           http.Header
 }
 
-// SetMinCpuPlatform: Changes the minimum CPU platform that this
-// instance should use. This method can only be called on a stopped
-// instance. For more information, read Specifying a Minimum CPU
-// Platform.
-func (r *InstancesService) SetMinCpuPlatform(project string, zone string, instance string, instancessetmincpuplatformrequest *InstancesSetMinCpuPlatformRequest) *InstancesSetMinCpuPlatformCall {
-	c := &InstancesSetMinCpuPlatformCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+// SetServiceAccount: Sets the service account on the instance. For more
+// information, read Changing the service account and access scopes for
+// an instance.
+func (r *InstancesService) SetServiceAccount(project string, zone string, instance string, instancessetserviceaccountrequest *InstancesSetServiceAccountRequest) *InstancesSetServiceAccountCall {
+	c := &InstancesSetServiceAccountCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.project = project
 	c.zone = zone
 	c.instance = instance
-	c.instancessetmincpuplatformrequest = instancessetmincpuplatformrequest
+	c.instancessetserviceaccountrequest = instancessetserviceaccountrequest
 	return c
 }
 
@@ -48526,7 +49533,7 @@ func (r *InstancesService) SetMinCpuPlatform(project string, zone string, instan
 //
 // The request ID must be a valid UUID with the exception that zero UUID
 // is not supported (00000000-0000-0000-0000-000000000000).
-func (c *InstancesSetMinCpuPlatformCall) RequestId(requestId string) *InstancesSetMinCpuPlatformCall {
+func (c *InstancesSetServiceAccountCall) RequestId(requestId string) *InstancesSetServiceAccountCall {
 	c.urlParams_.Set("requestId", requestId)
 	return c
 }
@@ -48534,7 +49541,7 @@ func (c *InstancesSetMinCpuPlatformCall) RequestId(requestId string) *InstancesS
 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
-func (c *InstancesSetMinCpuPlatformCall) Fields(s ...googleapi.Field) *InstancesSetMinCpuPlatformCall {
+func (c *InstancesSetServiceAccountCall) Fields(s ...googleapi.Field) *InstancesSetServiceAccountCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }
@@ -48542,34 +49549,34 @@ func (c *InstancesSetMinCpuPlatformCall) Fields(s ...googleapi.Field) *Instances
 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
-func (c *InstancesSetMinCpuPlatformCall) Context(ctx context.Context) *InstancesSetMinCpuPlatformCall {
+func (c *InstancesSetServiceAccountCall) Context(ctx context.Context) *InstancesSetServiceAccountCall {
 	c.ctx_ = ctx
 	return c
 }
 
 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
-func (c *InstancesSetMinCpuPlatformCall) Header() http.Header {
+func (c *InstancesSetServiceAccountCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }
 
-func (c *InstancesSetMinCpuPlatformCall) doRequest(alt string) (*http.Response, error) {
+func (c *InstancesSetServiceAccountCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
-	body, err := googleapi.WithoutDataWrapper.JSONReader(c.instancessetmincpuplatformrequest)
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.instancessetserviceaccountrequest)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
-	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/instances/{instance}/setMinCpuPlatform")
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/instances/{instance}/setServiceAccount")
 	urls += "?" + c.urlParams_.Encode()
 	req, _ := http.NewRequest("POST", urls, body)
 	req.Header = reqHeaders
@@ -48581,14 +49588,14 @@ func (c *InstancesSetMinCpuPlatformCall) doRequest(alt string) (*http.Response,
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }
 
-// Do executes the "compute.instances.setMinCpuPlatform" call.
+// Do executes the "compute.instances.setServiceAccount" call.
 // Exactly one of *Operation or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Operation.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
-func (c *InstancesSetMinCpuPlatformCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+func (c *InstancesSetServiceAccountCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
@@ -48619,9 +49626,9 @@ func (c *InstancesSetMinCpuPlatformCall) Do(opts ...googleapi.CallOption) (*Oper
 	}
 	return ret, nil
 	// {
-	//   "description": "Changes the minimum CPU platform that this instance should use. This method can only be called on a stopped instance. For more information, read Specifying a Minimum CPU Platform.",
+	//   "description": "Sets the service account on the instance. For more information, read Changing the service account and access scopes for an instance.",
 	//   "httpMethod": "POST",
-	//   "id": "compute.instances.setMinCpuPlatform",
+	//   "id": "compute.instances.setServiceAccount",
 	//   "parameterOrder": [
 	//     "project",
 	//     "zone",
@@ -48629,7 +49636,7 @@ func (c *InstancesSetMinCpuPlatformCall) Do(opts ...googleapi.CallOption) (*Oper
 	//   ],
 	//   "parameters": {
 	//     "instance": {
-	//       "description": "Name of the instance scoping this request.",
+	//       "description": "Name of the instance resource to start.",
 	//       "location": "path",
 	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
 	//       "required": true,
@@ -48655,9 +49662,9 @@ func (c *InstancesSetMinCpuPlatformCall) Do(opts ...googleapi.CallOption) (*Oper
 	//       "type": "string"
 	//     }
 	//   },
-	//   "path": "{project}/zones/{zone}/instances/{instance}/setMinCpuPlatform",
+	//   "path": "{project}/zones/{zone}/instances/{instance}/setServiceAccount",
 	//   "request": {
-	//     "$ref": "InstancesSetMinCpuPlatformRequest"
+	//     "$ref": "InstancesSetServiceAccountRequest"
 	//   },
 	//   "response": {
 	//     "$ref": "Operation"
@@ -48670,27 +49677,28 @@ func (c *InstancesSetMinCpuPlatformCall) Do(opts ...googleapi.CallOption) (*Oper
 
 }
 
-// method id "compute.instances.setScheduling":
+// method id "compute.instances.setTags":
 
-type InstancesSetSchedulingCall struct {
+type InstancesSetTagsCall struct {
 	s          *Service
 	project    string
 	zone       string
 	instance   string
-	scheduling *Scheduling
+	tags       *Tags
 	urlParams_ gensupport.URLParams
 	ctx_       context.Context
 	header_    http.Header
 }
 
-// SetScheduling: Sets an instance's scheduling options.
-// For details, see https://cloud.google.com/compute/docs/reference/latest/instances/setScheduling
-func (r *InstancesService) SetScheduling(project string, zone string, instance string, scheduling *Scheduling) *InstancesSetSchedulingCall {
-	c := &InstancesSetSchedulingCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+// SetTags: Sets tags for the specified instance to the data included in
+// the request.
+// For details, see https://cloud.google.com/compute/docs/reference/latest/instances/setTags
+func (r *InstancesService) SetTags(project string, zone string, instance string, tags *Tags) *InstancesSetTagsCall {
+	c := &InstancesSetTagsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.project = project
 	c.zone = zone
 	c.instance = instance
-	c.scheduling = scheduling
+	c.tags = tags
 	return c
 }
 
@@ -48708,7 +49716,7 @@ func (r *InstancesService) SetScheduling(project string, zone string, instance s
 //
 // The request ID must be a valid UUID with the exception that zero UUID
 // is not supported (00000000-0000-0000-0000-000000000000).
-func (c *InstancesSetSchedulingCall) RequestId(requestId string) *InstancesSetSchedulingCall {
+func (c *InstancesSetTagsCall) RequestId(requestId string) *InstancesSetTagsCall {
 	c.urlParams_.Set("requestId", requestId)
 	return c
 }
@@ -48716,7 +49724,7 @@ func (c *InstancesSetSchedulingCall) RequestId(requestId string) *InstancesSetSc
 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
-func (c *InstancesSetSchedulingCall) Fields(s ...googleapi.Field) *InstancesSetSchedulingCall {
+func (c *InstancesSetTagsCall) Fields(s ...googleapi.Field) *InstancesSetTagsCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }
@@ -48724,34 +49732,34 @@ func (c *InstancesSetSchedulingCall) Fields(s ...googleapi.Field) *InstancesSetS
 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
-func (c *InstancesSetSchedulingCall) Context(ctx context.Context) *InstancesSetSchedulingCall {
+func (c *InstancesSetTagsCall) Context(ctx context.Context) *InstancesSetTagsCall {
 	c.ctx_ = ctx
 	return c
 }
 
 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
-func (c *InstancesSetSchedulingCall) Header() http.Header {
+func (c *InstancesSetTagsCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }
 
-func (c *InstancesSetSchedulingCall) doRequest(alt string) (*http.Response, error) {
+func (c *InstancesSetTagsCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
-	body, err := googleapi.WithoutDataWrapper.JSONReader(c.scheduling)
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.tags)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
-	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/instances/{instance}/setScheduling")
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/instances/{instance}/setTags")
 	urls += "?" + c.urlParams_.Encode()
 	req, _ := http.NewRequest("POST", urls, body)
 	req.Header = reqHeaders
@@ -48763,14 +49771,14 @@ func (c *InstancesSetSchedulingCall) doRequest(alt string) (*http.Response, erro
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }
 
-// Do executes the "compute.instances.setScheduling" call.
+// Do executes the "compute.instances.setTags" call.
 // Exactly one of *Operation or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Operation.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
-func (c *InstancesSetSchedulingCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+func (c *InstancesSetTagsCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
@@ -48801,9 +49809,9 @@ func (c *InstancesSetSchedulingCall) Do(opts ...googleapi.CallOption) (*Operatio
 	}
 	return ret, nil
 	// {
-	//   "description": "Sets an instance's scheduling options.",
+	//   "description": "Sets tags for the specified instance to the data included in the request.",
 	//   "httpMethod": "POST",
-	//   "id": "compute.instances.setScheduling",
+	//   "id": "compute.instances.setTags",
 	//   "parameterOrder": [
 	//     "project",
 	//     "zone",
@@ -48811,7 +49819,7 @@ func (c *InstancesSetSchedulingCall) Do(opts ...googleapi.CallOption) (*Operatio
 	//   ],
 	//   "parameters": {
 	//     "instance": {
-	//       "description": "Instance name.",
+	//       "description": "Name of the instance scoping this request.",
 	//       "location": "path",
 	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
 	//       "required": true,
@@ -48837,9 +49845,9 @@ func (c *InstancesSetSchedulingCall) Do(opts ...googleapi.CallOption) (*Operatio
 	//       "type": "string"
 	//     }
 	//   },
-	//   "path": "{project}/zones/{zone}/instances/{instance}/setScheduling",
+	//   "path": "{project}/zones/{zone}/instances/{instance}/setTags",
 	//   "request": {
-	//     "$ref": "Scheduling"
+	//     "$ref": "Tags"
 	//   },
 	//   "response": {
 	//     "$ref": "Operation"
@@ -48852,28 +49860,27 @@ func (c *InstancesSetSchedulingCall) Do(opts ...googleapi.CallOption) (*Operatio
 
 }
 
-// method id "compute.instances.setServiceAccount":
+// method id "compute.instances.start":
 
-type InstancesSetServiceAccountCall struct {
-	s                                 *Service
-	project                           string
-	zone                              string
-	instance                          string
-	instancessetserviceaccountrequest *InstancesSetServiceAccountRequest
-	urlParams_                        gensupport.URLParams
-	ctx_                              context.Context
-	header_                           http.Header
+type InstancesStartCall struct {
+	s          *Service
+	project    string
+	zone       string
+	instance   string
+	urlParams_ gensupport.URLParams
+	ctx_       context.Context
+	header_    http.Header
 }
 
-// SetServiceAccount: Sets the service account on the instance. For more
-// information, read Changing the service account and access scopes for
-// an instance.
-func (r *InstancesService) SetServiceAccount(project string, zone string, instance string, instancessetserviceaccountrequest *InstancesSetServiceAccountRequest) *InstancesSetServiceAccountCall {
-	c := &InstancesSetServiceAccountCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+// Start: Starts an instance that was stopped using the using the
+// instances().stop method. For more information, see Restart an
+// instance.
+// For details, see https://cloud.google.com/compute/docs/reference/latest/instances/start
+func (r *InstancesService) Start(project string, zone string, instance string) *InstancesStartCall {
+	c := &InstancesStartCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.project = project
 	c.zone = zone
 	c.instance = instance
-	c.instancessetserviceaccountrequest = instancessetserviceaccountrequest
 	return c
 }
 
@@ -48891,7 +49898,7 @@ func (r *InstancesService) SetServiceAccount(project string, zone string, instan
 //
 // The request ID must be a valid UUID with the exception that zero UUID
 // is not supported (00000000-0000-0000-0000-000000000000).
-func (c *InstancesSetServiceAccountCall) RequestId(requestId string) *InstancesSetServiceAccountCall {
+func (c *InstancesStartCall) RequestId(requestId string) *InstancesStartCall {
 	c.urlParams_.Set("requestId", requestId)
 	return c
 }
@@ -48899,7 +49906,7 @@ func (c *InstancesSetServiceAccountCall) RequestId(requestId string) *InstancesS
 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
-func (c *InstancesSetServiceAccountCall) Fields(s ...googleapi.Field) *InstancesSetServiceAccountCall {
+func (c *InstancesStartCall) Fields(s ...googleapi.Field) *InstancesStartCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }
@@ -48907,34 +49914,29 @@ func (c *InstancesSetServiceAccountCall) Fields(s ...googleapi.Field) *Instances
 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
-func (c *InstancesSetServiceAccountCall) Context(ctx context.Context) *InstancesSetServiceAccountCall {
+func (c *InstancesStartCall) Context(ctx context.Context) *InstancesStartCall {
 	c.ctx_ = ctx
 	return c
 }
 
 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
-func (c *InstancesSetServiceAccountCall) Header() http.Header {
+func (c *InstancesStartCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }
 
-func (c *InstancesSetServiceAccountCall) doRequest(alt string) (*http.Response, error) {
+func (c *InstancesStartCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
-	body, err := googleapi.WithoutDataWrapper.JSONReader(c.instancessetserviceaccountrequest)
-	if err != nil {
-		return nil, err
-	}
-	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
-	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/instances/{instance}/setServiceAccount")
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/instances/{instance}/start")
 	urls += "?" + c.urlParams_.Encode()
 	req, _ := http.NewRequest("POST", urls, body)
 	req.Header = reqHeaders
@@ -48946,14 +49948,14 @@ func (c *InstancesSetServiceAccountCall) doRequest(alt string) (*http.Response,
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }
 
-// Do executes the "compute.instances.setServiceAccount" call.
+// Do executes the "compute.instances.start" call.
 // Exactly one of *Operation or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Operation.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
-func (c *InstancesSetServiceAccountCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+func (c *InstancesStartCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
@@ -48984,9 +49986,9 @@ func (c *InstancesSetServiceAccountCall) Do(opts ...googleapi.CallOption) (*Oper
 	}
 	return ret, nil
 	// {
-	//   "description": "Sets the service account on the instance. For more information, read Changing the service account and access scopes for an instance.",
+	//   "description": "Starts an instance that was stopped using the using the instances().stop method. For more information, see Restart an instance.",
 	//   "httpMethod": "POST",
-	//   "id": "compute.instances.setServiceAccount",
+	//   "id": "compute.instances.start",
 	//   "parameterOrder": [
 	//     "project",
 	//     "zone",
@@ -49020,10 +50022,7 @@ func (c *InstancesSetServiceAccountCall) Do(opts ...googleapi.CallOption) (*Oper
 	//       "type": "string"
 	//     }
 	//   },
-	//   "path": "{project}/zones/{zone}/instances/{instance}/setServiceAccount",
-	//   "request": {
-	//     "$ref": "InstancesSetServiceAccountRequest"
-	//   },
+	//   "path": "{project}/zones/{zone}/instances/{instance}/start",
 	//   "response": {
 	//     "$ref": "Operation"
 	//   },
@@ -49035,28 +50034,28 @@ func (c *InstancesSetServiceAccountCall) Do(opts ...googleapi.CallOption) (*Oper
 
 }
 
-// method id "compute.instances.setTags":
+// method id "compute.instances.startWithEncryptionKey":
 
-type InstancesSetTagsCall struct {
-	s          *Service
-	project    string
-	zone       string
-	instance   string
-	tags       *Tags
-	urlParams_ gensupport.URLParams
-	ctx_       context.Context
-	header_    http.Header
+type InstancesStartWithEncryptionKeyCall struct {
+	s                                      *Service
+	project                                string
+	zone                                   string
+	instance                               string
+	instancesstartwithencryptionkeyrequest *InstancesStartWithEncryptionKeyRequest
+	urlParams_                             gensupport.URLParams
+	ctx_                                   context.Context
+	header_                                http.Header
 }
 
-// SetTags: Sets tags for the specified instance to the data included in
-// the request.
-// For details, see https://cloud.google.com/compute/docs/reference/latest/instances/setTags
-func (r *InstancesService) SetTags(project string, zone string, instance string, tags *Tags) *InstancesSetTagsCall {
-	c := &InstancesSetTagsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+// StartWithEncryptionKey: Starts an instance that was stopped using the
+// using the instances().stop method. For more information, see Restart
+// an instance.
+func (r *InstancesService) StartWithEncryptionKey(project string, zone string, instance string, instancesstartwithencryptionkeyrequest *InstancesStartWithEncryptionKeyRequest) *InstancesStartWithEncryptionKeyCall {
+	c := &InstancesStartWithEncryptionKeyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.project = project
 	c.zone = zone
 	c.instance = instance
-	c.tags = tags
+	c.instancesstartwithencryptionkeyrequest = instancesstartwithencryptionkeyrequest
 	return c
 }
 
@@ -49074,7 +50073,7 @@ func (r *InstancesService) SetTags(project string, zone string, instance string,
 //
 // The request ID must be a valid UUID with the exception that zero UUID
 // is not supported (00000000-0000-0000-0000-000000000000).
-func (c *InstancesSetTagsCall) RequestId(requestId string) *InstancesSetTagsCall {
+func (c *InstancesStartWithEncryptionKeyCall) RequestId(requestId string) *InstancesStartWithEncryptionKeyCall {
 	c.urlParams_.Set("requestId", requestId)
 	return c
 }
@@ -49082,7 +50081,7 @@ func (c *InstancesSetTagsCall) RequestId(requestId string) *InstancesSetTagsCall
 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
-func (c *InstancesSetTagsCall) Fields(s ...googleapi.Field) *InstancesSetTagsCall {
+func (c *InstancesStartWithEncryptionKeyCall) Fields(s ...googleapi.Field) *InstancesStartWithEncryptionKeyCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }
@@ -49090,34 +50089,34 @@ func (c *InstancesSetTagsCall) Fields(s ...googleapi.Field) *InstancesSetTagsCal
 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
-func (c *InstancesSetTagsCall) Context(ctx context.Context) *InstancesSetTagsCall {
+func (c *InstancesStartWithEncryptionKeyCall) Context(ctx context.Context) *InstancesStartWithEncryptionKeyCall {
 	c.ctx_ = ctx
 	return c
 }
 
 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
-func (c *InstancesSetTagsCall) Header() http.Header {
+func (c *InstancesStartWithEncryptionKeyCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }
 
-func (c *InstancesSetTagsCall) doRequest(alt string) (*http.Response, error) {
+func (c *InstancesStartWithEncryptionKeyCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
-	body, err := googleapi.WithoutDataWrapper.JSONReader(c.tags)
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.instancesstartwithencryptionkeyrequest)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
-	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/instances/{instance}/setTags")
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/instances/{instance}/startWithEncryptionKey")
 	urls += "?" + c.urlParams_.Encode()
 	req, _ := http.NewRequest("POST", urls, body)
 	req.Header = reqHeaders
@@ -49129,14 +50128,14 @@ func (c *InstancesSetTagsCall) doRequest(alt string) (*http.Response, error) {
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }
 
-// Do executes the "compute.instances.setTags" call.
+// Do executes the "compute.instances.startWithEncryptionKey" call.
 // Exactly one of *Operation or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Operation.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
-func (c *InstancesSetTagsCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+func (c *InstancesStartWithEncryptionKeyCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
@@ -49167,9 +50166,9 @@ func (c *InstancesSetTagsCall) Do(opts ...googleapi.CallOption) (*Operation, err
 	}
 	return ret, nil
 	// {
-	//   "description": "Sets tags for the specified instance to the data included in the request.",
+	//   "description": "Starts an instance that was stopped using the using the instances().stop method. For more information, see Restart an instance.",
 	//   "httpMethod": "POST",
-	//   "id": "compute.instances.setTags",
+	//   "id": "compute.instances.startWithEncryptionKey",
 	//   "parameterOrder": [
 	//     "project",
 	//     "zone",
@@ -49177,7 +50176,7 @@ func (c *InstancesSetTagsCall) Do(opts ...googleapi.CallOption) (*Operation, err
 	//   ],
 	//   "parameters": {
 	//     "instance": {
-	//       "description": "Name of the instance scoping this request.",
+	//       "description": "Name of the instance resource to start.",
 	//       "location": "path",
 	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
 	//       "required": true,
@@ -49203,9 +50202,9 @@ func (c *InstancesSetTagsCall) Do(opts ...googleapi.CallOption) (*Operation, err
 	//       "type": "string"
 	//     }
 	//   },
-	//   "path": "{project}/zones/{zone}/instances/{instance}/setTags",
+	//   "path": "{project}/zones/{zone}/instances/{instance}/startWithEncryptionKey",
 	//   "request": {
-	//     "$ref": "Tags"
+	//     "$ref": "InstancesStartWithEncryptionKeyRequest"
 	//   },
 	//   "response": {
 	//     "$ref": "Operation"
@@ -49218,9 +50217,9 @@ func (c *InstancesSetTagsCall) Do(opts ...googleapi.CallOption) (*Operation, err
 
 }
 
-// method id "compute.instances.start":
+// method id "compute.instances.stop":
 
-type InstancesStartCall struct {
+type InstancesStopCall struct {
 	s          *Service
 	project    string
 	zone       string
@@ -49230,12 +50229,15 @@ type InstancesStartCall struct {
 	header_    http.Header
 }
 
-// Start: Starts an instance that was stopped using the using the
-// instances().stop method. For more information, see Restart an
-// instance.
-// For details, see https://cloud.google.com/compute/docs/reference/latest/instances/start
-func (r *InstancesService) Start(project string, zone string, instance string) *InstancesStartCall {
-	c := &InstancesStartCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+// Stop: Stops a running instance, shutting it down cleanly, and allows
+// you to restart the instance at a later time. Stopped instances do not
+// incur VM usage charges while they are stopped. However, resources
+// that the VM is using, such as persistent disks and static IP
+// addresses, will continue to be charged until they are deleted. For
+// more information, see Stopping an instance.
+// For details, see https://cloud.google.com/compute/docs/reference/latest/instances/stop
+func (r *InstancesService) Stop(project string, zone string, instance string) *InstancesStopCall {
+	c := &InstancesStopCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.project = project
 	c.zone = zone
 	c.instance = instance
@@ -49256,7 +50258,7 @@ func (r *InstancesService) Start(project string, zone string, instance string) *
 //
 // The request ID must be a valid UUID with the exception that zero UUID
 // is not supported (00000000-0000-0000-0000-000000000000).
-func (c *InstancesStartCall) RequestId(requestId string) *InstancesStartCall {
+func (c *InstancesStopCall) RequestId(requestId string) *InstancesStopCall {
 	c.urlParams_.Set("requestId", requestId)
 	return c
 }
@@ -49264,7 +50266,7 @@ func (c *InstancesStartCall) RequestId(requestId string) *InstancesStartCall {
 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
-func (c *InstancesStartCall) Fields(s ...googleapi.Field) *InstancesStartCall {
+func (c *InstancesStopCall) Fields(s ...googleapi.Field) *InstancesStopCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }
@@ -49272,21 +50274,21 @@ func (c *InstancesStartCall) Fields(s ...googleapi.Field) *InstancesStartCall {
 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
-func (c *InstancesStartCall) Context(ctx context.Context) *InstancesStartCall {
+func (c *InstancesStopCall) Context(ctx context.Context) *InstancesStopCall {
 	c.ctx_ = ctx
 	return c
 }
 
 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
-func (c *InstancesStartCall) Header() http.Header {
+func (c *InstancesStopCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }
 
-func (c *InstancesStartCall) doRequest(alt string) (*http.Response, error) {
+func (c *InstancesStopCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
@@ -49294,7 +50296,7 @@ func (c *InstancesStartCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
 	c.urlParams_.Set("alt", alt)
-	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/instances/{instance}/start")
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/instances/{instance}/stop")
 	urls += "?" + c.urlParams_.Encode()
 	req, _ := http.NewRequest("POST", urls, body)
 	req.Header = reqHeaders
@@ -49306,14 +50308,14 @@ func (c *InstancesStartCall) doRequest(alt string) (*http.Response, error) {
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }
 
-// Do executes the "compute.instances.start" call.
+// Do executes the "compute.instances.stop" call.
 // Exactly one of *Operation or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Operation.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
-func (c *InstancesStartCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+func (c *InstancesStopCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
@@ -49344,9 +50346,9 @@ func (c *InstancesStartCall) Do(opts ...googleapi.CallOption) (*Operation, error
 	}
 	return ret, nil
 	// {
-	//   "description": "Starts an instance that was stopped using the using the instances().stop method. For more information, see Restart an instance.",
+	//   "description": "Stops a running instance, shutting it down cleanly, and allows you to restart the instance at a later time. Stopped instances do not incur VM usage charges while they are stopped. However, resources that the VM is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted. For more information, see Stopping an instance.",
 	//   "httpMethod": "POST",
-	//   "id": "compute.instances.start",
+	//   "id": "compute.instances.stop",
 	//   "parameterOrder": [
 	//     "project",
 	//     "zone",
@@ -49354,7 +50356,7 @@ func (c *InstancesStartCall) Do(opts ...googleapi.CallOption) (*Operation, error
 	//   ],
 	//   "parameters": {
 	//     "instance": {
-	//       "description": "Name of the instance resource to start.",
+	//       "description": "Name of the instance resource to stop.",
 	//       "location": "path",
 	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
 	//       "required": true,
@@ -49380,7 +50382,7 @@ func (c *InstancesStartCall) Do(opts ...googleapi.CallOption) (*Operation, error
 	//       "type": "string"
 	//     }
 	//   },
-	//   "path": "{project}/zones/{zone}/instances/{instance}/start",
+	//   "path": "{project}/zones/{zone}/instances/{instance}/stop",
 	//   "response": {
 	//     "$ref": "Operation"
 	//   },
@@ -49392,28 +50394,30 @@ func (c *InstancesStartCall) Do(opts ...googleapi.CallOption) (*Operation, error
 
 }
 
-// method id "compute.instances.startWithEncryptionKey":
+// method id "compute.instances.updateAccessConfig":
 
-type InstancesStartWithEncryptionKeyCall struct {
-	s                                      *Service
-	project                                string
-	zone                                   string
-	instance                               string
-	instancesstartwithencryptionkeyrequest *InstancesStartWithEncryptionKeyRequest
-	urlParams_                             gensupport.URLParams
-	ctx_                                   context.Context
-	header_                                http.Header
+type InstancesUpdateAccessConfigCall struct {
+	s            *Service
+	project      string
+	zone         string
+	instance     string
+	accessconfig *AccessConfig
+	urlParams_   gensupport.URLParams
+	ctx_         context.Context
+	header_      http.Header
 }
 
-// StartWithEncryptionKey: Starts an instance that was stopped using the
-// using the instances().stop method. For more information, see Restart
-// an instance.
-func (r *InstancesService) StartWithEncryptionKey(project string, zone string, instance string, instancesstartwithencryptionkeyrequest *InstancesStartWithEncryptionKeyRequest) *InstancesStartWithEncryptionKeyCall {
-	c := &InstancesStartWithEncryptionKeyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+// UpdateAccessConfig: Updates the specified access config from an
+// instance's network interface with the data included in the request.
+// This method supports PATCH semantics and uses the JSON merge patch
+// format and processing rules.
+func (r *InstancesService) UpdateAccessConfig(project string, zone string, instance string, networkInterface string, accessconfig *AccessConfig) *InstancesUpdateAccessConfigCall {
+	c := &InstancesUpdateAccessConfigCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.project = project
 	c.zone = zone
 	c.instance = instance
-	c.instancesstartwithencryptionkeyrequest = instancesstartwithencryptionkeyrequest
+	c.urlParams_.Set("networkInterface", networkInterface)
+	c.accessconfig = accessconfig
 	return c
 }
 
@@ -49431,7 +50435,7 @@ func (r *InstancesService) StartWithEncryptionKey(project string, zone string, i
 //
 // The request ID must be a valid UUID with the exception that zero UUID
 // is not supported (00000000-0000-0000-0000-000000000000).
-func (c *InstancesStartWithEncryptionKeyCall) RequestId(requestId string) *InstancesStartWithEncryptionKeyCall {
+func (c *InstancesUpdateAccessConfigCall) RequestId(requestId string) *InstancesUpdateAccessConfigCall {
 	c.urlParams_.Set("requestId", requestId)
 	return c
 }
@@ -49439,7 +50443,7 @@ func (c *InstancesStartWithEncryptionKeyCall) RequestId(requestId string) *Insta
 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
-func (c *InstancesStartWithEncryptionKeyCall) Fields(s ...googleapi.Field) *InstancesStartWithEncryptionKeyCall {
+func (c *InstancesUpdateAccessConfigCall) Fields(s ...googleapi.Field) *InstancesUpdateAccessConfigCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }
@@ -49447,34 +50451,34 @@ func (c *InstancesStartWithEncryptionKeyCall) Fields(s ...googleapi.Field) *Inst
 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
-func (c *InstancesStartWithEncryptionKeyCall) Context(ctx context.Context) *InstancesStartWithEncryptionKeyCall {
+func (c *InstancesUpdateAccessConfigCall) Context(ctx context.Context) *InstancesUpdateAccessConfigCall {
 	c.ctx_ = ctx
 	return c
 }
 
 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
-func (c *InstancesStartWithEncryptionKeyCall) Header() http.Header {
+func (c *InstancesUpdateAccessConfigCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }
 
-func (c *InstancesStartWithEncryptionKeyCall) doRequest(alt string) (*http.Response, error) {
+func (c *InstancesUpdateAccessConfigCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
-	body, err := googleapi.WithoutDataWrapper.JSONReader(c.instancesstartwithencryptionkeyrequest)
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.accessconfig)
 	if err != nil {
 		return nil, err
 	}
 	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
-	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/instances/{instance}/startWithEncryptionKey")
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/instances/{instance}/updateAccessConfig")
 	urls += "?" + c.urlParams_.Encode()
 	req, _ := http.NewRequest("POST", urls, body)
 	req.Header = reqHeaders
@@ -49486,14 +50490,14 @@ func (c *InstancesStartWithEncryptionKeyCall) doRequest(alt string) (*http.Respo
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }
 
-// Do executes the "compute.instances.startWithEncryptionKey" call.
+// Do executes the "compute.instances.updateAccessConfig" call.
 // Exactly one of *Operation or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Operation.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
-func (c *InstancesStartWithEncryptionKeyCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+func (c *InstancesUpdateAccessConfigCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
@@ -49524,22 +50528,29 @@ func (c *InstancesStartWithEncryptionKeyCall) Do(opts ...googleapi.CallOption) (
 	}
 	return ret, nil
 	// {
-	//   "description": "Starts an instance that was stopped using the using the instances().stop method. For more information, see Restart an instance.",
+	//   "description": "Updates the specified access config from an instance's network interface with the data included in the request. This method supports PATCH semantics and uses the JSON merge patch format and processing rules.",
 	//   "httpMethod": "POST",
-	//   "id": "compute.instances.startWithEncryptionKey",
+	//   "id": "compute.instances.updateAccessConfig",
 	//   "parameterOrder": [
 	//     "project",
 	//     "zone",
-	//     "instance"
+	//     "instance",
+	//     "networkInterface"
 	//   ],
 	//   "parameters": {
 	//     "instance": {
-	//       "description": "Name of the instance resource to start.",
+	//       "description": "The instance name for this request.",
 	//       "location": "path",
 	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
 	//       "required": true,
 	//       "type": "string"
 	//     },
+	//     "networkInterface": {
+	//       "description": "The name of the network interface where the access config is attached.",
+	//       "location": "query",
+	//       "required": true,
+	//       "type": "string"
+	//     },
 	//     "project": {
 	//       "description": "Project ID for this request.",
 	//       "location": "path",
@@ -49560,9 +50571,9 @@ func (c *InstancesStartWithEncryptionKeyCall) Do(opts ...googleapi.CallOption) (
 	//       "type": "string"
 	//     }
 	//   },
-	//   "path": "{project}/zones/{zone}/instances/{instance}/startWithEncryptionKey",
+	//   "path": "{project}/zones/{zone}/instances/{instance}/updateAccessConfig",
 	//   "request": {
-	//     "$ref": "InstancesStartWithEncryptionKeyRequest"
+	//     "$ref": "AccessConfig"
 	//   },
 	//   "response": {
 	//     "$ref": "Operation"
@@ -49575,30 +50586,28 @@ func (c *InstancesStartWithEncryptionKeyCall) Do(opts ...googleapi.CallOption) (
 
 }
 
-// method id "compute.instances.stop":
+// method id "compute.instances.updateNetworkInterface":
 
-type InstancesStopCall struct {
-	s          *Service
-	project    string
-	zone       string
-	instance   string
-	urlParams_ gensupport.URLParams
-	ctx_       context.Context
-	header_    http.Header
+type InstancesUpdateNetworkInterfaceCall struct {
+	s                *Service
+	project          string
+	zone             string
+	instance         string
+	networkinterface *NetworkInterface
+	urlParams_       gensupport.URLParams
+	ctx_             context.Context
+	header_          http.Header
 }
 
-// Stop: Stops a running instance, shutting it down cleanly, and allows
-// you to restart the instance at a later time. Stopped instances do not
-// incur VM usage charges while they are stopped. However, resources
-// that the VM is using, such as persistent disks and static IP
-// addresses, will continue to be charged until they are deleted. For
-// more information, see Stopping an instance.
-// For details, see https://cloud.google.com/compute/docs/reference/latest/instances/stop
-func (r *InstancesService) Stop(project string, zone string, instance string) *InstancesStopCall {
-	c := &InstancesStopCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+// UpdateNetworkInterface: Updates an instance's network interface. This
+// method follows PATCH semantics.
+func (r *InstancesService) UpdateNetworkInterface(project string, zone string, instance string, networkInterface string, networkinterface *NetworkInterface) *InstancesUpdateNetworkInterfaceCall {
+	c := &InstancesUpdateNetworkInterfaceCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 	c.project = project
 	c.zone = zone
 	c.instance = instance
+	c.urlParams_.Set("networkInterface", networkInterface)
+	c.networkinterface = networkinterface
 	return c
 }
 
@@ -49616,7 +50625,7 @@ func (r *InstancesService) Stop(project string, zone string, instance string) *I
 //
 // The request ID must be a valid UUID with the exception that zero UUID
 // is not supported (00000000-0000-0000-0000-000000000000).
-func (c *InstancesStopCall) RequestId(requestId string) *InstancesStopCall {
+func (c *InstancesUpdateNetworkInterfaceCall) RequestId(requestId string) *InstancesUpdateNetworkInterfaceCall {
 	c.urlParams_.Set("requestId", requestId)
 	return c
 }
@@ -49624,7 +50633,7 @@ func (c *InstancesStopCall) RequestId(requestId string) *InstancesStopCall {
 // Fields allows partial responses to be retrieved. See
 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
 // for more information.
-func (c *InstancesStopCall) Fields(s ...googleapi.Field) *InstancesStopCall {
+func (c *InstancesUpdateNetworkInterfaceCall) Fields(s ...googleapi.Field) *InstancesUpdateNetworkInterfaceCall {
 	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 	return c
 }
@@ -49632,31 +50641,36 @@ func (c *InstancesStopCall) Fields(s ...googleapi.Field) *InstancesStopCall {
 // Context sets the context to be used in this call's Do method. Any
 // pending HTTP request will be aborted if the provided context is
 // canceled.
-func (c *InstancesStopCall) Context(ctx context.Context) *InstancesStopCall {
+func (c *InstancesUpdateNetworkInterfaceCall) Context(ctx context.Context) *InstancesUpdateNetworkInterfaceCall {
 	c.ctx_ = ctx
 	return c
 }
 
 // Header returns an http.Header that can be modified by the caller to
 // add HTTP headers to the request.
-func (c *InstancesStopCall) Header() http.Header {
+func (c *InstancesUpdateNetworkInterfaceCall) Header() http.Header {
 	if c.header_ == nil {
 		c.header_ = make(http.Header)
 	}
 	return c.header_
 }
 
-func (c *InstancesStopCall) doRequest(alt string) (*http.Response, error) {
+func (c *InstancesUpdateNetworkInterfaceCall) doRequest(alt string) (*http.Response, error) {
 	reqHeaders := make(http.Header)
 	for k, v := range c.header_ {
 		reqHeaders[k] = v
 	}
 	reqHeaders.Set("User-Agent", c.s.userAgent())
 	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.networkinterface)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
 	c.urlParams_.Set("alt", alt)
-	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/instances/{instance}/stop")
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/zones/{zone}/instances/{instance}/updateNetworkInterface")
 	urls += "?" + c.urlParams_.Encode()
-	req, _ := http.NewRequest("POST", urls, body)
+	req, _ := http.NewRequest("PATCH", urls, body)
 	req.Header = reqHeaders
 	googleapi.Expand(req.URL, map[string]string{
 		"project":  c.project,
@@ -49666,14 +50680,14 @@ func (c *InstancesStopCall) doRequest(alt string) (*http.Response, error) {
 	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 }
 
-// Do executes the "compute.instances.stop" call.
+// Do executes the "compute.instances.updateNetworkInterface" call.
 // Exactly one of *Operation or error will be non-nil. Any non-2xx
 // status code is an error. Response headers are in either
 // *Operation.ServerResponse.Header or (if a response was returned at
 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
 // to check whether the returned error was because
 // http.StatusNotModified was returned.
-func (c *InstancesStopCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+func (c *InstancesUpdateNetworkInterfaceCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 	gensupport.SetOptions(c.urlParams_, opts...)
 	res, err := c.doRequest("json")
 	if res != nil && res.StatusCode == http.StatusNotModified {
@@ -49704,22 +50718,29 @@ func (c *InstancesStopCall) Do(opts ...googleapi.CallOption) (*Operation, error)
 	}
 	return ret, nil
 	// {
-	//   "description": "Stops a running instance, shutting it down cleanly, and allows you to restart the instance at a later time. Stopped instances do not incur VM usage charges while they are stopped. However, resources that the VM is using, such as persistent disks and static IP addresses, will continue to be charged until they are deleted. For more information, see Stopping an instance.",
-	//   "httpMethod": "POST",
-	//   "id": "compute.instances.stop",
+	//   "description": "Updates an instance's network interface. This method follows PATCH semantics.",
+	//   "httpMethod": "PATCH",
+	//   "id": "compute.instances.updateNetworkInterface",
 	//   "parameterOrder": [
 	//     "project",
 	//     "zone",
-	//     "instance"
+	//     "instance",
+	//     "networkInterface"
 	//   ],
 	//   "parameters": {
 	//     "instance": {
-	//       "description": "Name of the instance resource to stop.",
+	//       "description": "The instance name for this request.",
 	//       "location": "path",
 	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
 	//       "required": true,
 	//       "type": "string"
 	//     },
+	//     "networkInterface": {
+	//       "description": "The name of the network interface to update.",
+	//       "location": "query",
+	//       "required": true,
+	//       "type": "string"
+	//     },
 	//     "project": {
 	//       "description": "Project ID for this request.",
 	//       "location": "path",
@@ -49740,7 +50761,10 @@ func (c *InstancesStopCall) Do(opts ...googleapi.CallOption) (*Operation, error)
 	//       "type": "string"
 	//     }
 	//   },
-	//   "path": "{project}/zones/{zone}/instances/{instance}/stop",
+	//   "path": "{project}/zones/{zone}/instances/{instance}/updateNetworkInterface",
+	//   "request": {
+	//     "$ref": "NetworkInterface"
+	//   },
 	//   "response": {
 	//     "$ref": "Operation"
 	//   },
@@ -57847,7 +58871,7 @@ func (c *RegionBackendServicesGetHealthCall) Do(opts ...googleapi.CallOption) (*
 	//   ],
 	//   "parameters": {
 	//     "backendService": {
-	//       "description": "Name of the BackendService resource to which the queried instance belongs.",
+	//       "description": "Name of the BackendService resource for which to get health.",
 	//       "location": "path",
 	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
 	//       "required": true,
@@ -68542,6 +69566,191 @@ func (c *SubnetworksListCall) Pages(ctx context.Context, f func(*SubnetworkList)
 	}
 }
 
+// method id "compute.subnetworks.patch":
+
+type SubnetworksPatchCall struct {
+	s           *Service
+	project     string
+	region      string
+	subnetwork  string
+	subnetwork2 *Subnetwork
+	urlParams_  gensupport.URLParams
+	ctx_        context.Context
+	header_     http.Header
+}
+
+// Patch: Patches the specified subnetwork with the data included in the
+// request. Only the following fields within the subnetwork resource can
+// be specified in the request: secondary_ip_range and
+// allow_subnet_cidr_routes_overlap. It is also mandatory to specify the
+// current fingeprint of the subnetwork resource being patched.
+func (r *SubnetworksService) Patch(project string, region string, subnetwork string, subnetwork2 *Subnetwork) *SubnetworksPatchCall {
+	c := &SubnetworksPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.project = project
+	c.region = region
+	c.subnetwork = subnetwork
+	c.subnetwork2 = subnetwork2
+	return c
+}
+
+// RequestId sets the optional parameter "requestId": An optional
+// request ID to identify requests. Specify a unique request ID so that
+// if you must retry your request, the server will know to ignore the
+// request if it has already been completed.
+//
+// For example, consider a situation where you make an initial request
+// and the request times out. If you make the request again with the
+// same request ID, the server can check if original operation with the
+// same request ID was received, and if so, will ignore the second
+// request. This prevents clients from accidentally creating duplicate
+// commitments.
+//
+// The request ID must be a valid UUID with the exception that zero UUID
+// is not supported (00000000-0000-0000-0000-000000000000).
+func (c *SubnetworksPatchCall) RequestId(requestId string) *SubnetworksPatchCall {
+	c.urlParams_.Set("requestId", requestId)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *SubnetworksPatchCall) Fields(s ...googleapi.Field) *SubnetworksPatchCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *SubnetworksPatchCall) Context(ctx context.Context) *SubnetworksPatchCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *SubnetworksPatchCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *SubnetworksPatchCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.subnetwork2)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "{project}/regions/{region}/subnetworks/{subnetwork}")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("PATCH", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"project":    c.project,
+		"region":     c.region,
+		"subnetwork": c.subnetwork,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "compute.subnetworks.patch" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *SubnetworksPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Patches the specified subnetwork with the data included in the request. Only the following fields within the subnetwork resource can be specified in the request: secondary_ip_range and allow_subnet_cidr_routes_overlap. It is also mandatory to specify the current fingeprint of the subnetwork resource being patched.",
+	//   "httpMethod": "PATCH",
+	//   "id": "compute.subnetworks.patch",
+	//   "parameterOrder": [
+	//     "project",
+	//     "region",
+	//     "subnetwork"
+	//   ],
+	//   "parameters": {
+	//     "project": {
+	//       "description": "Project ID for this request.",
+	//       "location": "path",
+	//       "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "region": {
+	//       "description": "Name of the region scoping this request.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "requestId": {
+	//       "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "subnetwork": {
+	//       "description": "Name of the Subnetwork resource to patch.",
+	//       "location": "path",
+	//       "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "{project}/regions/{region}/subnetworks/{subnetwork}",
+	//   "request": {
+	//     "$ref": "Subnetwork"
+	//   },
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform",
+	//     "https://www.googleapis.com/auth/compute"
+	//   ]
+	// }
+
+}
+
 // method id "compute.subnetworks.setPrivateIpGoogleAccess":
 
 type SubnetworksSetPrivateIpGoogleAccessCall struct {
diff --git a/vendor/google.golang.org/api/container/v1/container-api.json b/vendor/google.golang.org/api/container/v1/container-api.json
index d2ab8a2314a2..ef6738238394 100644
--- a/vendor/google.golang.org/api/container/v1/container-api.json
+++ b/vendor/google.golang.org/api/container/v1/container-api.json
@@ -8,1255 +8,1354 @@
       }
     }
   },
-  "rootUrl": "https://container.googleapis.com/",
-  "ownerDomain": "google.com",
-  "name": "container",
+  "basePath": "",
+  "baseUrl": "https://container.googleapis.com/",
   "batchPath": "batch",
+  "canonicalName": "Container",
+  "description": "The Google Kubernetes Engine API is used for building and managing container based applications, powered by the open source Kubernetes technology.",
+  "discoveryVersion": "v1",
+  "documentationLink": "https://cloud.google.com/container-engine/",
   "fullyEncodeReservedExpansion": true,
-  "title": "Google Container Engine API",
+  "icons": {
+    "x16": "http://www.google.com/images/icons/product/search-16.gif",
+    "x32": "http://www.google.com/images/icons/product/search-32.gif"
+  },
+  "id": "container:v1",
+  "kind": "discovery#restDescription",
+  "name": "container",
+  "ownerDomain": "google.com",
   "ownerName": "Google",
+  "parameters": {
+    "$.xgafv": {
+      "description": "V1 error format.",
+      "enum": [
+        "1",
+        "2"
+      ],
+      "enumDescriptions": [
+        "v1 error format",
+        "v2 error format"
+      ],
+      "location": "query",
+      "type": "string"
+    },
+    "access_token": {
+      "description": "OAuth access token.",
+      "location": "query",
+      "type": "string"
+    },
+    "alt": {
+      "default": "json",
+      "description": "Data format for response.",
+      "enum": [
+        "json",
+        "media",
+        "proto"
+      ],
+      "enumDescriptions": [
+        "Responses with Content-Type of application/json",
+        "Media download with context-dependent Content-Type",
+        "Responses with Content-Type of application/x-protobuf"
+      ],
+      "location": "query",
+      "type": "string"
+    },
+    "bearer_token": {
+      "description": "OAuth bearer token.",
+      "location": "query",
+      "type": "string"
+    },
+    "callback": {
+      "description": "JSONP",
+      "location": "query",
+      "type": "string"
+    },
+    "fields": {
+      "description": "Selector specifying which fields to include in a partial response.",
+      "location": "query",
+      "type": "string"
+    },
+    "key": {
+      "description": "API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.",
+      "location": "query",
+      "type": "string"
+    },
+    "oauth_token": {
+      "description": "OAuth 2.0 token for the current user.",
+      "location": "query",
+      "type": "string"
+    },
+    "pp": {
+      "default": "true",
+      "description": "Pretty-print response.",
+      "location": "query",
+      "type": "boolean"
+    },
+    "prettyPrint": {
+      "default": "true",
+      "description": "Returns response with indentations and line breaks.",
+      "location": "query",
+      "type": "boolean"
+    },
+    "quotaUser": {
+      "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.",
+      "location": "query",
+      "type": "string"
+    },
+    "uploadType": {
+      "description": "Legacy upload protocol for media (e.g. \"media\", \"multipart\").",
+      "location": "query",
+      "type": "string"
+    },
+    "upload_protocol": {
+      "description": "Upload protocol for media (e.g. \"raw\", \"multipart\").",
+      "location": "query",
+      "type": "string"
+    }
+  },
+  "protocol": "rest",
   "resources": {
     "projects": {
       "resources": {
         "zones": {
           "methods": {
             "getServerconfig": {
-              "scopes": [
-                "https://www.googleapis.com/auth/cloud-platform"
+              "description": "Returns configuration info about the Kubernetes Engine service.",
+              "flatPath": "v1/projects/{projectId}/zones/{zone}/serverconfig",
+              "httpMethod": "GET",
+              "id": "container.projects.zones.getServerconfig",
+              "parameterOrder": [
+                "projectId",
+                "zone"
               ],
               "parameters": {
                 "projectId": {
-                  "location": "path",
                   "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
+                  "location": "path",
                   "required": true,
                   "type": "string"
                 },
                 "zone": {
-                  "location": "path",
                   "description": "The name of the Google Compute Engine [zone](/compute/docs/zones#available)\nto return operations for.",
+                  "location": "path",
                   "required": true,
                   "type": "string"
                 }
               },
-              "flatPath": "v1/projects/{projectId}/zones/{zone}/serverconfig",
               "path": "v1/projects/{projectId}/zones/{zone}/serverconfig",
-              "id": "container.projects.zones.getServerconfig",
-              "description": "Returns configuration info about the Kubernetes Engine service.",
               "response": {
                 "$ref": "ServerConfig"
               },
-              "parameterOrder": [
-                "projectId",
-                "zone"
-              ],
-              "httpMethod": "GET"
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
             }
           },
           "resources": {
             "clusters": {
               "methods": {
-                "delete": {
-                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}",
-                  "id": "container.projects.zones.clusters.delete",
-                  "description": "Deletes the cluster, including the Kubernetes endpoint and all worker\nnodes.\n\nFirewalls and routes that were configured during cluster creation\nare also deleted.\n\nOther Google Compute Engine resources that might be in use by the cluster\n(e.g. load balancer resources) will not be deleted if they weren't present\nat the initial create time.",
-                  "response": {
-                    "$ref": "Operation"
-                  },
+                "addons": {
+                  "description": "Sets the addons of a specific cluster.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/addons",
+                  "httpMethod": "POST",
+                  "id": "container.projects.zones.clusters.addons",
                   "parameterOrder": [
                     "projectId",
                     "zone",
                     "clusterId"
                   ],
-                  "httpMethod": "DELETE",
-                  "scopes": [
-                    "https://www.googleapis.com/auth/cloud-platform"
-                  ],
                   "parameters": {
-                    "projectId": {
+                    "clusterId": {
+                      "description": "The name of the cluster to upgrade.",
                       "location": "path",
-                      "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
                       "required": true,
                       "type": "string"
                     },
-                    "zone": {
+                    "projectId": {
+                      "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
                       "location": "path",
-                      "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
                       "required": true,
                       "type": "string"
                     },
-                    "clusterId": {
+                    "zone": {
+                      "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
                       "location": "path",
-                      "description": "The name of the cluster to delete.",
                       "required": true,
                       "type": "string"
                     }
                   },
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}"
-                },
-                "locations": {
+                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/addons",
+                  "request": {
+                    "$ref": "SetAddonsConfigRequest"
+                  },
+                  "response": {
+                    "$ref": "Operation"
+                  },
                   "scopes": [
                     "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "completeIpRotation": {
+                  "description": "Completes master IP rotation.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:completeIpRotation",
+                  "httpMethod": "POST",
+                  "id": "container.projects.zones.clusters.completeIpRotation",
+                  "parameterOrder": [
+                    "projectId",
+                    "zone",
+                    "clusterId"
                   ],
                   "parameters": {
                     "clusterId": {
-                      "description": "The name of the cluster to upgrade.",
+                      "description": "The name of the cluster.",
+                      "location": "path",
                       "required": true,
-                      "type": "string",
-                      "location": "path"
+                      "type": "string"
                     },
                     "projectId": {
+                      "description": "The Google Developers Console [project ID or project\nnumber](https://developers.google.com/console/help/new/#projectnumber).",
                       "location": "path",
-                      "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
                       "required": true,
                       "type": "string"
                     },
                     "zone": {
-                      "location": "path",
                       "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                      "location": "path",
                       "required": true,
                       "type": "string"
                     }
                   },
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/locations",
-                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/locations",
-                  "id": "container.projects.zones.clusters.locations",
-                  "description": "Sets the locations of a specific cluster.",
+                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:completeIpRotation",
                   "request": {
-                    "$ref": "SetLocationsRequest"
+                    "$ref": "CompleteIPRotationRequest"
                   },
                   "response": {
                     "$ref": "Operation"
                   },
-                  "parameterOrder": [
-                    "projectId",
-                    "zone",
-                    "clusterId"
-                  ],
-                  "httpMethod": "POST"
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
                 },
-                "update": {
-                  "response": {
-                    "$ref": "Operation"
-                  },
+                "create": {
+                  "description": "Creates a cluster, consisting of the specified number and type of Google\nCompute Engine instances.\n\nBy default, the cluster is created in the project's\n[default network](/compute/docs/networks-and-firewalls#networks).\n\nOne firewall is added for the cluster. After cluster creation,\nthe cluster creates routes for each node to allow the containers\non that node to communicate with all other instances in the\ncluster.\n\nFinally, an entry is added to the project's global metadata indicating\nwhich CIDR range is being used by the cluster.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters",
+                  "httpMethod": "POST",
+                  "id": "container.projects.zones.clusters.create",
                   "parameterOrder": [
                     "projectId",
-                    "zone",
-                    "clusterId"
-                  ],
-                  "httpMethod": "PUT",
-                  "scopes": [
-                    "https://www.googleapis.com/auth/cloud-platform"
+                    "zone"
                   ],
                   "parameters": {
                     "projectId": {
                       "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
+                      "location": "path",
                       "required": true,
-                      "type": "string",
-                      "location": "path"
+                      "type": "string"
                     },
                     "zone": {
                       "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
-                      "required": true,
-                      "type": "string",
-                      "location": "path"
-                    },
-                    "clusterId": {
                       "location": "path",
-                      "description": "The name of the cluster to upgrade.",
                       "required": true,
                       "type": "string"
                     }
                   },
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}",
-                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}",
-                  "id": "container.projects.zones.clusters.update",
-                  "description": "Updates the settings of a specific cluster.",
+                  "path": "v1/projects/{projectId}/zones/{zone}/clusters",
                   "request": {
-                    "$ref": "UpdateClusterRequest"
-                  }
+                    "$ref": "CreateClusterRequest"
+                  },
+                  "response": {
+                    "$ref": "Operation"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
                 },
-                "monitoring": {
+                "delete": {
+                  "description": "Deletes the cluster, including the Kubernetes endpoint and all worker\nnodes.\n\nFirewalls and routes that were configured during cluster creation\nare also deleted.\n\nOther Google Compute Engine resources that might be in use by the cluster\n(e.g. load balancer resources) will not be deleted if they weren't present\nat the initial create time.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}",
+                  "httpMethod": "DELETE",
+                  "id": "container.projects.zones.clusters.delete",
+                  "parameterOrder": [
+                    "projectId",
+                    "zone",
+                    "clusterId"
+                  ],
                   "parameters": {
                     "clusterId": {
+                      "description": "The name of the cluster to delete.",
                       "location": "path",
-                      "description": "The name of the cluster to upgrade.",
                       "required": true,
                       "type": "string"
                     },
                     "projectId": {
-                      "location": "path",
                       "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
+                      "location": "path",
                       "required": true,
                       "type": "string"
                     },
                     "zone": {
                       "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                      "location": "path",
                       "required": true,
-                      "type": "string",
-                      "location": "path"
+                      "type": "string"
                     }
                   },
-                  "scopes": [
-                    "https://www.googleapis.com/auth/cloud-platform"
-                  ],
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/monitoring",
-                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/monitoring",
-                  "id": "container.projects.zones.clusters.monitoring",
-                  "request": {
-                    "$ref": "SetMonitoringServiceRequest"
-                  },
-                  "description": "Sets the monitoring service of a specific cluster.",
+                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}",
                   "response": {
                     "$ref": "Operation"
                   },
-                  "parameterOrder": [
-                    "projectId",
-                    "zone",
-                    "clusterId"
-                  ],
-                  "httpMethod": "POST"
-                },
-                "master": {
-                  "response": {
-                    "$ref": "Operation"
-                  },
-                  "parameterOrder": [
-                    "projectId",
-                    "zone",
-                    "clusterId"
-                  ],
-                  "httpMethod": "POST",
                   "scopes": [
                     "https://www.googleapis.com/auth/cloud-platform"
-                  ],
-                  "parameters": {
-                    "projectId": {
-                      "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
-                      "required": true,
-                      "type": "string",
-                      "location": "path"
-                    },
-                    "zone": {
-                      "location": "path",
-                      "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
-                      "required": true,
-                      "type": "string"
-                    },
-                    "clusterId": {
-                      "description": "The name of the cluster to upgrade.",
-                      "required": true,
-                      "type": "string",
-                      "location": "path"
-                    }
-                  },
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/master",
-                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/master",
-                  "id": "container.projects.zones.clusters.master",
-                  "description": "Updates the master of a specific cluster.",
-                  "request": {
-                    "$ref": "UpdateMasterRequest"
-                  }
+                  ]
                 },
-                "setMasterAuth": {
-                  "id": "container.projects.zones.clusters.setMasterAuth",
-                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:setMasterAuth",
-                  "request": {
-                    "$ref": "SetMasterAuthRequest"
-                  },
-                  "description": "Used to set master auth materials. Currently supports :-\nChanging the admin password of a specific cluster.\nThis can be either via password generation or explicitly set the password.",
-                  "httpMethod": "POST",
+                "get": {
+                  "description": "Gets the details of a specific cluster.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}",
+                  "httpMethod": "GET",
+                  "id": "container.projects.zones.clusters.get",
                   "parameterOrder": [
                     "projectId",
                     "zone",
                     "clusterId"
                   ],
-                  "response": {
-                    "$ref": "Operation"
-                  },
                   "parameters": {
                     "clusterId": {
+                      "description": "The name of the cluster to retrieve.",
                       "location": "path",
-                      "description": "The name of the cluster to upgrade.",
                       "required": true,
                       "type": "string"
                     },
                     "projectId": {
-                      "location": "path",
                       "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
+                      "location": "path",
                       "required": true,
                       "type": "string"
                     },
                     "zone": {
-                      "location": "path",
                       "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                      "location": "path",
                       "required": true,
                       "type": "string"
                     }
                   },
+                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}",
+                  "response": {
+                    "$ref": "Cluster"
+                  },
                   "scopes": [
                     "https://www.googleapis.com/auth/cloud-platform"
-                  ],
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:setMasterAuth"
+                  ]
                 },
-                "logging": {
-                  "description": "Sets the logging service of a specific cluster.",
-                  "request": {
-                    "$ref": "SetLoggingServiceRequest"
-                  },
-                  "response": {
-                    "$ref": "Operation"
-                  },
+                "legacyAbac": {
+                  "description": "Enables or disables the ABAC authorization mechanism on a cluster.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/legacyAbac",
+                  "httpMethod": "POST",
+                  "id": "container.projects.zones.clusters.legacyAbac",
                   "parameterOrder": [
                     "projectId",
                     "zone",
                     "clusterId"
                   ],
-                  "httpMethod": "POST",
-                  "scopes": [
-                    "https://www.googleapis.com/auth/cloud-platform"
-                  ],
                   "parameters": {
                     "clusterId": {
+                      "description": "The name of the cluster to update.",
                       "location": "path",
-                      "description": "The name of the cluster to upgrade.",
                       "required": true,
                       "type": "string"
                     },
                     "projectId": {
-                      "location": "path",
                       "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
+                      "location": "path",
                       "required": true,
                       "type": "string"
                     },
                     "zone": {
                       "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                      "location": "path",
                       "required": true,
-                      "type": "string",
-                      "location": "path"
+                      "type": "string"
                     }
                   },
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/logging",
-                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/logging",
-                  "id": "container.projects.zones.clusters.logging"
+                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/legacyAbac",
+                  "request": {
+                    "$ref": "SetLegacyAbacRequest"
+                  },
+                  "response": {
+                    "$ref": "Operation"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
                 },
                 "list": {
+                  "description": "Lists all clusters owned by a project in either the specified zone or all\nzones.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters",
                   "httpMethod": "GET",
+                  "id": "container.projects.zones.clusters.list",
                   "parameterOrder": [
                     "projectId",
                     "zone"
                   ],
-                  "response": {
-                    "$ref": "ListClustersResponse"
-                  },
                   "parameters": {
                     "projectId": {
                       "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
+                      "location": "path",
                       "required": true,
-                      "type": "string",
-                      "location": "path"
+                      "type": "string"
                     },
                     "zone": {
                       "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides, or \"-\" for all zones.",
+                      "location": "path",
                       "required": true,
-                      "type": "string",
-                      "location": "path"
+                      "type": "string"
                     }
                   },
-                  "scopes": [
-                    "https://www.googleapis.com/auth/cloud-platform"
-                  ],
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters",
-                  "id": "container.projects.zones.clusters.list",
                   "path": "v1/projects/{projectId}/zones/{zone}/clusters",
-                  "description": "Lists all clusters owned by a project in either the specified zone or all\nzones."
-                },
-                "resourceLabels": {
                   "response": {
-                    "$ref": "Operation"
+                    "$ref": "ListClustersResponse"
                   },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "locations": {
+                  "description": "Sets the locations of a specific cluster.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/locations",
+                  "httpMethod": "POST",
+                  "id": "container.projects.zones.clusters.locations",
                   "parameterOrder": [
                     "projectId",
                     "zone",
                     "clusterId"
                   ],
-                  "httpMethod": "POST",
-                  "scopes": [
-                    "https://www.googleapis.com/auth/cloud-platform"
-                  ],
                   "parameters": {
-                    "projectId": {
+                    "clusterId": {
+                      "description": "The name of the cluster to upgrade.",
                       "location": "path",
-                      "description": "The Google Developers Console [project ID or project\nnumber](https://developers.google.com/console/help/new/#projectnumber).",
                       "required": true,
                       "type": "string"
                     },
-                    "zone": {
+                    "projectId": {
+                      "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
                       "location": "path",
-                      "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
                       "required": true,
                       "type": "string"
                     },
-                    "clusterId": {
-                      "description": "The name of the cluster.",
+                    "zone": {
+                      "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                      "location": "path",
                       "required": true,
-                      "type": "string",
-                      "location": "path"
+                      "type": "string"
                     }
                   },
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/resourceLabels",
-                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/resourceLabels",
-                  "id": "container.projects.zones.clusters.resourceLabels",
-                  "description": "Sets labels on a cluster.",
-                  "request": {
-                    "$ref": "SetLabelsRequest"
-                  }
-                },
-                "create": {
-                  "path": "v1/projects/{projectId}/zones/{zone}/clusters",
-                  "id": "container.projects.zones.clusters.create",
-                  "description": "Creates a cluster, consisting of the specified number and type of Google\nCompute Engine instances.\n\nBy default, the cluster is created in the project's\n[default network](/compute/docs/networks-and-firewalls#networks).\n\nOne firewall is added for the cluster. After cluster creation,\nthe cluster creates routes for each node to allow the containers\non that node to communicate with all other instances in the\ncluster.\n\nFinally, an entry is added to the project's global metadata indicating\nwhich CIDR range is being used by the cluster.",
+                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/locations",
                   "request": {
-                    "$ref": "CreateClusterRequest"
+                    "$ref": "SetLocationsRequest"
                   },
                   "response": {
                     "$ref": "Operation"
                   },
-                  "parameterOrder": [
-                    "projectId",
-                    "zone"
-                  ],
-                  "httpMethod": "POST",
                   "scopes": [
                     "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "logging": {
+                  "description": "Sets the logging service of a specific cluster.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/logging",
+                  "httpMethod": "POST",
+                  "id": "container.projects.zones.clusters.logging",
+                  "parameterOrder": [
+                    "projectId",
+                    "zone",
+                    "clusterId"
                   ],
                   "parameters": {
-                    "projectId": {
+                    "clusterId": {
+                      "description": "The name of the cluster to upgrade.",
                       "location": "path",
+                      "required": true,
+                      "type": "string"
+                    },
+                    "projectId": {
                       "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
+                      "location": "path",
                       "required": true,
                       "type": "string"
                     },
                     "zone": {
-                      "location": "path",
                       "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                      "location": "path",
                       "required": true,
                       "type": "string"
                     }
                   },
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters"
+                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/logging",
+                  "request": {
+                    "$ref": "SetLoggingServiceRequest"
+                  },
+                  "response": {
+                    "$ref": "Operation"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
                 },
-                "completeIpRotation": {
+                "master": {
+                  "description": "Updates the master of a specific cluster.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/master",
+                  "httpMethod": "POST",
+                  "id": "container.projects.zones.clusters.master",
+                  "parameterOrder": [
+                    "projectId",
+                    "zone",
+                    "clusterId"
+                  ],
                   "parameters": {
                     "clusterId": {
+                      "description": "The name of the cluster to upgrade.",
                       "location": "path",
-                      "description": "The name of the cluster.",
                       "required": true,
                       "type": "string"
                     },
                     "projectId": {
-                      "description": "The Google Developers Console [project ID or project\nnumber](https://developers.google.com/console/help/new/#projectnumber).",
+                      "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
+                      "location": "path",
                       "required": true,
-                      "type": "string",
-                      "location": "path"
+                      "type": "string"
                     },
                     "zone": {
-                      "location": "path",
                       "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                      "location": "path",
                       "required": true,
                       "type": "string"
                     }
                   },
-                  "scopes": [
-                    "https://www.googleapis.com/auth/cloud-platform"
-                  ],
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:completeIpRotation",
-                  "id": "container.projects.zones.clusters.completeIpRotation",
-                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:completeIpRotation",
-                  "request": {
-                    "$ref": "CompleteIPRotationRequest"
-                  },
-                  "description": "Completes master IP rotation.",
-                  "httpMethod": "POST",
-                  "parameterOrder": [
-                    "projectId",
-                    "zone",
-                    "clusterId"
-                  ],
-                  "response": {
-                    "$ref": "Operation"
-                  }
-                },
-                "setNetworkPolicy": {
-                  "description": "Enables/Disables Network Policy for a cluster.",
+                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/master",
                   "request": {
-                    "$ref": "SetNetworkPolicyRequest"
+                    "$ref": "UpdateMasterRequest"
                   },
                   "response": {
                     "$ref": "Operation"
                   },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "monitoring": {
+                  "description": "Sets the monitoring service of a specific cluster.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/monitoring",
+                  "httpMethod": "POST",
+                  "id": "container.projects.zones.clusters.monitoring",
                   "parameterOrder": [
                     "projectId",
                     "zone",
                     "clusterId"
                   ],
-                  "httpMethod": "POST",
-                  "scopes": [
-                    "https://www.googleapis.com/auth/cloud-platform"
-                  ],
                   "parameters": {
                     "clusterId": {
+                      "description": "The name of the cluster to upgrade.",
                       "location": "path",
-                      "description": "The name of the cluster.",
                       "required": true,
                       "type": "string"
                     },
                     "projectId": {
-                      "description": "The Google Developers Console [project ID or project\nnumber](https://developers.google.com/console/help/new/#projectnumber).",
+                      "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
+                      "location": "path",
                       "required": true,
-                      "type": "string",
-                      "location": "path"
+                      "type": "string"
                     },
                     "zone": {
                       "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                      "location": "path",
                       "required": true,
-                      "type": "string",
-                      "location": "path"
+                      "type": "string"
                     }
                   },
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:setNetworkPolicy",
-                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:setNetworkPolicy",
-                  "id": "container.projects.zones.clusters.setNetworkPolicy"
-                },
-                "legacyAbac": {
-                  "description": "Enables or disables the ABAC authorization mechanism on a cluster.",
+                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/monitoring",
                   "request": {
-                    "$ref": "SetLegacyAbacRequest"
+                    "$ref": "SetMonitoringServiceRequest"
                   },
                   "response": {
                     "$ref": "Operation"
                   },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "resourceLabels": {
+                  "description": "Sets labels on a cluster.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/resourceLabels",
+                  "httpMethod": "POST",
+                  "id": "container.projects.zones.clusters.resourceLabels",
                   "parameterOrder": [
                     "projectId",
                     "zone",
                     "clusterId"
                   ],
-                  "httpMethod": "POST",
-                  "scopes": [
-                    "https://www.googleapis.com/auth/cloud-platform"
-                  ],
                   "parameters": {
-                    "projectId": {
+                    "clusterId": {
+                      "description": "The name of the cluster.",
                       "location": "path",
-                      "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
                       "required": true,
                       "type": "string"
                     },
-                    "zone": {
+                    "projectId": {
+                      "description": "The Google Developers Console [project ID or project\nnumber](https://developers.google.com/console/help/new/#projectnumber).",
                       "location": "path",
-                      "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
                       "required": true,
                       "type": "string"
                     },
-                    "clusterId": {
-                      "description": "The name of the cluster to update.",
+                    "zone": {
+                      "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                      "location": "path",
                       "required": true,
-                      "type": "string",
-                      "location": "path"
+                      "type": "string"
                     }
                   },
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/legacyAbac",
-                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/legacyAbac",
-                  "id": "container.projects.zones.clusters.legacyAbac"
-                },
-                "get": {
+                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/resourceLabels",
+                  "request": {
+                    "$ref": "SetLabelsRequest"
+                  },
+                  "response": {
+                    "$ref": "Operation"
+                  },
                   "scopes": [
                     "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "setMaintenancePolicy": {
+                  "description": "Sets the maintenance policy for a cluster.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:setMaintenancePolicy",
+                  "httpMethod": "POST",
+                  "id": "container.projects.zones.clusters.setMaintenancePolicy",
+                  "parameterOrder": [
+                    "projectId",
+                    "zone",
+                    "clusterId"
                   ],
                   "parameters": {
                     "clusterId": {
-                      "description": "The name of the cluster to retrieve.",
+                      "description": "The name of the cluster to update.",
+                      "location": "path",
                       "required": true,
-                      "type": "string",
-                      "location": "path"
+                      "type": "string"
                     },
                     "projectId": {
-                      "location": "path",
                       "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
+                      "location": "path",
                       "required": true,
                       "type": "string"
                     },
                     "zone": {
-                      "location": "path",
                       "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                      "location": "path",
                       "required": true,
                       "type": "string"
                     }
                   },
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}",
-                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}",
-                  "id": "container.projects.zones.clusters.get",
-                  "description": "Gets the details of a specific cluster.",
-                  "response": {
-                    "$ref": "Cluster"
-                  },
-                  "parameterOrder": [
-                    "projectId",
-                    "zone",
-                    "clusterId"
-                  ],
-                  "httpMethod": "GET"
-                },
-                "startIpRotation": {
-                  "description": "Start master IP rotation.",
+                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:setMaintenancePolicy",
                   "request": {
-                    "$ref": "StartIPRotationRequest"
+                    "$ref": "SetMaintenancePolicyRequest"
                   },
                   "response": {
                     "$ref": "Operation"
                   },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "setMasterAuth": {
+                  "description": "Used to set master auth materials. Currently supports :-\nChanging the admin password of a specific cluster.\nThis can be either via password generation or explicitly set the password.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:setMasterAuth",
+                  "httpMethod": "POST",
+                  "id": "container.projects.zones.clusters.setMasterAuth",
                   "parameterOrder": [
                     "projectId",
                     "zone",
                     "clusterId"
                   ],
-                  "httpMethod": "POST",
-                  "scopes": [
-                    "https://www.googleapis.com/auth/cloud-platform"
-                  ],
                   "parameters": {
                     "clusterId": {
+                      "description": "The name of the cluster to upgrade.",
                       "location": "path",
-                      "description": "The name of the cluster.",
                       "required": true,
                       "type": "string"
                     },
                     "projectId": {
+                      "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
                       "location": "path",
-                      "description": "The Google Developers Console [project ID or project\nnumber](https://developers.google.com/console/help/new/#projectnumber).",
                       "required": true,
                       "type": "string"
                     },
                     "zone": {
                       "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                      "location": "path",
                       "required": true,
-                      "type": "string",
-                      "location": "path"
+                      "type": "string"
                     }
                   },
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:startIpRotation",
-                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:startIpRotation",
-                  "id": "container.projects.zones.clusters.startIpRotation"
+                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:setMasterAuth",
+                  "request": {
+                    "$ref": "SetMasterAuthRequest"
+                  },
+                  "response": {
+                    "$ref": "Operation"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
                 },
-                "addons": {
+                "setNetworkPolicy": {
+                  "description": "Enables/Disables Network Policy for a cluster.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:setNetworkPolicy",
+                  "httpMethod": "POST",
+                  "id": "container.projects.zones.clusters.setNetworkPolicy",
+                  "parameterOrder": [
+                    "projectId",
+                    "zone",
+                    "clusterId"
+                  ],
                   "parameters": {
                     "clusterId": {
-                      "description": "The name of the cluster to upgrade.",
+                      "description": "The name of the cluster.",
+                      "location": "path",
                       "required": true,
-                      "type": "string",
-                      "location": "path"
+                      "type": "string"
                     },
                     "projectId": {
+                      "description": "The Google Developers Console [project ID or project\nnumber](https://developers.google.com/console/help/new/#projectnumber).",
                       "location": "path",
-                      "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
                       "required": true,
                       "type": "string"
                     },
                     "zone": {
                       "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                      "location": "path",
                       "required": true,
-                      "type": "string",
-                      "location": "path"
+                      "type": "string"
                     }
                   },
-                  "scopes": [
-                    "https://www.googleapis.com/auth/cloud-platform"
-                  ],
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/addons",
-                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/addons",
-                  "id": "container.projects.zones.clusters.addons",
+                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:setNetworkPolicy",
                   "request": {
-                    "$ref": "SetAddonsConfigRequest"
+                    "$ref": "SetNetworkPolicyRequest"
                   },
-                  "description": "Sets the addons of a specific cluster.",
                   "response": {
                     "$ref": "Operation"
                   },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "startIpRotation": {
+                  "description": "Start master IP rotation.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:startIpRotation",
+                  "httpMethod": "POST",
+                  "id": "container.projects.zones.clusters.startIpRotation",
                   "parameterOrder": [
                     "projectId",
                     "zone",
                     "clusterId"
                   ],
-                  "httpMethod": "POST"
-                },
-                "setMaintenancePolicy": {
+                  "parameters": {
+                    "clusterId": {
+                      "description": "The name of the cluster.",
+                      "location": "path",
+                      "required": true,
+                      "type": "string"
+                    },
+                    "projectId": {
+                      "description": "The Google Developers Console [project ID or project\nnumber](https://developers.google.com/console/help/new/#projectnumber).",
+                      "location": "path",
+                      "required": true,
+                      "type": "string"
+                    },
+                    "zone": {
+                      "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                      "location": "path",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:startIpRotation",
+                  "request": {
+                    "$ref": "StartIPRotationRequest"
+                  },
                   "response": {
                     "$ref": "Operation"
                   },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "update": {
+                  "description": "Updates the settings of a specific cluster.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}",
+                  "httpMethod": "PUT",
+                  "id": "container.projects.zones.clusters.update",
                   "parameterOrder": [
                     "projectId",
                     "zone",
                     "clusterId"
                   ],
-                  "httpMethod": "POST",
                   "parameters": {
                     "clusterId": {
+                      "description": "The name of the cluster to upgrade.",
                       "location": "path",
-                      "description": "The name of the cluster to update.",
                       "required": true,
                       "type": "string"
                     },
                     "projectId": {
-                      "location": "path",
                       "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
+                      "location": "path",
                       "required": true,
                       "type": "string"
                     },
                     "zone": {
-                      "location": "path",
                       "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                      "location": "path",
                       "required": true,
                       "type": "string"
                     }
                   },
-                  "scopes": [
-                    "https://www.googleapis.com/auth/cloud-platform"
-                  ],
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:setMaintenancePolicy",
-                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}:setMaintenancePolicy",
-                  "id": "container.projects.zones.clusters.setMaintenancePolicy",
+                  "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}",
                   "request": {
-                    "$ref": "SetMaintenancePolicyRequest"
+                    "$ref": "UpdateClusterRequest"
                   },
-                  "description": "Sets the maintenance policy for a cluster."
+                  "response": {
+                    "$ref": "Operation"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
                 }
               },
               "resources": {
                 "nodePools": {
                   "methods": {
-                    "get": {
-                      "response": {
-                        "$ref": "NodePool"
-                      },
+                    "autoscaling": {
+                      "description": "Sets the autoscaling settings of a specific node pool.",
+                      "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/autoscaling",
+                      "httpMethod": "POST",
+                      "id": "container.projects.zones.clusters.nodePools.autoscaling",
                       "parameterOrder": [
                         "projectId",
                         "zone",
                         "clusterId",
                         "nodePoolId"
                       ],
-                      "httpMethod": "GET",
-                      "scopes": [
-                        "https://www.googleapis.com/auth/cloud-platform"
-                      ],
                       "parameters": {
-                        "projectId": {
-                          "description": "The Google Developers Console [project ID or project\nnumber](https://developers.google.com/console/help/new/#projectnumber).",
+                        "clusterId": {
+                          "description": "The name of the cluster to upgrade.",
+                          "location": "path",
                           "required": true,
-                          "type": "string",
-                          "location": "path"
+                          "type": "string"
                         },
-                        "zone": {
-                          "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                        "nodePoolId": {
+                          "description": "The name of the node pool to upgrade.",
+                          "location": "path",
                           "required": true,
-                          "type": "string",
-                          "location": "path"
+                          "type": "string"
                         },
-                        "clusterId": {
-                          "description": "The name of the cluster.",
+                        "projectId": {
+                          "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
+                          "location": "path",
                           "required": true,
-                          "type": "string",
-                          "location": "path"
+                          "type": "string"
                         },
-                        "nodePoolId": {
-                          "description": "The name of the node pool.",
+                        "zone": {
+                          "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                          "location": "path",
                           "required": true,
-                          "type": "string",
-                          "location": "path"
+                          "type": "string"
                         }
                       },
-                      "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}",
-                      "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}",
-                      "id": "container.projects.zones.clusters.nodePools.get",
-                      "description": "Retrieves the node pool requested."
-                    },
-                    "update": {
-                      "id": "container.projects.zones.clusters.nodePools.update",
-                      "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/update",
+                      "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/autoscaling",
                       "request": {
-                        "$ref": "UpdateNodePoolRequest"
+                        "$ref": "SetNodePoolAutoscalingRequest"
                       },
-                      "description": "Updates the version and/or image type of a specific node pool.",
+                      "response": {
+                        "$ref": "Operation"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "create": {
+                      "description": "Creates a node pool for a cluster.",
+                      "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools",
                       "httpMethod": "POST",
+                      "id": "container.projects.zones.clusters.nodePools.create",
                       "parameterOrder": [
                         "projectId",
                         "zone",
-                        "clusterId",
-                        "nodePoolId"
+                        "clusterId"
                       ],
-                      "response": {
-                        "$ref": "Operation"
-                      },
                       "parameters": {
-                        "projectId": {
+                        "clusterId": {
+                          "description": "The name of the cluster.",
                           "location": "path",
-                          "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
                           "required": true,
                           "type": "string"
                         },
-                        "zone": {
+                        "projectId": {
+                          "description": "The Google Developers Console [project ID or project\nnumber](https://developers.google.com/console/help/new/#projectnumber).",
                           "location": "path",
-                          "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
                           "required": true,
                           "type": "string"
                         },
-                        "clusterId": {
-                          "description": "The name of the cluster to upgrade.",
-                          "required": true,
-                          "type": "string",
-                          "location": "path"
-                        },
-                        "nodePoolId": {
-                          "description": "The name of the node pool to upgrade.",
+                        "zone": {
+                          "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                          "location": "path",
                           "required": true,
-                          "type": "string",
-                          "location": "path"
+                          "type": "string"
                         }
                       },
+                      "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools",
+                      "request": {
+                        "$ref": "CreateNodePoolRequest"
+                      },
+                      "response": {
+                        "$ref": "Operation"
+                      },
                       "scopes": [
                         "https://www.googleapis.com/auth/cloud-platform"
-                      ],
-                      "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/update"
+                      ]
                     },
                     "delete": {
                       "description": "Deletes a node pool from a cluster.",
-                      "response": {
-                        "$ref": "Operation"
-                      },
+                      "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}",
+                      "httpMethod": "DELETE",
+                      "id": "container.projects.zones.clusters.nodePools.delete",
                       "parameterOrder": [
                         "projectId",
                         "zone",
                         "clusterId",
                         "nodePoolId"
                       ],
-                      "httpMethod": "DELETE",
-                      "scopes": [
-                        "https://www.googleapis.com/auth/cloud-platform"
-                      ],
                       "parameters": {
                         "clusterId": {
-                          "location": "path",
                           "description": "The name of the cluster.",
+                          "location": "path",
                           "required": true,
                           "type": "string"
                         },
                         "nodePoolId": {
-                          "location": "path",
                           "description": "The name of the node pool to delete.",
+                          "location": "path",
                           "required": true,
                           "type": "string"
                         },
                         "projectId": {
                           "description": "The Google Developers Console [project ID or project\nnumber](https://developers.google.com/console/help/new/#projectnumber).",
+                          "location": "path",
                           "required": true,
-                          "type": "string",
-                          "location": "path"
+                          "type": "string"
                         },
                         "zone": {
-                          "location": "path",
                           "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                          "location": "path",
                           "required": true,
                           "type": "string"
                         }
                       },
-                      "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}",
                       "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}",
-                      "id": "container.projects.zones.clusters.nodePools.delete"
-                    },
-                    "setManagement": {
                       "response": {
                         "$ref": "Operation"
                       },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "get": {
+                      "description": "Retrieves the node pool requested.",
+                      "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}",
+                      "httpMethod": "GET",
+                      "id": "container.projects.zones.clusters.nodePools.get",
                       "parameterOrder": [
                         "projectId",
                         "zone",
                         "clusterId",
                         "nodePoolId"
                       ],
-                      "httpMethod": "POST",
-                      "parameters": {
-                        "projectId": {
-                          "location": "path",
-                          "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
-                          "required": true,
-                          "type": "string"
-                        },
-                        "zone": {
-                          "location": "path",
-                          "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
-                          "required": true,
-                          "type": "string"
-                        },
-                        "clusterId": {
-                          "location": "path",
-                          "description": "The name of the cluster to update.",
-                          "required": true,
-                          "type": "string"
-                        },
-                        "nodePoolId": {
-                          "description": "The name of the node pool to update.",
-                          "required": true,
-                          "type": "string",
-                          "location": "path"
-                        }
-                      },
-                      "scopes": [
-                        "https://www.googleapis.com/auth/cloud-platform"
-                      ],
-                      "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/setManagement",
-                      "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/setManagement",
-                      "id": "container.projects.zones.clusters.nodePools.setManagement",
-                      "request": {
-                        "$ref": "SetNodePoolManagementRequest"
-                      },
-                      "description": "Sets the NodeManagement options for a node pool."
-                    },
-                    "setSize": {
-                      "scopes": [
-                        "https://www.googleapis.com/auth/cloud-platform"
-                      ],
                       "parameters": {
                         "clusterId": {
+                          "description": "The name of the cluster.",
                           "location": "path",
-                          "description": "The name of the cluster to update.",
                           "required": true,
                           "type": "string"
                         },
                         "nodePoolId": {
+                          "description": "The name of the node pool.",
                           "location": "path",
-                          "description": "The name of the node pool to update.",
                           "required": true,
                           "type": "string"
                         },
                         "projectId": {
+                          "description": "The Google Developers Console [project ID or project\nnumber](https://developers.google.com/console/help/new/#projectnumber).",
                           "location": "path",
-                          "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
                           "required": true,
                           "type": "string"
                         },
                         "zone": {
-                          "location": "path",
                           "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                          "location": "path",
                           "required": true,
                           "type": "string"
                         }
                       },
-                      "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/setSize",
-                      "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/setSize",
-                      "id": "container.projects.zones.clusters.nodePools.setSize",
-                      "description": "Sets the size of a specific node pool.",
-                      "request": {
-                        "$ref": "SetNodePoolSizeRequest"
-                      },
+                      "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}",
                       "response": {
-                        "$ref": "Operation"
+                        "$ref": "NodePool"
                       },
-                      "parameterOrder": [
-                        "projectId",
-                        "zone",
-                        "clusterId",
-                        "nodePoolId"
-                      ],
-                      "httpMethod": "POST"
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
                     },
                     "list": {
-                      "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools",
-                      "id": "container.projects.zones.clusters.nodePools.list",
                       "description": "Lists the node pools for a cluster.",
-                      "response": {
-                        "$ref": "ListNodePoolsResponse"
-                      },
+                      "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools",
+                      "httpMethod": "GET",
+                      "id": "container.projects.zones.clusters.nodePools.list",
                       "parameterOrder": [
                         "projectId",
                         "zone",
                         "clusterId"
                       ],
-                      "httpMethod": "GET",
-                      "scopes": [
-                        "https://www.googleapis.com/auth/cloud-platform"
-                      ],
                       "parameters": {
                         "clusterId": {
-                          "location": "path",
                           "description": "The name of the cluster.",
+                          "location": "path",
                           "required": true,
                           "type": "string"
                         },
                         "projectId": {
                           "description": "The Google Developers Console [project ID or project\nnumber](https://developers.google.com/console/help/new/#projectnumber).",
+                          "location": "path",
                           "required": true,
-                          "type": "string",
-                          "location": "path"
+                          "type": "string"
                         },
                         "zone": {
                           "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                          "location": "path",
                           "required": true,
-                          "type": "string",
-                          "location": "path"
+                          "type": "string"
                         }
                       },
-                      "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools"
-                    },
-                    "rollback": {
+                      "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools",
+                      "response": {
+                        "$ref": "ListNodePoolsResponse"
+                      },
                       "scopes": [
                         "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "rollback": {
+                      "description": "Roll back the previously Aborted or Failed NodePool upgrade.\nThis will be an no-op if the last upgrade successfully completed.",
+                      "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}:rollback",
+                      "httpMethod": "POST",
+                      "id": "container.projects.zones.clusters.nodePools.rollback",
+                      "parameterOrder": [
+                        "projectId",
+                        "zone",
+                        "clusterId",
+                        "nodePoolId"
                       ],
                       "parameters": {
                         "clusterId": {
                           "description": "The name of the cluster to rollback.",
+                          "location": "path",
                           "required": true,
-                          "type": "string",
-                          "location": "path"
+                          "type": "string"
                         },
                         "nodePoolId": {
                           "description": "The name of the node pool to rollback.",
+                          "location": "path",
                           "required": true,
-                          "type": "string",
-                          "location": "path"
+                          "type": "string"
                         },
                         "projectId": {
-                          "location": "path",
                           "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
+                          "location": "path",
                           "required": true,
                           "type": "string"
                         },
                         "zone": {
-                          "location": "path",
                           "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                          "location": "path",
                           "required": true,
                           "type": "string"
                         }
                       },
-                      "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}:rollback",
                       "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}:rollback",
-                      "id": "container.projects.zones.clusters.nodePools.rollback",
-                      "description": "Roll back the previously Aborted or Failed NodePool upgrade.\nThis will be an no-op if the last upgrade successfully completed.",
                       "request": {
                         "$ref": "RollbackNodePoolUpgradeRequest"
                       },
                       "response": {
                         "$ref": "Operation"
                       },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "setManagement": {
+                      "description": "Sets the NodeManagement options for a node pool.",
+                      "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/setManagement",
+                      "httpMethod": "POST",
+                      "id": "container.projects.zones.clusters.nodePools.setManagement",
                       "parameterOrder": [
                         "projectId",
                         "zone",
                         "clusterId",
                         "nodePoolId"
                       ],
-                      "httpMethod": "POST"
-                    },
-                    "create": {
-                      "response": {
-                        "$ref": "Operation"
-                      },
-                      "parameterOrder": [
-                        "projectId",
-                        "zone",
-                        "clusterId"
-                      ],
-                      "httpMethod": "POST",
-                      "scopes": [
-                        "https://www.googleapis.com/auth/cloud-platform"
-                      ],
                       "parameters": {
-                        "projectId": {
+                        "clusterId": {
+                          "description": "The name of the cluster to update.",
                           "location": "path",
-                          "description": "The Google Developers Console [project ID or project\nnumber](https://developers.google.com/console/help/new/#projectnumber).",
                           "required": true,
                           "type": "string"
                         },
-                        "zone": {
+                        "nodePoolId": {
+                          "description": "The name of the node pool to update.",
                           "location": "path",
-                          "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
                           "required": true,
                           "type": "string"
                         },
-                        "clusterId": {
+                        "projectId": {
+                          "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
+                          "location": "path",
+                          "required": true,
+                          "type": "string"
+                        },
+                        "zone": {
+                          "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
                           "location": "path",
-                          "description": "The name of the cluster.",
                           "required": true,
                           "type": "string"
                         }
                       },
-                      "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools",
-                      "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools",
-                      "id": "container.projects.zones.clusters.nodePools.create",
-                      "description": "Creates a node pool for a cluster.",
-                      "request": {
-                        "$ref": "CreateNodePoolRequest"
-                      }
-                    },
-                    "autoscaling": {
-                      "description": "Sets the autoscaling settings of a specific node pool.",
+                      "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/setManagement",
                       "request": {
-                        "$ref": "SetNodePoolAutoscalingRequest"
+                        "$ref": "SetNodePoolManagementRequest"
                       },
                       "response": {
                         "$ref": "Operation"
                       },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "setSize": {
+                      "description": "Sets the size of a specific node pool.",
+                      "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/setSize",
+                      "httpMethod": "POST",
+                      "id": "container.projects.zones.clusters.nodePools.setSize",
                       "parameterOrder": [
                         "projectId",
                         "zone",
                         "clusterId",
                         "nodePoolId"
                       ],
-                      "httpMethod": "POST",
-                      "scopes": [
-                        "https://www.googleapis.com/auth/cloud-platform"
-                      ],
                       "parameters": {
                         "clusterId": {
+                          "description": "The name of the cluster to update.",
                           "location": "path",
-                          "description": "The name of the cluster to upgrade.",
                           "required": true,
                           "type": "string"
                         },
                         "nodePoolId": {
-                          "description": "The name of the node pool to upgrade.",
+                          "description": "The name of the node pool to update.",
+                          "location": "path",
                           "required": true,
-                          "type": "string",
-                          "location": "path"
+                          "type": "string"
                         },
                         "projectId": {
                           "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
+                          "location": "path",
                           "required": true,
-                          "type": "string",
-                          "location": "path"
+                          "type": "string"
                         },
                         "zone": {
-                          "location": "path",
                           "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                          "location": "path",
                           "required": true,
                           "type": "string"
                         }
                       },
-                      "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/autoscaling",
-                      "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/autoscaling",
-                      "id": "container.projects.zones.clusters.nodePools.autoscaling"
-                    }
-                  }
-                }
-              }
-            },
-            "operations": {
-              "methods": {
-                "cancel": {
-                  "parameters": {
-                    "operationId": {
-                      "description": "The server-assigned `name` of the operation.",
-                      "required": true,
-                      "type": "string",
-                      "location": "path"
-                    },
+                      "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/setSize",
+                      "request": {
+                        "$ref": "SetNodePoolSizeRequest"
+                      },
+                      "response": {
+                        "$ref": "Operation"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    },
+                    "update": {
+                      "description": "Updates the version and/or image type of a specific node pool.",
+                      "flatPath": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/update",
+                      "httpMethod": "POST",
+                      "id": "container.projects.zones.clusters.nodePools.update",
+                      "parameterOrder": [
+                        "projectId",
+                        "zone",
+                        "clusterId",
+                        "nodePoolId"
+                      ],
+                      "parameters": {
+                        "clusterId": {
+                          "description": "The name of the cluster to upgrade.",
+                          "location": "path",
+                          "required": true,
+                          "type": "string"
+                        },
+                        "nodePoolId": {
+                          "description": "The name of the node pool to upgrade.",
+                          "location": "path",
+                          "required": true,
+                          "type": "string"
+                        },
+                        "projectId": {
+                          "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
+                          "location": "path",
+                          "required": true,
+                          "type": "string"
+                        },
+                        "zone": {
+                          "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                          "location": "path",
+                          "required": true,
+                          "type": "string"
+                        }
+                      },
+                      "path": "v1/projects/{projectId}/zones/{zone}/clusters/{clusterId}/nodePools/{nodePoolId}/update",
+                      "request": {
+                        "$ref": "UpdateNodePoolRequest"
+                      },
+                      "response": {
+                        "$ref": "Operation"
+                      },
+                      "scopes": [
+                        "https://www.googleapis.com/auth/cloud-platform"
+                      ]
+                    }
+                  }
+                }
+              }
+            },
+            "operations": {
+              "methods": {
+                "cancel": {
+                  "description": "Cancels the specified operation.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/operations/{operationId}:cancel",
+                  "httpMethod": "POST",
+                  "id": "container.projects.zones.operations.cancel",
+                  "parameterOrder": [
+                    "projectId",
+                    "zone",
+                    "operationId"
+                  ],
+                  "parameters": {
+                    "operationId": {
+                      "description": "The server-assigned `name` of the operation.",
+                      "location": "path",
+                      "required": true,
+                      "type": "string"
+                    },
                     "projectId": {
                       "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
+                      "location": "path",
                       "required": true,
-                      "type": "string",
-                      "location": "path"
+                      "type": "string"
                     },
                     "zone": {
                       "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the operation resides.",
+                      "location": "path",
                       "required": true,
-                      "type": "string",
-                      "location": "path"
+                      "type": "string"
                     }
                   },
-                  "scopes": [
-                    "https://www.googleapis.com/auth/cloud-platform"
-                  ],
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/operations/{operationId}:cancel",
                   "path": "v1/projects/{projectId}/zones/{zone}/operations/{operationId}:cancel",
-                  "id": "container.projects.zones.operations.cancel",
                   "request": {
                     "$ref": "CancelOperationRequest"
                   },
-                  "description": "Cancels the specified operation.",
                   "response": {
                     "$ref": "Empty"
                   },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "get": {
+                  "description": "Gets the specified operation.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/operations/{operationId}",
+                  "httpMethod": "GET",
+                  "id": "container.projects.zones.operations.get",
                   "parameterOrder": [
                     "projectId",
                     "zone",
                     "operationId"
                   ],
-                  "httpMethod": "POST"
-                },
-                "list": {
-                  "scopes": [
-                    "https://www.googleapis.com/auth/cloud-platform"
-                  ],
                   "parameters": {
-                    "projectId": {
+                    "operationId": {
+                      "description": "The server-assigned `name` of the operation.",
                       "location": "path",
+                      "required": true,
+                      "type": "string"
+                    },
+                    "projectId": {
                       "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
+                      "location": "path",
                       "required": true,
                       "type": "string"
                     },
                     "zone": {
-                      "description": "The name of the Google Compute Engine [zone](/compute/docs/zones#available)\nto return operations for, or `-` for all zones.",
+                      "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
+                      "location": "path",
                       "required": true,
-                      "type": "string",
-                      "location": "path"
+                      "type": "string"
                     }
                   },
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/operations",
-                  "path": "v1/projects/{projectId}/zones/{zone}/operations",
-                  "id": "container.projects.zones.operations.list",
-                  "description": "Lists all operations in a project in a specific zone or all zones.",
+                  "path": "v1/projects/{projectId}/zones/{zone}/operations/{operationId}",
                   "response": {
-                    "$ref": "ListOperationsResponse"
+                    "$ref": "Operation"
                   },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "list": {
+                  "description": "Lists all operations in a project in a specific zone or all zones.",
+                  "flatPath": "v1/projects/{projectId}/zones/{zone}/operations",
+                  "httpMethod": "GET",
+                  "id": "container.projects.zones.operations.list",
                   "parameterOrder": [
                     "projectId",
                     "zone"
                   ],
-                  "httpMethod": "GET"
-                },
-                "get": {
-                  "scopes": [
-                    "https://www.googleapis.com/auth/cloud-platform"
-                  ],
                   "parameters": {
-                    "operationId": {
-                      "location": "path",
-                      "description": "The server-assigned `name` of the operation.",
-                      "required": true,
-                      "type": "string"
-                    },
                     "projectId": {
                       "description": "The Google Developers Console [project ID or project\nnumber](https://support.google.com/cloud/answer/6158840).",
+                      "location": "path",
                       "required": true,
-                      "type": "string",
-                      "location": "path"
+                      "type": "string"
                     },
                     "zone": {
+                      "description": "The name of the Google Compute Engine [zone](/compute/docs/zones#available)\nto return operations for, or `-` for all zones.",
                       "location": "path",
-                      "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
                       "required": true,
                       "type": "string"
                     }
                   },
-                  "flatPath": "v1/projects/{projectId}/zones/{zone}/operations/{operationId}",
-                  "path": "v1/projects/{projectId}/zones/{zone}/operations/{operationId}",
-                  "id": "container.projects.zones.operations.get",
-                  "description": "Gets the specified operation.",
+                  "path": "v1/projects/{projectId}/zones/{zone}/operations",
                   "response": {
-                    "$ref": "Operation"
+                    "$ref": "ListOperationsResponse"
                   },
-                  "parameterOrder": [
-                    "projectId",
-                    "zone",
-                    "operationId"
-                  ],
-                  "httpMethod": "GET"
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
                 }
               }
             }
@@ -1265,347 +1364,248 @@
       }
     }
   },
-  "parameters": {
-    "oauth_token": {
-      "description": "OAuth 2.0 token for the current user.",
-      "type": "string",
-      "location": "query"
+  "revision": "20180213",
+  "rootUrl": "https://container.googleapis.com/",
+  "schemas": {
+    "AcceleratorConfig": {
+      "description": "AcceleratorConfig represents a Hardware Accelerator request.",
+      "id": "AcceleratorConfig",
+      "properties": {
+        "acceleratorCount": {
+          "description": "The number of the accelerator cards exposed to an instance.",
+          "format": "int64",
+          "type": "string"
+        },
+        "acceleratorType": {
+          "description": "The accelerator type resource name. List of supported accelerators\n[here](/compute/docs/gpus/#Introduction)",
+          "type": "string"
+        }
+      },
+      "type": "object"
     },
-    "bearer_token": {
-      "location": "query",
-      "description": "OAuth bearer token.",
-      "type": "string"
+    "AddonsConfig": {
+      "description": "Configuration for the addons that can be automatically spun up in the\ncluster, enabling additional functionality.",
+      "id": "AddonsConfig",
+      "properties": {
+        "horizontalPodAutoscaling": {
+          "$ref": "HorizontalPodAutoscaling",
+          "description": "Configuration for the horizontal pod autoscaling feature, which\nincreases or decreases the number of replica pods a replication controller\nhas based on the resource usage of the existing pods."
+        },
+        "httpLoadBalancing": {
+          "$ref": "HttpLoadBalancing",
+          "description": "Configuration for the HTTP (L7) load balancing controller addon, which\nmakes it easy to set up HTTP load balancers for services in a cluster."
+        },
+        "kubernetesDashboard": {
+          "$ref": "KubernetesDashboard",
+          "description": "Configuration for the Kubernetes Dashboard."
+        },
+        "networkPolicyConfig": {
+          "$ref": "NetworkPolicyConfig",
+          "description": "Configuration for NetworkPolicy. This only tracks whether the addon\nis enabled or not on the Master, it does not track whether network policy\nis enabled for the nodes."
+        }
+      },
+      "type": "object"
     },
-    "upload_protocol": {
-      "location": "query",
-      "description": "Upload protocol for media (e.g. \"raw\", \"multipart\").",
-      "type": "string"
+    "AutoUpgradeOptions": {
+      "description": "AutoUpgradeOptions defines the set of options for the user to control how\nthe Auto Upgrades will proceed.",
+      "id": "AutoUpgradeOptions",
+      "properties": {
+        "autoUpgradeStartTime": {
+          "description": "[Output only] This field is set when upgrades are about to commence\nwith the approximate start time for the upgrades, in\n[RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format.",
+          "type": "string"
+        },
+        "description": {
+          "description": "[Output only] This field is set when upgrades are about to commence\nwith the description of the upgrade.",
+          "type": "string"
+        }
+      },
+      "type": "object"
     },
-    "prettyPrint": {
-      "description": "Returns response with indentations and line breaks.",
-      "type": "boolean",
-      "default": "true",
-      "location": "query"
+    "CancelOperationRequest": {
+      "description": "CancelOperationRequest cancels a single operation.",
+      "id": "CancelOperationRequest",
+      "properties": {},
+      "type": "object"
     },
-    "fields": {
-      "description": "Selector specifying which fields to include in a partial response.",
-      "type": "string",
-      "location": "query"
+    "CidrBlock": {
+      "description": "CidrBlock contains an optional name and one CIDR block.",
+      "id": "CidrBlock",
+      "properties": {
+        "cidrBlock": {
+          "description": "cidr_block must be specified in CIDR notation.",
+          "type": "string"
+        },
+        "displayName": {
+          "description": "display_name is an optional field for users to identify CIDR blocks.",
+          "type": "string"
+        }
+      },
+      "type": "object"
     },
-    "uploadType": {
-      "description": "Legacy upload protocol for media (e.g. \"media\", \"multipart\").",
-      "type": "string",
-      "location": "query"
+    "ClientCertificateConfig": {
+      "description": "Configuration for client certificates on the cluster.",
+      "id": "ClientCertificateConfig",
+      "properties": {
+        "issueClientCertificate": {
+          "description": "Issue a client certificate.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
     },
-    "$.xgafv": {
-      "enumDescriptions": [
-        "v1 error format",
-        "v2 error format"
-      ],
-      "location": "query",
-      "enum": [
-        "1",
-        "2"
-      ],
-      "description": "V1 error format.",
-      "type": "string"
-    },
-    "callback": {
-      "location": "query",
-      "description": "JSONP",
-      "type": "string"
-    },
-    "alt": {
-      "description": "Data format for response.",
-      "default": "json",
-      "enum": [
-        "json",
-        "media",
-        "proto"
-      ],
-      "type": "string",
-      "enumDescriptions": [
-        "Responses with Content-Type of application/json",
-        "Media download with context-dependent Content-Type",
-        "Responses with Content-Type of application/x-protobuf"
-      ],
-      "location": "query"
-    },
-    "access_token": {
-      "description": "OAuth access token.",
-      "type": "string",
-      "location": "query"
-    },
-    "key": {
-      "description": "API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.",
-      "type": "string",
-      "location": "query"
-    },
-    "quotaUser": {
-      "location": "query",
-      "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.",
-      "type": "string"
-    },
-    "pp": {
-      "description": "Pretty-print response.",
-      "type": "boolean",
-      "default": "true",
-      "location": "query"
-    }
-  },
-  "version": "v1",
-  "baseUrl": "https://container.googleapis.com/",
-  "kind": "discovery#restDescription",
-  "description": "The Google Kubernetes Engine API is used for building and managing container based applications, powered by the open source Kubernetes technology.",
-  "servicePath": "",
-  "basePath": "",
-  "revision": "20171127",
-  "documentationLink": "https://cloud.google.com/container-engine/",
-  "id": "container:v1",
-  "discoveryVersion": "v1",
-  "schemas": {
-    "MasterAuthorizedNetworksConfig": {
-      "id": "MasterAuthorizedNetworksConfig",
-      "description": "Master authorized networks is a Beta feature.\nConfiguration options for the master authorized networks feature. Enabled\nmaster authorized networks will disallow all external traffic to access\nKubernetes master through HTTPS except traffic from the given CIDR blocks,\nGoogle Compute Engine Public IPs and Google Prod IPs.",
-      "type": "object",
+    "Cluster": {
+      "description": "A Google Kubernetes Engine cluster.",
+      "id": "Cluster",
       "properties": {
-        "enabled": {
-          "description": "Whether or not master authorized networks is enabled.",
-          "type": "boolean"
+        "addonsConfig": {
+          "$ref": "AddonsConfig",
+          "description": "Configurations for the various addons available to run in the cluster."
         },
-        "cidrBlocks": {
-          "description": "cidr_blocks define up to 10 external networks that could access\nKubernetes master through HTTPS.",
-          "type": "array",
-          "items": {
-            "$ref": "CidrBlock"
-          }
-        }
-      }
-    },
-    "SetNodePoolManagementRequest": {
-      "id": "SetNodePoolManagementRequest",
-      "description": "SetNodePoolManagementRequest sets the node management properties of a node\npool.",
-      "type": "object",
-      "properties": {
-        "management": {
-          "$ref": "NodeManagement",
-          "description": "NodeManagement configuration for the node pool."
-        }
-      }
-    },
-    "SetNodePoolAutoscalingRequest": {
-      "description": "SetNodePoolAutoscalingRequest sets the autoscaler settings of a node pool.",
-      "type": "object",
-      "properties": {
-        "autoscaling": {
-          "$ref": "NodePoolAutoscaling",
-          "description": "Autoscaling configuration for the node pool."
-        }
-      },
-      "id": "SetNodePoolAutoscalingRequest"
-    },
-    "CreateClusterRequest": {
-      "id": "CreateClusterRequest",
-      "description": "CreateClusterRequest creates a cluster.",
-      "type": "object",
-      "properties": {
-        "cluster": {
-          "$ref": "Cluster",
-          "description": "A [cluster\nresource](/container-engine/reference/rest/v1/projects.zones.clusters)"
-        }
-      }
-    },
-    "LegacyAbac": {
-      "description": "Configuration for the legacy Attribute Based Access Control authorization\nmode.",
-      "type": "object",
-      "properties": {
-        "enabled": {
-          "description": "Whether the ABAC authorizer is enabled for this cluster. When enabled,\nidentities in the system, including service accounts, nodes, and\ncontrollers, will have statically granted permissions beyond those\nprovided by the RBAC configuration or IAM.",
-          "type": "boolean"
-        }
-      },
-      "id": "LegacyAbac"
-    },
-    "AcceleratorConfig": {
-      "id": "AcceleratorConfig",
-      "description": "AcceleratorConfig represents a Hardware Accelerator request.",
-      "type": "object",
-      "properties": {
-        "acceleratorCount": {
-          "description": "The number of the accelerator cards exposed to an instance.",
-          "format": "int64",
+        "clusterIpv4Cidr": {
+          "description": "The IP address range of the container pods in this cluster, in\n[CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)\nnotation (e.g. `10.96.0.0/14`). Leave blank to have\none automatically chosen or specify a `/14` block in `10.0.0.0/8`.",
           "type": "string"
         },
-        "acceleratorType": {
-          "description": "The accelerator type resource name. List of supported accelerators\n[here](/compute/docs/gpus/#Introduction)",
+        "createTime": {
+          "description": "[Output only] The time the cluster was created, in\n[RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format.",
           "type": "string"
-        }
-      }
-    },
-    "UpdateNodePoolRequest": {
-      "description": "UpdateNodePoolRequests update a node pool's image and/or version.",
-      "type": "object",
-      "properties": {
-        "nodeVersion": {
-          "description": "The Kubernetes version to change the nodes to (typically an\nupgrade). Use `-` to upgrade to the latest version supported by\nthe server.",
+        },
+        "currentMasterVersion": {
+          "description": "[Output only] The current software version of the master endpoint.",
           "type": "string"
         },
-        "imageType": {
-          "description": "The desired image type for the node pool.",
+        "currentNodeCount": {
+          "description": "[Output only] The number of nodes currently in the cluster.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "currentNodeVersion": {
+          "description": "[Output only] The current version of the node software components.\nIf they are currently at multiple versions because they're in the process\nof being upgraded, this reflects the minimum version of all nodes.",
           "type": "string"
-        }
-      },
-      "id": "UpdateNodePoolRequest"
-    },
-    "SetAddonsConfigRequest": {
-      "description": "SetAddonsConfigRequest sets the addons associated with the cluster.",
-      "type": "object",
-      "properties": {
-        "addonsConfig": {
-          "$ref": "AddonsConfig",
-          "description": "The desired configurations for the various addons available to run in the\ncluster."
-        }
-      },
-      "id": "SetAddonsConfigRequest"
-    },
-    "SetLegacyAbacRequest": {
-      "description": "SetLegacyAbacRequest enables or disables the ABAC authorization mechanism for\na cluster.",
-      "type": "object",
-      "properties": {
-        "enabled": {
-          "description": "Whether ABAC authorization will be enabled in the cluster.",
+        },
+        "description": {
+          "description": "An optional description of this cluster.",
+          "type": "string"
+        },
+        "enableKubernetesAlpha": {
+          "description": "Kubernetes alpha features are enabled on this cluster. This includes alpha\nAPI groups (e.g. v1alpha1) and features that may not be production ready in\nthe kubernetes version of the master and nodes.\nThe cluster has no SLA for uptime and master/node upgrades are disabled.\nAlpha enabled clusters are automatically deleted thirty days after\ncreation.",
           "type": "boolean"
-        }
-      },
-      "id": "SetLegacyAbacRequest"
-    },
-    "AddonsConfig": {
-      "id": "AddonsConfig",
-      "description": "Configuration for the addons that can be automatically spun up in the\ncluster, enabling additional functionality.",
-      "type": "object",
-      "properties": {
-        "networkPolicyConfig": {
-          "description": "Configuration for NetworkPolicy. This only tracks whether the addon\nis enabled or not on the Master, it does not track whether network policy\nis enabled for the nodes.",
-          "$ref": "NetworkPolicyConfig"
         },
-        "horizontalPodAutoscaling": {
-          "description": "Configuration for the horizontal pod autoscaling feature, which\nincreases or decreases the number of replica pods a replication controller\nhas based on the resource usage of the existing pods.",
-          "$ref": "HorizontalPodAutoscaling"
+        "endpoint": {
+          "description": "[Output only] The IP address of this cluster's master endpoint.\nThe endpoint can be accessed from the internet at\n`https://username:password@endpoint/`.\n\nSee the `masterAuth` property of this resource for username and\npassword information.",
+          "type": "string"
         },
-        "httpLoadBalancing": {
-          "$ref": "HttpLoadBalancing",
-          "description": "Configuration for the HTTP (L7) load balancing controller addon, which\nmakes it easy to set up HTTP load balancers for services in a cluster."
+        "expireTime": {
+          "description": "[Output only] The time the cluster will be automatically\ndeleted in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format.",
+          "type": "string"
         },
-        "kubernetesDashboard": {
-          "$ref": "KubernetesDashboard",
-          "description": "Configuration for the Kubernetes Dashboard."
-        }
-      }
-    },
-    "SetLocationsRequest": {
-      "description": "SetLocationsRequest sets the locations of the cluster.",
-      "type": "object",
-      "properties": {
-        "locations": {
-          "description": "The desired list of Google Compute Engine\n[locations](/compute/docs/zones#available) in which the cluster's nodes\nshould be located. Changing the locations a cluster is in will result\nin nodes being either created or removed from the cluster, depending on\nwhether locations are being added or removed.\n\nThis list must always include the cluster's primary zone.",
-          "type": "array",
-          "items": {
-            "type": "string"
-          }
-        }
-      },
-      "id": "SetLocationsRequest"
-    },
-    "SetNodePoolSizeRequest": {
-      "id": "SetNodePoolSizeRequest",
-      "description": "SetNodePoolSizeRequest sets the size a node\npool.",
-      "type": "object",
-      "properties": {
-        "nodeCount": {
-          "description": "The desired node count for the pool.",
+        "initialClusterVersion": {
+          "description": "The initial Kubernetes version for this cluster.  Valid versions are those\nfound in validMasterVersions returned by getServerConfig.  The version can\nbe upgraded over time; such upgrades are reflected in\ncurrentMasterVersion and currentNodeVersion.",
+          "type": "string"
+        },
+        "initialNodeCount": {
+          "description": "The number of nodes to create in this cluster. You must ensure that your\nCompute Engine \u003ca href=\"/compute/docs/resource-quotas\"\u003eresource quota\u003c/a\u003e\nis sufficient for this number of instances. You must also have available\nfirewall and routes quota.\nFor requests, this field should only be used in lieu of a\n\"node_pool\" object, since this configuration (along with the\n\"node_config\") will be used to create a \"NodePool\" object with an\nauto-generated name. Do not use this and a node_pool at the same time.",
           "format": "int32",
           "type": "integer"
-        }
-      }
-    },
-    "NetworkPolicyConfig": {
-      "description": "Configuration for NetworkPolicy. This only tracks whether the addon\nis enabled or not on the Master, it does not track whether network policy\nis enabled for the nodes.",
-      "type": "object",
-      "properties": {
-        "disabled": {
-          "description": "Whether NetworkPolicy is enabled for this cluster.",
-          "type": "boolean"
-        }
-      },
-      "id": "NetworkPolicyConfig"
-    },
-    "UpdateClusterRequest": {
-      "id": "UpdateClusterRequest",
-      "description": "UpdateClusterRequest updates the settings of a cluster.",
-      "type": "object",
-      "properties": {
-        "update": {
-          "$ref": "ClusterUpdate",
-          "description": "A description of the update."
-        }
-      }
-    },
-    "Cluster": {
-      "description": "A Google Kubernetes Engine cluster.",
-      "type": "object",
-      "properties": {
-        "network": {
-          "description": "The name of the Google Compute Engine\n[network](/compute/docs/networks-and-firewalls#networks) to which the\ncluster is connected. If left unspecified, the `default` network\nwill be used.",
-          "type": "string"
+        },
+        "instanceGroupUrls": {
+          "description": "Deprecated. Use node_pools.instance_group_urls.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "ipAllocationPolicy": {
+          "$ref": "IPAllocationPolicy",
+          "description": "Configuration for cluster IP allocation."
         },
         "labelFingerprint": {
           "description": "The fingerprint of the set of labels for this cluster.",
           "type": "string"
         },
-        "zone": {
-          "description": "[Output only] The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
-          "type": "string"
+        "legacyAbac": {
+          "$ref": "LegacyAbac",
+          "description": "Configuration for the legacy ABAC authorization mode."
+        },
+        "locations": {
+          "description": "The list of Google Compute Engine\n[locations](/compute/docs/zones#available) in which the cluster's nodes\nshould be located.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
         },
         "loggingService": {
           "description": "The logging service the cluster should use to write logs.\nCurrently available options:\n\n* `logging.googleapis.com` - the Google Cloud Logging service.\n* `none` - no logs will be exported from the cluster.\n* if left as an empty string,`logging.googleapis.com` will be used.",
           "type": "string"
         },
-        "nodeIpv4CidrSize": {
-          "description": "[Output only] The size of the address space on each node for hosting\ncontainers. This is provisioned from within the `container_ipv4_cidr`\nrange.",
-          "format": "int32",
-          "type": "integer"
+        "maintenancePolicy": {
+          "$ref": "MaintenancePolicy",
+          "description": "Configure the maintenance policy for this cluster."
         },
-        "expireTime": {
-          "description": "[Output only] The time the cluster will be automatically\ndeleted in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format.",
-          "type": "string"
+        "masterAuth": {
+          "$ref": "MasterAuth",
+          "description": "The authentication information for accessing the master endpoint."
         },
         "masterAuthorizedNetworksConfig": {
           "$ref": "MasterAuthorizedNetworksConfig",
           "description": "Master authorized networks is a Beta feature.\nThe configuration options for master authorized networks feature."
         },
-        "statusMessage": {
-          "description": "[Output only] Additional information about the current status of this\ncluster, if available.",
+        "monitoringService": {
+          "description": "The monitoring service the cluster should use to write metrics.\nCurrently available options:\n\n* `monitoring.googleapis.com` - the Google Cloud Monitoring service.\n* `none` - no metrics will be exported from the cluster.\n* if left as an empty string, `monitoring.googleapis.com` will be used.",
           "type": "string"
         },
-        "masterAuth": {
-          "description": "The authentication information for accessing the master endpoint.",
-          "$ref": "MasterAuth"
+        "name": {
+          "description": "The name of this cluster. The name must be unique within this project\nand zone, and can be up to 40 characters with the following restrictions:\n\n* Lowercase letters, numbers, and hyphens only.\n* Must start with a letter.\n* Must end with a number or a letter.",
+          "type": "string"
         },
-        "currentMasterVersion": {
-          "description": "[Output only] The current software version of the master endpoint.",
+        "network": {
+          "description": "The name of the Google Compute Engine\n[network](/compute/docs/networks-and-firewalls#networks) to which the\ncluster is connected. If left unspecified, the `default` network\nwill be used.",
           "type": "string"
         },
+        "networkPolicy": {
+          "$ref": "NetworkPolicy",
+          "description": "Configuration options for the NetworkPolicy feature."
+        },
         "nodeConfig": {
-          "description": "Parameters used in creating the cluster's nodes.\nSee `nodeConfig` for the description of its properties.\nFor requests, this field should only be used in lieu of a\n\"node_pool\" object, since this configuration (along with the\n\"initial_node_count\") will be used to create a \"NodePool\" object with an\nauto-generated name. Do not use this and a node_pool at the same time.\nFor responses, this field will be populated with the node configuration of\nthe first node pool.\n\nIf unspecified, the defaults are used.",
-          "$ref": "NodeConfig"
+          "$ref": "NodeConfig",
+          "description": "Parameters used in creating the cluster's nodes.\nSee `nodeConfig` for the description of its properties.\nFor requests, this field should only be used in lieu of a\n\"node_pool\" object, since this configuration (along with the\n\"initial_node_count\") will be used to create a \"NodePool\" object with an\nauto-generated name. Do not use this and a node_pool at the same time.\nFor responses, this field will be populated with the node configuration of\nthe first node pool.\n\nIf unspecified, the defaults are used."
         },
-        "addonsConfig": {
-          "$ref": "AddonsConfig",
-          "description": "Configurations for the various addons available to run in the cluster."
+        "nodeIpv4CidrSize": {
+          "description": "[Output only] The size of the address space on each node for hosting\ncontainers. This is provisioned from within the `container_ipv4_cidr`\nrange.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "nodePools": {
+          "description": "The node pools associated with this cluster.\nThis field should not be set if \"node_config\" or \"initial_node_count\" are\nspecified.",
+          "items": {
+            "$ref": "NodePool"
+          },
+          "type": "array"
+        },
+        "resourceLabels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "The resource labels for the cluster to use to annotate any related\nGoogle Compute Engine resources.",
+          "type": "object"
+        },
+        "selfLink": {
+          "description": "[Output only] Server-defined URL for the resource.",
+          "type": "string"
+        },
+        "servicesIpv4Cidr": {
+          "description": "[Output only] The IP address range of the Kubernetes services in\nthis cluster, in\n[CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)\nnotation (e.g. `1.2.3.4/29`). Service addresses are\ntypically put in the last `/16` from the container CIDR.",
+          "type": "string"
         },
         "status": {
           "description": "[Output only] The current status of this cluster.",
-          "type": "string",
+          "enum": [
+            "STATUS_UNSPECIFIED",
+            "PROVISIONING",
+            "RUNNING",
+            "RECONCILING",
+            "STOPPING",
+            "ERROR"
+          ],
           "enumDescriptions": [
             "Not set.",
             "The PROVISIONING state indicates the cluster is being created.",
@@ -1614,137 +1614,297 @@
             "The STOPPING state indicates the cluster is being deleted.",
             "The ERROR state indicates the cluster may be unusable. Details\ncan be found in the `statusMessage` field."
           ],
-          "enum": [
-            "STATUS_UNSPECIFIED",
-            "PROVISIONING",
-            "RUNNING",
-            "RECONCILING",
-            "STOPPING",
-            "ERROR"
-          ]
+          "type": "string"
         },
-        "currentNodeVersion": {
-          "description": "[Output only] The current version of the node software components.\nIf they are currently at multiple versions because they're in the process\nof being upgraded, this reflects the minimum version of all nodes.",
+        "statusMessage": {
+          "description": "[Output only] Additional information about the current status of this\ncluster, if available.",
           "type": "string"
         },
         "subnetwork": {
           "description": "The name of the Google Compute Engine\n[subnetwork](/compute/docs/subnetworks) to which the\ncluster is connected.",
           "type": "string"
         },
-        "name": {
-          "description": "The name of this cluster. The name must be unique within this project\nand zone, and can be up to 40 characters with the following restrictions:\n\n* Lowercase letters, numbers, and hyphens only.\n* Must start with a letter.\n* Must end with a number or a letter.",
+        "zone": {
+          "description": "[Output only] The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the cluster\nresides.",
           "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ClusterUpdate": {
+      "description": "ClusterUpdate describes an update to the cluster. Exactly one update can\nbe applied to a cluster with each request, so at most one field can be\nprovided.",
+      "id": "ClusterUpdate",
+      "properties": {
+        "desiredAddonsConfig": {
+          "$ref": "AddonsConfig",
+          "description": "Configurations for the various addons available to run in the cluster."
         },
-        "resourceLabels": {
-          "additionalProperties": {
+        "desiredImageType": {
+          "description": "The desired image type for the node pool.\nNOTE: Set the \"desired_node_pool\" field as well.",
+          "type": "string"
+        },
+        "desiredLocations": {
+          "description": "The desired list of Google Compute Engine\n[locations](/compute/docs/zones#available) in which the cluster's nodes\nshould be located. Changing the locations a cluster is in will result\nin nodes being either created or removed from the cluster, depending on\nwhether locations are being added or removed.\n\nThis list must always include the cluster's primary zone.",
+          "items": {
             "type": "string"
           },
-          "description": "The resource labels for the cluster to use to annotate any related\nGoogle Compute Engine resources.",
-          "type": "object"
+          "type": "array"
+        },
+        "desiredMasterAuthorizedNetworksConfig": {
+          "$ref": "MasterAuthorizedNetworksConfig",
+          "description": "Master authorized networks is a Beta feature.\nThe desired configuration options for master authorized networks feature."
+        },
+        "desiredMasterVersion": {
+          "description": "The Kubernetes version to change the master to. The only valid value is the\nlatest supported version. Use \"-\" to have the server automatically select\nthe latest version.",
+          "type": "string"
+        },
+        "desiredMonitoringService": {
+          "description": "The monitoring service the cluster should use to write metrics.\nCurrently available options:\n\n* \"monitoring.googleapis.com\" - the Google Cloud Monitoring service\n* \"none\" - no metrics will be exported from the cluster",
+          "type": "string"
+        },
+        "desiredNodePoolAutoscaling": {
+          "$ref": "NodePoolAutoscaling",
+          "description": "Autoscaler configuration for the node pool specified in\ndesired_node_pool_id. If there is only one pool in the\ncluster and desired_node_pool_id is not provided then\nthe change applies to that single node pool."
+        },
+        "desiredNodePoolId": {
+          "description": "The node pool to be upgraded. This field is mandatory if\n\"desired_node_version\", \"desired_image_family\" or\n\"desired_node_pool_autoscaling\" is specified and there is more than one\nnode pool on the cluster.",
+          "type": "string"
+        },
+        "desiredNodeVersion": {
+          "description": "The Kubernetes version to change the nodes to (typically an\nupgrade). Use `-` to upgrade to the latest version supported by\nthe server.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "CompleteIPRotationRequest": {
+      "description": "CompleteIPRotationRequest moves the cluster master back into single-IP mode.",
+      "id": "CompleteIPRotationRequest",
+      "properties": {},
+      "type": "object"
+    },
+    "CreateClusterRequest": {
+      "description": "CreateClusterRequest creates a cluster.",
+      "id": "CreateClusterRequest",
+      "properties": {
+        "cluster": {
+          "$ref": "Cluster",
+          "description": "A [cluster\nresource](/container-engine/reference/rest/v1/projects.zones.clusters)"
+        }
+      },
+      "type": "object"
+    },
+    "CreateNodePoolRequest": {
+      "description": "CreateNodePoolRequest creates a node pool for a cluster.",
+      "id": "CreateNodePoolRequest",
+      "properties": {
+        "nodePool": {
+          "$ref": "NodePool",
+          "description": "The node pool to create."
+        }
+      },
+      "type": "object"
+    },
+    "DailyMaintenanceWindow": {
+      "description": "Time window specified for daily maintenance operations.",
+      "id": "DailyMaintenanceWindow",
+      "properties": {
+        "duration": {
+          "description": "[Output only] Duration of the time window, automatically chosen to be\nsmallest possible in the given scenario.\nDuration will be in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt)\nformat \"PTnHnMnS\".",
+          "type": "string"
+        },
+        "startTime": {
+          "description": "Time within the maintenance window to start the maintenance operations.\nTime format should be in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt)\nformat \"HH:MM”, where HH : [00-23] and MM : [00-59] GMT.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Empty": {
+      "description": "A generic empty message that you can re-use to avoid defining duplicated\nempty messages in your APIs. A typical example is to use it as the request\nor the response type of an API method. For instance:\n\n    service Foo {\n      rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);\n    }\n\nThe JSON representation for `Empty` is empty JSON object `{}`.",
+      "id": "Empty",
+      "properties": {},
+      "type": "object"
+    },
+    "HorizontalPodAutoscaling": {
+      "description": "Configuration options for the horizontal pod autoscaling feature, which\nincreases or decreases the number of replica pods a replication controller\nhas based on the resource usage of the existing pods.",
+      "id": "HorizontalPodAutoscaling",
+      "properties": {
+        "disabled": {
+          "description": "Whether the Horizontal Pod Autoscaling feature is enabled in the cluster.\nWhen enabled, it ensures that a Heapster pod is running in the cluster,\nwhich is also used by the Cloud Monitoring service.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "HttpLoadBalancing": {
+      "description": "Configuration options for the HTTP (L7) load balancing controller addon,\nwhich makes it easy to set up HTTP load balancers for services in a cluster.",
+      "id": "HttpLoadBalancing",
+      "properties": {
+        "disabled": {
+          "description": "Whether the HTTP Load Balancing controller is enabled in the cluster.\nWhen enabled, it runs a small pod in the cluster that manages the load\nbalancers.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "IPAllocationPolicy": {
+      "description": "Configuration for controlling how IPs are allocated in the cluster.",
+      "id": "IPAllocationPolicy",
+      "properties": {
+        "clusterIpv4Cidr": {
+          "description": "This field is deprecated, use cluster_ipv4_cidr_block.",
+          "type": "string"
         },
-        "maintenancePolicy": {
-          "description": "Configure the maintenance policy for this cluster.",
-          "$ref": "MaintenancePolicy"
+        "clusterIpv4CidrBlock": {
+          "description": "The IP address range for the cluster pod IPs. If this field is set, then\n`cluster.cluster_ipv4_cidr` must be left blank.\n\nThis field is only applicable when `use_ip_aliases` is true.\n\nSet to blank to have a range chosen with the default size.\n\nSet to /netmask (e.g. `/14`) to have a range chosen with a specific\nnetmask.\n\nSet to a\n[CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)\nnotation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g.\n`10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range\nto use.",
+          "type": "string"
         },
-        "initialClusterVersion": {
-          "description": "The initial Kubernetes version for this cluster.  Valid versions are those\nfound in validMasterVersions returned by getServerConfig.  The version can\nbe upgraded over time; such upgrades are reflected in\ncurrentMasterVersion and currentNodeVersion.",
+        "clusterSecondaryRangeName": {
+          "description": "The name of the secondary range to be used for the cluster CIDR\nblock.  The secondary range will be used for pod IP\naddresses. This must be an existing secondary range associated\nwith the cluster subnetwork.\n\nThis field is only applicable with use_ip_aliases is true and\ncreate_subnetwork is false.",
           "type": "string"
         },
-        "ipAllocationPolicy": {
-          "description": "Configuration for cluster IP allocation.",
-          "$ref": "IPAllocationPolicy"
+        "createSubnetwork": {
+          "description": "Whether a new subnetwork will be created automatically for the cluster.\n\nThis field is only applicable when `use_ip_aliases` is true.",
+          "type": "boolean"
         },
-        "legacyAbac": {
-          "$ref": "LegacyAbac",
-          "description": "Configuration for the legacy ABAC authorization mode."
+        "nodeIpv4Cidr": {
+          "description": "This field is deprecated, use node_ipv4_cidr_block.",
+          "type": "string"
         },
-        "endpoint": {
-          "description": "[Output only] The IP address of this cluster's master endpoint.\nThe endpoint can be accessed from the internet at\n`https://username:password@endpoint/`.\n\nSee the `masterAuth` property of this resource for username and\npassword information.",
+        "nodeIpv4CidrBlock": {
+          "description": "The IP address range of the instance IPs in this cluster.\n\nThis is applicable only if `create_subnetwork` is true.\n\nSet to blank to have a range chosen with the default size.\n\nSet to /netmask (e.g. `/14`) to have a range chosen with a specific\nnetmask.\n\nSet to a\n[CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)\nnotation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g.\n`10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range\nto use.",
           "type": "string"
         },
-        "createTime": {
-          "description": "[Output only] The time the cluster was created, in\n[RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format.",
+        "servicesIpv4Cidr": {
+          "description": "This field is deprecated, use services_ipv4_cidr_block.",
           "type": "string"
         },
-        "clusterIpv4Cidr": {
-          "description": "The IP address range of the container pods in this cluster, in\n[CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)\nnotation (e.g. `10.96.0.0/14`). Leave blank to have\none automatically chosen or specify a `/14` block in `10.0.0.0/8`.",
+        "servicesIpv4CidrBlock": {
+          "description": "The IP address range of the services IPs in this cluster. If blank, a range\nwill be automatically chosen with the default size.\n\nThis field is only applicable when `use_ip_aliases` is true.\n\nSet to blank to have a range chosen with the default size.\n\nSet to /netmask (e.g. `/14`) to have a range chosen with a specific\nnetmask.\n\nSet to a\n[CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)\nnotation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g.\n`10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range\nto use.",
           "type": "string"
         },
-        "initialNodeCount": {
-          "description": "The number of nodes to create in this cluster. You must ensure that your\nCompute Engine \u003ca href=\"/compute/docs/resource-quotas\"\u003eresource quota\u003c/a\u003e\nis sufficient for this number of instances. You must also have available\nfirewall and routes quota.\nFor requests, this field should only be used in lieu of a\n\"node_pool\" object, since this configuration (along with the\n\"node_config\") will be used to create a \"NodePool\" object with an\nauto-generated name. Do not use this and a node_pool at the same time.",
-          "format": "int32",
-          "type": "integer"
+        "servicesSecondaryRangeName": {
+          "description": "The name of the secondary range to be used as for the services\nCIDR block.  The secondary range will be used for service\nClusterIPs. This must be an existing secondary range associated\nwith the cluster subnetwork.\n\nThis field is only applicable with use_ip_aliases is true and\ncreate_subnetwork is false.",
+          "type": "string"
         },
-        "selfLink": {
-          "description": "[Output only] Server-defined URL for the resource.",
+        "subnetworkName": {
+          "description": "A custom subnetwork name to be used if `create_subnetwork` is true.  If\nthis field is empty, then an automatic name will be chosen for the new\nsubnetwork.",
           "type": "string"
         },
-        "locations": {
-          "description": "The list of Google Compute Engine\n[locations](/compute/docs/zones#available) in which the cluster's nodes\nshould be located.",
-          "type": "array",
+        "useIpAliases": {
+          "description": "Whether alias IPs will be used for pod IPs in the cluster.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "KubernetesDashboard": {
+      "description": "Configuration for the Kubernetes Dashboard.",
+      "id": "KubernetesDashboard",
+      "properties": {
+        "disabled": {
+          "description": "Whether the Kubernetes Dashboard is enabled for this cluster.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "LegacyAbac": {
+      "description": "Configuration for the legacy Attribute Based Access Control authorization\nmode.",
+      "id": "LegacyAbac",
+      "properties": {
+        "enabled": {
+          "description": "Whether the ABAC authorizer is enabled for this cluster. When enabled,\nidentities in the system, including service accounts, nodes, and\ncontrollers, will have statically granted permissions beyond those\nprovided by the RBAC configuration or IAM.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "ListClustersResponse": {
+      "description": "ListClustersResponse is the result of ListClustersRequest.",
+      "id": "ListClustersResponse",
+      "properties": {
+        "clusters": {
+          "description": "A list of clusters in the project in the specified zone, or\nacross all ones.",
           "items": {
-            "type": "string"
-          }
+            "$ref": "Cluster"
+          },
+          "type": "array"
         },
+        "missingZones": {
+          "description": "If any zones are listed here, the list of clusters returned\nmay be missing those zones.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "ListNodePoolsResponse": {
+      "description": "ListNodePoolsResponse is the result of ListNodePoolsRequest.",
+      "id": "ListNodePoolsResponse",
+      "properties": {
         "nodePools": {
-          "description": "The node pools associated with this cluster.\nThis field should not be set if \"node_config\" or \"initial_node_count\" are\nspecified.",
-          "type": "array",
+          "description": "A list of node pools for a cluster.",
           "items": {
             "$ref": "NodePool"
-          }
-        },
-        "instanceGroupUrls": {
-          "description": "Deprecated. Use node_pools.instance_group_urls.",
-          "type": "array",
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "ListOperationsResponse": {
+      "description": "ListOperationsResponse is the result of ListOperationsRequest.",
+      "id": "ListOperationsResponse",
+      "properties": {
+        "missingZones": {
+          "description": "If any zones are listed here, the list of operations returned\nmay be missing the operations from those zones.",
           "items": {
             "type": "string"
-          }
-        },
-        "networkPolicy": {
-          "$ref": "NetworkPolicy",
-          "description": "Configuration options for the NetworkPolicy feature."
-        },
-        "servicesIpv4Cidr": {
-          "description": "[Output only] The IP address range of the Kubernetes services in\nthis cluster, in\n[CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)\nnotation (e.g. `1.2.3.4/29`). Service addresses are\ntypically put in the last `/16` from the container CIDR.",
-          "type": "string"
-        },
-        "enableKubernetesAlpha": {
-          "description": "Kubernetes alpha features are enabled on this cluster. This includes alpha\nAPI groups (e.g. v1alpha1) and features that may not be production ready in\nthe kubernetes version of the master and nodes.\nThe cluster has no SLA for uptime and master/node upgrades are disabled.\nAlpha enabled clusters are automatically deleted thirty days after\ncreation.",
-          "type": "boolean"
-        },
-        "description": {
-          "description": "An optional description of this cluster.",
-          "type": "string"
-        },
-        "currentNodeCount": {
-          "description": "[Output only] The number of nodes currently in the cluster.",
-          "format": "int32",
-          "type": "integer"
+          },
+          "type": "array"
         },
-        "monitoringService": {
-          "description": "The monitoring service the cluster should use to write metrics.\nCurrently available options:\n\n* `monitoring.googleapis.com` - the Google Cloud Monitoring service.\n* `none` - no metrics will be exported from the cluster.\n* if left as an empty string, `monitoring.googleapis.com` will be used.",
-          "type": "string"
+        "operations": {
+          "description": "A list of operations in the project in the specified zone.",
+          "items": {
+            "$ref": "Operation"
+          },
+          "type": "array"
         }
       },
-      "id": "Cluster"
+      "type": "object"
     },
-    "CreateNodePoolRequest": {
-      "id": "CreateNodePoolRequest",
-      "description": "CreateNodePoolRequest creates a node pool for a cluster.",
-      "type": "object",
+    "MaintenancePolicy": {
+      "description": "MaintenancePolicy defines the maintenance policy to be used for the cluster.",
+      "id": "MaintenancePolicy",
       "properties": {
-        "nodePool": {
-          "$ref": "NodePool",
-          "description": "The node pool to create."
+        "window": {
+          "$ref": "MaintenanceWindow",
+          "description": "Specifies the maintenance window in which maintenance may be performed."
         }
-      }
+      },
+      "type": "object"
+    },
+    "MaintenanceWindow": {
+      "description": "MaintenanceWindow defines the maintenance window to be used for the cluster.",
+      "id": "MaintenanceWindow",
+      "properties": {
+        "dailyMaintenanceWindow": {
+          "$ref": "DailyMaintenanceWindow",
+          "description": "DailyMaintenanceWindow specifies a daily maintenance operation window."
+        }
+      },
+      "type": "object"
     },
     "MasterAuth": {
       "description": "The authentication information for accessing the master endpoint.\nAuthentication can be done using HTTP basic auth or using client\ncertificates.",
-      "type": "object",
+      "id": "MasterAuth",
       "properties": {
-        "password": {
-          "description": "The password to use for HTTP basic authentication to the master endpoint.\nBecause the master endpoint is open to the Internet, you should create a\nstrong password.  If a password is provided for cluster creation, username\nmust be non-empty.",
+        "clientCertificate": {
+          "description": "[Output only] Base64-encoded public certificate used by clients to\nauthenticate to the cluster endpoint.",
           "type": "string"
         },
         "clientCertificateConfig": {
@@ -1755,131 +1915,211 @@
           "description": "[Output only] Base64-encoded private key used by clients to authenticate\nto the cluster endpoint.",
           "type": "string"
         },
-        "clusterCaCertificate": {
-          "description": "[Output only] Base64-encoded public certificate that is the root of\ntrust for the cluster.",
+        "clusterCaCertificate": {
+          "description": "[Output only] Base64-encoded public certificate that is the root of\ntrust for the cluster.",
+          "type": "string"
+        },
+        "password": {
+          "description": "The password to use for HTTP basic authentication to the master endpoint.\nBecause the master endpoint is open to the Internet, you should create a\nstrong password.  If a password is provided for cluster creation, username\nmust be non-empty.",
+          "type": "string"
+        },
+        "username": {
+          "description": "The username to use for HTTP basic authentication to the master endpoint.\nFor clusters v1.6.0 and later, you can disable basic authentication by\nproviding an empty username.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "MasterAuthorizedNetworksConfig": {
+      "description": "Master authorized networks is a Beta feature.\nConfiguration options for the master authorized networks feature. Enabled\nmaster authorized networks will disallow all external traffic to access\nKubernetes master through HTTPS except traffic from the given CIDR blocks,\nGoogle Compute Engine Public IPs and Google Prod IPs.",
+      "id": "MasterAuthorizedNetworksConfig",
+      "properties": {
+        "cidrBlocks": {
+          "description": "cidr_blocks define up to 10 external networks that could access\nKubernetes master through HTTPS.",
+          "items": {
+            "$ref": "CidrBlock"
+          },
+          "type": "array"
+        },
+        "enabled": {
+          "description": "Whether or not master authorized networks is enabled.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkPolicy": {
+      "description": "Configuration options for the NetworkPolicy feature.\nhttps://kubernetes.io/docs/concepts/services-networking/networkpolicies/",
+      "id": "NetworkPolicy",
+      "properties": {
+        "enabled": {
+          "description": "Whether network policy is enabled on the cluster.",
+          "type": "boolean"
+        },
+        "provider": {
+          "description": "The selected network policy provider.",
+          "enum": [
+            "PROVIDER_UNSPECIFIED",
+            "CALICO"
+          ],
+          "enumDescriptions": [
+            "Not set",
+            "Tigera (Calico Felix)."
+          ],
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkPolicyConfig": {
+      "description": "Configuration for NetworkPolicy. This only tracks whether the addon\nis enabled or not on the Master, it does not track whether network policy\nis enabled for the nodes.",
+      "id": "NetworkPolicyConfig",
+      "properties": {
+        "disabled": {
+          "description": "Whether NetworkPolicy is enabled for this cluster.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
+    "NodeConfig": {
+      "description": "Parameters that describe the nodes in a cluster.",
+      "id": "NodeConfig",
+      "properties": {
+        "accelerators": {
+          "description": "A list of hardware accelerators to be attached to each node.\nSee https://cloud.google.com/compute/docs/gpus for more information about\nsupport for GPUs.",
+          "items": {
+            "$ref": "AcceleratorConfig"
+          },
+          "type": "array"
+        },
+        "diskSizeGb": {
+          "description": "Size of the disk attached to each node, specified in GB.\nThe smallest allowed disk size is 10GB.\n\nIf unspecified, the default disk size is 100GB.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "imageType": {
+          "description": "The image type to use for this node. Note that for a given image type,\nthe latest version of it will be used.",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "The map of Kubernetes labels (key/value pairs) to be applied to each node.\nThese will added in addition to any default label(s) that\nKubernetes may apply to the node.\nIn case of conflict in label keys, the applied set may differ depending on\nthe Kubernetes version -- it's best to assume the behavior is undefined\nand conflicts should be avoided.\nFor more information, including usage and the valid values, see:\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/labels/",
+          "type": "object"
+        },
+        "localSsdCount": {
+          "description": "The number of local SSD disks to be attached to the node.\n\nThe limit for this value is dependant upon the maximum number of\ndisks available on a machine per zone. See:\nhttps://cloud.google.com/compute/docs/disks/local-ssd#local_ssd_limits\nfor more information.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "machineType": {
+          "description": "The name of a Google Compute Engine [machine\ntype](/compute/docs/machine-types) (e.g.\n`n1-standard-1`).\n\nIf unspecified, the default machine type is\n`n1-standard-1`.",
           "type": "string"
         },
-        "clientCertificate": {
-          "description": "[Output only] Base64-encoded public certificate used by clients to\nauthenticate to the cluster endpoint.",
-          "type": "string"
+        "metadata": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "The metadata key/value pairs assigned to instances in the cluster.\n\nKeys must conform to the regexp [a-zA-Z0-9-_]+ and be less than 128 bytes\nin length. These are reflected as part of a URL in the metadata server.\nAdditionally, to avoid ambiguity, keys must not conflict with any other\nmetadata keys for the project or be one of the reserved keys:\n \"cluster-location\"\n \"cluster-name\"\n \"cluster-uid\"\n \"configure-sh\"\n \"gci-update-strategy\"\n \"gci-ensure-gke-docker\"\n \"instance-template\"\n \"kube-env\"\n \"startup-script\"\n \"user-data\"\n\nValues are free-form strings, and only have meaning as interpreted by\nthe image running in the instance. The only restriction placed on them is\nthat each value's size must be less than or equal to 32 KB.\n\nThe total size of all keys and values must be less than 512 KB.",
+          "type": "object"
         },
-        "username": {
-          "description": "The username to use for HTTP basic authentication to the master endpoint.\nFor clusters v1.6.0 and later, you can disable basic authentication by\nproviding an empty username.",
-          "type": "string"
-        }
-      },
-      "id": "MasterAuth"
-    },
-    "DailyMaintenanceWindow": {
-      "description": "Time window specified for daily maintenance operations.",
-      "type": "object",
-      "properties": {
-        "duration": {
-          "description": "[Output only] Duration of the time window, automatically chosen to be\nsmallest possible in the given scenario.\nDuration will be in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt)\nformat \"PTnHnMnS\".",
+        "minCpuPlatform": {
+          "description": "Minimum CPU platform to be used by this instance. The instance may be\nscheduled on the specified or newer CPU platform. Applicable values are the\nfriendly names of CPU platforms, such as\n\u003ccode\u003eminCpuPlatform: \u0026quot;Intel Haswell\u0026quot;\u003c/code\u003e or\n\u003ccode\u003eminCpuPlatform: \u0026quot;Intel Sandy Bridge\u0026quot;\u003c/code\u003e. For more\ninformation, read [how to specify min CPU platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform)",
           "type": "string"
         },
-        "startTime": {
-          "description": "Time within the maintenance window to start the maintenance operations.\nTime format should be in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt)\nformat \"HH:MM”, where HH : [00-23] and MM : [00-59] GMT.",
-          "type": "string"
-        }
-      },
-      "id": "DailyMaintenanceWindow"
-    },
-    "ClientCertificateConfig": {
-      "id": "ClientCertificateConfig",
-      "description": "Configuration for client certificates on the cluster.",
-      "type": "object",
-      "properties": {
-        "issueClientCertificate": {
-          "description": "Issue a client certificate.",
+        "oauthScopes": {
+          "description": "The set of Google API scopes to be made available on all of the\nnode VMs under the \"default\" service account.\n\nThe following scopes are recommended, but not required, and by default are\nnot included:\n\n* `https://www.googleapis.com/auth/compute` is required for mounting\npersistent storage on your nodes.\n* `https://www.googleapis.com/auth/devstorage.read_only` is required for\ncommunicating with **gcr.io**\n(the [Google Container Registry](/container-registry/)).\n\nIf unspecified, no scopes are added, unless Cloud Logging or Cloud\nMonitoring are enabled, in which case their required scopes will be added.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "preemptible": {
+          "description": "Whether the nodes are created as preemptible VM instances. See:\nhttps://cloud.google.com/compute/docs/instances/preemptible for more\ninformation about preemptible VM instances.",
           "type": "boolean"
-        }
-      }
-    },
-    "MaintenancePolicy": {
-      "id": "MaintenancePolicy",
-      "description": "MaintenancePolicy defines the maintenance policy to be used for the cluster.",
-      "type": "object",
-      "properties": {
-        "window": {
-          "description": "Specifies the maintenance window in which maintenance may be performed.",
-          "$ref": "MaintenanceWindow"
-        }
-      }
-    },
-    "SetLoggingServiceRequest": {
-      "description": "SetLoggingServiceRequest sets the logging service of a cluster.",
-      "type": "object",
-      "properties": {
-        "loggingService": {
-          "description": "The logging service the cluster should use to write metrics.\nCurrently available options:\n\n* \"logging.googleapis.com\" - the Google Cloud Logging service\n* \"none\" - no metrics will be exported from the cluster",
+        },
+        "serviceAccount": {
+          "description": "The Google Cloud Platform Service Account to be used by the node VMs. If\nno Service Account is specified, the \"default\" service account is used.",
           "type": "string"
+        },
+        "tags": {
+          "description": "The list of instance tags applied to all nodes. Tags are used to identify\nvalid sources or targets for network firewalls and are specified by\nthe client during cluster or node pool creation. Each tag within the list\nmust comply with RFC1035.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
         }
       },
-      "id": "SetLoggingServiceRequest"
+      "type": "object"
     },
-    "SetMaintenancePolicyRequest": {
-      "description": "SetMaintenancePolicyRequest sets the maintenance policy for a cluster.",
-      "type": "object",
+    "NodeManagement": {
+      "description": "NodeManagement defines the set of node management services turned on for the\nnode pool.",
+      "id": "NodeManagement",
       "properties": {
-        "maintenancePolicy": {
-          "description": "The maintenance policy to be set for the cluster. An empty field\nclears the existing maintenance policy.",
-          "$ref": "MaintenancePolicy"
+        "autoRepair": {
+          "description": "A flag that specifies whether the node auto-repair is enabled for the node\npool. If enabled, the nodes in this node pool will be monitored and, if\nthey fail health checks too many times, an automatic repair action will be\ntriggered.",
+          "type": "boolean"
+        },
+        "autoUpgrade": {
+          "description": "A flag that specifies whether node auto-upgrade is enabled for the node\npool. If enabled, node auto-upgrade helps keep the nodes in your node pool\nup to date with the latest release version of Kubernetes.",
+          "type": "boolean"
+        },
+        "upgradeOptions": {
+          "$ref": "AutoUpgradeOptions",
+          "description": "Specifies the Auto Upgrade knobs for the node pool."
         }
       },
-      "id": "SetMaintenancePolicyRequest"
-    },
-    "Empty": {
-      "id": "Empty",
-      "description": "A generic empty message that you can re-use to avoid defining duplicated\nempty messages in your APIs. A typical example is to use it as the request\nor the response type of an API method. For instance:\n\n    service Foo {\n      rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);\n    }\n\nThe JSON representation for `Empty` is empty JSON object `{}`.",
-      "type": "object",
-      "properties": {}
-    },
-    "ListNodePoolsResponse": {
-      "id": "ListNodePoolsResponse",
-      "description": "ListNodePoolsResponse is the result of ListNodePoolsRequest.",
-      "type": "object",
-      "properties": {
-        "nodePools": {
-          "description": "A list of node pools for a cluster.",
-          "type": "array",
-          "items": {
-            "$ref": "NodePool"
-          }
-        }
-      }
-    },
-    "CompleteIPRotationRequest": {
-      "id": "CompleteIPRotationRequest",
-      "description": "CompleteIPRotationRequest moves the cluster master back into single-IP mode.",
-      "type": "object",
-      "properties": {}
-    },
-    "StartIPRotationRequest": {
-      "id": "StartIPRotationRequest",
-      "description": "StartIPRotationRequest creates a new IP for the cluster and then performs\na node upgrade on each node pool to point to the new IP.",
-      "type": "object",
-      "properties": {}
+      "type": "object"
     },
     "NodePool": {
-      "id": "NodePool",
       "description": "NodePool contains the name and configuration for a cluster's node pool.\nNode pools are a set of nodes (i.e. VM's), with a common configuration and\nspecification, under the control of the cluster master. They may have a set\nof Kubernetes labels applied to them, which may be used to reference them\nduring pod scheduling. They may also be resized up or down, to accommodate\nthe workload.",
-      "type": "object",
+      "id": "NodePool",
       "properties": {
-        "version": {
-          "description": "The version of the Kubernetes of this node.",
-          "type": "string"
+        "autoscaling": {
+          "$ref": "NodePoolAutoscaling",
+          "description": "Autoscaler configuration for this NodePool. Autoscaler is enabled\nonly if a valid configuration is present."
+        },
+        "config": {
+          "$ref": "NodeConfig",
+          "description": "The node configuration of the pool."
+        },
+        "initialNodeCount": {
+          "description": "The initial node count for the pool. You must ensure that your\nCompute Engine \u003ca href=\"/compute/docs/resource-quotas\"\u003eresource quota\u003c/a\u003e\nis sufficient for this number of instances. You must also have available\nfirewall and routes quota.",
+          "format": "int32",
+          "type": "integer"
         },
         "instanceGroupUrls": {
           "description": "[Output only] The resource URLs of the [managed instance\ngroups](/compute/docs/instance-groups/creating-groups-of-managed-instances)\nassociated with this node pool.",
-          "type": "array",
           "items": {
             "type": "string"
-          }
+          },
+          "type": "array"
+        },
+        "management": {
+          "$ref": "NodeManagement",
+          "description": "NodeManagement configuration for this NodePool."
+        },
+        "name": {
+          "description": "The name of the node pool.",
+          "type": "string"
+        },
+        "selfLink": {
+          "description": "[Output only] Server-defined URL for the resource.",
+          "type": "string"
         },
         "status": {
           "description": "[Output only] The status of the nodes in this pool instance.",
-          "type": "string",
+          "enum": [
+            "STATUS_UNSPECIFIED",
+            "PROVISIONING",
+            "RUNNING",
+            "RUNNING_WITH_ERROR",
+            "RECONCILING",
+            "STOPPING",
+            "ERROR"
+          ],
           "enumDescriptions": [
             "Not set.",
             "The PROVISIONING state indicates the node pool is being created.",
@@ -1889,149 +2129,58 @@
             "The STOPPING state indicates the node pool is being deleted.",
             "The ERROR state indicates the node pool may be unusable. Details\ncan be found in the `statusMessage` field."
           ],
-          "enum": [
-            "STATUS_UNSPECIFIED",
-            "PROVISIONING",
-            "RUNNING",
-            "RUNNING_WITH_ERROR",
-            "RECONCILING",
-            "STOPPING",
-            "ERROR"
-          ]
-        },
-        "config": {
-          "description": "The node configuration of the pool.",
-          "$ref": "NodeConfig"
+          "type": "string"
         },
         "statusMessage": {
           "description": "[Output only] Additional information about the current status of this\nnode pool instance, if available.",
           "type": "string"
         },
-        "name": {
-          "description": "The name of the node pool.",
-          "type": "string"
-        },
-        "autoscaling": {
-          "$ref": "NodePoolAutoscaling",
-          "description": "Autoscaler configuration for this NodePool. Autoscaler is enabled\nonly if a valid configuration is present."
-        },
-        "initialNodeCount": {
-          "description": "The initial node count for the pool. You must ensure that your\nCompute Engine \u003ca href=\"/compute/docs/resource-quotas\"\u003eresource quota\u003c/a\u003e\nis sufficient for this number of instances. You must also have available\nfirewall and routes quota.",
-          "format": "int32",
-          "type": "integer"
-        },
-        "management": {
-          "$ref": "NodeManagement",
-          "description": "NodeManagement configuration for this NodePool."
-        },
-        "selfLink": {
-          "description": "[Output only] Server-defined URL for the resource.",
-          "type": "string"
-        }
-      }
-    },
-    "SetLabelsRequest": {
-      "description": "SetLabelsRequest sets the Google Cloud Platform labels on a Google Container\nEngine cluster, which will in turn set them for Google Compute Engine\nresources used by that cluster",
-      "type": "object",
-      "properties": {
-        "resourceLabels": {
-          "additionalProperties": {
-            "type": "string"
-          },
-          "description": "The labels to set for that cluster.",
-          "type": "object"
-        },
-        "labelFingerprint": {
-          "description": "The fingerprint of the previous set of labels for this resource,\nused to detect conflicts. The fingerprint is initially generated by\nKubernetes Engine and changes after every request to modify or update\nlabels. You must always provide an up-to-date fingerprint hash when\nupdating or changing labels. Make a \u003ccode\u003eget()\u003c/code\u003e request to the\nresource to get the latest fingerprint.",
+        "version": {
+          "description": "The version of the Kubernetes of this node.",
           "type": "string"
         }
       },
-      "id": "SetLabelsRequest"
+      "type": "object"
     },
-    "NodeManagement": {
-      "id": "NodeManagement",
-      "description": "NodeManagement defines the set of node management services turned on for the\nnode pool.",
-      "type": "object",
+    "NodePoolAutoscaling": {
+      "description": "NodePoolAutoscaling contains information required by cluster autoscaler to\nadjust the size of the node pool to the current cluster usage.",
+      "id": "NodePoolAutoscaling",
       "properties": {
-        "autoUpgrade": {
-          "description": "A flag that specifies whether node auto-upgrade is enabled for the node\npool. If enabled, node auto-upgrade helps keep the nodes in your node pool\nup to date with the latest release version of Kubernetes.",
+        "enabled": {
+          "description": "Is autoscaling enabled for this node pool.",
           "type": "boolean"
         },
-        "autoRepair": {
-          "description": "A flag that specifies whether the node auto-repair is enabled for the node\npool. If enabled, the nodes in this node pool will be monitored and, if\nthey fail health checks too many times, an automatic repair action will be\ntriggered.",
-          "type": "boolean"
+        "maxNodeCount": {
+          "description": "Maximum number of nodes in the NodePool. Must be \u003e= min_node_count. There\nhas to enough quota to scale up the cluster.",
+          "format": "int32",
+          "type": "integer"
         },
-        "upgradeOptions": {
-          "$ref": "AutoUpgradeOptions",
-          "description": "Specifies the Auto Upgrade knobs for the node pool."
-        }
-      }
-    },
-    "CancelOperationRequest": {
-      "id": "CancelOperationRequest",
-      "description": "CancelOperationRequest cancels a single operation.",
-      "type": "object",
-      "properties": {}
-    },
-    "KubernetesDashboard": {
-      "id": "KubernetesDashboard",
-      "description": "Configuration for the Kubernetes Dashboard.",
-      "type": "object",
-      "properties": {
-        "disabled": {
-          "description": "Whether the Kubernetes Dashboard is enabled for this cluster.",
-          "type": "boolean"
+        "minNodeCount": {
+          "description": "Minimum number of nodes in the NodePool. Must be \u003e= 1 and \u003c=\nmax_node_count.",
+          "format": "int32",
+          "type": "integer"
         }
-      }
+      },
+      "type": "object"
     },
     "Operation": {
       "description": "This operation resource represents operations that may have happened or are\nhappening on the cluster. All fields are output only.",
-      "type": "object",
+      "id": "Operation",
       "properties": {
-        "statusMessage": {
-          "description": "If an error has occurred, a textual description of the error.",
-          "type": "string"
-        },
-        "name": {
-          "description": "The server-assigned ID for the operation.",
-          "type": "string"
-        },
-        "selfLink": {
-          "description": "Server-defined URL for the resource.",
-          "type": "string"
-        },
         "detail": {
           "description": "Detailed operation progress, if available.",
           "type": "string"
         },
-        "targetLink": {
-          "description": "Server-defined URL for the target of the operation.",
-          "type": "string"
-        },
         "endTime": {
           "description": "[Output only] The time the operation completed, in\n[RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format.",
           "type": "string"
         },
+        "name": {
+          "description": "The server-assigned ID for the operation.",
+          "type": "string"
+        },
         "operationType": {
-          "enumDescriptions": [
-            "Not set.",
-            "Cluster create.",
-            "Cluster delete.",
-            "A master upgrade.",
-            "A node upgrade.",
-            "Cluster repair.",
-            "Cluster update.",
-            "Node pool create.",
-            "Node pool delete.",
-            "Set node pool management.",
-            "Automatic node pool repair.",
-            "Automatic node upgrade.",
-            "Set labels.",
-            "Set/generate master auth materials",
-            "Set node pool size.",
-            "Updates network policy for a cluster.",
-            "Set the maintenance policy."
-          ],
+          "description": "The operation type.",
           "enum": [
             "TYPE_UNSPECIFIED",
             "CREATE_CLUSTER",
@@ -2051,25 +2200,37 @@
             "SET_NETWORK_POLICY",
             "SET_MAINTENANCE_POLICY"
           ],
-          "description": "The operation type.",
+          "enumDescriptions": [
+            "Not set.",
+            "Cluster create.",
+            "Cluster delete.",
+            "A master upgrade.",
+            "A node upgrade.",
+            "Cluster repair.",
+            "Cluster update.",
+            "Node pool create.",
+            "Node pool delete.",
+            "Set node pool management.",
+            "Automatic node pool repair.",
+            "Automatic node upgrade.",
+            "Set labels.",
+            "Set/generate master auth materials",
+            "Set node pool size.",
+            "Updates network policy for a cluster.",
+            "Set the maintenance policy."
+          ],
           "type": "string"
         },
-        "startTime": {
-          "description": "[Output only] The time the operation started, in\n[RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format.",
+        "selfLink": {
+          "description": "Server-defined URL for the resource.",
           "type": "string"
         },
-        "zone": {
-          "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the operation\nis taking place.",
+        "startTime": {
+          "description": "[Output only] The time the operation started, in\n[RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format.",
           "type": "string"
         },
         "status": {
-          "enumDescriptions": [
-            "Not set.",
-            "The operation has been created.",
-            "The operation is currently running.",
-            "The operation is done, either cancelled or completed.",
-            "The operation is aborting."
-          ],
+          "description": "The current status of the operation.",
           "enum": [
             "STATUS_UNSPECIFIED",
             "PENDING",
@@ -2077,136 +2238,40 @@
             "DONE",
             "ABORTING"
           ],
-          "description": "The current status of the operation.",
-          "type": "string"
-        }
-      },
-      "id": "Operation"
-    },
-    "MaintenanceWindow": {
-      "id": "MaintenanceWindow",
-      "description": "MaintenanceWindow defines the maintenance window to be used for the cluster.",
-      "type": "object",
-      "properties": {
-        "dailyMaintenanceWindow": {
-          "description": "DailyMaintenanceWindow specifies a daily maintenance operation window.",
-          "$ref": "DailyMaintenanceWindow"
-        }
-      }
-    },
-    "RollbackNodePoolUpgradeRequest": {
-      "id": "RollbackNodePoolUpgradeRequest",
-      "description": "RollbackNodePoolUpgradeRequest rollbacks the previously Aborted or Failed\nNodePool upgrade. This will be an no-op if the last upgrade successfully\ncompleted.",
-      "type": "object",
-      "properties": {}
-    },
-    "NetworkPolicy": {
-      "id": "NetworkPolicy",
-      "description": "Configuration options for the NetworkPolicy feature.\nhttps://kubernetes.io/docs/concepts/services-networking/networkpolicies/",
-      "type": "object",
-      "properties": {
-        "enabled": {
-          "description": "Whether network policy is enabled on the cluster.",
-          "type": "boolean"
-        },
-        "provider": {
-          "description": "The selected network policy provider.",
-          "type": "string",
           "enumDescriptions": [
-            "Not set",
-            "Tigera (Calico Felix)."
+            "Not set.",
+            "The operation has been created.",
+            "The operation is currently running.",
+            "The operation is done, either cancelled or completed.",
+            "The operation is aborting."
           ],
-          "enum": [
-            "PROVIDER_UNSPECIFIED",
-            "CALICO"
-          ]
-        }
-      }
-    },
-    "UpdateMasterRequest": {
-      "id": "UpdateMasterRequest",
-      "description": "UpdateMasterRequest updates the master of the cluster.",
-      "type": "object",
-      "properties": {
-        "masterVersion": {
-          "description": "The Kubernetes version to change the master to. Use \"-\" to have the server\nautomatically select the default version.",
           "type": "string"
-        }
-      }
-    },
-    "ListOperationsResponse": {
-      "id": "ListOperationsResponse",
-      "description": "ListOperationsResponse is the result of ListOperationsRequest.",
-      "type": "object",
-      "properties": {
-        "operations": {
-          "description": "A list of operations in the project in the specified zone.",
-          "type": "array",
-          "items": {
-            "$ref": "Operation"
-          }
         },
-        "missingZones": {
-          "description": "If any zones are listed here, the list of operations returned\nmay be missing the operations from those zones.",
-          "type": "array",
-          "items": {
-            "type": "string"
-          }
-        }
-      }
-    },
-    "SetMonitoringServiceRequest": {
-      "description": "SetMonitoringServiceRequest sets the monitoring service of a cluster.",
-      "type": "object",
-      "properties": {
-        "monitoringService": {
-          "description": "The monitoring service the cluster should use to write metrics.\nCurrently available options:\n\n* \"monitoring.googleapis.com\" - the Google Cloud Monitoring service\n* \"none\" - no metrics will be exported from the cluster",
+        "statusMessage": {
+          "description": "If an error has occurred, a textual description of the error.",
           "type": "string"
-        }
-      },
-      "id": "SetMonitoringServiceRequest"
-    },
-    "CidrBlock": {
-      "description": "CidrBlock contains an optional name and one CIDR block.",
-      "type": "object",
-      "properties": {
-        "cidrBlock": {
-          "description": "cidr_block must be specified in CIDR notation.",
+        },
+        "targetLink": {
+          "description": "Server-defined URL for the target of the operation.",
           "type": "string"
         },
-        "displayName": {
-          "description": "display_name is an optional field for users to identify CIDR blocks.",
+        "zone": {
+          "description": "The name of the Google Compute Engine\n[zone](/compute/docs/zones#available) in which the operation\nis taking place.",
           "type": "string"
         }
       },
-      "id": "CidrBlock"
+      "type": "object"
+    },
+    "RollbackNodePoolUpgradeRequest": {
+      "description": "RollbackNodePoolUpgradeRequest rollbacks the previously Aborted or Failed\nNodePool upgrade. This will be an no-op if the last upgrade successfully\ncompleted.",
+      "id": "RollbackNodePoolUpgradeRequest",
+      "properties": {},
+      "type": "object"
     },
     "ServerConfig": {
-      "id": "ServerConfig",
       "description": "Kubernetes Engine service configuration.",
-      "type": "object",
+      "id": "ServerConfig",
       "properties": {
-        "validNodeVersions": {
-          "description": "List of valid node upgrade target versions.",
-          "type": "array",
-          "items": {
-            "type": "string"
-          }
-        },
-        "validImageTypes": {
-          "description": "List of valid image types.",
-          "type": "array",
-          "items": {
-            "type": "string"
-          }
-        },
-        "validMasterVersions": {
-          "description": "List of valid master versions.",
-          "type": "array",
-          "items": {
-            "type": "string"
-          }
-        },
         "defaultClusterVersion": {
           "description": "Version of Kubernetes the service deploys by default.",
           "type": "string"
@@ -2214,300 +2279,235 @@
         "defaultImageType": {
           "description": "Default image type.",
           "type": "string"
-        }
-      }
-    },
-    "NodeConfig": {
-      "id": "NodeConfig",
-      "description": "Parameters that describe the nodes in a cluster.",
-      "type": "object",
-      "properties": {
-        "tags": {
-          "description": "The list of instance tags applied to all nodes. Tags are used to identify\nvalid sources or targets for network firewalls and are specified by\nthe client during cluster or node pool creation. Each tag within the list\nmust comply with RFC1035.",
-          "type": "array",
-          "items": {
-            "type": "string"
-          }
-        },
-        "serviceAccount": {
-          "description": "The Google Cloud Platform Service Account to be used by the node VMs. If\nno Service Account is specified, the \"default\" service account is used.",
-          "type": "string"
-        },
-        "imageType": {
-          "description": "The image type to use for this node. Note that for a given image type,\nthe latest version of it will be used.",
-          "type": "string"
         },
-        "oauthScopes": {
-          "description": "The set of Google API scopes to be made available on all of the\nnode VMs under the \"default\" service account.\n\nThe following scopes are recommended, but not required, and by default are\nnot included:\n\n* `https://www.googleapis.com/auth/compute` is required for mounting\npersistent storage on your nodes.\n* `https://www.googleapis.com/auth/devstorage.read_only` is required for\ncommunicating with **gcr.io**\n(the [Google Container Registry](/container-registry/)).\n\nIf unspecified, no scopes are added, unless Cloud Logging or Cloud\nMonitoring are enabled, in which case their required scopes will be added.",
-          "type": "array",
+        "validImageTypes": {
+          "description": "List of valid image types.",
           "items": {
             "type": "string"
-          }
+          },
+          "type": "array"
         },
-        "labels": {
-          "additionalProperties": {
+        "validMasterVersions": {
+          "description": "List of valid master versions.",
+          "items": {
             "type": "string"
           },
-          "description": "The map of Kubernetes labels (key/value pairs) to be applied to each node.\nThese will added in addition to any default label(s) that\nKubernetes may apply to the node.\nIn case of conflict in label keys, the applied set may differ depending on\nthe Kubernetes version -- it's best to assume the behavior is undefined\nand conflicts should be avoided.\nFor more information, including usage and the valid values, see:\nhttps://kubernetes.io/docs/concepts/overview/working-with-objects/labels/",
-          "type": "object"
-        },
-        "diskSizeGb": {
-          "description": "Size of the disk attached to each node, specified in GB.\nThe smallest allowed disk size is 10GB.\n\nIf unspecified, the default disk size is 100GB.",
-          "format": "int32",
-          "type": "integer"
+          "type": "array"
         },
-        "accelerators": {
-          "description": "A list of hardware accelerators to be attached to each node.\nSee https://cloud.google.com/compute/docs/gpus for more information about\nsupport for GPUs.",
-          "type": "array",
+        "validNodeVersions": {
+          "description": "List of valid node upgrade target versions.",
           "items": {
-            "$ref": "AcceleratorConfig"
-          }
-        },
-        "machineType": {
-          "description": "The name of a Google Compute Engine [machine\ntype](/compute/docs/machine-types) (e.g.\n`n1-standard-1`).\n\nIf unspecified, the default machine type is\n`n1-standard-1`.",
-          "type": "string"
-        },
-        "minCpuPlatform": {
-          "description": "Minimum CPU platform to be used by this instance. The instance may be\nscheduled on the specified or newer CPU platform. Applicable values are the\nfriendly names of CPU platforms, such as\n\u003ccode\u003eminCpuPlatform: &quot;Intel Haswell&quot;\u003c/code\u003e or\n\u003ccode\u003eminCpuPlatform: &quot;Intel Sandy Bridge&quot;\u003c/code\u003e. For more\ninformation, read [how to specify min CPU platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform)",
-          "type": "string"
-        },
-        "preemptible": {
-          "description": "Whether the nodes are created as preemptible VM instances. See:\nhttps://cloud.google.com/compute/docs/instances/preemptible for more\ninformation about preemptible VM instances.",
-          "type": "boolean"
-        },
-        "localSsdCount": {
-          "description": "The number of local SSD disks to be attached to the node.\n\nThe limit for this value is dependant upon the maximum number of\ndisks available on a machine per zone. See:\nhttps://cloud.google.com/compute/docs/disks/local-ssd#local_ssd_limits\nfor more information.",
-          "format": "int32",
-          "type": "integer"
-        },
-        "metadata": {
-          "additionalProperties": {
             "type": "string"
           },
-          "description": "The metadata key/value pairs assigned to instances in the cluster.\n\nKeys must conform to the regexp [a-zA-Z0-9-_]+ and be less than 128 bytes\nin length. These are reflected as part of a URL in the metadata server.\nAdditionally, to avoid ambiguity, keys must not conflict with any other\nmetadata keys for the project or be one of the four reserved keys:\n\"instance-template\", \"kube-env\", \"startup-script\", and \"user-data\"\n\nValues are free-form strings, and only have meaning as interpreted by\nthe image running in the instance. The only restriction placed on them is\nthat each value's size must be less than or equal to 32 KB.\n\nThe total size of all keys and values must be less than 512 KB.",
-          "type": "object"
+          "type": "array"
         }
-      }
+      },
+      "type": "object"
     },
-    "AutoUpgradeOptions": {
-      "description": "AutoUpgradeOptions defines the set of options for the user to control how\nthe Auto Upgrades will proceed.",
-      "type": "object",
+    "SetAddonsConfigRequest": {
+      "description": "SetAddonsConfigRequest sets the addons associated with the cluster.",
+      "id": "SetAddonsConfigRequest",
       "properties": {
-        "description": {
-          "description": "[Output only] This field is set when upgrades are about to commence\nwith the description of the upgrade.",
-          "type": "string"
-        },
-        "autoUpgradeStartTime": {
-          "description": "[Output only] This field is set when upgrades are about to commence\nwith the approximate start time for the upgrades, in\n[RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format.",
+        "addonsConfig": {
+          "$ref": "AddonsConfig",
+          "description": "The desired configurations for the various addons available to run in the\ncluster."
+        }
+      },
+      "type": "object"
+    },
+    "SetLabelsRequest": {
+      "description": "SetLabelsRequest sets the Google Cloud Platform labels on a Google Container\nEngine cluster, which will in turn set them for Google Compute Engine\nresources used by that cluster",
+      "id": "SetLabelsRequest",
+      "properties": {
+        "labelFingerprint": {
+          "description": "The fingerprint of the previous set of labels for this resource,\nused to detect conflicts. The fingerprint is initially generated by\nKubernetes Engine and changes after every request to modify or update\nlabels. You must always provide an up-to-date fingerprint hash when\nupdating or changing labels. Make a \u003ccode\u003eget()\u003c/code\u003e request to the\nresource to get the latest fingerprint.",
           "type": "string"
+        },
+        "resourceLabels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "The labels to set for that cluster.",
+          "type": "object"
         }
       },
-      "id": "AutoUpgradeOptions"
+      "type": "object"
     },
-    "ListClustersResponse": {
-      "id": "ListClustersResponse",
-      "description": "ListClustersResponse is the result of ListClustersRequest.",
-      "type": "object",
+    "SetLegacyAbacRequest": {
+      "description": "SetLegacyAbacRequest enables or disables the ABAC authorization mechanism for\na cluster.",
+      "id": "SetLegacyAbacRequest",
       "properties": {
-        "missingZones": {
-          "description": "If any zones are listed here, the list of clusters returned\nmay be missing those zones.",
-          "type": "array",
-          "items": {
-            "type": "string"
-          }
-        },
-        "clusters": {
-          "description": "A list of clusters in the project in the specified zone, or\nacross all ones.",
-          "type": "array",
-          "items": {
-            "$ref": "Cluster"
-          }
+        "enabled": {
+          "description": "Whether ABAC authorization will be enabled in the cluster.",
+          "type": "boolean"
         }
-      }
+      },
+      "type": "object"
     },
-    "HttpLoadBalancing": {
-      "id": "HttpLoadBalancing",
-      "description": "Configuration options for the HTTP (L7) load balancing controller addon,\nwhich makes it easy to set up HTTP load balancers for services in a cluster.",
-      "type": "object",
+    "SetLocationsRequest": {
+      "description": "SetLocationsRequest sets the locations of the cluster.",
+      "id": "SetLocationsRequest",
       "properties": {
-        "disabled": {
-          "description": "Whether the HTTP Load Balancing controller is enabled in the cluster.\nWhen enabled, it runs a small pod in the cluster that manages the load\nbalancers.",
-          "type": "boolean"
+        "locations": {
+          "description": "The desired list of Google Compute Engine\n[locations](/compute/docs/zones#available) in which the cluster's nodes\nshould be located. Changing the locations a cluster is in will result\nin nodes being either created or removed from the cluster, depending on\nwhether locations are being added or removed.\n\nThis list must always include the cluster's primary zone.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
         }
-      }
+      },
+      "type": "object"
     },
-    "SetNetworkPolicyRequest": {
-      "id": "SetNetworkPolicyRequest",
-      "description": "SetNetworkPolicyRequest enables/disables network policy for a cluster.",
-      "type": "object",
+    "SetLoggingServiceRequest": {
+      "description": "SetLoggingServiceRequest sets the logging service of a cluster.",
+      "id": "SetLoggingServiceRequest",
       "properties": {
-        "networkPolicy": {
-          "$ref": "NetworkPolicy",
-          "description": "Configuration options for the NetworkPolicy feature."
+        "loggingService": {
+          "description": "The logging service the cluster should use to write metrics.\nCurrently available options:\n\n* \"logging.googleapis.com\" - the Google Cloud Logging service\n* \"none\" - no metrics will be exported from the cluster",
+          "type": "string"
         }
-      }
+      },
+      "type": "object"
     },
-    "NodePoolAutoscaling": {
-      "id": "NodePoolAutoscaling",
-      "description": "NodePoolAutoscaling contains information required by cluster autoscaler to\nadjust the size of the node pool to the current cluster usage.",
-      "type": "object",
+    "SetMaintenancePolicyRequest": {
+      "description": "SetMaintenancePolicyRequest sets the maintenance policy for a cluster.",
+      "id": "SetMaintenancePolicyRequest",
       "properties": {
-        "enabled": {
-          "description": "Is autoscaling enabled for this node pool.",
-          "type": "boolean"
-        },
-        "maxNodeCount": {
-          "description": "Maximum number of nodes in the NodePool. Must be \u003e= min_node_count. There\nhas to enough quota to scale up the cluster.",
-          "format": "int32",
-          "type": "integer"
-        },
-        "minNodeCount": {
-          "description": "Minimum number of nodes in the NodePool. Must be \u003e= 1 and \u003c=\nmax_node_count.",
-          "format": "int32",
-          "type": "integer"
+        "maintenancePolicy": {
+          "$ref": "MaintenancePolicy",
+          "description": "The maintenance policy to be set for the cluster. An empty field\nclears the existing maintenance policy."
         }
-      }
+      },
+      "type": "object"
     },
     "SetMasterAuthRequest": {
-      "id": "SetMasterAuthRequest",
       "description": "SetMasterAuthRequest updates the admin password of a cluster.",
-      "type": "object",
+      "id": "SetMasterAuthRequest",
       "properties": {
         "action": {
           "description": "The exact form of action to be taken on the master auth.",
-          "type": "string",
+          "enum": [
+            "UNKNOWN",
+            "SET_PASSWORD",
+            "GENERATE_PASSWORD",
+            "SET_USERNAME"
+          ],
           "enumDescriptions": [
             "Operation is unknown and will error out.",
             "Set the password to a user generated value.",
             "Generate a new password and set it to that.",
             "Set the username.  If an empty username is provided, basic authentication\nis disabled for the cluster.  If a non-empty username is provided, basic\nauthentication is enabled, with either a provided password or a generated\none."
           ],
-          "enum": [
-            "UNKNOWN",
-            "SET_PASSWORD",
-            "GENERATE_PASSWORD",
-            "SET_USERNAME"
-          ]
+          "type": "string"
         },
         "update": {
           "$ref": "MasterAuth",
           "description": "A description of the update."
         }
-      }
+      },
+      "type": "object"
     },
-    "IPAllocationPolicy": {
-      "id": "IPAllocationPolicy",
-      "description": "Configuration for controlling how IPs are allocated in the cluster.",
-      "type": "object",
+    "SetMonitoringServiceRequest": {
+      "description": "SetMonitoringServiceRequest sets the monitoring service of a cluster.",
+      "id": "SetMonitoringServiceRequest",
       "properties": {
-        "createSubnetwork": {
-          "description": "Whether a new subnetwork will be created automatically for the cluster.\n\nThis field is only applicable when `use_ip_aliases` is true.",
-          "type": "boolean"
-        },
-        "useIpAliases": {
-          "description": "Whether alias IPs will be used for pod IPs in the cluster.",
-          "type": "boolean"
-        },
-        "servicesSecondaryRangeName": {
-          "description": "The name of the secondary range to be used as for the services\nCIDR block.  The secondary range will be used for service\nClusterIPs. This must be an existing secondary range associated\nwith the cluster subnetwork.\n\nThis field is only applicable with use_ip_aliases is true and\ncreate_subnetwork is false.",
-          "type": "string"
-        },
-        "subnetworkName": {
-          "description": "A custom subnetwork name to be used if `create_subnetwork` is true.  If\nthis field is empty, then an automatic name will be chosen for the new\nsubnetwork.",
-          "type": "string"
-        },
-        "servicesIpv4CidrBlock": {
-          "description": "The IP address range of the services IPs in this cluster. If blank, a range\nwill be automatically chosen with the default size.\n\nThis field is only applicable when `use_ip_aliases` is true.\n\nSet to blank to have a range chosen with the default size.\n\nSet to /netmask (e.g. `/14`) to have a range chosen with a specific\nnetmask.\n\nSet to a\n[CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)\nnotation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g.\n`10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range\nto use.",
-          "type": "string"
-        },
-        "clusterIpv4Cidr": {
-          "description": "This field is deprecated, use cluster_ipv4_cidr_block.",
-          "type": "string"
-        },
-        "nodeIpv4Cidr": {
-          "description": "This field is deprecated, use node_ipv4_cidr_block.",
-          "type": "string"
-        },
-        "clusterIpv4CidrBlock": {
-          "description": "The IP address range for the cluster pod IPs. If this field is set, then\n`cluster.cluster_ipv4_cidr` must be left blank.\n\nThis field is only applicable when `use_ip_aliases` is true.\n\nSet to blank to have a range chosen with the default size.\n\nSet to /netmask (e.g. `/14`) to have a range chosen with a specific\nnetmask.\n\nSet to a\n[CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)\nnotation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g.\n`10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range\nto use.",
-          "type": "string"
-        },
-        "clusterSecondaryRangeName": {
-          "description": "The name of the secondary range to be used for the cluster CIDR\nblock.  The secondary range will be used for pod IP\naddresses. This must be an existing secondary range associated\nwith the cluster subnetwork.\n\nThis field is only applicable with use_ip_aliases is true and\ncreate_subnetwork is false.",
-          "type": "string"
-        },
-        "nodeIpv4CidrBlock": {
-          "description": "The IP address range of the instance IPs in this cluster.\n\nThis is applicable only if `create_subnetwork` is true.\n\nSet to blank to have a range chosen with the default size.\n\nSet to /netmask (e.g. `/14`) to have a range chosen with a specific\nnetmask.\n\nSet to a\n[CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing)\nnotation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g.\n`10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range\nto use.",
-          "type": "string"
-        },
-        "servicesIpv4Cidr": {
-          "description": "This field is deprecated, use services_ipv4_cidr_block.",
+        "monitoringService": {
+          "description": "The monitoring service the cluster should use to write metrics.\nCurrently available options:\n\n* \"monitoring.googleapis.com\" - the Google Cloud Monitoring service\n* \"none\" - no metrics will be exported from the cluster",
           "type": "string"
         }
-      }
+      },
+      "type": "object"
     },
-    "ClusterUpdate": {
-      "description": "ClusterUpdate describes an update to the cluster. Exactly one update can\nbe applied to a cluster with each request, so at most one field can be\nprovided.",
-      "type": "object",
+    "SetNetworkPolicyRequest": {
+      "description": "SetNetworkPolicyRequest enables/disables network policy for a cluster.",
+      "id": "SetNetworkPolicyRequest",
       "properties": {
-        "desiredMasterVersion": {
-          "description": "The Kubernetes version to change the master to. The only valid value is the\nlatest supported version. Use \"-\" to have the server automatically select\nthe latest version.",
-          "type": "string"
-        },
-        "desiredMasterAuthorizedNetworksConfig": {
-          "description": "Master authorized networks is a Beta feature.\nThe desired configuration options for master authorized networks feature.",
-          "$ref": "MasterAuthorizedNetworksConfig"
-        },
-        "desiredLocations": {
-          "description": "The desired list of Google Compute Engine\n[locations](/compute/docs/zones#available) in which the cluster's nodes\nshould be located. Changing the locations a cluster is in will result\nin nodes being either created or removed from the cluster, depending on\nwhether locations are being added or removed.\n\nThis list must always include the cluster's primary zone.",
-          "type": "array",
-          "items": {
-            "type": "string"
-          }
-        },
-        "desiredNodePoolAutoscaling": {
+        "networkPolicy": {
+          "$ref": "NetworkPolicy",
+          "description": "Configuration options for the NetworkPolicy feature."
+        }
+      },
+      "type": "object"
+    },
+    "SetNodePoolAutoscalingRequest": {
+      "description": "SetNodePoolAutoscalingRequest sets the autoscaler settings of a node pool.",
+      "id": "SetNodePoolAutoscalingRequest",
+      "properties": {
+        "autoscaling": {
           "$ref": "NodePoolAutoscaling",
-          "description": "Autoscaler configuration for the node pool specified in\ndesired_node_pool_id. If there is only one pool in the\ncluster and desired_node_pool_id is not provided then\nthe change applies to that single node pool."
-        },
-        "desiredMonitoringService": {
-          "description": "The monitoring service the cluster should use to write metrics.\nCurrently available options:\n\n* \"monitoring.googleapis.com\" - the Google Cloud Monitoring service\n* \"none\" - no metrics will be exported from the cluster",
-          "type": "string"
-        },
-        "desiredImageType": {
-          "description": "The desired image type for the node pool.\nNOTE: Set the \"desired_node_pool\" field as well.",
+          "description": "Autoscaling configuration for the node pool."
+        }
+      },
+      "type": "object"
+    },
+    "SetNodePoolManagementRequest": {
+      "description": "SetNodePoolManagementRequest sets the node management properties of a node\npool.",
+      "id": "SetNodePoolManagementRequest",
+      "properties": {
+        "management": {
+          "$ref": "NodeManagement",
+          "description": "NodeManagement configuration for the node pool."
+        }
+      },
+      "type": "object"
+    },
+    "SetNodePoolSizeRequest": {
+      "description": "SetNodePoolSizeRequest sets the size a node\npool.",
+      "id": "SetNodePoolSizeRequest",
+      "properties": {
+        "nodeCount": {
+          "description": "The desired node count for the pool.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "StartIPRotationRequest": {
+      "description": "StartIPRotationRequest creates a new IP for the cluster and then performs\na node upgrade on each node pool to point to the new IP.",
+      "id": "StartIPRotationRequest",
+      "properties": {},
+      "type": "object"
+    },
+    "UpdateClusterRequest": {
+      "description": "UpdateClusterRequest updates the settings of a cluster.",
+      "id": "UpdateClusterRequest",
+      "properties": {
+        "update": {
+          "$ref": "ClusterUpdate",
+          "description": "A description of the update."
+        }
+      },
+      "type": "object"
+    },
+    "UpdateMasterRequest": {
+      "description": "UpdateMasterRequest updates the master of the cluster.",
+      "id": "UpdateMasterRequest",
+      "properties": {
+        "masterVersion": {
+          "description": "The Kubernetes version to change the master to. Use \"-\" to have the server\nautomatically select the default version.",
           "type": "string"
-        },
-        "desiredAddonsConfig": {
-          "$ref": "AddonsConfig",
-          "description": "Configurations for the various addons available to run in the cluster."
-        },
-        "desiredNodePoolId": {
-          "description": "The node pool to be upgraded. This field is mandatory if\n\"desired_node_version\", \"desired_image_family\" or\n\"desired_node_pool_autoscaling\" is specified and there is more than one\nnode pool on the cluster.",
+        }
+      },
+      "type": "object"
+    },
+    "UpdateNodePoolRequest": {
+      "description": "UpdateNodePoolRequests update a node pool's image and/or version.",
+      "id": "UpdateNodePoolRequest",
+      "properties": {
+        "imageType": {
+          "description": "The desired image type for the node pool.",
           "type": "string"
         },
-        "desiredNodeVersion": {
+        "nodeVersion": {
           "description": "The Kubernetes version to change the nodes to (typically an\nupgrade). Use `-` to upgrade to the latest version supported by\nthe server.",
           "type": "string"
         }
       },
-      "id": "ClusterUpdate"
-    },
-    "HorizontalPodAutoscaling": {
-      "id": "HorizontalPodAutoscaling",
-      "description": "Configuration options for the horizontal pod autoscaling feature, which\nincreases or decreases the number of replica pods a replication controller\nhas based on the resource usage of the existing pods.",
-      "type": "object",
-      "properties": {
-        "disabled": {
-          "description": "Whether the Horizontal Pod Autoscaling feature is enabled in the cluster.\nWhen enabled, it ensures that a Heapster pod is running in the cluster,\nwhich is also used by the Cloud Monitoring service.",
-          "type": "boolean"
-        }
-      }
+      "type": "object"
     }
   },
-  "icons": {
-    "x32": "http://www.google.com/images/icons/product/search-32.gif",
-    "x16": "http://www.google.com/images/icons/product/search-16.gif"
-  },
-  "protocol": "rest",
-  "canonicalName": "Container"
-}
+  "servicePath": "",
+  "title": "Google Kubernetes Engine API",
+  "version": "v1"
+}
\ No newline at end of file
diff --git a/vendor/google.golang.org/api/container/v1/container-gen.go b/vendor/google.golang.org/api/container/v1/container-gen.go
index 00e74adf45d2..c14d4997f16e 100644
--- a/vendor/google.golang.org/api/container/v1/container-gen.go
+++ b/vendor/google.golang.org/api/container/v1/container-gen.go
@@ -1,4 +1,4 @@
-// Package container provides access to the Google Container Engine API.
+// Package container provides access to the Google Kubernetes Engine API.
 //
 // See https://cloud.google.com/container-engine/
 //
@@ -1522,10 +1522,17 @@ type NodeConfig struct {
 	// server.
 	// Additionally, to avoid ambiguity, keys must not conflict with any
 	// other
-	// metadata keys for the project or be one of the four reserved
-	// keys:
-	// "instance-template", "kube-env", "startup-script", and
-	// "user-data"
+	// metadata keys for the project or be one of the reserved keys:
+	//  "cluster-location"
+	//  "cluster-name"
+	//  "cluster-uid"
+	//  "configure-sh"
+	//  "gci-update-strategy"
+	//  "gci-ensure-gke-docker"
+	//  "instance-template"
+	//  "kube-env"
+	//  "startup-script"
+	//  "user-data"
 	//
 	// Values are free-form strings, and only have meaning as interpreted
 	// by
diff --git a/vendor/google.golang.org/api/gensupport/go18.go b/vendor/google.golang.org/api/gensupport/go18.go
new file mode 100644
index 000000000000..c76cb8f20bb6
--- /dev/null
+++ b/vendor/google.golang.org/api/gensupport/go18.go
@@ -0,0 +1,17 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build go1.8
+
+package gensupport
+
+import (
+	"io"
+	"net/http"
+)
+
+// SetGetBody sets the GetBody field of req to f.
+func SetGetBody(req *http.Request, f func() (io.ReadCloser, error)) {
+	req.GetBody = f
+}
diff --git a/vendor/google.golang.org/api/gensupport/media.go b/vendor/google.golang.org/api/gensupport/media.go
index f3e77fc52979..5a2674104ef4 100644
--- a/vendor/google.golang.org/api/gensupport/media.go
+++ b/vendor/google.golang.org/api/gensupport/media.go
@@ -5,12 +5,14 @@
 package gensupport
 
 import (
+	"bytes"
 	"fmt"
 	"io"
 	"io/ioutil"
 	"mime/multipart"
 	"net/http"
 	"net/textproto"
+	"strings"
 
 	"google.golang.org/api/googleapi"
 )
@@ -251,11 +253,11 @@ func (mi *MediaInfo) UploadType() string {
 }
 
 // UploadRequest sets up an HTTP request for media upload. It adds headers
-// as necessary, and returns a replacement for the body.
-func (mi *MediaInfo) UploadRequest(reqHeaders http.Header, body io.Reader) (newBody io.Reader, cleanup func()) {
+// as necessary, and returns a replacement for the body and a function for http.Request.GetBody.
+func (mi *MediaInfo) UploadRequest(reqHeaders http.Header, body io.Reader) (newBody io.Reader, getBody func() (io.ReadCloser, error), cleanup func()) {
 	cleanup = func() {}
 	if mi == nil {
-		return body, cleanup
+		return body, nil, cleanup
 	}
 	var media io.Reader
 	if mi.media != nil {
@@ -269,7 +271,17 @@ func (mi *MediaInfo) UploadRequest(reqHeaders http.Header, body io.Reader) (newB
 		media, _, _, _ = mi.buffer.Chunk()
 	}
 	if media != nil {
+		fb := readerFunc(body)
+		fm := readerFunc(media)
 		combined, ctype := CombineBodyMedia(body, "application/json", media, mi.mType)
+		if fb != nil && fm != nil {
+			getBody = func() (io.ReadCloser, error) {
+				rb := ioutil.NopCloser(fb())
+				rm := ioutil.NopCloser(fm())
+				r, _ := CombineBodyMedia(rb, "application/json", rm, mi.mType)
+				return r, nil
+			}
+		}
 		cleanup = func() { combined.Close() }
 		reqHeaders.Set("Content-Type", ctype)
 		body = combined
@@ -277,7 +289,27 @@ func (mi *MediaInfo) UploadRequest(reqHeaders http.Header, body io.Reader) (newB
 	if mi.buffer != nil && mi.mType != "" && !mi.singleChunk {
 		reqHeaders.Set("X-Upload-Content-Type", mi.mType)
 	}
-	return body, cleanup
+	return body, getBody, cleanup
+}
+
+// readerFunc returns a function that always returns an io.Reader that has the same
+// contents as r, provided that can be done without consuming r. Otherwise, it
+// returns nil.
+// See http.NewRequest (in net/http/request.go).
+func readerFunc(r io.Reader) func() io.Reader {
+	switch r := r.(type) {
+	case *bytes.Buffer:
+		buf := r.Bytes()
+		return func() io.Reader { return bytes.NewReader(buf) }
+	case *bytes.Reader:
+		snapshot := *r
+		return func() io.Reader { r := snapshot; return &r }
+	case *strings.Reader:
+		snapshot := *r
+		return func() io.Reader { r := snapshot; return &r }
+	default:
+		return nil
+	}
 }
 
 // ResumableUpload returns an appropriately configured ResumableUpload value if the
diff --git a/vendor/google.golang.org/api/gensupport/not_go18.go b/vendor/google.golang.org/api/gensupport/not_go18.go
new file mode 100644
index 000000000000..2536501cecf3
--- /dev/null
+++ b/vendor/google.golang.org/api/gensupport/not_go18.go
@@ -0,0 +1,14 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build !go1.8
+
+package gensupport
+
+import (
+	"io"
+	"net/http"
+)
+
+func SetGetBody(req *http.Request, f func() (io.ReadCloser, error)) {}
diff --git a/vendor/google.golang.org/api/tpu/v1alpha1/tpu-api.json b/vendor/google.golang.org/api/tpu/v1alpha1/tpu-api.json
new file mode 100644
index 000000000000..990cd1594dcb
--- /dev/null
+++ b/vendor/google.golang.org/api/tpu/v1alpha1/tpu-api.json
@@ -0,0 +1,1006 @@
+{
+  "auth": {
+    "oauth2": {
+      "scopes": {
+        "https://www.googleapis.com/auth/cloud-platform": {
+          "description": "View and manage your data across Google Cloud Platform services"
+        }
+      }
+    }
+  },
+  "basePath": "",
+  "baseUrl": "https://tpu.googleapis.com/",
+  "batchPath": "batch",
+  "canonicalName": "TPU",
+  "description": "TPU API provides customers with access to Google TPU technology.",
+  "discoveryVersion": "v1",
+  "documentationLink": "https://cloud.google.com/tpu/",
+  "fullyEncodeReservedExpansion": true,
+  "icons": {
+    "x16": "http://www.google.com/images/icons/product/search-16.gif",
+    "x32": "http://www.google.com/images/icons/product/search-32.gif"
+  },
+  "id": "tpu:v1alpha1",
+  "kind": "discovery#restDescription",
+  "name": "tpu",
+  "ownerDomain": "google.com",
+  "ownerName": "Google",
+  "parameters": {
+    "$.xgafv": {
+      "description": "V1 error format.",
+      "enum": [
+        "1",
+        "2"
+      ],
+      "enumDescriptions": [
+        "v1 error format",
+        "v2 error format"
+      ],
+      "location": "query",
+      "type": "string"
+    },
+    "access_token": {
+      "description": "OAuth access token.",
+      "location": "query",
+      "type": "string"
+    },
+    "alt": {
+      "default": "json",
+      "description": "Data format for response.",
+      "enum": [
+        "json",
+        "media",
+        "proto"
+      ],
+      "enumDescriptions": [
+        "Responses with Content-Type of application/json",
+        "Media download with context-dependent Content-Type",
+        "Responses with Content-Type of application/x-protobuf"
+      ],
+      "location": "query",
+      "type": "string"
+    },
+    "bearer_token": {
+      "description": "OAuth bearer token.",
+      "location": "query",
+      "type": "string"
+    },
+    "callback": {
+      "description": "JSONP",
+      "location": "query",
+      "type": "string"
+    },
+    "fields": {
+      "description": "Selector specifying which fields to include in a partial response.",
+      "location": "query",
+      "type": "string"
+    },
+    "key": {
+      "description": "API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.",
+      "location": "query",
+      "type": "string"
+    },
+    "oauth_token": {
+      "description": "OAuth 2.0 token for the current user.",
+      "location": "query",
+      "type": "string"
+    },
+    "pp": {
+      "default": "true",
+      "description": "Pretty-print response.",
+      "location": "query",
+      "type": "boolean"
+    },
+    "prettyPrint": {
+      "default": "true",
+      "description": "Returns response with indentations and line breaks.",
+      "location": "query",
+      "type": "boolean"
+    },
+    "quotaUser": {
+      "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.",
+      "location": "query",
+      "type": "string"
+    },
+    "uploadType": {
+      "description": "Legacy upload protocol for media (e.g. \"media\", \"multipart\").",
+      "location": "query",
+      "type": "string"
+    },
+    "upload_protocol": {
+      "description": "Upload protocol for media (e.g. \"raw\", \"multipart\").",
+      "location": "query",
+      "type": "string"
+    }
+  },
+  "protocol": "rest",
+  "resources": {
+    "projects": {
+      "resources": {
+        "locations": {
+          "methods": {
+            "get": {
+              "description": "Get information about a location.",
+              "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}",
+              "httpMethod": "GET",
+              "id": "tpu.projects.locations.get",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "Resource name for the location.",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/locations/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v1alpha1/{+name}",
+              "response": {
+                "$ref": "Location"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
+            },
+            "list": {
+              "description": "Lists information about the supported locations for this service.",
+              "flatPath": "v1alpha1/projects/{projectsId}/locations",
+              "httpMethod": "GET",
+              "id": "tpu.projects.locations.list",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "filter": {
+                  "description": "The standard list filter.",
+                  "location": "query",
+                  "type": "string"
+                },
+                "name": {
+                  "description": "The resource that owns the locations collection, if applicable.",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                },
+                "pageSize": {
+                  "description": "The standard list page size.",
+                  "format": "int32",
+                  "location": "query",
+                  "type": "integer"
+                },
+                "pageToken": {
+                  "description": "The standard list page token.",
+                  "location": "query",
+                  "type": "string"
+                }
+              },
+              "path": "v1alpha1/{+name}/locations",
+              "response": {
+                "$ref": "ListLocationsResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
+            }
+          },
+          "resources": {
+            "nodes": {
+              "methods": {
+                "create": {
+                  "description": "Creates a node.",
+                  "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/nodes",
+                  "httpMethod": "POST",
+                  "id": "tpu.projects.locations.nodes.create",
+                  "parameterOrder": [
+                    "parent"
+                  ],
+                  "parameters": {
+                    "nodeId": {
+                      "description": "The unqualified resource name.",
+                      "location": "query",
+                      "type": "string"
+                    },
+                    "parent": {
+                      "description": "The parent resource name.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/locations/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1alpha1/{+parent}/nodes",
+                  "request": {
+                    "$ref": "Node"
+                  },
+                  "response": {
+                    "$ref": "Operation"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "delete": {
+                  "description": "Deletes a node.",
+                  "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/nodes/{nodesId}",
+                  "httpMethod": "DELETE",
+                  "id": "tpu.projects.locations.nodes.delete",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "The resource name.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/locations/[^/]+/nodes/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1alpha1/{+name}",
+                  "response": {
+                    "$ref": "Operation"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "get": {
+                  "description": "Gets the details of a node.",
+                  "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/nodes/{nodesId}",
+                  "httpMethod": "GET",
+                  "id": "tpu.projects.locations.nodes.get",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "The resource name.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/locations/[^/]+/nodes/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1alpha1/{+name}",
+                  "response": {
+                    "$ref": "Node"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "list": {
+                  "description": "Lists nodes.",
+                  "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/nodes",
+                  "httpMethod": "GET",
+                  "id": "tpu.projects.locations.nodes.list",
+                  "parameterOrder": [
+                    "parent"
+                  ],
+                  "parameters": {
+                    "pageSize": {
+                      "description": "The maximum number of items to return.",
+                      "format": "int32",
+                      "location": "query",
+                      "type": "integer"
+                    },
+                    "pageToken": {
+                      "description": "The next_page_token value returned from a previous List request, if any.",
+                      "location": "query",
+                      "type": "string"
+                    },
+                    "parent": {
+                      "description": "The parent resource name.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/locations/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1alpha1/{+parent}/nodes",
+                  "response": {
+                    "$ref": "ListNodesResponse"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "reimage": {
+                  "description": "Reimages a node's OS.",
+                  "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/nodes/{nodesId}:reimage",
+                  "httpMethod": "POST",
+                  "id": "tpu.projects.locations.nodes.reimage",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "The resource name.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/locations/[^/]+/nodes/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1alpha1/{+name}:reimage",
+                  "request": {
+                    "$ref": "ReimageNodeRequest"
+                  },
+                  "response": {
+                    "$ref": "Operation"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "reset": {
+                  "description": "Resets a node, which stops and starts the VM.",
+                  "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/nodes/{nodesId}:reset",
+                  "httpMethod": "POST",
+                  "id": "tpu.projects.locations.nodes.reset",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "The resource name.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/locations/[^/]+/nodes/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1alpha1/{+name}:reset",
+                  "request": {
+                    "$ref": "ResetNodeRequest"
+                  },
+                  "response": {
+                    "$ref": "Operation"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "start": {
+                  "description": "Starts a node.",
+                  "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/nodes/{nodesId}:start",
+                  "httpMethod": "POST",
+                  "id": "tpu.projects.locations.nodes.start",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "The resource name.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/locations/[^/]+/nodes/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1alpha1/{+name}:start",
+                  "request": {
+                    "$ref": "StartNodeRequest"
+                  },
+                  "response": {
+                    "$ref": "Operation"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "stop": {
+                  "description": "Stops a node.",
+                  "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/nodes/{nodesId}:stop",
+                  "httpMethod": "POST",
+                  "id": "tpu.projects.locations.nodes.stop",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "The resource name.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/locations/[^/]+/nodes/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1alpha1/{+name}:stop",
+                  "request": {
+                    "$ref": "StopNodeRequest"
+                  },
+                  "response": {
+                    "$ref": "Operation"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                }
+              }
+            },
+            "operations": {
+              "methods": {
+                "cancel": {
+                  "description": "Starts asynchronous cancellation on a long-running operation.  The server\nmakes a best effort to cancel the operation, but success is not\nguaranteed.  If the server doesn't support this method, it returns\n`google.rpc.Code.UNIMPLEMENTED`.  Clients can use\nOperations.GetOperation or\nother methods to check whether the cancellation succeeded or whether the\noperation completed despite cancellation. On successful cancellation,\nthe operation is not deleted; instead, it becomes an operation with\nan Operation.error value with a google.rpc.Status.code of 1,\ncorresponding to `Code.CANCELLED`.",
+                  "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel",
+                  "httpMethod": "POST",
+                  "id": "tpu.projects.locations.operations.cancel",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "The name of the operation resource to be cancelled.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1alpha1/{+name}:cancel",
+                  "response": {
+                    "$ref": "Empty"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "delete": {
+                  "description": "Deletes a long-running operation. This method indicates that the client is\nno longer interested in the operation result. It does not cancel the\noperation. If the server doesn't support this method, it returns\n`google.rpc.Code.UNIMPLEMENTED`.",
+                  "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}",
+                  "httpMethod": "DELETE",
+                  "id": "tpu.projects.locations.operations.delete",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "The name of the operation resource to be deleted.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1alpha1/{+name}",
+                  "response": {
+                    "$ref": "Empty"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "get": {
+                  "description": "Gets the latest state of a long-running operation.  Clients can use this\nmethod to poll the operation result at intervals as recommended by the API\nservice.",
+                  "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}",
+                  "httpMethod": "GET",
+                  "id": "tpu.projects.locations.operations.get",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "The name of the operation resource.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1alpha1/{+name}",
+                  "response": {
+                    "$ref": "Operation"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "list": {
+                  "description": "Lists operations that match the specified filter in the request. If the\nserver doesn't support this method, it returns `UNIMPLEMENTED`.\n\nNOTE: the `name` binding allows API services to override the binding\nto use different resource name schemes, such as `users/*/operations`. To\noverride the binding, API services can add a binding such as\n`\"/v1/{name=users/*}/operations\"` to their service configuration.\nFor backwards compatibility, the default name includes the operations\ncollection id, however overriding users must ensure the name binding\nis the parent resource, without the operations collection id.",
+                  "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/operations",
+                  "httpMethod": "GET",
+                  "id": "tpu.projects.locations.operations.list",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "filter": {
+                      "description": "The standard list filter.",
+                      "location": "query",
+                      "type": "string"
+                    },
+                    "name": {
+                      "description": "The name of the operation's parent resource.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/locations/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    },
+                    "pageSize": {
+                      "description": "The standard list page size.",
+                      "format": "int32",
+                      "location": "query",
+                      "type": "integer"
+                    },
+                    "pageToken": {
+                      "description": "The standard list page token.",
+                      "location": "query",
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1alpha1/{+name}/operations",
+                  "response": {
+                    "$ref": "ListOperationsResponse"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                }
+              }
+            },
+            "tensorflowVersions": {
+              "methods": {
+                "get": {
+                  "description": "Gets TensorFlow Version.",
+                  "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/tensorflowVersions/{tensorflowVersionsId}",
+                  "httpMethod": "GET",
+                  "id": "tpu.projects.locations.tensorflowVersions.get",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "The resource name.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/locations/[^/]+/tensorflowVersions/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1alpha1/{+name}",
+                  "response": {
+                    "$ref": "TensorFlowVersion"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
+                "list": {
+                  "description": "Lists TensorFlow versions supported by this API.",
+                  "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/tensorflowVersions",
+                  "httpMethod": "GET",
+                  "id": "tpu.projects.locations.tensorflowVersions.list",
+                  "parameterOrder": [
+                    "parent"
+                  ],
+                  "parameters": {
+                    "filter": {
+                      "description": "List filter.",
+                      "location": "query",
+                      "type": "string"
+                    },
+                    "orderBy": {
+                      "description": "Sort results.",
+                      "location": "query",
+                      "type": "string"
+                    },
+                    "pageSize": {
+                      "description": "The maximum number of items to return.",
+                      "format": "int32",
+                      "location": "query",
+                      "type": "integer"
+                    },
+                    "pageToken": {
+                      "description": "The next_page_token value returned from a previous List request, if any.",
+                      "location": "query",
+                      "type": "string"
+                    },
+                    "parent": {
+                      "description": "The parent resource name.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/locations/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1alpha1/{+parent}/tensorflowVersions",
+                  "response": {
+                    "$ref": "ListTensorFlowVersionsResponse"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                }
+              }
+            }
+          }
+        }
+      }
+    }
+  },
+  "revision": "20180202",
+  "rootUrl": "https://tpu.googleapis.com/",
+  "schemas": {
+    "Empty": {
+      "description": "A generic empty message that you can re-use to avoid defining duplicated\nempty messages in your APIs. A typical example is to use it as the request\nor the response type of an API method. For instance:\n\n    service Foo {\n      rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);\n    }\n\nThe JSON representation for `Empty` is empty JSON object `{}`.",
+      "id": "Empty",
+      "properties": {},
+      "type": "object"
+    },
+    "ListLocationsResponse": {
+      "description": "The response message for Locations.ListLocations.",
+      "id": "ListLocationsResponse",
+      "properties": {
+        "locations": {
+          "description": "A list of locations that matches the specified filter in the request.",
+          "items": {
+            "$ref": "Location"
+          },
+          "type": "array"
+        },
+        "nextPageToken": {
+          "description": "The standard List next-page token.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ListNodesResponse": {
+      "description": "Response for ListNodes.",
+      "id": "ListNodesResponse",
+      "properties": {
+        "nextPageToken": {
+          "description": "The next page token or empty if none.",
+          "type": "string"
+        },
+        "nodes": {
+          "description": "The listed nodes.",
+          "items": {
+            "$ref": "Node"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "ListOperationsResponse": {
+      "description": "The response message for Operations.ListOperations.",
+      "id": "ListOperationsResponse",
+      "properties": {
+        "nextPageToken": {
+          "description": "The standard List next-page token.",
+          "type": "string"
+        },
+        "operations": {
+          "description": "A list of operations that matches the specified filter in the request.",
+          "items": {
+            "$ref": "Operation"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "ListTensorFlowVersionsResponse": {
+      "description": "Response for ListTensorFlowVersions.",
+      "id": "ListTensorFlowVersionsResponse",
+      "properties": {
+        "nextPageToken": {
+          "description": "The next page token or empty if none.",
+          "type": "string"
+        },
+        "tensorflowVersions": {
+          "description": "The listed nodes.",
+          "items": {
+            "$ref": "TensorFlowVersion"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "Location": {
+      "description": "A resource that represents Google Cloud Platform location.",
+      "id": "Location",
+      "properties": {
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Cross-service attributes for the location. For example\n\n    {\"cloud.googleapis.com/region\": \"us-east1\"}",
+          "type": "object"
+        },
+        "locationId": {
+          "description": "The canonical id for this location. For example: `\"us-east1\"`.",
+          "type": "string"
+        },
+        "metadata": {
+          "additionalProperties": {
+            "description": "Properties of the object. Contains field @type with type URL.",
+            "type": "any"
+          },
+          "description": "Service-specific metadata. For example the available capacity at the given\nlocation.",
+          "type": "object"
+        },
+        "name": {
+          "description": "Resource name for the location, which may vary between implementations.\nFor example: `\"projects/example-project/locations/us-east1\"`",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "NetworkEndpoint": {
+      "description": "A network endpoint over which a TPU worker can be reached.",
+      "id": "NetworkEndpoint",
+      "properties": {
+        "ipAddress": {
+          "description": "The IP address of this network endpoint.",
+          "type": "string"
+        },
+        "port": {
+          "description": "The port of this network endpoint.",
+          "format": "int32",
+          "type": "integer"
+        }
+      },
+      "type": "object"
+    },
+    "Node": {
+      "description": "A TPU instance.",
+      "id": "Node",
+      "properties": {
+        "acceleratorType": {
+          "description": "The type of hardware accelerators associated with this node.\nRequired.",
+          "type": "string"
+        },
+        "cidrBlock": {
+          "description": "The CIDR block that the TPU node will use when selecting an IP address.\nThis CIDR block must be a /29 block; the Compute Engine networks API\nforbids a smaller block, and using a larger block would be wasteful (a\nnode can only consume one IP address). Errors will occur if the CIDR block\nhas already been used for a currently existing TPU node, the CIDR block\nconflicts with any subnetworks in the user's provided network, or the\nprovided network is peered with another network that is using that CIDR\nblock.\nRequired.",
+          "type": "string"
+        },
+        "createTime": {
+          "description": "Output only.\nThe time when the node was created.",
+          "format": "google-datetime",
+          "type": "string"
+        },
+        "description": {
+          "description": "The user-supplied description of the TPU. Maximum of 512 characters.",
+          "type": "string"
+        },
+        "health": {
+          "description": "The health status of the TPU node.",
+          "enum": [
+            "HEALTH_UNSPECIFIED",
+            "HEALTHY",
+            "UNHEALTHY",
+            "TIMEOUT"
+          ],
+          "enumDescriptions": [
+            "Health status is unknown: not initialized or failed to retrieve.",
+            "The resource is healthy.",
+            "The resource is unhealthy.",
+            "The resource is unresponsive."
+          ],
+          "type": "string"
+        },
+        "healthDescription": {
+          "description": "Output only.\nIf this field is populated, it contains a description of why the TPU Node\nis unhealthy.",
+          "type": "string"
+        },
+        "ipAddress": {
+          "description": "Output only.\nDEPRECATED! Use network_endpoints instead.\nThe network address for the TPU Node as visible to Compute Engine\ninstances.",
+          "type": "string"
+        },
+        "labels": {
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Resource labels to represent user-provided metadata.",
+          "type": "object"
+        },
+        "name": {
+          "description": "Output only.\nThe immutable name of the TPU",
+          "type": "string"
+        },
+        "network": {
+          "description": "The name of a network they wish to peer the TPU node to. It must be a\npreexisting Compute Engine network inside of the project on which this API\nhas been activated. If none is provided, \"default\" will be used.",
+          "type": "string"
+        },
+        "networkEndpoints": {
+          "description": "Output only. The network endpoints where TPU workers can be accessed and sent work.\nIt is recommended that Tensorflow clients of the node reach out to the 0th\nentry in this map first.",
+          "items": {
+            "$ref": "NetworkEndpoint"
+          },
+          "type": "array"
+        },
+        "port": {
+          "description": "Output only.\nDEPRECATED! Use network_endpoints instead.\nThe network port for the TPU Node as visible to Compute Engine instances.",
+          "type": "string"
+        },
+        "serviceAccount": {
+          "description": "Output only.\nThe service account used to run the tensor flow services within the node.\nTo share resources, including Google Cloud Storage data, with the\nTensorflow job running in the Node, this account must have permissions to\nthat data.",
+          "type": "string"
+        },
+        "state": {
+          "description": "Output only.\nThe current state for the TPU Node.",
+          "enum": [
+            "STATE_UNSPECIFIED",
+            "CREATING",
+            "READY",
+            "RESTARTING",
+            "REIMAGING",
+            "DELETING",
+            "REPAIRING",
+            "STOPPED"
+          ],
+          "enumDescriptions": [
+            "TPU node state is not known/set.",
+            "TPU node is being created.",
+            "TPU node has been created and is fully usable.",
+            "TPU node is restarting.",
+            "TPU node is undergoing reimaging.",
+            "TPU node is being deleted.",
+            "TPU node is being repaired and may be unusable. Details can be\nfound in the `help_description` field.",
+            "7 - Reserved. Was SUSPENDED.\nTPU node is stopped."
+          ],
+          "type": "string"
+        },
+        "tensorflowVersion": {
+          "description": "The version of Tensorflow running in the Node.\nRequired.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "Operation": {
+      "description": "This resource represents a long-running operation that is the result of a\nnetwork API call.",
+      "id": "Operation",
+      "properties": {
+        "done": {
+          "description": "If the value is `false`, it means the operation is still in progress.\nIf `true`, the operation is completed, and either `error` or `response` is\navailable.",
+          "type": "boolean"
+        },
+        "error": {
+          "$ref": "Status",
+          "description": "The error result of the operation in case of failure or cancellation."
+        },
+        "metadata": {
+          "additionalProperties": {
+            "description": "Properties of the object. Contains field @type with type URL.",
+            "type": "any"
+          },
+          "description": "Service-specific metadata associated with the operation.  It typically\ncontains progress information and common metadata such as create time.\nSome services might not provide such metadata.  Any method that returns a\nlong-running operation should document the metadata type, if any.",
+          "type": "object"
+        },
+        "name": {
+          "description": "The server-assigned name, which is only unique within the same service that\noriginally returns it. If you use the default HTTP mapping, the\n`name` should have the format of `operations/some/unique/name`.",
+          "type": "string"
+        },
+        "response": {
+          "additionalProperties": {
+            "description": "Properties of the object. Contains field @type with type URL.",
+            "type": "any"
+          },
+          "description": "The normal response of the operation in case of success.  If the original\nmethod returns no data on success, such as `Delete`, the response is\n`google.protobuf.Empty`.  If the original method is standard\n`Get`/`Create`/`Update`, the response should be the resource.  For other\nmethods, the response should have the type `XxxResponse`, where `Xxx`\nis the original method name.  For example, if the original method name\nis `TakeSnapshot()`, the inferred response type is\n`TakeSnapshotResponse`.",
+          "type": "object"
+        }
+      },
+      "type": "object"
+    },
+    "OperationMetadata": {
+      "description": "Represents the metadata of the long-running operation.",
+      "id": "OperationMetadata",
+      "properties": {
+        "apiVersion": {
+          "description": "[Output only] API version used to start the operation.",
+          "type": "string"
+        },
+        "cancelRequested": {
+          "description": "[Output only] Identifies whether the user has requested cancellation\nof the operation. Operations that have successfully been cancelled\nhave Operation.error value with a google.rpc.Status.code of 1,\ncorresponding to `Code.CANCELLED`.",
+          "type": "boolean"
+        },
+        "createTime": {
+          "description": "[Output only] The time the operation was created.",
+          "format": "google-datetime",
+          "type": "string"
+        },
+        "endTime": {
+          "description": "[Output only] The time the operation finished running.",
+          "format": "google-datetime",
+          "type": "string"
+        },
+        "statusDetail": {
+          "description": "[Output only] Human-readable status of the operation, if any.",
+          "type": "string"
+        },
+        "target": {
+          "description": "[Output only] Server-defined resource path for the target of the operation.",
+          "type": "string"
+        },
+        "verb": {
+          "description": "[Output only] Name of the verb executed by the operation.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ReimageNodeRequest": {
+      "description": "Request for ReimageNode.",
+      "id": "ReimageNodeRequest",
+      "properties": {
+        "tensorflowVersion": {
+          "description": "The version for reimage to create.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "ResetNodeRequest": {
+      "description": "Request for ResetNode.",
+      "id": "ResetNodeRequest",
+      "properties": {},
+      "type": "object"
+    },
+    "StartNodeRequest": {
+      "description": "Request for StartNode.",
+      "id": "StartNodeRequest",
+      "properties": {},
+      "type": "object"
+    },
+    "Status": {
+      "description": "The `Status` type defines a logical error model that is suitable for different\nprogramming environments, including REST APIs and RPC APIs. It is used by\n[gRPC](https://github.com/grpc). The error model is designed to be:\n\n- Simple to use and understand for most users\n- Flexible enough to meet unexpected needs\n\n# Overview\n\nThe `Status` message contains three pieces of data: error code, error message,\nand error details. The error code should be an enum value of\ngoogle.rpc.Code, but it may accept additional error codes if needed.  The\nerror message should be a developer-facing English message that helps\ndevelopers *understand* and *resolve* the error. If a localized user-facing\nerror message is needed, put the localized message in the error details or\nlocalize it in the client. The optional error details may contain arbitrary\ninformation about the error. There is a predefined set of error detail types\nin the package `google.rpc` that can be used for common error conditions.\n\n# Language mapping\n\nThe `Status` message is the logical representation of the error model, but it\nis not necessarily the actual wire format. When the `Status` message is\nexposed in different client libraries and different wire protocols, it can be\nmapped differently. For example, it will likely be mapped to some exceptions\nin Java, but more likely mapped to some error codes in C.\n\n# Other uses\n\nThe error model and the `Status` message can be used in a variety of\nenvironments, either with or without APIs, to provide a\nconsistent developer experience across different environments.\n\nExample uses of this error model include:\n\n- Partial errors. If a service needs to return partial errors to the client,\n    it may embed the `Status` in the normal response to indicate the partial\n    errors.\n\n- Workflow errors. A typical workflow has multiple steps. Each step may\n    have a `Status` message for error reporting.\n\n- Batch operations. If a client uses batch request and batch response, the\n    `Status` message should be used directly inside batch response, one for\n    each error sub-response.\n\n- Asynchronous operations. If an API call embeds asynchronous operation\n    results in its response, the status of those operations should be\n    represented directly using the `Status` message.\n\n- Logging. If some API errors are stored in logs, the message `Status` could\n    be used directly after any stripping needed for security/privacy reasons.",
+      "id": "Status",
+      "properties": {
+        "code": {
+          "description": "The status code, which should be an enum value of google.rpc.Code.",
+          "format": "int32",
+          "type": "integer"
+        },
+        "details": {
+          "description": "A list of messages that carry the error details.  There is a common set of\nmessage types for APIs to use.",
+          "items": {
+            "additionalProperties": {
+              "description": "Properties of the object. Contains field @type with type URL.",
+              "type": "any"
+            },
+            "type": "object"
+          },
+          "type": "array"
+        },
+        "message": {
+          "description": "A developer-facing error message, which should be in English. Any\nuser-facing error message should be localized and sent in the\ngoogle.rpc.Status.details field, or localized by the client.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "StopNodeRequest": {
+      "description": "Request for StopNode.",
+      "id": "StopNodeRequest",
+      "properties": {},
+      "type": "object"
+    },
+    "TensorFlowVersion": {
+      "description": "A tensorflow version that a Node can be configured with.",
+      "id": "TensorFlowVersion",
+      "properties": {
+        "name": {
+          "description": "The resource name.",
+          "type": "string"
+        },
+        "version": {
+          "description": "the tensorflow version.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    }
+  },
+  "servicePath": "",
+  "title": "Cloud TPU API",
+  "version": "v1alpha1",
+  "version_module": true
+}
\ No newline at end of file
diff --git a/vendor/google.golang.org/api/tpu/v1alpha1/tpu-gen.go b/vendor/google.golang.org/api/tpu/v1alpha1/tpu-gen.go
new file mode 100644
index 000000000000..84684fdf63b1
--- /dev/null
+++ b/vendor/google.golang.org/api/tpu/v1alpha1/tpu-gen.go
@@ -0,0 +1,3292 @@
+// Package tpu provides access to the Cloud TPU API.
+//
+// See https://cloud.google.com/tpu/
+//
+// Usage example:
+//
+//   import "google.golang.org/api/tpu/v1alpha1"
+//   ...
+//   tpuService, err := tpu.New(oauthHttpClient)
+package tpu
+
+import (
+	"bytes"
+	"encoding/json"
+	"errors"
+	"fmt"
+	context "golang.org/x/net/context"
+	ctxhttp "golang.org/x/net/context/ctxhttp"
+	gensupport "google.golang.org/api/gensupport"
+	googleapi "google.golang.org/api/googleapi"
+	"io"
+	"net/http"
+	"net/url"
+	"strconv"
+	"strings"
+)
+
+// Always reference these packages, just in case the auto-generated code
+// below doesn't.
+var _ = bytes.NewBuffer
+var _ = strconv.Itoa
+var _ = fmt.Sprintf
+var _ = json.NewDecoder
+var _ = io.Copy
+var _ = url.Parse
+var _ = gensupport.MarshalJSON
+var _ = googleapi.Version
+var _ = errors.New
+var _ = strings.Replace
+var _ = context.Canceled
+var _ = ctxhttp.Do
+
+const apiId = "tpu:v1alpha1"
+const apiName = "tpu"
+const apiVersion = "v1alpha1"
+const basePath = "https://tpu.googleapis.com/"
+
+// OAuth2 scopes used by this API.
+const (
+	// View and manage your data across Google Cloud Platform services
+	CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"
+)
+
+func New(client *http.Client) (*Service, error) {
+	if client == nil {
+		return nil, errors.New("client is nil")
+	}
+	s := &Service{client: client, BasePath: basePath}
+	s.Projects = NewProjectsService(s)
+	return s, nil
+}
+
+type Service struct {
+	client    *http.Client
+	BasePath  string // API endpoint base URL
+	UserAgent string // optional additional User-Agent fragment
+
+	Projects *ProjectsService
+}
+
+func (s *Service) userAgent() string {
+	if s.UserAgent == "" {
+		return googleapi.UserAgent
+	}
+	return googleapi.UserAgent + " " + s.UserAgent
+}
+
+func NewProjectsService(s *Service) *ProjectsService {
+	rs := &ProjectsService{s: s}
+	rs.Locations = NewProjectsLocationsService(s)
+	return rs
+}
+
+type ProjectsService struct {
+	s *Service
+
+	Locations *ProjectsLocationsService
+}
+
+func NewProjectsLocationsService(s *Service) *ProjectsLocationsService {
+	rs := &ProjectsLocationsService{s: s}
+	rs.Nodes = NewProjectsLocationsNodesService(s)
+	rs.Operations = NewProjectsLocationsOperationsService(s)
+	rs.TensorflowVersions = NewProjectsLocationsTensorflowVersionsService(s)
+	return rs
+}
+
+type ProjectsLocationsService struct {
+	s *Service
+
+	Nodes *ProjectsLocationsNodesService
+
+	Operations *ProjectsLocationsOperationsService
+
+	TensorflowVersions *ProjectsLocationsTensorflowVersionsService
+}
+
+func NewProjectsLocationsNodesService(s *Service) *ProjectsLocationsNodesService {
+	rs := &ProjectsLocationsNodesService{s: s}
+	return rs
+}
+
+type ProjectsLocationsNodesService struct {
+	s *Service
+}
+
+func NewProjectsLocationsOperationsService(s *Service) *ProjectsLocationsOperationsService {
+	rs := &ProjectsLocationsOperationsService{s: s}
+	return rs
+}
+
+type ProjectsLocationsOperationsService struct {
+	s *Service
+}
+
+func NewProjectsLocationsTensorflowVersionsService(s *Service) *ProjectsLocationsTensorflowVersionsService {
+	rs := &ProjectsLocationsTensorflowVersionsService{s: s}
+	return rs
+}
+
+type ProjectsLocationsTensorflowVersionsService struct {
+	s *Service
+}
+
+// Empty: A generic empty message that you can re-use to avoid defining
+// duplicated
+// empty messages in your APIs. A typical example is to use it as the
+// request
+// or the response type of an API method. For instance:
+//
+//     service Foo {
+//       rpc Bar(google.protobuf.Empty) returns
+// (google.protobuf.Empty);
+//     }
+//
+// The JSON representation for `Empty` is empty JSON object `{}`.
+type Empty struct {
+	// ServerResponse contains the HTTP response code and headers from the
+	// server.
+	googleapi.ServerResponse `json:"-"`
+}
+
+// ListLocationsResponse: The response message for
+// Locations.ListLocations.
+type ListLocationsResponse struct {
+	// Locations: A list of locations that matches the specified filter in
+	// the request.
+	Locations []*Location `json:"locations,omitempty"`
+
+	// NextPageToken: The standard List next-page token.
+	NextPageToken string `json:"nextPageToken,omitempty"`
+
+	// ServerResponse contains the HTTP response code and headers from the
+	// server.
+	googleapi.ServerResponse `json:"-"`
+
+	// ForceSendFields is a list of field names (e.g. "Locations") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Locations") to include in
+	// API requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *ListLocationsResponse) MarshalJSON() ([]byte, error) {
+	type NoMethod ListLocationsResponse
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// ListNodesResponse: Response for ListNodes.
+type ListNodesResponse struct {
+	// NextPageToken: The next page token or empty if none.
+	NextPageToken string `json:"nextPageToken,omitempty"`
+
+	// Nodes: The listed nodes.
+	Nodes []*Node `json:"nodes,omitempty"`
+
+	// ServerResponse contains the HTTP response code and headers from the
+	// server.
+	googleapi.ServerResponse `json:"-"`
+
+	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "NextPageToken") to include
+	// in API requests with the JSON null value. By default, fields with
+	// empty values are omitted from API requests. However, any field with
+	// an empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *ListNodesResponse) MarshalJSON() ([]byte, error) {
+	type NoMethod ListNodesResponse
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// ListOperationsResponse: The response message for
+// Operations.ListOperations.
+type ListOperationsResponse struct {
+	// NextPageToken: The standard List next-page token.
+	NextPageToken string `json:"nextPageToken,omitempty"`
+
+	// Operations: A list of operations that matches the specified filter in
+	// the request.
+	Operations []*Operation `json:"operations,omitempty"`
+
+	// ServerResponse contains the HTTP response code and headers from the
+	// server.
+	googleapi.ServerResponse `json:"-"`
+
+	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "NextPageToken") to include
+	// in API requests with the JSON null value. By default, fields with
+	// empty values are omitted from API requests. However, any field with
+	// an empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *ListOperationsResponse) MarshalJSON() ([]byte, error) {
+	type NoMethod ListOperationsResponse
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// ListTensorFlowVersionsResponse: Response for ListTensorFlowVersions.
+type ListTensorFlowVersionsResponse struct {
+	// NextPageToken: The next page token or empty if none.
+	NextPageToken string `json:"nextPageToken,omitempty"`
+
+	// TensorflowVersions: The listed nodes.
+	TensorflowVersions []*TensorFlowVersion `json:"tensorflowVersions,omitempty"`
+
+	// ServerResponse contains the HTTP response code and headers from the
+	// server.
+	googleapi.ServerResponse `json:"-"`
+
+	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "NextPageToken") to include
+	// in API requests with the JSON null value. By default, fields with
+	// empty values are omitted from API requests. However, any field with
+	// an empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *ListTensorFlowVersionsResponse) MarshalJSON() ([]byte, error) {
+	type NoMethod ListTensorFlowVersionsResponse
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// Location: A resource that represents Google Cloud Platform location.
+type Location struct {
+	// Labels: Cross-service attributes for the location. For example
+	//
+	//     {"cloud.googleapis.com/region": "us-east1"}
+	Labels map[string]string `json:"labels,omitempty"`
+
+	// LocationId: The canonical id for this location. For example:
+	// "us-east1".
+	LocationId string `json:"locationId,omitempty"`
+
+	// Metadata: Service-specific metadata. For example the available
+	// capacity at the given
+	// location.
+	Metadata googleapi.RawMessage `json:"metadata,omitempty"`
+
+	// Name: Resource name for the location, which may vary between
+	// implementations.
+	// For example: "projects/example-project/locations/us-east1"
+	Name string `json:"name,omitempty"`
+
+	// ServerResponse contains the HTTP response code and headers from the
+	// server.
+	googleapi.ServerResponse `json:"-"`
+
+	// ForceSendFields is a list of field names (e.g. "Labels") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Labels") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *Location) MarshalJSON() ([]byte, error) {
+	type NoMethod Location
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// NetworkEndpoint: A network endpoint over which a TPU worker can be
+// reached.
+type NetworkEndpoint struct {
+	// IpAddress: The IP address of this network endpoint.
+	IpAddress string `json:"ipAddress,omitempty"`
+
+	// Port: The port of this network endpoint.
+	Port int64 `json:"port,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "IpAddress") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "IpAddress") to include in
+	// API requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *NetworkEndpoint) MarshalJSON() ([]byte, error) {
+	type NoMethod NetworkEndpoint
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// Node: A TPU instance.
+type Node struct {
+	// AcceleratorType: The type of hardware accelerators associated with
+	// this node.
+	// Required.
+	AcceleratorType string `json:"acceleratorType,omitempty"`
+
+	// CidrBlock: The CIDR block that the TPU node will use when selecting
+	// an IP address.
+	// This CIDR block must be a /29 block; the Compute Engine networks
+	// API
+	// forbids a smaller block, and using a larger block would be wasteful
+	// (a
+	// node can only consume one IP address). Errors will occur if the CIDR
+	// block
+	// has already been used for a currently existing TPU node, the CIDR
+	// block
+	// conflicts with any subnetworks in the user's provided network, or
+	// the
+	// provided network is peered with another network that is using that
+	// CIDR
+	// block.
+	// Required.
+	CidrBlock string `json:"cidrBlock,omitempty"`
+
+	// CreateTime: Output only.
+	// The time when the node was created.
+	CreateTime string `json:"createTime,omitempty"`
+
+	// Description: The user-supplied description of the TPU. Maximum of 512
+	// characters.
+	Description string `json:"description,omitempty"`
+
+	// Health: The health status of the TPU node.
+	//
+	// Possible values:
+	//   "HEALTH_UNSPECIFIED" - Health status is unknown: not initialized or
+	// failed to retrieve.
+	//   "HEALTHY" - The resource is healthy.
+	//   "UNHEALTHY" - The resource is unhealthy.
+	//   "TIMEOUT" - The resource is unresponsive.
+	Health string `json:"health,omitempty"`
+
+	// HealthDescription: Output only.
+	// If this field is populated, it contains a description of why the TPU
+	// Node
+	// is unhealthy.
+	HealthDescription string `json:"healthDescription,omitempty"`
+
+	// IpAddress: Output only.
+	// DEPRECATED! Use network_endpoints instead.
+	// The network address for the TPU Node as visible to Compute
+	// Engine
+	// instances.
+	IpAddress string `json:"ipAddress,omitempty"`
+
+	// Labels: Resource labels to represent user-provided metadata.
+	Labels map[string]string `json:"labels,omitempty"`
+
+	// Name: Output only.
+	// The immutable name of the TPU
+	Name string `json:"name,omitempty"`
+
+	// Network: The name of a network they wish to peer the TPU node to. It
+	// must be a
+	// preexisting Compute Engine network inside of the project on which
+	// this API
+	// has been activated. If none is provided, "default" will be used.
+	Network string `json:"network,omitempty"`
+
+	// NetworkEndpoints: Output only. The network endpoints where TPU
+	// workers can be accessed and sent work.
+	// It is recommended that Tensorflow clients of the node reach out to
+	// the 0th
+	// entry in this map first.
+	NetworkEndpoints []*NetworkEndpoint `json:"networkEndpoints,omitempty"`
+
+	// Port: Output only.
+	// DEPRECATED! Use network_endpoints instead.
+	// The network port for the TPU Node as visible to Compute Engine
+	// instances.
+	Port string `json:"port,omitempty"`
+
+	// ServiceAccount: Output only.
+	// The service account used to run the tensor flow services within the
+	// node.
+	// To share resources, including Google Cloud Storage data, with
+	// the
+	// Tensorflow job running in the Node, this account must have
+	// permissions to
+	// that data.
+	ServiceAccount string `json:"serviceAccount,omitempty"`
+
+	// State: Output only.
+	// The current state for the TPU Node.
+	//
+	// Possible values:
+	//   "STATE_UNSPECIFIED" - TPU node state is not known/set.
+	//   "CREATING" - TPU node is being created.
+	//   "READY" - TPU node has been created and is fully usable.
+	//   "RESTARTING" - TPU node is restarting.
+	//   "REIMAGING" - TPU node is undergoing reimaging.
+	//   "DELETING" - TPU node is being deleted.
+	//   "REPAIRING" - TPU node is being repaired and may be unusable.
+	// Details can be
+	// found in the `help_description` field.
+	//   "STOPPED" - 7 - Reserved. Was SUSPENDED.
+	// TPU node is stopped.
+	State string `json:"state,omitempty"`
+
+	// TensorflowVersion: The version of Tensorflow running in the
+	// Node.
+	// Required.
+	TensorflowVersion string `json:"tensorflowVersion,omitempty"`
+
+	// ServerResponse contains the HTTP response code and headers from the
+	// server.
+	googleapi.ServerResponse `json:"-"`
+
+	// ForceSendFields is a list of field names (e.g. "AcceleratorType") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "AcceleratorType") to
+	// include in API requests with the JSON null value. By default, fields
+	// with empty values are omitted from API requests. However, any field
+	// with an empty value appearing in NullFields will be sent to the
+	// server as null. It is an error if a field in this list has a
+	// non-empty value. This may be used to include null fields in Patch
+	// requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *Node) MarshalJSON() ([]byte, error) {
+	type NoMethod Node
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// Operation: This resource represents a long-running operation that is
+// the result of a
+// network API call.
+type Operation struct {
+	// Done: If the value is `false`, it means the operation is still in
+	// progress.
+	// If `true`, the operation is completed, and either `error` or
+	// `response` is
+	// available.
+	Done bool `json:"done,omitempty"`
+
+	// Error: The error result of the operation in case of failure or
+	// cancellation.
+	Error *Status `json:"error,omitempty"`
+
+	// Metadata: Service-specific metadata associated with the operation.
+	// It typically
+	// contains progress information and common metadata such as create
+	// time.
+	// Some services might not provide such metadata.  Any method that
+	// returns a
+	// long-running operation should document the metadata type, if any.
+	Metadata googleapi.RawMessage `json:"metadata,omitempty"`
+
+	// Name: The server-assigned name, which is only unique within the same
+	// service that
+	// originally returns it. If you use the default HTTP mapping,
+	// the
+	// `name` should have the format of `operations/some/unique/name`.
+	Name string `json:"name,omitempty"`
+
+	// Response: The normal response of the operation in case of success.
+	// If the original
+	// method returns no data on success, such as `Delete`, the response
+	// is
+	// `google.protobuf.Empty`.  If the original method is
+	// standard
+	// `Get`/`Create`/`Update`, the response should be the resource.  For
+	// other
+	// methods, the response should have the type `XxxResponse`, where
+	// `Xxx`
+	// is the original method name.  For example, if the original method
+	// name
+	// is `TakeSnapshot()`, the inferred response type
+	// is
+	// `TakeSnapshotResponse`.
+	Response googleapi.RawMessage `json:"response,omitempty"`
+
+	// ServerResponse contains the HTTP response code and headers from the
+	// server.
+	googleapi.ServerResponse `json:"-"`
+
+	// ForceSendFields is a list of field names (e.g. "Done") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Done") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *Operation) MarshalJSON() ([]byte, error) {
+	type NoMethod Operation
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// OperationMetadata: Represents the metadata of the long-running
+// operation.
+type OperationMetadata struct {
+	// ApiVersion: [Output only] API version used to start the operation.
+	ApiVersion string `json:"apiVersion,omitempty"`
+
+	// CancelRequested: [Output only] Identifies whether the user has
+	// requested cancellation
+	// of the operation. Operations that have successfully been
+	// cancelled
+	// have Operation.error value with a google.rpc.Status.code of
+	// 1,
+	// corresponding to `Code.CANCELLED`.
+	CancelRequested bool `json:"cancelRequested,omitempty"`
+
+	// CreateTime: [Output only] The time the operation was created.
+	CreateTime string `json:"createTime,omitempty"`
+
+	// EndTime: [Output only] The time the operation finished running.
+	EndTime string `json:"endTime,omitempty"`
+
+	// StatusDetail: [Output only] Human-readable status of the operation,
+	// if any.
+	StatusDetail string `json:"statusDetail,omitempty"`
+
+	// Target: [Output only] Server-defined resource path for the target of
+	// the operation.
+	Target string `json:"target,omitempty"`
+
+	// Verb: [Output only] Name of the verb executed by the operation.
+	Verb string `json:"verb,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "ApiVersion") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "ApiVersion") to include in
+	// API requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *OperationMetadata) MarshalJSON() ([]byte, error) {
+	type NoMethod OperationMetadata
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// ReimageNodeRequest: Request for ReimageNode.
+type ReimageNodeRequest struct {
+	// TensorflowVersion: The version for reimage to create.
+	TensorflowVersion string `json:"tensorflowVersion,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "TensorflowVersion")
+	// to unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "TensorflowVersion") to
+	// include in API requests with the JSON null value. By default, fields
+	// with empty values are omitted from API requests. However, any field
+	// with an empty value appearing in NullFields will be sent to the
+	// server as null. It is an error if a field in this list has a
+	// non-empty value. This may be used to include null fields in Patch
+	// requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *ReimageNodeRequest) MarshalJSON() ([]byte, error) {
+	type NoMethod ReimageNodeRequest
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// ResetNodeRequest: Request for ResetNode.
+type ResetNodeRequest struct {
+}
+
+// StartNodeRequest: Request for StartNode.
+type StartNodeRequest struct {
+}
+
+// Status: The `Status` type defines a logical error model that is
+// suitable for different
+// programming environments, including REST APIs and RPC APIs. It is
+// used by
+// [gRPC](https://github.com/grpc). The error model is designed to
+// be:
+//
+// - Simple to use and understand for most users
+// - Flexible enough to meet unexpected needs
+//
+// # Overview
+//
+// The `Status` message contains three pieces of data: error code, error
+// message,
+// and error details. The error code should be an enum value
+// of
+// google.rpc.Code, but it may accept additional error codes if needed.
+// The
+// error message should be a developer-facing English message that
+// helps
+// developers *understand* and *resolve* the error. If a localized
+// user-facing
+// error message is needed, put the localized message in the error
+// details or
+// localize it in the client. The optional error details may contain
+// arbitrary
+// information about the error. There is a predefined set of error
+// detail types
+// in the package `google.rpc` that can be used for common error
+// conditions.
+//
+// # Language mapping
+//
+// The `Status` message is the logical representation of the error
+// model, but it
+// is not necessarily the actual wire format. When the `Status` message
+// is
+// exposed in different client libraries and different wire protocols,
+// it can be
+// mapped differently. For example, it will likely be mapped to some
+// exceptions
+// in Java, but more likely mapped to some error codes in C.
+//
+// # Other uses
+//
+// The error model and the `Status` message can be used in a variety
+// of
+// environments, either with or without APIs, to provide a
+// consistent developer experience across different
+// environments.
+//
+// Example uses of this error model include:
+//
+// - Partial errors. If a service needs to return partial errors to the
+// client,
+//     it may embed the `Status` in the normal response to indicate the
+// partial
+//     errors.
+//
+// - Workflow errors. A typical workflow has multiple steps. Each step
+// may
+//     have a `Status` message for error reporting.
+//
+// - Batch operations. If a client uses batch request and batch
+// response, the
+//     `Status` message should be used directly inside batch response,
+// one for
+//     each error sub-response.
+//
+// - Asynchronous operations. If an API call embeds asynchronous
+// operation
+//     results in its response, the status of those operations should
+// be
+//     represented directly using the `Status` message.
+//
+// - Logging. If some API errors are stored in logs, the message
+// `Status` could
+//     be used directly after any stripping needed for security/privacy
+// reasons.
+type Status struct {
+	// Code: The status code, which should be an enum value of
+	// google.rpc.Code.
+	Code int64 `json:"code,omitempty"`
+
+	// Details: A list of messages that carry the error details.  There is a
+	// common set of
+	// message types for APIs to use.
+	Details []googleapi.RawMessage `json:"details,omitempty"`
+
+	// Message: A developer-facing error message, which should be in
+	// English. Any
+	// user-facing error message should be localized and sent in
+	// the
+	// google.rpc.Status.details field, or localized by the client.
+	Message string `json:"message,omitempty"`
+
+	// ForceSendFields is a list of field names (e.g. "Code") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Code") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *Status) MarshalJSON() ([]byte, error) {
+	type NoMethod Status
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// StopNodeRequest: Request for StopNode.
+type StopNodeRequest struct {
+}
+
+// TensorFlowVersion: A tensorflow version that a Node can be configured
+// with.
+type TensorFlowVersion struct {
+	// Name: The resource name.
+	Name string `json:"name,omitempty"`
+
+	// Version: the tensorflow version.
+	Version string `json:"version,omitempty"`
+
+	// ServerResponse contains the HTTP response code and headers from the
+	// server.
+	googleapi.ServerResponse `json:"-"`
+
+	// ForceSendFields is a list of field names (e.g. "Name") to
+	// unconditionally include in API requests. By default, fields with
+	// empty values are omitted from API requests. However, any non-pointer,
+	// non-interface field appearing in ForceSendFields will be sent to the
+	// server regardless of whether the field is empty or not. This may be
+	// used to include empty fields in Patch requests.
+	ForceSendFields []string `json:"-"`
+
+	// NullFields is a list of field names (e.g. "Name") to include in API
+	// requests with the JSON null value. By default, fields with empty
+	// values are omitted from API requests. However, any field with an
+	// empty value appearing in NullFields will be sent to the server as
+	// null. It is an error if a field in this list has a non-empty value.
+	// This may be used to include null fields in Patch requests.
+	NullFields []string `json:"-"`
+}
+
+func (s *TensorFlowVersion) MarshalJSON() ([]byte, error) {
+	type NoMethod TensorFlowVersion
+	raw := NoMethod(*s)
+	return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
+}
+
+// method id "tpu.projects.locations.get":
+
+type ProjectsLocationsGetCall struct {
+	s            *Service
+	name         string
+	urlParams_   gensupport.URLParams
+	ifNoneMatch_ string
+	ctx_         context.Context
+	header_      http.Header
+}
+
+// Get: Get information about a location.
+func (r *ProjectsLocationsService) Get(name string) *ProjectsLocationsGetCall {
+	c := &ProjectsLocationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.name = name
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsLocationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsGetCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// IfNoneMatch sets the optional parameter which makes the operation
+// fail if the object's ETag matches the given value. This is useful for
+// getting updates only after the object has changed since the last
+// request. Use googleapi.IsNotModified to check whether the response
+// error from Do is the result of In-None-Match.
+func (c *ProjectsLocationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsGetCall {
+	c.ifNoneMatch_ = entityTag
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsLocationsGetCall) Context(ctx context.Context) *ProjectsLocationsGetCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsLocationsGetCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsLocationsGetCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	if c.ifNoneMatch_ != "" {
+		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
+	}
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha1/{+name}")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("GET", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"name": c.name,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "tpu.projects.locations.get" call.
+// Exactly one of *Location or error will be non-nil. Any non-2xx status
+// code is an error. Response headers are in either
+// *Location.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Location{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Get information about a location.",
+	//   "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}",
+	//   "httpMethod": "GET",
+	//   "id": "tpu.projects.locations.get",
+	//   "parameterOrder": [
+	//     "name"
+	//   ],
+	//   "parameters": {
+	//     "name": {
+	//       "description": "Resource name for the location.",
+	//       "location": "path",
+	//       "pattern": "^projects/[^/]+/locations/[^/]+$",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "v1alpha1/{+name}",
+	//   "response": {
+	//     "$ref": "Location"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform"
+	//   ]
+	// }
+
+}
+
+// method id "tpu.projects.locations.list":
+
+type ProjectsLocationsListCall struct {
+	s            *Service
+	name         string
+	urlParams_   gensupport.URLParams
+	ifNoneMatch_ string
+	ctx_         context.Context
+	header_      http.Header
+}
+
+// List: Lists information about the supported locations for this
+// service.
+func (r *ProjectsLocationsService) List(name string) *ProjectsLocationsListCall {
+	c := &ProjectsLocationsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.name = name
+	return c
+}
+
+// Filter sets the optional parameter "filter": The standard list
+// filter.
+func (c *ProjectsLocationsListCall) Filter(filter string) *ProjectsLocationsListCall {
+	c.urlParams_.Set("filter", filter)
+	return c
+}
+
+// PageSize sets the optional parameter "pageSize": The standard list
+// page size.
+func (c *ProjectsLocationsListCall) PageSize(pageSize int64) *ProjectsLocationsListCall {
+	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
+	return c
+}
+
+// PageToken sets the optional parameter "pageToken": The standard list
+// page token.
+func (c *ProjectsLocationsListCall) PageToken(pageToken string) *ProjectsLocationsListCall {
+	c.urlParams_.Set("pageToken", pageToken)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsLocationsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsListCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// IfNoneMatch sets the optional parameter which makes the operation
+// fail if the object's ETag matches the given value. This is useful for
+// getting updates only after the object has changed since the last
+// request. Use googleapi.IsNotModified to check whether the response
+// error from Do is the result of In-None-Match.
+func (c *ProjectsLocationsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsListCall {
+	c.ifNoneMatch_ = entityTag
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsLocationsListCall) Context(ctx context.Context) *ProjectsLocationsListCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsLocationsListCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsLocationsListCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	if c.ifNoneMatch_ != "" {
+		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
+	}
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha1/{+name}/locations")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("GET", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"name": c.name,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "tpu.projects.locations.list" call.
+// Exactly one of *ListLocationsResponse or error will be non-nil. Any
+// non-2xx status code is an error. Response headers are in either
+// *ListLocationsResponse.ServerResponse.Header or (if a response was
+// returned at all) in error.(*googleapi.Error).Header. Use
+// googleapi.IsNotModified to check whether the returned error was
+// because http.StatusNotModified was returned.
+func (c *ProjectsLocationsListCall) Do(opts ...googleapi.CallOption) (*ListLocationsResponse, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &ListLocationsResponse{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Lists information about the supported locations for this service.",
+	//   "flatPath": "v1alpha1/projects/{projectsId}/locations",
+	//   "httpMethod": "GET",
+	//   "id": "tpu.projects.locations.list",
+	//   "parameterOrder": [
+	//     "name"
+	//   ],
+	//   "parameters": {
+	//     "filter": {
+	//       "description": "The standard list filter.",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "name": {
+	//       "description": "The resource that owns the locations collection, if applicable.",
+	//       "location": "path",
+	//       "pattern": "^projects/[^/]+$",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "pageSize": {
+	//       "description": "The standard list page size.",
+	//       "format": "int32",
+	//       "location": "query",
+	//       "type": "integer"
+	//     },
+	//     "pageToken": {
+	//       "description": "The standard list page token.",
+	//       "location": "query",
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "v1alpha1/{+name}/locations",
+	//   "response": {
+	//     "$ref": "ListLocationsResponse"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform"
+	//   ]
+	// }
+
+}
+
+// Pages invokes f for each page of results.
+// A non-nil error returned from f will halt the iteration.
+// The provided context supersedes any context provided to the Context method.
+func (c *ProjectsLocationsListCall) Pages(ctx context.Context, f func(*ListLocationsResponse) error) error {
+	c.ctx_ = ctx
+	defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point
+	for {
+		x, err := c.Do()
+		if err != nil {
+			return err
+		}
+		if err := f(x); err != nil {
+			return err
+		}
+		if x.NextPageToken == "" {
+			return nil
+		}
+		c.PageToken(x.NextPageToken)
+	}
+}
+
+// method id "tpu.projects.locations.nodes.create":
+
+type ProjectsLocationsNodesCreateCall struct {
+	s          *Service
+	parent     string
+	node       *Node
+	urlParams_ gensupport.URLParams
+	ctx_       context.Context
+	header_    http.Header
+}
+
+// Create: Creates a node.
+func (r *ProjectsLocationsNodesService) Create(parent string, node *Node) *ProjectsLocationsNodesCreateCall {
+	c := &ProjectsLocationsNodesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.parent = parent
+	c.node = node
+	return c
+}
+
+// NodeId sets the optional parameter "nodeId": The unqualified resource
+// name.
+func (c *ProjectsLocationsNodesCreateCall) NodeId(nodeId string) *ProjectsLocationsNodesCreateCall {
+	c.urlParams_.Set("nodeId", nodeId)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsLocationsNodesCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsNodesCreateCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsLocationsNodesCreateCall) Context(ctx context.Context) *ProjectsLocationsNodesCreateCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsLocationsNodesCreateCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsLocationsNodesCreateCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.node)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha1/{+parent}/nodes")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"parent": c.parent,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "tpu.projects.locations.nodes.create" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *ProjectsLocationsNodesCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Creates a node.",
+	//   "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/nodes",
+	//   "httpMethod": "POST",
+	//   "id": "tpu.projects.locations.nodes.create",
+	//   "parameterOrder": [
+	//     "parent"
+	//   ],
+	//   "parameters": {
+	//     "nodeId": {
+	//       "description": "The unqualified resource name.",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "parent": {
+	//       "description": "The parent resource name.",
+	//       "location": "path",
+	//       "pattern": "^projects/[^/]+/locations/[^/]+$",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "v1alpha1/{+parent}/nodes",
+	//   "request": {
+	//     "$ref": "Node"
+	//   },
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform"
+	//   ]
+	// }
+
+}
+
+// method id "tpu.projects.locations.nodes.delete":
+
+type ProjectsLocationsNodesDeleteCall struct {
+	s          *Service
+	name       string
+	urlParams_ gensupport.URLParams
+	ctx_       context.Context
+	header_    http.Header
+}
+
+// Delete: Deletes a node.
+func (r *ProjectsLocationsNodesService) Delete(name string) *ProjectsLocationsNodesDeleteCall {
+	c := &ProjectsLocationsNodesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.name = name
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsLocationsNodesDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsNodesDeleteCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsLocationsNodesDeleteCall) Context(ctx context.Context) *ProjectsLocationsNodesDeleteCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsLocationsNodesDeleteCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsLocationsNodesDeleteCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha1/{+name}")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("DELETE", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"name": c.name,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "tpu.projects.locations.nodes.delete" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *ProjectsLocationsNodesDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Deletes a node.",
+	//   "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/nodes/{nodesId}",
+	//   "httpMethod": "DELETE",
+	//   "id": "tpu.projects.locations.nodes.delete",
+	//   "parameterOrder": [
+	//     "name"
+	//   ],
+	//   "parameters": {
+	//     "name": {
+	//       "description": "The resource name.",
+	//       "location": "path",
+	//       "pattern": "^projects/[^/]+/locations/[^/]+/nodes/[^/]+$",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "v1alpha1/{+name}",
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform"
+	//   ]
+	// }
+
+}
+
+// method id "tpu.projects.locations.nodes.get":
+
+type ProjectsLocationsNodesGetCall struct {
+	s            *Service
+	name         string
+	urlParams_   gensupport.URLParams
+	ifNoneMatch_ string
+	ctx_         context.Context
+	header_      http.Header
+}
+
+// Get: Gets the details of a node.
+func (r *ProjectsLocationsNodesService) Get(name string) *ProjectsLocationsNodesGetCall {
+	c := &ProjectsLocationsNodesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.name = name
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsLocationsNodesGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsNodesGetCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// IfNoneMatch sets the optional parameter which makes the operation
+// fail if the object's ETag matches the given value. This is useful for
+// getting updates only after the object has changed since the last
+// request. Use googleapi.IsNotModified to check whether the response
+// error from Do is the result of In-None-Match.
+func (c *ProjectsLocationsNodesGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsNodesGetCall {
+	c.ifNoneMatch_ = entityTag
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsLocationsNodesGetCall) Context(ctx context.Context) *ProjectsLocationsNodesGetCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsLocationsNodesGetCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsLocationsNodesGetCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	if c.ifNoneMatch_ != "" {
+		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
+	}
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha1/{+name}")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("GET", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"name": c.name,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "tpu.projects.locations.nodes.get" call.
+// Exactly one of *Node or error will be non-nil. Any non-2xx status
+// code is an error. Response headers are in either
+// *Node.ServerResponse.Header or (if a response was returned at all) in
+// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
+// whether the returned error was because http.StatusNotModified was
+// returned.
+func (c *ProjectsLocationsNodesGetCall) Do(opts ...googleapi.CallOption) (*Node, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Node{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Gets the details of a node.",
+	//   "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/nodes/{nodesId}",
+	//   "httpMethod": "GET",
+	//   "id": "tpu.projects.locations.nodes.get",
+	//   "parameterOrder": [
+	//     "name"
+	//   ],
+	//   "parameters": {
+	//     "name": {
+	//       "description": "The resource name.",
+	//       "location": "path",
+	//       "pattern": "^projects/[^/]+/locations/[^/]+/nodes/[^/]+$",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "v1alpha1/{+name}",
+	//   "response": {
+	//     "$ref": "Node"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform"
+	//   ]
+	// }
+
+}
+
+// method id "tpu.projects.locations.nodes.list":
+
+type ProjectsLocationsNodesListCall struct {
+	s            *Service
+	parent       string
+	urlParams_   gensupport.URLParams
+	ifNoneMatch_ string
+	ctx_         context.Context
+	header_      http.Header
+}
+
+// List: Lists nodes.
+func (r *ProjectsLocationsNodesService) List(parent string) *ProjectsLocationsNodesListCall {
+	c := &ProjectsLocationsNodesListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.parent = parent
+	return c
+}
+
+// PageSize sets the optional parameter "pageSize": The maximum number
+// of items to return.
+func (c *ProjectsLocationsNodesListCall) PageSize(pageSize int64) *ProjectsLocationsNodesListCall {
+	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
+	return c
+}
+
+// PageToken sets the optional parameter "pageToken": The
+// next_page_token value returned from a previous List request, if any.
+func (c *ProjectsLocationsNodesListCall) PageToken(pageToken string) *ProjectsLocationsNodesListCall {
+	c.urlParams_.Set("pageToken", pageToken)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsLocationsNodesListCall) Fields(s ...googleapi.Field) *ProjectsLocationsNodesListCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// IfNoneMatch sets the optional parameter which makes the operation
+// fail if the object's ETag matches the given value. This is useful for
+// getting updates only after the object has changed since the last
+// request. Use googleapi.IsNotModified to check whether the response
+// error from Do is the result of In-None-Match.
+func (c *ProjectsLocationsNodesListCall) IfNoneMatch(entityTag string) *ProjectsLocationsNodesListCall {
+	c.ifNoneMatch_ = entityTag
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsLocationsNodesListCall) Context(ctx context.Context) *ProjectsLocationsNodesListCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsLocationsNodesListCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsLocationsNodesListCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	if c.ifNoneMatch_ != "" {
+		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
+	}
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha1/{+parent}/nodes")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("GET", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"parent": c.parent,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "tpu.projects.locations.nodes.list" call.
+// Exactly one of *ListNodesResponse or error will be non-nil. Any
+// non-2xx status code is an error. Response headers are in either
+// *ListNodesResponse.ServerResponse.Header or (if a response was
+// returned at all) in error.(*googleapi.Error).Header. Use
+// googleapi.IsNotModified to check whether the returned error was
+// because http.StatusNotModified was returned.
+func (c *ProjectsLocationsNodesListCall) Do(opts ...googleapi.CallOption) (*ListNodesResponse, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &ListNodesResponse{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Lists nodes.",
+	//   "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/nodes",
+	//   "httpMethod": "GET",
+	//   "id": "tpu.projects.locations.nodes.list",
+	//   "parameterOrder": [
+	//     "parent"
+	//   ],
+	//   "parameters": {
+	//     "pageSize": {
+	//       "description": "The maximum number of items to return.",
+	//       "format": "int32",
+	//       "location": "query",
+	//       "type": "integer"
+	//     },
+	//     "pageToken": {
+	//       "description": "The next_page_token value returned from a previous List request, if any.",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "parent": {
+	//       "description": "The parent resource name.",
+	//       "location": "path",
+	//       "pattern": "^projects/[^/]+/locations/[^/]+$",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "v1alpha1/{+parent}/nodes",
+	//   "response": {
+	//     "$ref": "ListNodesResponse"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform"
+	//   ]
+	// }
+
+}
+
+// Pages invokes f for each page of results.
+// A non-nil error returned from f will halt the iteration.
+// The provided context supersedes any context provided to the Context method.
+func (c *ProjectsLocationsNodesListCall) Pages(ctx context.Context, f func(*ListNodesResponse) error) error {
+	c.ctx_ = ctx
+	defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point
+	for {
+		x, err := c.Do()
+		if err != nil {
+			return err
+		}
+		if err := f(x); err != nil {
+			return err
+		}
+		if x.NextPageToken == "" {
+			return nil
+		}
+		c.PageToken(x.NextPageToken)
+	}
+}
+
+// method id "tpu.projects.locations.nodes.reimage":
+
+type ProjectsLocationsNodesReimageCall struct {
+	s                  *Service
+	name               string
+	reimagenoderequest *ReimageNodeRequest
+	urlParams_         gensupport.URLParams
+	ctx_               context.Context
+	header_            http.Header
+}
+
+// Reimage: Reimages a node's OS.
+func (r *ProjectsLocationsNodesService) Reimage(name string, reimagenoderequest *ReimageNodeRequest) *ProjectsLocationsNodesReimageCall {
+	c := &ProjectsLocationsNodesReimageCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.name = name
+	c.reimagenoderequest = reimagenoderequest
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsLocationsNodesReimageCall) Fields(s ...googleapi.Field) *ProjectsLocationsNodesReimageCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsLocationsNodesReimageCall) Context(ctx context.Context) *ProjectsLocationsNodesReimageCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsLocationsNodesReimageCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsLocationsNodesReimageCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.reimagenoderequest)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha1/{+name}:reimage")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"name": c.name,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "tpu.projects.locations.nodes.reimage" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *ProjectsLocationsNodesReimageCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Reimages a node's OS.",
+	//   "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/nodes/{nodesId}:reimage",
+	//   "httpMethod": "POST",
+	//   "id": "tpu.projects.locations.nodes.reimage",
+	//   "parameterOrder": [
+	//     "name"
+	//   ],
+	//   "parameters": {
+	//     "name": {
+	//       "description": "The resource name.",
+	//       "location": "path",
+	//       "pattern": "^projects/[^/]+/locations/[^/]+/nodes/[^/]+$",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "v1alpha1/{+name}:reimage",
+	//   "request": {
+	//     "$ref": "ReimageNodeRequest"
+	//   },
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform"
+	//   ]
+	// }
+
+}
+
+// method id "tpu.projects.locations.nodes.reset":
+
+type ProjectsLocationsNodesResetCall struct {
+	s                *Service
+	name             string
+	resetnoderequest *ResetNodeRequest
+	urlParams_       gensupport.URLParams
+	ctx_             context.Context
+	header_          http.Header
+}
+
+// Reset: Resets a node, which stops and starts the VM.
+func (r *ProjectsLocationsNodesService) Reset(name string, resetnoderequest *ResetNodeRequest) *ProjectsLocationsNodesResetCall {
+	c := &ProjectsLocationsNodesResetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.name = name
+	c.resetnoderequest = resetnoderequest
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsLocationsNodesResetCall) Fields(s ...googleapi.Field) *ProjectsLocationsNodesResetCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsLocationsNodesResetCall) Context(ctx context.Context) *ProjectsLocationsNodesResetCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsLocationsNodesResetCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsLocationsNodesResetCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.resetnoderequest)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha1/{+name}:reset")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"name": c.name,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "tpu.projects.locations.nodes.reset" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *ProjectsLocationsNodesResetCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Resets a node, which stops and starts the VM.",
+	//   "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/nodes/{nodesId}:reset",
+	//   "httpMethod": "POST",
+	//   "id": "tpu.projects.locations.nodes.reset",
+	//   "parameterOrder": [
+	//     "name"
+	//   ],
+	//   "parameters": {
+	//     "name": {
+	//       "description": "The resource name.",
+	//       "location": "path",
+	//       "pattern": "^projects/[^/]+/locations/[^/]+/nodes/[^/]+$",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "v1alpha1/{+name}:reset",
+	//   "request": {
+	//     "$ref": "ResetNodeRequest"
+	//   },
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform"
+	//   ]
+	// }
+
+}
+
+// method id "tpu.projects.locations.nodes.start":
+
+type ProjectsLocationsNodesStartCall struct {
+	s                *Service
+	name             string
+	startnoderequest *StartNodeRequest
+	urlParams_       gensupport.URLParams
+	ctx_             context.Context
+	header_          http.Header
+}
+
+// Start: Starts a node.
+func (r *ProjectsLocationsNodesService) Start(name string, startnoderequest *StartNodeRequest) *ProjectsLocationsNodesStartCall {
+	c := &ProjectsLocationsNodesStartCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.name = name
+	c.startnoderequest = startnoderequest
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsLocationsNodesStartCall) Fields(s ...googleapi.Field) *ProjectsLocationsNodesStartCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsLocationsNodesStartCall) Context(ctx context.Context) *ProjectsLocationsNodesStartCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsLocationsNodesStartCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsLocationsNodesStartCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.startnoderequest)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha1/{+name}:start")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"name": c.name,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "tpu.projects.locations.nodes.start" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *ProjectsLocationsNodesStartCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Starts a node.",
+	//   "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/nodes/{nodesId}:start",
+	//   "httpMethod": "POST",
+	//   "id": "tpu.projects.locations.nodes.start",
+	//   "parameterOrder": [
+	//     "name"
+	//   ],
+	//   "parameters": {
+	//     "name": {
+	//       "description": "The resource name.",
+	//       "location": "path",
+	//       "pattern": "^projects/[^/]+/locations/[^/]+/nodes/[^/]+$",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "v1alpha1/{+name}:start",
+	//   "request": {
+	//     "$ref": "StartNodeRequest"
+	//   },
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform"
+	//   ]
+	// }
+
+}
+
+// method id "tpu.projects.locations.nodes.stop":
+
+type ProjectsLocationsNodesStopCall struct {
+	s               *Service
+	name            string
+	stopnoderequest *StopNodeRequest
+	urlParams_      gensupport.URLParams
+	ctx_            context.Context
+	header_         http.Header
+}
+
+// Stop: Stops a node.
+func (r *ProjectsLocationsNodesService) Stop(name string, stopnoderequest *StopNodeRequest) *ProjectsLocationsNodesStopCall {
+	c := &ProjectsLocationsNodesStopCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.name = name
+	c.stopnoderequest = stopnoderequest
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsLocationsNodesStopCall) Fields(s ...googleapi.Field) *ProjectsLocationsNodesStopCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsLocationsNodesStopCall) Context(ctx context.Context) *ProjectsLocationsNodesStopCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsLocationsNodesStopCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsLocationsNodesStopCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	body, err := googleapi.WithoutDataWrapper.JSONReader(c.stopnoderequest)
+	if err != nil {
+		return nil, err
+	}
+	reqHeaders.Set("Content-Type", "application/json")
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha1/{+name}:stop")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"name": c.name,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "tpu.projects.locations.nodes.stop" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *ProjectsLocationsNodesStopCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Stops a node.",
+	//   "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/nodes/{nodesId}:stop",
+	//   "httpMethod": "POST",
+	//   "id": "tpu.projects.locations.nodes.stop",
+	//   "parameterOrder": [
+	//     "name"
+	//   ],
+	//   "parameters": {
+	//     "name": {
+	//       "description": "The resource name.",
+	//       "location": "path",
+	//       "pattern": "^projects/[^/]+/locations/[^/]+/nodes/[^/]+$",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "v1alpha1/{+name}:stop",
+	//   "request": {
+	//     "$ref": "StopNodeRequest"
+	//   },
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform"
+	//   ]
+	// }
+
+}
+
+// method id "tpu.projects.locations.operations.cancel":
+
+type ProjectsLocationsOperationsCancelCall struct {
+	s          *Service
+	name       string
+	urlParams_ gensupport.URLParams
+	ctx_       context.Context
+	header_    http.Header
+}
+
+// Cancel: Starts asynchronous cancellation on a long-running operation.
+//  The server
+// makes a best effort to cancel the operation, but success is
+// not
+// guaranteed.  If the server doesn't support this method, it
+// returns
+// `google.rpc.Code.UNIMPLEMENTED`.  Clients can
+// use
+// Operations.GetOperation or
+// other methods to check whether the cancellation succeeded or whether
+// the
+// operation completed despite cancellation. On successful
+// cancellation,
+// the operation is not deleted; instead, it becomes an operation
+// with
+// an Operation.error value with a google.rpc.Status.code of
+// 1,
+// corresponding to `Code.CANCELLED`.
+func (r *ProjectsLocationsOperationsService) Cancel(name string) *ProjectsLocationsOperationsCancelCall {
+	c := &ProjectsLocationsOperationsCancelCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.name = name
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsLocationsOperationsCancelCall) Fields(s ...googleapi.Field) *ProjectsLocationsOperationsCancelCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsLocationsOperationsCancelCall) Context(ctx context.Context) *ProjectsLocationsOperationsCancelCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsLocationsOperationsCancelCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsLocationsOperationsCancelCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha1/{+name}:cancel")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("POST", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"name": c.name,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "tpu.projects.locations.operations.cancel" call.
+// Exactly one of *Empty or error will be non-nil. Any non-2xx status
+// code is an error. Response headers are in either
+// *Empty.ServerResponse.Header or (if a response was returned at all)
+// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
+// check whether the returned error was because http.StatusNotModified
+// was returned.
+func (c *ProjectsLocationsOperationsCancelCall) Do(opts ...googleapi.CallOption) (*Empty, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Empty{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Starts asynchronous cancellation on a long-running operation.  The server\nmakes a best effort to cancel the operation, but success is not\nguaranteed.  If the server doesn't support this method, it returns\n`google.rpc.Code.UNIMPLEMENTED`.  Clients can use\nOperations.GetOperation or\nother methods to check whether the cancellation succeeded or whether the\noperation completed despite cancellation. On successful cancellation,\nthe operation is not deleted; instead, it becomes an operation with\nan Operation.error value with a google.rpc.Status.code of 1,\ncorresponding to `Code.CANCELLED`.",
+	//   "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}:cancel",
+	//   "httpMethod": "POST",
+	//   "id": "tpu.projects.locations.operations.cancel",
+	//   "parameterOrder": [
+	//     "name"
+	//   ],
+	//   "parameters": {
+	//     "name": {
+	//       "description": "The name of the operation resource to be cancelled.",
+	//       "location": "path",
+	//       "pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "v1alpha1/{+name}:cancel",
+	//   "response": {
+	//     "$ref": "Empty"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform"
+	//   ]
+	// }
+
+}
+
+// method id "tpu.projects.locations.operations.delete":
+
+type ProjectsLocationsOperationsDeleteCall struct {
+	s          *Service
+	name       string
+	urlParams_ gensupport.URLParams
+	ctx_       context.Context
+	header_    http.Header
+}
+
+// Delete: Deletes a long-running operation. This method indicates that
+// the client is
+// no longer interested in the operation result. It does not cancel
+// the
+// operation. If the server doesn't support this method, it
+// returns
+// `google.rpc.Code.UNIMPLEMENTED`.
+func (r *ProjectsLocationsOperationsService) Delete(name string) *ProjectsLocationsOperationsDeleteCall {
+	c := &ProjectsLocationsOperationsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.name = name
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsLocationsOperationsDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsOperationsDeleteCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsLocationsOperationsDeleteCall) Context(ctx context.Context) *ProjectsLocationsOperationsDeleteCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsLocationsOperationsDeleteCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsLocationsOperationsDeleteCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha1/{+name}")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("DELETE", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"name": c.name,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "tpu.projects.locations.operations.delete" call.
+// Exactly one of *Empty or error will be non-nil. Any non-2xx status
+// code is an error. Response headers are in either
+// *Empty.ServerResponse.Header or (if a response was returned at all)
+// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
+// check whether the returned error was because http.StatusNotModified
+// was returned.
+func (c *ProjectsLocationsOperationsDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Empty{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Deletes a long-running operation. This method indicates that the client is\nno longer interested in the operation result. It does not cancel the\noperation. If the server doesn't support this method, it returns\n`google.rpc.Code.UNIMPLEMENTED`.",
+	//   "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}",
+	//   "httpMethod": "DELETE",
+	//   "id": "tpu.projects.locations.operations.delete",
+	//   "parameterOrder": [
+	//     "name"
+	//   ],
+	//   "parameters": {
+	//     "name": {
+	//       "description": "The name of the operation resource to be deleted.",
+	//       "location": "path",
+	//       "pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "v1alpha1/{+name}",
+	//   "response": {
+	//     "$ref": "Empty"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform"
+	//   ]
+	// }
+
+}
+
+// method id "tpu.projects.locations.operations.get":
+
+type ProjectsLocationsOperationsGetCall struct {
+	s            *Service
+	name         string
+	urlParams_   gensupport.URLParams
+	ifNoneMatch_ string
+	ctx_         context.Context
+	header_      http.Header
+}
+
+// Get: Gets the latest state of a long-running operation.  Clients can
+// use this
+// method to poll the operation result at intervals as recommended by
+// the API
+// service.
+func (r *ProjectsLocationsOperationsService) Get(name string) *ProjectsLocationsOperationsGetCall {
+	c := &ProjectsLocationsOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.name = name
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsLocationsOperationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsOperationsGetCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// IfNoneMatch sets the optional parameter which makes the operation
+// fail if the object's ETag matches the given value. This is useful for
+// getting updates only after the object has changed since the last
+// request. Use googleapi.IsNotModified to check whether the response
+// error from Do is the result of In-None-Match.
+func (c *ProjectsLocationsOperationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsOperationsGetCall {
+	c.ifNoneMatch_ = entityTag
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsLocationsOperationsGetCall) Context(ctx context.Context) *ProjectsLocationsOperationsGetCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsLocationsOperationsGetCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsLocationsOperationsGetCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	if c.ifNoneMatch_ != "" {
+		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
+	}
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha1/{+name}")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("GET", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"name": c.name,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "tpu.projects.locations.operations.get" call.
+// Exactly one of *Operation or error will be non-nil. Any non-2xx
+// status code is an error. Response headers are in either
+// *Operation.ServerResponse.Header or (if a response was returned at
+// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified
+// to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *ProjectsLocationsOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &Operation{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Gets the latest state of a long-running operation.  Clients can use this\nmethod to poll the operation result at intervals as recommended by the API\nservice.",
+	//   "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/operations/{operationsId}",
+	//   "httpMethod": "GET",
+	//   "id": "tpu.projects.locations.operations.get",
+	//   "parameterOrder": [
+	//     "name"
+	//   ],
+	//   "parameters": {
+	//     "name": {
+	//       "description": "The name of the operation resource.",
+	//       "location": "path",
+	//       "pattern": "^projects/[^/]+/locations/[^/]+/operations/[^/]+$",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "v1alpha1/{+name}",
+	//   "response": {
+	//     "$ref": "Operation"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform"
+	//   ]
+	// }
+
+}
+
+// method id "tpu.projects.locations.operations.list":
+
+type ProjectsLocationsOperationsListCall struct {
+	s            *Service
+	name         string
+	urlParams_   gensupport.URLParams
+	ifNoneMatch_ string
+	ctx_         context.Context
+	header_      http.Header
+}
+
+// List: Lists operations that match the specified filter in the
+// request. If the
+// server doesn't support this method, it returns
+// `UNIMPLEMENTED`.
+//
+// NOTE: the `name` binding allows API services to override the
+// binding
+// to use different resource name schemes, such as `users/*/operations`.
+// To
+// override the binding, API services can add a binding such
+// as
+// "/v1/{name=users/*}/operations" to their service configuration.
+// For backwards compatibility, the default name includes the
+// operations
+// collection id, however overriding users must ensure the name
+// binding
+// is the parent resource, without the operations collection id.
+func (r *ProjectsLocationsOperationsService) List(name string) *ProjectsLocationsOperationsListCall {
+	c := &ProjectsLocationsOperationsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.name = name
+	return c
+}
+
+// Filter sets the optional parameter "filter": The standard list
+// filter.
+func (c *ProjectsLocationsOperationsListCall) Filter(filter string) *ProjectsLocationsOperationsListCall {
+	c.urlParams_.Set("filter", filter)
+	return c
+}
+
+// PageSize sets the optional parameter "pageSize": The standard list
+// page size.
+func (c *ProjectsLocationsOperationsListCall) PageSize(pageSize int64) *ProjectsLocationsOperationsListCall {
+	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
+	return c
+}
+
+// PageToken sets the optional parameter "pageToken": The standard list
+// page token.
+func (c *ProjectsLocationsOperationsListCall) PageToken(pageToken string) *ProjectsLocationsOperationsListCall {
+	c.urlParams_.Set("pageToken", pageToken)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsLocationsOperationsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsOperationsListCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// IfNoneMatch sets the optional parameter which makes the operation
+// fail if the object's ETag matches the given value. This is useful for
+// getting updates only after the object has changed since the last
+// request. Use googleapi.IsNotModified to check whether the response
+// error from Do is the result of In-None-Match.
+func (c *ProjectsLocationsOperationsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsOperationsListCall {
+	c.ifNoneMatch_ = entityTag
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsLocationsOperationsListCall) Context(ctx context.Context) *ProjectsLocationsOperationsListCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsLocationsOperationsListCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsLocationsOperationsListCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	if c.ifNoneMatch_ != "" {
+		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
+	}
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha1/{+name}/operations")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("GET", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"name": c.name,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "tpu.projects.locations.operations.list" call.
+// Exactly one of *ListOperationsResponse or error will be non-nil. Any
+// non-2xx status code is an error. Response headers are in either
+// *ListOperationsResponse.ServerResponse.Header or (if a response was
+// returned at all) in error.(*googleapi.Error).Header. Use
+// googleapi.IsNotModified to check whether the returned error was
+// because http.StatusNotModified was returned.
+func (c *ProjectsLocationsOperationsListCall) Do(opts ...googleapi.CallOption) (*ListOperationsResponse, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &ListOperationsResponse{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Lists operations that match the specified filter in the request. If the\nserver doesn't support this method, it returns `UNIMPLEMENTED`.\n\nNOTE: the `name` binding allows API services to override the binding\nto use different resource name schemes, such as `users/*/operations`. To\noverride the binding, API services can add a binding such as\n`\"/v1/{name=users/*}/operations\"` to their service configuration.\nFor backwards compatibility, the default name includes the operations\ncollection id, however overriding users must ensure the name binding\nis the parent resource, without the operations collection id.",
+	//   "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/operations",
+	//   "httpMethod": "GET",
+	//   "id": "tpu.projects.locations.operations.list",
+	//   "parameterOrder": [
+	//     "name"
+	//   ],
+	//   "parameters": {
+	//     "filter": {
+	//       "description": "The standard list filter.",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "name": {
+	//       "description": "The name of the operation's parent resource.",
+	//       "location": "path",
+	//       "pattern": "^projects/[^/]+/locations/[^/]+$",
+	//       "required": true,
+	//       "type": "string"
+	//     },
+	//     "pageSize": {
+	//       "description": "The standard list page size.",
+	//       "format": "int32",
+	//       "location": "query",
+	//       "type": "integer"
+	//     },
+	//     "pageToken": {
+	//       "description": "The standard list page token.",
+	//       "location": "query",
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "v1alpha1/{+name}/operations",
+	//   "response": {
+	//     "$ref": "ListOperationsResponse"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform"
+	//   ]
+	// }
+
+}
+
+// Pages invokes f for each page of results.
+// A non-nil error returned from f will halt the iteration.
+// The provided context supersedes any context provided to the Context method.
+func (c *ProjectsLocationsOperationsListCall) Pages(ctx context.Context, f func(*ListOperationsResponse) error) error {
+	c.ctx_ = ctx
+	defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point
+	for {
+		x, err := c.Do()
+		if err != nil {
+			return err
+		}
+		if err := f(x); err != nil {
+			return err
+		}
+		if x.NextPageToken == "" {
+			return nil
+		}
+		c.PageToken(x.NextPageToken)
+	}
+}
+
+// method id "tpu.projects.locations.tensorflowVersions.get":
+
+type ProjectsLocationsTensorflowVersionsGetCall struct {
+	s            *Service
+	name         string
+	urlParams_   gensupport.URLParams
+	ifNoneMatch_ string
+	ctx_         context.Context
+	header_      http.Header
+}
+
+// Get: Gets TensorFlow Version.
+func (r *ProjectsLocationsTensorflowVersionsService) Get(name string) *ProjectsLocationsTensorflowVersionsGetCall {
+	c := &ProjectsLocationsTensorflowVersionsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.name = name
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsLocationsTensorflowVersionsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsTensorflowVersionsGetCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// IfNoneMatch sets the optional parameter which makes the operation
+// fail if the object's ETag matches the given value. This is useful for
+// getting updates only after the object has changed since the last
+// request. Use googleapi.IsNotModified to check whether the response
+// error from Do is the result of In-None-Match.
+func (c *ProjectsLocationsTensorflowVersionsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsTensorflowVersionsGetCall {
+	c.ifNoneMatch_ = entityTag
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsLocationsTensorflowVersionsGetCall) Context(ctx context.Context) *ProjectsLocationsTensorflowVersionsGetCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsLocationsTensorflowVersionsGetCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsLocationsTensorflowVersionsGetCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	if c.ifNoneMatch_ != "" {
+		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
+	}
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha1/{+name}")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("GET", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"name": c.name,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "tpu.projects.locations.tensorflowVersions.get" call.
+// Exactly one of *TensorFlowVersion or error will be non-nil. Any
+// non-2xx status code is an error. Response headers are in either
+// *TensorFlowVersion.ServerResponse.Header or (if a response was
+// returned at all) in error.(*googleapi.Error).Header. Use
+// googleapi.IsNotModified to check whether the returned error was
+// because http.StatusNotModified was returned.
+func (c *ProjectsLocationsTensorflowVersionsGetCall) Do(opts ...googleapi.CallOption) (*TensorFlowVersion, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &TensorFlowVersion{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Gets TensorFlow Version.",
+	//   "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/tensorflowVersions/{tensorflowVersionsId}",
+	//   "httpMethod": "GET",
+	//   "id": "tpu.projects.locations.tensorflowVersions.get",
+	//   "parameterOrder": [
+	//     "name"
+	//   ],
+	//   "parameters": {
+	//     "name": {
+	//       "description": "The resource name.",
+	//       "location": "path",
+	//       "pattern": "^projects/[^/]+/locations/[^/]+/tensorflowVersions/[^/]+$",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "v1alpha1/{+name}",
+	//   "response": {
+	//     "$ref": "TensorFlowVersion"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform"
+	//   ]
+	// }
+
+}
+
+// method id "tpu.projects.locations.tensorflowVersions.list":
+
+type ProjectsLocationsTensorflowVersionsListCall struct {
+	s            *Service
+	parent       string
+	urlParams_   gensupport.URLParams
+	ifNoneMatch_ string
+	ctx_         context.Context
+	header_      http.Header
+}
+
+// List: Lists TensorFlow versions supported by this API.
+func (r *ProjectsLocationsTensorflowVersionsService) List(parent string) *ProjectsLocationsTensorflowVersionsListCall {
+	c := &ProjectsLocationsTensorflowVersionsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.parent = parent
+	return c
+}
+
+// Filter sets the optional parameter "filter": List filter.
+func (c *ProjectsLocationsTensorflowVersionsListCall) Filter(filter string) *ProjectsLocationsTensorflowVersionsListCall {
+	c.urlParams_.Set("filter", filter)
+	return c
+}
+
+// OrderBy sets the optional parameter "orderBy": Sort results.
+func (c *ProjectsLocationsTensorflowVersionsListCall) OrderBy(orderBy string) *ProjectsLocationsTensorflowVersionsListCall {
+	c.urlParams_.Set("orderBy", orderBy)
+	return c
+}
+
+// PageSize sets the optional parameter "pageSize": The maximum number
+// of items to return.
+func (c *ProjectsLocationsTensorflowVersionsListCall) PageSize(pageSize int64) *ProjectsLocationsTensorflowVersionsListCall {
+	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
+	return c
+}
+
+// PageToken sets the optional parameter "pageToken": The
+// next_page_token value returned from a previous List request, if any.
+func (c *ProjectsLocationsTensorflowVersionsListCall) PageToken(pageToken string) *ProjectsLocationsTensorflowVersionsListCall {
+	c.urlParams_.Set("pageToken", pageToken)
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
+// for more information.
+func (c *ProjectsLocationsTensorflowVersionsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsTensorflowVersionsListCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// IfNoneMatch sets the optional parameter which makes the operation
+// fail if the object's ETag matches the given value. This is useful for
+// getting updates only after the object has changed since the last
+// request. Use googleapi.IsNotModified to check whether the response
+// error from Do is the result of In-None-Match.
+func (c *ProjectsLocationsTensorflowVersionsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsTensorflowVersionsListCall {
+	c.ifNoneMatch_ = entityTag
+	return c
+}
+
+// Context sets the context to be used in this call's Do method. Any
+// pending HTTP request will be aborted if the provided context is
+// canceled.
+func (c *ProjectsLocationsTensorflowVersionsListCall) Context(ctx context.Context) *ProjectsLocationsTensorflowVersionsListCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns an http.Header that can be modified by the caller to
+// add HTTP headers to the request.
+func (c *ProjectsLocationsTensorflowVersionsListCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsLocationsTensorflowVersionsListCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := make(http.Header)
+	for k, v := range c.header_ {
+		reqHeaders[k] = v
+	}
+	reqHeaders.Set("User-Agent", c.s.userAgent())
+	if c.ifNoneMatch_ != "" {
+		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
+	}
+	var body io.Reader = nil
+	c.urlParams_.Set("alt", alt)
+	urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha1/{+parent}/tensorflowVersions")
+	urls += "?" + c.urlParams_.Encode()
+	req, _ := http.NewRequest("GET", urls, body)
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"parent": c.parent,
+	})
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "tpu.projects.locations.tensorflowVersions.list" call.
+// Exactly one of *ListTensorFlowVersionsResponse or error will be
+// non-nil. Any non-2xx status code is an error. Response headers are in
+// either *ListTensorFlowVersionsResponse.ServerResponse.Header or (if a
+// response was returned at all) in error.(*googleapi.Error).Header. Use
+// googleapi.IsNotModified to check whether the returned error was
+// because http.StatusNotModified was returned.
+func (c *ProjectsLocationsTensorflowVersionsListCall) Do(opts ...googleapi.CallOption) (*ListTensorFlowVersionsResponse, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, &googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		}
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, err
+	}
+	ret := &ListTensorFlowVersionsResponse{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	if err := gensupport.DecodeResponse(target, res); err != nil {
+		return nil, err
+	}
+	return ret, nil
+	// {
+	//   "description": "Lists TensorFlow versions supported by this API.",
+	//   "flatPath": "v1alpha1/projects/{projectsId}/locations/{locationsId}/tensorflowVersions",
+	//   "httpMethod": "GET",
+	//   "id": "tpu.projects.locations.tensorflowVersions.list",
+	//   "parameterOrder": [
+	//     "parent"
+	//   ],
+	//   "parameters": {
+	//     "filter": {
+	//       "description": "List filter.",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "orderBy": {
+	//       "description": "Sort results.",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "pageSize": {
+	//       "description": "The maximum number of items to return.",
+	//       "format": "int32",
+	//       "location": "query",
+	//       "type": "integer"
+	//     },
+	//     "pageToken": {
+	//       "description": "The next_page_token value returned from a previous List request, if any.",
+	//       "location": "query",
+	//       "type": "string"
+	//     },
+	//     "parent": {
+	//       "description": "The parent resource name.",
+	//       "location": "path",
+	//       "pattern": "^projects/[^/]+/locations/[^/]+$",
+	//       "required": true,
+	//       "type": "string"
+	//     }
+	//   },
+	//   "path": "v1alpha1/{+parent}/tensorflowVersions",
+	//   "response": {
+	//     "$ref": "ListTensorFlowVersionsResponse"
+	//   },
+	//   "scopes": [
+	//     "https://www.googleapis.com/auth/cloud-platform"
+	//   ]
+	// }
+
+}
+
+// Pages invokes f for each page of results.
+// A non-nil error returned from f will halt the iteration.
+// The provided context supersedes any context provided to the Context method.
+func (c *ProjectsLocationsTensorflowVersionsListCall) Pages(ctx context.Context, f func(*ListTensorFlowVersionsResponse) error) error {
+	c.ctx_ = ctx
+	defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point
+	for {
+		x, err := c.Do()
+		if err != nil {
+			return err
+		}
+		if err := f(x); err != nil {
+			return err
+		}
+		if x.NextPageToken == "" {
+			return nil
+		}
+		c.PageToken(x.NextPageToken)
+	}
+}
diff --git a/vendor/google.golang.org/genproto/googleapis/api/annotations/annotations.pb.go b/vendor/google.golang.org/genproto/googleapis/api/annotations/annotations.pb.go
new file mode 100644
index 000000000000..53d57f67a53e
--- /dev/null
+++ b/vendor/google.golang.org/genproto/googleapis/api/annotations/annotations.pb.go
@@ -0,0 +1,64 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// source: google/api/annotations.proto
+
+/*
+Package annotations is a generated protocol buffer package.
+
+It is generated from these files:
+	google/api/annotations.proto
+	google/api/http.proto
+
+It has these top-level messages:
+	Http
+	HttpRule
+	CustomHttpPattern
+*/
+package annotations
+
+import proto "github.com/golang/protobuf/proto"
+import fmt "fmt"
+import math "math"
+import google_protobuf "github.com/golang/protobuf/protoc-gen-go/descriptor"
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = fmt.Errorf
+var _ = math.Inf
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the proto package it is being compiled against.
+// A compilation error at this line likely means your copy of the
+// proto package needs to be updated.
+const _ = proto.ProtoPackageIsVersion2 // please upgrade the proto package
+
+var E_Http = &proto.ExtensionDesc{
+	ExtendedType:  (*google_protobuf.MethodOptions)(nil),
+	ExtensionType: (*HttpRule)(nil),
+	Field:         72295728,
+	Name:          "google.api.http",
+	Tag:           "bytes,72295728,opt,name=http",
+	Filename:      "google/api/annotations.proto",
+}
+
+func init() {
+	proto.RegisterExtension(E_Http)
+}
+
+func init() { proto.RegisterFile("google/api/annotations.proto", fileDescriptor0) }
+
+var fileDescriptor0 = []byte{
+	// 208 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x92, 0x49, 0xcf, 0xcf, 0x4f,
+	0xcf, 0x49, 0xd5, 0x4f, 0x2c, 0xc8, 0xd4, 0x4f, 0xcc, 0xcb, 0xcb, 0x2f, 0x49, 0x2c, 0xc9, 0xcc,
+	0xcf, 0x2b, 0xd6, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0xe2, 0x82, 0xc8, 0xea, 0x25, 0x16, 0x64,
+	0x4a, 0x89, 0x22, 0xa9, 0xcc, 0x28, 0x29, 0x29, 0x80, 0x28, 0x91, 0x52, 0x80, 0x0a, 0x83, 0x79,
+	0x49, 0xa5, 0x69, 0xfa, 0x29, 0xa9, 0xc5, 0xc9, 0x45, 0x99, 0x05, 0x25, 0xf9, 0x45, 0x10, 0x15,
+	0x56, 0xde, 0x5c, 0x2c, 0x20, 0xf5, 0x42, 0x72, 0x7a, 0x50, 0xd3, 0x60, 0x4a, 0xf5, 0x7c, 0x53,
+	0x4b, 0x32, 0xf2, 0x53, 0xfc, 0x0b, 0xc0, 0x56, 0x4a, 0x6c, 0x38, 0xb5, 0x47, 0x49, 0x81, 0x51,
+	0x83, 0xdb, 0x48, 0x44, 0x0f, 0x61, 0xad, 0x9e, 0x47, 0x49, 0x49, 0x41, 0x50, 0x69, 0x4e, 0x6a,
+	0x10, 0xd8, 0x10, 0xa7, 0x3c, 0x2e, 0xbe, 0xe4, 0xfc, 0x5c, 0x24, 0x05, 0x4e, 0x02, 0x8e, 0x08,
+	0x67, 0x07, 0x80, 0x4c, 0x0e, 0x60, 0x8c, 0x72, 0x84, 0xca, 0xa7, 0xe7, 0xe7, 0x24, 0xe6, 0xa5,
+	0xeb, 0xe5, 0x17, 0xa5, 0xeb, 0xa7, 0xa7, 0xe6, 0x81, 0xed, 0xd5, 0x87, 0x48, 0x25, 0x16, 0x64,
+	0x16, 0xa3, 0x7b, 0xda, 0x1a, 0x89, 0xbd, 0x88, 0x89, 0xc5, 0xdd, 0x31, 0xc0, 0x33, 0x89, 0x0d,
+	0xac, 0xc9, 0x18, 0x10, 0x00, 0x00, 0xff, 0xff, 0xe3, 0x29, 0x19, 0x62, 0x28, 0x01, 0x00, 0x00,
+}
diff --git a/vendor/google.golang.org/genproto/googleapis/api/annotations/http.pb.go b/vendor/google.golang.org/genproto/googleapis/api/annotations/http.pb.go
new file mode 100644
index 000000000000..f91c604620bc
--- /dev/null
+++ b/vendor/google.golang.org/genproto/googleapis/api/annotations/http.pb.go
@@ -0,0 +1,566 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// source: google/api/http.proto
+
+package annotations
+
+import proto "github.com/golang/protobuf/proto"
+import fmt "fmt"
+import math "math"
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = fmt.Errorf
+var _ = math.Inf
+
+// Defines the HTTP configuration for a service. It contains a list of
+// [HttpRule][google.api.HttpRule], each specifying the mapping of an RPC method
+// to one or more HTTP REST API methods.
+type Http struct {
+	// A list of HTTP configuration rules that apply to individual API methods.
+	//
+	// **NOTE:** All service configuration rules follow "last one wins" order.
+	Rules []*HttpRule `protobuf:"bytes,1,rep,name=rules" json:"rules,omitempty"`
+}
+
+func (m *Http) Reset()                    { *m = Http{} }
+func (m *Http) String() string            { return proto.CompactTextString(m) }
+func (*Http) ProtoMessage()               {}
+func (*Http) Descriptor() ([]byte, []int) { return fileDescriptor1, []int{0} }
+
+func (m *Http) GetRules() []*HttpRule {
+	if m != nil {
+		return m.Rules
+	}
+	return nil
+}
+
+// `HttpRule` defines the mapping of an RPC method to one or more HTTP
+// REST APIs.  The mapping determines what portions of the request
+// message are populated from the path, query parameters, or body of
+// the HTTP request.  The mapping is typically specified as an
+// `google.api.http` annotation, see "google/api/annotations.proto"
+// for details.
+//
+// The mapping consists of a field specifying the path template and
+// method kind.  The path template can refer to fields in the request
+// message, as in the example below which describes a REST GET
+// operation on a resource collection of messages:
+//
+//
+//     service Messaging {
+//       rpc GetMessage(GetMessageRequest) returns (Message) {
+//         option (google.api.http).get = "/v1/messages/{message_id}/{sub.subfield}";
+//       }
+//     }
+//     message GetMessageRequest {
+//       message SubMessage {
+//         string subfield = 1;
+//       }
+//       string message_id = 1; // mapped to the URL
+//       SubMessage sub = 2;    // `sub.subfield` is url-mapped
+//     }
+//     message Message {
+//       string text = 1; // content of the resource
+//     }
+//
+// The same http annotation can alternatively be expressed inside the
+// `GRPC API Configuration` YAML file.
+//
+//     http:
+//       rules:
+//         - selector: <proto_package_name>.Messaging.GetMessage
+//           get: /v1/messages/{message_id}/{sub.subfield}
+//
+// This definition enables an automatic, bidrectional mapping of HTTP
+// JSON to RPC. Example:
+//
+// HTTP | RPC
+// -----|-----
+// `GET /v1/messages/123456/foo`  | `GetMessage(message_id: "123456" sub: SubMessage(subfield: "foo"))`
+//
+// In general, not only fields but also field paths can be referenced
+// from a path pattern. Fields mapped to the path pattern cannot be
+// repeated and must have a primitive (non-message) type.
+//
+// Any fields in the request message which are not bound by the path
+// pattern automatically become (optional) HTTP query
+// parameters. Assume the following definition of the request message:
+//
+//
+//     message GetMessageRequest {
+//       message SubMessage {
+//         string subfield = 1;
+//       }
+//       string message_id = 1; // mapped to the URL
+//       int64 revision = 2;    // becomes a parameter
+//       SubMessage sub = 3;    // `sub.subfield` becomes a parameter
+//     }
+//
+//
+// This enables a HTTP JSON to RPC mapping as below:
+//
+// HTTP | RPC
+// -----|-----
+// `GET /v1/messages/123456?revision=2&sub.subfield=foo` | `GetMessage(message_id: "123456" revision: 2 sub: SubMessage(subfield: "foo"))`
+//
+// Note that fields which are mapped to HTTP parameters must have a
+// primitive type or a repeated primitive type. Message types are not
+// allowed. In the case of a repeated type, the parameter can be
+// repeated in the URL, as in `...?param=A&param=B`.
+//
+// For HTTP method kinds which allow a request body, the `body` field
+// specifies the mapping. Consider a REST update method on the
+// message resource collection:
+//
+//
+//     service Messaging {
+//       rpc UpdateMessage(UpdateMessageRequest) returns (Message) {
+//         option (google.api.http) = {
+//           put: "/v1/messages/{message_id}"
+//           body: "message"
+//         };
+//       }
+//     }
+//     message UpdateMessageRequest {
+//       string message_id = 1; // mapped to the URL
+//       Message message = 2;   // mapped to the body
+//     }
+//
+//
+// The following HTTP JSON to RPC mapping is enabled, where the
+// representation of the JSON in the request body is determined by
+// protos JSON encoding:
+//
+// HTTP | RPC
+// -----|-----
+// `PUT /v1/messages/123456 { "text": "Hi!" }` | `UpdateMessage(message_id: "123456" message { text: "Hi!" })`
+//
+// The special name `*` can be used in the body mapping to define that
+// every field not bound by the path template should be mapped to the
+// request body.  This enables the following alternative definition of
+// the update method:
+//
+//     service Messaging {
+//       rpc UpdateMessage(Message) returns (Message) {
+//         option (google.api.http) = {
+//           put: "/v1/messages/{message_id}"
+//           body: "*"
+//         };
+//       }
+//     }
+//     message Message {
+//       string message_id = 1;
+//       string text = 2;
+//     }
+//
+//
+// The following HTTP JSON to RPC mapping is enabled:
+//
+// HTTP | RPC
+// -----|-----
+// `PUT /v1/messages/123456 { "text": "Hi!" }` | `UpdateMessage(message_id: "123456" text: "Hi!")`
+//
+// Note that when using `*` in the body mapping, it is not possible to
+// have HTTP parameters, as all fields not bound by the path end in
+// the body. This makes this option more rarely used in practice of
+// defining REST APIs. The common usage of `*` is in custom methods
+// which don't use the URL at all for transferring data.
+//
+// It is possible to define multiple HTTP methods for one RPC by using
+// the `additional_bindings` option. Example:
+//
+//     service Messaging {
+//       rpc GetMessage(GetMessageRequest) returns (Message) {
+//         option (google.api.http) = {
+//           get: "/v1/messages/{message_id}"
+//           additional_bindings {
+//             get: "/v1/users/{user_id}/messages/{message_id}"
+//           }
+//         };
+//       }
+//     }
+//     message GetMessageRequest {
+//       string message_id = 1;
+//       string user_id = 2;
+//     }
+//
+//
+// This enables the following two alternative HTTP JSON to RPC
+// mappings:
+//
+// HTTP | RPC
+// -----|-----
+// `GET /v1/messages/123456` | `GetMessage(message_id: "123456")`
+// `GET /v1/users/me/messages/123456` | `GetMessage(user_id: "me" message_id: "123456")`
+//
+// # Rules for HTTP mapping
+//
+// The rules for mapping HTTP path, query parameters, and body fields
+// to the request message are as follows:
+//
+// 1. The `body` field specifies either `*` or a field path, or is
+//    omitted. If omitted, it assumes there is no HTTP body.
+// 2. Leaf fields (recursive expansion of nested messages in the
+//    request) can be classified into three types:
+//     (a) Matched in the URL template.
+//     (b) Covered by body (if body is `*`, everything except (a) fields;
+//         else everything under the body field)
+//     (c) All other fields.
+// 3. URL query parameters found in the HTTP request are mapped to (c) fields.
+// 4. Any body sent with an HTTP request can contain only (b) fields.
+//
+// The syntax of the path template is as follows:
+//
+//     Template = "/" Segments [ Verb ] ;
+//     Segments = Segment { "/" Segment } ;
+//     Segment  = "*" | "**" | LITERAL | Variable ;
+//     Variable = "{" FieldPath [ "=" Segments ] "}" ;
+//     FieldPath = IDENT { "." IDENT } ;
+//     Verb     = ":" LITERAL ;
+//
+// The syntax `*` matches a single path segment. It follows the semantics of
+// [RFC 6570](https://tools.ietf.org/html/rfc6570) Section 3.2.2 Simple String
+// Expansion.
+//
+// The syntax `**` matches zero or more path segments. It follows the semantics
+// of [RFC 6570](https://tools.ietf.org/html/rfc6570) Section 3.2.3 Reserved
+// Expansion. NOTE: it must be the last segment in the path except the Verb.
+//
+// The syntax `LITERAL` matches literal text in the URL path.
+//
+// The syntax `Variable` matches the entire path as specified by its template;
+// this nested template must not contain further variables. If a variable
+// matches a single path segment, its template may be omitted, e.g. `{var}`
+// is equivalent to `{var=*}`.
+//
+// NOTE: the field paths in variables and in the `body` must not refer to
+// repeated fields or map fields.
+//
+// Use CustomHttpPattern to specify any HTTP method that is not included in the
+// `pattern` field, such as HEAD, or "*" to leave the HTTP method unspecified for
+// a given URL path rule. The wild-card rule is useful for services that provide
+// content to Web (HTML) clients.
+type HttpRule struct {
+	// Selects methods to which this rule applies.
+	//
+	// Refer to [selector][google.api.DocumentationRule.selector] for syntax details.
+	Selector string `protobuf:"bytes,1,opt,name=selector" json:"selector,omitempty"`
+	// Determines the URL pattern is matched by this rules. This pattern can be
+	// used with any of the {get|put|post|delete|patch} methods. A custom method
+	// can be defined using the 'custom' field.
+	//
+	// Types that are valid to be assigned to Pattern:
+	//	*HttpRule_Get
+	//	*HttpRule_Put
+	//	*HttpRule_Post
+	//	*HttpRule_Delete
+	//	*HttpRule_Patch
+	//	*HttpRule_Custom
+	Pattern isHttpRule_Pattern `protobuf_oneof:"pattern"`
+	// The name of the request field whose value is mapped to the HTTP body, or
+	// `*` for mapping all fields not captured by the path pattern to the HTTP
+	// body. NOTE: the referred field must not be a repeated field and must be
+	// present at the top-level of request message type.
+	Body string `protobuf:"bytes,7,opt,name=body" json:"body,omitempty"`
+	// Additional HTTP bindings for the selector. Nested bindings must
+	// not contain an `additional_bindings` field themselves (that is,
+	// the nesting may only be one level deep).
+	AdditionalBindings []*HttpRule `protobuf:"bytes,11,rep,name=additional_bindings,json=additionalBindings" json:"additional_bindings,omitempty"`
+}
+
+func (m *HttpRule) Reset()                    { *m = HttpRule{} }
+func (m *HttpRule) String() string            { return proto.CompactTextString(m) }
+func (*HttpRule) ProtoMessage()               {}
+func (*HttpRule) Descriptor() ([]byte, []int) { return fileDescriptor1, []int{1} }
+
+type isHttpRule_Pattern interface {
+	isHttpRule_Pattern()
+}
+
+type HttpRule_Get struct {
+	Get string `protobuf:"bytes,2,opt,name=get,oneof"`
+}
+type HttpRule_Put struct {
+	Put string `protobuf:"bytes,3,opt,name=put,oneof"`
+}
+type HttpRule_Post struct {
+	Post string `protobuf:"bytes,4,opt,name=post,oneof"`
+}
+type HttpRule_Delete struct {
+	Delete string `protobuf:"bytes,5,opt,name=delete,oneof"`
+}
+type HttpRule_Patch struct {
+	Patch string `protobuf:"bytes,6,opt,name=patch,oneof"`
+}
+type HttpRule_Custom struct {
+	Custom *CustomHttpPattern `protobuf:"bytes,8,opt,name=custom,oneof"`
+}
+
+func (*HttpRule_Get) isHttpRule_Pattern()    {}
+func (*HttpRule_Put) isHttpRule_Pattern()    {}
+func (*HttpRule_Post) isHttpRule_Pattern()   {}
+func (*HttpRule_Delete) isHttpRule_Pattern() {}
+func (*HttpRule_Patch) isHttpRule_Pattern()  {}
+func (*HttpRule_Custom) isHttpRule_Pattern() {}
+
+func (m *HttpRule) GetPattern() isHttpRule_Pattern {
+	if m != nil {
+		return m.Pattern
+	}
+	return nil
+}
+
+func (m *HttpRule) GetSelector() string {
+	if m != nil {
+		return m.Selector
+	}
+	return ""
+}
+
+func (m *HttpRule) GetGet() string {
+	if x, ok := m.GetPattern().(*HttpRule_Get); ok {
+		return x.Get
+	}
+	return ""
+}
+
+func (m *HttpRule) GetPut() string {
+	if x, ok := m.GetPattern().(*HttpRule_Put); ok {
+		return x.Put
+	}
+	return ""
+}
+
+func (m *HttpRule) GetPost() string {
+	if x, ok := m.GetPattern().(*HttpRule_Post); ok {
+		return x.Post
+	}
+	return ""
+}
+
+func (m *HttpRule) GetDelete() string {
+	if x, ok := m.GetPattern().(*HttpRule_Delete); ok {
+		return x.Delete
+	}
+	return ""
+}
+
+func (m *HttpRule) GetPatch() string {
+	if x, ok := m.GetPattern().(*HttpRule_Patch); ok {
+		return x.Patch
+	}
+	return ""
+}
+
+func (m *HttpRule) GetCustom() *CustomHttpPattern {
+	if x, ok := m.GetPattern().(*HttpRule_Custom); ok {
+		return x.Custom
+	}
+	return nil
+}
+
+func (m *HttpRule) GetBody() string {
+	if m != nil {
+		return m.Body
+	}
+	return ""
+}
+
+func (m *HttpRule) GetAdditionalBindings() []*HttpRule {
+	if m != nil {
+		return m.AdditionalBindings
+	}
+	return nil
+}
+
+// XXX_OneofFuncs is for the internal use of the proto package.
+func (*HttpRule) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{}) {
+	return _HttpRule_OneofMarshaler, _HttpRule_OneofUnmarshaler, _HttpRule_OneofSizer, []interface{}{
+		(*HttpRule_Get)(nil),
+		(*HttpRule_Put)(nil),
+		(*HttpRule_Post)(nil),
+		(*HttpRule_Delete)(nil),
+		(*HttpRule_Patch)(nil),
+		(*HttpRule_Custom)(nil),
+	}
+}
+
+func _HttpRule_OneofMarshaler(msg proto.Message, b *proto.Buffer) error {
+	m := msg.(*HttpRule)
+	// pattern
+	switch x := m.Pattern.(type) {
+	case *HttpRule_Get:
+		b.EncodeVarint(2<<3 | proto.WireBytes)
+		b.EncodeStringBytes(x.Get)
+	case *HttpRule_Put:
+		b.EncodeVarint(3<<3 | proto.WireBytes)
+		b.EncodeStringBytes(x.Put)
+	case *HttpRule_Post:
+		b.EncodeVarint(4<<3 | proto.WireBytes)
+		b.EncodeStringBytes(x.Post)
+	case *HttpRule_Delete:
+		b.EncodeVarint(5<<3 | proto.WireBytes)
+		b.EncodeStringBytes(x.Delete)
+	case *HttpRule_Patch:
+		b.EncodeVarint(6<<3 | proto.WireBytes)
+		b.EncodeStringBytes(x.Patch)
+	case *HttpRule_Custom:
+		b.EncodeVarint(8<<3 | proto.WireBytes)
+		if err := b.EncodeMessage(x.Custom); err != nil {
+			return err
+		}
+	case nil:
+	default:
+		return fmt.Errorf("HttpRule.Pattern has unexpected type %T", x)
+	}
+	return nil
+}
+
+func _HttpRule_OneofUnmarshaler(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error) {
+	m := msg.(*HttpRule)
+	switch tag {
+	case 2: // pattern.get
+		if wire != proto.WireBytes {
+			return true, proto.ErrInternalBadWireType
+		}
+		x, err := b.DecodeStringBytes()
+		m.Pattern = &HttpRule_Get{x}
+		return true, err
+	case 3: // pattern.put
+		if wire != proto.WireBytes {
+			return true, proto.ErrInternalBadWireType
+		}
+		x, err := b.DecodeStringBytes()
+		m.Pattern = &HttpRule_Put{x}
+		return true, err
+	case 4: // pattern.post
+		if wire != proto.WireBytes {
+			return true, proto.ErrInternalBadWireType
+		}
+		x, err := b.DecodeStringBytes()
+		m.Pattern = &HttpRule_Post{x}
+		return true, err
+	case 5: // pattern.delete
+		if wire != proto.WireBytes {
+			return true, proto.ErrInternalBadWireType
+		}
+		x, err := b.DecodeStringBytes()
+		m.Pattern = &HttpRule_Delete{x}
+		return true, err
+	case 6: // pattern.patch
+		if wire != proto.WireBytes {
+			return true, proto.ErrInternalBadWireType
+		}
+		x, err := b.DecodeStringBytes()
+		m.Pattern = &HttpRule_Patch{x}
+		return true, err
+	case 8: // pattern.custom
+		if wire != proto.WireBytes {
+			return true, proto.ErrInternalBadWireType
+		}
+		msg := new(CustomHttpPattern)
+		err := b.DecodeMessage(msg)
+		m.Pattern = &HttpRule_Custom{msg}
+		return true, err
+	default:
+		return false, nil
+	}
+}
+
+func _HttpRule_OneofSizer(msg proto.Message) (n int) {
+	m := msg.(*HttpRule)
+	// pattern
+	switch x := m.Pattern.(type) {
+	case *HttpRule_Get:
+		n += proto.SizeVarint(2<<3 | proto.WireBytes)
+		n += proto.SizeVarint(uint64(len(x.Get)))
+		n += len(x.Get)
+	case *HttpRule_Put:
+		n += proto.SizeVarint(3<<3 | proto.WireBytes)
+		n += proto.SizeVarint(uint64(len(x.Put)))
+		n += len(x.Put)
+	case *HttpRule_Post:
+		n += proto.SizeVarint(4<<3 | proto.WireBytes)
+		n += proto.SizeVarint(uint64(len(x.Post)))
+		n += len(x.Post)
+	case *HttpRule_Delete:
+		n += proto.SizeVarint(5<<3 | proto.WireBytes)
+		n += proto.SizeVarint(uint64(len(x.Delete)))
+		n += len(x.Delete)
+	case *HttpRule_Patch:
+		n += proto.SizeVarint(6<<3 | proto.WireBytes)
+		n += proto.SizeVarint(uint64(len(x.Patch)))
+		n += len(x.Patch)
+	case *HttpRule_Custom:
+		s := proto.Size(x.Custom)
+		n += proto.SizeVarint(8<<3 | proto.WireBytes)
+		n += proto.SizeVarint(uint64(s))
+		n += s
+	case nil:
+	default:
+		panic(fmt.Sprintf("proto: unexpected type %T in oneof", x))
+	}
+	return n
+}
+
+// A custom pattern is used for defining custom HTTP verb.
+type CustomHttpPattern struct {
+	// The name of this custom HTTP verb.
+	Kind string `protobuf:"bytes,1,opt,name=kind" json:"kind,omitempty"`
+	// The path matched by this custom verb.
+	Path string `protobuf:"bytes,2,opt,name=path" json:"path,omitempty"`
+}
+
+func (m *CustomHttpPattern) Reset()                    { *m = CustomHttpPattern{} }
+func (m *CustomHttpPattern) String() string            { return proto.CompactTextString(m) }
+func (*CustomHttpPattern) ProtoMessage()               {}
+func (*CustomHttpPattern) Descriptor() ([]byte, []int) { return fileDescriptor1, []int{2} }
+
+func (m *CustomHttpPattern) GetKind() string {
+	if m != nil {
+		return m.Kind
+	}
+	return ""
+}
+
+func (m *CustomHttpPattern) GetPath() string {
+	if m != nil {
+		return m.Path
+	}
+	return ""
+}
+
+func init() {
+	proto.RegisterType((*Http)(nil), "google.api.Http")
+	proto.RegisterType((*HttpRule)(nil), "google.api.HttpRule")
+	proto.RegisterType((*CustomHttpPattern)(nil), "google.api.CustomHttpPattern")
+}
+
+func init() { proto.RegisterFile("google/api/http.proto", fileDescriptor1) }
+
+var fileDescriptor1 = []byte{
+	// 359 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x7c, 0x92, 0xcf, 0x6a, 0xe3, 0x30,
+	0x10, 0xc6, 0xd7, 0x89, 0xe3, 0x24, 0x13, 0x58, 0x58, 0x6d, 0x76, 0x11, 0x85, 0x42, 0xc8, 0x29,
+	0xf4, 0x60, 0x43, 0x7a, 0xe8, 0x21, 0xa7, 0xb8, 0x94, 0xa6, 0xb7, 0xe0, 0x63, 0x2f, 0x45, 0xb1,
+	0x85, 0xa2, 0xd6, 0x91, 0x84, 0x3d, 0x3e, 0xf4, 0x75, 0xfa, 0x0e, 0x7d, 0xb7, 0x1e, 0x8b, 0xfe,
+	0xa4, 0x09, 0x14, 0x7a, 0x9b, 0xef, 0x37, 0x9f, 0x34, 0xa3, 0x19, 0xc1, 0x3f, 0xa1, 0xb5, 0xa8,
+	0x79, 0xc6, 0x8c, 0xcc, 0xf6, 0x88, 0x26, 0x35, 0x8d, 0x46, 0x4d, 0xc0, 0xe3, 0x94, 0x19, 0x39,
+	0x5f, 0x42, 0xbc, 0x41, 0x34, 0xe4, 0x0a, 0x06, 0x4d, 0x57, 0xf3, 0x96, 0x46, 0xb3, 0xfe, 0x62,
+	0xb2, 0x9c, 0xa6, 0x27, 0x4f, 0x6a, 0x0d, 0x45, 0x57, 0xf3, 0xc2, 0x5b, 0xe6, 0xef, 0x3d, 0x18,
+	0x1d, 0x19, 0xb9, 0x80, 0x51, 0xcb, 0x6b, 0x5e, 0xa2, 0x6e, 0x68, 0x34, 0x8b, 0x16, 0xe3, 0xe2,
+	0x4b, 0x13, 0x02, 0x7d, 0xc1, 0x91, 0xf6, 0x2c, 0xde, 0xfc, 0x2a, 0xac, 0xb0, 0xcc, 0x74, 0x48,
+	0xfb, 0x47, 0x66, 0x3a, 0x24, 0x53, 0x88, 0x8d, 0x6e, 0x91, 0xc6, 0x01, 0x3a, 0x45, 0x28, 0x24,
+	0x15, 0xaf, 0x39, 0x72, 0x3a, 0x08, 0x3c, 0x68, 0xf2, 0x1f, 0x06, 0x86, 0x61, 0xb9, 0xa7, 0x49,
+	0x48, 0x78, 0x49, 0x6e, 0x20, 0x29, 0xbb, 0x16, 0xf5, 0x81, 0x8e, 0x66, 0xd1, 0x62, 0xb2, 0xbc,
+	0x3c, 0x7f, 0xc5, 0xad, 0xcb, 0xd8, 0xbe, 0xb7, 0x0c, 0x91, 0x37, 0xca, 0x5e, 0xe8, 0xed, 0x84,
+	0x40, 0xbc, 0xd3, 0xd5, 0x2b, 0x1d, 0xba, 0x07, 0xb8, 0x98, 0xdc, 0xc1, 0x5f, 0x56, 0x55, 0x12,
+	0xa5, 0x56, 0xac, 0x7e, 0xda, 0x49, 0x55, 0x49, 0x25, 0x5a, 0x3a, 0xf9, 0x61, 0x3e, 0xe4, 0x74,
+	0x20, 0x0f, 0xfe, 0x7c, 0x0c, 0x43, 0xe3, 0xeb, 0xcd, 0x57, 0xf0, 0xe7, 0x5b, 0x13, 0xb6, 0xf4,
+	0x8b, 0x54, 0x55, 0x98, 0x9d, 0x8b, 0x2d, 0x33, 0x0c, 0xf7, 0x7e, 0x70, 0x85, 0x8b, 0xf3, 0x67,
+	0xf8, 0x5d, 0xea, 0xc3, 0x59, 0xd9, 0x7c, 0xec, 0xae, 0xb1, 0x1b, 0xdd, 0x46, 0x8f, 0xeb, 0x90,
+	0x10, 0xba, 0x66, 0x4a, 0xa4, 0xba, 0x11, 0x99, 0xe0, 0xca, 0xed, 0x3b, 0xf3, 0x29, 0x66, 0x64,
+	0xeb, 0x7e, 0x02, 0x53, 0x4a, 0x23, 0xb3, 0x6d, 0xb6, 0xab, 0xb3, 0xf8, 0x23, 0x8a, 0xde, 0x7a,
+	0xf1, 0xfd, 0x7a, 0xfb, 0xb0, 0x4b, 0xdc, 0xb9, 0xeb, 0xcf, 0x00, 0x00, 0x00, 0xff, 0xff, 0x68,
+	0x15, 0x60, 0x5b, 0x40, 0x02, 0x00, 0x00,
+}
diff --git a/vendor/google.golang.org/grpc/.please-update b/vendor/google.golang.org/grpc/.please-update
new file mode 100644
index 000000000000..e69de29bb2d1
diff --git a/vendor/google.golang.org/grpc/.travis.yml b/vendor/google.golang.org/grpc/.travis.yml
index b3577c7ae20b..22bf25004a3b 100644
--- a/vendor/google.golang.org/grpc/.travis.yml
+++ b/vendor/google.golang.org/grpc/.travis.yml
@@ -1,19 +1,20 @@
 language: go
 
 go:
-  - 1.6.3
-  - 1.7
-  - 1.8
+  - 1.7.x
+  - 1.8.x
+  - 1.9.x
+
+matrix:
+  include:
+  - go: 1.9.x
+    env: ARCH=386
 
 go_import_path: google.golang.org/grpc
 
 before_install:
-  - go get github.com/golang/lint/golint
-  - go get -u golang.org/x/tools/cmd/goimports github.com/axw/gocov/gocov github.com/mattn/goveralls golang.org/x/tools/cmd/cover
+  - if [[ "$TRAVIS_GO_VERSION" = 1.9* && "$ARCH" != "386" ]]; then ./vet.sh -install || exit 1; fi
 
 script:
-  - '! gofmt -s -d -l . 2>&1 | read'
-  - '! goimports -l . | read'
-  - '! golint ./... | grep -vE "(_mock|_string|\.pb)\.go:"'
-  - '! go tool vet -all . 2>&1 | grep -vE "constant [0-9]+ not a string in call to Errorf" | grep -vF .pb.go:' # https://github.com/golang/protobuf/issues/214
+  - if [[ "$TRAVIS_GO_VERSION" = 1.9* && "$ARCH" != "386" ]]; then ./vet.sh || exit 1; fi
   - make test testrace
diff --git a/vendor/google.golang.org/grpc/AUTHORS b/vendor/google.golang.org/grpc/AUTHORS
new file mode 100644
index 000000000000..e491a9e7f783
--- /dev/null
+++ b/vendor/google.golang.org/grpc/AUTHORS
@@ -0,0 +1 @@
+Google Inc.
diff --git a/vendor/google.golang.org/grpc/CONTRIBUTING.md b/vendor/google.golang.org/grpc/CONTRIBUTING.md
index 36cd6f7581bb..a5c6e06e2550 100644
--- a/vendor/google.golang.org/grpc/CONTRIBUTING.md
+++ b/vendor/google.golang.org/grpc/CONTRIBUTING.md
@@ -1,46 +1,32 @@
 # How to contribute
 
-We definitely welcome patches and contribution to grpc! Here are some guidelines
-and information about how to do so.
+We definitely welcome your patches and contributions to gRPC!
 
-## Sending patches
-
-### Getting started
-
-1. Check out the code:
-
-        $ go get google.golang.org/grpc
-        $ cd $GOPATH/src/google.golang.org/grpc
-
-1. Create a fork of the grpc-go repository.
-1. Add your fork as a remote:
-
-        $ git remote add fork git@github.com:$YOURGITHUBUSERNAME/grpc-go.git
-
-1. Make changes, commit them.
-1. Run the test suite:
-
-        $ make test
-
-1. Push your changes to your fork:
-
-        $ git push fork ...
-
-1. Open a pull request.
+If you are new to github, please start by reading [Pull Request howto](https://help.github.com/articles/about-pull-requests/)
 
 ## Legal requirements
 
 In order to protect both you and ourselves, you will need to sign the
 [Contributor License Agreement](https://cla.developers.google.com/clas).
 
-## Filing Issues
-When filing an issue, make sure to answer these five questions:
-
-1. What version of Go are you using (`go version`)?
-2. What operating system and processor architecture are you using?
-3. What did you do?
-4. What did you expect to see?
-5. What did you see instead?
-
-### Contributing code
-Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.
+## Guidelines for Pull Requests
+How to get your contributions merged smoothly and quickly.
+ 
+- Create **small PRs** that are narrowly focused on **addressing a single concern**. We often times receive PRs that are trying to fix several things at a time, but only one fix is considered acceptable, nothing gets merged and both author's & review's time is wasted. Create more PRs to address different concerns and everyone will be happy.
+ 
+- For speculative changes, consider opening an issue and discussing it first. If you are suggesting a behavioral or API change, consider starting with a [gRFC proposal](https://github.com/grpc/proposal). 
+ 
+- Provide a good **PR description** as a record of **what** change is being made and **why** it was made. Link to a github issue if it exists.
+ 
+- Don't fix code style and formatting unless you are already changing that line to address an issue. PRs with irrelevant changes won't be merged. If you do want to fix formatting or style, do that in a separate PR.
+ 
+- Unless your PR is trivial, you should expect there will be reviewer comments that you'll need to address before merging. We expect you to be reasonably responsive to those comments, otherwise the PR will be closed after 2-3 weeks of inactivity.
+ 
+- Maintain **clean commit history** and use **meaningful commit messages**. PRs with messy commit history are difficult to review and won't be merged. Use `rebase -i upstream/master` to curate your commit history and/or to bring in latest changes from master (but avoid rebasing in the middle of a code review).
+ 
+- Keep your PR up to date with upstream/master (if there are merge conflicts, we can't really merge your change).
+ 
+- **All tests need to be passing** before your change can be merged. We recommend you **run tests locally** before creating your PR to catch breakages early on.
+
+- Exceptions to the rules can be made if there's a compelling reason for doing so.
+ 
diff --git a/vendor/google.golang.org/grpc/LICENSE b/vendor/google.golang.org/grpc/LICENSE
index f4988b450799..d64569567334 100644
--- a/vendor/google.golang.org/grpc/LICENSE
+++ b/vendor/google.golang.org/grpc/LICENSE
@@ -1,28 +1,202 @@
-Copyright 2014, Google Inc.
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-    * Redistributions of source code must retain the above copyright
-notice, this list of conditions and the following disclaimer.
-    * Redistributions in binary form must reproduce the above
-copyright notice, this list of conditions and the following disclaimer
-in the documentation and/or other materials provided with the
-distribution.
-    * Neither the name of Google Inc. nor the names of its
-contributors may be used to endorse or promote products derived from
-this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
diff --git a/vendor/google.golang.org/grpc/Makefile b/vendor/google.golang.org/grpc/Makefile
index 03bb01f0b35b..39606b564a6d 100644
--- a/vendor/google.golang.org/grpc/Makefile
+++ b/vendor/google.golang.org/grpc/Makefile
@@ -20,24 +20,17 @@ proto:
 		echo "error: protoc not installed" >&2; \
 		exit 1; \
 	fi
-	go get -u -v github.com/golang/protobuf/protoc-gen-go
-	# use $$dir as the root for all proto files in the same directory
-	for dir in $$(git ls-files '*.proto' | xargs -n1 dirname | uniq); do \
-		protoc -I $$dir --go_out=plugins=grpc:$$dir $$dir/*.proto; \
-	done
+	go generate google.golang.org/grpc/...
 
 test: testdeps
-	go test -v -cpu 1,4 google.golang.org/grpc/...
+	go test -cpu 1,4 google.golang.org/grpc/...
 
 testrace: testdeps
-	go test -v -race -cpu 1,4 google.golang.org/grpc/...
+	go test -race -cpu 1,4 google.golang.org/grpc/...
 
 clean:
 	go clean -i google.golang.org/grpc/...
 
-coverage: testdeps
-	./coverage.sh --coveralls
-
 .PHONY: \
 	all \
 	deps \
diff --git a/vendor/google.golang.org/grpc/README.md b/vendor/google.golang.org/grpc/README.md
index ae0236f92f3a..622a5dc3e85d 100644
--- a/vendor/google.golang.org/grpc/README.md
+++ b/vendor/google.golang.org/grpc/README.md
@@ -2,7 +2,7 @@
 
 [![Build Status](https://travis-ci.org/grpc/grpc-go.svg)](https://travis-ci.org/grpc/grpc-go) [![GoDoc](https://godoc.org/google.golang.org/grpc?status.svg)](https://godoc.org/google.golang.org/grpc)
 
-The Go implementation of [gRPC](http://www.grpc.io/): A high performance, open source, general RPC framework that puts mobile and HTTP/2 first. For more information see the [gRPC Quick Start](http://www.grpc.io/docs/) guide.
+The Go implementation of [gRPC](https://grpc.io/): A high performance, open source, general RPC framework that puts mobile and HTTP/2 first. For more information see the [gRPC Quick Start: Go](https://grpc.io/docs/quickstart/go.html) guide.
 
 Installation
 ------------
@@ -10,13 +10,13 @@ Installation
 To install this package, you need to install Go and setup your Go workspace on your computer. The simplest way to install the library is to run:
 
 ```
-$ go get google.golang.org/grpc
+$ go get -u google.golang.org/grpc
 ```
 
 Prerequisites
 -------------
 
-This requires Go 1.6 or later.
+This requires Go 1.7 or later.
 
 Constraints
 -----------
@@ -26,9 +26,13 @@ Documentation
 -------------
 See [API documentation](https://godoc.org/google.golang.org/grpc) for package and API descriptions and find examples in the [examples directory](examples/).
 
+Performance
+-----------
+See the current benchmarks for some of the languages supported in [this dashboard](https://performance-dot-grpc-testing.appspot.com/explore?dashboard=5652536396611584&widget=490377658&container=1286539696).
+
 Status
 ------
-GA
+General Availability [Google Cloud Platform Launch Stages](https://cloud.google.com/terms/launch-stages).
 
 FAQ
 ---
diff --git a/vendor/google.golang.org/grpc/backoff.go b/vendor/google.golang.org/grpc/backoff.go
index c99024ee302e..090fbe87c522 100644
--- a/vendor/google.golang.org/grpc/backoff.go
+++ b/vendor/google.golang.org/grpc/backoff.go
@@ -1,3 +1,21 @@
+/*
+ *
+ * Copyright 2017 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
 package grpc
 
 import (
diff --git a/vendor/google.golang.org/grpc/balancer.go b/vendor/google.golang.org/grpc/balancer.go
index 9d943fbadae1..ab65049ddc17 100644
--- a/vendor/google.golang.org/grpc/balancer.go
+++ b/vendor/google.golang.org/grpc/balancer.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2016, Google Inc.
- * All rights reserved.
+ * Copyright 2016 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -35,6 +20,7 @@ package grpc
 
 import (
 	"fmt"
+	"net"
 	"sync"
 
 	"golang.org/x/net/context"
@@ -60,6 +46,10 @@ type BalancerConfig struct {
 	// use to dial to a remote load balancer server. The Balancer implementations
 	// can ignore this if it does not need to talk to another party securely.
 	DialCreds credentials.TransportCredentials
+	// Dialer is the custom dialer the Balancer implementation can use to dial
+	// to a remote load balancer server. The Balancer implementations
+	// can ignore this if it doesn't need to talk to remote balancer.
+	Dialer func(context.Context, string) (net.Conn, error)
 }
 
 // BalancerGetOptions configures a Get call.
@@ -167,7 +157,7 @@ type roundRobin struct {
 func (rr *roundRobin) watchAddrUpdates() error {
 	updates, err := rr.w.Next()
 	if err != nil {
-		grpclog.Printf("grpc: the naming watcher stops working due to %v.\n", err)
+		grpclog.Warningf("grpc: the naming watcher stops working due to %v.", err)
 		return err
 	}
 	rr.mu.Lock()
@@ -183,7 +173,7 @@ func (rr *roundRobin) watchAddrUpdates() error {
 			for _, v := range rr.addrs {
 				if addr == v.addr {
 					exist = true
-					grpclog.Println("grpc: The name resolver wanted to add an existing address: ", addr)
+					grpclog.Infoln("grpc: The name resolver wanted to add an existing address: ", addr)
 					break
 				}
 			}
@@ -200,7 +190,7 @@ func (rr *roundRobin) watchAddrUpdates() error {
 				}
 			}
 		default:
-			grpclog.Println("Unknown update.Op ", update.Op)
+			grpclog.Errorln("Unknown update.Op ", update.Op)
 		}
 	}
 	// Make a copy of rr.addrs and write it onto rr.addrCh so that gRPC internals gets notified.
@@ -211,6 +201,10 @@ func (rr *roundRobin) watchAddrUpdates() error {
 	if rr.done {
 		return ErrClientConnClosing
 	}
+	select {
+	case <-rr.addrCh:
+	default:
+	}
 	rr.addrCh <- open
 	return nil
 }
@@ -233,7 +227,7 @@ func (rr *roundRobin) Start(target string, config BalancerConfig) error {
 		return err
 	}
 	rr.w = w
-	rr.addrCh = make(chan []Address)
+	rr.addrCh = make(chan []Address, 1)
 	go func() {
 		for {
 			if err := rr.watchAddrUpdates(); err != nil {
@@ -385,6 +379,9 @@ func (rr *roundRobin) Notify() <-chan []Address {
 func (rr *roundRobin) Close() error {
 	rr.mu.Lock()
 	defer rr.mu.Unlock()
+	if rr.done {
+		return errBalancerClosed
+	}
 	rr.done = true
 	if rr.w != nil {
 		rr.w.Close()
@@ -398,3 +395,14 @@ func (rr *roundRobin) Close() error {
 	}
 	return nil
 }
+
+// pickFirst is used to test multi-addresses in one addrConn in which all addresses share the same addrConn.
+// It is a wrapper around roundRobin balancer. The logic of all methods works fine because balancer.Get()
+// returns the only address Up by resetTransport().
+type pickFirst struct {
+	*roundRobin
+}
+
+func pickFirstBalancerV1(r naming.Resolver) Balancer {
+	return &pickFirst{&roundRobin{r: r}}
+}
diff --git a/vendor/google.golang.org/grpc/balancer/balancer.go b/vendor/google.golang.org/grpc/balancer/balancer.go
new file mode 100644
index 000000000000..84e10b630e75
--- /dev/null
+++ b/vendor/google.golang.org/grpc/balancer/balancer.go
@@ -0,0 +1,206 @@
+/*
+ *
+ * Copyright 2017 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package balancer defines APIs for load balancing in gRPC.
+// All APIs in this package are experimental.
+package balancer
+
+import (
+	"errors"
+	"net"
+
+	"golang.org/x/net/context"
+	"google.golang.org/grpc/connectivity"
+	"google.golang.org/grpc/credentials"
+	"google.golang.org/grpc/resolver"
+)
+
+var (
+	// m is a map from name to balancer builder.
+	m = make(map[string]Builder)
+	// defaultBuilder is the default balancer to use.
+	defaultBuilder Builder // TODO(bar) install pickfirst as default.
+)
+
+// Register registers the balancer builder to the balancer map.
+// b.Name will be used as the name registered with this builder.
+func Register(b Builder) {
+	m[b.Name()] = b
+}
+
+// Get returns the resolver builder registered with the given name.
+// If no builder is register with the name, the default pickfirst will
+// be used.
+func Get(name string) Builder {
+	if b, ok := m[name]; ok {
+		return b
+	}
+	return defaultBuilder
+}
+
+// SubConn represents a gRPC sub connection.
+// Each sub connection contains a list of addresses. gRPC will
+// try to connect to them (in sequence), and stop trying the
+// remainder once one connection is successful.
+//
+// The reconnect backoff will be applied on the list, not a single address.
+// For example, try_on_all_addresses -> backoff -> try_on_all_addresses.
+//
+// All SubConns start in IDLE, and will not try to connect. To trigger
+// the connecting, Balancers must call Connect.
+// When the connection encounters an error, it will reconnect immediately.
+// When the connection becomes IDLE, it will not reconnect unless Connect is
+// called.
+type SubConn interface {
+	// UpdateAddresses updates the addresses used in this SubConn.
+	// gRPC checks if currently-connected address is still in the new list.
+	// If it's in the list, the connection will be kept.
+	// If it's not in the list, the connection will gracefully closed, and
+	// a new connection will be created.
+	//
+	// This will trigger a state transition for the SubConn.
+	UpdateAddresses([]resolver.Address)
+	// Connect starts the connecting for this SubConn.
+	Connect()
+}
+
+// NewSubConnOptions contains options to create new SubConn.
+type NewSubConnOptions struct{}
+
+// ClientConn represents a gRPC ClientConn.
+type ClientConn interface {
+	// NewSubConn is called by balancer to create a new SubConn.
+	// It doesn't block and wait for the connections to be established.
+	// Behaviors of the SubConn can be controlled by options.
+	NewSubConn([]resolver.Address, NewSubConnOptions) (SubConn, error)
+	// RemoveSubConn removes the SubConn from ClientConn.
+	// The SubConn will be shutdown.
+	RemoveSubConn(SubConn)
+
+	// UpdateBalancerState is called by balancer to nofity gRPC that some internal
+	// state in balancer has changed.
+	//
+	// gRPC will update the connectivity state of the ClientConn, and will call pick
+	// on the new picker to pick new SubConn.
+	UpdateBalancerState(s connectivity.State, p Picker)
+
+	// Target returns the dial target for this ClientConn.
+	Target() string
+}
+
+// BuildOptions contains additional information for Build.
+type BuildOptions struct {
+	// DialCreds is the transport credential the Balancer implementation can
+	// use to dial to a remote load balancer server. The Balancer implementations
+	// can ignore this if it does not need to talk to another party securely.
+	DialCreds credentials.TransportCredentials
+	// Dialer is the custom dialer the Balancer implementation can use to dial
+	// to a remote load balancer server. The Balancer implementations
+	// can ignore this if it doesn't need to talk to remote balancer.
+	Dialer func(context.Context, string) (net.Conn, error)
+}
+
+// Builder creates a balancer.
+type Builder interface {
+	// Build creates a new balancer with the ClientConn.
+	Build(cc ClientConn, opts BuildOptions) Balancer
+	// Name returns the name of balancers built by this builder.
+	// It will be used to pick balancers (for example in service config).
+	Name() string
+}
+
+// PickOptions contains addition information for the Pick operation.
+type PickOptions struct{}
+
+// DoneInfo contains additional information for done.
+type DoneInfo struct {
+	// Err is the rpc error the RPC finished with. It could be nil.
+	Err error
+}
+
+var (
+	// ErrNoSubConnAvailable indicates no SubConn is available for pick().
+	// gRPC will block the RPC until a new picker is available via UpdateBalancerState().
+	ErrNoSubConnAvailable = errors.New("no SubConn is available")
+	// ErrTransientFailure indicates all SubConns are in TransientFailure.
+	// WaitForReady RPCs will block, non-WaitForReady RPCs will fail.
+	ErrTransientFailure = errors.New("all SubConns are in TransientFailure")
+)
+
+// Picker is used by gRPC to pick a SubConn to send an RPC.
+// Balancer is expected to generate a new picker from its snapshot everytime its
+// internal state has changed.
+//
+// The pickers used by gRPC can be updated by ClientConn.UpdateBalancerState().
+type Picker interface {
+	// Pick returns the SubConn to be used to send the RPC.
+	// The returned SubConn must be one returned by NewSubConn().
+	//
+	// This functions is expected to return:
+	// - a SubConn that is known to be READY;
+	// - ErrNoSubConnAvailable if no SubConn is available, but progress is being
+	//   made (for example, some SubConn is in CONNECTING mode);
+	// - other errors if no active connecting is happening (for example, all SubConn
+	//   are in TRANSIENT_FAILURE mode).
+	//
+	// If a SubConn is returned:
+	// - If it is READY, gRPC will send the RPC on it;
+	// - If it is not ready, or becomes not ready after it's returned, gRPC will block
+	//   this call until a new picker is updated and will call pick on the new picker.
+	//
+	// If the returned error is not nil:
+	// - If the error is ErrNoSubConnAvailable, gRPC will block until UpdateBalancerState()
+	// - If the error is ErrTransientFailure:
+	//   - If the RPC is wait-for-ready, gRPC will block until UpdateBalancerState()
+	//     is called to pick again;
+	//   - Otherwise, RPC will fail with unavailable error.
+	// - Else (error is other non-nil error):
+	//   - The RPC will fail with unavailable error.
+	//
+	// The returned done() function will be called once the rpc has finished, with the
+	// final status of that RPC.
+	// done may be nil if balancer doesn't care about the RPC status.
+	Pick(ctx context.Context, opts PickOptions) (conn SubConn, done func(DoneInfo), err error)
+}
+
+// Balancer takes input from gRPC, manages SubConns, and collects and aggregates
+// the connectivity states.
+//
+// It also generates and updates the Picker used by gRPC to pick SubConns for RPCs.
+//
+// HandleSubConnectionStateChange, HandleResolvedAddrs and Close are guaranteed
+// to be called synchronously from the same goroutine.
+// There's no guarantee on picker.Pick, it may be called anytime.
+type Balancer interface {
+	// HandleSubConnStateChange is called by gRPC when the connectivity state
+	// of sc has changed.
+	// Balancer is expected to aggregate all the state of SubConn and report
+	// that back to gRPC.
+	// Balancer should also generate and update Pickers when its internal state has
+	// been changed by the new state.
+	HandleSubConnStateChange(sc SubConn, state connectivity.State)
+	// HandleResolvedAddrs is called by gRPC to send updated resolved addresses to
+	// balancers.
+	// Balancer can create new SubConn or remove SubConn with the addresses.
+	// An empty address slice and a non-nil error will be passed if the resolver returns
+	// non-nil error to gRPC.
+	HandleResolvedAddrs([]resolver.Address, error)
+	// Close closes the balancer. The balancer is not required to call
+	// ClientConn.RemoveSubConn for its existing SubConns.
+	Close()
+}
diff --git a/vendor/google.golang.org/grpc/balancer_conn_wrappers.go b/vendor/google.golang.org/grpc/balancer_conn_wrappers.go
new file mode 100644
index 000000000000..f5dbc4ba201f
--- /dev/null
+++ b/vendor/google.golang.org/grpc/balancer_conn_wrappers.go
@@ -0,0 +1,252 @@
+/*
+ *
+ * Copyright 2017 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package grpc
+
+import (
+	"sync"
+
+	"google.golang.org/grpc/balancer"
+	"google.golang.org/grpc/connectivity"
+	"google.golang.org/grpc/grpclog"
+	"google.golang.org/grpc/resolver"
+)
+
+// scStateUpdate contains the subConn and the new state it changed to.
+type scStateUpdate struct {
+	sc    balancer.SubConn
+	state connectivity.State
+}
+
+// scStateUpdateBuffer is an unbounded channel for scStateChangeTuple.
+// TODO make a general purpose buffer that uses interface{}.
+type scStateUpdateBuffer struct {
+	c       chan *scStateUpdate
+	mu      sync.Mutex
+	backlog []*scStateUpdate
+}
+
+func newSCStateUpdateBuffer() *scStateUpdateBuffer {
+	return &scStateUpdateBuffer{
+		c: make(chan *scStateUpdate, 1),
+	}
+}
+
+func (b *scStateUpdateBuffer) put(t *scStateUpdate) {
+	b.mu.Lock()
+	defer b.mu.Unlock()
+	if len(b.backlog) == 0 {
+		select {
+		case b.c <- t:
+			return
+		default:
+		}
+	}
+	b.backlog = append(b.backlog, t)
+}
+
+func (b *scStateUpdateBuffer) load() {
+	b.mu.Lock()
+	defer b.mu.Unlock()
+	if len(b.backlog) > 0 {
+		select {
+		case b.c <- b.backlog[0]:
+			b.backlog[0] = nil
+			b.backlog = b.backlog[1:]
+		default:
+		}
+	}
+}
+
+// get returns the channel that receives a recvMsg in the buffer.
+//
+// Upon receiving, the caller should call load to send another
+// scStateChangeTuple onto the channel if there is any.
+func (b *scStateUpdateBuffer) get() <-chan *scStateUpdate {
+	return b.c
+}
+
+// resolverUpdate contains the new resolved addresses or error if there's
+// any.
+type resolverUpdate struct {
+	addrs []resolver.Address
+	err   error
+}
+
+// ccBalancerWrapper is a wrapper on top of cc for balancers.
+// It implements balancer.ClientConn interface.
+type ccBalancerWrapper struct {
+	cc               *ClientConn
+	balancer         balancer.Balancer
+	stateChangeQueue *scStateUpdateBuffer
+	resolverUpdateCh chan *resolverUpdate
+	done             chan struct{}
+}
+
+func newCCBalancerWrapper(cc *ClientConn, b balancer.Builder, bopts balancer.BuildOptions) *ccBalancerWrapper {
+	ccb := &ccBalancerWrapper{
+		cc:               cc,
+		stateChangeQueue: newSCStateUpdateBuffer(),
+		resolverUpdateCh: make(chan *resolverUpdate, 1),
+		done:             make(chan struct{}),
+	}
+	go ccb.watcher()
+	ccb.balancer = b.Build(ccb, bopts)
+	return ccb
+}
+
+// watcher balancer functions sequencially, so the balancer can be implemeneted
+// lock-free.
+func (ccb *ccBalancerWrapper) watcher() {
+	for {
+		select {
+		case t := <-ccb.stateChangeQueue.get():
+			ccb.stateChangeQueue.load()
+			ccb.balancer.HandleSubConnStateChange(t.sc, t.state)
+		case t := <-ccb.resolverUpdateCh:
+			ccb.balancer.HandleResolvedAddrs(t.addrs, t.err)
+		case <-ccb.done:
+		}
+
+		select {
+		case <-ccb.done:
+			ccb.balancer.Close()
+			return
+		default:
+		}
+	}
+}
+
+func (ccb *ccBalancerWrapper) close() {
+	close(ccb.done)
+}
+
+func (ccb *ccBalancerWrapper) handleSubConnStateChange(sc balancer.SubConn, s connectivity.State) {
+	// When updating addresses for a SubConn, if the address in use is not in
+	// the new addresses, the old ac will be tearDown() and a new ac will be
+	// created. tearDown() generates a state change with Shutdown state, we
+	// don't want the balancer to receive this state change. So before
+	// tearDown() on the old ac, ac.acbw (acWrapper) will be set to nil, and
+	// this function will be called with (nil, Shutdown). We don't need to call
+	// balancer method in this case.
+	if sc == nil {
+		return
+	}
+	ccb.stateChangeQueue.put(&scStateUpdate{
+		sc:    sc,
+		state: s,
+	})
+}
+
+func (ccb *ccBalancerWrapper) handleResolvedAddrs(addrs []resolver.Address, err error) {
+	select {
+	case <-ccb.resolverUpdateCh:
+	default:
+	}
+	ccb.resolverUpdateCh <- &resolverUpdate{
+		addrs: addrs,
+		err:   err,
+	}
+}
+
+func (ccb *ccBalancerWrapper) NewSubConn(addrs []resolver.Address, opts balancer.NewSubConnOptions) (balancer.SubConn, error) {
+	grpclog.Infof("ccBalancerWrapper: new subconn: %v", addrs)
+	ac, err := ccb.cc.newAddrConn(addrs)
+	if err != nil {
+		return nil, err
+	}
+	acbw := &acBalancerWrapper{ac: ac}
+	ac.mu.Lock()
+	ac.acbw = acbw
+	ac.mu.Unlock()
+	return acbw, nil
+}
+
+func (ccb *ccBalancerWrapper) RemoveSubConn(sc balancer.SubConn) {
+	grpclog.Infof("ccBalancerWrapper: removing subconn")
+	acbw, ok := sc.(*acBalancerWrapper)
+	if !ok {
+		return
+	}
+	ccb.cc.removeAddrConn(acbw.getAddrConn(), errConnDrain)
+}
+
+func (ccb *ccBalancerWrapper) UpdateBalancerState(s connectivity.State, p balancer.Picker) {
+	grpclog.Infof("ccBalancerWrapper: updating state and picker called by balancer: %v, %p", s, p)
+	ccb.cc.csMgr.updateState(s)
+	ccb.cc.blockingpicker.updatePicker(p)
+}
+
+func (ccb *ccBalancerWrapper) Target() string {
+	return ccb.cc.target
+}
+
+// acBalancerWrapper is a wrapper on top of ac for balancers.
+// It implements balancer.SubConn interface.
+type acBalancerWrapper struct {
+	mu sync.Mutex
+	ac *addrConn
+}
+
+func (acbw *acBalancerWrapper) UpdateAddresses(addrs []resolver.Address) {
+	grpclog.Infof("acBalancerWrapper: UpdateAddresses called with %v", addrs)
+	acbw.mu.Lock()
+	defer acbw.mu.Unlock()
+	if !acbw.ac.tryUpdateAddrs(addrs) {
+		cc := acbw.ac.cc
+		acbw.ac.mu.Lock()
+		// Set old ac.acbw to nil so the Shutdown state update will be ignored
+		// by balancer.
+		//
+		// TODO(bar) the state transition could be wrong when tearDown() old ac
+		// and creating new ac, fix the transition.
+		acbw.ac.acbw = nil
+		acbw.ac.mu.Unlock()
+		acState := acbw.ac.getState()
+		acbw.ac.tearDown(errConnDrain)
+
+		if acState == connectivity.Shutdown {
+			return
+		}
+
+		ac, err := cc.newAddrConn(addrs)
+		if err != nil {
+			grpclog.Warningf("acBalancerWrapper: UpdateAddresses: failed to newAddrConn: %v", err)
+			return
+		}
+		acbw.ac = ac
+		ac.mu.Lock()
+		ac.acbw = acbw
+		ac.mu.Unlock()
+		if acState != connectivity.Idle {
+			ac.connect(false)
+		}
+	}
+}
+
+func (acbw *acBalancerWrapper) Connect() {
+	acbw.mu.Lock()
+	defer acbw.mu.Unlock()
+	acbw.ac.connect(false)
+}
+
+func (acbw *acBalancerWrapper) getAddrConn() *addrConn {
+	acbw.mu.Lock()
+	defer acbw.mu.Unlock()
+	return acbw.ac
+}
diff --git a/vendor/google.golang.org/grpc/balancer_v1_wrapper.go b/vendor/google.golang.org/grpc/balancer_v1_wrapper.go
new file mode 100644
index 000000000000..9d0616080a1b
--- /dev/null
+++ b/vendor/google.golang.org/grpc/balancer_v1_wrapper.go
@@ -0,0 +1,367 @@
+/*
+ *
+ * Copyright 2017 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package grpc
+
+import (
+	"sync"
+
+	"golang.org/x/net/context"
+	"google.golang.org/grpc/balancer"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/connectivity"
+	"google.golang.org/grpc/grpclog"
+	"google.golang.org/grpc/resolver"
+)
+
+type balancerWrapperBuilder struct {
+	b Balancer // The v1 balancer.
+}
+
+func (bwb *balancerWrapperBuilder) Build(cc balancer.ClientConn, opts balancer.BuildOptions) balancer.Balancer {
+	bwb.b.Start(cc.Target(), BalancerConfig{
+		DialCreds: opts.DialCreds,
+		Dialer:    opts.Dialer,
+	})
+	_, pickfirst := bwb.b.(*pickFirst)
+	bw := &balancerWrapper{
+		balancer:  bwb.b,
+		pickfirst: pickfirst,
+		cc:        cc,
+		startCh:   make(chan struct{}),
+		conns:     make(map[resolver.Address]balancer.SubConn),
+		connSt:    make(map[balancer.SubConn]*scState),
+		csEvltr:   &connectivityStateEvaluator{},
+		state:     connectivity.Idle,
+	}
+	cc.UpdateBalancerState(connectivity.Idle, bw)
+	go bw.lbWatcher()
+	return bw
+}
+
+func (bwb *balancerWrapperBuilder) Name() string {
+	return "wrapper"
+}
+
+type scState struct {
+	addr Address // The v1 address type.
+	s    connectivity.State
+	down func(error)
+}
+
+type balancerWrapper struct {
+	balancer  Balancer // The v1 balancer.
+	pickfirst bool
+
+	cc balancer.ClientConn
+
+	// To aggregate the connectivity state.
+	csEvltr *connectivityStateEvaluator
+	state   connectivity.State
+
+	mu     sync.Mutex
+	conns  map[resolver.Address]balancer.SubConn
+	connSt map[balancer.SubConn]*scState
+	// This channel is closed when handling the first resolver result.
+	// lbWatcher blocks until this is closed, to avoid race between
+	// - NewSubConn is created, cc wants to notify balancer of state changes;
+	// - Build hasn't return, cc doesn't have access to balancer.
+	startCh chan struct{}
+}
+
+// lbWatcher watches the Notify channel of the balancer and manages
+// connections accordingly.
+func (bw *balancerWrapper) lbWatcher() {
+	<-bw.startCh
+	grpclog.Infof("balancerWrapper: is pickfirst: %v\n", bw.pickfirst)
+	notifyCh := bw.balancer.Notify()
+	if notifyCh == nil {
+		// There's no resolver in the balancer. Connect directly.
+		a := resolver.Address{
+			Addr: bw.cc.Target(),
+			Type: resolver.Backend,
+		}
+		sc, err := bw.cc.NewSubConn([]resolver.Address{a}, balancer.NewSubConnOptions{})
+		if err != nil {
+			grpclog.Warningf("Error creating connection to %v. Err: %v", a, err)
+		} else {
+			bw.mu.Lock()
+			bw.conns[a] = sc
+			bw.connSt[sc] = &scState{
+				addr: Address{Addr: bw.cc.Target()},
+				s:    connectivity.Idle,
+			}
+			bw.mu.Unlock()
+			sc.Connect()
+		}
+		return
+	}
+
+	for addrs := range notifyCh {
+		grpclog.Infof("balancerWrapper: got update addr from Notify: %v\n", addrs)
+		if bw.pickfirst {
+			var (
+				oldA  resolver.Address
+				oldSC balancer.SubConn
+			)
+			bw.mu.Lock()
+			for oldA, oldSC = range bw.conns {
+				break
+			}
+			bw.mu.Unlock()
+			if len(addrs) <= 0 {
+				if oldSC != nil {
+					// Teardown old sc.
+					bw.mu.Lock()
+					delete(bw.conns, oldA)
+					delete(bw.connSt, oldSC)
+					bw.mu.Unlock()
+					bw.cc.RemoveSubConn(oldSC)
+				}
+				continue
+			}
+
+			var newAddrs []resolver.Address
+			for _, a := range addrs {
+				newAddr := resolver.Address{
+					Addr:       a.Addr,
+					Type:       resolver.Backend, // All addresses from balancer are all backends.
+					ServerName: "",
+					Metadata:   a.Metadata,
+				}
+				newAddrs = append(newAddrs, newAddr)
+			}
+			if oldSC == nil {
+				// Create new sc.
+				sc, err := bw.cc.NewSubConn(newAddrs, balancer.NewSubConnOptions{})
+				if err != nil {
+					grpclog.Warningf("Error creating connection to %v. Err: %v", newAddrs, err)
+				} else {
+					bw.mu.Lock()
+					// For pickfirst, there should be only one SubConn, so the
+					// address doesn't matter. All states updating (up and down)
+					// and picking should all happen on that only SubConn.
+					bw.conns[resolver.Address{}] = sc
+					bw.connSt[sc] = &scState{
+						addr: addrs[0], // Use the first address.
+						s:    connectivity.Idle,
+					}
+					bw.mu.Unlock()
+					sc.Connect()
+				}
+			} else {
+				oldSC.UpdateAddresses(newAddrs)
+				bw.mu.Lock()
+				bw.connSt[oldSC].addr = addrs[0]
+				bw.mu.Unlock()
+			}
+		} else {
+			var (
+				add []resolver.Address // Addresses need to setup connections.
+				del []balancer.SubConn // Connections need to tear down.
+			)
+			resAddrs := make(map[resolver.Address]Address)
+			for _, a := range addrs {
+				resAddrs[resolver.Address{
+					Addr:       a.Addr,
+					Type:       resolver.Backend, // All addresses from balancer are all backends.
+					ServerName: "",
+					Metadata:   a.Metadata,
+				}] = a
+			}
+			bw.mu.Lock()
+			for a := range resAddrs {
+				if _, ok := bw.conns[a]; !ok {
+					add = append(add, a)
+				}
+			}
+			for a, c := range bw.conns {
+				if _, ok := resAddrs[a]; !ok {
+					del = append(del, c)
+					delete(bw.conns, a)
+					// Keep the state of this sc in bw.connSt until its state becomes Shutdown.
+				}
+			}
+			bw.mu.Unlock()
+			for _, a := range add {
+				sc, err := bw.cc.NewSubConn([]resolver.Address{a}, balancer.NewSubConnOptions{})
+				if err != nil {
+					grpclog.Warningf("Error creating connection to %v. Err: %v", a, err)
+				} else {
+					bw.mu.Lock()
+					bw.conns[a] = sc
+					bw.connSt[sc] = &scState{
+						addr: resAddrs[a],
+						s:    connectivity.Idle,
+					}
+					bw.mu.Unlock()
+					sc.Connect()
+				}
+			}
+			for _, c := range del {
+				bw.cc.RemoveSubConn(c)
+			}
+		}
+	}
+}
+
+func (bw *balancerWrapper) HandleSubConnStateChange(sc balancer.SubConn, s connectivity.State) {
+	grpclog.Infof("balancerWrapper: handle subconn state change: %p, %v", sc, s)
+	bw.mu.Lock()
+	defer bw.mu.Unlock()
+	scSt, ok := bw.connSt[sc]
+	if !ok {
+		return
+	}
+	if s == connectivity.Idle {
+		sc.Connect()
+	}
+	oldS := scSt.s
+	scSt.s = s
+	if oldS != connectivity.Ready && s == connectivity.Ready {
+		scSt.down = bw.balancer.Up(scSt.addr)
+	} else if oldS == connectivity.Ready && s != connectivity.Ready {
+		if scSt.down != nil {
+			scSt.down(errConnClosing)
+		}
+	}
+	sa := bw.csEvltr.recordTransition(oldS, s)
+	if bw.state != sa {
+		bw.state = sa
+	}
+	bw.cc.UpdateBalancerState(bw.state, bw)
+	if s == connectivity.Shutdown {
+		// Remove state for this sc.
+		delete(bw.connSt, sc)
+	}
+	return
+}
+
+func (bw *balancerWrapper) HandleResolvedAddrs([]resolver.Address, error) {
+	bw.mu.Lock()
+	defer bw.mu.Unlock()
+	select {
+	case <-bw.startCh:
+	default:
+		close(bw.startCh)
+	}
+	// There should be a resolver inside the balancer.
+	// All updates here, if any, are ignored.
+	return
+}
+
+func (bw *balancerWrapper) Close() {
+	bw.mu.Lock()
+	defer bw.mu.Unlock()
+	select {
+	case <-bw.startCh:
+	default:
+		close(bw.startCh)
+	}
+	bw.balancer.Close()
+	return
+}
+
+// The picker is the balancerWrapper itself.
+// Pick should never return ErrNoSubConnAvailable.
+// It either blocks or returns error, consistent with v1 balancer Get().
+func (bw *balancerWrapper) Pick(ctx context.Context, opts balancer.PickOptions) (balancer.SubConn, func(balancer.DoneInfo), error) {
+	failfast := true // Default failfast is true.
+	if ss, ok := rpcInfoFromContext(ctx); ok {
+		failfast = ss.failfast
+	}
+	a, p, err := bw.balancer.Get(ctx, BalancerGetOptions{BlockingWait: !failfast})
+	if err != nil {
+		return nil, nil, err
+	}
+	var done func(balancer.DoneInfo)
+	if p != nil {
+		done = func(i balancer.DoneInfo) { p() }
+	}
+	var sc balancer.SubConn
+	bw.mu.Lock()
+	defer bw.mu.Unlock()
+	if bw.pickfirst {
+		// Get the first sc in conns.
+		for _, sc = range bw.conns {
+			break
+		}
+	} else {
+		var ok bool
+		sc, ok = bw.conns[resolver.Address{
+			Addr:       a.Addr,
+			Type:       resolver.Backend,
+			ServerName: "",
+			Metadata:   a.Metadata,
+		}]
+		if !ok && failfast {
+			return nil, nil, Errorf(codes.Unavailable, "there is no connection available")
+		}
+		if s, ok := bw.connSt[sc]; failfast && (!ok || s.s != connectivity.Ready) {
+			// If the returned sc is not ready and RPC is failfast,
+			// return error, and this RPC will fail.
+			return nil, nil, Errorf(codes.Unavailable, "there is no connection available")
+		}
+	}
+
+	return sc, done, nil
+}
+
+// connectivityStateEvaluator gets updated by addrConns when their
+// states transition, based on which it evaluates the state of
+// ClientConn.
+type connectivityStateEvaluator struct {
+	mu                  sync.Mutex
+	numReady            uint64 // Number of addrConns in ready state.
+	numConnecting       uint64 // Number of addrConns in connecting state.
+	numTransientFailure uint64 // Number of addrConns in transientFailure.
+}
+
+// recordTransition records state change happening in every subConn and based on
+// that it evaluates what aggregated state should be.
+// It can only transition between Ready, Connecting and TransientFailure. Other states,
+// Idle and Shutdown are transitioned into by ClientConn; in the beginning of the connection
+// before any subConn is created ClientConn is in idle state. In the end when ClientConn
+// closes it is in Shutdown state.
+// TODO Note that in later releases, a ClientConn with no activity will be put into an Idle state.
+func (cse *connectivityStateEvaluator) recordTransition(oldState, newState connectivity.State) connectivity.State {
+	cse.mu.Lock()
+	defer cse.mu.Unlock()
+
+	// Update counters.
+	for idx, state := range []connectivity.State{oldState, newState} {
+		updateVal := 2*uint64(idx) - 1 // -1 for oldState and +1 for new.
+		switch state {
+		case connectivity.Ready:
+			cse.numReady += updateVal
+		case connectivity.Connecting:
+			cse.numConnecting += updateVal
+		case connectivity.TransientFailure:
+			cse.numTransientFailure += updateVal
+		}
+	}
+
+	// Evaluate.
+	if cse.numReady > 0 {
+		return connectivity.Ready
+	}
+	if cse.numConnecting > 0 {
+		return connectivity.Connecting
+	}
+	return connectivity.TransientFailure
+}
diff --git a/vendor/google.golang.org/grpc/call.go b/vendor/google.golang.org/grpc/call.go
index af34a71316fb..1ef2507c35f3 100644
--- a/vendor/google.golang.org/grpc/call.go
+++ b/vendor/google.golang.org/grpc/call.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2014, Google Inc.
- * All rights reserved.
+ * Copyright 2014 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -40,6 +25,7 @@ import (
 
 	"golang.org/x/net/context"
 	"golang.org/x/net/trace"
+	"google.golang.org/grpc/balancer"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/peer"
 	"google.golang.org/grpc/stats"
@@ -73,7 +59,10 @@ func recvResponse(ctx context.Context, dopts dialOptions, t transport.ClientTran
 		}
 	}
 	for {
-		if err = recv(p, dopts.codec, stream, dopts.dc, reply, dopts.maxMsgSize, inPayload); err != nil {
+		if c.maxReceiveMessageSize == nil {
+			return Errorf(codes.Internal, "callInfo maxReceiveMessageSize field uninitialized(nil)")
+		}
+		if err = recv(p, dopts.codec, stream, dopts.dc, reply, *c.maxReceiveMessageSize, inPayload); err != nil {
 			if err == io.EOF {
 				break
 			}
@@ -86,14 +75,11 @@ func recvResponse(ctx context.Context, dopts dialOptions, t transport.ClientTran
 		dopts.copts.StatsHandler.HandleRPC(ctx, inPayload)
 	}
 	c.trailerMD = stream.Trailer()
-	if peer, ok := peer.FromContext(stream.Context()); ok {
-		c.peer = peer
-	}
 	return nil
 }
 
 // sendRequest writes out various information of an RPC such as Context and Message.
-func sendRequest(ctx context.Context, dopts dialOptions, compressor Compressor, callHdr *transport.CallHdr, stream *transport.Stream, t transport.ClientTransport, args interface{}, opts *transport.Options) (err error) {
+func sendRequest(ctx context.Context, dopts dialOptions, compressor Compressor, c *callInfo, callHdr *transport.CallHdr, stream *transport.Stream, t transport.ClientTransport, args interface{}, opts *transport.Options) (err error) {
 	defer func() {
 		if err != nil {
 			// If err is connection error, t will be closed, no need to close stream here.
@@ -114,11 +100,17 @@ func sendRequest(ctx context.Context, dopts dialOptions, compressor Compressor,
 			Client: true,
 		}
 	}
-	outBuf, err := encode(dopts.codec, args, compressor, cbuf, outPayload)
+	hdr, data, err := encode(dopts.codec, args, compressor, cbuf, outPayload)
 	if err != nil {
-		return Errorf(codes.Internal, "grpc: %v", err)
+		return err
 	}
-	err = t.Write(stream, outBuf, opts)
+	if c.maxSendMessageSize == nil {
+		return Errorf(codes.Internal, "callInfo maxSendMessageSize field uninitialized(nil)")
+	}
+	if len(data) > *c.maxSendMessageSize {
+		return Errorf(codes.ResourceExhausted, "grpc: trying to send message larger than max (%d vs. %d)", len(data), *c.maxSendMessageSize)
+	}
+	err = t.Write(stream, hdr, data, opts)
 	if err == nil && outPayload != nil {
 		outPayload.SentTime = time.Now()
 		dopts.copts.StatsHandler.HandleRPC(ctx, outPayload)
@@ -144,25 +136,33 @@ func Invoke(ctx context.Context, method string, args, reply interface{}, cc *Cli
 }
 
 func invoke(ctx context.Context, method string, args, reply interface{}, cc *ClientConn, opts ...CallOption) (e error) {
-	c := defaultCallInfo
-	if mc, ok := cc.getMethodConfig(method); ok {
-		c.failFast = !mc.WaitForReady
-		if mc.Timeout > 0 {
-			var cancel context.CancelFunc
-			ctx, cancel = context.WithTimeout(ctx, mc.Timeout)
-			defer cancel()
-		}
+	c := defaultCallInfo()
+	mc := cc.GetMethodConfig(method)
+	if mc.WaitForReady != nil {
+		c.failFast = !*mc.WaitForReady
 	}
+
+	if mc.Timeout != nil && *mc.Timeout >= 0 {
+		var cancel context.CancelFunc
+		ctx, cancel = context.WithTimeout(ctx, *mc.Timeout)
+		defer cancel()
+	}
+
+	opts = append(cc.dopts.callOptions, opts...)
 	for _, o := range opts {
-		if err := o.before(&c); err != nil {
+		if err := o.before(c); err != nil {
 			return toRPCErr(err)
 		}
 	}
 	defer func() {
 		for _, o := range opts {
-			o.after(&c)
+			o.after(c)
 		}
 	}()
+
+	c.maxSendMessageSize = getMaxSize(mc.MaxReqSize, c.maxSendMessageSize, defaultClientMaxSendMessageSize)
+	c.maxReceiveMessageSize = getMaxSize(mc.MaxRespSize, c.maxReceiveMessageSize, defaultClientMaxReceiveMessageSize)
+
 	if EnableTracing {
 		c.traceInfo.tr = trace.New("grpc.Sent."+methodFamily(method), method)
 		defer c.traceInfo.tr.Finish()
@@ -179,27 +179,25 @@ func invoke(ctx context.Context, method string, args, reply interface{}, cc *Cli
 			}
 		}()
 	}
-	ctx = newContextWithRPCInfo(ctx)
+	ctx = newContextWithRPCInfo(ctx, c.failFast)
 	sh := cc.dopts.copts.StatsHandler
 	if sh != nil {
-		ctx = sh.TagRPC(ctx, &stats.RPCTagInfo{FullMethodName: method})
+		ctx = sh.TagRPC(ctx, &stats.RPCTagInfo{FullMethodName: method, FailFast: c.failFast})
 		begin := &stats.Begin{
 			Client:    true,
 			BeginTime: time.Now(),
 			FailFast:  c.failFast,
 		}
 		sh.HandleRPC(ctx, begin)
-	}
-	defer func() {
-		if sh != nil {
+		defer func() {
 			end := &stats.End{
 				Client:  true,
 				EndTime: time.Now(),
 				Error:   e,
 			}
 			sh.HandleRPC(ctx, end)
-		}
-	}()
+		}()
+	}
 	topts := &transport.Options{
 		Last:  true,
 		Delay: false,
@@ -209,9 +207,9 @@ func invoke(ctx context.Context, method string, args, reply interface{}, cc *Cli
 			err    error
 			t      transport.ClientTransport
 			stream *transport.Stream
-			// Record the put handler from Balancer.Get(...). It is called once the
+			// Record the done handler from Balancer.Get(...). It is called once the
 			// RPC has completed or failed.
-			put func()
+			done func(balancer.DoneInfo)
 		)
 		// TODO(zhaoq): Need a formal spec of fail-fast.
 		callHdr := &transport.CallHdr{
@@ -221,11 +219,11 @@ func invoke(ctx context.Context, method string, args, reply interface{}, cc *Cli
 		if cc.dopts.cp != nil {
 			callHdr.SendCompress = cc.dopts.cp.Type()
 		}
-
-		gopts := BalancerGetOptions{
-			BlockingWait: !c.failFast,
+		if c.creds != nil {
+			callHdr.Creds = c.creds
 		}
-		t, put, err = cc.getTransport(ctx, gopts)
+
+		t, done, err = cc.getTransport(ctx, c.failFast)
 		if err != nil {
 			// TODO(zhaoq): Probably revisit the error handling.
 			if _, ok := status.FromError(err); ok {
@@ -245,28 +243,31 @@ func invoke(ctx context.Context, method string, args, reply interface{}, cc *Cli
 		}
 		stream, err = t.NewStream(ctx, callHdr)
 		if err != nil {
-			if put != nil {
+			if done != nil {
 				if _, ok := err.(transport.ConnectionError); ok {
 					// If error is connection error, transport was sending data on wire,
 					// and we are not sure if anything has been sent on wire.
 					// If error is not connection error, we are sure nothing has been sent.
 					updateRPCInfoInContext(ctx, rpcInfo{bytesSent: true, bytesReceived: false})
 				}
-				put()
+				done(balancer.DoneInfo{Err: err})
 			}
 			if _, ok := err.(transport.ConnectionError); (ok || err == transport.ErrStreamDrain) && !c.failFast {
 				continue
 			}
 			return toRPCErr(err)
 		}
-		err = sendRequest(ctx, cc.dopts, cc.dopts.cp, callHdr, stream, t, args, topts)
+		if peer, ok := peer.FromContext(stream.Context()); ok {
+			c.peer = peer
+		}
+		err = sendRequest(ctx, cc.dopts, cc.dopts.cp, c, callHdr, stream, t, args, topts)
 		if err != nil {
-			if put != nil {
+			if done != nil {
 				updateRPCInfoInContext(ctx, rpcInfo{
 					bytesSent:     stream.BytesSent(),
 					bytesReceived: stream.BytesReceived(),
 				})
-				put()
+				done(balancer.DoneInfo{Err: err})
 			}
 			// Retry a non-failfast RPC when
 			// i) there is a connection error; or
@@ -276,14 +277,14 @@ func invoke(ctx context.Context, method string, args, reply interface{}, cc *Cli
 			}
 			return toRPCErr(err)
 		}
-		err = recvResponse(ctx, cc.dopts, t, &c, stream, reply)
+		err = recvResponse(ctx, cc.dopts, t, c, stream, reply)
 		if err != nil {
-			if put != nil {
+			if done != nil {
 				updateRPCInfoInContext(ctx, rpcInfo{
 					bytesSent:     stream.BytesSent(),
 					bytesReceived: stream.BytesReceived(),
 				})
-				put()
+				done(balancer.DoneInfo{Err: err})
 			}
 			if _, ok := err.(transport.ConnectionError); (ok || err == transport.ErrStreamDrain) && !c.failFast {
 				continue
@@ -294,12 +295,12 @@ func invoke(ctx context.Context, method string, args, reply interface{}, cc *Cli
 			c.traceInfo.tr.LazyLog(&payload{sent: false, msg: reply}, true)
 		}
 		t.CloseStream(stream, nil)
-		if put != nil {
+		if done != nil {
 			updateRPCInfoInContext(ctx, rpcInfo{
 				bytesSent:     stream.BytesSent(),
 				bytesReceived: stream.BytesReceived(),
 			})
-			put()
+			done(balancer.DoneInfo{Err: err})
 		}
 		return stream.Status().Err()
 	}
diff --git a/vendor/google.golang.org/grpc/clientconn.go b/vendor/google.golang.org/grpc/clientconn.go
index f542d8bd0417..71de2e50d2bd 100644
--- a/vendor/google.golang.org/grpc/clientconn.go
+++ b/vendor/google.golang.org/grpc/clientconn.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2014, Google Inc.
- * All rights reserved.
+ * Copyright 2014 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -38,14 +23,19 @@ import (
 	"fmt"
 	"math"
 	"net"
+	"reflect"
+	"strings"
 	"sync"
 	"time"
 
 	"golang.org/x/net/context"
 	"golang.org/x/net/trace"
+	"google.golang.org/grpc/balancer"
+	"google.golang.org/grpc/connectivity"
 	"google.golang.org/grpc/credentials"
 	"google.golang.org/grpc/grpclog"
 	"google.golang.org/grpc/keepalive"
+	"google.golang.org/grpc/resolver"
 	"google.golang.org/grpc/stats"
 	"google.golang.org/grpc/transport"
 )
@@ -56,8 +46,7 @@ var (
 	ErrClientConnClosing = errors.New("grpc: the client connection is closing")
 	// ErrClientConnTimeout indicates that the ClientConn cannot establish the
 	// underlying connections within the specified timeout.
-	// DEPRECATED: Please use context.DeadlineExceeded instead. This error will be
-	// removed in Q1 2017.
+	// DEPRECATED: Please use context.DeadlineExceeded instead.
 	ErrClientConnTimeout = errors.New("grpc: timed out when dialing")
 
 	// errNoTransportSecurity indicates that there is no transport security
@@ -79,6 +68,8 @@ var (
 	errConnClosing = errors.New("grpc: the connection is closing")
 	// errConnUnavailable indicates that the connection is unavailable.
 	errConnUnavailable = errors.New("grpc: the connection is unavailable")
+	// errBalancerClosed indicates that the balancer is closed.
+	errBalancerClosed = errors.New("grpc: balancer is closed")
 	// minimum time to give a connection to complete
 	minConnectTimeout = 20 * time.Second
 )
@@ -86,30 +77,71 @@ var (
 // dialOptions configure a Dial call. dialOptions are set by the DialOption
 // values passed to Dial.
 type dialOptions struct {
-	unaryInt   UnaryClientInterceptor
-	streamInt  StreamClientInterceptor
-	codec      Codec
-	cp         Compressor
-	dc         Decompressor
-	bs         backoffStrategy
-	balancer   Balancer
-	block      bool
-	insecure   bool
-	timeout    time.Duration
-	scChan     <-chan ServiceConfig
-	copts      transport.ConnectOptions
-	maxMsgSize int
+	unaryInt    UnaryClientInterceptor
+	streamInt   StreamClientInterceptor
+	codec       Codec
+	cp          Compressor
+	dc          Decompressor
+	bs          backoffStrategy
+	block       bool
+	insecure    bool
+	timeout     time.Duration
+	scChan      <-chan ServiceConfig
+	copts       transport.ConnectOptions
+	callOptions []CallOption
+	// This is to support v1 balancer.
+	balancerBuilder balancer.Builder
 }
 
-const defaultClientMaxMsgSize = math.MaxInt32
+const (
+	defaultClientMaxReceiveMessageSize = 1024 * 1024 * 4
+	defaultClientMaxSendMessageSize    = math.MaxInt32
+)
 
 // DialOption configures how we set up the connection.
 type DialOption func(*dialOptions)
 
-// WithMaxMsgSize returns a DialOption which sets the maximum message size the client can receive.
+// WithWriteBufferSize lets you set the size of write buffer, this determines how much data can be batched
+// before doing a write on the wire.
+func WithWriteBufferSize(s int) DialOption {
+	return func(o *dialOptions) {
+		o.copts.WriteBufferSize = s
+	}
+}
+
+// WithReadBufferSize lets you set the size of read buffer, this determines how much data can be read at most
+// for each read syscall.
+func WithReadBufferSize(s int) DialOption {
+	return func(o *dialOptions) {
+		o.copts.ReadBufferSize = s
+	}
+}
+
+// WithInitialWindowSize returns a DialOption which sets the value for initial window size on a stream.
+// The lower bound for window size is 64K and any value smaller than that will be ignored.
+func WithInitialWindowSize(s int32) DialOption {
+	return func(o *dialOptions) {
+		o.copts.InitialWindowSize = s
+	}
+}
+
+// WithInitialConnWindowSize returns a DialOption which sets the value for initial window size on a connection.
+// The lower bound for window size is 64K and any value smaller than that will be ignored.
+func WithInitialConnWindowSize(s int32) DialOption {
+	return func(o *dialOptions) {
+		o.copts.InitialConnWindowSize = s
+	}
+}
+
+// WithMaxMsgSize returns a DialOption which sets the maximum message size the client can receive. Deprecated: use WithDefaultCallOptions(MaxCallRecvMsgSize(s)) instead.
 func WithMaxMsgSize(s int) DialOption {
+	return WithDefaultCallOptions(MaxCallRecvMsgSize(s))
+}
+
+// WithDefaultCallOptions returns a DialOption which sets the default CallOptions for calls over the connection.
+func WithDefaultCallOptions(cos ...CallOption) DialOption {
 	return func(o *dialOptions) {
-		o.maxMsgSize = s
+		o.callOptions = append(o.callOptions, cos...)
 	}
 }
 
@@ -136,10 +168,23 @@ func WithDecompressor(dc Decompressor) DialOption {
 	}
 }
 
-// WithBalancer returns a DialOption which sets a load balancer.
+// WithBalancer returns a DialOption which sets a load balancer with the v1 API.
+// Name resolver will be ignored if this DialOption is specified.
+// Deprecated: use the new balancer APIs in balancer package instead.
 func WithBalancer(b Balancer) DialOption {
 	return func(o *dialOptions) {
-		o.balancer = b
+		o.balancerBuilder = &balancerWrapperBuilder{
+			b: b,
+		}
+	}
+}
+
+// WithBalancerBuilder is for testing only. Users using custom balancers should
+// register their balancer and use service config to choose the balancer to use.
+func WithBalancerBuilder(b balancer.Builder) DialOption {
+	// TODO(bar) remove this when switching balancer is done.
+	return func(o *dialOptions) {
+		o.balancerBuilder = b
 	}
 }
 
@@ -204,7 +249,7 @@ func WithTransportCredentials(creds credentials.TransportCredentials) DialOption
 }
 
 // WithPerRPCCredentials returns a DialOption which sets
-// credentials which will place auth state on each outbound RPC.
+// credentials and places auth state on each outbound RPC.
 func WithPerRPCCredentials(creds credentials.PerRPCCredentials) DialOption {
 	return func(o *dialOptions) {
 		o.copts.PerRPCCredentials = append(o.copts.PerRPCCredentials, creds)
@@ -213,6 +258,7 @@ func WithPerRPCCredentials(creds credentials.PerRPCCredentials) DialOption {
 
 // WithTimeout returns a DialOption that configures a timeout for dialing a ClientConn
 // initially. This is valid if and only if WithBlock() is present.
+// Deprecated: use DialContext and context.WithTimeout instead.
 func WithTimeout(d time.Duration) DialOption {
 	return func(o *dialOptions) {
 		o.timeout = d
@@ -241,7 +287,7 @@ func WithStatsHandler(h stats.Handler) DialOption {
 	}
 }
 
-// FailOnNonTempDialError returns a DialOption that specified if gRPC fails on non-temporary dial errors.
+// FailOnNonTempDialError returns a DialOption that specifies if gRPC fails on non-temporary dial errors.
 // If f is true, and dialer returns a non-temporary error, gRPC will fail the connection to the network
 // address and won't try to reconnect.
 // The default value of FailOnNonTempDialError is false.
@@ -259,7 +305,7 @@ func WithUserAgent(s string) DialOption {
 	}
 }
 
-// WithKeepaliveParams returns a DialOption that specifies keepalive paramaters for the client transport.
+// WithKeepaliveParams returns a DialOption that specifies keepalive parameters for the client transport.
 func WithKeepaliveParams(kp keepalive.ClientParameters) DialOption {
 	return func(o *dialOptions) {
 		o.copts.KeepaliveParams = kp
@@ -295,26 +341,44 @@ func Dial(target string, opts ...DialOption) (*ClientConn, error) {
 }
 
 // DialContext creates a client connection to the given target. ctx can be used to
-// cancel or expire the pending connecting. Once this function returns, the
+// cancel or expire the pending connection. Once this function returns, the
 // cancellation and expiration of ctx will be noop. Users should call ClientConn.Close
 // to terminate all the pending operations after this function returns.
-// This is the EXPERIMENTAL API.
 func DialContext(ctx context.Context, target string, opts ...DialOption) (conn *ClientConn, err error) {
 	cc := &ClientConn{
 		target: target,
-		conns:  make(map[Address]*addrConn),
+		csMgr:  &connectivityStateManager{},
+		conns:  make(map[*addrConn]struct{}),
+
+		blockingpicker: newPickerWrapper(),
 	}
 	cc.ctx, cc.cancel = context.WithCancel(context.Background())
-	cc.dopts.maxMsgSize = defaultClientMaxMsgSize
+
 	for _, opt := range opts {
 		opt(&cc.dopts)
 	}
+
+	if !cc.dopts.insecure {
+		if cc.dopts.copts.TransportCredentials == nil {
+			return nil, errNoTransportSecurity
+		}
+	} else {
+		if cc.dopts.copts.TransportCredentials != nil {
+			return nil, errCredentialsConflict
+		}
+		for _, cd := range cc.dopts.copts.PerRPCCredentials {
+			if cd.RequireTransportSecurity() {
+				return nil, errTransportCredentialsMissing
+			}
+		}
+	}
+
 	cc.mkp = cc.dopts.copts.KeepaliveParams
 
 	if cc.dopts.copts.Dialer == nil {
 		cc.dopts.copts.Dialer = newProxyDialer(
 			func(ctx context.Context, addr string) (net.Conn, error) {
-				return dialContext(ctx, "tcp", addr)
+				return (&net.Dialer{}).DialContext(ctx, "tcp", addr)
 			},
 		)
 	}
@@ -343,15 +407,16 @@ func DialContext(ctx context.Context, target string, opts ...DialOption) (conn *
 		}
 	}()
 
+	scSet := false
 	if cc.dopts.scChan != nil {
-		// Wait for the initial service config.
+		// Try to get an initial service config.
 		select {
 		case sc, ok := <-cc.dopts.scChan:
 			if ok {
 				cc.sc = sc
+				scSet = true
 			}
-		case <-ctx.Done():
-			return nil, ctx.Err()
+		default:
 		}
 	}
 	// Set defaults.
@@ -369,89 +434,130 @@ func DialContext(ctx context.Context, target string, opts ...DialOption) (conn *
 	} else {
 		cc.authority = target
 	}
-	waitC := make(chan error, 1)
-	go func() {
-		defer close(waitC)
-		if cc.dopts.balancer == nil && cc.sc.LB != nil {
-			cc.dopts.balancer = cc.sc.LB
+
+	if cc.dopts.balancerBuilder != nil {
+		var credsClone credentials.TransportCredentials
+		if creds != nil {
+			credsClone = creds.Clone()
 		}
-		if cc.dopts.balancer != nil {
-			var credsClone credentials.TransportCredentials
-			if creds != nil {
-				credsClone = creds.Clone()
-			}
-			config := BalancerConfig{
-				DialCreds: credsClone,
-			}
-			if err := cc.dopts.balancer.Start(target, config); err != nil {
+		buildOpts := balancer.BuildOptions{
+			DialCreds: credsClone,
+			Dialer:    cc.dopts.copts.Dialer,
+		}
+		// Build should not take long time. So it's ok to not have a goroutine for it.
+		// TODO(bar) init balancer after first resolver result to support service config balancer.
+		cc.balancerWrapper = newCCBalancerWrapper(cc, cc.dopts.balancerBuilder, buildOpts)
+	} else {
+		waitC := make(chan error, 1)
+		go func() {
+			defer close(waitC)
+			// No balancer, or no resolver within the balancer.  Connect directly.
+			ac, err := cc.newAddrConn([]resolver.Address{{Addr: target}})
+			if err != nil {
 				waitC <- err
 				return
 			}
-			ch := cc.dopts.balancer.Notify()
-			if ch != nil {
-				if cc.dopts.block {
-					doneChan := make(chan struct{})
-					go cc.lbWatcher(doneChan)
-					<-doneChan
-				} else {
-					go cc.lbWatcher(nil)
-				}
+			if err := ac.connect(cc.dopts.block); err != nil {
+				waitC <- err
 				return
 			}
+		}()
+		select {
+		case <-ctx.Done():
+			return nil, ctx.Err()
+		case err := <-waitC:
+			if err != nil {
+				return nil, err
+			}
 		}
-		// No balancer, or no resolver within the balancer.  Connect directly.
-		if err := cc.resetAddrConn(Address{Addr: target}, cc.dopts.block, nil); err != nil {
-			waitC <- err
-			return
-		}
-	}()
-	select {
-	case <-ctx.Done():
-		return nil, ctx.Err()
-	case err := <-waitC:
-		if err != nil {
-			return nil, err
+	}
+	if cc.dopts.scChan != nil && !scSet {
+		// Blocking wait for the initial service config.
+		select {
+		case sc, ok := <-cc.dopts.scChan:
+			if ok {
+				cc.sc = sc
+			}
+		case <-ctx.Done():
+			return nil, ctx.Err()
 		}
 	}
-
 	if cc.dopts.scChan != nil {
 		go cc.scWatcher()
 	}
 
+	// Build the resolver.
+	cc.resolverWrapper, err = newCCResolverWrapper(cc)
+	if err != nil {
+		return nil, fmt.Errorf("failed to build resolver: %v", err)
+	}
+
+	if cc.balancerWrapper != nil && cc.resolverWrapper == nil {
+		// TODO(bar) there should always be a resolver (DNS as the default).
+		// Unblock balancer initialization with a fake resolver update if there's no resolver.
+		// The balancer wrapper will not read the addresses, so an empty list works.
+		// TODO(bar) remove this after the real resolver is started.
+		cc.balancerWrapper.handleResolvedAddrs([]resolver.Address{}, nil)
+	}
+
+	// A blocking dial blocks until the clientConn is ready.
+	if cc.dopts.block {
+		for {
+			s := cc.GetState()
+			if s == connectivity.Ready {
+				break
+			}
+			if !cc.WaitForStateChange(ctx, s) {
+				// ctx got timeout or canceled.
+				return nil, ctx.Err()
+			}
+		}
+	}
+
 	return cc, nil
 }
 
-// ConnectivityState indicates the state of a client connection.
-type ConnectivityState int
+// connectivityStateManager keeps the connectivity.State of ClientConn.
+// This struct will eventually be exported so the balancers can access it.
+type connectivityStateManager struct {
+	mu         sync.Mutex
+	state      connectivity.State
+	notifyChan chan struct{}
+}
 
-const (
-	// Idle indicates the ClientConn is idle.
-	Idle ConnectivityState = iota
-	// Connecting indicates the ClienConn is connecting.
-	Connecting
-	// Ready indicates the ClientConn is ready for work.
-	Ready
-	// TransientFailure indicates the ClientConn has seen a failure but expects to recover.
-	TransientFailure
-	// Shutdown indicates the ClientConn has started shutting down.
-	Shutdown
-)
+// updateState updates the connectivity.State of ClientConn.
+// If there's a change it notifies goroutines waiting on state change to
+// happen.
+func (csm *connectivityStateManager) updateState(state connectivity.State) {
+	csm.mu.Lock()
+	defer csm.mu.Unlock()
+	if csm.state == connectivity.Shutdown {
+		return
+	}
+	if csm.state == state {
+		return
+	}
+	csm.state = state
+	if csm.notifyChan != nil {
+		// There are other goroutines waiting on this channel.
+		close(csm.notifyChan)
+		csm.notifyChan = nil
+	}
+}
+
+func (csm *connectivityStateManager) getState() connectivity.State {
+	csm.mu.Lock()
+	defer csm.mu.Unlock()
+	return csm.state
+}
 
-func (s ConnectivityState) String() string {
-	switch s {
-	case Idle:
-		return "IDLE"
-	case Connecting:
-		return "CONNECTING"
-	case Ready:
-		return "READY"
-	case TransientFailure:
-		return "TRANSIENT_FAILURE"
-	case Shutdown:
-		return "SHUTDOWN"
-	default:
-		panic(fmt.Sprintf("unknown connectivity state: %d", s))
+func (csm *connectivityStateManager) getNotifyChan() <-chan struct{} {
+	csm.mu.Lock()
+	defer csm.mu.Unlock()
+	if csm.notifyChan == nil {
+		csm.notifyChan = make(chan struct{})
 	}
+	return csm.notifyChan
 }
 
 // ClientConn represents a client connection to an RPC server.
@@ -462,60 +568,42 @@ type ClientConn struct {
 	target    string
 	authority string
 	dopts     dialOptions
+	csMgr     *connectivityStateManager
+
+	balancerWrapper *ccBalancerWrapper
+	resolverWrapper *ccResolverWrapper
+
+	blockingpicker *pickerWrapper
 
 	mu    sync.RWMutex
 	sc    ServiceConfig
-	conns map[Address]*addrConn
-	// Keepalive parameter can be udated if a GoAway is received.
+	conns map[*addrConn]struct{}
+	// Keepalive parameter can be updated if a GoAway is received.
 	mkp keepalive.ClientParameters
 }
 
-// lbWatcher watches the Notify channel of the balancer in cc and manages
-// connections accordingly.  If doneChan is not nil, it is closed after the
-// first successfull connection is made.
-func (cc *ClientConn) lbWatcher(doneChan chan struct{}) {
-	for addrs := range cc.dopts.balancer.Notify() {
-		var (
-			add []Address   // Addresses need to setup connections.
-			del []*addrConn // Connections need to tear down.
-		)
-		cc.mu.Lock()
-		for _, a := range addrs {
-			if _, ok := cc.conns[a]; !ok {
-				add = append(add, a)
-			}
-		}
-		for k, c := range cc.conns {
-			var keep bool
-			for _, a := range addrs {
-				if k == a {
-					keep = true
-					break
-				}
-			}
-			if !keep {
-				del = append(del, c)
-				delete(cc.conns, c.addr)
-			}
-		}
-		cc.mu.Unlock()
-		for _, a := range add {
-			if doneChan != nil {
-				err := cc.resetAddrConn(a, true, nil)
-				if err == nil {
-					close(doneChan)
-					doneChan = nil
-				}
-			} else {
-				cc.resetAddrConn(a, false, nil)
-			}
-		}
-		for _, c := range del {
-			c.tearDown(errConnDrain)
-		}
+// WaitForStateChange waits until the connectivity.State of ClientConn changes from sourceState or
+// ctx expires. A true value is returned in former case and false in latter.
+// This is an EXPERIMENTAL API.
+func (cc *ClientConn) WaitForStateChange(ctx context.Context, sourceState connectivity.State) bool {
+	ch := cc.csMgr.getNotifyChan()
+	if cc.csMgr.getState() != sourceState {
+		return true
+	}
+	select {
+	case <-ctx.Done():
+		return false
+	case <-ch:
+		return true
 	}
 }
 
+// GetState returns the connectivity.State of ClientConn.
+// This is an EXPERIMENTAL API.
+func (cc *ClientConn) GetState() connectivity.State {
+	return cc.csMgr.getState()
+}
+
 func (cc *ClientConn) scWatcher() {
 	for {
 		select {
@@ -534,69 +622,64 @@ func (cc *ClientConn) scWatcher() {
 	}
 }
 
-// resetAddrConn creates an addrConn for addr and adds it to cc.conns.
-// If there is an old addrConn for addr, it will be torn down, using tearDownErr as the reason.
-// If tearDownErr is nil, errConnDrain will be used instead.
-func (cc *ClientConn) resetAddrConn(addr Address, block bool, tearDownErr error) error {
+// newAddrConn creates an addrConn for addrs and adds it to cc.conns.
+func (cc *ClientConn) newAddrConn(addrs []resolver.Address) (*addrConn, error) {
 	ac := &addrConn{
 		cc:    cc,
-		addr:  addr,
+		addrs: addrs,
 		dopts: cc.dopts,
 	}
-	cc.mu.RLock()
-	ac.dopts.copts.KeepaliveParams = cc.mkp
-	cc.mu.RUnlock()
 	ac.ctx, ac.cancel = context.WithCancel(cc.ctx)
-	ac.stateCV = sync.NewCond(&ac.mu)
-	if EnableTracing {
-		ac.events = trace.NewEventLog("grpc.ClientConn", ac.addr.Addr)
-	}
-	if !ac.dopts.insecure {
-		if ac.dopts.copts.TransportCredentials == nil {
-			return errNoTransportSecurity
-		}
-	} else {
-		if ac.dopts.copts.TransportCredentials != nil {
-			return errCredentialsConflict
-		}
-		for _, cd := range ac.dopts.copts.PerRPCCredentials {
-			if cd.RequireTransportSecurity() {
-				return errTransportCredentialsMissing
-			}
-		}
-	}
 	// Track ac in cc. This needs to be done before any getTransport(...) is called.
 	cc.mu.Lock()
 	if cc.conns == nil {
 		cc.mu.Unlock()
-		return ErrClientConnClosing
+		return nil, ErrClientConnClosing
 	}
-	stale := cc.conns[ac.addr]
-	cc.conns[ac.addr] = ac
+	cc.conns[ac] = struct{}{}
 	cc.mu.Unlock()
-	if stale != nil {
-		// There is an addrConn alive on ac.addr already. This could be due to
-		// 1) a buggy Balancer notifies duplicated Addresses;
-		// 2) goaway was received, a new ac will replace the old ac.
-		//    The old ac should be deleted from cc.conns, but the
-		//    underlying transport should drain rather than close.
-		if tearDownErr == nil {
-			// tearDownErr is nil if resetAddrConn is called by
-			// 1) Dial
-			// 2) lbWatcher
-			// In both cases, the stale ac should drain, not close.
-			stale.tearDown(errConnDrain)
-		} else {
-			stale.tearDown(tearDownErr)
-		}
+	return ac, nil
+}
+
+// removeAddrConn removes the addrConn in the subConn from clientConn.
+// It also tears down the ac with the given error.
+func (cc *ClientConn) removeAddrConn(ac *addrConn, err error) {
+	cc.mu.Lock()
+	if cc.conns == nil {
+		cc.mu.Unlock()
+		return
+	}
+	delete(cc.conns, ac)
+	cc.mu.Unlock()
+	ac.tearDown(err)
+}
+
+// connect starts to creating transport and also starts the transport monitor
+// goroutine for this ac.
+// It does nothing if the ac is not IDLE.
+// TODO(bar) Move this to the addrConn section.
+// This was part of resetAddrConn, keep it here to make the diff look clean.
+func (ac *addrConn) connect(block bool) error {
+	ac.mu.Lock()
+	if ac.state == connectivity.Shutdown {
+		ac.mu.Unlock()
+		return errConnClosing
 	}
+	if ac.state != connectivity.Idle {
+		ac.mu.Unlock()
+		return nil
+	}
+	ac.state = connectivity.Connecting
+	if ac.cc.balancerWrapper != nil {
+		ac.cc.balancerWrapper.handleSubConnStateChange(ac.acbw, ac.state)
+	} else {
+		ac.cc.csMgr.updateState(ac.state)
+	}
+	ac.mu.Unlock()
+
 	if block {
-		if err := ac.resetTransport(false); err != nil {
+		if err := ac.resetTransport(); err != nil {
 			if err != errConnClosing {
-				// Tear down ac and delete it from cc.conns.
-				cc.mu.Lock()
-				delete(cc.conns, ac.addr)
-				cc.mu.Unlock()
 				ac.tearDown(err)
 			}
 			if e, ok := err.(transport.ConnectionError); ok && !e.Temporary() {
@@ -609,8 +692,8 @@ func (cc *ClientConn) resetAddrConn(addr Address, block bool, tearDownErr error)
 	} else {
 		// Start a goroutine connecting to the server asynchronously.
 		go func() {
-			if err := ac.resetTransport(false); err != nil {
-				grpclog.Printf("Failed to dial %s: %v; please retry.", ac.addr.Addr, err)
+			if err := ac.resetTransport(); err != nil {
+				grpclog.Warningf("Failed to dial %s: %v; please retry.", ac.addrs[0].Addr, err)
 				if err != errConnClosing {
 					// Keep this ac in cc.conns, to get the reason it's torn down.
 					ac.tearDown(err)
@@ -623,66 +706,86 @@ func (cc *ClientConn) resetAddrConn(addr Address, block bool, tearDownErr error)
 	return nil
 }
 
-// TODO: Avoid the locking here.
-func (cc *ClientConn) getMethodConfig(method string) (m MethodConfig, ok bool) {
+// tryUpdateAddrs tries to update ac.addrs with the new addresses list.
+//
+// It checks whether current connected address of ac is in the new addrs list.
+//  - If true, it updates ac.addrs and returns true. The ac will keep using
+//    the existing connection.
+//  - If false, it does nothing and returns false.
+func (ac *addrConn) tryUpdateAddrs(addrs []resolver.Address) bool {
+	ac.mu.Lock()
+	defer ac.mu.Unlock()
+	grpclog.Infof("addrConn: tryUpdateAddrs curAddr: %v, addrs: %v", ac.curAddr, addrs)
+	if ac.state == connectivity.Shutdown {
+		ac.addrs = addrs
+		return true
+	}
+
+	var curAddrFound bool
+	for _, a := range addrs {
+		if reflect.DeepEqual(ac.curAddr, a) {
+			curAddrFound = true
+			break
+		}
+	}
+	grpclog.Infof("addrConn: tryUpdateAddrs curAddrFound: %v", curAddrFound)
+	if curAddrFound {
+		ac.addrs = addrs
+	}
+
+	return curAddrFound
+}
+
+// GetMethodConfig gets the method config of the input method.
+// If there's an exact match for input method (i.e. /service/method), we return
+// the corresponding MethodConfig.
+// If there isn't an exact match for the input method, we look for the default config
+// under the service (i.e /service/). If there is a default MethodConfig for
+// the serivce, we return it.
+// Otherwise, we return an empty MethodConfig.
+func (cc *ClientConn) GetMethodConfig(method string) MethodConfig {
+	// TODO: Avoid the locking here.
 	cc.mu.RLock()
 	defer cc.mu.RUnlock()
-	m, ok = cc.sc.Methods[method]
-	return
+	m, ok := cc.sc.Methods[method]
+	if !ok {
+		i := strings.LastIndex(method, "/")
+		m, _ = cc.sc.Methods[method[:i+1]]
+	}
+	return m
 }
 
-func (cc *ClientConn) getTransport(ctx context.Context, opts BalancerGetOptions) (transport.ClientTransport, func(), error) {
-	var (
-		ac  *addrConn
-		ok  bool
-		put func()
-	)
-	if cc.dopts.balancer == nil {
+func (cc *ClientConn) getTransport(ctx context.Context, failfast bool) (transport.ClientTransport, func(balancer.DoneInfo), error) {
+	if cc.balancerWrapper == nil {
 		// If balancer is nil, there should be only one addrConn available.
 		cc.mu.RLock()
 		if cc.conns == nil {
 			cc.mu.RUnlock()
+			// TODO this function returns toRPCErr and non-toRPCErr. Clean up
+			// the errors in ClientConn.
 			return nil, nil, toRPCErr(ErrClientConnClosing)
 		}
-		for _, ac = range cc.conns {
+		var ac *addrConn
+		for ac = range cc.conns {
 			// Break after the first iteration to get the first addrConn.
-			ok = true
 			break
 		}
 		cc.mu.RUnlock()
-	} else {
-		var (
-			addr Address
-			err  error
-		)
-		addr, put, err = cc.dopts.balancer.Get(ctx, opts)
-		if err != nil {
-			return nil, nil, toRPCErr(err)
-		}
-		cc.mu.RLock()
-		if cc.conns == nil {
-			cc.mu.RUnlock()
-			return nil, nil, toRPCErr(ErrClientConnClosing)
+		if ac == nil {
+			return nil, nil, errConnClosing
 		}
-		ac, ok = cc.conns[addr]
-		cc.mu.RUnlock()
-	}
-	if !ok {
-		if put != nil {
-			updateRPCInfoInContext(ctx, rpcInfo{bytesSent: false, bytesReceived: false})
-			put()
+		t, err := ac.wait(ctx, false /*hasBalancer*/, failfast)
+		if err != nil {
+			return nil, nil, err
 		}
-		return nil, nil, errConnClosing
+		return t, nil, nil
 	}
-	t, err := ac.wait(ctx, cc.dopts.balancer != nil, !opts.BlockingWait)
+
+	t, done, err := cc.blockingpicker.pick(ctx, failfast, balancer.PickOptions{})
 	if err != nil {
-		if put != nil {
-			updateRPCInfoInContext(ctx, rpcInfo{bytesSent: false, bytesReceived: false})
-			put()
-		}
-		return nil, nil, err
+		return nil, nil, toRPCErr(err)
 	}
-	return t, put, nil
+	return t, done, nil
 }
 
 // Close tears down the ClientConn and all underlying connections.
@@ -696,11 +799,16 @@ func (cc *ClientConn) Close() error {
 	}
 	conns := cc.conns
 	cc.conns = nil
+	cc.csMgr.updateState(connectivity.Shutdown)
 	cc.mu.Unlock()
-	if cc.dopts.balancer != nil {
-		cc.dopts.balancer.Close()
+	cc.blockingpicker.close()
+	if cc.resolverWrapper != nil {
+		cc.resolverWrapper.close()
+	}
+	if cc.balancerWrapper != nil {
+		cc.balancerWrapper.close()
 	}
-	for _, ac := range conns {
+	for ac := range conns {
 		ac.tearDown(ErrClientConnClosing)
 	}
 	return nil
@@ -711,15 +819,15 @@ type addrConn struct {
 	ctx    context.Context
 	cancel context.CancelFunc
 
-	cc     *ClientConn
-	addr   Address
-	dopts  dialOptions
-	events trace.EventLog
+	cc      *ClientConn
+	curAddr resolver.Address
+	addrs   []resolver.Address
+	dopts   dialOptions
+	events  trace.EventLog
+	acbw    balancer.SubConn
 
-	mu      sync.Mutex
-	state   ConnectivityState
-	stateCV *sync.Cond
-	down    func(error) // the handler called when a connection is down.
+	mu    sync.Mutex
+	state connectivity.State
 	// ready is closed and becomes nil when a new transport is up or failed
 	// due to timeout.
 	ready     chan struct{}
@@ -759,125 +867,137 @@ func (ac *addrConn) errorf(format string, a ...interface{}) {
 	}
 }
 
-// getState returns the connectivity state of the Conn
-func (ac *addrConn) getState() ConnectivityState {
-	ac.mu.Lock()
-	defer ac.mu.Unlock()
-	return ac.state
-}
-
-// waitForStateChange blocks until the state changes to something other than the sourceState.
-func (ac *addrConn) waitForStateChange(ctx context.Context, sourceState ConnectivityState) (ConnectivityState, error) {
+// resetTransport recreates a transport to the address for ac.  The old
+// transport will close itself on error or when the clientconn is closed.
+//
+// TODO(bar) make sure all state transitions are valid.
+func (ac *addrConn) resetTransport() error {
 	ac.mu.Lock()
-	defer ac.mu.Unlock()
-	if sourceState != ac.state {
-		return ac.state, nil
+	if ac.state == connectivity.Shutdown {
+		ac.mu.Unlock()
+		return errConnClosing
 	}
-	done := make(chan struct{})
-	var err error
-	go func() {
-		select {
-		case <-ctx.Done():
-			ac.mu.Lock()
-			err = ctx.Err()
-			ac.stateCV.Broadcast()
-			ac.mu.Unlock()
-		case <-done:
-		}
-	}()
-	defer close(done)
-	for sourceState == ac.state {
-		ac.stateCV.Wait()
-		if err != nil {
-			return ac.state, err
-		}
+	if ac.ready != nil {
+		close(ac.ready)
+		ac.ready = nil
 	}
-	return ac.state, nil
-}
-
-func (ac *addrConn) resetTransport(closeTransport bool) error {
+	ac.transport = nil
+	ac.curAddr = resolver.Address{}
+	ac.mu.Unlock()
+	ac.cc.mu.RLock()
+	ac.dopts.copts.KeepaliveParams = ac.cc.mkp
+	ac.cc.mu.RUnlock()
 	for retries := 0; ; retries++ {
+		sleepTime := ac.dopts.bs.backoff(retries)
+		timeout := minConnectTimeout
 		ac.mu.Lock()
-		ac.printf("connecting")
-		if ac.state == Shutdown {
-			// ac.tearDown(...) has been invoked.
+		if timeout < time.Duration(int(sleepTime)/len(ac.addrs)) {
+			timeout = time.Duration(int(sleepTime) / len(ac.addrs))
+		}
+		connectTime := time.Now()
+		if ac.state == connectivity.Shutdown {
 			ac.mu.Unlock()
 			return errConnClosing
 		}
-		if ac.down != nil {
-			ac.down(downErrorf(false, true, "%v", errNetworkIO))
-			ac.down = nil
+		ac.printf("connecting")
+		if ac.state != connectivity.Connecting {
+			ac.state = connectivity.Connecting
+			// TODO(bar) remove condition once we always have a balancer.
+			if ac.cc.balancerWrapper != nil {
+				ac.cc.balancerWrapper.handleSubConnStateChange(ac.acbw, ac.state)
+			} else {
+				ac.cc.csMgr.updateState(ac.state)
+			}
 		}
-		ac.state = Connecting
-		ac.stateCV.Broadcast()
-		t := ac.transport
+		// copy ac.addrs in case of race
+		addrsIter := make([]resolver.Address, len(ac.addrs))
+		copy(addrsIter, ac.addrs)
+		copts := ac.dopts.copts
 		ac.mu.Unlock()
-		if closeTransport && t != nil {
-			t.Close()
-		}
-		sleepTime := ac.dopts.bs.backoff(retries)
-		timeout := minConnectTimeout
-		if timeout < sleepTime {
-			timeout = sleepTime
-		}
-		ctx, cancel := context.WithTimeout(ac.ctx, timeout)
-		connectTime := time.Now()
-		sinfo := transport.TargetInfo{
-			Addr:     ac.addr.Addr,
-			Metadata: ac.addr.Metadata,
-		}
-		newTransport, err := transport.NewClientTransport(ctx, sinfo, ac.dopts.copts)
-		// Don't call cancel in success path due to a race in Go 1.6:
-		// https://github.com/golang/go/issues/15078.
-		if err != nil {
-			cancel()
-
-			if e, ok := err.(transport.ConnectionError); ok && !e.Temporary() {
-				return err
+		for _, addr := range addrsIter {
+			ac.mu.Lock()
+			if ac.state == connectivity.Shutdown {
+				// ac.tearDown(...) has been invoked.
+				ac.mu.Unlock()
+				return errConnClosing
+			}
+			ac.mu.Unlock()
+			sinfo := transport.TargetInfo{
+				Addr:     addr.Addr,
+				Metadata: addr.Metadata,
+			}
+			newTransport, err := transport.NewClientTransport(ac.cc.ctx, sinfo, copts, timeout)
+			if err != nil {
+				if e, ok := err.(transport.ConnectionError); ok && !e.Temporary() {
+					ac.mu.Lock()
+					if ac.state != connectivity.Shutdown {
+						ac.state = connectivity.TransientFailure
+						if ac.cc.balancerWrapper != nil {
+							ac.cc.balancerWrapper.handleSubConnStateChange(ac.acbw, ac.state)
+						} else {
+							ac.cc.csMgr.updateState(ac.state)
+						}
+					}
+					ac.mu.Unlock()
+					return err
+				}
+				grpclog.Warningf("grpc: addrConn.resetTransport failed to create client transport: %v; Reconnecting to %v", err, addr)
+				ac.mu.Lock()
+				if ac.state == connectivity.Shutdown {
+					// ac.tearDown(...) has been invoked.
+					ac.mu.Unlock()
+					return errConnClosing
+				}
+				ac.mu.Unlock()
+				continue
 			}
-			grpclog.Printf("grpc: addrConn.resetTransport failed to create client transport: %v; Reconnecting to %v", err, ac.addr)
 			ac.mu.Lock()
-			if ac.state == Shutdown {
+			ac.printf("ready")
+			if ac.state == connectivity.Shutdown {
 				// ac.tearDown(...) has been invoked.
 				ac.mu.Unlock()
+				newTransport.Close()
 				return errConnClosing
 			}
-			ac.errorf("transient failure: %v", err)
-			ac.state = TransientFailure
-			ac.stateCV.Broadcast()
+			ac.state = connectivity.Ready
+			if ac.cc.balancerWrapper != nil {
+				ac.cc.balancerWrapper.handleSubConnStateChange(ac.acbw, ac.state)
+			} else {
+				ac.cc.csMgr.updateState(ac.state)
+			}
+			t := ac.transport
+			ac.transport = newTransport
+			if t != nil {
+				t.Close()
+			}
+			ac.curAddr = addr
 			if ac.ready != nil {
 				close(ac.ready)
 				ac.ready = nil
 			}
 			ac.mu.Unlock()
-			closeTransport = false
-			select {
-			case <-time.After(sleepTime - time.Since(connectTime)):
-			case <-ac.ctx.Done():
-				return ac.ctx.Err()
-			}
-			continue
+			return nil
 		}
 		ac.mu.Lock()
-		ac.printf("ready")
-		if ac.state == Shutdown {
-			// ac.tearDown(...) has been invoked.
-			ac.mu.Unlock()
-			newTransport.Close()
-			return errConnClosing
+		ac.state = connectivity.TransientFailure
+		if ac.cc.balancerWrapper != nil {
+			ac.cc.balancerWrapper.handleSubConnStateChange(ac.acbw, ac.state)
+		} else {
+			ac.cc.csMgr.updateState(ac.state)
 		}
-		ac.state = Ready
-		ac.stateCV.Broadcast()
-		ac.transport = newTransport
 		if ac.ready != nil {
 			close(ac.ready)
 			ac.ready = nil
 		}
-		if ac.cc.dopts.balancer != nil {
-			ac.down = ac.cc.dopts.balancer.Up(ac.addr)
-		}
 		ac.mu.Unlock()
-		return nil
+		timer := time.NewTimer(sleepTime - time.Since(connectTime))
+		select {
+		case <-timer.C:
+		case <-ac.ctx.Done():
+			timer.Stop()
+			return ac.ctx.Err()
+		}
+		timer.Stop()
 	}
 }
 
@@ -888,73 +1008,54 @@ func (ac *addrConn) transportMonitor() {
 		ac.mu.Lock()
 		t := ac.transport
 		ac.mu.Unlock()
+		// Block until we receive a goaway or an error occurs.
+		select {
+		case <-t.GoAway():
+		case <-t.Error():
+		}
+		// If a GoAway happened, regardless of error, adjust our keepalive
+		// parameters as appropriate.
 		select {
-		// This is needed to detect the teardown when
-		// the addrConn is idle (i.e., no RPC in flight).
-		case <-ac.ctx.Done():
-			select {
-			case <-t.Error():
-				t.Close()
-			default:
-			}
-			return
 		case <-t.GoAway():
 			ac.adjustParams(t.GetGoAwayReason())
-			// If GoAway happens without any network I/O error, ac is closed without shutting down the
-			// underlying transport (the transport will be closed when all the pending RPCs finished or
-			// failed.).
-			// If GoAway and some network I/O error happen concurrently, ac and its underlying transport
-			// are closed.
-			// In both cases, a new ac is created.
-			select {
-			case <-t.Error():
-				ac.cc.resetAddrConn(ac.addr, false, errNetworkIO)
-			default:
-				ac.cc.resetAddrConn(ac.addr, false, errConnDrain)
-			}
+		default:
+		}
+		ac.mu.Lock()
+		if ac.state == connectivity.Shutdown {
+			ac.mu.Unlock()
 			return
-		case <-t.Error():
-			select {
-			case <-ac.ctx.Done():
-				t.Close()
-				return
-			case <-t.GoAway():
-				ac.adjustParams(t.GetGoAwayReason())
-				ac.cc.resetAddrConn(ac.addr, false, errNetworkIO)
-				return
-			default:
-			}
+		}
+		// Set connectivity state to TransientFailure before calling
+		// resetTransport. Transition READY->CONNECTING is not valid.
+		ac.state = connectivity.TransientFailure
+		if ac.cc.balancerWrapper != nil {
+			ac.cc.balancerWrapper.handleSubConnStateChange(ac.acbw, ac.state)
+		} else {
+			ac.cc.csMgr.updateState(ac.state)
+		}
+		ac.curAddr = resolver.Address{}
+		ac.mu.Unlock()
+		if err := ac.resetTransport(); err != nil {
 			ac.mu.Lock()
-			if ac.state == Shutdown {
-				// ac has been shutdown.
-				ac.mu.Unlock()
-				return
-			}
-			ac.state = TransientFailure
-			ac.stateCV.Broadcast()
+			ac.printf("transport exiting: %v", err)
 			ac.mu.Unlock()
-			if err := ac.resetTransport(true); err != nil {
-				ac.mu.Lock()
-				ac.printf("transport exiting: %v", err)
-				ac.mu.Unlock()
-				grpclog.Printf("grpc: addrConn.transportMonitor exits due to: %v", err)
-				if err != errConnClosing {
-					// Keep this ac in cc.conns, to get the reason it's torn down.
-					ac.tearDown(err)
-				}
-				return
+			grpclog.Warningf("grpc: addrConn.transportMonitor exits due to: %v", err)
+			if err != errConnClosing {
+				// Keep this ac in cc.conns, to get the reason it's torn down.
+				ac.tearDown(err)
 			}
+			return
 		}
 	}
 }
 
 // wait blocks until i) the new transport is up or ii) ctx is done or iii) ac is closed or
-// iv) transport is in TransientFailure and there is a balancer/failfast is true.
+// iv) transport is in connectivity.TransientFailure and there is a balancer/failfast is true.
 func (ac *addrConn) wait(ctx context.Context, hasBalancer, failfast bool) (transport.ClientTransport, error) {
 	for {
 		ac.mu.Lock()
 		switch {
-		case ac.state == Shutdown:
+		case ac.state == connectivity.Shutdown:
 			if failfast || !hasBalancer {
 				// RPC is failfast or balancer is nil. This RPC should fail with ac.tearDownErr.
 				err := ac.tearDownErr
@@ -963,11 +1064,11 @@ func (ac *addrConn) wait(ctx context.Context, hasBalancer, failfast bool) (trans
 			}
 			ac.mu.Unlock()
 			return nil, errConnClosing
-		case ac.state == Ready:
+		case ac.state == connectivity.Ready:
 			ct := ac.transport
 			ac.mu.Unlock()
 			return ct, nil
-		case ac.state == TransientFailure:
+		case ac.state == connectivity.TransientFailure:
 			if failfast || hasBalancer {
 				ac.mu.Unlock()
 				return nil, errConnUnavailable
@@ -988,6 +1089,28 @@ func (ac *addrConn) wait(ctx context.Context, hasBalancer, failfast bool) (trans
 	}
 }
 
+// getReadyTransport returns the transport if ac's state is READY.
+// Otherwise it returns nil, false.
+// If ac's state is IDLE, it will trigger ac to connect.
+func (ac *addrConn) getReadyTransport() (transport.ClientTransport, bool) {
+	ac.mu.Lock()
+	if ac.state == connectivity.Ready {
+		t := ac.transport
+		ac.mu.Unlock()
+		return t, true
+	}
+	var idle bool
+	if ac.state == connectivity.Idle {
+		idle = true
+	}
+	ac.mu.Unlock()
+	// Trigger idle ac to connect.
+	if idle {
+		ac.connect(false)
+	}
+	return nil, false
+}
+
 // tearDown starts to tear down the addrConn.
 // TODO(zhaoq): Make this synchronous to avoid unbounded memory consumption in
 // some edge cases (e.g., the caller opens and closes many addrConn's in a
@@ -995,13 +1118,9 @@ func (ac *addrConn) wait(ctx context.Context, hasBalancer, failfast bool) (trans
 // tearDown doesn't remove ac from ac.cc.conns.
 func (ac *addrConn) tearDown(err error) {
 	ac.cancel()
-
 	ac.mu.Lock()
+	ac.curAddr = resolver.Address{}
 	defer ac.mu.Unlock()
-	if ac.down != nil {
-		ac.down(downErrorf(false, false, "%v", err))
-		ac.down = nil
-	}
 	if err == errConnDrain && ac.transport != nil {
 		// GracefulClose(...) may be executed multiple times when
 		// i) receiving multiple GoAway frames from the server; or
@@ -1009,12 +1128,16 @@ func (ac *addrConn) tearDown(err error) {
 		// address removal and GoAway.
 		ac.transport.GracefulClose()
 	}
-	if ac.state == Shutdown {
+	if ac.state == connectivity.Shutdown {
 		return
 	}
-	ac.state = Shutdown
+	ac.state = connectivity.Shutdown
 	ac.tearDownErr = err
-	ac.stateCV.Broadcast()
+	if ac.cc.balancerWrapper != nil {
+		ac.cc.balancerWrapper.handleSubConnStateChange(ac.acbw, ac.state)
+	} else {
+		ac.cc.csMgr.updateState(ac.state)
+	}
 	if ac.events != nil {
 		ac.events.Finish()
 		ac.events = nil
@@ -1023,8 +1146,11 @@ func (ac *addrConn) tearDown(err error) {
 		close(ac.ready)
 		ac.ready = nil
 	}
-	if ac.transport != nil && err != errConnDrain {
-		ac.transport.Close()
-	}
 	return
 }
+
+func (ac *addrConn) getState() connectivity.State {
+	ac.mu.Lock()
+	defer ac.mu.Unlock()
+	return ac.state
+}
diff --git a/vendor/google.golang.org/grpc/codec.go b/vendor/google.golang.org/grpc/codec.go
index bd76ebb7f176..905b048e2ac5 100644
--- a/vendor/google.golang.org/grpc/codec.go
+++ b/vendor/google.golang.org/grpc/codec.go
@@ -1,35 +1,20 @@
 /*
-*
- * Copyright 2014, Google Inc.
- * All rights reserved.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Copyright 2014 gRPC authors.
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
-*/
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
 
 package grpc
 
@@ -96,6 +81,7 @@ func (p protoCodec) Marshal(v interface{}) ([]byte, error) {
 func (p protoCodec) Unmarshal(data []byte, v interface{}) error {
 	cb := protoBufferPool.Get().(*cachedProtoBuffer)
 	cb.SetBuf(data)
+	v.(proto.Message).Reset()
 	err := cb.Unmarshal(v.(proto.Message))
 	cb.SetBuf(nil)
 	protoBufferPool.Put(cb)
diff --git a/vendor/google.golang.org/grpc/codes/code_string.go b/vendor/google.golang.org/grpc/codes/code_string.go
index e6762d084558..259837060abf 100644
--- a/vendor/google.golang.org/grpc/codes/code_string.go
+++ b/vendor/google.golang.org/grpc/codes/code_string.go
@@ -1,4 +1,4 @@
-// generated by stringer -type=Code; DO NOT EDIT
+// Code generated by "stringer -type=Code"; DO NOT EDIT.
 
 package codes
 
@@ -9,7 +9,7 @@ const _Code_name = "OKCanceledUnknownInvalidArgumentDeadlineExceededNotFoundAlre
 var _Code_index = [...]uint8{0, 2, 10, 17, 32, 48, 56, 69, 85, 102, 120, 127, 137, 150, 158, 169, 177, 192}
 
 func (i Code) String() string {
-	if i+1 >= Code(len(_Code_index)) {
+	if i >= Code(len(_Code_index)-1) {
 		return fmt.Sprintf("Code(%d)", i)
 	}
 	return _Code_name[_Code_index[i]:_Code_index[i+1]]
diff --git a/vendor/google.golang.org/grpc/codes/codes.go b/vendor/google.golang.org/grpc/codes/codes.go
index 37c5b860bd6d..81fe7bf85b39 100644
--- a/vendor/google.golang.org/grpc/codes/codes.go
+++ b/vendor/google.golang.org/grpc/codes/codes.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2014, Google Inc.
- * All rights reserved.
+ * Copyright 2014 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -44,7 +29,7 @@ const (
 	// OK is returned on success.
 	OK Code = 0
 
-	// Canceled indicates the operation was cancelled (typically by the caller).
+	// Canceled indicates the operation was canceled (typically by the caller).
 	Canceled Code = 1
 
 	// Unknown error.  An example of where this error may be returned is
diff --git a/vendor/google.golang.org/grpc/connectivity/connectivity.go b/vendor/google.golang.org/grpc/connectivity/connectivity.go
new file mode 100644
index 000000000000..568ef5dc68ba
--- /dev/null
+++ b/vendor/google.golang.org/grpc/connectivity/connectivity.go
@@ -0,0 +1,72 @@
+/*
+ *
+ * Copyright 2017 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package connectivity defines connectivity semantics.
+// For details, see https://github.com/grpc/grpc/blob/master/doc/connectivity-semantics-and-api.md.
+// All APIs in this package are experimental.
+package connectivity
+
+import (
+	"golang.org/x/net/context"
+	"google.golang.org/grpc/grpclog"
+)
+
+// State indicates the state of connectivity.
+// It can be the state of a ClientConn or SubConn.
+type State int
+
+func (s State) String() string {
+	switch s {
+	case Idle:
+		return "IDLE"
+	case Connecting:
+		return "CONNECTING"
+	case Ready:
+		return "READY"
+	case TransientFailure:
+		return "TRANSIENT_FAILURE"
+	case Shutdown:
+		return "SHUTDOWN"
+	default:
+		grpclog.Errorf("unknown connectivity state: %d", s)
+		return "Invalid-State"
+	}
+}
+
+const (
+	// Idle indicates the ClientConn is idle.
+	Idle State = iota
+	// Connecting indicates the ClienConn is connecting.
+	Connecting
+	// Ready indicates the ClientConn is ready for work.
+	Ready
+	// TransientFailure indicates the ClientConn has seen a failure but expects to recover.
+	TransientFailure
+	// Shutdown indicates the ClientConn has started shutting down.
+	Shutdown
+)
+
+// Reporter reports the connectivity states.
+type Reporter interface {
+	// CurrentState returns the current state of the reporter.
+	CurrentState() State
+	// WaitForStateChange blocks until the reporter's state is different from the given state,
+	// and returns true.
+	// It returns false if <-ctx.Done() can proceed (ctx got timeout or got canceled).
+	WaitForStateChange(context.Context, State) bool
+}
diff --git a/vendor/google.golang.org/grpc/coverage.sh b/vendor/google.golang.org/grpc/coverage.sh
deleted file mode 100755
index b85f9181dee9..000000000000
--- a/vendor/google.golang.org/grpc/coverage.sh
+++ /dev/null
@@ -1,48 +0,0 @@
-#!/usr/bin/env bash
-
-
-set -e
-
-workdir=.cover
-profile="$workdir/cover.out"
-mode=set
-end2endtest="google.golang.org/grpc/test"
-
-generate_cover_data() {
-    rm -rf "$workdir"
-    mkdir "$workdir"
-
-    for pkg in "$@"; do
-        if [ $pkg == "google.golang.org/grpc" -o $pkg == "google.golang.org/grpc/transport" -o $pkg == "google.golang.org/grpc/metadata" -o $pkg == "google.golang.org/grpc/credentials" ]
-            then
-                f="$workdir/$(echo $pkg | tr / -)"
-                go test -covermode="$mode" -coverprofile="$f.cover" "$pkg"
-                go test -covermode="$mode" -coverpkg "$pkg" -coverprofile="$f.e2e.cover" "$end2endtest"
-        fi
-    done
-
-    echo "mode: $mode" >"$profile"
-    grep -h -v "^mode:" "$workdir"/*.cover >>"$profile"
-}
-
-show_cover_report() {
-    go tool cover -${1}="$profile"
-}
-
-push_to_coveralls() {
-    goveralls -coverprofile="$profile"
-}
-
-generate_cover_data $(go list ./...)
-show_cover_report func
-case "$1" in
-"")
-    ;;
---html)
-    show_cover_report html ;;
---coveralls)
-    push_to_coveralls ;;
-*)
-    echo >&2 "error: invalid option: $1" ;;
-esac
-rm -rf "$workdir"
diff --git a/vendor/google.golang.org/grpc/credentials/credentials.go b/vendor/google.golang.org/grpc/credentials/credentials.go
index d1217344b67c..0ce766a4dcf5 100644
--- a/vendor/google.golang.org/grpc/credentials/credentials.go
+++ b/vendor/google.golang.org/grpc/credentials/credentials.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2014, Google Inc.
- * All rights reserved.
+ * Copyright 2014 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -106,10 +91,14 @@ type TransportCredentials interface {
 	// (io.EOF, context.DeadlineExceeded or err.Temporary() == true).
 	// If the returned error is a wrapper error, implementations should make sure that
 	// the error implements Temporary() to have the correct retry behaviors.
+	//
+	// If the returned net.Conn is closed, it MUST close the net.Conn provided.
 	ClientHandshake(context.Context, string, net.Conn) (net.Conn, AuthInfo, error)
 	// ServerHandshake does the authentication handshake for servers. It returns
 	// the authenticated connection and the corresponding auth information about
 	// the connection.
+	//
+	// If the returned net.Conn is closed, it MUST close the net.Conn provided.
 	ServerHandshake(net.Conn) (net.Conn, AuthInfo, error)
 	// Info provides the ProtocolInfo of this TransportCredentials.
 	Info() ProtocolInfo
@@ -196,14 +185,14 @@ func NewTLS(c *tls.Config) TransportCredentials {
 	return tc
 }
 
-// NewClientTLSFromCert constructs a TLS from the input certificate for client.
+// NewClientTLSFromCert constructs TLS credentials from the input certificate for client.
 // serverNameOverride is for testing only. If set to a non empty string,
 // it will override the virtual host name of authority (e.g. :authority header field) in requests.
 func NewClientTLSFromCert(cp *x509.CertPool, serverNameOverride string) TransportCredentials {
 	return NewTLS(&tls.Config{ServerName: serverNameOverride, RootCAs: cp})
 }
 
-// NewClientTLSFromFile constructs a TLS from the input certificate file for client.
+// NewClientTLSFromFile constructs TLS credentials from the input certificate file for client.
 // serverNameOverride is for testing only. If set to a non empty string,
 // it will override the virtual host name of authority (e.g. :authority header field) in requests.
 func NewClientTLSFromFile(certFile, serverNameOverride string) (TransportCredentials, error) {
@@ -218,12 +207,12 @@ func NewClientTLSFromFile(certFile, serverNameOverride string) (TransportCredent
 	return NewTLS(&tls.Config{ServerName: serverNameOverride, RootCAs: cp}), nil
 }
 
-// NewServerTLSFromCert constructs a TLS from the input certificate for server.
+// NewServerTLSFromCert constructs TLS credentials from the input certificate for server.
 func NewServerTLSFromCert(cert *tls.Certificate) TransportCredentials {
 	return NewTLS(&tls.Config{Certificates: []tls.Certificate{*cert}})
 }
 
-// NewServerTLSFromFile constructs a TLS from the input certificate file and key
+// NewServerTLSFromFile constructs TLS credentials from the input certificate file and key
 // file for server.
 func NewServerTLSFromFile(certFile, keyFile string) (TransportCredentials, error) {
 	cert, err := tls.LoadX509KeyPair(certFile, keyFile)
diff --git a/vendor/google.golang.org/grpc/credentials/credentials_util_go17.go b/vendor/google.golang.org/grpc/credentials/credentials_util_go17.go
index 7597b09e358b..60409aac0fbc 100644
--- a/vendor/google.golang.org/grpc/credentials/credentials_util_go17.go
+++ b/vendor/google.golang.org/grpc/credentials/credentials_util_go17.go
@@ -3,34 +3,19 @@
 
 /*
  *
- * Copyright 2016, Google Inc.
- * All rights reserved.
+ * Copyright 2016 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
diff --git a/vendor/google.golang.org/grpc/credentials/credentials_util_go18.go b/vendor/google.golang.org/grpc/credentials/credentials_util_go18.go
index 0ecf342da841..93f0e1d8de23 100644
--- a/vendor/google.golang.org/grpc/credentials/credentials_util_go18.go
+++ b/vendor/google.golang.org/grpc/credentials/credentials_util_go18.go
@@ -2,34 +2,19 @@
 
 /*
  *
- * Copyright 2017, Google Inc.
- * All rights reserved.
+ * Copyright 2017 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
diff --git a/vendor/google.golang.org/grpc/credentials/credentials_util_pre_go17.go b/vendor/google.golang.org/grpc/credentials/credentials_util_pre_go17.go
index cfd40dfa34ab..d6bbcc9fdd95 100644
--- a/vendor/google.golang.org/grpc/credentials/credentials_util_pre_go17.go
+++ b/vendor/google.golang.org/grpc/credentials/credentials_util_pre_go17.go
@@ -2,34 +2,19 @@
 
 /*
  *
- * Copyright 2016, Google Inc.
- * All rights reserved.
+ * Copyright 2016 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
diff --git a/vendor/google.golang.org/grpc/doc.go b/vendor/google.golang.org/grpc/doc.go
index b4c0e740e9c7..e153b2c390cc 100644
--- a/vendor/google.golang.org/grpc/doc.go
+++ b/vendor/google.golang.org/grpc/doc.go
@@ -1,6 +1,24 @@
+/*
+ *
+ * Copyright 2015 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
 /*
 Package grpc implements an RPC system called gRPC.
 
-See www.grpc.io for more information about gRPC.
+See grpc.io for more information about gRPC.
 */
 package grpc
diff --git a/vendor/google.golang.org/grpc/go16.go b/vendor/google.golang.org/grpc/go16.go
deleted file mode 100644
index b61c57e88de8..000000000000
--- a/vendor/google.golang.org/grpc/go16.go
+++ /dev/null
@@ -1,56 +0,0 @@
-// +build go1.6,!go1.7
-
-/*
- * Copyright 2016, Google Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
- *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-package grpc
-
-import (
-	"fmt"
-	"net"
-	"net/http"
-
-	"golang.org/x/net/context"
-)
-
-// dialContext connects to the address on the named network.
-func dialContext(ctx context.Context, network, address string) (net.Conn, error) {
-	return (&net.Dialer{Cancel: ctx.Done()}).Dial(network, address)
-}
-
-func sendHTTPRequest(ctx context.Context, req *http.Request, conn net.Conn) error {
-	req.Cancel = ctx.Done()
-	if err := req.Write(conn); err != nil {
-		return fmt.Errorf("failed to write the HTTP request: %v", err)
-	}
-	return nil
-}
diff --git a/vendor/google.golang.org/grpc/go17.go b/vendor/google.golang.org/grpc/go17.go
deleted file mode 100644
index 844f0e1899b0..000000000000
--- a/vendor/google.golang.org/grpc/go17.go
+++ /dev/null
@@ -1,55 +0,0 @@
-// +build go1.7
-
-/*
- * Copyright 2016, Google Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
- *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-package grpc
-
-import (
-	"net"
-	"net/http"
-
-	"golang.org/x/net/context"
-)
-
-// dialContext connects to the address on the named network.
-func dialContext(ctx context.Context, network, address string) (net.Conn, error) {
-	return (&net.Dialer{}).DialContext(ctx, network, address)
-}
-
-func sendHTTPRequest(ctx context.Context, req *http.Request, conn net.Conn) error {
-	req = req.WithContext(ctx)
-	if err := req.Write(conn); err != nil {
-		return err
-	}
-	return nil
-}
diff --git a/vendor/google.golang.org/grpc/grpclb.go b/vendor/google.golang.org/grpc/grpclb.go
index 524e429df3ef..db56ff362172 100644
--- a/vendor/google.golang.org/grpc/grpclb.go
+++ b/vendor/google.golang.org/grpc/grpclb.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2016, Google Inc.
- * All rights reserved.
+ * Copyright 2016 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -43,7 +28,7 @@ import (
 
 	"golang.org/x/net/context"
 	"google.golang.org/grpc/codes"
-	lbpb "google.golang.org/grpc/grpclb/grpc_lb_v1"
+	lbmpb "google.golang.org/grpc/grpclb/grpc_lb_v1/messages"
 	"google.golang.org/grpc/grpclog"
 	"google.golang.org/grpc/metadata"
 	"google.golang.org/grpc/naming"
@@ -74,41 +59,21 @@ type balanceLoadClientStream struct {
 	ClientStream
 }
 
-func (x *balanceLoadClientStream) Send(m *lbpb.LoadBalanceRequest) error {
+func (x *balanceLoadClientStream) Send(m *lbmpb.LoadBalanceRequest) error {
 	return x.ClientStream.SendMsg(m)
 }
 
-func (x *balanceLoadClientStream) Recv() (*lbpb.LoadBalanceResponse, error) {
-	m := new(lbpb.LoadBalanceResponse)
+func (x *balanceLoadClientStream) Recv() (*lbmpb.LoadBalanceResponse, error) {
+	m := new(lbmpb.LoadBalanceResponse)
 	if err := x.ClientStream.RecvMsg(m); err != nil {
 		return nil, err
 	}
 	return m, nil
 }
 
-// AddressType indicates the address type returned by name resolution.
-type AddressType uint8
-
-const (
-	// Backend indicates the server is a backend server.
-	Backend AddressType = iota
-	// GRPCLB indicates the server is a grpclb load balancer.
-	GRPCLB
-)
-
-// AddrMetadataGRPCLB contains the information the name resolution for grpclb should provide. The
-// name resolver used by grpclb balancer is required to provide this type of metadata in
-// its address updates.
-type AddrMetadataGRPCLB struct {
-	// AddrType is the type of server (grpc load balancer or backend).
-	AddrType AddressType
-	// ServerName is the name of the grpc load balancer. Used for authentication.
-	ServerName string
-}
-
 // NewGRPCLBBalancer creates a grpclb load balancer.
 func NewGRPCLBBalancer(r naming.Resolver) Balancer {
-	return &balancer{
+	return &grpclbBalancer{
 		r: r,
 	}
 }
@@ -131,27 +96,27 @@ type grpclbAddrInfo struct {
 	dropForLoadBalancing bool
 }
 
-type balancer struct {
-	r        naming.Resolver
-	target   string
-	mu       sync.Mutex
-	seq      int // a sequence number to make sure addrCh does not get stale addresses.
-	w        naming.Watcher
-	addrCh   chan []Address
-	rbs      []remoteBalancerInfo
-	addrs    []*grpclbAddrInfo
-	next     int
-	waitCh   chan struct{}
-	done     bool
-	expTimer *time.Timer
-	rand     *rand.Rand
-
-	clientStats lbpb.ClientStats
+type grpclbBalancer struct {
+	r      naming.Resolver
+	target string
+	mu     sync.Mutex
+	seq    int // a sequence number to make sure addrCh does not get stale addresses.
+	w      naming.Watcher
+	addrCh chan []Address
+	rbs    []remoteBalancerInfo
+	addrs  []*grpclbAddrInfo
+	next   int
+	waitCh chan struct{}
+	done   bool
+	rand   *rand.Rand
+
+	clientStats lbmpb.ClientStats
 }
 
-func (b *balancer) watchAddrUpdates(w naming.Watcher, ch chan []remoteBalancerInfo) error {
+func (b *grpclbBalancer) watchAddrUpdates(w naming.Watcher, ch chan []remoteBalancerInfo) error {
 	updates, err := w.Next()
 	if err != nil {
+		grpclog.Warningf("grpclb: failed to get next addr update from watcher: %v", err)
 		return err
 	}
 	b.mu.Lock()
@@ -173,24 +138,24 @@ func (b *balancer) watchAddrUpdates(w naming.Watcher, ch chan []remoteBalancerIn
 			if exist {
 				continue
 			}
-			md, ok := update.Metadata.(*AddrMetadataGRPCLB)
+			md, ok := update.Metadata.(*naming.AddrMetadataGRPCLB)
 			if !ok {
 				// TODO: Revisit the handling here and may introduce some fallback mechanism.
-				grpclog.Printf("The name resolution contains unexpected metadata %v", update.Metadata)
+				grpclog.Errorf("The name resolution contains unexpected metadata %v", update.Metadata)
 				continue
 			}
 			switch md.AddrType {
-			case Backend:
+			case naming.Backend:
 				// TODO: Revisit the handling here and may introduce some fallback mechanism.
-				grpclog.Printf("The name resolution does not give grpclb addresses")
+				grpclog.Errorf("The name resolution does not give grpclb addresses")
 				continue
-			case GRPCLB:
+			case naming.GRPCLB:
 				b.rbs = append(b.rbs, remoteBalancerInfo{
 					addr: update.Addr,
 					name: md.ServerName,
 				})
 			default:
-				grpclog.Printf("Received unknow address type %d", md.AddrType)
+				grpclog.Errorf("Received unknow address type %d", md.AddrType)
 				continue
 			}
 		case naming.Delete:
@@ -202,7 +167,7 @@ func (b *balancer) watchAddrUpdates(w naming.Watcher, ch chan []remoteBalancerIn
 				}
 			}
 		default:
-			grpclog.Println("Unknown update.Op ", update.Op)
+			grpclog.Errorf("Unknown update.Op %v", update.Op)
 		}
 	}
 	// TODO: Fall back to the basic round-robin load balancing if the resulting address is
@@ -215,42 +180,33 @@ func (b *balancer) watchAddrUpdates(w naming.Watcher, ch chan []remoteBalancerIn
 	return nil
 }
 
-func (b *balancer) serverListExpire(seq int) {
-	b.mu.Lock()
-	defer b.mu.Unlock()
-	// TODO: gRPC interanls do not clear the connections when the server list is stale.
-	// This means RPCs will keep using the existing server list until b receives new
-	// server list even though the list is expired. Revisit this behavior later.
-	if b.done || seq < b.seq {
-		return
-	}
-	b.next = 0
-	b.addrs = nil
-	// Ask grpc internals to close all the corresponding connections.
-	b.addrCh <- nil
-}
-
-func convertDuration(d *lbpb.Duration) time.Duration {
+func convertDuration(d *lbmpb.Duration) time.Duration {
 	if d == nil {
 		return 0
 	}
 	return time.Duration(d.Seconds)*time.Second + time.Duration(d.Nanos)*time.Nanosecond
 }
 
-func (b *balancer) processServerList(l *lbpb.ServerList, seq int) {
+func (b *grpclbBalancer) processServerList(l *lbmpb.ServerList, seq int) {
 	if l == nil {
 		return
 	}
 	servers := l.GetServers()
-	expiration := convertDuration(l.GetExpirationInterval())
 	var (
 		sl    []*grpclbAddrInfo
 		addrs []Address
 	)
 	for _, s := range servers {
 		md := metadata.Pairs("lb-token", s.LoadBalanceToken)
+		ip := net.IP(s.IpAddress)
+		ipStr := ip.String()
+		if ip.To4() == nil {
+			// Add square brackets to ipv6 addresses, otherwise net.Dial() and
+			// net.SplitHostPort() will return too many colons error.
+			ipStr = fmt.Sprintf("[%s]", ipStr)
+		}
 		addr := Address{
-			Addr:     fmt.Sprintf("%s:%d", net.IP(s.IpAddress), s.Port),
+			Addr:     fmt.Sprintf("%s:%d", ipStr, s.Port),
 			Metadata: &md,
 		}
 		sl = append(sl, &grpclbAddrInfo{
@@ -270,20 +226,11 @@ func (b *balancer) processServerList(l *lbpb.ServerList, seq int) {
 		b.next = 0
 		b.addrs = sl
 		b.addrCh <- addrs
-		if b.expTimer != nil {
-			b.expTimer.Stop()
-			b.expTimer = nil
-		}
-		if expiration > 0 {
-			b.expTimer = time.AfterFunc(expiration, func() {
-				b.serverListExpire(seq)
-			})
-		}
 	}
 	return
 }
 
-func (b *balancer) sendLoadReport(s *balanceLoadClientStream, interval time.Duration, done <-chan struct{}) {
+func (b *grpclbBalancer) sendLoadReport(s *balanceLoadClientStream, interval time.Duration, done <-chan struct{}) {
 	ticker := time.NewTicker(interval)
 	defer ticker.Stop()
 	for {
@@ -294,29 +241,30 @@ func (b *balancer) sendLoadReport(s *balanceLoadClientStream, interval time.Dura
 		}
 		b.mu.Lock()
 		stats := b.clientStats
-		b.clientStats = lbpb.ClientStats{} // Clear the stats.
+		b.clientStats = lbmpb.ClientStats{} // Clear the stats.
 		b.mu.Unlock()
 		t := time.Now()
-		stats.Timestamp = &lbpb.Timestamp{
+		stats.Timestamp = &lbmpb.Timestamp{
 			Seconds: t.Unix(),
 			Nanos:   int32(t.Nanosecond()),
 		}
-		if err := s.Send(&lbpb.LoadBalanceRequest{
-			LoadBalanceRequestType: &lbpb.LoadBalanceRequest_ClientStats{
+		if err := s.Send(&lbmpb.LoadBalanceRequest{
+			LoadBalanceRequestType: &lbmpb.LoadBalanceRequest_ClientStats{
 				ClientStats: &stats,
 			},
 		}); err != nil {
+			grpclog.Errorf("grpclb: failed to send load report: %v", err)
 			return
 		}
 	}
 }
 
-func (b *balancer) callRemoteBalancer(lbc *loadBalancerClient, seq int) (retry bool) {
+func (b *grpclbBalancer) callRemoteBalancer(lbc *loadBalancerClient, seq int) (retry bool) {
 	ctx, cancel := context.WithCancel(context.Background())
 	defer cancel()
 	stream, err := lbc.BalanceLoad(ctx)
 	if err != nil {
-		grpclog.Printf("Failed to perform RPC to the remote balancer %v", err)
+		grpclog.Errorf("grpclb: failed to perform RPC to the remote balancer %v", err)
 		return
 	}
 	b.mu.Lock()
@@ -325,37 +273,39 @@ func (b *balancer) callRemoteBalancer(lbc *loadBalancerClient, seq int) (retry b
 		return
 	}
 	b.mu.Unlock()
-	initReq := &lbpb.LoadBalanceRequest{
-		LoadBalanceRequestType: &lbpb.LoadBalanceRequest_InitialRequest{
-			InitialRequest: &lbpb.InitialLoadBalanceRequest{
+	initReq := &lbmpb.LoadBalanceRequest{
+		LoadBalanceRequestType: &lbmpb.LoadBalanceRequest_InitialRequest{
+			InitialRequest: &lbmpb.InitialLoadBalanceRequest{
 				Name: b.target,
 			},
 		},
 	}
 	if err := stream.Send(initReq); err != nil {
+		grpclog.Errorf("grpclb: failed to send init request: %v", err)
 		// TODO: backoff on retry?
 		return true
 	}
 	reply, err := stream.Recv()
 	if err != nil {
+		grpclog.Errorf("grpclb: failed to recv init response: %v", err)
 		// TODO: backoff on retry?
 		return true
 	}
 	initResp := reply.GetInitialResponse()
 	if initResp == nil {
-		grpclog.Println("Failed to receive the initial response from the remote balancer.")
+		grpclog.Errorf("grpclb: reply from remote balancer did not include initial response.")
 		return
 	}
 	// TODO: Support delegation.
 	if initResp.LoadBalancerDelegate != "" {
 		// delegation
-		grpclog.Println("TODO: Delegation is not supported yet.")
+		grpclog.Errorf("TODO: Delegation is not supported yet.")
 		return
 	}
 	streamDone := make(chan struct{})
 	defer close(streamDone)
 	b.mu.Lock()
-	b.clientStats = lbpb.ClientStats{} // Clear client stats.
+	b.clientStats = lbmpb.ClientStats{} // Clear client stats.
 	b.mu.Unlock()
 	if d := convertDuration(initResp.ClientStatsReportInterval); d > 0 {
 		go b.sendLoadReport(stream, d, streamDone)
@@ -364,6 +314,7 @@ func (b *balancer) callRemoteBalancer(lbc *loadBalancerClient, seq int) (retry b
 	for {
 		reply, err := stream.Recv()
 		if err != nil {
+			grpclog.Errorf("grpclb: failed to recv server list: %v", err)
 			break
 		}
 		b.mu.Lock()
@@ -381,7 +332,7 @@ func (b *balancer) callRemoteBalancer(lbc *loadBalancerClient, seq int) (retry b
 	return true
 }
 
-func (b *balancer) Start(target string, config BalancerConfig) error {
+func (b *grpclbBalancer) Start(target string, config BalancerConfig) error {
 	b.rand = rand.New(rand.NewSource(time.Now().Unix()))
 	// TODO: Fall back to the basic direct connection if there is no name resolver.
 	if b.r == nil {
@@ -397,6 +348,7 @@ func (b *balancer) Start(target string, config BalancerConfig) error {
 	w, err := b.r.Resolve(target)
 	if err != nil {
 		b.mu.Unlock()
+		grpclog.Errorf("grpclb: failed to resolve address: %v, err: %v", target, err)
 		return err
 	}
 	b.w = w
@@ -406,7 +358,7 @@ func (b *balancer) Start(target string, config BalancerConfig) error {
 	go func() {
 		for {
 			if err := b.watchAddrUpdates(w, balancerAddrsCh); err != nil {
-				grpclog.Printf("grpc: the naming watcher stops working due to %v.\n", err)
+				grpclog.Warningf("grpclb: the naming watcher stops working due to %v.\n", err)
 				close(balancerAddrsCh)
 				return
 			}
@@ -490,22 +442,32 @@ func (b *balancer) Start(target string, config BalancerConfig) error {
 				cc.Close()
 			}
 			// Talk to the remote load balancer to get the server list.
-			var err error
-			creds := config.DialCreds
-			ccError = make(chan struct{})
-			if creds == nil {
-				cc, err = Dial(rb.addr, WithInsecure())
-			} else {
+			var (
+				err   error
+				dopts []DialOption
+			)
+			if creds := config.DialCreds; creds != nil {
 				if rb.name != "" {
 					if err := creds.OverrideServerName(rb.name); err != nil {
-						grpclog.Printf("Failed to override the server name in the credentials: %v", err)
+						grpclog.Warningf("grpclb: failed to override the server name in the credentials: %v", err)
 						continue
 					}
 				}
-				cc, err = Dial(rb.addr, WithTransportCredentials(creds))
+				dopts = append(dopts, WithTransportCredentials(creds))
+			} else {
+				dopts = append(dopts, WithInsecure())
 			}
+			if dialer := config.Dialer; dialer != nil {
+				// WithDialer takes a different type of function, so we instead use a special DialOption here.
+				dopts = append(dopts, func(o *dialOptions) { o.copts.Dialer = dialer })
+			}
+			dopts = append(dopts, WithBlock())
+			ccError = make(chan struct{})
+			ctx, cancel := context.WithTimeout(context.Background(), time.Second)
+			cc, err = DialContext(ctx, rb.addr, dopts...)
+			cancel()
 			if err != nil {
-				grpclog.Printf("Failed to setup a connection to the remote balancer %v: %v", rb.addr, err)
+				grpclog.Warningf("grpclb: failed to setup a connection to the remote balancer %v: %v", rb.addr, err)
 				close(ccError)
 				continue
 			}
@@ -529,7 +491,7 @@ func (b *balancer) Start(target string, config BalancerConfig) error {
 	return nil
 }
 
-func (b *balancer) down(addr Address, err error) {
+func (b *grpclbBalancer) down(addr Address, err error) {
 	b.mu.Lock()
 	defer b.mu.Unlock()
 	for _, a := range b.addrs {
@@ -540,7 +502,7 @@ func (b *balancer) down(addr Address, err error) {
 	}
 }
 
-func (b *balancer) Up(addr Address) func(error) {
+func (b *grpclbBalancer) Up(addr Address) func(error) {
 	b.mu.Lock()
 	defer b.mu.Unlock()
 	if b.done {
@@ -568,7 +530,7 @@ func (b *balancer) Up(addr Address) func(error) {
 	}
 }
 
-func (b *balancer) Get(ctx context.Context, opts BalancerGetOptions) (addr Address, put func(), err error) {
+func (b *grpclbBalancer) Get(ctx context.Context, opts BalancerGetOptions) (addr Address, put func(), err error) {
 	var ch chan struct{}
 	b.mu.Lock()
 	if b.done {
@@ -638,17 +600,10 @@ func (b *balancer) Get(ctx context.Context, opts BalancerGetOptions) (addr Addre
 		}
 	}
 	if !opts.BlockingWait {
-		if len(b.addrs) == 0 {
-			b.clientStats.NumCallsFinished++
-			b.clientStats.NumCallsFinishedWithClientFailedToSend++
-			b.mu.Unlock()
-			err = Errorf(codes.Unavailable, "there is no address available")
-			return
-		}
-		// Returns the next addr on b.addrs for a failfast RPC.
-		addr = b.addrs[b.next].addr
-		b.next++
+		b.clientStats.NumCallsFinished++
+		b.clientStats.NumCallsFinishedWithClientFailedToSend++
 		b.mu.Unlock()
+		err = Errorf(codes.Unavailable, "there is no address available")
 		return
 	}
 	// Wait on b.waitCh for non-failfast RPCs.
@@ -725,17 +680,17 @@ func (b *balancer) Get(ctx context.Context, opts BalancerGetOptions) (addr Addre
 	}
 }
 
-func (b *balancer) Notify() <-chan []Address {
+func (b *grpclbBalancer) Notify() <-chan []Address {
 	return b.addrCh
 }
 
-func (b *balancer) Close() error {
+func (b *grpclbBalancer) Close() error {
 	b.mu.Lock()
 	defer b.mu.Unlock()
-	b.done = true
-	if b.expTimer != nil {
-		b.expTimer.Stop()
+	if b.done {
+		return errBalancerClosed
 	}
+	b.done = true
 	if b.waitCh != nil {
 		close(b.waitCh)
 	}
diff --git a/vendor/google.golang.org/grpc/grpclb/grpc_lb_v1/grpclb.pb.go b/vendor/google.golang.org/grpc/grpclb/grpc_lb_v1/messages/messages.pb.go
similarity index 79%
rename from vendor/google.golang.org/grpc/grpclb/grpc_lb_v1/grpclb.pb.go
rename to vendor/google.golang.org/grpc/grpclb/grpc_lb_v1/messages/messages.pb.go
index f63941bd803a..f4a27125a4fb 100644
--- a/vendor/google.golang.org/grpc/grpclb/grpc_lb_v1/grpclb.pb.go
+++ b/vendor/google.golang.org/grpc/grpclb/grpc_lb_v1/messages/messages.pb.go
@@ -1,12 +1,11 @@
-// Code generated by protoc-gen-go.
-// source: grpclb.proto
-// DO NOT EDIT!
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// source: grpc_lb_v1/messages/messages.proto
 
 /*
-Package grpc_lb_v1 is a generated protocol buffer package.
+Package messages is a generated protocol buffer package.
 
 It is generated from these files:
-	grpclb.proto
+	grpc_lb_v1/messages/messages.proto
 
 It has these top-level messages:
 	Duration
@@ -19,7 +18,7 @@ It has these top-level messages:
 	ServerList
 	Server
 */
-package grpc_lb_v1
+package messages
 
 import proto "github.com/golang/protobuf/proto"
 import fmt "fmt"
@@ -473,11 +472,6 @@ type ServerList struct {
 	// across more servers. The client should consume the server list in order
 	// unless instructed otherwise via the client_config.
 	Servers []*Server `protobuf:"bytes,1,rep,name=servers" json:"servers,omitempty"`
-	// Indicates the amount of time that the client should consider this server
-	// list as valid. It may be considered stale after waiting this interval of
-	// time after receiving the list. If the interval is not positive, the
-	// client can assume the list is valid until the next list is received.
-	ExpirationInterval *Duration `protobuf:"bytes,3,opt,name=expiration_interval,json=expirationInterval" json:"expiration_interval,omitempty"`
 }
 
 func (m *ServerList) Reset()                    { *m = ServerList{} }
@@ -492,13 +486,6 @@ func (m *ServerList) GetServers() []*Server {
 	return nil
 }
 
-func (m *ServerList) GetExpirationInterval() *Duration {
-	if m != nil {
-		return m.ExpirationInterval
-	}
-	return nil
-}
-
 // Contains server information. When none of the [drop_for_*] fields are true,
 // use the other fields. When drop_for_rate_limiting is true, ignore all other
 // fields. Use drop_for_load_balancing only when it is true and
@@ -576,54 +563,53 @@ func init() {
 	proto.RegisterType((*Server)(nil), "grpc.lb.v1.Server")
 }
 
-func init() { proto.RegisterFile("grpclb.proto", fileDescriptor0) }
+func init() { proto.RegisterFile("grpc_lb_v1/messages/messages.proto", fileDescriptor0) }
 
 var fileDescriptor0 = []byte{
-	// 733 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x55, 0xdd, 0x4e, 0x1b, 0x39,
-	0x14, 0x66, 0x36, 0xfc, 0xe5, 0x24, 0x5a, 0x58, 0x93, 0x85, 0xc0, 0xc2, 0x2e, 0x1b, 0xa9, 0x34,
-	0xaa, 0x68, 0x68, 0x43, 0x7b, 0xd1, 0x9f, 0x9b, 0x02, 0x45, 0x41, 0xe5, 0xa2, 0x72, 0xa8, 0x7a,
-	0x55, 0x59, 0x4e, 0xc6, 0x80, 0xc5, 0xc4, 0x9e, 0xda, 0x4e, 0x68, 0x2f, 0x7b, 0xd9, 0x47, 0xe9,
-	0x63, 0x54, 0x7d, 0x86, 0xbe, 0x4f, 0x65, 0x7b, 0x26, 0x33, 0x90, 0x1f, 0xd4, 0xbb, 0xf1, 0xf1,
-	0x77, 0xbe, 0xf3, 0xf9, 0xd8, 0xdf, 0x19, 0x28, 0x5f, 0xa8, 0xb8, 0x1b, 0x75, 0x1a, 0xb1, 0x92,
-	0x46, 0x22, 0xb0, 0xab, 0x46, 0xd4, 0x69, 0x0c, 0x1e, 0xd7, 0x9e, 0xc3, 0xe2, 0x51, 0x5f, 0x51,
-	0xc3, 0xa5, 0x40, 0x55, 0x58, 0xd0, 0xac, 0x2b, 0x45, 0xa8, 0xab, 0xc1, 0x76, 0x50, 0x2f, 0xe0,
-	0x74, 0x89, 0x2a, 0x30, 0x27, 0xa8, 0x90, 0xba, 0xfa, 0xc7, 0x76, 0x50, 0x9f, 0xc3, 0x7e, 0x51,
-	0x7b, 0x01, 0xc5, 0x33, 0xde, 0x63, 0xda, 0xd0, 0x5e, 0xfc, 0xdb, 0xc9, 0xdf, 0x03, 0x40, 0xa7,
-	0x92, 0x86, 0x07, 0x34, 0xa2, 0xa2, 0xcb, 0x30, 0xfb, 0xd8, 0x67, 0xda, 0xa0, 0xb7, 0xb0, 0xc4,
-	0x05, 0x37, 0x9c, 0x46, 0x44, 0xf9, 0x90, 0xa3, 0x2b, 0x35, 0xef, 0x35, 0x32, 0xd5, 0x8d, 0x13,
-	0x0f, 0x19, 0xcd, 0x6f, 0xcd, 0xe0, 0x3f, 0x93, 0xfc, 0x94, 0xf1, 0x25, 0x94, 0xbb, 0x11, 0x67,
-	0xc2, 0x10, 0x6d, 0xa8, 0xf1, 0x2a, 0x4a, 0xcd, 0xb5, 0x3c, 0xdd, 0xa1, 0xdb, 0x6f, 0xdb, 0xed,
-	0xd6, 0x0c, 0x2e, 0x75, 0xb3, 0xe5, 0xc1, 0x3f, 0xb0, 0x1e, 0x49, 0x1a, 0x92, 0x8e, 0x2f, 0x93,
-	0x8a, 0x22, 0xe6, 0x73, 0xcc, 0x6a, 0x7b, 0xb0, 0x3e, 0x51, 0x09, 0x42, 0x30, 0x2b, 0x68, 0x8f,
-	0x39, 0xf9, 0x45, 0xec, 0xbe, 0x6b, 0x5f, 0x67, 0xa1, 0x94, 0x2b, 0x86, 0xf6, 0xa1, 0x68, 0xd2,
-	0x0e, 0x26, 0xe7, 0xfc, 0x3b, 0x2f, 0x6c, 0xd8, 0x5e, 0x9c, 0xe1, 0xd0, 0x03, 0xf8, 0x4b, 0xf4,
-	0x7b, 0xa4, 0x4b, 0xa3, 0x48, 0xdb, 0x33, 0x29, 0xc3, 0x42, 0x77, 0xaa, 0x02, 0x5e, 0x12, 0xfd,
-	0xde, 0xa1, 0x8d, 0xb7, 0x7d, 0x18, 0xed, 0x02, 0xca, 0xb0, 0xe7, 0x5c, 0x70, 0x7d, 0xc9, 0xc2,
-	0x6a, 0xc1, 0x81, 0x97, 0x53, 0xf0, 0x71, 0x12, 0x47, 0x04, 0x1a, 0xa3, 0x68, 0x72, 0xcd, 0xcd,
-	0x25, 0x09, 0x95, 0x8c, 0xc9, 0xb9, 0x54, 0x44, 0x51, 0xc3, 0x48, 0xc4, 0x7b, 0xdc, 0x70, 0x71,
-	0x51, 0x9d, 0x75, 0x4c, 0xf7, 0x6f, 0x33, 0xbd, 0xe7, 0xe6, 0xf2, 0x48, 0xc9, 0xf8, 0x58, 0x2a,
-	0x4c, 0x0d, 0x3b, 0x4d, 0xe0, 0x88, 0xc2, 0xde, 0x9d, 0x05, 0x72, 0xed, 0xb6, 0x15, 0xe6, 0x5c,
-	0x85, 0xfa, 0x94, 0x0a, 0x59, 0xef, 0x6d, 0x89, 0x0f, 0xf0, 0x70, 0x52, 0x89, 0xe4, 0x19, 0x9c,
-	0x53, 0x1e, 0xb1, 0x90, 0x18, 0x49, 0x34, 0x13, 0x61, 0x75, 0xde, 0x15, 0xd8, 0x19, 0x57, 0xc0,
-	0x5f, 0xd5, 0xb1, 0xc3, 0x9f, 0xc9, 0x36, 0x13, 0x21, 0x6a, 0xc1, 0xff, 0x63, 0xe8, 0xaf, 0x84,
-	0xbc, 0x16, 0x44, 0xb1, 0x2e, 0xe3, 0x03, 0x16, 0x56, 0x17, 0x1c, 0xe5, 0xd6, 0x6d, 0xca, 0x37,
-	0x16, 0x85, 0x13, 0x50, 0xed, 0x47, 0x00, 0x2b, 0x37, 0x9e, 0x8d, 0x8e, 0xa5, 0xd0, 0x0c, 0xb5,
-	0x61, 0x39, 0x73, 0x80, 0x8f, 0x25, 0x4f, 0x63, 0xe7, 0x2e, 0x0b, 0x78, 0x74, 0x6b, 0x06, 0x2f,
-	0x0d, 0x3d, 0x90, 0x90, 0x3e, 0x83, 0x92, 0x66, 0x6a, 0xc0, 0x14, 0x89, 0xb8, 0x36, 0x89, 0x07,
-	0x56, 0xf3, 0x7c, 0x6d, 0xb7, 0x7d, 0xca, 0x9d, 0x87, 0x40, 0x0f, 0x57, 0x07, 0x9b, 0xb0, 0x71,
-	0xcb, 0x01, 0x9e, 0xd3, 0x5b, 0xe0, 0x5b, 0x00, 0x1b, 0x93, 0xa5, 0xa0, 0x27, 0xb0, 0x9a, 0x4f,
-	0x56, 0x24, 0x64, 0x11, 0xbb, 0xa0, 0x26, 0xb5, 0x45, 0x25, 0xca, 0x92, 0xd4, 0x51, 0xb2, 0x87,
-	0xde, 0xc1, 0x66, 0xde, 0xb2, 0x44, 0xb1, 0x58, 0x2a, 0x43, 0xb8, 0x30, 0x4c, 0x0d, 0x68, 0x94,
-	0xc8, 0xaf, 0xe4, 0xe5, 0xa7, 0x43, 0x0c, 0xaf, 0xe7, 0xdc, 0x8b, 0x5d, 0xde, 0x49, 0x92, 0x56,
-	0xfb, 0x12, 0x00, 0x64, 0xc7, 0x44, 0xbb, 0x76, 0x62, 0xd9, 0x95, 0x9d, 0x58, 0x85, 0x7a, 0xa9,
-	0x89, 0x46, 0xfb, 0x81, 0x53, 0x08, 0x7a, 0x0d, 0x2b, 0xec, 0x53, 0xcc, 0x7d, 0x95, 0x4c, 0x4a,
-	0x61, 0x8a, 0x14, 0x94, 0x25, 0x0c, 0x35, 0xfc, 0x0c, 0x60, 0xde, 0x53, 0xa3, 0x2d, 0x00, 0x1e,
-	0x13, 0x1a, 0x86, 0x8a, 0x69, 0x3f, 0x34, 0xcb, 0xb8, 0xc8, 0xe3, 0x57, 0x3e, 0x60, 0xe7, 0x87,
-	0x55, 0x9f, 0x4c, 0x4d, 0xf7, 0x6d, 0xed, 0x7c, 0xe3, 0x2e, 0x8c, 0xbc, 0x62, 0xc2, 0x69, 0x28,
-	0xe2, 0xe5, 0x5c, 0x2b, 0xcf, 0x6c, 0x1c, 0xed, 0xc3, 0xea, 0x14, 0xdb, 0x2e, 0xe2, 0x95, 0x70,
-	0x8c, 0x45, 0x9f, 0xc2, 0xda, 0x34, 0x2b, 0x2e, 0xe2, 0x4a, 0x38, 0xc6, 0x76, 0xcd, 0x0e, 0x94,
-	0x73, 0xf7, 0xaf, 0x10, 0x86, 0x52, 0xf2, 0x6d, 0xc3, 0xe8, 0xdf, 0x7c, 0x83, 0x46, 0x87, 0xe5,
-	0xc6, 0x7f, 0x13, 0xf7, 0xfd, 0x43, 0xaa, 0x07, 0x8f, 0x82, 0xce, 0xbc, 0xfb, 0x7d, 0xed, 0xff,
-	0x0a, 0x00, 0x00, 0xff, 0xff, 0x64, 0xbf, 0xda, 0x5e, 0xce, 0x06, 0x00, 0x00,
+	// 709 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x55, 0xdd, 0x4e, 0x1b, 0x3b,
+	0x10, 0x26, 0x27, 0x01, 0x92, 0x09, 0x3a, 0xe4, 0x98, 0x1c, 0x08, 0x14, 0x24, 0xba, 0x52, 0x69,
+	0x54, 0xd1, 0x20, 0xa0, 0xbd, 0xe8, 0xcf, 0x45, 0x1b, 0x10, 0x0a, 0x2d, 0x17, 0x95, 0x43, 0x55,
+	0xa9, 0x52, 0x65, 0x39, 0xd9, 0x21, 0x58, 0x6c, 0xec, 0xad, 0xed, 0x04, 0xf5, 0x11, 0xfa, 0x28,
+	0x7d, 0x8c, 0xaa, 0xcf, 0xd0, 0xf7, 0xa9, 0xd6, 0xbb, 0x9b, 0x5d, 0x20, 0x80, 0x7a, 0x67, 0x8f,
+	0xbf, 0xf9, 0xbe, 0xf1, 0xac, 0xbf, 0x59, 0xf0, 0x06, 0x3a, 0xec, 0xb3, 0xa0, 0xc7, 0xc6, 0xbb,
+	0x3b, 0x43, 0x34, 0x86, 0x0f, 0xd0, 0x4c, 0x16, 0xad, 0x50, 0x2b, 0xab, 0x08, 0x44, 0x98, 0x56,
+	0xd0, 0x6b, 0x8d, 0x77, 0xbd, 0x97, 0x50, 0x3e, 0x1c, 0x69, 0x6e, 0x85, 0x92, 0xa4, 0x01, 0xf3,
+	0x06, 0xfb, 0x4a, 0xfa, 0xa6, 0x51, 0xd8, 0x2c, 0x34, 0x8b, 0x34, 0xdd, 0x92, 0x3a, 0xcc, 0x4a,
+	0x2e, 0x95, 0x69, 0xfc, 0xb3, 0x59, 0x68, 0xce, 0xd2, 0x78, 0xe3, 0xbd, 0x82, 0xca, 0xa9, 0x18,
+	0xa2, 0xb1, 0x7c, 0x18, 0xfe, 0x75, 0xf2, 0xcf, 0x02, 0x90, 0x13, 0xc5, 0xfd, 0x36, 0x0f, 0xb8,
+	0xec, 0x23, 0xc5, 0xaf, 0x23, 0x34, 0x96, 0x7c, 0x80, 0x45, 0x21, 0x85, 0x15, 0x3c, 0x60, 0x3a,
+	0x0e, 0x39, 0xba, 0xea, 0xde, 0xa3, 0x56, 0x56, 0x75, 0xeb, 0x38, 0x86, 0xdc, 0xcc, 0xef, 0xcc,
+	0xd0, 0x7f, 0x93, 0xfc, 0x94, 0xf1, 0x35, 0x2c, 0xf4, 0x03, 0x81, 0xd2, 0x32, 0x63, 0xb9, 0x8d,
+	0xab, 0xa8, 0xee, 0xad, 0xe4, 0xe9, 0x0e, 0xdc, 0x79, 0x37, 0x3a, 0xee, 0xcc, 0xd0, 0x6a, 0x3f,
+	0xdb, 0xb6, 0x1f, 0xc0, 0x6a, 0xa0, 0xb8, 0xcf, 0x7a, 0xb1, 0x4c, 0x5a, 0x14, 0xb3, 0xdf, 0x42,
+	0xf4, 0x76, 0x60, 0xf5, 0xd6, 0x4a, 0x08, 0x81, 0x92, 0xe4, 0x43, 0x74, 0xe5, 0x57, 0xa8, 0x5b,
+	0x7b, 0xdf, 0x4b, 0x50, 0xcd, 0x89, 0x91, 0x7d, 0xa8, 0xd8, 0xb4, 0x83, 0xc9, 0x3d, 0xff, 0xcf,
+	0x17, 0x36, 0x69, 0x2f, 0xcd, 0x70, 0xe4, 0x09, 0xfc, 0x27, 0x47, 0x43, 0xd6, 0xe7, 0x41, 0x60,
+	0xa2, 0x3b, 0x69, 0x8b, 0xbe, 0xbb, 0x55, 0x91, 0x2e, 0xca, 0xd1, 0xf0, 0x20, 0x8a, 0x77, 0xe3,
+	0x30, 0xd9, 0x06, 0x92, 0x61, 0xcf, 0x84, 0x14, 0xe6, 0x1c, 0xfd, 0x46, 0xd1, 0x81, 0x6b, 0x29,
+	0xf8, 0x28, 0x89, 0x13, 0x06, 0xad, 0x9b, 0x68, 0x76, 0x29, 0xec, 0x39, 0xf3, 0xb5, 0x0a, 0xd9,
+	0x99, 0xd2, 0x4c, 0x73, 0x8b, 0x2c, 0x10, 0x43, 0x61, 0x85, 0x1c, 0x34, 0x4a, 0x8e, 0xe9, 0xf1,
+	0x75, 0xa6, 0x4f, 0xc2, 0x9e, 0x1f, 0x6a, 0x15, 0x1e, 0x29, 0x4d, 0xb9, 0xc5, 0x93, 0x04, 0x4e,
+	0x38, 0xec, 0xdc, 0x2b, 0x90, 0x6b, 0x77, 0xa4, 0x30, 0xeb, 0x14, 0x9a, 0x77, 0x28, 0x64, 0xbd,
+	0x8f, 0x24, 0xbe, 0xc0, 0xd3, 0xdb, 0x24, 0x92, 0x67, 0x70, 0xc6, 0x45, 0x80, 0x3e, 0xb3, 0x8a,
+	0x19, 0x94, 0x7e, 0x63, 0xce, 0x09, 0x6c, 0x4d, 0x13, 0x88, 0x3f, 0xd5, 0x91, 0xc3, 0x9f, 0xaa,
+	0x2e, 0x4a, 0x9f, 0x74, 0xe0, 0xe1, 0x14, 0xfa, 0x0b, 0xa9, 0x2e, 0x25, 0xd3, 0xd8, 0x47, 0x31,
+	0x46, 0xbf, 0x31, 0xef, 0x28, 0x37, 0xae, 0x53, 0xbe, 0x8f, 0x50, 0x34, 0x01, 0x79, 0xbf, 0x0a,
+	0xb0, 0x74, 0xe5, 0xd9, 0x98, 0x50, 0x49, 0x83, 0xa4, 0x0b, 0xb5, 0xcc, 0x01, 0x71, 0x2c, 0x79,
+	0x1a, 0x5b, 0xf7, 0x59, 0x20, 0x46, 0x77, 0x66, 0xe8, 0xe2, 0xc4, 0x03, 0x09, 0xe9, 0x0b, 0xa8,
+	0x1a, 0xd4, 0x63, 0xd4, 0x2c, 0x10, 0xc6, 0x26, 0x1e, 0x58, 0xce, 0xf3, 0x75, 0xdd, 0xf1, 0x89,
+	0x70, 0x1e, 0x02, 0x33, 0xd9, 0xb5, 0xd7, 0x61, 0xed, 0x9a, 0x03, 0x62, 0xce, 0xd8, 0x02, 0x3f,
+	0x0a, 0xb0, 0x76, 0x7b, 0x29, 0xe4, 0x19, 0x2c, 0xe7, 0x93, 0x35, 0xf3, 0x31, 0xc0, 0x01, 0xb7,
+	0xa9, 0x2d, 0xea, 0x41, 0x96, 0xa4, 0x0f, 0x93, 0x33, 0xf2, 0x11, 0xd6, 0xf3, 0x96, 0x65, 0x1a,
+	0x43, 0xa5, 0x2d, 0x13, 0xd2, 0xa2, 0x1e, 0xf3, 0x20, 0x29, 0xbf, 0x9e, 0x2f, 0x3f, 0x1d, 0x62,
+	0x74, 0x35, 0xe7, 0x5e, 0xea, 0xf2, 0x8e, 0x93, 0x34, 0xef, 0x0d, 0x40, 0x76, 0x4b, 0xb2, 0x1d,
+	0x0d, 0xac, 0x68, 0x17, 0x0d, 0xac, 0x62, 0xb3, 0xba, 0x47, 0x6e, 0xb6, 0x83, 0xa6, 0x90, 0x77,
+	0xa5, 0x72, 0xb1, 0x56, 0xf2, 0x7e, 0x17, 0x60, 0x2e, 0x3e, 0x21, 0x1b, 0x00, 0x22, 0x64, 0xdc,
+	0xf7, 0x35, 0x9a, 0x78, 0xe4, 0x2d, 0xd0, 0x8a, 0x08, 0xdf, 0xc6, 0x81, 0xc8, 0xfd, 0x91, 0x76,
+	0x32, 0xf3, 0xdc, 0x3a, 0x32, 0xe3, 0x95, 0x4e, 0x5a, 0x75, 0x81, 0xd2, 0x99, 0xb1, 0x42, 0x6b,
+	0xb9, 0x46, 0x9c, 0x46, 0x71, 0xb2, 0x0f, 0xcb, 0x77, 0x98, 0xae, 0x4c, 0x97, 0xfc, 0x29, 0x06,
+	0x7b, 0x0e, 0x2b, 0x77, 0x19, 0xa9, 0x4c, 0xeb, 0xfe, 0x14, 0xd3, 0xb4, 0xe1, 0x73, 0x39, 0xfd,
+	0x47, 0xf4, 0xe6, 0xdc, 0x4f, 0x62, 0xff, 0x4f, 0x00, 0x00, 0x00, 0xff, 0xff, 0xa3, 0x36, 0x86,
+	0xa6, 0x4a, 0x06, 0x00, 0x00,
 }
diff --git a/vendor/google.golang.org/grpc/grpclb/grpc_lb_v1/grpclb.proto b/vendor/google.golang.org/grpc/grpclb/grpc_lb_v1/messages/messages.proto
similarity index 71%
rename from vendor/google.golang.org/grpc/grpclb/grpc_lb_v1/grpclb.proto
rename to vendor/google.golang.org/grpc/grpclb/grpc_lb_v1/messages/messages.proto
index a2502fb284a3..2ed04551fad2 100644
--- a/vendor/google.golang.org/grpc/grpclb/grpc_lb_v1/grpclb.proto
+++ b/vendor/google.golang.org/grpc/grpclb/grpc_lb_v1/messages/messages.proto
@@ -1,35 +1,21 @@
-// Copyright 2016, Google Inc.
-// All rights reserved.
+// Copyright 2016 gRPC authors.
 //
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
 //
-//     * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-//     * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-//     * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
+//     http://www.apache.org/licenses/LICENSE-2.0
 //
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
 
 syntax = "proto3";
 
 package grpc.lb.v1;
+option go_package = "messages";
 
 message Duration {
   // Signed seconds of the span of time. Must be from -315,576,000,000
@@ -46,7 +32,6 @@ message Duration {
 }
 
 message Timestamp {
-
   // Represents seconds of UTC time since Unix epoch
   // 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to
   // 9999-12-31T23:59:59Z inclusive.
@@ -59,12 +44,6 @@ message Timestamp {
   int32 nanos = 2;
 }
 
-service LoadBalancer {
-  // Bidirectional rpc to get a list of servers.
-  rpc BalanceLoad(stream LoadBalanceRequest)
-      returns (stream LoadBalanceResponse);
-}
-
 message LoadBalanceRequest {
   oneof load_balance_request_type {
     // This message should be sent on the first request to the load balancer.
@@ -142,11 +121,8 @@ message ServerList {
   // unless instructed otherwise via the client_config.
   repeated Server servers = 1;
 
-  // Indicates the amount of time that the client should consider this server
-  // list as valid. It may be considered stale after waiting this interval of
-  // time after receiving the list. If the interval is not positive, the
-  // client can assume the list is valid until the next list is received.
-  Duration expiration_interval = 3;
+  // Was google.protobuf.Duration expiration_interval.
+  reserved 3;
 }
 
 // Contains server information. When none of the [drop_for_*] fields are true,
diff --git a/vendor/google.golang.org/grpc/grpclog/grpclog.go b/vendor/google.golang.org/grpc/grpclog/grpclog.go
new file mode 100644
index 000000000000..1d71e25de502
--- /dev/null
+++ b/vendor/google.golang.org/grpc/grpclog/grpclog.go
@@ -0,0 +1,123 @@
+/*
+ *
+ * Copyright 2017 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package grpclog defines logging for grpc.
+//
+// All logs in transport package only go to verbose level 2.
+// All logs in other packages in grpc are logged in spite of the verbosity level.
+//
+// In the default logger,
+// severity level can be set by environment variable GRPC_GO_LOG_SEVERITY_LEVEL,
+// verbosity level can be set by GRPC_GO_LOG_VERBOSITY_LEVEL.
+package grpclog
+
+import "os"
+
+var logger = newLoggerV2()
+
+// V reports whether verbosity level l is at least the requested verbose level.
+func V(l int) bool {
+	return logger.V(l)
+}
+
+// Info logs to the INFO log.
+func Info(args ...interface{}) {
+	logger.Info(args...)
+}
+
+// Infof logs to the INFO log. Arguments are handled in the manner of fmt.Printf.
+func Infof(format string, args ...interface{}) {
+	logger.Infof(format, args...)
+}
+
+// Infoln logs to the INFO log. Arguments are handled in the manner of fmt.Println.
+func Infoln(args ...interface{}) {
+	logger.Infoln(args...)
+}
+
+// Warning logs to the WARNING log.
+func Warning(args ...interface{}) {
+	logger.Warning(args...)
+}
+
+// Warningf logs to the WARNING log. Arguments are handled in the manner of fmt.Printf.
+func Warningf(format string, args ...interface{}) {
+	logger.Warningf(format, args...)
+}
+
+// Warningln logs to the WARNING log. Arguments are handled in the manner of fmt.Println.
+func Warningln(args ...interface{}) {
+	logger.Warningln(args...)
+}
+
+// Error logs to the ERROR log.
+func Error(args ...interface{}) {
+	logger.Error(args...)
+}
+
+// Errorf logs to the ERROR log. Arguments are handled in the manner of fmt.Printf.
+func Errorf(format string, args ...interface{}) {
+	logger.Errorf(format, args...)
+}
+
+// Errorln logs to the ERROR log. Arguments are handled in the manner of fmt.Println.
+func Errorln(args ...interface{}) {
+	logger.Errorln(args...)
+}
+
+// Fatal logs to the FATAL log. Arguments are handled in the manner of fmt.Print.
+// It calls os.Exit() with exit code 1.
+func Fatal(args ...interface{}) {
+	logger.Fatal(args...)
+	// Make sure fatal logs will exit.
+	os.Exit(1)
+}
+
+// Fatalf logs to the FATAL log. Arguments are handled in the manner of fmt.Printf.
+// It calles os.Exit() with exit code 1.
+func Fatalf(format string, args ...interface{}) {
+	logger.Fatalf(format, args...)
+	// Make sure fatal logs will exit.
+	os.Exit(1)
+}
+
+// Fatalln logs to the FATAL log. Arguments are handled in the manner of fmt.Println.
+// It calle os.Exit()) with exit code 1.
+func Fatalln(args ...interface{}) {
+	logger.Fatalln(args...)
+	// Make sure fatal logs will exit.
+	os.Exit(1)
+}
+
+// Print prints to the logger. Arguments are handled in the manner of fmt.Print.
+// Deprecated: use Info.
+func Print(args ...interface{}) {
+	logger.Info(args...)
+}
+
+// Printf prints to the logger. Arguments are handled in the manner of fmt.Printf.
+// Deprecated: use Infof.
+func Printf(format string, args ...interface{}) {
+	logger.Infof(format, args...)
+}
+
+// Println prints to the logger. Arguments are handled in the manner of fmt.Println.
+// Deprecated: use Infoln.
+func Println(args ...interface{}) {
+	logger.Infoln(args...)
+}
diff --git a/vendor/google.golang.org/grpc/grpclog/logger.go b/vendor/google.golang.org/grpc/grpclog/logger.go
index 2cc09be48945..d03b2397bfab 100644
--- a/vendor/google.golang.org/grpc/grpclog/logger.go
+++ b/vendor/google.golang.org/grpc/grpclog/logger.go
@@ -1,52 +1,25 @@
 /*
  *
- * Copyright 2015, Google Inc.
- * All rights reserved.
+ * Copyright 2015 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
-/*
-Package grpclog defines logging for grpc.
-*/
 package grpclog
 
-import (
-	"log"
-	"os"
-)
-
-// Use golang's standard logger by default.
-// Access is not mutex-protected: do not modify except in init()
-// functions.
-var logger Logger = log.New(os.Stderr, "", log.LstdFlags)
-
 // Logger mimics golang's standard Logger as an interface.
+// Deprecated: use LoggerV2.
 type Logger interface {
 	Fatal(args ...interface{})
 	Fatalf(format string, args ...interface{})
@@ -58,36 +31,53 @@ type Logger interface {
 
 // SetLogger sets the logger that is used in grpc. Call only from
 // init() functions.
+// Deprecated: use SetLoggerV2.
 func SetLogger(l Logger) {
-	logger = l
+	logger = &loggerWrapper{Logger: l}
+}
+
+// loggerWrapper wraps Logger into a LoggerV2.
+type loggerWrapper struct {
+	Logger
+}
+
+func (g *loggerWrapper) Info(args ...interface{}) {
+	g.Logger.Print(args...)
+}
+
+func (g *loggerWrapper) Infoln(args ...interface{}) {
+	g.Logger.Println(args...)
+}
+
+func (g *loggerWrapper) Infof(format string, args ...interface{}) {
+	g.Logger.Printf(format, args...)
+}
+
+func (g *loggerWrapper) Warning(args ...interface{}) {
+	g.Logger.Print(args...)
 }
 
-// Fatal is equivalent to Print() followed by a call to os.Exit() with a non-zero exit code.
-func Fatal(args ...interface{}) {
-	logger.Fatal(args...)
+func (g *loggerWrapper) Warningln(args ...interface{}) {
+	g.Logger.Println(args...)
 }
 
-// Fatalf is equivalent to Printf() followed by a call to os.Exit() with a non-zero exit code.
-func Fatalf(format string, args ...interface{}) {
-	logger.Fatalf(format, args...)
+func (g *loggerWrapper) Warningf(format string, args ...interface{}) {
+	g.Logger.Printf(format, args...)
 }
 
-// Fatalln is equivalent to Println() followed by a call to os.Exit()) with a non-zero exit code.
-func Fatalln(args ...interface{}) {
-	logger.Fatalln(args...)
+func (g *loggerWrapper) Error(args ...interface{}) {
+	g.Logger.Print(args...)
 }
 
-// Print prints to the logger. Arguments are handled in the manner of fmt.Print.
-func Print(args ...interface{}) {
-	logger.Print(args...)
+func (g *loggerWrapper) Errorln(args ...interface{}) {
+	g.Logger.Println(args...)
 }
 
-// Printf prints to the logger. Arguments are handled in the manner of fmt.Printf.
-func Printf(format string, args ...interface{}) {
-	logger.Printf(format, args...)
+func (g *loggerWrapper) Errorf(format string, args ...interface{}) {
+	g.Logger.Printf(format, args...)
 }
 
-// Println prints to the logger. Arguments are handled in the manner of fmt.Println.
-func Println(args ...interface{}) {
-	logger.Println(args...)
+func (g *loggerWrapper) V(l int) bool {
+	// Returns true for all verbose level.
+	return true
 }
diff --git a/vendor/google.golang.org/grpc/grpclog/loggerv2.go b/vendor/google.golang.org/grpc/grpclog/loggerv2.go
new file mode 100644
index 000000000000..d4932577695f
--- /dev/null
+++ b/vendor/google.golang.org/grpc/grpclog/loggerv2.go
@@ -0,0 +1,195 @@
+/*
+ *
+ * Copyright 2017 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package grpclog
+
+import (
+	"io"
+	"io/ioutil"
+	"log"
+	"os"
+	"strconv"
+)
+
+// LoggerV2 does underlying logging work for grpclog.
+type LoggerV2 interface {
+	// Info logs to INFO log. Arguments are handled in the manner of fmt.Print.
+	Info(args ...interface{})
+	// Infoln logs to INFO log. Arguments are handled in the manner of fmt.Println.
+	Infoln(args ...interface{})
+	// Infof logs to INFO log. Arguments are handled in the manner of fmt.Printf.
+	Infof(format string, args ...interface{})
+	// Warning logs to WARNING log. Arguments are handled in the manner of fmt.Print.
+	Warning(args ...interface{})
+	// Warningln logs to WARNING log. Arguments are handled in the manner of fmt.Println.
+	Warningln(args ...interface{})
+	// Warningf logs to WARNING log. Arguments are handled in the manner of fmt.Printf.
+	Warningf(format string, args ...interface{})
+	// Error logs to ERROR log. Arguments are handled in the manner of fmt.Print.
+	Error(args ...interface{})
+	// Errorln logs to ERROR log. Arguments are handled in the manner of fmt.Println.
+	Errorln(args ...interface{})
+	// Errorf logs to ERROR log. Arguments are handled in the manner of fmt.Printf.
+	Errorf(format string, args ...interface{})
+	// Fatal logs to ERROR log. Arguments are handled in the manner of fmt.Print.
+	// gRPC ensures that all Fatal logs will exit with os.Exit(1).
+	// Implementations may also call os.Exit() with a non-zero exit code.
+	Fatal(args ...interface{})
+	// Fatalln logs to ERROR log. Arguments are handled in the manner of fmt.Println.
+	// gRPC ensures that all Fatal logs will exit with os.Exit(1).
+	// Implementations may also call os.Exit() with a non-zero exit code.
+	Fatalln(args ...interface{})
+	// Fatalf logs to ERROR log. Arguments are handled in the manner of fmt.Printf.
+	// gRPC ensures that all Fatal logs will exit with os.Exit(1).
+	// Implementations may also call os.Exit() with a non-zero exit code.
+	Fatalf(format string, args ...interface{})
+	// V reports whether verbosity level l is at least the requested verbose level.
+	V(l int) bool
+}
+
+// SetLoggerV2 sets logger that is used in grpc to a V2 logger.
+// Not mutex-protected, should be called before any gRPC functions.
+func SetLoggerV2(l LoggerV2) {
+	logger = l
+}
+
+const (
+	// infoLog indicates Info severity.
+	infoLog int = iota
+	// warningLog indicates Warning severity.
+	warningLog
+	// errorLog indicates Error severity.
+	errorLog
+	// fatalLog indicates Fatal severity.
+	fatalLog
+)
+
+// severityName contains the string representation of each severity.
+var severityName = []string{
+	infoLog:    "INFO",
+	warningLog: "WARNING",
+	errorLog:   "ERROR",
+	fatalLog:   "FATAL",
+}
+
+// loggerT is the default logger used by grpclog.
+type loggerT struct {
+	m []*log.Logger
+	v int
+}
+
+// NewLoggerV2 creates a loggerV2 with the provided writers.
+// Fatal logs will be written to errorW, warningW, infoW, followed by exit(1).
+// Error logs will be written to errorW, warningW and infoW.
+// Warning logs will be written to warningW and infoW.
+// Info logs will be written to infoW.
+func NewLoggerV2(infoW, warningW, errorW io.Writer) LoggerV2 {
+	return NewLoggerV2WithVerbosity(infoW, warningW, errorW, 0)
+}
+
+// NewLoggerV2WithVerbosity creates a loggerV2 with the provided writers and
+// verbosity level.
+func NewLoggerV2WithVerbosity(infoW, warningW, errorW io.Writer, v int) LoggerV2 {
+	var m []*log.Logger
+	m = append(m, log.New(infoW, severityName[infoLog]+": ", log.LstdFlags))
+	m = append(m, log.New(io.MultiWriter(infoW, warningW), severityName[warningLog]+": ", log.LstdFlags))
+	ew := io.MultiWriter(infoW, warningW, errorW) // ew will be used for error and fatal.
+	m = append(m, log.New(ew, severityName[errorLog]+": ", log.LstdFlags))
+	m = append(m, log.New(ew, severityName[fatalLog]+": ", log.LstdFlags))
+	return &loggerT{m: m, v: v}
+}
+
+// newLoggerV2 creates a loggerV2 to be used as default logger.
+// All logs are written to stderr.
+func newLoggerV2() LoggerV2 {
+	errorW := ioutil.Discard
+	warningW := ioutil.Discard
+	infoW := ioutil.Discard
+
+	logLevel := os.Getenv("GRPC_GO_LOG_SEVERITY_LEVEL")
+	switch logLevel {
+	case "", "ERROR", "error": // If env is unset, set level to ERROR.
+		errorW = os.Stderr
+	case "WARNING", "warning":
+		warningW = os.Stderr
+	case "INFO", "info":
+		infoW = os.Stderr
+	}
+
+	var v int
+	vLevel := os.Getenv("GRPC_GO_LOG_VERBOSITY_LEVEL")
+	if vl, err := strconv.Atoi(vLevel); err == nil {
+		v = vl
+	}
+	return NewLoggerV2WithVerbosity(infoW, warningW, errorW, v)
+}
+
+func (g *loggerT) Info(args ...interface{}) {
+	g.m[infoLog].Print(args...)
+}
+
+func (g *loggerT) Infoln(args ...interface{}) {
+	g.m[infoLog].Println(args...)
+}
+
+func (g *loggerT) Infof(format string, args ...interface{}) {
+	g.m[infoLog].Printf(format, args...)
+}
+
+func (g *loggerT) Warning(args ...interface{}) {
+	g.m[warningLog].Print(args...)
+}
+
+func (g *loggerT) Warningln(args ...interface{}) {
+	g.m[warningLog].Println(args...)
+}
+
+func (g *loggerT) Warningf(format string, args ...interface{}) {
+	g.m[warningLog].Printf(format, args...)
+}
+
+func (g *loggerT) Error(args ...interface{}) {
+	g.m[errorLog].Print(args...)
+}
+
+func (g *loggerT) Errorln(args ...interface{}) {
+	g.m[errorLog].Println(args...)
+}
+
+func (g *loggerT) Errorf(format string, args ...interface{}) {
+	g.m[errorLog].Printf(format, args...)
+}
+
+func (g *loggerT) Fatal(args ...interface{}) {
+	g.m[fatalLog].Fatal(args...)
+	// No need to call os.Exit() again because log.Logger.Fatal() calls os.Exit().
+}
+
+func (g *loggerT) Fatalln(args ...interface{}) {
+	g.m[fatalLog].Fatalln(args...)
+	// No need to call os.Exit() again because log.Logger.Fatal() calls os.Exit().
+}
+
+func (g *loggerT) Fatalf(format string, args ...interface{}) {
+	g.m[fatalLog].Fatalf(format, args...)
+	// No need to call os.Exit() again because log.Logger.Fatal() calls os.Exit().
+}
+
+func (g *loggerT) V(l int) bool {
+	return l <= g.v
+}
diff --git a/vendor/google.golang.org/grpc/health/grpc_health_v1/health.pb.go b/vendor/google.golang.org/grpc/health/grpc_health_v1/health.pb.go
new file mode 100644
index 000000000000..fdcbb9e0b7db
--- /dev/null
+++ b/vendor/google.golang.org/grpc/health/grpc_health_v1/health.pb.go
@@ -0,0 +1,190 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// source: grpc_health_v1/health.proto
+
+/*
+Package grpc_health_v1 is a generated protocol buffer package.
+
+It is generated from these files:
+	grpc_health_v1/health.proto
+
+It has these top-level messages:
+	HealthCheckRequest
+	HealthCheckResponse
+*/
+package grpc_health_v1
+
+import proto "github.com/golang/protobuf/proto"
+import fmt "fmt"
+import math "math"
+
+import (
+	context "golang.org/x/net/context"
+	grpc "google.golang.org/grpc"
+)
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = fmt.Errorf
+var _ = math.Inf
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the proto package it is being compiled against.
+// A compilation error at this line likely means your copy of the
+// proto package needs to be updated.
+const _ = proto.ProtoPackageIsVersion2 // please upgrade the proto package
+
+type HealthCheckResponse_ServingStatus int32
+
+const (
+	HealthCheckResponse_UNKNOWN     HealthCheckResponse_ServingStatus = 0
+	HealthCheckResponse_SERVING     HealthCheckResponse_ServingStatus = 1
+	HealthCheckResponse_NOT_SERVING HealthCheckResponse_ServingStatus = 2
+)
+
+var HealthCheckResponse_ServingStatus_name = map[int32]string{
+	0: "UNKNOWN",
+	1: "SERVING",
+	2: "NOT_SERVING",
+}
+var HealthCheckResponse_ServingStatus_value = map[string]int32{
+	"UNKNOWN":     0,
+	"SERVING":     1,
+	"NOT_SERVING": 2,
+}
+
+func (x HealthCheckResponse_ServingStatus) String() string {
+	return proto.EnumName(HealthCheckResponse_ServingStatus_name, int32(x))
+}
+func (HealthCheckResponse_ServingStatus) EnumDescriptor() ([]byte, []int) {
+	return fileDescriptor0, []int{1, 0}
+}
+
+type HealthCheckRequest struct {
+	Service string `protobuf:"bytes,1,opt,name=service" json:"service,omitempty"`
+}
+
+func (m *HealthCheckRequest) Reset()                    { *m = HealthCheckRequest{} }
+func (m *HealthCheckRequest) String() string            { return proto.CompactTextString(m) }
+func (*HealthCheckRequest) ProtoMessage()               {}
+func (*HealthCheckRequest) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{0} }
+
+func (m *HealthCheckRequest) GetService() string {
+	if m != nil {
+		return m.Service
+	}
+	return ""
+}
+
+type HealthCheckResponse struct {
+	Status HealthCheckResponse_ServingStatus `protobuf:"varint,1,opt,name=status,enum=grpc.health.v1.HealthCheckResponse_ServingStatus" json:"status,omitempty"`
+}
+
+func (m *HealthCheckResponse) Reset()                    { *m = HealthCheckResponse{} }
+func (m *HealthCheckResponse) String() string            { return proto.CompactTextString(m) }
+func (*HealthCheckResponse) ProtoMessage()               {}
+func (*HealthCheckResponse) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{1} }
+
+func (m *HealthCheckResponse) GetStatus() HealthCheckResponse_ServingStatus {
+	if m != nil {
+		return m.Status
+	}
+	return HealthCheckResponse_UNKNOWN
+}
+
+func init() {
+	proto.RegisterType((*HealthCheckRequest)(nil), "grpc.health.v1.HealthCheckRequest")
+	proto.RegisterType((*HealthCheckResponse)(nil), "grpc.health.v1.HealthCheckResponse")
+	proto.RegisterEnum("grpc.health.v1.HealthCheckResponse_ServingStatus", HealthCheckResponse_ServingStatus_name, HealthCheckResponse_ServingStatus_value)
+}
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ context.Context
+var _ grpc.ClientConn
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the grpc package it is being compiled against.
+const _ = grpc.SupportPackageIsVersion4
+
+// Client API for Health service
+
+type HealthClient interface {
+	Check(ctx context.Context, in *HealthCheckRequest, opts ...grpc.CallOption) (*HealthCheckResponse, error)
+}
+
+type healthClient struct {
+	cc *grpc.ClientConn
+}
+
+func NewHealthClient(cc *grpc.ClientConn) HealthClient {
+	return &healthClient{cc}
+}
+
+func (c *healthClient) Check(ctx context.Context, in *HealthCheckRequest, opts ...grpc.CallOption) (*HealthCheckResponse, error) {
+	out := new(HealthCheckResponse)
+	err := grpc.Invoke(ctx, "/grpc.health.v1.Health/Check", in, out, c.cc, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+// Server API for Health service
+
+type HealthServer interface {
+	Check(context.Context, *HealthCheckRequest) (*HealthCheckResponse, error)
+}
+
+func RegisterHealthServer(s *grpc.Server, srv HealthServer) {
+	s.RegisterService(&_Health_serviceDesc, srv)
+}
+
+func _Health_Check_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(HealthCheckRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(HealthServer).Check(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/grpc.health.v1.Health/Check",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(HealthServer).Check(ctx, req.(*HealthCheckRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+var _Health_serviceDesc = grpc.ServiceDesc{
+	ServiceName: "grpc.health.v1.Health",
+	HandlerType: (*HealthServer)(nil),
+	Methods: []grpc.MethodDesc{
+		{
+			MethodName: "Check",
+			Handler:    _Health_Check_Handler,
+		},
+	},
+	Streams:  []grpc.StreamDesc{},
+	Metadata: "grpc_health_v1/health.proto",
+}
+
+func init() { proto.RegisterFile("grpc_health_v1/health.proto", fileDescriptor0) }
+
+var fileDescriptor0 = []byte{
+	// 213 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x92, 0x4e, 0x2f, 0x2a, 0x48,
+	0x8e, 0xcf, 0x48, 0x4d, 0xcc, 0x29, 0xc9, 0x88, 0x2f, 0x33, 0xd4, 0x87, 0xb0, 0xf4, 0x0a, 0x8a,
+	0xf2, 0x4b, 0xf2, 0x85, 0xf8, 0x40, 0x92, 0x7a, 0x50, 0xa1, 0x32, 0x43, 0x25, 0x3d, 0x2e, 0x21,
+	0x0f, 0x30, 0xc7, 0x39, 0x23, 0x35, 0x39, 0x3b, 0x28, 0xb5, 0xb0, 0x34, 0xb5, 0xb8, 0x44, 0x48,
+	0x82, 0x8b, 0xbd, 0x38, 0xb5, 0xa8, 0x2c, 0x33, 0x39, 0x55, 0x82, 0x51, 0x81, 0x51, 0x83, 0x33,
+	0x08, 0xc6, 0x55, 0x9a, 0xc3, 0xc8, 0x25, 0x8c, 0xa2, 0xa1, 0xb8, 0x20, 0x3f, 0xaf, 0x38, 0x55,
+	0xc8, 0x93, 0x8b, 0xad, 0xb8, 0x24, 0xb1, 0xa4, 0xb4, 0x18, 0xac, 0x81, 0xcf, 0xc8, 0x50, 0x0f,
+	0xd5, 0x22, 0x3d, 0x2c, 0x9a, 0xf4, 0x82, 0x41, 0x86, 0xe6, 0xa5, 0x07, 0x83, 0x35, 0x06, 0x41,
+	0x0d, 0x50, 0xb2, 0xe2, 0xe2, 0x45, 0x91, 0x10, 0xe2, 0xe6, 0x62, 0x0f, 0xf5, 0xf3, 0xf6, 0xf3,
+	0x0f, 0xf7, 0x13, 0x60, 0x00, 0x71, 0x82, 0x5d, 0x83, 0xc2, 0x3c, 0xfd, 0xdc, 0x05, 0x18, 0x85,
+	0xf8, 0xb9, 0xb8, 0xfd, 0xfc, 0x43, 0xe2, 0x61, 0x02, 0x4c, 0x46, 0x51, 0x5c, 0x6c, 0x10, 0x8b,
+	0x84, 0x02, 0xb8, 0x58, 0xc1, 0x96, 0x09, 0x29, 0xe1, 0x75, 0x09, 0xd8, 0xbf, 0x52, 0xca, 0x44,
+	0xb8, 0x36, 0x89, 0x0d, 0x1c, 0x82, 0xc6, 0x80, 0x00, 0x00, 0x00, 0xff, 0xff, 0x53, 0x2b, 0x65,
+	0x20, 0x60, 0x01, 0x00, 0x00,
+}
diff --git a/vendor/google.golang.org/grpc/health/grpc_health_v1/health.proto b/vendor/google.golang.org/grpc/health/grpc_health_v1/health.proto
new file mode 100644
index 000000000000..6072fdc3b801
--- /dev/null
+++ b/vendor/google.golang.org/grpc/health/grpc_health_v1/health.proto
@@ -0,0 +1,34 @@
+// Copyright 2017 gRPC authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package grpc.health.v1;
+
+message HealthCheckRequest {
+  string service = 1;
+}
+
+message HealthCheckResponse {
+  enum ServingStatus {
+ 	UNKNOWN = 0;
+	SERVING = 1;
+	NOT_SERVING = 2;
+  }
+  ServingStatus status = 1;
+}
+
+service Health{
+  rpc Check(HealthCheckRequest) returns (HealthCheckResponse);
+} 
diff --git a/vendor/google.golang.org/grpc/interceptor.go b/vendor/google.golang.org/grpc/interceptor.go
index a6921614572b..06dc825b9fba 100644
--- a/vendor/google.golang.org/grpc/interceptor.go
+++ b/vendor/google.golang.org/grpc/interceptor.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2016, Google Inc.
- * All rights reserved.
+ * Copyright 2016 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -42,15 +27,15 @@ type UnaryInvoker func(ctx context.Context, method string, req, reply interface{
 
 // UnaryClientInterceptor intercepts the execution of a unary RPC on the client. invoker is the handler to complete the RPC
 // and it is the responsibility of the interceptor to call it.
-// This is the EXPERIMENTAL API.
+// This is an EXPERIMENTAL API.
 type UnaryClientInterceptor func(ctx context.Context, method string, req, reply interface{}, cc *ClientConn, invoker UnaryInvoker, opts ...CallOption) error
 
 // Streamer is called by StreamClientInterceptor to create a ClientStream.
 type Streamer func(ctx context.Context, desc *StreamDesc, cc *ClientConn, method string, opts ...CallOption) (ClientStream, error)
 
 // StreamClientInterceptor intercepts the creation of ClientStream. It may return a custom ClientStream to intercept all I/O
-// operations. streamer is the handlder to create a ClientStream and it is the responsibility of the interceptor to call it.
-// This is the EXPERIMENTAL API.
+// operations. streamer is the handler to create a ClientStream and it is the responsibility of the interceptor to call it.
+// This is an EXPERIMENTAL API.
 type StreamClientInterceptor func(ctx context.Context, desc *StreamDesc, cc *ClientConn, method string, streamer Streamer, opts ...CallOption) (ClientStream, error)
 
 // UnaryServerInfo consists of various information about a unary RPC on
diff --git a/vendor/google.golang.org/grpc/internal/internal.go b/vendor/google.golang.org/grpc/internal/internal.go
index 5489143a85c1..07083832c3c6 100644
--- a/vendor/google.golang.org/grpc/internal/internal.go
+++ b/vendor/google.golang.org/grpc/internal/internal.go
@@ -1,32 +1,17 @@
 /*
- * Copyright 2016, Google Inc.
- * All rights reserved.
+ * Copyright 2016 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
diff --git a/vendor/google.golang.org/grpc/keepalive/keepalive.go b/vendor/google.golang.org/grpc/keepalive/keepalive.go
index d492589c96b6..f8adc7e6d4fa 100644
--- a/vendor/google.golang.org/grpc/keepalive/keepalive.go
+++ b/vendor/google.golang.org/grpc/keepalive/keepalive.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2017, Google Inc.
- * All rights reserved.
+ * Copyright 2017 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -39,8 +24,8 @@ import (
 )
 
 // ClientParameters is used to set keepalive parameters on the client-side.
-// These configure how the client will actively probe to notice when a connection broken
-// and to cause activity so intermediaries are aware the connection is still in use.
+// These configure how the client will actively probe to notice when a connection is broken
+// and send pings so intermediaries will be aware of the liveness of the connection.
 // Make sure these parameters are set in coordination with the keepalive policy on the server,
 // as incompatible settings can result in closing of connection.
 type ClientParameters struct {
diff --git a/vendor/google.golang.org/grpc/metadata/metadata.go b/vendor/google.golang.org/grpc/metadata/metadata.go
index a4f2de026db6..589161d57fa1 100644
--- a/vendor/google.golang.org/grpc/metadata/metadata.go
+++ b/vendor/google.golang.org/grpc/metadata/metadata.go
@@ -1,38 +1,23 @@
 /*
  *
- * Copyright 2014, Google Inc.
- * All rights reserved.
+ * Copyright 2014 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
 // Package metadata define the structure of the metadata supported by gRPC library.
-// Please refer to http://www.grpc.io/docs/guides/wire.html for more information about custom-metadata.
+// Please refer to https://grpc.io/docs/guides/wire.html for more information about custom-metadata.
 package metadata
 
 import (
@@ -51,8 +36,17 @@ func DecodeKeyValue(k, v string) (string, string, error) {
 // two convenience functions New and Pairs to generate MD.
 type MD map[string][]string
 
-// New creates a MD from given key-value map.
-// Keys are automatically converted to lowercase.
+// New creates an MD from a given key-value map.
+//
+// Only the following ASCII characters are allowed in keys:
+//  - digits: 0-9
+//  - uppercase letters: A-Z (normalized to lower)
+//  - lowercase letters: a-z
+//  - special characters: -_.
+// Uppercase letters are automatically converted to lowercase.
+//
+// Keys beginning with "grpc-" are reserved for grpc-internal use only and may
+// result in errors if set in metadata.
 func New(m map[string]string) MD {
 	md := MD{}
 	for k, val := range m {
@@ -64,7 +58,16 @@ func New(m map[string]string) MD {
 
 // Pairs returns an MD formed by the mapping of key, value ...
 // Pairs panics if len(kv) is odd.
-// Keys are automatically converted to lowercase.
+//
+// Only the following ASCII characters are allowed in keys:
+//  - digits: 0-9
+//  - uppercase letters: A-Z (normalized to lower)
+//  - lowercase letters: a-z
+//  - special characters: -_.
+// Uppercase letters are automatically converted to lowercase.
+//
+// Keys beginning with "grpc-" are reserved for grpc-internal use only and may
+// result in errors if set in metadata.
 func Pairs(kv ...string) MD {
 	if len(kv)%2 == 1 {
 		panic(fmt.Sprintf("metadata: Pairs got the odd number of input pairs for metadata: %d", len(kv)))
@@ -91,9 +94,9 @@ func (md MD) Copy() MD {
 	return Join(md)
 }
 
-// Join joins any number of MDs into a single MD.
+// Join joins any number of mds into a single MD.
 // The order of values for each key is determined by the order in which
-// the MDs containing those values are presented to Join.
+// the mds containing those values are presented to Join.
 func Join(mds ...MD) MD {
 	out := MD{}
 	for _, md := range mds {
@@ -107,11 +110,6 @@ func Join(mds ...MD) MD {
 type mdIncomingKey struct{}
 type mdOutgoingKey struct{}
 
-// NewContext is a wrapper for NewOutgoingContext(ctx, md).  Deprecated.
-func NewContext(ctx context.Context, md MD) context.Context {
-	return NewOutgoingContext(ctx, md)
-}
-
 // NewIncomingContext creates a new context with incoming md attached.
 func NewIncomingContext(ctx context.Context, md MD) context.Context {
 	return context.WithValue(ctx, mdIncomingKey{}, md)
@@ -122,22 +120,17 @@ func NewOutgoingContext(ctx context.Context, md MD) context.Context {
 	return context.WithValue(ctx, mdOutgoingKey{}, md)
 }
 
-// FromContext is a wrapper for FromIncomingContext(ctx).  Deprecated.
-func FromContext(ctx context.Context) (md MD, ok bool) {
-	return FromIncomingContext(ctx)
-}
-
-// FromIncomingContext returns the incoming MD in ctx if it exists.  The
-// returned md should be immutable, writing to it may cause races.
-// Modification should be made to the copies of the returned md.
+// FromIncomingContext returns the incoming metadata in ctx if it exists.  The
+// returned MD should not be modified. Writing to it may cause races.
+// Modification should be made to copies of the returned MD.
 func FromIncomingContext(ctx context.Context) (md MD, ok bool) {
 	md, ok = ctx.Value(mdIncomingKey{}).(MD)
 	return
 }
 
-// FromOutgoingContext returns the outgoing MD in ctx if it exists.  The
-// returned md should be immutable, writing to it may cause races.
-// Modification should be made to the copies of the returned md.
+// FromOutgoingContext returns the outgoing metadata in ctx if it exists.  The
+// returned MD should not be modified. Writing to it may cause races.
+// Modification should be made to the copies of the returned MD.
 func FromOutgoingContext(ctx context.Context) (md MD, ok bool) {
 	md, ok = ctx.Value(mdOutgoingKey{}).(MD)
 	return
diff --git a/vendor/google.golang.org/grpc/naming/dns_resolver.go b/vendor/google.golang.org/grpc/naming/dns_resolver.go
new file mode 100644
index 000000000000..7e69a2ca0a66
--- /dev/null
+++ b/vendor/google.golang.org/grpc/naming/dns_resolver.go
@@ -0,0 +1,290 @@
+/*
+ *
+ * Copyright 2017 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package naming
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"strconv"
+	"time"
+
+	"golang.org/x/net/context"
+	"google.golang.org/grpc/grpclog"
+)
+
+const (
+	defaultPort = "443"
+	defaultFreq = time.Minute * 30
+)
+
+var (
+	errMissingAddr  = errors.New("missing address")
+	errWatcherClose = errors.New("watcher has been closed")
+)
+
+// NewDNSResolverWithFreq creates a DNS Resolver that can resolve DNS names, and
+// create watchers that poll the DNS server using the frequency set by freq.
+func NewDNSResolverWithFreq(freq time.Duration) (Resolver, error) {
+	return &dnsResolver{freq: freq}, nil
+}
+
+// NewDNSResolver creates a DNS Resolver that can resolve DNS names, and create
+// watchers that poll the DNS server using the default frequency defined by defaultFreq.
+func NewDNSResolver() (Resolver, error) {
+	return NewDNSResolverWithFreq(defaultFreq)
+}
+
+// dnsResolver handles name resolution for names following the DNS scheme
+type dnsResolver struct {
+	// frequency of polling the DNS server that the watchers created by this resolver will use.
+	freq time.Duration
+}
+
+// formatIP returns ok = false if addr is not a valid textual representation of an IP address.
+// If addr is an IPv4 address, return the addr and ok = true.
+// If addr is an IPv6 address, return the addr enclosed in square brackets and ok = true.
+func formatIP(addr string) (addrIP string, ok bool) {
+	ip := net.ParseIP(addr)
+	if ip == nil {
+		return "", false
+	}
+	if ip.To4() != nil {
+		return addr, true
+	}
+	return "[" + addr + "]", true
+}
+
+// parseTarget takes the user input target string, returns formatted host and port info.
+// If target doesn't specify a port, set the port to be the defaultPort.
+// If target is in IPv6 format and host-name is enclosed in sqarue brackets, brackets
+// are strippd when setting the host.
+// examples:
+// target: "www.google.com" returns host: "www.google.com", port: "443"
+// target: "ipv4-host:80" returns host: "ipv4-host", port: "80"
+// target: "[ipv6-host]" returns host: "ipv6-host", port: "443"
+// target: ":80" returns host: "localhost", port: "80"
+// target: ":" returns host: "localhost", port: "443"
+func parseTarget(target string) (host, port string, err error) {
+	if target == "" {
+		return "", "", errMissingAddr
+	}
+
+	if ip := net.ParseIP(target); ip != nil {
+		// target is an IPv4 or IPv6(without brackets) address
+		return target, defaultPort, nil
+	}
+	if host, port, err := net.SplitHostPort(target); err == nil {
+		// target has port, i.e ipv4-host:port, [ipv6-host]:port, host-name:port
+		if host == "" {
+			// Keep consistent with net.Dial(): If the host is empty, as in ":80", the local system is assumed.
+			host = "localhost"
+		}
+		if port == "" {
+			// If the port field is empty(target ends with colon), e.g. "[::1]:", defaultPort is used.
+			port = defaultPort
+		}
+		return host, port, nil
+	}
+	if host, port, err := net.SplitHostPort(target + ":" + defaultPort); err == nil {
+		// target doesn't have port
+		return host, port, nil
+	}
+	return "", "", fmt.Errorf("invalid target address %v", target)
+}
+
+// Resolve creates a watcher that watches the name resolution of the target.
+func (r *dnsResolver) Resolve(target string) (Watcher, error) {
+	host, port, err := parseTarget(target)
+	if err != nil {
+		return nil, err
+	}
+
+	if net.ParseIP(host) != nil {
+		ipWatcher := &ipWatcher{
+			updateChan: make(chan *Update, 1),
+		}
+		host, _ = formatIP(host)
+		ipWatcher.updateChan <- &Update{Op: Add, Addr: host + ":" + port}
+		return ipWatcher, nil
+	}
+
+	ctx, cancel := context.WithCancel(context.Background())
+	return &dnsWatcher{
+		r:      r,
+		host:   host,
+		port:   port,
+		ctx:    ctx,
+		cancel: cancel,
+		t:      time.NewTimer(0),
+	}, nil
+}
+
+// dnsWatcher watches for the name resolution update for a specific target
+type dnsWatcher struct {
+	r    *dnsResolver
+	host string
+	port string
+	// The latest resolved address set
+	curAddrs map[string]*Update
+	ctx      context.Context
+	cancel   context.CancelFunc
+	t        *time.Timer
+}
+
+// ipWatcher watches for the name resolution update for an IP address.
+type ipWatcher struct {
+	updateChan chan *Update
+}
+
+// Next returns the adrress resolution Update for the target. For IP address,
+// the resolution is itself, thus polling name server is unncessary. Therefore,
+// Next() will return an Update the first time it is called, and will be blocked
+// for all following calls as no Update exisits until watcher is closed.
+func (i *ipWatcher) Next() ([]*Update, error) {
+	u, ok := <-i.updateChan
+	if !ok {
+		return nil, errWatcherClose
+	}
+	return []*Update{u}, nil
+}
+
+// Close closes the ipWatcher.
+func (i *ipWatcher) Close() {
+	close(i.updateChan)
+}
+
+// AddressType indicates the address type returned by name resolution.
+type AddressType uint8
+
+const (
+	// Backend indicates the server is a backend server.
+	Backend AddressType = iota
+	// GRPCLB indicates the server is a grpclb load balancer.
+	GRPCLB
+)
+
+// AddrMetadataGRPCLB contains the information the name resolver for grpclb should provide. The
+// name resolver used by the grpclb balancer is required to provide this type of metadata in
+// its address updates.
+type AddrMetadataGRPCLB struct {
+	// AddrType is the type of server (grpc load balancer or backend).
+	AddrType AddressType
+	// ServerName is the name of the grpc load balancer. Used for authentication.
+	ServerName string
+}
+
+// compileUpdate compares the old resolved addresses and newly resolved addresses,
+// and generates an update list
+func (w *dnsWatcher) compileUpdate(newAddrs map[string]*Update) []*Update {
+	var res []*Update
+	for a, u := range w.curAddrs {
+		if _, ok := newAddrs[a]; !ok {
+			u.Op = Delete
+			res = append(res, u)
+		}
+	}
+	for a, u := range newAddrs {
+		if _, ok := w.curAddrs[a]; !ok {
+			res = append(res, u)
+		}
+	}
+	return res
+}
+
+func (w *dnsWatcher) lookupSRV() map[string]*Update {
+	newAddrs := make(map[string]*Update)
+	_, srvs, err := lookupSRV(w.ctx, "grpclb", "tcp", w.host)
+	if err != nil {
+		grpclog.Infof("grpc: failed dns SRV record lookup due to %v.\n", err)
+		return nil
+	}
+	for _, s := range srvs {
+		lbAddrs, err := lookupHost(w.ctx, s.Target)
+		if err != nil {
+			grpclog.Warningf("grpc: failed load banlacer address dns lookup due to %v.\n", err)
+			continue
+		}
+		for _, a := range lbAddrs {
+			a, ok := formatIP(a)
+			if !ok {
+				grpclog.Errorf("grpc: failed IP parsing due to %v.\n", err)
+				continue
+			}
+			addr := a + ":" + strconv.Itoa(int(s.Port))
+			newAddrs[addr] = &Update{Addr: addr,
+				Metadata: AddrMetadataGRPCLB{AddrType: GRPCLB, ServerName: s.Target}}
+		}
+	}
+	return newAddrs
+}
+
+func (w *dnsWatcher) lookupHost() map[string]*Update {
+	newAddrs := make(map[string]*Update)
+	addrs, err := lookupHost(w.ctx, w.host)
+	if err != nil {
+		grpclog.Warningf("grpc: failed dns A record lookup due to %v.\n", err)
+		return nil
+	}
+	for _, a := range addrs {
+		a, ok := formatIP(a)
+		if !ok {
+			grpclog.Errorf("grpc: failed IP parsing due to %v.\n", err)
+			continue
+		}
+		addr := a + ":" + w.port
+		newAddrs[addr] = &Update{Addr: addr}
+	}
+	return newAddrs
+}
+
+func (w *dnsWatcher) lookup() []*Update {
+	newAddrs := w.lookupSRV()
+	if newAddrs == nil {
+		// If failed to get any balancer address (either no corresponding SRV for the
+		// target, or caused by failure during resolution/parsing of the balancer target),
+		// return any A record info available.
+		newAddrs = w.lookupHost()
+	}
+	result := w.compileUpdate(newAddrs)
+	w.curAddrs = newAddrs
+	return result
+}
+
+// Next returns the resolved address update(delta) for the target. If there's no
+// change, it will sleep for 30 mins and try to resolve again after that.
+func (w *dnsWatcher) Next() ([]*Update, error) {
+	for {
+		select {
+		case <-w.ctx.Done():
+			return nil, errWatcherClose
+		case <-w.t.C:
+		}
+		result := w.lookup()
+		// Next lookup should happen after an interval defined by w.r.freq.
+		w.t.Reset(w.r.freq)
+		if len(result) > 0 {
+			return result, nil
+		}
+	}
+}
+
+func (w *dnsWatcher) Close() {
+	w.cancel()
+}
diff --git a/vendor/google.golang.org/grpc/naming/go17.go b/vendor/google.golang.org/grpc/naming/go17.go
new file mode 100644
index 000000000000..8bdf21e79989
--- /dev/null
+++ b/vendor/google.golang.org/grpc/naming/go17.go
@@ -0,0 +1,34 @@
+// +build go1.7, !go1.8
+
+/*
+ *
+ * Copyright 2017 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package naming
+
+import (
+	"net"
+
+	"golang.org/x/net/context"
+)
+
+var (
+	lookupHost = func(ctx context.Context, host string) ([]string, error) { return net.LookupHost(host) }
+	lookupSRV  = func(ctx context.Context, service, proto, name string) (string, []*net.SRV, error) {
+		return net.LookupSRV(service, proto, name)
+	}
+)
diff --git a/vendor/google.golang.org/grpc/naming/go18.go b/vendor/google.golang.org/grpc/naming/go18.go
new file mode 100644
index 000000000000..b5a0f842748f
--- /dev/null
+++ b/vendor/google.golang.org/grpc/naming/go18.go
@@ -0,0 +1,28 @@
+// +build go1.8
+
+/*
+ *
+ * Copyright 2017 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package naming
+
+import "net"
+
+var (
+	lookupHost = net.DefaultResolver.LookupHost
+	lookupSRV  = net.DefaultResolver.LookupSRV
+)
diff --git a/vendor/google.golang.org/grpc/naming/naming.go b/vendor/google.golang.org/grpc/naming/naming.go
index c2e0871e6f8b..1af7e32f86d0 100644
--- a/vendor/google.golang.org/grpc/naming/naming.go
+++ b/vendor/google.golang.org/grpc/naming/naming.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2014, Google Inc.
- * All rights reserved.
+ * Copyright 2014 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
diff --git a/vendor/google.golang.org/grpc/peer/peer.go b/vendor/google.golang.org/grpc/peer/peer.go
index bfa6205ba9ea..317b8b9d09a5 100644
--- a/vendor/google.golang.org/grpc/peer/peer.go
+++ b/vendor/google.golang.org/grpc/peer/peer.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2014, Google Inc.
- * All rights reserved.
+ * Copyright 2014 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -42,7 +27,8 @@ import (
 	"google.golang.org/grpc/credentials"
 )
 
-// Peer contains the information of the peer for an RPC.
+// Peer contains the information of the peer for an RPC, such as the address
+// and authentication information.
 type Peer struct {
 	// Addr is the peer address.
 	Addr net.Addr
diff --git a/vendor/google.golang.org/grpc/picker_wrapper.go b/vendor/google.golang.org/grpc/picker_wrapper.go
new file mode 100644
index 000000000000..9085dbc9c98b
--- /dev/null
+++ b/vendor/google.golang.org/grpc/picker_wrapper.go
@@ -0,0 +1,141 @@
+/*
+ *
+ * Copyright 2017 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package grpc
+
+import (
+	"sync"
+
+	"golang.org/x/net/context"
+	"google.golang.org/grpc/balancer"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/grpclog"
+	"google.golang.org/grpc/status"
+	"google.golang.org/grpc/transport"
+)
+
+// pickerWrapper is a wrapper of balancer.Picker. It blocks on certain pick
+// actions and unblock when there's a picker update.
+type pickerWrapper struct {
+	mu         sync.Mutex
+	done       bool
+	blockingCh chan struct{}
+	picker     balancer.Picker
+}
+
+func newPickerWrapper() *pickerWrapper {
+	bp := &pickerWrapper{blockingCh: make(chan struct{})}
+	return bp
+}
+
+// updatePicker is called by UpdateBalancerState. It unblocks all blocked pick.
+func (bp *pickerWrapper) updatePicker(p balancer.Picker) {
+	bp.mu.Lock()
+	if bp.done {
+		bp.mu.Unlock()
+		return
+	}
+	bp.picker = p
+	// bp.blockingCh should never be nil.
+	close(bp.blockingCh)
+	bp.blockingCh = make(chan struct{})
+	bp.mu.Unlock()
+}
+
+// pick returns the transport that will be used for the RPC.
+// It may block in the following cases:
+// - there's no picker
+// - the current picker returns ErrNoSubConnAvailable
+// - the current picker returns other errors and failfast is false.
+// - the subConn returned by the current picker is not READY
+// When one of these situations happens, pick blocks until the picker gets updated.
+func (bp *pickerWrapper) pick(ctx context.Context, failfast bool, opts balancer.PickOptions) (transport.ClientTransport, func(balancer.DoneInfo), error) {
+	var (
+		p  balancer.Picker
+		ch chan struct{}
+	)
+
+	for {
+		bp.mu.Lock()
+		if bp.done {
+			bp.mu.Unlock()
+			return nil, nil, ErrClientConnClosing
+		}
+
+		if bp.picker == nil {
+			ch = bp.blockingCh
+		}
+		if ch == bp.blockingCh {
+			// This could happen when either:
+			// - bp.picker is nil (the previous if condition), or
+			// - has called pick on the current picker.
+			bp.mu.Unlock()
+			select {
+			case <-ctx.Done():
+				return nil, nil, ctx.Err()
+			case <-ch:
+			}
+			continue
+		}
+
+		ch = bp.blockingCh
+		p = bp.picker
+		bp.mu.Unlock()
+
+		subConn, put, err := p.Pick(ctx, opts)
+
+		if err != nil {
+			switch err {
+			case balancer.ErrNoSubConnAvailable:
+				continue
+			case balancer.ErrTransientFailure:
+				if !failfast {
+					continue
+				}
+				return nil, nil, status.Errorf(codes.Unavailable, "%v", err)
+			default:
+				// err is some other error.
+				return nil, nil, toRPCErr(err)
+			}
+		}
+
+		acw, ok := subConn.(*acBalancerWrapper)
+		if !ok {
+			grpclog.Infof("subconn returned from pick is not *acBalancerWrapper")
+			continue
+		}
+		if t, ok := acw.getAddrConn().getReadyTransport(); ok {
+			return t, put, nil
+		}
+		grpclog.Infof("blockingPicker: the picked transport is not ready, loop back to repick")
+		// If ok == false, ac.state is not READY.
+		// A valid picker always returns READY subConn. This means the state of ac
+		// just changed, and picker will be updated shortly.
+		// continue back to the beginning of the for loop to repick.
+	}
+}
+
+func (bp *pickerWrapper) close() {
+	bp.mu.Lock()
+	defer bp.mu.Unlock()
+	if bp.done {
+		return
+	}
+	bp.done = true
+	close(bp.blockingCh)
+}
diff --git a/vendor/google.golang.org/grpc/pickfirst.go b/vendor/google.golang.org/grpc/pickfirst.go
new file mode 100644
index 000000000000..7f993ef5a381
--- /dev/null
+++ b/vendor/google.golang.org/grpc/pickfirst.go
@@ -0,0 +1,95 @@
+/*
+ *
+ * Copyright 2017 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package grpc
+
+import (
+	"golang.org/x/net/context"
+	"google.golang.org/grpc/balancer"
+	"google.golang.org/grpc/connectivity"
+	"google.golang.org/grpc/grpclog"
+	"google.golang.org/grpc/resolver"
+)
+
+func newPickfirstBuilder() balancer.Builder {
+	return &pickfirstBuilder{}
+}
+
+type pickfirstBuilder struct{}
+
+func (*pickfirstBuilder) Build(cc balancer.ClientConn, opt balancer.BuildOptions) balancer.Balancer {
+	return &pickfirstBalancer{cc: cc}
+}
+
+func (*pickfirstBuilder) Name() string {
+	return "pickfirst"
+}
+
+type pickfirstBalancer struct {
+	cc balancer.ClientConn
+	sc balancer.SubConn
+}
+
+func (b *pickfirstBalancer) HandleResolvedAddrs(addrs []resolver.Address, err error) {
+	if err != nil {
+		grpclog.Infof("pickfirstBalancer: HandleResolvedAddrs called with error %v", err)
+		return
+	}
+	if b.sc == nil {
+		b.sc, err = b.cc.NewSubConn(addrs, balancer.NewSubConnOptions{})
+		if err != nil {
+			grpclog.Errorf("pickfirstBalancer: failed to NewSubConn: %v", err)
+			return
+		}
+		b.cc.UpdateBalancerState(connectivity.Idle, &picker{sc: b.sc})
+	} else {
+		b.sc.UpdateAddresses(addrs)
+	}
+}
+
+func (b *pickfirstBalancer) HandleSubConnStateChange(sc balancer.SubConn, s connectivity.State) {
+	grpclog.Infof("pickfirstBalancer: HandleSubConnStateChange: %p, %v", sc, s)
+	if b.sc != sc || s == connectivity.Shutdown {
+		b.sc = nil
+		return
+	}
+
+	switch s {
+	case connectivity.Ready, connectivity.Idle:
+		b.cc.UpdateBalancerState(s, &picker{sc: sc})
+	case connectivity.Connecting:
+		b.cc.UpdateBalancerState(s, &picker{err: balancer.ErrNoSubConnAvailable})
+	case connectivity.TransientFailure:
+		b.cc.UpdateBalancerState(s, &picker{err: balancer.ErrTransientFailure})
+	}
+}
+
+func (b *pickfirstBalancer) Close() {
+}
+
+type picker struct {
+	err error
+	sc  balancer.SubConn
+}
+
+func (p *picker) Pick(ctx context.Context, opts balancer.PickOptions) (balancer.SubConn, func(balancer.DoneInfo), error) {
+	if p.err != nil {
+		return nil, nil, p.err
+	}
+	return p.sc, nil, nil
+}
diff --git a/vendor/google.golang.org/grpc/proxy.go b/vendor/google.golang.org/grpc/proxy.go
index 10188dc34336..3e17efec61bd 100644
--- a/vendor/google.golang.org/grpc/proxy.go
+++ b/vendor/google.golang.org/grpc/proxy.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2017, Google Inc.
- * All rights reserved.
+ * Copyright 2017 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -97,7 +82,8 @@ func doHTTPConnectHandshake(ctx context.Context, conn net.Conn, addr string) (_
 		Header: map[string][]string{"User-Agent": {grpcUA}},
 	})
 
-	if err := sendHTTPRequest(ctx, req, conn); err != nil {
+	req = req.WithContext(ctx)
+	if err := req.Write(conn); err != nil {
 		return nil, fmt.Errorf("failed to write the HTTP request: %v", err)
 	}
 
diff --git a/vendor/google.golang.org/grpc/resolver/resolver.go b/vendor/google.golang.org/grpc/resolver/resolver.go
new file mode 100644
index 000000000000..49307e8fe9e9
--- /dev/null
+++ b/vendor/google.golang.org/grpc/resolver/resolver.go
@@ -0,0 +1,143 @@
+/*
+ *
+ * Copyright 2017 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package resolver defines APIs for name resolution in gRPC.
+// All APIs in this package are experimental.
+package resolver
+
+var (
+	// m is a map from scheme to resolver builder.
+	m = make(map[string]Builder)
+	// defaultScheme is the default scheme to use.
+	defaultScheme string
+)
+
+// TODO(bar) install dns resolver in init(){}.
+
+// Register registers the resolver builder to the resolver map.
+// b.Scheme will be used as the scheme registered with this builder.
+func Register(b Builder) {
+	m[b.Scheme()] = b
+}
+
+// Get returns the resolver builder registered with the given scheme.
+// If no builder is register with the scheme, the default scheme will
+// be used.
+// If the default scheme is not modified, "dns" will be the default
+// scheme, and the preinstalled dns resolver will be used.
+// If the default scheme is modified, and a resolver is registered with
+// the scheme, that resolver will be returned.
+// If the default scheme is modified, and no resolver is registered with
+// the scheme, nil will be returned.
+func Get(scheme string) Builder {
+	if b, ok := m[scheme]; ok {
+		return b
+	}
+	if b, ok := m[defaultScheme]; ok {
+		return b
+	}
+	return nil
+}
+
+// SetDefaultScheme sets the default scheme that will be used.
+// The default default scheme is "dns".
+func SetDefaultScheme(scheme string) {
+	defaultScheme = scheme
+}
+
+// AddressType indicates the address type returned by name resolution.
+type AddressType uint8
+
+const (
+	// Backend indicates the address is for a backend server.
+	Backend AddressType = iota
+	// GRPCLB indicates the address is for a grpclb load balancer.
+	GRPCLB
+)
+
+// Address represents a server the client connects to.
+// This is the EXPERIMENTAL API and may be changed or extended in the future.
+type Address struct {
+	// Addr is the server address on which a connection will be established.
+	Addr string
+	// Type is the type of this address.
+	Type AddressType
+	// ServerName is the name of this address.
+	// It's the name of the grpc load balancer, which will be used for authentication.
+	ServerName string
+	// Metadata is the information associated with Addr, which may be used
+	// to make load balancing decision.
+	Metadata interface{}
+}
+
+// BuildOption includes additional information for the builder to create
+// the resolver.
+type BuildOption struct {
+}
+
+// ClientConn contains the callbacks for resolver to notify any updates
+// to the gRPC ClientConn.
+type ClientConn interface {
+	// NewAddress is called by resolver to notify ClientConn a new list
+	// of resolved addresses.
+	// The address list should be the complete list of resolved addresses.
+	NewAddress(addresses []Address)
+	// NewServiceConfig is called by resolver to notify ClientConn a new
+	// service config. The service config should be provided as a json string.
+	NewServiceConfig(serviceConfig string)
+}
+
+// Target represents a target for gRPC, as specified in:
+// https://github.com/grpc/grpc/blob/master/doc/naming.md.
+type Target struct {
+	Scheme    string
+	Authority string
+	Endpoint  string
+}
+
+// Builder creates a resolver that will be used to watch name resolution updates.
+type Builder interface {
+	// Build creates a new resolver for the given target.
+	//
+	// gRPC dial calls Build synchronously, and fails if the returned error is
+	// not nil.
+	Build(target Target, cc ClientConn, opts BuildOption) (Resolver, error)
+	// Scheme returns the scheme supported by this resolver.
+	// Scheme is defined at https://github.com/grpc/grpc/blob/master/doc/naming.md.
+	Scheme() string
+}
+
+// ResolveNowOption includes additional information for ResolveNow.
+type ResolveNowOption struct{}
+
+// Resolver watches for the updates on the specified target.
+// Updates include address updates and service config updates.
+type Resolver interface {
+	// ResolveNow will be called by gRPC to try to resolve the target name again.
+	// It's just a hint, resolver can ignore this if it's not necessary.
+	ResolveNow(ResolveNowOption)
+	// Close closes the resolver.
+	Close()
+}
+
+// UnregisterForTesting removes the resolver builder with the given scheme from the
+// resolver map.
+// This function is for testing only.
+func UnregisterForTesting(scheme string) {
+	delete(m, scheme)
+}
diff --git a/vendor/google.golang.org/grpc/resolver_conn_wrapper.go b/vendor/google.golang.org/grpc/resolver_conn_wrapper.go
new file mode 100644
index 000000000000..7d53964d094d
--- /dev/null
+++ b/vendor/google.golang.org/grpc/resolver_conn_wrapper.go
@@ -0,0 +1,139 @@
+/*
+ *
+ * Copyright 2017 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package grpc
+
+import (
+	"strings"
+
+	"google.golang.org/grpc/grpclog"
+	"google.golang.org/grpc/resolver"
+)
+
+// ccResolverWrapper is a wrapper on top of cc for resolvers.
+// It implements resolver.ClientConnection interface.
+type ccResolverWrapper struct {
+	cc       *ClientConn
+	resolver resolver.Resolver
+	addrCh   chan []resolver.Address
+	scCh     chan string
+	done     chan struct{}
+}
+
+// split2 returns the values from strings.SplitN(s, sep, 2).
+// If sep is not found, it returns "", s instead.
+func split2(s, sep string) (string, string) {
+	spl := strings.SplitN(s, sep, 2)
+	if len(spl) < 2 {
+		return "", s
+	}
+	return spl[0], spl[1]
+}
+
+// parseTarget splits target into a struct containing scheme, authority and
+// endpoint.
+func parseTarget(target string) (ret resolver.Target) {
+	ret.Scheme, ret.Endpoint = split2(target, "://")
+	ret.Authority, ret.Endpoint = split2(ret.Endpoint, "/")
+	return ret
+}
+
+// newCCResolverWrapper parses cc.target for scheme and gets the resolver
+// builder for this scheme. It then builds the resolver and starts the
+// monitoring goroutine for it.
+//
+// This function could return nil, nil, in tests for old behaviors.
+// TODO(bar) never return nil, nil when DNS becomes the default resolver.
+func newCCResolverWrapper(cc *ClientConn) (*ccResolverWrapper, error) {
+	target := parseTarget(cc.target)
+	grpclog.Infof("dialing to target with scheme: %q", target.Scheme)
+
+	rb := resolver.Get(target.Scheme)
+	if rb == nil {
+		// TODO(bar) return error when DNS becomes the default (implemented and
+		// registered by DNS package).
+		grpclog.Infof("could not get resolver for scheme: %q", target.Scheme)
+		return nil, nil
+	}
+
+	ccr := &ccResolverWrapper{
+		cc:     cc,
+		addrCh: make(chan []resolver.Address, 1),
+		scCh:   make(chan string, 1),
+		done:   make(chan struct{}),
+	}
+
+	var err error
+	ccr.resolver, err = rb.Build(target, ccr, resolver.BuildOption{})
+	if err != nil {
+		return nil, err
+	}
+	go ccr.watcher()
+	return ccr, nil
+}
+
+// watcher processes address updates and service config updates sequencially.
+// Otherwise, we need to resolve possible races between address and service
+// config (e.g. they specify different balancer types).
+func (ccr *ccResolverWrapper) watcher() {
+	for {
+		select {
+		case <-ccr.done:
+			return
+		default:
+		}
+
+		select {
+		case addrs := <-ccr.addrCh:
+			grpclog.Infof("ccResolverWrapper: sending new addresses to balancer wrapper: %v", addrs)
+			// TODO(bar switching) this should never be nil. Pickfirst should be default.
+			if ccr.cc.balancerWrapper != nil {
+				// TODO(bar switching) create balancer if it's nil?
+				ccr.cc.balancerWrapper.handleResolvedAddrs(addrs, nil)
+			}
+		case sc := <-ccr.scCh:
+			grpclog.Infof("ccResolverWrapper: got new service config: %v", sc)
+		case <-ccr.done:
+			return
+		}
+	}
+}
+
+func (ccr *ccResolverWrapper) close() {
+	ccr.resolver.Close()
+	close(ccr.done)
+}
+
+// NewAddress is called by the resolver implemenetion to send addresses to gRPC.
+func (ccr *ccResolverWrapper) NewAddress(addrs []resolver.Address) {
+	select {
+	case <-ccr.addrCh:
+	default:
+	}
+	ccr.addrCh <- addrs
+}
+
+// NewServiceConfig is called by the resolver implemenetion to send service
+// configs to gPRC.
+func (ccr *ccResolverWrapper) NewServiceConfig(sc string) {
+	select {
+	case <-ccr.scCh:
+	default:
+	}
+	ccr.scCh <- sc
+}
diff --git a/vendor/google.golang.org/grpc/rpc_util.go b/vendor/google.golang.org/grpc/rpc_util.go
index 34e1ad03b978..188a75fff946 100644
--- a/vendor/google.golang.org/grpc/rpc_util.go
+++ b/vendor/google.golang.org/grpc/rpc_util.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2014, Google Inc.
- * All rights reserved.
+ * Copyright 2014 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -36,15 +21,18 @@ package grpc
 import (
 	"bytes"
 	"compress/gzip"
+	stdctx "context"
 	"encoding/binary"
 	"io"
 	"io/ioutil"
 	"math"
 	"os"
+	"sync"
 	"time"
 
 	"golang.org/x/net/context"
 	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/credentials"
 	"google.golang.org/grpc/metadata"
 	"google.golang.org/grpc/peer"
 	"google.golang.org/grpc/stats"
@@ -60,16 +48,25 @@ type Compressor interface {
 	Type() string
 }
 
-// NewGZIPCompressor creates a Compressor based on GZIP.
-func NewGZIPCompressor() Compressor {
-	return &gzipCompressor{}
+type gzipCompressor struct {
+	pool sync.Pool
 }
 
-type gzipCompressor struct {
+// NewGZIPCompressor creates a Compressor based on GZIP.
+func NewGZIPCompressor() Compressor {
+	return &gzipCompressor{
+		pool: sync.Pool{
+			New: func() interface{} {
+				return gzip.NewWriter(ioutil.Discard)
+			},
+		},
+	}
 }
 
 func (c *gzipCompressor) Do(w io.Writer, p []byte) error {
-	z := gzip.NewWriter(w)
+	z := c.pool.Get().(*gzip.Writer)
+	defer c.pool.Put(z)
+	z.Reset(w)
 	if _, err := z.Write(p); err != nil {
 		return err
 	}
@@ -89,6 +86,7 @@ type Decompressor interface {
 }
 
 type gzipDecompressor struct {
+	pool sync.Pool
 }
 
 // NewGZIPDecompressor creates a Decompressor based on GZIP.
@@ -97,11 +95,26 @@ func NewGZIPDecompressor() Decompressor {
 }
 
 func (d *gzipDecompressor) Do(r io.Reader) ([]byte, error) {
-	z, err := gzip.NewReader(r)
-	if err != nil {
-		return nil, err
+	var z *gzip.Reader
+	switch maybeZ := d.pool.Get().(type) {
+	case nil:
+		newZ, err := gzip.NewReader(r)
+		if err != nil {
+			return nil, err
+		}
+		z = newZ
+	case *gzip.Reader:
+		z = maybeZ
+		if err := z.Reset(r); err != nil {
+			d.pool.Put(z)
+			return nil, err
+		}
 	}
-	defer z.Close()
+
+	defer func() {
+		z.Close()
+		d.pool.Put(z)
+	}()
 	return ioutil.ReadAll(z)
 }
 
@@ -111,14 +124,19 @@ func (d *gzipDecompressor) Type() string {
 
 // callInfo contains all related configuration and information about an RPC.
 type callInfo struct {
-	failFast  bool
-	headerMD  metadata.MD
-	trailerMD metadata.MD
-	peer      *peer.Peer
-	traceInfo traceInfo // in trace.go
+	failFast              bool
+	headerMD              metadata.MD
+	trailerMD             metadata.MD
+	peer                  *peer.Peer
+	traceInfo             traceInfo // in trace.go
+	maxReceiveMessageSize *int
+	maxSendMessageSize    *int
+	creds                 credentials.PerRPCCredentials
 }
 
-var defaultCallInfo = callInfo{failFast: true}
+func defaultCallInfo() *callInfo {
+	return &callInfo{failFast: true}
+}
 
 // CallOption configures a Call before it starts or extracts information from
 // a Call after it completes.
@@ -132,6 +150,14 @@ type CallOption interface {
 	after(*callInfo)
 }
 
+// EmptyCallOption does not alter the Call configuration.
+// It can be embedded in another structure to carry satellite data for use
+// by interceptors.
+type EmptyCallOption struct{}
+
+func (EmptyCallOption) before(*callInfo) error { return nil }
+func (EmptyCallOption) after(*callInfo)        {}
+
 type beforeCall func(c *callInfo) error
 
 func (o beforeCall) before(c *callInfo) error { return o(c) }
@@ -173,7 +199,8 @@ func Peer(peer *peer.Peer) CallOption {
 // immediately. Otherwise, the RPC client will block the call until a
 // connection is available (or the call is canceled or times out) and will retry
 // the call if it fails due to a transient error. Please refer to
-// https://github.com/grpc/grpc/blob/master/doc/fail_fast.md. Note: failFast is default to true.
+// https://github.com/grpc/grpc/blob/master/doc/wait-for-ready.md.
+// Note: failFast is default to true.
 func FailFast(failFast bool) CallOption {
 	return beforeCall(func(c *callInfo) error {
 		c.failFast = failFast
@@ -181,6 +208,31 @@ func FailFast(failFast bool) CallOption {
 	})
 }
 
+// MaxCallRecvMsgSize returns a CallOption which sets the maximum message size the client can receive.
+func MaxCallRecvMsgSize(s int) CallOption {
+	return beforeCall(func(o *callInfo) error {
+		o.maxReceiveMessageSize = &s
+		return nil
+	})
+}
+
+// MaxCallSendMsgSize returns a CallOption which sets the maximum message size the client can send.
+func MaxCallSendMsgSize(s int) CallOption {
+	return beforeCall(func(o *callInfo) error {
+		o.maxSendMessageSize = &s
+		return nil
+	})
+}
+
+// PerRPCCredentials returns a CallOption that sets credentials.PerRPCCredentials
+// for a call.
+func PerRPCCredentials(creds credentials.PerRPCCredentials) CallOption {
+	return beforeCall(func(c *callInfo) error {
+		c.creds = creds
+		return nil
+	})
+}
+
 // The format of the payload: compressed or not?
 type payloadFormat uint8
 
@@ -197,7 +249,7 @@ type parser struct {
 	r io.Reader
 
 	// The header of a gRPC message. Find more detail
-	// at http://www.grpc.io/docs/guides/wire.html.
+	// at https://grpc.io/docs/guides/wire.html.
 	header [5]byte
 }
 
@@ -214,8 +266,8 @@ type parser struct {
 // No other error values or types must be returned, which also means
 // that the underlying io.Reader must not return an incompatible
 // error.
-func (p *parser) recvMsg(maxMsgSize int) (pf payloadFormat, msg []byte, err error) {
-	if _, err := io.ReadFull(p.r, p.header[:]); err != nil {
+func (p *parser) recvMsg(maxReceiveMessageSize int) (pf payloadFormat, msg []byte, err error) {
+	if _, err := p.r.Read(p.header[:]); err != nil {
 		return 0, nil, err
 	}
 
@@ -225,13 +277,13 @@ func (p *parser) recvMsg(maxMsgSize int) (pf payloadFormat, msg []byte, err erro
 	if length == 0 {
 		return pf, nil, nil
 	}
-	if length > uint32(maxMsgSize) {
-		return 0, nil, Errorf(codes.Internal, "grpc: received message length %d exceeding the max size %d", length, maxMsgSize)
+	if length > uint32(maxReceiveMessageSize) {
+		return 0, nil, Errorf(codes.ResourceExhausted, "grpc: received message larger than max (%d vs. %d)", length, maxReceiveMessageSize)
 	}
 	// TODO(bradfitz,zhaoq): garbage. reuse buffer after proto decoding instead
 	// of making it for each message:
 	msg = make([]byte, int(length))
-	if _, err := io.ReadFull(p.r, msg); err != nil {
+	if _, err := p.r.Read(msg); err != nil {
 		if err == io.EOF {
 			err = io.ErrUnexpectedEOF
 		}
@@ -240,19 +292,20 @@ func (p *parser) recvMsg(maxMsgSize int) (pf payloadFormat, msg []byte, err erro
 	return pf, msg, nil
 }
 
-// encode serializes msg and prepends the message header. If msg is nil, it
-// generates the message header of 0 message length.
-func encode(c Codec, msg interface{}, cp Compressor, cbuf *bytes.Buffer, outPayload *stats.OutPayload) ([]byte, error) {
-	var (
-		b      []byte
-		length uint
+// encode serializes msg and returns a buffer of message header and a buffer of msg.
+// If msg is nil, it generates the message header and an empty msg buffer.
+func encode(c Codec, msg interface{}, cp Compressor, cbuf *bytes.Buffer, outPayload *stats.OutPayload) ([]byte, []byte, error) {
+	var b []byte
+	const (
+		payloadLen = 1
+		sizeLen    = 4
 	)
+
 	if msg != nil {
 		var err error
-		// TODO(zhaoq): optimize to reduce memory alloc and copying.
 		b, err = c.Marshal(msg)
 		if err != nil {
-			return nil, err
+			return nil, nil, Errorf(codes.Internal, "grpc: error while marshaling: %v", err.Error())
 		}
 		if outPayload != nil {
 			outPayload.Payload = msg
@@ -262,39 +315,28 @@ func encode(c Codec, msg interface{}, cp Compressor, cbuf *bytes.Buffer, outPayl
 		}
 		if cp != nil {
 			if err := cp.Do(cbuf, b); err != nil {
-				return nil, err
+				return nil, nil, Errorf(codes.Internal, "grpc: error while compressing: %v", err.Error())
 			}
 			b = cbuf.Bytes()
 		}
-		length = uint(len(b))
-	}
-	if length > math.MaxUint32 {
-		return nil, Errorf(codes.InvalidArgument, "grpc: message too large (%d bytes)", length)
 	}
 
-	const (
-		payloadLen = 1
-		sizeLen    = 4
-	)
-
-	var buf = make([]byte, payloadLen+sizeLen+len(b))
+	if uint(len(b)) > math.MaxUint32 {
+		return nil, nil, Errorf(codes.ResourceExhausted, "grpc: message too large (%d bytes)", len(b))
+	}
 
-	// Write payload format
+	bufHeader := make([]byte, payloadLen+sizeLen)
 	if cp == nil {
-		buf[0] = byte(compressionNone)
+		bufHeader[0] = byte(compressionNone)
 	} else {
-		buf[0] = byte(compressionMade)
+		bufHeader[0] = byte(compressionMade)
 	}
 	// Write length of b into buf
-	binary.BigEndian.PutUint32(buf[1:], uint32(length))
-	// Copy encoded msg to buf
-	copy(buf[5:], b)
-
+	binary.BigEndian.PutUint32(bufHeader[payloadLen:], uint32(len(b)))
 	if outPayload != nil {
-		outPayload.WireLength = len(buf)
+		outPayload.WireLength = payloadLen + sizeLen + len(b)
 	}
-
-	return buf, nil
+	return bufHeader, b, nil
 }
 
 func checkRecvPayload(pf payloadFormat, recvCompress string, dc Decompressor) error {
@@ -310,8 +352,8 @@ func checkRecvPayload(pf payloadFormat, recvCompress string, dc Decompressor) er
 	return nil
 }
 
-func recv(p *parser, c Codec, s *transport.Stream, dc Decompressor, m interface{}, maxMsgSize int, inPayload *stats.InPayload) error {
-	pf, d, err := p.recvMsg(maxMsgSize)
+func recv(p *parser, c Codec, s *transport.Stream, dc Decompressor, m interface{}, maxReceiveMessageSize int, inPayload *stats.InPayload) error {
+	pf, d, err := p.recvMsg(maxReceiveMessageSize)
 	if err != nil {
 		return err
 	}
@@ -327,10 +369,10 @@ func recv(p *parser, c Codec, s *transport.Stream, dc Decompressor, m interface{
 			return Errorf(codes.Internal, "grpc: failed to decompress the received message %v", err)
 		}
 	}
-	if len(d) > maxMsgSize {
+	if len(d) > maxReceiveMessageSize {
 		// TODO: Revisit the error code. Currently keep it consistent with java
 		// implementation.
-		return Errorf(codes.Internal, "grpc: received a message of %d bytes exceeding %d limit", len(d), maxMsgSize)
+		return Errorf(codes.ResourceExhausted, "grpc: received message larger than max (%d vs. %d)", len(d), maxReceiveMessageSize)
 	}
 	if err := c.Unmarshal(d, m); err != nil {
 		return Errorf(codes.Internal, "grpc: failed to unmarshal the received message %v", err)
@@ -346,14 +388,15 @@ func recv(p *parser, c Codec, s *transport.Stream, dc Decompressor, m interface{
 }
 
 type rpcInfo struct {
+	failfast      bool
 	bytesSent     bool
 	bytesReceived bool
 }
 
 type rpcInfoContextKey struct{}
 
-func newContextWithRPCInfo(ctx context.Context) context.Context {
-	return context.WithValue(ctx, rpcInfoContextKey{}, &rpcInfo{})
+func newContextWithRPCInfo(ctx context.Context, failfast bool) context.Context {
+	return context.WithValue(ctx, rpcInfoContextKey{}, &rpcInfo{failfast: failfast})
 }
 
 func rpcInfoFromContext(ctx context.Context) (s *rpcInfo, ok bool) {
@@ -363,41 +406,12 @@ func rpcInfoFromContext(ctx context.Context) (s *rpcInfo, ok bool) {
 
 func updateRPCInfoInContext(ctx context.Context, s rpcInfo) {
 	if ss, ok := rpcInfoFromContext(ctx); ok {
-		*ss = s
+		ss.bytesReceived = s.bytesReceived
+		ss.bytesSent = s.bytesSent
 	}
 	return
 }
 
-// Code returns the error code for err if it was produced by the rpc system.
-// Otherwise, it returns codes.Unknown.
-//
-// Deprecated; use status.FromError and Code method instead.
-func Code(err error) codes.Code {
-	if s, ok := status.FromError(err); ok {
-		return s.Code()
-	}
-	return codes.Unknown
-}
-
-// ErrorDesc returns the error description of err if it was produced by the rpc system.
-// Otherwise, it returns err.Error() or empty string when err is nil.
-//
-// Deprecated; use status.FromError and Message method instead.
-func ErrorDesc(err error) string {
-	if s, ok := status.FromError(err); ok {
-		return s.Message()
-	}
-	return err.Error()
-}
-
-// Errorf returns an error containing an error code and a description;
-// Errorf returns nil if c is OK.
-//
-// Deprecated; use status.Errorf instead.
-func Errorf(c codes.Code, format string, a ...interface{}) error {
-	return status.Errorf(c, format, a...)
-}
-
 // toRPCErr converts an error into an error from the status package.
 func toRPCErr(err error) error {
 	if _, ok := status.FromError(err); ok {
@@ -407,12 +421,12 @@ func toRPCErr(err error) error {
 	case transport.StreamError:
 		return status.Error(e.Code, e.Desc)
 	case transport.ConnectionError:
-		return status.Error(codes.Internal, e.Desc)
+		return status.Error(codes.Unavailable, e.Desc)
 	default:
 		switch err {
-		case context.DeadlineExceeded:
+		case context.DeadlineExceeded, stdctx.DeadlineExceeded:
 			return status.Error(codes.DeadlineExceeded, err.Error())
-		case context.Canceled:
+		case context.Canceled, stdctx.Canceled:
 			return status.Error(codes.Canceled, err.Error())
 		case ErrClientConnClosing:
 			return status.Error(codes.FailedPrecondition, err.Error())
@@ -433,9 +447,9 @@ func convertCode(err error) codes.Code {
 		return codes.FailedPrecondition
 	case os.ErrInvalid:
 		return codes.InvalidArgument
-	case context.Canceled:
+	case context.Canceled, stdctx.Canceled:
 		return codes.Canceled
-	case context.DeadlineExceeded:
+	case context.DeadlineExceeded, stdctx.DeadlineExceeded:
 		return codes.DeadlineExceeded
 	}
 	switch {
@@ -449,6 +463,36 @@ func convertCode(err error) codes.Code {
 	return codes.Unknown
 }
 
+// Code returns the error code for err if it was produced by the rpc system.
+// Otherwise, it returns codes.Unknown.
+//
+// Deprecated; use status.FromError and Code method instead.
+func Code(err error) codes.Code {
+	if s, ok := status.FromError(err); ok {
+		return s.Code()
+	}
+	return codes.Unknown
+}
+
+// ErrorDesc returns the error description of err if it was produced by the rpc system.
+// Otherwise, it returns err.Error() or empty string when err is nil.
+//
+// Deprecated; use status.FromError and Message method instead.
+func ErrorDesc(err error) string {
+	if s, ok := status.FromError(err); ok {
+		return s.Message()
+	}
+	return err.Error()
+}
+
+// Errorf returns an error containing an error code and a description;
+// Errorf returns nil if c is OK.
+//
+// Deprecated; use status.Errorf instead.
+func Errorf(c codes.Code, format string, a ...interface{}) error {
+	return status.Errorf(c, format, a...)
+}
+
 // MethodConfig defines the configuration recommended by the service providers for a
 // particular method.
 // This is EXPERIMENTAL and subject to change.
@@ -456,24 +500,22 @@ type MethodConfig struct {
 	// WaitForReady indicates whether RPCs sent to this method should wait until
 	// the connection is ready by default (!failfast). The value specified via the
 	// gRPC client API will override the value set here.
-	WaitForReady bool
+	WaitForReady *bool
 	// Timeout is the default timeout for RPCs sent to this method. The actual
 	// deadline used will be the minimum of the value specified here and the value
 	// set by the application via the gRPC client API.  If either one is not set,
 	// then the other will be used.  If neither is set, then the RPC has no deadline.
-	Timeout time.Duration
+	Timeout *time.Duration
 	// MaxReqSize is the maximum allowed payload size for an individual request in a
 	// stream (client->server) in bytes. The size which is measured is the serialized
 	// payload after per-message compression (but before stream compression) in bytes.
-	// The actual value used is the minumum of the value specified here and the value set
+	// The actual value used is the minimum of the value specified here and the value set
 	// by the application via the gRPC client API. If either one is not set, then the other
 	// will be used.  If neither is set, then the built-in default is used.
-	// TODO: support this.
-	MaxReqSize uint32
+	MaxReqSize *int
 	// MaxRespSize is the maximum allowed payload size for an individual response in a
 	// stream (server->client) in bytes.
-	// TODO: support this.
-	MaxRespSize uint32
+	MaxRespSize *int
 }
 
 // ServiceConfig is provided by the service provider and contains parameters for how
@@ -484,9 +526,38 @@ type ServiceConfig struct {
 	// via grpc.WithBalancer will override this.
 	LB Balancer
 	// Methods contains a map for the methods in this service.
+	// If there is an exact match for a method (i.e. /service/method) in the map, use the corresponding MethodConfig.
+	// If there's no exact match, look for the default config for the service (/service/) and use the corresponding MethodConfig if it exists.
+	// Otherwise, the method has no MethodConfig to use.
 	Methods map[string]MethodConfig
 }
 
+func min(a, b *int) *int {
+	if *a < *b {
+		return a
+	}
+	return b
+}
+
+func getMaxSize(mcMax, doptMax *int, defaultVal int) *int {
+	if mcMax == nil && doptMax == nil {
+		return &defaultVal
+	}
+	if mcMax != nil && doptMax != nil {
+		return min(mcMax, doptMax)
+	}
+	if mcMax != nil {
+		return mcMax
+	}
+	return doptMax
+}
+
+// SupportPackageIsVersion3 is referenced from generated protocol buffer files.
+// The latest support package version is 4.
+// SupportPackageIsVersion3 is kept for compatibility. It will be removed in the
+// next support package version update.
+const SupportPackageIsVersion3 = true
+
 // SupportPackageIsVersion4 is referenced from generated protocol buffer files
 // to assert that that code is compatible with this version of the grpc package.
 //
@@ -496,6 +567,6 @@ type ServiceConfig struct {
 const SupportPackageIsVersion4 = true
 
 // Version is the current grpc version.
-const Version = "1.3.0"
+const Version = "1.7.5"
 
 const grpcUA = "grpc-go/" + Version
diff --git a/vendor/google.golang.org/grpc/server.go b/vendor/google.golang.org/grpc/server.go
index b15f71c6c182..787665dfeb31 100644
--- a/vendor/google.golang.org/grpc/server.go
+++ b/vendor/google.golang.org/grpc/server.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2014, Google Inc.
- * All rights reserved.
+ * Copyright 2014 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -38,6 +23,7 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"math"
 	"net"
 	"net/http"
 	"reflect"
@@ -61,6 +47,11 @@ import (
 	"google.golang.org/grpc/transport"
 )
 
+const (
+	defaultServerMaxReceiveMessageSize = 1024 * 1024 * 4
+	defaultServerMaxSendMessageSize    = math.MaxInt32
+)
+
 type methodHandler func(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor UnaryServerInterceptor) (interface{}, error)
 
 // MethodDesc represents an RPC service's method specification.
@@ -96,6 +87,7 @@ type Server struct {
 	mu     sync.Mutex // guards following
 	lis    map[net.Listener]bool
 	conns  map[io.Closer]bool
+	serve  bool
 	drain  bool
 	ctx    context.Context
 	cancel context.CancelFunc
@@ -107,27 +99,69 @@ type Server struct {
 }
 
 type options struct {
-	creds                credentials.TransportCredentials
-	codec                Codec
-	cp                   Compressor
-	dc                   Decompressor
-	maxMsgSize           int
-	unaryInt             UnaryServerInterceptor
-	streamInt            StreamServerInterceptor
-	inTapHandle          tap.ServerInHandle
-	statsHandler         stats.Handler
-	maxConcurrentStreams uint32
-	useHandlerImpl       bool // use http.Handler-based server
-	unknownStreamDesc    *StreamDesc
-	keepaliveParams      keepalive.ServerParameters
-	keepalivePolicy      keepalive.EnforcementPolicy
+	creds                 credentials.TransportCredentials
+	codec                 Codec
+	cp                    Compressor
+	dc                    Decompressor
+	unaryInt              UnaryServerInterceptor
+	streamInt             StreamServerInterceptor
+	inTapHandle           tap.ServerInHandle
+	statsHandler          stats.Handler
+	maxConcurrentStreams  uint32
+	maxReceiveMessageSize int
+	maxSendMessageSize    int
+	useHandlerImpl        bool // use http.Handler-based server
+	unknownStreamDesc     *StreamDesc
+	keepaliveParams       keepalive.ServerParameters
+	keepalivePolicy       keepalive.EnforcementPolicy
+	initialWindowSize     int32
+	initialConnWindowSize int32
+	writeBufferSize       int
+	readBufferSize        int
+	connectionTimeout     time.Duration
 }
 
-var defaultMaxMsgSize = 1024 * 1024 * 4 // use 4MB as the default message size limit
+var defaultServerOptions = options{
+	maxReceiveMessageSize: defaultServerMaxReceiveMessageSize,
+	maxSendMessageSize:    defaultServerMaxSendMessageSize,
+	connectionTimeout:     120 * time.Second,
+}
 
-// A ServerOption sets options.
+// A ServerOption sets options such as credentials, codec and keepalive parameters, etc.
 type ServerOption func(*options)
 
+// WriteBufferSize lets you set the size of write buffer, this determines how much data can be batched
+// before doing a write on the wire.
+func WriteBufferSize(s int) ServerOption {
+	return func(o *options) {
+		o.writeBufferSize = s
+	}
+}
+
+// ReadBufferSize lets you set the size of read buffer, this determines how much data can be read at most
+// for one read syscall.
+func ReadBufferSize(s int) ServerOption {
+	return func(o *options) {
+		o.readBufferSize = s
+	}
+}
+
+// InitialWindowSize returns a ServerOption that sets window size for stream.
+// The lower bound for window size is 64K and any value smaller than that will be ignored.
+func InitialWindowSize(s int32) ServerOption {
+	return func(o *options) {
+		o.initialWindowSize = s
+	}
+}
+
+// InitialConnWindowSize returns a ServerOption that sets window size for a connection.
+// The lower bound for window size is 64K and any value smaller than that will be ignored.
+func InitialConnWindowSize(s int32) ServerOption {
+	return func(o *options) {
+		o.initialConnWindowSize = s
+	}
+}
+
 // KeepaliveParams returns a ServerOption that sets keepalive and max-age parameters for the server.
 func KeepaliveParams(kp keepalive.ServerParameters) ServerOption {
 	return func(o *options) {
@@ -163,11 +197,25 @@ func RPCDecompressor(dc Decompressor) ServerOption {
 	}
 }
 
-// MaxMsgSize returns a ServerOption to set the max message size in bytes for inbound mesages.
-// If this is not set, gRPC uses the default 4MB.
+// MaxMsgSize returns a ServerOption to set the max message size in bytes the server can receive.
+// If this is not set, gRPC uses the default limit. Deprecated: use MaxRecvMsgSize instead.
 func MaxMsgSize(m int) ServerOption {
+	return MaxRecvMsgSize(m)
+}
+
+// MaxRecvMsgSize returns a ServerOption to set the max message size in bytes the server can receive.
+// If this is not set, gRPC uses the default 4MB.
+func MaxRecvMsgSize(m int) ServerOption {
 	return func(o *options) {
-		o.maxMsgSize = m
+		o.maxReceiveMessageSize = m
+	}
+}
+
+// MaxSendMsgSize returns a ServerOption to set the max message size in bytes the server can send.
+// If this is not set, gRPC uses the default 4MB.
+func MaxSendMsgSize(m int) ServerOption {
+	return func(o *options) {
+		o.maxSendMessageSize = m
 	}
 }
 
@@ -192,7 +240,7 @@ func Creds(c credentials.TransportCredentials) ServerOption {
 func UnaryInterceptor(i UnaryServerInterceptor) ServerOption {
 	return func(o *options) {
 		if o.unaryInt != nil {
-			panic("The unary server interceptor has been set.")
+			panic("The unary server interceptor was already set and may not be reset.")
 		}
 		o.unaryInt = i
 	}
@@ -203,7 +251,7 @@ func UnaryInterceptor(i UnaryServerInterceptor) ServerOption {
 func StreamInterceptor(i StreamServerInterceptor) ServerOption {
 	return func(o *options) {
 		if o.streamInt != nil {
-			panic("The stream server interceptor has been set.")
+			panic("The stream server interceptor was already set and may not be reset.")
 		}
 		o.streamInt = i
 	}
@@ -214,7 +262,7 @@ func StreamInterceptor(i StreamServerInterceptor) ServerOption {
 func InTapHandle(h tap.ServerInHandle) ServerOption {
 	return func(o *options) {
 		if o.inTapHandle != nil {
-			panic("The tap handle has been set.")
+			panic("The tap handle was already set and may not be reset.")
 		}
 		o.inTapHandle = h
 	}
@@ -229,10 +277,10 @@ func StatsHandler(h stats.Handler) ServerOption {
 
 // UnknownServiceHandler returns a ServerOption that allows for adding a custom
 // unknown service handler. The provided method is a bidi-streaming RPC service
-// handler that will be invoked instead of returning the the "unimplemented" gRPC
+// handler that will be invoked instead of returning the "unimplemented" gRPC
 // error whenever a request is received for an unregistered service or method.
 // The handling function has full access to the Context of the request and the
-// stream, and the invocation passes through interceptors.
+// stream, and the invocation bypasses interceptors.
 func UnknownServiceHandler(streamHandler StreamHandler) ServerOption {
 	return func(o *options) {
 		o.unknownStreamDesc = &StreamDesc{
@@ -245,11 +293,20 @@ func UnknownServiceHandler(streamHandler StreamHandler) ServerOption {
 	}
 }
 
+// ConnectionTimeout returns a ServerOption that sets the timeout for
+// connection establishment (up to and including HTTP/2 handshaking) for all
+// new connections.  If this is not set, the default is 120 seconds.  A zero or
+// negative value will result in an immediate timeout.
+func ConnectionTimeout(d time.Duration) ServerOption {
+	return func(o *options) {
+		o.connectionTimeout = d
+	}
+}
+
 // NewServer creates a gRPC server which has no service registered and has not
 // started to accept requests yet.
 func NewServer(opt ...ServerOption) *Server {
-	var opts options
-	opts.maxMsgSize = defaultMaxMsgSize
+	opts := defaultServerOptions
 	for _, o := range opt {
 		o(&opts)
 	}
@@ -288,8 +345,8 @@ func (s *Server) errorf(format string, a ...interface{}) {
 	}
 }
 
-// RegisterService register a service and its implementation to the gRPC
-// server. Called from the IDL generated code. This must be called before
+// RegisterService registers a service and its implementation to the gRPC
+// server. It is called from the IDL generated code. This must be called before
 // invoking Serve.
 func (s *Server) RegisterService(sd *ServiceDesc, ss interface{}) {
 	ht := reflect.TypeOf(sd.HandlerType).Elem()
@@ -304,6 +361,9 @@ func (s *Server) register(sd *ServiceDesc, ss interface{}) {
 	s.mu.Lock()
 	defer s.mu.Unlock()
 	s.printf("RegisterService(%q)", sd.ServiceName)
+	if s.serve {
+		grpclog.Fatalf("grpc: Server.RegisterService after Server.Serve for %q", sd.ServiceName)
+	}
 	if _, ok := s.m[sd.ServiceName]; ok {
 		grpclog.Fatalf("grpc: Server.RegisterService found duplicate service registration for %q", sd.ServiceName)
 	}
@@ -334,7 +394,7 @@ type MethodInfo struct {
 	IsServerStream bool
 }
 
-// ServiceInfo contains unary RPC method info, streaming RPC methid info and metadata for a service.
+// ServiceInfo contains unary RPC method info, streaming RPC method info and metadata for a service.
 type ServiceInfo struct {
 	Methods []MethodInfo
 	// Metadata is the metadata specified in ServiceDesc when registering service.
@@ -392,6 +452,7 @@ func (s *Server) useTransportAuthenticator(rawConn net.Conn) (net.Conn, credenti
 func (s *Server) Serve(lis net.Listener) error {
 	s.mu.Lock()
 	s.printf("serving")
+	s.serve = true
 	if s.lis == nil {
 		s.mu.Unlock()
 		lis.Close()
@@ -427,10 +488,12 @@ func (s *Server) Serve(lis net.Listener) error {
 				s.mu.Lock()
 				s.printf("Accept error: %v; retrying in %v", err, tempDelay)
 				s.mu.Unlock()
+				timer := time.NewTimer(tempDelay)
 				select {
-				case <-time.After(tempDelay):
+				case <-timer.C:
 				case <-s.ctx.Done():
 				}
+				timer.Stop()
 				continue
 			}
 			s.mu.Lock()
@@ -448,16 +511,18 @@ func (s *Server) Serve(lis net.Listener) error {
 // handleRawConn is run in its own goroutine and handles a just-accepted
 // connection that has not had any I/O performed on it yet.
 func (s *Server) handleRawConn(rawConn net.Conn) {
+	rawConn.SetDeadline(time.Now().Add(s.opts.connectionTimeout))
 	conn, authInfo, err := s.useTransportAuthenticator(rawConn)
 	if err != nil {
 		s.mu.Lock()
 		s.errorf("ServerHandshake(%q) failed: %v", rawConn.RemoteAddr(), err)
 		s.mu.Unlock()
-		grpclog.Printf("grpc: Server.Serve failed to complete security handshake from %q: %v", rawConn.RemoteAddr(), err)
-		// If serverHandShake returns ErrConnDispatched, keep rawConn open.
+		grpclog.Warningf("grpc: Server.Serve failed to complete security handshake from %q: %v", rawConn.RemoteAddr(), err)
+		// If serverHandshake returns ErrConnDispatched, keep rawConn open.
 		if err != credentials.ErrConnDispatched {
 			rawConn.Close()
 		}
+		rawConn.SetDeadline(time.Time{})
 		return
 	}
 
@@ -470,25 +535,32 @@ func (s *Server) handleRawConn(rawConn net.Conn) {
 	s.mu.Unlock()
 
 	if s.opts.useHandlerImpl {
+		rawConn.SetDeadline(time.Time{})
 		s.serveUsingHandler(conn)
 	} else {
-		s.serveHTTP2Transport(conn, authInfo)
+		st := s.newHTTP2Transport(conn, authInfo)
+		if st == nil {
+			return
+		}
+		rawConn.SetDeadline(time.Time{})
+		s.serveStreams(st)
 	}
 }
 
-// serveHTTP2Transport sets up a http/2 transport (using the
-// gRPC http2 server transport in transport/http2_server.go) and
-// serves streams on it.
-// This is run in its own goroutine (it does network I/O in
-// transport.NewServerTransport).
-func (s *Server) serveHTTP2Transport(c net.Conn, authInfo credentials.AuthInfo) {
+// newHTTP2Transport sets up a http/2 transport (using the
+// gRPC http2 server transport in transport/http2_server.go).
+func (s *Server) newHTTP2Transport(c net.Conn, authInfo credentials.AuthInfo) transport.ServerTransport {
 	config := &transport.ServerConfig{
-		MaxStreams:      s.opts.maxConcurrentStreams,
-		AuthInfo:        authInfo,
-		InTapHandle:     s.opts.inTapHandle,
-		StatsHandler:    s.opts.statsHandler,
-		KeepaliveParams: s.opts.keepaliveParams,
-		KeepalivePolicy: s.opts.keepalivePolicy,
+		MaxStreams:            s.opts.maxConcurrentStreams,
+		AuthInfo:              authInfo,
+		InTapHandle:           s.opts.inTapHandle,
+		StatsHandler:          s.opts.statsHandler,
+		KeepaliveParams:       s.opts.keepaliveParams,
+		KeepalivePolicy:       s.opts.keepalivePolicy,
+		InitialWindowSize:     s.opts.initialWindowSize,
+		InitialConnWindowSize: s.opts.initialConnWindowSize,
+		WriteBufferSize:       s.opts.writeBufferSize,
+		ReadBufferSize:        s.opts.readBufferSize,
 	}
 	st, err := transport.NewServerTransport("http2", c, config)
 	if err != nil {
@@ -496,14 +568,14 @@ func (s *Server) serveHTTP2Transport(c net.Conn, authInfo credentials.AuthInfo)
 		s.errorf("NewServerTransport(%q) failed: %v", c.RemoteAddr(), err)
 		s.mu.Unlock()
 		c.Close()
-		grpclog.Println("grpc: Server.Serve failed to create ServerTransport: ", err)
-		return
+		grpclog.Warningln("grpc: Server.Serve failed to create ServerTransport: ", err)
+		return nil
 	}
 	if !s.addConn(st) {
 		st.Close()
-		return
+		return nil
 	}
-	s.serveStreams(st)
+	return st
 }
 
 func (s *Server) serveStreams(st transport.ServerTransport) {
@@ -554,6 +626,30 @@ func (s *Server) serveUsingHandler(conn net.Conn) {
 	})
 }
 
+// ServeHTTP implements the Go standard library's http.Handler
+// interface by responding to the gRPC request r, by looking up
+// the requested gRPC method in the gRPC server s.
+//
+// The provided HTTP request must have arrived on an HTTP/2
+// connection. When using the Go standard library's server,
+// practically this means that the Request must also have arrived
+// over TLS.
+//
+// To share one port (such as 443 for https) between gRPC and an
+// existing http.Handler, use a root http.Handler such as:
+//
+//   if r.ProtoMajor == 2 && strings.HasPrefix(
+//   	r.Header.Get("Content-Type"), "application/grpc") {
+//   	grpcServer.ServeHTTP(w, r)
+//   } else {
+//   	yourMux.ServeHTTP(w, r)
+//   }
+//
+// Note that ServeHTTP uses Go's HTTP/2 server implementation which is totally
+// separate from grpc-go's HTTP/2 server. Performance and features may vary
+// between the two paths. ServeHTTP does not support some gRPC features
+// available through grpc-go's HTTP/2 server, and it is currently EXPERIMENTAL
+// and subject to change.
 func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	st, err := transport.NewServerHandlerTransport(w, r)
 	if err != nil {
@@ -618,18 +714,15 @@ func (s *Server) sendResponse(t transport.ServerTransport, stream *transport.Str
 	if s.opts.statsHandler != nil {
 		outPayload = &stats.OutPayload{}
 	}
-	p, err := encode(s.opts.codec, msg, cp, cbuf, outPayload)
+	hdr, data, err := encode(s.opts.codec, msg, cp, cbuf, outPayload)
 	if err != nil {
-		// This typically indicates a fatal issue (e.g., memory
-		// corruption or hardware faults) the application program
-		// cannot handle.
-		//
-		// TODO(zhaoq): There exist other options also such as only closing the
-		// faulty stream locally and remotely (Other streams can keep going). Find
-		// the optimal option.
-		grpclog.Fatalf("grpc: Server failed to encode response %v", err)
-	}
-	err = t.Write(stream, p, opts)
+		grpclog.Errorln("grpc: server failed to encode response: ", err)
+		return err
+	}
+	if len(data) > s.opts.maxSendMessageSize {
+		return status.Errorf(codes.ResourceExhausted, "grpc: trying to send message larger than max (%d vs. %d)", len(data), s.opts.maxSendMessageSize)
+	}
+	err = t.Write(stream, hdr, data, opts)
 	if err == nil && outPayload != nil {
 		outPayload.SentTime = time.Now()
 		s.opts.statsHandler.HandleRPC(stream.Context(), outPayload)
@@ -644,9 +737,7 @@ func (s *Server) processUnaryRPC(t transport.ServerTransport, stream *transport.
 			BeginTime: time.Now(),
 		}
 		sh.HandleRPC(stream.Context(), begin)
-	}
-	defer func() {
-		if sh != nil {
+		defer func() {
 			end := &stats.End{
 				EndTime: time.Now(),
 			}
@@ -654,8 +745,8 @@ func (s *Server) processUnaryRPC(t transport.ServerTransport, stream *transport.
 				end.Error = toRPCErr(err)
 			}
 			sh.HandleRPC(stream.Context(), end)
-		}
-	}()
+		}()
+	}
 	if trInfo != nil {
 		defer trInfo.tr.Finish()
 		trInfo.firstLine.client = false
@@ -672,139 +763,137 @@ func (s *Server) processUnaryRPC(t transport.ServerTransport, stream *transport.
 		stream.SetSendCompress(s.opts.cp.Type())
 	}
 	p := &parser{r: stream}
-	for { // TODO: delete
-		pf, req, err := p.recvMsg(s.opts.maxMsgSize)
-		if err == io.EOF {
-			// The entire stream is done (for unary RPC only).
-			return err
-		}
-		if err == io.ErrUnexpectedEOF {
-			err = Errorf(codes.Internal, io.ErrUnexpectedEOF.Error())
-		}
-		if err != nil {
-			if st, ok := status.FromError(err); ok {
-				if e := t.WriteStatus(stream, st); e != nil {
-					grpclog.Printf("grpc: Server.processUnaryRPC failed to write status %v", e)
-				}
-			} else {
-				switch st := err.(type) {
-				case transport.ConnectionError:
-					// Nothing to do here.
-				case transport.StreamError:
-					if e := t.WriteStatus(stream, status.New(st.Code, st.Desc)); e != nil {
-						grpclog.Printf("grpc: Server.processUnaryRPC failed to write status %v", e)
-					}
-				default:
-					panic(fmt.Sprintf("grpc: Unexpected error (%T) from recvMsg: %v", st, st))
+	pf, req, err := p.recvMsg(s.opts.maxReceiveMessageSize)
+	if err == io.EOF {
+		// The entire stream is done (for unary RPC only).
+		return err
+	}
+	if err == io.ErrUnexpectedEOF {
+		err = Errorf(codes.Internal, io.ErrUnexpectedEOF.Error())
+	}
+	if err != nil {
+		if st, ok := status.FromError(err); ok {
+			if e := t.WriteStatus(stream, st); e != nil {
+				grpclog.Warningf("grpc: Server.processUnaryRPC failed to write status %v", e)
+			}
+		} else {
+			switch st := err.(type) {
+			case transport.ConnectionError:
+				// Nothing to do here.
+			case transport.StreamError:
+				if e := t.WriteStatus(stream, status.New(st.Code, st.Desc)); e != nil {
+					grpclog.Warningf("grpc: Server.processUnaryRPC failed to write status %v", e)
 				}
+			default:
+				panic(fmt.Sprintf("grpc: Unexpected error (%T) from recvMsg: %v", st, st))
 			}
-			return err
 		}
+		return err
+	}
 
-		if err := checkRecvPayload(pf, stream.RecvCompress(), s.opts.dc); err != nil {
-			if st, ok := status.FromError(err); ok {
-				if e := t.WriteStatus(stream, st); e != nil {
-					grpclog.Printf("grpc: Server.processUnaryRPC failed to write status %v", e)
-				}
-				return err
-			}
-			if e := t.WriteStatus(stream, status.New(codes.Internal, err.Error())); e != nil {
-				grpclog.Printf("grpc: Server.processUnaryRPC failed to write status %v", e)
+	if err := checkRecvPayload(pf, stream.RecvCompress(), s.opts.dc); err != nil {
+		if st, ok := status.FromError(err); ok {
+			if e := t.WriteStatus(stream, st); e != nil {
+				grpclog.Warningf("grpc: Server.processUnaryRPC failed to write status %v", e)
 			}
+			return err
+		}
+		if e := t.WriteStatus(stream, status.New(codes.Internal, err.Error())); e != nil {
+			grpclog.Warningf("grpc: Server.processUnaryRPC failed to write status %v", e)
+		}
 
-			// TODO checkRecvPayload always return RPC error. Add a return here if necessary.
+		// TODO checkRecvPayload always return RPC error. Add a return here if necessary.
+	}
+	var inPayload *stats.InPayload
+	if sh != nil {
+		inPayload = &stats.InPayload{
+			RecvTime: time.Now(),
 		}
-		var inPayload *stats.InPayload
-		if sh != nil {
-			inPayload = &stats.InPayload{
-				RecvTime: time.Now(),
-			}
+	}
+	df := func(v interface{}) error {
+		if inPayload != nil {
+			inPayload.WireLength = len(req)
 		}
-		df := func(v interface{}) error {
-			if inPayload != nil {
-				inPayload.WireLength = len(req)
+		if pf == compressionMade {
+			var err error
+			req, err = s.opts.dc.Do(bytes.NewReader(req))
+			if err != nil {
+				return Errorf(codes.Internal, err.Error())
 			}
-			if pf == compressionMade {
-				var err error
-				req, err = s.opts.dc.Do(bytes.NewReader(req))
-				if err != nil {
-					return Errorf(codes.Internal, err.Error())
-				}
-			}
-			if len(req) > s.opts.maxMsgSize {
-				// TODO: Revisit the error code. Currently keep it consistent with
-				// java implementation.
-				return status.Errorf(codes.Internal, "grpc: server received a message of %d bytes exceeding %d limit", len(req), s.opts.maxMsgSize)
-			}
-			if err := s.opts.codec.Unmarshal(req, v); err != nil {
-				return status.Errorf(codes.Internal, "grpc: error unmarshalling request: %v", err)
-			}
-			if inPayload != nil {
-				inPayload.Payload = v
-				inPayload.Data = req
-				inPayload.Length = len(req)
-				sh.HandleRPC(stream.Context(), inPayload)
-			}
-			if trInfo != nil {
-				trInfo.tr.LazyLog(&payload{sent: false, msg: v}, true)
-			}
-			return nil
 		}
-		reply, appErr := md.Handler(srv.server, stream.Context(), df, s.opts.unaryInt)
-		if appErr != nil {
-			appStatus, ok := status.FromError(appErr)
-			if !ok {
-				// Convert appErr if it is not a grpc status error.
-				appErr = status.Error(convertCode(appErr), appErr.Error())
-				appStatus, _ = status.FromError(appErr)
-			}
-			if trInfo != nil {
-				trInfo.tr.LazyLog(stringer(appStatus.Message()), true)
-				trInfo.tr.SetError()
-			}
-			if e := t.WriteStatus(stream, appStatus); e != nil {
-				grpclog.Printf("grpc: Server.processUnaryRPC failed to write status: %v", e)
-			}
-			return appErr
+		if len(req) > s.opts.maxReceiveMessageSize {
+			// TODO: Revisit the error code. Currently keep it consistent with
+			// java implementation.
+			return status.Errorf(codes.ResourceExhausted, "grpc: received message larger than max (%d vs. %d)", len(req), s.opts.maxReceiveMessageSize)
+		}
+		if err := s.opts.codec.Unmarshal(req, v); err != nil {
+			return status.Errorf(codes.Internal, "grpc: error unmarshalling request: %v", err)
+		}
+		if inPayload != nil {
+			inPayload.Payload = v
+			inPayload.Data = req
+			inPayload.Length = len(req)
+			sh.HandleRPC(stream.Context(), inPayload)
+		}
+		if trInfo != nil {
+			trInfo.tr.LazyLog(&payload{sent: false, msg: v}, true)
+		}
+		return nil
+	}
+	reply, appErr := md.Handler(srv.server, stream.Context(), df, s.opts.unaryInt)
+	if appErr != nil {
+		appStatus, ok := status.FromError(appErr)
+		if !ok {
+			// Convert appErr if it is not a grpc status error.
+			appErr = status.Error(convertCode(appErr), appErr.Error())
+			appStatus, _ = status.FromError(appErr)
 		}
 		if trInfo != nil {
-			trInfo.tr.LazyLog(stringer("OK"), false)
+			trInfo.tr.LazyLog(stringer(appStatus.Message()), true)
+			trInfo.tr.SetError()
+		}
+		if e := t.WriteStatus(stream, appStatus); e != nil {
+			grpclog.Warningf("grpc: Server.processUnaryRPC failed to write status: %v", e)
 		}
-		opts := &transport.Options{
-			Last:  true,
-			Delay: false,
+		return appErr
+	}
+	if trInfo != nil {
+		trInfo.tr.LazyLog(stringer("OK"), false)
+	}
+	opts := &transport.Options{
+		Last:  true,
+		Delay: false,
+	}
+	if err := s.sendResponse(t, stream, reply, s.opts.cp, opts); err != nil {
+		if err == io.EOF {
+			// The entire stream is done (for unary RPC only).
+			return err
 		}
-		if err := s.sendResponse(t, stream, reply, s.opts.cp, opts); err != nil {
-			if err == io.EOF {
-				// The entire stream is done (for unary RPC only).
-				return err
+		if s, ok := status.FromError(err); ok {
+			if e := t.WriteStatus(stream, s); e != nil {
+				grpclog.Warningf("grpc: Server.processUnaryRPC failed to write status: %v", e)
 			}
-			if s, ok := status.FromError(err); ok {
-				if e := t.WriteStatus(stream, s); e != nil {
-					grpclog.Printf("grpc: Server.processUnaryRPC failed to write status: %v", e)
-				}
-			} else {
-				switch st := err.(type) {
-				case transport.ConnectionError:
-					// Nothing to do here.
-				case transport.StreamError:
-					if e := t.WriteStatus(stream, status.New(st.Code, st.Desc)); e != nil {
-						grpclog.Printf("grpc: Server.processUnaryRPC failed to write status %v", e)
-					}
-				default:
-					panic(fmt.Sprintf("grpc: Unexpected error (%T) from sendResponse: %v", st, st))
+		} else {
+			switch st := err.(type) {
+			case transport.ConnectionError:
+				// Nothing to do here.
+			case transport.StreamError:
+				if e := t.WriteStatus(stream, status.New(st.Code, st.Desc)); e != nil {
+					grpclog.Warningf("grpc: Server.processUnaryRPC failed to write status %v", e)
 				}
+			default:
+				panic(fmt.Sprintf("grpc: Unexpected error (%T) from sendResponse: %v", st, st))
 			}
-			return err
 		}
-		if trInfo != nil {
-			trInfo.tr.LazyLog(&payload{sent: true, msg: reply}, true)
-		}
-		// TODO: Should we be logging if writing status failed here, like above?
-		// Should the logging be in WriteStatus?  Should we ignore the WriteStatus
-		// error or allow the stats handler to see it?
-		return t.WriteStatus(stream, status.New(codes.OK, ""))
+		return err
+	}
+	if trInfo != nil {
+		trInfo.tr.LazyLog(&payload{sent: true, msg: reply}, true)
 	}
+	// TODO: Should we be logging if writing status failed here, like above?
+	// Should the logging be in WriteStatus?  Should we ignore the WriteStatus
+	// error or allow the stats handler to see it?
+	return t.WriteStatus(stream, status.New(codes.OK, ""))
 }
 
 func (s *Server) processStreamingRPC(t transport.ServerTransport, stream *transport.Stream, srv *service, sd *StreamDesc, trInfo *traceInfo) (err error) {
@@ -814,9 +903,7 @@ func (s *Server) processStreamingRPC(t transport.ServerTransport, stream *transp
 			BeginTime: time.Now(),
 		}
 		sh.HandleRPC(stream.Context(), begin)
-	}
-	defer func() {
-		if sh != nil {
+		defer func() {
 			end := &stats.End{
 				EndTime: time.Now(),
 			}
@@ -824,24 +911,22 @@ func (s *Server) processStreamingRPC(t transport.ServerTransport, stream *transp
 				end.Error = toRPCErr(err)
 			}
 			sh.HandleRPC(stream.Context(), end)
-		}
-	}()
+		}()
+	}
 	if s.opts.cp != nil {
 		stream.SetSendCompress(s.opts.cp.Type())
 	}
 	ss := &serverStream{
-		t:            t,
-		s:            stream,
-		p:            &parser{r: stream},
-		codec:        s.opts.codec,
-		cp:           s.opts.cp,
-		dc:           s.opts.dc,
-		maxMsgSize:   s.opts.maxMsgSize,
-		trInfo:       trInfo,
-		statsHandler: sh,
-	}
-	if ss.cp != nil {
-		ss.cbuf = new(bytes.Buffer)
+		t:     t,
+		s:     stream,
+		p:     &parser{r: stream},
+		codec: s.opts.codec,
+		cp:    s.opts.cp,
+		dc:    s.opts.dc,
+		maxReceiveMessageSize: s.opts.maxReceiveMessageSize,
+		maxSendMessageSize:    s.opts.maxSendMessageSize,
+		trInfo:                trInfo,
+		statsHandler:          sh,
 	}
 	if trInfo != nil {
 		trInfo.tr.LazyLog(&trInfo.firstLine, false)
@@ -913,12 +998,12 @@ func (s *Server) handleStream(t transport.ServerTransport, stream *transport.Str
 			trInfo.tr.SetError()
 		}
 		errDesc := fmt.Sprintf("malformed method name: %q", stream.Method())
-		if err := t.WriteStatus(stream, status.New(codes.InvalidArgument, errDesc)); err != nil {
+		if err := t.WriteStatus(stream, status.New(codes.ResourceExhausted, errDesc)); err != nil {
 			if trInfo != nil {
 				trInfo.tr.LazyLog(&fmtStringer{"%v", []interface{}{err}}, true)
 				trInfo.tr.SetError()
 			}
-			grpclog.Printf("grpc: Server.handleStream failed to write status: %v", err)
+			grpclog.Warningf("grpc: Server.handleStream failed to write status: %v", err)
 		}
 		if trInfo != nil {
 			trInfo.tr.Finish()
@@ -943,7 +1028,7 @@ func (s *Server) handleStream(t transport.ServerTransport, stream *transport.Str
 				trInfo.tr.LazyLog(&fmtStringer{"%v", []interface{}{err}}, true)
 				trInfo.tr.SetError()
 			}
-			grpclog.Printf("grpc: Server.handleStream failed to write status: %v", err)
+			grpclog.Warningf("grpc: Server.handleStream failed to write status: %v", err)
 		}
 		if trInfo != nil {
 			trInfo.tr.Finish()
@@ -973,7 +1058,7 @@ func (s *Server) handleStream(t transport.ServerTransport, stream *transport.Str
 			trInfo.tr.LazyLog(&fmtStringer{"%v", []interface{}{err}}, true)
 			trInfo.tr.SetError()
 		}
-		grpclog.Printf("grpc: Server.handleStream failed to write status: %v", err)
+		grpclog.Warningf("grpc: Server.handleStream failed to write status: %v", err)
 	}
 	if trInfo != nil {
 		trInfo.tr.Finish()
@@ -1011,8 +1096,9 @@ func (s *Server) Stop() {
 	s.mu.Unlock()
 }
 
-// GracefulStop stops the gRPC server gracefully. It stops the server to accept new
-// connections and RPCs and blocks until all the pending RPCs are finished.
+// GracefulStop stops the gRPC server gracefully. It stops the server from
+// accepting new connections and RPCs and blocks until all the pending RPCs are
+// finished.
 func (s *Server) GracefulStop() {
 	s.mu.Lock()
 	defer s.mu.Unlock()
diff --git a/vendor/google.golang.org/grpc/stats/handlers.go b/vendor/google.golang.org/grpc/stats/handlers.go
index 26e1a8e2f081..05b384c69318 100644
--- a/vendor/google.golang.org/grpc/stats/handlers.go
+++ b/vendor/google.golang.org/grpc/stats/handlers.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2016, Google Inc.
- * All rights reserved.
+ * Copyright 2016 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -45,19 +30,22 @@ type ConnTagInfo struct {
 	RemoteAddr net.Addr
 	// LocalAddr is the local address of the corresponding connection.
 	LocalAddr net.Addr
-	// TODO add QOS related fields.
 }
 
 // RPCTagInfo defines the relevant information needed by RPC context tagger.
 type RPCTagInfo struct {
 	// FullMethodName is the RPC method in the format of /package.service/method.
 	FullMethodName string
+	// FailFast indicates if this RPC is failfast.
+	// This field is only valid on client side, it's always false on server side.
+	FailFast bool
 }
 
 // Handler defines the interface for the related stats handling (e.g., RPCs, connections).
 type Handler interface {
 	// TagRPC can attach some information to the given context.
-	// The returned context is used in the rest lifetime of the RPC.
+	// The context used for the rest lifetime of the RPC will be derived from
+	// the returned context.
 	TagRPC(context.Context, *RPCTagInfo) context.Context
 	// HandleRPC processes the RPC stats.
 	HandleRPC(context.Context, RPCStats)
diff --git a/vendor/google.golang.org/grpc/stats/stats.go b/vendor/google.golang.org/grpc/stats/stats.go
index c2c9a9dfa233..e844541e9c06 100644
--- a/vendor/google.golang.org/grpc/stats/stats.go
+++ b/vendor/google.golang.org/grpc/stats/stats.go
@@ -1,36 +1,23 @@
 /*
  *
- * Copyright 2016, Google Inc.
- * All rights reserved.
+ * Copyright 2016 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
+//go:generate protoc --go_out=plugins=grpc:. grpc_testing/test.proto
+
 // Package stats is for collecting and reporting various network and RPC stats.
 // This package is for monitoring purpose only. All fields are read-only.
 // All APIs are experimental.
@@ -39,6 +26,8 @@ package stats
 import (
 	"net"
 	"time"
+
+	"golang.org/x/net/context"
 )
 
 // RPCStats contains stats information about RPCs.
@@ -49,7 +38,7 @@ type RPCStats interface {
 }
 
 // Begin contains stats when an RPC begins.
-// FailFast are only valid if Client is true.
+// FailFast is only valid if this Begin is from client side.
 type Begin struct {
 	// Client is true if this Begin is from client side.
 	Client bool
@@ -59,7 +48,7 @@ type Begin struct {
 	FailFast bool
 }
 
-// IsClient indicates if this is from client side.
+// IsClient indicates if the stats information is from client side.
 func (s *Begin) IsClient() bool { return s.Client }
 
 func (s *Begin) isRPCStats() {}
@@ -80,19 +69,19 @@ type InPayload struct {
 	RecvTime time.Time
 }
 
-// IsClient indicates if this is from client side.
+// IsClient indicates if the stats information is from client side.
 func (s *InPayload) IsClient() bool { return s.Client }
 
 func (s *InPayload) isRPCStats() {}
 
 // InHeader contains stats when a header is received.
-// FullMethod, addresses and Compression are only valid if Client is false.
 type InHeader struct {
 	// Client is true if this InHeader is from client side.
 	Client bool
 	// WireLength is the wire length of header.
 	WireLength int
 
+	// The following fields are valid only if Client is false.
 	// FullMethod is the full RPC method string, i.e., /package.service/method.
 	FullMethod string
 	// RemoteAddr is the remote address of the corresponding connection.
@@ -103,7 +92,7 @@ type InHeader struct {
 	Compression string
 }
 
-// IsClient indicates if this is from client side.
+// IsClient indicates if the stats information is from client side.
 func (s *InHeader) IsClient() bool { return s.Client }
 
 func (s *InHeader) isRPCStats() {}
@@ -116,7 +105,7 @@ type InTrailer struct {
 	WireLength int
 }
 
-// IsClient indicates if this is from client side.
+// IsClient indicates if the stats information is from client side.
 func (s *InTrailer) IsClient() bool { return s.Client }
 
 func (s *InTrailer) isRPCStats() {}
@@ -137,19 +126,17 @@ type OutPayload struct {
 	SentTime time.Time
 }
 
-// IsClient indicates if this is from client side.
+// IsClient indicates if this stats information is from client side.
 func (s *OutPayload) IsClient() bool { return s.Client }
 
 func (s *OutPayload) isRPCStats() {}
 
 // OutHeader contains stats when a header is sent.
-// FullMethod, addresses and Compression are only valid if Client is true.
 type OutHeader struct {
 	// Client is true if this OutHeader is from client side.
 	Client bool
-	// WireLength is the wire length of header.
-	WireLength int
 
+	// The following fields are valid only if Client is true.
 	// FullMethod is the full RPC method string, i.e., /package.service/method.
 	FullMethod string
 	// RemoteAddr is the remote address of the corresponding connection.
@@ -160,7 +147,7 @@ type OutHeader struct {
 	Compression string
 }
 
-// IsClient indicates if this is from client side.
+// IsClient indicates if this stats information is from client side.
 func (s *OutHeader) IsClient() bool { return s.Client }
 
 func (s *OutHeader) isRPCStats() {}
@@ -173,7 +160,7 @@ type OutTrailer struct {
 	WireLength int
 }
 
-// IsClient indicates if this is from client side.
+// IsClient indicates if this stats information is from client side.
 func (s *OutTrailer) IsClient() bool { return s.Client }
 
 func (s *OutTrailer) isRPCStats() {}
@@ -184,7 +171,9 @@ type End struct {
 	Client bool
 	// EndTime is the time when the RPC ends.
 	EndTime time.Time
-	// Error is the error just happened.  It implements status.Status if non-nil.
+	// Error is the error the RPC ended with. It is an error generated from
+	// status.Status and can be converted back to status.Status using
+	// status.FromError if non-nil.
 	Error error
 }
 
@@ -221,3 +210,85 @@ type ConnEnd struct {
 func (s *ConnEnd) IsClient() bool { return s.Client }
 
 func (s *ConnEnd) isConnStats() {}
+
+type incomingTagsKey struct{}
+type outgoingTagsKey struct{}
+
+// SetTags attaches stats tagging data to the context, which will be sent in
+// the outgoing RPC with the header grpc-tags-bin.  Subsequent calls to
+// SetTags will overwrite the values from earlier calls.
+//
+// NOTE: this is provided only for backward compatibility with existing clients
+// and will likely be removed in an upcoming release.  New uses should transmit
+// this type of data using metadata with a different, non-reserved (i.e. does
+// not begin with "grpc-") header name.
+func SetTags(ctx context.Context, b []byte) context.Context {
+	return context.WithValue(ctx, outgoingTagsKey{}, b)
+}
+
+// Tags returns the tags from the context for the inbound RPC.
+//
+// NOTE: this is provided only for backward compatibility with existing clients
+// and will likely be removed in an upcoming release.  New uses should transmit
+// this type of data using metadata with a different, non-reserved (i.e. does
+// not begin with "grpc-") header name.
+func Tags(ctx context.Context) []byte {
+	b, _ := ctx.Value(incomingTagsKey{}).([]byte)
+	return b
+}
+
+// SetIncomingTags attaches stats tagging data to the context, to be read by
+// the application (not sent in outgoing RPCs).
+//
+// This is intended for gRPC-internal use ONLY.
+func SetIncomingTags(ctx context.Context, b []byte) context.Context {
+	return context.WithValue(ctx, incomingTagsKey{}, b)
+}
+
+// OutgoingTags returns the tags from the context for the outbound RPC.
+//
+// This is intended for gRPC-internal use ONLY.
+func OutgoingTags(ctx context.Context) []byte {
+	b, _ := ctx.Value(outgoingTagsKey{}).([]byte)
+	return b
+}
+
+type incomingTraceKey struct{}
+type outgoingTraceKey struct{}
+
+// SetTrace attaches stats tagging data to the context, which will be sent in
+// the outgoing RPC with the header grpc-trace-bin.  Subsequent calls to
+// SetTrace will overwrite the values from earlier calls.
+//
+// NOTE: this is provided only for backward compatibility with existing clients
+// and will likely be removed in an upcoming release.  New uses should transmit
+// this type of data using metadata with a different, non-reserved (i.e. does
+// not begin with "grpc-") header name.
+func SetTrace(ctx context.Context, b []byte) context.Context {
+	return context.WithValue(ctx, outgoingTraceKey{}, b)
+}
+
+// Trace returns the trace from the context for the inbound RPC.
+//
+// NOTE: this is provided only for backward compatibility with existing clients
+// and will likely be removed in an upcoming release.  New uses should transmit
+// this type of data using metadata with a different, non-reserved (i.e. does
+// not begin with "grpc-") header name.
+func Trace(ctx context.Context) []byte {
+	b, _ := ctx.Value(incomingTraceKey{}).([]byte)
+	return b
+}
+
+// SetIncomingTrace attaches stats tagging data to the context, to be read by
+// the application (not sent in outgoing RPCs).  It is intended for
+// gRPC-internal use.
+func SetIncomingTrace(ctx context.Context, b []byte) context.Context {
+	return context.WithValue(ctx, incomingTraceKey{}, b)
+}
+
+// OutgoingTrace returns the trace from the context for the outbound RPC.  It is
+// intended for gRPC-internal use.
+func OutgoingTrace(ctx context.Context) []byte {
+	b, _ := ctx.Value(outgoingTraceKey{}).([]byte)
+	return b
+}
diff --git a/vendor/google.golang.org/grpc/status/status.go b/vendor/google.golang.org/grpc/status/status.go
index 99a4cbe51129..871dc4b31c76 100644
--- a/vendor/google.golang.org/grpc/status/status.go
+++ b/vendor/google.golang.org/grpc/status/status.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2017, Google Inc.
- * All rights reserved.
+ * Copyright 2017 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -43,9 +28,11 @@
 package status
 
 import (
+	"errors"
 	"fmt"
 
 	"github.com/golang/protobuf/proto"
+	"github.com/golang/protobuf/ptypes"
 	spb "google.golang.org/genproto/googleapis/rpc/status"
 	"google.golang.org/grpc/codes"
 )
@@ -143,3 +130,39 @@ func FromError(err error) (s *Status, ok bool) {
 	}
 	return nil, false
 }
+
+// WithDetails returns a new status with the provided details messages appended to the status.
+// If any errors are encountered, it returns nil and the first error encountered.
+func (s *Status) WithDetails(details ...proto.Message) (*Status, error) {
+	if s.Code() == codes.OK {
+		return nil, errors.New("no error details for status with code OK")
+	}
+	// s.Code() != OK implies that s.Proto() != nil.
+	p := s.Proto()
+	for _, detail := range details {
+		any, err := ptypes.MarshalAny(detail)
+		if err != nil {
+			return nil, err
+		}
+		p.Details = append(p.Details, any)
+	}
+	return &Status{s: p}, nil
+}
+
+// Details returns a slice of details messages attached to the status.
+// If a detail cannot be decoded, the error is returned in place of the detail.
+func (s *Status) Details() []interface{} {
+	if s == nil || s.s == nil {
+		return nil
+	}
+	details := make([]interface{}, 0, len(s.s.Details))
+	for _, any := range s.s.Details {
+		detail := &ptypes.DynamicAny{}
+		if err := ptypes.UnmarshalAny(any, detail); err != nil {
+			details = append(details, err)
+			continue
+		}
+		details = append(details, detail.Message)
+	}
+	return details
+}
diff --git a/vendor/google.golang.org/grpc/stream.go b/vendor/google.golang.org/grpc/stream.go
index 33f1c787b346..75eab40b1095 100644
--- a/vendor/google.golang.org/grpc/stream.go
+++ b/vendor/google.golang.org/grpc/stream.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2014, Google Inc.
- * All rights reserved.
+ * Copyright 2014 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -42,8 +27,10 @@ import (
 
 	"golang.org/x/net/context"
 	"golang.org/x/net/trace"
+	"google.golang.org/grpc/balancer"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/metadata"
+	"google.golang.org/grpc/peer"
 	"google.golang.org/grpc/stats"
 	"google.golang.org/grpc/status"
 	"google.golang.org/grpc/transport"
@@ -73,11 +60,17 @@ type Stream interface {
 	// side. On server side, it simply returns the error to the caller.
 	// SendMsg is called by generated code. Also Users can call SendMsg
 	// directly when it is really needed in their use cases.
+	// It's safe to have a goroutine calling SendMsg and another goroutine calling
+	// recvMsg on the same stream at the same time.
+	// But it is not safe to call SendMsg on the same stream in different goroutines.
 	SendMsg(m interface{}) error
 	// RecvMsg blocks until it receives a message or the stream is
 	// done. On client side, it returns io.EOF when the stream is done. On
 	// any other error, it aborts the stream and returns an RPC status. On
 	// server side, it simply returns the error to the caller.
+	// It's safe to have a goroutine calling SendMsg and another goroutine calling
+	// recvMsg on the same stream at the same time.
+	// But it is not safe to call RecvMsg on the same stream in different goroutines.
 	RecvMsg(m interface{}) error
 }
 
@@ -93,6 +86,11 @@ type ClientStream interface {
 	// CloseSend closes the send direction of the stream. It closes the stream
 	// when non-nil error is met.
 	CloseSend() error
+	// Stream.SendMsg() may return a non-nil error when something wrong happens sending
+	// the request. The returned error indicates the status of this sending, not the final
+	// status of the RPC.
+	// Always call Stream.RecvMsg() to get the final status if you care about the status of
+	// the RPC.
 	Stream
 }
 
@@ -109,29 +107,48 @@ func newClientStream(ctx context.Context, desc *StreamDesc, cc *ClientConn, meth
 	var (
 		t      transport.ClientTransport
 		s      *transport.Stream
-		put    func()
+		done   func(balancer.DoneInfo)
 		cancel context.CancelFunc
 	)
-	c := defaultCallInfo
-	if mc, ok := cc.getMethodConfig(method); ok {
-		c.failFast = !mc.WaitForReady
-		if mc.Timeout > 0 {
-			ctx, cancel = context.WithTimeout(ctx, mc.Timeout)
-		}
+	c := defaultCallInfo()
+	mc := cc.GetMethodConfig(method)
+	if mc.WaitForReady != nil {
+		c.failFast = !*mc.WaitForReady
 	}
+
+	if mc.Timeout != nil {
+		ctx, cancel = context.WithTimeout(ctx, *mc.Timeout)
+		defer func() {
+			if err != nil {
+				cancel()
+			}
+		}()
+	}
+
+	opts = append(cc.dopts.callOptions, opts...)
 	for _, o := range opts {
-		if err := o.before(&c); err != nil {
+		if err := o.before(c); err != nil {
 			return nil, toRPCErr(err)
 		}
 	}
+	c.maxSendMessageSize = getMaxSize(mc.MaxReqSize, c.maxSendMessageSize, defaultClientMaxSendMessageSize)
+	c.maxReceiveMessageSize = getMaxSize(mc.MaxRespSize, c.maxReceiveMessageSize, defaultClientMaxReceiveMessageSize)
+
 	callHdr := &transport.CallHdr{
 		Host:   cc.authority,
 		Method: method,
-		Flush:  desc.ServerStreams && desc.ClientStreams,
+		// If it's not client streaming, we should already have the request to be sent,
+		// so we don't flush the header.
+		// If it's client streaming, the user may never send a request or send it any
+		// time soon, so we ask the transport to flush the header.
+		Flush: desc.ClientStreams,
 	}
 	if cc.dopts.cp != nil {
 		callHdr.SendCompress = cc.dopts.cp.Type()
 	}
+	if c.creds != nil {
+		callHdr.Creds = c.creds
+	}
 	var trInfo traceInfo
 	if EnableTracing {
 		trInfo.tr = trace.New("grpc.Sent."+methodFamily(method), method)
@@ -151,32 +168,29 @@ func newClientStream(ctx context.Context, desc *StreamDesc, cc *ClientConn, meth
 			}
 		}()
 	}
-	ctx = newContextWithRPCInfo(ctx)
+	ctx = newContextWithRPCInfo(ctx, c.failFast)
 	sh := cc.dopts.copts.StatsHandler
 	if sh != nil {
-		ctx = sh.TagRPC(ctx, &stats.RPCTagInfo{FullMethodName: method})
+		ctx = sh.TagRPC(ctx, &stats.RPCTagInfo{FullMethodName: method, FailFast: c.failFast})
 		begin := &stats.Begin{
 			Client:    true,
 			BeginTime: time.Now(),
 			FailFast:  c.failFast,
 		}
 		sh.HandleRPC(ctx, begin)
-	}
-	defer func() {
-		if err != nil && sh != nil {
-			// Only handle end stats if err != nil.
-			end := &stats.End{
-				Client: true,
-				Error:  err,
+		defer func() {
+			if err != nil {
+				// Only handle end stats if err != nil.
+				end := &stats.End{
+					Client: true,
+					Error:  err,
+				}
+				sh.HandleRPC(ctx, end)
 			}
-			sh.HandleRPC(ctx, end)
-		}
-	}()
-	gopts := BalancerGetOptions{
-		BlockingWait: !c.failFast,
+		}()
 	}
 	for {
-		t, put, err = cc.getTransport(ctx, gopts)
+		t, done, err = cc.getTransport(ctx, c.failFast)
 		if err != nil {
 			// TODO(zhaoq): Probably revisit the error handling.
 			if _, ok := status.FromError(err); ok {
@@ -194,15 +208,15 @@ func newClientStream(ctx context.Context, desc *StreamDesc, cc *ClientConn, meth
 
 		s, err = t.NewStream(ctx, callHdr)
 		if err != nil {
-			if _, ok := err.(transport.ConnectionError); ok && put != nil {
+			if _, ok := err.(transport.ConnectionError); ok && done != nil {
 				// If error is connection error, transport was sending data on wire,
 				// and we are not sure if anything has been sent on wire.
 				// If error is not connection error, we are sure nothing has been sent.
 				updateRPCInfoInContext(ctx, rpcInfo{bytesSent: true, bytesReceived: false})
 			}
-			if put != nil {
-				put()
-				put = nil
+			if done != nil {
+				done(balancer.DoneInfo{Err: err})
+				done = nil
 			}
 			if _, ok := err.(transport.ConnectionError); (ok || err == transport.ErrStreamDrain) && !c.failFast {
 				continue
@@ -211,20 +225,23 @@ func newClientStream(ctx context.Context, desc *StreamDesc, cc *ClientConn, meth
 		}
 		break
 	}
+	// Set callInfo.peer object from stream's context.
+	if peer, ok := peer.FromContext(s.Context()); ok {
+		c.peer = peer
+	}
 	cs := &clientStream{
-		opts:       opts,
-		c:          c,
-		desc:       desc,
-		codec:      cc.dopts.codec,
-		cp:         cc.dopts.cp,
-		dc:         cc.dopts.dc,
-		maxMsgSize: cc.dopts.maxMsgSize,
-		cancel:     cancel,
-
-		put: put,
-		t:   t,
-		s:   s,
-		p:   &parser{r: s},
+		opts:   opts,
+		c:      c,
+		desc:   desc,
+		codec:  cc.dopts.codec,
+		cp:     cc.dopts.cp,
+		dc:     cc.dopts.dc,
+		cancel: cancel,
+
+		done: done,
+		t:    t,
+		s:    s,
+		p:    &parser{r: s},
 
 		tracing: EnableTracing,
 		trInfo:  trInfo,
@@ -232,9 +249,6 @@ func newClientStream(ctx context.Context, desc *StreamDesc, cc *ClientConn, meth
 		statsCtx:     ctx,
 		statsHandler: cc.dopts.copts.StatsHandler,
 	}
-	if cc.dopts.cp != nil {
-		cs.cbuf = new(bytes.Buffer)
-	}
 	// Listen on ctx.Done() to detect cancellation and s.Done() to detect normal termination
 	// when there is no pending I/O operations on this stream.
 	go func() {
@@ -263,23 +277,21 @@ func newClientStream(ctx context.Context, desc *StreamDesc, cc *ClientConn, meth
 
 // clientStream implements a client side Stream.
 type clientStream struct {
-	opts       []CallOption
-	c          callInfo
-	t          transport.ClientTransport
-	s          *transport.Stream
-	p          *parser
-	desc       *StreamDesc
-	codec      Codec
-	cp         Compressor
-	cbuf       *bytes.Buffer
-	dc         Decompressor
-	maxMsgSize int
-	cancel     context.CancelFunc
+	opts   []CallOption
+	c      *callInfo
+	t      transport.ClientTransport
+	s      *transport.Stream
+	p      *parser
+	desc   *StreamDesc
+	codec  Codec
+	cp     Compressor
+	dc     Decompressor
+	cancel context.CancelFunc
 
 	tracing bool // set to EnableTracing when the clientStream is created.
 
 	mu       sync.Mutex
-	put      func()
+	done     func(balancer.DoneInfo)
 	closed   bool
 	finished bool
 	// trInfo.tr is set when the clientStream is created (if EnableTracing is true),
@@ -329,7 +341,7 @@ func (cs *clientStream) SendMsg(m interface{}) (err error) {
 			return
 		}
 		if err == io.EOF {
-			// Specialize the process for server streaming. SendMesg is only called
+			// Specialize the process for server streaming. SendMsg is only called
 			// once when creating the stream object. io.EOF needs to be skipped when
 			// the rpc is early finished (before the stream object is created.).
 			// TODO: It is probably better to move this into the generated code.
@@ -349,16 +361,17 @@ func (cs *clientStream) SendMsg(m interface{}) (err error) {
 			Client: true,
 		}
 	}
-	out, err := encode(cs.codec, m, cs.cp, cs.cbuf, outPayload)
-	defer func() {
-		if cs.cbuf != nil {
-			cs.cbuf.Reset()
-		}
-	}()
+	hdr, data, err := encode(cs.codec, m, cs.cp, bytes.NewBuffer([]byte{}), outPayload)
 	if err != nil {
-		return Errorf(codes.Internal, "grpc: %v", err)
+		return err
+	}
+	if cs.c.maxSendMessageSize == nil {
+		return Errorf(codes.Internal, "callInfo maxSendMessageSize field uninitialized(nil)")
+	}
+	if len(data) > *cs.c.maxSendMessageSize {
+		return Errorf(codes.ResourceExhausted, "trying to send message larger than max (%d vs. %d)", len(data), *cs.c.maxSendMessageSize)
 	}
-	err = cs.t.Write(cs.s, out, &transport.Options{Last: false})
+	err = cs.t.Write(cs.s, hdr, data, &transport.Options{Last: false})
 	if err == nil && outPayload != nil {
 		outPayload.SentTime = time.Now()
 		cs.statsHandler.HandleRPC(cs.statsCtx, outPayload)
@@ -373,7 +386,10 @@ func (cs *clientStream) RecvMsg(m interface{}) (err error) {
 			Client: true,
 		}
 	}
-	err = recv(cs.p, cs.codec, cs.s, cs.dc, m, cs.maxMsgSize, inPayload)
+	if cs.c.maxReceiveMessageSize == nil {
+		return Errorf(codes.Internal, "callInfo maxReceiveMessageSize field uninitialized(nil)")
+	}
+	err = recv(cs.p, cs.codec, cs.s, cs.dc, m, *cs.c.maxReceiveMessageSize, inPayload)
 	defer func() {
 		// err != nil indicates the termination of the stream.
 		if err != nil {
@@ -396,7 +412,10 @@ func (cs *clientStream) RecvMsg(m interface{}) (err error) {
 		}
 		// Special handling for client streaming rpc.
 		// This recv expects EOF or errors, so we don't collect inPayload.
-		err = recv(cs.p, cs.codec, cs.s, cs.dc, m, cs.maxMsgSize, nil)
+		if cs.c.maxReceiveMessageSize == nil {
+			return Errorf(codes.Internal, "callInfo maxReceiveMessageSize field uninitialized(nil)")
+		}
+		err = recv(cs.p, cs.codec, cs.s, cs.dc, m, *cs.c.maxReceiveMessageSize, nil)
 		cs.closeTransportStream(err)
 		if err == nil {
 			return toRPCErr(errors.New("grpc: client streaming protocol violation: get <nil>, want <EOF>"))
@@ -424,7 +443,7 @@ func (cs *clientStream) RecvMsg(m interface{}) (err error) {
 }
 
 func (cs *clientStream) CloseSend() (err error) {
-	err = cs.t.Write(cs.s, nil, &transport.Options{Last: true})
+	err = cs.t.Write(cs.s, nil, nil, &transport.Options{Last: true})
 	defer func() {
 		if err != nil {
 			cs.finish(err)
@@ -464,15 +483,15 @@ func (cs *clientStream) finish(err error) {
 		}
 	}()
 	for _, o := range cs.opts {
-		o.after(&cs.c)
+		o.after(cs.c)
 	}
-	if cs.put != nil {
+	if cs.done != nil {
 		updateRPCInfoInContext(cs.s.Context(), rpcInfo{
 			bytesSent:     cs.s.BytesSent(),
 			bytesReceived: cs.s.BytesReceived(),
 		})
-		cs.put()
-		cs.put = nil
+		cs.done(balancer.DoneInfo{Err: err})
+		cs.done = nil
 	}
 	if cs.statsHandler != nil {
 		end := &stats.End{
@@ -521,15 +540,15 @@ type ServerStream interface {
 
 // serverStream implements a server side Stream.
 type serverStream struct {
-	t          transport.ServerTransport
-	s          *transport.Stream
-	p          *parser
-	codec      Codec
-	cp         Compressor
-	dc         Decompressor
-	cbuf       *bytes.Buffer
-	maxMsgSize int
-	trInfo     *traceInfo
+	t                     transport.ServerTransport
+	s                     *transport.Stream
+	p                     *parser
+	codec                 Codec
+	cp                    Compressor
+	dc                    Decompressor
+	maxReceiveMessageSize int
+	maxSendMessageSize    int
+	trInfo                *traceInfo
 
 	statsHandler stats.Handler
 
@@ -573,22 +592,23 @@ func (ss *serverStream) SendMsg(m interface{}) (err error) {
 			}
 			ss.mu.Unlock()
 		}
+		if err != nil && err != io.EOF {
+			st, _ := status.FromError(toRPCErr(err))
+			ss.t.WriteStatus(ss.s, st)
+		}
 	}()
 	var outPayload *stats.OutPayload
 	if ss.statsHandler != nil {
 		outPayload = &stats.OutPayload{}
 	}
-	out, err := encode(ss.codec, m, ss.cp, ss.cbuf, outPayload)
-	defer func() {
-		if ss.cbuf != nil {
-			ss.cbuf.Reset()
-		}
-	}()
+	hdr, data, err := encode(ss.codec, m, ss.cp, bytes.NewBuffer([]byte{}), outPayload)
 	if err != nil {
-		err = Errorf(codes.Internal, "grpc: %v", err)
 		return err
 	}
-	if err := ss.t.Write(ss.s, out, &transport.Options{Last: false}); err != nil {
+	if len(data) > ss.maxSendMessageSize {
+		return Errorf(codes.ResourceExhausted, "trying to send message larger than max (%d vs. %d)", len(data), ss.maxSendMessageSize)
+	}
+	if err := ss.t.Write(ss.s, hdr, data, &transport.Options{Last: false}); err != nil {
 		return toRPCErr(err)
 	}
 	if outPayload != nil {
@@ -612,12 +632,16 @@ func (ss *serverStream) RecvMsg(m interface{}) (err error) {
 			}
 			ss.mu.Unlock()
 		}
+		if err != nil && err != io.EOF {
+			st, _ := status.FromError(toRPCErr(err))
+			ss.t.WriteStatus(ss.s, st)
+		}
 	}()
 	var inPayload *stats.InPayload
 	if ss.statsHandler != nil {
 		inPayload = &stats.InPayload{}
 	}
-	if err := recv(ss.p, ss.codec, ss.s, ss.dc, m, ss.maxMsgSize, inPayload); err != nil {
+	if err := recv(ss.p, ss.codec, ss.s, ss.dc, m, ss.maxReceiveMessageSize, inPayload); err != nil {
 		if err == io.EOF {
 			return err
 		}
diff --git a/vendor/google.golang.org/grpc/tap/tap.go b/vendor/google.golang.org/grpc/tap/tap.go
index 0f3664767423..22b8fb50dea5 100644
--- a/vendor/google.golang.org/grpc/tap/tap.go
+++ b/vendor/google.golang.org/grpc/tap/tap.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2016, Google Inc.
- * All rights reserved.
+ * Copyright 2016 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -47,8 +32,20 @@ type Info struct {
 	// TODO: More to be added.
 }
 
-// ServerInHandle defines the function which runs when a new stream is created
-// on the server side. Note that it is executed in the per-connection I/O goroutine(s) instead
-// of per-RPC goroutine. Therefore, users should NOT have any blocking/time-consuming
-// work in this handle. Otherwise all the RPCs would slow down.
+// ServerInHandle defines the function which runs before a new stream is created
+// on the server side. If it returns a non-nil error, the stream will not be
+// created and a RST_STREAM will be sent back to the client with REFUSED_STREAM.
+// The client will receive an RPC error "code = Unavailable, desc = stream
+// terminated by RST_STREAM with error code: REFUSED_STREAM".
+//
+// It's intended to be used in situations where you don't want to waste the
+// resources to accept the new stream (e.g. rate-limiting). And the content of
+// the error will be ignored and won't be sent back to the client. For other
+// general usages, please use interceptors.
+//
+// Note that it is executed in the per-connection I/O goroutine(s) instead of
+// per-RPC goroutine. Therefore, users should NOT have any
+// blocking/time-consuming work in this handle. Otherwise all the RPCs would
+// slow down. Also, for the same reason, this handle won't be called
+// concurrently by gRPC.
 type ServerInHandle func(ctx context.Context, info *Info) (context.Context, error)
diff --git a/vendor/google.golang.org/grpc/trace.go b/vendor/google.golang.org/grpc/trace.go
index f6747e1dfa4b..c1c96dedcb75 100644
--- a/vendor/google.golang.org/grpc/trace.go
+++ b/vendor/google.golang.org/grpc/trace.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2015, Google Inc.
- * All rights reserved.
+ * Copyright 2015 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -46,7 +31,7 @@ import (
 
 // EnableTracing controls whether to trace RPCs using the golang.org/x/net/trace package.
 // This should only be set before any RPCs are sent or received by this program.
-var EnableTracing = true
+var EnableTracing bool
 
 // methodFamily returns the trace family for the given method.
 // It turns "/pkg.Service/GetFoo" into "pkg.Service".
@@ -91,6 +76,15 @@ func (f *firstLine) String() string {
 	return line.String()
 }
 
+const truncateSize = 100
+
+func truncate(x string, l int) string {
+	if l > len(x) {
+		return x
+	}
+	return x[:l]
+}
+
 // payload represents an RPC request or response payload.
 type payload struct {
 	sent bool        // whether this is an outgoing payload
@@ -100,9 +94,9 @@ type payload struct {
 
 func (p payload) String() string {
 	if p.sent {
-		return fmt.Sprintf("sent: %v", p.msg)
+		return truncate(fmt.Sprintf("sent: %v", p.msg), truncateSize)
 	}
-	return fmt.Sprintf("recv: %v", p.msg)
+	return truncate(fmt.Sprintf("recv: %v", p.msg), truncateSize)
 }
 
 type fmtStringer struct {
diff --git a/vendor/google.golang.org/grpc/transport/bdp_estimator.go b/vendor/google.golang.org/grpc/transport/bdp_estimator.go
new file mode 100644
index 000000000000..8dd2ed42792f
--- /dev/null
+++ b/vendor/google.golang.org/grpc/transport/bdp_estimator.go
@@ -0,0 +1,143 @@
+/*
+ *
+ * Copyright 2017 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package transport
+
+import (
+	"sync"
+	"time"
+)
+
+const (
+	// bdpLimit is the maximum value the flow control windows
+	// will be increased to.
+	bdpLimit = (1 << 20) * 4
+	// alpha is a constant factor used to keep a moving average
+	// of RTTs.
+	alpha = 0.9
+	// If the current bdp sample is greater than or equal to
+	// our beta * our estimated bdp and the current bandwidth
+	// sample is the maximum bandwidth observed so far, we
+	// increase our bbp estimate by a factor of gamma.
+	beta = 0.66
+	// To put our bdp to be smaller than or equal to twice the real BDP,
+	// we should multiply our current sample with 4/3, however to round things out
+	// we use 2 as the multiplication factor.
+	gamma = 2
+)
+
+var (
+	// Adding arbitrary data to ping so that its ack can be
+	// identified.
+	// Easter-egg: what does the ping message say?
+	bdpPing = &ping{data: [8]byte{2, 4, 16, 16, 9, 14, 7, 7}}
+)
+
+type bdpEstimator struct {
+	// sentAt is the time when the ping was sent.
+	sentAt time.Time
+
+	mu sync.Mutex
+	// bdp is the current bdp estimate.
+	bdp uint32
+	// sample is the number of bytes received in one measurement cycle.
+	sample uint32
+	// bwMax is the maximum bandwidth noted so far (bytes/sec).
+	bwMax float64
+	// bool to keep track of the beginning of a new measurement cycle.
+	isSent bool
+	// Callback to update the window sizes.
+	updateFlowControl func(n uint32)
+	// sampleCount is the number of samples taken so far.
+	sampleCount uint64
+	// round trip time (seconds)
+	rtt float64
+}
+
+// timesnap registers the time bdp ping was sent out so that
+// network rtt can be calculated when its ack is received.
+// It is called (by controller) when the bdpPing is
+// being written on the wire.
+func (b *bdpEstimator) timesnap(d [8]byte) {
+	if bdpPing.data != d {
+		return
+	}
+	b.sentAt = time.Now()
+}
+
+// add adds bytes to the current sample for calculating bdp.
+// It returns true only if a ping must be sent. This can be used
+// by the caller (handleData) to make decision about batching
+// a window update with it.
+func (b *bdpEstimator) add(n uint32) bool {
+	b.mu.Lock()
+	defer b.mu.Unlock()
+	if b.bdp == bdpLimit {
+		return false
+	}
+	if !b.isSent {
+		b.isSent = true
+		b.sample = n
+		b.sentAt = time.Time{}
+		b.sampleCount++
+		return true
+	}
+	b.sample += n
+	return false
+}
+
+// calculate is called when an ack for a bdp ping is received.
+// Here we calculate the current bdp and bandwidth sample and
+// decide if the flow control windows should go up.
+func (b *bdpEstimator) calculate(d [8]byte) {
+	// Check if the ping acked for was the bdp ping.
+	if bdpPing.data != d {
+		return
+	}
+	b.mu.Lock()
+	rttSample := time.Since(b.sentAt).Seconds()
+	if b.sampleCount < 10 {
+		// Bootstrap rtt with an average of first 10 rtt samples.
+		b.rtt += (rttSample - b.rtt) / float64(b.sampleCount)
+	} else {
+		// Heed to the recent past more.
+		b.rtt += (rttSample - b.rtt) * float64(alpha)
+	}
+	b.isSent = false
+	// The number of bytes accumulated so far in the sample is smaller
+	// than or equal to 1.5 times the real BDP on a saturated connection.
+	bwCurrent := float64(b.sample) / (b.rtt * float64(1.5))
+	if bwCurrent > b.bwMax {
+		b.bwMax = bwCurrent
+	}
+	// If the current sample (which is smaller than or equal to the 1.5 times the real BDP) is
+	// greater than or equal to 2/3rd our perceived bdp AND this is the maximum bandwidth seen so far, we
+	// should update our perception of the network BDP.
+	if float64(b.sample) >= beta*float64(b.bdp) && bwCurrent == b.bwMax && b.bdp != bdpLimit {
+		sampleFloat := float64(b.sample)
+		b.bdp = uint32(gamma * sampleFloat)
+		if b.bdp > bdpLimit {
+			b.bdp = bdpLimit
+		}
+		bdp := b.bdp
+		b.mu.Unlock()
+		b.updateFlowControl(bdp)
+		return
+	}
+	b.mu.Unlock()
+}
diff --git a/vendor/google.golang.org/grpc/transport/control.go b/vendor/google.golang.org/grpc/transport/control.go
index 8d29aee53d49..dd1a8d42e7e2 100644
--- a/vendor/google.golang.org/grpc/transport/control.go
+++ b/vendor/google.golang.org/grpc/transport/control.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2014, Google Inc.
- * All rights reserved.
+ * Copyright 2014 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -37,17 +22,18 @@ import (
 	"fmt"
 	"math"
 	"sync"
+	"sync/atomic"
 	"time"
 
 	"golang.org/x/net/http2"
+	"golang.org/x/net/http2/hpack"
 )
 
 const (
 	// The default value of flow control window size in HTTP2 spec.
 	defaultWindowSize = 65535
 	// The initial window size for flow control.
-	initialWindowSize             = defaultWindowSize      // for an RPC
-	initialConnWindowSize         = defaultWindowSize * 16 // for a connection
+	initialWindowSize             = defaultWindowSize // for an RPC
 	infinity                      = time.Duration(math.MaxInt64)
 	defaultClientKeepaliveTime    = infinity
 	defaultClientKeepaliveTimeout = time.Duration(20 * time.Second)
@@ -58,11 +44,43 @@ const (
 	defaultServerKeepaliveTime    = time.Duration(2 * time.Hour)
 	defaultServerKeepaliveTimeout = time.Duration(20 * time.Second)
 	defaultKeepalivePolicyMinTime = time.Duration(5 * time.Minute)
+	// max window limit set by HTTP2 Specs.
+	maxWindowSize = math.MaxInt32
+	// defaultLocalSendQuota sets is default value for number of data
+	// bytes that each stream can schedule before some of it being
+	// flushed out.
+	defaultLocalSendQuota = 64 * 1024
 )
 
 // The following defines various control items which could flow through
 // the control buffer of transport. They represent different aspects of
 // control tasks, e.g., flow control, settings, streaming resetting, etc.
+
+type headerFrame struct {
+	streamID  uint32
+	hf        []hpack.HeaderField
+	endStream bool
+}
+
+func (*headerFrame) item() {}
+
+type continuationFrame struct {
+	streamID            uint32
+	endHeaders          bool
+	headerBlockFragment []byte
+}
+
+type dataFrame struct {
+	streamID  uint32
+	endStream bool
+	d         []byte
+	f         func()
+}
+
+func (*dataFrame) item() {}
+
+func (*continuationFrame) item() {}
+
 type windowUpdate struct {
 	streamID  uint32
 	increment uint32
@@ -87,6 +105,8 @@ func (*resetStream) item() {}
 type goAway struct {
 	code      http2.ErrCode
 	debugData []byte
+	headsUp   bool
+	closeConn bool
 }
 
 func (*goAway) item() {}
@@ -108,8 +128,9 @@ func (*ping) item() {}
 type quotaPool struct {
 	c chan int
 
-	mu    sync.Mutex
-	quota int
+	mu      sync.Mutex
+	version uint32
+	quota   int
 }
 
 // newQuotaPool creates a quotaPool which has quota q available to consume.
@@ -130,6 +151,10 @@ func newQuotaPool(q int) *quotaPool {
 func (qb *quotaPool) add(v int) {
 	qb.mu.Lock()
 	defer qb.mu.Unlock()
+	qb.lockedAdd(v)
+}
+
+func (qb *quotaPool) lockedAdd(v int) {
 	select {
 	case n := <-qb.c:
 		qb.quota += n
@@ -150,6 +175,35 @@ func (qb *quotaPool) add(v int) {
 	}
 }
 
+func (qb *quotaPool) addAndUpdate(v int) {
+	qb.mu.Lock()
+	defer qb.mu.Unlock()
+	qb.lockedAdd(v)
+	// Update the version only after having added to the quota
+	// so that if acquireWithVesrion sees the new vesrion it is
+	// guaranteed to have seen the updated quota.
+	// Also, still keep this inside of the lock, so that when
+	// compareAndExecute is processing, this function doesn't
+	// get executed partially (quota gets updated but the version
+	// doesn't).
+	atomic.AddUint32(&(qb.version), 1)
+}
+
+func (qb *quotaPool) acquireWithVersion() (<-chan int, uint32) {
+	return qb.c, atomic.LoadUint32(&(qb.version))
+}
+
+func (qb *quotaPool) compareAndExecute(version uint32, success, failure func()) bool {
+	qb.mu.Lock()
+	defer qb.mu.Unlock()
+	if version == atomic.LoadUint32(&(qb.version)) {
+		success()
+		return true
+	}
+	failure()
+	return false
+}
+
 // acquire returns the channel on which available quota amounts are sent.
 func (qb *quotaPool) acquire() <-chan int {
 	return qb.c
@@ -157,16 +211,59 @@ func (qb *quotaPool) acquire() <-chan int {
 
 // inFlow deals with inbound flow control
 type inFlow struct {
+	mu sync.Mutex
 	// The inbound flow control limit for pending data.
 	limit uint32
-
-	mu sync.Mutex
 	// pendingData is the overall data which have been received but not been
 	// consumed by applications.
 	pendingData uint32
 	// The amount of data the application has consumed but grpc has not sent
 	// window update for them. Used to reduce window update frequency.
 	pendingUpdate uint32
+	// delta is the extra window update given by receiver when an application
+	// is reading data bigger in size than the inFlow limit.
+	delta uint32
+}
+
+// newLimit updates the inflow window to a new value n.
+// It assumes that n is always greater than the old limit.
+func (f *inFlow) newLimit(n uint32) uint32 {
+	f.mu.Lock()
+	defer f.mu.Unlock()
+	d := n - f.limit
+	f.limit = n
+	return d
+}
+
+func (f *inFlow) maybeAdjust(n uint32) uint32 {
+	if n > uint32(math.MaxInt32) {
+		n = uint32(math.MaxInt32)
+	}
+	f.mu.Lock()
+	defer f.mu.Unlock()
+	// estSenderQuota is the receiver's view of the maximum number of bytes the sender
+	// can send without a window update.
+	estSenderQuota := int32(f.limit - (f.pendingData + f.pendingUpdate))
+	// estUntransmittedData is the maximum number of bytes the sends might not have put
+	// on the wire yet. A value of 0 or less means that we have already received all or
+	// more bytes than the application is requesting to read.
+	estUntransmittedData := int32(n - f.pendingData) // Casting into int32 since it could be negative.
+	// This implies that unless we send a window update, the sender won't be able to send all the bytes
+	// for this message. Therefore we must send an update over the limit since there's an active read
+	// request from the application.
+	if estUntransmittedData > estSenderQuota {
+		// Sender's window shouldn't go more than 2^31 - 1 as speecified in the HTTP spec.
+		if f.limit+n > maxWindowSize {
+			f.delta = maxWindowSize - f.limit
+		} else {
+			// Send a window update for the whole message and not just the difference between
+			// estUntransmittedData and estSenderQuota. This will be helpful in case the message
+			// is padded; We will fallback on the current available window(at least a 1/4th of the limit).
+			f.delta = n
+		}
+		return f.delta
+	}
+	return 0
 }
 
 // onData is invoked when some data frame is received. It updates pendingData.
@@ -174,7 +271,7 @@ func (f *inFlow) onData(n uint32) error {
 	f.mu.Lock()
 	defer f.mu.Unlock()
 	f.pendingData += n
-	if f.pendingData+f.pendingUpdate > f.limit {
+	if f.pendingData+f.pendingUpdate > f.limit+f.delta {
 		return fmt.Errorf("received %d-bytes data exceeding the limit %d bytes", f.pendingData+f.pendingUpdate, f.limit)
 	}
 	return nil
@@ -189,6 +286,13 @@ func (f *inFlow) onRead(n uint32) uint32 {
 		return 0
 	}
 	f.pendingData -= n
+	if n > f.delta {
+		n -= f.delta
+		f.delta = 0
+	} else {
+		f.delta -= n
+		n = 0
+	}
 	f.pendingUpdate += n
 	if f.pendingUpdate >= f.limit/4 {
 		wu := f.pendingUpdate
@@ -198,10 +302,10 @@ func (f *inFlow) onRead(n uint32) uint32 {
 	return 0
 }
 
-func (f *inFlow) resetPendingData() uint32 {
+func (f *inFlow) resetPendingUpdate() uint32 {
 	f.mu.Lock()
 	defer f.mu.Unlock()
-	n := f.pendingData
-	f.pendingData = 0
+	n := f.pendingUpdate
+	f.pendingUpdate = 0
 	return n
 }
diff --git a/vendor/google.golang.org/grpc/transport/go16.go b/vendor/google.golang.org/grpc/transport/go16.go
deleted file mode 100644
index ee1c46bad575..000000000000
--- a/vendor/google.golang.org/grpc/transport/go16.go
+++ /dev/null
@@ -1,46 +0,0 @@
-// +build go1.6,!go1.7
-
-/*
- * Copyright 2016, Google Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
- *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-package transport
-
-import (
-	"net"
-
-	"golang.org/x/net/context"
-)
-
-// dialContext connects to the address on the named network.
-func dialContext(ctx context.Context, network, address string) (net.Conn, error) {
-	return (&net.Dialer{Cancel: ctx.Done()}).Dial(network, address)
-}
diff --git a/vendor/google.golang.org/grpc/transport/go17.go b/vendor/google.golang.org/grpc/transport/go17.go
deleted file mode 100644
index 356f13ff1972..000000000000
--- a/vendor/google.golang.org/grpc/transport/go17.go
+++ /dev/null
@@ -1,46 +0,0 @@
-// +build go1.7
-
-/*
- * Copyright 2016, Google Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
- *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-package transport
-
-import (
-	"net"
-
-	"golang.org/x/net/context"
-)
-
-// dialContext connects to the address on the named network.
-func dialContext(ctx context.Context, network, address string) (net.Conn, error) {
-	return (&net.Dialer{}).DialContext(ctx, network, address)
-}
diff --git a/vendor/google.golang.org/grpc/transport/handler_server.go b/vendor/google.golang.org/grpc/transport/handler_server.go
index 24f306babbb1..7e0fdb35938b 100644
--- a/vendor/google.golang.org/grpc/transport/handler_server.go
+++ b/vendor/google.golang.org/grpc/transport/handler_server.go
@@ -1,32 +1,18 @@
 /*
- * Copyright 2016, Google Inc.
- * All rights reserved.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Copyright 2016 gRPC authors.
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -47,6 +33,7 @@ import (
 	"sync"
 	"time"
 
+	"github.com/golang/protobuf/proto"
 	"golang.org/x/net/context"
 	"golang.org/x/net/http2"
 	"google.golang.org/grpc/codes"
@@ -102,15 +89,6 @@ func NewServerHandlerTransport(w http.ResponseWriter, r *http.Request) (ServerTr
 			continue
 		}
 		for _, v := range vv {
-			if k == "user-agent" {
-				// user-agent is special. Copying logic of http_util.go.
-				if i := strings.LastIndex(v, " "); i == -1 {
-					// There is no application user agent string being set
-					continue
-				} else {
-					v = v[:i]
-				}
-			}
 			v, err := decodeMetadataHeader(k, v)
 			if err != nil {
 				return nil, streamErrorf(codes.InvalidArgument, "malformed binary metadata: %v", err)
@@ -144,6 +122,10 @@ type serverHandlerTransport struct {
 	// ServeHTTP (HandleStreams) goroutine. The channel is closed
 	// when WriteStatus is called.
 	writes chan func()
+
+	// block concurrent WriteStatus calls
+	// e.g. grpc/(*serverStream).SendMsg/RecvMsg
+	writeStatusMu sync.Mutex
 }
 
 func (ht *serverHandlerTransport) Close() error {
@@ -179,15 +161,24 @@ func (a strAddr) String() string { return string(a) }
 
 // do runs fn in the ServeHTTP goroutine.
 func (ht *serverHandlerTransport) do(fn func()) error {
+	// Avoid a panic writing to closed channel. Imperfect but maybe good enough.
 	select {
-	case ht.writes <- fn:
-		return nil
 	case <-ht.closedCh:
 		return ErrConnClosing
+	default:
+		select {
+		case ht.writes <- fn:
+			return nil
+		case <-ht.closedCh:
+			return ErrConnClosing
+		}
 	}
 }
 
 func (ht *serverHandlerTransport) WriteStatus(s *Stream, st *status.Status) error {
+	ht.writeStatusMu.Lock()
+	defer ht.writeStatusMu.Unlock()
+
 	err := ht.do(func() {
 		ht.writeCommonHeaders(s)
 
@@ -202,7 +193,15 @@ func (ht *serverHandlerTransport) WriteStatus(s *Stream, st *status.Status) erro
 			h.Set("Grpc-Message", encodeGrpcMessage(m))
 		}
 
-		// TODO: Support Grpc-Status-Details-Bin
+		if p := st.Proto(); p != nil && len(p.Details) > 0 {
+			stBytes, err := proto.Marshal(p)
+			if err != nil {
+				// TODO: return error instead, when callers are able to handle it.
+				panic(err)
+			}
+
+			h.Set("Grpc-Status-Details-Bin", encodeBinHeader(stBytes))
+		}
 
 		if md := s.Trailer(); len(md) > 0 {
 			for k, vv := range md {
@@ -218,7 +217,11 @@ func (ht *serverHandlerTransport) WriteStatus(s *Stream, st *status.Status) erro
 			}
 		}
 	})
-	close(ht.writes)
+
+	if err == nil { // transport has not been closed
+		ht.Close()
+		close(ht.writes)
+	}
 	return err
 }
 
@@ -241,16 +244,17 @@ func (ht *serverHandlerTransport) writeCommonHeaders(s *Stream) {
 	// and https://golang.org/pkg/net/http/#example_ResponseWriter_trailers
 	h.Add("Trailer", "Grpc-Status")
 	h.Add("Trailer", "Grpc-Message")
-	// TODO: Support Grpc-Status-Details-Bin
+	h.Add("Trailer", "Grpc-Status-Details-Bin")
 
 	if s.sendCompress != "" {
 		h.Set("Grpc-Encoding", s.sendCompress)
 	}
 }
 
-func (ht *serverHandlerTransport) Write(s *Stream, data []byte, opts *Options) error {
+func (ht *serverHandlerTransport) Write(s *Stream, hdr []byte, data []byte, opts *Options) error {
 	return ht.do(func() {
 		ht.writeCommonHeaders(s)
+		ht.rw.Write(hdr)
 		ht.rw.Write(data)
 		if !opts.Delay {
 			ht.rw.(http.Flusher).Flush()
@@ -309,13 +313,13 @@ func (ht *serverHandlerTransport) HandleStreams(startStream func(*Stream), trace
 	req := ht.req
 
 	s := &Stream{
-		id:            0,            // irrelevant
-		windowHandler: func(int) {}, // nothing
-		cancel:        cancel,
-		buf:           newRecvBuffer(),
-		st:            ht,
-		method:        req.URL.Path,
-		recvCompress:  req.Header.Get("grpc-encoding"),
+		id:           0, // irrelevant
+		requestRead:  func(int) {},
+		cancel:       cancel,
+		buf:          newRecvBuffer(),
+		st:           ht,
+		method:       req.URL.Path,
+		recvCompress: req.Header.Get("grpc-encoding"),
 	}
 	pr := &peer.Peer{
 		Addr: ht.RemoteAddr(),
@@ -326,7 +330,10 @@ func (ht *serverHandlerTransport) HandleStreams(startStream func(*Stream), trace
 	ctx = metadata.NewIncomingContext(ctx, ht.headerMD)
 	ctx = peer.NewContext(ctx, pr)
 	s.ctx = newContextWithStream(ctx, s)
-	s.dec = &recvBufferReader{ctx: s.ctx, recv: s.buf}
+	s.trReader = &transportReader{
+		reader:        &recvBufferReader{ctx: s.ctx, recv: s.buf},
+		windowHandler: func(int) {},
+	}
 
 	// readerDone is closed when the Body.Read-ing goroutine exits.
 	readerDone := make(chan struct{})
@@ -338,11 +345,11 @@ func (ht *serverHandlerTransport) HandleStreams(startStream func(*Stream), trace
 		for buf := make([]byte, readSize); ; {
 			n, err := req.Body.Read(buf)
 			if n > 0 {
-				s.buf.put(&recvMsg{data: buf[:n:n]})
+				s.buf.put(recvMsg{data: buf[:n:n]})
 				buf = buf[n:]
 			}
 			if err != nil {
-				s.buf.put(&recvMsg{err: mapRecvMsgError(err)})
+				s.buf.put(recvMsg{err: mapRecvMsgError(err)})
 				return
 			}
 			if len(buf) == 0 {
diff --git a/vendor/google.golang.org/grpc/transport/http2_client.go b/vendor/google.golang.org/grpc/transport/http2_client.go
index 380fff665fbb..1abb62e6df4a 100644
--- a/vendor/google.golang.org/grpc/transport/http2_client.go
+++ b/vendor/google.golang.org/grpc/transport/http2_client.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2014, Google Inc.
- * All rights reserved.
+ * Copyright 2014 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -48,7 +33,6 @@ import (
 	"golang.org/x/net/http2/hpack"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/credentials"
-	"google.golang.org/grpc/grpclog"
 	"google.golang.org/grpc/keepalive"
 	"google.golang.org/grpc/metadata"
 	"google.golang.org/grpc/peer"
@@ -59,6 +43,7 @@ import (
 // http2Client implements the ClientTransport interface with HTTP2.
 type http2Client struct {
 	ctx        context.Context
+	cancel     context.CancelFunc
 	target     string // server name/addr
 	userAgent  string
 	md         interface{}
@@ -68,17 +53,6 @@ type http2Client struct {
 	authInfo   credentials.AuthInfo // auth info about the connection
 	nextID     uint32               // the next stream ID to be used
 
-	// writableChan synchronizes write access to the transport.
-	// A writer acquires the write lock by sending a value on writableChan
-	// and releases it by receiving from writableChan.
-	writableChan chan int
-	// shutdownChan is closed when Close is called.
-	// Blocking operations should select on shutdownChan to avoid
-	// blocking forever after Close.
-	// TODO(zhaoq): Maybe have a channel context?
-	shutdownChan chan struct{}
-	// errorChan is closed to notify the I/O error to the caller.
-	errorChan chan struct{}
 	// goAway is closed to notify the upper layer (i.e., addrConn.transportMonitor)
 	// that the server sent GoAway on this transport.
 	goAway chan struct{}
@@ -91,7 +65,7 @@ type http2Client struct {
 
 	// controlBuf delivers all the control related tasks (e.g., window
 	// updates, reset streams, and various settings) to the controller.
-	controlBuf *recvBuffer
+	controlBuf *controlBuffer
 	fc         *inFlow
 	// sendQuotaPool provides flow control to outbound message.
 	sendQuotaPool *quotaPool
@@ -101,6 +75,8 @@ type http2Client struct {
 	// The scheme used: https if TLS is on, http otherwise.
 	scheme string
 
+	isSecure bool
+
 	creds []credentials.PerRPCCredentials
 
 	// Boolean to keep track of reading activity on transport.
@@ -110,6 +86,11 @@ type http2Client struct {
 
 	statsHandler stats.Handler
 
+	initialWindowSize int32
+
+	bdpEst          *bdpEstimator
+	outQuotaVersion uint32
+
 	mu            sync.Mutex     // guard the following variables
 	state         transportState // the state of underlying connection
 	activeStreams map[uint32]*Stream
@@ -117,8 +98,6 @@ type http2Client struct {
 	maxStreams int
 	// the per-stream outbound flow control window size set by the peer.
 	streamSendQuota uint32
-	// goAwayID records the Last-Stream-ID in the GoAway frame from the server.
-	goAwayID uint32
 	// prevGoAway ID records the Last-Stream-ID in the previous GOAway frame.
 	prevGoAwayID uint32
 	// goAwayReason records the http2.ErrCode and debug data received with the
@@ -130,7 +109,7 @@ func dial(ctx context.Context, fn func(context.Context, string) (net.Conn, error
 	if fn != nil {
 		return fn(ctx, addr)
 	}
-	return dialContext(ctx, "tcp", addr)
+	return (&net.Dialer{}).DialContext(ctx, "tcp", addr)
 }
 
 func isTemporary(err error) bool {
@@ -164,14 +143,23 @@ func isTemporary(err error) bool {
 // newHTTP2Client constructs a connected ClientTransport to addr based on HTTP2
 // and starts to receive messages on it. Non-nil error returns if construction
 // fails.
-func newHTTP2Client(ctx context.Context, addr TargetInfo, opts ConnectOptions) (_ ClientTransport, err error) {
+func newHTTP2Client(ctx context.Context, addr TargetInfo, opts ConnectOptions, timeout time.Duration) (_ ClientTransport, err error) {
 	scheme := "http"
-	conn, err := dial(ctx, opts.Dialer, addr.Addr)
+	ctx, cancel := context.WithCancel(ctx)
+	connectCtx, connectCancel := context.WithTimeout(ctx, timeout)
+	defer func() {
+		connectCancel()
+		if err != nil {
+			cancel()
+		}
+	}()
+
+	conn, err := dial(connectCtx, opts.Dialer, addr.Addr)
 	if err != nil {
 		if opts.FailOnNonTempDialError {
-			return nil, connectionErrorf(isTemporary(err), err, "transport: %v", err)
+			return nil, connectionErrorf(isTemporary(err), err, "transport: error while dialing: %v", err)
 		}
-		return nil, connectionErrorf(true, err, "transport: %v", err)
+		return nil, connectionErrorf(true, err, "transport: Error while dialing %v", err)
 	}
 	// Any further errors will close the underlying connection
 	defer func(conn net.Conn) {
@@ -179,16 +167,20 @@ func newHTTP2Client(ctx context.Context, addr TargetInfo, opts ConnectOptions) (
 			conn.Close()
 		}
 	}(conn)
-	var authInfo credentials.AuthInfo
+	var (
+		isSecure bool
+		authInfo credentials.AuthInfo
+	)
 	if creds := opts.TransportCredentials; creds != nil {
 		scheme = "https"
-		conn, authInfo, err = creds.ClientHandshake(ctx, addr.Addr, conn)
+		conn, authInfo, err = creds.ClientHandshake(connectCtx, addr.Addr, conn)
 		if err != nil {
 			// Credentials handshake errors are typically considered permanent
 			// to avoid retrying on e.g. bad certificates.
 			temp := isTemporary(err)
-			return nil, connectionErrorf(temp, err, "transport: %v", err)
+			return nil, connectionErrorf(temp, err, "transport: authentication handshake failed: %v", err)
 		}
+		isSecure = true
 	}
 	kp := opts.KeepaliveParams
 	// Validate keepalive parameters.
@@ -198,9 +190,24 @@ func newHTTP2Client(ctx context.Context, addr TargetInfo, opts ConnectOptions) (
 	if kp.Timeout == 0 {
 		kp.Timeout = defaultClientKeepaliveTimeout
 	}
+	dynamicWindow := true
+	icwz := int32(initialWindowSize)
+	if opts.InitialConnWindowSize >= defaultWindowSize {
+		icwz = opts.InitialConnWindowSize
+		dynamicWindow = false
+	}
 	var buf bytes.Buffer
+	writeBufSize := defaultWriteBufSize
+	if opts.WriteBufferSize > 0 {
+		writeBufSize = opts.WriteBufferSize
+	}
+	readBufSize := defaultReadBufSize
+	if opts.ReadBufferSize > 0 {
+		readBufSize = opts.ReadBufferSize
+	}
 	t := &http2Client{
 		ctx:        ctx,
+		cancel:     cancel,
 		target:     addr.Addr,
 		userAgent:  opts.UserAgent,
 		md:         addr.Metadata,
@@ -209,27 +216,36 @@ func newHTTP2Client(ctx context.Context, addr TargetInfo, opts ConnectOptions) (
 		localAddr:  conn.LocalAddr(),
 		authInfo:   authInfo,
 		// The client initiated stream id is odd starting from 1.
-		nextID:          1,
-		writableChan:    make(chan int, 1),
-		shutdownChan:    make(chan struct{}),
-		errorChan:       make(chan struct{}),
-		goAway:          make(chan struct{}),
-		awakenKeepalive: make(chan struct{}, 1),
-		framer:          newFramer(conn),
-		hBuf:            &buf,
-		hEnc:            hpack.NewEncoder(&buf),
-		controlBuf:      newRecvBuffer(),
-		fc:              &inFlow{limit: initialConnWindowSize},
-		sendQuotaPool:   newQuotaPool(defaultWindowSize),
-		scheme:          scheme,
-		state:           reachable,
-		activeStreams:   make(map[uint32]*Stream),
-		creds:           opts.PerRPCCredentials,
-		maxStreams:      defaultMaxStreamsClient,
-		streamsQuota:    newQuotaPool(defaultMaxStreamsClient),
-		streamSendQuota: defaultWindowSize,
-		kp:              kp,
-		statsHandler:    opts.StatsHandler,
+		nextID:            1,
+		goAway:            make(chan struct{}),
+		awakenKeepalive:   make(chan struct{}, 1),
+		hBuf:              &buf,
+		hEnc:              hpack.NewEncoder(&buf),
+		framer:            newFramer(conn, writeBufSize, readBufSize),
+		controlBuf:        newControlBuffer(),
+		fc:                &inFlow{limit: uint32(icwz)},
+		sendQuotaPool:     newQuotaPool(defaultWindowSize),
+		scheme:            scheme,
+		state:             reachable,
+		activeStreams:     make(map[uint32]*Stream),
+		isSecure:          isSecure,
+		creds:             opts.PerRPCCredentials,
+		maxStreams:        defaultMaxStreamsClient,
+		streamsQuota:      newQuotaPool(defaultMaxStreamsClient),
+		streamSendQuota:   defaultWindowSize,
+		kp:                kp,
+		statsHandler:      opts.StatsHandler,
+		initialWindowSize: initialWindowSize,
+	}
+	if opts.InitialWindowSize >= defaultWindowSize {
+		t.initialWindowSize = opts.InitialWindowSize
+		dynamicWindow = false
+	}
+	if dynamicWindow {
+		t.bdpEst = &bdpEstimator{
+			bdp:               initialWindowSize,
+			updateFlowControl: t.updateFlowControl,
+		}
 	}
 	// Make sure awakenKeepalive can't be written upon.
 	// keepalive routine will make it writable, if need be.
@@ -252,65 +268,75 @@ func newHTTP2Client(ctx context.Context, addr TargetInfo, opts ConnectOptions) (
 	n, err := t.conn.Write(clientPreface)
 	if err != nil {
 		t.Close()
-		return nil, connectionErrorf(true, err, "transport: %v", err)
+		return nil, connectionErrorf(true, err, "transport: failed to write client preface: %v", err)
 	}
 	if n != len(clientPreface) {
 		t.Close()
 		return nil, connectionErrorf(true, err, "transport: preface mismatch, wrote %d bytes; want %d", n, len(clientPreface))
 	}
-	if initialWindowSize != defaultWindowSize {
-		err = t.framer.writeSettings(true, http2.Setting{
+	if t.initialWindowSize != defaultWindowSize {
+		err = t.framer.fr.WriteSettings(http2.Setting{
 			ID:  http2.SettingInitialWindowSize,
-			Val: uint32(initialWindowSize),
+			Val: uint32(t.initialWindowSize),
 		})
 	} else {
-		err = t.framer.writeSettings(true)
+		err = t.framer.fr.WriteSettings()
 	}
 	if err != nil {
 		t.Close()
-		return nil, connectionErrorf(true, err, "transport: %v", err)
+		return nil, connectionErrorf(true, err, "transport: failed to write initial settings frame: %v", err)
 	}
 	// Adjust the connection flow control window if needed.
-	if delta := uint32(initialConnWindowSize - defaultWindowSize); delta > 0 {
-		if err := t.framer.writeWindowUpdate(true, 0, delta); err != nil {
+	if delta := uint32(icwz - defaultWindowSize); delta > 0 {
+		if err := t.framer.fr.WriteWindowUpdate(0, delta); err != nil {
 			t.Close()
-			return nil, connectionErrorf(true, err, "transport: %v", err)
+			return nil, connectionErrorf(true, err, "transport: failed to write window update: %v", err)
 		}
 	}
-	go t.controller()
+	t.framer.writer.Flush()
+	go func() {
+		loopyWriter(t.ctx, t.controlBuf, t.itemHandler)
+		t.Close()
+	}()
 	if t.kp.Time != infinity {
 		go t.keepalive()
 	}
-	t.writableChan <- 0
 	return t, nil
 }
 
 func (t *http2Client) newStream(ctx context.Context, callHdr *CallHdr) *Stream {
 	// TODO(zhaoq): Handle uint32 overflow of Stream.id.
 	s := &Stream{
-		id:            t.nextID,
-		done:          make(chan struct{}),
-		goAway:        make(chan struct{}),
-		method:        callHdr.Method,
-		sendCompress:  callHdr.SendCompress,
-		buf:           newRecvBuffer(),
-		fc:            &inFlow{limit: initialWindowSize},
-		sendQuotaPool: newQuotaPool(int(t.streamSendQuota)),
-		headerChan:    make(chan struct{}),
+		id:             t.nextID,
+		done:           make(chan struct{}),
+		goAway:         make(chan struct{}),
+		method:         callHdr.Method,
+		sendCompress:   callHdr.SendCompress,
+		buf:            newRecvBuffer(),
+		fc:             &inFlow{limit: uint32(t.initialWindowSize)},
+		sendQuotaPool:  newQuotaPool(int(t.streamSendQuota)),
+		localSendQuota: newQuotaPool(defaultLocalSendQuota),
+		headerChan:     make(chan struct{}),
 	}
 	t.nextID += 2
-	s.windowHandler = func(n int) {
-		t.updateWindow(s, uint32(n))
+	s.requestRead = func(n int) {
+		t.adjustWindow(s, uint32(n))
 	}
 	// The client side stream context should have exactly the same life cycle with the user provided context.
 	// That means, s.ctx should be read-only. And s.ctx is done iff ctx is done.
 	// So we use the original context here instead of creating a copy.
 	s.ctx = ctx
-	s.dec = &recvBufferReader{
-		ctx:    s.ctx,
-		goAway: s.goAway,
-		recv:   s.buf,
+	s.trReader = &transportReader{
+		reader: &recvBufferReader{
+			ctx:    s.ctx,
+			goAway: s.goAway,
+			recv:   s.buf,
+		},
+		windowHandler: func(n int) {
+			t.updateWindow(s, uint32(n))
+		},
 	}
+
 	return s
 }
 
@@ -324,31 +350,51 @@ func (t *http2Client) NewStream(ctx context.Context, callHdr *CallHdr) (_ *Strea
 	if t.authInfo != nil {
 		pr.AuthInfo = t.authInfo
 	}
-	userCtx := ctx
 	ctx = peer.NewContext(ctx, pr)
-	authData := make(map[string]string)
-	for _, c := range t.creds {
+	var (
+		authData = make(map[string]string)
+		audience string
+	)
+	// Create an audience string only if needed.
+	if len(t.creds) > 0 || callHdr.Creds != nil {
 		// Construct URI required to get auth request metadata.
-		var port string
-		if pos := strings.LastIndex(t.target, ":"); pos != -1 {
-			// Omit port if it is the default one.
-			if t.target[pos+1:] != "443" {
-				port = ":" + t.target[pos+1:]
-			}
-		}
+		// Omit port if it is the default one.
+		host := strings.TrimSuffix(callHdr.Host, ":443")
 		pos := strings.LastIndex(callHdr.Method, "/")
 		if pos == -1 {
-			return nil, streamErrorf(codes.InvalidArgument, "transport: malformed method name: %q", callHdr.Method)
+			pos = len(callHdr.Method)
 		}
-		audience := "https://" + callHdr.Host + port + callHdr.Method[:pos]
+		audience = "https://" + host + callHdr.Method[:pos]
+	}
+	for _, c := range t.creds {
 		data, err := c.GetRequestMetadata(ctx, audience)
 		if err != nil {
-			return nil, streamErrorf(codes.InvalidArgument, "transport: %v", err)
+			return nil, streamErrorf(codes.Internal, "transport: %v", err)
 		}
 		for k, v := range data {
+			// Capital header names are illegal in HTTP/2.
+			k = strings.ToLower(k)
 			authData[k] = v
 		}
 	}
+	callAuthData := map[string]string{}
+	// Check if credentials.PerRPCCredentials were provided via call options.
+	// Note: if these credentials are provided both via dial options and call
+	// options, then both sets of credentials will be applied.
+	if callCreds := callHdr.Creds; callCreds != nil {
+		if !t.isSecure && callCreds.RequireTransportSecurity() {
+			return nil, streamErrorf(codes.Unauthenticated, "transport: cannot send secure credentials on an insecure connection")
+		}
+		data, err := callCreds.GetRequestMetadata(ctx, audience)
+		if err != nil {
+			return nil, streamErrorf(codes.Internal, "transport: %v", err)
+		}
+		for k, v := range data {
+			// Capital header names are illegal in HTTP/2
+			k = strings.ToLower(k)
+			callAuthData[k] = v
+		}
+	}
 	t.mu.Lock()
 	if t.activeStreams == nil {
 		t.mu.Unlock()
@@ -363,7 +409,7 @@ func (t *http2Client) NewStream(ctx context.Context, callHdr *CallHdr) (_ *Strea
 		return nil, ErrConnClosing
 	}
 	t.mu.Unlock()
-	sq, err := wait(ctx, nil, nil, t.shutdownChan, t.streamsQuota.acquire())
+	sq, err := wait(ctx, t.ctx, nil, nil, t.streamsQuota.acquire())
 	if err != nil {
 		return nil, err
 	}
@@ -371,79 +417,49 @@ func (t *http2Client) NewStream(ctx context.Context, callHdr *CallHdr) (_ *Strea
 	if sq > 1 {
 		t.streamsQuota.add(sq - 1)
 	}
-	if _, err := wait(ctx, nil, nil, t.shutdownChan, t.writableChan); err != nil {
-		// Return the quota back now because there is no stream returned to the caller.
-		if _, ok := err.(StreamError); ok {
-			t.streamsQuota.add(1)
-		}
-		return nil, err
-	}
-	t.mu.Lock()
-	if t.state == draining {
-		t.mu.Unlock()
-		t.streamsQuota.add(1)
-		// Need to make t writable again so that the rpc in flight can still proceed.
-		t.writableChan <- 0
-		return nil, ErrStreamDrain
-	}
-	if t.state != reachable {
-		t.mu.Unlock()
-		return nil, ErrConnClosing
-	}
-	s := t.newStream(ctx, callHdr)
-	s.clientStatsCtx = userCtx
-	t.activeStreams[s.id] = s
-	// If the number of active streams change from 0 to 1, then check if keepalive
-	// has gone dormant. If so, wake it up.
-	if len(t.activeStreams) == 1 {
-		select {
-		case t.awakenKeepalive <- struct{}{}:
-			t.framer.writePing(false, false, [8]byte{})
-		default:
-		}
-	}
-
-	t.mu.Unlock()
-
-	// HPACK encodes various headers. Note that once WriteField(...) is
-	// called, the corresponding headers/continuation frame has to be sent
-	// because hpack.Encoder is stateful.
-	t.hBuf.Reset()
-	t.hEnc.WriteField(hpack.HeaderField{Name: ":method", Value: "POST"})
-	t.hEnc.WriteField(hpack.HeaderField{Name: ":scheme", Value: t.scheme})
-	t.hEnc.WriteField(hpack.HeaderField{Name: ":path", Value: callHdr.Method})
-	t.hEnc.WriteField(hpack.HeaderField{Name: ":authority", Value: callHdr.Host})
-	t.hEnc.WriteField(hpack.HeaderField{Name: "content-type", Value: "application/grpc"})
-	t.hEnc.WriteField(hpack.HeaderField{Name: "user-agent", Value: t.userAgent})
-	t.hEnc.WriteField(hpack.HeaderField{Name: "te", Value: "trailers"})
+	// TODO(mmukhi): Benchmark if the perfomance gets better if count the metadata and other header fields
+	// first and create a slice of that exact size.
+	// Make the slice of certain predictable size to reduce allocations made by append.
+	hfLen := 7 // :method, :scheme, :path, :authority, content-type, user-agent, te
+	hfLen += len(authData) + len(callAuthData)
+	headerFields := make([]hpack.HeaderField, 0, hfLen)
+	headerFields = append(headerFields, hpack.HeaderField{Name: ":method", Value: "POST"})
+	headerFields = append(headerFields, hpack.HeaderField{Name: ":scheme", Value: t.scheme})
+	headerFields = append(headerFields, hpack.HeaderField{Name: ":path", Value: callHdr.Method})
+	headerFields = append(headerFields, hpack.HeaderField{Name: ":authority", Value: callHdr.Host})
+	headerFields = append(headerFields, hpack.HeaderField{Name: "content-type", Value: "application/grpc"})
+	headerFields = append(headerFields, hpack.HeaderField{Name: "user-agent", Value: t.userAgent})
+	headerFields = append(headerFields, hpack.HeaderField{Name: "te", Value: "trailers"})
 
 	if callHdr.SendCompress != "" {
-		t.hEnc.WriteField(hpack.HeaderField{Name: "grpc-encoding", Value: callHdr.SendCompress})
+		headerFields = append(headerFields, hpack.HeaderField{Name: "grpc-encoding", Value: callHdr.SendCompress})
 	}
 	if dl, ok := ctx.Deadline(); ok {
 		// Send out timeout regardless its value. The server can detect timeout context by itself.
+		// TODO(mmukhi): Perhaps this field should be updated when actually writing out to the wire.
 		timeout := dl.Sub(time.Now())
-		t.hEnc.WriteField(hpack.HeaderField{Name: "grpc-timeout", Value: encodeTimeout(timeout)})
+		headerFields = append(headerFields, hpack.HeaderField{Name: "grpc-timeout", Value: encodeTimeout(timeout)})
 	}
-
 	for k, v := range authData {
-		// Capital header names are illegal in HTTP/2.
-		k = strings.ToLower(k)
-		t.hEnc.WriteField(hpack.HeaderField{Name: k, Value: v})
+		headerFields = append(headerFields, hpack.HeaderField{Name: k, Value: encodeMetadataHeader(k, v)})
+	}
+	for k, v := range callAuthData {
+		headerFields = append(headerFields, hpack.HeaderField{Name: k, Value: encodeMetadataHeader(k, v)})
+	}
+	if b := stats.OutgoingTags(ctx); b != nil {
+		headerFields = append(headerFields, hpack.HeaderField{Name: "grpc-tags-bin", Value: encodeBinHeader(b)})
+	}
+	if b := stats.OutgoingTrace(ctx); b != nil {
+		headerFields = append(headerFields, hpack.HeaderField{Name: "grpc-trace-bin", Value: encodeBinHeader(b)})
 	}
-	var (
-		hasMD      bool
-		endHeaders bool
-	)
 	if md, ok := metadata.FromOutgoingContext(ctx); ok {
-		hasMD = true
 		for k, vv := range md {
 			// HTTP doesn't allow you to set pseudoheaders after non pseudoheaders were set.
 			if isReservedHeader(k) {
 				continue
 			}
 			for _, v := range vv {
-				t.hEnc.WriteField(hpack.HeaderField{Name: k, Value: encodeMetadataHeader(k, v)})
+				headerFields = append(headerFields, hpack.HeaderField{Name: k, Value: encodeMetadataHeader(k, v)})
 			}
 		}
 	}
@@ -453,60 +469,56 @@ func (t *http2Client) NewStream(ctx context.Context, callHdr *CallHdr) (_ *Strea
 				continue
 			}
 			for _, v := range vv {
-				t.hEnc.WriteField(hpack.HeaderField{Name: k, Value: encodeMetadataHeader(k, v)})
+				headerFields = append(headerFields, hpack.HeaderField{Name: k, Value: encodeMetadataHeader(k, v)})
 			}
 		}
 	}
-	first := true
-	bufLen := t.hBuf.Len()
-	// Sends the headers in a single batch even when they span multiple frames.
-	for !endHeaders {
-		size := t.hBuf.Len()
-		if size > http2MaxFrameLen {
-			size = http2MaxFrameLen
-		} else {
-			endHeaders = true
-		}
-		var flush bool
-		if endHeaders && (hasMD || callHdr.Flush) {
-			flush = true
-		}
-		if first {
-			// Sends a HeadersFrame to server to start a new stream.
-			p := http2.HeadersFrameParam{
-				StreamID:      s.id,
-				BlockFragment: t.hBuf.Next(size),
-				EndStream:     false,
-				EndHeaders:    endHeaders,
-			}
-			// Do a force flush for the buffered frames iff it is the last headers frame
-			// and there is header metadata to be sent. Otherwise, there is flushing until
-			// the corresponding data frame is written.
-			err = t.framer.writeHeaders(flush, p)
-			first = false
-		} else {
-			// Sends Continuation frames for the leftover headers.
-			err = t.framer.writeContinuation(flush, s.id, endHeaders, t.hBuf.Next(size))
-		}
-		if err != nil {
-			t.notifyError(err)
-			return nil, connectionErrorf(true, err, "transport: %v", err)
+	t.mu.Lock()
+	if t.state == draining {
+		t.mu.Unlock()
+		t.streamsQuota.add(1)
+		return nil, ErrStreamDrain
+	}
+	if t.state != reachable {
+		t.mu.Unlock()
+		return nil, ErrConnClosing
+	}
+	s := t.newStream(ctx, callHdr)
+	t.activeStreams[s.id] = s
+	// If the number of active streams change from 0 to 1, then check if keepalive
+	// has gone dormant. If so, wake it up.
+	if len(t.activeStreams) == 1 {
+		select {
+		case t.awakenKeepalive <- struct{}{}:
+			t.controlBuf.put(&ping{data: [8]byte{}})
+			// Fill the awakenKeepalive channel again as this channel must be
+			// kept non-writable except at the point that the keepalive()
+			// goroutine is waiting either to be awaken or shutdown.
+			t.awakenKeepalive <- struct{}{}
+		default:
 		}
 	}
+	t.controlBuf.put(&headerFrame{
+		streamID:  s.id,
+		hf:        headerFields,
+		endStream: false,
+	})
+	t.mu.Unlock()
+
+	s.mu.Lock()
 	s.bytesSent = true
+	s.mu.Unlock()
 
 	if t.statsHandler != nil {
 		outHeader := &stats.OutHeader{
 			Client:      true,
-			WireLength:  bufLen,
 			FullMethod:  callHdr.Method,
 			RemoteAddr:  t.remoteAddr,
 			LocalAddr:   t.localAddr,
 			Compression: callHdr.SendCompress,
 		}
-		t.statsHandler.HandleRPC(s.clientStatsCtx, outHeader)
+		t.statsHandler.HandleRPC(s.ctx, outHeader)
 	}
-	t.writableChan <- 0
 	return s, nil
 }
 
@@ -518,6 +530,10 @@ func (t *http2Client) CloseStream(s *Stream, err error) {
 		t.mu.Unlock()
 		return
 	}
+	if err != nil {
+		// notify in-flight streams, before the deletion
+		s.write(recvMsg{err: err})
+	}
 	delete(t.activeStreams, s.id)
 	if t.state == draining && len(t.activeStreams) == 0 {
 		// The transport is draining and s is the last live stream on t.
@@ -547,11 +563,6 @@ func (t *http2Client) CloseStream(s *Stream, err error) {
 	s.mu.Lock()
 	rstStream = s.rstStream
 	rstError = s.rstError
-	if q := s.fc.resetPendingData(); q > 0 {
-		if n := t.fc.onRead(q); n > 0 {
-			t.controlBuf.put(&windowUpdate{0, n})
-		}
-	}
 	if s.state == streamDone {
 		s.mu.Unlock()
 		return
@@ -577,12 +588,9 @@ func (t *http2Client) Close() (err error) {
 		t.mu.Unlock()
 		return
 	}
-	if t.state == reachable || t.state == draining {
-		close(t.errorChan)
-	}
 	t.state = closing
 	t.mu.Unlock()
-	close(t.shutdownChan)
+	t.cancel()
 	err = t.conn.Close()
 	t.mu.Lock()
 	streams := t.activeStreams
@@ -604,41 +612,18 @@ func (t *http2Client) Close() (err error) {
 		}
 		t.statsHandler.HandleConn(t.ctx, connEnd)
 	}
-	return
+	return err
 }
 
+// GracefulClose sets the state to draining, which prevents new streams from
+// being created and causes the transport to be closed when the last active
+// stream is closed.  If there are no active streams, the transport is closed
+// immediately.  This does nothing if the transport is already draining or
+// closing.
 func (t *http2Client) GracefulClose() error {
 	t.mu.Lock()
 	switch t.state {
-	case unreachable:
-		// The server may close the connection concurrently. t is not available for
-		// any streams. Close it now.
-		t.mu.Unlock()
-		t.Close()
-		return nil
-	case closing:
-		t.mu.Unlock()
-		return nil
-	}
-	// Notify the streams which were initiated after the server sent GOAWAY.
-	select {
-	case <-t.goAway:
-		n := t.prevGoAwayID
-		if n == 0 && t.nextID > 1 {
-			n = t.nextID - 2
-		}
-		m := t.goAwayID + 2
-		if m == 2 {
-			m = 1
-		}
-		for i := m; i <= n; i += 2 {
-			if s, ok := t.activeStreams[i]; ok {
-				close(s.goAway)
-			}
-		}
-	default:
-	}
-	if t.state == draining {
+	case closing, draining:
 		t.mu.Unlock()
 		return nil
 	}
@@ -653,21 +638,38 @@ func (t *http2Client) GracefulClose() error {
 
 // Write formats the data into HTTP2 data frame(s) and sends it out. The caller
 // should proceed only if Write returns nil.
-// TODO(zhaoq): opts.Delay is ignored in this implementation. Support it later
-// if it improves the performance.
-func (t *http2Client) Write(s *Stream, data []byte, opts *Options) error {
-	r := bytes.NewBuffer(data)
-	for {
-		var p []byte
-		if r.Len() > 0 {
+func (t *http2Client) Write(s *Stream, hdr []byte, data []byte, opts *Options) error {
+	select {
+	case <-s.ctx.Done():
+		return ContextErr(s.ctx.Err())
+	case <-t.ctx.Done():
+		return ErrConnClosing
+	default:
+	}
+
+	if hdr == nil && data == nil && opts.Last {
+		// stream.CloseSend uses this to send an empty frame with endStream=True
+		t.controlBuf.put(&dataFrame{streamID: s.id, endStream: true, f: func() {}})
+		return nil
+	}
+	// Add data to header frame so that we can equally distribute data across frames.
+	emptyLen := http2MaxFrameLen - len(hdr)
+	if emptyLen > len(data) {
+		emptyLen = len(data)
+	}
+	hdr = append(hdr, data[:emptyLen]...)
+	data = data[emptyLen:]
+	for idx, r := range [][]byte{hdr, data} {
+		for len(r) > 0 {
 			size := http2MaxFrameLen
 			// Wait until the stream has some quota to send the data.
-			sq, err := wait(s.ctx, s.done, s.goAway, t.shutdownChan, s.sendQuotaPool.acquire())
+			quotaChan, quotaVer := s.sendQuotaPool.acquireWithVersion()
+			sq, err := wait(s.ctx, t.ctx, s.done, s.goAway, quotaChan)
 			if err != nil {
 				return err
 			}
 			// Wait until the transport has some quota to send the data.
-			tq, err := wait(s.ctx, s.done, s.goAway, t.shutdownChan, t.sendQuotaPool.acquire())
+			tq, err := wait(s.ctx, t.ctx, s.done, s.goAway, t.sendQuotaPool.acquire())
 			if err != nil {
 				return err
 			}
@@ -677,69 +679,51 @@ func (t *http2Client) Write(s *Stream, data []byte, opts *Options) error {
 			if tq < size {
 				size = tq
 			}
-			p = r.Next(size)
-			ps := len(p)
-			if ps < sq {
-				// Overbooked stream quota. Return it back.
-				s.sendQuotaPool.add(sq - ps)
+			if size > len(r) {
+				size = len(r)
 			}
+			p := r[:size]
+			ps := len(p)
 			if ps < tq {
 				// Overbooked transport quota. Return it back.
 				t.sendQuotaPool.add(tq - ps)
 			}
-		}
-		var (
-			endStream  bool
-			forceFlush bool
-		)
-		if opts.Last && r.Len() == 0 {
-			endStream = true
-		}
-		// Indicate there is a writer who is about to write a data frame.
-		t.framer.adjustNumWriters(1)
-		// Got some quota. Try to acquire writing privilege on the transport.
-		if _, err := wait(s.ctx, s.done, s.goAway, t.shutdownChan, t.writableChan); err != nil {
-			if _, ok := err.(StreamError); ok || err == io.EOF {
-				// Return the connection quota back.
-				t.sendQuotaPool.add(len(p))
+			// Acquire local send quota to be able to write to the controlBuf.
+			ltq, err := wait(s.ctx, t.ctx, s.done, s.goAway, s.localSendQuota.acquire())
+			if err != nil {
+				if _, ok := err.(ConnectionError); !ok {
+					t.sendQuotaPool.add(ps)
+				}
+				return err
 			}
-			if t.framer.adjustNumWriters(-1) == 0 {
-				// This writer is the last one in this batch and has the
-				// responsibility to flush the buffered frames. It queues
-				// a flush request to controlBuf instead of flushing directly
-				// in order to avoid the race with other writing or flushing.
-				t.controlBuf.put(&flushIO{})
+			s.localSendQuota.add(ltq - ps) // It's ok if we make it negative.
+			var endStream bool
+			// See if this is the last frame to be written.
+			if opts.Last {
+				if len(r)-size == 0 { // No more data in r after this iteration.
+					if idx == 0 { // We're writing data header.
+						if len(data) == 0 { // There's no data to follow.
+							endStream = true
+						}
+					} else { // We're writing data.
+						endStream = true
+					}
+				}
 			}
-			return err
-		}
-		select {
-		case <-s.ctx.Done():
-			t.sendQuotaPool.add(len(p))
-			if t.framer.adjustNumWriters(-1) == 0 {
-				t.controlBuf.put(&flushIO{})
+			success := func() {
+				t.controlBuf.put(&dataFrame{streamID: s.id, endStream: endStream, d: p, f: func() { s.localSendQuota.add(ps) }})
+				if ps < sq {
+					s.sendQuotaPool.lockedAdd(sq - ps)
+				}
+				r = r[ps:]
+			}
+			failure := func() {
+				s.sendQuotaPool.lockedAdd(sq)
+			}
+			if !s.sendQuotaPool.compareAndExecute(quotaVer, success, failure) {
+				t.sendQuotaPool.add(ps)
+				s.localSendQuota.add(ps)
 			}
-			t.writableChan <- 0
-			return ContextErr(s.ctx.Err())
-		default:
-		}
-		if r.Len() == 0 && t.framer.adjustNumWriters(0) == 1 {
-			// Do a force flush iff this is last frame for the entire gRPC message
-			// and the caller is the only writer at this moment.
-			forceFlush = true
-		}
-		// If WriteData fails, all the pending streams will be handled
-		// by http2Client.Close(). No explicit CloseStream() needs to be
-		// invoked.
-		if err := t.framer.writeData(forceFlush, s.id, endStream, p); err != nil {
-			t.notifyError(err)
-			return connectionErrorf(true, err, "transport: %v", err)
-		}
-		if t.framer.adjustNumWriters(-1) == 0 {
-			t.framer.flushWrite()
-		}
-		t.writableChan <- 0
-		if r.Len() == 0 {
-			break
 		}
 	}
 	if !opts.Last {
@@ -760,6 +744,24 @@ func (t *http2Client) getStream(f http2.Frame) (*Stream, bool) {
 	return s, ok
 }
 
+// adjustWindow sends out extra window update over the initial window size
+// of stream if the application is requesting data larger in size than
+// the window.
+func (t *http2Client) adjustWindow(s *Stream, n uint32) {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	if s.state == streamDone {
+		return
+	}
+	if w := s.fc.maybeAdjust(n); w > 0 {
+		// Piggyback connection's window update along.
+		if cw := t.fc.resetPendingUpdate(); cw > 0 {
+			t.controlBuf.put(&windowUpdate{0, cw})
+		}
+		t.controlBuf.put(&windowUpdate{s.id, w})
+	}
+}
+
 // updateWindow adjusts the inbound quota for the stream and the transport.
 // Window updates will deliver to the controller for sending when
 // the cumulative quota exceeds the corresponding threshold.
@@ -769,41 +771,76 @@ func (t *http2Client) updateWindow(s *Stream, n uint32) {
 	if s.state == streamDone {
 		return
 	}
-	if w := t.fc.onRead(n); w > 0 {
-		t.controlBuf.put(&windowUpdate{0, w})
-	}
 	if w := s.fc.onRead(n); w > 0 {
+		if cw := t.fc.resetPendingUpdate(); cw > 0 {
+			t.controlBuf.put(&windowUpdate{0, cw})
+		}
 		t.controlBuf.put(&windowUpdate{s.id, w})
 	}
 }
 
+// updateFlowControl updates the incoming flow control windows
+// for the transport and the stream based on the current bdp
+// estimation.
+func (t *http2Client) updateFlowControl(n uint32) {
+	t.mu.Lock()
+	for _, s := range t.activeStreams {
+		s.fc.newLimit(n)
+	}
+	t.initialWindowSize = int32(n)
+	t.mu.Unlock()
+	t.controlBuf.put(&windowUpdate{0, t.fc.newLimit(n)})
+	t.controlBuf.put(&settings{
+		ack: false,
+		ss: []http2.Setting{
+			{
+				ID:  http2.SettingInitialWindowSize,
+				Val: uint32(n),
+			},
+		},
+	})
+}
+
 func (t *http2Client) handleData(f *http2.DataFrame) {
 	size := f.Header().Length
-	if err := t.fc.onData(uint32(size)); err != nil {
-		t.notifyError(connectionErrorf(true, err, "%v", err))
-		return
+	var sendBDPPing bool
+	if t.bdpEst != nil {
+		sendBDPPing = t.bdpEst.add(uint32(size))
+	}
+	// Decouple connection's flow control from application's read.
+	// An update on connection's flow control should not depend on
+	// whether user application has read the data or not. Such a
+	// restriction is already imposed on the stream's flow control,
+	// and therefore the sender will be blocked anyways.
+	// Decoupling the connection flow control will prevent other
+	// active(fast) streams from starving in presence of slow or
+	// inactive streams.
+	//
+	// Furthermore, if a bdpPing is being sent out we can piggyback
+	// connection's window update for the bytes we just received.
+	if sendBDPPing {
+		if size != 0 { // Could've been an empty data frame.
+			t.controlBuf.put(&windowUpdate{0, uint32(size)})
+		}
+		t.controlBuf.put(bdpPing)
+	} else {
+		if err := t.fc.onData(uint32(size)); err != nil {
+			t.Close()
+			return
+		}
+		if w := t.fc.onRead(uint32(size)); w > 0 {
+			t.controlBuf.put(&windowUpdate{0, w})
+		}
 	}
 	// Select the right stream to dispatch.
 	s, ok := t.getStream(f)
 	if !ok {
-		if w := t.fc.onRead(uint32(size)); w > 0 {
-			t.controlBuf.put(&windowUpdate{0, w})
-		}
 		return
 	}
 	if size > 0 {
-		if f.Header().Flags.Has(http2.FlagDataPadded) {
-			if w := t.fc.onRead(uint32(size) - uint32(len(f.Data()))); w > 0 {
-				t.controlBuf.put(&windowUpdate{0, w})
-			}
-		}
 		s.mu.Lock()
 		if s.state == streamDone {
 			s.mu.Unlock()
-			// The stream has been closed. Release the corresponding quota.
-			if w := t.fc.onRead(uint32(size)); w > 0 {
-				t.controlBuf.put(&windowUpdate{0, w})
-			}
 			return
 		}
 		if err := s.fc.onData(uint32(size)); err != nil {
@@ -859,10 +896,10 @@ func (t *http2Client) handleRSTStream(f *http2.RSTStreamFrame) {
 	}
 	statusCode, ok := http2ErrConvTab[http2.ErrCode(f.ErrCode)]
 	if !ok {
-		grpclog.Println("transport: http2Client.handleRSTStream found no mapped gRPC status for the received http2 error ", f.ErrCode)
+		warningf("transport: http2Client.handleRSTStream found no mapped gRPC status for the received http2 error %v", f.ErrCode)
 		statusCode = codes.Unknown
 	}
-	s.finish(status.Newf(statusCode, "stream terminated by RST_STREAM with error code: %d", f.ErrCode))
+	s.finish(status.Newf(statusCode, "stream terminated by RST_STREAM with error code: %v", f.ErrCode))
 	s.mu.Unlock()
 	s.write(recvMsg{err: io.EOF})
 }
@@ -881,7 +918,11 @@ func (t *http2Client) handleSettings(f *http2.SettingsFrame) {
 }
 
 func (t *http2Client) handlePing(f *http2.PingFrame) {
-	if f.IsAck() { // Do nothing.
+	if f.IsAck() {
+		// Maybe it's a BDP ping.
+		if t.bdpEst != nil {
+			t.bdpEst.calculate(f.Data)
+		}
 		return
 	}
 	pingAck := &ping{ack: true}
@@ -890,36 +931,56 @@ func (t *http2Client) handlePing(f *http2.PingFrame) {
 }
 
 func (t *http2Client) handleGoAway(f *http2.GoAwayFrame) {
+	t.mu.Lock()
+	if t.state != reachable && t.state != draining {
+		t.mu.Unlock()
+		return
+	}
 	if f.ErrCode == http2.ErrCodeEnhanceYourCalm {
-		grpclog.Printf("Client received GoAway with http2.ErrCodeEnhanceYourCalm.")
+		infof("Client received GoAway with http2.ErrCodeEnhanceYourCalm.")
 	}
-	t.mu.Lock()
-	if t.state == reachable || t.state == draining {
-		if f.LastStreamID > 0 && f.LastStreamID%2 != 1 {
-			t.mu.Unlock()
-			t.notifyError(connectionErrorf(true, nil, "received illegal http2 GOAWAY frame: stream ID %d is even", f.LastStreamID))
-			return
-		}
-		select {
-		case <-t.goAway:
-			id := t.goAwayID
-			// t.goAway has been closed (i.e.,multiple GoAways).
-			if id < f.LastStreamID {
-				t.mu.Unlock()
-				t.notifyError(connectionErrorf(true, nil, "received illegal http2 GOAWAY frame: previously recv GOAWAY frame with LastStramID %d, currently recv %d", id, f.LastStreamID))
-				return
-			}
-			t.prevGoAwayID = id
-			t.goAwayID = f.LastStreamID
+	id := f.LastStreamID
+	if id > 0 && id%2 != 1 {
+		t.mu.Unlock()
+		t.Close()
+		return
+	}
+	// A client can receive multiple GoAways from server (look at https://github.com/grpc/grpc-go/issues/1387).
+	// The idea is that the first GoAway will be sent with an ID of MaxInt32 and the second GoAway will be sent after an RTT delay
+	// with the ID of the last stream the server will process.
+	// Therefore, when we get the first GoAway we don't really close any streams. While in case of second GoAway we
+	// close all streams created after the second GoAwayId. This way streams that were in-flight while the GoAway from server
+	// was being sent don't get killed.
+	select {
+	case <-t.goAway: // t.goAway has been closed (i.e.,multiple GoAways).
+		// If there are multiple GoAways the first one should always have an ID greater than the following ones.
+		if id > t.prevGoAwayID {
 			t.mu.Unlock()
+			t.Close()
 			return
-		default:
-			t.setGoAwayReason(f)
 		}
-		t.goAwayID = f.LastStreamID
+	default:
+		t.setGoAwayReason(f)
 		close(t.goAway)
+		t.state = draining
+	}
+	// All streams with IDs greater than the GoAwayId
+	// and smaller than the previous GoAway ID should be killed.
+	upperLimit := t.prevGoAwayID
+	if upperLimit == 0 { // This is the first GoAway Frame.
+		upperLimit = math.MaxUint32 // Kill all streams after the GoAway ID.
+	}
+	for streamID, stream := range t.activeStreams {
+		if streamID > id && streamID <= upperLimit {
+			close(stream.goAway)
+		}
 	}
+	t.prevGoAwayID = id
+	active := len(t.activeStreams)
 	t.mu.Unlock()
+	if active == 0 {
+		t.Close()
+	}
 }
 
 // setGoAwayReason sets the value of t.goAwayReason based
@@ -960,20 +1021,20 @@ func (t *http2Client) operateHeaders(frame *http2.MetaHeadersFrame) {
 	if !ok {
 		return
 	}
+	s.mu.Lock()
 	s.bytesReceived = true
+	s.mu.Unlock()
 	var state decodeState
-	for _, hf := range frame.Fields {
-		if err := state.processHeaderField(hf); err != nil {
-			s.mu.Lock()
-			if !s.headerDone {
-				close(s.headerChan)
-				s.headerDone = true
-			}
-			s.mu.Unlock()
-			s.write(recvMsg{err: err})
-			// Something wrong. Stops reading even when there is remaining.
-			return
+	if err := state.decodeResponseHeader(frame); err != nil {
+		s.mu.Lock()
+		if !s.headerDone {
+			close(s.headerChan)
+			s.headerDone = true
 		}
+		s.mu.Unlock()
+		s.write(recvMsg{err: err})
+		// Something wrong. Stops reading even when there is remaining.
+		return
 	}
 
 	endStream := frame.StreamEnded()
@@ -985,13 +1046,13 @@ func (t *http2Client) operateHeaders(frame *http2.MetaHeadersFrame) {
 					Client:     true,
 					WireLength: int(frame.Header().Length),
 				}
-				t.statsHandler.HandleRPC(s.clientStatsCtx, inHeader)
+				t.statsHandler.HandleRPC(s.ctx, inHeader)
 			} else {
 				inTrailer := &stats.InTrailer{
 					Client:     true,
 					WireLength: int(frame.Header().Length),
 				}
-				t.statsHandler.HandleRPC(s.clientStatsCtx, inTrailer)
+				t.statsHandler.HandleRPC(s.ctx, inTrailer)
 			}
 		}
 	}()
@@ -1039,22 +1100,22 @@ func handleMalformedHTTP2(s *Stream, err error) {
 // TODO(zhaoq): Check the validity of the incoming frame sequence.
 func (t *http2Client) reader() {
 	// Check the validity of server preface.
-	frame, err := t.framer.readFrame()
+	frame, err := t.framer.fr.ReadFrame()
 	if err != nil {
-		t.notifyError(err)
+		t.Close()
 		return
 	}
 	atomic.CompareAndSwapUint32(&t.activity, 0, 1)
 	sf, ok := frame.(*http2.SettingsFrame)
 	if !ok {
-		t.notifyError(err)
+		t.Close()
 		return
 	}
 	t.handleSettings(sf)
 
 	// loop to keep reading incoming messages on this transport.
 	for {
-		frame, err := t.framer.readFrame()
+		frame, err := t.framer.fr.ReadFrame()
 		atomic.CompareAndSwapUint32(&t.activity, 0, 1)
 		if err != nil {
 			// Abort an active stream if the http2.Framer returns a
@@ -1066,12 +1127,12 @@ func (t *http2Client) reader() {
 				t.mu.Unlock()
 				if s != nil {
 					// use error detail to provide better err message
-					handleMalformedHTTP2(s, streamErrorf(http2ErrConvTab[se.Code], "%v", t.framer.errorDetail()))
+					handleMalformedHTTP2(s, streamErrorf(http2ErrConvTab[se.Code], "%v", t.framer.fr.ErrorDetail()))
 				}
 				continue
 			} else {
 				// Transport error.
-				t.notifyError(err)
+				t.Close()
 				return
 			}
 		}
@@ -1091,7 +1152,7 @@ func (t *http2Client) reader() {
 		case *http2.WindowUpdateFrame:
 			t.handleWindowUpdate(frame)
 		default:
-			grpclog.Printf("transport: http2Client.reader got unhandled frame type %v.", frame)
+			errorf("transport: http2Client.reader got unhandled frame type %v.", frame)
 		}
 	}
 }
@@ -1115,7 +1176,7 @@ func (t *http2Client) applySettings(ss []http2.Setting) {
 			t.mu.Lock()
 			for _, stream := range t.activeStreams {
 				// Adjust the sending quota for each stream.
-				stream.sendQuotaPool.add(int(s.Val - t.streamSendQuota))
+				stream.sendQuotaPool.addAndUpdate(int(s.Val) - int(t.streamSendQuota))
 			}
 			t.streamSendQuota = s.Val
 			t.mu.Unlock()
@@ -1123,49 +1184,78 @@ func (t *http2Client) applySettings(ss []http2.Setting) {
 	}
 }
 
-// controller running in a separate goroutine takes charge of sending control
-// frames (e.g., window update, reset stream, setting, etc.) to the server.
-func (t *http2Client) controller() {
-	for {
-		select {
-		case i := <-t.controlBuf.get():
-			t.controlBuf.load()
-			select {
-			case <-t.writableChan:
-				switch i := i.(type) {
-				case *windowUpdate:
-					t.framer.writeWindowUpdate(true, i.streamID, i.increment)
-				case *settings:
-					if i.ack {
-						t.framer.writeSettingsAck(true)
-						t.applySettings(i.ss)
-					} else {
-						t.framer.writeSettings(true, i.ss...)
-					}
-				case *resetStream:
-					// If the server needs to be to intimated about stream closing,
-					// then we need to make sure the RST_STREAM frame is written to
-					// the wire before the headers of the next stream waiting on
-					// streamQuota. We ensure this by adding to the streamsQuota pool
-					// only after having acquired the writableChan to send RST_STREAM.
-					t.streamsQuota.add(1)
-					t.framer.writeRSTStream(true, i.streamID, i.code)
-				case *flushIO:
-					t.framer.flushWrite()
-				case *ping:
-					t.framer.writePing(true, i.ack, i.data)
-				default:
-					grpclog.Printf("transport: http2Client.controller got unexpected item type %v\n", i)
-				}
-				t.writableChan <- 0
-				continue
-			case <-t.shutdownChan:
-				return
+// TODO(mmukhi): A lot of this code(and code in other places in the tranpsort layer)
+// is duplicated between the client and the server.
+// The transport layer needs to be refactored to take care of this.
+func (t *http2Client) itemHandler(i item) error {
+	var err error
+	switch i := i.(type) {
+	case *dataFrame:
+		err = t.framer.fr.WriteData(i.streamID, i.endStream, i.d)
+		if err == nil {
+			i.f()
+		}
+	case *headerFrame:
+		t.hBuf.Reset()
+		for _, f := range i.hf {
+			t.hEnc.WriteField(f)
+		}
+		endHeaders := false
+		first := true
+		for !endHeaders {
+			size := t.hBuf.Len()
+			if size > http2MaxFrameLen {
+				size = http2MaxFrameLen
+			} else {
+				endHeaders = true
+			}
+			if first {
+				first = false
+				err = t.framer.fr.WriteHeaders(http2.HeadersFrameParam{
+					StreamID:      i.streamID,
+					BlockFragment: t.hBuf.Next(size),
+					EndStream:     i.endStream,
+					EndHeaders:    endHeaders,
+				})
+			} else {
+				err = t.framer.fr.WriteContinuation(
+					i.streamID,
+					endHeaders,
+					t.hBuf.Next(size),
+				)
+			}
+			if err != nil {
+				return err
 			}
-		case <-t.shutdownChan:
-			return
 		}
+	case *windowUpdate:
+		err = t.framer.fr.WriteWindowUpdate(i.streamID, i.increment)
+	case *settings:
+		if i.ack {
+			t.applySettings(i.ss)
+			err = t.framer.fr.WriteSettingsAck()
+		} else {
+			err = t.framer.fr.WriteSettings(i.ss...)
+		}
+	case *resetStream:
+		// If the server needs to be to intimated about stream closing,
+		// then we need to make sure the RST_STREAM frame is written to
+		// the wire before the headers of the next stream waiting on
+		// streamQuota. We ensure this by adding to the streamsQuota pool
+		// only after having acquired the writableChan to send RST_STREAM.
+		err = t.framer.fr.WriteRSTStream(i.streamID, i.code)
+		t.streamsQuota.add(1)
+	case *flushIO:
+		err = t.framer.writer.Flush()
+	case *ping:
+		if !i.ack {
+			t.bdpEst.timesnap(i.data)
+		}
+		err = t.framer.fr.WritePing(i.ack, i.data)
+	default:
+		errorf("transport: http2Client.controller got unexpected item type %v\n", i)
 	}
+	return err
 }
 
 // keepalive running in a separate goroutune makes sure the connection is alive by sending pings.
@@ -1189,7 +1279,7 @@ func (t *http2Client) keepalive() {
 				case <-t.awakenKeepalive:
 					// If the control gets here a ping has been sent
 					// need to reset the timer with keepalive.Timeout.
-				case <-t.shutdownChan:
+				case <-t.ctx.Done():
 					return
 				}
 			} else {
@@ -1208,13 +1298,13 @@ func (t *http2Client) keepalive() {
 				}
 				t.Close()
 				return
-			case <-t.shutdownChan:
+			case <-t.ctx.Done():
 				if !timer.Stop() {
 					<-timer.C
 				}
 				return
 			}
-		case <-t.shutdownChan:
+		case <-t.ctx.Done():
 			if !timer.Stop() {
 				<-timer.C
 			}
@@ -1224,25 +1314,9 @@ func (t *http2Client) keepalive() {
 }
 
 func (t *http2Client) Error() <-chan struct{} {
-	return t.errorChan
+	return t.ctx.Done()
 }
 
 func (t *http2Client) GoAway() <-chan struct{} {
 	return t.goAway
 }
-
-func (t *http2Client) notifyError(err error) {
-	t.mu.Lock()
-	// make sure t.errorChan is closed only once.
-	if t.state == draining {
-		t.mu.Unlock()
-		t.Close()
-		return
-	}
-	if t.state == reachable {
-		t.state = unreachable
-		close(t.errorChan)
-		grpclog.Printf("transport: http2Client.notifyError got notified that the client transport was broken %v.", err)
-	}
-	t.mu.Unlock()
-}
diff --git a/vendor/google.golang.org/grpc/transport/http2_server.go b/vendor/google.golang.org/grpc/transport/http2_server.go
index 14cd19c64c6e..00df8eed0fdb 100644
--- a/vendor/google.golang.org/grpc/transport/http2_server.go
+++ b/vendor/google.golang.org/grpc/transport/http2_server.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2014, Google Inc.
- * All rights reserved.
+ * Copyright 2014 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -36,6 +21,7 @@ package transport
 import (
 	"bytes"
 	"errors"
+	"fmt"
 	"io"
 	"math"
 	"math/rand"
@@ -51,7 +37,6 @@ import (
 	"golang.org/x/net/http2/hpack"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/credentials"
-	"google.golang.org/grpc/grpclog"
 	"google.golang.org/grpc/keepalive"
 	"google.golang.org/grpc/metadata"
 	"google.golang.org/grpc/peer"
@@ -67,35 +52,25 @@ var ErrIllegalHeaderWrite = errors.New("transport: the stream is done or WriteHe
 // http2Server implements the ServerTransport interface with HTTP2.
 type http2Server struct {
 	ctx         context.Context
+	cancel      context.CancelFunc
 	conn        net.Conn
 	remoteAddr  net.Addr
 	localAddr   net.Addr
 	maxStreamID uint32               // max stream ID ever seen
 	authInfo    credentials.AuthInfo // auth info about the connection
 	inTapHandle tap.ServerInHandle
-	// writableChan synchronizes write access to the transport.
-	// A writer acquires the write lock by receiving a value on writableChan
-	// and releases it by sending on writableChan.
-	writableChan chan int
-	// shutdownChan is closed when Close is called.
-	// Blocking operations should select on shutdownChan to avoid
-	// blocking forever after Close.
-	shutdownChan chan struct{}
-	framer       *framer
-	hBuf         *bytes.Buffer  // the buffer for HPACK encoding
-	hEnc         *hpack.Encoder // HPACK encoder
-
+	framer      *framer
+	hBuf        *bytes.Buffer  // the buffer for HPACK encoding
+	hEnc        *hpack.Encoder // HPACK encoder
 	// The max number of concurrent streams.
 	maxStreams uint32
 	// controlBuf delivers all the control related tasks (e.g., window
 	// updates, reset streams, and various settings) to the controller.
-	controlBuf *recvBuffer
+	controlBuf *controlBuffer
 	fc         *inFlow
 	// sendQuotaPool provides flow control to outbound message.
 	sendQuotaPool *quotaPool
-
-	stats stats.Handler
-
+	stats         stats.Handler
 	// Flag to keep track of reading activity on transport.
 	// 1 is true and 0 is false.
 	activity uint32 // Accessed atomically.
@@ -111,15 +86,25 @@ type http2Server struct {
 	// Flag to signify that number of ping strikes should be reset to 0.
 	// This is set whenever data or header frames are sent.
 	// 1 means yes.
-	resetPingStrikes uint32 // Accessed atomically.
+	resetPingStrikes  uint32 // Accessed atomically.
+	initialWindowSize int32
+	bdpEst            *bdpEstimator
+
+	mu sync.Mutex // guard the following
 
-	mu            sync.Mutex // guard the following
+	// drainChan is initialized when drain(...) is called the first time.
+	// After which the server writes out the first GoAway(with ID 2^31-1) frame.
+	// Then an independent goroutine will be launched to later send the second GoAway.
+	// During this time we don't want to write another first GoAway(with ID 2^31 -1) frame.
+	// Thus call to drain(...) will be a no-op if drainChan is already initialized since draining is
+	// already underway.
+	drainChan     chan struct{}
 	state         transportState
 	activeStreams map[uint32]*Stream
 	// the per-stream outbound flow control window size set by the peer.
 	streamSendQuota uint32
 	// idle is the time instant when the connection went idle.
-	// This is either the begining of the connection or when the number of
+	// This is either the beginning of the connection or when the number of
 	// RPCs go down to 0.
 	// When the connection is busy, this value is set to 0.
 	idle time.Time
@@ -128,32 +113,51 @@ type http2Server struct {
 // newHTTP2Server constructs a ServerTransport based on HTTP2. ConnectionError is
 // returned if something goes wrong.
 func newHTTP2Server(conn net.Conn, config *ServerConfig) (_ ServerTransport, err error) {
-	framer := newFramer(conn)
+	writeBufSize := defaultWriteBufSize
+	if config.WriteBufferSize > 0 {
+		writeBufSize = config.WriteBufferSize
+	}
+	readBufSize := defaultReadBufSize
+	if config.ReadBufferSize > 0 {
+		readBufSize = config.ReadBufferSize
+	}
+	framer := newFramer(conn, writeBufSize, readBufSize)
 	// Send initial settings as connection preface to client.
-	var settings []http2.Setting
+	var isettings []http2.Setting
 	// TODO(zhaoq): Have a better way to signal "no limit" because 0 is
 	// permitted in the HTTP2 spec.
 	maxStreams := config.MaxStreams
 	if maxStreams == 0 {
 		maxStreams = math.MaxUint32
 	} else {
-		settings = append(settings, http2.Setting{
+		isettings = append(isettings, http2.Setting{
 			ID:  http2.SettingMaxConcurrentStreams,
 			Val: maxStreams,
 		})
 	}
-	if initialWindowSize != defaultWindowSize {
-		settings = append(settings, http2.Setting{
+	dynamicWindow := true
+	iwz := int32(initialWindowSize)
+	if config.InitialWindowSize >= defaultWindowSize {
+		iwz = config.InitialWindowSize
+		dynamicWindow = false
+	}
+	icwz := int32(initialWindowSize)
+	if config.InitialConnWindowSize >= defaultWindowSize {
+		icwz = config.InitialConnWindowSize
+		dynamicWindow = false
+	}
+	if iwz != defaultWindowSize {
+		isettings = append(isettings, http2.Setting{
 			ID:  http2.SettingInitialWindowSize,
-			Val: uint32(initialWindowSize)})
+			Val: uint32(iwz)})
 	}
-	if err := framer.writeSettings(true, settings...); err != nil {
-		return nil, connectionErrorf(true, err, "transport: %v", err)
+	if err := framer.fr.WriteSettings(isettings...); err != nil {
+		return nil, connectionErrorf(false, err, "transport: %v", err)
 	}
 	// Adjust the connection flow control window if needed.
-	if delta := uint32(initialConnWindowSize - defaultWindowSize); delta > 0 {
-		if err := framer.writeWindowUpdate(true, 0, delta); err != nil {
-			return nil, connectionErrorf(true, err, "transport: %v", err)
+	if delta := uint32(icwz - defaultWindowSize); delta > 0 {
+		if err := framer.fr.WriteWindowUpdate(0, delta); err != nil {
+			return nil, connectionErrorf(false, err, "transport: %v", err)
 		}
 	}
 	kp := config.KeepaliveParams
@@ -179,29 +183,36 @@ func newHTTP2Server(conn net.Conn, config *ServerConfig) (_ ServerTransport, err
 		kep.MinTime = defaultKeepalivePolicyMinTime
 	}
 	var buf bytes.Buffer
+	ctx, cancel := context.WithCancel(context.Background())
 	t := &http2Server{
-		ctx:             context.Background(),
-		conn:            conn,
-		remoteAddr:      conn.RemoteAddr(),
-		localAddr:       conn.LocalAddr(),
-		authInfo:        config.AuthInfo,
-		framer:          framer,
-		hBuf:            &buf,
-		hEnc:            hpack.NewEncoder(&buf),
-		maxStreams:      maxStreams,
-		inTapHandle:     config.InTapHandle,
-		controlBuf:      newRecvBuffer(),
-		fc:              &inFlow{limit: initialConnWindowSize},
-		sendQuotaPool:   newQuotaPool(defaultWindowSize),
-		state:           reachable,
-		writableChan:    make(chan int, 1),
-		shutdownChan:    make(chan struct{}),
-		activeStreams:   make(map[uint32]*Stream),
-		streamSendQuota: defaultWindowSize,
-		stats:           config.StatsHandler,
-		kp:              kp,
-		idle:            time.Now(),
-		kep:             kep,
+		ctx:               ctx,
+		cancel:            cancel,
+		conn:              conn,
+		remoteAddr:        conn.RemoteAddr(),
+		localAddr:         conn.LocalAddr(),
+		authInfo:          config.AuthInfo,
+		framer:            framer,
+		hBuf:              &buf,
+		hEnc:              hpack.NewEncoder(&buf),
+		maxStreams:        maxStreams,
+		inTapHandle:       config.InTapHandle,
+		controlBuf:        newControlBuffer(),
+		fc:                &inFlow{limit: uint32(icwz)},
+		sendQuotaPool:     newQuotaPool(defaultWindowSize),
+		state:             reachable,
+		activeStreams:     make(map[uint32]*Stream),
+		streamSendQuota:   defaultWindowSize,
+		stats:             config.StatsHandler,
+		kp:                kp,
+		idle:              time.Now(),
+		kep:               kep,
+		initialWindowSize: iwz,
+	}
+	if dynamicWindow {
+		t.bdpEst = &bdpEstimator{
+			bdp:               initialWindowSize,
+			updateFlowControl: t.updateFlowControl,
+		}
 	}
 	if t.stats != nil {
 		t.ctx = t.stats.TagConn(t.ctx, &stats.ConnTagInfo{
@@ -211,37 +222,68 @@ func newHTTP2Server(conn net.Conn, config *ServerConfig) (_ ServerTransport, err
 		connBegin := &stats.ConnBegin{}
 		t.stats.HandleConn(t.ctx, connBegin)
 	}
-	go t.controller()
+	t.framer.writer.Flush()
+
+	// Check the validity of client preface.
+	preface := make([]byte, len(clientPreface))
+	if _, err := io.ReadFull(t.conn, preface); err != nil {
+		return nil, connectionErrorf(false, err, "transport: http2Server.HandleStreams failed to receive the preface from client: %v", err)
+	}
+	if !bytes.Equal(preface, clientPreface) {
+		return nil, connectionErrorf(false, nil, "transport: http2Server.HandleStreams received bogus greeting from client: %q", preface)
+	}
+
+	frame, err := t.framer.fr.ReadFrame()
+	if err == io.EOF || err == io.ErrUnexpectedEOF {
+		t.Close()
+		return
+	}
+	if err != nil {
+		return nil, connectionErrorf(false, err, "transport: http2Server.HandleStreams failed to read initial settings frame: %v", err)
+	}
+	atomic.StoreUint32(&t.activity, 1)
+	sf, ok := frame.(*http2.SettingsFrame)
+	if !ok {
+		return nil, connectionErrorf(false, nil, "transport: http2Server.HandleStreams saw invalid preface type %T from client", frame)
+	}
+	t.handleSettings(sf)
+
+	go func() {
+		loopyWriter(t.ctx, t.controlBuf, t.itemHandler)
+		t.Close()
+	}()
 	go t.keepalive()
-	t.writableChan <- 0
 	return t, nil
 }
 
 // operateHeader takes action on the decoded headers.
 func (t *http2Server) operateHeaders(frame *http2.MetaHeadersFrame, handle func(*Stream), traceCtx func(context.Context, string) context.Context) (close bool) {
-	buf := newRecvBuffer()
-	s := &Stream{
-		id:  frame.Header().StreamID,
-		st:  t,
-		buf: buf,
-		fc:  &inFlow{limit: initialWindowSize},
-	}
+	streamID := frame.Header().StreamID
 
 	var state decodeState
 	for _, hf := range frame.Fields {
 		if err := state.processHeaderField(hf); err != nil {
 			if se, ok := err.(StreamError); ok {
-				t.controlBuf.put(&resetStream{s.id, statusCodeConvTab[se.Code]})
+				t.controlBuf.put(&resetStream{streamID, statusCodeConvTab[se.Code]})
 			}
 			return
 		}
 	}
 
+	buf := newRecvBuffer()
+	s := &Stream{
+		id:           streamID,
+		st:           t,
+		buf:          buf,
+		fc:           &inFlow{limit: uint32(t.initialWindowSize)},
+		recvCompress: state.encoding,
+		method:       state.method,
+	}
+
 	if frame.StreamEnded() {
 		// s is just created by the caller. No lock needed.
 		s.state = streamReadDone
 	}
-	s.recvCompress = state.encoding
 	if state.timeoutSet {
 		s.ctx, s.cancel = context.WithTimeout(t.ctx, state.timeout)
 	} else {
@@ -263,13 +305,12 @@ func (t *http2Server) operateHeaders(frame *http2.MetaHeadersFrame, handle func(
 	if len(state.mdata) > 0 {
 		s.ctx = metadata.NewIncomingContext(s.ctx, state.mdata)
 	}
-
-	s.dec = &recvBufferReader{
-		ctx:  s.ctx,
-		recv: s.buf,
+	if state.statsTags != nil {
+		s.ctx = stats.SetIncomingTags(s.ctx, state.statsTags)
+	}
+	if state.statsTrace != nil {
+		s.ctx = stats.SetIncomingTrace(s.ctx, state.statsTrace)
 	}
-	s.recvCompress = state.encoding
-	s.method = state.method
 	if t.inTapHandle != nil {
 		var err error
 		info := &tap.Info{
@@ -277,7 +318,7 @@ func (t *http2Server) operateHeaders(frame *http2.MetaHeadersFrame, handle func(
 		}
 		s.ctx, err = t.inTapHandle(s.ctx, info)
 		if err != nil {
-			// TODO: Log the real error.
+			warningf("transport: http2Server.operateHeaders got an error from InTapHandle: %v", err)
 			t.controlBuf.put(&resetStream{s.id, http2.ErrCodeRefusedStream})
 			return
 		}
@@ -289,24 +330,25 @@ func (t *http2Server) operateHeaders(frame *http2.MetaHeadersFrame, handle func(
 	}
 	if uint32(len(t.activeStreams)) >= t.maxStreams {
 		t.mu.Unlock()
-		t.controlBuf.put(&resetStream{s.id, http2.ErrCodeRefusedStream})
+		t.controlBuf.put(&resetStream{streamID, http2.ErrCodeRefusedStream})
 		return
 	}
-	if s.id%2 != 1 || s.id <= t.maxStreamID {
+	if streamID%2 != 1 || streamID <= t.maxStreamID {
 		t.mu.Unlock()
 		// illegal gRPC stream id.
-		grpclog.Println("transport: http2Server.HandleStreams received an illegal stream id: ", s.id)
+		errorf("transport: http2Server.HandleStreams received an illegal stream id: %v", streamID)
 		return true
 	}
-	t.maxStreamID = s.id
+	t.maxStreamID = streamID
 	s.sendQuotaPool = newQuotaPool(int(t.streamSendQuota))
-	t.activeStreams[s.id] = s
+	s.localSendQuota = newQuotaPool(defaultLocalSendQuota)
+	t.activeStreams[streamID] = s
 	if len(t.activeStreams) == 1 {
 		t.idle = time.Time{}
 	}
 	t.mu.Unlock()
-	s.windowHandler = func(n int) {
-		t.updateWindow(s, uint32(n))
+	s.requestRead = func(n int) {
+		t.adjustWindow(s, uint32(n))
 	}
 	s.ctx = traceCtx(s.ctx, s.method)
 	if t.stats != nil {
@@ -320,6 +362,15 @@ func (t *http2Server) operateHeaders(frame *http2.MetaHeadersFrame, handle func(
 		}
 		t.stats.HandleRPC(s.ctx, inHeader)
 	}
+	s.trReader = &transportReader{
+		reader: &recvBufferReader{
+			ctx:  s.ctx,
+			recv: s.buf,
+		},
+		windowHandler: func(n int) {
+			t.updateWindow(s, uint32(n))
+		},
+	}
 	handle(s)
 	return
 }
@@ -328,40 +379,8 @@ func (t *http2Server) operateHeaders(frame *http2.MetaHeadersFrame, handle func(
 // typically run in a separate goroutine.
 // traceCtx attaches trace to ctx and returns the new context.
 func (t *http2Server) HandleStreams(handle func(*Stream), traceCtx func(context.Context, string) context.Context) {
-	// Check the validity of client preface.
-	preface := make([]byte, len(clientPreface))
-	if _, err := io.ReadFull(t.conn, preface); err != nil {
-		grpclog.Printf("transport: http2Server.HandleStreams failed to receive the preface from client: %v", err)
-		t.Close()
-		return
-	}
-	if !bytes.Equal(preface, clientPreface) {
-		grpclog.Printf("transport: http2Server.HandleStreams received bogus greeting from client: %q", preface)
-		t.Close()
-		return
-	}
-
-	frame, err := t.framer.readFrame()
-	if err == io.EOF || err == io.ErrUnexpectedEOF {
-		t.Close()
-		return
-	}
-	if err != nil {
-		grpclog.Printf("transport: http2Server.HandleStreams failed to read frame: %v", err)
-		t.Close()
-		return
-	}
-	atomic.StoreUint32(&t.activity, 1)
-	sf, ok := frame.(*http2.SettingsFrame)
-	if !ok {
-		grpclog.Printf("transport: http2Server.HandleStreams saw invalid preface type %T from client", frame)
-		t.Close()
-		return
-	}
-	t.handleSettings(sf)
-
 	for {
-		frame, err := t.framer.readFrame()
+		frame, err := t.framer.fr.ReadFrame()
 		atomic.StoreUint32(&t.activity, 1)
 		if err != nil {
 			if se, ok := err.(http2.StreamError); ok {
@@ -378,7 +397,7 @@ func (t *http2Server) HandleStreams(handle func(*Stream), traceCtx func(context.
 				t.Close()
 				return
 			}
-			grpclog.Printf("transport: http2Server.HandleStreams failed to read frame: %v", err)
+			warningf("transport: http2Server.HandleStreams failed to read frame: %v", err)
 			t.Close()
 			return
 		}
@@ -401,7 +420,7 @@ func (t *http2Server) HandleStreams(handle func(*Stream), traceCtx func(context.
 		case *http2.GoAwayFrame:
 			// TODO: Handle GoAway from the client appropriately.
 		default:
-			grpclog.Printf("transport: http2Server.HandleStreams found unhandled frame type %v.", frame)
+			errorf("transport: http2Server.HandleStreams found unhandled frame type %v.", frame)
 		}
 	}
 }
@@ -421,6 +440,23 @@ func (t *http2Server) getStream(f http2.Frame) (*Stream, bool) {
 	return s, true
 }
 
+// adjustWindow sends out extra window update over the initial window size
+// of stream if the application is requesting data larger in size than
+// the window.
+func (t *http2Server) adjustWindow(s *Stream, n uint32) {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	if s.state == streamDone {
+		return
+	}
+	if w := s.fc.maybeAdjust(n); w > 0 {
+		if cw := t.fc.resetPendingUpdate(); cw > 0 {
+			t.controlBuf.put(&windowUpdate{0, cw})
+		}
+		t.controlBuf.put(&windowUpdate{s.id, w})
+	}
+}
+
 // updateWindow adjusts the inbound quota for the stream and the transport.
 // Window updates will deliver to the controller for sending when
 // the cumulative quota exceeds the corresponding threshold.
@@ -430,42 +466,78 @@ func (t *http2Server) updateWindow(s *Stream, n uint32) {
 	if s.state == streamDone {
 		return
 	}
-	if w := t.fc.onRead(n); w > 0 {
-		t.controlBuf.put(&windowUpdate{0, w})
-	}
 	if w := s.fc.onRead(n); w > 0 {
+		if cw := t.fc.resetPendingUpdate(); cw > 0 {
+			t.controlBuf.put(&windowUpdate{0, cw})
+		}
 		t.controlBuf.put(&windowUpdate{s.id, w})
 	}
 }
 
+// updateFlowControl updates the incoming flow control windows
+// for the transport and the stream based on the current bdp
+// estimation.
+func (t *http2Server) updateFlowControl(n uint32) {
+	t.mu.Lock()
+	for _, s := range t.activeStreams {
+		s.fc.newLimit(n)
+	}
+	t.initialWindowSize = int32(n)
+	t.mu.Unlock()
+	t.controlBuf.put(&windowUpdate{0, t.fc.newLimit(n)})
+	t.controlBuf.put(&settings{
+		ack: false,
+		ss: []http2.Setting{
+			{
+				ID:  http2.SettingInitialWindowSize,
+				Val: uint32(n),
+			},
+		},
+	})
+
+}
+
 func (t *http2Server) handleData(f *http2.DataFrame) {
 	size := f.Header().Length
-	if err := t.fc.onData(uint32(size)); err != nil {
-		grpclog.Printf("transport: http2Server %v", err)
-		t.Close()
-		return
+	var sendBDPPing bool
+	if t.bdpEst != nil {
+		sendBDPPing = t.bdpEst.add(uint32(size))
+	}
+	// Decouple connection's flow control from application's read.
+	// An update on connection's flow control should not depend on
+	// whether user application has read the data or not. Such a
+	// restriction is already imposed on the stream's flow control,
+	// and therefore the sender will be blocked anyways.
+	// Decoupling the connection flow control will prevent other
+	// active(fast) streams from starving in presence of slow or
+	// inactive streams.
+	//
+	// Furthermore, if a bdpPing is being sent out we can piggyback
+	// connection's window update for the bytes we just received.
+	if sendBDPPing {
+		if size != 0 { // Could be an empty frame.
+			t.controlBuf.put(&windowUpdate{0, uint32(size)})
+		}
+		t.controlBuf.put(bdpPing)
+	} else {
+		if err := t.fc.onData(uint32(size)); err != nil {
+			errorf("transport: http2Server %v", err)
+			t.Close()
+			return
+		}
+		if w := t.fc.onRead(uint32(size)); w > 0 {
+			t.controlBuf.put(&windowUpdate{0, w})
+		}
 	}
 	// Select the right stream to dispatch.
 	s, ok := t.getStream(f)
 	if !ok {
-		if w := t.fc.onRead(uint32(size)); w > 0 {
-			t.controlBuf.put(&windowUpdate{0, w})
-		}
 		return
 	}
 	if size > 0 {
-		if f.Header().Flags.Has(http2.FlagDataPadded) {
-			if w := t.fc.onRead(uint32(size) - uint32(len(f.Data()))); w > 0 {
-				t.controlBuf.put(&windowUpdate{0, w})
-			}
-		}
 		s.mu.Lock()
 		if s.state == streamDone {
 			s.mu.Unlock()
-			// The stream has been closed. Release the corresponding quota.
-			if w := t.fc.onRead(uint32(size)); w > 0 {
-				t.controlBuf.put(&windowUpdate{0, w})
-			}
 			return
 		}
 		if err := s.fc.onData(uint32(size)); err != nil {
@@ -517,17 +589,38 @@ func (t *http2Server) handleSettings(f *http2.SettingsFrame) {
 		ss = append(ss, s)
 		return nil
 	})
-	// The settings will be applied once the ack is sent.
 	t.controlBuf.put(&settings{ack: true, ss: ss})
 }
 
+func (t *http2Server) applySettings(ss []http2.Setting) {
+	for _, s := range ss {
+		if s.ID == http2.SettingInitialWindowSize {
+			t.mu.Lock()
+			for _, stream := range t.activeStreams {
+				stream.sendQuotaPool.addAndUpdate(int(s.Val) - int(t.streamSendQuota))
+			}
+			t.streamSendQuota = s.Val
+			t.mu.Unlock()
+		}
+
+	}
+}
+
 const (
 	maxPingStrikes     = 2
 	defaultPingTimeout = 2 * time.Hour
 )
 
 func (t *http2Server) handlePing(f *http2.PingFrame) {
-	if f.IsAck() { // Do nothing.
+	if f.IsAck() {
+		if f.Data == goAwayPing.data && t.drainChan != nil {
+			close(t.drainChan)
+			return
+		}
+		// Maybe it's a BDP ping.
+		if t.bdpEst != nil {
+			t.bdpEst.calculate(f.Data)
+		}
 		return
 	}
 	pingAck := &ping{ack: true}
@@ -550,7 +643,7 @@ func (t *http2Server) handlePing(f *http2.PingFrame) {
 	t.mu.Unlock()
 	if ns < 1 && !t.kep.PermitWithoutStream {
 		// Keepalive shouldn't be active thus, this new ping should
-		// have come after atleast defaultPingTimeout.
+		// have come after at least defaultPingTimeout.
 		if t.lastPingAt.Add(defaultPingTimeout).After(now) {
 			t.pingStrikes++
 		}
@@ -563,7 +656,8 @@ func (t *http2Server) handlePing(f *http2.PingFrame) {
 
 	if t.pingStrikes > maxPingStrikes {
 		// Send goaway and close the connection.
-		t.controlBuf.put(&goAway{code: http2.ErrCodeEnhanceYourCalm, debugData: []byte("too_many_pings")})
+		errorf("transport: Got to too many pings from the client, closing the connection.")
+		t.controlBuf.put(&goAway{code: http2.ErrCodeEnhanceYourCalm, debugData: []byte("too_many_pings"), closeConn: true})
 	}
 }
 
@@ -579,47 +673,16 @@ func (t *http2Server) handleWindowUpdate(f *http2.WindowUpdateFrame) {
 	}
 }
 
-func (t *http2Server) writeHeaders(s *Stream, b *bytes.Buffer, endStream bool) error {
-	first := true
-	endHeaders := false
-	var err error
-	defer func() {
-		if err == nil {
-			// Reset ping strikes when seding headers since that might cause the
-			// peer to send ping.
-			atomic.StoreUint32(&t.resetPingStrikes, 1)
-		}
-	}()
-	// Sends the headers in a single batch.
-	for !endHeaders {
-		size := t.hBuf.Len()
-		if size > http2MaxFrameLen {
-			size = http2MaxFrameLen
-		} else {
-			endHeaders = true
-		}
-		if first {
-			p := http2.HeadersFrameParam{
-				StreamID:      s.id,
-				BlockFragment: b.Next(size),
-				EndStream:     endStream,
-				EndHeaders:    endHeaders,
-			}
-			err = t.framer.writeHeaders(endHeaders, p)
-			first = false
-		} else {
-			err = t.framer.writeContinuation(endHeaders, s.id, endHeaders, b.Next(size))
-		}
-		if err != nil {
-			t.Close()
-			return connectionErrorf(true, err, "transport: %v", err)
-		}
-	}
-	return nil
-}
-
 // WriteHeader sends the header metedata md back to the client.
 func (t *http2Server) WriteHeader(s *Stream, md metadata.MD) error {
+	select {
+	case <-s.ctx.Done():
+		return ContextErr(s.ctx.Err())
+	case <-t.ctx.Done():
+		return ErrConnClosing
+	default:
+	}
+
 	s.mu.Lock()
 	if s.headerOk || s.state == streamDone {
 		s.mu.Unlock()
@@ -635,14 +698,13 @@ func (t *http2Server) WriteHeader(s *Stream, md metadata.MD) error {
 	}
 	md = s.header
 	s.mu.Unlock()
-	if _, err := wait(s.ctx, nil, nil, t.shutdownChan, t.writableChan); err != nil {
-		return err
-	}
-	t.hBuf.Reset()
-	t.hEnc.WriteField(hpack.HeaderField{Name: ":status", Value: "200"})
-	t.hEnc.WriteField(hpack.HeaderField{Name: "content-type", Value: "application/grpc"})
+	// TODO(mmukhi): Benchmark if the perfomance gets better if count the metadata and other header fields
+	// first and create a slice of that exact size.
+	headerFields := make([]hpack.HeaderField, 0, 2) // at least :status, content-type will be there if none else.
+	headerFields = append(headerFields, hpack.HeaderField{Name: ":status", Value: "200"})
+	headerFields = append(headerFields, hpack.HeaderField{Name: "content-type", Value: "application/grpc"})
 	if s.sendCompress != "" {
-		t.hEnc.WriteField(hpack.HeaderField{Name: "grpc-encoding", Value: s.sendCompress})
+		headerFields = append(headerFields, hpack.HeaderField{Name: "grpc-encoding", Value: s.sendCompress})
 	}
 	for k, vv := range md {
 		if isReservedHeader(k) {
@@ -650,20 +712,20 @@ func (t *http2Server) WriteHeader(s *Stream, md metadata.MD) error {
 			continue
 		}
 		for _, v := range vv {
-			t.hEnc.WriteField(hpack.HeaderField{Name: k, Value: encodeMetadataHeader(k, v)})
+			headerFields = append(headerFields, hpack.HeaderField{Name: k, Value: encodeMetadataHeader(k, v)})
 		}
 	}
-	bufLen := t.hBuf.Len()
-	if err := t.writeHeaders(s, t.hBuf, false); err != nil {
-		return err
-	}
+	t.controlBuf.put(&headerFrame{
+		streamID:  s.id,
+		hf:        headerFields,
+		endStream: false,
+	})
 	if t.stats != nil {
 		outHeader := &stats.OutHeader{
-			WireLength: bufLen,
+		//WireLength: // TODO(mmukhi): Revisit this later, if needed.
 		}
 		t.stats.HandleRPC(s.Context(), outHeader)
 	}
-	t.writableChan <- 0
 	return nil
 }
 
@@ -672,6 +734,12 @@ func (t *http2Server) WriteHeader(s *Stream, md metadata.MD) error {
 // TODO(zhaoq): Now it indicates the end of entire stream. Revisit if early
 // OK is adopted.
 func (t *http2Server) WriteStatus(s *Stream, st *status.Status) error {
+	select {
+	case <-t.ctx.Done():
+		return ErrConnClosing
+	default:
+	}
+
 	var headersSent, hasHeader bool
 	s.mu.Lock()
 	if s.state == streamDone {
@@ -691,20 +759,15 @@ func (t *http2Server) WriteStatus(s *Stream, st *status.Status) error {
 		headersSent = true
 	}
 
-	if _, err := wait(s.ctx, nil, nil, t.shutdownChan, t.writableChan); err != nil {
-		return err
-	}
-	t.hBuf.Reset()
+	// TODO(mmukhi): Benchmark if the perfomance gets better if count the metadata and other header fields
+	// first and create a slice of that exact size.
+	headerFields := make([]hpack.HeaderField, 0, 2) // grpc-status and grpc-message will be there if none else.
 	if !headersSent {
-		t.hEnc.WriteField(hpack.HeaderField{Name: ":status", Value: "200"})
-		t.hEnc.WriteField(hpack.HeaderField{Name: "content-type", Value: "application/grpc"})
+		headerFields = append(headerFields, hpack.HeaderField{Name: ":status", Value: "200"})
+		headerFields = append(headerFields, hpack.HeaderField{Name: "content-type", Value: "application/grpc"})
 	}
-	t.hEnc.WriteField(
-		hpack.HeaderField{
-			Name:  "grpc-status",
-			Value: strconv.Itoa(int(st.Code())),
-		})
-	t.hEnc.WriteField(hpack.HeaderField{Name: "grpc-message", Value: encodeGrpcMessage(st.Message())})
+	headerFields = append(headerFields, hpack.HeaderField{Name: "grpc-status", Value: strconv.Itoa(int(st.Code()))})
+	headerFields = append(headerFields, hpack.HeaderField{Name: "grpc-message", Value: encodeGrpcMessage(st.Message())})
 
 	if p := st.Proto(); p != nil && len(p.Details) > 0 {
 		stBytes, err := proto.Marshal(p)
@@ -713,7 +776,7 @@ func (t *http2Server) WriteStatus(s *Stream, st *status.Status) error {
 			panic(err)
 		}
 
-		t.hEnc.WriteField(hpack.HeaderField{Name: "grpc-status-details-bin", Value: encodeBinHeader(stBytes)})
+		headerFields = append(headerFields, hpack.HeaderField{Name: "grpc-status-details-bin", Value: encodeBinHeader(stBytes)})
 	}
 
 	// Attach the trailer metadata.
@@ -723,29 +786,32 @@ func (t *http2Server) WriteStatus(s *Stream, st *status.Status) error {
 			continue
 		}
 		for _, v := range vv {
-			t.hEnc.WriteField(hpack.HeaderField{Name: k, Value: encodeMetadataHeader(k, v)})
+			headerFields = append(headerFields, hpack.HeaderField{Name: k, Value: encodeMetadataHeader(k, v)})
 		}
 	}
-	bufLen := t.hBuf.Len()
-	if err := t.writeHeaders(s, t.hBuf, true); err != nil {
-		t.Close()
-		return err
-	}
+	t.controlBuf.put(&headerFrame{
+		streamID:  s.id,
+		hf:        headerFields,
+		endStream: true,
+	})
 	if t.stats != nil {
-		outTrailer := &stats.OutTrailer{
-			WireLength: bufLen,
-		}
-		t.stats.HandleRPC(s.Context(), outTrailer)
+		t.stats.HandleRPC(s.Context(), &stats.OutTrailer{})
 	}
 	t.closeStream(s)
-	t.writableChan <- 0
 	return nil
 }
 
 // Write converts the data into HTTP2 data frame and sends it out. Non-nil error
 // is returns if it fails (e.g., framing error, transport error).
-func (t *http2Server) Write(s *Stream, data []byte, opts *Options) (err error) {
-	// TODO(zhaoq): Support multi-writers for a single stream.
+func (t *http2Server) Write(s *Stream, hdr []byte, data []byte, opts *Options) (err error) {
+	select {
+	case <-s.ctx.Done():
+		return ContextErr(s.ctx.Err())
+	case <-t.ctx.Done():
+		return ErrConnClosing
+	default:
+	}
+
 	var writeHeaderFrame bool
 	s.mu.Lock()
 	if s.state == streamDone {
@@ -759,107 +825,81 @@ func (t *http2Server) Write(s *Stream, data []byte, opts *Options) (err error) {
 	if writeHeaderFrame {
 		t.WriteHeader(s, nil)
 	}
-	defer func() {
-		if err == nil {
+	// Add data to header frame so that we can equally distribute data across frames.
+	emptyLen := http2MaxFrameLen - len(hdr)
+	if emptyLen > len(data) {
+		emptyLen = len(data)
+	}
+	hdr = append(hdr, data[:emptyLen]...)
+	data = data[emptyLen:]
+	for _, r := range [][]byte{hdr, data} {
+		for len(r) > 0 {
+			size := http2MaxFrameLen
+			// Wait until the stream has some quota to send the data.
+			quotaChan, quotaVer := s.sendQuotaPool.acquireWithVersion()
+			sq, err := wait(s.ctx, t.ctx, nil, nil, quotaChan)
+			if err != nil {
+				return err
+			}
+			// Wait until the transport has some quota to send the data.
+			tq, err := wait(s.ctx, t.ctx, nil, nil, t.sendQuotaPool.acquire())
+			if err != nil {
+				return err
+			}
+			if sq < size {
+				size = sq
+			}
+			if tq < size {
+				size = tq
+			}
+			if size > len(r) {
+				size = len(r)
+			}
+			p := r[:size]
+			ps := len(p)
+			if ps < tq {
+				// Overbooked transport quota. Return it back.
+				t.sendQuotaPool.add(tq - ps)
+			}
+			// Acquire local send quota to be able to write to the controlBuf.
+			ltq, err := wait(s.ctx, t.ctx, nil, nil, s.localSendQuota.acquire())
+			if err != nil {
+				if _, ok := err.(ConnectionError); !ok {
+					t.sendQuotaPool.add(ps)
+				}
+				return err
+			}
+			s.localSendQuota.add(ltq - ps) // It's ok we make this negative.
 			// Reset ping strikes when sending data since this might cause
 			// the peer to send ping.
 			atomic.StoreUint32(&t.resetPingStrikes, 1)
-		}
-	}()
-	r := bytes.NewBuffer(data)
-	for {
-		if r.Len() == 0 {
-			return nil
-		}
-		size := http2MaxFrameLen
-		// Wait until the stream has some quota to send the data.
-		sq, err := wait(s.ctx, nil, nil, t.shutdownChan, s.sendQuotaPool.acquire())
-		if err != nil {
-			return err
-		}
-		// Wait until the transport has some quota to send the data.
-		tq, err := wait(s.ctx, nil, nil, t.shutdownChan, t.sendQuotaPool.acquire())
-		if err != nil {
-			return err
-		}
-		if sq < size {
-			size = sq
-		}
-		if tq < size {
-			size = tq
-		}
-		p := r.Next(size)
-		ps := len(p)
-		if ps < sq {
-			// Overbooked stream quota. Return it back.
-			s.sendQuotaPool.add(sq - ps)
-		}
-		if ps < tq {
-			// Overbooked transport quota. Return it back.
-			t.sendQuotaPool.add(tq - ps)
-		}
-		t.framer.adjustNumWriters(1)
-		// Got some quota. Try to acquire writing privilege on the
-		// transport.
-		if _, err := wait(s.ctx, nil, nil, t.shutdownChan, t.writableChan); err != nil {
-			if _, ok := err.(StreamError); ok {
-				// Return the connection quota back.
-				t.sendQuotaPool.add(ps)
-			}
-			if t.framer.adjustNumWriters(-1) == 0 {
-				// This writer is the last one in this batch and has the
-				// responsibility to flush the buffered frames. It queues
-				// a flush request to controlBuf instead of flushing directly
-				// in order to avoid the race with other writing or flushing.
-				t.controlBuf.put(&flushIO{})
+			success := func() {
+				t.controlBuf.put(&dataFrame{streamID: s.id, endStream: false, d: p, f: func() {
+					s.localSendQuota.add(ps)
+				}})
+				if ps < sq {
+					// Overbooked stream quota. Return it back.
+					s.sendQuotaPool.lockedAdd(sq - ps)
+				}
+				r = r[ps:]
 			}
-			return err
-		}
-		select {
-		case <-s.ctx.Done():
-			t.sendQuotaPool.add(ps)
-			if t.framer.adjustNumWriters(-1) == 0 {
-				t.controlBuf.put(&flushIO{})
+			failure := func() {
+				s.sendQuotaPool.lockedAdd(sq)
 			}
-			t.writableChan <- 0
-			return ContextErr(s.ctx.Err())
-		default:
-		}
-		var forceFlush bool
-		if r.Len() == 0 && t.framer.adjustNumWriters(0) == 1 && !opts.Last {
-			forceFlush = true
-		}
-		if err := t.framer.writeData(forceFlush, s.id, false, p); err != nil {
-			t.Close()
-			return connectionErrorf(true, err, "transport: %v", err)
-		}
-		if t.framer.adjustNumWriters(-1) == 0 {
-			t.framer.flushWrite()
-		}
-		t.writableChan <- 0
-	}
-
-}
-
-func (t *http2Server) applySettings(ss []http2.Setting) {
-	for _, s := range ss {
-		if s.ID == http2.SettingInitialWindowSize {
-			t.mu.Lock()
-			defer t.mu.Unlock()
-			for _, stream := range t.activeStreams {
-				stream.sendQuotaPool.add(int(s.Val - t.streamSendQuota))
+			if !s.sendQuotaPool.compareAndExecute(quotaVer, success, failure) {
+				t.sendQuotaPool.add(ps)
+				s.localSendQuota.add(ps)
 			}
-			t.streamSendQuota = s.Val
 		}
-
 	}
+	return nil
 }
 
 // keepalive running in a separate goroutine does the following:
 // 1. Gracefully closes an idle connection after a duration of keepalive.MaxConnectionIdle.
 // 2. Gracefully closes any connection after a duration of keepalive.MaxConnectionAge.
 // 3. Forcibly closes a connection after an additive period of keepalive.MaxConnectionAgeGrace over keepalive.MaxConnectionAge.
-// 4. Makes sure a connection is alive by sending pings with a frequency of keepalive.Time and closes a non-resposive connection
+// 4. Makes sure a connection is alive by sending pings with a frequency of keepalive.Time and closes a non-responsive connection
 // after an additional duration of keepalive.Timeout.
 func (t *http2Server) keepalive() {
 	p := &ping{}
@@ -868,7 +908,7 @@ func (t *http2Server) keepalive() {
 	maxAge := time.NewTimer(t.kp.MaxConnectionAge)
 	keepalive := time.NewTimer(t.kp.Time)
 	// NOTE: All exit paths of this function should reset their
-	// respecitve timers. A failure to do so will cause the
+	// respective timers. A failure to do so will cause the
 	// following clean-up to deadlock and eventually leak.
 	defer func() {
 		if !maxIdle.Stop() {
@@ -892,23 +932,18 @@ func (t *http2Server) keepalive() {
 				continue
 			}
 			val := t.kp.MaxConnectionIdle - time.Since(idle)
+			t.mu.Unlock()
 			if val <= 0 {
 				// The connection has been idle for a duration of keepalive.MaxConnectionIdle or more.
 				// Gracefully close the connection.
-				t.state = draining
-				t.mu.Unlock()
-				t.Drain()
+				t.drain(http2.ErrCodeNo, []byte{})
 				// Reseting the timer so that the clean-up doesn't deadlock.
 				maxIdle.Reset(infinity)
 				return
 			}
-			t.mu.Unlock()
 			maxIdle.Reset(val)
 		case <-maxAge.C:
-			t.mu.Lock()
-			t.state = draining
-			t.mu.Unlock()
-			t.Drain()
+			t.drain(http2.ErrCodeNo, []byte{})
 			maxAge.Reset(t.kp.MaxConnectionAgeGrace)
 			select {
 			case <-maxAge.C:
@@ -916,7 +951,7 @@ func (t *http2Server) keepalive() {
 				t.Close()
 				// Reseting the timer so that the clean-up doesn't deadlock.
 				maxAge.Reset(infinity)
-			case <-t.shutdownChan:
+			case <-t.ctx.Done():
 			}
 			return
 		case <-keepalive.C:
@@ -934,69 +969,137 @@ func (t *http2Server) keepalive() {
 			pingSent = true
 			t.controlBuf.put(p)
 			keepalive.Reset(t.kp.Timeout)
-		case <-t.shutdownChan:
+		case <-t.ctx.Done():
 			return
 		}
 	}
 }
 
-// controller running in a separate goroutine takes charge of sending control
-// frames (e.g., window update, reset stream, setting, etc.) to the server.
-func (t *http2Server) controller() {
-	for {
-		select {
-		case i := <-t.controlBuf.get():
-			t.controlBuf.load()
+var goAwayPing = &ping{data: [8]byte{1, 6, 1, 8, 0, 3, 3, 9}}
+
+// TODO(mmukhi): A lot of this code(and code in other places in the tranpsort layer)
+// is duplicated between the client and the server.
+// The transport layer needs to be refactored to take care of this.
+func (t *http2Server) itemHandler(i item) error {
+	switch i := i.(type) {
+	case *dataFrame:
+		if err := t.framer.fr.WriteData(i.streamID, i.endStream, i.d); err != nil {
+			return err
+		}
+		i.f()
+		return nil
+	case *headerFrame:
+		t.hBuf.Reset()
+		for _, f := range i.hf {
+			t.hEnc.WriteField(f)
+		}
+		first := true
+		endHeaders := false
+		for !endHeaders {
+			size := t.hBuf.Len()
+			if size > http2MaxFrameLen {
+				size = http2MaxFrameLen
+			} else {
+				endHeaders = true
+			}
+			var err error
+			if first {
+				first = false
+				err = t.framer.fr.WriteHeaders(http2.HeadersFrameParam{
+					StreamID:      i.streamID,
+					BlockFragment: t.hBuf.Next(size),
+					EndStream:     i.endStream,
+					EndHeaders:    endHeaders,
+				})
+			} else {
+				err = t.framer.fr.WriteContinuation(
+					i.streamID,
+					endHeaders,
+					t.hBuf.Next(size),
+				)
+			}
+			if err != nil {
+				return err
+			}
+		}
+		atomic.StoreUint32(&t.resetPingStrikes, 1)
+		return nil
+	case *windowUpdate:
+		return t.framer.fr.WriteWindowUpdate(i.streamID, i.increment)
+	case *settings:
+		if i.ack {
+			t.applySettings(i.ss)
+			return t.framer.fr.WriteSettingsAck()
+		}
+		return t.framer.fr.WriteSettings(i.ss...)
+	case *resetStream:
+		return t.framer.fr.WriteRSTStream(i.streamID, i.code)
+	case *goAway:
+		t.mu.Lock()
+		if t.state == closing {
+			t.mu.Unlock()
+			// The transport is closing.
+			return fmt.Errorf("transport: Connection closing")
+		}
+		sid := t.maxStreamID
+		if !i.headsUp {
+			// Stop accepting more streams now.
+			t.state = draining
+			t.mu.Unlock()
+			if err := t.framer.fr.WriteGoAway(sid, i.code, i.debugData); err != nil {
+				return err
+			}
+			if i.closeConn {
+				// Abruptly close the connection following the GoAway (via
+				// loopywriter).  But flush out what's inside the buffer first.
+				t.framer.writer.Flush()
+				return fmt.Errorf("transport: Connection closing")
+			}
+			return nil
+		}
+		t.mu.Unlock()
+		// For a graceful close, send out a GoAway with stream ID of MaxUInt32,
+		// Follow that with a ping and wait for the ack to come back or a timer
+		// to expire. During this time accept new streams since they might have
+		// originated before the GoAway reaches the client.
+		// After getting the ack or timer expiration send out another GoAway this
+		// time with an ID of the max stream server intends to process.
+		if err := t.framer.fr.WriteGoAway(math.MaxUint32, http2.ErrCodeNo, []byte{}); err != nil {
+			return err
+		}
+		if err := t.framer.fr.WritePing(false, goAwayPing.data); err != nil {
+			return err
+		}
+		go func() {
+			timer := time.NewTimer(time.Minute)
+			defer timer.Stop()
 			select {
-			case <-t.writableChan:
-				switch i := i.(type) {
-				case *windowUpdate:
-					t.framer.writeWindowUpdate(true, i.streamID, i.increment)
-				case *settings:
-					if i.ack {
-						t.framer.writeSettingsAck(true)
-						t.applySettings(i.ss)
-					} else {
-						t.framer.writeSettings(true, i.ss...)
-					}
-				case *resetStream:
-					t.framer.writeRSTStream(true, i.streamID, i.code)
-				case *goAway:
-					t.mu.Lock()
-					if t.state == closing {
-						t.mu.Unlock()
-						// The transport is closing.
-						return
-					}
-					sid := t.maxStreamID
-					t.state = draining
-					t.mu.Unlock()
-					t.framer.writeGoAway(true, sid, i.code, i.debugData)
-					if i.code == http2.ErrCodeEnhanceYourCalm {
-						t.Close()
-					}
-				case *flushIO:
-					t.framer.flushWrite()
-				case *ping:
-					t.framer.writePing(true, i.ack, i.data)
-				default:
-					grpclog.Printf("transport: http2Server.controller got unexpected item type %v\n", i)
-				}
-				t.writableChan <- 0
-				continue
-			case <-t.shutdownChan:
+			case <-t.drainChan:
+			case <-timer.C:
+			case <-t.ctx.Done():
 				return
 			}
-		case <-t.shutdownChan:
-			return
+			t.controlBuf.put(&goAway{code: i.code, debugData: i.debugData})
+		}()
+		return nil
+	case *flushIO:
+		return t.framer.writer.Flush()
+	case *ping:
+		if !i.ack {
+			t.bdpEst.timesnap(i.data)
 		}
+		return t.framer.fr.WritePing(i.ack, i.data)
+	default:
+		err := status.Errorf(codes.Internal, "transport: http2Server.controller got unexpected item type %t", i)
+		errorf("%v", err)
+		return err
 	}
 }
 
 // Close starts shutting down the http2Server transport.
 // TODO(zhaoq): Now the destruction is not blocked on any pending streams. This
 // could cause some resource issue. Revisit this later.
-func (t *http2Server) Close() (err error) {
+func (t *http2Server) Close() error {
 	t.mu.Lock()
 	if t.state == closing {
 		t.mu.Unlock()
@@ -1006,8 +1109,8 @@ func (t *http2Server) Close() (err error) {
 	streams := t.activeStreams
 	t.activeStreams = nil
 	t.mu.Unlock()
-	close(t.shutdownChan)
-	err = t.conn.Close()
+	t.cancel()
+	err := t.conn.Close()
 	// Cancel all active streams.
 	for _, s := range streams {
 		s.cancel()
@@ -1016,7 +1119,7 @@ func (t *http2Server) Close() (err error) {
 		connEnd := &stats.ConnEnd{}
 		t.stats.HandleConn(t.ctx, connEnd)
 	}
-	return
+	return err
 }
 
 // closeStream clears the footprint of a stream when the stream is not needed
@@ -1036,11 +1139,6 @@ func (t *http2Server) closeStream(s *Stream) {
 	// called to interrupt the potential blocking on other goroutines.
 	s.cancel()
 	s.mu.Lock()
-	if q := s.fc.resetPendingData(); q > 0 {
-		if w := t.fc.onRead(q); w > 0 {
-			t.controlBuf.put(&windowUpdate{0, w})
-		}
-	}
 	if s.state == streamDone {
 		s.mu.Unlock()
 		return
@@ -1054,7 +1152,17 @@ func (t *http2Server) RemoteAddr() net.Addr {
 }
 
 func (t *http2Server) Drain() {
-	t.controlBuf.put(&goAway{code: http2.ErrCodeNo})
+	t.drain(http2.ErrCodeNo, []byte{})
+}
+
+func (t *http2Server) drain(code http2.ErrCode, debugData []byte) {
+	t.mu.Lock()
+	defer t.mu.Unlock()
+	if t.drainChan != nil {
+		return
+	}
+	t.drainChan = make(chan struct{})
+	t.controlBuf.put(&goAway{code: code, debugData: debugData, headsUp: true})
 }
 
 var rgen = rand.New(rand.NewSource(time.Now().UnixNano()))
diff --git a/vendor/google.golang.org/grpc/transport/http_util.go b/vendor/google.golang.org/grpc/transport/http_util.go
index 795d5d18a4f8..39f878cfd5bf 100644
--- a/vendor/google.golang.org/grpc/transport/http_util.go
+++ b/vendor/google.golang.org/grpc/transport/http_util.go
@@ -1,33 +1,18 @@
 /*
  *
- * Copyright 2014, Google Inc.
- * All rights reserved.
+ * Copyright 2014 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
@@ -40,9 +25,9 @@ import (
 	"fmt"
 	"io"
 	"net"
+	"net/http"
 	"strconv"
 	"strings"
-	"sync/atomic"
 	"time"
 
 	"github.com/golang/protobuf/proto"
@@ -50,7 +35,6 @@ import (
 	"golang.org/x/net/http2/hpack"
 	spb "google.golang.org/genproto/googleapis/rpc/status"
 	"google.golang.org/grpc/codes"
-	"google.golang.org/grpc/grpclog"
 	"google.golang.org/grpc/status"
 )
 
@@ -60,7 +44,8 @@ const (
 	// http://http2.github.io/http2-spec/#SettingValues
 	http2InitHeaderTableSize = 4096
 	// http2IOBufSize specifies the buffer size for sending frames.
-	http2IOBufSize = 32 * 1024
+	defaultWriteBufSize = 32 * 1024
+	defaultReadBufSize  = 32 * 1024
 )
 
 var (
@@ -88,6 +73,24 @@ var (
 		codes.ResourceExhausted: http2.ErrCodeEnhanceYourCalm,
 		codes.PermissionDenied:  http2.ErrCodeInadequateSecurity,
 	}
+	httpStatusConvTab = map[int]codes.Code{
+		// 400 Bad Request - INTERNAL.
+		http.StatusBadRequest: codes.Internal,
+		// 401 Unauthorized  - UNAUTHENTICATED.
+		http.StatusUnauthorized: codes.Unauthenticated,
+		// 403 Forbidden - PERMISSION_DENIED.
+		http.StatusForbidden: codes.PermissionDenied,
+		// 404 Not Found - UNIMPLEMENTED.
+		http.StatusNotFound: codes.Unimplemented,
+		// 429 Too Many Requests - UNAVAILABLE.
+		http.StatusTooManyRequests: codes.Unavailable,
+		// 502 Bad Gateway - UNAVAILABLE.
+		http.StatusBadGateway: codes.Unavailable,
+		// 503 Service Unavailable - UNAVAILABLE.
+		http.StatusServiceUnavailable: codes.Unavailable,
+		// 504 Gateway timeout - UNAVAILABLE.
+		http.StatusGatewayTimeout: codes.Unavailable,
+	}
 )
 
 // Records the states during HPACK decoding. Must be reset once the
@@ -100,14 +103,17 @@ type decodeState struct {
 	statusGen *status.Status
 	// rawStatusCode and rawStatusMsg are set from the raw trailer fields and are not
 	// intended for direct access outside of parsing.
-	rawStatusCode int32
+	rawStatusCode *int
 	rawStatusMsg  string
+	httpStatus    *int
 	// Server side only fields.
 	timeoutSet bool
 	timeout    time.Duration
 	method     string
 	// key-value metadata map from the peer.
-	mdata map[string][]string
+	mdata      map[string][]string
+	statsTags  []byte
+	statsTrace []byte
 }
 
 // isReservedHeader checks whether hdr belongs to HTTP2 headers
@@ -159,7 +165,7 @@ func validContentType(t string) bool {
 func (d *decodeState) status() *status.Status {
 	if d.statusGen == nil {
 		// No status-details were provided; generate status using code/msg.
-		d.statusGen = status.New(codes.Code(d.rawStatusCode), d.rawStatusMsg)
+		d.statusGen = status.New(codes.Code(int32(*(d.rawStatusCode))), d.rawStatusMsg)
 	}
 	return d.statusGen
 }
@@ -193,6 +199,51 @@ func decodeMetadataHeader(k, v string) (string, error) {
 	return v, nil
 }
 
+func (d *decodeState) decodeResponseHeader(frame *http2.MetaHeadersFrame) error {
+	for _, hf := range frame.Fields {
+		if err := d.processHeaderField(hf); err != nil {
+			return err
+		}
+	}
+
+	// If grpc status exists, no need to check further.
+	if d.rawStatusCode != nil || d.statusGen != nil {
+		return nil
+	}
+
+	// If grpc status doesn't exist and http status doesn't exist,
+	// then it's a malformed header.
+	if d.httpStatus == nil {
+		return streamErrorf(codes.Internal, "malformed header: doesn't contain status(gRPC or HTTP)")
+	}
+
+	if *(d.httpStatus) != http.StatusOK {
+		code, ok := httpStatusConvTab[*(d.httpStatus)]
+		if !ok {
+			code = codes.Unknown
+		}
+		return streamErrorf(code, http.StatusText(*(d.httpStatus)))
+	}
+
+	// gRPC status doesn't exist and http status is OK.
+	// Set rawStatusCode to be unknown and return nil error.
+	// So that, if the stream has ended this Unknown status
+	// will be propogated to the user.
+	// Otherwise, it will be ignored. In which case, status from
+	// a later trailer, that has StreamEnded flag set, is propogated.
+	code := int(codes.Unknown)
+	d.rawStatusCode = &code
+	return nil
+
+}
+
+func (d *decodeState) addMetadata(k, v string) {
+	if d.mdata == nil {
+		d.mdata = make(map[string][]string)
+	}
+	d.mdata[k] = append(d.mdata[k], v)
+}
+
 func (d *decodeState) processHeaderField(f hpack.HeaderField) error {
 	switch f.Name {
 	case "content-type":
@@ -206,7 +257,7 @@ func (d *decodeState) processHeaderField(f hpack.HeaderField) error {
 		if err != nil {
 			return streamErrorf(codes.Internal, "transport: malformed grpc-status: %v", err)
 		}
-		d.rawStatusCode = int32(code)
+		d.rawStatusCode = &code
 	case "grpc-message":
 		d.rawStatusMsg = decodeGrpcMessage(f.Value)
 	case "grpc-status-details-bin":
@@ -227,18 +278,36 @@ func (d *decodeState) processHeaderField(f hpack.HeaderField) error {
 		}
 	case ":path":
 		d.method = f.Value
+	case ":status":
+		code, err := strconv.Atoi(f.Value)
+		if err != nil {
+			return streamErrorf(codes.Internal, "transport: malformed http-status: %v", err)
+		}
+		d.httpStatus = &code
+	case "grpc-tags-bin":
+		v, err := decodeBinHeader(f.Value)
+		if err != nil {
+			return streamErrorf(codes.Internal, "transport: malformed grpc-tags-bin: %v", err)
+		}
+		d.statsTags = v
+		d.addMetadata(f.Name, string(v))
+	case "grpc-trace-bin":
+		v, err := decodeBinHeader(f.Value)
+		if err != nil {
+			return streamErrorf(codes.Internal, "transport: malformed grpc-trace-bin: %v", err)
+		}
+		d.statsTrace = v
+		d.addMetadata(f.Name, string(v))
 	default:
-		if !isReservedHeader(f.Name) || isWhitelistedPseudoHeader(f.Name) {
-			if d.mdata == nil {
-				d.mdata = make(map[string][]string)
-			}
-			v, err := decodeMetadataHeader(f.Name, f.Value)
-			if err != nil {
-				grpclog.Printf("Failed to decode (%q, %q): %v", f.Name, f.Value, err)
-				return nil
-			}
-			d.mdata[f.Name] = append(d.mdata[f.Name], v)
+		if isReservedHeader(f.Name) && !isWhitelistedPseudoHeader(f.Name) {
+			break
 		}
+		v, err := decodeMetadataHeader(f.Name, f.Value)
+		if err != nil {
+			errorf("Failed to decode metadata header (%q, %q): %v", f.Name, f.Value, err)
+			return nil
+		}
+		d.addMetadata(f.Name, string(v))
 	}
 	return nil
 }
@@ -406,10 +475,10 @@ type framer struct {
 	fr         *http2.Framer
 }
 
-func newFramer(conn net.Conn) *framer {
+func newFramer(conn net.Conn, writeBufferSize, readBufferSize int) *framer {
 	f := &framer{
-		reader: bufio.NewReaderSize(conn, http2IOBufSize),
-		writer: bufio.NewWriterSize(conn, http2IOBufSize),
+		reader: bufio.NewReaderSize(conn, readBufferSize),
+		writer: bufio.NewWriterSize(conn, writeBufferSize),
 	}
 	f.fr = http2.NewFramer(f.writer, f.reader)
 	// Opt-in to Frame reuse API on framer to reduce garbage.
@@ -418,132 +487,3 @@ func newFramer(conn net.Conn) *framer {
 	f.fr.ReadMetaHeaders = hpack.NewDecoder(http2InitHeaderTableSize, nil)
 	return f
 }
-
-func (f *framer) adjustNumWriters(i int32) int32 {
-	return atomic.AddInt32(&f.numWriters, i)
-}
-
-// The following writeXXX functions can only be called when the caller gets
-// unblocked from writableChan channel (i.e., owns the privilege to write).
-
-func (f *framer) writeContinuation(forceFlush bool, streamID uint32, endHeaders bool, headerBlockFragment []byte) error {
-	if err := f.fr.WriteContinuation(streamID, endHeaders, headerBlockFragment); err != nil {
-		return err
-	}
-	if forceFlush {
-		return f.writer.Flush()
-	}
-	return nil
-}
-
-func (f *framer) writeData(forceFlush bool, streamID uint32, endStream bool, data []byte) error {
-	if err := f.fr.WriteData(streamID, endStream, data); err != nil {
-		return err
-	}
-	if forceFlush {
-		return f.writer.Flush()
-	}
-	return nil
-}
-
-func (f *framer) writeGoAway(forceFlush bool, maxStreamID uint32, code http2.ErrCode, debugData []byte) error {
-	if err := f.fr.WriteGoAway(maxStreamID, code, debugData); err != nil {
-		return err
-	}
-	if forceFlush {
-		return f.writer.Flush()
-	}
-	return nil
-}
-
-func (f *framer) writeHeaders(forceFlush bool, p http2.HeadersFrameParam) error {
-	if err := f.fr.WriteHeaders(p); err != nil {
-		return err
-	}
-	if forceFlush {
-		return f.writer.Flush()
-	}
-	return nil
-}
-
-func (f *framer) writePing(forceFlush, ack bool, data [8]byte) error {
-	if err := f.fr.WritePing(ack, data); err != nil {
-		return err
-	}
-	if forceFlush {
-		return f.writer.Flush()
-	}
-	return nil
-}
-
-func (f *framer) writePriority(forceFlush bool, streamID uint32, p http2.PriorityParam) error {
-	if err := f.fr.WritePriority(streamID, p); err != nil {
-		return err
-	}
-	if forceFlush {
-		return f.writer.Flush()
-	}
-	return nil
-}
-
-func (f *framer) writePushPromise(forceFlush bool, p http2.PushPromiseParam) error {
-	if err := f.fr.WritePushPromise(p); err != nil {
-		return err
-	}
-	if forceFlush {
-		return f.writer.Flush()
-	}
-	return nil
-}
-
-func (f *framer) writeRSTStream(forceFlush bool, streamID uint32, code http2.ErrCode) error {
-	if err := f.fr.WriteRSTStream(streamID, code); err != nil {
-		return err
-	}
-	if forceFlush {
-		return f.writer.Flush()
-	}
-	return nil
-}
-
-func (f *framer) writeSettings(forceFlush bool, settings ...http2.Setting) error {
-	if err := f.fr.WriteSettings(settings...); err != nil {
-		return err
-	}
-	if forceFlush {
-		return f.writer.Flush()
-	}
-	return nil
-}
-
-func (f *framer) writeSettingsAck(forceFlush bool) error {
-	if err := f.fr.WriteSettingsAck(); err != nil {
-		return err
-	}
-	if forceFlush {
-		return f.writer.Flush()
-	}
-	return nil
-}
-
-func (f *framer) writeWindowUpdate(forceFlush bool, streamID, incr uint32) error {
-	if err := f.fr.WriteWindowUpdate(streamID, incr); err != nil {
-		return err
-	}
-	if forceFlush {
-		return f.writer.Flush()
-	}
-	return nil
-}
-
-func (f *framer) flushWrite() error {
-	return f.writer.Flush()
-}
-
-func (f *framer) readFrame() (http2.Frame, error) {
-	return f.fr.ReadFrame()
-}
-
-func (f *framer) errorDetail() error {
-	return f.fr.ErrorDetail()
-}
diff --git a/vendor/google.golang.org/grpc/transport/log.go b/vendor/google.golang.org/grpc/transport/log.go
new file mode 100644
index 000000000000..ac8e358c5c8c
--- /dev/null
+++ b/vendor/google.golang.org/grpc/transport/log.go
@@ -0,0 +1,50 @@
+/*
+ *
+ * Copyright 2017 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// This file contains wrappers for grpclog functions.
+// The transport package only logs to verbose level 2 by default.
+
+package transport
+
+import "google.golang.org/grpc/grpclog"
+
+const logLevel = 2
+
+func infof(format string, args ...interface{}) {
+	if grpclog.V(logLevel) {
+		grpclog.Infof(format, args...)
+	}
+}
+
+func warningf(format string, args ...interface{}) {
+	if grpclog.V(logLevel) {
+		grpclog.Warningf(format, args...)
+	}
+}
+
+func errorf(format string, args ...interface{}) {
+	if grpclog.V(logLevel) {
+		grpclog.Errorf(format, args...)
+	}
+}
+
+func fatalf(format string, args ...interface{}) {
+	if grpclog.V(logLevel) {
+		grpclog.Fatalf(format, args...)
+	}
+}
diff --git a/vendor/google.golang.org/grpc/transport/transport.go b/vendor/google.golang.org/grpc/transport/transport.go
index 87dc27e5bba3..ce5cb74d2ee1 100644
--- a/vendor/google.golang.org/grpc/transport/transport.go
+++ b/vendor/google.golang.org/grpc/transport/transport.go
@@ -1,48 +1,32 @@
 /*
  *
- * Copyright 2014, Google Inc.
- * All rights reserved.
+ * Copyright 2014 gRPC authors.
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- *     * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following disclaimer
- * in the documentation and/or other materials provided with the
- * distribution.
- *     * Neither the name of Google Inc. nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
+ *     http://www.apache.org/licenses/LICENSE-2.0
  *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  *
  */
 
-/*
-Package transport defines and implements message oriented communication channel
-to complete various transactions (e.g., an RPC).
-*/
+// Package transport defines and implements message oriented communication
+// channel to complete various transactions (e.g., an RPC).
 package transport
 
 import (
-	"bytes"
+	stdctx "context"
 	"fmt"
 	"io"
 	"net"
 	"sync"
+	"time"
 
 	"golang.org/x/net/context"
 	"golang.org/x/net/http2"
@@ -65,57 +49,56 @@ type recvMsg struct {
 	err error
 }
 
-func (*recvMsg) item() {}
-
-// All items in an out of a recvBuffer should be the same type.
-type item interface {
-	item()
-}
-
-// recvBuffer is an unbounded channel of item.
+// recvBuffer is an unbounded channel of recvMsg structs.
+// Note recvBuffer differs from controlBuffer only in that recvBuffer
+// holds a channel of only recvMsg structs instead of objects implementing "item" interface.
+// recvBuffer is written to much more often than
+// controlBuffer and using strict recvMsg structs helps avoid allocation in "recvBuffer.put"
 type recvBuffer struct {
-	c       chan item
+	c       chan recvMsg
 	mu      sync.Mutex
-	backlog []item
+	backlog []recvMsg
 }
 
 func newRecvBuffer() *recvBuffer {
 	b := &recvBuffer{
-		c: make(chan item, 1),
+		c: make(chan recvMsg, 1),
 	}
 	return b
 }
 
-func (b *recvBuffer) put(r item) {
+func (b *recvBuffer) put(r recvMsg) {
 	b.mu.Lock()
-	defer b.mu.Unlock()
 	if len(b.backlog) == 0 {
 		select {
 		case b.c <- r:
+			b.mu.Unlock()
 			return
 		default:
 		}
 	}
 	b.backlog = append(b.backlog, r)
+	b.mu.Unlock()
 }
 
 func (b *recvBuffer) load() {
 	b.mu.Lock()
-	defer b.mu.Unlock()
 	if len(b.backlog) > 0 {
 		select {
 		case b.c <- b.backlog[0]:
+			b.backlog[0] = recvMsg{}
 			b.backlog = b.backlog[1:]
 		default:
 		}
 	}
+	b.mu.Unlock()
 }
 
-// get returns the channel that receives an item in the buffer.
+// get returns the channel that receives a recvMsg in the buffer.
 //
-// Upon receipt of an item, the caller should call load to send another
-// item onto the channel if there is any.
-func (b *recvBuffer) get() <-chan item {
+// Upon receipt of a recvMsg, the caller should call load to send another
+// recvMsg onto the channel if there is any.
+func (b *recvBuffer) get() <-chan recvMsg {
 	return b.c
 }
 
@@ -125,7 +108,7 @@ type recvBufferReader struct {
 	ctx    context.Context
 	goAway chan struct{}
 	recv   *recvBuffer
-	last   *bytes.Reader // Stores the remaining data in the previous calls.
+	last   []byte // Stores the remaining data in the previous calls.
 	err    error
 }
 
@@ -136,25 +119,85 @@ func (r *recvBufferReader) Read(p []byte) (n int, err error) {
 	if r.err != nil {
 		return 0, r.err
 	}
-	defer func() { r.err = err }()
-	if r.last != nil && r.last.Len() > 0 {
+	n, r.err = r.read(p)
+	return n, r.err
+}
+
+func (r *recvBufferReader) read(p []byte) (n int, err error) {
+	if r.last != nil && len(r.last) > 0 {
 		// Read remaining data left in last call.
-		return r.last.Read(p)
+		copied := copy(p, r.last)
+		r.last = r.last[copied:]
+		return copied, nil
 	}
 	select {
 	case <-r.ctx.Done():
 		return 0, ContextErr(r.ctx.Err())
 	case <-r.goAway:
 		return 0, ErrStreamDrain
-	case i := <-r.recv.get():
+	case m := <-r.recv.get():
 		r.recv.load()
-		m := i.(*recvMsg)
 		if m.err != nil {
 			return 0, m.err
 		}
-		r.last = bytes.NewReader(m.data)
-		return r.last.Read(p)
+		copied := copy(p, m.data)
+		r.last = m.data[copied:]
+		return copied, nil
+	}
+}
+
+// All items in an out of a controlBuffer should be the same type.
+type item interface {
+	item()
+}
+
+// controlBuffer is an unbounded channel of item.
+type controlBuffer struct {
+	c       chan item
+	mu      sync.Mutex
+	backlog []item
+}
+
+func newControlBuffer() *controlBuffer {
+	b := &controlBuffer{
+		c: make(chan item, 1),
+	}
+	return b
+}
+
+func (b *controlBuffer) put(r item) {
+	b.mu.Lock()
+	if len(b.backlog) == 0 {
+		select {
+		case b.c <- r:
+			b.mu.Unlock()
+			return
+		default:
+		}
+	}
+	b.backlog = append(b.backlog, r)
+	b.mu.Unlock()
+}
+
+func (b *controlBuffer) load() {
+	b.mu.Lock()
+	if len(b.backlog) > 0 {
+		select {
+		case b.c <- b.backlog[0]:
+			b.backlog[0] = nil
+			b.backlog = b.backlog[1:]
+		default:
+		}
 	}
+	b.mu.Unlock()
+}
+
+// get returns the channel that receives an item in the buffer.
+//
+// Upon receipt of an item, the caller should call load to send another
+// item onto the channel if there is any.
+func (b *controlBuffer) get() <-chan item {
+	return b.c
 }
 
 type streamState uint8
@@ -171,11 +214,6 @@ type Stream struct {
 	id uint32
 	// nil for client side Stream.
 	st ServerTransport
-	// clientStatsCtx keeps the user context for stats handling.
-	// It's only valid on client side. Server side stats context is same as s.ctx.
-	// All client side stats collection should use the clientStatsCtx (instead of the stream context)
-	// so that all the generated stats for a particular RPC can be associated in the processing phase.
-	clientStatsCtx context.Context
 	// ctx is the associated context of the stream.
 	ctx context.Context
 	// cancel is always nil for client side Stream.
@@ -189,16 +227,20 @@ type Stream struct {
 	recvCompress string
 	sendCompress string
 	buf          *recvBuffer
-	dec          io.Reader
+	trReader     io.Reader
 	fc           *inFlow
 	recvQuota    uint32
+
+	// TODO: Remote this unused variable.
 	// The accumulated inbound quota pending for window update.
 	updateQuota uint32
-	// The handler to control the window update procedure for both this
-	// particular stream and the associated transport.
-	windowHandler func(int)
 
-	sendQuotaPool *quotaPool
+	// Callback to state application's intentions to read data. This
+	// is used to adjust flow control, if need be.
+	requestRead func(int)
+
+	sendQuotaPool  *quotaPool
+	localSendQuota *quotaPool
 	// Close headerChan to indicate the end of reception of header metadata.
 	headerChan chan struct{}
 	// header caches the received header metadata.
@@ -251,16 +293,24 @@ func (s *Stream) GoAway() <-chan struct{} {
 
 // Header acquires the key-value pairs of header metadata once it
 // is available. It blocks until i) the metadata is ready or ii) there is no
-// header metadata or iii) the stream is cancelled/expired.
+// header metadata or iii) the stream is canceled/expired.
 func (s *Stream) Header() (metadata.MD, error) {
+	var err error
 	select {
 	case <-s.ctx.Done():
-		return nil, ContextErr(s.ctx.Err())
+		err = ContextErr(s.ctx.Err())
 	case <-s.goAway:
-		return nil, ErrStreamDrain
+		err = ErrStreamDrain
+	case <-s.headerChan:
+		return s.header.Copy(), nil
+	}
+	// Even if the stream is closed, header is returned if available.
+	select {
 	case <-s.headerChan:
 		return s.header.Copy(), nil
+	default:
 	}
+	return nil, err
 }
 
 // Trailer returns the cached trailer metedata. Note that if it is not called
@@ -268,8 +318,9 @@ func (s *Stream) Header() (metadata.MD, error) {
 // side only.
 func (s *Stream) Trailer() metadata.MD {
 	s.mu.RLock()
-	defer s.mu.RUnlock()
-	return s.trailer.Copy()
+	c := s.trailer.Copy()
+	s.mu.RUnlock()
+	return c
 }
 
 // ServerTransport returns the underlying ServerTransport for the stream.
@@ -297,14 +348,16 @@ func (s *Stream) Status() *status.Status {
 // Server side only.
 func (s *Stream) SetHeader(md metadata.MD) error {
 	s.mu.Lock()
-	defer s.mu.Unlock()
 	if s.headerOk || s.state == streamDone {
+		s.mu.Unlock()
 		return ErrIllegalHeaderWrite
 	}
 	if md.Len() == 0 {
+		s.mu.Unlock()
 		return nil
 	}
 	s.header = metadata.Join(s.header, md)
+	s.mu.Unlock()
 	return nil
 }
 
@@ -315,25 +368,44 @@ func (s *Stream) SetTrailer(md metadata.MD) error {
 		return nil
 	}
 	s.mu.Lock()
-	defer s.mu.Unlock()
 	s.trailer = metadata.Join(s.trailer, md)
+	s.mu.Unlock()
 	return nil
 }
 
 func (s *Stream) write(m recvMsg) {
-	s.buf.put(&m)
+	s.buf.put(m)
 }
 
-// Read reads all the data available for this Stream from the transport and
+// Read reads all p bytes from the wire for this stream.
+func (s *Stream) Read(p []byte) (n int, err error) {
+	// Don't request a read if there was an error earlier
+	if er := s.trReader.(*transportReader).er; er != nil {
+		return 0, er
+	}
+	s.requestRead(len(p))
+	return io.ReadFull(s.trReader, p)
+}
+
+// tranportReader reads all the data available for this Stream from the transport and
 // passes them into the decoder, which converts them into a gRPC message stream.
 // The error is io.EOF when the stream is done or another non-nil error if
 // the stream broke.
-func (s *Stream) Read(p []byte) (n int, err error) {
-	n, err = s.dec.Read(p)
+type transportReader struct {
+	reader io.Reader
+	// The handler to control the window update procedure for both this
+	// particular stream and the associated transport.
+	windowHandler func(int)
+	er            error
+}
+
+func (t *transportReader) Read(p []byte) (n int, err error) {
+	n, err = t.reader.Read(p)
 	if err != nil {
+		t.er = err
 		return
 	}
-	s.windowHandler(n)
+	t.windowHandler(n)
 	return
 }
 
@@ -348,15 +420,17 @@ func (s *Stream) finish(st *status.Status) {
 // BytesSent indicates whether any bytes have been sent on this stream.
 func (s *Stream) BytesSent() bool {
 	s.mu.Lock()
-	defer s.mu.Unlock()
-	return s.bytesSent
+	bs := s.bytesSent
+	s.mu.Unlock()
+	return bs
 }
 
 // BytesReceived indicates whether any bytes have been received on this stream.
 func (s *Stream) BytesReceived() bool {
 	s.mu.Lock()
-	defer s.mu.Unlock()
-	return s.bytesReceived
+	br := s.bytesReceived
+	s.mu.Unlock()
+	return br
 }
 
 // GoString is implemented by Stream so context.String() won't
@@ -385,19 +459,22 @@ type transportState int
 
 const (
 	reachable transportState = iota
-	unreachable
 	closing
 	draining
 )
 
 // ServerConfig consists of all the configurations to establish a server transport.
 type ServerConfig struct {
-	MaxStreams      uint32
-	AuthInfo        credentials.AuthInfo
-	InTapHandle     tap.ServerInHandle
-	StatsHandler    stats.Handler
-	KeepaliveParams keepalive.ServerParameters
-	KeepalivePolicy keepalive.EnforcementPolicy
+	MaxStreams            uint32
+	AuthInfo              credentials.AuthInfo
+	InTapHandle           tap.ServerInHandle
+	StatsHandler          stats.Handler
+	KeepaliveParams       keepalive.ServerParameters
+	KeepalivePolicy       keepalive.EnforcementPolicy
+	InitialWindowSize     int32
+	InitialConnWindowSize int32
+	WriteBufferSize       int
+	ReadBufferSize        int
 }
 
 // NewServerTransport creates a ServerTransport with conn or non-nil error
@@ -425,6 +502,14 @@ type ConnectOptions struct {
 	KeepaliveParams keepalive.ClientParameters
 	// StatsHandler stores the handler for stats.
 	StatsHandler stats.Handler
+	// InitialWindowSize sets the initial window size for a stream.
+	InitialWindowSize int32
+	// InitialConnWindowSize sets the initial window size for a connection.
+	InitialConnWindowSize int32
+	// WriteBufferSize sets the size of write buffer which in turn determines how much data can be batched before it's written on the wire.
+	WriteBufferSize int
+	// ReadBufferSize sets the size of read buffer, which in turn determines how much data can be read at most for one read syscall.
+	ReadBufferSize int
 }
 
 // TargetInfo contains the information of the target such as network address and metadata.
@@ -435,8 +520,8 @@ type TargetInfo struct {
 
 // NewClientTransport establishes the transport with the required ConnectOptions
 // and returns it to the caller.
-func NewClientTransport(ctx context.Context, target TargetInfo, opts ConnectOptions) (ClientTransport, error) {
-	return newHTTP2Client(ctx, target, opts)
+func NewClientTransport(ctx context.Context, target TargetInfo, opts ConnectOptions, timeout time.Duration) (ClientTransport, error) {
+	return newHTTP2Client(ctx, target, opts, timeout)
 }
 
 // Options provides additional hints and information for message
@@ -448,7 +533,7 @@ type Options struct {
 
 	// Delay is a hint to the transport implementation for whether
 	// the data could be buffered for a batching write. The
-	// Transport implementation may ignore the hint.
+	// transport implementation may ignore the hint.
 	Delay bool
 }
 
@@ -468,10 +553,15 @@ type CallHdr struct {
 	// outbound message.
 	SendCompress string
 
+	// Creds specifies credentials.PerRPCCredentials for a call.
+	Creds credentials.PerRPCCredentials
+
 	// Flush indicates whether a new stream command should be sent
 	// to the peer without waiting for the first data. This is
-	// only a hint. The transport may modify the flush decision
+	// only a hint.
+	// If it's true, the transport may modify the flush decision
 	// for performance purposes.
+	// If it's false, new stream will never be flushed.
 	Flush bool
 }
 
@@ -489,7 +579,7 @@ type ClientTransport interface {
 
 	// Write sends the data for the given stream. A nil stream indicates
 	// the write is to be performed on the transport as a whole.
-	Write(s *Stream, data []byte, opts *Options) error
+	Write(s *Stream, hdr []byte, data []byte, opts *Options) error
 
 	// NewStream creates a Stream for an RPC.
 	NewStream(ctx context.Context, callHdr *CallHdr) (*Stream, error)
@@ -507,7 +597,7 @@ type ClientTransport interface {
 	// once the transport is initiated.
 	Error() <-chan struct{}
 
-	// GoAway returns a channel that is closed when ClientTranspor
+	// GoAway returns a channel that is closed when ClientTransport
 	// receives the draining signal from the server (e.g., GOAWAY frame in
 	// HTTP/2).
 	GoAway() <-chan struct{}
@@ -531,7 +621,7 @@ type ServerTransport interface {
 
 	// Write sends the data for the given stream.
 	// Write may not be called on all streams.
-	Write(s *Stream, data []byte, opts *Options) error
+	Write(s *Stream, hdr []byte, data []byte, opts *Options) error
 
 	// WriteStatus sends the status of a stream to the client.  WriteStatus is
 	// the final call made on a stream and always occurs.
@@ -613,45 +703,33 @@ func (e StreamError) Error() string {
 	return fmt.Sprintf("stream error: code = %s desc = %q", e.Code, e.Desc)
 }
 
-// ContextErr converts the error from context package into a StreamError.
-func ContextErr(err error) StreamError {
-	switch err {
-	case context.DeadlineExceeded:
-		return streamErrorf(codes.DeadlineExceeded, "%v", err)
-	case context.Canceled:
-		return streamErrorf(codes.Canceled, "%v", err)
-	}
-	panic(fmt.Sprintf("Unexpected error from context packet: %v", err))
-}
-
-// wait blocks until it can receive from ctx.Done, closing, or proceed.
-// If it receives from ctx.Done, it returns 0, the StreamError for ctx.Err.
-// If it receives from done, it returns 0, io.EOF if ctx is not done; otherwise
-// it return the StreamError for ctx.Err.
-// If it receives from goAway, it returns 0, ErrStreamDrain.
-// If it receives from closing, it returns 0, ErrConnClosing.
-// If it receives from proceed, it returns the received integer, nil.
-func wait(ctx context.Context, done, goAway, closing <-chan struct{}, proceed <-chan int) (int, error) {
+// wait blocks until it can receive from one of the provided contexts or channels
+func wait(ctx, tctx context.Context, done, goAway <-chan struct{}, proceed <-chan int) (int, error) {
 	select {
 	case <-ctx.Done():
 		return 0, ContextErr(ctx.Err())
 	case <-done:
-		// User cancellation has precedence.
-		select {
-		case <-ctx.Done():
-			return 0, ContextErr(ctx.Err())
-		default:
-		}
 		return 0, io.EOF
 	case <-goAway:
 		return 0, ErrStreamDrain
-	case <-closing:
+	case <-tctx.Done():
 		return 0, ErrConnClosing
 	case i := <-proceed:
 		return i, nil
 	}
 }
 
+// ContextErr converts the error from context package into a StreamError.
+func ContextErr(err error) StreamError {
+	switch err {
+	case context.DeadlineExceeded, stdctx.DeadlineExceeded:
+		return streamErrorf(codes.DeadlineExceeded, "%v", err)
+	case context.Canceled, stdctx.Canceled:
+		return streamErrorf(codes.Canceled, "%v", err)
+	}
+	return streamErrorf(codes.Internal, "Unexpected error from context packet: %v", err)
+}
+
 // GoAwayReason contains the reason for the GoAway frame received.
 type GoAwayReason uint8
 
@@ -661,6 +739,39 @@ const (
 	// NoReason is the default value when GoAway frame is received.
 	NoReason GoAwayReason = 1
 	// TooManyPings indicates that a GoAway frame with ErrCodeEnhanceYourCalm
-	// was recieved and that the debug data said "too_many_pings".
+	// was received and that the debug data said "too_many_pings".
 	TooManyPings GoAwayReason = 2
 )
+
+// loopyWriter is run in a separate go routine. It is the single code path that will
+// write data on wire.
+func loopyWriter(ctx context.Context, cbuf *controlBuffer, handler func(item) error) {
+	for {
+		select {
+		case i := <-cbuf.get():
+			cbuf.load()
+			if err := handler(i); err != nil {
+				return
+			}
+		case <-ctx.Done():
+			return
+		}
+	hasData:
+		for {
+			select {
+			case i := <-cbuf.get():
+				cbuf.load()
+				if err := handler(i); err != nil {
+					return
+				}
+			case <-ctx.Done():
+				return
+			default:
+				if err := handler(&flushIO{}); err != nil {
+					return
+				}
+				break hasData
+			}
+		}
+	}
+}
diff --git a/vendor/google.golang.org/grpc/vet.sh b/vendor/google.golang.org/grpc/vet.sh
new file mode 100755
index 000000000000..d006a426347c
--- /dev/null
+++ b/vendor/google.golang.org/grpc/vet.sh
@@ -0,0 +1,78 @@
+#!/bin/bash
+
+set -ex  # Exit on error; debugging enabled.
+set -o pipefail  # Fail a pipe if any sub-command fails.
+
+die() {
+  echo "$@" >&2
+  exit 1
+}
+
+# TODO: Remove this check and the mangling below once "context" is imported
+# directly.
+if git status --porcelain | read; then
+  die "Uncommitted or untracked files found; commit changes first"
+fi
+
+PATH="$GOPATH/bin:$GOROOT/bin:$PATH"
+
+# Check proto in manual runs or cron runs.
+if [[ "$TRAVIS" != "true" || "$TRAVIS_EVENT_TYPE" = "cron" ]]; then
+  check_proto="true"
+fi
+
+if [ "$1" = "-install" ]; then
+  go get -d \
+    google.golang.org/grpc/...
+  go get -u \
+    github.com/golang/lint/golint \
+    golang.org/x/tools/cmd/goimports \
+    honnef.co/go/tools/cmd/staticcheck \
+    github.com/golang/protobuf/protoc-gen-go \
+    golang.org/x/tools/cmd/stringer
+  if [[ "$check_proto" = "true" ]]; then
+    if [[ "$TRAVIS" = "true" ]]; then
+      PROTOBUF_VERSION=3.3.0
+      PROTOC_FILENAME=protoc-${PROTOBUF_VERSION}-linux-x86_64.zip
+      pushd /home/travis
+      wget https://github.com/google/protobuf/releases/download/v${PROTOBUF_VERSION}/${PROTOC_FILENAME}
+      unzip ${PROTOC_FILENAME}
+      bin/protoc --version
+      popd
+    elif ! which protoc > /dev/null; then
+      die "Please install protoc into your path"
+    fi
+  fi
+  exit 0
+elif [[ "$#" -ne 0 ]]; then
+  die "Unknown argument(s): $*"
+fi
+
+git ls-files "*.go" | xargs grep -L "\(Copyright [0-9]\{4,\} gRPC authors\)\|DO NOT EDIT" 2>&1 | tee /dev/stderr | (! read)
+gofmt -s -d -l . 2>&1 | tee /dev/stderr | (! read)
+goimports -l . 2>&1 | tee /dev/stderr | (! read)
+golint ./... 2>&1 | (grep -vE "(_mock|_string|grpc_lb_v1/doc|\.pb)\.go:" || true) | tee /dev/stderr | (! read)
+
+# Undo any edits made by this script.
+cleanup() {
+  git reset --hard HEAD
+}
+trap cleanup EXIT
+
+# Rewrite golang.org/x/net/context -> context imports (see grpc/grpc-go#1484).
+# TODO: Remove this mangling once "context" is imported directly (grpc/grpc-go#711).
+git ls-files "*.go" | xargs sed -i 's:"golang.org/x/net/context":"context":'
+set +o pipefail
+# TODO: Stop filtering pb.go files once golang/protobuf#214 is fixed.
+go tool vet -all . 2>&1 | grep -vF '.pb.go:' | tee /dev/stderr | (! read)
+set -o pipefail
+git reset --hard HEAD
+
+if [[ "$check_proto" = "true" ]]; then
+  PATH="/home/travis/bin:$PATH" make proto && \
+    git status --porcelain 2>&1 | (! read) || \
+    (git status; git --no-pager diff; exit 1)
+fi
+
+# TODO(menghanl): fix errors in transport_test.
+staticcheck -ignore google.golang.org/grpc/transport/transport_test.go:SA2002 ./...
diff --git a/vendor/github.com/square/go-jose/.gitcookies.sh.enc b/vendor/gopkg.in/square/go-jose.v2/.gitcookies.sh.enc
similarity index 100%
rename from vendor/github.com/square/go-jose/.gitcookies.sh.enc
rename to vendor/gopkg.in/square/go-jose.v2/.gitcookies.sh.enc
diff --git a/vendor/github.com/square/go-jose/.gitignore b/vendor/gopkg.in/square/go-jose.v2/.gitignore
similarity index 100%
rename from vendor/github.com/square/go-jose/.gitignore
rename to vendor/gopkg.in/square/go-jose.v2/.gitignore
diff --git a/vendor/github.com/square/go-jose/.travis.yml b/vendor/gopkg.in/square/go-jose.v2/.travis.yml
similarity index 85%
rename from vendor/github.com/square/go-jose/.travis.yml
rename to vendor/gopkg.in/square/go-jose.v2/.travis.yml
index b4622c6f2f34..c7f8f75ffb56 100644
--- a/vendor/github.com/square/go-jose/.travis.yml
+++ b/vendor/gopkg.in/square/go-jose.v2/.travis.yml
@@ -8,13 +8,15 @@ matrix:
     - go: tip
 
 go:
-- 1.3
-- 1.4
 - 1.5
 - 1.6
 - 1.7
+- 1.8
+- 1.9
 - tip
 
+go_import_path: gopkg.in/square/go-jose.v2
+
 before_script:
 - export PATH=$HOME/.local/bin:$PATH
 
@@ -26,13 +28,15 @@ before_install:
 - bash .gitcookies.sh || true
 - go get github.com/wadey/gocovmerge
 - go get github.com/mattn/goveralls
+- go get github.com/stretchr/testify/assert
 - go get golang.org/x/tools/cmd/cover || true
 - go get code.google.com/p/go.tools/cmd/cover || true
-- pip install cram --user `whoami`
+- pip install cram --user
 
 script:
 - go test . -v -covermode=count -coverprofile=profile.cov
 - go test ./cipher -v -covermode=count -coverprofile=cipher/profile.cov
+- go test ./jwt -v -covermode=count -coverprofile=jwt/profile.cov
 - go test ./json -v # no coverage for forked encoding/json package
 - cd jose-util && go build && PATH=$PWD:$PATH cram -v jose-util.t
 - cd ..
diff --git a/vendor/github.com/square/go-jose/BUG-BOUNTY.md b/vendor/gopkg.in/square/go-jose.v2/BUG-BOUNTY.md
similarity index 100%
rename from vendor/github.com/square/go-jose/BUG-BOUNTY.md
rename to vendor/gopkg.in/square/go-jose.v2/BUG-BOUNTY.md
diff --git a/vendor/github.com/square/go-jose/CONTRIBUTING.md b/vendor/gopkg.in/square/go-jose.v2/CONTRIBUTING.md
similarity index 100%
rename from vendor/github.com/square/go-jose/CONTRIBUTING.md
rename to vendor/gopkg.in/square/go-jose.v2/CONTRIBUTING.md
diff --git a/vendor/gopkg.in/square/go-jose.v2/LICENSE b/vendor/gopkg.in/square/go-jose.v2/LICENSE
new file mode 100644
index 000000000000..d64569567334
--- /dev/null
+++ b/vendor/gopkg.in/square/go-jose.v2/LICENSE
@@ -0,0 +1,202 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
diff --git a/vendor/gopkg.in/square/go-jose.v2/README.md b/vendor/gopkg.in/square/go-jose.v2/README.md
new file mode 100644
index 000000000000..43bf1fbea4bc
--- /dev/null
+++ b/vendor/gopkg.in/square/go-jose.v2/README.md
@@ -0,0 +1,119 @@
+# Go JOSE 
+
+[![godoc](http://img.shields.io/badge/godoc-version_1-blue.svg?style=flat)](https://godoc.org/gopkg.in/square/go-jose.v1)
+[![godoc](http://img.shields.io/badge/godoc-version_2-blue.svg?style=flat)](https://godoc.org/gopkg.in/square/go-jose.v2)
+[![license](http://img.shields.io/badge/license-apache_2.0-blue.svg?style=flat)](https://raw.githubusercontent.com/square/go-jose/master/LICENSE)
+[![build](https://travis-ci.org/square/go-jose.svg?branch=master)](https://travis-ci.org/square/go-jose)
+[![coverage](https://coveralls.io/repos/github/square/go-jose/badge.svg?branch=master)](https://coveralls.io/r/square/go-jose)
+
+Package jose aims to provide an implementation of the Javascript Object Signing
+and Encryption set of standards. This includes support for JSON Web Encryption,
+JSON Web Signature, and JSON Web Token standards.
+
+**Disclaimer**: This library contains encryption software that is subject to
+the U.S. Export Administration Regulations. You may not export, re-export,
+transfer or download this code or any part of it in violation of any United
+States law, directive or regulation. In particular this software may not be
+exported or re-exported in any form or on any media to Iran, North Sudan,
+Syria, Cuba, or North Korea, or to denied persons or entities mentioned on any
+US maintained blocked list.
+
+## Overview
+
+The implementation follows the
+[JSON Web Encryption](http://dx.doi.org/10.17487/RFC7516) (RFC 7516),
+[JSON Web Signature](http://dx.doi.org/10.17487/RFC7515) (RFC 7515), and
+[JSON Web Token](http://dx.doi.org/10.17487/RFC7519) (RFC 7519).
+Tables of supported algorithms are shown below. The library supports both
+the compact and full serialization formats, and has optional support for
+multiple recipients. It also comes with a small command-line utility
+([`jose-util`](https://github.com/square/go-jose/tree/v2/jose-util))
+for dealing with JOSE messages in a shell.
+
+**Note**: We use a forked version of the `encoding/json` package from the Go
+standard library which uses case-sensitive matching for member names (instead
+of [case-insensitive matching](https://www.ietf.org/mail-archive/web/json/current/msg03763.html)).
+This is to avoid differences in interpretation of messages between go-jose and
+libraries in other languages.
+
+### Versions
+
+We use [gopkg.in](https://gopkg.in) for versioning.
+
+[Version 1](https://gopkg.in/square/go-jose.v1) is the old stable version:
+
+    import "gopkg.in/square/go-jose.v1"
+
+[Version 2](https://gopkg.in/square/go-jose.v2) is for new development:
+
+    import "gopkg.in/square/go-jose.v2"
+
+The interface for [go-jose.v1](https://gopkg.in/square/go-jose.v1) will remain
+backwards compatible. No new feature development will take place on the `v1` branch,
+however bug fixes and security fixes will be backported.
+
+The interface for [go-jose.v2](https://gopkg.in/square/go-jose.v2) is mostly 
+stable, but we suggest pinning to a particular revision for now as we still reserve
+the right to make changes. New feature development happens on this branch.
+
+New in [go-jose.v2](https://gopkg.in/square/go-jose.v2) is a
+[jwt](https://godoc.org/gopkg.in/square/go-jose.v2/jwt) sub-package
+contributed by [@shaxbee](https://github.com/shaxbee).
+
+### Supported algorithms
+
+See below for a table of supported algorithms. Algorithm identifiers match
+the names in the [JSON Web Algorithms](http://dx.doi.org/10.17487/RFC7518)
+standard where possible. The Godoc reference has a list of constants.
+
+ Key encryption             | Algorithm identifier(s)
+ :------------------------- | :------------------------------
+ RSA-PKCS#1v1.5             | RSA1_5
+ RSA-OAEP                   | RSA-OAEP, RSA-OAEP-256
+ AES key wrap               | A128KW, A192KW, A256KW
+ AES-GCM key wrap           | A128GCMKW, A192GCMKW, A256GCMKW
+ ECDH-ES + AES key wrap     | ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW
+ ECDH-ES (direct)           | ECDH-ES<sup>1</sup>
+ Direct encryption          | dir<sup>1</sup>
+
+<sup>1. Not supported in multi-recipient mode</sup>
+
+ Signing / MAC              | Algorithm identifier(s)
+ :------------------------- | :------------------------------
+ RSASSA-PKCS#1v1.5          | RS256, RS384, RS512
+ RSASSA-PSS                 | PS256, PS384, PS512
+ HMAC                       | HS256, HS384, HS512
+ ECDSA                      | ES256, ES384, ES512
+
+ Content encryption         | Algorithm identifier(s)
+ :------------------------- | :------------------------------
+ AES-CBC+HMAC               | A128CBC-HS256, A192CBC-HS384, A256CBC-HS512
+ AES-GCM                    | A128GCM, A192GCM, A256GCM 
+
+ Compression                | Algorithm identifiers(s)
+ :------------------------- | -------------------------------
+ DEFLATE (RFC 1951)         | DEF
+
+### Supported key types
+
+See below for a table of supported key types. These are understood by the
+library, and can be passed to corresponding functions such as `NewEncrypter` or
+`NewSigner`. Each of these keys can also be wrapped in a JWK if desired, which
+allows attaching a key id.
+
+ Algorithm(s)               | Corresponding types
+ :------------------------- | -------------------------------
+ RSA                        | *[rsa.PublicKey](http://golang.org/pkg/crypto/rsa/#PublicKey), *[rsa.PrivateKey](http://golang.org/pkg/crypto/rsa/#PrivateKey)
+ ECDH, ECDSA                | *[ecdsa.PublicKey](http://golang.org/pkg/crypto/ecdsa/#PublicKey), *[ecdsa.PrivateKey](http://golang.org/pkg/crypto/ecdsa/#PrivateKey)
+ AES, HMAC                  | []byte
+
+## Examples
+
+[![godoc](http://img.shields.io/badge/godoc-version_1-blue.svg?style=flat)](https://godoc.org/gopkg.in/square/go-jose.v1)
+[![godoc](http://img.shields.io/badge/godoc-version_2-blue.svg?style=flat)](https://godoc.org/gopkg.in/square/go-jose.v2)
+
+Examples can be found in the Godoc
+reference for this package. The
+[`jose-util`](https://github.com/square/go-jose/tree/v2/jose-util)
+subdirectory also contains a small command-line utility which might be useful
+as an example.
diff --git a/vendor/github.com/square/go-jose/asymmetric.go b/vendor/gopkg.in/square/go-jose.v2/asymmetric.go
similarity index 85%
rename from vendor/github.com/square/go-jose/asymmetric.go
rename to vendor/gopkg.in/square/go-jose.v2/asymmetric.go
index 5b3846d10636..15e9d11a27da 100644
--- a/vendor/github.com/square/go-jose/asymmetric.go
+++ b/vendor/gopkg.in/square/go-jose.v2/asymmetric.go
@@ -28,7 +28,9 @@ import (
 	"fmt"
 	"math/big"
 
-	"github.com/square/go-jose/cipher"
+	"golang.org/x/crypto/ed25519"
+	"gopkg.in/square/go-jose.v2/cipher"
+	"gopkg.in/square/go-jose.v2/json"
 )
 
 // A generic RSA-based encrypter/verifier
@@ -46,6 +48,10 @@ type ecEncrypterVerifier struct {
 	publicKey *ecdsa.PublicKey
 }
 
+type edEncrypterVerifier struct {
+	publicKey ed25519.PublicKey
+}
+
 // A key generator for ECDH-ES
 type ecKeyGenerator struct {
 	size      int
@@ -58,6 +64,10 @@ type ecDecrypterSigner struct {
 	privateKey *ecdsa.PrivateKey
 }
 
+type edDecrypterSigner struct {
+	privateKey ed25519.PrivateKey
+}
+
 // newRSARecipient creates recipientKeyInfo based on the given key.
 func newRSARecipient(keyAlg KeyAlgorithm, publicKey *rsa.PublicKey) (recipientKeyInfo, error) {
 	// Verify that key management algorithm is supported by this encrypter
@@ -94,7 +104,7 @@ func newRSASigner(sigAlg SignatureAlgorithm, privateKey *rsa.PrivateKey) (recipi
 
 	return recipientSigInfo{
 		sigAlg: sigAlg,
-		publicKey: &JsonWebKey{
+		publicKey: &JSONWebKey{
 			Key: &privateKey.PublicKey,
 		},
 		signer: &rsaDecrypterSigner{
@@ -103,6 +113,25 @@ func newRSASigner(sigAlg SignatureAlgorithm, privateKey *rsa.PrivateKey) (recipi
 	}, nil
 }
 
+func newEd25519Signer(sigAlg SignatureAlgorithm, privateKey ed25519.PrivateKey) (recipientSigInfo, error) {
+	if sigAlg != EdDSA {
+		return recipientSigInfo{}, ErrUnsupportedAlgorithm
+	}
+
+	if privateKey == nil {
+		return recipientSigInfo{}, errors.New("invalid private key")
+	}
+	return recipientSigInfo{
+		sigAlg: sigAlg,
+		publicKey: &JSONWebKey{
+			Key: privateKey.Public(),
+		},
+		signer: &edDecrypterSigner{
+			privateKey: privateKey,
+		},
+	}, nil
+}
+
 // newECDHRecipient creates recipientKeyInfo based on the given key.
 func newECDHRecipient(keyAlg KeyAlgorithm, publicKey *ecdsa.PublicKey) (recipientKeyInfo, error) {
 	// Verify that key management algorithm is supported by this encrypter
@@ -139,7 +168,7 @@ func newECDSASigner(sigAlg SignatureAlgorithm, privateKey *ecdsa.PrivateKey) (re
 
 	return recipientSigInfo{
 		sigAlg: sigAlg,
-		publicKey: &JsonWebKey{
+		publicKey: &JSONWebKey{
 			Key: &privateKey.PublicKey,
 		},
 		signer: &ecDecrypterSigner{
@@ -178,7 +207,7 @@ func (ctx rsaEncrypterVerifier) encrypt(cek []byte, alg KeyAlgorithm) ([]byte, e
 
 // Decrypt the given payload and return the content encryption key.
 func (ctx rsaDecrypterSigner) decryptKey(headers rawHeader, recipient *recipientInfo, generator keyGenerator) ([]byte, error) {
-	return ctx.decrypt(recipient.encryptedKey, KeyAlgorithm(headers.Alg), generator)
+	return ctx.decrypt(recipient.encryptedKey, headers.getAlgorithm(), generator)
 }
 
 // Decrypt the given payload. Based on the key encryption algorithm,
@@ -366,10 +395,15 @@ func (ctx ecKeyGenerator) genKey() ([]byte, rawHeader, error) {
 
 	out := josecipher.DeriveECDHES(ctx.algID, []byte{}, []byte{}, priv, ctx.publicKey, ctx.size)
 
+	b, err := json.Marshal(&JSONWebKey{
+		Key: &priv.PublicKey,
+	})
+	if err != nil {
+		return nil, nil, err
+	}
+
 	headers := rawHeader{
-		Epk: &JsonWebKey{
-			Key: &priv.PublicKey,
-		},
+		headerEPK: makeRawMessage(b),
 	}
 
 	return out, headers, nil
@@ -377,11 +411,15 @@ func (ctx ecKeyGenerator) genKey() ([]byte, rawHeader, error) {
 
 // Decrypt the given payload and return the content encryption key.
 func (ctx ecDecrypterSigner) decryptKey(headers rawHeader, recipient *recipientInfo, generator keyGenerator) ([]byte, error) {
-	if headers.Epk == nil {
+	epk, err := headers.getEPK()
+	if err != nil {
+		return nil, errors.New("square/go-jose: invalid epk header")
+	}
+	if epk == nil {
 		return nil, errors.New("square/go-jose: missing epk header")
 	}
 
-	publicKey, ok := headers.Epk.Key.(*ecdsa.PublicKey)
+	publicKey, ok := epk.Key.(*ecdsa.PublicKey)
 	if publicKey == nil || !ok {
 		return nil, errors.New("square/go-jose: invalid epk header")
 	}
@@ -390,19 +428,26 @@ func (ctx ecDecrypterSigner) decryptKey(headers rawHeader, recipient *recipientI
 		return nil, errors.New("square/go-jose: invalid public key in epk header")
 	}
 
-	apuData := headers.Apu.bytes()
-	apvData := headers.Apv.bytes()
+	apuData, err := headers.getAPU()
+	if err != nil {
+		return nil, errors.New("square/go-jose: invalid apu header")
+	}
+	apvData, err := headers.getAPV()
+	if err != nil {
+		return nil, errors.New("square/go-jose: invalid apv header")
+	}
 
 	deriveKey := func(algID string, size int) []byte {
-		return josecipher.DeriveECDHES(algID, apuData, apvData, ctx.privateKey, publicKey, size)
+		return josecipher.DeriveECDHES(algID, apuData.bytes(), apvData.bytes(), ctx.privateKey, publicKey, size)
 	}
 
 	var keySize int
 
-	switch KeyAlgorithm(headers.Alg) {
+	algorithm := headers.getAlgorithm()
+	switch algorithm {
 	case ECDH_ES:
 		// ECDH-ES uses direct key agreement, no key unwrapping necessary.
-		return deriveKey(string(headers.Enc), generator.keySize()), nil
+		return deriveKey(string(headers.getEncryption()), generator.keySize()), nil
 	case ECDH_ES_A128KW:
 		keySize = 16
 	case ECDH_ES_A192KW:
@@ -413,7 +458,7 @@ func (ctx ecDecrypterSigner) decryptKey(headers rawHeader, recipient *recipientI
 		return nil, ErrUnsupportedAlgorithm
 	}
 
-	key := deriveKey(headers.Alg, keySize)
+	key := deriveKey(string(algorithm), keySize)
 	block, err := aes.NewCipher(key)
 	if err != nil {
 		return nil, err
@@ -421,6 +466,32 @@ func (ctx ecDecrypterSigner) decryptKey(headers rawHeader, recipient *recipientI
 
 	return josecipher.KeyUnwrap(block, recipient.encryptedKey)
 }
+func (ctx edDecrypterSigner) signPayload(payload []byte, alg SignatureAlgorithm) (Signature, error) {
+	if alg != EdDSA {
+		return Signature{}, ErrUnsupportedAlgorithm
+	}
+
+	sig, err := ctx.privateKey.Sign(randReader, payload, crypto.Hash(0))
+	if err != nil {
+		return Signature{}, err
+	}
+
+	return Signature{
+		Signature: sig,
+		protected: &rawHeader{},
+	}, nil
+}
+
+func (ctx edEncrypterVerifier) verifyPayload(payload []byte, signature []byte, alg SignatureAlgorithm) error {
+	if alg != EdDSA {
+		return ErrUnsupportedAlgorithm
+	}
+	ok := ed25519.Verify(ctx.publicKey, payload, signature)
+	if !ok {
+		return errors.New("square/go-jose: ed25519 signature failed to verify")
+	}
+	return nil
+}
 
 // Sign the given payload
 func (ctx ecDecrypterSigner) signPayload(payload []byte, alg SignatureAlgorithm) (Signature, error) {
@@ -457,7 +528,7 @@ func (ctx ecDecrypterSigner) signPayload(payload []byte, alg SignatureAlgorithm)
 
 	keyBytes := curveBits / 8
 	if curveBits%8 > 0 {
-		keyBytes += 1
+		keyBytes++
 	}
 
 	// We serialize the outpus (r and s) into big-endian byte arrays and pad
diff --git a/vendor/github.com/square/go-jose/cipher/cbc_hmac.go b/vendor/gopkg.in/square/go-jose.v2/cipher/cbc_hmac.go
similarity index 100%
rename from vendor/github.com/square/go-jose/cipher/cbc_hmac.go
rename to vendor/gopkg.in/square/go-jose.v2/cipher/cbc_hmac.go
diff --git a/vendor/github.com/square/go-jose/cipher/concat_kdf.go b/vendor/gopkg.in/square/go-jose.v2/cipher/concat_kdf.go
similarity index 100%
rename from vendor/github.com/square/go-jose/cipher/concat_kdf.go
rename to vendor/gopkg.in/square/go-jose.v2/cipher/concat_kdf.go
diff --git a/vendor/github.com/square/go-jose/cipher/ecdh_es.go b/vendor/gopkg.in/square/go-jose.v2/cipher/ecdh_es.go
similarity index 96%
rename from vendor/github.com/square/go-jose/cipher/ecdh_es.go
rename to vendor/gopkg.in/square/go-jose.v2/cipher/ecdh_es.go
index f23d49e1f658..c128e327f316 100644
--- a/vendor/github.com/square/go-jose/cipher/ecdh_es.go
+++ b/vendor/gopkg.in/square/go-jose.v2/cipher/ecdh_es.go
@@ -28,7 +28,7 @@ import (
 // size may be at most 1<<16 bytes (64 KiB).
 func DeriveECDHES(alg string, apuData, apvData []byte, priv *ecdsa.PrivateKey, pub *ecdsa.PublicKey, size int) []byte {
 	if size > 1<<16 {
-		panic("ECDH-ES output size too large, must be less than 1<<16")
+		panic("ECDH-ES output size too large, must be less than or equal to 1<<16")
 	}
 
 	// algId, partyUInfo, partyVInfo inputs must be prefixed with the length
diff --git a/vendor/github.com/square/go-jose/cipher/key_wrap.go b/vendor/gopkg.in/square/go-jose.v2/cipher/key_wrap.go
similarity index 100%
rename from vendor/github.com/square/go-jose/cipher/key_wrap.go
rename to vendor/gopkg.in/square/go-jose.v2/cipher/key_wrap.go
diff --git a/vendor/gopkg.in/square/go-jose.v2/crypter.go b/vendor/gopkg.in/square/go-jose.v2/crypter.go
new file mode 100644
index 000000000000..0681c81192d9
--- /dev/null
+++ b/vendor/gopkg.in/square/go-jose.v2/crypter.go
@@ -0,0 +1,510 @@
+/*-
+ * Copyright 2014 Square Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package jose
+
+import (
+	"crypto/ecdsa"
+	"crypto/rsa"
+	"errors"
+	"fmt"
+	"reflect"
+
+	"gopkg.in/square/go-jose.v2/json"
+)
+
+// Encrypter represents an encrypter which produces an encrypted JWE object.
+type Encrypter interface {
+	Encrypt(plaintext []byte) (*JSONWebEncryption, error)
+	EncryptWithAuthData(plaintext []byte, aad []byte) (*JSONWebEncryption, error)
+	Options() EncrypterOptions
+}
+
+// A generic content cipher
+type contentCipher interface {
+	keySize() int
+	encrypt(cek []byte, aad, plaintext []byte) (*aeadParts, error)
+	decrypt(cek []byte, aad []byte, parts *aeadParts) ([]byte, error)
+}
+
+// A key generator (for generating/getting a CEK)
+type keyGenerator interface {
+	keySize() int
+	genKey() ([]byte, rawHeader, error)
+}
+
+// A generic key encrypter
+type keyEncrypter interface {
+	encryptKey(cek []byte, alg KeyAlgorithm) (recipientInfo, error) // Encrypt a key
+}
+
+// A generic key decrypter
+type keyDecrypter interface {
+	decryptKey(headers rawHeader, recipient *recipientInfo, generator keyGenerator) ([]byte, error) // Decrypt a key
+}
+
+// A generic encrypter based on the given key encrypter and content cipher.
+type genericEncrypter struct {
+	contentAlg     ContentEncryption
+	compressionAlg CompressionAlgorithm
+	cipher         contentCipher
+	recipients     []recipientKeyInfo
+	keyGenerator   keyGenerator
+	extraHeaders   map[HeaderKey]interface{}
+}
+
+type recipientKeyInfo struct {
+	keyID        string
+	keyAlg       KeyAlgorithm
+	keyEncrypter keyEncrypter
+}
+
+// EncrypterOptions represents options that can be set on new encrypters.
+type EncrypterOptions struct {
+	Compression CompressionAlgorithm
+
+	// Optional map of additional keys to be inserted into the protected header
+	// of a JWS object. Some specifications which make use of JWS like to insert
+	// additional values here. All values must be JSON-serializable.
+	ExtraHeaders map[HeaderKey]interface{}
+}
+
+// WithHeader adds an arbitrary value to the ExtraHeaders map, initializing it
+// if necessary. It returns itself and so can be used in a fluent style.
+func (eo *EncrypterOptions) WithHeader(k HeaderKey, v interface{}) *EncrypterOptions {
+	if eo.ExtraHeaders == nil {
+		eo.ExtraHeaders = map[HeaderKey]interface{}{}
+	}
+	eo.ExtraHeaders[k] = v
+	return eo
+}
+
+// WithContentType adds a content type ("cty") header and returns the updated
+// EncrypterOptions.
+func (eo *EncrypterOptions) WithContentType(contentType ContentType) *EncrypterOptions {
+	return eo.WithHeader(HeaderContentType, contentType)
+}
+
+// WithType adds a type ("typ") header and returns the updated EncrypterOptions.
+func (eo *EncrypterOptions) WithType(typ ContentType) *EncrypterOptions {
+	return eo.WithHeader(HeaderType, typ)
+}
+
+// Recipient represents an algorithm/key to encrypt messages to.
+type Recipient struct {
+	Algorithm KeyAlgorithm
+	Key       interface{}
+	KeyID     string
+}
+
+// NewEncrypter creates an appropriate encrypter based on the key type
+func NewEncrypter(enc ContentEncryption, rcpt Recipient, opts *EncrypterOptions) (Encrypter, error) {
+	encrypter := &genericEncrypter{
+		contentAlg: enc,
+		recipients: []recipientKeyInfo{},
+		cipher:     getContentCipher(enc),
+	}
+	if opts != nil {
+		encrypter.compressionAlg = opts.Compression
+		encrypter.extraHeaders = opts.ExtraHeaders
+	}
+
+	if encrypter.cipher == nil {
+		return nil, ErrUnsupportedAlgorithm
+	}
+
+	var keyID string
+	var rawKey interface{}
+	switch encryptionKey := rcpt.Key.(type) {
+	case JSONWebKey:
+		keyID, rawKey = encryptionKey.KeyID, encryptionKey.Key
+	case *JSONWebKey:
+		keyID, rawKey = encryptionKey.KeyID, encryptionKey.Key
+	default:
+		rawKey = encryptionKey
+	}
+
+	switch rcpt.Algorithm {
+	case DIRECT:
+		// Direct encryption mode must be treated differently
+		if reflect.TypeOf(rawKey) != reflect.TypeOf([]byte{}) {
+			return nil, ErrUnsupportedKeyType
+		}
+		encrypter.keyGenerator = staticKeyGenerator{
+			key: rawKey.([]byte),
+		}
+		recipientInfo, _ := newSymmetricRecipient(rcpt.Algorithm, rawKey.([]byte))
+		recipientInfo.keyID = keyID
+		if rcpt.KeyID != "" {
+			recipientInfo.keyID = rcpt.KeyID
+		}
+		encrypter.recipients = []recipientKeyInfo{recipientInfo}
+		return encrypter, nil
+	case ECDH_ES:
+		// ECDH-ES (w/o key wrapping) is similar to DIRECT mode
+		typeOf := reflect.TypeOf(rawKey)
+		if typeOf != reflect.TypeOf(&ecdsa.PublicKey{}) {
+			return nil, ErrUnsupportedKeyType
+		}
+		encrypter.keyGenerator = ecKeyGenerator{
+			size:      encrypter.cipher.keySize(),
+			algID:     string(enc),
+			publicKey: rawKey.(*ecdsa.PublicKey),
+		}
+		recipientInfo, _ := newECDHRecipient(rcpt.Algorithm, rawKey.(*ecdsa.PublicKey))
+		recipientInfo.keyID = keyID
+		if rcpt.KeyID != "" {
+			recipientInfo.keyID = rcpt.KeyID
+		}
+		encrypter.recipients = []recipientKeyInfo{recipientInfo}
+		return encrypter, nil
+	default:
+		// Can just add a standard recipient
+		encrypter.keyGenerator = randomKeyGenerator{
+			size: encrypter.cipher.keySize(),
+		}
+		err := encrypter.addRecipient(rcpt)
+		return encrypter, err
+	}
+}
+
+// NewMultiEncrypter creates a multi-encrypter based on the given parameters
+func NewMultiEncrypter(enc ContentEncryption, rcpts []Recipient, opts *EncrypterOptions) (Encrypter, error) {
+	cipher := getContentCipher(enc)
+
+	if cipher == nil {
+		return nil, ErrUnsupportedAlgorithm
+	}
+	if rcpts == nil || len(rcpts) == 0 {
+		return nil, fmt.Errorf("square/go-jose: recipients is nil or empty")
+	}
+
+	encrypter := &genericEncrypter{
+		contentAlg: enc,
+		recipients: []recipientKeyInfo{},
+		cipher:     cipher,
+		keyGenerator: randomKeyGenerator{
+			size: cipher.keySize(),
+		},
+	}
+
+	if opts != nil {
+		encrypter.compressionAlg = opts.Compression
+	}
+
+	for _, recipient := range rcpts {
+		err := encrypter.addRecipient(recipient)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	return encrypter, nil
+}
+
+func (ctx *genericEncrypter) addRecipient(recipient Recipient) (err error) {
+	var recipientInfo recipientKeyInfo
+
+	switch recipient.Algorithm {
+	case DIRECT, ECDH_ES:
+		return fmt.Errorf("square/go-jose: key algorithm '%s' not supported in multi-recipient mode", recipient.Algorithm)
+	}
+
+	recipientInfo, err = makeJWERecipient(recipient.Algorithm, recipient.Key)
+	if recipient.KeyID != "" {
+		recipientInfo.keyID = recipient.KeyID
+	}
+
+	if err == nil {
+		ctx.recipients = append(ctx.recipients, recipientInfo)
+	}
+	return err
+}
+
+func makeJWERecipient(alg KeyAlgorithm, encryptionKey interface{}) (recipientKeyInfo, error) {
+	switch encryptionKey := encryptionKey.(type) {
+	case *rsa.PublicKey:
+		return newRSARecipient(alg, encryptionKey)
+	case *ecdsa.PublicKey:
+		return newECDHRecipient(alg, encryptionKey)
+	case []byte:
+		return newSymmetricRecipient(alg, encryptionKey)
+	case *JSONWebKey:
+		recipient, err := makeJWERecipient(alg, encryptionKey.Key)
+		recipient.keyID = encryptionKey.KeyID
+		return recipient, err
+	default:
+		return recipientKeyInfo{}, ErrUnsupportedKeyType
+	}
+}
+
+// newDecrypter creates an appropriate decrypter based on the key type
+func newDecrypter(decryptionKey interface{}) (keyDecrypter, error) {
+	switch decryptionKey := decryptionKey.(type) {
+	case *rsa.PrivateKey:
+		return &rsaDecrypterSigner{
+			privateKey: decryptionKey,
+		}, nil
+	case *ecdsa.PrivateKey:
+		return &ecDecrypterSigner{
+			privateKey: decryptionKey,
+		}, nil
+	case []byte:
+		return &symmetricKeyCipher{
+			key: decryptionKey,
+		}, nil
+	case JSONWebKey:
+		return newDecrypter(decryptionKey.Key)
+	case *JSONWebKey:
+		return newDecrypter(decryptionKey.Key)
+	default:
+		return nil, ErrUnsupportedKeyType
+	}
+}
+
+// Implementation of encrypt method producing a JWE object.
+func (ctx *genericEncrypter) Encrypt(plaintext []byte) (*JSONWebEncryption, error) {
+	return ctx.EncryptWithAuthData(plaintext, nil)
+}
+
+// Implementation of encrypt method producing a JWE object.
+func (ctx *genericEncrypter) EncryptWithAuthData(plaintext, aad []byte) (*JSONWebEncryption, error) {
+	obj := &JSONWebEncryption{}
+	obj.aad = aad
+
+	obj.protected = &rawHeader{}
+	err := obj.protected.set(headerEncryption, ctx.contentAlg)
+	if err != nil {
+		return nil, err
+	}
+
+	obj.recipients = make([]recipientInfo, len(ctx.recipients))
+
+	if len(ctx.recipients) == 0 {
+		return nil, fmt.Errorf("square/go-jose: no recipients to encrypt to")
+	}
+
+	cek, headers, err := ctx.keyGenerator.genKey()
+	if err != nil {
+		return nil, err
+	}
+
+	obj.protected.merge(&headers)
+
+	for i, info := range ctx.recipients {
+		recipient, err := info.keyEncrypter.encryptKey(cek, info.keyAlg)
+		if err != nil {
+			return nil, err
+		}
+
+		err = recipient.header.set(headerAlgorithm, info.keyAlg)
+		if err != nil {
+			return nil, err
+		}
+
+		if info.keyID != "" {
+			err = recipient.header.set(headerKeyID, info.keyID)
+			if err != nil {
+				return nil, err
+			}
+		}
+		obj.recipients[i] = recipient
+	}
+
+	if len(ctx.recipients) == 1 {
+		// Move per-recipient headers into main protected header if there's
+		// only a single recipient.
+		obj.protected.merge(obj.recipients[0].header)
+		obj.recipients[0].header = nil
+	}
+
+	if ctx.compressionAlg != NONE {
+		plaintext, err = compress(ctx.compressionAlg, plaintext)
+		if err != nil {
+			return nil, err
+		}
+
+		err = obj.protected.set(headerCompression, ctx.compressionAlg)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	for k, v := range ctx.extraHeaders {
+		b, err := json.Marshal(v)
+		if err != nil {
+			return nil, err
+		}
+		(*obj.protected)[k] = makeRawMessage(b)
+	}
+
+	authData := obj.computeAuthData()
+	parts, err := ctx.cipher.encrypt(cek, authData, plaintext)
+	if err != nil {
+		return nil, err
+	}
+
+	obj.iv = parts.iv
+	obj.ciphertext = parts.ciphertext
+	obj.tag = parts.tag
+
+	return obj, nil
+}
+
+func (ctx *genericEncrypter) Options() EncrypterOptions {
+	return EncrypterOptions{
+		Compression:  ctx.compressionAlg,
+		ExtraHeaders: ctx.extraHeaders,
+	}
+}
+
+// Decrypt and validate the object and return the plaintext. Note that this
+// function does not support multi-recipient, if you desire multi-recipient
+// decryption use DecryptMulti instead.
+func (obj JSONWebEncryption) Decrypt(decryptionKey interface{}) ([]byte, error) {
+	headers := obj.mergedHeaders(nil)
+
+	if len(obj.recipients) > 1 {
+		return nil, errors.New("square/go-jose: too many recipients in payload; expecting only one")
+	}
+
+	critical, err := headers.getCritical()
+	if err != nil {
+		return nil, fmt.Errorf("square/go-jose: invalid crit header")
+	}
+
+	if len(critical) > 0 {
+		return nil, fmt.Errorf("square/go-jose: unsupported crit header")
+	}
+
+	decrypter, err := newDecrypter(decryptionKey)
+	if err != nil {
+		return nil, err
+	}
+
+	cipher := getContentCipher(headers.getEncryption())
+	if cipher == nil {
+		return nil, fmt.Errorf("square/go-jose: unsupported enc value '%s'", string(headers.getEncryption()))
+	}
+
+	generator := randomKeyGenerator{
+		size: cipher.keySize(),
+	}
+
+	parts := &aeadParts{
+		iv:         obj.iv,
+		ciphertext: obj.ciphertext,
+		tag:        obj.tag,
+	}
+
+	authData := obj.computeAuthData()
+
+	var plaintext []byte
+	recipient := obj.recipients[0]
+	recipientHeaders := obj.mergedHeaders(&recipient)
+
+	cek, err := decrypter.decryptKey(recipientHeaders, &recipient, generator)
+	if err == nil {
+		// Found a valid CEK -- let's try to decrypt.
+		plaintext, err = cipher.decrypt(cek, authData, parts)
+	}
+
+	if plaintext == nil {
+		return nil, ErrCryptoFailure
+	}
+
+	// The "zip" header parameter may only be present in the protected header.
+	if comp := obj.protected.getCompression(); comp != "" {
+		plaintext, err = decompress(comp, plaintext)
+	}
+
+	return plaintext, err
+}
+
+// DecryptMulti decrypts and validates the object and returns the plaintexts,
+// with support for multiple recipients. It returns the index of the recipient
+// for which the decryption was successful, the merged headers for that recipient,
+// and the plaintext.
+func (obj JSONWebEncryption) DecryptMulti(decryptionKey interface{}) (int, Header, []byte, error) {
+	globalHeaders := obj.mergedHeaders(nil)
+
+	critical, err := globalHeaders.getCritical()
+	if err != nil {
+		return -1, Header{}, nil, fmt.Errorf("square/go-jose: invalid crit header")
+	}
+
+	if len(critical) > 0 {
+		return -1, Header{}, nil, fmt.Errorf("square/go-jose: unsupported crit header")
+	}
+
+	decrypter, err := newDecrypter(decryptionKey)
+	if err != nil {
+		return -1, Header{}, nil, err
+	}
+
+	encryption := globalHeaders.getEncryption()
+	cipher := getContentCipher(encryption)
+	if cipher == nil {
+		return -1, Header{}, nil, fmt.Errorf("square/go-jose: unsupported enc value '%s'", string(encryption))
+	}
+
+	generator := randomKeyGenerator{
+		size: cipher.keySize(),
+	}
+
+	parts := &aeadParts{
+		iv:         obj.iv,
+		ciphertext: obj.ciphertext,
+		tag:        obj.tag,
+	}
+
+	authData := obj.computeAuthData()
+
+	index := -1
+	var plaintext []byte
+	var headers rawHeader
+
+	for i, recipient := range obj.recipients {
+		recipientHeaders := obj.mergedHeaders(&recipient)
+
+		cek, err := decrypter.decryptKey(recipientHeaders, &recipient, generator)
+		if err == nil {
+			// Found a valid CEK -- let's try to decrypt.
+			plaintext, err = cipher.decrypt(cek, authData, parts)
+			if err == nil {
+				index = i
+				headers = recipientHeaders
+				break
+			}
+		}
+	}
+
+	if plaintext == nil || err != nil {
+		return -1, Header{}, nil, ErrCryptoFailure
+	}
+
+	// The "zip" header parameter may only be present in the protected header.
+	if comp := obj.protected.getCompression(); comp != "" {
+		plaintext, err = decompress(comp, plaintext)
+	}
+
+	sanitized, err := headers.sanitized()
+	if err != nil {
+		return -1, Header{}, nil, fmt.Errorf("square/go-jose: failed to sanitize header: %v", err)
+	}
+
+	return index, sanitized, plaintext, err
+}
diff --git a/vendor/github.com/square/go-jose/doc.go b/vendor/gopkg.in/square/go-jose.v2/doc.go
similarity index 68%
rename from vendor/github.com/square/go-jose/doc.go
rename to vendor/gopkg.in/square/go-jose.v2/doc.go
index f96acaa23284..dd1387f3f06b 100644
--- a/vendor/github.com/square/go-jose/doc.go
+++ b/vendor/gopkg.in/square/go-jose.v2/doc.go
@@ -17,10 +17,11 @@
 /*
 
 Package jose aims to provide an implementation of the Javascript Object Signing
-and Encryption set of standards. For the moment, it mainly focuses on
-encryption and signing based on the JSON Web Encryption and JSON Web Signature
-standards.  The library supports both the compact and full serialization
-formats, and has optional support for multiple recipients.
+and Encryption set of standards. It implements encryption and signing based on
+the JSON Web Encryption and JSON Web Signature standards, with optional JSON
+Web Token support available in a sub-package. The library supports both the
+compact and full serialization formats, and has optional support for multiple
+recipients.
 
 */
 package jose
diff --git a/vendor/github.com/square/go-jose/encoding.go b/vendor/gopkg.in/square/go-jose.v2/encoding.go
similarity index 89%
rename from vendor/github.com/square/go-jose/encoding.go
rename to vendor/gopkg.in/square/go-jose.v2/encoding.go
index 50ee88fdc42f..9f37ef465095 100644
--- a/vendor/github.com/square/go-jose/encoding.go
+++ b/vendor/gopkg.in/square/go-jose.v2/encoding.go
@@ -21,29 +21,14 @@ import (
 	"compress/flate"
 	"encoding/base64"
 	"encoding/binary"
+	"encoding/json"
 	"io"
 	"math/big"
 	"regexp"
-	"strings"
-
-	"github.com/square/go-jose/json"
 )
 
 var stripWhitespaceRegex = regexp.MustCompile("\\s")
 
-// Url-safe base64 encode that strips padding
-func base64URLEncode(data []byte) string {
-	var result = base64.URLEncoding.EncodeToString(data)
-	return strings.TrimRight(result, "=")
-}
-
-// Url-safe base64 decoder that adds padding
-func base64URLDecode(data string) ([]byte, error) {
-	var missing = (4 - len(data)%4) % 4
-	data += strings.Repeat("=", missing)
-	return base64.URLEncoding.DecodeString(data)
-}
-
 // Helper function to serialize known-good objects.
 // Precondition: value is not a nil pointer.
 func mustSerializeJSON(value interface{}) []byte {
@@ -162,7 +147,7 @@ func (b *byteBuffer) UnmarshalJSON(data []byte) error {
 		return nil
 	}
 
-	decoded, err := base64URLDecode(encoded)
+	decoded, err := base64.RawURLEncoding.DecodeString(encoded)
 	if err != nil {
 		return err
 	}
@@ -173,7 +158,7 @@ func (b *byteBuffer) UnmarshalJSON(data []byte) error {
 }
 
 func (b *byteBuffer) base64() string {
-	return base64URLEncode(b.data)
+	return base64.RawURLEncoding.EncodeToString(b.data)
 }
 
 func (b *byteBuffer) bytes() []byte {
diff --git a/vendor/github.com/square/go-jose/json/LICENSE b/vendor/gopkg.in/square/go-jose.v2/json/LICENSE
similarity index 100%
rename from vendor/github.com/square/go-jose/json/LICENSE
rename to vendor/gopkg.in/square/go-jose.v2/json/LICENSE
diff --git a/vendor/github.com/square/go-jose/json/README.md b/vendor/gopkg.in/square/go-jose.v2/json/README.md
similarity index 100%
rename from vendor/github.com/square/go-jose/json/README.md
rename to vendor/gopkg.in/square/go-jose.v2/json/README.md
diff --git a/vendor/github.com/square/go-jose/json/decode.go b/vendor/gopkg.in/square/go-jose.v2/json/decode.go
similarity index 100%
rename from vendor/github.com/square/go-jose/json/decode.go
rename to vendor/gopkg.in/square/go-jose.v2/json/decode.go
diff --git a/vendor/github.com/square/go-jose/json/encode.go b/vendor/gopkg.in/square/go-jose.v2/json/encode.go
similarity index 100%
rename from vendor/github.com/square/go-jose/json/encode.go
rename to vendor/gopkg.in/square/go-jose.v2/json/encode.go
diff --git a/vendor/github.com/square/go-jose/json/indent.go b/vendor/gopkg.in/square/go-jose.v2/json/indent.go
similarity index 100%
rename from vendor/github.com/square/go-jose/json/indent.go
rename to vendor/gopkg.in/square/go-jose.v2/json/indent.go
diff --git a/vendor/github.com/square/go-jose/json/scanner.go b/vendor/gopkg.in/square/go-jose.v2/json/scanner.go
similarity index 100%
rename from vendor/github.com/square/go-jose/json/scanner.go
rename to vendor/gopkg.in/square/go-jose.v2/json/scanner.go
diff --git a/vendor/github.com/square/go-jose/json/stream.go b/vendor/gopkg.in/square/go-jose.v2/json/stream.go
similarity index 100%
rename from vendor/github.com/square/go-jose/json/stream.go
rename to vendor/gopkg.in/square/go-jose.v2/json/stream.go
diff --git a/vendor/github.com/square/go-jose/json/tags.go b/vendor/gopkg.in/square/go-jose.v2/json/tags.go
similarity index 100%
rename from vendor/github.com/square/go-jose/json/tags.go
rename to vendor/gopkg.in/square/go-jose.v2/json/tags.go
diff --git a/vendor/github.com/square/go-jose/jwe.go b/vendor/gopkg.in/square/go-jose.v2/jwe.go
similarity index 71%
rename from vendor/github.com/square/go-jose/jwe.go
rename to vendor/gopkg.in/square/go-jose.v2/jwe.go
index 686397a738e9..f2176cfb0b99 100644
--- a/vendor/github.com/square/go-jose/jwe.go
+++ b/vendor/gopkg.in/square/go-jose.v2/jwe.go
@@ -17,14 +17,14 @@
 package jose
 
 import (
+	"encoding/base64"
+	"encoding/json"
 	"fmt"
 	"strings"
-
-	"github.com/square/go-jose/json"
 )
 
-// rawJsonWebEncryption represents a raw JWE JSON object. Used for parsing/serializing.
-type rawJsonWebEncryption struct {
+// rawJSONWebEncryption represents a raw JWE JSON object. Used for parsing/serializing.
+type rawJSONWebEncryption struct {
 	Protected    *byteBuffer        `json:"protected,omitempty"`
 	Unprotected  *rawHeader         `json:"unprotected,omitempty"`
 	Header       *rawHeader         `json:"header,omitempty"`
@@ -42,13 +42,13 @@ type rawRecipientInfo struct {
 	EncryptedKey string     `json:"encrypted_key,omitempty"`
 }
 
-// JsonWebEncryption represents an encrypted JWE object after parsing.
-type JsonWebEncryption struct {
-	Header                   JoseHeader
+// JSONWebEncryption represents an encrypted JWE object after parsing.
+type JSONWebEncryption struct {
+	Header                   Header
 	protected, unprotected   *rawHeader
 	recipients               []recipientInfo
 	aad, iv, ciphertext, tag []byte
-	original                 *rawJsonWebEncryption
+	original                 *rawJSONWebEncryption
 }
 
 // recipientInfo represents a raw JWE Per-Recipient header JSON object after parsing.
@@ -58,7 +58,7 @@ type recipientInfo struct {
 }
 
 // GetAuthData retrieves the (optional) authenticated data attached to the object.
-func (obj JsonWebEncryption) GetAuthData() []byte {
+func (obj JSONWebEncryption) GetAuthData() []byte {
 	if obj.aad != nil {
 		out := make([]byte, len(obj.aad))
 		copy(out, obj.aad)
@@ -69,7 +69,7 @@ func (obj JsonWebEncryption) GetAuthData() []byte {
 }
 
 // Get the merged header values
-func (obj JsonWebEncryption) mergedHeaders(recipient *recipientInfo) rawHeader {
+func (obj JSONWebEncryption) mergedHeaders(recipient *recipientInfo) rawHeader {
 	out := rawHeader{}
 	out.merge(obj.protected)
 	out.merge(obj.unprotected)
@@ -82,26 +82,26 @@ func (obj JsonWebEncryption) mergedHeaders(recipient *recipientInfo) rawHeader {
 }
 
 // Get the additional authenticated data from a JWE object.
-func (obj JsonWebEncryption) computeAuthData() []byte {
+func (obj JSONWebEncryption) computeAuthData() []byte {
 	var protected string
 
 	if obj.original != nil {
 		protected = obj.original.Protected.base64()
 	} else {
-		protected = base64URLEncode(mustSerializeJSON((obj.protected)))
+		protected = base64.RawURLEncoding.EncodeToString(mustSerializeJSON((obj.protected)))
 	}
 
 	output := []byte(protected)
 	if obj.aad != nil {
 		output = append(output, '.')
-		output = append(output, []byte(base64URLEncode(obj.aad))...)
+		output = append(output, []byte(base64.RawURLEncoding.EncodeToString(obj.aad))...)
 	}
 
 	return output
 }
 
 // ParseEncrypted parses an encrypted message in compact or full serialization format.
-func ParseEncrypted(input string) (*JsonWebEncryption, error) {
+func ParseEncrypted(input string) (*JSONWebEncryption, error) {
 	input = stripWhitespace(input)
 	if strings.HasPrefix(input, "{") {
 		return parseEncryptedFull(input)
@@ -111,8 +111,8 @@ func ParseEncrypted(input string) (*JsonWebEncryption, error) {
 }
 
 // parseEncryptedFull parses a message in compact format.
-func parseEncryptedFull(input string) (*JsonWebEncryption, error) {
-	var parsed rawJsonWebEncryption
+func parseEncryptedFull(input string) (*JSONWebEncryption, error) {
+	var parsed rawJSONWebEncryption
 	err := json.Unmarshal([]byte(input), &parsed)
 	if err != nil {
 		return nil, err
@@ -122,16 +122,22 @@ func parseEncryptedFull(input string) (*JsonWebEncryption, error) {
 }
 
 // sanitized produces a cleaned-up JWE object from the raw JSON.
-func (parsed *rawJsonWebEncryption) sanitized() (*JsonWebEncryption, error) {
-	obj := &JsonWebEncryption{
+func (parsed *rawJSONWebEncryption) sanitized() (*JSONWebEncryption, error) {
+	obj := &JSONWebEncryption{
 		original:    parsed,
 		unprotected: parsed.Unprotected,
 	}
 
 	// Check that there is not a nonce in the unprotected headers
-	if (parsed.Unprotected != nil && parsed.Unprotected.Nonce != "") ||
-		(parsed.Header != nil && parsed.Header.Nonce != "") {
-		return nil, ErrUnprotectedNonce
+	if parsed.Unprotected != nil {
+		if nonce := parsed.Unprotected.getNonce(); nonce != "" {
+			return nil, ErrUnprotectedNonce
+		}
+	}
+	if parsed.Header != nil {
+		if nonce := parsed.Header.getNonce(); nonce != "" {
+			return nil, ErrUnprotectedNonce
+		}
 	}
 
 	if parsed.Protected != nil && len(parsed.Protected.bytes()) > 0 {
@@ -143,11 +149,16 @@ func (parsed *rawJsonWebEncryption) sanitized() (*JsonWebEncryption, error) {
 
 	// Note: this must be called _after_ we parse the protected header,
 	// otherwise fields from the protected header will not get picked up.
-	obj.Header = obj.mergedHeaders(nil).sanitized()
+	var err error
+	mergedHeaders := obj.mergedHeaders(nil)
+	obj.Header, err = mergedHeaders.sanitized()
+	if err != nil {
+		return nil, fmt.Errorf("square/go-jose: cannot sanitize merged headers: %v (%v)", err, mergedHeaders)
+	}
 
 	if len(parsed.Recipients) == 0 {
 		obj.recipients = []recipientInfo{
-			recipientInfo{
+			{
 				header:       parsed.Header,
 				encryptedKey: parsed.EncryptedKey.bytes(),
 			},
@@ -155,13 +166,13 @@ func (parsed *rawJsonWebEncryption) sanitized() (*JsonWebEncryption, error) {
 	} else {
 		obj.recipients = make([]recipientInfo, len(parsed.Recipients))
 		for r := range parsed.Recipients {
-			encryptedKey, err := base64URLDecode(parsed.Recipients[r].EncryptedKey)
+			encryptedKey, err := base64.RawURLEncoding.DecodeString(parsed.Recipients[r].EncryptedKey)
 			if err != nil {
 				return nil, err
 			}
 
 			// Check that there is not a nonce in the unprotected header
-			if parsed.Recipients[r].Header != nil && parsed.Recipients[r].Header.Nonce != "" {
+			if parsed.Recipients[r].Header != nil && parsed.Recipients[r].Header.getNonce() != "" {
 				return nil, ErrUnprotectedNonce
 			}
 
@@ -172,7 +183,7 @@ func (parsed *rawJsonWebEncryption) sanitized() (*JsonWebEncryption, error) {
 
 	for _, recipient := range obj.recipients {
 		headers := obj.mergedHeaders(&recipient)
-		if headers.Alg == "" || headers.Enc == "" {
+		if headers.getAlgorithm() == "" || headers.getEncryption() == "" {
 			return nil, fmt.Errorf("square/go-jose: message is missing alg/enc headers")
 		}
 	}
@@ -186,38 +197,38 @@ func (parsed *rawJsonWebEncryption) sanitized() (*JsonWebEncryption, error) {
 }
 
 // parseEncryptedCompact parses a message in compact format.
-func parseEncryptedCompact(input string) (*JsonWebEncryption, error) {
+func parseEncryptedCompact(input string) (*JSONWebEncryption, error) {
 	parts := strings.Split(input, ".")
 	if len(parts) != 5 {
 		return nil, fmt.Errorf("square/go-jose: compact JWE format must have five parts")
 	}
 
-	rawProtected, err := base64URLDecode(parts[0])
+	rawProtected, err := base64.RawURLEncoding.DecodeString(parts[0])
 	if err != nil {
 		return nil, err
 	}
 
-	encryptedKey, err := base64URLDecode(parts[1])
+	encryptedKey, err := base64.RawURLEncoding.DecodeString(parts[1])
 	if err != nil {
 		return nil, err
 	}
 
-	iv, err := base64URLDecode(parts[2])
+	iv, err := base64.RawURLEncoding.DecodeString(parts[2])
 	if err != nil {
 		return nil, err
 	}
 
-	ciphertext, err := base64URLDecode(parts[3])
+	ciphertext, err := base64.RawURLEncoding.DecodeString(parts[3])
 	if err != nil {
 		return nil, err
 	}
 
-	tag, err := base64URLDecode(parts[4])
+	tag, err := base64.RawURLEncoding.DecodeString(parts[4])
 	if err != nil {
 		return nil, err
 	}
 
-	raw := &rawJsonWebEncryption{
+	raw := &rawJSONWebEncryption{
 		Protected:    newBuffer(rawProtected),
 		EncryptedKey: newBuffer(encryptedKey),
 		Iv:           newBuffer(iv),
@@ -229,7 +240,7 @@ func parseEncryptedCompact(input string) (*JsonWebEncryption, error) {
 }
 
 // CompactSerialize serializes an object using the compact serialization format.
-func (obj JsonWebEncryption) CompactSerialize() (string, error) {
+func (obj JSONWebEncryption) CompactSerialize() (string, error) {
 	if len(obj.recipients) != 1 || obj.unprotected != nil ||
 		obj.protected == nil || obj.recipients[0].header != nil {
 		return "", ErrNotSupported
@@ -239,16 +250,16 @@ func (obj JsonWebEncryption) CompactSerialize() (string, error) {
 
 	return fmt.Sprintf(
 		"%s.%s.%s.%s.%s",
-		base64URLEncode(serializedProtected),
-		base64URLEncode(obj.recipients[0].encryptedKey),
-		base64URLEncode(obj.iv),
-		base64URLEncode(obj.ciphertext),
-		base64URLEncode(obj.tag)), nil
+		base64.RawURLEncoding.EncodeToString(serializedProtected),
+		base64.RawURLEncoding.EncodeToString(obj.recipients[0].encryptedKey),
+		base64.RawURLEncoding.EncodeToString(obj.iv),
+		base64.RawURLEncoding.EncodeToString(obj.ciphertext),
+		base64.RawURLEncoding.EncodeToString(obj.tag)), nil
 }
 
 // FullSerialize serializes an object using the full JSON serialization format.
-func (obj JsonWebEncryption) FullSerialize() string {
-	raw := rawJsonWebEncryption{
+func (obj JSONWebEncryption) FullSerialize() string {
+	raw := rawJSONWebEncryption{
 		Unprotected:  obj.unprotected,
 		Iv:           newBuffer(obj.iv),
 		Ciphertext:   newBuffer(obj.ciphertext),
@@ -262,7 +273,7 @@ func (obj JsonWebEncryption) FullSerialize() string {
 		for _, recipient := range obj.recipients {
 			info := rawRecipientInfo{
 				Header:       recipient.header,
-				EncryptedKey: base64URLEncode(recipient.encryptedKey),
+				EncryptedKey: base64.RawURLEncoding.EncodeToString(recipient.encryptedKey),
 			}
 			raw.Recipients = append(raw.Recipients, info)
 		}
diff --git a/vendor/github.com/square/go-jose/jwk.go b/vendor/gopkg.in/square/go-jose.v2/jwk.go
similarity index 70%
rename from vendor/github.com/square/go-jose/jwk.go
rename to vendor/gopkg.in/square/go-jose.v2/jwk.go
index 5f5464a3d554..8e8f9e7f7978 100644
--- a/vendor/github.com/square/go-jose/jwk.go
+++ b/vendor/gopkg.in/square/go-jose.v2/jwk.go
@@ -29,11 +29,13 @@ import (
 	"reflect"
 	"strings"
 
-	"github.com/square/go-jose/json"
+	"golang.org/x/crypto/ed25519"
+
+	"gopkg.in/square/go-jose.v2/json"
 )
 
-// rawJsonWebKey represents a public or private key in JWK format, used for parsing/serializing.
-type rawJsonWebKey struct {
+// rawJSONWebKey represents a public or private key in JWK format, used for parsing/serializing.
+type rawJSONWebKey struct {
 	Use string      `json:"use,omitempty"`
 	Kty string      `json:"kty,omitempty"`
 	Kid string      `json:"kid,omitempty"`
@@ -58,8 +60,8 @@ type rawJsonWebKey struct {
 	X5c []string `json:"x5c,omitempty"`
 }
 
-// JsonWebKey represents a public or private key in JWK format.
-type JsonWebKey struct {
+// JSONWebKey represents a public or private key in JWK format.
+type JSONWebKey struct {
 	Key          interface{}
 	Certificates []*x509.Certificate
 	KeyID        string
@@ -68,15 +70,19 @@ type JsonWebKey struct {
 }
 
 // MarshalJSON serializes the given key to its JSON representation.
-func (k JsonWebKey) MarshalJSON() ([]byte, error) {
-	var raw *rawJsonWebKey
+func (k JSONWebKey) MarshalJSON() ([]byte, error) {
+	var raw *rawJSONWebKey
 	var err error
 
 	switch key := k.Key.(type) {
+	case ed25519.PublicKey:
+		raw = fromEdPublicKey(key)
 	case *ecdsa.PublicKey:
 		raw, err = fromEcPublicKey(key)
 	case *rsa.PublicKey:
 		raw = fromRsaPublicKey(key)
+	case ed25519.PrivateKey:
+		raw, err = fromEdPrivateKey(key)
 	case *ecdsa.PrivateKey:
 		raw, err = fromEcPrivateKey(key)
 	case *rsa.PrivateKey:
@@ -103,8 +109,8 @@ func (k JsonWebKey) MarshalJSON() ([]byte, error) {
 }
 
 // UnmarshalJSON reads a key from its JSON representation.
-func (k *JsonWebKey) UnmarshalJSON(data []byte) (err error) {
-	var raw rawJsonWebKey
+func (k *JSONWebKey) UnmarshalJSON(data []byte) (err error) {
+	var raw rawJSONWebKey
 	err = json.Unmarshal(data, &raw)
 	if err != nil {
 		return err
@@ -126,12 +132,22 @@ func (k *JsonWebKey) UnmarshalJSON(data []byte) (err error) {
 		}
 	case "oct":
 		key, err = raw.symmetricKey()
+	case "OKP":
+		if raw.Crv == "Ed25519" && raw.X != nil {
+			if raw.D != nil {
+				key, err = raw.edPrivateKey()
+			} else {
+				key, err = raw.edPublicKey()
+			}
+		} else {
+			err = fmt.Errorf("square/go-jose: unknown curve %s'", raw.Crv)
+		}
 	default:
 		err = fmt.Errorf("square/go-jose: unknown json web key type '%s'", raw.Kty)
 	}
 
 	if err == nil {
-		*k = JsonWebKey{Key: key, KeyID: raw.Kid, Algorithm: raw.Alg, Use: raw.Use}
+		*k = JSONWebKey{Key: key, KeyID: raw.Kid, Algorithm: raw.Alg, Use: raw.Use}
 	}
 
 	k.Certificates = make([]*x509.Certificate, len(raw.X5c))
@@ -149,17 +165,17 @@ func (k *JsonWebKey) UnmarshalJSON(data []byte) (err error) {
 	return
 }
 
-// JsonWebKeySet represents a JWK Set object.
-type JsonWebKeySet struct {
-	Keys []JsonWebKey `json:"keys"`
+// JSONWebKeySet represents a JWK Set object.
+type JSONWebKeySet struct {
+	Keys []JSONWebKey `json:"keys"`
 }
 
 // Key convenience method returns keys by key ID. Specification states
 // that a JWK Set "SHOULD" use distinct key IDs, but allows for some
 // cases where they are not distinct. Hence method returns a slice
-// of JsonWebKeys.
-func (s *JsonWebKeySet) Key(kid string) []JsonWebKey {
-	var keys []JsonWebKey
+// of JSONWebKeys.
+func (s *JSONWebKeySet) Key(kid string) []JSONWebKey {
+	var keys []JSONWebKey
 	for _, key := range s.Keys {
 		if key.KeyID == kid {
 			keys = append(keys, key)
@@ -171,6 +187,7 @@ func (s *JsonWebKeySet) Key(kid string) []JsonWebKey {
 
 const rsaThumbprintTemplate = `{"e":"%s","kty":"RSA","n":"%s"}`
 const ecThumbprintTemplate = `{"crv":"%s","kty":"EC","x":"%s","y":"%s"}`
+const edThumbprintTemplate = `{"crv":"%s","kty":"OKP",x":"%s"}`
 
 func ecThumbprintInput(curve elliptic.Curve, x, y *big.Int) (string, error) {
 	coordLength := curveSize(curve)
@@ -190,12 +207,20 @@ func rsaThumbprintInput(n *big.Int, e int) (string, error) {
 		newBuffer(n.Bytes()).base64()), nil
 }
 
+func edThumbprintInput(ed ed25519.PublicKey) (string, error) {
+	crv := "Ed25519"
+	return fmt.Sprintf(edThumbprintTemplate, crv,
+		newFixedSizeBuffer(ed, 32).base64()), nil
+}
+
 // Thumbprint computes the JWK Thumbprint of a key using the
 // indicated hash algorithm.
-func (k *JsonWebKey) Thumbprint(hash crypto.Hash) ([]byte, error) {
+func (k *JSONWebKey) Thumbprint(hash crypto.Hash) ([]byte, error) {
 	var input string
 	var err error
 	switch key := k.Key.(type) {
+	case ed25519.PublicKey:
+		input, err = edThumbprintInput(key)
 	case *ecdsa.PublicKey:
 		input, err = ecThumbprintInput(key.Curve, key.X, key.Y)
 	case *ecdsa.PrivateKey:
@@ -204,6 +229,8 @@ func (k *JsonWebKey) Thumbprint(hash crypto.Hash) ([]byte, error) {
 		input, err = rsaThumbprintInput(key.N, key.E)
 	case *rsa.PrivateKey:
 		input, err = rsaThumbprintInput(key.N, key.E)
+	case ed25519.PrivateKey:
+		input, err = edThumbprintInput(ed25519.PublicKey(key[0:32]))
 	default:
 		return nil, fmt.Errorf("square/go-jose: unknown key type '%s'", reflect.TypeOf(key))
 	}
@@ -217,8 +244,18 @@ func (k *JsonWebKey) Thumbprint(hash crypto.Hash) ([]byte, error) {
 	return h.Sum(nil), nil
 }
 
-// Valid checks that the key contains the expected parameters
-func (k *JsonWebKey) Valid() bool {
+// IsPublic returns true if the JWK represents a public key (not symmetric, not private).
+func (k *JSONWebKey) IsPublic() bool {
+	switch k.Key.(type) {
+	case *ecdsa.PublicKey, *rsa.PublicKey, *ed25519.PublicKey:
+		return true
+	default:
+		return false
+	}
+}
+
+// Valid checks that the key contains the expected parameters.
+func (k *JSONWebKey) Valid() bool {
 	if k.Key == nil {
 		return false
 	}
@@ -239,13 +276,21 @@ func (k *JsonWebKey) Valid() bool {
 		if key.N == nil || key.E == 0 || key.D == nil || len(key.Primes) < 2 {
 			return false
 		}
+	case *ed25519.PublicKey:
+		if len(*key) != 32 {
+			return false
+		}
+	case *ed25519.PrivateKey:
+		if len(*key) != 64 {
+			return false
+		}
 	default:
 		return false
 	}
 	return true
 }
 
-func (key rawJsonWebKey) rsaPublicKey() (*rsa.PublicKey, error) {
+func (key rawJSONWebKey) rsaPublicKey() (*rsa.PublicKey, error) {
 	if key.N == nil || key.E == nil {
 		return nil, fmt.Errorf("square/go-jose: invalid RSA key, missing n/e values")
 	}
@@ -256,15 +301,23 @@ func (key rawJsonWebKey) rsaPublicKey() (*rsa.PublicKey, error) {
 	}, nil
 }
 
-func fromRsaPublicKey(pub *rsa.PublicKey) *rawJsonWebKey {
-	return &rawJsonWebKey{
+func fromEdPublicKey(pub ed25519.PublicKey) *rawJSONWebKey {
+	return &rawJSONWebKey{
+		Kty: "OKP",
+		Crv: "Ed25519",
+		X:   newBuffer(pub),
+	}
+}
+
+func fromRsaPublicKey(pub *rsa.PublicKey) *rawJSONWebKey {
+	return &rawJSONWebKey{
 		Kty: "RSA",
 		N:   newBuffer(pub.N.Bytes()),
 		E:   newBufferFromInt(uint64(pub.E)),
 	}
 }
 
-func (key rawJsonWebKey) ecPublicKey() (*ecdsa.PublicKey, error) {
+func (key rawJSONWebKey) ecPublicKey() (*ecdsa.PublicKey, error) {
 	var curve elliptic.Curve
 	switch key.Crv {
 	case "P-256":
@@ -295,7 +348,7 @@ func (key rawJsonWebKey) ecPublicKey() (*ecdsa.PublicKey, error) {
 	}, nil
 }
 
-func fromEcPublicKey(pub *ecdsa.PublicKey) (*rawJsonWebKey, error) {
+func fromEcPublicKey(pub *ecdsa.PublicKey) (*rawJSONWebKey, error) {
 	if pub == nil || pub.X == nil || pub.Y == nil {
 		return nil, fmt.Errorf("square/go-jose: invalid EC key (nil, or X/Y missing)")
 	}
@@ -314,7 +367,7 @@ func fromEcPublicKey(pub *ecdsa.PublicKey) (*rawJsonWebKey, error) {
 		return nil, fmt.Errorf("square/go-jose: invalid EC key (X/Y too large)")
 	}
 
-	key := &rawJsonWebKey{
+	key := &rawJSONWebKey{
 		Kty: "EC",
 		Crv: name,
 		X:   newFixedSizeBuffer(xBytes, size),
@@ -324,7 +377,37 @@ func fromEcPublicKey(pub *ecdsa.PublicKey) (*rawJsonWebKey, error) {
 	return key, nil
 }
 
-func (key rawJsonWebKey) rsaPrivateKey() (*rsa.PrivateKey, error) {
+func (key rawJSONWebKey) edPrivateKey() (ed25519.PrivateKey, error) {
+	var missing []string
+	switch {
+	case key.D == nil:
+		missing = append(missing, "D")
+	case key.X == nil:
+		missing = append(missing, "X")
+	}
+
+	if len(missing) > 0 {
+		return nil, fmt.Errorf("square/go-jose: invalid Ed25519 private key, missing %s value(s)", strings.Join(missing, ", "))
+	}
+
+	privateKey := make([]byte, ed25519.PrivateKeySize)
+	copy(privateKey[0:32], key.X.bytes())
+	copy(privateKey[32:], key.D.bytes())
+	rv := ed25519.PrivateKey(privateKey)
+	return rv, nil
+}
+
+func (key rawJSONWebKey) edPublicKey() (ed25519.PublicKey, error) {
+	if key.X == nil {
+		return nil, fmt.Errorf("square/go-jose: invalid Ed key, missing x value")
+	}
+	publicKey := make([]byte, ed25519.PublicKeySize)
+	copy(publicKey[0:32], key.X.bytes())
+	rv := ed25519.PublicKey(publicKey)
+	return rv, nil
+}
+
+func (key rawJSONWebKey) rsaPrivateKey() (*rsa.PrivateKey, error) {
 	var missing []string
 	switch {
 	case key.N == nil:
@@ -369,7 +452,14 @@ func (key rawJsonWebKey) rsaPrivateKey() (*rsa.PrivateKey, error) {
 	return rv, err
 }
 
-func fromRsaPrivateKey(rsa *rsa.PrivateKey) (*rawJsonWebKey, error) {
+func fromEdPrivateKey(ed ed25519.PrivateKey) (*rawJSONWebKey, error) {
+	raw := fromEdPublicKey(ed25519.PublicKey(ed[0:32]))
+
+	raw.D = newBuffer(ed[32:])
+	return raw, nil
+}
+
+func fromRsaPrivateKey(rsa *rsa.PrivateKey) (*rawJSONWebKey, error) {
 	if len(rsa.Primes) != 2 {
 		return nil, ErrUnsupportedKeyType
 	}
@@ -383,7 +473,7 @@ func fromRsaPrivateKey(rsa *rsa.PrivateKey) (*rawJsonWebKey, error) {
 	return raw, nil
 }
 
-func (key rawJsonWebKey) ecPrivateKey() (*ecdsa.PrivateKey, error) {
+func (key rawJSONWebKey) ecPrivateKey() (*ecdsa.PrivateKey, error) {
 	var curve elliptic.Curve
 	switch key.Crv {
 	case "P-256":
@@ -417,7 +507,7 @@ func (key rawJsonWebKey) ecPrivateKey() (*ecdsa.PrivateKey, error) {
 	}, nil
 }
 
-func fromEcPrivateKey(ec *ecdsa.PrivateKey) (*rawJsonWebKey, error) {
+func fromEcPrivateKey(ec *ecdsa.PrivateKey) (*rawJSONWebKey, error) {
 	raw, err := fromEcPublicKey(&ec.PublicKey)
 	if err != nil {
 		return nil, err
@@ -432,14 +522,14 @@ func fromEcPrivateKey(ec *ecdsa.PrivateKey) (*rawJsonWebKey, error) {
 	return raw, nil
 }
 
-func fromSymmetricKey(key []byte) (*rawJsonWebKey, error) {
-	return &rawJsonWebKey{
+func fromSymmetricKey(key []byte) (*rawJSONWebKey, error) {
+	return &rawJSONWebKey{
 		Kty: "oct",
 		K:   newBuffer(key),
 	}, nil
 }
 
-func (key rawJsonWebKey) symmetricKey() ([]byte, error) {
+func (key rawJSONWebKey) symmetricKey() ([]byte, error) {
 	if key.K == nil {
 		return nil, fmt.Errorf("square/go-jose: invalid OCT (symmetric) key, missing k value")
 	}
diff --git a/vendor/github.com/square/go-jose/jws.go b/vendor/gopkg.in/square/go-jose.v2/jws.go
similarity index 70%
rename from vendor/github.com/square/go-jose/jws.go
rename to vendor/gopkg.in/square/go-jose.v2/jws.go
index 4b60bd29dcd2..5e23a91b04b0 100644
--- a/vendor/github.com/square/go-jose/jws.go
+++ b/vendor/gopkg.in/square/go-jose.v2/jws.go
@@ -17,14 +17,16 @@
 package jose
 
 import (
+	"encoding/base64"
+	"errors"
 	"fmt"
 	"strings"
 
-	"github.com/square/go-jose/json"
+	"gopkg.in/square/go-jose.v2/json"
 )
 
-// rawJsonWebSignature represents a raw JWS JSON object. Used for parsing/serializing.
-type rawJsonWebSignature struct {
+// rawJSONWebSignature represents a raw JWS JSON object. Used for parsing/serializing.
+type rawJSONWebSignature struct {
 	Payload    *byteBuffer        `json:"payload,omitempty"`
 	Signatures []rawSignatureInfo `json:"signatures,omitempty"`
 	Protected  *byteBuffer        `json:"protected,omitempty"`
@@ -39,16 +41,19 @@ type rawSignatureInfo struct {
 	Signature *byteBuffer `json:"signature,omitempty"`
 }
 
-// JsonWebSignature represents a signed JWS object after parsing.
-type JsonWebSignature struct {
-	payload    []byte
+// JSONWebSignature represents a signed JWS object after parsing.
+type JSONWebSignature struct {
+	payload []byte
+	// Signatures attached to this object (may be more than one for multi-sig).
+	// Be careful about accessing these directly, prefer to use Verify() or
+	// VerifyMulti() to ensure that the data you're getting is verified.
 	Signatures []Signature
 }
 
 // Signature represents a single signature over the JWS payload and protected header.
 type Signature struct {
 	// Header fields, such as the signature algorithm
-	Header JoseHeader
+	Header Header
 
 	// The actual signature value
 	Signature []byte
@@ -59,7 +64,7 @@ type Signature struct {
 }
 
 // ParseSigned parses a signed message in compact or full serialization format.
-func ParseSigned(input string) (*JsonWebSignature, error) {
+func ParseSigned(input string) (*JSONWebSignature, error) {
 	input = stripWhitespace(input)
 	if strings.HasPrefix(input, "{") {
 		return parseSignedFull(input)
@@ -77,25 +82,25 @@ func (sig Signature) mergedHeaders() rawHeader {
 }
 
 // Compute data to be signed
-func (obj JsonWebSignature) computeAuthData(signature *Signature) []byte {
+func (obj JSONWebSignature) computeAuthData(signature *Signature) []byte {
 	var serializedProtected string
 
 	if signature.original != nil && signature.original.Protected != nil {
 		serializedProtected = signature.original.Protected.base64()
 	} else if signature.protected != nil {
-		serializedProtected = base64URLEncode(mustSerializeJSON(signature.protected))
+		serializedProtected = base64.RawURLEncoding.EncodeToString(mustSerializeJSON(signature.protected))
 	} else {
 		serializedProtected = ""
 	}
 
 	return []byte(fmt.Sprintf("%s.%s",
 		serializedProtected,
-		base64URLEncode(obj.payload)))
+		base64.RawURLEncoding.EncodeToString(obj.payload)))
 }
 
 // parseSignedFull parses a message in full format.
-func parseSignedFull(input string) (*JsonWebSignature, error) {
-	var parsed rawJsonWebSignature
+func parseSignedFull(input string) (*JSONWebSignature, error) {
+	var parsed rawJSONWebSignature
 	err := json.Unmarshal([]byte(input), &parsed)
 	if err != nil {
 		return nil, err
@@ -105,12 +110,12 @@ func parseSignedFull(input string) (*JsonWebSignature, error) {
 }
 
 // sanitized produces a cleaned-up JWS object from the raw JSON.
-func (parsed *rawJsonWebSignature) sanitized() (*JsonWebSignature, error) {
+func (parsed *rawJSONWebSignature) sanitized() (*JSONWebSignature, error) {
 	if parsed.Payload == nil {
 		return nil, fmt.Errorf("square/go-jose: missing payload in JWS message")
 	}
 
-	obj := &JsonWebSignature{
+	obj := &JSONWebSignature{
 		payload:    parsed.Payload.bytes(),
 		Signatures: make([]Signature, len(parsed.Signatures)),
 	}
@@ -126,7 +131,8 @@ func (parsed *rawJsonWebSignature) sanitized() (*JsonWebSignature, error) {
 			}
 		}
 
-		if parsed.Header != nil && parsed.Header.Nonce != "" {
+		// Check that there is not a nonce in the unprotected header
+		if parsed.Header != nil && parsed.Header.getNonce() != "" {
 			return nil, ErrUnprotectedNonce
 		}
 
@@ -147,7 +153,18 @@ func (parsed *rawJsonWebSignature) sanitized() (*JsonWebSignature, error) {
 			Signature: parsed.Signature,
 		}
 
-		signature.Header = signature.mergedHeaders().sanitized()
+		var err error
+		signature.Header, err = signature.mergedHeaders().sanitized()
+		if err != nil {
+			return nil, err
+		}
+
+		// As per RFC 7515 Section 4.1.3, only public keys are allowed to be embedded.
+		jwk := signature.Header.JSONWebKey
+		if jwk != nil && (!jwk.Valid() || !jwk.IsPublic()) {
+			return nil, errors.New("square/go-jose: invalid embedded jwk, must be public key")
+		}
+
 		obj.Signatures = append(obj.Signatures, signature)
 	}
 
@@ -161,46 +178,57 @@ func (parsed *rawJsonWebSignature) sanitized() (*JsonWebSignature, error) {
 		}
 
 		// Check that there is not a nonce in the unprotected header
-		if sig.Header != nil && sig.Header.Nonce != "" {
+		if sig.Header != nil && sig.Header.getNonce() != "" {
 			return nil, ErrUnprotectedNonce
 		}
 
+		var err error
+		obj.Signatures[i].Header, err = obj.Signatures[i].mergedHeaders().sanitized()
+		if err != nil {
+			return nil, err
+		}
+
 		obj.Signatures[i].Signature = sig.Signature.bytes()
 
+		// As per RFC 7515 Section 4.1.3, only public keys are allowed to be embedded.
+		jwk := obj.Signatures[i].Header.JSONWebKey
+		if jwk != nil && (!jwk.Valid() || !jwk.IsPublic()) {
+			return nil, errors.New("square/go-jose: invalid embedded jwk, must be public key")
+		}
+
 		// Copy value of sig
 		original := sig
 
 		obj.Signatures[i].header = sig.Header
 		obj.Signatures[i].original = &original
-		obj.Signatures[i].Header = obj.Signatures[i].mergedHeaders().sanitized()
 	}
 
 	return obj, nil
 }
 
 // parseSignedCompact parses a message in compact format.
-func parseSignedCompact(input string) (*JsonWebSignature, error) {
+func parseSignedCompact(input string) (*JSONWebSignature, error) {
 	parts := strings.Split(input, ".")
 	if len(parts) != 3 {
 		return nil, fmt.Errorf("square/go-jose: compact JWS format must have three parts")
 	}
 
-	rawProtected, err := base64URLDecode(parts[0])
+	rawProtected, err := base64.RawURLEncoding.DecodeString(parts[0])
 	if err != nil {
 		return nil, err
 	}
 
-	payload, err := base64URLDecode(parts[1])
+	payload, err := base64.RawURLEncoding.DecodeString(parts[1])
 	if err != nil {
 		return nil, err
 	}
 
-	signature, err := base64URLDecode(parts[2])
+	signature, err := base64.RawURLEncoding.DecodeString(parts[2])
 	if err != nil {
 		return nil, err
 	}
 
-	raw := &rawJsonWebSignature{
+	raw := &rawJSONWebSignature{
 		Payload:   newBuffer(payload),
 		Protected: newBuffer(rawProtected),
 		Signature: newBuffer(signature),
@@ -209,7 +237,7 @@ func parseSignedCompact(input string) (*JsonWebSignature, error) {
 }
 
 // CompactSerialize serializes an object using the compact serialization format.
-func (obj JsonWebSignature) CompactSerialize() (string, error) {
+func (obj JSONWebSignature) CompactSerialize() (string, error) {
 	if len(obj.Signatures) != 1 || obj.Signatures[0].header != nil || obj.Signatures[0].protected == nil {
 		return "", ErrNotSupported
 	}
@@ -218,14 +246,14 @@ func (obj JsonWebSignature) CompactSerialize() (string, error) {
 
 	return fmt.Sprintf(
 		"%s.%s.%s",
-		base64URLEncode(serializedProtected),
-		base64URLEncode(obj.payload),
-		base64URLEncode(obj.Signatures[0].Signature)), nil
+		base64.RawURLEncoding.EncodeToString(serializedProtected),
+		base64.RawURLEncoding.EncodeToString(obj.payload),
+		base64.RawURLEncoding.EncodeToString(obj.Signatures[0].Signature)), nil
 }
 
 // FullSerialize serializes an object using the full JSON serialization format.
-func (obj JsonWebSignature) FullSerialize() string {
-	raw := rawJsonWebSignature{
+func (obj JSONWebSignature) FullSerialize() string {
+	raw := rawJSONWebSignature{
 		Payload: newBuffer(obj.payload),
 	}
 
diff --git a/vendor/gopkg.in/square/go-jose.v2/jwt/builder.go b/vendor/gopkg.in/square/go-jose.v2/jwt/builder.go
new file mode 100644
index 000000000000..686ec80a4bb1
--- /dev/null
+++ b/vendor/gopkg.in/square/go-jose.v2/jwt/builder.go
@@ -0,0 +1,334 @@
+/*-
+ * Copyright 2016 Zbigniew Mandziejewicz
+ * Copyright 2016 Square, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package jwt
+
+import (
+	"bytes"
+	"reflect"
+
+	"gopkg.in/square/go-jose.v2/json"
+
+	"gopkg.in/square/go-jose.v2"
+)
+
+// Builder is a utility for making JSON Web Tokens. Calls can be chained, and
+// errors are accumulated until the final call to CompactSerialize/FullSerialize.
+type Builder interface {
+	// Claims encodes claims into JWE/JWS form. Multiple calls will merge claims
+	// into single JSON object. If you are passing private claims, make sure to set
+	// struct field tags to specify the name for the JSON key to be used when
+	// serializing.
+	Claims(i interface{}) Builder
+	// Token builds a JSONWebToken from provided data.
+	Token() (*JSONWebToken, error)
+	// FullSerialize serializes a token using the full serialization format.
+	FullSerialize() (string, error)
+	// CompactSerialize serializes a token using the compact serialization format.
+	CompactSerialize() (string, error)
+}
+
+// NestedBuilder is a utility for making Signed-Then-Encrypted JSON Web Tokens.
+// Calls can be chained, and errors are accumulated until final call to
+// CompactSerialize/FullSerialize.
+type NestedBuilder interface {
+	// Claims encodes claims into JWE/JWS form. Multiple calls will merge claims
+	// into single JSON object. If you are passing private claims, make sure to set
+	// struct field tags to specify the name for the JSON key to be used when
+	// serializing.
+	Claims(i interface{}) NestedBuilder
+	// Token builds a NestedJSONWebToken from provided data.
+	Token() (*NestedJSONWebToken, error)
+	// FullSerialize serializes a token using the full serialization format.
+	FullSerialize() (string, error)
+	// CompactSerialize serializes a token using the compact serialization format.
+	CompactSerialize() (string, error)
+}
+
+type builder struct {
+	payload map[string]interface{}
+	err     error
+}
+
+type signedBuilder struct {
+	builder
+	sig jose.Signer
+}
+
+type encryptedBuilder struct {
+	builder
+	enc jose.Encrypter
+}
+
+type nestedBuilder struct {
+	builder
+	sig jose.Signer
+	enc jose.Encrypter
+}
+
+// Signed creates builder for signed tokens.
+func Signed(sig jose.Signer) Builder {
+	return &signedBuilder{
+		sig: sig,
+	}
+}
+
+// Encrypted creates builder for encrypted tokens.
+func Encrypted(enc jose.Encrypter) Builder {
+	return &encryptedBuilder{
+		enc: enc,
+	}
+}
+
+// SignedAndEncrypted creates builder for signed-then-encrypted tokens.
+// ErrInvalidContentType will be returned if encrypter doesn't have JWT content type.
+func SignedAndEncrypted(sig jose.Signer, enc jose.Encrypter) NestedBuilder {
+	if contentType, _ := enc.Options().ExtraHeaders[jose.HeaderContentType].(jose.ContentType); contentType != "JWT" {
+		return &nestedBuilder{
+			builder: builder{
+				err: ErrInvalidContentType,
+			},
+		}
+	}
+	return &nestedBuilder{
+		sig: sig,
+		enc: enc,
+	}
+}
+
+func (b builder) claims(i interface{}) builder {
+	if b.err != nil {
+		return b
+	}
+
+	m, ok := i.(map[string]interface{})
+	switch {
+	case ok:
+		return b.merge(m)
+	case reflect.Indirect(reflect.ValueOf(i)).Kind() == reflect.Struct:
+		m, err := normalize(i)
+		if err != nil {
+			return builder{
+				err: err,
+			}
+		}
+		return b.merge(m)
+	default:
+		return builder{
+			err: ErrInvalidClaims,
+		}
+	}
+}
+
+func normalize(i interface{}) (map[string]interface{}, error) {
+	m := make(map[string]interface{})
+
+	raw, err := json.Marshal(i)
+	if err != nil {
+		return nil, err
+	}
+
+	d := json.NewDecoder(bytes.NewReader(raw))
+	d.UseNumber()
+
+	if err := d.Decode(&m); err != nil {
+		return nil, err
+	}
+
+	return m, nil
+}
+
+func (b *builder) merge(m map[string]interface{}) builder {
+	p := make(map[string]interface{})
+	for k, v := range b.payload {
+		p[k] = v
+	}
+	for k, v := range m {
+		p[k] = v
+	}
+
+	return builder{
+		payload: p,
+	}
+}
+
+func (b *builder) token(p func(interface{}) ([]byte, error), h []jose.Header) (*JSONWebToken, error) {
+	return &JSONWebToken{
+		payload: p,
+		Headers: h,
+	}, nil
+}
+
+func (b *signedBuilder) Claims(i interface{}) Builder {
+	return &signedBuilder{
+		builder: b.builder.claims(i),
+		sig:     b.sig,
+	}
+}
+
+func (b *signedBuilder) Token() (*JSONWebToken, error) {
+	sig, err := b.sign()
+	if err != nil {
+		return nil, err
+	}
+
+	h := make([]jose.Header, len(sig.Signatures))
+	for i, v := range sig.Signatures {
+		h[i] = v.Header
+	}
+
+	return b.builder.token(sig.Verify, h)
+}
+
+func (b *signedBuilder) CompactSerialize() (string, error) {
+	sig, err := b.sign()
+	if err != nil {
+		return "", err
+	}
+
+	return sig.CompactSerialize()
+}
+
+func (b *signedBuilder) FullSerialize() (string, error) {
+	sig, err := b.sign()
+	if err != nil {
+		return "", err
+	}
+
+	return sig.FullSerialize(), nil
+}
+
+func (b *signedBuilder) sign() (*jose.JSONWebSignature, error) {
+	if b.err != nil {
+		return nil, b.err
+	}
+
+	p, err := json.Marshal(b.payload)
+	if err != nil {
+		return nil, err
+	}
+
+	return b.sig.Sign(p)
+}
+
+func (b *encryptedBuilder) Claims(i interface{}) Builder {
+	return &encryptedBuilder{
+		builder: b.builder.claims(i),
+		enc:     b.enc,
+	}
+}
+
+func (b *encryptedBuilder) CompactSerialize() (string, error) {
+	enc, err := b.encrypt()
+	if err != nil {
+		return "", err
+	}
+
+	return enc.CompactSerialize()
+}
+
+func (b *encryptedBuilder) FullSerialize() (string, error) {
+	enc, err := b.encrypt()
+	if err != nil {
+		return "", err
+	}
+
+	return enc.FullSerialize(), nil
+}
+
+func (b *encryptedBuilder) Token() (*JSONWebToken, error) {
+	enc, err := b.encrypt()
+	if err != nil {
+		return nil, err
+	}
+
+	return b.builder.token(enc.Decrypt, []jose.Header{enc.Header})
+}
+
+func (b *encryptedBuilder) encrypt() (*jose.JSONWebEncryption, error) {
+	if b.err != nil {
+		return nil, b.err
+	}
+
+	p, err := json.Marshal(b.payload)
+	if err != nil {
+		return nil, err
+	}
+
+	return b.enc.Encrypt(p)
+}
+
+func (b *nestedBuilder) Claims(i interface{}) NestedBuilder {
+	return &nestedBuilder{
+		builder: b.builder.claims(i),
+		sig:     b.sig,
+		enc:     b.enc,
+	}
+}
+
+func (b *nestedBuilder) Token() (*NestedJSONWebToken, error) {
+	enc, err := b.signAndEncrypt()
+	if err != nil {
+		return nil, err
+	}
+
+	return &NestedJSONWebToken{
+		enc:     enc,
+		Headers: []jose.Header{enc.Header},
+	}, nil
+}
+
+func (b *nestedBuilder) CompactSerialize() (string, error) {
+	enc, err := b.signAndEncrypt()
+	if err != nil {
+		return "", err
+	}
+
+	return enc.CompactSerialize()
+}
+
+func (b *nestedBuilder) FullSerialize() (string, error) {
+	enc, err := b.signAndEncrypt()
+	if err != nil {
+		return "", err
+	}
+
+	return enc.FullSerialize(), nil
+}
+
+func (b *nestedBuilder) signAndEncrypt() (*jose.JSONWebEncryption, error) {
+	if b.err != nil {
+		return nil, b.err
+	}
+
+	p, err := json.Marshal(b.payload)
+	if err != nil {
+		return nil, err
+	}
+
+	sig, err := b.sig.Sign(p)
+	if err != nil {
+		return nil, err
+	}
+
+	p2, err := sig.CompactSerialize()
+	if err != nil {
+		return nil, err
+	}
+
+	return b.enc.Encrypt([]byte(p2))
+}
diff --git a/vendor/gopkg.in/square/go-jose.v2/jwt/claims.go b/vendor/gopkg.in/square/go-jose.v2/jwt/claims.go
new file mode 100644
index 000000000000..60de940020b6
--- /dev/null
+++ b/vendor/gopkg.in/square/go-jose.v2/jwt/claims.go
@@ -0,0 +1,115 @@
+/*-
+ * Copyright 2016 Zbigniew Mandziejewicz
+ * Copyright 2016 Square, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package jwt
+
+import (
+	"encoding/json"
+	"strconv"
+	"time"
+)
+
+// Claims represents public claim values (as specified in RFC 7519).
+type Claims struct {
+	Issuer    string      `json:"iss,omitempty"`
+	Subject   string      `json:"sub,omitempty"`
+	Audience  Audience    `json:"aud,omitempty"`
+	Expiry    NumericDate `json:"exp,omitempty"`
+	NotBefore NumericDate `json:"nbf,omitempty"`
+	IssuedAt  NumericDate `json:"iat,omitempty"`
+	ID        string      `json:"jti,omitempty"`
+}
+
+// NumericDate represents date and time as the number of seconds since the
+// epoch, including leap seconds. Non-integer values can be represented
+// in the serialized format, but we round to the nearest second.
+type NumericDate int64
+
+// NewNumericDate constructs NumericDate from time.Time value.
+func NewNumericDate(t time.Time) NumericDate {
+	if t.IsZero() {
+		return NumericDate(0)
+	}
+
+	// While RFC 7519 technically states that NumericDate values may be
+	// non-integer values, we don't bother serializing timestamps in
+	// claims with sub-second accurancy and just round to the nearest
+	// second instead. Not convined sub-second accuracy is useful here.
+	return NumericDate(t.Unix())
+}
+
+// MarshalJSON serializes the given NumericDate into its JSON representation.
+func (n NumericDate) MarshalJSON() ([]byte, error) {
+	return []byte(strconv.FormatInt(int64(n), 10)), nil
+}
+
+// UnmarshalJSON reads a date from its JSON representation.
+func (n *NumericDate) UnmarshalJSON(b []byte) error {
+	s := string(b)
+
+	f, err := strconv.ParseFloat(s, 64)
+	if err != nil {
+		return ErrUnmarshalNumericDate
+	}
+
+	*n = NumericDate(f)
+	return nil
+}
+
+// Time returns time.Time representation of NumericDate.
+func (n NumericDate) Time() time.Time {
+	return time.Unix(int64(n), 0)
+}
+
+// Audience represents the recipents that the token is intended for.
+type Audience []string
+
+// UnmarshalJSON reads an audience from its JSON representation.
+func (s *Audience) UnmarshalJSON(b []byte) error {
+	var v interface{}
+	if err := json.Unmarshal(b, &v); err != nil {
+		return err
+	}
+
+	switch v := v.(type) {
+	case string:
+		*s = []string{v}
+	case []interface{}:
+		a := make([]string, len(v))
+		for i, e := range v {
+			s, ok := e.(string)
+			if !ok {
+				return ErrUnmarshalAudience
+			}
+			a[i] = s
+		}
+		*s = a
+	default:
+		return ErrUnmarshalAudience
+	}
+
+	return nil
+}
+
+func (s Audience) Contains(v string) bool {
+	for _, a := range s {
+		if a == v {
+			return true
+		}
+	}
+	return false
+}
diff --git a/vendor/gopkg.in/square/go-jose.v2/jwt/doc.go b/vendor/gopkg.in/square/go-jose.v2/jwt/doc.go
new file mode 100644
index 000000000000..4cf97b54e783
--- /dev/null
+++ b/vendor/gopkg.in/square/go-jose.v2/jwt/doc.go
@@ -0,0 +1,22 @@
+/*-
+ * Copyright 2017 Square Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+
+Package jwt provides an implementation of the JSON Web Token standard.
+
+*/
+package jwt
diff --git a/vendor/gopkg.in/square/go-jose.v2/jwt/errors.go b/vendor/gopkg.in/square/go-jose.v2/jwt/errors.go
new file mode 100644
index 000000000000..6507dfb28e8e
--- /dev/null
+++ b/vendor/gopkg.in/square/go-jose.v2/jwt/errors.go
@@ -0,0 +1,50 @@
+/*-
+ * Copyright 2016 Zbigniew Mandziejewicz
+ * Copyright 2016 Square, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package jwt
+
+import "errors"
+
+// ErrUnmarshalAudience indicates that aud claim could not be unmarshalled.
+var ErrUnmarshalAudience = errors.New("square/go-jose/jwt: expected string or array value to unmarshal to Audience")
+
+// ErrUnmarshalNumericDate indicates that JWT NumericDate could not be unmarshalled.
+var ErrUnmarshalNumericDate = errors.New("square/go-jose/jwt: expected number value to unmarshal NumericDate")
+
+// ErrInvalidClaims indicates that given claims have invalid type.
+var ErrInvalidClaims = errors.New("square/go-jose/jwt: expected claims to be value convertible into JSON object")
+
+// ErrInvalidIssuer indicates invalid iss claim.
+var ErrInvalidIssuer = errors.New("square/go-jose/jwt: validation failed, invalid issuer claim (iss)")
+
+// ErrInvalidSubject indicates invalid sub claim.
+var ErrInvalidSubject = errors.New("square/go-jose/jwt: validation failed, invalid subject claim (sub)")
+
+// ErrInvalidAudience indicated invalid aud claim.
+var ErrInvalidAudience = errors.New("square/go-jose/jwt: validation failed, invalid audience claim (aud)")
+
+// ErrInvalidID indicates invalid jti claim.
+var ErrInvalidID = errors.New("square/go-jose/jwt: validation failed, invalid ID claim (jti)")
+
+// ErrNotValidYet indicates that token is used before time indicated in nbf claim.
+var ErrNotValidYet = errors.New("square/go-jose/jwt: validation failed, token not valid yet (nbf)")
+
+// ErrExpired indicates that token is used after expiry time indicated in exp claim.
+var ErrExpired = errors.New("square/go-jose/jwt: validation failed, token is expired (exp)")
+
+// ErrInvalidContentType indicated that token requires JWT cty header.
+var ErrInvalidContentType = errors.New("square/go-jose/jwt: expected content type to be JWT (cty header)")
diff --git a/vendor/gopkg.in/square/go-jose.v2/jwt/jwt.go b/vendor/gopkg.in/square/go-jose.v2/jwt/jwt.go
new file mode 100644
index 000000000000..2155b2d274d9
--- /dev/null
+++ b/vendor/gopkg.in/square/go-jose.v2/jwt/jwt.go
@@ -0,0 +1,113 @@
+/*-
+ * Copyright 2016 Zbigniew Mandziejewicz
+ * Copyright 2016 Square, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package jwt
+
+import (
+	"gopkg.in/square/go-jose.v2"
+	"gopkg.in/square/go-jose.v2/json"
+	"strings"
+)
+
+// JSONWebToken represents a JSON Web Token (as specified in RFC7519).
+type JSONWebToken struct {
+	payload func(k interface{}) ([]byte, error)
+	Headers []jose.Header
+}
+
+type NestedJSONWebToken struct {
+	enc     *jose.JSONWebEncryption
+	Headers []jose.Header
+}
+
+// Claims deserializes a JSONWebToken into dest using the provided key.
+func (t *JSONWebToken) Claims(key interface{}, dest ...interface{}) error {
+	b, err := t.payload(key)
+	if err != nil {
+		return err
+	}
+
+	for _, d := range dest {
+		if err := json.Unmarshal(b, d); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (t *NestedJSONWebToken) Decrypt(decryptionKey interface{}) (*JSONWebToken, error) {
+	b, err := t.enc.Decrypt(decryptionKey)
+	if err != nil {
+		return nil, err
+	}
+
+	sig, err := ParseSigned(string(b))
+	if err != nil {
+		return nil, err
+	}
+
+	return sig, nil
+}
+
+// ParseSigned parses token from JWS form.
+func ParseSigned(s string) (*JSONWebToken, error) {
+	sig, err := jose.ParseSigned(s)
+	if err != nil {
+		return nil, err
+	}
+	headers := make([]jose.Header, len(sig.Signatures))
+	for i, signature := range sig.Signatures {
+		headers[i] = signature.Header
+	}
+
+	return &JSONWebToken{
+		payload: sig.Verify,
+		Headers: headers,
+	}, nil
+}
+
+// ParseEncrypted parses token from JWE form.
+func ParseEncrypted(s string) (*JSONWebToken, error) {
+	enc, err := jose.ParseEncrypted(s)
+	if err != nil {
+		return nil, err
+	}
+
+	return &JSONWebToken{
+		payload: enc.Decrypt,
+		Headers: []jose.Header{enc.Header},
+	}, nil
+}
+
+// ParseSignedAndEncrypted parses signed-then-encrypted token from JWE form.
+func ParseSignedAndEncrypted(s string) (*NestedJSONWebToken, error) {
+	enc, err := jose.ParseEncrypted(s)
+	if err != nil {
+		return nil, err
+	}
+
+	contentType, _ := enc.Header.ExtraHeaders[jose.HeaderContentType].(string)
+	if strings.ToUpper(contentType) != "JWT" {
+		return nil, ErrInvalidContentType
+	}
+
+	return &NestedJSONWebToken{
+		enc:     enc,
+		Headers: []jose.Header{enc.Header},
+	}, nil
+}
diff --git a/vendor/gopkg.in/square/go-jose.v2/jwt/validation.go b/vendor/gopkg.in/square/go-jose.v2/jwt/validation.go
new file mode 100644
index 000000000000..fdcee371b1da
--- /dev/null
+++ b/vendor/gopkg.in/square/go-jose.v2/jwt/validation.go
@@ -0,0 +1,89 @@
+/*-
+ * Copyright 2016 Zbigniew Mandziejewicz
+ * Copyright 2016 Square, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package jwt
+
+import "time"
+
+const (
+	// DefaultLeeway defines the default leeway for matching NotBefore/Expiry claims.
+	DefaultLeeway = 1.0 * time.Minute
+)
+
+// Expected defines values used for protected claims validation.
+// If field has zero value then validation is skipped.
+type Expected struct {
+	// Issuer matches the "iss" claim exactly.
+	Issuer string
+	// Subject matches the "sub" claim exactly.
+	Subject string
+	// Audience matches the values in "aud" claim, regardless of their order.
+	Audience Audience
+	// ID matches the "jti" claim exactly.
+	ID string
+	// Time matches the "exp" and "ebf" claims with leeway.
+	Time time.Time
+}
+
+// WithTime copies expectations with new time.
+func (e Expected) WithTime(t time.Time) Expected {
+	e.Time = t
+	return e
+}
+
+// Validate checks claims in a token against expected values.
+// A default leeway value of one minute is used to compare time values.
+func (c Claims) Validate(e Expected) error {
+	return c.ValidateWithLeeway(e, DefaultLeeway)
+}
+
+// ValidateWithLeeway checks claims in a token against expected values. A
+// custom leeway may be specified for comparing time values. You may pass a
+// zero value to check time values with no leeway, but you should not that
+// numeric date values are rounded to the nearest second and sub-second
+// precision is not supported.
+func (c Claims) ValidateWithLeeway(e Expected, leeway time.Duration) error {
+	if e.Issuer != "" && e.Issuer != c.Issuer {
+		return ErrInvalidIssuer
+	}
+
+	if e.Subject != "" && e.Subject != c.Subject {
+		return ErrInvalidSubject
+	}
+
+	if e.ID != "" && e.ID != c.ID {
+		return ErrInvalidID
+	}
+
+	if len(e.Audience) != 0 {
+		for _, v := range e.Audience {
+			if !c.Audience.Contains(v) {
+				return ErrInvalidAudience
+			}
+		}
+	}
+
+	if !e.Time.IsZero() && e.Time.Add(leeway).Before(c.NotBefore.Time()) {
+		return ErrNotValidYet
+	}
+
+	if !e.Time.IsZero() && e.Time.Add(-leeway).After(c.Expiry.Time()) {
+		return ErrExpired
+	}
+
+	return nil
+}
diff --git a/vendor/gopkg.in/square/go-jose.v2/shared.go b/vendor/gopkg.in/square/go-jose.v2/shared.go
new file mode 100644
index 000000000000..4c19dc382b73
--- /dev/null
+++ b/vendor/gopkg.in/square/go-jose.v2/shared.go
@@ -0,0 +1,417 @@
+/*-
+ * Copyright 2014 Square Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package jose
+
+import (
+	"crypto/elliptic"
+	"errors"
+	"fmt"
+
+	"gopkg.in/square/go-jose.v2/json"
+)
+
+// KeyAlgorithm represents a key management algorithm.
+type KeyAlgorithm string
+
+// SignatureAlgorithm represents a signature (or MAC) algorithm.
+type SignatureAlgorithm string
+
+// ContentEncryption represents a content encryption algorithm.
+type ContentEncryption string
+
+// CompressionAlgorithm represents an algorithm used for plaintext compression.
+type CompressionAlgorithm string
+
+// ContentType represents type of the contained data.
+type ContentType string
+
+var (
+	// ErrCryptoFailure represents an error in cryptographic primitive. This
+	// occurs when, for example, a message had an invalid authentication tag or
+	// could not be decrypted.
+	ErrCryptoFailure = errors.New("square/go-jose: error in cryptographic primitive")
+
+	// ErrUnsupportedAlgorithm indicates that a selected algorithm is not
+	// supported. This occurs when trying to instantiate an encrypter for an
+	// algorithm that is not yet implemented.
+	ErrUnsupportedAlgorithm = errors.New("square/go-jose: unknown/unsupported algorithm")
+
+	// ErrUnsupportedKeyType indicates that the given key type/format is not
+	// supported. This occurs when trying to instantiate an encrypter and passing
+	// it a key of an unrecognized type or with unsupported parameters, such as
+	// an RSA private key with more than two primes.
+	ErrUnsupportedKeyType = errors.New("square/go-jose: unsupported key type/format")
+
+	// ErrNotSupported serialization of object is not supported. This occurs when
+	// trying to compact-serialize an object which can't be represented in
+	// compact form.
+	ErrNotSupported = errors.New("square/go-jose: compact serialization not supported for object")
+
+	// ErrUnprotectedNonce indicates that while parsing a JWS or JWE object, a
+	// nonce header parameter was included in an unprotected header object.
+	ErrUnprotectedNonce = errors.New("square/go-jose: Nonce parameter included in unprotected header")
+)
+
+// Key management algorithms
+const (
+	ED25519            = KeyAlgorithm("ED25519")
+	RSA1_5             = KeyAlgorithm("RSA1_5")             // RSA-PKCS1v1.5
+	RSA_OAEP           = KeyAlgorithm("RSA-OAEP")           // RSA-OAEP-SHA1
+	RSA_OAEP_256       = KeyAlgorithm("RSA-OAEP-256")       // RSA-OAEP-SHA256
+	A128KW             = KeyAlgorithm("A128KW")             // AES key wrap (128)
+	A192KW             = KeyAlgorithm("A192KW")             // AES key wrap (192)
+	A256KW             = KeyAlgorithm("A256KW")             // AES key wrap (256)
+	DIRECT             = KeyAlgorithm("dir")                // Direct encryption
+	ECDH_ES            = KeyAlgorithm("ECDH-ES")            // ECDH-ES
+	ECDH_ES_A128KW     = KeyAlgorithm("ECDH-ES+A128KW")     // ECDH-ES + AES key wrap (128)
+	ECDH_ES_A192KW     = KeyAlgorithm("ECDH-ES+A192KW")     // ECDH-ES + AES key wrap (192)
+	ECDH_ES_A256KW     = KeyAlgorithm("ECDH-ES+A256KW")     // ECDH-ES + AES key wrap (256)
+	A128GCMKW          = KeyAlgorithm("A128GCMKW")          // AES-GCM key wrap (128)
+	A192GCMKW          = KeyAlgorithm("A192GCMKW")          // AES-GCM key wrap (192)
+	A256GCMKW          = KeyAlgorithm("A256GCMKW")          // AES-GCM key wrap (256)
+	PBES2_HS256_A128KW = KeyAlgorithm("PBES2-HS256+A128KW") // PBES2 + HMAC-SHA256 + AES key wrap (128)
+	PBES2_HS384_A192KW = KeyAlgorithm("PBES2-HS384+A192KW") // PBES2 + HMAC-SHA384 + AES key wrap (192)
+	PBES2_HS512_A256KW = KeyAlgorithm("PBES2-HS512+A256KW") // PBES2 + HMAC-SHA512 + AES key wrap (256)
+)
+
+// Signature algorithms
+const (
+	EdDSA = SignatureAlgorithm("EdDSA")
+	HS256 = SignatureAlgorithm("HS256") // HMAC using SHA-256
+	HS384 = SignatureAlgorithm("HS384") // HMAC using SHA-384
+	HS512 = SignatureAlgorithm("HS512") // HMAC using SHA-512
+	RS256 = SignatureAlgorithm("RS256") // RSASSA-PKCS-v1.5 using SHA-256
+	RS384 = SignatureAlgorithm("RS384") // RSASSA-PKCS-v1.5 using SHA-384
+	RS512 = SignatureAlgorithm("RS512") // RSASSA-PKCS-v1.5 using SHA-512
+	ES256 = SignatureAlgorithm("ES256") // ECDSA using P-256 and SHA-256
+	ES384 = SignatureAlgorithm("ES384") // ECDSA using P-384 and SHA-384
+	ES512 = SignatureAlgorithm("ES512") // ECDSA using P-521 and SHA-512
+	PS256 = SignatureAlgorithm("PS256") // RSASSA-PSS using SHA256 and MGF1-SHA256
+	PS384 = SignatureAlgorithm("PS384") // RSASSA-PSS using SHA384 and MGF1-SHA384
+	PS512 = SignatureAlgorithm("PS512") // RSASSA-PSS using SHA512 and MGF1-SHA512
+)
+
+// Content encryption algorithms
+const (
+	A128CBC_HS256 = ContentEncryption("A128CBC-HS256") // AES-CBC + HMAC-SHA256 (128)
+	A192CBC_HS384 = ContentEncryption("A192CBC-HS384") // AES-CBC + HMAC-SHA384 (192)
+	A256CBC_HS512 = ContentEncryption("A256CBC-HS512") // AES-CBC + HMAC-SHA512 (256)
+	A128GCM       = ContentEncryption("A128GCM")       // AES-GCM (128)
+	A192GCM       = ContentEncryption("A192GCM")       // AES-GCM (192)
+	A256GCM       = ContentEncryption("A256GCM")       // AES-GCM (256)
+)
+
+// Compression algorithms
+const (
+	NONE    = CompressionAlgorithm("")    // No compression
+	DEFLATE = CompressionAlgorithm("DEF") // DEFLATE (RFC 1951)
+)
+
+// A key in the protected header of a JWS object. Use of the Header...
+// constants is preferred to enhance type safety.
+type HeaderKey string
+
+const (
+	HeaderType        HeaderKey = "typ" // string
+	HeaderContentType           = "cty" // string
+
+	// These are set by go-jose and shouldn't need to be set by consumers of the
+	// library.
+	headerAlgorithm   = "alg"  // string
+	headerEncryption  = "enc"  // ContentEncryption
+	headerCompression = "zip"  // CompressionAlgorithm
+	headerCritical    = "crit" // []string
+
+	headerAPU = "apu" // *byteBuffer
+	headerAPV = "apv" // *byteBuffer
+	headerEPK = "epk" // *JSONWebKey
+	headerIV  = "iv"  // *byteBuffer
+	headerTag = "tag" // *byteBuffer
+
+	headerJWK   = "jwk"   // *JSONWebKey
+	headerKeyID = "kid"   // string
+	headerNonce = "nonce" // string
+)
+
+// rawHeader represents the JOSE header for JWE/JWS objects (used for parsing).
+//
+// The decoding of the constituent items is deferred because we want to marshal
+// some members into particular structs rather than generic maps, but at the
+// same time we need to receive any extra fields unhandled by this library to
+// pass through to consuming code in case it wants to examine them.
+type rawHeader map[HeaderKey]*json.RawMessage
+
+// Header represents the read-only JOSE header for JWE/JWS objects.
+type Header struct {
+	KeyID      string
+	JSONWebKey *JSONWebKey
+	Algorithm  string
+	Nonce      string
+
+	// Any headers not recognised above get unmarshaled from JSON in a generic
+	// manner and placed in this map.
+	ExtraHeaders map[HeaderKey]interface{}
+}
+
+func (parsed rawHeader) set(k HeaderKey, v interface{}) error {
+	b, err := json.Marshal(v)
+	if err != nil {
+		return err
+	}
+
+	parsed[k] = makeRawMessage(b)
+	return nil
+}
+
+// getString gets a string from the raw JSON, defaulting to "".
+func (parsed rawHeader) getString(k HeaderKey) string {
+	v, ok := parsed[k]
+	if !ok {
+		return ""
+	}
+	var s string
+	err := json.Unmarshal(*v, &s)
+	if err != nil {
+		return ""
+	}
+	return s
+}
+
+// getByteBuffer gets a byte buffer from the raw JSON. Returns (nil, nil) if
+// not specified.
+func (parsed rawHeader) getByteBuffer(k HeaderKey) (*byteBuffer, error) {
+	v := parsed[k]
+	if v == nil {
+		return nil, nil
+	}
+	var bb *byteBuffer
+	err := json.Unmarshal(*v, &bb)
+	if err != nil {
+		return nil, err
+	}
+	return bb, nil
+}
+
+// getAlgorithm extracts parsed "alg" from the raw JSON as a KeyAlgorithm.
+func (parsed rawHeader) getAlgorithm() KeyAlgorithm {
+	return KeyAlgorithm(parsed.getString(headerAlgorithm))
+}
+
+// getSignatureAlgorithm extracts parsed "alg" from the raw JSON as a SignatureAlgorithm.
+func (parsed rawHeader) getSignatureAlgorithm() SignatureAlgorithm {
+	return SignatureAlgorithm(parsed.getString(headerAlgorithm))
+}
+
+// getEncryption extracts parsed "enc" from the raw JSON.
+func (parsed rawHeader) getEncryption() ContentEncryption {
+	return ContentEncryption(parsed.getString(headerEncryption))
+}
+
+// getCompression extracts parsed "zip" from the raw JSON.
+func (parsed rawHeader) getCompression() CompressionAlgorithm {
+	return CompressionAlgorithm(parsed.getString(headerCompression))
+}
+
+func (parsed rawHeader) getNonce() string {
+	return parsed.getString(headerNonce)
+}
+
+// getEPK extracts parsed "epk" from the raw JSON.
+func (parsed rawHeader) getEPK() (*JSONWebKey, error) {
+	v := parsed[headerEPK]
+	if v == nil {
+		return nil, nil
+	}
+	var epk *JSONWebKey
+	err := json.Unmarshal(*v, &epk)
+	if err != nil {
+		return nil, err
+	}
+	return epk, nil
+}
+
+// getAPU extracts parsed "apu" from the raw JSON.
+func (parsed rawHeader) getAPU() (*byteBuffer, error) {
+	return parsed.getByteBuffer(headerAPU)
+}
+
+// getAPV extracts parsed "apv" from the raw JSON.
+func (parsed rawHeader) getAPV() (*byteBuffer, error) {
+	return parsed.getByteBuffer(headerAPV)
+}
+
+// getIV extracts parsed "iv" frpom the raw JSON.
+func (parsed rawHeader) getIV() (*byteBuffer, error) {
+	return parsed.getByteBuffer(headerIV)
+}
+
+// getTag extracts parsed "tag" frpom the raw JSON.
+func (parsed rawHeader) getTag() (*byteBuffer, error) {
+	return parsed.getByteBuffer(headerTag)
+}
+
+// getJWK extracts parsed "jwk" from the raw JSON.
+func (parsed rawHeader) getJWK() (*JSONWebKey, error) {
+	v := parsed[headerJWK]
+	if v == nil {
+		return nil, nil
+	}
+	var jwk *JSONWebKey
+	err := json.Unmarshal(*v, &jwk)
+	if err != nil {
+		return nil, err
+	}
+	return jwk, nil
+}
+
+// getCritical extracts parsed "crit" from the raw JSON. If omitted, it
+// returns an empty slice.
+func (parsed rawHeader) getCritical() ([]string, error) {
+	v := parsed[headerCritical]
+	if v == nil {
+		return nil, nil
+	}
+
+	var q []string
+	err := json.Unmarshal(*v, &q)
+	if err != nil {
+		return nil, err
+	}
+	return q, nil
+}
+
+// sanitized produces a cleaned-up header object from the raw JSON.
+func (parsed rawHeader) sanitized() (h Header, err error) {
+	for k, v := range parsed {
+		if v == nil {
+			continue
+		}
+		switch k {
+		case headerJWK:
+			var jwk *JSONWebKey
+			err = json.Unmarshal(*v, &jwk)
+			if err != nil {
+				err = fmt.Errorf("failed to unmarshal JWK: %v: %#v", err, string(*v))
+				return
+			}
+			h.JSONWebKey = jwk
+		case headerKeyID:
+			var s string
+			err = json.Unmarshal(*v, &s)
+			if err != nil {
+				err = fmt.Errorf("failed to unmarshal key ID: %v: %#v", err, string(*v))
+				return
+			}
+			h.KeyID = s
+		case headerAlgorithm:
+			var s string
+			err = json.Unmarshal(*v, &s)
+			if err != nil {
+				err = fmt.Errorf("failed to unmarshal algorithm: %v: %#v", err, string(*v))
+				return
+			}
+			h.Algorithm = s
+		case headerNonce:
+			var s string
+			err = json.Unmarshal(*v, &s)
+			if err != nil {
+				err = fmt.Errorf("failed to unmarshal nonce: %v: %#v", err, string(*v))
+				return
+			}
+			h.Nonce = s
+		default:
+			if h.ExtraHeaders == nil {
+				h.ExtraHeaders = map[HeaderKey]interface{}{}
+			}
+			var v2 interface{}
+			err = json.Unmarshal(*v, &v2)
+			if err != nil {
+				err = fmt.Errorf("failed to unmarshal value: %v: %#v", err, string(*v))
+				return
+			}
+			h.ExtraHeaders[k] = v2
+		}
+	}
+	return
+}
+
+func (dst rawHeader) isSet(k HeaderKey) bool {
+	dvr := dst[k]
+	if dvr == nil {
+		return false
+	}
+
+	var dv interface{}
+	err := json.Unmarshal(*dvr, &dv)
+	if err != nil {
+		return true
+	}
+
+	if dvStr, ok := dv.(string); ok {
+		return dvStr != ""
+	}
+
+	return true
+}
+
+// Merge headers from src into dst, giving precedence to headers from l.
+func (dst rawHeader) merge(src *rawHeader) {
+	if src == nil {
+		return
+	}
+
+	for k, v := range *src {
+		if dst.isSet(k) {
+			continue
+		}
+
+		dst[k] = v
+	}
+}
+
+// Get JOSE name of curve
+func curveName(crv elliptic.Curve) (string, error) {
+	switch crv {
+	case elliptic.P256():
+		return "P-256", nil
+	case elliptic.P384():
+		return "P-384", nil
+	case elliptic.P521():
+		return "P-521", nil
+	default:
+		return "", fmt.Errorf("square/go-jose: unsupported/unknown elliptic curve")
+	}
+}
+
+// Get size of curve in bytes
+func curveSize(crv elliptic.Curve) int {
+	bits := crv.Params().BitSize
+
+	div := bits / 8
+	mod := bits % 8
+
+	if mod == 0 {
+		return div
+	}
+
+	return div + 1
+}
+
+func makeRawMessage(b []byte) *json.RawMessage {
+	rm := json.RawMessage(b)
+	return &rm
+}
diff --git a/vendor/gopkg.in/square/go-jose.v2/signing.go b/vendor/gopkg.in/square/go-jose.v2/signing.go
new file mode 100644
index 000000000000..13e956d6680d
--- /dev/null
+++ b/vendor/gopkg.in/square/go-jose.v2/signing.go
@@ -0,0 +1,343 @@
+/*-
+ * Copyright 2014 Square Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package jose
+
+import (
+	"crypto/ecdsa"
+	"crypto/rsa"
+	"encoding/base64"
+	"errors"
+	"fmt"
+
+	"golang.org/x/crypto/ed25519"
+
+	"gopkg.in/square/go-jose.v2/json"
+)
+
+// NonceSource represents a source of random nonces to go into JWS objects
+type NonceSource interface {
+	Nonce() (string, error)
+}
+
+// Signer represents a signer which takes a payload and produces a signed JWS object.
+type Signer interface {
+	Sign(payload []byte) (*JSONWebSignature, error)
+	Options() SignerOptions
+}
+
+// SigningKey represents an algorithm/key used to sign a message.
+type SigningKey struct {
+	Algorithm SignatureAlgorithm
+	Key       interface{}
+}
+
+// SignerOptions represents options that can be set when creating signers.
+type SignerOptions struct {
+	NonceSource NonceSource
+	EmbedJWK    bool
+
+	// Optional map of additional keys to be inserted into the protected header
+	// of a JWS object. Some specifications which make use of JWS like to insert
+	// additional values here. All values must be JSON-serializable.
+	ExtraHeaders map[HeaderKey]interface{}
+}
+
+// WithHeader adds an arbitrary value to the ExtraHeaders map, initializing it
+// if necessary. It returns itself and so can be used in a fluent style.
+func (so *SignerOptions) WithHeader(k HeaderKey, v interface{}) *SignerOptions {
+	if so.ExtraHeaders == nil {
+		so.ExtraHeaders = map[HeaderKey]interface{}{}
+	}
+	so.ExtraHeaders[k] = v
+	return so
+}
+
+// WithContentType adds a content type ("cty") header and returns the updated
+// SignerOptions.
+func (so *SignerOptions) WithContentType(contentType ContentType) *SignerOptions {
+	return so.WithHeader(HeaderContentType, contentType)
+}
+
+// WithType adds a type ("typ") header and returns the updated SignerOptions.
+func (so *SignerOptions) WithType(typ ContentType) *SignerOptions {
+	return so.WithHeader(HeaderType, typ)
+}
+
+type payloadSigner interface {
+	signPayload(payload []byte, alg SignatureAlgorithm) (Signature, error)
+}
+
+type payloadVerifier interface {
+	verifyPayload(payload []byte, signature []byte, alg SignatureAlgorithm) error
+}
+
+type genericSigner struct {
+	recipients   []recipientSigInfo
+	nonceSource  NonceSource
+	embedJWK     bool
+	extraHeaders map[HeaderKey]interface{}
+}
+
+type recipientSigInfo struct {
+	sigAlg    SignatureAlgorithm
+	publicKey *JSONWebKey
+	signer    payloadSigner
+}
+
+// NewSigner creates an appropriate signer based on the key type
+func NewSigner(sig SigningKey, opts *SignerOptions) (Signer, error) {
+	return NewMultiSigner([]SigningKey{sig}, opts)
+}
+
+// NewMultiSigner creates a signer for multiple recipients
+func NewMultiSigner(sigs []SigningKey, opts *SignerOptions) (Signer, error) {
+	signer := &genericSigner{recipients: []recipientSigInfo{}}
+
+	if opts != nil {
+		signer.nonceSource = opts.NonceSource
+		signer.embedJWK = opts.EmbedJWK
+		signer.extraHeaders = opts.ExtraHeaders
+	}
+
+	for _, sig := range sigs {
+		err := signer.addRecipient(sig.Algorithm, sig.Key)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	return signer, nil
+}
+
+// newVerifier creates a verifier based on the key type
+func newVerifier(verificationKey interface{}) (payloadVerifier, error) {
+	switch verificationKey := verificationKey.(type) {
+	case ed25519.PublicKey:
+		return &edEncrypterVerifier{
+			publicKey: verificationKey,
+		}, nil
+	case *rsa.PublicKey:
+		return &rsaEncrypterVerifier{
+			publicKey: verificationKey,
+		}, nil
+	case *ecdsa.PublicKey:
+		return &ecEncrypterVerifier{
+			publicKey: verificationKey,
+		}, nil
+	case []byte:
+		return &symmetricMac{
+			key: verificationKey,
+		}, nil
+	case JSONWebKey:
+		return newVerifier(verificationKey.Key)
+	case *JSONWebKey:
+		return newVerifier(verificationKey.Key)
+	default:
+		return nil, ErrUnsupportedKeyType
+	}
+}
+
+func (ctx *genericSigner) addRecipient(alg SignatureAlgorithm, signingKey interface{}) error {
+	recipient, err := makeJWSRecipient(alg, signingKey)
+	if err != nil {
+		return err
+	}
+
+	ctx.recipients = append(ctx.recipients, recipient)
+	return nil
+}
+
+func makeJWSRecipient(alg SignatureAlgorithm, signingKey interface{}) (recipientSigInfo, error) {
+	switch signingKey := signingKey.(type) {
+	case ed25519.PrivateKey:
+		return newEd25519Signer(alg, signingKey)
+	case *rsa.PrivateKey:
+		return newRSASigner(alg, signingKey)
+	case *ecdsa.PrivateKey:
+		return newECDSASigner(alg, signingKey)
+	case []byte:
+		return newSymmetricSigner(alg, signingKey)
+	case JSONWebKey:
+		return newJWKSigner(alg, signingKey)
+	case *JSONWebKey:
+		return newJWKSigner(alg, *signingKey)
+	default:
+		return recipientSigInfo{}, ErrUnsupportedKeyType
+	}
+}
+
+func newJWKSigner(alg SignatureAlgorithm, signingKey JSONWebKey) (recipientSigInfo, error) {
+	recipient, err := makeJWSRecipient(alg, signingKey.Key)
+	if err != nil {
+		return recipientSigInfo{}, err
+	}
+	if recipient.publicKey != nil {
+		// recipient.publicKey is a JWK synthesized for embedding when recipientSigInfo
+		// was created for the inner key (such as a RSA or ECDSA public key). It contains
+		// the pub key for embedding, but doesn't have extra params like key id.
+		publicKey := signingKey
+		publicKey.Key = recipient.publicKey.Key
+		recipient.publicKey = &publicKey
+
+		// This should be impossible, but let's check anyway.
+		if !recipient.publicKey.IsPublic() {
+			return recipientSigInfo{}, errors.New("square/go-jose: public key was unexpectedly not public")
+		}
+	}
+	return recipient, nil
+}
+
+func (ctx *genericSigner) Sign(payload []byte) (*JSONWebSignature, error) {
+	obj := &JSONWebSignature{}
+	obj.payload = payload
+	obj.Signatures = make([]Signature, len(ctx.recipients))
+
+	for i, recipient := range ctx.recipients {
+		protected := map[HeaderKey]interface{}{
+			headerAlgorithm: string(recipient.sigAlg),
+		}
+
+		if recipient.publicKey != nil {
+			// We want to embed the JWK or set the kid header, but not both. Having a protected
+			// header that contains an embedded JWK while also simultaneously containing the kid
+			// header is confusing, and at least in ACME the two are considered to be mutually
+			// exclusive. The fact that both can exist at the same time is a somewhat unfortunate
+			// result of the JOSE spec. We've decided that this library will only include one or
+			// the other to avoid this confusion.
+			//
+			// See https://github.com/square/go-jose/issues/157 for more context.
+			if ctx.embedJWK {
+				protected[headerJWK] = recipient.publicKey
+			} else {
+				protected[headerKeyID] = recipient.publicKey.KeyID
+			}
+		}
+
+		if ctx.nonceSource != nil {
+			nonce, err := ctx.nonceSource.Nonce()
+			if err != nil {
+				return nil, fmt.Errorf("square/go-jose: Error generating nonce: %v", err)
+			}
+			protected[headerNonce] = nonce
+		}
+
+		for k, v := range ctx.extraHeaders {
+			protected[k] = v
+		}
+
+		serializedProtected := mustSerializeJSON(protected)
+
+		input := []byte(fmt.Sprintf("%s.%s",
+			base64.RawURLEncoding.EncodeToString(serializedProtected),
+			base64.RawURLEncoding.EncodeToString(payload)))
+
+		signatureInfo, err := recipient.signer.signPayload(input, recipient.sigAlg)
+		if err != nil {
+			return nil, err
+		}
+
+		signatureInfo.protected = &rawHeader{}
+		for k, v := range protected {
+			b, err := json.Marshal(v)
+			if err != nil {
+				return nil, fmt.Errorf("square/go-jose: Error marshalling item %#v: %v", k, err)
+			}
+			(*signatureInfo.protected)[k] = makeRawMessage(b)
+		}
+		obj.Signatures[i] = signatureInfo
+	}
+
+	return obj, nil
+}
+
+func (ctx *genericSigner) Options() SignerOptions {
+	return SignerOptions{
+		NonceSource:  ctx.nonceSource,
+		EmbedJWK:     ctx.embedJWK,
+		ExtraHeaders: ctx.extraHeaders,
+	}
+}
+
+// Verify validates the signature on the object and returns the payload.
+// This function does not support multi-signature, if you desire multi-sig
+// verification use VerifyMulti instead.
+//
+// Be careful when verifying signatures based on embedded JWKs inside the
+// payload header. You cannot assume that the key received in a payload is
+// trusted.
+func (obj JSONWebSignature) Verify(verificationKey interface{}) ([]byte, error) {
+	verifier, err := newVerifier(verificationKey)
+	if err != nil {
+		return nil, err
+	}
+
+	if len(obj.Signatures) > 1 {
+		return nil, errors.New("square/go-jose: too many signatures in payload; expecting only one")
+	}
+
+	signature := obj.Signatures[0]
+	headers := signature.mergedHeaders()
+	critical, err := headers.getCritical()
+	if err != nil {
+		return nil, err
+	}
+	if len(critical) > 0 {
+		// Unsupported crit header
+		return nil, ErrCryptoFailure
+	}
+
+	input := obj.computeAuthData(&signature)
+	alg := headers.getSignatureAlgorithm()
+	err = verifier.verifyPayload(input, signature.Signature, alg)
+	if err == nil {
+		return obj.payload, nil
+	}
+
+	return nil, ErrCryptoFailure
+}
+
+// VerifyMulti validates (one of the multiple) signatures on the object and
+// returns the index of the signature that was verified, along with the signature
+// object and the payload. We return the signature and index to guarantee that
+// callers are getting the verified value.
+func (obj JSONWebSignature) VerifyMulti(verificationKey interface{}) (int, Signature, []byte, error) {
+	verifier, err := newVerifier(verificationKey)
+	if err != nil {
+		return -1, Signature{}, nil, err
+	}
+
+	for i, signature := range obj.Signatures {
+		headers := signature.mergedHeaders()
+		critical, err := headers.getCritical()
+		if err != nil {
+			continue
+		}
+		if len(critical) > 0 {
+			// Unsupported crit header
+			continue
+		}
+
+		input := obj.computeAuthData(&signature)
+		alg := headers.getSignatureAlgorithm()
+		err = verifier.verifyPayload(input, signature.Signature, alg)
+		if err == nil {
+			return i, signature, obj.payload, nil
+		}
+	}
+
+	return -1, Signature{}, nil, ErrCryptoFailure
+}
diff --git a/vendor/github.com/square/go-jose/symmetric.go b/vendor/gopkg.in/square/go-jose.v2/symmetric.go
similarity index 93%
rename from vendor/github.com/square/go-jose/symmetric.go
rename to vendor/gopkg.in/square/go-jose.v2/symmetric.go
index c47fc9757de3..5be00f925a93 100644
--- a/vendor/github.com/square/go-jose/symmetric.go
+++ b/vendor/gopkg.in/square/go-jose.v2/symmetric.go
@@ -25,10 +25,11 @@ import (
 	"crypto/sha512"
 	"crypto/subtle"
 	"errors"
+	"fmt"
 	"hash"
 	"io"
 
-	"github.com/square/go-jose/cipher"
+	"gopkg.in/square/go-jose.v2/cipher"
 )
 
 // Random reader (stubbed out in tests)
@@ -229,11 +230,12 @@ func (ctx *symmetricKeyCipher) encryptKey(cek []byte, alg KeyAlgorithm) (recipie
 			return recipientInfo{}, err
 		}
 
+		header := &rawHeader{}
+		header.set(headerIV, newBuffer(parts.iv))
+		header.set(headerTag, newBuffer(parts.tag))
+
 		return recipientInfo{
-			header: &rawHeader{
-				Iv:  newBuffer(parts.iv),
-				Tag: newBuffer(parts.tag),
-			},
+			header:       header,
 			encryptedKey: parts.ciphertext,
 		}, nil
 	case A128KW, A192KW, A256KW:
@@ -258,7 +260,7 @@ func (ctx *symmetricKeyCipher) encryptKey(cek []byte, alg KeyAlgorithm) (recipie
 
 // Decrypt the content encryption key.
 func (ctx *symmetricKeyCipher) decryptKey(headers rawHeader, recipient *recipientInfo, generator keyGenerator) ([]byte, error) {
-	switch KeyAlgorithm(headers.Alg) {
+	switch headers.getAlgorithm() {
 	case DIRECT:
 		cek := make([]byte, len(ctx.key))
 		copy(cek, ctx.key)
@@ -266,10 +268,19 @@ func (ctx *symmetricKeyCipher) decryptKey(headers rawHeader, recipient *recipien
 	case A128GCMKW, A192GCMKW, A256GCMKW:
 		aead := newAESGCM(len(ctx.key))
 
+		iv, err := headers.getIV()
+		if err != nil {
+			return nil, fmt.Errorf("square/go-jose: invalid IV: %v", err)
+		}
+		tag, err := headers.getTag()
+		if err != nil {
+			return nil, fmt.Errorf("square/go-jose: invalid tag: %v", err)
+		}
+
 		parts := &aeadParts{
-			iv:         headers.Iv.bytes(),
+			iv:         iv.bytes(),
 			ciphertext: recipient.encryptedKey,
-			tag:        headers.Tag.bytes(),
+			tag:        tag.bytes(),
 		}
 
 		cek, err := aead.decrypt(ctx.key, []byte{}, parts)
diff --git a/vendor/gopkg.in/yaml.v2/.travis.yml b/vendor/gopkg.in/yaml.v2/.travis.yml
new file mode 100644
index 000000000000..004172a2e37f
--- /dev/null
+++ b/vendor/gopkg.in/yaml.v2/.travis.yml
@@ -0,0 +1,9 @@
+language: go
+
+go:
+    - 1.4
+    - 1.5
+    - 1.6
+    - tip
+
+go_import_path: gopkg.in/yaml.v2
diff --git a/vendor/gopkg.in/yaml.v2/LICENSE b/vendor/gopkg.in/yaml.v2/LICENSE
index a68e67f01b0c..866d74a7ad79 100644
--- a/vendor/gopkg.in/yaml.v2/LICENSE
+++ b/vendor/gopkg.in/yaml.v2/LICENSE
@@ -1,188 +1,13 @@
+Copyright 2011-2016 Canonical Ltd.
 
-Copyright (c) 2011-2014 - Canonical Inc.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
 
-This software is licensed under the LGPLv3, included below.
+    http://www.apache.org/licenses/LICENSE-2.0
 
-As a special exception to the GNU Lesser General Public License version 3
-("LGPL3"), the copyright holders of this Library give you permission to
-convey to a third party a Combined Work that links statically or dynamically
-to this Library without providing any Minimal Corresponding Source or
-Minimal Application Code as set out in 4d or providing the installation
-information set out in section 4e, provided that you comply with the other
-provisions of LGPL3 and provided that you meet, for the Application the
-terms and conditions of the license(s) which apply to the Application.
-
-Except as stated in this special exception, the provisions of LGPL3 will
-continue to comply in full to this Library. If you modify this Library, you
-may apply this exception to your version of this Library, but you are not
-obliged to do so. If you do not wish to do so, delete this exception
-statement from your version. This exception does not (and cannot) modify any
-license terms which apply to the Application, with which you must still
-comply.
-
-
-                   GNU LESSER GENERAL PUBLIC LICENSE
-                       Version 3, 29 June 2007
-
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-
-  This version of the GNU Lesser General Public License incorporates
-the terms and conditions of version 3 of the GNU General Public
-License, supplemented by the additional permissions listed below.
-
-  0. Additional Definitions.
-
-  As used herein, "this License" refers to version 3 of the GNU Lesser
-General Public License, and the "GNU GPL" refers to version 3 of the GNU
-General Public License.
-
-  "The Library" refers to a covered work governed by this License,
-other than an Application or a Combined Work as defined below.
-
-  An "Application" is any work that makes use of an interface provided
-by the Library, but which is not otherwise based on the Library.
-Defining a subclass of a class defined by the Library is deemed a mode
-of using an interface provided by the Library.
-
-  A "Combined Work" is a work produced by combining or linking an
-Application with the Library.  The particular version of the Library
-with which the Combined Work was made is also called the "Linked
-Version".
-
-  The "Minimal Corresponding Source" for a Combined Work means the
-Corresponding Source for the Combined Work, excluding any source code
-for portions of the Combined Work that, considered in isolation, are
-based on the Application, and not on the Linked Version.
-
-  The "Corresponding Application Code" for a Combined Work means the
-object code and/or source code for the Application, including any data
-and utility programs needed for reproducing the Combined Work from the
-Application, but excluding the System Libraries of the Combined Work.
-
-  1. Exception to Section 3 of the GNU GPL.
-
-  You may convey a covered work under sections 3 and 4 of this License
-without being bound by section 3 of the GNU GPL.
-
-  2. Conveying Modified Versions.
-
-  If you modify a copy of the Library, and, in your modifications, a
-facility refers to a function or data to be supplied by an Application
-that uses the facility (other than as an argument passed when the
-facility is invoked), then you may convey a copy of the modified
-version:
-
-   a) under this License, provided that you make a good faith effort to
-   ensure that, in the event an Application does not supply the
-   function or data, the facility still operates, and performs
-   whatever part of its purpose remains meaningful, or
-
-   b) under the GNU GPL, with none of the additional permissions of
-   this License applicable to that copy.
-
-  3. Object Code Incorporating Material from Library Header Files.
-
-  The object code form of an Application may incorporate material from
-a header file that is part of the Library.  You may convey such object
-code under terms of your choice, provided that, if the incorporated
-material is not limited to numerical parameters, data structure
-layouts and accessors, or small macros, inline functions and templates
-(ten or fewer lines in length), you do both of the following:
-
-   a) Give prominent notice with each copy of the object code that the
-   Library is used in it and that the Library and its use are
-   covered by this License.
-
-   b) Accompany the object code with a copy of the GNU GPL and this license
-   document.
-
-  4. Combined Works.
-
-  You may convey a Combined Work under terms of your choice that,
-taken together, effectively do not restrict modification of the
-portions of the Library contained in the Combined Work and reverse
-engineering for debugging such modifications, if you also do each of
-the following:
-
-   a) Give prominent notice with each copy of the Combined Work that
-   the Library is used in it and that the Library and its use are
-   covered by this License.
-
-   b) Accompany the Combined Work with a copy of the GNU GPL and this license
-   document.
-
-   c) For a Combined Work that displays copyright notices during
-   execution, include the copyright notice for the Library among
-   these notices, as well as a reference directing the user to the
-   copies of the GNU GPL and this license document.
-
-   d) Do one of the following:
-
-       0) Convey the Minimal Corresponding Source under the terms of this
-       License, and the Corresponding Application Code in a form
-       suitable for, and under terms that permit, the user to
-       recombine or relink the Application with a modified version of
-       the Linked Version to produce a modified Combined Work, in the
-       manner specified by section 6 of the GNU GPL for conveying
-       Corresponding Source.
-
-       1) Use a suitable shared library mechanism for linking with the
-       Library.  A suitable mechanism is one that (a) uses at run time
-       a copy of the Library already present on the user's computer
-       system, and (b) will operate properly with a modified version
-       of the Library that is interface-compatible with the Linked
-       Version.
-
-   e) Provide Installation Information, but only if you would otherwise
-   be required to provide such information under section 6 of the
-   GNU GPL, and only to the extent that such information is
-   necessary to install and execute a modified version of the
-   Combined Work produced by recombining or relinking the
-   Application with a modified version of the Linked Version. (If
-   you use option 4d0, the Installation Information must accompany
-   the Minimal Corresponding Source and Corresponding Application
-   Code. If you use option 4d1, you must provide the Installation
-   Information in the manner specified by section 6 of the GNU GPL
-   for conveying Corresponding Source.)
-
-  5. Combined Libraries.
-
-  You may place library facilities that are a work based on the
-Library side by side in a single library together with other library
-facilities that are not Applications and are not covered by this
-License, and convey such a combined library under terms of your
-choice, if you do both of the following:
-
-   a) Accompany the combined library with a copy of the same work based
-   on the Library, uncombined with any other library facilities,
-   conveyed under the terms of this License.
-
-   b) Give prominent notice with the combined library that part of it
-   is a work based on the Library, and explaining where to find the
-   accompanying uncombined form of the same work.
-
-  6. Revised Versions of the GNU Lesser General Public License.
-
-  The Free Software Foundation may publish revised and/or new versions
-of the GNU Lesser General Public License from time to time. Such new
-versions will be similar in spirit to the present version, but may
-differ in detail to address new problems or concerns.
-
-  Each version is given a distinguishing version number. If the
-Library as you received it specifies that a certain numbered version
-of the GNU Lesser General Public License "or any later version"
-applies to it, you have the option of following the terms and
-conditions either of that published version or of any later version
-published by the Free Software Foundation. If the Library as you
-received it does not specify a version number of the GNU Lesser
-General Public License, you may choose any version of the GNU Lesser
-General Public License ever published by the Free Software Foundation.
-
-  If the Library as you received it specifies that a proxy can decide
-whether future versions of the GNU Lesser General Public License shall
-apply, that proxy's public statement of acceptance of any version is
-permanent authorization for you to choose that version for the
-Library.
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
diff --git a/vendor/gopkg.in/yaml.v2/README.md b/vendor/gopkg.in/yaml.v2/README.md
index 7b8bd86701e3..7a512d67c2b9 100644
--- a/vendor/gopkg.in/yaml.v2/README.md
+++ b/vendor/gopkg.in/yaml.v2/README.md
@@ -42,12 +42,14 @@ The package API for yaml v2 will remain stable as described in [gopkg.in](https:
 License
 -------
 
-The yaml package is licensed under the LGPL with an exception that allows it to be linked statically. Please see the LICENSE file for details.
+The yaml package is licensed under the Apache License 2.0. Please see the LICENSE file for details.
 
 
 Example
 -------
 
+Some more examples can be found in the "examples" folder.
+
 ```Go
 package main
 
diff --git a/vendor/gopkg.in/yaml.v2/decode.go b/vendor/gopkg.in/yaml.v2/decode.go
index 085cddc44beb..db1f5f20686f 100644
--- a/vendor/gopkg.in/yaml.v2/decode.go
+++ b/vendor/gopkg.in/yaml.v2/decode.go
@@ -120,7 +120,6 @@ func (p *parser) parse() *node {
 	default:
 		panic("attempted to parse unknown event: " + strconv.Itoa(int(p.event.typ)))
 	}
-	panic("unreachable")
 }
 
 func (p *parser) node(kind int) *node {
@@ -191,6 +190,7 @@ type decoder struct {
 	aliases map[string]bool
 	mapType reflect.Type
 	terrors []string
+	strict  bool
 }
 
 var (
@@ -200,8 +200,8 @@ var (
 	ifaceType      = defaultMapType.Elem()
 )
 
-func newDecoder() *decoder {
-	d := &decoder{mapType: defaultMapType}
+func newDecoder(strict bool) *decoder {
+	d := &decoder{mapType: defaultMapType, strict: strict}
 	d.aliases = make(map[string]bool)
 	return d
 }
@@ -251,7 +251,7 @@ func (d *decoder) callUnmarshaler(n *node, u Unmarshaler) (good bool) {
 //
 // If n holds a null value, prepare returns before doing anything.
 func (d *decoder) prepare(n *node, out reflect.Value) (newout reflect.Value, unmarshaled, good bool) {
-	if n.tag == yaml_NULL_TAG || n.kind == scalarNode && n.tag == "" && (n.value == "null" || n.value == "") {
+	if n.tag == yaml_NULL_TAG || n.kind == scalarNode && n.tag == "" && (n.value == "null" || n.value == "" && n.implicit) {
 		return out, false, false
 	}
 	again := true
@@ -640,6 +640,8 @@ func (d *decoder) mappingStruct(n *node, out reflect.Value) (good bool) {
 			value := reflect.New(elemType).Elem()
 			d.unmarshal(n.children[i+1], value)
 			inlineMap.SetMapIndex(name, value)
+		} else if d.strict {
+			d.terrors = append(d.terrors, fmt.Sprintf("line %d: field %s not found in struct %s", n.line+1, name.String(), out.Type()))
 		}
 	}
 	return true
diff --git a/vendor/gopkg.in/yaml.v2/emitterc.go b/vendor/gopkg.in/yaml.v2/emitterc.go
index 2befd553ed02..41de8b856c2f 100644
--- a/vendor/gopkg.in/yaml.v2/emitterc.go
+++ b/vendor/gopkg.in/yaml.v2/emitterc.go
@@ -666,7 +666,6 @@ func yaml_emitter_emit_node(emitter *yaml_emitter_t, event *yaml_event_t,
 		return yaml_emitter_set_emitter_error(emitter,
 			"expected SCALAR, SEQUENCE-START, MAPPING-START, or ALIAS")
 	}
-	return false
 }
 
 // Expect ALIAS.
@@ -995,7 +994,7 @@ func yaml_emitter_analyze_scalar(emitter *yaml_emitter_t, value []byte) bool {
 		break_space    = false
 		space_break    = false
 
-		preceeded_by_whitespace = false
+		preceded_by_whitespace = false
 		followed_by_whitespace  = false
 		previous_space          = false
 		previous_break          = false
@@ -1017,7 +1016,7 @@ func yaml_emitter_analyze_scalar(emitter *yaml_emitter_t, value []byte) bool {
 		flow_indicators = true
 	}
 
-	preceeded_by_whitespace = true
+	preceded_by_whitespace = true
 	for i, w := 0, 0; i < len(value); i += w {
 		w = width(value[i])
 		followed_by_whitespace = i+w >= len(value) || is_blank(value, i+w)
@@ -1048,7 +1047,7 @@ func yaml_emitter_analyze_scalar(emitter *yaml_emitter_t, value []byte) bool {
 					block_indicators = true
 				}
 			case '#':
-				if preceeded_by_whitespace {
+				if preceded_by_whitespace {
 					flow_indicators = true
 					block_indicators = true
 				}
@@ -1089,7 +1088,7 @@ func yaml_emitter_analyze_scalar(emitter *yaml_emitter_t, value []byte) bool {
 		}
 
 		// [Go]: Why 'z'? Couldn't be the end of the string as that's the loop condition.
-		preceeded_by_whitespace = is_blankz(value, i)
+		preceded_by_whitespace = is_blankz(value, i)
 	}
 
 	emitter.scalar_data.multiline = line_breaks
diff --git a/vendor/gopkg.in/yaml.v2/parserc.go b/vendor/gopkg.in/yaml.v2/parserc.go
index 0a7037ad1b2a..81d05dfe573f 100644
--- a/vendor/gopkg.in/yaml.v2/parserc.go
+++ b/vendor/gopkg.in/yaml.v2/parserc.go
@@ -166,7 +166,6 @@ func yaml_parser_state_machine(parser *yaml_parser_t, event *yaml_event_t) bool
 	default:
 		panic("invalid parser state")
 	}
-	return false
 }
 
 // Parse the production:
diff --git a/vendor/gopkg.in/yaml.v2/readerc.go b/vendor/gopkg.in/yaml.v2/readerc.go
index d5fb09727720..f450791717bf 100644
--- a/vendor/gopkg.in/yaml.v2/readerc.go
+++ b/vendor/gopkg.in/yaml.v2/readerc.go
@@ -247,7 +247,7 @@ func yaml_parser_update_buffer(parser *yaml_parser_t, length int) bool {
 				if parser.encoding == yaml_UTF16LE_ENCODING {
 					low, high = 0, 1
 				} else {
-					high, low = 1, 0
+					low, high = 1, 0
 				}
 
 				// The UTF-16 encoding is not as simple as one might
@@ -357,23 +357,26 @@ func yaml_parser_update_buffer(parser *yaml_parser_t, length int) bool {
 			if value <= 0x7F {
 				// 0000 0000-0000 007F . 0xxxxxxx
 				parser.buffer[buffer_len+0] = byte(value)
+				buffer_len += 1
 			} else if value <= 0x7FF {
 				// 0000 0080-0000 07FF . 110xxxxx 10xxxxxx
 				parser.buffer[buffer_len+0] = byte(0xC0 + (value >> 6))
 				parser.buffer[buffer_len+1] = byte(0x80 + (value & 0x3F))
+				buffer_len += 2
 			} else if value <= 0xFFFF {
 				// 0000 0800-0000 FFFF . 1110xxxx 10xxxxxx 10xxxxxx
 				parser.buffer[buffer_len+0] = byte(0xE0 + (value >> 12))
 				parser.buffer[buffer_len+1] = byte(0x80 + ((value >> 6) & 0x3F))
 				parser.buffer[buffer_len+2] = byte(0x80 + (value & 0x3F))
+				buffer_len += 3
 			} else {
 				// 0001 0000-0010 FFFF . 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
 				parser.buffer[buffer_len+0] = byte(0xF0 + (value >> 18))
 				parser.buffer[buffer_len+1] = byte(0x80 + ((value >> 12) & 0x3F))
 				parser.buffer[buffer_len+2] = byte(0x80 + ((value >> 6) & 0x3F))
 				parser.buffer[buffer_len+3] = byte(0x80 + (value & 0x3F))
+				buffer_len += 4
 			}
-			buffer_len += width
 
 			parser.unread++
 		}
diff --git a/vendor/gopkg.in/yaml.v2/resolve.go b/vendor/gopkg.in/yaml.v2/resolve.go
index 93a86327434b..232313cc0845 100644
--- a/vendor/gopkg.in/yaml.v2/resolve.go
+++ b/vendor/gopkg.in/yaml.v2/resolve.go
@@ -3,6 +3,7 @@ package yaml
 import (
 	"encoding/base64"
 	"math"
+	"regexp"
 	"strconv"
 	"strings"
 	"unicode/utf8"
@@ -80,6 +81,8 @@ func resolvableTag(tag string) bool {
 	return false
 }
 
+var yamlStyleFloat = regexp.MustCompile(`^[-+]?[0-9]*\.?[0-9]+([eE][-+][0-9]+)?$`)
+
 func resolve(tag string, in string) (rtag string, out interface{}) {
 	if !resolvableTag(tag) {
 		return tag, in
@@ -135,9 +138,11 @@ func resolve(tag string, in string) (rtag string, out interface{}) {
 			if err == nil {
 				return yaml_INT_TAG, uintv
 			}
-			floatv, err := strconv.ParseFloat(plain, 64)
-			if err == nil {
-				return yaml_FLOAT_TAG, floatv
+			if yamlStyleFloat.MatchString(plain) {
+				floatv, err := strconv.ParseFloat(plain, 64)
+				if err == nil {
+					return yaml_FLOAT_TAG, floatv
+				}
 			}
 			if strings.HasPrefix(plain, "0b") {
 				intv, err := strconv.ParseInt(plain[2:], 2, 64)
diff --git a/vendor/gopkg.in/yaml.v2/scannerc.go b/vendor/gopkg.in/yaml.v2/scannerc.go
index d97d76fa55c4..dd64ee4b9506 100644
--- a/vendor/gopkg.in/yaml.v2/scannerc.go
+++ b/vendor/gopkg.in/yaml.v2/scannerc.go
@@ -9,7 +9,7 @@ import (
 // ************
 //
 // The following notes assume that you are familiar with the YAML specification
-// (http://yaml.org/spec/cvs/current.html).  We mostly follow it, although in
+// (http://yaml.org/spec/1.2/spec.html).  We mostly follow it, although in
 // some cases we are less restrictive that it requires.
 //
 // The process of transforming a YAML stream into a sequence of events is
@@ -611,7 +611,7 @@ func yaml_parser_set_scanner_tag_error(parser *yaml_parser_t, directive bool, co
 	if directive {
 		context = "while parsing a %TAG directive"
 	}
-	return yaml_parser_set_scanner_error(parser, context, context_mark, "did not find URI escaped octet")
+	return yaml_parser_set_scanner_error(parser, context, context_mark, problem)
 }
 
 func trace(args ...interface{}) func() {
@@ -1546,7 +1546,7 @@ func yaml_parser_scan_directive(parser *yaml_parser_t, token *yaml_token_t) bool
 		// Unknown directive.
 	} else {
 		yaml_parser_set_scanner_error(parser, "while scanning a directive",
-			start_mark, "found uknown directive name")
+			start_mark, "found unknown directive name")
 		return false
 	}
 
@@ -1959,11 +1959,12 @@ func yaml_parser_scan_tag_handle(parser *yaml_parser_t, directive bool, start_ma
 func yaml_parser_scan_tag_uri(parser *yaml_parser_t, directive bool, head []byte, start_mark yaml_mark_t, uri *[]byte) bool {
 	//size_t length = head ? strlen((char *)head) : 0
 	var s []byte
+	length := len(head)
 
 	// Copy the head if needed.
 	//
 	// Note that we don't copy the leading '!' character.
-	if len(head) > 1 {
+	if length > 0 {
 		s = append(s, head[1:]...)
 	}
 
@@ -1996,6 +1997,7 @@ func yaml_parser_scan_tag_uri(parser *yaml_parser_t, directive bool, head []byte
 			}
 		} else {
 			s = read(parser, s)
+			length++
 		}
 		if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
 			return false
@@ -2003,7 +2005,7 @@ func yaml_parser_scan_tag_uri(parser *yaml_parser_t, directive bool, head []byte
 	}
 
 	// Check if the tag is non-empty.
-	if len(s) == 0 {
+	if length == 0 {
 		yaml_parser_set_scanner_tag_error(parser, directive,
 			start_mark, "did not find expected tag URI")
 		return false
diff --git a/vendor/gopkg.in/yaml.v2/yaml.go b/vendor/gopkg.in/yaml.v2/yaml.go
index d133edf9d34b..bf18884e0e3a 100644
--- a/vendor/gopkg.in/yaml.v2/yaml.go
+++ b/vendor/gopkg.in/yaml.v2/yaml.go
@@ -77,8 +77,19 @@ type Marshaler interface {
 // supported tag options.
 //
 func Unmarshal(in []byte, out interface{}) (err error) {
+	return unmarshal(in, out, false)
+}
+
+// UnmarshalStrict is like Unmarshal except that any fields that are found
+// in the data that do not have corresponding struct members will result in
+// an error.
+func UnmarshalStrict(in []byte, out interface{}) (err error) {
+	return unmarshal(in, out, true)
+}
+
+func unmarshal(in []byte, out interface{}, strict bool) (err error) {
 	defer handleErr(&err)
-	d := newDecoder()
+	d := newDecoder(strict)
 	p := newParser(in)
 	defer p.destroy()
 	node := p.parse()
@@ -222,7 +233,7 @@ func getStructInfo(st reflect.Type) (*structInfo, error) {
 	inlineMap := -1
 	for i := 0; i != n; i++ {
 		field := st.Field(i)
-		if field.PkgPath != "" {
+		if field.PkgPath != "" && !field.Anonymous {
 			continue // Private field
 		}
 
diff --git a/vendor/gopkg.in/yaml.v2/yamlh.go b/vendor/gopkg.in/yaml.v2/yamlh.go
index d60a6b6b0035..3caeca0491b5 100644
--- a/vendor/gopkg.in/yaml.v2/yamlh.go
+++ b/vendor/gopkg.in/yaml.v2/yamlh.go
@@ -508,7 +508,7 @@ type yaml_parser_t struct {
 
 	problem string // Error description.
 
-	// The byte about which the problem occured.
+	// The byte about which the problem occurred.
 	problem_offset int
 	problem_value  int
 	problem_mark   yaml_mark_t
diff --git a/vendor/k8s.io/api/admission/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/admission/v1beta1/zz_generated.deepcopy.go
index 275a326d2fa5..fc60e1909431 100644
--- a/vendor/k8s.io/api/admission/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/admission/v1beta1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1beta1
 
@@ -124,7 +124,6 @@ func (in *AdmissionReview) DeepCopy() *AdmissionReview {
 func (in *AdmissionReview) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/api/admissionregistration/v1alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/api/admissionregistration/v1alpha1/zz_generated.deepcopy.go
index 667b262ab6db..2ca492946ffe 100644
--- a/vendor/k8s.io/api/admissionregistration/v1alpha1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/admissionregistration/v1alpha1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1alpha1
 
@@ -76,9 +76,8 @@ func (in *InitializerConfiguration) DeepCopy() *InitializerConfiguration {
 func (in *InitializerConfiguration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -110,9 +109,8 @@ func (in *InitializerConfigurationList) DeepCopy() *InitializerConfigurationList
 func (in *InitializerConfigurationList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/api/admissionregistration/v1beta1/generated.proto b/vendor/k8s.io/api/admissionregistration/v1beta1/generated.proto
index 8dcde259c402..3d6cbc1e6179 100644
--- a/vendor/k8s.io/api/admissionregistration/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/admissionregistration/v1beta1/generated.proto
@@ -155,6 +155,10 @@ message Webhook {
 
   // Rules describes what operations on what resources/subresources the webhook cares about.
   // The webhook cares about an operation if it matches _any_ Rule.
+  // However, in order to prevent ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks
+  // from putting the cluster in a state which cannot be recovered from without completely
+  // disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called
+  // on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.
   repeated RuleWithOperations rules = 3;
 
   // FailurePolicy defines how unrecognized errors from the admission endpoint are handled -
diff --git a/vendor/k8s.io/api/admissionregistration/v1beta1/types.go b/vendor/k8s.io/api/admissionregistration/v1beta1/types.go
index aead73a5b5b9..9a4a1ddb4f29 100644
--- a/vendor/k8s.io/api/admissionregistration/v1beta1/types.go
+++ b/vendor/k8s.io/api/admissionregistration/v1beta1/types.go
@@ -54,11 +54,9 @@ type Rule struct {
 type FailurePolicyType string
 
 const (
-	// Ignore means the initializer is removed from the initializers list of an
-	// object if the initializer is timed out.
+	// Ignore means that an error calling the webhook is ignored.
 	Ignore FailurePolicyType = "Ignore"
-	// For 1.7, only "Ignore" is allowed. "Fail" will be allowed when the
-	// extensible admission feature is beta.
+	// Fail means that an error calling the webhook causes the admission to fail.
 	Fail FailurePolicyType = "Fail"
 )
 
@@ -137,6 +135,10 @@ type Webhook struct {
 
 	// Rules describes what operations on what resources/subresources the webhook cares about.
 	// The webhook cares about an operation if it matches _any_ Rule.
+	// However, in order to prevent ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks
+	// from putting the cluster in a state which cannot be recovered from without completely
+	// disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called
+	// on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.
 	Rules []RuleWithOperations `json:"rules,omitempty" protobuf:"bytes,3,rep,name=rules"`
 
 	// FailurePolicy defines how unrecognized errors from the admission endpoint are handled -
diff --git a/vendor/k8s.io/api/admissionregistration/v1beta1/types_swagger_doc_generated.go b/vendor/k8s.io/api/admissionregistration/v1beta1/types_swagger_doc_generated.go
index 6dd18e973d6f..b32051424b9c 100644
--- a/vendor/k8s.io/api/admissionregistration/v1beta1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/admissionregistration/v1beta1/types_swagger_doc_generated.go
@@ -102,7 +102,7 @@ var map_Webhook = map[string]string{
 	"":                  "Webhook describes an admission webhook and the resources and operations it applies to.",
 	"name":              "The name of the admission webhook. Name should be fully qualified, e.g., imagepolicy.kubernetes.io, where \"imagepolicy\" is the name of the webhook, and kubernetes.io is the name of the organization. Required.",
 	"clientConfig":      "ClientConfig defines how to communicate with the hook. Required",
-	"rules":             "Rules describes what operations on what resources/subresources the webhook cares about. The webhook cares about an operation if it matches _any_ Rule.",
+	"rules":             "Rules describes what operations on what resources/subresources the webhook cares about. The webhook cares about an operation if it matches _any_ Rule. However, in order to prevent ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks from putting the cluster in a state which cannot be recovered from without completely disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.",
 	"failurePolicy":     "FailurePolicy defines how unrecognized errors from the admission endpoint are handled - allowed values are Ignore or Fail. Defaults to Ignore.",
 	"namespaceSelector": "NamespaceSelector decides whether to run the webhook on an object based on whether the namespace for that object matches the selector. If the object itself is a namespace, the matching is performed on object.metadata.labels. If the object is another cluster scoped resource, it never skips the webhook.\n\nFor example, to run the webhook on any objects whose namespace is not associated with \"runlevel\" of \"0\" or \"1\";  you will set the selector as follows: \"namespaceSelector\": {\n  \"matchExpressions\": [\n    {\n      \"key\": \"runlevel\",\n      \"operator\": \"NotIn\",\n      \"values\": [\n        \"0\",\n        \"1\"\n      ]\n    }\n  ]\n}\n\nIf instead you want to only run the webhook on any objects whose namespace is associated with the \"environment\" of \"prod\" or \"staging\"; you will set the selector as follows: \"namespaceSelector\": {\n  \"matchExpressions\": [\n    {\n      \"key\": \"environment\",\n      \"operator\": \"In\",\n      \"values\": [\n        \"prod\",\n        \"staging\"\n      ]\n    }\n  ]\n}\n\nSee https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ for more examples of label selectors.\n\nDefault to the empty LabelSelector, which matches everything.",
 }
diff --git a/vendor/k8s.io/api/admissionregistration/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/admissionregistration/v1beta1/zz_generated.deepcopy.go
index fb0cf9c477f6..d8345d209f52 100644
--- a/vendor/k8s.io/api/admissionregistration/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/admissionregistration/v1beta1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1beta1
 
@@ -54,9 +54,8 @@ func (in *MutatingWebhookConfiguration) DeepCopy() *MutatingWebhookConfiguration
 func (in *MutatingWebhookConfiguration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -88,9 +87,8 @@ func (in *MutatingWebhookConfigurationList) DeepCopy() *MutatingWebhookConfigura
 func (in *MutatingWebhookConfigurationList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -200,9 +198,8 @@ func (in *ValidatingWebhookConfiguration) DeepCopy() *ValidatingWebhookConfigura
 func (in *ValidatingWebhookConfiguration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -234,9 +231,8 @@ func (in *ValidatingWebhookConfigurationList) DeepCopy() *ValidatingWebhookConfi
 func (in *ValidatingWebhookConfigurationList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/api/apps/v1/generated.proto b/vendor/k8s.io/api/apps/v1/generated.proto
index 184c868e3897..46473baa821d 100644
--- a/vendor/k8s.io/api/apps/v1/generated.proto
+++ b/vendor/k8s.io/api/apps/v1/generated.proto
@@ -519,7 +519,7 @@ message RollingUpdateDeployment {
   // the rolling update starts, such that the total number of old and new pods do not exceed
   // 130% of desired pods. Once old pods have been killed,
   // new RC can be scaled up further, ensuring that total number of pods running
-  // at any time during the update is atmost 130% of desired pods.
+  // at any time during the update is at most 130% of desired pods.
   // +optional
   optional k8s.io.apimachinery.pkg.util.intstr.IntOrString maxSurge = 2;
 }
diff --git a/vendor/k8s.io/api/apps/v1/types.go b/vendor/k8s.io/api/apps/v1/types.go
index f32300fe99f6..b5df22c6fd43 100644
--- a/vendor/k8s.io/api/apps/v1/types.go
+++ b/vendor/k8s.io/api/apps/v1/types.go
@@ -362,7 +362,7 @@ type RollingUpdateDeployment struct {
 	// the rolling update starts, such that the total number of old and new pods do not exceed
 	// 130% of desired pods. Once old pods have been killed,
 	// new RC can be scaled up further, ensuring that total number of pods running
-	// at any time during the update is atmost 130% of desired pods.
+	// at any time during the update is at most 130% of desired pods.
 	// +optional
 	MaxSurge *intstr.IntOrString `json:"maxSurge,omitempty" protobuf:"bytes,2,opt,name=maxSurge"`
 }
diff --git a/vendor/k8s.io/api/apps/v1/types_swagger_doc_generated.go b/vendor/k8s.io/api/apps/v1/types_swagger_doc_generated.go
index 76305393e213..4dec6f2f89ec 100644
--- a/vendor/k8s.io/api/apps/v1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/apps/v1/types_swagger_doc_generated.go
@@ -272,7 +272,7 @@ func (RollingUpdateDaemonSet) SwaggerDoc() map[string]string {
 var map_RollingUpdateDeployment = map[string]string{
 	"":               "Spec to control the desired behavior of rolling update.",
 	"maxUnavailable": "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old RC can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old RC can be scaled down further, followed by scaling up the new RC, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods.",
-	"maxSurge":       "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new RC can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new RC can be scaled up further, ensuring that total number of pods running at any time during the update is atmost 130% of desired pods.",
+	"maxSurge":       "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new RC can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new RC can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods.",
 }
 
 func (RollingUpdateDeployment) SwaggerDoc() map[string]string {
diff --git a/vendor/k8s.io/api/apps/v1/zz_generated.deepcopy.go b/vendor/k8s.io/api/apps/v1/zz_generated.deepcopy.go
index 9419e8e72eb4..62984cb89cde 100644
--- a/vendor/k8s.io/api/apps/v1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/apps/v1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1
 
@@ -50,9 +50,8 @@ func (in *ControllerRevision) DeepCopy() *ControllerRevision {
 func (in *ControllerRevision) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -84,9 +83,8 @@ func (in *ControllerRevisionList) DeepCopy() *ControllerRevisionList {
 func (in *ControllerRevisionList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -113,9 +111,8 @@ func (in *DaemonSet) DeepCopy() *DaemonSet {
 func (in *DaemonSet) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -164,9 +161,8 @@ func (in *DaemonSetList) DeepCopy() *DaemonSetList {
 func (in *DaemonSetList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -286,9 +282,8 @@ func (in *Deployment) DeepCopy() *Deployment {
 func (in *Deployment) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -338,9 +333,8 @@ func (in *DeploymentList) DeepCopy() *DeploymentList {
 func (in *DeploymentList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -478,9 +472,8 @@ func (in *ReplicaSet) DeepCopy() *ReplicaSet {
 func (in *ReplicaSet) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -529,9 +522,8 @@ func (in *ReplicaSetList) DeepCopy() *ReplicaSetList {
 func (in *ReplicaSetList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -700,9 +692,8 @@ func (in *StatefulSet) DeepCopy() *StatefulSet {
 func (in *StatefulSet) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -751,9 +742,8 @@ func (in *StatefulSetList) DeepCopy() *StatefulSetList {
 func (in *StatefulSetList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/api/apps/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/apps/v1beta1/zz_generated.deepcopy.go
index d83e9d6fe5ab..b06032e1eca9 100644
--- a/vendor/k8s.io/api/apps/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/apps/v1beta1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1beta1
 
@@ -50,9 +50,8 @@ func (in *ControllerRevision) DeepCopy() *ControllerRevision {
 func (in *ControllerRevision) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -84,9 +83,8 @@ func (in *ControllerRevisionList) DeepCopy() *ControllerRevisionList {
 func (in *ControllerRevisionList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -113,9 +111,8 @@ func (in *Deployment) DeepCopy() *Deployment {
 func (in *Deployment) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -165,9 +162,8 @@ func (in *DeploymentList) DeepCopy() *DeploymentList {
 func (in *DeploymentList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -199,9 +195,8 @@ func (in *DeploymentRollback) DeepCopy() *DeploymentRollback {
 func (in *DeploymentRollback) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -423,9 +418,8 @@ func (in *Scale) DeepCopy() *Scale {
 func (in *Scale) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -491,9 +485,8 @@ func (in *StatefulSet) DeepCopy() *StatefulSet {
 func (in *StatefulSet) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -542,9 +535,8 @@ func (in *StatefulSetList) DeepCopy() *StatefulSetList {
 func (in *StatefulSetList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/api/apps/v1beta2/zz_generated.deepcopy.go b/vendor/k8s.io/api/apps/v1beta2/zz_generated.deepcopy.go
index f2d847ed597f..3db38527d477 100644
--- a/vendor/k8s.io/api/apps/v1beta2/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/apps/v1beta2/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1beta2
 
@@ -50,9 +50,8 @@ func (in *ControllerRevision) DeepCopy() *ControllerRevision {
 func (in *ControllerRevision) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -84,9 +83,8 @@ func (in *ControllerRevisionList) DeepCopy() *ControllerRevisionList {
 func (in *ControllerRevisionList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -113,9 +111,8 @@ func (in *DaemonSet) DeepCopy() *DaemonSet {
 func (in *DaemonSet) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -164,9 +161,8 @@ func (in *DaemonSetList) DeepCopy() *DaemonSetList {
 func (in *DaemonSetList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -286,9 +282,8 @@ func (in *Deployment) DeepCopy() *Deployment {
 func (in *Deployment) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -338,9 +333,8 @@ func (in *DeploymentList) DeepCopy() *DeploymentList {
 func (in *DeploymentList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -478,9 +472,8 @@ func (in *ReplicaSet) DeepCopy() *ReplicaSet {
 func (in *ReplicaSet) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -529,9 +522,8 @@ func (in *ReplicaSetList) DeepCopy() *ReplicaSetList {
 func (in *ReplicaSetList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -700,9 +692,8 @@ func (in *Scale) DeepCopy() *Scale {
 func (in *Scale) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -768,9 +759,8 @@ func (in *StatefulSet) DeepCopy() *StatefulSet {
 func (in *StatefulSet) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -819,9 +809,8 @@ func (in *StatefulSetList) DeepCopy() *StatefulSetList {
 func (in *StatefulSetList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/api/authentication/v1/BUILD b/vendor/k8s.io/api/authentication/v1/BUILD
index f2e2b1a989c1..26e557e469fd 100644
--- a/vendor/k8s.io/api/authentication/v1/BUILD
+++ b/vendor/k8s.io/api/authentication/v1/BUILD
@@ -22,6 +22,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/api/authentication/v1/generated.pb.go b/vendor/k8s.io/api/authentication/v1/generated.pb.go
index 2e66666eb019..d090ce579b67 100644
--- a/vendor/k8s.io/api/authentication/v1/generated.pb.go
+++ b/vendor/k8s.io/api/authentication/v1/generated.pb.go
@@ -25,7 +25,11 @@ limitations under the License.
 		k8s.io/kubernetes/vendor/k8s.io/api/authentication/v1/generated.proto
 
 	It has these top-level messages:
+		BoundObjectReference
 		ExtraValue
+		TokenRequest
+		TokenRequestSpec
+		TokenRequestStatus
 		TokenReview
 		TokenReviewSpec
 		TokenReviewStatus
@@ -37,6 +41,8 @@ import proto "github.com/gogo/protobuf/proto"
 import fmt "fmt"
 import math "math"
 
+import k8s_io_apimachinery_pkg_types "k8s.io/apimachinery/pkg/types"
+
 import github_com_gogo_protobuf_sortkeys "github.com/gogo/protobuf/sortkeys"
 
 import strings "strings"
@@ -55,33 +61,87 @@ var _ = math.Inf
 // proto package needs to be updated.
 const _ = proto.GoGoProtoPackageIsVersion2 // please upgrade the proto package
 
+func (m *BoundObjectReference) Reset()                    { *m = BoundObjectReference{} }
+func (*BoundObjectReference) ProtoMessage()               {}
+func (*BoundObjectReference) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{0} }
+
 func (m *ExtraValue) Reset()                    { *m = ExtraValue{} }
 func (*ExtraValue) ProtoMessage()               {}
-func (*ExtraValue) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{0} }
+func (*ExtraValue) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{1} }
+
+func (m *TokenRequest) Reset()                    { *m = TokenRequest{} }
+func (*TokenRequest) ProtoMessage()               {}
+func (*TokenRequest) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{2} }
+
+func (m *TokenRequestSpec) Reset()                    { *m = TokenRequestSpec{} }
+func (*TokenRequestSpec) ProtoMessage()               {}
+func (*TokenRequestSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{3} }
+
+func (m *TokenRequestStatus) Reset()                    { *m = TokenRequestStatus{} }
+func (*TokenRequestStatus) ProtoMessage()               {}
+func (*TokenRequestStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{4} }
 
 func (m *TokenReview) Reset()                    { *m = TokenReview{} }
 func (*TokenReview) ProtoMessage()               {}
-func (*TokenReview) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{1} }
+func (*TokenReview) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{5} }
 
 func (m *TokenReviewSpec) Reset()                    { *m = TokenReviewSpec{} }
 func (*TokenReviewSpec) ProtoMessage()               {}
-func (*TokenReviewSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{2} }
+func (*TokenReviewSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{6} }
 
 func (m *TokenReviewStatus) Reset()                    { *m = TokenReviewStatus{} }
 func (*TokenReviewStatus) ProtoMessage()               {}
-func (*TokenReviewStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{3} }
+func (*TokenReviewStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{7} }
 
 func (m *UserInfo) Reset()                    { *m = UserInfo{} }
 func (*UserInfo) ProtoMessage()               {}
-func (*UserInfo) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{4} }
+func (*UserInfo) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{8} }
 
 func init() {
+	proto.RegisterType((*BoundObjectReference)(nil), "k8s.io.api.authentication.v1.BoundObjectReference")
 	proto.RegisterType((*ExtraValue)(nil), "k8s.io.api.authentication.v1.ExtraValue")
+	proto.RegisterType((*TokenRequest)(nil), "k8s.io.api.authentication.v1.TokenRequest")
+	proto.RegisterType((*TokenRequestSpec)(nil), "k8s.io.api.authentication.v1.TokenRequestSpec")
+	proto.RegisterType((*TokenRequestStatus)(nil), "k8s.io.api.authentication.v1.TokenRequestStatus")
 	proto.RegisterType((*TokenReview)(nil), "k8s.io.api.authentication.v1.TokenReview")
 	proto.RegisterType((*TokenReviewSpec)(nil), "k8s.io.api.authentication.v1.TokenReviewSpec")
 	proto.RegisterType((*TokenReviewStatus)(nil), "k8s.io.api.authentication.v1.TokenReviewStatus")
 	proto.RegisterType((*UserInfo)(nil), "k8s.io.api.authentication.v1.UserInfo")
 }
+func (m *BoundObjectReference) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *BoundObjectReference) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Kind)))
+	i += copy(dAtA[i:], m.Kind)
+	dAtA[i] = 0x12
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.APIVersion)))
+	i += copy(dAtA[i:], m.APIVersion)
+	dAtA[i] = 0x1a
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
+	i += copy(dAtA[i:], m.Name)
+	dAtA[i] = 0x22
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.UID)))
+	i += copy(dAtA[i:], m.UID)
+	return i, nil
+}
+
 func (m ExtraValue) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -115,7 +175,7 @@ func (m ExtraValue) MarshalTo(dAtA []byte) (int, error) {
 	return i, nil
 }
 
-func (m *TokenReview) Marshal() (dAtA []byte, err error) {
+func (m *TokenRequest) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalTo(dAtA)
@@ -125,7 +185,7 @@ func (m *TokenReview) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *TokenReview) MarshalTo(dAtA []byte) (int, error) {
+func (m *TokenRequest) MarshalTo(dAtA []byte) (int, error) {
 	var i int
 	_ = i
 	var l int
@@ -157,6 +217,126 @@ func (m *TokenReview) MarshalTo(dAtA []byte) (int, error) {
 	return i, nil
 }
 
+func (m *TokenRequestSpec) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *TokenRequestSpec) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if len(m.Audiences) > 0 {
+		for _, s := range m.Audiences {
+			dAtA[i] = 0xa
+			i++
+			l = len(s)
+			for l >= 1<<7 {
+				dAtA[i] = uint8(uint64(l)&0x7f | 0x80)
+				l >>= 7
+				i++
+			}
+			dAtA[i] = uint8(l)
+			i++
+			i += copy(dAtA[i:], s)
+		}
+	}
+	if m.BoundObjectRef != nil {
+		dAtA[i] = 0x1a
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.BoundObjectRef.Size()))
+		n4, err := m.BoundObjectRef.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n4
+	}
+	if m.ExpirationSeconds != nil {
+		dAtA[i] = 0x20
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.ExpirationSeconds))
+	}
+	return i, nil
+}
+
+func (m *TokenRequestStatus) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *TokenRequestStatus) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Token)))
+	i += copy(dAtA[i:], m.Token)
+	dAtA[i] = 0x12
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.ExpirationTimestamp.Size()))
+	n5, err := m.ExpirationTimestamp.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n5
+	return i, nil
+}
+
+func (m *TokenReview) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *TokenReview) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
+	n6, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n6
+	dAtA[i] = 0x12
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size()))
+	n7, err := m.Spec.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n7
+	dAtA[i] = 0x1a
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Status.Size()))
+	n8, err := m.Status.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n8
+	return i, nil
+}
+
 func (m *TokenReviewSpec) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -205,11 +385,11 @@ func (m *TokenReviewStatus) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.User.Size()))
-	n4, err := m.User.MarshalTo(dAtA[i:])
+	n9, err := m.User.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n4
+	i += n9
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Error)))
@@ -279,11 +459,11 @@ func (m *UserInfo) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n5, err := (&v).MarshalTo(dAtA[i:])
+			n10, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n5
+			i += n10
 		}
 	}
 	return i, nil
@@ -316,6 +496,20 @@ func encodeVarintGenerated(dAtA []byte, offset int, v uint64) int {
 	dAtA[offset] = uint8(v)
 	return offset + 1
 }
+func (m *BoundObjectReference) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.Kind)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.APIVersion)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Name)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.UID)
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
 func (m ExtraValue) Size() (n int) {
 	var l int
 	_ = l
@@ -328,6 +522,47 @@ func (m ExtraValue) Size() (n int) {
 	return n
 }
 
+func (m *TokenRequest) Size() (n int) {
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Spec.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Status.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *TokenRequestSpec) Size() (n int) {
+	var l int
+	_ = l
+	if len(m.Audiences) > 0 {
+		for _, s := range m.Audiences {
+			l = len(s)
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if m.BoundObjectRef != nil {
+		l = m.BoundObjectRef.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.ExpirationSeconds != nil {
+		n += 1 + sovGenerated(uint64(*m.ExpirationSeconds))
+	}
+	return n
+}
+
+func (m *TokenRequestStatus) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.Token)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.ExpirationTimestamp.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
 func (m *TokenReview) Size() (n int) {
 	var l int
 	_ = l
@@ -397,6 +632,54 @@ func sovGenerated(x uint64) (n int) {
 func sozGenerated(x uint64) (n int) {
 	return sovGenerated(uint64((x << 1) ^ uint64((int64(x) >> 63))))
 }
+func (this *BoundObjectReference) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&BoundObjectReference{`,
+		`Kind:` + fmt.Sprintf("%v", this.Kind) + `,`,
+		`APIVersion:` + fmt.Sprintf("%v", this.APIVersion) + `,`,
+		`Name:` + fmt.Sprintf("%v", this.Name) + `,`,
+		`UID:` + fmt.Sprintf("%v", this.UID) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *TokenRequest) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&TokenRequest{`,
+		`ObjectMeta:` + strings.Replace(strings.Replace(this.ObjectMeta.String(), "ObjectMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
+		`Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "TokenRequestSpec", "TokenRequestSpec", 1), `&`, ``, 1) + `,`,
+		`Status:` + strings.Replace(strings.Replace(this.Status.String(), "TokenRequestStatus", "TokenRequestStatus", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *TokenRequestSpec) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&TokenRequestSpec{`,
+		`Audiences:` + fmt.Sprintf("%v", this.Audiences) + `,`,
+		`BoundObjectRef:` + strings.Replace(fmt.Sprintf("%v", this.BoundObjectRef), "BoundObjectReference", "BoundObjectReference", 1) + `,`,
+		`ExpirationSeconds:` + valueToStringGenerated(this.ExpirationSeconds) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *TokenRequestStatus) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&TokenRequestStatus{`,
+		`Token:` + fmt.Sprintf("%v", this.Token) + `,`,
+		`ExpirationTimestamp:` + strings.Replace(strings.Replace(this.ExpirationTimestamp.String(), "Time", "k8s_io_apimachinery_pkg_apis_meta_v1.Time", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *TokenReview) String() string {
 	if this == nil {
 		return "nil"
@@ -462,7 +745,7 @@ func valueToStringGenerated(v interface{}) string {
 	pv := reflect.Indirect(rv).Interface()
 	return fmt.Sprintf("*%v", pv)
 }
-func (m *ExtraValue) Unmarshal(dAtA []byte) error {
+func (m *BoundObjectReference) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -485,15 +768,15 @@ func (m *ExtraValue) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: ExtraValue: wiretype end group for non-group")
+			return fmt.Errorf("proto: BoundObjectReference: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: ExtraValue: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: BoundObjectReference: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Kind", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -518,7 +801,554 @@ func (m *ExtraValue) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			*m = append(*m, string(dAtA[iNdEx:postIndex]))
+			m.Kind = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field APIVersion", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.APIVersion = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field UID", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.UID = k8s_io_apimachinery_pkg_types.UID(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ExtraValue) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ExtraValue: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ExtraValue: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			*m = append(*m, string(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *TokenRequest) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: TokenRequest: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: TokenRequest: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Status.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *TokenRequestSpec) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: TokenRequestSpec: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: TokenRequestSpec: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Audiences", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Audiences = append(m.Audiences, string(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field BoundObjectRef", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.BoundObjectRef == nil {
+				m.BoundObjectRef = &BoundObjectReference{}
+			}
+			if err := m.BoundObjectRef.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 4:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ExpirationSeconds", wireType)
+			}
+			var v int64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.ExpirationSeconds = &v
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *TokenRequestStatus) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: TokenRequestStatus: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: TokenRequestStatus: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Token", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Token = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ExpirationTimestamp", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ExpirationTimestamp.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -1257,46 +2087,62 @@ func init() {
 }
 
 var fileDescriptorGenerated = []byte{
-	// 642 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x8c, 0x53, 0x4d, 0x6f, 0xd3, 0x40,
-	0x10, 0xb5, 0xf3, 0x51, 0x25, 0x1b, 0x0a, 0x65, 0x25, 0xa4, 0x28, 0x02, 0x27, 0x0a, 0x12, 0xca,
-	0x81, 0xae, 0x49, 0x41, 0xa5, 0x2a, 0x12, 0x12, 0x16, 0x11, 0xf4, 0x80, 0x2a, 0x2d, 0xb4, 0x48,
-	0x9c, 0xd8, 0x38, 0x53, 0xc7, 0xa4, 0xfe, 0xd0, 0x7a, 0x6d, 0xe8, 0xad, 0x3f, 0x81, 0x23, 0xdc,
-	0xf8, 0x17, 0x1c, 0xb9, 0xf6, 0xd8, 0x63, 0x0f, 0xa8, 0xa2, 0xe6, 0x8f, 0xa0, 0x5d, 0x2f, 0x4d,
-	0xda, 0xd2, 0xd0, 0x9b, 0xf7, 0xcd, 0x7b, 0x6f, 0x67, 0x9e, 0x77, 0xd0, 0x60, 0xb2, 0x96, 0x10,
-	0x3f, 0xb2, 0x27, 0xe9, 0x10, 0x78, 0x08, 0x02, 0x12, 0x3b, 0x83, 0x70, 0x14, 0x71, 0x5b, 0x17,
-	0x58, 0xec, 0xdb, 0x2c, 0x15, 0x63, 0x08, 0x85, 0xef, 0x32, 0xe1, 0x47, 0xa1, 0x9d, 0xf5, 0x6d,
-	0x0f, 0x42, 0xe0, 0x4c, 0xc0, 0x88, 0xc4, 0x3c, 0x12, 0x11, 0xbe, 0x5d, 0xb0, 0x09, 0x8b, 0x7d,
-	0x72, 0x96, 0x4d, 0xb2, 0x7e, 0x6b, 0xd9, 0xf3, 0xc5, 0x38, 0x1d, 0x12, 0x37, 0x0a, 0x6c, 0x2f,
-	0xf2, 0x22, 0x5b, 0x89, 0x86, 0xe9, 0x8e, 0x3a, 0xa9, 0x83, 0xfa, 0x2a, 0xcc, 0x5a, 0x8f, 0xa6,
-	0x57, 0x07, 0xcc, 0x1d, 0xfb, 0x21, 0xf0, 0x3d, 0x3b, 0x9e, 0x78, 0x12, 0x48, 0xec, 0x00, 0x04,
-	0xfb, 0x47, 0x0b, 0x2d, 0xfb, 0x32, 0x15, 0x4f, 0x43, 0xe1, 0x07, 0x70, 0x41, 0xb0, 0xfa, 0x3f,
-	0x41, 0xe2, 0x8e, 0x21, 0x60, 0x17, 0x74, 0x0f, 0x2f, 0xd3, 0xa5, 0xc2, 0xdf, 0xb5, 0xfd, 0x50,
-	0x24, 0x82, 0x9f, 0x17, 0x75, 0x1f, 0x23, 0x34, 0xf8, 0x24, 0x38, 0xdb, 0x66, 0xbb, 0x29, 0xe0,
-	0x36, 0xaa, 0xfa, 0x02, 0x82, 0xa4, 0x69, 0x76, 0xca, 0xbd, 0xba, 0x53, 0xcf, 0x8f, 0xdb, 0xd5,
-	0x0d, 0x09, 0xd0, 0x02, 0x5f, 0xaf, 0x7d, 0xf9, 0xd6, 0x36, 0xf6, 0x7f, 0x76, 0x8c, 0xee, 0xd7,
-	0x12, 0x6a, 0xbc, 0x89, 0x26, 0x10, 0x52, 0xc8, 0x7c, 0xf8, 0x88, 0xdf, 0xa3, 0x9a, 0x4c, 0x60,
-	0xc4, 0x04, 0x6b, 0x9a, 0x1d, 0xb3, 0xd7, 0x58, 0x79, 0x40, 0xa6, 0xe1, 0x9f, 0x36, 0x44, 0xe2,
-	0x89, 0x27, 0x81, 0x84, 0x48, 0x36, 0xc9, 0xfa, 0x64, 0x73, 0xf8, 0x01, 0x5c, 0xf1, 0x0a, 0x04,
-	0x73, 0xf0, 0xc1, 0x71, 0xdb, 0xc8, 0x8f, 0xdb, 0x68, 0x8a, 0xd1, 0x53, 0x57, 0xbc, 0x89, 0x2a,
-	0x49, 0x0c, 0x6e, 0xb3, 0xa4, 0xdc, 0x97, 0xc9, 0xbc, 0x5f, 0x4b, 0x66, 0x5a, 0x7b, 0x1d, 0x83,
-	0xeb, 0x5c, 0xd3, 0xd6, 0x15, 0x79, 0xa2, 0xca, 0x08, 0xbf, 0x45, 0x0b, 0x89, 0x60, 0x22, 0x4d,
-	0x9a, 0x65, 0x65, 0x69, 0x5f, 0xdd, 0x52, 0xc9, 0x9c, 0xeb, 0xda, 0x74, 0xa1, 0x38, 0x53, 0x6d,
-	0xd7, 0x5d, 0x45, 0x37, 0xce, 0xdd, 0x8f, 0xef, 0xa2, 0xaa, 0x90, 0x90, 0xca, 0xa6, 0xee, 0x2c,
-	0x6a, 0x65, 0xb5, 0xe0, 0x15, 0xb5, 0xee, 0x0f, 0x13, 0xdd, 0xbc, 0x70, 0x0b, 0x7e, 0x82, 0x16,
-	0x67, 0x9a, 0x81, 0x91, 0xb2, 0xa8, 0x39, 0xb7, 0xb4, 0xc5, 0xe2, 0xb3, 0xd9, 0x22, 0x3d, 0xcb,
-	0xc5, 0x2f, 0x51, 0x25, 0x4d, 0x80, 0xeb, 0xd0, 0xee, 0xcd, 0x9f, 0x70, 0x2b, 0x01, 0xbe, 0x11,
-	0xee, 0x44, 0xd3, 0xb4, 0x24, 0x42, 0x95, 0x83, 0x9c, 0x00, 0x38, 0x8f, 0xb8, 0x0a, 0x6b, 0x66,
-	0x82, 0x81, 0x04, 0x69, 0x51, 0xeb, 0x7e, 0x2f, 0xa1, 0xda, 0x5f, 0x17, 0x7c, 0x1f, 0xd5, 0xa4,
-	0x32, 0x64, 0x01, 0xe8, 0xb1, 0x97, 0xb4, 0x48, 0x71, 0x24, 0x4e, 0x4f, 0x19, 0xf8, 0x0e, 0x2a,
-	0xa7, 0xfe, 0x48, 0x35, 0x5a, 0x77, 0x1a, 0x9a, 0x58, 0xde, 0xda, 0x78, 0x4e, 0x25, 0x8e, 0xbb,
-	0x68, 0xc1, 0xe3, 0x51, 0x1a, 0xcb, 0x9f, 0x25, 0xdf, 0x26, 0x92, 0xb9, 0xbf, 0x50, 0x08, 0xd5,
-	0x15, 0xbc, 0x8d, 0xaa, 0x20, 0x1f, 0x73, 0xb3, 0xd2, 0x29, 0xf7, 0x1a, 0x2b, 0xfd, 0xab, 0x4d,
-	0x4b, 0xd4, 0x02, 0x0c, 0x42, 0xc1, 0xf7, 0x66, 0xa6, 0x92, 0x18, 0x2d, 0xec, 0x5a, 0x43, 0xbd,
-	0x24, 0x8a, 0x83, 0x97, 0x50, 0x79, 0x02, 0x7b, 0xc5, 0x44, 0x54, 0x7e, 0xe2, 0xa7, 0xa8, 0x9a,
-	0xc9, 0xfd, 0xd1, 0x29, 0xf7, 0xe6, 0xdf, 0x3b, 0xdd, 0x37, 0x5a, 0xc8, 0xd6, 0x4b, 0x6b, 0xa6,
-	0xd3, 0x3b, 0x38, 0xb1, 0x8c, 0xc3, 0x13, 0xcb, 0x38, 0x3a, 0xb1, 0x8c, 0xfd, 0xdc, 0x32, 0x0f,
-	0x72, 0xcb, 0x3c, 0xcc, 0x2d, 0xf3, 0x28, 0xb7, 0xcc, 0x5f, 0xb9, 0x65, 0x7e, 0xfe, 0x6d, 0x19,
-	0xef, 0x4a, 0x59, 0xff, 0x4f, 0x00, 0x00, 0x00, 0xff, 0xff, 0xeb, 0x3a, 0x3c, 0x31, 0x1b, 0x05,
-	0x00, 0x00,
+	// 905 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x55, 0xcf, 0x6f, 0x1b, 0x45,
+	0x14, 0xf6, 0xfa, 0x47, 0x64, 0x8f, 0x9b, 0x90, 0x4c, 0xa9, 0x64, 0x05, 0xb0, 0x8d, 0x91, 0x90,
+	0x05, 0x74, 0xb7, 0x36, 0xa8, 0x54, 0x45, 0x42, 0xca, 0x12, 0x0b, 0x2c, 0x04, 0xad, 0xa6, 0x4d,
+	0x40, 0x9c, 0x18, 0xdb, 0x2f, 0xce, 0xe0, 0xee, 0xec, 0x32, 0x3b, 0x6b, 0xea, 0x5b, 0xff, 0x04,
+	0x8e, 0x20, 0x71, 0xe0, 0x8f, 0x40, 0xe2, 0xc8, 0x35, 0xc7, 0x8a, 0x53, 0x0f, 0xc8, 0x22, 0xcb,
+	0xbf, 0xc0, 0x89, 0x13, 0x9a, 0xd9, 0x89, 0xd7, 0x3f, 0x12, 0xc7, 0xa7, 0xde, 0x3c, 0xef, 0x7d,
+	0xef, 0x9b, 0xf7, 0xbe, 0xf9, 0xfc, 0x16, 0x75, 0x46, 0xf7, 0x42, 0x9b, 0xf9, 0xce, 0x28, 0xea,
+	0x81, 0xe0, 0x20, 0x21, 0x74, 0xc6, 0xc0, 0x07, 0xbe, 0x70, 0x4c, 0x82, 0x06, 0xcc, 0xa1, 0x91,
+	0x3c, 0x05, 0x2e, 0x59, 0x9f, 0x4a, 0xe6, 0x73, 0x67, 0xdc, 0x72, 0x86, 0xc0, 0x41, 0x50, 0x09,
+	0x03, 0x3b, 0x10, 0xbe, 0xf4, 0xf1, 0xeb, 0x09, 0xda, 0xa6, 0x01, 0xb3, 0x17, 0xd1, 0xf6, 0xb8,
+	0xb5, 0x7f, 0x7b, 0xc8, 0xe4, 0x69, 0xd4, 0xb3, 0xfb, 0xbe, 0xe7, 0x0c, 0xfd, 0xa1, 0xef, 0xe8,
+	0xa2, 0x5e, 0x74, 0xa2, 0x4f, 0xfa, 0xa0, 0x7f, 0x25, 0x64, 0xfb, 0x1f, 0xa4, 0x57, 0x7b, 0xb4,
+	0x7f, 0xca, 0x38, 0x88, 0x89, 0x13, 0x8c, 0x86, 0x2a, 0x10, 0x3a, 0x1e, 0x48, 0x7a, 0x49, 0x0b,
+	0xfb, 0xce, 0x55, 0x55, 0x22, 0xe2, 0x92, 0x79, 0xb0, 0x52, 0x70, 0xf7, 0xba, 0x82, 0xb0, 0x7f,
+	0x0a, 0x1e, 0x5d, 0xa9, 0x7b, 0xff, 0xaa, 0xba, 0x48, 0xb2, 0x27, 0x0e, 0xe3, 0x32, 0x94, 0x62,
+	0xb9, 0xa8, 0xf1, 0xa7, 0x85, 0x5e, 0x75, 0xfd, 0x88, 0x0f, 0x1e, 0xf4, 0xbe, 0x83, 0xbe, 0x24,
+	0x70, 0x02, 0x02, 0x78, 0x1f, 0x70, 0x1d, 0xe5, 0x47, 0x8c, 0x0f, 0x2a, 0x56, 0xdd, 0x6a, 0x96,
+	0xdc, 0x1b, 0x67, 0xd3, 0x5a, 0x26, 0x9e, 0xd6, 0xf2, 0x9f, 0x33, 0x3e, 0x20, 0x3a, 0x83, 0xdb,
+	0x08, 0xd1, 0x87, 0xdd, 0x63, 0x10, 0x21, 0xf3, 0x79, 0x25, 0xab, 0x71, 0xd8, 0xe0, 0xd0, 0xc1,
+	0x2c, 0x43, 0xe6, 0x50, 0x8a, 0x95, 0x53, 0x0f, 0x2a, 0xb9, 0x45, 0xd6, 0x2f, 0xa9, 0x07, 0x44,
+	0x67, 0xb0, 0x8b, 0x72, 0x51, 0xf7, 0xb0, 0x92, 0xd7, 0x80, 0x3b, 0x06, 0x90, 0x3b, 0xea, 0x1e,
+	0xfe, 0x37, 0xad, 0xbd, 0x79, 0xd5, 0x84, 0x72, 0x12, 0x40, 0x68, 0x1f, 0x75, 0x0f, 0x89, 0x2a,
+	0x6e, 0x7c, 0x88, 0x50, 0xe7, 0xa9, 0x14, 0xf4, 0x98, 0x3e, 0x89, 0x00, 0xd7, 0x50, 0x81, 0x49,
+	0xf0, 0xc2, 0x8a, 0x55, 0xcf, 0x35, 0x4b, 0x6e, 0x29, 0x9e, 0xd6, 0x0a, 0x5d, 0x15, 0x20, 0x49,
+	0xfc, 0x7e, 0xf1, 0xa7, 0x5f, 0x6b, 0x99, 0x67, 0x7f, 0xd5, 0x33, 0x8d, 0x5f, 0xb2, 0xe8, 0xc6,
+	0x63, 0x7f, 0x04, 0x9c, 0xc0, 0xf7, 0x11, 0x84, 0x12, 0x7f, 0x8b, 0x8a, 0xea, 0x5d, 0x07, 0x54,
+	0x52, 0xad, 0x44, 0xb9, 0x7d, 0xc7, 0x4e, 0x2d, 0x35, 0x6b, 0xc2, 0x0e, 0x46, 0x43, 0x15, 0x08,
+	0x6d, 0x85, 0xb6, 0xc7, 0x2d, 0x3b, 0x91, 0xf3, 0x0b, 0x90, 0x34, 0xd5, 0x24, 0x8d, 0x91, 0x19,
+	0x2b, 0x7e, 0x88, 0xf2, 0x61, 0x00, 0x7d, 0xad, 0x5f, 0xb9, 0x6d, 0xdb, 0xeb, 0x0c, 0x6b, 0xcf,
+	0xf7, 0xf6, 0x28, 0x80, 0x7e, 0xaa, 0xa0, 0x3a, 0x11, 0xcd, 0x84, 0xbf, 0x46, 0x5b, 0xa1, 0xa4,
+	0x32, 0x0a, 0xb5, 0xca, 0x8b, 0x1d, 0x5f, 0xc7, 0xa9, 0xeb, 0xdc, 0x1d, 0xc3, 0xba, 0x95, 0x9c,
+	0x89, 0xe1, 0x6b, 0xfc, 0x6b, 0xa1, 0xdd, 0xe5, 0x16, 0xf0, 0xbb, 0xa8, 0x44, 0xa3, 0x01, 0x53,
+	0xa6, 0xb9, 0x90, 0x78, 0x3b, 0x9e, 0xd6, 0x4a, 0x07, 0x17, 0x41, 0x92, 0xe6, 0x31, 0x47, 0x3b,
+	0xbd, 0x05, 0xb7, 0x99, 0x1e, 0xdb, 0xeb, 0x7b, 0xbc, 0xcc, 0xa1, 0x2e, 0x8e, 0xa7, 0xb5, 0x9d,
+	0xc5, 0x0c, 0x59, 0x62, 0xc7, 0x9f, 0xa0, 0x3d, 0x78, 0x1a, 0x30, 0xa1, 0x99, 0x1e, 0x41, 0xdf,
+	0xe7, 0x83, 0x50, 0x7b, 0x2b, 0xe7, 0xde, 0x8a, 0xa7, 0xb5, 0xbd, 0xce, 0x72, 0x92, 0xac, 0xe2,
+	0x1b, 0xbf, 0x59, 0x08, 0xaf, 0xaa, 0x84, 0xdf, 0x42, 0x05, 0xa9, 0xa2, 0xe6, 0x2f, 0xb2, 0x6d,
+	0x44, 0x2b, 0x24, 0xd0, 0x24, 0x87, 0x27, 0xe8, 0x66, 0x4a, 0xf8, 0x98, 0x79, 0x10, 0x4a, 0xea,
+	0x05, 0xe6, 0xb5, 0xdf, 0xd9, 0xcc, 0x4b, 0xaa, 0xcc, 0x7d, 0xcd, 0xd0, 0xdf, 0xec, 0xac, 0xd2,
+	0x91, 0xcb, 0xee, 0x68, 0xfc, 0x9c, 0x45, 0x65, 0xd3, 0xf6, 0x98, 0xc1, 0x0f, 0x2f, 0xc1, 0xcb,
+	0x0f, 0x16, 0xbc, 0x7c, 0x7b, 0x23, 0xdf, 0xa9, 0xd6, 0xae, 0xb4, 0xf2, 0x57, 0x4b, 0x56, 0x76,
+	0x36, 0xa7, 0x5c, 0xef, 0xe4, 0xbb, 0xe8, 0x95, 0xa5, 0xfb, 0x37, 0x7a, 0xce, 0xc6, 0x1f, 0x16,
+	0xda, 0x5b, 0xb9, 0x05, 0x7f, 0x84, 0xb6, 0xe7, 0x9a, 0x81, 0x64, 0x69, 0x16, 0xdd, 0x5b, 0x86,
+	0x62, 0xfb, 0x60, 0x3e, 0x49, 0x16, 0xb1, 0xf8, 0x33, 0x94, 0x8f, 0x42, 0x10, 0x46, 0xb4, 0xb7,
+	0xd7, 0x4f, 0x78, 0x14, 0x82, 0xe8, 0xf2, 0x13, 0x3f, 0x55, 0x4b, 0x45, 0x88, 0x66, 0x50, 0x13,
+	0x80, 0x10, 0xbe, 0x30, 0xdb, 0x75, 0x36, 0x41, 0x47, 0x05, 0x49, 0x92, 0x6b, 0xfc, 0x9e, 0x45,
+	0xc5, 0x0b, 0x16, 0xfc, 0x1e, 0x2a, 0xaa, 0x4a, 0xbd, 0x92, 0x93, 0xb1, 0x77, 0x4d, 0x91, 0xc6,
+	0xa8, 0x38, 0x99, 0x21, 0xf0, 0x1b, 0x28, 0x17, 0xb1, 0x81, 0xd9, 0xf4, 0xe5, 0xb9, 0xd5, 0x4c,
+	0x54, 0x1c, 0x37, 0xd0, 0xd6, 0x50, 0xf8, 0x51, 0xa0, 0x1e, 0x4b, 0x6d, 0x01, 0xa4, 0x74, 0xff,
+	0x54, 0x47, 0x88, 0xc9, 0xe0, 0x63, 0x54, 0x00, 0xb5, 0x99, 0x2b, 0xf9, 0x7a, 0xae, 0x59, 0x6e,
+	0xb7, 0x36, 0x9b, 0xd6, 0xd6, 0xdb, 0xbc, 0xc3, 0xa5, 0x98, 0xcc, 0x4d, 0xa5, 0x62, 0x24, 0xa1,
+	0xdb, 0xef, 0x99, 0x8d, 0xaf, 0x31, 0x78, 0x17, 0xe5, 0x46, 0x30, 0x49, 0x26, 0x22, 0xea, 0x27,
+	0xfe, 0x18, 0x15, 0xc6, 0xea, 0x63, 0x60, 0x54, 0x6e, 0xae, 0xbf, 0x37, 0xfd, 0x78, 0x90, 0xa4,
+	0xec, 0x7e, 0xf6, 0x9e, 0xe5, 0x36, 0xcf, 0xce, 0xab, 0x99, 0xe7, 0xe7, 0xd5, 0xcc, 0x8b, 0xf3,
+	0x6a, 0xe6, 0x59, 0x5c, 0xb5, 0xce, 0xe2, 0xaa, 0xf5, 0x3c, 0xae, 0x5a, 0x2f, 0xe2, 0xaa, 0xf5,
+	0x77, 0x5c, 0xb5, 0x7e, 0xfc, 0xa7, 0x9a, 0xf9, 0x26, 0x3b, 0x6e, 0xfd, 0x1f, 0x00, 0x00, 0xff,
+	0xff, 0x5f, 0x39, 0x60, 0xb1, 0xbd, 0x08, 0x00, 0x00,
 }
diff --git a/vendor/k8s.io/api/authentication/v1/generated.proto b/vendor/k8s.io/api/authentication/v1/generated.proto
index ea7b3b2885ab..1fd432a70d62 100644
--- a/vendor/k8s.io/api/authentication/v1/generated.proto
+++ b/vendor/k8s.io/api/authentication/v1/generated.proto
@@ -29,6 +29,25 @@ import "k8s.io/apimachinery/pkg/util/intstr/generated.proto";
 // Package-wide variables from generator "generated".
 option go_package = "v1";
 
+// BoundObjectReference is a reference to an object that a token is bound to.
+message BoundObjectReference {
+  // Kind of the referent. Valid kinds are 'Pod' and 'Secret'.
+  // +optional
+  optional string kind = 1;
+
+  // API version of the referent.
+  // +optional
+  optional string aPIVersion = 2;
+
+  // Name of the referent.
+  // +optional
+  optional string name = 3;
+
+  // UID of the referent.
+  // +optional
+  optional string uID = 4;
+}
+
 // ExtraValue masks the value so protobuf can generate
 // +protobuf.nullable=true
 // +protobuf.options.(gogoproto.goproto_stringer)=false
@@ -38,6 +57,48 @@ message ExtraValue {
   repeated string items = 1;
 }
 
+// TokenRequest requests a token for a given service account.
+message TokenRequest {
+  // +optional
+  optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+  optional TokenRequestSpec spec = 2;
+
+  // +optional
+  optional TokenRequestStatus status = 3;
+}
+
+// TokenRequestSpec contains client provided parameters of a token request.
+message TokenRequestSpec {
+  // Audiences are the intendend audiences of the token. A recipient of a
+  // token must identitfy themself with an identifier in the list of
+  // audiences of the token, and otherwise should reject the token. A
+  // token issued for multiple audiences may be used to authenticate
+  // against any of the audiences listed but implies a high degree of
+  // trust between the target audiences.
+  repeated string audiences = 1;
+
+  // ExpirationSeconds is the requested duration of validity of the request. The
+  // token issuer may return a token with a different validity duration so a
+  // client needs to check the 'expiration' field in a response.
+  // +optional
+  optional int64 expirationSeconds = 4;
+
+  // BoundObjectRef is a reference to an object that the token will be bound to.
+  // The token will only be valid for as long as the bound objet exists.
+  // +optional
+  optional BoundObjectReference boundObjectRef = 3;
+}
+
+// TokenRequestStatus is the result of a token request.
+message TokenRequestStatus {
+  // Token is the opaque bearer token.
+  optional string token = 1;
+
+  // ExpirationTimestamp is the time of expiration of the returned token.
+  optional k8s.io.apimachinery.pkg.apis.meta.v1.Time expirationTimestamp = 2;
+}
+
 // TokenReview attempts to authenticate a token to a known user.
 // Note: TokenReview requests may be cached by the webhook token authenticator
 // plugin in the kube-apiserver.
diff --git a/vendor/k8s.io/api/authentication/v1/register.go b/vendor/k8s.io/api/authentication/v1/register.go
index 2ca79a620a55..c522e4a46d71 100644
--- a/vendor/k8s.io/api/authentication/v1/register.go
+++ b/vendor/k8s.io/api/authentication/v1/register.go
@@ -45,6 +45,7 @@ var (
 func addKnownTypes(scheme *runtime.Scheme) error {
 	scheme.AddKnownTypes(SchemeGroupVersion,
 		&TokenReview{},
+		&TokenRequest{},
 	)
 	metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
 	return nil
diff --git a/vendor/k8s.io/api/authentication/v1/types.go b/vendor/k8s.io/api/authentication/v1/types.go
index b6d30bbe6132..723457a3dd21 100644
--- a/vendor/k8s.io/api/authentication/v1/types.go
+++ b/vendor/k8s.io/api/authentication/v1/types.go
@@ -20,6 +20,7 @@ import (
 	"fmt"
 
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/types"
 )
 
 const (
@@ -105,3 +106,63 @@ type ExtraValue []string
 func (t ExtraValue) String() string {
 	return fmt.Sprintf("%v", []string(t))
 }
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// TokenRequest requests a token for a given service account.
+type TokenRequest struct {
+	metav1.TypeMeta `json:",inline"`
+	// +optional
+	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	Spec TokenRequestSpec `json:"spec" protobuf:"bytes,2,opt,name=spec"`
+	// +optional
+	Status TokenRequestStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
+}
+
+// TokenRequestSpec contains client provided parameters of a token request.
+type TokenRequestSpec struct {
+	// Audiences are the intendend audiences of the token. A recipient of a
+	// token must identitfy themself with an identifier in the list of
+	// audiences of the token, and otherwise should reject the token. A
+	// token issued for multiple audiences may be used to authenticate
+	// against any of the audiences listed but implies a high degree of
+	// trust between the target audiences.
+	Audiences []string `json:"audiences" protobuf:"bytes,1,rep,name=audiences"`
+
+	// ExpirationSeconds is the requested duration of validity of the request. The
+	// token issuer may return a token with a different validity duration so a
+	// client needs to check the 'expiration' field in a response.
+	// +optional
+	ExpirationSeconds *int64 `json:"expirationSeconds" protobuf:"varint,4,opt,name=expirationSeconds"`
+
+	// BoundObjectRef is a reference to an object that the token will be bound to.
+	// The token will only be valid for as long as the bound objet exists.
+	// +optional
+	BoundObjectRef *BoundObjectReference `json:"boundObjectRef" protobuf:"bytes,3,opt,name=boundObjectRef"`
+}
+
+// TokenRequestStatus is the result of a token request.
+type TokenRequestStatus struct {
+	// Token is the opaque bearer token.
+	Token string `json:"token" protobuf:"bytes,1,opt,name=token"`
+	// ExpirationTimestamp is the time of expiration of the returned token.
+	ExpirationTimestamp metav1.Time `json:"expirationTimestamp" protobuf:"bytes,2,opt,name=expirationTimestamp"`
+}
+
+// BoundObjectReference is a reference to an object that a token is bound to.
+type BoundObjectReference struct {
+	// Kind of the referent. Valid kinds are 'Pod' and 'Secret'.
+	// +optional
+	Kind string `json:"kind,omitempty" protobuf:"bytes,1,opt,name=kind"`
+	// API version of the referent.
+	// +optional
+	APIVersion string `json:"apiVersion,omitempty" protobuf:"bytes,2,opt,name=aPIVersion"`
+
+	// Name of the referent.
+	// +optional
+	Name string `json:"name,omitempty" protobuf:"bytes,3,opt,name=name"`
+	// UID of the referent.
+	// +optional
+	UID types.UID `json:"uid,omitempty" protobuf:"bytes,4,opt,name=uID,casttype=k8s.io/apimachinery/pkg/types.UID"`
+}
diff --git a/vendor/k8s.io/api/authentication/v1/types_swagger_doc_generated.go b/vendor/k8s.io/api/authentication/v1/types_swagger_doc_generated.go
index bb235e4eaa93..68ecea8eaf05 100644
--- a/vendor/k8s.io/api/authentication/v1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/authentication/v1/types_swagger_doc_generated.go
@@ -27,6 +27,47 @@ package v1
 // Those methods can be generated by using hack/update-generated-swagger-docs.sh
 
 // AUTO-GENERATED FUNCTIONS START HERE
+var map_BoundObjectReference = map[string]string{
+	"":           "BoundObjectReference is a reference to an object that a token is bound to.",
+	"kind":       "Kind of the referent. Valid kinds are 'Pod' and 'Secret'.",
+	"apiVersion": "API version of the referent.",
+	"name":       "Name of the referent.",
+	"uid":        "UID of the referent.",
+}
+
+func (BoundObjectReference) SwaggerDoc() map[string]string {
+	return map_BoundObjectReference
+}
+
+var map_TokenRequest = map[string]string{
+	"": "TokenRequest requests a token for a given service account.",
+}
+
+func (TokenRequest) SwaggerDoc() map[string]string {
+	return map_TokenRequest
+}
+
+var map_TokenRequestSpec = map[string]string{
+	"":                  "TokenRequestSpec contains client provided parameters of a token request.",
+	"audiences":         "Audiences are the intendend audiences of the token. A recipient of a token must identitfy themself with an identifier in the list of audiences of the token, and otherwise should reject the token. A token issued for multiple audiences may be used to authenticate against any of the audiences listed but implies a high degree of trust between the target audiences.",
+	"expirationSeconds": "ExpirationSeconds is the requested duration of validity of the request. The token issuer may return a token with a different validity duration so a client needs to check the 'expiration' field in a response.",
+	"boundObjectRef":    "BoundObjectRef is a reference to an object that the token will be bound to. The token will only be valid for as long as the bound objet exists.",
+}
+
+func (TokenRequestSpec) SwaggerDoc() map[string]string {
+	return map_TokenRequestSpec
+}
+
+var map_TokenRequestStatus = map[string]string{
+	"":                    "TokenRequestStatus is the result of a token request.",
+	"token":               "Token is the opaque bearer token.",
+	"expirationTimestamp": "ExpirationTimestamp is the time of expiration of the returned token.",
+}
+
+func (TokenRequestStatus) SwaggerDoc() map[string]string {
+	return map_TokenRequestStatus
+}
+
 var map_TokenReview = map[string]string{
 	"":       "TokenReview attempts to authenticate a token to a known user. Note: TokenReview requests may be cached by the webhook token authenticator plugin in the kube-apiserver.",
 	"spec":   "Spec holds information about the request being evaluated",
diff --git a/vendor/k8s.io/api/authentication/v1/zz_generated.deepcopy.go b/vendor/k8s.io/api/authentication/v1/zz_generated.deepcopy.go
index f9b32192c3db..ad0df8ff470d 100644
--- a/vendor/k8s.io/api/authentication/v1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/authentication/v1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1
 
@@ -24,6 +24,126 @@ import (
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *BoundObjectReference) DeepCopyInto(out *BoundObjectReference) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BoundObjectReference.
+func (in *BoundObjectReference) DeepCopy() *BoundObjectReference {
+	if in == nil {
+		return nil
+	}
+	out := new(BoundObjectReference)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in ExtraValue) DeepCopyInto(out *ExtraValue) {
+	{
+		in := &in
+		*out = make(ExtraValue, len(*in))
+		copy(*out, *in)
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue.
+func (in ExtraValue) DeepCopy() ExtraValue {
+	if in == nil {
+		return nil
+	}
+	out := new(ExtraValue)
+	in.DeepCopyInto(out)
+	return *out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *TokenRequest) DeepCopyInto(out *TokenRequest) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	in.Status.DeepCopyInto(&out.Status)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenRequest.
+func (in *TokenRequest) DeepCopy() *TokenRequest {
+	if in == nil {
+		return nil
+	}
+	out := new(TokenRequest)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *TokenRequest) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *TokenRequestSpec) DeepCopyInto(out *TokenRequestSpec) {
+	*out = *in
+	if in.Audiences != nil {
+		in, out := &in.Audiences, &out.Audiences
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	if in.ExpirationSeconds != nil {
+		in, out := &in.ExpirationSeconds, &out.ExpirationSeconds
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(int64)
+			**out = **in
+		}
+	}
+	if in.BoundObjectRef != nil {
+		in, out := &in.BoundObjectRef, &out.BoundObjectRef
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(BoundObjectReference)
+			**out = **in
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenRequestSpec.
+func (in *TokenRequestSpec) DeepCopy() *TokenRequestSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(TokenRequestSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *TokenRequestStatus) DeepCopyInto(out *TokenRequestStatus) {
+	*out = *in
+	in.ExpirationTimestamp.DeepCopyInto(&out.ExpirationTimestamp)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenRequestStatus.
+func (in *TokenRequestStatus) DeepCopy() *TokenRequestStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(TokenRequestStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *TokenReview) DeepCopyInto(out *TokenReview) {
 	*out = *in
@@ -48,9 +168,8 @@ func (in *TokenReview) DeepCopy() *TokenReview {
 func (in *TokenReview) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -98,8 +217,12 @@ func (in *UserInfo) DeepCopyInto(out *UserInfo) {
 		in, out := &in.Extra, &out.Extra
 		*out = make(map[string]ExtraValue, len(*in))
 		for key, val := range *in {
-			(*out)[key] = make(ExtraValue, len(val))
-			copy((*out)[key], val)
+			if val == nil {
+				(*out)[key] = nil
+			} else {
+				(*out)[key] = make([]string, len(val))
+				copy((*out)[key], val)
+			}
 		}
 	}
 	return
diff --git a/vendor/k8s.io/api/authentication/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/authentication/v1beta1/zz_generated.deepcopy.go
index 65aabe7c422d..57d878e9a417 100644
--- a/vendor/k8s.io/api/authentication/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/authentication/v1beta1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1beta1
 
@@ -24,6 +24,26 @@ import (
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in ExtraValue) DeepCopyInto(out *ExtraValue) {
+	{
+		in := &in
+		*out = make(ExtraValue, len(*in))
+		copy(*out, *in)
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue.
+func (in ExtraValue) DeepCopy() ExtraValue {
+	if in == nil {
+		return nil
+	}
+	out := new(ExtraValue)
+	in.DeepCopyInto(out)
+	return *out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *TokenReview) DeepCopyInto(out *TokenReview) {
 	*out = *in
@@ -48,9 +68,8 @@ func (in *TokenReview) DeepCopy() *TokenReview {
 func (in *TokenReview) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -98,8 +117,12 @@ func (in *UserInfo) DeepCopyInto(out *UserInfo) {
 		in, out := &in.Extra, &out.Extra
 		*out = make(map[string]ExtraValue, len(*in))
 		for key, val := range *in {
-			(*out)[key] = make(ExtraValue, len(val))
-			copy((*out)[key], val)
+			if val == nil {
+				(*out)[key] = nil
+			} else {
+				(*out)[key] = make([]string, len(val))
+				copy((*out)[key], val)
+			}
 		}
 	}
 	return
diff --git a/vendor/k8s.io/api/authorization/v1/zz_generated.deepcopy.go b/vendor/k8s.io/api/authorization/v1/zz_generated.deepcopy.go
index 06a78643fce4..3df85934a431 100644
--- a/vendor/k8s.io/api/authorization/v1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/authorization/v1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1
 
@@ -24,6 +24,26 @@ import (
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in ExtraValue) DeepCopyInto(out *ExtraValue) {
+	{
+		in := &in
+		*out = make(ExtraValue, len(*in))
+		copy(*out, *in)
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue.
+func (in ExtraValue) DeepCopy() ExtraValue {
+	if in == nil {
+		return nil
+	}
+	out := new(ExtraValue)
+	in.DeepCopyInto(out)
+	return *out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *LocalSubjectAccessReview) DeepCopyInto(out *LocalSubjectAccessReview) {
 	*out = *in
@@ -48,9 +68,8 @@ func (in *LocalSubjectAccessReview) DeepCopy() *LocalSubjectAccessReview {
 func (in *LocalSubjectAccessReview) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -171,9 +190,8 @@ func (in *SelfSubjectAccessReview) DeepCopy() *SelfSubjectAccessReview {
 func (in *SelfSubjectAccessReview) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -234,9 +252,8 @@ func (in *SelfSubjectRulesReview) DeepCopy() *SelfSubjectRulesReview {
 func (in *SelfSubjectRulesReview) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -279,9 +296,8 @@ func (in *SubjectAccessReview) DeepCopy() *SubjectAccessReview {
 func (in *SubjectAccessReview) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -314,8 +330,12 @@ func (in *SubjectAccessReviewSpec) DeepCopyInto(out *SubjectAccessReviewSpec) {
 		in, out := &in.Extra, &out.Extra
 		*out = make(map[string]ExtraValue, len(*in))
 		for key, val := range *in {
-			(*out)[key] = make(ExtraValue, len(val))
-			copy((*out)[key], val)
+			if val == nil {
+				(*out)[key] = nil
+			} else {
+				(*out)[key] = make([]string, len(val))
+				copy((*out)[key], val)
+			}
 		}
 	}
 	return
diff --git a/vendor/k8s.io/api/authorization/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/authorization/v1beta1/zz_generated.deepcopy.go
index fed07fbb2162..7c76b183bb08 100644
--- a/vendor/k8s.io/api/authorization/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/authorization/v1beta1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1beta1
 
@@ -24,6 +24,26 @@ import (
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in ExtraValue) DeepCopyInto(out *ExtraValue) {
+	{
+		in := &in
+		*out = make(ExtraValue, len(*in))
+		copy(*out, *in)
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue.
+func (in ExtraValue) DeepCopy() ExtraValue {
+	if in == nil {
+		return nil
+	}
+	out := new(ExtraValue)
+	in.DeepCopyInto(out)
+	return *out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *LocalSubjectAccessReview) DeepCopyInto(out *LocalSubjectAccessReview) {
 	*out = *in
@@ -48,9 +68,8 @@ func (in *LocalSubjectAccessReview) DeepCopy() *LocalSubjectAccessReview {
 func (in *LocalSubjectAccessReview) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -171,9 +190,8 @@ func (in *SelfSubjectAccessReview) DeepCopy() *SelfSubjectAccessReview {
 func (in *SelfSubjectAccessReview) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -234,9 +252,8 @@ func (in *SelfSubjectRulesReview) DeepCopy() *SelfSubjectRulesReview {
 func (in *SelfSubjectRulesReview) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -279,9 +296,8 @@ func (in *SubjectAccessReview) DeepCopy() *SubjectAccessReview {
 func (in *SubjectAccessReview) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -314,8 +330,12 @@ func (in *SubjectAccessReviewSpec) DeepCopyInto(out *SubjectAccessReviewSpec) {
 		in, out := &in.Extra, &out.Extra
 		*out = make(map[string]ExtraValue, len(*in))
 		for key, val := range *in {
-			(*out)[key] = make(ExtraValue, len(val))
-			copy((*out)[key], val)
+			if val == nil {
+				(*out)[key] = nil
+			} else {
+				(*out)[key] = make([]string, len(val))
+				copy((*out)[key], val)
+			}
 		}
 	}
 	return
diff --git a/vendor/k8s.io/api/autoscaling/v1/generated.pb.go b/vendor/k8s.io/api/autoscaling/v1/generated.pb.go
index 4c6a171279b7..9e2b235eb090 100644
--- a/vendor/k8s.io/api/autoscaling/v1/generated.pb.go
+++ b/vendor/k8s.io/api/autoscaling/v1/generated.pb.go
@@ -26,6 +26,8 @@ limitations under the License.
 
 	It has these top-level messages:
 		CrossVersionObjectReference
+		ExternalMetricSource
+		ExternalMetricStatus
 		HorizontalPodAutoscaler
 		HorizontalPodAutoscalerCondition
 		HorizontalPodAutoscalerList
@@ -76,80 +78,90 @@ func (*CrossVersionObjectReference) Descriptor() ([]byte, []int) {
 	return fileDescriptorGenerated, []int{0}
 }
 
+func (m *ExternalMetricSource) Reset()                    { *m = ExternalMetricSource{} }
+func (*ExternalMetricSource) ProtoMessage()               {}
+func (*ExternalMetricSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{1} }
+
+func (m *ExternalMetricStatus) Reset()                    { *m = ExternalMetricStatus{} }
+func (*ExternalMetricStatus) ProtoMessage()               {}
+func (*ExternalMetricStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{2} }
+
 func (m *HorizontalPodAutoscaler) Reset()                    { *m = HorizontalPodAutoscaler{} }
 func (*HorizontalPodAutoscaler) ProtoMessage()               {}
-func (*HorizontalPodAutoscaler) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{1} }
+func (*HorizontalPodAutoscaler) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{3} }
 
 func (m *HorizontalPodAutoscalerCondition) Reset()      { *m = HorizontalPodAutoscalerCondition{} }
 func (*HorizontalPodAutoscalerCondition) ProtoMessage() {}
 func (*HorizontalPodAutoscalerCondition) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{2}
+	return fileDescriptorGenerated, []int{4}
 }
 
 func (m *HorizontalPodAutoscalerList) Reset()      { *m = HorizontalPodAutoscalerList{} }
 func (*HorizontalPodAutoscalerList) ProtoMessage() {}
 func (*HorizontalPodAutoscalerList) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{3}
+	return fileDescriptorGenerated, []int{5}
 }
 
 func (m *HorizontalPodAutoscalerSpec) Reset()      { *m = HorizontalPodAutoscalerSpec{} }
 func (*HorizontalPodAutoscalerSpec) ProtoMessage() {}
 func (*HorizontalPodAutoscalerSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{4}
+	return fileDescriptorGenerated, []int{6}
 }
 
 func (m *HorizontalPodAutoscalerStatus) Reset()      { *m = HorizontalPodAutoscalerStatus{} }
 func (*HorizontalPodAutoscalerStatus) ProtoMessage() {}
 func (*HorizontalPodAutoscalerStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{5}
+	return fileDescriptorGenerated, []int{7}
 }
 
 func (m *MetricSpec) Reset()                    { *m = MetricSpec{} }
 func (*MetricSpec) ProtoMessage()               {}
-func (*MetricSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{6} }
+func (*MetricSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{8} }
 
 func (m *MetricStatus) Reset()                    { *m = MetricStatus{} }
 func (*MetricStatus) ProtoMessage()               {}
-func (*MetricStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{7} }
+func (*MetricStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{9} }
 
 func (m *ObjectMetricSource) Reset()                    { *m = ObjectMetricSource{} }
 func (*ObjectMetricSource) ProtoMessage()               {}
-func (*ObjectMetricSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{8} }
+func (*ObjectMetricSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{10} }
 
 func (m *ObjectMetricStatus) Reset()                    { *m = ObjectMetricStatus{} }
 func (*ObjectMetricStatus) ProtoMessage()               {}
-func (*ObjectMetricStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{9} }
+func (*ObjectMetricStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{11} }
 
 func (m *PodsMetricSource) Reset()                    { *m = PodsMetricSource{} }
 func (*PodsMetricSource) ProtoMessage()               {}
-func (*PodsMetricSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{10} }
+func (*PodsMetricSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{12} }
 
 func (m *PodsMetricStatus) Reset()                    { *m = PodsMetricStatus{} }
 func (*PodsMetricStatus) ProtoMessage()               {}
-func (*PodsMetricStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{11} }
+func (*PodsMetricStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{13} }
 
 func (m *ResourceMetricSource) Reset()                    { *m = ResourceMetricSource{} }
 func (*ResourceMetricSource) ProtoMessage()               {}
-func (*ResourceMetricSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{12} }
+func (*ResourceMetricSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{14} }
 
 func (m *ResourceMetricStatus) Reset()                    { *m = ResourceMetricStatus{} }
 func (*ResourceMetricStatus) ProtoMessage()               {}
-func (*ResourceMetricStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{13} }
+func (*ResourceMetricStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{15} }
 
 func (m *Scale) Reset()                    { *m = Scale{} }
 func (*Scale) ProtoMessage()               {}
-func (*Scale) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{14} }
+func (*Scale) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{16} }
 
 func (m *ScaleSpec) Reset()                    { *m = ScaleSpec{} }
 func (*ScaleSpec) ProtoMessage()               {}
-func (*ScaleSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{15} }
+func (*ScaleSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{17} }
 
 func (m *ScaleStatus) Reset()                    { *m = ScaleStatus{} }
 func (*ScaleStatus) ProtoMessage()               {}
-func (*ScaleStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{16} }
+func (*ScaleStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{18} }
 
 func init() {
 	proto.RegisterType((*CrossVersionObjectReference)(nil), "k8s.io.api.autoscaling.v1.CrossVersionObjectReference")
+	proto.RegisterType((*ExternalMetricSource)(nil), "k8s.io.api.autoscaling.v1.ExternalMetricSource")
+	proto.RegisterType((*ExternalMetricStatus)(nil), "k8s.io.api.autoscaling.v1.ExternalMetricStatus")
 	proto.RegisterType((*HorizontalPodAutoscaler)(nil), "k8s.io.api.autoscaling.v1.HorizontalPodAutoscaler")
 	proto.RegisterType((*HorizontalPodAutoscalerCondition)(nil), "k8s.io.api.autoscaling.v1.HorizontalPodAutoscalerCondition")
 	proto.RegisterType((*HorizontalPodAutoscalerList)(nil), "k8s.io.api.autoscaling.v1.HorizontalPodAutoscalerList")
@@ -197,6 +209,108 @@ func (m *CrossVersionObjectReference) MarshalTo(dAtA []byte) (int, error) {
 	return i, nil
 }
 
+func (m *ExternalMetricSource) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ExternalMetricSource) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.MetricName)))
+	i += copy(dAtA[i:], m.MetricName)
+	if m.MetricSelector != nil {
+		dAtA[i] = 0x12
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.MetricSelector.Size()))
+		n1, err := m.MetricSelector.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n1
+	}
+	if m.TargetValue != nil {
+		dAtA[i] = 0x1a
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.TargetValue.Size()))
+		n2, err := m.TargetValue.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n2
+	}
+	if m.TargetAverageValue != nil {
+		dAtA[i] = 0x22
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.TargetAverageValue.Size()))
+		n3, err := m.TargetAverageValue.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n3
+	}
+	return i, nil
+}
+
+func (m *ExternalMetricStatus) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ExternalMetricStatus) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.MetricName)))
+	i += copy(dAtA[i:], m.MetricName)
+	if m.MetricSelector != nil {
+		dAtA[i] = 0x12
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.MetricSelector.Size()))
+		n4, err := m.MetricSelector.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n4
+	}
+	dAtA[i] = 0x1a
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.CurrentValue.Size()))
+	n5, err := m.CurrentValue.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n5
+	if m.CurrentAverageValue != nil {
+		dAtA[i] = 0x22
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.CurrentAverageValue.Size()))
+		n6, err := m.CurrentAverageValue.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n6
+	}
+	return i, nil
+}
+
 func (m *HorizontalPodAutoscaler) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -215,27 +329,27 @@ func (m *HorizontalPodAutoscaler) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n1, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n7, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n1
+	i += n7
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size()))
-	n2, err := m.Spec.MarshalTo(dAtA[i:])
+	n8, err := m.Spec.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n2
+	i += n8
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Status.Size()))
-	n3, err := m.Status.MarshalTo(dAtA[i:])
+	n9, err := m.Status.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n3
+	i += n9
 	return i, nil
 }
 
@@ -265,11 +379,11 @@ func (m *HorizontalPodAutoscalerCondition) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LastTransitionTime.Size()))
-	n4, err := m.LastTransitionTime.MarshalTo(dAtA[i:])
+	n10, err := m.LastTransitionTime.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n4
+	i += n10
 	dAtA[i] = 0x22
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Reason)))
@@ -299,11 +413,11 @@ func (m *HorizontalPodAutoscalerList) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
-	n5, err := m.ListMeta.MarshalTo(dAtA[i:])
+	n11, err := m.ListMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n5
+	i += n11
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -337,11 +451,11 @@ func (m *HorizontalPodAutoscalerSpec) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ScaleTargetRef.Size()))
-	n6, err := m.ScaleTargetRef.MarshalTo(dAtA[i:])
+	n12, err := m.ScaleTargetRef.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n6
+	i += n12
 	if m.MinReplicas != nil {
 		dAtA[i] = 0x10
 		i++
@@ -382,11 +496,11 @@ func (m *HorizontalPodAutoscalerStatus) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.LastScaleTime.Size()))
-		n7, err := m.LastScaleTime.MarshalTo(dAtA[i:])
+		n13, err := m.LastScaleTime.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n7
+		i += n13
 	}
 	dAtA[i] = 0x18
 	i++
@@ -425,31 +539,41 @@ func (m *MetricSpec) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Object.Size()))
-		n8, err := m.Object.MarshalTo(dAtA[i:])
+		n14, err := m.Object.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n8
+		i += n14
 	}
 	if m.Pods != nil {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Pods.Size()))
-		n9, err := m.Pods.MarshalTo(dAtA[i:])
+		n15, err := m.Pods.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n9
+		i += n15
 	}
 	if m.Resource != nil {
 		dAtA[i] = 0x22
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Resource.Size()))
-		n10, err := m.Resource.MarshalTo(dAtA[i:])
+		n16, err := m.Resource.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n16
+	}
+	if m.External != nil {
+		dAtA[i] = 0x2a
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.External.Size()))
+		n17, err := m.External.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n10
+		i += n17
 	}
 	return i, nil
 }
@@ -477,31 +601,41 @@ func (m *MetricStatus) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Object.Size()))
-		n11, err := m.Object.MarshalTo(dAtA[i:])
+		n18, err := m.Object.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n11
+		i += n18
 	}
 	if m.Pods != nil {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Pods.Size()))
-		n12, err := m.Pods.MarshalTo(dAtA[i:])
+		n19, err := m.Pods.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n12
+		i += n19
 	}
 	if m.Resource != nil {
 		dAtA[i] = 0x22
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Resource.Size()))
-		n13, err := m.Resource.MarshalTo(dAtA[i:])
+		n20, err := m.Resource.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n13
+		i += n20
+	}
+	if m.External != nil {
+		dAtA[i] = 0x2a
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.External.Size()))
+		n21, err := m.External.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n21
 	}
 	return i, nil
 }
@@ -524,11 +658,11 @@ func (m *ObjectMetricSource) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Target.Size()))
-	n14, err := m.Target.MarshalTo(dAtA[i:])
+	n22, err := m.Target.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n14
+	i += n22
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.MetricName)))
@@ -536,11 +670,11 @@ func (m *ObjectMetricSource) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.TargetValue.Size()))
-	n15, err := m.TargetValue.MarshalTo(dAtA[i:])
+	n23, err := m.TargetValue.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n15
+	i += n23
 	return i, nil
 }
 
@@ -562,11 +696,11 @@ func (m *ObjectMetricStatus) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Target.Size()))
-	n16, err := m.Target.MarshalTo(dAtA[i:])
+	n24, err := m.Target.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n16
+	i += n24
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.MetricName)))
@@ -574,11 +708,11 @@ func (m *ObjectMetricStatus) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.CurrentValue.Size()))
-	n17, err := m.CurrentValue.MarshalTo(dAtA[i:])
+	n25, err := m.CurrentValue.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n17
+	i += n25
 	return i, nil
 }
 
@@ -604,11 +738,11 @@ func (m *PodsMetricSource) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.TargetAverageValue.Size()))
-	n18, err := m.TargetAverageValue.MarshalTo(dAtA[i:])
+	n26, err := m.TargetAverageValue.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n18
+	i += n26
 	return i, nil
 }
 
@@ -634,11 +768,11 @@ func (m *PodsMetricStatus) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.CurrentAverageValue.Size()))
-	n19, err := m.CurrentAverageValue.MarshalTo(dAtA[i:])
+	n27, err := m.CurrentAverageValue.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n19
+	i += n27
 	return i, nil
 }
 
@@ -670,11 +804,11 @@ func (m *ResourceMetricSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.TargetAverageValue.Size()))
-		n20, err := m.TargetAverageValue.MarshalTo(dAtA[i:])
+		n28, err := m.TargetAverageValue.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n20
+		i += n28
 	}
 	return i, nil
 }
@@ -706,11 +840,11 @@ func (m *ResourceMetricStatus) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.CurrentAverageValue.Size()))
-	n21, err := m.CurrentAverageValue.MarshalTo(dAtA[i:])
+	n29, err := m.CurrentAverageValue.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n21
+	i += n29
 	return i, nil
 }
 
@@ -732,27 +866,27 @@ func (m *Scale) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n22, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n30, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n22
+	i += n30
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size()))
-	n23, err := m.Spec.MarshalTo(dAtA[i:])
+	n31, err := m.Spec.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n23
+	i += n31
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Status.Size()))
-	n24, err := m.Status.MarshalTo(dAtA[i:])
+	n32, err := m.Status.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n24
+	i += n32
 	return i, nil
 }
 
@@ -841,6 +975,44 @@ func (m *CrossVersionObjectReference) Size() (n int) {
 	return n
 }
 
+func (m *ExternalMetricSource) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.MetricName)
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.MetricSelector != nil {
+		l = m.MetricSelector.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.TargetValue != nil {
+		l = m.TargetValue.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.TargetAverageValue != nil {
+		l = m.TargetAverageValue.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *ExternalMetricStatus) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.MetricName)
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.MetricSelector != nil {
+		l = m.MetricSelector.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	l = m.CurrentValue.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.CurrentAverageValue != nil {
+		l = m.CurrentAverageValue.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
 func (m *HorizontalPodAutoscaler) Size() (n int) {
 	var l int
 	_ = l
@@ -933,6 +1105,10 @@ func (m *MetricSpec) Size() (n int) {
 		l = m.Resource.Size()
 		n += 1 + l + sovGenerated(uint64(l))
 	}
+	if m.External != nil {
+		l = m.External.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
 	return n
 }
 
@@ -953,6 +1129,10 @@ func (m *MetricStatus) Size() (n int) {
 		l = m.Resource.Size()
 		n += 1 + l + sovGenerated(uint64(l))
 	}
+	if m.External != nil {
+		l = m.External.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
 	return n
 }
 
@@ -1081,6 +1261,32 @@ func (this *CrossVersionObjectReference) String() string {
 	}, "")
 	return s
 }
+func (this *ExternalMetricSource) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ExternalMetricSource{`,
+		`MetricName:` + fmt.Sprintf("%v", this.MetricName) + `,`,
+		`MetricSelector:` + strings.Replace(fmt.Sprintf("%v", this.MetricSelector), "LabelSelector", "k8s_io_apimachinery_pkg_apis_meta_v1.LabelSelector", 1) + `,`,
+		`TargetValue:` + strings.Replace(fmt.Sprintf("%v", this.TargetValue), "Quantity", "k8s_io_apimachinery_pkg_api_resource.Quantity", 1) + `,`,
+		`TargetAverageValue:` + strings.Replace(fmt.Sprintf("%v", this.TargetAverageValue), "Quantity", "k8s_io_apimachinery_pkg_api_resource.Quantity", 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ExternalMetricStatus) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ExternalMetricStatus{`,
+		`MetricName:` + fmt.Sprintf("%v", this.MetricName) + `,`,
+		`MetricSelector:` + strings.Replace(fmt.Sprintf("%v", this.MetricSelector), "LabelSelector", "k8s_io_apimachinery_pkg_apis_meta_v1.LabelSelector", 1) + `,`,
+		`CurrentValue:` + strings.Replace(strings.Replace(this.CurrentValue.String(), "Quantity", "k8s_io_apimachinery_pkg_api_resource.Quantity", 1), `&`, ``, 1) + `,`,
+		`CurrentAverageValue:` + strings.Replace(fmt.Sprintf("%v", this.CurrentAverageValue), "Quantity", "k8s_io_apimachinery_pkg_api_resource.Quantity", 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *HorizontalPodAutoscaler) String() string {
 	if this == nil {
 		return "nil"
@@ -1154,6 +1360,7 @@ func (this *MetricSpec) String() string {
 		`Object:` + strings.Replace(fmt.Sprintf("%v", this.Object), "ObjectMetricSource", "ObjectMetricSource", 1) + `,`,
 		`Pods:` + strings.Replace(fmt.Sprintf("%v", this.Pods), "PodsMetricSource", "PodsMetricSource", 1) + `,`,
 		`Resource:` + strings.Replace(fmt.Sprintf("%v", this.Resource), "ResourceMetricSource", "ResourceMetricSource", 1) + `,`,
+		`External:` + strings.Replace(fmt.Sprintf("%v", this.External), "ExternalMetricSource", "ExternalMetricSource", 1) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -1167,6 +1374,7 @@ func (this *MetricStatus) String() string {
 		`Object:` + strings.Replace(fmt.Sprintf("%v", this.Object), "ObjectMetricStatus", "ObjectMetricStatus", 1) + `,`,
 		`Pods:` + strings.Replace(fmt.Sprintf("%v", this.Pods), "PodsMetricStatus", "PodsMetricStatus", 1) + `,`,
 		`Resource:` + strings.Replace(fmt.Sprintf("%v", this.Resource), "ResourceMetricStatus", "ResourceMetricStatus", 1) + `,`,
+		`External:` + strings.Replace(fmt.Sprintf("%v", this.External), "ExternalMetricStatus", "ExternalMetricStatus", 1) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -1419,7 +1627,7 @@ func (m *CrossVersionObjectReference) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *HorizontalPodAutoscaler) Unmarshal(dAtA []byte) error {
+func (m *ExternalMetricSource) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -1442,15 +1650,44 @@ func (m *HorizontalPodAutoscaler) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: HorizontalPodAutoscaler: wiretype end group for non-group")
+			return fmt.Errorf("proto: ExternalMetricSource: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: HorizontalPodAutoscaler: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: ExternalMetricSource: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field MetricName", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.MetricName = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field MetricSelector", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -1474,13 +1711,16 @@ func (m *HorizontalPodAutoscaler) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if m.MetricSelector == nil {
+				m.MetricSelector = &k8s_io_apimachinery_pkg_apis_meta_v1.LabelSelector{}
+			}
+			if err := m.MetricSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		case 2:
+		case 3:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field TargetValue", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -1504,13 +1744,16 @@ func (m *HorizontalPodAutoscaler) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if m.TargetValue == nil {
+				m.TargetValue = &k8s_io_apimachinery_pkg_api_resource.Quantity{}
+			}
+			if err := m.TargetValue.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		case 3:
+		case 4:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field TargetAverageValue", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -1534,7 +1777,10 @@ func (m *HorizontalPodAutoscaler) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.Status.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if m.TargetAverageValue == nil {
+				m.TargetAverageValue = &k8s_io_apimachinery_pkg_api_resource.Quantity{}
+			}
+			if err := m.TargetAverageValue.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -1559,7 +1805,7 @@ func (m *HorizontalPodAutoscaler) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *HorizontalPodAutoscalerCondition) Unmarshal(dAtA []byte) error {
+func (m *ExternalMetricStatus) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -1582,15 +1828,15 @@ func (m *HorizontalPodAutoscalerCondition) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: HorizontalPodAutoscalerCondition: wiretype end group for non-group")
+			return fmt.Errorf("proto: ExternalMetricStatus: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: HorizontalPodAutoscalerCondition: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: ExternalMetricStatus: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Type", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field MetricName", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -1615,13 +1861,13 @@ func (m *HorizontalPodAutoscalerCondition) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Type = HorizontalPodAutoscalerConditionType(dAtA[iNdEx:postIndex])
+			m.MetricName = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field MetricSelector", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -1631,24 +1877,28 @@ func (m *HorizontalPodAutoscalerCondition) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= (uint64(b) & 0x7F) << shift
+				msglen |= (int(b) & 0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Status = k8s_io_api_core_v1.ConditionStatus(dAtA[iNdEx:postIndex])
+			if m.MetricSelector == nil {
+				m.MetricSelector = &k8s_io_apimachinery_pkg_apis_meta_v1.LabelSelector{}
+			}
+			if err := m.MetricSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
 		case 3:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field LastTransitionTime", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field CurrentValue", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -1672,15 +1922,15 @@ func (m *HorizontalPodAutoscalerCondition) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.LastTransitionTime.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.CurrentValue.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
 		case 4:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Reason", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field CurrentAverageValue", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -1690,24 +1940,335 @@ func (m *HorizontalPodAutoscalerCondition) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= (uint64(b) & 0x7F) << shift
+				msglen |= (int(b) & 0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Reason = string(dAtA[iNdEx:postIndex])
+			if m.CurrentAverageValue == nil {
+				m.CurrentAverageValue = &k8s_io_apimachinery_pkg_api_resource.Quantity{}
+			}
+			if err := m.CurrentAverageValue.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
-		case 5:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Message", wireType)
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *HorizontalPodAutoscaler) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: HorizontalPodAutoscaler: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: HorizontalPodAutoscaler: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Status.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *HorizontalPodAutoscalerCondition) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: HorizontalPodAutoscalerCondition: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: HorizontalPodAutoscalerCondition: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Type", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Type = HorizontalPodAutoscalerConditionType(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Status = k8s_io_api_core_v1.ConditionStatus(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field LastTransitionTime", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.LastTransitionTime.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Reason", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Reason = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Message", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -2323,6 +2884,39 @@ func (m *MetricSpec) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field External", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.External == nil {
+				m.External = &ExternalMetricSource{}
+			}
+			if err := m.External.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -2501,6 +3095,39 @@ func (m *MetricStatus) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field External", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.External == nil {
+				m.External = &ExternalMetricStatus{}
+			}
+			if err := m.External.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -3696,91 +4323,98 @@ func init() {
 }
 
 var fileDescriptorGenerated = []byte{
-	// 1370 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x57, 0x4d, 0x6f, 0x13, 0xc7,
-	0x1b, 0x8f, 0x5f, 0x12, 0xc2, 0x38, 0x10, 0xfe, 0x03, 0x02, 0x13, 0xfe, 0x78, 0xa3, 0x2d, 0x42,
-	0xf4, 0x85, 0xdd, 0xc6, 0xa5, 0x88, 0x1e, 0x63, 0x57, 0x14, 0xd4, 0x04, 0xc2, 0x60, 0x28, 0x7d,
-	0x51, 0xc5, 0x64, 0x77, 0x70, 0x86, 0x78, 0x5f, 0x34, 0x33, 0xb6, 0x1a, 0xa4, 0x4a, 0xed, 0xa1,
-	0xe7, 0x56, 0x95, 0xfa, 0x31, 0x7a, 0xe6, 0x50, 0xf5, 0xd0, 0x4a, 0x95, 0x38, 0x72, 0xe8, 0x81,
-	0x93, 0x55, 0xb6, 0xc7, 0x7e, 0x03, 0x4e, 0xd5, 0xcc, 0x8e, 0xd7, 0xbb, 0xb6, 0xd7, 0x21, 0x21,
-	0x42, 0xbd, 0xed, 0xce, 0xfc, 0x9e, 0xdf, 0xf3, 0x3a, 0xcf, 0x3c, 0x03, 0x1a, 0xdb, 0x57, 0xb8,
-	0x45, 0x03, 0x7b, 0xbb, 0xbb, 0x49, 0x98, 0x4f, 0x04, 0xe1, 0x76, 0x8f, 0xf8, 0x6e, 0xc0, 0x6c,
-	0xbd, 0x81, 0x43, 0x6a, 0xe3, 0xae, 0x08, 0xb8, 0x83, 0x3b, 0xd4, 0x6f, 0xdb, 0xbd, 0x15, 0xbb,
-	0x4d, 0x7c, 0xc2, 0xb0, 0x20, 0xae, 0x15, 0xb2, 0x40, 0x04, 0xf0, 0x74, 0x0c, 0xb5, 0x70, 0x48,
-	0xad, 0x14, 0xd4, 0xea, 0xad, 0x2c, 0x5d, 0x6c, 0x53, 0xb1, 0xd5, 0xdd, 0xb4, 0x9c, 0xc0, 0xb3,
-	0xdb, 0x41, 0x3b, 0xb0, 0x95, 0xc4, 0x66, 0xf7, 0x81, 0xfa, 0x53, 0x3f, 0xea, 0x2b, 0x66, 0x5a,
-	0x32, 0x53, 0x4a, 0x9d, 0x80, 0x91, 0x09, 0xda, 0x96, 0x2e, 0x0d, 0x31, 0x1e, 0x76, 0xb6, 0xa8,
-	0x4f, 0xd8, 0x8e, 0x1d, 0x6e, 0xb7, 0x95, 0x10, 0x23, 0x3c, 0xe8, 0x32, 0x87, 0xec, 0x49, 0x8a,
-	0xdb, 0x1e, 0x11, 0x78, 0x92, 0x2e, 0x3b, 0x4f, 0x8a, 0x75, 0x7d, 0x41, 0xbd, 0x71, 0x35, 0x97,
-	0x77, 0x13, 0xe0, 0xce, 0x16, 0xf1, 0xf0, 0x98, 0xdc, 0x7b, 0x79, 0x72, 0x5d, 0x41, 0x3b, 0x36,
-	0xf5, 0x05, 0x17, 0x6c, 0x54, 0xc8, 0xfc, 0xa9, 0x00, 0xce, 0x34, 0x59, 0xc0, 0xf9, 0x5d, 0xc2,
-	0x38, 0x0d, 0xfc, 0x9b, 0x9b, 0x0f, 0x89, 0x23, 0x10, 0x79, 0x40, 0x18, 0xf1, 0x1d, 0x02, 0x97,
-	0x41, 0x79, 0x9b, 0xfa, 0x6e, 0xb5, 0xb0, 0x5c, 0xb8, 0x70, 0xb8, 0xb1, 0xf0, 0xa4, 0x6f, 0xcc,
-	0x44, 0x7d, 0xa3, 0xfc, 0x31, 0xf5, 0x5d, 0xa4, 0x76, 0x24, 0xc2, 0xc7, 0x1e, 0xa9, 0x16, 0xb3,
-	0x88, 0x1b, 0xd8, 0x23, 0x48, 0xed, 0xc0, 0x3a, 0x00, 0x38, 0xa4, 0x5a, 0x41, 0xb5, 0xa4, 0x70,
-	0x50, 0xe3, 0xc0, 0xea, 0xc6, 0x75, 0xbd, 0x83, 0x52, 0x28, 0xf3, 0x71, 0x11, 0x9c, 0xba, 0x16,
-	0x30, 0xfa, 0x28, 0xf0, 0x05, 0xee, 0x6c, 0x04, 0xee, 0xaa, 0x2e, 0x0a, 0xc2, 0xe0, 0x7d, 0x30,
-	0x2f, 0x83, 0xed, 0x62, 0x81, 0x95, 0x5d, 0x95, 0xfa, 0xbb, 0xd6, 0xb0, 0x7c, 0x12, 0xdf, 0xad,
-	0x70, 0xbb, 0x2d, 0x17, 0xb8, 0x25, 0xd1, 0x56, 0x6f, 0xc5, 0x8a, 0x9d, 0x5b, 0x27, 0x02, 0x0f,
-	0xf5, 0x0f, 0xd7, 0x50, 0xc2, 0x0a, 0xef, 0x81, 0x32, 0x0f, 0x89, 0xa3, 0x7c, 0xaa, 0xd4, 0x2f,
-	0x5b, 0xb9, 0xc5, 0x69, 0xe5, 0xd8, 0x78, 0x3b, 0x24, 0xce, 0x30, 0x16, 0xf2, 0x0f, 0x29, 0x46,
-	0x78, 0x1f, 0xcc, 0x71, 0x81, 0x45, 0x97, 0xab, 0x38, 0x54, 0xea, 0x57, 0xf6, 0xc1, 0xad, 0xe4,
-	0x1b, 0x47, 0x35, 0xfb, 0x5c, 0xfc, 0x8f, 0x34, 0xaf, 0xf9, 0x5d, 0x09, 0x2c, 0xe7, 0x48, 0x36,
-	0x03, 0xdf, 0xa5, 0x82, 0x06, 0x3e, 0xbc, 0x06, 0xca, 0x62, 0x27, 0x24, 0x3a, 0xad, 0x97, 0x06,
-	0x86, 0xb6, 0x76, 0x42, 0xf2, 0xa2, 0x6f, 0x9c, 0xdb, 0x4d, 0x5e, 0xe2, 0x90, 0x62, 0x80, 0x6b,
-	0x89, 0x43, 0xc5, 0x0c, 0x97, 0x36, 0xeb, 0x45, 0xdf, 0x98, 0x70, 0x20, 0xad, 0x84, 0x29, 0x6b,
-	0x3c, 0xec, 0x01, 0xd8, 0xc1, 0x5c, 0xb4, 0x18, 0xf6, 0x79, 0xac, 0x89, 0x7a, 0x44, 0x87, 0xea,
-	0xad, 0x97, 0x4b, 0xb2, 0x94, 0x68, 0x2c, 0x69, 0x2b, 0xe0, 0xda, 0x18, 0x1b, 0x9a, 0xa0, 0x01,
-	0x9e, 0x07, 0x73, 0x8c, 0x60, 0x1e, 0xf8, 0xd5, 0xb2, 0xf2, 0x22, 0x09, 0x2e, 0x52, 0xab, 0x48,
-	0xef, 0xc2, 0x37, 0xc1, 0x21, 0x8f, 0x70, 0x8e, 0xdb, 0xa4, 0x3a, 0xab, 0x80, 0x8b, 0x1a, 0x78,
-	0x68, 0x3d, 0x5e, 0x46, 0x83, 0x7d, 0xf3, 0xcf, 0x02, 0x38, 0x93, 0x13, 0xc7, 0x35, 0xca, 0x05,
-	0xfc, 0x62, 0xac, 0x8a, 0xad, 0x97, 0x73, 0x50, 0x4a, 0xab, 0x1a, 0x3e, 0xa6, 0x75, 0xcf, 0x0f,
-	0x56, 0x52, 0x15, 0xfc, 0x09, 0x98, 0xa5, 0x82, 0x78, 0x32, 0x2b, 0xa5, 0x0b, 0x95, 0x7a, 0x7d,
-	0xef, 0x65, 0xd6, 0x38, 0xa2, 0xe9, 0x67, 0xaf, 0x4b, 0x22, 0x14, 0xf3, 0x99, 0xff, 0x14, 0x73,
-	0xdd, 0x92, 0x65, 0x0e, 0x7b, 0xe0, 0xa8, 0xfa, 0x6b, 0x61, 0xd6, 0x26, 0xb2, 0x91, 0x68, 0xe7,
-	0xa6, 0x1d, 0xa2, 0x29, 0x0d, 0xa8, 0x71, 0x52, 0x5b, 0x71, 0xf4, 0x76, 0x86, 0x15, 0x8d, 0x68,
-	0x81, 0x2b, 0xa0, 0xe2, 0x51, 0x1f, 0x91, 0xb0, 0x43, 0x1d, 0x1c, 0x17, 0xe3, 0x6c, 0x63, 0x31,
-	0xea, 0x1b, 0x95, 0xf5, 0xe1, 0x32, 0x4a, 0x63, 0xe0, 0xfb, 0xa0, 0xe2, 0xe1, 0xaf, 0x12, 0x91,
-	0x92, 0x12, 0x39, 0xae, 0xf5, 0x55, 0xd6, 0x87, 0x5b, 0x28, 0x8d, 0x83, 0x0f, 0x41, 0x4d, 0x28,
-	0xb5, 0xcd, 0x8d, 0x3b, 0x77, 0x04, 0xed, 0xd0, 0x47, 0x58, 0xd6, 0xd1, 0x06, 0x61, 0x0e, 0xf1,
-	0x85, 0x2c, 0x8d, 0xb2, 0x62, 0x32, 0xa3, 0xbe, 0x51, 0x6b, 0x4d, 0x45, 0xa2, 0x5d, 0x98, 0xcc,
-	0xdf, 0x4a, 0xe0, 0xec, 0xd4, 0x36, 0x00, 0xaf, 0x02, 0x18, 0x6c, 0x72, 0xc2, 0x7a, 0xc4, 0xfd,
-	0x28, 0xee, 0xed, 0xb2, 0xc9, 0xca, 0x98, 0x97, 0x1a, 0x27, 0xe5, 0x09, 0xb8, 0x39, 0xb6, 0x8b,
-	0x26, 0x48, 0x40, 0x07, 0x1c, 0x91, 0xe7, 0x22, 0x8e, 0x32, 0xd5, 0xfd, 0x7c, 0x6f, 0x87, 0xee,
-	0x7f, 0x51, 0xdf, 0x38, 0xb2, 0x96, 0x26, 0x41, 0x59, 0x4e, 0xb8, 0x0a, 0x16, 0x9d, 0x2e, 0x63,
-	0xc4, 0x17, 0x23, 0x51, 0x3f, 0xa5, 0xa3, 0xbe, 0xd8, 0xcc, 0x6e, 0xa3, 0x51, 0xbc, 0xa4, 0x70,
-	0x09, 0xa7, 0x8c, 0xb8, 0x09, 0x45, 0x39, 0x4b, 0xf1, 0x61, 0x76, 0x1b, 0x8d, 0xe2, 0xa1, 0x07,
-	0x0c, 0xcd, 0x9a, 0x9b, 0xc1, 0x59, 0x45, 0xf9, 0x46, 0xd4, 0x37, 0x8c, 0xe6, 0x74, 0x28, 0xda,
-	0x8d, 0xcb, 0xfc, 0xa5, 0x08, 0xc0, 0x3a, 0x11, 0x8c, 0x3a, 0xea, 0x80, 0x5c, 0xca, 0xb4, 0xde,
-	0xe5, 0x91, 0xd6, 0x7b, 0x4c, 0x23, 0xd5, 0x04, 0x92, 0x6a, 0xb3, 0xb7, 0xc0, 0x5c, 0xa0, 0x4e,
-	0x86, 0xce, 0xcb, 0xc5, 0x29, 0xc7, 0x29, 0xb9, 0xd2, 0x12, 0xa2, 0x06, 0x90, 0xbd, 0x4c, 0x1f,
-	0x2d, 0x4d, 0x04, 0xaf, 0x83, 0x72, 0x18, 0xb8, 0x83, 0x8b, 0xe8, 0xed, 0x29, 0x84, 0x1b, 0x81,
-	0xcb, 0x33, 0x74, 0xf3, 0xd2, 0x62, 0xb9, 0x8a, 0x14, 0x05, 0xfc, 0x14, 0xcc, 0x0f, 0xa6, 0x26,
-	0x95, 0x8d, 0x4a, 0xdd, 0x9e, 0x42, 0x87, 0x34, 0x34, 0x43, 0xb9, 0x20, 0x1b, 0xd9, 0x60, 0x07,
-	0x25, 0x74, 0xe6, 0xaf, 0x45, 0xb0, 0xa0, 0x81, 0x71, 0xc1, 0xbf, 0xe6, 0xf8, 0xc5, 0x97, 0xed,
-	0x81, 0xc5, 0x2f, 0xa6, 0x3b, 0xd0, 0xf8, 0xc5, 0x94, 0x79, 0xf1, 0xfb, 0xbe, 0x08, 0xe0, 0x78,
-	0x41, 0xc0, 0x2f, 0xc1, 0x5c, 0xdc, 0x7a, 0x5e, 0xb1, 0x3d, 0x27, 0x17, 0xa5, 0xee, 0xc4, 0x9a,
-	0x55, 0xce, 0x7c, 0x9e, 0xd2, 0x77, 0x63, 0x38, 0x1b, 0x26, 0x33, 0xd7, 0x7a, 0xb2, 0x83, 0x52,
-	0x28, 0x48, 0x40, 0x25, 0x96, 0xbe, 0x8b, 0x3b, 0xdd, 0xc1, 0xad, 0x3f, 0xf5, 0x52, 0xb4, 0x06,
-	0x6e, 0x5a, 0xb7, 0xba, 0xd8, 0x17, 0x54, 0xec, 0x0c, 0xfb, 0x77, 0x6b, 0x48, 0x85, 0xd2, 0xbc,
-	0xe6, 0x8f, 0xa3, 0x11, 0x89, 0xeb, 0xea, 0xbf, 0x18, 0x91, 0x2d, 0xb0, 0xa0, 0xbb, 0xcb, 0xab,
-	0x84, 0xe4, 0x84, 0xd6, 0xb2, 0xd0, 0x4c, 0x71, 0xa1, 0x0c, 0xb3, 0xf9, 0x7b, 0x01, 0x1c, 0x1b,
-	0x3d, 0xe6, 0x23, 0x26, 0x17, 0x5e, 0xca, 0xe4, 0x47, 0x00, 0xc6, 0x0e, 0xaf, 0xf6, 0x08, 0xc3,
-	0x6d, 0x12, 0x1b, 0x5e, 0xdc, 0x97, 0xe1, 0xc9, 0x14, 0xd7, 0x1a, 0x63, 0x44, 0x13, 0xb4, 0x98,
-	0x7f, 0x64, 0x9d, 0x88, 0xf3, 0xba, 0x1f, 0x27, 0xbe, 0x06, 0xc7, 0x75, 0x74, 0x0e, 0xc0, 0x8b,
-	0x33, 0x5a, 0xd9, 0xf1, 0xe6, 0x38, 0x25, 0x9a, 0xa4, 0xc7, 0xfc, 0xb9, 0x08, 0x4e, 0x4c, 0x6a,
-	0x92, 0xb0, 0xa9, 0xdf, 0x5a, 0xb1, 0x17, 0x76, 0xfa, 0xad, 0xf5, 0xa2, 0x6f, 0x18, 0x13, 0x06,
-	0xed, 0x01, 0x4d, 0xea, 0x39, 0x76, 0x0f, 0x54, 0x33, 0xb1, 0x4b, 0xdd, 0x5a, 0x7a, 0x6c, 0xfa,
-	0x7f, 0xd4, 0x37, 0xaa, 0xad, 0x1c, 0x0c, 0xca, 0x95, 0x96, 0xd3, 0xfb, 0x84, 0xdc, 0xef, 0xaf,
-	0x68, 0x4f, 0xee, 0x21, 0xef, 0x8f, 0xc7, 0xe3, 0x15, 0xe7, 0xfe, 0x40, 0xe2, 0xf5, 0x39, 0x38,
-	0x9d, 0x4d, 0xd2, 0x78, 0xc0, 0xce, 0x46, 0x7d, 0xe3, 0x74, 0x33, 0x0f, 0x84, 0xf2, 0xe5, 0xf3,
-	0x2a, 0xad, 0xf4, 0x9a, 0x2a, 0xed, 0xdb, 0x22, 0x98, 0x55, 0xe3, 0xd9, 0x6b, 0x78, 0x54, 0x5f,
-	0xcd, 0x3c, 0xaa, 0xcf, 0x4d, 0x69, 0xaf, 0xca, 0xa2, 0xdc, 0x27, 0xf4, 0x8d, 0x91, 0x27, 0xf4,
-	0xf9, 0x5d, 0x99, 0xa6, 0x3f, 0x98, 0x3f, 0x00, 0x87, 0x13, 0x85, 0xf0, 0x1d, 0x79, 0x13, 0xeb,
-	0xb9, 0xb2, 0xa0, 0x72, 0x9b, 0xbc, 0xb2, 0x92, 0x81, 0x32, 0x41, 0x98, 0x14, 0x54, 0x52, 0x1a,
-	0xf6, 0x26, 0x2c, 0xd1, 0x9c, 0x74, 0x88, 0x23, 0x02, 0xa6, 0xaf, 0x83, 0x04, 0x7d, 0x5b, 0xaf,
-	0xa3, 0x04, 0xd1, 0xb8, 0xf0, 0xe4, 0x79, 0x6d, 0xe6, 0xe9, 0xf3, 0xda, 0xcc, 0xb3, 0xe7, 0xb5,
-	0x99, 0x6f, 0xa2, 0x5a, 0xe1, 0x49, 0x54, 0x2b, 0x3c, 0x8d, 0x6a, 0x85, 0x67, 0x51, 0xad, 0xf0,
-	0x57, 0x54, 0x2b, 0xfc, 0xf0, 0x77, 0x6d, 0xe6, 0xb3, 0x62, 0x6f, 0xe5, 0xdf, 0x00, 0x00, 0x00,
-	0xff, 0xff, 0x45, 0xeb, 0xd1, 0x70, 0x8f, 0x13, 0x00, 0x00,
+	// 1485 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xd4, 0x58, 0xcb, 0x6f, 0x14, 0x47,
+	0x13, 0xf7, 0x3e, 0x6c, 0xec, 0x5e, 0x63, 0xf3, 0x35, 0x08, 0x8c, 0xf9, 0xd8, 0xb1, 0xe6, 0x43,
+	0x88, 0x2f, 0x09, 0x33, 0xb1, 0x21, 0x88, 0x1c, 0xbd, 0x9b, 0x10, 0x50, 0xbc, 0x60, 0xda, 0x86,
+	0x90, 0x87, 0x22, 0xda, 0xb3, 0xcd, 0xba, 0xf1, 0xce, 0xcc, 0xaa, 0xa7, 0x77, 0x85, 0x91, 0x22,
+	0x25, 0x87, 0x9c, 0x13, 0x45, 0x4a, 0x94, 0x63, 0xfe, 0x81, 0x9c, 0x39, 0x27, 0x52, 0x24, 0x8e,
+	0x1c, 0x72, 0xe0, 0x34, 0x0a, 0x93, 0x63, 0xfe, 0x03, 0x4e, 0x51, 0x3f, 0x76, 0x76, 0x66, 0x77,
+	0x67, 0xfd, 0xc0, 0x58, 0xc9, 0x6d, 0x7a, 0xaa, 0xea, 0x57, 0xdd, 0x55, 0xd5, 0xf5, 0x68, 0x50,
+	0xd9, 0xba, 0x1a, 0x58, 0xd4, 0xb7, 0xb7, 0xda, 0x1b, 0x84, 0x79, 0x84, 0x93, 0xc0, 0xee, 0x10,
+	0xaf, 0xee, 0x33, 0x5b, 0x13, 0x70, 0x8b, 0xda, 0xb8, 0xcd, 0xfd, 0xc0, 0xc1, 0x4d, 0xea, 0x35,
+	0xec, 0xce, 0xa2, 0xdd, 0x20, 0x1e, 0x61, 0x98, 0x93, 0xba, 0xd5, 0x62, 0x3e, 0xf7, 0xe1, 0x69,
+	0xc5, 0x6a, 0xe1, 0x16, 0xb5, 0x12, 0xac, 0x56, 0x67, 0x71, 0xfe, 0x62, 0x83, 0xf2, 0xcd, 0xf6,
+	0x86, 0xe5, 0xf8, 0xae, 0xdd, 0xf0, 0x1b, 0xbe, 0x2d, 0x25, 0x36, 0xda, 0x0f, 0xe4, 0x4a, 0x2e,
+	0xe4, 0x97, 0x42, 0x9a, 0x37, 0x13, 0x4a, 0x1d, 0x9f, 0x91, 0x21, 0xda, 0xe6, 0x2f, 0xf7, 0x78,
+	0x5c, 0xec, 0x6c, 0x52, 0x8f, 0xb0, 0x6d, 0xbb, 0xb5, 0xd5, 0x90, 0x42, 0x8c, 0x04, 0x7e, 0x9b,
+	0x39, 0x64, 0x4f, 0x52, 0x81, 0xed, 0x12, 0x8e, 0x87, 0xe9, 0xb2, 0xb3, 0xa4, 0x58, 0xdb, 0xe3,
+	0xd4, 0x1d, 0x54, 0x73, 0x65, 0x27, 0x81, 0xc0, 0xd9, 0x24, 0x2e, 0x1e, 0x90, 0xbb, 0x94, 0x25,
+	0xd7, 0xe6, 0xb4, 0x69, 0x53, 0x8f, 0x07, 0x9c, 0xf5, 0x0b, 0x99, 0xdf, 0xe7, 0xc0, 0x99, 0x2a,
+	0xf3, 0x83, 0xe0, 0x2e, 0x61, 0x01, 0xf5, 0xbd, 0x5b, 0x1b, 0x0f, 0x89, 0xc3, 0x11, 0x79, 0x40,
+	0x18, 0xf1, 0x1c, 0x02, 0x17, 0x40, 0x71, 0x8b, 0x7a, 0xf5, 0xb9, 0xdc, 0x42, 0xee, 0xc2, 0x54,
+	0x65, 0xfa, 0x69, 0x68, 0x8c, 0x45, 0xa1, 0x51, 0xfc, 0x90, 0x7a, 0x75, 0x24, 0x29, 0x82, 0xc3,
+	0xc3, 0x2e, 0x99, 0xcb, 0xa7, 0x39, 0x6e, 0x62, 0x97, 0x20, 0x49, 0x81, 0x4b, 0x00, 0xe0, 0x16,
+	0xd5, 0x0a, 0xe6, 0x0a, 0x92, 0x0f, 0x6a, 0x3e, 0xb0, 0xbc, 0x7a, 0x43, 0x53, 0x50, 0x82, 0xcb,
+	0xfc, 0xa1, 0x00, 0x4e, 0xbc, 0xff, 0x88, 0x13, 0xe6, 0xe1, 0x66, 0x8d, 0x70, 0x46, 0x9d, 0x35,
+	0xe9, 0x14, 0x01, 0xe6, 0xca, 0xb5, 0x50, 0xa0, 0xb7, 0x15, 0x83, 0xd5, 0x62, 0x0a, 0x4a, 0x70,
+	0x41, 0x1f, 0xcc, 0xa8, 0xd5, 0x1a, 0x69, 0x12, 0x87, 0xfb, 0x4c, 0x6e, 0xb6, 0xb4, 0x74, 0xc9,
+	0xea, 0x45, 0x5d, 0x6c, 0x32, 0xab, 0xb5, 0xd5, 0x10, 0x3f, 0x02, 0x4b, 0x78, 0xd4, 0xea, 0x2c,
+	0x5a, 0x2b, 0x78, 0x83, 0x34, 0xbb, 0xa2, 0x15, 0x18, 0x85, 0xc6, 0x4c, 0x2d, 0x05, 0x87, 0xfa,
+	0xe0, 0x21, 0x06, 0x25, 0x8e, 0x59, 0x83, 0xf0, 0xbb, 0xb8, 0xd9, 0x26, 0xf2, 0xc8, 0xa5, 0x25,
+	0x6b, 0x94, 0x36, 0xab, 0x1b, 0x75, 0xd6, 0xed, 0x36, 0xf6, 0x38, 0xe5, 0xdb, 0x95, 0xd9, 0x28,
+	0x34, 0x4a, 0xeb, 0x3d, 0x18, 0x94, 0xc4, 0x84, 0x1d, 0x00, 0xd5, 0x72, 0xb9, 0x43, 0x18, 0x6e,
+	0x10, 0xa5, 0xa9, 0xb8, 0x2f, 0x4d, 0x27, 0xa3, 0xd0, 0x80, 0xeb, 0x03, 0x68, 0x68, 0x88, 0x06,
+	0xf3, 0xa7, 0x41, 0xc7, 0x70, 0xcc, 0xdb, 0xc1, 0xbf, 0xc3, 0x31, 0x9b, 0x60, 0xda, 0x69, 0x33,
+	0x46, 0xbc, 0x57, 0xf2, 0xcc, 0x09, 0x7d, 0xac, 0xe9, 0x6a, 0x02, 0x0b, 0xa5, 0x90, 0xe1, 0x36,
+	0x38, 0xae, 0xd7, 0x07, 0xe0, 0xa0, 0x53, 0x51, 0x68, 0x1c, 0xaf, 0x0e, 0xc2, 0xa1, 0x61, 0x3a,
+	0xcc, 0x27, 0x79, 0x70, 0xea, 0xba, 0xcf, 0xe8, 0x63, 0xdf, 0xe3, 0xb8, 0xb9, 0xea, 0xd7, 0x97,
+	0x75, 0x42, 0x25, 0x0c, 0xde, 0x07, 0x93, 0xc2, 0x7a, 0x75, 0xcc, 0xb1, 0xf4, 0x51, 0x69, 0xe9,
+	0xed, 0xdd, 0xd9, 0x5a, 0x25, 0x86, 0x1a, 0xe1, 0xb8, 0xe7, 0xd5, 0xde, 0x3f, 0x14, 0xa3, 0xc2,
+	0x7b, 0xa0, 0x18, 0xb4, 0x88, 0xa3, 0x3d, 0x79, 0xc5, 0xca, 0x4c, 0xec, 0x56, 0xc6, 0x1e, 0xd7,
+	0x5a, 0xc4, 0xe9, 0xe5, 0x11, 0xb1, 0x42, 0x12, 0x11, 0xde, 0x07, 0x13, 0x81, 0x8c, 0x35, 0xed,
+	0xb6, 0xab, 0xfb, 0xc0, 0x96, 0xf2, 0x95, 0x19, 0x8d, 0x3e, 0xa1, 0xd6, 0x48, 0xe3, 0x9a, 0x5f,
+	0x17, 0xc0, 0x42, 0x86, 0x64, 0xd5, 0xf7, 0xea, 0x94, 0x53, 0xdf, 0x83, 0xd7, 0x41, 0x91, 0x6f,
+	0xb7, 0xba, 0x21, 0x7e, 0xb9, 0xbb, 0xd1, 0xf5, 0xed, 0x16, 0x79, 0x19, 0x1a, 0xe7, 0x76, 0x92,
+	0x17, 0x7c, 0x48, 0x22, 0xc0, 0x95, 0xf8, 0x40, 0xf9, 0x14, 0x96, 0xde, 0xd6, 0xcb, 0xd0, 0x18,
+	0x52, 0xcc, 0xac, 0x18, 0x29, 0xbd, 0x79, 0x91, 0x11, 0x9a, 0x38, 0xe0, 0xeb, 0x0c, 0x7b, 0x81,
+	0xd2, 0x44, 0xdd, 0x6e, 0x84, 0xbf, 0xb1, 0x3b, 0x27, 0x0b, 0x89, 0xca, 0xbc, 0xde, 0x05, 0x5c,
+	0x19, 0x40, 0x43, 0x43, 0x34, 0xc0, 0xf3, 0x60, 0x82, 0x11, 0x1c, 0xf8, 0x9e, 0x0c, 0xee, 0xa9,
+	0x9e, 0x71, 0x91, 0xfc, 0x8b, 0x34, 0x15, 0xfe, 0x1f, 0x1c, 0x71, 0x49, 0x10, 0xe0, 0x06, 0x99,
+	0x1b, 0x97, 0x8c, 0xb3, 0x9a, 0xf1, 0x48, 0x4d, 0xfd, 0x46, 0x5d, 0xba, 0xf9, 0x7b, 0x0e, 0x9c,
+	0xc9, 0xb0, 0xe3, 0x0a, 0x0d, 0x38, 0xfc, 0x6c, 0x20, 0x8a, 0xad, 0x5d, 0x66, 0x0c, 0x1a, 0xa8,
+	0x18, 0x3e, 0xa6, 0x75, 0x4f, 0x76, 0xff, 0x24, 0x22, 0xf8, 0x23, 0x30, 0x4e, 0x39, 0x71, 0x85,
+	0x57, 0x0a, 0x17, 0x4a, 0x4b, 0x4b, 0x7b, 0x0f, 0xb3, 0xca, 0x51, 0x0d, 0x3f, 0x7e, 0x43, 0x00,
+	0x21, 0x85, 0x67, 0xfe, 0x95, 0xcf, 0x3c, 0x96, 0x08, 0x73, 0xd8, 0x01, 0x33, 0x72, 0xa5, 0x52,
+	0x31, 0x22, 0x0f, 0xf4, 0xe1, 0x46, 0x5d, 0xa2, 0x11, 0xc5, 0xbb, 0x72, 0x52, 0xef, 0x62, 0x66,
+	0x2d, 0x85, 0x8a, 0xfa, 0xb4, 0xc0, 0x45, 0x50, 0x72, 0xa9, 0x87, 0x48, 0xab, 0x49, 0x1d, 0xac,
+	0x82, 0x71, 0x5c, 0x95, 0x9f, 0x5a, 0xef, 0x37, 0x4a, 0xf2, 0xc0, 0x77, 0x40, 0xc9, 0xc5, 0x8f,
+	0x62, 0x91, 0x82, 0x14, 0x39, 0xae, 0xf5, 0x95, 0x6a, 0x3d, 0x12, 0x4a, 0xf2, 0xc1, 0x87, 0xa0,
+	0xac, 0x6a, 0x4a, 0x75, 0xf5, 0xce, 0x1d, 0x4e, 0x9b, 0xf4, 0x31, 0x16, 0x71, 0xb4, 0x4a, 0x98,
+	0x43, 0x3c, 0x2e, 0x42, 0xa3, 0x28, 0x91, 0xcc, 0x28, 0x34, 0xca, 0xeb, 0x23, 0x39, 0xd1, 0x0e,
+	0x48, 0xe6, 0x2f, 0x05, 0x70, 0x76, 0x64, 0x1a, 0x80, 0xd7, 0x00, 0xf4, 0x37, 0x02, 0xc2, 0x3a,
+	0xa4, 0xfe, 0x81, 0xea, 0x8b, 0x44, 0x83, 0x22, 0x6c, 0x5e, 0x50, 0x35, 0xf1, 0xd6, 0x00, 0x15,
+	0x0d, 0x91, 0x80, 0x0e, 0x38, 0x2a, 0xee, 0x85, 0xb2, 0x32, 0xd5, 0xbd, 0xd0, 0xde, 0x2e, 0xdd,
+	0x7f, 0xa2, 0xd0, 0x38, 0xba, 0x92, 0x04, 0x41, 0x69, 0x4c, 0xb8, 0x0c, 0x66, 0x75, 0xb2, 0xef,
+	0xb3, 0xfa, 0x29, 0x6d, 0xf5, 0xd9, 0x6a, 0x9a, 0x8c, 0xfa, 0xf9, 0x05, 0x44, 0x9d, 0x04, 0x94,
+	0x91, 0x7a, 0x0c, 0x51, 0x4c, 0x43, 0xbc, 0x97, 0x26, 0xa3, 0x7e, 0x7e, 0xe8, 0x02, 0x43, 0xa3,
+	0x66, 0x7a, 0x70, 0x5c, 0x42, 0xfe, 0x2f, 0x0a, 0x0d, 0xa3, 0x3a, 0x9a, 0x15, 0xed, 0x84, 0x25,
+	0xda, 0x40, 0xdd, 0x3b, 0xc8, 0x0b, 0x72, 0x39, 0x95, 0x7a, 0x17, 0xfa, 0x52, 0xef, 0xb1, 0x64,
+	0xa3, 0x98, 0x48, 0xb3, 0xb7, 0xc1, 0x84, 0x2f, 0x6f, 0x86, 0xf6, 0xcb, 0xc5, 0x11, 0xd7, 0x29,
+	0x2e, 0x69, 0x31, 0x50, 0x05, 0x88, 0x5c, 0xa6, 0xaf, 0x96, 0x06, 0x82, 0x37, 0x40, 0xb1, 0xe5,
+	0xd7, 0xbb, 0x85, 0xe8, 0xcd, 0x11, 0x80, 0xab, 0x7e, 0x3d, 0x48, 0xc1, 0x4d, 0x8a, 0x1d, 0x8b,
+	0xbf, 0x48, 0x42, 0xc0, 0x8f, 0xc1, 0x64, 0xb7, 0xe0, 0xeb, 0xee, 0xc0, 0x1e, 0x01, 0x87, 0x34,
+	0x6b, 0x0a, 0x72, 0x5a, 0x24, 0xb2, 0x2e, 0x05, 0xc5, 0x70, 0x02, 0x9a, 0xe8, 0x56, 0x4d, 0x7a,
+	0x65, 0x34, 0xf4, 0xb0, 0x76, 0x5b, 0x41, 0x77, 0x29, 0x28, 0x86, 0x33, 0x7f, 0x2c, 0x80, 0xe9,
+	0x54, 0xfb, 0x77, 0xc8, 0xae, 0x51, 0x75, 0xfc, 0xc0, 0x5c, 0xa3, 0xe0, 0x0e, 0xd4, 0x35, 0x0a,
+	0xf2, 0xb5, 0xb8, 0x26, 0x01, 0x3d, 0xc4, 0x35, 0xdf, 0xe4, 0x01, 0x1c, 0x0c, 0x63, 0xf8, 0x39,
+	0x98, 0x50, 0x09, 0xf3, 0x15, 0x8b, 0x4a, 0x5c, 0xde, 0x75, 0xfd, 0xd0, 0xa8, 0x7d, 0xfd, 0x7f,
+	0x7e, 0x57, 0xfd, 0x3f, 0x39, 0x88, 0x39, 0x29, 0xae, 0x3a, 0x59, 0xb3, 0x92, 0xf9, 0x5d, 0xbf,
+	0x45, 0x54, 0xc8, 0xfe, 0x13, 0x2d, 0x72, 0x68, 0x03, 0x8a, 0xf9, 0x6b, 0x0e, 0x1c, 0xeb, 0x4f,
+	0x4e, 0xfb, 0x1a, 0xe2, 0x1e, 0x0f, 0x9d, 0x44, 0xf3, 0xfb, 0xda, 0x78, 0xdc, 0x7b, 0xee, 0x72,
+	0x1a, 0xfd, 0x2d, 0x7d, 0x88, 0xfd, 0x4f, 0xa2, 0x5f, 0x0c, 0x1f, 0xd7, 0xf6, 0x77, 0x8a, 0x33,
+	0x5a, 0xd9, 0xee, 0x47, 0xb6, 0x9f, 0xf3, 0xe0, 0xc4, 0xb0, 0xd4, 0x0e, 0xab, 0xfa, 0x75, 0x45,
+	0x9d, 0xc2, 0x4e, 0xbe, 0xae, 0xbc, 0x0c, 0x0d, 0x63, 0xc8, 0x78, 0xd0, 0x85, 0x49, 0x3c, 0xc0,
+	0xdc, 0x03, 0x73, 0x29, 0xdb, 0x25, 0x6a, 0xad, 0x6e, 0xf6, 0xfe, 0x1b, 0x85, 0xc6, 0xdc, 0x7a,
+	0x06, 0x0f, 0xca, 0x94, 0xce, 0x78, 0x85, 0x28, 0xbc, 0xf6, 0x57, 0x88, 0x27, 0x83, 0xf6, 0x52,
+	0xbe, 0x3f, 0x10, 0x7b, 0x7d, 0x0a, 0x4e, 0xa7, 0x9d, 0x34, 0x68, 0xb0, 0xb3, 0x51, 0x68, 0x9c,
+	0xae, 0x66, 0x31, 0xa1, 0x6c, 0xf9, 0xac, 0x48, 0x2b, 0x1c, 0x52, 0xa4, 0x7d, 0x95, 0x07, 0xe3,
+	0xb2, 0xa9, 0x3c, 0x84, 0xa7, 0x80, 0x6b, 0xa9, 0xa7, 0x80, 0x73, 0x23, 0xd2, 0xab, 0xdc, 0x51,
+	0xe6, 0xe0, 0x7f, 0xb3, 0x6f, 0xf0, 0x3f, 0xbf, 0x23, 0xd2, 0xe8, 0x31, 0xff, 0x5d, 0x30, 0x15,
+	0x2b, 0x84, 0x6f, 0x89, 0x22, 0xaf, 0xbb, 0xe1, 0x9c, 0xf4, 0x6d, 0x3c, 0x1b, 0xc6, 0x6d, 0x70,
+	0xcc, 0x61, 0x52, 0x50, 0x4a, 0x68, 0xd8, 0x9b, 0xb0, 0xe0, 0x0e, 0x92, 0x0f, 0x5d, 0x53, 0x3d,
+	0xee, 0xf8, 0xc5, 0x2a, 0xe6, 0xa8, 0x5c, 0x78, 0xfa, 0xa2, 0x3c, 0xf6, 0xec, 0x45, 0x79, 0xec,
+	0xf9, 0x8b, 0xf2, 0xd8, 0x97, 0x51, 0x39, 0xf7, 0x34, 0x2a, 0xe7, 0x9e, 0x45, 0xe5, 0xdc, 0xf3,
+	0xa8, 0x9c, 0xfb, 0x23, 0x2a, 0xe7, 0xbe, 0xfd, 0xb3, 0x3c, 0xf6, 0x49, 0xbe, 0xb3, 0xf8, 0x77,
+	0x00, 0x00, 0x00, 0xff, 0xff, 0x61, 0x55, 0xfd, 0xeb, 0x81, 0x17, 0x00, 0x00,
 }
diff --git a/vendor/k8s.io/api/autoscaling/v1/generated.proto b/vendor/k8s.io/api/autoscaling/v1/generated.proto
index aa752a806466..64f01f477b1b 100644
--- a/vendor/k8s.io/api/autoscaling/v1/generated.proto
+++ b/vendor/k8s.io/api/autoscaling/v1/generated.proto
@@ -44,6 +44,49 @@ message CrossVersionObjectReference {
   optional string apiVersion = 3;
 }
 
+// ExternalMetricSource indicates how to scale on a metric not associated with
+// any Kubernetes object (for example length of queue in cloud
+// messaging service, or QPS from loadbalancer running outside of cluster).
+message ExternalMetricSource {
+  // metricName is the name of the metric in question.
+  optional string metricName = 1;
+
+  // metricSelector is used to identify a specific time series
+  // within a given metric.
+  // +optional
+  optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector metricSelector = 2;
+
+  // targetValue is the target value of the metric (as a quantity).
+  // Mutually exclusive with TargetAverageValue.
+  // +optional
+  optional k8s.io.apimachinery.pkg.api.resource.Quantity targetValue = 3;
+
+  // targetAverageValue is the target per-pod value of global metric (as a quantity).
+  // Mutually exclusive with TargetValue.
+  // +optional
+  optional k8s.io.apimachinery.pkg.api.resource.Quantity targetAverageValue = 4;
+}
+
+// ExternalMetricStatus indicates the current value of a global metric
+// not associated with any Kubernetes object.
+message ExternalMetricStatus {
+  // metricName is the name of a metric used for autoscaling in
+  // metric system.
+  optional string metricName = 1;
+
+  // metricSelector is used to identify a specific time series
+  // within a given metric.
+  // +optional
+  optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector metricSelector = 2;
+
+  // currentValue is the current value of the metric (as a quantity)
+  optional k8s.io.apimachinery.pkg.api.resource.Quantity currentValue = 3;
+
+  // currentAverageValue is the current value of metric averaged over autoscaled pods.
+  // +optional
+  optional k8s.io.apimachinery.pkg.api.resource.Quantity currentAverageValue = 4;
+}
+
 // configuration of a horizontal pod autoscaler.
 message HorizontalPodAutoscaler {
   // Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
@@ -138,7 +181,8 @@ message HorizontalPodAutoscalerStatus {
 // MetricSpec specifies how to scale based on a single metric
 // (only `type` and one other matching field should be set at once).
 message MetricSpec {
-  // type is the type of metric source.  It should match one of the fields below.
+  // type is the type of metric source.  It should be one of "Object",
+  // "Pods" or "Resource", each mapping to a matching field in the object.
   optional string type = 1;
 
   // object refers to a metric describing a single kubernetes object
@@ -159,11 +203,20 @@ message MetricSpec {
   // to normal per-pod metrics using the "pods" source.
   // +optional
   optional ResourceMetricSource resource = 4;
+
+  // external refers to a global metric that is not associated
+  // with any Kubernetes object. It allows autoscaling based on information
+  // coming from components running outside of cluster
+  // (for example length of queue in cloud messaging service, or
+  // QPS from loadbalancer running outside of cluster).
+  // +optional
+  optional ExternalMetricSource external = 5;
 }
 
 // MetricStatus describes the last-read state of a single metric.
 message MetricStatus {
-  // type is the type of metric source.  It will match one of the fields below.
+  // type is the type of metric source.  It will be one of "Object",
+  // "Pods" or "Resource", each corresponds to a matching field in the object.
   optional string type = 1;
 
   // object refers to a metric describing a single kubernetes object
@@ -184,6 +237,14 @@ message MetricStatus {
   // to normal per-pod metrics using the "pods" source.
   // +optional
   optional ResourceMetricStatus resource = 4;
+
+  // external refers to a global metric that is not associated
+  // with any Kubernetes object. It allows autoscaling based on information
+  // coming from components running outside of cluster
+  // (for example length of queue in cloud messaging service, or
+  // QPS from loadbalancer running outside of cluster).
+  // +optional
+  optional ExternalMetricStatus external = 5;
 }
 
 // ObjectMetricSource indicates how to scale on a metric describing a
diff --git a/vendor/k8s.io/api/autoscaling/v1/types.go b/vendor/k8s.io/api/autoscaling/v1/types.go
index e726c140399a..344af774f008 100644
--- a/vendor/k8s.io/api/autoscaling/v1/types.go
+++ b/vendor/k8s.io/api/autoscaling/v1/types.go
@@ -161,12 +161,19 @@ var (
 	// Kubernetes, and have special scaling options on top of those available
 	// to normal per-pod metrics (the "pods" source).
 	ResourceMetricSourceType MetricSourceType = "Resource"
+	// ExternalMetricSourceType is a global metric that is not associated
+	// with any Kubernetes object. It allows autoscaling based on information
+	// coming from components running outside of cluster
+	// (for example length of queue in cloud messaging service, or
+	// QPS from loadbalancer running outside of cluster).
+	ExternalMetricSourceType MetricSourceType = "External"
 )
 
 // MetricSpec specifies how to scale based on a single metric
 // (only `type` and one other matching field should be set at once).
 type MetricSpec struct {
-	// type is the type of metric source.  It should match one of the fields below.
+	// type is the type of metric source.  It should be one of "Object",
+	// "Pods" or "Resource", each mapping to a matching field in the object.
 	Type MetricSourceType `json:"type" protobuf:"bytes,1,name=type"`
 
 	// object refers to a metric describing a single kubernetes object
@@ -185,6 +192,13 @@ type MetricSpec struct {
 	// to normal per-pod metrics using the "pods" source.
 	// +optional
 	Resource *ResourceMetricSource `json:"resource,omitempty" protobuf:"bytes,4,opt,name=resource"`
+	// external refers to a global metric that is not associated
+	// with any Kubernetes object. It allows autoscaling based on information
+	// coming from components running outside of cluster
+	// (for example length of queue in cloud messaging service, or
+	// QPS from loadbalancer running outside of cluster).
+	// +optional
+	External *ExternalMetricSource `json:"external,omitempty" protobuf:"bytes,5,opt,name=external"`
 }
 
 // ObjectMetricSource indicates how to scale on a metric describing a
@@ -233,9 +247,30 @@ type ResourceMetricSource struct {
 	TargetAverageValue *resource.Quantity `json:"targetAverageValue,omitempty" protobuf:"bytes,3,opt,name=targetAverageValue"`
 }
 
+// ExternalMetricSource indicates how to scale on a metric not associated with
+// any Kubernetes object (for example length of queue in cloud
+// messaging service, or QPS from loadbalancer running outside of cluster).
+type ExternalMetricSource struct {
+	// metricName is the name of the metric in question.
+	MetricName string `json:"metricName" protobuf:"bytes,1,name=metricName"`
+	// metricSelector is used to identify a specific time series
+	// within a given metric.
+	// +optional
+	MetricSelector *metav1.LabelSelector `json:"metricSelector,omitempty" protobuf:"bytes,2,opt,name=metricSelector"`
+	// targetValue is the target value of the metric (as a quantity).
+	// Mutually exclusive with TargetAverageValue.
+	// +optional
+	TargetValue *resource.Quantity `json:"targetValue,omitempty" protobuf:"bytes,3,opt,name=targetValue"`
+	// targetAverageValue is the target per-pod value of global metric (as a quantity).
+	// Mutually exclusive with TargetValue.
+	// +optional
+	TargetAverageValue *resource.Quantity `json:"targetAverageValue,omitempty" protobuf:"bytes,4,opt,name=targetAverageValue"`
+}
+
 // MetricStatus describes the last-read state of a single metric.
 type MetricStatus struct {
-	// type is the type of metric source.  It will match one of the fields below.
+	// type is the type of metric source.  It will be one of "Object",
+	// "Pods" or "Resource", each corresponds to a matching field in the object.
 	Type MetricSourceType `json:"type" protobuf:"bytes,1,name=type"`
 
 	// object refers to a metric describing a single kubernetes object
@@ -254,6 +289,13 @@ type MetricStatus struct {
 	// to normal per-pod metrics using the "pods" source.
 	// +optional
 	Resource *ResourceMetricStatus `json:"resource,omitempty" protobuf:"bytes,4,opt,name=resource"`
+	// external refers to a global metric that is not associated
+	// with any Kubernetes object. It allows autoscaling based on information
+	// coming from components running outside of cluster
+	// (for example length of queue in cloud messaging service, or
+	// QPS from loadbalancer running outside of cluster).
+	// +optional
+	External *ExternalMetricStatus `json:"external,omitempty" protobuf:"bytes,5,opt,name=external"`
 }
 
 // HorizontalPodAutoscalerConditionType are the valid conditions of
@@ -335,3 +377,20 @@ type ResourceMetricStatus struct {
 	// It will always be set, regardless of the corresponding metric specification.
 	CurrentAverageValue resource.Quantity `json:"currentAverageValue" protobuf:"bytes,3,name=currentAverageValue"`
 }
+
+// ExternalMetricStatus indicates the current value of a global metric
+// not associated with any Kubernetes object.
+type ExternalMetricStatus struct {
+	// metricName is the name of a metric used for autoscaling in
+	// metric system.
+	MetricName string `json:"metricName" protobuf:"bytes,1,name=metricName"`
+	// metricSelector is used to identify a specific time series
+	// within a given metric.
+	// +optional
+	MetricSelector *metav1.LabelSelector `json:"metricSelector,omitempty" protobuf:"bytes,2,opt,name=metricSelector"`
+	// currentValue is the current value of the metric (as a quantity)
+	CurrentValue resource.Quantity `json:"currentValue" protobuf:"bytes,3,name=currentValue"`
+	// currentAverageValue is the current value of metric averaged over autoscaled pods.
+	// +optional
+	CurrentAverageValue *resource.Quantity `json:"currentAverageValue,omitempty" protobuf:"bytes,4,opt,name=currentAverageValue"`
+}
diff --git a/vendor/k8s.io/api/autoscaling/v1/types_swagger_doc_generated.go b/vendor/k8s.io/api/autoscaling/v1/types_swagger_doc_generated.go
index 7f84c2d93486..ec364f53eab1 100644
--- a/vendor/k8s.io/api/autoscaling/v1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/autoscaling/v1/types_swagger_doc_generated.go
@@ -38,6 +38,30 @@ func (CrossVersionObjectReference) SwaggerDoc() map[string]string {
 	return map_CrossVersionObjectReference
 }
 
+var map_ExternalMetricSource = map[string]string{
+	"":                   "ExternalMetricSource indicates how to scale on a metric not associated with any Kubernetes object (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).",
+	"metricName":         "metricName is the name of the metric in question.",
+	"metricSelector":     "metricSelector is used to identify a specific time series within a given metric.",
+	"targetValue":        "targetValue is the target value of the metric (as a quantity). Mutually exclusive with TargetAverageValue.",
+	"targetAverageValue": "targetAverageValue is the target per-pod value of global metric (as a quantity). Mutually exclusive with TargetValue.",
+}
+
+func (ExternalMetricSource) SwaggerDoc() map[string]string {
+	return map_ExternalMetricSource
+}
+
+var map_ExternalMetricStatus = map[string]string{
+	"":                    "ExternalMetricStatus indicates the current value of a global metric not associated with any Kubernetes object.",
+	"metricName":          "metricName is the name of a metric used for autoscaling in metric system.",
+	"metricSelector":      "metricSelector is used to identify a specific time series within a given metric.",
+	"currentValue":        "currentValue is the current value of the metric (as a quantity)",
+	"currentAverageValue": "currentAverageValue is the current value of metric averaged over autoscaled pods.",
+}
+
+func (ExternalMetricStatus) SwaggerDoc() map[string]string {
+	return map_ExternalMetricStatus
+}
+
 var map_HorizontalPodAutoscaler = map[string]string{
 	"":         "configuration of a horizontal pod autoscaler.",
 	"metadata": "Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
@@ -99,10 +123,11 @@ func (HorizontalPodAutoscalerStatus) SwaggerDoc() map[string]string {
 
 var map_MetricSpec = map[string]string{
 	"":         "MetricSpec specifies how to scale based on a single metric (only `type` and one other matching field should be set at once).",
-	"type":     "type is the type of metric source.  It should match one of the fields below.",
+	"type":     "type is the type of metric source.  It should be one of \"Object\", \"Pods\" or \"Resource\", each mapping to a matching field in the object.",
 	"object":   "object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object).",
 	"pods":     "pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second).  The values will be averaged together before being compared to the target value.",
 	"resource": "resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source.",
+	"external": "external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).",
 }
 
 func (MetricSpec) SwaggerDoc() map[string]string {
@@ -111,10 +136,11 @@ func (MetricSpec) SwaggerDoc() map[string]string {
 
 var map_MetricStatus = map[string]string{
 	"":         "MetricStatus describes the last-read state of a single metric.",
-	"type":     "type is the type of metric source.  It will match one of the fields below.",
+	"type":     "type is the type of metric source.  It will be one of \"Object\", \"Pods\" or \"Resource\", each corresponds to a matching field in the object.",
 	"object":   "object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object).",
 	"pods":     "pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second).  The values will be averaged together before being compared to the target value.",
 	"resource": "resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source.",
+	"external": "external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).",
 }
 
 func (MetricStatus) SwaggerDoc() map[string]string {
diff --git a/vendor/k8s.io/api/autoscaling/v1/zz_generated.deepcopy.go b/vendor/k8s.io/api/autoscaling/v1/zz_generated.deepcopy.go
index 3622cf450a97..011275be42a5 100644
--- a/vendor/k8s.io/api/autoscaling/v1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/autoscaling/v1/zz_generated.deepcopy.go
@@ -16,12 +16,11 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1
 
 import (
-	resource "k8s.io/apimachinery/pkg/api/resource"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
@@ -42,6 +41,84 @@ func (in *CrossVersionObjectReference) DeepCopy() *CrossVersionObjectReference {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExternalMetricSource) DeepCopyInto(out *ExternalMetricSource) {
+	*out = *in
+	if in.MetricSelector != nil {
+		in, out := &in.MetricSelector, &out.MetricSelector
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(meta_v1.LabelSelector)
+			(*in).DeepCopyInto(*out)
+		}
+	}
+	if in.TargetValue != nil {
+		in, out := &in.TargetValue, &out.TargetValue
+		if *in == nil {
+			*out = nil
+		} else {
+			x := (*in).DeepCopy()
+			*out = &x
+		}
+	}
+	if in.TargetAverageValue != nil {
+		in, out := &in.TargetAverageValue, &out.TargetAverageValue
+		if *in == nil {
+			*out = nil
+		} else {
+			x := (*in).DeepCopy()
+			*out = &x
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalMetricSource.
+func (in *ExternalMetricSource) DeepCopy() *ExternalMetricSource {
+	if in == nil {
+		return nil
+	}
+	out := new(ExternalMetricSource)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExternalMetricStatus) DeepCopyInto(out *ExternalMetricStatus) {
+	*out = *in
+	if in.MetricSelector != nil {
+		in, out := &in.MetricSelector, &out.MetricSelector
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(meta_v1.LabelSelector)
+			(*in).DeepCopyInto(*out)
+		}
+	}
+	out.CurrentValue = in.CurrentValue.DeepCopy()
+	if in.CurrentAverageValue != nil {
+		in, out := &in.CurrentAverageValue, &out.CurrentAverageValue
+		if *in == nil {
+			*out = nil
+		} else {
+			x := (*in).DeepCopy()
+			*out = &x
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalMetricStatus.
+func (in *ExternalMetricStatus) DeepCopy() *ExternalMetricStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(ExternalMetricStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *HorizontalPodAutoscaler) DeepCopyInto(out *HorizontalPodAutoscaler) {
 	*out = *in
@@ -66,9 +143,8 @@ func (in *HorizontalPodAutoscaler) DeepCopy() *HorizontalPodAutoscaler {
 func (in *HorizontalPodAutoscaler) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -117,9 +193,8 @@ func (in *HorizontalPodAutoscalerList) DeepCopy() *HorizontalPodAutoscalerList {
 func (in *HorizontalPodAutoscalerList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -174,8 +249,7 @@ func (in *HorizontalPodAutoscalerStatus) DeepCopyInto(out *HorizontalPodAutoscal
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(meta_v1.Time)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	if in.CurrentCPUUtilizationPercentage != nil {
@@ -230,6 +304,15 @@ func (in *MetricSpec) DeepCopyInto(out *MetricSpec) {
 			(*in).DeepCopyInto(*out)
 		}
 	}
+	if in.External != nil {
+		in, out := &in.External, &out.External
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(ExternalMetricSource)
+			(*in).DeepCopyInto(*out)
+		}
+	}
 	return
 }
 
@@ -273,6 +356,15 @@ func (in *MetricStatus) DeepCopyInto(out *MetricStatus) {
 			(*in).DeepCopyInto(*out)
 		}
 	}
+	if in.External != nil {
+		in, out := &in.External, &out.External
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(ExternalMetricStatus)
+			(*in).DeepCopyInto(*out)
+		}
+	}
 	return
 }
 
@@ -373,8 +465,8 @@ func (in *ResourceMetricSource) DeepCopyInto(out *ResourceMetricSource) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(resource.Quantity)
-			**out = (*in).DeepCopy()
+			x := (*in).DeepCopy()
+			*out = &x
 		}
 	}
 	return
@@ -440,9 +532,8 @@ func (in *Scale) DeepCopy() *Scale {
 func (in *Scale) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/api/autoscaling/v2beta1/generated.pb.go b/vendor/k8s.io/api/autoscaling/v2beta1/generated.pb.go
index 908c049ed3d4..784e4be2bf33 100644
--- a/vendor/k8s.io/api/autoscaling/v2beta1/generated.pb.go
+++ b/vendor/k8s.io/api/autoscaling/v2beta1/generated.pb.go
@@ -26,6 +26,8 @@ limitations under the License.
 
 	It has these top-level messages:
 		CrossVersionObjectReference
+		ExternalMetricSource
+		ExternalMetricStatus
 		HorizontalPodAutoscaler
 		HorizontalPodAutoscalerCondition
 		HorizontalPodAutoscalerList
@@ -73,68 +75,78 @@ func (*CrossVersionObjectReference) Descriptor() ([]byte, []int) {
 	return fileDescriptorGenerated, []int{0}
 }
 
+func (m *ExternalMetricSource) Reset()                    { *m = ExternalMetricSource{} }
+func (*ExternalMetricSource) ProtoMessage()               {}
+func (*ExternalMetricSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{1} }
+
+func (m *ExternalMetricStatus) Reset()                    { *m = ExternalMetricStatus{} }
+func (*ExternalMetricStatus) ProtoMessage()               {}
+func (*ExternalMetricStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{2} }
+
 func (m *HorizontalPodAutoscaler) Reset()                    { *m = HorizontalPodAutoscaler{} }
 func (*HorizontalPodAutoscaler) ProtoMessage()               {}
-func (*HorizontalPodAutoscaler) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{1} }
+func (*HorizontalPodAutoscaler) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{3} }
 
 func (m *HorizontalPodAutoscalerCondition) Reset()      { *m = HorizontalPodAutoscalerCondition{} }
 func (*HorizontalPodAutoscalerCondition) ProtoMessage() {}
 func (*HorizontalPodAutoscalerCondition) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{2}
+	return fileDescriptorGenerated, []int{4}
 }
 
 func (m *HorizontalPodAutoscalerList) Reset()      { *m = HorizontalPodAutoscalerList{} }
 func (*HorizontalPodAutoscalerList) ProtoMessage() {}
 func (*HorizontalPodAutoscalerList) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{3}
+	return fileDescriptorGenerated, []int{5}
 }
 
 func (m *HorizontalPodAutoscalerSpec) Reset()      { *m = HorizontalPodAutoscalerSpec{} }
 func (*HorizontalPodAutoscalerSpec) ProtoMessage() {}
 func (*HorizontalPodAutoscalerSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{4}
+	return fileDescriptorGenerated, []int{6}
 }
 
 func (m *HorizontalPodAutoscalerStatus) Reset()      { *m = HorizontalPodAutoscalerStatus{} }
 func (*HorizontalPodAutoscalerStatus) ProtoMessage() {}
 func (*HorizontalPodAutoscalerStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{5}
+	return fileDescriptorGenerated, []int{7}
 }
 
 func (m *MetricSpec) Reset()                    { *m = MetricSpec{} }
 func (*MetricSpec) ProtoMessage()               {}
-func (*MetricSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{6} }
+func (*MetricSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{8} }
 
 func (m *MetricStatus) Reset()                    { *m = MetricStatus{} }
 func (*MetricStatus) ProtoMessage()               {}
-func (*MetricStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{7} }
+func (*MetricStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{9} }
 
 func (m *ObjectMetricSource) Reset()                    { *m = ObjectMetricSource{} }
 func (*ObjectMetricSource) ProtoMessage()               {}
-func (*ObjectMetricSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{8} }
+func (*ObjectMetricSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{10} }
 
 func (m *ObjectMetricStatus) Reset()                    { *m = ObjectMetricStatus{} }
 func (*ObjectMetricStatus) ProtoMessage()               {}
-func (*ObjectMetricStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{9} }
+func (*ObjectMetricStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{11} }
 
 func (m *PodsMetricSource) Reset()                    { *m = PodsMetricSource{} }
 func (*PodsMetricSource) ProtoMessage()               {}
-func (*PodsMetricSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{10} }
+func (*PodsMetricSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{12} }
 
 func (m *PodsMetricStatus) Reset()                    { *m = PodsMetricStatus{} }
 func (*PodsMetricStatus) ProtoMessage()               {}
-func (*PodsMetricStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{11} }
+func (*PodsMetricStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{13} }
 
 func (m *ResourceMetricSource) Reset()                    { *m = ResourceMetricSource{} }
 func (*ResourceMetricSource) ProtoMessage()               {}
-func (*ResourceMetricSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{12} }
+func (*ResourceMetricSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{14} }
 
 func (m *ResourceMetricStatus) Reset()                    { *m = ResourceMetricStatus{} }
 func (*ResourceMetricStatus) ProtoMessage()               {}
-func (*ResourceMetricStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{13} }
+func (*ResourceMetricStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{15} }
 
 func init() {
 	proto.RegisterType((*CrossVersionObjectReference)(nil), "k8s.io.api.autoscaling.v2beta1.CrossVersionObjectReference")
+	proto.RegisterType((*ExternalMetricSource)(nil), "k8s.io.api.autoscaling.v2beta1.ExternalMetricSource")
+	proto.RegisterType((*ExternalMetricStatus)(nil), "k8s.io.api.autoscaling.v2beta1.ExternalMetricStatus")
 	proto.RegisterType((*HorizontalPodAutoscaler)(nil), "k8s.io.api.autoscaling.v2beta1.HorizontalPodAutoscaler")
 	proto.RegisterType((*HorizontalPodAutoscalerCondition)(nil), "k8s.io.api.autoscaling.v2beta1.HorizontalPodAutoscalerCondition")
 	proto.RegisterType((*HorizontalPodAutoscalerList)(nil), "k8s.io.api.autoscaling.v2beta1.HorizontalPodAutoscalerList")
@@ -179,6 +191,108 @@ func (m *CrossVersionObjectReference) MarshalTo(dAtA []byte) (int, error) {
 	return i, nil
 }
 
+func (m *ExternalMetricSource) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ExternalMetricSource) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.MetricName)))
+	i += copy(dAtA[i:], m.MetricName)
+	if m.MetricSelector != nil {
+		dAtA[i] = 0x12
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.MetricSelector.Size()))
+		n1, err := m.MetricSelector.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n1
+	}
+	if m.TargetValue != nil {
+		dAtA[i] = 0x1a
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.TargetValue.Size()))
+		n2, err := m.TargetValue.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n2
+	}
+	if m.TargetAverageValue != nil {
+		dAtA[i] = 0x22
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.TargetAverageValue.Size()))
+		n3, err := m.TargetAverageValue.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n3
+	}
+	return i, nil
+}
+
+func (m *ExternalMetricStatus) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ExternalMetricStatus) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.MetricName)))
+	i += copy(dAtA[i:], m.MetricName)
+	if m.MetricSelector != nil {
+		dAtA[i] = 0x12
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.MetricSelector.Size()))
+		n4, err := m.MetricSelector.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n4
+	}
+	dAtA[i] = 0x1a
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.CurrentValue.Size()))
+	n5, err := m.CurrentValue.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n5
+	if m.CurrentAverageValue != nil {
+		dAtA[i] = 0x22
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.CurrentAverageValue.Size()))
+		n6, err := m.CurrentAverageValue.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n6
+	}
+	return i, nil
+}
+
 func (m *HorizontalPodAutoscaler) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -197,27 +311,27 @@ func (m *HorizontalPodAutoscaler) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n1, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n7, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n1
+	i += n7
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size()))
-	n2, err := m.Spec.MarshalTo(dAtA[i:])
+	n8, err := m.Spec.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n2
+	i += n8
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Status.Size()))
-	n3, err := m.Status.MarshalTo(dAtA[i:])
+	n9, err := m.Status.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n3
+	i += n9
 	return i, nil
 }
 
@@ -247,11 +361,11 @@ func (m *HorizontalPodAutoscalerCondition) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LastTransitionTime.Size()))
-	n4, err := m.LastTransitionTime.MarshalTo(dAtA[i:])
+	n10, err := m.LastTransitionTime.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n4
+	i += n10
 	dAtA[i] = 0x22
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Reason)))
@@ -281,11 +395,11 @@ func (m *HorizontalPodAutoscalerList) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
-	n5, err := m.ListMeta.MarshalTo(dAtA[i:])
+	n11, err := m.ListMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n5
+	i += n11
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -319,11 +433,11 @@ func (m *HorizontalPodAutoscalerSpec) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ScaleTargetRef.Size()))
-	n6, err := m.ScaleTargetRef.MarshalTo(dAtA[i:])
+	n12, err := m.ScaleTargetRef.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n6
+	i += n12
 	if m.MinReplicas != nil {
 		dAtA[i] = 0x10
 		i++
@@ -371,11 +485,11 @@ func (m *HorizontalPodAutoscalerStatus) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.LastScaleTime.Size()))
-		n7, err := m.LastScaleTime.MarshalTo(dAtA[i:])
+		n13, err := m.LastScaleTime.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n7
+		i += n13
 	}
 	dAtA[i] = 0x18
 	i++
@@ -433,31 +547,41 @@ func (m *MetricSpec) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Object.Size()))
-		n8, err := m.Object.MarshalTo(dAtA[i:])
+		n14, err := m.Object.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n8
+		i += n14
 	}
 	if m.Pods != nil {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Pods.Size()))
-		n9, err := m.Pods.MarshalTo(dAtA[i:])
+		n15, err := m.Pods.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n9
+		i += n15
 	}
 	if m.Resource != nil {
 		dAtA[i] = 0x22
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Resource.Size()))
-		n10, err := m.Resource.MarshalTo(dAtA[i:])
+		n16, err := m.Resource.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n16
+	}
+	if m.External != nil {
+		dAtA[i] = 0x2a
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.External.Size()))
+		n17, err := m.External.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n10
+		i += n17
 	}
 	return i, nil
 }
@@ -485,31 +609,41 @@ func (m *MetricStatus) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Object.Size()))
-		n11, err := m.Object.MarshalTo(dAtA[i:])
+		n18, err := m.Object.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n11
+		i += n18
 	}
 	if m.Pods != nil {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Pods.Size()))
-		n12, err := m.Pods.MarshalTo(dAtA[i:])
+		n19, err := m.Pods.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n12
+		i += n19
 	}
 	if m.Resource != nil {
 		dAtA[i] = 0x22
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Resource.Size()))
-		n13, err := m.Resource.MarshalTo(dAtA[i:])
+		n20, err := m.Resource.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n13
+		i += n20
+	}
+	if m.External != nil {
+		dAtA[i] = 0x2a
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.External.Size()))
+		n21, err := m.External.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n21
 	}
 	return i, nil
 }
@@ -532,11 +666,11 @@ func (m *ObjectMetricSource) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Target.Size()))
-	n14, err := m.Target.MarshalTo(dAtA[i:])
+	n22, err := m.Target.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n14
+	i += n22
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.MetricName)))
@@ -544,11 +678,11 @@ func (m *ObjectMetricSource) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.TargetValue.Size()))
-	n15, err := m.TargetValue.MarshalTo(dAtA[i:])
+	n23, err := m.TargetValue.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n15
+	i += n23
 	return i, nil
 }
 
@@ -570,11 +704,11 @@ func (m *ObjectMetricStatus) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Target.Size()))
-	n16, err := m.Target.MarshalTo(dAtA[i:])
+	n24, err := m.Target.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n16
+	i += n24
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.MetricName)))
@@ -582,11 +716,11 @@ func (m *ObjectMetricStatus) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.CurrentValue.Size()))
-	n17, err := m.CurrentValue.MarshalTo(dAtA[i:])
+	n25, err := m.CurrentValue.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n17
+	i += n25
 	return i, nil
 }
 
@@ -612,11 +746,11 @@ func (m *PodsMetricSource) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.TargetAverageValue.Size()))
-	n18, err := m.TargetAverageValue.MarshalTo(dAtA[i:])
+	n26, err := m.TargetAverageValue.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n18
+	i += n26
 	return i, nil
 }
 
@@ -642,11 +776,11 @@ func (m *PodsMetricStatus) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.CurrentAverageValue.Size()))
-	n19, err := m.CurrentAverageValue.MarshalTo(dAtA[i:])
+	n27, err := m.CurrentAverageValue.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n19
+	i += n27
 	return i, nil
 }
 
@@ -678,11 +812,11 @@ func (m *ResourceMetricSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.TargetAverageValue.Size()))
-		n20, err := m.TargetAverageValue.MarshalTo(dAtA[i:])
+		n28, err := m.TargetAverageValue.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n20
+		i += n28
 	}
 	return i, nil
 }
@@ -714,11 +848,11 @@ func (m *ResourceMetricStatus) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.CurrentAverageValue.Size()))
-	n21, err := m.CurrentAverageValue.MarshalTo(dAtA[i:])
+	n29, err := m.CurrentAverageValue.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n21
+	i += n29
 	return i, nil
 }
 
@@ -761,6 +895,44 @@ func (m *CrossVersionObjectReference) Size() (n int) {
 	return n
 }
 
+func (m *ExternalMetricSource) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.MetricName)
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.MetricSelector != nil {
+		l = m.MetricSelector.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.TargetValue != nil {
+		l = m.TargetValue.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.TargetAverageValue != nil {
+		l = m.TargetAverageValue.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *ExternalMetricStatus) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.MetricName)
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.MetricSelector != nil {
+		l = m.MetricSelector.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	l = m.CurrentValue.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.CurrentAverageValue != nil {
+		l = m.CurrentAverageValue.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
 func (m *HorizontalPodAutoscaler) Size() (n int) {
 	var l int
 	_ = l
@@ -865,6 +1037,10 @@ func (m *MetricSpec) Size() (n int) {
 		l = m.Resource.Size()
 		n += 1 + l + sovGenerated(uint64(l))
 	}
+	if m.External != nil {
+		l = m.External.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
 	return n
 }
 
@@ -885,6 +1061,10 @@ func (m *MetricStatus) Size() (n int) {
 		l = m.Resource.Size()
 		n += 1 + l + sovGenerated(uint64(l))
 	}
+	if m.External != nil {
+		l = m.External.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
 	return n
 }
 
@@ -985,6 +1165,32 @@ func (this *CrossVersionObjectReference) String() string {
 	}, "")
 	return s
 }
+func (this *ExternalMetricSource) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ExternalMetricSource{`,
+		`MetricName:` + fmt.Sprintf("%v", this.MetricName) + `,`,
+		`MetricSelector:` + strings.Replace(fmt.Sprintf("%v", this.MetricSelector), "LabelSelector", "k8s_io_apimachinery_pkg_apis_meta_v1.LabelSelector", 1) + `,`,
+		`TargetValue:` + strings.Replace(fmt.Sprintf("%v", this.TargetValue), "Quantity", "k8s_io_apimachinery_pkg_api_resource.Quantity", 1) + `,`,
+		`TargetAverageValue:` + strings.Replace(fmt.Sprintf("%v", this.TargetAverageValue), "Quantity", "k8s_io_apimachinery_pkg_api_resource.Quantity", 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ExternalMetricStatus) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ExternalMetricStatus{`,
+		`MetricName:` + fmt.Sprintf("%v", this.MetricName) + `,`,
+		`MetricSelector:` + strings.Replace(fmt.Sprintf("%v", this.MetricSelector), "LabelSelector", "k8s_io_apimachinery_pkg_apis_meta_v1.LabelSelector", 1) + `,`,
+		`CurrentValue:` + strings.Replace(strings.Replace(this.CurrentValue.String(), "Quantity", "k8s_io_apimachinery_pkg_api_resource.Quantity", 1), `&`, ``, 1) + `,`,
+		`CurrentAverageValue:` + strings.Replace(fmt.Sprintf("%v", this.CurrentAverageValue), "Quantity", "k8s_io_apimachinery_pkg_api_resource.Quantity", 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *HorizontalPodAutoscaler) String() string {
 	if this == nil {
 		return "nil"
@@ -1059,6 +1265,7 @@ func (this *MetricSpec) String() string {
 		`Object:` + strings.Replace(fmt.Sprintf("%v", this.Object), "ObjectMetricSource", "ObjectMetricSource", 1) + `,`,
 		`Pods:` + strings.Replace(fmt.Sprintf("%v", this.Pods), "PodsMetricSource", "PodsMetricSource", 1) + `,`,
 		`Resource:` + strings.Replace(fmt.Sprintf("%v", this.Resource), "ResourceMetricSource", "ResourceMetricSource", 1) + `,`,
+		`External:` + strings.Replace(fmt.Sprintf("%v", this.External), "ExternalMetricSource", "ExternalMetricSource", 1) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -1072,6 +1279,7 @@ func (this *MetricStatus) String() string {
 		`Object:` + strings.Replace(fmt.Sprintf("%v", this.Object), "ObjectMetricStatus", "ObjectMetricStatus", 1) + `,`,
 		`Pods:` + strings.Replace(fmt.Sprintf("%v", this.Pods), "PodsMetricStatus", "PodsMetricStatus", 1) + `,`,
 		`Resource:` + strings.Replace(fmt.Sprintf("%v", this.Resource), "ResourceMetricStatus", "ResourceMetricStatus", 1) + `,`,
+		`External:` + strings.Replace(fmt.Sprintf("%v", this.External), "ExternalMetricStatus", "ExternalMetricStatus", 1) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -1291,7 +1499,7 @@ func (m *CrossVersionObjectReference) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *HorizontalPodAutoscaler) Unmarshal(dAtA []byte) error {
+func (m *ExternalMetricSource) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -1314,15 +1522,44 @@ func (m *HorizontalPodAutoscaler) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: HorizontalPodAutoscaler: wiretype end group for non-group")
+			return fmt.Errorf("proto: ExternalMetricSource: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: HorizontalPodAutoscaler: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: ExternalMetricSource: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field MetricName", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.MetricName = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field MetricSelector", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -1346,13 +1583,16 @@ func (m *HorizontalPodAutoscaler) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if m.MetricSelector == nil {
+				m.MetricSelector = &k8s_io_apimachinery_pkg_apis_meta_v1.LabelSelector{}
+			}
+			if err := m.MetricSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		case 2:
+		case 3:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field TargetValue", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -1376,13 +1616,16 @@ func (m *HorizontalPodAutoscaler) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if m.TargetValue == nil {
+				m.TargetValue = &k8s_io_apimachinery_pkg_api_resource.Quantity{}
+			}
+			if err := m.TargetValue.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		case 3:
+		case 4:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field TargetAverageValue", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -1406,7 +1649,10 @@ func (m *HorizontalPodAutoscaler) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.Status.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if m.TargetAverageValue == nil {
+				m.TargetAverageValue = &k8s_io_apimachinery_pkg_api_resource.Quantity{}
+			}
+			if err := m.TargetAverageValue.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -1431,7 +1677,7 @@ func (m *HorizontalPodAutoscaler) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *HorizontalPodAutoscalerCondition) Unmarshal(dAtA []byte) error {
+func (m *ExternalMetricStatus) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -1454,15 +1700,15 @@ func (m *HorizontalPodAutoscalerCondition) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: HorizontalPodAutoscalerCondition: wiretype end group for non-group")
+			return fmt.Errorf("proto: ExternalMetricStatus: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: HorizontalPodAutoscalerCondition: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: ExternalMetricStatus: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Type", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field MetricName", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -1487,13 +1733,13 @@ func (m *HorizontalPodAutoscalerCondition) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Type = HorizontalPodAutoscalerConditionType(dAtA[iNdEx:postIndex])
+			m.MetricName = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field MetricSelector", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -1503,24 +1749,28 @@ func (m *HorizontalPodAutoscalerCondition) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= (uint64(b) & 0x7F) << shift
+				msglen |= (int(b) & 0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Status = k8s_io_api_core_v1.ConditionStatus(dAtA[iNdEx:postIndex])
+			if m.MetricSelector == nil {
+				m.MetricSelector = &k8s_io_apimachinery_pkg_apis_meta_v1.LabelSelector{}
+			}
+			if err := m.MetricSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
 		case 3:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field LastTransitionTime", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field CurrentValue", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -1544,15 +1794,15 @@ func (m *HorizontalPodAutoscalerCondition) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.LastTransitionTime.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.CurrentValue.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
 		case 4:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Reason", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field CurrentAverageValue", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -1562,31 +1812,342 @@ func (m *HorizontalPodAutoscalerCondition) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= (uint64(b) & 0x7F) << shift
+				msglen |= (int(b) & 0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Reason = string(dAtA[iNdEx:postIndex])
+			if m.CurrentAverageValue == nil {
+				m.CurrentAverageValue = &k8s_io_apimachinery_pkg_api_resource.Quantity{}
+			}
+			if err := m.CurrentAverageValue.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
-		case 5:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Message", wireType)
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
 			}
-			var stringLen uint64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *HorizontalPodAutoscaler) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: HorizontalPodAutoscaler: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: HorizontalPodAutoscaler: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Status.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *HorizontalPodAutoscalerCondition) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: HorizontalPodAutoscalerCondition: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: HorizontalPodAutoscalerCondition: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Type", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Type = HorizontalPodAutoscalerConditionType(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Status = k8s_io_api_core_v1.ConditionStatus(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field LastTransitionTime", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.LastTransitionTime.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Reason", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Reason = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Message", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
 					return io.ErrUnexpectedEOF
 				}
 				b := dAtA[iNdEx]
@@ -2248,6 +2809,39 @@ func (m *MetricSpec) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field External", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.External == nil {
+				m.External = &ExternalMetricSource{}
+			}
+			if err := m.External.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -2426,6 +3020,39 @@ func (m *MetricStatus) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field External", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.External == nil {
+				m.External = &ExternalMetricStatus{}
+			}
+			if err := m.External.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -3314,88 +3941,96 @@ func init() {
 }
 
 var fileDescriptorGenerated = []byte{
-	// 1316 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x57, 0xcd, 0x6f, 0x1b, 0x45,
-	0x14, 0x8f, 0x1d, 0x27, 0x0d, 0xe3, 0x34, 0x29, 0xd3, 0xaa, 0x75, 0x53, 0x6a, 0x47, 0x2b, 0x84,
-	0x4a, 0x45, 0x77, 0x5b, 0x13, 0x3e, 0x24, 0x84, 0x44, 0x6c, 0x44, 0x5b, 0x91, 0xb4, 0x65, 0x9a,
-	0x56, 0x08, 0x0a, 0x62, 0xb2, 0x3b, 0x75, 0x86, 0x78, 0x3f, 0x34, 0x33, 0xb6, 0x48, 0x11, 0x12,
-	0x17, 0xee, 0x1c, 0x40, 0xfc, 0x15, 0x5c, 0xe1, 0x0c, 0x12, 0x52, 0x85, 0x38, 0xf4, 0x58, 0x84,
-	0x64, 0x51, 0xf3, 0x5f, 0xf4, 0x84, 0xe6, 0xc3, 0xfb, 0x61, 0x7b, 0xe3, 0xc4, 0x44, 0xc0, 0xcd,
-	0x3b, 0xef, 0xf7, 0x7e, 0xef, 0xbd, 0xdf, 0xbc, 0x79, 0x33, 0x06, 0x57, 0x77, 0x5f, 0xe7, 0x36,
-	0x0d, 0x9d, 0xdd, 0xce, 0x36, 0x61, 0x01, 0x11, 0x84, 0x3b, 0x5d, 0x12, 0x78, 0x21, 0x73, 0x8c,
-	0x01, 0x47, 0xd4, 0xc1, 0x1d, 0x11, 0x72, 0x17, 0xb7, 0x69, 0xd0, 0x72, 0xba, 0xf5, 0x6d, 0x22,
-	0xf0, 0x15, 0xa7, 0x45, 0x02, 0xc2, 0xb0, 0x20, 0x9e, 0x1d, 0xb1, 0x50, 0x84, 0xb0, 0xaa, 0xf1,
-	0x36, 0x8e, 0xa8, 0x9d, 0xc2, 0xdb, 0x06, 0xbf, 0x72, 0xa9, 0x45, 0xc5, 0x4e, 0x67, 0xdb, 0x76,
-	0x43, 0xdf, 0x69, 0x85, 0xad, 0xd0, 0x51, 0x6e, 0xdb, 0x9d, 0xfb, 0xea, 0x4b, 0x7d, 0xa8, 0x5f,
-	0x9a, 0x6e, 0xc5, 0x4a, 0x85, 0x77, 0x43, 0x46, 0x9c, 0xee, 0x48, 0xc8, 0x95, 0xb5, 0x04, 0xe3,
-	0x63, 0x77, 0x87, 0x06, 0x84, 0xed, 0x39, 0xd1, 0x6e, 0x4b, 0x39, 0x31, 0xc2, 0xc3, 0x0e, 0x73,
-	0xc9, 0xa1, 0xbc, 0xb8, 0xe3, 0x13, 0x81, 0xc7, 0xc5, 0x72, 0xf2, 0xbc, 0x58, 0x27, 0x10, 0xd4,
-	0x1f, 0x0d, 0xf3, 0xea, 0x24, 0x07, 0xee, 0xee, 0x10, 0x1f, 0x8f, 0xf8, 0xbd, 0x9c, 0xe7, 0xd7,
-	0x11, 0xb4, 0xed, 0xd0, 0x40, 0x70, 0xc1, 0x86, 0x9d, 0xac, 0x6f, 0x0b, 0xe0, 0x5c, 0x93, 0x85,
-	0x9c, 0xdf, 0x25, 0x8c, 0xd3, 0x30, 0xb8, 0xb9, 0xfd, 0x29, 0x71, 0x05, 0x22, 0xf7, 0x09, 0x23,
-	0x81, 0x4b, 0xe0, 0x2a, 0x28, 0xed, 0xd2, 0xc0, 0xab, 0x14, 0x56, 0x0b, 0x17, 0x9e, 0x69, 0x2c,
-	0x3e, 0xec, 0xd5, 0x66, 0xfa, 0xbd, 0x5a, 0xe9, 0x5d, 0x1a, 0x78, 0x48, 0x59, 0x24, 0x22, 0xc0,
-	0x3e, 0xa9, 0x14, 0xb3, 0x88, 0x1b, 0xd8, 0x27, 0x48, 0x59, 0x60, 0x1d, 0x00, 0x1c, 0x51, 0x13,
-	0xa0, 0x32, 0xab, 0x70, 0xd0, 0xe0, 0xc0, 0xfa, 0xad, 0xeb, 0xc6, 0x82, 0x52, 0x28, 0xeb, 0xa7,
-	0x22, 0x38, 0x73, 0x2d, 0x64, 0xf4, 0x41, 0x18, 0x08, 0xdc, 0xbe, 0x15, 0x7a, 0xeb, 0xa6, 0x33,
-	0x08, 0x83, 0x9f, 0x80, 0x05, 0x29, 0xb6, 0x87, 0x05, 0x56, 0x79, 0x95, 0xeb, 0x97, 0xed, 0xa4,
-	0x87, 0xe2, 0xda, 0xed, 0x68, 0xb7, 0x25, 0x17, 0xb8, 0x2d, 0xd1, 0x76, 0xf7, 0x8a, 0xad, 0x8b,
-	0xdb, 0x24, 0x02, 0x27, 0xf1, 0x93, 0x35, 0x14, 0xb3, 0xc2, 0x8f, 0x40, 0x89, 0x47, 0xc4, 0x55,
-	0x35, 0x95, 0xeb, 0x6f, 0xd8, 0xfb, 0x77, 0xa8, 0x9d, 0x93, 0xe8, 0xed, 0x88, 0xb8, 0x89, 0x20,
-	0xf2, 0x0b, 0x29, 0x5a, 0x48, 0xc0, 0x3c, 0x17, 0x58, 0x74, 0xb8, 0x12, 0xa3, 0x5c, 0x7f, 0x73,
-	0xda, 0x00, 0x8a, 0xa4, 0xb1, 0x64, 0x42, 0xcc, 0xeb, 0x6f, 0x64, 0xc8, 0xad, 0xaf, 0x66, 0xc1,
-	0x6a, 0x8e, 0x67, 0x33, 0x0c, 0x3c, 0x2a, 0x68, 0x18, 0xc0, 0x6b, 0xa0, 0x24, 0xf6, 0x22, 0x62,
-	0x36, 0x78, 0x6d, 0x90, 0xed, 0xd6, 0x5e, 0x44, 0x9e, 0xf6, 0x6a, 0xcf, 0x4f, 0xf2, 0x97, 0x38,
-	0xa4, 0x18, 0xe0, 0x46, 0x5c, 0x55, 0x31, 0xc3, 0x65, 0xd2, 0x7a, 0xda, 0xab, 0x8d, 0x39, 0x9a,
-	0x76, 0xcc, 0x94, 0x4d, 0x1e, 0x76, 0x01, 0x6c, 0x63, 0x2e, 0xb6, 0x18, 0x0e, 0xb8, 0x8e, 0x44,
-	0x7d, 0x62, 0xf4, 0xba, 0x78, 0xb0, 0xed, 0x96, 0x1e, 0x8d, 0x15, 0x93, 0x05, 0xdc, 0x18, 0x61,
-	0x43, 0x63, 0x22, 0xc0, 0x17, 0xc0, 0x3c, 0x23, 0x98, 0x87, 0x41, 0xa5, 0xa4, 0xaa, 0x88, 0xc5,
-	0x45, 0x6a, 0x15, 0x19, 0x2b, 0x7c, 0x11, 0x1c, 0xf3, 0x09, 0xe7, 0xb8, 0x45, 0x2a, 0x73, 0x0a,
-	0xb8, 0x6c, 0x80, 0xc7, 0x36, 0xf5, 0x32, 0x1a, 0xd8, 0xad, 0xdf, 0x0b, 0xe0, 0x5c, 0x8e, 0x8e,
-	0x1b, 0x94, 0x0b, 0x78, 0x6f, 0xa4, 0x9f, 0xed, 0x83, 0x15, 0x28, 0xbd, 0x55, 0x37, 0x9f, 0x30,
-	0xb1, 0x17, 0x06, 0x2b, 0xa9, 0x5e, 0xbe, 0x07, 0xe6, 0xa8, 0x20, 0xbe, 0xdc, 0x95, 0xd9, 0x0b,
-	0xe5, 0xfa, 0x6b, 0x53, 0xf6, 0x5a, 0xe3, 0xb8, 0x89, 0x31, 0x77, 0x5d, 0xb2, 0x21, 0x4d, 0x6a,
-	0xfd, 0x51, 0xcc, 0xad, 0x4d, 0x36, 0x3c, 0xfc, 0x1c, 0x2c, 0xa9, 0xaf, 0x2d, 0xcc, 0x5a, 0x44,
-	0xce, 0x15, 0x53, 0xe1, 0xc4, 0x33, 0xb5, 0xcf, 0x50, 0x6a, 0x9c, 0x36, 0xa9, 0x2c, 0xdd, 0xce,
-	0x50, 0xa3, 0xa1, 0x50, 0xf0, 0x0a, 0x28, 0xfb, 0x34, 0x40, 0x24, 0x6a, 0x53, 0x17, 0xeb, 0xb6,
-	0x9c, 0x6b, 0x2c, 0xf7, 0x7b, 0xb5, 0xf2, 0x66, 0xb2, 0x8c, 0xd2, 0x18, 0xf8, 0x0a, 0x28, 0xfb,
-	0xf8, 0xb3, 0xd8, 0x65, 0x56, 0xb9, 0x9c, 0x34, 0xf1, 0xca, 0x9b, 0x89, 0x09, 0xa5, 0x71, 0xf0,
-	0x8e, 0xec, 0x06, 0xc1, 0xa8, 0xcb, 0x2b, 0x25, 0x25, 0xf3, 0xc5, 0x49, 0xf5, 0x6d, 0x2a, 0xb8,
-	0x1a, 0x11, 0xa9, 0xce, 0x51, 0x14, 0x68, 0xc0, 0x65, 0xfd, 0x50, 0x02, 0xe7, 0xf7, 0x3d, 0xfb,
-	0xf0, 0x1d, 0x00, 0xc3, 0x6d, 0x4e, 0x58, 0x97, 0x78, 0x57, 0xf5, 0x68, 0x97, 0x33, 0x56, 0x6a,
-	0x3c, 0xdb, 0x38, 0x2d, 0xdb, 0xfe, 0xe6, 0x88, 0x15, 0x8d, 0xf1, 0x80, 0x2e, 0x38, 0x2e, 0x0f,
-	0x83, 0x16, 0x94, 0x9a, 0x71, 0x7e, 0xb8, 0x93, 0xf6, 0x6c, 0xbf, 0x57, 0x3b, 0xbe, 0x91, 0x26,
-	0x41, 0x59, 0x4e, 0xb8, 0x0e, 0x96, 0xdd, 0x0e, 0x63, 0x24, 0x10, 0x43, 0x02, 0x9f, 0x31, 0x0a,
-	0x2c, 0x37, 0xb3, 0x66, 0x34, 0x8c, 0x97, 0x14, 0x1e, 0xe1, 0x94, 0x11, 0x2f, 0xa6, 0x28, 0x65,
-	0x29, 0xde, 0xce, 0x9a, 0xd1, 0x30, 0x1e, 0xb6, 0xc1, 0x92, 0x61, 0x35, 0x7a, 0x57, 0xe6, 0xd4,
-	0x96, 0xbd, 0x74, 0xc0, 0x2d, 0xd3, 0x43, 0x37, 0xee, 0xc1, 0x66, 0x86, 0x0b, 0x0d, 0x71, 0x43,
-	0x01, 0x80, 0x3b, 0x18, 0x71, 0xbc, 0x32, 0xaf, 0x22, 0xbd, 0x35, 0xe5, 0x19, 0x8c, 0x67, 0x65,
-	0x72, 0x7d, 0xc5, 0x4b, 0x1c, 0xa5, 0xe2, 0x58, 0xbf, 0x16, 0x01, 0x48, 0x3a, 0x0c, 0xae, 0x65,
-	0x86, 0xfc, 0xea, 0xd0, 0x90, 0x3f, 0x61, 0x90, 0xea, 0xd5, 0x93, 0x1a, 0xe8, 0x77, 0xc1, 0x7c,
-	0xa8, 0x4e, 0x9e, 0x69, 0x86, 0xfa, 0xa4, 0xb4, 0xe3, 0xbb, 0x34, 0x66, 0x6b, 0x00, 0x39, 0x3a,
-	0xcd, 0xf9, 0x35, 0x6c, 0xf0, 0x06, 0x28, 0x45, 0xa1, 0x37, 0xb8, 0xfc, 0x2e, 0x4f, 0x62, 0xbd,
-	0x15, 0x7a, 0x3c, 0xc3, 0xb9, 0x20, 0x73, 0x97, 0xab, 0x48, 0xf1, 0xc0, 0x8f, 0xc1, 0xc2, 0xe0,
-	0xcd, 0xa6, 0x9a, 0xa1, 0x5c, 0x5f, 0x9b, 0xc4, 0x89, 0x0c, 0x3e, 0xc3, 0xbb, 0x28, 0x27, 0xe8,
-	0xc0, 0x82, 0x62, 0x4e, 0xeb, 0xb7, 0x22, 0x58, 0x4c, 0xef, 0xfd, 0x7f, 0x22, 0xa7, 0xee, 0xba,
-	0xa3, 0x95, 0x53, 0x73, 0x1e, 0xbd, 0x9c, 0x9a, 0x37, 0x4f, 0xce, 0x6f, 0x8a, 0x00, 0x8e, 0x76,
-	0x0a, 0x74, 0xc1, 0xbc, 0x50, 0x93, 0xfb, 0x28, 0x6e, 0x88, 0xf8, 0xd6, 0x36, 0x97, 0x81, 0xa1,
-	0x96, 0x4f, 0x51, 0x3d, 0x5b, 0x6f, 0x24, 0x4f, 0xd6, 0xf8, 0x2c, 0x6d, 0xc6, 0x16, 0x94, 0x42,
-	0x41, 0x02, 0xca, 0xda, 0xfb, 0x2e, 0x6e, 0x77, 0x06, 0x4f, 0x90, 0x7d, 0x6f, 0x68, 0x7b, 0x50,
-	0xab, 0xfd, 0x5e, 0x07, 0x07, 0x82, 0x8a, 0xbd, 0xe4, 0x0a, 0xd9, 0x4a, 0xa8, 0x50, 0x9a, 0xd7,
-	0xfa, 0x6e, 0x58, 0x16, 0xdd, 0x6b, 0xff, 0x5b, 0x59, 0x76, 0xc0, 0xa2, 0x19, 0x75, 0xff, 0x44,
-	0x97, 0x53, 0x26, 0xca, 0x62, 0x33, 0xc5, 0x85, 0x32, 0xcc, 0xd6, 0xcf, 0x05, 0x70, 0x62, 0x78,
-	0x08, 0x0c, 0xa5, 0x5c, 0x38, 0x50, 0xca, 0x0f, 0x00, 0xd4, 0x05, 0xaf, 0x77, 0x09, 0xc3, 0x2d,
-	0xa2, 0x13, 0x2f, 0x4e, 0x95, 0x78, 0xfc, 0xae, 0xdc, 0x1a, 0x61, 0x44, 0x63, 0xa2, 0x58, 0xbf,
-	0x64, 0x8b, 0xd0, 0x9b, 0x3b, 0x4d, 0x11, 0x5f, 0x80, 0x93, 0x46, 0x9d, 0x23, 0xa8, 0xe2, 0x9c,
-	0x09, 0x76, 0xb2, 0x39, 0x4a, 0x89, 0xc6, 0xc5, 0xb1, 0xbe, 0x2f, 0x82, 0x53, 0xe3, 0xa6, 0x27,
-	0x6c, 0x9a, 0xff, 0x81, 0xba, 0x0a, 0x27, 0xfd, 0x3f, 0xf0, 0x69, 0xaf, 0x56, 0x1b, 0xf3, 0xf4,
-	0x1f, 0xd0, 0xa4, 0xfe, 0x2a, 0xbe, 0x0f, 0x2a, 0x19, 0xed, 0xee, 0x08, 0xda, 0xa6, 0x0f, 0xf4,
-	0xa3, 0x46, 0x3f, 0xdf, 0x9e, 0xeb, 0xf7, 0x6a, 0x95, 0xad, 0x1c, 0x0c, 0xca, 0xf5, 0x96, 0xff,
-	0x27, 0xc6, 0xec, 0xfd, 0x74, 0x4d, 0x7b, 0xfa, 0x10, 0xfb, 0xfe, 0xe3, 0xa8, 0x5e, 0x7a, 0xef,
-	0x8f, 0x44, 0xaf, 0x0f, 0xc1, 0xd9, 0xec, 0x26, 0x8d, 0x0a, 0x76, 0xbe, 0xdf, 0xab, 0x9d, 0x6d,
-	0xe6, 0x81, 0x50, 0xbe, 0x7f, 0x5e, 0xa7, 0xcd, 0xfe, 0x3b, 0x9d, 0xd6, 0xb8, 0xf4, 0xf0, 0x49,
-	0x75, 0xe6, 0xd1, 0x93, 0xea, 0xcc, 0xe3, 0x27, 0xd5, 0x99, 0x2f, 0xfb, 0xd5, 0xc2, 0xc3, 0x7e,
-	0xb5, 0xf0, 0xa8, 0x5f, 0x2d, 0x3c, 0xee, 0x57, 0x0b, 0x7f, 0xf6, 0xab, 0x85, 0xaf, 0xff, 0xaa,
-	0xce, 0x7c, 0x70, 0xcc, 0xcc, 0xbd, 0xbf, 0x03, 0x00, 0x00, 0xff, 0xff, 0xac, 0xf1, 0x6a, 0x4f,
-	0x90, 0x12, 0x00, 0x00,
+	// 1441 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xd4, 0x58, 0xcd, 0x8f, 0x1b, 0xc5,
+	0x12, 0x5f, 0x7f, 0xec, 0x66, 0xd3, 0xde, 0xec, 0xe6, 0x75, 0xa2, 0xc4, 0xd9, 0xbc, 0xd8, 0xab,
+	0xd1, 0xd3, 0x53, 0x88, 0xc8, 0x4c, 0xe2, 0x2c, 0x1f, 0x12, 0x42, 0x62, 0x6d, 0x20, 0x89, 0x58,
+	0x27, 0xa1, 0x77, 0x13, 0x21, 0x08, 0x88, 0xf6, 0xb8, 0xe3, 0x6d, 0xd6, 0x33, 0x63, 0x75, 0xb7,
+	0xad, 0x6c, 0x10, 0x12, 0x17, 0xee, 0x1c, 0xf8, 0xb8, 0x72, 0x46, 0x70, 0x85, 0x33, 0x48, 0x48,
+	0x39, 0xe6, 0x18, 0x84, 0x64, 0x91, 0xe1, 0xbf, 0xc8, 0x09, 0x4d, 0x77, 0xcf, 0x78, 0xc6, 0xf6,
+	0xac, 0x1d, 0xb3, 0x09, 0x70, 0x9b, 0xee, 0xaa, 0xfa, 0x55, 0x75, 0x55, 0x75, 0x75, 0xd5, 0x80,
+	0xcb, 0xbb, 0x2f, 0x73, 0x93, 0x7a, 0xd6, 0x6e, 0xb7, 0x41, 0x98, 0x4b, 0x04, 0xe1, 0x56, 0x8f,
+	0xb8, 0x4d, 0x8f, 0x59, 0x9a, 0x80, 0x3b, 0xd4, 0xc2, 0x5d, 0xe1, 0x71, 0x1b, 0xb7, 0xa9, 0xdb,
+	0xb2, 0x7a, 0x95, 0x06, 0x11, 0xf8, 0xa2, 0xd5, 0x22, 0x2e, 0x61, 0x58, 0x90, 0xa6, 0xd9, 0x61,
+	0x9e, 0xf0, 0x60, 0x49, 0xf1, 0x9b, 0xb8, 0x43, 0xcd, 0x18, 0xbf, 0xa9, 0xf9, 0x57, 0xcf, 0xb7,
+	0xa8, 0xd8, 0xe9, 0x36, 0x4c, 0xdb, 0x73, 0xac, 0x96, 0xd7, 0xf2, 0x2c, 0x29, 0xd6, 0xe8, 0xde,
+	0x91, 0x2b, 0xb9, 0x90, 0x5f, 0x0a, 0x6e, 0xd5, 0x88, 0xa9, 0xb7, 0x3d, 0x46, 0xac, 0xde, 0x88,
+	0xca, 0xd5, 0xf5, 0x01, 0x8f, 0x83, 0xed, 0x1d, 0xea, 0x12, 0xb6, 0x67, 0x75, 0x76, 0x5b, 0x52,
+	0x88, 0x11, 0xee, 0x75, 0x99, 0x4d, 0x9e, 0x48, 0x8a, 0x5b, 0x0e, 0x11, 0x78, 0x9c, 0x2e, 0x2b,
+	0x4d, 0x8a, 0x75, 0x5d, 0x41, 0x9d, 0x51, 0x35, 0x2f, 0x4e, 0x12, 0xe0, 0xf6, 0x0e, 0x71, 0xf0,
+	0x88, 0xdc, 0xa5, 0x34, 0xb9, 0xae, 0xa0, 0x6d, 0x8b, 0xba, 0x82, 0x0b, 0x36, 0x2c, 0x64, 0x7c,
+	0x99, 0x01, 0xa7, 0x6b, 0xcc, 0xe3, 0xfc, 0x16, 0x61, 0x9c, 0x7a, 0xee, 0xf5, 0xc6, 0x47, 0xc4,
+	0x16, 0x88, 0xdc, 0x21, 0x8c, 0xb8, 0x36, 0x81, 0x6b, 0x20, 0xbf, 0x4b, 0xdd, 0x66, 0x31, 0xb3,
+	0x96, 0x39, 0x7b, 0xb8, 0xba, 0x74, 0xbf, 0x5f, 0x9e, 0xf3, 0xfb, 0xe5, 0xfc, 0x5b, 0xd4, 0x6d,
+	0x22, 0x49, 0x09, 0x38, 0x5c, 0xec, 0x90, 0x62, 0x36, 0xc9, 0x71, 0x0d, 0x3b, 0x04, 0x49, 0x0a,
+	0xac, 0x00, 0x80, 0x3b, 0x54, 0x2b, 0x28, 0xe6, 0x24, 0x1f, 0xd4, 0x7c, 0x60, 0xe3, 0xc6, 0x55,
+	0x4d, 0x41, 0x31, 0x2e, 0xe3, 0xab, 0x1c, 0x38, 0xfe, 0xc6, 0x5d, 0x41, 0x98, 0x8b, 0xdb, 0x75,
+	0x22, 0x18, 0xb5, 0xb7, 0x64, 0x50, 0x02, 0x30, 0x47, 0xae, 0x03, 0x05, 0xda, 0xac, 0x08, 0xac,
+	0x1e, 0x51, 0x50, 0x8c, 0x0b, 0x7a, 0x60, 0x59, 0xad, 0xb6, 0x48, 0x9b, 0xd8, 0xc2, 0x63, 0xd2,
+	0xd8, 0x42, 0xe5, 0x92, 0x39, 0x48, 0xbd, 0xc8, 0x65, 0x66, 0x67, 0xb7, 0x15, 0x6c, 0x70, 0x33,
+	0x88, 0xa8, 0xd9, 0xbb, 0x68, 0x6e, 0xe2, 0x06, 0x69, 0x87, 0xa2, 0x55, 0xe8, 0xf7, 0xcb, 0xcb,
+	0xf5, 0x04, 0x1c, 0x1a, 0x82, 0x87, 0x18, 0x14, 0x04, 0x66, 0x2d, 0x22, 0x6e, 0xe1, 0x76, 0x97,
+	0xc8, 0x23, 0x17, 0x2a, 0xe6, 0x7e, 0xda, 0xcc, 0x30, 0xeb, 0xcc, 0xb7, 0xbb, 0xd8, 0x15, 0x54,
+	0xec, 0x55, 0x57, 0xfc, 0x7e, 0xb9, 0xb0, 0x3d, 0x80, 0x41, 0x71, 0x4c, 0xd8, 0x03, 0x50, 0x2d,
+	0x37, 0x7a, 0x84, 0xe1, 0x16, 0x51, 0x9a, 0xf2, 0x33, 0x69, 0x3a, 0xe1, 0xf7, 0xcb, 0x70, 0x7b,
+	0x04, 0x0d, 0x8d, 0xd1, 0x60, 0x7c, 0x33, 0x1a, 0x18, 0x81, 0x45, 0x97, 0xff, 0x3b, 0x02, 0xb3,
+	0x03, 0x96, 0xec, 0x2e, 0x63, 0xc4, 0xfd, 0x4b, 0x91, 0x39, 0xae, 0x8f, 0xb5, 0x54, 0x8b, 0x61,
+	0xa1, 0x04, 0x32, 0xdc, 0x03, 0xc7, 0xf4, 0xfa, 0x00, 0x02, 0x74, 0xd2, 0xef, 0x97, 0x8f, 0xd5,
+	0x46, 0xe1, 0xd0, 0x38, 0x1d, 0xc6, 0x4f, 0x59, 0x70, 0xf2, 0x8a, 0xc7, 0xe8, 0x3d, 0xcf, 0x15,
+	0xb8, 0x7d, 0xc3, 0x6b, 0x6e, 0xe8, 0xaa, 0x4a, 0x18, 0xfc, 0x10, 0x2c, 0x06, 0xde, 0x6b, 0x62,
+	0x81, 0x65, 0x8c, 0x0a, 0x95, 0x0b, 0xd3, 0xf9, 0x5a, 0x15, 0x86, 0x3a, 0x11, 0x78, 0x10, 0xd5,
+	0xc1, 0x1e, 0x8a, 0x50, 0xe1, 0xfb, 0x20, 0xcf, 0x3b, 0xc4, 0xd6, 0x91, 0x7c, 0xc5, 0xdc, 0xbf,
+	0xba, 0x9b, 0x29, 0x86, 0x6e, 0x75, 0x88, 0x3d, 0x28, 0x26, 0xc1, 0x0a, 0x49, 0x58, 0x48, 0xc0,
+	0x02, 0x97, 0x09, 0xa7, 0x63, 0xf7, 0xea, 0xac, 0x0a, 0x24, 0x48, 0x75, 0x59, 0xab, 0x58, 0x50,
+	0x6b, 0xa4, 0xc1, 0x8d, 0xcf, 0x72, 0x60, 0x2d, 0x45, 0xb2, 0xe6, 0xb9, 0x4d, 0x2a, 0xa8, 0xe7,
+	0xc2, 0x2b, 0x20, 0x2f, 0xf6, 0x3a, 0x61, 0xb2, 0xaf, 0x87, 0xd6, 0x6e, 0xef, 0x75, 0xc8, 0xe3,
+	0x7e, 0xf9, 0x7f, 0x93, 0xe4, 0x03, 0x3e, 0x24, 0x11, 0xe0, 0x66, 0x74, 0xaa, 0x6c, 0x02, 0x4b,
+	0x9b, 0xf5, 0xb8, 0x5f, 0x1e, 0xf3, 0xac, 0x99, 0x11, 0x52, 0xd2, 0xf8, 0xa0, 0x36, 0xb4, 0x31,
+	0x17, 0xdb, 0x0c, 0xbb, 0x5c, 0x69, 0xa2, 0x4e, 0x98, 0xeb, 0xe7, 0xa6, 0x0b, 0x77, 0x20, 0x51,
+	0x5d, 0xd5, 0x56, 0xc0, 0xcd, 0x11, 0x34, 0x34, 0x46, 0x03, 0xfc, 0x3f, 0x58, 0x60, 0x04, 0x73,
+	0xcf, 0x95, 0x69, 0x7e, 0x78, 0xe0, 0x5c, 0x24, 0x77, 0x91, 0xa6, 0xc2, 0xe7, 0xc0, 0x21, 0x87,
+	0x70, 0x8e, 0x5b, 0xa4, 0x38, 0x2f, 0x19, 0x57, 0x34, 0xe3, 0xa1, 0xba, 0xda, 0x46, 0x21, 0xdd,
+	0xf8, 0x35, 0x03, 0x4e, 0xa7, 0xf8, 0x71, 0x93, 0x72, 0x01, 0x6f, 0x8f, 0xe4, 0xb3, 0x39, 0x65,
+	0xed, 0xa0, 0x5c, 0x65, 0xf3, 0x51, 0xad, 0x7b, 0x31, 0xdc, 0x89, 0xe5, 0xf2, 0x6d, 0x30, 0x4f,
+	0x05, 0x71, 0x82, 0xa8, 0xe4, 0xce, 0x16, 0x2a, 0x2f, 0xcd, 0x98, 0x6b, 0xd5, 0x23, 0x5a, 0xc7,
+	0xfc, 0xd5, 0x00, 0x0d, 0x29, 0x50, 0xe3, 0xb7, 0x6c, 0xea, 0xd9, 0x82, 0x84, 0x87, 0x1f, 0x83,
+	0x65, 0xb9, 0x52, 0x95, 0x19, 0x91, 0x3b, 0xfa, 0x84, 0x13, 0xef, 0xd4, 0x3e, 0x0f, 0x7a, 0xf5,
+	0x84, 0x36, 0x65, 0x79, 0x2b, 0x01, 0x8d, 0x86, 0x54, 0xc1, 0x8b, 0xa0, 0xe0, 0x50, 0x17, 0x91,
+	0x4e, 0x9b, 0xda, 0x58, 0xa5, 0xe5, 0xbc, 0x7a, 0x92, 0xea, 0x83, 0x6d, 0x14, 0xe7, 0x81, 0x2f,
+	0x80, 0x82, 0x83, 0xef, 0x46, 0x22, 0x39, 0x29, 0x72, 0x4c, 0xeb, 0x2b, 0xd4, 0x07, 0x24, 0x14,
+	0xe7, 0x83, 0x37, 0x83, 0x6c, 0x08, 0xaa, 0x34, 0x2f, 0xe6, 0xa5, 0x9b, 0xcf, 0x4d, 0x3a, 0x9f,
+	0x2e, 0xf2, 0x41, 0x89, 0x88, 0x65, 0x8e, 0x84, 0x40, 0x21, 0x96, 0xf1, 0x43, 0x1e, 0x9c, 0xd9,
+	0xf7, 0xee, 0xc3, 0x37, 0x01, 0xf4, 0x1a, 0x9c, 0xb0, 0x1e, 0x69, 0x5e, 0x56, 0x6d, 0x51, 0xd0,
+	0x9f, 0x04, 0x3e, 0xce, 0xa9, 0x27, 0xf1, 0xfa, 0x08, 0x15, 0x8d, 0x91, 0x80, 0x36, 0x38, 0x12,
+	0x5c, 0x06, 0xe5, 0x50, 0xaa, 0x5b, 0xa1, 0x27, 0xbb, 0x69, 0xff, 0xf1, 0xfb, 0xe5, 0x23, 0x9b,
+	0x71, 0x10, 0x94, 0xc4, 0x84, 0x1b, 0x60, 0x45, 0xd7, 0xfa, 0x21, 0x07, 0x9f, 0xd4, 0x1e, 0x58,
+	0xa9, 0x25, 0xc9, 0x68, 0x98, 0x3f, 0x80, 0x68, 0x12, 0x4e, 0x19, 0x69, 0x46, 0x10, 0xf9, 0x24,
+	0xc4, 0xeb, 0x49, 0x32, 0x1a, 0xe6, 0x87, 0x6d, 0xb0, 0xac, 0x51, 0xb5, 0xbf, 0x8b, 0xf3, 0x32,
+	0x64, 0xcf, 0x4f, 0x19, 0x32, 0x55, 0x74, 0xa3, 0x1c, 0xac, 0x25, 0xb0, 0xd0, 0x10, 0x36, 0x14,
+	0x00, 0xd8, 0x61, 0x89, 0xe3, 0xc5, 0x05, 0xa9, 0xe9, 0xb5, 0x19, 0xef, 0x60, 0x54, 0x2b, 0x07,
+	0xcf, 0x57, 0xb4, 0xc5, 0x51, 0x4c, 0x8f, 0xf1, 0x6d, 0x0e, 0x80, 0x41, 0x86, 0xc1, 0xf5, 0x44,
+	0x91, 0x5f, 0x1b, 0x2a, 0xf2, 0x47, 0xe3, 0xcd, 0x69, 0xac, 0xa0, 0xdf, 0x02, 0x0b, 0x9e, 0xbc,
+	0x79, 0x3a, 0x19, 0x2a, 0x93, 0xcc, 0x8e, 0xde, 0xd2, 0x08, 0xad, 0x0a, 0x82, 0xd2, 0xa9, 0xef,
+	0xaf, 0x46, 0x83, 0xd7, 0x40, 0xbe, 0xe3, 0x35, 0xc3, 0xc7, 0xef, 0xc2, 0x24, 0xd4, 0x1b, 0x5e,
+	0x93, 0x27, 0x30, 0x17, 0x03, 0xdb, 0x83, 0x5d, 0x24, 0x71, 0xe0, 0x07, 0x60, 0x31, 0x6c, 0x37,
+	0x74, 0x6f, 0xb2, 0x3e, 0x09, 0x13, 0x69, 0xfe, 0x04, 0xee, 0x52, 0x50, 0x41, 0x43, 0x0a, 0x8a,
+	0x30, 0x03, 0x7c, 0xa2, 0xbb, 0x45, 0x59, 0xeb, 0xa7, 0xc0, 0x1f, 0xd7, 0xf6, 0x2b, 0xfc, 0x90,
+	0x82, 0x22, 0x4c, 0xe3, 0xbb, 0x1c, 0x58, 0x4a, 0xb4, 0xa1, 0x7f, 0x47, 0xb8, 0x54, 0x56, 0x1f,
+	0x6c, 0xb8, 0x14, 0xe6, 0xc1, 0x87, 0x4b, 0xe1, 0x3e, 0xbd, 0x70, 0xc5, 0xf0, 0xc7, 0x84, 0xeb,
+	0x8b, 0x2c, 0x80, 0xa3, 0x99, 0x0e, 0x6d, 0xb0, 0xa0, 0x46, 0x8d, 0x83, 0x78, 0xe1, 0xa2, 0xae,
+	0x43, 0x3f, 0x66, 0x1a, 0x7a, 0x68, 0x40, 0xc9, 0x4e, 0x35, 0xa0, 0x90, 0x83, 0x18, 0xe4, 0xa2,
+	0x27, 0x30, 0x6d, 0x98, 0x33, 0xbe, 0x1e, 0x76, 0x8b, 0xca, 0xe5, 0x7f, 0xac, 0x5b, 0x9e, 0xd9,
+	0x18, 0x65, 0xfc, 0x9c, 0x01, 0x47, 0x87, 0x8b, 0xd8, 0x4c, 0xa3, 0xe6, 0xbd, 0xb1, 0xf3, 0x72,
+	0x76, 0x26, 0xc3, 0xa3, 0xbe, 0x78, 0xca, 0x99, 0xf9, 0x97, 0xe4, 0x21, 0x66, 0x9f, 0x97, 0x3f,
+	0x19, 0x3f, 0x54, 0xce, 0x76, 0x8a, 0xd3, 0x5a, 0xd9, 0xf4, 0x83, 0xe5, 0xf7, 0x59, 0x70, 0x7c,
+	0x5c, 0xf5, 0x87, 0x35, 0xfd, 0x0f, 0x48, 0x9d, 0xc2, 0x8a, 0xff, 0x03, 0x7a, 0xdc, 0x2f, 0x97,
+	0xc7, 0x8c, 0x2e, 0x21, 0x4c, 0xec, 0x37, 0xd1, 0x3b, 0xa0, 0x98, 0xf0, 0xdd, 0x4d, 0x41, 0xdb,
+	0xf4, 0x9e, 0x6a, 0xca, 0x54, 0xfb, 0xf9, 0x5f, 0xbf, 0x5f, 0x2e, 0x6e, 0xa7, 0xf0, 0xa0, 0x54,
+	0xe9, 0x94, 0x7f, 0x25, 0xb9, 0xa7, 0xfe, 0xaf, 0xe4, 0xc7, 0x51, 0x7f, 0xa9, 0xd8, 0x1f, 0x88,
+	0xbf, 0xde, 0x03, 0xa7, 0x92, 0x41, 0x1a, 0x75, 0xd8, 0x19, 0xbf, 0x5f, 0x3e, 0x55, 0x4b, 0x63,
+	0x42, 0xe9, 0xf2, 0x69, 0x99, 0x96, 0x7b, 0x36, 0x99, 0x56, 0x3d, 0x7f, 0xff, 0x51, 0x69, 0xee,
+	0xc1, 0xa3, 0xd2, 0xdc, 0xc3, 0x47, 0xa5, 0xb9, 0x4f, 0xfd, 0x52, 0xe6, 0xbe, 0x5f, 0xca, 0x3c,
+	0xf0, 0x4b, 0x99, 0x87, 0x7e, 0x29, 0xf3, 0xbb, 0x5f, 0xca, 0x7c, 0xfe, 0x47, 0x69, 0xee, 0xdd,
+	0x43, 0xba, 0xee, 0xfd, 0x19, 0x00, 0x00, 0xff, 0xff, 0x91, 0x09, 0xa9, 0x38, 0x8c, 0x16, 0x00,
+	0x00,
 }
diff --git a/vendor/k8s.io/api/autoscaling/v2beta1/generated.proto b/vendor/k8s.io/api/autoscaling/v2beta1/generated.proto
index cce8e42510ca..b565920c31b4 100644
--- a/vendor/k8s.io/api/autoscaling/v2beta1/generated.proto
+++ b/vendor/k8s.io/api/autoscaling/v2beta1/generated.proto
@@ -44,6 +44,50 @@ message CrossVersionObjectReference {
   optional string apiVersion = 3;
 }
 
+// ExternalMetricSource indicates how to scale on a metric not associated with
+// any Kubernetes object (for example length of queue in cloud
+// messaging service, or QPS from loadbalancer running outside of cluster).
+// Exactly one "target" type should be set.
+message ExternalMetricSource {
+  // metricName is the name of the metric in question.
+  optional string metricName = 1;
+
+  // metricSelector is used to identify a specific time series
+  // within a given metric.
+  // +optional
+  optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector metricSelector = 2;
+
+  // targetValue is the target value of the metric (as a quantity).
+  // Mutually exclusive with TargetAverageValue.
+  // +optional
+  optional k8s.io.apimachinery.pkg.api.resource.Quantity targetValue = 3;
+
+  // targetAverageValue is the target per-pod value of global metric (as a quantity).
+  // Mutually exclusive with TargetValue.
+  // +optional
+  optional k8s.io.apimachinery.pkg.api.resource.Quantity targetAverageValue = 4;
+}
+
+// ExternalMetricStatus indicates the current value of a global metric
+// not associated with any Kubernetes object.
+message ExternalMetricStatus {
+  // metricName is the name of a metric used for autoscaling in
+  // metric system.
+  optional string metricName = 1;
+
+  // metricSelector is used to identify a specific time series
+  // within a given metric.
+  // +optional
+  optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector metricSelector = 2;
+
+  // currentValue is the current value of the metric (as a quantity)
+  optional k8s.io.apimachinery.pkg.api.resource.Quantity currentValue = 3;
+
+  // currentAverageValue is the current value of metric averaged over autoscaled pods.
+  // +optional
+  optional k8s.io.apimachinery.pkg.api.resource.Quantity currentAverageValue = 4;
+}
+
 // HorizontalPodAutoscaler is the configuration for a horizontal pod
 // autoscaler, which automatically manages the replica count of any resource
 // implementing the scale subresource based on the metrics specified.
@@ -153,7 +197,8 @@ message HorizontalPodAutoscalerStatus {
 // MetricSpec specifies how to scale based on a single metric
 // (only `type` and one other matching field should be set at once).
 message MetricSpec {
-  // type is the type of metric source.  It should match one of the fields below.
+  // type is the type of metric source.  It should be one of "Object",
+  // "Pods" or "Resource", each mapping to a matching field in the object.
   optional string type = 1;
 
   // object refers to a metric describing a single kubernetes object
@@ -174,11 +219,20 @@ message MetricSpec {
   // to normal per-pod metrics using the "pods" source.
   // +optional
   optional ResourceMetricSource resource = 4;
+
+  // external refers to a global metric that is not associated
+  // with any Kubernetes object. It allows autoscaling based on information
+  // coming from components running outside of cluster
+  // (for example length of queue in cloud messaging service, or
+  // QPS from loadbalancer running outside of cluster).
+  // +optional
+  optional ExternalMetricSource external = 5;
 }
 
 // MetricStatus describes the last-read state of a single metric.
 message MetricStatus {
-  // type is the type of metric source.  It will match one of the fields below.
+  // type is the type of metric source.  It will be one of "Object",
+  // "Pods" or "Resource", each corresponds to a matching field in the object.
   optional string type = 1;
 
   // object refers to a metric describing a single kubernetes object
@@ -199,6 +253,14 @@ message MetricStatus {
   // to normal per-pod metrics using the "pods" source.
   // +optional
   optional ResourceMetricStatus resource = 4;
+
+  // external refers to a global metric that is not associated
+  // with any Kubernetes object. It allows autoscaling based on information
+  // coming from components running outside of cluster
+  // (for example length of queue in cloud messaging service, or
+  // QPS from loadbalancer running outside of cluster).
+  // +optional
+  optional ExternalMetricStatus external = 5;
 }
 
 // ObjectMetricSource indicates how to scale on a metric describing a
diff --git a/vendor/k8s.io/api/autoscaling/v2beta1/types.go b/vendor/k8s.io/api/autoscaling/v2beta1/types.go
index 9c72ae25ca7f..f842cc342da2 100644
--- a/vendor/k8s.io/api/autoscaling/v2beta1/types.go
+++ b/vendor/k8s.io/api/autoscaling/v2beta1/types.go
@@ -73,12 +73,19 @@ var (
 	// Kubernetes, and have special scaling options on top of those available
 	// to normal per-pod metrics (the "pods" source).
 	ResourceMetricSourceType MetricSourceType = "Resource"
+	// ExternalMetricSourceType is a global metric that is not associated
+	// with any Kubernetes object. It allows autoscaling based on information
+	// coming from components running outside of cluster
+	// (for example length of queue in cloud messaging service, or
+	// QPS from loadbalancer running outside of cluster).
+	ExternalMetricSourceType MetricSourceType = "External"
 )
 
 // MetricSpec specifies how to scale based on a single metric
 // (only `type` and one other matching field should be set at once).
 type MetricSpec struct {
-	// type is the type of metric source.  It should match one of the fields below.
+	// type is the type of metric source.  It should be one of "Object",
+	// "Pods" or "Resource", each mapping to a matching field in the object.
 	Type MetricSourceType `json:"type" protobuf:"bytes,1,name=type"`
 
 	// object refers to a metric describing a single kubernetes object
@@ -97,6 +104,13 @@ type MetricSpec struct {
 	// to normal per-pod metrics using the "pods" source.
 	// +optional
 	Resource *ResourceMetricSource `json:"resource,omitempty" protobuf:"bytes,4,opt,name=resource"`
+	// external refers to a global metric that is not associated
+	// with any Kubernetes object. It allows autoscaling based on information
+	// coming from components running outside of cluster
+	// (for example length of queue in cloud messaging service, or
+	// QPS from loadbalancer running outside of cluster).
+	// +optional
+	External *ExternalMetricSource `json:"external,omitempty" protobuf:"bytes,5,opt,name=external"`
 }
 
 // ObjectMetricSource indicates how to scale on a metric describing a
@@ -145,6 +159,27 @@ type ResourceMetricSource struct {
 	TargetAverageValue *resource.Quantity `json:"targetAverageValue,omitempty" protobuf:"bytes,3,opt,name=targetAverageValue"`
 }
 
+// ExternalMetricSource indicates how to scale on a metric not associated with
+// any Kubernetes object (for example length of queue in cloud
+// messaging service, or QPS from loadbalancer running outside of cluster).
+// Exactly one "target" type should be set.
+type ExternalMetricSource struct {
+	// metricName is the name of the metric in question.
+	MetricName string `json:"metricName" protobuf:"bytes,1,name=metricName"`
+	// metricSelector is used to identify a specific time series
+	// within a given metric.
+	// +optional
+	MetricSelector *metav1.LabelSelector `json:"metricSelector,omitempty" protobuf:"bytes,2,opt,name=metricSelector"`
+	// targetValue is the target value of the metric (as a quantity).
+	// Mutually exclusive with TargetAverageValue.
+	// +optional
+	TargetValue *resource.Quantity `json:"targetValue,omitempty" protobuf:"bytes,3,opt,name=targetValue"`
+	// targetAverageValue is the target per-pod value of global metric (as a quantity).
+	// Mutually exclusive with TargetValue.
+	// +optional
+	TargetAverageValue *resource.Quantity `json:"targetAverageValue,omitempty" protobuf:"bytes,4,opt,name=targetAverageValue"`
+}
+
 // HorizontalPodAutoscalerStatus describes the current status of a horizontal pod autoscaler.
 type HorizontalPodAutoscalerStatus struct {
 	// observedGeneration is the most recent generation observed by this autoscaler.
@@ -210,7 +245,8 @@ type HorizontalPodAutoscalerCondition struct {
 
 // MetricStatus describes the last-read state of a single metric.
 type MetricStatus struct {
-	// type is the type of metric source.  It will match one of the fields below.
+	// type is the type of metric source.  It will be one of "Object",
+	// "Pods" or "Resource", each corresponds to a matching field in the object.
 	Type MetricSourceType `json:"type" protobuf:"bytes,1,name=type"`
 
 	// object refers to a metric describing a single kubernetes object
@@ -229,6 +265,13 @@ type MetricStatus struct {
 	// to normal per-pod metrics using the "pods" source.
 	// +optional
 	Resource *ResourceMetricStatus `json:"resource,omitempty" protobuf:"bytes,4,opt,name=resource"`
+	// external refers to a global metric that is not associated
+	// with any Kubernetes object. It allows autoscaling based on information
+	// coming from components running outside of cluster
+	// (for example length of queue in cloud messaging service, or
+	// QPS from loadbalancer running outside of cluster).
+	// +optional
+	External *ExternalMetricStatus `json:"external,omitempty" protobuf:"bytes,5,opt,name=external"`
 }
 
 // ObjectMetricStatus indicates the current value of a metric describing a
@@ -275,6 +318,23 @@ type ResourceMetricStatus struct {
 	CurrentAverageValue resource.Quantity `json:"currentAverageValue" protobuf:"bytes,3,name=currentAverageValue"`
 }
 
+// ExternalMetricStatus indicates the current value of a global metric
+// not associated with any Kubernetes object.
+type ExternalMetricStatus struct {
+	// metricName is the name of a metric used for autoscaling in
+	// metric system.
+	MetricName string `json:"metricName" protobuf:"bytes,1,name=metricName"`
+	// metricSelector is used to identify a specific time series
+	// within a given metric.
+	// +optional
+	MetricSelector *metav1.LabelSelector `json:"metricSelector,omitempty" protobuf:"bytes,2,opt,name=metricSelector"`
+	// currentValue is the current value of the metric (as a quantity)
+	CurrentValue resource.Quantity `json:"currentValue" protobuf:"bytes,3,name=currentValue"`
+	// currentAverageValue is the current value of metric averaged over autoscaled pods.
+	// +optional
+	CurrentAverageValue *resource.Quantity `json:"currentAverageValue,omitempty" protobuf:"bytes,4,opt,name=currentAverageValue"`
+}
+
 // +genclient
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 
diff --git a/vendor/k8s.io/api/autoscaling/v2beta1/types_swagger_doc_generated.go b/vendor/k8s.io/api/autoscaling/v2beta1/types_swagger_doc_generated.go
index c7002b3d1e67..12cfa7649370 100644
--- a/vendor/k8s.io/api/autoscaling/v2beta1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/autoscaling/v2beta1/types_swagger_doc_generated.go
@@ -38,6 +38,30 @@ func (CrossVersionObjectReference) SwaggerDoc() map[string]string {
 	return map_CrossVersionObjectReference
 }
 
+var map_ExternalMetricSource = map[string]string{
+	"":                   "ExternalMetricSource indicates how to scale on a metric not associated with any Kubernetes object (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster). Exactly one \"target\" type should be set.",
+	"metricName":         "metricName is the name of the metric in question.",
+	"metricSelector":     "metricSelector is used to identify a specific time series within a given metric.",
+	"targetValue":        "targetValue is the target value of the metric (as a quantity). Mutually exclusive with TargetAverageValue.",
+	"targetAverageValue": "targetAverageValue is the target per-pod value of global metric (as a quantity). Mutually exclusive with TargetValue.",
+}
+
+func (ExternalMetricSource) SwaggerDoc() map[string]string {
+	return map_ExternalMetricSource
+}
+
+var map_ExternalMetricStatus = map[string]string{
+	"":                    "ExternalMetricStatus indicates the current value of a global metric not associated with any Kubernetes object.",
+	"metricName":          "metricName is the name of a metric used for autoscaling in metric system.",
+	"metricSelector":      "metricSelector is used to identify a specific time series within a given metric.",
+	"currentValue":        "currentValue is the current value of the metric (as a quantity)",
+	"currentAverageValue": "currentAverageValue is the current value of metric averaged over autoscaled pods.",
+}
+
+func (ExternalMetricStatus) SwaggerDoc() map[string]string {
+	return map_ExternalMetricStatus
+}
+
 var map_HorizontalPodAutoscaler = map[string]string{
 	"":         "HorizontalPodAutoscaler is the configuration for a horizontal pod autoscaler, which automatically manages the replica count of any resource implementing the scale subresource based on the metrics specified.",
 	"metadata": "metadata is the standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
@@ -100,10 +124,11 @@ func (HorizontalPodAutoscalerStatus) SwaggerDoc() map[string]string {
 
 var map_MetricSpec = map[string]string{
 	"":         "MetricSpec specifies how to scale based on a single metric (only `type` and one other matching field should be set at once).",
-	"type":     "type is the type of metric source.  It should match one of the fields below.",
+	"type":     "type is the type of metric source.  It should be one of \"Object\", \"Pods\" or \"Resource\", each mapping to a matching field in the object.",
 	"object":   "object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object).",
 	"pods":     "pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second).  The values will be averaged together before being compared to the target value.",
 	"resource": "resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source.",
+	"external": "external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).",
 }
 
 func (MetricSpec) SwaggerDoc() map[string]string {
@@ -112,10 +137,11 @@ func (MetricSpec) SwaggerDoc() map[string]string {
 
 var map_MetricStatus = map[string]string{
 	"":         "MetricStatus describes the last-read state of a single metric.",
-	"type":     "type is the type of metric source.  It will match one of the fields below.",
+	"type":     "type is the type of metric source.  It will be one of \"Object\", \"Pods\" or \"Resource\", each corresponds to a matching field in the object.",
 	"object":   "object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object).",
 	"pods":     "pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second).  The values will be averaged together before being compared to the target value.",
 	"resource": "resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the \"pods\" source.",
+	"external": "external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).",
 }
 
 func (MetricStatus) SwaggerDoc() map[string]string {
diff --git a/vendor/k8s.io/api/autoscaling/v2beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/autoscaling/v2beta1/zz_generated.deepcopy.go
index 70bec2b5b6c8..dc59dc2d3627 100644
--- a/vendor/k8s.io/api/autoscaling/v2beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/autoscaling/v2beta1/zz_generated.deepcopy.go
@@ -16,12 +16,11 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v2beta1
 
 import (
-	resource "k8s.io/apimachinery/pkg/api/resource"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
@@ -42,6 +41,84 @@ func (in *CrossVersionObjectReference) DeepCopy() *CrossVersionObjectReference {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExternalMetricSource) DeepCopyInto(out *ExternalMetricSource) {
+	*out = *in
+	if in.MetricSelector != nil {
+		in, out := &in.MetricSelector, &out.MetricSelector
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(v1.LabelSelector)
+			(*in).DeepCopyInto(*out)
+		}
+	}
+	if in.TargetValue != nil {
+		in, out := &in.TargetValue, &out.TargetValue
+		if *in == nil {
+			*out = nil
+		} else {
+			x := (*in).DeepCopy()
+			*out = &x
+		}
+	}
+	if in.TargetAverageValue != nil {
+		in, out := &in.TargetAverageValue, &out.TargetAverageValue
+		if *in == nil {
+			*out = nil
+		} else {
+			x := (*in).DeepCopy()
+			*out = &x
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalMetricSource.
+func (in *ExternalMetricSource) DeepCopy() *ExternalMetricSource {
+	if in == nil {
+		return nil
+	}
+	out := new(ExternalMetricSource)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExternalMetricStatus) DeepCopyInto(out *ExternalMetricStatus) {
+	*out = *in
+	if in.MetricSelector != nil {
+		in, out := &in.MetricSelector, &out.MetricSelector
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(v1.LabelSelector)
+			(*in).DeepCopyInto(*out)
+		}
+	}
+	out.CurrentValue = in.CurrentValue.DeepCopy()
+	if in.CurrentAverageValue != nil {
+		in, out := &in.CurrentAverageValue, &out.CurrentAverageValue
+		if *in == nil {
+			*out = nil
+		} else {
+			x := (*in).DeepCopy()
+			*out = &x
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalMetricStatus.
+func (in *ExternalMetricStatus) DeepCopy() *ExternalMetricStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(ExternalMetricStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *HorizontalPodAutoscaler) DeepCopyInto(out *HorizontalPodAutoscaler) {
 	*out = *in
@@ -66,9 +143,8 @@ func (in *HorizontalPodAutoscaler) DeepCopy() *HorizontalPodAutoscaler {
 func (in *HorizontalPodAutoscaler) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -117,9 +193,8 @@ func (in *HorizontalPodAutoscalerList) DeepCopy() *HorizontalPodAutoscalerList {
 func (in *HorizontalPodAutoscalerList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -172,8 +247,7 @@ func (in *HorizontalPodAutoscalerStatus) DeepCopyInto(out *HorizontalPodAutoscal
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(v1.Time)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	if in.CurrentMetrics != nil {
@@ -233,6 +307,15 @@ func (in *MetricSpec) DeepCopyInto(out *MetricSpec) {
 			(*in).DeepCopyInto(*out)
 		}
 	}
+	if in.External != nil {
+		in, out := &in.External, &out.External
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(ExternalMetricSource)
+			(*in).DeepCopyInto(*out)
+		}
+	}
 	return
 }
 
@@ -276,6 +359,15 @@ func (in *MetricStatus) DeepCopyInto(out *MetricStatus) {
 			(*in).DeepCopyInto(*out)
 		}
 	}
+	if in.External != nil {
+		in, out := &in.External, &out.External
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(ExternalMetricStatus)
+			(*in).DeepCopyInto(*out)
+		}
+	}
 	return
 }
 
@@ -376,8 +468,8 @@ func (in *ResourceMetricSource) DeepCopyInto(out *ResourceMetricSource) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(resource.Quantity)
-			**out = (*in).DeepCopy()
+			x := (*in).DeepCopy()
+			*out = &x
 		}
 	}
 	return
diff --git a/vendor/k8s.io/api/batch/v1/zz_generated.deepcopy.go b/vendor/k8s.io/api/batch/v1/zz_generated.deepcopy.go
index 53392f45afd4..a7179849b401 100644
--- a/vendor/k8s.io/api/batch/v1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/batch/v1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1
 
@@ -49,9 +49,8 @@ func (in *Job) DeepCopy() *Job {
 func (in *Job) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -101,9 +100,8 @@ func (in *JobList) DeepCopy() *JobList {
 func (in *JobList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -192,8 +190,7 @@ func (in *JobStatus) DeepCopyInto(out *JobStatus) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(meta_v1.Time)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	if in.CompletionTime != nil {
@@ -201,8 +198,7 @@ func (in *JobStatus) DeepCopyInto(out *JobStatus) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(meta_v1.Time)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	return
diff --git a/vendor/k8s.io/api/batch/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/batch/v1beta1/zz_generated.deepcopy.go
index 5282837731db..78e361aba06c 100644
--- a/vendor/k8s.io/api/batch/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/batch/v1beta1/zz_generated.deepcopy.go
@@ -16,13 +16,12 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
 	v1 "k8s.io/api/core/v1"
-	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
 
@@ -50,9 +49,8 @@ func (in *CronJob) DeepCopy() *CronJob {
 func (in *CronJob) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -84,9 +82,8 @@ func (in *CronJobList) DeepCopy() *CronJobList {
 func (in *CronJobList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -155,8 +152,7 @@ func (in *CronJobStatus) DeepCopyInto(out *CronJobStatus) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(meta_v1.Time)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	return
@@ -195,9 +191,8 @@ func (in *JobTemplate) DeepCopy() *JobTemplate {
 func (in *JobTemplate) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/api/batch/v2alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/api/batch/v2alpha1/zz_generated.deepcopy.go
index 387e5610ef6e..d8352bfbec40 100644
--- a/vendor/k8s.io/api/batch/v2alpha1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/batch/v2alpha1/zz_generated.deepcopy.go
@@ -16,13 +16,12 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v2alpha1
 
 import (
 	v1 "k8s.io/api/core/v1"
-	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
 
@@ -50,9 +49,8 @@ func (in *CronJob) DeepCopy() *CronJob {
 func (in *CronJob) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -84,9 +82,8 @@ func (in *CronJobList) DeepCopy() *CronJobList {
 func (in *CronJobList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -155,8 +152,7 @@ func (in *CronJobStatus) DeepCopyInto(out *CronJobStatus) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(meta_v1.Time)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	return
@@ -195,9 +191,8 @@ func (in *JobTemplate) DeepCopy() *JobTemplate {
 func (in *JobTemplate) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/api/certificates/v1beta1/types.go b/vendor/k8s.io/api/certificates/v1beta1/types.go
index cc33043ee41d..bb9e82d30820 100644
--- a/vendor/k8s.io/api/certificates/v1beta1/types.go
+++ b/vendor/k8s.io/api/certificates/v1beta1/types.go
@@ -131,7 +131,7 @@ type KeyUsage string
 const (
 	UsageSigning            KeyUsage = "signing"
 	UsageDigitalSignature   KeyUsage = "digital signature"
-	UsageContentCommittment KeyUsage = "content committment"
+	UsageContentCommittment KeyUsage = "content commitment"
 	UsageKeyEncipherment    KeyUsage = "key encipherment"
 	UsageKeyAgreement       KeyUsage = "key agreement"
 	UsageDataEncipherment   KeyUsage = "data encipherment"
diff --git a/vendor/k8s.io/api/certificates/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/certificates/v1beta1/zz_generated.deepcopy.go
index 53634ad17b6c..5848a255bde9 100644
--- a/vendor/k8s.io/api/certificates/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/certificates/v1beta1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1beta1
 
@@ -48,9 +48,8 @@ func (in *CertificateSigningRequest) DeepCopy() *CertificateSigningRequest {
 func (in *CertificateSigningRequest) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -99,9 +98,8 @@ func (in *CertificateSigningRequestList) DeepCopy() *CertificateSigningRequestLi
 func (in *CertificateSigningRequestList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -126,8 +124,12 @@ func (in *CertificateSigningRequestSpec) DeepCopyInto(out *CertificateSigningReq
 		in, out := &in.Extra, &out.Extra
 		*out = make(map[string]ExtraValue, len(*in))
 		for key, val := range *in {
-			(*out)[key] = make(ExtraValue, len(val))
-			copy((*out)[key], val)
+			if val == nil {
+				(*out)[key] = nil
+			} else {
+				(*out)[key] = make([]string, len(val))
+				copy((*out)[key], val)
+			}
 		}
 	}
 	return
@@ -170,3 +172,23 @@ func (in *CertificateSigningRequestStatus) DeepCopy() *CertificateSigningRequest
 	in.DeepCopyInto(out)
 	return out
 }
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in ExtraValue) DeepCopyInto(out *ExtraValue) {
+	{
+		in := &in
+		*out = make(ExtraValue, len(*in))
+		copy(*out, *in)
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue.
+func (in ExtraValue) DeepCopy() ExtraValue {
+	if in == nil {
+		return nil
+	}
+	out := new(ExtraValue)
+	in.DeepCopyInto(out)
+	return *out
+}
diff --git a/vendor/k8s.io/api/core/v1/BUILD b/vendor/k8s.io/api/core/v1/BUILD
index 2ffdd3453094..560ff5bd73c2 100644
--- a/vendor/k8s.io/api/core/v1/BUILD
+++ b/vendor/k8s.io/api/core/v1/BUILD
@@ -12,8 +12,7 @@ go_test(
         "taint_test.go",
         "toleration_test.go",
     ],
-    importpath = "k8s.io/api/core/v1",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/api/core/v1/generated.pb.go b/vendor/k8s.io/api/core/v1/generated.pb.go
index 5aeae2cbc07c..85c7b634b3b3 100644
--- a/vendor/k8s.io/api/core/v1/generated.pb.go
+++ b/vendor/k8s.io/api/core/v1/generated.pb.go
@@ -76,6 +76,7 @@ limitations under the License.
 		EventSource
 		ExecAction
 		FCVolumeSource
+		FlexPersistentVolumeSource
 		FlexVolumeSource
 		FlockerVolumeSource
 		GCEPersistentDiskVolumeSource
@@ -207,6 +208,7 @@ limitations under the License.
 		Volume
 		VolumeDevice
 		VolumeMount
+		VolumeNodeAffinity
 		VolumeProjection
 		VolumeSource
 		VsphereVirtualDiskVolumeSource
@@ -458,586 +460,596 @@ func (m *FCVolumeSource) Reset()                    { *m = FCVolumeSource{} }
 func (*FCVolumeSource) ProtoMessage()               {}
 func (*FCVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{50} }
 
+func (m *FlexPersistentVolumeSource) Reset()      { *m = FlexPersistentVolumeSource{} }
+func (*FlexPersistentVolumeSource) ProtoMessage() {}
+func (*FlexPersistentVolumeSource) Descriptor() ([]byte, []int) {
+	return fileDescriptorGenerated, []int{51}
+}
+
 func (m *FlexVolumeSource) Reset()                    { *m = FlexVolumeSource{} }
 func (*FlexVolumeSource) ProtoMessage()               {}
-func (*FlexVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{51} }
+func (*FlexVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{52} }
 
 func (m *FlockerVolumeSource) Reset()                    { *m = FlockerVolumeSource{} }
 func (*FlockerVolumeSource) ProtoMessage()               {}
-func (*FlockerVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{52} }
+func (*FlockerVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{53} }
 
 func (m *GCEPersistentDiskVolumeSource) Reset()      { *m = GCEPersistentDiskVolumeSource{} }
 func (*GCEPersistentDiskVolumeSource) ProtoMessage() {}
 func (*GCEPersistentDiskVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{53}
+	return fileDescriptorGenerated, []int{54}
 }
 
 func (m *GitRepoVolumeSource) Reset()                    { *m = GitRepoVolumeSource{} }
 func (*GitRepoVolumeSource) ProtoMessage()               {}
-func (*GitRepoVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{54} }
+func (*GitRepoVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{55} }
 
 func (m *GlusterfsVolumeSource) Reset()                    { *m = GlusterfsVolumeSource{} }
 func (*GlusterfsVolumeSource) ProtoMessage()               {}
-func (*GlusterfsVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{55} }
+func (*GlusterfsVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{56} }
 
 func (m *HTTPGetAction) Reset()                    { *m = HTTPGetAction{} }
 func (*HTTPGetAction) ProtoMessage()               {}
-func (*HTTPGetAction) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{56} }
+func (*HTTPGetAction) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{57} }
 
 func (m *HTTPHeader) Reset()                    { *m = HTTPHeader{} }
 func (*HTTPHeader) ProtoMessage()               {}
-func (*HTTPHeader) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{57} }
+func (*HTTPHeader) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{58} }
 
 func (m *Handler) Reset()                    { *m = Handler{} }
 func (*Handler) ProtoMessage()               {}
-func (*Handler) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{58} }
+func (*Handler) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{59} }
 
 func (m *HostAlias) Reset()                    { *m = HostAlias{} }
 func (*HostAlias) ProtoMessage()               {}
-func (*HostAlias) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{59} }
+func (*HostAlias) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{60} }
 
 func (m *HostPathVolumeSource) Reset()                    { *m = HostPathVolumeSource{} }
 func (*HostPathVolumeSource) ProtoMessage()               {}
-func (*HostPathVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{60} }
+func (*HostPathVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{61} }
 
 func (m *ISCSIPersistentVolumeSource) Reset()      { *m = ISCSIPersistentVolumeSource{} }
 func (*ISCSIPersistentVolumeSource) ProtoMessage() {}
 func (*ISCSIPersistentVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{61}
+	return fileDescriptorGenerated, []int{62}
 }
 
 func (m *ISCSIVolumeSource) Reset()                    { *m = ISCSIVolumeSource{} }
 func (*ISCSIVolumeSource) ProtoMessage()               {}
-func (*ISCSIVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{62} }
+func (*ISCSIVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{63} }
 
 func (m *KeyToPath) Reset()                    { *m = KeyToPath{} }
 func (*KeyToPath) ProtoMessage()               {}
-func (*KeyToPath) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{63} }
+func (*KeyToPath) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{64} }
 
 func (m *Lifecycle) Reset()                    { *m = Lifecycle{} }
 func (*Lifecycle) ProtoMessage()               {}
-func (*Lifecycle) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{64} }
+func (*Lifecycle) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{65} }
 
 func (m *LimitRange) Reset()                    { *m = LimitRange{} }
 func (*LimitRange) ProtoMessage()               {}
-func (*LimitRange) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{65} }
+func (*LimitRange) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{66} }
 
 func (m *LimitRangeItem) Reset()                    { *m = LimitRangeItem{} }
 func (*LimitRangeItem) ProtoMessage()               {}
-func (*LimitRangeItem) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{66} }
+func (*LimitRangeItem) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{67} }
 
 func (m *LimitRangeList) Reset()                    { *m = LimitRangeList{} }
 func (*LimitRangeList) ProtoMessage()               {}
-func (*LimitRangeList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{67} }
+func (*LimitRangeList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{68} }
 
 func (m *LimitRangeSpec) Reset()                    { *m = LimitRangeSpec{} }
 func (*LimitRangeSpec) ProtoMessage()               {}
-func (*LimitRangeSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{68} }
+func (*LimitRangeSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{69} }
 
 func (m *List) Reset()                    { *m = List{} }
 func (*List) ProtoMessage()               {}
-func (*List) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{69} }
+func (*List) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{70} }
 
 func (m *ListOptions) Reset()                    { *m = ListOptions{} }
 func (*ListOptions) ProtoMessage()               {}
-func (*ListOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{70} }
+func (*ListOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{71} }
 
 func (m *LoadBalancerIngress) Reset()                    { *m = LoadBalancerIngress{} }
 func (*LoadBalancerIngress) ProtoMessage()               {}
-func (*LoadBalancerIngress) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{71} }
+func (*LoadBalancerIngress) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{72} }
 
 func (m *LoadBalancerStatus) Reset()                    { *m = LoadBalancerStatus{} }
 func (*LoadBalancerStatus) ProtoMessage()               {}
-func (*LoadBalancerStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{72} }
+func (*LoadBalancerStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{73} }
 
 func (m *LocalObjectReference) Reset()                    { *m = LocalObjectReference{} }
 func (*LocalObjectReference) ProtoMessage()               {}
-func (*LocalObjectReference) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{73} }
+func (*LocalObjectReference) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{74} }
 
 func (m *LocalVolumeSource) Reset()                    { *m = LocalVolumeSource{} }
 func (*LocalVolumeSource) ProtoMessage()               {}
-func (*LocalVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{74} }
+func (*LocalVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{75} }
 
 func (m *NFSVolumeSource) Reset()                    { *m = NFSVolumeSource{} }
 func (*NFSVolumeSource) ProtoMessage()               {}
-func (*NFSVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{75} }
+func (*NFSVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{76} }
 
 func (m *Namespace) Reset()                    { *m = Namespace{} }
 func (*Namespace) ProtoMessage()               {}
-func (*Namespace) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{76} }
+func (*Namespace) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{77} }
 
 func (m *NamespaceList) Reset()                    { *m = NamespaceList{} }
 func (*NamespaceList) ProtoMessage()               {}
-func (*NamespaceList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{77} }
+func (*NamespaceList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{78} }
 
 func (m *NamespaceSpec) Reset()                    { *m = NamespaceSpec{} }
 func (*NamespaceSpec) ProtoMessage()               {}
-func (*NamespaceSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{78} }
+func (*NamespaceSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{79} }
 
 func (m *NamespaceStatus) Reset()                    { *m = NamespaceStatus{} }
 func (*NamespaceStatus) ProtoMessage()               {}
-func (*NamespaceStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{79} }
+func (*NamespaceStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{80} }
 
 func (m *Node) Reset()                    { *m = Node{} }
 func (*Node) ProtoMessage()               {}
-func (*Node) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{80} }
+func (*Node) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{81} }
 
 func (m *NodeAddress) Reset()                    { *m = NodeAddress{} }
 func (*NodeAddress) ProtoMessage()               {}
-func (*NodeAddress) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{81} }
+func (*NodeAddress) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{82} }
 
 func (m *NodeAffinity) Reset()                    { *m = NodeAffinity{} }
 func (*NodeAffinity) ProtoMessage()               {}
-func (*NodeAffinity) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{82} }
+func (*NodeAffinity) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{83} }
 
 func (m *NodeCondition) Reset()                    { *m = NodeCondition{} }
 func (*NodeCondition) ProtoMessage()               {}
-func (*NodeCondition) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{83} }
+func (*NodeCondition) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{84} }
 
 func (m *NodeConfigSource) Reset()                    { *m = NodeConfigSource{} }
 func (*NodeConfigSource) ProtoMessage()               {}
-func (*NodeConfigSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{84} }
+func (*NodeConfigSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{85} }
 
 func (m *NodeDaemonEndpoints) Reset()                    { *m = NodeDaemonEndpoints{} }
 func (*NodeDaemonEndpoints) ProtoMessage()               {}
-func (*NodeDaemonEndpoints) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{85} }
+func (*NodeDaemonEndpoints) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{86} }
 
 func (m *NodeList) Reset()                    { *m = NodeList{} }
 func (*NodeList) ProtoMessage()               {}
-func (*NodeList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{86} }
+func (*NodeList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{87} }
 
 func (m *NodeProxyOptions) Reset()                    { *m = NodeProxyOptions{} }
 func (*NodeProxyOptions) ProtoMessage()               {}
-func (*NodeProxyOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{87} }
+func (*NodeProxyOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{88} }
 
 func (m *NodeResources) Reset()                    { *m = NodeResources{} }
 func (*NodeResources) ProtoMessage()               {}
-func (*NodeResources) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{88} }
+func (*NodeResources) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{89} }
 
 func (m *NodeSelector) Reset()                    { *m = NodeSelector{} }
 func (*NodeSelector) ProtoMessage()               {}
-func (*NodeSelector) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{89} }
+func (*NodeSelector) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{90} }
 
 func (m *NodeSelectorRequirement) Reset()      { *m = NodeSelectorRequirement{} }
 func (*NodeSelectorRequirement) ProtoMessage() {}
 func (*NodeSelectorRequirement) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{90}
+	return fileDescriptorGenerated, []int{91}
 }
 
 func (m *NodeSelectorTerm) Reset()                    { *m = NodeSelectorTerm{} }
 func (*NodeSelectorTerm) ProtoMessage()               {}
-func (*NodeSelectorTerm) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{91} }
+func (*NodeSelectorTerm) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{92} }
 
 func (m *NodeSpec) Reset()                    { *m = NodeSpec{} }
 func (*NodeSpec) ProtoMessage()               {}
-func (*NodeSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{92} }
+func (*NodeSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{93} }
 
 func (m *NodeStatus) Reset()                    { *m = NodeStatus{} }
 func (*NodeStatus) ProtoMessage()               {}
-func (*NodeStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{93} }
+func (*NodeStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{94} }
 
 func (m *NodeSystemInfo) Reset()                    { *m = NodeSystemInfo{} }
 func (*NodeSystemInfo) ProtoMessage()               {}
-func (*NodeSystemInfo) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{94} }
+func (*NodeSystemInfo) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{95} }
 
 func (m *ObjectFieldSelector) Reset()                    { *m = ObjectFieldSelector{} }
 func (*ObjectFieldSelector) ProtoMessage()               {}
-func (*ObjectFieldSelector) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{95} }
+func (*ObjectFieldSelector) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{96} }
 
 func (m *ObjectMeta) Reset()                    { *m = ObjectMeta{} }
 func (*ObjectMeta) ProtoMessage()               {}
-func (*ObjectMeta) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{96} }
+func (*ObjectMeta) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{97} }
 
 func (m *ObjectReference) Reset()                    { *m = ObjectReference{} }
 func (*ObjectReference) ProtoMessage()               {}
-func (*ObjectReference) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{97} }
+func (*ObjectReference) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{98} }
 
 func (m *PersistentVolume) Reset()                    { *m = PersistentVolume{} }
 func (*PersistentVolume) ProtoMessage()               {}
-func (*PersistentVolume) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{98} }
+func (*PersistentVolume) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{99} }
 
 func (m *PersistentVolumeClaim) Reset()                    { *m = PersistentVolumeClaim{} }
 func (*PersistentVolumeClaim) ProtoMessage()               {}
-func (*PersistentVolumeClaim) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{99} }
+func (*PersistentVolumeClaim) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{100} }
 
 func (m *PersistentVolumeClaimCondition) Reset()      { *m = PersistentVolumeClaimCondition{} }
 func (*PersistentVolumeClaimCondition) ProtoMessage() {}
 func (*PersistentVolumeClaimCondition) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{100}
+	return fileDescriptorGenerated, []int{101}
 }
 
 func (m *PersistentVolumeClaimList) Reset()      { *m = PersistentVolumeClaimList{} }
 func (*PersistentVolumeClaimList) ProtoMessage() {}
 func (*PersistentVolumeClaimList) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{101}
+	return fileDescriptorGenerated, []int{102}
 }
 
 func (m *PersistentVolumeClaimSpec) Reset()      { *m = PersistentVolumeClaimSpec{} }
 func (*PersistentVolumeClaimSpec) ProtoMessage() {}
 func (*PersistentVolumeClaimSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{102}
+	return fileDescriptorGenerated, []int{103}
 }
 
 func (m *PersistentVolumeClaimStatus) Reset()      { *m = PersistentVolumeClaimStatus{} }
 func (*PersistentVolumeClaimStatus) ProtoMessage() {}
 func (*PersistentVolumeClaimStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{103}
+	return fileDescriptorGenerated, []int{104}
 }
 
 func (m *PersistentVolumeClaimVolumeSource) Reset()      { *m = PersistentVolumeClaimVolumeSource{} }
 func (*PersistentVolumeClaimVolumeSource) ProtoMessage() {}
 func (*PersistentVolumeClaimVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{104}
+	return fileDescriptorGenerated, []int{105}
 }
 
 func (m *PersistentVolumeList) Reset()                    { *m = PersistentVolumeList{} }
 func (*PersistentVolumeList) ProtoMessage()               {}
-func (*PersistentVolumeList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{105} }
+func (*PersistentVolumeList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{106} }
 
 func (m *PersistentVolumeSource) Reset()      { *m = PersistentVolumeSource{} }
 func (*PersistentVolumeSource) ProtoMessage() {}
 func (*PersistentVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{106}
+	return fileDescriptorGenerated, []int{107}
 }
 
 func (m *PersistentVolumeSpec) Reset()                    { *m = PersistentVolumeSpec{} }
 func (*PersistentVolumeSpec) ProtoMessage()               {}
-func (*PersistentVolumeSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{107} }
+func (*PersistentVolumeSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{108} }
 
 func (m *PersistentVolumeStatus) Reset()      { *m = PersistentVolumeStatus{} }
 func (*PersistentVolumeStatus) ProtoMessage() {}
 func (*PersistentVolumeStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{108}
+	return fileDescriptorGenerated, []int{109}
 }
 
 func (m *PhotonPersistentDiskVolumeSource) Reset()      { *m = PhotonPersistentDiskVolumeSource{} }
 func (*PhotonPersistentDiskVolumeSource) ProtoMessage() {}
 func (*PhotonPersistentDiskVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{109}
+	return fileDescriptorGenerated, []int{110}
 }
 
 func (m *Pod) Reset()                    { *m = Pod{} }
 func (*Pod) ProtoMessage()               {}
-func (*Pod) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{110} }
+func (*Pod) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{111} }
 
 func (m *PodAffinity) Reset()                    { *m = PodAffinity{} }
 func (*PodAffinity) ProtoMessage()               {}
-func (*PodAffinity) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{111} }
+func (*PodAffinity) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{112} }
 
 func (m *PodAffinityTerm) Reset()                    { *m = PodAffinityTerm{} }
 func (*PodAffinityTerm) ProtoMessage()               {}
-func (*PodAffinityTerm) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{112} }
+func (*PodAffinityTerm) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{113} }
 
 func (m *PodAntiAffinity) Reset()                    { *m = PodAntiAffinity{} }
 func (*PodAntiAffinity) ProtoMessage()               {}
-func (*PodAntiAffinity) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{113} }
+func (*PodAntiAffinity) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{114} }
 
 func (m *PodAttachOptions) Reset()                    { *m = PodAttachOptions{} }
 func (*PodAttachOptions) ProtoMessage()               {}
-func (*PodAttachOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{114} }
+func (*PodAttachOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{115} }
 
 func (m *PodCondition) Reset()                    { *m = PodCondition{} }
 func (*PodCondition) ProtoMessage()               {}
-func (*PodCondition) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{115} }
+func (*PodCondition) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{116} }
 
 func (m *PodDNSConfig) Reset()                    { *m = PodDNSConfig{} }
 func (*PodDNSConfig) ProtoMessage()               {}
-func (*PodDNSConfig) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{116} }
+func (*PodDNSConfig) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{117} }
 
 func (m *PodDNSConfigOption) Reset()                    { *m = PodDNSConfigOption{} }
 func (*PodDNSConfigOption) ProtoMessage()               {}
-func (*PodDNSConfigOption) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{117} }
+func (*PodDNSConfigOption) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{118} }
 
 func (m *PodExecOptions) Reset()                    { *m = PodExecOptions{} }
 func (*PodExecOptions) ProtoMessage()               {}
-func (*PodExecOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{118} }
+func (*PodExecOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{119} }
 
 func (m *PodList) Reset()                    { *m = PodList{} }
 func (*PodList) ProtoMessage()               {}
-func (*PodList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{119} }
+func (*PodList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{120} }
 
 func (m *PodLogOptions) Reset()                    { *m = PodLogOptions{} }
 func (*PodLogOptions) ProtoMessage()               {}
-func (*PodLogOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{120} }
+func (*PodLogOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{121} }
 
 func (m *PodPortForwardOptions) Reset()                    { *m = PodPortForwardOptions{} }
 func (*PodPortForwardOptions) ProtoMessage()               {}
-func (*PodPortForwardOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{121} }
+func (*PodPortForwardOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{122} }
 
 func (m *PodProxyOptions) Reset()                    { *m = PodProxyOptions{} }
 func (*PodProxyOptions) ProtoMessage()               {}
-func (*PodProxyOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{122} }
+func (*PodProxyOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{123} }
 
 func (m *PodSecurityContext) Reset()                    { *m = PodSecurityContext{} }
 func (*PodSecurityContext) ProtoMessage()               {}
-func (*PodSecurityContext) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{123} }
+func (*PodSecurityContext) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{124} }
 
 func (m *PodSignature) Reset()                    { *m = PodSignature{} }
 func (*PodSignature) ProtoMessage()               {}
-func (*PodSignature) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{124} }
+func (*PodSignature) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{125} }
 
 func (m *PodSpec) Reset()                    { *m = PodSpec{} }
 func (*PodSpec) ProtoMessage()               {}
-func (*PodSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{125} }
+func (*PodSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{126} }
 
 func (m *PodStatus) Reset()                    { *m = PodStatus{} }
 func (*PodStatus) ProtoMessage()               {}
-func (*PodStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{126} }
+func (*PodStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{127} }
 
 func (m *PodStatusResult) Reset()                    { *m = PodStatusResult{} }
 func (*PodStatusResult) ProtoMessage()               {}
-func (*PodStatusResult) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{127} }
+func (*PodStatusResult) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{128} }
 
 func (m *PodTemplate) Reset()                    { *m = PodTemplate{} }
 func (*PodTemplate) ProtoMessage()               {}
-func (*PodTemplate) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{128} }
+func (*PodTemplate) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{129} }
 
 func (m *PodTemplateList) Reset()                    { *m = PodTemplateList{} }
 func (*PodTemplateList) ProtoMessage()               {}
-func (*PodTemplateList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{129} }
+func (*PodTemplateList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{130} }
 
 func (m *PodTemplateSpec) Reset()                    { *m = PodTemplateSpec{} }
 func (*PodTemplateSpec) ProtoMessage()               {}
-func (*PodTemplateSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{130} }
+func (*PodTemplateSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{131} }
 
 func (m *PortworxVolumeSource) Reset()                    { *m = PortworxVolumeSource{} }
 func (*PortworxVolumeSource) ProtoMessage()               {}
-func (*PortworxVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{131} }
+func (*PortworxVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{132} }
 
 func (m *Preconditions) Reset()                    { *m = Preconditions{} }
 func (*Preconditions) ProtoMessage()               {}
-func (*Preconditions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{132} }
+func (*Preconditions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{133} }
 
 func (m *PreferAvoidPodsEntry) Reset()                    { *m = PreferAvoidPodsEntry{} }
 func (*PreferAvoidPodsEntry) ProtoMessage()               {}
-func (*PreferAvoidPodsEntry) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{133} }
+func (*PreferAvoidPodsEntry) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{134} }
 
 func (m *PreferredSchedulingTerm) Reset()      { *m = PreferredSchedulingTerm{} }
 func (*PreferredSchedulingTerm) ProtoMessage() {}
 func (*PreferredSchedulingTerm) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{134}
+	return fileDescriptorGenerated, []int{135}
 }
 
 func (m *Probe) Reset()                    { *m = Probe{} }
 func (*Probe) ProtoMessage()               {}
-func (*Probe) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{135} }
+func (*Probe) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{136} }
 
 func (m *ProjectedVolumeSource) Reset()                    { *m = ProjectedVolumeSource{} }
 func (*ProjectedVolumeSource) ProtoMessage()               {}
-func (*ProjectedVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{136} }
+func (*ProjectedVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{137} }
 
 func (m *QuobyteVolumeSource) Reset()                    { *m = QuobyteVolumeSource{} }
 func (*QuobyteVolumeSource) ProtoMessage()               {}
-func (*QuobyteVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{137} }
+func (*QuobyteVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{138} }
 
 func (m *RBDPersistentVolumeSource) Reset()      { *m = RBDPersistentVolumeSource{} }
 func (*RBDPersistentVolumeSource) ProtoMessage() {}
 func (*RBDPersistentVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{138}
+	return fileDescriptorGenerated, []int{139}
 }
 
 func (m *RBDVolumeSource) Reset()                    { *m = RBDVolumeSource{} }
 func (*RBDVolumeSource) ProtoMessage()               {}
-func (*RBDVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{139} }
+func (*RBDVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{140} }
 
 func (m *RangeAllocation) Reset()                    { *m = RangeAllocation{} }
 func (*RangeAllocation) ProtoMessage()               {}
-func (*RangeAllocation) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{140} }
+func (*RangeAllocation) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{141} }
 
 func (m *ReplicationController) Reset()                    { *m = ReplicationController{} }
 func (*ReplicationController) ProtoMessage()               {}
-func (*ReplicationController) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{141} }
+func (*ReplicationController) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{142} }
 
 func (m *ReplicationControllerCondition) Reset()      { *m = ReplicationControllerCondition{} }
 func (*ReplicationControllerCondition) ProtoMessage() {}
 func (*ReplicationControllerCondition) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{142}
+	return fileDescriptorGenerated, []int{143}
 }
 
 func (m *ReplicationControllerList) Reset()      { *m = ReplicationControllerList{} }
 func (*ReplicationControllerList) ProtoMessage() {}
 func (*ReplicationControllerList) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{143}
+	return fileDescriptorGenerated, []int{144}
 }
 
 func (m *ReplicationControllerSpec) Reset()      { *m = ReplicationControllerSpec{} }
 func (*ReplicationControllerSpec) ProtoMessage() {}
 func (*ReplicationControllerSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{144}
+	return fileDescriptorGenerated, []int{145}
 }
 
 func (m *ReplicationControllerStatus) Reset()      { *m = ReplicationControllerStatus{} }
 func (*ReplicationControllerStatus) ProtoMessage() {}
 func (*ReplicationControllerStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{145}
+	return fileDescriptorGenerated, []int{146}
 }
 
 func (m *ResourceFieldSelector) Reset()                    { *m = ResourceFieldSelector{} }
 func (*ResourceFieldSelector) ProtoMessage()               {}
-func (*ResourceFieldSelector) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{146} }
+func (*ResourceFieldSelector) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{147} }
 
 func (m *ResourceQuota) Reset()                    { *m = ResourceQuota{} }
 func (*ResourceQuota) ProtoMessage()               {}
-func (*ResourceQuota) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{147} }
+func (*ResourceQuota) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{148} }
 
 func (m *ResourceQuotaList) Reset()                    { *m = ResourceQuotaList{} }
 func (*ResourceQuotaList) ProtoMessage()               {}
-func (*ResourceQuotaList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{148} }
+func (*ResourceQuotaList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{149} }
 
 func (m *ResourceQuotaSpec) Reset()                    { *m = ResourceQuotaSpec{} }
 func (*ResourceQuotaSpec) ProtoMessage()               {}
-func (*ResourceQuotaSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{149} }
+func (*ResourceQuotaSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{150} }
 
 func (m *ResourceQuotaStatus) Reset()                    { *m = ResourceQuotaStatus{} }
 func (*ResourceQuotaStatus) ProtoMessage()               {}
-func (*ResourceQuotaStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{150} }
+func (*ResourceQuotaStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{151} }
 
 func (m *ResourceRequirements) Reset()                    { *m = ResourceRequirements{} }
 func (*ResourceRequirements) ProtoMessage()               {}
-func (*ResourceRequirements) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{151} }
+func (*ResourceRequirements) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{152} }
 
 func (m *SELinuxOptions) Reset()                    { *m = SELinuxOptions{} }
 func (*SELinuxOptions) ProtoMessage()               {}
-func (*SELinuxOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{152} }
+func (*SELinuxOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{153} }
 
 func (m *ScaleIOPersistentVolumeSource) Reset()      { *m = ScaleIOPersistentVolumeSource{} }
 func (*ScaleIOPersistentVolumeSource) ProtoMessage() {}
 func (*ScaleIOPersistentVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{153}
+	return fileDescriptorGenerated, []int{154}
 }
 
 func (m *ScaleIOVolumeSource) Reset()                    { *m = ScaleIOVolumeSource{} }
 func (*ScaleIOVolumeSource) ProtoMessage()               {}
-func (*ScaleIOVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{154} }
+func (*ScaleIOVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{155} }
 
 func (m *Secret) Reset()                    { *m = Secret{} }
 func (*Secret) ProtoMessage()               {}
-func (*Secret) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{155} }
+func (*Secret) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{156} }
 
 func (m *SecretEnvSource) Reset()                    { *m = SecretEnvSource{} }
 func (*SecretEnvSource) ProtoMessage()               {}
-func (*SecretEnvSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{156} }
+func (*SecretEnvSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{157} }
 
 func (m *SecretKeySelector) Reset()                    { *m = SecretKeySelector{} }
 func (*SecretKeySelector) ProtoMessage()               {}
-func (*SecretKeySelector) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{157} }
+func (*SecretKeySelector) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{158} }
 
 func (m *SecretList) Reset()                    { *m = SecretList{} }
 func (*SecretList) ProtoMessage()               {}
-func (*SecretList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{158} }
+func (*SecretList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{159} }
 
 func (m *SecretProjection) Reset()                    { *m = SecretProjection{} }
 func (*SecretProjection) ProtoMessage()               {}
-func (*SecretProjection) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{159} }
+func (*SecretProjection) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{160} }
 
 func (m *SecretReference) Reset()                    { *m = SecretReference{} }
 func (*SecretReference) ProtoMessage()               {}
-func (*SecretReference) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{160} }
+func (*SecretReference) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{161} }
 
 func (m *SecretVolumeSource) Reset()                    { *m = SecretVolumeSource{} }
 func (*SecretVolumeSource) ProtoMessage()               {}
-func (*SecretVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{161} }
+func (*SecretVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{162} }
 
 func (m *SecurityContext) Reset()                    { *m = SecurityContext{} }
 func (*SecurityContext) ProtoMessage()               {}
-func (*SecurityContext) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{162} }
+func (*SecurityContext) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{163} }
 
 func (m *SerializedReference) Reset()                    { *m = SerializedReference{} }
 func (*SerializedReference) ProtoMessage()               {}
-func (*SerializedReference) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{163} }
+func (*SerializedReference) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{164} }
 
 func (m *Service) Reset()                    { *m = Service{} }
 func (*Service) ProtoMessage()               {}
-func (*Service) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{164} }
+func (*Service) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{165} }
 
 func (m *ServiceAccount) Reset()                    { *m = ServiceAccount{} }
 func (*ServiceAccount) ProtoMessage()               {}
-func (*ServiceAccount) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{165} }
+func (*ServiceAccount) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{166} }
 
 func (m *ServiceAccountList) Reset()                    { *m = ServiceAccountList{} }
 func (*ServiceAccountList) ProtoMessage()               {}
-func (*ServiceAccountList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{166} }
+func (*ServiceAccountList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{167} }
 
 func (m *ServiceList) Reset()                    { *m = ServiceList{} }
 func (*ServiceList) ProtoMessage()               {}
-func (*ServiceList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{167} }
+func (*ServiceList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{168} }
 
 func (m *ServicePort) Reset()                    { *m = ServicePort{} }
 func (*ServicePort) ProtoMessage()               {}
-func (*ServicePort) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{168} }
+func (*ServicePort) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{169} }
 
 func (m *ServiceProxyOptions) Reset()                    { *m = ServiceProxyOptions{} }
 func (*ServiceProxyOptions) ProtoMessage()               {}
-func (*ServiceProxyOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{169} }
+func (*ServiceProxyOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{170} }
 
 func (m *ServiceSpec) Reset()                    { *m = ServiceSpec{} }
 func (*ServiceSpec) ProtoMessage()               {}
-func (*ServiceSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{170} }
+func (*ServiceSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{171} }
 
 func (m *ServiceStatus) Reset()                    { *m = ServiceStatus{} }
 func (*ServiceStatus) ProtoMessage()               {}
-func (*ServiceStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{171} }
+func (*ServiceStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{172} }
 
 func (m *SessionAffinityConfig) Reset()                    { *m = SessionAffinityConfig{} }
 func (*SessionAffinityConfig) ProtoMessage()               {}
-func (*SessionAffinityConfig) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{172} }
+func (*SessionAffinityConfig) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{173} }
 
 func (m *StorageOSPersistentVolumeSource) Reset()      { *m = StorageOSPersistentVolumeSource{} }
 func (*StorageOSPersistentVolumeSource) ProtoMessage() {}
 func (*StorageOSPersistentVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{173}
+	return fileDescriptorGenerated, []int{174}
 }
 
 func (m *StorageOSVolumeSource) Reset()                    { *m = StorageOSVolumeSource{} }
 func (*StorageOSVolumeSource) ProtoMessage()               {}
-func (*StorageOSVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{174} }
+func (*StorageOSVolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{175} }
 
 func (m *Sysctl) Reset()                    { *m = Sysctl{} }
 func (*Sysctl) ProtoMessage()               {}
-func (*Sysctl) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{175} }
+func (*Sysctl) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{176} }
 
 func (m *TCPSocketAction) Reset()                    { *m = TCPSocketAction{} }
 func (*TCPSocketAction) ProtoMessage()               {}
-func (*TCPSocketAction) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{176} }
+func (*TCPSocketAction) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{177} }
 
 func (m *Taint) Reset()                    { *m = Taint{} }
 func (*Taint) ProtoMessage()               {}
-func (*Taint) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{177} }
+func (*Taint) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{178} }
 
 func (m *Toleration) Reset()                    { *m = Toleration{} }
 func (*Toleration) ProtoMessage()               {}
-func (*Toleration) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{178} }
+func (*Toleration) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{179} }
 
 func (m *Volume) Reset()                    { *m = Volume{} }
 func (*Volume) ProtoMessage()               {}
-func (*Volume) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{179} }
+func (*Volume) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{180} }
 
 func (m *VolumeDevice) Reset()                    { *m = VolumeDevice{} }
 func (*VolumeDevice) ProtoMessage()               {}
-func (*VolumeDevice) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{180} }
+func (*VolumeDevice) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{181} }
 
 func (m *VolumeMount) Reset()                    { *m = VolumeMount{} }
 func (*VolumeMount) ProtoMessage()               {}
-func (*VolumeMount) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{181} }
+func (*VolumeMount) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{182} }
+
+func (m *VolumeNodeAffinity) Reset()                    { *m = VolumeNodeAffinity{} }
+func (*VolumeNodeAffinity) ProtoMessage()               {}
+func (*VolumeNodeAffinity) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{183} }
 
 func (m *VolumeProjection) Reset()                    { *m = VolumeProjection{} }
 func (*VolumeProjection) ProtoMessage()               {}
-func (*VolumeProjection) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{182} }
+func (*VolumeProjection) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{184} }
 
 func (m *VolumeSource) Reset()                    { *m = VolumeSource{} }
 func (*VolumeSource) ProtoMessage()               {}
-func (*VolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{183} }
+func (*VolumeSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{185} }
 
 func (m *VsphereVirtualDiskVolumeSource) Reset()      { *m = VsphereVirtualDiskVolumeSource{} }
 func (*VsphereVirtualDiskVolumeSource) ProtoMessage() {}
 func (*VsphereVirtualDiskVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{184}
+	return fileDescriptorGenerated, []int{186}
 }
 
 func (m *WeightedPodAffinityTerm) Reset()      { *m = WeightedPodAffinityTerm{} }
 func (*WeightedPodAffinityTerm) ProtoMessage() {}
 func (*WeightedPodAffinityTerm) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{185}
+	return fileDescriptorGenerated, []int{187}
 }
 
 func init() {
@@ -1092,6 +1104,7 @@ func init() {
 	proto.RegisterType((*EventSource)(nil), "k8s.io.api.core.v1.EventSource")
 	proto.RegisterType((*ExecAction)(nil), "k8s.io.api.core.v1.ExecAction")
 	proto.RegisterType((*FCVolumeSource)(nil), "k8s.io.api.core.v1.FCVolumeSource")
+	proto.RegisterType((*FlexPersistentVolumeSource)(nil), "k8s.io.api.core.v1.FlexPersistentVolumeSource")
 	proto.RegisterType((*FlexVolumeSource)(nil), "k8s.io.api.core.v1.FlexVolumeSource")
 	proto.RegisterType((*FlockerVolumeSource)(nil), "k8s.io.api.core.v1.FlockerVolumeSource")
 	proto.RegisterType((*GCEPersistentDiskVolumeSource)(nil), "k8s.io.api.core.v1.GCEPersistentDiskVolumeSource")
@@ -1223,6 +1236,7 @@ func init() {
 	proto.RegisterType((*Volume)(nil), "k8s.io.api.core.v1.Volume")
 	proto.RegisterType((*VolumeDevice)(nil), "k8s.io.api.core.v1.VolumeDevice")
 	proto.RegisterType((*VolumeMount)(nil), "k8s.io.api.core.v1.VolumeMount")
+	proto.RegisterType((*VolumeNodeAffinity)(nil), "k8s.io.api.core.v1.VolumeNodeAffinity")
 	proto.RegisterType((*VolumeProjection)(nil), "k8s.io.api.core.v1.VolumeProjection")
 	proto.RegisterType((*VolumeSource)(nil), "k8s.io.api.core.v1.VolumeSource")
 	proto.RegisterType((*VsphereVirtualDiskVolumeSource)(nil), "k8s.io.api.core.v1.VsphereVirtualDiskVolumeSource")
@@ -1562,6 +1576,62 @@ func (m *CSIPersistentVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0
 	}
 	i++
+	dAtA[i] = 0x22
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.FSType)))
+	i += copy(dAtA[i:], m.FSType)
+	if len(m.VolumeAttributes) > 0 {
+		keysForVolumeAttributes := make([]string, 0, len(m.VolumeAttributes))
+		for k := range m.VolumeAttributes {
+			keysForVolumeAttributes = append(keysForVolumeAttributes, string(k))
+		}
+		github_com_gogo_protobuf_sortkeys.Strings(keysForVolumeAttributes)
+		for _, k := range keysForVolumeAttributes {
+			dAtA[i] = 0x2a
+			i++
+			v := m.VolumeAttributes[string(k)]
+			mapSize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + len(v) + sovGenerated(uint64(len(v)))
+			i = encodeVarintGenerated(dAtA, i, uint64(mapSize))
+			dAtA[i] = 0xa
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(len(k)))
+			i += copy(dAtA[i:], k)
+			dAtA[i] = 0x12
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(len(v)))
+			i += copy(dAtA[i:], v)
+		}
+	}
+	if m.ControllerPublishSecretRef != nil {
+		dAtA[i] = 0x32
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.ControllerPublishSecretRef.Size()))
+		n6, err := m.ControllerPublishSecretRef.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n6
+	}
+	if m.NodeStageSecretRef != nil {
+		dAtA[i] = 0x3a
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.NodeStageSecretRef.Size()))
+		n7, err := m.NodeStageSecretRef.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n7
+	}
+	if m.NodePublishSecretRef != nil {
+		dAtA[i] = 0x42
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.NodePublishSecretRef.Size()))
+		n8, err := m.NodePublishSecretRef.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n8
+	}
 	return i, nil
 }
 
@@ -1659,11 +1729,11 @@ func (m *CephFSPersistentVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x2a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SecretRef.Size()))
-		n6, err := m.SecretRef.MarshalTo(dAtA[i:])
+		n9, err := m.SecretRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n6
+		i += n9
 	}
 	dAtA[i] = 0x30
 	i++
@@ -1722,11 +1792,11 @@ func (m *CephFSVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x2a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SecretRef.Size()))
-		n7, err := m.SecretRef.MarshalTo(dAtA[i:])
+		n10, err := m.SecretRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n7
+		i += n10
 	}
 	dAtA[i] = 0x30
 	i++
@@ -1848,11 +1918,11 @@ func (m *ComponentStatus) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n8, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n11, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n8
+	i += n11
 	if len(m.Conditions) > 0 {
 		for _, msg := range m.Conditions {
 			dAtA[i] = 0x12
@@ -1886,11 +1956,11 @@ func (m *ComponentStatusList) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
-	n9, err := m.ListMeta.MarshalTo(dAtA[i:])
+	n12, err := m.ListMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n9
+	i += n12
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -1924,11 +1994,11 @@ func (m *ConfigMap) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n10, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n13, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n10
+	i += n13
 	if len(m.Data) > 0 {
 		keysForData := make([]string, 0, len(m.Data))
 		for k := range m.Data {
@@ -1951,6 +2021,34 @@ func (m *ConfigMap) MarshalTo(dAtA []byte) (int, error) {
 			i += copy(dAtA[i:], v)
 		}
 	}
+	if len(m.BinaryData) > 0 {
+		keysForBinaryData := make([]string, 0, len(m.BinaryData))
+		for k := range m.BinaryData {
+			keysForBinaryData = append(keysForBinaryData, string(k))
+		}
+		github_com_gogo_protobuf_sortkeys.Strings(keysForBinaryData)
+		for _, k := range keysForBinaryData {
+			dAtA[i] = 0x1a
+			i++
+			v := m.BinaryData[string(k)]
+			byteSize := 0
+			if v != nil {
+				byteSize = 1 + len(v) + sovGenerated(uint64(len(v)))
+			}
+			mapSize := 1 + len(k) + sovGenerated(uint64(len(k))) + byteSize
+			i = encodeVarintGenerated(dAtA, i, uint64(mapSize))
+			dAtA[i] = 0xa
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(len(k)))
+			i += copy(dAtA[i:], k)
+			if v != nil {
+				dAtA[i] = 0x12
+				i++
+				i = encodeVarintGenerated(dAtA, i, uint64(len(v)))
+				i += copy(dAtA[i:], v)
+			}
+		}
+	}
 	return i, nil
 }
 
@@ -1972,11 +2070,11 @@ func (m *ConfigMapEnvSource) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LocalObjectReference.Size()))
-	n11, err := m.LocalObjectReference.MarshalTo(dAtA[i:])
+	n14, err := m.LocalObjectReference.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n11
+	i += n14
 	if m.Optional != nil {
 		dAtA[i] = 0x10
 		i++
@@ -2008,11 +2106,11 @@ func (m *ConfigMapKeySelector) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LocalObjectReference.Size()))
-	n12, err := m.LocalObjectReference.MarshalTo(dAtA[i:])
+	n15, err := m.LocalObjectReference.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n12
+	i += n15
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Key)))
@@ -2048,11 +2146,11 @@ func (m *ConfigMapList) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
-	n13, err := m.ListMeta.MarshalTo(dAtA[i:])
+	n16, err := m.ListMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n13
+	i += n16
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -2086,11 +2184,11 @@ func (m *ConfigMapProjection) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LocalObjectReference.Size()))
-	n14, err := m.LocalObjectReference.MarshalTo(dAtA[i:])
+	n17, err := m.LocalObjectReference.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n14
+	i += n17
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -2134,11 +2232,11 @@ func (m *ConfigMapVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LocalObjectReference.Size()))
-	n15, err := m.LocalObjectReference.MarshalTo(dAtA[i:])
+	n18, err := m.LocalObjectReference.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n15
+	i += n18
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -2253,11 +2351,11 @@ func (m *Container) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x42
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Resources.Size()))
-	n16, err := m.Resources.MarshalTo(dAtA[i:])
+	n19, err := m.Resources.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n16
+	i += n19
 	if len(m.VolumeMounts) > 0 {
 		for _, msg := range m.VolumeMounts {
 			dAtA[i] = 0x4a
@@ -2274,31 +2372,31 @@ func (m *Container) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x52
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.LivenessProbe.Size()))
-		n17, err := m.LivenessProbe.MarshalTo(dAtA[i:])
+		n20, err := m.LivenessProbe.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n17
+		i += n20
 	}
 	if m.ReadinessProbe != nil {
 		dAtA[i] = 0x5a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.ReadinessProbe.Size()))
-		n18, err := m.ReadinessProbe.MarshalTo(dAtA[i:])
+		n21, err := m.ReadinessProbe.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n18
+		i += n21
 	}
 	if m.Lifecycle != nil {
 		dAtA[i] = 0x62
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Lifecycle.Size()))
-		n19, err := m.Lifecycle.MarshalTo(dAtA[i:])
+		n22, err := m.Lifecycle.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n19
+		i += n22
 	}
 	dAtA[i] = 0x6a
 	i++
@@ -2312,11 +2410,11 @@ func (m *Container) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x7a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SecurityContext.Size()))
-		n20, err := m.SecurityContext.MarshalTo(dAtA[i:])
+		n23, err := m.SecurityContext.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n20
+		i += n23
 	}
 	dAtA[i] = 0x80
 	i++
@@ -2476,31 +2574,31 @@ func (m *ContainerState) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Waiting.Size()))
-		n21, err := m.Waiting.MarshalTo(dAtA[i:])
+		n24, err := m.Waiting.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n21
+		i += n24
 	}
 	if m.Running != nil {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Running.Size()))
-		n22, err := m.Running.MarshalTo(dAtA[i:])
+		n25, err := m.Running.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n22
+		i += n25
 	}
 	if m.Terminated != nil {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Terminated.Size()))
-		n23, err := m.Terminated.MarshalTo(dAtA[i:])
+		n26, err := m.Terminated.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n23
+		i += n26
 	}
 	return i, nil
 }
@@ -2523,11 +2621,11 @@ func (m *ContainerStateRunning) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.StartedAt.Size()))
-	n24, err := m.StartedAt.MarshalTo(dAtA[i:])
+	n27, err := m.StartedAt.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n24
+	i += n27
 	return i, nil
 }
 
@@ -2563,19 +2661,19 @@ func (m *ContainerStateTerminated) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x2a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.StartedAt.Size()))
-	n25, err := m.StartedAt.MarshalTo(dAtA[i:])
+	n28, err := m.StartedAt.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n25
+	i += n28
 	dAtA[i] = 0x32
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.FinishedAt.Size()))
-	n26, err := m.FinishedAt.MarshalTo(dAtA[i:])
+	n29, err := m.FinishedAt.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n26
+	i += n29
 	dAtA[i] = 0x3a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.ContainerID)))
@@ -2631,19 +2729,19 @@ func (m *ContainerStatus) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.State.Size()))
-	n27, err := m.State.MarshalTo(dAtA[i:])
+	n30, err := m.State.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n27
+	i += n30
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LastTerminationState.Size()))
-	n28, err := m.LastTerminationState.MarshalTo(dAtA[i:])
+	n31, err := m.LastTerminationState.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n28
+	i += n31
 	dAtA[i] = 0x20
 	i++
 	if m.Ready {
@@ -2715,11 +2813,11 @@ func (m *DeleteOptions) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Preconditions.Size()))
-		n29, err := m.Preconditions.MarshalTo(dAtA[i:])
+		n32, err := m.Preconditions.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n29
+		i += n32
 	}
 	if m.OrphanDependents != nil {
 		dAtA[i] = 0x18
@@ -2793,21 +2891,21 @@ func (m *DownwardAPIVolumeFile) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.FieldRef.Size()))
-		n30, err := m.FieldRef.MarshalTo(dAtA[i:])
+		n33, err := m.FieldRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n30
+		i += n33
 	}
 	if m.ResourceFieldRef != nil {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.ResourceFieldRef.Size()))
-		n31, err := m.ResourceFieldRef.MarshalTo(dAtA[i:])
+		n34, err := m.ResourceFieldRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n31
+		i += n34
 	}
 	if m.Mode != nil {
 		dAtA[i] = 0x20
@@ -2875,11 +2973,11 @@ func (m *EmptyDirVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SizeLimit.Size()))
-		n32, err := m.SizeLimit.MarshalTo(dAtA[i:])
+		n35, err := m.SizeLimit.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n32
+		i += n35
 	}
 	return i, nil
 }
@@ -2907,11 +3005,11 @@ func (m *EndpointAddress) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.TargetRef.Size()))
-		n33, err := m.TargetRef.MarshalTo(dAtA[i:])
+		n36, err := m.TargetRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n33
+		i += n36
 	}
 	dAtA[i] = 0x1a
 	i++
@@ -3027,11 +3125,11 @@ func (m *Endpoints) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n34, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n37, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n34
+	i += n37
 	if len(m.Subsets) > 0 {
 		for _, msg := range m.Subsets {
 			dAtA[i] = 0x12
@@ -3065,11 +3163,11 @@ func (m *EndpointsList) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
-	n35, err := m.ListMeta.MarshalTo(dAtA[i:])
+	n38, err := m.ListMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n35
+	i += n38
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -3108,21 +3206,21 @@ func (m *EnvFromSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.ConfigMapRef.Size()))
-		n36, err := m.ConfigMapRef.MarshalTo(dAtA[i:])
+		n39, err := m.ConfigMapRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n36
+		i += n39
 	}
 	if m.SecretRef != nil {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SecretRef.Size()))
-		n37, err := m.SecretRef.MarshalTo(dAtA[i:])
+		n40, err := m.SecretRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n37
+		i += n40
 	}
 	return i, nil
 }
@@ -3154,11 +3252,11 @@ func (m *EnvVar) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.ValueFrom.Size()))
-		n38, err := m.ValueFrom.MarshalTo(dAtA[i:])
+		n41, err := m.ValueFrom.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n38
+		i += n41
 	}
 	return i, nil
 }
@@ -3182,41 +3280,41 @@ func (m *EnvVarSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.FieldRef.Size()))
-		n39, err := m.FieldRef.MarshalTo(dAtA[i:])
+		n42, err := m.FieldRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n39
+		i += n42
 	}
 	if m.ResourceFieldRef != nil {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.ResourceFieldRef.Size()))
-		n40, err := m.ResourceFieldRef.MarshalTo(dAtA[i:])
+		n43, err := m.ResourceFieldRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n40
+		i += n43
 	}
 	if m.ConfigMapKeyRef != nil {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.ConfigMapKeyRef.Size()))
-		n41, err := m.ConfigMapKeyRef.MarshalTo(dAtA[i:])
+		n44, err := m.ConfigMapKeyRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n41
+		i += n44
 	}
 	if m.SecretKeyRef != nil {
 		dAtA[i] = 0x22
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SecretKeyRef.Size()))
-		n42, err := m.SecretKeyRef.MarshalTo(dAtA[i:])
+		n45, err := m.SecretKeyRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n42
+		i += n45
 	}
 	return i, nil
 }
@@ -3239,19 +3337,19 @@ func (m *Event) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n43, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n46, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n43
+	i += n46
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.InvolvedObject.Size()))
-	n44, err := m.InvolvedObject.MarshalTo(dAtA[i:])
+	n47, err := m.InvolvedObject.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n44
+	i += n47
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Reason)))
@@ -3263,27 +3361,27 @@ func (m *Event) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x2a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Source.Size()))
-	n45, err := m.Source.MarshalTo(dAtA[i:])
+	n48, err := m.Source.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n45
+	i += n48
 	dAtA[i] = 0x32
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.FirstTimestamp.Size()))
-	n46, err := m.FirstTimestamp.MarshalTo(dAtA[i:])
+	n49, err := m.FirstTimestamp.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n46
+	i += n49
 	dAtA[i] = 0x3a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LastTimestamp.Size()))
-	n47, err := m.LastTimestamp.MarshalTo(dAtA[i:])
+	n50, err := m.LastTimestamp.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n47
+	i += n50
 	dAtA[i] = 0x40
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Count))
@@ -3294,20 +3392,20 @@ func (m *Event) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x52
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.EventTime.Size()))
-	n48, err := m.EventTime.MarshalTo(dAtA[i:])
+	n51, err := m.EventTime.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n48
+	i += n51
 	if m.Series != nil {
 		dAtA[i] = 0x5a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Series.Size()))
-		n49, err := m.Series.MarshalTo(dAtA[i:])
+		n52, err := m.Series.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n49
+		i += n52
 	}
 	dAtA[i] = 0x62
 	i++
@@ -3317,11 +3415,11 @@ func (m *Event) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x6a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Related.Size()))
-		n50, err := m.Related.MarshalTo(dAtA[i:])
+		n53, err := m.Related.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n50
+		i += n53
 	}
 	dAtA[i] = 0x72
 	i++
@@ -3352,11 +3450,11 @@ func (m *EventList) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
-	n51, err := m.ListMeta.MarshalTo(dAtA[i:])
+	n54, err := m.ListMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n51
+	i += n54
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -3393,11 +3491,11 @@ func (m *EventSeries) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LastObservedTime.Size()))
-	n52, err := m.LastObservedTime.MarshalTo(dAtA[i:])
+	n55, err := m.LastObservedTime.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n52
+	i += n55
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.State)))
@@ -3529,6 +3627,72 @@ func (m *FCVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 	return i, nil
 }
 
+func (m *FlexPersistentVolumeSource) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *FlexPersistentVolumeSource) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Driver)))
+	i += copy(dAtA[i:], m.Driver)
+	dAtA[i] = 0x12
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.FSType)))
+	i += copy(dAtA[i:], m.FSType)
+	if m.SecretRef != nil {
+		dAtA[i] = 0x1a
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.SecretRef.Size()))
+		n56, err := m.SecretRef.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n56
+	}
+	dAtA[i] = 0x20
+	i++
+	if m.ReadOnly {
+		dAtA[i] = 1
+	} else {
+		dAtA[i] = 0
+	}
+	i++
+	if len(m.Options) > 0 {
+		keysForOptions := make([]string, 0, len(m.Options))
+		for k := range m.Options {
+			keysForOptions = append(keysForOptions, string(k))
+		}
+		github_com_gogo_protobuf_sortkeys.Strings(keysForOptions)
+		for _, k := range keysForOptions {
+			dAtA[i] = 0x2a
+			i++
+			v := m.Options[string(k)]
+			mapSize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + len(v) + sovGenerated(uint64(len(v)))
+			i = encodeVarintGenerated(dAtA, i, uint64(mapSize))
+			dAtA[i] = 0xa
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(len(k)))
+			i += copy(dAtA[i:], k)
+			dAtA[i] = 0x12
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(len(v)))
+			i += copy(dAtA[i:], v)
+		}
+	}
+	return i, nil
+}
+
 func (m *FlexVolumeSource) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -3556,11 +3720,11 @@ func (m *FlexVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SecretRef.Size()))
-		n53, err := m.SecretRef.MarshalTo(dAtA[i:])
+		n57, err := m.SecretRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n53
+		i += n57
 	}
 	dAtA[i] = 0x20
 	i++
@@ -3744,11 +3908,11 @@ func (m *HTTPGetAction) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Port.Size()))
-	n54, err := m.Port.MarshalTo(dAtA[i:])
+	n58, err := m.Port.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n54
+	i += n58
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Host)))
@@ -3817,31 +3981,31 @@ func (m *Handler) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Exec.Size()))
-		n55, err := m.Exec.MarshalTo(dAtA[i:])
+		n59, err := m.Exec.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n55
+		i += n59
 	}
 	if m.HTTPGet != nil {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.HTTPGet.Size()))
-		n56, err := m.HTTPGet.MarshalTo(dAtA[i:])
+		n60, err := m.HTTPGet.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n56
+		i += n60
 	}
 	if m.TCPSocket != nil {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.TCPSocket.Size()))
-		n57, err := m.TCPSocket.MarshalTo(dAtA[i:])
+		n61, err := m.TCPSocket.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n57
+		i += n61
 	}
 	return i, nil
 }
@@ -3980,11 +4144,11 @@ func (m *ISCSIPersistentVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x52
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SecretRef.Size()))
-		n58, err := m.SecretRef.MarshalTo(dAtA[i:])
+		n62, err := m.SecretRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n58
+		i += n62
 	}
 	dAtA[i] = 0x58
 	i++
@@ -4072,11 +4236,11 @@ func (m *ISCSIVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x52
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SecretRef.Size()))
-		n59, err := m.SecretRef.MarshalTo(dAtA[i:])
+		n63, err := m.SecretRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n59
+		i += n63
 	}
 	dAtA[i] = 0x58
 	i++
@@ -4145,21 +4309,21 @@ func (m *Lifecycle) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.PostStart.Size()))
-		n60, err := m.PostStart.MarshalTo(dAtA[i:])
+		n64, err := m.PostStart.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n60
+		i += n64
 	}
 	if m.PreStop != nil {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.PreStop.Size()))
-		n61, err := m.PreStop.MarshalTo(dAtA[i:])
+		n65, err := m.PreStop.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n61
+		i += n65
 	}
 	return i, nil
 }
@@ -4182,19 +4346,19 @@ func (m *LimitRange) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n62, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n66, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n62
+	i += n66
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size()))
-	n63, err := m.Spec.MarshalTo(dAtA[i:])
+	n67, err := m.Spec.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n63
+	i += n67
 	return i, nil
 }
 
@@ -4241,11 +4405,11 @@ func (m *LimitRangeItem) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n64, err := (&v).MarshalTo(dAtA[i:])
+			n68, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n64
+			i += n68
 		}
 	}
 	if len(m.Min) > 0 {
@@ -4272,11 +4436,11 @@ func (m *LimitRangeItem) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n65, err := (&v).MarshalTo(dAtA[i:])
+			n69, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n65
+			i += n69
 		}
 	}
 	if len(m.Default) > 0 {
@@ -4303,11 +4467,11 @@ func (m *LimitRangeItem) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n66, err := (&v).MarshalTo(dAtA[i:])
+			n70, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n66
+			i += n70
 		}
 	}
 	if len(m.DefaultRequest) > 0 {
@@ -4334,11 +4498,11 @@ func (m *LimitRangeItem) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n67, err := (&v).MarshalTo(dAtA[i:])
+			n71, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n67
+			i += n71
 		}
 	}
 	if len(m.MaxLimitRequestRatio) > 0 {
@@ -4365,11 +4529,11 @@ func (m *LimitRangeItem) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n68, err := (&v).MarshalTo(dAtA[i:])
+			n72, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n68
+			i += n72
 		}
 	}
 	return i, nil
@@ -4393,11 +4557,11 @@ func (m *LimitRangeList) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
-	n69, err := m.ListMeta.MarshalTo(dAtA[i:])
+	n73, err := m.ListMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n69
+	i += n73
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -4461,11 +4625,11 @@ func (m *List) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
-	n70, err := m.ListMeta.MarshalTo(dAtA[i:])
+	n74, err := m.ListMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n70
+	i += n74
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -4684,27 +4848,27 @@ func (m *Namespace) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n71, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n75, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n71
+	i += n75
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size()))
-	n72, err := m.Spec.MarshalTo(dAtA[i:])
+	n76, err := m.Spec.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n72
+	i += n76
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Status.Size()))
-	n73, err := m.Status.MarshalTo(dAtA[i:])
+	n77, err := m.Status.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n73
+	i += n77
 	return i, nil
 }
 
@@ -4726,11 +4890,11 @@ func (m *NamespaceList) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
-	n74, err := m.ListMeta.MarshalTo(dAtA[i:])
+	n78, err := m.ListMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n74
+	i += n78
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -4819,27 +4983,27 @@ func (m *Node) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n75, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n79, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n75
+	i += n79
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size()))
-	n76, err := m.Spec.MarshalTo(dAtA[i:])
+	n80, err := m.Spec.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n76
+	i += n80
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Status.Size()))
-	n77, err := m.Status.MarshalTo(dAtA[i:])
+	n81, err := m.Status.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n77
+	i += n81
 	return i, nil
 }
 
@@ -4888,11 +5052,11 @@ func (m *NodeAffinity) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.RequiredDuringSchedulingIgnoredDuringExecution.Size()))
-		n78, err := m.RequiredDuringSchedulingIgnoredDuringExecution.MarshalTo(dAtA[i:])
+		n82, err := m.RequiredDuringSchedulingIgnoredDuringExecution.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n78
+		i += n82
 	}
 	if len(m.PreferredDuringSchedulingIgnoredDuringExecution) > 0 {
 		for _, msg := range m.PreferredDuringSchedulingIgnoredDuringExecution {
@@ -4935,19 +5099,19 @@ func (m *NodeCondition) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LastHeartbeatTime.Size()))
-	n79, err := m.LastHeartbeatTime.MarshalTo(dAtA[i:])
+	n83, err := m.LastHeartbeatTime.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n79
+	i += n83
 	dAtA[i] = 0x22
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LastTransitionTime.Size()))
-	n80, err := m.LastTransitionTime.MarshalTo(dAtA[i:])
+	n84, err := m.LastTransitionTime.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n80
+	i += n84
 	dAtA[i] = 0x2a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Reason)))
@@ -4978,11 +5142,11 @@ func (m *NodeConfigSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.ConfigMapRef.Size()))
-		n81, err := m.ConfigMapRef.MarshalTo(dAtA[i:])
+		n85, err := m.ConfigMapRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n81
+		i += n85
 	}
 	return i, nil
 }
@@ -5005,11 +5169,11 @@ func (m *NodeDaemonEndpoints) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.KubeletEndpoint.Size()))
-	n82, err := m.KubeletEndpoint.MarshalTo(dAtA[i:])
+	n86, err := m.KubeletEndpoint.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n82
+	i += n86
 	return i, nil
 }
 
@@ -5031,11 +5195,11 @@ func (m *NodeList) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
-	n83, err := m.ListMeta.MarshalTo(dAtA[i:])
+	n87, err := m.ListMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n83
+	i += n87
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -5112,11 +5276,11 @@ func (m *NodeResources) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n84, err := (&v).MarshalTo(dAtA[i:])
+			n88, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n84
+			i += n88
 		}
 	}
 	return i, nil
@@ -5274,11 +5438,11 @@ func (m *NodeSpec) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x32
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.ConfigSource.Size()))
-		n85, err := m.ConfigSource.MarshalTo(dAtA[i:])
+		n89, err := m.ConfigSource.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n85
+		i += n89
 	}
 	return i, nil
 }
@@ -5322,11 +5486,11 @@ func (m *NodeStatus) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n86, err := (&v).MarshalTo(dAtA[i:])
+			n90, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n86
+			i += n90
 		}
 	}
 	if len(m.Allocatable) > 0 {
@@ -5353,11 +5517,11 @@ func (m *NodeStatus) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n87, err := (&v).MarshalTo(dAtA[i:])
+			n91, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n87
+			i += n91
 		}
 	}
 	dAtA[i] = 0x1a
@@ -5391,19 +5555,19 @@ func (m *NodeStatus) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x32
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.DaemonEndpoints.Size()))
-	n88, err := m.DaemonEndpoints.MarshalTo(dAtA[i:])
+	n92, err := m.DaemonEndpoints.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n88
+	i += n92
 	dAtA[i] = 0x3a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.NodeInfo.Size()))
-	n89, err := m.NodeInfo.MarshalTo(dAtA[i:])
+	n93, err := m.NodeInfo.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n89
+	i += n93
 	if len(m.Images) > 0 {
 		for _, msg := range m.Images {
 			dAtA[i] = 0x42
@@ -5575,20 +5739,20 @@ func (m *ObjectMeta) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x42
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.CreationTimestamp.Size()))
-	n90, err := m.CreationTimestamp.MarshalTo(dAtA[i:])
+	n94, err := m.CreationTimestamp.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n90
+	i += n94
 	if m.DeletionTimestamp != nil {
 		dAtA[i] = 0x4a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.DeletionTimestamp.Size()))
-		n91, err := m.DeletionTimestamp.MarshalTo(dAtA[i:])
+		n95, err := m.DeletionTimestamp.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n91
+		i += n95
 	}
 	if m.DeletionGracePeriodSeconds != nil {
 		dAtA[i] = 0x50
@@ -5676,11 +5840,11 @@ func (m *ObjectMeta) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Initializers.Size()))
-		n92, err := m.Initializers.MarshalTo(dAtA[i:])
+		n96, err := m.Initializers.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n92
+		i += n96
 	}
 	return i, nil
 }
@@ -5749,27 +5913,27 @@ func (m *PersistentVolume) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n93, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n97, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n93
+	i += n97
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size()))
-	n94, err := m.Spec.MarshalTo(dAtA[i:])
+	n98, err := m.Spec.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n94
+	i += n98
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Status.Size()))
-	n95, err := m.Status.MarshalTo(dAtA[i:])
+	n99, err := m.Status.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n95
+	i += n99
 	return i, nil
 }
 
@@ -5791,27 +5955,27 @@ func (m *PersistentVolumeClaim) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n96, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n100, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n96
+	i += n100
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size()))
-	n97, err := m.Spec.MarshalTo(dAtA[i:])
+	n101, err := m.Spec.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n97
+	i += n101
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Status.Size()))
-	n98, err := m.Status.MarshalTo(dAtA[i:])
+	n102, err := m.Status.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n98
+	i += n102
 	return i, nil
 }
 
@@ -5841,19 +6005,19 @@ func (m *PersistentVolumeClaimCondition) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LastProbeTime.Size()))
-	n99, err := m.LastProbeTime.MarshalTo(dAtA[i:])
+	n103, err := m.LastProbeTime.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n99
+	i += n103
 	dAtA[i] = 0x22
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LastTransitionTime.Size()))
-	n100, err := m.LastTransitionTime.MarshalTo(dAtA[i:])
+	n104, err := m.LastTransitionTime.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n100
+	i += n104
 	dAtA[i] = 0x2a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Reason)))
@@ -5883,11 +6047,11 @@ func (m *PersistentVolumeClaimList) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
-	n101, err := m.ListMeta.MarshalTo(dAtA[i:])
+	n105, err := m.ListMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n101
+	i += n105
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -5936,11 +6100,11 @@ func (m *PersistentVolumeClaimSpec) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Resources.Size()))
-	n102, err := m.Resources.MarshalTo(dAtA[i:])
+	n106, err := m.Resources.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n102
+	i += n106
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.VolumeName)))
@@ -5949,11 +6113,11 @@ func (m *PersistentVolumeClaimSpec) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x22
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Selector.Size()))
-		n103, err := m.Selector.MarshalTo(dAtA[i:])
+		n107, err := m.Selector.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n103
+		i += n107
 	}
 	if m.StorageClassName != nil {
 		dAtA[i] = 0x2a
@@ -6028,11 +6192,11 @@ func (m *PersistentVolumeClaimStatus) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n104, err := (&v).MarshalTo(dAtA[i:])
+			n108, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n104
+			i += n108
 		}
 	}
 	if len(m.Conditions) > 0 {
@@ -6098,11 +6262,11 @@ func (m *PersistentVolumeList) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
-	n105, err := m.ListMeta.MarshalTo(dAtA[i:])
+	n109, err := m.ListMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n105
+	i += n109
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -6137,151 +6301,151 @@ func (m *PersistentVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.GCEPersistentDisk.Size()))
-		n106, err := m.GCEPersistentDisk.MarshalTo(dAtA[i:])
+		n110, err := m.GCEPersistentDisk.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n106
+		i += n110
 	}
 	if m.AWSElasticBlockStore != nil {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.AWSElasticBlockStore.Size()))
-		n107, err := m.AWSElasticBlockStore.MarshalTo(dAtA[i:])
+		n111, err := m.AWSElasticBlockStore.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n107
+		i += n111
 	}
 	if m.HostPath != nil {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.HostPath.Size()))
-		n108, err := m.HostPath.MarshalTo(dAtA[i:])
+		n112, err := m.HostPath.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n108
+		i += n112
 	}
 	if m.Glusterfs != nil {
 		dAtA[i] = 0x22
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Glusterfs.Size()))
-		n109, err := m.Glusterfs.MarshalTo(dAtA[i:])
+		n113, err := m.Glusterfs.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n109
+		i += n113
 	}
 	if m.NFS != nil {
 		dAtA[i] = 0x2a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.NFS.Size()))
-		n110, err := m.NFS.MarshalTo(dAtA[i:])
+		n114, err := m.NFS.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n110
+		i += n114
 	}
 	if m.RBD != nil {
 		dAtA[i] = 0x32
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.RBD.Size()))
-		n111, err := m.RBD.MarshalTo(dAtA[i:])
+		n115, err := m.RBD.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n111
+		i += n115
 	}
 	if m.ISCSI != nil {
 		dAtA[i] = 0x3a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.ISCSI.Size()))
-		n112, err := m.ISCSI.MarshalTo(dAtA[i:])
+		n116, err := m.ISCSI.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n112
+		i += n116
 	}
 	if m.Cinder != nil {
 		dAtA[i] = 0x42
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Cinder.Size()))
-		n113, err := m.Cinder.MarshalTo(dAtA[i:])
+		n117, err := m.Cinder.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n113
+		i += n117
 	}
 	if m.CephFS != nil {
 		dAtA[i] = 0x4a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.CephFS.Size()))
-		n114, err := m.CephFS.MarshalTo(dAtA[i:])
+		n118, err := m.CephFS.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n114
+		i += n118
 	}
 	if m.FC != nil {
 		dAtA[i] = 0x52
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.FC.Size()))
-		n115, err := m.FC.MarshalTo(dAtA[i:])
+		n119, err := m.FC.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n115
+		i += n119
 	}
 	if m.Flocker != nil {
 		dAtA[i] = 0x5a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Flocker.Size()))
-		n116, err := m.Flocker.MarshalTo(dAtA[i:])
+		n120, err := m.Flocker.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n116
+		i += n120
 	}
 	if m.FlexVolume != nil {
 		dAtA[i] = 0x62
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.FlexVolume.Size()))
-		n117, err := m.FlexVolume.MarshalTo(dAtA[i:])
+		n121, err := m.FlexVolume.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n117
+		i += n121
 	}
 	if m.AzureFile != nil {
 		dAtA[i] = 0x6a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.AzureFile.Size()))
-		n118, err := m.AzureFile.MarshalTo(dAtA[i:])
+		n122, err := m.AzureFile.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n118
+		i += n122
 	}
 	if m.VsphereVolume != nil {
 		dAtA[i] = 0x72
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.VsphereVolume.Size()))
-		n119, err := m.VsphereVolume.MarshalTo(dAtA[i:])
+		n123, err := m.VsphereVolume.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n119
+		i += n123
 	}
 	if m.Quobyte != nil {
 		dAtA[i] = 0x7a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Quobyte.Size()))
-		n120, err := m.Quobyte.MarshalTo(dAtA[i:])
+		n124, err := m.Quobyte.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n120
+		i += n124
 	}
 	if m.AzureDisk != nil {
 		dAtA[i] = 0x82
@@ -6289,11 +6453,11 @@ func (m *PersistentVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.AzureDisk.Size()))
-		n121, err := m.AzureDisk.MarshalTo(dAtA[i:])
+		n125, err := m.AzureDisk.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n121
+		i += n125
 	}
 	if m.PhotonPersistentDisk != nil {
 		dAtA[i] = 0x8a
@@ -6301,11 +6465,11 @@ func (m *PersistentVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.PhotonPersistentDisk.Size()))
-		n122, err := m.PhotonPersistentDisk.MarshalTo(dAtA[i:])
+		n126, err := m.PhotonPersistentDisk.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n122
+		i += n126
 	}
 	if m.PortworxVolume != nil {
 		dAtA[i] = 0x92
@@ -6313,11 +6477,11 @@ func (m *PersistentVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.PortworxVolume.Size()))
-		n123, err := m.PortworxVolume.MarshalTo(dAtA[i:])
+		n127, err := m.PortworxVolume.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n123
+		i += n127
 	}
 	if m.ScaleIO != nil {
 		dAtA[i] = 0x9a
@@ -6325,11 +6489,11 @@ func (m *PersistentVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.ScaleIO.Size()))
-		n124, err := m.ScaleIO.MarshalTo(dAtA[i:])
+		n128, err := m.ScaleIO.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n124
+		i += n128
 	}
 	if m.Local != nil {
 		dAtA[i] = 0xa2
@@ -6337,11 +6501,11 @@ func (m *PersistentVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Local.Size()))
-		n125, err := m.Local.MarshalTo(dAtA[i:])
+		n129, err := m.Local.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n125
+		i += n129
 	}
 	if m.StorageOS != nil {
 		dAtA[i] = 0xaa
@@ -6349,11 +6513,11 @@ func (m *PersistentVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.StorageOS.Size()))
-		n126, err := m.StorageOS.MarshalTo(dAtA[i:])
+		n130, err := m.StorageOS.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n126
+		i += n130
 	}
 	if m.CSI != nil {
 		dAtA[i] = 0xb2
@@ -6361,11 +6525,11 @@ func (m *PersistentVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.CSI.Size()))
-		n127, err := m.CSI.MarshalTo(dAtA[i:])
+		n131, err := m.CSI.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n127
+		i += n131
 	}
 	return i, nil
 }
@@ -6409,21 +6573,21 @@ func (m *PersistentVolumeSpec) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n128, err := (&v).MarshalTo(dAtA[i:])
+			n132, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n128
+			i += n132
 		}
 	}
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.PersistentVolumeSource.Size()))
-	n129, err := m.PersistentVolumeSource.MarshalTo(dAtA[i:])
+	n133, err := m.PersistentVolumeSource.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n129
+	i += n133
 	if len(m.AccessModes) > 0 {
 		for _, s := range m.AccessModes {
 			dAtA[i] = 0x1a
@@ -6443,11 +6607,11 @@ func (m *PersistentVolumeSpec) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x22
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.ClaimRef.Size()))
-		n130, err := m.ClaimRef.MarshalTo(dAtA[i:])
+		n134, err := m.ClaimRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n130
+		i += n134
 	}
 	dAtA[i] = 0x2a
 	i++
@@ -6478,6 +6642,16 @@ func (m *PersistentVolumeSpec) MarshalTo(dAtA []byte) (int, error) {
 		i = encodeVarintGenerated(dAtA, i, uint64(len(*m.VolumeMode)))
 		i += copy(dAtA[i:], *m.VolumeMode)
 	}
+	if m.NodeAffinity != nil {
+		dAtA[i] = 0x4a
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.NodeAffinity.Size()))
+		n135, err := m.NodeAffinity.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n135
+	}
 	return i, nil
 }
 
@@ -6555,27 +6729,27 @@ func (m *Pod) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n131, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n136, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n131
+	i += n136
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size()))
-	n132, err := m.Spec.MarshalTo(dAtA[i:])
+	n137, err := m.Spec.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n132
+	i += n137
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Status.Size()))
-	n133, err := m.Status.MarshalTo(dAtA[i:])
+	n138, err := m.Status.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n133
+	i += n138
 	return i, nil
 }
 
@@ -6640,11 +6814,11 @@ func (m *PodAffinityTerm) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.LabelSelector.Size()))
-		n134, err := m.LabelSelector.MarshalTo(dAtA[i:])
+		n139, err := m.LabelSelector.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n134
+		i += n139
 	}
 	if len(m.Namespaces) > 0 {
 		for _, s := range m.Namespaces {
@@ -6790,19 +6964,19 @@ func (m *PodCondition) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LastProbeTime.Size()))
-	n135, err := m.LastProbeTime.MarshalTo(dAtA[i:])
+	n140, err := m.LastProbeTime.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n135
+	i += n140
 	dAtA[i] = 0x22
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LastTransitionTime.Size()))
-	n136, err := m.LastTransitionTime.MarshalTo(dAtA[i:])
+	n141, err := m.LastTransitionTime.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n136
+	i += n141
 	dAtA[i] = 0x2a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Reason)))
@@ -6989,11 +7163,11 @@ func (m *PodList) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
-	n137, err := m.ListMeta.MarshalTo(dAtA[i:])
+	n142, err := m.ListMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n137
+	i += n142
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -7053,11 +7227,11 @@ func (m *PodLogOptions) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x2a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SinceTime.Size()))
-		n138, err := m.SinceTime.MarshalTo(dAtA[i:])
+		n143, err := m.SinceTime.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n138
+		i += n143
 	}
 	dAtA[i] = 0x30
 	i++
@@ -7146,11 +7320,11 @@ func (m *PodSecurityContext) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SELinuxOptions.Size()))
-		n139, err := m.SELinuxOptions.MarshalTo(dAtA[i:])
+		n144, err := m.SELinuxOptions.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n139
+		i += n144
 	}
 	if m.RunAsUser != nil {
 		dAtA[i] = 0x10
@@ -7179,6 +7353,11 @@ func (m *PodSecurityContext) MarshalTo(dAtA []byte) (int, error) {
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(*m.FSGroup))
 	}
+	if m.RunAsGroup != nil {
+		dAtA[i] = 0x30
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.RunAsGroup))
+	}
 	return i, nil
 }
 
@@ -7201,11 +7380,11 @@ func (m *PodSignature) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.PodController.Size()))
-		n140, err := m.PodController.MarshalTo(dAtA[i:])
+		n145, err := m.PodController.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n140
+		i += n145
 	}
 	return i, nil
 }
@@ -7329,11 +7508,11 @@ func (m *PodSpec) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x72
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SecurityContext.Size()))
-		n141, err := m.SecurityContext.MarshalTo(dAtA[i:])
+		n146, err := m.SecurityContext.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n141
+		i += n146
 	}
 	if len(m.ImagePullSecrets) > 0 {
 		for _, msg := range m.ImagePullSecrets {
@@ -7365,11 +7544,11 @@ func (m *PodSpec) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Affinity.Size()))
-		n142, err := m.Affinity.MarshalTo(dAtA[i:])
+		n147, err := m.Affinity.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n142
+		i += n147
 	}
 	dAtA[i] = 0x9a
 	i++
@@ -7450,11 +7629,23 @@ func (m *PodSpec) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.DNSConfig.Size()))
-		n143, err := m.DNSConfig.MarshalTo(dAtA[i:])
+		n148, err := m.DNSConfig.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n143
+		i += n148
+	}
+	if m.ShareProcessNamespace != nil {
+		dAtA[i] = 0xd8
+		i++
+		dAtA[i] = 0x1
+		i++
+		if *m.ShareProcessNamespace {
+			dAtA[i] = 1
+		} else {
+			dAtA[i] = 0
+		}
+		i++
 	}
 	return i, nil
 }
@@ -7510,11 +7701,11 @@ func (m *PodStatus) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x3a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.StartTime.Size()))
-		n144, err := m.StartTime.MarshalTo(dAtA[i:])
+		n149, err := m.StartTime.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n144
+		i += n149
 	}
 	if len(m.ContainerStatuses) > 0 {
 		for _, msg := range m.ContainerStatuses {
@@ -7544,6 +7735,10 @@ func (m *PodStatus) MarshalTo(dAtA []byte) (int, error) {
 			i += n
 		}
 	}
+	dAtA[i] = 0x5a
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.NominatedNodeName)))
+	i += copy(dAtA[i:], m.NominatedNodeName)
 	return i, nil
 }
 
@@ -7565,19 +7760,19 @@ func (m *PodStatusResult) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n145, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n150, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n145
+	i += n150
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Status.Size()))
-	n146, err := m.Status.MarshalTo(dAtA[i:])
+	n151, err := m.Status.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n146
+	i += n151
 	return i, nil
 }
 
@@ -7599,19 +7794,19 @@ func (m *PodTemplate) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n147, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n152, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n147
+	i += n152
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Template.Size()))
-	n148, err := m.Template.MarshalTo(dAtA[i:])
+	n153, err := m.Template.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n148
+	i += n153
 	return i, nil
 }
 
@@ -7633,11 +7828,11 @@ func (m *PodTemplateList) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
-	n149, err := m.ListMeta.MarshalTo(dAtA[i:])
+	n154, err := m.ListMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n149
+	i += n154
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -7671,19 +7866,19 @@ func (m *PodTemplateSpec) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n150, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n155, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n150
+	i += n155
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size()))
-	n151, err := m.Spec.MarshalTo(dAtA[i:])
+	n156, err := m.Spec.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n151
+	i += n156
 	return i, nil
 }
 
@@ -7763,19 +7958,19 @@ func (m *PreferAvoidPodsEntry) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.PodSignature.Size()))
-	n152, err := m.PodSignature.MarshalTo(dAtA[i:])
+	n157, err := m.PodSignature.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n152
+	i += n157
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.EvictionTime.Size()))
-	n153, err := m.EvictionTime.MarshalTo(dAtA[i:])
+	n158, err := m.EvictionTime.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n153
+	i += n158
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Reason)))
@@ -7808,11 +8003,11 @@ func (m *PreferredSchedulingTerm) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Preference.Size()))
-	n154, err := m.Preference.MarshalTo(dAtA[i:])
+	n159, err := m.Preference.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n154
+	i += n159
 	return i, nil
 }
 
@@ -7834,11 +8029,11 @@ func (m *Probe) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Handler.Size()))
-	n155, err := m.Handler.MarshalTo(dAtA[i:])
+	n160, err := m.Handler.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n155
+	i += n160
 	dAtA[i] = 0x10
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.InitialDelaySeconds))
@@ -7988,11 +8183,11 @@ func (m *RBDPersistentVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x3a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SecretRef.Size()))
-		n156, err := m.SecretRef.MarshalTo(dAtA[i:])
+		n161, err := m.SecretRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n156
+		i += n161
 	}
 	dAtA[i] = 0x40
 	i++
@@ -8059,11 +8254,11 @@ func (m *RBDVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x3a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SecretRef.Size()))
-		n157, err := m.SecretRef.MarshalTo(dAtA[i:])
+		n162, err := m.SecretRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n157
+		i += n162
 	}
 	dAtA[i] = 0x40
 	i++
@@ -8094,11 +8289,11 @@ func (m *RangeAllocation) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n158, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n163, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n158
+	i += n163
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Range)))
@@ -8130,27 +8325,27 @@ func (m *ReplicationController) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n159, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n164, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n159
+	i += n164
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size()))
-	n160, err := m.Spec.MarshalTo(dAtA[i:])
+	n165, err := m.Spec.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n160
+	i += n165
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Status.Size()))
-	n161, err := m.Status.MarshalTo(dAtA[i:])
+	n166, err := m.Status.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n161
+	i += n166
 	return i, nil
 }
 
@@ -8180,11 +8375,11 @@ func (m *ReplicationControllerCondition) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LastTransitionTime.Size()))
-	n162, err := m.LastTransitionTime.MarshalTo(dAtA[i:])
+	n167, err := m.LastTransitionTime.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n162
+	i += n167
 	dAtA[i] = 0x22
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Reason)))
@@ -8214,11 +8409,11 @@ func (m *ReplicationControllerList) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
-	n163, err := m.ListMeta.MarshalTo(dAtA[i:])
+	n168, err := m.ListMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n163
+	i += n168
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -8280,11 +8475,11 @@ func (m *ReplicationControllerSpec) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Template.Size()))
-		n164, err := m.Template.MarshalTo(dAtA[i:])
+		n169, err := m.Template.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n164
+		i += n169
 	}
 	dAtA[i] = 0x20
 	i++
@@ -8363,11 +8558,11 @@ func (m *ResourceFieldSelector) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Divisor.Size()))
-	n165, err := m.Divisor.MarshalTo(dAtA[i:])
+	n170, err := m.Divisor.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n165
+	i += n170
 	return i, nil
 }
 
@@ -8389,27 +8584,27 @@ func (m *ResourceQuota) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n166, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n171, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n166
+	i += n171
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size()))
-	n167, err := m.Spec.MarshalTo(dAtA[i:])
+	n172, err := m.Spec.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n167
+	i += n172
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Status.Size()))
-	n168, err := m.Status.MarshalTo(dAtA[i:])
+	n173, err := m.Status.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n168
+	i += n173
 	return i, nil
 }
 
@@ -8431,11 +8626,11 @@ func (m *ResourceQuotaList) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
-	n169, err := m.ListMeta.MarshalTo(dAtA[i:])
+	n174, err := m.ListMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n169
+	i += n174
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -8490,11 +8685,11 @@ func (m *ResourceQuotaSpec) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n170, err := (&v).MarshalTo(dAtA[i:])
+			n175, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n170
+			i += n175
 		}
 	}
 	if len(m.Scopes) > 0 {
@@ -8554,11 +8749,11 @@ func (m *ResourceQuotaStatus) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n171, err := (&v).MarshalTo(dAtA[i:])
+			n176, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n171
+			i += n176
 		}
 	}
 	if len(m.Used) > 0 {
@@ -8585,11 +8780,11 @@ func (m *ResourceQuotaStatus) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n172, err := (&v).MarshalTo(dAtA[i:])
+			n177, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n172
+			i += n177
 		}
 	}
 	return i, nil
@@ -8634,11 +8829,11 @@ func (m *ResourceRequirements) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n173, err := (&v).MarshalTo(dAtA[i:])
+			n178, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n173
+			i += n178
 		}
 	}
 	if len(m.Requests) > 0 {
@@ -8665,11 +8860,11 @@ func (m *ResourceRequirements) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n174, err := (&v).MarshalTo(dAtA[i:])
+			n179, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n174
+			i += n179
 		}
 	}
 	return i, nil
@@ -8736,11 +8931,11 @@ func (m *ScaleIOPersistentVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SecretRef.Size()))
-		n175, err := m.SecretRef.MarshalTo(dAtA[i:])
+		n180, err := m.SecretRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n175
+		i += n180
 	}
 	dAtA[i] = 0x20
 	i++
@@ -8808,11 +9003,11 @@ func (m *ScaleIOVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SecretRef.Size()))
-		n176, err := m.SecretRef.MarshalTo(dAtA[i:])
+		n181, err := m.SecretRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n176
+		i += n181
 	}
 	dAtA[i] = 0x20
 	i++
@@ -8871,11 +9066,11 @@ func (m *Secret) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n177, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n182, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n177
+	i += n182
 	if len(m.Data) > 0 {
 		keysForData := make([]string, 0, len(m.Data))
 		for k := range m.Data {
@@ -8951,11 +9146,11 @@ func (m *SecretEnvSource) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LocalObjectReference.Size()))
-	n178, err := m.LocalObjectReference.MarshalTo(dAtA[i:])
+	n183, err := m.LocalObjectReference.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n178
+	i += n183
 	if m.Optional != nil {
 		dAtA[i] = 0x10
 		i++
@@ -8987,11 +9182,11 @@ func (m *SecretKeySelector) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LocalObjectReference.Size()))
-	n179, err := m.LocalObjectReference.MarshalTo(dAtA[i:])
+	n184, err := m.LocalObjectReference.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n179
+	i += n184
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Key)))
@@ -9027,11 +9222,11 @@ func (m *SecretList) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
-	n180, err := m.ListMeta.MarshalTo(dAtA[i:])
+	n185, err := m.ListMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n180
+	i += n185
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -9065,11 +9260,11 @@ func (m *SecretProjection) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LocalObjectReference.Size()))
-	n181, err := m.LocalObjectReference.MarshalTo(dAtA[i:])
+	n186, err := m.LocalObjectReference.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n181
+	i += n186
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -9189,11 +9384,11 @@ func (m *SecurityContext) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Capabilities.Size()))
-		n182, err := m.Capabilities.MarshalTo(dAtA[i:])
+		n187, err := m.Capabilities.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n182
+		i += n187
 	}
 	if m.Privileged != nil {
 		dAtA[i] = 0x10
@@ -9209,11 +9404,11 @@ func (m *SecurityContext) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SELinuxOptions.Size()))
-		n183, err := m.SELinuxOptions.MarshalTo(dAtA[i:])
+		n188, err := m.SELinuxOptions.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n183
+		i += n188
 	}
 	if m.RunAsUser != nil {
 		dAtA[i] = 0x20
@@ -9250,6 +9445,11 @@ func (m *SecurityContext) MarshalTo(dAtA []byte) (int, error) {
 		}
 		i++
 	}
+	if m.RunAsGroup != nil {
+		dAtA[i] = 0x40
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.RunAsGroup))
+	}
 	return i, nil
 }
 
@@ -9271,11 +9471,11 @@ func (m *SerializedReference) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Reference.Size()))
-	n184, err := m.Reference.MarshalTo(dAtA[i:])
+	n189, err := m.Reference.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n184
+	i += n189
 	return i, nil
 }
 
@@ -9297,27 +9497,27 @@ func (m *Service) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n185, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n190, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n185
+	i += n190
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size()))
-	n186, err := m.Spec.MarshalTo(dAtA[i:])
+	n191, err := m.Spec.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n186
+	i += n191
 	dAtA[i] = 0x1a
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Status.Size()))
-	n187, err := m.Status.MarshalTo(dAtA[i:])
+	n192, err := m.Status.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n187
+	i += n192
 	return i, nil
 }
 
@@ -9339,11 +9539,11 @@ func (m *ServiceAccount) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
-	n188, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	n193, err := m.ObjectMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n188
+	i += n193
 	if len(m.Secrets) > 0 {
 		for _, msg := range m.Secrets {
 			dAtA[i] = 0x12
@@ -9399,11 +9599,11 @@ func (m *ServiceAccountList) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
-	n189, err := m.ListMeta.MarshalTo(dAtA[i:])
+	n194, err := m.ListMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n189
+	i += n194
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -9437,11 +9637,11 @@ func (m *ServiceList) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
-	n190, err := m.ListMeta.MarshalTo(dAtA[i:])
+	n195, err := m.ListMeta.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n190
+	i += n195
 	if len(m.Items) > 0 {
 		for _, msg := range m.Items {
 			dAtA[i] = 0x12
@@ -9486,11 +9686,11 @@ func (m *ServicePort) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x22
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.TargetPort.Size()))
-	n191, err := m.TargetPort.MarshalTo(dAtA[i:])
+	n196, err := m.TargetPort.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n191
+	i += n196
 	dAtA[i] = 0x28
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.NodePort))
@@ -9637,11 +9837,11 @@ func (m *ServiceSpec) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x72
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SessionAffinityConfig.Size()))
-		n192, err := m.SessionAffinityConfig.MarshalTo(dAtA[i:])
+		n197, err := m.SessionAffinityConfig.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n192
+		i += n197
 	}
 	return i, nil
 }
@@ -9664,11 +9864,11 @@ func (m *ServiceStatus) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.LoadBalancer.Size()))
-	n193, err := m.LoadBalancer.MarshalTo(dAtA[i:])
+	n198, err := m.LoadBalancer.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n193
+	i += n198
 	return i, nil
 }
 
@@ -9691,11 +9891,11 @@ func (m *SessionAffinityConfig) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.ClientIP.Size()))
-		n194, err := m.ClientIP.MarshalTo(dAtA[i:])
+		n199, err := m.ClientIP.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n194
+		i += n199
 	}
 	return i, nil
 }
@@ -9739,11 +9939,11 @@ func (m *StorageOSPersistentVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x2a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SecretRef.Size()))
-		n195, err := m.SecretRef.MarshalTo(dAtA[i:])
+		n200, err := m.SecretRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n195
+		i += n200
 	}
 	return i, nil
 }
@@ -9787,11 +9987,11 @@ func (m *StorageOSVolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x2a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.SecretRef.Size()))
-		n196, err := m.SecretRef.MarshalTo(dAtA[i:])
+		n201, err := m.SecretRef.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n196
+		i += n201
 	}
 	return i, nil
 }
@@ -9840,11 +10040,11 @@ func (m *TCPSocketAction) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0xa
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.Port.Size()))
-	n197, err := m.Port.MarshalTo(dAtA[i:])
+	n202, err := m.Port.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n197
+	i += n202
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Host)))
@@ -9883,11 +10083,11 @@ func (m *Taint) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x22
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.TimeAdded.Size()))
-		n198, err := m.TimeAdded.MarshalTo(dAtA[i:])
+		n203, err := m.TimeAdded.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n198
+		i += n203
 	}
 	return i, nil
 }
@@ -9953,11 +10153,11 @@ func (m *Volume) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.VolumeSource.Size()))
-	n199, err := m.VolumeSource.MarshalTo(dAtA[i:])
+	n204, err := m.VolumeSource.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n199
+	i += n204
 	return i, nil
 }
 
@@ -10031,6 +10231,34 @@ func (m *VolumeMount) MarshalTo(dAtA []byte) (int, error) {
 	return i, nil
 }
 
+func (m *VolumeNodeAffinity) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *VolumeNodeAffinity) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if m.Required != nil {
+		dAtA[i] = 0xa
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.Required.Size()))
+		n205, err := m.Required.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n205
+	}
+	return i, nil
+}
+
 func (m *VolumeProjection) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -10050,31 +10278,31 @@ func (m *VolumeProjection) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Secret.Size()))
-		n200, err := m.Secret.MarshalTo(dAtA[i:])
+		n206, err := m.Secret.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n200
+		i += n206
 	}
 	if m.DownwardAPI != nil {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.DownwardAPI.Size()))
-		n201, err := m.DownwardAPI.MarshalTo(dAtA[i:])
+		n207, err := m.DownwardAPI.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n201
+		i += n207
 	}
 	if m.ConfigMap != nil {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.ConfigMap.Size()))
-		n202, err := m.ConfigMap.MarshalTo(dAtA[i:])
+		n208, err := m.ConfigMap.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n202
+		i += n208
 	}
 	return i, nil
 }
@@ -10098,151 +10326,151 @@ func (m *VolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.HostPath.Size()))
-		n203, err := m.HostPath.MarshalTo(dAtA[i:])
+		n209, err := m.HostPath.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n203
+		i += n209
 	}
 	if m.EmptyDir != nil {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.EmptyDir.Size()))
-		n204, err := m.EmptyDir.MarshalTo(dAtA[i:])
+		n210, err := m.EmptyDir.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n204
+		i += n210
 	}
 	if m.GCEPersistentDisk != nil {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.GCEPersistentDisk.Size()))
-		n205, err := m.GCEPersistentDisk.MarshalTo(dAtA[i:])
+		n211, err := m.GCEPersistentDisk.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n205
+		i += n211
 	}
 	if m.AWSElasticBlockStore != nil {
 		dAtA[i] = 0x22
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.AWSElasticBlockStore.Size()))
-		n206, err := m.AWSElasticBlockStore.MarshalTo(dAtA[i:])
+		n212, err := m.AWSElasticBlockStore.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n206
+		i += n212
 	}
 	if m.GitRepo != nil {
 		dAtA[i] = 0x2a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.GitRepo.Size()))
-		n207, err := m.GitRepo.MarshalTo(dAtA[i:])
+		n213, err := m.GitRepo.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n207
+		i += n213
 	}
 	if m.Secret != nil {
 		dAtA[i] = 0x32
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Secret.Size()))
-		n208, err := m.Secret.MarshalTo(dAtA[i:])
+		n214, err := m.Secret.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n208
+		i += n214
 	}
 	if m.NFS != nil {
 		dAtA[i] = 0x3a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.NFS.Size()))
-		n209, err := m.NFS.MarshalTo(dAtA[i:])
+		n215, err := m.NFS.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n209
+		i += n215
 	}
 	if m.ISCSI != nil {
 		dAtA[i] = 0x42
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.ISCSI.Size()))
-		n210, err := m.ISCSI.MarshalTo(dAtA[i:])
+		n216, err := m.ISCSI.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n210
+		i += n216
 	}
 	if m.Glusterfs != nil {
 		dAtA[i] = 0x4a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Glusterfs.Size()))
-		n211, err := m.Glusterfs.MarshalTo(dAtA[i:])
+		n217, err := m.Glusterfs.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n211
+		i += n217
 	}
 	if m.PersistentVolumeClaim != nil {
 		dAtA[i] = 0x52
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.PersistentVolumeClaim.Size()))
-		n212, err := m.PersistentVolumeClaim.MarshalTo(dAtA[i:])
+		n218, err := m.PersistentVolumeClaim.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n212
+		i += n218
 	}
 	if m.RBD != nil {
 		dAtA[i] = 0x5a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.RBD.Size()))
-		n213, err := m.RBD.MarshalTo(dAtA[i:])
+		n219, err := m.RBD.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n213
+		i += n219
 	}
 	if m.FlexVolume != nil {
 		dAtA[i] = 0x62
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.FlexVolume.Size()))
-		n214, err := m.FlexVolume.MarshalTo(dAtA[i:])
+		n220, err := m.FlexVolume.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n214
+		i += n220
 	}
 	if m.Cinder != nil {
 		dAtA[i] = 0x6a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Cinder.Size()))
-		n215, err := m.Cinder.MarshalTo(dAtA[i:])
+		n221, err := m.Cinder.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n215
+		i += n221
 	}
 	if m.CephFS != nil {
 		dAtA[i] = 0x72
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.CephFS.Size()))
-		n216, err := m.CephFS.MarshalTo(dAtA[i:])
+		n222, err := m.CephFS.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n216
+		i += n222
 	}
 	if m.Flocker != nil {
 		dAtA[i] = 0x7a
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Flocker.Size()))
-		n217, err := m.Flocker.MarshalTo(dAtA[i:])
+		n223, err := m.Flocker.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n217
+		i += n223
 	}
 	if m.DownwardAPI != nil {
 		dAtA[i] = 0x82
@@ -10250,11 +10478,11 @@ func (m *VolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.DownwardAPI.Size()))
-		n218, err := m.DownwardAPI.MarshalTo(dAtA[i:])
+		n224, err := m.DownwardAPI.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n218
+		i += n224
 	}
 	if m.FC != nil {
 		dAtA[i] = 0x8a
@@ -10262,11 +10490,11 @@ func (m *VolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.FC.Size()))
-		n219, err := m.FC.MarshalTo(dAtA[i:])
+		n225, err := m.FC.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n219
+		i += n225
 	}
 	if m.AzureFile != nil {
 		dAtA[i] = 0x92
@@ -10274,11 +10502,11 @@ func (m *VolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.AzureFile.Size()))
-		n220, err := m.AzureFile.MarshalTo(dAtA[i:])
+		n226, err := m.AzureFile.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n220
+		i += n226
 	}
 	if m.ConfigMap != nil {
 		dAtA[i] = 0x9a
@@ -10286,11 +10514,11 @@ func (m *VolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.ConfigMap.Size()))
-		n221, err := m.ConfigMap.MarshalTo(dAtA[i:])
+		n227, err := m.ConfigMap.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n221
+		i += n227
 	}
 	if m.VsphereVolume != nil {
 		dAtA[i] = 0xa2
@@ -10298,11 +10526,11 @@ func (m *VolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.VsphereVolume.Size()))
-		n222, err := m.VsphereVolume.MarshalTo(dAtA[i:])
+		n228, err := m.VsphereVolume.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n222
+		i += n228
 	}
 	if m.Quobyte != nil {
 		dAtA[i] = 0xaa
@@ -10310,11 +10538,11 @@ func (m *VolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Quobyte.Size()))
-		n223, err := m.Quobyte.MarshalTo(dAtA[i:])
+		n229, err := m.Quobyte.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n223
+		i += n229
 	}
 	if m.AzureDisk != nil {
 		dAtA[i] = 0xb2
@@ -10322,11 +10550,11 @@ func (m *VolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.AzureDisk.Size()))
-		n224, err := m.AzureDisk.MarshalTo(dAtA[i:])
+		n230, err := m.AzureDisk.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n224
+		i += n230
 	}
 	if m.PhotonPersistentDisk != nil {
 		dAtA[i] = 0xba
@@ -10334,11 +10562,11 @@ func (m *VolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.PhotonPersistentDisk.Size()))
-		n225, err := m.PhotonPersistentDisk.MarshalTo(dAtA[i:])
+		n231, err := m.PhotonPersistentDisk.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n225
+		i += n231
 	}
 	if m.PortworxVolume != nil {
 		dAtA[i] = 0xc2
@@ -10346,11 +10574,11 @@ func (m *VolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.PortworxVolume.Size()))
-		n226, err := m.PortworxVolume.MarshalTo(dAtA[i:])
+		n232, err := m.PortworxVolume.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n226
+		i += n232
 	}
 	if m.ScaleIO != nil {
 		dAtA[i] = 0xca
@@ -10358,11 +10586,11 @@ func (m *VolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.ScaleIO.Size()))
-		n227, err := m.ScaleIO.MarshalTo(dAtA[i:])
+		n233, err := m.ScaleIO.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n227
+		i += n233
 	}
 	if m.Projected != nil {
 		dAtA[i] = 0xd2
@@ -10370,11 +10598,11 @@ func (m *VolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Projected.Size()))
-		n228, err := m.Projected.MarshalTo(dAtA[i:])
+		n234, err := m.Projected.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n228
+		i += n234
 	}
 	if m.StorageOS != nil {
 		dAtA[i] = 0xda
@@ -10382,11 +10610,11 @@ func (m *VolumeSource) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.StorageOS.Size()))
-		n229, err := m.StorageOS.MarshalTo(dAtA[i:])
+		n235, err := m.StorageOS.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n229
+		i += n235
 	}
 	return i, nil
 }
@@ -10446,11 +10674,11 @@ func (m *WeightedPodAffinityTerm) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.PodAffinityTerm.Size()))
-	n230, err := m.PodAffinityTerm.MarshalTo(dAtA[i:])
+	n236, err := m.PodAffinityTerm.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n230
+	i += n236
 	return i, nil
 }
 
@@ -10602,6 +10830,28 @@ func (m *CSIPersistentVolumeSource) Size() (n int) {
 	l = len(m.VolumeHandle)
 	n += 1 + l + sovGenerated(uint64(l))
 	n += 2
+	l = len(m.FSType)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.VolumeAttributes) > 0 {
+		for k, v := range m.VolumeAttributes {
+			_ = k
+			_ = v
+			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + len(v) + sovGenerated(uint64(len(v)))
+			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
+		}
+	}
+	if m.ControllerPublishSecretRef != nil {
+		l = m.ControllerPublishSecretRef.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.NodeStageSecretRef != nil {
+		l = m.NodeStageSecretRef.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.NodePublishSecretRef != nil {
+		l = m.NodePublishSecretRef.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
 	return n
 }
 
@@ -10744,6 +10994,18 @@ func (m *ConfigMap) Size() (n int) {
 			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
 		}
 	}
+	if len(m.BinaryData) > 0 {
+		for k, v := range m.BinaryData {
+			_ = k
+			_ = v
+			l = 0
+			if v != nil {
+				l = 1 + len(v) + sovGenerated(uint64(len(v)))
+			}
+			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + l
+			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
+		}
+	}
 	return n
 }
 
@@ -11332,6 +11594,29 @@ func (m *FCVolumeSource) Size() (n int) {
 	return n
 }
 
+func (m *FlexPersistentVolumeSource) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.Driver)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.FSType)
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.SecretRef != nil {
+		l = m.SecretRef.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	n += 2
+	if len(m.Options) > 0 {
+		for k, v := range m.Options {
+			_ = k
+			_ = v
+			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + len(v) + sovGenerated(uint64(len(v)))
+			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
+		}
+	}
+	return n
+}
+
 func (m *FlexVolumeSource) Size() (n int) {
 	var l int
 	_ = l
@@ -12400,6 +12685,10 @@ func (m *PersistentVolumeSpec) Size() (n int) {
 		l = len(*m.VolumeMode)
 		n += 1 + l + sovGenerated(uint64(l))
 	}
+	if m.NodeAffinity != nil {
+		l = m.NodeAffinity.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
 	return n
 }
 
@@ -12653,6 +12942,9 @@ func (m *PodSecurityContext) Size() (n int) {
 	if m.FSGroup != nil {
 		n += 1 + sovGenerated(uint64(*m.FSGroup))
 	}
+	if m.RunAsGroup != nil {
+		n += 1 + sovGenerated(uint64(*m.RunAsGroup))
+	}
 	return n
 }
 
@@ -12758,6 +13050,9 @@ func (m *PodSpec) Size() (n int) {
 		l = m.DNSConfig.Size()
 		n += 2 + l + sovGenerated(uint64(l))
 	}
+	if m.ShareProcessNamespace != nil {
+		n += 3
+	}
 	return n
 }
 
@@ -12798,6 +13093,8 @@ func (m *PodStatus) Size() (n int) {
 			n += 1 + l + sovGenerated(uint64(l))
 		}
 	}
+	l = len(m.NominatedNodeName)
+	n += 1 + l + sovGenerated(uint64(l))
 	return n
 }
 
@@ -13395,6 +13692,9 @@ func (m *SecurityContext) Size() (n int) {
 	if m.AllowPrivilegeEscalation != nil {
 		n += 2
 	}
+	if m.RunAsGroup != nil {
+		n += 1 + sovGenerated(uint64(*m.RunAsGroup))
+	}
 	return n
 }
 
@@ -13683,6 +13983,16 @@ func (m *VolumeMount) Size() (n int) {
 	return n
 }
 
+func (m *VolumeNodeAffinity) Size() (n int) {
+	var l int
+	_ = l
+	if m.Required != nil {
+		l = m.Required.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
 func (m *VolumeProjection) Size() (n int) {
 	var l int
 	_ = l
@@ -13952,10 +14262,25 @@ func (this *CSIPersistentVolumeSource) String() string {
 	if this == nil {
 		return "nil"
 	}
+	keysForVolumeAttributes := make([]string, 0, len(this.VolumeAttributes))
+	for k := range this.VolumeAttributes {
+		keysForVolumeAttributes = append(keysForVolumeAttributes, k)
+	}
+	github_com_gogo_protobuf_sortkeys.Strings(keysForVolumeAttributes)
+	mapStringForVolumeAttributes := "map[string]string{"
+	for _, k := range keysForVolumeAttributes {
+		mapStringForVolumeAttributes += fmt.Sprintf("%v: %v,", k, this.VolumeAttributes[k])
+	}
+	mapStringForVolumeAttributes += "}"
 	s := strings.Join([]string{`&CSIPersistentVolumeSource{`,
 		`Driver:` + fmt.Sprintf("%v", this.Driver) + `,`,
 		`VolumeHandle:` + fmt.Sprintf("%v", this.VolumeHandle) + `,`,
 		`ReadOnly:` + fmt.Sprintf("%v", this.ReadOnly) + `,`,
+		`FSType:` + fmt.Sprintf("%v", this.FSType) + `,`,
+		`VolumeAttributes:` + mapStringForVolumeAttributes + `,`,
+		`ControllerPublishSecretRef:` + strings.Replace(fmt.Sprintf("%v", this.ControllerPublishSecretRef), "SecretReference", "SecretReference", 1) + `,`,
+		`NodeStageSecretRef:` + strings.Replace(fmt.Sprintf("%v", this.NodeStageSecretRef), "SecretReference", "SecretReference", 1) + `,`,
+		`NodePublishSecretRef:` + strings.Replace(fmt.Sprintf("%v", this.NodePublishSecretRef), "SecretReference", "SecretReference", 1) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -14072,9 +14397,20 @@ func (this *ConfigMap) String() string {
 		mapStringForData += fmt.Sprintf("%v: %v,", k, this.Data[k])
 	}
 	mapStringForData += "}"
+	keysForBinaryData := make([]string, 0, len(this.BinaryData))
+	for k := range this.BinaryData {
+		keysForBinaryData = append(keysForBinaryData, k)
+	}
+	github_com_gogo_protobuf_sortkeys.Strings(keysForBinaryData)
+	mapStringForBinaryData := "map[string][]byte{"
+	for _, k := range keysForBinaryData {
+		mapStringForBinaryData += fmt.Sprintf("%v: %v,", k, this.BinaryData[k])
+	}
+	mapStringForBinaryData += "}"
 	s := strings.Join([]string{`&ConfigMap{`,
 		`ObjectMeta:` + strings.Replace(strings.Replace(this.ObjectMeta.String(), "ObjectMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
 		`Data:` + mapStringForData + `,`,
+		`BinaryData:` + mapStringForBinaryData + `,`,
 		`}`,
 	}, "")
 	return s
@@ -14505,6 +14841,30 @@ func (this *FCVolumeSource) String() string {
 	}, "")
 	return s
 }
+func (this *FlexPersistentVolumeSource) String() string {
+	if this == nil {
+		return "nil"
+	}
+	keysForOptions := make([]string, 0, len(this.Options))
+	for k := range this.Options {
+		keysForOptions = append(keysForOptions, k)
+	}
+	github_com_gogo_protobuf_sortkeys.Strings(keysForOptions)
+	mapStringForOptions := "map[string]string{"
+	for _, k := range keysForOptions {
+		mapStringForOptions += fmt.Sprintf("%v: %v,", k, this.Options[k])
+	}
+	mapStringForOptions += "}"
+	s := strings.Join([]string{`&FlexPersistentVolumeSource{`,
+		`Driver:` + fmt.Sprintf("%v", this.Driver) + `,`,
+		`FSType:` + fmt.Sprintf("%v", this.FSType) + `,`,
+		`SecretRef:` + strings.Replace(fmt.Sprintf("%v", this.SecretRef), "SecretReference", "SecretReference", 1) + `,`,
+		`ReadOnly:` + fmt.Sprintf("%v", this.ReadOnly) + `,`,
+		`Options:` + mapStringForOptions + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *FlexVolumeSource) String() string {
 	if this == nil {
 		return "nil"
@@ -15331,7 +15691,7 @@ func (this *PersistentVolumeSource) String() string {
 		`CephFS:` + strings.Replace(fmt.Sprintf("%v", this.CephFS), "CephFSPersistentVolumeSource", "CephFSPersistentVolumeSource", 1) + `,`,
 		`FC:` + strings.Replace(fmt.Sprintf("%v", this.FC), "FCVolumeSource", "FCVolumeSource", 1) + `,`,
 		`Flocker:` + strings.Replace(fmt.Sprintf("%v", this.Flocker), "FlockerVolumeSource", "FlockerVolumeSource", 1) + `,`,
-		`FlexVolume:` + strings.Replace(fmt.Sprintf("%v", this.FlexVolume), "FlexVolumeSource", "FlexVolumeSource", 1) + `,`,
+		`FlexVolume:` + strings.Replace(fmt.Sprintf("%v", this.FlexVolume), "FlexPersistentVolumeSource", "FlexPersistentVolumeSource", 1) + `,`,
 		`AzureFile:` + strings.Replace(fmt.Sprintf("%v", this.AzureFile), "AzureFilePersistentVolumeSource", "AzureFilePersistentVolumeSource", 1) + `,`,
 		`VsphereVolume:` + strings.Replace(fmt.Sprintf("%v", this.VsphereVolume), "VsphereVirtualDiskVolumeSource", "VsphereVirtualDiskVolumeSource", 1) + `,`,
 		`Quobyte:` + strings.Replace(fmt.Sprintf("%v", this.Quobyte), "QuobyteVolumeSource", "QuobyteVolumeSource", 1) + `,`,
@@ -15369,6 +15729,7 @@ func (this *PersistentVolumeSpec) String() string {
 		`StorageClassName:` + fmt.Sprintf("%v", this.StorageClassName) + `,`,
 		`MountOptions:` + fmt.Sprintf("%v", this.MountOptions) + `,`,
 		`VolumeMode:` + valueToStringGenerated(this.VolumeMode) + `,`,
+		`NodeAffinity:` + strings.Replace(fmt.Sprintf("%v", this.NodeAffinity), "VolumeNodeAffinity", "VolumeNodeAffinity", 1) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -15567,6 +15928,7 @@ func (this *PodSecurityContext) String() string {
 		`RunAsNonRoot:` + valueToStringGenerated(this.RunAsNonRoot) + `,`,
 		`SupplementalGroups:` + fmt.Sprintf("%v", this.SupplementalGroups) + `,`,
 		`FSGroup:` + valueToStringGenerated(this.FSGroup) + `,`,
+		`RunAsGroup:` + valueToStringGenerated(this.RunAsGroup) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -15622,6 +15984,7 @@ func (this *PodSpec) String() string {
 		`PriorityClassName:` + fmt.Sprintf("%v", this.PriorityClassName) + `,`,
 		`Priority:` + valueToStringGenerated(this.Priority) + `,`,
 		`DNSConfig:` + strings.Replace(fmt.Sprintf("%v", this.DNSConfig), "PodDNSConfig", "PodDNSConfig", 1) + `,`,
+		`ShareProcessNamespace:` + valueToStringGenerated(this.ShareProcessNamespace) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -15641,6 +16004,7 @@ func (this *PodStatus) String() string {
 		`ContainerStatuses:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ContainerStatuses), "ContainerStatus", "ContainerStatus", 1), `&`, ``, 1) + `,`,
 		`QOSClass:` + fmt.Sprintf("%v", this.QOSClass) + `,`,
 		`InitContainerStatuses:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.InitContainerStatuses), "ContainerStatus", "ContainerStatus", 1), `&`, ``, 1) + `,`,
+		`NominatedNodeName:` + fmt.Sprintf("%v", this.NominatedNodeName) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -16180,6 +16544,7 @@ func (this *SecurityContext) String() string {
 		`RunAsNonRoot:` + valueToStringGenerated(this.RunAsNonRoot) + `,`,
 		`ReadOnlyRootFilesystem:` + valueToStringGenerated(this.ReadOnlyRootFilesystem) + `,`,
 		`AllowPrivilegeEscalation:` + valueToStringGenerated(this.AllowPrivilegeEscalation) + `,`,
+		`RunAsGroup:` + valueToStringGenerated(this.RunAsGroup) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -16430,6 +16795,16 @@ func (this *VolumeMount) String() string {
 	}, "")
 	return s
 }
+func (this *VolumeNodeAffinity) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&VolumeNodeAffinity{`,
+		`Required:` + strings.Replace(fmt.Sprintf("%v", this.Required), "NodeSelector", "NodeSelector", 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *VolumeProjection) String() string {
 	if this == nil {
 		return "nil"
@@ -17717,6 +18092,250 @@ func (m *CSIPersistentVolumeSource) Unmarshal(dAtA []byte) error {
 				}
 			}
 			m.ReadOnly = bool(v != 0)
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field FSType", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.FSType = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field VolumeAttributes", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			var keykey uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				keykey |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			var stringLenmapkey uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLenmapkey |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLenmapkey := int(stringLenmapkey)
+			if intStringLenmapkey < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postStringIndexmapkey := iNdEx + intStringLenmapkey
+			if postStringIndexmapkey > l {
+				return io.ErrUnexpectedEOF
+			}
+			mapkey := string(dAtA[iNdEx:postStringIndexmapkey])
+			iNdEx = postStringIndexmapkey
+			if m.VolumeAttributes == nil {
+				m.VolumeAttributes = make(map[string]string)
+			}
+			if iNdEx < postIndex {
+				var valuekey uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					valuekey |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				var stringLenmapvalue uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					stringLenmapvalue |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				intStringLenmapvalue := int(stringLenmapvalue)
+				if intStringLenmapvalue < 0 {
+					return ErrInvalidLengthGenerated
+				}
+				postStringIndexmapvalue := iNdEx + intStringLenmapvalue
+				if postStringIndexmapvalue > l {
+					return io.ErrUnexpectedEOF
+				}
+				mapvalue := string(dAtA[iNdEx:postStringIndexmapvalue])
+				iNdEx = postStringIndexmapvalue
+				m.VolumeAttributes[mapkey] = mapvalue
+			} else {
+				var mapvalue string
+				m.VolumeAttributes[mapkey] = mapvalue
+			}
+			iNdEx = postIndex
+		case 6:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ControllerPublishSecretRef", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.ControllerPublishSecretRef == nil {
+				m.ControllerPublishSecretRef = &SecretReference{}
+			}
+			if err := m.ControllerPublishSecretRef.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 7:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field NodeStageSecretRef", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.NodeStageSecretRef == nil {
+				m.NodeStageSecretRef = &SecretReference{}
+			}
+			if err := m.NodeStageSecretRef.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 8:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field NodePublishSecretRef", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.NodePublishSecretRef == nil {
+				m.NodePublishSecretRef = &SecretReference{}
+			}
+			if err := m.NodePublishSecretRef.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -19045,6 +19664,123 @@ func (m *ConfigMap) Unmarshal(dAtA []byte) error {
 				m.Data[mapkey] = mapvalue
 			}
 			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field BinaryData", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			var keykey uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				keykey |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			var stringLenmapkey uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLenmapkey |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLenmapkey := int(stringLenmapkey)
+			if intStringLenmapkey < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postStringIndexmapkey := iNdEx + intStringLenmapkey
+			if postStringIndexmapkey > l {
+				return io.ErrUnexpectedEOF
+			}
+			mapkey := string(dAtA[iNdEx:postStringIndexmapkey])
+			iNdEx = postStringIndexmapkey
+			if m.BinaryData == nil {
+				m.BinaryData = make(map[string][]byte)
+			}
+			if iNdEx < postIndex {
+				var valuekey uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					valuekey |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				var mapbyteLen uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					mapbyteLen |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				intMapbyteLen := int(mapbyteLen)
+				if intMapbyteLen < 0 {
+					return ErrInvalidLengthGenerated
+				}
+				postbytesIndex := iNdEx + intMapbyteLen
+				if postbytesIndex > l {
+					return io.ErrUnexpectedEOF
+				}
+				mapvalue := make([]byte, mapbyteLen)
+				copy(mapvalue, dAtA[iNdEx:postbytesIndex])
+				iNdEx = postbytesIndex
+				m.BinaryData[mapkey] = mapvalue
+			} else {
+				var mapvalue []byte
+				m.BinaryData[mapkey] = mapvalue
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -24366,7 +25102,7 @@ func (m *FCVolumeSource) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *FlexVolumeSource) Unmarshal(dAtA []byte) error {
+func (m *FlexPersistentVolumeSource) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -24389,10 +25125,10 @@ func (m *FlexVolumeSource) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: FlexVolumeSource: wiretype end group for non-group")
+			return fmt.Errorf("proto: FlexPersistentVolumeSource: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: FlexVolumeSource: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: FlexPersistentVolumeSource: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
@@ -24480,7 +25216,7 @@ func (m *FlexVolumeSource) Unmarshal(dAtA []byte) error {
 				return io.ErrUnexpectedEOF
 			}
 			if m.SecretRef == nil {
-				m.SecretRef = &LocalObjectReference{}
+				m.SecretRef = &SecretReference{}
 			}
 			if err := m.SecretRef.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
@@ -24643,115 +25379,7 @@ func (m *FlexVolumeSource) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *FlockerVolumeSource) Unmarshal(dAtA []byte) error {
-	l := len(dAtA)
-	iNdEx := 0
-	for iNdEx < l {
-		preIndex := iNdEx
-		var wire uint64
-		for shift := uint(0); ; shift += 7 {
-			if shift >= 64 {
-				return ErrIntOverflowGenerated
-			}
-			if iNdEx >= l {
-				return io.ErrUnexpectedEOF
-			}
-			b := dAtA[iNdEx]
-			iNdEx++
-			wire |= (uint64(b) & 0x7F) << shift
-			if b < 0x80 {
-				break
-			}
-		}
-		fieldNum := int32(wire >> 3)
-		wireType := int(wire & 0x7)
-		if wireType == 4 {
-			return fmt.Errorf("proto: FlockerVolumeSource: wiretype end group for non-group")
-		}
-		if fieldNum <= 0 {
-			return fmt.Errorf("proto: FlockerVolumeSource: illegal tag %d (wire type %d)", fieldNum, wire)
-		}
-		switch fieldNum {
-		case 1:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field DatasetName", wireType)
-			}
-			var stringLen uint64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				stringLen |= (uint64(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + intStringLen
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			m.DatasetName = string(dAtA[iNdEx:postIndex])
-			iNdEx = postIndex
-		case 2:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field DatasetUUID", wireType)
-			}
-			var stringLen uint64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				stringLen |= (uint64(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + intStringLen
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			m.DatasetUUID = string(dAtA[iNdEx:postIndex])
-			iNdEx = postIndex
-		default:
-			iNdEx = preIndex
-			skippy, err := skipGenerated(dAtA[iNdEx:])
-			if err != nil {
-				return err
-			}
-			if skippy < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if (iNdEx + skippy) > l {
-				return io.ErrUnexpectedEOF
-			}
-			iNdEx += skippy
-		}
-	}
-
-	if iNdEx > l {
-		return io.ErrUnexpectedEOF
-	}
-	return nil
-}
-func (m *GCEPersistentDiskVolumeSource) Unmarshal(dAtA []byte) error {
+func (m *FlexVolumeSource) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -24774,44 +25402,429 @@ func (m *GCEPersistentDiskVolumeSource) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: GCEPersistentDiskVolumeSource: wiretype end group for non-group")
+			return fmt.Errorf("proto: FlexVolumeSource: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: GCEPersistentDiskVolumeSource: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: FlexVolumeSource: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field PDName", wireType)
-			}
-			var stringLen uint64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				stringLen |= (uint64(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + intStringLen
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			m.PDName = string(dAtA[iNdEx:postIndex])
-			iNdEx = postIndex
-		case 2:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field FSType", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Driver", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Driver = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field FSType", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.FSType = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field SecretRef", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.SecretRef == nil {
+				m.SecretRef = &LocalObjectReference{}
+			}
+			if err := m.SecretRef.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 4:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ReadOnly", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.ReadOnly = bool(v != 0)
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Options", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			var keykey uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				keykey |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			var stringLenmapkey uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLenmapkey |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLenmapkey := int(stringLenmapkey)
+			if intStringLenmapkey < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postStringIndexmapkey := iNdEx + intStringLenmapkey
+			if postStringIndexmapkey > l {
+				return io.ErrUnexpectedEOF
+			}
+			mapkey := string(dAtA[iNdEx:postStringIndexmapkey])
+			iNdEx = postStringIndexmapkey
+			if m.Options == nil {
+				m.Options = make(map[string]string)
+			}
+			if iNdEx < postIndex {
+				var valuekey uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					valuekey |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				var stringLenmapvalue uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					stringLenmapvalue |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				intStringLenmapvalue := int(stringLenmapvalue)
+				if intStringLenmapvalue < 0 {
+					return ErrInvalidLengthGenerated
+				}
+				postStringIndexmapvalue := iNdEx + intStringLenmapvalue
+				if postStringIndexmapvalue > l {
+					return io.ErrUnexpectedEOF
+				}
+				mapvalue := string(dAtA[iNdEx:postStringIndexmapvalue])
+				iNdEx = postStringIndexmapvalue
+				m.Options[mapkey] = mapvalue
+			} else {
+				var mapvalue string
+				m.Options[mapkey] = mapvalue
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *FlockerVolumeSource) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: FlockerVolumeSource: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: FlockerVolumeSource: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field DatasetName", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.DatasetName = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field DatasetUUID", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.DatasetUUID = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *GCEPersistentDiskVolumeSource) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: GCEPersistentDiskVolumeSource: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: GCEPersistentDiskVolumeSource: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field PDName", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.PDName = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field FSType", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -34215,7 +35228,7 @@ func (m *PersistentVolumeSource) Unmarshal(dAtA []byte) error {
 				return io.ErrUnexpectedEOF
 			}
 			if m.FlexVolume == nil {
-				m.FlexVolume = &FlexVolumeSource{}
+				m.FlexVolume = &FlexPersistentVolumeSource{}
 			}
 			if err := m.FlexVolume.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
@@ -34870,13 +35883,72 @@ func (m *PersistentVolumeSpec) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.StorageClassName = string(dAtA[iNdEx:postIndex])
+			m.StorageClassName = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 7:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field MountOptions", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.MountOptions = append(m.MountOptions, string(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
+		case 8:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field VolumeMode", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			s := PersistentVolumeMode(dAtA[iNdEx:postIndex])
+			m.VolumeMode = &s
 			iNdEx = postIndex
-		case 7:
+		case 9:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field MountOptions", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field NodeAffinity", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -34886,50 +35958,24 @@ func (m *PersistentVolumeSpec) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= (uint64(b) & 0x7F) << shift
+				msglen |= (int(b) & 0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.MountOptions = append(m.MountOptions, string(dAtA[iNdEx:postIndex]))
-			iNdEx = postIndex
-		case 8:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field VolumeMode", wireType)
-			}
-			var stringLen uint64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				stringLen |= (uint64(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
-				return ErrInvalidLengthGenerated
+			if m.NodeAffinity == nil {
+				m.NodeAffinity = &VolumeNodeAffinity{}
 			}
-			postIndex := iNdEx + intStringLen
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
+			if err := m.NodeAffinity.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
 			}
-			s := PersistentVolumeMode(dAtA[iNdEx:postIndex])
-			m.VolumeMode = &s
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -37242,6 +38288,26 @@ func (m *PodSecurityContext) Unmarshal(dAtA []byte) error {
 				}
 			}
 			m.FSGroup = &v
+		case 6:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field RunAsGroup", wireType)
+			}
+			var v int64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.RunAsGroup = &v
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -38178,6 +39244,27 @@ func (m *PodSpec) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 27:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ShareProcessNamespace", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			b := bool(v != 0)
+			m.ShareProcessNamespace = &b
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -38315,131 +39402,191 @@ func (m *PodStatus) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Message = string(dAtA[iNdEx:postIndex])
-			iNdEx = postIndex
-		case 4:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Reason", wireType)
-			}
-			var stringLen uint64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				stringLen |= (uint64(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + intStringLen
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			m.Reason = string(dAtA[iNdEx:postIndex])
-			iNdEx = postIndex
-		case 5:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field HostIP", wireType)
-			}
-			var stringLen uint64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				stringLen |= (uint64(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + intStringLen
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			m.HostIP = string(dAtA[iNdEx:postIndex])
-			iNdEx = postIndex
-		case 6:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field PodIP", wireType)
-			}
-			var stringLen uint64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				stringLen |= (uint64(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + intStringLen
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			m.PodIP = string(dAtA[iNdEx:postIndex])
-			iNdEx = postIndex
-		case 7:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field StartTime", wireType)
-			}
-			var msglen int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				msglen |= (int(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			if msglen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + msglen
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			if m.StartTime == nil {
-				m.StartTime = &k8s_io_apimachinery_pkg_apis_meta_v1.Time{}
-			}
-			if err := m.StartTime.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
+			m.Message = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Reason", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Reason = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field HostIP", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.HostIP = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 6:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field PodIP", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.PodIP = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 7:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field StartTime", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.StartTime == nil {
+				m.StartTime = &k8s_io_apimachinery_pkg_apis_meta_v1.Time{}
+			}
+			if err := m.StartTime.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 8:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ContainerStatuses", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.ContainerStatuses = append(m.ContainerStatuses, ContainerStatus{})
+			if err := m.ContainerStatuses[len(m.ContainerStatuses)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 9:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field QOSClass", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.QOSClass = PodQOSClass(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
-		case 8:
+		case 10:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ContainerStatuses", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field InitContainerStatuses", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -38463,14 +39610,14 @@ func (m *PodStatus) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.ContainerStatuses = append(m.ContainerStatuses, ContainerStatus{})
-			if err := m.ContainerStatuses[len(m.ContainerStatuses)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.InitContainerStatuses = append(m.InitContainerStatuses, ContainerStatus{})
+			if err := m.InitContainerStatuses[len(m.InitContainerStatuses)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		case 9:
+		case 11:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field QOSClass", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field NominatedNodeName", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -38495,38 +39642,7 @@ func (m *PodStatus) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.QOSClass = PodQOSClass(dAtA[iNdEx:postIndex])
-			iNdEx = postIndex
-		case 10:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field InitContainerStatuses", wireType)
-			}
-			var msglen int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				msglen |= (int(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			if msglen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + msglen
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			m.InitContainerStatuses = append(m.InitContainerStatuses, ContainerStatus{})
-			if err := m.InitContainerStatuses[len(m.InitContainerStatuses)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
+			m.NominatedNodeName = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -44747,6 +45863,26 @@ func (m *SecurityContext) Unmarshal(dAtA []byte) error {
 			}
 			b := bool(v != 0)
 			m.AllowPrivilegeEscalation = &b
+		case 8:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field RunAsGroup", wireType)
+			}
+			var v int64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.RunAsGroup = &v
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -47649,6 +48785,89 @@ func (m *VolumeMount) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
+func (m *VolumeNodeAffinity) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: VolumeNodeAffinity: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: VolumeNodeAffinity: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Required", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Required == nil {
+				m.Required = &NodeSelector{}
+			}
+			if err := m.Required.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
 func (m *VolumeProjection) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
@@ -49114,777 +50333,797 @@ func init() {
 }
 
 var fileDescriptorGenerated = []byte{
-	// 12346 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x7d, 0x6d, 0x90, 0x24, 0x47,
-	0x56, 0xd8, 0x55, 0xf7, 0x7c, 0xf5, 0x9b, 0xef, 0xdc, 0x5d, 0xa9, 0x77, 0x24, 0x6d, 0xaf, 0x4a,
-	0x77, 0xd2, 0xea, 0x6b, 0xe6, 0xb4, 0x92, 0x4e, 0xcb, 0xe9, 0x4e, 0x30, 0x33, 0x3d, 0xb3, 0xdb,
-	0xda, 0x9d, 0xd9, 0x56, 0xf6, 0xec, 0xee, 0x9d, 0x10, 0xe7, 0xab, 0xe9, 0xce, 0x99, 0x29, 0x4d,
-	0x4d, 0x55, 0xab, 0xaa, 0x7a, 0x76, 0x47, 0x01, 0x11, 0xf6, 0x19, 0xf0, 0x07, 0xfc, 0x20, 0x6c,
-	0xc2, 0xc6, 0x40, 0xe0, 0x08, 0x1b, 0x07, 0x9c, 0xb1, 0x1d, 0xc6, 0x60, 0xc0, 0x80, 0x6d, 0x8c,
-	0x1d, 0x0e, 0xf8, 0x83, 0xc1, 0xfe, 0x71, 0x44, 0x10, 0x1e, 0xc3, 0x40, 0xd8, 0xc1, 0x0f, 0x3b,
-	0x6c, 0xf3, 0x8b, 0x31, 0x36, 0x8e, 0xfc, 0xac, 0xcc, 0xea, 0xaa, 0xee, 0x9e, 0xd5, 0xec, 0x48,
-	0x10, 0xf7, 0xaf, 0x3b, 0xdf, 0xcb, 0x97, 0x59, 0xf9, 0xf1, 0xf2, 0xe5, 0xcb, 0xf7, 0x01, 0x6f,
-	0xee, 0x5e, 0x8b, 0xe6, 0xdd, 0x60, 0x61, 0xb7, 0xb3, 0x49, 0x42, 0x9f, 0xc4, 0x24, 0x5a, 0xd8,
-	0x27, 0x7e, 0x2b, 0x08, 0x17, 0x04, 0xc0, 0x69, 0xbb, 0x0b, 0xcd, 0x20, 0x24, 0x0b, 0xfb, 0xaf,
-	0x2c, 0x6c, 0x13, 0x9f, 0x84, 0x4e, 0x4c, 0x5a, 0xf3, 0xed, 0x30, 0x88, 0x03, 0x84, 0x38, 0xce,
-	0xbc, 0xd3, 0x76, 0xe7, 0x29, 0xce, 0xfc, 0xfe, 0x2b, 0x73, 0x2f, 0x6f, 0xbb, 0xf1, 0x4e, 0x67,
-	0x73, 0xbe, 0x19, 0xec, 0x2d, 0x6c, 0x07, 0xdb, 0xc1, 0x02, 0x43, 0xdd, 0xec, 0x6c, 0xb1, 0x7f,
-	0xec, 0x0f, 0xfb, 0xc5, 0x49, 0xcc, 0xad, 0x25, 0xcd, 0x90, 0x07, 0x31, 0xf1, 0x23, 0x37, 0xf0,
-	0xa3, 0x97, 0x9d, 0xb6, 0x1b, 0x91, 0x70, 0x9f, 0x84, 0x0b, 0xed, 0xdd, 0x6d, 0x0a, 0x8b, 0x4c,
-	0x84, 0x85, 0xfd, 0x57, 0x36, 0x49, 0xec, 0x74, 0xf5, 0x68, 0xee, 0xb5, 0x84, 0xdc, 0x9e, 0xd3,
-	0xdc, 0x71, 0x7d, 0x12, 0x1e, 0x48, 0x1a, 0x0b, 0x21, 0x89, 0x82, 0x4e, 0xd8, 0x24, 0x27, 0xaa,
-	0x15, 0x2d, 0xec, 0x91, 0xd8, 0xc9, 0xf8, 0xfa, 0xb9, 0x85, 0xbc, 0x5a, 0x61, 0xc7, 0x8f, 0xdd,
-	0xbd, 0xee, 0x66, 0x3e, 0xd7, 0xaf, 0x42, 0xd4, 0xdc, 0x21, 0x7b, 0x4e, 0x57, 0xbd, 0x57, 0xf3,
-	0xea, 0x75, 0x62, 0xd7, 0x5b, 0x70, 0xfd, 0x38, 0x8a, 0xc3, 0x74, 0x25, 0xfb, 0x1b, 0x16, 0x5c,
-	0x5e, 0xbc, 0xd7, 0x58, 0xf1, 0x9c, 0x28, 0x76, 0x9b, 0x4b, 0x5e, 0xd0, 0xdc, 0x6d, 0xc4, 0x41,
-	0x48, 0xee, 0x06, 0x5e, 0x67, 0x8f, 0x34, 0xd8, 0x40, 0xa0, 0x97, 0x60, 0x6c, 0x9f, 0xfd, 0xaf,
-	0x55, 0xcb, 0xd6, 0x65, 0xeb, 0x4a, 0x69, 0x69, 0xe6, 0xd7, 0x0e, 0x2b, 0x9f, 0x3a, 0x3a, 0xac,
-	0x8c, 0xdd, 0x15, 0xe5, 0x58, 0x61, 0xa0, 0x67, 0x61, 0x64, 0x2b, 0xda, 0x38, 0x68, 0x93, 0x72,
-	0x81, 0xe1, 0x4e, 0x09, 0xdc, 0x91, 0xd5, 0x06, 0x2d, 0xc5, 0x02, 0x8a, 0x16, 0xa0, 0xd4, 0x76,
-	0xc2, 0xd8, 0x8d, 0xdd, 0xc0, 0x2f, 0x17, 0x2f, 0x5b, 0x57, 0x86, 0x97, 0x66, 0x05, 0x6a, 0xa9,
-	0x2e, 0x01, 0x38, 0xc1, 0xa1, 0xdd, 0x08, 0x89, 0xd3, 0xba, 0xed, 0x7b, 0x07, 0xe5, 0xa1, 0xcb,
-	0xd6, 0x95, 0xb1, 0xa4, 0x1b, 0x58, 0x94, 0x63, 0x85, 0x61, 0xff, 0x70, 0x01, 0xc6, 0x16, 0xb7,
-	0xb6, 0x5c, 0xdf, 0x8d, 0x0f, 0xd0, 0x5d, 0x98, 0xf0, 0x83, 0x16, 0x91, 0xff, 0xd9, 0x57, 0x8c,
-	0x5f, 0xbd, 0x3c, 0xdf, 0xbd, 0x32, 0xe7, 0xd7, 0x35, 0xbc, 0xa5, 0x99, 0xa3, 0xc3, 0xca, 0x84,
-	0x5e, 0x82, 0x0d, 0x3a, 0x08, 0xc3, 0x78, 0x3b, 0x68, 0x29, 0xb2, 0x05, 0x46, 0xb6, 0x92, 0x45,
-	0xb6, 0x9e, 0xa0, 0x2d, 0x4d, 0x1f, 0x1d, 0x56, 0xc6, 0xb5, 0x02, 0xac, 0x13, 0x41, 0x9b, 0x30,
-	0x4d, 0xff, 0xfa, 0xb1, 0xab, 0xe8, 0x16, 0x19, 0xdd, 0x67, 0xf2, 0xe8, 0x6a, 0xa8, 0x4b, 0xe7,
-	0x8e, 0x0e, 0x2b, 0xd3, 0xa9, 0x42, 0x9c, 0x26, 0x68, 0x7f, 0x08, 0x53, 0x8b, 0x71, 0xec, 0x34,
-	0x77, 0x48, 0x8b, 0xcf, 0x20, 0x7a, 0x0d, 0x86, 0x7c, 0x67, 0x8f, 0x88, 0xf9, 0xbd, 0x2c, 0x06,
-	0x76, 0x68, 0xdd, 0xd9, 0x23, 0xc7, 0x87, 0x95, 0x99, 0x3b, 0xbe, 0xfb, 0x41, 0x47, 0xac, 0x0a,
-	0x5a, 0x86, 0x19, 0x36, 0xba, 0x0a, 0xd0, 0x22, 0xfb, 0x6e, 0x93, 0xd4, 0x9d, 0x78, 0x47, 0xcc,
-	0x37, 0x12, 0x75, 0xa1, 0xaa, 0x20, 0x58, 0xc3, 0xb2, 0x1f, 0x40, 0x69, 0x71, 0x3f, 0x70, 0x5b,
-	0xf5, 0xa0, 0x15, 0xa1, 0x5d, 0x98, 0x6e, 0x87, 0x64, 0x8b, 0x84, 0xaa, 0xa8, 0x6c, 0x5d, 0x2e,
-	0x5e, 0x19, 0xbf, 0x7a, 0x25, 0xf3, 0x63, 0x4d, 0xd4, 0x15, 0x3f, 0x0e, 0x0f, 0x96, 0x1e, 0x17,
-	0xed, 0x4d, 0xa7, 0xa0, 0x38, 0x4d, 0xd9, 0xfe, 0x77, 0x05, 0xb8, 0xb0, 0xf8, 0x61, 0x27, 0x24,
-	0x55, 0x37, 0xda, 0x4d, 0xaf, 0xf0, 0x96, 0x1b, 0xed, 0xae, 0x27, 0x23, 0xa0, 0x96, 0x56, 0x55,
-	0x94, 0x63, 0x85, 0x81, 0x5e, 0x86, 0x51, 0xfa, 0xfb, 0x0e, 0xae, 0x89, 0x4f, 0x3e, 0x27, 0x90,
-	0xc7, 0xab, 0x4e, 0xec, 0x54, 0x39, 0x08, 0x4b, 0x1c, 0xb4, 0x06, 0xe3, 0x4d, 0xb6, 0x21, 0xb7,
-	0xd7, 0x82, 0x16, 0x61, 0x93, 0x59, 0x5a, 0x7a, 0x91, 0xa2, 0x2f, 0x27, 0xc5, 0xc7, 0x87, 0x95,
-	0x32, 0xef, 0x9b, 0x20, 0xa1, 0xc1, 0xb0, 0x5e, 0x1f, 0xd9, 0x6a, 0x7f, 0x0d, 0x31, 0x4a, 0x90,
-	0xb1, 0xb7, 0xae, 0x68, 0x5b, 0x65, 0x98, 0x6d, 0x95, 0x89, 0xec, 0x6d, 0x82, 0x5e, 0x81, 0xa1,
-	0x5d, 0xd7, 0x6f, 0x95, 0x47, 0x18, 0xad, 0xa7, 0xe8, 0x9c, 0xdf, 0x74, 0xfd, 0xd6, 0xf1, 0x61,
-	0x65, 0xd6, 0xe8, 0x0e, 0x2d, 0xc4, 0x0c, 0xd5, 0xfe, 0x23, 0x0b, 0x2a, 0x0c, 0xb6, 0xea, 0x7a,
-	0xa4, 0x4e, 0xc2, 0xc8, 0x8d, 0x62, 0xe2, 0xc7, 0xc6, 0x80, 0x5e, 0x05, 0x88, 0x48, 0x33, 0x24,
-	0xb1, 0x36, 0xa4, 0x6a, 0x61, 0x34, 0x14, 0x04, 0x6b, 0x58, 0x94, 0x21, 0x44, 0x3b, 0x4e, 0xc8,
-	0xd6, 0x97, 0x18, 0x58, 0xc5, 0x10, 0x1a, 0x12, 0x80, 0x13, 0x1c, 0x83, 0x21, 0x14, 0xfb, 0x31,
-	0x04, 0xf4, 0x45, 0x98, 0x4e, 0x1a, 0x8b, 0xda, 0x4e, 0x53, 0x0e, 0x20, 0xdb, 0x32, 0x0d, 0x13,
-	0x84, 0xd3, 0xb8, 0xf6, 0x3f, 0xb4, 0xc4, 0xe2, 0xa1, 0x5f, 0xfd, 0x09, 0xff, 0x56, 0xfb, 0x17,
-	0x2c, 0x18, 0x5d, 0x72, 0xfd, 0x96, 0xeb, 0x6f, 0xa3, 0xaf, 0xc2, 0x18, 0x3d, 0x9b, 0x5a, 0x4e,
-	0xec, 0x08, 0xbe, 0xf7, 0x59, 0x6d, 0x6f, 0xa9, 0xa3, 0x62, 0xbe, 0xbd, 0xbb, 0x4d, 0x0b, 0xa2,
-	0x79, 0x8a, 0x4d, 0x77, 0xdb, 0xed, 0xcd, 0xf7, 0x49, 0x33, 0x5e, 0x23, 0xb1, 0x93, 0x7c, 0x4e,
-	0x52, 0x86, 0x15, 0x55, 0x74, 0x13, 0x46, 0x62, 0x27, 0xdc, 0x26, 0xb1, 0x60, 0x80, 0x99, 0x8c,
-	0x8a, 0xd7, 0xc4, 0x74, 0x47, 0x12, 0xbf, 0x49, 0x92, 0x63, 0x61, 0x83, 0x55, 0xc5, 0x82, 0x84,
-	0xfd, 0x53, 0x16, 0x5c, 0x5c, 0x6e, 0xd4, 0x72, 0xd6, 0xd5, 0xb3, 0x30, 0xd2, 0x0a, 0xdd, 0x7d,
-	0x12, 0x8a, 0x71, 0x56, 0x54, 0xaa, 0xac, 0x14, 0x0b, 0x28, 0xba, 0x06, 0x13, 0xfc, 0x40, 0xba,
-	0xe1, 0xf8, 0x2d, 0x4f, 0x0e, 0xf1, 0x79, 0x81, 0x3d, 0x71, 0x57, 0x83, 0x61, 0x03, 0xf3, 0x84,
-	0x03, 0xdd, 0x84, 0x89, 0x65, 0xa7, 0xed, 0x6c, 0xba, 0x9e, 0x1b, 0xbb, 0x24, 0x42, 0xcf, 0x41,
-	0xd1, 0x69, 0xb5, 0x18, 0x0f, 0x2b, 0x2d, 0x5d, 0x38, 0x3a, 0xac, 0x14, 0x17, 0x5b, 0x74, 0x33,
-	0x81, 0xc2, 0x3a, 0xc0, 0x14, 0x03, 0xbd, 0x00, 0x43, 0xad, 0x30, 0x68, 0x97, 0x0b, 0x0c, 0xf3,
-	0x31, 0xba, 0xef, 0xaa, 0x61, 0xd0, 0x4e, 0xa1, 0x32, 0x1c, 0xfb, 0x57, 0x0a, 0xf0, 0xe4, 0x32,
-	0x69, 0xef, 0xac, 0x36, 0x72, 0x46, 0xe5, 0x0a, 0x8c, 0xed, 0x05, 0xbe, 0x1b, 0x07, 0x61, 0x24,
-	0x9a, 0x66, 0xdb, 0x7d, 0x4d, 0x94, 0x61, 0x05, 0x45, 0x97, 0x61, 0xa8, 0x9d, 0xb0, 0xea, 0x09,
-	0xc9, 0xe6, 0x19, 0x93, 0x66, 0x10, 0x8a, 0xd1, 0x89, 0x48, 0x28, 0xd8, 0x94, 0xc2, 0xb8, 0x13,
-	0x91, 0x10, 0x33, 0x48, 0xb2, 0xde, 0xe9, 0x4e, 0x10, 0x7b, 0x28, 0xb5, 0xde, 0x29, 0x04, 0x6b,
-	0x58, 0xa8, 0x0e, 0x25, 0xfe, 0x0f, 0x93, 0x2d, 0xc6, 0x91, 0x72, 0x56, 0x49, 0x43, 0x22, 0x89,
-	0x55, 0x32, 0xc9, 0x36, 0x84, 0x2c, 0xc4, 0x09, 0x11, 0x63, 0x9e, 0x46, 0xfa, 0xce, 0xd3, 0x2f,
-	0x15, 0x00, 0xf1, 0x21, 0xfc, 0x33, 0x36, 0x70, 0x77, 0xba, 0x07, 0x2e, 0xf3, 0x68, 0xbc, 0x15,
-	0x34, 0x1d, 0x2f, 0xbd, 0xc7, 0x4e, 0x6b, 0xf4, 0x7e, 0xc8, 0x02, 0xb4, 0xec, 0xfa, 0x2d, 0x12,
-	0x9e, 0x81, 0x5c, 0x78, 0xb2, 0x0d, 0x78, 0x0b, 0xa6, 0x96, 0x3d, 0x97, 0xf8, 0x71, 0xad, 0xbe,
-	0x1c, 0xf8, 0x5b, 0xee, 0x36, 0xfa, 0x3c, 0x4c, 0x51, 0x31, 0x39, 0xe8, 0xc4, 0x0d, 0xd2, 0x0c,
-	0x7c, 0x26, 0x51, 0x50, 0xe1, 0x12, 0x1d, 0x1d, 0x56, 0xa6, 0x36, 0x0c, 0x08, 0x4e, 0x61, 0xda,
-	0xbf, 0x43, 0x3f, 0x34, 0xd8, 0x6b, 0x07, 0x3e, 0xf1, 0xe3, 0xe5, 0xc0, 0x6f, 0x71, 0xc9, 0xf3,
-	0xf3, 0x30, 0x14, 0xd3, 0x8e, 0xf3, 0x8f, 0x7c, 0x56, 0x4e, 0x2d, 0xed, 0xee, 0xf1, 0x61, 0xe5,
-	0xb1, 0xee, 0x1a, 0xec, 0x83, 0x58, 0x1d, 0xf4, 0x2d, 0x30, 0x12, 0xc5, 0x4e, 0xdc, 0x89, 0xc4,
-	0x67, 0x3f, 0x2d, 0x3f, 0xbb, 0xc1, 0x4a, 0x8f, 0x0f, 0x2b, 0xd3, 0xaa, 0x1a, 0x2f, 0xc2, 0xa2,
-	0x02, 0x7a, 0x1e, 0x46, 0xf7, 0x48, 0x14, 0x39, 0xdb, 0x52, 0x68, 0x98, 0x16, 0x75, 0x47, 0xd7,
-	0x78, 0x31, 0x96, 0x70, 0xf4, 0x0c, 0x0c, 0x93, 0x30, 0x0c, 0x42, 0xb1, 0xaa, 0x26, 0x05, 0xe2,
-	0xf0, 0x0a, 0x2d, 0xc4, 0x1c, 0x66, 0xff, 0x07, 0x0b, 0xa6, 0x55, 0x5f, 0x79, 0x5b, 0x67, 0x70,
-	0x3a, 0xbc, 0x0b, 0xd0, 0x94, 0x1f, 0x18, 0x31, 0x7e, 0x37, 0x7e, 0xf5, 0xd9, 0xac, 0x25, 0xdc,
-	0x3d, 0x8c, 0x09, 0x65, 0x55, 0x14, 0x61, 0x8d, 0x9a, 0xfd, 0x2f, 0x2d, 0x38, 0x97, 0xfa, 0xa2,
-	0x5b, 0x6e, 0x14, 0xa3, 0xf7, 0xba, 0xbe, 0x6a, 0x7e, 0xb0, 0xaf, 0xa2, 0xb5, 0xd9, 0x37, 0xa9,
-	0x35, 0x27, 0x4b, 0xb4, 0x2f, 0xba, 0x01, 0xc3, 0x6e, 0x4c, 0xf6, 0xe4, 0xc7, 0x3c, 0xd3, 0xf3,
-	0x63, 0x78, 0xaf, 0x92, 0x19, 0xa9, 0xd1, 0x9a, 0x98, 0x13, 0xb0, 0xff, 0x97, 0x05, 0x25, 0xbe,
-	0x6c, 0xd7, 0x9c, 0xf6, 0x19, 0xcc, 0x45, 0x0d, 0x86, 0x18, 0x75, 0xde, 0xf1, 0xe7, 0xb2, 0x3b,
-	0x2e, 0xba, 0x33, 0x4f, 0x45, 0x3f, 0x2e, 0x62, 0x2b, 0x66, 0x46, 0x8b, 0x30, 0x23, 0x31, 0xf7,
-	0x06, 0x94, 0x14, 0x02, 0x9a, 0x81, 0xe2, 0x2e, 0xe1, 0xd7, 0xaa, 0x12, 0xa6, 0x3f, 0xd1, 0x79,
-	0x18, 0xde, 0x77, 0xbc, 0x8e, 0xd8, 0xec, 0x98, 0xff, 0xf9, 0x7c, 0xe1, 0x9a, 0x65, 0xff, 0x22,
-	0xdb, 0x63, 0xa2, 0x91, 0x15, 0x7f, 0x5f, 0x30, 0x93, 0x0f, 0xe1, 0xbc, 0x97, 0xc1, 0xc3, 0xc4,
-	0x40, 0x0c, 0xce, 0xf3, 0x9e, 0x14, 0x7d, 0x3d, 0x9f, 0x05, 0xc5, 0x99, 0x6d, 0xd0, 0x63, 0x20,
-	0x68, 0xd3, 0x15, 0xe5, 0x78, 0xac, 0xbf, 0x42, 0x5c, 0xbe, 0x2d, 0xca, 0xb0, 0x82, 0x52, 0x06,
-	0x71, 0x5e, 0x75, 0xfe, 0x26, 0x39, 0x68, 0x10, 0x8f, 0x34, 0xe3, 0x20, 0xfc, 0x58, 0xbb, 0xff,
-	0x14, 0x1f, 0x7d, 0xce, 0x5f, 0xc6, 0x05, 0x81, 0xe2, 0x4d, 0x72, 0xc0, 0xa7, 0x42, 0xff, 0xba,
-	0x62, 0xcf, 0xaf, 0xfb, 0x69, 0x0b, 0x26, 0xd5, 0xd7, 0x9d, 0xc1, 0x46, 0x5a, 0x32, 0x37, 0xd2,
-	0x53, 0x3d, 0xd7, 0x63, 0xce, 0x16, 0xfa, 0x53, 0xc6, 0x02, 0x04, 0x4e, 0x3d, 0x0c, 0xe8, 0xd0,
-	0x50, 0x9e, 0xfd, 0x71, 0x4e, 0xc8, 0x20, 0xdf, 0x75, 0x93, 0x1c, 0x6c, 0x04, 0x54, 0x7c, 0xc8,
-	0xfe, 0x2e, 0x63, 0xd6, 0x86, 0x7a, 0xce, 0xda, 0xcf, 0x16, 0xe0, 0x82, 0x1a, 0x01, 0xe3, 0x80,
-	0xfe, 0xb3, 0x3e, 0x06, 0xaf, 0xc0, 0x78, 0x8b, 0x6c, 0x39, 0x1d, 0x2f, 0x56, 0x37, 0xe7, 0x61,
-	0xae, 0x3d, 0xa9, 0x26, 0xc5, 0x58, 0xc7, 0x39, 0xc1, 0xb0, 0xfd, 0xf8, 0x38, 0xe3, 0xbd, 0xb1,
-	0x43, 0x57, 0x30, 0x95, 0xde, 0x34, 0xfd, 0xc7, 0x84, 0xae, 0xff, 0x10, 0xba, 0x8e, 0x67, 0x60,
-	0xd8, 0xdd, 0xa3, 0x67, 0x71, 0xc1, 0x3c, 0x62, 0x6b, 0xb4, 0x10, 0x73, 0x18, 0xfa, 0x0c, 0x8c,
-	0x36, 0x83, 0xbd, 0x3d, 0xc7, 0x6f, 0x95, 0x8b, 0x4c, 0x9e, 0x1c, 0xa7, 0xc7, 0xf5, 0x32, 0x2f,
-	0xc2, 0x12, 0x86, 0x9e, 0x84, 0x21, 0x27, 0xdc, 0x8e, 0xca, 0x43, 0x0c, 0x67, 0x8c, 0xb6, 0xb4,
-	0x18, 0x6e, 0x47, 0x98, 0x95, 0x52, 0x39, 0xf1, 0x7e, 0x10, 0xee, 0xba, 0xfe, 0x76, 0xd5, 0x0d,
-	0x99, 0xd0, 0xa7, 0xc9, 0x89, 0xf7, 0x14, 0x04, 0x6b, 0x58, 0x68, 0x15, 0x86, 0xdb, 0x41, 0x18,
-	0x47, 0xe5, 0x11, 0x36, 0xdc, 0x4f, 0xe7, 0x6c, 0x25, 0xfe, 0xb5, 0xf5, 0x20, 0x8c, 0x93, 0x0f,
-	0xa0, 0xff, 0x22, 0xcc, 0xab, 0xa3, 0x6f, 0x81, 0x22, 0xf1, 0xf7, 0xcb, 0xa3, 0x8c, 0xca, 0x5c,
-	0x16, 0x95, 0x15, 0x7f, 0xff, 0xae, 0x13, 0x26, 0x7c, 0x66, 0xc5, 0xdf, 0xc7, 0xb4, 0x0e, 0xfa,
-	0x32, 0x94, 0xa4, 0xee, 0x34, 0x2a, 0x8f, 0xe5, 0x2f, 0x31, 0x2c, 0x90, 0x30, 0xf9, 0xa0, 0xe3,
-	0x86, 0x64, 0x8f, 0xf8, 0x71, 0x94, 0xdc, 0x7e, 0x25, 0x34, 0xc2, 0x09, 0x35, 0xf4, 0x65, 0x79,
-	0x9d, 0x5b, 0x0b, 0x3a, 0x7e, 0x1c, 0x95, 0x4b, 0xac, 0x7b, 0x99, 0x8a, 0xb6, 0xbb, 0x09, 0x5e,
-	0xfa, 0xbe, 0xc7, 0x2b, 0x63, 0x83, 0x14, 0xc2, 0x30, 0xe9, 0xb9, 0xfb, 0xc4, 0x27, 0x51, 0x54,
-	0x0f, 0x83, 0x4d, 0x52, 0x06, 0xd6, 0xf3, 0x8b, 0xd9, 0xfa, 0xa7, 0x60, 0x93, 0x2c, 0xcd, 0x1e,
-	0x1d, 0x56, 0x26, 0x6f, 0xe9, 0x75, 0xb0, 0x49, 0x02, 0xdd, 0x81, 0x29, 0x2a, 0xa0, 0xba, 0x09,
-	0xd1, 0xf1, 0x7e, 0x44, 0x99, 0x74, 0x8a, 0x8d, 0x4a, 0x38, 0x45, 0x04, 0xbd, 0x0d, 0x25, 0xcf,
-	0xdd, 0x22, 0xcd, 0x83, 0xa6, 0x47, 0xca, 0x13, 0x8c, 0x62, 0xe6, 0xb6, 0xba, 0x25, 0x91, 0xf8,
-	0x05, 0x40, 0xfd, 0xc5, 0x49, 0x75, 0x74, 0x17, 0x1e, 0x8b, 0x49, 0xb8, 0xe7, 0xfa, 0x0e, 0xdd,
-	0x0e, 0x42, 0x9e, 0x64, 0x5a, 0xbc, 0x49, 0xb6, 0xde, 0x2e, 0x89, 0xa1, 0x7b, 0x6c, 0x23, 0x13,
-	0x0b, 0xe7, 0xd4, 0x46, 0xb7, 0x61, 0x9a, 0xed, 0x84, 0x7a, 0xc7, 0xf3, 0xea, 0x81, 0xe7, 0x36,
-	0x0f, 0xca, 0x53, 0x8c, 0xe0, 0x67, 0xa4, 0x9a, 0xae, 0x66, 0x82, 0xe9, 0x8d, 0x37, 0xf9, 0x87,
-	0xd3, 0xb5, 0xd1, 0x26, 0x53, 0xdb, 0x74, 0x42, 0x37, 0x3e, 0xa0, 0xeb, 0x97, 0x3c, 0x88, 0xcb,
-	0xd3, 0x3d, 0xef, 0x8f, 0x3a, 0xaa, 0xd2, 0xed, 0xe8, 0x85, 0x38, 0x4d, 0x90, 0x6e, 0xed, 0x28,
-	0x6e, 0xb9, 0x7e, 0x79, 0x86, 0x71, 0x0c, 0xb5, 0x33, 0x1a, 0xb4, 0x10, 0x73, 0x18, 0x53, 0xd9,
-	0xd0, 0x1f, 0xb7, 0x29, 0x07, 0x9d, 0x65, 0x88, 0x89, 0xca, 0x46, 0x02, 0x70, 0x82, 0x43, 0x8f,
-	0xe5, 0x38, 0x3e, 0x28, 0x23, 0x86, 0xaa, 0xb6, 0xcb, 0xc6, 0xc6, 0x97, 0x31, 0x2d, 0x47, 0xb7,
-	0x60, 0x94, 0xf8, 0xfb, 0xab, 0x61, 0xb0, 0x57, 0x3e, 0x97, 0xbf, 0x67, 0x57, 0x38, 0x0a, 0x67,
-	0xe8, 0xc9, 0x05, 0x40, 0x14, 0x63, 0x49, 0x02, 0x3d, 0x80, 0x72, 0xc6, 0x8c, 0xf0, 0x09, 0x38,
-	0xcf, 0x26, 0xe0, 0x0b, 0xa2, 0x6e, 0x79, 0x23, 0x07, 0xef, 0xb8, 0x07, 0x0c, 0xe7, 0x52, 0x47,
-	0xdf, 0x01, 0x93, 0x7c, 0x43, 0x71, 0x7d, 0x6f, 0x54, 0xbe, 0xc0, 0xbe, 0xe6, 0x72, 0xfe, 0xe6,
-	0xe4, 0x88, 0x4b, 0x17, 0x44, 0x87, 0x26, 0xf5, 0xd2, 0x08, 0x9b, 0xd4, 0xec, 0x4d, 0x98, 0x52,
-	0x7c, 0x8b, 0x2d, 0x1d, 0x54, 0x81, 0x61, 0xca, 0x90, 0xe5, 0x8d, 0xbd, 0x44, 0x67, 0x8a, 0xe9,
-	0xe9, 0x30, 0x2f, 0x67, 0x33, 0xe5, 0x7e, 0x48, 0x96, 0x0e, 0x62, 0xc2, 0x6f, 0x5d, 0x45, 0x6d,
-	0xa6, 0x24, 0x00, 0x27, 0x38, 0xf6, 0xff, 0xe3, 0x72, 0x4f, 0xc2, 0x1c, 0x07, 0x38, 0x0e, 0x5e,
-	0x82, 0xb1, 0x9d, 0x20, 0x8a, 0x29, 0x36, 0x6b, 0x63, 0x38, 0x91, 0x74, 0x6e, 0x88, 0x72, 0xac,
-	0x30, 0xd0, 0x9b, 0x30, 0xd9, 0xd4, 0x1b, 0x10, 0x67, 0x99, 0x1a, 0x02, 0xa3, 0x75, 0x6c, 0xe2,
-	0xa2, 0x6b, 0x30, 0xc6, 0x5e, 0x6b, 0x9a, 0x81, 0x27, 0xee, 0x77, 0xf2, 0x40, 0x1e, 0xab, 0x8b,
-	0xf2, 0x63, 0xed, 0x37, 0x56, 0xd8, 0xf4, 0xce, 0x4d, 0xbb, 0x50, 0xab, 0x8b, 0x53, 0x44, 0xdd,
-	0xb9, 0x6f, 0xb0, 0x52, 0x2c, 0xa0, 0xf6, 0xdf, 0x28, 0x68, 0xa3, 0x4c, 0x6f, 0x2c, 0x04, 0xd5,
-	0x61, 0xf4, 0xbe, 0xe3, 0xc6, 0xae, 0xbf, 0x2d, 0xc4, 0x85, 0xe7, 0x7b, 0x1e, 0x29, 0xac, 0xd2,
-	0x3d, 0x5e, 0x81, 0x1f, 0x7a, 0xe2, 0x0f, 0x96, 0x64, 0x28, 0xc5, 0xb0, 0xe3, 0xfb, 0x94, 0x62,
-	0x61, 0x50, 0x8a, 0x98, 0x57, 0xe0, 0x14, 0xc5, 0x1f, 0x2c, 0xc9, 0xa0, 0xf7, 0x00, 0xe4, 0xb2,
-	0x24, 0x2d, 0xf1, 0x4a, 0xf2, 0x52, 0x7f, 0xa2, 0x1b, 0xaa, 0xce, 0xd2, 0x14, 0x3d, 0x52, 0x93,
-	0xff, 0x58, 0xa3, 0x67, 0xc7, 0x4c, 0xac, 0xea, 0xee, 0x0c, 0xfa, 0x76, 0xca, 0x09, 0x9c, 0x30,
-	0x26, 0xad, 0xc5, 0x58, 0x0c, 0xce, 0x0b, 0x83, 0x49, 0xc5, 0x1b, 0xee, 0x1e, 0xd1, 0xb9, 0x86,
-	0x20, 0x82, 0x13, 0x7a, 0xf6, 0xcf, 0x17, 0xa1, 0x9c, 0xd7, 0x5d, 0xba, 0xe8, 0xc8, 0x03, 0x37,
-	0x5e, 0xa6, 0xd2, 0x90, 0x65, 0x2e, 0xba, 0x15, 0x51, 0x8e, 0x15, 0x06, 0x9d, 0xfd, 0xc8, 0xdd,
-	0x96, 0x97, 0x9a, 0xe1, 0x64, 0xf6, 0x1b, 0xac, 0x14, 0x0b, 0x28, 0xc5, 0x0b, 0x89, 0x13, 0x89,
-	0x67, 0x38, 0x6d, 0x95, 0x60, 0x56, 0x8a, 0x05, 0x54, 0xd7, 0x47, 0x0c, 0xf5, 0xd1, 0x47, 0x18,
-	0x43, 0x34, 0x7c, 0xba, 0x43, 0x84, 0xbe, 0x02, 0xb0, 0xe5, 0xfa, 0x6e, 0xb4, 0xc3, 0xa8, 0x8f,
-	0x9c, 0x98, 0xba, 0x92, 0xa5, 0x56, 0x15, 0x15, 0xac, 0x51, 0x44, 0xaf, 0xc3, 0xb8, 0xda, 0x80,
-	0xb5, 0x6a, 0x79, 0xd4, 0x7c, 0xe3, 0x49, 0xb8, 0x51, 0x15, 0xeb, 0x78, 0xf6, 0xfb, 0xe9, 0xf5,
-	0x22, 0x76, 0x80, 0x36, 0xbe, 0xd6, 0xa0, 0xe3, 0x5b, 0xe8, 0x3d, 0xbe, 0xf6, 0xaf, 0x16, 0x61,
-	0xda, 0x68, 0xac, 0x13, 0x0d, 0xc0, 0xb3, 0xae, 0xd3, 0x73, 0xce, 0x89, 0x89, 0xd8, 0x7f, 0x76,
-	0xff, 0xad, 0xa2, 0x9f, 0x85, 0x74, 0x07, 0xf0, 0xfa, 0xe8, 0x2b, 0x50, 0xf2, 0x9c, 0x88, 0xe9,
-	0x36, 0x88, 0xd8, 0x77, 0x83, 0x10, 0x4b, 0xee, 0x11, 0x4e, 0x14, 0x6b, 0x47, 0x0d, 0xa7, 0x9d,
-	0x90, 0xa4, 0x07, 0x32, 0x95, 0x7d, 0xe4, 0x3b, 0xaf, 0xea, 0x04, 0x15, 0x90, 0x0e, 0x30, 0x87,
-	0xa1, 0x6b, 0x30, 0x11, 0x12, 0xb6, 0x2a, 0x96, 0xa9, 0x28, 0xc7, 0x96, 0xd9, 0x70, 0x22, 0xf3,
-	0x61, 0x0d, 0x86, 0x0d, 0xcc, 0x44, 0x94, 0x1f, 0xe9, 0x21, 0xca, 0x3f, 0x0f, 0xa3, 0xec, 0x87,
-	0x5a, 0x01, 0x6a, 0x36, 0x6a, 0xbc, 0x18, 0x4b, 0x78, 0x7a, 0xc1, 0x8c, 0x0d, 0xb8, 0x60, 0x5e,
-	0x80, 0xa9, 0xaa, 0x43, 0xf6, 0x02, 0x7f, 0xc5, 0x6f, 0xb5, 0x03, 0xd7, 0x8f, 0x51, 0x19, 0x86,
-	0xd8, 0xe9, 0xc0, 0xf7, 0xf6, 0x10, 0xa5, 0x80, 0x87, 0xa8, 0x60, 0x6e, 0xff, 0x56, 0x01, 0x26,
-	0xab, 0xc4, 0x23, 0x31, 0xe1, 0x57, 0x99, 0x08, 0xad, 0x02, 0xda, 0x0e, 0x9d, 0x26, 0xa9, 0x93,
-	0xd0, 0x0d, 0x5a, 0xba, 0xae, 0xb3, 0xc8, 0xde, 0x13, 0xd0, 0xf5, 0x2e, 0x28, 0xce, 0xa8, 0x81,
-	0xde, 0x85, 0xc9, 0x76, 0x48, 0x0c, 0x15, 0x9d, 0x95, 0x27, 0x8d, 0xd4, 0x75, 0x44, 0x2e, 0x08,
-	0x1b, 0x45, 0xd8, 0x24, 0x85, 0xbe, 0x0d, 0x66, 0x82, 0xb0, 0xbd, 0xe3, 0xf8, 0x55, 0xd2, 0x26,
-	0x7e, 0x8b, 0x4a, 0xfa, 0x42, 0x05, 0x71, 0xfe, 0xe8, 0xb0, 0x32, 0x73, 0x3b, 0x05, 0xc3, 0x5d,
-	0xd8, 0xe8, 0x5d, 0x98, 0x6d, 0x87, 0x41, 0xdb, 0xd9, 0x66, 0x0b, 0x45, 0x08, 0x34, 0x9c, 0xfb,
-	0xbc, 0x74, 0x74, 0x58, 0x99, 0xad, 0xa7, 0x81, 0xc7, 0x87, 0x95, 0x73, 0x6c, 0xa0, 0x68, 0x49,
-	0x02, 0xc4, 0xdd, 0x64, 0xec, 0x6d, 0xb8, 0x50, 0x0d, 0xee, 0xfb, 0xf7, 0x9d, 0xb0, 0xb5, 0x58,
-	0xaf, 0x69, 0xba, 0x83, 0x75, 0x79, 0x77, 0xe5, 0x6f, 0xd1, 0x99, 0xe7, 0x94, 0x56, 0x93, 0xcb,
-	0x2f, 0xab, 0xae, 0x47, 0x72, 0x74, 0x14, 0x7f, 0xbb, 0x60, 0xb4, 0x94, 0xe0, 0xab, 0x67, 0x05,
-	0x2b, 0xf7, 0x59, 0xe1, 0x1d, 0x18, 0xdb, 0x72, 0x89, 0xd7, 0xc2, 0x64, 0x4b, 0xcc, 0xcc, 0x73,
-	0xf9, 0xcf, 0x6b, 0xab, 0x14, 0x53, 0xea, 0xa4, 0xf8, 0xcd, 0x77, 0x55, 0x54, 0xc6, 0x8a, 0x0c,
-	0xda, 0x85, 0x19, 0x79, 0xb5, 0x92, 0x50, 0xb1, 0x89, 0x9f, 0xef, 0x75, 0x5f, 0x33, 0x89, 0xb3,
-	0x09, 0xc4, 0x29, 0x32, 0xb8, 0x8b, 0x30, 0xbd, 0xea, 0xee, 0xd1, 0xe3, 0x6a, 0x88, 0x2d, 0x69,
-	0x76, 0xd5, 0x65, 0xb7, 0x76, 0x56, 0x6a, 0xff, 0xa8, 0x05, 0x8f, 0x77, 0x8d, 0x8c, 0xd0, 0x5e,
-	0x9c, 0xf2, 0x2c, 0xa4, 0xb5, 0x09, 0x85, 0xfe, 0xda, 0x04, 0xfb, 0x1f, 0x59, 0x70, 0x7e, 0x65,
-	0xaf, 0x1d, 0x1f, 0x54, 0x5d, 0xf3, 0xe9, 0xe3, 0x0d, 0x18, 0xd9, 0x23, 0x2d, 0xb7, 0xb3, 0x27,
-	0x66, 0xae, 0x22, 0x59, 0xfa, 0x1a, 0x2b, 0x3d, 0x3e, 0xac, 0x4c, 0x36, 0xe2, 0x20, 0x74, 0xb6,
-	0x09, 0x2f, 0xc0, 0x02, 0x9d, 0x1d, 0x8c, 0xee, 0x87, 0xe4, 0x96, 0xbb, 0xe7, 0xca, 0xe7, 0xd2,
-	0x9e, 0x1a, 0xb5, 0x79, 0x39, 0xa0, 0xf3, 0xef, 0x74, 0x1c, 0x3f, 0x76, 0xe3, 0x03, 0xf1, 0xaa,
-	0x23, 0x89, 0xe0, 0x84, 0x9e, 0xfd, 0x0d, 0x0b, 0xa6, 0x25, 0x2f, 0x59, 0x6c, 0xb5, 0x42, 0x12,
-	0x45, 0x68, 0x0e, 0x0a, 0x6e, 0x5b, 0xf4, 0x12, 0x44, 0x2f, 0x0b, 0xb5, 0x3a, 0x2e, 0xb8, 0x6d,
-	0x54, 0x87, 0x12, 0x7f, 0x75, 0x4d, 0x16, 0xd7, 0x40, 0x6f, 0xb7, 0xac, 0x07, 0x1b, 0xb2, 0x26,
-	0x4e, 0x88, 0x48, 0xa9, 0x98, 0x9d, 0x43, 0x45, 0xf3, 0x49, 0xe8, 0x86, 0x28, 0xc7, 0x0a, 0x03,
-	0x5d, 0x81, 0x31, 0x3f, 0x68, 0xf1, 0x47, 0x70, 0xbe, 0xa7, 0xd9, 0x92, 0x5d, 0x17, 0x65, 0x58,
-	0x41, 0xed, 0xef, 0xb7, 0x60, 0x42, 0x7e, 0xd9, 0x80, 0x02, 0x3a, 0xdd, 0x5a, 0x89, 0x70, 0x9e,
-	0x6c, 0x2d, 0x2a, 0x60, 0x33, 0x88, 0x21, 0x57, 0x17, 0x4f, 0x22, 0x57, 0xdb, 0x3f, 0x52, 0x80,
-	0x29, 0xd9, 0x9d, 0x46, 0x67, 0x33, 0x22, 0x31, 0xda, 0x80, 0x92, 0xc3, 0x87, 0x9c, 0xc8, 0x15,
-	0xfb, 0x4c, 0xf6, 0x85, 0xce, 0x98, 0x9f, 0x44, 0xd4, 0x59, 0x94, 0xb5, 0x71, 0x42, 0x08, 0x79,
-	0x30, 0xeb, 0x07, 0x31, 0x3b, 0xf6, 0x14, 0xbc, 0xd7, 0xb3, 0x43, 0x9a, 0xfa, 0x45, 0x41, 0x7d,
-	0x76, 0x3d, 0x4d, 0x05, 0x77, 0x13, 0x46, 0x2b, 0x52, 0x89, 0x54, 0xcc, 0xbf, 0xc2, 0xe9, 0xb3,
-	0x90, 0xad, 0x43, 0xb2, 0x7f, 0xd9, 0x82, 0x92, 0x44, 0x3b, 0x8b, 0x17, 0xa6, 0x35, 0x18, 0x8d,
-	0xd8, 0x24, 0xc8, 0xa1, 0xb1, 0x7b, 0x75, 0x9c, 0xcf, 0x57, 0x72, 0x9a, 0xf3, 0xff, 0x11, 0x96,
-	0x34, 0x98, 0x16, 0x5c, 0x75, 0xff, 0x13, 0xa2, 0x05, 0x57, 0xfd, 0xc9, 0x39, 0x61, 0xfe, 0x1b,
-	0xeb, 0xb3, 0xa6, 0x2a, 0xa0, 0x42, 0x67, 0x3b, 0x24, 0x5b, 0xee, 0x83, 0xb4, 0xd0, 0x59, 0x67,
-	0xa5, 0x58, 0x40, 0xd1, 0x7b, 0x30, 0xd1, 0x94, 0xca, 0xe3, 0x84, 0x0d, 0x3c, 0xdb, 0x53, 0x15,
-	0xaf, 0x5e, 0x6d, 0xb8, 0x81, 0xdc, 0xb2, 0x56, 0x1f, 0x1b, 0xd4, 0xcc, 0x77, 0xff, 0x62, 0xbf,
-	0x77, 0xff, 0x84, 0x6e, 0xee, 0xcb, 0xb5, 0xfd, 0x63, 0x16, 0x8c, 0x70, 0x15, 0xe4, 0x60, 0x3a,
-	0x5b, 0xed, 0x15, 0x2a, 0x19, 0xbb, 0xbb, 0xb4, 0x50, 0x3c, 0x4a, 0xa1, 0x35, 0x28, 0xb1, 0x1f,
-	0x4c, 0x15, 0x53, 0xcc, 0xb7, 0x0c, 0xe4, 0xad, 0xea, 0x1d, 0xbc, 0x2b, 0xab, 0xe1, 0x84, 0x82,
-	0xfd, 0x83, 0x45, 0xca, 0xaa, 0x12, 0x54, 0xe3, 0x04, 0xb7, 0x1e, 0xdd, 0x09, 0x5e, 0x78, 0x54,
-	0x27, 0xf8, 0x36, 0x4c, 0x37, 0xb5, 0x27, 0xaf, 0x64, 0x26, 0xaf, 0xf4, 0x5c, 0x24, 0xda, 0xeb,
-	0x18, 0x57, 0xc3, 0x2d, 0x9b, 0x44, 0x70, 0x9a, 0x2a, 0xfa, 0x76, 0x98, 0xe0, 0xf3, 0x2c, 0x5a,
-	0x19, 0x62, 0xad, 0x7c, 0x26, 0x7f, 0xbd, 0xe8, 0x4d, 0xb0, 0x95, 0xd8, 0xd0, 0xaa, 0x63, 0x83,
-	0x98, 0xfd, 0xf3, 0x63, 0x30, 0xbc, 0xb2, 0x4f, 0xfc, 0xf8, 0x0c, 0x18, 0x52, 0x13, 0xa6, 0x5c,
-	0x7f, 0x3f, 0xf0, 0xf6, 0x49, 0x8b, 0xc3, 0x4f, 0x72, 0xb8, 0x3e, 0x26, 0x48, 0x4f, 0xd5, 0x0c,
-	0x12, 0x38, 0x45, 0xf2, 0x51, 0xdc, 0xda, 0xaf, 0xc3, 0x08, 0x9f, 0x7b, 0x71, 0x65, 0xcf, 0x54,
-	0xb0, 0xb3, 0x41, 0x14, 0xbb, 0x20, 0xd1, 0x28, 0x70, 0x8d, 0xbe, 0xa8, 0x8e, 0xde, 0x87, 0xa9,
-	0x2d, 0x37, 0x8c, 0x62, 0x7a, 0xdd, 0x8e, 0x62, 0x67, 0xaf, 0xfd, 0x10, 0xb7, 0x74, 0x35, 0x0e,
-	0xab, 0x06, 0x25, 0x9c, 0xa2, 0x8c, 0xb6, 0x61, 0x92, 0x5e, 0x1c, 0x93, 0xa6, 0x46, 0x4f, 0xdc,
-	0x94, 0x52, 0xc3, 0xdd, 0xd2, 0x09, 0x61, 0x93, 0x2e, 0x65, 0x26, 0x4d, 0x76, 0xd1, 0x1c, 0x63,
-	0x12, 0x85, 0x62, 0x26, 0xfc, 0x86, 0xc9, 0x61, 0x94, 0x27, 0x31, 0x53, 0x91, 0x92, 0xc9, 0x93,
-	0x34, 0x83, 0x90, 0xaf, 0x42, 0x89, 0xd0, 0x21, 0xa4, 0x84, 0xc5, 0x63, 0xc3, 0xc2, 0x60, 0x7d,
-	0x5d, 0x73, 0x9b, 0x61, 0x60, 0xea, 0x47, 0x56, 0x24, 0x25, 0x9c, 0x10, 0x45, 0xcb, 0x30, 0x12,
-	0x91, 0xd0, 0x25, 0x91, 0x78, 0x76, 0xe8, 0x31, 0x8d, 0x0c, 0x8d, 0x9b, 0x90, 0xf2, 0xdf, 0x58,
-	0x54, 0xa5, 0xcb, 0xcb, 0x61, 0xb7, 0x21, 0xf6, 0xd2, 0xa0, 0x2d, 0xaf, 0x45, 0x56, 0x8a, 0x05,
-	0x14, 0xbd, 0x0d, 0xa3, 0x21, 0xf1, 0x98, 0x02, 0x6e, 0x72, 0xf0, 0x45, 0xce, 0xf5, 0x79, 0xbc,
-	0x1e, 0x96, 0x04, 0xd0, 0x4d, 0x40, 0x21, 0xa1, 0x32, 0x84, 0xeb, 0x6f, 0x2b, 0x03, 0x0a, 0xf1,
-	0x7e, 0xf0, 0x84, 0x68, 0xff, 0x1c, 0x4e, 0x30, 0xfc, 0x38, 0x0c, 0x3c, 0x8f, 0x84, 0x38, 0xa3,
-	0x1a, 0xba, 0x0e, 0xb3, 0xaa, 0xb4, 0xe6, 0x47, 0xb1, 0xe3, 0x37, 0x09, 0x7b, 0x3a, 0x28, 0x25,
-	0x52, 0x11, 0x4e, 0x23, 0xe0, 0xee, 0x3a, 0xf6, 0xd7, 0xa9, 0x38, 0x43, 0x47, 0xeb, 0x0c, 0x64,
-	0x81, 0xb7, 0x4c, 0x59, 0xe0, 0x62, 0xee, 0xcc, 0xe5, 0xc8, 0x01, 0x47, 0x16, 0x8c, 0x6b, 0x33,
-	0x9b, 0xac, 0x59, 0xab, 0xc7, 0x9a, 0xed, 0xc0, 0x0c, 0x5d, 0xe9, 0xb7, 0x37, 0x99, 0x37, 0x45,
-	0x8b, 0x2d, 0xcc, 0xc2, 0xc3, 0x2d, 0xcc, 0xb2, 0x68, 0x60, 0xe6, 0x56, 0x8a, 0x20, 0xee, 0x6a,
-	0x02, 0xbd, 0x21, 0xb5, 0x51, 0x45, 0xc3, 0x30, 0x8a, 0x6b, 0x9a, 0x8e, 0x0f, 0x2b, 0x33, 0xda,
-	0x87, 0xe8, 0xda, 0x27, 0xfb, 0xab, 0xf2, 0x1b, 0x39, 0xb3, 0x59, 0x80, 0x52, 0x53, 0x2d, 0x16,
-	0xcb, 0xb4, 0xa5, 0x55, 0xcb, 0x01, 0x27, 0x38, 0x74, 0x8f, 0xd2, 0x2b, 0x48, 0xda, 0x96, 0x8f,
-	0x5e, 0x50, 0x30, 0x83, 0xd8, 0xaf, 0x02, 0xac, 0x3c, 0x20, 0x4d, 0xbe, 0xd4, 0xf5, 0x47, 0x5d,
-	0x2b, 0xff, 0x51, 0xd7, 0xfe, 0x8f, 0x16, 0x4c, 0xad, 0x2e, 0x1b, 0xd7, 0xc4, 0x79, 0x00, 0x7e,
-	0x37, 0xba, 0x77, 0x6f, 0x5d, 0xbe, 0x57, 0x70, 0x95, 0xb3, 0x2a, 0xc5, 0x1a, 0x06, 0xba, 0x08,
-	0x45, 0xaf, 0xe3, 0x8b, 0x2b, 0xcb, 0xe8, 0xd1, 0x61, 0xa5, 0x78, 0xab, 0xe3, 0x63, 0x5a, 0xa6,
-	0x99, 0xcf, 0x15, 0x07, 0x36, 0x9f, 0xeb, 0xeb, 0x25, 0x81, 0x2a, 0x30, 0x7c, 0xff, 0xbe, 0xdb,
-	0x8a, 0xca, 0xc3, 0xc9, 0x5b, 0xca, 0xbd, 0x7b, 0xb5, 0x6a, 0x84, 0x79, 0xb9, 0xfd, 0x97, 0x8a,
-	0x30, 0xb3, 0xea, 0x91, 0x07, 0x0f, 0x65, 0x85, 0x3b, 0xa8, 0xc9, 0xdf, 0x9d, 0x6e, 0x29, 0xf1,
-	0xb4, 0x8d, 0x1c, 0xfb, 0x0f, 0xc5, 0x7b, 0x30, 0xca, 0x6d, 0x03, 0xf8, 0x60, 0x8c, 0x5f, 0x7d,
-	0x25, 0xab, 0x0b, 0xe9, 0xb1, 0x98, 0x17, 0xea, 0x38, 0x6e, 0x28, 0xa5, 0x8e, 0x56, 0x51, 0x8a,
-	0x25, 0xc9, 0xb9, 0xcf, 0xc3, 0x84, 0x8e, 0x79, 0x22, 0x8b, 0xa9, 0xbf, 0x6c, 0xc1, 0xb9, 0x55,
-	0x2f, 0x68, 0xee, 0xa6, 0xec, 0x2f, 0x5f, 0x87, 0x71, 0xca, 0x34, 0x22, 0xc3, 0xf2, 0xdc, 0xf0,
-	0x45, 0x10, 0x20, 0xac, 0xe3, 0x69, 0xd5, 0xee, 0xdc, 0xa9, 0x55, 0xb3, 0x5c, 0x18, 0x04, 0x08,
-	0xeb, 0x78, 0xf6, 0x6f, 0x58, 0xf0, 0xd4, 0xf5, 0xe5, 0x95, 0xc4, 0x04, 0xb9, 0xcb, 0x8b, 0x82,
-	0x5e, 0x39, 0x5a, 0x5a, 0x57, 0x92, 0x2b, 0x47, 0x95, 0xf5, 0x42, 0x40, 0x3f, 0x29, 0x1e, 0x42,
-	0x3f, 0x69, 0xc1, 0xb9, 0xeb, 0x6e, 0x4c, 0xcf, 0x80, 0xb4, 0x3d, 0x3f, 0x3d, 0x04, 0x22, 0x37,
-	0x0e, 0xc2, 0x83, 0xb4, 0x3d, 0x3f, 0x56, 0x10, 0xac, 0x61, 0xf1, 0x96, 0xf7, 0xdd, 0x88, 0xf6,
-	0xb4, 0x60, 0xea, 0x3d, 0xb0, 0x28, 0xc7, 0x0a, 0x83, 0x7e, 0x58, 0xcb, 0x0d, 0x99, 0xdc, 0x7a,
-	0x20, 0xb6, 0xb3, 0xfa, 0xb0, 0xaa, 0x04, 0xe0, 0x04, 0xc7, 0xfe, 0x51, 0x0b, 0x2e, 0x5c, 0xf7,
-	0x3a, 0x51, 0x4c, 0xc2, 0xad, 0xc8, 0xe8, 0xec, 0xab, 0x50, 0x22, 0xf2, 0x6e, 0x28, 0xfa, 0xaa,
-	0xa4, 0x19, 0x75, 0x69, 0xe4, 0xce, 0x04, 0x0a, 0x6f, 0x00, 0x63, 0xe6, 0x93, 0x19, 0xe1, 0xfe,
-	0x4c, 0x01, 0x26, 0x6f, 0x6c, 0x6c, 0xd4, 0xaf, 0x93, 0x58, 0xb0, 0xcc, 0xfe, 0x7a, 0x4d, 0xac,
-	0xa9, 0x67, 0x7a, 0x49, 0xe0, 0x9d, 0xd8, 0xf5, 0xe6, 0xb9, 0xf7, 0xda, 0x7c, 0xcd, 0x8f, 0x6f,
-	0x87, 0x8d, 0x38, 0x74, 0xfd, 0xed, 0x4c, 0x85, 0x8e, 0x64, 0xec, 0xc5, 0x3c, 0xc6, 0x8e, 0x5e,
-	0x85, 0x11, 0xe6, 0x3e, 0x27, 0x65, 0xe1, 0x27, 0x94, 0x00, 0xcb, 0x4a, 0x8f, 0x0f, 0x2b, 0xa5,
-	0x3b, 0xb8, 0xc6, 0xff, 0x60, 0x81, 0x8a, 0xee, 0xc0, 0xf8, 0x4e, 0x1c, 0xb7, 0x6f, 0x10, 0xa7,
-	0x45, 0x42, 0xc9, 0x1d, 0x2e, 0x65, 0x71, 0x07, 0x3a, 0x08, 0x1c, 0x2d, 0xd9, 0x50, 0x49, 0x59,
-	0x84, 0x75, 0x3a, 0x76, 0x03, 0x20, 0x81, 0x9d, 0xd2, 0x65, 0xd6, 0xfe, 0x7d, 0x0b, 0x46, 0xb9,
-	0x27, 0x43, 0x88, 0xbe, 0x00, 0x43, 0xe4, 0x01, 0x69, 0x0a, 0x31, 0x25, 0xb3, 0xc3, 0xc9, 0x29,
-	0xc7, 0x55, 0xb3, 0xf4, 0x3f, 0x66, 0xb5, 0xd0, 0x0d, 0x18, 0xa5, 0xbd, 0xbd, 0xae, 0xdc, 0x3a,
-	0x9e, 0xce, 0xfb, 0x62, 0x35, 0xed, 0xfc, 0x60, 0x14, 0x45, 0x58, 0x56, 0x67, 0x6a, 0xc6, 0x66,
-	0xbb, 0x41, 0x19, 0x58, 0xdc, 0x4b, 0x09, 0xb0, 0xb1, 0x5c, 0xe7, 0x48, 0x82, 0x1a, 0x57, 0x33,
-	0xca, 0x42, 0x9c, 0x10, 0xb1, 0x37, 0xa0, 0x44, 0x27, 0x75, 0xd1, 0x73, 0x9d, 0xde, 0x1a, 0xce,
-	0x17, 0xa1, 0x24, 0xb5, 0x8d, 0x91, 0xf0, 0xb5, 0x60, 0x54, 0xa5, 0x32, 0x32, 0xc2, 0x09, 0xdc,
-	0xde, 0x82, 0xf3, 0xec, 0xe9, 0xde, 0x89, 0x77, 0x8c, 0x3d, 0xd6, 0x7f, 0x31, 0xbf, 0x24, 0xa4,
-	0x7e, 0x3e, 0x33, 0x65, 0xcd, 0x38, 0x7c, 0x42, 0x52, 0x4c, 0x6e, 0x00, 0xf6, 0x1f, 0x0e, 0xc1,
-	0x13, 0xb5, 0x46, 0xbe, 0x93, 0xcb, 0x35, 0x98, 0xe0, 0x32, 0x01, 0x5d, 0xda, 0x8e, 0x27, 0xda,
-	0x55, 0x0f, 0x5b, 0x1b, 0x1a, 0x0c, 0x1b, 0x98, 0xe8, 0x29, 0x28, 0xba, 0x1f, 0xf8, 0x69, 0x4b,
-	0xd0, 0xda, 0x3b, 0xeb, 0x98, 0x96, 0x53, 0x30, 0x15, 0x2f, 0x38, 0x2b, 0x55, 0x60, 0x25, 0x62,
-	0xbc, 0x05, 0x53, 0x6e, 0xd4, 0x8c, 0xdc, 0x9a, 0x4f, 0xf9, 0x4c, 0xe2, 0x20, 0x95, 0xdc, 0x48,
-	0x69, 0xa7, 0x15, 0x14, 0xa7, 0xb0, 0x35, 0xbe, 0x3e, 0x3c, 0xb0, 0x88, 0xd2, 0xd7, 0xf9, 0x80,
-	0x4a, 0x5f, 0x6d, 0xf6, 0x75, 0x11, 0xb3, 0x4a, 0x13, 0xd2, 0x17, 0xff, 0xe0, 0x08, 0x4b, 0x18,
-	0x15, 0xf7, 0x9b, 0x3b, 0x4e, 0x7b, 0xb1, 0x13, 0xef, 0x54, 0xdd, 0xa8, 0x19, 0xec, 0x93, 0xf0,
-	0x80, 0xdd, 0xd4, 0xc6, 0x12, 0x71, 0x5f, 0x01, 0x96, 0x6f, 0x2c, 0xd6, 0x29, 0x26, 0xee, 0xae,
-	0x63, 0xaa, 0xac, 0xe0, 0x34, 0x5c, 0x55, 0x16, 0x61, 0x5a, 0x36, 0xd3, 0x20, 0x11, 0x3b, 0x23,
-	0xc6, 0x59, 0xc7, 0x94, 0xeb, 0xa2, 0x28, 0x56, 0xdd, 0x4a, 0xe3, 0xa3, 0x37, 0x60, 0xd2, 0xf5,
-	0xdd, 0xd8, 0x75, 0xe2, 0x20, 0x64, 0x27, 0x2c, 0xbf, 0x94, 0xb1, 0x17, 0xb8, 0x9a, 0x0e, 0xc0,
-	0x26, 0x9e, 0xfd, 0x07, 0x43, 0x30, 0xcb, 0xa6, 0xed, 0x9b, 0x2b, 0xec, 0x13, 0xb3, 0xc2, 0xee,
-	0x74, 0xaf, 0xb0, 0xd3, 0x10, 0x77, 0x3f, 0xce, 0x65, 0xf6, 0x3e, 0x94, 0x94, 0x31, 0xaf, 0xb4,
-	0x47, 0xb7, 0x72, 0xec, 0xd1, 0xfb, 0x4b, 0x1f, 0xf2, 0xcd, 0xb0, 0x98, 0xf9, 0x66, 0xf8, 0x77,
-	0x2c, 0x48, 0x6c, 0x1a, 0xd1, 0x0d, 0x28, 0xb5, 0x03, 0x66, 0x37, 0x10, 0x4a, 0x63, 0x9c, 0x27,
-	0x32, 0x0f, 0x2a, 0x7e, 0x28, 0xf2, 0xf1, 0xab, 0xcb, 0x1a, 0x38, 0xa9, 0x8c, 0x96, 0x60, 0xb4,
-	0x1d, 0x92, 0x46, 0xcc, 0xbc, 0xf2, 0xfa, 0xd2, 0xe1, 0x6b, 0x84, 0xe3, 0x63, 0x59, 0xd1, 0xfe,
-	0x59, 0x0b, 0x80, 0x3f, 0xcb, 0x39, 0xfe, 0x36, 0x39, 0x03, 0x55, 0x63, 0x15, 0x86, 0xa2, 0x36,
-	0x69, 0xf6, 0xb2, 0xe8, 0x48, 0xfa, 0xd3, 0x68, 0x93, 0x66, 0x32, 0xe0, 0xf4, 0x1f, 0x66, 0xb5,
-	0xed, 0xef, 0x01, 0x98, 0x4a, 0xd0, 0x6a, 0x31, 0xd9, 0x43, 0x2f, 0x1b, 0x3e, 0x4f, 0x17, 0x53,
-	0x3e, 0x4f, 0x25, 0x86, 0xad, 0x69, 0xb5, 0xde, 0x87, 0xe2, 0x9e, 0xf3, 0x40, 0xa8, 0x2d, 0x5e,
-	0xec, 0xdd, 0x0d, 0x4a, 0x7f, 0x7e, 0xcd, 0x79, 0xc0, 0xef, 0x4c, 0x2f, 0xca, 0x05, 0xb2, 0xe6,
-	0x3c, 0x38, 0xe6, 0x76, 0x1b, 0x8c, 0x49, 0xdd, 0x72, 0xa3, 0xf8, 0x6b, 0xff, 0x25, 0xf9, 0xcf,
-	0x96, 0x1d, 0x6d, 0x84, 0xb5, 0xe5, 0xfa, 0xe2, 0x91, 0x6a, 0xa0, 0xb6, 0x5c, 0x3f, 0xdd, 0x96,
-	0xeb, 0x0f, 0xd0, 0x96, 0xeb, 0xa3, 0x0f, 0x61, 0x54, 0x3c, 0x08, 0x33, 0x63, 0x6d, 0x53, 0x25,
-	0x92, 0xd7, 0x9e, 0x78, 0x4f, 0xe6, 0x6d, 0x2e, 0xc8, 0x3b, 0xa1, 0x28, 0xed, 0xdb, 0xae, 0x6c,
-	0x10, 0xfd, 0x2d, 0x0b, 0xa6, 0xc4, 0x6f, 0x4c, 0x3e, 0xe8, 0x90, 0x28, 0x16, 0xb2, 0xe7, 0xe7,
-	0x06, 0xef, 0x83, 0xa8, 0xc8, 0xbb, 0xf2, 0x39, 0xc9, 0x66, 0x4d, 0x60, 0xdf, 0x1e, 0xa5, 0x7a,
-	0x81, 0xfe, 0x89, 0x05, 0xe7, 0xf7, 0x9c, 0x07, 0xbc, 0x45, 0x5e, 0x86, 0x9d, 0xd8, 0x0d, 0x84,
-	0xf1, 0xf9, 0x17, 0x06, 0x9b, 0xfe, 0xae, 0xea, 0xbc, 0x93, 0xd2, 0x4e, 0xf5, 0x7c, 0x16, 0x4a,
-	0xdf, 0xae, 0x66, 0xf6, 0x6b, 0x6e, 0x0b, 0xc6, 0xe4, 0x7a, 0xcb, 0xb8, 0x79, 0x57, 0x75, 0xc1,
-	0xfa, 0xc4, 0xef, 0xf1, 0xda, 0x4d, 0x9d, 0xb5, 0x23, 0xd6, 0xda, 0x23, 0x6d, 0xe7, 0x7d, 0x98,
-	0xd0, 0xd7, 0xd8, 0x23, 0x6d, 0xeb, 0x03, 0x38, 0x97, 0xb1, 0x96, 0x1e, 0x69, 0x93, 0xf7, 0xe1,
-	0x62, 0xee, 0xfa, 0x78, 0x94, 0x0d, 0xdb, 0x3f, 0x63, 0xe9, 0x7c, 0xf0, 0x0c, 0xf4, 0xbd, 0xcb,
-	0xa6, 0xbe, 0xf7, 0x52, 0xef, 0x9d, 0x93, 0xa3, 0xf4, 0x7d, 0x4f, 0xef, 0x34, 0xe5, 0xea, 0xe8,
-	0x6d, 0x18, 0xf1, 0x68, 0x89, 0xb4, 0x44, 0xb0, 0xfb, 0xef, 0xc8, 0x44, 0x96, 0x62, 0xe5, 0x11,
-	0x16, 0x14, 0xec, 0x5f, 0xb0, 0x60, 0xe8, 0x0c, 0x46, 0x02, 0x9b, 0x23, 0xf1, 0x72, 0x2e, 0x69,
-	0x11, 0x06, 0x67, 0x1e, 0x3b, 0xf7, 0x57, 0x64, 0xa8, 0x9f, 0x9c, 0x81, 0xf9, 0xbf, 0x05, 0x18,
-	0xa7, 0x4d, 0x49, 0x93, 0xb9, 0x37, 0x61, 0xd2, 0x73, 0x36, 0x89, 0x27, 0x1f, 0x0d, 0xd3, 0x0a,
-	0x93, 0x5b, 0x3a, 0x10, 0x9b, 0xb8, 0xb4, 0xf2, 0x96, 0xfe, 0x7e, 0x2a, 0xe4, 0x17, 0x55, 0xd9,
-	0x78, 0x5c, 0xc5, 0x26, 0x2e, 0xbd, 0xbb, 0xdf, 0x77, 0xe2, 0xe6, 0x8e, 0x50, 0xa6, 0xa8, 0xee,
-	0xde, 0xa3, 0x85, 0x98, 0xc3, 0xa8, 0x00, 0x27, 0x57, 0xe7, 0x5d, 0x7a, 0x33, 0x0c, 0x7c, 0x21,
-	0x1e, 0x2b, 0x01, 0x0e, 0x9b, 0x60, 0x9c, 0xc6, 0xcf, 0x70, 0x7e, 0x1e, 0x66, 0x06, 0x81, 0x03,
-	0x38, 0x3f, 0xa3, 0x3a, 0x9c, 0x77, 0xfd, 0xa6, 0xd7, 0x69, 0x91, 0x3b, 0x3e, 0x97, 0xee, 0x3c,
-	0xf7, 0x43, 0xd2, 0x12, 0x02, 0xb4, 0xb2, 0xdd, 0xac, 0x65, 0xe0, 0xe0, 0xcc, 0x9a, 0xf6, 0x5f,
-	0x80, 0x73, 0xb7, 0x02, 0xa7, 0xb5, 0xe4, 0x78, 0x8e, 0xdf, 0x24, 0x61, 0xcd, 0xdf, 0xee, 0x6b,
-	0x92, 0xa4, 0x1b, 0x10, 0x15, 0xfa, 0x19, 0x10, 0xd9, 0x3b, 0x80, 0xf4, 0x06, 0x84, 0x21, 0x2c,
-	0x86, 0x51, 0x97, 0x37, 0x25, 0x96, 0xff, 0x73, 0xd9, 0xd2, 0x75, 0x57, 0xcf, 0x34, 0x13, 0x4f,
-	0x5e, 0x80, 0x25, 0x21, 0xfb, 0x1a, 0x64, 0x3a, 0xbf, 0xf5, 0x57, 0xdb, 0xd8, 0xaf, 0xc3, 0x2c,
-	0xab, 0x79, 0x32, 0x95, 0x82, 0xfd, 0xd7, 0x2c, 0x98, 0x5e, 0x4f, 0x85, 0x2b, 0x78, 0x96, 0x3d,
-	0xec, 0x65, 0xe8, 0xdd, 0x1b, 0xac, 0x14, 0x0b, 0xe8, 0xa9, 0xeb, 0xf7, 0xfe, 0xd4, 0x82, 0x92,
-	0x8a, 0x84, 0x72, 0x06, 0x42, 0xed, 0xb2, 0x21, 0xd4, 0x66, 0xea, 0x9d, 0x54, 0x77, 0xf2, 0x64,
-	0x5a, 0x74, 0x53, 0x39, 0xde, 0xf7, 0x50, 0x39, 0x25, 0x64, 0xb8, 0x9b, 0xf6, 0x94, 0xe9, 0x9d,
-	0x2f, 0x5d, 0xf1, 0x99, 0x4d, 0x90, 0xc2, 0xfd, 0x84, 0xd8, 0x04, 0xa9, 0xfe, 0xe4, 0x70, 0xbf,
-	0xba, 0xd6, 0x65, 0x76, 0x2a, 0x7c, 0x2b, 0xb3, 0x9b, 0x67, 0x7b, 0x53, 0xc5, 0xbb, 0xa8, 0x08,
-	0x3b, 0x78, 0x51, 0x7a, 0xcc, 0x18, 0x99, 0xf8, 0xc7, 0xa3, 0xd6, 0x24, 0x55, 0xec, 0x1b, 0x30,
-	0x9d, 0x1a, 0x30, 0xf4, 0x3a, 0x0c, 0xb7, 0x77, 0x9c, 0x88, 0xa4, 0xec, 0x20, 0x87, 0xeb, 0xb4,
-	0xf0, 0xf8, 0xb0, 0x32, 0xa5, 0x2a, 0xb0, 0x12, 0xcc, 0xb1, 0xed, 0xff, 0x69, 0xc1, 0xd0, 0x7a,
-	0xd0, 0x3a, 0x8b, 0xc5, 0xf4, 0x96, 0xb1, 0x98, 0x9e, 0xcc, 0x8b, 0xf9, 0x95, 0xbb, 0x8e, 0x56,
-	0x53, 0xeb, 0xe8, 0x52, 0x2e, 0x85, 0xde, 0x4b, 0x68, 0x0f, 0xc6, 0x59, 0x24, 0x31, 0x61, 0x97,
-	0xf9, 0xaa, 0x71, 0xbf, 0xaa, 0xa4, 0xee, 0x57, 0xd3, 0x1a, 0xaa, 0x76, 0xcb, 0x7a, 0x1e, 0x46,
-	0x85, 0x6d, 0x60, 0xda, 0x43, 0x40, 0xe0, 0x62, 0x09, 0xb7, 0x7f, 0xac, 0x08, 0x46, 0xe4, 0x32,
-	0xf4, 0xcb, 0x16, 0xcc, 0x87, 0xdc, 0xe5, 0xb2, 0x55, 0xed, 0x84, 0xae, 0xbf, 0xdd, 0x68, 0xee,
-	0x90, 0x56, 0xc7, 0x73, 0xfd, 0xed, 0xda, 0xb6, 0x1f, 0xa8, 0xe2, 0x95, 0x07, 0xa4, 0xd9, 0x61,
-	0x6f, 0x2e, 0x7d, 0xc2, 0xa4, 0x29, 0xdb, 0x9b, 0xab, 0x47, 0x87, 0x95, 0x79, 0x7c, 0x22, 0xda,
-	0xf8, 0x84, 0x7d, 0x41, 0xbf, 0x61, 0xc1, 0x02, 0x0f, 0xe8, 0x35, 0x78, 0xff, 0x7b, 0xdc, 0x46,
-	0xeb, 0x92, 0x54, 0x42, 0x64, 0x83, 0x84, 0x7b, 0x4b, 0x6f, 0x88, 0x01, 0x5d, 0xa8, 0x9f, 0xac,
-	0x2d, 0x7c, 0xd2, 0xce, 0xd9, 0xff, 0xa6, 0x08, 0x93, 0x74, 0x14, 0x93, 0x30, 0x23, 0xaf, 0x1b,
-	0x4b, 0xe2, 0xe9, 0xd4, 0x92, 0x98, 0x35, 0x90, 0x4f, 0x27, 0xc2, 0x48, 0x04, 0xb3, 0x9e, 0x13,
-	0xc5, 0x37, 0x88, 0x13, 0xc6, 0x9b, 0xc4, 0xe1, 0x36, 0x29, 0xc5, 0x13, 0xdb, 0xcf, 0x28, 0xf5,
-	0xd7, 0xad, 0x34, 0x31, 0xdc, 0x4d, 0x1f, 0xed, 0x03, 0x62, 0x86, 0x35, 0xa1, 0xe3, 0x47, 0xfc,
-	0x5b, 0x5c, 0xf1, 0x1e, 0x73, 0xb2, 0x56, 0xe7, 0x44, 0xab, 0xe8, 0x56, 0x17, 0x35, 0x9c, 0xd1,
-	0x82, 0x66, 0x30, 0x35, 0x3c, 0xa8, 0xc1, 0xd4, 0x48, 0x1f, 0x37, 0x9c, 0x3d, 0x98, 0x11, 0xb3,
-	0xb2, 0xe5, 0x6e, 0x8b, 0x43, 0xfa, 0xcb, 0x29, 0x83, 0x4a, 0x6b, 0x70, 0xab, 0x98, 0x3e, 0xd6,
-	0x94, 0xf6, 0x77, 0xc2, 0x39, 0xda, 0x9c, 0xe9, 0x34, 0x12, 0x21, 0x02, 0xd3, 0xbb, 0x9d, 0x4d,
-	0xe2, 0x91, 0x58, 0x96, 0x89, 0x46, 0x33, 0xc5, 0x7e, 0xb3, 0x76, 0x22, 0x5b, 0xde, 0x34, 0x49,
-	0xe0, 0x34, 0x4d, 0xfb, 0x27, 0x2c, 0x60, 0xa6, 0xd9, 0x67, 0x70, 0xfc, 0x7d, 0xd1, 0x3c, 0xfe,
-	0xca, 0x79, 0x1c, 0x28, 0xe7, 0xe4, 0x7b, 0x8d, 0x4f, 0x4b, 0x3d, 0x0c, 0x1e, 0x1c, 0x48, 0xd9,
-	0xbf, 0xbf, 0xc4, 0xf5, 0x7f, 0x2c, 0xbe, 0x21, 0x95, 0x07, 0x3a, 0xfa, 0x2e, 0x18, 0x6b, 0x3a,
-	0x6d, 0xa7, 0xc9, 0x43, 0x46, 0xe6, 0x6a, 0x7f, 0x8c, 0x4a, 0xf3, 0xcb, 0xa2, 0x06, 0xd7, 0x66,
-	0x7c, 0x56, 0x7e, 0xa5, 0x2c, 0xee, 0xab, 0xc1, 0x50, 0x4d, 0xce, 0xed, 0xc2, 0xa4, 0x41, 0xec,
-	0x91, 0x5e, 0x7d, 0xbf, 0x8b, 0x1f, 0x17, 0xea, 0xc6, 0xb2, 0x07, 0xb3, 0xbe, 0xf6, 0x9f, 0x32,
-	0x47, 0x29, 0x4e, 0x7f, 0xba, 0xdf, 0x81, 0xc0, 0x38, 0xa9, 0x66, 0x7a, 0x9e, 0x22, 0x83, 0xbb,
-	0x29, 0xdb, 0x7f, 0xcf, 0x82, 0xc7, 0x75, 0x44, 0x2d, 0x38, 0x40, 0x3f, 0x7d, 0x72, 0x15, 0xc6,
-	0x82, 0x36, 0x09, 0x9d, 0xe4, 0x4e, 0x76, 0x45, 0x0e, 0xfa, 0x6d, 0x51, 0x7e, 0x7c, 0x58, 0x39,
-	0xaf, 0x53, 0x97, 0xe5, 0x58, 0xd5, 0x44, 0x36, 0x8c, 0xb0, 0xc1, 0x88, 0x44, 0xe0, 0x06, 0x66,
-	0x13, 0xc7, 0x9e, 0x56, 0x23, 0x2c, 0x20, 0xf6, 0xf7, 0x58, 0x7c, 0x61, 0xe9, 0x5d, 0x47, 0x1f,
-	0xc0, 0xcc, 0x1e, 0xbd, 0xbe, 0xad, 0x3c, 0x68, 0x87, 0x5c, 0x8d, 0x2e, 0xc7, 0xe9, 0xc5, 0x7e,
-	0xe3, 0xa4, 0x7d, 0x64, 0x62, 0x39, 0xb5, 0x96, 0x22, 0x86, 0xbb, 0xc8, 0xdb, 0x7f, 0x5c, 0xe0,
-	0x3b, 0x91, 0x49, 0x75, 0xcf, 0xc3, 0x68, 0x3b, 0x68, 0x2d, 0xd7, 0xaa, 0x58, 0x8c, 0x90, 0x62,
-	0x57, 0x75, 0x5e, 0x8c, 0x25, 0x1c, 0x5d, 0x05, 0x20, 0x0f, 0x62, 0x12, 0xfa, 0x8e, 0xa7, 0x0c,
-	0x3f, 0x94, 0xf0, 0xb4, 0xa2, 0x20, 0x58, 0xc3, 0xa2, 0x75, 0xda, 0x61, 0xb0, 0xef, 0xb6, 0x98,
-	0x6b, 0x5b, 0xd1, 0xac, 0x53, 0x57, 0x10, 0xac, 0x61, 0xd1, 0xab, 0x72, 0xc7, 0x8f, 0xf8, 0x01,
-	0xe8, 0x6c, 0x8a, 0x58, 0x67, 0x63, 0xc9, 0x55, 0xf9, 0x8e, 0x0e, 0xc4, 0x26, 0x2e, 0x5a, 0x84,
-	0x91, 0xd8, 0x61, 0xe6, 0x0c, 0xc3, 0xf9, 0x36, 0x70, 0x1b, 0x14, 0x43, 0x8f, 0x21, 0x48, 0x2b,
-	0x60, 0x51, 0x11, 0xbd, 0x2b, 0x59, 0x30, 0x67, 0xc9, 0xc2, 0xf8, 0x34, 0x77, 0xd9, 0xea, 0xec,
-	0x5b, 0xe7, 0xc1, 0xc2, 0xa8, 0xd5, 0xa0, 0x65, 0x7f, 0x77, 0x09, 0x20, 0x91, 0xf6, 0xd0, 0x87,
-	0x5d, 0x2c, 0xe2, 0xa5, 0xde, 0xf2, 0xe1, 0xe9, 0xf1, 0x07, 0xf4, 0xbd, 0x16, 0x8c, 0x3b, 0x9e,
-	0x17, 0x34, 0x9d, 0x98, 0x8d, 0x72, 0xa1, 0x37, 0x8b, 0x12, 0xed, 0x2f, 0x26, 0x35, 0x78, 0x17,
-	0x5e, 0x95, 0x96, 0x0a, 0x1a, 0xa4, 0x6f, 0x2f, 0xf4, 0x86, 0xd1, 0x67, 0xe5, 0x25, 0x80, 0x2f,
-	0x8f, 0xb9, 0xf4, 0x25, 0xa0, 0xc4, 0xb8, 0xb1, 0x26, 0xff, 0xa3, 0x3b, 0x46, 0x50, 0xb0, 0xa1,
-	0xfc, 0xf8, 0x07, 0x86, 0xd0, 0xd3, 0x2f, 0x1e, 0x18, 0xaa, 0xeb, 0x4e, 0x38, 0xc3, 0xf9, 0x41,
-	0x42, 0x34, 0xe9, 0xba, 0x8f, 0x03, 0xce, 0xfb, 0x30, 0xdd, 0x32, 0x8f, 0x5b, 0xb1, 0x9a, 0x9e,
-	0xcb, 0xa3, 0x9b, 0x3a, 0x9d, 0x93, 0x03, 0x36, 0x05, 0xc0, 0x69, 0xc2, 0xa8, 0xce, 0xdd, 0xa1,
-	0x6a, 0xfe, 0x56, 0x20, 0x8c, 0x98, 0xed, 0xdc, 0xb9, 0x3c, 0x88, 0x62, 0xb2, 0x47, 0x31, 0x93,
-	0x73, 0x74, 0x5d, 0xd4, 0xc5, 0x8a, 0x0a, 0x7a, 0x1b, 0x46, 0x98, 0x8f, 0x6a, 0x54, 0x1e, 0xcb,
-	0xd7, 0x03, 0x9a, 0xe1, 0x15, 0x92, 0x4d, 0xc5, 0xfe, 0x46, 0x58, 0x50, 0x40, 0x37, 0x64, 0x0c,
-	0x96, 0xa8, 0xe6, 0xdf, 0x89, 0x08, 0x8b, 0xc1, 0x52, 0x5a, 0xfa, 0x74, 0x12, 0x5e, 0x85, 0x97,
-	0x67, 0x46, 0x0b, 0x36, 0x6a, 0x52, 0x79, 0x45, 0xfc, 0x97, 0x41, 0x88, 0xcb, 0x90, 0xdf, 0x3d,
-	0x33, 0x50, 0x71, 0x32, 0x9c, 0x77, 0x4d, 0x12, 0x38, 0x4d, 0xf3, 0x4c, 0x8f, 0xcf, 0x39, 0x1f,
-	0x66, 0xd2, 0x1b, 0xeb, 0x91, 0x1e, 0xd7, 0xbf, 0x3f, 0x04, 0x53, 0xe6, 0x42, 0x40, 0x0b, 0x50,
-	0x12, 0x44, 0x54, 0x3c, 0x46, 0xb5, 0xb6, 0xd7, 0x24, 0x00, 0x27, 0x38, 0x2c, 0x1e, 0x25, 0xab,
-	0xae, 0xd9, 0x01, 0x26, 0xf1, 0x28, 0x15, 0x04, 0x6b, 0x58, 0x54, 0x88, 0xde, 0x0c, 0x82, 0x58,
-	0x1d, 0x05, 0x6a, 0xb5, 0x2c, 0xb1, 0x52, 0x2c, 0xa0, 0xf4, 0x08, 0xd8, 0x25, 0xa1, 0x4f, 0x3c,
-	0x53, 0x93, 0xa9, 0x8e, 0x80, 0x9b, 0x3a, 0x10, 0x9b, 0xb8, 0xf4, 0x48, 0x0b, 0x22, 0xb6, 0xfc,
-	0x84, 0xa8, 0x9e, 0xd8, 0x55, 0x36, 0xb8, 0x8f, 0xb6, 0x84, 0xa3, 0x2f, 0xc3, 0xe3, 0xca, 0xa5,
-	0x1a, 0x73, 0xcd, 0xb0, 0x6c, 0x71, 0xc4, 0xb8, 0x59, 0x3f, 0xbe, 0x9c, 0x8d, 0x86, 0xf3, 0xea,
-	0xa3, 0xb7, 0x60, 0x4a, 0x88, 0xc0, 0x92, 0xe2, 0xa8, 0x69, 0xac, 0x70, 0xd3, 0x80, 0xe2, 0x14,
-	0x36, 0xaa, 0xc2, 0x0c, 0x2d, 0x61, 0x52, 0xa8, 0xa4, 0xc0, 0x5d, 0xc3, 0xd5, 0x59, 0x7f, 0x33,
-	0x05, 0xc7, 0x5d, 0x35, 0xd0, 0x22, 0x4c, 0x73, 0x19, 0x85, 0xde, 0x29, 0xd9, 0x3c, 0x08, 0xdf,
-	0x02, 0xb5, 0x11, 0x6e, 0x9b, 0x60, 0x9c, 0xc6, 0x47, 0xd7, 0x60, 0xc2, 0x09, 0x9b, 0x3b, 0x6e,
-	0x4c, 0x9a, 0x71, 0x27, 0xe4, 0x4e, 0x07, 0x9a, 0xb5, 0xc7, 0xa2, 0x06, 0xc3, 0x06, 0xa6, 0xfd,
-	0x21, 0x9c, 0xcb, 0x70, 0x4b, 0xa2, 0x0b, 0xc7, 0x69, 0xbb, 0xf2, 0x9b, 0x52, 0x16, 0x92, 0x8b,
-	0xf5, 0x9a, 0xfc, 0x1a, 0x0d, 0x8b, 0xae, 0x4e, 0xa6, 0x12, 0xd7, 0x22, 0x85, 0xab, 0xd5, 0xb9,
-	0x2a, 0x01, 0x38, 0xc1, 0xb1, 0x7f, 0x1d, 0x40, 0x53, 0xe8, 0x0c, 0x60, 0x1f, 0x77, 0x0d, 0x26,
-	0x64, 0x78, 0x7b, 0x2d, 0xac, 0xb2, 0xfa, 0xcc, 0xeb, 0x1a, 0x0c, 0x1b, 0x98, 0xb4, 0x6f, 0xbe,
-	0x0a, 0x0a, 0x9d, 0xb2, 0xc7, 0x4c, 0x42, 0x42, 0x27, 0x38, 0xe8, 0x25, 0x18, 0x8b, 0x88, 0xb7,
-	0x75, 0xcb, 0xf5, 0x77, 0xc5, 0xc2, 0x56, 0x5c, 0xb8, 0x21, 0xca, 0xb1, 0xc2, 0x40, 0x4b, 0x50,
-	0xec, 0xb8, 0x2d, 0xb1, 0x94, 0xe5, 0x81, 0x5f, 0xbc, 0x53, 0xab, 0x1e, 0x1f, 0x56, 0x9e, 0xce,
-	0x8b, 0xda, 0x4f, 0xaf, 0xf6, 0xd1, 0x3c, 0xdd, 0x7e, 0xb4, 0x72, 0xd6, 0xdb, 0xc0, 0xc8, 0x09,
-	0xdf, 0x06, 0xae, 0x02, 0x88, 0xaf, 0x96, 0x6b, 0xb9, 0x98, 0xcc, 0xda, 0x75, 0x05, 0xc1, 0x1a,
-	0x16, 0x8a, 0x60, 0xb6, 0x19, 0x12, 0x47, 0xde, 0xa1, 0xb9, 0x83, 0xcd, 0xd8, 0xc3, 0x2b, 0x08,
-	0x96, 0xd3, 0xc4, 0x70, 0x37, 0x7d, 0x14, 0xc0, 0x6c, 0x4b, 0x78, 0xf0, 0x27, 0x8d, 0x96, 0x4e,
-	0xee, 0xd5, 0xc3, 0x0c, 0x72, 0xd2, 0x84, 0x70, 0x37, 0x6d, 0xf4, 0x15, 0x98, 0x93, 0x85, 0xdd,
-	0x41, 0x13, 0xd8, 0x76, 0x29, 0x2e, 0x5d, 0x3a, 0x3a, 0xac, 0xcc, 0x55, 0x73, 0xb1, 0x70, 0x0f,
-	0x0a, 0x08, 0xc3, 0x08, 0x7b, 0x4b, 0x8a, 0xca, 0xe3, 0xec, 0x9c, 0x7b, 0x21, 0x5f, 0x19, 0x40,
-	0xd7, 0xfa, 0x3c, 0x7b, 0x87, 0x12, 0x26, 0xe5, 0xc9, 0xb3, 0x1c, 0x2b, 0xc4, 0x82, 0x12, 0xda,
-	0x82, 0x71, 0xc7, 0xf7, 0x83, 0xd8, 0xe1, 0x22, 0xd4, 0x44, 0xbe, 0xec, 0xa7, 0x11, 0x5e, 0x4c,
-	0x6a, 0x70, 0xea, 0xca, 0x4a, 0x55, 0x83, 0x60, 0x9d, 0x30, 0xba, 0x0f, 0xd3, 0xc1, 0x7d, 0xca,
-	0x1c, 0xa5, 0x96, 0x22, 0x2a, 0x4f, 0xb2, 0xb6, 0x5e, 0x1b, 0x50, 0x4f, 0x6b, 0x54, 0xd6, 0xb8,
-	0x96, 0x49, 0x14, 0xa7, 0x5b, 0x41, 0xf3, 0x86, 0xb6, 0x7a, 0x2a, 0xf1, 0x9d, 0x48, 0xb4, 0xd5,
-	0xba, 0x72, 0x9a, 0x05, 0xe1, 0xe0, 0x26, 0xd2, 0x6c, 0xf7, 0x4f, 0xa7, 0x82, 0x70, 0x24, 0x20,
-	0xac, 0xe3, 0xa1, 0x1d, 0x98, 0x48, 0x9e, 0xac, 0xc2, 0x88, 0x85, 0x00, 0x1b, 0xbf, 0x7a, 0x75,
-	0xb0, 0x8f, 0xab, 0x69, 0x35, 0xf9, 0xcd, 0x41, 0x2f, 0xc1, 0x06, 0xe5, 0xb9, 0x6f, 0x81, 0x71,
-	0x6d, 0x62, 0x4f, 0xe2, 0x01, 0x30, 0xf7, 0x16, 0xcc, 0xa4, 0xa7, 0xee, 0x44, 0x1e, 0x04, 0xff,
-	0xbb, 0x00, 0xd3, 0x19, 0x2f, 0x57, 0x2c, 0xf2, 0x7f, 0x8a, 0xa1, 0x26, 0x81, 0xfe, 0x4d, 0xb6,
-	0x58, 0x18, 0x80, 0x2d, 0x4a, 0x1e, 0x5d, 0xcc, 0xe5, 0xd1, 0x82, 0x15, 0x0e, 0x7d, 0x14, 0x56,
-	0x68, 0x9e, 0x3e, 0xc3, 0x03, 0x9d, 0x3e, 0xa7, 0xc0, 0x3e, 0x8d, 0x03, 0x6c, 0x74, 0x80, 0x03,
-	0xec, 0x07, 0x0b, 0x30, 0x93, 0xb6, 0xf0, 0x3d, 0x83, 0xf7, 0x8e, 0xb7, 0x8d, 0xf7, 0x8e, 0xec,
-	0x3c, 0x1a, 0x69, 0xbb, 0xe3, 0xbc, 0xb7, 0x0f, 0x9c, 0x7a, 0xfb, 0x78, 0x61, 0x20, 0x6a, 0xbd,
-	0xdf, 0x41, 0xfe, 0x7e, 0x01, 0x2e, 0xa4, 0xab, 0x2c, 0x7b, 0x8e, 0xbb, 0x77, 0x06, 0x63, 0x73,
-	0xdb, 0x18, 0x9b, 0x97, 0x07, 0xf9, 0x1a, 0xd6, 0xb5, 0xdc, 0x01, 0xba, 0x97, 0x1a, 0xa0, 0x85,
-	0xc1, 0x49, 0xf6, 0x1e, 0xa5, 0x6f, 0x14, 0xe1, 0x52, 0x66, 0xbd, 0xe4, 0xb9, 0x60, 0xd5, 0x78,
-	0x2e, 0xb8, 0x9a, 0x7a, 0x2e, 0xb0, 0x7b, 0xd7, 0x3e, 0x9d, 0xf7, 0x03, 0xe1, 0x7b, 0xcb, 0xc2,
-	0x53, 0x3e, 0xe4, 0xdb, 0x81, 0xe1, 0x7b, 0xab, 0x08, 0x61, 0x93, 0xee, 0x9f, 0xa7, 0x37, 0x83,
-	0x5f, 0xb7, 0xe0, 0x62, 0xe6, 0xdc, 0x9c, 0x81, 0x5e, 0x7d, 0xdd, 0xd4, 0xab, 0x3f, 0x3f, 0xf0,
-	0x6a, 0xcd, 0x51, 0xb4, 0xff, 0x41, 0x31, 0xe7, 0x5b, 0x98, 0x66, 0xf2, 0x36, 0x8c, 0x3b, 0xcd,
-	0x26, 0x89, 0xa2, 0xb5, 0xa0, 0xa5, 0xc2, 0x35, 0xbe, 0xcc, 0xa4, 0x8d, 0xa4, 0xf8, 0xf8, 0xb0,
-	0x32, 0x97, 0x26, 0x91, 0x80, 0xb1, 0x4e, 0xc1, 0x8c, 0x30, 0x5b, 0x38, 0xd5, 0x08, 0xb3, 0x57,
-	0x01, 0xf6, 0x95, 0xbe, 0x22, 0xad, 0xe6, 0xd4, 0x34, 0x19, 0x1a, 0x16, 0xfa, 0x0e, 0x76, 0x0b,
-	0xe0, 0xc6, 0x40, 0x7c, 0x29, 0xbe, 0x3a, 0xe0, 0x5c, 0xe9, 0x86, 0x45, 0x3c, 0xc8, 0x83, 0x52,
-	0x09, 0x2b, 0x92, 0xe8, 0xdb, 0x60, 0x26, 0xe2, 0x31, 0x84, 0x96, 0x3d, 0x27, 0x62, 0x4e, 0x5c,
-	0x62, 0x15, 0xb2, 0xc8, 0x0d, 0x8d, 0x14, 0x0c, 0x77, 0x61, 0xa3, 0x55, 0xf9, 0x51, 0x2c, 0xe0,
-	0x11, 0x5f, 0x98, 0xcf, 0x26, 0x1f, 0x24, 0xf2, 0x0e, 0x9d, 0x4f, 0x0f, 0x3f, 0x1b, 0x78, 0xad,
-	0xa6, 0xfd, 0x83, 0x43, 0xf0, 0x44, 0x0f, 0x26, 0x86, 0x16, 0x4d, 0x23, 0x80, 0x17, 0xd3, 0xfa,
-	0xbf, 0xb9, 0xcc, 0xca, 0x86, 0x42, 0x30, 0xb5, 0x56, 0x0a, 0x1f, 0x79, 0xad, 0x7c, 0x9f, 0xa5,
-	0x69, 0x66, 0xb9, 0xa9, 0xf0, 0x17, 0x4f, 0xc8, 0x9c, 0x4f, 0x51, 0x55, 0xbb, 0x95, 0xa1, 0xef,
-	0xbc, 0x3a, 0x70, 0x77, 0x06, 0x56, 0x80, 0x9e, 0xed, 0x93, 0xd1, 0xd7, 0x2c, 0x78, 0x3a, 0xb3,
-	0xbf, 0x86, 0xd1, 0xd2, 0x02, 0x94, 0x9a, 0xb4, 0x50, 0x73, 0x0c, 0x4d, 0xdc, 0xb3, 0x25, 0x00,
-	0x27, 0x38, 0x86, 0x6d, 0x52, 0xa1, 0xaf, 0x6d, 0xd2, 0xbf, 0xb6, 0xa0, 0x6b, 0x01, 0x9f, 0x01,
-	0x27, 0xad, 0x99, 0x9c, 0xf4, 0xd3, 0x83, 0xcc, 0x65, 0x0e, 0x13, 0xfd, 0xad, 0x69, 0x78, 0x2c,
-	0xc7, 0x13, 0x6c, 0x1f, 0x66, 0xb7, 0x9b, 0xc4, 0x74, 0xb9, 0x15, 0x1f, 0x93, 0xe9, 0x9d, 0xdc,
-	0xd3, 0x3f, 0x97, 0x5f, 0x88, 0xbb, 0x50, 0x70, 0x77, 0x13, 0xe8, 0x6b, 0x16, 0x9c, 0x77, 0xee,
-	0x47, 0x5d, 0x69, 0x01, 0xc5, 0x9a, 0x79, 0x2d, 0x53, 0x4f, 0xdb, 0x27, 0x8d, 0x20, 0x73, 0x8b,
-	0x3b, 0x9f, 0x85, 0x85, 0x33, 0xdb, 0x42, 0x58, 0x44, 0xd8, 0xa5, 0xf2, 0x76, 0x0f, 0xa7, 0xf0,
-	0x2c, 0x97, 0x3d, 0xce, 0x53, 0x25, 0x04, 0x2b, 0x3a, 0xe8, 0x2e, 0x94, 0xb6, 0xa5, 0x1f, 0xad,
-	0xe0, 0xd9, 0x99, 0x87, 0x60, 0xa6, 0xb3, 0x2d, 0xf7, 0x1d, 0x51, 0x20, 0x9c, 0x90, 0x42, 0x6f,
-	0x41, 0xd1, 0xdf, 0x8a, 0x7a, 0x65, 0x36, 0x4a, 0xd9, 0xf2, 0x71, 0xef, 0xfe, 0xf5, 0xd5, 0x06,
-	0xa6, 0x15, 0xd1, 0x0d, 0x28, 0x86, 0x9b, 0x2d, 0xf1, 0xb4, 0x90, 0x29, 0x97, 0xe2, 0xa5, 0x6a,
-	0xf6, 0x22, 0xe1, 0x94, 0xf0, 0x52, 0x15, 0x53, 0x12, 0xa8, 0x0e, 0xc3, 0xcc, 0x69, 0x4a, 0xbc,
-	0x20, 0x64, 0x0a, 0xa4, 0x3d, 0x9c, 0x0f, 0x79, 0x08, 0x00, 0x86, 0x80, 0x39, 0x21, 0xf4, 0x36,
-	0x8c, 0x34, 0x59, 0xf2, 0x1f, 0xa1, 0xf8, 0xc9, 0x8e, 0x0d, 0xd5, 0x95, 0x1e, 0x88, 0xbf, 0xa0,
-	0xf2, 0x72, 0x2c, 0x28, 0xa0, 0x0d, 0x18, 0x69, 0x92, 0xf6, 0xce, 0x56, 0x24, 0xf4, 0x39, 0x9f,
-	0xcd, 0xa4, 0xd5, 0x23, 0xd7, 0x95, 0xa0, 0xca, 0x30, 0xb0, 0xa0, 0x85, 0x3e, 0x0f, 0x85, 0xad,
-	0xa6, 0xf0, 0xa4, 0xca, 0x7c, 0x43, 0x30, 0xc3, 0x32, 0x2c, 0x8d, 0x1c, 0x1d, 0x56, 0x0a, 0xab,
-	0xcb, 0xb8, 0xb0, 0xd5, 0x44, 0xeb, 0x30, 0xba, 0xc5, 0x7d, 0xeb, 0x45, 0xb4, 0x94, 0xe7, 0xb2,
-	0xdd, 0xfe, 0xbb, 0xdc, 0xef, 0xb9, 0x07, 0x90, 0x00, 0x60, 0x49, 0x04, 0x6d, 0x00, 0x6c, 0xa9,
-	0x18, 0x01, 0x22, 0x4a, 0xfb, 0xa7, 0x07, 0x89, 0x24, 0x20, 0x94, 0x1b, 0xaa, 0x14, 0x6b, 0x74,
-	0xd0, 0x57, 0xa1, 0xe4, 0xc8, 0xe4, 0x73, 0x22, 0xce, 0xca, 0xab, 0x99, 0x9b, 0xb0, 0x77, 0x5e,
-	0x3e, 0xbe, 0x82, 0x15, 0x12, 0x4e, 0x88, 0xa2, 0x5d, 0x98, 0xdc, 0x8f, 0xda, 0x3b, 0x44, 0x6e,
-	0x5a, 0x16, 0x76, 0x25, 0xe7, 0x90, 0xba, 0x2b, 0x10, 0xdd, 0x30, 0xee, 0x38, 0x5e, 0x17, 0x9f,
-	0x61, 0xee, 0x62, 0x77, 0x75, 0x62, 0xd8, 0xa4, 0x4d, 0x07, 0xfd, 0x83, 0x4e, 0xb0, 0x79, 0x10,
-	0x13, 0x11, 0xcc, 0x3d, 0x73, 0xd0, 0xdf, 0xe1, 0x28, 0xdd, 0x83, 0x2e, 0x00, 0x58, 0x12, 0xa1,
-	0xdb, 0xda, 0x91, 0x89, 0x1d, 0x85, 0x06, 0xe7, 0xf9, 0xdc, 0xe1, 0xe9, 0xea, 0x6f, 0x32, 0x28,
-	0x8c, 0x1f, 0x26, 0xa4, 0x18, 0x1f, 0x6c, 0xef, 0x04, 0x71, 0xe0, 0xa7, 0x78, 0xf0, 0x6c, 0x3e,
-	0x1f, 0xac, 0x67, 0xe0, 0x77, 0xf3, 0xc1, 0x2c, 0x2c, 0x9c, 0xd9, 0x16, 0x6a, 0xc1, 0x54, 0x3b,
-	0x08, 0xe3, 0xfb, 0x41, 0x28, 0x57, 0x15, 0xea, 0x71, 0xb5, 0x37, 0x30, 0x45, 0x8b, 0xcc, 0xfa,
-	0xdb, 0x84, 0xe0, 0x14, 0x4d, 0xf4, 0x25, 0x18, 0x8d, 0x9a, 0x8e, 0x47, 0x6a, 0xb7, 0xcb, 0xe7,
-	0xf2, 0x0f, 0x98, 0x06, 0x47, 0xc9, 0x59, 0x5d, 0x6c, 0x72, 0x04, 0x0a, 0x96, 0xe4, 0xd0, 0x2a,
-	0x0c, 0xb3, 0x0c, 0x21, 0x2c, 0x0e, 0x7d, 0x4e, 0x3c, 0xaf, 0x2e, 0x0b, 0x69, 0xce, 0x87, 0x58,
-	0x31, 0xe6, 0xd5, 0xe9, 0x1e, 0x10, 0x12, 0x6e, 0x10, 0x95, 0x2f, 0xe4, 0xef, 0x01, 0x21, 0x18,
-	0xdf, 0x6e, 0xf4, 0xda, 0x03, 0x0a, 0x09, 0x27, 0x44, 0x29, 0x17, 0xa6, 0x9c, 0xf3, 0xb1, 0x7c,
-	0x2e, 0x9c, 0xcf, 0x37, 0x19, 0x17, 0xa6, 0x5c, 0x93, 0x92, 0xb0, 0xbf, 0x36, 0xda, 0x2d, 0x95,
-	0xb0, 0x3b, 0xd1, 0x77, 0x5b, 0x5d, 0x06, 0x03, 0x9f, 0x1b, 0x54, 0x45, 0x73, 0x8a, 0xf2, 0xe8,
-	0xd7, 0x2c, 0x78, 0xac, 0x9d, 0xf9, 0x21, 0xe2, 0x88, 0x1f, 0x4c, 0xd3, 0xc3, 0x3f, 0x5d, 0xe5,
-	0x8a, 0xc8, 0x86, 0xe3, 0x9c, 0x96, 0xd2, 0x32, 0x7f, 0xf1, 0x23, 0xcb, 0xfc, 0x6b, 0x30, 0xc6,
-	0xc4, 0xc8, 0x24, 0x78, 0xdc, 0x40, 0x66, 0x77, 0x4c, 0x58, 0x58, 0x16, 0x15, 0xb1, 0x22, 0x81,
-	0xbe, 0xdf, 0x82, 0xa7, 0xd2, 0x5d, 0xc7, 0x84, 0x81, 0x45, 0x20, 0x62, 0x7e, 0x1d, 0x5b, 0x15,
-	0xdf, 0xff, 0x54, 0xbd, 0x17, 0xf2, 0x71, 0x3f, 0x04, 0xdc, 0xbb, 0x31, 0x54, 0xcd, 0xb8, 0x0f,
-	0x8e, 0x98, 0xef, 0x89, 0x03, 0xdc, 0x09, 0x5f, 0x83, 0x89, 0xbd, 0xa0, 0xe3, 0x4b, 0x9f, 0x18,
-	0xe1, 0xf1, 0xcc, 0x74, 0xd7, 0x6b, 0x5a, 0x39, 0x36, 0xb0, 0x52, 0x37, 0xc9, 0xb1, 0x87, 0xbd,
-	0x49, 0x9e, 0xed, 0xfd, 0xe4, 0xeb, 0x56, 0x86, 0x60, 0xcd, 0x6f, 0xac, 0x5f, 0x30, 0x6f, 0xac,
-	0xcf, 0xa6, 0x6f, 0xac, 0x5d, 0x1a, 0x4a, 0xe3, 0xb2, 0x3a, 0x78, 0xa0, 0xf6, 0x41, 0xa3, 0xf4,
-	0xd9, 0x1e, 0x5c, 0xee, 0x77, 0x70, 0x30, 0x13, 0xc6, 0x96, 0x7a, 0xdb, 0x4f, 0x4c, 0x18, 0x5b,
-	0xb5, 0x2a, 0x66, 0x90, 0x41, 0x23, 0xeb, 0xd8, 0xff, 0xdd, 0x82, 0x62, 0x3d, 0x68, 0x9d, 0x81,
-	0xc6, 0xf5, 0x8b, 0x86, 0xc6, 0xf5, 0x89, 0x9c, 0x14, 0xd6, 0xb9, 0xfa, 0xd5, 0x95, 0x94, 0x7e,
-	0xf5, 0xa9, 0x3c, 0x02, 0xbd, 0xb5, 0xa9, 0x3f, 0x5e, 0x04, 0x3d, 0xe1, 0x36, 0xfa, 0xb7, 0x0f,
-	0x63, 0x0b, 0x5f, 0xec, 0x95, 0x83, 0x5b, 0x50, 0x66, 0x96, 0x8f, 0xd2, 0xcd, 0xf6, 0xcf, 0x98,
-	0x49, 0xfc, 0x3d, 0xe2, 0x6e, 0xef, 0xc4, 0xa4, 0x95, 0xfe, 0x9c, 0xb3, 0x33, 0x89, 0xff, 0xaf,
-	0x16, 0x4c, 0xa7, 0x5a, 0x47, 0x5e, 0x96, 0xcf, 0xde, 0x43, 0x6a, 0xda, 0x66, 0xfb, 0x3a, 0xf9,
-	0xcd, 0x03, 0xa8, 0xe7, 0x2c, 0xa9, 0x85, 0x62, 0x72, 0xb9, 0x7a, 0xef, 0x8a, 0xb0, 0x86, 0x81,
-	0x5e, 0x87, 0xf1, 0x38, 0x68, 0x07, 0x5e, 0xb0, 0x7d, 0x70, 0x93, 0xc8, 0x58, 0x4e, 0xea, 0xd1,
-	0x71, 0x23, 0x01, 0x61, 0x1d, 0xcf, 0xfe, 0xc9, 0x22, 0xa4, 0x93, 0xb4, 0x7f, 0x73, 0x4d, 0x7e,
-	0x32, 0xd7, 0xe4, 0x37, 0x2c, 0x98, 0xa1, 0xad, 0x33, 0xab, 0x32, 0x79, 0x1c, 0xaa, 0x84, 0x51,
-	0x56, 0x8f, 0x84, 0x51, 0xcf, 0x52, 0xde, 0xd5, 0x0a, 0x3a, 0xb1, 0xd0, 0x62, 0x69, 0xcc, 0x89,
-	0x96, 0x62, 0x01, 0x15, 0x78, 0x24, 0x0c, 0x85, 0x27, 0x9e, 0x8e, 0x47, 0xc2, 0x10, 0x0b, 0xa8,
-	0xcc, 0x27, 0x35, 0x94, 0x93, 0x4f, 0x8a, 0x85, 0x41, 0x14, 0x96, 0x4c, 0x42, 0x30, 0xd1, 0xc2,
-	0x20, 0x4a, 0x13, 0xa7, 0x04, 0xc7, 0xfe, 0x99, 0x22, 0x4c, 0xd4, 0x83, 0x56, 0xf2, 0xa0, 0xf4,
-	0x9a, 0xf1, 0xa0, 0x74, 0x39, 0xf5, 0xa0, 0x34, 0xa3, 0xe3, 0x7e, 0xf3, 0xf9, 0xe8, 0xe3, 0x7a,
-	0x3e, 0xfa, 0x57, 0x16, 0x9b, 0xb5, 0xea, 0x7a, 0x43, 0xe4, 0x3b, 0x7e, 0x05, 0xc6, 0x19, 0x43,
-	0x62, 0xae, 0x9f, 0xf2, 0x95, 0x85, 0xa5, 0x35, 0x58, 0x4f, 0x8a, 0xb1, 0x8e, 0x83, 0xae, 0xc0,
-	0x58, 0x44, 0x9c, 0xb0, 0xb9, 0xa3, 0x78, 0x9c, 0x78, 0x83, 0xe0, 0x65, 0x58, 0x41, 0xd1, 0x3b,
-	0x49, 0x50, 0xc4, 0x62, 0x7e, 0xe6, 0x5e, 0xbd, 0x3f, 0x7c, 0x8b, 0xe4, 0x47, 0x42, 0xb4, 0xef,
-	0x01, 0xea, 0xc6, 0x1f, 0xc0, 0xbc, 0xab, 0x62, 0x86, 0x3f, 0x2b, 0x75, 0x85, 0x3e, 0xfb, 0x13,
-	0x0b, 0xa6, 0xea, 0x41, 0x8b, 0x6e, 0xdd, 0x3f, 0x4f, 0xfb, 0x54, 0x0f, 0x3f, 0x3a, 0xd2, 0x23,
-	0xfc, 0xe8, 0x3f, 0xb0, 0x60, 0xb4, 0x1e, 0xb4, 0xce, 0x40, 0xf7, 0xfd, 0x05, 0x53, 0xf7, 0xfd,
-	0x78, 0xce, 0x92, 0xc8, 0x51, 0x77, 0xff, 0x5c, 0x11, 0x26, 0x69, 0x3f, 0x83, 0x6d, 0x39, 0x4b,
-	0xc6, 0x88, 0x58, 0x03, 0x8c, 0x08, 0x15, 0x73, 0x03, 0xcf, 0x0b, 0xee, 0xa7, 0x67, 0x6c, 0x95,
-	0x95, 0x62, 0x01, 0x45, 0x2f, 0xc1, 0x58, 0x3b, 0x24, 0xfb, 0x6e, 0xd0, 0x89, 0xd2, 0x5e, 0xce,
-	0x75, 0x51, 0x8e, 0x15, 0x06, 0xbd, 0x19, 0x45, 0xae, 0xdf, 0x24, 0xd2, 0xee, 0x6b, 0x88, 0xd9,
-	0x7d, 0xf1, 0xb8, 0xe2, 0x5a, 0x39, 0x36, 0xb0, 0xd0, 0x3d, 0x28, 0xb1, 0xff, 0x8c, 0xa3, 0x9c,
-	0x3c, 0xd3, 0x95, 0x48, 0xe6, 0x21, 0x08, 0xe0, 0x84, 0x16, 0xba, 0x0a, 0x10, 0x4b, 0x0b, 0xb5,
-	0x48, 0x38, 0xe1, 0x2b, 0x59, 0x5b, 0xd9, 0xae, 0x45, 0x58, 0xc3, 0x42, 0x2f, 0x42, 0x29, 0x76,
-	0x5c, 0xef, 0x96, 0xeb, 0x93, 0x48, 0x58, 0xf8, 0x89, 0x5c, 0x1d, 0xa2, 0x10, 0x27, 0x70, 0x2a,
-	0xeb, 0xb0, 0x10, 0x0f, 0x3c, 0x4f, 0xde, 0x18, 0xc3, 0x66, 0xb2, 0xce, 0x2d, 0x55, 0x8a, 0x35,
-	0x0c, 0xfb, 0x1a, 0x5c, 0xa8, 0x07, 0xad, 0x7a, 0x10, 0xc6, 0xab, 0x41, 0x78, 0xdf, 0x09, 0x5b,
-	0x72, 0xfe, 0x2a, 0x32, 0x6d, 0x04, 0xe5, 0x3d, 0xc3, 0x7c, 0x67, 0x1a, 0x09, 0x21, 0x5e, 0x65,
-	0xd2, 0xce, 0x09, 0xdd, 0xb1, 0xfe, 0x7d, 0x81, 0x31, 0x8a, 0x54, 0xf2, 0x46, 0xf4, 0x15, 0x98,
-	0x8a, 0xc8, 0x2d, 0xd7, 0xef, 0x3c, 0x90, 0x37, 0xd8, 0x1e, 0xbe, 0x6e, 0x8d, 0x15, 0x1d, 0x93,
-	0xeb, 0xc1, 0xcc, 0x32, 0x9c, 0xa2, 0x46, 0x87, 0x30, 0xec, 0xf8, 0x8b, 0xd1, 0x9d, 0x88, 0x84,
-	0x22, 0x79, 0x20, 0x1b, 0x42, 0x2c, 0x0b, 0x71, 0x02, 0xa7, 0x4b, 0x86, 0xfd, 0x59, 0x0f, 0x7c,
-	0x1c, 0x04, 0xb1, 0x5c, 0x64, 0x2c, 0xfd, 0x94, 0x56, 0x8e, 0x0d, 0x2c, 0xb4, 0x0a, 0x28, 0xea,
-	0xb4, 0xdb, 0x1e, 0x7b, 0x98, 0x76, 0xbc, 0xeb, 0x61, 0xd0, 0x69, 0xf3, 0x47, 0x41, 0x91, 0xb9,
-	0xa9, 0xd1, 0x05, 0xc5, 0x19, 0x35, 0x28, 0x63, 0xd8, 0x8a, 0xd8, 0x6f, 0x11, 0xe5, 0x81, 0x6b,
-	0xa4, 0x1b, 0xac, 0x08, 0x4b, 0x98, 0xfd, 0x5d, 0xec, 0xc0, 0x60, 0x39, 0xdf, 0xe2, 0x4e, 0x48,
-	0xd0, 0x1e, 0x4c, 0xb6, 0xd9, 0x51, 0x2e, 0xa2, 0x67, 0x8b, 0x01, 0x7c, 0x38, 0x7b, 0x3e, 0x9e,
-	0x03, 0x4a, 0x27, 0x87, 0x4d, 0xea, 0xf6, 0x7f, 0x9a, 0x66, 0x7c, 0xa9, 0xc1, 0xaf, 0x73, 0xa3,
-	0xc2, 0x4a, 0x5f, 0xc8, 0xae, 0x73, 0xf9, 0x59, 0x22, 0x93, 0x23, 0x44, 0x58, 0xfa, 0x63, 0x59,
-	0x17, 0xbd, 0xc3, 0x5e, 0x53, 0x39, 0x33, 0xe8, 0x97, 0x3c, 0x9a, 0x63, 0x19, 0x0f, 0xa7, 0xa2,
-	0x22, 0xd6, 0x88, 0xa0, 0x5b, 0x30, 0x29, 0x52, 0x84, 0x09, 0xd5, 0x4e, 0xd1, 0x50, 0x0c, 0x4c,
-	0x62, 0x1d, 0x78, 0x9c, 0x2e, 0xc0, 0x66, 0x65, 0xb4, 0x0d, 0x4f, 0x69, 0xf9, 0x32, 0x33, 0x6c,
-	0x4a, 0x39, 0x6f, 0x79, 0xfa, 0xe8, 0xb0, 0xf2, 0xd4, 0x46, 0x2f, 0x44, 0xdc, 0x9b, 0x0e, 0xba,
-	0x0d, 0x17, 0x9c, 0x66, 0xec, 0xee, 0x93, 0x2a, 0x71, 0x5a, 0x9e, 0xeb, 0x13, 0x33, 0xec, 0xc7,
-	0xc5, 0xa3, 0xc3, 0xca, 0x85, 0xc5, 0x2c, 0x04, 0x9c, 0x5d, 0x0f, 0x7d, 0x01, 0x4a, 0x2d, 0x3f,
-	0x12, 0x63, 0x30, 0x62, 0xa4, 0x82, 0x2d, 0x55, 0xd7, 0x1b, 0xea, 0xfb, 0x93, 0x3f, 0x38, 0xa9,
-	0x80, 0xb6, 0x61, 0x42, 0x77, 0xed, 0x13, 0x69, 0x84, 0x5f, 0xee, 0x71, 0xeb, 0x37, 0xfc, 0xe1,
-	0xb8, 0x5e, 0x53, 0x59, 0x6c, 0x1b, 0xae, 0x72, 0x06, 0x61, 0xf4, 0x36, 0x20, 0x2a, 0xcc, 0xb8,
-	0x4d, 0xb2, 0xd8, 0x64, 0x41, 0xcc, 0x99, 0x36, 0x6c, 0xcc, 0x70, 0x3f, 0x42, 0x8d, 0x2e, 0x0c,
-	0x9c, 0x51, 0x0b, 0xdd, 0xa0, 0x1c, 0x45, 0x2f, 0x15, 0x06, 0xf6, 0x52, 0x00, 0x2e, 0x57, 0x49,
-	0x3b, 0x24, 0x4d, 0x27, 0x26, 0x2d, 0x93, 0x22, 0x4e, 0xd5, 0xa3, 0xe7, 0x8d, 0xca, 0x67, 0x04,
-	0xa6, 0x59, 0x78, 0x77, 0x4e, 0x23, 0x7a, 0x77, 0xdc, 0x09, 0xa2, 0x78, 0x9d, 0xc4, 0xf7, 0x83,
-	0x70, 0x57, 0xc4, 0xea, 0x4b, 0xc2, 0xc6, 0x26, 0x20, 0xac, 0xe3, 0x51, 0x59, 0x91, 0x3d, 0x67,
-	0xd6, 0xaa, 0xec, 0x75, 0x69, 0x2c, 0xd9, 0x27, 0x37, 0x78, 0x31, 0x96, 0x70, 0x89, 0x5a, 0xab,
-	0x2f, 0xb3, 0x37, 0xa3, 0x14, 0x6a, 0xad, 0xbe, 0x8c, 0x25, 0x1c, 0x91, 0xee, 0x34, 0xbb, 0x53,
-	0xf9, 0xaf, 0x7d, 0xdd, 0x7c, 0x79, 0xc0, 0x4c, 0xbb, 0x3e, 0xcc, 0xa8, 0x04, 0xbf, 0x3c, 0x88,
-	0x61, 0x54, 0x9e, 0x66, 0x8b, 0x64, 0xf0, 0x08, 0x88, 0x4a, 0xdb, 0x59, 0x4b, 0x51, 0xc2, 0x5d,
-	0xb4, 0x8d, 0x70, 0x32, 0x33, 0x7d, 0xf3, 0x51, 0x2d, 0x40, 0x29, 0xea, 0x6c, 0xb6, 0x82, 0x3d,
-	0xc7, 0xf5, 0xd9, 0x13, 0x8f, 0x26, 0x88, 0x34, 0x24, 0x00, 0x27, 0x38, 0x68, 0x15, 0xc6, 0x1c,
-	0x71, 0x2d, 0x15, 0x8f, 0x32, 0x99, 0xf1, 0x25, 0xe4, 0xd5, 0x95, 0x8b, 0xd9, 0xf2, 0x1f, 0x56,
-	0x75, 0xd1, 0x9b, 0x30, 0x29, 0x5c, 0x20, 0x85, 0xf5, 0xf2, 0x39, 0xd3, 0x5b, 0xa6, 0xa1, 0x03,
-	0xb1, 0x89, 0x8b, 0xbe, 0x03, 0xa6, 0x28, 0x95, 0x84, 0xb1, 0x95, 0xcf, 0x0f, 0xc2, 0x11, 0xb5,
-	0x3c, 0x23, 0x7a, 0x65, 0x9c, 0x22, 0x86, 0x5a, 0xf0, 0xa4, 0xd3, 0x89, 0x03, 0xa6, 0x0e, 0x36,
-	0xd7, 0xff, 0x46, 0xb0, 0x4b, 0x7c, 0xf6, 0x12, 0x33, 0xb6, 0x74, 0xf9, 0xe8, 0xb0, 0xf2, 0xe4,
-	0x62, 0x0f, 0x3c, 0xdc, 0x93, 0x0a, 0xba, 0x03, 0xe3, 0x71, 0xe0, 0x09, 0xb7, 0x83, 0xa8, 0xfc,
-	0x58, 0x7e, 0x38, 0xac, 0x0d, 0x85, 0xa6, 0x2b, 0x5a, 0x54, 0x55, 0xac, 0xd3, 0x41, 0x1b, 0x7c,
-	0x8f, 0xb1, 0x40, 0xc1, 0x24, 0x2a, 0x3f, 0x9e, 0x3f, 0x30, 0x2a, 0x9e, 0xb0, 0xb9, 0x05, 0x45,
-	0x4d, 0xac, 0x93, 0x41, 0xd7, 0x61, 0xb6, 0x1d, 0xba, 0x01, 0x5b, 0xd8, 0x4a, 0x15, 0x5f, 0x36,
-	0x53, 0x4b, 0xd4, 0xd3, 0x08, 0xb8, 0xbb, 0x0e, 0xbd, 0x88, 0xc9, 0xc2, 0xf2, 0x45, 0x9e, 0xa7,
-	0x8c, 0x0b, 0xa7, 0xbc, 0x0c, 0x2b, 0x28, 0x5a, 0x63, 0x7c, 0x99, 0x5f, 0x99, 0xca, 0x73, 0xf9,
-	0x71, 0x39, 0xf4, 0xab, 0x15, 0x17, 0x5c, 0xd4, 0x5f, 0x9c, 0x50, 0x98, 0xfb, 0x56, 0x98, 0xed,
-	0x62, 0xbc, 0x27, 0xb2, 0x28, 0xff, 0xa7, 0xc3, 0x50, 0x52, 0x7a, 0x57, 0xb4, 0x60, 0xaa, 0xd3,
-	0x2f, 0xa6, 0xd5, 0xe9, 0x63, 0x54, 0xfc, 0xd3, 0x35, 0xe8, 0x1b, 0x86, 0x3d, 0x54, 0x21, 0x3f,
-	0xdd, 0x98, 0xae, 0x74, 0xe8, 0xeb, 0xfe, 0xa9, 0x5d, 0xa3, 0x8b, 0x03, 0xeb, 0xe5, 0x87, 0x7a,
-	0xde, 0xcc, 0x07, 0xcc, 0xa0, 0x4c, 0x6f, 0x9a, 0xed, 0xa0, 0x55, 0xab, 0xa7, 0x53, 0x8a, 0xd6,
-	0x69, 0x21, 0xe6, 0x30, 0x76, 0x57, 0xa0, 0x52, 0x02, 0xbb, 0x2b, 0x8c, 0x3e, 0xe4, 0x5d, 0x41,
-	0x12, 0xc0, 0x09, 0x2d, 0xe4, 0xc1, 0x6c, 0xd3, 0xcc, 0x06, 0xab, 0x5c, 0x3e, 0x9f, 0xe9, 0x9b,
-	0x97, 0xb5, 0xa3, 0xa5, 0x89, 0x5b, 0x4e, 0x53, 0xc1, 0xdd, 0x84, 0xd1, 0x9b, 0x30, 0xf6, 0x41,
-	0x10, 0xb1, 0x55, 0x2c, 0x8e, 0x4a, 0xe9, 0x64, 0x37, 0xf6, 0xce, 0xed, 0x06, 0x2b, 0x3f, 0x3e,
-	0xac, 0x8c, 0xd7, 0x83, 0x96, 0xfc, 0x8b, 0x55, 0x05, 0xf4, 0x00, 0x2e, 0x18, 0x0c, 0x46, 0x75,
-	0x17, 0x06, 0xef, 0xee, 0x53, 0xa2, 0xb9, 0x0b, 0xb5, 0x2c, 0x4a, 0x38, 0xbb, 0x01, 0xfb, 0x17,
-	0xb9, 0x76, 0x59, 0xe8, 0xa0, 0x48, 0xd4, 0xf1, 0xce, 0x22, 0x17, 0xd4, 0x8a, 0xa1, 0x1e, 0x7b,
-	0xe8, 0x17, 0x8c, 0x5f, 0xb5, 0xd8, 0x0b, 0xc6, 0x06, 0xd9, 0x6b, 0x7b, 0x4e, 0x7c, 0x16, 0x7e,
-	0x04, 0xef, 0xc0, 0x58, 0x2c, 0x5a, 0xeb, 0x95, 0xbe, 0x4a, 0xeb, 0x14, 0x7b, 0xc5, 0x51, 0xe7,
-	0xab, 0x2c, 0xc5, 0x8a, 0x8c, 0xfd, 0xcf, 0xf9, 0x0c, 0x48, 0xc8, 0x19, 0xa8, 0x2a, 0xaa, 0xa6,
-	0xaa, 0xa2, 0xd2, 0xe7, 0x0b, 0x72, 0x54, 0x16, 0xff, 0xcc, 0xec, 0x37, 0xbb, 0xca, 0x7c, 0xd2,
-	0x9f, 0xce, 0xec, 0x1f, 0xb6, 0xe0, 0x7c, 0x96, 0x35, 0x08, 0x95, 0x89, 0xf8, 0x45, 0x4a, 0x3d,
-	0x25, 0xaa, 0x11, 0xbc, 0x2b, 0xca, 0xb1, 0xc2, 0x18, 0x38, 0x59, 0xc7, 0xc9, 0x22, 0xca, 0xdd,
-	0x06, 0x33, 0x71, 0x30, 0x7a, 0x8b, 0x3b, 0x06, 0x59, 0x2a, 0xb3, 0xef, 0xc9, 0x9c, 0x82, 0xec,
-	0x9f, 0x2a, 0xc0, 0x79, 0xfe, 0x16, 0xb0, 0xb8, 0x1f, 0xb8, 0xad, 0x7a, 0xd0, 0x12, 0x6e, 0x52,
-	0xef, 0xc2, 0x44, 0x5b, 0xbb, 0xfd, 0xf6, 0x8a, 0x69, 0xa5, 0xdf, 0x92, 0x93, 0x5b, 0x88, 0x5e,
-	0x8a, 0x0d, 0x5a, 0xa8, 0x05, 0x13, 0x64, 0xdf, 0x6d, 0x2a, 0x85, 0x72, 0xe1, 0xc4, 0x2c, 0x5d,
-	0xb5, 0xb2, 0xa2, 0xd1, 0xc1, 0x06, 0xd5, 0x47, 0x90, 0xe8, 0xcd, 0xfe, 0x11, 0x0b, 0x1e, 0xcf,
-	0x89, 0x80, 0x45, 0x9b, 0xbb, 0xcf, 0x5e, 0x5d, 0x44, 0xce, 0x28, 0xd5, 0x1c, 0x7f, 0x8b, 0xc1,
-	0x02, 0x8a, 0xbe, 0x04, 0xc0, 0xdf, 0x52, 0xa8, 0x50, 0x2e, 0x3e, 0x7d, 0xb0, 0xc8, 0x30, 0x5a,
-	0xf8, 0x10, 0x59, 0x1f, 0x6b, 0xb4, 0xec, 0x9f, 0x28, 0xc2, 0x30, 0xd3, 0xdd, 0xa3, 0x55, 0x18,
-	0xdd, 0xe1, 0xf1, 0xb6, 0x07, 0x09, 0xed, 0x9d, 0xdc, 0x6e, 0x78, 0x01, 0x96, 0x95, 0xd1, 0x1a,
-	0x9c, 0x13, 0xae, 0x78, 0x55, 0xe2, 0x39, 0x07, 0xf2, 0x92, 0xcc, 0xf3, 0x2c, 0xa9, 0xcc, 0x62,
-	0xb5, 0x6e, 0x14, 0x9c, 0x55, 0x0f, 0xbd, 0xd5, 0x15, 0x65, 0x93, 0x47, 0x2a, 0x57, 0x22, 0x75,
-	0x9f, 0x48, 0x9b, 0x6f, 0xc2, 0x64, 0xbb, 0x4b, 0x1d, 0x30, 0x9c, 0x88, 0xfb, 0xa6, 0x0a, 0xc0,
-	0xc4, 0x65, 0x66, 0x20, 0x1d, 0x66, 0xf4, 0xb2, 0xb1, 0x13, 0x92, 0x68, 0x27, 0xf0, 0x5a, 0x22,
-	0xf5, 0x79, 0x62, 0x06, 0x92, 0x82, 0xe3, 0xae, 0x1a, 0x94, 0xca, 0x96, 0xe3, 0x7a, 0x9d, 0x90,
-	0x24, 0x54, 0x46, 0x4c, 0x2a, 0xab, 0x29, 0x38, 0xee, 0xaa, 0x41, 0xd7, 0xd1, 0x05, 0x91, 0x37,
-	0x5b, 0x06, 0x68, 0x50, 0xb6, 0x3d, 0xa3, 0xd2, 0x51, 0xa3, 0x47, 0xd0, 0x20, 0x61, 0x5b, 0xa1,
-	0x32, 0x6f, 0x6b, 0x59, 0x59, 0x85, 0x8b, 0x86, 0xa4, 0xf2, 0x30, 0xd9, 0x9b, 0x7f, 0xd7, 0x82,
-	0x73, 0x19, 0x36, 0x84, 0x9c, 0x55, 0x6d, 0xbb, 0x51, 0xac, 0xd2, 0xfb, 0x68, 0xac, 0x8a, 0x97,
-	0x63, 0x85, 0x41, 0xf7, 0x03, 0x67, 0x86, 0x69, 0x06, 0x28, 0x6c, 0x74, 0x04, 0xf4, 0x64, 0x0c,
-	0x10, 0x5d, 0x86, 0xa1, 0x4e, 0x44, 0x42, 0x99, 0xf6, 0x58, 0xf2, 0x6f, 0xa6, 0x60, 0x64, 0x10,
-	0x2a, 0x51, 0x6e, 0x2b, 0xdd, 0x9e, 0x26, 0x51, 0x72, 0xed, 0x1e, 0x87, 0xd9, 0x3f, 0x50, 0x84,
-	0x8b, 0xb9, 0x96, 0xc1, 0xb4, 0x4b, 0x7b, 0x81, 0xef, 0xc6, 0x81, 0x7a, 0x17, 0xe2, 0xd1, 0x6d,
-	0x48, 0x7b, 0x67, 0x4d, 0x94, 0x63, 0x85, 0x81, 0x9e, 0x95, 0x59, 0xf1, 0xd3, 0x09, 0x8c, 0x96,
-	0xaa, 0x46, 0x62, 0xfc, 0x41, 0x33, 0x91, 0x3d, 0x03, 0x43, 0xed, 0x20, 0xf0, 0xd2, 0xcc, 0x88,
-	0x76, 0x37, 0x08, 0x3c, 0xcc, 0x80, 0xe8, 0x33, 0x62, 0x1c, 0x52, 0x0f, 0x21, 0xd8, 0x69, 0x05,
-	0x91, 0x36, 0x18, 0xcf, 0xc3, 0xe8, 0x2e, 0x39, 0x08, 0x5d, 0x7f, 0x3b, 0xfd, 0x40, 0x76, 0x93,
-	0x17, 0x63, 0x09, 0x37, 0xf3, 0x77, 0x8c, 0x9e, 0x46, 0xfe, 0x0e, 0x7d, 0x66, 0xc7, 0xfa, 0x1e,
-	0x6d, 0xdf, 0x57, 0x84, 0x69, 0xbc, 0x54, 0xfd, 0xe6, 0x44, 0xdc, 0xe9, 0x9e, 0x88, 0xd3, 0xce,
-	0xea, 0xd6, 0x7f, 0x36, 0x7e, 0xce, 0x82, 0x69, 0x16, 0xe3, 0x5a, 0x44, 0x67, 0x71, 0x03, 0xff,
-	0x0c, 0x44, 0xb7, 0x67, 0x60, 0x38, 0xa4, 0x8d, 0xa6, 0x53, 0x35, 0xb1, 0x9e, 0x60, 0x0e, 0x43,
-	0x4f, 0xc2, 0x10, 0xeb, 0x02, 0x9d, 0xbc, 0x09, 0x9e, 0xe5, 0xa2, 0xea, 0xc4, 0x0e, 0x66, 0xa5,
-	0xcc, 0x4d, 0x16, 0x93, 0xb6, 0xe7, 0xf2, 0x4e, 0x27, 0x0a, 0xf5, 0x4f, 0x86, 0x9b, 0x6c, 0x66,
-	0xd7, 0x3e, 0x9a, 0x9b, 0x6c, 0x36, 0xc9, 0xde, 0xd7, 0xa2, 0xff, 0x51, 0x80, 0x4b, 0x99, 0xf5,
-	0x06, 0x76, 0x93, 0xed, 0x5d, 0xfb, 0x74, 0xec, 0x1c, 0xb2, 0xcd, 0x0f, 0x8a, 0x67, 0x68, 0x7e,
-	0x30, 0x34, 0xa8, 0xe4, 0x38, 0x3c, 0x80, 0xf7, 0x6a, 0xe6, 0x90, 0x7d, 0x42, 0xbc, 0x57, 0x33,
-	0xfb, 0x96, 0x73, 0xad, 0xfb, 0xd3, 0x42, 0xce, 0xb7, 0xb0, 0x0b, 0xde, 0x15, 0xca, 0x67, 0x18,
-	0x30, 0x12, 0x92, 0xf0, 0x04, 0xe7, 0x31, 0xbc, 0x0c, 0x2b, 0x28, 0x72, 0x35, 0x3f, 0x50, 0xde,
-	0xb5, 0x37, 0x4f, 0xb4, 0x65, 0xe6, 0xcd, 0xf7, 0x0f, 0x3d, 0x94, 0x4c, 0xda, 0x27, 0x74, 0x4d,
-	0xbb, 0x94, 0x17, 0x07, 0xbf, 0x94, 0x4f, 0x64, 0x5f, 0xc8, 0xd1, 0x22, 0x4c, 0xef, 0xb9, 0x3e,
-	0x65, 0x9b, 0x07, 0xa6, 0x28, 0xaa, 0xc2, 0x22, 0xac, 0x99, 0x60, 0x9c, 0xc6, 0x9f, 0x7b, 0x13,
-	0x26, 0x1f, 0x5e, 0x8b, 0xf8, 0x8d, 0x22, 0x3c, 0xd1, 0x63, 0xdb, 0x73, 0x5e, 0x6f, 0xcc, 0x81,
-	0xc6, 0xeb, 0xbb, 0xe6, 0xa1, 0x0e, 0xe7, 0xb7, 0x3a, 0x9e, 0x77, 0xc0, 0x2c, 0xfc, 0x48, 0x4b,
-	0x62, 0x08, 0x59, 0x51, 0x05, 0xb0, 0x5f, 0xcd, 0xc0, 0xc1, 0x99, 0x35, 0xd1, 0xdb, 0x80, 0x02,
-	0x91, 0xb2, 0x36, 0x09, 0x90, 0xc3, 0x06, 0xbe, 0x98, 0x6c, 0xc6, 0xdb, 0x5d, 0x18, 0x38, 0xa3,
-	0x16, 0x15, 0xfa, 0xe9, 0xa9, 0x74, 0xa0, 0xba, 0x95, 0x12, 0xfa, 0xb1, 0x0e, 0xc4, 0x26, 0x2e,
-	0xba, 0x0e, 0xb3, 0xce, 0xbe, 0xe3, 0xf2, 0x80, 0x89, 0x92, 0x00, 0x97, 0xfa, 0x95, 0xee, 0x6e,
-	0x31, 0x8d, 0x80, 0xbb, 0xeb, 0xa4, 0x1c, 0x51, 0x47, 0xf2, 0x1d, 0x51, 0x7b, 0xf3, 0xc5, 0x7e,
-	0xaa, 0x58, 0xfb, 0x3f, 0x5b, 0xf4, 0xf8, 0xca, 0x48, 0x3b, 0x4f, 0xc7, 0x41, 0xa9, 0x14, 0x35,
-	0x9f, 0x50, 0x35, 0x0e, 0xcb, 0x3a, 0x10, 0x9b, 0xb8, 0x7c, 0x41, 0x44, 0x89, 0xa3, 0x82, 0x21,
-	0xba, 0x0b, 0xa7, 0x6f, 0x85, 0x81, 0xbe, 0x0c, 0xa3, 0x2d, 0x77, 0xdf, 0x8d, 0x82, 0x50, 0x6c,
-	0x96, 0x13, 0x1a, 0x93, 0x27, 0x7c, 0xb0, 0xca, 0xc9, 0x60, 0x49, 0xcf, 0xfe, 0xbe, 0x02, 0x4c,
-	0xca, 0x16, 0xdf, 0xe9, 0x04, 0xb1, 0x73, 0x06, 0xc7, 0xf2, 0x75, 0xe3, 0x58, 0xfe, 0x4c, 0x2f,
-	0xcf, 0x77, 0xd6, 0xa5, 0xdc, 0xe3, 0xf8, 0x76, 0xea, 0x38, 0x7e, 0xae, 0x3f, 0xa9, 0xde, 0xc7,
-	0xf0, 0xbf, 0xb0, 0x60, 0xd6, 0xc0, 0x3f, 0x83, 0xd3, 0x60, 0xd5, 0x3c, 0x0d, 0x9e, 0xee, 0xfb,
-	0x0d, 0x39, 0xa7, 0xc0, 0xd7, 0x0b, 0xa9, 0xbe, 0x33, 0xee, 0xff, 0x01, 0x0c, 0xed, 0x38, 0x61,
-	0xab, 0x57, 0xd8, 0xdf, 0xae, 0x4a, 0xf3, 0x37, 0x9c, 0xb0, 0xc5, 0x79, 0xf8, 0x4b, 0x2a, 0xf7,
-	0xa8, 0x13, 0xb6, 0xfa, 0xfa, 0xe5, 0xb0, 0xa6, 0xd0, 0x35, 0x18, 0x89, 0x9a, 0x41, 0x5b, 0xd9,
-	0xe4, 0x5d, 0xe6, 0x79, 0x49, 0x69, 0xc9, 0xf1, 0x61, 0x05, 0x99, 0xcd, 0xd1, 0x62, 0x2c, 0xf0,
-	0xe7, 0xb6, 0xa1, 0xa4, 0x9a, 0x7e, 0xa4, 0x1e, 0x15, 0xbf, 0x55, 0x84, 0x73, 0x19, 0xeb, 0x02,
-	0x45, 0xc6, 0x68, 0xbd, 0x32, 0xe0, 0x72, 0xfa, 0x88, 0xe3, 0x15, 0xb1, 0x1b, 0x4b, 0x4b, 0xcc,
-	0xff, 0xc0, 0x8d, 0xde, 0x89, 0x48, 0xba, 0x51, 0x5a, 0xd4, 0xbf, 0x51, 0xda, 0xd8, 0x99, 0x0d,
-	0x35, 0x6d, 0x48, 0xf5, 0xf4, 0x91, 0xce, 0xe9, 0x1f, 0x15, 0xe1, 0x7c, 0x56, 0xc0, 0x0c, 0xf4,
-	0x9d, 0xa9, 0x24, 0x42, 0xaf, 0x0d, 0x1a, 0x6a, 0x83, 0x67, 0x16, 0x12, 0x11, 0xc6, 0xe6, 0xcd,
-	0xb4, 0x42, 0x7d, 0x87, 0x59, 0xb4, 0xc9, 0x1c, 0xe5, 0x42, 0x9e, 0xfc, 0x49, 0x6e, 0xf1, 0xcf,
-	0x0d, 0xdc, 0x01, 0x91, 0x35, 0x2a, 0x4a, 0x39, 0xca, 0xc9, 0xe2, 0xfe, 0x8e, 0x72, 0xb2, 0xe5,
-	0x39, 0x17, 0xc6, 0xb5, 0xaf, 0x79, 0xa4, 0x33, 0xbe, 0x4b, 0x4f, 0x14, 0xad, 0xdf, 0x8f, 0x74,
-	0xd6, 0x7f, 0xc4, 0x82, 0x94, 0x25, 0x9c, 0x52, 0x49, 0x59, 0xb9, 0x2a, 0xa9, 0xcb, 0x30, 0x14,
-	0x06, 0x1e, 0x49, 0xe7, 0x95, 0xc1, 0x81, 0x47, 0x30, 0x83, 0x50, 0x8c, 0x38, 0x51, 0x48, 0x4c,
-	0xe8, 0x97, 0x2d, 0x71, 0x8d, 0x7a, 0x06, 0x86, 0x3d, 0xb2, 0x4f, 0xa4, 0x36, 0x42, 0xf1, 0xe4,
-	0x5b, 0xb4, 0x10, 0x73, 0x98, 0xfd, 0x73, 0x43, 0xf0, 0x54, 0x4f, 0x57, 0x53, 0x7a, 0x65, 0xd9,
-	0x76, 0x62, 0x72, 0xdf, 0x39, 0x48, 0x47, 0xbd, 0xbe, 0xce, 0x8b, 0xb1, 0x84, 0x33, 0xbb, 0x5d,
-	0x1e, 0x38, 0x33, 0xa5, 0xc0, 0x13, 0xf1, 0x32, 0x05, 0xd4, 0x54, 0x1c, 0x15, 0x4f, 0x43, 0x71,
-	0x74, 0x15, 0x20, 0x8a, 0xbc, 0x15, 0x9f, 0x4a, 0x60, 0x2d, 0x61, 0x10, 0x9c, 0x04, 0x58, 0x6d,
-	0xdc, 0x12, 0x10, 0xac, 0x61, 0xa1, 0x2a, 0xcc, 0xb4, 0xc3, 0x20, 0xe6, 0xfa, 0xd0, 0x2a, 0x37,
-	0x45, 0x19, 0x36, 0xbd, 0xfc, 0xea, 0x29, 0x38, 0xee, 0xaa, 0x81, 0x5e, 0x87, 0x71, 0xe1, 0xf9,
-	0x57, 0x0f, 0x02, 0x4f, 0xa8, 0x6a, 0x94, 0x61, 0x43, 0x23, 0x01, 0x61, 0x1d, 0x4f, 0xab, 0xc6,
-	0x94, 0xac, 0xa3, 0x99, 0xd5, 0xb8, 0xa2, 0x55, 0xc3, 0x4b, 0x05, 0xcf, 0x19, 0x1b, 0x28, 0x78,
-	0x4e, 0xa2, 0xbc, 0x2a, 0x0d, 0xfc, 0xae, 0x04, 0x7d, 0xd5, 0x3d, 0x3f, 0x3d, 0x04, 0xe7, 0xc4,
-	0xc2, 0x79, 0xd4, 0xcb, 0xe5, 0x4e, 0xf7, 0x72, 0x39, 0x0d, 0xf5, 0xd6, 0x37, 0xd7, 0xcc, 0x59,
-	0xaf, 0x99, 0x5f, 0x2c, 0xc2, 0x08, 0x9f, 0x8a, 0x33, 0x90, 0xe1, 0x57, 0x85, 0xd2, 0xaf, 0x47,
-	0xd8, 0x18, 0xde, 0x97, 0xf9, 0xaa, 0x13, 0x3b, 0xfc, 0xfc, 0x52, 0x6c, 0x34, 0x51, 0x0f, 0xa2,
-	0x79, 0x83, 0xd1, 0xce, 0xa5, 0xb4, 0x5a, 0xc0, 0x69, 0x68, 0x6c, 0xf7, 0x2b, 0x00, 0x11, 0x4b,
-	0x9c, 0x4f, 0x69, 0x88, 0x00, 0x44, 0x2f, 0xf4, 0x68, 0xbd, 0xa1, 0x90, 0x79, 0x1f, 0x92, 0x25,
-	0xa8, 0x00, 0x58, 0xa3, 0x38, 0xf7, 0x06, 0x94, 0x14, 0x72, 0x3f, 0x15, 0xc0, 0x84, 0x7e, 0xea,
-	0x7d, 0x11, 0xa6, 0x53, 0x6d, 0x9d, 0x48, 0x83, 0xf0, 0xf3, 0x16, 0x4c, 0xf3, 0x2e, 0xaf, 0xf8,
-	0xfb, 0x62, 0xb3, 0x7f, 0x08, 0xe7, 0xbd, 0x8c, 0x4d, 0x27, 0x66, 0x74, 0xf0, 0x4d, 0xaa, 0x34,
-	0x06, 0x59, 0x50, 0x9c, 0xd9, 0x06, 0xba, 0x02, 0x63, 0xdc, 0xd1, 0xc5, 0xf1, 0x84, 0x73, 0xc2,
-	0x04, 0x4f, 0x44, 0xc1, 0xcb, 0xb0, 0x82, 0xda, 0xbf, 0x6d, 0xc1, 0x2c, 0xef, 0xf9, 0x4d, 0x72,
-	0xa0, 0x6e, 0xc7, 0x1f, 0x67, 0xdf, 0x45, 0x9e, 0x8d, 0x42, 0x4e, 0x9e, 0x0d, 0xfd, 0xd3, 0x8a,
-	0x3d, 0x3f, 0xed, 0xa7, 0x2c, 0x10, 0x2b, 0xf0, 0x0c, 0xee, 0x81, 0xdf, 0x6a, 0xde, 0x03, 0xe7,
-	0xf2, 0x17, 0x75, 0xce, 0x05, 0xf0, 0x4f, 0x2c, 0x98, 0xe1, 0x08, 0xc9, 0x43, 0xe4, 0xc7, 0x3a,
-	0x0f, 0x83, 0x24, 0x7f, 0x53, 0xd9, 0xb6, 0xb3, 0x3f, 0xca, 0x98, 0xac, 0xa1, 0x9e, 0x93, 0xd5,
-	0x92, 0x1b, 0xe8, 0x04, 0x49, 0x0d, 0x4f, 0x1c, 0x1a, 0xd6, 0xfe, 0x43, 0x0b, 0x10, 0x6f, 0xc6,
-	0x38, 0x97, 0xe9, 0x69, 0xc7, 0x4a, 0x35, 0x4d, 0x50, 0xc2, 0x6a, 0x14, 0x04, 0x6b, 0x58, 0xa7,
-	0x32, 0x3c, 0xa9, 0xd7, 0xe4, 0x62, 0xff, 0xd7, 0xe4, 0x13, 0x8c, 0xe8, 0x5f, 0x1f, 0x82, 0xb4,
-	0x25, 0x34, 0xba, 0x0b, 0x13, 0x4d, 0xa7, 0xed, 0x6c, 0xba, 0x9e, 0x1b, 0xbb, 0x24, 0xea, 0x65,
-	0x86, 0xb2, 0xac, 0xe1, 0x89, 0x77, 0x42, 0xad, 0x04, 0x1b, 0x74, 0xd0, 0x3c, 0x40, 0x3b, 0x74,
-	0xf7, 0x5d, 0x8f, 0x6c, 0xb3, 0xab, 0x30, 0x73, 0x87, 0xe2, 0xb6, 0x15, 0xb2, 0x14, 0x6b, 0x18,
-	0x19, 0xee, 0x33, 0xc5, 0x47, 0xe7, 0x3e, 0x33, 0x74, 0x42, 0xf7, 0x99, 0xe1, 0x81, 0xdc, 0x67,
-	0x30, 0x3c, 0x26, 0xcf, 0x6e, 0xfa, 0x7f, 0xd5, 0xf5, 0x88, 0x10, 0xd8, 0xb8, 0x93, 0xd4, 0xdc,
-	0xd1, 0x61, 0xe5, 0x31, 0x9c, 0x89, 0x81, 0x73, 0x6a, 0xa2, 0x2f, 0x41, 0xd9, 0xf1, 0xbc, 0xe0,
-	0xbe, 0x1a, 0xb5, 0x95, 0xa8, 0xe9, 0x78, 0x49, 0xa4, 0xf4, 0xb1, 0xa5, 0x27, 0x8f, 0x0e, 0x2b,
-	0xe5, 0xc5, 0x1c, 0x1c, 0x9c, 0x5b, 0xdb, 0xde, 0x85, 0x73, 0x0d, 0x12, 0xca, 0x3c, 0xa9, 0x6a,
-	0x8b, 0x6d, 0x40, 0x29, 0x4c, 0x31, 0x95, 0x81, 0x62, 0x95, 0x68, 0x51, 0x2c, 0x25, 0x13, 0x49,
-	0x08, 0xd9, 0x7f, 0x6c, 0xc1, 0xa8, 0xb0, 0xae, 0x3e, 0x03, 0x59, 0x66, 0xd1, 0xd0, 0x47, 0x56,
-	0xb2, 0x19, 0x2f, 0xeb, 0x4c, 0xae, 0x26, 0xb2, 0x96, 0xd2, 0x44, 0x3e, 0xdd, 0x8b, 0x48, 0x6f,
-	0x1d, 0xe4, 0x0f, 0x15, 0x61, 0xca, 0xb4, 0x2c, 0x3f, 0x83, 0x21, 0x58, 0x87, 0xd1, 0x48, 0xb8,
-	0x31, 0x14, 0xf2, 0xed, 0x57, 0xd3, 0x93, 0x98, 0x58, 0xb9, 0x08, 0xc7, 0x05, 0x49, 0x24, 0xd3,
-	0x3f, 0xa2, 0xf8, 0x08, 0xfd, 0x23, 0xfa, 0x19, 0xf7, 0x0f, 0x9d, 0x86, 0x71, 0xbf, 0xfd, 0x4b,
-	0x8c, 0xf9, 0xeb, 0xe5, 0x67, 0x20, 0x17, 0x5c, 0x37, 0x8f, 0x09, 0xbb, 0xc7, 0xca, 0x12, 0x9d,
-	0xca, 0x91, 0x0f, 0xfe, 0xb1, 0x05, 0xe3, 0x02, 0xf1, 0x0c, 0xba, 0xfd, 0x6d, 0x66, 0xb7, 0x9f,
-	0xe8, 0xd1, 0xed, 0x9c, 0xfe, 0xfe, 0xdd, 0x82, 0xea, 0x6f, 0x3d, 0x08, 0xe3, 0x81, 0x32, 0x67,
-	0x8c, 0xd1, 0xdb, 0x60, 0xd0, 0x0c, 0x3c, 0x71, 0x98, 0x3f, 0x99, 0xf8, 0xc9, 0xf2, 0xf2, 0x63,
-	0xed, 0x37, 0x56, 0xd8, 0xcc, 0x8d, 0x33, 0x08, 0x63, 0x71, 0x80, 0x26, 0x6e, 0x9c, 0x41, 0x18,
-	0x63, 0x06, 0x41, 0x2d, 0x80, 0xd8, 0x09, 0xb7, 0x49, 0x4c, 0xcb, 0x84, 0xcb, 0x7d, 0xfe, 0x2e,
-	0xec, 0xc4, 0xae, 0x37, 0xef, 0xfa, 0x71, 0x14, 0x87, 0xf3, 0x35, 0x3f, 0xbe, 0x1d, 0xf2, 0xbb,
-	0x81, 0xe6, 0xf8, 0xaa, 0x68, 0x61, 0x8d, 0xae, 0xf4, 0xbc, 0x62, 0x6d, 0x0c, 0x9b, 0x0f, 0x85,
-	0xeb, 0xa2, 0x1c, 0x2b, 0x0c, 0xfb, 0x0d, 0xc6, 0x93, 0xd9, 0x00, 0x9d, 0xcc, 0x27, 0xf5, 0x37,
-	0xc6, 0xd4, 0xd0, 0xb2, 0x57, 0x82, 0xaa, 0xee, 0xf9, 0xda, 0x9b, 0x05, 0xd2, 0x86, 0x75, 0xb7,
-	0x80, 0xc4, 0x3d, 0x16, 0x7d, 0x7b, 0xd7, 0xfb, 0xf1, 0xcb, 0x7d, 0x78, 0xe9, 0x09, 0x5e, 0x8c,
-	0x59, 0xf8, 0x55, 0x16, 0xa6, 0xb2, 0x56, 0x4f, 0xe7, 0x36, 0x59, 0x96, 0x00, 0x9c, 0xe0, 0xa0,
-	0x05, 0x71, 0xb3, 0xe4, 0xfa, 0xb9, 0x27, 0x52, 0x37, 0x4b, 0xf9, 0xf9, 0xda, 0xd5, 0xf2, 0x15,
-	0x18, 0x57, 0xf9, 0xe2, 0xea, 0x3c, 0xed, 0x96, 0x08, 0x40, 0xb0, 0x92, 0x14, 0x63, 0x1d, 0x07,
-	0x6d, 0xc0, 0x74, 0xc4, 0x93, 0xd9, 0x49, 0x67, 0x28, 0xa1, 0x37, 0x78, 0x41, 0xbe, 0x3b, 0x37,
-	0x4c, 0xf0, 0x31, 0x2b, 0xe2, 0x9b, 0x55, 0xba, 0x4f, 0xa5, 0x49, 0xa0, 0xb7, 0x60, 0xca, 0xd3,
-	0x93, 0x7a, 0xd7, 0x85, 0x5a, 0x41, 0x99, 0x65, 0x1a, 0x29, 0xbf, 0xeb, 0x38, 0x85, 0x4d, 0x85,
-	0x00, 0xbd, 0x44, 0x44, 0x2f, 0x73, 0xfc, 0x6d, 0x12, 0x89, 0x6c, 0x57, 0x4c, 0x08, 0xb8, 0x95,
-	0x83, 0x83, 0x73, 0x6b, 0xa3, 0x6b, 0x30, 0x21, 0x3f, 0x5f, 0x73, 0x0e, 0x4c, 0x8c, 0x7f, 0x35,
-	0x18, 0x36, 0x30, 0xd1, 0x7d, 0xb8, 0x20, 0xff, 0x6f, 0x84, 0xce, 0xd6, 0x96, 0xdb, 0x14, 0xbe,
-	0x99, 0xe3, 0x8c, 0xc4, 0xa2, 0xf4, 0x84, 0x58, 0xc9, 0x42, 0x3a, 0x3e, 0xac, 0x5c, 0x16, 0xa3,
-	0x96, 0x09, 0x67, 0x93, 0x98, 0x4d, 0x1f, 0xad, 0xc1, 0xb9, 0x1d, 0xe2, 0x78, 0xf1, 0xce, 0xf2,
-	0x0e, 0x69, 0xee, 0xca, 0x4d, 0xc4, 0x5c, 0x0e, 0x35, 0x93, 0xd9, 0x1b, 0xdd, 0x28, 0x38, 0xab,
-	0x1e, 0x7a, 0x0f, 0xca, 0xed, 0xce, 0xa6, 0xe7, 0x46, 0x3b, 0xeb, 0x41, 0xcc, 0x9e, 0xba, 0x55,
-	0xba, 0x35, 0xe1, 0x9b, 0xa8, 0xdc, 0x2d, 0xeb, 0x39, 0x78, 0x38, 0x97, 0x02, 0xfa, 0x10, 0x2e,
-	0xa4, 0x16, 0x83, 0xf0, 0x94, 0x9a, 0xca, 0x8f, 0x05, 0xd9, 0xc8, 0xaa, 0xc0, 0x3d, 0x66, 0x33,
-	0x41, 0x38, 0xbb, 0x89, 0x8f, 0x66, 0x00, 0xf1, 0x01, 0xad, 0xac, 0x49, 0x37, 0xe8, 0xab, 0x30,
-	0xa1, 0xaf, 0x22, 0x71, 0xc0, 0x3c, 0xdb, 0x2f, 0x81, 0xbd, 0x90, 0x8d, 0xd4, 0x8a, 0xd2, 0x61,
-	0xd8, 0xa0, 0x68, 0x13, 0xc8, 0xfe, 0x3e, 0x74, 0x0b, 0xc6, 0x9a, 0x9e, 0x4b, 0xfc, 0xb8, 0x56,
-	0xef, 0xe5, 0x53, 0xbf, 0x2c, 0x70, 0xc4, 0x80, 0x89, 0xe0, 0x79, 0xbc, 0x0c, 0x2b, 0x0a, 0xf6,
-	0xaf, 0x14, 0xa0, 0xd2, 0x27, 0x12, 0x63, 0x4a, 0x07, 0x68, 0x0d, 0xa4, 0x03, 0x5c, 0x94, 0xc9,
-	0xe3, 0xd6, 0x53, 0xf7, 0xcf, 0x54, 0x62, 0xb8, 0xe4, 0x16, 0x9a, 0xc6, 0x1f, 0xd8, 0x6e, 0x52,
-	0x57, 0x23, 0x0e, 0xf5, 0xb5, 0xe8, 0x35, 0x9e, 0x0f, 0x86, 0x07, 0x97, 0xe8, 0x73, 0x55, 0xc1,
-	0xf6, 0x2f, 0x15, 0xe0, 0x82, 0x1a, 0xc2, 0x3f, 0xbf, 0x03, 0x77, 0xa7, 0x7b, 0xe0, 0x4e, 0x41,
-	0x91, 0x6e, 0xdf, 0x86, 0x91, 0xc6, 0x41, 0xd4, 0x8c, 0xbd, 0x01, 0x04, 0xa0, 0x67, 0xcc, 0xd8,
-	0x32, 0xea, 0x98, 0x36, 0xe2, 0xcb, 0xfc, 0x15, 0x0b, 0xa6, 0x37, 0x96, 0xeb, 0x8d, 0xa0, 0xb9,
-	0x4b, 0xe2, 0x45, 0xae, 0x26, 0xc2, 0x42, 0xfe, 0xb1, 0x1e, 0x52, 0xae, 0xc9, 0x92, 0x98, 0x2e,
-	0xc3, 0xd0, 0x4e, 0x10, 0xc5, 0xe9, 0x57, 0xb6, 0x1b, 0x41, 0x14, 0x63, 0x06, 0xb1, 0x7f, 0xc7,
-	0x82, 0x61, 0x96, 0xf2, 0xb4, 0x5f, 0x6a, 0xdc, 0x41, 0xbe, 0x0b, 0xbd, 0x0e, 0x23, 0x64, 0x6b,
-	0x8b, 0x34, 0x63, 0x31, 0xab, 0xd2, 0xbb, 0x6e, 0x64, 0x85, 0x95, 0xd2, 0x43, 0x9f, 0x35, 0xc6,
-	0xff, 0x62, 0x81, 0x8c, 0xee, 0x41, 0x29, 0x76, 0xf7, 0xc8, 0x62, 0xab, 0x25, 0xde, 0x29, 0x1e,
-	0xc2, 0x99, 0x71, 0x43, 0x12, 0xc0, 0x09, 0x2d, 0xfb, 0x07, 0x0a, 0x00, 0x89, 0x43, 0x6f, 0xbf,
-	0x4f, 0x5c, 0xea, 0xca, 0xfe, 0xfb, 0x6c, 0x46, 0xf6, 0x5f, 0x94, 0x10, 0xcc, 0xc8, 0xfd, 0xab,
-	0x86, 0xa9, 0x38, 0xd0, 0x30, 0x0d, 0x9d, 0x64, 0x98, 0x96, 0x61, 0x36, 0x71, 0x48, 0x36, 0xa3,
-	0x33, 0xb0, 0x78, 0xec, 0x1b, 0x69, 0x20, 0xee, 0xc6, 0xb7, 0xbf, 0xd7, 0x02, 0xe1, 0x6e, 0x30,
-	0xc0, 0x62, 0x7e, 0x57, 0x26, 0xea, 0x34, 0x02, 0xba, 0x5e, 0xce, 0xf7, 0xbf, 0x10, 0x61, 0x5c,
-	0xd5, 0xe1, 0x61, 0x04, 0x6f, 0x35, 0x68, 0xd9, 0x2d, 0x10, 0xd0, 0x2a, 0x61, 0x4a, 0x86, 0xfe,
-	0xbd, 0xb9, 0x0a, 0xd0, 0x62, 0xb8, 0x5a, 0xe2, 0x3f, 0xc5, 0xaa, 0xaa, 0x0a, 0x82, 0x35, 0x2c,
-	0xfb, 0x6f, 0x16, 0x60, 0x5c, 0x06, 0x10, 0xa5, 0xf7, 0xf8, 0xfe, 0xad, 0x9c, 0x28, 0x67, 0x00,
-	0xcb, 0x94, 0x49, 0x09, 0xab, 0xd0, 0xf2, 0x7a, 0xa6, 0x4c, 0x09, 0xc0, 0x09, 0x0e, 0x7a, 0x1e,
-	0x46, 0xa3, 0xce, 0x26, 0x43, 0x4f, 0x19, 0xd1, 0x37, 0x78, 0x31, 0x96, 0x70, 0xf4, 0x25, 0x98,
-	0xe1, 0xf5, 0xc2, 0xa0, 0xed, 0x6c, 0x73, 0x0d, 0xd2, 0xb0, 0xf2, 0x6a, 0x9b, 0x59, 0x4b, 0xc1,
-	0x8e, 0x0f, 0x2b, 0xe7, 0xd3, 0x65, 0x4c, 0xf7, 0xd8, 0x45, 0x85, 0xee, 0x8b, 0x99, 0xb4, 0xc3,
-	0x0c, 0xba, 0x01, 0x23, 0x9c, 0xe5, 0x09, 0x16, 0xd4, 0xe3, 0x45, 0x49, 0x73, 0xb3, 0x61, 0x41,
-	0xd4, 0x05, 0xd7, 0x14, 0xf5, 0xd1, 0x7b, 0x30, 0xde, 0x0a, 0xee, 0xfb, 0xf7, 0x9d, 0xb0, 0xb5,
-	0x58, 0xaf, 0x89, 0x55, 0x93, 0x29, 0x39, 0x55, 0x13, 0x34, 0xdd, 0x75, 0x87, 0x69, 0x4f, 0x13,
-	0x10, 0xd6, 0xc9, 0xa1, 0x0d, 0x16, 0xe3, 0x89, 0xa7, 0xb2, 0xef, 0x65, 0x75, 0xa6, 0xb2, 0xdf,
-	0x6b, 0x94, 0x27, 0x45, 0x20, 0x28, 0x91, 0x08, 0x3f, 0x21, 0x64, 0x7f, 0xed, 0x1c, 0x18, 0xab,
-	0xd5, 0xc8, 0x19, 0x60, 0x9d, 0x52, 0xce, 0x00, 0x0c, 0x63, 0x64, 0xaf, 0x1d, 0x1f, 0x54, 0xdd,
-	0xb0, 0x57, 0xd2, 0x99, 0x15, 0x81, 0xd3, 0x4d, 0x53, 0x42, 0xb0, 0xa2, 0x93, 0x9d, 0xd8, 0xa1,
-	0xf8, 0x31, 0x26, 0x76, 0x18, 0x3a, 0xc3, 0xc4, 0x0e, 0xeb, 0x30, 0xba, 0xed, 0xc6, 0x98, 0xb4,
-	0x03, 0x71, 0xdc, 0x67, 0xae, 0x84, 0xeb, 0x1c, 0xa5, 0x3b, 0xc0, 0xb8, 0x00, 0x60, 0x49, 0x04,
-	0xbd, 0xad, 0xf6, 0xc0, 0x48, 0xbe, 0xb4, 0xdc, 0xfd, 0xf8, 0x90, 0xb9, 0x0b, 0x44, 0x22, 0x87,
-	0xd1, 0x87, 0x4d, 0xe4, 0xb0, 0x2a, 0xd3, 0x2f, 0x8c, 0xe5, 0x1b, 0x69, 0xb2, 0xec, 0x0a, 0x7d,
-	0x92, 0x2e, 0x18, 0x89, 0x2a, 0x4a, 0xa7, 0x97, 0xa8, 0xe2, 0x7b, 0x2d, 0xb8, 0xd0, 0xce, 0xca,
-	0xd9, 0x22, 0xd2, 0x27, 0xbc, 0x3e, 0x70, 0x52, 0x1a, 0xa3, 0x41, 0x76, 0x6d, 0xca, 0x44, 0xc3,
-	0xd9, 0xcd, 0xd1, 0x81, 0x0e, 0x37, 0x5b, 0x22, 0xe7, 0xc2, 0x33, 0x39, 0x19, 0x2f, 0x7a, 0xe4,
-	0xb9, 0x78, 0x34, 0x79, 0x16, 0x92, 0x5c, 0x17, 0x93, 0x1f, 0x39, 0xd7, 0xc5, 0xdb, 0x2a, 0xd7,
-	0x45, 0x8f, 0x48, 0x3a, 0x3c, 0x93, 0x45, 0xdf, 0x0c, 0x17, 0x5a, 0x96, 0x8a, 0xe9, 0xd3, 0xc8,
-	0x52, 0xf1, 0x15, 0x93, 0xd9, 0xf3, 0x94, 0x09, 0x2f, 0xf6, 0x61, 0xf6, 0x06, 0xdd, 0xde, 0xec,
-	0x9e, 0x67, 0xe4, 0x98, 0x7d, 0xa8, 0x8c, 0x1c, 0x77, 0xf5, 0x5c, 0x17, 0xa8, 0x4f, 0x32, 0x07,
-	0x8a, 0x34, 0x60, 0x86, 0x8b, 0xbb, 0xfa, 0x11, 0x74, 0x2e, 0x9f, 0xae, 0x3a, 0x69, 0xba, 0xe9,
-	0x66, 0x1d, 0x42, 0xdd, 0x99, 0x33, 0xce, 0x9f, 0x4d, 0xe6, 0x8c, 0x0b, 0xa7, 0x9e, 0x39, 0xe3,
-	0xb1, 0x33, 0xc8, 0x9c, 0xf1, 0xf8, 0xc7, 0x9a, 0x39, 0xa3, 0xfc, 0x08, 0x32, 0x67, 0xac, 0x27,
-	0x99, 0x33, 0x2e, 0xe6, 0x4f, 0x49, 0x86, 0x55, 0x5a, 0x4e, 0xbe, 0x8c, 0xbb, 0x50, 0x6a, 0x4b,
-	0x9f, 0x6a, 0x11, 0xea, 0x27, 0x3b, 0x51, 0x5f, 0x96, 0xe3, 0x35, 0x9f, 0x12, 0x05, 0xc2, 0x09,
-	0x29, 0x4a, 0x37, 0xc9, 0x9f, 0xf1, 0x44, 0x0f, 0xc5, 0x58, 0x96, 0xca, 0x21, 0x3f, 0x6b, 0x86,
-	0xfd, 0x57, 0x0b, 0x70, 0xa9, 0xf7, 0xba, 0x4e, 0xf4, 0x15, 0xf5, 0x44, 0xbf, 0x9e, 0xd2, 0x57,
-	0xf0, 0x4b, 0x40, 0x82, 0x35, 0x70, 0xe0, 0x89, 0xeb, 0x30, 0xab, 0xcc, 0xd1, 0x3c, 0xb7, 0x79,
-	0xa0, 0x25, 0xf0, 0x53, 0xae, 0x31, 0x8d, 0x34, 0x02, 0xee, 0xae, 0x83, 0x16, 0x61, 0xda, 0x28,
-	0xac, 0x55, 0x85, 0xb0, 0xaf, 0x14, 0x24, 0x0d, 0x13, 0x8c, 0xd3, 0xf8, 0xf6, 0xd7, 0x2d, 0x78,
-	0x3c, 0x27, 0x64, 0xf5, 0xc0, 0x71, 0x15, 0xb6, 0x60, 0xba, 0x6d, 0x56, 0xed, 0x13, 0x7e, 0xc5,
-	0x08, 0x8c, 0xad, 0xfa, 0x9a, 0x02, 0xe0, 0x34, 0xd1, 0xa5, 0x2b, 0xbf, 0xf6, 0x7b, 0x97, 0x3e,
-	0xf5, 0x9b, 0xbf, 0x77, 0xe9, 0x53, 0xbf, 0xfd, 0x7b, 0x97, 0x3e, 0xf5, 0x17, 0x8f, 0x2e, 0x59,
-	0xbf, 0x76, 0x74, 0xc9, 0xfa, 0xcd, 0xa3, 0x4b, 0xd6, 0x6f, 0x1f, 0x5d, 0xb2, 0x7e, 0xf7, 0xe8,
-	0x92, 0xf5, 0x03, 0xbf, 0x7f, 0xe9, 0x53, 0xef, 0x16, 0xf6, 0x5f, 0xf9, 0xff, 0x01, 0x00, 0x00,
-	0xff, 0xff, 0x99, 0x05, 0xfa, 0x71, 0xfe, 0xdd, 0x00, 0x00,
+	// 12666 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x7d, 0x6d, 0x70, 0x24, 0x49,
+	0x56, 0xd8, 0x55, 0xb7, 0xbe, 0xfa, 0xe9, 0x3b, 0x67, 0x66, 0x57, 0xa3, 0xdd, 0x9d, 0x9e, 0xad,
+	0xbd, 0x9b, 0x9b, 0xfd, 0x92, 0x6e, 0x67, 0x77, 0x6f, 0x97, 0xdb, 0xbb, 0x05, 0x49, 0x2d, 0xcd,
+	0xf4, 0xce, 0x48, 0xd3, 0x9b, 0xad, 0x99, 0xb9, 0x5b, 0x96, 0xf3, 0x95, 0xba, 0x53, 0xad, 0x5a,
+	0x95, 0xaa, 0x7a, 0xab, 0xaa, 0x35, 0xa3, 0x0d, 0x88, 0xb0, 0x8f, 0x0f, 0x1b, 0xc3, 0x8f, 0x0b,
+	0x43, 0xd8, 0x18, 0x08, 0x1c, 0x61, 0xe3, 0x80, 0x33, 0xb6, 0x23, 0x30, 0x18, 0xf0, 0x81, 0x6d,
+	0x8c, 0xfd, 0x03, 0xfe, 0x60, 0xf0, 0x9f, 0x23, 0x82, 0xb0, 0x0c, 0x82, 0xb0, 0x83, 0x1f, 0x76,
+	0x38, 0x4c, 0x84, 0x23, 0x90, 0xb1, 0x71, 0xe4, 0x67, 0x65, 0x56, 0x57, 0x75, 0xb7, 0x66, 0x35,
+	0xda, 0x85, 0xb8, 0x7f, 0xdd, 0xf9, 0x5e, 0xbe, 0xcc, 0xca, 0x8f, 0x97, 0x2f, 0x5f, 0xbe, 0x0f,
+	0x78, 0x63, 0xf7, 0xf5, 0x68, 0xc1, 0x0d, 0x16, 0x77, 0x3b, 0x5b, 0x24, 0xf4, 0x49, 0x4c, 0xa2,
+	0xc5, 0x7d, 0xe2, 0x37, 0x83, 0x70, 0x51, 0x00, 0x9c, 0xb6, 0xbb, 0xd8, 0x08, 0x42, 0xb2, 0xb8,
+	0xff, 0xd2, 0x62, 0x8b, 0xf8, 0x24, 0x74, 0x62, 0xd2, 0x5c, 0x68, 0x87, 0x41, 0x1c, 0x20, 0xc4,
+	0x71, 0x16, 0x9c, 0xb6, 0xbb, 0x40, 0x71, 0x16, 0xf6, 0x5f, 0x9a, 0x7f, 0xb1, 0xe5, 0xc6, 0x3b,
+	0x9d, 0xad, 0x85, 0x46, 0xb0, 0xb7, 0xd8, 0x0a, 0x5a, 0xc1, 0x22, 0x43, 0xdd, 0xea, 0x6c, 0xb3,
+	0x7f, 0xec, 0x0f, 0xfb, 0xc5, 0x49, 0xcc, 0xaf, 0x27, 0xcd, 0x90, 0x07, 0x31, 0xf1, 0x23, 0x37,
+	0xf0, 0xa3, 0x17, 0x9d, 0xb6, 0x1b, 0x91, 0x70, 0x9f, 0x84, 0x8b, 0xed, 0xdd, 0x16, 0x85, 0x45,
+	0x26, 0xc2, 0xe2, 0xfe, 0x4b, 0x5b, 0x24, 0x76, 0xba, 0x7a, 0x34, 0xff, 0x4a, 0x42, 0x6e, 0xcf,
+	0x69, 0xec, 0xb8, 0x3e, 0x09, 0x0f, 0x24, 0x8d, 0xc5, 0x90, 0x44, 0x41, 0x27, 0x6c, 0x90, 0x13,
+	0xd5, 0x8a, 0x16, 0xf7, 0x48, 0xec, 0x64, 0x7c, 0xfd, 0xfc, 0x62, 0x5e, 0xad, 0xb0, 0xe3, 0xc7,
+	0xee, 0x5e, 0x77, 0x33, 0x9f, 0xed, 0x57, 0x21, 0x6a, 0xec, 0x90, 0x3d, 0xa7, 0xab, 0xde, 0xcb,
+	0x79, 0xf5, 0x3a, 0xb1, 0xeb, 0x2d, 0xba, 0x7e, 0x1c, 0xc5, 0x61, 0xba, 0x92, 0xfd, 0x4d, 0x0b,
+	0x2e, 0x2f, 0xdd, 0xab, 0xaf, 0x7a, 0x4e, 0x14, 0xbb, 0x8d, 0x65, 0x2f, 0x68, 0xec, 0xd6, 0xe3,
+	0x20, 0x24, 0x77, 0x03, 0xaf, 0xb3, 0x47, 0xea, 0x6c, 0x20, 0xd0, 0x0b, 0x30, 0xb6, 0xcf, 0xfe,
+	0x57, 0x2b, 0x73, 0xd6, 0x65, 0xeb, 0x6a, 0x69, 0x79, 0xe6, 0x37, 0x0f, 0xcb, 0x9f, 0x38, 0x3a,
+	0x2c, 0x8f, 0xdd, 0x15, 0xe5, 0x58, 0x61, 0xa0, 0x2b, 0x30, 0xb2, 0x1d, 0x6d, 0x1e, 0xb4, 0xc9,
+	0x5c, 0x81, 0xe1, 0x4e, 0x09, 0xdc, 0x91, 0xb5, 0x3a, 0x2d, 0xc5, 0x02, 0x8a, 0x16, 0xa1, 0xd4,
+	0x76, 0xc2, 0xd8, 0x8d, 0xdd, 0xc0, 0x9f, 0x2b, 0x5e, 0xb6, 0xae, 0x0e, 0x2f, 0xcf, 0x0a, 0xd4,
+	0x52, 0x4d, 0x02, 0x70, 0x82, 0x43, 0xbb, 0x11, 0x12, 0xa7, 0x79, 0xdb, 0xf7, 0x0e, 0xe6, 0x86,
+	0x2e, 0x5b, 0x57, 0xc7, 0x92, 0x6e, 0x60, 0x51, 0x8e, 0x15, 0x86, 0xfd, 0xe3, 0x05, 0x18, 0x5b,
+	0xda, 0xde, 0x76, 0x7d, 0x37, 0x3e, 0x40, 0x77, 0x61, 0xc2, 0x0f, 0x9a, 0x44, 0xfe, 0x67, 0x5f,
+	0x31, 0x7e, 0xed, 0xf2, 0x42, 0xf7, 0xca, 0x5c, 0xd8, 0xd0, 0xf0, 0x96, 0x67, 0x8e, 0x0e, 0xcb,
+	0x13, 0x7a, 0x09, 0x36, 0xe8, 0x20, 0x0c, 0xe3, 0xed, 0xa0, 0xa9, 0xc8, 0x16, 0x18, 0xd9, 0x72,
+	0x16, 0xd9, 0x5a, 0x82, 0xb6, 0x3c, 0x7d, 0x74, 0x58, 0x1e, 0xd7, 0x0a, 0xb0, 0x4e, 0x04, 0x6d,
+	0xc1, 0x34, 0xfd, 0xeb, 0xc7, 0xae, 0xa2, 0x5b, 0x64, 0x74, 0x9f, 0xc9, 0xa3, 0xab, 0xa1, 0x2e,
+	0x9f, 0x3b, 0x3a, 0x2c, 0x4f, 0xa7, 0x0a, 0x71, 0x9a, 0xa0, 0xfd, 0x01, 0x4c, 0x2d, 0xc5, 0xb1,
+	0xd3, 0xd8, 0x21, 0x4d, 0x3e, 0x83, 0xe8, 0x15, 0x18, 0xf2, 0x9d, 0x3d, 0x22, 0xe6, 0xf7, 0xb2,
+	0x18, 0xd8, 0xa1, 0x0d, 0x67, 0x8f, 0x1c, 0x1f, 0x96, 0x67, 0xee, 0xf8, 0xee, 0xfb, 0x1d, 0xb1,
+	0x2a, 0x68, 0x19, 0x66, 0xd8, 0xe8, 0x1a, 0x40, 0x93, 0xec, 0xbb, 0x0d, 0x52, 0x73, 0xe2, 0x1d,
+	0x31, 0xdf, 0x48, 0xd4, 0x85, 0x8a, 0x82, 0x60, 0x0d, 0xcb, 0x7e, 0x00, 0xa5, 0xa5, 0xfd, 0xc0,
+	0x6d, 0xd6, 0x82, 0x66, 0x84, 0x76, 0x61, 0xba, 0x1d, 0x92, 0x6d, 0x12, 0xaa, 0xa2, 0x39, 0xeb,
+	0x72, 0xf1, 0xea, 0xf8, 0xb5, 0xab, 0x99, 0x1f, 0x6b, 0xa2, 0xae, 0xfa, 0x71, 0x78, 0xb0, 0xfc,
+	0xb8, 0x68, 0x6f, 0x3a, 0x05, 0xc5, 0x69, 0xca, 0xf6, 0x7f, 0x28, 0xc0, 0x85, 0xa5, 0x0f, 0x3a,
+	0x21, 0xa9, 0xb8, 0xd1, 0x6e, 0x7a, 0x85, 0x37, 0xdd, 0x68, 0x77, 0x23, 0x19, 0x01, 0xb5, 0xb4,
+	0x2a, 0xa2, 0x1c, 0x2b, 0x0c, 0xf4, 0x22, 0x8c, 0xd2, 0xdf, 0x77, 0x70, 0x55, 0x7c, 0xf2, 0x39,
+	0x81, 0x3c, 0x5e, 0x71, 0x62, 0xa7, 0xc2, 0x41, 0x58, 0xe2, 0xa0, 0x75, 0x18, 0x6f, 0xb0, 0x0d,
+	0xd9, 0x5a, 0x0f, 0x9a, 0x84, 0x4d, 0x66, 0x69, 0xf9, 0x79, 0x8a, 0xbe, 0x92, 0x14, 0x1f, 0x1f,
+	0x96, 0xe7, 0x78, 0xdf, 0x04, 0x09, 0x0d, 0x86, 0xf5, 0xfa, 0xc8, 0x56, 0xfb, 0x6b, 0x88, 0x51,
+	0x82, 0x8c, 0xbd, 0x75, 0x55, 0xdb, 0x2a, 0xc3, 0x6c, 0xab, 0x4c, 0x64, 0x6f, 0x13, 0xf4, 0x12,
+	0x0c, 0xed, 0xba, 0x7e, 0x73, 0x6e, 0x84, 0xd1, 0x7a, 0x8a, 0xce, 0xf9, 0x4d, 0xd7, 0x6f, 0x1e,
+	0x1f, 0x96, 0x67, 0x8d, 0xee, 0xd0, 0x42, 0xcc, 0x50, 0xed, 0x3f, 0xb5, 0xa0, 0xcc, 0x60, 0x6b,
+	0xae, 0x47, 0x6a, 0x24, 0x8c, 0xdc, 0x28, 0x26, 0x7e, 0x6c, 0x0c, 0xe8, 0x35, 0x80, 0x88, 0x34,
+	0x42, 0x12, 0x6b, 0x43, 0xaa, 0x16, 0x46, 0x5d, 0x41, 0xb0, 0x86, 0x45, 0x19, 0x42, 0xb4, 0xe3,
+	0x84, 0x6c, 0x7d, 0x89, 0x81, 0x55, 0x0c, 0xa1, 0x2e, 0x01, 0x38, 0xc1, 0x31, 0x18, 0x42, 0xb1,
+	0x1f, 0x43, 0x40, 0x5f, 0x80, 0xe9, 0xa4, 0xb1, 0xa8, 0xed, 0x34, 0xe4, 0x00, 0xb2, 0x2d, 0x53,
+	0x37, 0x41, 0x38, 0x8d, 0x6b, 0xff, 0x13, 0x4b, 0x2c, 0x1e, 0xfa, 0xd5, 0x1f, 0xf3, 0x6f, 0xb5,
+	0x7f, 0xc5, 0x82, 0xd1, 0x65, 0xd7, 0x6f, 0xba, 0x7e, 0x0b, 0x7d, 0x05, 0xc6, 0xe8, 0xd9, 0xd4,
+	0x74, 0x62, 0x47, 0xf0, 0xbd, 0xcf, 0x68, 0x7b, 0x4b, 0x1d, 0x15, 0x0b, 0xed, 0xdd, 0x16, 0x2d,
+	0x88, 0x16, 0x28, 0x36, 0xdd, 0x6d, 0xb7, 0xb7, 0xde, 0x23, 0x8d, 0x78, 0x9d, 0xc4, 0x4e, 0xf2,
+	0x39, 0x49, 0x19, 0x56, 0x54, 0xd1, 0x4d, 0x18, 0x89, 0x9d, 0xb0, 0x45, 0x62, 0xc1, 0x00, 0x33,
+	0x19, 0x15, 0xaf, 0x89, 0xe9, 0x8e, 0x24, 0x7e, 0x83, 0x24, 0xc7, 0xc2, 0x26, 0xab, 0x8a, 0x05,
+	0x09, 0xfb, 0x6f, 0x8f, 0xc0, 0xc5, 0x95, 0x7a, 0x35, 0x67, 0x5d, 0x5d, 0x81, 0x91, 0x66, 0xe8,
+	0xee, 0x93, 0x50, 0x8c, 0xb3, 0xa2, 0x52, 0x61, 0xa5, 0x58, 0x40, 0xd1, 0xeb, 0x30, 0xc1, 0x0f,
+	0xa4, 0x1b, 0x8e, 0xdf, 0xf4, 0xe4, 0x10, 0x9f, 0x17, 0xd8, 0x13, 0x77, 0x35, 0x18, 0x36, 0x30,
+	0x4f, 0xb8, 0xa8, 0xae, 0xa4, 0x36, 0x63, 0xde, 0x61, 0xf7, 0x83, 0x16, 0xcc, 0xf0, 0x66, 0x96,
+	0xe2, 0x38, 0x74, 0xb7, 0x3a, 0x31, 0x89, 0xe6, 0x86, 0x19, 0xa7, 0x5b, 0xc9, 0x1a, 0xad, 0xdc,
+	0x11, 0x58, 0xb8, 0x9b, 0xa2, 0xc2, 0x99, 0xe0, 0x9c, 0x68, 0x77, 0x26, 0x0d, 0xc6, 0x5d, 0xcd,
+	0xa2, 0xef, 0xb5, 0x60, 0xbe, 0x11, 0xf8, 0x71, 0x18, 0x78, 0x1e, 0x09, 0x6b, 0x9d, 0x2d, 0xcf,
+	0x8d, 0x76, 0xf8, 0x3a, 0xc5, 0x64, 0x9b, 0x71, 0x82, 0x9c, 0x39, 0x54, 0x48, 0x62, 0x0e, 0x2f,
+	0x1d, 0x1d, 0x96, 0xe7, 0x57, 0x72, 0x49, 0xe1, 0x1e, 0xcd, 0xa0, 0x5d, 0x40, 0xf4, 0x28, 0xad,
+	0xc7, 0x4e, 0x8b, 0x24, 0x8d, 0x8f, 0x0e, 0xde, 0xf8, 0x63, 0x47, 0x87, 0x65, 0xb4, 0xd1, 0x45,
+	0x02, 0x67, 0x90, 0x45, 0xef, 0xc3, 0x79, 0x5a, 0xda, 0xf5, 0xad, 0x63, 0x83, 0x37, 0x37, 0x77,
+	0x74, 0x58, 0x3e, 0xbf, 0x91, 0x41, 0x04, 0x67, 0x92, 0x9e, 0x5f, 0x81, 0x0b, 0x99, 0x53, 0x85,
+	0x66, 0xa0, 0xb8, 0x4b, 0xb8, 0x08, 0x52, 0xc2, 0xf4, 0x27, 0x3a, 0x0f, 0xc3, 0xfb, 0x8e, 0xd7,
+	0x11, 0xab, 0x14, 0xf3, 0x3f, 0x9f, 0x2b, 0xbc, 0x6e, 0xd9, 0x0d, 0x98, 0x58, 0x71, 0xda, 0xce,
+	0x96, 0xeb, 0xb9, 0xb1, 0x4b, 0x22, 0xf4, 0x69, 0x28, 0x3a, 0xcd, 0x26, 0x3b, 0x22, 0x4b, 0xcb,
+	0x17, 0x8e, 0x0e, 0xcb, 0xc5, 0xa5, 0x26, 0xe5, 0xd5, 0xa0, 0xb0, 0x0e, 0x30, 0xc5, 0x40, 0xcf,
+	0xc1, 0x50, 0x33, 0x0c, 0xda, 0x73, 0x05, 0x86, 0x49, 0x87, 0x6a, 0xa8, 0x12, 0x06, 0xed, 0x14,
+	0x2a, 0xc3, 0xb1, 0x7f, 0xbd, 0x00, 0x4f, 0xae, 0x90, 0xf6, 0xce, 0x5a, 0x3d, 0x67, 0xd3, 0x5d,
+	0x85, 0xb1, 0xbd, 0xc0, 0x77, 0xe3, 0x20, 0x8c, 0x44, 0xd3, 0xec, 0x34, 0x59, 0x17, 0x65, 0x58,
+	0x41, 0xd1, 0x65, 0x18, 0x6a, 0x27, 0x92, 0xc0, 0x84, 0x94, 0x22, 0x98, 0x0c, 0xc0, 0x20, 0x14,
+	0xa3, 0x13, 0x91, 0x50, 0x9c, 0x82, 0x0a, 0xe3, 0x4e, 0x44, 0x42, 0xcc, 0x20, 0x09, 0x3b, 0xa5,
+	0x8c, 0x56, 0x6c, 0xab, 0x14, 0x3b, 0xa5, 0x10, 0xac, 0x61, 0xa1, 0x1a, 0x94, 0x22, 0x35, 0xa9,
+	0xc3, 0x83, 0x4f, 0xea, 0x24, 0xe3, 0xb7, 0x6a, 0x26, 0x13, 0x22, 0x06, 0x1b, 0x18, 0xe9, 0xcb,
+	0x6f, 0x7f, 0xb5, 0x00, 0x88, 0x0f, 0xe1, 0x5f, 0xb2, 0x81, 0xbb, 0xd3, 0x3d, 0x70, 0x99, 0x92,
+	0xd7, 0xad, 0xa0, 0xe1, 0x78, 0x69, 0x16, 0x7e, 0x5a, 0xa3, 0xf7, 0x63, 0x16, 0xa0, 0x15, 0xd7,
+	0x6f, 0x92, 0xf0, 0x0c, 0xae, 0x1d, 0x27, 0x3b, 0x48, 0x6f, 0xc1, 0xd4, 0x8a, 0xe7, 0x12, 0x3f,
+	0xae, 0xd6, 0x56, 0x02, 0x7f, 0xdb, 0x6d, 0xa1, 0xcf, 0xc1, 0x14, 0xbd, 0x85, 0x05, 0x9d, 0xb8,
+	0x4e, 0x1a, 0x81, 0xcf, 0x04, 0x56, 0x7a, 0x77, 0x41, 0x47, 0x87, 0xe5, 0xa9, 0x4d, 0x03, 0x82,
+	0x53, 0x98, 0xf6, 0xef, 0xd3, 0x0f, 0x0d, 0xf6, 0xda, 0x81, 0x4f, 0xfc, 0x78, 0x25, 0xf0, 0x9b,
+	0xfc, 0x62, 0xf3, 0x39, 0x18, 0x8a, 0x69, 0xc7, 0xf9, 0x47, 0x5e, 0x91, 0x53, 0x4b, 0xbb, 0x7b,
+	0x7c, 0x58, 0x7e, 0xac, 0xbb, 0x06, 0xfb, 0x20, 0x56, 0x07, 0x7d, 0x1b, 0x8c, 0x44, 0xb1, 0x13,
+	0x77, 0x22, 0xf1, 0xd9, 0x4f, 0xcb, 0xcf, 0xae, 0xb3, 0xd2, 0xe3, 0xc3, 0xf2, 0xb4, 0xaa, 0xc6,
+	0x8b, 0xb0, 0xa8, 0x80, 0x9e, 0x85, 0xd1, 0x3d, 0x12, 0x45, 0x4e, 0x4b, 0xca, 0xa4, 0xd3, 0xa2,
+	0xee, 0xe8, 0x3a, 0x2f, 0xc6, 0x12, 0x8e, 0x9e, 0x81, 0x61, 0x12, 0x86, 0x41, 0x28, 0x56, 0xd5,
+	0xa4, 0x40, 0x1c, 0x5e, 0xa5, 0x85, 0x98, 0xc3, 0xec, 0xff, 0x68, 0xc1, 0xb4, 0xea, 0x2b, 0x6f,
+	0xeb, 0x0c, 0x84, 0x8f, 0x77, 0x00, 0x1a, 0xf2, 0x03, 0x23, 0xc6, 0xef, 0xc6, 0xaf, 0x5d, 0xc9,
+	0x3c, 0x52, 0xbb, 0x86, 0x31, 0xa1, 0xac, 0x8a, 0x22, 0xac, 0x51, 0xb3, 0xff, 0xb5, 0x05, 0xe7,
+	0x52, 0x5f, 0x74, 0xcb, 0x8d, 0x62, 0xf4, 0x6e, 0xd7, 0x57, 0x2d, 0x0c, 0xf6, 0x55, 0xb4, 0x36,
+	0xfb, 0x26, 0xb5, 0xe6, 0x64, 0x89, 0xf6, 0x45, 0x37, 0x60, 0xd8, 0x8d, 0xc9, 0x9e, 0xfc, 0x98,
+	0x67, 0x7a, 0x7e, 0x0c, 0xef, 0x55, 0x32, 0x23, 0x55, 0x5a, 0x13, 0x73, 0x02, 0xf6, 0x8f, 0x14,
+	0xa1, 0xc4, 0x97, 0xed, 0xba, 0xd3, 0x3e, 0x83, 0xb9, 0xa8, 0xc2, 0x10, 0xa3, 0xce, 0x3b, 0xfe,
+	0xe9, 0xec, 0x8e, 0x8b, 0xee, 0x2c, 0xd0, 0x9b, 0x05, 0x17, 0x5e, 0x14, 0x33, 0xa3, 0x45, 0x98,
+	0x91, 0x40, 0x0e, 0xc0, 0x96, 0xeb, 0x3b, 0xe1, 0x01, 0x2d, 0x9b, 0x2b, 0x32, 0x82, 0x2f, 0xf6,
+	0x26, 0xb8, 0xac, 0xf0, 0x39, 0x59, 0xd5, 0xd7, 0x04, 0x80, 0x35, 0xa2, 0xf3, 0xaf, 0x41, 0x49,
+	0x21, 0x9f, 0xe4, 0x54, 0x9e, 0xff, 0x02, 0x4c, 0xa7, 0xda, 0xea, 0x57, 0x7d, 0x42, 0x3f, 0xd4,
+	0xbf, 0xc1, 0xb8, 0x80, 0xe8, 0xf5, 0xaa, 0xbf, 0x2f, 0xd8, 0xdd, 0x07, 0x70, 0xde, 0xcb, 0xe0,
+	0xb2, 0x62, 0xaa, 0x06, 0xe7, 0xca, 0x4f, 0x8a, 0xcf, 0x3e, 0x9f, 0x05, 0xc5, 0x99, 0x6d, 0xd0,
+	0x83, 0x2a, 0x68, 0xd3, 0x35, 0xef, 0x78, 0xac, 0xbf, 0xe2, 0xbe, 0x78, 0x5b, 0x94, 0x61, 0x05,
+	0xa5, 0x2c, 0xec, 0xbc, 0xea, 0xfc, 0x4d, 0x72, 0x50, 0x27, 0x1e, 0x69, 0xc4, 0x41, 0xf8, 0x91,
+	0x76, 0xff, 0x29, 0x3e, 0xfa, 0x9c, 0x03, 0x8e, 0x0b, 0x02, 0xc5, 0x9b, 0xe4, 0x80, 0x4f, 0x85,
+	0xfe, 0x75, 0xc5, 0x9e, 0x5f, 0xf7, 0xf3, 0x16, 0x4c, 0xaa, 0xaf, 0x3b, 0x83, 0xad, 0xbe, 0x6c,
+	0x6e, 0xf5, 0xa7, 0x7a, 0x2e, 0xf0, 0x9c, 0x4d, 0xfe, 0x17, 0x8c, 0x49, 0x09, 0x9c, 0x5a, 0x18,
+	0xd0, 0xa1, 0xa1, 0xa7, 0xca, 0x47, 0x39, 0x21, 0x83, 0x7c, 0xd7, 0x4d, 0x72, 0xb0, 0x19, 0x50,
+	0x01, 0x27, 0xfb, 0xbb, 0x8c, 0x59, 0x1b, 0xea, 0x39, 0x6b, 0xbf, 0x58, 0x80, 0x0b, 0x6a, 0x04,
+	0x0c, 0x11, 0xe2, 0x2f, 0xfb, 0x18, 0xbc, 0x04, 0xe3, 0x4d, 0xb2, 0xed, 0x74, 0xbc, 0x58, 0xa9,
+	0x8e, 0x86, 0xb9, 0xfa, 0xb0, 0x92, 0x14, 0x63, 0x1d, 0xe7, 0x04, 0xc3, 0xf6, 0xd3, 0xe3, 0xec,
+	0x74, 0x88, 0x1d, 0xba, 0x82, 0xa9, 0x7c, 0xa9, 0x29, 0x00, 0x27, 0x74, 0x05, 0xa0, 0x50, 0xf6,
+	0x3d, 0x03, 0xc3, 0xee, 0x1e, 0x95, 0x16, 0x0a, 0xa6, 0x10, 0x50, 0xa5, 0x85, 0x98, 0xc3, 0xd0,
+	0xa7, 0x60, 0xb4, 0x11, 0xec, 0xed, 0x39, 0x7e, 0x93, 0x31, 0xed, 0xd2, 0xf2, 0x38, 0x15, 0x28,
+	0x56, 0x78, 0x11, 0x96, 0x30, 0xf4, 0x24, 0x0c, 0x39, 0x61, 0x2b, 0x9a, 0x1b, 0x62, 0x38, 0x63,
+	0xb4, 0xa5, 0xa5, 0xb0, 0x15, 0x61, 0x56, 0x4a, 0x25, 0xd9, 0xfb, 0x41, 0xb8, 0xeb, 0xfa, 0xad,
+	0x8a, 0x1b, 0x32, 0xb1, 0x54, 0x93, 0x64, 0xef, 0x29, 0x08, 0xd6, 0xb0, 0xd0, 0x1a, 0x0c, 0xb7,
+	0x83, 0x30, 0x8e, 0xe6, 0x46, 0xd8, 0x70, 0x3f, 0x9d, 0xb3, 0x95, 0xf8, 0xd7, 0xd6, 0x82, 0x30,
+	0x4e, 0x3e, 0x80, 0xfe, 0x8b, 0x30, 0xaf, 0x8e, 0xbe, 0x0d, 0x8a, 0xc4, 0xdf, 0x9f, 0x1b, 0x65,
+	0x54, 0xe6, 0xb3, 0xa8, 0xac, 0xfa, 0xfb, 0x77, 0x9d, 0x30, 0xe1, 0x33, 0xab, 0xfe, 0x3e, 0xa6,
+	0x75, 0xd0, 0x97, 0xa0, 0x24, 0x1f, 0x0f, 0x22, 0x71, 0xb5, 0xcc, 0x5c, 0x62, 0x58, 0x20, 0x61,
+	0xf2, 0x7e, 0xc7, 0x0d, 0xc9, 0x1e, 0xf1, 0xe3, 0x28, 0x51, 0xff, 0x48, 0x68, 0x84, 0x13, 0x6a,
+	0xe8, 0x4b, 0x52, 0x9f, 0xb1, 0x1e, 0x74, 0xfc, 0x38, 0x9a, 0x2b, 0xb1, 0xee, 0x65, 0x6a, 0x9a,
+	0xef, 0x26, 0x78, 0x69, 0x85, 0x07, 0xaf, 0x8c, 0x0d, 0x52, 0x08, 0xc3, 0xa4, 0xe7, 0xee, 0x13,
+	0x9f, 0x44, 0x51, 0x2d, 0x0c, 0xb6, 0xc8, 0x1c, 0xb0, 0x9e, 0x5f, 0xcc, 0x56, 0xc0, 0x06, 0x5b,
+	0x64, 0x79, 0xf6, 0xe8, 0xb0, 0x3c, 0x79, 0x4b, 0xaf, 0x83, 0x4d, 0x12, 0xe8, 0x0e, 0x4c, 0x51,
+	0x11, 0xda, 0x4d, 0x88, 0x8e, 0xf7, 0x23, 0xca, 0xe4, 0x67, 0x6c, 0x54, 0xc2, 0x29, 0x22, 0xe8,
+	0x2d, 0x28, 0x79, 0xee, 0x36, 0x69, 0x1c, 0x34, 0x3c, 0x32, 0x37, 0xc1, 0x28, 0x66, 0x6e, 0xab,
+	0x5b, 0x12, 0x89, 0x5f, 0x51, 0xd4, 0x5f, 0x9c, 0x54, 0x47, 0x77, 0xe1, 0xb1, 0x98, 0x84, 0x7b,
+	0xae, 0xef, 0xd0, 0xed, 0x20, 0x24, 0x5e, 0xa6, 0xc6, 0x9e, 0x64, 0xeb, 0xed, 0x92, 0x18, 0xba,
+	0xc7, 0x36, 0x33, 0xb1, 0x70, 0x4e, 0x6d, 0x74, 0x1b, 0xa6, 0xd9, 0x4e, 0xa8, 0x75, 0x3c, 0xaf,
+	0x16, 0x78, 0x6e, 0xe3, 0x60, 0x6e, 0x8a, 0x11, 0xfc, 0x94, 0xd4, 0x53, 0x57, 0x4d, 0x30, 0xbd,
+	0x93, 0x27, 0xff, 0x70, 0xba, 0x36, 0xda, 0x62, 0x7a, 0xcb, 0x4e, 0xe8, 0xc6, 0x07, 0x74, 0xfd,
+	0x92, 0x07, 0xf1, 0xdc, 0x74, 0xcf, 0x1b, 0xae, 0x8e, 0xaa, 0x94, 0x9b, 0x7a, 0x21, 0x4e, 0x13,
+	0xa4, 0x5b, 0x3b, 0x8a, 0x9b, 0xae, 0x3f, 0x37, 0xc3, 0x38, 0x86, 0xda, 0x19, 0x75, 0x5a, 0x88,
+	0x39, 0x8c, 0xe9, 0x2c, 0xe9, 0x8f, 0xdb, 0x94, 0x83, 0xce, 0x32, 0xc4, 0x44, 0x67, 0x29, 0x01,
+	0x38, 0xc1, 0xa1, 0xc7, 0x72, 0x1c, 0x1f, 0xcc, 0x21, 0x86, 0xaa, 0xb6, 0xcb, 0xe6, 0xe6, 0x97,
+	0x30, 0x2d, 0x47, 0xb7, 0x60, 0x94, 0xf8, 0xfb, 0x6b, 0x61, 0xb0, 0x37, 0x77, 0x2e, 0x7f, 0xcf,
+	0xae, 0x72, 0x14, 0xce, 0xd0, 0x93, 0x2b, 0x8a, 0x28, 0xc6, 0x92, 0x04, 0x7a, 0x00, 0x73, 0x19,
+	0x33, 0xc2, 0x27, 0xe0, 0x3c, 0x9b, 0x80, 0xcf, 0x8b, 0xba, 0x73, 0x9b, 0x39, 0x78, 0xc7, 0x3d,
+	0x60, 0x38, 0x97, 0x3a, 0xfa, 0x2e, 0x98, 0xe4, 0x1b, 0x8a, 0x3f, 0x78, 0x44, 0x73, 0x17, 0xd8,
+	0xd7, 0x5c, 0xce, 0xdf, 0x9c, 0x1c, 0x71, 0xf9, 0x82, 0xe8, 0xd0, 0xa4, 0x5e, 0x1a, 0x61, 0x93,
+	0x9a, 0xbd, 0x05, 0x53, 0x8a, 0x6f, 0xb1, 0xa5, 0x83, 0xca, 0x30, 0x4c, 0x19, 0xb2, 0xd4, 0x29,
+	0x94, 0xe8, 0x4c, 0x31, 0x45, 0x35, 0xe6, 0xe5, 0x6c, 0xa6, 0xdc, 0x0f, 0xc8, 0xf2, 0x41, 0x4c,
+	0xf8, 0xbd, 0xb0, 0xa8, 0xcd, 0x94, 0x04, 0xe0, 0x04, 0xc7, 0xfe, 0x7f, 0x5c, 0xee, 0x49, 0x98,
+	0xe3, 0x00, 0xc7, 0xc1, 0x0b, 0x30, 0xb6, 0x13, 0x44, 0x31, 0xc5, 0x66, 0x6d, 0x0c, 0x27, 0x92,
+	0xce, 0x0d, 0x51, 0x8e, 0x15, 0x06, 0x7a, 0x03, 0x26, 0x1b, 0x7a, 0x03, 0xe2, 0x2c, 0x53, 0x43,
+	0x60, 0xb4, 0x8e, 0x4d, 0x5c, 0xf4, 0x3a, 0x8c, 0xb1, 0xe7, 0xca, 0x46, 0xe0, 0x89, 0x1b, 0xa8,
+	0x3c, 0x90, 0xc7, 0x6a, 0xa2, 0xfc, 0x58, 0xfb, 0x8d, 0x15, 0x36, 0xba, 0x02, 0x23, 0xb4, 0x0b,
+	0xd5, 0x9a, 0x38, 0x45, 0x94, 0x56, 0xe0, 0x06, 0x2b, 0xc5, 0x02, 0x6a, 0xff, 0x9d, 0x82, 0x36,
+	0xca, 0xf4, 0x4e, 0x45, 0x50, 0x0d, 0x46, 0xef, 0x3b, 0x6e, 0xec, 0xfa, 0x2d, 0x21, 0x2e, 0x3c,
+	0xdb, 0xf3, 0x48, 0x61, 0x95, 0xee, 0xf1, 0x0a, 0xfc, 0xd0, 0x13, 0x7f, 0xb0, 0x24, 0x43, 0x29,
+	0x86, 0x1d, 0xdf, 0xa7, 0x14, 0x0b, 0x83, 0x52, 0xc4, 0xbc, 0x02, 0xa7, 0x28, 0xfe, 0x60, 0x49,
+	0x06, 0xbd, 0x0b, 0x20, 0x97, 0x25, 0x69, 0x8a, 0x67, 0xc2, 0x17, 0xfa, 0x13, 0xdd, 0x54, 0x75,
+	0x96, 0xa7, 0xe8, 0x91, 0x9a, 0xfc, 0xc7, 0x1a, 0x3d, 0x3b, 0x66, 0x62, 0x55, 0x77, 0x67, 0xd0,
+	0x77, 0x52, 0x4e, 0xe0, 0x84, 0x31, 0x69, 0x2e, 0xc5, 0x62, 0x70, 0x9e, 0x1b, 0x4c, 0x2a, 0xde,
+	0x74, 0xf7, 0x88, 0xce, 0x35, 0x04, 0x11, 0x9c, 0xd0, 0xb3, 0x7f, 0xb9, 0x08, 0x73, 0x79, 0xdd,
+	0xa5, 0x8b, 0x8e, 0x3c, 0x70, 0xe3, 0x15, 0x2a, 0x0d, 0x59, 0xe6, 0xa2, 0x5b, 0x15, 0xe5, 0x58,
+	0x61, 0xd0, 0xd9, 0x8f, 0xdc, 0x96, 0xbc, 0xd4, 0x0c, 0x27, 0xb3, 0x5f, 0x67, 0xa5, 0x58, 0x40,
+	0x29, 0x5e, 0x48, 0x9c, 0x48, 0xbc, 0x43, 0x6b, 0xab, 0x04, 0xb3, 0x52, 0x2c, 0xa0, 0xba, 0xc6,
+	0x64, 0xa8, 0x8f, 0xc6, 0xc4, 0x18, 0xa2, 0xe1, 0xd3, 0x1d, 0x22, 0xf4, 0x65, 0x80, 0x6d, 0xd7,
+	0x77, 0xa3, 0x1d, 0x46, 0x7d, 0xe4, 0xc4, 0xd4, 0x95, 0x2c, 0xb5, 0xa6, 0xa8, 0x60, 0x8d, 0x22,
+	0x7a, 0x15, 0xc6, 0xd5, 0x06, 0xac, 0x56, 0x98, 0x52, 0x5e, 0x7b, 0xe4, 0x4c, 0xb8, 0x51, 0x05,
+	0xeb, 0x78, 0xf6, 0x7b, 0xe9, 0xf5, 0x22, 0x76, 0x80, 0x36, 0xbe, 0xd6, 0xa0, 0xe3, 0x5b, 0xe8,
+	0x3d, 0xbe, 0xf6, 0x6f, 0x14, 0x61, 0xda, 0x68, 0xac, 0x13, 0x0d, 0xc0, 0xb3, 0xae, 0xd3, 0x73,
+	0xce, 0x89, 0x89, 0xd8, 0x7f, 0x76, 0xff, 0xad, 0xa2, 0x9f, 0x85, 0x74, 0x07, 0xf0, 0xfa, 0xe8,
+	0xcb, 0x50, 0xf2, 0x9c, 0x88, 0x69, 0x5f, 0x88, 0xd8, 0x77, 0x83, 0x10, 0x4b, 0xee, 0x11, 0x4e,
+	0x14, 0x6b, 0x47, 0x0d, 0xa7, 0x9d, 0x90, 0xa4, 0x07, 0x32, 0x95, 0x7d, 0xa4, 0xa1, 0x83, 0xea,
+	0x04, 0x15, 0x90, 0x0e, 0x30, 0x87, 0xa1, 0xd7, 0x61, 0x22, 0x24, 0x6c, 0x55, 0xac, 0x50, 0x51,
+	0x8e, 0x2d, 0xb3, 0xe1, 0x44, 0xe6, 0xc3, 0x1a, 0x0c, 0x1b, 0x98, 0x89, 0x28, 0x3f, 0xd2, 0x43,
+	0x94, 0x7f, 0x16, 0x46, 0xd9, 0x0f, 0xb5, 0x02, 0xd4, 0x6c, 0x54, 0x79, 0x31, 0x96, 0xf0, 0xf4,
+	0x82, 0x19, 0x1b, 0x70, 0xc1, 0x3c, 0x07, 0x53, 0x15, 0x87, 0xec, 0x05, 0xfe, 0xaa, 0xdf, 0x6c,
+	0x07, 0xae, 0x1f, 0xa3, 0x39, 0x18, 0x62, 0xa7, 0x03, 0xdf, 0xdb, 0x43, 0x94, 0x02, 0x1e, 0xa2,
+	0x82, 0xb9, 0xfd, 0xbb, 0x05, 0x98, 0xac, 0x10, 0x8f, 0xc4, 0x84, 0x5f, 0x65, 0x22, 0xb4, 0x06,
+	0xa8, 0x15, 0x3a, 0x0d, 0x52, 0x23, 0xa1, 0x1b, 0x34, 0x75, 0x6d, 0x6c, 0x91, 0x3f, 0x0e, 0x5d,
+	0xef, 0x82, 0xe2, 0x8c, 0x1a, 0xe8, 0x1d, 0x98, 0x6c, 0x87, 0xc4, 0x50, 0x22, 0x5a, 0x79, 0xd2,
+	0x48, 0x4d, 0x47, 0xe4, 0x82, 0xb0, 0x51, 0x84, 0x4d, 0x52, 0xe8, 0x3b, 0x60, 0x26, 0x08, 0xdb,
+	0x3b, 0x8e, 0x5f, 0x21, 0x6d, 0xe2, 0x37, 0xa9, 0xa4, 0x2f, 0x54, 0x10, 0xe7, 0x8f, 0x0e, 0xcb,
+	0x33, 0xb7, 0x53, 0x30, 0xdc, 0x85, 0x8d, 0xde, 0x81, 0xd9, 0x76, 0x18, 0xb4, 0x9d, 0x16, 0x5b,
+	0x28, 0x42, 0xa0, 0xe1, 0xdc, 0xe7, 0x85, 0xa3, 0xc3, 0xf2, 0x6c, 0x2d, 0x0d, 0x3c, 0x3e, 0x2c,
+	0x9f, 0x63, 0x03, 0x45, 0x4b, 0x12, 0x20, 0xee, 0x26, 0x63, 0xb7, 0xe0, 0x42, 0x25, 0xb8, 0xef,
+	0xdf, 0x77, 0xc2, 0xe6, 0x52, 0xad, 0xaa, 0xe9, 0x0e, 0x36, 0xe4, 0xdd, 0x95, 0x1b, 0x63, 0x64,
+	0x9e, 0x53, 0x5a, 0x4d, 0x2e, 0xbf, 0xac, 0xb9, 0x1e, 0xc9, 0xd1, 0x51, 0xfc, 0xbd, 0x82, 0xd1,
+	0x52, 0x82, 0xaf, 0x1e, 0x3e, 0xac, 0xdc, 0x87, 0x8f, 0xb7, 0x61, 0x6c, 0xdb, 0x25, 0x5e, 0x13,
+	0x93, 0x6d, 0x31, 0x33, 0x9f, 0xce, 0x7f, 0x5f, 0x5e, 0xa3, 0x98, 0x52, 0x27, 0xc5, 0x6f, 0xbe,
+	0x6b, 0xa2, 0x32, 0x56, 0x64, 0xd0, 0x2e, 0xcc, 0xc8, 0xab, 0x95, 0x84, 0x8a, 0x4d, 0xfc, 0x6c,
+	0xaf, 0xfb, 0x9a, 0x49, 0x9c, 0x4d, 0x20, 0x4e, 0x91, 0xc1, 0x5d, 0x84, 0xe9, 0x55, 0x77, 0x8f,
+	0x1e, 0x57, 0x43, 0x6c, 0x49, 0xb3, 0xab, 0x2e, 0xbb, 0xb5, 0xb3, 0x52, 0xfb, 0x27, 0x2d, 0x78,
+	0xbc, 0x6b, 0x64, 0x84, 0xf6, 0xe2, 0x94, 0x67, 0x21, 0xad, 0x4d, 0x28, 0xf4, 0xd7, 0x26, 0xd8,
+	0xff, 0xd4, 0x82, 0xf3, 0xab, 0x7b, 0xed, 0xf8, 0xa0, 0xe2, 0x9a, 0x8f, 0x33, 0xaf, 0xc1, 0xc8,
+	0x1e, 0x69, 0xba, 0x9d, 0x3d, 0x31, 0x73, 0x65, 0xc9, 0xd2, 0xd7, 0x59, 0xe9, 0xf1, 0x61, 0x79,
+	0xb2, 0x1e, 0x07, 0xa1, 0xd3, 0x22, 0xbc, 0x00, 0x0b, 0x74, 0x76, 0x30, 0xba, 0x1f, 0x90, 0x5b,
+	0xee, 0x9e, 0x2b, 0xed, 0x05, 0x7a, 0x6a, 0xd4, 0x16, 0xe4, 0x80, 0x2e, 0xbc, 0xdd, 0x71, 0xfc,
+	0xd8, 0x8d, 0x0f, 0xc4, 0xbb, 0x93, 0x24, 0x82, 0x13, 0x7a, 0xf6, 0x37, 0x2d, 0x98, 0x96, 0xbc,
+	0x64, 0xa9, 0xd9, 0x0c, 0x49, 0x14, 0xa1, 0x79, 0x28, 0xb8, 0x6d, 0xd1, 0x4b, 0x10, 0xbd, 0x2c,
+	0x54, 0x6b, 0xb8, 0xe0, 0xb6, 0x51, 0x0d, 0x4a, 0xdc, 0xec, 0x20, 0x59, 0x5c, 0x03, 0x19, 0x2f,
+	0xb0, 0x1e, 0x6c, 0xca, 0x9a, 0x38, 0x21, 0x22, 0xa5, 0x62, 0x76, 0x0e, 0x15, 0xcd, 0x47, 0xab,
+	0x1b, 0xa2, 0x1c, 0x2b, 0x0c, 0x74, 0x15, 0xc6, 0xfc, 0xa0, 0xc9, 0xad, 0x40, 0xf8, 0x9e, 0x66,
+	0x4b, 0x76, 0x43, 0x94, 0x61, 0x05, 0xb5, 0x7f, 0xd8, 0x82, 0x09, 0xf9, 0x65, 0x03, 0x0a, 0xe8,
+	0x74, 0x6b, 0x25, 0xc2, 0x79, 0xb2, 0xb5, 0xa8, 0x80, 0xcd, 0x20, 0x86, 0x5c, 0x5d, 0x3c, 0x89,
+	0x5c, 0x6d, 0xff, 0x44, 0x01, 0xa6, 0x64, 0x77, 0xea, 0x9d, 0xad, 0x88, 0xc4, 0x68, 0x13, 0x4a,
+	0x0e, 0x1f, 0x72, 0x22, 0x57, 0xec, 0x33, 0xd9, 0x17, 0x3a, 0x63, 0x7e, 0x12, 0x51, 0x67, 0x49,
+	0xd6, 0xc6, 0x09, 0x21, 0xe4, 0xc1, 0xac, 0x1f, 0xc4, 0xec, 0xd8, 0x53, 0xf0, 0x5e, 0x0f, 0x23,
+	0x69, 0xea, 0x17, 0x05, 0xf5, 0xd9, 0x8d, 0x34, 0x15, 0xdc, 0x4d, 0x18, 0xad, 0x4a, 0x25, 0x52,
+	0x31, 0xff, 0x0a, 0xa7, 0xcf, 0x42, 0xb6, 0x0e, 0xc9, 0xfe, 0x35, 0x0b, 0x4a, 0x12, 0xed, 0x2c,
+	0xde, 0xc0, 0xd6, 0x61, 0x34, 0x62, 0x93, 0x20, 0x87, 0xc6, 0xee, 0xd5, 0x71, 0x3e, 0x5f, 0xc9,
+	0x69, 0xce, 0xff, 0x47, 0x58, 0xd2, 0x60, 0x5a, 0x70, 0xd5, 0xfd, 0x8f, 0x89, 0x16, 0x5c, 0xf5,
+	0x27, 0xe7, 0x84, 0xf9, 0x6f, 0xac, 0xcf, 0x9a, 0xaa, 0x80, 0x0a, 0x9d, 0xed, 0x90, 0x6c, 0xbb,
+	0x0f, 0xd2, 0x42, 0x67, 0x8d, 0x95, 0x62, 0x01, 0x45, 0xef, 0xc2, 0x44, 0x43, 0x2a, 0x8f, 0x13,
+	0x36, 0x70, 0xa5, 0xa7, 0x2a, 0x5e, 0xbd, 0xda, 0x70, 0x0b, 0xd1, 0x15, 0xad, 0x3e, 0x36, 0xa8,
+	0x99, 0x96, 0x09, 0xc5, 0x7e, 0x96, 0x09, 0x09, 0xdd, 0xdc, 0xb7, 0x75, 0xfb, 0xa7, 0x2c, 0x18,
+	0xe1, 0x2a, 0xc8, 0xc1, 0x74, 0xb6, 0xda, 0x23, 0x56, 0x32, 0x76, 0x77, 0x69, 0xa1, 0x78, 0x94,
+	0x42, 0xeb, 0x50, 0x62, 0x3f, 0x98, 0x2a, 0xa6, 0x98, 0x6f, 0x1a, 0xcb, 0x5b, 0xd5, 0x3b, 0x78,
+	0x57, 0x56, 0xc3, 0x09, 0x05, 0xfb, 0x47, 0x8b, 0x94, 0x55, 0x25, 0xa8, 0xc6, 0x09, 0x6e, 0x3d,
+	0xba, 0x13, 0xbc, 0xf0, 0xa8, 0x4e, 0xf0, 0x16, 0x4c, 0x37, 0xb4, 0x27, 0xaf, 0x64, 0x26, 0xaf,
+	0xf6, 0x5c, 0x24, 0xda, 0xeb, 0x18, 0x57, 0xc3, 0xad, 0x98, 0x44, 0x70, 0x9a, 0x2a, 0xfa, 0x4e,
+	0x98, 0xe0, 0xf3, 0x2c, 0x5a, 0x19, 0x62, 0xad, 0x7c, 0x2a, 0x7f, 0xbd, 0xe8, 0x4d, 0xb0, 0x95,
+	0x58, 0xd7, 0xaa, 0x63, 0x83, 0x98, 0xfd, 0xcb, 0x63, 0x30, 0xbc, 0xba, 0x4f, 0xfc, 0xf8, 0x0c,
+	0x18, 0x52, 0x03, 0xa6, 0x5c, 0x7f, 0x3f, 0xf0, 0xf6, 0x49, 0x93, 0xc3, 0x4f, 0x72, 0xb8, 0x3e,
+	0x26, 0x48, 0x4f, 0x55, 0x0d, 0x12, 0x38, 0x45, 0xf2, 0x51, 0xdc, 0xda, 0xaf, 0xc3, 0x08, 0x9f,
+	0x7b, 0x71, 0x65, 0xcf, 0x54, 0xb0, 0xb3, 0x41, 0x14, 0xbb, 0x20, 0xd1, 0x28, 0x70, 0x8d, 0xbe,
+	0xa8, 0x8e, 0xde, 0x83, 0xa9, 0x6d, 0x37, 0x8c, 0x62, 0x7a, 0xdd, 0x8e, 0x62, 0x67, 0xaf, 0xfd,
+	0x10, 0xb7, 0x74, 0x35, 0x0e, 0x6b, 0x06, 0x25, 0x9c, 0xa2, 0x8c, 0x5a, 0x30, 0x49, 0x2f, 0x8e,
+	0x49, 0x53, 0xa3, 0x27, 0x6e, 0x4a, 0xa9, 0xe1, 0x6e, 0xe9, 0x84, 0xb0, 0x49, 0x97, 0x32, 0x93,
+	0x06, 0xbb, 0x68, 0x8e, 0x31, 0x89, 0x42, 0x31, 0x13, 0x7e, 0xc3, 0xe4, 0x30, 0xca, 0x93, 0x98,
+	0x31, 0x4b, 0xc9, 0xe4, 0x49, 0x9a, 0xc9, 0xca, 0x57, 0xa0, 0x44, 0xe8, 0x10, 0x52, 0xc2, 0xe2,
+	0xb1, 0x61, 0x71, 0xb0, 0xbe, 0xae, 0xbb, 0x8d, 0x30, 0x30, 0xf5, 0x23, 0xab, 0x92, 0x12, 0x4e,
+	0x88, 0xa2, 0x15, 0x18, 0x89, 0x48, 0xe8, 0x92, 0x48, 0x3c, 0x3b, 0xf4, 0x98, 0x46, 0x86, 0xc6,
+	0x6d, 0xa8, 0xf9, 0x6f, 0x2c, 0xaa, 0xd2, 0xe5, 0xe5, 0xb0, 0xdb, 0x10, 0x7b, 0x69, 0xd0, 0x96,
+	0xd7, 0x12, 0x2b, 0xc5, 0x02, 0x8a, 0xde, 0x82, 0xd1, 0x90, 0x78, 0x4c, 0x01, 0x37, 0x39, 0xf8,
+	0x22, 0xe7, 0xfa, 0x3c, 0x5e, 0x0f, 0x4b, 0x02, 0xe8, 0x26, 0xa0, 0x90, 0x50, 0x19, 0xc2, 0xf5,
+	0x5b, 0xca, 0xc4, 0x43, 0xbc, 0x1f, 0x3c, 0x21, 0xda, 0x3f, 0x87, 0x13, 0x0c, 0x69, 0x5d, 0x89,
+	0x33, 0xaa, 0xa1, 0xeb, 0x30, 0xab, 0x4a, 0xab, 0x7e, 0x14, 0x3b, 0x7e, 0x83, 0xb0, 0xa7, 0x83,
+	0x52, 0x22, 0x15, 0xe1, 0x34, 0x02, 0xee, 0xae, 0x63, 0x7f, 0x9d, 0x8a, 0x33, 0x74, 0xb4, 0xce,
+	0x40, 0x16, 0x78, 0xd3, 0x94, 0x05, 0x2e, 0xe6, 0xce, 0x5c, 0x8e, 0x1c, 0x70, 0x64, 0xc1, 0xb8,
+	0x36, 0xb3, 0xc9, 0x9a, 0xb5, 0x7a, 0xac, 0xd9, 0x0e, 0xcc, 0xd0, 0x95, 0x7e, 0x7b, 0x8b, 0xb9,
+	0x13, 0x35, 0xd9, 0xc2, 0x2c, 0x3c, 0xdc, 0xc2, 0x54, 0x86, 0xb8, 0xb7, 0x52, 0x04, 0x71, 0x57,
+	0x13, 0xe8, 0x35, 0xa9, 0x8d, 0x2a, 0x1a, 0xa6, 0x5b, 0x5c, 0xd3, 0x74, 0x7c, 0x58, 0x9e, 0xd1,
+	0x3e, 0x44, 0xd7, 0x3e, 0xd9, 0x5f, 0x91, 0xdf, 0xc8, 0x99, 0xcd, 0x22, 0x94, 0x1a, 0x6a, 0xb1,
+	0x58, 0xa6, 0x31, 0xb9, 0x5a, 0x0e, 0x38, 0xc1, 0xa1, 0x7b, 0x94, 0x5e, 0x41, 0xd2, 0xd6, 0x86,
+	0xf4, 0x82, 0x82, 0x19, 0xc4, 0x7e, 0x19, 0x60, 0xf5, 0x01, 0x69, 0xf0, 0xa5, 0xae, 0x3f, 0xea,
+	0x5a, 0xf9, 0x8f, 0xba, 0xf6, 0x7f, 0xb2, 0x60, 0x6a, 0x6d, 0xc5, 0xb8, 0x26, 0x2e, 0x00, 0xf0,
+	0xbb, 0xd1, 0xbd, 0x7b, 0x1b, 0xf2, 0xbd, 0x82, 0xab, 0x9c, 0x55, 0x29, 0xd6, 0x30, 0xd0, 0x45,
+	0x28, 0x7a, 0x1d, 0x5f, 0x5c, 0x59, 0x46, 0x8f, 0x0e, 0xcb, 0xc5, 0x5b, 0x1d, 0x1f, 0xd3, 0x32,
+	0xcd, 0xc0, 0xaf, 0x38, 0xb0, 0x81, 0x5f, 0x5f, 0x37, 0x21, 0x54, 0x86, 0xe1, 0xfb, 0xf7, 0xdd,
+	0x26, 0x37, 0xc6, 0x16, 0x6f, 0x29, 0xf7, 0xee, 0x55, 0x2b, 0x11, 0xe6, 0xe5, 0xf6, 0xd7, 0x8a,
+	0x30, 0xbf, 0xe6, 0x91, 0x07, 0x1f, 0xd2, 0x20, 0x7d, 0x50, 0xf3, 0xc4, 0x93, 0xc9, 0x8b, 0x27,
+	0xb5, 0xc5, 0xec, 0x3f, 0x1e, 0xdb, 0x30, 0xca, 0x0d, 0x04, 0xa4, 0x79, 0xfa, 0x1b, 0x59, 0xad,
+	0xe7, 0x0f, 0xc8, 0x82, 0xd0, 0xce, 0x71, 0x13, 0x2c, 0x75, 0xd2, 0x8a, 0x52, 0x2c, 0x89, 0xcf,
+	0x7f, 0x0e, 0x26, 0x74, 0xcc, 0x13, 0x59, 0x45, 0xff, 0x8d, 0x22, 0xcc, 0xd0, 0x1e, 0x3c, 0xd2,
+	0x89, 0xb8, 0xd3, 0x3d, 0x11, 0xa7, 0x6d, 0x19, 0xdb, 0x7f, 0x36, 0xde, 0x4d, 0xcf, 0xc6, 0x4b,
+	0x79, 0xb3, 0x71, 0xd6, 0x73, 0xf0, 0xbd, 0x16, 0x9c, 0x5b, 0xf3, 0x82, 0xc6, 0x6e, 0xca, 0x68,
+	0xf7, 0x55, 0x18, 0xa7, 0x7c, 0x3c, 0x32, 0xbc, 0x61, 0x0c, 0xff, 0x28, 0x01, 0xc2, 0x3a, 0x9e,
+	0x56, 0xed, 0xce, 0x9d, 0x6a, 0x25, 0xcb, 0xad, 0x4a, 0x80, 0xb0, 0x8e, 0x67, 0xff, 0xb6, 0x05,
+	0x4f, 0x5d, 0x5f, 0x59, 0x4d, 0x96, 0x62, 0x97, 0x67, 0x17, 0xbd, 0x05, 0x36, 0xb5, 0xae, 0x24,
+	0xb7, 0xc0, 0x0a, 0xeb, 0x85, 0x80, 0x7e, 0x5c, 0xbc, 0x16, 0x7f, 0xd6, 0x82, 0x73, 0xd7, 0xdd,
+	0x98, 0x1e, 0xcb, 0x69, 0x1f, 0x23, 0x7a, 0x2e, 0x47, 0x6e, 0x1c, 0x84, 0x07, 0x69, 0x1f, 0x23,
+	0xac, 0x20, 0x58, 0xc3, 0xe2, 0x2d, 0xef, 0xbb, 0x11, 0xed, 0x69, 0xc1, 0x54, 0x45, 0x61, 0x51,
+	0x8e, 0x15, 0x06, 0xfd, 0xb0, 0xa6, 0x1b, 0xb2, 0xab, 0xc4, 0x81, 0xe0, 0xb0, 0xea, 0xc3, 0x2a,
+	0x12, 0x80, 0x13, 0x1c, 0xfb, 0x27, 0x2d, 0xb8, 0x70, 0xdd, 0xeb, 0x44, 0x31, 0x09, 0xb7, 0x23,
+	0xa3, 0xb3, 0x2f, 0x43, 0x89, 0xc8, 0xeb, 0xba, 0xe8, 0xab, 0x12, 0x30, 0xd5, 0x3d, 0x9e, 0x3b,
+	0x38, 0x29, 0xbc, 0x01, 0x2c, 0xe0, 0x4f, 0x66, 0xb9, 0xfd, 0x0b, 0x05, 0x98, 0xbc, 0xb1, 0xb9,
+	0x59, 0xbb, 0x4e, 0x62, 0x71, 0x8a, 0xf5, 0x57, 0x35, 0x63, 0x4d, 0x63, 0xd6, 0xeb, 0x52, 0xd4,
+	0x89, 0x5d, 0x6f, 0x81, 0x7b, 0xd4, 0x2e, 0x54, 0xfd, 0xf8, 0x76, 0x58, 0x8f, 0x43, 0xd7, 0x6f,
+	0x65, 0xea, 0xd8, 0xe4, 0x59, 0x5b, 0xcc, 0x3b, 0x6b, 0xd1, 0xcb, 0x30, 0xc2, 0x5c, 0x7a, 0xe5,
+	0xf5, 0xe4, 0x09, 0x75, 0xa7, 0x60, 0xa5, 0xc7, 0x87, 0xe5, 0xd2, 0x1d, 0x5c, 0xe5, 0x7f, 0xb0,
+	0x40, 0x45, 0x77, 0x60, 0x7c, 0x27, 0x8e, 0xdb, 0x37, 0x88, 0xd3, 0x24, 0xa1, 0xe4, 0x0e, 0x97,
+	0xb2, 0xb8, 0x03, 0x1d, 0x04, 0x8e, 0x96, 0x6c, 0xa8, 0xa4, 0x2c, 0xc2, 0x3a, 0x1d, 0xbb, 0x0e,
+	0x90, 0xc0, 0x4e, 0x49, 0xbf, 0x60, 0xff, 0x91, 0x05, 0xa3, 0xdc, 0xbb, 0x2a, 0x44, 0x9f, 0x87,
+	0x21, 0xf2, 0x80, 0x34, 0x84, 0xe4, 0x98, 0xd9, 0xe1, 0x44, 0xf0, 0xe0, 0xda, 0x72, 0xfa, 0x1f,
+	0xb3, 0x5a, 0xe8, 0x06, 0x8c, 0xd2, 0xde, 0x5e, 0x57, 0xae, 0x66, 0x4f, 0xe7, 0x7d, 0xb1, 0x9a,
+	0x76, 0x2e, 0xab, 0x88, 0x22, 0x2c, 0xab, 0x33, 0xcd, 0x6f, 0xa3, 0x5d, 0xa7, 0x0c, 0x2c, 0xee,
+	0x75, 0xce, 0x6e, 0xae, 0xd4, 0x38, 0x92, 0xa0, 0xc6, 0x35, 0xbf, 0xb2, 0x10, 0x27, 0x44, 0xec,
+	0x4d, 0x28, 0xd1, 0x49, 0x5d, 0xf2, 0x5c, 0xa7, 0xb7, 0xd2, 0xf9, 0x79, 0x28, 0x49, 0x05, 0x70,
+	0x24, 0x1c, 0x74, 0x18, 0x55, 0xa9, 0x1f, 0x8e, 0x70, 0x02, 0xb7, 0xb7, 0xe1, 0x3c, 0xb3, 0xa6,
+	0x70, 0xe2, 0x1d, 0x63, 0x8f, 0xf5, 0x5f, 0xcc, 0x2f, 0x88, 0x8b, 0x18, 0x9f, 0x99, 0x39, 0xcd,
+	0xa3, 0x60, 0x42, 0x52, 0x4c, 0x2e, 0x65, 0xf6, 0x9f, 0x0c, 0xc1, 0x13, 0xd5, 0x7a, 0xbe, 0xe3,
+	0xdd, 0xeb, 0x30, 0xc1, 0xc5, 0x34, 0xba, 0xb4, 0x1d, 0x4f, 0xb4, 0xab, 0xde, 0x1a, 0x37, 0x35,
+	0x18, 0x36, 0x30, 0xd1, 0x53, 0x50, 0x74, 0xdf, 0xf7, 0xd3, 0xc6, 0xb9, 0xd5, 0xb7, 0x37, 0x30,
+	0x2d, 0xa7, 0x60, 0x2a, 0xf1, 0x71, 0x56, 0xaa, 0xc0, 0x4a, 0xea, 0x7b, 0x13, 0xa6, 0xdc, 0xa8,
+	0x11, 0xb9, 0x55, 0x9f, 0xf2, 0x99, 0xc4, 0x69, 0x33, 0x51, 0x12, 0xd0, 0x4e, 0x2b, 0x28, 0x4e,
+	0x61, 0x6b, 0x7c, 0x7d, 0x78, 0x60, 0xa9, 0xb1, 0xaf, 0xc7, 0x0a, 0x15, 0x88, 0xdb, 0xec, 0xeb,
+	0x22, 0x66, 0x28, 0x28, 0x04, 0x62, 0xfe, 0xc1, 0x11, 0x96, 0x30, 0x7a, 0x03, 0x6b, 0xec, 0x38,
+	0xed, 0xa5, 0x4e, 0xbc, 0x53, 0x71, 0xa3, 0x46, 0xb0, 0x4f, 0xc2, 0x03, 0x76, 0x79, 0x1e, 0x4b,
+	0x6e, 0x60, 0x0a, 0xb0, 0x72, 0x63, 0xa9, 0x46, 0x31, 0x71, 0x77, 0x1d, 0x53, 0x2a, 0x84, 0xd3,
+	0x90, 0x0a, 0x97, 0x60, 0x5a, 0x36, 0x53, 0x27, 0x11, 0x3b, 0x23, 0xc6, 0x59, 0xc7, 0x94, 0x3b,
+	0xb5, 0x28, 0x56, 0xdd, 0x4a, 0xe3, 0xa3, 0xd7, 0x60, 0xd2, 0xf5, 0xdd, 0xd8, 0x75, 0xe2, 0x20,
+	0x64, 0x27, 0x2c, 0xbf, 0x27, 0xb3, 0x47, 0xd1, 0xaa, 0x0e, 0xc0, 0x26, 0x9e, 0xfd, 0xc7, 0x43,
+	0x30, 0xcb, 0xa6, 0xed, 0x5b, 0x2b, 0xec, 0x63, 0xb3, 0xc2, 0xee, 0x74, 0xaf, 0xb0, 0xd3, 0x10,
+	0x77, 0x3f, 0xca, 0x65, 0xf6, 0x1e, 0x94, 0x94, 0x7d, 0xb5, 0x74, 0x11, 0xb0, 0x72, 0x5c, 0x04,
+	0xfa, 0x4b, 0x1f, 0xf2, 0x19, 0xb7, 0x98, 0xf9, 0x8c, 0xfb, 0xf7, 0x2d, 0x48, 0xcc, 0x4c, 0xd1,
+	0x0d, 0x28, 0xb5, 0x03, 0x66, 0xca, 0x11, 0x4a, 0xfb, 0xa8, 0x27, 0x32, 0x0f, 0x2a, 0x7e, 0x28,
+	0xf2, 0xf1, 0xab, 0xc9, 0x1a, 0x38, 0xa9, 0x8c, 0x96, 0x61, 0xb4, 0x1d, 0x92, 0x7a, 0xcc, 0x5c,
+	0x39, 0xfb, 0xd2, 0xe1, 0x6b, 0x84, 0xe3, 0x63, 0x59, 0xd1, 0xfe, 0x45, 0x0b, 0x80, 0xbf, 0x94,
+	0x3a, 0x7e, 0x8b, 0x9c, 0x81, 0xf6, 0xb7, 0x02, 0x43, 0x51, 0x9b, 0x34, 0x7a, 0x19, 0xd9, 0x24,
+	0xfd, 0xa9, 0xb7, 0x49, 0x23, 0x19, 0x70, 0xfa, 0x0f, 0xb3, 0xda, 0xf6, 0xf7, 0x03, 0x4c, 0x25,
+	0x68, 0xd5, 0x98, 0xec, 0xa1, 0x17, 0x0d, 0x47, 0xb9, 0x8b, 0x29, 0x47, 0xb9, 0x12, 0xc3, 0xd6,
+	0x14, 0x8d, 0xef, 0x41, 0x71, 0xcf, 0x79, 0x20, 0x34, 0x49, 0xcf, 0xf7, 0xee, 0x06, 0xa5, 0xbf,
+	0xb0, 0xee, 0x3c, 0xe0, 0x77, 0xa6, 0xe7, 0xe5, 0x02, 0x59, 0x77, 0x1e, 0x1c, 0x73, 0x53, 0x1a,
+	0xc6, 0xa4, 0x6e, 0xb9, 0x51, 0xfc, 0xd5, 0xff, 0x92, 0xfc, 0x67, 0xcb, 0x8e, 0x36, 0xc2, 0xda,
+	0x72, 0x7d, 0xf1, 0x6e, 0x38, 0x50, 0x5b, 0xae, 0x9f, 0x6e, 0xcb, 0xf5, 0x07, 0x68, 0xcb, 0xf5,
+	0xd1, 0x07, 0x30, 0x2a, 0xde, 0xe8, 0x99, 0xfd, 0xbc, 0xa9, 0xa5, 0xca, 0x6b, 0x4f, 0x3c, 0xf1,
+	0xf3, 0x36, 0x17, 0xe5, 0x9d, 0x50, 0x94, 0xf6, 0x6d, 0x57, 0x36, 0x88, 0xfe, 0xae, 0x05, 0x53,
+	0xe2, 0x37, 0x26, 0xef, 0x77, 0x48, 0x14, 0x0b, 0xd9, 0xf3, 0xb3, 0x83, 0xf7, 0x41, 0x54, 0xe4,
+	0x5d, 0xf9, 0xac, 0x64, 0xb3, 0x26, 0xb0, 0x6f, 0x8f, 0x52, 0xbd, 0x40, 0xff, 0xdc, 0x82, 0xf3,
+	0x7b, 0xce, 0x03, 0xde, 0x22, 0x2f, 0xc3, 0x4e, 0xec, 0x06, 0xc2, 0x1f, 0xe0, 0xf3, 0x83, 0x4d,
+	0x7f, 0x57, 0x75, 0xde, 0x49, 0x69, 0x3a, 0x7c, 0x3e, 0x0b, 0xa5, 0x6f, 0x57, 0x33, 0xfb, 0x35,
+	0xbf, 0x0d, 0x63, 0x72, 0xbd, 0x65, 0xdc, 0xbc, 0x2b, 0xba, 0x60, 0x7d, 0x62, 0x13, 0x09, 0xdd,
+	0x5b, 0x8d, 0xb6, 0x23, 0xd6, 0xda, 0x23, 0x6d, 0xe7, 0x3d, 0x98, 0xd0, 0xd7, 0xd8, 0x23, 0x6d,
+	0xeb, 0x7d, 0x38, 0x97, 0xb1, 0x96, 0x1e, 0x69, 0x93, 0xf7, 0xe1, 0x62, 0xee, 0xfa, 0x78, 0x94,
+	0x0d, 0xdb, 0xbf, 0x60, 0xe9, 0x7c, 0xf0, 0x0c, 0x54, 0xf0, 0x2b, 0xa6, 0x0a, 0xfe, 0x52, 0xef,
+	0x9d, 0x93, 0xa3, 0x87, 0x7f, 0x57, 0xef, 0x34, 0xe5, 0xea, 0xe8, 0x2d, 0x18, 0xf1, 0x68, 0x89,
+	0x34, 0x0e, 0xb1, 0xfb, 0xef, 0xc8, 0x44, 0x96, 0x62, 0xe5, 0x11, 0x16, 0x14, 0xec, 0x5f, 0xb1,
+	0x60, 0xe8, 0x0c, 0x46, 0x02, 0x9b, 0x23, 0xf1, 0x62, 0x2e, 0x69, 0x11, 0x9a, 0x6b, 0x01, 0x3b,
+	0xf7, 0x57, 0x65, 0xf8, 0xb1, 0x9c, 0x81, 0xf9, 0xbf, 0x05, 0x18, 0xa7, 0x4d, 0x49, 0x2b, 0xc6,
+	0x37, 0x60, 0xd2, 0x73, 0xb6, 0x88, 0x27, 0xdf, 0x71, 0xd3, 0x0a, 0x93, 0x5b, 0x3a, 0x10, 0x9b,
+	0xb8, 0xb4, 0xf2, 0xb6, 0xfe, 0xa4, 0x2d, 0xe4, 0x17, 0x55, 0xd9, 0x78, 0xef, 0xc6, 0x26, 0x2e,
+	0xbd, 0xbb, 0xdf, 0x77, 0xe2, 0xc6, 0x8e, 0x50, 0xa6, 0xa8, 0xee, 0xde, 0xa3, 0x85, 0x98, 0xc3,
+	0xa8, 0x00, 0x27, 0x57, 0xe7, 0x5d, 0x7a, 0x33, 0x0c, 0x7c, 0x21, 0x1e, 0x2b, 0x01, 0x0e, 0x9b,
+	0x60, 0x9c, 0xc6, 0xcf, 0xf0, 0x98, 0x1f, 0x66, 0x36, 0x9a, 0x03, 0x78, 0xcc, 0xa3, 0x1a, 0x9c,
+	0x77, 0xfd, 0x86, 0xd7, 0x69, 0x92, 0x3b, 0x3e, 0x97, 0xee, 0x3c, 0xf7, 0x03, 0xd2, 0x14, 0x02,
+	0xb4, 0x32, 0xa7, 0xad, 0x66, 0xe0, 0xe0, 0xcc, 0x9a, 0xf6, 0x5f, 0x83, 0x73, 0xb7, 0x02, 0xa7,
+	0xb9, 0xec, 0x78, 0x8e, 0xdf, 0x20, 0x61, 0xd5, 0x6f, 0xf5, 0xb5, 0x12, 0xd3, 0x6d, 0xba, 0x0a,
+	0xfd, 0x6c, 0xba, 0xec, 0x1d, 0x40, 0x7a, 0x03, 0xc2, 0x36, 0x19, 0xc3, 0xa8, 0xcb, 0x9b, 0x12,
+	0xcb, 0xff, 0xd3, 0xd9, 0xd2, 0x75, 0x57, 0xcf, 0x34, 0xab, 0x5b, 0x5e, 0x80, 0x25, 0x21, 0xfb,
+	0x75, 0xc8, 0xf4, 0x47, 0xec, 0xaf, 0xb6, 0xb1, 0x5f, 0x85, 0x59, 0x56, 0xf3, 0x64, 0x2a, 0x05,
+	0xfb, 0x07, 0x2d, 0x98, 0xde, 0x48, 0xc5, 0xb8, 0xb8, 0xc2, 0xde, 0x5a, 0x33, 0xf4, 0xee, 0x75,
+	0x56, 0x8a, 0x05, 0xf4, 0xd4, 0xf5, 0x7b, 0x7f, 0x61, 0x41, 0x49, 0x45, 0x67, 0x3a, 0x03, 0xa1,
+	0x76, 0xc5, 0x10, 0x6a, 0x33, 0xf5, 0x4e, 0xaa, 0x3b, 0x79, 0x32, 0x2d, 0xba, 0xa9, 0xa2, 0x35,
+	0xf4, 0x50, 0x39, 0x25, 0x64, 0xb8, 0x6f, 0xff, 0x94, 0x19, 0xd2, 0x41, 0xc6, 0x6f, 0x60, 0x66,
+	0x5a, 0x0a, 0xf7, 0x63, 0x62, 0xa6, 0xa5, 0xfa, 0x93, 0xc3, 0xfd, 0x6a, 0x5a, 0x97, 0xd9, 0xa9,
+	0xf0, 0xed, 0xcc, 0x95, 0x81, 0xed, 0x4d, 0x15, 0x24, 0xa5, 0x2c, 0x5c, 0x13, 0x44, 0xe9, 0x31,
+	0x63, 0x64, 0xe2, 0x1f, 0x8f, 0xa4, 0x95, 0x54, 0xb1, 0x6f, 0xc0, 0x74, 0x6a, 0xc0, 0xd0, 0xab,
+	0x30, 0xdc, 0xde, 0x71, 0x22, 0x92, 0x32, 0x4d, 0x1d, 0xae, 0xd1, 0xc2, 0xe3, 0xc3, 0xf2, 0x94,
+	0xaa, 0xc0, 0x4a, 0x30, 0xc7, 0xb6, 0xff, 0xa7, 0x05, 0x43, 0x1b, 0x41, 0xf3, 0x2c, 0x16, 0xd3,
+	0x9b, 0xc6, 0x62, 0x7a, 0x32, 0x2f, 0x0e, 0x61, 0xee, 0x3a, 0x5a, 0x4b, 0xad, 0xa3, 0x4b, 0xb9,
+	0x14, 0x7a, 0x2f, 0xa1, 0x3d, 0x18, 0x67, 0xd1, 0x0d, 0x85, 0xa9, 0xec, 0xcb, 0xc6, 0xfd, 0xaa,
+	0x9c, 0xba, 0x5f, 0x4d, 0x6b, 0xa8, 0xda, 0x2d, 0xeb, 0x59, 0x18, 0x15, 0xe6, 0x9a, 0x69, 0xa7,
+	0x0d, 0x81, 0x8b, 0x25, 0xdc, 0xfe, 0xa9, 0x22, 0x18, 0xd1, 0x14, 0xd1, 0xaf, 0x59, 0xb0, 0x10,
+	0x72, 0x2f, 0xd8, 0x66, 0xa5, 0x13, 0xba, 0x7e, 0xab, 0xde, 0xd8, 0x21, 0xcd, 0x8e, 0xe7, 0xfa,
+	0xad, 0x6a, 0xcb, 0x0f, 0x54, 0xf1, 0xea, 0x03, 0xd2, 0xe8, 0xb0, 0x37, 0x97, 0x3e, 0xa1, 0x1b,
+	0x95, 0x39, 0xd4, 0xb5, 0xa3, 0xc3, 0xf2, 0x02, 0x3e, 0x11, 0x6d, 0x7c, 0xc2, 0xbe, 0xa0, 0xdf,
+	0xb6, 0x60, 0x91, 0x07, 0x19, 0x1c, 0xbc, 0xff, 0x3d, 0x6e, 0xa3, 0x35, 0x49, 0x2a, 0x21, 0xb2,
+	0x49, 0xc2, 0xbd, 0xe5, 0xd7, 0xc4, 0x80, 0x2e, 0xd6, 0x4e, 0xd6, 0x16, 0x3e, 0x69, 0xe7, 0xec,
+	0x7f, 0x57, 0x84, 0x49, 0x3a, 0x8a, 0x49, 0x6c, 0x9a, 0x57, 0x8d, 0x25, 0xf1, 0x74, 0x6a, 0x49,
+	0xcc, 0x1a, 0xc8, 0xa7, 0x13, 0x96, 0x26, 0x82, 0x59, 0xcf, 0x89, 0xe2, 0x1b, 0xc4, 0x09, 0xe3,
+	0x2d, 0xe2, 0x70, 0x33, 0xa1, 0xe2, 0x89, 0x4d, 0x9a, 0x94, 0xfa, 0xeb, 0x56, 0x9a, 0x18, 0xee,
+	0xa6, 0x8f, 0xf6, 0x01, 0x31, 0x5b, 0xa7, 0xd0, 0xf1, 0x23, 0xfe, 0x2d, 0xae, 0x78, 0x8f, 0x39,
+	0x59, 0xab, 0xf3, 0xa2, 0x55, 0x74, 0xab, 0x8b, 0x1a, 0xce, 0x68, 0x41, 0xb3, 0x61, 0x1b, 0x1e,
+	0xd4, 0x86, 0x6d, 0xa4, 0x8f, 0x67, 0xd4, 0x1e, 0xcc, 0x88, 0x59, 0xd9, 0x76, 0x5b, 0xe2, 0x90,
+	0xfe, 0x52, 0xca, 0xc6, 0xd5, 0x1a, 0xdc, 0x50, 0xa9, 0x8f, 0x81, 0xab, 0xfd, 0xdd, 0x70, 0x8e,
+	0x36, 0x67, 0xfa, 0xf1, 0x44, 0x88, 0xc0, 0xf4, 0x6e, 0x67, 0x8b, 0x78, 0x24, 0x96, 0x65, 0xa2,
+	0xd1, 0x4c, 0xb1, 0xdf, 0xac, 0x9d, 0xc8, 0x96, 0x37, 0x4d, 0x12, 0x38, 0x4d, 0xd3, 0xfe, 0x19,
+	0x0b, 0x98, 0xb5, 0xfc, 0x19, 0x1c, 0x7f, 0x5f, 0x30, 0x8f, 0xbf, 0xb9, 0x3c, 0x0e, 0x94, 0x73,
+	0xf2, 0xbd, 0xc2, 0xa7, 0xa5, 0x16, 0x06, 0x0f, 0x0e, 0xa4, 0xec, 0xdf, 0x5f, 0xe2, 0xfa, 0x3f,
+	0x16, 0xdf, 0x90, 0x2a, 0x28, 0x00, 0xfa, 0x1e, 0x18, 0x6b, 0x38, 0x6d, 0xa7, 0xc1, 0xc3, 0xd8,
+	0xe6, 0x6a, 0x7f, 0x8c, 0x4a, 0x0b, 0x2b, 0xa2, 0x06, 0xd7, 0x66, 0x7c, 0x46, 0x7e, 0xa5, 0x2c,
+	0xee, 0xab, 0xc1, 0x50, 0x4d, 0xce, 0xef, 0xc2, 0xa4, 0x41, 0xec, 0x91, 0x5e, 0x7d, 0xbf, 0x87,
+	0x1f, 0x17, 0xea, 0xc6, 0xb2, 0x07, 0xb3, 0xbe, 0xf6, 0x9f, 0x32, 0x47, 0x29, 0x4e, 0x7f, 0xb2,
+	0xdf, 0x81, 0xc0, 0x38, 0xa9, 0xe6, 0x0d, 0x90, 0x22, 0x83, 0xbb, 0x29, 0xdb, 0xff, 0xd0, 0x82,
+	0xc7, 0x75, 0x44, 0x2d, 0x5e, 0x43, 0x3f, 0x7d, 0x72, 0x05, 0xc6, 0x82, 0x36, 0x09, 0x9d, 0xe4,
+	0x4e, 0x76, 0x55, 0x0e, 0xfa, 0x6d, 0x51, 0x7e, 0x2c, 0xe2, 0x09, 0x4a, 0xea, 0xb2, 0x1c, 0xab,
+	0x9a, 0xc8, 0x86, 0x11, 0x36, 0x18, 0x91, 0x88, 0xa5, 0xc1, 0xcc, 0x14, 0xd9, 0xd3, 0x6a, 0x84,
+	0x05, 0xc4, 0xfe, 0x7e, 0x8b, 0x2f, 0x2c, 0xbd, 0xeb, 0xe8, 0x7d, 0x98, 0xd9, 0xa3, 0xd7, 0xb7,
+	0xd5, 0x07, 0xed, 0x90, 0xab, 0xd1, 0xe5, 0x38, 0x3d, 0xdf, 0x6f, 0x9c, 0xb4, 0x8f, 0x4c, 0x8c,
+	0xd9, 0xd6, 0x53, 0xc4, 0x70, 0x17, 0x79, 0xfb, 0xcf, 0x0a, 0x7c, 0x27, 0x32, 0xa9, 0xee, 0x59,
+	0x18, 0x6d, 0x07, 0xcd, 0x95, 0x6a, 0x05, 0x8b, 0x11, 0x52, 0xec, 0xaa, 0xc6, 0x8b, 0xb1, 0x84,
+	0xa3, 0x6b, 0x00, 0xe4, 0x41, 0x4c, 0x42, 0xdf, 0xf1, 0x94, 0xe1, 0x87, 0x12, 0x9e, 0x56, 0x15,
+	0x04, 0x6b, 0x58, 0xb4, 0x4e, 0x3b, 0x0c, 0xf6, 0xdd, 0x26, 0xf3, 0x36, 0x2c, 0x9a, 0x75, 0x6a,
+	0x0a, 0x82, 0x35, 0x2c, 0x7a, 0x55, 0xee, 0xf8, 0x11, 0x3f, 0x00, 0x9d, 0x2d, 0x11, 0x20, 0x6f,
+	0x2c, 0xb9, 0x2a, 0xdf, 0xd1, 0x81, 0xd8, 0xc4, 0x45, 0x4b, 0x30, 0x12, 0x3b, 0xcc, 0x9c, 0x61,
+	0x38, 0xdf, 0x2c, 0x71, 0x93, 0x62, 0xe8, 0x71, 0x4d, 0x69, 0x05, 0x2c, 0x2a, 0xa2, 0x77, 0x24,
+	0x0b, 0xe6, 0x2c, 0x59, 0xd8, 0x03, 0xe7, 0x2e, 0x5b, 0x9d, 0x7d, 0xeb, 0x3c, 0x58, 0xd8, 0x19,
+	0x1b, 0xb4, 0xec, 0xef, 0x2b, 0x01, 0x24, 0xd2, 0x1e, 0xfa, 0xa0, 0x8b, 0x45, 0xbc, 0xd0, 0x5b,
+	0x3e, 0x3c, 0x3d, 0xfe, 0x80, 0x7e, 0xc0, 0x82, 0x71, 0xc7, 0xf3, 0x82, 0x86, 0x13, 0xb3, 0x51,
+	0x2e, 0xf4, 0x66, 0x51, 0xa2, 0xfd, 0xa5, 0xa4, 0x06, 0xef, 0xc2, 0xcb, 0xd2, 0x52, 0x41, 0x83,
+	0xf4, 0xed, 0x85, 0xde, 0x30, 0xfa, 0x8c, 0xbc, 0x04, 0xf0, 0xe5, 0x31, 0x9f, 0xbe, 0x04, 0x94,
+	0x18, 0x37, 0xd6, 0xe4, 0x7f, 0x74, 0xc7, 0x88, 0x24, 0x37, 0x94, 0x1f, 0x92, 0xc2, 0x10, 0x7a,
+	0xfa, 0x05, 0x91, 0x43, 0x35, 0xdd, 0x2f, 0x6a, 0x38, 0x3f, 0x6e, 0x8b, 0x26, 0x5d, 0xf7, 0xf1,
+	0x89, 0x7a, 0x0f, 0xa6, 0x9b, 0xe6, 0x71, 0x2b, 0x56, 0xd3, 0xa7, 0xf3, 0xe8, 0xa6, 0x4e, 0xe7,
+	0xe4, 0x80, 0x4d, 0x01, 0x70, 0x9a, 0x30, 0xaa, 0x71, 0x0f, 0xb5, 0xaa, 0xbf, 0x1d, 0x08, 0xbb,
+	0x72, 0x3b, 0x77, 0x2e, 0x0f, 0xa2, 0x98, 0xec, 0x51, 0xcc, 0xe4, 0x1c, 0xdd, 0x10, 0x75, 0xb1,
+	0xa2, 0x82, 0xde, 0x82, 0x11, 0xe6, 0x36, 0x1c, 0xcd, 0x8d, 0xe5, 0xeb, 0x01, 0xcd, 0x88, 0x17,
+	0xc9, 0xa6, 0x62, 0x7f, 0x23, 0x2c, 0x28, 0xa0, 0x1b, 0x32, 0x2c, 0x4e, 0x54, 0xf5, 0xef, 0x44,
+	0x84, 0x85, 0xc5, 0x29, 0x2d, 0x7f, 0x32, 0x89, 0x78, 0xc3, 0xcb, 0x33, 0x23, 0x98, 0x1b, 0x35,
+	0xa9, 0xbc, 0x22, 0xfe, 0xcb, 0xc0, 0xe8, 0x73, 0x90, 0xdf, 0x3d, 0x33, 0x78, 0x7a, 0x32, 0x9c,
+	0x77, 0x4d, 0x12, 0x38, 0x4d, 0xf3, 0x4c, 0x8f, 0xcf, 0x79, 0x1f, 0x66, 0xd2, 0x1b, 0xeb, 0x91,
+	0x1e, 0xd7, 0x7f, 0x34, 0x04, 0x53, 0xe6, 0x42, 0x40, 0x8b, 0x50, 0x12, 0x44, 0x54, 0x10, 0x4f,
+	0xb5, 0xb6, 0xd7, 0x25, 0x00, 0x27, 0x38, 0x2c, 0x88, 0x29, 0xab, 0xae, 0xd9, 0x01, 0x26, 0x41,
+	0x4c, 0x15, 0x04, 0x6b, 0x58, 0x54, 0x88, 0xde, 0x0a, 0x82, 0x58, 0x1d, 0x05, 0x6a, 0xb5, 0x2c,
+	0xb3, 0x52, 0x2c, 0xa0, 0xf4, 0x08, 0xd8, 0x25, 0xa1, 0x4f, 0x3c, 0x53, 0x93, 0xa9, 0x8e, 0x80,
+	0x9b, 0x3a, 0x10, 0x9b, 0xb8, 0xf4, 0x48, 0x0b, 0x22, 0xb6, 0xfc, 0x84, 0xa8, 0x9e, 0xd8, 0x55,
+	0xd6, 0xb9, 0xdb, 0xbc, 0x84, 0xa3, 0x2f, 0xc1, 0xe3, 0xca, 0xcb, 0x1d, 0x73, 0xcd, 0xb0, 0x6c,
+	0x71, 0xc4, 0xb8, 0x59, 0x3f, 0xbe, 0x92, 0x8d, 0x86, 0xf3, 0xea, 0xa3, 0x37, 0x61, 0x4a, 0x88,
+	0xc0, 0x92, 0xe2, 0xa8, 0x69, 0xac, 0x70, 0xd3, 0x80, 0xe2, 0x14, 0x36, 0xaa, 0xc0, 0x0c, 0x2d,
+	0x61, 0x52, 0xa8, 0xa4, 0xc0, 0xbd, 0xf5, 0xd5, 0x59, 0x7f, 0x33, 0x05, 0xc7, 0x5d, 0x35, 0xd0,
+	0x12, 0x4c, 0x73, 0x19, 0x85, 0xde, 0x29, 0xd9, 0x3c, 0x08, 0x77, 0x0f, 0xb5, 0x11, 0x6e, 0x9b,
+	0x60, 0x9c, 0xc6, 0x47, 0xaf, 0xc3, 0x84, 0x13, 0x36, 0x76, 0xdc, 0x98, 0x34, 0xe2, 0x4e, 0xc8,
+	0xfd, 0x40, 0x34, 0x6b, 0x8f, 0x25, 0x0d, 0x86, 0x0d, 0x4c, 0xfb, 0x03, 0x38, 0x97, 0xe1, 0x29,
+	0x46, 0x17, 0x8e, 0xd3, 0x76, 0xe5, 0x37, 0xa5, 0x2c, 0x24, 0x97, 0x6a, 0x55, 0xf9, 0x35, 0x1a,
+	0x16, 0x5d, 0x9d, 0x4c, 0x25, 0xae, 0x65, 0x2f, 0x50, 0xab, 0x73, 0x4d, 0x02, 0x70, 0x82, 0x63,
+	0xff, 0x16, 0x80, 0xa6, 0xd0, 0x19, 0xc0, 0x3e, 0xee, 0x75, 0x98, 0x90, 0x29, 0x37, 0xb4, 0x50,
+	0xef, 0xea, 0x33, 0xaf, 0x6b, 0x30, 0x6c, 0x60, 0xd2, 0xbe, 0xf9, 0x2a, 0x50, 0x7d, 0xca, 0x1e,
+	0x33, 0x09, 0x53, 0x9f, 0xe0, 0xa0, 0x17, 0x60, 0x2c, 0x22, 0xde, 0xf6, 0x2d, 0xd7, 0xdf, 0x15,
+	0x0b, 0x5b, 0x71, 0xe1, 0xba, 0x28, 0xc7, 0x0a, 0x03, 0x2d, 0x43, 0xb1, 0xe3, 0x36, 0xc5, 0x52,
+	0x96, 0x07, 0x7e, 0xf1, 0x4e, 0xb5, 0x72, 0x7c, 0x58, 0x7e, 0x3a, 0x2f, 0x93, 0x08, 0xbd, 0xda,
+	0x47, 0x0b, 0x74, 0xfb, 0xd1, 0xca, 0x59, 0x6f, 0x03, 0x23, 0x27, 0x7c, 0x1b, 0xb8, 0x06, 0x20,
+	0xbe, 0x5a, 0xae, 0xe5, 0x62, 0x32, 0x6b, 0xd7, 0x15, 0x04, 0x6b, 0x58, 0x28, 0x82, 0xd9, 0x46,
+	0x48, 0x1c, 0x79, 0x87, 0xe6, 0x3e, 0x4f, 0x63, 0x0f, 0xaf, 0x20, 0x58, 0x49, 0x13, 0xc3, 0xdd,
+	0xf4, 0x51, 0x00, 0xb3, 0x4d, 0x11, 0x54, 0x21, 0x69, 0xb4, 0x74, 0x72, 0x47, 0x2b, 0x66, 0x90,
+	0x93, 0x26, 0x84, 0xbb, 0x69, 0xa3, 0x2f, 0xc3, 0xbc, 0x2c, 0xec, 0x8e, 0x63, 0xc1, 0xb6, 0x4b,
+	0x91, 0xc7, 0x5f, 0xaf, 0xe4, 0x62, 0xe1, 0x1e, 0x14, 0x10, 0x86, 0x11, 0xf6, 0x96, 0x14, 0xcd,
+	0x8d, 0xb3, 0x73, 0xee, 0xb9, 0x7c, 0x65, 0x00, 0x5d, 0xeb, 0x0b, 0xec, 0x1d, 0x4a, 0x98, 0x94,
+	0x27, 0xcf, 0x72, 0xac, 0x10, 0x0b, 0x4a, 0x68, 0x1b, 0xc6, 0x1d, 0xdf, 0x0f, 0x62, 0x87, 0x8b,
+	0x50, 0x13, 0xf9, 0xb2, 0x9f, 0x46, 0x78, 0x29, 0xa9, 0xc1, 0xa9, 0x2b, 0x2b, 0x55, 0x0d, 0x82,
+	0x75, 0xc2, 0xe8, 0x3e, 0x4c, 0x07, 0xf7, 0x29, 0x73, 0x94, 0x5a, 0x8a, 0x68, 0x6e, 0x92, 0xb5,
+	0xf5, 0xca, 0x80, 0x7a, 0x5a, 0xa3, 0xb2, 0xc6, 0xb5, 0x4c, 0xa2, 0x38, 0xdd, 0x0a, 0x5a, 0x30,
+	0xb4, 0xd5, 0x53, 0x89, 0x3b, 0x4b, 0xa2, 0xad, 0xd6, 0x95, 0xd3, 0x2c, 0x2e, 0x0a, 0x37, 0x91,
+	0x66, 0xbb, 0x7f, 0x3a, 0x15, 0x17, 0x25, 0x01, 0x61, 0x1d, 0x0f, 0xed, 0xc0, 0x44, 0xf2, 0x64,
+	0x15, 0x46, 0x2c, 0x2a, 0xdb, 0xf8, 0xb5, 0x6b, 0x83, 0x7d, 0x5c, 0x55, 0xab, 0xc9, 0x6f, 0x0e,
+	0x7a, 0x09, 0x36, 0x28, 0xcf, 0x7f, 0x1b, 0x8c, 0x6b, 0x13, 0x7b, 0xa2, 0x28, 0xb8, 0x6f, 0xc2,
+	0x4c, 0x7a, 0xea, 0x4e, 0xe4, 0x41, 0xf0, 0xbf, 0x0a, 0x30, 0x9d, 0xf1, 0x72, 0xc5, 0xb2, 0x91,
+	0xa4, 0x18, 0x6a, 0x92, 0x7c, 0xc4, 0x64, 0x8b, 0x85, 0x01, 0xd8, 0xa2, 0xe4, 0xd1, 0xc5, 0x5c,
+	0x1e, 0x2d, 0x58, 0xe1, 0xd0, 0x87, 0x61, 0x85, 0xe6, 0xe9, 0x33, 0x3c, 0xd0, 0xe9, 0x73, 0x0a,
+	0xec, 0xd3, 0x38, 0xc0, 0x46, 0x07, 0x38, 0xc0, 0x7e, 0xb4, 0x00, 0x33, 0x69, 0x0b, 0xdf, 0x33,
+	0x78, 0xef, 0x78, 0xcb, 0x78, 0xef, 0xc8, 0xce, 0xed, 0x93, 0xb6, 0x3b, 0xce, 0x7b, 0xfb, 0xc0,
+	0xa9, 0xb7, 0x8f, 0xe7, 0x06, 0xa2, 0xd6, 0xfb, 0x1d, 0xe4, 0x1f, 0x15, 0xe0, 0x42, 0xba, 0xca,
+	0x8a, 0xe7, 0xb8, 0x7b, 0x67, 0x30, 0x36, 0xb7, 0x8d, 0xb1, 0x79, 0x71, 0x90, 0xaf, 0x61, 0x5d,
+	0xcb, 0x1d, 0xa0, 0x7b, 0xa9, 0x01, 0x5a, 0x1c, 0x9c, 0x64, 0xef, 0x51, 0xfa, 0x66, 0x11, 0x2e,
+	0x65, 0xd6, 0x4b, 0x9e, 0x0b, 0xd6, 0x8c, 0xe7, 0x82, 0x6b, 0xa9, 0xe7, 0x02, 0xbb, 0x77, 0xed,
+	0xd3, 0x79, 0x3f, 0x10, 0xee, 0xd0, 0x2c, 0x62, 0xe8, 0x43, 0xbe, 0x1d, 0x18, 0xee, 0xd0, 0x8a,
+	0x10, 0x36, 0xe9, 0xfe, 0x55, 0x7a, 0x33, 0xf8, 0x2d, 0x0b, 0x2e, 0x66, 0xce, 0xcd, 0x19, 0xe8,
+	0xd5, 0x37, 0x4c, 0xbd, 0xfa, 0xb3, 0x03, 0xaf, 0xd6, 0x1c, 0x45, 0xfb, 0x1f, 0x17, 0x73, 0xbe,
+	0x85, 0x69, 0x26, 0x6f, 0xc3, 0xb8, 0xd3, 0x68, 0x90, 0x28, 0x5a, 0x0f, 0x9a, 0x2a, 0x82, 0xe6,
+	0x8b, 0x4c, 0xda, 0x48, 0x8a, 0x8f, 0x0f, 0xcb, 0xf3, 0x69, 0x12, 0x09, 0x18, 0xeb, 0x14, 0xcc,
+	0xa0, 0xbf, 0x85, 0x53, 0x0d, 0xfa, 0x7b, 0x0d, 0x60, 0x5f, 0xe9, 0x2b, 0xd2, 0x6a, 0x4e, 0x4d,
+	0x93, 0xa1, 0x61, 0xa1, 0xef, 0x62, 0xb7, 0x00, 0x6e, 0x0c, 0xc4, 0x97, 0xe2, 0xcb, 0x03, 0xce,
+	0x95, 0x6e, 0x58, 0xc4, 0xe3, 0x6e, 0x28, 0x95, 0xb0, 0x22, 0x89, 0xbe, 0x03, 0x66, 0x22, 0x1e,
+	0xd6, 0x69, 0xc5, 0x73, 0x22, 0xe6, 0xc4, 0x25, 0x56, 0x21, 0x0b, 0xa6, 0x51, 0x4f, 0xc1, 0x70,
+	0x17, 0x36, 0x5a, 0x93, 0x1f, 0xc5, 0x62, 0x50, 0xf1, 0x85, 0x79, 0x25, 0xf9, 0x20, 0x91, 0x0b,
+	0xed, 0x7c, 0x7a, 0xf8, 0xd9, 0xc0, 0x6b, 0x35, 0xed, 0x1f, 0x1d, 0x82, 0x27, 0x7a, 0x30, 0x31,
+	0xb4, 0x64, 0x1a, 0x01, 0x3c, 0x9f, 0xd6, 0xff, 0xcd, 0x67, 0x56, 0x36, 0x14, 0x82, 0xa9, 0xb5,
+	0x52, 0xf8, 0xd0, 0x6b, 0xe5, 0x87, 0x2c, 0x4d, 0x33, 0xcb, 0x4d, 0x85, 0xbf, 0x70, 0x42, 0xe6,
+	0x7c, 0x8a, 0xaa, 0xda, 0xed, 0x0c, 0x7d, 0xe7, 0xb5, 0x81, 0xbb, 0x33, 0xb0, 0x02, 0xf4, 0x6c,
+	0x9f, 0x8c, 0xbe, 0x6a, 0xc1, 0xd3, 0x99, 0xfd, 0x35, 0x8c, 0x96, 0x16, 0xa1, 0xd4, 0xa0, 0x85,
+	0x9a, 0x63, 0x68, 0xe2, 0x31, 0x2f, 0x01, 0x38, 0xc1, 0x31, 0x6c, 0x93, 0x0a, 0x7d, 0x6d, 0x93,
+	0xfe, 0xad, 0x05, 0x5d, 0x0b, 0xf8, 0x0c, 0x38, 0x69, 0xd5, 0xe4, 0xa4, 0x9f, 0x1c, 0x64, 0x2e,
+	0x73, 0x98, 0xe8, 0xef, 0x4f, 0xc3, 0x63, 0x39, 0x9e, 0x60, 0xfb, 0x30, 0xdb, 0x6a, 0x10, 0xd3,
+	0xe5, 0x56, 0x7c, 0x4c, 0xa6, 0x77, 0x72, 0x4f, 0xff, 0x5c, 0x7e, 0x21, 0xee, 0x42, 0xc1, 0xdd,
+	0x4d, 0xa0, 0xaf, 0x5a, 0x70, 0xde, 0xb9, 0x1f, 0x75, 0xa5, 0x2a, 0x15, 0x6b, 0xe6, 0x95, 0x4c,
+	0x3d, 0x6d, 0x9f, 0xd4, 0xa6, 0x3c, 0xab, 0x57, 0x16, 0x16, 0xce, 0x6c, 0x0b, 0x61, 0x11, 0xf4,
+	0x98, 0xca, 0xdb, 0x3d, 0x9c, 0xc2, 0xb3, 0x5c, 0xf6, 0x38, 0x4f, 0x95, 0x10, 0xac, 0xe8, 0xa0,
+	0xbb, 0x50, 0x6a, 0x49, 0x3f, 0x5a, 0xc1, 0xb3, 0x33, 0x0f, 0xc1, 0x4c, 0x67, 0x5b, 0xee, 0x3b,
+	0xa2, 0x40, 0x38, 0x21, 0x85, 0xde, 0x84, 0xa2, 0xbf, 0x1d, 0xf5, 0x4a, 0x87, 0x95, 0xb2, 0xe5,
+	0xe3, 0x01, 0x17, 0x36, 0xd6, 0xea, 0x98, 0x56, 0x44, 0x37, 0xa0, 0x18, 0x6e, 0x35, 0xc5, 0xd3,
+	0x42, 0xa6, 0x5c, 0x8a, 0x97, 0x2b, 0xd9, 0x8b, 0x84, 0x53, 0xc2, 0xcb, 0x15, 0x4c, 0x49, 0xa0,
+	0x1a, 0x0c, 0x33, 0xa7, 0x29, 0xf1, 0x82, 0x90, 0x29, 0x90, 0xf6, 0x70, 0x3e, 0xe4, 0x51, 0x19,
+	0x18, 0x02, 0xe6, 0x84, 0xd0, 0x5b, 0x30, 0xd2, 0x60, 0x19, 0xa3, 0x84, 0xe2, 0x27, 0x3b, 0x5c,
+	0x57, 0x57, 0x4e, 0x29, 0xfe, 0x82, 0xca, 0xcb, 0xb1, 0xa0, 0x80, 0x36, 0x61, 0xa4, 0x41, 0xda,
+	0x3b, 0xdb, 0x91, 0xd0, 0xe7, 0x7c, 0x26, 0x93, 0x56, 0x8f, 0x04, 0x69, 0x82, 0x2a, 0xc3, 0xc0,
+	0x82, 0x16, 0xfa, 0x1c, 0x14, 0xb6, 0x1b, 0xc2, 0x93, 0x2a, 0xf3, 0x0d, 0xc1, 0x8c, 0x94, 0xb1,
+	0x3c, 0x72, 0x74, 0x58, 0x2e, 0xac, 0xad, 0xe0, 0xc2, 0x76, 0x03, 0x6d, 0xc0, 0xe8, 0x36, 0xf7,
+	0xad, 0x17, 0x01, 0x6c, 0x3e, 0x9d, 0xed, 0xf6, 0xdf, 0xe5, 0x7e, 0xcf, 0x3d, 0x80, 0x04, 0x00,
+	0x4b, 0x22, 0x2c, 0x5e, 0xb0, 0x8a, 0x11, 0x20, 0x02, 0xe7, 0x2f, 0x9c, 0x2c, 0xae, 0x83, 0x50,
+	0x73, 0x28, 0x2a, 0x58, 0xa3, 0x88, 0xbe, 0x02, 0x25, 0x47, 0xa6, 0xc6, 0x14, 0x41, 0x70, 0x5e,
+	0xce, 0xdc, 0x8e, 0xbd, 0xb3, 0x86, 0xf2, 0xb5, 0xac, 0x90, 0x70, 0x42, 0x14, 0xed, 0xc2, 0xe4,
+	0x7e, 0xd4, 0xde, 0x21, 0x72, 0xfb, 0xb2, 0x98, 0x38, 0x39, 0xc7, 0xd5, 0x5d, 0x81, 0xe8, 0x86,
+	0x71, 0xc7, 0xf1, 0xba, 0x38, 0x0e, 0x73, 0x1c, 0xbb, 0xab, 0x13, 0xc3, 0x26, 0x6d, 0x3a, 0xfc,
+	0xef, 0x77, 0x82, 0xad, 0x83, 0x98, 0x88, 0x48, 0xfb, 0x99, 0xc3, 0xff, 0x36, 0x47, 0xe9, 0x1e,
+	0x7e, 0x01, 0xc0, 0x92, 0x08, 0xdd, 0xe0, 0x8e, 0x4c, 0x3b, 0x2b, 0x74, 0x39, 0xcf, 0xe6, 0x0e,
+	0x4f, 0x57, 0x7f, 0x93, 0x41, 0x61, 0x9c, 0x31, 0x21, 0xc5, 0x38, 0x62, 0x7b, 0x27, 0x88, 0x03,
+	0x3f, 0xc5, 0x8d, 0x67, 0xf3, 0x39, 0x62, 0x2d, 0x03, 0xbf, 0x9b, 0x23, 0x66, 0x61, 0xe1, 0xcc,
+	0xb6, 0x50, 0x13, 0xa6, 0xda, 0x41, 0x18, 0xdf, 0x0f, 0x42, 0xb9, 0xbe, 0x50, 0x8f, 0x4b, 0xbe,
+	0x81, 0x29, 0x5a, 0x64, 0x76, 0xe0, 0x26, 0x04, 0xa7, 0x68, 0xa2, 0x2f, 0xc2, 0x68, 0xd4, 0x70,
+	0x3c, 0x52, 0xbd, 0x3d, 0x77, 0x2e, 0xff, 0xa8, 0xa9, 0x73, 0x94, 0x9c, 0xd5, 0xc5, 0x26, 0x47,
+	0xa0, 0x60, 0x49, 0x0e, 0xad, 0xc1, 0x30, 0x4b, 0xdf, 0xc2, 0x92, 0x04, 0xe4, 0x04, 0x5b, 0xeb,
+	0xb2, 0x95, 0xe6, 0x1c, 0x89, 0x15, 0x63, 0x5e, 0x9d, 0xee, 0x01, 0x21, 0xeb, 0x06, 0xd1, 0xdc,
+	0x85, 0xfc, 0x3d, 0x20, 0x44, 0xe4, 0xdb, 0xf5, 0x5e, 0x7b, 0x40, 0x21, 0xe1, 0x84, 0x28, 0xe5,
+	0xc7, 0x94, 0x87, 0x3e, 0x96, 0xcf, 0x8f, 0xf3, 0x39, 0x28, 0xe3, 0xc7, 0x94, 0x7f, 0x52, 0x12,
+	0xf6, 0x1f, 0x8c, 0x76, 0xcb, 0x27, 0xec, 0x76, 0xf4, 0x7d, 0x56, 0x97, 0xe9, 0xc0, 0x67, 0x07,
+	0x55, 0xd6, 0x9c, 0xa2, 0x64, 0xfa, 0x55, 0x0b, 0x1e, 0x6b, 0x67, 0x7e, 0x88, 0x38, 0xec, 0x07,
+	0xd3, 0xf9, 0xf0, 0x4f, 0x57, 0x89, 0x3c, 0xb2, 0xe1, 0x38, 0xa7, 0xa5, 0xb4, 0xf4, 0x5f, 0xfc,
+	0xd0, 0xd2, 0xff, 0x3a, 0x8c, 0x31, 0x81, 0x32, 0x89, 0xec, 0x37, 0x90, 0x01, 0x1e, 0x13, 0x1b,
+	0x56, 0x44, 0x45, 0xac, 0x48, 0xa0, 0x1f, 0xb6, 0xe0, 0xa9, 0x74, 0xd7, 0x31, 0x61, 0x60, 0x11,
+	0x25, 0x9a, 0x5f, 0xcc, 0xd6, 0xc4, 0xf7, 0x3f, 0x55, 0xeb, 0x85, 0x7c, 0xdc, 0x0f, 0x01, 0xf7,
+	0x6e, 0x0c, 0x55, 0x32, 0x6e, 0x86, 0x23, 0xe6, 0xcb, 0xe2, 0x00, 0xb7, 0xc3, 0x57, 0x60, 0x62,
+	0x2f, 0xe8, 0xf8, 0xd2, 0x3b, 0x46, 0xf8, 0x3e, 0x33, 0x2d, 0xf6, 0xba, 0x56, 0x8e, 0x0d, 0xac,
+	0xd4, 0x9d, 0x72, 0xec, 0x61, 0xef, 0x94, 0xe8, 0xdd, 0x54, 0x9a, 0xf8, 0x52, 0xbe, 0x6c, 0x21,
+	0xae, 0xdf, 0x27, 0x48, 0x16, 0x7f, 0xb6, 0xf7, 0xa0, 0xaf, 0x5b, 0x19, 0x02, 0x3c, 0xbf, 0x19,
+	0x7f, 0xde, 0xbc, 0x19, 0x5f, 0x49, 0xdf, 0x8c, 0xbb, 0x34, 0xa1, 0xc6, 0xa5, 0x78, 0xf0, 0x18,
+	0xfd, 0x83, 0x06, 0x68, 0xb4, 0x3d, 0xb8, 0xdc, 0xef, 0x58, 0x62, 0xa6, 0x92, 0x4d, 0x65, 0x43,
+	0x90, 0x98, 0x4a, 0x36, 0xab, 0x15, 0xcc, 0x20, 0x83, 0x46, 0xf0, 0xb1, 0xff, 0xbb, 0x05, 0xc5,
+	0x5a, 0xd0, 0x3c, 0x03, 0xcd, 0xee, 0x17, 0x0c, 0xcd, 0xee, 0x13, 0x39, 0xe9, 0xfb, 0x73, 0xf5,
+	0xb8, 0xab, 0x29, 0x3d, 0xee, 0x53, 0x79, 0x04, 0x7a, 0x6b, 0x6d, 0x7f, 0xba, 0x08, 0xe3, 0xb5,
+	0xa0, 0xa9, 0x6c, 0xee, 0xff, 0xfd, 0xc3, 0xd8, 0xdc, 0xe7, 0xc6, 0x5b, 0xd6, 0x28, 0x33, 0x0b,
+	0x4b, 0xe9, 0xce, 0xfb, 0x97, 0xcc, 0xf4, 0xfe, 0x1e, 0x71, 0x5b, 0x3b, 0x31, 0x69, 0xa6, 0x3f,
+	0xe7, 0xec, 0x4c, 0xef, 0xff, 0xab, 0x05, 0xd3, 0xa9, 0xd6, 0x91, 0x97, 0xe5, 0x1b, 0xf8, 0x90,
+	0x1a, 0xbd, 0xd9, 0xbe, 0xce, 0x84, 0x0b, 0x00, 0xea, 0xd9, 0x4c, 0x6a, 0xbb, 0x98, 0xd4, 0xaf,
+	0xde, 0xd5, 0x22, 0xac, 0x61, 0xa0, 0x57, 0x61, 0x3c, 0x0e, 0xda, 0x81, 0x17, 0xb4, 0x0e, 0x6e,
+	0x12, 0x19, 0x33, 0x4a, 0x3d, 0x6e, 0x6e, 0x26, 0x20, 0xac, 0xe3, 0xd9, 0x3f, 0x5b, 0xe4, 0x1f,
+	0xea, 0xc7, 0xee, 0xb7, 0xd6, 0xe4, 0xc7, 0x7b, 0x4d, 0x7e, 0xd3, 0x82, 0x19, 0xda, 0x3a, 0xb3,
+	0x5e, 0x93, 0x87, 0xad, 0xca, 0x15, 0x66, 0xf5, 0xc8, 0x15, 0x76, 0x85, 0xf2, 0xae, 0x66, 0xd0,
+	0x89, 0x85, 0xb6, 0x4c, 0x63, 0x4e, 0xb4, 0x14, 0x0b, 0xa8, 0xc0, 0x23, 0x61, 0x28, 0x3c, 0xfe,
+	0x74, 0x3c, 0x12, 0x86, 0x58, 0x40, 0x65, 0x2a, 0xb1, 0xa1, 0x9c, 0x54, 0x62, 0x2c, 0x02, 0xa6,
+	0xb0, 0x98, 0x12, 0x62, 0x8f, 0x16, 0x01, 0x53, 0x9a, 0x52, 0x25, 0x38, 0xf6, 0x2f, 0x14, 0x61,
+	0xa2, 0x16, 0x34, 0x93, 0x87, 0xab, 0x57, 0x8c, 0x87, 0xab, 0xcb, 0xa9, 0x87, 0xab, 0x19, 0x1d,
+	0xf7, 0x5b, 0xcf, 0x54, 0x1f, 0xd5, 0x33, 0xd5, 0xbf, 0xb1, 0xd8, 0xac, 0x55, 0x36, 0xea, 0x22,
+	0x19, 0xf7, 0x4b, 0x30, 0xce, 0x18, 0x12, 0x73, 0x31, 0x95, 0xaf, 0x39, 0x2c, 0xa3, 0xc5, 0x46,
+	0x52, 0x8c, 0x75, 0x1c, 0x74, 0x15, 0xc6, 0x22, 0xe2, 0x84, 0x8d, 0x1d, 0xc5, 0xe3, 0xc4, 0x5b,
+	0x07, 0x2f, 0xc3, 0x0a, 0x8a, 0xde, 0x4e, 0x82, 0x2f, 0x16, 0xf3, 0xd3, 0x4a, 0xeb, 0xfd, 0xe1,
+	0x5b, 0x24, 0x3f, 0xe2, 0xa2, 0x7d, 0x0f, 0x50, 0x37, 0xfe, 0x00, 0x66, 0x64, 0x65, 0x33, 0xcc,
+	0x5a, 0xa9, 0x2b, 0xc4, 0xda, 0x9f, 0x5b, 0x30, 0x55, 0x0b, 0x9a, 0x74, 0xeb, 0xfe, 0x55, 0xda,
+	0xa7, 0x7a, 0xe4, 0xd9, 0x91, 0x1e, 0x91, 0x67, 0xff, 0xb1, 0x05, 0xa3, 0xb5, 0xa0, 0x79, 0x06,
+	0x3a, 0xf6, 0xcf, 0x9b, 0x3a, 0xf6, 0xc7, 0x73, 0x96, 0x44, 0x8e, 0x5a, 0xfd, 0x97, 0x8a, 0x30,
+	0x49, 0xfb, 0x19, 0xb4, 0xe4, 0x2c, 0x19, 0x23, 0x62, 0x0d, 0x30, 0x22, 0x54, 0xcc, 0x0d, 0x3c,
+	0x2f, 0xb8, 0x9f, 0x9e, 0xb1, 0x35, 0x56, 0x8a, 0x05, 0x14, 0xbd, 0x00, 0x63, 0xed, 0x90, 0xec,
+	0xbb, 0x41, 0x27, 0x4a, 0x7b, 0x53, 0xd7, 0x44, 0x39, 0x56, 0x18, 0xf4, 0xde, 0x15, 0xb9, 0x7e,
+	0x83, 0x48, 0xfb, 0xb2, 0x21, 0x66, 0x5f, 0xc6, 0x43, 0xca, 0x6b, 0xe5, 0xd8, 0xc0, 0x42, 0xf7,
+	0xa0, 0xc4, 0xfe, 0x33, 0x8e, 0x72, 0xf2, 0x24, 0x67, 0x22, 0x8f, 0x8b, 0x20, 0x80, 0x13, 0x5a,
+	0xe8, 0x1a, 0x40, 0x2c, 0x2d, 0xe1, 0x22, 0xe1, 0xec, 0xaf, 0x64, 0x6d, 0x65, 0x23, 0x17, 0x61,
+	0x0d, 0x0b, 0x3d, 0x0f, 0xa5, 0xd8, 0x71, 0xbd, 0x5b, 0xae, 0x4f, 0x22, 0x61, 0x49, 0x28, 0xd2,
+	0xb4, 0x88, 0x42, 0x9c, 0xc0, 0xa9, 0xac, 0xc3, 0x42, 0x49, 0xf0, 0x14, 0x89, 0x63, 0x0c, 0x9b,
+	0xc9, 0x3a, 0xb7, 0x54, 0x29, 0xd6, 0x30, 0xec, 0xd7, 0xe1, 0x42, 0x2d, 0x68, 0xd6, 0x82, 0x30,
+	0x5e, 0x0b, 0xc2, 0xfb, 0x4e, 0xd8, 0x94, 0xf3, 0x57, 0x96, 0x19, 0x43, 0x28, 0xef, 0x19, 0xe6,
+	0x3b, 0xd3, 0xc8, 0x05, 0xf2, 0x32, 0x93, 0x76, 0x4e, 0xe8, 0xf6, 0xf5, 0xbf, 0x0b, 0x8c, 0x51,
+	0xa4, 0xf2, 0x76, 0xa2, 0x2f, 0xc3, 0x54, 0x44, 0x6e, 0xb9, 0x7e, 0xe7, 0x81, 0xbc, 0x1f, 0xf7,
+	0xf0, 0xa9, 0xab, 0xaf, 0xea, 0x98, 0x5c, 0xcb, 0x66, 0x96, 0xe1, 0x14, 0x35, 0x3a, 0x84, 0x61,
+	0xc7, 0x5f, 0x8a, 0xee, 0x44, 0x24, 0x14, 0x79, 0x23, 0xd9, 0x10, 0x62, 0x59, 0x88, 0x13, 0x38,
+	0x5d, 0x32, 0xec, 0xcf, 0x46, 0xe0, 0xe3, 0x20, 0x88, 0xe5, 0x22, 0x63, 0x99, 0xc7, 0xb4, 0x72,
+	0x6c, 0x60, 0xa1, 0x35, 0x40, 0x51, 0xa7, 0xdd, 0xf6, 0xd8, 0x03, 0xb8, 0xe3, 0x5d, 0x0f, 0x83,
+	0x4e, 0x9b, 0x3f, 0x3e, 0x8a, 0xa4, 0x5d, 0xf5, 0x2e, 0x28, 0xce, 0xa8, 0x41, 0x19, 0xc3, 0x76,
+	0xc4, 0x7e, 0x8b, 0x68, 0x12, 0x5c, 0xf3, 0x5d, 0x67, 0x45, 0x58, 0xc2, 0xe8, 0x3c, 0xb3, 0xe6,
+	0x39, 0xe6, 0x48, 0x32, 0xcf, 0x58, 0x95, 0x62, 0x0d, 0xc3, 0xfe, 0x1e, 0x76, 0xc0, 0xb0, 0xf4,
+	0x80, 0x71, 0x27, 0x24, 0x68, 0x0f, 0x26, 0xdb, 0xec, 0xe8, 0x17, 0x81, 0xd6, 0xc5, 0x80, 0x3f,
+	0x9c, 0x9d, 0x21, 0x4f, 0x17, 0xa6, 0x93, 0xc3, 0x26, 0x75, 0xfb, 0xa7, 0x67, 0x18, 0x1f, 0xab,
+	0xf3, 0xeb, 0xdf, 0xa8, 0xf0, 0x1e, 0x10, 0xb2, 0xee, 0x7c, 0xbe, 0x1e, 0x22, 0x39, 0x72, 0x84,
+	0x07, 0x02, 0x96, 0x75, 0xd1, 0xdb, 0xec, 0x95, 0x97, 0x33, 0x8f, 0x7e, 0x79, 0xc6, 0x39, 0x96,
+	0xf1, 0xa0, 0x2b, 0x2a, 0x62, 0x8d, 0x08, 0xba, 0x05, 0x93, 0x22, 0x9b, 0x9c, 0x50, 0x34, 0x15,
+	0x0d, 0x45, 0xc2, 0x24, 0xd6, 0x81, 0xc7, 0xe9, 0x02, 0x6c, 0x56, 0x46, 0x2d, 0x78, 0x4a, 0x4b,
+	0xad, 0x9a, 0x61, 0xeb, 0xca, 0x79, 0xd1, 0xd3, 0x47, 0x87, 0xe5, 0xa7, 0x36, 0x7b, 0x21, 0xe2,
+	0xde, 0x74, 0xd0, 0x6d, 0xb8, 0xe0, 0x34, 0x62, 0x77, 0x9f, 0x54, 0x88, 0xd3, 0xf4, 0x5c, 0x9f,
+	0x98, 0xe1, 0x48, 0x2e, 0x1e, 0x1d, 0x96, 0x2f, 0x2c, 0x65, 0x21, 0xe0, 0xec, 0x7a, 0xe8, 0xf3,
+	0x50, 0x6a, 0xfa, 0x91, 0x18, 0x83, 0x11, 0x23, 0x6b, 0x70, 0xa9, 0xb2, 0x51, 0x57, 0xdf, 0x9f,
+	0xfc, 0xc1, 0x49, 0x05, 0xd4, 0xe2, 0xca, 0x26, 0x75, 0xb7, 0x1b, 0xed, 0x8a, 0x31, 0x93, 0xd6,
+	0x12, 0x18, 0x7e, 0x7a, 0x5c, 0xcb, 0xaa, 0x2c, 0xc9, 0x0d, 0x17, 0x3e, 0x83, 0x30, 0x7a, 0x0b,
+	0x10, 0x15, 0x7e, 0xdc, 0x06, 0x59, 0x6a, 0xb0, 0x78, 0xf7, 0x4c, 0x37, 0x37, 0x66, 0xb8, 0x45,
+	0xa1, 0x7a, 0x17, 0x06, 0xce, 0xa8, 0x85, 0x6e, 0x50, 0x0e, 0xa4, 0x97, 0x0a, 0xc3, 0x7f, 0x29,
+	0x30, 0xcf, 0x55, 0x48, 0x3b, 0x24, 0x0d, 0x27, 0x26, 0x4d, 0x93, 0x22, 0x4e, 0xd5, 0xa3, 0xe7,
+	0x93, 0x4a, 0x7d, 0x05, 0xa6, 0xb9, 0x7a, 0x77, 0xfa, 0x2b, 0x7a, 0xd7, 0xdc, 0x09, 0xa2, 0x78,
+	0x83, 0xc4, 0xf7, 0x83, 0x70, 0x57, 0xc4, 0x10, 0x4c, 0xc2, 0xd9, 0x26, 0x20, 0xac, 0xe3, 0x51,
+	0xd9, 0x92, 0x3d, 0xb3, 0x56, 0x2b, 0xec, 0xd5, 0x6b, 0x2c, 0xd9, 0x27, 0x37, 0x78, 0x31, 0x96,
+	0x70, 0x89, 0x5a, 0xad, 0xad, 0xb0, 0x17, 0xac, 0x14, 0x6a, 0xb5, 0xb6, 0x82, 0x25, 0x1c, 0x91,
+	0xee, 0x8c, 0xcc, 0x53, 0xf9, 0x9a, 0xc2, 0x6e, 0x3e, 0x3e, 0x60, 0x52, 0x66, 0x1f, 0x66, 0x54,
+	0x2e, 0x68, 0x1e, 0x5c, 0x31, 0x9a, 0x9b, 0x66, 0x8b, 0x64, 0xf0, 0xc8, 0x8c, 0x4a, 0xf7, 0x5a,
+	0x4d, 0x51, 0xc2, 0x5d, 0xb4, 0x8d, 0x30, 0x37, 0x33, 0x7d, 0x53, 0x97, 0x2d, 0x42, 0x29, 0xea,
+	0x6c, 0x35, 0x83, 0x3d, 0xc7, 0xf5, 0xd9, 0x83, 0x93, 0x26, 0xb8, 0xd4, 0x25, 0x00, 0x27, 0x38,
+	0x68, 0x0d, 0xc6, 0x1c, 0xa9, 0x58, 0x45, 0xf9, 0x71, 0x2f, 0x94, 0x3a, 0x95, 0x89, 0xe5, 0x4a,
+	0x95, 0xaa, 0xea, 0xa2, 0x37, 0x60, 0x52, 0xb8, 0x66, 0x0a, 0xab, 0xea, 0x73, 0xa6, 0x17, 0x4f,
+	0x5d, 0x07, 0x62, 0x13, 0x17, 0x7d, 0x17, 0x4c, 0x51, 0x2a, 0x09, 0x63, 0x9b, 0x3b, 0x3f, 0x08,
+	0x47, 0xd4, 0x52, 0xd2, 0xe8, 0x95, 0x71, 0x8a, 0x18, 0x6a, 0xc2, 0x93, 0x4e, 0x27, 0x0e, 0x98,
+	0x72, 0xda, 0x5c, 0xff, 0x9b, 0xc1, 0x2e, 0xf1, 0xd9, 0xbb, 0xd0, 0xd8, 0xf2, 0xe5, 0xa3, 0xc3,
+	0xf2, 0x93, 0x4b, 0x3d, 0xf0, 0x70, 0x4f, 0x2a, 0xe8, 0x0e, 0x8c, 0xc7, 0x81, 0x27, 0xdc, 0x21,
+	0xa2, 0xb9, 0xc7, 0xf2, 0xc3, 0x74, 0x6d, 0x2a, 0x34, 0x5d, 0x31, 0xa3, 0xaa, 0x62, 0x9d, 0x0e,
+	0xda, 0xe4, 0x7b, 0x8c, 0x05, 0x30, 0x26, 0xd1, 0xdc, 0xe3, 0xf9, 0x03, 0xa3, 0xe2, 0x1c, 0x9b,
+	0x5b, 0x50, 0xd4, 0xc4, 0x3a, 0x19, 0x74, 0x1d, 0x66, 0xdb, 0xa1, 0x1b, 0xb0, 0x85, 0xad, 0x1e,
+	0x06, 0xe6, 0xcc, 0x2c, 0x24, 0xb5, 0x34, 0x02, 0xee, 0xae, 0x43, 0x2f, 0x6e, 0xb2, 0x70, 0xee,
+	0x22, 0x4f, 0x69, 0xc7, 0x85, 0x59, 0x5e, 0x86, 0x15, 0x14, 0xad, 0x33, 0xbe, 0xcc, 0xaf, 0x58,
+	0x73, 0xf3, 0xf9, 0xf1, 0x42, 0xf4, 0xab, 0x18, 0x17, 0x74, 0xd4, 0x5f, 0x9c, 0x50, 0xa0, 0xe7,
+	0x46, 0xb4, 0xe3, 0x84, 0xa4, 0x16, 0x06, 0x0d, 0xc2, 0x3b, 0xc3, 0xcd, 0xcf, 0x9f, 0xe0, 0x71,
+	0x56, 0xe9, 0xb9, 0x51, 0xcf, 0x42, 0xc0, 0xd9, 0xf5, 0xe6, 0xbf, 0x1d, 0x66, 0xbb, 0x38, 0xf9,
+	0x89, 0x4c, 0xe7, 0xff, 0x6c, 0x18, 0x4a, 0x4a, 0xf1, 0x8b, 0x16, 0x4d, 0x7d, 0xfe, 0xc5, 0xb4,
+	0x3e, 0x7f, 0x8c, 0xca, 0x9f, 0xba, 0x0a, 0x7f, 0xd3, 0x30, 0xfc, 0x2a, 0xe4, 0xa7, 0xba, 0xd3,
+	0xb5, 0x1e, 0x7d, 0xfd, 0x5c, 0xb5, 0x7b, 0x7c, 0x71, 0xe0, 0x87, 0x81, 0xa1, 0x9e, 0xaa, 0x81,
+	0x01, 0xb3, 0x77, 0xd3, 0xab, 0x6e, 0x3b, 0x68, 0x56, 0x6b, 0xe9, 0x74, 0xb6, 0x35, 0x5a, 0x88,
+	0x39, 0x8c, 0x5d, 0x56, 0xa8, 0xd8, 0xc1, 0x2e, 0x2b, 0xa3, 0x0f, 0x79, 0x59, 0x91, 0x04, 0x70,
+	0x42, 0x0b, 0x79, 0x30, 0xdb, 0x30, 0x33, 0x11, 0x2b, 0xdf, 0xd6, 0x67, 0xfa, 0xe6, 0x04, 0xee,
+	0x68, 0x29, 0x0a, 0x57, 0xd2, 0x54, 0x70, 0x37, 0x61, 0xf4, 0x06, 0x8c, 0xbd, 0x1f, 0x44, 0x6c,
+	0x5b, 0x88, 0xb3, 0x57, 0x7a, 0x13, 0x8e, 0xbd, 0x7d, 0xbb, 0xce, 0xca, 0x8f, 0x0f, 0xcb, 0xe3,
+	0xb5, 0xa0, 0x29, 0xff, 0x62, 0x55, 0x01, 0x3d, 0x80, 0x0b, 0x06, 0xc7, 0x52, 0xdd, 0x85, 0xc1,
+	0xbb, 0xfb, 0x94, 0x68, 0xee, 0x42, 0x35, 0x8b, 0x12, 0xce, 0x6e, 0x80, 0xb2, 0x01, 0x3f, 0x10,
+	0x59, 0xbc, 0xe5, 0xf9, 0xce, 0x8e, 0xf1, 0x92, 0x1e, 0x94, 0x21, 0x85, 0x80, 0xbb, 0xeb, 0xd8,
+	0xdf, 0xe0, 0x7a, 0x72, 0xa1, 0x4d, 0x23, 0x51, 0xc7, 0x3b, 0x8b, 0x84, 0x66, 0xab, 0x86, 0xa2,
+	0xef, 0xa1, 0xdf, 0x62, 0x7e, 0xc3, 0x62, 0x6f, 0x31, 0x9b, 0x64, 0xaf, 0xed, 0x39, 0xf1, 0x59,
+	0x78, 0x5e, 0xbc, 0x0d, 0x63, 0xb1, 0x68, 0xad, 0x57, 0x0e, 0x36, 0xad, 0x53, 0xec, 0x3d, 0x4a,
+	0x9d, 0xfc, 0xb2, 0x14, 0x2b, 0x32, 0xf6, 0xbf, 0xe4, 0x33, 0x20, 0x21, 0x67, 0xa0, 0x74, 0xa9,
+	0x98, 0x4a, 0x97, 0x72, 0x9f, 0x2f, 0xc8, 0x51, 0xbe, 0xfc, 0x0b, 0xb3, 0xdf, 0xec, 0x92, 0xf5,
+	0x71, 0x7f, 0x04, 0xb4, 0x7f, 0xdc, 0x82, 0xf3, 0x59, 0x56, 0x33, 0x54, 0x5a, 0xe3, 0x57, 0x3c,
+	0xf5, 0x28, 0xaa, 0x46, 0xf0, 0xae, 0x28, 0xc7, 0x0a, 0x63, 0xe0, 0xf4, 0x26, 0x27, 0x8b, 0xc1,
+	0x77, 0x1b, 0xcc, 0xec, 0xd7, 0xe8, 0x4d, 0xee, 0x4a, 0x65, 0xa9, 0xf4, 0xd4, 0x27, 0x73, 0xa3,
+	0xb2, 0x7f, 0xae, 0x00, 0xe7, 0xf9, 0xab, 0xc6, 0xd2, 0x7e, 0xe0, 0x36, 0x6b, 0x41, 0x53, 0x38,
+	0x96, 0xbd, 0x03, 0x13, 0x6d, 0xed, 0x5e, 0xde, 0x2b, 0x0a, 0x98, 0x7e, 0x7f, 0x4f, 0xee, 0x47,
+	0x7a, 0x29, 0x36, 0x68, 0xa1, 0x26, 0x4c, 0x90, 0x7d, 0xb7, 0xa1, 0x54, 0xe3, 0x85, 0x13, 0x9f,
+	0x0d, 0xaa, 0x95, 0x55, 0x8d, 0x0e, 0x36, 0xa8, 0x3e, 0x82, 0x6c, 0x85, 0xf6, 0x4f, 0x58, 0xf0,
+	0x78, 0x4e, 0xcc, 0x30, 0xda, 0xdc, 0x7d, 0xf6, 0x7e, 0x24, 0x12, 0x9f, 0xa9, 0xe6, 0xf8, 0xab,
+	0x12, 0x16, 0x50, 0xf4, 0x45, 0x00, 0xfe, 0x2a, 0x44, 0xaf, 0x0b, 0xe2, 0xd3, 0x07, 0x8b, 0xa5,
+	0xa3, 0x05, 0x5c, 0x91, 0xf5, 0xb1, 0x46, 0xcb, 0xfe, 0x99, 0x22, 0x0c, 0xb3, 0x57, 0x08, 0xb4,
+	0x06, 0xa3, 0x3b, 0x3c, 0x42, 0xf9, 0x20, 0xc1, 0xd0, 0x93, 0x7b, 0x17, 0x2f, 0xc0, 0xb2, 0x32,
+	0x5a, 0x87, 0x73, 0xc2, 0x79, 0xb1, 0x42, 0x3c, 0xe7, 0x40, 0x5e, 0xdf, 0x79, 0xb2, 0x30, 0x95,
+	0x1e, 0xaf, 0xda, 0x8d, 0x82, 0xb3, 0xea, 0xa1, 0x37, 0xbb, 0xe2, 0x92, 0xf2, 0xd8, 0xee, 0x4a,
+	0xd8, 0xef, 0x13, 0x9b, 0xf4, 0x0d, 0x98, 0x6c, 0x77, 0x29, 0x2a, 0x86, 0x93, 0x8b, 0x88, 0xa9,
+	0x9c, 0x30, 0x71, 0x99, 0xb9, 0x4c, 0x87, 0x19, 0x07, 0x6d, 0xee, 0x84, 0x24, 0xda, 0x09, 0xbc,
+	0xa6, 0xc8, 0xdf, 0x9f, 0x98, 0xcb, 0xa4, 0xe0, 0xb8, 0xab, 0x06, 0xa5, 0xb2, 0xed, 0xb8, 0x5e,
+	0x27, 0x24, 0x09, 0x95, 0x11, 0x93, 0xca, 0x5a, 0x0a, 0x8e, 0xbb, 0x6a, 0xd0, 0x75, 0x74, 0x41,
+	0x24, 0x7f, 0x97, 0x21, 0x2d, 0x94, 0x0d, 0xd4, 0xa8, 0x74, 0x6d, 0xe9, 0x11, 0x66, 0x49, 0x58,
+	0x89, 0xa8, 0xf4, 0xf1, 0x5a, 0x6a, 0x61, 0xe1, 0xd4, 0x22, 0xa9, 0x3c, 0x4c, 0x0a, 0xf2, 0x3f,
+	0xb0, 0xe0, 0x5c, 0x86, 0xad, 0x25, 0x67, 0x55, 0x2d, 0x37, 0x8a, 0x55, 0x42, 0x24, 0x8d, 0x55,
+	0xf1, 0x72, 0xac, 0x30, 0xe8, 0x7e, 0xe0, 0xcc, 0x30, 0xcd, 0x00, 0x85, 0x2d, 0x93, 0x80, 0x9e,
+	0x8c, 0x01, 0xa2, 0xcb, 0x30, 0xd4, 0x89, 0x48, 0x28, 0x73, 0x77, 0x4b, 0xfe, 0xcd, 0x54, 0xa5,
+	0x0c, 0x42, 0x45, 0xd3, 0x96, 0xd2, 0x52, 0x6a, 0xa2, 0x29, 0x57, 0x3d, 0x72, 0x98, 0xfd, 0xb5,
+	0x22, 0x5c, 0xcc, 0xb5, 0xa5, 0xa6, 0x5d, 0xda, 0x0b, 0x7c, 0x37, 0x0e, 0xd4, 0x0b, 0x17, 0x8f,
+	0x07, 0x44, 0xda, 0x3b, 0xeb, 0xa2, 0x1c, 0x2b, 0x0c, 0x74, 0x05, 0x86, 0xd9, 0xcd, 0xbe, 0x2b,
+	0xe5, 0xd3, 0x72, 0x85, 0x87, 0xa9, 0xe0, 0xe0, 0x81, 0xd3, 0xe9, 0x3d, 0x03, 0x43, 0xed, 0x20,
+	0xf0, 0xd2, 0xcc, 0x88, 0x76, 0x37, 0x08, 0x3c, 0xcc, 0x80, 0xe8, 0x53, 0x62, 0x1c, 0x52, 0x4f,
+	0x3a, 0xd8, 0x69, 0x06, 0x91, 0x36, 0x18, 0xcf, 0xc2, 0xe8, 0x2e, 0x39, 0x08, 0x5d, 0xbf, 0x95,
+	0x7e, 0xea, 0xbb, 0xc9, 0x8b, 0xb1, 0x84, 0x9b, 0x19, 0x4f, 0x46, 0x4f, 0x3b, 0x0f, 0xde, 0x58,
+	0xdf, 0xa3, 0xed, 0x87, 0x8a, 0x30, 0x8d, 0x97, 0x2b, 0xdf, 0x9a, 0x88, 0x3b, 0xdd, 0x13, 0x71,
+	0xda, 0x79, 0xf0, 0xfa, 0xcf, 0xc6, 0x2f, 0x59, 0x30, 0xcd, 0xa2, 0x82, 0x8b, 0x78, 0x36, 0x6e,
+	0xe0, 0x9f, 0x81, 0xe8, 0xf6, 0x0c, 0x0c, 0x87, 0xb4, 0xd1, 0x74, 0x72, 0x2b, 0xd6, 0x13, 0xcc,
+	0x61, 0xe8, 0x49, 0x18, 0x62, 0x5d, 0xa0, 0x93, 0x37, 0xc1, 0xf3, 0x82, 0x54, 0x9c, 0xd8, 0xc1,
+	0xac, 0x94, 0x39, 0x16, 0x63, 0xd2, 0xf6, 0x5c, 0xde, 0xe9, 0x44, 0xd5, 0xff, 0xf1, 0x70, 0x2c,
+	0xce, 0xec, 0xda, 0x87, 0x73, 0x2c, 0xce, 0x26, 0xd9, 0xfb, 0x5a, 0xf4, 0x3f, 0x0a, 0x70, 0x29,
+	0xb3, 0xde, 0xc0, 0x8e, 0xc5, 0xbd, 0x6b, 0x9f, 0x8e, 0xc5, 0x46, 0xb6, 0x21, 0x45, 0xf1, 0x0c,
+	0x0d, 0x29, 0x86, 0x06, 0x95, 0x1c, 0x87, 0x07, 0xf0, 0xf7, 0xcd, 0x1c, 0xb2, 0x8f, 0x89, 0xbf,
+	0x6f, 0x66, 0xdf, 0x72, 0xae, 0x75, 0x7f, 0x51, 0xc8, 0xf9, 0x16, 0x76, 0xc1, 0xbb, 0x4a, 0xf9,
+	0x0c, 0x03, 0x46, 0x42, 0x12, 0x9e, 0xe0, 0x3c, 0x86, 0x97, 0x61, 0x05, 0x45, 0xae, 0xe6, 0x39,
+	0x5b, 0xc8, 0x4f, 0x7d, 0x9a, 0xdb, 0xd4, 0x82, 0xf9, 0x32, 0xa3, 0x07, 0xdf, 0x49, 0x7b, 0xd1,
+	0xae, 0x6b, 0x97, 0xf2, 0xe2, 0xe0, 0x97, 0xf2, 0x89, 0xec, 0x0b, 0x39, 0x5a, 0x82, 0xe9, 0x3d,
+	0xd7, 0xa7, 0x6c, 0xf3, 0xc0, 0x14, 0x45, 0x55, 0x20, 0x89, 0x75, 0x13, 0x8c, 0xd3, 0xf8, 0xf3,
+	0x6f, 0xc0, 0xe4, 0xc3, 0xab, 0x23, 0xbf, 0x59, 0x84, 0x27, 0x7a, 0x6c, 0x7b, 0xce, 0xeb, 0x8d,
+	0x39, 0xd0, 0x78, 0x7d, 0xd7, 0x3c, 0xd4, 0xe0, 0xfc, 0x76, 0xc7, 0xf3, 0x0e, 0x98, 0xad, 0x22,
+	0x69, 0x4a, 0x0c, 0x21, 0x2b, 0xaa, 0x90, 0xff, 0x6b, 0x19, 0x38, 0x38, 0xb3, 0x26, 0x7a, 0x0b,
+	0x50, 0x20, 0xf2, 0x2e, 0x27, 0x21, 0x85, 0xd8, 0xc0, 0x17, 0x93, 0xcd, 0x78, 0xbb, 0x0b, 0x03,
+	0x67, 0xd4, 0xa2, 0x42, 0x3f, 0x3d, 0x95, 0x0e, 0x54, 0xb7, 0x52, 0x42, 0x3f, 0xd6, 0x81, 0xd8,
+	0xc4, 0x45, 0xd7, 0x61, 0xd6, 0xd9, 0x77, 0x5c, 0x1e, 0x62, 0x52, 0x12, 0xe0, 0x52, 0xbf, 0x52,
+	0x82, 0x2d, 0xa5, 0x11, 0x70, 0x77, 0x9d, 0x94, 0xeb, 0xee, 0x48, 0xbe, 0xeb, 0x6e, 0x6f, 0xbe,
+	0xd8, 0x4f, 0xa7, 0x6b, 0xff, 0x67, 0x8b, 0x1e, 0x5f, 0x5c, 0x78, 0x37, 0xc3, 0x6d, 0xbd, 0x01,
+	0x93, 0x4a, 0x37, 0xa9, 0x79, 0xd1, 0xaa, 0x71, 0x58, 0xd1, 0x81, 0xd8, 0xc4, 0xe5, 0x0b, 0x22,
+	0x4a, 0x1c, 0x3a, 0x0c, 0xd1, 0x5d, 0xb8, 0xc9, 0x2b, 0x0c, 0xf4, 0x25, 0x18, 0x6d, 0xba, 0xfb,
+	0x6e, 0x14, 0x84, 0x62, 0xb3, 0x9c, 0xd0, 0x2c, 0x3e, 0xe1, 0x83, 0x15, 0x4e, 0x06, 0x4b, 0x7a,
+	0xf6, 0x0f, 0x15, 0x60, 0x52, 0xb6, 0xf8, 0x76, 0x27, 0x88, 0x9d, 0x33, 0x38, 0x96, 0xaf, 0x1b,
+	0xc7, 0xf2, 0xa7, 0x7a, 0xc5, 0x0a, 0x60, 0x5d, 0xca, 0x3d, 0x8e, 0x6f, 0xa7, 0x8e, 0xe3, 0x4f,
+	0xf7, 0x27, 0xd5, 0xfb, 0x18, 0xfe, 0x57, 0x16, 0xcc, 0x1a, 0xf8, 0x67, 0x70, 0x1a, 0xac, 0x99,
+	0xa7, 0xc1, 0xd3, 0x7d, 0xbf, 0x21, 0xe7, 0x14, 0xf8, 0x7a, 0x21, 0xd5, 0x77, 0xc6, 0xfd, 0xdf,
+	0x87, 0xa1, 0x1d, 0x27, 0x6c, 0xf6, 0x0a, 0x94, 0xdc, 0x55, 0x69, 0xe1, 0x86, 0x13, 0x36, 0x39,
+	0x0f, 0x7f, 0x41, 0x65, 0x6b, 0x75, 0xc2, 0x66, 0x5f, 0xff, 0x25, 0xd6, 0x14, 0x7a, 0x1d, 0x46,
+	0xa2, 0x46, 0xd0, 0x56, 0xd6, 0x85, 0x97, 0x79, 0x26, 0x57, 0x5a, 0x72, 0x7c, 0x58, 0x46, 0x66,
+	0x73, 0xb4, 0x18, 0x0b, 0xfc, 0xf9, 0x16, 0x94, 0x54, 0xd3, 0x8f, 0xd4, 0x37, 0xe4, 0x77, 0x8b,
+	0x70, 0x2e, 0x63, 0x5d, 0xa0, 0xc8, 0x18, 0xad, 0x97, 0x06, 0x5c, 0x4e, 0x1f, 0x72, 0xbc, 0x22,
+	0x76, 0x63, 0x69, 0x8a, 0xf9, 0x1f, 0xb8, 0xd1, 0x3b, 0x11, 0x49, 0x37, 0x4a, 0x8b, 0xfa, 0x37,
+	0x4a, 0x1b, 0x3b, 0xb3, 0xa1, 0xa6, 0x0d, 0xa9, 0x9e, 0x3e, 0xd2, 0x39, 0xfd, 0xd3, 0x22, 0x9c,
+	0xcf, 0x0a, 0x31, 0x82, 0xbe, 0x3b, 0x95, 0x76, 0xe9, 0x95, 0x41, 0x83, 0x93, 0xf0, 0x5c, 0x4c,
+	0x22, 0x26, 0xdb, 0x82, 0x99, 0x88, 0xa9, 0xef, 0x30, 0x8b, 0x36, 0x99, 0x43, 0x61, 0xc8, 0xd3,
+	0x65, 0xc9, 0x2d, 0xfe, 0xd9, 0x81, 0x3b, 0x20, 0xf2, 0x6c, 0x45, 0x29, 0x87, 0x42, 0x59, 0xdc,
+	0xdf, 0xa1, 0x50, 0xb6, 0x3c, 0xef, 0xc2, 0xb8, 0xf6, 0x35, 0x8f, 0x74, 0xc6, 0x77, 0xe9, 0x89,
+	0xa2, 0xf5, 0xfb, 0x91, 0xce, 0xfa, 0x4f, 0x58, 0x90, 0xb2, 0xe9, 0x53, 0x2a, 0x29, 0x2b, 0x57,
+	0x25, 0x75, 0x19, 0x86, 0xc2, 0xc0, 0x23, 0xe9, 0x4c, 0x3c, 0x38, 0xf0, 0x08, 0x66, 0x10, 0x8a,
+	0x11, 0x27, 0x0a, 0x89, 0x09, 0xfd, 0xb2, 0x25, 0xae, 0x51, 0xcf, 0xc0, 0xb0, 0x47, 0xf6, 0x89,
+	0xd4, 0x46, 0x28, 0x9e, 0x7c, 0x8b, 0x16, 0x62, 0x0e, 0xb3, 0x7f, 0x69, 0x08, 0x9e, 0xea, 0xe9,
+	0x92, 0x4b, 0xaf, 0x2c, 0x2d, 0x27, 0x26, 0xf7, 0x9d, 0x83, 0x74, 0x9c, 0xf0, 0xeb, 0xbc, 0x18,
+	0x4b, 0x38, 0xb3, 0x40, 0xe6, 0xa1, 0x46, 0x53, 0x0a, 0x3c, 0x11, 0x61, 0x54, 0x40, 0x4d, 0xc5,
+	0x51, 0xf1, 0x34, 0x14, 0x47, 0xd7, 0x00, 0xa2, 0xc8, 0x5b, 0xf5, 0xa9, 0x04, 0xd6, 0x14, 0xa6,
+	0xcd, 0x49, 0x48, 0xda, 0xfa, 0x2d, 0x01, 0xc1, 0x1a, 0x16, 0xaa, 0xc0, 0x4c, 0x3b, 0x0c, 0x62,
+	0xae, 0x0f, 0xad, 0x70, 0x23, 0x99, 0x61, 0xd3, 0x1b, 0xb2, 0x96, 0x82, 0xe3, 0xae, 0x1a, 0xe8,
+	0x55, 0x18, 0x17, 0x1e, 0x92, 0xb5, 0x20, 0xf0, 0x84, 0xaa, 0x46, 0x99, 0x5c, 0xd4, 0x13, 0x10,
+	0xd6, 0xf1, 0xb4, 0x6a, 0x4c, 0xc9, 0x3a, 0x9a, 0x59, 0x8d, 0x2b, 0x5a, 0x35, 0xbc, 0x54, 0xb8,
+	0xa1, 0xb1, 0x81, 0xc2, 0x0d, 0x25, 0xca, 0xab, 0xd2, 0xc0, 0xef, 0x4a, 0xd0, 0x57, 0xdd, 0xf3,
+	0xf3, 0x43, 0x70, 0x4e, 0x2c, 0x9c, 0x47, 0xbd, 0x5c, 0xee, 0x74, 0x2f, 0x97, 0xd3, 0x50, 0x6f,
+	0x7d, 0x6b, 0xcd, 0x9c, 0xf5, 0x9a, 0xf9, 0x46, 0x11, 0x46, 0xf8, 0x54, 0x9c, 0x81, 0x0c, 0xbf,
+	0x26, 0x94, 0x7e, 0x3d, 0x02, 0xed, 0xf0, 0xbe, 0x2c, 0x54, 0x9c, 0xd8, 0xe1, 0xe7, 0x97, 0x62,
+	0xa3, 0x89, 0x7a, 0x10, 0x2d, 0x18, 0x8c, 0x76, 0x3e, 0xa5, 0xd5, 0x02, 0x4e, 0x43, 0x63, 0xbb,
+	0x5f, 0x06, 0x88, 0xe2, 0xd0, 0xf5, 0x5b, 0x94, 0x86, 0x08, 0xd9, 0xf4, 0x5c, 0x8f, 0xd6, 0xeb,
+	0x0a, 0x99, 0xf7, 0x21, 0x59, 0x82, 0x0a, 0x80, 0x35, 0x8a, 0xf3, 0xaf, 0x41, 0x49, 0x21, 0xf7,
+	0x53, 0x01, 0x4c, 0xe8, 0xa7, 0xde, 0x17, 0x60, 0x3a, 0xd5, 0xd6, 0x89, 0x34, 0x08, 0xbf, 0x6c,
+	0xc1, 0x34, 0xef, 0xf2, 0xaa, 0xbf, 0x2f, 0x36, 0xfb, 0x07, 0x70, 0xde, 0xcb, 0xd8, 0x74, 0x62,
+	0x46, 0x07, 0xdf, 0xa4, 0x4a, 0x63, 0x90, 0x05, 0xc5, 0x99, 0x6d, 0xa0, 0xab, 0x30, 0xc6, 0x5d,
+	0x76, 0x1c, 0x4f, 0xb8, 0x59, 0x4c, 0xf0, 0xd4, 0x1d, 0xbc, 0x0c, 0x2b, 0xa8, 0xfd, 0x7b, 0x16,
+	0xcc, 0xf2, 0x9e, 0xdf, 0x24, 0x07, 0xea, 0x76, 0xfc, 0x51, 0xf6, 0x5d, 0x64, 0x26, 0x29, 0xe4,
+	0x64, 0x26, 0xd1, 0x3f, 0xad, 0xd8, 0xf3, 0xd3, 0x7e, 0xce, 0x02, 0xb1, 0x02, 0xcf, 0xe0, 0x1e,
+	0xf8, 0xed, 0xe6, 0x3d, 0x70, 0x3e, 0x7f, 0x51, 0xe7, 0x5c, 0x00, 0xff, 0xdc, 0x82, 0x19, 0x8e,
+	0x90, 0x3c, 0x44, 0x7e, 0xa4, 0xf3, 0x30, 0x48, 0xba, 0x3c, 0x95, 0x9f, 0x3c, 0xfb, 0xa3, 0x8c,
+	0xc9, 0x1a, 0xea, 0x39, 0x59, 0x4d, 0xb9, 0x81, 0x4e, 0x90, 0x06, 0xf2, 0xc4, 0xc1, 0x74, 0xed,
+	0x3f, 0xb1, 0x00, 0xf1, 0x66, 0x8c, 0x73, 0x99, 0x9e, 0x76, 0xac, 0x54, 0xd3, 0x04, 0x25, 0xac,
+	0x46, 0x41, 0xb0, 0x86, 0x75, 0x2a, 0xc3, 0x93, 0x7a, 0x4d, 0x2e, 0xf6, 0x7f, 0x4d, 0x3e, 0xc1,
+	0x88, 0x7e, 0x63, 0x08, 0xd2, 0x36, 0xda, 0xe8, 0x2e, 0x4c, 0x34, 0x9c, 0xb6, 0xb3, 0xe5, 0x7a,
+	0x6e, 0xec, 0x92, 0xa8, 0x97, 0x19, 0xca, 0x8a, 0x86, 0x27, 0xde, 0x09, 0xb5, 0x12, 0x6c, 0xd0,
+	0x41, 0x0b, 0x00, 0xed, 0xd0, 0xdd, 0x77, 0x3d, 0xd2, 0x62, 0x57, 0x61, 0xe6, 0xd8, 0xc5, 0x6d,
+	0x2b, 0x64, 0x29, 0xd6, 0x30, 0x32, 0x1c, 0x81, 0x8a, 0x8f, 0xce, 0x11, 0x68, 0xe8, 0x84, 0x8e,
+	0x40, 0xc3, 0x03, 0x39, 0x02, 0x61, 0x78, 0x4c, 0x9e, 0xdd, 0xf4, 0xff, 0x9a, 0xeb, 0x11, 0x21,
+	0xb0, 0x71, 0x77, 0xaf, 0xf9, 0xa3, 0xc3, 0xf2, 0x63, 0x38, 0x13, 0x03, 0xe7, 0xd4, 0x44, 0x5f,
+	0x84, 0x39, 0xc7, 0xf3, 0x82, 0xfb, 0x6a, 0xd4, 0x56, 0xa3, 0x86, 0xe3, 0x25, 0xb1, 0xe5, 0xc7,
+	0x96, 0x9f, 0x3c, 0x3a, 0x2c, 0xcf, 0x2d, 0xe5, 0xe0, 0xe0, 0xdc, 0xda, 0x29, 0x3f, 0xa2, 0xb1,
+	0xbe, 0x7e, 0x44, 0xbb, 0x70, 0xae, 0x4e, 0x42, 0x99, 0x89, 0x56, 0x6d, 0xc9, 0x4d, 0x28, 0x85,
+	0x29, 0x26, 0x34, 0x50, 0x0c, 0x18, 0x2d, 0x4e, 0xa8, 0x64, 0x3a, 0x09, 0x21, 0xfb, 0xcf, 0x2c,
+	0x18, 0x15, 0x76, 0xe2, 0x67, 0x20, 0xfb, 0x2c, 0x19, 0xfa, 0xcb, 0x72, 0x36, 0xa3, 0x66, 0x9d,
+	0xc9, 0xd5, 0x5c, 0x56, 0x53, 0x9a, 0xcb, 0xa7, 0x7b, 0x11, 0xe9, 0xad, 0xb3, 0xfc, 0xb1, 0x22,
+	0x4c, 0x99, 0x36, 0xf2, 0x67, 0x30, 0x04, 0x1b, 0x30, 0x1a, 0x09, 0x87, 0x8c, 0x42, 0xbe, 0xe1,
+	0x6c, 0x7a, 0x12, 0x13, 0xab, 0x18, 0xe1, 0x82, 0x21, 0x89, 0x64, 0x7a, 0x7a, 0x14, 0x1f, 0xa1,
+	0xa7, 0x47, 0x3f, 0x37, 0x85, 0xa1, 0xd3, 0x70, 0x53, 0xb0, 0x7f, 0x95, 0x1d, 0x16, 0x7a, 0xf9,
+	0x19, 0xc8, 0x11, 0xd7, 0xcd, 0x63, 0xc5, 0xee, 0xb1, 0xb2, 0x44, 0xa7, 0x72, 0xe4, 0x89, 0x7f,
+	0x66, 0xc1, 0xb8, 0x40, 0x3c, 0x83, 0x6e, 0x7f, 0x87, 0xd9, 0xed, 0x27, 0x7a, 0x74, 0x3b, 0xa7,
+	0xbf, 0xff, 0xa0, 0xa0, 0xfa, 0x5b, 0x0b, 0xc2, 0x78, 0xa0, 0xdc, 0x24, 0x63, 0xf4, 0xf6, 0x18,
+	0x34, 0x02, 0x4f, 0x1c, 0xfe, 0x4f, 0x26, 0x1e, 0xc2, 0xbc, 0xfc, 0x58, 0xfb, 0x8d, 0x15, 0x36,
+	0x73, 0x60, 0x0d, 0xc2, 0x58, 0x1c, 0xb8, 0x89, 0x03, 0x6b, 0x10, 0xc6, 0x98, 0x41, 0x50, 0x13,
+	0x20, 0x76, 0xc2, 0x16, 0x89, 0x69, 0x99, 0x08, 0x36, 0x90, 0xbf, 0x0b, 0x3b, 0xb1, 0xeb, 0x2d,
+	0xb8, 0x7e, 0x1c, 0xc5, 0xe1, 0x42, 0xd5, 0x8f, 0x6f, 0x87, 0xfc, 0x2e, 0xa1, 0xb9, 0xfc, 0x2a,
+	0x5a, 0x58, 0xa3, 0x2b, 0x7d, 0xc8, 0x58, 0x1b, 0xc3, 0xe6, 0xc3, 0xe2, 0x86, 0x28, 0xc7, 0x0a,
+	0xc3, 0x7e, 0x8d, 0xf1, 0x64, 0x36, 0x40, 0x27, 0xf3, 0xc6, 0xfd, 0xed, 0x31, 0x35, 0xb4, 0xec,
+	0x55, 0xa1, 0xa2, 0xfb, 0xfc, 0xf6, 0x66, 0x81, 0xb4, 0x61, 0xdd, 0x1f, 0x21, 0x71, 0x0c, 0x46,
+	0xdf, 0xd9, 0xf5, 0xde, 0xfc, 0x62, 0x1f, 0x5e, 0x7a, 0x82, 0x17, 0x66, 0x16, 0xe0, 0x96, 0x05,
+	0x02, 0xad, 0xd6, 0xd2, 0xd9, 0x63, 0x56, 0x24, 0x00, 0x27, 0x38, 0x68, 0x51, 0xdc, 0x44, 0xb9,
+	0x3e, 0xef, 0x89, 0xd4, 0x4d, 0x54, 0x7e, 0xbe, 0x76, 0x15, 0x7d, 0x09, 0xc6, 0x55, 0x46, 0xbe,
+	0x1a, 0x4f, 0x6c, 0x26, 0x42, 0x2f, 0xac, 0x26, 0xc5, 0x58, 0xc7, 0x41, 0x9b, 0x30, 0x1d, 0xf1,
+	0x74, 0x81, 0x2a, 0xc2, 0x16, 0xd7, 0x33, 0x3c, 0x27, 0xdf, 0xa9, 0xeb, 0x26, 0xf8, 0x98, 0x15,
+	0xf1, 0xcd, 0x2a, 0x1d, 0xc1, 0xd2, 0x24, 0xd0, 0x9b, 0x30, 0xe5, 0xe9, 0x69, 0xd3, 0x6b, 0x42,
+	0x0d, 0xa1, 0xcc, 0x38, 0x8d, 0xa4, 0xea, 0x35, 0x9c, 0xc2, 0xa6, 0x42, 0x83, 0x5e, 0x22, 0xa2,
+	0xc2, 0x39, 0x7e, 0x8b, 0x44, 0x22, 0x9f, 0x18, 0x13, 0x1a, 0x6e, 0xe5, 0xe0, 0xe0, 0xdc, 0xda,
+	0xe8, 0x75, 0x98, 0x90, 0x9f, 0xaf, 0xb9, 0x39, 0x26, 0xc6, 0xc2, 0x1a, 0x0c, 0x1b, 0x98, 0xe8,
+	0x3e, 0x5c, 0x90, 0xff, 0x37, 0x43, 0x67, 0x7b, 0xdb, 0x6d, 0x08, 0x2f, 0x53, 0xee, 0x31, 0xb1,
+	0x24, 0x5d, 0x30, 0x56, 0xb3, 0x90, 0x8e, 0x0f, 0xcb, 0x97, 0xc5, 0xa8, 0x65, 0xc2, 0xd9, 0x24,
+	0x66, 0xd3, 0x47, 0xeb, 0x70, 0x6e, 0x87, 0x38, 0x5e, 0xbc, 0xb3, 0xb2, 0x43, 0x1a, 0xbb, 0x72,
+	0x13, 0x31, 0xe7, 0x49, 0xcd, 0xc4, 0xf6, 0x46, 0x37, 0x0a, 0xce, 0xaa, 0x87, 0xde, 0x85, 0xb9,
+	0x76, 0x67, 0xcb, 0x73, 0xa3, 0x9d, 0x8d, 0x20, 0x66, 0x4f, 0xe3, 0x2a, 0xa1, 0x9d, 0xf0, 0xb2,
+	0x54, 0x8e, 0xa3, 0xb5, 0x1c, 0x3c, 0x9c, 0x4b, 0x01, 0x7d, 0x00, 0x17, 0x52, 0x8b, 0x41, 0xf8,
+	0x7c, 0x4d, 0xe5, 0xc7, 0xd8, 0xac, 0x67, 0x55, 0x10, 0x3e, 0x5c, 0x59, 0x20, 0x9c, 0xdd, 0xc4,
+	0x87, 0x33, 0x98, 0x78, 0x9f, 0x56, 0xd6, 0xa4, 0x1b, 0xf4, 0x15, 0x98, 0xd0, 0x57, 0x91, 0x38,
+	0x60, 0xae, 0x64, 0x1f, 0xfe, 0xda, 0x6a, 0xe3, 0xb2, 0x91, 0x5a, 0x51, 0x3a, 0x0c, 0x1b, 0x14,
+	0x6d, 0x02, 0xd9, 0xdf, 0x87, 0x6e, 0xc1, 0x58, 0xc3, 0x73, 0x89, 0x1f, 0x57, 0x6b, 0xbd, 0xa2,
+	0x09, 0xac, 0x08, 0x1c, 0x31, 0x60, 0x22, 0x28, 0x21, 0x2f, 0xc3, 0x8a, 0x82, 0xfd, 0xeb, 0x05,
+	0x28, 0xf7, 0x89, 0x70, 0x99, 0xd2, 0x19, 0x5a, 0x03, 0xe9, 0x0c, 0x97, 0x64, 0x7a, 0xbe, 0x8d,
+	0xd4, 0x7d, 0x35, 0x95, 0x7a, 0x2f, 0xb9, 0xb5, 0xa6, 0xf1, 0x07, 0xb6, 0xb3, 0xd4, 0xd5, 0x8e,
+	0x43, 0x7d, 0x2d, 0x80, 0x8d, 0xe7, 0x86, 0xe1, 0xc1, 0x25, 0xfa, 0x5c, 0xd5, 0xb1, 0xfd, 0xab,
+	0x05, 0xb8, 0xa0, 0x86, 0xf0, 0xaf, 0xee, 0xc0, 0xdd, 0xe9, 0x1e, 0xb8, 0x53, 0x50, 0xbc, 0xdb,
+	0xb7, 0x61, 0xa4, 0x7e, 0x10, 0x35, 0x62, 0x6f, 0x00, 0x01, 0xe8, 0x19, 0x33, 0xaa, 0x8e, 0x3a,
+	0xa6, 0x8d, 0xc8, 0x3a, 0x7f, 0xd3, 0x82, 0xe9, 0xcd, 0x95, 0x5a, 0x3d, 0x68, 0xec, 0x92, 0x78,
+	0x89, 0xab, 0x95, 0xb0, 0x90, 0x7f, 0xac, 0x87, 0x94, 0x6b, 0xb2, 0x24, 0xa6, 0xcb, 0x30, 0xb4,
+	0x13, 0x44, 0x71, 0xfa, 0x55, 0xee, 0x46, 0x10, 0xc5, 0x98, 0x41, 0xec, 0xdf, 0xb7, 0x60, 0x98,
+	0x25, 0x95, 0xed, 0x97, 0x7c, 0x78, 0x90, 0xef, 0x42, 0xaf, 0xc2, 0x08, 0xd9, 0xde, 0x26, 0x8d,
+	0x58, 0xcc, 0xaa, 0x74, 0xeb, 0x1b, 0x59, 0x65, 0xa5, 0xf4, 0xd0, 0x67, 0x8d, 0xf1, 0xbf, 0x58,
+	0x20, 0xa3, 0x7b, 0x50, 0x8a, 0xdd, 0x3d, 0xb2, 0xd4, 0x6c, 0x8a, 0x77, 0x8d, 0x87, 0xf0, 0xa2,
+	0xdc, 0x94, 0x04, 0x70, 0x42, 0xcb, 0xfe, 0x5a, 0x01, 0x20, 0x71, 0x4d, 0xee, 0xf7, 0x89, 0xcb,
+	0x5d, 0xf9, 0x95, 0xaf, 0x64, 0xe4, 0x57, 0x46, 0x09, 0xc1, 0x8c, 0xec, 0xca, 0x6a, 0x98, 0x8a,
+	0x03, 0x0d, 0xd3, 0xd0, 0x49, 0x86, 0x69, 0x05, 0x66, 0x13, 0xd7, 0x6a, 0x33, 0xce, 0x04, 0x8b,
+	0x78, 0xbf, 0x99, 0x06, 0xe2, 0x6e, 0x7c, 0xfb, 0x07, 0x2c, 0x10, 0xee, 0x09, 0x03, 0x2c, 0xe6,
+	0x77, 0x64, 0x2a, 0x54, 0x23, 0x50, 0xee, 0xe5, 0x7c, 0x7f, 0x0d, 0x11, 0x1e, 0x57, 0x1d, 0x1e,
+	0x46, 0x50, 0x5c, 0x83, 0x96, 0xdd, 0x04, 0x01, 0xad, 0x10, 0xa6, 0x64, 0xe8, 0xdf, 0x9b, 0x6b,
+	0x00, 0x4d, 0x86, 0xab, 0xa5, 0x56, 0x54, 0xac, 0xaa, 0xa2, 0x20, 0x58, 0xc3, 0xb2, 0x7f, 0xa4,
+	0x00, 0xe3, 0x32, 0x30, 0x2b, 0xbd, 0xc7, 0xf7, 0x6f, 0xe5, 0x44, 0x59, 0x19, 0x58, 0x2e, 0x52,
+	0x4a, 0x58, 0x05, 0xef, 0xd7, 0x73, 0x91, 0x4a, 0x00, 0x4e, 0x70, 0xd0, 0xb3, 0x30, 0x1a, 0x75,
+	0xb6, 0x18, 0x7a, 0xca, 0xe8, 0xbe, 0xce, 0x8b, 0xb1, 0x84, 0xa3, 0x2f, 0xc2, 0x0c, 0xaf, 0x17,
+	0x06, 0x6d, 0xa7, 0xc5, 0x35, 0x4e, 0xc3, 0xca, 0x0b, 0x6e, 0x66, 0x3d, 0x05, 0x3b, 0x3e, 0x2c,
+	0x9f, 0x4f, 0x97, 0x31, 0x5d, 0x65, 0x17, 0x15, 0xfb, 0x2b, 0x80, 0xba, 0x63, 0xcd, 0xa2, 0xb7,
+	0xb8, 0x59, 0x85, 0x1b, 0x92, 0x66, 0x2f, 0x25, 0xa4, 0xee, 0xb4, 0x25, 0x0d, 0x5f, 0x79, 0x2d,
+	0xac, 0xea, 0xd3, 0x9d, 0x37, 0x93, 0x76, 0xe1, 0x41, 0x37, 0x60, 0x84, 0x33, 0x55, 0x41, 0xbe,
+	0xc7, 0x1b, 0x97, 0xe6, 0xf8, 0xc3, 0x02, 0xe1, 0x0b, 0xbe, 0x2c, 0xea, 0xa3, 0x77, 0x61, 0xbc,
+	0x19, 0xdc, 0xf7, 0xef, 0x3b, 0x61, 0x73, 0xa9, 0x56, 0x15, 0xeb, 0x32, 0x53, 0x36, 0xab, 0x24,
+	0x68, 0xba, 0x33, 0x11, 0xd3, 0xe7, 0x26, 0x20, 0xac, 0x93, 0x43, 0x9b, 0x2c, 0x7e, 0xd6, 0xb6,
+	0xdb, 0x5a, 0x77, 0xda, 0xbd, 0xec, 0xe0, 0x56, 0x24, 0x92, 0x46, 0x79, 0x52, 0x04, 0xd9, 0xe2,
+	0x00, 0x9c, 0x10, 0xb2, 0xbf, 0x7a, 0x0e, 0x8c, 0xfd, 0x60, 0xe4, 0x7d, 0xb0, 0x4e, 0x29, 0xef,
+	0x03, 0x86, 0x31, 0xb2, 0xd7, 0x8e, 0x0f, 0x2a, 0x6e, 0xd8, 0x2b, 0x71, 0xd0, 0xaa, 0xc0, 0xe9,
+	0xa6, 0x29, 0x21, 0x58, 0xd1, 0xc9, 0x4e, 0xce, 0x51, 0xfc, 0x08, 0x93, 0x73, 0x0c, 0x9d, 0x61,
+	0x72, 0x8e, 0x0d, 0x18, 0x6d, 0xb9, 0x31, 0x26, 0xed, 0x40, 0x08, 0x14, 0x99, 0x2b, 0xe1, 0x3a,
+	0x47, 0xe9, 0x0e, 0x0d, 0x2f, 0x00, 0x58, 0x12, 0x41, 0x6f, 0xa9, 0x3d, 0x30, 0x92, 0x2f, 0x8f,
+	0x77, 0x3f, 0x87, 0x64, 0xee, 0x02, 0x91, 0x8c, 0x63, 0xf4, 0x61, 0x93, 0x71, 0xac, 0xc9, 0x14,
+	0x1a, 0x63, 0xf9, 0x66, 0xa3, 0x2c, 0x43, 0x46, 0x9f, 0xc4, 0x19, 0x46, 0xb2, 0x91, 0xd2, 0xe9,
+	0x25, 0x1b, 0xf9, 0x01, 0x0b, 0x2e, 0xb4, 0xb3, 0xf2, 0xee, 0x88, 0x14, 0x18, 0xaf, 0x0e, 0x9c,
+	0x58, 0xc8, 0x68, 0x90, 0x5d, 0xcc, 0x32, 0xd1, 0x70, 0x76, 0x73, 0x74, 0xa0, 0xc3, 0xad, 0xa6,
+	0xc8, 0x9b, 0xf1, 0x4c, 0x4e, 0xd6, 0x92, 0x1e, 0xb9, 0x4a, 0x36, 0x33, 0x72, 0x65, 0x7c, 0x32,
+	0x2f, 0x57, 0xc6, 0xc0, 0x19, 0x32, 0x92, 0x7c, 0x25, 0x93, 0x1f, 0x3a, 0x5f, 0xc9, 0x5b, 0x2a,
+	0x5f, 0x49, 0x8f, 0xa8, 0x43, 0x3c, 0x1b, 0x49, 0xdf, 0x2c, 0x25, 0x5a, 0xa6, 0x91, 0xe9, 0xd3,
+	0xc9, 0x34, 0x62, 0x30, 0x7b, 0x9e, 0xec, 0xe2, 0xf9, 0x3e, 0xcc, 0xde, 0xa0, 0xdb, 0x9b, 0xdd,
+	0xf3, 0xac, 0x2a, 0xb3, 0x0f, 0x95, 0x55, 0xe5, 0xae, 0x9e, 0xa5, 0x04, 0xf5, 0x49, 0xc3, 0x41,
+	0x91, 0x06, 0xcc, 0x4d, 0x72, 0x57, 0x3f, 0x82, 0xce, 0xe5, 0xd3, 0x55, 0x27, 0x4d, 0x37, 0xdd,
+	0xac, 0x43, 0xa8, 0x3b, 0xe7, 0xc9, 0xf9, 0xb3, 0xc9, 0x79, 0x72, 0xe1, 0xd4, 0x73, 0x9e, 0x3c,
+	0x76, 0x06, 0x39, 0x4f, 0x1e, 0xff, 0x48, 0x73, 0x9e, 0xcc, 0x3d, 0x82, 0x9c, 0x27, 0x1b, 0x49,
+	0xce, 0x93, 0x8b, 0xf9, 0x53, 0x92, 0x61, 0x27, 0x97, 0x93, 0xe9, 0xe4, 0x2e, 0x94, 0xda, 0xd2,
+	0xcb, 0x5b, 0x84, 0x45, 0xca, 0x4e, 0xb6, 0x98, 0xe5, 0x0a, 0xce, 0xa7, 0x44, 0x81, 0x70, 0x42,
+	0x8a, 0xd2, 0x4d, 0x32, 0x9f, 0x3c, 0xd1, 0x43, 0xf5, 0x96, 0xa5, 0xd4, 0xc8, 0xcf, 0x77, 0x62,
+	0xff, 0xad, 0x02, 0x5c, 0xea, 0xbd, 0xae, 0x13, 0x8d, 0x48, 0x2d, 0xd1, 0xe0, 0xa7, 0x34, 0x22,
+	0xfc, 0x9a, 0x91, 0x60, 0x0d, 0x1c, 0x0a, 0xe3, 0x3a, 0xcc, 0x2a, 0x03, 0x39, 0xcf, 0x6d, 0x1c,
+	0x68, 0x49, 0x18, 0x95, 0xb3, 0x4e, 0x3d, 0x8d, 0x80, 0xbb, 0xeb, 0xa0, 0x25, 0x98, 0x36, 0x0a,
+	0xab, 0x15, 0x71, 0x9d, 0x50, 0x2a, 0x98, 0xba, 0x09, 0xc6, 0x69, 0x7c, 0xfb, 0xeb, 0x16, 0x3c,
+	0x9e, 0x13, 0x0e, 0x7c, 0xe0, 0x48, 0x0f, 0xdb, 0x30, 0xdd, 0x36, 0xab, 0xf6, 0x09, 0x08, 0x63,
+	0x04, 0x1d, 0x57, 0x7d, 0x4d, 0x01, 0x70, 0x9a, 0xe8, 0xf2, 0xd5, 0xdf, 0xfc, 0xc3, 0x4b, 0x9f,
+	0xf8, 0x9d, 0x3f, 0xbc, 0xf4, 0x89, 0xdf, 0xfb, 0xc3, 0x4b, 0x9f, 0xf8, 0xeb, 0x47, 0x97, 0xac,
+	0xdf, 0x3c, 0xba, 0x64, 0xfd, 0xce, 0xd1, 0x25, 0xeb, 0xf7, 0x8e, 0x2e, 0x59, 0x7f, 0x70, 0x74,
+	0xc9, 0xfa, 0xda, 0x1f, 0x5d, 0xfa, 0xc4, 0x3b, 0x85, 0xfd, 0x97, 0xfe, 0x7f, 0x00, 0x00, 0x00,
+	0xff, 0xff, 0xcc, 0x93, 0x27, 0x7c, 0x56, 0xe4, 0x00, 0x00,
 }
diff --git a/vendor/k8s.io/api/core/v1/generated.proto b/vendor/k8s.io/api/core/v1/generated.proto
index 663b86f11cfe..845db97b1eae 100644
--- a/vendor/k8s.io/api/core/v1/generated.proto
+++ b/vendor/k8s.io/api/core/v1/generated.proto
@@ -170,7 +170,7 @@ message Binding {
   optional ObjectReference target = 2;
 }
 
-// Represents storage that is managed by an external CSI volume driver
+// Represents storage that is managed by an external CSI volume driver (Beta feature)
 message CSIPersistentVolumeSource {
   // Driver is the name of the driver to use for this volume.
   // Required.
@@ -185,6 +185,40 @@ message CSIPersistentVolumeSource {
   // Defaults to false (read/write).
   // +optional
   optional bool readOnly = 3;
+
+  // Filesystem type to mount.
+  // Must be a filesystem type supported by the host operating system.
+  // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+  // +optional
+  optional string fsType = 4;
+
+  // Attributes of the volume to publish.
+  // +optional
+  map<string, string> volumeAttributes = 5;
+
+  // ControllerPublishSecretRef is a reference to the secret object containing
+  // sensitive information to pass to the CSI driver to complete the CSI
+  // ControllerPublishVolume and ControllerUnpublishVolume calls.
+  // This field is optional, and  may be empty if no secret is required. If the
+  // secret object contains more than one secret, all secrets are passed.
+  // +optional
+  optional SecretReference controllerPublishSecretRef = 6;
+
+  // NodeStageSecretRef is a reference to the secret object containing sensitive
+  // information to pass to the CSI driver to complete the CSI NodeStageVolume
+  // and NodeStageVolume and NodeUnstageVolume calls.
+  // This field is optional, and  may be empty if no secret is required. If the
+  // secret object contains more than one secret, all secrets are passed.
+  // +optional
+  optional SecretReference nodeStageSecretRef = 7;
+
+  // NodePublishSecretRef is a reference to the secret object containing
+  // sensitive information to pass to the CSI driver to complete the CSI
+  // NodePublishVolume and NodeUnpublishVolume calls.
+  // This field is optional, and  may be empty if no secret is required. If the
+  // secret object contains more than one secret, all secrets are passed.
+  // +optional
+  optional SecretReference nodePublishSecretRef = 8;
 }
 
 // Adds and removes POSIX capabilities from running containers.
@@ -351,8 +385,21 @@ message ConfigMap {
 
   // Data contains the configuration data.
   // Each key must consist of alphanumeric characters, '-', '_' or '.'.
+  // Values with non-UTF-8 byte sequences must use the BinaryData field.
+  // The keys stored in Data must not overlap with the keys in
+  // the BinaryData field, this is enforced during validation process.
   // +optional
   map<string, string> data = 2;
+
+  // BinaryData contains the binary data.
+  // Each key must consist of alphanumeric characters, '-', '_' or '.'.
+  // BinaryData can contain byte sequences that are not in the UTF-8 range.
+  // The keys stored in BinaryData must not overlap with the ones in
+  // the Data field, this is enforced during validation process.
+  // Using this field will require 1.10+ apiserver and
+  // kubelet.
+  // +optional
+  map<string, bytes> binaryData = 3;
 }
 
 // ConfigMapEnvSource selects a ConfigMap to populate the environment
@@ -618,7 +665,7 @@ message Container {
 // Describe a container image
 message ContainerImage {
   // Names by which this image is known.
-  // e.g. ["gcr.io/google_containers/hyperkube:v1.0.7", "dockerhub.io/google_containers/hyperkube:v1.0.7"]
+  // e.g. ["k8s.gcr.io/hyperkube:v1.0.7", "dockerhub.io/google_containers/hyperkube:v1.0.7"]
   repeated string names = 1;
 
   // The size of the image in bytes.
@@ -957,6 +1004,7 @@ message Endpoints {
   // subsets for the different ports. No address will appear in both Addresses and
   // NotReadyAddresses in the same subset.
   // Sets of addresses and ports that comprise a service.
+  // +optional
   repeated EndpointSubset subsets = 2;
 }
 
@@ -973,7 +1021,7 @@ message EndpointsList {
 
 // EnvFromSource represents the source of a set of ConfigMaps
 message EnvFromSource {
-  // An optional identifer to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+  // An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
   // +optional
   optional string prefix = 1;
 
@@ -1105,12 +1153,12 @@ message EventList {
 }
 
 // EventSeries contain information on series of events, i.e. thing that was/is happening
-// continously for some time.
+// continuously for some time.
 message EventSeries {
   // Number of occurrences in this series up to the last heartbeat time
   optional int32 count = 1;
 
-  // Time of the last occurence observed
+  // Time of the last occurrence observed
   optional k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime lastObservedTime = 2;
 
   // State of this Series: Ongoing or Finished
@@ -1169,6 +1217,36 @@ message FCVolumeSource {
   repeated string wwids = 5;
 }
 
+// FlexPersistentVolumeSource represents a generic persistent volume resource that is
+// provisioned/attached using an exec based plugin.
+message FlexPersistentVolumeSource {
+  // Driver is the name of the driver to use for this volume.
+  optional string driver = 1;
+
+  // Filesystem type to mount.
+  // Must be a filesystem type supported by the host operating system.
+  // Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
+  // +optional
+  optional string fsType = 2;
+
+  // Optional: SecretRef is reference to the secret object containing
+  // sensitive information to pass to the plugin scripts. This may be
+  // empty if no secret object is specified. If the secret object
+  // contains more than one secret, all secrets are passed to the plugin
+  // scripts.
+  // +optional
+  optional SecretReference secretRef = 3;
+
+  // Optional: Defaults to false (read/write). ReadOnly here will force
+  // the ReadOnly setting in VolumeMounts.
+  // +optional
+  optional bool readOnly = 4;
+
+  // Optional: Extra command options if any.
+  // +optional
+  map<string, string> options = 5;
+}
+
 // FlexVolume represents a generic volume resource that is
 // provisioned/attached using an exec based plugin.
 message FlexVolumeSource {
@@ -2441,7 +2519,7 @@ message PersistentVolumeSource {
   // FlexVolume represents a generic volume resource that is
   // provisioned/attached using an exec based plugin.
   // +optional
-  optional FlexVolumeSource flexVolume = 12;
+  optional FlexPersistentVolumeSource flexVolume = 12;
 
   // AzureFile represents an Azure File Service mount on the host and bind mount to the pod.
   // +optional
@@ -2479,7 +2557,7 @@ message PersistentVolumeSource {
   // +optional
   optional StorageOSPersistentVolumeSource storageos = 21;
 
-  // CSI represents storage that handled by an external CSI driver
+  // CSI represents storage that handled by an external CSI driver (Beta feature).
   // +optional
   optional CSIPersistentVolumeSource csi = 22;
 }
@@ -2507,8 +2585,9 @@ message PersistentVolumeSpec {
   optional ObjectReference claimRef = 4;
 
   // What happens to a persistent volume when released from its claim.
-  // Valid options are Retain (default) and Recycle.
-  // Recycling must be supported by the volume plugin underlying this persistent volume.
+  // Valid options are Retain (default for manually created PersistentVolumes), Delete (default
+  // for dynamically provisioned PersistentVolumes), and Recycle (deprecated).
+  // Recycle must be supported by the volume plugin underlying this PersistentVolume.
   // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming
   // +optional
   optional string persistentVolumeReclaimPolicy = 5;
@@ -2529,6 +2608,11 @@ message PersistentVolumeSpec {
   // This is an alpha feature and may change in the future.
   // +optional
   optional string volumeMode = 8;
+
+  // NodeAffinity defines constraints that limit what nodes this volume can be accessed from.
+  // This field influences the scheduling of pods that use this volume.
+  // +optional
+  optional VolumeNodeAffinity nodeAffinity = 9;
 }
 
 // PersistentVolumeStatus is the current status of a persistent volume.
@@ -2619,6 +2703,7 @@ message PodAffinityTerm {
 
   // namespaces specifies which namespaces the labelSelector applies to (matches against);
   // null or empty list means "this pod's namespace"
+  // +optional
   repeated string namespaces = 2;
 
   // This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
@@ -2879,6 +2964,14 @@ message PodSecurityContext {
   // +optional
   optional int64 runAsUser = 2;
 
+  // The GID to run the entrypoint of the container process.
+  // Uses runtime default if unset.
+  // May also be set in SecurityContext.  If set in both SecurityContext and
+  // PodSecurityContext, the value specified in SecurityContext takes precedence
+  // for that container.
+  // +optional
+  optional int64 runAsGroup = 6;
+
   // Indicates that the container must run as a non-root user.
   // If true, the Kubelet will validate the image at runtime to ensure that it
   // does not run as UID 0 (root) and fail to start the container if it does.
@@ -2978,7 +3071,6 @@ message PodSpec {
   // DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy.
   // To have DNS options set along with hostNetwork, you have to specify DNS policy
   // explicitly to 'ClusterFirstWithHostNet'.
-  // Note that 'None' policy is an alpha feature introduced in v1.9 and CustomPodDNS feature gate must be enabled to use it.
   // +optional
   optional string dnsPolicy = 6;
 
@@ -3028,6 +3120,16 @@ message PodSpec {
   // +optional
   optional bool hostIPC = 13;
 
+  // Share a single process namespace between all of the containers in a pod.
+  // When this is set containers will be able to view and signal processes from other containers
+  // in the same pod, and the first process in each container will not be assigned PID 1.
+  // HostPID and ShareProcessNamespace cannot both be set.
+  // Optional: Default to false.
+  // This field is alpha-level and is honored only by servers that enable the PodShareProcessNamespace feature.
+  // +k8s:conversion-gen=false
+  // +optional
+  optional bool shareProcessNamespace = 27;
+
   // SecurityContext holds pod-level security attributes and common container settings.
   // Optional: Defaults to empty.  See type description for default values of each field.
   // +optional
@@ -3072,9 +3174,10 @@ message PodSpec {
   // +patchStrategy=merge
   repeated HostAlias hostAliases = 23;
 
-  // If specified, indicates the pod's priority. "SYSTEM" is a special keyword
-  // which indicates the highest priority. Any other name must be defined by
-  // creating a PriorityClass object with that name.
+  // If specified, indicates the pod's priority. "system-node-critical" and
+  // "system-cluster-critical" are two special keywords which indicate the
+  // highest priorities with the former being the highest priority. Any other
+  // name must be defined by creating a PriorityClass object with that name.
   // If not specified, the pod priority will be default or zero if there is no
   // default.
   // +optional
@@ -3091,7 +3194,6 @@ message PodSpec {
   // Specifies the DNS parameters of a pod.
   // Parameters specified here will be merged to the generated DNS
   // configuration based on DNSPolicy.
-  // This is an alpha feature introduced in v1.9 and CustomPodDNS feature gate must be enabled to use it.
   // +optional
   optional PodDNSConfig dnsConfig = 26;
 }
@@ -3120,6 +3222,16 @@ message PodStatus {
   // +optional
   optional string reason = 4;
 
+  // nominatedNodeName is set only when this pod preempts other pods on the node, but it cannot be
+  // scheduled right away as preemption victims receive their graceful termination periods.
+  // This field does not guarantee that the pod will be scheduled on this node. Scheduler may decide
+  // to place the pod elsewhere if other nodes become available sooner. Scheduler may also decide to
+  // give the resources on this node to a higher priority pod that is created after preemption.
+  // As a result, this field may be different than PodSpec.nodeName when the pod is
+  // scheduled.
+  // +optional
+  optional string nominatedNodeName = 11;
+
   // IP address of the host to which the pod is assigned. Empty if not yet scheduled.
   // +optional
   optional string hostIP = 5;
@@ -3148,7 +3260,7 @@ message PodStatus {
 
   // The Quality of Service (QOS) classification assigned to the pod based on resource requirements
   // See PodQOSClass type for available QOS classes
-  // More info: https://github.com/kubernetes/kubernetes/blob/master/docs/design/resource-qos.md
+  // More info: https://git.k8s.io/community/contributors/design-proposals/node/resource-qos.md
   // +optional
   optional string qosClass = 9;
 }
@@ -3920,6 +4032,13 @@ message SecurityContext {
   // +optional
   optional int64 runAsUser = 4;
 
+  // The GID to run the entrypoint of the container process.
+  // Uses runtime default if unset.
+  // May also be set in PodSecurityContext.  If set in both SecurityContext and
+  // PodSecurityContext, the value specified in SecurityContext takes precedence.
+  // +optional
+  optional int64 runAsGroup = 8;
+
   // Indicates that the container must run as a non-root user.
   // If true, the Kubelet will validate the image at runtime to ensure that it
   // does not run as UID 0 (root) and fail to start the container if it does.
@@ -4390,12 +4509,17 @@ message VolumeMount {
   // mountPropagation determines how mounts are propagated from the host
   // to container and the other way around.
   // When not set, MountPropagationHostToContainer is used.
-  // This field is alpha in 1.8 and can be reworked or removed in a future
-  // release.
+  // This field is beta in 1.10.
   // +optional
   optional string mountPropagation = 5;
 }
 
+// VolumeNodeAffinity defines constraints that limit what nodes this volume can be accessed from.
+message VolumeNodeAffinity {
+  // Required specifies hard node constraints that must be met.
+  optional NodeSelector required = 1;
+}
+
 // Projection that may be projected along with other supported volume types
 message VolumeProjection {
   // information about the secret data to project
diff --git a/vendor/k8s.io/api/core/v1/register.go b/vendor/k8s.io/api/core/v1/register.go
index 62bf076ebc05..526e1320adef 100644
--- a/vendor/k8s.io/api/core/v1/register.go
+++ b/vendor/k8s.io/api/core/v1/register.go
@@ -14,8 +14,6 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-//TODO: this file is going to be moved to k8s.io/api
-
 package v1
 
 import (
diff --git a/vendor/k8s.io/api/core/v1/types.go b/vendor/k8s.io/api/core/v1/types.go
index 728cbd5a62b0..08ef4194ea0b 100644
--- a/vendor/k8s.io/api/core/v1/types.go
+++ b/vendor/k8s.io/api/core/v1/types.go
@@ -418,7 +418,7 @@ type PersistentVolumeSource struct {
 	// FlexVolume represents a generic volume resource that is
 	// provisioned/attached using an exec based plugin.
 	// +optional
-	FlexVolume *FlexVolumeSource `json:"flexVolume,omitempty" protobuf:"bytes,12,opt,name=flexVolume"`
+	FlexVolume *FlexPersistentVolumeSource `json:"flexVolume,omitempty" protobuf:"bytes,12,opt,name=flexVolume"`
 	// AzureFile represents an Azure File Service mount on the host and bind mount to the pod.
 	// +optional
 	AzureFile *AzureFilePersistentVolumeSource `json:"azureFile,omitempty" protobuf:"bytes,13,opt,name=azureFile"`
@@ -446,7 +446,7 @@ type PersistentVolumeSource struct {
 	// More info: https://releases.k8s.io/HEAD/examples/volumes/storageos/README.md
 	// +optional
 	StorageOS *StorageOSPersistentVolumeSource `json:"storageos,omitempty" protobuf:"bytes,21,opt,name=storageos"`
-	// CSI represents storage that handled by an external CSI driver
+	// CSI represents storage that handled by an external CSI driver (Beta feature).
 	// +optional
 	CSI *CSIPersistentVolumeSource `json:"csi,omitempty" protobuf:"bytes,22,opt,name=csi"`
 }
@@ -511,8 +511,9 @@ type PersistentVolumeSpec struct {
 	// +optional
 	ClaimRef *ObjectReference `json:"claimRef,omitempty" protobuf:"bytes,4,opt,name=claimRef"`
 	// What happens to a persistent volume when released from its claim.
-	// Valid options are Retain (default) and Recycle.
-	// Recycling must be supported by the volume plugin underlying this persistent volume.
+	// Valid options are Retain (default for manually created PersistentVolumes), Delete (default
+	// for dynamically provisioned PersistentVolumes), and Recycle (deprecated).
+	// Recycle must be supported by the volume plugin underlying this PersistentVolume.
 	// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming
 	// +optional
 	PersistentVolumeReclaimPolicy PersistentVolumeReclaimPolicy `json:"persistentVolumeReclaimPolicy,omitempty" protobuf:"bytes,5,opt,name=persistentVolumeReclaimPolicy,casttype=PersistentVolumeReclaimPolicy"`
@@ -530,6 +531,16 @@ type PersistentVolumeSpec struct {
 	// This is an alpha feature and may change in the future.
 	// +optional
 	VolumeMode *PersistentVolumeMode `json:"volumeMode,omitempty" protobuf:"bytes,8,opt,name=volumeMode,casttype=PersistentVolumeMode"`
+	// NodeAffinity defines constraints that limit what nodes this volume can be accessed from.
+	// This field influences the scheduling of pods that use this volume.
+	// +optional
+	NodeAffinity *VolumeNodeAffinity `json:"nodeAffinity,omitempty" protobuf:"bytes,9,opt,name=nodeAffinity"`
+}
+
+// VolumeNodeAffinity defines constraints that limit what nodes this volume can be accessed from.
+type VolumeNodeAffinity struct {
+	// Required specifies hard node constraints that must be met.
+	Required *NodeSelector `json:"required,omitempty" protobuf:"bytes,1,opt,name=required"`
 }
 
 // PersistentVolumeReclaimPolicy describes a policy for end-of-life maintenance of persistent volumes.
@@ -657,6 +668,8 @@ type PersistentVolumeClaimConditionType string
 const (
 	// PersistentVolumeClaimResizing - a user trigger resize of pvc has been started
 	PersistentVolumeClaimResizing PersistentVolumeClaimConditionType = "Resizing"
+	// PersistentVolumeClaimFileSystemResizePending - controller resize is finished and a file system resize is pending on node
+	PersistentVolumeClaimFileSystemResizePending PersistentVolumeClaimConditionType = "FileSystemResizePending"
 )
 
 // PersistentVolumeClaimCondition contails details about state of pvc
@@ -1008,8 +1021,8 @@ type FlockerVolumeSource struct {
 type StorageMedium string
 
 const (
-	StorageMediumDefault   StorageMedium = ""          // use whatever the default is for the node
-	StorageMediumMemory    StorageMedium = "Memory"    // use memory (tmpfs)
+	StorageMediumDefault   StorageMedium = ""          // use whatever the default is for the node, assume anything we don't explicitly handle is this
+	StorageMediumMemory    StorageMedium = "Memory"    // use memory (e.g. tmpfs on linux)
 	StorageMediumHugePages StorageMedium = "HugePages" // use hugepages
 )
 
@@ -1081,6 +1094,32 @@ type QuobyteVolumeSource struct {
 	Group string `json:"group,omitempty" protobuf:"bytes,5,opt,name=group"`
 }
 
+// FlexPersistentVolumeSource represents a generic persistent volume resource that is
+// provisioned/attached using an exec based plugin.
+type FlexPersistentVolumeSource struct {
+	// Driver is the name of the driver to use for this volume.
+	Driver string `json:"driver" protobuf:"bytes,1,opt,name=driver"`
+	// Filesystem type to mount.
+	// Must be a filesystem type supported by the host operating system.
+	// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
+	// +optional
+	FSType string `json:"fsType,omitempty" protobuf:"bytes,2,opt,name=fsType"`
+	// Optional: SecretRef is reference to the secret object containing
+	// sensitive information to pass to the plugin scripts. This may be
+	// empty if no secret object is specified. If the secret object
+	// contains more than one secret, all secrets are passed to the plugin
+	// scripts.
+	// +optional
+	SecretRef *SecretReference `json:"secretRef,omitempty" protobuf:"bytes,3,opt,name=secretRef"`
+	// Optional: Defaults to false (read/write). ReadOnly here will force
+	// the ReadOnly setting in VolumeMounts.
+	// +optional
+	ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,4,opt,name=readOnly"`
+	// Optional: Extra command options if any.
+	// +optional
+	Options map[string]string `json:"options,omitempty" protobuf:"bytes,5,rep,name=options"`
+}
+
 // FlexVolume represents a generic volume resource that is
 // provisioned/attached using an exec based plugin.
 type FlexVolumeSource struct {
@@ -1689,7 +1728,7 @@ type LocalVolumeSource struct {
 	Path string `json:"path" protobuf:"bytes,1,opt,name=path"`
 }
 
-// Represents storage that is managed by an external CSI volume driver
+// Represents storage that is managed by an external CSI volume driver (Beta feature)
 type CSIPersistentVolumeSource struct {
 	// Driver is the name of the driver to use for this volume.
 	// Required.
@@ -1704,6 +1743,40 @@ type CSIPersistentVolumeSource struct {
 	// Defaults to false (read/write).
 	// +optional
 	ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,3,opt,name=readOnly"`
+
+	// Filesystem type to mount.
+	// Must be a filesystem type supported by the host operating system.
+	// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+	// +optional
+	FSType string `json:"fsType,omitempty" protobuf:"bytes,4,opt,name=fsType"`
+
+	// Attributes of the volume to publish.
+	// +optional
+	VolumeAttributes map[string]string `json:"volumeAttributes,omitempty" protobuf:"bytes,5,rep,name=volumeAttributes"`
+
+	// ControllerPublishSecretRef is a reference to the secret object containing
+	// sensitive information to pass to the CSI driver to complete the CSI
+	// ControllerPublishVolume and ControllerUnpublishVolume calls.
+	// This field is optional, and  may be empty if no secret is required. If the
+	// secret object contains more than one secret, all secrets are passed.
+	// +optional
+	ControllerPublishSecretRef *SecretReference `json:"controllerPublishSecretRef,omitempty" protobuf:"bytes,6,opt,name=controllerPublishSecretRef"`
+
+	// NodeStageSecretRef is a reference to the secret object containing sensitive
+	// information to pass to the CSI driver to complete the CSI NodeStageVolume
+	// and NodeStageVolume and NodeUnstageVolume calls.
+	// This field is optional, and  may be empty if no secret is required. If the
+	// secret object contains more than one secret, all secrets are passed.
+	// +optional
+	NodeStageSecretRef *SecretReference `json:"nodeStageSecretRef,omitempty" protobuf:"bytes,7,opt,name=nodeStageSecretRef"`
+
+	// NodePublishSecretRef is a reference to the secret object containing
+	// sensitive information to pass to the CSI driver to complete the CSI
+	// NodePublishVolume and NodeUnpublishVolume calls.
+	// This field is optional, and  may be empty if no secret is required. If the
+	// secret object contains more than one secret, all secrets are passed.
+	// +optional
+	NodePublishSecretRef *SecretReference `json:"nodePublishSecretRef,omitempty" protobuf:"bytes,8,opt,name=nodePublishSecretRef"`
 }
 
 // ContainerPort represents a network port in a single container.
@@ -1749,8 +1822,7 @@ type VolumeMount struct {
 	// mountPropagation determines how mounts are propagated from the host
 	// to container and the other way around.
 	// When not set, MountPropagationHostToContainer is used.
-	// This field is alpha in 1.8 and can be reworked or removed in a future
-	// release.
+	// This field is beta in 1.10.
 	// +optional
 	MountPropagation *MountPropagationMode `json:"mountPropagation,omitempty" protobuf:"bytes,5,opt,name=mountPropagation,casttype=MountPropagationMode"`
 }
@@ -1867,7 +1939,7 @@ type SecretKeySelector struct {
 
 // EnvFromSource represents the source of a set of ConfigMaps
 type EnvFromSource struct {
-	// An optional identifer to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+	// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
 	// +optional
 	Prefix string `json:"prefix,omitempty" protobuf:"bytes,1,opt,name=prefix"`
 	// The ConfigMap to select from
@@ -2433,7 +2505,11 @@ const (
 	// parameters such as nameservers and search paths should be defined via
 	// DNSConfig.
 	DNSNone DNSPolicy = "None"
+)
 
+const (
+	// DefaultTerminationGracePeriodSeconds indicates the default duration in
+	// seconds a pod needs to terminate gracefully.
 	DefaultTerminationGracePeriodSeconds = 30
 )
 
@@ -2585,6 +2661,7 @@ type PodAffinityTerm struct {
 	LabelSelector *metav1.LabelSelector `json:"labelSelector,omitempty" protobuf:"bytes,1,opt,name=labelSelector"`
 	// namespaces specifies which namespaces the labelSelector applies to (matches against);
 	// null or empty list means "this pod's namespace"
+	// +optional
 	Namespaces []string `json:"namespaces,omitempty" protobuf:"bytes,2,rep,name=namespaces"`
 	// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
 	// the labelSelector in the specified namespaces, where co-located is defined as running on a node
@@ -2769,7 +2846,6 @@ type PodSpec struct {
 	// DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy.
 	// To have DNS options set along with hostNetwork, you have to specify DNS policy
 	// explicitly to 'ClusterFirstWithHostNet'.
-	// Note that 'None' policy is an alpha feature introduced in v1.9 and CustomPodDNS feature gate must be enabled to use it.
 	// +optional
 	DNSPolicy DNSPolicy `json:"dnsPolicy,omitempty" protobuf:"bytes,6,opt,name=dnsPolicy,casttype=DNSPolicy"`
 	// NodeSelector is a selector which must be true for the pod to fit on a node.
@@ -2812,6 +2888,15 @@ type PodSpec struct {
 	// +k8s:conversion-gen=false
 	// +optional
 	HostIPC bool `json:"hostIPC,omitempty" protobuf:"varint,13,opt,name=hostIPC"`
+	// Share a single process namespace between all of the containers in a pod.
+	// When this is set containers will be able to view and signal processes from other containers
+	// in the same pod, and the first process in each container will not be assigned PID 1.
+	// HostPID and ShareProcessNamespace cannot both be set.
+	// Optional: Default to false.
+	// This field is alpha-level and is honored only by servers that enable the PodShareProcessNamespace feature.
+	// +k8s:conversion-gen=false
+	// +optional
+	ShareProcessNamespace *bool `json:"shareProcessNamespace,omitempty" protobuf:"varint,27,opt,name=shareProcessNamespace"`
 	// SecurityContext holds pod-level security attributes and common container settings.
 	// Optional: Defaults to empty.  See type description for default values of each field.
 	// +optional
@@ -2848,9 +2933,10 @@ type PodSpec struct {
 	// +patchMergeKey=ip
 	// +patchStrategy=merge
 	HostAliases []HostAlias `json:"hostAliases,omitempty" patchStrategy:"merge" patchMergeKey:"ip" protobuf:"bytes,23,rep,name=hostAliases"`
-	// If specified, indicates the pod's priority. "SYSTEM" is a special keyword
-	// which indicates the highest priority. Any other name must be defined by
-	// creating a PriorityClass object with that name.
+	// If specified, indicates the pod's priority. "system-node-critical" and
+	// "system-cluster-critical" are two special keywords which indicate the
+	// highest priorities with the former being the highest priority. Any other
+	// name must be defined by creating a PriorityClass object with that name.
 	// If not specified, the pod priority will be default or zero if there is no
 	// default.
 	// +optional
@@ -2865,7 +2951,6 @@ type PodSpec struct {
 	// Specifies the DNS parameters of a pod.
 	// Parameters specified here will be merged to the generated DNS
 	// configuration based on DNSPolicy.
-	// This is an alpha feature introduced in v1.9 and CustomPodDNS feature gate must be enabled to use it.
 	// +optional
 	DNSConfig *PodDNSConfig `json:"dnsConfig,omitempty" protobuf:"bytes,26,opt,name=dnsConfig"`
 }
@@ -2897,6 +2982,13 @@ type PodSecurityContext struct {
 	// for that container.
 	// +optional
 	RunAsUser *int64 `json:"runAsUser,omitempty" protobuf:"varint,2,opt,name=runAsUser"`
+	// The GID to run the entrypoint of the container process.
+	// Uses runtime default if unset.
+	// May also be set in SecurityContext.  If set in both SecurityContext and
+	// PodSecurityContext, the value specified in SecurityContext takes precedence
+	// for that container.
+	// +optional
+	RunAsGroup *int64 `json:"runAsGroup,omitempty" protobuf:"varint,6,opt,name=runAsGroup"`
 	// Indicates that the container must run as a non-root user.
 	// If true, the Kubelet will validate the image at runtime to ensure that it
 	// does not run as UID 0 (root) and fail to start the container if it does.
@@ -2984,6 +3076,15 @@ type PodStatus struct {
 	// e.g. 'Evicted'
 	// +optional
 	Reason string `json:"reason,omitempty" protobuf:"bytes,4,opt,name=reason"`
+	// nominatedNodeName is set only when this pod preempts other pods on the node, but it cannot be
+	// scheduled right away as preemption victims receive their graceful termination periods.
+	// This field does not guarantee that the pod will be scheduled on this node. Scheduler may decide
+	// to place the pod elsewhere if other nodes become available sooner. Scheduler may also decide to
+	// give the resources on this node to a higher priority pod that is created after preemption.
+	// As a result, this field may be different than PodSpec.nodeName when the pod is
+	// scheduled.
+	// +optional
+	NominatedNodeName string `json:"nominatedNodeName,omitempty" protobuf:"bytes,11,opt,name=nominatedNodeName"`
 
 	// IP address of the host to which the pod is assigned. Empty if not yet scheduled.
 	// +optional
@@ -3011,7 +3112,7 @@ type PodStatus struct {
 	ContainerStatuses []ContainerStatus `json:"containerStatuses,omitempty" protobuf:"bytes,8,rep,name=containerStatuses"`
 	// The Quality of Service (QOS) classification assigned to the pod based on resource requirements
 	// See PodQOSClass type for available QOS classes
-	// More info: https://github.com/kubernetes/kubernetes/blob/master/docs/design/resource-qos.md
+	// More info: https://git.k8s.io/community/contributors/design-proposals/node/resource-qos.md
 	// +optional
 	QOSClass PodQOSClass `json:"qosClass,omitempty" protobuf:"bytes,9,rep,name=qosClass"`
 }
@@ -3626,7 +3727,8 @@ type Endpoints struct {
 	// subsets for the different ports. No address will appear in both Addresses and
 	// NotReadyAddresses in the same subset.
 	// Sets of addresses and ports that comprise a service.
-	Subsets []EndpointSubset `json:"subsets" protobuf:"bytes,2,rep,name=subsets"`
+	// +optional
+	Subsets []EndpointSubset `json:"subsets,omitempty" protobuf:"bytes,2,rep,name=subsets"`
 }
 
 // EndpointSubset is a group of addresses with a common set of ports. The
@@ -3879,7 +3981,7 @@ type PodSignature struct {
 // Describe a container image
 type ContainerImage struct {
 	// Names by which this image is known.
-	// e.g. ["gcr.io/google_containers/hyperkube:v1.0.7", "dockerhub.io/google_containers/hyperkube:v1.0.7"]
+	// e.g. ["k8s.gcr.io/hyperkube:v1.0.7", "dockerhub.io/google_containers/hyperkube:v1.0.7"]
 	Names []string `json:"names" protobuf:"bytes,1,rep,name=names"`
 	// The size of the image in bytes.
 	// +optional
@@ -3913,10 +4015,12 @@ const (
 	NodeMemoryPressure NodeConditionType = "MemoryPressure"
 	// NodeDiskPressure means the kubelet is under pressure due to insufficient available disk.
 	NodeDiskPressure NodeConditionType = "DiskPressure"
+	// NodePIDPressure means the kubelet is under pressure due to insufficient available PID.
+	NodePIDPressure NodeConditionType = "PIDPressure"
 	// NodeNetworkUnavailable means that network for the node is not correctly configured.
 	NodeNetworkUnavailable NodeConditionType = "NetworkUnavailable"
-	// NodeConfigOK indicates whether the kubelet is correctly configured
-	NodeConfigOK NodeConditionType = "ConfigOK"
+	// NodeKubeletConfigOk indicates whether the kubelet is correctly configured
+	NodeKubeletConfigOk NodeConditionType = "KubeletConfigOk"
 )
 
 // NodeCondition contains condition information for a node.
@@ -4534,11 +4638,11 @@ type Event struct {
 }
 
 // EventSeries contain information on series of events, i.e. thing that was/is happening
-// continously for some time.
+// continuously for some time.
 type EventSeries struct {
 	// Number of occurrences in this series up to the last heartbeat time
 	Count int32 `json:"count,omitempty" protobuf:"varint,1,name=count"`
-	// Time of the last occurence observed
+	// Time of the last occurrence observed
 	LastObservedTime metav1.MicroTime `json:"lastObservedTime,omitempty" protobuf:"bytes,2,name=lastObservedTime"`
 	// State of this Series: Ongoing or Finished
 	State EventSeriesState `json:"state,omitempty" protobuf:"bytes,3,name=state"`
@@ -4684,6 +4788,8 @@ const (
 	// HugePages request, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
 	// As burst is not supported for HugePages, we would only quota its request, and ignore the limit.
 	ResourceRequestsHugePagesPrefix = "requests.hugepages-"
+	// Default resource requests prefix
+	DefaultResourceRequestsPrefix = "requests."
 )
 
 // A ResourceQuotaScope defines a filter that must match each object tracked by a quota
@@ -4903,8 +5009,21 @@ type ConfigMap struct {
 
 	// Data contains the configuration data.
 	// Each key must consist of alphanumeric characters, '-', '_' or '.'.
+	// Values with non-UTF-8 byte sequences must use the BinaryData field.
+	// The keys stored in Data must not overlap with the keys in
+	// the BinaryData field, this is enforced during validation process.
 	// +optional
 	Data map[string]string `json:"data,omitempty" protobuf:"bytes,2,rep,name=data"`
+
+	// BinaryData contains the binary data.
+	// Each key must consist of alphanumeric characters, '-', '_' or '.'.
+	// BinaryData can contain byte sequences that are not in the UTF-8 range.
+	// The keys stored in BinaryData must not overlap with the ones in
+	// the Data field, this is enforced during validation process.
+	// Using this field will require 1.10+ apiserver and
+	// kubelet.
+	// +optional
+	BinaryData map[string][]byte `json:"binaryData,omitempty" protobuf:"bytes,3,rep,name=binaryData"`
 }
 
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
@@ -5052,6 +5171,12 @@ type SecurityContext struct {
 	// PodSecurityContext, the value specified in SecurityContext takes precedence.
 	// +optional
 	RunAsUser *int64 `json:"runAsUser,omitempty" protobuf:"varint,4,opt,name=runAsUser"`
+	// The GID to run the entrypoint of the container process.
+	// Uses runtime default if unset.
+	// May also be set in PodSecurityContext.  If set in both SecurityContext and
+	// PodSecurityContext, the value specified in SecurityContext takes precedence.
+	// +optional
+	RunAsGroup *int64 `json:"runAsGroup,omitempty" protobuf:"varint,8,opt,name=runAsGroup"`
 	// Indicates that the container must run as a non-root user.
 	// If true, the Kubelet will validate the image at runtime to ensure that it
 	// does not run as UID 0 (root) and fail to start the container if it does.
diff --git a/vendor/k8s.io/api/core/v1/types_swagger_doc_generated.go b/vendor/k8s.io/api/core/v1/types_swagger_doc_generated.go
index c50dd0a0520b..7b41f018a140 100644
--- a/vendor/k8s.io/api/core/v1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/core/v1/types_swagger_doc_generated.go
@@ -117,10 +117,15 @@ func (Binding) SwaggerDoc() map[string]string {
 }
 
 var map_CSIPersistentVolumeSource = map[string]string{
-	"":             "Represents storage that is managed by an external CSI volume driver",
-	"driver":       "Driver is the name of the driver to use for this volume. Required.",
-	"volumeHandle": "VolumeHandle is the unique volume name returned by the CSI volume plugin’s CreateVolume to refer to the volume on all subsequent calls. Required.",
-	"readOnly":     "Optional: The value to pass to ControllerPublishVolumeRequest. Defaults to false (read/write).",
+	"":                           "Represents storage that is managed by an external CSI volume driver (Beta feature)",
+	"driver":                     "Driver is the name of the driver to use for this volume. Required.",
+	"volumeHandle":               "VolumeHandle is the unique volume name returned by the CSI volume plugin’s CreateVolume to refer to the volume on all subsequent calls. Required.",
+	"readOnly":                   "Optional: The value to pass to ControllerPublishVolumeRequest. Defaults to false (read/write).",
+	"fsType":                     "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.",
+	"volumeAttributes":           "Attributes of the volume to publish.",
+	"controllerPublishSecretRef": "ControllerPublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerPublishVolume and ControllerUnpublishVolume calls. This field is optional, and  may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.",
+	"nodeStageSecretRef":         "NodeStageSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeStageVolume and NodeStageVolume and NodeUnstageVolume calls. This field is optional, and  may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.",
+	"nodePublishSecretRef":       "NodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and  may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.",
 }
 
 func (CSIPersistentVolumeSource) SwaggerDoc() map[string]string {
@@ -218,9 +223,10 @@ func (ComponentStatusList) SwaggerDoc() map[string]string {
 }
 
 var map_ConfigMap = map[string]string{
-	"":         "ConfigMap holds configuration data for pods to consume.",
-	"metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
-	"data":     "Data contains the configuration data. Each key must consist of alphanumeric characters, '-', '_' or '.'.",
+	"":           "ConfigMap holds configuration data for pods to consume.",
+	"metadata":   "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+	"data":       "Data contains the configuration data. Each key must consist of alphanumeric characters, '-', '_' or '.'. Values with non-UTF-8 byte sequences must use the BinaryData field. The keys stored in Data must not overlap with the keys in the BinaryData field, this is enforced during validation process.",
+	"binaryData": "BinaryData contains the binary data. Each key must consist of alphanumeric characters, '-', '_' or '.'. BinaryData can contain byte sequences that are not in the UTF-8 range. The keys stored in BinaryData must not overlap with the ones in the Data field, this is enforced during validation process. Using this field will require 1.10+ apiserver and kubelet.",
 }
 
 func (ConfigMap) SwaggerDoc() map[string]string {
@@ -308,7 +314,7 @@ func (Container) SwaggerDoc() map[string]string {
 
 var map_ContainerImage = map[string]string{
 	"":          "Describe a container image",
-	"names":     "Names by which this image is known. e.g. [\"gcr.io/google_containers/hyperkube:v1.0.7\", \"dockerhub.io/google_containers/hyperkube:v1.0.7\"]",
+	"names":     "Names by which this image is known. e.g. [\"k8s.gcr.io/hyperkube:v1.0.7\", \"dockerhub.io/google_containers/hyperkube:v1.0.7\"]",
 	"sizeBytes": "The size of the image in bytes.",
 }
 
@@ -508,7 +514,7 @@ func (EndpointsList) SwaggerDoc() map[string]string {
 
 var map_EnvFromSource = map[string]string{
 	"":             "EnvFromSource represents the source of a set of ConfigMaps",
-	"prefix":       "An optional identifer to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.",
+	"prefix":       "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.",
 	"configMapRef": "The ConfigMap to select from",
 	"secretRef":    "The Secret to select from",
 }
@@ -574,9 +580,9 @@ func (EventList) SwaggerDoc() map[string]string {
 }
 
 var map_EventSeries = map[string]string{
-	"":                 "EventSeries contain information on series of events, i.e. thing that was/is happening continously for some time.",
+	"":                 "EventSeries contain information on series of events, i.e. thing that was/is happening continuously for some time.",
 	"count":            "Number of occurrences in this series up to the last heartbeat time",
-	"lastObservedTime": "Time of the last occurence observed",
+	"lastObservedTime": "Time of the last occurrence observed",
 	"state":            "State of this Series: Ongoing or Finished",
 }
 
@@ -616,6 +622,19 @@ func (FCVolumeSource) SwaggerDoc() map[string]string {
 	return map_FCVolumeSource
 }
 
+var map_FlexPersistentVolumeSource = map[string]string{
+	"":          "FlexPersistentVolumeSource represents a generic persistent volume resource that is provisioned/attached using an exec based plugin.",
+	"driver":    "Driver is the name of the driver to use for this volume.",
+	"fsType":    "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script.",
+	"secretRef": "Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.",
+	"readOnly":  "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.",
+	"options":   "Optional: Extra command options if any.",
+}
+
+func (FlexPersistentVolumeSource) SwaggerDoc() map[string]string {
+	return map_FlexPersistentVolumeSource
+}
+
 var map_FlexVolumeSource = map[string]string{
 	"":          "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.",
 	"driver":    "Driver is the name of the driver to use for this volume.",
@@ -1261,7 +1280,7 @@ var map_PersistentVolumeSource = map[string]string{
 	"scaleIO":              "ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.",
 	"local":                "Local represents directly-attached storage with node affinity",
 	"storageos":            "StorageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod More info: https://releases.k8s.io/HEAD/examples/volumes/storageos/README.md",
-	"csi":                  "CSI represents storage that handled by an external CSI driver",
+	"csi":                  "CSI represents storage that handled by an external CSI driver (Beta feature).",
 }
 
 func (PersistentVolumeSource) SwaggerDoc() map[string]string {
@@ -1273,10 +1292,11 @@ var map_PersistentVolumeSpec = map[string]string{
 	"capacity":                      "A description of the persistent volume's resources and capacity. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity",
 	"accessModes":                   "AccessModes contains all ways the volume can be mounted. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes",
 	"claimRef":                      "ClaimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim. Expected to be non-nil when bound. claim.VolumeName is the authoritative bind between PV and PVC. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding",
-	"persistentVolumeReclaimPolicy": "What happens to a persistent volume when released from its claim. Valid options are Retain (default) and Recycle. Recycling must be supported by the volume plugin underlying this persistent volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming",
+	"persistentVolumeReclaimPolicy": "What happens to a persistent volume when released from its claim. Valid options are Retain (default for manually created PersistentVolumes), Delete (default for dynamically provisioned PersistentVolumes), and Recycle (deprecated). Recycle must be supported by the volume plugin underlying this PersistentVolume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming",
 	"storageClassName":              "Name of StorageClass to which this persistent volume belongs. Empty value means that this volume does not belong to any StorageClass.",
 	"mountOptions":                  "A list of mount options, e.g. [\"ro\", \"soft\"]. Not validated - mount will simply fail if one is invalid. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options",
 	"volumeMode":                    "volumeMode defines if a volume is intended to be used with a formatted filesystem or to remain in raw block state. Value of Filesystem is implied when not included in spec. This is an alpha feature and may change in the future.",
+	"nodeAffinity":                  "NodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume.",
 }
 
 func (PersistentVolumeSpec) SwaggerDoc() map[string]string {
@@ -1455,6 +1475,7 @@ var map_PodSecurityContext = map[string]string{
 	"":                   "PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext.  Field values of container.securityContext take precedence over field values of PodSecurityContext.",
 	"seLinuxOptions":     "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container.  May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.",
 	"runAsUser":          "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.",
+	"runAsGroup":         "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.",
 	"runAsNonRoot":       "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
 	"supplementalGroups": "A list of groups applied to the first process run in each container, in addition to the container's primary GID.  If unspecified, no groups will be added to any container.",
 	"fsGroup":            "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw ",
@@ -1481,7 +1502,7 @@ var map_PodSpec = map[string]string{
 	"restartPolicy":                 "Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy",
 	"terminationGracePeriodSeconds": "Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period will be used instead. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. Defaults to 30 seconds.",
 	"activeDeadlineSeconds":         "Optional duration in seconds the pod may be active on the node relative to StartTime before the system will actively try to mark it failed and kill associated containers. Value must be a positive integer.",
-	"dnsPolicy":                     "Set DNS policy for the pod. Defaults to \"ClusterFirst\". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. Note that 'None' policy is an alpha feature introduced in v1.9 and CustomPodDNS feature gate must be enabled to use it.",
+	"dnsPolicy":                     "Set DNS policy for the pod. Defaults to \"ClusterFirst\". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'.",
 	"nodeSelector":                  "NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/",
 	"serviceAccountName":            "ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/",
 	"serviceAccount":                "DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.",
@@ -1490,6 +1511,7 @@ var map_PodSpec = map[string]string{
 	"hostNetwork":                   "Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false.",
 	"hostPID":                       "Use the host's pid namespace. Optional: Default to false.",
 	"hostIPC":                       "Use the host's ipc namespace. Optional: Default to false.",
+	"shareProcessNamespace":         "Share a single process namespace between all of the containers in a pod. When this is set containers will be able to view and signal processes from other containers in the same pod, and the first process in each container will not be assigned PID 1. HostPID and ShareProcessNamespace cannot both be set. Optional: Default to false. This field is alpha-level and is honored only by servers that enable the PodShareProcessNamespace feature.",
 	"securityContext":               "SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty.  See type description for default values of each field.",
 	"imagePullSecrets":              "ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod",
 	"hostname":                      "Specifies the hostname of the Pod If not specified, the pod's hostname will be set to a system-defined value.",
@@ -1498,9 +1520,9 @@ var map_PodSpec = map[string]string{
 	"schedulerName":                 "If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.",
 	"tolerations":                   "If specified, the pod's tolerations.",
 	"hostAliases":                   "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods.",
-	"priorityClassName":             "If specified, indicates the pod's priority. \"SYSTEM\" is a special keyword which indicates the highest priority. Any other name must be defined by creating a PriorityClass object with that name. If not specified, the pod priority will be default or zero if there is no default.",
+	"priorityClassName":             "If specified, indicates the pod's priority. \"system-node-critical\" and \"system-cluster-critical\" are two special keywords which indicate the highest priorities with the former being the highest priority. Any other name must be defined by creating a PriorityClass object with that name. If not specified, the pod priority will be default or zero if there is no default.",
 	"priority":                      "The priority value. Various system components use this field to find the priority of the pod. When Priority Admission Controller is enabled, it prevents users from setting this field. The admission controller populates this field from PriorityClassName. The higher the value, the higher the priority.",
-	"dnsConfig":                     "Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy. This is an alpha feature introduced in v1.9 and CustomPodDNS feature gate must be enabled to use it.",
+	"dnsConfig":                     "Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy.",
 }
 
 func (PodSpec) SwaggerDoc() map[string]string {
@@ -1513,12 +1535,13 @@ var map_PodStatus = map[string]string{
 	"conditions":            "Current service state of pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions",
 	"message":               "A human readable message indicating details about why the pod is in this condition.",
 	"reason":                "A brief CamelCase message indicating details about why the pod is in this state. e.g. 'Evicted'",
+	"nominatedNodeName":     "nominatedNodeName is set only when this pod preempts other pods on the node, but it cannot be scheduled right away as preemption victims receive their graceful termination periods. This field does not guarantee that the pod will be scheduled on this node. Scheduler may decide to place the pod elsewhere if other nodes become available sooner. Scheduler may also decide to give the resources on this node to a higher priority pod that is created after preemption. As a result, this field may be different than PodSpec.nodeName when the pod is scheduled.",
 	"hostIP":                "IP address of the host to which the pod is assigned. Empty if not yet scheduled.",
 	"podIP":                 "IP address allocated to the pod. Routable at least within the cluster. Empty if not yet allocated.",
 	"startTime":             "RFC 3339 date and time at which the object was acknowledged by the Kubelet. This is before the Kubelet pulled the container image(s) for the pod.",
 	"initContainerStatuses": "The list has one entry per init container in the manifest. The most recent successful init container will have ready = true, the most recently started container will have startTime set. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status",
 	"containerStatuses":     "The list has one entry per container in the manifest. Each entry is currently the output of `docker inspect`. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status",
-	"qosClass":              "The Quality of Service (QOS) classification assigned to the pod based on resource requirements See PodQOSClass type for available QOS classes More info: https://github.com/kubernetes/kubernetes/blob/master/docs/design/resource-qos.md",
+	"qosClass":              "The Quality of Service (QOS) classification assigned to the pod based on resource requirements See PodQOSClass type for available QOS classes More info: https://git.k8s.io/community/contributors/design-proposals/node/resource-qos.md",
 }
 
 func (PodStatus) SwaggerDoc() map[string]string {
@@ -1935,6 +1958,7 @@ var map_SecurityContext = map[string]string{
 	"privileged":               "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false.",
 	"seLinuxOptions":           "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container.  May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
 	"runAsUser":                "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+	"runAsGroup":               "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
 	"runAsNonRoot":             "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
 	"readOnlyRootFilesystem":   "Whether this container has a read-only root filesystem. Default is false.",
 	"allowPrivilegeEscalation": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN",
@@ -2153,13 +2177,22 @@ var map_VolumeMount = map[string]string{
 	"readOnly":         "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.",
 	"mountPath":        "Path within the container at which the volume should be mounted.  Must not contain ':'.",
 	"subPath":          "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root).",
-	"mountPropagation": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is alpha in 1.8 and can be reworked or removed in a future release.",
+	"mountPropagation": "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10.",
 }
 
 func (VolumeMount) SwaggerDoc() map[string]string {
 	return map_VolumeMount
 }
 
+var map_VolumeNodeAffinity = map[string]string{
+	"":         "VolumeNodeAffinity defines constraints that limit what nodes this volume can be accessed from.",
+	"required": "Required specifies hard node constraints that must be met.",
+}
+
+func (VolumeNodeAffinity) SwaggerDoc() map[string]string {
+	return map_VolumeNodeAffinity
+}
+
 var map_VolumeProjection = map[string]string{
 	"":            "Projection that may be projected along with other supported volume types",
 	"secret":      "information about the secret data to project",
diff --git a/vendor/k8s.io/api/core/v1/zz_generated.deepcopy.go b/vendor/k8s.io/api/core/v1/zz_generated.deepcopy.go
index b96314d4514f..ebdcb890d97e 100644
--- a/vendor/k8s.io/api/core/v1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/core/v1/zz_generated.deepcopy.go
@@ -16,12 +16,11 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1
 
 import (
-	resource "k8s.io/apimachinery/pkg/api/resource"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	types "k8s.io/apimachinery/pkg/types"
@@ -241,14 +240,47 @@ func (in *Binding) DeepCopy() *Binding {
 func (in *Binding) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *CSIPersistentVolumeSource) DeepCopyInto(out *CSIPersistentVolumeSource) {
 	*out = *in
+	if in.VolumeAttributes != nil {
+		in, out := &in.VolumeAttributes, &out.VolumeAttributes
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
+	if in.ControllerPublishSecretRef != nil {
+		in, out := &in.ControllerPublishSecretRef, &out.ControllerPublishSecretRef
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(SecretReference)
+			**out = **in
+		}
+	}
+	if in.NodeStageSecretRef != nil {
+		in, out := &in.NodeStageSecretRef, &out.NodeStageSecretRef
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(SecretReference)
+			**out = **in
+		}
+	}
+	if in.NodePublishSecretRef != nil {
+		in, out := &in.NodePublishSecretRef, &out.NodePublishSecretRef
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(SecretReference)
+			**out = **in
+		}
+	}
 	return
 }
 
@@ -432,9 +464,8 @@ func (in *ComponentStatus) DeepCopy() *ComponentStatus {
 func (in *ComponentStatus) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -466,9 +497,8 @@ func (in *ComponentStatusList) DeepCopy() *ComponentStatusList {
 func (in *ComponentStatusList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -483,6 +513,18 @@ func (in *ConfigMap) DeepCopyInto(out *ConfigMap) {
 			(*out)[key] = val
 		}
 	}
+	if in.BinaryData != nil {
+		in, out := &in.BinaryData, &out.BinaryData
+		*out = make(map[string][]byte, len(*in))
+		for key, val := range *in {
+			if val == nil {
+				(*out)[key] = nil
+			} else {
+				(*out)[key] = make([]byte, len(val))
+				copy((*out)[key], val)
+			}
+		}
+	}
 	return
 }
 
@@ -500,9 +542,8 @@ func (in *ConfigMap) DeepCopy() *ConfigMap {
 func (in *ConfigMap) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -586,9 +627,8 @@ func (in *ConfigMapList) DeepCopy() *ConfigMapList {
 func (in *ConfigMapList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -982,9 +1022,8 @@ func (in *DeleteOptions) DeepCopy() *DeleteOptions {
 func (in *DeleteOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -1093,8 +1132,8 @@ func (in *EmptyDirVolumeSource) DeepCopyInto(out *EmptyDirVolumeSource) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(resource.Quantity)
-			**out = (*in).DeepCopy()
+			x := (*in).DeepCopy()
+			*out = &x
 		}
 	}
 	return
@@ -1224,9 +1263,8 @@ func (in *Endpoints) DeepCopy() *Endpoints {
 func (in *Endpoints) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -1258,9 +1296,8 @@ func (in *EndpointsList) DeepCopy() *EndpointsList {
 func (in *EndpointsList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -1419,9 +1456,8 @@ func (in *Event) DeepCopy() *Event {
 func (in *Event) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -1453,9 +1489,8 @@ func (in *EventList) DeepCopy() *EventList {
 func (in *EventList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -1547,6 +1582,38 @@ func (in *FCVolumeSource) DeepCopy() *FCVolumeSource {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *FlexPersistentVolumeSource) DeepCopyInto(out *FlexPersistentVolumeSource) {
+	*out = *in
+	if in.SecretRef != nil {
+		in, out := &in.SecretRef, &out.SecretRef
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(SecretReference)
+			**out = **in
+		}
+	}
+	if in.Options != nil {
+		in, out := &in.Options, &out.Options
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FlexPersistentVolumeSource.
+func (in *FlexPersistentVolumeSource) DeepCopy() *FlexPersistentVolumeSource {
+	if in == nil {
+		return nil
+	}
+	out := new(FlexPersistentVolumeSource)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *FlexVolumeSource) DeepCopyInto(out *FlexVolumeSource) {
 	*out = *in
@@ -1930,9 +1997,8 @@ func (in *LimitRange) DeepCopy() *LimitRange {
 func (in *LimitRange) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2015,9 +2081,8 @@ func (in *LimitRangeList) DeepCopy() *LimitRangeList {
 func (in *LimitRangeList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2072,9 +2137,8 @@ func (in *List) DeepCopy() *List {
 func (in *List) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2107,9 +2171,8 @@ func (in *ListOptions) DeepCopy() *ListOptions {
 func (in *ListOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2221,9 +2284,8 @@ func (in *Namespace) DeepCopy() *Namespace {
 func (in *Namespace) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2255,9 +2317,8 @@ func (in *NamespaceList) DeepCopy() *NamespaceList {
 func (in *NamespaceList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2321,9 +2382,8 @@ func (in *Node) DeepCopy() *Node {
 func (in *Node) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2422,9 +2482,8 @@ func (in *NodeConfigSource) DeepCopy() *NodeConfigSource {
 func (in *NodeConfigSource) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2473,9 +2532,8 @@ func (in *NodeList) DeepCopy() *NodeList {
 func (in *NodeList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2499,9 +2557,8 @@ func (in *NodeProxyOptions) DeepCopy() *NodeProxyOptions {
 func (in *NodeProxyOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2728,8 +2785,7 @@ func (in *ObjectMeta) DeepCopyInto(out *ObjectMeta) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(meta_v1.Time)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	if in.DeletionGracePeriodSeconds != nil {
@@ -2809,9 +2865,8 @@ func (in *ObjectReference) DeepCopy() *ObjectReference {
 func (in *ObjectReference) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2838,9 +2893,8 @@ func (in *PersistentVolume) DeepCopy() *PersistentVolume {
 func (in *PersistentVolume) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2867,9 +2921,8 @@ func (in *PersistentVolumeClaim) DeepCopy() *PersistentVolumeClaim {
 func (in *PersistentVolumeClaim) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2919,9 +2972,8 @@ func (in *PersistentVolumeClaimList) DeepCopy() *PersistentVolumeClaimList {
 func (in *PersistentVolumeClaimList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -3053,9 +3105,8 @@ func (in *PersistentVolumeList) DeepCopy() *PersistentVolumeList {
 func (in *PersistentVolumeList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -3165,7 +3216,7 @@ func (in *PersistentVolumeSource) DeepCopyInto(out *PersistentVolumeSource) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(FlexVolumeSource)
+			*out = new(FlexPersistentVolumeSource)
 			(*in).DeepCopyInto(*out)
 		}
 	}
@@ -3256,7 +3307,7 @@ func (in *PersistentVolumeSource) DeepCopyInto(out *PersistentVolumeSource) {
 			*out = nil
 		} else {
 			*out = new(CSIPersistentVolumeSource)
-			**out = **in
+			(*in).DeepCopyInto(*out)
 		}
 	}
 	return
@@ -3311,6 +3362,15 @@ func (in *PersistentVolumeSpec) DeepCopyInto(out *PersistentVolumeSpec) {
 			**out = **in
 		}
 	}
+	if in.NodeAffinity != nil {
+		in, out := &in.NodeAffinity, &out.NodeAffinity
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(VolumeNodeAffinity)
+			(*in).DeepCopyInto(*out)
+		}
+	}
 	return
 }
 
@@ -3380,9 +3440,8 @@ func (in *Pod) DeepCopy() *Pod {
 func (in *Pod) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -3496,9 +3555,8 @@ func (in *PodAttachOptions) DeepCopy() *PodAttachOptions {
 func (in *PodAttachOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -3603,9 +3661,8 @@ func (in *PodExecOptions) DeepCopy() *PodExecOptions {
 func (in *PodExecOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -3637,9 +3694,8 @@ func (in *PodList) DeepCopy() *PodList {
 func (in *PodList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -3660,8 +3716,7 @@ func (in *PodLogOptions) DeepCopyInto(out *PodLogOptions) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(meta_v1.Time)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	if in.TailLines != nil {
@@ -3699,9 +3754,8 @@ func (in *PodLogOptions) DeepCopy() *PodLogOptions {
 func (in *PodLogOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -3730,9 +3784,8 @@ func (in *PodPortForwardOptions) DeepCopy() *PodPortForwardOptions {
 func (in *PodPortForwardOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -3756,9 +3809,8 @@ func (in *PodProxyOptions) DeepCopy() *PodProxyOptions {
 func (in *PodProxyOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -3782,6 +3834,15 @@ func (in *PodSecurityContext) DeepCopyInto(out *PodSecurityContext) {
 			**out = **in
 		}
 	}
+	if in.RunAsGroup != nil {
+		in, out := &in.RunAsGroup, &out.RunAsGroup
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(int64)
+			**out = **in
+		}
+	}
 	if in.RunAsNonRoot != nil {
 		in, out := &in.RunAsNonRoot, &out.RunAsNonRoot
 		if *in == nil {
@@ -3901,6 +3962,15 @@ func (in *PodSpec) DeepCopyInto(out *PodSpec) {
 			**out = **in
 		}
 	}
+	if in.ShareProcessNamespace != nil {
+		in, out := &in.ShareProcessNamespace, &out.ShareProcessNamespace
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(bool)
+			**out = **in
+		}
+	}
 	if in.SecurityContext != nil {
 		in, out := &in.SecurityContext, &out.SecurityContext
 		if *in == nil {
@@ -3984,8 +4054,7 @@ func (in *PodStatus) DeepCopyInto(out *PodStatus) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(meta_v1.Time)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	if in.InitContainerStatuses != nil {
@@ -4038,9 +4107,8 @@ func (in *PodStatusResult) DeepCopy() *PodStatusResult {
 func (in *PodStatusResult) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4066,9 +4134,8 @@ func (in *PodTemplate) DeepCopy() *PodTemplate {
 func (in *PodTemplate) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4100,9 +4167,8 @@ func (in *PodTemplateList) DeepCopy() *PodTemplateList {
 func (in *PodTemplateList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4351,9 +4417,8 @@ func (in *RangeAllocation) DeepCopy() *RangeAllocation {
 func (in *RangeAllocation) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4380,9 +4445,8 @@ func (in *ReplicationController) DeepCopy() *ReplicationController {
 func (in *ReplicationController) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4431,9 +4495,8 @@ func (in *ReplicationControllerList) DeepCopy() *ReplicationControllerList {
 func (in *ReplicationControllerList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4517,6 +4580,28 @@ func (in *ResourceFieldSelector) DeepCopy() *ResourceFieldSelector {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in ResourceList) DeepCopyInto(out *ResourceList) {
+	{
+		in := &in
+		*out = make(ResourceList, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val.DeepCopy()
+		}
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceList.
+func (in ResourceList) DeepCopy() ResourceList {
+	if in == nil {
+		return nil
+	}
+	out := new(ResourceList)
+	in.DeepCopyInto(out)
+	return *out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *ResourceQuota) DeepCopyInto(out *ResourceQuota) {
 	*out = *in
@@ -4541,9 +4626,8 @@ func (in *ResourceQuota) DeepCopy() *ResourceQuota {
 func (in *ResourceQuota) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4575,9 +4659,8 @@ func (in *ResourceQuotaList) DeepCopy() *ResourceQuotaList {
 func (in *ResourceQuotaList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4775,9 +4858,8 @@ func (in *Secret) DeepCopy() *Secret {
 func (in *Secret) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4861,9 +4943,8 @@ func (in *SecretList) DeepCopy() *SecretList {
 func (in *SecretList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4995,6 +5076,15 @@ func (in *SecurityContext) DeepCopyInto(out *SecurityContext) {
 			**out = **in
 		}
 	}
+	if in.RunAsGroup != nil {
+		in, out := &in.RunAsGroup, &out.RunAsGroup
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(int64)
+			**out = **in
+		}
+	}
 	if in.RunAsNonRoot != nil {
 		in, out := &in.RunAsNonRoot, &out.RunAsNonRoot
 		if *in == nil {
@@ -5057,9 +5147,8 @@ func (in *SerializedReference) DeepCopy() *SerializedReference {
 func (in *SerializedReference) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -5086,9 +5175,8 @@ func (in *Service) DeepCopy() *Service {
 func (in *Service) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -5132,9 +5220,8 @@ func (in *ServiceAccount) DeepCopy() *ServiceAccount {
 func (in *ServiceAccount) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -5166,9 +5253,8 @@ func (in *ServiceAccountList) DeepCopy() *ServiceAccountList {
 func (in *ServiceAccountList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -5200,9 +5286,8 @@ func (in *ServiceList) DeepCopy() *ServiceList {
 func (in *ServiceList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -5243,9 +5328,8 @@ func (in *ServiceProxyOptions) DeepCopy() *ServiceProxyOptions {
 func (in *ServiceProxyOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -5428,8 +5512,7 @@ func (in *Taint) DeepCopyInto(out *Taint) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(meta_v1.Time)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	return
@@ -5528,6 +5611,31 @@ func (in *VolumeMount) DeepCopy() *VolumeMount {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VolumeNodeAffinity) DeepCopyInto(out *VolumeNodeAffinity) {
+	*out = *in
+	if in.Required != nil {
+		in, out := &in.Required, &out.Required
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(NodeSelector)
+			(*in).DeepCopyInto(*out)
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeNodeAffinity.
+func (in *VolumeNodeAffinity) DeepCopy() *VolumeNodeAffinity {
+	if in == nil {
+		return nil
+	}
+	out := new(VolumeNodeAffinity)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *VolumeProjection) DeepCopyInto(out *VolumeProjection) {
 	*out = *in
diff --git a/vendor/k8s.io/api/events/v1beta1/generated.proto b/vendor/k8s.io/api/events/v1beta1/generated.proto
index 81be470f053a..0637f780ae8a 100644
--- a/vendor/k8s.io/api/events/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/events/v1beta1/generated.proto
@@ -108,7 +108,7 @@ message EventList {
 }
 
 // EventSeries contain information on series of events, i.e. thing that was/is happening
-// continously for some time.
+// continuously for some time.
 message EventSeries {
   // Number of occurrences in this series up to the last heartbeat time
   optional int32 count = 1;
diff --git a/vendor/k8s.io/api/events/v1beta1/types.go b/vendor/k8s.io/api/events/v1beta1/types.go
index 1b68bd743e97..dc48ddb069d5 100644
--- a/vendor/k8s.io/api/events/v1beta1/types.go
+++ b/vendor/k8s.io/api/events/v1beta1/types.go
@@ -89,7 +89,7 @@ type Event struct {
 }
 
 // EventSeries contain information on series of events, i.e. thing that was/is happening
-// continously for some time.
+// continuously for some time.
 type EventSeries struct {
 	// Number of occurrences in this series up to the last heartbeat time
 	Count int32 `json:"count" protobuf:"varint,1,opt,name=count"`
diff --git a/vendor/k8s.io/api/events/v1beta1/types_swagger_doc_generated.go b/vendor/k8s.io/api/events/v1beta1/types_swagger_doc_generated.go
index 04a4a91227f8..17ec3d777767 100644
--- a/vendor/k8s.io/api/events/v1beta1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/events/v1beta1/types_swagger_doc_generated.go
@@ -60,7 +60,7 @@ func (EventList) SwaggerDoc() map[string]string {
 }
 
 var map_EventSeries = map[string]string{
-	"":                 "EventSeries contain information on series of events, i.e. thing that was/is happening continously for some time.",
+	"":                 "EventSeries contain information on series of events, i.e. thing that was/is happening continuously for some time.",
 	"count":            "Number of occurrences in this series up to the last heartbeat time",
 	"lastObservedTime": "Time when last Event from the series was seen before last heartbeat.",
 	"state":            "Information whether this series is ongoing or finished.",
diff --git a/vendor/k8s.io/api/events/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/events/v1beta1/zz_generated.deepcopy.go
index 626feacf0817..546d69e7e6e8 100644
--- a/vendor/k8s.io/api/events/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/events/v1beta1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1beta1
 
@@ -70,9 +70,8 @@ func (in *Event) DeepCopy() *Event {
 func (in *Event) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -104,9 +103,8 @@ func (in *EventList) DeepCopy() *EventList {
 func (in *EventList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/api/extensions/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/extensions/v1beta1/zz_generated.deepcopy.go
index 564d4177d0af..de1970c8f56d 100644
--- a/vendor/k8s.io/api/extensions/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/extensions/v1beta1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1beta1
 
@@ -163,9 +163,8 @@ func (in *DaemonSet) DeepCopy() *DaemonSet {
 func (in *DaemonSet) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -214,9 +213,8 @@ func (in *DaemonSetList) DeepCopy() *DaemonSetList {
 func (in *DaemonSetList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -336,9 +334,8 @@ func (in *Deployment) DeepCopy() *Deployment {
 func (in *Deployment) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -388,9 +385,8 @@ func (in *DeploymentList) DeepCopy() *DeploymentList {
 func (in *DeploymentList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -422,9 +418,8 @@ func (in *DeploymentRollback) DeepCopy() *DeploymentRollback {
 func (in *DeploymentRollback) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -683,9 +678,8 @@ func (in *Ingress) DeepCopy() *Ingress {
 func (in *Ingress) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -734,9 +728,8 @@ func (in *IngressList) DeepCopy() *IngressList {
 func (in *IngressList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -881,9 +874,8 @@ func (in *NetworkPolicy) DeepCopy() *NetworkPolicy {
 func (in *NetworkPolicy) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -975,9 +967,8 @@ func (in *NetworkPolicyList) DeepCopy() *NetworkPolicyList {
 func (in *NetworkPolicyList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -1116,9 +1107,8 @@ func (in *PodSecurityPolicy) DeepCopy() *PodSecurityPolicy {
 func (in *PodSecurityPolicy) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -1150,9 +1140,8 @@ func (in *PodSecurityPolicyList) DeepCopy() *PodSecurityPolicyList {
 func (in *PodSecurityPolicyList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -1252,9 +1241,8 @@ func (in *ReplicaSet) DeepCopy() *ReplicaSet {
 func (in *ReplicaSet) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -1303,9 +1291,8 @@ func (in *ReplicaSetList) DeepCopy() *ReplicaSetList {
 func (in *ReplicaSetList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -1387,9 +1374,8 @@ func (in *ReplicationControllerDummy) DeepCopy() *ReplicationControllerDummy {
 func (in *ReplicationControllerDummy) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -1537,9 +1523,8 @@ func (in *Scale) DeepCopy() *Scale {
 func (in *Scale) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/api/imagepolicy/v1alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/api/imagepolicy/v1alpha1/zz_generated.deepcopy.go
index f0463d29d25b..50f314886c64 100644
--- a/vendor/k8s.io/api/imagepolicy/v1alpha1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/imagepolicy/v1alpha1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1alpha1
 
@@ -48,9 +48,8 @@ func (in *ImageReview) DeepCopy() *ImageReview {
 func (in *ImageReview) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/api/networking/v1/zz_generated.deepcopy.go b/vendor/k8s.io/api/networking/v1/zz_generated.deepcopy.go
index 3dbe87055cc8..8a7c1530e91f 100644
--- a/vendor/k8s.io/api/networking/v1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/networking/v1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1
 
@@ -71,9 +71,8 @@ func (in *NetworkPolicy) DeepCopy() *NetworkPolicy {
 func (in *NetworkPolicy) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -165,9 +164,8 @@ func (in *NetworkPolicyList) DeepCopy() *NetworkPolicyList {
 func (in *NetworkPolicyList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/api/policy/v1beta1/BUILD b/vendor/k8s.io/api/policy/v1beta1/BUILD
index 6e4a07deb67c..d55d68e5d76e 100644
--- a/vendor/k8s.io/api/policy/v1beta1/BUILD
+++ b/vendor/k8s.io/api/policy/v1beta1/BUILD
@@ -19,6 +19,7 @@ go_library(
     deps = [
         "//vendor/github.com/gogo/protobuf/proto:go_default_library",
         "//vendor/github.com/gogo/protobuf/sortkeys:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
diff --git a/vendor/k8s.io/api/policy/v1beta1/generated.pb.go b/vendor/k8s.io/api/policy/v1beta1/generated.pb.go
index 4ed4d29ca6b6..24bbe8975e69 100644
--- a/vendor/k8s.io/api/policy/v1beta1/generated.pb.go
+++ b/vendor/k8s.io/api/policy/v1beta1/generated.pb.go
@@ -25,11 +25,22 @@ limitations under the License.
 		k8s.io/kubernetes/vendor/k8s.io/api/policy/v1beta1/generated.proto
 
 	It has these top-level messages:
+		AllowedFlexVolume
+		AllowedHostPath
 		Eviction
+		FSGroupStrategyOptions
+		HostPortRange
+		IDRange
 		PodDisruptionBudget
 		PodDisruptionBudgetList
 		PodDisruptionBudgetSpec
 		PodDisruptionBudgetStatus
+		PodSecurityPolicy
+		PodSecurityPolicyList
+		PodSecurityPolicySpec
+		RunAsUserStrategyOptions
+		SELinuxStrategyOptions
+		SupplementalGroupsStrategyOptions
 */
 package v1beta1
 
@@ -37,6 +48,7 @@ import proto "github.com/gogo/protobuf/proto"
 import fmt "fmt"
 import math "math"
 
+import k8s_io_api_core_v1 "k8s.io/api/core/v1"
 import k8s_io_apimachinery_pkg_apis_meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
 import k8s_io_apimachinery_pkg_util_intstr "k8s.io/apimachinery/pkg/util/intstr"
@@ -59,35 +71,138 @@ var _ = math.Inf
 // proto package needs to be updated.
 const _ = proto.GoGoProtoPackageIsVersion2 // please upgrade the proto package
 
+func (m *AllowedFlexVolume) Reset()                    { *m = AllowedFlexVolume{} }
+func (*AllowedFlexVolume) ProtoMessage()               {}
+func (*AllowedFlexVolume) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{0} }
+
+func (m *AllowedHostPath) Reset()                    { *m = AllowedHostPath{} }
+func (*AllowedHostPath) ProtoMessage()               {}
+func (*AllowedHostPath) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{1} }
+
 func (m *Eviction) Reset()                    { *m = Eviction{} }
 func (*Eviction) ProtoMessage()               {}
-func (*Eviction) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{0} }
+func (*Eviction) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{2} }
+
+func (m *FSGroupStrategyOptions) Reset()                    { *m = FSGroupStrategyOptions{} }
+func (*FSGroupStrategyOptions) ProtoMessage()               {}
+func (*FSGroupStrategyOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{3} }
+
+func (m *HostPortRange) Reset()                    { *m = HostPortRange{} }
+func (*HostPortRange) ProtoMessage()               {}
+func (*HostPortRange) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{4} }
+
+func (m *IDRange) Reset()                    { *m = IDRange{} }
+func (*IDRange) ProtoMessage()               {}
+func (*IDRange) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{5} }
 
 func (m *PodDisruptionBudget) Reset()                    { *m = PodDisruptionBudget{} }
 func (*PodDisruptionBudget) ProtoMessage()               {}
-func (*PodDisruptionBudget) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{1} }
+func (*PodDisruptionBudget) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{6} }
 
 func (m *PodDisruptionBudgetList) Reset()                    { *m = PodDisruptionBudgetList{} }
 func (*PodDisruptionBudgetList) ProtoMessage()               {}
-func (*PodDisruptionBudgetList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{2} }
+func (*PodDisruptionBudgetList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{7} }
 
 func (m *PodDisruptionBudgetSpec) Reset()                    { *m = PodDisruptionBudgetSpec{} }
 func (*PodDisruptionBudgetSpec) ProtoMessage()               {}
-func (*PodDisruptionBudgetSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{3} }
+func (*PodDisruptionBudgetSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{8} }
 
 func (m *PodDisruptionBudgetStatus) Reset()      { *m = PodDisruptionBudgetStatus{} }
 func (*PodDisruptionBudgetStatus) ProtoMessage() {}
 func (*PodDisruptionBudgetStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{4}
+	return fileDescriptorGenerated, []int{9}
+}
+
+func (m *PodSecurityPolicy) Reset()                    { *m = PodSecurityPolicy{} }
+func (*PodSecurityPolicy) ProtoMessage()               {}
+func (*PodSecurityPolicy) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{10} }
+
+func (m *PodSecurityPolicyList) Reset()                    { *m = PodSecurityPolicyList{} }
+func (*PodSecurityPolicyList) ProtoMessage()               {}
+func (*PodSecurityPolicyList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{11} }
+
+func (m *PodSecurityPolicySpec) Reset()                    { *m = PodSecurityPolicySpec{} }
+func (*PodSecurityPolicySpec) ProtoMessage()               {}
+func (*PodSecurityPolicySpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{12} }
+
+func (m *RunAsUserStrategyOptions) Reset()      { *m = RunAsUserStrategyOptions{} }
+func (*RunAsUserStrategyOptions) ProtoMessage() {}
+func (*RunAsUserStrategyOptions) Descriptor() ([]byte, []int) {
+	return fileDescriptorGenerated, []int{13}
+}
+
+func (m *SELinuxStrategyOptions) Reset()                    { *m = SELinuxStrategyOptions{} }
+func (*SELinuxStrategyOptions) ProtoMessage()               {}
+func (*SELinuxStrategyOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{14} }
+
+func (m *SupplementalGroupsStrategyOptions) Reset()      { *m = SupplementalGroupsStrategyOptions{} }
+func (*SupplementalGroupsStrategyOptions) ProtoMessage() {}
+func (*SupplementalGroupsStrategyOptions) Descriptor() ([]byte, []int) {
+	return fileDescriptorGenerated, []int{15}
 }
 
 func init() {
+	proto.RegisterType((*AllowedFlexVolume)(nil), "k8s.io.api.policy.v1beta1.AllowedFlexVolume")
+	proto.RegisterType((*AllowedHostPath)(nil), "k8s.io.api.policy.v1beta1.AllowedHostPath")
 	proto.RegisterType((*Eviction)(nil), "k8s.io.api.policy.v1beta1.Eviction")
+	proto.RegisterType((*FSGroupStrategyOptions)(nil), "k8s.io.api.policy.v1beta1.FSGroupStrategyOptions")
+	proto.RegisterType((*HostPortRange)(nil), "k8s.io.api.policy.v1beta1.HostPortRange")
+	proto.RegisterType((*IDRange)(nil), "k8s.io.api.policy.v1beta1.IDRange")
 	proto.RegisterType((*PodDisruptionBudget)(nil), "k8s.io.api.policy.v1beta1.PodDisruptionBudget")
 	proto.RegisterType((*PodDisruptionBudgetList)(nil), "k8s.io.api.policy.v1beta1.PodDisruptionBudgetList")
 	proto.RegisterType((*PodDisruptionBudgetSpec)(nil), "k8s.io.api.policy.v1beta1.PodDisruptionBudgetSpec")
 	proto.RegisterType((*PodDisruptionBudgetStatus)(nil), "k8s.io.api.policy.v1beta1.PodDisruptionBudgetStatus")
+	proto.RegisterType((*PodSecurityPolicy)(nil), "k8s.io.api.policy.v1beta1.PodSecurityPolicy")
+	proto.RegisterType((*PodSecurityPolicyList)(nil), "k8s.io.api.policy.v1beta1.PodSecurityPolicyList")
+	proto.RegisterType((*PodSecurityPolicySpec)(nil), "k8s.io.api.policy.v1beta1.PodSecurityPolicySpec")
+	proto.RegisterType((*RunAsUserStrategyOptions)(nil), "k8s.io.api.policy.v1beta1.RunAsUserStrategyOptions")
+	proto.RegisterType((*SELinuxStrategyOptions)(nil), "k8s.io.api.policy.v1beta1.SELinuxStrategyOptions")
+	proto.RegisterType((*SupplementalGroupsStrategyOptions)(nil), "k8s.io.api.policy.v1beta1.SupplementalGroupsStrategyOptions")
+}
+func (m *AllowedFlexVolume) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *AllowedFlexVolume) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Driver)))
+	i += copy(dAtA[i:], m.Driver)
+	return i, nil
+}
+
+func (m *AllowedHostPath) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *AllowedHostPath) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.PathPrefix)))
+	i += copy(dAtA[i:], m.PathPrefix)
+	return i, nil
 }
+
 func (m *Eviction) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -124,6 +239,88 @@ func (m *Eviction) MarshalTo(dAtA []byte) (int, error) {
 	return i, nil
 }
 
+func (m *FSGroupStrategyOptions) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *FSGroupStrategyOptions) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Rule)))
+	i += copy(dAtA[i:], m.Rule)
+	if len(m.Ranges) > 0 {
+		for _, msg := range m.Ranges {
+			dAtA[i] = 0x12
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(msg.Size()))
+			n, err := msg.MarshalTo(dAtA[i:])
+			if err != nil {
+				return 0, err
+			}
+			i += n
+		}
+	}
+	return i, nil
+}
+
+func (m *HostPortRange) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *HostPortRange) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0x8
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Min))
+	dAtA[i] = 0x10
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Max))
+	return i, nil
+}
+
+func (m *IDRange) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *IDRange) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0x8
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Min))
+	dAtA[i] = 0x10
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Max))
+	return i, nil
+}
+
 func (m *PodDisruptionBudget) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -316,204 +513,2344 @@ func (m *PodDisruptionBudgetStatus) MarshalTo(dAtA []byte) (int, error) {
 	return i, nil
 }
 
-func encodeFixed64Generated(dAtA []byte, offset int, v uint64) int {
-	dAtA[offset] = uint8(v)
-	dAtA[offset+1] = uint8(v >> 8)
-	dAtA[offset+2] = uint8(v >> 16)
-	dAtA[offset+3] = uint8(v >> 24)
-	dAtA[offset+4] = uint8(v >> 32)
-	dAtA[offset+5] = uint8(v >> 40)
-	dAtA[offset+6] = uint8(v >> 48)
-	dAtA[offset+7] = uint8(v >> 56)
-	return offset + 8
-}
-func encodeFixed32Generated(dAtA []byte, offset int, v uint32) int {
-	dAtA[offset] = uint8(v)
-	dAtA[offset+1] = uint8(v >> 8)
-	dAtA[offset+2] = uint8(v >> 16)
-	dAtA[offset+3] = uint8(v >> 24)
-	return offset + 4
-}
-func encodeVarintGenerated(dAtA []byte, offset int, v uint64) int {
-	for v >= 1<<7 {
-		dAtA[offset] = uint8(v&0x7f | 0x80)
-		v >>= 7
-		offset++
+func (m *PodSecurityPolicy) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
 	}
-	dAtA[offset] = uint8(v)
-	return offset + 1
+	return dAtA[:n], nil
 }
-func (m *Eviction) Size() (n int) {
+
+func (m *PodSecurityPolicy) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
 	var l int
 	_ = l
-	l = m.ObjectMeta.Size()
-	n += 1 + l + sovGenerated(uint64(l))
-	if m.DeleteOptions != nil {
-		l = m.DeleteOptions.Size()
-		n += 1 + l + sovGenerated(uint64(l))
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
+	n11, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
 	}
-	return n
+	i += n11
+	dAtA[i] = 0x12
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size()))
+	n12, err := m.Spec.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n12
+	return i, nil
 }
 
-func (m *PodDisruptionBudget) Size() (n int) {
-	var l int
-	_ = l
-	l = m.ObjectMeta.Size()
-	n += 1 + l + sovGenerated(uint64(l))
-	l = m.Spec.Size()
-	n += 1 + l + sovGenerated(uint64(l))
-	l = m.Status.Size()
-	n += 1 + l + sovGenerated(uint64(l))
-	return n
+func (m *PodSecurityPolicyList) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
 }
 
-func (m *PodDisruptionBudgetList) Size() (n int) {
+func (m *PodSecurityPolicyList) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
 	var l int
 	_ = l
-	l = m.ListMeta.Size()
-	n += 1 + l + sovGenerated(uint64(l))
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
+	n13, err := m.ListMeta.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n13
 	if len(m.Items) > 0 {
-		for _, e := range m.Items {
-			l = e.Size()
-			n += 1 + l + sovGenerated(uint64(l))
+		for _, msg := range m.Items {
+			dAtA[i] = 0x12
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(msg.Size()))
+			n, err := msg.MarshalTo(dAtA[i:])
+			if err != nil {
+				return 0, err
+			}
+			i += n
 		}
 	}
-	return n
+	return i, nil
 }
 
-func (m *PodDisruptionBudgetSpec) Size() (n int) {
-	var l int
-	_ = l
-	if m.MinAvailable != nil {
-		l = m.MinAvailable.Size()
-		n += 1 + l + sovGenerated(uint64(l))
-	}
-	if m.Selector != nil {
-		l = m.Selector.Size()
-		n += 1 + l + sovGenerated(uint64(l))
-	}
-	if m.MaxUnavailable != nil {
-		l = m.MaxUnavailable.Size()
-		n += 1 + l + sovGenerated(uint64(l))
+func (m *PodSecurityPolicySpec) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
 	}
-	return n
+	return dAtA[:n], nil
 }
 
-func (m *PodDisruptionBudgetStatus) Size() (n int) {
+func (m *PodSecurityPolicySpec) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
 	var l int
 	_ = l
-	n += 1 + sovGenerated(uint64(m.ObservedGeneration))
-	if len(m.DisruptedPods) > 0 {
-		for k, v := range m.DisruptedPods {
-			_ = k
-			_ = v
-			l = v.Size()
-			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + l + sovGenerated(uint64(l))
-			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
+	dAtA[i] = 0x8
+	i++
+	if m.Privileged {
+		dAtA[i] = 1
+	} else {
+		dAtA[i] = 0
+	}
+	i++
+	if len(m.DefaultAddCapabilities) > 0 {
+		for _, s := range m.DefaultAddCapabilities {
+			dAtA[i] = 0x12
+			i++
+			l = len(s)
+			for l >= 1<<7 {
+				dAtA[i] = uint8(uint64(l)&0x7f | 0x80)
+				l >>= 7
+				i++
+			}
+			dAtA[i] = uint8(l)
+			i++
+			i += copy(dAtA[i:], s)
 		}
 	}
-	n += 1 + sovGenerated(uint64(m.PodDisruptionsAllowed))
-	n += 1 + sovGenerated(uint64(m.CurrentHealthy))
-	n += 1 + sovGenerated(uint64(m.DesiredHealthy))
-	n += 1 + sovGenerated(uint64(m.ExpectedPods))
-	return n
-}
-
-func sovGenerated(x uint64) (n int) {
-	for {
-		n++
-		x >>= 7
-		if x == 0 {
-			break
+	if len(m.RequiredDropCapabilities) > 0 {
+		for _, s := range m.RequiredDropCapabilities {
+			dAtA[i] = 0x1a
+			i++
+			l = len(s)
+			for l >= 1<<7 {
+				dAtA[i] = uint8(uint64(l)&0x7f | 0x80)
+				l >>= 7
+				i++
+			}
+			dAtA[i] = uint8(l)
+			i++
+			i += copy(dAtA[i:], s)
 		}
 	}
-	return n
-}
-func sozGenerated(x uint64) (n int) {
-	return sovGenerated(uint64((x << 1) ^ uint64((int64(x) >> 63))))
-}
-func (this *Eviction) String() string {
-	if this == nil {
-		return "nil"
+	if len(m.AllowedCapabilities) > 0 {
+		for _, s := range m.AllowedCapabilities {
+			dAtA[i] = 0x22
+			i++
+			l = len(s)
+			for l >= 1<<7 {
+				dAtA[i] = uint8(uint64(l)&0x7f | 0x80)
+				l >>= 7
+				i++
+			}
+			dAtA[i] = uint8(l)
+			i++
+			i += copy(dAtA[i:], s)
+		}
 	}
-	s := strings.Join([]string{`&Eviction{`,
-		`ObjectMeta:` + strings.Replace(strings.Replace(this.ObjectMeta.String(), "ObjectMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
-		`DeleteOptions:` + strings.Replace(fmt.Sprintf("%v", this.DeleteOptions), "DeleteOptions", "k8s_io_apimachinery_pkg_apis_meta_v1.DeleteOptions", 1) + `,`,
-		`}`,
-	}, "")
-	return s
+	if len(m.Volumes) > 0 {
+		for _, s := range m.Volumes {
+			dAtA[i] = 0x2a
+			i++
+			l = len(s)
+			for l >= 1<<7 {
+				dAtA[i] = uint8(uint64(l)&0x7f | 0x80)
+				l >>= 7
+				i++
+			}
+			dAtA[i] = uint8(l)
+			i++
+			i += copy(dAtA[i:], s)
+		}
+	}
+	dAtA[i] = 0x30
+	i++
+	if m.HostNetwork {
+		dAtA[i] = 1
+	} else {
+		dAtA[i] = 0
+	}
+	i++
+	if len(m.HostPorts) > 0 {
+		for _, msg := range m.HostPorts {
+			dAtA[i] = 0x3a
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(msg.Size()))
+			n, err := msg.MarshalTo(dAtA[i:])
+			if err != nil {
+				return 0, err
+			}
+			i += n
+		}
+	}
+	dAtA[i] = 0x40
+	i++
+	if m.HostPID {
+		dAtA[i] = 1
+	} else {
+		dAtA[i] = 0
+	}
+	i++
+	dAtA[i] = 0x48
+	i++
+	if m.HostIPC {
+		dAtA[i] = 1
+	} else {
+		dAtA[i] = 0
+	}
+	i++
+	dAtA[i] = 0x52
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.SELinux.Size()))
+	n14, err := m.SELinux.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n14
+	dAtA[i] = 0x5a
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.RunAsUser.Size()))
+	n15, err := m.RunAsUser.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n15
+	dAtA[i] = 0x62
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.SupplementalGroups.Size()))
+	n16, err := m.SupplementalGroups.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n16
+	dAtA[i] = 0x6a
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.FSGroup.Size()))
+	n17, err := m.FSGroup.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n17
+	dAtA[i] = 0x70
+	i++
+	if m.ReadOnlyRootFilesystem {
+		dAtA[i] = 1
+	} else {
+		dAtA[i] = 0
+	}
+	i++
+	if m.DefaultAllowPrivilegeEscalation != nil {
+		dAtA[i] = 0x78
+		i++
+		if *m.DefaultAllowPrivilegeEscalation {
+			dAtA[i] = 1
+		} else {
+			dAtA[i] = 0
+		}
+		i++
+	}
+	if m.AllowPrivilegeEscalation != nil {
+		dAtA[i] = 0x80
+		i++
+		dAtA[i] = 0x1
+		i++
+		if *m.AllowPrivilegeEscalation {
+			dAtA[i] = 1
+		} else {
+			dAtA[i] = 0
+		}
+		i++
+	}
+	if len(m.AllowedHostPaths) > 0 {
+		for _, msg := range m.AllowedHostPaths {
+			dAtA[i] = 0x8a
+			i++
+			dAtA[i] = 0x1
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(msg.Size()))
+			n, err := msg.MarshalTo(dAtA[i:])
+			if err != nil {
+				return 0, err
+			}
+			i += n
+		}
+	}
+	if len(m.AllowedFlexVolumes) > 0 {
+		for _, msg := range m.AllowedFlexVolumes {
+			dAtA[i] = 0x92
+			i++
+			dAtA[i] = 0x1
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(msg.Size()))
+			n, err := msg.MarshalTo(dAtA[i:])
+			if err != nil {
+				return 0, err
+			}
+			i += n
+		}
+	}
+	return i, nil
 }
-func (this *PodDisruptionBudget) String() string {
-	if this == nil {
-		return "nil"
+
+func (m *RunAsUserStrategyOptions) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
 	}
-	s := strings.Join([]string{`&PodDisruptionBudget{`,
-		`ObjectMeta:` + strings.Replace(strings.Replace(this.ObjectMeta.String(), "ObjectMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
-		`Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "PodDisruptionBudgetSpec", "PodDisruptionBudgetSpec", 1), `&`, ``, 1) + `,`,
-		`Status:` + strings.Replace(strings.Replace(this.Status.String(), "PodDisruptionBudgetStatus", "PodDisruptionBudgetStatus", 1), `&`, ``, 1) + `,`,
-		`}`,
-	}, "")
-	return s
+	return dAtA[:n], nil
 }
-func (this *PodDisruptionBudgetList) String() string {
-	if this == nil {
-		return "nil"
+
+func (m *RunAsUserStrategyOptions) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Rule)))
+	i += copy(dAtA[i:], m.Rule)
+	if len(m.Ranges) > 0 {
+		for _, msg := range m.Ranges {
+			dAtA[i] = 0x12
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(msg.Size()))
+			n, err := msg.MarshalTo(dAtA[i:])
+			if err != nil {
+				return 0, err
+			}
+			i += n
+		}
 	}
-	s := strings.Join([]string{`&PodDisruptionBudgetList{`,
-		`ListMeta:` + strings.Replace(strings.Replace(this.ListMeta.String(), "ListMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ListMeta", 1), `&`, ``, 1) + `,`,
-		`Items:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Items), "PodDisruptionBudget", "PodDisruptionBudget", 1), `&`, ``, 1) + `,`,
-		`}`,
-	}, "")
-	return s
+	return i, nil
 }
-func (this *PodDisruptionBudgetSpec) String() string {
-	if this == nil {
-		return "nil"
+
+func (m *SELinuxStrategyOptions) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
 	}
-	s := strings.Join([]string{`&PodDisruptionBudgetSpec{`,
-		`MinAvailable:` + strings.Replace(fmt.Sprintf("%v", this.MinAvailable), "IntOrString", "k8s_io_apimachinery_pkg_util_intstr.IntOrString", 1) + `,`,
-		`Selector:` + strings.Replace(fmt.Sprintf("%v", this.Selector), "LabelSelector", "k8s_io_apimachinery_pkg_apis_meta_v1.LabelSelector", 1) + `,`,
-		`MaxUnavailable:` + strings.Replace(fmt.Sprintf("%v", this.MaxUnavailable), "IntOrString", "k8s_io_apimachinery_pkg_util_intstr.IntOrString", 1) + `,`,
-		`}`,
-	}, "")
-	return s
+	return dAtA[:n], nil
 }
-func (this *PodDisruptionBudgetStatus) String() string {
-	if this == nil {
-		return "nil"
+
+func (m *SELinuxStrategyOptions) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Rule)))
+	i += copy(dAtA[i:], m.Rule)
+	if m.SELinuxOptions != nil {
+		dAtA[i] = 0x12
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.SELinuxOptions.Size()))
+		n18, err := m.SELinuxOptions.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n18
 	}
-	keysForDisruptedPods := make([]string, 0, len(this.DisruptedPods))
-	for k := range this.DisruptedPods {
-		keysForDisruptedPods = append(keysForDisruptedPods, k)
+	return i, nil
+}
+
+func (m *SupplementalGroupsStrategyOptions) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
 	}
-	github_com_gogo_protobuf_sortkeys.Strings(keysForDisruptedPods)
-	mapStringForDisruptedPods := "map[string]k8s_io_apimachinery_pkg_apis_meta_v1.Time{"
-	for _, k := range keysForDisruptedPods {
-		mapStringForDisruptedPods += fmt.Sprintf("%v: %v,", k, this.DisruptedPods[k])
+	return dAtA[:n], nil
+}
+
+func (m *SupplementalGroupsStrategyOptions) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Rule)))
+	i += copy(dAtA[i:], m.Rule)
+	if len(m.Ranges) > 0 {
+		for _, msg := range m.Ranges {
+			dAtA[i] = 0x12
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(msg.Size()))
+			n, err := msg.MarshalTo(dAtA[i:])
+			if err != nil {
+				return 0, err
+			}
+			i += n
+		}
 	}
-	mapStringForDisruptedPods += "}"
-	s := strings.Join([]string{`&PodDisruptionBudgetStatus{`,
-		`ObservedGeneration:` + fmt.Sprintf("%v", this.ObservedGeneration) + `,`,
-		`DisruptedPods:` + mapStringForDisruptedPods + `,`,
-		`PodDisruptionsAllowed:` + fmt.Sprintf("%v", this.PodDisruptionsAllowed) + `,`,
-		`CurrentHealthy:` + fmt.Sprintf("%v", this.CurrentHealthy) + `,`,
-		`DesiredHealthy:` + fmt.Sprintf("%v", this.DesiredHealthy) + `,`,
-		`ExpectedPods:` + fmt.Sprintf("%v", this.ExpectedPods) + `,`,
-		`}`,
-	}, "")
-	return s
+	return i, nil
 }
-func valueToStringGenerated(v interface{}) string {
-	rv := reflect.ValueOf(v)
-	if rv.IsNil() {
-		return "nil"
+
+func encodeFixed64Generated(dAtA []byte, offset int, v uint64) int {
+	dAtA[offset] = uint8(v)
+	dAtA[offset+1] = uint8(v >> 8)
+	dAtA[offset+2] = uint8(v >> 16)
+	dAtA[offset+3] = uint8(v >> 24)
+	dAtA[offset+4] = uint8(v >> 32)
+	dAtA[offset+5] = uint8(v >> 40)
+	dAtA[offset+6] = uint8(v >> 48)
+	dAtA[offset+7] = uint8(v >> 56)
+	return offset + 8
+}
+func encodeFixed32Generated(dAtA []byte, offset int, v uint32) int {
+	dAtA[offset] = uint8(v)
+	dAtA[offset+1] = uint8(v >> 8)
+	dAtA[offset+2] = uint8(v >> 16)
+	dAtA[offset+3] = uint8(v >> 24)
+	return offset + 4
+}
+func encodeVarintGenerated(dAtA []byte, offset int, v uint64) int {
+	for v >= 1<<7 {
+		dAtA[offset] = uint8(v&0x7f | 0x80)
+		v >>= 7
+		offset++
 	}
-	pv := reflect.Indirect(rv).Interface()
-	return fmt.Sprintf("*%v", pv)
+	dAtA[offset] = uint8(v)
+	return offset + 1
 }
-func (m *Eviction) Unmarshal(dAtA []byte) error {
-	l := len(dAtA)
-	iNdEx := 0
+func (m *AllowedFlexVolume) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.Driver)
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *AllowedHostPath) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.PathPrefix)
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *Eviction) Size() (n int) {
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.DeleteOptions != nil {
+		l = m.DeleteOptions.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *FSGroupStrategyOptions) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.Rule)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Ranges) > 0 {
+		for _, e := range m.Ranges {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *HostPortRange) Size() (n int) {
+	var l int
+	_ = l
+	n += 1 + sovGenerated(uint64(m.Min))
+	n += 1 + sovGenerated(uint64(m.Max))
+	return n
+}
+
+func (m *IDRange) Size() (n int) {
+	var l int
+	_ = l
+	n += 1 + sovGenerated(uint64(m.Min))
+	n += 1 + sovGenerated(uint64(m.Max))
+	return n
+}
+
+func (m *PodDisruptionBudget) Size() (n int) {
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Spec.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Status.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *PodDisruptionBudgetList) Size() (n int) {
+	var l int
+	_ = l
+	l = m.ListMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Items) > 0 {
+		for _, e := range m.Items {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *PodDisruptionBudgetSpec) Size() (n int) {
+	var l int
+	_ = l
+	if m.MinAvailable != nil {
+		l = m.MinAvailable.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.Selector != nil {
+		l = m.Selector.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.MaxUnavailable != nil {
+		l = m.MaxUnavailable.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *PodDisruptionBudgetStatus) Size() (n int) {
+	var l int
+	_ = l
+	n += 1 + sovGenerated(uint64(m.ObservedGeneration))
+	if len(m.DisruptedPods) > 0 {
+		for k, v := range m.DisruptedPods {
+			_ = k
+			_ = v
+			l = v.Size()
+			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + l + sovGenerated(uint64(l))
+			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
+		}
+	}
+	n += 1 + sovGenerated(uint64(m.PodDisruptionsAllowed))
+	n += 1 + sovGenerated(uint64(m.CurrentHealthy))
+	n += 1 + sovGenerated(uint64(m.DesiredHealthy))
+	n += 1 + sovGenerated(uint64(m.ExpectedPods))
+	return n
+}
+
+func (m *PodSecurityPolicy) Size() (n int) {
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Spec.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *PodSecurityPolicyList) Size() (n int) {
+	var l int
+	_ = l
+	l = m.ListMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Items) > 0 {
+		for _, e := range m.Items {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *PodSecurityPolicySpec) Size() (n int) {
+	var l int
+	_ = l
+	n += 2
+	if len(m.DefaultAddCapabilities) > 0 {
+		for _, s := range m.DefaultAddCapabilities {
+			l = len(s)
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if len(m.RequiredDropCapabilities) > 0 {
+		for _, s := range m.RequiredDropCapabilities {
+			l = len(s)
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if len(m.AllowedCapabilities) > 0 {
+		for _, s := range m.AllowedCapabilities {
+			l = len(s)
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if len(m.Volumes) > 0 {
+		for _, s := range m.Volumes {
+			l = len(s)
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	n += 2
+	if len(m.HostPorts) > 0 {
+		for _, e := range m.HostPorts {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	n += 2
+	n += 2
+	l = m.SELinux.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.RunAsUser.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.SupplementalGroups.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.FSGroup.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	n += 2
+	if m.DefaultAllowPrivilegeEscalation != nil {
+		n += 2
+	}
+	if m.AllowPrivilegeEscalation != nil {
+		n += 3
+	}
+	if len(m.AllowedHostPaths) > 0 {
+		for _, e := range m.AllowedHostPaths {
+			l = e.Size()
+			n += 2 + l + sovGenerated(uint64(l))
+		}
+	}
+	if len(m.AllowedFlexVolumes) > 0 {
+		for _, e := range m.AllowedFlexVolumes {
+			l = e.Size()
+			n += 2 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *RunAsUserStrategyOptions) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.Rule)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Ranges) > 0 {
+		for _, e := range m.Ranges {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *SELinuxStrategyOptions) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.Rule)
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.SELinuxOptions != nil {
+		l = m.SELinuxOptions.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *SupplementalGroupsStrategyOptions) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.Rule)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Ranges) > 0 {
+		for _, e := range m.Ranges {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func sovGenerated(x uint64) (n int) {
+	for {
+		n++
+		x >>= 7
+		if x == 0 {
+			break
+		}
+	}
+	return n
+}
+func sozGenerated(x uint64) (n int) {
+	return sovGenerated(uint64((x << 1) ^ uint64((int64(x) >> 63))))
+}
+func (this *AllowedFlexVolume) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&AllowedFlexVolume{`,
+		`Driver:` + fmt.Sprintf("%v", this.Driver) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *AllowedHostPath) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&AllowedHostPath{`,
+		`PathPrefix:` + fmt.Sprintf("%v", this.PathPrefix) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *Eviction) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&Eviction{`,
+		`ObjectMeta:` + strings.Replace(strings.Replace(this.ObjectMeta.String(), "ObjectMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
+		`DeleteOptions:` + strings.Replace(fmt.Sprintf("%v", this.DeleteOptions), "DeleteOptions", "k8s_io_apimachinery_pkg_apis_meta_v1.DeleteOptions", 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *FSGroupStrategyOptions) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&FSGroupStrategyOptions{`,
+		`Rule:` + fmt.Sprintf("%v", this.Rule) + `,`,
+		`Ranges:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Ranges), "IDRange", "IDRange", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *HostPortRange) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&HostPortRange{`,
+		`Min:` + fmt.Sprintf("%v", this.Min) + `,`,
+		`Max:` + fmt.Sprintf("%v", this.Max) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *IDRange) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&IDRange{`,
+		`Min:` + fmt.Sprintf("%v", this.Min) + `,`,
+		`Max:` + fmt.Sprintf("%v", this.Max) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *PodDisruptionBudget) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&PodDisruptionBudget{`,
+		`ObjectMeta:` + strings.Replace(strings.Replace(this.ObjectMeta.String(), "ObjectMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
+		`Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "PodDisruptionBudgetSpec", "PodDisruptionBudgetSpec", 1), `&`, ``, 1) + `,`,
+		`Status:` + strings.Replace(strings.Replace(this.Status.String(), "PodDisruptionBudgetStatus", "PodDisruptionBudgetStatus", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *PodDisruptionBudgetList) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&PodDisruptionBudgetList{`,
+		`ListMeta:` + strings.Replace(strings.Replace(this.ListMeta.String(), "ListMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ListMeta", 1), `&`, ``, 1) + `,`,
+		`Items:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Items), "PodDisruptionBudget", "PodDisruptionBudget", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *PodDisruptionBudgetSpec) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&PodDisruptionBudgetSpec{`,
+		`MinAvailable:` + strings.Replace(fmt.Sprintf("%v", this.MinAvailable), "IntOrString", "k8s_io_apimachinery_pkg_util_intstr.IntOrString", 1) + `,`,
+		`Selector:` + strings.Replace(fmt.Sprintf("%v", this.Selector), "LabelSelector", "k8s_io_apimachinery_pkg_apis_meta_v1.LabelSelector", 1) + `,`,
+		`MaxUnavailable:` + strings.Replace(fmt.Sprintf("%v", this.MaxUnavailable), "IntOrString", "k8s_io_apimachinery_pkg_util_intstr.IntOrString", 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *PodDisruptionBudgetStatus) String() string {
+	if this == nil {
+		return "nil"
+	}
+	keysForDisruptedPods := make([]string, 0, len(this.DisruptedPods))
+	for k := range this.DisruptedPods {
+		keysForDisruptedPods = append(keysForDisruptedPods, k)
+	}
+	github_com_gogo_protobuf_sortkeys.Strings(keysForDisruptedPods)
+	mapStringForDisruptedPods := "map[string]k8s_io_apimachinery_pkg_apis_meta_v1.Time{"
+	for _, k := range keysForDisruptedPods {
+		mapStringForDisruptedPods += fmt.Sprintf("%v: %v,", k, this.DisruptedPods[k])
+	}
+	mapStringForDisruptedPods += "}"
+	s := strings.Join([]string{`&PodDisruptionBudgetStatus{`,
+		`ObservedGeneration:` + fmt.Sprintf("%v", this.ObservedGeneration) + `,`,
+		`DisruptedPods:` + mapStringForDisruptedPods + `,`,
+		`PodDisruptionsAllowed:` + fmt.Sprintf("%v", this.PodDisruptionsAllowed) + `,`,
+		`CurrentHealthy:` + fmt.Sprintf("%v", this.CurrentHealthy) + `,`,
+		`DesiredHealthy:` + fmt.Sprintf("%v", this.DesiredHealthy) + `,`,
+		`ExpectedPods:` + fmt.Sprintf("%v", this.ExpectedPods) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *PodSecurityPolicy) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&PodSecurityPolicy{`,
+		`ObjectMeta:` + strings.Replace(strings.Replace(this.ObjectMeta.String(), "ObjectMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
+		`Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "PodSecurityPolicySpec", "PodSecurityPolicySpec", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *PodSecurityPolicyList) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&PodSecurityPolicyList{`,
+		`ListMeta:` + strings.Replace(strings.Replace(this.ListMeta.String(), "ListMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ListMeta", 1), `&`, ``, 1) + `,`,
+		`Items:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Items), "PodSecurityPolicy", "PodSecurityPolicy", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *PodSecurityPolicySpec) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&PodSecurityPolicySpec{`,
+		`Privileged:` + fmt.Sprintf("%v", this.Privileged) + `,`,
+		`DefaultAddCapabilities:` + fmt.Sprintf("%v", this.DefaultAddCapabilities) + `,`,
+		`RequiredDropCapabilities:` + fmt.Sprintf("%v", this.RequiredDropCapabilities) + `,`,
+		`AllowedCapabilities:` + fmt.Sprintf("%v", this.AllowedCapabilities) + `,`,
+		`Volumes:` + fmt.Sprintf("%v", this.Volumes) + `,`,
+		`HostNetwork:` + fmt.Sprintf("%v", this.HostNetwork) + `,`,
+		`HostPorts:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.HostPorts), "HostPortRange", "HostPortRange", 1), `&`, ``, 1) + `,`,
+		`HostPID:` + fmt.Sprintf("%v", this.HostPID) + `,`,
+		`HostIPC:` + fmt.Sprintf("%v", this.HostIPC) + `,`,
+		`SELinux:` + strings.Replace(strings.Replace(this.SELinux.String(), "SELinuxStrategyOptions", "SELinuxStrategyOptions", 1), `&`, ``, 1) + `,`,
+		`RunAsUser:` + strings.Replace(strings.Replace(this.RunAsUser.String(), "RunAsUserStrategyOptions", "RunAsUserStrategyOptions", 1), `&`, ``, 1) + `,`,
+		`SupplementalGroups:` + strings.Replace(strings.Replace(this.SupplementalGroups.String(), "SupplementalGroupsStrategyOptions", "SupplementalGroupsStrategyOptions", 1), `&`, ``, 1) + `,`,
+		`FSGroup:` + strings.Replace(strings.Replace(this.FSGroup.String(), "FSGroupStrategyOptions", "FSGroupStrategyOptions", 1), `&`, ``, 1) + `,`,
+		`ReadOnlyRootFilesystem:` + fmt.Sprintf("%v", this.ReadOnlyRootFilesystem) + `,`,
+		`DefaultAllowPrivilegeEscalation:` + valueToStringGenerated(this.DefaultAllowPrivilegeEscalation) + `,`,
+		`AllowPrivilegeEscalation:` + valueToStringGenerated(this.AllowPrivilegeEscalation) + `,`,
+		`AllowedHostPaths:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.AllowedHostPaths), "AllowedHostPath", "AllowedHostPath", 1), `&`, ``, 1) + `,`,
+		`AllowedFlexVolumes:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.AllowedFlexVolumes), "AllowedFlexVolume", "AllowedFlexVolume", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *RunAsUserStrategyOptions) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&RunAsUserStrategyOptions{`,
+		`Rule:` + fmt.Sprintf("%v", this.Rule) + `,`,
+		`Ranges:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Ranges), "IDRange", "IDRange", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *SELinuxStrategyOptions) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&SELinuxStrategyOptions{`,
+		`Rule:` + fmt.Sprintf("%v", this.Rule) + `,`,
+		`SELinuxOptions:` + strings.Replace(fmt.Sprintf("%v", this.SELinuxOptions), "SELinuxOptions", "k8s_io_api_core_v1.SELinuxOptions", 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *SupplementalGroupsStrategyOptions) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&SupplementalGroupsStrategyOptions{`,
+		`Rule:` + fmt.Sprintf("%v", this.Rule) + `,`,
+		`Ranges:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Ranges), "IDRange", "IDRange", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func valueToStringGenerated(v interface{}) string {
+	rv := reflect.ValueOf(v)
+	if rv.IsNil() {
+		return "nil"
+	}
+	pv := reflect.Indirect(rv).Interface()
+	return fmt.Sprintf("*%v", pv)
+}
+func (m *AllowedFlexVolume) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: AllowedFlexVolume: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: AllowedFlexVolume: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Driver", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Driver = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *AllowedHostPath) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: AllowedHostPath: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: AllowedHostPath: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field PathPrefix", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.PathPrefix = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *Eviction) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: Eviction: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: Eviction: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field DeleteOptions", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.DeleteOptions == nil {
+				m.DeleteOptions = &k8s_io_apimachinery_pkg_apis_meta_v1.DeleteOptions{}
+			}
+			if err := m.DeleteOptions.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *FSGroupStrategyOptions) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: FSGroupStrategyOptions: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: FSGroupStrategyOptions: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Rule", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Rule = FSGroupStrategyType(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Ranges", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Ranges = append(m.Ranges, IDRange{})
+			if err := m.Ranges[len(m.Ranges)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *HostPortRange) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: HostPortRange: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: HostPortRange: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Min", wireType)
+			}
+			m.Min = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Min |= (int32(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		case 2:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Max", wireType)
+			}
+			m.Max = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Max |= (int32(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *IDRange) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: IDRange: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: IDRange: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Min", wireType)
+			}
+			m.Min = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Min |= (int64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		case 2:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Max", wireType)
+			}
+			m.Max = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Max |= (int64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *PodDisruptionBudget) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: PodDisruptionBudget: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: PodDisruptionBudget: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Status.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *PodDisruptionBudgetList) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: PodDisruptionBudgetList: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: PodDisruptionBudgetList: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Items = append(m.Items, PodDisruptionBudget{})
+			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *PodDisruptionBudgetSpec) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: PodDisruptionBudgetSpec: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: PodDisruptionBudgetSpec: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field MinAvailable", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.MinAvailable == nil {
+				m.MinAvailable = &k8s_io_apimachinery_pkg_util_intstr.IntOrString{}
+			}
+			if err := m.MinAvailable.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Selector", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Selector == nil {
+				m.Selector = &k8s_io_apimachinery_pkg_apis_meta_v1.LabelSelector{}
+			}
+			if err := m.Selector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field MaxUnavailable", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.MaxUnavailable == nil {
+				m.MaxUnavailable = &k8s_io_apimachinery_pkg_util_intstr.IntOrString{}
+			}
+			if err := m.MaxUnavailable.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *PodDisruptionBudgetStatus) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: PodDisruptionBudgetStatus: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: PodDisruptionBudgetStatus: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObservedGeneration", wireType)
+			}
+			m.ObservedGeneration = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.ObservedGeneration |= (int64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field DisruptedPods", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			var keykey uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				keykey |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			var stringLenmapkey uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLenmapkey |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLenmapkey := int(stringLenmapkey)
+			if intStringLenmapkey < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postStringIndexmapkey := iNdEx + intStringLenmapkey
+			if postStringIndexmapkey > l {
+				return io.ErrUnexpectedEOF
+			}
+			mapkey := string(dAtA[iNdEx:postStringIndexmapkey])
+			iNdEx = postStringIndexmapkey
+			if m.DisruptedPods == nil {
+				m.DisruptedPods = make(map[string]k8s_io_apimachinery_pkg_apis_meta_v1.Time)
+			}
+			if iNdEx < postIndex {
+				var valuekey uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					valuekey |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				var mapmsglen int
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					mapmsglen |= (int(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				if mapmsglen < 0 {
+					return ErrInvalidLengthGenerated
+				}
+				postmsgIndex := iNdEx + mapmsglen
+				if mapmsglen < 0 {
+					return ErrInvalidLengthGenerated
+				}
+				if postmsgIndex > l {
+					return io.ErrUnexpectedEOF
+				}
+				mapvalue := &k8s_io_apimachinery_pkg_apis_meta_v1.Time{}
+				if err := mapvalue.Unmarshal(dAtA[iNdEx:postmsgIndex]); err != nil {
+					return err
+				}
+				iNdEx = postmsgIndex
+				m.DisruptedPods[mapkey] = *mapvalue
+			} else {
+				var mapvalue k8s_io_apimachinery_pkg_apis_meta_v1.Time
+				m.DisruptedPods[mapkey] = mapvalue
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field PodDisruptionsAllowed", wireType)
+			}
+			m.PodDisruptionsAllowed = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.PodDisruptionsAllowed |= (int32(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		case 4:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field CurrentHealthy", wireType)
+			}
+			m.CurrentHealthy = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.CurrentHealthy |= (int32(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		case 5:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field DesiredHealthy", wireType)
+			}
+			m.DesiredHealthy = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.DesiredHealthy |= (int32(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		case 6:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ExpectedPods", wireType)
+			}
+			m.ExpectedPods = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.ExpectedPods |= (int32(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *PodSecurityPolicy) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: PodSecurityPolicy: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: PodSecurityPolicy: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *PodSecurityPolicyList) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: PodSecurityPolicyList: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: PodSecurityPolicyList: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Items = append(m.Items, PodSecurityPolicy{})
+			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *PodSecurityPolicySpec) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
 	for iNdEx < l {
 		preIndex := iNdEx
 		var wire uint64
@@ -521,28 +2858,184 @@ func (m *Eviction) Unmarshal(dAtA []byte) error {
 			if shift >= 64 {
 				return ErrIntOverflowGenerated
 			}
-			if iNdEx >= l {
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: PodSecurityPolicySpec: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: PodSecurityPolicySpec: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Privileged", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.Privileged = bool(v != 0)
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field DefaultAddCapabilities", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.DefaultAddCapabilities = append(m.DefaultAddCapabilities, k8s_io_api_core_v1.Capability(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field RequiredDropCapabilities", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			b := dAtA[iNdEx]
-			iNdEx++
-			wire |= (uint64(b) & 0x7F) << shift
-			if b < 0x80 {
-				break
+			m.RequiredDropCapabilities = append(m.RequiredDropCapabilities, k8s_io_api_core_v1.Capability(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field AllowedCapabilities", wireType)
 			}
-		}
-		fieldNum := int32(wire >> 3)
-		wireType := int(wire & 0x7)
-		if wireType == 4 {
-			return fmt.Errorf("proto: Eviction: wiretype end group for non-group")
-		}
-		if fieldNum <= 0 {
-			return fmt.Errorf("proto: Eviction: illegal tag %d (wire type %d)", fieldNum, wire)
-		}
-		switch fieldNum {
-		case 1:
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.AllowedCapabilities = append(m.AllowedCapabilities, k8s_io_api_core_v1.Capability(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
+		case 5:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Volumes", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Volumes = append(m.Volumes, FSType(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
+		case 6:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field HostNetwork", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.HostNetwork = bool(v != 0)
+		case 7:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field HostPorts", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -566,13 +3059,54 @@ func (m *Eviction) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.HostPorts = append(m.HostPorts, HostPortRange{})
+			if err := m.HostPorts[len(m.HostPorts)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		case 2:
+		case 8:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field HostPID", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.HostPID = bool(v != 0)
+		case 9:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field HostIPC", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.HostIPC = bool(v != 0)
+		case 10:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field DeleteOptions", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field SELinux", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -596,66 +3130,73 @@ func (m *Eviction) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.DeleteOptions == nil {
-				m.DeleteOptions = &k8s_io_apimachinery_pkg_apis_meta_v1.DeleteOptions{}
-			}
-			if err := m.DeleteOptions.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.SELinux.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		default:
-			iNdEx = preIndex
-			skippy, err := skipGenerated(dAtA[iNdEx:])
-			if err != nil {
-				return err
+		case 11:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field RunAsUser", wireType)
 			}
-			if skippy < 0 {
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			if (iNdEx + skippy) > l {
+			postIndex := iNdEx + msglen
+			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			iNdEx += skippy
-		}
-	}
-
-	if iNdEx > l {
-		return io.ErrUnexpectedEOF
-	}
-	return nil
-}
-func (m *PodDisruptionBudget) Unmarshal(dAtA []byte) error {
-	l := len(dAtA)
-	iNdEx := 0
-	for iNdEx < l {
-		preIndex := iNdEx
-		var wire uint64
-		for shift := uint(0); ; shift += 7 {
-			if shift >= 64 {
-				return ErrIntOverflowGenerated
+			if err := m.RunAsUser.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
 			}
-			if iNdEx >= l {
+			iNdEx = postIndex
+		case 12:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field SupplementalGroups", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			b := dAtA[iNdEx]
-			iNdEx++
-			wire |= (uint64(b) & 0x7F) << shift
-			if b < 0x80 {
-				break
+			if err := m.SupplementalGroups.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
 			}
-		}
-		fieldNum := int32(wire >> 3)
-		wireType := int(wire & 0x7)
-		if wireType == 4 {
-			return fmt.Errorf("proto: PodDisruptionBudget: wiretype end group for non-group")
-		}
-		if fieldNum <= 0 {
-			return fmt.Errorf("proto: PodDisruptionBudget: illegal tag %d (wire type %d)", fieldNum, wire)
-		}
-		switch fieldNum {
-		case 1:
+			iNdEx = postIndex
+		case 13:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field FSGroup", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -679,13 +3220,75 @@ func (m *PodDisruptionBudget) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.FSGroup.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		case 2:
+		case 14:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ReadOnlyRootFilesystem", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.ReadOnlyRootFilesystem = bool(v != 0)
+		case 15:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field DefaultAllowPrivilegeEscalation", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			b := bool(v != 0)
+			m.DefaultAllowPrivilegeEscalation = &b
+		case 16:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field AllowPrivilegeEscalation", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			b := bool(v != 0)
+			m.AllowPrivilegeEscalation = &b
+		case 17:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field AllowedHostPaths", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -709,13 +3312,14 @@ func (m *PodDisruptionBudget) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.AllowedHostPaths = append(m.AllowedHostPaths, AllowedHostPath{})
+			if err := m.AllowedHostPaths[len(m.AllowedHostPaths)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		case 3:
+		case 18:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field AllowedFlexVolumes", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -739,7 +3343,8 @@ func (m *PodDisruptionBudget) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.Status.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.AllowedFlexVolumes = append(m.AllowedFlexVolumes, AllowedFlexVolume{})
+			if err := m.AllowedFlexVolumes[len(m.AllowedFlexVolumes)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -764,7 +3369,7 @@ func (m *PodDisruptionBudget) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *PodDisruptionBudgetList) Unmarshal(dAtA []byte) error {
+func (m *RunAsUserStrategyOptions) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -787,17 +3392,17 @@ func (m *PodDisruptionBudgetList) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: PodDisruptionBudgetList: wiretype end group for non-group")
+			return fmt.Errorf("proto: RunAsUserStrategyOptions: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: PodDisruptionBudgetList: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: RunAsUserStrategyOptions: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Rule", wireType)
 			}
-			var msglen int
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -807,25 +3412,24 @@ func (m *PodDisruptionBudgetList) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= (int(b) & 0x7F) << shift
+				stringLen |= (uint64(b) & 0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + msglen
+			postIndex := iNdEx + intStringLen
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
+			m.Rule = RunAsUserStrategy(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Ranges", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -849,8 +3453,8 @@ func (m *PodDisruptionBudgetList) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Items = append(m.Items, PodDisruptionBudget{})
-			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.Ranges = append(m.Ranges, IDRange{})
+			if err := m.Ranges[len(m.Ranges)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -875,7 +3479,7 @@ func (m *PodDisruptionBudgetList) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *PodDisruptionBudgetSpec) Unmarshal(dAtA []byte) error {
+func (m *SELinuxStrategyOptions) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -898,17 +3502,17 @@ func (m *PodDisruptionBudgetSpec) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: PodDisruptionBudgetSpec: wiretype end group for non-group")
+			return fmt.Errorf("proto: SELinuxStrategyOptions: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: PodDisruptionBudgetSpec: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: SELinuxStrategyOptions: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field MinAvailable", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Rule", wireType)
 			}
-			var msglen int
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -918,61 +3522,24 @@ func (m *PodDisruptionBudgetSpec) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= (int(b) & 0x7F) << shift
+				stringLen |= (uint64(b) & 0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + msglen
+			postIndex := iNdEx + intStringLen
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.MinAvailable == nil {
-				m.MinAvailable = &k8s_io_apimachinery_pkg_util_intstr.IntOrString{}
-			}
-			if err := m.MinAvailable.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
+			m.Rule = SELinuxStrategy(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Selector", wireType)
-			}
-			var msglen int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				msglen |= (int(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			if msglen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + msglen
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			if m.Selector == nil {
-				m.Selector = &k8s_io_apimachinery_pkg_apis_meta_v1.LabelSelector{}
-			}
-			if err := m.Selector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
-			iNdEx = postIndex
-		case 3:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field MaxUnavailable", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field SELinuxOptions", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -996,10 +3563,10 @@ func (m *PodDisruptionBudgetSpec) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.MaxUnavailable == nil {
-				m.MaxUnavailable = &k8s_io_apimachinery_pkg_util_intstr.IntOrString{}
+			if m.SELinuxOptions == nil {
+				m.SELinuxOptions = &k8s_io_api_core_v1.SELinuxOptions{}
 			}
-			if err := m.MaxUnavailable.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.SELinuxOptions.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -1024,7 +3591,7 @@ func (m *PodDisruptionBudgetSpec) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *PodDisruptionBudgetStatus) Unmarshal(dAtA []byte) error {
+func (m *SupplementalGroupsStrategyOptions) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -1047,17 +3614,17 @@ func (m *PodDisruptionBudgetStatus) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: PodDisruptionBudgetStatus: wiretype end group for non-group")
+			return fmt.Errorf("proto: SupplementalGroupsStrategyOptions: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: PodDisruptionBudgetStatus: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: SupplementalGroupsStrategyOptions: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
-			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ObservedGeneration", wireType)
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Rule", wireType)
 			}
-			m.ObservedGeneration = 0
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -1067,14 +3634,24 @@ func (m *PodDisruptionBudgetStatus) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				m.ObservedGeneration |= (int64(b) & 0x7F) << shift
+				stringLen |= (uint64(b) & 0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Rule = SupplementalGroupsStrategyType(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field DisruptedPods", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Ranges", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -1098,177 +3675,11 @@ func (m *PodDisruptionBudgetStatus) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			var keykey uint64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				keykey |= (uint64(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			var stringLenmapkey uint64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				stringLenmapkey |= (uint64(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			intStringLenmapkey := int(stringLenmapkey)
-			if intStringLenmapkey < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postStringIndexmapkey := iNdEx + intStringLenmapkey
-			if postStringIndexmapkey > l {
-				return io.ErrUnexpectedEOF
-			}
-			mapkey := string(dAtA[iNdEx:postStringIndexmapkey])
-			iNdEx = postStringIndexmapkey
-			if m.DisruptedPods == nil {
-				m.DisruptedPods = make(map[string]k8s_io_apimachinery_pkg_apis_meta_v1.Time)
-			}
-			if iNdEx < postIndex {
-				var valuekey uint64
-				for shift := uint(0); ; shift += 7 {
-					if shift >= 64 {
-						return ErrIntOverflowGenerated
-					}
-					if iNdEx >= l {
-						return io.ErrUnexpectedEOF
-					}
-					b := dAtA[iNdEx]
-					iNdEx++
-					valuekey |= (uint64(b) & 0x7F) << shift
-					if b < 0x80 {
-						break
-					}
-				}
-				var mapmsglen int
-				for shift := uint(0); ; shift += 7 {
-					if shift >= 64 {
-						return ErrIntOverflowGenerated
-					}
-					if iNdEx >= l {
-						return io.ErrUnexpectedEOF
-					}
-					b := dAtA[iNdEx]
-					iNdEx++
-					mapmsglen |= (int(b) & 0x7F) << shift
-					if b < 0x80 {
-						break
-					}
-				}
-				if mapmsglen < 0 {
-					return ErrInvalidLengthGenerated
-				}
-				postmsgIndex := iNdEx + mapmsglen
-				if mapmsglen < 0 {
-					return ErrInvalidLengthGenerated
-				}
-				if postmsgIndex > l {
-					return io.ErrUnexpectedEOF
-				}
-				mapvalue := &k8s_io_apimachinery_pkg_apis_meta_v1.Time{}
-				if err := mapvalue.Unmarshal(dAtA[iNdEx:postmsgIndex]); err != nil {
-					return err
-				}
-				iNdEx = postmsgIndex
-				m.DisruptedPods[mapkey] = *mapvalue
-			} else {
-				var mapvalue k8s_io_apimachinery_pkg_apis_meta_v1.Time
-				m.DisruptedPods[mapkey] = mapvalue
+			m.Ranges = append(m.Ranges, IDRange{})
+			if err := m.Ranges[len(m.Ranges)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
 			}
 			iNdEx = postIndex
-		case 3:
-			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field PodDisruptionsAllowed", wireType)
-			}
-			m.PodDisruptionsAllowed = 0
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				m.PodDisruptionsAllowed |= (int32(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-		case 4:
-			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field CurrentHealthy", wireType)
-			}
-			m.CurrentHealthy = 0
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				m.CurrentHealthy |= (int32(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-		case 5:
-			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field DesiredHealthy", wireType)
-			}
-			m.DesiredHealthy = 0
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				m.DesiredHealthy |= (int32(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-		case 6:
-			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ExpectedPods", wireType)
-			}
-			m.ExpectedPods = 0
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				m.ExpectedPods |= (int32(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -1400,55 +3811,106 @@ func init() {
 }
 
 var fileDescriptorGenerated = []byte{
-	// 795 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x94, 0x41, 0x6f, 0xdc, 0x44,
-	0x14, 0xc7, 0xd7, 0xd9, 0x6c, 0x08, 0xc3, 0xee, 0x2a, 0x0c, 0x14, 0xd2, 0x95, 0xf0, 0xa2, 0x3d,
-	0x21, 0xa4, 0x8e, 0x49, 0x5b, 0xa1, 0x88, 0x03, 0xa2, 0x26, 0x51, 0x29, 0x6a, 0x94, 0x6a, 0x52,
-	0x2e, 0xa8, 0x48, 0x8c, 0xed, 0x57, 0x67, 0x58, 0xdb, 0x63, 0xcd, 0x8c, 0x4d, 0xf7, 0xc6, 0x81,
-	0x0f, 0xc0, 0xf7, 0xe0, 0x8b, 0xe4, 0x80, 0x50, 0x8f, 0x15, 0x87, 0x15, 0x31, 0xe2, 0x7b, 0x20,
-	0xdb, 0xb3, 0x9b, 0xf5, 0xee, 0x46, 0xdd, 0xe6, 0xc0, 0xcd, 0xf3, 0xde, 0xfb, 0xff, 0x9e, 0xdf,
-	0x7f, 0x9e, 0x8d, 0xdc, 0xf1, 0xa1, 0x22, 0x5c, 0x38, 0xe3, 0xcc, 0x03, 0x99, 0x80, 0x06, 0xe5,
-	0xe4, 0x90, 0x04, 0x42, 0x3a, 0x26, 0xc1, 0x52, 0xee, 0xa4, 0x22, 0xe2, 0xfe, 0xc4, 0xc9, 0x0f,
-	0x3c, 0xd0, 0xec, 0xc0, 0x09, 0x21, 0x01, 0xc9, 0x34, 0x04, 0x24, 0x95, 0x42, 0x0b, 0x7c, 0xbb,
-	0x2e, 0x25, 0x2c, 0xe5, 0xa4, 0x2e, 0x25, 0xa6, 0x74, 0x70, 0x27, 0xe4, 0xfa, 0x3c, 0xf3, 0x88,
-	0x2f, 0x62, 0x27, 0x14, 0xa1, 0x70, 0x2a, 0x85, 0x97, 0x3d, 0xaf, 0x4e, 0xd5, 0xa1, 0x7a, 0xaa,
-	0x49, 0x83, 0xd1, 0x42, 0x53, 0x5f, 0x48, 0x70, 0xf2, 0x95, 0x6e, 0x83, 0xfb, 0x57, 0x35, 0x31,
-	0xf3, 0xcf, 0x79, 0x02, 0x72, 0xe2, 0xa4, 0xe3, 0xb0, 0x0c, 0x28, 0x27, 0x06, 0xcd, 0xd6, 0xa9,
-	0x9c, 0xeb, 0x54, 0x32, 0x4b, 0x34, 0x8f, 0x61, 0x45, 0xf0, 0xf9, 0xeb, 0x04, 0xca, 0x3f, 0x87,
-	0x98, 0xad, 0xe8, 0xee, 0x5d, 0xa7, 0xcb, 0x34, 0x8f, 0x1c, 0x9e, 0x68, 0xa5, 0xe5, 0xb2, 0x68,
-	0xf4, 0x97, 0x85, 0x76, 0x8f, 0x73, 0xee, 0x6b, 0x2e, 0x12, 0xfc, 0x23, 0xda, 0x2d, 0xa7, 0x08,
-	0x98, 0x66, 0xfb, 0xd6, 0xc7, 0xd6, 0x27, 0xef, 0xdc, 0xfd, 0x8c, 0x5c, 0x39, 0x3c, 0x87, 0x92,
-	0x74, 0x1c, 0x96, 0x01, 0x45, 0xca, 0x6a, 0x92, 0x1f, 0x90, 0x53, 0xef, 0x27, 0xf0, 0xf5, 0x09,
-	0x68, 0xe6, 0xe2, 0x8b, 0xe9, 0xb0, 0x55, 0x4c, 0x87, 0xe8, 0x2a, 0x46, 0xe7, 0x54, 0x1c, 0xa1,
-	0x5e, 0x00, 0x11, 0x68, 0x38, 0x4d, 0xcb, 0x8e, 0x6a, 0x7f, 0xab, 0x6a, 0x73, 0x6f, 0xb3, 0x36,
-	0x47, 0x8b, 0x52, 0xf7, 0xdd, 0x62, 0x3a, 0xec, 0x35, 0x42, 0xb4, 0x09, 0x1f, 0xfd, 0xbe, 0x85,
-	0xde, 0x7b, 0x22, 0x82, 0x23, 0xae, 0x64, 0x56, 0x85, 0xdc, 0x2c, 0x08, 0x41, 0xff, 0x0f, 0x73,
-	0x3e, 0x45, 0xdb, 0x2a, 0x05, 0xdf, 0x8c, 0x77, 0x97, 0x5c, 0xbb, 0xa7, 0x64, 0xcd, 0xfb, 0x9d,
-	0xa5, 0xe0, 0xbb, 0x5d, 0xc3, 0xdf, 0x2e, 0x4f, 0xb4, 0xa2, 0xe1, 0x67, 0x68, 0x47, 0x69, 0xa6,
-	0x33, 0xb5, 0xdf, 0xae, 0xb8, 0xf7, 0xdf, 0x90, 0x5b, 0x69, 0xdd, 0xbe, 0x21, 0xef, 0xd4, 0x67,
-	0x6a, 0x98, 0xa3, 0x3f, 0x2c, 0xf4, 0xe1, 0x1a, 0xd5, 0x63, 0xae, 0x34, 0x7e, 0xb6, 0xe2, 0x18,
-	0xd9, 0xcc, 0xb1, 0x52, 0x5d, 0xf9, 0xb5, 0x67, 0xba, 0xee, 0xce, 0x22, 0x0b, 0x6e, 0x9d, 0xa1,
-	0x0e, 0xd7, 0x10, 0x97, 0xdb, 0xd0, 0x5e, 0x42, 0x6f, 0x30, 0x96, 0xdb, 0x33, 0xe8, 0xce, 0xa3,
-	0x12, 0x42, 0x6b, 0xd6, 0xe8, 0xcf, 0xad, 0xb5, 0xe3, 0x94, 0x76, 0xe2, 0xe7, 0xa8, 0x1b, 0xf3,
-	0xe4, 0x41, 0xce, 0x78, 0xc4, 0xbc, 0x08, 0x5e, 0xbb, 0x04, 0xe5, 0x17, 0x44, 0xea, 0x2f, 0x88,
-	0x3c, 0x4a, 0xf4, 0xa9, 0x3c, 0xd3, 0x92, 0x27, 0xa1, 0xbb, 0x57, 0x4c, 0x87, 0xdd, 0x93, 0x05,
-	0x12, 0x6d, 0x70, 0xf1, 0x0f, 0x68, 0x57, 0x41, 0x04, 0xbe, 0x16, 0xf2, 0xcd, 0x36, 0xfd, 0x31,
-	0xf3, 0x20, 0x3a, 0x33, 0x52, 0xb7, 0x5b, 0xfa, 0x36, 0x3b, 0xd1, 0x39, 0x12, 0x47, 0xa8, 0x1f,
-	0xb3, 0x17, 0xdf, 0x25, 0x6c, 0x3e, 0x48, 0xfb, 0x86, 0x83, 0xe0, 0x62, 0x3a, 0xec, 0x9f, 0x34,
-	0x58, 0x74, 0x89, 0x3d, 0xfa, 0x77, 0x1b, 0xdd, 0xbe, 0x76, 0xab, 0xf0, 0xb7, 0x08, 0x0b, 0x4f,
-	0x81, 0xcc, 0x21, 0x78, 0x58, 0xff, 0x63, 0xb8, 0x48, 0x2a, 0x63, 0xdb, 0xee, 0xc0, 0x5c, 0x10,
-	0x3e, 0x5d, 0xa9, 0xa0, 0x6b, 0x54, 0xf8, 0x57, 0x0b, 0xf5, 0x82, 0xba, 0x0d, 0x04, 0x4f, 0x44,
-	0x30, 0x5b, 0x8c, 0x87, 0x37, 0xd9, 0x77, 0x72, 0xb4, 0x48, 0x3a, 0x4e, 0xb4, 0x9c, 0xb8, 0xb7,
-	0xcc, 0x0b, 0xf5, 0x1a, 0x39, 0xda, 0x6c, 0x8a, 0x4f, 0x10, 0x0e, 0xe6, 0x48, 0xf5, 0x20, 0x8a,
-	0xc4, 0xcf, 0x10, 0x54, 0x16, 0x77, 0xdc, 0x8f, 0x0c, 0xe1, 0x56, 0xa3, 0xef, 0xac, 0x88, 0xae,
-	0x11, 0xe2, 0x2f, 0x51, 0xdf, 0xcf, 0xa4, 0x84, 0x44, 0x7f, 0x03, 0x2c, 0xd2, 0xe7, 0x93, 0xfd,
-	0xed, 0x0a, 0xf5, 0x81, 0x41, 0xf5, 0xbf, 0x6e, 0x64, 0xe9, 0x52, 0x75, 0xa9, 0x0f, 0x40, 0x71,
-	0x09, 0xc1, 0x4c, 0xdf, 0x69, 0xea, 0x8f, 0x1a, 0x59, 0xba, 0x54, 0x8d, 0x0f, 0x51, 0x17, 0x5e,
-	0xa4, 0xe0, 0xcf, 0x3c, 0xdd, 0xa9, 0xd4, 0xef, 0x1b, 0x75, 0xf7, 0x78, 0x21, 0x47, 0x1b, 0x95,
-	0x83, 0x08, 0xe1, 0x55, 0x13, 0xf1, 0x1e, 0x6a, 0x8f, 0x61, 0x52, 0x5d, 0xf1, 0xdb, 0xb4, 0x7c,
-	0xc4, 0x5f, 0xa1, 0x4e, 0xce, 0xa2, 0x0c, 0xcc, 0xae, 0x7f, 0xba, 0xd9, 0xae, 0x3f, 0xe5, 0x31,
-	0xd0, 0x5a, 0xf8, 0xc5, 0xd6, 0xa1, 0xe5, 0xde, 0xb9, 0xb8, 0xb4, 0x5b, 0x2f, 0x2f, 0xed, 0xd6,
-	0xab, 0x4b, 0xbb, 0xf5, 0x4b, 0x61, 0x5b, 0x17, 0x85, 0x6d, 0xbd, 0x2c, 0x6c, 0xeb, 0x55, 0x61,
-	0x5b, 0x7f, 0x17, 0xb6, 0xf5, 0xdb, 0x3f, 0x76, 0xeb, 0xfb, 0xb7, 0xcc, 0xc5, 0xff, 0x17, 0x00,
-	0x00, 0xff, 0xff, 0x00, 0xc0, 0xac, 0xb5, 0x48, 0x08, 0x00, 0x00,
+	// 1605 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x58, 0x4f, 0x6f, 0x1b, 0xb9,
+	0x15, 0xf7, 0x58, 0xb6, 0x65, 0xd3, 0xf2, 0x3f, 0xba, 0x76, 0x27, 0x46, 0x23, 0x35, 0x0a, 0x50,
+	0xa4, 0x41, 0x33, 0x8a, 0x9d, 0xa4, 0x35, 0x9a, 0xb6, 0xa8, 0xc7, 0xf2, 0xbf, 0x20, 0xae, 0x55,
+	0x2a, 0x09, 0xda, 0x22, 0x2d, 0x4a, 0x69, 0x68, 0x89, 0xf1, 0x68, 0x66, 0x4a, 0x72, 0x14, 0xe9,
+	0xd6, 0x43, 0x0f, 0x3d, 0xf6, 0x0b, 0xf4, 0x13, 0x14, 0x3d, 0xed, 0x97, 0xf0, 0x02, 0x8b, 0x45,
+	0x8e, 0xc1, 0x1e, 0x84, 0x8d, 0x16, 0xfb, 0x25, 0x72, 0x5a, 0x0c, 0xc5, 0x91, 0x34, 0x33, 0x92,
+	0x1c, 0x07, 0x48, 0x6e, 0x1a, 0xbe, 0xdf, 0xef, 0xf7, 0x1e, 0x1f, 0xc9, 0xc7, 0x47, 0x01, 0xf3,
+	0x62, 0x97, 0x1b, 0xd4, 0x2d, 0x5c, 0xf8, 0x15, 0xc2, 0x1c, 0x22, 0x08, 0x2f, 0x34, 0x89, 0x63,
+	0xb9, 0xac, 0xa0, 0x0c, 0xd8, 0xa3, 0x05, 0xcf, 0xb5, 0x69, 0xb5, 0x5d, 0x68, 0x6e, 0x57, 0x88,
+	0xc0, 0xdb, 0x85, 0x1a, 0x71, 0x08, 0xc3, 0x82, 0x58, 0x86, 0xc7, 0x5c, 0xe1, 0xc2, 0x1b, 0x3d,
+	0xa8, 0x81, 0x3d, 0x6a, 0xf4, 0xa0, 0x86, 0x82, 0x6e, 0xdd, 0xab, 0x51, 0x51, 0xf7, 0x2b, 0x46,
+	0xd5, 0x6d, 0x14, 0x6a, 0x6e, 0xcd, 0x2d, 0x48, 0x46, 0xc5, 0x3f, 0x97, 0x5f, 0xf2, 0x43, 0xfe,
+	0xea, 0x29, 0x6d, 0xe5, 0x87, 0x9c, 0x56, 0x5d, 0x46, 0x0a, 0xcd, 0x84, 0xb7, 0xad, 0x87, 0x03,
+	0x4c, 0x03, 0x57, 0xeb, 0xd4, 0x21, 0xac, 0x5d, 0xf0, 0x2e, 0x6a, 0xc1, 0x00, 0x2f, 0x34, 0x88,
+	0xc0, 0xa3, 0x58, 0x85, 0x71, 0x2c, 0xe6, 0x3b, 0x82, 0x36, 0x48, 0x82, 0xf0, 0xcb, 0xab, 0x08,
+	0xbc, 0x5a, 0x27, 0x0d, 0x9c, 0xe0, 0x3d, 0x18, 0xc7, 0xf3, 0x05, 0xb5, 0x0b, 0xd4, 0x11, 0x5c,
+	0xb0, 0x38, 0x29, 0xff, 0x18, 0xac, 0xed, 0xd9, 0xb6, 0xfb, 0x9a, 0x58, 0x87, 0x36, 0x69, 0xbd,
+	0x70, 0x6d, 0xbf, 0x41, 0xe0, 0xcf, 0xc0, 0x9c, 0xc5, 0x68, 0x93, 0x30, 0x5d, 0xfb, 0xa9, 0x76,
+	0x67, 0xc1, 0x5c, 0xbe, 0xec, 0xe4, 0xa6, 0xba, 0x9d, 0xdc, 0x5c, 0x51, 0x8e, 0x22, 0x65, 0xcd,
+	0x1f, 0x80, 0x15, 0x45, 0x3e, 0x76, 0xb9, 0x28, 0x61, 0x51, 0x87, 0x3b, 0x00, 0x78, 0x58, 0xd4,
+	0x4b, 0x8c, 0x9c, 0xd3, 0x96, 0xa2, 0x43, 0x45, 0x07, 0xa5, 0xbe, 0x05, 0x0d, 0xa1, 0xf2, 0xdf,
+	0x68, 0x60, 0xfe, 0xa0, 0x49, 0xab, 0x82, 0xba, 0x0e, 0xfc, 0x3b, 0x98, 0x0f, 0x32, 0x69, 0x61,
+	0x81, 0x25, 0x7d, 0x71, 0xe7, 0xbe, 0x31, 0x58, 0xe5, 0xfe, 0xc4, 0x0c, 0xef, 0xa2, 0x16, 0x0c,
+	0x70, 0x23, 0x40, 0x1b, 0xcd, 0x6d, 0xe3, 0xac, 0xf2, 0x8a, 0x54, 0xc5, 0x29, 0x11, 0x78, 0xe0,
+	0x70, 0x30, 0x86, 0xfa, 0xaa, 0xd0, 0x06, 0x4b, 0x16, 0xb1, 0x89, 0x20, 0x67, 0x5e, 0xe0, 0x91,
+	0xeb, 0xd3, 0xd2, 0xcd, 0x83, 0x0f, 0x73, 0x53, 0x1c, 0xa6, 0x9a, 0x6b, 0xdd, 0x4e, 0x6e, 0x29,
+	0x32, 0x84, 0xa2, 0xe2, 0xf9, 0xff, 0x6a, 0x60, 0xf3, 0xb0, 0x7c, 0xc4, 0x5c, 0xdf, 0x2b, 0x8b,
+	0x20, 0xf3, 0xb5, 0xb6, 0x32, 0xc1, 0x5f, 0x81, 0x19, 0xe6, 0xdb, 0x44, 0x65, 0xe9, 0xb6, 0x0a,
+	0x7a, 0x06, 0xf9, 0x36, 0x79, 0xdf, 0xc9, 0xad, 0xc7, 0x58, 0xcf, 0xda, 0x1e, 0x41, 0x92, 0x00,
+	0x9f, 0x80, 0x39, 0x86, 0x9d, 0x1a, 0x09, 0x42, 0x4f, 0xdd, 0x59, 0xdc, 0xc9, 0x1b, 0x63, 0xcf,
+	0x81, 0x71, 0x52, 0x44, 0x01, 0x74, 0xb0, 0x86, 0xf2, 0x93, 0x23, 0xa5, 0x90, 0x3f, 0x05, 0x4b,
+	0x72, 0xf1, 0x5c, 0x26, 0xa4, 0x05, 0xde, 0x04, 0xa9, 0x06, 0x75, 0x64, 0x50, 0xb3, 0xe6, 0xa2,
+	0x62, 0xa5, 0x4e, 0xa9, 0x83, 0x82, 0x71, 0x69, 0xc6, 0x2d, 0x99, 0xb3, 0x61, 0x33, 0x6e, 0xa1,
+	0x60, 0x3c, 0x7f, 0x04, 0xd2, 0xca, 0xe3, 0xb0, 0x50, 0x6a, 0xb2, 0x50, 0x6a, 0x84, 0xd0, 0xff,
+	0xa6, 0xc1, 0x7a, 0xc9, 0xb5, 0x8a, 0x94, 0x33, 0x5f, 0xe6, 0xcb, 0xf4, 0xad, 0x1a, 0x11, 0x9f,
+	0x61, 0x7f, 0x3c, 0x03, 0x33, 0xdc, 0x23, 0x55, 0xb5, 0x2d, 0x76, 0x26, 0xe4, 0x76, 0x44, 0x7c,
+	0x65, 0x8f, 0x54, 0xcd, 0x4c, 0xb8, 0x94, 0xc1, 0x17, 0x92, 0x6a, 0xf0, 0x25, 0x98, 0xe3, 0x02,
+	0x0b, 0x9f, 0xeb, 0x29, 0xa9, 0xfb, 0xf0, 0x9a, 0xba, 0x92, 0x3b, 0x58, 0xc5, 0xde, 0x37, 0x52,
+	0x9a, 0xf9, 0xaf, 0x34, 0xf0, 0xe3, 0x11, 0xac, 0xa7, 0x94, 0x0b, 0xf8, 0x32, 0x91, 0x31, 0xe3,
+	0xc3, 0x32, 0x16, 0xb0, 0x65, 0xbe, 0x56, 0x95, 0xd7, 0xf9, 0x70, 0x64, 0x28, 0x5b, 0x65, 0x30,
+	0x4b, 0x05, 0x69, 0x84, 0x5b, 0xd1, 0xb8, 0xde, 0xb4, 0xcc, 0x25, 0x25, 0x3d, 0x7b, 0x12, 0x88,
+	0xa0, 0x9e, 0x56, 0xfe, 0xeb, 0xe9, 0x91, 0xd3, 0x09, 0xd2, 0x09, 0xcf, 0x41, 0xa6, 0x41, 0x9d,
+	0xbd, 0x26, 0xa6, 0x36, 0xae, 0xa8, 0xd3, 0x33, 0x69, 0x13, 0x04, 0xd5, 0xcf, 0xe8, 0x55, 0x3f,
+	0xe3, 0xc4, 0x11, 0x67, 0xac, 0x2c, 0x18, 0x75, 0x6a, 0xe6, 0x6a, 0xb7, 0x93, 0xcb, 0x9c, 0x0e,
+	0x29, 0xa1, 0x88, 0x2e, 0xfc, 0x2b, 0x98, 0xe7, 0xc4, 0x26, 0x55, 0xe1, 0xb2, 0xeb, 0x55, 0x88,
+	0xa7, 0xb8, 0x42, 0xec, 0xb2, 0xa2, 0x9a, 0x99, 0x20, 0x6f, 0xe1, 0x17, 0xea, 0x4b, 0x42, 0x1b,
+	0x2c, 0x37, 0x70, 0xeb, 0xb9, 0x83, 0xfb, 0x13, 0x49, 0x7d, 0xe4, 0x44, 0x60, 0xb7, 0x93, 0x5b,
+	0x3e, 0x8d, 0x68, 0xa1, 0x98, 0x76, 0xfe, 0xfb, 0x19, 0x70, 0x63, 0xec, 0xae, 0x82, 0x4f, 0x00,
+	0x74, 0x2b, 0x9c, 0xb0, 0x26, 0xb1, 0x8e, 0x7a, 0xf7, 0x03, 0x75, 0xc3, 0x83, 0xbb, 0xa5, 0x16,
+	0x08, 0x9e, 0x25, 0x10, 0x68, 0x04, 0x0b, 0xfe, 0x4b, 0x03, 0x4b, 0x56, 0xcf, 0x0d, 0xb1, 0x4a,
+	0xae, 0x15, 0x6e, 0x8c, 0xa3, 0x8f, 0xd9, 0xef, 0x46, 0x71, 0x58, 0xe9, 0xc0, 0x11, 0xac, 0x6d,
+	0x6e, 0xa8, 0x80, 0x96, 0x22, 0x36, 0x14, 0x75, 0x0a, 0x4f, 0x01, 0xb4, 0xfa, 0x92, 0x5c, 0xdd,
+	0x52, 0x32, 0xc5, 0xb3, 0xe6, 0x4d, 0xa5, 0xb0, 0x11, 0xf1, 0x1b, 0x82, 0xd0, 0x08, 0x22, 0xfc,
+	0x1d, 0x58, 0xae, 0xfa, 0x8c, 0x11, 0x47, 0x1c, 0x13, 0x6c, 0x8b, 0x7a, 0x5b, 0x9f, 0x91, 0x52,
+	0x9b, 0x4a, 0x6a, 0x79, 0x3f, 0x62, 0x45, 0x31, 0x74, 0xc0, 0xb7, 0x08, 0xa7, 0x8c, 0x58, 0x21,
+	0x7f, 0x36, 0xca, 0x2f, 0x46, 0xac, 0x28, 0x86, 0x86, 0xbb, 0x20, 0x43, 0x5a, 0x1e, 0xa9, 0x86,
+	0x39, 0x9d, 0x93, 0xec, 0x1f, 0x29, 0x76, 0xe6, 0x60, 0xc8, 0x86, 0x22, 0xc8, 0x2d, 0x1b, 0xc0,
+	0x64, 0x12, 0xe1, 0x2a, 0x48, 0x5d, 0x90, 0x76, 0xef, 0xe6, 0x41, 0xc1, 0x4f, 0xf8, 0x7b, 0x30,
+	0xdb, 0xc4, 0xb6, 0x4f, 0xd4, 0x5e, 0xbf, 0xfb, 0x61, 0x7b, 0xfd, 0x19, 0x6d, 0x10, 0xd4, 0x23,
+	0xfe, 0x7a, 0x7a, 0x57, 0xcb, 0x7f, 0xa9, 0x81, 0xb5, 0x92, 0x6b, 0x95, 0x49, 0xd5, 0x67, 0x54,
+	0xb4, 0x4b, 0x72, 0x9d, 0x3f, 0x43, 0xcd, 0x46, 0x91, 0x9a, 0x7d, 0x7f, 0xf2, 0x5e, 0x8b, 0x46,
+	0x37, 0xae, 0x62, 0xe7, 0x2f, 0x35, 0xb0, 0x91, 0x40, 0x7f, 0x86, 0x8a, 0xfa, 0xc7, 0x68, 0x45,
+	0xfd, 0xc5, 0x75, 0x26, 0x33, 0xa6, 0x9e, 0xbe, 0xcf, 0x8c, 0x98, 0x8a, 0xac, 0xa6, 0x41, 0xbf,
+	0xc6, 0x68, 0x93, 0xda, 0xa4, 0x46, 0x2c, 0x39, 0x99, 0xf9, 0xa1, 0x7e, 0xad, 0x6f, 0x41, 0x43,
+	0x28, 0xc8, 0xc1, 0xa6, 0x45, 0xce, 0xb1, 0x6f, 0x8b, 0x3d, 0xcb, 0xda, 0xc7, 0x1e, 0xae, 0x50,
+	0x9b, 0x0a, 0xaa, 0xda, 0x91, 0x05, 0xf3, 0x71, 0xb7, 0x93, 0xdb, 0x2c, 0x8e, 0x44, 0xbc, 0xef,
+	0xe4, 0x6e, 0x26, 0x3b, 0x6d, 0xa3, 0x0f, 0x69, 0xa3, 0x31, 0xd2, 0xb0, 0x0d, 0x74, 0x46, 0xfe,
+	0xe1, 0x07, 0x87, 0xa2, 0xc8, 0x5c, 0x2f, 0xe2, 0x36, 0x25, 0xdd, 0xfe, 0xb6, 0xdb, 0xc9, 0xe9,
+	0x68, 0x0c, 0xe6, 0x6a, 0xc7, 0x63, 0xe5, 0xe1, 0x2b, 0xb0, 0x8e, 0x7b, 0x75, 0x20, 0xe2, 0x75,
+	0x46, 0x7a, 0xdd, 0xed, 0x76, 0x72, 0xeb, 0x7b, 0x49, 0xf3, 0xd5, 0x0e, 0x47, 0x89, 0xc2, 0x02,
+	0x48, 0x37, 0x65, 0x13, 0xce, 0xf5, 0x59, 0xa9, 0xbf, 0xd1, 0xed, 0xe4, 0xd2, 0xbd, 0xbe, 0x3c,
+	0xd0, 0x9c, 0x3b, 0x2c, 0xcb, 0x46, 0x30, 0x44, 0xc1, 0x47, 0x60, 0xb1, 0xee, 0x72, 0xf1, 0x07,
+	0x22, 0x5e, 0xbb, 0xec, 0x42, 0x16, 0x86, 0x79, 0x73, 0x5d, 0xad, 0xe0, 0xe2, 0xf1, 0xc0, 0x84,
+	0x86, 0x71, 0xf0, 0xcf, 0x60, 0xa1, 0xae, 0xda, 0x3e, 0xae, 0xa7, 0xe5, 0x46, 0xbb, 0x33, 0x61,
+	0xa3, 0x45, 0x5a, 0x44, 0x73, 0x4d, 0xc9, 0x2f, 0x84, 0xc3, 0x1c, 0x0d, 0xd4, 0xe0, 0xcf, 0x41,
+	0x5a, 0x7e, 0x9c, 0x14, 0xf5, 0x79, 0x19, 0xcd, 0x8a, 0x82, 0xa7, 0x8f, 0x7b, 0xc3, 0x28, 0xb4,
+	0x87, 0xd0, 0x93, 0xd2, 0xbe, 0xbe, 0x90, 0x84, 0x9e, 0x94, 0xf6, 0x51, 0x68, 0x87, 0x2f, 0x41,
+	0x9a, 0x93, 0xa7, 0xd4, 0xf1, 0x5b, 0x3a, 0x90, 0x47, 0x6e, 0x7b, 0x42, 0xb8, 0xe5, 0x03, 0x89,
+	0x8c, 0x35, 0xdc, 0x03, 0x75, 0x65, 0x47, 0xa1, 0x24, 0xb4, 0xc0, 0x02, 0xf3, 0x9d, 0x3d, 0xfe,
+	0x9c, 0x13, 0xa6, 0x2f, 0x26, 0x6e, 0xfb, 0xb8, 0x3e, 0x0a, 0xb1, 0x71, 0x0f, 0xfd, 0xcc, 0xf4,
+	0x11, 0x68, 0x20, 0x0c, 0xff, 0xad, 0x01, 0xc8, 0x7d, 0xcf, 0xb3, 0x49, 0x83, 0x38, 0x02, 0xdb,
+	0xb2, 0xbf, 0xe7, 0x7a, 0x46, 0xfa, 0xfb, 0xcd, 0xa4, 0xf9, 0x24, 0x48, 0x71, 0xc7, 0xfd, 0x6b,
+	0x3a, 0x09, 0x45, 0x23, 0x7c, 0x06, 0xe9, 0x3c, 0xe7, 0xf2, 0xb7, 0xbe, 0x74, 0x65, 0x3a, 0x47,
+	0xbf, 0x5f, 0x06, 0xe9, 0x54, 0x76, 0x14, 0x4a, 0xc2, 0x17, 0x60, 0x93, 0x11, 0x6c, 0x9d, 0x39,
+	0x76, 0x1b, 0xb9, 0xae, 0x38, 0xa4, 0x36, 0xe1, 0x6d, 0x2e, 0x48, 0x43, 0x5f, 0x96, 0xcb, 0x9c,
+	0x55, 0xcc, 0x4d, 0x34, 0x12, 0x85, 0xc6, 0xb0, 0x61, 0x03, 0xe4, 0xc2, 0xf2, 0x10, 0x9c, 0x9d,
+	0x7e, 0x7d, 0x3a, 0xe0, 0x55, 0x6c, 0xf7, 0xba, 0x96, 0x15, 0xe9, 0xe0, 0x76, 0xb7, 0x93, 0xcb,
+	0x15, 0x27, 0x43, 0xd1, 0x55, 0x5a, 0xf0, 0x4f, 0x40, 0xc7, 0xe3, 0xfc, 0xac, 0x4a, 0x3f, 0x3f,
+	0x09, 0x6a, 0xce, 0x58, 0x07, 0x63, 0xd9, 0xd0, 0x03, 0xab, 0x38, 0xfa, 0x72, 0xe6, 0xfa, 0x9a,
+	0x3c, 0x85, 0x77, 0x27, 0xac, 0x43, 0xec, 0xb1, 0x6d, 0xea, 0x2a, 0x8d, 0xab, 0x31, 0x03, 0x47,
+	0x09, 0x75, 0xd8, 0x02, 0x10, 0xc7, 0x1f, 0xfa, 0x5c, 0x87, 0x57, 0x5e, 0x31, 0x89, 0x7f, 0x07,
+	0x06, 0x5b, 0x2d, 0x61, 0xe2, 0x68, 0x84, 0x8f, 0xe0, 0x05, 0xac, 0x8f, 0x3b, 0x30, 0xf0, 0x51,
+	0xe4, 0x0d, 0x7c, 0x2b, 0xf6, 0x06, 0x5e, 0x4b, 0xf0, 0x3e, 0xc1, 0x0b, 0xf8, 0xff, 0x1a, 0xd8,
+	0x1c, 0x5d, 0x30, 0xe0, 0x83, 0x48, 0x74, 0xb9, 0x58, 0x74, 0x2b, 0x31, 0x96, 0x8a, 0xed, 0x6f,
+	0x60, 0x59, 0x95, 0x95, 0xe8, 0x1f, 0x0c, 0x91, 0x18, 0x83, 0xfb, 0x20, 0xe8, 0x08, 0x94, 0x44,
+	0x78, 0xa4, 0x64, 0x2f, 0x1f, 0x1d, 0x43, 0x31, 0xb5, 0xfc, 0x17, 0x1a, 0xb8, 0x75, 0x65, 0x41,
+	0x80, 0x66, 0x24, 0x74, 0x23, 0x16, 0x7a, 0x76, 0xbc, 0xc0, 0xa7, 0xf9, 0x9f, 0xc1, 0xbc, 0x77,
+	0xf9, 0x2e, 0x3b, 0xf5, 0xe6, 0x5d, 0x76, 0xea, 0xed, 0xbb, 0xec, 0xd4, 0x3f, 0xbb, 0x59, 0xed,
+	0xb2, 0x9b, 0xd5, 0xde, 0x74, 0xb3, 0xda, 0xdb, 0x6e, 0x56, 0xfb, 0xb6, 0x9b, 0xd5, 0xfe, 0xf3,
+	0x5d, 0x76, 0xea, 0x2f, 0x69, 0x25, 0xf7, 0x43, 0x00, 0x00, 0x00, 0xff, 0xff, 0xc3, 0x7d, 0x0b,
+	0x1d, 0x1e, 0x14, 0x00, 0x00,
 }
diff --git a/vendor/k8s.io/api/policy/v1beta1/generated.proto b/vendor/k8s.io/api/policy/v1beta1/generated.proto
index 2e01cf3d9b6e..514868a9f859 100644
--- a/vendor/k8s.io/api/policy/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/policy/v1beta1/generated.proto
@@ -30,6 +30,25 @@ import "k8s.io/apimachinery/pkg/util/intstr/generated.proto";
 // Package-wide variables from generator "generated".
 option go_package = "v1beta1";
 
+// AllowedFlexVolume represents a single Flexvolume that is allowed to be used.
+message AllowedFlexVolume {
+  // Driver is the name of the Flexvolume driver.
+  optional string driver = 1;
+}
+
+// defines the host volume conditions that will be enabled by a policy
+// for pods to use. It requires the path prefix to be defined.
+message AllowedHostPath {
+  // is the path prefix that the host volume must match.
+  // It does not support `*`.
+  // Trailing slashes are trimmed when validating the path prefix with a host path.
+  // 
+  // Examples:
+  // `/foo` would allow `/foo`, `/foo/` and `/foo/bar`
+  // `/foo` would not allow `/food` or `/etc/foo`
+  optional string pathPrefix = 1;
+}
+
 // Eviction evicts a pod from its node subject to certain policies and safety constraints.
 // This is a subresource of Pod.  A request to cause such an eviction is
 // created by POSTing to .../pods/<pod name>/evictions.
@@ -41,6 +60,37 @@ message Eviction {
   optional k8s.io.apimachinery.pkg.apis.meta.v1.DeleteOptions deleteOptions = 2;
 }
 
+// FSGroupStrategyOptions defines the strategy type and options used to create the strategy.
+message FSGroupStrategyOptions {
+  // Rule is the strategy that will dictate what FSGroup is used in the SecurityContext.
+  // +optional
+  optional string rule = 1;
+
+  // Ranges are the allowed ranges of fs groups.  If you would like to force a single
+  // fs group then supply a single range with the same start and end.
+  // +optional
+  repeated IDRange ranges = 2;
+}
+
+// Host Port Range defines a range of host ports that will be enabled by a policy
+// for pods to use.  It requires both the start and end to be defined.
+message HostPortRange {
+  // min is the start of the range, inclusive.
+  optional int32 min = 1;
+
+  // max is the end of the range, inclusive.
+  optional int32 max = 2;
+}
+
+// ID Range provides a min/max of an allowed range of IDs.
+message IDRange {
+  // Min is the start of the range, inclusive.
+  optional int64 min = 1;
+
+  // Max is the end of the range, inclusive.
+  optional int64 max = 2;
+}
+
 // PodDisruptionBudget is an object to define the max disruption that can be caused to a collection of pods
 message PodDisruptionBudget {
   optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
@@ -112,3 +162,146 @@ message PodDisruptionBudgetStatus {
   optional int32 expectedPods = 6;
 }
 
+// Pod Security Policy governs the ability to make requests that affect the Security Context
+// that will be applied to a pod and container.
+message PodSecurityPolicy {
+  // Standard object's metadata.
+  // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+  // +optional
+  optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+  // spec defines the policy enforced.
+  // +optional
+  optional PodSecurityPolicySpec spec = 2;
+}
+
+// Pod Security Policy List is a list of PodSecurityPolicy objects.
+message PodSecurityPolicyList {
+  // Standard list metadata.
+  // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+  // +optional
+  optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+  // Items is a list of schema objects.
+  repeated PodSecurityPolicy items = 2;
+}
+
+// Pod Security Policy Spec defines the policy enforced.
+message PodSecurityPolicySpec {
+  // privileged determines if a pod can request to be run as privileged.
+  // +optional
+  optional bool privileged = 1;
+
+  // DefaultAddCapabilities is the default set of capabilities that will be added to the container
+  // unless the pod spec specifically drops the capability.  You may not list a capability in both
+  // DefaultAddCapabilities and RequiredDropCapabilities. Capabilities added here are implicitly
+  // allowed, and need not be included in the AllowedCapabilities list.
+  // +optional
+  repeated string defaultAddCapabilities = 2;
+
+  // RequiredDropCapabilities are the capabilities that will be dropped from the container.  These
+  // are required to be dropped and cannot be added.
+  // +optional
+  repeated string requiredDropCapabilities = 3;
+
+  // AllowedCapabilities is a list of capabilities that can be requested to add to the container.
+  // Capabilities in this field may be added at the pod author's discretion.
+  // You must not list a capability in both AllowedCapabilities and RequiredDropCapabilities.
+  // +optional
+  repeated string allowedCapabilities = 4;
+
+  // volumes is a white list of allowed volume plugins.  Empty indicates that all plugins
+  // may be used.
+  // +optional
+  repeated string volumes = 5;
+
+  // hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
+  // +optional
+  optional bool hostNetwork = 6;
+
+  // hostPorts determines which host port ranges are allowed to be exposed.
+  // +optional
+  repeated HostPortRange hostPorts = 7;
+
+  // hostPID determines if the policy allows the use of HostPID in the pod spec.
+  // +optional
+  optional bool hostPID = 8;
+
+  // hostIPC determines if the policy allows the use of HostIPC in the pod spec.
+  // +optional
+  optional bool hostIPC = 9;
+
+  // seLinux is the strategy that will dictate the allowable labels that may be set.
+  optional SELinuxStrategyOptions seLinux = 10;
+
+  // runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
+  optional RunAsUserStrategyOptions runAsUser = 11;
+
+  // SupplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
+  optional SupplementalGroupsStrategyOptions supplementalGroups = 12;
+
+  // FSGroup is the strategy that will dictate what fs group is used by the SecurityContext.
+  optional FSGroupStrategyOptions fsGroup = 13;
+
+  // ReadOnlyRootFilesystem when set to true will force containers to run with a read only root file
+  // system.  If the container specifically requests to run with a non-read only root file system
+  // the PSP should deny the pod.
+  // If set to false the container may run with a read only root file system if it wishes but it
+  // will not be forced to.
+  // +optional
+  optional bool readOnlyRootFilesystem = 14;
+
+  // DefaultAllowPrivilegeEscalation controls the default setting for whether a
+  // process can gain more privileges than its parent process.
+  // +optional
+  optional bool defaultAllowPrivilegeEscalation = 15;
+
+  // AllowPrivilegeEscalation determines if a pod can request to allow
+  // privilege escalation. If unspecified, defaults to true.
+  // +optional
+  optional bool allowPrivilegeEscalation = 16;
+
+  // is a white list of allowed host paths. Empty indicates that all host paths may be used.
+  // +optional
+  repeated AllowedHostPath allowedHostPaths = 17;
+
+  // AllowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
+  // Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
+  // is allowed in the "Volumes" field.
+  // +optional
+  repeated AllowedFlexVolume allowedFlexVolumes = 18;
+}
+
+// Run A sUser Strategy Options defines the strategy type and any options used to create the strategy.
+message RunAsUserStrategyOptions {
+  // Rule is the strategy that will dictate the allowable RunAsUser values that may be set.
+  optional string rule = 1;
+
+  // Ranges are the allowed ranges of uids that may be used.
+  // +optional
+  repeated IDRange ranges = 2;
+}
+
+// SELinux  Strategy Options defines the strategy type and any options used to create the strategy.
+message SELinuxStrategyOptions {
+  // type is the strategy that will dictate the allowable labels that may be set.
+  optional string rule = 1;
+
+  // seLinuxOptions required to run as; required for MustRunAs
+  // More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+  // +optional
+  optional k8s.io.api.core.v1.SELinuxOptions seLinuxOptions = 2;
+}
+
+// SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy.
+message SupplementalGroupsStrategyOptions {
+  // Rule is the strategy that will dictate what supplemental groups is used in the SecurityContext.
+  // +optional
+  optional string rule = 1;
+
+  // Ranges are the allowed ranges of supplemental groups.  If you would like to force a single
+  // supplemental group then supply a single range with the same start and end.
+  // +optional
+  repeated IDRange ranges = 2;
+}
+
diff --git a/vendor/k8s.io/api/policy/v1beta1/register.go b/vendor/k8s.io/api/policy/v1beta1/register.go
index d77f13040706..b3efd6326b5e 100644
--- a/vendor/k8s.io/api/policy/v1beta1/register.go
+++ b/vendor/k8s.io/api/policy/v1beta1/register.go
@@ -46,6 +46,8 @@ func addKnownTypes(scheme *runtime.Scheme) error {
 	scheme.AddKnownTypes(SchemeGroupVersion,
 		&PodDisruptionBudget{},
 		&PodDisruptionBudgetList{},
+		&PodSecurityPolicy{},
+		&PodSecurityPolicyList{},
 		&Eviction{},
 	)
 	// Add the watch version that applies
diff --git a/vendor/k8s.io/api/policy/v1beta1/types.go b/vendor/k8s.io/api/policy/v1beta1/types.go
index a69a57207567..6cea9615fff5 100644
--- a/vendor/k8s.io/api/policy/v1beta1/types.go
+++ b/vendor/k8s.io/api/policy/v1beta1/types.go
@@ -17,6 +17,7 @@ limitations under the License.
 package v1beta1
 
 import (
+	"k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/util/intstr"
 )
@@ -113,3 +114,255 @@ type Eviction struct {
 	// DeleteOptions may be provided
 	DeleteOptions *metav1.DeleteOptions `json:"deleteOptions,omitempty" protobuf:"bytes,2,opt,name=deleteOptions"`
 }
+
+// +genclient
+// +genclient:nonNamespaced
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// Pod Security Policy governs the ability to make requests that affect the Security Context
+// that will be applied to a pod and container.
+type PodSecurityPolicy struct {
+	metav1.TypeMeta `json:",inline"`
+	// Standard object's metadata.
+	// More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+	// +optional
+	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// spec defines the policy enforced.
+	// +optional
+	Spec PodSecurityPolicySpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
+}
+
+// Pod Security Policy Spec defines the policy enforced.
+type PodSecurityPolicySpec struct {
+	// privileged determines if a pod can request to be run as privileged.
+	// +optional
+	Privileged bool `json:"privileged,omitempty" protobuf:"varint,1,opt,name=privileged"`
+	// DefaultAddCapabilities is the default set of capabilities that will be added to the container
+	// unless the pod spec specifically drops the capability.  You may not list a capability in both
+	// DefaultAddCapabilities and RequiredDropCapabilities. Capabilities added here are implicitly
+	// allowed, and need not be included in the AllowedCapabilities list.
+	// +optional
+	DefaultAddCapabilities []v1.Capability `json:"defaultAddCapabilities,omitempty" protobuf:"bytes,2,rep,name=defaultAddCapabilities,casttype=k8s.io/api/core/v1.Capability"`
+	// RequiredDropCapabilities are the capabilities that will be dropped from the container.  These
+	// are required to be dropped and cannot be added.
+	// +optional
+	RequiredDropCapabilities []v1.Capability `json:"requiredDropCapabilities,omitempty" protobuf:"bytes,3,rep,name=requiredDropCapabilities,casttype=k8s.io/api/core/v1.Capability"`
+	// AllowedCapabilities is a list of capabilities that can be requested to add to the container.
+	// Capabilities in this field may be added at the pod author's discretion.
+	// You must not list a capability in both AllowedCapabilities and RequiredDropCapabilities.
+	// +optional
+	AllowedCapabilities []v1.Capability `json:"allowedCapabilities,omitempty" protobuf:"bytes,4,rep,name=allowedCapabilities,casttype=k8s.io/api/core/v1.Capability"`
+	// volumes is a white list of allowed volume plugins.  Empty indicates that all plugins
+	// may be used.
+	// +optional
+	Volumes []FSType `json:"volumes,omitempty" protobuf:"bytes,5,rep,name=volumes,casttype=FSType"`
+	// hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
+	// +optional
+	HostNetwork bool `json:"hostNetwork,omitempty" protobuf:"varint,6,opt,name=hostNetwork"`
+	// hostPorts determines which host port ranges are allowed to be exposed.
+	// +optional
+	HostPorts []HostPortRange `json:"hostPorts,omitempty" protobuf:"bytes,7,rep,name=hostPorts"`
+	// hostPID determines if the policy allows the use of HostPID in the pod spec.
+	// +optional
+	HostPID bool `json:"hostPID,omitempty" protobuf:"varint,8,opt,name=hostPID"`
+	// hostIPC determines if the policy allows the use of HostIPC in the pod spec.
+	// +optional
+	HostIPC bool `json:"hostIPC,omitempty" protobuf:"varint,9,opt,name=hostIPC"`
+	// seLinux is the strategy that will dictate the allowable labels that may be set.
+	SELinux SELinuxStrategyOptions `json:"seLinux" protobuf:"bytes,10,opt,name=seLinux"`
+	// runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
+	RunAsUser RunAsUserStrategyOptions `json:"runAsUser" protobuf:"bytes,11,opt,name=runAsUser"`
+	// SupplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
+	SupplementalGroups SupplementalGroupsStrategyOptions `json:"supplementalGroups" protobuf:"bytes,12,opt,name=supplementalGroups"`
+	// FSGroup is the strategy that will dictate what fs group is used by the SecurityContext.
+	FSGroup FSGroupStrategyOptions `json:"fsGroup" protobuf:"bytes,13,opt,name=fsGroup"`
+	// ReadOnlyRootFilesystem when set to true will force containers to run with a read only root file
+	// system.  If the container specifically requests to run with a non-read only root file system
+	// the PSP should deny the pod.
+	// If set to false the container may run with a read only root file system if it wishes but it
+	// will not be forced to.
+	// +optional
+	ReadOnlyRootFilesystem bool `json:"readOnlyRootFilesystem,omitempty" protobuf:"varint,14,opt,name=readOnlyRootFilesystem"`
+	// DefaultAllowPrivilegeEscalation controls the default setting for whether a
+	// process can gain more privileges than its parent process.
+	// +optional
+	DefaultAllowPrivilegeEscalation *bool `json:"defaultAllowPrivilegeEscalation,omitempty" protobuf:"varint,15,opt,name=defaultAllowPrivilegeEscalation"`
+	// AllowPrivilegeEscalation determines if a pod can request to allow
+	// privilege escalation. If unspecified, defaults to true.
+	// +optional
+	AllowPrivilegeEscalation *bool `json:"allowPrivilegeEscalation,omitempty" protobuf:"varint,16,opt,name=allowPrivilegeEscalation"`
+	// is a white list of allowed host paths. Empty indicates that all host paths may be used.
+	// +optional
+	AllowedHostPaths []AllowedHostPath `json:"allowedHostPaths,omitempty" protobuf:"bytes,17,rep,name=allowedHostPaths"`
+	// AllowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
+	// Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
+	// is allowed in the "Volumes" field.
+	// +optional
+	AllowedFlexVolumes []AllowedFlexVolume `json:"allowedFlexVolumes,omitempty" protobuf:"bytes,18,rep,name=allowedFlexVolumes"`
+}
+
+// defines the host volume conditions that will be enabled by a policy
+// for pods to use. It requires the path prefix to be defined.
+type AllowedHostPath struct {
+	// is the path prefix that the host volume must match.
+	// It does not support `*`.
+	// Trailing slashes are trimmed when validating the path prefix with a host path.
+	//
+	// Examples:
+	// `/foo` would allow `/foo`, `/foo/` and `/foo/bar`
+	// `/foo` would not allow `/food` or `/etc/foo`
+	PathPrefix string `json:"pathPrefix,omitempty" protobuf:"bytes,1,rep,name=pathPrefix"`
+}
+
+// FS Type gives strong typing to different file systems that are used by volumes.
+type FSType string
+
+var (
+	AzureFile             FSType = "azureFile"
+	Flocker               FSType = "flocker"
+	FlexVolume            FSType = "flexVolume"
+	HostPath              FSType = "hostPath"
+	EmptyDir              FSType = "emptyDir"
+	GCEPersistentDisk     FSType = "gcePersistentDisk"
+	AWSElasticBlockStore  FSType = "awsElasticBlockStore"
+	GitRepo               FSType = "gitRepo"
+	Secret                FSType = "secret"
+	NFS                   FSType = "nfs"
+	ISCSI                 FSType = "iscsi"
+	Glusterfs             FSType = "glusterfs"
+	PersistentVolumeClaim FSType = "persistentVolumeClaim"
+	RBD                   FSType = "rbd"
+	Cinder                FSType = "cinder"
+	CephFS                FSType = "cephFS"
+	DownwardAPI           FSType = "downwardAPI"
+	FC                    FSType = "fc"
+	ConfigMap             FSType = "configMap"
+	Quobyte               FSType = "quobyte"
+	AzureDisk             FSType = "azureDisk"
+	All                   FSType = "*"
+)
+
+// AllowedFlexVolume represents a single Flexvolume that is allowed to be used.
+type AllowedFlexVolume struct {
+	// Driver is the name of the Flexvolume driver.
+	Driver string `json:"driver" protobuf:"bytes,1,opt,name=driver"`
+}
+
+// Host Port Range defines a range of host ports that will be enabled by a policy
+// for pods to use.  It requires both the start and end to be defined.
+type HostPortRange struct {
+	// min is the start of the range, inclusive.
+	Min int32 `json:"min" protobuf:"varint,1,opt,name=min"`
+	// max is the end of the range, inclusive.
+	Max int32 `json:"max" protobuf:"varint,2,opt,name=max"`
+}
+
+// SELinux  Strategy Options defines the strategy type and any options used to create the strategy.
+type SELinuxStrategyOptions struct {
+	// type is the strategy that will dictate the allowable labels that may be set.
+	Rule SELinuxStrategy `json:"rule" protobuf:"bytes,1,opt,name=rule,casttype=SELinuxStrategy"`
+	// seLinuxOptions required to run as; required for MustRunAs
+	// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+	// +optional
+	SELinuxOptions *v1.SELinuxOptions `json:"seLinuxOptions,omitempty" protobuf:"bytes,2,opt,name=seLinuxOptions"`
+}
+
+// SELinuxStrategy denotes strategy types for generating SELinux options for a
+// Security Context.
+type SELinuxStrategy string
+
+const (
+	// container must have SELinux labels of X applied.
+	SELinuxStrategyMustRunAs SELinuxStrategy = "MustRunAs"
+	// container may make requests for any SELinux context labels.
+	SELinuxStrategyRunAsAny SELinuxStrategy = "RunAsAny"
+)
+
+// Run A sUser Strategy Options defines the strategy type and any options used to create the strategy.
+type RunAsUserStrategyOptions struct {
+	// Rule is the strategy that will dictate the allowable RunAsUser values that may be set.
+	Rule RunAsUserStrategy `json:"rule" protobuf:"bytes,1,opt,name=rule,casttype=RunAsUserStrategy"`
+	// Ranges are the allowed ranges of uids that may be used.
+	// +optional
+	Ranges []IDRange `json:"ranges,omitempty" protobuf:"bytes,2,rep,name=ranges"`
+}
+
+// ID Range provides a min/max of an allowed range of IDs.
+type IDRange struct {
+	// Min is the start of the range, inclusive.
+	Min int64 `json:"min" protobuf:"varint,1,opt,name=min"`
+	// Max is the end of the range, inclusive.
+	Max int64 `json:"max" protobuf:"varint,2,opt,name=max"`
+}
+
+// RunAsUserStrategy denotes strategy types for generating RunAsUser values for a
+// Security Context.
+type RunAsUserStrategy string
+
+const (
+	// container must run as a particular uid.
+	RunAsUserStrategyMustRunAs RunAsUserStrategy = "MustRunAs"
+	// container must run as a non-root uid
+	RunAsUserStrategyMustRunAsNonRoot RunAsUserStrategy = "MustRunAsNonRoot"
+	// container may make requests for any uid.
+	RunAsUserStrategyRunAsAny RunAsUserStrategy = "RunAsAny"
+)
+
+// FSGroupStrategyOptions defines the strategy type and options used to create the strategy.
+type FSGroupStrategyOptions struct {
+	// Rule is the strategy that will dictate what FSGroup is used in the SecurityContext.
+	// +optional
+	Rule FSGroupStrategyType `json:"rule,omitempty" protobuf:"bytes,1,opt,name=rule,casttype=FSGroupStrategyType"`
+	// Ranges are the allowed ranges of fs groups.  If you would like to force a single
+	// fs group then supply a single range with the same start and end.
+	// +optional
+	Ranges []IDRange `json:"ranges,omitempty" protobuf:"bytes,2,rep,name=ranges"`
+}
+
+// FSGroupStrategyType denotes strategy types for generating FSGroup values for a
+// SecurityContext
+type FSGroupStrategyType string
+
+const (
+	// container must have FSGroup of X applied.
+	FSGroupStrategyMustRunAs FSGroupStrategyType = "MustRunAs"
+	// container may make requests for any FSGroup labels.
+	FSGroupStrategyRunAsAny FSGroupStrategyType = "RunAsAny"
+)
+
+// SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy.
+type SupplementalGroupsStrategyOptions struct {
+	// Rule is the strategy that will dictate what supplemental groups is used in the SecurityContext.
+	// +optional
+	Rule SupplementalGroupsStrategyType `json:"rule,omitempty" protobuf:"bytes,1,opt,name=rule,casttype=SupplementalGroupsStrategyType"`
+	// Ranges are the allowed ranges of supplemental groups.  If you would like to force a single
+	// supplemental group then supply a single range with the same start and end.
+	// +optional
+	Ranges []IDRange `json:"ranges,omitempty" protobuf:"bytes,2,rep,name=ranges"`
+}
+
+// SupplementalGroupsStrategyType denotes strategy types for determining valid supplemental
+// groups for a SecurityContext.
+type SupplementalGroupsStrategyType string
+
+const (
+	// container must run as a particular gid.
+	SupplementalGroupsStrategyMustRunAs SupplementalGroupsStrategyType = "MustRunAs"
+	// container may make requests for any gid.
+	SupplementalGroupsStrategyRunAsAny SupplementalGroupsStrategyType = "RunAsAny"
+)
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// Pod Security Policy List is a list of PodSecurityPolicy objects.
+type PodSecurityPolicyList struct {
+	metav1.TypeMeta `json:",inline"`
+	// Standard list metadata.
+	// More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+	// +optional
+	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// Items is a list of schema objects.
+	Items []PodSecurityPolicy `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
diff --git a/vendor/k8s.io/api/policy/v1beta1/types_swagger_doc_generated.go b/vendor/k8s.io/api/policy/v1beta1/types_swagger_doc_generated.go
index 29432506df95..8c51518d4a7e 100644
--- a/vendor/k8s.io/api/policy/v1beta1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/policy/v1beta1/types_swagger_doc_generated.go
@@ -27,6 +27,24 @@ package v1beta1
 // Those methods can be generated by using hack/update-generated-swagger-docs.sh
 
 // AUTO-GENERATED FUNCTIONS START HERE
+var map_AllowedFlexVolume = map[string]string{
+	"":       "AllowedFlexVolume represents a single Flexvolume that is allowed to be used.",
+	"driver": "Driver is the name of the Flexvolume driver.",
+}
+
+func (AllowedFlexVolume) SwaggerDoc() map[string]string {
+	return map_AllowedFlexVolume
+}
+
+var map_AllowedHostPath = map[string]string{
+	"":           "defines the host volume conditions that will be enabled by a policy for pods to use. It requires the path prefix to be defined.",
+	"pathPrefix": "is the path prefix that the host volume must match. It does not support `*`. Trailing slashes are trimmed when validating the path prefix with a host path.\n\nExamples: `/foo` would allow `/foo`, `/foo/` and `/foo/bar` `/foo` would not allow `/food` or `/etc/foo`",
+}
+
+func (AllowedHostPath) SwaggerDoc() map[string]string {
+	return map_AllowedHostPath
+}
+
 var map_Eviction = map[string]string{
 	"":              "Eviction evicts a pod from its node subject to certain policies and safety constraints. This is a subresource of Pod.  A request to cause such an eviction is created by POSTing to .../pods/<pod name>/evictions.",
 	"metadata":      "ObjectMeta describes the pod that is being evicted.",
@@ -37,6 +55,36 @@ func (Eviction) SwaggerDoc() map[string]string {
 	return map_Eviction
 }
 
+var map_FSGroupStrategyOptions = map[string]string{
+	"":       "FSGroupStrategyOptions defines the strategy type and options used to create the strategy.",
+	"rule":   "Rule is the strategy that will dictate what FSGroup is used in the SecurityContext.",
+	"ranges": "Ranges are the allowed ranges of fs groups.  If you would like to force a single fs group then supply a single range with the same start and end.",
+}
+
+func (FSGroupStrategyOptions) SwaggerDoc() map[string]string {
+	return map_FSGroupStrategyOptions
+}
+
+var map_HostPortRange = map[string]string{
+	"":    "Host Port Range defines a range of host ports that will be enabled by a policy for pods to use.  It requires both the start and end to be defined.",
+	"min": "min is the start of the range, inclusive.",
+	"max": "max is the end of the range, inclusive.",
+}
+
+func (HostPortRange) SwaggerDoc() map[string]string {
+	return map_HostPortRange
+}
+
+var map_IDRange = map[string]string{
+	"":    "ID Range provides a min/max of an allowed range of IDs.",
+	"min": "Min is the start of the range, inclusive.",
+	"max": "Max is the end of the range, inclusive.",
+}
+
+func (IDRange) SwaggerDoc() map[string]string {
+	return map_IDRange
+}
+
 var map_PodDisruptionBudget = map[string]string{
 	"":       "PodDisruptionBudget is an object to define the max disruption that can be caused to a collection of pods",
 	"spec":   "Specification of the desired behavior of the PodDisruptionBudget.",
@@ -80,4 +128,80 @@ func (PodDisruptionBudgetStatus) SwaggerDoc() map[string]string {
 	return map_PodDisruptionBudgetStatus
 }
 
+var map_PodSecurityPolicy = map[string]string{
+	"":         "Pod Security Policy governs the ability to make requests that affect the Security Context that will be applied to a pod and container.",
+	"metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+	"spec":     "spec defines the policy enforced.",
+}
+
+func (PodSecurityPolicy) SwaggerDoc() map[string]string {
+	return map_PodSecurityPolicy
+}
+
+var map_PodSecurityPolicyList = map[string]string{
+	"":         "Pod Security Policy List is a list of PodSecurityPolicy objects.",
+	"metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+	"items":    "Items is a list of schema objects.",
+}
+
+func (PodSecurityPolicyList) SwaggerDoc() map[string]string {
+	return map_PodSecurityPolicyList
+}
+
+var map_PodSecurityPolicySpec = map[string]string{
+	"":                                "Pod Security Policy Spec defines the policy enforced.",
+	"privileged":                      "privileged determines if a pod can request to be run as privileged.",
+	"defaultAddCapabilities":          "DefaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.  You may not list a capability in both DefaultAddCapabilities and RequiredDropCapabilities. Capabilities added here are implicitly allowed, and need not be included in the AllowedCapabilities list.",
+	"requiredDropCapabilities":        "RequiredDropCapabilities are the capabilities that will be dropped from the container.  These are required to be dropped and cannot be added.",
+	"allowedCapabilities":             "AllowedCapabilities is a list of capabilities that can be requested to add to the container. Capabilities in this field may be added at the pod author's discretion. You must not list a capability in both AllowedCapabilities and RequiredDropCapabilities.",
+	"volumes":                         "volumes is a white list of allowed volume plugins.  Empty indicates that all plugins may be used.",
+	"hostNetwork":                     "hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.",
+	"hostPorts":                       "hostPorts determines which host port ranges are allowed to be exposed.",
+	"hostPID":                         "hostPID determines if the policy allows the use of HostPID in the pod spec.",
+	"hostIPC":                         "hostIPC determines if the policy allows the use of HostIPC in the pod spec.",
+	"seLinux":                         "seLinux is the strategy that will dictate the allowable labels that may be set.",
+	"runAsUser":                       "runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.",
+	"supplementalGroups":              "SupplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.",
+	"fsGroup":                         "FSGroup is the strategy that will dictate what fs group is used by the SecurityContext.",
+	"readOnlyRootFilesystem":          "ReadOnlyRootFilesystem when set to true will force containers to run with a read only root file system.  If the container specifically requests to run with a non-read only root file system the PSP should deny the pod. If set to false the container may run with a read only root file system if it wishes but it will not be forced to.",
+	"defaultAllowPrivilegeEscalation": "DefaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.",
+	"allowPrivilegeEscalation":        "AllowPrivilegeEscalation determines if a pod can request to allow privilege escalation. If unspecified, defaults to true.",
+	"allowedHostPaths":                "is a white list of allowed host paths. Empty indicates that all host paths may be used.",
+	"allowedFlexVolumes":              "AllowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes is allowed in the \"Volumes\" field.",
+}
+
+func (PodSecurityPolicySpec) SwaggerDoc() map[string]string {
+	return map_PodSecurityPolicySpec
+}
+
+var map_RunAsUserStrategyOptions = map[string]string{
+	"":       "Run A sUser Strategy Options defines the strategy type and any options used to create the strategy.",
+	"rule":   "Rule is the strategy that will dictate the allowable RunAsUser values that may be set.",
+	"ranges": "Ranges are the allowed ranges of uids that may be used.",
+}
+
+func (RunAsUserStrategyOptions) SwaggerDoc() map[string]string {
+	return map_RunAsUserStrategyOptions
+}
+
+var map_SELinuxStrategyOptions = map[string]string{
+	"":               "SELinux  Strategy Options defines the strategy type and any options used to create the strategy.",
+	"rule":           "type is the strategy that will dictate the allowable labels that may be set.",
+	"seLinuxOptions": "seLinuxOptions required to run as; required for MustRunAs More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/",
+}
+
+func (SELinuxStrategyOptions) SwaggerDoc() map[string]string {
+	return map_SELinuxStrategyOptions
+}
+
+var map_SupplementalGroupsStrategyOptions = map[string]string{
+	"":       "SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy.",
+	"rule":   "Rule is the strategy that will dictate what supplemental groups is used in the SecurityContext.",
+	"ranges": "Ranges are the allowed ranges of supplemental groups.  If you would like to force a single supplemental group then supply a single range with the same start and end.",
+}
+
+func (SupplementalGroupsStrategyOptions) SwaggerDoc() map[string]string {
+	return map_SupplementalGroupsStrategyOptions
+}
+
 // AUTO-GENERATED FUNCTIONS END HERE
diff --git a/vendor/k8s.io/api/policy/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/policy/v1beta1/zz_generated.deepcopy.go
index 78a597b5b9b9..8a770b2f0f59 100644
--- a/vendor/k8s.io/api/policy/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/policy/v1beta1/zz_generated.deepcopy.go
@@ -16,16 +16,49 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	core_v1 "k8s.io/api/core/v1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	intstr "k8s.io/apimachinery/pkg/util/intstr"
 )
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AllowedFlexVolume) DeepCopyInto(out *AllowedFlexVolume) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AllowedFlexVolume.
+func (in *AllowedFlexVolume) DeepCopy() *AllowedFlexVolume {
+	if in == nil {
+		return nil
+	}
+	out := new(AllowedFlexVolume)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AllowedHostPath) DeepCopyInto(out *AllowedHostPath) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AllowedHostPath.
+func (in *AllowedHostPath) DeepCopy() *AllowedHostPath {
+	if in == nil {
+		return nil
+	}
+	out := new(AllowedHostPath)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *Eviction) DeepCopyInto(out *Eviction) {
 	*out = *in
@@ -57,9 +90,61 @@ func (in *Eviction) DeepCopy() *Eviction {
 func (in *Eviction) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *FSGroupStrategyOptions) DeepCopyInto(out *FSGroupStrategyOptions) {
+	*out = *in
+	if in.Ranges != nil {
+		in, out := &in.Ranges, &out.Ranges
+		*out = make([]IDRange, len(*in))
+		copy(*out, *in)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FSGroupStrategyOptions.
+func (in *FSGroupStrategyOptions) DeepCopy() *FSGroupStrategyOptions {
+	if in == nil {
+		return nil
+	}
+	out := new(FSGroupStrategyOptions)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *HostPortRange) DeepCopyInto(out *HostPortRange) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostPortRange.
+func (in *HostPortRange) DeepCopy() *HostPortRange {
+	if in == nil {
 		return nil
 	}
+	out := new(HostPortRange)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *IDRange) DeepCopyInto(out *IDRange) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IDRange.
+func (in *IDRange) DeepCopy() *IDRange {
+	if in == nil {
+		return nil
+	}
+	out := new(IDRange)
+	in.DeepCopyInto(out)
+	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -86,9 +171,8 @@ func (in *PodDisruptionBudget) DeepCopy() *PodDisruptionBudget {
 func (in *PodDisruptionBudget) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -120,9 +204,8 @@ func (in *PodDisruptionBudgetList) DeepCopy() *PodDisruptionBudgetList {
 func (in *PodDisruptionBudgetList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -190,3 +273,203 @@ func (in *PodDisruptionBudgetStatus) DeepCopy() *PodDisruptionBudgetStatus {
 	in.DeepCopyInto(out)
 	return out
 }
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *PodSecurityPolicy) DeepCopyInto(out *PodSecurityPolicy) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodSecurityPolicy.
+func (in *PodSecurityPolicy) DeepCopy() *PodSecurityPolicy {
+	if in == nil {
+		return nil
+	}
+	out := new(PodSecurityPolicy)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *PodSecurityPolicy) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *PodSecurityPolicyList) DeepCopyInto(out *PodSecurityPolicyList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	out.ListMeta = in.ListMeta
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]PodSecurityPolicy, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodSecurityPolicyList.
+func (in *PodSecurityPolicyList) DeepCopy() *PodSecurityPolicyList {
+	if in == nil {
+		return nil
+	}
+	out := new(PodSecurityPolicyList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *PodSecurityPolicyList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *PodSecurityPolicySpec) DeepCopyInto(out *PodSecurityPolicySpec) {
+	*out = *in
+	if in.DefaultAddCapabilities != nil {
+		in, out := &in.DefaultAddCapabilities, &out.DefaultAddCapabilities
+		*out = make([]core_v1.Capability, len(*in))
+		copy(*out, *in)
+	}
+	if in.RequiredDropCapabilities != nil {
+		in, out := &in.RequiredDropCapabilities, &out.RequiredDropCapabilities
+		*out = make([]core_v1.Capability, len(*in))
+		copy(*out, *in)
+	}
+	if in.AllowedCapabilities != nil {
+		in, out := &in.AllowedCapabilities, &out.AllowedCapabilities
+		*out = make([]core_v1.Capability, len(*in))
+		copy(*out, *in)
+	}
+	if in.Volumes != nil {
+		in, out := &in.Volumes, &out.Volumes
+		*out = make([]FSType, len(*in))
+		copy(*out, *in)
+	}
+	if in.HostPorts != nil {
+		in, out := &in.HostPorts, &out.HostPorts
+		*out = make([]HostPortRange, len(*in))
+		copy(*out, *in)
+	}
+	in.SELinux.DeepCopyInto(&out.SELinux)
+	in.RunAsUser.DeepCopyInto(&out.RunAsUser)
+	in.SupplementalGroups.DeepCopyInto(&out.SupplementalGroups)
+	in.FSGroup.DeepCopyInto(&out.FSGroup)
+	if in.DefaultAllowPrivilegeEscalation != nil {
+		in, out := &in.DefaultAllowPrivilegeEscalation, &out.DefaultAllowPrivilegeEscalation
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(bool)
+			**out = **in
+		}
+	}
+	if in.AllowPrivilegeEscalation != nil {
+		in, out := &in.AllowPrivilegeEscalation, &out.AllowPrivilegeEscalation
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(bool)
+			**out = **in
+		}
+	}
+	if in.AllowedHostPaths != nil {
+		in, out := &in.AllowedHostPaths, &out.AllowedHostPaths
+		*out = make([]AllowedHostPath, len(*in))
+		copy(*out, *in)
+	}
+	if in.AllowedFlexVolumes != nil {
+		in, out := &in.AllowedFlexVolumes, &out.AllowedFlexVolumes
+		*out = make([]AllowedFlexVolume, len(*in))
+		copy(*out, *in)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodSecurityPolicySpec.
+func (in *PodSecurityPolicySpec) DeepCopy() *PodSecurityPolicySpec {
+	if in == nil {
+		return nil
+	}
+	out := new(PodSecurityPolicySpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *RunAsUserStrategyOptions) DeepCopyInto(out *RunAsUserStrategyOptions) {
+	*out = *in
+	if in.Ranges != nil {
+		in, out := &in.Ranges, &out.Ranges
+		*out = make([]IDRange, len(*in))
+		copy(*out, *in)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RunAsUserStrategyOptions.
+func (in *RunAsUserStrategyOptions) DeepCopy() *RunAsUserStrategyOptions {
+	if in == nil {
+		return nil
+	}
+	out := new(RunAsUserStrategyOptions)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *SELinuxStrategyOptions) DeepCopyInto(out *SELinuxStrategyOptions) {
+	*out = *in
+	if in.SELinuxOptions != nil {
+		in, out := &in.SELinuxOptions, &out.SELinuxOptions
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(core_v1.SELinuxOptions)
+			**out = **in
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SELinuxStrategyOptions.
+func (in *SELinuxStrategyOptions) DeepCopy() *SELinuxStrategyOptions {
+	if in == nil {
+		return nil
+	}
+	out := new(SELinuxStrategyOptions)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *SupplementalGroupsStrategyOptions) DeepCopyInto(out *SupplementalGroupsStrategyOptions) {
+	*out = *in
+	if in.Ranges != nil {
+		in, out := &in.Ranges, &out.Ranges
+		*out = make([]IDRange, len(*in))
+		copy(*out, *in)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SupplementalGroupsStrategyOptions.
+func (in *SupplementalGroupsStrategyOptions) DeepCopy() *SupplementalGroupsStrategyOptions {
+	if in == nil {
+		return nil
+	}
+	out := new(SupplementalGroupsStrategyOptions)
+	in.DeepCopyInto(out)
+	return out
+}
diff --git a/vendor/k8s.io/api/rbac/v1/zz_generated.deepcopy.go b/vendor/k8s.io/api/rbac/v1/zz_generated.deepcopy.go
index 085edaa121ce..0a2a4d08ec68 100644
--- a/vendor/k8s.io/api/rbac/v1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/rbac/v1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1
 
@@ -86,9 +86,8 @@ func (in *ClusterRole) DeepCopy() *ClusterRole {
 func (in *ClusterRole) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -119,9 +118,8 @@ func (in *ClusterRoleBinding) DeepCopy() *ClusterRoleBinding {
 func (in *ClusterRoleBinding) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -153,9 +151,8 @@ func (in *ClusterRoleBindingList) DeepCopy() *ClusterRoleBindingList {
 func (in *ClusterRoleBindingList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -187,9 +184,8 @@ func (in *ClusterRoleList) DeepCopy() *ClusterRoleList {
 func (in *ClusterRoleList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -262,9 +258,8 @@ func (in *Role) DeepCopy() *Role {
 func (in *Role) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -295,9 +290,8 @@ func (in *RoleBinding) DeepCopy() *RoleBinding {
 func (in *RoleBinding) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -329,9 +323,8 @@ func (in *RoleBindingList) DeepCopy() *RoleBindingList {
 func (in *RoleBindingList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -363,9 +356,8 @@ func (in *RoleList) DeepCopy() *RoleList {
 func (in *RoleList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/api/rbac/v1alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/api/rbac/v1alpha1/zz_generated.deepcopy.go
index 3037f666cb37..562451cd6ab8 100644
--- a/vendor/k8s.io/api/rbac/v1alpha1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/rbac/v1alpha1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1alpha1
 
@@ -86,9 +86,8 @@ func (in *ClusterRole) DeepCopy() *ClusterRole {
 func (in *ClusterRole) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -119,9 +118,8 @@ func (in *ClusterRoleBinding) DeepCopy() *ClusterRoleBinding {
 func (in *ClusterRoleBinding) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -153,9 +151,8 @@ func (in *ClusterRoleBindingList) DeepCopy() *ClusterRoleBindingList {
 func (in *ClusterRoleBindingList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -187,9 +184,8 @@ func (in *ClusterRoleList) DeepCopy() *ClusterRoleList {
 func (in *ClusterRoleList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -262,9 +258,8 @@ func (in *Role) DeepCopy() *Role {
 func (in *Role) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -295,9 +290,8 @@ func (in *RoleBinding) DeepCopy() *RoleBinding {
 func (in *RoleBinding) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -329,9 +323,8 @@ func (in *RoleBindingList) DeepCopy() *RoleBindingList {
 func (in *RoleBindingList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -363,9 +356,8 @@ func (in *RoleList) DeepCopy() *RoleList {
 func (in *RoleList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/api/rbac/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/rbac/v1beta1/zz_generated.deepcopy.go
index 7e035cd27a42..0ef823a0716c 100644
--- a/vendor/k8s.io/api/rbac/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/rbac/v1beta1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1beta1
 
@@ -86,9 +86,8 @@ func (in *ClusterRole) DeepCopy() *ClusterRole {
 func (in *ClusterRole) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -119,9 +118,8 @@ func (in *ClusterRoleBinding) DeepCopy() *ClusterRoleBinding {
 func (in *ClusterRoleBinding) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -153,9 +151,8 @@ func (in *ClusterRoleBindingList) DeepCopy() *ClusterRoleBindingList {
 func (in *ClusterRoleBindingList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -187,9 +184,8 @@ func (in *ClusterRoleList) DeepCopy() *ClusterRoleList {
 func (in *ClusterRoleList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -262,9 +258,8 @@ func (in *Role) DeepCopy() *Role {
 func (in *Role) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -295,9 +290,8 @@ func (in *RoleBinding) DeepCopy() *RoleBinding {
 func (in *RoleBinding) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -329,9 +323,8 @@ func (in *RoleBindingList) DeepCopy() *RoleBindingList {
 func (in *RoleBindingList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -363,9 +356,8 @@ func (in *RoleList) DeepCopy() *RoleList {
 func (in *RoleList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/api/scheduling/v1alpha1/generated.proto b/vendor/k8s.io/api/scheduling/v1alpha1/generated.proto
index 75b4968cc316..e964a76dd4dc 100644
--- a/vendor/k8s.io/api/scheduling/v1alpha1/generated.proto
+++ b/vendor/k8s.io/api/scheduling/v1alpha1/generated.proto
@@ -33,7 +33,7 @@ option go_package = "v1alpha1";
 // integer value. The value can be any valid integer.
 message PriorityClass {
   // Standard object's metadata.
-  // More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata
+  // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
   // +optional
   optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
 
@@ -43,6 +43,9 @@ message PriorityClass {
 
   // globalDefault specifies whether this PriorityClass should be considered as
   // the default priority for pods that do not have any priority class.
+  // Only one PriorityClass can be marked as `globalDefault`. However, if more than
+  // one PriorityClasses exists with their `globalDefault` field set to true,
+  // the smallest value of such global default PriorityClasses will be used as the default priority.
   // +optional
   optional bool globalDefault = 3;
 
@@ -55,7 +58,7 @@ message PriorityClass {
 // PriorityClassList is a collection of priority classes.
 message PriorityClassList {
   // Standard list metadata
-  // More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata
+  // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
   // +optional
   optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
 
diff --git a/vendor/k8s.io/api/scheduling/v1alpha1/types.go b/vendor/k8s.io/api/scheduling/v1alpha1/types.go
index bca0f3471f2b..21e3df0af964 100644
--- a/vendor/k8s.io/api/scheduling/v1alpha1/types.go
+++ b/vendor/k8s.io/api/scheduling/v1alpha1/types.go
@@ -29,7 +29,7 @@ import (
 type PriorityClass struct {
 	metav1.TypeMeta `json:",inline"`
 	// Standard object's metadata.
-	// More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata
+	// More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
 	// +optional
 	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
 
@@ -39,6 +39,9 @@ type PriorityClass struct {
 
 	// globalDefault specifies whether this PriorityClass should be considered as
 	// the default priority for pods that do not have any priority class.
+	// Only one PriorityClass can be marked as `globalDefault`. However, if more than
+	// one PriorityClasses exists with their `globalDefault` field set to true,
+	// the smallest value of such global default PriorityClasses will be used as the default priority.
 	// +optional
 	GlobalDefault bool `json:"globalDefault,omitempty" protobuf:"bytes,3,opt,name=globalDefault"`
 
@@ -54,7 +57,7 @@ type PriorityClass struct {
 type PriorityClassList struct {
 	metav1.TypeMeta `json:",inline"`
 	// Standard list metadata
-	// More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata
+	// More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
 	// +optional
 	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
 
diff --git a/vendor/k8s.io/api/scheduling/v1alpha1/types_swagger_doc_generated.go b/vendor/k8s.io/api/scheduling/v1alpha1/types_swagger_doc_generated.go
index c6187398dc37..9080dd9d68c4 100644
--- a/vendor/k8s.io/api/scheduling/v1alpha1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/scheduling/v1alpha1/types_swagger_doc_generated.go
@@ -29,9 +29,9 @@ package v1alpha1
 // AUTO-GENERATED FUNCTIONS START HERE
 var map_PriorityClass = map[string]string{
 	"":              "PriorityClass defines mapping from a priority class name to the priority integer value. The value can be any valid integer.",
-	"metadata":      "Standard object's metadata. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata",
+	"metadata":      "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
 	"value":         "The value of this priority class. This is the actual priority that pods receive when they have the name of this class in their pod spec.",
-	"globalDefault": "globalDefault specifies whether this PriorityClass should be considered as the default priority for pods that do not have any priority class.",
+	"globalDefault": "globalDefault specifies whether this PriorityClass should be considered as the default priority for pods that do not have any priority class. Only one PriorityClass can be marked as `globalDefault`. However, if more than one PriorityClasses exists with their `globalDefault` field set to true, the smallest value of such global default PriorityClasses will be used as the default priority.",
 	"description":   "description is an arbitrary string that usually provides guidelines on when this priority class should be used.",
 }
 
@@ -41,7 +41,7 @@ func (PriorityClass) SwaggerDoc() map[string]string {
 
 var map_PriorityClassList = map[string]string{
 	"":         "PriorityClassList is a collection of priority classes.",
-	"metadata": "Standard list metadata More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata",
+	"metadata": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
 	"items":    "items is the list of PriorityClasses",
 }
 
diff --git a/vendor/k8s.io/api/scheduling/v1alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/api/scheduling/v1alpha1/zz_generated.deepcopy.go
index 344e6cc622d1..51f8d0473961 100644
--- a/vendor/k8s.io/api/scheduling/v1alpha1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/scheduling/v1alpha1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1alpha1
 
@@ -46,9 +46,8 @@ func (in *PriorityClass) DeepCopy() *PriorityClass {
 func (in *PriorityClass) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -80,7 +79,6 @@ func (in *PriorityClassList) DeepCopy() *PriorityClassList {
 func (in *PriorityClassList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/api/settings/v1alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/api/settings/v1alpha1/zz_generated.deepcopy.go
index 5376686586c7..3fe7f6ca4cfa 100644
--- a/vendor/k8s.io/api/settings/v1alpha1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/settings/v1alpha1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1alpha1
 
@@ -48,9 +48,8 @@ func (in *PodPreset) DeepCopy() *PodPreset {
 func (in *PodPreset) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -82,9 +81,8 @@ func (in *PodPresetList) DeepCopy() *PodPresetList {
 func (in *PodPresetList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/api/storage/v1/zz_generated.deepcopy.go b/vendor/k8s.io/api/storage/v1/zz_generated.deepcopy.go
index 63bdcc43c623..ccab05cccf6e 100644
--- a/vendor/k8s.io/api/storage/v1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/storage/v1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1
 
@@ -86,9 +86,8 @@ func (in *StorageClass) DeepCopy() *StorageClass {
 func (in *StorageClass) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -120,7 +119,6 @@ func (in *StorageClassList) DeepCopy() *StorageClassList {
 func (in *StorageClassList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/api/storage/v1alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/api/storage/v1alpha1/zz_generated.deepcopy.go
index e1561dba1c49..04221c67c0c4 100644
--- a/vendor/k8s.io/api/storage/v1alpha1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/storage/v1alpha1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1alpha1
 
@@ -48,9 +48,8 @@ func (in *VolumeAttachment) DeepCopy() *VolumeAttachment {
 func (in *VolumeAttachment) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -82,9 +81,8 @@ func (in *VolumeAttachmentList) DeepCopy() *VolumeAttachmentList {
 func (in *VolumeAttachmentList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/api/storage/v1beta1/generated.pb.go b/vendor/k8s.io/api/storage/v1beta1/generated.pb.go
index c9ae2c8b7180..425d0e71744e 100644
--- a/vendor/k8s.io/api/storage/v1beta1/generated.pb.go
+++ b/vendor/k8s.io/api/storage/v1beta1/generated.pb.go
@@ -27,6 +27,12 @@ limitations under the License.
 	It has these top-level messages:
 		StorageClass
 		StorageClassList
+		VolumeAttachment
+		VolumeAttachmentList
+		VolumeAttachmentSource
+		VolumeAttachmentSpec
+		VolumeAttachmentStatus
+		VolumeError
 */
 package v1beta1
 
@@ -62,9 +68,39 @@ func (m *StorageClassList) Reset()                    { *m = StorageClassList{}
 func (*StorageClassList) ProtoMessage()               {}
 func (*StorageClassList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{1} }
 
+func (m *VolumeAttachment) Reset()                    { *m = VolumeAttachment{} }
+func (*VolumeAttachment) ProtoMessage()               {}
+func (*VolumeAttachment) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{2} }
+
+func (m *VolumeAttachmentList) Reset()                    { *m = VolumeAttachmentList{} }
+func (*VolumeAttachmentList) ProtoMessage()               {}
+func (*VolumeAttachmentList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{3} }
+
+func (m *VolumeAttachmentSource) Reset()                    { *m = VolumeAttachmentSource{} }
+func (*VolumeAttachmentSource) ProtoMessage()               {}
+func (*VolumeAttachmentSource) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{4} }
+
+func (m *VolumeAttachmentSpec) Reset()                    { *m = VolumeAttachmentSpec{} }
+func (*VolumeAttachmentSpec) ProtoMessage()               {}
+func (*VolumeAttachmentSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{5} }
+
+func (m *VolumeAttachmentStatus) Reset()                    { *m = VolumeAttachmentStatus{} }
+func (*VolumeAttachmentStatus) ProtoMessage()               {}
+func (*VolumeAttachmentStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{6} }
+
+func (m *VolumeError) Reset()                    { *m = VolumeError{} }
+func (*VolumeError) ProtoMessage()               {}
+func (*VolumeError) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{7} }
+
 func init() {
 	proto.RegisterType((*StorageClass)(nil), "k8s.io.api.storage.v1beta1.StorageClass")
 	proto.RegisterType((*StorageClassList)(nil), "k8s.io.api.storage.v1beta1.StorageClassList")
+	proto.RegisterType((*VolumeAttachment)(nil), "k8s.io.api.storage.v1beta1.VolumeAttachment")
+	proto.RegisterType((*VolumeAttachmentList)(nil), "k8s.io.api.storage.v1beta1.VolumeAttachmentList")
+	proto.RegisterType((*VolumeAttachmentSource)(nil), "k8s.io.api.storage.v1beta1.VolumeAttachmentSource")
+	proto.RegisterType((*VolumeAttachmentSpec)(nil), "k8s.io.api.storage.v1beta1.VolumeAttachmentSpec")
+	proto.RegisterType((*VolumeAttachmentStatus)(nil), "k8s.io.api.storage.v1beta1.VolumeAttachmentStatus")
+	proto.RegisterType((*VolumeError)(nil), "k8s.io.api.storage.v1beta1.VolumeError")
 }
 func (m *StorageClass) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
@@ -193,6 +229,242 @@ func (m *StorageClassList) MarshalTo(dAtA []byte) (int, error) {
 	return i, nil
 }
 
+func (m *VolumeAttachment) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *VolumeAttachment) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
+	n3, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n3
+	dAtA[i] = 0x12
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size()))
+	n4, err := m.Spec.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n4
+	dAtA[i] = 0x1a
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Status.Size()))
+	n5, err := m.Status.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n5
+	return i, nil
+}
+
+func (m *VolumeAttachmentList) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *VolumeAttachmentList) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
+	n6, err := m.ListMeta.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n6
+	if len(m.Items) > 0 {
+		for _, msg := range m.Items {
+			dAtA[i] = 0x12
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(msg.Size()))
+			n, err := msg.MarshalTo(dAtA[i:])
+			if err != nil {
+				return 0, err
+			}
+			i += n
+		}
+	}
+	return i, nil
+}
+
+func (m *VolumeAttachmentSource) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *VolumeAttachmentSource) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if m.PersistentVolumeName != nil {
+		dAtA[i] = 0xa
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(len(*m.PersistentVolumeName)))
+		i += copy(dAtA[i:], *m.PersistentVolumeName)
+	}
+	return i, nil
+}
+
+func (m *VolumeAttachmentSpec) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *VolumeAttachmentSpec) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Attacher)))
+	i += copy(dAtA[i:], m.Attacher)
+	dAtA[i] = 0x12
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Source.Size()))
+	n7, err := m.Source.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n7
+	dAtA[i] = 0x1a
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.NodeName)))
+	i += copy(dAtA[i:], m.NodeName)
+	return i, nil
+}
+
+func (m *VolumeAttachmentStatus) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *VolumeAttachmentStatus) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0x8
+	i++
+	if m.Attached {
+		dAtA[i] = 1
+	} else {
+		dAtA[i] = 0
+	}
+	i++
+	if len(m.AttachmentMetadata) > 0 {
+		keysForAttachmentMetadata := make([]string, 0, len(m.AttachmentMetadata))
+		for k := range m.AttachmentMetadata {
+			keysForAttachmentMetadata = append(keysForAttachmentMetadata, string(k))
+		}
+		github_com_gogo_protobuf_sortkeys.Strings(keysForAttachmentMetadata)
+		for _, k := range keysForAttachmentMetadata {
+			dAtA[i] = 0x12
+			i++
+			v := m.AttachmentMetadata[string(k)]
+			mapSize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + len(v) + sovGenerated(uint64(len(v)))
+			i = encodeVarintGenerated(dAtA, i, uint64(mapSize))
+			dAtA[i] = 0xa
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(len(k)))
+			i += copy(dAtA[i:], k)
+			dAtA[i] = 0x12
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(len(v)))
+			i += copy(dAtA[i:], v)
+		}
+	}
+	if m.AttachError != nil {
+		dAtA[i] = 0x1a
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.AttachError.Size()))
+		n8, err := m.AttachError.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n8
+	}
+	if m.DetachError != nil {
+		dAtA[i] = 0x22
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.DetachError.Size()))
+		n9, err := m.DetachError.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n9
+	}
+	return i, nil
+}
+
+func (m *VolumeError) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *VolumeError) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Time.Size()))
+	n10, err := m.Time.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n10
+	dAtA[i] = 0x12
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Message)))
+	i += copy(dAtA[i:], m.Message)
+	return i, nil
+}
+
 func encodeFixed64Generated(dAtA []byte, offset int, v uint64) int {
 	dAtA[offset] = uint8(v)
 	dAtA[offset+1] = uint8(v >> 8)
@@ -269,6 +541,87 @@ func (m *StorageClassList) Size() (n int) {
 	return n
 }
 
+func (m *VolumeAttachment) Size() (n int) {
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Spec.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Status.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *VolumeAttachmentList) Size() (n int) {
+	var l int
+	_ = l
+	l = m.ListMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Items) > 0 {
+		for _, e := range m.Items {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *VolumeAttachmentSource) Size() (n int) {
+	var l int
+	_ = l
+	if m.PersistentVolumeName != nil {
+		l = len(*m.PersistentVolumeName)
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *VolumeAttachmentSpec) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.Attacher)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Source.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.NodeName)
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *VolumeAttachmentStatus) Size() (n int) {
+	var l int
+	_ = l
+	n += 2
+	if len(m.AttachmentMetadata) > 0 {
+		for k, v := range m.AttachmentMetadata {
+			_ = k
+			_ = v
+			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + len(v) + sovGenerated(uint64(len(v)))
+			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
+		}
+	}
+	if m.AttachError != nil {
+		l = m.AttachError.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.DetachError != nil {
+		l = m.DetachError.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *VolumeError) Size() (n int) {
+	var l int
+	_ = l
+	l = m.Time.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Message)
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
 func sovGenerated(x uint64) (n int) {
 	for {
 		n++
@@ -312,22 +665,878 @@ func (this *StorageClassList) String() string {
 	if this == nil {
 		return "nil"
 	}
-	s := strings.Join([]string{`&StorageClassList{`,
-		`ListMeta:` + strings.Replace(strings.Replace(this.ListMeta.String(), "ListMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ListMeta", 1), `&`, ``, 1) + `,`,
-		`Items:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Items), "StorageClass", "StorageClass", 1), `&`, ``, 1) + `,`,
-		`}`,
-	}, "")
-	return s
-}
-func valueToStringGenerated(v interface{}) string {
-	rv := reflect.ValueOf(v)
-	if rv.IsNil() {
-		return "nil"
+	s := strings.Join([]string{`&StorageClassList{`,
+		`ListMeta:` + strings.Replace(strings.Replace(this.ListMeta.String(), "ListMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ListMeta", 1), `&`, ``, 1) + `,`,
+		`Items:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Items), "StorageClass", "StorageClass", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *VolumeAttachment) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&VolumeAttachment{`,
+		`ObjectMeta:` + strings.Replace(strings.Replace(this.ObjectMeta.String(), "ObjectMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
+		`Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "VolumeAttachmentSpec", "VolumeAttachmentSpec", 1), `&`, ``, 1) + `,`,
+		`Status:` + strings.Replace(strings.Replace(this.Status.String(), "VolumeAttachmentStatus", "VolumeAttachmentStatus", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *VolumeAttachmentList) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&VolumeAttachmentList{`,
+		`ListMeta:` + strings.Replace(strings.Replace(this.ListMeta.String(), "ListMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ListMeta", 1), `&`, ``, 1) + `,`,
+		`Items:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Items), "VolumeAttachment", "VolumeAttachment", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *VolumeAttachmentSource) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&VolumeAttachmentSource{`,
+		`PersistentVolumeName:` + valueToStringGenerated(this.PersistentVolumeName) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *VolumeAttachmentSpec) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&VolumeAttachmentSpec{`,
+		`Attacher:` + fmt.Sprintf("%v", this.Attacher) + `,`,
+		`Source:` + strings.Replace(strings.Replace(this.Source.String(), "VolumeAttachmentSource", "VolumeAttachmentSource", 1), `&`, ``, 1) + `,`,
+		`NodeName:` + fmt.Sprintf("%v", this.NodeName) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *VolumeAttachmentStatus) String() string {
+	if this == nil {
+		return "nil"
+	}
+	keysForAttachmentMetadata := make([]string, 0, len(this.AttachmentMetadata))
+	for k := range this.AttachmentMetadata {
+		keysForAttachmentMetadata = append(keysForAttachmentMetadata, k)
+	}
+	github_com_gogo_protobuf_sortkeys.Strings(keysForAttachmentMetadata)
+	mapStringForAttachmentMetadata := "map[string]string{"
+	for _, k := range keysForAttachmentMetadata {
+		mapStringForAttachmentMetadata += fmt.Sprintf("%v: %v,", k, this.AttachmentMetadata[k])
+	}
+	mapStringForAttachmentMetadata += "}"
+	s := strings.Join([]string{`&VolumeAttachmentStatus{`,
+		`Attached:` + fmt.Sprintf("%v", this.Attached) + `,`,
+		`AttachmentMetadata:` + mapStringForAttachmentMetadata + `,`,
+		`AttachError:` + strings.Replace(fmt.Sprintf("%v", this.AttachError), "VolumeError", "VolumeError", 1) + `,`,
+		`DetachError:` + strings.Replace(fmt.Sprintf("%v", this.DetachError), "VolumeError", "VolumeError", 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *VolumeError) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&VolumeError{`,
+		`Time:` + strings.Replace(strings.Replace(this.Time.String(), "Time", "k8s_io_apimachinery_pkg_apis_meta_v1.Time", 1), `&`, ``, 1) + `,`,
+		`Message:` + fmt.Sprintf("%v", this.Message) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func valueToStringGenerated(v interface{}) string {
+	rv := reflect.ValueOf(v)
+	if rv.IsNil() {
+		return "nil"
+	}
+	pv := reflect.Indirect(rv).Interface()
+	return fmt.Sprintf("*%v", pv)
+}
+func (m *StorageClass) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: StorageClass: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: StorageClass: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Provisioner", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Provisioner = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Parameters", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			var keykey uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				keykey |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			var stringLenmapkey uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLenmapkey |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLenmapkey := int(stringLenmapkey)
+			if intStringLenmapkey < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postStringIndexmapkey := iNdEx + intStringLenmapkey
+			if postStringIndexmapkey > l {
+				return io.ErrUnexpectedEOF
+			}
+			mapkey := string(dAtA[iNdEx:postStringIndexmapkey])
+			iNdEx = postStringIndexmapkey
+			if m.Parameters == nil {
+				m.Parameters = make(map[string]string)
+			}
+			if iNdEx < postIndex {
+				var valuekey uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					valuekey |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				var stringLenmapvalue uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					stringLenmapvalue |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				intStringLenmapvalue := int(stringLenmapvalue)
+				if intStringLenmapvalue < 0 {
+					return ErrInvalidLengthGenerated
+				}
+				postStringIndexmapvalue := iNdEx + intStringLenmapvalue
+				if postStringIndexmapvalue > l {
+					return io.ErrUnexpectedEOF
+				}
+				mapvalue := string(dAtA[iNdEx:postStringIndexmapvalue])
+				iNdEx = postStringIndexmapvalue
+				m.Parameters[mapkey] = mapvalue
+			} else {
+				var mapvalue string
+				m.Parameters[mapkey] = mapvalue
+			}
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ReclaimPolicy", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			s := k8s_io_api_core_v1.PersistentVolumeReclaimPolicy(dAtA[iNdEx:postIndex])
+			m.ReclaimPolicy = &s
+			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field MountOptions", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.MountOptions = append(m.MountOptions, string(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
+		case 6:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field AllowVolumeExpansion", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			b := bool(v != 0)
+			m.AllowVolumeExpansion = &b
+		case 7:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field VolumeBindingMode", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			s := VolumeBindingMode(dAtA[iNdEx:postIndex])
+			m.VolumeBindingMode = &s
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *StorageClassList) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: StorageClassList: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: StorageClassList: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Items = append(m.Items, StorageClass{})
+			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *VolumeAttachment) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: VolumeAttachment: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: VolumeAttachment: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Status.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *VolumeAttachmentList) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: VolumeAttachmentList: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: VolumeAttachmentList: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Items = append(m.Items, VolumeAttachment{})
+			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *VolumeAttachmentSource) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: VolumeAttachmentSource: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: VolumeAttachmentSource: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field PersistentVolumeName", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			s := string(dAtA[iNdEx:postIndex])
+			m.PersistentVolumeName = &s
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
 	}
-	pv := reflect.Indirect(rv).Interface()
-	return fmt.Sprintf("*%v", pv)
+	return nil
 }
-func (m *StorageClass) Unmarshal(dAtA []byte) error {
+func (m *VolumeAttachmentSpec) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -350,15 +1559,44 @@ func (m *StorageClass) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: StorageClass: wiretype end group for non-group")
+			return fmt.Errorf("proto: VolumeAttachmentSpec: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: StorageClass: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: VolumeAttachmentSpec: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Attacher", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Attacher = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Source", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -382,13 +1620,13 @@ func (m *StorageClass) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.Source.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		case 2:
+		case 3:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Provisioner", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field NodeName", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -413,11 +1651,81 @@ func (m *StorageClass) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Provisioner = string(dAtA[iNdEx:postIndex])
+			m.NodeName = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
-		case 3:
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *VolumeAttachmentStatus) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: VolumeAttachmentStatus: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: VolumeAttachmentStatus: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Attached", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.Attached = bool(v != 0)
+		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Parameters", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field AttachmentMetadata", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -481,8 +1789,8 @@ func (m *StorageClass) Unmarshal(dAtA []byte) error {
 			}
 			mapkey := string(dAtA[iNdEx:postStringIndexmapkey])
 			iNdEx = postStringIndexmapkey
-			if m.Parameters == nil {
-				m.Parameters = make(map[string]string)
+			if m.AttachmentMetadata == nil {
+				m.AttachmentMetadata = make(map[string]string)
 			}
 			if iNdEx < postIndex {
 				var valuekey uint64
@@ -525,17 +1833,17 @@ func (m *StorageClass) Unmarshal(dAtA []byte) error {
 				}
 				mapvalue := string(dAtA[iNdEx:postStringIndexmapvalue])
 				iNdEx = postStringIndexmapvalue
-				m.Parameters[mapkey] = mapvalue
+				m.AttachmentMetadata[mapkey] = mapvalue
 			} else {
 				var mapvalue string
-				m.Parameters[mapkey] = mapvalue
+				m.AttachmentMetadata[mapkey] = mapvalue
 			}
 			iNdEx = postIndex
-		case 4:
+		case 3:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ReclaimPolicy", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field AttachError", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -545,77 +1853,30 @@ func (m *StorageClass) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= (uint64(b) & 0x7F) << shift
+				msglen |= (int(b) & 0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			s := k8s_io_api_core_v1.PersistentVolumeReclaimPolicy(dAtA[iNdEx:postIndex])
-			m.ReclaimPolicy = &s
-			iNdEx = postIndex
-		case 5:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field MountOptions", wireType)
-			}
-			var stringLen uint64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				stringLen |= (uint64(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
-				return ErrInvalidLengthGenerated
+			if m.AttachError == nil {
+				m.AttachError = &VolumeError{}
 			}
-			postIndex := iNdEx + intStringLen
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
+			if err := m.AttachError.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
 			}
-			m.MountOptions = append(m.MountOptions, string(dAtA[iNdEx:postIndex]))
 			iNdEx = postIndex
-		case 6:
-			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field AllowVolumeExpansion", wireType)
-			}
-			var v int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				v |= (int(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			b := bool(v != 0)
-			m.AllowVolumeExpansion = &b
-		case 7:
+		case 4:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field VolumeBindingMode", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field DetachError", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -625,21 +1886,24 @@ func (m *StorageClass) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= (uint64(b) & 0x7F) << shift
+				msglen |= (int(b) & 0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			s := VolumeBindingMode(dAtA[iNdEx:postIndex])
-			m.VolumeBindingMode = &s
+			if m.DetachError == nil {
+				m.DetachError = &VolumeError{}
+			}
+			if err := m.DetachError.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -662,7 +1926,7 @@ func (m *StorageClass) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *StorageClassList) Unmarshal(dAtA []byte) error {
+func (m *VolumeError) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -685,15 +1949,15 @@ func (m *StorageClassList) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: StorageClassList: wiretype end group for non-group")
+			return fmt.Errorf("proto: VolumeError: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: StorageClassList: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: VolumeError: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Time", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -717,15 +1981,15 @@ func (m *StorageClassList) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.Time.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Message", wireType)
 			}
-			var msglen int
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -735,22 +1999,20 @@ func (m *StorageClassList) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= (int(b) & 0x7F) << shift
+				stringLen |= (uint64(b) & 0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + msglen
+			postIndex := iNdEx + intStringLen
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Items = append(m.Items, StorageClass{})
-			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
+			m.Message = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -883,44 +2145,67 @@ func init() {
 }
 
 var fileDescriptorGenerated = []byte{
-	// 622 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x8c, 0x92, 0xcd, 0x6e, 0xd3, 0x40,
-	0x14, 0x85, 0xe3, 0x86, 0xd0, 0x76, 0xd2, 0x8a, 0xd4, 0x74, 0x61, 0x65, 0x61, 0x47, 0x5d, 0x45,
-	0x48, 0x1d, 0xb7, 0xa5, 0xa0, 0x0a, 0x89, 0x05, 0xae, 0xba, 0x40, 0x6a, 0xd4, 0xc8, 0x48, 0x15,
-	0x42, 0x2c, 0x98, 0x38, 0x17, 0x77, 0x88, 0x3d, 0x63, 0xcd, 0x8c, 0x03, 0xd9, 0xf1, 0x08, 0xbc,
-	0x01, 0x8f, 0xc2, 0xb6, 0xcb, 0x2e, 0xbb, 0xb2, 0xa8, 0x79, 0x8b, 0xae, 0x90, 0x7f, 0x68, 0xdc,
-	0xfc, 0x88, 0xee, 0x3c, 0xf7, 0x9e, 0xef, 0xdc, 0x99, 0xeb, 0x83, 0x8e, 0x47, 0x47, 0x12, 0x53,
-	0x6e, 0x8f, 0xe2, 0x01, 0x08, 0x06, 0x0a, 0xa4, 0x3d, 0x06, 0x36, 0xe4, 0xc2, 0x2e, 0x1b, 0x24,
-	0xa2, 0xb6, 0x54, 0x5c, 0x10, 0x1f, 0xec, 0xf1, 0xfe, 0x00, 0x14, 0xd9, 0xb7, 0x7d, 0x60, 0x20,
-	0x88, 0x82, 0x21, 0x8e, 0x04, 0x57, 0x5c, 0x6f, 0x17, 0x5a, 0x4c, 0x22, 0x8a, 0x4b, 0x2d, 0x2e,
-	0xb5, 0xed, 0x5d, 0x9f, 0xaa, 0x8b, 0x78, 0x80, 0x3d, 0x1e, 0xda, 0x3e, 0xf7, 0xb9, 0x9d, 0x23,
-	0x83, 0xf8, 0x73, 0x7e, 0xca, 0x0f, 0xf9, 0x57, 0x61, 0xd5, 0xde, 0xa9, 0x8c, 0xf5, 0xb8, 0xc8,
-	0x66, 0xce, 0x8e, 0x6b, 0x1f, 0x4e, 0x35, 0x21, 0xf1, 0x2e, 0x28, 0x03, 0x31, 0xb1, 0xa3, 0x91,
-	0x9f, 0x15, 0xa4, 0x1d, 0x82, 0x22, 0x8b, 0x28, 0x7b, 0x19, 0x25, 0x62, 0xa6, 0x68, 0x08, 0x73,
-	0xc0, 0xcb, 0xff, 0x01, 0xd2, 0xbb, 0x80, 0x90, 0xcc, 0x71, 0xcf, 0x97, 0x71, 0xb1, 0xa2, 0x81,
-	0x4d, 0x99, 0x92, 0x4a, 0xcc, 0x42, 0x3b, 0x3f, 0x1b, 0x68, 0xe3, 0x5d, 0xb1, 0xba, 0xe3, 0x80,
-	0x48, 0xa9, 0x7f, 0x42, 0x6b, 0xd9, 0x4b, 0x86, 0x44, 0x11, 0x43, 0xeb, 0x68, 0xdd, 0xe6, 0xc1,
-	0x1e, 0x9e, 0xae, 0xf9, 0xce, 0x18, 0x47, 0x23, 0x3f, 0x2b, 0x48, 0x9c, 0xa9, 0xf1, 0x78, 0x1f,
-	0x9f, 0x0d, 0xbe, 0x80, 0xa7, 0x7a, 0xa0, 0x88, 0xa3, 0x5f, 0x26, 0x56, 0x2d, 0x4d, 0x2c, 0x34,
-	0xad, 0xb9, 0x77, 0xae, 0xfa, 0x0b, 0xd4, 0x8c, 0x04, 0x1f, 0x53, 0x49, 0x39, 0x03, 0x61, 0xac,
-	0x74, 0xb4, 0xee, 0xba, 0xf3, 0xb4, 0x44, 0x9a, 0xfd, 0x69, 0xcb, 0xad, 0xea, 0xf4, 0x00, 0xa1,
-	0x88, 0x08, 0x12, 0x82, 0x02, 0x21, 0x8d, 0x7a, 0xa7, 0xde, 0x6d, 0x1e, 0x1c, 0xe1, 0xe5, 0x09,
-	0xc0, 0xd5, 0x67, 0xe1, 0xfe, 0x1d, 0x7a, 0xc2, 0x94, 0x98, 0x4c, 0xaf, 0x38, 0x6d, 0xb8, 0x15,
-	0x7f, 0x7d, 0x84, 0x36, 0x05, 0x78, 0x01, 0xa1, 0x61, 0x9f, 0x07, 0xd4, 0x9b, 0x18, 0x8f, 0xf2,
-	0x6b, 0x9e, 0xa4, 0x89, 0xb5, 0xe9, 0x56, 0x1b, 0xb7, 0x89, 0xb5, 0x37, 0x9f, 0x1d, 0xdc, 0x07,
-	0x21, 0xa9, 0x54, 0xc0, 0xd4, 0x39, 0x0f, 0xe2, 0x10, 0xee, 0x31, 0xee, 0x7d, 0x6f, 0xfd, 0x10,
-	0x6d, 0x84, 0x3c, 0x66, 0xea, 0x2c, 0x52, 0x94, 0x33, 0x69, 0x34, 0x3a, 0xf5, 0xee, 0xba, 0xd3,
-	0x4a, 0x13, 0x6b, 0xa3, 0x57, 0xa9, 0xbb, 0xf7, 0x54, 0xfa, 0x29, 0xda, 0x26, 0x41, 0xc0, 0xbf,
-	0x16, 0x03, 0x4e, 0xbe, 0x45, 0x84, 0x65, 0xab, 0x32, 0x1e, 0x77, 0xb4, 0xee, 0x9a, 0x63, 0xa4,
-	0x89, 0xb5, 0xfd, 0x66, 0x41, 0xdf, 0x5d, 0x48, 0xe9, 0xef, 0xd1, 0xd6, 0x38, 0x2f, 0x39, 0x94,
-	0x0d, 0x29, 0xf3, 0x7b, 0x7c, 0x08, 0xc6, 0x6a, 0xfe, 0xe8, 0x67, 0x69, 0x62, 0x6d, 0x9d, 0xcf,
-	0x36, 0x6f, 0x17, 0x15, 0xdd, 0x79, 0x93, 0xf6, 0x6b, 0xf4, 0x64, 0x66, 0xfb, 0x7a, 0x0b, 0xd5,
-	0x47, 0x30, 0xc9, 0xf3, 0xb5, 0xee, 0x66, 0x9f, 0xfa, 0x36, 0x6a, 0x8c, 0x49, 0x10, 0x43, 0x11,
-	0x07, 0xb7, 0x38, 0xbc, 0x5a, 0x39, 0xd2, 0x76, 0x7e, 0x69, 0xa8, 0x55, 0xfd, 0x95, 0xa7, 0x54,
-	0x2a, 0xfd, 0xe3, 0x5c, 0x4a, 0xf1, 0xc3, 0x52, 0x9a, 0xd1, 0x79, 0x46, 0x5b, 0x65, 0x00, 0xd6,
-	0xfe, 0x55, 0x2a, 0x09, 0xed, 0xa1, 0x06, 0x55, 0x10, 0x4a, 0x63, 0x25, 0x4f, 0x59, 0xf7, 0xa1,
-	0x29, 0x73, 0x36, 0x4b, 0xd3, 0xc6, 0xdb, 0x0c, 0x77, 0x0b, 0x17, 0x67, 0xf7, 0xf2, 0xc6, 0xac,
-	0x5d, 0xdd, 0x98, 0xb5, 0xeb, 0x1b, 0xb3, 0xf6, 0x3d, 0x35, 0xb5, 0xcb, 0xd4, 0xd4, 0xae, 0x52,
-	0x53, 0xbb, 0x4e, 0x4d, 0xed, 0x77, 0x6a, 0x6a, 0x3f, 0xfe, 0x98, 0xb5, 0x0f, 0xab, 0xa5, 0xe3,
-	0xdf, 0x00, 0x00, 0x00, 0xff, 0xff, 0x66, 0xe2, 0x8e, 0x84, 0x1b, 0x05, 0x00, 0x00,
+	// 977 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x56, 0xcd, 0x6f, 0x1b, 0x45,
+	0x14, 0xcf, 0xc6, 0xf9, 0x1c, 0x27, 0x34, 0x1d, 0x22, 0xb0, 0x7c, 0x58, 0x47, 0xbe, 0x60, 0xaa,
+	0x66, 0xb7, 0x09, 0x05, 0x45, 0x48, 0x1c, 0xb2, 0x25, 0x07, 0x50, 0xdc, 0x86, 0x29, 0xaa, 0x50,
+	0xc5, 0x81, 0xc9, 0xee, 0xab, 0x33, 0xd8, 0xfb, 0xa1, 0x99, 0x59, 0xd3, 0xdc, 0x38, 0x71, 0xe6,
+	0xc4, 0x95, 0x0b, 0xff, 0x07, 0x47, 0x72, 0x42, 0x3d, 0xf6, 0x64, 0x91, 0xe5, 0xbf, 0x88, 0x38,
+	0xa0, 0x99, 0x9d, 0x78, 0xd7, 0x5e, 0x5b, 0x4d, 0x7a, 0xe8, 0x2d, 0xf3, 0xde, 0xfb, 0xfd, 0xde,
+	0xd7, 0xef, 0xad, 0x83, 0x1e, 0xf5, 0x0f, 0x84, 0xc3, 0x62, 0xb7, 0x9f, 0x9e, 0x02, 0x8f, 0x40,
+	0x82, 0x70, 0x87, 0x10, 0x05, 0x31, 0x77, 0x8d, 0x83, 0x26, 0xcc, 0x15, 0x32, 0xe6, 0xb4, 0x07,
+	0xee, 0x70, 0xef, 0x14, 0x24, 0xdd, 0x73, 0x7b, 0x10, 0x01, 0xa7, 0x12, 0x02, 0x27, 0xe1, 0xb1,
+	0x8c, 0x71, 0x33, 0x8f, 0x75, 0x68, 0xc2, 0x1c, 0x13, 0xeb, 0x98, 0xd8, 0xe6, 0x6e, 0x8f, 0xc9,
+	0xb3, 0xf4, 0xd4, 0xf1, 0xe3, 0xd0, 0xed, 0xc5, 0xbd, 0xd8, 0xd5, 0x90, 0xd3, 0xf4, 0x85, 0x7e,
+	0xe9, 0x87, 0xfe, 0x2b, 0xa7, 0x6a, 0xb6, 0x4b, 0x69, 0xfd, 0x98, 0xab, 0x9c, 0xd3, 0xe9, 0x9a,
+	0xdd, 0x22, 0x06, 0x5e, 0x4a, 0x88, 0x04, 0x8b, 0x23, 0xb1, 0x4b, 0x13, 0x26, 0x80, 0x0f, 0x81,
+	0xbb, 0x49, 0xbf, 0xa7, 0x7c, 0x62, 0x32, 0x60, 0x5e, 0xf5, 0xcd, 0x87, 0x05, 0x5d, 0x48, 0xfd,
+	0x33, 0x16, 0x01, 0x3f, 0x2f, 0x38, 0x42, 0x90, 0x74, 0x56, 0x11, 0xee, 0x3c, 0x14, 0x4f, 0x23,
+	0xc9, 0x42, 0xa8, 0x00, 0x3e, 0x7b, 0x13, 0x40, 0xf8, 0x67, 0x10, 0xd2, 0x0a, 0xee, 0x93, 0x79,
+	0xb8, 0x54, 0xb2, 0x81, 0xcb, 0x22, 0x29, 0x24, 0x9f, 0x06, 0xb5, 0x7f, 0x5f, 0x46, 0x1b, 0x4f,
+	0xf3, 0x4d, 0x3c, 0x1a, 0x50, 0x21, 0xf0, 0x0f, 0x68, 0x4d, 0x75, 0x12, 0x50, 0x49, 0x1b, 0xd6,
+	0x8e, 0xd5, 0xa9, 0xef, 0x3f, 0x70, 0x8a, 0xad, 0x8d, 0x89, 0x9d, 0xa4, 0xdf, 0x53, 0x06, 0xe1,
+	0xa8, 0x68, 0x67, 0xb8, 0xe7, 0x3c, 0x39, 0xfd, 0x11, 0x7c, 0xd9, 0x05, 0x49, 0x3d, 0x7c, 0x31,
+	0x6a, 0x2d, 0x64, 0xa3, 0x16, 0x2a, 0x6c, 0x64, 0xcc, 0x8a, 0x3f, 0x45, 0xf5, 0x84, 0xc7, 0x43,
+	0xa6, 0x86, 0x0d, 0xbc, 0xb1, 0xb8, 0x63, 0x75, 0xd6, 0xbd, 0xf7, 0x0d, 0xa4, 0x7e, 0x52, 0xb8,
+	0x48, 0x39, 0x0e, 0x0f, 0x10, 0x4a, 0x28, 0xa7, 0x21, 0x48, 0xe0, 0xa2, 0x51, 0xdb, 0xa9, 0x75,
+	0xea, 0xfb, 0x07, 0xce, 0x7c, 0x41, 0x39, 0xe5, 0xb6, 0x9c, 0x93, 0x31, 0xf4, 0x28, 0x92, 0xfc,
+	0xbc, 0x28, 0xb1, 0x70, 0x90, 0x12, 0x3f, 0xee, 0xa3, 0x4d, 0x0e, 0xfe, 0x80, 0xb2, 0xf0, 0x24,
+	0x1e, 0x30, 0xff, 0xbc, 0xb1, 0xa4, 0xcb, 0x3c, 0xca, 0x46, 0xad, 0x4d, 0x52, 0x76, 0x5c, 0x8d,
+	0x5a, 0x0f, 0xaa, 0x52, 0x74, 0x4e, 0x80, 0x0b, 0x26, 0x24, 0x44, 0xf2, 0x59, 0x3c, 0x48, 0x43,
+	0x98, 0xc0, 0x90, 0x49, 0x6e, 0xfc, 0x10, 0x6d, 0x84, 0x71, 0x1a, 0xc9, 0x27, 0x89, 0x54, 0x02,
+	0x6c, 0x2c, 0xef, 0xd4, 0x3a, 0xeb, 0xde, 0x56, 0x36, 0x6a, 0x6d, 0x74, 0x4b, 0x76, 0x32, 0x11,
+	0x85, 0x8f, 0xd1, 0x36, 0x1d, 0x0c, 0xe2, 0x9f, 0xf2, 0x04, 0x47, 0x2f, 0x13, 0xaa, 0xf5, 0xdb,
+	0x58, 0xd9, 0xb1, 0x3a, 0x6b, 0x5e, 0x23, 0x1b, 0xb5, 0xb6, 0x0f, 0x67, 0xf8, 0xc9, 0x4c, 0x14,
+	0xfe, 0x0e, 0xdd, 0x1d, 0x6a, 0x93, 0xc7, 0xa2, 0x80, 0x45, 0xbd, 0x6e, 0x1c, 0x40, 0x63, 0x55,
+	0x37, 0x7d, 0x2f, 0x1b, 0xb5, 0xee, 0x3e, 0x9b, 0x76, 0x5e, 0xcd, 0x32, 0x92, 0x2a, 0x49, 0xf3,
+	0x0b, 0x74, 0x67, 0x6a, 0xfa, 0x78, 0x0b, 0xd5, 0xfa, 0x70, 0xae, 0xf5, 0xb5, 0x4e, 0xd4, 0x9f,
+	0x78, 0x1b, 0x2d, 0x0f, 0xe9, 0x20, 0x85, 0x5c, 0x0e, 0x24, 0x7f, 0x7c, 0xbe, 0x78, 0x60, 0xb5,
+	0xff, 0xb4, 0xd0, 0x56, 0x79, 0x95, 0xc7, 0x4c, 0x48, 0xfc, 0x7d, 0x45, 0xa5, 0xce, 0xcd, 0x54,
+	0xaa, 0xd0, 0x5a, 0xa3, 0x5b, 0x46, 0x00, 0x6b, 0xd7, 0x96, 0x92, 0x42, 0xbb, 0x68, 0x99, 0x49,
+	0x08, 0x45, 0x63, 0x51, 0xab, 0xac, 0x73, 0x53, 0x95, 0x79, 0x9b, 0x86, 0x74, 0xf9, 0x2b, 0x05,
+	0x27, 0x39, 0x4b, 0xfb, 0x8f, 0x45, 0xb4, 0x95, 0x4f, 0xea, 0x50, 0x4a, 0xea, 0x9f, 0x85, 0x10,
+	0xc9, 0x77, 0x70, 0x67, 0x04, 0x2d, 0x89, 0x04, 0x7c, 0x3d, 0xd1, 0x49, 0xf6, 0x4a, 0x13, 0xd3,
+	0xd5, 0x3d, 0x4d, 0xc0, 0xf7, 0x36, 0x0c, 0xfb, 0x92, 0x7a, 0x11, 0xcd, 0x85, 0x9f, 0xa3, 0x15,
+	0x21, 0xa9, 0x4c, 0xd5, 0x01, 0x2a, 0xd6, 0xfd, 0x5b, 0xb1, 0x6a, 0xa4, 0xf7, 0x9e, 0xe1, 0x5d,
+	0xc9, 0xdf, 0xc4, 0x30, 0xb6, 0xff, 0xb2, 0xd0, 0xf6, 0x34, 0xe4, 0x1d, 0x2c, 0xfb, 0x9b, 0xc9,
+	0x65, 0xdf, 0xbf, 0x4d, 0x47, 0x73, 0x16, 0xfe, 0x02, 0x7d, 0x50, 0xe9, 0x3d, 0x4e, 0xb9, 0x0f,
+	0xea, 0x66, 0x93, 0xa9, 0x2f, 0xc3, 0x63, 0x1a, 0x42, 0x7e, 0x09, 0xf9, 0xcd, 0x9e, 0xcc, 0xf0,
+	0x93, 0x99, 0xa8, 0xf6, 0xdf, 0x33, 0x26, 0xa6, 0x96, 0x85, 0xef, 0xa3, 0x35, 0xaa, 0x2d, 0xc0,
+	0x0d, 0xf5, 0x78, 0x02, 0x87, 0xc6, 0x4e, 0xc6, 0x11, 0x7a, 0xa9, 0xba, 0x3c, 0x23, 0x95, 0xdb,
+	0x2d, 0x55, 0x23, 0x4b, 0x4b, 0xd5, 0x6f, 0x62, 0x18, 0x55, 0x25, 0x51, 0x1c, 0xe4, 0x4d, 0xd6,
+	0x26, 0x2b, 0x79, 0x6c, 0xec, 0x64, 0x1c, 0xd1, 0xfe, 0xaf, 0x36, 0x63, 0x72, 0x5a, 0x1d, 0xa5,
+	0x96, 0x02, 0xdd, 0xd2, 0x5a, 0xa5, 0xa5, 0x60, 0xdc, 0x52, 0x80, 0x7f, 0xb3, 0x10, 0xa6, 0x63,
+	0x8a, 0xee, 0xb5, 0x7a, 0xf2, 0x15, 0x7f, 0x7d, 0x7b, 0xd1, 0x3a, 0x87, 0x15, 0xb2, 0xfc, 0x77,
+	0xa4, 0x69, 0x8a, 0xc0, 0xd5, 0x00, 0x32, 0xa3, 0x02, 0xcc, 0x50, 0x3d, 0xb7, 0x1e, 0x71, 0x1e,
+	0x73, 0x73, 0x45, 0x1f, 0xbd, 0xb9, 0x20, 0x1d, 0xee, 0xd9, 0xea, 0x17, 0xf2, 0xb0, 0xc0, 0x5f,
+	0x8d, 0x5a, 0xf5, 0x92, 0x9f, 0x94, 0xb9, 0x55, 0xaa, 0x00, 0x8a, 0x54, 0x4b, 0x6f, 0x91, 0xea,
+	0x4b, 0x98, 0x9f, 0xaa, 0xc4, 0xdd, 0x3c, 0x42, 0x1f, 0xce, 0x19, 0xd0, 0xad, 0x3e, 0xf5, 0xbf,
+	0x58, 0xa8, 0x9c, 0x03, 0x1f, 0xa3, 0x25, 0xf5, 0x0f, 0x8f, 0x39, 0xfa, 0x7b, 0x37, 0x3b, 0xfa,
+	0x6f, 0x59, 0x08, 0xc5, 0xb7, 0x4b, 0xbd, 0x88, 0x66, 0xc1, 0x1f, 0xa3, 0xd5, 0x10, 0x84, 0xa0,
+	0x3d, 0x93, 0xd9, 0xbb, 0x63, 0x82, 0x56, 0xbb, 0xb9, 0x99, 0x5c, 0xfb, 0xbd, 0xdd, 0x8b, 0x4b,
+	0x7b, 0xe1, 0xd5, 0xa5, 0xbd, 0xf0, 0xfa, 0xd2, 0x5e, 0xf8, 0x39, 0xb3, 0xad, 0x8b, 0xcc, 0xb6,
+	0x5e, 0x65, 0xb6, 0xf5, 0x3a, 0xb3, 0xad, 0x7f, 0x32, 0xdb, 0xfa, 0xf5, 0x5f, 0x7b, 0xe1, 0xf9,
+	0xaa, 0x99, 0xdb, 0xff, 0x01, 0x00, 0x00, 0xff, 0xff, 0x4b, 0x7f, 0x8a, 0x3b, 0x1c, 0x0b, 0x00,
+	0x00,
 }
diff --git a/vendor/k8s.io/api/storage/v1beta1/generated.proto b/vendor/k8s.io/api/storage/v1beta1/generated.proto
index f9e1d29503cb..1c6db8d413bb 100644
--- a/vendor/k8s.io/api/storage/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/storage/v1beta1/generated.proto
@@ -22,6 +22,7 @@ syntax = 'proto2';
 package k8s.io.api.storage.v1beta1;
 
 import "k8s.io/api/core/v1/generated.proto";
+import "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/generated.proto";
 import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
 import "k8s.io/apimachinery/pkg/runtime/generated.proto";
 import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
@@ -83,3 +84,99 @@ message StorageClassList {
   repeated StorageClass items = 2;
 }
 
+// VolumeAttachment captures the intent to attach or detach the specified volume
+// to/from the specified node.
+// 
+// VolumeAttachment objects are non-namespaced.
+message VolumeAttachment {
+  // Standard object metadata.
+  // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+  // +optional
+  optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+  // Specification of the desired attach/detach volume behavior.
+  // Populated by the Kubernetes system.
+  optional VolumeAttachmentSpec spec = 2;
+
+  // Status of the VolumeAttachment request.
+  // Populated by the entity completing the attach or detach
+  // operation, i.e. the external-attacher.
+  // +optional
+  optional VolumeAttachmentStatus status = 3;
+}
+
+// VolumeAttachmentList is a collection of VolumeAttachment objects.
+message VolumeAttachmentList {
+  // Standard list metadata
+  // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+  // +optional
+  optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+  // Items is the list of VolumeAttachments
+  repeated VolumeAttachment items = 2;
+}
+
+// VolumeAttachmentSource represents a volume that should be attached.
+// Right now only PersistenVolumes can be attached via external attacher,
+// in future we may allow also inline volumes in pods.
+// Exactly one member can be set.
+message VolumeAttachmentSource {
+  // Name of the persistent volume to attach.
+  // +optional
+  optional string persistentVolumeName = 1;
+}
+
+// VolumeAttachmentSpec is the specification of a VolumeAttachment request.
+message VolumeAttachmentSpec {
+  // Attacher indicates the name of the volume driver that MUST handle this
+  // request. This is the name returned by GetPluginName().
+  optional string attacher = 1;
+
+  // Source represents the volume that should be attached.
+  optional VolumeAttachmentSource source = 2;
+
+  // The node that the volume should be attached to.
+  optional string nodeName = 3;
+}
+
+// VolumeAttachmentStatus is the status of a VolumeAttachment request.
+message VolumeAttachmentStatus {
+  // Indicates the volume is successfully attached.
+  // This field must only be set by the entity completing the attach
+  // operation, i.e. the external-attacher.
+  optional bool attached = 1;
+
+  // Upon successful attach, this field is populated with any
+  // information returned by the attach operation that must be passed
+  // into subsequent WaitForAttach or Mount calls.
+  // This field must only be set by the entity completing the attach
+  // operation, i.e. the external-attacher.
+  // +optional
+  map<string, string> attachmentMetadata = 2;
+
+  // The last error encountered during attach operation, if any.
+  // This field must only be set by the entity completing the attach
+  // operation, i.e. the external-attacher.
+  // +optional
+  optional VolumeError attachError = 3;
+
+  // The last error encountered during detach operation, if any.
+  // This field must only be set by the entity completing the detach
+  // operation, i.e. the external-attacher.
+  // +optional
+  optional VolumeError detachError = 4;
+}
+
+// VolumeError captures an error encountered during a volume operation.
+message VolumeError {
+  // Time the error was encountered.
+  // +optional
+  optional k8s.io.apimachinery.pkg.apis.meta.v1.Time time = 1;
+
+  // String detailing the error encountered during Attach or Detach operation.
+  // This string maybe logged, so it should not contain sensitive
+  // information.
+  // +optional
+  optional string message = 2;
+}
+
diff --git a/vendor/k8s.io/api/storage/v1beta1/register.go b/vendor/k8s.io/api/storage/v1beta1/register.go
index 7f1f0c8e8359..06b0f3d52999 100644
--- a/vendor/k8s.io/api/storage/v1beta1/register.go
+++ b/vendor/k8s.io/api/storage/v1beta1/register.go
@@ -46,6 +46,9 @@ func addKnownTypes(scheme *runtime.Scheme) error {
 	scheme.AddKnownTypes(SchemeGroupVersion,
 		&StorageClass{},
 		&StorageClassList{},
+
+		&VolumeAttachment{},
+		&VolumeAttachmentList{},
 	)
 
 	metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
diff --git a/vendor/k8s.io/api/storage/v1beta1/types.go b/vendor/k8s.io/api/storage/v1beta1/types.go
index 7fb9ad98077b..99c9e4594d8a 100644
--- a/vendor/k8s.io/api/storage/v1beta1/types.go
+++ b/vendor/k8s.io/api/storage/v1beta1/types.go
@@ -96,3 +96,110 @@ const (
 	// binding will occur during Pod scheduing.
 	VolumeBindingWaitForFirstConsumer VolumeBindingMode = "WaitForFirstConsumer"
 )
+
+// +genclient
+// +genclient:nonNamespaced
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// VolumeAttachment captures the intent to attach or detach the specified volume
+// to/from the specified node.
+//
+// VolumeAttachment objects are non-namespaced.
+type VolumeAttachment struct {
+	metav1.TypeMeta `json:",inline"`
+
+	// Standard object metadata.
+	// More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+	// +optional
+	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// Specification of the desired attach/detach volume behavior.
+	// Populated by the Kubernetes system.
+	Spec VolumeAttachmentSpec `json:"spec" protobuf:"bytes,2,opt,name=spec"`
+
+	// Status of the VolumeAttachment request.
+	// Populated by the entity completing the attach or detach
+	// operation, i.e. the external-attacher.
+	// +optional
+	Status VolumeAttachmentStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// VolumeAttachmentList is a collection of VolumeAttachment objects.
+type VolumeAttachmentList struct {
+	metav1.TypeMeta `json:",inline"`
+	// Standard list metadata
+	// More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+	// +optional
+	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// Items is the list of VolumeAttachments
+	Items []VolumeAttachment `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
+
+// VolumeAttachmentSpec is the specification of a VolumeAttachment request.
+type VolumeAttachmentSpec struct {
+	// Attacher indicates the name of the volume driver that MUST handle this
+	// request. This is the name returned by GetPluginName().
+	Attacher string `json:"attacher" protobuf:"bytes,1,opt,name=attacher"`
+
+	// Source represents the volume that should be attached.
+	Source VolumeAttachmentSource `json:"source" protobuf:"bytes,2,opt,name=source"`
+
+	// The node that the volume should be attached to.
+	NodeName string `json:"nodeName" protobuf:"bytes,3,opt,name=nodeName"`
+}
+
+// VolumeAttachmentSource represents a volume that should be attached.
+// Right now only PersistenVolumes can be attached via external attacher,
+// in future we may allow also inline volumes in pods.
+// Exactly one member can be set.
+type VolumeAttachmentSource struct {
+	// Name of the persistent volume to attach.
+	// +optional
+	PersistentVolumeName *string `json:"persistentVolumeName,omitempty" protobuf:"bytes,1,opt,name=persistentVolumeName"`
+
+	// Placeholder for *VolumeSource to accommodate inline volumes in pods.
+}
+
+// VolumeAttachmentStatus is the status of a VolumeAttachment request.
+type VolumeAttachmentStatus struct {
+	// Indicates the volume is successfully attached.
+	// This field must only be set by the entity completing the attach
+	// operation, i.e. the external-attacher.
+	Attached bool `json:"attached" protobuf:"varint,1,opt,name=attached"`
+
+	// Upon successful attach, this field is populated with any
+	// information returned by the attach operation that must be passed
+	// into subsequent WaitForAttach or Mount calls.
+	// This field must only be set by the entity completing the attach
+	// operation, i.e. the external-attacher.
+	// +optional
+	AttachmentMetadata map[string]string `json:"attachmentMetadata,omitempty" protobuf:"bytes,2,rep,name=attachmentMetadata"`
+
+	// The last error encountered during attach operation, if any.
+	// This field must only be set by the entity completing the attach
+	// operation, i.e. the external-attacher.
+	// +optional
+	AttachError *VolumeError `json:"attachError,omitempty" protobuf:"bytes,3,opt,name=attachError,casttype=VolumeError"`
+
+	// The last error encountered during detach operation, if any.
+	// This field must only be set by the entity completing the detach
+	// operation, i.e. the external-attacher.
+	// +optional
+	DetachError *VolumeError `json:"detachError,omitempty" protobuf:"bytes,4,opt,name=detachError,casttype=VolumeError"`
+}
+
+// VolumeError captures an error encountered during a volume operation.
+type VolumeError struct {
+	// Time the error was encountered.
+	// +optional
+	Time metav1.Time `json:"time,omitempty" protobuf:"bytes,1,opt,name=time"`
+
+	// String detailing the error encountered during Attach or Detach operation.
+	// This string maybe logged, so it should not contain sensitive
+	// information.
+	// +optional
+	Message string `json:"message,omitempty" protobuf:"bytes,2,opt,name=message"`
+}
diff --git a/vendor/k8s.io/api/storage/v1beta1/types_swagger_doc_generated.go b/vendor/k8s.io/api/storage/v1beta1/types_swagger_doc_generated.go
index 85886f7dfb3f..c9c20c453741 100644
--- a/vendor/k8s.io/api/storage/v1beta1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/storage/v1beta1/types_swagger_doc_generated.go
@@ -52,4 +52,67 @@ func (StorageClassList) SwaggerDoc() map[string]string {
 	return map_StorageClassList
 }
 
+var map_VolumeAttachment = map[string]string{
+	"":         "VolumeAttachment captures the intent to attach or detach the specified volume to/from the specified node.\n\nVolumeAttachment objects are non-namespaced.",
+	"metadata": "Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+	"spec":     "Specification of the desired attach/detach volume behavior. Populated by the Kubernetes system.",
+	"status":   "Status of the VolumeAttachment request. Populated by the entity completing the attach or detach operation, i.e. the external-attacher.",
+}
+
+func (VolumeAttachment) SwaggerDoc() map[string]string {
+	return map_VolumeAttachment
+}
+
+var map_VolumeAttachmentList = map[string]string{
+	"":         "VolumeAttachmentList is a collection of VolumeAttachment objects.",
+	"metadata": "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+	"items":    "Items is the list of VolumeAttachments",
+}
+
+func (VolumeAttachmentList) SwaggerDoc() map[string]string {
+	return map_VolumeAttachmentList
+}
+
+var map_VolumeAttachmentSource = map[string]string{
+	"": "VolumeAttachmentSource represents a volume that should be attached. Right now only PersistenVolumes can be attached via external attacher, in future we may allow also inline volumes in pods. Exactly one member can be set.",
+	"persistentVolumeName": "Name of the persistent volume to attach.",
+}
+
+func (VolumeAttachmentSource) SwaggerDoc() map[string]string {
+	return map_VolumeAttachmentSource
+}
+
+var map_VolumeAttachmentSpec = map[string]string{
+	"":         "VolumeAttachmentSpec is the specification of a VolumeAttachment request.",
+	"attacher": "Attacher indicates the name of the volume driver that MUST handle this request. This is the name returned by GetPluginName().",
+	"source":   "Source represents the volume that should be attached.",
+	"nodeName": "The node that the volume should be attached to.",
+}
+
+func (VolumeAttachmentSpec) SwaggerDoc() map[string]string {
+	return map_VolumeAttachmentSpec
+}
+
+var map_VolumeAttachmentStatus = map[string]string{
+	"":                   "VolumeAttachmentStatus is the status of a VolumeAttachment request.",
+	"attached":           "Indicates the volume is successfully attached. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.",
+	"attachmentMetadata": "Upon successful attach, this field is populated with any information returned by the attach operation that must be passed into subsequent WaitForAttach or Mount calls. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.",
+	"attachError":        "The last error encountered during attach operation, if any. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.",
+	"detachError":        "The last error encountered during detach operation, if any. This field must only be set by the entity completing the detach operation, i.e. the external-attacher.",
+}
+
+func (VolumeAttachmentStatus) SwaggerDoc() map[string]string {
+	return map_VolumeAttachmentStatus
+}
+
+var map_VolumeError = map[string]string{
+	"":        "VolumeError captures an error encountered during a volume operation.",
+	"time":    "Time the error was encountered.",
+	"message": "String detailing the error encountered during Attach or Detach operation. This string maybe logged, so it should not contain sensitive information.",
+}
+
+func (VolumeError) SwaggerDoc() map[string]string {
+	return map_VolumeError
+}
+
 // AUTO-GENERATED FUNCTIONS END HERE
diff --git a/vendor/k8s.io/api/storage/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/storage/v1beta1/zz_generated.deepcopy.go
index 715b17f43dad..9a6a7266d5f2 100644
--- a/vendor/k8s.io/api/storage/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/storage/v1beta1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1beta1
 
@@ -86,9 +86,8 @@ func (in *StorageClass) DeepCopy() *StorageClass {
 func (in *StorageClass) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -120,7 +119,167 @@ func (in *StorageClassList) DeepCopy() *StorageClassList {
 func (in *StorageClassList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VolumeAttachment) DeepCopyInto(out *VolumeAttachment) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	in.Status.DeepCopyInto(&out.Status)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeAttachment.
+func (in *VolumeAttachment) DeepCopy() *VolumeAttachment {
+	if in == nil {
+		return nil
+	}
+	out := new(VolumeAttachment)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *VolumeAttachment) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VolumeAttachmentList) DeepCopyInto(out *VolumeAttachmentList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	out.ListMeta = in.ListMeta
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]VolumeAttachment, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeAttachmentList.
+func (in *VolumeAttachmentList) DeepCopy() *VolumeAttachmentList {
+	if in == nil {
 		return nil
 	}
+	out := new(VolumeAttachmentList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *VolumeAttachmentList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VolumeAttachmentSource) DeepCopyInto(out *VolumeAttachmentSource) {
+	*out = *in
+	if in.PersistentVolumeName != nil {
+		in, out := &in.PersistentVolumeName, &out.PersistentVolumeName
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(string)
+			**out = **in
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeAttachmentSource.
+func (in *VolumeAttachmentSource) DeepCopy() *VolumeAttachmentSource {
+	if in == nil {
+		return nil
+	}
+	out := new(VolumeAttachmentSource)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VolumeAttachmentSpec) DeepCopyInto(out *VolumeAttachmentSpec) {
+	*out = *in
+	in.Source.DeepCopyInto(&out.Source)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeAttachmentSpec.
+func (in *VolumeAttachmentSpec) DeepCopy() *VolumeAttachmentSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(VolumeAttachmentSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VolumeAttachmentStatus) DeepCopyInto(out *VolumeAttachmentStatus) {
+	*out = *in
+	if in.AttachmentMetadata != nil {
+		in, out := &in.AttachmentMetadata, &out.AttachmentMetadata
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
+	if in.AttachError != nil {
+		in, out := &in.AttachError, &out.AttachError
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(VolumeError)
+			(*in).DeepCopyInto(*out)
+		}
+	}
+	if in.DetachError != nil {
+		in, out := &in.DetachError, &out.DetachError
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(VolumeError)
+			(*in).DeepCopyInto(*out)
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeAttachmentStatus.
+func (in *VolumeAttachmentStatus) DeepCopy() *VolumeAttachmentStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(VolumeAttachmentStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VolumeError) DeepCopyInto(out *VolumeError) {
+	*out = *in
+	in.Time.DeepCopyInto(&out.Time)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeError.
+func (in *VolumeError) DeepCopy() *VolumeError {
+	if in == nil {
+		return nil
+	}
+	out := new(VolumeError)
+	in.DeepCopyInto(out)
+	return out
 }
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/BUILD b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/BUILD
index 303d94b93822..b2ea73c41f3f 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/BUILD
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/BUILD
@@ -28,8 +28,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["helpers_test.go"],
-    importpath = "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/install/BUILD b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/install/BUILD
index 3a0a056a2830..e7403207cc19 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/install/BUILD
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/install/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["roundtrip_test.go"],
-    importpath = "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/install",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/fuzzer:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/testing/roundtrip:go_default_library",
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/types.go b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/types.go
index 880da65ce956..0deb7cbd0816 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/types.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/types.go
@@ -16,7 +16,9 @@ limitations under the License.
 
 package apiextensions
 
-import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
 
 // CustomResourceDefinitionSpec describes how a user wants their resource to appear
 type CustomResourceDefinitionSpec struct {
@@ -30,6 +32,8 @@ type CustomResourceDefinitionSpec struct {
 	Scope ResourceScope
 	// Validation describes the validation methods for CustomResources
 	Validation *CustomResourceValidation
+	// Subresources describes the subresources for CustomResources
+	Subresources *CustomResourceSubresources
 }
 
 // CustomResourceDefinitionNames indicates the names to serve this CustomResourceDefinition
@@ -45,6 +49,9 @@ type CustomResourceDefinitionNames struct {
 	Kind string
 	// ListKind is the serialized kind of the list for this resource.  Defaults to <kind>List.
 	ListKind string
+	// Categories is a list of grouped resources custom resources belong to (e.g. 'all')
+	// +optional
+	Categories []string
 }
 
 // ResourceScope is an enum defining the different scopes available to a custom resource
@@ -146,3 +153,41 @@ type CustomResourceValidation struct {
 	// OpenAPIV3Schema is the OpenAPI v3 schema to be validated against.
 	OpenAPIV3Schema *JSONSchemaProps
 }
+
+// CustomResourceSubresources defines the status and scale subresources for CustomResources.
+type CustomResourceSubresources struct {
+	// Status denotes the status subresource for CustomResources
+	Status *CustomResourceSubresourceStatus
+	// Scale denotes the scale subresource for CustomResources
+	Scale *CustomResourceSubresourceScale
+}
+
+// CustomResourceSubresourceStatus defines how to serve the status subresource for CustomResources.
+// Status is represented by the `.status` JSON path inside of a CustomResource. When set,
+// * exposes a /status subresource for the custom resource
+// * PUT requests to the /status subresource take a custom resource object, and ignore changes to anything except the status stanza
+// * PUT/POST/PATCH requests to the custom resource ignore changes to the status stanza
+type CustomResourceSubresourceStatus struct{}
+
+// CustomResourceSubresourceScale defines how to serve the scale subresource for CustomResources.
+type CustomResourceSubresourceScale struct {
+	// SpecReplicasPath defines the JSON path inside of a CustomResource that corresponds to Scale.Spec.Replicas.
+	// Only JSON paths without the array notation are allowed.
+	// Must be a JSON Path under .spec.
+	// If there is no value under the given path in the CustomResource, the /scale subresource will return an error on GET.
+	SpecReplicasPath string
+	// StatusReplicasPath defines the JSON path inside of a CustomResource that corresponds to Scale.Status.Replicas.
+	// Only JSON paths without the array notation are allowed.
+	// Must be a JSON Path under .status.
+	// If there is no value under the given path in the CustomResource, the status replica value in the /scale subresource
+	// will default to 0.
+	StatusReplicasPath string
+	// LabelSelectorPath defines the JSON path inside of a CustomResource that corresponds to Scale.Status.Selector.
+	// Only JSON paths without the array notation are allowed.
+	// Must be a JSON Path under .status.
+	// Must be set to work with HPA.
+	// If there is no value under the given path in the CustomResource, the status label selector value in the /scale
+	// subresource will default to the empty string.
+	// +optional
+	LabelSelectorPath *string
+}
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/BUILD b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/BUILD
index 32f2ab8fed5b..972732d4a4b6 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/BUILD
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/BUILD
@@ -60,8 +60,7 @@ go_test(
         "conversion_test.go",
         "marshal_test.go",
     ],
-    importpath = "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/generated.pb.go b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/generated.pb.go
index 488f5356022e..e7325da23e09 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/generated.pb.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/generated.pb.go
@@ -31,6 +31,9 @@ limitations under the License.
 		CustomResourceDefinitionNames
 		CustomResourceDefinitionSpec
 		CustomResourceDefinitionStatus
+		CustomResourceSubresourceScale
+		CustomResourceSubresourceStatus
+		CustomResourceSubresources
 		CustomResourceValidation
 		ExternalDocumentation
 		JSON
@@ -99,36 +102,54 @@ func (*CustomResourceDefinitionStatus) Descriptor() ([]byte, []int) {
 	return fileDescriptorGenerated, []int{5}
 }
 
+func (m *CustomResourceSubresourceScale) Reset()      { *m = CustomResourceSubresourceScale{} }
+func (*CustomResourceSubresourceScale) ProtoMessage() {}
+func (*CustomResourceSubresourceScale) Descriptor() ([]byte, []int) {
+	return fileDescriptorGenerated, []int{6}
+}
+
+func (m *CustomResourceSubresourceStatus) Reset()      { *m = CustomResourceSubresourceStatus{} }
+func (*CustomResourceSubresourceStatus) ProtoMessage() {}
+func (*CustomResourceSubresourceStatus) Descriptor() ([]byte, []int) {
+	return fileDescriptorGenerated, []int{7}
+}
+
+func (m *CustomResourceSubresources) Reset()      { *m = CustomResourceSubresources{} }
+func (*CustomResourceSubresources) ProtoMessage() {}
+func (*CustomResourceSubresources) Descriptor() ([]byte, []int) {
+	return fileDescriptorGenerated, []int{8}
+}
+
 func (m *CustomResourceValidation) Reset()      { *m = CustomResourceValidation{} }
 func (*CustomResourceValidation) ProtoMessage() {}
 func (*CustomResourceValidation) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{6}
+	return fileDescriptorGenerated, []int{9}
 }
 
 func (m *ExternalDocumentation) Reset()                    { *m = ExternalDocumentation{} }
 func (*ExternalDocumentation) ProtoMessage()               {}
-func (*ExternalDocumentation) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{7} }
+func (*ExternalDocumentation) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{10} }
 
 func (m *JSON) Reset()                    { *m = JSON{} }
 func (*JSON) ProtoMessage()               {}
-func (*JSON) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{8} }
+func (*JSON) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{11} }
 
 func (m *JSONSchemaProps) Reset()                    { *m = JSONSchemaProps{} }
 func (*JSONSchemaProps) ProtoMessage()               {}
-func (*JSONSchemaProps) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{9} }
+func (*JSONSchemaProps) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{12} }
 
 func (m *JSONSchemaPropsOrArray) Reset()                    { *m = JSONSchemaPropsOrArray{} }
 func (*JSONSchemaPropsOrArray) ProtoMessage()               {}
-func (*JSONSchemaPropsOrArray) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{10} }
+func (*JSONSchemaPropsOrArray) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{13} }
 
 func (m *JSONSchemaPropsOrBool) Reset()                    { *m = JSONSchemaPropsOrBool{} }
 func (*JSONSchemaPropsOrBool) ProtoMessage()               {}
-func (*JSONSchemaPropsOrBool) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{11} }
+func (*JSONSchemaPropsOrBool) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{14} }
 
 func (m *JSONSchemaPropsOrStringArray) Reset()      { *m = JSONSchemaPropsOrStringArray{} }
 func (*JSONSchemaPropsOrStringArray) ProtoMessage() {}
 func (*JSONSchemaPropsOrStringArray) Descriptor() ([]byte, []int) {
-	return fileDescriptorGenerated, []int{12}
+	return fileDescriptorGenerated, []int{15}
 }
 
 func init() {
@@ -138,6 +159,9 @@ func init() {
 	proto.RegisterType((*CustomResourceDefinitionNames)(nil), "k8s.io.apiextensions_apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionNames")
 	proto.RegisterType((*CustomResourceDefinitionSpec)(nil), "k8s.io.apiextensions_apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionSpec")
 	proto.RegisterType((*CustomResourceDefinitionStatus)(nil), "k8s.io.apiextensions_apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionStatus")
+	proto.RegisterType((*CustomResourceSubresourceScale)(nil), "k8s.io.apiextensions_apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceSubresourceScale")
+	proto.RegisterType((*CustomResourceSubresourceStatus)(nil), "k8s.io.apiextensions_apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceSubresourceStatus")
+	proto.RegisterType((*CustomResourceSubresources)(nil), "k8s.io.apiextensions_apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceSubresources")
 	proto.RegisterType((*CustomResourceValidation)(nil), "k8s.io.apiextensions_apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceValidation")
 	proto.RegisterType((*ExternalDocumentation)(nil), "k8s.io.apiextensions_apiserver.pkg.apis.apiextensions.v1beta1.ExternalDocumentation")
 	proto.RegisterType((*JSON)(nil), "k8s.io.apiextensions_apiserver.pkg.apis.apiextensions.v1beta1.JSON")
@@ -314,6 +338,21 @@ func (m *CustomResourceDefinitionNames) MarshalTo(dAtA []byte) (int, error) {
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.ListKind)))
 	i += copy(dAtA[i:], m.ListKind)
+	if len(m.Categories) > 0 {
+		for _, s := range m.Categories {
+			dAtA[i] = 0x32
+			i++
+			l = len(s)
+			for l >= 1<<7 {
+				dAtA[i] = uint8(uint64(l)&0x7f | 0x80)
+				l >>= 7
+				i++
+			}
+			dAtA[i] = uint8(l)
+			i++
+			i += copy(dAtA[i:], s)
+		}
+	}
 	return i, nil
 }
 
@@ -362,6 +401,16 @@ func (m *CustomResourceDefinitionSpec) MarshalTo(dAtA []byte) (int, error) {
 		}
 		i += n7
 	}
+	if m.Subresources != nil {
+		dAtA[i] = 0x32
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.Subresources.Size()))
+		n8, err := m.Subresources.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n8
+	}
 	return i, nil
 }
 
@@ -395,11 +444,99 @@ func (m *CustomResourceDefinitionStatus) MarshalTo(dAtA []byte) (int, error) {
 	dAtA[i] = 0x12
 	i++
 	i = encodeVarintGenerated(dAtA, i, uint64(m.AcceptedNames.Size()))
-	n8, err := m.AcceptedNames.MarshalTo(dAtA[i:])
+	n9, err := m.AcceptedNames.MarshalTo(dAtA[i:])
 	if err != nil {
 		return 0, err
 	}
-	i += n8
+	i += n9
+	return i, nil
+}
+
+func (m *CustomResourceSubresourceScale) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *CustomResourceSubresourceScale) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.SpecReplicasPath)))
+	i += copy(dAtA[i:], m.SpecReplicasPath)
+	dAtA[i] = 0x12
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.StatusReplicasPath)))
+	i += copy(dAtA[i:], m.StatusReplicasPath)
+	if m.LabelSelectorPath != nil {
+		dAtA[i] = 0x1a
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(len(*m.LabelSelectorPath)))
+		i += copy(dAtA[i:], *m.LabelSelectorPath)
+	}
+	return i, nil
+}
+
+func (m *CustomResourceSubresourceStatus) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *CustomResourceSubresourceStatus) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	return i, nil
+}
+
+func (m *CustomResourceSubresources) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *CustomResourceSubresources) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if m.Status != nil {
+		dAtA[i] = 0xa
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.Status.Size()))
+		n10, err := m.Status.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n10
+	}
+	if m.Scale != nil {
+		dAtA[i] = 0x12
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.Scale.Size()))
+		n11, err := m.Scale.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n11
+	}
 	return i, nil
 }
 
@@ -422,11 +559,11 @@ func (m *CustomResourceValidation) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.OpenAPIV3Schema.Size()))
-		n9, err := m.OpenAPIV3Schema.MarshalTo(dAtA[i:])
+		n12, err := m.OpenAPIV3Schema.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n9
+		i += n12
 	}
 	return i, nil
 }
@@ -530,11 +667,11 @@ func (m *JSONSchemaProps) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x42
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Default.Size()))
-		n10, err := m.Default.MarshalTo(dAtA[i:])
+		n13, err := m.Default.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n10
+		i += n13
 	}
 	if m.Maximum != nil {
 		dAtA[i] = 0x49
@@ -658,11 +795,11 @@ func (m *JSONSchemaProps) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Items.Size()))
-		n11, err := m.Items.MarshalTo(dAtA[i:])
+		n14, err := m.Items.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n11
+		i += n14
 	}
 	if len(m.AllOf) > 0 {
 		for _, msg := range m.AllOf {
@@ -712,11 +849,11 @@ func (m *JSONSchemaProps) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Not.Size()))
-		n12, err := m.Not.MarshalTo(dAtA[i:])
+		n15, err := m.Not.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n12
+		i += n15
 	}
 	if len(m.Properties) > 0 {
 		keysForProperties := make([]string, 0, len(m.Properties))
@@ -744,11 +881,11 @@ func (m *JSONSchemaProps) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n13, err := (&v).MarshalTo(dAtA[i:])
+			n16, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n13
+			i += n16
 		}
 	}
 	if m.AdditionalProperties != nil {
@@ -757,11 +894,11 @@ func (m *JSONSchemaProps) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.AdditionalProperties.Size()))
-		n14, err := m.AdditionalProperties.MarshalTo(dAtA[i:])
+		n17, err := m.AdditionalProperties.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n14
+		i += n17
 	}
 	if len(m.PatternProperties) > 0 {
 		keysForPatternProperties := make([]string, 0, len(m.PatternProperties))
@@ -789,11 +926,11 @@ func (m *JSONSchemaProps) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n15, err := (&v).MarshalTo(dAtA[i:])
+			n18, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n15
+			i += n18
 		}
 	}
 	if len(m.Dependencies) > 0 {
@@ -822,11 +959,11 @@ func (m *JSONSchemaProps) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n16, err := (&v).MarshalTo(dAtA[i:])
+			n19, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n16
+			i += n19
 		}
 	}
 	if m.AdditionalItems != nil {
@@ -835,11 +972,11 @@ func (m *JSONSchemaProps) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x2
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.AdditionalItems.Size()))
-		n17, err := m.AdditionalItems.MarshalTo(dAtA[i:])
+		n20, err := m.AdditionalItems.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n17
+		i += n20
 	}
 	if len(m.Definitions) > 0 {
 		keysForDefinitions := make([]string, 0, len(m.Definitions))
@@ -867,11 +1004,11 @@ func (m *JSONSchemaProps) MarshalTo(dAtA []byte) (int, error) {
 			dAtA[i] = 0x12
 			i++
 			i = encodeVarintGenerated(dAtA, i, uint64((&v).Size()))
-			n18, err := (&v).MarshalTo(dAtA[i:])
+			n21, err := (&v).MarshalTo(dAtA[i:])
 			if err != nil {
 				return 0, err
 			}
-			i += n18
+			i += n21
 		}
 	}
 	if m.ExternalDocs != nil {
@@ -880,11 +1017,11 @@ func (m *JSONSchemaProps) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x2
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.ExternalDocs.Size()))
-		n19, err := m.ExternalDocs.MarshalTo(dAtA[i:])
+		n22, err := m.ExternalDocs.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n19
+		i += n22
 	}
 	if m.Example != nil {
 		dAtA[i] = 0xa2
@@ -892,11 +1029,11 @@ func (m *JSONSchemaProps) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x2
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Example.Size()))
-		n20, err := m.Example.MarshalTo(dAtA[i:])
+		n23, err := m.Example.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n20
+		i += n23
 	}
 	return i, nil
 }
@@ -920,11 +1057,11 @@ func (m *JSONSchemaPropsOrArray) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Schema.Size()))
-		n21, err := m.Schema.MarshalTo(dAtA[i:])
+		n24, err := m.Schema.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n21
+		i += n24
 	}
 	if len(m.JSONSchemas) > 0 {
 		for _, msg := range m.JSONSchemas {
@@ -968,11 +1105,11 @@ func (m *JSONSchemaPropsOrBool) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Schema.Size()))
-		n22, err := m.Schema.MarshalTo(dAtA[i:])
+		n25, err := m.Schema.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n22
+		i += n25
 	}
 	return i, nil
 }
@@ -996,11 +1133,11 @@ func (m *JSONSchemaPropsOrStringArray) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintGenerated(dAtA, i, uint64(m.Schema.Size()))
-		n23, err := m.Schema.MarshalTo(dAtA[i:])
+		n26, err := m.Schema.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n23
+		i += n26
 	}
 	if len(m.Property) > 0 {
 		for _, s := range m.Property {
@@ -1106,6 +1243,12 @@ func (m *CustomResourceDefinitionNames) Size() (n int) {
 	n += 1 + l + sovGenerated(uint64(l))
 	l = len(m.ListKind)
 	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Categories) > 0 {
+		for _, s := range m.Categories {
+			l = len(s)
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
 	return n
 }
 
@@ -1124,6 +1267,10 @@ func (m *CustomResourceDefinitionSpec) Size() (n int) {
 		l = m.Validation.Size()
 		n += 1 + l + sovGenerated(uint64(l))
 	}
+	if m.Subresources != nil {
+		l = m.Subresources.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
 	return n
 }
 
@@ -1141,6 +1288,40 @@ func (m *CustomResourceDefinitionStatus) Size() (n int) {
 	return n
 }
 
+func (m *CustomResourceSubresourceScale) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.SpecReplicasPath)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.StatusReplicasPath)
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.LabelSelectorPath != nil {
+		l = len(*m.LabelSelectorPath)
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *CustomResourceSubresourceStatus) Size() (n int) {
+	var l int
+	_ = l
+	return n
+}
+
+func (m *CustomResourceSubresources) Size() (n int) {
+	var l int
+	_ = l
+	if m.Status != nil {
+		l = m.Status.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.Scale != nil {
+		l = m.Scale.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
 func (m *CustomResourceValidation) Size() (n int) {
 	var l int
 	_ = l
@@ -1422,6 +1603,7 @@ func (this *CustomResourceDefinitionNames) String() string {
 		`ShortNames:` + fmt.Sprintf("%v", this.ShortNames) + `,`,
 		`Kind:` + fmt.Sprintf("%v", this.Kind) + `,`,
 		`ListKind:` + fmt.Sprintf("%v", this.ListKind) + `,`,
+		`Categories:` + fmt.Sprintf("%v", this.Categories) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -1436,6 +1618,7 @@ func (this *CustomResourceDefinitionSpec) String() string {
 		`Names:` + strings.Replace(strings.Replace(this.Names.String(), "CustomResourceDefinitionNames", "CustomResourceDefinitionNames", 1), `&`, ``, 1) + `,`,
 		`Scope:` + fmt.Sprintf("%v", this.Scope) + `,`,
 		`Validation:` + strings.Replace(fmt.Sprintf("%v", this.Validation), "CustomResourceValidation", "CustomResourceValidation", 1) + `,`,
+		`Subresources:` + strings.Replace(fmt.Sprintf("%v", this.Subresources), "CustomResourceSubresources", "CustomResourceSubresources", 1) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -1451,6 +1634,38 @@ func (this *CustomResourceDefinitionStatus) String() string {
 	}, "")
 	return s
 }
+func (this *CustomResourceSubresourceScale) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&CustomResourceSubresourceScale{`,
+		`SpecReplicasPath:` + fmt.Sprintf("%v", this.SpecReplicasPath) + `,`,
+		`StatusReplicasPath:` + fmt.Sprintf("%v", this.StatusReplicasPath) + `,`,
+		`LabelSelectorPath:` + valueToStringGenerated(this.LabelSelectorPath) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *CustomResourceSubresourceStatus) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&CustomResourceSubresourceStatus{`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *CustomResourceSubresources) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&CustomResourceSubresources{`,
+		`Status:` + strings.Replace(fmt.Sprintf("%v", this.Status), "CustomResourceSubresourceStatus", "CustomResourceSubresourceStatus", 1) + `,`,
+		`Scale:` + strings.Replace(fmt.Sprintf("%v", this.Scale), "CustomResourceSubresourceScale", "CustomResourceSubresourceScale", 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *CustomResourceValidation) String() string {
 	if this == nil {
 		return "nil"
@@ -2229,6 +2444,35 @@ func (m *CustomResourceDefinitionNames) Unmarshal(dAtA []byte) error {
 			}
 			m.ListKind = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
+		case 6:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Categories", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Categories = append(m.Categories, string(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -2429,6 +2673,39 @@ func (m *CustomResourceDefinitionSpec) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 6:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Subresources", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Subresources == nil {
+				m.Subresources = &CustomResourceSubresources{}
+			}
+			if err := m.Subresources.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -2561,6 +2838,310 @@ func (m *CustomResourceDefinitionStatus) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
+func (m *CustomResourceSubresourceScale) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: CustomResourceSubresourceScale: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: CustomResourceSubresourceScale: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field SpecReplicasPath", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.SpecReplicasPath = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field StatusReplicasPath", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.StatusReplicasPath = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field LabelSelectorPath", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			s := string(dAtA[iNdEx:postIndex])
+			m.LabelSelectorPath = &s
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *CustomResourceSubresourceStatus) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: CustomResourceSubresourceStatus: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: CustomResourceSubresourceStatus: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *CustomResourceSubresources) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: CustomResourceSubresources: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: CustomResourceSubresources: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Status == nil {
+				m.Status = &CustomResourceSubresourceStatus{}
+			}
+			if err := m.Status.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Scale", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Scale == nil {
+				m.Scale = &CustomResourceSubresourceScale{}
+			}
+			if err := m.Scale.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
 func (m *CustomResourceValidation) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
@@ -4660,125 +5241,137 @@ func init() {
 }
 
 var fileDescriptorGenerated = []byte{
-	// 1917 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xc4, 0x58, 0xdb, 0x6f, 0x5b, 0x49,
-	0x19, 0xcf, 0xd8, 0xb9, 0x4e, 0x92, 0x4d, 0x32, 0x6d, 0xca, 0x69, 0x68, 0xed, 0xd4, 0xcb, 0xae,
-	0x02, 0x6c, 0x6d, 0xba, 0x17, 0x76, 0x41, 0xe2, 0x21, 0x6e, 0x02, 0x2a, 0x34, 0x4d, 0x35, 0x69,
-	0x8b, 0xc4, 0x2e, 0xec, 0x4e, 0x7c, 0xc6, 0xce, 0x34, 0xe7, 0xcc, 0x39, 0x3d, 0x33, 0xc7, 0x8d,
-	0x25, 0x90, 0x40, 0x68, 0x85, 0x84, 0x04, 0x42, 0xd0, 0x17, 0x24, 0x9e, 0x78, 0x44, 0x08, 0x24,
-	0xe0, 0x91, 0x3f, 0xa0, 0x8f, 0x2b, 0xf1, 0xb2, 0x4f, 0x16, 0x35, 0xff, 0x02, 0xbc, 0xe4, 0x09,
-	0xcd, 0xe5, 0xdc, 0xec, 0x64, 0xb7, 0xd2, 0xda, 0xdb, 0x37, 0x9f, 0xef, 0xf6, 0xfb, 0xcd, 0x37,
-	0xdf, 0x7c, 0xf3, 0x8d, 0x61, 0xfb, 0xf8, 0x1d, 0x51, 0x67, 0x41, 0xe3, 0x38, 0x3e, 0xa4, 0x11,
-	0xa7, 0x92, 0x8a, 0x46, 0x97, 0x72, 0x37, 0x88, 0x1a, 0x56, 0x41, 0x42, 0x46, 0x4f, 0x24, 0xe5,
-	0x82, 0x05, 0x5c, 0x5c, 0x27, 0x21, 0x13, 0x34, 0xea, 0xd2, 0xa8, 0x11, 0x1e, 0x77, 0x94, 0x4e,
-	0x14, 0x0d, 0x1a, 0xdd, 0x1b, 0x87, 0x54, 0x92, 0x1b, 0x8d, 0x0e, 0xe5, 0x34, 0x22, 0x92, 0xba,
-	0xf5, 0x30, 0x0a, 0x64, 0x80, 0xbe, 0x65, 0xc2, 0xd5, 0x0b, 0xd6, 0xef, 0xa7, 0xe1, 0xea, 0xe1,
-	0x71, 0x47, 0xe9, 0x44, 0xd1, 0xa0, 0x6e, 0xc3, 0x6d, 0x5c, 0xef, 0x30, 0x79, 0x14, 0x1f, 0xd6,
-	0x5b, 0x81, 0xdf, 0xe8, 0x04, 0x9d, 0xa0, 0xa1, 0xa3, 0x1e, 0xc6, 0x6d, 0xfd, 0xa5, 0x3f, 0xf4,
-	0x2f, 0x83, 0xb6, 0xf1, 0x66, 0x46, 0xde, 0x27, 0xad, 0x23, 0xc6, 0x69, 0xd4, 0xcb, 0x18, 0xfb,
-	0x54, 0x92, 0x46, 0x77, 0x84, 0xe3, 0x46, 0xe3, 0x3c, 0xaf, 0x28, 0xe6, 0x92, 0xf9, 0x74, 0xc4,
-	0xe1, 0xeb, 0x9f, 0xe6, 0x20, 0x5a, 0x47, 0xd4, 0x27, 0x23, 0x7e, 0x6f, 0x9c, 0xe7, 0x17, 0x4b,
-	0xe6, 0x35, 0x18, 0x97, 0x42, 0x46, 0xc3, 0x4e, 0xb5, 0x9f, 0x97, 0xa1, 0x73, 0x33, 0x16, 0x32,
-	0xf0, 0x31, 0x15, 0x41, 0x1c, 0xb5, 0xe8, 0x0e, 0x6d, 0x33, 0xce, 0x24, 0x0b, 0x38, 0xfa, 0x00,
-	0xce, 0xab, 0x55, 0xb9, 0x44, 0x12, 0x07, 0x6c, 0x82, 0xad, 0xc5, 0xd7, 0xbf, 0x56, 0xcf, 0x32,
-	0x9e, 0x82, 0x64, 0x69, 0x56, 0xd6, 0xf5, 0xee, 0x8d, 0xfa, 0xfe, 0xe1, 0x43, 0xda, 0x92, 0x7b,
-	0x54, 0x92, 0x26, 0x7a, 0xda, 0xaf, 0x4e, 0x0d, 0xfa, 0x55, 0x98, 0xc9, 0x70, 0x1a, 0x15, 0xfd,
-	0x04, 0x4e, 0x8b, 0x90, 0xb6, 0x9c, 0x92, 0x8e, 0xfe, 0x6e, 0xfd, 0x33, 0xed, 0x67, 0xfd, 0xbc,
-	0x85, 0x1c, 0x84, 0xb4, 0xd5, 0x5c, 0xb2, 0x44, 0xa6, 0xd5, 0x17, 0xd6, 0xb0, 0xe8, 0x43, 0x00,
-	0x67, 0x85, 0x24, 0x32, 0x16, 0x4e, 0x59, 0x33, 0xf8, 0xe1, 0xa4, 0x18, 0x68, 0x90, 0xe6, 0x4b,
-	0x96, 0xc3, 0xac, 0xf9, 0xc6, 0x16, 0xbc, 0xf6, 0xdf, 0x12, 0xbc, 0x76, 0x9e, 0xeb, 0xcd, 0x80,
-	0xbb, 0x66, 0x3b, 0x6e, 0xc1, 0x69, 0xd9, 0x0b, 0xa9, 0xde, 0x8a, 0x85, 0xe6, 0x5b, 0xc9, 0x7a,
-	0xee, 0xf5, 0x42, 0x7a, 0xda, 0xaf, 0xbe, 0xf2, 0xa9, 0x01, 0x94, 0x21, 0xd6, 0x21, 0xd0, 0x37,
-	0xd2, 0x75, 0x97, 0x74, 0xb0, 0x6b, 0x45, 0x62, 0xa7, 0xfd, 0xea, 0x4a, 0xea, 0x56, 0xe4, 0x8a,
-	0xba, 0x10, 0x79, 0x44, 0xc8, 0x7b, 0x11, 0xe1, 0xc2, 0x84, 0x65, 0x3e, 0xb5, 0xe9, 0xfb, 0xca,
-	0xf3, 0x95, 0x87, 0xf2, 0x68, 0x6e, 0x58, 0x48, 0x74, 0x7b, 0x24, 0x1a, 0x3e, 0x03, 0x01, 0xbd,
-	0x0a, 0x67, 0x23, 0x4a, 0x44, 0xc0, 0x9d, 0x69, 0x4d, 0x39, 0xcd, 0x25, 0xd6, 0x52, 0x6c, 0xb5,
-	0xe8, 0xcb, 0x70, 0xce, 0xa7, 0x42, 0x90, 0x0e, 0x75, 0x66, 0xb4, 0xe1, 0x8a, 0x35, 0x9c, 0xdb,
-	0x33, 0x62, 0x9c, 0xe8, 0x6b, 0xa7, 0x00, 0x5e, 0x39, 0x2f, 0x6b, 0xb7, 0x99, 0x90, 0xe8, 0xbd,
-	0x91, 0x03, 0x50, 0x7f, 0xbe, 0x15, 0x2a, 0x6f, 0x5d, 0xfe, 0xab, 0x16, 0x7c, 0x3e, 0x91, 0xe4,
-	0x8a, 0xff, 0xc7, 0x70, 0x86, 0x49, 0xea, 0xab, 0x3d, 0x28, 0x6f, 0x2d, 0xbe, 0xfe, 0xfd, 0x09,
-	0xd5, 0x5e, 0x73, 0xd9, 0x72, 0x98, 0xb9, 0xa5, 0xd0, 0xb0, 0x01, 0xad, 0xfd, 0x0f, 0xc0, 0xab,
-	0xe7, 0xb9, 0xdc, 0x21, 0x3e, 0x15, 0x2a, 0xe3, 0xa1, 0x17, 0x47, 0xc4, 0xb3, 0x15, 0x97, 0x66,
-	0xfc, 0xae, 0x96, 0x62, 0xab, 0x45, 0xaf, 0xc1, 0x79, 0xc1, 0x78, 0x27, 0xf6, 0x48, 0x64, 0xcb,
-	0x29, 0x5d, 0xf5, 0x81, 0x95, 0xe3, 0xd4, 0x02, 0xd5, 0x21, 0x14, 0x47, 0x41, 0x24, 0x35, 0x86,
-	0x53, 0xde, 0x2c, 0xab, 0xc8, 0xaa, 0x41, 0x1c, 0xa4, 0x52, 0x9c, 0xb3, 0x40, 0x9b, 0x70, 0xfa,
-	0x98, 0x71, 0xd7, 0xee, 0x7a, 0x7a, 0x8a, 0xbf, 0xc7, 0xb8, 0x8b, 0xb5, 0x46, 0xe1, 0x7b, 0x4c,
-	0x48, 0x25, 0xb1, 0x5b, 0x5e, 0xc8, 0xba, 0xb6, 0x4c, 0x2d, 0x6a, 0x7f, 0x2b, 0x9f, 0xbf, 0xe9,
-	0xaa, 0x35, 0xa0, 0x97, 0xe1, 0x4c, 0x27, 0x0a, 0xe2, 0xd0, 0xae, 0x3a, 0xcd, 0xde, 0x77, 0x94,
-	0x10, 0x1b, 0x9d, 0xaa, 0xb2, 0x2e, 0x8d, 0xd4, 0x06, 0xd8, 0x25, 0xa7, 0x55, 0xf6, 0xc0, 0x88,
-	0x71, 0xa2, 0x47, 0x3f, 0x03, 0x70, 0x86, 0xdb, 0xc5, 0xaa, 0x12, 0x7a, 0x6f, 0x42, 0xfb, 0xac,
-	0xd3, 0x95, 0xd1, 0x35, 0x99, 0x34, 0xc8, 0xe8, 0x4d, 0x38, 0x23, 0x5a, 0x41, 0x48, 0x6d, 0x16,
-	0x2b, 0x89, 0xd1, 0x81, 0x12, 0x9e, 0xf6, 0xab, 0xcb, 0x49, 0x38, 0x2d, 0xc0, 0xc6, 0x18, 0xfd,
-	0x02, 0x40, 0xd8, 0x25, 0x1e, 0x73, 0x89, 0x8a, 0xaf, 0x73, 0x3b, 0xee, 0x32, 0x7d, 0x90, 0x86,
-	0x37, 0x45, 0x90, 0x7d, 0xe3, 0x1c, 0x74, 0xed, 0x5f, 0x25, 0x58, 0xf9, 0xe4, 0xde, 0x8a, 0x9e,
-	0x00, 0x08, 0x5b, 0x49, 0xcf, 0x12, 0x0e, 0xd0, 0x67, 0xea, 0x83, 0x09, 0xe5, 0x3a, 0x6d, 0x8e,
-	0xd9, 0xfd, 0x96, 0x8a, 0x04, 0xce, 0xf1, 0x40, 0xbf, 0x07, 0x70, 0x99, 0xb4, 0x5a, 0x34, 0x94,
-	0xd4, 0x35, 0x25, 0x5f, 0xfa, 0x1c, 0xaa, 0x60, 0xdd, 0xb2, 0x5a, 0xde, 0xce, 0x43, 0xe3, 0x22,
-	0x93, 0xda, 0x9f, 0xc0, 0xf0, 0xe5, 0x9f, 0xa5, 0x1f, 0xfd, 0x0a, 0xc0, 0x95, 0x20, 0xa4, 0x7c,
-	0xfb, 0xee, 0xad, 0x07, 0x6f, 0x1c, 0xe8, 0x91, 0xc3, 0xf6, 0xc0, 0x3b, 0x9f, 0x91, 0xfa, 0x77,
-	0x0f, 0xf6, 0xef, 0x98, 0x80, 0x77, 0xa3, 0x20, 0x14, 0xcd, 0x0b, 0x83, 0x7e, 0x75, 0x65, 0xbf,
-	0x08, 0x85, 0x87, 0xb1, 0x6b, 0x3e, 0x5c, 0xdf, 0x3d, 0x91, 0x34, 0xe2, 0xc4, 0xdb, 0x09, 0x5a,
-	0xb1, 0x4f, 0xb9, 0x34, 0x44, 0xdf, 0x82, 0x8b, 0x2e, 0x15, 0xad, 0x88, 0x85, 0xba, 0x4a, 0xcd,
-	0xa9, 0xbd, 0x60, 0x13, 0xb0, 0xb8, 0x93, 0xa9, 0x70, 0xde, 0x0e, 0x5d, 0x85, 0xe5, 0x38, 0xf2,
-	0xec, 0xe9, 0x5d, 0xb4, 0xe6, 0xe5, 0xfb, 0xf8, 0x36, 0x56, 0xf2, 0xda, 0x35, 0x38, 0xad, 0x78,
-	0xa2, 0xcb, 0xb0, 0x1c, 0x91, 0xc7, 0x3a, 0xea, 0x52, 0x73, 0x4e, 0x99, 0x60, 0xf2, 0x18, 0x2b,
-	0x59, 0xed, 0xcf, 0x57, 0xe0, 0xca, 0xd0, 0x5a, 0xd0, 0x06, 0x2c, 0x31, 0xd7, 0x72, 0x80, 0x36,
-	0x68, 0xe9, 0xd6, 0x0e, 0x2e, 0x31, 0x17, 0xbd, 0x0d, 0x67, 0xcd, 0xe8, 0x66, 0x41, 0xab, 0xe9,
-	0xa5, 0xab, 0xa5, 0xea, 0x18, 0x66, 0xe1, 0x14, 0x11, 0x6b, 0xae, 0x39, 0xd0, 0xb6, 0x6e, 0x1f,
-	0x0b, 0x96, 0x03, 0x6d, 0x63, 0x25, 0x1b, 0x5e, 0xfc, 0xf4, 0x73, 0x2e, 0x7e, 0xd3, 0x8e, 0x12,
-	0x33, 0xc5, 0xa6, 0x9a, 0x9b, 0x10, 0x5e, 0x85, 0xb3, 0xed, 0x20, 0xf2, 0x89, 0x74, 0x66, 0x8b,
-	0xcd, 0xff, 0xdb, 0x5a, 0x8a, 0xad, 0x56, 0x75, 0x4b, 0xc9, 0xa4, 0x47, 0x9d, 0xb9, 0x62, 0xb7,
-	0xbc, 0xa7, 0x84, 0xd8, 0xe8, 0xd0, 0x43, 0x38, 0xe7, 0xd2, 0x36, 0x89, 0x3d, 0xe9, 0xcc, 0xeb,
-	0x12, 0xba, 0x39, 0x86, 0x12, 0x6a, 0x2e, 0xaa, 0x76, 0xbb, 0x63, 0xe2, 0xe2, 0x04, 0x00, 0xbd,
-	0x02, 0xe7, 0x7c, 0x72, 0xc2, 0xfc, 0xd8, 0x77, 0x16, 0x36, 0xc1, 0x16, 0x30, 0x66, 0x7b, 0x46,
-	0x84, 0x13, 0x1d, 0xda, 0x81, 0xab, 0xf4, 0xa4, 0xe5, 0xc5, 0x82, 0x75, 0xa9, 0x55, 0x3a, 0x70,
-	0x13, 0x6c, 0xcd, 0x37, 0x1d, 0xbb, 0x84, 0xd5, 0xdd, 0x21, 0x3d, 0x1e, 0xf1, 0xd0, 0x60, 0x8c,
-	0x6b, 0xe7, 0xc5, 0x1c, 0x98, 0x11, 0xe1, 0x44, 0x57, 0x04, 0xb3, 0xf6, 0x4b, 0xe7, 0x81, 0x59,
-	0xe7, 0x11, 0x0f, 0xf4, 0x55, 0xb8, 0xe0, 0x93, 0x93, 0xdb, 0x94, 0x77, 0xe4, 0x91, 0xb3, 0xbc,
-	0x09, 0xb6, 0xca, 0xcd, 0xe5, 0x41, 0xbf, 0xba, 0xb0, 0x97, 0x08, 0x71, 0xa6, 0xd7, 0xc6, 0x8c,
-	0x5b, 0xe3, 0x97, 0x72, 0xc6, 0x89, 0x10, 0x67, 0x7a, 0x75, 0x9b, 0x85, 0x44, 0xaa, 0xc3, 0xe5,
-	0xac, 0x14, 0x6f, 0xb3, 0xbb, 0x46, 0x8c, 0x13, 0x3d, 0xda, 0x82, 0xf3, 0x3e, 0x39, 0xd1, 0x93,
-	0x84, 0xb3, 0xaa, 0xc3, 0x2e, 0xa9, 0x8b, 0x76, 0xcf, 0xca, 0x70, 0xaa, 0xd5, 0x96, 0x8c, 0x1b,
-	0xcb, 0xb5, 0x9c, 0xa5, 0x95, 0xe1, 0x54, 0xab, 0x8a, 0x38, 0xe6, 0xec, 0x51, 0x4c, 0x8d, 0x31,
-	0xd2, 0x99, 0x49, 0x8b, 0xf8, 0x7e, 0xa6, 0xc2, 0x79, 0x3b, 0x35, 0x49, 0xf8, 0xb1, 0x27, 0x59,
-	0xe8, 0xd1, 0xfd, 0xb6, 0x73, 0x41, 0xe7, 0x5f, 0x5f, 0x22, 0x7b, 0xa9, 0x14, 0xe7, 0x2c, 0x10,
-	0x85, 0xd3, 0x94, 0xc7, 0xbe, 0x73, 0x51, 0x5f, 0x0d, 0x63, 0x29, 0xc1, 0xf4, 0xe4, 0xec, 0xf2,
-	0xd8, 0xc7, 0x3a, 0x3c, 0x7a, 0x1b, 0x2e, 0xfb, 0xe4, 0x44, 0xb5, 0x03, 0x1a, 0x49, 0x46, 0x85,
-	0xb3, 0xae, 0x17, 0xbf, 0xa6, 0xda, 0xf1, 0x5e, 0x5e, 0x81, 0x8b, 0x76, 0xda, 0x91, 0xf1, 0x9c,
-	0xe3, 0xa5, 0x9c, 0x63, 0x5e, 0x81, 0x8b, 0x76, 0x2a, 0xd3, 0x11, 0x7d, 0x14, 0xb3, 0x88, 0xba,
-	0xce, 0x17, 0xf4, 0x40, 0xa5, 0x33, 0x8d, 0xad, 0x0c, 0xa7, 0x5a, 0xd4, 0x4d, 0x46, 0x4e, 0x47,
-	0x1f, 0xc3, 0xfb, 0xe3, 0xed, 0xe4, 0xfb, 0xd1, 0x76, 0x14, 0x91, 0x5e, 0x73, 0x61, 0x78, 0xd8,
-	0x44, 0x02, 0xce, 0x10, 0xcf, 0xdb, 0x6f, 0x3b, 0x97, 0x75, 0xee, 0xc7, 0x7d, 0x83, 0xa4, 0x5d,
-	0x67, 0x5b, 0x81, 0x60, 0x83, 0xa5, 0x40, 0x03, 0xae, 0x4a, 0x63, 0x63, 0xb2, 0xa0, 0xfb, 0x0a,
-	0x04, 0x1b, 0x2c, 0xbd, 0x52, 0xde, 0xdb, 0x6f, 0x3b, 0x5f, 0x9c, 0xf0, 0x4a, 0x15, 0x08, 0x36,
-	0x58, 0x88, 0xc1, 0x32, 0x0f, 0xa4, 0x73, 0x65, 0x22, 0xd7, 0xb3, 0xbe, 0x70, 0xee, 0x04, 0x12,
-	0x2b, 0x0c, 0xf4, 0x5b, 0x00, 0x61, 0x98, 0x95, 0xe8, 0x55, 0xbd, 0xca, 0x1f, 0x8d, 0x17, 0xb2,
-	0x9e, 0xd5, 0xf6, 0x2e, 0x97, 0x51, 0x2f, 0x1b, 0xb2, 0x72, 0x67, 0x20, 0xc7, 0x02, 0xfd, 0x11,
-	0xc0, 0x8b, 0xc4, 0x35, 0x23, 0x17, 0xf1, 0x72, 0x27, 0xa8, 0xa2, 0x33, 0x72, 0x6f, 0xdc, 0x65,
-	0xde, 0x0c, 0x02, 0xaf, 0xe9, 0x0c, 0xfa, 0xd5, 0x8b, 0xdb, 0x67, 0xa0, 0xe2, 0x33, 0xb9, 0xa0,
-	0xbf, 0x00, 0xb8, 0x66, 0xbb, 0x68, 0x8e, 0x61, 0x55, 0x27, 0x90, 0x8e, 0x3b, 0x81, 0xc3, 0x38,
-	0x26, 0x8f, 0x97, 0x6d, 0x1e, 0xd7, 0x46, 0xf4, 0x78, 0x94, 0x1a, 0xfa, 0x07, 0x80, 0x4b, 0x2e,
-	0x0d, 0x29, 0x77, 0x29, 0x6f, 0x29, 0xae, 0x9b, 0x63, 0x99, 0xa9, 0x87, 0xb9, 0xee, 0xe4, 0x20,
-	0x0c, 0xcd, 0xba, 0xa5, 0xb9, 0x94, 0x57, 0x9d, 0xf6, 0xab, 0x97, 0x32, 0xd7, 0xbc, 0x06, 0x17,
-	0x58, 0xa2, 0xdf, 0x01, 0xb8, 0x92, 0x6d, 0x80, 0xb9, 0x52, 0xae, 0x4d, 0xb0, 0x0e, 0xf4, 0xf8,
-	0xba, 0x5d, 0x04, 0xc4, 0xc3, 0x0c, 0xd0, 0x5f, 0x81, 0x9a, 0xd4, 0x92, 0x29, 0x5d, 0x38, 0x35,
-	0x9d, 0xcb, 0xf7, 0xc7, 0x9e, 0xcb, 0x14, 0xc1, 0xa4, 0xf2, 0xb5, 0x6c, 0x14, 0x4c, 0x35, 0xa7,
-	0xfd, 0xea, 0x7a, 0x3e, 0x93, 0xa9, 0x02, 0xe7, 0x19, 0xa2, 0x5f, 0x02, 0xb8, 0x44, 0xb3, 0x89,
-	0x5b, 0x38, 0x2f, 0x8f, 0x25, 0x89, 0x67, 0x0e, 0xf1, 0xcd, 0x55, 0xb5, 0xdd, 0x39, 0x95, 0xc0,
-	0x05, 0x6c, 0x35, 0x41, 0xd2, 0x13, 0xe2, 0x87, 0x1e, 0x75, 0xbe, 0x34, 0xe6, 0x09, 0x72, 0xd7,
-	0xc4, 0xc5, 0x09, 0xc0, 0x86, 0x7a, 0xf9, 0x0c, 0x9d, 0x1c, 0xb4, 0x0a, 0xcb, 0xc7, 0xb4, 0x67,
-	0x06, 0x7b, 0xac, 0x7e, 0x22, 0x17, 0xce, 0x74, 0x89, 0x17, 0x53, 0xfb, 0x9e, 0x1b, 0x73, 0xd7,
-	0xc5, 0x26, 0xf8, 0x37, 0x4b, 0xef, 0x80, 0x8d, 0x27, 0x00, 0x5e, 0x3a, 0xfb, 0x40, 0xbf, 0x50,
-	0x5a, 0x7f, 0x00, 0x70, 0x6d, 0xe4, 0xec, 0x9e, 0xc1, 0xe8, 0x51, 0x91, 0xd1, 0xbb, 0xe3, 0x3e,
-	0x84, 0x07, 0x32, 0x62, 0xbc, 0xa3, 0x27, 0x8f, 0x3c, 0xbd, 0x5f, 0x03, 0xb8, 0x3a, 0x7c, 0x1c,
-	0x5e, 0x64, 0xbe, 0x6a, 0x4f, 0x4a, 0xf0, 0xd2, 0xd9, 0x03, 0x13, 0x8a, 0xd2, 0x97, 0xe1, 0x64,
-	0x5e, 0xd8, 0x30, 0x7b, 0x65, 0xa6, 0x8f, 0xca, 0x0f, 0x01, 0x5c, 0x7c, 0x98, 0xda, 0x25, 0x7f,
-	0x42, 0x8e, 0xfd, 0x6d, 0x9f, 0xf4, 0x9f, 0x4c, 0x21, 0x70, 0x1e, 0xb7, 0xf6, 0x77, 0x00, 0xd7,
-	0xcf, 0x6c, 0xac, 0xea, 0x09, 0x4a, 0x3c, 0x2f, 0x78, 0x2c, 0x74, 0x56, 0xe6, 0xb3, 0x27, 0xe8,
-	0xb6, 0x96, 0x62, 0xab, 0xcd, 0x65, 0xaf, 0xf4, 0x79, 0x65, 0xaf, 0xf6, 0x4f, 0x00, 0xaf, 0x7c,
-	0x52, 0x25, 0xbe, 0x90, 0x2d, 0xdd, 0x82, 0xf3, 0x76, 0x28, 0xea, 0xe9, 0xed, 0xb4, 0xef, 0x00,
-	0xdb, 0x34, 0x7a, 0x38, 0xd5, 0x36, 0xaf, 0x3f, 0x7d, 0x56, 0x99, 0xfa, 0xe8, 0x59, 0x65, 0xea,
-	0xe3, 0x67, 0x95, 0xa9, 0x9f, 0x0e, 0x2a, 0xe0, 0xe9, 0xa0, 0x02, 0x3e, 0x1a, 0x54, 0xc0, 0xc7,
-	0x83, 0x0a, 0xf8, 0xf7, 0xa0, 0x02, 0x7e, 0xf3, 0x9f, 0xca, 0xd4, 0x0f, 0xe6, 0x2c, 0xf8, 0xff,
-	0x03, 0x00, 0x00, 0xff, 0xff, 0x73, 0x96, 0x20, 0xc5, 0xd0, 0x1b, 0x00, 0x00,
+	// 2102 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xc4, 0x58, 0xcb, 0x6f, 0x63, 0x49,
+	0xd5, 0x4f, 0xd9, 0x79, 0x56, 0x92, 0x49, 0x52, 0xdd, 0xe9, 0xef, 0x76, 0xbe, 0x6e, 0x3b, 0xf1,
+	0x30, 0xa3, 0x00, 0xd3, 0x36, 0x3d, 0x0f, 0x66, 0x40, 0x62, 0x11, 0x27, 0x01, 0xf5, 0x90, 0x74,
+	0xa2, 0x72, 0x77, 0x23, 0x98, 0x67, 0xe5, 0xba, 0xec, 0x54, 0xe7, 0xbe, 0xfa, 0x56, 0x5d, 0x77,
+	0x22, 0x01, 0xe2, 0xa1, 0x11, 0x12, 0x12, 0x0f, 0x41, 0x6f, 0x90, 0xd8, 0x80, 0xc4, 0x06, 0x21,
+	0x58, 0xc0, 0x92, 0x25, 0x8b, 0x5e, 0x8e, 0xc4, 0x66, 0x56, 0x16, 0x6d, 0xfe, 0x05, 0x24, 0xa4,
+	0xac, 0x50, 0x3d, 0xee, 0xcb, 0x8e, 0x67, 0x5a, 0x1a, 0x7b, 0x7a, 0xe7, 0x7b, 0x5e, 0xbf, 0x5f,
+	0x9d, 0x3a, 0x75, 0xea, 0x94, 0x61, 0xeb, 0xe4, 0x0d, 0x5e, 0x65, 0x7e, 0xed, 0x24, 0x3a, 0xa2,
+	0xa1, 0x47, 0x05, 0xe5, 0xb5, 0x0e, 0xf5, 0x9a, 0x7e, 0x58, 0x33, 0x0a, 0x12, 0x30, 0x7a, 0x2a,
+	0xa8, 0xc7, 0x99, 0xef, 0xf1, 0x1b, 0x24, 0x60, 0x9c, 0x86, 0x1d, 0x1a, 0xd6, 0x82, 0x93, 0xb6,
+	0xd4, 0xf1, 0xbc, 0x41, 0xad, 0x73, 0xf3, 0x88, 0x0a, 0x72, 0xb3, 0xd6, 0xa6, 0x1e, 0x0d, 0x89,
+	0xa0, 0xcd, 0x6a, 0x10, 0xfa, 0xc2, 0x47, 0x5f, 0xd3, 0xe1, 0xaa, 0x39, 0xeb, 0xf7, 0x92, 0x70,
+	0xd5, 0xe0, 0xa4, 0x2d, 0x75, 0x3c, 0x6f, 0x50, 0x35, 0xe1, 0xd6, 0x6e, 0xb4, 0x99, 0x38, 0x8e,
+	0x8e, 0xaa, 0xb6, 0xef, 0xd6, 0xda, 0x7e, 0xdb, 0xaf, 0xa9, 0xa8, 0x47, 0x51, 0x4b, 0x7d, 0xa9,
+	0x0f, 0xf5, 0x4b, 0xa3, 0xad, 0xbd, 0x9a, 0x92, 0x77, 0x89, 0x7d, 0xcc, 0x3c, 0x1a, 0x9e, 0xa5,
+	0x8c, 0x5d, 0x2a, 0x48, 0xad, 0x33, 0xc0, 0x71, 0xad, 0x36, 0xcc, 0x2b, 0x8c, 0x3c, 0xc1, 0x5c,
+	0x3a, 0xe0, 0xf0, 0xe5, 0x4f, 0x72, 0xe0, 0xf6, 0x31, 0x75, 0xc9, 0x80, 0xdf, 0x2b, 0xc3, 0xfc,
+	0x22, 0xc1, 0x9c, 0x1a, 0xf3, 0x04, 0x17, 0x61, 0xbf, 0x53, 0xe5, 0xc7, 0x45, 0x68, 0x6d, 0x47,
+	0x5c, 0xf8, 0x2e, 0xa6, 0xdc, 0x8f, 0x42, 0x9b, 0xee, 0xd0, 0x16, 0xf3, 0x98, 0x60, 0xbe, 0x87,
+	0xde, 0x87, 0xb3, 0x72, 0x55, 0x4d, 0x22, 0x88, 0x05, 0xd6, 0xc1, 0xe6, 0xfc, 0xcb, 0x5f, 0xaa,
+	0xa6, 0x19, 0x4f, 0x40, 0xd2, 0x34, 0x4b, 0xeb, 0x6a, 0xe7, 0x66, 0xf5, 0xe0, 0xe8, 0x3e, 0xb5,
+	0xc5, 0x3e, 0x15, 0xa4, 0x8e, 0x1e, 0x77, 0xcb, 0x13, 0xbd, 0x6e, 0x19, 0xa6, 0x32, 0x9c, 0x44,
+	0x45, 0xdf, 0x83, 0x93, 0x3c, 0xa0, 0xb6, 0x55, 0x50, 0xd1, 0xdf, 0xaa, 0x7e, 0xaa, 0xfd, 0xac,
+	0x0e, 0x5b, 0x48, 0x23, 0xa0, 0x76, 0x7d, 0xc1, 0x10, 0x99, 0x94, 0x5f, 0x58, 0xc1, 0xa2, 0x0f,
+	0x00, 0x9c, 0xe6, 0x82, 0x88, 0x88, 0x5b, 0x45, 0xc5, 0xe0, 0x9d, 0x71, 0x31, 0x50, 0x20, 0xf5,
+	0xe7, 0x0c, 0x87, 0x69, 0xfd, 0x8d, 0x0d, 0x78, 0xe5, 0x3f, 0x05, 0xb8, 0x31, 0xcc, 0x75, 0xdb,
+	0xf7, 0x9a, 0x7a, 0x3b, 0x6e, 0xc1, 0x49, 0x71, 0x16, 0x50, 0xb5, 0x15, 0x73, 0xf5, 0xd7, 0xe2,
+	0xf5, 0xdc, 0x39, 0x0b, 0xe8, 0x79, 0xb7, 0xfc, 0xc2, 0x27, 0x06, 0x90, 0x86, 0x58, 0x85, 0x40,
+	0x5f, 0x49, 0xd6, 0x5d, 0x50, 0xc1, 0x36, 0xf2, 0xc4, 0xce, 0xbb, 0xe5, 0xa5, 0xc4, 0x2d, 0xcf,
+	0x15, 0x75, 0x20, 0x72, 0x08, 0x17, 0x77, 0x42, 0xe2, 0x71, 0x1d, 0x96, 0xb9, 0xd4, 0xa4, 0xef,
+	0x0b, 0x4f, 0x57, 0x1e, 0xd2, 0xa3, 0xbe, 0x66, 0x20, 0xd1, 0xde, 0x40, 0x34, 0x7c, 0x01, 0x02,
+	0x7a, 0x11, 0x4e, 0x87, 0x94, 0x70, 0xdf, 0xb3, 0x26, 0x15, 0xe5, 0x24, 0x97, 0x58, 0x49, 0xb1,
+	0xd1, 0xa2, 0xcf, 0xc3, 0x19, 0x97, 0x72, 0x4e, 0xda, 0xd4, 0x9a, 0x52, 0x86, 0x4b, 0xc6, 0x70,
+	0x66, 0x5f, 0x8b, 0x71, 0xac, 0xaf, 0x9c, 0x03, 0x78, 0x6d, 0x58, 0xd6, 0xf6, 0x18, 0x17, 0xe8,
+	0xed, 0x81, 0x03, 0x50, 0x7d, 0xba, 0x15, 0x4a, 0x6f, 0x55, 0xfe, 0xcb, 0x06, 0x7c, 0x36, 0x96,
+	0x64, 0x8a, 0xff, 0xbb, 0x70, 0x8a, 0x09, 0xea, 0xca, 0x3d, 0x28, 0x6e, 0xce, 0xbf, 0xfc, 0xad,
+	0x31, 0xd5, 0x5e, 0x7d, 0xd1, 0x70, 0x98, 0xba, 0x25, 0xd1, 0xb0, 0x06, 0xad, 0xfc, 0xa1, 0x00,
+	0xaf, 0x0f, 0x73, 0xb9, 0x4d, 0x5c, 0xca, 0x65, 0xc6, 0x03, 0x27, 0x0a, 0x89, 0x63, 0x2a, 0x2e,
+	0xc9, 0xf8, 0xa1, 0x92, 0x62, 0xa3, 0x45, 0x2f, 0xc1, 0x59, 0xce, 0xbc, 0x76, 0xe4, 0x90, 0xd0,
+	0x94, 0x53, 0xb2, 0xea, 0x86, 0x91, 0xe3, 0xc4, 0x02, 0x55, 0x21, 0xe4, 0xc7, 0x7e, 0x28, 0x14,
+	0x86, 0x55, 0x5c, 0x2f, 0xca, 0xc8, 0xb2, 0x41, 0x34, 0x12, 0x29, 0xce, 0x58, 0xa0, 0x75, 0x38,
+	0x79, 0xc2, 0xbc, 0xa6, 0xd9, 0xf5, 0xe4, 0x14, 0x7f, 0x93, 0x79, 0x4d, 0xac, 0x34, 0x12, 0xdf,
+	0x61, 0x5c, 0x48, 0x89, 0xd9, 0xf2, 0x5c, 0xd6, 0x95, 0x65, 0x62, 0x21, 0xf1, 0x6d, 0x22, 0x68,
+	0xdb, 0x0f, 0x19, 0xe5, 0xd6, 0x74, 0x8a, 0xbf, 0x9d, 0x48, 0x71, 0xc6, 0xa2, 0xf2, 0x8f, 0xc9,
+	0xe1, 0x45, 0x22, 0x5b, 0x09, 0x7a, 0x1e, 0x4e, 0xb5, 0x43, 0x3f, 0x0a, 0x4c, 0x96, 0x92, 0x6c,
+	0x7f, 0x43, 0x0a, 0xb1, 0xd6, 0xc9, 0xaa, 0xec, 0xd0, 0x50, 0x6e, 0x98, 0x49, 0x51, 0x52, 0x95,
+	0xf7, 0xb4, 0x18, 0xc7, 0x7a, 0xf4, 0x43, 0x00, 0xa7, 0x3c, 0x93, 0x1c, 0x59, 0x72, 0x6f, 0x8f,
+	0xa9, 0x2e, 0x54, 0x7a, 0x53, 0xba, 0x3a, 0xf3, 0x1a, 0x19, 0xbd, 0x0a, 0xa7, 0xb8, 0xed, 0x07,
+	0xd4, 0x64, 0xbd, 0x14, 0x1b, 0x35, 0xa4, 0xf0, 0xbc, 0x5b, 0x5e, 0x8c, 0xc3, 0x29, 0x01, 0xd6,
+	0xc6, 0xe8, 0x27, 0x00, 0xc2, 0x0e, 0x71, 0x58, 0x93, 0xc8, 0xf8, 0x6a, 0x2f, 0x46, 0x5d, 0xd6,
+	0xf7, 0x92, 0xf0, 0x7a, 0xd3, 0xd2, 0x6f, 0x9c, 0x81, 0x46, 0xbf, 0x00, 0x70, 0x81, 0x47, 0x47,
+	0xa1, 0xf1, 0x92, 0xfb, 0x2c, 0xb9, 0x7c, 0x7b, 0xa4, 0x5c, 0x1a, 0x19, 0x80, 0xfa, 0x72, 0xaf,
+	0x5b, 0x5e, 0xc8, 0x4a, 0x70, 0x8e, 0x40, 0xe5, 0x9f, 0x05, 0x58, 0xfa, 0xf8, 0xdb, 0x01, 0x3d,
+	0x02, 0x10, 0xda, 0x71, 0xd7, 0xe5, 0x16, 0x50, 0x5d, 0xe1, 0xfd, 0x31, 0xed, 0x7e, 0xd2, 0xde,
+	0xd3, 0x1b, 0x3a, 0x11, 0xc9, 0x03, 0x90, 0xfc, 0x46, 0xbf, 0x01, 0x70, 0x91, 0xd8, 0x36, 0x0d,
+	0x04, 0x6d, 0xea, 0x43, 0x5b, 0xf8, 0x0c, 0xea, 0x72, 0xd5, 0xb0, 0x5a, 0xdc, 0xca, 0x42, 0xe3,
+	0x3c, 0x93, 0xca, 0x7f, 0x41, 0x7f, 0x56, 0x33, 0x5b, 0xd0, 0xb0, 0x89, 0x43, 0xd1, 0x0e, 0x5c,
+	0x96, 0x77, 0x3d, 0xa6, 0x81, 0xc3, 0x6c, 0xc2, 0x0f, 0x89, 0x38, 0x36, 0x27, 0xd5, 0x32, 0x10,
+	0xcb, 0x8d, 0x3e, 0x3d, 0x1e, 0xf0, 0x40, 0x6f, 0x42, 0xa4, 0xef, 0xbf, 0x5c, 0x1c, 0x7d, 0x94,
+	0x93, 0x9b, 0xac, 0x31, 0x60, 0x81, 0x2f, 0xf0, 0x42, 0xdb, 0x70, 0xc5, 0x21, 0x47, 0xd4, 0x69,
+	0x50, 0x87, 0xda, 0xc2, 0x0f, 0x55, 0xa8, 0xa2, 0x0a, 0xb5, 0xda, 0xeb, 0x96, 0x57, 0xf6, 0xfa,
+	0x95, 0x78, 0xd0, 0xbe, 0xb2, 0x01, 0xcb, 0xc3, 0x17, 0xae, 0xa7, 0x8a, 0xdf, 0x15, 0xe0, 0xda,
+	0xf0, 0x8a, 0x45, 0x3f, 0x4a, 0x87, 0x1f, 0x7d, 0xb7, 0xbd, 0x3b, 0xae, 0xd3, 0x61, 0xa6, 0x1f,
+	0x38, 0x38, 0xf9, 0xa0, 0xef, 0xcb, 0x46, 0x43, 0x1c, 0x6a, 0x6a, 0xea, 0x9d, 0xb1, 0x51, 0x90,
+	0x20, 0xf5, 0x39, 0xdd, 0xc3, 0x88, 0xa3, 0x5a, 0x16, 0x71, 0x68, 0xe5, 0x8f, 0xa0, 0x7f, 0xfe,
+	0x4d, 0x3b, 0x0a, 0xfa, 0x19, 0x80, 0x4b, 0x7e, 0x40, 0xbd, 0xad, 0xc3, 0x5b, 0xf7, 0x5e, 0x69,
+	0xa8, 0xa9, 0xdb, 0xa4, 0xea, 0xf6, 0xa7, 0xe4, 0xf9, 0x66, 0xe3, 0xe0, 0xb6, 0x0e, 0x78, 0x18,
+	0xfa, 0x01, 0xaf, 0x5f, 0xea, 0x75, 0xcb, 0x4b, 0x07, 0x79, 0x28, 0xdc, 0x8f, 0x5d, 0x71, 0xe1,
+	0xea, 0xee, 0xa9, 0xa0, 0xa1, 0x47, 0x9c, 0x1d, 0xdf, 0x8e, 0x5c, 0xea, 0x09, 0x4d, 0xf4, 0x35,
+	0x38, 0xdf, 0xa4, 0xdc, 0x0e, 0x59, 0xa0, 0x1a, 0xaf, 0x2e, 0xef, 0x4b, 0xa6, 0x2c, 0xe7, 0x77,
+	0x52, 0x15, 0xce, 0xda, 0xa1, 0xeb, 0xb0, 0x18, 0x85, 0x8e, 0xa9, 0xe2, 0x79, 0x63, 0x5e, 0xbc,
+	0x8b, 0xf7, 0xb0, 0x94, 0x57, 0x36, 0xe0, 0xa4, 0xe4, 0x89, 0xae, 0xc2, 0x62, 0x48, 0x1e, 0xaa,
+	0xa8, 0x0b, 0xf5, 0x19, 0x69, 0x82, 0xc9, 0x43, 0x2c, 0x65, 0x95, 0x3f, 0x5d, 0x83, 0x4b, 0x7d,
+	0x6b, 0x41, 0x6b, 0xb0, 0xc0, 0x9a, 0x86, 0x03, 0x34, 0x41, 0x0b, 0xb7, 0x76, 0x70, 0x81, 0x35,
+	0xd1, 0xeb, 0x70, 0x5a, 0xbf, 0x5e, 0x0c, 0x68, 0x39, 0x99, 0x3b, 0x95, 0x54, 0xde, 0x2c, 0x69,
+	0x38, 0x49, 0xc4, 0x98, 0x2b, 0x0e, 0xb4, 0x65, 0x4e, 0x89, 0xe6, 0x40, 0x5b, 0x58, 0xca, 0xfa,
+	0x17, 0x3f, 0xf9, 0x94, 0x8b, 0x5f, 0x37, 0xd3, 0xf4, 0x54, 0x7e, 0xae, 0xc8, 0x0c, 0xc9, 0x2f,
+	0xc2, 0xe9, 0x96, 0x1f, 0xba, 0x44, 0xa8, 0xdb, 0x23, 0x33, 0xff, 0x7c, 0x5d, 0x49, 0xb1, 0xd1,
+	0xca, 0x01, 0x40, 0x30, 0xe1, 0x50, 0x6b, 0x26, 0x3f, 0x00, 0xdc, 0x91, 0x42, 0xac, 0x75, 0xe8,
+	0x3e, 0x9c, 0x69, 0xd2, 0x16, 0x89, 0x1c, 0x61, 0xcd, 0xaa, 0x12, 0xda, 0x1e, 0x41, 0x09, 0xd5,
+	0xe7, 0xe5, 0x04, 0xb1, 0xa3, 0xe3, 0xe2, 0x18, 0x00, 0xbd, 0x00, 0x67, 0x5c, 0x72, 0xca, 0xdc,
+	0xc8, 0xb5, 0xe6, 0xd6, 0xc1, 0x26, 0xd0, 0x66, 0xfb, 0x5a, 0x84, 0x63, 0x9d, 0xec, 0x8c, 0xf4,
+	0xd4, 0x76, 0x22, 0xce, 0x3a, 0xd4, 0x28, 0x2d, 0xb8, 0x0e, 0x36, 0x67, 0xd3, 0xce, 0xb8, 0xdb,
+	0xa7, 0xc7, 0x03, 0x1e, 0x0a, 0x8c, 0x79, 0xca, 0x79, 0x3e, 0x03, 0xa6, 0x45, 0x38, 0xd6, 0xe5,
+	0xc1, 0x8c, 0xfd, 0xc2, 0x30, 0x30, 0xe3, 0x3c, 0xe0, 0x81, 0xbe, 0x08, 0xe7, 0x5c, 0x72, 0xba,
+	0x47, 0xbd, 0xb6, 0x38, 0xb6, 0x16, 0xd7, 0xc1, 0x66, 0xb1, 0xbe, 0xd8, 0xeb, 0x96, 0xe7, 0xf6,
+	0x63, 0x21, 0x4e, 0xf5, 0xca, 0x98, 0x79, 0xc6, 0xf8, 0xb9, 0x8c, 0x71, 0x2c, 0xc4, 0xa9, 0x5e,
+	0x0e, 0x68, 0x01, 0x11, 0xf2, 0x70, 0x59, 0x4b, 0xf9, 0x01, 0xed, 0x50, 0x8b, 0x71, 0xac, 0x47,
+	0x9b, 0x70, 0xd6, 0x25, 0xa7, 0x6a, 0x98, 0xb6, 0x96, 0x55, 0xd8, 0x05, 0x39, 0x6b, 0xee, 0x1b,
+	0x19, 0x4e, 0xb4, 0xca, 0x92, 0x79, 0xda, 0x72, 0x25, 0x63, 0x69, 0x64, 0x38, 0xd1, 0xca, 0x22,
+	0x8e, 0x3c, 0xf6, 0x20, 0xa2, 0xda, 0x18, 0xa9, 0xcc, 0x24, 0x45, 0x7c, 0x37, 0x55, 0xe1, 0xac,
+	0x9d, 0x1c, 0x66, 0xdd, 0xc8, 0x11, 0x2c, 0x70, 0xe8, 0x41, 0xcb, 0xba, 0xa4, 0xf2, 0xaf, 0xe6,
+	0xa2, 0xfd, 0x44, 0x8a, 0x33, 0x16, 0x88, 0xc2, 0x49, 0xea, 0x45, 0xae, 0x75, 0x59, 0xcd, 0x16,
+	0x23, 0x29, 0xc1, 0xe4, 0xe4, 0xec, 0x7a, 0x91, 0x8b, 0x55, 0x78, 0xf4, 0x3a, 0x5c, 0x74, 0xc9,
+	0xa9, 0x6c, 0x07, 0x34, 0x14, 0x72, 0xcc, 0x5e, 0x55, 0x8b, 0x5f, 0x91, 0xf7, 0xf9, 0x7e, 0x56,
+	0x81, 0xf3, 0x76, 0xca, 0x91, 0x79, 0x19, 0xc7, 0x2b, 0x19, 0xc7, 0xac, 0x02, 0xe7, 0xed, 0x64,
+	0xa6, 0x43, 0xfa, 0x20, 0x62, 0x21, 0x6d, 0x5a, 0xff, 0xa7, 0x66, 0x7a, 0x95, 0x69, 0x6c, 0x64,
+	0x38, 0xd1, 0xa2, 0x4e, 0xfc, 0xea, 0xb2, 0xd4, 0x31, 0xbc, 0x3b, 0xda, 0x4e, 0x7e, 0x10, 0x6e,
+	0x85, 0x21, 0x39, 0xd3, 0x37, 0x4d, 0xf6, 0xbd, 0x85, 0x38, 0x9c, 0x22, 0x8e, 0x73, 0xd0, 0xb2,
+	0xae, 0xaa, 0xdc, 0x8f, 0xfa, 0x06, 0x49, 0xba, 0xce, 0x96, 0x04, 0xc1, 0x1a, 0x4b, 0x82, 0xfa,
+	0x9e, 0x2c, 0x8d, 0xb5, 0xf1, 0x82, 0x1e, 0x48, 0x10, 0xac, 0xb1, 0xd4, 0x4a, 0xbd, 0xb3, 0x83,
+	0x96, 0xf5, 0xff, 0x63, 0x5e, 0xa9, 0x04, 0xc1, 0x1a, 0x0b, 0x31, 0x58, 0xf4, 0x7c, 0x61, 0x5d,
+	0x1b, 0xcb, 0xf5, 0xac, 0x2e, 0x9c, 0xdb, 0xbe, 0xc0, 0x12, 0x03, 0xfd, 0x0a, 0x40, 0x18, 0xa4,
+	0x25, 0x7a, 0x5d, 0xad, 0xf2, 0xdd, 0xd1, 0x42, 0x56, 0xd3, 0xda, 0xde, 0xf5, 0x44, 0x78, 0x96,
+	0x4e, 0xe9, 0x99, 0x33, 0x90, 0x61, 0x81, 0x7e, 0x0f, 0xe0, 0x65, 0xd2, 0xd4, 0x33, 0x3b, 0x71,
+	0x32, 0x27, 0xa8, 0xa4, 0x32, 0x72, 0x67, 0xd4, 0x65, 0x5e, 0xf7, 0x7d, 0xa7, 0x6e, 0xf5, 0xba,
+	0xe5, 0xcb, 0x5b, 0x17, 0xa0, 0xe2, 0x0b, 0xb9, 0xa0, 0x3f, 0x03, 0xb8, 0x62, 0xba, 0x68, 0x86,
+	0x61, 0x59, 0x25, 0x90, 0x8e, 0x3a, 0x81, 0xfd, 0x38, 0x3a, 0x8f, 0x57, 0x4d, 0x1e, 0x57, 0x06,
+	0xf4, 0x78, 0x90, 0x1a, 0xfa, 0x1b, 0x80, 0x0b, 0x4d, 0x1a, 0x50, 0xaf, 0x49, 0x3d, 0x5b, 0x72,
+	0x5d, 0x1f, 0xc9, 0xa3, 0xac, 0x9f, 0xeb, 0x4e, 0x06, 0x42, 0xd3, 0xac, 0x1a, 0x9a, 0x0b, 0x59,
+	0xd5, 0x79, 0xb7, 0x7c, 0x25, 0x75, 0xcd, 0x6a, 0x70, 0x8e, 0x25, 0xfa, 0x35, 0x80, 0x4b, 0xe9,
+	0x06, 0xe8, 0x2b, 0x65, 0x63, 0x8c, 0x75, 0xa0, 0xc6, 0xd7, 0xad, 0x3c, 0x20, 0xee, 0x67, 0x80,
+	0xfe, 0x02, 0xe4, 0xa4, 0x16, 0x3f, 0xf3, 0xb8, 0x55, 0x51, 0xb9, 0x7c, 0x6f, 0xe4, 0xb9, 0x4c,
+	0x10, 0x74, 0x2a, 0x5f, 0x4a, 0x47, 0xc1, 0x44, 0x73, 0xde, 0x2d, 0xaf, 0x66, 0x33, 0x99, 0x28,
+	0x70, 0x96, 0x21, 0xfa, 0x29, 0x80, 0x0b, 0x34, 0x9d, 0xb8, 0xb9, 0xf5, 0xfc, 0x48, 0x92, 0x78,
+	0xe1, 0x10, 0xaf, 0xff, 0x41, 0xc8, 0xa8, 0x38, 0xce, 0x61, 0xcb, 0x09, 0x92, 0x9e, 0x12, 0x37,
+	0x70, 0xa8, 0xf5, 0xb9, 0x11, 0x4f, 0x90, 0xbb, 0x3a, 0x2e, 0x8e, 0x01, 0xd6, 0xe4, 0xcb, 0xa7,
+	0xef, 0xe4, 0xa0, 0x65, 0x58, 0x3c, 0xa1, 0x67, 0x7a, 0xb0, 0xc7, 0xf2, 0x27, 0x6a, 0xc2, 0xa9,
+	0x0e, 0x71, 0xa2, 0xf8, 0xf1, 0x36, 0xe2, 0xae, 0x8b, 0x75, 0xf0, 0xaf, 0x16, 0xde, 0x00, 0x6b,
+	0x8f, 0x00, 0xbc, 0x72, 0xf1, 0x81, 0x7e, 0xa6, 0xb4, 0x7e, 0x0b, 0xe0, 0xca, 0xc0, 0xd9, 0xbd,
+	0x80, 0xd1, 0x83, 0x3c, 0xa3, 0xb7, 0x46, 0x7d, 0x08, 0x1b, 0x22, 0x64, 0x5e, 0x5b, 0x4d, 0x1e,
+	0x59, 0x7a, 0x3f, 0x07, 0x70, 0xb9, 0xff, 0x38, 0x3c, 0xcb, 0x7c, 0x55, 0x1e, 0x15, 0xe0, 0x95,
+	0x8b, 0x07, 0x26, 0x14, 0x26, 0x2f, 0xc3, 0xf1, 0xbc, 0xb0, 0x61, 0xfa, 0xca, 0x4c, 0x1e, 0x95,
+	0x1f, 0x00, 0x38, 0x7f, 0x3f, 0xb1, 0x8b, 0xff, 0x87, 0x1f, 0xf9, 0xdb, 0x3e, 0xee, 0x3f, 0xa9,
+	0x82, 0xe3, 0x2c, 0x6e, 0xe5, 0xaf, 0x00, 0xae, 0x5e, 0xd8, 0x58, 0xe5, 0x13, 0x94, 0x38, 0x8e,
+	0xff, 0x50, 0xff, 0x45, 0x33, 0x9b, 0x3e, 0x41, 0xb7, 0x94, 0x14, 0x1b, 0x6d, 0x26, 0x7b, 0x85,
+	0xcf, 0x2a, 0x7b, 0x95, 0xbf, 0x03, 0x78, 0xed, 0xe3, 0x2a, 0xf1, 0x99, 0x6c, 0xe9, 0x26, 0x9c,
+	0x35, 0x43, 0xd1, 0x99, 0xda, 0x4e, 0xf3, 0x0e, 0x30, 0x4d, 0xe3, 0x0c, 0x27, 0xda, 0xfa, 0x8d,
+	0xc7, 0x4f, 0x4a, 0x13, 0x1f, 0x3e, 0x29, 0x4d, 0x7c, 0xf4, 0xa4, 0x34, 0xf1, 0x83, 0x5e, 0x09,
+	0x3c, 0xee, 0x95, 0xc0, 0x87, 0xbd, 0x12, 0xf8, 0xa8, 0x57, 0x02, 0xff, 0xea, 0x95, 0xc0, 0x2f,
+	0xff, 0x5d, 0x9a, 0xf8, 0xce, 0x8c, 0x01, 0xff, 0x5f, 0x00, 0x00, 0x00, 0xff, 0xff, 0x0a, 0x6f,
+	0x04, 0x49, 0xd3, 0x1e, 0x00, 0x00,
 }
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/generated.proto b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/generated.proto
index c4d2b2dde317..46cfd1ca7d71 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/generated.proto
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/generated.proto
@@ -88,6 +88,10 @@ message CustomResourceDefinitionNames {
 
   // ListKind is the serialized kind of the list for this resource.  Defaults to <kind>List.
   optional string listKind = 5;
+
+  // Categories is a list of grouped resources custom resources belong to (e.g. 'all')
+  // +optional
+  repeated string categories = 6;
 }
 
 // CustomResourceDefinitionSpec describes how a user wants their resource to appear
@@ -107,6 +111,12 @@ message CustomResourceDefinitionSpec {
   // Validation describes the validation methods for CustomResources
   // +optional
   optional CustomResourceValidation validation = 5;
+
+  // Subresources describes the subresources for CustomResources
+  // This field is alpha-level and should only be sent to servers that enable
+  // subresources via the CustomResourceSubresources feature gate.
+  // +optional
+  optional CustomResourceSubresources subresources = 6;
 }
 
 // CustomResourceDefinitionStatus indicates the state of the CustomResourceDefinition
@@ -119,6 +129,48 @@ message CustomResourceDefinitionStatus {
   optional CustomResourceDefinitionNames acceptedNames = 2;
 }
 
+// CustomResourceSubresourceScale defines how to serve the scale subresource for CustomResources.
+message CustomResourceSubresourceScale {
+  // SpecReplicasPath defines the JSON path inside of a CustomResource that corresponds to Scale.Spec.Replicas.
+  // Only JSON paths without the array notation are allowed.
+  // Must be a JSON Path under .spec.
+  // If there is no value under the given path in the CustomResource, the /scale subresource will return an error on GET.
+  optional string specReplicasPath = 1;
+
+  // StatusReplicasPath defines the JSON path inside of a CustomResource that corresponds to Scale.Status.Replicas.
+  // Only JSON paths without the array notation are allowed.
+  // Must be a JSON Path under .status.
+  // If there is no value under the given path in the CustomResource, the status replica value in the /scale subresource
+  // will default to 0.
+  optional string statusReplicasPath = 2;
+
+  // LabelSelectorPath defines the JSON path inside of a CustomResource that corresponds to Scale.Status.Selector.
+  // Only JSON paths without the array notation are allowed.
+  // Must be a JSON Path under .status.
+  // Must be set to work with HPA.
+  // If there is no value under the given path in the CustomResource, the status label selector value in the /scale
+  // subresource will default to the empty string.
+  // +optional
+  optional string labelSelectorPath = 3;
+}
+
+// CustomResourceSubresourceStatus defines how to serve the status subresource for CustomResources.
+// Status is represented by the `.status` JSON path inside of a CustomResource. When set,
+// * exposes a /status subresource for the custom resource
+// * PUT requests to the /status subresource take a custom resource object, and ignore changes to anything except the status stanza
+// * PUT/POST/PATCH requests to the custom resource ignore changes to the status stanza
+message CustomResourceSubresourceStatus {
+}
+
+// CustomResourceSubresources defines the status and scale subresources for CustomResources.
+message CustomResourceSubresources {
+  // Status denotes the status subresource for CustomResources
+  optional CustomResourceSubresourceStatus status = 1;
+
+  // Scale denotes the scale subresource for CustomResources
+  optional CustomResourceSubresourceScale scale = 2;
+}
+
 // CustomResourceValidation is a list of validation methods for CustomResources.
 message CustomResourceValidation {
   // OpenAPIV3Schema is the OpenAPI v3 schema to be validated against.
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/types.go b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/types.go
index 9ac37efe0fb1..3a4da9aea8a4 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/types.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/types.go
@@ -16,7 +16,9 @@ limitations under the License.
 
 package v1beta1
 
-import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
 
 // CustomResourceDefinitionSpec describes how a user wants their resource to appear
 type CustomResourceDefinitionSpec struct {
@@ -31,6 +33,11 @@ type CustomResourceDefinitionSpec struct {
 	// Validation describes the validation methods for CustomResources
 	// +optional
 	Validation *CustomResourceValidation `json:"validation,omitempty" protobuf:"bytes,5,opt,name=validation"`
+	// Subresources describes the subresources for CustomResources
+	// This field is alpha-level and should only be sent to servers that enable
+	// subresources via the CustomResourceSubresources feature gate.
+	// +optional
+	Subresources *CustomResourceSubresources `json:"subresources,omitempty" protobuf:"bytes,6,opt,name=subresources"`
 }
 
 // CustomResourceDefinitionNames indicates the names to serve this CustomResourceDefinition
@@ -46,6 +53,9 @@ type CustomResourceDefinitionNames struct {
 	Kind string `json:"kind" protobuf:"bytes,4,opt,name=kind"`
 	// ListKind is the serialized kind of the list for this resource.  Defaults to <kind>List.
 	ListKind string `json:"listKind,omitempty" protobuf:"bytes,5,opt,name=listKind"`
+	// Categories is a list of grouped resources custom resources belong to (e.g. 'all')
+	// +optional
+	Categories []string `json:"categories,omitempty" protobuf:"bytes,6,rep,name=categories"`
 }
 
 // ResourceScope is an enum defining the different scopes available to a custom resource
@@ -147,3 +157,41 @@ type CustomResourceValidation struct {
 	// OpenAPIV3Schema is the OpenAPI v3 schema to be validated against.
 	OpenAPIV3Schema *JSONSchemaProps `json:"openAPIV3Schema,omitempty" protobuf:"bytes,1,opt,name=openAPIV3Schema"`
 }
+
+// CustomResourceSubresources defines the status and scale subresources for CustomResources.
+type CustomResourceSubresources struct {
+	// Status denotes the status subresource for CustomResources
+	Status *CustomResourceSubresourceStatus `json:"status,omitempty" protobuf:"bytes,1,opt,name=status"`
+	// Scale denotes the scale subresource for CustomResources
+	Scale *CustomResourceSubresourceScale `json:"scale,omitempty" protobuf:"bytes,2,opt,name=scale"`
+}
+
+// CustomResourceSubresourceStatus defines how to serve the status subresource for CustomResources.
+// Status is represented by the `.status` JSON path inside of a CustomResource. When set,
+// * exposes a /status subresource for the custom resource
+// * PUT requests to the /status subresource take a custom resource object, and ignore changes to anything except the status stanza
+// * PUT/POST/PATCH requests to the custom resource ignore changes to the status stanza
+type CustomResourceSubresourceStatus struct{}
+
+// CustomResourceSubresourceScale defines how to serve the scale subresource for CustomResources.
+type CustomResourceSubresourceScale struct {
+	// SpecReplicasPath defines the JSON path inside of a CustomResource that corresponds to Scale.Spec.Replicas.
+	// Only JSON paths without the array notation are allowed.
+	// Must be a JSON Path under .spec.
+	// If there is no value under the given path in the CustomResource, the /scale subresource will return an error on GET.
+	SpecReplicasPath string `json:"specReplicasPath" protobuf:"bytes,1,name=specReplicasPath"`
+	// StatusReplicasPath defines the JSON path inside of a CustomResource that corresponds to Scale.Status.Replicas.
+	// Only JSON paths without the array notation are allowed.
+	// Must be a JSON Path under .status.
+	// If there is no value under the given path in the CustomResource, the status replica value in the /scale subresource
+	// will default to 0.
+	StatusReplicasPath string `json:"statusReplicasPath" protobuf:"bytes,2,opt,name=statusReplicasPath"`
+	// LabelSelectorPath defines the JSON path inside of a CustomResource that corresponds to Scale.Status.Selector.
+	// Only JSON paths without the array notation are allowed.
+	// Must be a JSON Path under .status.
+	// Must be set to work with HPA.
+	// If there is no value under the given path in the CustomResource, the status label selector value in the /scale
+	// subresource will default to the empty string.
+	// +optional
+	LabelSelectorPath *string `json:"labelSelectorPath,omitempty" protobuf:"bytes,3,opt,name=labelSelectorPath"`
+}
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/zz_generated.conversion.go
index 5b045113828e..6cd42fe5b8ee 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/zz_generated.conversion.go
@@ -16,15 +16,16 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	unsafe "unsafe"
+
 	apiextensions "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
-	unsafe "unsafe"
 )
 
 func init() {
@@ -47,6 +48,12 @@ func RegisterConversions(scheme *runtime.Scheme) error {
 		Convert_apiextensions_CustomResourceDefinitionSpec_To_v1beta1_CustomResourceDefinitionSpec,
 		Convert_v1beta1_CustomResourceDefinitionStatus_To_apiextensions_CustomResourceDefinitionStatus,
 		Convert_apiextensions_CustomResourceDefinitionStatus_To_v1beta1_CustomResourceDefinitionStatus,
+		Convert_v1beta1_CustomResourceSubresourceScale_To_apiextensions_CustomResourceSubresourceScale,
+		Convert_apiextensions_CustomResourceSubresourceScale_To_v1beta1_CustomResourceSubresourceScale,
+		Convert_v1beta1_CustomResourceSubresourceStatus_To_apiextensions_CustomResourceSubresourceStatus,
+		Convert_apiextensions_CustomResourceSubresourceStatus_To_v1beta1_CustomResourceSubresourceStatus,
+		Convert_v1beta1_CustomResourceSubresources_To_apiextensions_CustomResourceSubresources,
+		Convert_apiextensions_CustomResourceSubresources_To_v1beta1_CustomResourceSubresources,
 		Convert_v1beta1_CustomResourceValidation_To_apiextensions_CustomResourceValidation,
 		Convert_apiextensions_CustomResourceValidation_To_v1beta1_CustomResourceValidation,
 		Convert_v1beta1_ExternalDocumentation_To_apiextensions_ExternalDocumentation,
@@ -172,6 +179,7 @@ func autoConvert_v1beta1_CustomResourceDefinitionNames_To_apiextensions_CustomRe
 	out.ShortNames = *(*[]string)(unsafe.Pointer(&in.ShortNames))
 	out.Kind = in.Kind
 	out.ListKind = in.ListKind
+	out.Categories = *(*[]string)(unsafe.Pointer(&in.Categories))
 	return nil
 }
 
@@ -186,6 +194,7 @@ func autoConvert_apiextensions_CustomResourceDefinitionNames_To_v1beta1_CustomRe
 	out.ShortNames = *(*[]string)(unsafe.Pointer(&in.ShortNames))
 	out.Kind = in.Kind
 	out.ListKind = in.ListKind
+	out.Categories = *(*[]string)(unsafe.Pointer(&in.Categories))
 	return nil
 }
 
@@ -210,6 +219,7 @@ func autoConvert_v1beta1_CustomResourceDefinitionSpec_To_apiextensions_CustomRes
 	} else {
 		out.Validation = nil
 	}
+	out.Subresources = (*apiextensions.CustomResourceSubresources)(unsafe.Pointer(in.Subresources))
 	return nil
 }
 
@@ -234,6 +244,7 @@ func autoConvert_apiextensions_CustomResourceDefinitionSpec_To_v1beta1_CustomRes
 	} else {
 		out.Validation = nil
 	}
+	out.Subresources = (*CustomResourceSubresources)(unsafe.Pointer(in.Subresources))
 	return nil
 }
 
@@ -268,6 +279,70 @@ func Convert_apiextensions_CustomResourceDefinitionStatus_To_v1beta1_CustomResou
 	return autoConvert_apiextensions_CustomResourceDefinitionStatus_To_v1beta1_CustomResourceDefinitionStatus(in, out, s)
 }
 
+func autoConvert_v1beta1_CustomResourceSubresourceScale_To_apiextensions_CustomResourceSubresourceScale(in *CustomResourceSubresourceScale, out *apiextensions.CustomResourceSubresourceScale, s conversion.Scope) error {
+	out.SpecReplicasPath = in.SpecReplicasPath
+	out.StatusReplicasPath = in.StatusReplicasPath
+	out.LabelSelectorPath = (*string)(unsafe.Pointer(in.LabelSelectorPath))
+	return nil
+}
+
+// Convert_v1beta1_CustomResourceSubresourceScale_To_apiextensions_CustomResourceSubresourceScale is an autogenerated conversion function.
+func Convert_v1beta1_CustomResourceSubresourceScale_To_apiextensions_CustomResourceSubresourceScale(in *CustomResourceSubresourceScale, out *apiextensions.CustomResourceSubresourceScale, s conversion.Scope) error {
+	return autoConvert_v1beta1_CustomResourceSubresourceScale_To_apiextensions_CustomResourceSubresourceScale(in, out, s)
+}
+
+func autoConvert_apiextensions_CustomResourceSubresourceScale_To_v1beta1_CustomResourceSubresourceScale(in *apiextensions.CustomResourceSubresourceScale, out *CustomResourceSubresourceScale, s conversion.Scope) error {
+	out.SpecReplicasPath = in.SpecReplicasPath
+	out.StatusReplicasPath = in.StatusReplicasPath
+	out.LabelSelectorPath = (*string)(unsafe.Pointer(in.LabelSelectorPath))
+	return nil
+}
+
+// Convert_apiextensions_CustomResourceSubresourceScale_To_v1beta1_CustomResourceSubresourceScale is an autogenerated conversion function.
+func Convert_apiextensions_CustomResourceSubresourceScale_To_v1beta1_CustomResourceSubresourceScale(in *apiextensions.CustomResourceSubresourceScale, out *CustomResourceSubresourceScale, s conversion.Scope) error {
+	return autoConvert_apiextensions_CustomResourceSubresourceScale_To_v1beta1_CustomResourceSubresourceScale(in, out, s)
+}
+
+func autoConvert_v1beta1_CustomResourceSubresourceStatus_To_apiextensions_CustomResourceSubresourceStatus(in *CustomResourceSubresourceStatus, out *apiextensions.CustomResourceSubresourceStatus, s conversion.Scope) error {
+	return nil
+}
+
+// Convert_v1beta1_CustomResourceSubresourceStatus_To_apiextensions_CustomResourceSubresourceStatus is an autogenerated conversion function.
+func Convert_v1beta1_CustomResourceSubresourceStatus_To_apiextensions_CustomResourceSubresourceStatus(in *CustomResourceSubresourceStatus, out *apiextensions.CustomResourceSubresourceStatus, s conversion.Scope) error {
+	return autoConvert_v1beta1_CustomResourceSubresourceStatus_To_apiextensions_CustomResourceSubresourceStatus(in, out, s)
+}
+
+func autoConvert_apiextensions_CustomResourceSubresourceStatus_To_v1beta1_CustomResourceSubresourceStatus(in *apiextensions.CustomResourceSubresourceStatus, out *CustomResourceSubresourceStatus, s conversion.Scope) error {
+	return nil
+}
+
+// Convert_apiextensions_CustomResourceSubresourceStatus_To_v1beta1_CustomResourceSubresourceStatus is an autogenerated conversion function.
+func Convert_apiextensions_CustomResourceSubresourceStatus_To_v1beta1_CustomResourceSubresourceStatus(in *apiextensions.CustomResourceSubresourceStatus, out *CustomResourceSubresourceStatus, s conversion.Scope) error {
+	return autoConvert_apiextensions_CustomResourceSubresourceStatus_To_v1beta1_CustomResourceSubresourceStatus(in, out, s)
+}
+
+func autoConvert_v1beta1_CustomResourceSubresources_To_apiextensions_CustomResourceSubresources(in *CustomResourceSubresources, out *apiextensions.CustomResourceSubresources, s conversion.Scope) error {
+	out.Status = (*apiextensions.CustomResourceSubresourceStatus)(unsafe.Pointer(in.Status))
+	out.Scale = (*apiextensions.CustomResourceSubresourceScale)(unsafe.Pointer(in.Scale))
+	return nil
+}
+
+// Convert_v1beta1_CustomResourceSubresources_To_apiextensions_CustomResourceSubresources is an autogenerated conversion function.
+func Convert_v1beta1_CustomResourceSubresources_To_apiextensions_CustomResourceSubresources(in *CustomResourceSubresources, out *apiextensions.CustomResourceSubresources, s conversion.Scope) error {
+	return autoConvert_v1beta1_CustomResourceSubresources_To_apiextensions_CustomResourceSubresources(in, out, s)
+}
+
+func autoConvert_apiextensions_CustomResourceSubresources_To_v1beta1_CustomResourceSubresources(in *apiextensions.CustomResourceSubresources, out *CustomResourceSubresources, s conversion.Scope) error {
+	out.Status = (*CustomResourceSubresourceStatus)(unsafe.Pointer(in.Status))
+	out.Scale = (*CustomResourceSubresourceScale)(unsafe.Pointer(in.Scale))
+	return nil
+}
+
+// Convert_apiextensions_CustomResourceSubresources_To_v1beta1_CustomResourceSubresources is an autogenerated conversion function.
+func Convert_apiextensions_CustomResourceSubresources_To_v1beta1_CustomResourceSubresources(in *apiextensions.CustomResourceSubresources, out *CustomResourceSubresources, s conversion.Scope) error {
+	return autoConvert_apiextensions_CustomResourceSubresources_To_v1beta1_CustomResourceSubresources(in, out, s)
+}
+
 func autoConvert_v1beta1_CustomResourceValidation_To_apiextensions_CustomResourceValidation(in *CustomResourceValidation, out *apiextensions.CustomResourceValidation, s conversion.Scope) error {
 	if in.OpenAPIV3Schema != nil {
 		in, out := &in.OpenAPIV3Schema, &out.OpenAPIV3Schema
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/zz_generated.deepcopy.go
index 363e970dae66..35c3a0b7527a 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1beta1
 
@@ -48,9 +48,8 @@ func (in *CustomResourceDefinition) DeepCopy() *CustomResourceDefinition {
 func (in *CustomResourceDefinition) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -99,9 +98,8 @@ func (in *CustomResourceDefinitionList) DeepCopy() *CustomResourceDefinitionList
 func (in *CustomResourceDefinitionList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -112,6 +110,11 @@ func (in *CustomResourceDefinitionNames) DeepCopyInto(out *CustomResourceDefinit
 		*out = make([]string, len(*in))
 		copy(*out, *in)
 	}
+	if in.Categories != nil {
+		in, out := &in.Categories, &out.Categories
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
 	return
 }
 
@@ -138,6 +141,15 @@ func (in *CustomResourceDefinitionSpec) DeepCopyInto(out *CustomResourceDefiniti
 			(*in).DeepCopyInto(*out)
 		}
 	}
+	if in.Subresources != nil {
+		in, out := &in.Subresources, &out.Subresources
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(CustomResourceSubresources)
+			(*in).DeepCopyInto(*out)
+		}
+	}
 	return
 }
 
@@ -175,6 +187,81 @@ func (in *CustomResourceDefinitionStatus) DeepCopy() *CustomResourceDefinitionSt
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *CustomResourceSubresourceScale) DeepCopyInto(out *CustomResourceSubresourceScale) {
+	*out = *in
+	if in.LabelSelectorPath != nil {
+		in, out := &in.LabelSelectorPath, &out.LabelSelectorPath
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(string)
+			**out = **in
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomResourceSubresourceScale.
+func (in *CustomResourceSubresourceScale) DeepCopy() *CustomResourceSubresourceScale {
+	if in == nil {
+		return nil
+	}
+	out := new(CustomResourceSubresourceScale)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *CustomResourceSubresourceStatus) DeepCopyInto(out *CustomResourceSubresourceStatus) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomResourceSubresourceStatus.
+func (in *CustomResourceSubresourceStatus) DeepCopy() *CustomResourceSubresourceStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(CustomResourceSubresourceStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *CustomResourceSubresources) DeepCopyInto(out *CustomResourceSubresources) {
+	*out = *in
+	if in.Status != nil {
+		in, out := &in.Status, &out.Status
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(CustomResourceSubresourceStatus)
+			**out = **in
+		}
+	}
+	if in.Scale != nil {
+		in, out := &in.Scale, &out.Scale
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(CustomResourceSubresourceScale)
+			(*in).DeepCopyInto(*out)
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomResourceSubresources.
+func (in *CustomResourceSubresources) DeepCopy() *CustomResourceSubresources {
+	if in == nil {
+		return nil
+	}
+	out := new(CustomResourceSubresources)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *CustomResourceValidation) DeepCopyInto(out *CustomResourceValidation) {
 	*out = *in
@@ -183,8 +270,7 @@ func (in *CustomResourceValidation) DeepCopyInto(out *CustomResourceValidation)
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(JSONSchemaProps)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	return
@@ -237,6 +323,50 @@ func (in *JSON) DeepCopy() *JSON {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in JSONSchemaDefinitions) DeepCopyInto(out *JSONSchemaDefinitions) {
+	{
+		in := &in
+		*out = make(JSONSchemaDefinitions, len(*in))
+		for key, val := range *in {
+			(*out)[key] = *val.DeepCopy()
+		}
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JSONSchemaDefinitions.
+func (in JSONSchemaDefinitions) DeepCopy() JSONSchemaDefinitions {
+	if in == nil {
+		return nil
+	}
+	out := new(JSONSchemaDefinitions)
+	in.DeepCopyInto(out)
+	return *out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in JSONSchemaDependencies) DeepCopyInto(out *JSONSchemaDependencies) {
+	{
+		in := &in
+		*out = make(JSONSchemaDependencies, len(*in))
+		for key, val := range *in {
+			(*out)[key] = *val.DeepCopy()
+		}
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JSONSchemaDependencies.
+func (in JSONSchemaDependencies) DeepCopy() JSONSchemaDependencies {
+	if in == nil {
+		return nil
+	}
+	out := new(JSONSchemaDependencies)
+	in.DeepCopyInto(out)
+	return *out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *JSONSchemaProps) DeepCopyInto(out *JSONSchemaProps) {
 	clone := in.DeepCopy()
@@ -252,8 +382,7 @@ func (in *JSONSchemaPropsOrArray) DeepCopyInto(out *JSONSchemaPropsOrArray) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(JSONSchemaProps)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	if in.JSONSchemas != nil {
@@ -284,8 +413,7 @@ func (in *JSONSchemaPropsOrBool) DeepCopyInto(out *JSONSchemaPropsOrBool) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(JSONSchemaProps)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	return
@@ -309,8 +437,7 @@ func (in *JSONSchemaPropsOrStringArray) DeepCopyInto(out *JSONSchemaPropsOrStrin
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(JSONSchemaProps)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	if in.Property != nil {
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/zz_generated.defaults.go b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/zz_generated.defaults.go
index 5c30d5b0a5f6..546f33eda7b0 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/zz_generated.defaults.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/validation/BUILD b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/validation/BUILD
index d4266be033ba..b641b6093708 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/validation/BUILD
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/validation/BUILD
@@ -24,8 +24,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/validation/validation.go b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/validation/validation.go
index 56d147cd88dd..713fcfa9058e 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/validation/validation.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/validation/validation.go
@@ -18,6 +18,7 @@ package validation
 
 import (
 	"fmt"
+	"reflect"
 	"strings"
 
 	genericvalidation "k8s.io/apimachinery/pkg/api/validation"
@@ -107,7 +108,13 @@ func ValidateCustomResourceDefinitionSpec(spec *apiextensions.CustomResourceDefi
 	if utilfeature.DefaultFeatureGate.Enabled(apiextensionsfeatures.CustomResourceValidation) {
 		allErrs = append(allErrs, ValidateCustomResourceDefinitionValidation(spec.Validation, fldPath.Child("validation"))...)
 	} else if spec.Validation != nil {
-		allErrs = append(allErrs, field.Forbidden(fldPath.Child("validation"), "disabled by feature-gate"))
+		allErrs = append(allErrs, field.Forbidden(fldPath.Child("validation"), "disabled by feature-gate CustomResourceValidation"))
+	}
+
+	if utilfeature.DefaultFeatureGate.Enabled(apiextensionsfeatures.CustomResourceSubresources) {
+		allErrs = append(allErrs, ValidateCustomResourceDefinitionSubresources(spec.Subresources, fldPath.Child("subresources"))...)
+	} else if spec.Subresources != nil {
+		allErrs = append(allErrs, field.Forbidden(fldPath.Child("subresources"), "disabled by feature-gate CustomResourceSubresources"))
 	}
 
 	return allErrs
@@ -158,7 +165,6 @@ func ValidateCustomResourceDefinitionNames(names *apiextensions.CustomResourceDe
 		if errs := validationutil.IsDNS1035Label(shortName); len(errs) > 0 {
 			allErrs = append(allErrs, field.Invalid(fldPath.Child("shortNames").Index(i), shortName, strings.Join(errs, ",")))
 		}
-
 	}
 
 	// kind and listKind may not be the same or parsing become ambiguous
@@ -166,10 +172,16 @@ func ValidateCustomResourceDefinitionNames(names *apiextensions.CustomResourceDe
 		allErrs = append(allErrs, field.Invalid(fldPath.Child("listKind"), names.ListKind, "kind and listKind may not be the same"))
 	}
 
+	for i, category := range names.Categories {
+		if errs := validationutil.IsDNS1035Label(category); len(errs) > 0 {
+			allErrs = append(allErrs, field.Invalid(fldPath.Child("categories").Index(i), category, strings.Join(errs, ",")))
+		}
+	}
+
 	return allErrs
 }
 
-// specStandardValidator applies validations for different OpenAPI specfication versions.
+// specStandardValidator applies validations for different OpenAPI specification versions.
 type specStandardValidator interface {
 	validate(spec *apiextensions.JSONSchemaProps, fldPath *field.Path) field.ErrorList
 }
@@ -182,14 +194,32 @@ func ValidateCustomResourceDefinitionValidation(customResourceValidation *apiext
 		return allErrs
 	}
 
-	if customResourceValidation.OpenAPIV3Schema != nil {
+	if schema := customResourceValidation.OpenAPIV3Schema; schema != nil {
+		// if subresources are enabled, only properties is allowed inside the root schema
+		if utilfeature.DefaultFeatureGate.Enabled(apiextensionsfeatures.CustomResourceSubresources) {
+			v := reflect.ValueOf(schema).Elem()
+			fieldsPresent := 0
+
+			for i := 0; i < v.NumField(); i++ {
+				field := v.Field(i).Interface()
+				if !reflect.DeepEqual(field, reflect.Zero(reflect.TypeOf(field)).Interface()) {
+					fieldsPresent++
+				}
+			}
+
+			if fieldsPresent > 1 || (fieldsPresent == 1 && v.FieldByName("Properties").IsNil()) {
+				allErrs = append(allErrs, field.Invalid(fldPath.Child("openAPIV3Schema"), *schema, fmt.Sprintf("if subresources for custom resources are enabled, only properties can be used at the root of the schema")))
+				return allErrs
+			}
+		}
+
 		openAPIV3Schema := &specStandardValidatorV3{}
-		allErrs = append(allErrs, ValidateCustomResourceDefinitionOpenAPISchema(customResourceValidation.OpenAPIV3Schema, fldPath.Child("openAPIV3Schema"), openAPIV3Schema)...)
+		allErrs = append(allErrs, ValidateCustomResourceDefinitionOpenAPISchema(schema, fldPath.Child("openAPIV3Schema"), openAPIV3Schema)...)
 	}
 
 	// if validation passed otherwise, make sure we can actually construct a schema validator from this custom resource validation.
 	if len(allErrs) == 0 {
-		if _, err := apiservervalidation.NewSchemaValidator(customResourceValidation); err != nil {
+		if _, _, err := apiservervalidation.NewSchemaValidator(customResourceValidation); err != nil {
 			allErrs = append(allErrs, field.Invalid(fldPath, "", fmt.Sprintf("error building validator: %v", err)))
 		}
 	}
@@ -326,3 +356,64 @@ func (v *specStandardValidatorV3) validate(schema *apiextensions.JSONSchemaProps
 
 	return allErrs
 }
+
+// ValidateCustomResourceDefinitionSubresources statically validates
+func ValidateCustomResourceDefinitionSubresources(subresources *apiextensions.CustomResourceSubresources, fldPath *field.Path) field.ErrorList {
+	allErrs := field.ErrorList{}
+
+	if subresources == nil {
+		return allErrs
+	}
+
+	if subresources.Scale != nil {
+		if len(subresources.Scale.SpecReplicasPath) == 0 {
+			allErrs = append(allErrs, field.Required(fldPath.Child("scale.specReplicasPath"), ""))
+		} else {
+			// should be constrained json path under .spec
+			if errs := validateSimpleJSONPath(subresources.Scale.SpecReplicasPath, fldPath.Child("scale.specReplicasPath")); len(errs) > 0 {
+				allErrs = append(allErrs, errs...)
+			} else if !strings.HasPrefix(subresources.Scale.SpecReplicasPath, ".spec.") {
+				allErrs = append(allErrs, field.Invalid(fldPath.Child("scale.specReplicasPath"), subresources.Scale.SpecReplicasPath, "should be a json path under .spec"))
+			}
+		}
+
+		if len(subresources.Scale.StatusReplicasPath) == 0 {
+			allErrs = append(allErrs, field.Required(fldPath.Child("scale.statusReplicasPath"), ""))
+		} else {
+			// should be constrained json path under .status
+			if errs := validateSimpleJSONPath(subresources.Scale.StatusReplicasPath, fldPath.Child("scale.statusReplicasPath")); len(errs) > 0 {
+				allErrs = append(allErrs, errs...)
+			} else if !strings.HasPrefix(subresources.Scale.StatusReplicasPath, ".status.") {
+				allErrs = append(allErrs, field.Invalid(fldPath.Child("scale.statusReplicasPath"), subresources.Scale.StatusReplicasPath, "should be a json path under .status"))
+			}
+		}
+
+		// if labelSelectorPath is present, it should be a constrained json path under .status
+		if subresources.Scale.LabelSelectorPath != nil && len(*subresources.Scale.LabelSelectorPath) > 0 {
+			if errs := validateSimpleJSONPath(*subresources.Scale.LabelSelectorPath, fldPath.Child("scale.labelSelectorPath")); len(errs) > 0 {
+				allErrs = append(allErrs, errs...)
+			} else if !strings.HasPrefix(*subresources.Scale.LabelSelectorPath, ".status.") {
+				allErrs = append(allErrs, field.Invalid(fldPath.Child("scale.labelSelectorPath"), subresources.Scale.LabelSelectorPath, "should be a json path under .status"))
+			}
+		}
+	}
+
+	return allErrs
+}
+
+func validateSimpleJSONPath(s string, fldPath *field.Path) field.ErrorList {
+	allErrs := field.ErrorList{}
+
+	switch {
+	case len(s) == 0:
+		allErrs = append(allErrs, field.Invalid(fldPath, s, "must not be empty"))
+	case s[0] != '.':
+		allErrs = append(allErrs, field.Invalid(fldPath, s, "must be a simple json path starting with ."))
+	case s != ".":
+		if cs := strings.Split(s[1:], "."); len(cs) < 1 {
+			allErrs = append(allErrs, field.Invalid(fldPath, s, "must be a json path in the dot notation"))
+		}
+	}
+
+	return allErrs
+}
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/zz_generated.deepcopy.go b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/zz_generated.deepcopy.go
index f94bbae2c920..ea3af697615a 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package apiextensions
 
@@ -48,9 +48,8 @@ func (in *CustomResourceDefinition) DeepCopy() *CustomResourceDefinition {
 func (in *CustomResourceDefinition) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -99,9 +98,8 @@ func (in *CustomResourceDefinitionList) DeepCopy() *CustomResourceDefinitionList
 func (in *CustomResourceDefinitionList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -112,6 +110,11 @@ func (in *CustomResourceDefinitionNames) DeepCopyInto(out *CustomResourceDefinit
 		*out = make([]string, len(*in))
 		copy(*out, *in)
 	}
+	if in.Categories != nil {
+		in, out := &in.Categories, &out.Categories
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
 	return
 }
 
@@ -138,6 +141,15 @@ func (in *CustomResourceDefinitionSpec) DeepCopyInto(out *CustomResourceDefiniti
 			(*in).DeepCopyInto(*out)
 		}
 	}
+	if in.Subresources != nil {
+		in, out := &in.Subresources, &out.Subresources
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(CustomResourceSubresources)
+			(*in).DeepCopyInto(*out)
+		}
+	}
 	return
 }
 
@@ -175,6 +187,81 @@ func (in *CustomResourceDefinitionStatus) DeepCopy() *CustomResourceDefinitionSt
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *CustomResourceSubresourceScale) DeepCopyInto(out *CustomResourceSubresourceScale) {
+	*out = *in
+	if in.LabelSelectorPath != nil {
+		in, out := &in.LabelSelectorPath, &out.LabelSelectorPath
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(string)
+			**out = **in
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomResourceSubresourceScale.
+func (in *CustomResourceSubresourceScale) DeepCopy() *CustomResourceSubresourceScale {
+	if in == nil {
+		return nil
+	}
+	out := new(CustomResourceSubresourceScale)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *CustomResourceSubresourceStatus) DeepCopyInto(out *CustomResourceSubresourceStatus) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomResourceSubresourceStatus.
+func (in *CustomResourceSubresourceStatus) DeepCopy() *CustomResourceSubresourceStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(CustomResourceSubresourceStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *CustomResourceSubresources) DeepCopyInto(out *CustomResourceSubresources) {
+	*out = *in
+	if in.Status != nil {
+		in, out := &in.Status, &out.Status
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(CustomResourceSubresourceStatus)
+			**out = **in
+		}
+	}
+	if in.Scale != nil {
+		in, out := &in.Scale, &out.Scale
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(CustomResourceSubresourceScale)
+			(*in).DeepCopyInto(*out)
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomResourceSubresources.
+func (in *CustomResourceSubresources) DeepCopy() *CustomResourceSubresources {
+	if in == nil {
+		return nil
+	}
+	out := new(CustomResourceSubresources)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *CustomResourceValidation) DeepCopyInto(out *CustomResourceValidation) {
 	*out = *in
@@ -183,8 +270,7 @@ func (in *CustomResourceValidation) DeepCopyInto(out *CustomResourceValidation)
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(JSONSchemaProps)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	return
@@ -216,6 +302,50 @@ func (in *ExternalDocumentation) DeepCopy() *ExternalDocumentation {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in JSONSchemaDefinitions) DeepCopyInto(out *JSONSchemaDefinitions) {
+	{
+		in := &in
+		*out = make(JSONSchemaDefinitions, len(*in))
+		for key, val := range *in {
+			(*out)[key] = *val.DeepCopy()
+		}
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JSONSchemaDefinitions.
+func (in JSONSchemaDefinitions) DeepCopy() JSONSchemaDefinitions {
+	if in == nil {
+		return nil
+	}
+	out := new(JSONSchemaDefinitions)
+	in.DeepCopyInto(out)
+	return *out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in JSONSchemaDependencies) DeepCopyInto(out *JSONSchemaDependencies) {
+	{
+		in := &in
+		*out = make(JSONSchemaDependencies, len(*in))
+		for key, val := range *in {
+			(*out)[key] = *val.DeepCopy()
+		}
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JSONSchemaDependencies.
+func (in JSONSchemaDependencies) DeepCopy() JSONSchemaDependencies {
+	if in == nil {
+		return nil
+	}
+	out := new(JSONSchemaDependencies)
+	in.DeepCopyInto(out)
+	return *out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *JSONSchemaProps) DeepCopyInto(out *JSONSchemaProps) {
 	clone := in.DeepCopy()
@@ -231,8 +361,7 @@ func (in *JSONSchemaPropsOrArray) DeepCopyInto(out *JSONSchemaPropsOrArray) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(JSONSchemaProps)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	if in.JSONSchemas != nil {
@@ -263,8 +392,7 @@ func (in *JSONSchemaPropsOrBool) DeepCopyInto(out *JSONSchemaPropsOrBool) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(JSONSchemaProps)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	return
@@ -288,8 +416,7 @@ func (in *JSONSchemaPropsOrStringArray) DeepCopyInto(out *JSONSchemaPropsOrStrin
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(JSONSchemaProps)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	if in.Property != nil {
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/BUILD b/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/BUILD
index 6f78910f0c49..09d21156d735 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/BUILD
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/BUILD
@@ -16,7 +16,11 @@ go_library(
     ],
     importpath = "k8s.io/apiextensions-apiserver/pkg/apiserver",
     deps = [
+        "//vendor/github.com/go-openapi/spec:go_default_library",
+        "//vendor/github.com/go-openapi/strfmt:go_default_library",
+        "//vendor/github.com/go-openapi/validate:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/k8s.io/api/autoscaling/v1:go_default_library",
         "//vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions:go_default_library",
         "//vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/install:go_default_library",
         "//vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1:go_default_library",
@@ -29,7 +33,9 @@ go_library(
         "//vendor/k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/internalversion:go_default_library",
         "//vendor/k8s.io/apiextensions-apiserver/pkg/controller/finalizer:go_default_library",
         "//vendor/k8s.io/apiextensions-apiserver/pkg/controller/status:go_default_library",
+        "//vendor/k8s.io/apiextensions-apiserver/pkg/features:go_default_library",
         "//vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource:go_default_library",
+        "//vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/tableconvertor:go_default_library",
         "//vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresourcedefinition:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
@@ -51,13 +57,19 @@ go_library(
         "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/endpoints/discovery:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/endpoints/handlers:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/endpoints/handlers/responsewriters:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/endpoints/metrics:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic/registry:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/rest:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server/storage:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/storagebackend:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/client-go/discovery:go_default_library",
+        "//vendor/k8s.io/client-go/scale:go_default_library",
+        "//vendor/k8s.io/client-go/scale/scheme/autoscalingv1:go_default_library",
         "//vendor/k8s.io/client-go/tools/cache:go_default_library",
         "//vendor/k8s.io/client-go/util/workqueue:go_default_library",
     ],
@@ -82,7 +94,6 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["customresource_handler_test.go"],
-    importpath = "k8s.io/apiextensions-apiserver/pkg/apiserver",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library"],
 )
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/apiserver.go b/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/apiserver.go
index de90cef90685..1415ff8d98af 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/apiserver.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/apiserver.go
@@ -35,6 +35,7 @@ import (
 	genericregistry "k8s.io/apiserver/pkg/registry/generic"
 	"k8s.io/apiserver/pkg/registry/rest"
 	genericapiserver "k8s.io/apiserver/pkg/server"
+	serverstorage "k8s.io/apiserver/pkg/server/storage"
 
 	"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions"
 	"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/install"
@@ -53,7 +54,7 @@ import (
 
 var (
 	groupFactoryRegistry = make(announced.APIGroupFactoryRegistry)
-	registry             = registered.NewOrDie("")
+	Registry             = registered.NewOrDie("")
 	Scheme               = runtime.NewScheme()
 	Codecs               = serializer.NewCodecFactory(Scheme)
 
@@ -70,7 +71,7 @@ var (
 )
 
 func init() {
-	install.Install(groupFactoryRegistry, registry, Scheme)
+	install.Install(groupFactoryRegistry, Registry, Scheme)
 
 	// we need to add the options to empty v1
 	metav1.AddToGroupVersion(Scheme, schema.GroupVersion{Group: "", Version: "v1"})
@@ -131,13 +132,18 @@ func (c completedConfig) New(delegationTarget genericapiserver.DelegationTarget)
 		GenericAPIServer: genericServer,
 	}
 
-	apiGroupInfo := genericapiserver.NewDefaultAPIGroupInfo(apiextensions.GroupName, registry, Scheme, metav1.ParameterCodec, Codecs)
-	apiGroupInfo.GroupMeta.GroupVersion = v1beta1.SchemeGroupVersion
-	customResourceDefintionStorage := customresourcedefinition.NewREST(Scheme, c.GenericConfig.RESTOptionsGetter)
-	v1beta1storage := map[string]rest.Storage{}
-	v1beta1storage["customresourcedefinitions"] = customResourceDefintionStorage
-	v1beta1storage["customresourcedefinitions/status"] = customresourcedefinition.NewStatusREST(Scheme, customResourceDefintionStorage)
-	apiGroupInfo.VersionedResourcesStorageMap["v1beta1"] = v1beta1storage
+	apiResourceConfig := c.GenericConfig.MergedResourceConfig
+	apiGroupInfo := genericapiserver.NewDefaultAPIGroupInfo(apiextensions.GroupName, Registry, Scheme, metav1.ParameterCodec, Codecs)
+	if apiResourceConfig.VersionEnabled(v1beta1.SchemeGroupVersion) {
+		apiGroupInfo.GroupMeta.GroupVersion = v1beta1.SchemeGroupVersion
+		storage := map[string]rest.Storage{}
+		// customresourcedefinitions
+		customResourceDefintionStorage := customresourcedefinition.NewREST(Scheme, c.GenericConfig.RESTOptionsGetter)
+		storage["customresourcedefinitions"] = customResourceDefintionStorage
+		storage["customresourcedefinitions/status"] = customresourcedefinition.NewStatusREST(Scheme, customResourceDefintionStorage)
+
+		apiGroupInfo.VersionedResourcesStorageMap["v1beta1"] = storage
+	}
 
 	if err := s.GenericAPIServer.InstallAPIGroup(&apiGroupInfo); err != nil {
 		return nil, err
@@ -177,7 +183,6 @@ func (c completedConfig) New(delegationTarget genericapiserver.DelegationTarget)
 		versionDiscoveryHandler,
 		groupDiscoveryHandler,
 		s.GenericAPIServer.RequestContextMapper(),
-		s.Informers.Apiextensions().InternalVersion().CustomResourceDefinitions().Lister(),
 		s.Informers.Apiextensions().InternalVersion().CustomResourceDefinitions(),
 		delegateHandler,
 		c.ExtraConfig.CRDRESTOptionsGetter,
@@ -212,3 +217,13 @@ func (c completedConfig) New(delegationTarget genericapiserver.DelegationTarget)
 
 	return s, nil
 }
+
+func DefaultAPIResourceConfigSource() *serverstorage.ResourceConfig {
+	ret := serverstorage.NewResourceConfig()
+	// NOTE: GroupVersions listed here will be enabled by default. Don't put alpha versions in the list.
+	ret.EnableVersions(
+		v1beta1.SchemeGroupVersion,
+	)
+
+	return ret
+}
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_discovery_controller.go b/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_discovery_controller.go
index 85a2a27d0970..b180e105b4c7 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_discovery_controller.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_discovery_controller.go
@@ -22,6 +22,7 @@ import (
 
 	"github.com/golang/glog"
 
+	autoscaling "k8s.io/api/autoscaling/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/runtime/schema"
@@ -116,7 +117,28 @@ func (c *DiscoveryController) sync(version schema.GroupVersion) error {
 			Kind:         crd.Status.AcceptedNames.Kind,
 			Verbs:        verbs,
 			ShortNames:   crd.Status.AcceptedNames.ShortNames,
+			Categories:   crd.Status.AcceptedNames.Categories,
 		})
+
+		if crd.Spec.Subresources != nil && crd.Spec.Subresources.Status != nil {
+			apiResourcesForDiscovery = append(apiResourcesForDiscovery, metav1.APIResource{
+				Name:       crd.Status.AcceptedNames.Plural + "/status",
+				Namespaced: crd.Spec.Scope == apiextensions.NamespaceScoped,
+				Kind:       crd.Status.AcceptedNames.Kind,
+				Verbs:      metav1.Verbs([]string{"get", "patch", "update"}),
+			})
+		}
+
+		if crd.Spec.Subresources != nil && crd.Spec.Subresources.Scale != nil {
+			apiResourcesForDiscovery = append(apiResourcesForDiscovery, metav1.APIResource{
+				Group:      autoscaling.GroupName,
+				Version:    "v1",
+				Kind:       "Scale",
+				Name:       crd.Status.AcceptedNames.Plural + "/scale",
+				Namespaced: crd.Spec.Scope == apiextensions.NamespaceScoped,
+				Verbs:      metav1.Verbs([]string{"get", "patch", "update"}),
+			})
+		}
 	}
 
 	if !foundGroup {
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_handler.go b/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_handler.go
index 62d8f4a614df..e427f4c117e8 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_handler.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_handler.go
@@ -18,13 +18,16 @@ package apiserver
 
 import (
 	"fmt"
-	"io"
 	"net/http"
 	"path"
+	"strings"
 	"sync"
 	"sync/atomic"
 	"time"
 
+	"github.com/go-openapi/spec"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/validate"
 	"github.com/golang/glog"
 
 	apiequality "k8s.io/apimachinery/pkg/api/equality"
@@ -35,25 +38,33 @@ import (
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/runtime/serializer"
 	"k8s.io/apimachinery/pkg/runtime/serializer/json"
 	"k8s.io/apimachinery/pkg/runtime/serializer/versioning"
 	"k8s.io/apimachinery/pkg/types"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apiserver/pkg/admission"
 	"k8s.io/apiserver/pkg/endpoints/handlers"
+	"k8s.io/apiserver/pkg/endpoints/handlers/responsewriters"
+	"k8s.io/apiserver/pkg/endpoints/metrics"
 	apirequest "k8s.io/apiserver/pkg/endpoints/request"
 	"k8s.io/apiserver/pkg/registry/generic"
 	genericregistry "k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/apiserver/pkg/storage/storagebackend"
+	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	"k8s.io/client-go/discovery"
-	cache "k8s.io/client-go/tools/cache"
+	"k8s.io/client-go/scale"
+	"k8s.io/client-go/scale/scheme/autoscalingv1"
+	"k8s.io/client-go/tools/cache"
 
 	"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions"
 	apiservervalidation "k8s.io/apiextensions-apiserver/pkg/apiserver/validation"
 	informers "k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/apiextensions/internalversion"
 	listers "k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/internalversion"
 	"k8s.io/apiextensions-apiserver/pkg/controller/finalizer"
+	apiextensionsfeatures "k8s.io/apiextensions-apiserver/pkg/features"
 	"k8s.io/apiextensions-apiserver/pkg/registry/customresource"
+	"k8s.io/apiextensions-apiserver/pkg/registry/customresource/tableconvertor"
 )
 
 // crdHandler serves the `/apis` endpoint.
@@ -64,6 +75,9 @@ type crdHandler struct {
 
 	customStorageLock sync.Mutex
 	// customStorage contains a crdStorageMap
+	// atomic.Value has a very good read performance compared to sync.RWMutex
+	// see https://gist.github.com/dim/152e6bf80e1384ea72e17ac717a5000a
+	// which is suited for most read and rarely write cases
 	customStorage atomic.Value
 
 	requestContextMapper apirequest.RequestContextMapper
@@ -82,8 +96,11 @@ type crdInfo struct {
 	spec          *apiextensions.CustomResourceDefinitionSpec
 	acceptedNames *apiextensions.CustomResourceDefinitionNames
 
-	storage      *customresource.REST
-	requestScope handlers.RequestScope
+	storage customresource.CustomResourceStorage
+
+	requestScope       handlers.RequestScope
+	scaleRequestScope  handlers.RequestScope
+	statusRequestScope handlers.RequestScope
 }
 
 // crdStorageMap goes from customresourcedefinition to its storage
@@ -93,7 +110,6 @@ func NewCustomResourceDefinitionHandler(
 	versionDiscoveryHandler *versionDiscoveryHandler,
 	groupDiscoveryHandler *groupDiscoveryHandler,
 	requestContextMapper apirequest.RequestContextMapper,
-	crdLister listers.CustomResourceDefinitionLister,
 	crdInformer informers.CustomResourceDefinitionInformer,
 	delegate http.Handler,
 	restOptionsGetter generic.RESTOptionsGetter,
@@ -103,7 +119,7 @@ func NewCustomResourceDefinitionHandler(
 		groupDiscoveryHandler:   groupDiscoveryHandler,
 		customStorage:           atomic.Value{},
 		requestContextMapper:    requestContextMapper,
-		crdLister:               crdLister,
+		crdLister:               crdInformer.Lister(),
 		delegate:                delegate,
 		restOptionsGetter:       restOptionsGetter,
 		admission:               admission,
@@ -117,19 +133,20 @@ func NewCustomResourceDefinitionHandler(
 	})
 
 	ret.customStorage.Store(crdStorageMap{})
+
 	return ret
 }
 
 func (r *crdHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 	ctx, ok := r.requestContextMapper.Get(req)
 	if !ok {
-		// programmer error
-		panic("missing context")
+		responsewriters.InternalError(w, req, fmt.Errorf("no context found for request"))
+		return
 	}
 	requestInfo, ok := apirequest.RequestInfoFrom(ctx)
 	if !ok {
-		// programmer error
-		panic("missing requestInfo")
+		responsewriters.InternalError(w, req, fmt.Errorf("no RequestInfo found in the context"))
+		return
 	}
 	if !requestInfo.IsResourceRequest {
 		pathParts := splitPath(requestInfo.Path)
@@ -165,93 +182,162 @@ func (r *crdHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 	}
 	if !apiextensions.IsCRDConditionTrue(crd, apiextensions.Established) {
 		r.delegate.ServeHTTP(w, req)
-	}
-	if len(requestInfo.Subresource) > 0 {
-		http.NotFound(w, req)
 		return
 	}
 
 	terminating := apiextensions.IsCRDConditionTrue(crd, apiextensions.Terminating)
 
-	crdInfo, err := r.getServingInfoFor(crd)
+	crdInfo, err := r.getOrCreateServingInfoFor(crd)
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
-	storage := crdInfo.storage
+	verb := strings.ToUpper(requestInfo.Verb)
+	resource := requestInfo.Resource
+	subresource := requestInfo.Subresource
+	scope := metrics.CleanScope(requestInfo)
+	supportedTypes := []string{
+		string(types.JSONPatchType),
+		string(types.MergePatchType),
+	}
+
+	var handler http.HandlerFunc
+	switch {
+	case subresource == "status" && crd.Spec.Subresources != nil && crd.Spec.Subresources.Status != nil:
+		handler = r.serveStatus(w, req, requestInfo, crdInfo, terminating, supportedTypes)
+	case subresource == "scale" && crd.Spec.Subresources != nil && crd.Spec.Subresources.Scale != nil:
+		handler = r.serveScale(w, req, requestInfo, crdInfo, terminating, supportedTypes)
+	case len(subresource) == 0:
+		handler = r.serveResource(w, req, requestInfo, crdInfo, terminating, supportedTypes)
+	default:
+		http.Error(w, "the server could not find the requested resource", http.StatusNotFound)
+	}
+
+	if handler != nil {
+		handler = metrics.InstrumentHandlerFunc(verb, resource, subresource, scope, handler)
+		handler(w, req)
+		return
+	}
+}
+
+func (r *crdHandler) serveResource(w http.ResponseWriter, req *http.Request, requestInfo *apirequest.RequestInfo, crdInfo *crdInfo, terminating bool, supportedTypes []string) http.HandlerFunc {
 	requestScope := crdInfo.requestScope
+	storage := crdInfo.storage.CustomResource
 	minRequestTimeout := 1 * time.Minute
 
 	switch requestInfo.Verb {
 	case "get":
-		handler := handlers.GetResource(storage, storage, requestScope)
-		handler(w, req)
-		return
+		return handlers.GetResource(storage, storage, requestScope)
 	case "list":
 		forceWatch := false
-		handler := handlers.ListResource(storage, storage, requestScope, forceWatch, minRequestTimeout)
-		handler(w, req)
-		return
+		return handlers.ListResource(storage, storage, requestScope, forceWatch, minRequestTimeout)
 	case "watch":
 		forceWatch := true
-		handler := handlers.ListResource(storage, storage, requestScope, forceWatch, minRequestTimeout)
-		handler(w, req)
-		return
+		return handlers.ListResource(storage, storage, requestScope, forceWatch, minRequestTimeout)
 	case "create":
 		if terminating {
 			http.Error(w, fmt.Sprintf("%v not allowed while CustomResourceDefinition is terminating", requestInfo.Verb), http.StatusMethodNotAllowed)
-			return
+			return nil
 		}
-		handler := handlers.CreateResource(storage, requestScope, discovery.NewUnstructuredObjectTyper(nil), r.admission)
-		handler(w, req)
-		return
+		return handlers.CreateResource(storage, requestScope, discovery.NewUnstructuredObjectTyper(nil), r.admission)
 	case "update":
-		if terminating {
-			http.Error(w, fmt.Sprintf("%v not allowed while CustomResourceDefinition is terminating", requestInfo.Verb), http.StatusMethodNotAllowed)
-			return
-		}
-		handler := handlers.UpdateResource(storage, requestScope, discovery.NewUnstructuredObjectTyper(nil), r.admission)
-		handler(w, req)
-		return
+		return handlers.UpdateResource(storage, requestScope, discovery.NewUnstructuredObjectTyper(nil), r.admission)
 	case "patch":
-		if terminating {
-			http.Error(w, fmt.Sprintf("%v not allowed while CustomResourceDefinition is terminating", requestInfo.Verb), http.StatusMethodNotAllowed)
-			return
-		}
-		handler := handlers.PatchResource(storage, requestScope, r.admission, unstructured.UnstructuredObjectConverter{})
-		handler(w, req)
-		return
+		return handlers.PatchResource(storage, requestScope, r.admission, unstructured.UnstructuredObjectConverter{}, supportedTypes)
 	case "delete":
 		allowsOptions := true
-		handler := handlers.DeleteResource(storage, allowsOptions, requestScope, r.admission)
-		handler(w, req)
-		return
+		return handlers.DeleteResource(storage, allowsOptions, requestScope, r.admission)
 	case "deletecollection":
 		checkBody := true
-		handler := handlers.DeleteCollection(storage, checkBody, requestScope, r.admission)
-		handler(w, req)
-		return
+		return handlers.DeleteCollection(storage, checkBody, requestScope, r.admission)
+	default:
+		http.Error(w, fmt.Sprintf("unhandled verb %q", requestInfo.Verb), http.StatusMethodNotAllowed)
+		return nil
+	}
+}
+
+func (r *crdHandler) serveStatus(w http.ResponseWriter, req *http.Request, requestInfo *apirequest.RequestInfo, crdInfo *crdInfo, terminating bool, supportedTypes []string) http.HandlerFunc {
+	requestScope := crdInfo.statusRequestScope
+	storage := crdInfo.storage.Status
+
+	switch requestInfo.Verb {
+	case "get":
+		return handlers.GetResource(storage, nil, requestScope)
+	case "update":
+		return handlers.UpdateResource(storage, requestScope, discovery.NewUnstructuredObjectTyper(nil), r.admission)
+	case "patch":
+		return handlers.PatchResource(storage, requestScope, r.admission, unstructured.UnstructuredObjectConverter{}, supportedTypes)
+	default:
+		http.Error(w, fmt.Sprintf("unhandled verb %q", requestInfo.Verb), http.StatusMethodNotAllowed)
+		return nil
+	}
+}
 
+func (r *crdHandler) serveScale(w http.ResponseWriter, req *http.Request, requestInfo *apirequest.RequestInfo, crdInfo *crdInfo, terminating bool, supportedTypes []string) http.HandlerFunc {
+	requestScope := crdInfo.scaleRequestScope
+	storage := crdInfo.storage.Scale
+
+	switch requestInfo.Verb {
+	case "get":
+		return handlers.GetResource(storage, nil, requestScope)
+	case "update":
+		return handlers.UpdateResource(storage, requestScope, discovery.NewUnstructuredObjectTyper(nil), r.admission)
+	case "patch":
+		return handlers.PatchResource(storage, requestScope, r.admission, unstructured.UnstructuredObjectConverter{}, supportedTypes)
 	default:
 		http.Error(w, fmt.Sprintf("unhandled verb %q", requestInfo.Verb), http.StatusMethodNotAllowed)
+		return nil
+	}
+}
+
+func (r *crdHandler) updateCustomResourceDefinition(oldObj, newObj interface{}) {
+	oldCRD := oldObj.(*apiextensions.CustomResourceDefinition)
+	newCRD := newObj.(*apiextensions.CustomResourceDefinition)
+
+	r.customStorageLock.Lock()
+	defer r.customStorageLock.Unlock()
+
+	storageMap := r.customStorage.Load().(crdStorageMap)
+	oldInfo, found := storageMap[newCRD.UID]
+	if !found {
+		return
+	}
+	if apiequality.Semantic.DeepEqual(&newCRD.Spec, oldInfo.spec) && apiequality.Semantic.DeepEqual(&newCRD.Status.AcceptedNames, oldInfo.acceptedNames) {
+		glog.V(6).Infof("Ignoring customresourcedefinition %s update because neither spec, nor accepted names changed", oldCRD.Name)
 		return
 	}
+
+	glog.V(4).Infof("Updating customresourcedefinition %s", oldCRD.Name)
+
+	// Copy because we cannot write to storageMap without a race
+	// as it is used without locking elsewhere.
+	storageMap2 := storageMap.clone()
+	if oldInfo, ok := storageMap2[types.UID(oldCRD.UID)]; ok {
+		// destroy only the main storage. Those for the subresources share cacher and etcd clients.
+		oldInfo.storage.CustomResource.DestroyFunc()
+		delete(storageMap2, types.UID(oldCRD.UID))
+	}
+
+	r.customStorage.Store(storageMap2)
 }
 
 // removeDeadStorage removes REST storage that isn't being used
 func (r *crdHandler) removeDeadStorage() {
-	// these don't have to be live.  A snapshot is fine
-	// if we wrongly delete, that's ok.  The rest storage will be recreated on the next request
-	// if we wrongly miss one, that's ok.  We'll get it next time
-	storageMap := r.customStorage.Load().(crdStorageMap)
 	allCustomResourceDefinitions, err := r.crdLister.List(labels.Everything())
 	if err != nil {
 		utilruntime.HandleError(err)
 		return
 	}
 
-	for uid, s := range storageMap {
+	r.customStorageLock.Lock()
+	defer r.customStorageLock.Unlock()
+
+	storageMap := r.customStorage.Load().(crdStorageMap)
+	// Copy because we cannot write to storageMap without a race
+	// as it is used without locking elsewhere
+	storageMap2 := storageMap.clone()
+	for uid, s := range storageMap2 {
 		found := false
 		for _, crd := range allCustomResourceDefinitions {
 			if crd.UID == uid {
@@ -261,39 +347,35 @@ func (r *crdHandler) removeDeadStorage() {
 		}
 		if !found {
 			glog.V(4).Infof("Removing dead CRD storage for %v", s.requestScope.Resource)
-			s.storage.DestroyFunc()
-			delete(storageMap, uid)
+			// destroy only the main storage. Those for the subresources share cacher and etcd clients.
+			s.storage.CustomResource.DestroyFunc()
+			delete(storageMap2, uid)
 		}
 	}
-
-	r.customStorageLock.Lock()
-	defer r.customStorageLock.Unlock()
-
-	r.customStorage.Store(storageMap)
+	r.customStorage.Store(storageMap2)
 }
 
 // GetCustomResourceListerCollectionDeleter returns the ListerCollectionDeleter of
 // the given crd.
 func (r *crdHandler) GetCustomResourceListerCollectionDeleter(crd *apiextensions.CustomResourceDefinition) (finalizer.ListerCollectionDeleter, error) {
-	info, err := r.getServingInfoFor(crd)
+	info, err := r.getOrCreateServingInfoFor(crd)
 	if err != nil {
 		return nil, err
 	}
-	return info.storage, nil
+	return info.storage.CustomResource, nil
 }
 
-func (r *crdHandler) getServingInfoFor(crd *apiextensions.CustomResourceDefinition) (*crdInfo, error) {
+func (r *crdHandler) getOrCreateServingInfoFor(crd *apiextensions.CustomResourceDefinition) (*crdInfo, error) {
 	storageMap := r.customStorage.Load().(crdStorageMap)
-	ret, ok := storageMap[crd.UID]
-	if ok {
+	if ret, ok := storageMap[crd.UID]; ok {
 		return ret, nil
 	}
 
 	r.customStorageLock.Lock()
 	defer r.customStorageLock.Unlock()
 
-	ret, ok = storageMap[crd.UID]
-	if ok {
+	storageMap = r.customStorage.Load().(crdStorageMap)
+	if ret, ok := storageMap[crd.UID]; ok {
 		return ret, nil
 	}
 
@@ -309,18 +391,46 @@ func (r *crdHandler) getServingInfoFor(crd *apiextensions.CustomResourceDefiniti
 	parameterCodec := runtime.NewParameterCodec(parameterScheme)
 
 	kind := schema.GroupVersionKind{Group: crd.Spec.Group, Version: crd.Spec.Version, Kind: crd.Status.AcceptedNames.Kind}
-	typer := unstructuredObjectTyper{
-		delegate:          parameterScheme,
-		unstructuredTyper: discovery.NewUnstructuredObjectTyper(nil),
+	typer := UnstructuredObjectTyper{
+		Delegate:          parameterScheme,
+		UnstructuredTyper: discovery.NewUnstructuredObjectTyper(nil),
 	}
 	creator := unstructuredCreator{}
 
-	validator, err := apiservervalidation.NewSchemaValidator(crd.Spec.Validation)
+	validator, _, err := apiservervalidation.NewSchemaValidator(crd.Spec.Validation)
 	if err != nil {
 		return nil, err
 	}
 
-	storage := customresource.NewREST(
+	var statusSpec *apiextensions.CustomResourceSubresourceStatus
+	var statusValidator *validate.SchemaValidator
+	if utilfeature.DefaultFeatureGate.Enabled(apiextensionsfeatures.CustomResourceSubresources) && crd.Spec.Subresources != nil && crd.Spec.Subresources.Status != nil {
+		statusSpec = crd.Spec.Subresources.Status
+
+		// for the status subresource, validate only against the status schema
+		if crd.Spec.Validation != nil && crd.Spec.Validation.OpenAPIV3Schema != nil && crd.Spec.Validation.OpenAPIV3Schema.Properties != nil {
+			if statusSchema, ok := crd.Spec.Validation.OpenAPIV3Schema.Properties["status"]; ok {
+				openapiSchema := &spec.Schema{}
+				if err := apiservervalidation.ConvertJSONSchemaProps(&statusSchema, openapiSchema); err != nil {
+					return nil, err
+				}
+				statusValidator = validate.NewSchemaValidator(openapiSchema, nil, "", strfmt.Default)
+			}
+		}
+	}
+
+	var scaleSpec *apiextensions.CustomResourceSubresourceScale
+	if utilfeature.DefaultFeatureGate.Enabled(apiextensionsfeatures.CustomResourceSubresources) && crd.Spec.Subresources != nil && crd.Spec.Subresources.Scale != nil {
+		scaleSpec = crd.Spec.Subresources.Scale
+	}
+
+	// TODO: identify how to pass printer specification from the CRD
+	table, err := tableconvertor.New(nil)
+	if err != nil {
+		glog.V(2).Infof("The CRD for %v has an invalid printer specification, falling back to default printing: %v", kind, err)
+	}
+
+	customResourceStorage := customresource.NewStorage(
 		schema.GroupResource{Group: crd.Spec.Group, Resource: crd.Status.AcceptedNames.Plural},
 		schema.GroupVersionKind{Group: crd.Spec.Group, Version: crd.Spec.Version, Kind: crd.Status.AcceptedNames.ListKind},
 		customresource.NewStrategy(
@@ -328,26 +438,34 @@ func (r *crdHandler) getServingInfoFor(crd *apiextensions.CustomResourceDefiniti
 			crd.Spec.Scope == apiextensions.NamespaceScoped,
 			kind,
 			validator,
+			statusValidator,
+			statusSpec,
+			scaleSpec,
 		),
 		r.restOptionsGetter,
+		crd.Status.AcceptedNames.Categories,
+		table,
 	)
 
 	selfLinkPrefix := ""
 	switch crd.Spec.Scope {
 	case apiextensions.ClusterScoped:
-		selfLinkPrefix = "/" + path.Join("apis", crd.Spec.Group, crd.Spec.Version) + "/"
+		selfLinkPrefix = "/" + path.Join("apis", crd.Spec.Group, crd.Spec.Version) + "/" + crd.Status.AcceptedNames.Plural + "/"
 	case apiextensions.NamespaceScoped:
 		selfLinkPrefix = "/" + path.Join("apis", crd.Spec.Group, crd.Spec.Version, "namespaces") + "/"
 	}
 
 	clusterScoped := crd.Spec.Scope == apiextensions.ClusterScoped
 
+	var ctxFn handlers.ContextFunc
+	ctxFn = func(req *http.Request) apirequest.Context {
+		ret, _ := r.requestContextMapper.Get(req)
+		return ret
+	}
+
 	requestScope := handlers.RequestScope{
 		Namer: handlers.ContextBasedNaming{
-			GetContext: func(req *http.Request) apirequest.Context {
-				ret, _ := r.requestContextMapper.Get(req)
-				return ret
-			},
+			GetContext:         ctxFn,
 			SelfLinker:         meta.NewAccessor(),
 			ClusterScoped:      clusterScoped,
 			SelfLinkPathPrefix: selfLinkPrefix,
@@ -369,31 +487,54 @@ func (r *crdHandler) getServingInfoFor(crd *apiextensions.CustomResourceDefiniti
 		Typer:           typer,
 		UnsafeConvertor: unstructured.UnstructuredObjectConverter{},
 
-		Resource:    schema.GroupVersionResource{Group: crd.Spec.Group, Version: crd.Spec.Version, Resource: crd.Status.AcceptedNames.Plural},
-		Kind:        kind,
-		Subresource: "",
+		Resource: schema.GroupVersionResource{Group: crd.Spec.Group, Version: crd.Spec.Version, Resource: crd.Status.AcceptedNames.Plural},
+		Kind:     kind,
 
 		MetaGroupVersion: metav1.SchemeGroupVersion,
+
+		TableConvertor: customResourceStorage.CustomResource,
 	}
 
-	ret = &crdInfo{
+	ret := &crdInfo{
 		spec:          &crd.Spec,
 		acceptedNames: &crd.Status.AcceptedNames,
 
-		storage:      storage,
-		requestScope: requestScope,
+		storage:            customResourceStorage,
+		requestScope:       requestScope,
+		scaleRequestScope:  requestScope, // shallow copy
+		statusRequestScope: requestScope, // shallow copy
+	}
+
+	// override scaleSpec subresource values
+	scaleConverter := scale.NewScaleConverter()
+	ret.scaleRequestScope.Subresource = "scale"
+	ret.scaleRequestScope.Serializer = serializer.NewCodecFactory(scaleConverter.Scheme())
+	ret.scaleRequestScope.Kind = autoscalingv1.SchemeGroupVersion.WithKind("Scale")
+	ret.scaleRequestScope.Namer = handlers.ContextBasedNaming{
+		GetContext:         ctxFn,
+		SelfLinker:         meta.NewAccessor(),
+		ClusterScoped:      clusterScoped,
+		SelfLinkPathPrefix: selfLinkPrefix,
+		SelfLinkPathSuffix: "/scale",
 	}
 
-	storageMap2 := make(crdStorageMap, len(storageMap))
+	// override status subresource values
+	ret.statusRequestScope.Subresource = "status"
+	ret.statusRequestScope.Namer = handlers.ContextBasedNaming{
+		GetContext:         ctxFn,
+		SelfLinker:         meta.NewAccessor(),
+		ClusterScoped:      clusterScoped,
+		SelfLinkPathPrefix: selfLinkPrefix,
+		SelfLinkPathSuffix: "/status",
+	}
 
 	// Copy because we cannot write to storageMap without a race
-	// as it is used without locking elsewhere
-	for k, v := range storageMap {
-		storageMap2[k] = v
-	}
+	// as it is used without locking elsewhere.
+	storageMap2 := storageMap.clone()
 
 	storageMap2[crd.UID] = ret
 	r.customStorage.Store(storageMap2)
+
 	return ret, nil
 }
 
@@ -415,39 +556,6 @@ func (c crdObjectConverter) ConvertFieldLabel(version, kind, label, value string
 	}
 }
 
-func (c *crdHandler) updateCustomResourceDefinition(oldObj, newObj interface{}) {
-	oldCRD := oldObj.(*apiextensions.CustomResourceDefinition)
-	newCRD := newObj.(*apiextensions.CustomResourceDefinition)
-
-	c.customStorageLock.Lock()
-	defer c.customStorageLock.Unlock()
-	storageMap := c.customStorage.Load().(crdStorageMap)
-
-	oldInfo, found := storageMap[newCRD.UID]
-	if !found {
-		return
-	}
-	if apiequality.Semantic.DeepEqual(&newCRD.Spec, oldInfo.spec) && apiequality.Semantic.DeepEqual(&newCRD.Status.AcceptedNames, oldInfo.acceptedNames) {
-		glog.V(6).Infof("Ignoring customresourcedefinition %s update because neither spec, nor accepted names changed", oldCRD.Name)
-		return
-	}
-
-	glog.V(4).Infof("Updating customresourcedefinition %s", oldCRD.Name)
-	storageMap2 := make(crdStorageMap, len(storageMap))
-
-	// Copy because we cannot write to storageMap without a race
-	// as it is used without locking elsewhere
-	for k, v := range storageMap {
-		if k == oldCRD.UID {
-			v.storage.DestroyFunc()
-			continue
-		}
-		storageMap2[k] = v
-	}
-
-	c.customStorage.Store(storageMap2)
-}
-
 type unstructuredNegotiatedSerializer struct {
 	typer   runtime.ObjectTyper
 	creator runtime.ObjectCreater
@@ -466,67 +574,37 @@ func (s unstructuredNegotiatedSerializer) SupportedMediaTypes() []runtime.Serial
 				Framer:        json.Framer,
 			},
 		},
+		{
+			MediaType:     "application/yaml",
+			EncodesAsText: true,
+			Serializer:    json.NewYAMLSerializer(json.DefaultMetaFactory, s.creator, s.typer),
+		},
 	}
 }
 
-func (s unstructuredNegotiatedSerializer) EncoderForVersion(serializer runtime.Encoder, gv runtime.GroupVersioner) runtime.Encoder {
-	return versioning.NewDefaultingCodecForScheme(Scheme, crEncoderInstance, nil, gv, nil)
+func (s unstructuredNegotiatedSerializer) EncoderForVersion(encoder runtime.Encoder, gv runtime.GroupVersioner) runtime.Encoder {
+	return versioning.NewDefaultingCodecForScheme(Scheme, encoder, nil, gv, nil)
 }
 
-func (s unstructuredNegotiatedSerializer) DecoderToVersion(serializer runtime.Decoder, gv runtime.GroupVersioner) runtime.Decoder {
-	return unstructuredDecoder{delegate: Codecs.DecoderToVersion(serializer, gv)}
+func (s unstructuredNegotiatedSerializer) DecoderToVersion(decoder runtime.Decoder, gv runtime.GroupVersioner) runtime.Decoder {
+	return versioning.NewDefaultingCodecForScheme(Scheme, nil, decoder, nil, gv)
 }
 
-type unstructuredDecoder struct {
-	delegate runtime.Decoder
+type UnstructuredObjectTyper struct {
+	Delegate          runtime.ObjectTyper
+	UnstructuredTyper runtime.ObjectTyper
 }
 
-func (d unstructuredDecoder) Decode(data []byte, defaults *schema.GroupVersionKind, into runtime.Object) (runtime.Object, *schema.GroupVersionKind, error) {
-	// Delegate for things other than Unstructured.
-	if _, ok := into.(runtime.Unstructured); !ok && into != nil {
-		return d.delegate.Decode(data, defaults, into)
-	}
-	return unstructured.UnstructuredJSONScheme.Decode(data, defaults, into)
-}
-
-type unstructuredObjectTyper struct {
-	delegate          runtime.ObjectTyper
-	unstructuredTyper runtime.ObjectTyper
-}
-
-func (t unstructuredObjectTyper) ObjectKinds(obj runtime.Object) ([]schema.GroupVersionKind, bool, error) {
+func (t UnstructuredObjectTyper) ObjectKinds(obj runtime.Object) ([]schema.GroupVersionKind, bool, error) {
 	// Delegate for things other than Unstructured.
 	if _, ok := obj.(runtime.Unstructured); !ok {
-		return t.delegate.ObjectKinds(obj)
+		return t.Delegate.ObjectKinds(obj)
 	}
-	return t.unstructuredTyper.ObjectKinds(obj)
+	return t.UnstructuredTyper.ObjectKinds(obj)
 }
 
-func (t unstructuredObjectTyper) Recognizes(gvk schema.GroupVersionKind) bool {
-	return t.delegate.Recognizes(gvk) || t.unstructuredTyper.Recognizes(gvk)
-}
-
-var crEncoderInstance = crEncoder{}
-
-// crEncoder *usually* encodes using the unstructured.UnstructuredJSONScheme, but if the type is Status or WatchEvent
-// it will serialize them out using the converting codec.
-type crEncoder struct{}
-
-func (crEncoder) Encode(obj runtime.Object, w io.Writer) error {
-	switch t := obj.(type) {
-	case *metav1.Status, *metav1.WatchEvent:
-		for _, info := range Codecs.SupportedMediaTypes() {
-			// we are always json
-			if info.MediaType == "application/json" {
-				return info.Serializer.Encode(obj, w)
-			}
-		}
-
-		return fmt.Errorf("unable to find json serializer for %T", t)
-
-	default:
-		return unstructured.UnstructuredJSONScheme.Encode(obj, w)
-	}
+func (t UnstructuredObjectTyper) Recognizes(gvk schema.GroupVersionKind) bool {
+	return t.Delegate.Recognizes(gvk) || t.UnstructuredTyper.Recognizes(gvk)
 }
 
 type unstructuredCreator struct{}
@@ -570,3 +648,16 @@ func (t CRDRESTOptionsGetter) GetRESTOptions(resource schema.GroupResource) (gen
 	}
 	return ret, nil
 }
+
+// clone returns a clone of the provided crdStorageMap.
+// The clone is a shallow copy of the map.
+func (in crdStorageMap) clone() crdStorageMap {
+	if in == nil {
+		return nil
+	}
+	out := make(crdStorageMap, len(in))
+	for key, value := range in {
+		out[key] = value
+	}
+	return out
+}
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/BUILD b/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/BUILD
index d04de6b8e309..3042da88c091 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/BUILD
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/BUILD
@@ -34,8 +34,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/apiextensions-apiserver/pkg/apiserver/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/go-openapi/spec:go_default_library",
         "//vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions:go_default_library",
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/validation.go b/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/validation.go
index e39ac3e6d681..558ddb1fcdc2 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/validation.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/validation.go
@@ -25,20 +25,24 @@ import (
 )
 
 // NewSchemaValidator creates an openapi schema validator for the given CRD validation.
-func NewSchemaValidator(customResourceValidation *apiextensions.CustomResourceValidation) (*validate.SchemaValidator, error) {
+func NewSchemaValidator(customResourceValidation *apiextensions.CustomResourceValidation) (*validate.SchemaValidator, *spec.Schema, error) {
 	// Convert CRD schema to openapi schema
 	openapiSchema := &spec.Schema{}
 	if customResourceValidation != nil {
-		if err := convertJSONSchemaProps(customResourceValidation.OpenAPIV3Schema, openapiSchema); err != nil {
-			return nil, err
+		if err := ConvertJSONSchemaProps(customResourceValidation.OpenAPIV3Schema, openapiSchema); err != nil {
+			return nil, nil, err
 		}
 	}
-	return validate.NewSchemaValidator(openapiSchema, nil, "", strfmt.Default), nil
+	return validate.NewSchemaValidator(openapiSchema, nil, "", strfmt.Default), openapiSchema, nil
 }
 
 // ValidateCustomResource validates the Custom Resource against the schema in the CustomResourceDefinition.
 // CustomResource is a JSON data structure.
 func ValidateCustomResource(customResource interface{}, validator *validate.SchemaValidator) error {
+	if validator == nil {
+		return nil
+	}
+
 	result := validator.Validate(customResource)
 	if result.AsError() != nil {
 		return result.AsError()
@@ -46,7 +50,8 @@ func ValidateCustomResource(customResource interface{}, validator *validate.Sche
 	return nil
 }
 
-func convertJSONSchemaProps(in *apiextensions.JSONSchemaProps, out *spec.Schema) error {
+// ConvertJSONSchemaProps converts the schema from apiextensions.JSONSchemaPropos to go-openapi/spec.Schema
+func ConvertJSONSchemaProps(in *apiextensions.JSONSchemaProps, out *spec.Schema) error {
 	if in == nil {
 		return nil
 	}
@@ -99,7 +104,7 @@ func convertJSONSchemaProps(in *apiextensions.JSONSchemaProps, out *spec.Schema)
 	if in.Not != nil {
 		in, out := &in.Not, &out.Not
 		*out = new(spec.Schema)
-		if err := convertJSONSchemaProps(*in, *out); err != nil {
+		if err := ConvertJSONSchemaProps(*in, *out); err != nil {
 			return err
 		}
 	}
@@ -176,7 +181,7 @@ func convertSliceOfJSONSchemaProps(in *[]apiextensions.JSONSchemaProps, out *[]s
 	if in != nil {
 		for _, jsonSchemaProps := range *in {
 			schema := spec.Schema{}
-			if err := convertJSONSchemaProps(&jsonSchemaProps, &schema); err != nil {
+			if err := ConvertJSONSchemaProps(&jsonSchemaProps, &schema); err != nil {
 				return err
 			}
 			*out = append(*out, schema)
@@ -190,7 +195,7 @@ func convertMapOfJSONSchemaProps(in map[string]apiextensions.JSONSchemaProps) (m
 	if len(in) != 0 {
 		for k, jsonSchemaProps := range in {
 			schema := spec.Schema{}
-			if err := convertJSONSchemaProps(&jsonSchemaProps, &schema); err != nil {
+			if err := ConvertJSONSchemaProps(&jsonSchemaProps, &schema); err != nil {
 				return nil, err
 			}
 			out[k] = schema
@@ -203,7 +208,7 @@ func convertJSONSchemaPropsOrArray(in *apiextensions.JSONSchemaPropsOrArray, out
 	if in.Schema != nil {
 		in, out := &in.Schema, &out.Schema
 		*out = new(spec.Schema)
-		if err := convertJSONSchemaProps(*in, *out); err != nil {
+		if err := ConvertJSONSchemaProps(*in, *out); err != nil {
 			return err
 		}
 	}
@@ -211,7 +216,7 @@ func convertJSONSchemaPropsOrArray(in *apiextensions.JSONSchemaPropsOrArray, out
 		in, out := &in.JSONSchemas, &out.Schemas
 		*out = make([]spec.Schema, len(*in))
 		for i := range *in {
-			if err := convertJSONSchemaProps(&(*in)[i], &(*out)[i]); err != nil {
+			if err := ConvertJSONSchemaProps(&(*in)[i], &(*out)[i]); err != nil {
 				return err
 			}
 		}
@@ -224,7 +229,7 @@ func convertJSONSchemaPropsorBool(in *apiextensions.JSONSchemaPropsOrBool, out *
 	if in.Schema != nil {
 		in, out := &in.Schema, &out.Schema
 		*out = new(spec.Schema)
-		if err := convertJSONSchemaProps(*in, *out); err != nil {
+		if err := ConvertJSONSchemaProps(*in, *out); err != nil {
 			return err
 		}
 	}
@@ -236,7 +241,7 @@ func convertJSONSchemaPropsOrStringArray(in *apiextensions.JSONSchemaPropsOrStri
 	if in.Schema != nil {
 		in, out := &in.Schema, &out.Schema
 		*out = new(spec.Schema)
-		if err := convertJSONSchemaProps(*in, *out); err != nil {
+		if err := ConvertJSONSchemaProps(*in, *out); err != nil {
 			return err
 		}
 	}
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/clientset.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/clientset.go
index 441572a4ffba..4444188880d8 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/clientset.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/clientset.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package clientset
 
 import (
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/doc.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/doc.go
index 05edbcd1c2a5..3421911a75a9 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/doc.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated clientset.
 package clientset
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/scheme/doc.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/scheme/doc.go
index 3d3ab5f4edfa..5c5c8debb6b4 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/scheme/doc.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/scheme/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package contains the scheme of the automatically generated clientset.
 package scheme
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/scheme/register.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/scheme/register.go
index af2951a76db4..bc08c37e17fa 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/scheme/register.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/scheme/register.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package scheme
 
 import (
@@ -38,7 +40,7 @@ func init() {
 //
 //   import (
 //     "k8s.io/client-go/kubernetes"
-//     clientsetscheme "k8s.io/client-go/kuberentes/scheme"
+//     clientsetscheme "k8s.io/client-go/kubernetes/scheme"
 //     aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme"
 //   )
 //
@@ -49,5 +51,4 @@ func init() {
 // correctly.
 func AddToScheme(scheme *runtime.Scheme) {
 	apiextensionsv1beta1.AddToScheme(scheme)
-
 }
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/apiextensions_client.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/apiextensions_client.go
index 90d280f892b3..7da7276b7caa 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/apiextensions_client.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/apiextensions_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/customresourcedefinition.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/customresourcedefinition.go
index e1477df5f478..3a2513caf3ee 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/customresourcedefinition.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/customresourcedefinition.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/doc.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/doc.go
index 35b3db3f3542..11ae7049d165 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/doc.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1beta1
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/generated_expansion.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/generated_expansion.go
index 35554a068d2f..07a7c1dce0d5 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/generated_expansion.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 type CustomResourceDefinitionExpansion interface{}
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/clientset.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/clientset.go
index 076c61b1c3c0..9519b78f1356 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/clientset.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/clientset.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalclientset
 
 import (
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/doc.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/doc.go
index 4ede718dee1b..22ccee919683 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/doc.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated clientset.
 package internalclientset
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/scheme/doc.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/scheme/doc.go
index 3d3ab5f4edfa..5c5c8debb6b4 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/scheme/doc.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/scheme/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package contains the scheme of the automatically generated clientset.
 package scheme
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/scheme/register.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/scheme/register.go
index 2f49e2e3c82f..f9de21961222 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/scheme/register.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/scheme/register.go
@@ -14,9 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package scheme
 
 import (
+	os "os"
+
 	apiextensions "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/install"
 	announced "k8s.io/apimachinery/pkg/apimachinery/announced"
 	registered "k8s.io/apimachinery/pkg/apimachinery/registered"
@@ -24,7 +28,6 @@ import (
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	schema "k8s.io/apimachinery/pkg/runtime/schema"
 	serializer "k8s.io/apimachinery/pkg/runtime/serializer"
-	os "os"
 )
 
 var Scheme = runtime.NewScheme()
@@ -42,5 +45,4 @@ func init() {
 // Install registers the API group and adds types to a scheme
 func Install(groupFactoryRegistry announced.APIGroupFactoryRegistry, registry *registered.APIRegistrationManager, scheme *runtime.Scheme) {
 	apiextensions.Install(groupFactoryRegistry, registry, scheme)
-
 }
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/typed/apiextensions/internalversion/apiextensions_client.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/typed/apiextensions/internalversion/apiextensions_client.go
index fedecdaa5366..9e08a905a59b 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/typed/apiextensions/internalversion/apiextensions_client.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/typed/apiextensions/internalversion/apiextensions_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/typed/apiextensions/internalversion/customresourcedefinition.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/typed/apiextensions/internalversion/customresourcedefinition.go
index b4f14bc16f07..322454cdfea6 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/typed/apiextensions/internalversion/customresourcedefinition.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/typed/apiextensions/internalversion/customresourcedefinition.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/typed/apiextensions/internalversion/doc.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/typed/apiextensions/internalversion/doc.go
index 8615019757db..b057e5201308 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/typed/apiextensions/internalversion/doc.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/typed/apiextensions/internalversion/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package internalversion
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/typed/apiextensions/internalversion/generated_expansion.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/typed/apiextensions/internalversion/generated_expansion.go
index a1df3b36f56b..74c295f6c6cc 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/typed/apiextensions/internalversion/generated_expansion.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset/typed/apiextensions/internalversion/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 type CustomResourceDefinitionExpansion interface{}
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensions/interface.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensions/interface.go
index 0a7e72223df8..e88c53087fa6 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensions/interface.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensions/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package apiextensions
 
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensions/v1beta1/customresourcedefinition.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensions/v1beta1/customresourcedefinition.go
index 32bc315c5b93..9d9b12787a0e 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensions/v1beta1/customresourcedefinition.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensions/v1beta1/customresourcedefinition.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	apiextensions_v1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1"
 	clientset "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset"
 	internalinterfaces "k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/internalinterfaces"
@@ -27,7 +29,6 @@ import (
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // CustomResourceDefinitionInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensions/v1beta1/interface.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensions/v1beta1/interface.go
index 667ce98e4f28..331dad83e826 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensions/v1beta1/interface.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensions/v1beta1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/factory.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/factory.go
index ff396648168b..6e7141621627 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/factory.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/factory.go
@@ -14,11 +14,15 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package externalversions
 
 import (
+	reflect "reflect"
+	sync "sync"
+	time "time"
+
 	clientset "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset"
 	apiextensions "k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensions"
 	internalinterfaces "k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/internalinterfaces"
@@ -26,9 +30,6 @@ import (
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	schema "k8s.io/apimachinery/pkg/runtime/schema"
 	cache "k8s.io/client-go/tools/cache"
-	reflect "reflect"
-	sync "sync"
-	time "time"
 )
 
 type sharedInformerFactory struct {
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/generic.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/generic.go
index 4d741b800d28..a742bbd25477 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/generic.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/generic.go
@@ -14,12 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package externalversions
 
 import (
 	"fmt"
+
 	v1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1"
 	schema "k8s.io/apimachinery/pkg/runtime/schema"
 	cache "k8s.io/client-go/tools/cache"
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go
index 810ac9d4381a..2048b744f825 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go
@@ -14,16 +14,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalinterfaces
 
 import (
+	time "time"
+
 	clientset "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 type NewInformerFunc func(clientset.Interface, time.Duration) cache.SharedIndexInformer
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/apiextensions/interface.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/apiextensions/interface.go
index 923953a48090..f096df135194 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/apiextensions/interface.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/apiextensions/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package apiextensions
 
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/apiextensions/internalversion/customresourcedefinition.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/apiextensions/internalversion/customresourcedefinition.go
index f82a1c757c8d..08587b7320eb 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/apiextensions/internalversion/customresourcedefinition.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/apiextensions/internalversion/customresourcedefinition.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	apiextensions "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions"
 	internalclientset "k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset"
 	internalinterfaces "k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/internalinterfaces"
@@ -27,7 +29,6 @@ import (
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // CustomResourceDefinitionInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/apiextensions/internalversion/interface.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/apiextensions/internalversion/interface.go
index d80ab3abbe81..15c7e9f1498f 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/apiextensions/internalversion/interface.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/apiextensions/internalversion/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/factory.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/factory.go
index 2cc9ffbbba85..b1d07527d969 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/factory.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/factory.go
@@ -14,11 +14,15 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	reflect "reflect"
+	sync "sync"
+	time "time"
+
 	internalclientset "k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset"
 	apiextensions "k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/apiextensions"
 	internalinterfaces "k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/internalinterfaces"
@@ -26,9 +30,6 @@ import (
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	schema "k8s.io/apimachinery/pkg/runtime/schema"
 	cache "k8s.io/client-go/tools/cache"
-	reflect "reflect"
-	sync "sync"
-	time "time"
 )
 
 type sharedInformerFactory struct {
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/generic.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/generic.go
index 77f4303a7b71..77a9e1b0bb06 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/generic.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/generic.go
@@ -14,12 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
 	"fmt"
+
 	apiextensions "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions"
 	schema "k8s.io/apimachinery/pkg/runtime/schema"
 	cache "k8s.io/client-go/tools/cache"
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/internalinterfaces/factory_interfaces.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/internalinterfaces/factory_interfaces.go
index 12acf883077e..d41da2418f29 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/internalinterfaces/factory_interfaces.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion/internalinterfaces/factory_interfaces.go
@@ -14,16 +14,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalinterfaces
 
 import (
+	time "time"
+
 	internalclientset "k8s.io/apiextensions-apiserver/pkg/client/clientset/internalclientset"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 type NewInformerFunc func(internalclientset.Interface, time.Duration) cache.SharedIndexInformer
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/internalversion/customresourcedefinition.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/internalversion/customresourcedefinition.go
index 0c3159fa6bbc..c736b3db820f 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/internalversion/customresourcedefinition.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/internalversion/customresourcedefinition.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/internalversion/expansion_generated.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/internalversion/expansion_generated.go
index 33e966b806a1..05a413aee7a9 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/internalversion/expansion_generated.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/internalversion/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/v1beta1/customresourcedefinition.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/v1beta1/customresourcedefinition.go
index ba7350657028..468f5a664f6e 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/v1beta1/customresourcedefinition.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/v1beta1/customresourcedefinition.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/v1beta1/expansion_generated.go b/vendor/k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/v1beta1/expansion_generated.go
index a4aa2c7efa17..65b786659558 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/v1beta1/expansion_generated.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/v1beta1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/cmd/server/start.go b/vendor/k8s.io/apiextensions-apiserver/pkg/cmd/server/start.go
index 6b41a2e06de3..df3cf3e60bfa 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/cmd/server/start.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/cmd/server/start.go
@@ -36,6 +36,7 @@ const defaultEtcdPathPrefix = "/registry/apiextensions.kubernetes.io"
 
 type CustomResourceDefinitionsServerOptions struct {
 	RecommendedOptions *genericoptions.RecommendedOptions
+	APIEnablement      *genericoptions.APIEnablementOptions
 
 	StdOut io.Writer
 	StdErr io.Writer
@@ -44,6 +45,7 @@ type CustomResourceDefinitionsServerOptions struct {
 func NewCustomResourceDefinitionsServerOptions(out, errOut io.Writer) *CustomResourceDefinitionsServerOptions {
 	o := &CustomResourceDefinitionsServerOptions{
 		RecommendedOptions: genericoptions.NewRecommendedOptions(defaultEtcdPathPrefix, apiserver.Codecs.LegacyCodec(v1beta1.SchemeGroupVersion)),
+		APIEnablement:      genericoptions.NewAPIEnablementOptions(),
 
 		StdOut: out,
 		StdErr: errOut,
@@ -77,13 +79,14 @@ func NewCommandStartCustomResourceDefinitionsServer(out, errOut io.Writer, stopC
 
 	flags := cmd.Flags()
 	o.RecommendedOptions.AddFlags(flags)
-
+	o.APIEnablement.AddFlags(flags)
 	return cmd
 }
 
 func (o CustomResourceDefinitionsServerOptions) Validate(args []string) error {
 	errors := []error{}
 	errors = append(errors, o.RecommendedOptions.Validate()...)
+	errors = append(errors, o.APIEnablement.Validate(apiserver.Registry)...)
 	return utilerrors.NewAggregate(errors)
 }
 
@@ -98,7 +101,10 @@ func (o CustomResourceDefinitionsServerOptions) Config() (*apiserver.Config, err
 	}
 
 	serverConfig := genericapiserver.NewRecommendedConfig(apiserver.Codecs)
-	if err := o.RecommendedOptions.ApplyTo(serverConfig); err != nil {
+	if err := o.RecommendedOptions.ApplyTo(serverConfig, apiserver.Scheme); err != nil {
+		return nil, err
+	}
+	if err := o.APIEnablement.ApplyTo(&serverConfig.Config, apiserver.DefaultAPIResourceConfigSource(), apiserver.Registry); err != nil {
 		return nil, err
 	}
 
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/controller/status/BUILD b/vendor/k8s.io/apiextensions-apiserver/pkg/controller/status/BUILD
index 2abd62ff18d1..c408cf4874e6 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/controller/status/BUILD
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/controller/status/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["naming_controller_test.go"],
-    importpath = "k8s.io/apiextensions-apiserver/pkg/controller/status",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions:go_default_library",
         "//vendor/k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/internalversion:go_default_library",
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/controller/status/naming_controller.go b/vendor/k8s.io/apiextensions-apiserver/pkg/controller/status/naming_controller.go
index c0a7cc86f9d1..16016e493a56 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/controller/status/naming_controller.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/controller/status/naming_controller.go
@@ -182,6 +182,8 @@ func (c *NamingConditionController) calculateNamesAndConditions(in *apiextension
 		newNames.ListKind = requestedNames.ListKind
 	}
 
+	newNames.Categories = requestedNames.Categories
+
 	// if we haven't changed the condition, then our names must be good.
 	if namesAcceptedCondition.Status == apiextensions.ConditionUnknown {
 		namesAcceptedCondition.Status = apiextensions.ConditionTrue
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/features/kube_features.go b/vendor/k8s.io/apiextensions-apiserver/pkg/features/kube_features.go
index 80b37bf7bce7..b80e80ac3613 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/features/kube_features.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/features/kube_features.go
@@ -33,6 +33,12 @@ const (
 	//
 	// CustomResourceValidation is a list of validation methods for CustomResources
 	CustomResourceValidation utilfeature.Feature = "CustomResourceValidation"
+
+	// owner: @sttts, @nikhita
+	// alpha: v1.10
+	//
+	// CustomResourceSubresources defines the subresources for CustomResources
+	CustomResourceSubresources utilfeature.Feature = "CustomResourceSubresources"
 )
 
 func init() {
@@ -43,5 +49,6 @@ func init() {
 // To add a new feature, define a key for it above and add it here. The features will be
 // available throughout Kubernetes binaries.
 var defaultKubernetesFeatureGates = map[utilfeature.Feature]utilfeature.FeatureSpec{
-	CustomResourceValidation: {Default: true, PreRelease: utilfeature.Beta},
+	CustomResourceValidation:   {Default: true, PreRelease: utilfeature.Beta},
+	CustomResourceSubresources: {Default: false, PreRelease: utilfeature.Alpha},
 }
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/BUILD b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/BUILD
index 84d77bd5bf7e..73ac1009eed6 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/BUILD
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/BUILD
@@ -3,20 +3,30 @@ package(default_visibility = ["//visibility:public"])
 load(
     "@io_bazel_rules_go//go:def.bzl",
     "go_library",
+    "go_test",
 )
 
 go_library(
     name = "go_default_library",
     srcs = [
         "etcd.go",
+        "registry.go",
+        "status_strategy.go",
         "strategy.go",
+        "validator.go",
     ],
     importpath = "k8s.io/apiextensions-apiserver/pkg/registry/customresource",
     deps = [
         "//vendor/github.com/go-openapi/validate:go_default_library",
+        "//vendor/k8s.io/api/autoscaling/v1:go_default_library",
+        "//vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions:go_default_library",
         "//vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/validation:go_default_library",
+        "//vendor/k8s.io/apiextensions-apiserver/pkg/features:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/meta:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/validation:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/fields:go_default_library",
@@ -24,11 +34,14 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic/registry:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/registry/rest:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/names:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
     ],
 )
 
@@ -41,6 +54,34 @@ filegroup(
 
 filegroup(
     name = "all-srcs",
-    srcs = [":package-srcs"],
+    srcs = [
+        ":package-srcs",
+        "//staging/src/k8s.io/apiextensions-apiserver/pkg/registry/customresource/tableconvertor:all-srcs",
+    ],
     tags = ["automanaged"],
 )
+
+go_test(
+    name = "go_default_xtest",
+    srcs = ["etcd_test.go"],
+    deps = [
+        "//vendor/k8s.io/api/autoscaling/v1:go_default_library",
+        "//vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions:go_default_library",
+        "//vendor/k8s.io/apiextensions-apiserver/pkg/apiserver:go_default_library",
+        "//vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource:go_default_library",
+        "//vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/tableconvertor:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/diff:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/registry/generic/testing:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/registry/rest:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/storage/etcd/testing:go_default_library",
+        "//vendor/k8s.io/client-go/discovery:go_default_library",
+    ],
+)
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/etcd.go b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/etcd.go
index 0cbf3b1122e4..bf54fe33b9a8 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/etcd.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/etcd.go
@@ -17,20 +17,65 @@ limitations under the License.
 package customresource
 
 import (
+	"fmt"
+	"strings"
+
+	autoscalingv1 "k8s.io/api/autoscaling/v1"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
+	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
 	"k8s.io/apiserver/pkg/registry/generic"
 	genericregistry "k8s.io/apiserver/pkg/registry/generic/registry"
+	"k8s.io/apiserver/pkg/registry/rest"
 )
 
+// CustomResourceStorage includes dummy storage for CustomResources, and their Status and Scale subresources.
+type CustomResourceStorage struct {
+	CustomResource *REST
+	Status         *StatusREST
+	Scale          *ScaleREST
+}
+
+func NewStorage(resource schema.GroupResource, listKind schema.GroupVersionKind, strategy customResourceStrategy, optsGetter generic.RESTOptionsGetter, categories []string, tableConvertor rest.TableConvertor) CustomResourceStorage {
+	customResourceREST, customResourceStatusREST := newREST(resource, listKind, strategy, optsGetter, categories, tableConvertor)
+	customResourceRegistry := NewRegistry(customResourceREST)
+
+	s := CustomResourceStorage{
+		CustomResource: customResourceREST,
+	}
+
+	if strategy.status != nil {
+		s.Status = customResourceStatusREST
+	}
+
+	if scale := strategy.scale; scale != nil {
+		var labelSelectorPath string
+		if scale.LabelSelectorPath != nil {
+			labelSelectorPath = *scale.LabelSelectorPath
+		}
+
+		s.Scale = &ScaleREST{
+			registry:           customResourceRegistry,
+			specReplicasPath:   scale.SpecReplicasPath,
+			statusReplicasPath: scale.StatusReplicasPath,
+			labelSelectorPath:  labelSelectorPath,
+		}
+	}
+
+	return s
+}
+
 // REST implements a RESTStorage for API services against etcd
 type REST struct {
 	*genericregistry.Store
+	categories []string
 }
 
-// NewREST returns a RESTStorage object that will work against API services.
-func NewREST(resource schema.GroupResource, listKind schema.GroupVersionKind, strategy customResourceDefinitionStorageStrategy, optsGetter generic.RESTOptionsGetter) *REST {
+// newREST returns a RESTStorage object that will work against API services.
+func newREST(resource schema.GroupResource, listKind schema.GroupVersionKind, strategy customResourceStrategy, optsGetter generic.RESTOptionsGetter, categories []string, tableConvertor rest.TableConvertor) (*REST, *StatusREST) {
 	store := &genericregistry.Store{
 		NewFunc: func() runtime.Object { return &unstructured.Unstructured{} },
 		NewListFunc: func() runtime.Object {
@@ -45,10 +90,176 @@ func NewREST(resource schema.GroupResource, listKind schema.GroupVersionKind, st
 		CreateStrategy: strategy,
 		UpdateStrategy: strategy,
 		DeleteStrategy: strategy,
+
+		TableConvertor: tableConvertor,
 	}
 	options := &generic.StoreOptions{RESTOptions: optsGetter, AttrFunc: strategy.GetAttrs}
 	if err := store.CompleteWithOptions(options); err != nil {
 		panic(err) // TODO: Propagate error up
 	}
-	return &REST{store}
+
+	statusStore := *store
+	statusStore.UpdateStrategy = NewStatusStrategy(strategy)
+	return &REST{store, categories}, &StatusREST{store: &statusStore}
+}
+
+// Implement CategoriesProvider
+var _ rest.CategoriesProvider = &REST{}
+
+// Categories implements the CategoriesProvider interface. Returns a list of categories a resource is part of.
+func (r *REST) Categories() []string {
+	return r.categories
+}
+
+// StatusREST implements the REST endpoint for changing the status of a CustomResource
+type StatusREST struct {
+	store *genericregistry.Store
+}
+
+func (r *StatusREST) New() runtime.Object {
+	return &unstructured.Unstructured{}
+}
+
+// Get retrieves the object from the storage. It is required to support Patch.
+func (r *StatusREST) Get(ctx genericapirequest.Context, name string, options *metav1.GetOptions) (runtime.Object, error) {
+	return r.store.Get(ctx, name, options)
+}
+
+// Update alters the status subset of an object.
+func (r *StatusREST) Update(ctx genericapirequest.Context, name string, objInfo rest.UpdatedObjectInfo, createValidation rest.ValidateObjectFunc, updateValidation rest.ValidateObjectUpdateFunc) (runtime.Object, bool, error) {
+	return r.store.Update(ctx, name, objInfo, createValidation, updateValidation)
+}
+
+type ScaleREST struct {
+	registry           Registry
+	specReplicasPath   string
+	statusReplicasPath string
+	labelSelectorPath  string
+}
+
+// ScaleREST implements Patcher
+var _ = rest.Patcher(&ScaleREST{})
+var _ = rest.GroupVersionKindProvider(&ScaleREST{})
+
+func (r *ScaleREST) GroupVersionKind(containingGV schema.GroupVersion) schema.GroupVersionKind {
+	return autoscalingv1.SchemeGroupVersion.WithKind("Scale")
+}
+
+// New creates a new Scale object
+func (r *ScaleREST) New() runtime.Object {
+	return &autoscalingv1.Scale{}
+}
+
+func (r *ScaleREST) Get(ctx genericapirequest.Context, name string, options *metav1.GetOptions) (runtime.Object, error) {
+	cr, err := r.registry.GetCustomResource(ctx, name, options)
+	if err != nil {
+		return nil, err
+	}
+
+	scaleObject, replicasFound, err := scaleFromCustomResource(cr, r.specReplicasPath, r.statusReplicasPath, r.labelSelectorPath)
+	if err != nil {
+		return nil, err
+	}
+	if !replicasFound {
+		return nil, apierrors.NewInternalError(fmt.Errorf("the spec replicas field %q does not exist", r.specReplicasPath))
+	}
+	return scaleObject, err
+}
+
+func (r *ScaleREST) Update(ctx genericapirequest.Context, name string, objInfo rest.UpdatedObjectInfo, createValidation rest.ValidateObjectFunc, updateValidation rest.ValidateObjectUpdateFunc) (runtime.Object, bool, error) {
+	cr, err := r.registry.GetCustomResource(ctx, name, &metav1.GetOptions{})
+	if err != nil {
+		return nil, false, err
+	}
+
+	const invalidSpecReplicas = -2147483648 // smallest int32
+	oldScale, replicasFound, err := scaleFromCustomResource(cr, r.specReplicasPath, r.statusReplicasPath, r.labelSelectorPath)
+	if err != nil {
+		return nil, false, err
+	}
+	if !replicasFound {
+		oldScale.Spec.Replicas = invalidSpecReplicas // signal that this was not set before
+	}
+
+	obj, err := objInfo.UpdatedObject(ctx, oldScale)
+	if err != nil {
+		return nil, false, err
+	}
+	if obj == nil {
+		return nil, false, apierrors.NewBadRequest(fmt.Sprintf("nil update passed to Scale"))
+	}
+
+	scale, ok := obj.(*autoscalingv1.Scale)
+	if !ok {
+		return nil, false, apierrors.NewBadRequest(fmt.Sprintf("wrong object passed to Scale update: %v", obj))
+	}
+
+	if scale.Spec.Replicas == invalidSpecReplicas {
+		return nil, false, apierrors.NewBadRequest(fmt.Sprintf("the spec replicas field %q cannot be empty", r.specReplicasPath))
+	}
+
+	specReplicasPath := strings.TrimPrefix(r.specReplicasPath, ".") // ignore leading period
+	if err = unstructured.SetNestedField(cr.Object, int64(scale.Spec.Replicas), strings.Split(specReplicasPath, ".")...); err != nil {
+		return nil, false, err
+	}
+	cr.SetResourceVersion(scale.ResourceVersion)
+
+	cr, err = r.registry.UpdateCustomResource(ctx, cr, createValidation, updateValidation)
+	if err != nil {
+		return nil, false, err
+	}
+
+	newScale, _, err := scaleFromCustomResource(cr, r.specReplicasPath, r.statusReplicasPath, r.labelSelectorPath)
+	if err != nil {
+		return nil, false, apierrors.NewBadRequest(err.Error())
+	}
+	return newScale, false, err
+}
+
+// scaleFromCustomResource returns a scale subresource for a customresource and a bool signalling wether
+// the specReplicas value was found.
+func scaleFromCustomResource(cr *unstructured.Unstructured, specReplicasPath, statusReplicasPath, labelSelectorPath string) (*autoscalingv1.Scale, bool, error) {
+	specReplicasPath = strings.TrimPrefix(specReplicasPath, ".") // ignore leading period
+	specReplicas, foundSpecReplicas, err := unstructured.NestedInt64(cr.UnstructuredContent(), strings.Split(specReplicasPath, ".")...)
+	if err != nil {
+		return nil, false, err
+	} else if !foundSpecReplicas {
+		specReplicas = 0
+	}
+
+	statusReplicasPath = strings.TrimPrefix(statusReplicasPath, ".") // ignore leading period
+	statusReplicas, found, err := unstructured.NestedInt64(cr.UnstructuredContent(), strings.Split(statusReplicasPath, ".")...)
+	if err != nil {
+		return nil, false, err
+	} else if !found {
+		statusReplicas = 0
+	}
+
+	var labelSelector string
+	if len(labelSelectorPath) > 0 {
+		labelSelectorPath = strings.TrimPrefix(labelSelectorPath, ".") // ignore leading period
+		labelSelector, found, err = unstructured.NestedString(cr.UnstructuredContent(), strings.Split(labelSelectorPath, ".")...)
+		if err != nil {
+			return nil, false, err
+		}
+	}
+
+	scale := &autoscalingv1.Scale{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:              cr.GetName(),
+			Namespace:         cr.GetNamespace(),
+			UID:               cr.GetUID(),
+			ResourceVersion:   cr.GetResourceVersion(),
+			CreationTimestamp: cr.GetCreationTimestamp(),
+		},
+		Spec: autoscalingv1.ScaleSpec{
+			Replicas: int32(specReplicas),
+		},
+		Status: autoscalingv1.ScaleStatus{
+			Replicas: int32(statusReplicas),
+			Selector: labelSelector,
+		},
+	}
+
+	return scale, foundSpecReplicas, nil
 }
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/registry.go b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/registry.go
new file mode 100644
index 000000000000..a0fd086d0ac4
--- /dev/null
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/registry.go
@@ -0,0 +1,104 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package customresource
+
+import (
+	"fmt"
+	"strings"
+
+	"k8s.io/apimachinery/pkg/api/errors"
+	metainternalversion "k8s.io/apimachinery/pkg/apis/meta/internalversion"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/watch"
+	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
+	"k8s.io/apiserver/pkg/registry/rest"
+)
+
+// Registry is an interface for things that know how to store CustomResources.
+type Registry interface {
+	ListCustomResources(ctx genericapirequest.Context, options *metainternalversion.ListOptions) (*unstructured.UnstructuredList, error)
+	WatchCustomResources(ctx genericapirequest.Context, options *metainternalversion.ListOptions) (watch.Interface, error)
+	GetCustomResource(ctx genericapirequest.Context, customResourceID string, options *metav1.GetOptions) (*unstructured.Unstructured, error)
+	CreateCustomResource(ctx genericapirequest.Context, customResource *unstructured.Unstructured, createValidation rest.ValidateObjectFunc) (*unstructured.Unstructured, error)
+	UpdateCustomResource(ctx genericapirequest.Context, customResource *unstructured.Unstructured, createValidation rest.ValidateObjectFunc, updateValidation rest.ValidateObjectUpdateFunc) (*unstructured.Unstructured, error)
+	DeleteCustomResource(ctx genericapirequest.Context, customResourceID string) error
+}
+
+// storage puts strong typing around storage calls
+type storage struct {
+	rest.StandardStorage
+}
+
+// NewRegistry returns a new Registry interface for the given Storage. Any mismatched
+// types will panic.
+func NewRegistry(s rest.StandardStorage) Registry {
+	return &storage{s}
+}
+
+func (s *storage) ListCustomResources(ctx genericapirequest.Context, options *metainternalversion.ListOptions) (*unstructured.UnstructuredList, error) {
+	if options != nil && options.FieldSelector != nil && !options.FieldSelector.Empty() {
+		return nil, fmt.Errorf("field selector not supported yet")
+	}
+	obj, err := s.List(ctx, options)
+	if err != nil {
+		return nil, err
+	}
+	return obj.(*unstructured.UnstructuredList), err
+}
+
+func (s *storage) WatchCustomResources(ctx genericapirequest.Context, options *metainternalversion.ListOptions) (watch.Interface, error) {
+	return s.Watch(ctx, options)
+}
+
+func (s *storage) GetCustomResource(ctx genericapirequest.Context, customResourceID string, options *metav1.GetOptions) (*unstructured.Unstructured, error) {
+	obj, err := s.Get(ctx, customResourceID, options)
+	customResource, ok := obj.(*unstructured.Unstructured)
+	if !ok {
+		return nil, fmt.Errorf("custom resource must be of type Unstructured")
+	}
+
+	if err != nil {
+		apiVersion := customResource.GetAPIVersion()
+		groupVersion := strings.Split(apiVersion, "/")
+		group := groupVersion[0]
+		return nil, errors.NewNotFound(schema.GroupResource{Group: group, Resource: "scale"}, customResourceID)
+	}
+	return customResource, nil
+}
+
+func (s *storage) CreateCustomResource(ctx genericapirequest.Context, customResource *unstructured.Unstructured, createValidation rest.ValidateObjectFunc) (*unstructured.Unstructured, error) {
+	obj, err := s.Create(ctx, customResource, rest.ValidateAllObjectFunc, false)
+	if err != nil {
+		return nil, err
+	}
+	return obj.(*unstructured.Unstructured), nil
+}
+
+func (s *storage) UpdateCustomResource(ctx genericapirequest.Context, customResource *unstructured.Unstructured, createValidation rest.ValidateObjectFunc, updateValidation rest.ValidateObjectUpdateFunc) (*unstructured.Unstructured, error) {
+	obj, _, err := s.Update(ctx, customResource.GetName(), rest.DefaultUpdatedObjectInfo(customResource), createValidation, updateValidation)
+	if err != nil {
+		return nil, err
+	}
+	return obj.(*unstructured.Unstructured), nil
+}
+
+func (s *storage) DeleteCustomResource(ctx genericapirequest.Context, customResourceID string) error {
+	_, _, err := s.Delete(ctx, customResourceID, nil)
+	return err
+}
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/status_strategy.go b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/status_strategy.go
new file mode 100644
index 000000000000..dab6bf47a3f6
--- /dev/null
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/status_strategy.go
@@ -0,0 +1,62 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package customresource
+
+import (
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/util/validation/field"
+	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
+)
+
+type statusStrategy struct {
+	customResourceStrategy
+}
+
+func NewStatusStrategy(strategy customResourceStrategy) statusStrategy {
+	return statusStrategy{strategy}
+}
+
+func (a statusStrategy) PrepareForUpdate(ctx genericapirequest.Context, obj, old runtime.Object) {
+	newCustomResourceObject := obj.(*unstructured.Unstructured)
+	oldCustomResourceObject := old.(*unstructured.Unstructured)
+
+	newCustomResource := newCustomResourceObject.UnstructuredContent()
+	oldCustomResource := oldCustomResourceObject.UnstructuredContent()
+
+	// update is not allowed to set spec and metadata
+	_, ok1 := newCustomResource["spec"]
+	_, ok2 := oldCustomResource["spec"]
+	switch {
+	case ok2:
+		newCustomResource["spec"] = oldCustomResource["spec"]
+	case ok1:
+		delete(newCustomResource, "spec")
+	}
+
+	newCustomResourceObject.SetAnnotations(oldCustomResourceObject.GetAnnotations())
+	newCustomResourceObject.SetFinalizers(oldCustomResourceObject.GetFinalizers())
+	newCustomResourceObject.SetGeneration(oldCustomResourceObject.GetGeneration())
+	newCustomResourceObject.SetLabels(oldCustomResourceObject.GetLabels())
+	newCustomResourceObject.SetOwnerReferences(oldCustomResourceObject.GetOwnerReferences())
+	newCustomResourceObject.SetSelfLink(oldCustomResourceObject.GetSelfLink())
+}
+
+// ValidateUpdate is the default update validation for an end user updating status.
+func (a statusStrategy) ValidateUpdate(ctx genericapirequest.Context, obj, old runtime.Object) field.ErrorList {
+	return a.customResourceStrategy.validator.ValidateStatusUpdate(ctx, obj, old, a.scale)
+}
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/strategy.go b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/strategy.go
index f001dc57a0fc..092bfc89c4e7 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/strategy.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/strategy.go
@@ -17,12 +17,10 @@ limitations under the License.
 package customresource
 
 import (
-	"fmt"
-
 	"github.com/go-openapi/validate"
 
+	apiequality "k8s.io/apimachinery/pkg/api/equality"
 	"k8s.io/apimachinery/pkg/api/meta"
-	"k8s.io/apimachinery/pkg/api/validation"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/apimachinery/pkg/fields"
@@ -31,63 +29,129 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
-	"k8s.io/apiserver/pkg/storage"
+	apiserverstorage "k8s.io/apiserver/pkg/storage"
 	"k8s.io/apiserver/pkg/storage/names"
+	utilfeature "k8s.io/apiserver/pkg/util/feature"
 
-	apiservervalidation "k8s.io/apiextensions-apiserver/pkg/apiserver/validation"
+	"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions"
+	apiextensionsfeatures "k8s.io/apiextensions-apiserver/pkg/features"
 )
 
-type customResourceDefinitionStorageStrategy struct {
+// customResourceStrategy implements behavior for CustomResources.
+type customResourceStrategy struct {
 	runtime.ObjectTyper
 	names.NameGenerator
 
 	namespaceScoped bool
 	validator       customResourceValidator
+	status          *apiextensions.CustomResourceSubresourceStatus
+	scale           *apiextensions.CustomResourceSubresourceScale
 }
 
-func NewStrategy(typer runtime.ObjectTyper, namespaceScoped bool, kind schema.GroupVersionKind, validator *validate.SchemaValidator) customResourceDefinitionStorageStrategy {
-	return customResourceDefinitionStorageStrategy{
+func NewStrategy(typer runtime.ObjectTyper, namespaceScoped bool, kind schema.GroupVersionKind, schemaValidator, statusSchemaValidator *validate.SchemaValidator, status *apiextensions.CustomResourceSubresourceStatus, scale *apiextensions.CustomResourceSubresourceScale) customResourceStrategy {
+	return customResourceStrategy{
 		ObjectTyper:     typer,
 		NameGenerator:   names.SimpleNameGenerator,
 		namespaceScoped: namespaceScoped,
+		status:          status,
+		scale:           scale,
 		validator: customResourceValidator{
-			namespaceScoped: namespaceScoped,
-			kind:            kind,
-			validator:       validator,
+			namespaceScoped:       namespaceScoped,
+			kind:                  kind,
+			schemaValidator:       schemaValidator,
+			statusSchemaValidator: statusSchemaValidator,
 		},
 	}
 }
 
-func (a customResourceDefinitionStorageStrategy) NamespaceScoped() bool {
+func (a customResourceStrategy) NamespaceScoped() bool {
 	return a.namespaceScoped
 }
 
-func (customResourceDefinitionStorageStrategy) PrepareForCreate(ctx genericapirequest.Context, obj runtime.Object) {
+// PrepareForCreate clears the status of a CustomResource before creation.
+func (a customResourceStrategy) PrepareForCreate(ctx genericapirequest.Context, obj runtime.Object) {
+	if utilfeature.DefaultFeatureGate.Enabled(apiextensionsfeatures.CustomResourceSubresources) && a.status != nil {
+		customResourceObject := obj.(*unstructured.Unstructured)
+		customResource := customResourceObject.UnstructuredContent()
+
+		// create cannot set status
+		if _, ok := customResource["status"]; ok {
+			delete(customResource, "status")
+		}
+	}
+
+	accessor, _ := meta.Accessor(obj)
+	accessor.SetGeneration(1)
 }
 
-func (customResourceDefinitionStorageStrategy) PrepareForUpdate(ctx genericapirequest.Context, obj, old runtime.Object) {
+// PrepareForUpdate clears fields that are not allowed to be set by end users on update.
+func (a customResourceStrategy) PrepareForUpdate(ctx genericapirequest.Context, obj, old runtime.Object) {
+	if !utilfeature.DefaultFeatureGate.Enabled(apiextensionsfeatures.CustomResourceSubresources) || a.status == nil {
+		return
+	}
+
+	newCustomResourceObject := obj.(*unstructured.Unstructured)
+	oldCustomResourceObject := old.(*unstructured.Unstructured)
+
+	newCustomResource := newCustomResourceObject.UnstructuredContent()
+	oldCustomResource := oldCustomResourceObject.UnstructuredContent()
+
+	// update is not allowed to set status
+	_, ok1 := newCustomResource["status"]
+	_, ok2 := oldCustomResource["status"]
+	switch {
+	case ok2:
+		newCustomResource["status"] = oldCustomResource["status"]
+	case ok1:
+		delete(newCustomResource, "status")
+	}
+
+	// Any changes to the spec increment the generation number, any changes to the
+	// status should reflect the generation number of the corresponding object. We push
+	// the burden of managing the status onto the clients because we can't (in general)
+	// know here what version of spec the writer of the status has seen. It may seem like
+	// we can at first -- since obj contains spec -- but in the future we will probably make
+	// status its own object, and even if we don't, writes may be the result of a
+	// read-update-write loop, so the contents of spec may not actually be the spec that
+	// the CustomResource has *seen*.
+	newSpec, ok1 := newCustomResource["spec"]
+	oldSpec, ok2 := oldCustomResource["spec"]
+
+	// spec is changed, created or deleted
+	if (ok1 && ok2 && !apiequality.Semantic.DeepEqual(oldSpec, newSpec)) || (ok1 && !ok2) || (!ok1 && ok2) {
+		oldAccessor, _ := meta.Accessor(oldCustomResourceObject)
+		newAccessor, _ := meta.Accessor(newCustomResourceObject)
+		newAccessor.SetGeneration(oldAccessor.GetGeneration() + 1)
+	}
 }
 
-func (a customResourceDefinitionStorageStrategy) Validate(ctx genericapirequest.Context, obj runtime.Object) field.ErrorList {
-	return a.validator.Validate(ctx, obj)
+// Validate validates a new CustomResource.
+func (a customResourceStrategy) Validate(ctx genericapirequest.Context, obj runtime.Object) field.ErrorList {
+	return a.validator.Validate(ctx, obj, a.scale)
 }
 
-func (customResourceDefinitionStorageStrategy) AllowCreateOnUpdate() bool {
-	return false
+// Canonicalize normalizes the object after validation.
+func (customResourceStrategy) Canonicalize(obj runtime.Object) {
 }
 
-func (customResourceDefinitionStorageStrategy) AllowUnconditionalUpdate() bool {
+// AllowCreateOnUpdate is false for CustomResources; this means a POST is
+// needed to create one.
+func (customResourceStrategy) AllowCreateOnUpdate() bool {
 	return false
 }
 
-func (customResourceDefinitionStorageStrategy) Canonicalize(obj runtime.Object) {
+// AllowUnconditionalUpdate is the default update policy for CustomResource objects.
+func (customResourceStrategy) AllowUnconditionalUpdate() bool {
+	return false
 }
 
-func (a customResourceDefinitionStorageStrategy) ValidateUpdate(ctx genericapirequest.Context, obj, old runtime.Object) field.ErrorList {
-	return a.validator.ValidateUpdate(ctx, obj, old)
+// ValidateUpdate is the default update validation for an end user updating status.
+func (a customResourceStrategy) ValidateUpdate(ctx genericapirequest.Context, obj, old runtime.Object) field.ErrorList {
+	return a.validator.ValidateUpdate(ctx, obj, old, a.scale)
 }
 
-func (a customResourceDefinitionStorageStrategy) GetAttrs(obj runtime.Object) (labels.Set, fields.Set, bool, error) {
+// GetAttrs returns labels and fields of a given object for filtering purposes.
+func (a customResourceStrategy) GetAttrs(obj runtime.Object) (labels.Set, fields.Set, bool, error) {
 	accessor, err := meta.Accessor(obj)
 	if err != nil {
 		return nil, nil, false, err
@@ -108,80 +172,13 @@ func objectMetaFieldsSet(objectMeta metav1.Object, namespaceScoped bool) fields.
 	}
 }
 
-func (a customResourceDefinitionStorageStrategy) MatchCustomResourceDefinitionStorage(label labels.Selector, field fields.Selector) storage.SelectionPredicate {
-	return storage.SelectionPredicate{
+// MatchCustomResourceDefinitionStorage is the filter used by the generic etcd backend to route
+// watch events from etcd to clients of the apiserver only interested in specific
+// labels/fields.
+func (a customResourceStrategy) MatchCustomResourceDefinitionStorage(label labels.Selector, field fields.Selector) apiserverstorage.SelectionPredicate {
+	return apiserverstorage.SelectionPredicate{
 		Label:    label,
 		Field:    field,
 		GetAttrs: a.GetAttrs,
 	}
 }
-
-type customResourceValidator struct {
-	namespaceScoped bool
-	kind            schema.GroupVersionKind
-	validator       *validate.SchemaValidator
-}
-
-func (a customResourceValidator) Validate(ctx genericapirequest.Context, obj runtime.Object) field.ErrorList {
-	accessor, err := meta.Accessor(obj)
-	if err != nil {
-		return field.ErrorList{field.Invalid(field.NewPath("metadata"), nil, err.Error())}
-	}
-	typeAccessor, err := meta.TypeAccessor(obj)
-	if err != nil {
-		return field.ErrorList{field.Invalid(field.NewPath("kind"), nil, err.Error())}
-	}
-	if typeAccessor.GetKind() != a.kind.Kind {
-		return field.ErrorList{field.Invalid(field.NewPath("kind"), typeAccessor.GetKind(), fmt.Sprintf("must be %v", a.kind.Kind))}
-	}
-	if typeAccessor.GetAPIVersion() != a.kind.Group+"/"+a.kind.Version {
-		return field.ErrorList{field.Invalid(field.NewPath("apiVersion"), typeAccessor.GetAPIVersion(), fmt.Sprintf("must be %v", a.kind.Group+"/"+a.kind.Version))}
-	}
-
-	customResourceObject, ok := obj.(*unstructured.Unstructured)
-	// this will never happen.
-	if !ok {
-		return field.ErrorList{field.Invalid(field.NewPath(""), customResourceObject, fmt.Sprintf("has type %T. Must be a pointer to an Unstructured type", customResourceObject))}
-	}
-
-	customResource := customResourceObject.UnstructuredContent()
-	if err = apiservervalidation.ValidateCustomResource(customResource, a.validator); err != nil {
-		return field.ErrorList{field.Invalid(field.NewPath(""), customResource, err.Error())}
-	}
-
-	return validation.ValidateObjectMetaAccessor(accessor, a.namespaceScoped, validation.NameIsDNSSubdomain, field.NewPath("metadata"))
-}
-
-func (a customResourceValidator) ValidateUpdate(ctx genericapirequest.Context, obj, old runtime.Object) field.ErrorList {
-	objAccessor, err := meta.Accessor(obj)
-	if err != nil {
-		return field.ErrorList{field.Invalid(field.NewPath("metadata"), nil, err.Error())}
-	}
-	oldAccessor, err := meta.Accessor(old)
-	if err != nil {
-		return field.ErrorList{field.Invalid(field.NewPath("metadata"), nil, err.Error())}
-	}
-	typeAccessor, err := meta.TypeAccessor(obj)
-	if err != nil {
-		return field.ErrorList{field.Invalid(field.NewPath("kind"), nil, err.Error())}
-	}
-	if typeAccessor.GetKind() != a.kind.Kind {
-		return field.ErrorList{field.Invalid(field.NewPath("kind"), typeAccessor.GetKind(), fmt.Sprintf("must be %v", a.kind.Kind))}
-	}
-	if typeAccessor.GetAPIVersion() != a.kind.Group+"/"+a.kind.Version {
-		return field.ErrorList{field.Invalid(field.NewPath("apiVersion"), typeAccessor.GetAPIVersion(), fmt.Sprintf("must be %v", a.kind.Group+"/"+a.kind.Version))}
-	}
-
-	customResourceObject, ok := obj.(*unstructured.Unstructured)
-	// this will never happen.
-	if !ok {
-		return field.ErrorList{field.Invalid(field.NewPath(""), customResourceObject, fmt.Sprintf("has type %T. Must be a pointer to an Unstructured type", customResourceObject))}
-	}
-
-	customResource := customResourceObject.UnstructuredContent()
-	if err = apiservervalidation.ValidateCustomResource(customResource, a.validator); err != nil {
-		return field.ErrorList{field.Invalid(field.NewPath(""), customResource, err.Error())}
-	}
-
-	return validation.ValidateObjectMetaAccessorUpdate(objAccessor, oldAccessor, field.NewPath("metadata"))
-}
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/tableconvertor/BUILD b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/tableconvertor/BUILD
new file mode 100644
index 000000000000..e6150d203681
--- /dev/null
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/tableconvertor/BUILD
@@ -0,0 +1,33 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["tableconvertor.go"],
+    importpath = "k8s.io/apiextensions-apiserver/pkg/registry/customresource/tableconvertor",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//vendor/github.com/go-openapi/spec:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/meta:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/meta/table:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/registry/rest:go_default_library",
+        "//vendor/k8s.io/client-go/util/jsonpath:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/tableconvertor/tableconvertor.go b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/tableconvertor/tableconvertor.go
new file mode 100644
index 000000000000..4eb62da6b7c9
--- /dev/null
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/tableconvertor/tableconvertor.go
@@ -0,0 +1,120 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package tableconvertor
+
+import (
+	"bytes"
+	"fmt"
+	"strings"
+
+	"github.com/go-openapi/spec"
+
+	"k8s.io/apimachinery/pkg/api/meta"
+	metatable "k8s.io/apimachinery/pkg/api/meta/table"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	metav1beta1 "k8s.io/apimachinery/pkg/apis/meta/v1beta1"
+	"k8s.io/apimachinery/pkg/runtime"
+	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
+	"k8s.io/apiserver/pkg/registry/rest"
+	"k8s.io/client-go/util/jsonpath"
+)
+
+const printColumnsKey = "x-kubernetes-print-columns"
+
+var swaggerMetadataDescriptions = metav1.ObjectMeta{}.SwaggerDoc()
+
+// New creates a new table convertor for the provided OpenAPI schema. If the printer definition cannot be parsed,
+// error will be returned along with a default table convertor.
+func New(extensions spec.Extensions) (rest.TableConvertor, error) {
+	headers := []metav1beta1.TableColumnDefinition{
+		{Name: "Name", Type: "string", Format: "name", Description: swaggerMetadataDescriptions["name"]},
+		{Name: "Created At", Type: "date", Description: swaggerMetadataDescriptions["creationTimestamp"]},
+	}
+	c := &convertor{
+		headers: headers,
+	}
+	format, ok := extensions.GetString(printColumnsKey)
+	if !ok {
+		return c, nil
+	}
+	// "x-kubernetes-print-columns": "custom-columns=NAME:.metadata.name,RSRC:.metadata.resourceVersion"
+	parts := strings.SplitN(format, "=", 2)
+	if len(parts) != 2 || parts[0] != "custom-columns" {
+		return c, fmt.Errorf("unrecognized column definition in 'x-kubernetes-print-columns', only support 'custom-columns=NAME=JSONPATH[,NAME=JSONPATH]'")
+	}
+	columnSpecs := strings.Split(parts[1], ",")
+	var columns []*jsonpath.JSONPath
+	for _, spec := range columnSpecs {
+		parts := strings.SplitN(spec, ":", 2)
+		if len(parts) != 2 || len(parts[0]) == 0 || len(parts[1]) == 0 {
+			return c, fmt.Errorf("unrecognized column definition in 'x-kubernetes-print-columns', must specify NAME=JSONPATH: %s", spec)
+		}
+		path := jsonpath.New(parts[0])
+		if err := path.Parse(parts[1]); err != nil {
+			return c, fmt.Errorf("unrecognized column definition in 'x-kubernetes-print-columns': %v", spec)
+		}
+		path.AllowMissingKeys(true)
+		columns = append(columns, path)
+		headers = append(headers, metav1beta1.TableColumnDefinition{
+			Name:        parts[0],
+			Type:        "string",
+			Description: fmt.Sprintf("Custom resource definition column from OpenAPI (in JSONPath format): %s", parts[1]),
+		})
+	}
+	c.columns = columns
+	c.headers = headers
+	return c, nil
+}
+
+type convertor struct {
+	headers []metav1beta1.TableColumnDefinition
+	columns []*jsonpath.JSONPath
+}
+
+func (c *convertor) ConvertToTable(ctx genericapirequest.Context, obj runtime.Object, tableOptions runtime.Object) (*metav1beta1.Table, error) {
+	table := &metav1beta1.Table{
+		ColumnDefinitions: c.headers,
+	}
+	if m, err := meta.ListAccessor(obj); err == nil {
+		table.ResourceVersion = m.GetResourceVersion()
+		table.SelfLink = m.GetSelfLink()
+		table.Continue = m.GetContinue()
+	} else {
+		if m, err := meta.CommonAccessor(obj); err == nil {
+			table.ResourceVersion = m.GetResourceVersion()
+			table.SelfLink = m.GetSelfLink()
+		}
+	}
+
+	var err error
+	buf := &bytes.Buffer{}
+	table.Rows, err = metatable.MetaToTableRow(obj, func(obj runtime.Object, m metav1.Object, name, age string) ([]interface{}, error) {
+		cells := make([]interface{}, 2, 2+len(c.columns))
+		cells[0] = name
+		cells[1] = age
+		for _, column := range c.columns {
+			if err := column.Execute(buf, obj); err != nil {
+				cells = append(cells, nil)
+				continue
+			}
+			cells = append(cells, buf.String())
+			buf.Reset()
+		}
+		return cells, nil
+	})
+	return table, err
+}
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/validator.go b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/validator.go
new file mode 100644
index 000000000000..ef5023dc63a0
--- /dev/null
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresource/validator.go
@@ -0,0 +1,241 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package customresource
+
+import (
+	"fmt"
+	"math"
+	"strings"
+
+	"github.com/go-openapi/validate"
+
+	"k8s.io/apimachinery/pkg/api/meta"
+	"k8s.io/apimachinery/pkg/api/validation"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/util/validation/field"
+	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
+
+	"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions"
+	apiservervalidation "k8s.io/apiextensions-apiserver/pkg/apiserver/validation"
+)
+
+type customResourceValidator struct {
+	namespaceScoped       bool
+	kind                  schema.GroupVersionKind
+	schemaValidator       *validate.SchemaValidator
+	statusSchemaValidator *validate.SchemaValidator
+}
+
+func (a customResourceValidator) Validate(ctx genericapirequest.Context, obj runtime.Object, scale *apiextensions.CustomResourceSubresourceScale) field.ErrorList {
+	accessor, err := meta.Accessor(obj)
+	if err != nil {
+		return field.ErrorList{field.Invalid(field.NewPath("metadata"), nil, err.Error())}
+	}
+	typeAccessor, err := meta.TypeAccessor(obj)
+	if err != nil {
+		return field.ErrorList{field.Invalid(field.NewPath("kind"), nil, err.Error())}
+	}
+	if typeAccessor.GetKind() != a.kind.Kind {
+		return field.ErrorList{field.Invalid(field.NewPath("kind"), typeAccessor.GetKind(), fmt.Sprintf("must be %v", a.kind.Kind))}
+	}
+	if typeAccessor.GetAPIVersion() != a.kind.Group+"/"+a.kind.Version {
+		return field.ErrorList{field.Invalid(field.NewPath("apiVersion"), typeAccessor.GetAPIVersion(), fmt.Sprintf("must be %v", a.kind.Group+"/"+a.kind.Version))}
+	}
+
+	customResourceObject, ok := obj.(*unstructured.Unstructured)
+	// this will never happen.
+	if !ok {
+		return field.ErrorList{field.Invalid(field.NewPath(""), customResourceObject, fmt.Sprintf("has type %T. Must be a pointer to an Unstructured type", customResourceObject))}
+	}
+	customResource := customResourceObject.UnstructuredContent()
+
+	if err = apiservervalidation.ValidateCustomResource(customResource, a.schemaValidator); err != nil {
+		return field.ErrorList{field.Invalid(field.NewPath(""), customResource, err.Error())}
+	}
+
+	if scale != nil {
+		// validate specReplicas
+		specReplicasPath := strings.TrimPrefix(scale.SpecReplicasPath, ".") // ignore leading period
+		specReplicas, _, err := unstructured.NestedInt64(customResource, strings.Split(specReplicasPath, ".")...)
+		if err != nil {
+			return field.ErrorList{field.Invalid(field.NewPath(scale.SpecReplicasPath), specReplicas, err.Error())}
+		}
+		if specReplicas < 0 {
+			return field.ErrorList{field.Invalid(field.NewPath(scale.SpecReplicasPath), specReplicas, "should be a non-negative integer")}
+		}
+		if specReplicas > math.MaxInt32 {
+			return field.ErrorList{field.Invalid(field.NewPath(scale.SpecReplicasPath), specReplicas, fmt.Sprintf("should be less than or equal to %v", math.MaxInt32))}
+		}
+
+		// validate statusReplicas
+		statusReplicasPath := strings.TrimPrefix(scale.StatusReplicasPath, ".") // ignore leading period
+		statusReplicas, _, err := unstructured.NestedInt64(customResource, strings.Split(statusReplicasPath, ".")...)
+		if err != nil {
+			return field.ErrorList{field.Invalid(field.NewPath(scale.StatusReplicasPath), statusReplicas, err.Error())}
+		}
+		if statusReplicas < 0 {
+			return field.ErrorList{field.Invalid(field.NewPath(scale.StatusReplicasPath), statusReplicas, "should be a non-negative integer")}
+		}
+		if statusReplicas > math.MaxInt32 {
+			return field.ErrorList{field.Invalid(field.NewPath(scale.StatusReplicasPath), statusReplicas, fmt.Sprintf("should be less than or equal to %v", math.MaxInt32))}
+		}
+
+		// validate labelSelector
+		if scale.LabelSelectorPath != nil {
+			labelSelectorPath := strings.TrimPrefix(*scale.LabelSelectorPath, ".") // ignore leading period
+			labelSelector, _, err := unstructured.NestedString(customResource, strings.Split(labelSelectorPath, ".")...)
+			if err != nil {
+				return field.ErrorList{field.Invalid(field.NewPath(*scale.LabelSelectorPath), labelSelector, err.Error())}
+			}
+		}
+	}
+
+	return validation.ValidateObjectMetaAccessor(accessor, a.namespaceScoped, validation.NameIsDNSSubdomain, field.NewPath("metadata"))
+}
+
+func (a customResourceValidator) ValidateUpdate(ctx genericapirequest.Context, obj, old runtime.Object, scale *apiextensions.CustomResourceSubresourceScale) field.ErrorList {
+	objAccessor, err := meta.Accessor(obj)
+	if err != nil {
+		return field.ErrorList{field.Invalid(field.NewPath("metadata"), nil, err.Error())}
+	}
+	oldAccessor, err := meta.Accessor(old)
+	if err != nil {
+		return field.ErrorList{field.Invalid(field.NewPath("metadata"), nil, err.Error())}
+	}
+	typeAccessor, err := meta.TypeAccessor(obj)
+	if err != nil {
+		return field.ErrorList{field.Invalid(field.NewPath("kind"), nil, err.Error())}
+	}
+	if typeAccessor.GetKind() != a.kind.Kind {
+		return field.ErrorList{field.Invalid(field.NewPath("kind"), typeAccessor.GetKind(), fmt.Sprintf("must be %v", a.kind.Kind))}
+	}
+	if typeAccessor.GetAPIVersion() != a.kind.Group+"/"+a.kind.Version {
+		return field.ErrorList{field.Invalid(field.NewPath("apiVersion"), typeAccessor.GetAPIVersion(), fmt.Sprintf("must be %v", a.kind.Group+"/"+a.kind.Version))}
+	}
+
+	customResourceObject, ok := obj.(*unstructured.Unstructured)
+	// this will never happen.
+	if !ok {
+		return field.ErrorList{field.Invalid(field.NewPath(""), customResourceObject, fmt.Sprintf("has type %T. Must be a pointer to an Unstructured type", customResourceObject))}
+	}
+	customResource := customResourceObject.UnstructuredContent()
+
+	if err = apiservervalidation.ValidateCustomResource(customResource, a.schemaValidator); err != nil {
+		return field.ErrorList{field.Invalid(field.NewPath(""), customResource, err.Error())}
+	}
+
+	if scale != nil {
+		// validate specReplicas
+		specReplicasPath := strings.TrimPrefix(scale.SpecReplicasPath, ".") // ignore leading period
+		specReplicas, _, err := unstructured.NestedInt64(customResource, strings.Split(specReplicasPath, ".")...)
+		if err != nil {
+			return field.ErrorList{field.Invalid(field.NewPath(scale.SpecReplicasPath), specReplicas, err.Error())}
+		}
+		if specReplicas < 0 {
+			return field.ErrorList{field.Invalid(field.NewPath(scale.SpecReplicasPath), specReplicas, "should be a non-negative integer")}
+		}
+		if specReplicas > math.MaxInt32 {
+			return field.ErrorList{field.Invalid(field.NewPath(scale.SpecReplicasPath), specReplicas, fmt.Sprintf("should be less than or equal to %v", math.MaxInt32))}
+		}
+
+		// validate statusReplicas
+		statusReplicasPath := strings.TrimPrefix(scale.StatusReplicasPath, ".") // ignore leading period
+		statusReplicas, _, err := unstructured.NestedInt64(customResource, strings.Split(statusReplicasPath, ".")...)
+		if err != nil {
+			return field.ErrorList{field.Invalid(field.NewPath(scale.StatusReplicasPath), statusReplicas, err.Error())}
+		}
+		if statusReplicas < 0 {
+			return field.ErrorList{field.Invalid(field.NewPath(scale.StatusReplicasPath), statusReplicas, "should be a non-negative integer")}
+		}
+		if statusReplicas > math.MaxInt32 {
+			return field.ErrorList{field.Invalid(field.NewPath(scale.StatusReplicasPath), statusReplicas, fmt.Sprintf("should be less than or equal to %v", math.MaxInt32))}
+		}
+
+		// validate labelSelector
+		if scale.LabelSelectorPath != nil {
+			labelSelectorPath := strings.TrimPrefix(*scale.LabelSelectorPath, ".") // ignore leading period
+			labelSelector, _, err := unstructured.NestedString(customResource, strings.Split(labelSelectorPath, ".")...)
+			if err != nil {
+				return field.ErrorList{field.Invalid(field.NewPath(*scale.LabelSelectorPath), labelSelector, err.Error())}
+			}
+		}
+	}
+
+	return validation.ValidateObjectMetaAccessorUpdate(objAccessor, oldAccessor, field.NewPath("metadata"))
+}
+
+func (a customResourceValidator) ValidateStatusUpdate(ctx genericapirequest.Context, obj, old runtime.Object, scale *apiextensions.CustomResourceSubresourceScale) field.ErrorList {
+	objAccessor, err := meta.Accessor(obj)
+	if err != nil {
+		return field.ErrorList{field.Invalid(field.NewPath("metadata"), nil, err.Error())}
+	}
+	oldAccessor, err := meta.Accessor(old)
+	if err != nil {
+		return field.ErrorList{field.Invalid(field.NewPath("metadata"), nil, err.Error())}
+	}
+	typeAccessor, err := meta.TypeAccessor(obj)
+	if err != nil {
+		return field.ErrorList{field.Invalid(field.NewPath("kind"), nil, err.Error())}
+	}
+	if typeAccessor.GetKind() != a.kind.Kind {
+		return field.ErrorList{field.Invalid(field.NewPath("kind"), typeAccessor.GetKind(), fmt.Sprintf("must be %v", a.kind.Kind))}
+	}
+	if typeAccessor.GetAPIVersion() != a.kind.Group+"/"+a.kind.Version {
+		return field.ErrorList{field.Invalid(field.NewPath("apiVersion"), typeAccessor.GetAPIVersion(), fmt.Sprintf("must be %v", a.kind.Group+"/"+a.kind.Version))}
+	}
+
+	customResourceObject, ok := obj.(*unstructured.Unstructured)
+	// this will never happen.
+	if !ok {
+		return field.ErrorList{field.Invalid(field.NewPath(""), customResourceObject, fmt.Sprintf("has type %T. Must be a pointer to an Unstructured type", customResourceObject))}
+	}
+	customResource := customResourceObject.UnstructuredContent()
+
+	// validate only the status
+	customResourceStatus := customResource["status"]
+	if err = apiservervalidation.ValidateCustomResource(customResourceStatus, a.statusSchemaValidator); err != nil {
+		return field.ErrorList{field.Invalid(field.NewPath("status"), customResourceStatus, err.Error())}
+	}
+
+	if scale != nil {
+		// validate statusReplicas
+		statusReplicasPath := strings.TrimPrefix(scale.StatusReplicasPath, ".") // ignore leading period
+		statusReplicas, _, err := unstructured.NestedInt64(customResource, strings.Split(statusReplicasPath, ".")...)
+		if err != nil {
+			return field.ErrorList{field.Invalid(field.NewPath(scale.StatusReplicasPath), statusReplicas, err.Error())}
+		}
+		if statusReplicas < 0 {
+			return field.ErrorList{field.Invalid(field.NewPath(scale.StatusReplicasPath), statusReplicas, "should be a non-negative integer")}
+		}
+		if statusReplicas > math.MaxInt32 {
+			return field.ErrorList{field.Invalid(field.NewPath(scale.StatusReplicasPath), statusReplicas, fmt.Sprintf("should be less than or equal to %v", math.MaxInt32))}
+		}
+
+		// validate labelSelector
+		if scale.LabelSelectorPath != nil {
+			labelSelectorPath := strings.TrimPrefix(*scale.LabelSelectorPath, ".") // ignore leading period
+			labelSelector, _, err := unstructured.NestedString(customResource, strings.Split(labelSelectorPath, ".")...)
+			if err != nil {
+				return field.ErrorList{field.Invalid(field.NewPath(*scale.LabelSelectorPath), labelSelector, err.Error())}
+			}
+		}
+	}
+
+	return validation.ValidateObjectMetaAccessorUpdate(objAccessor, oldAccessor, field.NewPath("metadata"))
+}
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresourcedefinition/etcd.go b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresourcedefinition/etcd.go
index 85d981f1a3b2..c501c6a08676 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresourcedefinition/etcd.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresourcedefinition/etcd.go
@@ -62,7 +62,7 @@ var _ rest.ShortNamesProvider = &REST{}
 
 // ShortNames implements the ShortNamesProvider interface. Returns a list of short names for a resource.
 func (r *REST) ShortNames() []string {
-	return []string{"crd"}
+	return []string{"crd", "crds"}
 }
 
 // Delete adds the CRD finalizer to the list
diff --git a/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresourcedefinition/strategy.go b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresourcedefinition/strategy.go
index 849cd6f8ea7e..7e44fa4c2bba 100644
--- a/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresourcedefinition/strategy.go
+++ b/vendor/k8s.io/apiextensions-apiserver/pkg/registry/customresourcedefinition/strategy.go
@@ -35,6 +35,7 @@ import (
 	apiextensionsfeatures "k8s.io/apiextensions-apiserver/pkg/features"
 )
 
+// strategy implements behavior for CustomResources.
 type strategy struct {
 	runtime.ObjectTyper
 	names.NameGenerator
@@ -48,6 +49,7 @@ func (strategy) NamespaceScoped() bool {
 	return false
 }
 
+// PrepareForCreate clears the status of a CustomResourceDefinition before creation.
 func (strategy) PrepareForCreate(ctx genericapirequest.Context, obj runtime.Object) {
 	crd := obj.(*apiextensions.CustomResourceDefinition)
 	crd.Status = apiextensions.CustomResourceDefinitionStatus{}
@@ -57,8 +59,12 @@ func (strategy) PrepareForCreate(ctx genericapirequest.Context, obj runtime.Obje
 	if !utilfeature.DefaultFeatureGate.Enabled(apiextensionsfeatures.CustomResourceValidation) {
 		crd.Spec.Validation = nil
 	}
+	if !utilfeature.DefaultFeatureGate.Enabled(apiextensionsfeatures.CustomResourceSubresources) {
+		crd.Spec.Subresources = nil
+	}
 }
 
+// PrepareForUpdate clears fields that are not allowed to be set by end users on update.
 func (strategy) PrepareForUpdate(ctx genericapirequest.Context, obj, old runtime.Object) {
 	newCRD := obj.(*apiextensions.CustomResourceDefinition)
 	oldCRD := old.(*apiextensions.CustomResourceDefinition)
@@ -80,23 +86,33 @@ func (strategy) PrepareForUpdate(ctx genericapirequest.Context, obj, old runtime
 		newCRD.Spec.Validation = nil
 		oldCRD.Spec.Validation = nil
 	}
+	if !utilfeature.DefaultFeatureGate.Enabled(apiextensionsfeatures.CustomResourceSubresources) {
+		newCRD.Spec.Subresources = nil
+		oldCRD.Spec.Subresources = nil
+	}
 }
 
+// Validate validates a new CustomResourceDefinition.
 func (strategy) Validate(ctx genericapirequest.Context, obj runtime.Object) field.ErrorList {
 	return validation.ValidateCustomResourceDefinition(obj.(*apiextensions.CustomResourceDefinition))
 }
 
+// AllowCreateOnUpdate is false for CustomResourceDefinition; this means a POST is
+// needed to create one.
 func (strategy) AllowCreateOnUpdate() bool {
 	return false
 }
 
+// AllowUnconditionalUpdate is the default update policy for CustomResourceDefinition objects.
 func (strategy) AllowUnconditionalUpdate() bool {
 	return false
 }
 
+// Canonicalize normalizes the object after validation.
 func (strategy) Canonicalize(obj runtime.Object) {
 }
 
+// ValidateUpdate is the default update validation for an end user updating status.
 func (strategy) ValidateUpdate(ctx genericapirequest.Context, obj, old runtime.Object) field.ErrorList {
 	return validation.ValidateCustomResourceDefinitionUpdate(obj.(*apiextensions.CustomResourceDefinition), old.(*apiextensions.CustomResourceDefinition))
 }
@@ -143,10 +159,11 @@ func (statusStrategy) ValidateUpdate(ctx genericapirequest.Context, obj, old run
 	return validation.ValidateUpdateCustomResourceDefinitionStatus(obj.(*apiextensions.CustomResourceDefinition), old.(*apiextensions.CustomResourceDefinition))
 }
 
+// GetAttrs returns labels and fields of a given object for filtering purposes.
 func GetAttrs(obj runtime.Object) (labels.Set, fields.Set, bool, error) {
 	apiserver, ok := obj.(*apiextensions.CustomResourceDefinition)
 	if !ok {
-		return nil, nil, false, fmt.Errorf("given object is not a CustomResourceDefinition.")
+		return nil, nil, false, fmt.Errorf("given object is not a CustomResourceDefinition")
 	}
 	return labels.Set(apiserver.ObjectMeta.Labels), CustomResourceDefinitionToSelectableFields(apiserver), apiserver.Initializers != nil, nil
 }
diff --git a/vendor/k8s.io/apimachinery/pkg/api/errors/BUILD b/vendor/k8s.io/apimachinery/pkg/api/errors/BUILD
index 80e205320ade..785e9d8a6de1 100644
--- a/vendor/k8s.io/apimachinery/pkg/api/errors/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/api/errors/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["errors_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/api/errors",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
diff --git a/vendor/k8s.io/apimachinery/pkg/api/errors/OWNERS b/vendor/k8s.io/apimachinery/pkg/api/errors/OWNERS
index af32c1fdf758..dc6a4c724251 100755
--- a/vendor/k8s.io/apimachinery/pkg/api/errors/OWNERS
+++ b/vendor/k8s.io/apimachinery/pkg/api/errors/OWNERS
@@ -16,7 +16,6 @@ reviewers:
 - janetkuo
 - tallclair
 - eparis
-- timothysc
 - dims
 - hongchaodeng
 - krousey
diff --git a/vendor/k8s.io/apimachinery/pkg/api/errors/errors.go b/vendor/k8s.io/apimachinery/pkg/api/errors/errors.go
index 9960600be337..bcc032df9dd6 100644
--- a/vendor/k8s.io/apimachinery/pkg/api/errors/errors.go
+++ b/vendor/k8s.io/apimachinery/pkg/api/errors/errors.go
@@ -352,12 +352,23 @@ func NewGenericServerResponse(code int, verb string, qualifiedResource schema.Gr
 		reason = metav1.StatusReasonForbidden
 		// the server message has details about who is trying to perform what action.  Keep its message.
 		message = serverMessage
+	case http.StatusNotAcceptable:
+		reason = metav1.StatusReasonNotAcceptable
+		// the server message has details about what types are acceptable
+		message = serverMessage
+	case http.StatusUnsupportedMediaType:
+		reason = metav1.StatusReasonUnsupportedMediaType
+		// the server message has details about what types are acceptable
+		message = serverMessage
 	case http.StatusMethodNotAllowed:
 		reason = metav1.StatusReasonMethodNotAllowed
 		message = "the server does not allow this method on the requested resource"
 	case http.StatusUnprocessableEntity:
 		reason = metav1.StatusReasonInvalid
 		message = "the server rejected our request due to an error in our request"
+	case http.StatusServiceUnavailable:
+		reason = metav1.StatusReasonServiceUnavailable
+		message = "the server is currently unable to handle the request"
 	case http.StatusGatewayTimeout:
 		reason = metav1.StatusReasonTimeout
 		message = "the server was unable to return a response in the time allotted, but may still be processing the request"
@@ -434,6 +445,16 @@ func IsResourceExpired(err error) bool {
 	return ReasonForError(err) == metav1.StatusReasonExpired
 }
 
+// IsNotAcceptable determines if err is an error which indicates that the request failed due to an invalid Accept header
+func IsNotAcceptable(err error) bool {
+	return ReasonForError(err) == metav1.StatusReasonNotAcceptable
+}
+
+// IsUnsupportedMediaType determines if err is an error which indicates that the request failed due to an invalid Content-Type header
+func IsUnsupportedMediaType(err error) bool {
+	return ReasonForError(err) == metav1.StatusReasonUnsupportedMediaType
+}
+
 // IsMethodNotSupported determines if the err is an error which indicates the provided action could not
 // be performed because it is not supported by the server.
 func IsMethodNotSupported(err error) bool {
diff --git a/vendor/k8s.io/apimachinery/pkg/api/meta/BUILD b/vendor/k8s.io/apimachinery/pkg/api/meta/BUILD
index f42cd77fbecc..a02a1fb5b886 100644
--- a/vendor/k8s.io/apimachinery/pkg/api/meta/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/api/meta/BUILD
@@ -14,12 +14,11 @@ go_test(
         "priority_test.go",
         "restmapper_test.go",
     ],
-    importpath = "k8s.io/apimachinery/pkg/api/meta",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/google/gofuzz:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/diff:go_default_library",
@@ -46,12 +45,13 @@ go_library(
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/conversion:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
     ],
 )
 
@@ -64,6 +64,9 @@ filegroup(
 
 filegroup(
     name = "all-srcs",
-    srcs = [":package-srcs"],
+    srcs = [
+        ":package-srcs",
+        "//staging/src/k8s.io/apimachinery/pkg/api/meta/table:all-srcs",
+    ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/apimachinery/pkg/api/meta/errors.go b/vendor/k8s.io/apimachinery/pkg/api/meta/errors.go
index 1503bd6d8469..cbf5d0263c6b 100644
--- a/vendor/k8s.io/apimachinery/pkg/api/meta/errors.go
+++ b/vendor/k8s.io/apimachinery/pkg/api/meta/errors.go
@@ -20,6 +20,7 @@ import (
 	"fmt"
 
 	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/util/sets"
 )
 
 // AmbiguousResourceError is returned if the RESTMapper finds multiple matches for a resource
@@ -85,11 +86,26 @@ func (e *NoResourceMatchError) Error() string {
 
 // NoKindMatchError is returned if the RESTMapper can't find any match for a kind
 type NoKindMatchError struct {
-	PartialKind schema.GroupVersionKind
+	// GroupKind is the API group and kind that was searched
+	GroupKind schema.GroupKind
+	// SearchedVersions is the optional list of versions the search was restricted to
+	SearchedVersions []string
 }
 
 func (e *NoKindMatchError) Error() string {
-	return fmt.Sprintf("no matches for %v", e.PartialKind)
+	searchedVersions := sets.NewString()
+	for _, v := range e.SearchedVersions {
+		searchedVersions.Insert(schema.GroupVersion{Group: e.GroupKind.Group, Version: v}.String())
+	}
+
+	switch len(searchedVersions) {
+	case 0:
+		return fmt.Sprintf("no matches for kind %q in group %q", e.GroupKind.Kind, e.GroupKind.Group)
+	case 1:
+		return fmt.Sprintf("no matches for kind %q in version %q", e.GroupKind.Kind, searchedVersions.List()[0])
+	default:
+		return fmt.Sprintf("no matches for kind %q in versions %q", e.GroupKind.Kind, searchedVersions.List())
+	}
 }
 
 func IsNoMatchError(err error) bool {
diff --git a/vendor/k8s.io/apimachinery/pkg/api/meta/meta.go b/vendor/k8s.io/apimachinery/pkg/api/meta/meta.go
index c2d51b43c73b..b9670071c178 100644
--- a/vendor/k8s.io/apimachinery/pkg/api/meta/meta.go
+++ b/vendor/k8s.io/apimachinery/pkg/api/meta/meta.go
@@ -23,7 +23,7 @@ import (
 	"github.com/golang/glog"
 
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	metav1alpha1 "k8s.io/apimachinery/pkg/apis/meta/v1alpha1"
+	metav1beta1 "k8s.io/apimachinery/pkg/apis/meta/v1beta1"
 	"k8s.io/apimachinery/pkg/conversion"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
@@ -118,12 +118,12 @@ func Accessor(obj interface{}) (metav1.Object, error) {
 
 // AsPartialObjectMetadata takes the metav1 interface and returns a partial object.
 // TODO: consider making this solely a conversion action.
-func AsPartialObjectMetadata(m metav1.Object) *metav1alpha1.PartialObjectMetadata {
+func AsPartialObjectMetadata(m metav1.Object) *metav1beta1.PartialObjectMetadata {
 	switch t := m.(type) {
 	case *metav1.ObjectMeta:
-		return &metav1alpha1.PartialObjectMetadata{ObjectMeta: *t}
+		return &metav1beta1.PartialObjectMetadata{ObjectMeta: *t}
 	default:
-		return &metav1alpha1.PartialObjectMetadata{
+		return &metav1beta1.PartialObjectMetadata{
 			ObjectMeta: metav1.ObjectMeta{
 				Name:                       m.GetName(),
 				GenerateName:               m.GetGenerateName(),
diff --git a/vendor/k8s.io/apimachinery/pkg/api/meta/multirestmapper.go b/vendor/k8s.io/apimachinery/pkg/api/meta/multirestmapper.go
index 679098fe56ff..6b01bf197fa3 100644
--- a/vendor/k8s.io/apimachinery/pkg/api/meta/multirestmapper.go
+++ b/vendor/k8s.io/apimachinery/pkg/api/meta/multirestmapper.go
@@ -179,7 +179,7 @@ func (m MultiRESTMapper) RESTMapping(gk schema.GroupKind, versions ...string) (*
 	if len(errors) > 0 {
 		return nil, utilerrors.NewAggregate(errors)
 	}
-	return nil, &NoKindMatchError{PartialKind: gk.WithVersion("")}
+	return nil, &NoKindMatchError{GroupKind: gk, SearchedVersions: versions}
 }
 
 // RESTMappings returns all possible RESTMappings for the provided group kind, or an error
@@ -204,7 +204,7 @@ func (m MultiRESTMapper) RESTMappings(gk schema.GroupKind, versions ...string) (
 		return nil, utilerrors.NewAggregate(errors)
 	}
 	if len(allMappings) == 0 {
-		return nil, &NoKindMatchError{PartialKind: gk.WithVersion("")}
+		return nil, &NoKindMatchError{GroupKind: gk, SearchedVersions: versions}
 	}
 	return allMappings, nil
 }
diff --git a/vendor/k8s.io/apimachinery/pkg/api/meta/priority.go b/vendor/k8s.io/apimachinery/pkg/api/meta/priority.go
index 2a14aa7ab179..df28e64ffaaa 100644
--- a/vendor/k8s.io/apimachinery/pkg/api/meta/priority.go
+++ b/vendor/k8s.io/apimachinery/pkg/api/meta/priority.go
@@ -153,7 +153,7 @@ func kindMatches(pattern schema.GroupVersionKind, kind schema.GroupVersionKind)
 }
 
 func (m PriorityRESTMapper) RESTMapping(gk schema.GroupKind, versions ...string) (mapping *RESTMapping, err error) {
-	mappings, err := m.Delegate.RESTMappings(gk)
+	mappings, err := m.Delegate.RESTMappings(gk, versions...)
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/k8s.io/apimachinery/pkg/api/meta/restmapper.go b/vendor/k8s.io/apimachinery/pkg/api/meta/restmapper.go
index 55155a6e4378..ff945acd147f 100644
--- a/vendor/k8s.io/apimachinery/pkg/api/meta/restmapper.go
+++ b/vendor/k8s.io/apimachinery/pkg/api/meta/restmapper.go
@@ -472,7 +472,7 @@ func (m *DefaultRESTMapper) RESTMapping(gk schema.GroupKind, versions ...string)
 		return nil, err
 	}
 	if len(mappings) == 0 {
-		return nil, &NoKindMatchError{PartialKind: gk.WithVersion("")}
+		return nil, &NoKindMatchError{GroupKind: gk, SearchedVersions: versions}
 	}
 	// since we rely on RESTMappings method
 	// take the first match and return to the caller
@@ -510,7 +510,7 @@ func (m *DefaultRESTMapper) RESTMappings(gk schema.GroupKind, versions ...string
 	}
 
 	if len(potentialGVK) == 0 {
-		return nil, &NoKindMatchError{PartialKind: gk.WithVersion("")}
+		return nil, &NoKindMatchError{GroupKind: gk, SearchedVersions: versions}
 	}
 
 	for _, gvk := range potentialGVK {
diff --git a/vendor/k8s.io/apimachinery/pkg/api/meta/table/BUILD b/vendor/k8s.io/apimachinery/pkg/api/meta/table/BUILD
new file mode 100644
index 000000000000..e3ffd24934dc
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/api/meta/table/BUILD
@@ -0,0 +1,29 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["table.go"],
+    importpath = "k8s.io/apimachinery/pkg/api/meta/table",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//vendor/k8s.io/apimachinery/pkg/api/meta:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/duration:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/apimachinery/pkg/api/meta/table/table.go b/vendor/k8s.io/apimachinery/pkg/api/meta/table/table.go
new file mode 100644
index 000000000000..a0097a4e26d5
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/api/meta/table/table.go
@@ -0,0 +1,71 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package table
+
+import (
+	"time"
+
+	"k8s.io/apimachinery/pkg/api/meta"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	metav1beta1 "k8s.io/apimachinery/pkg/apis/meta/v1beta1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/util/duration"
+)
+
+// MetaToTableRow converts a list or object into one or more table rows. The provided rowFn is invoked for
+// each accessed item, with name and age being passed to each.
+func MetaToTableRow(obj runtime.Object, rowFn func(obj runtime.Object, m metav1.Object, name, age string) ([]interface{}, error)) ([]metav1beta1.TableRow, error) {
+	if meta.IsListType(obj) {
+		rows := make([]metav1beta1.TableRow, 0, 16)
+		err := meta.EachListItem(obj, func(obj runtime.Object) error {
+			nestedRows, err := MetaToTableRow(obj, rowFn)
+			if err != nil {
+				return err
+			}
+			rows = append(rows, nestedRows...)
+			return nil
+		})
+		if err != nil {
+			return nil, err
+		}
+		return rows, nil
+	}
+
+	rows := make([]metav1beta1.TableRow, 0, 1)
+	m, err := meta.Accessor(obj)
+	if err != nil {
+		return nil, err
+	}
+	row := metav1beta1.TableRow{
+		Object: runtime.RawExtension{Object: obj},
+	}
+	row.Cells, err = rowFn(obj, m, m.GetName(), translateTimestamp(m.GetCreationTimestamp()))
+	if err != nil {
+		return nil, err
+	}
+	rows = append(rows, row)
+	return rows, nil
+}
+
+// translateTimestamp returns the elapsed time since timestamp in
+// human-readable approximation.
+func translateTimestamp(timestamp metav1.Time) string {
+	if timestamp.IsZero() {
+		return "<unknown>"
+	}
+	return duration.ShortHumanDuration(time.Now().Sub(timestamp.Time))
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/api/resource/BUILD b/vendor/k8s.io/apimachinery/pkg/api/resource/BUILD
index 1fb88704e32e..57f85fb24c20 100644
--- a/vendor/k8s.io/apimachinery/pkg/api/resource/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/api/resource/BUILD
@@ -15,8 +15,7 @@ go_test(
         "quantity_test.go",
         "scale_int_test.go",
     ],
-    importpath = "k8s.io/apimachinery/pkg/api/resource",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/google/gofuzz:go_default_library",
         "//vendor/github.com/spf13/pflag:go_default_library",
@@ -38,18 +37,15 @@ go_library(
     ],
     importpath = "k8s.io/apimachinery/pkg/api/resource",
     deps = [
-        "//vendor/github.com/go-openapi/spec:go_default_library",
         "//vendor/github.com/gogo/protobuf/proto:go_default_library",
         "//vendor/github.com/spf13/pflag:go_default_library",
         "//vendor/gopkg.in/inf.v0:go_default_library",
-        "//vendor/k8s.io/kube-openapi/pkg/common:go_default_library",
     ],
 )
 
 go_test(
     name = "go_default_xtest",
     srcs = ["quantity_example_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/api/resource_test",
     deps = ["//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apimachinery/pkg/api/resource/OWNERS b/vendor/k8s.io/apimachinery/pkg/api/resource/OWNERS
index 342ff29145bc..c430067f3573 100755
--- a/vendor/k8s.io/apimachinery/pkg/api/resource/OWNERS
+++ b/vendor/k8s.io/apimachinery/pkg/api/resource/OWNERS
@@ -9,7 +9,6 @@ reviewers:
 - janetkuo
 - tallclair
 - eparis
-- timothysc
 - jbeda
 - xiang90
 - mbohlool
diff --git a/vendor/k8s.io/apimachinery/pkg/api/resource/quantity.go b/vendor/k8s.io/apimachinery/pkg/api/resource/quantity.go
index 682ee9aa646a..6a8bb9972185 100644
--- a/vendor/k8s.io/apimachinery/pkg/api/resource/quantity.go
+++ b/vendor/k8s.io/apimachinery/pkg/api/resource/quantity.go
@@ -27,9 +27,7 @@ import (
 
 	flag "github.com/spf13/pflag"
 
-	"github.com/go-openapi/spec"
 	inf "gopkg.in/inf.v0"
-	openapi "k8s.io/kube-openapi/pkg/common"
 )
 
 // Quantity is a fixed-point representation of a number.
@@ -399,17 +397,15 @@ func (q Quantity) DeepCopy() Quantity {
 	return q
 }
 
-// OpenAPIDefinition returns openAPI definition for this type.
-func (_ Quantity) OpenAPIDefinition() openapi.OpenAPIDefinition {
-	return openapi.OpenAPIDefinition{
-		Schema: spec.Schema{
-			SchemaProps: spec.SchemaProps{
-				Type:   []string{"string"},
-				Format: "",
-			},
-		},
-	}
-}
+// OpenAPISchemaType is used by the kube-openapi generator when constructing
+// the OpenAPI spec of this type.
+//
+// See: https://github.com/kubernetes/kube-openapi/tree/master/pkg/generators
+func (_ Quantity) OpenAPISchemaType() []string { return []string{"string"} }
+
+// OpenAPISchemaFormat is used by the kube-openapi generator when constructing
+// the OpenAPI spec of this type.
+func (_ Quantity) OpenAPISchemaFormat() string { return "" }
 
 // CanonicalizeBytes returns the canonical form of q and its suffix (see comment on Quantity).
 //
diff --git a/vendor/k8s.io/apimachinery/pkg/api/resource/zz_generated.deepcopy.go b/vendor/k8s.io/apimachinery/pkg/api/resource/zz_generated.deepcopy.go
index 186d9007e662..fc36d9811005 100644
--- a/vendor/k8s.io/apimachinery/pkg/api/resource/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apimachinery/pkg/api/resource/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package resource
 
diff --git a/vendor/k8s.io/apimachinery/pkg/api/validation/BUILD b/vendor/k8s.io/apimachinery/pkg/api/validation/BUILD
index 8546d1a5932b..2c6a0aa3d930 100644
--- a/vendor/k8s.io/apimachinery/pkg/api/validation/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/api/validation/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["objectmeta_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/api/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
diff --git a/vendor/k8s.io/apimachinery/pkg/api/validation/path/BUILD b/vendor/k8s.io/apimachinery/pkg/api/validation/path/BUILD
index e50632c50922..ddc17e79e3a8 100644
--- a/vendor/k8s.io/apimachinery/pkg/api/validation/path/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/api/validation/path/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["name_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/api/validation/path",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apimachinery/pkg/apimachinery/BUILD b/vendor/k8s.io/apimachinery/pkg/apimachinery/BUILD
index 2c6753d141e6..b1071fb463db 100644
--- a/vendor/k8s.io/apimachinery/pkg/apimachinery/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/apimachinery/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["types_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/apimachinery",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apimachinery/pkg/apimachinery/announced/BUILD b/vendor/k8s.io/apimachinery/pkg/apimachinery/announced/BUILD
index 314ddcad227d..ea31914f7fc1 100644
--- a/vendor/k8s.io/apimachinery/pkg/apimachinery/announced/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/apimachinery/announced/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["announced_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/apimachinery/announced",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apimachinery/pkg/apimachinery/announced/announced.go b/vendor/k8s.io/apimachinery/pkg/apimachinery/announced/announced.go
index 2c8568c1f768..4e38cc8c5404 100644
--- a/vendor/k8s.io/apimachinery/pkg/apimachinery/announced/announced.go
+++ b/vendor/k8s.io/apimachinery/pkg/apimachinery/announced/announced.go
@@ -35,7 +35,7 @@ import (
 //
 // (Right now APIRegistrationManager has separate 'registration' and 'enabled'
 // concepts-- APIGroupFactory is going to take over the former function;
-// they will overlap untill the refactoring is finished.)
+// they will overlap until the refactoring is finished.)
 //
 // The key is the group name. After initialization, this should be treated as
 // read-only. It is implemented as a map from group name to group factory, and
diff --git a/vendor/k8s.io/apimachinery/pkg/apimachinery/registered/BUILD b/vendor/k8s.io/apimachinery/pkg/apimachinery/registered/BUILD
index 8982b562911d..ba02a0938912 100644
--- a/vendor/k8s.io/apimachinery/pkg/apimachinery/registered/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/apimachinery/registered/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["registered_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/apimachinery/registered",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/apimachinery:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/BUILD b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/BUILD
index 636707fe2dc5..edb9a6ac6abb 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/BUILD
@@ -12,8 +12,7 @@ go_test(
         "register_test.go",
         "roundtrip_test.go",
     ],
-    importpath = "k8s.io/apimachinery/pkg/apis/meta/internalversion",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/api/testing/roundtrip:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/fuzzer:go_default_library",
@@ -35,7 +34,7 @@ go_library(
     importpath = "k8s.io/apimachinery/pkg/apis/meta/internalversion",
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/conversion:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/fields:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/doc.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/doc.go
index 6ee8dd66d2c4..1e85c5c43da5 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/doc.go
@@ -15,5 +15,6 @@ limitations under the License.
 */
 
 // +k8s:deepcopy-gen=package
+// +k8s:conversion-gen=k8s.io/apimachinery/pkg/apis/meta/v1
 
 package internalversion
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/register.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/register.go
index db79fb0cb5e5..4bde90b3ff9c 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/register.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/register.go
@@ -18,7 +18,7 @@ package internalversion
 
 import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	metav1alpha1 "k8s.io/apimachinery/pkg/apis/meta/v1alpha1"
+	metav1beta1 "k8s.io/apimachinery/pkg/apis/meta/v1beta1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/runtime/serializer"
@@ -79,16 +79,16 @@ func addToGroupVersion(scheme *runtime.Scheme, groupVersion schema.GroupVersion)
 		&metav1.DeleteOptions{},
 	)
 	scheme.AddKnownTypes(SchemeGroupVersion,
-		&metav1alpha1.Table{},
-		&metav1alpha1.TableOptions{},
-		&metav1alpha1.PartialObjectMetadata{},
-		&metav1alpha1.PartialObjectMetadataList{},
+		&metav1beta1.Table{},
+		&metav1beta1.TableOptions{},
+		&metav1beta1.PartialObjectMetadata{},
+		&metav1beta1.PartialObjectMetadataList{},
 	)
-	scheme.AddKnownTypes(metav1alpha1.SchemeGroupVersion,
-		&metav1alpha1.Table{},
-		&metav1alpha1.TableOptions{},
-		&metav1alpha1.PartialObjectMetadata{},
-		&metav1alpha1.PartialObjectMetadataList{},
+	scheme.AddKnownTypes(metav1beta1.SchemeGroupVersion,
+		&metav1beta1.Table{},
+		&metav1beta1.TableOptions{},
+		&metav1beta1.PartialObjectMetadata{},
+		&metav1beta1.PartialObjectMetadataList{},
 	)
 	// Allow delete options to be decoded across all version in this scheme (we may want to be more clever than this)
 	scheme.AddUnversionedTypes(SchemeGroupVersion, &metav1.DeleteOptions{})
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/zz_generated.conversion.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/zz_generated.conversion.go
index a0c2a2aabcee..c3fd40a90495 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/zz_generated.conversion.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/zz_generated.conversion.go
@@ -1,7 +1,7 @@
 // +build !ignore_autogenerated
 
 /*
-Copyright 2017 The Kubernetes Authors.
+Copyright 2018 The Kubernetes Authors.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -16,15 +16,16 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	unsafe "unsafe"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
-	unsafe "unsafe"
 )
 
 func init() {
@@ -53,7 +54,7 @@ func autoConvert_internalversion_List_To_v1_List(in *List, out *v1.List, s conve
 			}
 		}
 	} else {
-		out.Items = make([]runtime.RawExtension, 0)
+		out.Items = nil
 	}
 	return nil
 }
@@ -95,6 +96,8 @@ func autoConvert_internalversion_ListOptions_To_v1_ListOptions(in *ListOptions,
 	out.Watch = in.Watch
 	out.ResourceVersion = in.ResourceVersion
 	out.TimeoutSeconds = (*int64)(unsafe.Pointer(in.TimeoutSeconds))
+	out.Limit = in.Limit
+	out.Continue = in.Continue
 	return nil
 }
 
@@ -109,5 +112,7 @@ func autoConvert_v1_ListOptions_To_internalversion_ListOptions(in *v1.ListOption
 	out.Watch = in.Watch
 	out.ResourceVersion = in.ResourceVersion
 	out.TimeoutSeconds = (*int64)(unsafe.Pointer(in.TimeoutSeconds))
+	out.Limit = in.Limit
+	out.Continue = in.Continue
 	return nil
 }
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/zz_generated.deepcopy.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/zz_generated.deepcopy.go
index 2bc1c3f96860..e4e5b017b3a1 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package internalversion
 
@@ -57,9 +57,8 @@ func (in *List) DeepCopy() *List {
 func (in *List) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -102,7 +101,6 @@ func (in *ListOptions) DeepCopy() *ListOptions {
 func (in *ListOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/BUILD b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/BUILD
index 4a96c3f948c5..186db1871e4f 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/BUILD
@@ -18,8 +18,7 @@ go_test(
         "time_test.go",
         "types_test.go",
     ],
-    importpath = "k8s.io/apimachinery/pkg/apis/meta/v1",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/ghodss/yaml:go_default_library",
         "//vendor/github.com/json-iterator/go:go_default_library",
@@ -53,7 +52,6 @@ go_library(
     ],
     importpath = "k8s.io/apimachinery/pkg/apis/meta/v1",
     deps = [
-        "//vendor/github.com/go-openapi/spec:go_default_library",
         "//vendor/github.com/gogo/protobuf/proto:go_default_library",
         "//vendor/github.com/gogo/protobuf/sortkeys:go_default_library",
         "//vendor/github.com/google/gofuzz:go_default_library",
@@ -67,7 +65,6 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
-        "//vendor/k8s.io/kube-openapi/pkg/common:go_default_library",
     ],
 )
 
@@ -97,7 +94,6 @@ filegroup(
 go_test(
     name = "go_default_xtest",
     srcs = ["conversion_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/apis/meta/v1_test",
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/OWNERS b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/OWNERS
index 7f5eb58602fb..cdb125a0dd47 100755
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/OWNERS
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/OWNERS
@@ -16,7 +16,6 @@ reviewers:
 - janetkuo
 - justinsb
 - ncdc
-- timothysc
 - soltysh
 - dims
 - madhusudancs
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/conversion.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/conversion.go
index c62f853351ed..cd651bcd56d5 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/conversion.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/conversion.go
@@ -65,6 +65,9 @@ func AddConversionFuncs(scheme *runtime.Scheme) error {
 		Convert_Pointer_int32_To_int32,
 		Convert_int32_To_Pointer_int32,
 
+		Convert_Pointer_int64_To_int64,
+		Convert_int64_To_Pointer_int64,
+
 		Convert_Pointer_float64_To_float64,
 		Convert_float64_To_Pointer_float64,
 
@@ -105,6 +108,21 @@ func Convert_int32_To_Pointer_int32(in *int32, out **int32, s conversion.Scope)
 	return nil
 }
 
+func Convert_Pointer_int64_To_int64(in **int64, out *int64, s conversion.Scope) error {
+	if *in == nil {
+		*out = 0
+		return nil
+	}
+	*out = int64(**in)
+	return nil
+}
+
+func Convert_int64_To_Pointer_int64(in *int64, out **int64, s conversion.Scope) error {
+	temp := int64(*in)
+	*out = &temp
+	return nil
+}
+
 func Convert_Pointer_int64_To_int(in **int64, out *int, s conversion.Scope) error {
 	if *in == nil {
 		*out = 0
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto
index b37a445c2a8f..bd5abcb79188 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto
@@ -375,6 +375,7 @@ message ListOptions {
   optional string resourceVersion = 4;
 
   // Timeout for the list/watch call.
+  // This limits the duration of the call, regardless of any activity or inactivity.
   // +optional
   optional int64 timeoutSeconds = 5;
 
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/labels.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/labels.go
index 8b4c0423e689..9b45145da669 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/labels.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/labels.go
@@ -25,33 +25,13 @@ func CloneSelectorAndAddLabel(selector *LabelSelector, labelKey, labelValue stri
 	}
 
 	// Clone.
-	newSelector := new(LabelSelector)
+	newSelector := selector.DeepCopy()
 
-	// TODO(madhusudancs): Check if you can use deepCopy_extensions_LabelSelector here.
-	newSelector.MatchLabels = make(map[string]string)
-	if selector.MatchLabels != nil {
-		for key, val := range selector.MatchLabels {
-			newSelector.MatchLabels[key] = val
-		}
+	if newSelector.MatchLabels == nil {
+		newSelector.MatchLabels = make(map[string]string)
 	}
-	newSelector.MatchLabels[labelKey] = labelValue
 
-	if selector.MatchExpressions != nil {
-		newMExps := make([]LabelSelectorRequirement, len(selector.MatchExpressions))
-		for i, me := range selector.MatchExpressions {
-			newMExps[i].Key = me.Key
-			newMExps[i].Operator = me.Operator
-			if me.Values != nil {
-				newMExps[i].Values = make([]string, len(me.Values))
-				copy(newMExps[i].Values, me.Values)
-			} else {
-				newMExps[i].Values = nil
-			}
-		}
-		newSelector.MatchExpressions = newMExps
-	} else {
-		newSelector.MatchExpressions = nil
-	}
+	newSelector.MatchLabels[labelKey] = labelValue
 
 	return newSelector
 }
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/micro_time.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/micro_time.go
index a09d79571c31..7e5bc2d4e7fa 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/micro_time.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/micro_time.go
@@ -20,9 +20,6 @@ import (
 	"encoding/json"
 	"time"
 
-	openapi "k8s.io/kube-openapi/pkg/common"
-
-	"github.com/go-openapi/spec"
 	"github.com/google/gofuzz"
 )
 
@@ -149,16 +146,15 @@ func (t MicroTime) MarshalJSON() ([]byte, error) {
 	return json.Marshal(t.UTC().Format(RFC3339Micro))
 }
 
-func (_ MicroTime) OpenAPIDefinition() openapi.OpenAPIDefinition {
-	return openapi.OpenAPIDefinition{
-		Schema: spec.Schema{
-			SchemaProps: spec.SchemaProps{
-				Type:   []string{"string"},
-				Format: "date-time",
-			},
-		},
-	}
-}
+// OpenAPISchemaType is used by the kube-openapi generator when constructing
+// the OpenAPI spec of this type.
+//
+// See: https://github.com/kubernetes/kube-openapi/tree/master/pkg/generators
+func (_ MicroTime) OpenAPISchemaType() []string { return []string{"string"} }
+
+// OpenAPISchemaFormat is used by the kube-openapi generator when constructing
+// the OpenAPI spec of this type.
+func (_ MicroTime) OpenAPISchemaFormat() string { return "date-time" }
 
 // MarshalQueryParameter converts to a URL query parameter value
 func (t MicroTime) MarshalQueryParameter() (string, error) {
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/time.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/time.go
index 0a9f2a377562..5041954f763f 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/time.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/time.go
@@ -20,9 +20,6 @@ import (
 	"encoding/json"
 	"time"
 
-	openapi "k8s.io/kube-openapi/pkg/common"
-
-	"github.com/go-openapi/spec"
 	"github.com/google/gofuzz"
 )
 
@@ -151,16 +148,15 @@ func (t Time) MarshalJSON() ([]byte, error) {
 	return json.Marshal(t.UTC().Format(time.RFC3339))
 }
 
-func (_ Time) OpenAPIDefinition() openapi.OpenAPIDefinition {
-	return openapi.OpenAPIDefinition{
-		Schema: spec.Schema{
-			SchemaProps: spec.SchemaProps{
-				Type:   []string{"string"},
-				Format: "date-time",
-			},
-		},
-	}
-}
+// OpenAPISchemaType is used by the kube-openapi generator when constructing
+// the OpenAPI spec of this type.
+//
+// See: https://github.com/kubernetes/kube-openapi/tree/master/pkg/generators
+func (_ Time) OpenAPISchemaType() []string { return []string{"string"} }
+
+// OpenAPISchemaFormat is used by the kube-openapi generator when constructing
+// the OpenAPI spec of this type.
+func (_ Time) OpenAPISchemaFormat() string { return "date-time" }
 
 // MarshalQueryParameter converts to a URL query parameter value
 func (t Time) MarshalQueryParameter() (string, error) {
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/types.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/types.go
index c8ee4e5d65b2..917efb37f754 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/types.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/types.go
@@ -342,6 +342,7 @@ type ListOptions struct {
 	// +optional
 	ResourceVersion string `json:"resourceVersion,omitempty" protobuf:"bytes,4,opt,name=resourceVersion"`
 	// Timeout for the list/watch call.
+	// This limits the duration of the call, regardless of any activity or inactivity.
 	// +optional
 	TimeoutSeconds *int64 `json:"timeoutSeconds,omitempty" protobuf:"varint,5,opt,name=timeoutSeconds"`
 
@@ -651,6 +652,18 @@ const (
 	// can only be created. API calls that return MethodNotAllowed can never succeed.
 	StatusReasonMethodNotAllowed StatusReason = "MethodNotAllowed"
 
+	// StatusReasonNotAcceptable means that the accept types indicated by the client were not acceptable
+	// to the server - for instance, attempting to receive protobuf for a resource that supports only json and yaml.
+	// API calls that return NotAcceptable can never succeed.
+	// Status code 406
+	StatusReasonNotAcceptable StatusReason = "NotAcceptable"
+
+	// StatusReasonUnsupportedMediaType means that the content type sent by the client is not acceptable
+	// to the server - for instance, attempting to send protobuf for a resource that supports only json and yaml.
+	// API calls that return UnsupportedMediaType can never succeed.
+	// Status code 415
+	StatusReasonUnsupportedMediaType StatusReason = "UnsupportedMediaType"
+
 	// StatusReasonInternalError indicates that an internal error occurred, it is unexpected
 	// and the outcome of the call is unknown.
 	// Details (optional):
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/types_swagger_doc_generated.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/types_swagger_doc_generated.go
index 5dbba4b02f51..caf929ee0e96 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/types_swagger_doc_generated.go
@@ -195,7 +195,7 @@ var map_ListOptions = map[string]string{
 	"includeUninitialized": "If true, partially initialized resources are included in the response.",
 	"watch":                "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.",
 	"resourceVersion":      "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.",
-	"timeoutSeconds":       "Timeout for the list/watch call.",
+	"timeoutSeconds":       "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.",
 	"limit":                "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.",
 	"continue":             "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server the server will respond with a 410 ResourceExpired error indicating the client must restart their list without the continue field. This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.",
 }
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/BUILD b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/BUILD
index 7ae9cb0f9d89..22c1acee07db 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/BUILD
@@ -12,8 +12,7 @@ go_test(
         "helpers_test.go",
         "unstructured_list_test.go",
     ],
-    importpath = "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/github.com/stretchr/testify/require:go_default_library",
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/helpers.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/helpers.go
index 8d03525474d6..08705ac84106 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/helpers.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/helpers.go
@@ -31,163 +31,181 @@ import (
 )
 
 // NestedFieldCopy returns a deep copy of the value of a nested field.
-// false is returned if the value is missing.
-// nil, true is returned for a nil field.
-func NestedFieldCopy(obj map[string]interface{}, fields ...string) (interface{}, bool) {
-	val, ok := nestedFieldNoCopy(obj, fields...)
-	if !ok {
-		return nil, false
-	}
-	return runtime.DeepCopyJSONValue(val), true
+// Returns false if the value is missing.
+// No error is returned for a nil field.
+func NestedFieldCopy(obj map[string]interface{}, fields ...string) (interface{}, bool, error) {
+	val, found, err := nestedFieldNoCopy(obj, fields...)
+	if !found || err != nil {
+		return nil, found, err
+	}
+	return runtime.DeepCopyJSONValue(val), true, nil
 }
 
-func nestedFieldNoCopy(obj map[string]interface{}, fields ...string) (interface{}, bool) {
+func nestedFieldNoCopy(obj map[string]interface{}, fields ...string) (interface{}, bool, error) {
 	var val interface{} = obj
-	for _, field := range fields {
+
+	for i, field := range fields {
 		if m, ok := val.(map[string]interface{}); ok {
 			val, ok = m[field]
 			if !ok {
-				return nil, false
+				return nil, false, nil
 			}
 		} else {
-			// Expected map[string]interface{}, got something else
-			return nil, false
+			return nil, false, fmt.Errorf("%v accessor error: %v is of the type %T, expected map[string]interface{}", jsonPath(fields[:i+1]), val, val)
 		}
 	}
-	return val, true
+	return val, true, nil
 }
 
 // NestedString returns the string value of a nested field.
-// Returns false if value is not found or is not a string.
-func NestedString(obj map[string]interface{}, fields ...string) (string, bool) {
-	val, ok := nestedFieldNoCopy(obj, fields...)
-	if !ok {
-		return "", false
+// Returns false if value is not found and an error if not a string.
+func NestedString(obj map[string]interface{}, fields ...string) (string, bool, error) {
+	val, found, err := nestedFieldNoCopy(obj, fields...)
+	if !found || err != nil {
+		return "", found, err
 	}
 	s, ok := val.(string)
-	return s, ok
+	if !ok {
+		return "", false, fmt.Errorf("%v accessor error: %v is of the type %T, expected string", jsonPath(fields), val, val)
+	}
+	return s, true, nil
 }
 
 // NestedBool returns the bool value of a nested field.
-// Returns false if value is not found or is not a bool.
-func NestedBool(obj map[string]interface{}, fields ...string) (bool, bool) {
-	val, ok := nestedFieldNoCopy(obj, fields...)
-	if !ok {
-		return false, false
+// Returns false if value is not found and an error if not a bool.
+func NestedBool(obj map[string]interface{}, fields ...string) (bool, bool, error) {
+	val, found, err := nestedFieldNoCopy(obj, fields...)
+	if !found || err != nil {
+		return false, found, err
 	}
 	b, ok := val.(bool)
-	return b, ok
+	if !ok {
+		return false, false, fmt.Errorf("%v accessor error: %v is of the type %T, expected bool", jsonPath(fields), val, val)
+	}
+	return b, true, nil
 }
 
-// NestedFloat64 returns the bool value of a nested field.
-// Returns false if value is not found or is not a float64.
-func NestedFloat64(obj map[string]interface{}, fields ...string) (float64, bool) {
-	val, ok := nestedFieldNoCopy(obj, fields...)
-	if !ok {
-		return 0, false
+// NestedFloat64 returns the float64 value of a nested field.
+// Returns false if value is not found and an error if not a float64.
+func NestedFloat64(obj map[string]interface{}, fields ...string) (float64, bool, error) {
+	val, found, err := nestedFieldNoCopy(obj, fields...)
+	if !found || err != nil {
+		return 0, found, err
 	}
 	f, ok := val.(float64)
-	return f, ok
+	if !ok {
+		return 0, false, fmt.Errorf("%v accessor error: %v is of the type %T, expected float64", jsonPath(fields), val, val)
+	}
+	return f, true, nil
 }
 
 // NestedInt64 returns the int64 value of a nested field.
-// Returns false if value is not found or is not an int64.
-func NestedInt64(obj map[string]interface{}, fields ...string) (int64, bool) {
-	val, ok := nestedFieldNoCopy(obj, fields...)
-	if !ok {
-		return 0, false
+// Returns false if value is not found and an error if not an int64.
+func NestedInt64(obj map[string]interface{}, fields ...string) (int64, bool, error) {
+	val, found, err := nestedFieldNoCopy(obj, fields...)
+	if !found || err != nil {
+		return 0, found, err
 	}
 	i, ok := val.(int64)
-	return i, ok
+	if !ok {
+		return 0, false, fmt.Errorf("%v accessor error: %v is of the type %T, expected int64", jsonPath(fields), val, val)
+	}
+	return i, true, nil
 }
 
 // NestedStringSlice returns a copy of []string value of a nested field.
-// Returns false if value is not found, is not a []interface{} or contains non-string items in the slice.
-func NestedStringSlice(obj map[string]interface{}, fields ...string) ([]string, bool) {
-	val, ok := nestedFieldNoCopy(obj, fields...)
+// Returns false if value is not found and an error if not a []interface{} or contains non-string items in the slice.
+func NestedStringSlice(obj map[string]interface{}, fields ...string) ([]string, bool, error) {
+	val, found, err := nestedFieldNoCopy(obj, fields...)
+	if !found || err != nil {
+		return nil, found, err
+	}
+	m, ok := val.([]interface{})
 	if !ok {
-		return nil, false
+		return nil, false, fmt.Errorf("%v accessor error: %v is of the type %T, expected []interface{}", jsonPath(fields), val, val)
 	}
-	if m, ok := val.([]interface{}); ok {
-		strSlice := make([]string, 0, len(m))
-		for _, v := range m {
-			if str, ok := v.(string); ok {
-				strSlice = append(strSlice, str)
-			} else {
-				return nil, false
-			}
+	strSlice := make([]string, 0, len(m))
+	for _, v := range m {
+		if str, ok := v.(string); ok {
+			strSlice = append(strSlice, str)
+		} else {
+			return nil, false, fmt.Errorf("%v accessor error: contains non-string key in the slice: %v is of the type %T, expected string", jsonPath(fields), v, v)
 		}
-		return strSlice, true
 	}
-	return nil, false
+	return strSlice, true, nil
 }
 
 // NestedSlice returns a deep copy of []interface{} value of a nested field.
-// Returns false if value is not found or is not a []interface{}.
-func NestedSlice(obj map[string]interface{}, fields ...string) ([]interface{}, bool) {
-	val, ok := nestedFieldNoCopy(obj, fields...)
-	if !ok {
-		return nil, false
+// Returns false if value is not found and an error if not a []interface{}.
+func NestedSlice(obj map[string]interface{}, fields ...string) ([]interface{}, bool, error) {
+	val, found, err := nestedFieldNoCopy(obj, fields...)
+	if !found || err != nil {
+		return nil, found, err
 	}
-	if _, ok := val.([]interface{}); ok {
-		return runtime.DeepCopyJSONValue(val).([]interface{}), true
+	_, ok := val.([]interface{})
+	if !ok {
+		return nil, false, fmt.Errorf("%v accessor error: %v is of the type %T, expected []interface{}", jsonPath(fields), val, val)
 	}
-	return nil, false
+	return runtime.DeepCopyJSONValue(val).([]interface{}), true, nil
 }
 
 // NestedStringMap returns a copy of map[string]string value of a nested field.
-// Returns false if value is not found, is not a map[string]interface{} or contains non-string values in the map.
-func NestedStringMap(obj map[string]interface{}, fields ...string) (map[string]string, bool) {
-	m, ok := nestedMapNoCopy(obj, fields...)
-	if !ok {
-		return nil, false
+// Returns false if value is not found and an error if not a map[string]interface{} or contains non-string values in the map.
+func NestedStringMap(obj map[string]interface{}, fields ...string) (map[string]string, bool, error) {
+	m, found, err := nestedMapNoCopy(obj, fields...)
+	if !found || err != nil {
+		return nil, found, err
 	}
 	strMap := make(map[string]string, len(m))
 	for k, v := range m {
 		if str, ok := v.(string); ok {
 			strMap[k] = str
 		} else {
-			return nil, false
+			return nil, false, fmt.Errorf("%v accessor error: contains non-string key in the map: %v is of the type %T, expected string", jsonPath(fields), v, v)
 		}
 	}
-	return strMap, true
+	return strMap, true, nil
 }
 
 // NestedMap returns a deep copy of map[string]interface{} value of a nested field.
-// Returns false if value is not found or is not a map[string]interface{}.
-func NestedMap(obj map[string]interface{}, fields ...string) (map[string]interface{}, bool) {
-	m, ok := nestedMapNoCopy(obj, fields...)
-	if !ok {
-		return nil, false
+// Returns false if value is not found and an error if not a map[string]interface{}.
+func NestedMap(obj map[string]interface{}, fields ...string) (map[string]interface{}, bool, error) {
+	m, found, err := nestedMapNoCopy(obj, fields...)
+	if !found || err != nil {
+		return nil, found, err
 	}
-	return runtime.DeepCopyJSON(m), true
+	return runtime.DeepCopyJSON(m), true, nil
 }
 
 // nestedMapNoCopy returns a map[string]interface{} value of a nested field.
-// Returns false if value is not found or is not a map[string]interface{}.
-func nestedMapNoCopy(obj map[string]interface{}, fields ...string) (map[string]interface{}, bool) {
-	val, ok := nestedFieldNoCopy(obj, fields...)
-	if !ok {
-		return nil, false
+// Returns false if value is not found and an error if not a map[string]interface{}.
+func nestedMapNoCopy(obj map[string]interface{}, fields ...string) (map[string]interface{}, bool, error) {
+	val, found, err := nestedFieldNoCopy(obj, fields...)
+	if !found || err != nil {
+		return nil, found, err
 	}
 	m, ok := val.(map[string]interface{})
-	return m, ok
+	if !ok {
+		return nil, false, fmt.Errorf("%v accessor error: %v is of the type %T, expected map[string]interface{}", jsonPath(fields), val, val)
+	}
+	return m, true, nil
 }
 
 // SetNestedField sets the value of a nested field to a deep copy of the value provided.
-// Returns false if value cannot be set because one of the nesting levels is not a map[string]interface{}.
-func SetNestedField(obj map[string]interface{}, value interface{}, fields ...string) bool {
+// Returns an error if value cannot be set because one of the nesting levels is not a map[string]interface{}.
+func SetNestedField(obj map[string]interface{}, value interface{}, fields ...string) error {
 	return setNestedFieldNoCopy(obj, runtime.DeepCopyJSONValue(value), fields...)
 }
 
-func setNestedFieldNoCopy(obj map[string]interface{}, value interface{}, fields ...string) bool {
+func setNestedFieldNoCopy(obj map[string]interface{}, value interface{}, fields ...string) error {
 	m := obj
-	for _, field := range fields[:len(fields)-1] {
+
+	for i, field := range fields[:len(fields)-1] {
 		if val, ok := m[field]; ok {
 			if valMap, ok := val.(map[string]interface{}); ok {
 				m = valMap
 			} else {
-				return false
+				return fmt.Errorf("value cannot be set because %v is not a map[string]interface{}", jsonPath(fields[:i+1]))
 			}
 		} else {
 			newVal := make(map[string]interface{})
@@ -196,12 +214,12 @@ func setNestedFieldNoCopy(obj map[string]interface{}, value interface{}, fields
 		}
 	}
 	m[fields[len(fields)-1]] = value
-	return true
+	return nil
 }
 
 // SetNestedStringSlice sets the string slice value of a nested field.
-// Returns false if value cannot be set because one of the nesting levels is not a map[string]interface{}.
-func SetNestedStringSlice(obj map[string]interface{}, value []string, fields ...string) bool {
+// Returns an error if value cannot be set because one of the nesting levels is not a map[string]interface{}.
+func SetNestedStringSlice(obj map[string]interface{}, value []string, fields ...string) error {
 	m := make([]interface{}, 0, len(value)) // convert []string into []interface{}
 	for _, v := range value {
 		m = append(m, v)
@@ -210,14 +228,14 @@ func SetNestedStringSlice(obj map[string]interface{}, value []string, fields ...
 }
 
 // SetNestedSlice sets the slice value of a nested field.
-// Returns false if value cannot be set because one of the nesting levels is not a map[string]interface{}.
-func SetNestedSlice(obj map[string]interface{}, value []interface{}, fields ...string) bool {
+// Returns an error if value cannot be set because one of the nesting levels is not a map[string]interface{}.
+func SetNestedSlice(obj map[string]interface{}, value []interface{}, fields ...string) error {
 	return SetNestedField(obj, value, fields...)
 }
 
 // SetNestedStringMap sets the map[string]string value of a nested field.
-// Returns false if value cannot be set because one of the nesting levels is not a map[string]interface{}.
-func SetNestedStringMap(obj map[string]interface{}, value map[string]string, fields ...string) bool {
+// Returns an error if value cannot be set because one of the nesting levels is not a map[string]interface{}.
+func SetNestedStringMap(obj map[string]interface{}, value map[string]string, fields ...string) error {
 	m := make(map[string]interface{}, len(value)) // convert map[string]string into map[string]interface{}
 	for k, v := range value {
 		m[k] = v
@@ -226,8 +244,8 @@ func SetNestedStringMap(obj map[string]interface{}, value map[string]string, fie
 }
 
 // SetNestedMap sets the map[string]interface{} value of a nested field.
-// Returns false if value cannot be set because one of the nesting levels is not a map[string]interface{}.
-func SetNestedMap(obj map[string]interface{}, value map[string]interface{}, fields ...string) bool {
+// Returns an error if value cannot be set because one of the nesting levels is not a map[string]interface{}.
+func SetNestedMap(obj map[string]interface{}, value map[string]interface{}, fields ...string) error {
 	return SetNestedField(obj, value, fields...)
 }
 
@@ -245,22 +263,26 @@ func RemoveNestedField(obj map[string]interface{}, fields ...string) {
 }
 
 func getNestedString(obj map[string]interface{}, fields ...string) string {
-	val, ok := NestedString(obj, fields...)
-	if !ok {
+	val, found, err := NestedString(obj, fields...)
+	if !found || err != nil {
 		return ""
 	}
 	return val
 }
 
+func jsonPath(fields []string) string {
+	return "." + strings.Join(fields, ".")
+}
+
 func extractOwnerReference(v map[string]interface{}) metav1.OwnerReference {
 	// though this field is a *bool, but when decoded from JSON, it's
 	// unmarshalled as bool.
 	var controllerPtr *bool
-	if controller, ok := NestedBool(v, "controller"); ok {
+	if controller, found, err := NestedBool(v, "controller"); err == nil && found {
 		controllerPtr = &controller
 	}
 	var blockOwnerDeletionPtr *bool
-	if blockOwnerDeletion, ok := NestedBool(v, "blockOwnerDeletion"); ok {
+	if blockOwnerDeletion, found, err := NestedBool(v, "blockOwnerDeletion"); err == nil && found {
 		blockOwnerDeletionPtr = &blockOwnerDeletion
 	}
 	return metav1.OwnerReference{
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/unstructured.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/unstructured.go
index 36e769bd602f..2a13330490a2 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/unstructured.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/unstructured.go
@@ -138,8 +138,8 @@ func (u *Unstructured) setNestedMap(value map[string]string, fields ...string) {
 }
 
 func (u *Unstructured) GetOwnerReferences() []metav1.OwnerReference {
-	field, ok := nestedFieldNoCopy(u.Object, "metadata", "ownerReferences")
-	if !ok {
+	field, found, err := nestedFieldNoCopy(u.Object, "metadata", "ownerReferences")
+	if !found || err != nil {
 		return nil
 	}
 	original, ok := field.([]interface{})
@@ -228,8 +228,8 @@ func (u *Unstructured) SetResourceVersion(version string) {
 }
 
 func (u *Unstructured) GetGeneration() int64 {
-	val, ok := NestedInt64(u.Object, "metadata", "generation")
-	if !ok {
+	val, found, err := NestedInt64(u.Object, "metadata", "generation")
+	if !found || err != nil {
 		return 0
 	}
 	return val
@@ -289,8 +289,8 @@ func (u *Unstructured) SetDeletionTimestamp(timestamp *metav1.Time) {
 }
 
 func (u *Unstructured) GetDeletionGracePeriodSeconds() *int64 {
-	val, ok := NestedInt64(u.Object, "metadata", "deletionGracePeriodSeconds")
-	if !ok {
+	val, found, err := NestedInt64(u.Object, "metadata", "deletionGracePeriodSeconds")
+	if !found || err != nil {
 		return nil
 	}
 	return &val
@@ -305,7 +305,7 @@ func (u *Unstructured) SetDeletionGracePeriodSeconds(deletionGracePeriodSeconds
 }
 
 func (u *Unstructured) GetLabels() map[string]string {
-	m, _ := NestedStringMap(u.Object, "metadata", "labels")
+	m, _, _ := NestedStringMap(u.Object, "metadata", "labels")
 	return m
 }
 
@@ -314,7 +314,7 @@ func (u *Unstructured) SetLabels(labels map[string]string) {
 }
 
 func (u *Unstructured) GetAnnotations() map[string]string {
-	m, _ := NestedStringMap(u.Object, "metadata", "annotations")
+	m, _, _ := NestedStringMap(u.Object, "metadata", "annotations")
 	return m
 }
 
@@ -337,8 +337,8 @@ func (u *Unstructured) GroupVersionKind() schema.GroupVersionKind {
 }
 
 func (u *Unstructured) GetInitializers() *metav1.Initializers {
-	m, ok := nestedMapNoCopy(u.Object, "metadata", "initializers")
-	if !ok {
+	m, found, err := nestedMapNoCopy(u.Object, "metadata", "initializers")
+	if !found || err != nil {
 		return nil
 	}
 	out := &metav1.Initializers{}
@@ -362,7 +362,7 @@ func (u *Unstructured) SetInitializers(initializers *metav1.Initializers) {
 }
 
 func (u *Unstructured) GetFinalizers() []string {
-	val, _ := NestedStringSlice(u.Object, "metadata", "finalizers")
+	val, _, _ := NestedStringSlice(u.Object, "metadata", "finalizers")
 	return val
 }
 
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/zz_generated.deepcopy.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/zz_generated.deepcopy.go
index e3bae45ecc08..1c185139f203 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package unstructured
 
@@ -35,9 +35,8 @@ func (in *Unstructured) DeepCopyInto(out *Unstructured) {
 func (in *Unstructured) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -51,7 +50,6 @@ func (in *UnstructuredList) DeepCopyInto(out *UnstructuredList) {
 func (in *UnstructuredList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/validation/BUILD b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/validation/BUILD
index 216ef6368b29..b7dbe0ad99b7 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/validation/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/validation/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/apis/meta/v1/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/zz_generated.deepcopy.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/zz_generated.deepcopy.go
index 2aa20902547a..73308d86ebed 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1
 
@@ -57,9 +57,8 @@ func (in *APIGroup) DeepCopy() *APIGroup {
 func (in *APIGroup) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -90,9 +89,8 @@ func (in *APIGroupList) DeepCopy() *APIGroupList {
 func (in *APIGroupList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -154,9 +152,8 @@ func (in *APIResourceList) DeepCopy() *APIResourceList {
 func (in *APIResourceList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -190,9 +187,8 @@ func (in *APIVersions) DeepCopy() *APIVersions {
 func (in *APIVersions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -252,9 +248,8 @@ func (in *DeleteOptions) DeepCopy() *DeleteOptions {
 func (in *DeleteOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -294,9 +289,8 @@ func (in *ExportOptions) DeepCopy() *ExportOptions {
 func (in *ExportOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -320,9 +314,8 @@ func (in *GetOptions) DeepCopy() *GetOptions {
 func (in *GetOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -568,9 +561,8 @@ func (in *List) DeepCopy() *List {
 func (in *List) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -619,9 +611,8 @@ func (in *ListOptions) DeepCopy() *ListOptions {
 func (in *ListOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MicroTime.
@@ -643,8 +634,7 @@ func (in *ObjectMeta) DeepCopyInto(out *ObjectMeta) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(Time)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	if in.DeletionGracePeriodSeconds != nil {
@@ -847,9 +837,8 @@ func (in *Status) DeepCopy() *Status {
 func (in *Status) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -915,6 +904,26 @@ func (in *Timestamp) DeepCopy() *Timestamp {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in Verbs) DeepCopyInto(out *Verbs) {
+	{
+		in := &in
+		*out = make(Verbs, len(*in))
+		copy(*out, *in)
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Verbs.
+func (in Verbs) DeepCopy() Verbs {
+	if in == nil {
+		return nil
+	}
+	out := new(Verbs)
+	in.DeepCopyInto(out)
+	return *out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *WatchEvent) DeepCopyInto(out *WatchEvent) {
 	*out = *in
@@ -936,7 +945,6 @@ func (in *WatchEvent) DeepCopy() *WatchEvent {
 func (in *WatchEvent) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/zz_generated.defaults.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/zz_generated.defaults.go
index 88d7af085bec..40d9ab00eae5 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/zz_generated.defaults.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/BUILD b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/BUILD
new file mode 100644
index 000000000000..05f33c5b425f
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/BUILD
@@ -0,0 +1,45 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+filegroup(
+    name = "go_default_library_protos",
+    srcs = ["generated.proto"],
+    visibility = ["//visibility:public"],
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "conversion.go",
+        "deepcopy.go",
+        "doc.go",
+        "generated.pb.go",
+        "register.go",
+        "types.go",
+        "types_swagger_doc_generated.go",
+        "zz_generated.deepcopy.go",
+        "zz_generated.defaults.go",
+    ],
+    importpath = "k8s.io/apimachinery/pkg/apis/meta/v1beta1",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//vendor/github.com/gogo/protobuf/proto:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/conversion:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/conversion.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/conversion.go
similarity index 73%
rename from vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/conversion.go
rename to vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/conversion.go
index f8ecc7c26cf2..f3e5e4c98d9e 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/conversion.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/conversion.go
@@ -14,12 +14,12 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package v1alpha1
+package v1beta1
 
 import "k8s.io/apimachinery/pkg/conversion"
 
-// Convert_Slice_string_To_v1alpha1_IncludeObjectPolicy allows converting a URL query parameter value
-func Convert_Slice_string_To_v1alpha1_IncludeObjectPolicy(input *[]string, out *IncludeObjectPolicy, s conversion.Scope) error {
+// Convert_Slice_string_To_v1beta1_IncludeObjectPolicy allows converting a URL query parameter value
+func Convert_Slice_string_To_v1beta1_IncludeObjectPolicy(input *[]string, out *IncludeObjectPolicy, s conversion.Scope) error {
 	if len(*input) > 0 {
 		*out = IncludeObjectPolicy((*input)[0])
 	}
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/deepcopy.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/deepcopy.go
similarity index 98%
rename from vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/deepcopy.go
rename to vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/deepcopy.go
index ab6d04854157..2dd440bb7296 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/deepcopy.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/deepcopy.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package v1alpha1
+package v1beta1
 
 func (in *TableRow) DeepCopy() *TableRow {
 	if in == nil {
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/doc.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/doc.go
similarity index 97%
rename from vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/doc.go
rename to vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/doc.go
index eea67c5c8322..dc461cc29682 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/doc.go
@@ -19,4 +19,4 @@ limitations under the License.
 // +k8s:defaulter-gen=TypeMeta
 
 // +groupName=meta.k8s.io
-package v1alpha1
+package v1beta1
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/generated.pb.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/generated.pb.go
similarity index 83%
rename from vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/generated.pb.go
rename to vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/generated.pb.go
index 4fcddb3ab3f4..dda05bea44a5 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/generated.pb.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/generated.pb.go
@@ -15,21 +15,21 @@ limitations under the License.
 */
 
 // Code generated by protoc-gen-gogo.
-// source: k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/generated.proto
+// source: k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/generated.proto
 // DO NOT EDIT!
 
 /*
-	Package v1alpha1 is a generated protocol buffer package.
+	Package v1beta1 is a generated protocol buffer package.
 
 	It is generated from these files:
-		k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/generated.proto
+		k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/generated.proto
 
 	It has these top-level messages:
 		PartialObjectMetadata
 		PartialObjectMetadataList
 		TableOptions
 */
-package v1alpha1
+package v1beta1
 
 import proto "github.com/gogo/protobuf/proto"
 import fmt "fmt"
@@ -66,9 +66,9 @@ func (*TableOptions) ProtoMessage()               {}
 func (*TableOptions) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{2} }
 
 func init() {
-	proto.RegisterType((*PartialObjectMetadata)(nil), "k8s.io.apimachinery.pkg.apis.meta.v1alpha1.PartialObjectMetadata")
-	proto.RegisterType((*PartialObjectMetadataList)(nil), "k8s.io.apimachinery.pkg.apis.meta.v1alpha1.PartialObjectMetadataList")
-	proto.RegisterType((*TableOptions)(nil), "k8s.io.apimachinery.pkg.apis.meta.v1alpha1.TableOptions")
+	proto.RegisterType((*PartialObjectMetadata)(nil), "k8s.io.apimachinery.pkg.apis.meta.v1beta1.PartialObjectMetadata")
+	proto.RegisterType((*PartialObjectMetadataList)(nil), "k8s.io.apimachinery.pkg.apis.meta.v1beta1.PartialObjectMetadataList")
+	proto.RegisterType((*TableOptions)(nil), "k8s.io.apimachinery.pkg.apis.meta.v1beta1.TableOptions")
 }
 func (m *PartialObjectMetadata) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
@@ -600,34 +600,34 @@ var (
 )
 
 func init() {
-	proto.RegisterFile("k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/generated.proto", fileDescriptorGenerated)
+	proto.RegisterFile("k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/generated.proto", fileDescriptorGenerated)
 }
 
 var fileDescriptorGenerated = []byte{
-	// 392 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x8c, 0x91, 0xbf, 0x6e, 0xd4, 0x40,
-	0x10, 0x87, 0xbd, 0x42, 0x91, 0x92, 0x0d, 0x69, 0x8c, 0x90, 0xc2, 0x15, 0xeb, 0xe8, 0xaa, 0x08,
-	0xc1, 0x2e, 0x09, 0x08, 0xd1, 0xe2, 0x2e, 0x12, 0x28, 0x91, 0xa1, 0xa2, 0x62, 0x6d, 0x0f, 0xf6,
-	0x62, 0x7b, 0xd7, 0xda, 0x1d, 0x47, 0xba, 0x0a, 0x1e, 0x81, 0xc7, 0xba, 0x32, 0x65, 0x2a, 0x8b,
-	0x33, 0x6f, 0x41, 0x85, 0x6c, 0x5f, 0xc8, 0xbf, 0x3b, 0xe5, 0xba, 0x99, 0xdf, 0xe8, 0xfb, 0x3c,
-	0xe3, 0xa5, 0x9f, 0x8a, 0x77, 0x8e, 0x2b, 0x23, 0x8a, 0x26, 0x06, 0xab, 0x01, 0xc1, 0x89, 0x73,
-	0xd0, 0xa9, 0xb1, 0x62, 0x39, 0x90, 0xb5, 0xaa, 0x64, 0x92, 0x2b, 0x0d, 0x76, 0x26, 0xea, 0x22,
-	0xeb, 0x03, 0x27, 0x2a, 0x40, 0x29, 0xce, 0x8f, 0x64, 0x59, 0xe7, 0xf2, 0x48, 0x64, 0xa0, 0xc1,
-	0x4a, 0x84, 0x94, 0xd7, 0xd6, 0xa0, 0xf1, 0x9f, 0x8f, 0x2c, 0xbf, 0xc9, 0xf2, 0xba, 0xc8, 0xfa,
-	0xc0, 0xf1, 0x9e, 0xe5, 0x57, 0xec, 0xe4, 0x65, 0xa6, 0x30, 0x6f, 0x62, 0x9e, 0x98, 0x4a, 0x64,
-	0x26, 0x33, 0x62, 0x50, 0xc4, 0xcd, 0xb7, 0xa1, 0x1b, 0x9a, 0xa1, 0x1a, 0xd5, 0x93, 0x37, 0x9b,
-	0xac, 0x75, 0x77, 0xa1, 0xc9, 0xda, 0x63, 0x6c, 0xa3, 0x51, 0x55, 0x70, 0x0f, 0x78, 0xfb, 0x10,
-	0xe0, 0x92, 0x1c, 0x2a, 0x79, 0x8f, 0x7b, 0xbd, 0x8e, 0x6b, 0x50, 0x95, 0x42, 0x69, 0x74, 0x68,
-	0xef, 0x42, 0xd3, 0x19, 0x7d, 0x7a, 0x26, 0x2d, 0x2a, 0x59, 0x9e, 0xc6, 0xdf, 0x21, 0xc1, 0x8f,
-	0x80, 0x32, 0x95, 0x28, 0xfd, 0xaf, 0x74, 0xbb, 0x5a, 0xd6, 0xfb, 0xe4, 0x80, 0x1c, 0xee, 0x1e,
-	0xbf, 0xe2, 0x9b, 0xfc, 0x5a, 0x7e, 0xed, 0x09, 0xfd, 0x79, 0x1b, 0x78, 0x5d, 0x1b, 0xd0, 0xeb,
-	0x2c, 0xfa, 0x6f, 0x9d, 0xfe, 0xa0, 0xcf, 0x56, 0x7e, 0xfa, 0x83, 0x72, 0xe8, 0xc7, 0x74, 0x4b,
-	0x21, 0x54, 0x6e, 0x9f, 0x1c, 0x3c, 0x3a, 0xdc, 0x3d, 0x7e, 0xcf, 0x37, 0x7f, 0x56, 0xbe, 0xd2,
-	0x1a, 0xee, 0x74, 0x6d, 0xb0, 0x75, 0xd2, 0x3b, 0xa3, 0x51, 0x3d, 0x8d, 0xe9, 0xe3, 0xcf, 0x32,
-	0x2e, 0xe1, 0xb4, 0x46, 0x65, 0xb4, 0xf3, 0x23, 0xba, 0xa7, 0x74, 0x52, 0x36, 0x29, 0x8c, 0xe8,
-	0x70, 0xf7, 0x4e, 0xf8, 0x62, 0x79, 0xc5, 0xde, 0xc9, 0xcd, 0xe1, 0xdf, 0x36, 0x78, 0x72, 0x2b,
-	0x38, 0x33, 0xa5, 0x4a, 0x66, 0xd1, 0x6d, 0x45, 0xc8, 0xe7, 0x0b, 0xe6, 0x5d, 0x2c, 0x98, 0x77,
-	0xb9, 0x60, 0xde, 0xcf, 0x8e, 0x91, 0x79, 0xc7, 0xc8, 0x45, 0xc7, 0xc8, 0x65, 0xc7, 0xc8, 0xef,
-	0x8e, 0x91, 0x5f, 0x7f, 0x98, 0xf7, 0x65, 0xfb, 0x6a, 0xf7, 0x7f, 0x01, 0x00, 0x00, 0xff, 0xff,
-	0x97, 0x95, 0xbb, 0xf9, 0x14, 0x03, 0x00, 0x00,
+	// 391 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x8c, 0x91, 0xbd, 0x6e, 0xd4, 0x40,
+	0x10, 0xc7, 0xbd, 0x42, 0x11, 0x64, 0x43, 0x1a, 0x23, 0xa4, 0x70, 0xc5, 0x3a, 0xba, 0x2a, 0x48,
+	0x64, 0x97, 0x04, 0x84, 0x28, 0x91, 0xbb, 0x48, 0xa0, 0x44, 0x16, 0x15, 0x15, 0x6b, 0x7b, 0xf0,
+	0x2d, 0xb6, 0x77, 0xad, 0xdd, 0x71, 0xa4, 0x6b, 0x10, 0x8f, 0xc0, 0x63, 0x5d, 0x99, 0x32, 0x95,
+	0xc5, 0x99, 0xb7, 0xa0, 0x42, 0xfe, 0x10, 0xf9, 0xb8, 0x3b, 0xe5, 0xba, 0x99, 0xff, 0xe8, 0xf7,
+	0xf3, 0x8c, 0x97, 0x46, 0xf9, 0x7b, 0xc7, 0x95, 0x11, 0x79, 0x1d, 0x83, 0xd5, 0x80, 0xe0, 0xc4,
+	0x25, 0xe8, 0xd4, 0x58, 0x31, 0x0e, 0x64, 0xa5, 0x4a, 0x99, 0xcc, 0x94, 0x06, 0x3b, 0x17, 0x55,
+	0x9e, 0x75, 0x81, 0x13, 0x25, 0xa0, 0x14, 0x97, 0x27, 0x31, 0xa0, 0x3c, 0x11, 0x19, 0x68, 0xb0,
+	0x12, 0x21, 0xe5, 0x95, 0x35, 0x68, 0xfc, 0x97, 0x03, 0xca, 0x6f, 0xa3, 0xbc, 0xca, 0xb3, 0x2e,
+	0x70, 0xbc, 0x43, 0xf9, 0x88, 0x4e, 0x8e, 0x33, 0x85, 0xb3, 0x3a, 0xe6, 0x89, 0x29, 0x45, 0x66,
+	0x32, 0x23, 0x7a, 0x43, 0x5c, 0x7f, 0xeb, 0xbb, 0xbe, 0xe9, 0xab, 0xc1, 0x3c, 0x79, 0xbb, 0xcd,
+	0x52, 0xf7, 0xf7, 0x99, 0x6c, 0x3c, 0xc5, 0xd6, 0x1a, 0x55, 0x09, 0x2b, 0xc0, 0xbb, 0x87, 0x00,
+	0x97, 0xcc, 0xa0, 0x94, 0x2b, 0xdc, 0x9b, 0x4d, 0x5c, 0x8d, 0xaa, 0x10, 0x4a, 0xa3, 0x43, 0x7b,
+	0x1f, 0x9a, 0xce, 0xe9, 0xf3, 0x0b, 0x69, 0x51, 0xc9, 0xe2, 0x3c, 0xfe, 0x0e, 0x09, 0x7e, 0x02,
+	0x94, 0xa9, 0x44, 0xe9, 0x7f, 0xa5, 0x4f, 0xca, 0xb1, 0x3e, 0x20, 0x87, 0xe4, 0x68, 0xef, 0xf4,
+	0x35, 0xdf, 0xe6, 0xcf, 0xf2, 0x1b, 0x4f, 0xe8, 0x2f, 0x9a, 0xc0, 0x6b, 0x9b, 0x80, 0xde, 0x64,
+	0xd1, 0x7f, 0xeb, 0xf4, 0x07, 0x7d, 0xb1, 0xf6, 0xd3, 0x1f, 0x95, 0x43, 0x5f, 0xd2, 0x1d, 0x85,
+	0x50, 0xba, 0x03, 0x72, 0xf8, 0xe8, 0x68, 0xef, 0xf4, 0x03, 0xdf, 0xfa, 0x55, 0xf9, 0x5a, 0x69,
+	0xb8, 0xdb, 0x36, 0xc1, 0xce, 0x59, 0xa7, 0x8c, 0x06, 0xf3, 0x34, 0xa6, 0x4f, 0x3f, 0xcb, 0xb8,
+	0x80, 0xf3, 0x0a, 0x95, 0xd1, 0xce, 0x8f, 0xe8, 0xbe, 0xd2, 0x49, 0x51, 0xa7, 0x30, 0xa0, 0xfd,
+	0xd9, 0xbb, 0xe1, 0xab, 0xf1, 0x88, 0xfd, 0xb3, 0xdb, 0xc3, 0xbf, 0x4d, 0xf0, 0xec, 0x4e, 0x70,
+	0x61, 0x0a, 0x95, 0xcc, 0xa3, 0xbb, 0x8a, 0xf0, 0x78, 0xb1, 0x64, 0xde, 0xd5, 0x92, 0x79, 0xd7,
+	0x4b, 0xe6, 0xfd, 0x6c, 0x19, 0x59, 0xb4, 0x8c, 0x5c, 0xb5, 0x8c, 0x5c, 0xb7, 0x8c, 0xfc, 0x6e,
+	0x19, 0xf9, 0xf5, 0x87, 0x79, 0x5f, 0x1e, 0x8f, 0xab, 0xff, 0x0b, 0x00, 0x00, 0xff, 0xff, 0x73,
+	0xdf, 0x3a, 0x0c, 0x10, 0x03, 0x00, 0x00,
 }
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/generated.proto b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/generated.proto
similarity index 94%
rename from vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/generated.proto
rename to vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/generated.proto
index 7509f6e867b3..a9060bf96f53 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/generated.proto
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/generated.proto
@@ -19,7 +19,7 @@ limitations under the License.
 
 syntax = 'proto2';
 
-package k8s.io.apimachinery.pkg.apis.meta.v1alpha1;
+package k8s.io.apimachinery.pkg.apis.meta.v1beta1;
 
 import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
 import "k8s.io/apimachinery/pkg/runtime/generated.proto";
@@ -27,7 +27,7 @@ import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
 import "k8s.io/apimachinery/pkg/util/intstr/generated.proto";
 
 // Package-wide variables from generator "generated".
-option go_package = "v1alpha1";
+option go_package = "v1beta1";
 
 // PartialObjectMetadata is a generic representation of any object with ObjectMeta. It allows clients
 // to get access to a particular ObjectMeta schema without knowing the details of the version.
@@ -52,7 +52,7 @@ message TableOptions {
   // includeObject decides whether to include each object along with its columnar information.
   // Specifying "None" will return no object, specifying "Object" will return the full object contents, and
   // specifying "Metadata" (the default) will return the object's metadata in the PartialObjectMetadata kind
-  // in version v1alpha1 of the meta.k8s.io API group.
+  // in version v1beta1 of the meta.k8s.io API group.
   optional string includeObject = 1;
 }
 
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/register.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/register.go
similarity index 92%
rename from vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/register.go
rename to vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/register.go
index dab66bf08874..d13254b41dd0 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/register.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/register.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package v1alpha1
+package v1beta1
 
 import (
 	"k8s.io/apimachinery/pkg/runtime"
@@ -25,17 +25,17 @@ import (
 const GroupName = "meta.k8s.io"
 
 // SchemeGroupVersion is group version used to register these objects
-var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}
+var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1beta1"}
 
 // Kind takes an unqualified kind and returns a Group qualified GroupKind
 func Kind(kind string) schema.GroupKind {
 	return SchemeGroupVersion.WithKind(kind).GroupKind()
 }
 
-// scheme is the registry for the common types that adhere to the meta v1alpha1 API spec.
+// scheme is the registry for the common types that adhere to the meta v1beta1 API spec.
 var scheme = runtime.NewScheme()
 
-// ParameterCodec knows about query parameters used with the meta v1alpha1 API spec.
+// ParameterCodec knows about query parameters used with the meta v1beta1 API spec.
 var ParameterCodec = runtime.NewParameterCodec(scheme)
 
 func init() {
@@ -47,7 +47,7 @@ func init() {
 	)
 
 	if err := scheme.AddConversionFuncs(
-		Convert_Slice_string_To_v1alpha1_IncludeObjectPolicy,
+		Convert_Slice_string_To_v1beta1_IncludeObjectPolicy,
 	); err != nil {
 		panic(err)
 	}
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/types.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/types.go
similarity index 98%
rename from vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/types.go
rename to vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/types.go
index 1c97414a9f9b..7b7c47d827df 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/types.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/types.go
@@ -14,8 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// package v1alpha1 is alpha objects from meta that will be introduced.
-package v1alpha1
+// package v1beta1 is alpha objects from meta that will be introduced.
+package v1beta1
 
 import (
 	"k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -136,7 +136,7 @@ type TableOptions struct {
 	// includeObject decides whether to include each object along with its columnar information.
 	// Specifying "None" will return no object, specifying "Object" will return the full object contents, and
 	// specifying "Metadata" (the default) will return the object's metadata in the PartialObjectMetadata kind
-	// in version v1alpha1 of the meta.k8s.io API group.
+	// in version v1beta1 of the meta.k8s.io API group.
 	IncludeObject IncludeObjectPolicy `json:"includeObject,omitempty" protobuf:"bytes,1,opt,name=includeObject,casttype=IncludeObjectPolicy"`
 }
 
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/types_swagger_doc_generated.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/types_swagger_doc_generated.go
similarity index 98%
rename from vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/types_swagger_doc_generated.go
rename to vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/types_swagger_doc_generated.go
index e8bb6260296a..2680fbf7e409 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/types_swagger_doc_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package v1alpha1
+package v1beta1
 
 // This file contains a collection of methods that can be used from go-restful to
 // generate Swagger API documentation for its models. Please read this PR for more
@@ -71,7 +71,7 @@ func (TableColumnDefinition) SwaggerDoc() map[string]string {
 
 var map_TableOptions = map[string]string{
 	"":              "TableOptions are used when a Table is requested by the caller.",
-	"includeObject": "includeObject decides whether to include each object along with its columnar information. Specifying \"None\" will return no object, specifying \"Object\" will return the full object contents, and specifying \"Metadata\" (the default) will return the object's metadata in the PartialObjectMetadata kind in version v1alpha1 of the meta.k8s.io API group.",
+	"includeObject": "includeObject decides whether to include each object along with its columnar information. Specifying \"None\" will return no object, specifying \"Object\" will return the full object contents, and specifying \"Metadata\" (the default) will return the object's metadata in the PartialObjectMetadata kind in version v1beta1 of the meta.k8s.io API group.",
 }
 
 func (TableOptions) SwaggerDoc() map[string]string {
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/zz_generated.deepcopy.go
similarity index 96%
rename from vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/zz_generated.deepcopy.go
rename to vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/zz_generated.deepcopy.go
index 1b3172004d60..226995a21a4b 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/zz_generated.deepcopy.go
@@ -16,9 +16,9 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
-package v1alpha1
+package v1beta1
 
 import (
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -46,9 +46,8 @@ func (in *PartialObjectMetadata) DeepCopy() *PartialObjectMetadata {
 func (in *PartialObjectMetadata) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -84,9 +83,8 @@ func (in *PartialObjectMetadataList) DeepCopy() *PartialObjectMetadataList {
 func (in *PartialObjectMetadataList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -123,9 +121,8 @@ func (in *Table) DeepCopy() *Table {
 func (in *Table) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -165,9 +162,8 @@ func (in *TableOptions) DeepCopy() *TableOptions {
 func (in *TableOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/zz_generated.defaults.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/zz_generated.defaults.go
new file mode 100644
index 000000000000..544e569dc2d7
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/zz_generated.defaults.go
@@ -0,0 +1,32 @@
+// +build !ignore_autogenerated
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by defaulter-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	runtime "k8s.io/apimachinery/pkg/runtime"
+)
+
+// RegisterDefaults adds defaulters functions to the given scheme.
+// Public to allow building arbitrary schemes.
+// All generated defaulters are covering - they call all nested defaulters.
+func RegisterDefaults(scheme *runtime.Scheme) error {
+	return nil
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/conversion/BUILD b/vendor/k8s.io/apimachinery/pkg/conversion/BUILD
index 184dafbff1d8..0d2cee7294e0 100644
--- a/vendor/k8s.io/apimachinery/pkg/conversion/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/conversion/BUILD
@@ -12,8 +12,7 @@ go_test(
         "converter_test.go",
         "helper_test.go",
     ],
-    importpath = "k8s.io/apimachinery/pkg/conversion",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/google/gofuzz:go_default_library",
         "//vendor/github.com/spf13/pflag:go_default_library",
diff --git a/vendor/k8s.io/apimachinery/pkg/conversion/queryparams/BUILD b/vendor/k8s.io/apimachinery/pkg/conversion/queryparams/BUILD
index 8b871ab126cb..81bacef7061d 100644
--- a/vendor/k8s.io/apimachinery/pkg/conversion/queryparams/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/conversion/queryparams/BUILD
@@ -18,7 +18,6 @@ go_library(
 go_test(
     name = "go_default_xtest",
     srcs = ["convert_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/conversion/queryparams_test",
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/conversion/queryparams:go_default_library",
diff --git a/vendor/k8s.io/apimachinery/pkg/fields/BUILD b/vendor/k8s.io/apimachinery/pkg/fields/BUILD
index 2bae1350393e..383448e0fb04 100644
--- a/vendor/k8s.io/apimachinery/pkg/fields/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/fields/BUILD
@@ -12,8 +12,7 @@ go_test(
         "fields_test.go",
         "selector_test.go",
     ],
-    importpath = "k8s.io/apimachinery/pkg/fields",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apimachinery/pkg/fields/selector.go b/vendor/k8s.io/apimachinery/pkg/fields/selector.go
index 273e9a2c1b5f..3785d8c2f748 100644
--- a/vendor/k8s.io/apimachinery/pkg/fields/selector.go
+++ b/vendor/k8s.io/apimachinery/pkg/fields/selector.go
@@ -396,7 +396,7 @@ const (
 var termOperators = []string{notEqualOperator, doubleEqualOperator, equalOperator}
 
 // splitTerm returns the lhs, operator, and rhs parsed from the given term, along with an indicator of whether the parse was successful.
-// no escaping of special characters is supported in the lhs value, so the first occurance of a recognized operator is used as the split point.
+// no escaping of special characters is supported in the lhs value, so the first occurrence of a recognized operator is used as the split point.
 // the literal rhs is returned, and the caller is responsible for applying any desired unescaping.
 func splitTerm(term string) (lhs, op, rhs string, ok bool) {
 	for i := range term {
diff --git a/vendor/k8s.io/apimachinery/pkg/labels/BUILD b/vendor/k8s.io/apimachinery/pkg/labels/BUILD
index fba6648e00f9..a78764f72e80 100644
--- a/vendor/k8s.io/apimachinery/pkg/labels/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/labels/BUILD
@@ -12,8 +12,7 @@ go_test(
         "labels_test.go",
         "selector_test.go",
     ],
-    importpath = "k8s.io/apimachinery/pkg/labels",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/selection:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
diff --git a/vendor/k8s.io/apimachinery/pkg/labels/zz_generated.deepcopy.go b/vendor/k8s.io/apimachinery/pkg/labels/zz_generated.deepcopy.go
index d22cddbff764..a536f9ec9002 100644
--- a/vendor/k8s.io/apimachinery/pkg/labels/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apimachinery/pkg/labels/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package labels
 
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/BUILD b/vendor/k8s.io/apimachinery/pkg/runtime/BUILD
index 93c6dcbfc778..7a53fbc41d1d 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["swagger_doc_generator_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/runtime",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
@@ -57,7 +56,6 @@ go_test(
         "extension_test.go",
         "scheme_test.go",
     ],
-    importpath = "k8s.io/apimachinery/pkg/runtime_test",
     deps = [
         "//vendor/github.com/google/gofuzz:go_default_library",
         "//vendor/github.com/spf13/pflag:go_default_library",
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/codec.go b/vendor/k8s.io/apimachinery/pkg/runtime/codec.go
index 5b3080aa5845..10dc12cca914 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/codec.go
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/codec.go
@@ -281,7 +281,7 @@ func (disabledGroupVersioner) KindForGroupVersionKinds(kinds []schema.GroupVersi
 // GroupVersioners implements GroupVersioner and resolves to the first exact match for any kind.
 type GroupVersioners []GroupVersioner
 
-// KindForGroupVersionKinds returns the first match of any of the group versioners, or false if no match occured.
+// KindForGroupVersionKinds returns the first match of any of the group versioners, or false if no match occurred.
 func (gvs GroupVersioners) KindForGroupVersionKinds(kinds []schema.GroupVersionKind) (schema.GroupVersionKind, bool) {
 	for _, gv := range gvs {
 		target, ok := gv.KindForGroupVersionKinds(kinds)
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/schema/BUILD b/vendor/k8s.io/apimachinery/pkg/runtime/schema/BUILD
index 032d866edb4c..e81977218114 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/schema/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/schema/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["group_version_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/runtime/schema",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/schema/group_version.go b/vendor/k8s.io/apimachinery/pkg/runtime/schema/group_version.go
index 1a9bba10603d..da642fa73f1c 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/schema/group_version.go
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/schema/group_version.go
@@ -36,6 +36,21 @@ func ParseResourceArg(arg string) (*GroupVersionResource, GroupResource) {
 	return gvr, ParseGroupResource(arg)
 }
 
+// ParseKindArg takes the common style of string which may be either `Kind.group.com` or `Kind.version.group.com`
+// and parses it out into both possibilities. This code takes no responsibility for knowing which representation was intended
+// but with a knowledge of all GroupKinds, calling code can take a very good guess. If there are only two segments, then
+// `*GroupVersionResource` is nil.
+// `Kind.group.com` -> `group=com, version=group, kind=Kind` and `group=group.com, kind=Kind`
+func ParseKindArg(arg string) (*GroupVersionKind, GroupKind) {
+	var gvk *GroupVersionKind
+	if strings.Count(arg, ".") >= 2 {
+		s := strings.SplitN(arg, ".", 3)
+		gvk = &GroupVersionKind{Group: s[2], Version: s[1], Kind: s[0]}
+	}
+
+	return gvk, ParseGroupKind(arg)
+}
+
 // GroupResource specifies a Group and a Resource, but does not force a version.  This is useful for identifying
 // concepts during lookup stages without having partially valid types
 type GroupResource struct {
@@ -58,6 +73,15 @@ func (gr *GroupResource) String() string {
 	return gr.Resource + "." + gr.Group
 }
 
+func ParseGroupKind(gk string) GroupKind {
+	i := strings.Index(gk, ".")
+	if i == -1 {
+		return GroupKind{Kind: gk}
+	}
+
+	return GroupKind{Group: gk[i+1:], Kind: gk[:i]}
+}
+
 // ParseGroupResource turns "resource.group" string into a GroupResource struct.  Empty strings are allowed
 // for each field.
 func ParseGroupResource(gr string) GroupResource {
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/scheme.go b/vendor/k8s.io/apimachinery/pkg/runtime/scheme.go
index 08b7553810bb..3d94a3041d13 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/scheme.go
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/scheme.go
@@ -431,6 +431,7 @@ func (s *Scheme) Convert(in, out interface{}, context interface{}) error {
 				return err
 			}
 			unstructuredOut.SetUnstructuredContent(content)
+			unstructuredOut.GetObjectKind().SetGroupVersionKind(gvk)
 			return nil
 		}
 
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/BUILD b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/BUILD
index 9403c3376f49..bc4cf8ec140e 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["codec_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/runtime/serializer",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/ghodss/yaml:go_default_library",
         "//vendor/github.com/google/gofuzz:go_default_library",
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/json/BUILD b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/json/BUILD
index 0d43ce95429f..7be13ed4715c 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/json/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/json/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["meta_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/runtime/serializer/json",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
@@ -34,7 +33,6 @@ go_library(
 go_test(
     name = "go_default_xtest",
     srcs = ["json_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/runtime/serializer/json_test",
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/json/json.go b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/json/json.go
index 8a217f32e318..2b795b5b84fd 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/json/json.go
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/json/json.go
@@ -98,11 +98,29 @@ func init() {
 	jsoniter.RegisterTypeDecoderFunc("interface {}", decodeNumberAsInt64IfPossible)
 }
 
+// gvkWithDefaults returns group kind and version defaulting from provided default
+func gvkWithDefaults(actual, defaultGVK schema.GroupVersionKind) schema.GroupVersionKind {
+	if len(actual.Kind) == 0 {
+		actual.Kind = defaultGVK.Kind
+	}
+	if len(actual.Version) == 0 && len(actual.Group) == 0 {
+		actual.Group = defaultGVK.Group
+		actual.Version = defaultGVK.Version
+	}
+	if len(actual.Version) == 0 && actual.Group == defaultGVK.Group {
+		actual.Version = defaultGVK.Version
+	}
+	return actual
+}
+
 // Decode attempts to convert the provided data into YAML or JSON, extract the stored schema kind, apply the provided default gvk, and then
-// load that data into an object matching the desired schema kind or the provided into. If into is *runtime.Unknown, the raw data will be
-// extracted and no decoding will be performed. If into is not registered with the typer, then the object will be straight decoded using
-// normal JSON/YAML unmarshalling. If into is provided and the original data is not fully qualified with kind/version/group, the type of
-// the into will be used to alter the returned gvk. On success or most errors, the method will return the calculated schema kind.
+// load that data into an object matching the desired schema kind or the provided into.
+// If into is *runtime.Unknown, the raw data will be extracted and no decoding will be performed.
+// If into is not registered with the typer, then the object will be straight decoded using normal JSON/YAML unmarshalling.
+// If into is provided and the original data is not fully qualified with kind/version/group, the type of the into will be used to alter the returned gvk.
+// If into is nil or data's gvk different from into's gvk, it will generate a new Object with ObjectCreater.New(gvk)
+// On success or most errors, the method will return the calculated schema kind.
+// The gvk calculate priority will be originalData > default gvk > into
 func (s *Serializer) Decode(originalData []byte, gvk *schema.GroupVersionKind, into runtime.Object) (runtime.Object, *schema.GroupVersionKind, error) {
 	if versioned, ok := into.(*runtime.VersionedObjects); ok {
 		into = versioned.Last()
@@ -129,17 +147,7 @@ func (s *Serializer) Decode(originalData []byte, gvk *schema.GroupVersionKind, i
 	}
 
 	if gvk != nil {
-		// apply kind and version defaulting from provided default
-		if len(actual.Kind) == 0 {
-			actual.Kind = gvk.Kind
-		}
-		if len(actual.Version) == 0 && len(actual.Group) == 0 {
-			actual.Group = gvk.Group
-			actual.Version = gvk.Version
-		}
-		if len(actual.Version) == 0 && actual.Group == gvk.Group {
-			actual.Version = gvk.Version
-		}
+		*actual = gvkWithDefaults(*actual, *gvk)
 	}
 
 	if unk, ok := into.(*runtime.Unknown); ok && unk != nil {
@@ -154,24 +162,14 @@ func (s *Serializer) Decode(originalData []byte, gvk *schema.GroupVersionKind, i
 		types, _, err := s.typer.ObjectKinds(into)
 		switch {
 		case runtime.IsNotRegisteredError(err), isUnstructured:
-			if err := jsoniter.ConfigFastest.Unmarshal(data, into); err != nil {
+			if err := jsoniter.ConfigCompatibleWithStandardLibrary.Unmarshal(data, into); err != nil {
 				return nil, actual, err
 			}
 			return into, actual, nil
 		case err != nil:
 			return nil, actual, err
 		default:
-			typed := types[0]
-			if len(actual.Kind) == 0 {
-				actual.Kind = typed.Kind
-			}
-			if len(actual.Version) == 0 && len(actual.Group) == 0 {
-				actual.Group = typed.Group
-				actual.Version = typed.Version
-			}
-			if len(actual.Version) == 0 && actual.Group == typed.Group {
-				actual.Version = typed.Version
-			}
+			*actual = gvkWithDefaults(*actual, types[0])
 		}
 	}
 
@@ -188,7 +186,7 @@ func (s *Serializer) Decode(originalData []byte, gvk *schema.GroupVersionKind, i
 		return nil, actual, err
 	}
 
-	if err := jsoniter.ConfigFastest.Unmarshal(data, obj); err != nil {
+	if err := jsoniter.ConfigCompatibleWithStandardLibrary.Unmarshal(data, obj); err != nil {
 		return nil, actual, err
 	}
 	return obj, actual, nil
@@ -197,7 +195,7 @@ func (s *Serializer) Decode(originalData []byte, gvk *schema.GroupVersionKind, i
 // Encode serializes the provided object to the given writer.
 func (s *Serializer) Encode(obj runtime.Object, w io.Writer) error {
 	if s.yaml {
-		json, err := jsoniter.ConfigFastest.Marshal(obj)
+		json, err := jsoniter.ConfigCompatibleWithStandardLibrary.Marshal(obj)
 		if err != nil {
 			return err
 		}
@@ -210,7 +208,7 @@ func (s *Serializer) Encode(obj runtime.Object, w io.Writer) error {
 	}
 
 	if s.pretty {
-		data, err := jsoniter.ConfigFastest.MarshalIndent(obj, "", "  ")
+		data, err := jsoniter.ConfigCompatibleWithStandardLibrary.MarshalIndent(obj, "", "  ")
 		if err != nil {
 			return err
 		}
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/streaming/BUILD b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/streaming/BUILD
index 4903338fa6bb..e0589fef78be 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/streaming/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/streaming/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["streaming_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/runtime/serializer/streaming",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/versioning/BUILD b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/versioning/BUILD
index a1b0e6eb2774..32e6863c97f3 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/versioning/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/versioning/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["versioning_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/runtime/serializer/versioning",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/zz_generated.deepcopy.go b/vendor/k8s.io/apimachinery/pkg/runtime/zz_generated.deepcopy.go
index 82cf19ce1a89..ba89cd235a58 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package runtime
 
@@ -72,9 +72,8 @@ func (in *Unknown) DeepCopy() *Unknown {
 func (in *Unknown) DeepCopyObject() Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -108,7 +107,6 @@ func (in *VersionedObjects) DeepCopy() *VersionedObjects {
 func (in *VersionedObjects) DeepCopyObject() Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/apimachinery/pkg/util/cache/BUILD b/vendor/k8s.io/apimachinery/pkg/util/cache/BUILD
index d589c0d152a0..2fcbae368269 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/cache/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/cache/BUILD
@@ -12,8 +12,7 @@ go_test(
         "cache_test.go",
         "lruexpirecache_test.go",
     ],
-    importpath = "k8s.io/apimachinery/pkg/util/cache",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/golang/groupcache/lru:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/clock:go_default_library",
diff --git a/vendor/k8s.io/apimachinery/pkg/util/clock/BUILD b/vendor/k8s.io/apimachinery/pkg/util/clock/BUILD
index 62ad5a87b183..a9f6be471941 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/clock/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/clock/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["clock_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/util/clock",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apimachinery/pkg/util/diff/BUILD b/vendor/k8s.io/apimachinery/pkg/util/diff/BUILD
index 4ba69bc6354b..3cd03b435747 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/diff/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/diff/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["diff_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/util/diff",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apimachinery/pkg/util/duration/BUILD b/vendor/k8s.io/apimachinery/pkg/util/duration/BUILD
new file mode 100644
index 000000000000..6b9e7880ecae
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/util/duration/BUILD
@@ -0,0 +1,22 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["duration.go"],
+    importpath = "k8s.io/apimachinery/pkg/util/duration",
+    visibility = ["//visibility:public"],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/printers/common.go b/vendor/k8s.io/apimachinery/pkg/util/duration/duration.go
similarity index 86%
rename from vendor/k8s.io/kubernetes/pkg/printers/common.go
rename to vendor/k8s.io/apimachinery/pkg/util/duration/duration.go
index 382ff5639ea7..00404c6cddac 100644
--- a/vendor/k8s.io/kubernetes/pkg/printers/common.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/duration/duration.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2014 The Kubernetes Authors.
+Copyright 2018 The Kubernetes Authors.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -14,13 +14,15 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package printers
+package duration
 
 import (
 	"fmt"
 	"time"
 )
 
+// ShortHumanDuration returns a succint representation of the provided duration
+// with limited precision for consumption by humans.
 func ShortHumanDuration(d time.Duration) string {
 	// Allow deviation no more than 2 seconds(excluded) to tolerate machine time
 	// inconsistence, it can be considered as almost now.
diff --git a/vendor/k8s.io/apimachinery/pkg/util/errors/BUILD b/vendor/k8s.io/apimachinery/pkg/util/errors/BUILD
index d13ff2407197..fa2b74a2c868 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/errors/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/errors/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["errors_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/util/errors",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apimachinery/pkg/util/errors/errors.go b/vendor/k8s.io/apimachinery/pkg/util/errors/errors.go
index 26e7eb2082f6..88e937679da3 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/errors/errors.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/errors/errors.go
@@ -21,7 +21,7 @@ import (
 	"fmt"
 )
 
-// MessageCountMap contains occurance for each error message.
+// MessageCountMap contains occurrence for each error message.
 type MessageCountMap map[string]int
 
 // Aggregate represents an object that contains multiple errors, but does not
diff --git a/vendor/k8s.io/apimachinery/pkg/util/framer/BUILD b/vendor/k8s.io/apimachinery/pkg/util/framer/BUILD
index f0b7cdec52a3..3a323b113963 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/framer/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/framer/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["framer_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/util/framer",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apimachinery/pkg/util/httpstream/BUILD b/vendor/k8s.io/apimachinery/pkg/util/httpstream/BUILD
index 94c1d94a2498..5d45073efd66 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/httpstream/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/httpstream/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["httpstream_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/util/httpstream",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/BUILD b/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/BUILD
index 8342083ad9f0..75d6ec0d148a 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/BUILD
@@ -13,8 +13,7 @@ go_test(
         "roundtripper_test.go",
         "upgrade_test.go",
     ],
-    importpath = "k8s.io/apimachinery/pkg/util/httpstream/spdy",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/elazarl/goproxy:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/httpstream:go_default_library",
diff --git a/vendor/k8s.io/apimachinery/pkg/util/intstr/BUILD b/vendor/k8s.io/apimachinery/pkg/util/intstr/BUILD
index 2e3fe6516194..73e62bcde811 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/intstr/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/intstr/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["intstr_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/util/intstr",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/github.com/ghodss/yaml:go_default_library"],
 )
 
@@ -22,11 +21,9 @@ go_library(
     ],
     importpath = "k8s.io/apimachinery/pkg/util/intstr",
     deps = [
-        "//vendor/github.com/go-openapi/spec:go_default_library",
         "//vendor/github.com/gogo/protobuf/proto:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/google/gofuzz:go_default_library",
-        "//vendor/k8s.io/kube-openapi/pkg/common:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/apimachinery/pkg/util/intstr/intstr.go b/vendor/k8s.io/apimachinery/pkg/util/intstr/intstr.go
index 04a77bb6b4bb..231498ca0324 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/intstr/intstr.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/intstr/intstr.go
@@ -24,9 +24,6 @@ import (
 	"strconv"
 	"strings"
 
-	openapi "k8s.io/kube-openapi/pkg/common"
-
-	"github.com/go-openapi/spec"
 	"github.com/golang/glog"
 	"github.com/google/gofuzz"
 )
@@ -120,16 +117,15 @@ func (intstr IntOrString) MarshalJSON() ([]byte, error) {
 	}
 }
 
-func (_ IntOrString) OpenAPIDefinition() openapi.OpenAPIDefinition {
-	return openapi.OpenAPIDefinition{
-		Schema: spec.Schema{
-			SchemaProps: spec.SchemaProps{
-				Type:   []string{"string"},
-				Format: "int-or-string",
-			},
-		},
-	}
-}
+// OpenAPISchemaType is used by the kube-openapi generator when constructing
+// the OpenAPI spec of this type.
+//
+// See: https://github.com/kubernetes/kube-openapi/tree/master/pkg/generators
+func (_ IntOrString) OpenAPISchemaType() []string { return []string{"string"} }
+
+// OpenAPISchemaFormat is used by the kube-openapi generator when constructing
+// the OpenAPI spec of this type.
+func (_ IntOrString) OpenAPISchemaFormat() string { return "int-or-string" }
 
 func (intstr *IntOrString) Fuzz(c fuzz.Continue) {
 	if intstr == nil {
diff --git a/vendor/k8s.io/apimachinery/pkg/util/json/BUILD b/vendor/k8s.io/apimachinery/pkg/util/json/BUILD
index c9b57bcba3f5..c42821fc880d 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/json/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/json/BUILD
@@ -15,8 +15,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["json_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/util/json",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/apimachinery/pkg/util/mergepatch/BUILD b/vendor/k8s.io/apimachinery/pkg/util/mergepatch/BUILD
index 007159566464..0ddf97d1dbaa 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/mergepatch/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/mergepatch/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["util_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/util/mergepatch",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apimachinery/pkg/util/net/BUILD b/vendor/k8s.io/apimachinery/pkg/util/net/BUILD
index d7390ed5c29c..9d0fffb11f3b 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/net/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/net/BUILD
@@ -15,8 +15,7 @@ go_test(
         "port_split_test.go",
         "util_test.go",
     ],
-    importpath = "k8s.io/apimachinery/pkg/util/net",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/github.com/spf13/pflag:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apimachinery/pkg/util/net/http.go b/vendor/k8s.io/apimachinery/pkg/util/net/http.go
index bc2a531b9d24..76eb8b4fa22c 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/net/http.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/net/http.go
@@ -61,6 +61,9 @@ func JoinPreservingTrailingSlash(elem ...string) string {
 // differentiate probable errors in connection behavior between normal "this is
 // disconnected" should use the method.
 func IsProbableEOF(err error) bool {
+	if err == nil {
+		return false
+	}
 	if uerr, ok := err.(*url.Error); ok {
 		err = uerr.Err
 	}
diff --git a/vendor/k8s.io/apimachinery/pkg/util/proxy/BUILD b/vendor/k8s.io/apimachinery/pkg/util/proxy/BUILD
index 368915c2c81c..69e9734cff40 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/proxy/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/proxy/BUILD
@@ -13,8 +13,7 @@ go_test(
         "transport_test.go",
         "upgradeaware_test.go",
     ],
-    importpath = "k8s.io/apimachinery/pkg/util/proxy",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/github.com/stretchr/testify/require:go_default_library",
diff --git a/vendor/k8s.io/apimachinery/pkg/util/rand/BUILD b/vendor/k8s.io/apimachinery/pkg/util/rand/BUILD
index b7769be86e46..27126ab598ed 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/rand/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/rand/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["rand_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/util/rand",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apimachinery/pkg/util/runtime/BUILD b/vendor/k8s.io/apimachinery/pkg/util/runtime/BUILD
index 40892fa783cb..6407b8bd261f 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/runtime/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/runtime/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["runtime_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/util/runtime",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go b/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go
index 442dde7df2c8..d4cec0b884c2 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go
@@ -43,7 +43,7 @@ var PanicHandlers = []func(interface{}){logPanic}
 // TODO: remove this function. We are switching to a world where it's safe for
 // apiserver to panic, since it will be restarted by kubelet. At the beginning
 // of the Kubernetes project, nothing was going to restart apiserver and so
-// catching panics was important. But it's actually much simpler for montoring
+// catching panics was important. But it's actually much simpler for monitoring
 // software if we just exit when an unexpected panic happens.
 func HandleCrash(additionalHandlers ...func(interface{})) {
 	if r := recover(); r != nil {
diff --git a/vendor/k8s.io/apimachinery/pkg/util/sets/BUILD b/vendor/k8s.io/apimachinery/pkg/util/sets/BUILD
index 5a6175ad4fd6..ec2f23476679 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/sets/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/sets/BUILD
@@ -51,8 +51,7 @@ $(location //vendor/k8s.io/code-generator/cmd/set-gen) \
 go_test(
     name = "go_default_test",
     srcs = ["set_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/util/sets",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/apimachinery/pkg/util/strategicpatch/BUILD b/vendor/k8s.io/apimachinery/pkg/util/strategicpatch/BUILD
index e69fe0abb1da..2d6088929e72 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/strategicpatch/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/strategicpatch/BUILD
@@ -13,8 +13,7 @@ go_test(
         "testdata/swagger-merge-item.json",
         "testdata/swagger-precision-item.json",
     ],
-    importpath = "k8s.io/apimachinery/pkg/util/strategicpatch",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/davecgh/go-spew/spew:go_default_library",
         "//vendor/github.com/ghodss/yaml:go_default_library",
diff --git a/vendor/k8s.io/apimachinery/pkg/util/strategicpatch/patch.go b/vendor/k8s.io/apimachinery/pkg/util/strategicpatch/patch.go
index fd08759f3910..2f6ade2beabe 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/strategicpatch/patch.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/strategicpatch/patch.go
@@ -423,7 +423,7 @@ func normalizeElementOrder(patch, serverOnly, patchOrder, serverOrder []interfac
 // scan from the place of last insertion in `right` to the end of `right`,
 // the place is before the first item that is greater than the item we want to insert.
 // example usage: using server-only items as left and patch items as right. We insert server-only items
-// to patch list. We use the order of live object as record for comparision.
+// to patch list. We use the order of live object as record for comparison.
 func mergeSortedSlice(left, right, serverOrder []interface{}, mergeKey string, kind reflect.Kind) []interface{} {
 	// Returns if l is less than r, and if both have been found.
 	// If l and r both present and l is in front of r, l is less than r.
@@ -1322,23 +1322,23 @@ func mergeMap(original, patch map[string]interface{}, schema LookupPatchMeta, me
 		// If they're both maps or lists, recurse into the value.
 		switch originalType.Kind() {
 		case reflect.Map:
-			subschema, patchMeta, err := schema.LookupPatchMetadataForStruct(k)
-			if err != nil {
-				return nil, err
+			subschema, patchMeta, err2 := schema.LookupPatchMetadataForStruct(k)
+			if err2 != nil {
+				return nil, err2
 			}
-			_, patchStrategy, err := extractRetainKeysPatchStrategy(patchMeta.GetPatchStrategies())
-			if err != nil {
-				return nil, err
+			_, patchStrategy, err2 := extractRetainKeysPatchStrategy(patchMeta.GetPatchStrategies())
+			if err2 != nil {
+				return nil, err2
 			}
 			original[k], err = mergeMapHandler(original[k], patchV, subschema, patchStrategy, mergeOptions)
 		case reflect.Slice:
-			subschema, patchMeta, err := schema.LookupPatchMetadataForSlice(k)
-			if err != nil {
-				return nil, err
+			subschema, patchMeta, err2 := schema.LookupPatchMetadataForSlice(k)
+			if err2 != nil {
+				return nil, err2
 			}
-			_, patchStrategy, err := extractRetainKeysPatchStrategy(patchMeta.GetPatchStrategies())
-			if err != nil {
-				return nil, err
+			_, patchStrategy, err2 := extractRetainKeysPatchStrategy(patchMeta.GetPatchStrategies())
+			if err2 != nil {
+				return nil, err2
 			}
 			original[k], err = mergeSliceHandler(original[k], patchV, subschema, patchStrategy, patchMeta.GetPatchMergeKey(), isDeleteList, mergeOptions)
 		default:
@@ -2109,7 +2109,7 @@ func sliceTypeAssertion(original, patch interface{}) ([]interface{}, []interface
 }
 
 // extractRetainKeysPatchStrategy process patch strategy, which is a string may contains multiple
-// patch strategies seperated by ",". It returns a boolean var indicating if it has
+// patch strategies separated by ",". It returns a boolean var indicating if it has
 // retainKeys strategies and a string for the other strategy.
 func extractRetainKeysPatchStrategy(strategies []string) (bool, string, error) {
 	switch len(strategies) {
diff --git a/vendor/k8s.io/apimachinery/pkg/util/validation/BUILD b/vendor/k8s.io/apimachinery/pkg/util/validation/BUILD
index 9680c1fa7b7c..db599cbb7a7d 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/validation/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/validation/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/util/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apimachinery/pkg/util/validation/field/BUILD b/vendor/k8s.io/apimachinery/pkg/util/validation/field/BUILD
index 5508ab94c8e3..fc59dd81cd61 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/validation/field/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/validation/field/BUILD
@@ -12,8 +12,7 @@ go_test(
         "errors_test.go",
         "path_test.go",
     ],
-    importpath = "k8s.io/apimachinery/pkg/util/validation/field",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apimachinery/pkg/util/wait/BUILD b/vendor/k8s.io/apimachinery/pkg/util/wait/BUILD
index 6eca13c02b57..c062f3818dc8 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/wait/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/wait/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["wait_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/util/wait",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apimachinery/pkg/util/waitgroup/BUILD b/vendor/k8s.io/apimachinery/pkg/util/waitgroup/BUILD
index a35c520103b7..6cba6d17611d 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/waitgroup/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/waitgroup/BUILD
@@ -13,8 +13,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["waitgroup_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/util/waitgroup",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/apimachinery/pkg/util/waitgroup/waitgroup.go b/vendor/k8s.io/apimachinery/pkg/util/waitgroup/waitgroup.go
index 488f563407d2..e080a5e92f34 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/waitgroup/waitgroup.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/waitgroup/waitgroup.go
@@ -37,7 +37,7 @@ func (wg *SafeWaitGroup) Add(delta int) error {
 	wg.mu.RLock()
 	defer wg.mu.RUnlock()
 	if wg.wait && delta > 0 {
-		return fmt.Errorf("add with postive delta after Wait is forbidden")
+		return fmt.Errorf("add with positive delta after Wait is forbidden")
 	}
 	wg.wg.Add(delta)
 	return nil
diff --git a/vendor/k8s.io/apimachinery/pkg/util/yaml/BUILD b/vendor/k8s.io/apimachinery/pkg/util/yaml/BUILD
index e660edfe7cb8..596ea292a9f7 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/yaml/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/util/yaml/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["decoder_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/util/yaml",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apimachinery/pkg/util/yaml/decoder.go b/vendor/k8s.io/apimachinery/pkg/util/yaml/decoder.go
index 6ebfaea707d3..3cd85515d433 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/yaml/decoder.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/yaml/decoder.go
@@ -122,12 +122,12 @@ func (d *YAMLDecoder) Read(data []byte) (n int, err error) {
 	if left <= len(data) {
 		copy(data, d.remaining)
 		d.remaining = nil
-		return len(d.remaining), nil
+		return left, nil
 	}
 
 	// caller will need to reread
-	copy(data, d.remaining[:left])
-	d.remaining = d.remaining[left:]
+	copy(data, d.remaining[:len(data)])
+	d.remaining = d.remaining[len(data):]
 	return len(data), io.ErrShortBuffer
 }
 
diff --git a/vendor/k8s.io/apimachinery/pkg/watch/BUILD b/vendor/k8s.io/apimachinery/pkg/watch/BUILD
index 3e850d2dda07..3106af8f1f5b 100644
--- a/vendor/k8s.io/apimachinery/pkg/watch/BUILD
+++ b/vendor/k8s.io/apimachinery/pkg/watch/BUILD
@@ -36,7 +36,6 @@ go_test(
         "streamwatcher_test.go",
         "watch_test.go",
     ],
-    importpath = "k8s.io/apimachinery/pkg/watch_test",
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
@@ -48,8 +47,7 @@ go_test(
 go_test(
     name = "go_default_test",
     srcs = ["until_test.go"],
-    importpath = "k8s.io/apimachinery/pkg/watch",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
diff --git a/vendor/k8s.io/apimachinery/pkg/watch/zz_generated.deepcopy.go b/vendor/k8s.io/apimachinery/pkg/watch/zz_generated.deepcopy.go
index 738d0a29cbb1..b1b19d118c2d 100644
--- a/vendor/k8s.io/apimachinery/pkg/watch/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apimachinery/pkg/watch/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package watch
 
diff --git a/vendor/k8s.io/apimachinery/third_party/forked/golang/json/BUILD b/vendor/k8s.io/apimachinery/third_party/forked/golang/json/BUILD
index 4c20d9771d1d..7ece664d068d 100644
--- a/vendor/k8s.io/apimachinery/third_party/forked/golang/json/BUILD
+++ b/vendor/k8s.io/apimachinery/third_party/forked/golang/json/BUILD
@@ -15,8 +15,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["fields_test.go"],
-    importpath = "k8s.io/apimachinery/third_party/forked/golang/json",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/apimachinery/third_party/forked/golang/reflect/BUILD b/vendor/k8s.io/apimachinery/third_party/forked/golang/reflect/BUILD
index 9f09628b6272..22c8ec04949e 100644
--- a/vendor/k8s.io/apimachinery/third_party/forked/golang/reflect/BUILD
+++ b/vendor/k8s.io/apimachinery/third_party/forked/golang/reflect/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["deep_equal_test.go"],
-    importpath = "k8s.io/apimachinery/third_party/forked/golang/reflect",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apiserver/pkg/admission/BUILD b/vendor/k8s.io/apiserver/pkg/admission/BUILD
index dfa5778af2b0..78aed4c7ea9c 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/admission/BUILD
@@ -14,8 +14,7 @@ go_test(
         "errors_test.go",
         "handler_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/admission",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
@@ -32,6 +31,7 @@ go_library(
         "attributes.go",
         "chain.go",
         "config.go",
+        "decorator.go",
         "errors.go",
         "handler.go",
         "interfaces.go",
diff --git a/vendor/k8s.io/apiserver/pkg/admission/config.go b/vendor/k8s.io/apiserver/pkg/admission/config.go
index 64eb9fb5d434..f59d0608bced 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/config.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/config.go
@@ -17,6 +17,7 @@ limitations under the License.
 package admission
 
 import (
+	"bytes"
 	"fmt"
 	"io"
 	"io/ioutil"
@@ -27,10 +28,7 @@ import (
 	"github.com/ghodss/yaml"
 	"github.com/golang/glog"
 
-	"bytes"
-
 	"k8s.io/apimachinery/pkg/runtime"
-	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/runtime/serializer"
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/apiserver/pkg/apis/apiserver"
@@ -157,8 +155,8 @@ func GetAdmissionPluginConfigurationFor(pluginCfg apiserver.AdmissionPluginConfi
 	return nil, nil
 }
 
-// GetAdmissionPluginConfiguration takes the admission configuration and returns a reader
-// for the specified plugin.  If no specific configuration is present, we return a nil reader.
+// ConfigFor returns a reader for the specified plugin.
+// If no specific configuration is present, we return a nil reader.
 func (p configProvider) ConfigFor(pluginName string) (io.Reader, error) {
 	// there is no config, so there is no potential config
 	if p.config == nil {
@@ -178,26 +176,3 @@ func (p configProvider) ConfigFor(pluginName string) (io.Reader, error) {
 	// there is no registered config that matches on plugin name.
 	return nil, nil
 }
-
-// writeYAML writes the specified object to a byte array as yaml.
-func writeYAML(obj runtime.Object, scheme *runtime.Scheme) ([]byte, error) {
-	gvks, _, err := scheme.ObjectKinds(obj)
-	if err != nil {
-		return nil, err
-	}
-	gvs := []schema.GroupVersion{}
-	for _, gvk := range gvks {
-		gvs = append(gvs, gvk.GroupVersion())
-	}
-	codecs := serializer.NewCodecFactory(scheme)
-	json, err := runtime.Encode(codecs.LegacyCodec(gvs...), obj)
-	if err != nil {
-		return nil, err
-	}
-
-	content, err := yaml.JSONToYAML(json)
-	if err != nil {
-		return nil, err
-	}
-	return content, err
-}
diff --git a/vendor/k8s.io/apiserver/pkg/admission/configuration/BUILD b/vendor/k8s.io/apiserver/pkg/admission/configuration/BUILD
index d6d2f3ee199d..95d8f6545a57 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/configuration/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/admission/configuration/BUILD
@@ -14,16 +14,18 @@ go_test(
         "mutating_webhook_manager_test.go",
         "validating_webhook_manager_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/admission/configuration",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/admissionregistration/v1alpha1:go_default_library",
         "//vendor/k8s.io/api/admissionregistration/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
+        "//vendor/k8s.io/client-go/listers/admissionregistration/v1beta1:go_default_library",
+        "//vendor/k8s.io/client-go/tools/cache:go_default_library",
     ],
 )
 
@@ -42,8 +44,13 @@ go_library(
         "//vendor/k8s.io/api/admissionregistration/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
+        "//vendor/k8s.io/client-go/informers/admissionregistration/v1beta1:go_default_library",
+        "//vendor/k8s.io/client-go/listers/admissionregistration/v1beta1:go_default_library",
+        "//vendor/k8s.io/client-go/tools/cache:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/apiserver/pkg/admission/configuration/mutating_webhook_manager.go b/vendor/k8s.io/apiserver/pkg/admission/configuration/mutating_webhook_manager.go
index bf4d0eabf986..3c0990699a45 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/configuration/mutating_webhook_manager.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/configuration/mutating_webhook_manager.go
@@ -18,84 +18,70 @@ package configuration
 
 import (
 	"fmt"
-	"reflect"
 	"sort"
-
-	"github.com/golang/glog"
+	"sync/atomic"
 
 	"k8s.io/api/admissionregistration/v1beta1"
-	"k8s.io/apimachinery/pkg/api/errors"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/labels"
+	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
+	admissionregistrationinformers "k8s.io/client-go/informers/admissionregistration/v1beta1"
+	admissionregistrationlisters "k8s.io/client-go/listers/admissionregistration/v1beta1"
+	"k8s.io/client-go/tools/cache"
 )
 
-type MutatingWebhookConfigurationLister interface {
-	List(opts metav1.ListOptions) (*v1beta1.MutatingWebhookConfigurationList, error)
-}
-
 // MutatingWebhookConfigurationManager collects the mutating webhook objects so that they can be called.
 type MutatingWebhookConfigurationManager struct {
-	*poller
+	configuration *atomic.Value
+	lister        admissionregistrationlisters.MutatingWebhookConfigurationLister
 }
 
-func NewMutatingWebhookConfigurationManager(c MutatingWebhookConfigurationLister) *MutatingWebhookConfigurationManager {
-	getFn := func() (runtime.Object, error) {
-		list, err := c.List(metav1.ListOptions{})
-		if err != nil {
-			if errors.IsNotFound(err) || errors.IsForbidden(err) {
-				glog.V(5).Infof("MutatingWebhookConfiguration are disabled due to an error: %v", err)
-				return nil, ErrDisabled
-			}
-			return nil, err
-		}
-		return mergeMutatingWebhookConfigurations(list), nil
+func NewMutatingWebhookConfigurationManager(informer admissionregistrationinformers.MutatingWebhookConfigurationInformer) *MutatingWebhookConfigurationManager {
+	manager := &MutatingWebhookConfigurationManager{
+		configuration: &atomic.Value{},
+		lister:        informer.Lister(),
 	}
 
-	return &MutatingWebhookConfigurationManager{
-		newPoller(getFn),
-	}
+	// Start with an empty list
+	manager.configuration.Store(&v1beta1.MutatingWebhookConfiguration{})
+
+	// On any change, rebuild the config
+	informer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
+		AddFunc:    func(_ interface{}) { manager.updateConfiguration() },
+		UpdateFunc: func(_, _ interface{}) { manager.updateConfiguration() },
+		DeleteFunc: func(_ interface{}) { manager.updateConfiguration() },
+	})
+
+	return manager
 }
 
 // Webhooks returns the merged MutatingWebhookConfiguration.
-func (im *MutatingWebhookConfigurationManager) Webhooks() (*v1beta1.MutatingWebhookConfiguration, error) {
-	configuration, err := im.poller.configuration()
-	if err != nil {
-		return nil, err
-	}
-	mutatingWebhookConfiguration, ok := configuration.(*v1beta1.MutatingWebhookConfiguration)
-	if !ok {
-		return nil, fmt.Errorf("expected type %v, got type %v", reflect.TypeOf(mutatingWebhookConfiguration), reflect.TypeOf(configuration))
-	}
-	return mutatingWebhookConfiguration, nil
+func (m *MutatingWebhookConfigurationManager) Webhooks() *v1beta1.MutatingWebhookConfiguration {
+	return m.configuration.Load().(*v1beta1.MutatingWebhookConfiguration)
 }
 
-func (im *MutatingWebhookConfigurationManager) Run(stopCh <-chan struct{}) {
-	im.poller.Run(stopCh)
+func (m *MutatingWebhookConfigurationManager) updateConfiguration() {
+	configurations, err := m.lister.List(labels.Everything())
+	if err != nil {
+		utilruntime.HandleError(fmt.Errorf("error updating configuration: %v", err))
+		return
+	}
+	m.configuration.Store(mergeMutatingWebhookConfigurations(configurations))
 }
 
-func mergeMutatingWebhookConfigurations(
-	list *v1beta1.MutatingWebhookConfigurationList,
-) *v1beta1.MutatingWebhookConfiguration {
-	configurations := append([]v1beta1.MutatingWebhookConfiguration{}, list.Items...)
+func mergeMutatingWebhookConfigurations(configurations []*v1beta1.MutatingWebhookConfiguration) *v1beta1.MutatingWebhookConfiguration {
 	var ret v1beta1.MutatingWebhookConfiguration
 	// The internal order of webhooks for each configuration is provided by the user
 	// but configurations themselves can be in any order. As we are going to run these
 	// webhooks in serial, they are sorted here to have a deterministic order.
-	sort.Sort(byName(configurations))
+	sort.SliceStable(configurations, MutatingWebhookConfigurationSorter(configurations).ByName)
 	for _, c := range configurations {
 		ret.Webhooks = append(ret.Webhooks, c.Webhooks...)
 	}
 	return &ret
 }
 
-// byName sorts MutatingWebhookConfiguration by name. These objects are all in
-// cluster namespace (aka no namespace) thus they all have unique names.
-type byName []v1beta1.MutatingWebhookConfiguration
-
-func (x byName) Len() int { return len(x) }
-
-func (x byName) Swap(i, j int) { x[i], x[j] = x[j], x[i] }
+type MutatingWebhookConfigurationSorter []*v1beta1.MutatingWebhookConfiguration
 
-func (x byName) Less(i, j int) bool {
-	return x[i].ObjectMeta.Name < x[j].ObjectMeta.Name
+func (a MutatingWebhookConfigurationSorter) ByName(i, j int) bool {
+	return a[i].Name < a[j].Name
 }
diff --git a/vendor/k8s.io/apiserver/pkg/admission/configuration/validating_webhook_manager.go b/vendor/k8s.io/apiserver/pkg/admission/configuration/validating_webhook_manager.go
index 8f9fd34daae3..33644f57fed2 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/configuration/validating_webhook_manager.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/configuration/validating_webhook_manager.go
@@ -18,67 +18,69 @@ package configuration
 
 import (
 	"fmt"
-	"reflect"
-
-	"github.com/golang/glog"
+	"sort"
+	"sync/atomic"
 
 	"k8s.io/api/admissionregistration/v1beta1"
-	"k8s.io/apimachinery/pkg/api/errors"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/labels"
+	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
+	admissionregistrationinformers "k8s.io/client-go/informers/admissionregistration/v1beta1"
+	admissionregistrationlisters "k8s.io/client-go/listers/admissionregistration/v1beta1"
+	"k8s.io/client-go/tools/cache"
 )
 
-type ValidatingWebhookConfigurationLister interface {
-	List(opts metav1.ListOptions) (*v1beta1.ValidatingWebhookConfigurationList, error)
-}
-
 // ValidatingWebhookConfigurationManager collects the validating webhook objects so that they can be called.
 type ValidatingWebhookConfigurationManager struct {
-	*poller
+	configuration *atomic.Value
+	lister        admissionregistrationlisters.ValidatingWebhookConfigurationLister
 }
 
-func NewValidatingWebhookConfigurationManager(c ValidatingWebhookConfigurationLister) *ValidatingWebhookConfigurationManager {
-	getFn := func() (runtime.Object, error) {
-		list, err := c.List(metav1.ListOptions{})
-		if err != nil {
-			if errors.IsNotFound(err) || errors.IsForbidden(err) {
-				glog.V(5).Infof("ValidatingWebhookConfiguration are disabled due to an error: %v", err)
-				return nil, ErrDisabled
-			}
-			return nil, err
-		}
-		return mergeValidatingWebhookConfigurations(list), nil
+func NewValidatingWebhookConfigurationManager(informer admissionregistrationinformers.ValidatingWebhookConfigurationInformer) *ValidatingWebhookConfigurationManager {
+	manager := &ValidatingWebhookConfigurationManager{
+		configuration: &atomic.Value{},
+		lister:        informer.Lister(),
 	}
 
-	return &ValidatingWebhookConfigurationManager{
-		newPoller(getFn),
-	}
+	// Start with an empty list
+	manager.configuration.Store(&v1beta1.ValidatingWebhookConfiguration{})
+
+	// On any change, rebuild the config
+	informer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
+		AddFunc:    func(_ interface{}) { manager.updateConfiguration() },
+		UpdateFunc: func(_, _ interface{}) { manager.updateConfiguration() },
+		DeleteFunc: func(_ interface{}) { manager.updateConfiguration() },
+	})
+
+	return manager
 }
 
 // Webhooks returns the merged ValidatingWebhookConfiguration.
-func (im *ValidatingWebhookConfigurationManager) Webhooks() (*v1beta1.ValidatingWebhookConfiguration, error) {
-	configuration, err := im.poller.configuration()
-	if err != nil {
-		return nil, err
-	}
-	validatingWebhookConfiguration, ok := configuration.(*v1beta1.ValidatingWebhookConfiguration)
-	if !ok {
-		return nil, fmt.Errorf("expected type %v, got type %v", reflect.TypeOf(validatingWebhookConfiguration), reflect.TypeOf(configuration))
-	}
-	return validatingWebhookConfiguration, nil
+func (v *ValidatingWebhookConfigurationManager) Webhooks() *v1beta1.ValidatingWebhookConfiguration {
+	return v.configuration.Load().(*v1beta1.ValidatingWebhookConfiguration)
 }
 
-func (im *ValidatingWebhookConfigurationManager) Run(stopCh <-chan struct{}) {
-	im.poller.Run(stopCh)
+func (v *ValidatingWebhookConfigurationManager) updateConfiguration() {
+	configurations, err := v.lister.List(labels.Everything())
+	if err != nil {
+		utilruntime.HandleError(fmt.Errorf("error updating configuration: %v", err))
+		return
+	}
+	v.configuration.Store(mergeValidatingWebhookConfigurations(configurations))
 }
 
 func mergeValidatingWebhookConfigurations(
-	list *v1beta1.ValidatingWebhookConfigurationList,
+	configurations []*v1beta1.ValidatingWebhookConfiguration,
 ) *v1beta1.ValidatingWebhookConfiguration {
-	configurations := list.Items
+	sort.SliceStable(configurations, ValidatingWebhookConfigurationSorter(configurations).ByName)
 	var ret v1beta1.ValidatingWebhookConfiguration
 	for _, c := range configurations {
 		ret.Webhooks = append(ret.Webhooks, c.Webhooks...)
 	}
 	return &ret
 }
+
+type ValidatingWebhookConfigurationSorter []*v1beta1.ValidatingWebhookConfiguration
+
+func (a ValidatingWebhookConfigurationSorter) ByName(i, j int) bool {
+	return a[i].Name < a[j].Name
+}
diff --git a/vendor/k8s.io/apiserver/pkg/admission/decorator.go b/vendor/k8s.io/apiserver/pkg/admission/decorator.go
new file mode 100644
index 000000000000..a4b0b28b5524
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/admission/decorator.go
@@ -0,0 +1,39 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package admission
+
+type Decorator interface {
+	Decorate(handler Interface, name string) Interface
+}
+
+type DecoratorFunc func(handler Interface, name string) Interface
+
+func (d DecoratorFunc) Decorate(handler Interface, name string) Interface {
+	return d(handler, name)
+}
+
+type Decorators []Decorator
+
+// Decorate applies the decorator in inside-out order, i.e. the first decorator in the slice is first applied to the given handler.
+func (d Decorators) Decorate(handler Interface, name string) Interface {
+	result := handler
+	for _, d := range d {
+		result = d.Decorate(result, name)
+	}
+
+	return result
+}
diff --git a/vendor/k8s.io/apiserver/pkg/admission/initializer/BUILD b/vendor/k8s.io/apiserver/pkg/admission/initializer/BUILD
index 6884d643a4e2..a5fcdf48b9ae 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/initializer/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/admission/initializer/BUILD
@@ -25,7 +25,6 @@ go_library(
 go_test(
     name = "go_default_xtest",
     srcs = ["initializer_test.go"],
-    importpath = "k8s.io/apiserver/pkg/admission/initializer_test",
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/admission/metrics/BUILD b/vendor/k8s.io/apiserver/pkg/admission/metrics/BUILD
index 32feb2f9f246..84a134927983 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/metrics/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/admission/metrics/BUILD
@@ -17,8 +17,7 @@ go_test(
         "metrics_test.go",
         "testutil_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/admission/metrics",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/prometheus/client_golang/prometheus:go_default_library",
         "//vendor/github.com/prometheus/client_model/go:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/initialization/BUILD b/vendor/k8s.io/apiserver/pkg/admission/plugin/initialization/BUILD
index 6479a44881cf..06596dc93a44 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/initialization/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/initialization/BUILD
@@ -46,8 +46,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["initialization_test.go"],
-    importpath = "k8s.io/apiserver/pkg/admission/plugin/initialization",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/admissionregistration/v1alpha1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/BUILD b/vendor/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/BUILD
index 1c821c23cc06..8fec752b0554 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/BUILD
@@ -30,8 +30,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/admission.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/admission.go
index 158f41642761..81c24f6a5a68 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/admission.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/admission.go
@@ -69,22 +69,9 @@ type Lifecycle struct {
 	forceLiveLookupCache *utilcache.LRUExpireCache
 }
 
-type forceLiveLookupEntry struct {
-	expiry time.Time
-}
-
 var _ = initializer.WantsExternalKubeInformerFactory(&Lifecycle{})
 var _ = initializer.WantsExternalKubeClientSet(&Lifecycle{})
 
-func makeNamespaceKey(namespace string) *v1.Namespace {
-	return &v1.Namespace{
-		ObjectMeta: metav1.ObjectMeta{
-			Name:      namespace,
-			Namespace: "",
-		},
-	}
-}
-
 func (l *Lifecycle) Admit(a admission.Attributes) error {
 	// prevent deletion of immortal namespaces
 	if a.GetOperation() == admission.Delete && a.GetKind().GroupKind() == v1.SchemeGroupVersion.WithKind("Namespace").GroupKind() && l.immortalNamespaces.Has(a.GetName()) {
@@ -182,7 +169,7 @@ func (l *Lifecycle) Admit(a admission.Attributes) error {
 		}
 
 		// TODO: This should probably not be a 403
-		return admission.NewForbidden(a, fmt.Errorf("unable to create new content in namespace %s because it is being terminated.", a.GetNamespace()))
+		return admission.NewForbidden(a, fmt.Errorf("unable to create new content in namespace %s because it is being terminated", a.GetNamespace()))
 	}
 
 	return nil
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/BUILD b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/BUILD
index 76c2fd3dcade..24b372cf746d 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/BUILD
@@ -12,6 +12,7 @@ go_library(
     visibility = ["//visibility:public"],
     deps = [
         "//vendor/github.com/hashicorp/golang-lru:go_default_library",
+        "//vendor/k8s.io/api/admission/v1beta1:go_default_library",
         "//vendor/k8s.io/api/admissionregistration/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library",
@@ -32,8 +33,7 @@ go_test(
         "authentication_test.go",
         "serviceresolver_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/admission/plugin/webhook/config",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/diff:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1alpha1/zz_generated.conversion.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1alpha1/zz_generated.conversion.go
index d7e35ffed5e3..190d47744bcc 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1alpha1/zz_generated.conversion.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1alpha1/zz_generated.conversion.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1alpha1/zz_generated.deepcopy.go
index c9ef335c7005..f89cef9d3dae 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1alpha1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1alpha1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1alpha1
 
@@ -45,7 +45,6 @@ func (in *WebhookAdmission) DeepCopy() *WebhookAdmission {
 func (in *WebhookAdmission) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1alpha1/zz_generated.defaults.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1alpha1/zz_generated.defaults.go
index 5e24d22cacd1..2bd0078a37ef 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1alpha1/zz_generated.defaults.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1alpha1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/zz_generated.deepcopy.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/zz_generated.deepcopy.go
index 890594a7d57a..4ec1eade1535 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package webhookadmission
 
@@ -45,7 +45,6 @@ func (in *WebhookAdmission) DeepCopy() *WebhookAdmission {
 func (in *WebhookAdmission) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/client.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/client.go
index 808ef944ffe5..bfc9bbd7f552 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/client.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/client.go
@@ -24,8 +24,10 @@ import (
 	"net/url"
 
 	lru "github.com/hashicorp/golang-lru"
+	admissionv1beta1 "k8s.io/api/admission/v1beta1"
 	"k8s.io/api/admissionregistration/v1beta1"
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/serializer"
 	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 	webhookerrors "k8s.io/apiserver/pkg/admission/plugin/webhook/errors"
 	"k8s.io/client-go/rest"
@@ -54,8 +56,13 @@ func NewClientManager() (ClientManager, error) {
 	if err != nil {
 		return ClientManager{}, err
 	}
+	admissionScheme := runtime.NewScheme()
+	admissionv1beta1.AddToScheme(admissionScheme)
 	return ClientManager{
 		cache: cache,
+		negotiatedSerializer: serializer.NegotiatedSerializerWrapper(runtime.SerializerInfo{
+			Serializer: serializer.NewCodecFactory(admissionScheme).LegacyCodec(admissionv1beta1.SchemeGroupVersion),
+		}),
 	}, nil
 }
 
@@ -79,11 +86,6 @@ func (cm *ClientManager) SetServiceResolver(sr ServiceResolver) {
 	}
 }
 
-// SetNegotiatedSerializer sets the NegotiatedSerializer.
-func (cm *ClientManager) SetNegotiatedSerializer(n runtime.NegotiatedSerializer) {
-	cm.negotiatedSerializer = n
-}
-
 // Validate checks if ClientManager is properly set up.
 func (cm *ClientManager) Validate() error {
 	var errs []error
@@ -168,7 +170,7 @@ func (cm *ClientManager) HookClient(h *v1beta1.Webhook) (*rest.RESTClient, error
 	}
 
 	cfg := rest.CopyConfig(restConfig)
-	cfg.Host = u.Host
+	cfg.Host = u.Scheme + "://" + u.Host
 	cfg.APIPath = u.Path
 
 	return complete(cfg)
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/errors/BUILD b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/errors/BUILD
index 288007238431..eabd499e1db4 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/errors/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/errors/BUILD
@@ -18,8 +18,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["statuserror_test.go"],
-    importpath = "k8s.io/apiserver/pkg/admission/plugin/webhook/errors",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/initializer/BUILD b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/initializer/BUILD
index 14fa71007c7a..e09f051d9540 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/initializer/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/initializer/BUILD
@@ -14,8 +14,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["initializer_test.go"],
-    importpath = "k8s.io/apiserver/pkg/admission/plugin/webhook/initializer",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/initializer/initializer.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/initializer/initializer.go
index 398200b92cae..7367cff4691c 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/initializer/initializer.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/initializer/initializer.go
@@ -23,7 +23,7 @@ import (
 	webhookconfig "k8s.io/apiserver/pkg/admission/plugin/webhook/config"
 )
 
-// WantsServiceResolver defines a fuction that accepts a ServiceResolver for
+// WantsServiceResolver defines a function that accepts a ServiceResolver for
 // admission plugins that need to make calls to services.
 type WantsServiceResolver interface {
 	SetServiceResolver(webhookconfig.ServiceResolver)
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/BUILD b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/BUILD
index d94dc0f6b005..36f81528cbec 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/BUILD
@@ -14,12 +14,9 @@ go_library(
         "//vendor/k8s.io/api/admission/v1beta1:go_default_library",
         "//vendor/k8s.io/api/admissionregistration/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/serializer/json:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission/configuration:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission/initializer:go_default_library",
@@ -38,8 +35,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/apiserver/pkg/admission/plugin/webhook/mutating",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/admission/v1beta1:go_default_library",
         "//vendor/k8s.io/api/admissionregistration/v1beta1:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/admission.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/admission.go
index 6d62a36f6291..57f82d4d5ae8 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/admission.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating/admission.go
@@ -30,12 +30,9 @@ import (
 	admissionv1beta1 "k8s.io/api/admission/v1beta1"
 	"k8s.io/api/admissionregistration/v1beta1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
-	"k8s.io/apimachinery/pkg/runtime/serializer"
 	"k8s.io/apimachinery/pkg/runtime/serializer/json"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
-	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/apiserver/pkg/admission"
 	"k8s.io/apiserver/pkg/admission/configuration"
 	genericadmissioninit "k8s.io/apiserver/pkg/admission/initializer"
@@ -69,8 +66,7 @@ func Register(plugins *admission.Plugins) {
 
 // WebhookSource can list dynamic webhook plugins.
 type WebhookSource interface {
-	Run(stopCh <-chan struct{})
-	Webhooks() (*v1beta1.MutatingWebhookConfiguration, error)
+	Webhooks() *v1beta1.MutatingWebhookConfiguration
 }
 
 // NewMutatingWebhook returns a generic admission webhook plugin.
@@ -134,9 +130,6 @@ func (a *MutatingWebhook) SetServiceResolver(sr config.ServiceResolver) {
 // SetScheme sets a serializer(NegotiatedSerializer) which is derived from the scheme
 func (a *MutatingWebhook) SetScheme(scheme *runtime.Scheme) {
 	if scheme != nil {
-		a.clientManager.SetNegotiatedSerializer(serializer.NegotiatedSerializerWrapper(runtime.SerializerInfo{
-			Serializer: serializer.NewCodecFactory(scheme).LegacyCodec(admissionv1beta1.SchemeGroupVersion),
-		}))
 		a.convertor.Scheme = scheme
 		a.defaulter = scheme
 		a.jsonSerializer = json.NewSerializer(json.DefaultMetaFactory, scheme, scheme, false)
@@ -146,14 +139,17 @@ func (a *MutatingWebhook) SetScheme(scheme *runtime.Scheme) {
 // WantsExternalKubeClientSet defines a function which sets external ClientSet for admission plugins that need it
 func (a *MutatingWebhook) SetExternalKubeClientSet(client clientset.Interface) {
 	a.namespaceMatcher.Client = client
-	a.hookSource = configuration.NewMutatingWebhookConfigurationManager(client.AdmissionregistrationV1beta1().MutatingWebhookConfigurations())
 }
 
 // SetExternalKubeInformerFactory implements the WantsExternalKubeInformerFactory interface.
 func (a *MutatingWebhook) SetExternalKubeInformerFactory(f informers.SharedInformerFactory) {
 	namespaceInformer := f.Core().V1().Namespaces()
 	a.namespaceMatcher.NamespaceLister = namespaceInformer.Lister()
-	a.SetReadyFunc(namespaceInformer.Informer().HasSynced)
+	mutatingWebhookConfigurationsInformer := f.Admissionregistration().V1beta1().MutatingWebhookConfigurations()
+	a.hookSource = configuration.NewMutatingWebhookConfigurationManager(mutatingWebhookConfigurationsInformer)
+	a.SetReadyFunc(func() bool {
+		return namespaceInformer.Informer().HasSynced() && mutatingWebhookConfigurationsInformer.Informer().HasSynced()
+	})
 }
 
 // ValidateInitialization implements the InitializationValidator interface.
@@ -176,35 +172,25 @@ func (a *MutatingWebhook) ValidateInitialization() error {
 	if a.defaulter == nil {
 		return fmt.Errorf("MutatingWebhook.defaulter is not properly setup")
 	}
-	go a.hookSource.Run(wait.NeverStop)
 	return nil
 }
 
-func (a *MutatingWebhook) loadConfiguration(attr admission.Attributes) (*v1beta1.MutatingWebhookConfiguration, error) {
-	hookConfig, err := a.hookSource.Webhooks()
-	// if Webhook configuration is disabled, fail open
-	if err == configuration.ErrDisabled {
-		return &v1beta1.MutatingWebhookConfiguration{}, nil
-	}
-	if err != nil {
-		e := apierrors.NewServerTimeout(attr.GetResource().GroupResource(), string(attr.GetOperation()), 1)
-		e.ErrStatus.Message = fmt.Sprintf("Unable to refresh the Webhook configuration: %v", err)
-		e.ErrStatus.Reason = "LoadingConfiguration"
-		e.ErrStatus.Details.Causes = append(e.ErrStatus.Details.Causes, metav1.StatusCause{
-			Type:    "MutatingWebhookConfigurationFailure",
-			Message: "An error has occurred while refreshing the MutatingWebhook configuration, no resources can be created/updated/deleted/connected until a refresh succeeds.",
-		})
-		return nil, e
-	}
-	return hookConfig, nil
+func (a *MutatingWebhook) loadConfiguration(attr admission.Attributes) *v1beta1.MutatingWebhookConfiguration {
+	hookConfig := a.hookSource.Webhooks()
+	return hookConfig
 }
 
 // Admit makes an admission decision based on the request attributes.
 func (a *MutatingWebhook) Admit(attr admission.Attributes) error {
-	hookConfig, err := a.loadConfiguration(attr)
-	if err != nil {
-		return err
+	if rules.IsWebhookConfigurationResource(attr) {
+		return nil
+	}
+
+	if !a.WaitForReady() {
+		return admission.NewForbidden(attr, fmt.Errorf("not yet ready to handle request"))
 	}
+
+	hookConfig := a.loadConfiguration(attr)
 	hooks := hookConfig.Webhooks
 	ctx := context.TODO()
 
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/namespace/BUILD b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/namespace/BUILD
index a75286a6886b..3a71df210b20 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/namespace/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/namespace/BUILD
@@ -24,8 +24,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["matcher_test.go"],
-    importpath = "k8s.io/apiserver/pkg/admission/plugin/webhook/namespace",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/admissionregistration/v1beta1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/BUILD b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/BUILD
index 6152811d1368..7328fe3019b7 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/BUILD
@@ -14,8 +14,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["rules_test.go"],
-    importpath = "k8s.io/apiserver/pkg/admission/plugin/webhook/rules",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/admissionregistration/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/rules.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/rules.go
index eb99357569d4..096ab5021d1a 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/rules.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/rules/rules.go
@@ -93,3 +93,15 @@ func (r *Matcher) resource() bool {
 	}
 	return false
 }
+
+// IsWebhookConfigurationResource determines if an admission.Attributes object is describing
+// the admission of a ValidatingWebhookConfiguration or a MutatingWebhookConfiguration
+func IsWebhookConfigurationResource(attr admission.Attributes) bool {
+	gvk := attr.GetKind()
+	if gvk.Group == "admissionregistration.k8s.io" {
+		if gvk.Kind == "ValidatingWebhookConfiguration" || gvk.Kind == "MutatingWebhookConfiguration" {
+			return true
+		}
+	}
+	return false
+}
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/BUILD b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/BUILD
index 7ffd52b6d3dd..01f2f57c7d61 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/BUILD
@@ -13,11 +13,8 @@ go_library(
         "//vendor/k8s.io/api/admission/v1beta1:go_default_library",
         "//vendor/k8s.io/api/admissionregistration/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission/configuration:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission/initializer:go_default_library",
@@ -36,8 +33,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/apiserver/pkg/admission/plugin/webhook/validating",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/admission/v1beta1:go_default_library",
         "//vendor/k8s.io/api/admissionregistration/v1beta1:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/admission.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/admission.go
index f68e46fa5859..d3bcb338963c 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/admission.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/validating/admission.go
@@ -30,11 +30,8 @@ import (
 	admissionv1beta1 "k8s.io/api/admission/v1beta1"
 	"k8s.io/api/admissionregistration/v1beta1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
-	"k8s.io/apimachinery/pkg/runtime/serializer"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
-	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/apiserver/pkg/admission"
 	"k8s.io/apiserver/pkg/admission/configuration"
 	genericadmissioninit "k8s.io/apiserver/pkg/admission/initializer"
@@ -68,8 +65,7 @@ func Register(plugins *admission.Plugins) {
 
 // WebhookSource can list dynamic webhook plugins.
 type WebhookSource interface {
-	Run(stopCh <-chan struct{})
-	Webhooks() (*v1beta1.ValidatingWebhookConfiguration, error)
+	Webhooks() *v1beta1.ValidatingWebhookConfiguration
 }
 
 // NewValidatingAdmissionWebhook returns a generic admission webhook plugin.
@@ -131,9 +127,6 @@ func (a *ValidatingAdmissionWebhook) SetServiceResolver(sr config.ServiceResolve
 // SetScheme sets a serializer(NegotiatedSerializer) which is derived from the scheme
 func (a *ValidatingAdmissionWebhook) SetScheme(scheme *runtime.Scheme) {
 	if scheme != nil {
-		a.clientManager.SetNegotiatedSerializer(serializer.NegotiatedSerializerWrapper(runtime.SerializerInfo{
-			Serializer: serializer.NewCodecFactory(scheme).LegacyCodec(admissionv1beta1.SchemeGroupVersion),
-		}))
 		a.convertor.Scheme = scheme
 	}
 }
@@ -141,20 +134,23 @@ func (a *ValidatingAdmissionWebhook) SetScheme(scheme *runtime.Scheme) {
 // WantsExternalKubeClientSet defines a function which sets external ClientSet for admission plugins that need it
 func (a *ValidatingAdmissionWebhook) SetExternalKubeClientSet(client clientset.Interface) {
 	a.namespaceMatcher.Client = client
-	a.hookSource = configuration.NewValidatingWebhookConfigurationManager(client.AdmissionregistrationV1beta1().ValidatingWebhookConfigurations())
 }
 
 // SetExternalKubeInformerFactory implements the WantsExternalKubeInformerFactory interface.
 func (a *ValidatingAdmissionWebhook) SetExternalKubeInformerFactory(f informers.SharedInformerFactory) {
 	namespaceInformer := f.Core().V1().Namespaces()
 	a.namespaceMatcher.NamespaceLister = namespaceInformer.Lister()
-	a.SetReadyFunc(namespaceInformer.Informer().HasSynced)
+	validatingWebhookConfigurationsInformer := f.Admissionregistration().V1beta1().ValidatingWebhookConfigurations()
+	a.hookSource = configuration.NewValidatingWebhookConfigurationManager(validatingWebhookConfigurationsInformer)
+	a.SetReadyFunc(func() bool {
+		return namespaceInformer.Informer().HasSynced() && validatingWebhookConfigurationsInformer.Informer().HasSynced()
+	})
 }
 
 // ValidateInitialization implements the InitializationValidator interface.
 func (a *ValidatingAdmissionWebhook) ValidateInitialization() error {
 	if a.hookSource == nil {
-		return fmt.Errorf("ValidatingAdmissionWebhook admission plugin requires a Kubernetes client to be provided")
+		return fmt.Errorf("ValidatingAdmissionWebhook admission plugin requires a Kubernetes informer to be provided")
 	}
 	if err := a.namespaceMatcher.Validate(); err != nil {
 		return fmt.Errorf("ValidatingAdmissionWebhook.namespaceMatcher is not properly setup: %v", err)
@@ -165,35 +161,23 @@ func (a *ValidatingAdmissionWebhook) ValidateInitialization() error {
 	if err := a.convertor.Validate(); err != nil {
 		return fmt.Errorf("ValidatingAdmissionWebhook.convertor is not properly setup: %v", err)
 	}
-	go a.hookSource.Run(wait.NeverStop)
 	return nil
 }
 
-func (a *ValidatingAdmissionWebhook) loadConfiguration(attr admission.Attributes) (*v1beta1.ValidatingWebhookConfiguration, error) {
-	hookConfig, err := a.hookSource.Webhooks()
-	// if Webhook configuration is disabled, fail open
-	if err == configuration.ErrDisabled {
-		return &v1beta1.ValidatingWebhookConfiguration{}, nil
-	}
-	if err != nil {
-		e := apierrors.NewServerTimeout(attr.GetResource().GroupResource(), string(attr.GetOperation()), 1)
-		e.ErrStatus.Message = fmt.Sprintf("Unable to refresh the Webhook configuration: %v", err)
-		e.ErrStatus.Reason = "LoadingConfiguration"
-		e.ErrStatus.Details.Causes = append(e.ErrStatus.Details.Causes, metav1.StatusCause{
-			Type:    "ValidatingWebhookConfigurationFailure",
-			Message: "An error has occurred while refreshing the ValidatingWebhook configuration, no resources can be created/updated/deleted/connected until a refresh succeeds.",
-		})
-		return nil, e
-	}
-	return hookConfig, nil
+func (a *ValidatingAdmissionWebhook) loadConfiguration(attr admission.Attributes) *v1beta1.ValidatingWebhookConfiguration {
+	return a.hookSource.Webhooks()
 }
 
 // Validate makes an admission decision based on the request attributes.
 func (a *ValidatingAdmissionWebhook) Validate(attr admission.Attributes) error {
-	hookConfig, err := a.loadConfiguration(attr)
-	if err != nil {
-		return err
+	if rules.IsWebhookConfigurationResource(attr) {
+		return nil
+	}
+
+	if !a.WaitForReady() {
+		return admission.NewForbidden(attr, fmt.Errorf("not yet ready to handle request"))
 	}
+	hookConfig := a.loadConfiguration(attr)
 	hooks := hookConfig.Webhooks
 	ctx := context.TODO()
 
@@ -282,7 +266,7 @@ func (a *ValidatingAdmissionWebhook) Validate(attr admission.Attributes) error {
 	return errs[0]
 }
 
-// TODO: factor into a common place along with the validating webhook version.
+// TODO: factor into a common place along with the mutating webhook version.
 func (a *ValidatingAdmissionWebhook) shouldCallHook(h *v1beta1.Webhook, attr admission.Attributes) (bool, *apierrors.StatusError) {
 	var matches bool
 	for _, r := range h.Rules {
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/versioned/BUILD b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/versioned/BUILD
index 4bd5efbf3839..f3446c1c4893 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/versioned/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/versioned/BUILD
@@ -19,8 +19,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["conversion_test.go"],
-    importpath = "k8s.io/apiserver/pkg/admission/plugin/webhook/versioned",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugins.go b/vendor/k8s.io/apiserver/pkg/admission/plugins.go
index 05e321ffc176..50139780fed5 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugins.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugins.go
@@ -23,6 +23,7 @@ import (
 	"io/ioutil"
 	"reflect"
 	"sort"
+	"strings"
 	"sync"
 
 	"github.com/golang/glog"
@@ -122,8 +123,6 @@ func splitStream(config io.Reader) (io.Reader, io.Reader, error) {
 	return bytes.NewBuffer(configBytes), bytes.NewBuffer(configBytes), nil
 }
 
-type Decorator func(handler Interface, name string) Interface
-
 // NewFromPlugins returns an admission.Interface that will enforce admission control decisions of all
 // the given plugins.
 func (ps *Plugins) NewFromPlugins(pluginNames []string, configProvider ConfigProvider, pluginInitializer PluginInitializer, decorator Decorator) (Interface, error) {
@@ -140,12 +139,15 @@ func (ps *Plugins) NewFromPlugins(pluginNames []string, configProvider ConfigPro
 		}
 		if plugin != nil {
 			if decorator != nil {
-				handlers = append(handlers, decorator(plugin, pluginName))
+				handlers = append(handlers, decorator.Decorate(plugin, pluginName))
 			} else {
 				handlers = append(handlers, plugin)
 			}
 		}
 	}
+	if len(pluginNames) != 0 {
+		glog.Infof("Loaded %d admission controller(s) successfully in the following order: %s.", len(pluginNames), strings.Join(pluginNames, ","))
+	}
 	return chainAdmissionHandler(handlers), nil
 }
 
diff --git a/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.conversion.go b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.conversion.go
index 2e9504c06b0a..3468b998b705 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.conversion.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.conversion.go
@@ -16,15 +16,16 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	unsafe "unsafe"
+
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	apiserver "k8s.io/apiserver/pkg/apis/apiserver"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.deepcopy.go
index d795781ff22e..0bc0606d95df 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1alpha1
 
@@ -52,9 +52,8 @@ func (in *AdmissionConfiguration) DeepCopy() *AdmissionConfiguration {
 func (in *AdmissionConfiguration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.defaults.go b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.defaults.go
index 5e24d22cacd1..2bd0078a37ef 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.defaults.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/apiserver/pkg/apis/apiserver/zz_generated.deepcopy.go b/vendor/k8s.io/apiserver/pkg/apis/apiserver/zz_generated.deepcopy.go
index 431abf61d68f..e6bc8e2c96ae 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/apiserver/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/apiserver/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package apiserver
 
@@ -52,9 +52,8 @@ func (in *AdmissionConfiguration) DeepCopy() *AdmissionConfiguration {
 func (in *AdmissionConfiguration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/install/BUILD b/vendor/k8s.io/apiserver/pkg/apis/audit/install/BUILD
index f6489a534163..2da7015f554a 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/install/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/install/BUILD
@@ -37,8 +37,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["roundtrip_test.go"],
-    importpath = "k8s.io/apiserver/pkg/apis/audit/install",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/api/testing/roundtrip:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/apis/audit/fuzzer:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/types.go b/vendor/k8s.io/apiserver/pkg/apis/audit/types.go
index 2b318d5754d5..d72505d10b9a 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/types.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/types.go
@@ -125,6 +125,14 @@ type Event struct {
 	RequestReceivedTimestamp metav1.MicroTime
 	// Time the request reached current audit stage.
 	StageTimestamp metav1.MicroTime
+
+	// Annotations is an unstructured key value map stored with an audit event that may be set by
+	// plugins invoked in the request serving chain, including authentication, authorization and
+	// admission plugins. Keys should uniquely identify the informing component to avoid name
+	// collisions (e.g. podsecuritypolicy.admission.k8s.io/policy). Values should be short. Annotations
+	// are included in the Metadata level.
+	// +optional
+	Annotations map[string]string
 }
 
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
@@ -226,10 +234,19 @@ type GroupResources struct {
 	// The empty string represents the core API group.
 	// +optional
 	Group string
-	// Resources is a list of resources within the API group. Subresources are
-	// matched using a "/" to indicate the subresource. For example, "pods/log"
-	// would match request to the log subresource of pods. The top level resource
-	// does not match subresources, "pods" doesn't match "pods/log".
+	// Resources is a list of resources this rule applies to.
+	//
+	// For example:
+	// 'pods' matches pods.
+	// 'pods/log' matches the log subresource of pods.
+	// '*' matches all resources and their subresources.
+	// 'pods/*' matches all subresources of pods.
+	// '*/scale' matches all scale subresources.
+	//
+	// If wildcard is present, the validation rule will ensure resources do not
+	// overlap with each other.
+	//
+	// An empty list implies all resources and subresources in this API groups apply.
 	// +optional
 	Resources []string
 	// ResourceNames is a list of resource instance names that the policy matches.
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/BUILD b/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/BUILD
index 04b9b943db9f..b6729cdf9339 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/BUILD
@@ -21,6 +21,7 @@ go_library(
     importpath = "k8s.io/apiserver/pkg/apis/audit/v1alpha1",
     deps = [
         "//vendor/github.com/gogo/protobuf/proto:go_default_library",
+        "//vendor/github.com/gogo/protobuf/sortkeys:go_default_library",
         "//vendor/k8s.io/api/authentication/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/conversion:go_default_library",
@@ -53,8 +54,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["conversion_test.go"],
-    importpath = "k8s.io/apiserver/pkg/apis/audit/v1alpha1",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/generated.pb.go b/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/generated.pb.go
index 12e674bb187d..5f21dfaf2c45 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/generated.pb.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/generated.pb.go
@@ -45,6 +45,8 @@ import k8s_io_apimachinery_pkg_runtime "k8s.io/apimachinery/pkg/runtime"
 
 import k8s_io_apimachinery_pkg_types "k8s.io/apimachinery/pkg/types"
 
+import github_com_gogo_protobuf_sortkeys "github.com/gogo/protobuf/sortkeys"
+
 import strings "strings"
 import reflect "reflect"
 
@@ -240,6 +242,30 @@ func (m *Event) MarshalTo(dAtA []byte) (int, error) {
 		return 0, err
 	}
 	i += n10
+	if len(m.Annotations) > 0 {
+		keysForAnnotations := make([]string, 0, len(m.Annotations))
+		for k := range m.Annotations {
+			keysForAnnotations = append(keysForAnnotations, string(k))
+		}
+		github_com_gogo_protobuf_sortkeys.Strings(keysForAnnotations)
+		for _, k := range keysForAnnotations {
+			dAtA[i] = 0x8a
+			i++
+			dAtA[i] = 0x1
+			i++
+			v := m.Annotations[string(k)]
+			mapSize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + len(v) + sovGenerated(uint64(len(v)))
+			i = encodeVarintGenerated(dAtA, i, uint64(mapSize))
+			dAtA[i] = 0xa
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(len(k)))
+			i += copy(dAtA[i:], k)
+			dAtA[i] = 0x12
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(len(v)))
+			i += copy(dAtA[i:], v)
+		}
+	}
 	return i, nil
 }
 
@@ -670,6 +696,14 @@ func (m *Event) Size() (n int) {
 	n += 1 + l + sovGenerated(uint64(l))
 	l = m.StageTimestamp.Size()
 	n += 2 + l + sovGenerated(uint64(l))
+	if len(m.Annotations) > 0 {
+		for k, v := range m.Annotations {
+			_ = k
+			_ = v
+			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + len(v) + sovGenerated(uint64(len(v)))
+			n += mapEntrySize + 2 + sovGenerated(uint64(mapEntrySize))
+		}
+	}
 	return n
 }
 
@@ -828,6 +862,16 @@ func (this *Event) String() string {
 	if this == nil {
 		return "nil"
 	}
+	keysForAnnotations := make([]string, 0, len(this.Annotations))
+	for k := range this.Annotations {
+		keysForAnnotations = append(keysForAnnotations, k)
+	}
+	github_com_gogo_protobuf_sortkeys.Strings(keysForAnnotations)
+	mapStringForAnnotations := "map[string]string{"
+	for _, k := range keysForAnnotations {
+		mapStringForAnnotations += fmt.Sprintf("%v: %v,", k, this.Annotations[k])
+	}
+	mapStringForAnnotations += "}"
 	s := strings.Join([]string{`&Event{`,
 		`ObjectMeta:` + strings.Replace(strings.Replace(this.ObjectMeta.String(), "ObjectMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
 		`Level:` + fmt.Sprintf("%v", this.Level) + `,`,
@@ -845,6 +889,7 @@ func (this *Event) String() string {
 		`ResponseObject:` + strings.Replace(fmt.Sprintf("%v", this.ResponseObject), "Unknown", "k8s_io_apimachinery_pkg_runtime.Unknown", 1) + `,`,
 		`RequestReceivedTimestamp:` + strings.Replace(strings.Replace(this.RequestReceivedTimestamp.String(), "MicroTime", "k8s_io_apimachinery_pkg_apis_meta_v1.MicroTime", 1), `&`, ``, 1) + `,`,
 		`StageTimestamp:` + strings.Replace(strings.Replace(this.StageTimestamp.String(), "MicroTime", "k8s_io_apimachinery_pkg_apis_meta_v1.MicroTime", 1), `&`, ``, 1) + `,`,
+		`Annotations:` + mapStringForAnnotations + `,`,
 		`}`,
 	}, "")
 	return s
@@ -1454,6 +1499,122 @@ func (m *Event) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 17:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Annotations", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			var keykey uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				keykey |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			var stringLenmapkey uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLenmapkey |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLenmapkey := int(stringLenmapkey)
+			if intStringLenmapkey < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postStringIndexmapkey := iNdEx + intStringLenmapkey
+			if postStringIndexmapkey > l {
+				return io.ErrUnexpectedEOF
+			}
+			mapkey := string(dAtA[iNdEx:postStringIndexmapkey])
+			iNdEx = postStringIndexmapkey
+			if m.Annotations == nil {
+				m.Annotations = make(map[string]string)
+			}
+			if iNdEx < postIndex {
+				var valuekey uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					valuekey |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				var stringLenmapvalue uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					stringLenmapvalue |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				intStringLenmapvalue := int(stringLenmapvalue)
+				if intStringLenmapvalue < 0 {
+					return ErrInvalidLengthGenerated
+				}
+				postStringIndexmapvalue := iNdEx + intStringLenmapvalue
+				if postStringIndexmapvalue > l {
+					return io.ErrUnexpectedEOF
+				}
+				mapvalue := string(dAtA[iNdEx:postStringIndexmapvalue])
+				iNdEx = postStringIndexmapvalue
+				m.Annotations[mapkey] = mapvalue
+			} else {
+				var mapvalue string
+				m.Annotations[mapkey] = mapvalue
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -2621,80 +2782,84 @@ func init() {
 }
 
 var fileDescriptorGenerated = []byte{
-	// 1190 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x56, 0x4f, 0x6f, 0x1b, 0x45,
-	0x14, 0xcf, 0xd6, 0x71, 0x62, 0x4f, 0x1a, 0x27, 0x9d, 0x22, 0xba, 0xca, 0xc1, 0x36, 0x46, 0x42,
-	0x11, 0x84, 0xdd, 0xa4, 0x04, 0x5a, 0x0e, 0x1c, 0x62, 0x15, 0x81, 0xa5, 0x34, 0x84, 0x49, 0x5c,
-	0x89, 0x3f, 0x07, 0xd6, 0xf6, 0x8b, 0xbd, 0xc4, 0xde, 0x5d, 0x66, 0x66, 0x8d, 0x72, 0xe3, 0xc0,
-	0x15, 0x89, 0x3b, 0x1f, 0xa6, 0xe2, 0x80, 0x94, 0x63, 0x8f, 0x3d, 0x59, 0xc4, 0x7c, 0x8b, 0x1c,
-	0x10, 0x9a, 0xd9, 0x99, 0x9d, 0x5d, 0xa7, 0x56, 0x1d, 0x0e, 0xbd, 0xed, 0xbc, 0xf7, 0x7b, 0xbf,
-	0xf7, 0xe6, 0xed, 0xfb, 0x33, 0xe8, 0xeb, 0xf3, 0xc7, 0xcc, 0xf1, 0x43, 0xf7, 0x3c, 0xee, 0x00,
-	0x0d, 0x80, 0x03, 0x73, 0xc7, 0x10, 0xf4, 0x42, 0xea, 0x2a, 0x85, 0x17, 0xf9, 0x0c, 0xe8, 0x18,
-	0xa8, 0x1b, 0x9d, 0xf7, 0xe5, 0xc9, 0xf5, 0xe2, 0x9e, 0xcf, 0xdd, 0xf1, 0x9e, 0x37, 0x8c, 0x06,
-	0xde, 0x9e, 0xdb, 0x87, 0x00, 0xa8, 0xc7, 0xa1, 0xe7, 0x44, 0x34, 0xe4, 0x21, 0xde, 0x4e, 0x2c,
-	0x9d, 0xd4, 0xd2, 0x89, 0xce, 0xfb, 0xf2, 0xe4, 0x48, 0x4b, 0x47, 0x5b, 0x6e, 0x7d, 0xd8, 0xf7,
-	0xf9, 0x20, 0xee, 0x38, 0xdd, 0x70, 0xe4, 0xf6, 0xc3, 0x7e, 0xe8, 0x4a, 0x82, 0x4e, 0x7c, 0x26,
-	0x4f, 0xf2, 0x20, 0xbf, 0x12, 0xe2, 0xad, 0x1d, 0x13, 0x92, 0xeb, 0xc5, 0x7c, 0x00, 0x01, 0xf7,
-	0xbb, 0x1e, 0xf7, 0xc3, 0xc0, 0x1d, 0xdf, 0x08, 0x63, 0x6b, 0xdf, 0xa0, 0x47, 0x5e, 0x77, 0xe0,
-	0x07, 0x40, 0x2f, 0xcc, 0x1d, 0x46, 0xc0, 0xbd, 0x57, 0x59, 0xb9, 0xf3, 0xac, 0x68, 0x1c, 0x70,
-	0x7f, 0x04, 0x37, 0x0c, 0x3e, 0x79, 0x9d, 0x01, 0xeb, 0x0e, 0x60, 0xe4, 0xdd, 0xb0, 0xfb, 0x68,
-	0x9e, 0x5d, 0xcc, 0xfd, 0xa1, 0xeb, 0x07, 0x9c, 0x71, 0x3a, 0x6b, 0xd4, 0xf8, 0x0b, 0xa1, 0xe2,
-	0xe7, 0x63, 0x08, 0x38, 0xfe, 0x01, 0x95, 0xc4, 0x15, 0x7a, 0x1e, 0xf7, 0x6c, 0xab, 0x6e, 0x6d,
-	0xaf, 0x3d, 0xdc, 0x75, 0x4c, 0xde, 0x53, 0x46, 0x93, 0x7a, 0x81, 0x76, 0xc6, 0x7b, 0xce, 0x57,
-	0x9d, 0x1f, 0xa1, 0xcb, 0x9f, 0x02, 0xf7, 0x9a, 0xf8, 0x72, 0x52, 0x5b, 0x9a, 0x4e, 0x6a, 0xc8,
-	0xc8, 0x48, 0xca, 0x8a, 0x77, 0x50, 0x71, 0x08, 0x63, 0x18, 0xda, 0x77, 0xea, 0xd6, 0x76, 0xb9,
-	0xf9, 0xb6, 0x02, 0x17, 0x0f, 0x85, 0xf0, 0x5a, 0x7f, 0x90, 0x04, 0x84, 0xbf, 0x43, 0x65, 0x71,
-	0x5b, 0xc6, 0xbd, 0x51, 0x64, 0x17, 0x64, 0x40, 0xef, 0x2f, 0x16, 0xd0, 0xa9, 0x3f, 0x82, 0xe6,
-	0x3d, 0xc5, 0x5e, 0x3e, 0xd5, 0x24, 0xc4, 0xf0, 0xe1, 0x23, 0xb4, 0x2a, 0x2b, 0xa7, 0xf5, 0xc4,
-	0x5e, 0x96, 0xc1, 0xec, 0x2b, 0xf8, 0xea, 0x41, 0x22, 0xbe, 0x9e, 0xd4, 0xde, 0x99, 0x97, 0x4f,
-	0x7e, 0x11, 0x01, 0x73, 0xda, 0xad, 0x27, 0x44, 0x93, 0x88, 0xab, 0x31, 0xee, 0xf5, 0xc1, 0x2e,
-	0xe6, 0xaf, 0x76, 0x22, 0x84, 0xd7, 0xfa, 0x83, 0x24, 0x20, 0xfc, 0x10, 0x21, 0x0a, 0x3f, 0xc5,
-	0xc0, 0x78, 0x9b, 0xb4, 0xec, 0x15, 0x69, 0x92, 0xa6, 0x8e, 0xa4, 0x1a, 0x92, 0x41, 0xe1, 0x3a,
-	0x5a, 0x1e, 0x03, 0xed, 0xd8, 0xab, 0x12, 0x7d, 0x57, 0xa1, 0x97, 0x9f, 0x01, 0xed, 0x10, 0xa9,
-	0xc1, 0x5f, 0xa2, 0xe5, 0x98, 0x01, 0xb5, 0x4b, 0x32, 0x57, 0xef, 0x65, 0x72, 0xe5, 0xe4, 0x6b,
-	0x5b, 0xe4, 0xa8, 0xcd, 0x80, 0xb6, 0x82, 0xb3, 0xd0, 0x30, 0x09, 0x09, 0x91, 0x0c, 0x78, 0x80,
-	0x36, 0xfd, 0x51, 0x04, 0x94, 0x85, 0x81, 0x28, 0x15, 0xa1, 0xb1, 0xcb, 0xb7, 0x62, 0x7d, 0x6b,
-	0x3a, 0xa9, 0x6d, 0xb6, 0x66, 0x38, 0xc8, 0x0d, 0x56, 0xfc, 0x01, 0x2a, 0xb3, 0x30, 0xa6, 0x5d,
-	0x68, 0x1d, 0x33, 0x1b, 0xd5, 0x0b, 0xdb, 0xe5, 0xe6, 0xba, 0xf8, 0x69, 0x27, 0x5a, 0x48, 0x8c,
-	0x1e, 0x9f, 0xa1, 0x72, 0x28, 0xeb, 0x8a, 0xc0, 0x99, 0xbd, 0x26, 0xe3, 0xf9, 0xd4, 0x59, 0x74,
-	0x34, 0xa8, 0x32, 0x25, 0x70, 0x06, 0x14, 0x82, 0x2e, 0x24, 0x7e, 0x52, 0x21, 0x31, 0xd4, 0x78,
-	0x80, 0x2a, 0x14, 0x58, 0x14, 0x06, 0x0c, 0x4e, 0xb8, 0xc7, 0x63, 0x66, 0xdf, 0x95, 0xce, 0x76,
-	0x16, 0x2b, 0xbf, 0xc4, 0xa6, 0x89, 0xa7, 0x93, 0x5a, 0x85, 0xe4, 0x78, 0xc8, 0x0c, 0x2f, 0xf6,
-	0xd0, 0xba, 0xfa, 0xc5, 0x49, 0x20, 0xf6, 0xba, 0x74, 0xb4, 0x3d, 0xd7, 0x91, 0x1a, 0x01, 0x4e,
-	0x3b, 0x38, 0x0f, 0xc2, 0x9f, 0x83, 0xe6, 0xbd, 0xe9, 0xa4, 0xb6, 0x4e, 0xb2, 0x14, 0x24, 0xcf,
-	0x88, 0x7b, 0xe6, 0x32, 0xca, 0x47, 0xe5, 0x96, 0x3e, 0x72, 0x17, 0x51, 0x4e, 0x66, 0x38, 0xf1,
-	0x6f, 0x16, 0xb2, 0x95, 0x5f, 0x02, 0x5d, 0xf0, 0xc7, 0xd0, 0x4b, 0xfb, 0xce, 0xde, 0x90, 0x0e,
-	0xdd, 0xc5, 0xb2, 0xf7, 0xd4, 0xef, 0xd2, 0x50, 0x76, 0x70, 0x5d, 0x55, 0xa6, 0x4d, 0xe6, 0x10,
-	0x93, 0xb9, 0x2e, 0x71, 0x88, 0x2a, 0xb2, 0xd5, 0x4c, 0x10, 0x9b, 0xff, 0x2f, 0x08, 0xdd, 0xc9,
-	0x95, 0x93, 0x1c, 0x1d, 0x99, 0xa1, 0x6f, 0x3c, 0xb7, 0x50, 0x59, 0xce, 0xd1, 0x43, 0x9f, 0x71,
-	0xfc, 0xfd, 0x8d, 0x59, 0xea, 0x2c, 0xe6, 0x58, 0x58, 0xcb, 0x49, 0xba, 0xa9, 0xfc, 0x96, 0xb4,
-	0x24, 0x33, 0x47, 0x4f, 0x51, 0xd1, 0xe7, 0x30, 0x62, 0xf6, 0x9d, 0x7a, 0x61, 0xe6, 0x4e, 0xaf,
-	0xe9, 0x01, 0x19, 0x61, 0x73, 0x5d, 0x4f, 0xa7, 0x96, 0x60, 0x21, 0x09, 0x59, 0xe3, 0x0f, 0x0b,
-	0x55, 0xbe, 0xa0, 0x61, 0x1c, 0x11, 0x48, 0x5a, 0x8e, 0xe1, 0x77, 0x51, 0xb1, 0x2f, 0x24, 0xf2,
-	0x0e, 0x65, 0x63, 0x97, 0xc0, 0x12, 0x9d, 0x68, 0x61, 0xaa, 0x2d, 0x64, 0x44, 0xaa, 0x85, 0x53,
-	0x1a, 0x62, 0xf4, 0xf8, 0x91, 0x28, 0xf8, 0xe4, 0x70, 0xe4, 0x8d, 0x80, 0xd9, 0x05, 0x69, 0xa0,
-	0xca, 0x38, 0xa3, 0x20, 0x79, 0x5c, 0xe3, 0xd7, 0x02, 0xda, 0x98, 0xe9, 0x60, 0xbc, 0x83, 0x4a,
-	0x1a, 0xa4, 0x22, 0x4c, 0xb3, 0xa6, 0xb9, 0x48, 0x8a, 0xc0, 0x2e, 0x2a, 0x07, 0x82, 0x2a, 0xf2,
-	0xba, 0xa0, 0x36, 0x50, 0xba, 0x23, 0x8e, 0xb4, 0x82, 0x18, 0x8c, 0x98, 0xb8, 0xe2, 0x20, 0x77,
-	0x4f, 0x66, 0xe2, 0x0a, 0x2c, 0x91, 0x1a, 0xdc, 0x44, 0x85, 0xd8, 0xef, 0xa9, 0x0d, 0xb2, 0xab,
-	0x00, 0x85, 0xf6, 0xa2, 0xdb, 0x43, 0x18, 0x8b, 0x5d, 0xe0, 0x45, 0xfe, 0x33, 0xa0, 0xcc, 0x0f,
-	0x03, 0xb5, 0x3e, 0xd2, 0x5d, 0x70, 0x70, 0xdc, 0x52, 0x1a, 0x92, 0x41, 0xe1, 0x03, 0xb4, 0xa1,
-	0xaf, 0xa5, 0x0d, 0x93, 0x25, 0xf2, 0x40, 0x19, 0x6e, 0x90, 0xbc, 0x9a, 0xcc, 0xe2, 0xf1, 0xc7,
-	0x68, 0x8d, 0xc5, 0x9d, 0x34, 0x7d, 0xc9, 0x56, 0xb9, 0xaf, 0xcc, 0xd7, 0x4e, 0x8c, 0x8a, 0x64,
-	0x71, 0x8d, 0x7f, 0x2d, 0xb4, 0x72, 0x1c, 0x0e, 0xfd, 0xee, 0xc5, 0x1b, 0x78, 0x2f, 0x7c, 0x83,
-	0x8a, 0x34, 0x1e, 0x82, 0xae, 0xf3, 0xfd, 0xc5, 0xeb, 0x3c, 0x09, 0x91, 0xc4, 0x43, 0x30, 0x45,
-	0x2b, 0x4e, 0x8c, 0x24, 0x8c, 0xf8, 0x11, 0x42, 0xe1, 0xc8, 0xe7, 0xb2, 0xa9, 0x75, 0x11, 0x3e,
-	0x90, 0x81, 0xa4, 0x52, 0xb3, 0xb5, 0x33, 0xd0, 0xc6, 0x9f, 0x16, 0x42, 0x09, 0xfb, 0x1b, 0x68,
-	0xf4, 0x76, 0xbe, 0xd1, 0x77, 0x6f, 0x9b, 0x80, 0x39, 0x9d, 0xfe, 0xbc, 0xa0, 0xef, 0x20, 0x72,
-	0x62, 0x9e, 0x65, 0xd6, 0x22, 0xcf, 0xb2, 0x1a, 0x2a, 0x8a, 0x37, 0x82, 0x6e, 0xf5, 0xb2, 0x40,
-	0x8a, 0x55, 0xce, 0x48, 0x22, 0xc7, 0x0e, 0x42, 0xe2, 0x43, 0xce, 0x08, 0x9d, 0xda, 0x8a, 0x48,
-	0x6d, 0x3b, 0x95, 0x92, 0x0c, 0x42, 0x10, 0x8a, 0xe7, 0x0b, 0xb3, 0x97, 0x0d, 0xa1, 0x78, 0xd5,
-	0x30, 0x92, 0xc8, 0xb1, 0x9f, 0x1d, 0x30, 0x45, 0x99, 0x89, 0xc7, 0x8b, 0x67, 0x22, 0x3f, 0xd2,
-	0x4c, 0xcb, 0xbf, 0x72, 0x3c, 0x39, 0x08, 0xa5, 0xfd, 0xcf, 0xec, 0x15, 0x13, 0x7b, 0x3a, 0x20,
-	0x18, 0xc9, 0x20, 0xf0, 0x67, 0x68, 0x23, 0x08, 0x03, 0x4d, 0xd5, 0x26, 0x87, 0xcc, 0x5e, 0x95,
-	0x46, 0xf7, 0x45, 0x13, 0x1e, 0xe5, 0x55, 0x64, 0x16, 0x3b, 0x53, 0x85, 0xa5, 0x85, 0xab, 0xb0,
-	0xe9, 0x5c, 0x5e, 0x55, 0x97, 0x5e, 0x5c, 0x55, 0x97, 0x5e, 0x5e, 0x55, 0x97, 0x7e, 0x99, 0x56,
-	0xad, 0xcb, 0x69, 0xd5, 0x7a, 0x31, 0xad, 0x5a, 0x2f, 0xa7, 0x55, 0xeb, 0xef, 0x69, 0xd5, 0xfa,
-	0xfd, 0x9f, 0xea, 0xd2, 0xb7, 0x25, 0x9d, 0x84, 0xff, 0x02, 0x00, 0x00, 0xff, 0xff, 0x55, 0x14,
-	0x18, 0x3e, 0x94, 0x0d, 0x00, 0x00,
+	// 1258 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x56, 0xcf, 0x6f, 0x1b, 0xc5,
+	0x17, 0xcf, 0xd6, 0x71, 0x63, 0x8f, 0x1b, 0xc7, 0x99, 0x56, 0xdf, 0xae, 0x72, 0xb0, 0xfd, 0x35,
+	0x12, 0xb2, 0x20, 0xec, 0x26, 0x21, 0xd0, 0x80, 0x04, 0x22, 0x56, 0x2b, 0xb0, 0x94, 0x86, 0x30,
+	0x89, 0x2b, 0xf1, 0xe3, 0xc0, 0xda, 0x7e, 0xb1, 0x17, 0xdb, 0xbb, 0xcb, 0xcc, 0xac, 0xab, 0xdc,
+	0x38, 0x70, 0x45, 0xe2, 0xce, 0x1f, 0x53, 0x71, 0xcb, 0xb1, 0xc7, 0x9e, 0x2c, 0x62, 0xfe, 0x8b,
+	0x1c, 0x2a, 0x34, 0xb3, 0xb3, 0x3b, 0x6b, 0xa7, 0x16, 0x0e, 0x87, 0xde, 0x76, 0xde, 0xfb, 0xbc,
+	0xcf, 0x7b, 0xf3, 0xf6, 0xfd, 0x18, 0xf4, 0xcd, 0xe0, 0x80, 0x59, 0xae, 0x6f, 0x0f, 0xc2, 0x36,
+	0x50, 0x0f, 0x38, 0x30, 0x7b, 0x0c, 0x5e, 0xd7, 0xa7, 0xb6, 0x52, 0x38, 0x81, 0xcb, 0x80, 0x8e,
+	0x81, 0xda, 0xc1, 0xa0, 0x27, 0x4f, 0xb6, 0x13, 0x76, 0x5d, 0x6e, 0x8f, 0x77, 0x9d, 0x61, 0xd0,
+	0x77, 0x76, 0xed, 0x1e, 0x78, 0x40, 0x1d, 0x0e, 0x5d, 0x2b, 0xa0, 0x3e, 0xf7, 0x71, 0x3d, 0xb2,
+	0xb4, 0x12, 0x4b, 0x2b, 0x18, 0xf4, 0xe4, 0xc9, 0x92, 0x96, 0x56, 0x6c, 0xb9, 0xf5, 0x41, 0xcf,
+	0xe5, 0xfd, 0xb0, 0x6d, 0x75, 0xfc, 0x91, 0xdd, 0xf3, 0x7b, 0xbe, 0x2d, 0x09, 0xda, 0xe1, 0xb9,
+	0x3c, 0xc9, 0x83, 0xfc, 0x8a, 0x88, 0xb7, 0xb6, 0x75, 0x48, 0xb6, 0x13, 0xf2, 0x3e, 0x78, 0xdc,
+	0xed, 0x38, 0xdc, 0xf5, 0x3d, 0x7b, 0x7c, 0x23, 0x8c, 0xad, 0x7d, 0x8d, 0x1e, 0x39, 0x9d, 0xbe,
+	0xeb, 0x01, 0xbd, 0xd0, 0x77, 0x18, 0x01, 0x77, 0xde, 0x64, 0x65, 0x2f, 0xb2, 0xa2, 0xa1, 0xc7,
+	0xdd, 0x11, 0xdc, 0x30, 0xf8, 0xf8, 0xdf, 0x0c, 0x58, 0xa7, 0x0f, 0x23, 0xe7, 0x86, 0xdd, 0x87,
+	0x8b, 0xec, 0x42, 0xee, 0x0e, 0x6d, 0xd7, 0xe3, 0x8c, 0xd3, 0x79, 0xa3, 0xda, 0xeb, 0x02, 0xca,
+	0x3e, 0x19, 0x83, 0xc7, 0xf1, 0x8f, 0x28, 0x27, 0xae, 0xd0, 0x75, 0xb8, 0x63, 0x1a, 0x55, 0xa3,
+	0x5e, 0xd8, 0xdb, 0xb1, 0x74, 0xde, 0x13, 0x46, 0x9d, 0x7a, 0x81, 0xb6, 0xc6, 0xbb, 0xd6, 0xd7,
+	0xed, 0x9f, 0xa0, 0xc3, 0x9f, 0x02, 0x77, 0x1a, 0xf8, 0x72, 0x52, 0x59, 0x99, 0x4e, 0x2a, 0x48,
+	0xcb, 0x48, 0xc2, 0x8a, 0xb7, 0x51, 0x76, 0x08, 0x63, 0x18, 0x9a, 0x77, 0xaa, 0x46, 0x3d, 0xdf,
+	0xf8, 0x9f, 0x02, 0x67, 0x8f, 0x84, 0xf0, 0x3a, 0xfe, 0x20, 0x11, 0x08, 0x7f, 0x8f, 0xf2, 0xe2,
+	0xb6, 0x8c, 0x3b, 0xa3, 0xc0, 0xcc, 0xc8, 0x80, 0xde, 0x5b, 0x2e, 0xa0, 0x33, 0x77, 0x04, 0x8d,
+	0x4d, 0xc5, 0x9e, 0x3f, 0x8b, 0x49, 0x88, 0xe6, 0xc3, 0xc7, 0x68, 0x4d, 0x56, 0x4e, 0xf3, 0xb1,
+	0xb9, 0x2a, 0x83, 0xd9, 0x57, 0xf0, 0xb5, 0xc3, 0x48, 0x7c, 0x3d, 0xa9, 0xfc, 0x7f, 0x51, 0x3e,
+	0xf9, 0x45, 0x00, 0xcc, 0x6a, 0x35, 0x1f, 0x93, 0x98, 0x44, 0x5c, 0x8d, 0x71, 0xa7, 0x07, 0x66,
+	0x76, 0xf6, 0x6a, 0xa7, 0x42, 0x78, 0x1d, 0x7f, 0x90, 0x08, 0x84, 0xf7, 0x10, 0xa2, 0xf0, 0x73,
+	0x08, 0x8c, 0xb7, 0x48, 0xd3, 0xbc, 0x2b, 0x4d, 0x92, 0xd4, 0x91, 0x44, 0x43, 0x52, 0x28, 0x5c,
+	0x45, 0xab, 0x63, 0xa0, 0x6d, 0x73, 0x4d, 0xa2, 0xef, 0x29, 0xf4, 0xea, 0x33, 0xa0, 0x6d, 0x22,
+	0x35, 0xf8, 0x2b, 0xb4, 0x1a, 0x32, 0xa0, 0x66, 0x4e, 0xe6, 0xea, 0xdd, 0x54, 0xae, 0xac, 0xd9,
+	0xda, 0x16, 0x39, 0x6a, 0x31, 0xa0, 0x4d, 0xef, 0xdc, 0xd7, 0x4c, 0x42, 0x42, 0x24, 0x03, 0xee,
+	0xa3, 0x92, 0x3b, 0x0a, 0x80, 0x32, 0xdf, 0x13, 0xa5, 0x22, 0x34, 0x66, 0xfe, 0x56, 0xac, 0x0f,
+	0xa6, 0x93, 0x4a, 0xa9, 0x39, 0xc7, 0x41, 0x6e, 0xb0, 0xe2, 0xf7, 0x51, 0x9e, 0xf9, 0x21, 0xed,
+	0x40, 0xf3, 0x84, 0x99, 0xa8, 0x9a, 0xa9, 0xe7, 0x1b, 0xeb, 0xe2, 0xa7, 0x9d, 0xc6, 0x42, 0xa2,
+	0xf5, 0xf8, 0x1c, 0xe5, 0x7d, 0x59, 0x57, 0x04, 0xce, 0xcd, 0x82, 0x8c, 0xe7, 0x13, 0x6b, 0xd9,
+	0xd1, 0xa0, 0xca, 0x94, 0xc0, 0x39, 0x50, 0xf0, 0x3a, 0x10, 0xf9, 0x49, 0x84, 0x44, 0x53, 0xe3,
+	0x3e, 0x2a, 0x52, 0x60, 0x81, 0xef, 0x31, 0x38, 0xe5, 0x0e, 0x0f, 0x99, 0x79, 0x4f, 0x3a, 0xdb,
+	0x5e, 0xae, 0xfc, 0x22, 0x9b, 0x06, 0x9e, 0x4e, 0x2a, 0x45, 0x32, 0xc3, 0x43, 0xe6, 0x78, 0xb1,
+	0x83, 0xd6, 0xd5, 0x2f, 0x8e, 0x02, 0x31, 0xd7, 0xa5, 0xa3, 0xfa, 0x42, 0x47, 0x6a, 0x04, 0x58,
+	0x2d, 0x6f, 0xe0, 0xf9, 0xcf, 0xbd, 0xc6, 0xe6, 0x74, 0x52, 0x59, 0x27, 0x69, 0x0a, 0x32, 0xcb,
+	0x88, 0xbb, 0xfa, 0x32, 0xca, 0x47, 0xf1, 0x96, 0x3e, 0x66, 0x2e, 0xa2, 0x9c, 0xcc, 0x71, 0xe2,
+	0xdf, 0x0c, 0x64, 0x2a, 0xbf, 0x04, 0x3a, 0xe0, 0x8e, 0xa1, 0x9b, 0xf4, 0x9d, 0xb9, 0x21, 0x1d,
+	0xda, 0xcb, 0x65, 0xef, 0xa9, 0xdb, 0xa1, 0xbe, 0xec, 0xe0, 0xaa, 0xaa, 0x4c, 0x93, 0x2c, 0x20,
+	0x26, 0x0b, 0x5d, 0x62, 0x1f, 0x15, 0x65, 0xab, 0xe9, 0x20, 0x4a, 0xff, 0x2d, 0x88, 0xb8, 0x93,
+	0x8b, 0xa7, 0x33, 0x74, 0x64, 0x8e, 0x1e, 0x3f, 0x47, 0x05, 0xc7, 0xf3, 0x7c, 0x2e, 0x5b, 0x81,
+	0x99, 0x9b, 0xd5, 0x4c, 0xbd, 0xb0, 0xf7, 0xc5, 0xf2, 0xd5, 0x29, 0x67, 0xb0, 0x75, 0xa8, 0x29,
+	0x9e, 0x78, 0x9c, 0x5e, 0x34, 0xee, 0x2b, 0xf7, 0x85, 0x94, 0x86, 0xa4, 0x3d, 0x6d, 0x7d, 0x8e,
+	0x4a, 0xf3, 0x56, 0xb8, 0x84, 0x32, 0x03, 0xb8, 0x90, 0x53, 0x3c, 0x4f, 0xc4, 0x27, 0x7e, 0x80,
+	0xb2, 0x63, 0x67, 0x18, 0x42, 0x34, 0x7a, 0x49, 0x74, 0xf8, 0xf4, 0xce, 0x81, 0x51, 0x7b, 0x61,
+	0xa0, 0xbc, 0x74, 0x7e, 0xe4, 0x32, 0x8e, 0x7f, 0xb8, 0xb1, 0x04, 0xac, 0xe5, 0x32, 0x26, 0xac,
+	0xe5, 0x0a, 0x28, 0xa9, 0x88, 0x73, 0xb1, 0x24, 0xb5, 0x00, 0xce, 0x50, 0xd6, 0xe5, 0x30, 0x62,
+	0xe6, 0x1d, 0x99, 0x1e, 0xfb, 0x96, 0xe9, 0x69, 0xac, 0xc7, 0x63, 0xb5, 0x29, 0x58, 0x48, 0x44,
+	0x56, 0xfb, 0xc3, 0x40, 0xc5, 0x2f, 0xa9, 0x1f, 0x06, 0x04, 0xa2, 0x59, 0xc1, 0xf0, 0x3b, 0x28,
+	0xdb, 0x13, 0x92, 0x28, 0x05, 0xda, 0x2e, 0x82, 0x45, 0x3a, 0x31, 0x7b, 0x68, 0x6c, 0x21, 0x23,
+	0x52, 0xb3, 0x27, 0xa1, 0x21, 0x5a, 0x8f, 0x1f, 0x89, 0x4e, 0x8d, 0x0e, 0xc7, 0xce, 0x08, 0x98,
+	0x99, 0x91, 0x06, 0xaa, 0xff, 0x52, 0x0a, 0x32, 0x8b, 0xab, 0xfd, 0x9a, 0x41, 0x1b, 0x73, 0xa3,
+	0x07, 0x6f, 0xa3, 0x5c, 0x0c, 0x52, 0x11, 0x26, 0x59, 0x8b, 0xb9, 0x48, 0x82, 0xc0, 0x36, 0xca,
+	0x7b, 0x82, 0x2a, 0x70, 0x3a, 0xea, 0xff, 0xe9, 0xe5, 0x76, 0x1c, 0x2b, 0x88, 0xc6, 0x88, 0x55,
+	0x21, 0x0e, 0x72, 0x69, 0xa6, 0x56, 0x85, 0xc0, 0x12, 0xa9, 0xc1, 0x0d, 0x94, 0x09, 0xdd, 0xae,
+	0x5a, 0x7d, 0x3b, 0x0a, 0x90, 0x69, 0x2d, 0xbb, 0xf6, 0x84, 0xb1, 0x58, 0x62, 0x4e, 0xe0, 0x3e,
+	0x03, 0xca, 0x5c, 0xdf, 0x53, 0x7b, 0x2f, 0x59, 0x62, 0x87, 0x27, 0x4d, 0xa5, 0x21, 0x29, 0x14,
+	0x3e, 0x44, 0x1b, 0xf1, 0xb5, 0x62, 0xc3, 0x68, 0xfb, 0x3d, 0x54, 0x86, 0x1b, 0x64, 0x56, 0x4d,
+	0xe6, 0xf1, 0xf8, 0x23, 0x54, 0x60, 0x61, 0x3b, 0x49, 0x5f, 0xb4, 0x0e, 0x93, 0x36, 0x39, 0xd5,
+	0x2a, 0x92, 0xc6, 0xd5, 0x5e, 0x1b, 0xe8, 0xee, 0x89, 0x3f, 0x74, 0x3b, 0x17, 0x6f, 0xe1, 0xa1,
+	0xf3, 0x2d, 0xca, 0xd2, 0x70, 0x08, 0x71, 0x9d, 0xef, 0x2f, 0x5f, 0xe7, 0x51, 0x88, 0x24, 0x1c,
+	0x82, 0x2e, 0x5a, 0x71, 0x62, 0x24, 0x62, 0xc4, 0x8f, 0x10, 0xf2, 0x47, 0x2e, 0x97, 0xd3, 0x28,
+	0x2e, 0xc2, 0x87, 0x32, 0x90, 0x44, 0xaa, 0x9f, 0x1b, 0x29, 0x68, 0xed, 0x4f, 0x03, 0xa1, 0x88,
+	0xfd, 0x2d, 0x34, 0x7a, 0x6b, 0xb6, 0xd1, 0x77, 0x6e, 0x9b, 0x80, 0x05, 0x9d, 0xfe, 0x22, 0x13,
+	0xdf, 0x41, 0xe4, 0x44, 0xbf, 0x27, 0x8d, 0x65, 0xde, 0x93, 0x15, 0x94, 0x15, 0x8f, 0x9b, 0xb8,
+	0xd5, 0xf3, 0x02, 0x29, 0xde, 0x20, 0x8c, 0x44, 0x72, 0x6c, 0x21, 0x24, 0x3e, 0xe4, 0x8c, 0x88,
+	0x53, 0x5b, 0x14, 0xa9, 0x6d, 0x25, 0x52, 0x92, 0x42, 0x08, 0x42, 0xf1, 0xee, 0x62, 0xe6, 0xaa,
+	0x26, 0x14, 0xcf, 0x31, 0x46, 0x22, 0x39, 0x76, 0xd3, 0x03, 0x26, 0x2b, 0x33, 0x71, 0xb0, 0x7c,
+	0x26, 0x66, 0x47, 0x9a, 0x6e, 0xf9, 0x37, 0x8e, 0x27, 0x0b, 0xa1, 0xa4, 0xff, 0x99, 0x79, 0x57,
+	0xc7, 0x9e, 0x0c, 0x08, 0x46, 0x52, 0x08, 0xfc, 0x19, 0xda, 0xf0, 0x7c, 0x2f, 0xa6, 0x6a, 0x91,
+	0x23, 0x66, 0xae, 0x49, 0xa3, 0xfb, 0xa2, 0x09, 0x8f, 0x67, 0x55, 0x64, 0x1e, 0x3b, 0x57, 0x85,
+	0xb9, 0xa5, 0xab, 0xb0, 0x61, 0x5d, 0x5e, 0x95, 0x57, 0x5e, 0x5e, 0x95, 0x57, 0x5e, 0x5d, 0x95,
+	0x57, 0x7e, 0x99, 0x96, 0x8d, 0xcb, 0x69, 0xd9, 0x78, 0x39, 0x2d, 0x1b, 0xaf, 0xa6, 0x65, 0xe3,
+	0xaf, 0x69, 0xd9, 0xf8, 0xfd, 0xef, 0xf2, 0xca, 0x77, 0xb9, 0x38, 0x09, 0xff, 0x04, 0x00, 0x00,
+	0xff, 0xff, 0x3e, 0x3d, 0x28, 0x0e, 0x4d, 0x0e, 0x00, 0x00,
 }
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/generated.proto b/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/generated.proto
index 926eb65edc90..2043e9ea8cae 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/generated.proto
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/generated.proto
@@ -97,6 +97,14 @@ message Event {
   // Time the request reached current audit stage.
   // +optional
   optional k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime stageTimestamp = 16;
+
+  // Annotations is an unstructured key value map stored with an audit event that may be set by
+  // plugins invoked in the request serving chain, including authentication, authorization and
+  // admission plugins. Keys should uniquely identify the informing component to avoid name
+  // collisions (e.g. podsecuritypolicy.admission.k8s.io/policy). Values should be short. Annotations
+  // are included in the Metadata level.
+  // +optional
+  map<string, string> annotations = 17;
 }
 
 // EventList is a list of audit Events.
@@ -114,10 +122,19 @@ message GroupResources {
   // +optional
   optional string group = 1;
 
-  // Resources is a list of resources within the API group. Subresources are
-  // matched using a "/" to indicate the subresource. For example, "pods/logs"
-  // would match request to the logs subresource of pods. The top level resource
-  // does not match subresources, "pods" doesn't match "pods/logs".
+  // Resources is a list of resources this rule applies to.
+  // 
+  // For example:
+  // 'pods' matches pods.
+  // 'pods/log' matches the log subresource of pods.
+  // '*' matches all resources and their subresources.
+  // 'pods/*' matches all subresources of pods.
+  // '*/scale' matches all scale subresources.
+  // 
+  // If wildcard is present, the validation rule will ensure resources do not
+  // overlap with each other.
+  // 
+  // An empty list implies all resources and subresources in this API groups apply.
   // +optional
   repeated string resources = 2;
 
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/types.go b/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/types.go
index 21f10c78d48b..7e8af12b87f2 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/types.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/types.go
@@ -132,6 +132,14 @@ type Event struct {
 	// Time the request reached current audit stage.
 	// +optional
 	StageTimestamp metav1.MicroTime `json:"stageTimestamp" protobuf:"bytes,16,opt,name=stageTimestamp"`
+
+	// Annotations is an unstructured key value map stored with an audit event that may be set by
+	// plugins invoked in the request serving chain, including authentication, authorization and
+	// admission plugins. Keys should uniquely identify the informing component to avoid name
+	// collisions (e.g. podsecuritypolicy.admission.k8s.io/policy). Values should be short. Annotations
+	// are included in the Metadata level.
+	// +optional
+	Annotations map[string]string `json:"annotations,omitempty" protobuf:"bytes,17,rep,name=annotations"`
 }
 
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
@@ -233,10 +241,19 @@ type GroupResources struct {
 	// The empty string represents the core API group.
 	// +optional
 	Group string `json:"group,omitempty" protobuf:"bytes,1,opt,name=group"`
-	// Resources is a list of resources within the API group. Subresources are
-	// matched using a "/" to indicate the subresource. For example, "pods/logs"
-	// would match request to the logs subresource of pods. The top level resource
-	// does not match subresources, "pods" doesn't match "pods/logs".
+	// Resources is a list of resources this rule applies to.
+	//
+	// For example:
+	// 'pods' matches pods.
+	// 'pods/log' matches the log subresource of pods.
+	// '*' matches all resources and their subresources.
+	// 'pods/*' matches all subresources of pods.
+	// '*/scale' matches all scale subresources.
+	//
+	// If wildcard is present, the validation rule will ensure resources do not
+	// overlap with each other.
+	//
+	// An empty list implies all resources and subresources in this API groups apply.
 	// +optional
 	Resources []string `json:"resources,omitempty" protobuf:"bytes,2,rep,name=resources"`
 	// ResourceNames is a list of resource instance names that the policy matches.
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/zz_generated.conversion.go b/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/zz_generated.conversion.go
index b3b27c31c14a..d124660445a2 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/zz_generated.conversion.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/zz_generated.conversion.go
@@ -16,18 +16,19 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	unsafe "unsafe"
+
 	authentication_v1 "k8s.io/api/authentication/v1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	types "k8s.io/apimachinery/pkg/types"
 	audit "k8s.io/apiserver/pkg/apis/audit"
-	unsafe "unsafe"
 )
 
 func init() {
@@ -83,6 +84,7 @@ func autoConvert_v1alpha1_Event_To_audit_Event(in *Event, out *audit.Event, s co
 	out.ResponseObject = (*runtime.Unknown)(unsafe.Pointer(in.ResponseObject))
 	out.RequestReceivedTimestamp = in.RequestReceivedTimestamp
 	out.StageTimestamp = in.StageTimestamp
+	out.Annotations = *(*map[string]string)(unsafe.Pointer(&in.Annotations))
 	return nil
 }
 
@@ -112,6 +114,7 @@ func autoConvert_audit_Event_To_v1alpha1_Event(in *audit.Event, out *Event, s co
 	out.ResponseObject = (*runtime.Unknown)(unsafe.Pointer(in.ResponseObject))
 	out.RequestReceivedTimestamp = in.RequestReceivedTimestamp
 	out.StageTimestamp = in.StageTimestamp
+	out.Annotations = *(*map[string]string)(unsafe.Pointer(&in.Annotations))
 	return nil
 }
 
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/zz_generated.deepcopy.go
index bb4ea53105fa..ab3c5320cbdb 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1alpha1
 
@@ -85,6 +85,13 @@ func (in *Event) DeepCopyInto(out *Event) {
 	}
 	in.RequestReceivedTimestamp.DeepCopyInto(&out.RequestReceivedTimestamp)
 	in.StageTimestamp.DeepCopyInto(&out.StageTimestamp)
+	if in.Annotations != nil {
+		in, out := &in.Annotations, &out.Annotations
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
 	return
 }
 
@@ -102,9 +109,8 @@ func (in *Event) DeepCopy() *Event {
 func (in *Event) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -136,9 +142,8 @@ func (in *EventList) DeepCopy() *EventList {
 func (in *EventList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -217,9 +222,8 @@ func (in *Policy) DeepCopy() *Policy {
 func (in *Policy) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -251,9 +255,8 @@ func (in *PolicyList) DeepCopy() *PolicyList {
 func (in *PolicyList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/zz_generated.defaults.go b/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/zz_generated.defaults.go
index 5e24d22cacd1..2bd0078a37ef 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/zz_generated.defaults.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/BUILD b/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/BUILD
index 07e14e74c034..6088e4aa68a5 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/BUILD
@@ -21,6 +21,7 @@ go_library(
     importpath = "k8s.io/apiserver/pkg/apis/audit/v1beta1",
     deps = [
         "//vendor/github.com/gogo/protobuf/proto:go_default_library",
+        "//vendor/github.com/gogo/protobuf/sortkeys:go_default_library",
         "//vendor/k8s.io/api/authentication/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/conversion:go_default_library",
@@ -54,8 +55,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["conversion_test.go"],
-    importpath = "k8s.io/apiserver/pkg/apis/audit/v1beta1",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/generated.pb.go b/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/generated.pb.go
index b982df3ed8fe..5cfab75faf1d 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/generated.pb.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/generated.pb.go
@@ -45,6 +45,8 @@ import k8s_io_apimachinery_pkg_runtime "k8s.io/apimachinery/pkg/runtime"
 
 import k8s_io_apimachinery_pkg_types "k8s.io/apimachinery/pkg/types"
 
+import github_com_gogo_protobuf_sortkeys "github.com/gogo/protobuf/sortkeys"
+
 import strings "strings"
 import reflect "reflect"
 
@@ -240,6 +242,30 @@ func (m *Event) MarshalTo(dAtA []byte) (int, error) {
 		return 0, err
 	}
 	i += n10
+	if len(m.Annotations) > 0 {
+		keysForAnnotations := make([]string, 0, len(m.Annotations))
+		for k := range m.Annotations {
+			keysForAnnotations = append(keysForAnnotations, string(k))
+		}
+		github_com_gogo_protobuf_sortkeys.Strings(keysForAnnotations)
+		for _, k := range keysForAnnotations {
+			dAtA[i] = 0x8a
+			i++
+			dAtA[i] = 0x1
+			i++
+			v := m.Annotations[string(k)]
+			mapSize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + len(v) + sovGenerated(uint64(len(v)))
+			i = encodeVarintGenerated(dAtA, i, uint64(mapSize))
+			dAtA[i] = 0xa
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(len(k)))
+			i += copy(dAtA[i:], k)
+			dAtA[i] = 0x12
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(len(v)))
+			i += copy(dAtA[i:], v)
+		}
+	}
 	return i, nil
 }
 
@@ -674,6 +700,14 @@ func (m *Event) Size() (n int) {
 	n += 1 + l + sovGenerated(uint64(l))
 	l = m.StageTimestamp.Size()
 	n += 2 + l + sovGenerated(uint64(l))
+	if len(m.Annotations) > 0 {
+		for k, v := range m.Annotations {
+			_ = k
+			_ = v
+			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + len(v) + sovGenerated(uint64(len(v)))
+			n += mapEntrySize + 2 + sovGenerated(uint64(mapEntrySize))
+		}
+	}
 	return n
 }
 
@@ -834,6 +868,16 @@ func (this *Event) String() string {
 	if this == nil {
 		return "nil"
 	}
+	keysForAnnotations := make([]string, 0, len(this.Annotations))
+	for k := range this.Annotations {
+		keysForAnnotations = append(keysForAnnotations, k)
+	}
+	github_com_gogo_protobuf_sortkeys.Strings(keysForAnnotations)
+	mapStringForAnnotations := "map[string]string{"
+	for _, k := range keysForAnnotations {
+		mapStringForAnnotations += fmt.Sprintf("%v: %v,", k, this.Annotations[k])
+	}
+	mapStringForAnnotations += "}"
 	s := strings.Join([]string{`&Event{`,
 		`ObjectMeta:` + strings.Replace(strings.Replace(this.ObjectMeta.String(), "ObjectMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
 		`Level:` + fmt.Sprintf("%v", this.Level) + `,`,
@@ -851,6 +895,7 @@ func (this *Event) String() string {
 		`ResponseObject:` + strings.Replace(fmt.Sprintf("%v", this.ResponseObject), "Unknown", "k8s_io_apimachinery_pkg_runtime.Unknown", 1) + `,`,
 		`RequestReceivedTimestamp:` + strings.Replace(strings.Replace(this.RequestReceivedTimestamp.String(), "MicroTime", "k8s_io_apimachinery_pkg_apis_meta_v1.MicroTime", 1), `&`, ``, 1) + `,`,
 		`StageTimestamp:` + strings.Replace(strings.Replace(this.StageTimestamp.String(), "MicroTime", "k8s_io_apimachinery_pkg_apis_meta_v1.MicroTime", 1), `&`, ``, 1) + `,`,
+		`Annotations:` + mapStringForAnnotations + `,`,
 		`}`,
 	}, "")
 	return s
@@ -1461,6 +1506,122 @@ func (m *Event) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 17:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Annotations", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			var keykey uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				keykey |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			var stringLenmapkey uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLenmapkey |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLenmapkey := int(stringLenmapkey)
+			if intStringLenmapkey < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postStringIndexmapkey := iNdEx + intStringLenmapkey
+			if postStringIndexmapkey > l {
+				return io.ErrUnexpectedEOF
+			}
+			mapkey := string(dAtA[iNdEx:postStringIndexmapkey])
+			iNdEx = postStringIndexmapkey
+			if m.Annotations == nil {
+				m.Annotations = make(map[string]string)
+			}
+			if iNdEx < postIndex {
+				var valuekey uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					valuekey |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				var stringLenmapvalue uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					stringLenmapvalue |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				intStringLenmapvalue := int(stringLenmapvalue)
+				if intStringLenmapvalue < 0 {
+					return ErrInvalidLengthGenerated
+				}
+				postStringIndexmapvalue := iNdEx + intStringLenmapvalue
+				if postStringIndexmapvalue > l {
+					return io.ErrUnexpectedEOF
+				}
+				mapvalue := string(dAtA[iNdEx:postStringIndexmapvalue])
+				iNdEx = postStringIndexmapvalue
+				m.Annotations[mapkey] = mapvalue
+			} else {
+				var mapvalue string
+				m.Annotations[mapkey] = mapvalue
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -2657,81 +2818,86 @@ func init() {
 }
 
 var fileDescriptorGenerated = []byte{
-	// 1216 bytes of a gzipped FileDescriptorProto
+	// 1283 bytes of a gzipped FileDescriptorProto
 	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x56, 0x41, 0x6f, 0x1b, 0x45,
-	0x14, 0xce, 0xd6, 0x71, 0x63, 0x4f, 0x1a, 0x27, 0x9d, 0x22, 0xba, 0xca, 0xc1, 0x36, 0x46, 0x82,
-	0x08, 0xd2, 0xdd, 0xa6, 0x2d, 0x24, 0x17, 0x0e, 0xb1, 0x8a, 0xc0, 0x52, 0x1a, 0xa2, 0x71, 0x5c,
-	0x21, 0xe0, 0xc0, 0xda, 0x7e, 0xb1, 0x87, 0xd8, 0xbb, 0xcb, 0xcc, 0xac, 0x51, 0x6e, 0xfc, 0x01,
-	0x24, 0xee, 0xfc, 0x0b, 0x7e, 0x40, 0xc5, 0x81, 0x43, 0x8e, 0x3d, 0xf6, 0x64, 0x11, 0xf3, 0x2f,
-	0x22, 0x21, 0xa1, 0x99, 0x9d, 0xdd, 0x59, 0xdb, 0x35, 0x75, 0x38, 0xf4, 0xb6, 0xf3, 0xde, 0xf7,
-	0x7d, 0xf3, 0xe6, 0xcd, 0x7b, 0x6f, 0x16, 0x9d, 0x9c, 0x1f, 0x70, 0x87, 0x06, 0xee, 0x79, 0xd4,
-	0x06, 0xe6, 0x83, 0x00, 0xee, 0x8e, 0xc0, 0xef, 0x06, 0xcc, 0xd5, 0x0e, 0x2f, 0xa4, 0x1c, 0xd8,
-	0x08, 0x98, 0x1b, 0x9e, 0xf7, 0xd4, 0xca, 0xf5, 0xa2, 0x2e, 0x15, 0xee, 0x68, 0xaf, 0x0d, 0xc2,
-	0xdb, 0x73, 0x7b, 0xe0, 0x03, 0xf3, 0x04, 0x74, 0x9d, 0x90, 0x05, 0x22, 0xc0, 0x1f, 0xc6, 0x44,
-	0x27, 0x25, 0x3a, 0xe1, 0x79, 0x4f, 0xad, 0x1c, 0x45, 0x74, 0x34, 0x71, 0xfb, 0x41, 0x8f, 0x8a,
-	0x7e, 0xd4, 0x76, 0x3a, 0xc1, 0xd0, 0xed, 0x05, 0xbd, 0xc0, 0x55, 0xfc, 0x76, 0x74, 0xa6, 0x56,
-	0x6a, 0xa1, 0xbe, 0x62, 0xdd, 0xed, 0x5d, 0x13, 0x90, 0xeb, 0x45, 0xa2, 0x0f, 0xbe, 0xa0, 0x1d,
-	0x4f, 0xd0, 0xc0, 0x77, 0x47, 0x73, 0x51, 0x6c, 0x3f, 0x31, 0xe8, 0xa1, 0xd7, 0xe9, 0x53, 0x1f,
-	0xd8, 0x85, 0x39, 0xc1, 0x10, 0x84, 0xf7, 0x3a, 0x96, 0xbb, 0x88, 0xc5, 0x22, 0x5f, 0xd0, 0x21,
-	0xcc, 0x11, 0x3e, 0x7d, 0x13, 0x81, 0x77, 0xfa, 0x30, 0xf4, 0xe6, 0x78, 0x8f, 0x17, 0xf1, 0x22,
-	0x41, 0x07, 0x2e, 0xf5, 0x05, 0x17, 0x6c, 0x8e, 0x74, 0xf0, 0xe6, 0x2b, 0xf1, 0x06, 0x61, 0x7f,
-	0xfe, 0x4e, 0x6a, 0x7f, 0x22, 0x94, 0xff, 0x7c, 0x04, 0xbe, 0xc0, 0xdf, 0xa3, 0x82, 0x3c, 0x7c,
-	0xd7, 0x13, 0x9e, 0x6d, 0x55, 0xad, 0x9d, 0xf5, 0x47, 0x0f, 0x1d, 0x73, 0x61, 0x69, 0x2c, 0xe6,
-	0xce, 0x24, 0xda, 0x19, 0xed, 0x39, 0x5f, 0xb5, 0x7f, 0x80, 0x8e, 0x78, 0x06, 0xc2, 0xab, 0xe3,
-	0xcb, 0x71, 0x65, 0x65, 0x32, 0xae, 0x20, 0x63, 0x23, 0xa9, 0x2a, 0xde, 0x45, 0xf9, 0x01, 0x8c,
-	0x60, 0x60, 0xdf, 0xaa, 0x5a, 0x3b, 0xc5, 0xfa, 0xbb, 0x1a, 0x9c, 0x3f, 0x92, 0xc6, 0xeb, 0xe4,
-	0x83, 0xc4, 0x20, 0xfc, 0x2d, 0x2a, 0xca, 0x3c, 0x71, 0xe1, 0x0d, 0x43, 0x3b, 0xa7, 0x02, 0xfa,
-	0x68, 0xb9, 0x80, 0x4e, 0xe9, 0x10, 0xea, 0x77, 0xb5, 0x7a, 0xf1, 0x34, 0x11, 0x21, 0x46, 0x0f,
-	0x1f, 0xa3, 0x35, 0x95, 0x98, 0xc6, 0x53, 0x7b, 0x55, 0x05, 0xf3, 0x44, 0xc3, 0xd7, 0x0e, 0x63,
-	0xf3, 0xf5, 0xb8, 0xf2, 0xde, 0xa2, 0x9b, 0x10, 0x17, 0x21, 0x70, 0xa7, 0xd5, 0x78, 0x4a, 0x12,
-	0x11, 0x79, 0x34, 0x2e, 0xbc, 0x1e, 0xd8, 0xf9, 0xe9, 0xa3, 0x35, 0xa5, 0xf1, 0x3a, 0xf9, 0x20,
-	0x31, 0x08, 0x3f, 0x42, 0x88, 0xc1, 0x8f, 0x11, 0x70, 0xd1, 0x22, 0x0d, 0xfb, 0xb6, 0xa2, 0xa4,
-	0xa9, 0x23, 0xa9, 0x87, 0x64, 0x50, 0xb8, 0x8a, 0x56, 0x47, 0xc0, 0xda, 0xf6, 0x9a, 0x42, 0xdf,
-	0xd1, 0xe8, 0xd5, 0xe7, 0xc0, 0xda, 0x44, 0x79, 0xf0, 0x97, 0x68, 0x35, 0xe2, 0xc0, 0xec, 0x82,
-	0xca, 0xd5, 0x07, 0x99, 0x5c, 0x39, 0xd3, 0x5d, 0x21, 0x73, 0xd4, 0xe2, 0xc0, 0x1a, 0xfe, 0x59,
-	0x60, 0x94, 0xa4, 0x85, 0x28, 0x05, 0xdc, 0x47, 0x5b, 0x74, 0x18, 0x02, 0xe3, 0x81, 0x2f, 0x4b,
-	0x45, 0x7a, 0xec, 0xe2, 0x8d, 0x54, 0xdf, 0x99, 0x8c, 0x2b, 0x5b, 0x8d, 0x19, 0x0d, 0x32, 0xa7,
-	0x8a, 0x3f, 0x46, 0x45, 0x1e, 0x44, 0xac, 0x03, 0x8d, 0x13, 0x6e, 0xa3, 0x6a, 0x6e, 0xa7, 0x58,
-	0xdf, 0x90, 0x97, 0xd6, 0x4c, 0x8c, 0xc4, 0xf8, 0x31, 0xa0, 0x62, 0xa0, 0xea, 0x8a, 0xc0, 0x99,
-	0xbd, 0xae, 0xe2, 0x39, 0x70, 0x96, 0x9c, 0x29, 0xba, 0x4a, 0x09, 0x9c, 0x01, 0x03, 0xbf, 0x03,
-	0xf1, 0x36, 0xa9, 0x91, 0x18, 0x65, 0xdc, 0x47, 0x25, 0x06, 0x3c, 0x0c, 0x7c, 0x0e, 0x4d, 0xe1,
-	0x89, 0x88, 0xdb, 0x77, 0xd4, 0x5e, 0xbb, 0xcb, 0x55, 0x5f, 0xcc, 0xa9, 0xe3, 0xc9, 0xb8, 0x52,
-	0x22, 0x53, 0x3a, 0x64, 0x46, 0x17, 0x7b, 0x68, 0x43, 0xdf, 0x70, 0x1c, 0x88, 0xbd, 0xa1, 0x36,
-	0xda, 0x59, 0xb8, 0x91, 0x9e, 0x1d, 0x4e, 0xcb, 0x3f, 0xf7, 0x83, 0x9f, 0xfc, 0xfa, 0xdd, 0xc9,
-	0xb8, 0xb2, 0x41, 0xb2, 0x12, 0x64, 0x5a, 0x11, 0x77, 0xcd, 0x61, 0xf4, 0x1e, 0xa5, 0x1b, 0xee,
-	0x31, 0x75, 0x10, 0xbd, 0xc9, 0x8c, 0x26, 0xfe, 0xc5, 0x42, 0xb6, 0xde, 0x97, 0x40, 0x07, 0xe8,
-	0x08, 0xba, 0x69, 0xdb, 0xd9, 0x9b, 0x6a, 0x43, 0x77, 0xb9, 0xec, 0x3d, 0xa3, 0x1d, 0x16, 0xa8,
-	0x06, 0xae, 0xea, 0xc2, 0xb4, 0xc9, 0x02, 0x61, 0xb2, 0x70, 0x4b, 0x1c, 0xa0, 0x92, 0xea, 0x34,
-	0x13, 0xc4, 0xd6, 0xff, 0x0b, 0x22, 0x69, 0xe4, 0x52, 0x73, 0x4a, 0x8e, 0xcc, 0xc8, 0xd7, 0x5e,
-	0x58, 0xa8, 0xa8, 0xc6, 0xe8, 0x11, 0xe5, 0x02, 0x7f, 0x37, 0x37, 0x4a, 0x9d, 0xe5, 0x36, 0x96,
-	0x6c, 0x35, 0x48, 0xb7, 0xf4, 0xbe, 0x85, 0xc4, 0x92, 0x19, 0xa3, 0x4d, 0x94, 0xa7, 0x02, 0x86,
-	0xdc, 0xbe, 0x55, 0xcd, 0xcd, 0x48, 0xff, 0x77, 0x0b, 0xa8, 0x00, 0xeb, 0x1b, 0xc9, 0x6c, 0x6a,
-	0x48, 0x11, 0x12, 0x6b, 0xd5, 0x7e, 0xb3, 0x50, 0xe9, 0x0b, 0x16, 0x44, 0x21, 0x81, 0xb8, 0xe1,
-	0x38, 0x7e, 0x1f, 0xe5, 0x7b, 0xd2, 0xa2, 0x8e, 0x50, 0x34, 0xbc, 0x18, 0x16, 0xfb, 0x64, 0x03,
-	0xb3, 0x84, 0xa1, 0x02, 0xd2, 0x0d, 0x9c, 0xca, 0x10, 0xe3, 0xc7, 0xfb, 0xb2, 0xde, 0xe3, 0xc5,
-	0xb1, 0x37, 0x04, 0x6e, 0xe7, 0x14, 0x41, 0x57, 0x71, 0xc6, 0x41, 0xa6, 0x71, 0xb5, 0xdf, 0x73,
-	0x68, 0x73, 0xa6, 0x81, 0xf1, 0x2e, 0x2a, 0x24, 0x20, 0x1d, 0x61, 0x9a, 0xb4, 0x44, 0x8b, 0xa4,
-	0x08, 0xec, 0xa2, 0xa2, 0x2f, 0xa5, 0x42, 0xaf, 0x03, 0xfa, 0xfd, 0x49, 0x5f, 0x88, 0xe3, 0xc4,
-	0x41, 0x0c, 0x46, 0xce, 0x5b, 0xb9, 0x50, 0x2f, 0x4f, 0x66, 0xde, 0x4a, 0x2c, 0x51, 0x1e, 0x5c,
-	0x47, 0xb9, 0x88, 0x76, 0xf5, 0xfb, 0xf1, 0x50, 0x03, 0x72, 0xad, 0x65, 0xdf, 0x0e, 0x49, 0x96,
-	0x87, 0xf0, 0x42, 0xaa, 0x32, 0xaa, 0x9f, 0x8e, 0xf4, 0x10, 0x87, 0x27, 0x8d, 0x38, 0xd3, 0x29,
-	0x42, 0xbe, 0x1b, 0x5e, 0x48, 0x9f, 0x03, 0xe3, 0x34, 0xf0, 0x67, 0xdf, 0x8d, 0xc3, 0x93, 0x86,
-	0xf6, 0x90, 0x0c, 0x0a, 0x1f, 0xa2, 0xcd, 0x24, 0x09, 0x09, 0x31, 0x7e, 0x42, 0xee, 0x6b, 0xe2,
-	0x26, 0x99, 0x76, 0x93, 0x59, 0x3c, 0xfe, 0x04, 0xad, 0xf3, 0xa8, 0x9d, 0x26, 0xbb, 0xa0, 0xe8,
-	0xf7, 0x34, 0x7d, 0xbd, 0x69, 0x5c, 0x24, 0x8b, 0xab, 0xfd, 0x63, 0xa1, 0xdb, 0x27, 0xc1, 0x80,
-	0x76, 0x2e, 0xde, 0xc2, 0xbf, 0xc5, 0xd7, 0x28, 0xcf, 0xa2, 0x01, 0x24, 0x4d, 0xf1, 0x78, 0xe9,
-	0xa6, 0x88, 0x23, 0x24, 0xd1, 0x00, 0x4c, 0x85, 0xcb, 0x15, 0x27, 0xb1, 0x20, 0xde, 0x47, 0x28,
-	0x18, 0x52, 0xa1, 0x06, 0x40, 0x52, 0xb1, 0xf7, 0x55, 0x1c, 0xa9, 0xd5, 0x3c, 0xf0, 0x19, 0x68,
-	0xed, 0x0f, 0x0b, 0xa1, 0x58, 0xfd, 0x2d, 0x0c, 0x85, 0xd3, 0xe9, 0xa1, 0xe0, 0xde, 0xf0, 0xfc,
-	0x0b, 0xa6, 0xc2, 0x8b, 0x5c, 0x72, 0x04, 0x99, 0x12, 0xf3, 0x03, 0x67, 0x2d, 0xf3, 0x03, 0x57,
-	0x41, 0x79, 0xf9, 0x37, 0x91, 0x8c, 0x85, 0xa2, 0x44, 0xca, 0x47, 0x9f, 0x93, 0xd8, 0x8e, 0x1d,
-	0x84, 0xe4, 0x87, 0xaa, 0xed, 0x24, 0xb3, 0x25, 0x99, 0xd9, 0x56, 0x6a, 0x25, 0x19, 0x84, 0x14,
-	0x94, 0x3f, 0x3a, 0xdc, 0x5e, 0x35, 0x82, 0xf2, 0xff, 0x87, 0x93, 0xd8, 0x8e, 0xfb, 0xd9, 0x61,
-	0x94, 0x57, 0x89, 0xd8, 0x5f, 0x3a, 0x11, 0xd3, 0xd3, 0xcf, 0x4c, 0x87, 0xd7, 0x4e, 0x32, 0x07,
-	0xa1, 0x74, 0x54, 0x70, 0xfb, 0xb6, 0x09, 0x3d, 0x9d, 0x25, 0x9c, 0x64, 0x10, 0xf8, 0x33, 0xb4,
-	0xe9, 0x07, 0x7e, 0x22, 0xd5, 0x22, 0x47, 0xdc, 0x5e, 0x53, 0xa4, 0x7b, 0xb2, 0x03, 0x8f, 0xa7,
-	0x5d, 0x64, 0x16, 0x3b, 0x53, 0x83, 0x85, 0xa5, 0x6b, 0xb0, 0xfe, 0xe0, 0xf2, 0xaa, 0xbc, 0xf2,
-	0xf2, 0xaa, 0xbc, 0xf2, 0xea, 0xaa, 0xbc, 0xf2, 0xf3, 0xa4, 0x6c, 0x5d, 0x4e, 0xca, 0xd6, 0xcb,
-	0x49, 0xd9, 0x7a, 0x35, 0x29, 0x5b, 0x7f, 0x4d, 0xca, 0xd6, 0xaf, 0x7f, 0x97, 0x57, 0xbe, 0x59,
-	0xd3, 0x39, 0xf8, 0x37, 0x00, 0x00, 0xff, 0xff, 0x04, 0xbb, 0x40, 0x37, 0xf4, 0x0d, 0x00, 0x00,
+	0x14, 0xce, 0xd6, 0x71, 0x63, 0x8f, 0x1b, 0xc7, 0x9d, 0x56, 0x74, 0x95, 0x83, 0x6d, 0x8c, 0x04,
+	0x11, 0xa4, 0xbb, 0x6d, 0x5a, 0x48, 0x84, 0x04, 0x28, 0x56, 0x2b, 0xb0, 0x94, 0x86, 0x68, 0x1c,
+	0x57, 0x08, 0x38, 0xb0, 0xb6, 0x5f, 0xec, 0xc5, 0xf6, 0xee, 0x32, 0x33, 0x6b, 0x94, 0x1b, 0x7f,
+	0x00, 0x89, 0x3b, 0xff, 0x82, 0x1f, 0x50, 0x71, 0xcc, 0xb1, 0xc7, 0x9e, 0x2c, 0x62, 0xfe, 0x45,
+	0x04, 0x12, 0x9a, 0xd9, 0xd9, 0x9d, 0xb5, 0x5d, 0xab, 0x0e, 0x87, 0xde, 0x66, 0xde, 0xfb, 0xbe,
+	0xef, 0xbd, 0x79, 0x33, 0xf3, 0x66, 0xd0, 0xc9, 0xe0, 0x80, 0x59, 0xae, 0x6f, 0x0f, 0xc2, 0x36,
+	0x50, 0x0f, 0x38, 0x30, 0x7b, 0x0c, 0x5e, 0xd7, 0xa7, 0xb6, 0x72, 0x38, 0x81, 0xcb, 0x80, 0x8e,
+	0x81, 0xda, 0xc1, 0xa0, 0x27, 0x67, 0xb6, 0x13, 0x76, 0x5d, 0x6e, 0x8f, 0x1f, 0xb6, 0x81, 0x3b,
+	0x0f, 0xed, 0x1e, 0x78, 0x40, 0x1d, 0x0e, 0x5d, 0x2b, 0xa0, 0x3e, 0xf7, 0xf1, 0x07, 0x11, 0xd1,
+	0x4a, 0x88, 0x56, 0x30, 0xe8, 0xc9, 0x99, 0x25, 0x89, 0x96, 0x22, 0x6e, 0xdf, 0xef, 0xb9, 0xbc,
+	0x1f, 0xb6, 0xad, 0x8e, 0x3f, 0xb2, 0x7b, 0x7e, 0xcf, 0xb7, 0x25, 0xbf, 0x1d, 0x9e, 0xc9, 0x99,
+	0x9c, 0xc8, 0x51, 0xa4, 0xbb, 0xbd, 0xab, 0x13, 0xb2, 0x9d, 0x90, 0xf7, 0xc1, 0xe3, 0x6e, 0xc7,
+	0xe1, 0xae, 0xef, 0xd9, 0xe3, 0x85, 0x2c, 0xb6, 0x1f, 0x6b, 0xf4, 0xc8, 0xe9, 0xf4, 0x5d, 0x0f,
+	0xe8, 0xb9, 0x5e, 0xc1, 0x08, 0xb8, 0xf3, 0x3a, 0x96, 0xbd, 0x8c, 0x45, 0x43, 0x8f, 0xbb, 0x23,
+	0x58, 0x20, 0x7c, 0xf2, 0x26, 0x02, 0xeb, 0xf4, 0x61, 0xe4, 0x2c, 0xf0, 0x1e, 0x2d, 0xe3, 0x85,
+	0xdc, 0x1d, 0xda, 0xae, 0xc7, 0x19, 0xa7, 0x0b, 0xa4, 0x83, 0x37, 0x6f, 0x89, 0x33, 0x0c, 0xfa,
+	0x8b, 0x7b, 0x52, 0xfb, 0xa7, 0x80, 0xb2, 0x4f, 0xc7, 0xe0, 0x71, 0xfc, 0x03, 0xca, 0x89, 0xc5,
+	0x77, 0x1d, 0xee, 0x98, 0x46, 0xd5, 0xd8, 0x29, 0xec, 0x3d, 0xb0, 0xf4, 0x86, 0x25, 0xb9, 0xe8,
+	0x3d, 0x13, 0x68, 0x6b, 0xfc, 0xd0, 0xfa, 0xba, 0xfd, 0x23, 0x74, 0xf8, 0x33, 0xe0, 0x4e, 0x1d,
+	0x5f, 0x4c, 0x2a, 0x6b, 0xd3, 0x49, 0x05, 0x69, 0x1b, 0x49, 0x54, 0xf1, 0x2e, 0xca, 0x0e, 0x61,
+	0x0c, 0x43, 0xf3, 0x46, 0xd5, 0xd8, 0xc9, 0xd7, 0xdf, 0x51, 0xe0, 0xec, 0x91, 0x30, 0x5e, 0xc5,
+	0x03, 0x12, 0x81, 0xf0, 0x77, 0x28, 0x2f, 0xea, 0xc4, 0xb8, 0x33, 0x0a, 0xcc, 0x8c, 0x4c, 0xe8,
+	0xc3, 0xd5, 0x12, 0x3a, 0x75, 0x47, 0x50, 0xbf, 0xad, 0xd4, 0xf3, 0xa7, 0xb1, 0x08, 0xd1, 0x7a,
+	0xf8, 0x18, 0x6d, 0xc8, 0xc2, 0x34, 0x9e, 0x98, 0xeb, 0x32, 0x99, 0xc7, 0x0a, 0xbe, 0x71, 0x18,
+	0x99, 0xaf, 0x26, 0x95, 0x77, 0x97, 0xed, 0x04, 0x3f, 0x0f, 0x80, 0x59, 0xad, 0xc6, 0x13, 0x12,
+	0x8b, 0x88, 0xa5, 0x31, 0xee, 0xf4, 0xc0, 0xcc, 0xce, 0x2e, 0xad, 0x29, 0x8c, 0x57, 0xf1, 0x80,
+	0x44, 0x20, 0xbc, 0x87, 0x10, 0x85, 0x9f, 0x42, 0x60, 0xbc, 0x45, 0x1a, 0xe6, 0x4d, 0x49, 0x49,
+	0x4a, 0x47, 0x12, 0x0f, 0x49, 0xa1, 0x70, 0x15, 0xad, 0x8f, 0x81, 0xb6, 0xcd, 0x0d, 0x89, 0xbe,
+	0xa5, 0xd0, 0xeb, 0xcf, 0x81, 0xb6, 0x89, 0xf4, 0xe0, 0xaf, 0xd0, 0x7a, 0xc8, 0x80, 0x9a, 0x39,
+	0x59, 0xab, 0xf7, 0x53, 0xb5, 0xb2, 0x66, 0x6f, 0x85, 0xa8, 0x51, 0x8b, 0x01, 0x6d, 0x78, 0x67,
+	0xbe, 0x56, 0x12, 0x16, 0x22, 0x15, 0x70, 0x1f, 0x95, 0xdc, 0x51, 0x00, 0x94, 0xf9, 0x9e, 0x38,
+	0x2a, 0xc2, 0x63, 0xe6, 0xaf, 0xa5, 0x7a, 0x77, 0x3a, 0xa9, 0x94, 0x1a, 0x73, 0x1a, 0x64, 0x41,
+	0x15, 0x7f, 0x84, 0xf2, 0xcc, 0x0f, 0x69, 0x07, 0x1a, 0x27, 0xcc, 0x44, 0xd5, 0xcc, 0x4e, 0xbe,
+	0xbe, 0x29, 0x36, 0xad, 0x19, 0x1b, 0x89, 0xf6, 0x63, 0x40, 0x79, 0x5f, 0x9e, 0x2b, 0x02, 0x67,
+	0x66, 0x41, 0xe6, 0x73, 0x60, 0xad, 0xd8, 0x53, 0xd4, 0x29, 0x25, 0x70, 0x06, 0x14, 0xbc, 0x0e,
+	0x44, 0x61, 0x12, 0x23, 0xd1, 0xca, 0xb8, 0x8f, 0x8a, 0x14, 0x58, 0xe0, 0x7b, 0x0c, 0x9a, 0xdc,
+	0xe1, 0x21, 0x33, 0x6f, 0xc9, 0x58, 0xbb, 0xab, 0x9d, 0xbe, 0x88, 0x53, 0xc7, 0xd3, 0x49, 0xa5,
+	0x48, 0x66, 0x74, 0xc8, 0x9c, 0x2e, 0x76, 0xd0, 0xa6, 0xda, 0xe1, 0x28, 0x11, 0x73, 0x53, 0x06,
+	0xda, 0x59, 0x1a, 0x48, 0xf5, 0x0e, 0xab, 0xe5, 0x0d, 0x3c, 0xff, 0x67, 0xaf, 0x7e, 0x7b, 0x3a,
+	0xa9, 0x6c, 0x92, 0xb4, 0x04, 0x99, 0x55, 0xc4, 0x5d, 0xbd, 0x18, 0x15, 0xa3, 0x78, 0xcd, 0x18,
+	0x33, 0x0b, 0x51, 0x41, 0xe6, 0x34, 0xf1, 0xaf, 0x06, 0x32, 0x55, 0x5c, 0x02, 0x1d, 0x70, 0xc7,
+	0xd0, 0x4d, 0xae, 0x9d, 0xb9, 0x25, 0x03, 0xda, 0xab, 0x55, 0xef, 0x99, 0xdb, 0xa1, 0xbe, 0xbc,
+	0xc0, 0x55, 0x75, 0x30, 0x4d, 0xb2, 0x44, 0x98, 0x2c, 0x0d, 0x89, 0x7d, 0x54, 0x94, 0x37, 0x4d,
+	0x27, 0x51, 0xfa, 0x7f, 0x49, 0xc4, 0x17, 0xb9, 0xd8, 0x9c, 0x91, 0x23, 0x73, 0xf2, 0x78, 0x8c,
+	0x0a, 0x8e, 0xe7, 0xf9, 0x5c, 0xde, 0x04, 0x66, 0xde, 0xae, 0x66, 0x76, 0x0a, 0x7b, 0x5f, 0xac,
+	0x7c, 0x38, 0x65, 0x07, 0xb6, 0x0e, 0xb5, 0xc2, 0x53, 0x8f, 0xd3, 0xf3, 0xfa, 0x1d, 0x15, 0xbd,
+	0x90, 0xf2, 0x90, 0x74, 0xa0, 0xed, 0xcf, 0x51, 0x69, 0x9e, 0x85, 0x4b, 0x28, 0x33, 0x80, 0x73,
+	0xd9, 0xc3, 0xf3, 0x44, 0x0c, 0xf1, 0x5d, 0x94, 0x1d, 0x3b, 0xc3, 0x10, 0xa2, 0xc6, 0x4b, 0xa2,
+	0xc9, 0xa7, 0x37, 0x0e, 0x8c, 0xda, 0x0b, 0x03, 0xe5, 0x65, 0xf0, 0x23, 0x97, 0x71, 0xfc, 0xfd,
+	0xc2, 0x13, 0x60, 0xad, 0x56, 0x30, 0xc1, 0x96, 0x0f, 0x40, 0x49, 0x65, 0x9c, 0x8b, 0x2d, 0xa9,
+	0xf6, 0xdf, 0x44, 0x59, 0x97, 0xc3, 0x88, 0x99, 0x37, 0x64, 0x75, 0xac, 0xeb, 0x55, 0xa7, 0xbe,
+	0x19, 0xf7, 0xd4, 0x86, 0x10, 0x21, 0x91, 0x56, 0xed, 0x77, 0x03, 0x15, 0xbf, 0xa4, 0x7e, 0x18,
+	0x10, 0x88, 0x1a, 0x05, 0xc3, 0xef, 0xa1, 0x6c, 0x4f, 0x58, 0xa2, 0x0a, 0x68, 0x5e, 0x04, 0x8b,
+	0x7c, 0xa2, 0xf1, 0xd0, 0x98, 0x21, 0x13, 0x52, 0x8d, 0x27, 0x91, 0x21, 0xda, 0x8f, 0xf7, 0xc5,
+	0x3d, 0x8d, 0x26, 0xc7, 0xce, 0x08, 0x98, 0x99, 0x91, 0x04, 0x75, 0xfb, 0x52, 0x0e, 0x32, 0x8b,
+	0xab, 0xfd, 0x91, 0x41, 0x5b, 0x73, 0x8d, 0x07, 0xef, 0xa2, 0x5c, 0x0c, 0x52, 0x19, 0x26, 0x45,
+	0x8b, 0xb5, 0x48, 0x82, 0xc0, 0x36, 0xca, 0x7b, 0x42, 0x2a, 0x70, 0x3a, 0x6a, 0xfb, 0xf4, 0xcb,
+	0x76, 0x1c, 0x3b, 0x88, 0xc6, 0x88, 0x77, 0x42, 0x4c, 0xe4, 0x8b, 0x99, 0x7a, 0x27, 0x04, 0x96,
+	0x48, 0x0f, 0xae, 0xa3, 0x4c, 0xe8, 0x76, 0xd5, 0xbb, 0xf7, 0x40, 0x01, 0x32, 0xad, 0x55, 0xdf,
+	0x3c, 0x41, 0x16, 0x8b, 0x70, 0x02, 0x57, 0x56, 0x54, 0x3d, 0x79, 0xc9, 0x22, 0x0e, 0x4f, 0x1a,
+	0x51, 0xa5, 0x13, 0x84, 0x78, 0xef, 0x9c, 0xc0, 0x7d, 0x0e, 0x94, 0xb9, 0xbe, 0x37, 0xff, 0xde,
+	0x1d, 0x9e, 0x34, 0x94, 0x87, 0xa4, 0x50, 0xf8, 0x10, 0x6d, 0xc5, 0x45, 0x88, 0x89, 0xd1, 0xd3,
+	0x77, 0x4f, 0x11, 0xb7, 0xc8, 0xac, 0x9b, 0xcc, 0xe3, 0xf1, 0xc7, 0xa8, 0xc0, 0xc2, 0x76, 0x52,
+	0xec, 0x9c, 0xa4, 0x27, 0x77, 0xaa, 0xa9, 0x5d, 0x24, 0x8d, 0xab, 0xfd, 0x6b, 0xa0, 0x9b, 0x27,
+	0xfe, 0xd0, 0xed, 0x9c, 0xbf, 0x85, 0x3f, 0xd1, 0x37, 0x28, 0x4b, 0xc3, 0x21, 0xc4, 0x97, 0xe2,
+	0xd1, 0xca, 0x97, 0x22, 0xca, 0x90, 0x84, 0x43, 0xd0, 0x27, 0x5c, 0xcc, 0x18, 0x89, 0x04, 0xf1,
+	0x3e, 0x42, 0xfe, 0xc8, 0xe5, 0xb2, 0x71, 0xc5, 0x27, 0xf6, 0x9e, 0xcc, 0x23, 0xb1, 0xea, 0x8f,
+	0x49, 0x0a, 0x5a, 0xfb, 0xd3, 0x40, 0x28, 0x52, 0x7f, 0x0b, 0x4d, 0xe1, 0x74, 0xb6, 0x29, 0xd8,
+	0xd7, 0x5c, 0xff, 0x92, 0xae, 0xf0, 0x22, 0x13, 0x2f, 0x41, 0x94, 0x44, 0x7f, 0x3c, 0x8d, 0x55,
+	0x3e, 0x9e, 0x15, 0x94, 0x15, 0xbf, 0xa0, 0xb8, 0x2d, 0xe4, 0x05, 0x52, 0x7c, 0x56, 0x18, 0x89,
+	0xec, 0xd8, 0x42, 0x48, 0x0c, 0xe4, 0xd9, 0x8e, 0x2b, 0x5b, 0x14, 0x95, 0x6d, 0x25, 0x56, 0x92,
+	0x42, 0x08, 0x41, 0xf1, 0x41, 0x63, 0xe6, 0xba, 0x16, 0x14, 0xff, 0x36, 0x46, 0x22, 0x3b, 0xee,
+	0xa7, 0x9b, 0x51, 0x56, 0x16, 0x62, 0x7f, 0xe5, 0x42, 0xcc, 0x76, 0x3f, 0xdd, 0x1d, 0x5e, 0xdb,
+	0xc9, 0x2c, 0x84, 0x92, 0x56, 0xc1, 0xcc, 0x9b, 0x3a, 0xf5, 0xa4, 0x97, 0x30, 0x92, 0x42, 0xe0,
+	0xcf, 0xd0, 0x96, 0xe7, 0x7b, 0xb1, 0x54, 0x8b, 0x1c, 0x31, 0x73, 0x43, 0x92, 0xee, 0x88, 0x1b,
+	0x78, 0x3c, 0xeb, 0x22, 0xf3, 0xd8, 0xb9, 0x33, 0x98, 0x5b, 0xf9, 0x0c, 0xd6, 0xef, 0x5f, 0x5c,
+	0x96, 0xd7, 0x5e, 0x5e, 0x96, 0xd7, 0x5e, 0x5d, 0x96, 0xd7, 0x7e, 0x99, 0x96, 0x8d, 0x8b, 0x69,
+	0xd9, 0x78, 0x39, 0x2d, 0x1b, 0xaf, 0xa6, 0x65, 0xe3, 0xaf, 0x69, 0xd9, 0xf8, 0xed, 0xef, 0xf2,
+	0xda, 0xb7, 0x1b, 0xaa, 0x06, 0xff, 0x05, 0x00, 0x00, 0xff, 0xff, 0x5e, 0xf6, 0x8d, 0xaa, 0xac,
+	0x0e, 0x00, 0x00,
 }
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/generated.proto b/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/generated.proto
index bbac7f2b7082..fcbf669ae3e8 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/generated.proto
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/generated.proto
@@ -101,6 +101,14 @@ message Event {
   // Time the request reached current audit stage.
   // +optional
   optional k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime stageTimestamp = 16;
+
+  // Annotations is an unstructured key value map stored with an audit event that may be set by
+  // plugins invoked in the request serving chain, including authentication, authorization and
+  // admission plugins. Keys should uniquely identify the informing component to avoid name
+  // collisions (e.g. podsecuritypolicy.admission.k8s.io/policy). Values should be short. Annotations
+  // are included in the Metadata level.
+  // +optional
+  map<string, string> annotations = 17;
 }
 
 // EventList is a list of audit Events.
@@ -118,10 +126,19 @@ message GroupResources {
   // +optional
   optional string group = 1;
 
-  // Resources is a list of resources within the API group. Subresources are
-  // matched using a "/" to indicate the subresource. For example, "pods/log"
-  // would match request to the log subresource of pods. The top level resource
-  // does not match subresources, "pods" doesn't match "pods/log".
+  // Resources is a list of resources this rule applies to.
+  // 
+  // For example:
+  // 'pods' matches pods.
+  // 'pods/log' matches the log subresource of pods.
+  // '*' matches all resources and their subresources.
+  // 'pods/*' matches all subresources of pods.
+  // '*/scale' matches all scale subresources.
+  // 
+  // If wildcard is present, the validation rule will ensure resources do not
+  // overlap with each other.
+  // 
+  // An empty list implies all resources and subresources in this API groups apply.
   // +optional
   repeated string resources = 2;
 
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/types.go b/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/types.go
index 259599c050eb..0c3299b4ac37 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/types.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/types.go
@@ -62,7 +62,7 @@ const (
 	// The stage for events generated once the response body has been completed, and no more bytes
 	// will be sent.
 	StageResponseComplete = "ResponseComplete"
-	// The stage for events generated when a panic occured.
+	// The stage for events generated when a panic occurred.
 	StagePanic = "Panic"
 )
 
@@ -128,6 +128,14 @@ type Event struct {
 	// Time the request reached current audit stage.
 	// +optional
 	StageTimestamp metav1.MicroTime `json:"stageTimestamp" protobuf:"bytes,16,opt,name=stageTimestamp"`
+
+	// Annotations is an unstructured key value map stored with an audit event that may be set by
+	// plugins invoked in the request serving chain, including authentication, authorization and
+	// admission plugins. Keys should uniquely identify the informing component to avoid name
+	// collisions (e.g. podsecuritypolicy.admission.k8s.io/policy). Values should be short. Annotations
+	// are included in the Metadata level.
+	// +optional
+	Annotations map[string]string `json:"annotations,omitempty" protobuf:"bytes,17,rep,name=annotations"`
 }
 
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
@@ -229,10 +237,19 @@ type GroupResources struct {
 	// The empty string represents the core API group.
 	// +optional
 	Group string `json:"group,omitempty" protobuf:"bytes,1,opt,name=group"`
-	// Resources is a list of resources within the API group. Subresources are
-	// matched using a "/" to indicate the subresource. For example, "pods/log"
-	// would match request to the log subresource of pods. The top level resource
-	// does not match subresources, "pods" doesn't match "pods/log".
+	// Resources is a list of resources this rule applies to.
+	//
+	// For example:
+	// 'pods' matches pods.
+	// 'pods/log' matches the log subresource of pods.
+	// '*' matches all resources and their subresources.
+	// 'pods/*' matches all subresources of pods.
+	// '*/scale' matches all scale subresources.
+	//
+	// If wildcard is present, the validation rule will ensure resources do not
+	// overlap with each other.
+	//
+	// An empty list implies all resources and subresources in this API groups apply.
 	// +optional
 	Resources []string `json:"resources,omitempty" protobuf:"bytes,2,rep,name=resources"`
 	// ResourceNames is a list of resource instance names that the policy matches.
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/zz_generated.conversion.go
index c29f61e743bb..01e5d4a9de9a 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/zz_generated.conversion.go
@@ -16,18 +16,19 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	unsafe "unsafe"
+
 	authentication_v1 "k8s.io/api/authentication/v1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	types "k8s.io/apimachinery/pkg/types"
 	audit "k8s.io/apiserver/pkg/apis/audit"
-	unsafe "unsafe"
 )
 
 func init() {
@@ -75,6 +76,7 @@ func autoConvert_v1beta1_Event_To_audit_Event(in *Event, out *audit.Event, s con
 	out.ResponseObject = (*runtime.Unknown)(unsafe.Pointer(in.ResponseObject))
 	out.RequestReceivedTimestamp = in.RequestReceivedTimestamp
 	out.StageTimestamp = in.StageTimestamp
+	out.Annotations = *(*map[string]string)(unsafe.Pointer(&in.Annotations))
 	return nil
 }
 
@@ -96,6 +98,7 @@ func autoConvert_audit_Event_To_v1beta1_Event(in *audit.Event, out *Event, s con
 	out.ResponseObject = (*runtime.Unknown)(unsafe.Pointer(in.ResponseObject))
 	out.RequestReceivedTimestamp = in.RequestReceivedTimestamp
 	out.StageTimestamp = in.StageTimestamp
+	out.Annotations = *(*map[string]string)(unsafe.Pointer(&in.Annotations))
 	return nil
 }
 
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/zz_generated.deepcopy.go
index 67f5fdac3227..e85589758e3f 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1beta1
 
@@ -85,6 +85,13 @@ func (in *Event) DeepCopyInto(out *Event) {
 	}
 	in.RequestReceivedTimestamp.DeepCopyInto(&out.RequestReceivedTimestamp)
 	in.StageTimestamp.DeepCopyInto(&out.StageTimestamp)
+	if in.Annotations != nil {
+		in, out := &in.Annotations, &out.Annotations
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
 	return
 }
 
@@ -102,9 +109,8 @@ func (in *Event) DeepCopy() *Event {
 func (in *Event) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -136,9 +142,8 @@ func (in *EventList) DeepCopy() *EventList {
 func (in *EventList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -217,9 +222,8 @@ func (in *Policy) DeepCopy() *Policy {
 func (in *Policy) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -251,9 +255,8 @@ func (in *PolicyList) DeepCopy() *PolicyList {
 func (in *PolicyList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/zz_generated.defaults.go b/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/zz_generated.defaults.go
index b61dda74c238..544e569dc2d7 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/zz_generated.defaults.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/validation/BUILD b/vendor/k8s.io/apiserver/pkg/apis/audit/validation/BUILD
index 956db3591a8a..96021367474a 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/validation/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/validation/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/apiserver/pkg/apis/audit/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apiserver/pkg/apis/audit:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/zz_generated.deepcopy.go b/vendor/k8s.io/apiserver/pkg/apis/audit/zz_generated.deepcopy.go
index c52aea05a078..521b96a9b52a 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package audit
 
@@ -82,6 +82,13 @@ func (in *Event) DeepCopyInto(out *Event) {
 	}
 	in.RequestReceivedTimestamp.DeepCopyInto(&out.RequestReceivedTimestamp)
 	in.StageTimestamp.DeepCopyInto(&out.StageTimestamp)
+	if in.Annotations != nil {
+		in, out := &in.Annotations, &out.Annotations
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
 	return
 }
 
@@ -99,9 +106,8 @@ func (in *Event) DeepCopy() *Event {
 func (in *Event) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -133,9 +139,28 @@ func (in *EventList) DeepCopy() *EventList {
 func (in *EventList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in ExtraValue) DeepCopyInto(out *ExtraValue) {
+	{
+		in := &in
+		*out = make(ExtraValue, len(*in))
+		copy(*out, *in)
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue.
+func (in ExtraValue) DeepCopy() ExtraValue {
+	if in == nil {
 		return nil
 	}
+	out := new(ExtraValue)
+	in.DeepCopyInto(out)
+	return *out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -214,9 +239,8 @@ func (in *Policy) DeepCopy() *Policy {
 func (in *Policy) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -248,9 +272,8 @@ func (in *PolicyList) DeepCopy() *PolicyList {
 func (in *PolicyList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -318,8 +341,12 @@ func (in *UserInfo) DeepCopyInto(out *UserInfo) {
 		in, out := &in.Extra, &out.Extra
 		*out = make(map[string]ExtraValue, len(*in))
 		for key, val := range *in {
-			(*out)[key] = make(ExtraValue, len(val))
-			copy((*out)[key], val)
+			if val == nil {
+				(*out)[key] = nil
+			} else {
+				(*out)[key] = make([]string, len(val))
+				copy((*out)[key], val)
+			}
 		}
 	}
 	return
diff --git a/vendor/k8s.io/apiserver/pkg/audit/BUILD b/vendor/k8s.io/apiserver/pkg/audit/BUILD
index 525424cdded0..bb477b602e04 100644
--- a/vendor/k8s.io/apiserver/pkg/audit/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/audit/BUILD
@@ -38,10 +38,13 @@ go_library(
 
 go_test(
     name = "go_default_test",
-    srcs = ["union_test.go"],
-    importpath = "k8s.io/apiserver/pkg/audit",
-    library = ":go_default_library",
+    srcs = [
+        "request_test.go",
+        "union_test.go",
+    ],
+    embed = [":go_default_library"],
     deps = [
+        "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/apis/audit:go_default_library",
     ],
diff --git a/vendor/k8s.io/apiserver/pkg/audit/policy/BUILD b/vendor/k8s.io/apiserver/pkg/audit/policy/BUILD
index 17d5881b0669..893935d32458 100644
--- a/vendor/k8s.io/apiserver/pkg/audit/policy/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/audit/policy/BUILD
@@ -12,8 +12,7 @@ go_test(
         "checker_test.go",
         "reader_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/audit/policy",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/github.com/stretchr/testify/require:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/audit/policy/checker.go b/vendor/k8s.io/apiserver/pkg/audit/policy/checker.go
index 3259013ad722..41c6b1a491fd 100644
--- a/vendor/k8s.io/apiserver/pkg/audit/policy/checker.go
+++ b/vendor/k8s.io/apiserver/pkg/audit/policy/checker.go
@@ -76,14 +76,18 @@ func (p *policyChecker) LevelAndStages(attrs authorizer.Attributes) (audit.Level
 
 // Check whether the rule matches the request attrs.
 func ruleMatches(r *audit.PolicyRule, attrs authorizer.Attributes) bool {
-	if len(r.Users) > 0 && attrs.GetUser() != nil {
-		if !hasString(r.Users, attrs.GetUser().GetName()) {
+	user := attrs.GetUser()
+	if len(r.Users) > 0 {
+		if user == nil || !hasString(r.Users, user.GetName()) {
 			return false
 		}
 	}
-	if len(r.UserGroups) > 0 && attrs.GetUser() != nil {
+	if len(r.UserGroups) > 0 {
+		if user == nil {
+			return false
+		}
 		matched := false
-		for _, group := range attrs.GetUser().GetGroups() {
+		for _, group := range user.GetGroups() {
 			if hasString(r.UserGroups, group) {
 				matched = true
 				break
@@ -160,11 +164,11 @@ func ruleMatchesResource(r *audit.PolicyRule, attrs authorizer.Attributes) bool
 
 	apiGroup := attrs.GetAPIGroup()
 	resource := attrs.GetResource()
+	subresource := attrs.GetSubresource()
+	combinedResource := resource
 	// If subresource, the resource in the policy must match "(resource)/(subresource)"
-	//
-	// TODO: consider adding options like "pods/*" to match all subresources.
-	if sr := attrs.GetSubresource(); sr != "" {
-		resource = resource + "/" + sr
+	if subresource != "" {
+		combinedResource = resource + "/" + subresource
 	}
 
 	name := attrs.GetName()
@@ -175,8 +179,17 @@ func ruleMatchesResource(r *audit.PolicyRule, attrs authorizer.Attributes) bool
 				return true
 			}
 			for _, res := range gr.Resources {
-				if res == resource {
-					if len(gr.ResourceNames) == 0 || hasString(gr.ResourceNames, name) {
+				if len(gr.ResourceNames) == 0 || hasString(gr.ResourceNames, name) {
+					// match "*"
+					if res == combinedResource || res == "*" {
+						return true
+					}
+					// match "*/subresource"
+					if len(subresource) > 0 && strings.HasPrefix(res, "*/") && subresource == strings.TrimLeft(res, "*/") {
+						return true
+					}
+					// match "resource/*"
+					if strings.HasSuffix(res, "/*") && resource == strings.TrimRight(res, "/*") {
 						return true
 					}
 				}
diff --git a/vendor/k8s.io/apiserver/pkg/audit/request.go b/vendor/k8s.io/apiserver/pkg/audit/request.go
index b738076a74ff..47c0fca80fa6 100644
--- a/vendor/k8s.io/apiserver/pkg/audit/request.go
+++ b/vendor/k8s.io/apiserver/pkg/audit/request.go
@@ -32,7 +32,6 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/types"
 	utilnet "k8s.io/apimachinery/pkg/util/net"
-	"k8s.io/apiserver/pkg/apis/audit"
 	auditinternal "k8s.io/apiserver/pkg/apis/audit"
 	"k8s.io/apiserver/pkg/authentication/user"
 	"k8s.io/apiserver/pkg/authorization/authorizer"
@@ -88,7 +87,7 @@ func NewEventFromRequest(req *http.Request, level auditinternal.Level, attribs a
 
 // LogImpersonatedUser fills in the impersonated user attributes into an audit event.
 func LogImpersonatedUser(ae *auditinternal.Event, user user.Info) {
-	if ae == nil || ae.Level.Less(audit.LevelMetadata) {
+	if ae == nil || ae.Level.Less(auditinternal.LevelMetadata) {
 		return
 	}
 	ae.ImpersonatedUser = &auditinternal.UserInfo{
@@ -104,14 +103,14 @@ func LogImpersonatedUser(ae *auditinternal.Event, user user.Info) {
 
 // LogRequestObject fills in the request object into an audit event. The passed runtime.Object
 // will be converted to the given gv.
-func LogRequestObject(ae *audit.Event, obj runtime.Object, gvr schema.GroupVersionResource, subresource string, s runtime.NegotiatedSerializer) {
-	if ae == nil || ae.Level.Less(audit.LevelMetadata) {
+func LogRequestObject(ae *auditinternal.Event, obj runtime.Object, gvr schema.GroupVersionResource, subresource string, s runtime.NegotiatedSerializer) {
+	if ae == nil || ae.Level.Less(auditinternal.LevelMetadata) {
 		return
 	}
 
 	// complete ObjectRef
 	if ae.ObjectRef == nil {
-		ae.ObjectRef = &audit.ObjectReference{}
+		ae.ObjectRef = &auditinternal.ObjectReference{}
 	}
 	if acc, ok := obj.(metav1.ObjectMetaAccessor); ok {
 		meta := acc.GetObjectMeta()
@@ -128,7 +127,6 @@ func LogRequestObject(ae *audit.Event, obj runtime.Object, gvr schema.GroupVersi
 			ae.ObjectRef.ResourceVersion = meta.GetResourceVersion()
 		}
 	}
-	// TODO: ObjectRef should include the API group.
 	if len(ae.ObjectRef.APIVersion) == 0 {
 		ae.ObjectRef.APIGroup = gvr.Group
 		ae.ObjectRef.APIVersion = gvr.Version
@@ -140,7 +138,7 @@ func LogRequestObject(ae *audit.Event, obj runtime.Object, gvr schema.GroupVersi
 		ae.ObjectRef.Subresource = subresource
 	}
 
-	if ae.Level.Less(audit.LevelRequest) {
+	if ae.Level.Less(auditinternal.LevelRequest) {
 		return
 	}
 
@@ -154,9 +152,9 @@ func LogRequestObject(ae *audit.Event, obj runtime.Object, gvr schema.GroupVersi
 	}
 }
 
-// LogRquestPatch fills in the given patch as the request object into an audit event.
-func LogRequestPatch(ae *audit.Event, patch []byte) {
-	if ae == nil || ae.Level.Less(audit.LevelRequest) {
+// LogRequestPatch fills in the given patch as the request object into an audit event.
+func LogRequestPatch(ae *auditinternal.Event, patch []byte) {
+	if ae == nil || ae.Level.Less(auditinternal.LevelRequest) {
 		return
 	}
 
@@ -168,15 +166,15 @@ func LogRequestPatch(ae *audit.Event, patch []byte) {
 
 // LogResponseObject fills in the response object into an audit event. The passed runtime.Object
 // will be converted to the given gv.
-func LogResponseObject(ae *audit.Event, obj runtime.Object, gv schema.GroupVersion, s runtime.NegotiatedSerializer) {
-	if ae == nil || ae.Level.Less(audit.LevelMetadata) {
+func LogResponseObject(ae *auditinternal.Event, obj runtime.Object, gv schema.GroupVersion, s runtime.NegotiatedSerializer) {
+	if ae == nil || ae.Level.Less(auditinternal.LevelMetadata) {
 		return
 	}
 	if status, ok := obj.(*metav1.Status); ok {
 		ae.ResponseStatus = status
 	}
 
-	if ae.Level.Less(audit.LevelRequestResponse) {
+	if ae.Level.Less(auditinternal.LevelRequestResponse) {
 		return
 	}
 	// TODO(audit): hook into the serializer to avoid double conversion
@@ -205,3 +203,28 @@ func encodeObject(obj runtime.Object, gv schema.GroupVersion, serializer runtime
 	}
 	return nil, fmt.Errorf("no json encoder found")
 }
+
+// LogAnnotation fills in the Annotations according to the key value pair.
+func LogAnnotation(ae *auditinternal.Event, key, value string) {
+	if ae == nil || ae.Level.Less(auditinternal.LevelMetadata) {
+		return
+	}
+	if ae.Annotations == nil {
+		ae.Annotations = make(map[string]string)
+	}
+	if v, ok := ae.Annotations[key]; ok && v != value {
+		glog.Warningf("Failed to set annotations[%q] to %q for audit:%q, it has already been set to %q", key, value, ae.AuditID, ae.Annotations[key])
+		return
+	}
+	ae.Annotations[key] = value
+}
+
+// LogAnnotations fills in the Annotations according to the annotations map.
+func LogAnnotations(ae *auditinternal.Event, annotations map[string]string) {
+	if ae == nil || ae.Level.Less(auditinternal.LevelMetadata) {
+		return
+	}
+	for key, value := range annotations {
+		LogAnnotation(ae, key, value)
+	}
+}
diff --git a/vendor/k8s.io/apiserver/pkg/audit/union.go b/vendor/k8s.io/apiserver/pkg/audit/union.go
index 856b5c125d51..6ee441533a74 100644
--- a/vendor/k8s.io/apiserver/pkg/audit/union.go
+++ b/vendor/k8s.io/apiserver/pkg/audit/union.go
@@ -17,6 +17,9 @@ limitations under the License.
 package audit
 
 import (
+	"fmt"
+	"strings"
+
 	"k8s.io/apimachinery/pkg/util/errors"
 	auditinternal "k8s.io/apiserver/pkg/apis/audit"
 )
@@ -55,3 +58,11 @@ func (u union) Shutdown() {
 		backend.Shutdown()
 	}
 }
+
+func (u union) String() string {
+	var backendStrings []string
+	for _, backend := range u.backends {
+		backendStrings = append(backendStrings, fmt.Sprintf("%s", backend))
+	}
+	return fmt.Sprintf("union[%s]", strings.Join(backendStrings, ","))
+}
diff --git a/vendor/k8s.io/apiserver/pkg/authentication/group/BUILD b/vendor/k8s.io/apiserver/pkg/authentication/group/BUILD
index ea84fb9dcd91..e84022f3b4a7 100644
--- a/vendor/k8s.io/apiserver/pkg/authentication/group/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/authentication/group/BUILD
@@ -12,8 +12,7 @@ go_test(
         "group_adder_test.go",
         "token_group_adder_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/authentication/group",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apiserver/pkg/authentication/authenticator:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/authentication/request/anonymous/BUILD b/vendor/k8s.io/apiserver/pkg/authentication/request/anonymous/BUILD
index c20d90c88c84..79738848a9b0 100644
--- a/vendor/k8s.io/apiserver/pkg/authentication/request/anonymous/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/authentication/request/anonymous/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["anonymous_test.go"],
-    importpath = "k8s.io/apiserver/pkg/authentication/request/anonymous",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/authenticator:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/authentication/request/bearertoken/BUILD b/vendor/k8s.io/apiserver/pkg/authentication/request/bearertoken/BUILD
index 93f6ad9e9320..1443815cdfca 100644
--- a/vendor/k8s.io/apiserver/pkg/authentication/request/bearertoken/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/authentication/request/bearertoken/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["bearertoken_test.go"],
-    importpath = "k8s.io/apiserver/pkg/authentication/request/bearertoken",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apiserver/pkg/authentication/authenticator:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/authentication/request/headerrequest/BUILD b/vendor/k8s.io/apiserver/pkg/authentication/request/headerrequest/BUILD
index a37735742f55..a5511a388111 100644
--- a/vendor/k8s.io/apiserver/pkg/authentication/request/headerrequest/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/authentication/request/headerrequest/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["requestheader_test.go"],
-    importpath = "k8s.io/apiserver/pkg/authentication/request/headerrequest",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apiserver/pkg/authentication/request/union/BUILD b/vendor/k8s.io/apiserver/pkg/authentication/request/union/BUILD
index 4b2dcadf2dfc..ec4e17c8979d 100644
--- a/vendor/k8s.io/apiserver/pkg/authentication/request/union/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/authentication/request/union/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["unionauth_test.go"],
-    importpath = "k8s.io/apiserver/pkg/authentication/request/union",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apiserver/pkg/authentication/request/websocket/BUILD b/vendor/k8s.io/apiserver/pkg/authentication/request/websocket/BUILD
index 1ea8e4c5b4c4..f5b500351025 100644
--- a/vendor/k8s.io/apiserver/pkg/authentication/request/websocket/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/authentication/request/websocket/BUILD
@@ -20,8 +20,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["protocol_test.go"],
-    importpath = "k8s.io/apiserver/pkg/authentication/request/websocket",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apiserver/pkg/authentication/authenticator:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/authentication/request/x509/BUILD b/vendor/k8s.io/apiserver/pkg/authentication/request/x509/BUILD
index 2114dc00bd7a..45d1bda2e46f 100644
--- a/vendor/k8s.io/apiserver/pkg/authentication/request/x509/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/authentication/request/x509/BUILD
@@ -15,8 +15,7 @@ go_test(
         "testdata/intermediate.pem",
         "testdata/root.pem",
     ],
-    importpath = "k8s.io/apiserver/pkg/authentication/request/x509",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/authenticator:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/authentication/serviceaccount/BUILD b/vendor/k8s.io/apiserver/pkg/authentication/serviceaccount/BUILD
index db06fbde332a..3a60436e4f4f 100644
--- a/vendor/k8s.io/apiserver/pkg/authentication/serviceaccount/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/authentication/serviceaccount/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["util_test.go"],
-    importpath = "k8s.io/apiserver/pkg/authentication/serviceaccount",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apiserver/pkg/authentication/token/cache/BUILD b/vendor/k8s.io/apiserver/pkg/authentication/token/cache/BUILD
index 59cd4322f72e..e225acccce03 100644
--- a/vendor/k8s.io/apiserver/pkg/authentication/token/cache/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/authentication/token/cache/BUILD
@@ -12,8 +12,7 @@ go_test(
         "cache_test.go",
         "cached_token_authenticator_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/authentication/token/cache",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/pborman/uuid:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/clock:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/authentication/token/tokenfile/BUILD b/vendor/k8s.io/apiserver/pkg/authentication/token/tokenfile/BUILD
index 4d32dd1d31c1..dfa4368889bf 100644
--- a/vendor/k8s.io/apiserver/pkg/authentication/token/tokenfile/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/authentication/token/tokenfile/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["tokenfile_test.go"],
-    importpath = "k8s.io/apiserver/pkg/authentication/token/tokenfile",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apiserver/pkg/authentication/token/union/BUILD b/vendor/k8s.io/apiserver/pkg/authentication/token/union/BUILD
index 0f940c33475c..a8ba31c28a97 100644
--- a/vendor/k8s.io/apiserver/pkg/authentication/token/union/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/authentication/token/union/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["unionauth_test.go"],
-    importpath = "k8s.io/apiserver/pkg/authentication/token/union",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apiserver/pkg/authorization/authorizer/interfaces.go b/vendor/k8s.io/apiserver/pkg/authorization/authorizer/interfaces.go
index 594109096b0f..95ade009e3dc 100644
--- a/vendor/k8s.io/apiserver/pkg/authorization/authorizer/interfaces.go
+++ b/vendor/k8s.io/apiserver/pkg/authorization/authorizer/interfaces.go
@@ -152,7 +152,7 @@ const (
 	DecisionDeny Decision = iota
 	// DecisionAllow means that an authorizer decided to allow the action.
 	DecisionAllow
-	// DecisionNoOpionion means that an authorizer has no opinion on wether
+	// DecisionNoOpionion means that an authorizer has no opinion on whether
 	// to allow or deny an action.
 	DecisionNoOpinion
 )
diff --git a/vendor/k8s.io/apiserver/pkg/authorization/authorizerfactory/BUILD b/vendor/k8s.io/apiserver/pkg/authorization/authorizerfactory/BUILD
index 7fff4c90a325..d40a88c5a19d 100644
--- a/vendor/k8s.io/apiserver/pkg/authorization/authorizerfactory/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/authorization/authorizerfactory/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["builtin_test.go"],
-    importpath = "k8s.io/apiserver/pkg/authorization/authorizerfactory",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authorization/authorizer:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/authorization/union/BUILD b/vendor/k8s.io/apiserver/pkg/authorization/union/BUILD
index 0614f330cc5d..103f9790b1d1 100644
--- a/vendor/k8s.io/apiserver/pkg/authorization/union/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/authorization/union/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["union_test.go"],
-    importpath = "k8s.io/apiserver/pkg/authorization/union",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authorization/authorizer:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/authorization/union/union.go b/vendor/k8s.io/apiserver/pkg/authorization/union/union.go
index 3246e4c0759e..15753789cede 100644
--- a/vendor/k8s.io/apiserver/pkg/authorization/union/union.go
+++ b/vendor/k8s.io/apiserver/pkg/authorization/union/union.go
@@ -20,7 +20,7 @@ limitations under the License.
 // subauthorizer returns a NoOpinion, then the union authorizer moves onto the
 // next authorizer or, if the subauthorizer was the last authorizer, returns
 // NoOpinion as the aggregate decision. I.e. union authorizer creates an
-// aggregate decision and supports short-circut allows and denies from
+// aggregate decision and supports short-circuit allows and denies from
 // subauthorizers.
 package union
 
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/BUILD b/vendor/k8s.io/apiserver/pkg/endpoints/BUILD
index f73d619255a1..dd08b1e09e1e 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/BUILD
@@ -12,11 +12,9 @@ go_test(
         "apiserver_test.go",
         "audit_test.go",
         "installer_test.go",
-        "proxy_test.go",
         "watch_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/endpoints",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/emicklei/go-restful:go_default_library",
         "//vendor/golang.org/x/net/websocket:go_default_library",
@@ -27,7 +25,7 @@ go_test(
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/fields:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
@@ -36,7 +34,6 @@ go_test(
         "//vendor/k8s.io/apimachinery/pkg/runtime/serializer/streaming:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/diff:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
@@ -60,7 +57,6 @@ go_test(
 go_library(
     name = "go_default_library",
     srcs = [
-        "apiserver.go",
         "doc.go",
         "groupversion.go",
         "installer.go",
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/discovery/BUILD b/vendor/k8s.io/apiserver/pkg/endpoints/discovery/BUILD
index 008dcff56797..cf2da3c32315 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/discovery/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/discovery/BUILD
@@ -12,8 +12,7 @@ go_test(
         "addresses_test.go",
         "root_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/endpoints/discovery",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apimachinery/announced:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/filters/BUILD b/vendor/k8s.io/apiserver/pkg/endpoints/filters/BUILD
index 664756aba156..98dbb32b7459 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/filters/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/filters/BUILD
@@ -17,8 +17,7 @@ go_test(
         "legacy_audit_test.go",
         "requestinfo_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/endpoints/filters",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/pborman/uuid:go_default_library",
         "//vendor/k8s.io/api/authentication/v1:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/filters/audit.go b/vendor/k8s.io/apiserver/pkg/endpoints/filters/audit.go
index 01fc957c1ce5..6b72bfb32fc0 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/filters/audit.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/filters/audit.go
@@ -239,7 +239,7 @@ func (f *fancyResponseWriterDelegator) Hijack() (net.Conn, *bufio.ReadWriter, er
 	// fake a response status before protocol switch happens
 	f.processCode(http.StatusSwitchingProtocols)
 
-	// This will be ignored if WriteHeader() function has aready been called.
+	// This will be ignored if WriteHeader() function has already been called.
 	// It's not guaranteed Audit-ID http header is sent for all requests.
 	// For example, when user run "kubectl exec", apiserver uses a proxy handler
 	// to deal with the request, users can only get http headers returned by kubelet node.
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/filters/authentication.go b/vendor/k8s.io/apiserver/pkg/endpoints/filters/authentication.go
index a53db72137de..d07bab317a17 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/filters/authentication.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/filters/authentication.go
@@ -29,7 +29,6 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apiserver/pkg/authentication/authenticator"
 	"k8s.io/apiserver/pkg/endpoints/handlers/responsewriters"
-	"k8s.io/apiserver/pkg/endpoints/request"
 	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
 )
 
@@ -82,7 +81,7 @@ func WithAuthentication(handler http.Handler, mapper genericapirequest.RequestCo
 	)
 }
 
-func Unauthorized(requestContextMapper request.RequestContextMapper, s runtime.NegotiatedSerializer, supportsBasicAuth bool) http.Handler {
+func Unauthorized(requestContextMapper genericapirequest.RequestContextMapper, s runtime.NegotiatedSerializer, supportsBasicAuth bool) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
 		if supportsBasicAuth {
 			w.Header().Set("WWW-Authenticate", `Basic realm="kubernetes-master"`)
@@ -92,7 +91,7 @@ func Unauthorized(requestContextMapper request.RequestContextMapper, s runtime.N
 			responsewriters.InternalError(w, req, errors.New("no context found for request"))
 			return
 		}
-		requestInfo, found := request.RequestInfoFrom(ctx)
+		requestInfo, found := genericapirequest.RequestInfoFrom(ctx)
 		if !found {
 			responsewriters.InternalError(w, req, errors.New("no RequestInfo found in the context"))
 			return
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/filters/authorization.go b/vendor/k8s.io/apiserver/pkg/endpoints/filters/authorization.go
index f60756b6fd14..b4610dfcea68 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/filters/authorization.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/filters/authorization.go
@@ -47,6 +47,7 @@ func WithAuthorization(handler http.Handler, requestContextMapper request.Reques
 			return
 		}
 		authorized, reason, err := a.Authorize(attributes)
+		// an authorizer like RBAC could encounter evaluation errors and still allow the request, so authorizer decision is checked before error here.
 		if authorized == authorizer.DecisionAllow {
 			handler.ServeHTTP(w, req)
 			return
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/BUILD b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/BUILD
index 7e2cdcc1b197..bb30cf273269 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/BUILD
@@ -12,8 +12,7 @@ go_test(
         "namer_test.go",
         "rest_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/endpoints/handlers",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/evanphx/json-patch:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
@@ -32,6 +31,7 @@ go_test(
         "//vendor/k8s.io/apiserver/pkg/apis/example/v1:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/rest:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/trace:go_default_library",
     ],
 )
 
@@ -44,7 +44,6 @@ go_library(
         "get.go",
         "namer.go",
         "patch.go",
-        "proxy.go",
         "response.go",
         "rest.go",
         "update.go",
@@ -59,18 +58,16 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/api/meta:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/fields:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/serializer/streaming:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/httpstream:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/json:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/mergepatch:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/proxy:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/strategicpatch:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/create.go b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/create.go
index dc3560623ea9..1d474267dfd9 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/create.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/create.go
@@ -61,7 +61,7 @@ func createHandler(r rest.NamedCreater, scope RequestScope, typer runtime.Object
 		ctx = request.WithNamespace(ctx, namespace)
 
 		gv := scope.Kind.GroupVersion()
-		s, err := negotiation.NegotiateInputSerializer(req, scope.Serializer)
+		s, err := negotiation.NegotiateInputSerializer(req, false, scope.Serializer)
 		if err != nil {
 			scope.err(err, w, req)
 			return
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/delete.go b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/delete.go
index 0bc5a659b55e..b8ac281fa763 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/delete.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/delete.go
@@ -60,7 +60,7 @@ func DeleteResource(r rest.GracefulDeleter, allowsOptions bool, scope RequestSco
 				return
 			}
 			if len(body) > 0 {
-				s, err := negotiation.NegotiateInputSerializer(req, metainternalversion.Codecs)
+				s, err := negotiation.NegotiateInputSerializer(req, false, metainternalversion.Codecs)
 				if err != nil {
 					scope.err(err, w, req)
 					return
@@ -228,7 +228,7 @@ func DeleteCollection(r rest.CollectionDeleter, checkBody bool, scope RequestSco
 				return
 			}
 			if len(body) > 0 {
-				s, err := negotiation.NegotiateInputSerializer(req, scope.Serializer)
+				s, err := negotiation.NegotiateInputSerializer(req, false, scope.Serializer)
 				if err != nil {
 					scope.err(err, w, req)
 					return
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/BUILD b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/BUILD
index c0ceb323d8d8..828e556d5cea 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["negotiate_test.go"],
-    importpath = "k8s.io/apiserver/pkg/endpoints/handlers/negotiation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/doc.go b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/doc.go
index 85b6e95b190e..1490b28fe8ef 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/doc.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/doc.go
@@ -14,5 +14,5 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// Package negotation contains media type negotiation logic.
+// Package negotiation contains media type negotiation logic.
 package negotiation
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/errors.go b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/errors.go
index 07bc8e280f47..93b17cfb097f 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/errors.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/errors.go
@@ -41,7 +41,7 @@ func (e errNotAcceptable) Status() metav1.Status {
 	return metav1.Status{
 		Status:  metav1.StatusFailure,
 		Code:    http.StatusNotAcceptable,
-		Reason:  metav1.StatusReason("NotAcceptable"),
+		Reason:  metav1.StatusReasonNotAcceptable,
 		Message: e.Error(),
 	}
 }
@@ -63,7 +63,7 @@ func (e errUnsupportedMediaType) Status() metav1.Status {
 	return metav1.Status{
 		Status:  metav1.StatusFailure,
 		Code:    http.StatusUnsupportedMediaType,
-		Reason:  metav1.StatusReason("UnsupportedMediaType"),
+		Reason:  metav1.StatusReasonUnsupportedMediaType,
 		Message: e.Error(),
 	}
 }
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/negotiate.go b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/negotiate.go
index 7f4225a5b93f..f9bb47babca9 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/negotiate.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/negotiation/negotiate.go
@@ -73,31 +73,30 @@ func NegotiateOutputStreamSerializer(req *http.Request, ns runtime.NegotiatedSer
 }
 
 // NegotiateInputSerializer returns the input serializer for the provided request.
-func NegotiateInputSerializer(req *http.Request, ns runtime.NegotiatedSerializer) (runtime.SerializerInfo, error) {
+func NegotiateInputSerializer(req *http.Request, streaming bool, ns runtime.NegotiatedSerializer) (runtime.SerializerInfo, error) {
 	mediaType := req.Header.Get("Content-Type")
-	return NegotiateInputSerializerForMediaType(mediaType, ns)
+	return NegotiateInputSerializerForMediaType(mediaType, streaming, ns)
 }
 
 // NegotiateInputSerializerForMediaType returns the appropriate serializer for the given media type or an error.
-func NegotiateInputSerializerForMediaType(mediaType string, ns runtime.NegotiatedSerializer) (runtime.SerializerInfo, error) {
+func NegotiateInputSerializerForMediaType(mediaType string, streaming bool, ns runtime.NegotiatedSerializer) (runtime.SerializerInfo, error) {
 	mediaTypes := ns.SupportedMediaTypes()
 	if len(mediaType) == 0 {
 		mediaType = mediaTypes[0].MediaType
 	}
-	mediaType, _, err := mime.ParseMediaType(mediaType)
-	if err != nil {
-		_, supported := MediaTypesForSerializer(ns)
-		return runtime.SerializerInfo{}, NewUnsupportedMediaTypeError(supported)
-	}
-
-	for _, info := range mediaTypes {
-		if info.MediaType != mediaType {
-			continue
+	if mediaType, _, err := mime.ParseMediaType(mediaType); err == nil {
+		for _, info := range mediaTypes {
+			if info.MediaType != mediaType {
+				continue
+			}
+			return info, nil
 		}
-		return info, nil
 	}
 
-	_, supported := MediaTypesForSerializer(ns)
+	supported, streamingSupported := MediaTypesForSerializer(ns)
+	if streaming {
+		return runtime.SerializerInfo{}, NewUnsupportedMediaTypeError(streamingSupported)
+	}
 	return runtime.SerializerInfo{}, NewUnsupportedMediaTypeError(supported)
 }
 
@@ -113,39 +112,13 @@ func isPrettyPrint(req *http.Request) bool {
 		}
 	}
 	userAgent := req.UserAgent()
-	// This covers basic all browers and cli http tools
+	// This covers basic all browsers and cli http tools
 	if strings.HasPrefix(userAgent, "curl") || strings.HasPrefix(userAgent, "Wget") || strings.HasPrefix(userAgent, "Mozilla/5.0") {
 		return true
 	}
 	return false
 }
 
-// negotiate the most appropriate content type given the accept header and a list of
-// alternatives.
-func negotiate(header string, alternatives []string) (goautoneg.Accept, bool) {
-	alternates := make([][]string, 0, len(alternatives))
-	for _, alternate := range alternatives {
-		alternates = append(alternates, strings.SplitN(alternate, "/", 2))
-	}
-	for _, clause := range goautoneg.ParseAccept(header) {
-		for _, alternate := range alternates {
-			if clause.Type == alternate[0] && clause.SubType == alternate[1] {
-				return clause, true
-			}
-			if clause.Type == alternate[0] && clause.SubType == "*" {
-				clause.SubType = alternate[1]
-				return clause, true
-			}
-			if clause.Type == "*" && clause.SubType == "*" {
-				clause.Type = alternate[0]
-				clause.SubType = alternate[1]
-				return clause, true
-			}
-		}
-	}
-	return goautoneg.Accept{}, false
-}
-
 // EndpointRestrictions is an interface that allows content-type negotiation
 // to verify server support for specific options
 type EndpointRestrictions interface {
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/patch.go b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/patch.go
index 1ac736d09dda..00bebdd2d568 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/patch.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/patch.go
@@ -32,17 +32,39 @@ import (
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/json"
 	"k8s.io/apimachinery/pkg/util/mergepatch"
+	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/apimachinery/pkg/util/strategicpatch"
 	"k8s.io/apiserver/pkg/admission"
 	"k8s.io/apiserver/pkg/audit"
+	"k8s.io/apiserver/pkg/endpoints/handlers/negotiation"
 	"k8s.io/apiserver/pkg/endpoints/request"
 	"k8s.io/apiserver/pkg/registry/rest"
+	utiltrace "k8s.io/apiserver/pkg/util/trace"
 )
 
 // PatchResource returns a function that will handle a resource patch
 // TODO: Eventually PatchResource should just use GuaranteedUpdate and this routine should be a bit cleaner
-func PatchResource(r rest.Patcher, scope RequestScope, admit admission.Interface, converter runtime.ObjectConvertor) http.HandlerFunc {
+func PatchResource(r rest.Patcher, scope RequestScope, admit admission.Interface, converter runtime.ObjectConvertor, patchTypes []string) http.HandlerFunc {
 	return func(w http.ResponseWriter, req *http.Request) {
+		// For performance tracking purposes.
+		trace := utiltrace.New("Patch " + req.URL.Path)
+		defer trace.LogIfLong(500 * time.Millisecond)
+
+		// Do this first, otherwise name extraction can fail for unrecognized content types
+		// TODO: handle this in negotiation
+		contentType := req.Header.Get("Content-Type")
+		// Remove "; charset=" if included in header.
+		if idx := strings.Index(contentType, ";"); idx > 0 {
+			contentType = contentType[:idx]
+		}
+		patchType := types.PatchType(contentType)
+
+		// Ensure the patchType is one we support
+		if !sets.NewString(patchTypes...).Has(contentType) {
+			scope.err(negotiation.NewUnsupportedMediaTypeError(patchTypes), w, req)
+			return
+		}
+
 		// TODO: we either want to remove timeout or document it (if we
 		// document, move timeout out of this function and declare it in
 		// api_installer)
@@ -63,14 +85,6 @@ func PatchResource(r rest.Patcher, scope RequestScope, admit admission.Interface
 			return
 		}
 
-		// TODO: handle this in negotiation
-		contentType := req.Header.Get("Content-Type")
-		// Remove "; charset=" if included in header.
-		if idx := strings.Index(contentType, ";"); idx > 0 {
-			contentType = contentType[:idx]
-		}
-		patchType := types.PatchType(contentType)
-
 		patchJS, err := readBody(req)
 		if err != nil {
 			scope.err(err, w, req)
@@ -79,6 +93,7 @@ func PatchResource(r rest.Patcher, scope RequestScope, admit admission.Interface
 
 		ae := request.AuditEventFrom(ctx)
 		audit.LogRequestPatch(ae, patchJS)
+		trace.Step("Recorded the audit event")
 
 		s, ok := runtime.SerializerInfoForMediaType(scope.Serializer.SupportedMediaTypes(), runtime.ContentTypeJSON)
 		if !ok {
@@ -110,11 +125,12 @@ func PatchResource(r rest.Patcher, scope RequestScope, admit admission.Interface
 			name,
 			patchType,
 			patchJS,
-			scope.Namer, scope.Creater, scope.Defaulter, scope.UnsafeConvertor, scope.Kind, scope.Resource, codec)
+			scope.Namer, scope.Creater, scope.Defaulter, scope.UnsafeConvertor, scope.Kind, scope.Resource, codec, trace)
 		if err != nil {
 			scope.err(err, w, req)
 			return
 		}
+		trace.Step("Object stored in database")
 
 		requestInfo, ok := request.RequestInfoFrom(ctx)
 		if !ok {
@@ -125,6 +141,7 @@ func PatchResource(r rest.Patcher, scope RequestScope, admit admission.Interface
 			scope.err(err, w, req)
 			return
 		}
+		trace.Step("Self-link added")
 
 		transformResponseObject(ctx, scope, req, w, http.StatusOK, result)
 	}
@@ -151,6 +168,7 @@ func patchResource(
 	kind schema.GroupVersionKind,
 	resource schema.GroupVersionResource,
 	codec runtime.Codec,
+	trace *utiltrace.Trace,
 ) (runtime.Object, error) {
 
 	namespace := request.NamespaceValue(ctx)
@@ -168,6 +186,7 @@ func patchResource(
 	// and is given the currently persisted object as input.
 	applyPatch := func(_ request.Context, _, currentObject runtime.Object) (runtime.Object, error) {
 		// Make sure we actually have a persisted currentObject
+		trace.Step("About to apply patch")
 		if hasUID, err := hasUID(currentObject); err != nil {
 			return nil, err
 		} else if !hasUID {
@@ -351,6 +370,7 @@ func patchResource(
 	// applyAdmission is called every time GuaranteedUpdate asks for the updated object,
 	// and is given the currently persisted object and the patched object as input.
 	applyAdmission := func(ctx request.Context, patchedObject runtime.Object, currentObject runtime.Object) (runtime.Object, error) {
+		trace.Step("About to check admission control")
 		return patchedObject, updateMutation(patchedObject, currentObject)
 	}
 	updatedObjectInfo := rest.DefaultUpdatedObjectInfo(nil, applyPatch, applyAdmission)
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/proxy.go b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/proxy.go
deleted file mode 100644
index 3e8c917a7589..000000000000
--- a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/proxy.go
+++ /dev/null
@@ -1,285 +0,0 @@
-/*
-Copyright 2014 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package handlers
-
-import (
-	"context"
-	"errors"
-	"io"
-	"math/rand"
-	"net/http"
-	"net/http/httputil"
-	"net/url"
-	"path"
-	"strings"
-	"time"
-
-	apierrors "k8s.io/apimachinery/pkg/api/errors"
-	"k8s.io/apimachinery/pkg/runtime"
-	"k8s.io/apimachinery/pkg/runtime/schema"
-	"k8s.io/apimachinery/pkg/util/httpstream"
-	"k8s.io/apimachinery/pkg/util/net"
-	proxyutil "k8s.io/apimachinery/pkg/util/proxy"
-	"k8s.io/apiserver/pkg/endpoints/handlers/responsewriters"
-	"k8s.io/apiserver/pkg/endpoints/metrics"
-	"k8s.io/apiserver/pkg/endpoints/request"
-	"k8s.io/apiserver/pkg/registry/rest"
-	"k8s.io/apiserver/pkg/server/httplog"
-
-	"github.com/golang/glog"
-)
-
-// ProxyHandler provides a http.Handler which will proxy traffic to locations
-// specified by items implementing Redirector.
-type ProxyHandler struct {
-	Prefix     string
-	Storage    map[string]rest.Storage
-	Serializer runtime.NegotiatedSerializer
-	Mapper     request.RequestContextMapper
-}
-
-func (r *ProxyHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
-	reqStart := time.Now()
-
-	var httpCode int
-	var requestInfo *request.RequestInfo
-	defer func() {
-		responseLength := 0
-		if rw, ok := w.(*metrics.ResponseWriterDelegator); ok {
-			responseLength = rw.ContentLength()
-			if httpCode == 0 {
-				httpCode = rw.Status()
-			}
-		}
-		metrics.Record(req, requestInfo, w.Header().Get("Content-Type"), httpCode, responseLength, time.Now().Sub(reqStart))
-	}()
-
-	ctx, ok := r.Mapper.Get(req)
-	if !ok {
-		responsewriters.InternalError(w, req, errors.New("Error getting request context"))
-		httpCode = http.StatusInternalServerError
-		return
-	}
-
-	requestInfo, ok = request.RequestInfoFrom(ctx)
-	if !ok {
-		responsewriters.InternalError(w, req, errors.New("Error getting RequestInfo from context"))
-		httpCode = http.StatusInternalServerError
-		return
-	}
-
-	metrics.RecordLongRunning(req, requestInfo, func() {
-		httpCode = r.serveHTTP(w, req, ctx, requestInfo)
-	})
-}
-
-// serveHTTP performs proxy handling and returns the status code of the operation.
-func (r *ProxyHandler) serveHTTP(w http.ResponseWriter, req *http.Request, ctx request.Context, requestInfo *request.RequestInfo) int {
-	proxyHandlerTraceID := rand.Int63()
-
-	if !requestInfo.IsResourceRequest {
-		responsewriters.NotFound(w, req)
-		return http.StatusNotFound
-	}
-	namespace, resource, parts := requestInfo.Namespace, requestInfo.Resource, requestInfo.Parts
-
-	ctx = request.WithNamespace(ctx, namespace)
-	if len(parts) < 2 {
-		responsewriters.NotFound(w, req)
-		return http.StatusNotFound
-	}
-	id := parts[1]
-	remainder := ""
-	if len(parts) > 2 {
-		proxyParts := parts[2:]
-		remainder = strings.Join(proxyParts, "/")
-		if strings.HasSuffix(req.URL.Path, "/") {
-			// The original path had a trailing slash, which has been stripped
-			// by KindAndNamespace(). We should add it back because some
-			// servers (like etcd) require it.
-			remainder = remainder + "/"
-		}
-	}
-	storage, ok := r.Storage[resource]
-	if !ok {
-		httplog.LogOf(req, w).Addf("'%v' has no storage object", resource)
-		responsewriters.NotFound(w, req)
-		return http.StatusNotFound
-	}
-
-	gv := schema.GroupVersion{Group: requestInfo.APIGroup, Version: requestInfo.APIVersion}
-
-	redirector, ok := storage.(rest.Redirector)
-	if !ok {
-		httplog.LogOf(req, w).Addf("'%v' is not a redirector", resource)
-		return responsewriters.ErrorNegotiated(ctx, apierrors.NewMethodNotSupported(schema.GroupResource{Resource: resource}, "proxy"), r.Serializer, gv, w, req)
-	}
-
-	location, roundTripper, err := redirector.ResourceLocation(ctx, id)
-	if err != nil {
-		httplog.LogOf(req, w).Addf("Error getting ResourceLocation: %v", err)
-		return responsewriters.ErrorNegotiated(ctx, err, r.Serializer, gv, w, req)
-	}
-	if location == nil {
-		httplog.LogOf(req, w).Addf("ResourceLocation for %v returned nil", id)
-		responsewriters.NotFound(w, req)
-		return http.StatusNotFound
-	}
-
-	if roundTripper != nil {
-		glog.V(5).Infof("[%x: %v] using transport %T...", proxyHandlerTraceID, req.URL, roundTripper)
-	}
-
-	// Default to http
-	if location.Scheme == "" {
-		location.Scheme = "http"
-	}
-	// Add the subpath
-	if len(remainder) > 0 {
-		location.Path = singleJoiningSlash(location.Path, remainder)
-	}
-	// Start with anything returned from the storage, and add the original request's parameters
-	values := location.Query()
-	for k, vs := range req.URL.Query() {
-		for _, v := range vs {
-			values.Add(k, v)
-		}
-	}
-	location.RawQuery = values.Encode()
-
-	// WithContext creates a shallow clone of the request with the new context.
-	newReq := req.WithContext(context.Background())
-	newReq.Header = net.CloneHeader(req.Header)
-	newReq.URL = location
-
-	// TODO convert this entire proxy to an UpgradeAwareProxy similar to
-	// https://github.com/openshift/origin/blob/master/pkg/util/httpproxy/upgradeawareproxy.go.
-	// That proxy needs to be modified to support multiple backends, not just 1.
-	if r.tryUpgrade(ctx, w, req, newReq, location, roundTripper, gv) {
-		return http.StatusSwitchingProtocols
-	}
-
-	// Redirect requests of the form "/{resource}/{name}" to "/{resource}/{name}/"
-	// This is essentially a hack for http://issue.k8s.io/4958.
-	// Note: Keep this code after tryUpgrade to not break that flow.
-	if len(parts) == 2 && !strings.HasSuffix(req.URL.Path, "/") {
-		var queryPart string
-		if len(req.URL.RawQuery) > 0 {
-			queryPart = "?" + req.URL.RawQuery
-		}
-		w.Header().Set("Location", req.URL.Path+"/"+queryPart)
-		w.WriteHeader(http.StatusMovedPermanently)
-		return http.StatusMovedPermanently
-	}
-
-	start := time.Now()
-	glog.V(4).Infof("[%x] Beginning proxy %s...", proxyHandlerTraceID, req.URL)
-	defer func() {
-		glog.V(4).Infof("[%x] Proxy %v finished %v.", proxyHandlerTraceID, req.URL, time.Now().Sub(start))
-	}()
-
-	proxy := httputil.NewSingleHostReverseProxy(&url.URL{Scheme: location.Scheme, Host: location.Host})
-	alreadyRewriting := false
-	if roundTripper != nil {
-		_, alreadyRewriting = roundTripper.(*proxyutil.Transport)
-		glog.V(5).Infof("[%x] Not making a rewriting transport for proxy %s...", proxyHandlerTraceID, req.URL)
-	}
-	if !alreadyRewriting {
-		glog.V(5).Infof("[%x] making a transport for proxy %s...", proxyHandlerTraceID, req.URL)
-		prepend := path.Join(r.Prefix, resource, id)
-		if len(namespace) > 0 {
-			prepend = path.Join(r.Prefix, "namespaces", namespace, resource, id)
-		}
-		pTransport := &proxyutil.Transport{
-			Scheme:       req.URL.Scheme,
-			Host:         req.URL.Host,
-			PathPrepend:  prepend,
-			RoundTripper: roundTripper,
-		}
-		roundTripper = pTransport
-	}
-	proxy.Transport = roundTripper
-	proxy.FlushInterval = 200 * time.Millisecond
-	proxy.ServeHTTP(w, newReq)
-	return 0
-}
-
-// tryUpgrade returns true if the request was handled.
-func (r *ProxyHandler) tryUpgrade(ctx request.Context, w http.ResponseWriter, req, newReq *http.Request, location *url.URL, transport http.RoundTripper, gv schema.GroupVersion) bool {
-	if !httpstream.IsUpgradeRequest(req) {
-		return false
-	}
-	// Only append X-Forwarded-For in the upgrade path, since httputil.NewSingleHostReverseProxy
-	// handles this in the non-upgrade path.
-	net.AppendForwardedForHeader(newReq)
-
-	backendConn, err := proxyutil.DialURL(location, transport)
-	if err != nil {
-		responsewriters.ErrorNegotiated(ctx, err, r.Serializer, gv, w, req)
-		return true
-	}
-	defer backendConn.Close()
-
-	// TODO should we use _ (a bufio.ReadWriter) instead of requestHijackedConn
-	// when copying between the client and the backend? Docker doesn't when they
-	// hijack, just for reference...
-	requestHijackedConn, _, err := w.(http.Hijacker).Hijack()
-	if err != nil {
-		responsewriters.ErrorNegotiated(ctx, err, r.Serializer, gv, w, req)
-		return true
-	}
-	defer requestHijackedConn.Close()
-
-	if err = newReq.Write(backendConn); err != nil {
-		responsewriters.ErrorNegotiated(ctx, err, r.Serializer, gv, w, req)
-		return true
-	}
-
-	done := make(chan struct{}, 2)
-
-	go func() {
-		_, err := io.Copy(backendConn, requestHijackedConn)
-		if err != nil && !strings.Contains(err.Error(), "use of closed network connection") {
-			glog.Errorf("Error proxying data from client to backend: %v", err)
-		}
-		done <- struct{}{}
-	}()
-
-	go func() {
-		_, err := io.Copy(requestHijackedConn, backendConn)
-		if err != nil && !strings.Contains(err.Error(), "use of closed network connection") {
-			glog.Errorf("Error proxying data from backend to client: %v", err)
-		}
-		done <- struct{}{}
-	}()
-
-	<-done
-	return true
-}
-
-// borrowed from net/http/httputil/reverseproxy.go
-func singleJoiningSlash(a, b string) string {
-	aslash := strings.HasSuffix(a, "/")
-	bslash := strings.HasPrefix(b, "/")
-	switch {
-	case aslash && bslash:
-		return a + b[1:]
-	case !aslash && !bslash:
-		return a + "/" + b
-	}
-	return a + b
-}
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/response.go b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/response.go
index 1aec3ba2d2c0..508b0aeded60 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/response.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/response.go
@@ -24,7 +24,7 @@ import (
 	"k8s.io/apimachinery/pkg/api/meta"
 	metainternalversion "k8s.io/apimachinery/pkg/apis/meta/internalversion"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	metav1alpha1 "k8s.io/apimachinery/pkg/apis/meta/v1alpha1"
+	metav1beta1 "k8s.io/apimachinery/pkg/apis/meta/v1beta1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apiserver/pkg/endpoints/handlers/negotiation"
 	"k8s.io/apiserver/pkg/endpoints/handlers/responsewriters"
@@ -46,7 +46,7 @@ func transformResponseObject(ctx request.Context, scope RequestScope, req *http.
 	if target := mediaType.Convert; target != nil {
 		switch {
 
-		case target.Kind == "PartialObjectMetadata" && target.GroupVersion() == metav1alpha1.SchemeGroupVersion:
+		case target.Kind == "PartialObjectMetadata" && target.GroupVersion() == metav1beta1.SchemeGroupVersion:
 			if meta.IsListType(result) {
 				// TODO: this should be calculated earlier
 				err = newNotAcceptableError(fmt.Sprintf("you requested PartialObjectMetadata, but the requested object is a list (%T)", result))
@@ -59,7 +59,7 @@ func transformResponseObject(ctx request.Context, scope RequestScope, req *http.
 				return
 			}
 			partial := meta.AsPartialObjectMetadata(m)
-			partial.GetObjectKind().SetGroupVersionKind(metav1alpha1.SchemeGroupVersion.WithKind("PartialObjectMetadata"))
+			partial.GetObjectKind().SetGroupVersionKind(metav1beta1.SchemeGroupVersion.WithKind("PartialObjectMetadata"))
 
 			// renegotiate under the internal version
 			_, info, err := negotiation.NegotiateOutputMediaType(req, metainternalversion.Codecs, &scope)
@@ -67,25 +67,25 @@ func transformResponseObject(ctx request.Context, scope RequestScope, req *http.
 				scope.err(err, w, req)
 				return
 			}
-			encoder := metainternalversion.Codecs.EncoderForVersion(info.Serializer, metav1alpha1.SchemeGroupVersion)
+			encoder := metainternalversion.Codecs.EncoderForVersion(info.Serializer, metav1beta1.SchemeGroupVersion)
 			responsewriters.SerializeObject(info.MediaType, encoder, w, req, statusCode, partial)
 			return
 
-		case target.Kind == "PartialObjectMetadataList" && target.GroupVersion() == metav1alpha1.SchemeGroupVersion:
+		case target.Kind == "PartialObjectMetadataList" && target.GroupVersion() == metav1beta1.SchemeGroupVersion:
 			if !meta.IsListType(result) {
 				// TODO: this should be calculated earlier
 				err = newNotAcceptableError(fmt.Sprintf("you requested PartialObjectMetadataList, but the requested object is not a list (%T)", result))
 				scope.err(err, w, req)
 				return
 			}
-			list := &metav1alpha1.PartialObjectMetadataList{}
+			list := &metav1beta1.PartialObjectMetadataList{}
 			err := meta.EachListItem(result, func(obj runtime.Object) error {
 				m, err := meta.Accessor(obj)
 				if err != nil {
 					return err
 				}
 				partial := meta.AsPartialObjectMetadata(m)
-				partial.GetObjectKind().SetGroupVersionKind(metav1alpha1.SchemeGroupVersion.WithKind("PartialObjectMetadata"))
+				partial.GetObjectKind().SetGroupVersionKind(metav1beta1.SchemeGroupVersion.WithKind("PartialObjectMetadata"))
 				list.Items = append(list.Items, partial)
 				return nil
 			})
@@ -100,16 +100,16 @@ func transformResponseObject(ctx request.Context, scope RequestScope, req *http.
 				scope.err(err, w, req)
 				return
 			}
-			encoder := metainternalversion.Codecs.EncoderForVersion(info.Serializer, metav1alpha1.SchemeGroupVersion)
+			encoder := metainternalversion.Codecs.EncoderForVersion(info.Serializer, metav1beta1.SchemeGroupVersion)
 			responsewriters.SerializeObject(info.MediaType, encoder, w, req, statusCode, list)
 			return
 
-		case target.Kind == "Table" && target.GroupVersion() == metav1alpha1.SchemeGroupVersion:
+		case target.Kind == "Table" && target.GroupVersion() == metav1beta1.SchemeGroupVersion:
 			// TODO: relax the version abstraction
 			// TODO: skip if this is a status response (delete without body)?
 
-			opts := &metav1alpha1.TableOptions{}
-			if err := metav1alpha1.ParameterCodec.DecodeParameters(req.URL.Query(), metav1alpha1.SchemeGroupVersion, opts); err != nil {
+			opts := &metav1beta1.TableOptions{}
+			if err := metav1beta1.ParameterCodec.DecodeParameters(req.URL.Query(), metav1beta1.SchemeGroupVersion, opts); err != nil {
 				scope.err(err, w, req)
 				return
 			}
@@ -123,14 +123,14 @@ func transformResponseObject(ctx request.Context, scope RequestScope, req *http.
 			for i := range table.Rows {
 				item := &table.Rows[i]
 				switch opts.IncludeObject {
-				case metav1alpha1.IncludeObject:
+				case metav1beta1.IncludeObject:
 					item.Object.Object, err = scope.Convertor.ConvertToVersion(item.Object.Object, scope.Kind.GroupVersion())
 					if err != nil {
 						scope.err(err, w, req)
 						return
 					}
 				// TODO: rely on defaulting for the value here?
-				case metav1alpha1.IncludeMetadata, "":
+				case metav1beta1.IncludeMetadata, "":
 					m, err := meta.Accessor(item.Object.Object)
 					if err != nil {
 						scope.err(err, w, req)
@@ -138,9 +138,9 @@ func transformResponseObject(ctx request.Context, scope RequestScope, req *http.
 					}
 					// TODO: turn this into an internal type and do conversion in order to get object kind automatically set?
 					partial := meta.AsPartialObjectMetadata(m)
-					partial.GetObjectKind().SetGroupVersionKind(metav1alpha1.SchemeGroupVersion.WithKind("PartialObjectMetadata"))
+					partial.GetObjectKind().SetGroupVersionKind(metav1beta1.SchemeGroupVersion.WithKind("PartialObjectMetadata"))
 					item.Object.Object = partial
-				case metav1alpha1.IncludeNone:
+				case metav1beta1.IncludeNone:
 					item.Object.Object = nil
 				default:
 					// TODO: move this to validation on the table options?
@@ -155,7 +155,7 @@ func transformResponseObject(ctx request.Context, scope RequestScope, req *http.
 				scope.err(err, w, req)
 				return
 			}
-			encoder := metainternalversion.Codecs.EncoderForVersion(info.Serializer, metav1alpha1.SchemeGroupVersion)
+			encoder := metainternalversion.Codecs.EncoderForVersion(info.Serializer, metav1beta1.SchemeGroupVersion)
 			responsewriters.SerializeObject(info.MediaType, encoder, w, req, statusCode, table)
 			return
 
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/responsewriters/BUILD b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/responsewriters/BUILD
index 31963fd3b6d1..a8505eb93f3a 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/responsewriters/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/responsewriters/BUILD
@@ -12,8 +12,7 @@ go_test(
         "errors_test.go",
         "status_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/endpoints/handlers/responsewriters",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/rest.go b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/rest.go
index 768005daa237..63135aaa86de 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/rest.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/rest.go
@@ -28,7 +28,7 @@ import (
 	"k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	metav1alpha1 "k8s.io/apimachinery/pkg/apis/meta/v1alpha1"
+	metav1beta1 "k8s.io/apimachinery/pkg/apis/meta/v1beta1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
@@ -69,7 +69,7 @@ func (scope *RequestScope) err(err error, w http.ResponseWriter, req *http.Reque
 
 func (scope *RequestScope) AllowsConversion(gvk schema.GroupVersionKind) bool {
 	// TODO: this is temporary, replace with an abstraction calculated at endpoint installation time
-	if gvk.GroupVersion() == metav1alpha1.SchemeGroupVersion {
+	if gvk.GroupVersion() == metav1beta1.SchemeGroupVersion {
 		switch gvk.Kind {
 		case "Table":
 			return scope.TableConvertor != nil
@@ -110,7 +110,7 @@ func ConnectResource(connecter rest.Connecter, scope RequestScope, admit admissi
 			scope.err(err, w, req)
 			return
 		}
-		if admit.Handles(admission.Connect) {
+		if admit != nil && admit.Handles(admission.Connect) {
 			connectRequest := &rest.ConnectRequest{
 				Name:         name,
 				Options:      opts,
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/update.go b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/update.go
index 319bfd51b7cb..0eac36660a4c 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/update.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/update.go
@@ -56,7 +56,7 @@ func UpdateResource(r rest.Updater, scope RequestScope, typer runtime.ObjectType
 			return
 		}
 
-		s, err := negotiation.NegotiateInputSerializer(req, scope.Serializer)
+		s, err := negotiation.NegotiateInputSerializer(req, false, scope.Serializer)
 		if err != nil {
 			scope.err(err, w, req)
 			return
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/installer.go b/vendor/k8s.io/apiserver/pkg/endpoints/installer.go
index 87bf1700d2bb..934ee94f7271 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/installer.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/installer.go
@@ -96,13 +96,6 @@ func (a *APIInstaller) Install() ([]metav1.APIResource, *restful.WebService, []e
 	var errors []error
 	ws := a.newWebService()
 
-	proxyHandler := (&handlers.ProxyHandler{
-		Prefix:     a.prefix + "/proxy/",
-		Storage:    a.group.Storage,
-		Serializer: a.group.Serializer,
-		Mapper:     a.group.Context,
-	})
-
 	// Register the paths in a deterministic (sorted) order to get a deterministic swagger spec.
 	paths := make([]string, len(a.group.Storage))
 	var i int = 0
@@ -112,7 +105,7 @@ func (a *APIInstaller) Install() ([]metav1.APIResource, *restful.WebService, []e
 	}
 	sort.Strings(paths)
 	for _, path := range paths {
-		apiResource, err := a.registerResourceHandlers(path, a.group.Storage[path], ws, proxyHandler)
+		apiResource, err := a.registerResourceHandlers(path, a.group.Storage[path], ws)
 		if err != nil {
 			errors = append(errors, fmt.Errorf("error in registering resource: %s, %v", path, err))
 		}
@@ -193,7 +186,7 @@ func (a *APIInstaller) restMapping(resource string) (*meta.RESTMapping, error) {
 	return a.group.Mapper.RESTMapping(fqKindToRegister.GroupKind(), fqKindToRegister.Version)
 }
 
-func (a *APIInstaller) registerResourceHandlers(path string, storage rest.Storage, ws *restful.WebService, proxyHandler http.Handler) (*metav1.APIResource, error) {
+func (a *APIInstaller) registerResourceHandlers(path string, storage rest.Storage, ws *restful.WebService) (*metav1.APIResource, error) {
 	admit := a.group.Admit
 	context := a.group.Context
 	if context == nil {
@@ -234,13 +227,11 @@ func (a *APIInstaller) registerResourceHandlers(path string, storage rest.Storag
 	lister, isLister := storage.(rest.Lister)
 	getter, isGetter := storage.(rest.Getter)
 	getterWithOptions, isGetterWithOptions := storage.(rest.GetterWithOptions)
-	deleter, isDeleter := storage.(rest.Deleter)
 	gracefulDeleter, isGracefulDeleter := storage.(rest.GracefulDeleter)
 	collectionDeleter, isCollectionDeleter := storage.(rest.CollectionDeleter)
 	updater, isUpdater := storage.(rest.Updater)
 	patcher, isPatcher := storage.(rest.Patcher)
 	watcher, isWatcher := storage.(rest.Watcher)
-	_, isRedirector := storage.(rest.Redirector)
 	connecter, isConnecter := storage.(rest.Connecter)
 	storageMeta, isMetadata := storage.(rest.StorageMetadata)
 	if !isMetadata {
@@ -281,16 +272,12 @@ func (a *APIInstaller) registerResourceHandlers(path string, storage rest.Storag
 
 	var versionedDeleteOptions runtime.Object
 	var versionedDeleterObject interface{}
-	switch {
-	case isGracefulDeleter:
+	if isGracefulDeleter {
 		versionedDeleteOptions, err = a.group.Creater.New(optionsExternalVersion.WithKind("DeleteOptions"))
 		if err != nil {
 			return nil, err
 		}
 		versionedDeleterObject = indirectArbitraryPointer(versionedDeleteOptions)
-		isDeleter = true
-	case isDeleter:
-		gracefulDeleter = rest.GracefulDeleteAdapter{Deleter: deleter}
 	}
 
 	versionedStatusPtr, err := a.group.Creater.New(optionsExternalVersion.WithKind("Status"))
@@ -424,14 +411,8 @@ func (a *APIInstaller) registerResourceHandlers(path string, storage rest.Storag
 		}
 		actions = appendIf(actions, action{"PUT", itemPath, nameParams, namer, false}, isUpdater)
 		actions = appendIf(actions, action{"PATCH", itemPath, nameParams, namer, false}, isPatcher)
-		actions = appendIf(actions, action{"DELETE", itemPath, nameParams, namer, false}, isDeleter)
+		actions = appendIf(actions, action{"DELETE", itemPath, nameParams, namer, false}, isGracefulDeleter)
 		actions = appendIf(actions, action{"WATCH", "watch/" + itemPath, nameParams, namer, false}, isWatcher)
-		// We add "proxy" subresource to remove the need for the generic top level prefix proxy.
-		// The generic top level prefix proxy is deprecated in v1.2, and will be removed in 1.3, or 1.4 at the latest.
-		// TODO: DEPRECATED in v1.2.
-		actions = appendIf(actions, action{"PROXY", "proxy/" + itemPath + "/{path:*}", proxyParams, namer, false}, isRedirector)
-		// TODO: DEPRECATED in v1.2.
-		actions = appendIf(actions, action{"PROXY", "proxy/" + itemPath, nameParams, namer, false}, isRedirector)
 		actions = appendIf(actions, action{"CONNECT", itemPath, nameParams, namer, false}, isConnecter)
 		actions = appendIf(actions, action{"CONNECT", itemPath + "/{path:*}", proxyParams, namer, false}, isConnecter && connectSubpath)
 		break
@@ -476,14 +457,8 @@ func (a *APIInstaller) registerResourceHandlers(path string, storage rest.Storag
 		}
 		actions = appendIf(actions, action{"PUT", itemPath, nameParams, namer, false}, isUpdater)
 		actions = appendIf(actions, action{"PATCH", itemPath, nameParams, namer, false}, isPatcher)
-		actions = appendIf(actions, action{"DELETE", itemPath, nameParams, namer, false}, isDeleter)
+		actions = appendIf(actions, action{"DELETE", itemPath, nameParams, namer, false}, isGracefulDeleter)
 		actions = appendIf(actions, action{"WATCH", "watch/" + itemPath, nameParams, namer, false}, isWatcher)
-		// We add "proxy" subresource to remove the need for the generic top level prefix proxy.
-		// The generic top level prefix proxy is deprecated in v1.2, and will be removed in 1.3, or 1.4 at the latest.
-		// TODO: DEPRECATED in v1.2.
-		actions = appendIf(actions, action{"PROXY", "proxy/" + itemPath + "/{path:*}", proxyParams, namer, false}, isRedirector)
-		// TODO: DEPRECATED in v1.2.
-		actions = appendIf(actions, action{"PROXY", "proxy/" + itemPath, nameParams, namer, false}, isRedirector)
 		actions = appendIf(actions, action{"CONNECT", itemPath, nameParams, namer, false}, isConnecter)
 		actions = appendIf(actions, action{"CONNECT", itemPath + "/{path:*}", proxyParams, namer, false}, isConnecter && connectSubpath)
 
@@ -690,7 +665,12 @@ func (a *APIInstaller) registerResourceHandlers(path string, storage rest.Storag
 			if hasSubresource {
 				doc = "partially update " + subresource + " of the specified " + kind
 			}
-			handler := metrics.InstrumentRouteFunc(action.Verb, resource, subresource, requestScope, restfulPatchResource(patcher, reqScope, admit, mapping.ObjectConvertor))
+			supportedTypes := []string{
+				string(types.JSONPatchType),
+				string(types.MergePatchType),
+				string(types.StrategicMergePatchType),
+			}
+			handler := metrics.InstrumentRouteFunc(action.Verb, resource, subresource, requestScope, restfulPatchResource(patcher, reqScope, admit, mapping.ObjectConvertor, supportedTypes))
 			route := ws.PATCH(action.Path).To(handler).
 				Doc(doc).
 				Param(ws.QueryParameter("pretty", "If 'true', then the output is pretty printed.")).
@@ -807,18 +787,6 @@ func (a *APIInstaller) registerResourceHandlers(path string, storage rest.Storag
 			}
 			addParams(route, action.Params)
 			routes = append(routes, route)
-		// We add "proxy" subresource to remove the need for the generic top level prefix proxy.
-		// The generic top level prefix proxy is deprecated in v1.2, and will be removed in 1.3, or 1.4 at the latest.
-		// TODO: DEPRECATED in v1.2.
-		case "PROXY": // Proxy requests to a resource.
-			// Accept all methods as per http://issue.k8s.io/3996
-			routes = append(routes, buildProxyRoute(ws, "GET", a.prefix, action.Path, kind, resource, subresource, namespaced, requestScope, hasSubresource, action.Params, proxyHandler, operationSuffix))
-			routes = append(routes, buildProxyRoute(ws, "PUT", a.prefix, action.Path, kind, resource, subresource, namespaced, requestScope, hasSubresource, action.Params, proxyHandler, operationSuffix))
-			routes = append(routes, buildProxyRoute(ws, "POST", a.prefix, action.Path, kind, resource, subresource, namespaced, requestScope, hasSubresource, action.Params, proxyHandler, operationSuffix))
-			routes = append(routes, buildProxyRoute(ws, "PATCH", a.prefix, action.Path, kind, resource, subresource, namespaced, requestScope, hasSubresource, action.Params, proxyHandler, operationSuffix))
-			routes = append(routes, buildProxyRoute(ws, "DELETE", a.prefix, action.Path, kind, resource, subresource, namespaced, requestScope, hasSubresource, action.Params, proxyHandler, operationSuffix))
-			routes = append(routes, buildProxyRoute(ws, "HEAD", a.prefix, action.Path, kind, resource, subresource, namespaced, requestScope, hasSubresource, action.Params, proxyHandler, operationSuffix))
-			routes = append(routes, buildProxyRoute(ws, "OPTIONS", a.prefix, action.Path, kind, resource, subresource, namespaced, requestScope, hasSubresource, action.Params, proxyHandler, operationSuffix))
 		case "CONNECT":
 			for _, method := range connecter.ConnectMethods() {
 				connectProducedObject := storageMeta.ProducesObject(method)
@@ -901,27 +869,6 @@ func routeFunction(handler http.Handler) restful.RouteFunction {
 	}
 }
 
-func buildProxyRoute(ws *restful.WebService,
-	method, prefix, path, kind, resource, subresource, namespaced, requestScope string,
-	hasSubresource bool,
-	params []*restful.Parameter,
-	proxyHandler http.Handler,
-	operationSuffix string) *restful.RouteBuilder {
-	doc := "proxy " + method + " requests to " + kind
-	if hasSubresource {
-		doc = "proxy " + method + " requests to " + subresource + " of " + kind
-	}
-	handler := metrics.InstrumentRouteFunc("PROXY", resource, subresource, requestScope, routeFunction(proxyHandler))
-	proxyRoute := ws.Method(method).Path(path).To(handler).
-		Doc(doc).
-		Operation("proxy" + strings.Title(method) + namespaced + kind + strings.Title(subresource) + operationSuffix).
-		Produces("*/*").
-		Consumes("*/*").
-		Writes("string")
-	addParams(proxyRoute, params)
-	return proxyRoute
-}
-
 func addParams(route *restful.RouteBuilder, params []*restful.Parameter) {
 	for _, param := range params {
 		route.Param(param)
@@ -1099,9 +1046,9 @@ func restfulUpdateResource(r rest.Updater, scope handlers.RequestScope, typer ru
 	}
 }
 
-func restfulPatchResource(r rest.Patcher, scope handlers.RequestScope, admit admission.Interface, converter runtime.ObjectConvertor) restful.RouteFunction {
+func restfulPatchResource(r rest.Patcher, scope handlers.RequestScope, admit admission.Interface, converter runtime.ObjectConvertor, supportedTypes []string) restful.RouteFunction {
 	return func(req *restful.Request, res *restful.Response) {
-		handlers.PatchResource(r, scope, admit, converter)(res.ResponseWriter, req.Request)
+		handlers.PatchResource(r, scope, admit, converter, supportedTypes)(res.ResponseWriter, req.Request)
 	}
 }
 
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/metrics/BUILD b/vendor/k8s.io/apiserver/pkg/endpoints/metrics/BUILD
index 8d57d273e3f5..6aef95e2dc8c 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/metrics/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/metrics/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["metrics_test.go"],
-    importpath = "k8s.io/apiserver/pkg/endpoints/metrics",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/metrics/metrics.go b/vendor/k8s.io/apiserver/pkg/endpoints/metrics/metrics.go
index 5df58216cfa1..d3f155c11f84 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/metrics/metrics.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/metrics/metrics.go
@@ -78,15 +78,15 @@ var (
 		},
 		[]string{"verb", "resource", "subresource", "scope"},
 	)
-	// DroppedRequests is a number of requests dropped with 'Try again later' reponse"
+	// DroppedRequests is a number of requests dropped with 'Try again later' response"
 	DroppedRequests = prometheus.NewCounterVec(
 		prometheus.CounterOpts{
 			Name: "apiserver_dropped_requests",
-			Help: "Number of requests dropped with 'Try again later' reponse",
+			Help: "Number of requests dropped with 'Try again later' response",
 		},
 		[]string{"requestKind"},
 	)
-	// Becasue of volatality of the base metric this is pre-aggregated one. Instead of reporing current usage all the time
+	// Because of volatality of the base metric this is pre-aggregated one. Instead of reporing current usage all the time
 	// it reports maximal usage during the last second.
 	currentInflightRequests = prometheus.NewGaugeVec(
 		prometheus.GaugeOpts{
@@ -105,8 +105,8 @@ const (
 	MutatingKind = "mutating"
 )
 
-// Register all metrics.
-func Register() {
+func init() {
+	// Register all metrics.
 	prometheus.MustRegister(requestCounter)
 	prometheus.MustRegister(longRunningRequestGauge)
 	prometheus.MustRegister(requestLatencies)
@@ -128,7 +128,7 @@ func Record(req *http.Request, requestInfo *request.RequestInfo, contentType str
 	if requestInfo == nil {
 		requestInfo = &request.RequestInfo{Verb: req.Method, Path: req.URL.Path}
 	}
-	scope := cleanScope(requestInfo)
+	scope := CleanScope(requestInfo)
 	if requestInfo.IsResourceRequest {
 		MonitorRequest(req, strings.ToUpper(requestInfo.Verb), requestInfo.Resource, requestInfo.Subresource, contentType, scope, code, responseSizeInBytes, elapsed)
 	} else {
@@ -143,7 +143,7 @@ func RecordLongRunning(req *http.Request, requestInfo *request.RequestInfo, fn f
 		requestInfo = &request.RequestInfo{Verb: req.Method, Path: req.URL.Path}
 	}
 	var g prometheus.Gauge
-	scope := cleanScope(requestInfo)
+	scope := CleanScope(requestInfo)
 	reportedVerb := cleanVerb(strings.ToUpper(requestInfo.Verb), req)
 	if requestInfo.IsResourceRequest {
 		g = longRunningRequestGauge.WithLabelValues(reportedVerb, requestInfo.Resource, requestInfo.Subresource, scope)
@@ -178,7 +178,7 @@ func Reset() {
 }
 
 // InstrumentRouteFunc works like Prometheus' InstrumentHandlerFunc but wraps
-// the go-restful RouteFunction instead of a HandlerFunc
+// the go-restful RouteFunction instead of a HandlerFunc plus some Kubernetes endpoint specific information.
 func InstrumentRouteFunc(verb, resource, subresource, scope string, routeFunc restful.RouteFunction) restful.RouteFunction {
 	return restful.RouteFunction(func(request *restful.Request, response *restful.Response) {
 		now := time.Now()
@@ -202,7 +202,30 @@ func InstrumentRouteFunc(verb, resource, subresource, scope string, routeFunc re
 	})
 }
 
-func cleanScope(requestInfo *request.RequestInfo) string {
+// InstrumentHandlerFunc works like Prometheus' InstrumentHandlerFunc but adds some Kubernetes endpoint specific information.
+func InstrumentHandlerFunc(verb, resource, subresource, scope string, handler http.HandlerFunc) http.HandlerFunc {
+	return func(w http.ResponseWriter, req *http.Request) {
+		now := time.Now()
+
+		delegate := &ResponseWriterDelegator{ResponseWriter: w}
+
+		_, cn := w.(http.CloseNotifier)
+		_, fl := w.(http.Flusher)
+		_, hj := w.(http.Hijacker)
+		if cn && fl && hj {
+			w = &fancyResponseWriterDelegator{delegate}
+		} else {
+			w = delegate
+		}
+
+		handler(w, req)
+
+		MonitorRequest(req, verb, resource, subresource, scope, delegate.Header().Get("Content-Type"), delegate.Status(), delegate.ContentLength(), time.Now().Sub(now))
+	}
+}
+
+// CleanScope returns the scope of the request.
+func CleanScope(requestInfo *request.RequestInfo) string {
 	if requestInfo.Namespace != "" {
 		return "namespace"
 	}
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/openapi/BUILD b/vendor/k8s.io/apiserver/pkg/endpoints/openapi/BUILD
index 0e972d7f9889..875531c3dbd4 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/openapi/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/openapi/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["openapi_test.go"],
-    importpath = "k8s.io/apiserver/pkg/endpoints/openapi",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/go-openapi/spec:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/request/BUILD b/vendor/k8s.io/apiserver/pkg/endpoints/request/BUILD
index ca759c1b66b0..bda772f4e7ea 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/request/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/request/BUILD
@@ -9,9 +9,11 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["requestinfo_test.go"],
-    importpath = "k8s.io/apiserver/pkg/endpoints/request",
-    library = ":go_default_library",
-    deps = ["//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library"],
+    embed = [":go_default_library"],
+    deps = [
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+    ],
 )
 
 go_library(
@@ -26,6 +28,7 @@ go_library(
     deps = [
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/golang.org/x/net/context:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/apis/audit:go_default_library",
@@ -36,7 +39,6 @@ go_library(
 go_test(
     name = "go_default_xtest",
     srcs = ["context_test.go"],
-    importpath = "k8s.io/apiserver/pkg/endpoints/request_test",
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/request/context.go b/vendor/k8s.io/apiserver/pkg/endpoints/request/context.go
index b63b84dc7db9..e64facc5c4b2 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/request/context.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/request/context.go
@@ -21,6 +21,7 @@ import (
 	"time"
 
 	"golang.org/x/net/context"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apiserver/pkg/apis/audit"
 	"k8s.io/apiserver/pkg/authentication/user"
@@ -66,8 +67,6 @@ const (
 
 	// auditKey is the context key for the audit event.
 	auditKey
-
-	namespaceDefault = "default" // TODO(sttts): solve import cycle when using metav1.NamespaceDefault
 )
 
 // NewContext instantiates a base context object for request flows.
@@ -77,7 +76,7 @@ func NewContext() Context {
 
 // NewDefaultContext instantiates a base context object for request flows in the default namespace
 func NewDefaultContext() Context {
-	return WithNamespace(NewContext(), namespaceDefault)
+	return WithNamespace(NewContext(), metav1.NamespaceDefault)
 }
 
 // WithValue returns a copy of parent in which the value associated with key is val.
@@ -110,7 +109,7 @@ func NamespaceValue(ctx Context) string {
 func WithNamespaceDefaultIfNone(parent Context) Context {
 	namespace, ok := NamespaceFrom(parent)
 	if !ok || len(namespace) == 0 {
-		return WithNamespace(parent, namespaceDefault)
+		return WithNamespace(parent, metav1.NamespaceDefault)
 	}
 	return parent
 }
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/request/requestinfo.go b/vendor/k8s.io/apiserver/pkg/endpoints/request/requestinfo.go
index bb0f0604d213..ddbbde3991d6 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/request/requestinfo.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/request/requestinfo.go
@@ -21,6 +21,7 @@ import (
 	"net/http"
 	"strings"
 
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/util/sets"
 )
 
@@ -178,7 +179,7 @@ func (r *RequestInfoFactory) NewRequestInfo(req *http.Request) (*RequestInfo, er
 			}
 		}
 	} else {
-		requestInfo.Namespace = "" // TODO(sttts): solve import cycle when using metav1.NamespaceNone
+		requestInfo.Namespace = metav1.NamespaceNone
 	}
 
 	// parsing successful, so we now know the proper value for .Parts
diff --git a/vendor/k8s.io/apiserver/pkg/registry/generic/OWNERS b/vendor/k8s.io/apiserver/pkg/registry/generic/OWNERS
index 429b15e49b89..75e139342b77 100755
--- a/vendor/k8s.io/apiserver/pkg/registry/generic/OWNERS
+++ b/vendor/k8s.io/apiserver/pkg/registry/generic/OWNERS
@@ -18,7 +18,6 @@ reviewers:
 - roberthbailey
 - ncdc
 - eparis
-- timothysc
 - jlowdermilk
 - piosz
 - dims
diff --git a/vendor/k8s.io/apiserver/pkg/registry/generic/options.go b/vendor/k8s.io/apiserver/pkg/registry/generic/options.go
index 2f5c850ff422..af651371f09c 100644
--- a/vendor/k8s.io/apiserver/pkg/registry/generic/options.go
+++ b/vendor/k8s.io/apiserver/pkg/registry/generic/options.go
@@ -17,6 +17,8 @@ limitations under the License.
 package generic
 
 import (
+	"time"
+
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apiserver/pkg/storage"
 	"k8s.io/apiserver/pkg/storage/storagebackend"
@@ -30,6 +32,7 @@ type RESTOptions struct {
 	EnableGarbageCollection bool
 	DeleteCollectionWorkers int
 	ResourcePrefix          string
+	CountMetricPollPeriod   time.Duration
 }
 
 // Implement RESTOptionsGetter so that RESTOptions can directly be used when available (i.e. tests)
diff --git a/vendor/k8s.io/apiserver/pkg/registry/generic/registry/BUILD b/vendor/k8s.io/apiserver/pkg/registry/generic/registry/BUILD
index 02c6becc7331..f6f70d86c16f 100644
--- a/vendor/k8s.io/apiserver/pkg/registry/generic/registry/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/registry/generic/registry/BUILD
@@ -12,8 +12,7 @@ go_test(
         "decorated_watcher_test.go",
         "store_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/registry/generic/registry",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
@@ -64,7 +63,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/api/validation/path:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/fields:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
@@ -72,6 +71,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
@@ -79,6 +79,7 @@ go_library(
         "//vendor/k8s.io/apiserver/pkg/storage:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/errors:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/etcd:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/storage/etcd/metrics:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/storagebackend:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/storagebackend/factory:go_default_library",
     ],
diff --git a/vendor/k8s.io/apiserver/pkg/registry/generic/registry/store.go b/vendor/k8s.io/apiserver/pkg/registry/generic/registry/store.go
index db77f4efea84..d7e449c25513 100644
--- a/vendor/k8s.io/apiserver/pkg/registry/generic/registry/store.go
+++ b/vendor/k8s.io/apiserver/pkg/registry/generic/registry/store.go
@@ -28,7 +28,7 @@ import (
 	"k8s.io/apimachinery/pkg/api/validation/path"
 	metainternalversion "k8s.io/apimachinery/pkg/apis/meta/internalversion"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	metav1alpha1 "k8s.io/apimachinery/pkg/apis/meta/v1alpha1"
+	metav1beta1 "k8s.io/apimachinery/pkg/apis/meta/v1beta1"
 	"k8s.io/apimachinery/pkg/fields"
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -36,13 +36,14 @@ import (
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/apimachinery/pkg/util/validation/field"
+	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/apimachinery/pkg/watch"
-	"k8s.io/apiserver/pkg/endpoints/request"
 	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
 	"k8s.io/apiserver/pkg/registry/generic"
 	"k8s.io/apiserver/pkg/registry/rest"
 	"k8s.io/apiserver/pkg/storage"
 	storeerr "k8s.io/apiserver/pkg/storage/errors"
+	"k8s.io/apiserver/pkg/storage/etcd/metrics"
 
 	"github.com/golang/glog"
 )
@@ -182,7 +183,10 @@ var _ rest.Exporter = &Store{}
 var _ rest.TableConvertor = &Store{}
 var _ GenericStore = &Store{}
 
-const OptimisticLockErrorMsg = "the object has been modified; please apply your changes to the latest version and try again"
+const (
+	OptimisticLockErrorMsg        = "the object has been modified; please apply your changes to the latest version and try again"
+	resourceCountPollPeriodJitter = 1.2
+)
 
 // NamespaceKeyRootFunc is the default function for constructing storage paths
 // to resource directories enforcing namespace rules.
@@ -681,7 +685,7 @@ func (e *Store) Get(ctx genericapirequest.Context, name string, options *metav1.
 // qualifiedResourceFromContext attempts to retrieve a GroupResource from the context's request info.
 // If the context has no request info, DefaultQualifiedResource is used.
 func (e *Store) qualifiedResourceFromContext(ctx genericapirequest.Context) schema.GroupResource {
-	if info, ok := request.RequestInfoFrom(ctx); ok {
+	if info, ok := genericapirequest.RequestInfoFrom(ctx); ok {
 		return schema.GroupResource{Group: info.APIGroup, Resource: info.Resource}
 	}
 	// some implementations access storage directly and thus the context has no RequestInfo
@@ -1364,12 +1368,41 @@ func (e *Store) CompleteWithOptions(options *generic.StoreOptions) error {
 			attrFunc,
 			triggerFunc,
 		)
+
+		if opts.CountMetricPollPeriod > 0 {
+			stopFunc := e.startObservingCount(opts.CountMetricPollPeriod)
+			previousDestroy := e.DestroyFunc
+			e.DestroyFunc = func() {
+				stopFunc()
+				if previousDestroy != nil {
+					previousDestroy()
+				}
+			}
+		}
 	}
 
 	return nil
 }
 
-func (e *Store) ConvertToTable(ctx genericapirequest.Context, object runtime.Object, tableOptions runtime.Object) (*metav1alpha1.Table, error) {
+// startObservingCount starts monitoring given prefix and periodically updating metrics. It returns a function to stop collection.
+func (e *Store) startObservingCount(period time.Duration) func() {
+	prefix := e.KeyRootFunc(genericapirequest.NewContext())
+	resourceName := e.DefaultQualifiedResource.String()
+	glog.V(2).Infof("Monitoring %v count at <storage-prefix>/%v", resourceName, prefix)
+	stopCh := make(chan struct{})
+	go wait.JitterUntil(func() {
+		count, err := e.Storage.Count(prefix)
+		if err != nil {
+			glog.V(5).Infof("Failed to update storage count metric: %v", err)
+			metrics.UpdateObjectCount(resourceName, -1)
+		} else {
+			metrics.UpdateObjectCount(resourceName, count)
+		}
+	}, period, resourceCountPollPeriodJitter, true, stopCh)
+	return func() { close(stopCh) }
+}
+
+func (e *Store) ConvertToTable(ctx genericapirequest.Context, object runtime.Object, tableOptions runtime.Object) (*metav1beta1.Table, error) {
 	if e.TableConvertor != nil {
 		return e.TableConvertor.ConvertToTable(ctx, object, tableOptions)
 	}
diff --git a/vendor/k8s.io/apiserver/pkg/registry/generic/rest/BUILD b/vendor/k8s.io/apiserver/pkg/registry/generic/rest/BUILD
index 2bf06aae705a..98cb775725e2 100644
--- a/vendor/k8s.io/apiserver/pkg/registry/generic/rest/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/registry/generic/rest/BUILD
@@ -12,8 +12,7 @@ go_test(
         "response_checker_test.go",
         "streamer_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/registry/generic/rest",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/registry/rest/BUILD b/vendor/k8s.io/apiserver/pkg/registry/rest/BUILD
index e662a4ee7d7b..e638251d1578 100644
--- a/vendor/k8s.io/apiserver/pkg/registry/rest/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/registry/rest/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["meta_test.go"],
-    importpath = "k8s.io/apiserver/pkg/registry/rest",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/api/meta:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
@@ -42,7 +41,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1/validation:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/uuid:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/registry/rest/OWNERS b/vendor/k8s.io/apiserver/pkg/registry/rest/OWNERS
index 9d8627ad1243..6427750a9e9b 100755
--- a/vendor/k8s.io/apiserver/pkg/registry/rest/OWNERS
+++ b/vendor/k8s.io/apiserver/pkg/registry/rest/OWNERS
@@ -14,7 +14,6 @@ reviewers:
 - roberthbailey
 - ncdc
 - eparis
-- timothysc
 - dims
 - hongchaodeng
 - krousey
diff --git a/vendor/k8s.io/apiserver/pkg/registry/rest/rest.go b/vendor/k8s.io/apiserver/pkg/registry/rest/rest.go
index 1155c8ade275..a2b0930f38a0 100644
--- a/vendor/k8s.io/apiserver/pkg/registry/rest/rest.go
+++ b/vendor/k8s.io/apiserver/pkg/registry/rest/rest.go
@@ -23,7 +23,7 @@ import (
 
 	metainternalversion "k8s.io/apimachinery/pkg/apis/meta/internalversion"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	metav1alpha1 "k8s.io/apimachinery/pkg/apis/meta/v1alpha1"
+	metav1beta1 "k8s.io/apimachinery/pkg/apis/meta/v1beta1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/watch"
@@ -134,17 +134,7 @@ type GetterWithOptions interface {
 }
 
 type TableConvertor interface {
-	ConvertToTable(ctx genericapirequest.Context, object runtime.Object, tableOptions runtime.Object) (*metav1alpha1.Table, error)
-}
-
-// Deleter is an object that can delete a named RESTful resource.
-type Deleter interface {
-	// Delete finds a resource in the storage and deletes it.
-	// Although it can return an arbitrary error value, IsNotFound(err) is true for the
-	// returned error value err when the specified resource is not found.
-	// Delete *may* return the object that was deleted, or a status object indicating additional
-	// information about deletion.
-	Delete(ctx genericapirequest.Context, name string) (runtime.Object, error)
+	ConvertToTable(ctx genericapirequest.Context, object runtime.Object, tableOptions runtime.Object) (*metav1beta1.Table, error)
 }
 
 // GracefulDeleter knows how to pass deletion options to allow delayed deletion of a
@@ -162,17 +152,6 @@ type GracefulDeleter interface {
 	Delete(ctx genericapirequest.Context, name string, options *metav1.DeleteOptions) (runtime.Object, bool, error)
 }
 
-// GracefulDeleteAdapter adapts the Deleter interface to GracefulDeleter
-type GracefulDeleteAdapter struct {
-	Deleter
-}
-
-// Delete implements RESTGracefulDeleter in terms of Deleter
-func (w GracefulDeleteAdapter) Delete(ctx genericapirequest.Context, name string, options *metav1.DeleteOptions) (runtime.Object, bool, error) {
-	obj, err := w.Deleter.Delete(ctx, name)
-	return obj, true, err
-}
-
 // CollectionDeleter is an object that can delete a collection
 // of RESTful resources.
 type CollectionDeleter interface {
diff --git a/vendor/k8s.io/apiserver/pkg/registry/rest/table.go b/vendor/k8s.io/apiserver/pkg/registry/rest/table.go
index 4bc1b36685ef..2f0d1df3b6c0 100644
--- a/vendor/k8s.io/apiserver/pkg/registry/rest/table.go
+++ b/vendor/k8s.io/apiserver/pkg/registry/rest/table.go
@@ -23,7 +23,7 @@ import (
 
 	"k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	metav1alpha1 "k8s.io/apimachinery/pkg/apis/meta/v1alpha1"
+	metav1beta1 "k8s.io/apimachinery/pkg/apis/meta/v1beta1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
@@ -40,14 +40,14 @@ func NewDefaultTableConvertor(resource schema.GroupResource) TableConvertor {
 
 var swaggerMetadataDescriptions = metav1.ObjectMeta{}.SwaggerDoc()
 
-func (c defaultTableConvertor) ConvertToTable(ctx genericapirequest.Context, object runtime.Object, tableOptions runtime.Object) (*metav1alpha1.Table, error) {
-	var table metav1alpha1.Table
+func (c defaultTableConvertor) ConvertToTable(ctx genericapirequest.Context, object runtime.Object, tableOptions runtime.Object) (*metav1beta1.Table, error) {
+	var table metav1beta1.Table
 	fn := func(obj runtime.Object) error {
 		m, err := meta.Accessor(obj)
 		if err != nil {
 			return errNotAcceptable{resource: c.qualifiedResource}
 		}
-		table.Rows = append(table.Rows, metav1alpha1.TableRow{
+		table.Rows = append(table.Rows, metav1beta1.TableRow{
 			Cells:  []interface{}{m.GetName(), m.GetCreationTimestamp().Time.UTC().Format(time.RFC3339)},
 			Object: runtime.RawExtension{Object: obj},
 		})
@@ -73,7 +73,7 @@ func (c defaultTableConvertor) ConvertToTable(ctx genericapirequest.Context, obj
 			table.SelfLink = m.GetSelfLink()
 		}
 	}
-	table.ColumnDefinitions = []metav1alpha1.TableColumnDefinition{
+	table.ColumnDefinitions = []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: swaggerMetadataDescriptions["name"]},
 		{Name: "Created At", Type: "date", Description: swaggerMetadataDescriptions["creationTimestamp"]},
 	}
diff --git a/vendor/k8s.io/apiserver/pkg/registry/rest/zz_generated.deepcopy.go b/vendor/k8s.io/apiserver/pkg/registry/rest/zz_generated.deepcopy.go
index b4e3fd8226ac..f7250379c372 100644
--- a/vendor/k8s.io/apiserver/pkg/registry/rest/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apiserver/pkg/registry/rest/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package rest
 
@@ -49,7 +49,6 @@ func (in *ConnectRequest) DeepCopy() *ConnectRequest {
 func (in *ConnectRequest) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/apiserver/pkg/server/BUILD b/vendor/k8s.io/apiserver/pkg/server/BUILD
index 40bc126b1949..c1073fc1d56a 100644
--- a/vendor/k8s.io/apiserver/pkg/server/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/server/BUILD
@@ -13,8 +13,7 @@ go_test(
         "config_test.go",
         "genericapiserver_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/server",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/meta:go_default_library",
@@ -35,11 +34,9 @@ go_test(
         "//vendor/k8s.io/apiserver/pkg/registry/rest:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server/filters:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server/healthz:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/storage/etcd/testing:go_default_library",
         "//vendor/k8s.io/client-go/informers:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes/fake:go_default_library",
         "//vendor/k8s.io/client-go/rest:go_default_library",
-        "//vendor/k8s.io/kube-openapi/pkg/common:go_default_library",
     ],
 )
 
@@ -56,9 +53,38 @@ go_library(
         "plugins.go",
         "serve.go",
         "signal.go",
-        "signal_posix.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "signal_posix.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "signal_posix.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "signal_posix.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "signal_posix.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "signal_posix.go",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "signal_posix.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "signal_posix.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "signal_posix.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "signal_posix.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "signal_posix.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
             "signal_windows.go",
         ],
         "//conditions:default": [],
@@ -71,6 +97,7 @@ go_library(
         "//vendor/github.com/go-openapi/spec:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/pborman/uuid:go_default_library",
+        "//vendor/golang.org/x/net/http2:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apimachinery:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apimachinery/registered:go_default_library",
@@ -112,6 +139,7 @@ go_library(
         "//vendor/k8s.io/apiserver/pkg/server/healthz:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server/mux:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server/routes:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server/storage:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/client-go/informers:go_default_library",
         "//vendor/k8s.io/client-go/rest:go_default_library",
@@ -136,6 +164,7 @@ filegroup(
         "//staging/src/k8s.io/apiserver/pkg/server/httplog:all-srcs",
         "//staging/src/k8s.io/apiserver/pkg/server/mux:all-srcs",
         "//staging/src/k8s.io/apiserver/pkg/server/options:all-srcs",
+        "//staging/src/k8s.io/apiserver/pkg/server/resourceconfig:all-srcs",
         "//staging/src/k8s.io/apiserver/pkg/server/routes:all-srcs",
         "//staging/src/k8s.io/apiserver/pkg/server/storage:all-srcs",
     ],
diff --git a/vendor/k8s.io/apiserver/pkg/server/config.go b/vendor/k8s.io/apiserver/pkg/server/config.go
index 877071ad3b21..2f4c48b45a29 100644
--- a/vendor/k8s.io/apiserver/pkg/server/config.go
+++ b/vendor/k8s.io/apiserver/pkg/server/config.go
@@ -57,6 +57,7 @@ import (
 	genericfilters "k8s.io/apiserver/pkg/server/filters"
 	"k8s.io/apiserver/pkg/server/healthz"
 	"k8s.io/apiserver/pkg/server/routes"
+	serverstore "k8s.io/apiserver/pkg/server/storage"
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	"k8s.io/client-go/informers"
 	restclient "k8s.io/client-go/rest"
@@ -78,17 +79,19 @@ const (
 // Config is a structure used to configure a GenericAPIServer.
 // Its members are sorted roughly in order of importance for composers.
 type Config struct {
-	// SecureServingInfo is required to serve https
-	SecureServingInfo *SecureServingInfo
+	// SecureServing is required to serve https
+	SecureServing *SecureServingInfo
+
+	// Authentication is the configuration for authentication
+	Authentication AuthenticationInfo
+
+	// Authorization is the configuration for authorization
+	Authorization AuthorizationInfo
 
 	// LoopbackClientConfig is a config for a privileged loopback connection to the API server
 	// This is required for proper functioning of the PostStartHooks on a GenericAPIServer
+	// TODO: move into SecureServing(WithLoopback) as soon as insecure serving is gone
 	LoopbackClientConfig *restclient.Config
-	// Authenticator determines which subject is making the request
-	Authenticator authenticator.Request
-	// Authorizer determines whether the subject is allowed to make the request based only
-	// on the RequestURI
-	Authorizer authorizer.Authorizer
 	// RuleResolver is required to get the list of rules that apply to a given user
 	// in a given namespace
 	RuleResolver authorizer.RuleResolver
@@ -115,10 +118,6 @@ type Config struct {
 	AuditBackend audit.Backend
 	// AuditPolicyChecker makes the decision of whether and how to audit log a request.
 	AuditPolicyChecker auditpolicy.Checker
-	// SupportsBasicAuth indicates that's at least one Authenticator supports basic auth
-	// If this is true, a basic auth challenge is returned on authentication failure
-	// TODO(roberthbailey): Remove once the server no longer supports http basic auth.
-	SupportsBasicAuth bool
 	// ExternalAddress is the host name to use for external (public internet) facing URLs (e.g. Swagger)
 	// Will default to a value based on secure serving info and available ipv4 IPs.
 	ExternalAddress string
@@ -175,6 +174,11 @@ type Config struct {
 	// if the client requests it via Accept-Encoding
 	EnableAPIResponseCompression bool
 
+	// MergedResourceConfig indicates which groupVersion enabled and its resources enabled/disabled.
+	// This is composed of genericapiserver defaultAPIResourceConfig and those parsed from flags.
+	// If not specify any in flags, then genericapiserver will only enable defaultAPIResourceConfig.
+	MergedResourceConfig *serverstore.ResourceConfig
+
 	//===========================================================================
 	// values below here are targets for removal
 	//===========================================================================
@@ -210,10 +214,6 @@ type SecureServingInfo struct {
 	// allowed to be in SNICerts.
 	Cert *tls.Certificate
 
-	// CACert is an optional certificate authority used for the loopback connection of the Admission controllers.
-	// If this is nil, the certificate authority is extracted from Cert or a matching SNI certificate.
-	CACert *tls.Certificate
-
 	// SNICerts are the TLS certificates by name used for SNI.
 	SNICerts map[string]*tls.Certificate
 
@@ -227,6 +227,25 @@ type SecureServingInfo struct {
 	// CipherSuites optionally overrides the list of allowed cipher suites for the server.
 	// Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants).
 	CipherSuites []uint16
+
+	// HTTP2MaxStreamsPerConnection is the limit that the api server imposes on each client.
+	// A value of zero means to use the default provided by golang's HTTP/2 support.
+	HTTP2MaxStreamsPerConnection int
+}
+
+type AuthenticationInfo struct {
+	// Authenticator determines which subject is making the request
+	Authenticator authenticator.Request
+	// SupportsBasicAuth indicates that's at least one Authenticator supports basic auth
+	// If this is true, a basic auth challenge is returned on authentication failure
+	// TODO(roberthbailey): Remove once the server no longer supports http basic auth.
+	SupportsBasicAuth bool
+}
+
+type AuthorizationInfo struct {
+	// Authorizer determines whether the subject is allowed to make the request based only
+	// on the RequestURI
+	Authorizer authorizer.Authorizer
 }
 
 // NewConfig returns a Config struct with the default values
@@ -300,23 +319,23 @@ func DefaultSwaggerConfig() *swagger.Config {
 	}
 }
 
-func (c *Config) ApplyClientCert(clientCAFile string) (*Config, error) {
-	if c.SecureServingInfo != nil {
+func (c *AuthenticationInfo) ApplyClientCert(clientCAFile string, servingInfo *SecureServingInfo) error {
+	if servingInfo != nil {
 		if len(clientCAFile) > 0 {
 			clientCAs, err := certutil.CertsFromFile(clientCAFile)
 			if err != nil {
-				return nil, fmt.Errorf("unable to load client CA file: %v", err)
+				return fmt.Errorf("unable to load client CA file: %v", err)
 			}
-			if c.SecureServingInfo.ClientCA == nil {
-				c.SecureServingInfo.ClientCA = x509.NewCertPool()
+			if servingInfo.ClientCA == nil {
+				servingInfo.ClientCA = x509.NewCertPool()
 			}
 			for _, cert := range clientCAs {
-				c.SecureServingInfo.ClientCA.AddCert(cert)
+				servingInfo.ClientCA.AddCert(cert)
 			}
 		}
 	}
 
-	return c, nil
+	return nil
 }
 
 type completedConfig struct {
@@ -338,13 +357,17 @@ type CompletedConfig struct {
 // Complete fills in any fields not set that are required to have valid data and can be derived
 // from other fields. If you're going to `ApplyOptions`, do that first. It's mutating the receiver.
 func (c *Config) Complete(informers informers.SharedInformerFactory) CompletedConfig {
-	if len(c.ExternalAddress) == 0 && c.PublicAddress != nil {
-		hostAndPort := c.PublicAddress.String()
-		if c.ReadWritePort != 0 {
-			hostAndPort = net.JoinHostPort(hostAndPort, strconv.Itoa(c.ReadWritePort))
-		}
-		c.ExternalAddress = hostAndPort
+	host := c.ExternalAddress
+	if host == "" && c.PublicAddress != nil {
+		host = c.PublicAddress.String()
 	}
+
+	// if there is no port, and we have a ReadWritePort, use that
+	if _, _, err := net.SplitHostPort(host); err != nil && c.ReadWritePort != 0 {
+		host = net.JoinHostPort(host, strconv.Itoa(c.ReadWritePort))
+	}
+	c.ExternalAddress = host
+
 	if c.OpenAPIConfig != nil && c.OpenAPIConfig.SecurityDefinitions != nil {
 		// Setup OpenAPI security: all APIs will have the same authentication for now.
 		c.OpenAPIConfig.DefaultSecurity = []map[string][]string{}
@@ -379,7 +402,7 @@ func (c *Config) Complete(informers informers.SharedInformerFactory) CompletedCo
 		}
 	}
 	if c.SwaggerConfig != nil && len(c.SwaggerConfig.WebServicesUrl) == 0 {
-		if c.SecureServingInfo != nil {
+		if c.SecureServing != nil {
 			c.SwaggerConfig.WebServicesUrl = "https://" + c.ExternalAddress
 		} else {
 			c.SwaggerConfig.WebServicesUrl = "http://" + c.ExternalAddress
@@ -391,7 +414,7 @@ func (c *Config) Complete(informers informers.SharedInformerFactory) CompletedCo
 
 	// If the loopbackclientconfig is specified AND it has a token for use against the API server
 	// wrap the authenticator and authorizer in loopback authentication logic
-	if c.Authenticator != nil && c.Authorizer != nil && c.LoopbackClientConfig != nil && len(c.LoopbackClientConfig.BearerToken) > 0 {
+	if c.Authentication.Authenticator != nil && c.Authorization.Authorizer != nil && c.LoopbackClientConfig != nil && len(c.LoopbackClientConfig.BearerToken) > 0 {
 		privilegedLoopbackToken := c.LoopbackClientConfig.BearerToken
 		var uid = uuid.NewRandom().String()
 		tokens := make(map[string]*user.DefaultInfo)
@@ -402,10 +425,10 @@ func (c *Config) Complete(informers informers.SharedInformerFactory) CompletedCo
 		}
 
 		tokenAuthenticator := authenticatorfactory.NewFromTokens(tokens)
-		c.Authenticator = authenticatorunion.New(tokenAuthenticator, c.Authenticator)
+		c.Authentication.Authenticator = authenticatorunion.New(tokenAuthenticator, c.Authentication.Authenticator)
 
 		tokenAuthorizer := authorizerfactory.NewPrivilegedGroups(user.SystemPrivilegedGroup)
-		c.Authorizer = authorizerunion.New(tokenAuthorizer, c.Authorizer)
+		c.Authorization.Authorizer = authorizerunion.New(tokenAuthorizer, c.Authorization.Authorizer)
 	}
 
 	if c.RequestInfoResolver == nil {
@@ -452,7 +475,7 @@ func (c completedConfig) New(name string, delegationTarget DelegationTarget) (*G
 		minRequestTimeout: time.Duration(c.MinRequestTimeout) * time.Second,
 		ShutdownTimeout:   c.RequestTimeout,
 
-		SecureServingInfo: c.SecureServingInfo,
+		SecureServingInfo: c.SecureServing,
 		ExternalAddress:   c.ExternalAddress,
 
 		Handler: apiServerHandler,
@@ -524,19 +547,19 @@ func (c completedConfig) New(name string, delegationTarget DelegationTarget) (*G
 }
 
 func DefaultBuildHandlerChain(apiHandler http.Handler, c *Config) http.Handler {
-	handler := genericapifilters.WithAuthorization(apiHandler, c.RequestContextMapper, c.Authorizer, c.Serializer)
+	handler := genericapifilters.WithAuthorization(apiHandler, c.RequestContextMapper, c.Authorization.Authorizer, c.Serializer)
 	handler = genericfilters.WithMaxInFlightLimit(handler, c.MaxRequestsInFlight, c.MaxMutatingRequestsInFlight, c.RequestContextMapper, c.LongRunningFunc)
-	handler = genericapifilters.WithImpersonation(handler, c.RequestContextMapper, c.Authorizer, c.Serializer)
+	handler = genericapifilters.WithImpersonation(handler, c.RequestContextMapper, c.Authorization.Authorizer, c.Serializer)
 	if utilfeature.DefaultFeatureGate.Enabled(features.AdvancedAuditing) {
 		handler = genericapifilters.WithAudit(handler, c.RequestContextMapper, c.AuditBackend, c.AuditPolicyChecker, c.LongRunningFunc)
 	} else {
 		handler = genericapifilters.WithLegacyAudit(handler, c.RequestContextMapper, c.LegacyAuditWriter)
 	}
-	failedHandler := genericapifilters.Unauthorized(c.RequestContextMapper, c.Serializer, c.SupportsBasicAuth)
+	failedHandler := genericapifilters.Unauthorized(c.RequestContextMapper, c.Serializer, c.Authentication.SupportsBasicAuth)
 	if utilfeature.DefaultFeatureGate.Enabled(features.AdvancedAuditing) {
 		failedHandler = genericapifilters.WithFailedAuthenticationAudit(failedHandler, c.RequestContextMapper, c.AuditBackend, c.AuditPolicyChecker)
 	}
-	handler = genericapifilters.WithAuthentication(handler, c.RequestContextMapper, c.Authenticator, failedHandler)
+	handler = genericapifilters.WithAuthentication(handler, c.RequestContextMapper, c.Authentication.Authenticator, failedHandler)
 	handler = genericfilters.WithCORS(handler, c.CorsAllowedOriginList, nil, nil, nil, "true")
 	handler = genericfilters.WithTimeoutForNonLongRunningRequests(handler, c.RequestContextMapper, c.LongRunningFunc, c.RequestTimeout)
 	handler = genericfilters.WithWaitGroup(handler, c.RequestContextMapper, c.LongRunningFunc, c.HandlerChainWaitGroup)
diff --git a/vendor/k8s.io/apiserver/pkg/server/filters/BUILD b/vendor/k8s.io/apiserver/pkg/server/filters/BUILD
index adb406e40857..6404a3953c7e 100644
--- a/vendor/k8s.io/apiserver/pkg/server/filters/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/server/filters/BUILD
@@ -14,8 +14,7 @@ go_test(
         "maxinflight_test.go",
         "timeout_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/server/filters",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/server/filters/compression.go b/vendor/k8s.io/apiserver/pkg/server/filters/compression.go
index 6303ab54a5fe..6bedfadea732 100644
--- a/vendor/k8s.io/apiserver/pkg/server/filters/compression.go
+++ b/vendor/k8s.io/apiserver/pkg/server/filters/compression.go
@@ -136,6 +136,7 @@ func (c *compressionResponseWriter) Write(p []byte) (int, error) {
 		return -1, errors.New("compressing error: tried to write data using closed compressor")
 	}
 	c.Header().Set(headerContentEncoding, c.encoding)
+	defer c.compressor.Flush()
 	return c.compressor.Write(p)
 }
 
diff --git a/vendor/k8s.io/apiserver/pkg/server/filters/longrunning.go b/vendor/k8s.io/apiserver/pkg/server/filters/longrunning.go
index 21c4562aa043..1b58f1638655 100644
--- a/vendor/k8s.io/apiserver/pkg/server/filters/longrunning.go
+++ b/vendor/k8s.io/apiserver/pkg/server/filters/longrunning.go
@@ -18,12 +18,13 @@ package filters
 
 import (
 	"net/http"
+	"strings"
 
 	"k8s.io/apimachinery/pkg/util/sets"
 	apirequest "k8s.io/apiserver/pkg/endpoints/request"
 )
 
-// BasicLongRunningRequestCheck returns true if the given request has one of the specified verbs or one of the specified subresources
+// BasicLongRunningRequestCheck returns true if the given request has one of the specified verbs or one of the specified subresources, or is a profiler request.
 func BasicLongRunningRequestCheck(longRunningVerbs, longRunningSubresources sets.String) apirequest.LongRunningRequestCheck {
 	return func(r *http.Request, requestInfo *apirequest.RequestInfo) bool {
 		if longRunningVerbs.Has(requestInfo.Verb) {
@@ -32,6 +33,9 @@ func BasicLongRunningRequestCheck(longRunningVerbs, longRunningSubresources sets
 		if requestInfo.IsResourceRequest && longRunningSubresources.Has(requestInfo.Subresource) {
 			return true
 		}
+		if !requestInfo.IsResourceRequest && strings.HasPrefix(requestInfo.Path, "/debug/pprof/") {
+			return true
+		}
 		return false
 	}
 }
diff --git a/vendor/k8s.io/apiserver/pkg/server/filters/timeout.go b/vendor/k8s.io/apiserver/pkg/server/filters/timeout.go
index 0e67da25293c..a1582627fb2a 100644
--- a/vendor/k8s.io/apiserver/pkg/server/filters/timeout.go
+++ b/vendor/k8s.io/apiserver/pkg/server/filters/timeout.go
@@ -30,7 +30,7 @@ import (
 	apirequest "k8s.io/apiserver/pkg/endpoints/request"
 )
 
-var errConnKilled = fmt.Errorf("kill connection/stream")
+var errConnKilled = fmt.Errorf("killing connection/stream because serving request timed out and response had been started")
 
 // WithTimeoutForNonLongRunningRequests times out non-long-running requests after the time given by timeout.
 func WithTimeoutForNonLongRunningRequests(handler http.Handler, requestContextMapper apirequest.RequestContextMapper, longRunning apirequest.LongRunningRequestCheck, timeout time.Duration) http.Handler {
@@ -129,7 +129,7 @@ type baseTimeoutWriter struct {
 	w http.ResponseWriter
 
 	mu sync.Mutex
-	// if the timeout handler has timedout
+	// if the timeout handler has timeout
 	timedOut bool
 	// if this timeout writer has wrote header
 	wroteHeader bool
diff --git a/vendor/k8s.io/apiserver/pkg/server/filters/waitgroup.go b/vendor/k8s.io/apiserver/pkg/server/filters/waitgroup.go
index be73a2c9d973..c73978e20edc 100644
--- a/vendor/k8s.io/apiserver/pkg/server/filters/waitgroup.go
+++ b/vendor/k8s.io/apiserver/pkg/server/filters/waitgroup.go
@@ -42,7 +42,7 @@ func WithWaitGroup(handler http.Handler, requestContextMapper apirequest.Request
 
 		if !longRunning(req, requestInfo) {
 			if err := wg.Add(1); err != nil {
-				http.Error(w, "Apisever is shutting down.", http.StatusInternalServerError)
+				http.Error(w, "apiserver is shutting down.", http.StatusInternalServerError)
 				return
 			}
 			defer wg.Done()
diff --git a/vendor/k8s.io/apiserver/pkg/server/filters/wrap.go b/vendor/k8s.io/apiserver/pkg/server/filters/wrap.go
index f252fedd8960..38742ffd9a21 100644
--- a/vendor/k8s.io/apiserver/pkg/server/filters/wrap.go
+++ b/vendor/k8s.io/apiserver/pkg/server/filters/wrap.go
@@ -30,8 +30,8 @@ import (
 func WithPanicRecovery(handler http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
 		defer runtime.HandleCrash(func(err interface{}) {
-			http.Error(w, "This request caused apisever to panic. Look in log for details.", http.StatusInternalServerError)
-			glog.Errorf("APIServer panic'd on %v %v: %v\n%s\n", req.Method, req.RequestURI, err, debug.Stack())
+			http.Error(w, "This request caused apiserver to panic. Look in the logs for details.", http.StatusInternalServerError)
+			glog.Errorf("apiserver panic'd on %v %v: %v\n%s\n", req.Method, req.RequestURI, err, debug.Stack())
 		})
 
 		logger := httplog.NewLogged(req, &w)
diff --git a/vendor/k8s.io/apiserver/pkg/server/genericapiserver.go b/vendor/k8s.io/apiserver/pkg/server/genericapiserver.go
index 8235b26540f5..38cd2e98179f 100644
--- a/vendor/k8s.io/apiserver/pkg/server/genericapiserver.go
+++ b/vendor/k8s.io/apiserver/pkg/server/genericapiserver.go
@@ -310,7 +310,7 @@ func (s preparedGenericAPIServer) NonBlockingRun(stopCh <-chan struct{}) error {
 	internalStopCh := make(chan struct{})
 
 	if s.SecureServingInfo != nil && s.Handler != nil {
-		if err := s.serveSecurely(internalStopCh); err != nil {
+		if err := s.SecureServingInfo.Serve(s.Handler, s.ShutdownTimeout, internalStopCh); err != nil {
 			close(internalStopCh)
 			return err
 		}
diff --git a/vendor/k8s.io/apiserver/pkg/server/handler.go b/vendor/k8s.io/apiserver/pkg/server/handler.go
index 5368e2e0fbff..a92196cba5a0 100644
--- a/vendor/k8s.io/apiserver/pkg/server/handler.go
+++ b/vendor/k8s.io/apiserver/pkg/server/handler.go
@@ -34,7 +34,6 @@ import (
 	"k8s.io/apiserver/pkg/endpoints/handlers/responsewriters"
 	"k8s.io/apiserver/pkg/endpoints/request"
 	"k8s.io/apiserver/pkg/server/mux"
-	genericmux "k8s.io/apiserver/pkg/server/mux"
 )
 
 // APIServerHandlers holds the different http.Handlers used by the API server.
@@ -74,7 +73,7 @@ type APIServerHandler struct {
 type HandlerChainBuilderFn func(apiHandler http.Handler) http.Handler
 
 func NewAPIServerHandler(name string, contextMapper request.RequestContextMapper, s runtime.NegotiatedSerializer, handlerChainBuilder HandlerChainBuilderFn, notFoundHandler http.Handler) *APIServerHandler {
-	nonGoRestfulMux := genericmux.NewPathRecorderMux(name)
+	nonGoRestfulMux := mux.NewPathRecorderMux(name)
 	if notFoundHandler != nil {
 		nonGoRestfulMux.NotFoundHandler(notFoundHandler)
 	}
diff --git a/vendor/k8s.io/apiserver/pkg/server/healthz/BUILD b/vendor/k8s.io/apiserver/pkg/server/healthz/BUILD
index 8b3901bb8b21..f4ccb4965024 100644
--- a/vendor/k8s.io/apiserver/pkg/server/healthz/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/server/healthz/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["healthz_test.go"],
-    importpath = "k8s.io/apiserver/pkg/server/healthz",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apiserver/pkg/server/httplog/BUILD b/vendor/k8s.io/apiserver/pkg/server/httplog/BUILD
index 16ea0eb730a8..3a620708a171 100644
--- a/vendor/k8s.io/apiserver/pkg/server/httplog/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/server/httplog/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["httplog_test.go"],
-    importpath = "k8s.io/apiserver/pkg/server/httplog",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apiserver/pkg/server/mux/BUILD b/vendor/k8s.io/apiserver/pkg/server/mux/BUILD
index fecbbe7b7222..5cc9e13d2646 100644
--- a/vendor/k8s.io/apiserver/pkg/server/mux/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/server/mux/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["pathrecorder_test.go"],
-    importpath = "k8s.io/apiserver/pkg/server/mux",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/github.com/stretchr/testify/assert:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apiserver/pkg/server/options/BUILD b/vendor/k8s.io/apiserver/pkg/server/options/BUILD
index 7a9196f14d68..506e3eef8007 100644
--- a/vendor/k8s.io/apiserver/pkg/server/options/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/server/options/BUILD
@@ -4,6 +4,7 @@ go_library(
     name = "go_default_library",
     srcs = [
         "admission.go",
+        "api_enablement.go",
         "audit.go",
         "authentication.go",
         "authorization.go",
@@ -14,6 +15,7 @@ go_library(
         "recommended.go",
         "server_run_options.go",
         "serving.go",
+        "serving_with_loopback.go",
     ],
     importpath = "k8s.io/apiserver/pkg/server/options",
     visibility = ["//visibility:public"],
@@ -47,11 +49,13 @@ go_library(
         "//vendor/k8s.io/apiserver/pkg/registry/generic/registry:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server/healthz:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server/resourceconfig:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server/storage:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/etcd3/preflight:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/storagebackend:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/flag:go_default_library",
+        "//vendor/k8s.io/apiserver/plugin/pkg/audit/buffered:go_default_library",
         "//vendor/k8s.io/apiserver/plugin/pkg/audit/log:go_default_library",
         "//vendor/k8s.io/apiserver/plugin/pkg/audit/webhook:go_default_library",
         "//vendor/k8s.io/client-go/informers:go_default_library",
@@ -62,6 +66,7 @@ go_library(
         "//vendor/k8s.io/client-go/rest:go_default_library",
         "//vendor/k8s.io/client-go/tools/clientcmd:go_default_library",
         "//vendor/k8s.io/client-go/util/cert:go_default_library",
+        "//vendor/k8s.io/kube-openapi/pkg/common:go_default_library",
     ],
 )
 
@@ -69,21 +74,26 @@ go_test(
     name = "go_default_test",
     srcs = [
         "admission_test.go",
+        "audit_test.go",
         "serving_test.go",
     ],
     data = glob(["testdata/**"]),
-    importpath = "k8s.io/apiserver/pkg/server/options",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
+        "//vendor/github.com/spf13/pflag:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
+        "//vendor/github.com/stretchr/testify/require:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/version:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/flag:go_default_library",
         "//vendor/k8s.io/client-go/discovery:go_default_library",
         "//vendor/k8s.io/client-go/rest:go_default_library",
+        "//vendor/k8s.io/client-go/tools/clientcmd/api/v1:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/apiserver/pkg/server/options/admission.go b/vendor/k8s.io/apiserver/pkg/server/options/admission.go
index aebfb3d21224..80c2204f8bf0 100644
--- a/vendor/k8s.io/apiserver/pkg/server/options/admission.go
+++ b/vendor/k8s.io/apiserver/pkg/server/options/admission.go
@@ -21,7 +21,9 @@ import (
 	"strings"
 
 	"github.com/spf13/pflag"
+
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/apiserver/pkg/admission"
 	"k8s.io/apiserver/pkg/admission/initializer"
 	admissionmetrics "k8s.io/apiserver/pkg/admission/metrics"
@@ -48,11 +50,16 @@ func init() {
 type AdmissionOptions struct {
 	// RecommendedPluginOrder holds an ordered list of plugin names we recommend to use by default
 	RecommendedPluginOrder []string
-	// DefaultOffPlugins a list of plugin names that should be disabled by default
-	DefaultOffPlugins []string
-	PluginNames       []string
-	ConfigFile        string
-
+	// DefaultOffPlugins is a set of plugin names that is disabled by default
+	DefaultOffPlugins sets.String
+
+	// EnablePlugins indicates plugins to be enabled passed through `--enable-admission-plugins`.
+	EnablePlugins []string
+	// DisablePlugins indicates plugins to be disabled passed through `--disable-admission-plugins`.
+	DisablePlugins []string
+	// ConfigFile is the file path with admission control configuration.
+	ConfigFile string
+	// Plugins contains all registered plugins.
 	Plugins *admission.Plugins
 }
 
@@ -66,14 +73,13 @@ type AdmissionOptions struct {
 //  Servers that do care can overwrite/append that field after creation.
 func NewAdmissionOptions() *AdmissionOptions {
 	options := &AdmissionOptions{
-		Plugins:     admission.NewPlugins(),
-		PluginNames: []string{},
+		Plugins: admission.NewPlugins(),
 		// This list is mix of mutating admission plugins and validating
 		// admission plugins. The apiserver always runs the validating ones
 		// after all the mutating ones, so their relative order in this list
 		// doesn't matter.
 		RecommendedPluginOrder: []string{lifecycle.PluginName, initialization.PluginName, mutatingwebhook.PluginName, validatingwebhook.PluginName},
-		DefaultOffPlugins:      []string{initialization.PluginName, mutatingwebhook.PluginName, validatingwebhook.PluginName},
+		DefaultOffPlugins:      sets.NewString(initialization.PluginName),
 	}
 	server.RegisterAllAdmissionPlugins(options.Plugins)
 	return options
@@ -81,14 +87,14 @@ func NewAdmissionOptions() *AdmissionOptions {
 
 // AddFlags adds flags related to admission for a specific APIServer to the specified FlagSet
 func (a *AdmissionOptions) AddFlags(fs *pflag.FlagSet) {
-	fs.StringSliceVar(&a.PluginNames, "admission-control", a.PluginNames, ""+
-		"Admission is divided into two phases. "+
-		"In the first phase, only mutating admission plugins run. "+
-		"In the second phase, only validating admission plugins run. "+
-		"The names in the below list may represent a validating plugin, a mutating plugin, or both. "+
-		"Within each phase, the plugins will run in the order in which they are passed to this flag. "+
-		"Comma-delimited list of: "+strings.Join(a.Plugins.Registered(), ", ")+".")
-
+	fs.StringSliceVar(&a.EnablePlugins, "enable-admission-plugins", a.EnablePlugins, ""+
+		"admission plugins that should be enabled in addition to default enabled ones. "+
+		"Comma-delimited list of admission plugins: "+strings.Join(a.Plugins.Registered(), ", ")+". "+
+		"The order of plugins in this flag does not matter.")
+	fs.StringSliceVar(&a.DisablePlugins, "disable-admission-plugins", a.DisablePlugins, ""+
+		"admission plugins that should be disabled although they are in the default enabled plugins list. "+
+		"Comma-delimited list of admission plugins: "+strings.Join(a.Plugins.Registered(), ", ")+". "+
+		"The order of plugins in this flag does not matter.")
 	fs.StringVar(&a.ConfigFile, "admission-control-config-file", a.ConfigFile,
 		"File with admission control configuration.")
 }
@@ -105,11 +111,22 @@ func (a *AdmissionOptions) ApplyTo(
 	scheme *runtime.Scheme,
 	pluginInitializers ...admission.PluginInitializer,
 ) error {
-	pluginNames := a.PluginNames
-	if len(a.PluginNames) == 0 {
-		pluginNames = a.enabledPluginNames()
+	if a == nil {
+		return nil
+	}
+
+	// Admission need scheme to construct admission initializer.
+	if scheme == nil {
+		return fmt.Errorf("admission depends on a scheme, it cannot be nil")
+	}
+
+	// Admission depends on CoreAPI to set SharedInformerFactory and ClientConfig.
+	if informers == nil {
+		return fmt.Errorf("admission depends on a Kubernetes core API shared informer, it cannot be nil")
 	}
 
+	pluginNames := a.enabledPluginNames()
+
 	pluginsConfigProvider, err := admission.ReadAdmissionConfiguration(pluginNames, a.ConfigFile, configScheme)
 	if err != nil {
 		return fmt.Errorf("failed to read plugin config: %v", err)
@@ -119,12 +136,12 @@ func (a *AdmissionOptions) ApplyTo(
 	if err != nil {
 		return err
 	}
-	genericInitializer := initializer.New(clientset, informers, c.Authorizer, scheme)
+	genericInitializer := initializer.New(clientset, informers, c.Authorization.Authorizer, scheme)
 	initializersChain := admission.PluginInitializers{}
 	pluginInitializers = append(pluginInitializers, genericInitializer)
 	initializersChain = append(initializersChain, pluginInitializers...)
 
-	admissionChain, err := a.Plugins.NewFromPlugins(pluginNames, pluginsConfigProvider, initializersChain, admissionmetrics.WithControllerMetrics)
+	admissionChain, err := a.Plugins.NewFromPlugins(pluginNames, pluginsConfigProvider, initializersChain, admission.DecoratorFunc(admissionmetrics.WithControllerMetrics))
 	if err != nil {
 		return err
 	}
@@ -133,37 +150,66 @@ func (a *AdmissionOptions) ApplyTo(
 	return nil
 }
 
+// Validate verifies flags passed to AdmissionOptions.
 func (a *AdmissionOptions) Validate() []error {
+	if a == nil {
+		return nil
+	}
+
 	errs := []error{}
+
+	registeredPlugins := sets.NewString(a.Plugins.Registered()...)
+	for _, name := range a.EnablePlugins {
+		if !registeredPlugins.Has(name) {
+			errs = append(errs, fmt.Errorf("enable-admission-plugins plugin %q is unknown", name))
+		}
+	}
+
+	for _, name := range a.DisablePlugins {
+		if !registeredPlugins.Has(name) {
+			errs = append(errs, fmt.Errorf("disable-admission-plugins plugin %q is unknown", name))
+		}
+	}
+
+	enablePlugins := sets.NewString(a.EnablePlugins...)
+	disablePlugins := sets.NewString(a.DisablePlugins...)
+	if len(enablePlugins.Intersection(disablePlugins).List()) > 0 {
+		errs = append(errs, fmt.Errorf("%v in enable-admission-plugins and disable-admission-plugins "+
+			"overlapped", enablePlugins.Intersection(disablePlugins).List()))
+	}
+
+	// Verify RecommendedPluginOrder.
+	recommendPlugins := sets.NewString(a.RecommendedPluginOrder...)
+	intersections := registeredPlugins.Intersection(recommendPlugins)
+	if !intersections.Equal(recommendPlugins) {
+		// Developer error, this should never run in.
+		errs = append(errs, fmt.Errorf("plugins %v in RecommendedPluginOrder are not registered",
+			recommendPlugins.Difference(intersections).List()))
+	}
+	if !intersections.Equal(registeredPlugins) {
+		// Developer error, this should never run in.
+		errs = append(errs, fmt.Errorf("plugins %v registered are not in RecommendedPluginOrder",
+			registeredPlugins.Difference(intersections).List()))
+	}
+
 	return errs
 }
 
-// enabledPluginNames makes use of RecommendedPluginOrder and DefaultOffPlugins fields
-// to prepare a list of plugin names that are enabled.
-//
-// TODO(p0lyn0mial): In the end we will introduce two new flags:
-// --disable-admission-plugin this would be a list of admission plugins that a cluster-admin wants to explicitly disable.
-// --enable-admission-plugin  this would be a list of admission plugins that a cluster-admin wants to explicitly enable.
-// both flags are going to be handled by this method
+// enabledPluginNames makes use of RecommendedPluginOrder, DefaultOffPlugins,
+// EnablePlugins, DisablePlugins fields
+// to prepare a list of ordered plugin names that are enabled.
 func (a *AdmissionOptions) enabledPluginNames() []string {
-	//TODO(p0lyn0mial): first subtract plugins that a user wants to explicitly enable from allOffPlugins (DefaultOffPlugins)
-	//TODO(p0lyn0miial): then add/append plugins that a user wants to explicitly disable to allOffPlugins
-	//TODO(p0lyn0mial): so that --off=three --on=one,three default-off=one,two results in  "one" being enabled.
-	allOffPlugins := a.DefaultOffPlugins
-	onlyEnabledPluginNames := []string{}
-	for _, pluginName := range a.RecommendedPluginOrder {
-		disablePlugin := false
-		for _, disabledPluginName := range allOffPlugins {
-			if pluginName == disabledPluginName {
-				disablePlugin = true
-				break
-			}
-		}
-		if disablePlugin {
-			continue
+	allOffPlugins := append(a.DefaultOffPlugins.List(), a.DisablePlugins...)
+	disabledPlugins := sets.NewString(allOffPlugins...)
+	enabledPlugins := sets.NewString(a.EnablePlugins...)
+	disabledPlugins = disabledPlugins.Difference(enabledPlugins)
+
+	orderedPlugins := []string{}
+	for _, plugin := range a.RecommendedPluginOrder {
+		if !disabledPlugins.Has(plugin) {
+			orderedPlugins = append(orderedPlugins, plugin)
 		}
-		onlyEnabledPluginNames = append(onlyEnabledPluginNames, pluginName)
 	}
 
-	return onlyEnabledPluginNames
+	return orderedPlugins
 }
diff --git a/vendor/k8s.io/apiserver/pkg/server/options/api_enablement.go b/vendor/k8s.io/apiserver/pkg/server/options/api_enablement.go
new file mode 100644
index 000000000000..3901511f677f
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/server/options/api_enablement.go
@@ -0,0 +1,111 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package options
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/spf13/pflag"
+
+	"k8s.io/apiserver/pkg/server"
+	"k8s.io/apiserver/pkg/server/resourceconfig"
+	serverstore "k8s.io/apiserver/pkg/server/storage"
+	utilflag "k8s.io/apiserver/pkg/util/flag"
+)
+
+// APIEnablementOptions contains the options for which resources to turn on and off.
+// Given small aggregated API servers, this option isn't required for "normal" API servers
+type APIEnablementOptions struct {
+	RuntimeConfig utilflag.ConfigurationMap
+}
+
+func NewAPIEnablementOptions() *APIEnablementOptions {
+	return &APIEnablementOptions{
+		RuntimeConfig: make(utilflag.ConfigurationMap),
+	}
+}
+
+// AddFlags adds flags for a specific APIServer to the specified FlagSet
+func (s *APIEnablementOptions) AddFlags(fs *pflag.FlagSet) {
+	fs.Var(&s.RuntimeConfig, "runtime-config", ""+
+		"A set of key=value pairs that describe runtime configuration that may be passed "+
+		"to apiserver. <group>/<version> (or <version> for the core group) key can be used to "+
+		"turn on/off specific api versions. api/all is special key to control all api versions, "+
+		"be careful setting it false, unless you know what you do. api/legacy is deprecated, "+
+		"we will remove it in the future, so stop using it.")
+}
+
+// Validate validates RuntimeConfig with a list of registries.
+// Usually this list only has one element, the apiserver registry of the process.
+// But in the advanced (and usually not recommended) case of delegated apiservers there can be more.
+// Validate will filter out the known groups of each registry.
+// If anything is left over after that, an error is returned.
+func (s *APIEnablementOptions) Validate(registries ...GroupRegisty) []error {
+	if s == nil {
+		return nil
+	}
+
+	errors := []error{}
+	if s.RuntimeConfig["api/all"] == "false" && len(s.RuntimeConfig) == 1 {
+		// Do not allow only set api/all=false, in such case apiserver startup has no meaning.
+		return append(errors, fmt.Errorf("invliad key with only api/all=false"))
+	}
+
+	groups, err := resourceconfig.ParseGroups(s.RuntimeConfig)
+	if err != nil {
+		return append(errors, err)
+	}
+
+	for _, registry := range registries {
+		// filter out known groups
+		groups = unknownGroups(groups, registry)
+	}
+	if len(groups) != 0 {
+		errors = append(errors, fmt.Errorf("unknown api groups %s", strings.Join(groups, ",")))
+	}
+
+	return errors
+}
+
+// ApplyTo override MergedResourceConfig with defaults and registry
+func (s *APIEnablementOptions) ApplyTo(c *server.Config, defaultResourceConfig *serverstore.ResourceConfig, registry resourceconfig.GroupVersionRegistry) error {
+	if s == nil {
+		return nil
+	}
+
+	mergedResourceConfig, err := resourceconfig.MergeAPIResourceConfigs(defaultResourceConfig, s.RuntimeConfig, registry)
+	c.MergedResourceConfig = mergedResourceConfig
+
+	return err
+}
+
+func unknownGroups(groups []string, registry GroupRegisty) []string {
+	unknownGroups := []string{}
+	for _, group := range groups {
+		if !registry.IsRegistered(group) {
+			unknownGroups = append(unknownGroups, group)
+		}
+	}
+	return unknownGroups
+}
+
+// GroupRegisty provides a method to check whether given group is registered.
+type GroupRegisty interface {
+	// IsRegistered returns true if given group is registered.
+	IsRegistered(group string) bool
+}
diff --git a/vendor/k8s.io/apiserver/pkg/server/options/audit.go b/vendor/k8s.io/apiserver/pkg/server/options/audit.go
index e43ebb12bc90..887b52281f1b 100644
--- a/vendor/k8s.io/apiserver/pkg/server/options/audit.go
+++ b/vendor/k8s.io/apiserver/pkg/server/options/audit.go
@@ -21,6 +21,7 @@ import (
 	"io"
 	"os"
 	"strings"
+	"time"
 
 	"github.com/golang/glog"
 	"github.com/spf13/pflag"
@@ -32,6 +33,7 @@ import (
 	"k8s.io/apiserver/pkg/features"
 	"k8s.io/apiserver/pkg/server"
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
+	pluginbuffered "k8s.io/apiserver/plugin/pkg/audit/buffered"
 	pluginlog "k8s.io/apiserver/plugin/pkg/audit/log"
 	pluginwebhook "k8s.io/apiserver/plugin/pkg/audit/webhook"
 )
@@ -58,6 +60,33 @@ type AuditOptions struct {
 	WebhookOptions AuditWebhookOptions
 }
 
+const (
+	// ModeBatch indicates that the audit backend should buffer audit events
+	// internally, sending batch updates either once a certain number of
+	// events have been received or a certain amount of time has passed.
+	ModeBatch = "batch"
+	// ModeBlocking causes the audit backend to block on every attempt to process
+	// a set of events. This causes requests to the API server to wait for the
+	// flush before sending a response.
+	ModeBlocking = "blocking"
+)
+
+// AllowedModes is the modes known for audit backends.
+var AllowedModes = []string{
+	ModeBatch,
+	ModeBlocking,
+}
+
+type AuditBatchOptions struct {
+	// Should the backend asynchronous batch events to the webhook backend or
+	// should the backend block responses?
+	//
+	// Defaults to asynchronous batch events.
+	Mode string
+	// Configuration for batching backend. Only used in batch mode.
+	BatchConfig pluginbuffered.BatchConfig
+}
+
 // AuditLogOptions determines the output of the structured audit log by default.
 // If the AdvancedAuditing feature is set to false, AuditLogOptions holds the legacy
 // audit log writer.
@@ -67,27 +96,37 @@ type AuditLogOptions struct {
 	MaxBackups int
 	MaxSize    int
 	Format     string
+
+	BatchOptions AuditBatchOptions
 }
 
 // AuditWebhookOptions control the webhook configuration for audit events.
 type AuditWebhookOptions struct {
-	ConfigFile string
-	// Should the webhook asynchronous batch events to the webhook backend or
-	// should the webhook block responses?
-	//
-	// Defaults to asynchronous batch events.
-	Mode string
-	// Configuration for batching webhook. Only used in batch mode.
-	BatchConfig pluginwebhook.BatchBackendConfig
+	ConfigFile     string
+	InitialBackoff time.Duration
+
+	BatchOptions AuditBatchOptions
 }
 
 func NewAuditOptions() *AuditOptions {
+	defaultLogBatchConfig := pluginbuffered.NewDefaultBatchConfig()
+	defaultLogBatchConfig.ThrottleEnable = false
+
 	return &AuditOptions{
 		WebhookOptions: AuditWebhookOptions{
-			Mode:        pluginwebhook.ModeBatch,
-			BatchConfig: pluginwebhook.NewDefaultBatchBackendConfig(),
+			BatchOptions: AuditBatchOptions{
+				Mode:        ModeBatch,
+				BatchConfig: pluginbuffered.NewDefaultBatchConfig(),
+			},
+			InitialBackoff: pluginwebhook.DefaultInitialBackoff,
+		},
+		LogOptions: AuditLogOptions{
+			Format: pluginlog.FormatJson,
+			BatchOptions: AuditBatchOptions{
+				Mode:        ModeBlocking,
+				BatchConfig: defaultLogBatchConfig,
+			},
 		},
-		LogOptions: AuditLogOptions{Format: pluginlog.FormatJson},
 	}
 }
 
@@ -106,58 +145,45 @@ func (o *AuditOptions) Validate() []error {
 		if len(o.WebhookOptions.ConfigFile) > 0 {
 			allErrors = append(allErrors, fmt.Errorf("feature '%s' must be enabled to set option --audit-webhook-config-file", features.AdvancedAuditing))
 		}
-	} else {
-		// Check webhook mode
-		validMode := false
-		for _, m := range pluginwebhook.AllowedModes {
-			if m == o.WebhookOptions.Mode {
-				validMode = true
-				break
-			}
-		}
-		if !validMode {
-			allErrors = append(allErrors, fmt.Errorf("invalid audit webhook mode %s, allowed modes are %q", o.WebhookOptions.Mode, strings.Join(pluginwebhook.AllowedModes, ",")))
-		}
+	}
 
-		// Check webhook batch configuration
-		if o.WebhookOptions.BatchConfig.BufferSize <= 0 {
-			allErrors = append(allErrors, fmt.Errorf("invalid audit batch webhook buffer size %v, must be a positive number", o.WebhookOptions.BatchConfig.BufferSize))
-		}
-		if o.WebhookOptions.BatchConfig.MaxBatchSize <= 0 {
-			allErrors = append(allErrors, fmt.Errorf("invalid audit batch webhook max batch size %v, must be a positive number", o.WebhookOptions.BatchConfig.MaxBatchSize))
-		}
-		if o.WebhookOptions.BatchConfig.ThrottleQPS <= 0 {
-			allErrors = append(allErrors, fmt.Errorf("invalid audit batch webhook throttle QPS %v, must be a positive number", o.WebhookOptions.BatchConfig.ThrottleQPS))
-		}
-		if o.WebhookOptions.BatchConfig.ThrottleBurst <= 0 {
-			allErrors = append(allErrors, fmt.Errorf("invalid audit batch webhook throttle burst %v, must be a positive number", o.WebhookOptions.BatchConfig.ThrottleBurst))
-		}
+	allErrors = append(allErrors, o.LogOptions.Validate()...)
+	allErrors = append(allErrors, o.WebhookOptions.Validate()...)
 
-		// Check log format
-		validFormat := false
-		for _, f := range pluginlog.AllowedFormats {
-			if f == o.LogOptions.Format {
-				validFormat = true
-				break
-			}
-		}
-		if !validFormat {
-			allErrors = append(allErrors, fmt.Errorf("invalid audit log format %s, allowed formats are %q", o.LogOptions.Format, strings.Join(pluginlog.AllowedFormats, ",")))
+	return allErrors
+}
+
+func validateBackendMode(pluginName string, mode string) error {
+	for _, m := range AllowedModes {
+		if m == mode {
+			return nil
 		}
 	}
+	return fmt.Errorf("invalid audit %s mode %s, allowed modes are %q", pluginName, mode, strings.Join(AllowedModes, ","))
+}
 
-	// Check validities of MaxAge, MaxBackups and MaxSize of log options
-	if o.LogOptions.MaxAge < 0 {
-		allErrors = append(allErrors, fmt.Errorf("--audit-log-maxage %v can't be a negative number", o.LogOptions.MaxAge))
+func validateBackendBatchOptions(pluginName string, options AuditBatchOptions) error {
+	if err := validateBackendMode(pluginName, options.Mode); err != nil {
+		return err
 	}
-	if o.LogOptions.MaxBackups < 0 {
-		allErrors = append(allErrors, fmt.Errorf("--audit-log-maxbackup %v can't be a negative number", o.LogOptions.MaxBackups))
+	if options.Mode != ModeBatch {
+		// Don't validate the unused options.
+		return nil
 	}
-	if o.LogOptions.MaxSize < 0 {
-		allErrors = append(allErrors, fmt.Errorf("--audit-log-maxsize %v can't be a negative number", o.LogOptions.MaxSize))
+	config := options.BatchConfig
+	if config.BufferSize <= 0 {
+		return fmt.Errorf("invalid audit batch %s buffer size %v, must be a positive number", pluginName, config.BufferSize)
 	}
-
-	return allErrors
+	if config.MaxBatchSize <= 0 {
+		return fmt.Errorf("invalid audit batch %s max batch size %v, must be a positive number", pluginName, config.MaxBatchSize)
+	}
+	if config.ThrottleQPS <= 0 {
+		return fmt.Errorf("invalid audit batch %s throttle QPS %v, must be a positive number", pluginName, config.ThrottleQPS)
+	}
+	if config.ThrottleBurst <= 0 {
+		return fmt.Errorf("invalid audit batch %s throttle burst %v, must be a positive number", pluginName, config.ThrottleBurst)
+	}
+	return nil
 }
 
 func (o *AuditOptions) AddFlags(fs *pflag.FlagSet) {
@@ -170,7 +196,9 @@ func (o *AuditOptions) AddFlags(fs *pflag.FlagSet) {
 			" With AdvancedAuditing, a profile is required to enable auditing.")
 
 	o.LogOptions.AddFlags(fs)
+	o.LogOptions.BatchOptions.AddFlags(pluginlog.PluginName, fs)
 	o.WebhookOptions.AddFlags(fs)
+	o.WebhookOptions.BatchOptions.AddFlags(pluginwebhook.PluginName, fs)
 }
 
 func (o *AuditOptions) ApplyTo(c *server.Config) error {
@@ -216,6 +244,36 @@ func (o *AuditOptions) applyTo(c *server.Config) error {
 	return nil
 }
 
+func (o *AuditBatchOptions) AddFlags(pluginName string, fs *pflag.FlagSet) {
+	fs.StringVar(&o.Mode, fmt.Sprintf("audit-%s-mode", pluginName), o.Mode,
+		"Strategy for sending audit events. Blocking indicates sending events should block"+
+			" server responses. Batch causes the backend to buffer and write events"+
+			" asynchronously. Known modes are "+strings.Join(AllowedModes, ",")+".")
+	fs.IntVar(&o.BatchConfig.BufferSize, fmt.Sprintf("audit-%s-batch-buffer-size", pluginName),
+		o.BatchConfig.BufferSize, "The size of the buffer to store events before "+
+			"batching and writing. Only used in batch mode.")
+	fs.IntVar(&o.BatchConfig.MaxBatchSize, fmt.Sprintf("audit-%s-batch-max-size", pluginName),
+		o.BatchConfig.MaxBatchSize, "The maximum size of a batch. Only used in batch mode.")
+	fs.DurationVar(&o.BatchConfig.MaxBatchWait, fmt.Sprintf("audit-%s-batch-max-wait", pluginName),
+		o.BatchConfig.MaxBatchWait, "The amount of time to wait before force writing the "+
+			"batch that hadn't reached the max size. Only used in batch mode.")
+	fs.BoolVar(&o.BatchConfig.ThrottleEnable, fmt.Sprintf("audit-%s-batch-throttle-enable", pluginName),
+		o.BatchConfig.ThrottleEnable, "Whether batching throttling is enabled. Only used in batch mode.")
+	fs.Float32Var(&o.BatchConfig.ThrottleQPS, fmt.Sprintf("audit-%s-batch-throttle-qps", pluginName),
+		o.BatchConfig.ThrottleQPS, "Maximum average number of batches per second. "+
+			"Only used in batch mode.")
+	fs.IntVar(&o.BatchConfig.ThrottleBurst, fmt.Sprintf("audit-%s-batch-throttle-burst", pluginName),
+		o.BatchConfig.ThrottleBurst, "Maximum number of requests sent at the same "+
+			"moment if ThrottleQPS was not utilized before. Only used in batch mode.")
+}
+
+func (o *AuditBatchOptions) wrapBackend(delegate audit.Backend) audit.Backend {
+	if o.Mode == ModeBlocking {
+		return delegate
+	}
+	return pluginbuffered.NewBackend(delegate, o.BatchConfig)
+}
+
 func (o *AuditLogOptions) AddFlags(fs *pflag.FlagSet) {
 	fs.StringVar(&o.Path, "audit-log-path", o.Path,
 		"If set, all requests coming to the apiserver will be logged to this file.  '-' means standard out.")
@@ -231,8 +289,52 @@ func (o *AuditLogOptions) AddFlags(fs *pflag.FlagSet) {
 			" gate. Known formats are "+strings.Join(pluginlog.AllowedFormats, ",")+".")
 }
 
+func (o *AuditLogOptions) Validate() []error {
+	// Check whether the log backend is enabled based on the options.
+	if !o.enabled() {
+		return nil
+	}
+
+	var allErrors []error
+	if advancedAuditingEnabled() {
+		if err := validateBackendBatchOptions(pluginlog.PluginName, o.BatchOptions); err != nil {
+			allErrors = append(allErrors, err)
+		}
+
+		// Check log format
+		validFormat := false
+		for _, f := range pluginlog.AllowedFormats {
+			if f == o.Format {
+				validFormat = true
+				break
+			}
+		}
+		if !validFormat {
+			allErrors = append(allErrors, fmt.Errorf("invalid audit log format %s, allowed formats are %q", o.Format, strings.Join(pluginlog.AllowedFormats, ",")))
+		}
+	}
+
+	// Check validities of MaxAge, MaxBackups and MaxSize of log options, if file log backend is enabled.
+	if o.MaxAge < 0 {
+		allErrors = append(allErrors, fmt.Errorf("--audit-log-maxage %v can't be a negative number", o.MaxAge))
+	}
+	if o.MaxBackups < 0 {
+		allErrors = append(allErrors, fmt.Errorf("--audit-log-maxbackup %v can't be a negative number", o.MaxBackups))
+	}
+	if o.MaxSize < 0 {
+		allErrors = append(allErrors, fmt.Errorf("--audit-log-maxsize %v can't be a negative number", o.MaxSize))
+	}
+
+	return allErrors
+}
+
+// Check whether the log backend is enabled based on the options.
+func (o *AuditLogOptions) enabled() bool {
+	return o != nil && o.Path != ""
+}
+
 func (o *AuditLogOptions) getWriter() io.Writer {
-	if o.Path == "" {
+	if !o.enabled() {
 		return nil
 	}
 
@@ -250,7 +352,8 @@ func (o *AuditLogOptions) getWriter() io.Writer {
 
 func (o *AuditLogOptions) advancedApplyTo(c *server.Config) error {
 	if w := o.getWriter(); w != nil {
-		c.AuditBackend = appendBackend(c.AuditBackend, pluginlog.NewBackend(w, o.Format, auditv1beta1.SchemeGroupVersion))
+		log := pluginlog.NewBackend(w, o.Format, auditv1beta1.SchemeGroupVersion)
+		c.AuditBackend = appendBackend(c.AuditBackend, o.BatchOptions.wrapBackend(log))
 	}
 	return nil
 }
@@ -264,39 +367,41 @@ func (o *AuditWebhookOptions) AddFlags(fs *pflag.FlagSet) {
 	fs.StringVar(&o.ConfigFile, "audit-webhook-config-file", o.ConfigFile,
 		"Path to a kubeconfig formatted file that defines the audit webhook configuration."+
 			" Requires the 'AdvancedAuditing' feature gate.")
-	fs.StringVar(&o.Mode, "audit-webhook-mode", o.Mode,
-		"Strategy for sending audit events. Blocking indicates sending events should block"+
-			" server responses. Batch causes the webhook to buffer and send events"+
-			" asynchronously. Known modes are "+strings.Join(pluginwebhook.AllowedModes, ",")+".")
-	fs.IntVar(&o.BatchConfig.BufferSize, "audit-webhook-batch-buffer-size",
-		o.BatchConfig.BufferSize, "The size of the buffer to store events before "+
-			"batching and sending to the webhook. Only used in batch mode.")
-	fs.IntVar(&o.BatchConfig.MaxBatchSize, "audit-webhook-batch-max-size",
-		o.BatchConfig.MaxBatchSize, "The maximum size of a batch sent to the webhook. "+
-			"Only used in batch mode.")
-	fs.DurationVar(&o.BatchConfig.MaxBatchWait, "audit-webhook-batch-max-wait",
-		o.BatchConfig.MaxBatchWait, "The amount of time to wait before force sending the "+
-			"batch that hadn't reached the max size. Only used in batch mode.")
-	fs.Float32Var(&o.BatchConfig.ThrottleQPS, "audit-webhook-batch-throttle-qps",
-		o.BatchConfig.ThrottleQPS, "Maximum average number of requests per second. "+
-			"Only used in batch mode.")
-	fs.IntVar(&o.BatchConfig.ThrottleBurst, "audit-webhook-batch-throttle-burst",
-		o.BatchConfig.ThrottleBurst, "Maximum number of requests sent at the same "+
-			"moment if ThrottleQPS was not utilized before. Only used in batch mode.")
-	fs.DurationVar(&o.BatchConfig.InitialBackoff, "audit-webhook-batch-initial-backoff",
-		o.BatchConfig.InitialBackoff, "The amount of time to wait before retrying the "+
-			"first failed requests. Only used in batch mode.")
+	fs.DurationVar(&o.InitialBackoff, "audit-webhook-initial-backoff",
+		o.InitialBackoff, "The amount of time to wait before retrying the first failed request.")
+	fs.DurationVar(&o.InitialBackoff, "audit-webhook-batch-initial-backoff",
+		o.InitialBackoff, "The amount of time to wait before retrying the first failed request.")
+	fs.MarkDeprecated("audit-webhook-batch-initial-backoff",
+		"Deprecated, use --audit-webhook-initial-backoff instead.")
+}
+
+func (o *AuditWebhookOptions) Validate() []error {
+	if !o.enabled() {
+		return nil
+	}
+
+	var allErrors []error
+	if advancedAuditingEnabled() {
+		if err := validateBackendBatchOptions(pluginwebhook.PluginName, o.BatchOptions); err != nil {
+			allErrors = append(allErrors, err)
+		}
+	}
+	return allErrors
+}
+
+func (o *AuditWebhookOptions) enabled() bool {
+	return o != nil && o.ConfigFile != ""
 }
 
 func (o *AuditWebhookOptions) applyTo(c *server.Config) error {
-	if o.ConfigFile == "" {
+	if !o.enabled() {
 		return nil
 	}
 
-	webhook, err := pluginwebhook.NewBackend(o.ConfigFile, o.Mode, auditv1beta1.SchemeGroupVersion, o.BatchConfig)
+	webhook, err := pluginwebhook.NewBackend(o.ConfigFile, auditv1beta1.SchemeGroupVersion, o.InitialBackoff)
 	if err != nil {
 		return fmt.Errorf("initializing audit webhook: %v", err)
 	}
-	c.AuditBackend = appendBackend(c.AuditBackend, webhook)
+	c.AuditBackend = appendBackend(c.AuditBackend, o.BatchOptions.wrapBackend(webhook))
 	return nil
 }
diff --git a/vendor/k8s.io/apiserver/pkg/server/options/authentication.go b/vendor/k8s.io/apiserver/pkg/server/options/authentication.go
index 28c933bea54d..04e1ea815e76 100644
--- a/vendor/k8s.io/apiserver/pkg/server/options/authentication.go
+++ b/vendor/k8s.io/apiserver/pkg/server/options/authentication.go
@@ -32,6 +32,7 @@ import (
 	coreclient "k8s.io/client-go/kubernetes/typed/core/v1"
 	"k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/clientcmd"
+	openapicommon "k8s.io/kube-openapi/pkg/common"
 )
 
 type RequestHeaderAuthenticationOptions struct {
@@ -130,6 +131,10 @@ func (s *DelegatingAuthenticationOptions) Validate() []error {
 }
 
 func (s *DelegatingAuthenticationOptions) AddFlags(fs *pflag.FlagSet) {
+	if s == nil {
+		return
+	}
+
 	fs.StringVar(&s.RemoteKubeConfigFile, "authentication-kubeconfig", s.RemoteKubeConfigFile, ""+
 		"kubeconfig file pointing at the 'core' kubernetes server with enough rights to create "+
 		"tokenaccessreviews.authentication.k8s.io.")
@@ -146,7 +151,7 @@ func (s *DelegatingAuthenticationOptions) AddFlags(fs *pflag.FlagSet) {
 
 }
 
-func (s *DelegatingAuthenticationOptions) ApplyTo(c *server.Config) error {
+func (s *DelegatingAuthenticationOptions) ApplyTo(c *server.AuthenticationInfo, servingInfo *server.SecureServingInfo, openAPIConfig *openapicommon.Config) error {
 	if s == nil {
 		c.Authenticator = nil
 		return nil
@@ -156,8 +161,7 @@ func (s *DelegatingAuthenticationOptions) ApplyTo(c *server.Config) error {
 	if err != nil {
 		return err
 	}
-	c, err = c.ApplyClientCert(clientCA.ClientCA)
-	if err != nil {
+	if err = c.ApplyClientCert(clientCA.ClientCA, servingInfo); err != nil {
 		return fmt.Errorf("unable to load client CA file: %v", err)
 	}
 
@@ -165,8 +169,7 @@ func (s *DelegatingAuthenticationOptions) ApplyTo(c *server.Config) error {
 	if err != nil {
 		return err
 	}
-	c, err = c.ApplyClientCert(requestHeader.ClientCAFile)
-	if err != nil {
+	if err = c.ApplyClientCert(requestHeader.ClientCAFile, servingInfo); err != nil {
 		return fmt.Errorf("unable to load client CA file: %v", err)
 	}
 
@@ -180,8 +183,8 @@ func (s *DelegatingAuthenticationOptions) ApplyTo(c *server.Config) error {
 	}
 
 	c.Authenticator = authenticator
-	if c.OpenAPIConfig != nil {
-		c.OpenAPIConfig.SecurityDefinitions = securityDefinitions
+	if openAPIConfig != nil {
+		openAPIConfig.SecurityDefinitions = securityDefinitions
 	}
 	c.SupportsBasicAuth = false
 
diff --git a/vendor/k8s.io/apiserver/pkg/server/options/authorization.go b/vendor/k8s.io/apiserver/pkg/server/options/authorization.go
index 9a452d11e6b9..fb8899bff9b5 100644
--- a/vendor/k8s.io/apiserver/pkg/server/options/authorization.go
+++ b/vendor/k8s.io/apiserver/pkg/server/options/authorization.go
@@ -74,7 +74,7 @@ func (s *DelegatingAuthorizationOptions) AddFlags(fs *pflag.FlagSet) {
 		"The duration to cache 'unauthorized' responses from the webhook authorizer.")
 }
 
-func (s *DelegatingAuthorizationOptions) ApplyTo(c *server.Config) error {
+func (s *DelegatingAuthorizationOptions) ApplyTo(c *server.AuthorizationInfo) error {
 	if s == nil {
 		c.Authorizer = authorizerfactory.NewAlwaysAllowAuthorizer()
 		return nil
diff --git a/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/BUILD b/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/BUILD
index bfea74f88431..471306cba7fe 100644
--- a/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/BUILD
@@ -10,13 +10,11 @@ go_library(
     name = "go_default_library",
     srcs = [
         "config.go",
-        "plugins.go",
         "types.go",
     ],
     importpath = "k8s.io/apiserver/pkg/server/options/encryptionconfig",
     deps = [
         "//vendor/github.com/ghodss/yaml:go_default_library",
-        "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/value:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/value/encrypt/aes:go_default_library",
@@ -29,8 +27,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["config_test.go"],
-    importpath = "k8s.io/apiserver/pkg/server/options/encryptionconfig",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/value:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/config.go b/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/config.go
index ad2f0927c6a1..4c6fd5a39cfe 100644
--- a/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/config.go
+++ b/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/config.go
@@ -102,6 +102,9 @@ func ParseEncryptionConfiguration(f io.Reader) (map[schema.GroupResource]value.T
 	return result, nil
 }
 
+// The factory to create kms service. This is to make writing test easier.
+var envelopeServiceFactory = envelope.NewGRPCService
+
 // GetPrefixTransformers constructs and returns the appropriate prefix transformers for the passed resource using its configuration
 func GetPrefixTransformers(config *ResourceConfig) ([]value.PrefixTransformer, error) {
 	var result []value.PrefixTransformer
@@ -150,18 +153,18 @@ func GetPrefixTransformers(config *ResourceConfig) ([]value.PrefixTransformer, e
 			if found == true {
 				return nil, fmt.Errorf("more than one provider specified in a single element, should split into different list elements")
 			}
-			f, err := os.Open(provider.KMS.ConfigFile)
-			if err != nil {
-				return nil, fmt.Errorf("error opening KMS provider configuration file %q: %v", provider.KMS.ConfigFile, err)
+
+			// Ensure the endpoint is provided.
+			if len(provider.KMS.Endpoint) == 0 {
+				return nil, fmt.Errorf("remote KMS provider can't use empty string as endpoint")
 			}
-			defer f.Close()
-			envelopeService, pluginFound, err := KMSPluginRegistry.getPlugin(provider.KMS.Name, f)
+
+			// Get gRPC client service with endpoint.
+			envelopeService, err := envelopeServiceFactory(provider.KMS.Endpoint)
 			if err != nil {
-				return nil, fmt.Errorf("could not configure KMS plugin %q, %v", provider.KMS.Name, err)
-			}
-			if pluginFound == false {
-				return nil, fmt.Errorf("KMS plugin %q not found", provider.KMS.Name)
+				return nil, fmt.Errorf("could not configure KMS plugin %q, error: %v", provider.KMS.Name, err)
 			}
+
 			transformer, err = getEnvelopePrefixTransformer(provider.KMS, envelopeService, kmsTransformerPrefixV1)
 			found = true
 		}
diff --git a/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/plugins.go b/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/plugins.go
deleted file mode 100644
index 310c7238f59c..000000000000
--- a/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/plugins.go
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
-Copyright 2017 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package encryptionconfig
-
-import (
-	"bytes"
-	"io"
-	"io/ioutil"
-	"reflect"
-	"sync"
-
-	"github.com/golang/glog"
-
-	"k8s.io/apiserver/pkg/storage/value/encrypt/envelope"
-)
-
-// Factory is a function that returns an envelope Service for encryption providers.
-// The config parameter provides an io.Reader handler to the factory in
-// order to load specific configurations. If no configuration is provided
-// the parameter is nil.
-type Factory func(config io.Reader) (envelope.Service, error)
-
-// KMSPlugins contains all registered KMS options.
-type KMSPlugins struct {
-	lock     sync.RWMutex
-	registry map[string]Factory
-}
-
-var (
-	// PluginEnabledFn checks whether a plugin is enabled.  By default, if you ask about it, it's enabled.
-	PluginEnabledFn = func(name string, config io.Reader) bool {
-		return true
-	}
-
-	// KMSPluginRegistry contains the registered KMS plugins which can be used for configuring
-	// encryption providers.
-	KMSPluginRegistry = KMSPlugins{}
-)
-
-// PluginEnabledFunc is a function type that can provide an external check on whether an admission plugin may be enabled
-type PluginEnabledFunc func(name string, config io.Reader) bool
-
-// Register registers a plugin Factory by name. This
-// is expected to happen during app startup. It does not allow
-// registering a plugin by the same name twice.
-func (ps *KMSPlugins) Register(name string, plugin Factory) {
-	ps.lock.Lock()
-	defer ps.lock.Unlock()
-	_, found := ps.registry[name]
-	if ps.registry == nil {
-		ps.registry = map[string]Factory{}
-	}
-	if found {
-		glog.Fatalf("KMS plugin %q was registered twice", name)
-	} else {
-		ps.registry[name] = plugin
-		glog.V(1).Infof("Registered KMS plugin %q", name)
-	}
-}
-
-// getPlugin creates an instance of the named plugin.  It returns `false` if the
-// the name is not known. The error is returned only when the named provider was
-// known but failed to initialize.  The config parameter specifies the io.Reader
-// handler of the configuration file for the cloud provider, or nil for no configuration.
-func (ps *KMSPlugins) getPlugin(name string, config io.Reader) (envelope.Service, bool, error) {
-	f, found := ps.fetchPluginFromRegistry(name)
-	if !found {
-		return nil, false, nil
-	}
-
-	config1, config2, err := splitStream(config)
-	if err != nil {
-		return nil, true, err
-	}
-	if !PluginEnabledFn(name, config1) {
-		return nil, true, nil
-	}
-
-	ret, err := f(config2)
-	return ret, true, err
-}
-
-// fetchPluginFromRegistry tries to get a registered plugin with the requested name.
-func (ps *KMSPlugins) fetchPluginFromRegistry(name string) (Factory, bool) {
-	ps.lock.RLock()
-	defer ps.lock.RUnlock()
-	// Map lookup defaults to single value context
-	f, found := ps.registry[name]
-	return f, found
-}
-
-// splitStream reads the stream bytes and constructs two copies of it.
-func splitStream(config io.Reader) (io.Reader, io.Reader, error) {
-	if config == nil || reflect.ValueOf(config).IsNil() {
-		return nil, nil, nil
-	}
-
-	configBytes, err := ioutil.ReadAll(config)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	return bytes.NewBuffer(configBytes), bytes.NewBuffer(configBytes), nil
-}
diff --git a/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/types.go b/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/types.go
index 1603e044a312..67dfa6c9fcef 100644
--- a/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/types.go
+++ b/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/types.go
@@ -81,6 +81,6 @@ type KMSConfig struct {
 	// cacheSize is the maximum number of secrets which are cached in memory. The default value is 1000.
 	// +optional
 	CacheSize int `json:"cachesize,omitempty"`
-	// configfile is the path to the configuration file for the named KMS provider.
-	ConfigFile string `json:"configfile"`
+	// the gRPC server listening address, for example "unix:///var/run/kms-provider.sock".
+	Endpoint string `json:"endpoint"`
 }
diff --git a/vendor/k8s.io/apiserver/pkg/server/options/etcd.go b/vendor/k8s.io/apiserver/pkg/server/options/etcd.go
index d522cde9bcb8..5b8f1b9bb1ec 100644
--- a/vendor/k8s.io/apiserver/pkg/server/options/etcd.go
+++ b/vendor/k8s.io/apiserver/pkg/server/options/etcd.go
@@ -21,6 +21,7 @@ import (
 	"net/http"
 	"strconv"
 	"strings"
+	"time"
 
 	"github.com/spf13/pflag"
 
@@ -36,7 +37,7 @@ import (
 )
 
 type EtcdOptions struct {
-	// The value of Paging on StorageConfig will be overriden by the
+	// The value of Paging on StorageConfig will be overridden by the
 	// calculated feature gate value.
 	StorageConfig                    storagebackend.Config
 	EncryptionProviderConfigFilepath string
@@ -64,7 +65,7 @@ var storageTypes = sets.NewString(
 )
 
 func NewEtcdOptions(backendConfig *storagebackend.Config) *EtcdOptions {
-	return &EtcdOptions{
+	options := &EtcdOptions{
 		StorageConfig:           *backendConfig,
 		DefaultStorageMediaType: "application/json",
 		DeleteCollectionWorkers: 1,
@@ -72,6 +73,8 @@ func NewEtcdOptions(backendConfig *storagebackend.Config) *EtcdOptions {
 		EnableWatchCache:        true,
 		DefaultWatchCacheSize:   100,
 	}
+	options.StorageConfig.CountMetricPollPeriod = time.Minute
+	return options
 }
 
 func (s *EtcdOptions) Validate() []error {
@@ -119,8 +122,10 @@ func (s *EtcdOptions) AddFlags(fs *pflag.FlagSet) {
 
 	fs.StringSliceVar(&s.WatchCacheSizes, "watch-cache-sizes", s.WatchCacheSizes, ""+
 		"List of watch cache sizes for every resource (pods, nodes, etc.), comma separated. "+
-		"The individual override format: resource#size, where size is a number. It takes effect "+
-		"when watch-cache is enabled.")
+		"The individual override format: resource[.group]#size, where resource is lowercase plural (no version), "+
+		"group is optional, and size is a number. It takes effect when watch-cache is enabled. "+
+		"Some resources (replicationcontrollers, endpoints, nodes, pods, services, apiservices.apiregistration.k8s.io) "+
+		"have system defaults set by heuristics, others default to default-watch-cache-size")
 
 	fs.StringVar(&s.StorageConfig.Type, "storage-backend", s.StorageConfig.Type,
 		"The storage backend for persistence. Options: 'etcd3' (default), 'etcd2'.")
@@ -153,6 +158,8 @@ func (s *EtcdOptions) AddFlags(fs *pflag.FlagSet) {
 	fs.DurationVar(&s.StorageConfig.CompactionInterval, "etcd-compaction-interval", s.StorageConfig.CompactionInterval,
 		"The interval of compaction requests. If 0, the compaction request from apiserver is disabled.")
 
+	fs.DurationVar(&s.StorageConfig.CountMetricPollPeriod, "etcd-count-metric-poll-period", s.StorageConfig.CountMetricPollPeriod, ""+
+		"Frequency of polling etcd for number of resources per type. 0 disables the metric collection.")
 }
 
 func (s *EtcdOptions) ApplyTo(c *server.Config) error {
@@ -195,6 +202,7 @@ func (f *SimpleRestOptionsFactory) GetRESTOptions(resource schema.GroupResource)
 		EnableGarbageCollection: f.Options.EnableGarbageCollection,
 		DeleteCollectionWorkers: f.Options.DeleteCollectionWorkers,
 		ResourcePrefix:          resource.Group + "/" + resource.Resource,
+		CountMetricPollPeriod:   f.Options.StorageConfig.CountMetricPollPeriod,
 	}
 	if f.Options.EnableWatchCache {
 		sizes, err := ParseWatchCacheSizes(f.Options.WatchCacheSizes)
@@ -227,6 +235,7 @@ func (f *storageFactoryRestOptionsFactory) GetRESTOptions(resource schema.GroupR
 		DeleteCollectionWorkers: f.Options.DeleteCollectionWorkers,
 		EnableGarbageCollection: f.Options.EnableGarbageCollection,
 		ResourcePrefix:          f.StorageFactory.ResourcePrefix(resource),
+		CountMetricPollPeriod:   f.Options.StorageConfig.CountMetricPollPeriod,
 	}
 	if f.Options.EnableWatchCache {
 		sizes, err := ParseWatchCacheSizes(f.Options.WatchCacheSizes)
diff --git a/vendor/k8s.io/apiserver/pkg/server/options/recommended.go b/vendor/k8s.io/apiserver/pkg/server/options/recommended.go
index 21c3dd76159f..ebd750c2b21c 100644
--- a/vendor/k8s.io/apiserver/pkg/server/options/recommended.go
+++ b/vendor/k8s.io/apiserver/pkg/server/options/recommended.go
@@ -20,6 +20,7 @@ import (
 	"github.com/spf13/pflag"
 
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apiserver/pkg/admission"
 	"k8s.io/apiserver/pkg/server"
 	"k8s.io/apiserver/pkg/storage/storagebackend"
 )
@@ -29,23 +30,38 @@ import (
 // Each of them can be nil to leave the feature unconfigured on ApplyTo.
 type RecommendedOptions struct {
 	Etcd           *EtcdOptions
-	SecureServing  *SecureServingOptions
+	SecureServing  *SecureServingOptionsWithLoopback
 	Authentication *DelegatingAuthenticationOptions
 	Authorization  *DelegatingAuthorizationOptions
 	Audit          *AuditOptions
 	Features       *FeatureOptions
 	CoreAPI        *CoreAPIOptions
+
+	// ExtraAdmissionInitializers is called once after all ApplyTo from the options above, to pass the returned
+	// admission plugin initializers to Admission.ApplyTo.
+	ExtraAdmissionInitializers func(c *server.RecommendedConfig) ([]admission.PluginInitializer, error)
+	Admission                  *AdmissionOptions
 }
 
 func NewRecommendedOptions(prefix string, codec runtime.Codec) *RecommendedOptions {
+	sso := NewSecureServingOptions()
+
+	// We are composing recommended options for an aggregated api-server,
+	// whose client is typically a proxy multiplexing many operations ---
+	// notably including long-running ones --- into one HTTP/2 connection
+	// into this server.  So allow many concurrent operations.
+	sso.HTTP2MaxStreamsPerConnection = 1000
+
 	return &RecommendedOptions{
-		Etcd:           NewEtcdOptions(storagebackend.NewDefaultConfig(prefix, codec)),
-		SecureServing:  NewSecureServingOptions(),
-		Authentication: NewDelegatingAuthenticationOptions(),
-		Authorization:  NewDelegatingAuthorizationOptions(),
-		Audit:          NewAuditOptions(),
-		Features:       NewFeatureOptions(),
-		CoreAPI:        NewCoreAPIOptions(),
+		Etcd:                       NewEtcdOptions(storagebackend.NewDefaultConfig(prefix, codec)),
+		SecureServing:              WithLoopback(sso),
+		Authentication:             NewDelegatingAuthenticationOptions(),
+		Authorization:              NewDelegatingAuthorizationOptions(),
+		Audit:                      NewAuditOptions(),
+		Features:                   NewFeatureOptions(),
+		CoreAPI:                    NewCoreAPIOptions(),
+		ExtraAdmissionInitializers: func(c *server.RecommendedConfig) ([]admission.PluginInitializer, error) { return nil, nil },
+		Admission:                  NewAdmissionOptions(),
 	}
 }
 
@@ -57,19 +73,23 @@ func (o *RecommendedOptions) AddFlags(fs *pflag.FlagSet) {
 	o.Audit.AddFlags(fs)
 	o.Features.AddFlags(fs)
 	o.CoreAPI.AddFlags(fs)
+	o.Admission.AddFlags(fs)
 }
 
-func (o *RecommendedOptions) ApplyTo(config *server.RecommendedConfig) error {
+// ApplyTo adds RecommendedOptions to the server configuration.
+// scheme is the scheme of the apiserver types that are sent to the admission chain.
+// pluginInitializers can be empty, it is only need for additional initializers.
+func (o *RecommendedOptions) ApplyTo(config *server.RecommendedConfig, scheme *runtime.Scheme) error {
 	if err := o.Etcd.ApplyTo(&config.Config); err != nil {
 		return err
 	}
 	if err := o.SecureServing.ApplyTo(&config.Config); err != nil {
 		return err
 	}
-	if err := o.Authentication.ApplyTo(&config.Config); err != nil {
+	if err := o.Authentication.ApplyTo(&config.Config.Authentication, config.SecureServing, config.OpenAPIConfig); err != nil {
 		return err
 	}
-	if err := o.Authorization.ApplyTo(&config.Config); err != nil {
+	if err := o.Authorization.ApplyTo(&config.Config.Authorization); err != nil {
 		return err
 	}
 	if err := o.Audit.ApplyTo(&config.Config); err != nil {
@@ -81,6 +101,12 @@ func (o *RecommendedOptions) ApplyTo(config *server.RecommendedConfig) error {
 	if err := o.CoreAPI.ApplyTo(config); err != nil {
 		return err
 	}
+	if initializers, err := o.ExtraAdmissionInitializers(config); err != nil {
+		return err
+	} else if err := o.Admission.ApplyTo(&config.Config, config.SharedInformerFactory, config.ClientConfig, scheme, initializers...); err != nil {
+		return err
+	}
+
 	return nil
 }
 
@@ -93,6 +119,7 @@ func (o *RecommendedOptions) Validate() []error {
 	errors = append(errors, o.Audit.Validate()...)
 	errors = append(errors, o.Features.Validate()...)
 	errors = append(errors, o.CoreAPI.Validate()...)
+	errors = append(errors, o.Admission.Validate()...)
 
 	return errors
 }
diff --git a/vendor/k8s.io/apiserver/pkg/server/options/serving.go b/vendor/k8s.io/apiserver/pkg/server/options/serving.go
index 43042fde97bf..c4c2bf9865f1 100644
--- a/vendor/k8s.io/apiserver/pkg/server/options/serving.go
+++ b/vendor/k8s.io/apiserver/pkg/server/options/serving.go
@@ -18,15 +18,12 @@ package options
 
 import (
 	"crypto/tls"
-	"encoding/pem"
 	"fmt"
-	"io/ioutil"
 	"net"
 	"path"
 	"strconv"
 
 	"github.com/golang/glog"
-	"github.com/pborman/uuid"
 	"github.com/spf13/pflag"
 
 	utilnet "k8s.io/apimachinery/pkg/util/net"
@@ -37,7 +34,8 @@ import (
 
 type SecureServingOptions struct {
 	BindAddress net.IP
-	BindPort    int
+	// BindPort is ignored when Listener is set, will serve https even with 0.
+	BindPort int
 	// BindNetwork is the type of network to bind to - defaults to "tcp", accepts "tcp",
 	// "tcp4", and "tcp6".
 	BindNetwork string
@@ -51,6 +49,16 @@ type SecureServingOptions struct {
 	ServerCert GeneratableKeyCert
 	// SNICertKeys are named CertKeys for serving secure traffic with SNI support.
 	SNICertKeys []utilflag.NamedCertKey
+	// CipherSuites is the list of allowed cipher suites for the server.
+	// Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants).
+	CipherSuites []string
+	// MinTLSVersion is the minimum TLS version supported.
+	// Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants).
+	MinTLSVersion string
+
+	// HTTP2MaxStreamsPerConnection is the limit that the api server imposes on each client.
+	// A value of zero means to use the default provided by golang's HTTP/2 support.
+	HTTP2MaxStreamsPerConnection int
 }
 
 type CertKey struct {
@@ -63,8 +71,6 @@ type CertKey struct {
 type GeneratableKeyCert struct {
 	CertKey CertKey
 
-	// CACertFile is an optional file containing the certificate chain for CertKey.CertFile
-	CACertFile string
 	// CertDirectory is a directory that will contain the certificates.  If the cert and key aren't specifically set
 	// this will be used to derive a match with the "pair-name"
 	CertDirectory string
@@ -96,7 +102,7 @@ func (s *SecureServingOptions) Validate() []error {
 	errors := []error{}
 
 	if s.BindPort < 0 || s.BindPort > 65535 {
-		errors = append(errors, fmt.Errorf("--secure-port %v must be between 0 and 65535, inclusive. 0 for turning off secure port.", s.BindPort))
+		errors = append(errors, fmt.Errorf("--secure-port %v must be between 0 and 65535, inclusive. 0 for turning off secure port", s.BindPort))
 	}
 
 	return errors
@@ -110,8 +116,7 @@ func (s *SecureServingOptions) AddFlags(fs *pflag.FlagSet) {
 	fs.IPVar(&s.BindAddress, "bind-address", s.BindAddress, ""+
 		"The IP address on which to listen for the --secure-port port. The "+
 		"associated interface(s) must be reachable by the rest of the cluster, and by CLI/web "+
-		"clients. If blank, all interfaces will be used (0.0.0.0).")
-
+		"clients. If blank, all interfaces will be used (0.0.0.0 for all IPv4 interfaces and :: for all IPv6 interfaces).")
 	fs.IntVar(&s.BindPort, "secure-port", s.BindPort, ""+
 		"The port on which to serve HTTPS with authentication and authorization. If 0, "+
 		"don't serve HTTPS at all.")
@@ -129,10 +134,14 @@ func (s *SecureServingOptions) AddFlags(fs *pflag.FlagSet) {
 	fs.StringVar(&s.ServerCert.CertKey.KeyFile, "tls-private-key-file", s.ServerCert.CertKey.KeyFile,
 		"File containing the default x509 private key matching --tls-cert-file.")
 
-	fs.StringVar(&s.ServerCert.CACertFile, "tls-ca-file", s.ServerCert.CACertFile, "If set, this "+
-		"certificate authority will used for secure access from Admission "+
-		"Controllers. This must be a valid PEM-encoded CA bundle. Altneratively, the certificate authority "+
-		"can be appended to the certificate provided by --tls-cert-file.")
+	fs.StringSliceVar(&s.CipherSuites, "tls-cipher-suites", s.CipherSuites,
+		"Comma-separated list of cipher suites for the server. "+
+			"Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants). "+
+			"If omitted, the default Go cipher suites will be used")
+
+	fs.StringVar(&s.MinTLSVersion, "tls-min-version", s.MinTLSVersion,
+		"Minimum TLS version supported. "+
+			"Value must match version names from https://golang.org/pkg/crypto/tls/#pkg-constants.")
 
 	fs.Var(utilflag.NewNamedCertKeyArray(&s.SNICertKeys), "tls-sni-cert-key", ""+
 		"A pair of x509 certificate and private key file paths, optionally suffixed with a list of "+
@@ -142,20 +151,24 @@ func (s *SecureServingOptions) AddFlags(fs *pflag.FlagSet) {
 		"trump over extracted names. For multiple key/certificate pairs, use the "+
 		"--tls-sni-cert-key multiple times. "+
 		"Examples: \"example.crt,example.key\" or \"foo.crt,foo.key:*.foo.com,foo.com\".")
-}
 
-func (s *SecureServingOptions) AddDeprecatedFlags(fs *pflag.FlagSet) {
-	fs.IPVar(&s.BindAddress, "public-address-override", s.BindAddress,
-		"DEPRECATED: see --bind-address instead.")
-	fs.MarkDeprecated("public-address-override", "see --bind-address instead.")
+	fs.IntVar(&s.HTTP2MaxStreamsPerConnection, "http2-max-streams-per-connection", s.HTTP2MaxStreamsPerConnection, ""+
+		"The limit that the server gives to clients for "+
+		"the maximum number of streams in an HTTP/2 connection. "+
+		"Zero means to use golang's default.")
+
+	// TODO remove this flag in 1.11.  The flag had no effect before this will prevent scripts from immediately failing on upgrade.
+	fs.String("tls-ca-file", "", "This flag has no effect.")
+	fs.MarkDeprecated("tls-ca-file", "This flag has no effect.")
+
 }
 
 // ApplyTo fills up serving information in the server configuration.
-func (s *SecureServingOptions) ApplyTo(c *server.Config) error {
+func (s *SecureServingOptions) ApplyTo(config **server.SecureServingInfo) error {
 	if s == nil {
 		return nil
 	}
-	if s.BindPort <= 0 {
+	if s.BindPort <= 0 && s.Listener == nil {
 		return nil
 	}
 
@@ -166,44 +179,19 @@ func (s *SecureServingOptions) ApplyTo(c *server.Config) error {
 		if err != nil {
 			return fmt.Errorf("failed to create listener: %v", err)
 		}
+	} else {
+		if _, ok := s.Listener.Addr().(*net.TCPAddr); !ok {
+			return fmt.Errorf("failed to parse ip and port from listener")
+		}
+		s.BindPort = s.Listener.Addr().(*net.TCPAddr).Port
+		s.BindAddress = s.Listener.Addr().(*net.TCPAddr).IP
 	}
 
-	if err := s.applyServingInfoTo(c); err != nil {
-		return err
-	}
-
-	c.SecureServingInfo.Listener = s.Listener
-
-	// create self-signed cert+key with the fake server.LoopbackClientServerNameOverride and
-	// let the server return it when the loopback client connects.
-	certPem, keyPem, err := certutil.GenerateSelfSignedCertKey(server.LoopbackClientServerNameOverride, nil, nil)
-	if err != nil {
-		return fmt.Errorf("failed to generate self-signed certificate for loopback connection: %v", err)
-	}
-	tlsCert, err := tls.X509KeyPair(certPem, keyPem)
-	if err != nil {
-		return fmt.Errorf("failed to generate self-signed certificate for loopback connection: %v", err)
-	}
-
-	secureLoopbackClientConfig, err := c.SecureServingInfo.NewLoopbackClientConfig(uuid.NewRandom().String(), certPem)
-	switch {
-	// if we failed and there's no fallback loopback client config, we need to fail
-	case err != nil && c.LoopbackClientConfig == nil:
-		return err
-
-	// if we failed, but we already have a fallback loopback client config (usually insecure), allow it
-	case err != nil && c.LoopbackClientConfig != nil:
-
-	default:
-		c.LoopbackClientConfig = secureLoopbackClientConfig
-		c.SecureServingInfo.SNICerts[server.LoopbackClientServerNameOverride] = &tlsCert
+	*config = &server.SecureServingInfo{
+		Listener:                     s.Listener,
+		HTTP2MaxStreamsPerConnection: s.HTTP2MaxStreamsPerConnection,
 	}
-
-	return nil
-}
-
-func (s *SecureServingOptions) applyServingInfoTo(c *server.Config) error {
-	secureServingInfo := &server.SecureServingInfo{}
+	c := *config
 
 	serverCertFile, serverKeyFile := s.ServerCert.CertKey.CertFile, s.ServerCert.CertKey.KeyFile
 	// load main cert
@@ -212,25 +200,21 @@ func (s *SecureServingOptions) applyServingInfoTo(c *server.Config) error {
 		if err != nil {
 			return fmt.Errorf("unable to load server certificate: %v", err)
 		}
-		secureServingInfo.Cert = &tlsCert
+		c.Cert = &tlsCert
 	}
 
-	// optionally load CA cert
-	if len(s.ServerCert.CACertFile) != 0 {
-		pemData, err := ioutil.ReadFile(s.ServerCert.CACertFile)
+	if len(s.CipherSuites) != 0 {
+		cipherSuites, err := utilflag.TLSCipherSuites(s.CipherSuites)
 		if err != nil {
-			return fmt.Errorf("failed to read certificate authority from %q: %v", s.ServerCert.CACertFile, err)
-		}
-		block, pemData := pem.Decode(pemData)
-		if block == nil {
-			return fmt.Errorf("no certificate found in certificate authority file %q", s.ServerCert.CACertFile)
-		}
-		if block.Type != "CERTIFICATE" {
-			return fmt.Errorf("expected CERTIFICATE block in certiticate authority file %q, found: %s", s.ServerCert.CACertFile, block.Type)
-		}
-		secureServingInfo.CACert = &tls.Certificate{
-			Certificate: [][]byte{block.Bytes},
+			return err
 		}
+		c.CipherSuites = cipherSuites
+	}
+
+	var err error
+	c.MinTLSVersion, err = utilflag.TLSVersion(s.MinTLSVersion)
+	if err != nil {
+		return err
 	}
 
 	// load SNI certs
@@ -245,15 +229,11 @@ func (s *SecureServingOptions) applyServingInfoTo(c *server.Config) error {
 			return fmt.Errorf("failed to load SNI cert and key: %v", err)
 		}
 	}
-	var err error
-	secureServingInfo.SNICerts, err = server.GetNamedCertificateMap(namedTLSCerts)
+	c.SNICerts, err = server.GetNamedCertificateMap(namedTLSCerts)
 	if err != nil {
 		return err
 	}
 
-	c.SecureServingInfo = secureServingInfo
-	c.ReadWritePort = s.BindPort
-
 	return nil
 }
 
diff --git a/vendor/k8s.io/apiserver/pkg/server/options/serving_with_loopback.go b/vendor/k8s.io/apiserver/pkg/server/options/serving_with_loopback.go
new file mode 100644
index 000000000000..8d249cb54b42
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/server/options/serving_with_loopback.go
@@ -0,0 +1,79 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package options
+
+import (
+	"crypto/tls"
+	"fmt"
+
+	"github.com/pborman/uuid"
+
+	"k8s.io/apiserver/pkg/server"
+	certutil "k8s.io/client-go/util/cert"
+)
+
+type SecureServingOptionsWithLoopback struct {
+	*SecureServingOptions
+}
+
+func WithLoopback(o *SecureServingOptions) *SecureServingOptionsWithLoopback {
+	return &SecureServingOptionsWithLoopback{o}
+}
+
+// ApplyTo fills up serving information in the server configuration.
+func (s *SecureServingOptionsWithLoopback) ApplyTo(c *server.Config) error {
+	if s == nil || s.SecureServingOptions == nil {
+		return nil
+	}
+
+	if err := s.SecureServingOptions.ApplyTo(&c.SecureServing); err != nil {
+		return err
+	}
+
+	if c.SecureServing == nil {
+		return nil
+	}
+
+	c.ReadWritePort = s.BindPort
+
+	// create self-signed cert+key with the fake server.LoopbackClientServerNameOverride and
+	// let the server return it when the loopback client connects.
+	certPem, keyPem, err := certutil.GenerateSelfSignedCertKey(server.LoopbackClientServerNameOverride, nil, nil)
+	if err != nil {
+		return fmt.Errorf("failed to generate self-signed certificate for loopback connection: %v", err)
+	}
+	tlsCert, err := tls.X509KeyPair(certPem, keyPem)
+	if err != nil {
+		return fmt.Errorf("failed to generate self-signed certificate for loopback connection: %v", err)
+	}
+
+	secureLoopbackClientConfig, err := c.SecureServing.NewLoopbackClientConfig(uuid.NewRandom().String(), certPem)
+	switch {
+	// if we failed and there's no fallback loopback client config, we need to fail
+	case err != nil && c.LoopbackClientConfig == nil:
+		return err
+
+	// if we failed, but we already have a fallback loopback client config (usually insecure), allow it
+	case err != nil && c.LoopbackClientConfig != nil:
+
+	default:
+		c.LoopbackClientConfig = secureLoopbackClientConfig
+		c.SecureServing.SNICerts[server.LoopbackClientServerNameOverride] = &tlsCert
+	}
+
+	return nil
+}
diff --git a/vendor/k8s.io/apiserver/pkg/server/resourceconfig/BUILD b/vendor/k8s.io/apiserver/pkg/server/resourceconfig/BUILD
new file mode 100644
index 000000000000..5036ae75bc1c
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/server/resourceconfig/BUILD
@@ -0,0 +1,45 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "doc.go",
+        "helpers.go",
+    ],
+    importpath = "k8s.io/apiserver/pkg/server/resourceconfig",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server/storage:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/flag:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["helpers_test.go"],
+    embed = [":go_default_library"],
+    deps = [
+        "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apimachinery:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apimachinery/registered:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server/storage:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/apiserver/pkg/server/resourceconfig/doc.go b/vendor/k8s.io/apiserver/pkg/server/resourceconfig/doc.go
new file mode 100644
index 000000000000..a6055414b9e6
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/server/resourceconfig/doc.go
@@ -0,0 +1,18 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package resourceconfig contains the resource config related helper functions.
+package resourceconfig
diff --git a/vendor/k8s.io/apiserver/pkg/server/resourceconfig/helpers.go b/vendor/k8s.io/apiserver/pkg/server/resourceconfig/helpers.go
new file mode 100644
index 000000000000..3ac79b74a60d
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/server/resourceconfig/helpers.go
@@ -0,0 +1,164 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package resourceconfig
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	serverstore "k8s.io/apiserver/pkg/server/storage"
+	utilflag "k8s.io/apiserver/pkg/util/flag"
+)
+
+// GroupVersionRegistry provides access to registered group versions.
+type GroupVersionRegistry interface {
+	// IsRegistered returns true if given group is registered.
+	IsRegistered(group string) bool
+	// IsRegisteredVersion returns true if given version is registered.
+	IsRegisteredVersion(v schema.GroupVersion) bool
+	// RegisteredGroupVersions returns all registered group versions.
+	RegisteredGroupVersions() []schema.GroupVersion
+}
+
+// MergeResourceEncodingConfigs merges the given defaultResourceConfig with specific GroupVersionResource overrides.
+func MergeResourceEncodingConfigs(
+	defaultResourceEncoding *serverstore.DefaultResourceEncodingConfig,
+	resourceEncodingOverrides []schema.GroupVersionResource,
+) *serverstore.DefaultResourceEncodingConfig {
+	resourceEncodingConfig := defaultResourceEncoding
+	for _, gvr := range resourceEncodingOverrides {
+		resourceEncodingConfig.SetResourceEncoding(gvr.GroupResource(), gvr.GroupVersion(),
+			schema.GroupVersion{Group: gvr.Group, Version: runtime.APIVersionInternal})
+	}
+	return resourceEncodingConfig
+}
+
+// MergeGroupEncodingConfigs merges the given defaultResourceConfig with specific GroupVersion overrides.
+func MergeGroupEncodingConfigs(
+	defaultResourceEncoding *serverstore.DefaultResourceEncodingConfig,
+	storageEncodingOverrides map[string]schema.GroupVersion,
+) *serverstore.DefaultResourceEncodingConfig {
+	resourceEncodingConfig := defaultResourceEncoding
+	for group, storageEncodingVersion := range storageEncodingOverrides {
+		resourceEncodingConfig.SetVersionEncoding(group, storageEncodingVersion, schema.GroupVersion{Group: group, Version: runtime.APIVersionInternal})
+	}
+	return resourceEncodingConfig
+}
+
+// MergeAPIResourceConfigs merges the given defaultAPIResourceConfig with the given resourceConfigOverrides.
+// Exclude the groups not registered in registry, and check if version is
+// not registered in group, then it will fail.
+func MergeAPIResourceConfigs(
+	defaultAPIResourceConfig *serverstore.ResourceConfig,
+	resourceConfigOverrides utilflag.ConfigurationMap,
+	registry GroupVersionRegistry,
+) (*serverstore.ResourceConfig, error) {
+	resourceConfig := defaultAPIResourceConfig
+	overrides := resourceConfigOverrides
+
+	// "api/all=false" allows users to selectively enable specific api versions.
+	allAPIFlagValue, ok := overrides["api/all"]
+	if ok {
+		if allAPIFlagValue == "false" {
+			// Disable all group versions.
+			resourceConfig.DisableVersions(registry.RegisteredGroupVersions()...)
+		} else if allAPIFlagValue == "true" {
+			resourceConfig.EnableVersions(registry.RegisteredGroupVersions()...)
+		}
+	}
+
+	// "<resourceSpecifier>={true|false} allows users to enable/disable API.
+	// This takes preference over api/all, if specified.
+	// Iterate through all group/version overrides specified in runtimeConfig.
+	for key := range overrides {
+		// Have already handled them above. Can skip them here.
+		if key == "api/all" {
+			continue
+		}
+
+		tokens := strings.Split(key, "/")
+		if len(tokens) != 2 {
+			continue
+		}
+		groupVersionString := tokens[0] + "/" + tokens[1]
+		groupVersion, err := schema.ParseGroupVersion(groupVersionString)
+		if err != nil {
+			return nil, fmt.Errorf("invalid key %s", key)
+		}
+
+		// Exclude group not registered into the registry.
+		if !registry.IsRegistered(groupVersion.Group) {
+			continue
+		}
+
+		// Verify that the groupVersion is registered into registry.
+		if !registry.IsRegisteredVersion(groupVersion) {
+			return nil, fmt.Errorf("group version %s that has not been registered", groupVersion.String())
+		}
+		enabled, err := getRuntimeConfigValue(overrides, key, false)
+		if err != nil {
+			return nil, err
+		}
+		if enabled {
+			resourceConfig.EnableVersions(groupVersion)
+		} else {
+			resourceConfig.DisableVersions(groupVersion)
+		}
+	}
+
+	return resourceConfig, nil
+}
+
+func getRuntimeConfigValue(overrides utilflag.ConfigurationMap, apiKey string, defaultValue bool) (bool, error) {
+	flagValue, ok := overrides[apiKey]
+	if ok {
+		if flagValue == "" {
+			return true, nil
+		}
+		boolValue, err := strconv.ParseBool(flagValue)
+		if err != nil {
+			return false, fmt.Errorf("invalid value of %s: %s, err: %v", apiKey, flagValue, err)
+		}
+		return boolValue, nil
+	}
+	return defaultValue, nil
+}
+
+// ParseGroups takes in resourceConfig and returns parsed groups.
+func ParseGroups(resourceConfig utilflag.ConfigurationMap) ([]string, error) {
+	groups := []string{}
+	for key := range resourceConfig {
+		if key == "api/all" {
+			continue
+		}
+		tokens := strings.Split(key, "/")
+		if len(tokens) != 2 && len(tokens) != 3 {
+			return groups, fmt.Errorf("runtime-config invalid key %s", key)
+		}
+		groupVersionString := tokens[0] + "/" + tokens[1]
+		groupVersion, err := schema.ParseGroupVersion(groupVersionString)
+		if err != nil {
+			return nil, fmt.Errorf("runtime-config invalid key %s", key)
+		}
+		groups = append(groups, groupVersion.Group)
+	}
+
+	return groups, nil
+}
diff --git a/vendor/k8s.io/apiserver/pkg/server/routes/data/swagger/datafile.go b/vendor/k8s.io/apiserver/pkg/server/routes/data/swagger/datafile.go
index a8ae83ddb9a6..4accb69ce95b 100644
--- a/vendor/k8s.io/apiserver/pkg/server/routes/data/swagger/datafile.go
+++ b/vendor/k8s.io/apiserver/pkg/server/routes/data/swagger/datafile.go
@@ -6498,7 +6498,7 @@ function marked(src, opt, callback) {
   } catch (e) {
     e.message += '\nPlease report this to https://github.com/chjj/marked.';
     if ((opt || marked.defaults).silent) {
-      return '<p>An error occured:</p><pre>'
+      return '<p>An error occurred:</p><pre>'
         + escape(e.message + '', true)
         + '</pre>';
     }
@@ -7152,7 +7152,7 @@ var Shred = function(options) {
   this.logCurl = options.logCurl || false;
 };
 
-// Most of the real work is done in the request and reponse classes.
+// Most of the real work is done in the request and response classes.
  
 Shred.Request = require("./shred/request");
 Shred.Response = require("./shred/response");
@@ -8351,7 +8351,7 @@ Changelog:
  a regress. I appologize for that.
 
 2010.05.09 - 0.5:
- - bug fix: 0 is now preceeded with a + sign
+ - bug fix: 0 is now preceded with a + sign
  - bug fix: the sign was not at the right position on padded results (Kamal Abdali)
  - switched from GPL to BSD license
 
diff --git a/vendor/k8s.io/apiserver/pkg/server/routes/openapi.go b/vendor/k8s.io/apiserver/pkg/server/routes/openapi.go
index 1bbfacf43abd..06c723d37531 100644
--- a/vendor/k8s.io/apiserver/pkg/server/routes/openapi.go
+++ b/vendor/k8s.io/apiserver/pkg/server/routes/openapi.go
@@ -17,7 +17,7 @@ limitations under the License.
 package routes
 
 import (
-	"github.com/emicklei/go-restful"
+	restful "github.com/emicklei/go-restful"
 	"github.com/golang/glog"
 
 	"k8s.io/apiserver/pkg/server/mux"
@@ -32,8 +32,15 @@ type OpenAPI struct {
 
 // Install adds the SwaggerUI webservice to the given mux.
 func (oa OpenAPI) Install(c *restful.Container, mux *mux.PathRecorderMux) {
+	// NOTE: [DEPRECATION] We will announce deprecation for format-separated endpoints for OpenAPI spec,
+	// and switch to a single /openapi/v2 endpoint in Kubernetes 1.10. The design doc and deprecation process
+	// are tracked at: https://docs.google.com/document/d/19lEqE9lc4yHJ3WJAJxS_G7TcORIJXGHyq3wpwcH28nU.
 	_, err := handler.BuildAndRegisterOpenAPIService("/swagger.json", c.RegisteredWebServices(), oa.Config, mux)
 	if err != nil {
 		glog.Fatalf("Failed to register open api spec for root: %v", err)
 	}
+	_, err = handler.BuildAndRegisterOpenAPIVersionedService("/openapi/v2", c.RegisteredWebServices(), oa.Config, mux)
+	if err != nil {
+		glog.Fatalf("Failed to register versioned open api spec for root: %v", err)
+	}
 }
diff --git a/vendor/k8s.io/apiserver/pkg/server/serve.go b/vendor/k8s.io/apiserver/pkg/server/serve.go
index dcb4de1e5926..7cfc10382125 100644
--- a/vendor/k8s.io/apiserver/pkg/server/serve.go
+++ b/vendor/k8s.io/apiserver/pkg/server/serve.go
@@ -27,6 +27,7 @@ import (
 	"time"
 
 	"github.com/golang/glog"
+	"golang.org/x/net/http2"
 
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/validation"
@@ -39,17 +40,17 @@ const (
 // serveSecurely runs the secure http server. It fails only if certificates cannot
 // be loaded or the initial listen call fails. The actual server loop (stoppable by closing
 // stopCh) runs in a go routine, i.e. serveSecurely does not block.
-func (s *GenericAPIServer) serveSecurely(stopCh <-chan struct{}) error {
-	if s.SecureServingInfo.Listener == nil {
+func (s *SecureServingInfo) Serve(handler http.Handler, shutdownTimeout time.Duration, stopCh <-chan struct{}) error {
+	if s.Listener == nil {
 		return fmt.Errorf("listener must not be nil")
 	}
 
 	secureServer := &http.Server{
-		Addr:           s.SecureServingInfo.Listener.Addr().String(),
-		Handler:        s.Handler,
+		Addr:           s.Listener.Addr().String(),
+		Handler:        handler,
 		MaxHeaderBytes: 1 << 20,
 		TLSConfig: &tls.Config{
-			NameToCertificate: s.SecureServingInfo.SNICerts,
+			NameToCertificate: s.SNICerts,
 			// Can't use SSLv3 because of POODLE and BEAST
 			// Can't use TLSv1.0 because of POODLE and BEAST using CBC cipher
 			// Can't use TLSv1.1 because of RC4 cipher usage
@@ -59,41 +60,47 @@ func (s *GenericAPIServer) serveSecurely(stopCh <-chan struct{}) error {
 		},
 	}
 
-	if s.SecureServingInfo.MinTLSVersion > 0 {
-		secureServer.TLSConfig.MinVersion = s.SecureServingInfo.MinTLSVersion
+	if s.MinTLSVersion > 0 {
+		secureServer.TLSConfig.MinVersion = s.MinTLSVersion
 	}
-	if len(s.SecureServingInfo.CipherSuites) > 0 {
-		secureServer.TLSConfig.CipherSuites = s.SecureServingInfo.CipherSuites
+	if len(s.CipherSuites) > 0 {
+		secureServer.TLSConfig.CipherSuites = s.CipherSuites
 	}
 
-	if s.SecureServingInfo.Cert != nil {
-		secureServer.TLSConfig.Certificates = []tls.Certificate{*s.SecureServingInfo.Cert}
+	if s.Cert != nil {
+		secureServer.TLSConfig.Certificates = []tls.Certificate{*s.Cert}
 	}
 
 	// append all named certs. Otherwise, the go tls stack will think no SNI processing
 	// is necessary because there is only one cert anyway.
 	// Moreover, if ServerCert.CertFile/ServerCert.KeyFile are not set, the first SNI
 	// cert will become the default cert. That's what we expect anyway.
-	for _, c := range s.SecureServingInfo.SNICerts {
+	for _, c := range s.SNICerts {
 		secureServer.TLSConfig.Certificates = append(secureServer.TLSConfig.Certificates, *c)
 	}
 
-	if s.SecureServingInfo.ClientCA != nil {
+	if s.ClientCA != nil {
 		// Populate PeerCertificates in requests, but don't reject connections without certificates
 		// This allows certificates to be validated by authenticators, while still allowing other auth types
 		secureServer.TLSConfig.ClientAuth = tls.RequestClientCert
 		// Specify allowed CAs for client certificates
-		secureServer.TLSConfig.ClientCAs = s.SecureServingInfo.ClientCA
+		secureServer.TLSConfig.ClientCAs = s.ClientCA
+	}
+
+	if s.HTTP2MaxStreamsPerConnection > 0 {
+		http2.ConfigureServer(secureServer, &http2.Server{
+			MaxConcurrentStreams: uint32(s.HTTP2MaxStreamsPerConnection),
+		})
 	}
 
 	glog.Infof("Serving securely on %s", secureServer.Addr)
-	err := RunServer(secureServer, s.SecureServingInfo.Listener, s.ShutdownTimeout, stopCh)
-	return err
+	return RunServer(secureServer, s.Listener, shutdownTimeout, stopCh)
 }
 
 // RunServer listens on the given port if listener is not given,
 // then spawns a go-routine continuously serving
 // until the stopCh is closed. This function does not block.
+// TODO: make private when insecure serving is gone from the kube-apiserver
 func RunServer(
 	server *http.Server,
 	ln net.Listener,
diff --git a/vendor/k8s.io/apiserver/pkg/server/storage/BUILD b/vendor/k8s.io/apiserver/pkg/server/storage/BUILD
index 186764721076..d79f70527475 100644
--- a/vendor/k8s.io/apiserver/pkg/server/storage/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/server/storage/BUILD
@@ -12,8 +12,7 @@ go_test(
         "resource_config_test.go",
         "storage_factory_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/server/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/apimachinery/announced:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apimachinery/registered:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/server/storage/resource_config.go b/vendor/k8s.io/apiserver/pkg/server/storage/resource_config.go
index da232569a911..0a44706056a5 100644
--- a/vendor/k8s.io/apiserver/pkg/server/storage/resource_config.go
+++ b/vendor/k8s.io/apiserver/pkg/server/storage/resource_config.go
@@ -18,164 +18,50 @@ package storage
 
 import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
-	"k8s.io/apimachinery/pkg/util/sets"
 )
 
-// APIResourceConfigSource is the interface to determine which versions and resources are enabled
+// APIResourceConfigSource is the interface to determine which groups and versions are enabled
 type APIResourceConfigSource interface {
-	AnyVersionOfResourceEnabled(resource schema.GroupResource) bool
-	ResourceEnabled(resource schema.GroupVersionResource) bool
-	AllResourcesForVersionEnabled(version schema.GroupVersion) bool
-	AnyResourcesForVersionEnabled(version schema.GroupVersion) bool
-	AnyResourcesForGroupEnabled(group string) bool
-}
-
-// Specifies the overrides for various API group versions.
-// This can be used to enable/disable entire group versions or specific resources.
-type GroupVersionResourceConfig struct {
-	// Whether to enable or disable this entire group version.  This dominates any enablement check.
-	// Enable=true means the group version is enabled, and EnabledResources/DisabledResources are considered.
-	// Enable=false means the group version is disabled, and EnabledResources/DisabledResources are not considered.
-	Enable bool
-
-	// DisabledResources lists the resources that are specifically disabled for a group/version
-	// DisabledResources trumps EnabledResources
-	DisabledResources sets.String
-
-	// EnabledResources lists the resources that should be enabled by default.  This is a little
-	// unusual, but we need it for compatibility with old code for now.  An empty set means
-	// enable all, a non-empty set means that all other resources are disabled.
-	EnabledResources sets.String
+	VersionEnabled(version schema.GroupVersion) bool
+	AnyVersionForGroupEnabled(group string) bool
 }
 
 var _ APIResourceConfigSource = &ResourceConfig{}
 
 type ResourceConfig struct {
-	GroupVersionResourceConfigs map[schema.GroupVersion]*GroupVersionResourceConfig
+	GroupVersionConfigs map[schema.GroupVersion]bool
 }
 
 func NewResourceConfig() *ResourceConfig {
-	return &ResourceConfig{GroupVersionResourceConfigs: map[schema.GroupVersion]*GroupVersionResourceConfig{}}
-}
-
-func NewGroupVersionResourceConfig() *GroupVersionResourceConfig {
-	return &GroupVersionResourceConfig{Enable: true, DisabledResources: sets.String{}, EnabledResources: sets.String{}}
+	return &ResourceConfig{GroupVersionConfigs: map[schema.GroupVersion]bool{}}
 }
 
-// DisableVersions disables the versions entirely.  No resources (even those whitelisted in EnabledResources) will be enabled
+// DisableVersions disables the versions entirely.
 func (o *ResourceConfig) DisableVersions(versions ...schema.GroupVersion) {
 	for _, version := range versions {
-		_, versionExists := o.GroupVersionResourceConfigs[version]
-		if !versionExists {
-			o.GroupVersionResourceConfigs[version] = NewGroupVersionResourceConfig()
-		}
-
-		o.GroupVersionResourceConfigs[version].Enable = false
+		o.GroupVersionConfigs[version] = false
 	}
 }
 
 func (o *ResourceConfig) EnableVersions(versions ...schema.GroupVersion) {
 	for _, version := range versions {
-		_, versionExists := o.GroupVersionResourceConfigs[version]
-		if !versionExists {
-			o.GroupVersionResourceConfigs[version] = NewGroupVersionResourceConfig()
-		}
-
-		o.GroupVersionResourceConfigs[version].Enable = true
-	}
-}
-
-func (o *ResourceConfig) DisableResources(resources ...schema.GroupVersionResource) {
-	for _, resource := range resources {
-		version := resource.GroupVersion()
-		_, versionExists := o.GroupVersionResourceConfigs[version]
-		if !versionExists {
-			o.GroupVersionResourceConfigs[version] = NewGroupVersionResourceConfig()
-		}
-
-		o.GroupVersionResourceConfigs[version].DisabledResources.Insert(resource.Resource)
-	}
-}
-
-func (o *ResourceConfig) EnableResources(resources ...schema.GroupVersionResource) {
-	for _, resource := range resources {
-		version := resource.GroupVersion()
-		_, versionExists := o.GroupVersionResourceConfigs[version]
-		if !versionExists {
-			o.GroupVersionResourceConfigs[version] = NewGroupVersionResourceConfig()
-		}
-
-		o.GroupVersionResourceConfigs[version].EnabledResources.Insert(resource.Resource)
-		o.GroupVersionResourceConfigs[version].DisabledResources.Delete(resource.Resource)
-	}
-}
-
-// AnyResourcesForVersionEnabled only considers matches based on exactly group/resource lexical matching.  This means that
-// resource renames across versions are NOT considered to be the same resource by this method. You'll need to manually check
-// using the ResourceEnabled function.
-func (o *ResourceConfig) AnyVersionOfResourceEnabled(resource schema.GroupResource) bool {
-	for version := range o.GroupVersionResourceConfigs {
-		if version.Group != resource.Group {
-			continue
-		}
-
-		if o.ResourceEnabled(version.WithResource(resource.Resource)) {
-			return true
-		}
-	}
-
-	return false
-}
-
-func (o *ResourceConfig) ResourceEnabled(resource schema.GroupVersionResource) bool {
-	versionOverride, versionExists := o.GroupVersionResourceConfigs[resource.GroupVersion()]
-	if !versionExists {
-		return false
-	}
-	if !versionOverride.Enable {
-		return false
-	}
-
-	if versionOverride.DisabledResources.Has(resource.Resource) {
-		return false
-	}
-
-	if len(versionOverride.EnabledResources) > 0 {
-		return versionOverride.EnabledResources.Has(resource.Resource)
+		o.GroupVersionConfigs[version] = true
 	}
-
-	return true
 }
 
-func (o *ResourceConfig) AllResourcesForVersionEnabled(version schema.GroupVersion) bool {
-	versionOverride, versionExists := o.GroupVersionResourceConfigs[version]
-	if !versionExists {
-		return false
-	}
-	if !versionOverride.Enable {
-		return false
-	}
-
-	if len(versionOverride.EnabledResources) == 0 && len(versionOverride.DisabledResources) == 0 {
+func (o *ResourceConfig) VersionEnabled(version schema.GroupVersion) bool {
+	enabled, _ := o.GroupVersionConfigs[version]
+	if enabled {
 		return true
 	}
 
 	return false
 }
 
-func (o *ResourceConfig) AnyResourcesForVersionEnabled(version schema.GroupVersion) bool {
-	versionOverride, versionExists := o.GroupVersionResourceConfigs[version]
-	if !versionExists {
-		return false
-	}
-
-	return versionOverride.Enable
-}
-
-func (o *ResourceConfig) AnyResourcesForGroupEnabled(group string) bool {
-	for version := range o.GroupVersionResourceConfigs {
+func (o *ResourceConfig) AnyVersionForGroupEnabled(group string) bool {
+	for version := range o.GroupVersionConfigs {
 		if version.Group == group {
-			if o.AnyResourcesForVersionEnabled(version) {
+			if o.VersionEnabled(version) {
 				return true
 			}
 		}
diff --git a/vendor/k8s.io/apiserver/pkg/server/storage/storage_factory.go b/vendor/k8s.io/apiserver/pkg/server/storage/storage_factory.go
index 4a5e8dcb30bd..50c068254631 100644
--- a/vendor/k8s.io/apiserver/pkg/server/storage/storage_factory.go
+++ b/vendor/k8s.io/apiserver/pkg/server/storage/storage_factory.go
@@ -151,7 +151,14 @@ var _ StorageFactory = &DefaultStorageFactory{}
 
 const AllResources = "*"
 
-func NewDefaultStorageFactory(config storagebackend.Config, defaultMediaType string, defaultSerializer runtime.StorageSerializer, resourceEncodingConfig ResourceEncodingConfig, resourceConfig APIResourceConfigSource, specialDefaultResourcePrefixes map[schema.GroupResource]string) *DefaultStorageFactory {
+func NewDefaultStorageFactory(
+	config storagebackend.Config,
+	defaultMediaType string,
+	defaultSerializer runtime.StorageSerializer,
+	resourceEncodingConfig ResourceEncodingConfig,
+	resourceConfig APIResourceConfigSource,
+	specialDefaultResourcePrefixes map[schema.GroupResource]string,
+) *DefaultStorageFactory {
 	config.Paging = utilfeature.DefaultFeatureGate.Enabled(features.APIListChunking)
 	if len(defaultMediaType) == 0 {
 		defaultMediaType = runtime.ContentTypeJSON
@@ -182,7 +189,7 @@ func (s *DefaultStorageFactory) SetEtcdPrefix(groupResource schema.GroupResource
 }
 
 // SetDisableAPIListChunking allows a specific resource to disable paging at the storage layer, to prevent
-// exposure of key names in continuations. This may be overriden by feature gates.
+// exposure of key names in continuations. This may be overridden by feature gates.
 func (s *DefaultStorageFactory) SetDisableAPIListChunking(groupResource schema.GroupResource) {
 	overrides := s.Overrides[groupResource]
 	overrides.disablePaging = true
@@ -233,7 +240,7 @@ func getAllResourcesAlias(resource schema.GroupResource) schema.GroupResource {
 
 func (s *DefaultStorageFactory) getStorageGroupResource(groupResource schema.GroupResource) schema.GroupResource {
 	for _, potentialStorageResource := range s.Overrides[groupResource].cohabitatingResources {
-		if s.APIResourceConfigSource.AnyVersionOfResourceEnabled(potentialStorageResource) {
+		if s.APIResourceConfigSource.AnyVersionForGroupEnabled(potentialStorageResource.Group) {
 			return potentialStorageResource
 		}
 	}
diff --git a/vendor/k8s.io/apiserver/pkg/storage/BUILD b/vendor/k8s.io/apiserver/pkg/storage/BUILD
index b8ade8bf9b95..712544e2da97 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/storage/BUILD
@@ -15,8 +15,7 @@ go_test(
         "util_test.go",
         "watch_cache_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
@@ -29,7 +28,6 @@ go_test(
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/clock:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/diff:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
         "//vendor/k8s.io/client-go/tools/cache:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/storage/cacher.go b/vendor/k8s.io/apiserver/pkg/storage/cacher.go
index 3ff0d5f9677b..9ffbbc5e957d 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/cacher.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/cacher.go
@@ -20,7 +20,6 @@ import (
 	"fmt"
 	"net/http"
 	"reflect"
-	"strconv"
 	"sync"
 	"time"
 
@@ -131,7 +130,7 @@ func (i *indexedWatchers) terminateAll(objectType reflect.Type) {
 	}
 }
 
-type watchFilterFunc func(key string, l labels.Set, f fields.Set, uninitialized bool) bool
+type filterWithAttrsFunc func(key string, l labels.Set, f fields.Set, uninitialized bool) bool
 
 // Cacher is responsible for serving WATCH and LIST requests for a given
 // resource from its internal cache and updating its cache in the background
@@ -290,7 +289,7 @@ func (c *Cacher) Delete(ctx context.Context, key string, out runtime.Object, pre
 
 // Implements storage.Interface.
 func (c *Cacher) Watch(ctx context.Context, key string, resourceVersion string, pred SelectionPredicate) (watch.Interface, error) {
-	watchRV, err := ParseWatchResourceVersion(resourceVersion)
+	watchRV, err := c.versioner.ParseWatchResourceVersion(resourceVersion)
 	if err != nil {
 		return nil, err
 	}
@@ -338,7 +337,7 @@ func (c *Cacher) Watch(ctx context.Context, key string, resourceVersion string,
 	c.Lock()
 	defer c.Unlock()
 	forget := forgetWatcher(c, c.watcherIdx, triggerValue, triggerSupported)
-	watcher := newCacheWatcher(watchRV, chanSize, initEvents, watchFilterFunction(key, pred), forget, c.versioner)
+	watcher := newCacheWatcher(watchRV, chanSize, initEvents, filterWithAttrsFunction(key, pred), forget, c.versioner)
 
 	c.watchers.addWatcher(watcher, c.watcherIdx, triggerValue, triggerSupported)
 	c.watcherIdx++
@@ -361,7 +360,7 @@ func (c *Cacher) Get(ctx context.Context, key string, resourceVersion string, ob
 	// If resourceVersion is specified, serve it from cache.
 	// It's guaranteed that the returned value is at least that
 	// fresh as the given resourceVersion.
-	getRV, err := ParseListResourceVersion(resourceVersion)
+	getRV, err := c.versioner.ParseListResourceVersion(resourceVersion)
 	if err != nil {
 		return err
 	}
@@ -414,7 +413,7 @@ func (c *Cacher) GetToList(ctx context.Context, key string, resourceVersion stri
 	// If resourceVersion is specified, serve it from cache.
 	// It's guaranteed that the returned value is at least that
 	// fresh as the given resourceVersion.
-	listRV, err := ParseListResourceVersion(resourceVersion)
+	listRV, err := c.versioner.ParseListResourceVersion(resourceVersion)
 	if err != nil {
 		return err
 	}
@@ -440,7 +439,7 @@ func (c *Cacher) GetToList(ctx context.Context, key string, resourceVersion stri
 	if err != nil || listVal.Kind() != reflect.Slice {
 		return fmt.Errorf("need a pointer to slice, got %v", listVal.Kind())
 	}
-	filter := filterFunction(key, pred)
+	filter := filterWithAttrsFunction(key, pred)
 
 	obj, exists, readResourceVersion, err := c.watchCache.WaitUntilFreshAndGet(listRV, key, trace)
 	if err != nil {
@@ -453,7 +452,7 @@ func (c *Cacher) GetToList(ctx context.Context, key string, resourceVersion stri
 		if !ok {
 			return fmt.Errorf("non *storeElement returned from storage: %v", obj)
 		}
-		if filter(elem.Key, elem.Object) {
+		if filter(elem.Key, elem.Labels, elem.Fields, elem.Uninitialized) {
 			listVal.Set(reflect.Append(listVal, reflect.ValueOf(elem.Object).Elem()))
 		}
 	}
@@ -483,7 +482,7 @@ func (c *Cacher) List(ctx context.Context, key string, resourceVersion string, p
 	// If resourceVersion is specified, serve it from cache.
 	// It's guaranteed that the returned value is at least that
 	// fresh as the given resourceVersion.
-	listRV, err := ParseListResourceVersion(resourceVersion)
+	listRV, err := c.versioner.ParseListResourceVersion(resourceVersion)
 	if err != nil {
 		return err
 	}
@@ -509,7 +508,7 @@ func (c *Cacher) List(ctx context.Context, key string, resourceVersion string, p
 	if err != nil || listVal.Kind() != reflect.Slice {
 		return fmt.Errorf("need a pointer to slice, got %v", listVal.Kind())
 	}
-	filter := filterFunction(key, pred)
+	filter := filterWithAttrsFunction(key, pred)
 
 	objs, readResourceVersion, err := c.watchCache.WaitUntilFreshAndList(listRV, trace)
 	if err != nil {
@@ -527,7 +526,7 @@ func (c *Cacher) List(ctx context.Context, key string, resourceVersion string, p
 		if !ok {
 			return fmt.Errorf("non *storeElement returned from storage: %v", obj)
 		}
-		if filter(elem.Key, elem.Object) {
+		if filter(elem.Key, elem.Labels, elem.Fields, elem.Uninitialized) {
 			listVal.Set(reflect.Append(listVal, reflect.ValueOf(elem.Object).Elem()))
 		}
 	}
@@ -556,6 +555,10 @@ func (c *Cacher) GuaranteedUpdate(
 	return c.storage.GuaranteedUpdate(ctx, key, ptrToType, ignoreNotFound, preconditions, tryUpdate)
 }
 
+func (c *Cacher) Count(pathPrefix string) (int64, error) {
+	return c.storage.Count(pathPrefix)
+}
+
 func (c *Cacher) triggerValues(event *watchCacheEvent) ([]string, bool) {
 	// TODO: Currently we assume that in a given Cacher object, its <c.triggerFunc>
 	// is aware of exactly the same trigger (at most one). Thus calling:
@@ -655,7 +658,7 @@ func (c *Cacher) Stop() {
 	}
 	c.stopLock.Lock()
 	if c.stopped {
-		// avoid that it was locked meanwhile as isStopped only read-locks
+		c.stopLock.Unlock()
 		return
 	}
 	c.stopped = true
@@ -676,23 +679,12 @@ func forgetWatcher(c *Cacher, index int, triggerValue string, triggerSupported b
 			glog.V(1).Infof("Forcing watcher close due to unresponsiveness: %v", c.objectType.String())
 		}
 		// It's possible that the watcher is already not in the structure (e.g. in case of
-		// simulaneous Stop() and terminateAllWatchers(), but it doesn't break anything.
+		// simultaneous Stop() and terminateAllWatchers(), but it doesn't break anything.
 		c.watchers.deleteWatcher(index, triggerValue, triggerSupported)
 	}
 }
 
-func filterFunction(key string, p SelectionPredicate) func(string, runtime.Object) bool {
-	f := SimpleFilter(p)
-	filterFunc := func(objKey string, obj runtime.Object) bool {
-		if !hasPathPrefix(objKey, key) {
-			return false
-		}
-		return f(obj)
-	}
-	return filterFunc
-}
-
-func watchFilterFunction(key string, p SelectionPredicate) watchFilterFunc {
+func filterWithAttrsFunction(key string, p SelectionPredicate) filterWithAttrsFunc {
 	filterFunc := func(objKey string, label labels.Set, field fields.Set, uninitialized bool) bool {
 		if !hasPathPrefix(objKey, key) {
 			return false
@@ -707,11 +699,7 @@ func (c *Cacher) LastSyncResourceVersion() (uint64, error) {
 	c.ready.wait()
 
 	resourceVersion := c.reflector.LastSyncResourceVersion()
-	if resourceVersion == "" {
-		return 0, nil
-	}
-
-	return strconv.ParseUint(resourceVersion, 10, 64)
+	return c.versioner.ParseListResourceVersion(resourceVersion)
 }
 
 // cacherListerWatcher opaques storage.Interface to expose cache.ListerWatcher.
@@ -743,7 +731,7 @@ func (lw *cacherListerWatcher) Watch(options metav1.ListOptions) (watch.Interfac
 	return lw.storage.WatchList(context.TODO(), lw.resourcePrefix, options.ResourceVersion, Everything)
 }
 
-// cacherWatch implements watch.Interface to return a single error
+// errWatcher implements watch.Interface to return a single error
 type errWatcher struct {
 	result chan watch.Event
 }
@@ -783,19 +771,19 @@ func (c *errWatcher) Stop() {
 	// no-op
 }
 
-// cacherWatch implements watch.Interface
+// cachWatcher implements watch.Interface
 type cacheWatcher struct {
 	sync.Mutex
 	input     chan *watchCacheEvent
 	result    chan watch.Event
 	done      chan struct{}
-	filter    watchFilterFunc
+	filter    filterWithAttrsFunc
 	stopped   bool
 	forget    func(bool)
 	versioner Versioner
 }
 
-func newCacheWatcher(resourceVersion uint64, chanSize int, initEvents []*watchCacheEvent, filter watchFilterFunc, forget func(bool), versioner Versioner) *cacheWatcher {
+func newCacheWatcher(resourceVersion uint64, chanSize int, initEvents []*watchCacheEvent, filter filterWithAttrsFunc, forget func(bool), versioner Versioner) *cacheWatcher {
 	watcher := &cacheWatcher{
 		input:     make(chan *watchCacheEvent, chanSize),
 		result:    make(chan watch.Event, chanSize),
diff --git a/vendor/k8s.io/apiserver/pkg/storage/etcd/BUILD b/vendor/k8s.io/apiserver/pkg/storage/etcd/BUILD
index 7ac2e7102408..0269e4e1dbea 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/etcd/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/storage/etcd/BUILD
@@ -13,8 +13,7 @@ go_test(
         "etcd_helper_test.go",
         "etcd_watcher_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/storage/etcd",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/coreos/etcd/client:go_default_library",
         "//vendor/golang.org/x/net/context:go_default_library",
@@ -58,6 +57,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/cache:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/etcd/metrics:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/storage/etcd/api_object_versioner.go b/vendor/k8s.io/apiserver/pkg/storage/etcd/api_object_versioner.go
index 71fd85b0bb46..5534f9fa2325 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/etcd/api_object_versioner.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/etcd/api_object_versioner.go
@@ -21,6 +21,7 @@ import (
 
 	"k8s.io/apimachinery/pkg/api/meta"
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/util/validation/field"
 	"k8s.io/apiserver/pkg/storage"
 )
 
@@ -81,6 +82,44 @@ func (a APIObjectVersioner) ObjectResourceVersion(obj runtime.Object) (uint64, e
 	return strconv.ParseUint(version, 10, 64)
 }
 
+// ParseWatchResourceVersion takes a resource version argument and converts it to
+// the etcd version we should pass to helper.Watch(). Because resourceVersion is
+// an opaque value, the default watch behavior for non-zero watch is to watch
+// the next value (if you pass "1", you will see updates from "2" onwards).
+func (a APIObjectVersioner) ParseWatchResourceVersion(resourceVersion string) (uint64, error) {
+	if resourceVersion == "" || resourceVersion == "0" {
+		return 0, nil
+	}
+	version, err := strconv.ParseUint(resourceVersion, 10, 64)
+	if err != nil {
+		return 0, storage.NewInvalidError(field.ErrorList{
+			// Validation errors are supposed to return version-specific field
+			// paths, but this is probably close enough.
+			field.Invalid(field.NewPath("resourceVersion"), resourceVersion, err.Error()),
+		})
+	}
+	return version, nil
+}
+
+// ParseListResourceVersion takes a resource version argument and converts it to
+// the etcd version.
+// TODO: reevaluate whether it is really clearer to have both this and the
+// Watch version of this function, since they perform the same logic.
+func (a APIObjectVersioner) ParseListResourceVersion(resourceVersion string) (uint64, error) {
+	if resourceVersion == "" {
+		return 0, nil
+	}
+	version, err := strconv.ParseUint(resourceVersion, 10, 64)
+	if err != nil {
+		return 0, storage.NewInvalidError(field.ErrorList{
+			// Validation errors are supposed to return version-specific field
+			// paths, but this is probably close enough.
+			field.Invalid(field.NewPath("resourceVersion"), resourceVersion, err.Error()),
+		})
+	}
+	return version, nil
+}
+
 // APIObjectVersioner implements Versioner
 var Versioner storage.Versioner = APIObjectVersioner{}
 
diff --git a/vendor/k8s.io/apiserver/pkg/storage/etcd/etcd_helper.go b/vendor/k8s.io/apiserver/pkg/storage/etcd/etcd_helper.go
index 322ccefabd1c..510b293c71cd 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/etcd/etcd_helper.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/etcd/etcd_helper.go
@@ -235,12 +235,12 @@ func (h *etcdHelper) Watch(ctx context.Context, key string, resourceVersion stri
 	if ctx == nil {
 		glog.Errorf("Context is nil")
 	}
-	watchRV, err := storage.ParseWatchResourceVersion(resourceVersion)
+	watchRV, err := h.versioner.ParseWatchResourceVersion(resourceVersion)
 	if err != nil {
 		return nil, err
 	}
 	key = path.Join(h.pathPrefix, key)
-	w := newEtcdWatcher(false, h.quorum, nil, storage.SimpleFilter(pred), h.codec, h.versioner, nil, h.transformer, h)
+	w := newEtcdWatcher(false, h.quorum, nil, pred, h.codec, h.versioner, nil, h.transformer, h)
 	go w.etcdWatch(ctx, h.etcdKeysAPI, key, watchRV)
 	return w, nil
 }
@@ -250,12 +250,12 @@ func (h *etcdHelper) WatchList(ctx context.Context, key string, resourceVersion
 	if ctx == nil {
 		glog.Errorf("Context is nil")
 	}
-	watchRV, err := storage.ParseWatchResourceVersion(resourceVersion)
+	watchRV, err := h.versioner.ParseWatchResourceVersion(resourceVersion)
 	if err != nil {
 		return nil, err
 	}
 	key = path.Join(h.pathPrefix, key)
-	w := newEtcdWatcher(true, h.quorum, exceptKey(key), storage.SimpleFilter(pred), h.codec, h.versioner, nil, h.transformer, h)
+	w := newEtcdWatcher(true, h.quorum, exceptKey(key), pred, h.codec, h.versioner, nil, h.transformer, h)
 	go w.etcdWatch(ctx, h.etcdKeysAPI, key, watchRV)
 	return w, nil
 }
@@ -359,7 +359,7 @@ func (h *etcdHelper) GetToList(ctx context.Context, key string, resourceVersion
 	nodes := make([]*etcd.Node, 0)
 	nodes = append(nodes, response.Node)
 
-	if err := h.decodeNodeList(nodes, storage.SimpleFilter(pred), listPtr); err != nil {
+	if err := h.decodeNodeList(nodes, pred, listPtr); err != nil {
 		return err
 	}
 	trace.Step("Object decoded")
@@ -370,7 +370,7 @@ func (h *etcdHelper) GetToList(ctx context.Context, key string, resourceVersion
 }
 
 // decodeNodeList walks the tree of each node in the list and decodes into the specified object
-func (h *etcdHelper) decodeNodeList(nodes []*etcd.Node, filter storage.FilterFunc, slicePtr interface{}) error {
+func (h *etcdHelper) decodeNodeList(nodes []*etcd.Node, pred storage.SelectionPredicate, slicePtr interface{}) error {
 	trace := utiltrace.New("decodeNodeList " + getTypeName(slicePtr))
 	defer trace.LogIfLong(400 * time.Millisecond)
 	v, err := conversion.EnforcePtr(slicePtr)
@@ -383,13 +383,13 @@ func (h *etcdHelper) decodeNodeList(nodes []*etcd.Node, filter storage.FilterFun
 			// IMPORTANT: do not log each key as a discrete step in the trace log
 			// as it produces an immense amount of log spam when there is a large
 			// amount of content in the list.
-			if err := h.decodeNodeList(node.Nodes, filter, slicePtr); err != nil {
+			if err := h.decodeNodeList(node.Nodes, pred, slicePtr); err != nil {
 				return err
 			}
 			continue
 		}
-		if obj, found := h.getFromCache(node.ModifiedIndex, filter); found {
-			// obj != nil iff it matches the filter function.
+		if obj, found := h.getFromCache(node.ModifiedIndex, pred); found {
+			// obj != nil iff it matches the pred function.
 			if obj != nil {
 				v.Set(reflect.Append(v, reflect.ValueOf(obj).Elem()))
 			}
@@ -407,7 +407,7 @@ func (h *etcdHelper) decodeNodeList(nodes []*etcd.Node, filter storage.FilterFun
 			}
 			// being unable to set the version does not prevent the object from being extracted
 			_ = h.versioner.UpdateObject(obj, node.ModifiedIndex)
-			if filter(obj) {
+			if matched, err := pred.Matches(obj); err == nil && matched {
 				v.Set(reflect.Append(v, reflect.ValueOf(obj).Elem()))
 			}
 			if node.ModifiedIndex != 0 {
@@ -439,7 +439,7 @@ func (h *etcdHelper) List(ctx context.Context, key string, resourceVersion strin
 	if err != nil {
 		return err
 	}
-	if err := h.decodeNodeList(nodes, storage.SimpleFilter(pred), listPtr); err != nil {
+	if err := h.decodeNodeList(nodes, pred, listPtr); err != nil {
 		return err
 	}
 	trace.Step("Node list decoded")
@@ -586,11 +586,15 @@ func (h *etcdHelper) GuaranteedUpdate(
 	}
 }
 
+func (*etcdHelper) Count(pathPerfix string) (int64, error) {
+	return 0, fmt.Errorf("Count is unimplemented for etcd2!")
+}
+
 // etcdCache defines interface used for caching objects stored in etcd. Objects are keyed by
 // their Node.ModifiedIndex, which is unique across all types.
 // All implementations must be thread-safe.
 type etcdCache interface {
-	getFromCache(index uint64, filter storage.FilterFunc) (runtime.Object, bool)
+	getFromCache(index uint64, pred storage.SelectionPredicate) (runtime.Object, bool)
 	addToCache(index uint64, obj runtime.Object)
 }
 
@@ -598,14 +602,14 @@ func getTypeName(obj interface{}) string {
 	return reflect.TypeOf(obj).String()
 }
 
-func (h *etcdHelper) getFromCache(index uint64, filter storage.FilterFunc) (runtime.Object, bool) {
+func (h *etcdHelper) getFromCache(index uint64, pred storage.SelectionPredicate) (runtime.Object, bool) {
 	startTime := time.Now()
 	defer func() {
 		metrics.ObserveGetCache(startTime)
 	}()
 	obj, found := h.cache.Get(index)
 	if found {
-		if !filter(obj.(runtime.Object)) {
+		if matched, err := pred.Matches(obj.(runtime.Object)); err != nil || !matched {
 			return nil, true
 		}
 		// We should not return the object itself to avoid polluting the cache if someone
diff --git a/vendor/k8s.io/apiserver/pkg/storage/etcd/etcd_watcher.go b/vendor/k8s.io/apiserver/pkg/storage/etcd/etcd_watcher.go
index 1cd368bd86ee..7c300b430527 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/etcd/etcd_watcher.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/etcd/etcd_watcher.go
@@ -76,9 +76,9 @@ type etcdWatcher struct {
 	valueTransformer ValueTransformer
 
 	list    bool // If we're doing a recursive watch, should be true.
-	quorum  bool // If we enable quorum, shoule be true
+	quorum  bool // If we enable quorum, should be true
 	include includeFunc
-	filter  storage.FilterFunc
+	pred    storage.SelectionPredicate
 
 	etcdIncoming  chan *etcd.Response
 	etcdError     chan error
@@ -105,11 +105,9 @@ const watchWaitDuration = 100 * time.Millisecond
 
 // newEtcdWatcher returns a new etcdWatcher; if list is true, watch sub-nodes.
 // The versioner must be able to handle the objects that transform creates.
-func newEtcdWatcher(
-	list bool, quorum bool, include includeFunc, filter storage.FilterFunc,
+func newEtcdWatcher(list bool, quorum bool, include includeFunc, pred storage.SelectionPredicate,
 	encoding runtime.Codec, versioner storage.Versioner, transform TransformFunc,
-	valueTransformer ValueTransformer,
-	cache etcdCache) *etcdWatcher {
+	valueTransformer ValueTransformer, cache etcdCache) *etcdWatcher {
 	w := &etcdWatcher{
 		encoding:         encoding,
 		versioner:        versioner,
@@ -119,7 +117,7 @@ func newEtcdWatcher(
 		list:    list,
 		quorum:  quorum,
 		include: include,
-		filter:  filter,
+		pred:    pred,
 		// Buffer this channel, so that the etcd client is not forced
 		// to context switch with every object it gets, and so that a
 		// long time spent decoding an object won't block the *next*
@@ -315,7 +313,7 @@ func (w *etcdWatcher) translate() {
 
 // decodeObject extracts an object from the provided etcd node or returns an error.
 func (w *etcdWatcher) decodeObject(node *etcd.Node) (runtime.Object, error) {
-	if obj, found := w.cache.getFromCache(node.ModifiedIndex, storage.SimpleFilter(storage.Everything)); found {
+	if obj, found := w.cache.getFromCache(node.ModifiedIndex, storage.Everything); found {
 		return obj, nil
 	}
 
@@ -365,7 +363,7 @@ func (w *etcdWatcher) sendAdd(res *etcd.Response) {
 		// the resourceVersion to resume will never be able to get past a bad value.
 		return
 	}
-	if !w.filter(obj) {
+	if matched, err := w.pred.Matches(obj); err != nil || !matched {
 		return
 	}
 	action := watch.Added
@@ -391,7 +389,10 @@ func (w *etcdWatcher) sendModify(res *etcd.Response) {
 		// the resourceVersion to resume will never be able to get past a bad value.
 		return
 	}
-	curObjPasses := w.filter(curObj)
+	curObjPasses := false
+	if matched, err := w.pred.Matches(curObj); err == nil && matched {
+		curObjPasses = true
+	}
 	oldObjPasses := false
 	var oldObj runtime.Object
 	if res.PrevNode != nil && res.PrevNode.Value != "" {
@@ -400,10 +401,12 @@ func (w *etcdWatcher) sendModify(res *etcd.Response) {
 			if err := w.versioner.UpdateObject(oldObj, res.Node.ModifiedIndex); err != nil {
 				utilruntime.HandleError(fmt.Errorf("failure to version api object (%d) %#v: %v", res.Node.ModifiedIndex, oldObj, err))
 			}
-			oldObjPasses = w.filter(oldObj)
+			if matched, err := w.pred.Matches(oldObj); err == nil && matched {
+				oldObjPasses = true
+			}
 		}
 	}
-	// Some changes to an object may cause it to start or stop matching a filter.
+	// Some changes to an object may cause it to start or stop matching a pred.
 	// We need to report those as adds/deletes. So we have to check both the previous
 	// and current value of the object.
 	switch {
@@ -423,7 +426,7 @@ func (w *etcdWatcher) sendModify(res *etcd.Response) {
 			Object: oldObj,
 		})
 	}
-	// Do nothing if neither new nor old object passed the filter.
+	// Do nothing if neither new nor old object passed the pred.
 }
 
 func (w *etcdWatcher) sendDelete(res *etcd.Response) {
@@ -449,7 +452,7 @@ func (w *etcdWatcher) sendDelete(res *etcd.Response) {
 		// the resourceVersion to resume will never be able to get past a bad value.
 		return
 	}
-	if !w.filter(obj) {
+	if matched, err := w.pred.Matches(obj); err != nil || !matched {
 		return
 	}
 	w.emit(watch.Event{
diff --git a/vendor/k8s.io/apiserver/pkg/storage/etcd/metrics/metrics.go b/vendor/k8s.io/apiserver/pkg/storage/etcd/metrics/metrics.go
index 12c11eaf90f2..96385f6e601a 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/etcd/metrics/metrics.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/etcd/metrics/metrics.go
@@ -59,6 +59,13 @@ var (
 		},
 		[]string{"operation", "type"},
 	)
+	objectCounts = prometheus.NewGaugeVec(
+		prometheus.GaugeOpts{
+			Name: "etcd_object_counts",
+			Help: "Number of stored objects at the time of last check split by kind.",
+		},
+		[]string{"resource"},
+	)
 )
 
 var registerMetrics sync.Once
@@ -73,9 +80,14 @@ func Register() {
 		prometheus.MustRegister(cacheAddLatency)
 		prometheus.MustRegister(cacheGetLatency)
 		prometheus.MustRegister(etcdRequestLatenciesSummary)
+		prometheus.MustRegister(objectCounts)
 	})
 }
 
+func UpdateObjectCount(resourcePrefix string, count int64) {
+	objectCounts.WithLabelValues(resourcePrefix).Set(float64(count))
+}
+
 func RecordEtcdRequestLatency(verb, resource string, startTime time.Time) {
 	etcdRequestLatenciesSummary.WithLabelValues(verb, resource).Observe(float64(time.Since(startTime) / time.Microsecond))
 }
diff --git a/vendor/k8s.io/apiserver/pkg/storage/etcd/util/BUILD b/vendor/k8s.io/apiserver/pkg/storage/etcd/util/BUILD
index f1405e872969..a0ad4fc56d82 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/etcd/util/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/storage/etcd/util/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["etcd_util_test.go"],
-    importpath = "k8s.io/apiserver/pkg/storage/etcd/util",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/coreos/etcd/client:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/storage/etcd3/BUILD b/vendor/k8s.io/apiserver/pkg/storage/etcd3/BUILD
index 0b7c4311fdce..29f7899503b7 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/etcd3/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/storage/etcd3/BUILD
@@ -13,8 +13,7 @@ go_test(
         "store_test.go",
         "watcher_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/storage/etcd3",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/coreos/etcd/clientv3:go_default_library",
         "//vendor/github.com/coreos/etcd/etcdserver/api/v3rpc/rpctypes:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/storage/etcd3/preflight/BUILD b/vendor/k8s.io/apiserver/pkg/storage/etcd3/preflight/BUILD
index 864a1141d65f..7b8cb68dd3d7 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/etcd3/preflight/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/storage/etcd3/preflight/BUILD
@@ -15,8 +15,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["checks_test.go"],
-    importpath = "k8s.io/apiserver/pkg/storage/etcd3/preflight",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apiserver/pkg/storage/etcd3/store.go b/vendor/k8s.io/apiserver/pkg/storage/etcd3/store.go
index 12579533f547..c83965b09c8a 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/etcd3/store.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/etcd3/store.go
@@ -24,7 +24,6 @@ import (
 	"fmt"
 	"path"
 	"reflect"
-	"strconv"
 	"strings"
 	"time"
 
@@ -406,13 +405,22 @@ func (s *store) GetToList(ctx context.Context, key string, resourceVersion strin
 	if err != nil || v.Kind() != reflect.Slice {
 		panic("need ptr to slice")
 	}
-	if err := appendListItem(v, data, uint64(getResp.Kvs[0].ModRevision), storage.SimpleFilter(pred), s.codec, s.versioner); err != nil {
+	if err := appendListItem(v, data, uint64(getResp.Kvs[0].ModRevision), pred, s.codec, s.versioner); err != nil {
 		return err
 	}
 	// update version with cluster level revision
 	return s.versioner.UpdateList(listObj, uint64(getResp.Header.Revision), "")
 }
 
+func (s *store) Count(key string) (int64, error) {
+	key = path.Join(s.pathPrefix, key)
+	getResp, err := s.client.KV.Get(context.Background(), key, clientv3.WithRange(clientv3.GetPrefixRangeEnd(key)), clientv3.WithCountOnly())
+	if err != nil {
+		return 0, err
+	}
+	return getResp.Count, nil
+}
+
 // continueToken is a simple structured object for encoding the state of a continue token.
 // TODO: if we change the version of the encoded from, we can't start encoding the new version
 // until all other servers are upgraded (i.e. we need to support rolling schema)
@@ -495,8 +503,6 @@ func (s *store) List(ctx context.Context, key, resourceVersion string, pred stor
 	}
 	keyPrefix := key
 
-	filter := storage.SimpleFilter(pred)
-
 	// set the appropriate clientv3 options to filter the returned data set
 	var paging bool
 	options := make([]clientv3.OpOption, 0, 4)
@@ -526,14 +532,14 @@ func (s *store) List(ctx context.Context, key, resourceVersion string, pred stor
 
 	case s.pagingEnabled && pred.Limit > 0:
 		if len(resourceVersion) > 0 {
-			fromRV, err := strconv.ParseInt(resourceVersion, 10, 64)
+			fromRV, err := s.versioner.ParseListResourceVersion(resourceVersion)
 			if err != nil {
 				return apierrors.NewBadRequest(fmt.Sprintf("invalid resource version: %v", err))
 			}
 			if fromRV > 0 {
-				options = append(options, clientv3.WithRev(fromRV))
+				options = append(options, clientv3.WithRev(int64(fromRV)))
 			}
-			returnedRV = fromRV
+			returnedRV = int64(fromRV)
 		}
 
 		rangeEnd := clientv3.GetPrefixRangeEnd(keyPrefix)
@@ -541,14 +547,14 @@ func (s *store) List(ctx context.Context, key, resourceVersion string, pred stor
 
 	default:
 		if len(resourceVersion) > 0 {
-			fromRV, err := strconv.ParseInt(resourceVersion, 10, 64)
+			fromRV, err := s.versioner.ParseListResourceVersion(resourceVersion)
 			if err != nil {
 				return apierrors.NewBadRequest(fmt.Sprintf("invalid resource version: %v", err))
 			}
 			if fromRV > 0 {
-				options = append(options, clientv3.WithRev(fromRV))
+				options = append(options, clientv3.WithRev(int64(fromRV)))
 			}
-			returnedRV = fromRV
+			returnedRV = int64(fromRV)
 		}
 
 		options = append(options, clientv3.WithPrefix())
@@ -590,7 +596,7 @@ func (s *store) List(ctx context.Context, key, resourceVersion string, pred stor
 				continue
 			}
 
-			if err := appendListItem(v, data, uint64(kv.ModRevision), filter, s.codec, s.versioner); err != nil {
+			if err := appendListItem(v, data, uint64(kv.ModRevision), pred, s.codec, s.versioner); err != nil {
 				return err
 			}
 		}
@@ -668,7 +674,7 @@ func (s *store) WatchList(ctx context.Context, key string, resourceVersion strin
 }
 
 func (s *store) watch(ctx context.Context, key string, rv string, pred storage.SelectionPredicate, recursive bool) (watch.Interface, error) {
-	rev, err := storage.ParseWatchResourceVersion(rv)
+	rev, err := s.versioner.ParseWatchResourceVersion(rv)
 	if err != nil {
 		return nil, err
 	}
@@ -777,14 +783,14 @@ func decode(codec runtime.Codec, versioner storage.Versioner, value []byte, objP
 }
 
 // appendListItem decodes and appends the object (if it passes filter) to v, which must be a slice.
-func appendListItem(v reflect.Value, data []byte, rev uint64, filter storage.FilterFunc, codec runtime.Codec, versioner storage.Versioner) error {
+func appendListItem(v reflect.Value, data []byte, rev uint64, pred storage.SelectionPredicate, codec runtime.Codec, versioner storage.Versioner) error {
 	obj, _, err := codec.Decode(data, nil, reflect.New(v.Type().Elem()).Interface().(runtime.Object))
 	if err != nil {
 		return err
 	}
 	// being unable to set the version does not prevent the object from being extracted
 	versioner.UpdateObject(obj, rev)
-	if filter(obj) {
+	if matched, err := pred.Matches(obj); err == nil && matched {
 		v.Set(reflect.Append(v, reflect.ValueOf(obj).Elem()))
 	}
 	return nil
diff --git a/vendor/k8s.io/apiserver/pkg/storage/etcd3/watcher.go b/vendor/k8s.io/apiserver/pkg/storage/etcd3/watcher.go
index 366e161cfa08..38aae2f1fa67 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/etcd3/watcher.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/etcd3/watcher.go
@@ -72,7 +72,7 @@ type watchChan struct {
 	key               string
 	initialRev        int64
 	recursive         bool
-	internalFilter    storage.FilterFunc
+	internalPred      storage.SelectionPredicate
 	ctx               context.Context
 	cancel            context.CancelFunc
 	incomingEventChan chan *event
@@ -111,14 +111,14 @@ func (w *watcher) createWatchChan(ctx context.Context, key string, rev int64, re
 		key:               key,
 		initialRev:        rev,
 		recursive:         recursive,
-		internalFilter:    storage.SimpleFilter(pred),
+		internalPred:      pred,
 		incomingEventChan: make(chan *event, incomingBufSize),
 		resultChan:        make(chan watch.Event, outgoingBufSize),
 		errChan:           make(chan error, 1),
 	}
 	if pred.Empty() {
 		// The filter doesn't filter out any object.
-		wc.internalFilter = nil
+		wc.internalPred = storage.Everything
 	}
 	wc.ctx, wc.cancel = context.WithCancel(ctx)
 	return wc
@@ -250,14 +250,15 @@ func (wc *watchChan) processEvent(wg *sync.WaitGroup) {
 }
 
 func (wc *watchChan) filter(obj runtime.Object) bool {
-	if wc.internalFilter == nil {
+	if wc.internalPred.Empty() {
 		return true
 	}
-	return wc.internalFilter(obj)
+	matched, err := wc.internalPred.Matches(obj)
+	return err == nil && matched
 }
 
 func (wc *watchChan) acceptAll() bool {
-	return wc.internalFilter == nil
+	return wc.internalPred.Empty()
 }
 
 // transform transforms an event into a result for user if not filtered.
diff --git a/vendor/k8s.io/apiserver/pkg/storage/interfaces.go b/vendor/k8s.io/apiserver/pkg/storage/interfaces.go
index 0d81f05c3d95..6241533bebc7 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/interfaces.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/interfaces.go
@@ -28,7 +28,9 @@ import (
 // Versioner abstracts setting and retrieving metadata fields from database response
 // onto the object ot list. It is required to maintain storage invariants - updating an
 // object twice with the same data except for the ResourceVersion and SelfLink must be
-// a no-op.
+// a no-op. A resourceVersion of type uint64 is a 'raw' resourceVersion,
+// intended to be sent directly to or from the backend. A resourceVersion of
+// type string is a 'safe' resourceVersion, intended for consumption by users.
 type Versioner interface {
 	// UpdateObject sets storage metadata into an API object. Returns an error if the object
 	// cannot be updated correctly. May return nil if the requested object does not need metadata
@@ -45,6 +47,17 @@ type Versioner interface {
 	// ObjectResourceVersion returns the resource version (for persistence) of the specified object.
 	// Should return an error if the specified object does not have a persistable version.
 	ObjectResourceVersion(obj runtime.Object) (uint64, error)
+
+	// ParseWatchResourceVersion takes a resource version argument and
+	// converts it to the storage backend we should pass to helper.Watch().
+	// Because resourceVersion is an opaque value, the default watch
+	// behavior for non-zero watch is to watch the next value (if you pass
+	// "1", you will see updates from "2" onwards).
+	ParseWatchResourceVersion(resourceVersion string) (uint64, error)
+	// ParseListResourceVersion takes a resource version argument and
+	// converts it to the storage backend version. Appropriate for
+	// everything that's not intended as an argument for watch.
+	ParseListResourceVersion(resourceVersion string) (uint64, error)
 }
 
 // ResponseMeta contains information about the database metadata that is associated with
@@ -70,10 +83,6 @@ type MatchValue struct {
 // to that function.
 type TriggerPublisherFunc func(obj runtime.Object) []MatchValue
 
-// FilterFunc takes an API object and returns true if the object satisfies some requirements.
-// TODO: We will remove this type and use SelectionPredicate everywhere.
-type FilterFunc func(obj runtime.Object) bool
-
 // Everything accepts all objects.
 var Everything = SelectionPredicate{
 	Label: labels.Everything(),
@@ -186,4 +195,7 @@ type Interface interface {
 	GuaranteedUpdate(
 		ctx context.Context, key string, ptrToType runtime.Object, ignoreNotFound bool,
 		precondtions *Preconditions, tryUpdate UpdateFunc, suggestion ...runtime.Object) error
+
+	// Count returns number of different entries under the key (generally being path prefix).
+	Count(key string) (int64, error)
 }
diff --git a/vendor/k8s.io/apiserver/pkg/storage/names/BUILD b/vendor/k8s.io/apiserver/pkg/storage/names/BUILD
index 4e7511282f31..0accf5b7b089 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/names/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/storage/names/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["generate_test.go"],
-    importpath = "k8s.io/apiserver/pkg/storage/names",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apiserver/pkg/storage/selection_predicate.go b/vendor/k8s.io/apiserver/pkg/storage/selection_predicate.go
index 83e423a97abe..9c8c3d5994c2 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/selection_predicate.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/selection_predicate.go
@@ -96,7 +96,7 @@ func (s *SelectionPredicate) Matches(obj runtime.Object) (bool, error) {
 	}
 	matched := s.Label.Matches(labels)
 	if matched && s.Field != nil {
-		matched = (matched && s.Field.Matches(fields))
+		matched = matched && s.Field.Matches(fields)
 	}
 	return matched, nil
 }
diff --git a/vendor/k8s.io/apiserver/pkg/storage/storagebackend/config.go b/vendor/k8s.io/apiserver/pkg/storage/storagebackend/config.go
index b725985f693f..8d7ecf37c682 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/storagebackend/config.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/storagebackend/config.go
@@ -62,6 +62,9 @@ type Config struct {
 	// CompactionInterval is an interval of requesting compaction from apiserver.
 	// If the value is 0, no compaction will be issued.
 	CompactionInterval time.Duration
+
+	// CountMetricPollPeriod specifies how often should count metric be updated
+	CountMetricPollPeriod time.Duration
 }
 
 func NewDefaultConfig(prefix string, codec runtime.Codec) *Config {
diff --git a/vendor/k8s.io/apiserver/pkg/storage/storagebackend/factory/BUILD b/vendor/k8s.io/apiserver/pkg/storage/storagebackend/factory/BUILD
index 474d8990339a..9b6666c8c53b 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/storagebackend/factory/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/storage/storagebackend/factory/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["tls_test.go"],
-    importpath = "k8s.io/apiserver/pkg/storage/storagebackend/factory",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/coreos/etcd/integration:go_default_library",
         "//vendor/github.com/coreos/etcd/pkg/transport:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/storage/storagebackend/factory/etcd3.go b/vendor/k8s.io/apiserver/pkg/storage/storagebackend/factory/etcd3.go
index a5ccbf2fdd49..48bba73110b0 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/storagebackend/factory/etcd3.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/storagebackend/factory/etcd3.go
@@ -17,6 +17,8 @@ limitations under the License.
 package factory
 
 import (
+	"time"
+
 	"github.com/coreos/etcd/clientv3"
 	"github.com/coreos/etcd/pkg/transport"
 	"golang.org/x/net/context"
@@ -27,6 +29,13 @@ import (
 	"k8s.io/apiserver/pkg/storage/value"
 )
 
+// The short keepalive timeout and interval have been chosen to aggressively
+// detect a failed etcd server without introducing much overhead.
+var (
+	keepaliveTime    = 30 * time.Second
+	keepaliveTimeout = 10 * time.Second
+)
+
 func newETCD3Storage(c storagebackend.Config) (storage.Interface, DestroyFunc, error) {
 	tlsInfo := transport.TLSInfo{
 		CertFile: c.CertFile,
@@ -43,8 +52,10 @@ func newETCD3Storage(c storagebackend.Config) (storage.Interface, DestroyFunc, e
 		tlsConfig = nil
 	}
 	cfg := clientv3.Config{
-		Endpoints: c.ServerList,
-		TLS:       tlsConfig,
+		DialKeepAliveTime:    keepaliveTime,
+		DialKeepAliveTimeout: keepaliveTimeout,
+		Endpoints:            c.ServerList,
+		TLS:                  tlsConfig,
 	}
 	client, err := clientv3.New(cfg)
 	if err != nil {
diff --git a/vendor/k8s.io/apiserver/pkg/storage/util.go b/vendor/k8s.io/apiserver/pkg/storage/util.go
index 3e0b7211b950..9d437d06223c 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/util.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/util.go
@@ -18,16 +18,12 @@ package storage
 
 import (
 	"fmt"
-	"strconv"
 	"strings"
 	"sync/atomic"
 
-	"github.com/golang/glog"
-
 	"k8s.io/apimachinery/pkg/api/meta"
 	"k8s.io/apimachinery/pkg/api/validation/path"
 	"k8s.io/apimachinery/pkg/runtime"
-	"k8s.io/apimachinery/pkg/util/validation/field"
 )
 
 type SimpleUpdateFunc func(runtime.Object) (runtime.Object, error)
@@ -40,19 +36,6 @@ func SimpleUpdate(fn SimpleUpdateFunc) UpdateFunc {
 	}
 }
 
-// SimpleFilter converts a selection predicate into a FilterFunc.
-// It ignores any error from Matches().
-func SimpleFilter(p SelectionPredicate) FilterFunc {
-	return func(obj runtime.Object) bool {
-		matches, err := p.Matches(obj)
-		if err != nil {
-			glog.Errorf("invalid object for matching. Obj: %v. Err: %v", obj, err)
-			return false
-		}
-		return matches
-	}
-}
-
 func EverythingFunc(runtime.Object) bool {
 	return true
 }
@@ -65,35 +48,6 @@ func NoTriggerPublisher(runtime.Object) []MatchValue {
 	return nil
 }
 
-// ParseWatchResourceVersion takes a resource version argument and converts it to
-// the etcd version we should pass to helper.Watch(). Because resourceVersion is
-// an opaque value, the default watch behavior for non-zero watch is to watch
-// the next value (if you pass "1", you will see updates from "2" onwards).
-func ParseWatchResourceVersion(resourceVersion string) (uint64, error) {
-	if resourceVersion == "" || resourceVersion == "0" {
-		return 0, nil
-	}
-	version, err := strconv.ParseUint(resourceVersion, 10, 64)
-	if err != nil {
-		return 0, NewInvalidError(field.ErrorList{
-			// Validation errors are supposed to return version-specific field
-			// paths, but this is probably close enough.
-			field.Invalid(field.NewPath("resourceVersion"), resourceVersion, err.Error()),
-		})
-	}
-	return version, nil
-}
-
-// ParseListResourceVersion takes a resource version argument and converts it to
-// the etcd version.
-func ParseListResourceVersion(resourceVersion string) (uint64, error) {
-	if resourceVersion == "" {
-		return 0, nil
-	}
-	version, err := strconv.ParseUint(resourceVersion, 10, 64)
-	return version, err
-}
-
 func NamespaceKeyFunc(prefix string, obj runtime.Object) (string, error) {
 	meta, err := meta.Accessor(obj)
 	if err != nil {
diff --git a/vendor/k8s.io/apiserver/pkg/storage/value/BUILD b/vendor/k8s.io/apiserver/pkg/storage/value/BUILD
index 22d5ec1761a1..2e132c760ec4 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/value/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/storage/value/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["transformer_test.go"],
-    importpath = "k8s.io/apiserver/pkg/storage/value",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/aes/BUILD b/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/aes/BUILD
index 4c3bc7a875ff..920e6fa2b372 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/aes/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/aes/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["aes_test.go"],
-    importpath = "k8s.io/apiserver/pkg/storage/value/encrypt/aes",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apiserver/pkg/storage/value:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/BUILD b/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/BUILD
index 3ceb65a02c64..32456390b23a 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/BUILD
@@ -8,23 +8,115 @@ load(
 
 go_library(
     name = "go_default_library",
-    srcs = ["envelope.go"],
+    srcs = [
+        "envelope.go",
+        "grpc_service.go",
+    ],
     importpath = "k8s.io/apiserver/pkg/storage/value/encrypt/envelope",
     deps = [
+        "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/hashicorp/golang-lru:go_default_library",
+        "//vendor/golang.org/x/net/context:go_default_library",
+        "//vendor/google.golang.org/grpc:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/value:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1:go_default_library",
     ],
 )
 
 go_test(
     name = "go_default_test",
-    srcs = ["envelope_test.go"],
-    importpath = "k8s.io/apiserver/pkg/storage/value/encrypt/envelope",
-    library = ":go_default_library",
+    srcs = [
+        "envelope_test.go",
+    ] + select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "grpc_service_unix_test.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "grpc_service_unix_test.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "grpc_service_unix_test.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "grpc_service_unix_test.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "grpc_service_unix_test.go",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "grpc_service_unix_test.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "grpc_service_unix_test.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "grpc_service_unix_test.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "grpc_service_unix_test.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "grpc_service_unix_test.go",
+        ],
+        "//conditions:default": [],
+    }),
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apiserver/pkg/storage/value:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/value/encrypt/aes:go_default_library",
-    ],
+    ] + select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+            "//vendor/google.golang.org/grpc:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+            "//vendor/google.golang.org/grpc:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+            "//vendor/google.golang.org/grpc:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+            "//vendor/google.golang.org/grpc:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+            "//vendor/google.golang.org/grpc:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+            "//vendor/google.golang.org/grpc:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+            "//vendor/google.golang.org/grpc:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+            "//vendor/google.golang.org/grpc:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+            "//vendor/google.golang.org/grpc:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+            "//vendor/google.golang.org/grpc:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1:go_default_library",
+        ],
+        "//conditions:default": [],
+    }),
 )
 
 filegroup(
@@ -36,6 +128,9 @@ filegroup(
 
 filegroup(
     name = "all-srcs",
-    srcs = [":package-srcs"],
+    srcs = [
+        ":package-srcs",
+        "//staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1:all-srcs",
+    ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/envelope.go b/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/envelope.go
index 9782e44b66d3..90f1dca42b2c 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/envelope.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/envelope.go
@@ -21,6 +21,7 @@ import (
 	"crypto/aes"
 	"crypto/cipher"
 	"crypto/rand"
+	"encoding/base64"
 	"encoding/binary"
 	"fmt"
 
@@ -34,10 +35,10 @@ const defaultCacheSize = 1000
 
 // Service allows encrypting and decrypting data using an external Key Management Service.
 type Service interface {
-	// Decrypt a given data string to obtain the original byte data.
-	Decrypt(data string) ([]byte, error)
-	// Encrypt bytes to a string ciphertext.
-	Encrypt(data []byte) (string, error)
+	// Decrypt a given bytearray to obtain the original data as bytes.
+	Decrypt(data []byte) ([]byte, error)
+	// Encrypt bytes to a ciphertext.
+	Encrypt(data []byte) ([]byte, error)
 }
 
 type envelopeTransformer struct {
@@ -78,15 +79,12 @@ func (t *envelopeTransformer) TransformFromStorage(data []byte, context value.Co
 	if keyLen+2 > len(data) {
 		return nil, false, fmt.Errorf("invalid data encountered by genvelope transformer, length longer than available bytes: %q", data)
 	}
-	encKey := string(data[2 : keyLen+2])
+	encKey := data[2 : keyLen+2]
 	encData := data[2+keyLen:]
 
-	var transformer value.Transformer
 	// Look up the decrypted DEK from cache or Envelope.
-	_transformer, found := t.transformers.Get(encKey)
-	if found {
-		transformer = _transformer.(value.Transformer)
-	} else {
+	transformer := t.getTransformer(encKey)
+	if transformer == nil {
 		key, err := t.envelopeService.Decrypt(encKey)
 		if err != nil {
 			return nil, false, fmt.Errorf("error while decrypting key: %q", err)
@@ -136,16 +134,27 @@ func (t *envelopeTransformer) TransformToStorage(data []byte, context value.Cont
 var _ value.Transformer = &envelopeTransformer{}
 
 // addTransformer inserts a new transformer to the Envelope cache of DEKs for future reads.
-func (t *envelopeTransformer) addTransformer(encKey string, key []byte) (value.Transformer, error) {
+func (t *envelopeTransformer) addTransformer(encKey []byte, key []byte) (value.Transformer, error) {
 	block, err := aes.NewCipher(key)
 	if err != nil {
 		return nil, err
 	}
 	transformer := t.baseTransformerFunc(block)
-	t.transformers.Add(encKey, transformer)
+	// Use base64 of encKey as the key into the cache because hashicorp/golang-lru
+	// cannot hash []uint8.
+	t.transformers.Add(base64.StdEncoding.EncodeToString(encKey), transformer)
 	return transformer, nil
 }
 
+// getTransformer fetches the transformer corresponding to encKey from cache, if it exists.
+func (t *envelopeTransformer) getTransformer(encKey []byte) value.Transformer {
+	_transformer, found := t.transformers.Get(base64.StdEncoding.EncodeToString(encKey))
+	if found {
+		return _transformer.(value.Transformer)
+	}
+	return nil
+}
+
 // generateKey generates a random key using system randomness.
 func generateKey(length int) ([]byte, error) {
 	key := make([]byte, length)
diff --git a/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/grpc_service.go b/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/grpc_service.go
new file mode 100644
index 000000000000..ce910f856b04
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/grpc_service.go
@@ -0,0 +1,144 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package envelope transforms values for storage at rest using a Envelope provider
+package envelope
+
+import (
+	"fmt"
+	"net"
+	"net/url"
+	"time"
+
+	"github.com/golang/glog"
+
+	"google.golang.org/grpc"
+
+	"golang.org/x/net/context"
+
+	kmsapi "k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1"
+)
+
+const (
+	// Now only supported unix domain socket.
+	unixProtocol = "unix"
+
+	// Current version for the protocol interface definition.
+	kmsapiVersion = "v1beta1"
+
+	// The timeout that communicate with KMS server.
+	timeout = 30 * time.Second
+)
+
+// The gRPC implementation for envelope.Service.
+type gRPCService struct {
+	// gRPC client instance
+	kmsClient  kmsapi.KeyManagementServiceClient
+	connection *grpc.ClientConn
+}
+
+// NewGRPCService returns an envelope.Service which use gRPC to communicate the remote KMS provider.
+func NewGRPCService(endpoint string) (Service, error) {
+	glog.V(4).Infof("Configure KMS provider with endpoint: %s", endpoint)
+
+	addr, err := parseEndpoint(endpoint)
+	if err != nil {
+		return nil, err
+	}
+
+	connection, err := grpc.Dial(addr, grpc.WithInsecure(), grpc.WithTimeout(timeout), grpc.WithDialer(unixDial))
+	if err != nil {
+		return nil, fmt.Errorf("connect remote KMS provider %q failed, error: %v", addr, err)
+	}
+
+	kmsClient := kmsapi.NewKeyManagementServiceClient(connection)
+
+	err = checkAPIVersion(kmsClient)
+	if err != nil {
+		connection.Close()
+		return nil, fmt.Errorf("failed check version for %q, error: %v", addr, err)
+	}
+
+	return &gRPCService{kmsClient: kmsClient, connection: connection}, nil
+}
+
+// This dialer explicitly ask gRPC to use unix socket as network.
+func unixDial(addr string, timeout time.Duration) (net.Conn, error) {
+	return net.DialTimeout(unixProtocol, addr, timeout)
+}
+
+// Parse the endpoint to extract schema, host or path.
+func parseEndpoint(endpoint string) (string, error) {
+	if len(endpoint) == 0 {
+		return "", fmt.Errorf("remote KMS provider can't use empty string as endpoint")
+	}
+
+	u, err := url.Parse(endpoint)
+	if err != nil {
+		return "", fmt.Errorf("invalid endpoint %q for remote KMS provider, error: %v", endpoint, err)
+	}
+
+	if u.Scheme != unixProtocol {
+		return "", fmt.Errorf("unsupported scheme %q for remote KMS provider", u.Scheme)
+	}
+	return u.Path, nil
+}
+
+// Check the KMS provider API version.
+// Only matching kmsapiVersion is supported now.
+func checkAPIVersion(kmsClient kmsapi.KeyManagementServiceClient) error {
+	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	defer cancel()
+
+	request := &kmsapi.VersionRequest{Version: kmsapiVersion}
+	response, err := kmsClient.Version(ctx, request)
+	if err != nil {
+		return fmt.Errorf("failed get version from remote KMS provider: %v", err)
+	}
+	if response.Version != kmsapiVersion {
+		return fmt.Errorf("KMS provider api version %s is not supported, only %s is supported now",
+			response.Version, kmsapiVersion)
+	}
+
+	glog.V(4).Infof("KMS provider %s initialized, version: %s", response.RuntimeName, response.RuntimeVersion)
+	return nil
+}
+
+// Decrypt a given data string to obtain the original byte data.
+func (g *gRPCService) Decrypt(cipher []byte) ([]byte, error) {
+	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	defer cancel()
+
+	request := &kmsapi.DecryptRequest{Cipher: cipher, Version: kmsapiVersion}
+	response, err := g.kmsClient.Decrypt(ctx, request)
+	if err != nil {
+		return nil, err
+	}
+	return response.Plain, nil
+}
+
+// Encrypt bytes to a string ciphertext.
+func (g *gRPCService) Encrypt(plain []byte) ([]byte, error) {
+	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	defer cancel()
+
+	request := &kmsapi.EncryptRequest{Plain: plain, Version: kmsapiVersion}
+	response, err := g.kmsClient.Encrypt(ctx, request)
+	if err != nil {
+		return nil, err
+	}
+	return response.Cipher, nil
+}
diff --git a/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1/BUILD b/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1/BUILD
new file mode 100644
index 000000000000..5fafc66b1616
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1/BUILD
@@ -0,0 +1,33 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+filegroup(
+    name = "go_default_library_protos",
+    srcs = ["service.proto"],
+    visibility = ["//visibility:public"],
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = ["service.pb.go"],
+    importpath = "k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//vendor/github.com/gogo/protobuf/proto:go_default_library",
+        "//vendor/golang.org/x/net/context:go_default_library",
+        "//vendor/google.golang.org/grpc:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1/service.pb.go b/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1/service.pb.go
new file mode 100644
index 000000000000..52525fffc68b
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1/service.pb.go
@@ -0,0 +1,370 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by protoc-gen-gogo.
+// source: service.proto
+// DO NOT EDIT!
+
+/*
+Package v1beta1 is a generated protocol buffer package.
+
+It is generated from these files:
+	service.proto
+
+It has these top-level messages:
+	VersionRequest
+	VersionResponse
+	DecryptRequest
+	DecryptResponse
+	EncryptRequest
+	EncryptResponse
+*/
+package v1beta1
+
+import proto "github.com/gogo/protobuf/proto"
+import fmt "fmt"
+import math "math"
+
+import (
+	context "golang.org/x/net/context"
+	grpc "google.golang.org/grpc"
+)
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = fmt.Errorf
+var _ = math.Inf
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the proto package it is being compiled against.
+// A compilation error at this line likely means your copy of the
+// proto package needs to be updated.
+const _ = proto.GoGoProtoPackageIsVersion2 // please upgrade the proto package
+
+type VersionRequest struct {
+	// Version of the KMS plugin API.
+	Version string `protobuf:"bytes,1,opt,name=version,proto3" json:"version,omitempty"`
+}
+
+func (m *VersionRequest) Reset()                    { *m = VersionRequest{} }
+func (m *VersionRequest) String() string            { return proto.CompactTextString(m) }
+func (*VersionRequest) ProtoMessage()               {}
+func (*VersionRequest) Descriptor() ([]byte, []int) { return fileDescriptorService, []int{0} }
+
+func (m *VersionRequest) GetVersion() string {
+	if m != nil {
+		return m.Version
+	}
+	return ""
+}
+
+type VersionResponse struct {
+	// Version of the KMS plugin API.
+	Version string `protobuf:"bytes,1,opt,name=version,proto3" json:"version,omitempty"`
+	// Name of the KMS provider.
+	RuntimeName string `protobuf:"bytes,2,opt,name=runtime_name,json=runtimeName,proto3" json:"runtime_name,omitempty"`
+	// Version of the KMS provider. The string must be semver-compatible.
+	RuntimeVersion string `protobuf:"bytes,3,opt,name=runtime_version,json=runtimeVersion,proto3" json:"runtime_version,omitempty"`
+}
+
+func (m *VersionResponse) Reset()                    { *m = VersionResponse{} }
+func (m *VersionResponse) String() string            { return proto.CompactTextString(m) }
+func (*VersionResponse) ProtoMessage()               {}
+func (*VersionResponse) Descriptor() ([]byte, []int) { return fileDescriptorService, []int{1} }
+
+func (m *VersionResponse) GetVersion() string {
+	if m != nil {
+		return m.Version
+	}
+	return ""
+}
+
+func (m *VersionResponse) GetRuntimeName() string {
+	if m != nil {
+		return m.RuntimeName
+	}
+	return ""
+}
+
+func (m *VersionResponse) GetRuntimeVersion() string {
+	if m != nil {
+		return m.RuntimeVersion
+	}
+	return ""
+}
+
+type DecryptRequest struct {
+	// Version of the KMS plugin API.
+	Version string `protobuf:"bytes,1,opt,name=version,proto3" json:"version,omitempty"`
+	// The data to be decrypted.
+	Cipher []byte `protobuf:"bytes,2,opt,name=cipher,proto3" json:"cipher,omitempty"`
+}
+
+func (m *DecryptRequest) Reset()                    { *m = DecryptRequest{} }
+func (m *DecryptRequest) String() string            { return proto.CompactTextString(m) }
+func (*DecryptRequest) ProtoMessage()               {}
+func (*DecryptRequest) Descriptor() ([]byte, []int) { return fileDescriptorService, []int{2} }
+
+func (m *DecryptRequest) GetVersion() string {
+	if m != nil {
+		return m.Version
+	}
+	return ""
+}
+
+func (m *DecryptRequest) GetCipher() []byte {
+	if m != nil {
+		return m.Cipher
+	}
+	return nil
+}
+
+type DecryptResponse struct {
+	// The decrypted data.
+	Plain []byte `protobuf:"bytes,1,opt,name=plain,proto3" json:"plain,omitempty"`
+}
+
+func (m *DecryptResponse) Reset()                    { *m = DecryptResponse{} }
+func (m *DecryptResponse) String() string            { return proto.CompactTextString(m) }
+func (*DecryptResponse) ProtoMessage()               {}
+func (*DecryptResponse) Descriptor() ([]byte, []int) { return fileDescriptorService, []int{3} }
+
+func (m *DecryptResponse) GetPlain() []byte {
+	if m != nil {
+		return m.Plain
+	}
+	return nil
+}
+
+type EncryptRequest struct {
+	// Version of the KMS plugin API.
+	Version string `protobuf:"bytes,1,opt,name=version,proto3" json:"version,omitempty"`
+	// The data to be encrypted.
+	Plain []byte `protobuf:"bytes,2,opt,name=plain,proto3" json:"plain,omitempty"`
+}
+
+func (m *EncryptRequest) Reset()                    { *m = EncryptRequest{} }
+func (m *EncryptRequest) String() string            { return proto.CompactTextString(m) }
+func (*EncryptRequest) ProtoMessage()               {}
+func (*EncryptRequest) Descriptor() ([]byte, []int) { return fileDescriptorService, []int{4} }
+
+func (m *EncryptRequest) GetVersion() string {
+	if m != nil {
+		return m.Version
+	}
+	return ""
+}
+
+func (m *EncryptRequest) GetPlain() []byte {
+	if m != nil {
+		return m.Plain
+	}
+	return nil
+}
+
+type EncryptResponse struct {
+	// The encrypted data.
+	Cipher []byte `protobuf:"bytes,1,opt,name=cipher,proto3" json:"cipher,omitempty"`
+}
+
+func (m *EncryptResponse) Reset()                    { *m = EncryptResponse{} }
+func (m *EncryptResponse) String() string            { return proto.CompactTextString(m) }
+func (*EncryptResponse) ProtoMessage()               {}
+func (*EncryptResponse) Descriptor() ([]byte, []int) { return fileDescriptorService, []int{5} }
+
+func (m *EncryptResponse) GetCipher() []byte {
+	if m != nil {
+		return m.Cipher
+	}
+	return nil
+}
+
+func init() {
+	proto.RegisterType((*VersionRequest)(nil), "v1beta1.VersionRequest")
+	proto.RegisterType((*VersionResponse)(nil), "v1beta1.VersionResponse")
+	proto.RegisterType((*DecryptRequest)(nil), "v1beta1.DecryptRequest")
+	proto.RegisterType((*DecryptResponse)(nil), "v1beta1.DecryptResponse")
+	proto.RegisterType((*EncryptRequest)(nil), "v1beta1.EncryptRequest")
+	proto.RegisterType((*EncryptResponse)(nil), "v1beta1.EncryptResponse")
+}
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ context.Context
+var _ grpc.ClientConn
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the grpc package it is being compiled against.
+const _ = grpc.SupportPackageIsVersion4
+
+// Client API for KeyManagementService service
+
+type KeyManagementServiceClient interface {
+	// Version returns the runtime name and runtime version of the KMS provider.
+	Version(ctx context.Context, in *VersionRequest, opts ...grpc.CallOption) (*VersionResponse, error)
+	// Execute decryption operation in KMS provider.
+	Decrypt(ctx context.Context, in *DecryptRequest, opts ...grpc.CallOption) (*DecryptResponse, error)
+	// Execute encryption operation in KMS provider.
+	Encrypt(ctx context.Context, in *EncryptRequest, opts ...grpc.CallOption) (*EncryptResponse, error)
+}
+
+type keyManagementServiceClient struct {
+	cc *grpc.ClientConn
+}
+
+func NewKeyManagementServiceClient(cc *grpc.ClientConn) KeyManagementServiceClient {
+	return &keyManagementServiceClient{cc}
+}
+
+func (c *keyManagementServiceClient) Version(ctx context.Context, in *VersionRequest, opts ...grpc.CallOption) (*VersionResponse, error) {
+	out := new(VersionResponse)
+	err := grpc.Invoke(ctx, "/v1beta1.KeyManagementService/Version", in, out, c.cc, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *keyManagementServiceClient) Decrypt(ctx context.Context, in *DecryptRequest, opts ...grpc.CallOption) (*DecryptResponse, error) {
+	out := new(DecryptResponse)
+	err := grpc.Invoke(ctx, "/v1beta1.KeyManagementService/Decrypt", in, out, c.cc, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *keyManagementServiceClient) Encrypt(ctx context.Context, in *EncryptRequest, opts ...grpc.CallOption) (*EncryptResponse, error) {
+	out := new(EncryptResponse)
+	err := grpc.Invoke(ctx, "/v1beta1.KeyManagementService/Encrypt", in, out, c.cc, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+// Server API for KeyManagementService service
+
+type KeyManagementServiceServer interface {
+	// Version returns the runtime name and runtime version of the KMS provider.
+	Version(context.Context, *VersionRequest) (*VersionResponse, error)
+	// Execute decryption operation in KMS provider.
+	Decrypt(context.Context, *DecryptRequest) (*DecryptResponse, error)
+	// Execute encryption operation in KMS provider.
+	Encrypt(context.Context, *EncryptRequest) (*EncryptResponse, error)
+}
+
+func RegisterKeyManagementServiceServer(s *grpc.Server, srv KeyManagementServiceServer) {
+	s.RegisterService(&_KeyManagementService_serviceDesc, srv)
+}
+
+func _KeyManagementService_Version_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(VersionRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(KeyManagementServiceServer).Version(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/v1beta1.KeyManagementService/Version",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(KeyManagementServiceServer).Version(ctx, req.(*VersionRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+func _KeyManagementService_Decrypt_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(DecryptRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(KeyManagementServiceServer).Decrypt(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/v1beta1.KeyManagementService/Decrypt",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(KeyManagementServiceServer).Decrypt(ctx, req.(*DecryptRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+func _KeyManagementService_Encrypt_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(EncryptRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(KeyManagementServiceServer).Encrypt(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/v1beta1.KeyManagementService/Encrypt",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(KeyManagementServiceServer).Encrypt(ctx, req.(*EncryptRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+var _KeyManagementService_serviceDesc = grpc.ServiceDesc{
+	ServiceName: "v1beta1.KeyManagementService",
+	HandlerType: (*KeyManagementServiceServer)(nil),
+	Methods: []grpc.MethodDesc{
+		{
+			MethodName: "Version",
+			Handler:    _KeyManagementService_Version_Handler,
+		},
+		{
+			MethodName: "Decrypt",
+			Handler:    _KeyManagementService_Decrypt_Handler,
+		},
+		{
+			MethodName: "Encrypt",
+			Handler:    _KeyManagementService_Encrypt_Handler,
+		},
+	},
+	Streams:  []grpc.StreamDesc{},
+	Metadata: "service.proto",
+}
+
+func init() { proto.RegisterFile("service.proto", fileDescriptorService) }
+
+var fileDescriptorService = []byte{
+	// 287 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x8c, 0x52, 0xcd, 0x4a, 0xc4, 0x30,
+	0x10, 0xde, 0xae, 0xb8, 0xc5, 0xb1, 0xb6, 0x10, 0x16, 0x2d, 0x9e, 0x34, 0x97, 0x55, 0x0f, 0x85,
+	0xd5, 0xbb, 0x88, 0xe8, 0x49, 0xf4, 0x50, 0xc1, 0xab, 0x64, 0xcb, 0xa0, 0x05, 0x9b, 0xc6, 0x24,
+	0x5b, 0xd9, 0x17, 0xf5, 0x79, 0xc4, 0x66, 0x5a, 0xd3, 0x15, 0x71, 0x8f, 0x33, 0x99, 0xef, 0x6f,
+	0x26, 0xb0, 0x67, 0x50, 0x37, 0x65, 0x81, 0x99, 0xd2, 0xb5, 0xad, 0x59, 0xd8, 0xcc, 0x17, 0x68,
+	0xc5, 0x9c, 0x9f, 0x41, 0xfc, 0x84, 0xda, 0x94, 0xb5, 0xcc, 0xf1, 0x7d, 0x89, 0xc6, 0xb2, 0x14,
+	0xc2, 0xc6, 0x75, 0xd2, 0xe0, 0x28, 0x38, 0xd9, 0xc9, 0xbb, 0x92, 0x7f, 0x40, 0xd2, 0xcf, 0x1a,
+	0x55, 0x4b, 0x83, 0x7f, 0x0f, 0xb3, 0x63, 0x88, 0xf4, 0x52, 0xda, 0xb2, 0xc2, 0x67, 0x29, 0x2a,
+	0x4c, 0xc7, 0xed, 0xf3, 0x2e, 0xf5, 0x1e, 0x44, 0x85, 0x6c, 0x06, 0x49, 0x37, 0xd2, 0x91, 0x6c,
+	0xb5, 0x53, 0x31, 0xb5, 0x49, 0x8d, 0x5f, 0x43, 0x7c, 0x83, 0x85, 0x5e, 0x29, 0xfb, 0xaf, 0x49,
+	0xb6, 0x0f, 0x93, 0xa2, 0x54, 0xaf, 0xa8, 0x5b, 0xc5, 0x28, 0xa7, 0x8a, 0xcf, 0x20, 0xe9, 0x39,
+	0xc8, 0xfc, 0x14, 0xb6, 0xd5, 0x9b, 0x28, 0x1d, 0x45, 0x94, 0xbb, 0x82, 0x5f, 0x41, 0x7c, 0x2b,
+	0x37, 0x14, 0xeb, 0x19, 0xc6, 0x3e, 0xc3, 0x29, 0x24, 0x3d, 0x03, 0x49, 0xfd, 0xb8, 0x0a, 0x7c,
+	0x57, 0xe7, 0x9f, 0x01, 0x4c, 0xef, 0x70, 0x75, 0x2f, 0xa4, 0x78, 0xc1, 0x0a, 0xa5, 0x7d, 0x74,
+	0x67, 0x62, 0x97, 0x10, 0x52, 0x7a, 0x76, 0x90, 0xd1, 0xb1, 0xb2, 0xe1, 0xa5, 0x0e, 0xd3, 0xdf,
+	0x0f, 0x4e, 0x8e, 0x8f, 0xbe, 0xf1, 0x14, 0xd7, 0xc3, 0x0f, 0x97, 0xe8, 0xe1, 0xd7, 0x36, 0xe3,
+	0xf0, 0x94, 0xc1, 0xc3, 0x0f, 0xf7, 0xe2, 0xe1, 0xd7, 0xe2, 0xf2, 0xd1, 0x62, 0xd2, 0xfe, 0xb3,
+	0x8b, 0xaf, 0x00, 0x00, 0x00, 0xff, 0xff, 0x33, 0x8d, 0x09, 0xe1, 0x78, 0x02, 0x00, 0x00,
+}
diff --git a/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1/service.proto b/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1/service.proto
new file mode 100644
index 000000000000..dbde9080e70c
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1/service.proto
@@ -0,0 +1,54 @@
+// To regenerate service.pb.go run hack/update-generated-kms.sh
+syntax = "proto3";
+
+package v1beta1;
+
+// This service defines the public APIs for remote KMS provider.
+service KeyManagementService {
+    // Version returns the runtime name and runtime version of the KMS provider.
+    rpc Version(VersionRequest) returns (VersionResponse) {}
+
+    // Execute decryption operation in KMS provider.
+    rpc Decrypt(DecryptRequest) returns (DecryptResponse) {}
+    // Execute encryption operation in KMS provider.
+    rpc Encrypt(EncryptRequest) returns (EncryptResponse) {}
+}
+
+message VersionRequest {
+    // Version of the KMS plugin API.
+    string version = 1;
+}
+
+message VersionResponse {
+    // Version of the KMS plugin API.
+    string version = 1;
+    // Name of the KMS provider.
+    string runtime_name = 2;
+    // Version of the KMS provider. The string must be semver-compatible.
+    string runtime_version = 3;
+}
+
+message DecryptRequest {
+    // Version of the KMS plugin API.
+    string version = 1;
+    // The data to be decrypted.
+    bytes cipher = 2;
+}
+
+message DecryptResponse {
+    // The decrypted data.
+    bytes plain = 1;
+}
+
+message EncryptRequest {
+    // Version of the KMS plugin API.
+    string version = 1;
+    // The data to be encrypted.
+    bytes plain = 2;
+}
+
+message EncryptResponse {
+    // The encrypted data.
+    bytes cipher = 1;
+}
+
diff --git a/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/secretbox/BUILD b/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/secretbox/BUILD
index 7c26c0808c03..252b721a972b 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/secretbox/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/storage/value/encrypt/secretbox/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["secretbox_test.go"],
-    importpath = "k8s.io/apiserver/pkg/storage/value/encrypt/secretbox",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apiserver/pkg/storage/value:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apiserver/pkg/storage/watch_cache.go b/vendor/k8s.io/apiserver/pkg/storage/watch_cache.go
index 602312b6058d..373e74eeda52 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/watch_cache.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/watch_cache.go
@@ -61,12 +61,16 @@ type watchCacheEvent struct {
 }
 
 // Computing a key of an object is generally non-trivial (it performs
-// e.g. validation underneath). To avoid computing it multiple times
-// (to serve the event in different List/Watch requests), in the
-// underlying store we are keeping pair (key, object).
+// e.g. validation underneath). Similarly computing object fields and
+// labels. To avoid computing them multiple times (to serve the event
+// in different List/Watch requests), in the underlying store we are
+// keeping structs (key, object, labels, fields, uninitialized).
 type storeElement struct {
-	Key    string
-	Object runtime.Object
+	Key           string
+	Object        runtime.Object
+	Labels        labels.Set
+	Fields        fields.Set
+	Uninitialized bool
 }
 
 func storeElementKey(obj interface{}) (string, error) {
@@ -220,6 +224,20 @@ func (w *watchCache) processEvent(event watch.Event, resourceVersion uint64, upd
 		return fmt.Errorf("couldn't compute key: %v", err)
 	}
 	elem := &storeElement{Key: key, Object: event.Object}
+	elem.Labels, elem.Fields, elem.Uninitialized, err = w.getAttrsFunc(event.Object)
+	if err != nil {
+		return err
+	}
+
+	watchCacheEvent := &watchCacheEvent{
+		Type:             event.Type,
+		Object:           elem.Object,
+		ObjLabels:        elem.Labels,
+		ObjFields:        elem.Fields,
+		ObjUninitialized: elem.Uninitialized,
+		Key:              key,
+		ResourceVersion:  resourceVersion,
+	}
 
 	// TODO: We should consider moving this lock below after the watchCacheEvent
 	// is created. In such situation, the only problematic scenario is Replace(
@@ -231,34 +249,14 @@ func (w *watchCache) processEvent(event watch.Event, resourceVersion uint64, upd
 	if err != nil {
 		return err
 	}
-	objLabels, objFields, objUninitialized, err := w.getAttrsFunc(event.Object)
-	if err != nil {
-		return err
-	}
-	var prevObject runtime.Object
-	var prevObjLabels labels.Set
-	var prevObjFields fields.Set
-	var prevObjUninitialized bool
 	if exists {
-		prevObject = previous.(*storeElement).Object
-		prevObjLabels, prevObjFields, prevObjUninitialized, err = w.getAttrsFunc(prevObject)
-		if err != nil {
-			return err
-		}
-	}
-	watchCacheEvent := &watchCacheEvent{
-		Type:                 event.Type,
-		Object:               event.Object,
-		ObjLabels:            objLabels,
-		ObjFields:            objFields,
-		ObjUninitialized:     objUninitialized,
-		PrevObject:           prevObject,
-		PrevObjLabels:        prevObjLabels,
-		PrevObjFields:        prevObjFields,
-		PrevObjUninitialized: prevObjUninitialized,
-		Key:                  key,
-		ResourceVersion:      resourceVersion,
+		previousElem := previous.(*storeElement)
+		watchCacheEvent.PrevObject = previousElem.Object
+		watchCacheEvent.PrevObjLabels = previousElem.Labels
+		watchCacheEvent.PrevObjFields = previousElem.Fields
+		watchCacheEvent.PrevObjUninitialized = previousElem.Uninitialized
 	}
+
 	if w.onEvent != nil {
 		w.onEvent(watchCacheEvent)
 	}
@@ -362,7 +360,7 @@ func (w *watchCache) GetByKey(key string) (interface{}, bool, error) {
 	return w.store.GetByKey(key)
 }
 
-// Replace takes slice of runtime.Object as a paramater.
+// Replace takes slice of runtime.Object as a parameter.
 func (w *watchCache) Replace(objs []interface{}, resourceVersion string) error {
 	version, err := parseResourceVersion(resourceVersion)
 	if err != nil {
@@ -379,7 +377,17 @@ func (w *watchCache) Replace(objs []interface{}, resourceVersion string) error {
 		if err != nil {
 			return fmt.Errorf("couldn't compute key: %v", err)
 		}
-		toReplace = append(toReplace, &storeElement{Key: key, Object: object})
+		objLabels, objFields, objUninitialized, err := w.getAttrsFunc(object)
+		if err != nil {
+			return err
+		}
+		toReplace = append(toReplace, &storeElement{
+			Key:           key,
+			Object:        object,
+			Labels:        objLabels,
+			Fields:        objFields,
+			Uninitialized: objUninitialized,
+		})
 	}
 
 	w.Lock()
diff --git a/vendor/k8s.io/apiserver/pkg/util/feature/BUILD b/vendor/k8s.io/apiserver/pkg/util/feature/BUILD
index 60a1a866d83e..157aa49e6c9b 100644
--- a/vendor/k8s.io/apiserver/pkg/util/feature/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/util/feature/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["feature_gate_test.go"],
-    importpath = "k8s.io/apiserver/pkg/util/feature",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/github.com/spf13/pflag:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apiserver/pkg/util/flag/BUILD b/vendor/k8s.io/apiserver/pkg/util/flag/BUILD
index 57ab4058da16..7a73ad0d5fe7 100644
--- a/vendor/k8s.io/apiserver/pkg/util/flag/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/util/flag/BUILD
@@ -9,20 +9,21 @@ load(
 go_test(
     name = "go_default_test",
     srcs = [
+        "ciphersuites_flag_test.go",
         "colon_separated_multimap_string_string_test.go",
         "langle_separated_map_string_string_test.go",
         "map_string_bool_test.go",
         "map_string_string_test.go",
         "namedcertkey_flag_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/util/flag",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/github.com/spf13/pflag:go_default_library"],
 )
 
 go_library(
     name = "go_default_library",
     srcs = [
+        "ciphersuites_flag.go",
         "colon_separated_multimap_string_string.go",
         "configuration_map.go",
         "flags.go",
@@ -30,6 +31,7 @@ go_library(
         "map_string_bool.go",
         "map_string_string.go",
         "namedcertkey_flag.go",
+        "noop.go",
         "omitempty.go",
         "string_flag.go",
         "tristate.go",
diff --git a/vendor/k8s.io/apiserver/pkg/util/flag/ciphersuites_flag.go b/vendor/k8s.io/apiserver/pkg/util/flag/ciphersuites_flag.go
new file mode 100644
index 000000000000..73fd62c100a0
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/util/flag/ciphersuites_flag.go
@@ -0,0 +1,87 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package flag
+
+import (
+	"crypto/tls"
+	"fmt"
+)
+
+// ciphers maps strings into tls package cipher constants in
+// https://golang.org/pkg/crypto/tls/#pkg-constants
+var ciphers = map[string]uint16{
+	"TLS_RSA_WITH_RC4_128_SHA":                tls.TLS_RSA_WITH_RC4_128_SHA,
+	"TLS_RSA_WITH_3DES_EDE_CBC_SHA":           tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
+	"TLS_RSA_WITH_AES_128_CBC_SHA":            tls.TLS_RSA_WITH_AES_128_CBC_SHA,
+	"TLS_RSA_WITH_AES_256_CBC_SHA":            tls.TLS_RSA_WITH_AES_256_CBC_SHA,
+	"TLS_RSA_WITH_AES_128_CBC_SHA256":         tls.TLS_RSA_WITH_AES_128_CBC_SHA256,
+	"TLS_RSA_WITH_AES_128_GCM_SHA256":         tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
+	"TLS_RSA_WITH_AES_256_GCM_SHA384":         tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
+	"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA":        tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
+	"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA":    tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+	"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA":    tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+	"TLS_ECDHE_RSA_WITH_RC4_128_SHA":          tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA,
+	"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA":     tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
+	"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA":      tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+	"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA":      tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+	"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256": tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
+	"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256":   tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
+	"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256":   tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+	"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+	"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384":   tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+	"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+	"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305":    tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
+	"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305":  tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
+}
+
+func TLSCipherSuites(cipherNames []string) ([]uint16, error) {
+	if len(cipherNames) == 0 {
+		return nil, nil
+	}
+	ciphersIntSlice := make([]uint16, 0)
+	for _, cipher := range cipherNames {
+		intValue, ok := ciphers[cipher]
+		if !ok {
+			return nil, fmt.Errorf("Cipher suite %s not supported or doesn't exist", cipher)
+		}
+		ciphersIntSlice = append(ciphersIntSlice, intValue)
+	}
+	return ciphersIntSlice, nil
+}
+
+var versions = map[string]uint16{
+	"VersionTLS10": tls.VersionTLS10,
+	"VersionTLS11": tls.VersionTLS11,
+	"VersionTLS12": tls.VersionTLS12,
+}
+
+func TLSVersion(versionName string) (uint16, error) {
+	if len(versionName) == 0 {
+		return DefaultTLSVersion(), nil
+	}
+	if version, ok := versions[versionName]; ok {
+		return version, nil
+	}
+	return 0, fmt.Errorf("unknown tls version %q", versionName)
+}
+
+func DefaultTLSVersion() uint16 {
+	// Can't use SSLv3 because of POODLE and BEAST
+	// Can't use TLSv1.0 because of POODLE and BEAST using CBC cipher
+	// Can't use TLSv1.1 because of RC4 cipher usage
+	return tls.VersionTLS12
+}
diff --git a/vendor/k8s.io/apiserver/pkg/util/flag/noop.go b/vendor/k8s.io/apiserver/pkg/util/flag/noop.go
new file mode 100644
index 000000000000..03f7f14c0bb4
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/util/flag/noop.go
@@ -0,0 +1,41 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package flag
+
+import (
+	goflag "flag"
+	"github.com/spf13/pflag"
+)
+
+// NoOp implements goflag.Value and plfag.Value,
+// but has a noop Set implementation
+type NoOp struct{}
+
+var _ goflag.Value = NoOp{}
+var _ pflag.Value = NoOp{}
+
+func (NoOp) String() string {
+	return ""
+}
+
+func (NoOp) Set(val string) error {
+	return nil
+}
+
+func (NoOp) Type() string {
+	return "NoOp"
+}
diff --git a/vendor/k8s.io/apiserver/pkg/util/flushwriter/BUILD b/vendor/k8s.io/apiserver/pkg/util/flushwriter/BUILD
index 707628ae1ec9..2ca558aac87d 100644
--- a/vendor/k8s.io/apiserver/pkg/util/flushwriter/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/util/flushwriter/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["writer_test.go"],
-    importpath = "k8s.io/apiserver/pkg/util/flushwriter",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/apiserver/pkg/util/logs/BUILD b/vendor/k8s.io/apiserver/pkg/util/logs/BUILD
new file mode 100644
index 000000000000..069bb5aba8b8
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/util/logs/BUILD
@@ -0,0 +1,30 @@
+package(default_visibility = ["//visibility:public"])
+
+load(
+    "@io_bazel_rules_go//go:def.bzl",
+    "go_library",
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = ["logs.go"],
+    importpath = "k8s.io/apiserver/pkg/util/logs",
+    deps = [
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/github.com/spf13/pflag:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+)
diff --git a/vendor/k8s.io/apiserver/pkg/util/logs/logs.go b/vendor/k8s.io/apiserver/pkg/util/logs/logs.go
new file mode 100644
index 000000000000..c5ba084a59e8
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/util/logs/logs.go
@@ -0,0 +1,69 @@
+/*
+Copyright 2014 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package logs
+
+import (
+	"flag"
+	"log"
+	"time"
+
+	"github.com/golang/glog"
+	"github.com/spf13/pflag"
+	"k8s.io/apimachinery/pkg/util/wait"
+)
+
+const logFlushFreqFlagName = "log-flush-frequency"
+
+var logFlushFreq = pflag.Duration(logFlushFreqFlagName, 5*time.Second, "Maximum number of seconds between log flushes")
+
+// TODO(thockin): This is temporary until we agree on log dirs and put those into each cmd.
+func init() {
+	flag.Set("logtostderr", "true")
+}
+
+// AddFlags registers this package's flags on arbitrary FlagSets, such that they point to the
+// same value as the global flags.
+func AddFlags(fs *pflag.FlagSet) {
+	fs.AddFlag(pflag.Lookup(logFlushFreqFlagName))
+}
+
+// GlogWriter serves as a bridge between the standard log package and the glog package.
+type GlogWriter struct{}
+
+// Write implements the io.Writer interface.
+func (writer GlogWriter) Write(data []byte) (n int, err error) {
+	glog.Info(string(data))
+	return len(data), nil
+}
+
+// InitLogs initializes logs the way we want for kubernetes.
+func InitLogs() {
+	log.SetOutput(GlogWriter{})
+	log.SetFlags(0)
+	// The default glog flush interval is 5 seconds.
+	go wait.Forever(glog.Flush, *logFlushFreq)
+}
+
+// FlushLogs flushes logs immediately.
+func FlushLogs() {
+	glog.Flush()
+}
+
+// NewLogger creates a new log.Logger which sends logs to glog.Info.
+func NewLogger(prefix string) *log.Logger {
+	return log.New(GlogWriter{}, prefix, 0)
+}
diff --git a/vendor/k8s.io/apiserver/pkg/util/proxy/BUILD b/vendor/k8s.io/apiserver/pkg/util/proxy/BUILD
index ca57a14dcceb..43caff5f086f 100644
--- a/vendor/k8s.io/apiserver/pkg/util/proxy/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/util/proxy/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["proxy_test.go"],
-    importpath = "k8s.io/apiserver/pkg/util/proxy",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/util/webhook/BUILD b/vendor/k8s.io/apiserver/pkg/util/webhook/BUILD
index e3624b96b5e5..4cacaf511a1f 100644
--- a/vendor/k8s.io/apiserver/pkg/util/webhook/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/util/webhook/BUILD
@@ -29,8 +29,7 @@ go_test(
         "certs_test.go",
         "webhook_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/util/webhook",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apimachinery/registered:go_default_library",
diff --git a/vendor/k8s.io/apiserver/pkg/util/webhook/webhook.go b/vendor/k8s.io/apiserver/pkg/util/webhook/webhook.go
index 563a6eced809..6893e834ebc9 100755
--- a/vendor/k8s.io/apiserver/pkg/util/webhook/webhook.go
+++ b/vendor/k8s.io/apiserver/pkg/util/webhook/webhook.go
@@ -26,7 +26,6 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/runtime/serializer"
-	runtimeserializer "k8s.io/apimachinery/pkg/runtime/serializer"
 	"k8s.io/apimachinery/pkg/util/net"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/client-go/rest"
@@ -71,7 +70,7 @@ func newGenericWebhook(registry *registered.APIRegistrationManager, codecFactory
 	clientConfig.Timeout = requestTimeout
 
 	codec := codecFactory.LegacyCodec(groupVersions...)
-	clientConfig.ContentConfig.NegotiatedSerializer = runtimeserializer.NegotiatedSerializerWrapper(runtime.SerializerInfo{Serializer: codec})
+	clientConfig.ContentConfig.NegotiatedSerializer = serializer.NegotiatedSerializerWrapper(runtime.SerializerInfo{Serializer: codec})
 
 	restClient, err := rest.UnversionedRESTClientFor(clientConfig)
 	if err != nil {
diff --git a/vendor/k8s.io/apiserver/pkg/util/wsstream/BUILD b/vendor/k8s.io/apiserver/pkg/util/wsstream/BUILD
index 3dfab49fdeec..3d1c90f61292 100644
--- a/vendor/k8s.io/apiserver/pkg/util/wsstream/BUILD
+++ b/vendor/k8s.io/apiserver/pkg/util/wsstream/BUILD
@@ -12,8 +12,7 @@ go_test(
         "conn_test.go",
         "stream_test.go",
     ],
-    importpath = "k8s.io/apiserver/pkg/util/wsstream",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/golang.org/x/net/websocket:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apiserver/plugin/pkg/audit/buffered/BUILD b/vendor/k8s.io/apiserver/plugin/pkg/audit/buffered/BUILD
new file mode 100644
index 000000000000..7c461c4b4ead
--- /dev/null
+++ b/vendor/k8s.io/apiserver/plugin/pkg/audit/buffered/BUILD
@@ -0,0 +1,44 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "buffered.go",
+        "doc.go",
+    ],
+    importpath = "k8s.io/apiserver/plugin/pkg/audit/buffered",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/apis/audit:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/audit:go_default_library",
+        "//vendor/k8s.io/client-go/util/flowcontrol:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["buffered_test.go"],
+    embed = [":go_default_library"],
+    deps = [
+        "//vendor/github.com/stretchr/testify/require:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/apis/audit:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/audit:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/apiserver/plugin/pkg/audit/buffered/buffered.go b/vendor/k8s.io/apiserver/plugin/pkg/audit/buffered/buffered.go
new file mode 100644
index 000000000000..c4a08f3b2fbe
--- /dev/null
+++ b/vendor/k8s.io/apiserver/plugin/pkg/audit/buffered/buffered.go
@@ -0,0 +1,283 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package buffered
+
+import (
+	"fmt"
+	"sync"
+	"time"
+
+	"k8s.io/apimachinery/pkg/util/runtime"
+	"k8s.io/apimachinery/pkg/util/wait"
+	auditinternal "k8s.io/apiserver/pkg/apis/audit"
+	"k8s.io/apiserver/pkg/audit"
+	"k8s.io/client-go/util/flowcontrol"
+)
+
+// PluginName is the name reported in error metrics.
+const PluginName = "buffered"
+
+const (
+	// Default configuration values for ModeBatch.
+	defaultBatchBufferSize = 10000            // Buffer up to 10000 events before starting discarding.
+	defaultBatchMaxSize    = 400              // Only send up to 400 events at a time.
+	defaultBatchMaxWait    = 30 * time.Second // Send events at least twice a minute.
+
+	defaultBatchThrottleQPS   = 10 // Limit the send rate by 10 QPS.
+	defaultBatchThrottleBurst = 15 // Allow up to 15 QPS burst.
+)
+
+// BatchConfig represents batching delegate audit backend configuration.
+type BatchConfig struct {
+	// BufferSize defines a size of the buffering queue.
+	BufferSize int
+	// MaxBatchSize defines maximum size of a batch.
+	MaxBatchSize int
+	// MaxBatchWait indicates the maximum interval between two batches.
+	MaxBatchWait time.Duration
+
+	// ThrottleEnable defines whether throttling will be applied to the batching process.
+	ThrottleEnable bool
+	// ThrottleQPS defines the allowed rate of batches per second sent to the delegate backend.
+	ThrottleQPS float32
+	// ThrottleBurst defines the maximum rate of batches per second sent to the delegate backend in case
+	// the capacity defined by ThrottleQPS was not utilized.
+	ThrottleBurst int
+}
+
+// NewDefaultBatchConfig returns new Config objects populated by default values.
+func NewDefaultBatchConfig() BatchConfig {
+	return BatchConfig{
+		BufferSize:   defaultBatchBufferSize,
+		MaxBatchSize: defaultBatchMaxSize,
+		MaxBatchWait: defaultBatchMaxWait,
+
+		ThrottleEnable: true,
+		ThrottleQPS:    defaultBatchThrottleQPS,
+		ThrottleBurst:  defaultBatchThrottleBurst,
+	}
+}
+
+type bufferedBackend struct {
+	// The delegate backend that actually exports events.
+	delegateBackend audit.Backend
+
+	// Channel to buffer events before sending to the delegate backend.
+	buffer chan *auditinternal.Event
+	// Maximum number of events in a batch sent to the delegate backend.
+	maxBatchSize int
+	// Amount of time to wait after sending a batch to the delegate backend before sending another one.
+	//
+	// Receiving maxBatchSize events will always trigger sending a batch, regardless of the amount of time passed.
+	maxBatchWait time.Duration
+
+	// Channel to signal that the batching routine has processed all remaining events and exited.
+	// Once `shutdownCh` is closed no new events will be sent to the delegate backend.
+	shutdownCh chan struct{}
+
+	// WaitGroup to control the concurrency of sending batches to the delegate backend.
+	// Worker routine calls Add before sending a batch and
+	// then spawns a routine that calls Done after batch was processed by the delegate backend.
+	// This WaitGroup is used to wait for all sending routines to finish before shutting down audit backend.
+	wg sync.WaitGroup
+
+	// Limits the number of batches sent to the delegate backend per second.
+	throttle flowcontrol.RateLimiter
+}
+
+var _ audit.Backend = &bufferedBackend{}
+
+// NewBackend returns a buffered audit backend that wraps delegate backend.
+func NewBackend(delegate audit.Backend, config BatchConfig) audit.Backend {
+	var throttle flowcontrol.RateLimiter
+	if config.ThrottleEnable {
+		throttle = flowcontrol.NewTokenBucketRateLimiter(config.ThrottleQPS, config.ThrottleBurst)
+	}
+	return &bufferedBackend{
+		delegateBackend: delegate,
+		buffer:          make(chan *auditinternal.Event, config.BufferSize),
+		maxBatchSize:    config.MaxBatchSize,
+		maxBatchWait:    config.MaxBatchWait,
+		shutdownCh:      make(chan struct{}),
+		wg:              sync.WaitGroup{},
+		throttle:        throttle,
+	}
+}
+
+func (b *bufferedBackend) Run(stopCh <-chan struct{}) error {
+	go func() {
+		// Signal that the working routine has exited.
+		defer close(b.shutdownCh)
+
+		b.processIncomingEvents(stopCh)
+
+		// Handle the events that were received after the last buffer
+		// scraping and before this line. Since the buffer is closed, no new
+		// events will come through.
+		allEventsProcessed := false
+		timer := make(chan time.Time)
+		for !allEventsProcessed {
+			allEventsProcessed = func() bool {
+				// Recover from any panic in order to try to process all remaining events.
+				// Note, that in case of a panic, the return value will be false and
+				// the loop execution will continue.
+				defer runtime.HandleCrash()
+
+				events := b.collectEvents(timer, wait.NeverStop)
+				b.processEvents(events)
+				return len(events) == 0
+			}()
+		}
+	}()
+	return b.delegateBackend.Run(stopCh)
+}
+
+// Shutdown blocks until stopCh passed to the Run method is closed and all
+// events added prior to that moment are batched and sent to the delegate backend.
+func (b *bufferedBackend) Shutdown() {
+	// Wait until the routine spawned in Run method exits.
+	<-b.shutdownCh
+
+	// Wait until all sending routines exit.
+	//
+	// - When b.shutdownCh is closed, we know that the goroutine in Run has terminated.
+	// - This means that processIncomingEvents has terminated.
+	// - Which means that b.buffer is closed and cannot accept any new events anymore.
+	// - Because processEvents is called synchronously from the Run goroutine, the waitgroup has its final value.
+	// Hence wg.Wait will not miss any more outgoing batches.
+	b.wg.Wait()
+
+	b.delegateBackend.Shutdown()
+}
+
+// processIncomingEvents runs a loop that collects events from the buffer. When
+// b.stopCh is closed, processIncomingEvents stops and closes the buffer.
+func (b *bufferedBackend) processIncomingEvents(stopCh <-chan struct{}) {
+	defer close(b.buffer)
+	t := time.NewTimer(b.maxBatchWait)
+	defer t.Stop()
+
+	for {
+		func() {
+			// Recover from any panics caused by this function so a panic in the
+			// goroutine can't bring down the main routine.
+			defer runtime.HandleCrash()
+
+			t.Reset(b.maxBatchWait)
+			b.processEvents(b.collectEvents(t.C, stopCh))
+		}()
+
+		select {
+		case <-stopCh:
+			return
+		default:
+		}
+	}
+}
+
+// collectEvents attempts to collect some number of events in a batch.
+//
+// The following things can cause collectEvents to stop and return the list
+// of events:
+//
+//   * Maximum number of events for a batch.
+//   * Timer has passed.
+//   * Buffer channel is closed and empty.
+//   * stopCh is closed.
+func (b *bufferedBackend) collectEvents(timer <-chan time.Time, stopCh <-chan struct{}) []*auditinternal.Event {
+	var events []*auditinternal.Event
+
+L:
+	for i := 0; i < b.maxBatchSize; i++ {
+		select {
+		case ev, ok := <-b.buffer:
+			// Buffer channel was closed and no new events will follow.
+			if !ok {
+				break L
+			}
+			events = append(events, ev)
+		case <-timer:
+			// Timer has expired. Send currently accumulated batch.
+			break L
+		case <-stopCh:
+			// Backend has been stopped. Send currently accumulated batch.
+			break L
+		}
+	}
+
+	return events
+}
+
+// processEvents process the batch events in a goroutine using delegateBackend's ProcessEvents.
+func (b *bufferedBackend) processEvents(events []*auditinternal.Event) {
+	if len(events) == 0 {
+		return
+	}
+
+	// TODO(audit): Should control the number of active goroutines
+	// if one goroutine takes 5 seconds to finish, the number of goroutines can be 5 * defaultBatchThrottleQPS
+	if b.throttle != nil {
+		b.throttle.Accept()
+	}
+
+	b.wg.Add(1)
+	go func() {
+		defer b.wg.Done()
+		defer runtime.HandleCrash()
+
+		// Execute the real processing in a goroutine to keep it from blocking.
+		// This lets the batching routine continue draining the queue immediately.
+		b.delegateBackend.ProcessEvents(events...)
+	}()
+}
+
+func (b *bufferedBackend) ProcessEvents(ev ...*auditinternal.Event) {
+	// The following mechanism is in place to support the situation when audit
+	// events are still coming after the backend was stopped.
+	var sendErr error
+	var evIndex int
+
+	// If the delegateBackend was shutdown and the buffer channel was closed, an
+	// attempt to add an event to it will result in panic that we should
+	// recover from.
+	defer func() {
+		if err := recover(); err != nil {
+			sendErr = fmt.Errorf("audit backend shut down")
+		}
+		if sendErr != nil {
+			audit.HandlePluginError(PluginName, sendErr, ev[evIndex:]...)
+		}
+	}()
+
+	for i, e := range ev {
+		evIndex = i
+		// Per the audit.Backend interface these events are reused after being
+		// sent to the Sink. Deep copy and send the copy to the queue.
+		event := e.DeepCopy()
+
+		select {
+		case b.buffer <- event:
+		default:
+			sendErr = fmt.Errorf("audit buffer queue blocked")
+			return
+		}
+	}
+}
+
+func (b *bufferedBackend) String() string {
+	return fmt.Sprintf("%s<%s>", PluginName, b.delegateBackend)
+}
diff --git a/vendor/k8s.io/apiserver/plugin/pkg/audit/buffered/doc.go b/vendor/k8s.io/apiserver/plugin/pkg/audit/buffered/doc.go
new file mode 100644
index 000000000000..933eacc8def7
--- /dev/null
+++ b/vendor/k8s.io/apiserver/plugin/pkg/audit/buffered/doc.go
@@ -0,0 +1,19 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package buffered provides an implementation for the audit.Backend interface
+// that batches incoming audit events and sends batches to the delegate audit.Backend.
+package buffered
diff --git a/vendor/k8s.io/apiserver/plugin/pkg/audit/log/BUILD b/vendor/k8s.io/apiserver/plugin/pkg/audit/log/BUILD
index a9011fc5692c..13f4422db440 100644
--- a/vendor/k8s.io/apiserver/plugin/pkg/audit/log/BUILD
+++ b/vendor/k8s.io/apiserver/plugin/pkg/audit/log/BUILD
@@ -34,8 +34,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["backend_test.go"],
-    importpath = "k8s.io/apiserver/plugin/pkg/audit/log",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/pborman/uuid:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apimachinery/announced:go_default_library",
diff --git a/vendor/k8s.io/apiserver/plugin/pkg/audit/log/backend.go b/vendor/k8s.io/apiserver/plugin/pkg/audit/log/backend.go
index 7feb8f130895..293cdd3c9f7d 100644
--- a/vendor/k8s.io/apiserver/plugin/pkg/audit/log/backend.go
+++ b/vendor/k8s.io/apiserver/plugin/pkg/audit/log/backend.go
@@ -32,6 +32,9 @@ const (
 	FormatLegacy = "legacy"
 	// FormatJson saves event in structured json format.
 	FormatJson = "json"
+
+	// PluginName is the name of this plugin, to be used in help and logs.
+	PluginName = "log"
 )
 
 // AllowedFormats are the formats known by log backend.
@@ -70,17 +73,17 @@ func (b *backend) logEvent(ev *auditinternal.Event) {
 	case FormatJson:
 		bs, err := runtime.Encode(audit.Codecs.LegacyCodec(b.groupVersion), ev)
 		if err != nil {
-			audit.HandlePluginError("log", err, ev)
+			audit.HandlePluginError(PluginName, err, ev)
 			return
 		}
 		line = string(bs[:])
 	default:
-		audit.HandlePluginError("log", fmt.Errorf("log format %q is not in list of known formats (%s)",
+		audit.HandlePluginError(PluginName, fmt.Errorf("log format %q is not in list of known formats (%s)",
 			b.format, strings.Join(AllowedFormats, ",")), ev)
 		return
 	}
 	if _, err := fmt.Fprint(b.out, line); err != nil {
-		audit.HandlePluginError("log", err, ev)
+		audit.HandlePluginError(PluginName, err, ev)
 	}
 }
 
@@ -91,3 +94,7 @@ func (b *backend) Run(stopCh <-chan struct{}) error {
 func (b *backend) Shutdown() {
 	// Nothing to do here.
 }
+
+func (b *backend) String() string {
+	return PluginName
+}
diff --git a/vendor/k8s.io/apiserver/plugin/pkg/audit/webhook/BUILD b/vendor/k8s.io/apiserver/plugin/pkg/audit/webhook/BUILD
index c233394a8782..1fd9312ff912 100644
--- a/vendor/k8s.io/apiserver/plugin/pkg/audit/webhook/BUILD
+++ b/vendor/k8s.io/apiserver/plugin/pkg/audit/webhook/BUILD
@@ -8,12 +8,8 @@ load(
 
 go_test(
     name = "go_default_test",
-    srcs = [
-        "webhook_test.go",
-        "webhook_v1alpha1_test.go",
-    ],
-    importpath = "k8s.io/apiserver/plugin/pkg/audit/webhook",
-    library = ":go_default_library",
+    srcs = ["webhook_test.go"],
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/github.com/stretchr/testify/require:go_default_library",
@@ -21,7 +17,6 @@ go_test(
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/serializer/json:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/apis/audit:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/audit:go_default_library",
         "//vendor/k8s.io/client-go/tools/clientcmd/api/v1:go_default_library",
@@ -36,7 +31,6 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/apimachinery/announced:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apimachinery/registered:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/apis/audit:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/apis/audit/install:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/apis/audit/v1alpha1:go_default_library",
@@ -44,7 +38,6 @@ go_library(
         "//vendor/k8s.io/apiserver/pkg/audit:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/webhook:go_default_library",
         "//vendor/k8s.io/client-go/rest:go_default_library",
-        "//vendor/k8s.io/client-go/util/flowcontrol:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/apiserver/plugin/pkg/audit/webhook/webhook.go b/vendor/k8s.io/apiserver/plugin/pkg/audit/webhook/webhook.go
index 7f390ac57fbe..eb2abada96e8 100644
--- a/vendor/k8s.io/apiserver/plugin/pkg/audit/webhook/webhook.go
+++ b/vendor/k8s.io/apiserver/plugin/pkg/audit/webhook/webhook.go
@@ -18,16 +18,12 @@ limitations under the License.
 package webhook
 
 import (
-	"errors"
 	"fmt"
-	"strings"
-	"sync"
 	"time"
 
 	"k8s.io/apimachinery/pkg/apimachinery/announced"
 	"k8s.io/apimachinery/pkg/apimachinery/registered"
 	"k8s.io/apimachinery/pkg/runtime/schema"
-	"k8s.io/apimachinery/pkg/util/runtime"
 	auditinternal "k8s.io/apiserver/pkg/apis/audit"
 	"k8s.io/apiserver/pkg/apis/audit/install"
 	auditv1alpha1 "k8s.io/apiserver/pkg/apis/audit/v1alpha1"
@@ -35,91 +31,17 @@ import (
 	"k8s.io/apiserver/pkg/audit"
 	"k8s.io/apiserver/pkg/util/webhook"
 	"k8s.io/client-go/rest"
-	"k8s.io/client-go/util/flowcontrol"
 )
 
 const (
-	// ModeBatch indicates that the webhook should buffer audit events
-	// internally, sending batch updates either once a certain number of
-	// events have been received or a certain amount of time has passed.
-	ModeBatch = "batch"
-	// ModeBlocking causes the webhook to block on every attempt to process
-	// a set of events. This causes requests to the API server to wait for a
-	// round trip to the external audit service before sending a response.
-	ModeBlocking = "blocking"
-)
-
-// AllowedModes is the modes known by this webhook.
-var AllowedModes = []string{
-	ModeBatch,
-	ModeBlocking,
-}
-
-const (
-	// Default configuration values for ModeBatch.
-	defaultBatchBufferSize = 10000            // Buffer up to 10000 events before starting discarding.
-	defaultBatchMaxSize    = 400              // Only send up to 400 events at a time.
-	defaultBatchMaxWait    = 30 * time.Second // Send events at least twice a minute.
-	defaultInitialBackoff  = 10 * time.Second // Wait at least 10 seconds before retrying.
+	// PluginName is the name of this plugin, to be used in help and logs.
+	PluginName = "webhook"
 
-	defaultBatchThrottleQPS   = 10 // Limit the send rate by 10 QPS.
-	defaultBatchThrottleBurst = 15 // Allow up to 15 QPS burst.
+	// DefaultInitialBackoff is the default amount of time to wait before
+	// retrying sending audit events through a webhook.
+	DefaultInitialBackoff = 10 * time.Second
 )
 
-// The plugin name reported in error metrics.
-const pluginName = "webhook"
-
-// BatchBackendConfig represents batching webhook audit backend configuration.
-type BatchBackendConfig struct {
-	// BufferSize defines a size of the buffering queue.
-	BufferSize int
-	// MaxBatchSize defines maximum size of a batch.
-	MaxBatchSize int
-	// MaxBatchWait defines maximum amount of time to wait for MaxBatchSize
-	// events to be accumulated in the buffer before forcibly sending what's
-	// being accumulated.
-	MaxBatchWait time.Duration
-
-	// ThrottleQPS defines the allowed rate of batches per second sent to the webhook.
-	ThrottleQPS float32
-	// ThrottleBurst defines the maximum rate of batches per second sent to the webhook in case
-	// the capacity defined by ThrottleQPS was not utilized.
-	ThrottleBurst int
-
-	// InitialBackoff defines the amount of time to wait before retrying the requests
-	// to the webhook for the first time.
-	InitialBackoff time.Duration
-}
-
-// NewDefaultBatchBackendConfig returns new BatchBackendConfig objects populated by default values.
-func NewDefaultBatchBackendConfig() BatchBackendConfig {
-	return BatchBackendConfig{
-		BufferSize:   defaultBatchBufferSize,
-		MaxBatchSize: defaultBatchMaxSize,
-		MaxBatchWait: defaultBatchMaxWait,
-
-		ThrottleQPS:   defaultBatchThrottleQPS,
-		ThrottleBurst: defaultBatchThrottleBurst,
-
-		InitialBackoff: defaultInitialBackoff,
-	}
-}
-
-// NewBackend returns an audit backend that sends events over HTTP to an external service.
-// The mode indicates the caching behavior of the webhook. Either blocking (ModeBlocking)
-// or buffered with batch POSTs (ModeBatch).
-func NewBackend(kubeConfigFile string, mode string, groupVersion schema.GroupVersion, config BatchBackendConfig) (audit.Backend, error) {
-	switch mode {
-	case ModeBatch:
-		return newBatchWebhook(kubeConfigFile, groupVersion, config)
-	case ModeBlocking:
-		return newBlockingWebhook(kubeConfigFile, groupVersion)
-	default:
-		return nil, fmt.Errorf("webhook mode %q is not in list of known modes (%s)",
-			mode, strings.Join(AllowedModes, ","))
-	}
-}
-
 var (
 	// NOTE: Copied from other webhook implementations
 	//
@@ -143,267 +65,43 @@ func loadWebhook(configFile string, groupVersion schema.GroupVersion, initialBac
 		[]schema.GroupVersion{groupVersion}, initialBackoff)
 }
 
-func newBlockingWebhook(configFile string, groupVersion schema.GroupVersion) (*blockingBackend, error) {
-	w, err := loadWebhook(configFile, groupVersion, defaultInitialBackoff)
+type backend struct {
+	w *webhook.GenericWebhook
+}
+
+// NewBackend returns an audit backend that sends events over HTTP to an external service.
+func NewBackend(kubeConfigFile string, groupVersion schema.GroupVersion, initialBackoff time.Duration) (audit.Backend, error) {
+	w, err := loadWebhook(kubeConfigFile, groupVersion, initialBackoff)
 	if err != nil {
 		return nil, err
 	}
-	return &blockingBackend{w}, nil
-}
-
-type blockingBackend struct {
-	w *webhook.GenericWebhook
+	return &backend{w}, nil
 }
 
-func (b *blockingBackend) Run(stopCh <-chan struct{}) error {
+func (b *backend) Run(stopCh <-chan struct{}) error {
 	return nil
 }
 
-func (b *blockingBackend) Shutdown() {
+func (b *backend) Shutdown() {
 	// nothing to do here
 }
 
-func (b *blockingBackend) ProcessEvents(ev ...*auditinternal.Event) {
+func (b *backend) ProcessEvents(ev ...*auditinternal.Event) {
 	if err := b.processEvents(ev...); err != nil {
-		audit.HandlePluginError(pluginName, err, ev...)
+		audit.HandlePluginError(PluginName, err, ev...)
 	}
 }
 
-func (b *blockingBackend) processEvents(ev ...*auditinternal.Event) error {
+func (b *backend) processEvents(ev ...*auditinternal.Event) error {
 	var list auditinternal.EventList
 	for _, e := range ev {
 		list.Items = append(list.Items, *e)
 	}
-	// NOTE: No exponential backoff because this is the blocking webhook
-	// mode. Any attempts to retry will block API server requests.
-	return b.w.RestClient.Post().Body(&list).Do().Error()
-}
-
-func newBatchWebhook(configFile string, groupVersion schema.GroupVersion, config BatchBackendConfig) (*batchBackend, error) {
-	w, err := loadWebhook(configFile, groupVersion, config.InitialBackoff)
-	if err != nil {
-		return nil, err
-	}
-
-	return &batchBackend{
-		w:            w,
-		buffer:       make(chan *auditinternal.Event, config.BufferSize),
-		maxBatchSize: config.MaxBatchSize,
-		maxBatchWait: config.MaxBatchWait,
-		shutdownCh:   make(chan struct{}),
-		throttle:     flowcontrol.NewTokenBucketRateLimiter(config.ThrottleQPS, config.ThrottleBurst),
-	}, nil
-}
-
-type batchBackend struct {
-	w *webhook.GenericWebhook
-
-	// Channel to buffer events in memory before sending them on the webhook.
-	buffer chan *auditinternal.Event
-	// Maximum number of events that can be sent at once.
-	maxBatchSize int
-	// Amount of time to wait after sending events before force sending another set.
-	//
-	// Receiving maxBatchSize events will always trigger a send, regardless of
-	// if this amount of time has been reached.
-	maxBatchWait time.Duration
-
-	// Channel to signal that the sending routine has stopped and therefore
-	// it's safe to assume that no new requests will be initiated.
-	shutdownCh chan struct{}
-
-	// The sending routine locks reqMutex for reading before initiating a new
-	// goroutine to send a request. This goroutine then unlocks reqMutex for
-	// reading when completed. The Shutdown method locks reqMutex for writing
-	// after the sending routine has exited. When reqMutex is locked for writing,
-	// all requests have been completed and no new will be spawned, since the
-	// sending routine is not running anymore.
-	reqMutex sync.RWMutex
-
-	// Limits the number of requests sent to the backend per second.
-	throttle flowcontrol.RateLimiter
-}
-
-func (b *batchBackend) Run(stopCh <-chan struct{}) error {
-	go func() {
-		// Signal that the sending routine has exited.
-		defer close(b.shutdownCh)
-
-		b.runSendingRoutine(stopCh)
-
-		// Handle the events that were received after the last buffer
-		// scraping and before this line. Since the buffer is closed, no new
-		// events will come through.
-		for {
-			if last := func() bool {
-				// Recover from any panic in order to try to send all remaining events.
-				// Note, that in case of a panic, the return value will be false and
-				// the loop execution will continue.
-				defer runtime.HandleCrash()
-
-				events := b.collectLastEvents()
-				b.sendBatchEvents(events)
-				return len(events) == 0
-			}(); last {
-				break
-			}
-		}
-	}()
-	return nil
-}
-
-func (b *batchBackend) Shutdown() {
-	<-b.shutdownCh
-
-	// Write locking reqMutex will guarantee that all requests will be completed
-	// by the time the goroutine continues the execution. Since this line is
-	// executed after shutdownCh was closed, no new requests will follow this
-	// lock, because read lock is called in the same goroutine that closes
-	// shutdownCh before exiting.
-	b.reqMutex.Lock()
-	b.reqMutex.Unlock()
-}
-
-// runSendingRoutine runs a loop that collects events from the buffer. When
-// stopCh is closed, runSendingRoutine stops and closes the buffer.
-func (b *batchBackend) runSendingRoutine(stopCh <-chan struct{}) {
-	defer close(b.buffer)
-
-	for {
-		func() {
-			// Recover from any panics caused by this function so a panic in the
-			// goroutine can't bring down the main routine.
-			defer runtime.HandleCrash()
-
-			t := time.NewTimer(b.maxBatchWait)
-			defer t.Stop() // Release ticker resources
-
-			b.sendBatchEvents(b.collectEvents(stopCh, t.C))
-		}()
-
-		select {
-		case <-stopCh:
-			return
-		default:
-		}
-	}
+	return b.w.WithExponentialBackoff(func() rest.Result {
+		return b.w.RestClient.Post().Body(&list).Do()
+	}).Error()
 }
 
-// collectEvents attempts to collect some number of events in a batch.
-//
-// The following things can cause collectEvents to stop and return the list
-// of events:
-//
-//   * Some maximum number of events are received.
-//   * Timer has passed, all queued events are sent.
-//   * StopCh is closed, all queued events are sent.
-//
-func (b *batchBackend) collectEvents(stopCh <-chan struct{}, timer <-chan time.Time) []auditinternal.Event {
-	var events []auditinternal.Event
-
-L:
-	for i := 0; i < b.maxBatchSize; i++ {
-		select {
-		case ev, ok := <-b.buffer:
-			// Buffer channel was closed and no new events will follow.
-			if !ok {
-				break L
-			}
-			events = append(events, *ev)
-		case <-timer:
-			// Timer has expired. Send whatever events are in the queue.
-			break L
-		case <-stopCh:
-			// Webhook has shut down. Send the last events.
-			break L
-		}
-	}
-
-	return events
-}
-
-// collectLastEvents assumes that the buffer was closed. It collects the first
-// maxBatchSize events from the closed buffer into a batch and returns them.
-func (b *batchBackend) collectLastEvents() []auditinternal.Event {
-	var events []auditinternal.Event
-
-	for i := 0; i < b.maxBatchSize; i++ {
-		ev, ok := <-b.buffer
-		if !ok {
-			break
-		}
-		events = append(events, *ev)
-	}
-
-	return events
-}
-
-// sendBatchEvents sends a POST requests with the event list in a goroutine
-// and logs any error encountered.
-func (b *batchBackend) sendBatchEvents(events []auditinternal.Event) {
-	if len(events) == 0 {
-		return
-	}
-
-	list := auditinternal.EventList{Items: events}
-
-	if b.throttle != nil {
-		b.throttle.Accept()
-	}
-
-	// Locking reqMutex for read will guarantee that the shutdown process will
-	// block until the goroutine started below is finished. At the same time, it
-	// will not prevent other batches from being proceed further this point.
-	b.reqMutex.RLock()
-	go func() {
-		// Execute the webhook POST in a goroutine to keep it from blocking.
-		// This lets the webhook continue to drain the queue immediatly.
-
-		defer b.reqMutex.RUnlock()
-		defer runtime.HandleCrash()
-
-		err := b.w.WithExponentialBackoff(func() rest.Result {
-			return b.w.RestClient.Post().Body(&list).Do()
-		}).Error()
-		if err != nil {
-			impacted := make([]*auditinternal.Event, len(events))
-			for i := range events {
-				impacted[i] = &events[i]
-			}
-			audit.HandlePluginError(pluginName, err, impacted...)
-		}
-	}()
-	return
-}
-
-func (b *batchBackend) ProcessEvents(ev ...*auditinternal.Event) {
-	for i, e := range ev {
-		// Per the audit.Backend interface these events are reused after being
-		// sent to the Sink. Deep copy and send the copy to the queue.
-		event := e.DeepCopy()
-
-		// The following mechanism is in place to support the situation when audit
-		// events are still coming after the backend was shut down.
-		var sendErr error
-		func() {
-			// If the backend was shut down and the buffer channel was closed, an
-			// attempt to add an event to it will result in panic that we should
-			// recover from.
-			defer func() {
-				if err := recover(); err != nil {
-					sendErr = errors.New("audit webhook shut down")
-				}
-			}()
-
-			select {
-			case b.buffer <- event:
-			default:
-				sendErr = errors.New("audit webhook queue blocked")
-			}
-		}()
-		if sendErr != nil {
-			audit.HandlePluginError(pluginName, sendErr, ev[i:]...)
-			return
-		}
-	}
+func (b *backend) String() string {
+	return PluginName
 }
diff --git a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/password/keystone/BUILD b/vendor/k8s.io/apiserver/plugin/pkg/authenticator/password/keystone/BUILD
deleted file mode 100644
index 52dfa3f61194..000000000000
--- a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/password/keystone/BUILD
+++ /dev/null
@@ -1,36 +0,0 @@
-package(default_visibility = ["//visibility:public"])
-
-load(
-    "@io_bazel_rules_go//go:def.bzl",
-    "go_library",
-)
-
-go_library(
-    name = "go_default_library",
-    srcs = [
-        "doc.go",
-        "keystone.go",
-    ],
-    importpath = "k8s.io/apiserver/plugin/pkg/authenticator/password/keystone",
-    deps = [
-        "//vendor/github.com/golang/glog:go_default_library",
-        "//vendor/github.com/gophercloud/gophercloud:go_default_library",
-        "//vendor/github.com/gophercloud/gophercloud/openstack:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library",
-        "//vendor/k8s.io/client-go/util/cert:go_default_library",
-    ],
-)
-
-filegroup(
-    name = "package-srcs",
-    srcs = glob(["**"]),
-    tags = ["automanaged"],
-    visibility = ["//visibility:private"],
-)
-
-filegroup(
-    name = "all-srcs",
-    srcs = [":package-srcs"],
-    tags = ["automanaged"],
-)
diff --git a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/password/keystone/doc.go b/vendor/k8s.io/apiserver/plugin/pkg/authenticator/password/keystone/doc.go
deleted file mode 100644
index 6f6a93034c49..000000000000
--- a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/password/keystone/doc.go
+++ /dev/null
@@ -1,20 +0,0 @@
-/*
-Copyright 2014 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-// Package keystone provides authentication via keystone.
-// For details about keystone and how to use the plugin, refer to
-// https://github.com/kubernetes/kubernetes.github.io/blob/master/docs/admin/authentication.md
-package keystone
diff --git a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/password/keystone/keystone.go b/vendor/k8s.io/apiserver/plugin/pkg/authenticator/password/keystone/keystone.go
deleted file mode 100644
index fb035d4c942a..000000000000
--- a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/password/keystone/keystone.go
+++ /dev/null
@@ -1,94 +0,0 @@
-/*
-Copyright 2015 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package keystone
-
-import (
-	"crypto/tls"
-	"errors"
-	"net/http"
-	"strings"
-
-	"github.com/golang/glog"
-	"github.com/gophercloud/gophercloud"
-	"github.com/gophercloud/gophercloud/openstack"
-
-	netutil "k8s.io/apimachinery/pkg/util/net"
-	"k8s.io/apiserver/pkg/authentication/user"
-	certutil "k8s.io/client-go/util/cert"
-)
-
-// KeystoneAuthenticator contacts openstack keystone to validate user's credentials passed in the request.
-// The keystone endpoint is passed during apiserver startup
-type KeystoneAuthenticator struct {
-	authURL   string
-	transport http.RoundTripper
-}
-
-// AuthenticatePassword checks the username, password via keystone call
-func (keystoneAuthenticator *KeystoneAuthenticator) AuthenticatePassword(username string, password string) (user.Info, bool, error) {
-	opts := gophercloud.AuthOptions{
-		IdentityEndpoint: keystoneAuthenticator.authURL,
-		Username:         username,
-		Password:         password,
-	}
-
-	_, err := keystoneAuthenticator.AuthenticatedClient(opts)
-	if err != nil {
-		glog.Info("Failed: Starting openstack authenticate client:" + err.Error())
-		return nil, false, errors.New("Failed to authenticate")
-	}
-
-	return &user.DefaultInfo{Name: username}, true, nil
-}
-
-// AuthenticatedClient logs in to an OpenStack cloud found at the identity endpoint specified by options, acquires a
-// token, and returns a Client instance that's ready to operate.
-func (keystoneAuthenticator *KeystoneAuthenticator) AuthenticatedClient(options gophercloud.AuthOptions) (*gophercloud.ProviderClient, error) {
-	client, err := openstack.NewClient(options.IdentityEndpoint)
-	if err != nil {
-		return nil, err
-	}
-
-	if keystoneAuthenticator.transport != nil {
-		client.HTTPClient.Transport = keystoneAuthenticator.transport
-	}
-
-	err = openstack.Authenticate(client, options)
-	return client, err
-}
-
-// NewKeystoneAuthenticator returns a password authenticator that validates credentials using openstack keystone
-func NewKeystoneAuthenticator(authURL string, caFile string) (*KeystoneAuthenticator, error) {
-	if !strings.HasPrefix(authURL, "https") {
-		return nil, errors.New("Auth URL should be secure and start with https")
-	}
-	if authURL == "" {
-		return nil, errors.New("Auth URL is empty")
-	}
-	if caFile != "" {
-		roots, err := certutil.NewPool(caFile)
-		if err != nil {
-			return nil, err
-		}
-		config := &tls.Config{}
-		config.RootCAs = roots
-		transport := netutil.SetOldTransportDefaults(&http.Transport{TLSClientConfig: config})
-		return &KeystoneAuthenticator{authURL, transport}, nil
-	}
-
-	return &KeystoneAuthenticator{authURL: authURL}, nil
-}
diff --git a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/password/passwordfile/BUILD b/vendor/k8s.io/apiserver/plugin/pkg/authenticator/password/passwordfile/BUILD
index e06ad49b9d36..bbb163a9b4f9 100644
--- a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/password/passwordfile/BUILD
+++ b/vendor/k8s.io/apiserver/plugin/pkg/authenticator/password/passwordfile/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["passwordfile_test.go"],
-    importpath = "k8s.io/apiserver/plugin/pkg/authenticator/password/passwordfile",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/request/basicauth/BUILD b/vendor/k8s.io/apiserver/plugin/pkg/authenticator/request/basicauth/BUILD
index 219a41d2dd48..dfab4b400c17 100644
--- a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/request/basicauth/BUILD
+++ b/vendor/k8s.io/apiserver/plugin/pkg/authenticator/request/basicauth/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["basicauth_test.go"],
-    importpath = "k8s.io/apiserver/plugin/pkg/authenticator/request/basicauth",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apiserver/pkg/authentication/authenticator:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library",
diff --git a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/BUILD b/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/BUILD
index 0d75a2598559..e62aba93a260 100644
--- a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/BUILD
+++ b/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/BUILD
@@ -9,13 +9,12 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["oidc_test.go"],
-    importpath = "k8s.io/apiserver/plugin/pkg/authenticator/token/oidc",
-    library = ":go_default_library",
+    data = glob(["testdata/**"]),
+    embed = [":go_default_library"],
     deps = [
-        "//vendor/github.com/coreos/go-oidc/jose:go_default_library",
-        "//vendor/github.com/coreos/go-oidc/oidc:go_default_library",
+        "//vendor/github.com/coreos/go-oidc:go_default_library",
+        "//vendor/gopkg.in/square/go-jose.v2:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library",
-        "//vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/testing:go_default_library",
     ],
 )
 
@@ -24,11 +23,10 @@ go_library(
     srcs = ["oidc.go"],
     importpath = "k8s.io/apiserver/plugin/pkg/authenticator/token/oidc",
     deps = [
-        "//vendor/github.com/coreos/go-oidc/jose:go_default_library",
-        "//vendor/github.com/coreos/go-oidc/oidc:go_default_library",
+        "//vendor/github.com/coreos/go-oidc:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library",
         "//vendor/k8s.io/client-go/util/cert:go_default_library",
     ],
@@ -43,9 +41,6 @@ filegroup(
 
 filegroup(
     name = "all-srcs",
-    srcs = [
-        ":package-srcs",
-        "//staging/src/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/testing:all-srcs",
-    ],
+    srcs = [":package-srcs"],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/OWNERS b/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/OWNERS
index d2210cb89abc..e0f3c6ca980e 100644
--- a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/OWNERS
+++ b/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/OWNERS
@@ -2,3 +2,4 @@ approvers:
 - ericchiang
 reviewers:
 - ericchiang
+- rithujohn191
diff --git a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/oidc.go b/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/oidc.go
index a8c95ecb8b0d..c33c540c005b 100644
--- a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/oidc.go
+++ b/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/oidc.go
@@ -17,7 +17,7 @@ limitations under the License.
 /*
 oidc implements the authenticator.Token interface using the OpenID Connect protocol.
 
-	config := oidc.OIDCOptions{
+	config := oidc.Options{
 		IssuerURL:     "https://accounts.google.com",
 		ClientID:      os.Getenv("GOOGLE_CLIENT_ID"),
 		UsernameClaim: "email",
@@ -27,25 +27,28 @@ oidc implements the authenticator.Token interface using the OpenID Connect proto
 package oidc
 
 import (
+	"context"
 	"crypto/tls"
 	"crypto/x509"
+	"encoding/base64"
+	"encoding/json"
 	"errors"
 	"fmt"
 	"net/http"
 	"net/url"
-	"sync"
+	"strings"
 	"sync/atomic"
+	"time"
 
-	"github.com/coreos/go-oidc/jose"
-	"github.com/coreos/go-oidc/oidc"
+	oidc "github.com/coreos/go-oidc"
 	"github.com/golang/glog"
 	"k8s.io/apimachinery/pkg/util/net"
-	"k8s.io/apimachinery/pkg/util/runtime"
+	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/apiserver/pkg/authentication/user"
 	certutil "k8s.io/client-go/util/cert"
 )
 
-type OIDCOptions struct {
+type Options struct {
 	// IssuerURL is the URL the provider signs ID Tokens as. This will be the "iss"
 	// field of all tokens produced by the provider and is used for configuration
 	// discovery.
@@ -83,30 +86,85 @@ type OIDCOptions struct {
 	// GroupsPrefix, if specified, causes claims mapping to group names to be prefixed with the
 	// value. A value "oidc:" would result in groups like "oidc:engineering" and "oidc:marketing".
 	GroupsPrefix string
+
+	// SupportedSigningAlgs sets the accepted set of JOSE signing algorithms that
+	// can be used by the provider to sign tokens.
+	//
+	// https://tools.ietf.org/html/rfc7518#section-3.1
+	//
+	// This value defaults to RS256, the value recommended by the OpenID Connect
+	// spec:
+	//
+	// https://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation
+	SupportedSigningAlgs []string
+
+	// now is used for testing. It defaults to time.Now.
+	now func() time.Time
 }
 
-type OIDCAuthenticator struct {
+type Authenticator struct {
 	issuerURL string
 
-	trustedClientID string
-
 	usernameClaim  string
 	usernamePrefix string
 	groupsClaim    string
 	groupsPrefix   string
 
-	httpClient *http.Client
+	// Contains an *oidc.IDTokenVerifier. Do not access directly use the
+	// idTokenVerifier method.
+	verifier atomic.Value
 
-	// Contains an *oidc.Client. Do not access directly. Use client() method.
-	oidcClient atomic.Value
+	cancel context.CancelFunc
+}
 
-	// Guards the close method and is used to lock during initialization and closing.
-	mu    sync.Mutex
-	close func() // May be nil
+func (a *Authenticator) setVerifier(v *oidc.IDTokenVerifier) {
+	a.verifier.Store(v)
 }
 
-// New creates a token authenticator which validates OpenID Connect ID Tokens.
-func New(opts OIDCOptions) (*OIDCAuthenticator, error) {
+func (a *Authenticator) idTokenVerifier() (*oidc.IDTokenVerifier, bool) {
+	if v := a.verifier.Load(); v != nil {
+		return v.(*oidc.IDTokenVerifier), true
+	}
+	return nil, false
+}
+
+func (a *Authenticator) Close() {
+	a.cancel()
+}
+
+func New(opts Options) (*Authenticator, error) {
+	return newAuthenticator(opts, func(ctx context.Context, a *Authenticator, config *oidc.Config) {
+		// Asynchronously attempt to initialize the authenticator. This enables
+		// self-hosted providers, providers that run on top of Kubernetes itself.
+		go wait.PollUntil(time.Second*10, func() (done bool, err error) {
+			provider, err := oidc.NewProvider(ctx, a.issuerURL)
+			if err != nil {
+				glog.Errorf("oidc authenticator: initializing plugin: %v", err)
+				return false, nil
+			}
+
+			verifier := provider.Verifier(config)
+			a.setVerifier(verifier)
+			return true, nil
+		}, ctx.Done())
+	})
+}
+
+// whitelist of signing algorithms to ensure users don't mistakenly pass something
+// goofy.
+var allowedSigningAlgs = map[string]bool{
+	oidc.RS256: true,
+	oidc.RS384: true,
+	oidc.RS512: true,
+	oidc.ES256: true,
+	oidc.ES384: true,
+	oidc.ES512: true,
+	oidc.PS256: true,
+	oidc.PS384: true,
+	oidc.PS512: true,
+}
+
+func newAuthenticator(opts Options, initVerifier func(ctx context.Context, a *Authenticator, config *oidc.Config)) (*Authenticator, error) {
 	url, err := url.Parse(opts.IssuerURL)
 	if err != nil {
 		return nil, err
@@ -120,6 +178,18 @@ func New(opts OIDCOptions) (*OIDCAuthenticator, error) {
 		return nil, errors.New("no username claim provided")
 	}
 
+	supportedSigningAlgs := opts.SupportedSigningAlgs
+	if len(supportedSigningAlgs) == 0 {
+		// RS256 is the default recommended by OpenID Connect and an 'alg' value
+		// providers are required to implement.
+		supportedSigningAlgs = []string{oidc.RS256}
+	}
+	for _, alg := range supportedSigningAlgs {
+		if !allowedSigningAlgs[alg] {
+			return nil, fmt.Errorf("oidc: unsupported signing alg: %q", alg)
+		}
+	}
+
 	var roots *x509.CertPool
 	if opts.CAFile != "" {
 		roots, err = certutil.NewPool(opts.CAFile)
@@ -137,137 +207,91 @@ func New(opts OIDCOptions) (*OIDCAuthenticator, error) {
 		TLSClientConfig: &tls.Config{RootCAs: roots},
 	})
 
-	authenticator := &OIDCAuthenticator{
-		issuerURL:       opts.IssuerURL,
-		trustedClientID: opts.ClientID,
-		usernameClaim:   opts.UsernameClaim,
-		usernamePrefix:  opts.UsernamePrefix,
-		groupsClaim:     opts.GroupsClaim,
-		groupsPrefix:    opts.GroupsPrefix,
-		httpClient:      &http.Client{Transport: tr},
-	}
-
-	// Attempt to initialize the authenticator asynchronously.
-	//
-	// Ignore errors instead of returning it since the OpenID Connect provider might not be
-	// available yet, for instance if it's running on the cluster and needs the API server
-	// to come up first. Errors will be logged within the client() method.
-	go func() {
-		defer runtime.HandleCrash()
-		authenticator.client()
-	}()
-
-	return authenticator, nil
-}
+	client := &http.Client{Transport: tr, Timeout: 30 * time.Second}
 
-// Close stops all goroutines used by the authenticator.
-func (a *OIDCAuthenticator) Close() {
-	a.mu.Lock()
-	defer a.mu.Unlock()
+	ctx, cancel := context.WithCancel(context.Background())
+	ctx = oidc.ClientContext(ctx, client)
 
-	if a.close != nil {
-		a.close()
+	authenticator := &Authenticator{
+		issuerURL:      opts.IssuerURL,
+		usernameClaim:  opts.UsernameClaim,
+		usernamePrefix: opts.UsernamePrefix,
+		groupsClaim:    opts.GroupsClaim,
+		groupsPrefix:   opts.GroupsPrefix,
+		cancel:         cancel,
 	}
-	return
-}
 
-func (a *OIDCAuthenticator) client() (*oidc.Client, error) {
-	// Fast check to see if client has already been initialized.
-	if client := a.oidcClient.Load(); client != nil {
-		return client.(*oidc.Client), nil
+	now := opts.now
+	if now == nil {
+		now = time.Now
 	}
 
-	// Acquire lock, then recheck initialization.
-	a.mu.Lock()
-	defer a.mu.Unlock()
-	if client := a.oidcClient.Load(); client != nil {
-		return client.(*oidc.Client), nil
+	verifierConfig := &oidc.Config{
+		ClientID:             opts.ClientID,
+		SupportedSigningAlgs: supportedSigningAlgs,
+		Now:                  now,
 	}
 
-	// Try to initialize client.
-	providerConfig, err := oidc.FetchProviderConfig(a.httpClient, a.issuerURL)
-	if err != nil {
-		glog.Errorf("oidc authenticator: failed to fetch provider discovery data: %v", err)
-		return nil, fmt.Errorf("fetch provider config: %v", err)
-	}
+	initVerifier(ctx, authenticator, verifierConfig)
+	return authenticator, nil
+}
 
-	clientConfig := oidc.ClientConfig{
-		HTTPClient:     a.httpClient,
-		Credentials:    oidc.ClientCredentials{ID: a.trustedClientID},
-		ProviderConfig: providerConfig,
+func hasCorrectIssuer(iss, tokenData string) bool {
+	parts := strings.Split(tokenData, ".")
+	if len(parts) != 3 {
+		return false
 	}
-
-	client, err := oidc.NewClient(clientConfig)
+	payload, err := base64.RawURLEncoding.DecodeString(parts[1])
 	if err != nil {
-		glog.Errorf("oidc authenticator: failed to create client: %v", err)
-		return nil, fmt.Errorf("create client: %v", err)
+		return false
 	}
-
-	// SyncProviderConfig will start a goroutine to periodically synchronize the provider config.
-	// The synchronization interval is set by the expiration length of the config, and has a minimum
-	// and maximum threshold.
-	stop := client.SyncProviderConfig(a.issuerURL)
-	a.oidcClient.Store(client)
-	a.close = func() {
-		// This assumes the stop is an unbuffered channel.
-		// So instead of closing the channel, we send am empty struct here.
-		// This guarantees that when this function returns, there is no flying requests,
-		// because a send to an unbuffered channel happens after the receive from the channel.
-		stop <- struct{}{}
+	claims := struct {
+		// WARNING: this JWT is not verified. Do not trust these claims.
+		Issuer string `json:"iss"`
+	}{}
+	if err := json.Unmarshal(payload, &claims); err != nil {
+		return false
 	}
-	return client, nil
+	if claims.Issuer != iss {
+		return false
+	}
+	return true
 }
 
-// AuthenticateToken decodes and verifies an ID Token using the OIDC client, if the verification succeeds,
-// then it will extract the user info from the JWT claims.
-func (a *OIDCAuthenticator) AuthenticateToken(value string) (user.Info, bool, error) {
-	jwt, err := jose.ParseJWT(value)
-	if err != nil {
-		return nil, false, err
+func (a *Authenticator) AuthenticateToken(token string) (user.Info, bool, error) {
+	if !hasCorrectIssuer(a.issuerURL, token) {
+		return nil, false, nil
 	}
 
-	client, err := a.client()
-	if err != nil {
-		return nil, false, err
-	}
-	if err := client.VerifyJWT(jwt); err != nil {
-		return nil, false, err
+	ctx := context.Background()
+	verifier, ok := a.idTokenVerifier()
+	if !ok {
+		return nil, false, fmt.Errorf("oidc: authenticator not initialized")
 	}
-	claims, err := jwt.Claims()
+
+	idToken, err := verifier.Verify(ctx, token)
 	if err != nil {
-		return nil, false, err
+		return nil, false, fmt.Errorf("oidc: verify token: %v", err)
 	}
-	return a.parseTokenClaims(claims)
-}
 
-// parseTokenClaims maps a set of claims to a user. It performs basic validation such as
-// ensuring the email is verified.
-func (a *OIDCAuthenticator) parseTokenClaims(claims jose.Claims) (user.Info, bool, error) {
-	username, ok, err := claims.StringClaim(a.usernameClaim)
-	if err != nil {
-		return nil, false, err
+	var c claims
+	if err := idToken.Claims(&c); err != nil {
+		return nil, false, fmt.Errorf("oidc: parse claims: %v", err)
 	}
-	if !ok {
-		return nil, false, fmt.Errorf("cannot find %q in JWT claims", a.usernameClaim)
+	var username string
+	if err := c.unmarshalClaim(a.usernameClaim, &username); err != nil {
+		return nil, false, fmt.Errorf("oidc: parse username claims %q: %v", a.usernameClaim, err)
 	}
 
 	if a.usernameClaim == "email" {
-		verified, ok := claims["email_verified"]
-		if !ok {
-			return nil, false, errors.New("'email_verified' claim not present")
-		}
-
-		emailVerified, ok := verified.(bool)
-		if !ok {
-			// OpenID Connect spec defines 'email_verified' as a boolean. For now, be a pain and error if
-			// it's a different type. If there are enough misbehaving providers we can relax this latter.
-			//
-			// See: https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims
-			return nil, false, fmt.Errorf("malformed claim 'email_verified', expected boolean got %T", verified)
+		// Check the email_verified claim to ensure the email is valid.
+		// https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims
+		var emailVerified bool
+		if err := c.unmarshalClaim("email_verified", &emailVerified); err != nil {
+			return nil, false, fmt.Errorf("oidc: parse 'email_verified' claim: %v", err)
 		}
-
 		if !emailVerified {
-			return nil, false, errors.New("email not verified")
+			return nil, false, fmt.Errorf("oidc: email not verified")
 		}
 	}
 
@@ -275,21 +299,18 @@ func (a *OIDCAuthenticator) parseTokenClaims(claims jose.Claims) (user.Info, boo
 		username = a.usernamePrefix + username
 	}
 
-	// TODO(yifan): Add UID, also populate the issuer to upper layer.
 	info := &user.DefaultInfo{Name: username}
-
 	if a.groupsClaim != "" {
-		groups, found, err := claims.StringsClaim(a.groupsClaim)
-		if err != nil {
-			// Groups type is present but is not an array of strings, try to decode as a string.
-			group, _, err := claims.StringClaim(a.groupsClaim)
-			if err != nil {
-				// Custom claim is present, but isn't an array of strings or a string.
-				return nil, false, fmt.Errorf("custom group claim contains invalid type: %T", claims[a.groupsClaim])
+		if _, ok := c[a.groupsClaim]; ok {
+			// Some admins want to use string claims like "role" as the group value.
+			// Allow the group claim to be a single string instead of an array.
+			//
+			// See: https://github.com/kubernetes/kubernetes/issues/33290
+			var groups stringOrArray
+			if err := c.unmarshalClaim(a.groupsClaim, &groups); err != nil {
+				return nil, false, fmt.Errorf("oidc: parse groups claim %q: %v", a.groupsClaim, err)
 			}
-			info.Groups = []string{group}
-		} else if found {
-			info.Groups = groups
+			info.Groups = []string(groups)
 		}
 	}
 
@@ -298,6 +319,31 @@ func (a *OIDCAuthenticator) parseTokenClaims(claims jose.Claims) (user.Info, boo
 			info.Groups[i] = a.groupsPrefix + group
 		}
 	}
-
 	return info, true, nil
 }
+
+type stringOrArray []string
+
+func (s *stringOrArray) UnmarshalJSON(b []byte) error {
+	var a []string
+	if err := json.Unmarshal(b, &a); err == nil {
+		*s = a
+		return nil
+	}
+	var str string
+	if err := json.Unmarshal(b, &str); err != nil {
+		return err
+	}
+	*s = []string{str}
+	return nil
+}
+
+type claims map[string]json.RawMessage
+
+func (c claims) unmarshalClaim(name string, v interface{}) error {
+	val, ok := c[name]
+	if !ok {
+		return fmt.Errorf("claim not present")
+	}
+	return json.Unmarshal([]byte(val), v)
+}
diff --git a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/webhook/BUILD b/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/webhook/BUILD
index f064d07c5d7a..5da907a975f4 100644
--- a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/webhook/BUILD
+++ b/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/webhook/BUILD
@@ -12,8 +12,7 @@ go_test(
         "certs_test.go",
         "webhook_test.go",
     ],
-    importpath = "k8s.io/apiserver/plugin/pkg/authenticator/token/webhook",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/authentication/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/apiserver/plugin/pkg/authorizer/webhook/BUILD b/vendor/k8s.io/apiserver/plugin/pkg/authorizer/webhook/BUILD
index 662b710d8386..08acf7b84805 100644
--- a/vendor/k8s.io/apiserver/plugin/pkg/authorizer/webhook/BUILD
+++ b/vendor/k8s.io/apiserver/plugin/pkg/authorizer/webhook/BUILD
@@ -12,8 +12,7 @@ go_test(
         "certs_test.go",
         "webhook_test.go",
     ],
-    importpath = "k8s.io/apiserver/plugin/pkg/authorizer/webhook",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/authorization/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/apiserver/plugin/pkg/authorizer/webhook/webhook.go b/vendor/k8s.io/apiserver/plugin/pkg/authorizer/webhook/webhook.go
index e9efac307c65..d00e65be5232 100644
--- a/vendor/k8s.io/apiserver/plugin/pkg/authorizer/webhook/webhook.go
+++ b/vendor/k8s.io/apiserver/plugin/pkg/authorizer/webhook/webhook.go
@@ -100,7 +100,7 @@ func newWithBackoff(subjectAccessReview authorizationclient.SubjectAccessReviewI
 
 // Authorize makes a REST request to the remote service describing the attempted action as a JSON
 // serialized api.authorization.v1beta1.SubjectAccessReview object. An example request body is
-// provided bellow.
+// provided below.
 //
 //     {
 //       "apiVersion": "authorization.k8s.io/v1beta1",
diff --git a/vendor/k8s.io/client-go/discovery/BUILD b/vendor/k8s.io/client-go/discovery/BUILD
index e47b0527691c..19523ba53e66 100644
--- a/vendor/k8s.io/client-go/discovery/BUILD
+++ b/vendor/k8s.io/client-go/discovery/BUILD
@@ -39,7 +39,6 @@ go_test(
         "helper_blackbox_test.go",
         "restmapper_test.go",
     ],
-    importpath = "k8s.io/client-go/discovery_test",
     deps = [
         "//vendor/github.com/gogo/protobuf/proto:go_default_library",
         "//vendor/github.com/googleapis/gnostic/OpenAPIv2:go_default_library",
diff --git a/vendor/k8s.io/client-go/discovery/cached/BUILD b/vendor/k8s.io/client-go/discovery/cached/BUILD
index 7f95f83e41a5..279e0ff9aaa5 100644
--- a/vendor/k8s.io/client-go/discovery/cached/BUILD
+++ b/vendor/k8s.io/client-go/discovery/cached/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["memcache_test.go"],
-    importpath = "k8s.io/client-go/discovery/cached",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/client-go/discovery/fake:go_default_library",
diff --git a/vendor/k8s.io/client-go/discovery/discovery_client.go b/vendor/k8s.io/client-go/discovery/discovery_client.go
index 26319f49468c..3c685a955637 100644
--- a/vendor/k8s.io/client-go/discovery/discovery_client.go
+++ b/vendor/k8s.io/client-go/discovery/discovery_client.go
@@ -36,8 +36,12 @@ import (
 	restclient "k8s.io/client-go/rest"
 )
 
-// defaultRetries is the number of times a resource discovery is repeated if an api group disappears on the fly (e.g. ThirdPartyResources).
-const defaultRetries = 2
+const (
+	// defaultRetries is the number of times a resource discovery is repeated if an api group disappears on the fly (e.g. ThirdPartyResources).
+	defaultRetries = 2
+	// protobuf mime type
+	mimePb = "application/com.github.proto-openapi.spec.v2@v1.0+protobuf"
+)
 
 // DiscoveryInterface holds the methods that discover server-supported API groups,
 // versions and resources.
@@ -145,9 +149,9 @@ func (d *DiscoveryClient) ServerGroups() (apiGroupList *metav1.APIGroupList, err
 		apiGroupList = &metav1.APIGroupList{}
 	}
 
-	// append the group retrieved from /api to the list if not empty
+	// prepend the group retrieved from /api to the list if not empty
 	if len(v.Versions) != 0 {
-		apiGroupList.Groups = append(apiGroupList.Groups, apiGroup)
+		apiGroupList.Groups = append([]metav1.APIGroup{apiGroup}, apiGroupList.Groups...)
 	}
 	return apiGroupList, nil
 }
@@ -329,9 +333,18 @@ func (d *DiscoveryClient) ServerVersion() (*version.Info, error) {
 
 // OpenAPISchema fetches the open api schema using a rest client and parses the proto.
 func (d *DiscoveryClient) OpenAPISchema() (*openapi_v2.Document, error) {
-	data, err := d.restClient.Get().AbsPath("/swagger-2.0.0.pb-v1").Do().Raw()
+	data, err := d.restClient.Get().AbsPath("/openapi/v2").SetHeader("Accept", mimePb).Do().Raw()
 	if err != nil {
-		return nil, err
+		if errors.IsForbidden(err) || errors.IsNotFound(err) {
+			// single endpoint not found/registered in old server, try to fetch old endpoint
+			// TODO(roycaihw): remove this in 1.11
+			data, err = d.restClient.Get().AbsPath("/swagger-2.0.0.pb-v1").Do().Raw()
+			if err != nil {
+				return nil, err
+			}
+		} else {
+			return nil, err
+		}
 	}
 	document := &openapi_v2.Document{}
 	err = proto.Unmarshal(data, document)
@@ -395,15 +408,6 @@ func NewDiscoveryClient(c restclient.Interface) *DiscoveryClient {
 	return &DiscoveryClient{restClient: c, LegacyPrefix: "/api"}
 }
 
-func stringDoesntExistIn(str string, slice []string) bool {
-	for _, s := range slice {
-		if s == str {
-			return false
-		}
-	}
-	return true
-}
-
 // RESTClient returns a RESTClient that is used to communicate
 // with API server by this client implementation.
 func (c *DiscoveryClient) RESTClient() restclient.Interface {
diff --git a/vendor/k8s.io/client-go/discovery/restmapper.go b/vendor/k8s.io/client-go/discovery/restmapper.go
index 6d1de8c1b19b..df5ab0358a60 100644
--- a/vendor/k8s.io/client-go/discovery/restmapper.go
+++ b/vendor/k8s.io/client-go/discovery/restmapper.go
@@ -18,6 +18,7 @@ package discovery
 
 import (
 	"fmt"
+	"strings"
 	"sync"
 
 	"k8s.io/apimachinery/pkg/api/meta"
@@ -108,6 +109,7 @@ func NewRESTMapper(groupResources []*APIGroupResources, versionInterfaces meta.V
 				plural := gv.WithResource(resource.Name)
 				singular := gv.WithResource(resource.SingularName)
 				versionMapper.AddSpecific(gv.WithKind(resource.Kind), plural, singular, scope)
+				versionMapper.AddSpecific(gv.WithKind(strings.ToLower(resource.Kind)), plural, singular, scope)
 				// TODO this is producing unsafe guesses that don't actually work, but it matches previous behavior
 				versionMapper.Add(gv.WithKind(resource.Kind+"List"), scope)
 			}
diff --git a/vendor/k8s.io/client-go/dynamic/BUILD b/vendor/k8s.io/client-go/dynamic/BUILD
index a0271859e3b2..3642f6a0f7c3 100644
--- a/vendor/k8s.io/client-go/dynamic/BUILD
+++ b/vendor/k8s.io/client-go/dynamic/BUILD
@@ -12,8 +12,7 @@ go_test(
         "client_test.go",
         "dynamic_util_test.go",
     ],
-    importpath = "k8s.io/client-go/dynamic",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library",
diff --git a/vendor/k8s.io/client-go/dynamic/client.go b/vendor/k8s.io/client-go/dynamic/client.go
index a941189d7f93..833e43537b03 100644
--- a/vendor/k8s.io/client-go/dynamic/client.go
+++ b/vendor/k8s.io/client-go/dynamic/client.go
@@ -47,7 +47,7 @@ type Interface interface {
 	GetRateLimiter() flowcontrol.RateLimiter
 	// Resource returns an API interface to the specified resource for this client's
 	// group and version.  If resource is not a namespaced resource, then namespace
-	// is ignored.  The ResourceInterface inherits the paramater codec of this client.
+	// is ignored.  The ResourceInterface inherits the parameter codec of this client.
 	Resource(resource *metav1.APIResource, namespace string) ResourceInterface
 	// ParameterCodec returns a client with the provided parameter codec.
 	ParameterCodec(parameterCodec runtime.ParameterCodec) Interface
@@ -145,6 +145,19 @@ type ResourceClient struct {
 	parameterCodec runtime.ParameterCodec
 }
 
+func (rc *ResourceClient) parseResourceSubresourceName() (string, []string) {
+	var resourceName string
+	var subresourceName []string
+	if strings.Contains(rc.resource.Name, "/") {
+		resourceName = strings.Split(rc.resource.Name, "/")[0]
+		subresourceName = strings.Split(rc.resource.Name, "/")[1:]
+	} else {
+		resourceName = rc.resource.Name
+	}
+
+	return resourceName, subresourceName
+}
+
 // List returns a list of objects for this resource.
 func (rc *ResourceClient) List(opts metav1.ListOptions) (runtime.Object, error) {
 	parameterEncoder := rc.parameterCodec
@@ -166,9 +179,11 @@ func (rc *ResourceClient) Get(name string, opts metav1.GetOptions) (*unstructure
 		parameterEncoder = defaultParameterEncoder
 	}
 	result := new(unstructured.Unstructured)
+	resourceName, subresourceName := rc.parseResourceSubresourceName()
 	err := rc.cl.Get().
 		NamespaceIfScoped(rc.ns, rc.resource.Namespaced).
-		Resource(rc.resource.Name).
+		Resource(resourceName).
+		SubResource(subresourceName...).
 		VersionedParams(&opts, parameterEncoder).
 		Name(name).
 		Do().
@@ -205,11 +220,26 @@ func (rc *ResourceClient) DeleteCollection(deleteOptions *metav1.DeleteOptions,
 // Create creates the provided resource.
 func (rc *ResourceClient) Create(obj *unstructured.Unstructured) (*unstructured.Unstructured, error) {
 	result := new(unstructured.Unstructured)
-	err := rc.cl.Post().
+	resourceName, subresourceName := rc.parseResourceSubresourceName()
+	req := rc.cl.Post().
 		NamespaceIfScoped(rc.ns, rc.resource.Namespaced).
-		Resource(rc.resource.Name).
-		Body(obj).
-		Do().
+		Resource(resourceName).
+		Body(obj)
+	if len(subresourceName) > 0 {
+		// If the provided resource is a subresource, the POST request should contain
+		// object name. Examples of subresources that support Create operation:
+		//	core/v1/pods/{name}/binding
+		//	core/v1/pods/{name}/eviction
+		//	extensions/v1beta1/deployments/{name}/rollback
+		//	apps/v1beta1/deployments/{name}/rollback
+		// NOTE: Currently our system assumes every subresource object has the same
+		//	 name as the parent resource object. E.g. a pods/binding object having
+		//	 metadada.name "foo" means pod "foo" is being bound. We may need to
+		//	 change this if we break the assumption in the future.
+		req = req.SubResource(subresourceName...).
+			Name(obj.GetName())
+	}
+	err := req.Do().
 		Into(result)
 	return result, err
 }
@@ -220,9 +250,15 @@ func (rc *ResourceClient) Update(obj *unstructured.Unstructured) (*unstructured.
 	if len(obj.GetName()) == 0 {
 		return result, errors.New("object missing name")
 	}
+	resourceName, subresourceName := rc.parseResourceSubresourceName()
 	err := rc.cl.Put().
 		NamespaceIfScoped(rc.ns, rc.resource.Namespaced).
-		Resource(rc.resource.Name).
+		Resource(resourceName).
+		SubResource(subresourceName...).
+		// NOTE: Currently our system assumes every subresource object has the same
+		//	 name as the parent resource object. E.g. a pods/binding object having
+		//	 metadada.name "foo" means pod "foo" is being bound. We may need to
+		//	 change this if we break the assumption in the future.
 		Name(obj.GetName()).
 		Body(obj).
 		Do().
@@ -244,11 +280,14 @@ func (rc *ResourceClient) Watch(opts metav1.ListOptions) (watch.Interface, error
 		Watch()
 }
 
+// Patch applies the patch and returns the patched resource.
 func (rc *ResourceClient) Patch(name string, pt types.PatchType, data []byte) (*unstructured.Unstructured, error) {
 	result := new(unstructured.Unstructured)
+	resourceName, subresourceName := rc.parseResourceSubresourceName()
 	err := rc.cl.Patch(pt).
 		NamespaceIfScoped(rc.ns, rc.resource.Namespaced).
-		Resource(rc.resource.Name).
+		Resource(resourceName).
+		SubResource(subresourceName...).
 		Name(name).
 		Body(data).
 		Do().
diff --git a/vendor/k8s.io/client-go/informers/admissionregistration/interface.go b/vendor/k8s.io/client-go/informers/admissionregistration/interface.go
index 2f6d695384ea..138dccc2662b 100644
--- a/vendor/k8s.io/client-go/informers/admissionregistration/interface.go
+++ b/vendor/k8s.io/client-go/informers/admissionregistration/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package admissionregistration
 
diff --git a/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/initializerconfiguration.go b/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/initializerconfiguration.go
index aa73b27a8e0d..659a04caf20d 100644
--- a/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/initializerconfiguration.go
+++ b/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/initializerconfiguration.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	time "time"
+
 	admissionregistration_v1alpha1 "k8s.io/api/admissionregistration/v1alpha1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1alpha1 "k8s.io/client-go/listers/admissionregistration/v1alpha1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // InitializerConfigurationInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/interface.go b/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/interface.go
index d932ff5e1884..54df1caf3b6c 100644
--- a/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/interface.go
+++ b/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/interface.go b/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/interface.go
index 3b4f3b992f27..5364c1ae19e1 100644
--- a/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/interface.go
+++ b/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/mutatingwebhookconfiguration.go b/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/mutatingwebhookconfiguration.go
index 518403e998ab..6e65a86c38e1 100644
--- a/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/mutatingwebhookconfiguration.go
+++ b/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/mutatingwebhookconfiguration.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	admissionregistration_v1beta1 "k8s.io/api/admissionregistration/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta1 "k8s.io/client-go/listers/admissionregistration/v1beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // MutatingWebhookConfigurationInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/validatingwebhookconfiguration.go b/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/validatingwebhookconfiguration.go
index 35f15a24f263..42d16177cdcc 100644
--- a/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/validatingwebhookconfiguration.go
+++ b/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/validatingwebhookconfiguration.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	admissionregistration_v1beta1 "k8s.io/api/admissionregistration/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta1 "k8s.io/client-go/listers/admissionregistration/v1beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // ValidatingWebhookConfigurationInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/apps/interface.go b/vendor/k8s.io/client-go/informers/apps/interface.go
index cd9541928638..7013d4d6f159 100644
--- a/vendor/k8s.io/client-go/informers/apps/interface.go
+++ b/vendor/k8s.io/client-go/informers/apps/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package apps
 
diff --git a/vendor/k8s.io/client-go/informers/apps/v1/controllerrevision.go b/vendor/k8s.io/client-go/informers/apps/v1/controllerrevision.go
index 97c5595dfa64..3fe6630ff995 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1/controllerrevision.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1/controllerrevision.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	apps_v1 "k8s.io/api/apps/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/apps/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // ControllerRevisionInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/apps/v1/daemonset.go b/vendor/k8s.io/client-go/informers/apps/v1/daemonset.go
index 7ba662d42fea..4e10d6f6f11b 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1/daemonset.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1/daemonset.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	apps_v1 "k8s.io/api/apps/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/apps/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // DaemonSetInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/apps/v1/deployment.go b/vendor/k8s.io/client-go/informers/apps/v1/deployment.go
index 07396bb974e5..e08f42ddbbd1 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1/deployment.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1/deployment.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	apps_v1 "k8s.io/api/apps/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/apps/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // DeploymentInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/apps/v1/interface.go b/vendor/k8s.io/client-go/informers/apps/v1/interface.go
index 8af8a25db387..f3abfa9aa521 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1/interface.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/informers/apps/v1/replicaset.go b/vendor/k8s.io/client-go/informers/apps/v1/replicaset.go
index 089fff084944..2a17836cb1f4 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1/replicaset.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1/replicaset.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	apps_v1 "k8s.io/api/apps/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/apps/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // ReplicaSetInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/apps/v1/statefulset.go b/vendor/k8s.io/client-go/informers/apps/v1/statefulset.go
index 07c384512de7..e7084af5879f 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1/statefulset.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1/statefulset.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	apps_v1 "k8s.io/api/apps/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/apps/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // StatefulSetInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/apps/v1beta1/controllerrevision.go b/vendor/k8s.io/client-go/informers/apps/v1beta1/controllerrevision.go
index da0b32509c25..b4878e72483e 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1beta1/controllerrevision.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1beta1/controllerrevision.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	apps_v1beta1 "k8s.io/api/apps/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta1 "k8s.io/client-go/listers/apps/v1beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // ControllerRevisionInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/apps/v1beta1/deployment.go b/vendor/k8s.io/client-go/informers/apps/v1beta1/deployment.go
index 48cbf23e58ea..589ec39a50de 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1beta1/deployment.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1beta1/deployment.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	apps_v1beta1 "k8s.io/api/apps/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta1 "k8s.io/client-go/listers/apps/v1beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // DeploymentInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/apps/v1beta1/interface.go b/vendor/k8s.io/client-go/informers/apps/v1beta1/interface.go
index b6bc410243c3..c0a487ca2e9f 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1beta1/interface.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1beta1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/informers/apps/v1beta1/statefulset.go b/vendor/k8s.io/client-go/informers/apps/v1beta1/statefulset.go
index ba9ba5c025af..f12364c511c8 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1beta1/statefulset.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1beta1/statefulset.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	apps_v1beta1 "k8s.io/api/apps/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta1 "k8s.io/client-go/listers/apps/v1beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // StatefulSetInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/apps/v1beta2/controllerrevision.go b/vendor/k8s.io/client-go/informers/apps/v1beta2/controllerrevision.go
index 8649636b7657..a2f3ceaac3e6 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1beta2/controllerrevision.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1beta2/controllerrevision.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta2
 
 import (
+	time "time"
+
 	apps_v1beta2 "k8s.io/api/apps/v1beta2"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta2 "k8s.io/client-go/listers/apps/v1beta2"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // ControllerRevisionInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/apps/v1beta2/daemonset.go b/vendor/k8s.io/client-go/informers/apps/v1beta2/daemonset.go
index 87f03a12d644..700895e61c28 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1beta2/daemonset.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1beta2/daemonset.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta2
 
 import (
+	time "time"
+
 	apps_v1beta2 "k8s.io/api/apps/v1beta2"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta2 "k8s.io/client-go/listers/apps/v1beta2"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // DaemonSetInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/apps/v1beta2/deployment.go b/vendor/k8s.io/client-go/informers/apps/v1beta2/deployment.go
index cfecc891c7cf..ba1a3cf9b5fe 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1beta2/deployment.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1beta2/deployment.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta2
 
 import (
+	time "time"
+
 	apps_v1beta2 "k8s.io/api/apps/v1beta2"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta2 "k8s.io/client-go/listers/apps/v1beta2"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // DeploymentInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/apps/v1beta2/interface.go b/vendor/k8s.io/client-go/informers/apps/v1beta2/interface.go
index 88c3b05bd4ad..93a1940d9d8d 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1beta2/interface.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1beta2/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta2
 
diff --git a/vendor/k8s.io/client-go/informers/apps/v1beta2/replicaset.go b/vendor/k8s.io/client-go/informers/apps/v1beta2/replicaset.go
index f460c206f974..6a46b810bb62 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1beta2/replicaset.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1beta2/replicaset.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta2
 
 import (
+	time "time"
+
 	apps_v1beta2 "k8s.io/api/apps/v1beta2"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta2 "k8s.io/client-go/listers/apps/v1beta2"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // ReplicaSetInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/apps/v1beta2/statefulset.go b/vendor/k8s.io/client-go/informers/apps/v1beta2/statefulset.go
index 6be9bbb23512..841cbd8ab7f4 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1beta2/statefulset.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1beta2/statefulset.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta2
 
 import (
+	time "time"
+
 	apps_v1beta2 "k8s.io/api/apps/v1beta2"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta2 "k8s.io/client-go/listers/apps/v1beta2"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // StatefulSetInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/autoscaling/interface.go b/vendor/k8s.io/client-go/informers/autoscaling/interface.go
index 8d9caaf22488..347d6f6283e9 100644
--- a/vendor/k8s.io/client-go/informers/autoscaling/interface.go
+++ b/vendor/k8s.io/client-go/informers/autoscaling/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package autoscaling
 
diff --git a/vendor/k8s.io/client-go/informers/autoscaling/v1/horizontalpodautoscaler.go b/vendor/k8s.io/client-go/informers/autoscaling/v1/horizontalpodautoscaler.go
index cf9c7cdc340c..1215c7f3b971 100644
--- a/vendor/k8s.io/client-go/informers/autoscaling/v1/horizontalpodautoscaler.go
+++ b/vendor/k8s.io/client-go/informers/autoscaling/v1/horizontalpodautoscaler.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	autoscaling_v1 "k8s.io/api/autoscaling/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/autoscaling/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // HorizontalPodAutoscalerInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/autoscaling/v1/interface.go b/vendor/k8s.io/client-go/informers/autoscaling/v1/interface.go
index e927a8ce3c18..ffa7a168e768 100644
--- a/vendor/k8s.io/client-go/informers/autoscaling/v1/interface.go
+++ b/vendor/k8s.io/client-go/informers/autoscaling/v1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/informers/autoscaling/v2beta1/horizontalpodautoscaler.go b/vendor/k8s.io/client-go/informers/autoscaling/v2beta1/horizontalpodautoscaler.go
index 73bf5a12a754..208757de3fd4 100644
--- a/vendor/k8s.io/client-go/informers/autoscaling/v2beta1/horizontalpodautoscaler.go
+++ b/vendor/k8s.io/client-go/informers/autoscaling/v2beta1/horizontalpodautoscaler.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v2beta1
 
 import (
+	time "time"
+
 	autoscaling_v2beta1 "k8s.io/api/autoscaling/v2beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v2beta1 "k8s.io/client-go/listers/autoscaling/v2beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // HorizontalPodAutoscalerInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/autoscaling/v2beta1/interface.go b/vendor/k8s.io/client-go/informers/autoscaling/v2beta1/interface.go
index ab7b04f74255..37ce2bc5f77a 100644
--- a/vendor/k8s.io/client-go/informers/autoscaling/v2beta1/interface.go
+++ b/vendor/k8s.io/client-go/informers/autoscaling/v2beta1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v2beta1
 
diff --git a/vendor/k8s.io/client-go/informers/batch/interface.go b/vendor/k8s.io/client-go/informers/batch/interface.go
index c06b0b19e703..f08227ba4d3b 100644
--- a/vendor/k8s.io/client-go/informers/batch/interface.go
+++ b/vendor/k8s.io/client-go/informers/batch/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package batch
 
diff --git a/vendor/k8s.io/client-go/informers/batch/v1/interface.go b/vendor/k8s.io/client-go/informers/batch/v1/interface.go
index 60464d461189..5a09dc7ce5eb 100644
--- a/vendor/k8s.io/client-go/informers/batch/v1/interface.go
+++ b/vendor/k8s.io/client-go/informers/batch/v1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/informers/batch/v1/job.go b/vendor/k8s.io/client-go/informers/batch/v1/job.go
index 1ab68fef4459..36d3cef42241 100644
--- a/vendor/k8s.io/client-go/informers/batch/v1/job.go
+++ b/vendor/k8s.io/client-go/informers/batch/v1/job.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	batch_v1 "k8s.io/api/batch/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/batch/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // JobInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/batch/v1beta1/cronjob.go b/vendor/k8s.io/client-go/informers/batch/v1beta1/cronjob.go
index 03a4e1598fe7..9dfaed490caf 100644
--- a/vendor/k8s.io/client-go/informers/batch/v1beta1/cronjob.go
+++ b/vendor/k8s.io/client-go/informers/batch/v1beta1/cronjob.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	batch_v1beta1 "k8s.io/api/batch/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta1 "k8s.io/client-go/listers/batch/v1beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // CronJobInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/batch/v1beta1/interface.go b/vendor/k8s.io/client-go/informers/batch/v1beta1/interface.go
index 785a62f7ba8e..3ba8401ac6ca 100644
--- a/vendor/k8s.io/client-go/informers/batch/v1beta1/interface.go
+++ b/vendor/k8s.io/client-go/informers/batch/v1beta1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/informers/batch/v2alpha1/cronjob.go b/vendor/k8s.io/client-go/informers/batch/v2alpha1/cronjob.go
index c0ea43a5f067..82bc9422ffdb 100644
--- a/vendor/k8s.io/client-go/informers/batch/v2alpha1/cronjob.go
+++ b/vendor/k8s.io/client-go/informers/batch/v2alpha1/cronjob.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v2alpha1
 
 import (
+	time "time"
+
 	batch_v2alpha1 "k8s.io/api/batch/v2alpha1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v2alpha1 "k8s.io/client-go/listers/batch/v2alpha1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // CronJobInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/batch/v2alpha1/interface.go b/vendor/k8s.io/client-go/informers/batch/v2alpha1/interface.go
index 2bc64945f53e..3c2780fd2f7e 100644
--- a/vendor/k8s.io/client-go/informers/batch/v2alpha1/interface.go
+++ b/vendor/k8s.io/client-go/informers/batch/v2alpha1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v2alpha1
 
diff --git a/vendor/k8s.io/client-go/informers/certificates/interface.go b/vendor/k8s.io/client-go/informers/certificates/interface.go
index d99ff192dd38..9b3121186234 100644
--- a/vendor/k8s.io/client-go/informers/certificates/interface.go
+++ b/vendor/k8s.io/client-go/informers/certificates/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package certificates
 
diff --git a/vendor/k8s.io/client-go/informers/certificates/v1beta1/certificatesigningrequest.go b/vendor/k8s.io/client-go/informers/certificates/v1beta1/certificatesigningrequest.go
index 6d356371e610..a3d6c2d6a66b 100644
--- a/vendor/k8s.io/client-go/informers/certificates/v1beta1/certificatesigningrequest.go
+++ b/vendor/k8s.io/client-go/informers/certificates/v1beta1/certificatesigningrequest.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	certificates_v1beta1 "k8s.io/api/certificates/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta1 "k8s.io/client-go/listers/certificates/v1beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // CertificateSigningRequestInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/certificates/v1beta1/interface.go b/vendor/k8s.io/client-go/informers/certificates/v1beta1/interface.go
index 4b8d9b1c7d8f..718f370ee461 100644
--- a/vendor/k8s.io/client-go/informers/certificates/v1beta1/interface.go
+++ b/vendor/k8s.io/client-go/informers/certificates/v1beta1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/informers/core/interface.go b/vendor/k8s.io/client-go/informers/core/interface.go
index 82b4917e8ac7..aba68f349ee0 100644
--- a/vendor/k8s.io/client-go/informers/core/interface.go
+++ b/vendor/k8s.io/client-go/informers/core/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package core
 
diff --git a/vendor/k8s.io/client-go/informers/core/v1/componentstatus.go b/vendor/k8s.io/client-go/informers/core/v1/componentstatus.go
index d03cf2f801f3..33fc65a52cb7 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/componentstatus.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/componentstatus.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	core_v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/core/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // ComponentStatusInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/core/v1/configmap.go b/vendor/k8s.io/client-go/informers/core/v1/configmap.go
index 6a903a45f18a..618e74994518 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/configmap.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/configmap.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	core_v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/core/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // ConfigMapInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/core/v1/endpoints.go b/vendor/k8s.io/client-go/informers/core/v1/endpoints.go
index a6e36051e2f9..fa56fbc2518f 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/endpoints.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/endpoints.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	core_v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/core/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // EndpointsInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/core/v1/event.go b/vendor/k8s.io/client-go/informers/core/v1/event.go
index 7c33925303af..5157841756fb 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/event.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/event.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	core_v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/core/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // EventInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/core/v1/interface.go b/vendor/k8s.io/client-go/informers/core/v1/interface.go
index 0b460d6b5686..9580dd9e0dd2 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/interface.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/informers/core/v1/limitrange.go b/vendor/k8s.io/client-go/informers/core/v1/limitrange.go
index fe938ec2d1c7..8edffdfb70fc 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/limitrange.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/limitrange.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	core_v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/core/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // LimitRangeInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/core/v1/namespace.go b/vendor/k8s.io/client-go/informers/core/v1/namespace.go
index da2af6206e39..e1925fed15dd 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/namespace.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/namespace.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	core_v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/core/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // NamespaceInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/core/v1/node.go b/vendor/k8s.io/client-go/informers/core/v1/node.go
index d9df80bcbb7d..dc829bcd6b17 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/node.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/node.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	core_v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/core/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // NodeInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/core/v1/persistentvolume.go b/vendor/k8s.io/client-go/informers/core/v1/persistentvolume.go
index 13c154dff7d2..b3ed3c0d0827 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/persistentvolume.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/persistentvolume.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	core_v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/core/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // PersistentVolumeInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/core/v1/persistentvolumeclaim.go b/vendor/k8s.io/client-go/informers/core/v1/persistentvolumeclaim.go
index 8017ce1dca1b..9b4fde573fcd 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/persistentvolumeclaim.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/persistentvolumeclaim.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	core_v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/core/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // PersistentVolumeClaimInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/core/v1/pod.go b/vendor/k8s.io/client-go/informers/core/v1/pod.go
index 1d1c6fc0f463..18e61b225e7e 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/pod.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/pod.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	core_v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/core/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // PodInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/core/v1/podtemplate.go b/vendor/k8s.io/client-go/informers/core/v1/podtemplate.go
index f7151e30f5bb..a7de79b1837e 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/podtemplate.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/podtemplate.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	core_v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/core/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // PodTemplateInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/core/v1/replicationcontroller.go b/vendor/k8s.io/client-go/informers/core/v1/replicationcontroller.go
index 68127512ad24..df0a1d604650 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/replicationcontroller.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/replicationcontroller.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	core_v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/core/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // ReplicationControllerInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/core/v1/resourcequota.go b/vendor/k8s.io/client-go/informers/core/v1/resourcequota.go
index d80660022b6e..89a56acb8a10 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/resourcequota.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/resourcequota.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	core_v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/core/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // ResourceQuotaInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/core/v1/secret.go b/vendor/k8s.io/client-go/informers/core/v1/secret.go
index 69874bc4cdb8..05939c861ac8 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/secret.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/secret.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	core_v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/core/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // SecretInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/core/v1/service.go b/vendor/k8s.io/client-go/informers/core/v1/service.go
index 082b5925638a..0e8aa0f7a3a9 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/service.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/service.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	core_v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/core/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // ServiceInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/core/v1/serviceaccount.go b/vendor/k8s.io/client-go/informers/core/v1/serviceaccount.go
index b5cd59b4f1f3..bf3b5a7bb437 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/serviceaccount.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/serviceaccount.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	core_v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/core/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // ServiceAccountInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/events/interface.go b/vendor/k8s.io/client-go/informers/events/interface.go
index cfb8d375f9d4..e8ad97c3c36f 100644
--- a/vendor/k8s.io/client-go/informers/events/interface.go
+++ b/vendor/k8s.io/client-go/informers/events/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package events
 
diff --git a/vendor/k8s.io/client-go/informers/events/v1beta1/event.go b/vendor/k8s.io/client-go/informers/events/v1beta1/event.go
index fb44ff8c5486..8f2b27cf5883 100644
--- a/vendor/k8s.io/client-go/informers/events/v1beta1/event.go
+++ b/vendor/k8s.io/client-go/informers/events/v1beta1/event.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	events_v1beta1 "k8s.io/api/events/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta1 "k8s.io/client-go/listers/events/v1beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // EventInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/events/v1beta1/interface.go b/vendor/k8s.io/client-go/informers/events/v1beta1/interface.go
index 8138b0a0b51a..0c67badb2d01 100644
--- a/vendor/k8s.io/client-go/informers/events/v1beta1/interface.go
+++ b/vendor/k8s.io/client-go/informers/events/v1beta1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/informers/extensions/interface.go b/vendor/k8s.io/client-go/informers/extensions/interface.go
index 3a5d8a52e63a..93d912ca5edb 100644
--- a/vendor/k8s.io/client-go/informers/extensions/interface.go
+++ b/vendor/k8s.io/client-go/informers/extensions/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package extensions
 
diff --git a/vendor/k8s.io/client-go/informers/extensions/v1beta1/daemonset.go b/vendor/k8s.io/client-go/informers/extensions/v1beta1/daemonset.go
index 911f51edf5c5..0f24af5ca337 100644
--- a/vendor/k8s.io/client-go/informers/extensions/v1beta1/daemonset.go
+++ b/vendor/k8s.io/client-go/informers/extensions/v1beta1/daemonset.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	extensions_v1beta1 "k8s.io/api/extensions/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta1 "k8s.io/client-go/listers/extensions/v1beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // DaemonSetInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/extensions/v1beta1/deployment.go b/vendor/k8s.io/client-go/informers/extensions/v1beta1/deployment.go
index e37ec7eff2a6..980eecb0f8e3 100644
--- a/vendor/k8s.io/client-go/informers/extensions/v1beta1/deployment.go
+++ b/vendor/k8s.io/client-go/informers/extensions/v1beta1/deployment.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	extensions_v1beta1 "k8s.io/api/extensions/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta1 "k8s.io/client-go/listers/extensions/v1beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // DeploymentInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/extensions/v1beta1/ingress.go b/vendor/k8s.io/client-go/informers/extensions/v1beta1/ingress.go
index 7ba79228aed9..b250d22a303b 100644
--- a/vendor/k8s.io/client-go/informers/extensions/v1beta1/ingress.go
+++ b/vendor/k8s.io/client-go/informers/extensions/v1beta1/ingress.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	extensions_v1beta1 "k8s.io/api/extensions/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta1 "k8s.io/client-go/listers/extensions/v1beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // IngressInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/extensions/v1beta1/interface.go b/vendor/k8s.io/client-go/informers/extensions/v1beta1/interface.go
index a3af9309fae6..10aa1b70458a 100644
--- a/vendor/k8s.io/client-go/informers/extensions/v1beta1/interface.go
+++ b/vendor/k8s.io/client-go/informers/extensions/v1beta1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/informers/extensions/v1beta1/podsecuritypolicy.go b/vendor/k8s.io/client-go/informers/extensions/v1beta1/podsecuritypolicy.go
index 52126d577747..76b83b823cb9 100644
--- a/vendor/k8s.io/client-go/informers/extensions/v1beta1/podsecuritypolicy.go
+++ b/vendor/k8s.io/client-go/informers/extensions/v1beta1/podsecuritypolicy.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	extensions_v1beta1 "k8s.io/api/extensions/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta1 "k8s.io/client-go/listers/extensions/v1beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // PodSecurityPolicyInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/extensions/v1beta1/replicaset.go b/vendor/k8s.io/client-go/informers/extensions/v1beta1/replicaset.go
index 23e50435f2ee..31c6a1b86cc0 100644
--- a/vendor/k8s.io/client-go/informers/extensions/v1beta1/replicaset.go
+++ b/vendor/k8s.io/client-go/informers/extensions/v1beta1/replicaset.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	extensions_v1beta1 "k8s.io/api/extensions/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta1 "k8s.io/client-go/listers/extensions/v1beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // ReplicaSetInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/factory.go b/vendor/k8s.io/client-go/informers/factory.go
index 642e86cc0b0a..455afc2b99e2 100644
--- a/vendor/k8s.io/client-go/informers/factory.go
+++ b/vendor/k8s.io/client-go/informers/factory.go
@@ -14,11 +14,15 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package informers
 
 import (
+	reflect "reflect"
+	sync "sync"
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	schema "k8s.io/apimachinery/pkg/runtime/schema"
@@ -39,9 +43,6 @@ import (
 	storage "k8s.io/client-go/informers/storage"
 	kubernetes "k8s.io/client-go/kubernetes"
 	cache "k8s.io/client-go/tools/cache"
-	reflect "reflect"
-	sync "sync"
-	time "time"
 )
 
 type sharedInformerFactory struct {
diff --git a/vendor/k8s.io/client-go/informers/generic.go b/vendor/k8s.io/client-go/informers/generic.go
index c1d01bec2f55..801267edf6e5 100644
--- a/vendor/k8s.io/client-go/informers/generic.go
+++ b/vendor/k8s.io/client-go/informers/generic.go
@@ -14,12 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package informers
 
 import (
 	"fmt"
+
 	v1alpha1 "k8s.io/api/admissionregistration/v1alpha1"
 	v1beta1 "k8s.io/api/admissionregistration/v1beta1"
 	v1 "k8s.io/api/apps/v1"
@@ -197,6 +198,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource
 		// Group=policy, Version=v1beta1
 	case policy_v1beta1.SchemeGroupVersion.WithResource("poddisruptionbudgets"):
 		return &genericInformer{resource: resource.GroupResource(), informer: f.Policy().V1beta1().PodDisruptionBudgets().Informer()}, nil
+	case policy_v1beta1.SchemeGroupVersion.WithResource("podsecuritypolicies"):
+		return &genericInformer{resource: resource.GroupResource(), informer: f.Policy().V1beta1().PodSecurityPolicies().Informer()}, nil
 
 		// Group=rbac.authorization.k8s.io, Version=v1
 	case rbac_v1.SchemeGroupVersion.WithResource("clusterroles"):
@@ -247,6 +250,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource
 		// Group=storage.k8s.io, Version=v1beta1
 	case storage_v1beta1.SchemeGroupVersion.WithResource("storageclasses"):
 		return &genericInformer{resource: resource.GroupResource(), informer: f.Storage().V1beta1().StorageClasses().Informer()}, nil
+	case storage_v1beta1.SchemeGroupVersion.WithResource("volumeattachments"):
+		return &genericInformer{resource: resource.GroupResource(), informer: f.Storage().V1beta1().VolumeAttachments().Informer()}, nil
 
 	}
 
diff --git a/vendor/k8s.io/client-go/informers/internalinterfaces/factory_interfaces.go b/vendor/k8s.io/client-go/informers/internalinterfaces/factory_interfaces.go
index 8410cca2cafc..4e2a28fc7d8c 100644
--- a/vendor/k8s.io/client-go/informers/internalinterfaces/factory_interfaces.go
+++ b/vendor/k8s.io/client-go/informers/internalinterfaces/factory_interfaces.go
@@ -14,16 +14,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalinterfaces
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	kubernetes "k8s.io/client-go/kubernetes"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 type NewInformerFunc func(kubernetes.Interface, time.Duration) cache.SharedIndexInformer
diff --git a/vendor/k8s.io/client-go/informers/networking/interface.go b/vendor/k8s.io/client-go/informers/networking/interface.go
index bd0b3aaa7b8a..0f6c4564951f 100644
--- a/vendor/k8s.io/client-go/informers/networking/interface.go
+++ b/vendor/k8s.io/client-go/informers/networking/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package networking
 
diff --git a/vendor/k8s.io/client-go/informers/networking/v1/interface.go b/vendor/k8s.io/client-go/informers/networking/v1/interface.go
index aa75a918caba..819a86146dac 100644
--- a/vendor/k8s.io/client-go/informers/networking/v1/interface.go
+++ b/vendor/k8s.io/client-go/informers/networking/v1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/informers/networking/v1/networkpolicy.go b/vendor/k8s.io/client-go/informers/networking/v1/networkpolicy.go
index d3233c265b1a..20ac9909d5e7 100644
--- a/vendor/k8s.io/client-go/informers/networking/v1/networkpolicy.go
+++ b/vendor/k8s.io/client-go/informers/networking/v1/networkpolicy.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	networking_v1 "k8s.io/api/networking/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/networking/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // NetworkPolicyInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/policy/interface.go b/vendor/k8s.io/client-go/informers/policy/interface.go
index 5908e63c5120..e77ab2b246dc 100644
--- a/vendor/k8s.io/client-go/informers/policy/interface.go
+++ b/vendor/k8s.io/client-go/informers/policy/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package policy
 
diff --git a/vendor/k8s.io/client-go/informers/policy/v1beta1/BUILD b/vendor/k8s.io/client-go/informers/policy/v1beta1/BUILD
index 39a7a9d34d9b..547a0a397c37 100644
--- a/vendor/k8s.io/client-go/informers/policy/v1beta1/BUILD
+++ b/vendor/k8s.io/client-go/informers/policy/v1beta1/BUILD
@@ -10,6 +10,7 @@ go_library(
     srcs = [
         "interface.go",
         "poddisruptionbudget.go",
+        "podsecuritypolicy.go",
     ],
     importpath = "k8s.io/client-go/informers/policy/v1beta1",
     deps = [
diff --git a/vendor/k8s.io/client-go/informers/policy/v1beta1/interface.go b/vendor/k8s.io/client-go/informers/policy/v1beta1/interface.go
index e59a4aa9cd06..b368f068faac 100644
--- a/vendor/k8s.io/client-go/informers/policy/v1beta1/interface.go
+++ b/vendor/k8s.io/client-go/informers/policy/v1beta1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
@@ -26,6 +26,8 @@ import (
 type Interface interface {
 	// PodDisruptionBudgets returns a PodDisruptionBudgetInformer.
 	PodDisruptionBudgets() PodDisruptionBudgetInformer
+	// PodSecurityPolicies returns a PodSecurityPolicyInformer.
+	PodSecurityPolicies() PodSecurityPolicyInformer
 }
 
 type version struct {
@@ -43,3 +45,8 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
 func (v *version) PodDisruptionBudgets() PodDisruptionBudgetInformer {
 	return &podDisruptionBudgetInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
 }
+
+// PodSecurityPolicies returns a PodSecurityPolicyInformer.
+func (v *version) PodSecurityPolicies() PodSecurityPolicyInformer {
+	return &podSecurityPolicyInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
+}
diff --git a/vendor/k8s.io/client-go/informers/policy/v1beta1/poddisruptionbudget.go b/vendor/k8s.io/client-go/informers/policy/v1beta1/poddisruptionbudget.go
index 935c1b63efa8..d5178652a1e1 100644
--- a/vendor/k8s.io/client-go/informers/policy/v1beta1/poddisruptionbudget.go
+++ b/vendor/k8s.io/client-go/informers/policy/v1beta1/poddisruptionbudget.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	policy_v1beta1 "k8s.io/api/policy/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta1 "k8s.io/client-go/listers/policy/v1beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // PodDisruptionBudgetInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/policy/v1beta1/podsecuritypolicy.go b/vendor/k8s.io/client-go/informers/policy/v1beta1/podsecuritypolicy.go
new file mode 100644
index 000000000000..c9bcc8bab7fd
--- /dev/null
+++ b/vendor/k8s.io/client-go/informers/policy/v1beta1/podsecuritypolicy.go
@@ -0,0 +1,88 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by informer-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	time "time"
+
+	policy_v1beta1 "k8s.io/api/policy/v1beta1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	watch "k8s.io/apimachinery/pkg/watch"
+	internalinterfaces "k8s.io/client-go/informers/internalinterfaces"
+	kubernetes "k8s.io/client-go/kubernetes"
+	v1beta1 "k8s.io/client-go/listers/policy/v1beta1"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// PodSecurityPolicyInformer provides access to a shared informer and lister for
+// PodSecurityPolicies.
+type PodSecurityPolicyInformer interface {
+	Informer() cache.SharedIndexInformer
+	Lister() v1beta1.PodSecurityPolicyLister
+}
+
+type podSecurityPolicyInformer struct {
+	factory          internalinterfaces.SharedInformerFactory
+	tweakListOptions internalinterfaces.TweakListOptionsFunc
+}
+
+// NewPodSecurityPolicyInformer constructs a new informer for PodSecurityPolicy type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewPodSecurityPolicyInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
+	return NewFilteredPodSecurityPolicyInformer(client, resyncPeriod, indexers, nil)
+}
+
+// NewFilteredPodSecurityPolicyInformer constructs a new informer for PodSecurityPolicy type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewFilteredPodSecurityPolicyInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
+	return cache.NewSharedIndexInformer(
+		&cache.ListWatch{
+			ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.PolicyV1beta1().PodSecurityPolicies().List(options)
+			},
+			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.PolicyV1beta1().PodSecurityPolicies().Watch(options)
+			},
+		},
+		&policy_v1beta1.PodSecurityPolicy{},
+		resyncPeriod,
+		indexers,
+	)
+}
+
+func (f *podSecurityPolicyInformer) defaultInformer(client kubernetes.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
+	return NewFilteredPodSecurityPolicyInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
+}
+
+func (f *podSecurityPolicyInformer) Informer() cache.SharedIndexInformer {
+	return f.factory.InformerFor(&policy_v1beta1.PodSecurityPolicy{}, f.defaultInformer)
+}
+
+func (f *podSecurityPolicyInformer) Lister() v1beta1.PodSecurityPolicyLister {
+	return v1beta1.NewPodSecurityPolicyLister(f.Informer().GetIndexer())
+}
diff --git a/vendor/k8s.io/client-go/informers/rbac/interface.go b/vendor/k8s.io/client-go/informers/rbac/interface.go
index edf21fa6a846..ac491ee42731 100644
--- a/vendor/k8s.io/client-go/informers/rbac/interface.go
+++ b/vendor/k8s.io/client-go/informers/rbac/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package rbac
 
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1/clusterrole.go b/vendor/k8s.io/client-go/informers/rbac/v1/clusterrole.go
index 9c7473453438..f541957a2285 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1/clusterrole.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1/clusterrole.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	rbac_v1 "k8s.io/api/rbac/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/rbac/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // ClusterRoleInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1/clusterrolebinding.go b/vendor/k8s.io/client-go/informers/rbac/v1/clusterrolebinding.go
index 6d0c1a68ca26..bf1d7bdc1f89 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1/clusterrolebinding.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1/clusterrolebinding.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	rbac_v1 "k8s.io/api/rbac/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/rbac/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // ClusterRoleBindingInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1/interface.go b/vendor/k8s.io/client-go/informers/rbac/v1/interface.go
index 969dd563cebf..fca0e807b408 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1/interface.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1/role.go b/vendor/k8s.io/client-go/informers/rbac/v1/role.go
index 8ed43fb750fd..f08e1fde3075 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1/role.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1/role.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	rbac_v1 "k8s.io/api/rbac/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/rbac/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // RoleInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1/rolebinding.go b/vendor/k8s.io/client-go/informers/rbac/v1/rolebinding.go
index 3bc54f087324..f91c2ef03aa8 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1/rolebinding.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1/rolebinding.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	rbac_v1 "k8s.io/api/rbac/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/rbac/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // RoleBindingInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1alpha1/clusterrole.go b/vendor/k8s.io/client-go/informers/rbac/v1alpha1/clusterrole.go
index 2fa374454a91..9293439f40f3 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1alpha1/clusterrole.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1alpha1/clusterrole.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	time "time"
+
 	rbac_v1alpha1 "k8s.io/api/rbac/v1alpha1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1alpha1 "k8s.io/client-go/listers/rbac/v1alpha1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // ClusterRoleInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1alpha1/clusterrolebinding.go b/vendor/k8s.io/client-go/informers/rbac/v1alpha1/clusterrolebinding.go
index 2fa4e2d7ffb1..d13561274da6 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1alpha1/clusterrolebinding.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1alpha1/clusterrolebinding.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	time "time"
+
 	rbac_v1alpha1 "k8s.io/api/rbac/v1alpha1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1alpha1 "k8s.io/client-go/listers/rbac/v1alpha1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // ClusterRoleBindingInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1alpha1/interface.go b/vendor/k8s.io/client-go/informers/rbac/v1alpha1/interface.go
index 2f4945f9a372..1c972ec82f0a 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1alpha1/interface.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1alpha1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1alpha1/role.go b/vendor/k8s.io/client-go/informers/rbac/v1alpha1/role.go
index d4730a00405c..5b4148fa99fb 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1alpha1/role.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1alpha1/role.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	time "time"
+
 	rbac_v1alpha1 "k8s.io/api/rbac/v1alpha1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1alpha1 "k8s.io/client-go/listers/rbac/v1alpha1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // RoleInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1alpha1/rolebinding.go b/vendor/k8s.io/client-go/informers/rbac/v1alpha1/rolebinding.go
index abfae250887a..54bae16e7860 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1alpha1/rolebinding.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1alpha1/rolebinding.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	time "time"
+
 	rbac_v1alpha1 "k8s.io/api/rbac/v1alpha1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1alpha1 "k8s.io/client-go/listers/rbac/v1alpha1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // RoleBindingInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1beta1/clusterrole.go b/vendor/k8s.io/client-go/informers/rbac/v1beta1/clusterrole.go
index 16e597d04dd1..f429eeca1bcd 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1beta1/clusterrole.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1beta1/clusterrole.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	rbac_v1beta1 "k8s.io/api/rbac/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta1 "k8s.io/client-go/listers/rbac/v1beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // ClusterRoleInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1beta1/clusterrolebinding.go b/vendor/k8s.io/client-go/informers/rbac/v1beta1/clusterrolebinding.go
index 4fee022cd860..5900eae9af6e 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1beta1/clusterrolebinding.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1beta1/clusterrolebinding.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	rbac_v1beta1 "k8s.io/api/rbac/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta1 "k8s.io/client-go/listers/rbac/v1beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // ClusterRoleBindingInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1beta1/interface.go b/vendor/k8s.io/client-go/informers/rbac/v1beta1/interface.go
index 92e440ba0f8c..c36d644e11cd 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1beta1/interface.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1beta1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1beta1/role.go b/vendor/k8s.io/client-go/informers/rbac/v1beta1/role.go
index 39c37568ba7d..479044b42c05 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1beta1/role.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1beta1/role.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	rbac_v1beta1 "k8s.io/api/rbac/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta1 "k8s.io/client-go/listers/rbac/v1beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // RoleInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1beta1/rolebinding.go b/vendor/k8s.io/client-go/informers/rbac/v1beta1/rolebinding.go
index 8ff036b09483..34feed183bf2 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1beta1/rolebinding.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1beta1/rolebinding.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	rbac_v1beta1 "k8s.io/api/rbac/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta1 "k8s.io/client-go/listers/rbac/v1beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // RoleBindingInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/scheduling/interface.go b/vendor/k8s.io/client-go/informers/scheduling/interface.go
index 1ea9a2e71635..89aaac195ad1 100644
--- a/vendor/k8s.io/client-go/informers/scheduling/interface.go
+++ b/vendor/k8s.io/client-go/informers/scheduling/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package scheduling
 
diff --git a/vendor/k8s.io/client-go/informers/scheduling/v1alpha1/interface.go b/vendor/k8s.io/client-go/informers/scheduling/v1alpha1/interface.go
index dabe3fb63f72..091dd90b6e2d 100644
--- a/vendor/k8s.io/client-go/informers/scheduling/v1alpha1/interface.go
+++ b/vendor/k8s.io/client-go/informers/scheduling/v1alpha1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/client-go/informers/scheduling/v1alpha1/priorityclass.go b/vendor/k8s.io/client-go/informers/scheduling/v1alpha1/priorityclass.go
index 2a82206ea812..8a27631bec46 100644
--- a/vendor/k8s.io/client-go/informers/scheduling/v1alpha1/priorityclass.go
+++ b/vendor/k8s.io/client-go/informers/scheduling/v1alpha1/priorityclass.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	time "time"
+
 	scheduling_v1alpha1 "k8s.io/api/scheduling/v1alpha1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1alpha1 "k8s.io/client-go/listers/scheduling/v1alpha1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // PriorityClassInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/settings/interface.go b/vendor/k8s.io/client-go/informers/settings/interface.go
index 205dbbf4d9ee..cc134f7060f0 100644
--- a/vendor/k8s.io/client-go/informers/settings/interface.go
+++ b/vendor/k8s.io/client-go/informers/settings/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package settings
 
diff --git a/vendor/k8s.io/client-go/informers/settings/v1alpha1/interface.go b/vendor/k8s.io/client-go/informers/settings/v1alpha1/interface.go
index 5714bf06c751..d2964352ab48 100644
--- a/vendor/k8s.io/client-go/informers/settings/v1alpha1/interface.go
+++ b/vendor/k8s.io/client-go/informers/settings/v1alpha1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/client-go/informers/settings/v1alpha1/podpreset.go b/vendor/k8s.io/client-go/informers/settings/v1alpha1/podpreset.go
index b87f0e6138e0..7e241b2be5c4 100644
--- a/vendor/k8s.io/client-go/informers/settings/v1alpha1/podpreset.go
+++ b/vendor/k8s.io/client-go/informers/settings/v1alpha1/podpreset.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	time "time"
+
 	settings_v1alpha1 "k8s.io/api/settings/v1alpha1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1alpha1 "k8s.io/client-go/listers/settings/v1alpha1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // PodPresetInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/storage/interface.go b/vendor/k8s.io/client-go/informers/storage/interface.go
index bf95b0b92f2f..6581a2a8d7e4 100644
--- a/vendor/k8s.io/client-go/informers/storage/interface.go
+++ b/vendor/k8s.io/client-go/informers/storage/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package storage
 
diff --git a/vendor/k8s.io/client-go/informers/storage/v1/interface.go b/vendor/k8s.io/client-go/informers/storage/v1/interface.go
index ea84ebabfa74..ebdb1d98aae2 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1/interface.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/informers/storage/v1/storageclass.go b/vendor/k8s.io/client-go/informers/storage/v1/storageclass.go
index c6338fe67cd1..5ef571eb4177 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1/storageclass.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1/storageclass.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	time "time"
+
 	storage_v1 "k8s.io/api/storage/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1 "k8s.io/client-go/listers/storage/v1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // StorageClassInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/storage/v1alpha1/interface.go b/vendor/k8s.io/client-go/informers/storage/v1alpha1/interface.go
index 86d49a952d04..f1b1a9bbdb95 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1alpha1/interface.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1alpha1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/client-go/informers/storage/v1alpha1/volumeattachment.go b/vendor/k8s.io/client-go/informers/storage/v1alpha1/volumeattachment.go
index 413dc4ed008c..506517acd7fb 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1alpha1/volumeattachment.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1alpha1/volumeattachment.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	time "time"
+
 	storage_v1alpha1 "k8s.io/api/storage/v1alpha1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1alpha1 "k8s.io/client-go/listers/storage/v1alpha1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // VolumeAttachmentInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/storage/v1beta1/BUILD b/vendor/k8s.io/client-go/informers/storage/v1beta1/BUILD
index 0a7ad316b60d..64aae51654a1 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1beta1/BUILD
+++ b/vendor/k8s.io/client-go/informers/storage/v1beta1/BUILD
@@ -10,6 +10,7 @@ go_library(
     srcs = [
         "interface.go",
         "storageclass.go",
+        "volumeattachment.go",
     ],
     importpath = "k8s.io/client-go/informers/storage/v1beta1",
     deps = [
diff --git a/vendor/k8s.io/client-go/informers/storage/v1beta1/interface.go b/vendor/k8s.io/client-go/informers/storage/v1beta1/interface.go
index 144e4e176f70..5a63728f1e08 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1beta1/interface.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1beta1/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
@@ -26,6 +26,8 @@ import (
 type Interface interface {
 	// StorageClasses returns a StorageClassInformer.
 	StorageClasses() StorageClassInformer
+	// VolumeAttachments returns a VolumeAttachmentInformer.
+	VolumeAttachments() VolumeAttachmentInformer
 }
 
 type version struct {
@@ -43,3 +45,8 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
 func (v *version) StorageClasses() StorageClassInformer {
 	return &storageClassInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
 }
+
+// VolumeAttachments returns a VolumeAttachmentInformer.
+func (v *version) VolumeAttachments() VolumeAttachmentInformer {
+	return &volumeAttachmentInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
+}
diff --git a/vendor/k8s.io/client-go/informers/storage/v1beta1/storageclass.go b/vendor/k8s.io/client-go/informers/storage/v1beta1/storageclass.go
index 0a17418fb52e..0b4edbf52e82 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1beta1/storageclass.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1beta1/storageclass.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	time "time"
+
 	storage_v1beta1 "k8s.io/api/storage/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
@@ -27,7 +29,6 @@ import (
 	kubernetes "k8s.io/client-go/kubernetes"
 	v1beta1 "k8s.io/client-go/listers/storage/v1beta1"
 	cache "k8s.io/client-go/tools/cache"
-	time "time"
 )
 
 // StorageClassInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/client-go/informers/storage/v1beta1/volumeattachment.go b/vendor/k8s.io/client-go/informers/storage/v1beta1/volumeattachment.go
new file mode 100644
index 000000000000..ae3c2fd71c0f
--- /dev/null
+++ b/vendor/k8s.io/client-go/informers/storage/v1beta1/volumeattachment.go
@@ -0,0 +1,88 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by informer-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	time "time"
+
+	storage_v1beta1 "k8s.io/api/storage/v1beta1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	watch "k8s.io/apimachinery/pkg/watch"
+	internalinterfaces "k8s.io/client-go/informers/internalinterfaces"
+	kubernetes "k8s.io/client-go/kubernetes"
+	v1beta1 "k8s.io/client-go/listers/storage/v1beta1"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// VolumeAttachmentInformer provides access to a shared informer and lister for
+// VolumeAttachments.
+type VolumeAttachmentInformer interface {
+	Informer() cache.SharedIndexInformer
+	Lister() v1beta1.VolumeAttachmentLister
+}
+
+type volumeAttachmentInformer struct {
+	factory          internalinterfaces.SharedInformerFactory
+	tweakListOptions internalinterfaces.TweakListOptionsFunc
+}
+
+// NewVolumeAttachmentInformer constructs a new informer for VolumeAttachment type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewVolumeAttachmentInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
+	return NewFilteredVolumeAttachmentInformer(client, resyncPeriod, indexers, nil)
+}
+
+// NewFilteredVolumeAttachmentInformer constructs a new informer for VolumeAttachment type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewFilteredVolumeAttachmentInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
+	return cache.NewSharedIndexInformer(
+		&cache.ListWatch{
+			ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1beta1().VolumeAttachments().List(options)
+			},
+			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1beta1().VolumeAttachments().Watch(options)
+			},
+		},
+		&storage_v1beta1.VolumeAttachment{},
+		resyncPeriod,
+		indexers,
+	)
+}
+
+func (f *volumeAttachmentInformer) defaultInformer(client kubernetes.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
+	return NewFilteredVolumeAttachmentInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
+}
+
+func (f *volumeAttachmentInformer) Informer() cache.SharedIndexInformer {
+	return f.factory.InformerFor(&storage_v1beta1.VolumeAttachment{}, f.defaultInformer)
+}
+
+func (f *volumeAttachmentInformer) Lister() v1beta1.VolumeAttachmentLister {
+	return v1beta1.NewVolumeAttachmentLister(f.Informer().GetIndexer())
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/clientset.go b/vendor/k8s.io/client-go/kubernetes/clientset.go
index b68855909658..d867a58b2d34 100644
--- a/vendor/k8s.io/client-go/kubernetes/clientset.go
+++ b/vendor/k8s.io/client-go/kubernetes/clientset.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package kubernetes
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/doc.go b/vendor/k8s.io/client-go/kubernetes/doc.go
index 2c07131b1c28..c5870c01ab96 100644
--- a/vendor/k8s.io/client-go/kubernetes/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated clientset.
 package kubernetes
diff --git a/vendor/k8s.io/client-go/kubernetes/scheme/doc.go b/vendor/k8s.io/client-go/kubernetes/scheme/doc.go
index 3d3ab5f4edfa..5c5c8debb6b4 100644
--- a/vendor/k8s.io/client-go/kubernetes/scheme/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/scheme/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package contains the scheme of the automatically generated clientset.
 package scheme
diff --git a/vendor/k8s.io/client-go/kubernetes/scheme/register.go b/vendor/k8s.io/client-go/kubernetes/scheme/register.go
index 6cc1bd32871f..66e2dcd18baa 100644
--- a/vendor/k8s.io/client-go/kubernetes/scheme/register.go
+++ b/vendor/k8s.io/client-go/kubernetes/scheme/register.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package scheme
 
 import (
@@ -65,7 +67,7 @@ func init() {
 //
 //   import (
 //     "k8s.io/client-go/kubernetes"
-//     clientsetscheme "k8s.io/client-go/kuberentes/scheme"
+//     clientsetscheme "k8s.io/client-go/kubernetes/scheme"
 //     aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme"
 //   )
 //
@@ -103,5 +105,4 @@ func AddToScheme(scheme *runtime.Scheme) {
 	storagev1beta1.AddToScheme(scheme)
 	storagev1.AddToScheme(scheme)
 	storagev1alpha1.AddToScheme(scheme)
-
 }
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/admissionregistration_client.go b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/admissionregistration_client.go
index e6f1a81e2ac2..8137129fc29d 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/admissionregistration_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/admissionregistration_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1alpha1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/doc.go
index 08a9c7ceba43..69ca30111b4c 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1alpha1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/generated_expansion.go
index bfd47e53c458..710bc4ea4df6 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1alpha1
 
 type InitializerConfigurationExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/initializerconfiguration.go b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/initializerconfiguration.go
index 11cc502f24f4..77c6b8fcc3fb 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/initializerconfiguration.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/initializerconfiguration.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1alpha1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/admissionregistration_client.go b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/admissionregistration_client.go
index 63e84abc515b..44b20b57794c 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/admissionregistration_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/admissionregistration_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/doc.go
index 35b3db3f3542..11ae7049d165 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1beta1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/generated_expansion.go
index a7780738b340..29369755531b 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 type MutatingWebhookConfigurationExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/mutatingwebhookconfiguration.go b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/mutatingwebhookconfiguration.go
index f6afa0339774..d37f684489bf 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/mutatingwebhookconfiguration.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/mutatingwebhookconfiguration.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/validatingwebhookconfiguration.go b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/validatingwebhookconfiguration.go
index 860ee16b5cff..30dcfddbc28b 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/validatingwebhookconfiguration.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/validatingwebhookconfiguration.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/apps_client.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/apps_client.go
index 0c81c1d96d9e..b0af79806945 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/apps_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/apps_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/controllerrevision.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/controllerrevision.go
index 5f2d90b63ddf..26d0207473d2 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/controllerrevision.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/controllerrevision.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/daemonset.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/daemonset.go
index f9577d787833..73fd1e9bd555 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/daemonset.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/daemonset.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/deployment.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/deployment.go
index af837714d317..1a3e8f730264 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/deployment.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/deployment.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/doc.go
index 95b44dfa87f3..d007a2903d24 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/generated_expansion.go
index 6d07e293dd30..0f603bb8cc12 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 type ControllerRevisionExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/replicaset.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/replicaset.go
index bf5330f065f8..f2f9c725658c 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/replicaset.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/replicaset.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/statefulset.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/statefulset.go
index 05496f311652..78fe23f845fc 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/statefulset.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/statefulset.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/apps_client.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/apps_client.go
index eaf6c8b4514b..1aebc217620d 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/apps_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/apps_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/controllerrevision.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/controllerrevision.go
index 86cab3bb329f..312ba3c47c37 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/controllerrevision.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/controllerrevision.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/deployment.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/deployment.go
index 1827d92dbea9..2ff58aeacbb3 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/deployment.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/deployment.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/doc.go
index 35b3db3f3542..11ae7049d165 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1beta1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/generated_expansion.go
index 44edefdcd8ae..a44a94b63b1a 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 type ControllerRevisionExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/scale.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/scale.go
index d67f31431ee7..e8c5073267ff 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/scale.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/scale.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/statefulset.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/statefulset.go
index cf96d006c2c4..6f89ca73affa 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/statefulset.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/statefulset.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/apps_client.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/apps_client.go
index cb44f155fe17..8d5a78c448f6 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/apps_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/apps_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta2
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/controllerrevision.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/controllerrevision.go
index 9fe5d129aa7c..28b30e8bebfb 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/controllerrevision.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/controllerrevision.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta2
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/daemonset.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/daemonset.go
index e062d392f6d1..c21fc50a8539 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/daemonset.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/daemonset.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta2
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/deployment.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/deployment.go
index 0e292ca17c4b..270be527eefb 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/deployment.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/deployment.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta2
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/doc.go
index 8d6189201710..01d0ed2c2ad4 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1beta2
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/generated_expansion.go
index 98356ca71028..a88e1721f19f 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta2
 
 type ControllerRevisionExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/replicaset.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/replicaset.go
index e0cd3a2864be..298ec26a2e60 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/replicaset.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/replicaset.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta2
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/scale.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/scale.go
index 0295d4144b79..84f27a797777 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/scale.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/scale.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta2
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/statefulset.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/statefulset.go
index 8bac75600a2d..64b7c8c8ff56 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/statefulset.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/statefulset.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta2
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/authentication_client.go b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/authentication_client.go
index 4d0af8c2629d..25b86152d253 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/authentication_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/authentication_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/doc.go
index 95b44dfa87f3..d007a2903d24 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/generated_expansion.go
index 94adbfbce315..7c92b9147871 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/generated_expansion.go
@@ -14,4 +14,6 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/tokenreview.go b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/tokenreview.go
index ab95e6a83421..88f759f2b97b 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/tokenreview.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/tokenreview.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/authentication_client.go b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/authentication_client.go
index 996de350a56a..744c26c9e629 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/authentication_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/authentication_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/doc.go
index 35b3db3f3542..11ae7049d165 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1beta1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/generated_expansion.go
index 74ad7fa90d66..7fd68c803fd5 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/generated_expansion.go
@@ -14,4 +14,6 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/tokenreview.go b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/tokenreview.go
index eef5a968debf..fa611825e22f 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/tokenreview.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/tokenreview.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/authorization_client.go b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/authorization_client.go
index c75cc05b6d6a..852720f346f6 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/authorization_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/authorization_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/doc.go
index 95b44dfa87f3..d007a2903d24 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/generated_expansion.go
index 94adbfbce315..7c92b9147871 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/generated_expansion.go
@@ -14,4 +14,6 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/localsubjectaccessreview.go b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/localsubjectaccessreview.go
index 7c9ff014f303..20461f132ef8 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/localsubjectaccessreview.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/localsubjectaccessreview.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/selfsubjectaccessreview.go b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/selfsubjectaccessreview.go
index 0957b231cd5a..202e7c90dc3a 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/selfsubjectaccessreview.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/selfsubjectaccessreview.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/selfsubjectrulesreview.go b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/selfsubjectrulesreview.go
index 9caaee2a0c4f..5fb1cab5c09b 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/selfsubjectrulesreview.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/selfsubjectrulesreview.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/subjectaccessreview.go b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/subjectaccessreview.go
index f4557d2baef3..88164149443a 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/subjectaccessreview.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/subjectaccessreview.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/authorization_client.go b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/authorization_client.go
index 5bf1261ad108..cbe5bdceebf3 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/authorization_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/authorization_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/doc.go
index 35b3db3f3542..11ae7049d165 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1beta1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/generated_expansion.go
index 74ad7fa90d66..7fd68c803fd5 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/generated_expansion.go
@@ -14,4 +14,6 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/localsubjectaccessreview.go b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/localsubjectaccessreview.go
index 18821d72e8f9..8029837f9b45 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/localsubjectaccessreview.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/localsubjectaccessreview.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/selfsubjectaccessreview.go b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/selfsubjectaccessreview.go
index 7bc2a021194c..36feb153009b 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/selfsubjectaccessreview.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/selfsubjectaccessreview.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/selfsubjectrulesreview.go b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/selfsubjectrulesreview.go
index 7dfd314d2a68..57079c8d9331 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/selfsubjectrulesreview.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/selfsubjectrulesreview.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/subjectaccessreview.go b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/subjectaccessreview.go
index aa4dfcaabb9a..d91fa87ece6b 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/subjectaccessreview.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/subjectaccessreview.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/autoscaling_client.go b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/autoscaling_client.go
index 1e504bd0f4eb..b336bbd39bf5 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/autoscaling_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/autoscaling_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/doc.go
index 95b44dfa87f3..d007a2903d24 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/generated_expansion.go
index 15ea315c7c67..a5c694ffbcad 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 type HorizontalPodAutoscalerExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/horizontalpodautoscaler.go b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/horizontalpodautoscaler.go
index 29da3e740517..9245e41a26c2 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/horizontalpodautoscaler.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/horizontalpodautoscaler.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/autoscaling_client.go b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/autoscaling_client.go
index 95eab71372d0..25446452fdf2 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/autoscaling_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/autoscaling_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v2beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/doc.go
index 57c8c3086064..1f70aedf8f1b 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v2beta1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/generated_expansion.go
index 9101766f6277..561fbb0e6a3e 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v2beta1
 
 type HorizontalPodAutoscalerExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/horizontalpodautoscaler.go b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/horizontalpodautoscaler.go
index b625fdafd32b..1be9b80caf4a 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/horizontalpodautoscaler.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/horizontalpodautoscaler.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v2beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/batch_client.go b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/batch_client.go
index 0973bdc5ac44..c092a3ca1c0d 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/batch_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/batch_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/doc.go
index 95b44dfa87f3..d007a2903d24 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/generated_expansion.go
index a43cb4a958e7..04a37a49d2ba 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 type JobExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/job.go b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/job.go
index 8454e576ed8c..dc0c79997cc5 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/job.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/job.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/batch_client.go b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/batch_client.go
index c46dc6f5dd1e..5ee39b5be7c8 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/batch_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/batch_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/cronjob.go b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/cronjob.go
index 2c61fcf686af..32ac52facc23 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/cronjob.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/cronjob.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/doc.go
index 35b3db3f3542..11ae7049d165 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1beta1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/generated_expansion.go
index 5b7e871b0e79..a093bbad4508 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 type CronJobExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/batch/v2alpha1/batch_client.go b/vendor/k8s.io/client-go/kubernetes/typed/batch/v2alpha1/batch_client.go
index 7d2860999898..ff26a76d51f9 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/batch/v2alpha1/batch_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/batch/v2alpha1/batch_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v2alpha1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/batch/v2alpha1/cronjob.go b/vendor/k8s.io/client-go/kubernetes/typed/batch/v2alpha1/cronjob.go
index 5f92d35d7934..e5b1353149d0 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/batch/v2alpha1/cronjob.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/batch/v2alpha1/cronjob.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v2alpha1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/batch/v2alpha1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/batch/v2alpha1/doc.go
index 8739e8628aff..ba60ac54beed 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/batch/v2alpha1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/batch/v2alpha1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v2alpha1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/batch/v2alpha1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/batch/v2alpha1/generated_expansion.go
index d30c055a6085..ed2c942b04cf 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/batch/v2alpha1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/batch/v2alpha1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v2alpha1
 
 type CronJobExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/certificates_client.go b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/certificates_client.go
index 552056b70017..7d69ce9f6ca8 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/certificates_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/certificates_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/certificatesigningrequest.go b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/certificatesigningrequest.go
index b8c3a5b07044..ecca7aedc5cf 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/certificatesigningrequest.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/certificatesigningrequest.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/doc.go
index 35b3db3f3542..11ae7049d165 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1beta1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/generated_expansion.go
index 74ad7fa90d66..7fd68c803fd5 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/generated_expansion.go
@@ -14,4 +14,6 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/BUILD b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/BUILD
index dd86cfecd2be..4c9f03aa4d67 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/BUILD
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/BUILD
@@ -32,9 +32,11 @@ go_library(
         "service.go",
         "service_expansion.go",
         "serviceaccount.go",
+        "serviceaccount_expansion.go",
     ],
     importpath = "k8s.io/client-go/kubernetes/typed/core/v1",
     deps = [
+        "//vendor/k8s.io/api/authentication/v1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
         "//vendor/k8s.io/api/policy/v1beta1:go_default_library",
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/componentstatus.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/componentstatus.go
index 26e0a7f17d12..1717e7c19303 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/componentstatus.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/componentstatus.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/configmap.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/configmap.go
index df75d2a81d69..6e7a12e5d8e2 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/configmap.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/configmap.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/core_client.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/core_client.go
index b75a3dc161c9..1c86c47d4e26 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/core_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/core_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/doc.go
index 95b44dfa87f3..d007a2903d24 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/endpoints.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/endpoints.go
index f5bc3443a652..03b2a6919280 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/endpoints.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/endpoints.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/event.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/event.go
index bec36116e359..b9570e6893d1 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/event.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/event.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/BUILD b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/BUILD
index f62201d87dd7..7403a4997d89 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/BUILD
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/BUILD
@@ -31,9 +31,11 @@ go_library(
         "fake_service.go",
         "fake_service_expansion.go",
         "fake_serviceaccount.go",
+        "fake_serviceaccount_expansion.go",
     ],
     importpath = "k8s.io/client-go/kubernetes/typed/core/v1/fake",
     deps = [
+        "//vendor/k8s.io/api/authentication/v1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
         "//vendor/k8s.io/api/policy/v1beta1:go_default_library",
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/doc.go
index 63e2c8a08219..87a1873edccb 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // Package fake has the automatically generated clients.
 package fake
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_componentstatus.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_componentstatus.go
index aeaaf40bfbe0..42039aea98de 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_componentstatus.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_componentstatus.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package fake
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_configmap.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_configmap.go
index ab5d7f10868e..8de1cde17e16 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_configmap.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_configmap.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package fake
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_core_client.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_core_client.go
index 5daba9b6835c..b30c02de10c9 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_core_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_core_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package fake
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_endpoints.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_endpoints.go
index d7413bfb81ae..7b54929f6309 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_endpoints.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_endpoints.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package fake
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_event.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_event.go
index 05ace4f2c588..5ba47f41995c 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_event.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_event.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package fake
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_limitrange.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_limitrange.go
index efb03a01e616..bd736980ecd7 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_limitrange.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_limitrange.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package fake
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_namespace.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_namespace.go
index 4b8b8ebd1dd1..84743469ae3a 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_namespace.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_namespace.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package fake
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_node.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_node.go
index 5639ec0c9ce5..c7e042fc8dd4 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_node.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_node.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package fake
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_persistentvolume.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_persistentvolume.go
index cb8c70afac41..1be38a89ee43 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_persistentvolume.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_persistentvolume.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package fake
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_persistentvolumeclaim.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_persistentvolumeclaim.go
index 97d104e02f67..ea189bb9c961 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_persistentvolumeclaim.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_persistentvolumeclaim.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package fake
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_pod.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_pod.go
index a2548fe55df5..6f5faef99d2f 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_pod.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_pod.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package fake
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_podtemplate.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_podtemplate.go
index b8086addd401..1dd272e78364 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_podtemplate.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_podtemplate.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package fake
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_replicationcontroller.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_replicationcontroller.go
index f9b9beeb1aac..047831a312f0 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_replicationcontroller.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_replicationcontroller.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package fake
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_resourcequota.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_resourcequota.go
index 97ef36a0f3fb..afdc8c88a396 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_resourcequota.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_resourcequota.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package fake
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_secret.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_secret.go
index 39bf08d4a781..abf7db090341 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_secret.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_secret.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package fake
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_service.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_service.go
index 46678052eb72..7ce885ae89ba 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_service.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_service.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package fake
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_serviceaccount.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_serviceaccount.go
index cd74e93c735a..635b2c32bf9c 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_serviceaccount.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_serviceaccount.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package fake
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_serviceaccount_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_serviceaccount_expansion.go
new file mode 100644
index 000000000000..a0efbcc2fe98
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_serviceaccount_expansion.go
@@ -0,0 +1,31 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package fake
+
+import (
+	authenticationv1 "k8s.io/api/authentication/v1"
+	core "k8s.io/client-go/testing"
+)
+
+func (c *FakeServiceAccounts) CreateToken(name string, tr *authenticationv1.TokenRequest) (*authenticationv1.TokenRequest, error) {
+	obj, err := c.Fake.Invokes(core.NewCreateSubresourceAction(serviceaccountsResource, name, "token", c.ns, tr), &authenticationv1.TokenRequest{})
+
+	if obj == nil {
+		return nil, err
+	}
+	return obj.(*authenticationv1.TokenRequest), err
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/generated_expansion.go
index 3f4b5f89c7e7..430bd6c5a835 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 type ComponentStatusExpansion interface{}
@@ -35,5 +37,3 @@ type ReplicationControllerExpansion interface{}
 type ResourceQuotaExpansion interface{}
 
 type SecretExpansion interface{}
-
-type ServiceAccountExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/limitrange.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/limitrange.go
index a21d09273d28..b67997d700b6 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/limitrange.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/limitrange.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/namespace.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/namespace.go
index a1c59959d621..a298d7c026f3 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/namespace.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/namespace.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/node.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/node.go
index d76251373746..b16f92f00a59 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/node.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/node.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/persistentvolume.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/persistentvolume.go
index 36a881772efe..f23b95f30a1e 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/persistentvolume.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/persistentvolume.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/persistentvolumeclaim.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/persistentvolumeclaim.go
index d60566f8305f..f168a985a661 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/persistentvolumeclaim.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/persistentvolumeclaim.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/pod.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/pod.go
index 3825a1cc7607..423d81ad8889 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/pod.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/pod.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/podtemplate.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/podtemplate.go
index 028423adc81d..730b54330788 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/podtemplate.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/podtemplate.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/replicationcontroller.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/replicationcontroller.go
index 36b3141c86ff..a0f36a1fa0fe 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/replicationcontroller.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/replicationcontroller.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/resourcequota.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/resourcequota.go
index 99032622666e..011e72a91993 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/resourcequota.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/resourcequota.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/secret.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/secret.go
index a21a2167cb38..931afb5dbc5e 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/secret.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/secret.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/service.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/service.go
index 744714740cc2..156bcc2356ea 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/service.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/service.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/serviceaccount.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/serviceaccount.go
index c3fbebd5e99b..0a87feb5b517 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/serviceaccount.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/serviceaccount.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/serviceaccount_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/serviceaccount_expansion.go
new file mode 100644
index 000000000000..eaf643f15434
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/serviceaccount_expansion.go
@@ -0,0 +1,41 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1
+
+import (
+	authenticationv1 "k8s.io/api/authentication/v1"
+)
+
+// The ServiceAccountExpansion interface allows manually adding extra methods
+// to the ServiceAccountInterface.
+type ServiceAccountExpansion interface {
+	CreateToken(name string, tr *authenticationv1.TokenRequest) (*authenticationv1.TokenRequest, error)
+}
+
+// CreateToken creates a new token for a serviceaccount.
+func (c *serviceAccounts) CreateToken(name string, tr *authenticationv1.TokenRequest) (*authenticationv1.TokenRequest, error) {
+	result := &authenticationv1.TokenRequest{}
+	err := c.client.Post().
+		Namespace(c.ns).
+		Resource("serviceaccounts").
+		SubResource("token").
+		Name(name).
+		Body(tr).
+		Do().
+		Into(result)
+	return result, err
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/doc.go
index 35b3db3f3542..11ae7049d165 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1beta1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/event.go b/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/event.go
index b186b967f765..e8737cf9e4ac 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/event.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/event.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/events_client.go b/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/events_client.go
index 5ae7fbc99dd0..7225d90d8c5e 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/events_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/events_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/generated_expansion.go
index e2522111d972..871411abb183 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 type EventExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/daemonset.go b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/daemonset.go
index f33ce3eb4782..20cd58728d61 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/daemonset.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/daemonset.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/deployment.go b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/deployment.go
index 91eab950e7c2..91ada9e54da4 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/deployment.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/deployment.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/doc.go
index 35b3db3f3542..11ae7049d165 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1beta1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/extensions_client.go b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/extensions_client.go
index 73128ed3da3f..c359a58f2f3b 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/extensions_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/extensions_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/generated_expansion.go
index e7062ca2cbb1..eef05e765234 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 type DaemonSetExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/ingress.go b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/ingress.go
index e9ba108af3e5..26b21baa55c6 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/ingress.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/ingress.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/podsecuritypolicy.go b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/podsecuritypolicy.go
index a1c274c2e76e..19475a5c0ce5 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/podsecuritypolicy.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/podsecuritypolicy.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/replicaset.go b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/replicaset.go
index ed68f458bc19..b307ac70e15a 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/replicaset.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/replicaset.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/scale.go b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/scale.go
index 8d62590caf6b..e654d953728a 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/scale.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/scale.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/doc.go
index 95b44dfa87f3..d007a2903d24 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/generated_expansion.go
index 6c72ca5c50a7..c6dd5c323dd8 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 type NetworkPolicyExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/networking_client.go b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/networking_client.go
index d1059d02bf71..ac8200f8240e 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/networking_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/networking_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/networkpolicy.go b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/networkpolicy.go
index 8b1518234c70..b0a85c5c550d 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/networkpolicy.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/networkpolicy.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/BUILD b/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/BUILD
index 2abeb549d216..92606b3c4594 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/BUILD
+++ b/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/BUILD
@@ -13,6 +13,7 @@ go_library(
         "eviction_expansion.go",
         "generated_expansion.go",
         "poddisruptionbudget.go",
+        "podsecuritypolicy.go",
         "policy_client.go",
     ],
     importpath = "k8s.io/client-go/kubernetes/typed/policy/v1beta1",
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/doc.go
index 35b3db3f3542..11ae7049d165 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1beta1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/eviction.go b/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/eviction.go
index 63e3a6821d7d..b0abf656328d 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/eviction.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/eviction.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/generated_expansion.go
index a119239ca9c8..d39f527be5f8 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/generated_expansion.go
@@ -14,6 +14,10 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 type PodDisruptionBudgetExpansion interface{}
+
+type PodSecurityPolicyExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/poddisruptionbudget.go b/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/poddisruptionbudget.go
index 45d2c17662b7..d154dfcf8fe3 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/poddisruptionbudget.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/poddisruptionbudget.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/podsecuritypolicy.go b/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/podsecuritypolicy.go
new file mode 100644
index 000000000000..de6760b14281
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/podsecuritypolicy.go
@@ -0,0 +1,147 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	v1beta1 "k8s.io/api/policy/v1beta1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	watch "k8s.io/apimachinery/pkg/watch"
+	scheme "k8s.io/client-go/kubernetes/scheme"
+	rest "k8s.io/client-go/rest"
+)
+
+// PodSecurityPoliciesGetter has a method to return a PodSecurityPolicyInterface.
+// A group's client should implement this interface.
+type PodSecurityPoliciesGetter interface {
+	PodSecurityPolicies() PodSecurityPolicyInterface
+}
+
+// PodSecurityPolicyInterface has methods to work with PodSecurityPolicy resources.
+type PodSecurityPolicyInterface interface {
+	Create(*v1beta1.PodSecurityPolicy) (*v1beta1.PodSecurityPolicy, error)
+	Update(*v1beta1.PodSecurityPolicy) (*v1beta1.PodSecurityPolicy, error)
+	Delete(name string, options *v1.DeleteOptions) error
+	DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error
+	Get(name string, options v1.GetOptions) (*v1beta1.PodSecurityPolicy, error)
+	List(opts v1.ListOptions) (*v1beta1.PodSecurityPolicyList, error)
+	Watch(opts v1.ListOptions) (watch.Interface, error)
+	Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1beta1.PodSecurityPolicy, err error)
+	PodSecurityPolicyExpansion
+}
+
+// podSecurityPolicies implements PodSecurityPolicyInterface
+type podSecurityPolicies struct {
+	client rest.Interface
+}
+
+// newPodSecurityPolicies returns a PodSecurityPolicies
+func newPodSecurityPolicies(c *PolicyV1beta1Client) *podSecurityPolicies {
+	return &podSecurityPolicies{
+		client: c.RESTClient(),
+	}
+}
+
+// Get takes name of the podSecurityPolicy, and returns the corresponding podSecurityPolicy object, and an error if there is any.
+func (c *podSecurityPolicies) Get(name string, options v1.GetOptions) (result *v1beta1.PodSecurityPolicy, err error) {
+	result = &v1beta1.PodSecurityPolicy{}
+	err = c.client.Get().
+		Resource("podsecuritypolicies").
+		Name(name).
+		VersionedParams(&options, scheme.ParameterCodec).
+		Do().
+		Into(result)
+	return
+}
+
+// List takes label and field selectors, and returns the list of PodSecurityPolicies that match those selectors.
+func (c *podSecurityPolicies) List(opts v1.ListOptions) (result *v1beta1.PodSecurityPolicyList, err error) {
+	result = &v1beta1.PodSecurityPolicyList{}
+	err = c.client.Get().
+		Resource("podsecuritypolicies").
+		VersionedParams(&opts, scheme.ParameterCodec).
+		Do().
+		Into(result)
+	return
+}
+
+// Watch returns a watch.Interface that watches the requested podSecurityPolicies.
+func (c *podSecurityPolicies) Watch(opts v1.ListOptions) (watch.Interface, error) {
+	opts.Watch = true
+	return c.client.Get().
+		Resource("podsecuritypolicies").
+		VersionedParams(&opts, scheme.ParameterCodec).
+		Watch()
+}
+
+// Create takes the representation of a podSecurityPolicy and creates it.  Returns the server's representation of the podSecurityPolicy, and an error, if there is any.
+func (c *podSecurityPolicies) Create(podSecurityPolicy *v1beta1.PodSecurityPolicy) (result *v1beta1.PodSecurityPolicy, err error) {
+	result = &v1beta1.PodSecurityPolicy{}
+	err = c.client.Post().
+		Resource("podsecuritypolicies").
+		Body(podSecurityPolicy).
+		Do().
+		Into(result)
+	return
+}
+
+// Update takes the representation of a podSecurityPolicy and updates it. Returns the server's representation of the podSecurityPolicy, and an error, if there is any.
+func (c *podSecurityPolicies) Update(podSecurityPolicy *v1beta1.PodSecurityPolicy) (result *v1beta1.PodSecurityPolicy, err error) {
+	result = &v1beta1.PodSecurityPolicy{}
+	err = c.client.Put().
+		Resource("podsecuritypolicies").
+		Name(podSecurityPolicy.Name).
+		Body(podSecurityPolicy).
+		Do().
+		Into(result)
+	return
+}
+
+// Delete takes name of the podSecurityPolicy and deletes it. Returns an error if one occurs.
+func (c *podSecurityPolicies) Delete(name string, options *v1.DeleteOptions) error {
+	return c.client.Delete().
+		Resource("podsecuritypolicies").
+		Name(name).
+		Body(options).
+		Do().
+		Error()
+}
+
+// DeleteCollection deletes a collection of objects.
+func (c *podSecurityPolicies) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
+	return c.client.Delete().
+		Resource("podsecuritypolicies").
+		VersionedParams(&listOptions, scheme.ParameterCodec).
+		Body(options).
+		Do().
+		Error()
+}
+
+// Patch applies the patch and returns the patched podSecurityPolicy.
+func (c *podSecurityPolicies) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1beta1.PodSecurityPolicy, err error) {
+	result = &v1beta1.PodSecurityPolicy{}
+	err = c.client.Patch(pt).
+		Resource("podsecuritypolicies").
+		SubResource(subresources...).
+		Name(name).
+		Body(data).
+		Do().
+		Into(result)
+	return
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/policy_client.go b/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/policy_client.go
index f9020d0b7347..f45cfdf37f6f 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/policy_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/policy_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
@@ -27,6 +29,7 @@ type PolicyV1beta1Interface interface {
 	RESTClient() rest.Interface
 	EvictionsGetter
 	PodDisruptionBudgetsGetter
+	PodSecurityPoliciesGetter
 }
 
 // PolicyV1beta1Client is used to interact with features provided by the policy group.
@@ -42,6 +45,10 @@ func (c *PolicyV1beta1Client) PodDisruptionBudgets(namespace string) PodDisrupti
 	return newPodDisruptionBudgets(c, namespace)
 }
 
+func (c *PolicyV1beta1Client) PodSecurityPolicies() PodSecurityPolicyInterface {
+	return newPodSecurityPolicies(c)
+}
+
 // NewForConfig creates a new PolicyV1beta1Client for the given config.
 func NewForConfig(c *rest.Config) (*PolicyV1beta1Client, error) {
 	config := *c
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/clusterrole.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/clusterrole.go
index ab27fdf42f90..e1af3a99bf5c 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/clusterrole.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/clusterrole.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/clusterrolebinding.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/clusterrolebinding.go
index 9bd87e91a881..c49ac6dd2091 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/clusterrolebinding.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/clusterrolebinding.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/doc.go
index 95b44dfa87f3..d007a2903d24 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/generated_expansion.go
index 48b91811fc12..0977cc00c2b3 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 type ClusterRoleExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/rbac_client.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/rbac_client.go
index 82eb8f1f140d..e5b7b561d1be 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/rbac_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/rbac_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/role.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/role.go
index 1dc65551f0bc..678e284b7b2a 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/role.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/role.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/rolebinding.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/rolebinding.go
index d1287da7b539..7fd9e29fa5ba 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/rolebinding.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/rolebinding.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/clusterrole.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/clusterrole.go
index 9eb8bc789796..901ef7f469ec 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/clusterrole.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/clusterrole.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1alpha1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/clusterrolebinding.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/clusterrolebinding.go
index 6cf383b4f7d7..c5c5360b9974 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/clusterrolebinding.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/clusterrolebinding.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1alpha1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/doc.go
index 08a9c7ceba43..69ca30111b4c 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1alpha1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/generated_expansion.go
index 9b61a750661d..aebf50655da0 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1alpha1
 
 type ClusterRoleExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/rbac_client.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/rbac_client.go
index 76ebf3166913..06b5f5cab5b1 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/rbac_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/rbac_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1alpha1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/role.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/role.go
index 0c7e49f0d6d9..8af1d77843ce 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/role.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/role.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1alpha1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/rolebinding.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/rolebinding.go
index 1bcfaf88e25f..43888d0668c8 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/rolebinding.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/rolebinding.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1alpha1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/clusterrole.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/clusterrole.go
index 89494ed13eff..fd6effd46769 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/clusterrole.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/clusterrole.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/clusterrolebinding.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/clusterrolebinding.go
index 1602f7fce7ac..469307000ac6 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/clusterrolebinding.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/clusterrolebinding.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/doc.go
index 35b3db3f3542..11ae7049d165 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1beta1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/generated_expansion.go
index 8820cfb4633c..538b09833ee7 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 type ClusterRoleExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/rbac_client.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/rbac_client.go
index 9d4259e43827..eecdd45a8fee 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/rbac_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/rbac_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/role.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/role.go
index d3d500b5e1cb..363b2c6cd539 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/role.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/role.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/rolebinding.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/rolebinding.go
index 05da7329ce7b..8d9f1f61778f 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/rolebinding.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/rolebinding.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/doc.go
index 08a9c7ceba43..69ca30111b4c 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1alpha1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/generated_expansion.go
index 832addf07f94..682f0f3bf40b 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1alpha1
 
 type PriorityClassExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/priorityclass.go b/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/priorityclass.go
index 0422dc96ab78..055a0e3f37be 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/priorityclass.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/priorityclass.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1alpha1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/scheduling_client.go b/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/scheduling_client.go
index a36c44928df9..f030b319e8a2 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/scheduling_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/scheduling_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1alpha1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/settings/v1alpha1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/settings/v1alpha1/doc.go
index 08a9c7ceba43..69ca30111b4c 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/settings/v1alpha1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/settings/v1alpha1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1alpha1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/settings/v1alpha1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/settings/v1alpha1/generated_expansion.go
index dc95d90d1a05..f0dbcc607121 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/settings/v1alpha1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/settings/v1alpha1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1alpha1
 
 type PodPresetExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/settings/v1alpha1/podpreset.go b/vendor/k8s.io/client-go/kubernetes/typed/settings/v1alpha1/podpreset.go
index 38434cfa5652..25ed8f543eda 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/settings/v1alpha1/podpreset.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/settings/v1alpha1/podpreset.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1alpha1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/settings/v1alpha1/settings_client.go b/vendor/k8s.io/client-go/kubernetes/typed/settings/v1alpha1/settings_client.go
index 153069dbdb89..77fa6404074f 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/settings/v1alpha1/settings_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/settings/v1alpha1/settings_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1alpha1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/doc.go
index 95b44dfa87f3..d007a2903d24 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/generated_expansion.go
index c378b8b2178b..08fedd7ed0d5 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 type StorageClassExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/storage_client.go b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/storage_client.go
index b010a58c974d..36a189c46c81 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/storage_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/storage_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/storageclass.go b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/storageclass.go
index 6d9da9b42d55..24133cd6249c 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/storageclass.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/storageclass.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/doc.go
index 08a9c7ceba43..69ca30111b4c 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1alpha1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/generated_expansion.go
index f50925a43067..e3fc3f39956d 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1alpha1
 
 type VolumeAttachmentExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/storage_client.go b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/storage_client.go
index a8d65f8fc3cd..63834e46224d 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/storage_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/storage_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1alpha1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/volumeattachment.go b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/volumeattachment.go
index fd0c3d4bf4f2..7bf79a6c1a41 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/volumeattachment.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/volumeattachment.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1alpha1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/BUILD b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/BUILD
index 08cb7f6d1ce3..79d13929c7a9 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/BUILD
+++ b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/BUILD
@@ -12,6 +12,7 @@ go_library(
         "generated_expansion.go",
         "storage_client.go",
         "storageclass.go",
+        "volumeattachment.go",
     ],
     importpath = "k8s.io/client-go/kubernetes/typed/storage/v1beta1",
     deps = [
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/doc.go
index 35b3db3f3542..11ae7049d165 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1beta1
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/generated_expansion.go
index 3aec572fadd5..5bb931f0502d 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/generated_expansion.go
@@ -14,6 +14,10 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 type StorageClassExpansion interface{}
+
+type VolumeAttachmentExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/storage_client.go b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/storage_client.go
index c4d8baa19016..4ca05be6fc1e 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/storage_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/storage_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
@@ -26,6 +28,7 @@ import (
 type StorageV1beta1Interface interface {
 	RESTClient() rest.Interface
 	StorageClassesGetter
+	VolumeAttachmentsGetter
 }
 
 // StorageV1beta1Client is used to interact with features provided by the storage.k8s.io group.
@@ -37,6 +40,10 @@ func (c *StorageV1beta1Client) StorageClasses() StorageClassInterface {
 	return newStorageClasses(c)
 }
 
+func (c *StorageV1beta1Client) VolumeAttachments() VolumeAttachmentInterface {
+	return newVolumeAttachments(c)
+}
+
 // NewForConfig creates a new StorageV1beta1Client for the given config.
 func NewForConfig(c *rest.Config) (*StorageV1beta1Client, error) {
 	config := *c
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/storageclass.go b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/storageclass.go
index bf18a6c87bb3..63047a7fbb2e 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/storageclass.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/storageclass.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/volumeattachment.go b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/volumeattachment.go
new file mode 100644
index 000000000000..fab0801b0cce
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/volumeattachment.go
@@ -0,0 +1,163 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	v1beta1 "k8s.io/api/storage/v1beta1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	watch "k8s.io/apimachinery/pkg/watch"
+	scheme "k8s.io/client-go/kubernetes/scheme"
+	rest "k8s.io/client-go/rest"
+)
+
+// VolumeAttachmentsGetter has a method to return a VolumeAttachmentInterface.
+// A group's client should implement this interface.
+type VolumeAttachmentsGetter interface {
+	VolumeAttachments() VolumeAttachmentInterface
+}
+
+// VolumeAttachmentInterface has methods to work with VolumeAttachment resources.
+type VolumeAttachmentInterface interface {
+	Create(*v1beta1.VolumeAttachment) (*v1beta1.VolumeAttachment, error)
+	Update(*v1beta1.VolumeAttachment) (*v1beta1.VolumeAttachment, error)
+	UpdateStatus(*v1beta1.VolumeAttachment) (*v1beta1.VolumeAttachment, error)
+	Delete(name string, options *v1.DeleteOptions) error
+	DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error
+	Get(name string, options v1.GetOptions) (*v1beta1.VolumeAttachment, error)
+	List(opts v1.ListOptions) (*v1beta1.VolumeAttachmentList, error)
+	Watch(opts v1.ListOptions) (watch.Interface, error)
+	Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1beta1.VolumeAttachment, err error)
+	VolumeAttachmentExpansion
+}
+
+// volumeAttachments implements VolumeAttachmentInterface
+type volumeAttachments struct {
+	client rest.Interface
+}
+
+// newVolumeAttachments returns a VolumeAttachments
+func newVolumeAttachments(c *StorageV1beta1Client) *volumeAttachments {
+	return &volumeAttachments{
+		client: c.RESTClient(),
+	}
+}
+
+// Get takes name of the volumeAttachment, and returns the corresponding volumeAttachment object, and an error if there is any.
+func (c *volumeAttachments) Get(name string, options v1.GetOptions) (result *v1beta1.VolumeAttachment, err error) {
+	result = &v1beta1.VolumeAttachment{}
+	err = c.client.Get().
+		Resource("volumeattachments").
+		Name(name).
+		VersionedParams(&options, scheme.ParameterCodec).
+		Do().
+		Into(result)
+	return
+}
+
+// List takes label and field selectors, and returns the list of VolumeAttachments that match those selectors.
+func (c *volumeAttachments) List(opts v1.ListOptions) (result *v1beta1.VolumeAttachmentList, err error) {
+	result = &v1beta1.VolumeAttachmentList{}
+	err = c.client.Get().
+		Resource("volumeattachments").
+		VersionedParams(&opts, scheme.ParameterCodec).
+		Do().
+		Into(result)
+	return
+}
+
+// Watch returns a watch.Interface that watches the requested volumeAttachments.
+func (c *volumeAttachments) Watch(opts v1.ListOptions) (watch.Interface, error) {
+	opts.Watch = true
+	return c.client.Get().
+		Resource("volumeattachments").
+		VersionedParams(&opts, scheme.ParameterCodec).
+		Watch()
+}
+
+// Create takes the representation of a volumeAttachment and creates it.  Returns the server's representation of the volumeAttachment, and an error, if there is any.
+func (c *volumeAttachments) Create(volumeAttachment *v1beta1.VolumeAttachment) (result *v1beta1.VolumeAttachment, err error) {
+	result = &v1beta1.VolumeAttachment{}
+	err = c.client.Post().
+		Resource("volumeattachments").
+		Body(volumeAttachment).
+		Do().
+		Into(result)
+	return
+}
+
+// Update takes the representation of a volumeAttachment and updates it. Returns the server's representation of the volumeAttachment, and an error, if there is any.
+func (c *volumeAttachments) Update(volumeAttachment *v1beta1.VolumeAttachment) (result *v1beta1.VolumeAttachment, err error) {
+	result = &v1beta1.VolumeAttachment{}
+	err = c.client.Put().
+		Resource("volumeattachments").
+		Name(volumeAttachment.Name).
+		Body(volumeAttachment).
+		Do().
+		Into(result)
+	return
+}
+
+// UpdateStatus was generated because the type contains a Status member.
+// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
+
+func (c *volumeAttachments) UpdateStatus(volumeAttachment *v1beta1.VolumeAttachment) (result *v1beta1.VolumeAttachment, err error) {
+	result = &v1beta1.VolumeAttachment{}
+	err = c.client.Put().
+		Resource("volumeattachments").
+		Name(volumeAttachment.Name).
+		SubResource("status").
+		Body(volumeAttachment).
+		Do().
+		Into(result)
+	return
+}
+
+// Delete takes name of the volumeAttachment and deletes it. Returns an error if one occurs.
+func (c *volumeAttachments) Delete(name string, options *v1.DeleteOptions) error {
+	return c.client.Delete().
+		Resource("volumeattachments").
+		Name(name).
+		Body(options).
+		Do().
+		Error()
+}
+
+// DeleteCollection deletes a collection of objects.
+func (c *volumeAttachments) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
+	return c.client.Delete().
+		Resource("volumeattachments").
+		VersionedParams(&listOptions, scheme.ParameterCodec).
+		Body(options).
+		Do().
+		Error()
+}
+
+// Patch applies the patch and returns the patched volumeAttachment.
+func (c *volumeAttachments) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1beta1.VolumeAttachment, err error) {
+	result = &v1beta1.VolumeAttachment{}
+	err = c.client.Patch(pt).
+		Resource("volumeattachments").
+		SubResource(subresources...).
+		Name(name).
+		Body(data).
+		Do().
+		Into(result)
+	return
+}
diff --git a/vendor/k8s.io/client-go/listers/admissionregistration/v1alpha1/expansion_generated.go b/vendor/k8s.io/client-go/listers/admissionregistration/v1alpha1/expansion_generated.go
index 827c06371ca1..868ee66cf874 100644
--- a/vendor/k8s.io/client-go/listers/admissionregistration/v1alpha1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/admissionregistration/v1alpha1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/client-go/listers/admissionregistration/v1alpha1/initializerconfiguration.go b/vendor/k8s.io/client-go/listers/admissionregistration/v1alpha1/initializerconfiguration.go
index 4fa845728d69..a2cc796dc94d 100644
--- a/vendor/k8s.io/client-go/listers/admissionregistration/v1alpha1/initializerconfiguration.go
+++ b/vendor/k8s.io/client-go/listers/admissionregistration/v1alpha1/initializerconfiguration.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/client-go/listers/admissionregistration/v1beta1/expansion_generated.go b/vendor/k8s.io/client-go/listers/admissionregistration/v1beta1/expansion_generated.go
index 42d7e50ad5f5..93dddb5ffeb4 100644
--- a/vendor/k8s.io/client-go/listers/admissionregistration/v1beta1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/admissionregistration/v1beta1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/admissionregistration/v1beta1/mutatingwebhookconfiguration.go b/vendor/k8s.io/client-go/listers/admissionregistration/v1beta1/mutatingwebhookconfiguration.go
index 2bb3bccb810b..015587e80f34 100644
--- a/vendor/k8s.io/client-go/listers/admissionregistration/v1beta1/mutatingwebhookconfiguration.go
+++ b/vendor/k8s.io/client-go/listers/admissionregistration/v1beta1/mutatingwebhookconfiguration.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/admissionregistration/v1beta1/validatingwebhookconfiguration.go b/vendor/k8s.io/client-go/listers/admissionregistration/v1beta1/validatingwebhookconfiguration.go
index 910e4f48e7d8..243589b2f1e8 100644
--- a/vendor/k8s.io/client-go/listers/admissionregistration/v1beta1/validatingwebhookconfiguration.go
+++ b/vendor/k8s.io/client-go/listers/admissionregistration/v1beta1/validatingwebhookconfiguration.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/apps/v1/controllerrevision.go b/vendor/k8s.io/client-go/listers/apps/v1/controllerrevision.go
index ce53507f018a..19f567e82ba2 100644
--- a/vendor/k8s.io/client-go/listers/apps/v1/controllerrevision.go
+++ b/vendor/k8s.io/client-go/listers/apps/v1/controllerrevision.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/apps/v1/daemonset.go b/vendor/k8s.io/client-go/listers/apps/v1/daemonset.go
index 527cab1c9273..7fcd1e0631fd 100644
--- a/vendor/k8s.io/client-go/listers/apps/v1/daemonset.go
+++ b/vendor/k8s.io/client-go/listers/apps/v1/daemonset.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/apps/v1/deployment.go b/vendor/k8s.io/client-go/listers/apps/v1/deployment.go
index 85c5668617fd..2d2ecf0cf655 100644
--- a/vendor/k8s.io/client-go/listers/apps/v1/deployment.go
+++ b/vendor/k8s.io/client-go/listers/apps/v1/deployment.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/apps/v1/expansion_generated.go b/vendor/k8s.io/client-go/listers/apps/v1/expansion_generated.go
index 447c08796e29..1e8bf6fec8a3 100644
--- a/vendor/k8s.io/client-go/listers/apps/v1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/apps/v1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/apps/v1/replicaset.go b/vendor/k8s.io/client-go/listers/apps/v1/replicaset.go
index d68f15ce435a..99fb92ff4ab0 100644
--- a/vendor/k8s.io/client-go/listers/apps/v1/replicaset.go
+++ b/vendor/k8s.io/client-go/listers/apps/v1/replicaset.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/apps/v1/statefulset.go b/vendor/k8s.io/client-go/listers/apps/v1/statefulset.go
index b4bdff2e9a58..6ad54b71fa6c 100644
--- a/vendor/k8s.io/client-go/listers/apps/v1/statefulset.go
+++ b/vendor/k8s.io/client-go/listers/apps/v1/statefulset.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/apps/v1beta1/controllerrevision.go b/vendor/k8s.io/client-go/listers/apps/v1beta1/controllerrevision.go
index c0db171c0117..95aeb0236fa8 100644
--- a/vendor/k8s.io/client-go/listers/apps/v1beta1/controllerrevision.go
+++ b/vendor/k8s.io/client-go/listers/apps/v1beta1/controllerrevision.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/apps/v1beta1/deployment.go b/vendor/k8s.io/client-go/listers/apps/v1beta1/deployment.go
index fb1796bad0a8..4f6e883ba768 100644
--- a/vendor/k8s.io/client-go/listers/apps/v1beta1/deployment.go
+++ b/vendor/k8s.io/client-go/listers/apps/v1beta1/deployment.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/apps/v1beta1/expansion_generated.go b/vendor/k8s.io/client-go/listers/apps/v1beta1/expansion_generated.go
index 338fcd6334ce..4f3813a94a62 100644
--- a/vendor/k8s.io/client-go/listers/apps/v1beta1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/apps/v1beta1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/apps/v1beta1/scale.go b/vendor/k8s.io/client-go/listers/apps/v1beta1/scale.go
index a0e7086e179f..85bf3a6f4c03 100644
--- a/vendor/k8s.io/client-go/listers/apps/v1beta1/scale.go
+++ b/vendor/k8s.io/client-go/listers/apps/v1beta1/scale.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/apps/v1beta1/statefulset.go b/vendor/k8s.io/client-go/listers/apps/v1beta1/statefulset.go
index 2fc4042b44ec..a967e8492b31 100644
--- a/vendor/k8s.io/client-go/listers/apps/v1beta1/statefulset.go
+++ b/vendor/k8s.io/client-go/listers/apps/v1beta1/statefulset.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/apps/v1beta2/controllerrevision.go b/vendor/k8s.io/client-go/listers/apps/v1beta2/controllerrevision.go
index 02ad95d6cbfb..3d5274dc395d 100644
--- a/vendor/k8s.io/client-go/listers/apps/v1beta2/controllerrevision.go
+++ b/vendor/k8s.io/client-go/listers/apps/v1beta2/controllerrevision.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta2
 
diff --git a/vendor/k8s.io/client-go/listers/apps/v1beta2/daemonset.go b/vendor/k8s.io/client-go/listers/apps/v1beta2/daemonset.go
index c05957b4cba2..0ea4dc83f0b9 100644
--- a/vendor/k8s.io/client-go/listers/apps/v1beta2/daemonset.go
+++ b/vendor/k8s.io/client-go/listers/apps/v1beta2/daemonset.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta2
 
diff --git a/vendor/k8s.io/client-go/listers/apps/v1beta2/deployment.go b/vendor/k8s.io/client-go/listers/apps/v1beta2/deployment.go
index 7184a7468e91..8855bb20ca1b 100644
--- a/vendor/k8s.io/client-go/listers/apps/v1beta2/deployment.go
+++ b/vendor/k8s.io/client-go/listers/apps/v1beta2/deployment.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta2
 
diff --git a/vendor/k8s.io/client-go/listers/apps/v1beta2/expansion_generated.go b/vendor/k8s.io/client-go/listers/apps/v1beta2/expansion_generated.go
index 846f1f621a9e..48cbedb8fa3c 100644
--- a/vendor/k8s.io/client-go/listers/apps/v1beta2/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/apps/v1beta2/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta2
 
diff --git a/vendor/k8s.io/client-go/listers/apps/v1beta2/replicaset.go b/vendor/k8s.io/client-go/listers/apps/v1beta2/replicaset.go
index 8cdf0dccdf31..0fd8dbaa4204 100644
--- a/vendor/k8s.io/client-go/listers/apps/v1beta2/replicaset.go
+++ b/vendor/k8s.io/client-go/listers/apps/v1beta2/replicaset.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta2
 
diff --git a/vendor/k8s.io/client-go/listers/apps/v1beta2/scale.go b/vendor/k8s.io/client-go/listers/apps/v1beta2/scale.go
index 27e76c366732..f53e42ce8b3d 100644
--- a/vendor/k8s.io/client-go/listers/apps/v1beta2/scale.go
+++ b/vendor/k8s.io/client-go/listers/apps/v1beta2/scale.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta2
 
diff --git a/vendor/k8s.io/client-go/listers/apps/v1beta2/statefulset.go b/vendor/k8s.io/client-go/listers/apps/v1beta2/statefulset.go
index fd0510435043..2e095ace4363 100644
--- a/vendor/k8s.io/client-go/listers/apps/v1beta2/statefulset.go
+++ b/vendor/k8s.io/client-go/listers/apps/v1beta2/statefulset.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta2
 
diff --git a/vendor/k8s.io/client-go/listers/autoscaling/v1/expansion_generated.go b/vendor/k8s.io/client-go/listers/autoscaling/v1/expansion_generated.go
index 831f9adff1f2..a20ab75dafe2 100644
--- a/vendor/k8s.io/client-go/listers/autoscaling/v1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/autoscaling/v1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/autoscaling/v1/horizontalpodautoscaler.go b/vendor/k8s.io/client-go/listers/autoscaling/v1/horizontalpodautoscaler.go
index d9a840385bed..27ade7ddb703 100644
--- a/vendor/k8s.io/client-go/listers/autoscaling/v1/horizontalpodautoscaler.go
+++ b/vendor/k8s.io/client-go/listers/autoscaling/v1/horizontalpodautoscaler.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/autoscaling/v2beta1/expansion_generated.go b/vendor/k8s.io/client-go/listers/autoscaling/v2beta1/expansion_generated.go
index dc3da8a0ec31..c026b65d5fde 100644
--- a/vendor/k8s.io/client-go/listers/autoscaling/v2beta1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/autoscaling/v2beta1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v2beta1
 
diff --git a/vendor/k8s.io/client-go/listers/autoscaling/v2beta1/horizontalpodautoscaler.go b/vendor/k8s.io/client-go/listers/autoscaling/v2beta1/horizontalpodautoscaler.go
index b1b593931f61..4c29df910ae7 100644
--- a/vendor/k8s.io/client-go/listers/autoscaling/v2beta1/horizontalpodautoscaler.go
+++ b/vendor/k8s.io/client-go/listers/autoscaling/v2beta1/horizontalpodautoscaler.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v2beta1
 
diff --git a/vendor/k8s.io/client-go/listers/batch/v1/expansion_generated.go b/vendor/k8s.io/client-go/listers/batch/v1/expansion_generated.go
index 6abde7f89124..63091e84a5e8 100644
--- a/vendor/k8s.io/client-go/listers/batch/v1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/batch/v1/expansion_generated.go
@@ -14,6 +14,6 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
diff --git a/vendor/k8s.io/client-go/listers/batch/v1/job.go b/vendor/k8s.io/client-go/listers/batch/v1/job.go
index 948d53a734bf..e29e0271c77d 100644
--- a/vendor/k8s.io/client-go/listers/batch/v1/job.go
+++ b/vendor/k8s.io/client-go/listers/batch/v1/job.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/batch/v1beta1/cronjob.go b/vendor/k8s.io/client-go/listers/batch/v1beta1/cronjob.go
index 10c3c3839b67..93f1979868cd 100644
--- a/vendor/k8s.io/client-go/listers/batch/v1beta1/cronjob.go
+++ b/vendor/k8s.io/client-go/listers/batch/v1beta1/cronjob.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/batch/v1beta1/expansion_generated.go b/vendor/k8s.io/client-go/listers/batch/v1beta1/expansion_generated.go
index debf39dcdcfc..1d6cc198a41a 100644
--- a/vendor/k8s.io/client-go/listers/batch/v1beta1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/batch/v1beta1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/batch/v2alpha1/cronjob.go b/vendor/k8s.io/client-go/listers/batch/v2alpha1/cronjob.go
index fe144014a44b..6af5f1457656 100644
--- a/vendor/k8s.io/client-go/listers/batch/v2alpha1/cronjob.go
+++ b/vendor/k8s.io/client-go/listers/batch/v2alpha1/cronjob.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v2alpha1
 
diff --git a/vendor/k8s.io/client-go/listers/batch/v2alpha1/expansion_generated.go b/vendor/k8s.io/client-go/listers/batch/v2alpha1/expansion_generated.go
index f630c1a7ceef..11f6c34717b8 100644
--- a/vendor/k8s.io/client-go/listers/batch/v2alpha1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/batch/v2alpha1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v2alpha1
 
diff --git a/vendor/k8s.io/client-go/listers/certificates/v1beta1/certificatesigningrequest.go b/vendor/k8s.io/client-go/listers/certificates/v1beta1/certificatesigningrequest.go
index 08550be05d20..a122c36608c0 100644
--- a/vendor/k8s.io/client-go/listers/certificates/v1beta1/certificatesigningrequest.go
+++ b/vendor/k8s.io/client-go/listers/certificates/v1beta1/certificatesigningrequest.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/certificates/v1beta1/expansion_generated.go b/vendor/k8s.io/client-go/listers/certificates/v1beta1/expansion_generated.go
index 5c241556b0d2..6815de7ad63a 100644
--- a/vendor/k8s.io/client-go/listers/certificates/v1beta1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/certificates/v1beta1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/core/v1/componentstatus.go b/vendor/k8s.io/client-go/listers/core/v1/componentstatus.go
index 76f097f37693..82fbedac2b49 100644
--- a/vendor/k8s.io/client-go/listers/core/v1/componentstatus.go
+++ b/vendor/k8s.io/client-go/listers/core/v1/componentstatus.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/core/v1/configmap.go b/vendor/k8s.io/client-go/listers/core/v1/configmap.go
index 6e45dfc7ae38..fc927ab2c6a1 100644
--- a/vendor/k8s.io/client-go/listers/core/v1/configmap.go
+++ b/vendor/k8s.io/client-go/listers/core/v1/configmap.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/core/v1/endpoints.go b/vendor/k8s.io/client-go/listers/core/v1/endpoints.go
index f6215474d48c..7799562d71d8 100644
--- a/vendor/k8s.io/client-go/listers/core/v1/endpoints.go
+++ b/vendor/k8s.io/client-go/listers/core/v1/endpoints.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/core/v1/event.go b/vendor/k8s.io/client-go/listers/core/v1/event.go
index 533e656c3100..738e333db5f8 100644
--- a/vendor/k8s.io/client-go/listers/core/v1/event.go
+++ b/vendor/k8s.io/client-go/listers/core/v1/event.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/core/v1/expansion_generated.go b/vendor/k8s.io/client-go/listers/core/v1/expansion_generated.go
index 247610a8cc14..b8b985ce0896 100644
--- a/vendor/k8s.io/client-go/listers/core/v1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/core/v1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/core/v1/limitrange.go b/vendor/k8s.io/client-go/listers/core/v1/limitrange.go
index f872726b3cff..4ee02634d34a 100644
--- a/vendor/k8s.io/client-go/listers/core/v1/limitrange.go
+++ b/vendor/k8s.io/client-go/listers/core/v1/limitrange.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/core/v1/namespace.go b/vendor/k8s.io/client-go/listers/core/v1/namespace.go
index 909b4a87c287..b819d741e826 100644
--- a/vendor/k8s.io/client-go/listers/core/v1/namespace.go
+++ b/vendor/k8s.io/client-go/listers/core/v1/namespace.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/core/v1/node.go b/vendor/k8s.io/client-go/listers/core/v1/node.go
index 3c79200f31bb..21a8a0675b61 100644
--- a/vendor/k8s.io/client-go/listers/core/v1/node.go
+++ b/vendor/k8s.io/client-go/listers/core/v1/node.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/core/v1/persistentvolume.go b/vendor/k8s.io/client-go/listers/core/v1/persistentvolume.go
index f3231d2e3e2c..a88dbd0c0168 100644
--- a/vendor/k8s.io/client-go/listers/core/v1/persistentvolume.go
+++ b/vendor/k8s.io/client-go/listers/core/v1/persistentvolume.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/core/v1/persistentvolumeclaim.go b/vendor/k8s.io/client-go/listers/core/v1/persistentvolumeclaim.go
index e7298f18b231..8c3d5f566f29 100644
--- a/vendor/k8s.io/client-go/listers/core/v1/persistentvolumeclaim.go
+++ b/vendor/k8s.io/client-go/listers/core/v1/persistentvolumeclaim.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/core/v1/pod.go b/vendor/k8s.io/client-go/listers/core/v1/pod.go
index 0762cd802de5..d3ce8ab32f7d 100644
--- a/vendor/k8s.io/client-go/listers/core/v1/pod.go
+++ b/vendor/k8s.io/client-go/listers/core/v1/pod.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/core/v1/podtemplate.go b/vendor/k8s.io/client-go/listers/core/v1/podtemplate.go
index 14774acbf835..91c2a466196b 100644
--- a/vendor/k8s.io/client-go/listers/core/v1/podtemplate.go
+++ b/vendor/k8s.io/client-go/listers/core/v1/podtemplate.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/core/v1/replicationcontroller.go b/vendor/k8s.io/client-go/listers/core/v1/replicationcontroller.go
index a1cbe21fa53f..ee00a465c16d 100644
--- a/vendor/k8s.io/client-go/listers/core/v1/replicationcontroller.go
+++ b/vendor/k8s.io/client-go/listers/core/v1/replicationcontroller.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/core/v1/resourcequota.go b/vendor/k8s.io/client-go/listers/core/v1/resourcequota.go
index 3da91223b8dc..fd3119d45191 100644
--- a/vendor/k8s.io/client-go/listers/core/v1/resourcequota.go
+++ b/vendor/k8s.io/client-go/listers/core/v1/resourcequota.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/core/v1/secret.go b/vendor/k8s.io/client-go/listers/core/v1/secret.go
index 8f7ce949cae9..f8c2b11e1681 100644
--- a/vendor/k8s.io/client-go/listers/core/v1/secret.go
+++ b/vendor/k8s.io/client-go/listers/core/v1/secret.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/core/v1/service.go b/vendor/k8s.io/client-go/listers/core/v1/service.go
index 5b464ac2f502..d872540b3ef3 100644
--- a/vendor/k8s.io/client-go/listers/core/v1/service.go
+++ b/vendor/k8s.io/client-go/listers/core/v1/service.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/core/v1/serviceaccount.go b/vendor/k8s.io/client-go/listers/core/v1/serviceaccount.go
index 35de315e2eef..9973af66b41c 100644
--- a/vendor/k8s.io/client-go/listers/core/v1/serviceaccount.go
+++ b/vendor/k8s.io/client-go/listers/core/v1/serviceaccount.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/events/v1beta1/event.go b/vendor/k8s.io/client-go/listers/events/v1beta1/event.go
index 0f1dcfe5013b..c52afd09174a 100644
--- a/vendor/k8s.io/client-go/listers/events/v1beta1/event.go
+++ b/vendor/k8s.io/client-go/listers/events/v1beta1/event.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/events/v1beta1/expansion_generated.go b/vendor/k8s.io/client-go/listers/events/v1beta1/expansion_generated.go
index dae23607bf53..9971dd5dd3cb 100644
--- a/vendor/k8s.io/client-go/listers/events/v1beta1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/events/v1beta1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/extensions/v1beta1/BUILD b/vendor/k8s.io/client-go/listers/extensions/v1beta1/BUILD
index 9bab4a64f830..49b895c3e608 100644
--- a/vendor/k8s.io/client-go/listers/extensions/v1beta1/BUILD
+++ b/vendor/k8s.io/client-go/listers/extensions/v1beta1/BUILD
@@ -35,8 +35,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["daemonset_expansion_test.go"],
-    importpath = "k8s.io/client-go/listers/extensions/v1beta1",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
diff --git a/vendor/k8s.io/client-go/listers/extensions/v1beta1/daemonset.go b/vendor/k8s.io/client-go/listers/extensions/v1beta1/daemonset.go
index aa6741df2bf9..b63c32b97c47 100644
--- a/vendor/k8s.io/client-go/listers/extensions/v1beta1/daemonset.go
+++ b/vendor/k8s.io/client-go/listers/extensions/v1beta1/daemonset.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/extensions/v1beta1/deployment.go b/vendor/k8s.io/client-go/listers/extensions/v1beta1/deployment.go
index 09ce2e20a2a2..ea5168fef8d3 100644
--- a/vendor/k8s.io/client-go/listers/extensions/v1beta1/deployment.go
+++ b/vendor/k8s.io/client-go/listers/extensions/v1beta1/deployment.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/extensions/v1beta1/expansion_generated.go b/vendor/k8s.io/client-go/listers/extensions/v1beta1/expansion_generated.go
index 2c99c42ca466..87c3cbe3b299 100644
--- a/vendor/k8s.io/client-go/listers/extensions/v1beta1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/extensions/v1beta1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/extensions/v1beta1/ingress.go b/vendor/k8s.io/client-go/listers/extensions/v1beta1/ingress.go
index 8489e0b24913..1f9e34d17cc4 100644
--- a/vendor/k8s.io/client-go/listers/extensions/v1beta1/ingress.go
+++ b/vendor/k8s.io/client-go/listers/extensions/v1beta1/ingress.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/extensions/v1beta1/podsecuritypolicy.go b/vendor/k8s.io/client-go/listers/extensions/v1beta1/podsecuritypolicy.go
index 8b44f1793188..fadd212f10fb 100644
--- a/vendor/k8s.io/client-go/listers/extensions/v1beta1/podsecuritypolicy.go
+++ b/vendor/k8s.io/client-go/listers/extensions/v1beta1/podsecuritypolicy.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/extensions/v1beta1/replicaset.go b/vendor/k8s.io/client-go/listers/extensions/v1beta1/replicaset.go
index 111bc02a6bed..930db4480665 100644
--- a/vendor/k8s.io/client-go/listers/extensions/v1beta1/replicaset.go
+++ b/vendor/k8s.io/client-go/listers/extensions/v1beta1/replicaset.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/extensions/v1beta1/scale.go b/vendor/k8s.io/client-go/listers/extensions/v1beta1/scale.go
index 2f6c9f977f09..67d45e328cdd 100644
--- a/vendor/k8s.io/client-go/listers/extensions/v1beta1/scale.go
+++ b/vendor/k8s.io/client-go/listers/extensions/v1beta1/scale.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/networking/v1/expansion_generated.go b/vendor/k8s.io/client-go/listers/networking/v1/expansion_generated.go
index f8a9d1533894..458a1d249f76 100644
--- a/vendor/k8s.io/client-go/listers/networking/v1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/networking/v1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/networking/v1/networkpolicy.go b/vendor/k8s.io/client-go/listers/networking/v1/networkpolicy.go
index c385aac625b8..b70adedf1c6a 100644
--- a/vendor/k8s.io/client-go/listers/networking/v1/networkpolicy.go
+++ b/vendor/k8s.io/client-go/listers/networking/v1/networkpolicy.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/policy/v1beta1/BUILD b/vendor/k8s.io/client-go/listers/policy/v1beta1/BUILD
index c678177ae40a..2c5f33df4685 100644
--- a/vendor/k8s.io/client-go/listers/policy/v1beta1/BUILD
+++ b/vendor/k8s.io/client-go/listers/policy/v1beta1/BUILD
@@ -12,6 +12,7 @@ go_library(
         "expansion_generated.go",
         "poddisruptionbudget.go",
         "poddisruptionbudget_expansion.go",
+        "podsecuritypolicy.go",
     ],
     importpath = "k8s.io/client-go/listers/policy/v1beta1",
     deps = [
diff --git a/vendor/k8s.io/client-go/listers/policy/v1beta1/eviction.go b/vendor/k8s.io/client-go/listers/policy/v1beta1/eviction.go
index 2dc7f5757447..29c454e2ac7b 100644
--- a/vendor/k8s.io/client-go/listers/policy/v1beta1/eviction.go
+++ b/vendor/k8s.io/client-go/listers/policy/v1beta1/eviction.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/policy/v1beta1/expansion_generated.go b/vendor/k8s.io/client-go/listers/policy/v1beta1/expansion_generated.go
index 090199adeb24..3e63c2c9ce66 100644
--- a/vendor/k8s.io/client-go/listers/policy/v1beta1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/policy/v1beta1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
@@ -25,3 +25,7 @@ type EvictionListerExpansion interface{}
 // EvictionNamespaceListerExpansion allows custom methods to be added to
 // EvictionNamespaceLister.
 type EvictionNamespaceListerExpansion interface{}
+
+// PodSecurityPolicyListerExpansion allows custom methods to be added to
+// PodSecurityPolicyLister.
+type PodSecurityPolicyListerExpansion interface{}
diff --git a/vendor/k8s.io/client-go/listers/policy/v1beta1/poddisruptionbudget.go b/vendor/k8s.io/client-go/listers/policy/v1beta1/poddisruptionbudget.go
index dfad3515a5ea..7304f36b2983 100644
--- a/vendor/k8s.io/client-go/listers/policy/v1beta1/poddisruptionbudget.go
+++ b/vendor/k8s.io/client-go/listers/policy/v1beta1/poddisruptionbudget.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/policy/v1beta1/podsecuritypolicy.go b/vendor/k8s.io/client-go/listers/policy/v1beta1/podsecuritypolicy.go
new file mode 100644
index 000000000000..d80f5c56e70b
--- /dev/null
+++ b/vendor/k8s.io/client-go/listers/policy/v1beta1/podsecuritypolicy.go
@@ -0,0 +1,65 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by lister-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	v1beta1 "k8s.io/api/policy/v1beta1"
+	"k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/labels"
+	"k8s.io/client-go/tools/cache"
+)
+
+// PodSecurityPolicyLister helps list PodSecurityPolicies.
+type PodSecurityPolicyLister interface {
+	// List lists all PodSecurityPolicies in the indexer.
+	List(selector labels.Selector) (ret []*v1beta1.PodSecurityPolicy, err error)
+	// Get retrieves the PodSecurityPolicy from the index for a given name.
+	Get(name string) (*v1beta1.PodSecurityPolicy, error)
+	PodSecurityPolicyListerExpansion
+}
+
+// podSecurityPolicyLister implements the PodSecurityPolicyLister interface.
+type podSecurityPolicyLister struct {
+	indexer cache.Indexer
+}
+
+// NewPodSecurityPolicyLister returns a new PodSecurityPolicyLister.
+func NewPodSecurityPolicyLister(indexer cache.Indexer) PodSecurityPolicyLister {
+	return &podSecurityPolicyLister{indexer: indexer}
+}
+
+// List lists all PodSecurityPolicies in the indexer.
+func (s *podSecurityPolicyLister) List(selector labels.Selector) (ret []*v1beta1.PodSecurityPolicy, err error) {
+	err = cache.ListAll(s.indexer, selector, func(m interface{}) {
+		ret = append(ret, m.(*v1beta1.PodSecurityPolicy))
+	})
+	return ret, err
+}
+
+// Get retrieves the PodSecurityPolicy from the index for a given name.
+func (s *podSecurityPolicyLister) Get(name string) (*v1beta1.PodSecurityPolicy, error) {
+	obj, exists, err := s.indexer.GetByKey(name)
+	if err != nil {
+		return nil, err
+	}
+	if !exists {
+		return nil, errors.NewNotFound(v1beta1.Resource("podsecuritypolicy"), name)
+	}
+	return obj.(*v1beta1.PodSecurityPolicy), nil
+}
diff --git a/vendor/k8s.io/client-go/listers/rbac/v1/clusterrole.go b/vendor/k8s.io/client-go/listers/rbac/v1/clusterrole.go
index c806bb610eeb..eb1d87006b8e 100644
--- a/vendor/k8s.io/client-go/listers/rbac/v1/clusterrole.go
+++ b/vendor/k8s.io/client-go/listers/rbac/v1/clusterrole.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/rbac/v1/clusterrolebinding.go b/vendor/k8s.io/client-go/listers/rbac/v1/clusterrolebinding.go
index b7d43faea6bc..a22d6025e884 100644
--- a/vendor/k8s.io/client-go/listers/rbac/v1/clusterrolebinding.go
+++ b/vendor/k8s.io/client-go/listers/rbac/v1/clusterrolebinding.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/rbac/v1/expansion_generated.go b/vendor/k8s.io/client-go/listers/rbac/v1/expansion_generated.go
index 998b5739a456..967ebdd84318 100644
--- a/vendor/k8s.io/client-go/listers/rbac/v1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/rbac/v1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/rbac/v1/role.go b/vendor/k8s.io/client-go/listers/rbac/v1/role.go
index 7f6e43bfb59c..b4649c2c39eb 100644
--- a/vendor/k8s.io/client-go/listers/rbac/v1/role.go
+++ b/vendor/k8s.io/client-go/listers/rbac/v1/role.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/rbac/v1/rolebinding.go b/vendor/k8s.io/client-go/listers/rbac/v1/rolebinding.go
index f32f6e4cc4de..8dc0968bb023 100644
--- a/vendor/k8s.io/client-go/listers/rbac/v1/rolebinding.go
+++ b/vendor/k8s.io/client-go/listers/rbac/v1/rolebinding.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/rbac/v1alpha1/clusterrole.go b/vendor/k8s.io/client-go/listers/rbac/v1alpha1/clusterrole.go
index cf6ec258794c..302ca29d8a83 100644
--- a/vendor/k8s.io/client-go/listers/rbac/v1alpha1/clusterrole.go
+++ b/vendor/k8s.io/client-go/listers/rbac/v1alpha1/clusterrole.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/client-go/listers/rbac/v1alpha1/clusterrolebinding.go b/vendor/k8s.io/client-go/listers/rbac/v1alpha1/clusterrolebinding.go
index 9ddd6bf34016..91ba54c23a04 100644
--- a/vendor/k8s.io/client-go/listers/rbac/v1alpha1/clusterrolebinding.go
+++ b/vendor/k8s.io/client-go/listers/rbac/v1alpha1/clusterrolebinding.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/client-go/listers/rbac/v1alpha1/expansion_generated.go b/vendor/k8s.io/client-go/listers/rbac/v1alpha1/expansion_generated.go
index 0ab9deba2d85..737ba6637357 100644
--- a/vendor/k8s.io/client-go/listers/rbac/v1alpha1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/rbac/v1alpha1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/client-go/listers/rbac/v1alpha1/role.go b/vendor/k8s.io/client-go/listers/rbac/v1alpha1/role.go
index 5aad1e1c8040..cf874f56c868 100644
--- a/vendor/k8s.io/client-go/listers/rbac/v1alpha1/role.go
+++ b/vendor/k8s.io/client-go/listers/rbac/v1alpha1/role.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/client-go/listers/rbac/v1alpha1/rolebinding.go b/vendor/k8s.io/client-go/listers/rbac/v1alpha1/rolebinding.go
index f1a539e67a1f..5e76ab42ffd9 100644
--- a/vendor/k8s.io/client-go/listers/rbac/v1alpha1/rolebinding.go
+++ b/vendor/k8s.io/client-go/listers/rbac/v1alpha1/rolebinding.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/client-go/listers/rbac/v1beta1/clusterrole.go b/vendor/k8s.io/client-go/listers/rbac/v1beta1/clusterrole.go
index 4e3bd46bb608..be7f2df6a0f1 100644
--- a/vendor/k8s.io/client-go/listers/rbac/v1beta1/clusterrole.go
+++ b/vendor/k8s.io/client-go/listers/rbac/v1beta1/clusterrole.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/rbac/v1beta1/clusterrolebinding.go b/vendor/k8s.io/client-go/listers/rbac/v1beta1/clusterrolebinding.go
index 911c8616738b..09d65be76409 100644
--- a/vendor/k8s.io/client-go/listers/rbac/v1beta1/clusterrolebinding.go
+++ b/vendor/k8s.io/client-go/listers/rbac/v1beta1/clusterrolebinding.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/rbac/v1beta1/expansion_generated.go b/vendor/k8s.io/client-go/listers/rbac/v1beta1/expansion_generated.go
index 9352061dd20c..8da573661811 100644
--- a/vendor/k8s.io/client-go/listers/rbac/v1beta1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/rbac/v1beta1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/rbac/v1beta1/role.go b/vendor/k8s.io/client-go/listers/rbac/v1beta1/role.go
index 694a29759f29..e12039dbf988 100644
--- a/vendor/k8s.io/client-go/listers/rbac/v1beta1/role.go
+++ b/vendor/k8s.io/client-go/listers/rbac/v1beta1/role.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/rbac/v1beta1/rolebinding.go b/vendor/k8s.io/client-go/listers/rbac/v1beta1/rolebinding.go
index 8feb8358f150..10cb23cd3e3f 100644
--- a/vendor/k8s.io/client-go/listers/rbac/v1beta1/rolebinding.go
+++ b/vendor/k8s.io/client-go/listers/rbac/v1beta1/rolebinding.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/scheduling/v1alpha1/expansion_generated.go b/vendor/k8s.io/client-go/listers/scheduling/v1alpha1/expansion_generated.go
index a92884a8cdb0..00b662888cd2 100644
--- a/vendor/k8s.io/client-go/listers/scheduling/v1alpha1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/scheduling/v1alpha1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/client-go/listers/scheduling/v1alpha1/priorityclass.go b/vendor/k8s.io/client-go/listers/scheduling/v1alpha1/priorityclass.go
index 1dbe2f242819..fb7f6007c278 100644
--- a/vendor/k8s.io/client-go/listers/scheduling/v1alpha1/priorityclass.go
+++ b/vendor/k8s.io/client-go/listers/scheduling/v1alpha1/priorityclass.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/client-go/listers/settings/v1alpha1/expansion_generated.go b/vendor/k8s.io/client-go/listers/settings/v1alpha1/expansion_generated.go
index 39f5b2d57045..72558897bd2c 100644
--- a/vendor/k8s.io/client-go/listers/settings/v1alpha1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/settings/v1alpha1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/client-go/listers/settings/v1alpha1/podpreset.go b/vendor/k8s.io/client-go/listers/settings/v1alpha1/podpreset.go
index fc8cbbe38386..d30036962576 100644
--- a/vendor/k8s.io/client-go/listers/settings/v1alpha1/podpreset.go
+++ b/vendor/k8s.io/client-go/listers/settings/v1alpha1/podpreset.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/client-go/listers/storage/v1/expansion_generated.go b/vendor/k8s.io/client-go/listers/storage/v1/expansion_generated.go
index a4141351dbe5..49e290f4c221 100644
--- a/vendor/k8s.io/client-go/listers/storage/v1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/storage/v1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/storage/v1/storageclass.go b/vendor/k8s.io/client-go/listers/storage/v1/storageclass.go
index 023a55d52fc7..5b20f6ab5c0d 100644
--- a/vendor/k8s.io/client-go/listers/storage/v1/storageclass.go
+++ b/vendor/k8s.io/client-go/listers/storage/v1/storageclass.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/client-go/listers/storage/v1alpha1/expansion_generated.go b/vendor/k8s.io/client-go/listers/storage/v1alpha1/expansion_generated.go
index ca8816b4d338..2fc6add1df81 100644
--- a/vendor/k8s.io/client-go/listers/storage/v1alpha1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/storage/v1alpha1/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/client-go/listers/storage/v1alpha1/volumeattachment.go b/vendor/k8s.io/client-go/listers/storage/v1alpha1/volumeattachment.go
index 2300bd24a25d..f8d1bdb2d721 100644
--- a/vendor/k8s.io/client-go/listers/storage/v1alpha1/volumeattachment.go
+++ b/vendor/k8s.io/client-go/listers/storage/v1alpha1/volumeattachment.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/client-go/listers/storage/v1beta1/BUILD b/vendor/k8s.io/client-go/listers/storage/v1beta1/BUILD
index d4b82cbc808c..49d992e47b36 100644
--- a/vendor/k8s.io/client-go/listers/storage/v1beta1/BUILD
+++ b/vendor/k8s.io/client-go/listers/storage/v1beta1/BUILD
@@ -10,6 +10,7 @@ go_library(
     srcs = [
         "expansion_generated.go",
         "storageclass.go",
+        "volumeattachment.go",
     ],
     importpath = "k8s.io/client-go/listers/storage/v1beta1",
     deps = [
diff --git a/vendor/k8s.io/client-go/listers/storage/v1beta1/expansion_generated.go b/vendor/k8s.io/client-go/listers/storage/v1beta1/expansion_generated.go
index e4ec7df6dade..8c2dc9055c9e 100644
--- a/vendor/k8s.io/client-go/listers/storage/v1beta1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/storage/v1beta1/expansion_generated.go
@@ -14,10 +14,14 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
 // StorageClassListerExpansion allows custom methods to be added to
 // StorageClassLister.
 type StorageClassListerExpansion interface{}
+
+// VolumeAttachmentListerExpansion allows custom methods to be added to
+// VolumeAttachmentLister.
+type VolumeAttachmentListerExpansion interface{}
diff --git a/vendor/k8s.io/client-go/listers/storage/v1beta1/storageclass.go b/vendor/k8s.io/client-go/listers/storage/v1beta1/storageclass.go
index f52ac413c9e4..45afe0e7751f 100644
--- a/vendor/k8s.io/client-go/listers/storage/v1beta1/storageclass.go
+++ b/vendor/k8s.io/client-go/listers/storage/v1beta1/storageclass.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/client-go/listers/storage/v1beta1/volumeattachment.go b/vendor/k8s.io/client-go/listers/storage/v1beta1/volumeattachment.go
new file mode 100644
index 000000000000..c9cc3984e371
--- /dev/null
+++ b/vendor/k8s.io/client-go/listers/storage/v1beta1/volumeattachment.go
@@ -0,0 +1,65 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by lister-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	v1beta1 "k8s.io/api/storage/v1beta1"
+	"k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/labels"
+	"k8s.io/client-go/tools/cache"
+)
+
+// VolumeAttachmentLister helps list VolumeAttachments.
+type VolumeAttachmentLister interface {
+	// List lists all VolumeAttachments in the indexer.
+	List(selector labels.Selector) (ret []*v1beta1.VolumeAttachment, err error)
+	// Get retrieves the VolumeAttachment from the index for a given name.
+	Get(name string) (*v1beta1.VolumeAttachment, error)
+	VolumeAttachmentListerExpansion
+}
+
+// volumeAttachmentLister implements the VolumeAttachmentLister interface.
+type volumeAttachmentLister struct {
+	indexer cache.Indexer
+}
+
+// NewVolumeAttachmentLister returns a new VolumeAttachmentLister.
+func NewVolumeAttachmentLister(indexer cache.Indexer) VolumeAttachmentLister {
+	return &volumeAttachmentLister{indexer: indexer}
+}
+
+// List lists all VolumeAttachments in the indexer.
+func (s *volumeAttachmentLister) List(selector labels.Selector) (ret []*v1beta1.VolumeAttachment, err error) {
+	err = cache.ListAll(s.indexer, selector, func(m interface{}) {
+		ret = append(ret, m.(*v1beta1.VolumeAttachment))
+	})
+	return ret, err
+}
+
+// Get retrieves the VolumeAttachment from the index for a given name.
+func (s *volumeAttachmentLister) Get(name string) (*v1beta1.VolumeAttachment, error) {
+	obj, exists, err := s.indexer.GetByKey(name)
+	if err != nil {
+		return nil, err
+	}
+	if !exists {
+		return nil, errors.NewNotFound(v1beta1.Resource("volumeattachment"), name)
+	}
+	return obj.(*v1beta1.VolumeAttachment), nil
+}
diff --git a/vendor/k8s.io/client-go/pkg/apis/clientauthentication/BUILD b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/BUILD
new file mode 100644
index 000000000000..64cdd678da7c
--- /dev/null
+++ b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/BUILD
@@ -0,0 +1,36 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "doc.go",
+        "register.go",
+        "types.go",
+        "zz_generated.deepcopy.go",
+    ],
+    importpath = "k8s.io/client-go/pkg/apis/clientauthentication",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [
+        ":package-srcs",
+        "//staging/src/k8s.io/client-go/pkg/apis/clientauthentication/install:all-srcs",
+        "//staging/src/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1:all-srcs",
+    ],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/client-go/pkg/apis/clientauthentication/doc.go b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/doc.go
new file mode 100644
index 000000000000..d67f9b6a578c
--- /dev/null
+++ b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/doc.go
@@ -0,0 +1,19 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// +k8s:deepcopy-gen=package
+// +groupName=client.authentication.k8s.io
+package clientauthentication
diff --git a/vendor/k8s.io/client-go/pkg/apis/clientauthentication/register.go b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/register.go
new file mode 100644
index 000000000000..e4fbc3ea9d41
--- /dev/null
+++ b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/register.go
@@ -0,0 +1,50 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package clientauthentication
+
+import (
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+// GroupName is the group name use in this package
+const GroupName = "client.authentication.k8s.io"
+
+// SchemeGroupVersion is group version used to register these objects
+var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}
+
+// Kind takes an unqualified kind and returns a Group qualified GroupKind
+func Kind(kind string) schema.GroupKind {
+	return SchemeGroupVersion.WithKind(kind).GroupKind()
+}
+
+// Resource takes an unqualified resource and returns a Group qualified GroupResource
+func Resource(resource string) schema.GroupResource {
+	return SchemeGroupVersion.WithResource(resource).GroupResource()
+}
+
+var (
+	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
+	AddToScheme   = SchemeBuilder.AddToScheme
+)
+
+func addKnownTypes(scheme *runtime.Scheme) error {
+	scheme.AddKnownTypes(SchemeGroupVersion,
+		&ExecCredential{},
+	)
+	return nil
+}
diff --git a/vendor/k8s.io/client-go/pkg/apis/clientauthentication/types.go b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/types.go
new file mode 100644
index 000000000000..5c05825f67b1
--- /dev/null
+++ b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/types.go
@@ -0,0 +1,70 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package clientauthentication
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// ExecCredentials is used by exec-based plugins to communicate credentials to
+// HTTP transports.
+type ExecCredential struct {
+	metav1.TypeMeta
+
+	// Spec holds information passed to the plugin by the transport. This contains
+	// request and runtime specific information, such as if the session is interactive.
+	Spec ExecCredentialSpec
+
+	// Status is filled in by the plugin and holds the credentials that the transport
+	// should use to contact the API.
+	// +optional
+	Status *ExecCredentialStatus
+}
+
+// ExecCredenitalSpec holds request and runtime specific information provided by
+// the transport.
+type ExecCredentialSpec struct {
+	// Response is populated when the transport encounters HTTP status codes, such as 401,
+	// suggesting previous credentials were invalid.
+	// +optional
+	Response *Response
+
+	// Interactive is true when the transport detects the command is being called from an
+	// interactive prompt.
+	// +optional
+	Interactive bool
+}
+
+// ExecCredentialStatus holds credentials for the transport to use.
+type ExecCredentialStatus struct {
+	// ExpirationTimestamp indicates a time when the provided credentials expire.
+	// +optional
+	ExpirationTimestamp *metav1.Time
+	// Token is a bearer token used by the client for request authentication.
+	Token string
+}
+
+// Response defines metadata about a failed request, including HTTP status code and
+// response headers.
+type Response struct {
+	// Headers holds HTTP headers returned by the server.
+	Header map[string][]string
+	// Code is the HTTP status code returned by the server.
+	Code int32
+}
diff --git a/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/BUILD b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/BUILD
new file mode 100644
index 000000000000..1a3bc15f66ed
--- /dev/null
+++ b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/BUILD
@@ -0,0 +1,39 @@
+package(default_visibility = ["//visibility:public"])
+
+load(
+    "@io_bazel_rules_go//go:def.bzl",
+    "go_library",
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "doc.go",
+        "register.go",
+        "types.go",
+        "zz_generated.conversion.go",
+        "zz_generated.deepcopy.go",
+        "zz_generated.defaults.go",
+    ],
+    importpath = "k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1",
+    deps = [
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/conversion:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/client-go/pkg/apis/clientauthentication:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+)
diff --git a/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/doc.go b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/doc.go
new file mode 100644
index 000000000000..c28eb6c9b886
--- /dev/null
+++ b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/doc.go
@@ -0,0 +1,23 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// +k8s:deepcopy-gen=package
+// +k8s:conversion-gen=k8s.io/client-go/pkg/apis/clientauthentication
+// +k8s:openapi-gen=true
+// +k8s:defaulter-gen=TypeMeta
+
+// +groupName=client.authentication.k8s.io
+package v1alpha1
diff --git a/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/register.go b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/register.go
new file mode 100644
index 000000000000..2acd13dead01
--- /dev/null
+++ b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/register.go
@@ -0,0 +1,55 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+// GroupName is the group name use in this package
+const GroupName = "client.authentication.k8s.io"
+
+// SchemeGroupVersion is group version used to register these objects
+var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}
+
+// Resource takes an unqualified resource and returns a Group qualified GroupResource
+func Resource(resource string) schema.GroupResource {
+	return SchemeGroupVersion.WithResource(resource).GroupResource()
+}
+
+var (
+	SchemeBuilder      runtime.SchemeBuilder
+	localSchemeBuilder = &SchemeBuilder
+	AddToScheme        = localSchemeBuilder.AddToScheme
+)
+
+func init() {
+	// We only register manually written functions here. The registration of the
+	// generated functions takes place in the generated files. The separation
+	// makes the code compile even when the generated files are missing.
+	localSchemeBuilder.Register(addKnownTypes)
+}
+
+func addKnownTypes(scheme *runtime.Scheme) error {
+	scheme.AddKnownTypes(SchemeGroupVersion,
+		&ExecCredential{},
+	)
+	metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
+	return nil
+}
diff --git a/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/types.go b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/types.go
new file mode 100644
index 000000000000..8920d31876e2
--- /dev/null
+++ b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/types.go
@@ -0,0 +1,70 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// ExecCredentials is used by exec-based plugins to communicate credentials to
+// HTTP transports.
+type ExecCredential struct {
+	metav1.TypeMeta `json:",inline"`
+
+	// Spec holds information passed to the plugin by the transport. This contains
+	// request and runtime specific information, such as if the session is interactive.
+	Spec ExecCredentialSpec `json:"spec,omitempty"`
+
+	// Status is filled in by the plugin and holds the credentials that the transport
+	// should use to contact the API.
+	// +optional
+	Status *ExecCredentialStatus `json:"status,omitempty"`
+}
+
+// ExecCredenitalSpec holds request and runtime specific information provided by
+// the transport.
+type ExecCredentialSpec struct {
+	// Response is populated when the transport encounters HTTP status codes, such as 401,
+	// suggesting previous credentials were invalid.
+	// +optional
+	Response *Response `json:"response,omitempty"`
+
+	// Interactive is true when the transport detects the command is being called from an
+	// interactive prompt.
+	// +optional
+	Interactive bool `json:"interactive,omitempty"`
+}
+
+// ExecCredentialStatus holds credentials for the transport to use.
+type ExecCredentialStatus struct {
+	// ExpirationTimestamp indicates a time when the provided credentials expire.
+	// +optional
+	ExpirationTimestamp *metav1.Time `json:"expirationTimestamp,omitempty"`
+	// Token is a bearer token used by the client for request authentication.
+	Token string `json:"token,omitempty"`
+}
+
+// Response defines metadata about a failed request, including HTTP status code and
+// response headers.
+type Response struct {
+	// Header holds HTTP headers returned by the server.
+	Header map[string][]string `json:"header,omitempty"`
+	// Code is the HTTP status code returned by the server.
+	Code int32 `json:"code,omitempty"`
+}
diff --git a/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/zz_generated.conversion.go b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/zz_generated.conversion.go
new file mode 100644
index 000000000000..bf28baef226f
--- /dev/null
+++ b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/zz_generated.conversion.go
@@ -0,0 +1,141 @@
+// +build !ignore_autogenerated
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by conversion-gen. DO NOT EDIT.
+
+package v1alpha1
+
+import (
+	unsafe "unsafe"
+
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	conversion "k8s.io/apimachinery/pkg/conversion"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	clientauthentication "k8s.io/client-go/pkg/apis/clientauthentication"
+)
+
+func init() {
+	localSchemeBuilder.Register(RegisterConversions)
+}
+
+// RegisterConversions adds conversion functions to the given scheme.
+// Public to allow building arbitrary schemes.
+func RegisterConversions(scheme *runtime.Scheme) error {
+	return scheme.AddGeneratedConversionFuncs(
+		Convert_v1alpha1_ExecCredential_To_clientauthentication_ExecCredential,
+		Convert_clientauthentication_ExecCredential_To_v1alpha1_ExecCredential,
+		Convert_v1alpha1_ExecCredentialSpec_To_clientauthentication_ExecCredentialSpec,
+		Convert_clientauthentication_ExecCredentialSpec_To_v1alpha1_ExecCredentialSpec,
+		Convert_v1alpha1_ExecCredentialStatus_To_clientauthentication_ExecCredentialStatus,
+		Convert_clientauthentication_ExecCredentialStatus_To_v1alpha1_ExecCredentialStatus,
+		Convert_v1alpha1_Response_To_clientauthentication_Response,
+		Convert_clientauthentication_Response_To_v1alpha1_Response,
+	)
+}
+
+func autoConvert_v1alpha1_ExecCredential_To_clientauthentication_ExecCredential(in *ExecCredential, out *clientauthentication.ExecCredential, s conversion.Scope) error {
+	if err := Convert_v1alpha1_ExecCredentialSpec_To_clientauthentication_ExecCredentialSpec(&in.Spec, &out.Spec, s); err != nil {
+		return err
+	}
+	out.Status = (*clientauthentication.ExecCredentialStatus)(unsafe.Pointer(in.Status))
+	return nil
+}
+
+// Convert_v1alpha1_ExecCredential_To_clientauthentication_ExecCredential is an autogenerated conversion function.
+func Convert_v1alpha1_ExecCredential_To_clientauthentication_ExecCredential(in *ExecCredential, out *clientauthentication.ExecCredential, s conversion.Scope) error {
+	return autoConvert_v1alpha1_ExecCredential_To_clientauthentication_ExecCredential(in, out, s)
+}
+
+func autoConvert_clientauthentication_ExecCredential_To_v1alpha1_ExecCredential(in *clientauthentication.ExecCredential, out *ExecCredential, s conversion.Scope) error {
+	if err := Convert_clientauthentication_ExecCredentialSpec_To_v1alpha1_ExecCredentialSpec(&in.Spec, &out.Spec, s); err != nil {
+		return err
+	}
+	out.Status = (*ExecCredentialStatus)(unsafe.Pointer(in.Status))
+	return nil
+}
+
+// Convert_clientauthentication_ExecCredential_To_v1alpha1_ExecCredential is an autogenerated conversion function.
+func Convert_clientauthentication_ExecCredential_To_v1alpha1_ExecCredential(in *clientauthentication.ExecCredential, out *ExecCredential, s conversion.Scope) error {
+	return autoConvert_clientauthentication_ExecCredential_To_v1alpha1_ExecCredential(in, out, s)
+}
+
+func autoConvert_v1alpha1_ExecCredentialSpec_To_clientauthentication_ExecCredentialSpec(in *ExecCredentialSpec, out *clientauthentication.ExecCredentialSpec, s conversion.Scope) error {
+	out.Response = (*clientauthentication.Response)(unsafe.Pointer(in.Response))
+	out.Interactive = in.Interactive
+	return nil
+}
+
+// Convert_v1alpha1_ExecCredentialSpec_To_clientauthentication_ExecCredentialSpec is an autogenerated conversion function.
+func Convert_v1alpha1_ExecCredentialSpec_To_clientauthentication_ExecCredentialSpec(in *ExecCredentialSpec, out *clientauthentication.ExecCredentialSpec, s conversion.Scope) error {
+	return autoConvert_v1alpha1_ExecCredentialSpec_To_clientauthentication_ExecCredentialSpec(in, out, s)
+}
+
+func autoConvert_clientauthentication_ExecCredentialSpec_To_v1alpha1_ExecCredentialSpec(in *clientauthentication.ExecCredentialSpec, out *ExecCredentialSpec, s conversion.Scope) error {
+	out.Response = (*Response)(unsafe.Pointer(in.Response))
+	out.Interactive = in.Interactive
+	return nil
+}
+
+// Convert_clientauthentication_ExecCredentialSpec_To_v1alpha1_ExecCredentialSpec is an autogenerated conversion function.
+func Convert_clientauthentication_ExecCredentialSpec_To_v1alpha1_ExecCredentialSpec(in *clientauthentication.ExecCredentialSpec, out *ExecCredentialSpec, s conversion.Scope) error {
+	return autoConvert_clientauthentication_ExecCredentialSpec_To_v1alpha1_ExecCredentialSpec(in, out, s)
+}
+
+func autoConvert_v1alpha1_ExecCredentialStatus_To_clientauthentication_ExecCredentialStatus(in *ExecCredentialStatus, out *clientauthentication.ExecCredentialStatus, s conversion.Scope) error {
+	out.ExpirationTimestamp = (*v1.Time)(unsafe.Pointer(in.ExpirationTimestamp))
+	out.Token = in.Token
+	return nil
+}
+
+// Convert_v1alpha1_ExecCredentialStatus_To_clientauthentication_ExecCredentialStatus is an autogenerated conversion function.
+func Convert_v1alpha1_ExecCredentialStatus_To_clientauthentication_ExecCredentialStatus(in *ExecCredentialStatus, out *clientauthentication.ExecCredentialStatus, s conversion.Scope) error {
+	return autoConvert_v1alpha1_ExecCredentialStatus_To_clientauthentication_ExecCredentialStatus(in, out, s)
+}
+
+func autoConvert_clientauthentication_ExecCredentialStatus_To_v1alpha1_ExecCredentialStatus(in *clientauthentication.ExecCredentialStatus, out *ExecCredentialStatus, s conversion.Scope) error {
+	out.ExpirationTimestamp = (*v1.Time)(unsafe.Pointer(in.ExpirationTimestamp))
+	out.Token = in.Token
+	return nil
+}
+
+// Convert_clientauthentication_ExecCredentialStatus_To_v1alpha1_ExecCredentialStatus is an autogenerated conversion function.
+func Convert_clientauthentication_ExecCredentialStatus_To_v1alpha1_ExecCredentialStatus(in *clientauthentication.ExecCredentialStatus, out *ExecCredentialStatus, s conversion.Scope) error {
+	return autoConvert_clientauthentication_ExecCredentialStatus_To_v1alpha1_ExecCredentialStatus(in, out, s)
+}
+
+func autoConvert_v1alpha1_Response_To_clientauthentication_Response(in *Response, out *clientauthentication.Response, s conversion.Scope) error {
+	out.Header = *(*map[string][]string)(unsafe.Pointer(&in.Header))
+	out.Code = in.Code
+	return nil
+}
+
+// Convert_v1alpha1_Response_To_clientauthentication_Response is an autogenerated conversion function.
+func Convert_v1alpha1_Response_To_clientauthentication_Response(in *Response, out *clientauthentication.Response, s conversion.Scope) error {
+	return autoConvert_v1alpha1_Response_To_clientauthentication_Response(in, out, s)
+}
+
+func autoConvert_clientauthentication_Response_To_v1alpha1_Response(in *clientauthentication.Response, out *Response, s conversion.Scope) error {
+	out.Header = *(*map[string][]string)(unsafe.Pointer(&in.Header))
+	out.Code = in.Code
+	return nil
+}
+
+// Convert_clientauthentication_Response_To_v1alpha1_Response is an autogenerated conversion function.
+func Convert_clientauthentication_Response_To_v1alpha1_Response(in *clientauthentication.Response, out *Response, s conversion.Scope) error {
+	return autoConvert_clientauthentication_Response_To_v1alpha1_Response(in, out, s)
+}
diff --git a/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/zz_generated.deepcopy.go
new file mode 100644
index 000000000000..c6dbbce4de1e
--- /dev/null
+++ b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/zz_generated.deepcopy.go
@@ -0,0 +1,137 @@
+// +build !ignore_autogenerated
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by deepcopy-gen. DO NOT EDIT.
+
+package v1alpha1
+
+import (
+	runtime "k8s.io/apimachinery/pkg/runtime"
+)
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExecCredential) DeepCopyInto(out *ExecCredential) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.Spec.DeepCopyInto(&out.Spec)
+	if in.Status != nil {
+		in, out := &in.Status, &out.Status
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(ExecCredentialStatus)
+			(*in).DeepCopyInto(*out)
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecCredential.
+func (in *ExecCredential) DeepCopy() *ExecCredential {
+	if in == nil {
+		return nil
+	}
+	out := new(ExecCredential)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ExecCredential) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExecCredentialSpec) DeepCopyInto(out *ExecCredentialSpec) {
+	*out = *in
+	if in.Response != nil {
+		in, out := &in.Response, &out.Response
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(Response)
+			(*in).DeepCopyInto(*out)
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecCredentialSpec.
+func (in *ExecCredentialSpec) DeepCopy() *ExecCredentialSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(ExecCredentialSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExecCredentialStatus) DeepCopyInto(out *ExecCredentialStatus) {
+	*out = *in
+	if in.ExpirationTimestamp != nil {
+		in, out := &in.ExpirationTimestamp, &out.ExpirationTimestamp
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = (*in).DeepCopy()
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecCredentialStatus.
+func (in *ExecCredentialStatus) DeepCopy() *ExecCredentialStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(ExecCredentialStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Response) DeepCopyInto(out *Response) {
+	*out = *in
+	if in.Header != nil {
+		in, out := &in.Header, &out.Header
+		*out = make(map[string][]string, len(*in))
+		for key, val := range *in {
+			if val == nil {
+				(*out)[key] = nil
+			} else {
+				(*out)[key] = make([]string, len(val))
+				copy((*out)[key], val)
+			}
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Response.
+func (in *Response) DeepCopy() *Response {
+	if in == nil {
+		return nil
+	}
+	out := new(Response)
+	in.DeepCopyInto(out)
+	return out
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/zz_generated.defaults.go b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/zz_generated.defaults.go
similarity index 92%
rename from vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/zz_generated.defaults.go
rename to vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/zz_generated.defaults.go
index 5e24d22cacd1..2bd0078a37ef 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/zz_generated.defaults.go
+++ b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/client-go/pkg/apis/clientauthentication/zz_generated.deepcopy.go b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/zz_generated.deepcopy.go
new file mode 100644
index 000000000000..f8b15d848fc8
--- /dev/null
+++ b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/zz_generated.deepcopy.go
@@ -0,0 +1,137 @@
+// +build !ignore_autogenerated
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by deepcopy-gen. DO NOT EDIT.
+
+package clientauthentication
+
+import (
+	runtime "k8s.io/apimachinery/pkg/runtime"
+)
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExecCredential) DeepCopyInto(out *ExecCredential) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.Spec.DeepCopyInto(&out.Spec)
+	if in.Status != nil {
+		in, out := &in.Status, &out.Status
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(ExecCredentialStatus)
+			(*in).DeepCopyInto(*out)
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecCredential.
+func (in *ExecCredential) DeepCopy() *ExecCredential {
+	if in == nil {
+		return nil
+	}
+	out := new(ExecCredential)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ExecCredential) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExecCredentialSpec) DeepCopyInto(out *ExecCredentialSpec) {
+	*out = *in
+	if in.Response != nil {
+		in, out := &in.Response, &out.Response
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(Response)
+			(*in).DeepCopyInto(*out)
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecCredentialSpec.
+func (in *ExecCredentialSpec) DeepCopy() *ExecCredentialSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(ExecCredentialSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExecCredentialStatus) DeepCopyInto(out *ExecCredentialStatus) {
+	*out = *in
+	if in.ExpirationTimestamp != nil {
+		in, out := &in.ExpirationTimestamp, &out.ExpirationTimestamp
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = (*in).DeepCopy()
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecCredentialStatus.
+func (in *ExecCredentialStatus) DeepCopy() *ExecCredentialStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(ExecCredentialStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Response) DeepCopyInto(out *Response) {
+	*out = *in
+	if in.Header != nil {
+		in, out := &in.Header, &out.Header
+		*out = make(map[string][]string, len(*in))
+		for key, val := range *in {
+			if val == nil {
+				(*out)[key] = nil
+			} else {
+				(*out)[key] = make([]string, len(val))
+				copy((*out)[key], val)
+			}
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Response.
+func (in *Response) DeepCopy() *Response {
+	if in == nil {
+		return nil
+	}
+	out := new(Response)
+	in.DeepCopyInto(out)
+	return out
+}
diff --git a/vendor/k8s.io/client-go/pkg/version/def.bzl b/vendor/k8s.io/client-go/pkg/version/def.bzl
index bca85ab4b5be..9c018a4ef745 100644
--- a/vendor/k8s.io/client-go/pkg/version/def.bzl
+++ b/vendor/k8s.io/client-go/pkg/version/def.bzl
@@ -1,3 +1,17 @@
+# Copyright 2017 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 # Implements hack/lib/version.sh's kube::version::ldflags() for Bazel.
 def version_x_defs():
   # This should match the list of packages in kube::version::ldflag
diff --git a/vendor/k8s.io/client-go/plugin/pkg/client/auth/BUILD b/vendor/k8s.io/client-go/plugin/pkg/client/auth/BUILD
index 8ab2d745296e..367e897fdf27 100644
--- a/vendor/k8s.io/client-go/plugin/pkg/client/auth/BUILD
+++ b/vendor/k8s.io/client-go/plugin/pkg/client/auth/BUILD
@@ -29,6 +29,7 @@ filegroup(
     srcs = [
         ":package-srcs",
         "//staging/src/k8s.io/client-go/plugin/pkg/client/auth/azure:all-srcs",
+        "//staging/src/k8s.io/client-go/plugin/pkg/client/auth/exec:all-srcs",
         "//staging/src/k8s.io/client-go/plugin/pkg/client/auth/gcp:all-srcs",
         "//staging/src/k8s.io/client-go/plugin/pkg/client/auth/oidc:all-srcs",
         "//staging/src/k8s.io/client-go/plugin/pkg/client/auth/openstack:all-srcs",
diff --git a/vendor/k8s.io/client-go/plugin/pkg/client/auth/azure/BUILD b/vendor/k8s.io/client-go/plugin/pkg/client/auth/azure/BUILD
index 135ba355f99a..682776db5fdc 100644
--- a/vendor/k8s.io/client-go/plugin/pkg/client/auth/azure/BUILD
+++ b/vendor/k8s.io/client-go/plugin/pkg/client/auth/azure/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["azure_test.go"],
-    importpath = "k8s.io/client-go/plugin/pkg/client/auth/azure",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/github.com/Azure/go-autorest/autorest/adal:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/client-go/plugin/pkg/client/auth/exec/BUILD b/vendor/k8s.io/client-go/plugin/pkg/client/auth/exec/BUILD
new file mode 100644
index 000000000000..38cf9bdc299b
--- /dev/null
+++ b/vendor/k8s.io/client-go/plugin/pkg/client/auth/exec/BUILD
@@ -0,0 +1,44 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["exec.go"],
+    importpath = "k8s.io/client-go/plugin/pkg/client/auth/exec",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/golang.org/x/crypto/ssh/terminal:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library",
+        "//vendor/k8s.io/client-go/pkg/apis/clientauthentication:go_default_library",
+        "//vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1:go_default_library",
+        "//vendor/k8s.io/client-go/tools/clientcmd/api:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["exec_test.go"],
+    data = glob(["testdata/**"]),
+    embed = [":go_default_library"],
+    deps = [
+        "//vendor/k8s.io/client-go/pkg/apis/clientauthentication:go_default_library",
+        "//vendor/k8s.io/client-go/tools/clientcmd/api:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/client-go/plugin/pkg/client/auth/exec/exec.go b/vendor/k8s.io/client-go/plugin/pkg/client/auth/exec/exec.go
new file mode 100644
index 000000000000..dfd434d0c2f9
--- /dev/null
+++ b/vendor/k8s.io/client-go/plugin/pkg/client/auth/exec/exec.go
@@ -0,0 +1,280 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package exec
+
+import (
+	"bytes"
+	"fmt"
+	"io"
+	"net/http"
+	"os"
+	"os/exec"
+	"sync"
+	"time"
+
+	"github.com/golang/glog"
+	"golang.org/x/crypto/ssh/terminal"
+	"k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/runtime/serializer"
+	"k8s.io/client-go/pkg/apis/clientauthentication"
+	"k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1"
+	"k8s.io/client-go/tools/clientcmd/api"
+)
+
+const execInfoEnv = "KUBERNETES_EXEC_INFO"
+
+var scheme = runtime.NewScheme()
+var codecs = serializer.NewCodecFactory(scheme)
+
+func init() {
+	v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"})
+	v1alpha1.AddToScheme(scheme)
+	clientauthentication.AddToScheme(scheme)
+}
+
+var (
+	// Since transports can be constantly re-initialized by programs like kubectl,
+	// keep a cache of initialized authenticators keyed by a hash of their config.
+	globalCache = newCache()
+	// The list of API versions we accept.
+	apiVersions = map[string]schema.GroupVersion{
+		v1alpha1.SchemeGroupVersion.String(): v1alpha1.SchemeGroupVersion,
+	}
+)
+
+func newCache() *cache {
+	return &cache{m: make(map[string]*Authenticator)}
+}
+
+func cacheKey(c *api.ExecConfig) string {
+	return fmt.Sprintf("%#v", c)
+}
+
+type cache struct {
+	mu sync.Mutex
+	m  map[string]*Authenticator
+}
+
+func (c *cache) get(s string) (*Authenticator, bool) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+	a, ok := c.m[s]
+	return a, ok
+}
+
+// put inserts an authenticator into the cache. If an authenticator is already
+// associated with the key, the first one is returned instead.
+func (c *cache) put(s string, a *Authenticator) *Authenticator {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+	existing, ok := c.m[s]
+	if ok {
+		return existing
+	}
+	c.m[s] = a
+	return a
+}
+
+// GetAuthenticator returns an exec-based plugin for providing client credentials.
+func GetAuthenticator(config *api.ExecConfig) (*Authenticator, error) {
+	return newAuthenticator(globalCache, config)
+}
+
+func newAuthenticator(c *cache, config *api.ExecConfig) (*Authenticator, error) {
+	key := cacheKey(config)
+	if a, ok := c.get(key); ok {
+		return a, nil
+	}
+
+	gv, ok := apiVersions[config.APIVersion]
+	if !ok {
+		return nil, fmt.Errorf("exec plugin: invalid apiVersion %q", config.APIVersion)
+	}
+
+	a := &Authenticator{
+		cmd:   config.Command,
+		args:  config.Args,
+		group: gv,
+
+		stdin:       os.Stdin,
+		stderr:      os.Stderr,
+		interactive: terminal.IsTerminal(int(os.Stdout.Fd())),
+		now:         time.Now,
+		environ:     os.Environ,
+	}
+
+	for _, env := range config.Env {
+		a.env = append(a.env, env.Name+"="+env.Value)
+	}
+
+	return c.put(key, a), nil
+}
+
+// Authenticator is a client credential provider that rotates credentials by executing a plugin.
+// The plugin input and output are defined by the API group client.authentication.k8s.io.
+type Authenticator struct {
+	// Set by the config
+	cmd   string
+	args  []string
+	group schema.GroupVersion
+	env   []string
+
+	// Stubbable for testing
+	stdin       io.Reader
+	stderr      io.Writer
+	interactive bool
+	now         func() time.Time
+	environ     func() []string
+
+	// Cached results.
+	//
+	// The mutex also guards calling the plugin. Since the plugin could be
+	// interactive we want to make sure it's only called once.
+	mu          sync.Mutex
+	cachedToken string
+	exp         time.Time
+}
+
+// WrapTransport instruments an existing http.RoundTripper with credentials returned
+// by the plugin.
+func (a *Authenticator) WrapTransport(rt http.RoundTripper) http.RoundTripper {
+	return &roundTripper{a, rt}
+}
+
+type roundTripper struct {
+	a    *Authenticator
+	base http.RoundTripper
+}
+
+func (r *roundTripper) RoundTrip(req *http.Request) (*http.Response, error) {
+	// If a user has already set credentials, use that. This makes commands like
+	// "kubectl get --token (token) pods" work.
+	if req.Header.Get("Authorization") != "" {
+		return r.base.RoundTrip(req)
+	}
+
+	token, err := r.a.token()
+	if err != nil {
+		return nil, fmt.Errorf("getting token: %v", err)
+	}
+	req.Header.Set("Authorization", "Bearer "+token)
+
+	res, err := r.base.RoundTrip(req)
+	if err != nil {
+		return nil, err
+	}
+	if res.StatusCode == http.StatusUnauthorized {
+		resp := &clientauthentication.Response{
+			Header: res.Header,
+			Code:   int32(res.StatusCode),
+		}
+		if err := r.a.refresh(token, resp); err != nil {
+			glog.Errorf("refreshing token: %v", err)
+		}
+	}
+	return res, nil
+}
+
+func (a *Authenticator) tokenExpired() bool {
+	if a.exp.IsZero() {
+		return false
+	}
+	return a.now().After(a.exp)
+}
+
+func (a *Authenticator) token() (string, error) {
+	a.mu.Lock()
+	defer a.mu.Unlock()
+	if a.cachedToken != "" && !a.tokenExpired() {
+		return a.cachedToken, nil
+	}
+
+	return a.getToken(nil)
+}
+
+// refresh executes the plugin to force a rotation of the token.
+func (a *Authenticator) refresh(token string, r *clientauthentication.Response) error {
+	a.mu.Lock()
+	defer a.mu.Unlock()
+
+	if token != a.cachedToken {
+		// Token already rotated.
+		return nil
+	}
+
+	_, err := a.getToken(r)
+	return err
+}
+
+// getToken executes the plugin and reads the credentials from stdout. It must be
+// called while holding the Authenticator's mutex.
+func (a *Authenticator) getToken(r *clientauthentication.Response) (string, error) {
+	cred := &clientauthentication.ExecCredential{
+		Spec: clientauthentication.ExecCredentialSpec{
+			Response:    r,
+			Interactive: a.interactive,
+		},
+	}
+
+	data, err := runtime.Encode(codecs.LegacyCodec(a.group), cred)
+	if err != nil {
+		return "", fmt.Errorf("encode ExecCredentials: %v", err)
+	}
+
+	env := append(a.environ(), a.env...)
+	env = append(env, fmt.Sprintf("%s=%s", execInfoEnv, data))
+
+	stdout := &bytes.Buffer{}
+	cmd := exec.Command(a.cmd, a.args...)
+	cmd.Env = env
+	cmd.Stderr = a.stderr
+	cmd.Stdout = stdout
+	if a.interactive {
+		cmd.Stdin = a.stdin
+	}
+
+	if err := cmd.Run(); err != nil {
+		return "", fmt.Errorf("exec: %v", err)
+	}
+
+	_, gvk, err := codecs.UniversalDecoder(a.group).Decode(stdout.Bytes(), nil, cred)
+	if err != nil {
+		return "", fmt.Errorf("decode stdout: %v", err)
+	}
+	if gvk.Group != a.group.Group || gvk.Version != a.group.Version {
+		return "", fmt.Errorf("exec plugin is configured to use API version %s, plugin returned version %s",
+			a.group, schema.GroupVersion{Group: gvk.Group, Version: gvk.Version})
+	}
+
+	if cred.Status == nil {
+		return "", fmt.Errorf("exec plugin didn't return a status field")
+	}
+	if cred.Status.Token == "" {
+		return "", fmt.Errorf("exec plugin didn't return a token")
+	}
+
+	if cred.Status.ExpirationTimestamp != nil {
+		a.exp = cred.Status.ExpirationTimestamp.Time
+	} else {
+		a.exp = time.Time{}
+	}
+	a.cachedToken = cred.Status.Token
+
+	return a.cachedToken, nil
+}
diff --git a/vendor/k8s.io/client-go/plugin/pkg/client/auth/gcp/BUILD b/vendor/k8s.io/client-go/plugin/pkg/client/auth/gcp/BUILD
index d9ef7bded3e2..e57e896ae9c5 100644
--- a/vendor/k8s.io/client-go/plugin/pkg/client/auth/gcp/BUILD
+++ b/vendor/k8s.io/client-go/plugin/pkg/client/auth/gcp/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["gcp_test.go"],
-    importpath = "k8s.io/client-go/plugin/pkg/client/auth/gcp",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/golang.org/x/oauth2:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/client-go/plugin/pkg/client/auth/gcp/gcp.go b/vendor/k8s.io/client-go/plugin/pkg/client/auth/gcp/gcp.go
index 5ed1203b2a6c..3a4f86777bde 100644
--- a/vendor/k8s.io/client-go/plugin/pkg/client/auth/gcp/gcp.go
+++ b/vendor/k8s.io/client-go/plugin/pkg/client/auth/gcp/gcp.go
@@ -42,8 +42,18 @@ func init() {
 	}
 }
 
-// Stubbable for testing
-var execCommand = exec.Command
+var (
+	// Stubbable for testing
+	execCommand = exec.Command
+
+	// defaultScopes:
+	// - cloud-platform is the base scope to authenticate to GCP.
+	// - userinfo.email is used to authenticate to GKE APIs with gserviceaccount
+	//   email instead of numeric uniqueID.
+	defaultScopes = []string{
+		"https://www.googleapis.com/auth/cloud-platform",
+		"https://www.googleapis.com/auth/userinfo.email"}
+)
 
 // gcpAuthProvider is an auth provider plugin that uses GCP credentials to provide
 // tokens for kubectl to authenticate itself to the apiserver. A sample json config
@@ -55,6 +65,14 @@ var execCommand = exec.Command
 //     "name": "gcp",
 //
 //     'config': {
+//       # Authentication options
+//       # These options are used while getting a token.
+//
+//       # comma-separated list of GCP API scopes. default value of this field
+//       # is "https://www.googleapis.com/auth/cloud-platform,https://www.googleapis.com/auth/userinfo.email".
+// 		 # to override the API scopes, specify this field explicitly.
+//       "scopes": "https://www.googleapis.com/auth/cloud-platform"
+//
 //       # Caching options
 //
 //       # Raw string data representing cached access token.
@@ -96,12 +114,32 @@ type gcpAuthProvider struct {
 }
 
 func newGCPAuthProvider(_ string, gcpConfig map[string]string, persister restclient.AuthProviderConfigPersister) (restclient.AuthProvider, error) {
-	var ts oauth2.TokenSource
-	var err error
-	if cmd, useCmd := gcpConfig["cmd-path"]; useCmd {
+	ts, err := tokenSource(isCmdTokenSource(gcpConfig), gcpConfig)
+	if err != nil {
+		return nil, err
+	}
+	cts, err := newCachedTokenSource(gcpConfig["access-token"], gcpConfig["expiry"], persister, ts, gcpConfig)
+	if err != nil {
+		return nil, err
+	}
+	return &gcpAuthProvider{cts, persister}, nil
+}
+
+func isCmdTokenSource(gcpConfig map[string]string) bool {
+	_, ok := gcpConfig["cmd-path"]
+	return ok
+}
+
+func tokenSource(isCmd bool, gcpConfig map[string]string) (oauth2.TokenSource, error) {
+	// Command-based token source
+	if isCmd {
+		cmd := gcpConfig["cmd-path"]
 		if len(cmd) == 0 {
 			return nil, fmt.Errorf("missing access token cmd")
 		}
+		if gcpConfig["scopes"] != "" {
+			return nil, fmt.Errorf("scopes can only be used when kubectl is using a gcp service account key")
+		}
 		var args []string
 		if cmdArgs, ok := gcpConfig["cmd-args"]; ok {
 			args = strings.Fields(cmdArgs)
@@ -110,18 +148,29 @@ func newGCPAuthProvider(_ string, gcpConfig map[string]string, persister restcli
 			cmd = fields[0]
 			args = fields[1:]
 		}
-		ts = newCmdTokenSource(cmd, args, gcpConfig["token-key"], gcpConfig["expiry-key"], gcpConfig["time-fmt"])
-	} else {
-		ts, err = google.DefaultTokenSource(context.Background(), "https://www.googleapis.com/auth/cloud-platform")
+		return newCmdTokenSource(cmd, args, gcpConfig["token-key"], gcpConfig["expiry-key"], gcpConfig["time-fmt"]), nil
 	}
+
+	// Google Application Credentials-based token source
+	scopes := parseScopes(gcpConfig)
+	ts, err := google.DefaultTokenSource(context.Background(), scopes...)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("cannot construct google default token source: %v", err)
 	}
-	cts, err := newCachedTokenSource(gcpConfig["access-token"], gcpConfig["expiry"], persister, ts, gcpConfig)
-	if err != nil {
-		return nil, err
+	return ts, nil
+}
+
+// parseScopes constructs a list of scopes that should be included in token source
+// from the config map.
+func parseScopes(gcpConfig map[string]string) []string {
+	scopes, ok := gcpConfig["scopes"]
+	if !ok {
+		return defaultScopes
 	}
-	return &gcpAuthProvider{cts, persister}, nil
+	if scopes == "" {
+		return []string{}
+	}
+	return strings.Split(gcpConfig["scopes"], ",")
 }
 
 func (g *gcpAuthProvider) WrapTransport(rt http.RoundTripper) http.RoundTripper {
diff --git a/vendor/k8s.io/client-go/plugin/pkg/client/auth/oidc/BUILD b/vendor/k8s.io/client-go/plugin/pkg/client/auth/oidc/BUILD
index 03ccf499ce0f..ee76fac0d731 100644
--- a/vendor/k8s.io/client-go/plugin/pkg/client/auth/oidc/BUILD
+++ b/vendor/k8s.io/client-go/plugin/pkg/client/auth/oidc/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["oidc_test.go"],
-    importpath = "k8s.io/client-go/plugin/pkg/client/auth/oidc",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/client-go/plugin/pkg/client/auth/oidc/OWNERS b/vendor/k8s.io/client-go/plugin/pkg/client/auth/oidc/OWNERS
index d2210cb89abc..e0f3c6ca980e 100644
--- a/vendor/k8s.io/client-go/plugin/pkg/client/auth/oidc/OWNERS
+++ b/vendor/k8s.io/client-go/plugin/pkg/client/auth/oidc/OWNERS
@@ -2,3 +2,4 @@ approvers:
 - ericchiang
 reviewers:
 - ericchiang
+- rithujohn191
diff --git a/vendor/k8s.io/client-go/plugin/pkg/client/auth/openstack/BUILD b/vendor/k8s.io/client-go/plugin/pkg/client/auth/openstack/BUILD
index 6ebaf302d2e2..750ffd6f5377 100644
--- a/vendor/k8s.io/client-go/plugin/pkg/client/auth/openstack/BUILD
+++ b/vendor/k8s.io/client-go/plugin/pkg/client/auth/openstack/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["openstack_test.go"],
-    importpath = "k8s.io/client-go/plugin/pkg/client/auth/openstack",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/client-go/rest/BUILD b/vendor/k8s.io/client-go/rest/BUILD
index 44958631da1e..0cb24bcff3f0 100644
--- a/vendor/k8s.io/client-go/rest/BUILD
+++ b/vendor/k8s.io/client-go/rest/BUILD
@@ -16,8 +16,7 @@ go_test(
         "url_utils_test.go",
         "urlbackoff_test.go",
     ],
-    importpath = "k8s.io/client-go/rest",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/google/gofuzz:go_default_library",
@@ -55,7 +54,6 @@ go_library(
         "transport.go",
         "url_utils.go",
         "urlbackoff.go",
-        "versions.go",
         "zz_generated.deepcopy.go",
     ],
     importpath = "k8s.io/client-go/rest",
@@ -73,6 +71,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
         "//vendor/k8s.io/client-go/pkg/version:go_default_library",
+        "//vendor/k8s.io/client-go/plugin/pkg/client/auth/exec:go_default_library",
         "//vendor/k8s.io/client-go/rest/watch:go_default_library",
         "//vendor/k8s.io/client-go/tools/clientcmd/api:go_default_library",
         "//vendor/k8s.io/client-go/tools/metrics:go_default_library",
diff --git a/vendor/k8s.io/client-go/rest/client.go b/vendor/k8s.io/client-go/rest/client.go
index 524e0d8eb971..927403cb2329 100644
--- a/vendor/k8s.io/client-go/rest/client.go
+++ b/vendor/k8s.io/client-go/rest/client.go
@@ -222,9 +222,9 @@ func (c *RESTClient) Verb(verb string) *Request {
 	backoff := c.createBackoffMgr()
 
 	if c.Client == nil {
-		return NewRequest(nil, verb, c.base, c.versionedAPIPath, c.contentConfig, c.serializers, backoff, c.Throttle)
+		return NewRequest(nil, verb, c.base, c.versionedAPIPath, c.contentConfig, c.serializers, backoff, c.Throttle, 0)
 	}
-	return NewRequest(c.Client, verb, c.base, c.versionedAPIPath, c.contentConfig, c.serializers, backoff, c.Throttle)
+	return NewRequest(c.Client, verb, c.base, c.versionedAPIPath, c.contentConfig, c.serializers, backoff, c.Throttle, c.Client.Timeout)
 }
 
 // Post begins a POST request. Short for c.Verb("POST").
diff --git a/vendor/k8s.io/client-go/rest/config.go b/vendor/k8s.io/client-go/rest/config.go
index 038fee94537c..72a78bc0a008 100644
--- a/vendor/k8s.io/client-go/rest/config.go
+++ b/vendor/k8s.io/client-go/rest/config.go
@@ -54,9 +54,6 @@ type Config struct {
 	Host string
 	// APIPath is a sub-path that points to an API root.
 	APIPath string
-	// Prefix is the sub path of the server. If not specified, the client will set
-	// a default value.  Use "/" to indicate the server root should be used
-	Prefix string
 
 	// ContentConfig contains settings that affect how objects are transformed when
 	// sent to the server.
@@ -71,10 +68,6 @@ type Config struct {
 	// TODO: demonstrate an OAuth2 compatible client.
 	BearerToken string
 
-	// CacheDir is the directory where we'll store HTTP cached responses.
-	// If set to empty string, no caching mechanism will be used.
-	CacheDir string
-
 	// Impersonate is the configuration that RESTClient will use for impersonation.
 	Impersonate ImpersonationConfig
 
@@ -84,6 +77,9 @@ type Config struct {
 	// Callback to persist config for AuthProvider.
 	AuthConfigPersister AuthProviderConfigPersister
 
+	// Exec-based authentication provider.
+	ExecProvider *clientcmdapi.ExecConfig
+
 	// TLSClientConfig contains settings to enable transport layer security
 	TLSClientConfig
 
@@ -405,7 +401,6 @@ func AnonymousClientConfig(config *Config) *Config {
 	return &Config{
 		Host:          config.Host,
 		APIPath:       config.APIPath,
-		Prefix:        config.Prefix,
 		ContentConfig: config.ContentConfig,
 		TLSClientConfig: TLSClientConfig{
 			Insecure:   config.Insecure,
@@ -429,12 +424,10 @@ func CopyConfig(config *Config) *Config {
 	return &Config{
 		Host:          config.Host,
 		APIPath:       config.APIPath,
-		Prefix:        config.Prefix,
 		ContentConfig: config.ContentConfig,
 		Username:      config.Username,
 		Password:      config.Password,
 		BearerToken:   config.BearerToken,
-		CacheDir:      config.CacheDir,
 		Impersonate: ImpersonationConfig{
 			Groups:   config.Impersonate.Groups,
 			Extra:    config.Impersonate.Extra,
@@ -442,6 +435,7 @@ func CopyConfig(config *Config) *Config {
 		},
 		AuthProvider:        config.AuthProvider,
 		AuthConfigPersister: config.AuthConfigPersister,
+		ExecProvider:        config.ExecProvider,
 		TLSClientConfig: TLSClientConfig{
 			Insecure:   config.TLSClientConfig.Insecure,
 			ServerName: config.TLSClientConfig.ServerName,
diff --git a/vendor/k8s.io/client-go/rest/request.go b/vendor/k8s.io/client-go/rest/request.go
index aac126ccca95..6ca9e0197d21 100644
--- a/vendor/k8s.io/client-go/rest/request.go
+++ b/vendor/k8s.io/client-go/rest/request.go
@@ -112,7 +112,7 @@ type Request struct {
 }
 
 // NewRequest creates a new request helper object for accessing runtime.Objects on a server.
-func NewRequest(client HTTPClient, verb string, baseURL *url.URL, versionedAPIPath string, content ContentConfig, serializers Serializers, backoff BackoffManager, throttle flowcontrol.RateLimiter) *Request {
+func NewRequest(client HTTPClient, verb string, baseURL *url.URL, versionedAPIPath string, content ContentConfig, serializers Serializers, backoff BackoffManager, throttle flowcontrol.RateLimiter, timeout time.Duration) *Request {
 	if backoff == nil {
 		glog.V(2).Infof("Not implementing request backoff strategy.")
 		backoff = &NoBackoff{}
@@ -131,6 +131,7 @@ func NewRequest(client HTTPClient, verb string, baseURL *url.URL, versionedAPIPa
 		serializers: serializers,
 		backoffMgr:  backoff,
 		throttle:    throttle,
+		timeout:     timeout,
 	}
 	switch {
 	case len(content.AcceptContentTypes) > 0:
diff --git a/vendor/k8s.io/client-go/rest/transport.go b/vendor/k8s.io/client-go/rest/transport.go
index f59f8dbe2786..b6a0676326e6 100644
--- a/vendor/k8s.io/client-go/rest/transport.go
+++ b/vendor/k8s.io/client-go/rest/transport.go
@@ -20,6 +20,7 @@ import (
 	"crypto/tls"
 	"net/http"
 
+	"k8s.io/client-go/plugin/pkg/client/auth/exec"
 	"k8s.io/client-go/transport"
 )
 
@@ -59,6 +60,20 @@ func HTTPWrappersForConfig(config *Config, rt http.RoundTripper) (http.RoundTrip
 // TransportConfig converts a client config to an appropriate transport config.
 func (c *Config) TransportConfig() (*transport.Config, error) {
 	wt := c.WrapTransport
+	if c.ExecProvider != nil {
+		provider, err := exec.GetAuthenticator(c.ExecProvider)
+		if err != nil {
+			return nil, err
+		}
+		if wt != nil {
+			previousWT := wt
+			wt = func(rt http.RoundTripper) http.RoundTripper {
+				return provider.WrapTransport(previousWT(rt))
+			}
+		} else {
+			wt = provider.WrapTransport
+		}
+	}
 	if c.AuthProvider != nil {
 		provider, err := GetAuthProvider(c.Host, c.AuthProvider, c.AuthConfigPersister)
 		if err != nil {
@@ -89,7 +104,6 @@ func (c *Config) TransportConfig() (*transport.Config, error) {
 		},
 		Username:    c.Username,
 		Password:    c.Password,
-		CacheDir:    c.CacheDir,
 		BearerToken: c.BearerToken,
 		Impersonate: transport.ImpersonationConfig{
 			UserName: c.Impersonate.UserName,
diff --git a/vendor/k8s.io/client-go/rest/versions.go b/vendor/k8s.io/client-go/rest/versions.go
deleted file mode 100644
index 9d41812f2626..000000000000
--- a/vendor/k8s.io/client-go/rest/versions.go
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
-Copyright 2014 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package rest
-
-import (
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"path"
-
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-)
-
-const (
-	legacyAPIPath  = "/api"
-	defaultAPIPath = "/apis"
-)
-
-// TODO: Is this obsoleted by the discovery client?
-
-// ServerAPIVersions returns the GroupVersions supported by the API server.
-// It creates a RESTClient based on the passed in config, but it doesn't rely
-// on the Version and Codec of the config, because it uses AbsPath and
-// takes the raw response.
-func ServerAPIVersions(c *Config) (groupVersions []string, err error) {
-	transport, err := TransportFor(c)
-	if err != nil {
-		return nil, err
-	}
-	client := http.Client{Transport: transport}
-
-	configCopy := *c
-	configCopy.GroupVersion = nil
-	configCopy.APIPath = ""
-	baseURL, _, err := defaultServerUrlFor(&configCopy)
-	if err != nil {
-		return nil, err
-	}
-	// Get the groupVersions exposed at /api
-	originalPath := baseURL.Path
-	baseURL.Path = path.Join(originalPath, legacyAPIPath)
-	resp, err := client.Get(baseURL.String())
-	if err != nil {
-		return nil, err
-	}
-	var v metav1.APIVersions
-	defer resp.Body.Close()
-	err = json.NewDecoder(resp.Body).Decode(&v)
-	if err != nil {
-		return nil, fmt.Errorf("unexpected error: %v", err)
-	}
-
-	groupVersions = append(groupVersions, v.Versions...)
-	// Get the groupVersions exposed at /apis
-	baseURL.Path = path.Join(originalPath, defaultAPIPath)
-	resp2, err := client.Get(baseURL.String())
-	if err != nil {
-		return nil, err
-	}
-	var apiGroupList metav1.APIGroupList
-	defer resp2.Body.Close()
-	err = json.NewDecoder(resp2.Body).Decode(&apiGroupList)
-	if err != nil {
-		return nil, fmt.Errorf("unexpected error: %v", err)
-	}
-
-	for _, g := range apiGroupList.Groups {
-		for _, gv := range g.Versions {
-			groupVersions = append(groupVersions, gv.GroupVersion)
-		}
-	}
-
-	return groupVersions, nil
-}
diff --git a/vendor/k8s.io/client-go/rest/watch/BUILD b/vendor/k8s.io/client-go/rest/watch/BUILD
index 27183286380c..30dfadd1fad4 100644
--- a/vendor/k8s.io/client-go/rest/watch/BUILD
+++ b/vendor/k8s.io/client-go/rest/watch/BUILD
@@ -27,7 +27,6 @@ go_test(
         "decoder_test.go",
         "encoder_test.go",
     ],
-    importpath = "k8s.io/client-go/rest/watch_test",
     deps = [
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
diff --git a/vendor/k8s.io/client-go/rest/zz_generated.deepcopy.go b/vendor/k8s.io/client-go/rest/zz_generated.deepcopy.go
index 02d3b606e5c0..67568bf0b4ff 100644
--- a/vendor/k8s.io/client-go/rest/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/client-go/rest/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package rest
 
diff --git a/vendor/k8s.io/client-go/scale/BUILD b/vendor/k8s.io/client-go/scale/BUILD
index 4fb0a949e402..b82984243ab2 100644
--- a/vendor/k8s.io/client-go/scale/BUILD
+++ b/vendor/k8s.io/client-go/scale/BUILD
@@ -35,8 +35,7 @@ go_test(
         "client_test.go",
         "roundtrip_test.go",
     ],
-    importpath = "k8s.io/client-go/scale",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/k8s.io/api/apps/v1beta1:go_default_library",
diff --git a/vendor/k8s.io/client-go/scale/client.go b/vendor/k8s.io/client-go/scale/client.go
index 3f85197a0b6f..782aca394c64 100644
--- a/vendor/k8s.io/client-go/scale/client.go
+++ b/vendor/k8s.io/client-go/scale/client.go
@@ -21,6 +21,7 @@ import (
 
 	autoscaling "k8s.io/api/autoscaling/v1"
 	"k8s.io/apimachinery/pkg/api/meta"
+	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	serializer "k8s.io/apimachinery/pkg/runtime/serializer"
 	"k8s.io/client-go/dynamic"
@@ -129,21 +130,29 @@ func (c *namespacedScaleClient) Get(resource schema.GroupResource, name string)
 		return nil, fmt.Errorf("unable to get client for %s: %v", resource.String(), err)
 	}
 
-	rawObj, err := c.client.clientBase.Get().
+	result := c.client.clientBase.Get().
 		AbsPath(path).
 		Namespace(c.namespace).
 		Resource(gvr.Resource).
 		Name(name).
 		SubResource("scale").
-		Do().
-		Get()
+		Do()
+	if err := result.Error(); err != nil {
+		return nil, fmt.Errorf("could not fetch the scale for %s %s: %v", resource.String(), name, err)
+	}
 
+	scaleBytes, err := result.Raw()
+	if err != nil {
+		return nil, err
+	}
+	decoder := scaleConverter.codecs.UniversalDecoder(scaleConverter.ScaleVersions()...)
+	rawScaleObj, err := runtime.Decode(decoder, scaleBytes)
 	if err != nil {
 		return nil, err
 	}
 
 	// convert whatever this is to autoscaling/v1.Scale
-	scaleObj, err := scaleConverter.ConvertToVersion(rawObj, autoscaling.SchemeGroupVersion)
+	scaleObj, err := scaleConverter.ConvertToVersion(rawScaleObj, autoscaling.SchemeGroupVersion)
 	if err != nil {
 		return nil, fmt.Errorf("received an object from a /scale endpoint which was not convertible to autoscaling Scale: %v", err)
 	}
@@ -158,8 +167,8 @@ func (c *namespacedScaleClient) Update(resource schema.GroupResource, scale *aut
 	}
 
 	// Currently, a /scale endpoint can receive and return different scale types.
-	// Until we hvae support for the alternative API representations proposal,
-	// we need to deal with sending and accepting differnet API versions.
+	// Until we have support for the alternative API representations proposal,
+	// we need to deal with sending and accepting different API versions.
 
 	// figure out what scale we actually need here
 	desiredGVK, err := c.client.scaleKindResolver.ScaleForResource(gvr)
@@ -170,25 +179,38 @@ func (c *namespacedScaleClient) Update(resource schema.GroupResource, scale *aut
 	// convert this to whatever this endpoint wants
 	scaleUpdate, err := scaleConverter.ConvertToVersion(scale, desiredGVK.GroupVersion())
 	if err != nil {
-		return nil, fmt.Errorf("could not convert scale update to internal Scale: %v", err)
+		return nil, fmt.Errorf("could not convert scale update to external Scale: %v", err)
+	}
+	encoder := scaleConverter.codecs.LegacyCodec(desiredGVK.GroupVersion())
+	scaleUpdateBytes, err := runtime.Encode(encoder, scaleUpdate)
+	if err != nil {
+		return nil, fmt.Errorf("could not encode scale update to external Scale: %v", err)
 	}
 
-	rawObj, err := c.client.clientBase.Put().
+	result := c.client.clientBase.Put().
 		AbsPath(path).
 		Namespace(c.namespace).
 		Resource(gvr.Resource).
 		Name(scale.Name).
 		SubResource("scale").
-		Body(scaleUpdate).
-		Do().
-		Get()
+		Body(scaleUpdateBytes).
+		Do()
+	if err := result.Error(); err != nil {
+		return nil, fmt.Errorf("could not update the scale for %s %s: %v", resource.String(), scale.Name, err)
+	}
 
+	scaleBytes, err := result.Raw()
+	if err != nil {
+		return nil, err
+	}
+	decoder := scaleConverter.codecs.UniversalDecoder(scaleConverter.ScaleVersions()...)
+	rawScaleObj, err := runtime.Decode(decoder, scaleBytes)
 	if err != nil {
-		return nil, fmt.Errorf("could not fetch the scale for %s %s: %v", resource.String(), scale.Name, err)
+		return nil, err
 	}
 
 	// convert whatever this is back to autoscaling/v1.Scale
-	scaleObj, err := scaleConverter.ConvertToVersion(rawObj, autoscaling.SchemeGroupVersion)
+	scaleObj, err := scaleConverter.ConvertToVersion(rawScaleObj, autoscaling.SchemeGroupVersion)
 	if err != nil {
 		return nil, fmt.Errorf("received an object from a /scale endpoint which was not convertible to autoscaling Scale: %v", err)
 	}
diff --git a/vendor/k8s.io/client-go/scale/scheme/appsint/doc.go b/vendor/k8s.io/client-go/scale/scheme/appsint/doc.go
index 5b1d6841c4c3..16f29e2afee3 100644
--- a/vendor/k8s.io/client-go/scale/scheme/appsint/doc.go
+++ b/vendor/k8s.io/client-go/scale/scheme/appsint/doc.go
@@ -17,6 +17,6 @@ limitations under the License.
 // Package appsint contains the necessary scaffolding of the
 // internal version of extensions as required by conversion logic.
 // It doesn't have any of its own types -- it's just necessary to
-// get the expected behavoir out of runtime.Scheme.ConvertToVersion
+// get the expected behavior out of runtime.Scheme.ConvertToVersion
 // and associated methods.
 package appsint
diff --git a/vendor/k8s.io/client-go/scale/scheme/appsv1beta1/zz_generated.conversion.go b/vendor/k8s.io/client-go/scale/scheme/appsv1beta1/zz_generated.conversion.go
index 85e497e7f023..bd42e7add85a 100644
--- a/vendor/k8s.io/client-go/scale/scheme/appsv1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/client-go/scale/scheme/appsv1beta1/zz_generated.conversion.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package appsv1beta1
 
diff --git a/vendor/k8s.io/client-go/scale/scheme/appsv1beta2/zz_generated.conversion.go b/vendor/k8s.io/client-go/scale/scheme/appsv1beta2/zz_generated.conversion.go
index faa7319d71eb..d6afedb0de94 100644
--- a/vendor/k8s.io/client-go/scale/scheme/appsv1beta2/zz_generated.conversion.go
+++ b/vendor/k8s.io/client-go/scale/scheme/appsv1beta2/zz_generated.conversion.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package appsv1beta2
 
diff --git a/vendor/k8s.io/client-go/scale/scheme/autoscalingv1/zz_generated.conversion.go b/vendor/k8s.io/client-go/scale/scheme/autoscalingv1/zz_generated.conversion.go
index 8b0d525624e9..2a7a45a4766c 100644
--- a/vendor/k8s.io/client-go/scale/scheme/autoscalingv1/zz_generated.conversion.go
+++ b/vendor/k8s.io/client-go/scale/scheme/autoscalingv1/zz_generated.conversion.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package autoscalingv1
 
diff --git a/vendor/k8s.io/client-go/scale/scheme/extensionsint/doc.go b/vendor/k8s.io/client-go/scale/scheme/extensionsint/doc.go
index cc92bf18824d..9aaac6086171 100644
--- a/vendor/k8s.io/client-go/scale/scheme/extensionsint/doc.go
+++ b/vendor/k8s.io/client-go/scale/scheme/extensionsint/doc.go
@@ -17,6 +17,6 @@ limitations under the License.
 // Package extensionsint contains the necessary scaffolding of the
 // internal version of extensions as required by conversion logic.
 // It doesn't have any of its own types -- it's just necessary to
-// get the expected behavoir out of runtime.Scheme.ConvertToVersion
+// get the expected behavior out of runtime.Scheme.ConvertToVersion
 // and associated methods.
 package extensionsint
diff --git a/vendor/k8s.io/client-go/scale/scheme/extensionsv1beta1/zz_generated.conversion.go b/vendor/k8s.io/client-go/scale/scheme/extensionsv1beta1/zz_generated.conversion.go
index 1c8e68dc59f2..6d0ed7a29722 100644
--- a/vendor/k8s.io/client-go/scale/scheme/extensionsv1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/client-go/scale/scheme/extensionsv1beta1/zz_generated.conversion.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package extensionsv1beta1
 
diff --git a/vendor/k8s.io/client-go/scale/scheme/zz_generated.deepcopy.go b/vendor/k8s.io/client-go/scale/scheme/zz_generated.deepcopy.go
index 61c553df6ddd..d34399667fff 100644
--- a/vendor/k8s.io/client-go/scale/scheme/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/client-go/scale/scheme/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package scheme
 
@@ -49,9 +49,8 @@ func (in *Scale) DeepCopy() *Scale {
 func (in *Scale) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/client-go/scale/util.go b/vendor/k8s.io/client-go/scale/util.go
index 9eb10853605c..46b5c4d1e2d8 100644
--- a/vendor/k8s.io/client-go/scale/util.go
+++ b/vendor/k8s.io/client-go/scale/util.go
@@ -23,6 +23,7 @@ import (
 
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
+	serializer "k8s.io/apimachinery/pkg/runtime/serializer"
 	"k8s.io/client-go/discovery"
 	scalescheme "k8s.io/client-go/scale/scheme"
 	scaleappsint "k8s.io/client-go/scale/scheme/appsint"
@@ -124,6 +125,7 @@ func NewDiscoveryScaleKindResolver(client discovery.ServerResourcesInterface) Sc
 // ScaleConverter knows how to convert between external scale versions.
 type ScaleConverter struct {
 	scheme            *runtime.Scheme
+	codecs            serializer.CodecFactory
 	internalVersioner runtime.GroupVersioner
 }
 
@@ -141,6 +143,7 @@ func NewScaleConverter() *ScaleConverter {
 
 	return &ScaleConverter{
 		scheme: scheme,
+		codecs: serializer.NewCodecFactory(scheme),
 		internalVersioner: runtime.NewMultiGroupVersioner(
 			scalescheme.SchemeGroupVersion,
 			schema.GroupKind{Group: scaleext.GroupName, Kind: "Scale"},
@@ -156,6 +159,22 @@ func (c *ScaleConverter) Scheme() *runtime.Scheme {
 	return c.scheme
 }
 
+func (c *ScaleConverter) Codecs() serializer.CodecFactory {
+	return c.codecs
+}
+
+func (c *ScaleConverter) ScaleVersions() []schema.GroupVersion {
+	return []schema.GroupVersion{
+		scaleautoscaling.SchemeGroupVersion,
+		scalescheme.SchemeGroupVersion,
+		scaleext.SchemeGroupVersion,
+		scaleextint.SchemeGroupVersion,
+		scaleappsint.SchemeGroupVersion,
+		scaleappsv1beta1.SchemeGroupVersion,
+		scaleappsv1beta2.SchemeGroupVersion,
+	}
+}
+
 // ConvertToVersion converts the given *external* input object to the given output *external* output group-version.
 func (c *ScaleConverter) ConvertToVersion(in runtime.Object, outVersion schema.GroupVersion) (runtime.Object, error) {
 	scaleInt, err := c.scheme.ConvertToVersion(in, c.internalVersioner)
diff --git a/vendor/k8s.io/client-go/testing/BUILD b/vendor/k8s.io/client-go/testing/BUILD
index b26e662876dc..dd8d1339713c 100644
--- a/vendor/k8s.io/client-go/testing/BUILD
+++ b/vendor/k8s.io/client-go/testing/BUILD
@@ -3,6 +3,7 @@ package(default_visibility = ["//visibility:public"])
 load(
     "@io_bazel_rules_go//go:def.bzl",
     "go_library",
+    "go_test",
 )
 
 go_library(
@@ -28,6 +29,23 @@ go_library(
     ],
 )
 
+go_test(
+    name = "go_default_test",
+    srcs = [
+        "fixture_test.go",
+    ],
+    embed = [":go_default_library"],
+    deps = [
+        "//vendor/github.com/stretchr/testify/assert:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/meta:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
+    ],
+)
+
 filegroup(
     name = "package-srcs",
     srcs = glob(["**"]),
diff --git a/vendor/k8s.io/client-go/testing/fixture.go b/vendor/k8s.io/client-go/testing/fixture.go
index 08379fb0897d..ba8ee508f46f 100644
--- a/vendor/k8s.io/client-go/testing/fixture.go
+++ b/vendor/k8s.io/client-go/testing/fixture.go
@@ -29,6 +29,11 @@ import (
 	restclient "k8s.io/client-go/rest"
 )
 
+// FakeWatchBufferSize is the max num of watch event can be buffered in the
+// watch channel. Note that when watch event overflows or exceed this buffer
+// size, manipulations via fake client may be blocked.
+const FakeWatchBufferSize = 128
+
 // ObjectTracker keeps track of objects. It is intended to be used to
 // fake calls to a server by returning objects based on their kind,
 // namespace and name.
@@ -54,6 +59,10 @@ type ObjectTracker interface {
 	// didn't exist in the tracker prior to deletion, Delete returns
 	// no error.
 	Delete(gvr schema.GroupVersionResource, ns, name string) error
+
+	// Watch watches objects from the tracker. Watch returns a channel
+	// which will push added / modified / deleted object.
+	Watch(gvr schema.GroupVersionResource, ns string) (watch.Interface, error)
 }
 
 // ObjectScheme abstracts the implementation of common operations on objects.
@@ -132,6 +141,13 @@ type tracker struct {
 	decoder runtime.Decoder
 	lock    sync.RWMutex
 	objects map[schema.GroupVersionResource][]runtime.Object
+	// The value type of watchers is a map of which the key is either a namespace or
+	// all/non namespace aka "" and its value is list of fake watchers. Each of
+	// fake watcher holds a buffered channel of size "FakeWatchBufferSize" which
+	// is default to 128. Manipulations on resources will broadcast the notification
+	// events into the watchers' channel and note that too many unhandled event may
+	// potentially block the tracker.
+	watchers map[schema.GroupVersionResource]map[string][]*watch.FakeWatcher
 }
 
 var _ ObjectTracker = &tracker{}
@@ -140,9 +156,10 @@ var _ ObjectTracker = &tracker{}
 // of objects for the fake clientset. Mostly useful for unit tests.
 func NewObjectTracker(scheme ObjectScheme, decoder runtime.Decoder) ObjectTracker {
 	return &tracker{
-		scheme:  scheme,
-		decoder: decoder,
-		objects: make(map[schema.GroupVersionResource][]runtime.Object),
+		scheme:   scheme,
+		decoder:  decoder,
+		objects:  make(map[schema.GroupVersionResource][]runtime.Object),
+		watchers: make(map[schema.GroupVersionResource]map[string][]*watch.FakeWatcher),
 	}
 }
 
@@ -185,6 +202,19 @@ func (t *tracker) List(gvr schema.GroupVersionResource, gvk schema.GroupVersionK
 	return list.DeepCopyObject(), nil
 }
 
+func (t *tracker) Watch(gvr schema.GroupVersionResource, ns string) (watch.Interface, error) {
+	t.lock.Lock()
+	defer t.lock.Unlock()
+
+	fakewatcher := watch.NewFakeWithChanSize(FakeWatchBufferSize, true)
+
+	if _, exists := t.watchers[gvr]; !exists {
+		t.watchers[gvr] = make(map[string][]*watch.FakeWatcher)
+	}
+	t.watchers[gvr][ns] = append(t.watchers[gvr][ns], fakewatcher)
+	return fakewatcher, nil
+}
+
 func (t *tracker) Get(gvr schema.GroupVersionResource, ns, name string) (runtime.Object, error) {
 	errNotFound := errors.NewNotFound(gvr.GroupResource(), name)
 
@@ -263,6 +293,19 @@ func (t *tracker) Update(gvr schema.GroupVersionResource, obj runtime.Object, ns
 	return t.add(gvr, obj, ns, true)
 }
 
+func (t *tracker) getWatches(gvr schema.GroupVersionResource, ns string) []*watch.FakeWatcher {
+	watches := []*watch.FakeWatcher{}
+	if t.watchers[gvr] != nil {
+		if w := t.watchers[gvr][ns]; w != nil {
+			watches = append(watches, w...)
+		}
+		if w := t.watchers[gvr][""]; w != nil {
+			watches = append(watches, w...)
+		}
+	}
+	return watches
+}
+
 func (t *tracker) add(gvr schema.GroupVersionResource, obj runtime.Object, ns string, replaceExisting bool) error {
 	t.lock.Lock()
 	defer t.lock.Unlock()
@@ -296,6 +339,9 @@ func (t *tracker) add(gvr schema.GroupVersionResource, obj runtime.Object, ns st
 		}
 		if oldMeta.GetNamespace() == newMeta.GetNamespace() && oldMeta.GetName() == newMeta.GetName() {
 			if replaceExisting {
+				for _, w := range t.getWatches(gvr, ns) {
+					w.Modify(obj)
+				}
 				t.objects[gvr][i] = obj
 				return nil
 			}
@@ -310,6 +356,10 @@ func (t *tracker) add(gvr schema.GroupVersionResource, obj runtime.Object, ns st
 
 	t.objects[gvr] = append(t.objects[gvr], obj)
 
+	for _, w := range t.getWatches(gvr, ns) {
+		w.Add(obj)
+	}
+
 	return nil
 }
 
@@ -342,7 +392,11 @@ func (t *tracker) Delete(gvr schema.GroupVersionResource, ns, name string) error
 			return err
 		}
 		if objMeta.GetNamespace() == ns && objMeta.GetName() == name {
+			obj := t.objects[gvr][i]
 			t.objects[gvr] = append(t.objects[gvr][:i], t.objects[gvr][i+1:]...)
+			for _, w := range t.getWatches(gvr, ns) {
+				w.Delete(obj)
+			}
 			found = true
 			break
 		}
diff --git a/vendor/k8s.io/client-go/tools/auth/BUILD b/vendor/k8s.io/client-go/tools/auth/BUILD
index b418469efa59..5c7718a77899 100644
--- a/vendor/k8s.io/client-go/tools/auth/BUILD
+++ b/vendor/k8s.io/client-go/tools/auth/BUILD
@@ -16,7 +16,6 @@ go_library(
 go_test(
     name = "go_default_xtest",
     srcs = ["clientauth_test.go"],
-    importpath = "k8s.io/client-go/tools/auth_test",
     deps = ["//vendor/k8s.io/client-go/tools/auth:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/client-go/tools/auth/clientauth.go b/vendor/k8s.io/client-go/tools/auth/clientauth.go
index 2213b987816a..20339ab9d81b 100644
--- a/vendor/k8s.io/client-go/tools/auth/clientauth.go
+++ b/vendor/k8s.io/client-go/tools/auth/clientauth.go
@@ -23,7 +23,7 @@ location within a Container's file tree for Containers that
 need access to the Kubernetes API.
 
 Having a defined format allows:
-  - clients to be implmented in multiple languages
+  - clients to be implemented in multiple languages
   - applications which link clients to be portable across
     clusters with different authentication styles (e.g.
     some may use SSL Client certs, others may not, etc)
diff --git a/vendor/k8s.io/client-go/tools/bootstrap/token/api/BUILD b/vendor/k8s.io/client-go/tools/bootstrap/token/api/BUILD
new file mode 100644
index 000000000000..7416adc01069
--- /dev/null
+++ b/vendor/k8s.io/client-go/tools/bootstrap/token/api/BUILD
@@ -0,0 +1,26 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "doc.go",
+        "types.go",
+    ],
+    importpath = "k8s.io/client-go/tools/bootstrap/token/api",
+    visibility = ["//visibility:public"],
+    deps = ["//vendor/k8s.io/api/core/v1:go_default_library"],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/client-go/tools/bootstrap/token/api/OWNERS b/vendor/k8s.io/client-go/tools/bootstrap/token/api/OWNERS
new file mode 100644
index 000000000000..8a2f5b5915b1
--- /dev/null
+++ b/vendor/k8s.io/client-go/tools/bootstrap/token/api/OWNERS
@@ -0,0 +1,5 @@
+approvers:
+- jbeda
+- luxas
+reviewers:
+- mattmoyer
diff --git a/vendor/k8s.io/kubernetes/pkg/bootstrap/api/doc.go b/vendor/k8s.io/client-go/tools/bootstrap/token/api/doc.go
similarity index 89%
rename from vendor/k8s.io/kubernetes/pkg/bootstrap/api/doc.go
rename to vendor/k8s.io/client-go/tools/bootstrap/token/api/doc.go
index 7105823665ee..90ca81c8ac2d 100644
--- a/vendor/k8s.io/kubernetes/pkg/bootstrap/api/doc.go
+++ b/vendor/k8s.io/client-go/tools/bootstrap/token/api/doc.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// Package api (pkg/bootstrap/api) contains constants and types needed for
+// Package api (pkg/bootstrap/token/api) contains constants and types needed for
 // bootstrap tokens as maintained by the BootstrapSigner and TokenCleaner
 // controllers (in pkg/controller/bootstrap)
 package api
diff --git a/vendor/k8s.io/kubernetes/pkg/bootstrap/api/types.go b/vendor/k8s.io/client-go/tools/bootstrap/token/api/types.go
similarity index 97%
rename from vendor/k8s.io/kubernetes/pkg/bootstrap/api/types.go
rename to vendor/k8s.io/client-go/tools/bootstrap/token/api/types.go
index a4e67a1c2491..c30814c0e263 100644
--- a/vendor/k8s.io/kubernetes/pkg/bootstrap/api/types.go
+++ b/vendor/k8s.io/client-go/tools/bootstrap/token/api/types.go
@@ -95,3 +95,6 @@ const (
 	// tokens (in addition to any groups from BootstrapTokenExtraGroupsKey).
 	BootstrapDefaultGroup = "system:bootstrappers"
 )
+
+// KnownTokenUsages specifies the known functions a token will get.
+var KnownTokenUsages = []string{"signing", "authentication"}
diff --git a/vendor/k8s.io/kubernetes/pkg/bootstrap/api/BUILD b/vendor/k8s.io/client-go/tools/bootstrap/token/util/BUILD
similarity index 51%
rename from vendor/k8s.io/kubernetes/pkg/bootstrap/api/BUILD
rename to vendor/k8s.io/client-go/tools/bootstrap/token/util/BUILD
index 0beb8e733317..1d4d10e996d0 100644
--- a/vendor/k8s.io/kubernetes/pkg/bootstrap/api/BUILD
+++ b/vendor/k8s.io/client-go/tools/bootstrap/token/util/BUILD
@@ -1,25 +1,22 @@
-package(default_visibility = ["//visibility:public"])
-
-load(
-    "@io_bazel_rules_go//go:def.bzl",
-    "go_library",
-    "go_test",
-)
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 
 go_library(
     name = "go_default_library",
-    srcs = [
-        "doc.go",
-        "helpers.go",
-        "types.go",
-    ],
-    importpath = "k8s.io/kubernetes/pkg/bootstrap/api",
+    srcs = ["helpers.go"],
+    importpath = "k8s.io/client-go/tools/bootstrap/token/util",
+    visibility = ["//visibility:public"],
     deps = [
-        "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//vendor/k8s.io/client-go/tools/bootstrap/token/api:go_default_library",
     ],
 )
 
+go_test(
+    name = "go_default_test",
+    srcs = ["helpers_test.go"],
+    embed = [":go_default_library"],
+)
+
 filegroup(
     name = "package-srcs",
     srcs = glob(["**"]),
@@ -31,11 +28,5 @@ filegroup(
     name = "all-srcs",
     srcs = [":package-srcs"],
     tags = ["automanaged"],
-)
-
-go_test(
-    name = "go_default_test",
-    srcs = ["helpers_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/bootstrap/api",
-    library = ":go_default_library",
+    visibility = ["//visibility:public"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/bootstrap/api/helpers.go b/vendor/k8s.io/client-go/tools/bootstrap/token/util/helpers.go
similarity index 74%
rename from vendor/k8s.io/kubernetes/pkg/bootstrap/api/helpers.go
rename to vendor/k8s.io/client-go/tools/bootstrap/token/util/helpers.go
index 01859bc37fe7..d28fd28f2ecc 100644
--- a/vendor/k8s.io/kubernetes/pkg/bootstrap/api/helpers.go
+++ b/vendor/k8s.io/client-go/tools/bootstrap/token/util/helpers.go
@@ -14,16 +14,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package api
+package util
 
 import (
 	"fmt"
 	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/client-go/tools/bootstrap/token/api"
 	"regexp"
 	"strings"
 )
 
-var bootstrapGroupRegexp = regexp.MustCompile(`\A` + BootstrapGroupPattern + `\z`)
+var bootstrapGroupRegexp = regexp.MustCompile(`\A` + api.BootstrapGroupPattern + `\z`)
 
 // ValidateBootstrapGroupName checks if the provided group name is a valid
 // bootstrap group name. Returns nil if valid or a validation error if invalid.
@@ -32,21 +33,20 @@ func ValidateBootstrapGroupName(name string) error {
 	if bootstrapGroupRegexp.Match([]byte(name)) {
 		return nil
 	}
-	return fmt.Errorf("bootstrap group %q is invalid (must match %s)", name, BootstrapGroupPattern)
+	return fmt.Errorf("bootstrap group %q is invalid (must match %s)", name, api.BootstrapGroupPattern)
 }
 
 // ValidateUsages validates that the passed in string are valid usage strings for bootstrap tokens.
 func ValidateUsages(usages []string) error {
-	usageAuthentication := strings.TrimPrefix(BootstrapTokenUsageAuthentication, BootstrapTokenUsagePrefix)
-	usageSigning := strings.TrimPrefix(BootstrapTokenUsageSigningKey, BootstrapTokenUsagePrefix)
+	validUsages := sets.NewString(api.KnownTokenUsages...)
 	invalidUsages := sets.NewString()
 	for _, usage := range usages {
-		if usage != usageAuthentication && usage != usageSigning {
+		if !validUsages.Has(usage) {
 			invalidUsages.Insert(usage)
 		}
 	}
 	if len(invalidUsages) > 0 {
-		return fmt.Errorf("invalide bootstrap token usage string: %s, valid usage option: %s, %s", strings.Join(invalidUsages.List(), ","), usageAuthentication, usageSigning)
+		return fmt.Errorf("invalide bootstrap token usage string: %s, valid usage options: %s", strings.Join(invalidUsages.List(), ","), strings.Join(api.KnownTokenUsages, ","))
 	}
 	return nil
 }
diff --git a/vendor/k8s.io/client-go/tools/cache/BUILD b/vendor/k8s.io/client-go/tools/cache/BUILD
index 79e21e1ea51c..524354e87ca2 100644
--- a/vendor/k8s.io/client-go/tools/cache/BUILD
+++ b/vendor/k8s.io/client-go/tools/cache/BUILD
@@ -22,9 +22,8 @@ go_test(
         "store_test.go",
         "undelta_store_test.go",
     ],
-    features = ["-race"],
-    importpath = "k8s.io/client-go/tools/cache",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
+    race = "off",
     deps = [
         "//vendor/github.com/google/gofuzz:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
@@ -83,6 +82,7 @@ go_library(
         "//vendor/k8s.io/client-go/rest:go_default_library",
         "//vendor/k8s.io/client-go/tools/pager:go_default_library",
         "//vendor/k8s.io/client-go/util/buffer:go_default_library",
+        "//vendor/k8s.io/client-go/util/retry:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/client-go/tools/cache/controller.go b/vendor/k8s.io/client-go/tools/cache/controller.go
index e7b98befadfe..028c75e8e19e 100644
--- a/vendor/k8s.io/client-go/tools/cache/controller.go
+++ b/vendor/k8s.io/client-go/tools/cache/controller.go
@@ -288,7 +288,7 @@ func NewInformer(
 	// This will hold incoming changes. Note how we pass clientState in as a
 	// KeyLister, that way resync operations will result in the correct set
 	// of update/delete deltas.
-	fifo := NewDeltaFIFO(MetaNamespaceKeyFunc, nil, clientState)
+	fifo := NewDeltaFIFO(MetaNamespaceKeyFunc, clientState)
 
 	cfg := &Config{
 		Queue:            fifo,
@@ -355,7 +355,7 @@ func NewIndexerInformer(
 	// This will hold incoming changes. Note how we pass clientState in as a
 	// KeyLister, that way resync operations will result in the correct set
 	// of update/delete deltas.
-	fifo := NewDeltaFIFO(MetaNamespaceKeyFunc, nil, clientState)
+	fifo := NewDeltaFIFO(MetaNamespaceKeyFunc, clientState)
 
 	cfg := &Config{
 		Queue:            fifo,
diff --git a/vendor/k8s.io/client-go/tools/cache/delta_fifo.go b/vendor/k8s.io/client-go/tools/cache/delta_fifo.go
index f06d1c5b1cf0..45c3b500d427 100644
--- a/vendor/k8s.io/client-go/tools/cache/delta_fifo.go
+++ b/vendor/k8s.io/client-go/tools/cache/delta_fifo.go
@@ -31,11 +31,6 @@ import (
 // keyFunc is used to figure out what key an object should have. (It's
 // exposed in the returned DeltaFIFO's KeyOf() method, with bonus features.)
 //
-// 'compressor' may compress as many or as few items as it wants
-// (including returning an empty slice), but it should do what it
-// does quickly since it is called while the queue is locked.
-// 'compressor' may be nil if you don't want any delta compression.
-//
 // 'keyLister' is expected to return a list of keys that the consumer of
 // this queue "knows about". It is used to decide which items are missing
 // when Replace() is called; 'Deleted' deltas are produced for these items.
@@ -43,18 +38,30 @@ import (
 // TODO: consider merging keyLister with this object, tracking a list of
 //       "known" keys when Pop() is called. Have to think about how that
 //       affects error retrying.
-// TODO(lavalamp): I believe there is a possible race only when using an
-//                 external known object source that the above TODO would
-//                 fix.
+// NOTE: It is possible to misuse this and cause a race when using an
+//       external known object source.
+//       Whether there is a potential race depends on how the comsumer
+//       modifies knownObjects. In Pop(), process function is called under
+//       lock, so it is safe to update data structures in it that need to be
+//       in sync with the queue (e.g. knownObjects).
+//
+//       Example:
+//       In case of sharedIndexInformer being a consumer
+//       (https://github.com/kubernetes/kubernetes/blob/0cdd940f/staging/
+//       src/k8s.io/client-go/tools/cache/shared_informer.go#L192),
+//       there is no race as knownObjects (s.indexer) is modified safely
+//       under DeltaFIFO's lock. The only exceptions are GetStore() and
+//       GetIndexer() methods, which expose ways to modify the underlying
+//       storage. Currently these two methods are used for creating Lister
+//       and internal tests.
 //
 // Also see the comment on DeltaFIFO.
-func NewDeltaFIFO(keyFunc KeyFunc, compressor DeltaCompressor, knownObjects KeyListerGetter) *DeltaFIFO {
+func NewDeltaFIFO(keyFunc KeyFunc, knownObjects KeyListerGetter) *DeltaFIFO {
 	f := &DeltaFIFO{
-		items:           map[string]Deltas{},
-		queue:           []string{},
-		keyFunc:         keyFunc,
-		deltaCompressor: compressor,
-		knownObjects:    knownObjects,
+		items:        map[string]Deltas{},
+		queue:        []string{},
+		keyFunc:      keyFunc,
+		knownObjects: knownObjects,
 	}
 	f.cond.L = &f.lock
 	return f
@@ -86,9 +93,6 @@ func NewDeltaFIFO(keyFunc KeyFunc, compressor DeltaCompressor, knownObjects KeyL
 // items have been deleted when Replace() or Delete() are called. The deleted
 // object will be included in the DeleteFinalStateUnknown markers. These objects
 // could be stale.
-//
-// You may provide a function to compress deltas (e.g., represent a
-// series of Updates as a single Update).
 type DeltaFIFO struct {
 	// lock/cond protects access to 'items' and 'queue'.
 	lock sync.RWMutex
@@ -110,10 +114,6 @@ type DeltaFIFO struct {
 	// insertion and retrieval, and should be deterministic.
 	keyFunc KeyFunc
 
-	// deltaCompressor tells us how to combine two or more
-	// deltas. It may be nil.
-	deltaCompressor DeltaCompressor
-
 	// knownObjects list keys that are "known", for the
 	// purpose of figuring out which items have been deleted
 	// when Replace() or Delete() is called.
@@ -133,7 +133,6 @@ var (
 var (
 	// ErrZeroLengthDeltasObject is returned in a KeyError if a Deltas
 	// object with zero length is encountered (should be impossible,
-	// even if such an object is accidentally produced by a DeltaCompressor--
 	// but included for completeness).
 	ErrZeroLengthDeltasObject = errors.New("0 length Deltas object; can't get key")
 )
@@ -213,8 +212,6 @@ func (f *DeltaFIFO) Delete(obj interface{}) error {
 		if err == nil && !exists && !itemsExist {
 			// Presumably, this was deleted when a relist happened.
 			// Don't provide a second report of the same deletion.
-			// TODO(lavalamp): This may be racy-- we aren't properly locked
-			// with knownObjects.
 			return nil
 		}
 	}
@@ -305,8 +302,8 @@ func (f *DeltaFIFO) willObjectBeDeletedLocked(id string) bool {
 	return len(deltas) > 0 && deltas[len(deltas)-1].Type == Deleted
 }
 
-// queueActionLocked appends to the delta list for the object, calling
-// f.deltaCompressor if needed. Caller must lock first.
+// queueActionLocked appends to the delta list for the object.
+// Caller must lock first.
 func (f *DeltaFIFO) queueActionLocked(actionType DeltaType, obj interface{}) error {
 	id, err := f.KeyOf(obj)
 	if err != nil {
@@ -322,9 +319,6 @@ func (f *DeltaFIFO) queueActionLocked(actionType DeltaType, obj interface{}) err
 
 	newDeltas := append(f.items[id], Delta{actionType, obj})
 	newDeltas = dedupDeltas(newDeltas)
-	if f.deltaCompressor != nil {
-		newDeltas = f.deltaCompressor.Compress(newDeltas)
-	}
 
 	_, exists := f.items[id]
 	if len(newDeltas) > 0 {
@@ -334,8 +328,7 @@ func (f *DeltaFIFO) queueActionLocked(actionType DeltaType, obj interface{}) err
 		f.items[id] = newDeltas
 		f.cond.Broadcast()
 	} else if exists {
-		// The compression step removed all deltas, so
-		// we need to remove this from our map (extra items
+		// We need to remove this from our map (extra items
 		// in the queue are ignored if they are not in the
 		// map).
 		delete(f.items, id)
@@ -355,8 +348,8 @@ func (f *DeltaFIFO) List() []interface{} {
 func (f *DeltaFIFO) listLocked() []interface{} {
 	list := make([]interface{}, 0, len(f.items))
 	for _, item := range f.items {
-		// Copy item's slice so operations on this slice (delta
-		// compression) won't interfere with the object we return.
+		// Copy item's slice so operations on this slice
+		// won't interfere with the object we return.
 		item = copyDeltas(item)
 		list = append(list, item.Newest().Object)
 	}
@@ -394,8 +387,8 @@ func (f *DeltaFIFO) GetByKey(key string) (item interface{}, exists bool, err err
 	defer f.lock.RUnlock()
 	d, exists := f.items[key]
 	if exists {
-		// Copy item's slice so operations on this slice (delta
-		// compression) won't interfere with the object we return.
+		// Copy item's slice so operations on this slice
+		// won't interfere with the object we return.
 		d = copyDeltas(d)
 	}
 	return d, exists, nil
@@ -503,8 +496,6 @@ func (f *DeltaFIFO) Replace(list []interface{}, resourceVersion string) error {
 	}
 
 	// Detect deletions not already in the queue.
-	// TODO(lavalamp): This may be racy-- we aren't properly locked
-	// with knownObjects. Unproven.
 	knownKeys := f.knownObjects.ListKeys()
 	queuedDeletions := 0
 	for _, k := range knownKeys {
@@ -603,23 +594,6 @@ type KeyGetter interface {
 	GetByKey(key string) (interface{}, bool, error)
 }
 
-// DeltaCompressor is an algorithm that removes redundant changes.
-type DeltaCompressor interface {
-	Compress(Deltas) Deltas
-}
-
-// DeltaCompressorFunc should remove redundant changes; but changes that
-// are redundant depend on one's desired semantics, so this is an
-// injectable function.
-//
-// DeltaCompressorFunc adapts a raw function to be a DeltaCompressor.
-type DeltaCompressorFunc func(Deltas) Deltas
-
-// Compress just calls dc.
-func (dc DeltaCompressorFunc) Compress(d Deltas) Deltas {
-	return dc(d)
-}
-
 // DeltaType is the type of a change (addition, deletion, etc)
 type DeltaType string
 
@@ -668,7 +642,7 @@ func (d Deltas) Newest() *Delta {
 
 // copyDeltas returns a shallow copy of d; that is, it copies the slice but not
 // the objects in the slice. This allows Get/List to return an object that we
-// know won't be clobbered by a subsequent call to a delta compressor.
+// know won't be clobbered by a subsequent modifications.
 func copyDeltas(d Deltas) Deltas {
 	d2 := make(Deltas, len(d))
 	copy(d2, d)
diff --git a/vendor/k8s.io/client-go/tools/cache/fifo.go b/vendor/k8s.io/client-go/tools/cache/fifo.go
index ef70b7aca1d6..e05c01ee2960 100644
--- a/vendor/k8s.io/client-go/tools/cache/fifo.go
+++ b/vendor/k8s.io/client-go/tools/cache/fifo.go
@@ -59,7 +59,7 @@ type Queue interface {
 	// has since been added.
 	AddIfNotPresent(interface{}) error
 
-	// Return true if the first batch of items has been popped
+	// HasSynced returns true if the first batch of items has been popped
 	HasSynced() bool
 
 	// Close queue
diff --git a/vendor/k8s.io/client-go/tools/cache/listwatch.go b/vendor/k8s.io/client-go/tools/cache/listwatch.go
index db2329c55a24..06657a3b062f 100644
--- a/vendor/k8s.io/client-go/tools/cache/listwatch.go
+++ b/vendor/k8s.io/client-go/tools/cache/listwatch.go
@@ -63,8 +63,18 @@ type Getter interface {
 
 // NewListWatchFromClient creates a new ListWatch from the specified client, resource, namespace and field selector.
 func NewListWatchFromClient(c Getter, resource string, namespace string, fieldSelector fields.Selector) *ListWatch {
-	listFunc := func(options metav1.ListOptions) (runtime.Object, error) {
+	optionsModifier := func(options *metav1.ListOptions) {
 		options.FieldSelector = fieldSelector.String()
+	}
+	return NewFilteredListWatchFromClient(c, resource, namespace, optionsModifier)
+}
+
+// NewFilteredListWatchFromClient creates a new ListWatch from the specified client, resource, namespace, and option modifier.
+// Option modifier is a function takes a ListOptions and modifies the consumed ListOptions. Provide customized modifier function
+// to apply modification to ListOptions with a field selector, a label selector, or any other desired options.
+func NewFilteredListWatchFromClient(c Getter, resource string, namespace string, optionsModifier func(options *metav1.ListOptions)) *ListWatch {
+	listFunc := func(options metav1.ListOptions) (runtime.Object, error) {
+		optionsModifier(&options)
 		return c.Get().
 			Namespace(namespace).
 			Resource(resource).
@@ -74,7 +84,7 @@ func NewListWatchFromClient(c Getter, resource string, namespace string, fieldSe
 	}
 	watchFunc := func(options metav1.ListOptions) (watch.Interface, error) {
 		options.Watch = true
-		options.FieldSelector = fieldSelector.String()
+		optionsModifier(&options)
 		return c.Get().
 			Namespace(namespace).
 			Resource(resource).
diff --git a/vendor/k8s.io/client-go/tools/cache/reflector.go b/vendor/k8s.io/client-go/tools/cache/reflector.go
index a97b5f98abb9..054a7373c96a 100644
--- a/vendor/k8s.io/client-go/tools/cache/reflector.go
+++ b/vendor/k8s.io/client-go/tools/cache/reflector.go
@@ -108,8 +108,8 @@ func NewNamedReflector(name string, lw ListerWatcher, expectedType interface{},
 	reflectorSuffix := atomic.AddInt64(&reflectorDisambiguator, 1)
 	r := &Reflector{
 		name: name,
-		// we need this to be unique per process (some names are still the same)but obvious who it belongs to
-		metrics:       newReflectorMetrics(makeValidPromethusMetricLabel(fmt.Sprintf("reflector_"+name+"_%d", reflectorSuffix))),
+		// we need this to be unique per process (some names are still the same) but obvious who it belongs to
+		metrics:       newReflectorMetrics(makeValidPrometheusMetricLabel(fmt.Sprintf("reflector_"+name+"_%d", reflectorSuffix))),
 		listerWatcher: lw,
 		store:         store,
 		expectedType:  reflect.TypeOf(expectedType),
@@ -120,7 +120,7 @@ func NewNamedReflector(name string, lw ListerWatcher, expectedType interface{},
 	return r
 }
 
-func makeValidPromethusMetricLabel(in string) string {
+func makeValidPrometheusMetricLabel(in string) string {
 	// this isn't perfect, but it removes our common characters
 	return strings.NewReplacer("/", "_", ".", "_", "-", "_", ":", "_").Replace(in)
 }
@@ -302,12 +302,12 @@ func (r *Reflector) ListAndWatch(stopCh <-chan struct{}) error {
 		default:
 		}
 
-		timemoutseconds := int64(minWatchTimeout.Seconds() * (rand.Float64() + 1.0))
+		timeoutSeconds := int64(minWatchTimeout.Seconds() * (rand.Float64() + 1.0))
 		options = metav1.ListOptions{
 			ResourceVersion: resourceVersion,
 			// We want to avoid situations of hanging watchers. Stop any wachers that do not
 			// receive any events within the timeout window.
-			TimeoutSeconds: &timemoutseconds,
+			TimeoutSeconds: &timeoutSeconds,
 		}
 
 		r.metrics.numberOfWatches.Inc()
diff --git a/vendor/k8s.io/client-go/tools/cache/shared_informer.go b/vendor/k8s.io/client-go/tools/cache/shared_informer.go
index b11f0ebdd77c..5f8c507f9e9d 100644
--- a/vendor/k8s.io/client-go/tools/cache/shared_informer.go
+++ b/vendor/k8s.io/client-go/tools/cache/shared_informer.go
@@ -26,6 +26,7 @@ import (
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/client-go/util/buffer"
+	"k8s.io/client-go/util/retry"
 
 	"github.com/golang/glog"
 )
@@ -188,7 +189,7 @@ type deleteNotification struct {
 func (s *sharedIndexInformer) Run(stopCh <-chan struct{}) {
 	defer utilruntime.HandleCrash()
 
-	fifo := NewDeltaFIFO(MetaNamespaceKeyFunc, nil, s.indexer)
+	fifo := NewDeltaFIFO(MetaNamespaceKeyFunc, s.indexer)
 
 	cfg := &Config{
 		Queue:            fifo,
@@ -334,7 +335,7 @@ func (s *sharedIndexInformer) AddEventHandlerWithResyncPeriod(handler ResourceEv
 	s.blockDeltas.Lock()
 	defer s.blockDeltas.Unlock()
 
-	s.processor.addAndStartListener(listener)
+	s.processor.addListener(listener)
 	for _, item := range s.indexer.List() {
 		listener.add(addNotification{newObj: item})
 	}
@@ -372,6 +373,7 @@ func (s *sharedIndexInformer) HandleDeltas(obj interface{}) error {
 }
 
 type sharedProcessor struct {
+	listenersStarted bool
 	listenersLock    sync.RWMutex
 	listeners        []*processorListener
 	syncingListeners []*processorListener
@@ -379,20 +381,15 @@ type sharedProcessor struct {
 	wg               wait.Group
 }
 
-func (p *sharedProcessor) addAndStartListener(listener *processorListener) {
-	p.listenersLock.Lock()
-	defer p.listenersLock.Unlock()
-
-	p.addListenerLocked(listener)
-	p.wg.Start(listener.run)
-	p.wg.Start(listener.pop)
-}
-
 func (p *sharedProcessor) addListener(listener *processorListener) {
 	p.listenersLock.Lock()
 	defer p.listenersLock.Unlock()
 
 	p.addListenerLocked(listener)
+	if p.listenersStarted {
+		p.wg.Start(listener.run)
+		p.wg.Start(listener.pop)
+	}
 }
 
 func (p *sharedProcessor) addListenerLocked(listener *processorListener) {
@@ -423,6 +420,7 @@ func (p *sharedProcessor) run(stopCh <-chan struct{}) {
 			p.wg.Start(listener.run)
 			p.wg.Start(listener.pop)
 		}
+		p.listenersStarted = true
 	}()
 	<-stopCh
 	p.listenersLock.RLock()
@@ -540,20 +538,35 @@ func (p *processorListener) pop() {
 }
 
 func (p *processorListener) run() {
-	defer utilruntime.HandleCrash()
+	// this call blocks until the channel is closed.  When a panic happens during the notification
+	// we will catch it, **the offending item will be skipped!**, and after a short delay (one second)
+	// the next notification will be attempted.  This is usually better than the alternative of never
+	// delivering again.
+	stopCh := make(chan struct{})
+	wait.Until(func() {
+		// this gives us a few quick retries before a long pause and then a few more quick retries
+		err := wait.ExponentialBackoff(retry.DefaultRetry, func() (bool, error) {
+			for next := range p.nextCh {
+				switch notification := next.(type) {
+				case updateNotification:
+					p.handler.OnUpdate(notification.oldObj, notification.newObj)
+				case addNotification:
+					p.handler.OnAdd(notification.newObj)
+				case deleteNotification:
+					p.handler.OnDelete(notification.oldObj)
+				default:
+					utilruntime.HandleError(fmt.Errorf("unrecognized notification: %#v", next))
+				}
+			}
+			// the only way to get here is if the p.nextCh is empty and closed
+			return true, nil
+		})
 
-	for next := range p.nextCh {
-		switch notification := next.(type) {
-		case updateNotification:
-			p.handler.OnUpdate(notification.oldObj, notification.newObj)
-		case addNotification:
-			p.handler.OnAdd(notification.newObj)
-		case deleteNotification:
-			p.handler.OnDelete(notification.oldObj)
-		default:
-			utilruntime.HandleError(fmt.Errorf("unrecognized notification: %#v", next))
+		// the only way to get here is if the p.nextCh is empty and closed
+		if err == nil {
+			close(stopCh)
 		}
-	}
+	}, 1*time.Minute, stopCh)
 }
 
 // shouldResync deterimines if the listener needs a resync. If the listener's resyncPeriod is 0,
diff --git a/vendor/k8s.io/client-go/tools/clientcmd/BUILD b/vendor/k8s.io/client-go/tools/clientcmd/BUILD
index 77a8d2229f69..c46c76d5d650 100644
--- a/vendor/k8s.io/client-go/tools/clientcmd/BUILD
+++ b/vendor/k8s.io/client-go/tools/clientcmd/BUILD
@@ -15,8 +15,7 @@ go_test(
         "overrides_test.go",
         "validation_test.go",
     ],
-    importpath = "k8s.io/client-go/tools/clientcmd",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/ghodss/yaml:go_default_library",
         "//vendor/github.com/imdario/mergo:go_default_library",
diff --git a/vendor/k8s.io/client-go/tools/clientcmd/api/BUILD b/vendor/k8s.io/client-go/tools/clientcmd/api/BUILD
index d46f4e28fb10..b2fd13824115 100644
--- a/vendor/k8s.io/client-go/tools/clientcmd/api/BUILD
+++ b/vendor/k8s.io/client-go/tools/clientcmd/api/BUILD
@@ -12,8 +12,7 @@ go_test(
         "helpers_test.go",
         "types_test.go",
     ],
-    importpath = "k8s.io/client-go/tools/clientcmd/api",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/github.com/ghodss/yaml:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/client-go/tools/clientcmd/api/types.go b/vendor/k8s.io/client-go/tools/clientcmd/api/types.go
index 407dec83a4f2..1391df7021bd 100644
--- a/vendor/k8s.io/client-go/tools/clientcmd/api/types.go
+++ b/vendor/k8s.io/client-go/tools/clientcmd/api/types.go
@@ -119,6 +119,9 @@ type AuthInfo struct {
 	// AuthProvider specifies a custom authentication plugin for the kubernetes cluster.
 	// +optional
 	AuthProvider *AuthProviderConfig `json:"auth-provider,omitempty"`
+	// Exec specifies a custom exec-based authentication plugin for the kubernetes cluster.
+	// +optional
+	Exec *ExecConfig `json:"exec,omitempty"`
 	// Extensions holds additional information. This is useful for extenders so that reads and writes don't clobber unknown fields
 	// +optional
 	Extensions map[string]runtime.Object `json:"extensions,omitempty"`
@@ -147,6 +150,35 @@ type AuthProviderConfig struct {
 	Config map[string]string `json:"config,omitempty"`
 }
 
+// ExecConfig specifies a command to provide client credentials. The command is exec'd
+// and outputs structured stdout holding credentials.
+//
+// See the client.authentiction.k8s.io API group for specifications of the exact input
+// and output format
+type ExecConfig struct {
+	// Command to execute.
+	Command string `json:"command"`
+	// Arguments to pass to the command when executing it.
+	// +optional
+	Args []string `json:"args"`
+	// Env defines additional environment variables to expose to the process. These
+	// are unioned with the host's environment, as well as variables client-go uses
+	// to pass argument to the plugin.
+	// +optional
+	Env []ExecEnvVar `json:"env"`
+
+	// Preferred input version of the ExecInfo. The returned ExecCredentials MUST use
+	// the same encoding version as the input.
+	APIVersion string `json:"apiVersion,omitempty"`
+}
+
+// ExecEnvVar is used for setting environment variables when executing an exec-based
+// credential plugin.
+type ExecEnvVar struct {
+	Name  string `json:"name"`
+	Value string `json:"value"`
+}
+
 // NewConfig is a convenience function that returns a new Config object with non-nil maps
 func NewConfig() *Config {
 	return &Config{
diff --git a/vendor/k8s.io/client-go/tools/clientcmd/api/v1/types.go b/vendor/k8s.io/client-go/tools/clientcmd/api/v1/types.go
index 53568135e8f1..56afb608a8c9 100644
--- a/vendor/k8s.io/client-go/tools/clientcmd/api/v1/types.go
+++ b/vendor/k8s.io/client-go/tools/clientcmd/api/v1/types.go
@@ -113,6 +113,9 @@ type AuthInfo struct {
 	// AuthProvider specifies a custom authentication plugin for the kubernetes cluster.
 	// +optional
 	AuthProvider *AuthProviderConfig `json:"auth-provider,omitempty"`
+	// Exec specifies a custom exec-based authentication plugin for the kubernetes cluster.
+	// +optional
+	Exec *ExecConfig `json:"exec,omitempty"`
 	// Extensions holds additional information. This is useful for extenders so that reads and writes don't clobber unknown fields
 	// +optional
 	Extensions []NamedExtension `json:"extensions,omitempty"`
@@ -169,3 +172,32 @@ type AuthProviderConfig struct {
 	Name   string            `json:"name"`
 	Config map[string]string `json:"config"`
 }
+
+// ExecConfig specifies a command to provide client credentials. The command is exec'd
+// and outputs structured stdout holding credentials.
+//
+// See the client.authentiction.k8s.io API group for specifications of the exact input
+// and output format
+type ExecConfig struct {
+	// Command to execute.
+	Command string `json:"command"`
+	// Arguments to pass to the command when executing it.
+	// +optional
+	Args []string `json:"args"`
+	// Env defines additional environment variables to expose to the process. These
+	// are unioned with the host's environment, as well as variables client-go uses
+	// to pass argument to the plugin.
+	// +optional
+	Env []ExecEnvVar `json:"env"`
+
+	// Preferred input version of the ExecInfo. The returned ExecCredentials MUST use
+	// the same encoding version as the input.
+	APIVersion string `json:"apiVersion,omitempty"`
+}
+
+// ExecEnvVar is used for setting environment variables when executing an exec-based
+// credential plugin.
+type ExecEnvVar struct {
+	Name  string `json:"name"`
+	Value string `json:"value"`
+}
diff --git a/vendor/k8s.io/client-go/tools/clientcmd/api/v1/zz_generated.deepcopy.go b/vendor/k8s.io/client-go/tools/clientcmd/api/v1/zz_generated.deepcopy.go
index dbd943d151d4..83d05b7c6cda 100644
--- a/vendor/k8s.io/client-go/tools/clientcmd/api/v1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/client-go/tools/clientcmd/api/v1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1
 
@@ -63,6 +63,15 @@ func (in *AuthInfo) DeepCopyInto(out *AuthInfo) {
 			(*in).DeepCopyInto(*out)
 		}
 	}
+	if in.Exec != nil {
+		in, out := &in.Exec, &out.Exec
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(ExecConfig)
+			(*in).DeepCopyInto(*out)
+		}
+	}
 	if in.Extensions != nil {
 		in, out := &in.Extensions, &out.Extensions
 		*out = make([]NamedExtension, len(*in))
@@ -183,9 +192,8 @@ func (in *Config) DeepCopy() *Config {
 func (in *Config) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -211,6 +219,48 @@ func (in *Context) DeepCopy() *Context {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExecConfig) DeepCopyInto(out *ExecConfig) {
+	*out = *in
+	if in.Args != nil {
+		in, out := &in.Args, &out.Args
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	if in.Env != nil {
+		in, out := &in.Env, &out.Env
+		*out = make([]ExecEnvVar, len(*in))
+		copy(*out, *in)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecConfig.
+func (in *ExecConfig) DeepCopy() *ExecConfig {
+	if in == nil {
+		return nil
+	}
+	out := new(ExecConfig)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExecEnvVar) DeepCopyInto(out *ExecEnvVar) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecEnvVar.
+func (in *ExecEnvVar) DeepCopy() *ExecEnvVar {
+	if in == nil {
+		return nil
+	}
+	out := new(ExecEnvVar)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *NamedAuthInfo) DeepCopyInto(out *NamedAuthInfo) {
 	*out = *in
diff --git a/vendor/k8s.io/client-go/tools/clientcmd/api/zz_generated.deepcopy.go b/vendor/k8s.io/client-go/tools/clientcmd/api/zz_generated.deepcopy.go
index e575b23d7244..085c088ee5ea 100644
--- a/vendor/k8s.io/client-go/tools/clientcmd/api/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/client-go/tools/clientcmd/api/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package api
 
@@ -63,6 +63,15 @@ func (in *AuthInfo) DeepCopyInto(out *AuthInfo) {
 			(*in).DeepCopyInto(*out)
 		}
 	}
+	if in.Exec != nil {
+		in, out := &in.Exec, &out.Exec
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(ExecConfig)
+			(*in).DeepCopyInto(*out)
+		}
+	}
 	if in.Extensions != nil {
 		in, out := &in.Extensions, &out.Extensions
 		*out = make(map[string]runtime.Object, len(*in))
@@ -210,9 +219,8 @@ func (in *Config) DeepCopy() *Config {
 func (in *Config) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -242,6 +250,48 @@ func (in *Context) DeepCopy() *Context {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExecConfig) DeepCopyInto(out *ExecConfig) {
+	*out = *in
+	if in.Args != nil {
+		in, out := &in.Args, &out.Args
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	if in.Env != nil {
+		in, out := &in.Env, &out.Env
+		*out = make([]ExecEnvVar, len(*in))
+		copy(*out, *in)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecConfig.
+func (in *ExecConfig) DeepCopy() *ExecConfig {
+	if in == nil {
+		return nil
+	}
+	out := new(ExecConfig)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExecEnvVar) DeepCopyInto(out *ExecEnvVar) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecEnvVar.
+func (in *ExecEnvVar) DeepCopy() *ExecEnvVar {
+	if in == nil {
+		return nil
+	}
+	out := new(ExecEnvVar)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *Preferences) DeepCopyInto(out *Preferences) {
 	*out = *in
diff --git a/vendor/k8s.io/client-go/tools/clientcmd/client_config.go b/vendor/k8s.io/client-go/tools/clientcmd/client_config.go
index a8698af24320..c202e6b2552f 100644
--- a/vendor/k8s.io/client-go/tools/clientcmd/client_config.go
+++ b/vendor/k8s.io/client-go/tools/clientcmd/client_config.go
@@ -107,7 +107,7 @@ func (config *DirectClientConfig) RawConfig() (clientcmdapi.Config, error) {
 // ClientConfig implements ClientConfig
 func (config *DirectClientConfig) ClientConfig() (*restclient.Config, error) {
 	// check that getAuthInfo, getContext, and getCluster do not return an error.
-	// Do this before checking if the curent config is usable in the event that an
+	// Do this before checking if the current config is usable in the event that an
 	// AuthInfo, Context, or Cluster config with user-defined names are not found.
 	// This provides a user with the immediate cause for error if one is found
 	configAuthInfo, err := config.getAuthInfo()
@@ -202,7 +202,7 @@ func getServerIdentificationPartialConfig(configAuthInfo clientcmdapi.AuthInfo,
 
 // clientauth.Info object contain both user identification and server identification.  We want different precedence orders for
 // both, so we have to split the objects and merge them separately
-// we want this order of precedence for user identifcation
+// we want this order of precedence for user identification
 // 1.  configAuthInfo minus auth-path (the final result of command line flags and merged .kubeconfig files)
 // 2.  configAuthInfo.auth-path (this file can contain information that conflicts with #1, and we want #1 to win the priority)
 // 3.  if there is not enough information to identify the user, load try the ~/.kubernetes_auth file
@@ -241,6 +241,9 @@ func (config *DirectClientConfig) getUserIdentificationPartialConfig(configAuthI
 		mergedConfig.AuthProvider = configAuthInfo.AuthProvider
 		mergedConfig.AuthConfigPersister = persistAuthConfig
 	}
+	if configAuthInfo.Exec != nil {
+		mergedConfig.ExecProvider = configAuthInfo.Exec
+	}
 
 	// if there still isn't enough information to authenticate the user, try prompting
 	if !canIdentifyUser(*mergedConfig) && (fallbackReader != nil) {
@@ -291,7 +294,8 @@ func canIdentifyUser(config restclient.Config) bool {
 	return len(config.Username) > 0 ||
 		(len(config.CertFile) > 0 || len(config.CertData) > 0) ||
 		len(config.BearerToken) > 0 ||
-		config.AuthProvider != nil
+		config.AuthProvider != nil ||
+		config.ExecProvider != nil
 }
 
 // Namespace implements ClientConfig
@@ -474,7 +478,7 @@ func (config *inClusterClientConfig) ClientConfig() (*restclient.Config, error)
 	}
 
 	// in-cluster configs only takes a host, token, or CA file
-	// if any of them were individually provided, ovewrite anything else
+	// if any of them were individually provided, overwrite anything else
 	if config.overrides != nil {
 		if server := config.overrides.ClusterInfo.Server; len(server) > 0 {
 			icc.Host = server
diff --git a/vendor/k8s.io/client-go/tools/clientcmd/loader.go b/vendor/k8s.io/client-go/tools/clientcmd/loader.go
index 6ac83b5c8430..95e7b1540051 100644
--- a/vendor/k8s.io/client-go/tools/clientcmd/loader.go
+++ b/vendor/k8s.io/client-go/tools/clientcmd/loader.go
@@ -111,7 +111,7 @@ func (g *ClientConfigGetter) IsDefaultConfig(config *restclient.Config) bool {
 // ClientConfigLoadingRules is an ExplicitPath and string slice of specific locations that are used for merging together a Config
 // Callers can put the chain together however they want, but we'd recommend:
 // EnvVarPathFiles if set (a list of files if set) OR the HomeDirectoryPath
-// ExplicitPath is special, because if a user specifically requests a certain file be used and error is reported if thie file is not present
+// ExplicitPath is special, because if a user specifically requests a certain file be used and error is reported if this file is not present
 type ClientConfigLoadingRules struct {
 	ExplicitPath string
 	Precedence   []string
@@ -420,7 +420,7 @@ func WriteToFile(config clientcmdapi.Config, filename string) error {
 
 func lockFile(filename string) error {
 	// TODO: find a way to do this with actual file locks. Will
-	// probably need seperate solution for windows and linux.
+	// probably need separate solution for windows and Linux.
 
 	// Make sure the dir exists before we try to create a lock file.
 	dir := filepath.Dir(filename)
@@ -557,7 +557,12 @@ func GetClusterFileReferences(cluster *clientcmdapi.Cluster) []*string {
 }
 
 func GetAuthInfoFileReferences(authInfo *clientcmdapi.AuthInfo) []*string {
-	return []*string{&authInfo.ClientCertificate, &authInfo.ClientKey, &authInfo.TokenFile}
+	s := []*string{&authInfo.ClientCertificate, &authInfo.ClientKey, &authInfo.TokenFile}
+	// Only resolve exec command if it isn't PATH based.
+	if authInfo.Exec != nil && strings.ContainsRune(authInfo.Exec.Command, filepath.Separator) {
+		s = append(s, &authInfo.Exec.Command)
+	}
+	return s
 }
 
 // ResolvePaths updates the given refs to be absolute paths, relative to the given base directory
diff --git a/vendor/k8s.io/client-go/tools/clientcmd/validation.go b/vendor/k8s.io/client-go/tools/clientcmd/validation.go
index 2bae0c395d2a..629c0b30a074 100644
--- a/vendor/k8s.io/client-go/tools/clientcmd/validation.go
+++ b/vendor/k8s.io/client-go/tools/clientcmd/validation.go
@@ -237,6 +237,25 @@ func validateAuthInfo(authInfoName string, authInfo clientcmdapi.AuthInfo) []err
 		}
 	}
 
+	if authInfo.Exec != nil {
+		if authInfo.AuthProvider != nil {
+			validationErrors = append(validationErrors, fmt.Errorf("authProvider cannot be provided in combination with an exec plugin for %s", authInfoName))
+		}
+		if len(authInfo.Exec.Command) == 0 {
+			validationErrors = append(validationErrors, fmt.Errorf("command must be specified for %v to use exec authentication plugin", authInfoName))
+		}
+		if len(authInfo.Exec.APIVersion) == 0 {
+			validationErrors = append(validationErrors, fmt.Errorf("apiVersion must be specified for %v to use exec authentication plugin", authInfoName))
+		}
+		for _, v := range authInfo.Exec.Env {
+			if len(v.Name) == 0 {
+				validationErrors = append(validationErrors, fmt.Errorf("env variable name must be specified for %v to use exec authentication plugin", authInfoName))
+			} else if len(v.Value) == 0 {
+				validationErrors = append(validationErrors, fmt.Errorf("env variable %s value must be specified for %v to use exec authentication plugin", v.Name, authInfoName))
+			}
+		}
+	}
+
 	// authPath also provides information for the client to identify the server, so allow multiple auth methods in that case
 	if (len(methods) > 1) && (!usingAuthPath) {
 		validationErrors = append(validationErrors, fmt.Errorf("more than one authentication method found for %v; found %v, only one is allowed", authInfoName, methods))
@@ -253,6 +272,10 @@ func validateAuthInfo(authInfoName string, authInfo clientcmdapi.AuthInfo) []err
 func validateContext(contextName string, context clientcmdapi.Context, config clientcmdapi.Config) []error {
 	validationErrors := make([]error, 0)
 
+	if len(contextName) == 0 {
+		validationErrors = append(validationErrors, fmt.Errorf("empty context name for %#v is not allowed", context))
+	}
+
 	if len(context.AuthInfo) == 0 {
 		validationErrors = append(validationErrors, fmt.Errorf("user was not specified for context %q", contextName))
 	} else if _, exists := config.AuthInfos[context.AuthInfo]; !exists {
diff --git a/vendor/k8s.io/client-go/tools/leaderelection/BUILD b/vendor/k8s.io/client-go/tools/leaderelection/BUILD
index 5ea32efdebf0..22e020d8c7ff 100644
--- a/vendor/k8s.io/client-go/tools/leaderelection/BUILD
+++ b/vendor/k8s.io/client-go/tools/leaderelection/BUILD
@@ -23,8 +23,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["leaderelection_test.go"],
-    importpath = "k8s.io/client-go/tools/leaderelection",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
diff --git a/vendor/k8s.io/client-go/tools/leaderelection/leaderelection.go b/vendor/k8s.io/client-go/tools/leaderelection/leaderelection.go
index 2ce546bc4265..e41b420c987f 100644
--- a/vendor/k8s.io/client-go/tools/leaderelection/leaderelection.go
+++ b/vendor/k8s.io/client-go/tools/leaderelection/leaderelection.go
@@ -171,11 +171,11 @@ func (le *LeaderElector) IsLeader() bool {
 // acquire loops calling tryAcquireOrRenew and returns immediately when tryAcquireOrRenew succeeds.
 func (le *LeaderElector) acquire() {
 	stop := make(chan struct{})
-	glog.Infof("attempting to acquire leader lease...")
+	desc := le.config.Lock.Describe()
+	glog.Infof("attempting to acquire leader lease  %v...", desc)
 	wait.JitterUntil(func() {
 		succeeded := le.tryAcquireOrRenew()
 		le.maybeReportTransition()
-		desc := le.config.Lock.Describe()
 		if !succeeded {
 			glog.V(4).Infof("failed to acquire lease %v", desc)
 			return
diff --git a/vendor/k8s.io/client-go/tools/leaderelection/resourcelock/configmaplock.go b/vendor/k8s.io/client-go/tools/leaderelection/resourcelock/configmaplock.go
index 69e8c5a7a09c..4ff59560379e 100644
--- a/vendor/k8s.io/client-go/tools/leaderelection/resourcelock/configmaplock.go
+++ b/vendor/k8s.io/client-go/tools/leaderelection/resourcelock/configmaplock.go
@@ -32,15 +32,15 @@ import (
 // data we will likely move to deprecate the Endpoints lock.
 
 type ConfigMapLock struct {
-	// ConfigMapMeta should contain a Name and a Namespace of an
-	// ConfigMapMeta object that the Leadercmlector will attempt to lead.
+	// ConfigMapMeta should contain a Name and a Namespace of a
+	// ConfigMapMeta object that the LeaderElector will attempt to lead.
 	ConfigMapMeta metav1.ObjectMeta
 	Client        corev1client.ConfigMapsGetter
 	LockConfig    ResourceLockConfig
 	cm            *v1.ConfigMap
 }
 
-// Get returns the cmlection record from a ConfigMap Annotation
+// Get returns the election record from a ConfigMap Annotation
 func (cml *ConfigMapLock) Get() (*LeaderElectionRecord, error) {
 	var record LeaderElectionRecord
 	var err error
@@ -59,7 +59,7 @@ func (cml *ConfigMapLock) Get() (*LeaderElectionRecord, error) {
 	return &record, nil
 }
 
-// Create attempts to create a LeadercmlectionRecord annotation
+// Create attempts to create a LeaderElectionRecord annotation
 func (cml *ConfigMapLock) Create(ler LeaderElectionRecord) error {
 	recordBytes, err := json.Marshal(ler)
 	if err != nil {
@@ -77,7 +77,7 @@ func (cml *ConfigMapLock) Create(ler LeaderElectionRecord) error {
 	return err
 }
 
-// Update will update and existing annotation on a given resource.
+// Update will update an existing annotation on a given resource.
 func (cml *ConfigMapLock) Update(ler LeaderElectionRecord) error {
 	if cml.cm == nil {
 		return errors.New("endpoint not initialized, call get or create first")
@@ -91,7 +91,7 @@ func (cml *ConfigMapLock) Update(ler LeaderElectionRecord) error {
 	return err
 }
 
-// RecordEvent in leader cmlection while adding meta-data
+// RecordEvent in leader election while adding meta-data
 func (cml *ConfigMapLock) RecordEvent(s string) {
 	events := fmt.Sprintf("%v %v", cml.LockConfig.Identity, s)
 	cml.LockConfig.EventRecorder.Eventf(&v1.ConfigMap{ObjectMeta: cml.cm.ObjectMeta}, v1.EventTypeNormal, "LeaderElection", events)
diff --git a/vendor/k8s.io/client-go/tools/pager/BUILD b/vendor/k8s.io/client-go/tools/pager/BUILD
index c4a2d4d1cac4..4d07429af824 100644
--- a/vendor/k8s.io/client-go/tools/pager/BUILD
+++ b/vendor/k8s.io/client-go/tools/pager/BUILD
@@ -37,14 +37,13 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["pager_test.go"],
-    importpath = "k8s.io/client-go/tools/pager",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/golang.org/x/net/context:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/client-go/tools/record/BUILD b/vendor/k8s.io/client-go/tools/record/BUILD
index f89aa3e2896a..0799afe7ea8c 100644
--- a/vendor/k8s.io/client-go/tools/record/BUILD
+++ b/vendor/k8s.io/client-go/tools/record/BUILD
@@ -12,8 +12,7 @@ go_test(
         "event_test.go",
         "events_cache_test.go",
     ],
-    importpath = "k8s.io/client-go/tools/record",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
diff --git a/vendor/k8s.io/client-go/tools/remotecommand/BUILD b/vendor/k8s.io/client-go/tools/remotecommand/BUILD
index e665af3f4d86..b30c122c342d 100644
--- a/vendor/k8s.io/client-go/tools/remotecommand/BUILD
+++ b/vendor/k8s.io/client-go/tools/remotecommand/BUILD
@@ -12,8 +12,7 @@ go_test(
         "v2_test.go",
         "v4_test.go",
     ],
-    importpath = "k8s.io/client-go/tools/remotecommand",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/httpstream:go_default_library",
diff --git a/vendor/k8s.io/client-go/transport/BUILD b/vendor/k8s.io/client-go/transport/BUILD
index 91c3831b2347..71494544a619 100644
--- a/vendor/k8s.io/client-go/transport/BUILD
+++ b/vendor/k8s.io/client-go/transport/BUILD
@@ -13,8 +13,7 @@ go_test(
         "round_trippers_test.go",
         "transport_test.go",
     ],
-    importpath = "k8s.io/client-go/transport",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
@@ -28,9 +27,6 @@ go_library(
     importpath = "k8s.io/client-go/transport",
     deps = [
         "//vendor/github.com/golang/glog:go_default_library",
-        "//vendor/github.com/gregjones/httpcache:go_default_library",
-        "//vendor/github.com/gregjones/httpcache/diskcache:go_default_library",
-        "//vendor/github.com/peterbourgon/diskv:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/client-go/transport/cache.go b/vendor/k8s.io/client-go/transport/cache.go
index da22cdee5904..7c40848c79f1 100644
--- a/vendor/k8s.io/client-go/transport/cache.go
+++ b/vendor/k8s.io/client-go/transport/cache.go
@@ -31,12 +31,28 @@ import (
 // the config has no custom TLS options, http.DefaultTransport is returned.
 type tlsTransportCache struct {
 	mu         sync.Mutex
-	transports map[string]*http.Transport
+	transports map[tlsCacheKey]*http.Transport
 }
 
 const idleConnsPerHost = 25
 
-var tlsCache = &tlsTransportCache{transports: make(map[string]*http.Transport)}
+var tlsCache = &tlsTransportCache{transports: make(map[tlsCacheKey]*http.Transport)}
+
+type tlsCacheKey struct {
+	insecure   bool
+	caData     string
+	certData   string
+	keyData    string
+	serverName string
+}
+
+func (t tlsCacheKey) String() string {
+	keyText := "<none>"
+	if len(t.keyData) > 0 {
+		keyText = "<redacted>"
+	}
+	return fmt.Sprintf("insecure:%v, caData:%#v, certData:%#v, keyData:%s, serverName:%s", t.insecure, t.caData, t.certData, keyText, t.serverName)
+}
 
 func (c *tlsTransportCache) get(config *Config) (http.RoundTripper, error) {
 	key, err := tlsConfigKey(config)
@@ -82,11 +98,16 @@ func (c *tlsTransportCache) get(config *Config) (http.RoundTripper, error) {
 }
 
 // tlsConfigKey returns a unique key for tls.Config objects returned from TLSConfigFor
-func tlsConfigKey(c *Config) (string, error) {
+func tlsConfigKey(c *Config) (tlsCacheKey, error) {
 	// Make sure ca/key/cert content is loaded
 	if err := loadTLSFiles(c); err != nil {
-		return "", err
+		return tlsCacheKey{}, err
 	}
-	// Only include the things that actually affect the tls.Config
-	return fmt.Sprintf("%v/%x/%x/%x/%v", c.TLS.Insecure, c.TLS.CAData, c.TLS.CertData, c.TLS.KeyData, c.TLS.ServerName), nil
+	return tlsCacheKey{
+		insecure:   c.TLS.Insecure,
+		caData:     string(c.TLS.CAData),
+		certData:   string(c.TLS.CertData),
+		keyData:    string(c.TLS.KeyData),
+		serverName: c.TLS.ServerName,
+	}, nil
 }
diff --git a/vendor/k8s.io/client-go/transport/config.go b/vendor/k8s.io/client-go/transport/config.go
index 425f8f87a539..af347dafea8f 100644
--- a/vendor/k8s.io/client-go/transport/config.go
+++ b/vendor/k8s.io/client-go/transport/config.go
@@ -37,10 +37,6 @@ type Config struct {
 	// Bearer token for authentication
 	BearerToken string
 
-	// CacheDir is the directory where we'll store HTTP cached responses.
-	// If set to empty string, no caching mechanism will be used.
-	CacheDir string
-
 	// Impersonate is the config that this Config will impersonate using
 	Impersonate ImpersonationConfig
 
diff --git a/vendor/k8s.io/client-go/transport/round_trippers.go b/vendor/k8s.io/client-go/transport/round_trippers.go
index 2ee605d7be09..c728b18775f6 100644
--- a/vendor/k8s.io/client-go/transport/round_trippers.go
+++ b/vendor/k8s.io/client-go/transport/round_trippers.go
@@ -19,14 +19,10 @@ package transport
 import (
 	"fmt"
 	"net/http"
-	"path/filepath"
 	"strings"
 	"time"
 
 	"github.com/golang/glog"
-	"github.com/gregjones/httpcache"
-	"github.com/gregjones/httpcache/diskcache"
-	"github.com/peterbourgon/diskv"
 
 	utilnet "k8s.io/apimachinery/pkg/util/net"
 )
@@ -60,9 +56,6 @@ func HTTPWrappersForConfig(config *Config, rt http.RoundTripper) (http.RoundTrip
 		len(config.Impersonate.Extra) > 0 {
 		rt = NewImpersonatingRoundTripper(config.Impersonate, rt)
 	}
-	if len(config.CacheDir) > 0 {
-		rt = NewCacheRoundTripper(config.CacheDir, rt)
-	}
 	return rt, nil
 }
 
@@ -86,30 +79,6 @@ type requestCanceler interface {
 	CancelRequest(*http.Request)
 }
 
-type cacheRoundTripper struct {
-	rt *httpcache.Transport
-}
-
-// NewCacheRoundTripper creates a roundtripper that reads the ETag on
-// response headers and send the If-None-Match header on subsequent
-// corresponding requests.
-func NewCacheRoundTripper(cacheDir string, rt http.RoundTripper) http.RoundTripper {
-	d := diskv.New(diskv.Options{
-		BasePath: cacheDir,
-		TempDir:  filepath.Join(cacheDir, ".diskv-temp"),
-	})
-	t := httpcache.NewTransport(diskcache.NewWithDiskv(d))
-	t.Transport = rt
-
-	return &cacheRoundTripper{rt: t}
-}
-
-func (rt *cacheRoundTripper) RoundTrip(req *http.Request) (*http.Response, error) {
-	return rt.rt.RoundTrip(req)
-}
-
-func (rt *cacheRoundTripper) WrappedRoundTripper() http.RoundTripper { return rt.rt.Transport }
-
 type authProxyRoundTripper struct {
 	username string
 	groups   []string
diff --git a/vendor/k8s.io/client-go/util/buffer/BUILD b/vendor/k8s.io/client-go/util/buffer/BUILD
index b5629d5cb978..d3b2652cee09 100644
--- a/vendor/k8s.io/client-go/util/buffer/BUILD
+++ b/vendor/k8s.io/client-go/util/buffer/BUILD
@@ -10,8 +10,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["ring_growing_test.go"],
-    importpath = "k8s.io/client-go/util/buffer",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/github.com/stretchr/testify/assert:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/client-go/util/cert/BUILD b/vendor/k8s.io/client-go/util/cert/BUILD
index 93ca7c9c6c54..799979d46be5 100644
--- a/vendor/k8s.io/client-go/util/cert/BUILD
+++ b/vendor/k8s.io/client-go/util/cert/BUILD
@@ -13,8 +13,7 @@ go_test(
         "pem_test.go",
     ],
     data = glob(["testdata/**"]),
-    importpath = "k8s.io/client-go/util/cert",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/client-go/util/cert/cert.go b/vendor/k8s.io/client-go/util/cert/cert.go
index 6854d4152fe9..fb7f5facc7ce 100644
--- a/vendor/k8s.io/client-go/util/cert/cert.go
+++ b/vendor/k8s.io/client-go/util/cert/cert.go
@@ -38,7 +38,7 @@ const (
 	duration365d = time.Hour * 24 * 365
 )
 
-// Config containes the basic fields required for creating a certificate
+// Config contains the basic fields required for creating a certificate
 type Config struct {
 	CommonName   string
 	Organization []string
@@ -138,23 +138,50 @@ func MakeEllipticPrivateKeyPEM() ([]byte, error) {
 // Host may be an IP or a DNS name
 // You may also specify additional subject alt names (either ip or dns names) for the certificate
 func GenerateSelfSignedCertKey(host string, alternateIPs []net.IP, alternateDNS []string) ([]byte, []byte, error) {
+	caKey, err := rsa.GenerateKey(cryptorand.Reader, 2048)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	caTemplate := x509.Certificate{
+		SerialNumber: big.NewInt(1),
+		Subject: pkix.Name{
+			CommonName: fmt.Sprintf("%s-ca@%d", host, time.Now().Unix()),
+		},
+		NotBefore: time.Now(),
+		NotAfter:  time.Now().Add(time.Hour * 24 * 365),
+
+		KeyUsage:              x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
+		BasicConstraintsValid: true,
+		IsCA: true,
+	}
+
+	caDERBytes, err := x509.CreateCertificate(cryptorand.Reader, &caTemplate, &caTemplate, &caKey.PublicKey, caKey)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	caCertificate, err := x509.ParseCertificate(caDERBytes)
+	if err != nil {
+		return nil, nil, err
+	}
+
 	priv, err := rsa.GenerateKey(cryptorand.Reader, 2048)
 	if err != nil {
 		return nil, nil, err
 	}
 
 	template := x509.Certificate{
-		SerialNumber: big.NewInt(1),
+		SerialNumber: big.NewInt(2),
 		Subject: pkix.Name{
 			CommonName: fmt.Sprintf("%s@%d", host, time.Now().Unix()),
 		},
 		NotBefore: time.Now(),
 		NotAfter:  time.Now().Add(time.Hour * 24 * 365),
 
-		KeyUsage:              x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
+		KeyUsage:              x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
 		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
 		BasicConstraintsValid: true,
-		IsCA: true,
 	}
 
 	if ip := net.ParseIP(host); ip != nil {
@@ -166,16 +193,19 @@ func GenerateSelfSignedCertKey(host string, alternateIPs []net.IP, alternateDNS
 	template.IPAddresses = append(template.IPAddresses, alternateIPs...)
 	template.DNSNames = append(template.DNSNames, alternateDNS...)
 
-	derBytes, err := x509.CreateCertificate(cryptorand.Reader, &template, &template, &priv.PublicKey, priv)
+	derBytes, err := x509.CreateCertificate(cryptorand.Reader, &template, caCertificate, &priv.PublicKey, caKey)
 	if err != nil {
 		return nil, nil, err
 	}
 
-	// Generate cert
+	// Generate cert, followed by ca
 	certBuffer := bytes.Buffer{}
 	if err := pem.Encode(&certBuffer, &pem.Block{Type: CertificateBlockType, Bytes: derBytes}); err != nil {
 		return nil, nil, err
 	}
+	if err := pem.Encode(&certBuffer, &pem.Block{Type: CertificateBlockType, Bytes: caDERBytes}); err != nil {
+		return nil, nil, err
+	}
 
 	// Generate key
 	keyBuffer := bytes.Buffer{}
diff --git a/vendor/k8s.io/client-go/util/certificate/BUILD b/vendor/k8s.io/client-go/util/certificate/BUILD
index f10a2d9e21eb..dfc5c3933582 100644
--- a/vendor/k8s.io/client-go/util/certificate/BUILD
+++ b/vendor/k8s.io/client-go/util/certificate/BUILD
@@ -14,8 +14,7 @@ go_test(
         "certificate_manager_test.go",
         "certificate_store_test.go",
     ],
-    importpath = "k8s.io/client-go/util/certificate",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     tags = ["automanaged"],
     deps = [
         "//vendor/k8s.io/api/certificates/v1beta1:go_default_library",
diff --git a/vendor/k8s.io/client-go/util/certificate/certificate_manager.go b/vendor/k8s.io/client-go/util/certificate/certificate_manager.go
index 7ea05ba794a4..e189c84799b3 100644
--- a/vendor/k8s.io/client-go/util/certificate/certificate_manager.go
+++ b/vendor/k8s.io/client-go/util/certificate/certificate_manager.go
@@ -141,7 +141,6 @@ type manager struct {
 	certStore                Store
 	certAccessLock           sync.RWMutex
 	cert                     *tls.Certificate
-	rotationDeadline         time.Time
 	forceRotation            bool
 	certificateExpiration    Gauge
 	serverHealth             bool
@@ -208,8 +207,7 @@ func (m *manager) SetCertificateSigningRequestClient(certSigningRequestClient ce
 func (m *manager) Start() {
 	// Certificate rotation depends on access to the API server certificate
 	// signing API, so don't start the certificate manager if we don't have a
-	// client. This will happen on the cluster master, where the kubelet is
-	// responsible for bootstrapping the pods of the master components.
+	// client.
 	if m.certSigningRequestClient == nil {
 		glog.V(2).Infof("Certificate rotation is not enabled, no connection to the apiserver.")
 		return
@@ -217,27 +215,18 @@ func (m *manager) Start() {
 
 	glog.V(2).Infof("Certificate rotation is enabled.")
 
-	m.setRotationDeadline()
-
-	// Synchronously request a certificate before entering the background
-	// loop to allow bootstrap scenarios, where the certificate manager
-	// doesn't have a certificate at all yet.
-	if m.shouldRotate() {
-		glog.V(1).Infof("shouldRotate() is true, forcing immediate rotation")
-		if _, err := m.rotateCerts(); err != nil {
-			utilruntime.HandleError(fmt.Errorf("Could not rotate certificates: %v", err))
-		}
-	}
-	backoff := wait.Backoff{
-		Duration: 2 * time.Second,
-		Factor:   2,
-		Jitter:   0.1,
-		Steps:    5,
-	}
 	go wait.Forever(func() {
-		sleepInterval := m.rotationDeadline.Sub(time.Now())
-		glog.V(2).Infof("Waiting %v for next certificate rotation", sleepInterval)
-		time.Sleep(sleepInterval)
+		deadline := m.nextRotationDeadline()
+		if sleepInterval := deadline.Sub(time.Now()); sleepInterval > 0 {
+			glog.V(2).Infof("Waiting %v for next certificate rotation", sleepInterval)
+			time.Sleep(sleepInterval)
+		}
+		backoff := wait.Backoff{
+			Duration: 2 * time.Second,
+			Factor:   2,
+			Jitter:   0.1,
+			Steps:    5,
+		}
 		if err := wait.ExponentialBackoff(backoff, m.rotateCerts); err != nil {
 			utilruntime.HandleError(fmt.Errorf("Reached backoff limit, still unable to rotate certs: %v", err))
 			wait.PollInfinite(32*time.Second, m.rotateCerts)
@@ -252,11 +241,14 @@ func getCurrentCertificateOrBootstrap(
 
 	currentCert, err := store.Current()
 	if err == nil {
-		return currentCert, false, nil
-	}
-
-	if _, ok := err.(*NoCertKeyError); !ok {
-		return nil, false, err
+		// if the current cert is expired, fall back to the bootstrap cert
+		if currentCert.Leaf != nil && time.Now().Before(currentCert.Leaf.NotAfter) {
+			return currentCert, false, nil
+		}
+	} else {
+		if _, ok := err.(*NoCertKeyError); !ok {
+			return nil, false, err
+		}
 	}
 
 	if bootstrapCertificatePEM == nil || bootstrapKeyPEM == nil {
@@ -276,21 +268,14 @@ func getCurrentCertificateOrBootstrap(
 		return nil, false, fmt.Errorf("unable to parse certificate data: %v", err)
 	}
 	bootstrapCert.Leaf = certs[0]
-	return &bootstrapCert, true, nil
-}
 
-// shouldRotate looks at how close the current certificate is to expiring and
-// decides if it is time to rotate or not.
-func (m *manager) shouldRotate() bool {
-	m.certAccessLock.RLock()
-	defer m.certAccessLock.RUnlock()
-	if m.cert == nil {
-		return true
-	}
-	if m.forceRotation {
-		return true
+	if _, err := store.Update(bootstrapCertificatePEM, bootstrapKeyPEM); err != nil {
+		utilruntime.HandleError(fmt.Errorf("Unable to set the cert/key pair to the bootstrap certificate: %v", err))
+	} else {
+		glog.V(4).Infof("Updated the store to contain the initial bootstrap certificate")
 	}
-	return time.Now().After(m.rotationDeadline)
+
+	return &bootstrapCert, true, nil
 }
 
 // rotateCerts attempts to request a client cert from the server, wait a reasonable
@@ -315,7 +300,7 @@ func (m *manager) rotateCerts() (bool, error) {
 		return false, m.updateServerError(err)
 	}
 
-	// Wait for the certificate to be signed. Instead of one long watch, we retry with slighly longer
+	// Wait for the certificate to be signed. Instead of one long watch, we retry with slightly longer
 	// intervals each time in order to tolerate failures from the server AND to preserve the liveliness
 	// of the cert manager loop. This creates slightly more traffic against the API server in return
 	// for bounding the amount of time we wait when a certificate expires.
@@ -349,30 +334,34 @@ func (m *manager) rotateCerts() (bool, error) {
 	}
 
 	m.updateCached(cert)
-	m.setRotationDeadline()
-	m.forceRotation = false
 	return true, nil
 }
 
-// setRotationDeadline sets a cached value for the threshold at which the
+// nextRotationDeadline returns a value for the threshold at which the
 // current certificate should be rotated, 80%+/-10% of the expiration of the
 // certificate.
-func (m *manager) setRotationDeadline() {
+func (m *manager) nextRotationDeadline() time.Time {
+	// forceRotation is not protected by locks
+	if m.forceRotation {
+		m.forceRotation = false
+		return time.Now()
+	}
+
 	m.certAccessLock.RLock()
 	defer m.certAccessLock.RUnlock()
 	if m.cert == nil {
-		m.rotationDeadline = time.Now()
-		return
+		return time.Now()
 	}
 
 	notAfter := m.cert.Leaf.NotAfter
 	totalDuration := float64(notAfter.Sub(m.cert.Leaf.NotBefore))
+	deadline := m.cert.Leaf.NotBefore.Add(jitteryDuration(totalDuration))
 
-	m.rotationDeadline = m.cert.Leaf.NotBefore.Add(jitteryDuration(totalDuration))
-	glog.V(2).Infof("Certificate expiration is %v, rotation deadline is %v", notAfter, m.rotationDeadline)
+	glog.V(2).Infof("Certificate expiration is %v, rotation deadline is %v", notAfter, deadline)
 	if m.certificateExpiration != nil {
 		m.certificateExpiration.Set(float64(notAfter.Unix()))
 	}
+	return deadline
 }
 
 // jitteryDuration uses some jitter to set the rotation threshold so each node
diff --git a/vendor/k8s.io/client-go/util/certificate/csr/BUILD b/vendor/k8s.io/client-go/util/certificate/csr/BUILD
index c6def5bbf0c8..c1bcd9578ef3 100644
--- a/vendor/k8s.io/client-go/util/certificate/csr/BUILD
+++ b/vendor/k8s.io/client-go/util/certificate/csr/BUILD
@@ -42,8 +42,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["csr_test.go"],
-    importpath = "k8s.io/client-go/util/certificate/csr",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/certificates/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/client-go/util/flowcontrol/BUILD b/vendor/k8s.io/client-go/util/flowcontrol/BUILD
index d74b3f55446d..819bb7ef3682 100644
--- a/vendor/k8s.io/client-go/util/flowcontrol/BUILD
+++ b/vendor/k8s.io/client-go/util/flowcontrol/BUILD
@@ -12,8 +12,7 @@ go_test(
         "backoff_test.go",
         "throttle_test.go",
     ],
-    importpath = "k8s.io/client-go/util/flowcontrol",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apimachinery/pkg/util/clock:go_default_library"],
 )
 
@@ -25,7 +24,7 @@ go_library(
     ],
     importpath = "k8s.io/client-go/util/flowcontrol",
     deps = [
-        "//vendor/github.com/juju/ratelimit:go_default_library",
+        "//vendor/golang.org/x/time/rate:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/clock:go_default_library",
         "//vendor/k8s.io/client-go/util/integer:go_default_library",
     ],
diff --git a/vendor/k8s.io/client-go/util/flowcontrol/throttle.go b/vendor/k8s.io/client-go/util/flowcontrol/throttle.go
index c45169c40f03..e671c044d004 100644
--- a/vendor/k8s.io/client-go/util/flowcontrol/throttle.go
+++ b/vendor/k8s.io/client-go/util/flowcontrol/throttle.go
@@ -18,8 +18,9 @@ package flowcontrol
 
 import (
 	"sync"
+	"time"
 
-	"github.com/juju/ratelimit"
+	"golang.org/x/time/rate"
 )
 
 type RateLimiter interface {
@@ -30,17 +31,13 @@ type RateLimiter interface {
 	Accept()
 	// Stop stops the rate limiter, subsequent calls to CanAccept will return false
 	Stop()
-	// Saturation returns a percentage number which describes how saturated
-	// this rate limiter is.
-	// Usually we use token bucket rate limiter. In that case,
-	// 1.0 means no tokens are available; 0.0 means we have a full bucket of tokens to use.
-	Saturation() float64
 	// QPS returns QPS of this rate limiter
 	QPS() float32
 }
 
 type tokenBucketRateLimiter struct {
-	limiter *ratelimit.Bucket
+	limiter *rate.Limiter
+	clock   Clock
 	qps     float32
 }
 
@@ -50,42 +47,48 @@ type tokenBucketRateLimiter struct {
 // The bucket is initially filled with 'burst' tokens, and refills at a rate of 'qps'.
 // The maximum number of tokens in the bucket is capped at 'burst'.
 func NewTokenBucketRateLimiter(qps float32, burst int) RateLimiter {
-	limiter := ratelimit.NewBucketWithRate(float64(qps), int64(burst))
-	return newTokenBucketRateLimiter(limiter, qps)
+	limiter := rate.NewLimiter(rate.Limit(qps), burst)
+	return newTokenBucketRateLimiter(limiter, realClock{}, qps)
 }
 
 // An injectable, mockable clock interface.
 type Clock interface {
-	ratelimit.Clock
+	Now() time.Time
+	Sleep(time.Duration)
+}
+
+type realClock struct{}
+
+func (realClock) Now() time.Time {
+	return time.Now()
+}
+func (realClock) Sleep(d time.Duration) {
+	time.Sleep(d)
 }
 
 // NewTokenBucketRateLimiterWithClock is identical to NewTokenBucketRateLimiter
 // but allows an injectable clock, for testing.
-func NewTokenBucketRateLimiterWithClock(qps float32, burst int, clock Clock) RateLimiter {
-	limiter := ratelimit.NewBucketWithRateAndClock(float64(qps), int64(burst), clock)
-	return newTokenBucketRateLimiter(limiter, qps)
+func NewTokenBucketRateLimiterWithClock(qps float32, burst int, c Clock) RateLimiter {
+	limiter := rate.NewLimiter(rate.Limit(qps), burst)
+	return newTokenBucketRateLimiter(limiter, c, qps)
 }
 
-func newTokenBucketRateLimiter(limiter *ratelimit.Bucket, qps float32) RateLimiter {
+func newTokenBucketRateLimiter(limiter *rate.Limiter, c Clock, qps float32) RateLimiter {
 	return &tokenBucketRateLimiter{
 		limiter: limiter,
+		clock:   c,
 		qps:     qps,
 	}
 }
 
 func (t *tokenBucketRateLimiter) TryAccept() bool {
-	return t.limiter.TakeAvailable(1) == 1
-}
-
-func (t *tokenBucketRateLimiter) Saturation() float64 {
-	capacity := t.limiter.Capacity()
-	avail := t.limiter.Available()
-	return float64(capacity-avail) / float64(capacity)
+	return t.limiter.AllowN(t.clock.Now(), 1)
 }
 
 // Accept will block until a token becomes available
 func (t *tokenBucketRateLimiter) Accept() {
-	t.limiter.Wait(1)
+	now := t.clock.Now()
+	t.clock.Sleep(t.limiter.ReserveN(now, 1).DelayFrom(now))
 }
 
 func (t *tokenBucketRateLimiter) Stop() {
@@ -105,10 +108,6 @@ func (t *fakeAlwaysRateLimiter) TryAccept() bool {
 	return true
 }
 
-func (t *fakeAlwaysRateLimiter) Saturation() float64 {
-	return 0
-}
-
 func (t *fakeAlwaysRateLimiter) Stop() {}
 
 func (t *fakeAlwaysRateLimiter) Accept() {}
@@ -131,10 +130,6 @@ func (t *fakeNeverRateLimiter) TryAccept() bool {
 	return false
 }
 
-func (t *fakeNeverRateLimiter) Saturation() float64 {
-	return 1
-}
-
 func (t *fakeNeverRateLimiter) Stop() {
 	t.wg.Done()
 }
diff --git a/vendor/k8s.io/client-go/util/integer/BUILD b/vendor/k8s.io/client-go/util/integer/BUILD
index 67f050e422d4..8a2105e468be 100644
--- a/vendor/k8s.io/client-go/util/integer/BUILD
+++ b/vendor/k8s.io/client-go/util/integer/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["integer_test.go"],
-    importpath = "k8s.io/client-go/util/integer",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/client-go/util/jsonpath/BUILD b/vendor/k8s.io/client-go/util/jsonpath/BUILD
index 0856e29caff0..ab43accd60cf 100644
--- a/vendor/k8s.io/client-go/util/jsonpath/BUILD
+++ b/vendor/k8s.io/client-go/util/jsonpath/BUILD
@@ -12,8 +12,7 @@ go_test(
         "jsonpath_test.go",
         "parser_test.go",
     ],
-    importpath = "k8s.io/client-go/util/jsonpath",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/client-go/util/retry/BUILD b/vendor/k8s.io/client-go/util/retry/BUILD
index 9f6f4b84886c..d745813103cb 100644
--- a/vendor/k8s.io/client-go/util/retry/BUILD
+++ b/vendor/k8s.io/client-go/util/retry/BUILD
@@ -19,8 +19,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["util_test.go"],
-    importpath = "k8s.io/client-go/util/retry",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
diff --git a/vendor/k8s.io/client-go/util/workqueue/BUILD b/vendor/k8s.io/client-go/util/workqueue/BUILD
index 2abd2f82d8bc..7fb9fba481d7 100644
--- a/vendor/k8s.io/client-go/util/workqueue/BUILD
+++ b/vendor/k8s.io/client-go/util/workqueue/BUILD
@@ -13,8 +13,7 @@ go_test(
         "delaying_queue_test.go",
         "rate_limitting_queue_test.go",
     ],
-    importpath = "k8s.io/client-go/util/workqueue",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/util/clock:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
@@ -34,7 +33,7 @@ go_library(
     ],
     importpath = "k8s.io/client-go/util/workqueue",
     deps = [
-        "//vendor/github.com/juju/ratelimit:go_default_library",
+        "//vendor/golang.org/x/time/rate:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/clock:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
     ],
@@ -43,7 +42,6 @@ go_library(
 go_test(
     name = "go_default_xtest",
     srcs = ["queue_test.go"],
-    importpath = "k8s.io/client-go/util/workqueue_test",
     deps = ["//vendor/k8s.io/client-go/util/workqueue:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/client-go/util/workqueue/default_rate_limiters.go b/vendor/k8s.io/client-go/util/workqueue/default_rate_limiters.go
index 35caed4fa412..a5bed29e0072 100644
--- a/vendor/k8s.io/client-go/util/workqueue/default_rate_limiters.go
+++ b/vendor/k8s.io/client-go/util/workqueue/default_rate_limiters.go
@@ -21,7 +21,7 @@ import (
 	"sync"
 	"time"
 
-	"github.com/juju/ratelimit"
+	"golang.org/x/time/rate"
 )
 
 type RateLimiter interface {
@@ -40,19 +40,19 @@ func DefaultControllerRateLimiter() RateLimiter {
 	return NewMaxOfRateLimiter(
 		NewItemExponentialFailureRateLimiter(5*time.Millisecond, 1000*time.Second),
 		// 10 qps, 100 bucket size.  This is only for retry speed and its only the overall factor (not per item)
-		&BucketRateLimiter{Bucket: ratelimit.NewBucketWithRate(float64(10), int64(100))},
+		&BucketRateLimiter{Limiter: rate.NewLimiter(rate.Limit(10), 100)},
 	)
 }
 
 // BucketRateLimiter adapts a standard bucket to the workqueue ratelimiter API
 type BucketRateLimiter struct {
-	*ratelimit.Bucket
+	*rate.Limiter
 }
 
 var _ RateLimiter = &BucketRateLimiter{}
 
 func (r *BucketRateLimiter) When(item interface{}) time.Duration {
-	return r.Bucket.Take(1)
+	return r.Limiter.Reserve().Delay()
 }
 
 func (r *BucketRateLimiter) NumRequeues(item interface{}) int {
diff --git a/vendor/k8s.io/client-go/util/workqueue/delaying_queue.go b/vendor/k8s.io/client-go/util/workqueue/delaying_queue.go
index 74fefd38b72d..c62ed32efa76 100644
--- a/vendor/k8s.io/client-go/util/workqueue/delaying_queue.go
+++ b/vendor/k8s.io/client-go/util/workqueue/delaying_queue.go
@@ -89,7 +89,7 @@ type waitFor struct {
 
 // waitForPriorityQueue implements a priority queue for waitFor items.
 //
-// waitForPriorityQueue implements heap.Interface. The item occuring next in
+// waitForPriorityQueue implements heap.Interface. The item occurring next in
 // time (i.e., the item with the smallest readyAt) is at the root (index 0).
 // Peek returns this minimum item at index 0. Pop returns the minimum item after
 // it has been removed from the queue and placed at index Len()-1 by
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/BUILD b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/BUILD
index 6fa710dab970..e4bbd5d00248 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/BUILD
+++ b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/BUILD
@@ -34,6 +34,7 @@ filegroup(
     srcs = [
         ":package-srcs",
         "//staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/install:all-srcs",
+        "//staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1:all-srcs",
         "//staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1:all-srcs",
         "//staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/validation:all-srcs",
     ],
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/install/BUILD b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/install/BUILD
index f584073c1c4c..efbefd5e3d0e 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/install/BUILD
+++ b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/install/BUILD
@@ -15,6 +15,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration:go_default_library",
+        "//vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1:go_default_library",
         "//vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/install/install.go b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/install/install.go
index ee6ff4644552..e4149bd0d905 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/install/install.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/install/install.go
@@ -22,6 +22,7 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/kube-aggregator/pkg/apis/apiregistration"
+	"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1"
 	"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1"
 )
 
@@ -31,10 +32,11 @@ func Install(groupFactoryRegistry announced.APIGroupFactoryRegistry, registry *r
 		&announced.GroupMetaFactoryArgs{
 			GroupName:                  apiregistration.GroupName,
 			RootScopedKinds:            sets.NewString("APIService"),
-			VersionPreferenceOrder:     []string{v1beta1.SchemeGroupVersion.Version},
+			VersionPreferenceOrder:     []string{v1.SchemeGroupVersion.Version, v1beta1.SchemeGroupVersion.Version},
 			AddInternalObjectsToScheme: apiregistration.AddToScheme,
 		},
 		announced.VersionToSchemeFunc{
+			v1.SchemeGroupVersion.Version:      v1.AddToScheme,
 			v1beta1.SchemeGroupVersion.Version: v1beta1.AddToScheme,
 		},
 	).Announce(groupFactoryRegistry).RegisterAndEnable(registry, scheme); err != nil {
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/BUILD b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/BUILD
similarity index 84%
rename from vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/BUILD
rename to vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/BUILD
index ab36b18731f6..920ea1211b0a 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1/BUILD
+++ b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/BUILD
@@ -8,23 +8,21 @@ load(
 go_library(
     name = "go_default_library",
     srcs = [
-        "conversion.go",
-        "deepcopy.go",
         "doc.go",
         "generated.pb.go",
         "register.go",
         "types.go",
-        "types_swagger_doc_generated.go",
+        "zz_generated.conversion.go",
         "zz_generated.deepcopy.go",
-        "zz_generated.defaults.go",
     ],
-    importpath = "k8s.io/apimachinery/pkg/apis/meta/v1alpha1",
+    importpath = "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1",
     deps = [
         "//vendor/github.com/gogo/protobuf/proto:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/conversion:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/doc.go b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/doc.go
new file mode 100644
index 000000000000..5c913962c651
--- /dev/null
+++ b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/doc.go
@@ -0,0 +1,36 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// +k8s:deepcopy-gen=package
+// +k8s:conversion-gen=k8s.io/kube-aggregator/pkg/apis/apiregistration
+// +k8s:openapi-gen=true
+
+// Package v1beta1 contains the API Registration API, which is responsible for
+// registering an API `Group`/`Version` with another kubernetes like API server.
+// The `APIService` holds information about the other API server in
+// `APIServiceSpec` type as well as general `TypeMeta` and `ObjectMeta`. The
+// `APIServiceSpec` type have the main configuration needed to do the
+// aggregation. Any request coming for specified `Group`/`Version` will be
+// directed to the service defined by `ServiceReference` (on port 443) after
+// validating the target using provided `CABundle` or skipping validation
+// if development flag `InsecureSkipTLSVerify` is set. `Priority` is controlling
+// the order of this API group in the overall discovery document.
+// The return status is a set of conditions for this aggregation. Currently
+// there is only one condition named "Available", if true, it means the
+// api/server requests will be redirected to specified API server.
+//
+// +groupName=apiregistration.k8s.io
+package v1
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/generated.pb.go b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/generated.pb.go
new file mode 100644
index 000000000000..2e21a2061126
--- /dev/null
+++ b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/generated.pb.go
@@ -0,0 +1,1559 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by protoc-gen-gogo.
+// source: k8s.io/kubernetes/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/generated.proto
+// DO NOT EDIT!
+
+/*
+	Package v1 is a generated protocol buffer package.
+
+	It is generated from these files:
+		k8s.io/kubernetes/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/generated.proto
+
+	It has these top-level messages:
+		APIService
+		APIServiceCondition
+		APIServiceList
+		APIServiceSpec
+		APIServiceStatus
+		ServiceReference
+*/
+package v1
+
+import proto "github.com/gogo/protobuf/proto"
+import fmt "fmt"
+import math "math"
+
+import strings "strings"
+import reflect "reflect"
+
+import io "io"
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = fmt.Errorf
+var _ = math.Inf
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the proto package it is being compiled against.
+// A compilation error at this line likely means your copy of the
+// proto package needs to be updated.
+const _ = proto.GoGoProtoPackageIsVersion2 // please upgrade the proto package
+
+func (m *APIService) Reset()                    { *m = APIService{} }
+func (*APIService) ProtoMessage()               {}
+func (*APIService) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{0} }
+
+func (m *APIServiceCondition) Reset()                    { *m = APIServiceCondition{} }
+func (*APIServiceCondition) ProtoMessage()               {}
+func (*APIServiceCondition) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{1} }
+
+func (m *APIServiceList) Reset()                    { *m = APIServiceList{} }
+func (*APIServiceList) ProtoMessage()               {}
+func (*APIServiceList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{2} }
+
+func (m *APIServiceSpec) Reset()                    { *m = APIServiceSpec{} }
+func (*APIServiceSpec) ProtoMessage()               {}
+func (*APIServiceSpec) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{3} }
+
+func (m *APIServiceStatus) Reset()                    { *m = APIServiceStatus{} }
+func (*APIServiceStatus) ProtoMessage()               {}
+func (*APIServiceStatus) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{4} }
+
+func (m *ServiceReference) Reset()                    { *m = ServiceReference{} }
+func (*ServiceReference) ProtoMessage()               {}
+func (*ServiceReference) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{5} }
+
+func init() {
+	proto.RegisterType((*APIService)(nil), "k8s.io.kube_aggregator.pkg.apis.apiregistration.v1.APIService")
+	proto.RegisterType((*APIServiceCondition)(nil), "k8s.io.kube_aggregator.pkg.apis.apiregistration.v1.APIServiceCondition")
+	proto.RegisterType((*APIServiceList)(nil), "k8s.io.kube_aggregator.pkg.apis.apiregistration.v1.APIServiceList")
+	proto.RegisterType((*APIServiceSpec)(nil), "k8s.io.kube_aggregator.pkg.apis.apiregistration.v1.APIServiceSpec")
+	proto.RegisterType((*APIServiceStatus)(nil), "k8s.io.kube_aggregator.pkg.apis.apiregistration.v1.APIServiceStatus")
+	proto.RegisterType((*ServiceReference)(nil), "k8s.io.kube_aggregator.pkg.apis.apiregistration.v1.ServiceReference")
+}
+func (m *APIService) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *APIService) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.ObjectMeta.Size()))
+	n1, err := m.ObjectMeta.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n1
+	dAtA[i] = 0x12
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Spec.Size()))
+	n2, err := m.Spec.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n2
+	dAtA[i] = 0x1a
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Status.Size()))
+	n3, err := m.Status.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n3
+	return i, nil
+}
+
+func (m *APIServiceCondition) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *APIServiceCondition) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Type)))
+	i += copy(dAtA[i:], m.Type)
+	dAtA[i] = 0x12
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Status)))
+	i += copy(dAtA[i:], m.Status)
+	dAtA[i] = 0x1a
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.LastTransitionTime.Size()))
+	n4, err := m.LastTransitionTime.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n4
+	dAtA[i] = 0x22
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Reason)))
+	i += copy(dAtA[i:], m.Reason)
+	dAtA[i] = 0x2a
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Message)))
+	i += copy(dAtA[i:], m.Message)
+	return i, nil
+}
+
+func (m *APIServiceList) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *APIServiceList) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
+	n5, err := m.ListMeta.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n5
+	if len(m.Items) > 0 {
+		for _, msg := range m.Items {
+			dAtA[i] = 0x12
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(msg.Size()))
+			n, err := msg.MarshalTo(dAtA[i:])
+			if err != nil {
+				return 0, err
+			}
+			i += n
+		}
+	}
+	return i, nil
+}
+
+func (m *APIServiceSpec) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *APIServiceSpec) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if m.Service != nil {
+		dAtA[i] = 0xa
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(m.Service.Size()))
+		n6, err := m.Service.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n6
+	}
+	dAtA[i] = 0x12
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Group)))
+	i += copy(dAtA[i:], m.Group)
+	dAtA[i] = 0x1a
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Version)))
+	i += copy(dAtA[i:], m.Version)
+	dAtA[i] = 0x20
+	i++
+	if m.InsecureSkipTLSVerify {
+		dAtA[i] = 1
+	} else {
+		dAtA[i] = 0
+	}
+	i++
+	if m.CABundle != nil {
+		dAtA[i] = 0x2a
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(len(m.CABundle)))
+		i += copy(dAtA[i:], m.CABundle)
+	}
+	dAtA[i] = 0x38
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.GroupPriorityMinimum))
+	dAtA[i] = 0x40
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.VersionPriority))
+	return i, nil
+}
+
+func (m *APIServiceStatus) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *APIServiceStatus) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if len(m.Conditions) > 0 {
+		for _, msg := range m.Conditions {
+			dAtA[i] = 0xa
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(msg.Size()))
+			n, err := msg.MarshalTo(dAtA[i:])
+			if err != nil {
+				return 0, err
+			}
+			i += n
+		}
+	}
+	return i, nil
+}
+
+func (m *ServiceReference) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ServiceReference) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Namespace)))
+	i += copy(dAtA[i:], m.Namespace)
+	dAtA[i] = 0x12
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
+	i += copy(dAtA[i:], m.Name)
+	return i, nil
+}
+
+func encodeFixed64Generated(dAtA []byte, offset int, v uint64) int {
+	dAtA[offset] = uint8(v)
+	dAtA[offset+1] = uint8(v >> 8)
+	dAtA[offset+2] = uint8(v >> 16)
+	dAtA[offset+3] = uint8(v >> 24)
+	dAtA[offset+4] = uint8(v >> 32)
+	dAtA[offset+5] = uint8(v >> 40)
+	dAtA[offset+6] = uint8(v >> 48)
+	dAtA[offset+7] = uint8(v >> 56)
+	return offset + 8
+}
+func encodeFixed32Generated(dAtA []byte, offset int, v uint32) int {
+	dAtA[offset] = uint8(v)
+	dAtA[offset+1] = uint8(v >> 8)
+	dAtA[offset+2] = uint8(v >> 16)
+	dAtA[offset+3] = uint8(v >> 24)
+	return offset + 4
+}
+func encodeVarintGenerated(dAtA []byte, offset int, v uint64) int {
+	for v >= 1<<7 {
+		dAtA[offset] = uint8(v&0x7f | 0x80)
+		v >>= 7
+		offset++
+	}
+	dAtA[offset] = uint8(v)
+	return offset + 1
+}
+func (m *APIService) Size() (n int) {
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Spec.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Status.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *APIServiceCondition) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.Type)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Status)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.LastTransitionTime.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Reason)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Message)
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *APIServiceList) Size() (n int) {
+	var l int
+	_ = l
+	l = m.ListMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Items) > 0 {
+		for _, e := range m.Items {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *APIServiceSpec) Size() (n int) {
+	var l int
+	_ = l
+	if m.Service != nil {
+		l = m.Service.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	l = len(m.Group)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Version)
+	n += 1 + l + sovGenerated(uint64(l))
+	n += 2
+	if m.CABundle != nil {
+		l = len(m.CABundle)
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	n += 1 + sovGenerated(uint64(m.GroupPriorityMinimum))
+	n += 1 + sovGenerated(uint64(m.VersionPriority))
+	return n
+}
+
+func (m *APIServiceStatus) Size() (n int) {
+	var l int
+	_ = l
+	if len(m.Conditions) > 0 {
+		for _, e := range m.Conditions {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *ServiceReference) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.Namespace)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Name)
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func sovGenerated(x uint64) (n int) {
+	for {
+		n++
+		x >>= 7
+		if x == 0 {
+			break
+		}
+	}
+	return n
+}
+func sozGenerated(x uint64) (n int) {
+	return sovGenerated(uint64((x << 1) ^ uint64((int64(x) >> 63))))
+}
+func (this *APIService) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&APIService{`,
+		`ObjectMeta:` + strings.Replace(strings.Replace(this.ObjectMeta.String(), "ObjectMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
+		`Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "APIServiceSpec", "APIServiceSpec", 1), `&`, ``, 1) + `,`,
+		`Status:` + strings.Replace(strings.Replace(this.Status.String(), "APIServiceStatus", "APIServiceStatus", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *APIServiceCondition) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&APIServiceCondition{`,
+		`Type:` + fmt.Sprintf("%v", this.Type) + `,`,
+		`Status:` + fmt.Sprintf("%v", this.Status) + `,`,
+		`LastTransitionTime:` + strings.Replace(strings.Replace(this.LastTransitionTime.String(), "Time", "k8s_io_apimachinery_pkg_apis_meta_v1.Time", 1), `&`, ``, 1) + `,`,
+		`Reason:` + fmt.Sprintf("%v", this.Reason) + `,`,
+		`Message:` + fmt.Sprintf("%v", this.Message) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *APIServiceList) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&APIServiceList{`,
+		`ListMeta:` + strings.Replace(strings.Replace(this.ListMeta.String(), "ListMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ListMeta", 1), `&`, ``, 1) + `,`,
+		`Items:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Items), "APIService", "APIService", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *APIServiceSpec) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&APIServiceSpec{`,
+		`Service:` + strings.Replace(fmt.Sprintf("%v", this.Service), "ServiceReference", "ServiceReference", 1) + `,`,
+		`Group:` + fmt.Sprintf("%v", this.Group) + `,`,
+		`Version:` + fmt.Sprintf("%v", this.Version) + `,`,
+		`InsecureSkipTLSVerify:` + fmt.Sprintf("%v", this.InsecureSkipTLSVerify) + `,`,
+		`CABundle:` + valueToStringGenerated(this.CABundle) + `,`,
+		`GroupPriorityMinimum:` + fmt.Sprintf("%v", this.GroupPriorityMinimum) + `,`,
+		`VersionPriority:` + fmt.Sprintf("%v", this.VersionPriority) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *APIServiceStatus) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&APIServiceStatus{`,
+		`Conditions:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Conditions), "APIServiceCondition", "APIServiceCondition", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ServiceReference) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ServiceReference{`,
+		`Namespace:` + fmt.Sprintf("%v", this.Namespace) + `,`,
+		`Name:` + fmt.Sprintf("%v", this.Name) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func valueToStringGenerated(v interface{}) string {
+	rv := reflect.ValueOf(v)
+	if rv.IsNil() {
+		return "nil"
+	}
+	pv := reflect.Indirect(rv).Interface()
+	return fmt.Sprintf("*%v", pv)
+}
+func (m *APIService) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: APIService: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: APIService: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Status.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *APIServiceCondition) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: APIServiceCondition: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: APIServiceCondition: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Type", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Type = APIServiceConditionType(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Status = ConditionStatus(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field LastTransitionTime", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.LastTransitionTime.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Reason", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Reason = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Message", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Message = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *APIServiceList) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: APIServiceList: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: APIServiceList: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Items = append(m.Items, APIService{})
+			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *APIServiceSpec) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: APIServiceSpec: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: APIServiceSpec: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Service", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Service == nil {
+				m.Service = &ServiceReference{}
+			}
+			if err := m.Service.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Group", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Group = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Version", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Version = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 4:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field InsecureSkipTLSVerify", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.InsecureSkipTLSVerify = bool(v != 0)
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field CABundle", wireType)
+			}
+			var byteLen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				byteLen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if byteLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + byteLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.CABundle = append(m.CABundle[:0], dAtA[iNdEx:postIndex]...)
+			if m.CABundle == nil {
+				m.CABundle = []byte{}
+			}
+			iNdEx = postIndex
+		case 7:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field GroupPriorityMinimum", wireType)
+			}
+			m.GroupPriorityMinimum = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.GroupPriorityMinimum |= (int32(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		case 8:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field VersionPriority", wireType)
+			}
+			m.VersionPriority = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.VersionPriority |= (int32(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *APIServiceStatus) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: APIServiceStatus: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: APIServiceStatus: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Conditions", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Conditions = append(m.Conditions, APIServiceCondition{})
+			if err := m.Conditions[len(m.Conditions)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ServiceReference) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ServiceReference: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ServiceReference: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Namespace", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Namespace = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func skipGenerated(dAtA []byte) (n int, err error) {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return 0, ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return 0, io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		wireType := int(wire & 0x7)
+		switch wireType {
+		case 0:
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return 0, ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return 0, io.ErrUnexpectedEOF
+				}
+				iNdEx++
+				if dAtA[iNdEx-1] < 0x80 {
+					break
+				}
+			}
+			return iNdEx, nil
+		case 1:
+			iNdEx += 8
+			return iNdEx, nil
+		case 2:
+			var length int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return 0, ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return 0, io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				length |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			iNdEx += length
+			if length < 0 {
+				return 0, ErrInvalidLengthGenerated
+			}
+			return iNdEx, nil
+		case 3:
+			for {
+				var innerWire uint64
+				var start int = iNdEx
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return 0, ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return 0, io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					innerWire |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				innerWireType := int(innerWire & 0x7)
+				if innerWireType == 4 {
+					break
+				}
+				next, err := skipGenerated(dAtA[start:])
+				if err != nil {
+					return 0, err
+				}
+				iNdEx = start + next
+			}
+			return iNdEx, nil
+		case 4:
+			return iNdEx, nil
+		case 5:
+			iNdEx += 4
+			return iNdEx, nil
+		default:
+			return 0, fmt.Errorf("proto: illegal wireType %d", wireType)
+		}
+	}
+	panic("unreachable")
+}
+
+var (
+	ErrInvalidLengthGenerated = fmt.Errorf("proto: negative length found during unmarshaling")
+	ErrIntOverflowGenerated   = fmt.Errorf("proto: integer overflow")
+)
+
+func init() {
+	proto.RegisterFile("k8s.io/kubernetes/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/generated.proto", fileDescriptorGenerated)
+}
+
+var fileDescriptorGenerated = []byte{
+	// 829 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x54, 0x41, 0x6f, 0xe3, 0x44,
+	0x14, 0x8e, 0xd3, 0xa4, 0x4d, 0xa7, 0x65, 0x5b, 0x86, 0x5d, 0x6d, 0x54, 0x81, 0x5b, 0x82, 0x04,
+	0x01, 0x69, 0x6d, 0x5a, 0x10, 0x02, 0x21, 0x21, 0xd5, 0x8b, 0x54, 0x55, 0x6a, 0xa1, 0x9a, 0x54,
+	0x3d, 0x00, 0x12, 0x4c, 0x9d, 0x57, 0x77, 0x48, 0x3d, 0xb6, 0x66, 0xc6, 0x96, 0x22, 0x2e, 0xfc,
+	0x03, 0xf8, 0x4d, 0x9c, 0x7a, 0x5c, 0x89, 0x4b, 0x4f, 0x15, 0x0d, 0xff, 0x62, 0x4f, 0x68, 0xc6,
+	0x63, 0x3b, 0x4d, 0xb2, 0x62, 0xa1, 0x97, 0x28, 0xf3, 0xde, 0xfb, 0xbe, 0xef, 0xbd, 0x37, 0x9f,
+	0x07, 0x7d, 0x3f, 0xfa, 0x5c, 0x7a, 0x2c, 0xf1, 0x47, 0xd9, 0x39, 0x08, 0x0e, 0x0a, 0xa4, 0x9f,
+	0x03, 0x1f, 0x26, 0xc2, 0x9f, 0x4a, 0x3c, 0xa3, 0x51, 0x24, 0x20, 0xa2, 0x2a, 0x11, 0x7e, 0x3a,
+	0x8a, 0x7c, 0x9a, 0x32, 0xa9, 0x7f, 0x04, 0x44, 0x4c, 0x2a, 0x41, 0x15, 0x4b, 0xb8, 0x9f, 0xef,
+	0xfa, 0x11, 0x70, 0x10, 0x54, 0xc1, 0xd0, 0x4b, 0x45, 0xa2, 0x12, 0xbc, 0x57, 0x70, 0x78, 0x9a,
+	0xe3, 0xc7, 0x9a, 0xc3, 0x4b, 0x47, 0x91, 0xa7, 0x39, 0xbc, 0x19, 0x0e, 0x2f, 0xdf, 0xdd, 0x7a,
+	0x16, 0x31, 0x75, 0x99, 0x9d, 0x7b, 0x61, 0x12, 0xfb, 0x51, 0x12, 0x25, 0xbe, 0xa1, 0x3a, 0xcf,
+	0x2e, 0xcc, 0xc9, 0x1c, 0xcc, 0xbf, 0x42, 0x62, 0xeb, 0x53, 0xdb, 0x26, 0x4d, 0x59, 0x4c, 0xc3,
+	0x4b, 0xc6, 0x41, 0x8c, 0xeb, 0x1e, 0x63, 0x50, 0x74, 0x41, 0x63, 0x5b, 0xfe, 0xab, 0x50, 0x22,
+	0xe3, 0x8a, 0xc5, 0x30, 0x07, 0xf8, 0xec, 0xdf, 0x00, 0x32, 0xbc, 0x84, 0x98, 0xce, 0xe1, 0x3e,
+	0x79, 0x15, 0x2e, 0x53, 0xec, 0xca, 0x67, 0x5c, 0x49, 0x25, 0x66, 0x41, 0xbd, 0x3f, 0x9a, 0x08,
+	0xed, 0x9f, 0x1c, 0x0e, 0x40, 0xe4, 0x2c, 0x04, 0xfc, 0x13, 0xea, 0xe8, 0x39, 0x86, 0x54, 0xd1,
+	0xae, 0xb3, 0xe3, 0xf4, 0xd7, 0xf6, 0x3e, 0xf6, 0xec, 0x62, 0xa7, 0x69, 0xeb, 0xad, 0xea, 0x6a,
+	0x2f, 0xdf, 0xf5, 0xbe, 0x3d, 0xff, 0x19, 0x42, 0x75, 0x0c, 0x8a, 0x06, 0xf8, 0xfa, 0x76, 0xbb,
+	0x31, 0xb9, 0xdd, 0x46, 0x75, 0x8c, 0x54, 0xac, 0x78, 0x88, 0x5a, 0x32, 0x85, 0xb0, 0xdb, 0x34,
+	0xec, 0x81, 0xf7, 0xdf, 0xaf, 0xcd, 0xab, 0xfb, 0x1d, 0xa4, 0x10, 0x06, 0xeb, 0x56, 0xaf, 0xa5,
+	0x4f, 0xc4, 0xb0, 0xe3, 0x2b, 0xb4, 0x2c, 0x15, 0x55, 0x99, 0xec, 0x2e, 0x19, 0x9d, 0xaf, 0x1f,
+	0xa8, 0x63, 0xb8, 0x82, 0x47, 0x56, 0x69, 0xb9, 0x38, 0x13, 0xab, 0xd1, 0xbb, 0x69, 0xa2, 0xb7,
+	0xea, 0xe2, 0xe7, 0x09, 0x1f, 0x32, 0xcd, 0x81, 0xbf, 0x44, 0x2d, 0x35, 0x4e, 0xc1, 0x6c, 0x72,
+	0x35, 0xf8, 0xa0, 0xec, 0xf3, 0x74, 0x9c, 0xc2, 0xcb, 0xdb, 0xed, 0xa7, 0x0b, 0x20, 0x3a, 0x45,
+	0x0c, 0x08, 0x7f, 0x51, 0x8d, 0xd0, 0x34, 0xf0, 0x77, 0xef, 0x8b, 0xbf, 0xbc, 0xdd, 0xde, 0xa8,
+	0x60, 0xf7, 0xfb, 0xc1, 0x39, 0xc2, 0x57, 0x54, 0xaa, 0x53, 0x41, 0xb9, 0x2c, 0x68, 0x59, 0x0c,
+	0x76, 0x13, 0x1f, 0xbd, 0xde, 0x7d, 0x6a, 0x44, 0xb0, 0x65, 0x25, 0xf1, 0xd1, 0x1c, 0x1b, 0x59,
+	0xa0, 0x80, 0xdf, 0x47, 0xcb, 0x02, 0xa8, 0x4c, 0x78, 0xb7, 0x65, 0x5a, 0xae, 0xf6, 0x45, 0x4c,
+	0x94, 0xd8, 0x2c, 0xfe, 0x10, 0xad, 0xc4, 0x20, 0x25, 0x8d, 0xa0, 0xdb, 0x36, 0x85, 0x1b, 0xb6,
+	0x70, 0xe5, 0xb8, 0x08, 0x93, 0x32, 0xdf, 0xfb, 0xd3, 0x41, 0x8f, 0xea, 0x3d, 0x1d, 0x31, 0xa9,
+	0xf0, 0x0f, 0x73, 0x1e, 0xf5, 0x5e, 0x6f, 0x26, 0x8d, 0x36, 0x0e, 0xdd, 0xb4, 0x72, 0x9d, 0x32,
+	0x32, 0xe5, 0xcf, 0x10, 0xb5, 0x99, 0x82, 0x58, 0x6f, 0x7d, 0xa9, 0xbf, 0xb6, 0xf7, 0xd5, 0xc3,
+	0x8c, 0x13, 0xbc, 0x61, 0xa5, 0xda, 0x87, 0x9a, 0x94, 0x14, 0xdc, 0xbd, 0xbb, 0xa5, 0xe9, 0xa9,
+	0xb4, 0x6f, 0xf1, 0x08, 0xad, 0xc8, 0xe2, 0x68, 0x87, 0xfa, 0x5f, 0x96, 0xb5, 0x8c, 0x04, 0x2e,
+	0x40, 0x00, 0x0f, 0x21, 0x58, 0xd3, 0x5b, 0x2d, 0xa3, 0xa5, 0x02, 0x7e, 0x0f, 0xb5, 0x23, 0x91,
+	0x64, 0xa9, 0xb5, 0x56, 0xd5, 0xe4, 0x81, 0x0e, 0x92, 0x22, 0xa7, 0x6f, 0x29, 0x07, 0x21, 0x59,
+	0xc2, 0x8d, 0x75, 0xa6, 0x6e, 0xe9, 0xac, 0x08, 0x93, 0x32, 0x8f, 0x07, 0xe8, 0x09, 0xe3, 0x12,
+	0xc2, 0x4c, 0xc0, 0x60, 0xc4, 0xd2, 0xd3, 0xa3, 0xc1, 0x19, 0x08, 0x76, 0x31, 0x36, 0x3e, 0xe8,
+	0x04, 0xef, 0x58, 0xe0, 0x93, 0xc3, 0x45, 0x45, 0x64, 0x31, 0x16, 0xf7, 0x51, 0x27, 0xa4, 0x41,
+	0xc6, 0x87, 0x57, 0x85, 0x4d, 0xd6, 0x83, 0x75, 0x7d, 0x67, 0xcf, 0xf7, 0x8b, 0x18, 0xa9, 0xb2,
+	0xf8, 0x04, 0x3d, 0x36, 0x2d, 0x9f, 0x08, 0x96, 0x08, 0xa6, 0xc6, 0xc7, 0x8c, 0xb3, 0x38, 0x8b,
+	0xbb, 0x2b, 0x3b, 0x4e, 0xbf, 0x1d, 0xbc, 0x6d, 0xd5, 0x1f, 0x1f, 0x2c, 0xa8, 0x21, 0x0b, 0x91,
+	0x78, 0x1f, 0x6d, 0xd8, 0xd9, 0xca, 0x4c, 0xb7, 0x63, 0xc8, 0x9e, 0x5a, 0xb2, 0x8d, 0xb3, 0xfb,
+	0x69, 0x32, 0x5b, 0xdf, 0xfb, 0xcd, 0x41, 0x9b, 0xb3, 0x2f, 0x08, 0xfe, 0x05, 0xa1, 0xb0, 0xfc,
+	0x68, 0x65, 0xd7, 0x31, 0x16, 0x3b, 0x78, 0x98, 0xc5, 0xaa, 0x47, 0xa0, 0x7e, 0x78, 0xab, 0x90,
+	0x24, 0x53, 0x72, 0x3d, 0x40, 0x9b, 0xb3, 0xfe, 0xc0, 0x3e, 0x5a, 0xe5, 0x34, 0x06, 0x99, 0xd2,
+	0xb0, 0x7c, 0xa7, 0xde, 0xb4, 0x34, 0xab, 0xdf, 0x94, 0x09, 0x52, 0xd7, 0xe0, 0x1d, 0xd4, 0xd2,
+	0x07, 0xeb, 0x9c, 0xea, 0xed, 0xd5, 0xb5, 0xc4, 0x64, 0x82, 0xfe, 0xf5, 0x9d, 0xdb, 0x78, 0x71,
+	0xe7, 0x36, 0x6e, 0xee, 0xdc, 0xc6, 0xaf, 0x13, 0xd7, 0xb9, 0x9e, 0xb8, 0xce, 0x8b, 0x89, 0xeb,
+	0xdc, 0x4c, 0x5c, 0xe7, 0xaf, 0x89, 0xeb, 0xfc, 0xfe, 0xb7, 0xdb, 0xf8, 0xae, 0x99, 0xef, 0xfe,
+	0x13, 0x00, 0x00, 0xff, 0xff, 0xd7, 0xd9, 0xaa, 0x56, 0x11, 0x08, 0x00, 0x00,
+}
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/generated.proto b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/generated.proto
new file mode 100644
index 000000000000..11b09f6dcdb2
--- /dev/null
+++ b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/generated.proto
@@ -0,0 +1,126 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+
+// This file was autogenerated by go-to-protobuf. Do not edit it manually!
+
+syntax = 'proto2';
+
+package k8s.io.kube_aggregator.pkg.apis.apiregistration.v1;
+
+import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
+import "k8s.io/apimachinery/pkg/runtime/generated.proto";
+import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
+import "k8s.io/apimachinery/pkg/util/intstr/generated.proto";
+
+// Package-wide variables from generator "generated".
+option go_package = "v1";
+
+// APIService represents a server for a particular GroupVersion.
+// Name must be "version.group".
+message APIService {
+  optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+  // Spec contains information for locating and communicating with a server
+  optional APIServiceSpec spec = 2;
+
+  // Status contains derived information about an API server
+  optional APIServiceStatus status = 3;
+}
+
+message APIServiceCondition {
+  // Type is the type of the condition.
+  optional string type = 1;
+
+  // Status is the status of the condition.
+  // Can be True, False, Unknown.
+  optional string status = 2;
+
+  // Last time the condition transitioned from one status to another.
+  // +optional
+  optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 3;
+
+  // Unique, one-word, CamelCase reason for the condition's last transition.
+  // +optional
+  optional string reason = 4;
+
+  // Human-readable message indicating details about last transition.
+  // +optional
+  optional string message = 5;
+}
+
+// APIServiceList is a list of APIService objects.
+message APIServiceList {
+  optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+  repeated APIService items = 2;
+}
+
+// APIServiceSpec contains information for locating and communicating with a server.
+// Only https is supported, though you are able to disable certificate verification.
+message APIServiceSpec {
+  // Service is a reference to the service for this API server.  It must communicate
+  // on port 443
+  // If the Service is nil, that means the handling for the API groupversion is handled locally on this server.
+  // The call will simply delegate to the normal handler chain to be fulfilled.
+  optional ServiceReference service = 1;
+
+  // Group is the API group name this server hosts
+  optional string group = 2;
+
+  // Version is the API version this server hosts.  For example, "v1"
+  optional string version = 3;
+
+  // InsecureSkipTLSVerify disables TLS certificate verification when communicating with this server.
+  // This is strongly discouraged.  You should use the CABundle instead.
+  optional bool insecureSkipTLSVerify = 4;
+
+  // CABundle is a PEM encoded CA bundle which will be used to validate an API server's serving certificate.
+  optional bytes caBundle = 5;
+
+  // GroupPriorityMininum is the priority this group should have at least. Higher priority means that the group is preferred by clients over lower priority ones.
+  // Note that other versions of this group might specify even higher GroupPriorityMininum values such that the whole group gets a higher priority.
+  // The primary sort is based on GroupPriorityMinimum, ordered highest number to lowest (20 before 10).
+  // The secondary sort is based on the alphabetical comparison of the name of the object.  (v1.bar before v1.foo)
+  // We'd recommend something like: *.k8s.io (except extensions) at 18000 and
+  // PaaSes (OpenShift, Deis) are recommended to be in the 2000s
+  optional int32 groupPriorityMinimum = 7;
+
+  // VersionPriority controls the ordering of this API version inside of its group.  Must be greater than zero.
+  // The primary sort is based on VersionPriority, ordered highest to lowest (20 before 10).
+  // The secondary sort is based on the alphabetical comparison of the name of the object.  (v1.bar before v1.foo)
+  // Since it's inside of a group, the number can be small, probably in the 10s.
+  optional int32 versionPriority = 8;
+}
+
+// APIServiceStatus contains derived information about an API server
+message APIServiceStatus {
+  // Current service state of apiService.
+  // +optional
+  // +patchMergeKey=type
+  // +patchStrategy=merge
+  repeated APIServiceCondition conditions = 1;
+}
+
+// ServiceReference holds a reference to Service.legacy.k8s.io
+message ServiceReference {
+  // Namespace is the namespace of the service
+  optional string namespace = 1;
+
+  // Name is the name of the service
+  optional string name = 2;
+}
+
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/register.go b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/register.go
new file mode 100644
index 000000000000..70d277fdf413
--- /dev/null
+++ b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/register.go
@@ -0,0 +1,58 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+const GroupName = "apiregistration.k8s.io"
+
+// SchemeGroupVersion is group version used to register these objects
+var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1"}
+
+// Resource takes an unqualified resource and returns back a Group qualified GroupResource
+func Resource(resource string) schema.GroupResource {
+	return SchemeGroupVersion.WithResource(resource).GroupResource()
+}
+
+var (
+	// TODO: move SchemeBuilder with zz_generated.deepcopy.go to k8s.io/api.
+	// localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes.
+	SchemeBuilder      runtime.SchemeBuilder
+	localSchemeBuilder = &SchemeBuilder
+	AddToScheme        = localSchemeBuilder.AddToScheme
+)
+
+func init() {
+	// We only register manually written functions here. The registration of the
+	// generated functions takes place in the generated files. The separation
+	// makes the code compile even when the generated files are missing.
+	localSchemeBuilder.Register(addKnownTypes)
+}
+
+// Adds the list of known types to the given scheme.
+func addKnownTypes(scheme *runtime.Scheme) error {
+	scheme.AddKnownTypes(SchemeGroupVersion,
+		&APIService{},
+		&APIServiceList{},
+	)
+	metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
+	return nil
+}
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/types.go b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/types.go
new file mode 100644
index 000000000000..a545c3bde044
--- /dev/null
+++ b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/types.go
@@ -0,0 +1,136 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1
+
+import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// APIServiceList is a list of APIService objects.
+type APIServiceList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	Items []APIService `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
+
+// ServiceReference holds a reference to Service.legacy.k8s.io
+type ServiceReference struct {
+	// Namespace is the namespace of the service
+	Namespace string `json:"namespace,omitempty" protobuf:"bytes,1,opt,name=namespace"`
+	// Name is the name of the service
+	Name string `json:"name,omitempty" protobuf:"bytes,2,opt,name=name"`
+}
+
+// APIServiceSpec contains information for locating and communicating with a server.
+// Only https is supported, though you are able to disable certificate verification.
+type APIServiceSpec struct {
+	// Service is a reference to the service for this API server.  It must communicate
+	// on port 443
+	// If the Service is nil, that means the handling for the API groupversion is handled locally on this server.
+	// The call will simply delegate to the normal handler chain to be fulfilled.
+	Service *ServiceReference `json:"service" protobuf:"bytes,1,opt,name=service"`
+	// Group is the API group name this server hosts
+	Group string `json:"group,omitempty" protobuf:"bytes,2,opt,name=group"`
+	// Version is the API version this server hosts.  For example, "v1"
+	Version string `json:"version,omitempty" protobuf:"bytes,3,opt,name=version"`
+
+	// InsecureSkipTLSVerify disables TLS certificate verification when communicating with this server.
+	// This is strongly discouraged.  You should use the CABundle instead.
+	InsecureSkipTLSVerify bool `json:"insecureSkipTLSVerify,omitempty" protobuf:"varint,4,opt,name=insecureSkipTLSVerify"`
+	// CABundle is a PEM encoded CA bundle which will be used to validate an API server's serving certificate.
+	CABundle []byte `json:"caBundle" protobuf:"bytes,5,opt,name=caBundle"`
+
+	// GroupPriorityMininum is the priority this group should have at least. Higher priority means that the group is preferred by clients over lower priority ones.
+	// Note that other versions of this group might specify even higher GroupPriorityMininum values such that the whole group gets a higher priority.
+	// The primary sort is based on GroupPriorityMinimum, ordered highest number to lowest (20 before 10).
+	// The secondary sort is based on the alphabetical comparison of the name of the object.  (v1.bar before v1.foo)
+	// We'd recommend something like: *.k8s.io (except extensions) at 18000 and
+	// PaaSes (OpenShift, Deis) are recommended to be in the 2000s
+	GroupPriorityMinimum int32 `json:"groupPriorityMinimum" protobuf:"varint,7,opt,name=groupPriorityMinimum"`
+
+	// VersionPriority controls the ordering of this API version inside of its group.  Must be greater than zero.
+	// The primary sort is based on VersionPriority, ordered highest to lowest (20 before 10).
+	// The secondary sort is based on the alphabetical comparison of the name of the object.  (v1.bar before v1.foo)
+	// Since it's inside of a group, the number can be small, probably in the 10s.
+	VersionPriority int32 `json:"versionPriority" protobuf:"varint,8,opt,name=versionPriority"`
+
+	// leaving this here so everyone remembers why proto index 6 is skipped
+	// Priority int64 `json:"priority" protobuf:"varint,6,opt,name=priority"`
+}
+
+type ConditionStatus string
+
+// These are valid condition statuses. "ConditionTrue" means a resource is in the condition;
+// "ConditionFalse" means a resource is not in the condition; "ConditionUnknown" means kubernetes
+// can't decide if a resource is in the condition or not. In the future, we could add other
+// intermediate conditions, e.g. ConditionDegraded.
+const (
+	ConditionTrue    ConditionStatus = "True"
+	ConditionFalse   ConditionStatus = "False"
+	ConditionUnknown ConditionStatus = "Unknown"
+)
+
+// APIConditionConditionType is a valid value for APIServiceCondition.Type
+type APIServiceConditionType string
+
+const (
+	// Available indicates that the service exists and is reachable
+	Available APIServiceConditionType = "Available"
+)
+
+type APIServiceCondition struct {
+	// Type is the type of the condition.
+	Type APIServiceConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=APIServiceConditionType"`
+	// Status is the status of the condition.
+	// Can be True, False, Unknown.
+	Status ConditionStatus `json:"status" protobuf:"bytes,2,opt,name=status,casttype=ConditionStatus"`
+	// Last time the condition transitioned from one status to another.
+	// +optional
+	LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,3,opt,name=lastTransitionTime"`
+	// Unique, one-word, CamelCase reason for the condition's last transition.
+	// +optional
+	Reason string `json:"reason,omitempty" protobuf:"bytes,4,opt,name=reason"`
+	// Human-readable message indicating details about last transition.
+	// +optional
+	Message string `json:"message,omitempty" protobuf:"bytes,5,opt,name=message"`
+}
+
+// APIServiceStatus contains derived information about an API server
+type APIServiceStatus struct {
+	// Current service state of apiService.
+	// +optional
+	// +patchMergeKey=type
+	// +patchStrategy=merge
+	Conditions []APIServiceCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"`
+}
+
+// +genclient
+// +genclient:nonNamespaced
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// APIService represents a server for a particular GroupVersion.
+// Name must be "version.group".
+type APIService struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// Spec contains information for locating and communicating with a server
+	Spec APIServiceSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
+	// Status contains derived information about an API server
+	Status APIServiceStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
+}
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/zz_generated.conversion.go b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/zz_generated.conversion.go
new file mode 100644
index 000000000000..65eb10a438e7
--- /dev/null
+++ b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/zz_generated.conversion.go
@@ -0,0 +1,208 @@
+// +build !ignore_autogenerated
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by conversion-gen. DO NOT EDIT.
+
+package v1
+
+import (
+	unsafe "unsafe"
+
+	conversion "k8s.io/apimachinery/pkg/conversion"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	apiregistration "k8s.io/kube-aggregator/pkg/apis/apiregistration"
+)
+
+func init() {
+	localSchemeBuilder.Register(RegisterConversions)
+}
+
+// RegisterConversions adds conversion functions to the given scheme.
+// Public to allow building arbitrary schemes.
+func RegisterConversions(scheme *runtime.Scheme) error {
+	return scheme.AddGeneratedConversionFuncs(
+		Convert_v1_APIService_To_apiregistration_APIService,
+		Convert_apiregistration_APIService_To_v1_APIService,
+		Convert_v1_APIServiceCondition_To_apiregistration_APIServiceCondition,
+		Convert_apiregistration_APIServiceCondition_To_v1_APIServiceCondition,
+		Convert_v1_APIServiceList_To_apiregistration_APIServiceList,
+		Convert_apiregistration_APIServiceList_To_v1_APIServiceList,
+		Convert_v1_APIServiceSpec_To_apiregistration_APIServiceSpec,
+		Convert_apiregistration_APIServiceSpec_To_v1_APIServiceSpec,
+		Convert_v1_APIServiceStatus_To_apiregistration_APIServiceStatus,
+		Convert_apiregistration_APIServiceStatus_To_v1_APIServiceStatus,
+		Convert_v1_ServiceReference_To_apiregistration_ServiceReference,
+		Convert_apiregistration_ServiceReference_To_v1_ServiceReference,
+	)
+}
+
+func autoConvert_v1_APIService_To_apiregistration_APIService(in *APIService, out *apiregistration.APIService, s conversion.Scope) error {
+	out.ObjectMeta = in.ObjectMeta
+	if err := Convert_v1_APIServiceSpec_To_apiregistration_APIServiceSpec(&in.Spec, &out.Spec, s); err != nil {
+		return err
+	}
+	if err := Convert_v1_APIServiceStatus_To_apiregistration_APIServiceStatus(&in.Status, &out.Status, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_v1_APIService_To_apiregistration_APIService is an autogenerated conversion function.
+func Convert_v1_APIService_To_apiregistration_APIService(in *APIService, out *apiregistration.APIService, s conversion.Scope) error {
+	return autoConvert_v1_APIService_To_apiregistration_APIService(in, out, s)
+}
+
+func autoConvert_apiregistration_APIService_To_v1_APIService(in *apiregistration.APIService, out *APIService, s conversion.Scope) error {
+	out.ObjectMeta = in.ObjectMeta
+	if err := Convert_apiregistration_APIServiceSpec_To_v1_APIServiceSpec(&in.Spec, &out.Spec, s); err != nil {
+		return err
+	}
+	if err := Convert_apiregistration_APIServiceStatus_To_v1_APIServiceStatus(&in.Status, &out.Status, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_apiregistration_APIService_To_v1_APIService is an autogenerated conversion function.
+func Convert_apiregistration_APIService_To_v1_APIService(in *apiregistration.APIService, out *APIService, s conversion.Scope) error {
+	return autoConvert_apiregistration_APIService_To_v1_APIService(in, out, s)
+}
+
+func autoConvert_v1_APIServiceCondition_To_apiregistration_APIServiceCondition(in *APIServiceCondition, out *apiregistration.APIServiceCondition, s conversion.Scope) error {
+	out.Type = apiregistration.APIServiceConditionType(in.Type)
+	out.Status = apiregistration.ConditionStatus(in.Status)
+	out.LastTransitionTime = in.LastTransitionTime
+	out.Reason = in.Reason
+	out.Message = in.Message
+	return nil
+}
+
+// Convert_v1_APIServiceCondition_To_apiregistration_APIServiceCondition is an autogenerated conversion function.
+func Convert_v1_APIServiceCondition_To_apiregistration_APIServiceCondition(in *APIServiceCondition, out *apiregistration.APIServiceCondition, s conversion.Scope) error {
+	return autoConvert_v1_APIServiceCondition_To_apiregistration_APIServiceCondition(in, out, s)
+}
+
+func autoConvert_apiregistration_APIServiceCondition_To_v1_APIServiceCondition(in *apiregistration.APIServiceCondition, out *APIServiceCondition, s conversion.Scope) error {
+	out.Type = APIServiceConditionType(in.Type)
+	out.Status = ConditionStatus(in.Status)
+	out.LastTransitionTime = in.LastTransitionTime
+	out.Reason = in.Reason
+	out.Message = in.Message
+	return nil
+}
+
+// Convert_apiregistration_APIServiceCondition_To_v1_APIServiceCondition is an autogenerated conversion function.
+func Convert_apiregistration_APIServiceCondition_To_v1_APIServiceCondition(in *apiregistration.APIServiceCondition, out *APIServiceCondition, s conversion.Scope) error {
+	return autoConvert_apiregistration_APIServiceCondition_To_v1_APIServiceCondition(in, out, s)
+}
+
+func autoConvert_v1_APIServiceList_To_apiregistration_APIServiceList(in *APIServiceList, out *apiregistration.APIServiceList, s conversion.Scope) error {
+	out.ListMeta = in.ListMeta
+	out.Items = *(*[]apiregistration.APIService)(unsafe.Pointer(&in.Items))
+	return nil
+}
+
+// Convert_v1_APIServiceList_To_apiregistration_APIServiceList is an autogenerated conversion function.
+func Convert_v1_APIServiceList_To_apiregistration_APIServiceList(in *APIServiceList, out *apiregistration.APIServiceList, s conversion.Scope) error {
+	return autoConvert_v1_APIServiceList_To_apiregistration_APIServiceList(in, out, s)
+}
+
+func autoConvert_apiregistration_APIServiceList_To_v1_APIServiceList(in *apiregistration.APIServiceList, out *APIServiceList, s conversion.Scope) error {
+	out.ListMeta = in.ListMeta
+	out.Items = *(*[]APIService)(unsafe.Pointer(&in.Items))
+	return nil
+}
+
+// Convert_apiregistration_APIServiceList_To_v1_APIServiceList is an autogenerated conversion function.
+func Convert_apiregistration_APIServiceList_To_v1_APIServiceList(in *apiregistration.APIServiceList, out *APIServiceList, s conversion.Scope) error {
+	return autoConvert_apiregistration_APIServiceList_To_v1_APIServiceList(in, out, s)
+}
+
+func autoConvert_v1_APIServiceSpec_To_apiregistration_APIServiceSpec(in *APIServiceSpec, out *apiregistration.APIServiceSpec, s conversion.Scope) error {
+	out.Service = (*apiregistration.ServiceReference)(unsafe.Pointer(in.Service))
+	out.Group = in.Group
+	out.Version = in.Version
+	out.InsecureSkipTLSVerify = in.InsecureSkipTLSVerify
+	out.CABundle = *(*[]byte)(unsafe.Pointer(&in.CABundle))
+	out.GroupPriorityMinimum = in.GroupPriorityMinimum
+	out.VersionPriority = in.VersionPriority
+	return nil
+}
+
+// Convert_v1_APIServiceSpec_To_apiregistration_APIServiceSpec is an autogenerated conversion function.
+func Convert_v1_APIServiceSpec_To_apiregistration_APIServiceSpec(in *APIServiceSpec, out *apiregistration.APIServiceSpec, s conversion.Scope) error {
+	return autoConvert_v1_APIServiceSpec_To_apiregistration_APIServiceSpec(in, out, s)
+}
+
+func autoConvert_apiregistration_APIServiceSpec_To_v1_APIServiceSpec(in *apiregistration.APIServiceSpec, out *APIServiceSpec, s conversion.Scope) error {
+	out.Service = (*ServiceReference)(unsafe.Pointer(in.Service))
+	out.Group = in.Group
+	out.Version = in.Version
+	out.InsecureSkipTLSVerify = in.InsecureSkipTLSVerify
+	out.CABundle = *(*[]byte)(unsafe.Pointer(&in.CABundle))
+	out.GroupPriorityMinimum = in.GroupPriorityMinimum
+	out.VersionPriority = in.VersionPriority
+	return nil
+}
+
+// Convert_apiregistration_APIServiceSpec_To_v1_APIServiceSpec is an autogenerated conversion function.
+func Convert_apiregistration_APIServiceSpec_To_v1_APIServiceSpec(in *apiregistration.APIServiceSpec, out *APIServiceSpec, s conversion.Scope) error {
+	return autoConvert_apiregistration_APIServiceSpec_To_v1_APIServiceSpec(in, out, s)
+}
+
+func autoConvert_v1_APIServiceStatus_To_apiregistration_APIServiceStatus(in *APIServiceStatus, out *apiregistration.APIServiceStatus, s conversion.Scope) error {
+	out.Conditions = *(*[]apiregistration.APIServiceCondition)(unsafe.Pointer(&in.Conditions))
+	return nil
+}
+
+// Convert_v1_APIServiceStatus_To_apiregistration_APIServiceStatus is an autogenerated conversion function.
+func Convert_v1_APIServiceStatus_To_apiregistration_APIServiceStatus(in *APIServiceStatus, out *apiregistration.APIServiceStatus, s conversion.Scope) error {
+	return autoConvert_v1_APIServiceStatus_To_apiregistration_APIServiceStatus(in, out, s)
+}
+
+func autoConvert_apiregistration_APIServiceStatus_To_v1_APIServiceStatus(in *apiregistration.APIServiceStatus, out *APIServiceStatus, s conversion.Scope) error {
+	out.Conditions = *(*[]APIServiceCondition)(unsafe.Pointer(&in.Conditions))
+	return nil
+}
+
+// Convert_apiregistration_APIServiceStatus_To_v1_APIServiceStatus is an autogenerated conversion function.
+func Convert_apiregistration_APIServiceStatus_To_v1_APIServiceStatus(in *apiregistration.APIServiceStatus, out *APIServiceStatus, s conversion.Scope) error {
+	return autoConvert_apiregistration_APIServiceStatus_To_v1_APIServiceStatus(in, out, s)
+}
+
+func autoConvert_v1_ServiceReference_To_apiregistration_ServiceReference(in *ServiceReference, out *apiregistration.ServiceReference, s conversion.Scope) error {
+	out.Namespace = in.Namespace
+	out.Name = in.Name
+	return nil
+}
+
+// Convert_v1_ServiceReference_To_apiregistration_ServiceReference is an autogenerated conversion function.
+func Convert_v1_ServiceReference_To_apiregistration_ServiceReference(in *ServiceReference, out *apiregistration.ServiceReference, s conversion.Scope) error {
+	return autoConvert_v1_ServiceReference_To_apiregistration_ServiceReference(in, out, s)
+}
+
+func autoConvert_apiregistration_ServiceReference_To_v1_ServiceReference(in *apiregistration.ServiceReference, out *ServiceReference, s conversion.Scope) error {
+	out.Namespace = in.Namespace
+	out.Name = in.Name
+	return nil
+}
+
+// Convert_apiregistration_ServiceReference_To_v1_ServiceReference is an autogenerated conversion function.
+func Convert_apiregistration_ServiceReference_To_v1_ServiceReference(in *apiregistration.ServiceReference, out *ServiceReference, s conversion.Scope) error {
+	return autoConvert_apiregistration_ServiceReference_To_v1_ServiceReference(in, out, s)
+}
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/zz_generated.deepcopy.go b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/zz_generated.deepcopy.go
new file mode 100644
index 000000000000..0a109455ae14
--- /dev/null
+++ b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/zz_generated.deepcopy.go
@@ -0,0 +1,172 @@
+// +build !ignore_autogenerated
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by deepcopy-gen. DO NOT EDIT.
+
+package v1
+
+import (
+	runtime "k8s.io/apimachinery/pkg/runtime"
+)
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *APIService) DeepCopyInto(out *APIService) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	in.Status.DeepCopyInto(&out.Status)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIService.
+func (in *APIService) DeepCopy() *APIService {
+	if in == nil {
+		return nil
+	}
+	out := new(APIService)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *APIService) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *APIServiceCondition) DeepCopyInto(out *APIServiceCondition) {
+	*out = *in
+	in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServiceCondition.
+func (in *APIServiceCondition) DeepCopy() *APIServiceCondition {
+	if in == nil {
+		return nil
+	}
+	out := new(APIServiceCondition)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *APIServiceList) DeepCopyInto(out *APIServiceList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	out.ListMeta = in.ListMeta
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]APIService, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServiceList.
+func (in *APIServiceList) DeepCopy() *APIServiceList {
+	if in == nil {
+		return nil
+	}
+	out := new(APIServiceList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *APIServiceList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *APIServiceSpec) DeepCopyInto(out *APIServiceSpec) {
+	*out = *in
+	if in.Service != nil {
+		in, out := &in.Service, &out.Service
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(ServiceReference)
+			**out = **in
+		}
+	}
+	if in.CABundle != nil {
+		in, out := &in.CABundle, &out.CABundle
+		*out = make([]byte, len(*in))
+		copy(*out, *in)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServiceSpec.
+func (in *APIServiceSpec) DeepCopy() *APIServiceSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(APIServiceSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *APIServiceStatus) DeepCopyInto(out *APIServiceStatus) {
+	*out = *in
+	if in.Conditions != nil {
+		in, out := &in.Conditions, &out.Conditions
+		*out = make([]APIServiceCondition, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServiceStatus.
+func (in *APIServiceStatus) DeepCopy() *APIServiceStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(APIServiceStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ServiceReference) DeepCopyInto(out *ServiceReference) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceReference.
+func (in *ServiceReference) DeepCopy() *ServiceReference {
+	if in == nil {
+		return nil
+	}
+	out := new(ServiceReference)
+	in.DeepCopyInto(out)
+	return out
+}
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/zz_generated.conversion.go
index 27385cbb226f..b32e3542a269 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/zz_generated.conversion.go
@@ -16,15 +16,16 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	unsafe "unsafe"
+
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	apiregistration "k8s.io/kube-aggregator/pkg/apis/apiregistration"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/zz_generated.deepcopy.go
index b449aad34647..ef08fb9fa272 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1beta1
 
@@ -48,9 +48,8 @@ func (in *APIService) DeepCopy() *APIService {
 func (in *APIService) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -99,9 +98,8 @@ func (in *APIServiceList) DeepCopy() *APIServiceList {
 func (in *APIServiceList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/zz_generated.deepcopy.go b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/zz_generated.deepcopy.go
index 629193beb86a..ab24172e2b7e 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package apiregistration
 
@@ -48,9 +48,8 @@ func (in *APIService) DeepCopy() *APIService {
 func (in *APIService) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -99,9 +98,8 @@ func (in *APIServiceList) DeepCopy() *APIServiceList {
 func (in *APIServiceList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -157,6 +155,60 @@ func (in *APIServiceStatus) DeepCopy() *APIServiceStatus {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in ByGroupPriorityMinimum) DeepCopyInto(out *ByGroupPriorityMinimum) {
+	{
+		in := &in
+		*out = make(ByGroupPriorityMinimum, len(*in))
+		for i := range *in {
+			if (*in)[i] == nil {
+				(*out)[i] = nil
+			} else {
+				(*out)[i] = new(APIService)
+				(*in)[i].DeepCopyInto((*out)[i])
+			}
+		}
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ByGroupPriorityMinimum.
+func (in ByGroupPriorityMinimum) DeepCopy() ByGroupPriorityMinimum {
+	if in == nil {
+		return nil
+	}
+	out := new(ByGroupPriorityMinimum)
+	in.DeepCopyInto(out)
+	return *out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in ByVersionPriority) DeepCopyInto(out *ByVersionPriority) {
+	{
+		in := &in
+		*out = make(ByVersionPriority, len(*in))
+		for i := range *in {
+			if (*in)[i] == nil {
+				(*out)[i] = nil
+			} else {
+				(*out)[i] = new(APIService)
+				(*in)[i].DeepCopyInto((*out)[i])
+			}
+		}
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ByVersionPriority.
+func (in ByVersionPriority) DeepCopy() ByVersionPriority {
+	if in == nil {
+		return nil
+	}
+	out := new(ByVersionPriority)
+	in.DeepCopyInto(out)
+	return *out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *ServiceReference) DeepCopyInto(out *ServiceReference) {
 	*out = *in
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apiserver/BUILD b/vendor/k8s.io/kube-aggregator/pkg/apiserver/BUILD
index caddde3de3b4..fb99dbbedc27 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/apiserver/BUILD
+++ b/vendor/k8s.io/kube-aggregator/pkg/apiserver/BUILD
@@ -12,8 +12,7 @@ go_test(
         "handler_apis_test.go",
         "handler_proxy_test.go",
     ],
-    importpath = "k8s.io/kube-aggregator/pkg/apiserver",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/golang.org/x/net/websocket:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
@@ -25,6 +24,7 @@ go_test(
         "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
         "//vendor/k8s.io/client-go/tools/cache:go_default_library",
         "//vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration:go_default_library",
+        "//vendor/k8s.io/kube-aggregator/pkg/apiserver/scheme:go_default_library",
         "//vendor/k8s.io/kube-aggregator/pkg/client/listers/apiregistration/internalversion:go_default_library",
     ],
 )
@@ -41,10 +41,7 @@ go_library(
     importpath = "k8s.io/kube-aggregator/pkg/apiserver",
     deps = [
         "//vendor/github.com/golang/glog:go_default_library",
-        "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apimachinery/announced:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apimachinery/registered:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
@@ -60,11 +57,10 @@ go_library(
         "//vendor/k8s.io/apiserver/pkg/endpoints/handlers/responsewriters:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/features:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/registry/rest:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server/storage:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/proxy:go_default_library",
-        "//vendor/k8s.io/client-go/informers/core/v1:go_default_library",
         "//vendor/k8s.io/client-go/listers/core/v1:go_default_library",
         "//vendor/k8s.io/client-go/pkg/version:go_default_library",
         "//vendor/k8s.io/client-go/rest:go_default_library",
@@ -72,8 +68,9 @@ go_library(
         "//vendor/k8s.io/client-go/transport:go_default_library",
         "//vendor/k8s.io/client-go/util/workqueue:go_default_library",
         "//vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration:go_default_library",
-        "//vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/install:go_default_library",
+        "//vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1:go_default_library",
         "//vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1:go_default_library",
+        "//vendor/k8s.io/kube-aggregator/pkg/apiserver/scheme:go_default_library",
         "//vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset:go_default_library",
         "//vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion:go_default_library",
         "//vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/apiregistration/internalversion:go_default_library",
@@ -81,7 +78,7 @@ go_library(
         "//vendor/k8s.io/kube-aggregator/pkg/controllers:go_default_library",
         "//vendor/k8s.io/kube-aggregator/pkg/controllers/openapi:go_default_library",
         "//vendor/k8s.io/kube-aggregator/pkg/controllers/status:go_default_library",
-        "//vendor/k8s.io/kube-aggregator/pkg/registry/apiservice/etcd:go_default_library",
+        "//vendor/k8s.io/kube-aggregator/pkg/registry/apiservice/rest:go_default_library",
     ],
 )
 
@@ -94,6 +91,9 @@ filegroup(
 
 filegroup(
     name = "all-srcs",
-    srcs = [":package-srcs"],
+    srcs = [
+        ":package-srcs",
+        "//staging/src/k8s.io/kube-aggregator/pkg/apiserver/scheme:all-srcs",
+    ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apiserver/apiserver.go b/vendor/k8s.io/kube-aggregator/pkg/apiserver/apiserver.go
index f9188609ea8d..980b641f968b 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/apiserver/apiserver.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/apiserver/apiserver.go
@@ -20,44 +20,32 @@ import (
 	"net/http"
 	"time"
 
-	"k8s.io/apimachinery/pkg/apimachinery/announced"
-	"k8s.io/apimachinery/pkg/apimachinery/registered"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
-	"k8s.io/apimachinery/pkg/runtime/serializer"
 	"k8s.io/apimachinery/pkg/util/sets"
 	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
-	"k8s.io/apiserver/pkg/registry/rest"
 	genericapiserver "k8s.io/apiserver/pkg/server"
+	serverstorage "k8s.io/apiserver/pkg/server/storage"
 	"k8s.io/client-go/pkg/version"
 
 	"k8s.io/kube-aggregator/pkg/apis/apiregistration"
-	"k8s.io/kube-aggregator/pkg/apis/apiregistration/install"
+	"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1"
 	"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1"
+	aggregatorscheme "k8s.io/kube-aggregator/pkg/apiserver/scheme"
 	"k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset"
 	informers "k8s.io/kube-aggregator/pkg/client/informers/internalversion"
 	listers "k8s.io/kube-aggregator/pkg/client/listers/apiregistration/internalversion"
 	openapicontroller "k8s.io/kube-aggregator/pkg/controllers/openapi"
 	statuscontrollers "k8s.io/kube-aggregator/pkg/controllers/status"
-	apiservicestorage "k8s.io/kube-aggregator/pkg/registry/apiservice/etcd"
-)
-
-var (
-	groupFactoryRegistry = make(announced.APIGroupFactoryRegistry)
-	registry             = registered.NewOrDie("")
-	Scheme               = runtime.NewScheme()
-	Codecs               = serializer.NewCodecFactory(Scheme)
+	apiservicerest "k8s.io/kube-aggregator/pkg/registry/apiservice/rest"
 )
 
 func init() {
-	install.Install(groupFactoryRegistry, registry, Scheme)
-
 	// we need to add the options (like ListOptions) to empty v1
-	metav1.AddToGroupVersion(Scheme, schema.GroupVersion{Group: "", Version: "v1"})
+	metav1.AddToGroupVersion(aggregatorscheme.Scheme, schema.GroupVersion{Group: "", Version: "v1"})
 
 	unversioned := schema.GroupVersion{Group: "", Version: "v1"}
-	Scheme.AddUnversionedTypes(unversioned,
+	aggregatorscheme.Scheme.AddUnversionedTypes(unversioned,
 		&metav1.Status{},
 		&metav1.APIVersions{},
 		&metav1.APIGroupList{},
@@ -181,27 +169,20 @@ func (c completedConfig) NewWithDelegate(delegationTarget genericapiserver.Deleg
 		serviceResolver:          c.ExtraConfig.ServiceResolver,
 	}
 
-	apiGroupInfo := genericapiserver.NewDefaultAPIGroupInfo(apiregistration.GroupName, registry, Scheme, metav1.ParameterCodec, Codecs)
-	apiGroupInfo.GroupMeta.GroupVersion = v1beta1.SchemeGroupVersion
-	v1beta1storage := map[string]rest.Storage{}
-	apiServiceREST := apiservicestorage.NewREST(Scheme, c.GenericConfig.RESTOptionsGetter)
-	v1beta1storage["apiservices"] = apiServiceREST
-	v1beta1storage["apiservices/status"] = apiservicestorage.NewStatusREST(Scheme, apiServiceREST)
-	apiGroupInfo.VersionedResourcesStorageMap["v1beta1"] = v1beta1storage
-
+	apiGroupInfo := apiservicerest.NewRESTStorage(c.GenericConfig.MergedResourceConfig, c.GenericConfig.RESTOptionsGetter)
 	if err := s.GenericAPIServer.InstallAPIGroup(&apiGroupInfo); err != nil {
 		return nil, err
 	}
 
 	apisHandler := &apisHandler{
-		codecs: Codecs,
+		codecs: aggregatorscheme.Codecs,
 		lister: s.lister,
 		mapper: s.contextMapper,
 	}
 	s.GenericAPIServer.Handler.NonGoRestfulMux.Handle("/apis", apisHandler)
 	s.GenericAPIServer.Handler.NonGoRestfulMux.UnlistedHandle("/apis/", apisHandler)
 
-	apiserviceRegistrationController := NewAPIServiceRegistrationController(informerFactory.Apiregistration().InternalVersion().APIServices(), c.GenericConfig.SharedInformerFactory.Core().V1().Services(), s)
+	apiserviceRegistrationController := NewAPIServiceRegistrationController(informerFactory.Apiregistration().InternalVersion().APIServices(), s)
 	availableController := statuscontrollers.NewAvailableConditionController(
 		informerFactory.Apiregistration().InternalVersion().APIServices(),
 		c.GenericConfig.SharedInformerFactory.Core().V1().Services(),
@@ -297,7 +278,7 @@ func (s *APIAggregator) AddAPIService(apiService *apiregistration.APIService) er
 	// it's time to register the group aggregation endpoint
 	groupPath := "/apis/" + apiService.Spec.Group
 	groupDiscoveryHandler := &apiGroupHandler{
-		codecs:        Codecs,
+		codecs:        aggregatorscheme.Codecs,
 		groupName:     apiService.Spec.Group,
 		lister:        s.lister,
 		delegate:      s.delegateHandler,
@@ -330,3 +311,14 @@ func (s *APIAggregator) RemoveAPIService(apiServiceName string) {
 	// TODO unregister group level discovery when there are no more versions for the group
 	// We don't need this right away because the handler properly delegates when no versions are present
 }
+
+func DefaultAPIResourceConfigSource() *serverstorage.ResourceConfig {
+	ret := serverstorage.NewResourceConfig()
+	// NOTE: GroupVersions listed here will be enabled by default. Don't put alpha versions in the list.
+	ret.EnableVersions(
+		v1.SchemeGroupVersion,
+		v1beta1.SchemeGroupVersion,
+	)
+
+	return ret
+}
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apiserver/apiservice_controller.go b/vendor/k8s.io/kube-aggregator/pkg/apiserver/apiservice_controller.go
index 2ed0a4b5294a..8eec79589cec 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/apiserver/apiservice_controller.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/apiserver/apiservice_controller.go
@@ -22,13 +22,9 @@ import (
 
 	"github.com/golang/glog"
 
-	"k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
-	"k8s.io/apimachinery/pkg/labels"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/wait"
-	v1informers "k8s.io/client-go/informers/core/v1"
-	v1listers "k8s.io/client-go/listers/core/v1"
 	"k8s.io/client-go/tools/cache"
 	"k8s.io/client-go/util/workqueue"
 
@@ -49,23 +45,17 @@ type APIServiceRegistrationController struct {
 	apiServiceLister listers.APIServiceLister
 	apiServiceSynced cache.InformerSynced
 
-	// serviceLister is used to get the IP to create the transport for
-	serviceLister  v1listers.ServiceLister
-	servicesSynced cache.InformerSynced
-
 	// To allow injection for testing.
 	syncFn func(key string) error
 
 	queue workqueue.RateLimitingInterface
 }
 
-func NewAPIServiceRegistrationController(apiServiceInformer informers.APIServiceInformer, serviceInformer v1informers.ServiceInformer, apiHandlerManager APIHandlerManager) *APIServiceRegistrationController {
+func NewAPIServiceRegistrationController(apiServiceInformer informers.APIServiceInformer, apiHandlerManager APIHandlerManager) *APIServiceRegistrationController {
 	c := &APIServiceRegistrationController{
 		apiHandlerManager: apiHandlerManager,
 		apiServiceLister:  apiServiceInformer.Lister(),
 		apiServiceSynced:  apiServiceInformer.Informer().HasSynced,
-		serviceLister:     serviceInformer.Lister(),
-		servicesSynced:    serviceInformer.Informer().HasSynced,
 		queue:             workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "APIServiceRegistrationController"),
 	}
 
@@ -75,12 +65,6 @@ func NewAPIServiceRegistrationController(apiServiceInformer informers.APIService
 		DeleteFunc: c.deleteAPIService,
 	})
 
-	serviceInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
-		AddFunc:    c.addService,
-		UpdateFunc: c.updateService,
-		DeleteFunc: c.deleteService,
-	})
-
 	c.syncFn = c.sync
 
 	return c
@@ -96,12 +80,6 @@ func (c *APIServiceRegistrationController) sync(key string) error {
 		return err
 	}
 
-	// remove registration handling for APIServices which are not available
-	if !apiregistration.IsAPIServiceConditionTrue(apiService, apiregistration.Available) {
-		c.apiHandlerManager.RemoveAPIService(key)
-		return nil
-	}
-
 	return c.apiHandlerManager.AddAPIService(apiService)
 }
 
@@ -112,7 +90,7 @@ func (c *APIServiceRegistrationController) Run(stopCh <-chan struct{}) {
 	glog.Infof("Starting APIServiceRegistrationController")
 	defer glog.Infof("Shutting down APIServiceRegistrationController")
 
-	if !controllers.WaitForCacheSync("APIServiceRegistrationController", stopCh, c.apiServiceSynced, c.servicesSynced) {
+	if !controllers.WaitForCacheSync("APIServiceRegistrationController", stopCh, c.apiServiceSynced) {
 		return
 	}
 
@@ -187,52 +165,3 @@ func (c *APIServiceRegistrationController) deleteAPIService(obj interface{}) {
 	glog.V(4).Infof("Deleting %q", castObj.Name)
 	c.enqueue(castObj)
 }
-
-// there aren't very many apiservices, just check them all.
-func (c *APIServiceRegistrationController) getAPIServicesFor(service *v1.Service) []*apiregistration.APIService {
-	var ret []*apiregistration.APIService
-	apiServiceList, _ := c.apiServiceLister.List(labels.Everything())
-	for _, apiService := range apiServiceList {
-		if apiService.Spec.Service == nil {
-			continue
-		}
-		if apiService.Spec.Service.Namespace == service.Namespace && apiService.Spec.Service.Name == service.Name {
-			ret = append(ret, apiService)
-		}
-	}
-
-	return ret
-}
-
-// TODO, think of a way to avoid checking on every service manipulation
-
-func (c *APIServiceRegistrationController) addService(obj interface{}) {
-	for _, apiService := range c.getAPIServicesFor(obj.(*v1.Service)) {
-		c.enqueue(apiService)
-	}
-}
-
-func (c *APIServiceRegistrationController) updateService(obj, _ interface{}) {
-	for _, apiService := range c.getAPIServicesFor(obj.(*v1.Service)) {
-		c.enqueue(apiService)
-	}
-}
-
-func (c *APIServiceRegistrationController) deleteService(obj interface{}) {
-	castObj, ok := obj.(*v1.Service)
-	if !ok {
-		tombstone, ok := obj.(cache.DeletedFinalStateUnknown)
-		if !ok {
-			glog.Errorf("Couldn't get object from tombstone %#v", obj)
-			return
-		}
-		castObj, ok = tombstone.Obj.(*v1.Service)
-		if !ok {
-			glog.Errorf("Tombstone contained object that is not expected %#v", obj)
-			return
-		}
-	}
-	for _, apiService := range c.getAPIServicesFor(castObj) {
-		c.enqueue(apiService)
-	}
-}
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apiserver/handler_apis.go b/vendor/k8s.io/kube-aggregator/pkg/apiserver/handler_apis.go
index 6fea03ca5fea..eef59fd2eed3 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/apiserver/handler_apis.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/apiserver/handler_apis.go
@@ -29,6 +29,7 @@ import (
 	"k8s.io/apiserver/pkg/endpoints/request"
 
 	apiregistrationapi "k8s.io/kube-aggregator/pkg/apis/apiregistration"
+	apiregistrationv1api "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1"
 	apiregistrationv1beta1api "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1"
 	listers "k8s.io/kube-aggregator/pkg/client/listers/apiregistration/internalversion"
 )
@@ -44,14 +45,18 @@ type apisHandler struct {
 var discoveryGroup = metav1.APIGroup{
 	Name: apiregistrationapi.GroupName,
 	Versions: []metav1.GroupVersionForDiscovery{
+		{
+			GroupVersion: apiregistrationv1api.SchemeGroupVersion.String(),
+			Version:      apiregistrationv1api.SchemeGroupVersion.Version,
+		},
 		{
 			GroupVersion: apiregistrationv1beta1api.SchemeGroupVersion.String(),
 			Version:      apiregistrationv1beta1api.SchemeGroupVersion.Version,
 		},
 	},
 	PreferredVersion: metav1.GroupVersionForDiscovery{
-		GroupVersion: apiregistrationv1beta1api.SchemeGroupVersion.String(),
-		Version:      apiregistrationv1beta1api.SchemeGroupVersion.Version,
+		GroupVersion: apiregistrationv1api.SchemeGroupVersion.String(),
+		Version:      apiregistrationv1api.SchemeGroupVersion.Version,
 	},
 }
 
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apiserver/handler_proxy.go b/vendor/k8s.io/kube-aggregator/pkg/apiserver/handler_proxy.go
index 7c179ab7cf3d..7d3d603b5d74 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/apiserver/handler_proxy.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/apiserver/handler_proxy.go
@@ -74,6 +74,8 @@ type proxyHandlingInfo struct {
 	serviceName string
 	// namespace is the namespace the service lives in
 	serviceNamespace string
+	// serviceAvailable indicates this APIService is available or not
+	serviceAvailable bool
 }
 
 func (r *proxyHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
@@ -92,6 +94,11 @@ func (r *proxyHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 		return
 	}
 
+	if !handlingInfo.serviceAvailable {
+		http.Error(w, "service unavailable", http.StatusServiceUnavailable)
+		return
+	}
+
 	if handlingInfo.transportBuildingError != nil {
 		http.Error(w, handlingInfo.transportBuildingError.Error(), http.StatusInternalServerError)
 		return
@@ -113,7 +120,8 @@ func (r *proxyHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 	location.Scheme = "https"
 	rloc, err := r.serviceResolver.ResolveEndpoint(handlingInfo.serviceNamespace, handlingInfo.serviceName)
 	if err != nil {
-		http.Error(w, fmt.Sprintf("missing route (%s)", err.Error()), http.StatusInternalServerError)
+		glog.Errorf("error resolving %s/%s: %v", handlingInfo.serviceNamespace, handlingInfo.serviceName, err)
+		http.Error(w, "service unavailable", http.StatusServiceUnavailable)
 		return
 	}
 	location.Host = rloc.Host
@@ -205,9 +213,10 @@ func (r *proxyHandler) updateAPIService(apiService *apiregistrationapi.APIServic
 		},
 		serviceName:      apiService.Spec.Service.Name,
 		serviceNamespace: apiService.Spec.Service.Namespace,
+		serviceAvailable: apiregistrationapi.IsAPIServiceConditionTrue(apiService, apiregistrationapi.Available),
 	}
 	newInfo.proxyRoundTripper, newInfo.transportBuildingError = restclient.TransportFor(newInfo.restConfig)
-	if newInfo.transportBuildingError == nil && r.proxyTransport.Dial != nil {
+	if newInfo.transportBuildingError == nil && r.proxyTransport != nil && r.proxyTransport.Dial != nil {
 		switch transport := newInfo.proxyRoundTripper.(type) {
 		case *http.Transport:
 			transport.Dial = r.proxyTransport.Dial
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apiserver/scheme/BUILD b/vendor/k8s.io/kube-aggregator/pkg/apiserver/scheme/BUILD
new file mode 100644
index 000000000000..e183702792c3
--- /dev/null
+++ b/vendor/k8s.io/kube-aggregator/pkg/apiserver/scheme/BUILD
@@ -0,0 +1,32 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["scheme.go"],
+    importpath = "k8s.io/kube-aggregator/pkg/apiserver/scheme",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//vendor/k8s.io/apimachinery/pkg/apimachinery/announced:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apimachinery/registered:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library",
+        "//vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration:go_default_library",
+        "//vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/install:go_default_library",
+        "//vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1:go_default_library",
+        "//vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/kube-aggregator/pkg/apiserver/scheme/scheme.go b/vendor/k8s.io/kube-aggregator/pkg/apiserver/scheme/scheme.go
new file mode 100644
index 000000000000..39cd3e9f4f54
--- /dev/null
+++ b/vendor/k8s.io/kube-aggregator/pkg/apiserver/scheme/scheme.go
@@ -0,0 +1,54 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package scheme
+
+import (
+	"k8s.io/apimachinery/pkg/apimachinery/announced"
+	"k8s.io/apimachinery/pkg/apimachinery/registered"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/serializer"
+
+	"k8s.io/kube-aggregator/pkg/apis/apiregistration"
+	"k8s.io/kube-aggregator/pkg/apis/apiregistration/install"
+	"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1"
+	"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1"
+)
+
+var (
+	// Scheme defines methods for serializing and deserializing API objects.
+	Scheme = runtime.NewScheme()
+	// Codecs provides methods for retrieving codecs and serializers for specific
+	// versions and content types.
+	Codecs = serializer.NewCodecFactory(Scheme)
+	// groupFactoryRegistry is the APIGroupFactoryRegistry.
+	groupFactoryRegistry = make(announced.APIGroupFactoryRegistry)
+	// Registry is an instance of an API registry.  This is an interim step to start removing the idea of a global
+	// API registry.
+	Registry = registered.NewOrDie("")
+)
+
+func init() {
+	AddToScheme(Scheme)
+	install.Install(groupFactoryRegistry, Registry, Scheme)
+}
+
+// AddToScheme adds the types of this group into the given scheme.
+func AddToScheme(scheme *runtime.Scheme) {
+	v1beta1.AddToScheme(scheme)
+	v1.AddToScheme(scheme)
+	apiregistration.AddToScheme(scheme)
+}
diff --git a/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/clientset.go b/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/clientset.go
index 9a55bbe63c74..18d8e0099e4d 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/clientset.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/clientset.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalclientset
 
 import (
diff --git a/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/doc.go b/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/doc.go
index 4ede718dee1b..22ccee919683 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/doc.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated clientset.
 package internalclientset
diff --git a/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/scheme/doc.go b/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/scheme/doc.go
index 3d3ab5f4edfa..5c5c8debb6b4 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/scheme/doc.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/scheme/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package contains the scheme of the automatically generated clientset.
 package scheme
diff --git a/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/scheme/register.go b/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/scheme/register.go
index 37cf87b09842..12eb1ae9d0a9 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/scheme/register.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/scheme/register.go
@@ -14,9 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package scheme
 
 import (
+	os "os"
+
 	announced "k8s.io/apimachinery/pkg/apimachinery/announced"
 	registered "k8s.io/apimachinery/pkg/apimachinery/registered"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -24,7 +28,6 @@ import (
 	schema "k8s.io/apimachinery/pkg/runtime/schema"
 	serializer "k8s.io/apimachinery/pkg/runtime/serializer"
 	apiregistration "k8s.io/kube-aggregator/pkg/apis/apiregistration/install"
-	os "os"
 )
 
 var Scheme = runtime.NewScheme()
@@ -42,5 +45,4 @@ func init() {
 // Install registers the API group and adds types to a scheme
 func Install(groupFactoryRegistry announced.APIGroupFactoryRegistry, registry *registered.APIRegistrationManager, scheme *runtime.Scheme) {
 	apiregistration.Install(groupFactoryRegistry, registry, scheme)
-
 }
diff --git a/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/typed/apiregistration/internalversion/apiregistration_client.go b/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/typed/apiregistration/internalversion/apiregistration_client.go
index 67d398f25044..b9669e0d51d9 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/typed/apiregistration/internalversion/apiregistration_client.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/typed/apiregistration/internalversion/apiregistration_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/typed/apiregistration/internalversion/apiservice.go b/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/typed/apiregistration/internalversion/apiservice.go
index 6ecb68572def..005af323341e 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/typed/apiregistration/internalversion/apiservice.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/typed/apiregistration/internalversion/apiservice.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/typed/apiregistration/internalversion/doc.go b/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/typed/apiregistration/internalversion/doc.go
index 8615019757db..b057e5201308 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/typed/apiregistration/internalversion/doc.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/typed/apiregistration/internalversion/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package internalversion
diff --git a/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/typed/apiregistration/internalversion/generated_expansion.go b/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/typed/apiregistration/internalversion/generated_expansion.go
index 22fbf1acb050..2cb003c24aad 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/typed/apiregistration/internalversion/generated_expansion.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/typed/apiregistration/internalversion/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 type APIServiceExpansion interface{}
diff --git a/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/apiregistration/interface.go b/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/apiregistration/interface.go
index 11e3b1bab66e..8138d65664fd 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/apiregistration/interface.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/apiregistration/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package apiregistration
 
diff --git a/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/apiregistration/internalversion/apiservice.go b/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/apiregistration/internalversion/apiservice.go
index 6987342a674e..67909b486728 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/apiregistration/internalversion/apiservice.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/apiregistration/internalversion/apiservice.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kube-aggregator/pkg/client/informers/internalversion/internalinterfaces"
 	internalversion "k8s.io/kube-aggregator/pkg/client/listers/apiregistration/internalversion"
-	time "time"
 )
 
 // APIServiceInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/apiregistration/internalversion/interface.go b/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/apiregistration/internalversion/interface.go
index 6d65d4902312..7f339979e896 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/apiregistration/internalversion/interface.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/apiregistration/internalversion/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/factory.go b/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/factory.go
index 6a524bfc76e7..a7937789fce2 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/factory.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/factory.go
@@ -14,11 +14,15 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	reflect "reflect"
+	sync "sync"
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	schema "k8s.io/apimachinery/pkg/runtime/schema"
@@ -26,9 +30,6 @@ import (
 	internalclientset "k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset"
 	apiregistration "k8s.io/kube-aggregator/pkg/client/informers/internalversion/apiregistration"
 	internalinterfaces "k8s.io/kube-aggregator/pkg/client/informers/internalversion/internalinterfaces"
-	reflect "reflect"
-	sync "sync"
-	time "time"
 )
 
 type sharedInformerFactory struct {
diff --git a/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/generic.go b/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/generic.go
index 4ef2786d3c9d..c8b6c67f96bd 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/generic.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/generic.go
@@ -14,12 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
 	"fmt"
+
 	schema "k8s.io/apimachinery/pkg/runtime/schema"
 	cache "k8s.io/client-go/tools/cache"
 	apiregistration "k8s.io/kube-aggregator/pkg/apis/apiregistration"
diff --git a/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/internalinterfaces/factory_interfaces.go b/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/internalinterfaces/factory_interfaces.go
index 244ae5c9df14..227b0f218ded 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/internalinterfaces/factory_interfaces.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/internalinterfaces/factory_interfaces.go
@@ -14,16 +14,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalinterfaces
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	cache "k8s.io/client-go/tools/cache"
 	internalclientset "k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset"
-	time "time"
 )
 
 type NewInformerFunc func(internalclientset.Interface, time.Duration) cache.SharedIndexInformer
diff --git a/vendor/k8s.io/kube-aggregator/pkg/client/listers/apiregistration/internalversion/apiservice.go b/vendor/k8s.io/kube-aggregator/pkg/client/listers/apiregistration/internalversion/apiservice.go
index c3baf3d8c0f6..0c91a915cc59 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/client/listers/apiregistration/internalversion/apiservice.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/client/listers/apiregistration/internalversion/apiservice.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kube-aggregator/pkg/client/listers/apiregistration/internalversion/expansion_generated.go b/vendor/k8s.io/kube-aggregator/pkg/client/listers/apiregistration/internalversion/expansion_generated.go
index 499f8ddc4b42..7a9d2bd3cf7a 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/client/listers/apiregistration/internalversion/expansion_generated.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/client/listers/apiregistration/internalversion/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kube-aggregator/pkg/controllers/autoregister/BUILD b/vendor/k8s.io/kube-aggregator/pkg/controllers/autoregister/BUILD
index 3d8a16741b24..0ebe44a36938 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/controllers/autoregister/BUILD
+++ b/vendor/k8s.io/kube-aggregator/pkg/controllers/autoregister/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["autoregister_controller_test.go"],
-    importpath = "k8s.io/kube-aggregator/pkg/controllers/autoregister",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/client-go/testing:go_default_library",
diff --git a/vendor/k8s.io/kube-aggregator/pkg/controllers/openapi/BUILD b/vendor/k8s.io/kube-aggregator/pkg/controllers/openapi/BUILD
index 48dda1504975..e075551b9330 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/controllers/openapi/BUILD
+++ b/vendor/k8s.io/kube-aggregator/pkg/controllers/openapi/BUILD
@@ -30,8 +30,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["aggregator_test.go"],
-    importpath = "k8s.io/kube-aggregator/pkg/controllers/openapi",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/go-openapi/spec:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
diff --git a/vendor/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator.go b/vendor/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator.go
index c32da4cdd796..4c1f75bd6d92 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/controllers/openapi/aggregator.go
@@ -23,7 +23,7 @@ import (
 	"sync"
 	"time"
 
-	"github.com/emicklei/go-restful"
+	restful "github.com/emicklei/go-restful"
 	"github.com/go-openapi/spec"
 
 	"k8s.io/apiserver/pkg/server"
@@ -51,7 +51,8 @@ type specAggregator struct {
 	openAPISpecs map[string]*openAPISpecInfo
 
 	// provided for dynamic OpenAPI spec
-	openAPIService *handler.OpenAPIService
+	openAPIService          *handler.OpenAPIService
+	openAPIVersionedService *handler.OpenAPIService
 }
 
 var _ AggregationManager = &specAggregator{}
@@ -109,11 +110,19 @@ func BuildAndRegisterAggregator(downloader *Downloader, delegationTarget server.
 	}
 
 	// Install handler
+	// NOTE: [DEPRECATION] We will announce deprecation for format-separated endpoints for OpenAPI spec,
+	// and switch to a single /openapi/v2 endpoint in Kubernetes 1.10. The design doc and deprecation process
+	// are tracked at: https://docs.google.com/document/d/19lEqE9lc4yHJ3WJAJxS_G7TcORIJXGHyq3wpwcH28nU.
 	s.openAPIService, err = handler.RegisterOpenAPIService(
 		specToServe, "/swagger.json", pathHandler)
 	if err != nil {
 		return nil, err
 	}
+	s.openAPIVersionedService, err = handler.RegisterOpenAPIVersionedService(
+		specToServe, "/openapi/v2", pathHandler)
+	if err != nil {
+		return nil, err
+	}
 
 	return s, nil
 }
@@ -207,14 +216,25 @@ func (s *specAggregator) buildOpenAPISpec() (specToReturn *spec.Swagger, err err
 
 // updateOpenAPISpec aggregates all OpenAPI specs.  It is not thread-safe. The caller is responsible to hold proper locks.
 func (s *specAggregator) updateOpenAPISpec() error {
-	if s.openAPIService == nil {
+	if s.openAPIService == nil || s.openAPIVersionedService == nil {
+		// openAPIVersionedService and deprecated openAPIService should be initialized together
+		if !(s.openAPIService == nil && s.openAPIVersionedService == nil) {
+			return fmt.Errorf("unexpected openapi service initialization error")
+		}
 		return nil
 	}
 	specToServe, err := s.buildOpenAPISpec()
 	if err != nil {
 		return err
 	}
-	return s.openAPIService.UpdateSpec(specToServe)
+	// openAPIService.UpdateSpec and openAPIVersionedService.UpdateSpec read the same swagger spec
+	// serially and update their local caches separately. Both endpoints will have same spec in
+	// their caches if the caller is holding proper locks.
+	err = s.openAPIService.UpdateSpec(specToServe)
+	if err != nil {
+		return err
+	}
+	return s.openAPIVersionedService.UpdateSpec(specToServe)
 }
 
 // tryUpdatingServiceSpecs tries updating openAPISpecs map with specified specInfo, and keeps the map intact
diff --git a/vendor/k8s.io/kube-aggregator/pkg/controllers/openapi/downloader.go b/vendor/k8s.io/kube-aggregator/pkg/controllers/openapi/downloader.go
index 0da4e7e99afa..4cd359edd050 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/controllers/openapi/downloader.go
+++ b/vendor/k8s.io/kube-aggregator/pkg/controllers/openapi/downloader.go
@@ -99,10 +99,11 @@ func (s *Downloader) Download(handler http.Handler, etag string) (returnSpec *sp
 	handler = request.WithRequestContext(handler, s.contextMapper)
 	handler = http.TimeoutHandler(handler, specDownloadTimeout, "request timed out")
 
-	req, err := http.NewRequest("GET", "/swagger.json", nil)
+	req, err := http.NewRequest("GET", "/openapi/v2", nil)
 	if err != nil {
 		return nil, "", 0, err
 	}
+	req.Header.Add("Accept", "application/json")
 
 	// Only pass eTag if it is not generated locally
 	if len(etag) > 0 && !strings.HasPrefix(etag, locallyGeneratedEtagPrefix) {
@@ -112,6 +113,23 @@ func (s *Downloader) Download(handler http.Handler, etag string) (returnSpec *sp
 	writer := newInMemoryResponseWriter()
 	handler.ServeHTTP(writer, req)
 
+	// single endpoint not found/registered in old server, try to fetch old endpoint
+	// TODO(roycaihw): remove this in 1.11
+	if writer.respCode == http.StatusForbidden || writer.respCode == http.StatusNotFound {
+		req, err = http.NewRequest("GET", "/swagger.json", nil)
+		if err != nil {
+			return nil, "", 0, err
+		}
+
+		// Only pass eTag if it is not generated locally
+		if len(etag) > 0 && !strings.HasPrefix(etag, locallyGeneratedEtagPrefix) {
+			req.Header.Add("If-None-Match", etag)
+		}
+
+		writer = newInMemoryResponseWriter()
+		handler.ServeHTTP(writer, req)
+	}
+
 	switch writer.respCode {
 	case http.StatusNotModified:
 		if len(etag) == 0 {
diff --git a/vendor/k8s.io/kube-aggregator/pkg/controllers/status/BUILD b/vendor/k8s.io/kube-aggregator/pkg/controllers/status/BUILD
index c34f9c180533..fd023c3e90a4 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/controllers/status/BUILD
+++ b/vendor/k8s.io/kube-aggregator/pkg/controllers/status/BUILD
@@ -35,8 +35,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["available_controller_test.go"],
-    importpath = "k8s.io/kube-aggregator/pkg/controllers/status",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kube-aggregator/pkg/registry/apiservice/BUILD b/vendor/k8s.io/kube-aggregator/pkg/registry/apiservice/BUILD
index ff17cc2e9b93..751de834adbd 100644
--- a/vendor/k8s.io/kube-aggregator/pkg/registry/apiservice/BUILD
+++ b/vendor/k8s.io/kube-aggregator/pkg/registry/apiservice/BUILD
@@ -35,6 +35,7 @@ filegroup(
     srcs = [
         ":package-srcs",
         "//staging/src/k8s.io/kube-aggregator/pkg/registry/apiservice/etcd:all-srcs",
+        "//staging/src/k8s.io/kube-aggregator/pkg/registry/apiservice/rest:all-srcs",
     ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/kube-aggregator/pkg/registry/apiservice/rest/BUILD b/vendor/k8s.io/kube-aggregator/pkg/registry/apiservice/rest/BUILD
new file mode 100644
index 000000000000..864bb0bbfbe3
--- /dev/null
+++ b/vendor/k8s.io/kube-aggregator/pkg/registry/apiservice/rest/BUILD
@@ -0,0 +1,34 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["storage_apiservice.go"],
+    importpath = "k8s.io/kube-aggregator/pkg/registry/apiservice/rest",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/registry/rest:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server/storage:go_default_library",
+        "//vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration:go_default_library",
+        "//vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1:go_default_library",
+        "//vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1:go_default_library",
+        "//vendor/k8s.io/kube-aggregator/pkg/apiserver/scheme:go_default_library",
+        "//vendor/k8s.io/kube-aggregator/pkg/registry/apiservice/etcd:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/kube-aggregator/pkg/registry/apiservice/rest/storage_apiservice.go b/vendor/k8s.io/kube-aggregator/pkg/registry/apiservice/rest/storage_apiservice.go
new file mode 100644
index 000000000000..ef0c875dd830
--- /dev/null
+++ b/vendor/k8s.io/kube-aggregator/pkg/registry/apiservice/rest/storage_apiservice.go
@@ -0,0 +1,56 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package rest
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apiserver/pkg/registry/generic"
+	"k8s.io/apiserver/pkg/registry/rest"
+	genericapiserver "k8s.io/apiserver/pkg/server"
+	serverstorage "k8s.io/apiserver/pkg/server/storage"
+
+	"k8s.io/kube-aggregator/pkg/apis/apiregistration"
+	"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1"
+	"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1"
+	aggregatorscheme "k8s.io/kube-aggregator/pkg/apiserver/scheme"
+	apiservicestorage "k8s.io/kube-aggregator/pkg/registry/apiservice/etcd"
+)
+
+// NewRESTStorage returns an APIGroupInfo object that will work against apiservice.
+func NewRESTStorage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) genericapiserver.APIGroupInfo {
+	apiGroupInfo := genericapiserver.NewDefaultAPIGroupInfo(apiregistration.GroupName, aggregatorscheme.Registry, aggregatorscheme.Scheme, metav1.ParameterCodec, aggregatorscheme.Codecs)
+
+	if apiResourceConfigSource.VersionEnabled(v1beta1.SchemeGroupVersion) {
+		apiGroupInfo.GroupMeta.GroupVersion = v1beta1.SchemeGroupVersion
+		storage := map[string]rest.Storage{}
+		apiServiceREST := apiservicestorage.NewREST(aggregatorscheme.Scheme, restOptionsGetter)
+		storage["apiservices"] = apiServiceREST
+		storage["apiservices/status"] = apiservicestorage.NewStatusREST(aggregatorscheme.Scheme, apiServiceREST)
+		apiGroupInfo.VersionedResourcesStorageMap["v1beta1"] = storage
+	}
+
+	if apiResourceConfigSource.VersionEnabled(v1.SchemeGroupVersion) {
+		apiGroupInfo.GroupMeta.GroupVersion = v1.SchemeGroupVersion
+		storage := map[string]rest.Storage{}
+		apiServiceREST := apiservicestorage.NewREST(aggregatorscheme.Scheme, restOptionsGetter)
+		storage["apiservices"] = apiServiceREST
+		storage["apiservices/status"] = apiservicestorage.NewStatusREST(aggregatorscheme.Scheme, apiServiceREST)
+		apiGroupInfo.VersionedResourcesStorageMap["v1"] = storage
+	}
+
+	return apiGroupInfo
+}
diff --git a/vendor/k8s.io/kube-openapi/pkg/aggregator/aggregator.go b/vendor/k8s.io/kube-openapi/pkg/aggregator/aggregator.go
index aceaa463560a..9fb16e6e9c41 100644
--- a/vendor/k8s.io/kube-openapi/pkg/aggregator/aggregator.go
+++ b/vendor/k8s.io/kube-openapi/pkg/aggregator/aggregator.go
@@ -58,8 +58,10 @@ func (s *referenceWalker) walkRef(ref spec.Ref) spec.Ref {
 	// We do not support external references yet.
 	if !s.alreadyVisited[refStr] && strings.HasPrefix(refStr, definitionPrefix) {
 		s.alreadyVisited[refStr] = true
-		def := s.root.Definitions[refStr[len(definitionPrefix):]]
+		k := refStr[len(definitionPrefix):]
+		def := s.root.Definitions[k]
 		s.walkSchema(&def)
+		s.root.Definitions[k] = def
 	}
 	return s.walkRefCallback(ref)
 }
@@ -69,23 +71,26 @@ func (s *referenceWalker) walkSchema(schema *spec.Schema) {
 		return
 	}
 	schema.Ref = s.walkRef(schema.Ref)
-	for _, v := range schema.Definitions {
+	for k, v := range schema.Definitions {
 		s.walkSchema(&v)
+		schema.Definitions[k] = v
 	}
-	for _, v := range schema.Properties {
+	for k, v := range schema.Properties {
 		s.walkSchema(&v)
+		schema.Properties[k] = v
 	}
-	for _, v := range schema.PatternProperties {
+	for k, v := range schema.PatternProperties {
 		s.walkSchema(&v)
+		schema.PatternProperties[k] = v
 	}
-	for _, v := range schema.AllOf {
-		s.walkSchema(&v)
+	for i, _ := range schema.AllOf {
+		s.walkSchema(&schema.AllOf[i])
 	}
-	for _, v := range schema.AnyOf {
-		s.walkSchema(&v)
+	for i, _ := range schema.AnyOf {
+		s.walkSchema(&schema.AnyOf[i])
 	}
-	for _, v := range schema.OneOf {
-		s.walkSchema(&v)
+	for i, _ := range schema.OneOf {
+		s.walkSchema(&schema.OneOf[i])
 	}
 	if schema.Not != nil {
 		s.walkSchema(schema.Not)
@@ -100,8 +105,8 @@ func (s *referenceWalker) walkSchema(schema *spec.Schema) {
 		if schema.Items.Schema != nil {
 			s.walkSchema(schema.Items.Schema)
 		}
-		for _, v := range schema.Items.Schemas {
-			s.walkSchema(&v)
+		for i, _ := range schema.Items.Schemas {
+			s.walkSchema(&schema.Items.Schemas[i])
 		}
 	}
 }
@@ -291,15 +296,29 @@ func mergeSpecs(dest, source *spec.Swagger, renameModelConflicts, ignorePathConf
 			from, to string
 		}
 		renames := []Rename{}
+
+	OUTERLOOP:
 		for k, v := range source.Definitions {
 			if usedNames[k] {
 				v2, found := dest.Definitions[k]
-				// Reuse model iff they are exactly the same.
+				// Reuse model if they are exactly the same.
 				if found && reflect.DeepEqual(v, v2) {
 					continue
 				}
-				i := 2
-				newName := fmt.Sprintf("%s_v%d", k, i)
+
+				// Reuse previously renamed model if one exists
+				var newName string
+				i := 1
+				for found {
+					i++
+					newName = fmt.Sprintf("%s_v%d", k, i)
+					v2, found = dest.Definitions[newName]
+					if found && reflect.DeepEqual(v, v2) {
+						renames = append(renames, Rename{from: k, to: newName})
+						continue OUTERLOOP
+					}
+				}
+
 				_, foundInSource := source.Definitions[newName]
 				for usedNames[newName] || foundInSource {
 					i++
diff --git a/vendor/k8s.io/kube-openapi/pkg/handler/handler.go b/vendor/k8s.io/kube-openapi/pkg/handler/handler.go
index 40f0fee3f1d7..5a16cfcab401 100644
--- a/vendor/k8s.io/kube-openapi/pkg/handler/handler.go
+++ b/vendor/k8s.io/kube-openapi/pkg/handler/handler.go
@@ -22,18 +22,21 @@ import (
 	"crypto/sha512"
 	"encoding/json"
 	"fmt"
-	"gopkg.in/yaml.v2"
 	"mime"
 	"net/http"
 	"strings"
 	"sync"
 	"time"
 
+	"bitbucket.org/ww/goautoneg"
+
+	yaml "gopkg.in/yaml.v2"
+
 	"github.com/NYTimes/gziphandler"
-	"github.com/emicklei/go-restful"
+	restful "github.com/emicklei/go-restful"
 	"github.com/go-openapi/spec"
 	"github.com/golang/protobuf/proto"
-	"github.com/googleapis/gnostic/OpenAPIv2"
+	openapi_v2 "github.com/googleapis/gnostic/OpenAPIv2"
 	"github.com/googleapis/gnostic/compiler"
 
 	"k8s.io/kube-openapi/pkg/builder"
@@ -77,6 +80,10 @@ func computeETag(data []byte) string {
 	return fmt.Sprintf("\"%X\"", sha512.Sum512(data))
 }
 
+// NOTE: [DEPRECATION] We will announce deprecation for format-separated endpoints for OpenAPI spec,
+// and switch to a single /openapi/v2 endpoint in Kubernetes 1.10. The design doc and deprecation process
+// are tracked at: https://docs.google.com/document/d/19lEqE9lc4yHJ3WJAJxS_G7TcORIJXGHyq3wpwcH28nU.
+//
 // BuildAndRegisterOpenAPIService builds the spec and registers a handler to provides access to it.
 // Use this method if your OpenAPI spec is static. If you want to update the spec, use BuildOpenAPISpec then RegisterOpenAPIService.
 func BuildAndRegisterOpenAPIService(servePath string, webServices []*restful.WebService, config *common.Config, handler common.PathHandler) (*OpenAPIService, error) {
@@ -87,6 +94,10 @@ func BuildAndRegisterOpenAPIService(servePath string, webServices []*restful.Web
 	return RegisterOpenAPIService(spec, servePath, handler)
 }
 
+// NOTE: [DEPRECATION] We will announce deprecation for format-separated endpoints for OpenAPI spec,
+// and switch to a single /openapi/v2 endpoint in Kubernetes 1.10. The design doc and deprecation process
+// are tracked at: https://docs.google.com/document/d/19lEqE9lc4yHJ3WJAJxS_G7TcORIJXGHyq3wpwcH28nU.
+//
 // RegisterOpenAPIService registers a handler to provides access to provided swagger spec.
 // Note: servePath should end with ".json" as the RegisterOpenAPIService assume it is serving a
 // json file and will also serve .pb and .gz files.
@@ -202,3 +213,63 @@ func toGzip(data []byte) []byte {
 	zw.Close()
 	return buf.Bytes()
 }
+
+// RegisterOpenAPIVersionedService registers a handler to provides access to provided swagger spec.
+func RegisterOpenAPIVersionedService(openapiSpec *spec.Swagger, servePath string, handler common.PathHandler) (*OpenAPIService, error) {
+	o := OpenAPIService{}
+	if err := o.UpdateSpec(openapiSpec); err != nil {
+		return nil, err
+	}
+
+	accepted := []struct {
+		Type           string
+		SubType        string
+		GetDataAndETag func() ([]byte, string, time.Time)
+	}{
+		{"application", "json", o.getSwaggerBytes},
+		{"application", "com.github.proto-openapi.spec.v2@v1.0+protobuf", o.getSwaggerPbBytes},
+	}
+
+	handler.Handle(servePath, gziphandler.GzipHandler(http.HandlerFunc(
+		func(w http.ResponseWriter, r *http.Request) {
+			decipherableFormats := r.Header.Get("Accept")
+			if decipherableFormats == "" {
+				decipherableFormats = "*/*"
+			}
+			clauses := goautoneg.ParseAccept(decipherableFormats)
+			w.Header().Add("Vary", "Accept")
+			for _, clause := range clauses {
+				for _, accepts := range accepted {
+					if clause.Type != accepts.Type && clause.Type != "*" {
+						continue
+					}
+					if clause.SubType != accepts.SubType && clause.SubType != "*" {
+						continue
+					}
+
+					// serve the first matching media type in the sorted clause list
+					data, etag, lastModified := accepts.GetDataAndETag()
+					w.Header().Set("Etag", etag)
+					// ServeContent will take care of caching using eTag.
+					http.ServeContent(w, r, servePath, lastModified, bytes.NewReader(data))
+					return
+				}
+			}
+			// Return 406 for not acceptable format
+			w.WriteHeader(406)
+			return
+		}),
+	))
+
+	return &o, nil
+}
+
+// BuildAndRegisterOpenAPIVersionedService builds the spec and registers a handler to provides access to it.
+// Use this method if your OpenAPI spec is static. If you want to update the spec, use BuildOpenAPISpec then RegisterOpenAPIVersionedService.
+func BuildAndRegisterOpenAPIVersionedService(servePath string, webServices []*restful.WebService, config *common.Config, handler common.PathHandler) (*OpenAPIService, error) {
+	spec, err := builder.BuildOpenAPISpec(webServices, config)
+	if err != nil {
+		return nil, err
+	}
+	return RegisterOpenAPIVersionedService(spec, servePath, handler)
+}
diff --git a/vendor/k8s.io/kube-openapi/pkg/util/proto/document.go b/vendor/k8s.io/kube-openapi/pkg/util/proto/document.go
index 5f607c767018..61dbf4fc0e46 100644
--- a/vendor/k8s.io/kube-openapi/pkg/util/proto/document.go
+++ b/vendor/k8s.io/kube-openapi/pkg/util/proto/document.go
@@ -210,11 +210,18 @@ func (d *Definitions) parseKind(s *openapi_v2.Schema, path *Path) (Schema, error
 	}, nil
 }
 
+func (d *Definitions) parseArbitrary(s *openapi_v2.Schema, path *Path) (Schema, error) {
+	return &Arbitrary{
+		BaseSchema: d.parseBaseSchema(s, path),
+	}, nil
+}
+
 // ParseSchema creates a walkable Schema from an openapi schema. While
 // this function is public, it doesn't leak through the interface.
 func (d *Definitions) ParseSchema(s *openapi_v2.Schema, path *Path) (Schema, error) {
-	if len(s.GetType().GetValue()) == 1 {
-		t := s.GetType().GetValue()[0]
+	objectTypes := s.GetType().GetValue()
+	if len(objectTypes) == 1 {
+		t := objectTypes[0]
 		switch t {
 		case object:
 			return d.parseMap(s, path)
@@ -229,6 +236,9 @@ func (d *Definitions) ParseSchema(s *openapi_v2.Schema, path *Path) (Schema, err
 	if s.GetProperties() != nil {
 		return d.parseKind(s, path)
 	}
+	if len(objectTypes) == 0 || (len(objectTypes) == 1 && objectTypes[0] == "") {
+		return d.parseArbitrary(s, path)
+	}
 	return d.parsePrimitive(s, path)
 }
 
diff --git a/vendor/k8s.io/kube-openapi/pkg/util/proto/openapi.go b/vendor/k8s.io/kube-openapi/pkg/util/proto/openapi.go
index 02ab06d6d535..b48e62c3bf9e 100644
--- a/vendor/k8s.io/kube-openapi/pkg/util/proto/openapi.go
+++ b/vendor/k8s.io/kube-openapi/pkg/util/proto/openapi.go
@@ -58,6 +58,14 @@ type SchemaVisitor interface {
 	VisitReference(Reference)
 }
 
+// SchemaVisitorArbitrary is an additional visitor interface which handles
+// arbitrary types. For backwards compatability, it's a separate interface
+// which is checked for at runtime.
+type SchemaVisitorArbitrary interface {
+	SchemaVisitor
+	VisitArbitrary(*Arbitrary)
+}
+
 // Schema is the base definition of an openapi type.
 type Schema interface {
 	// Giving a visitor here will let you visit the actual type.
@@ -242,6 +250,23 @@ func (p *Primitive) GetName() string {
 	return fmt.Sprintf("%s (%s)", p.Type, p.Format)
 }
 
+// Arbitrary is a value of any type (primitive, object or array)
+type Arbitrary struct {
+	BaseSchema
+}
+
+var _ Schema = &Arbitrary{}
+
+func (a *Arbitrary) Accept(v SchemaVisitor) {
+	if visitor, ok := v.(SchemaVisitorArbitrary); ok {
+		visitor.VisitArbitrary(a)
+	}
+}
+
+func (a *Arbitrary) GetName() string {
+	return "Arbitrary value (primitive, object or array)"
+}
+
 // Reference implementation depends on the type of document.
 type Reference interface {
 	Schema
diff --git a/vendor/k8s.io/kube-openapi/pkg/util/proto/validation/types.go b/vendor/k8s.io/kube-openapi/pkg/util/proto/validation/types.go
index 0be7a5302f11..bbbdd4f61c96 100644
--- a/vendor/k8s.io/kube-openapi/pkg/util/proto/validation/types.go
+++ b/vendor/k8s.io/kube-openapi/pkg/util/proto/validation/types.go
@@ -127,6 +127,9 @@ func (item *mapItem) VisitKind(schema *proto.Kind) {
 	}
 }
 
+func (item *mapItem) VisitArbitrary(schema *proto.Arbitrary) {
+}
+
 func (item *mapItem) VisitReference(schema proto.Reference) {
 	// passthrough
 	schema.SubSchema().Accept(item)
@@ -163,11 +166,14 @@ func (item *arrayItem) VisitArray(schema *proto.Array) {
 }
 
 func (item *arrayItem) VisitMap(schema *proto.Map) {
-	item.AddValidationError(InvalidTypeError{Path: schema.GetPath().String(), Expected: "array", Actual: "map"})
+	item.AddValidationError(InvalidTypeError{Path: schema.GetPath().String(), Expected: "map", Actual: "array"})
 }
 
 func (item *arrayItem) VisitKind(schema *proto.Kind) {
-	item.AddValidationError(InvalidTypeError{Path: schema.GetPath().String(), Expected: "array", Actual: "map"})
+	item.AddValidationError(InvalidTypeError{Path: schema.GetPath().String(), Expected: "map", Actual: "array"})
+}
+
+func (item *arrayItem) VisitArbitrary(schema *proto.Arbitrary) {
 }
 
 func (item *arrayItem) VisitReference(schema proto.Reference) {
@@ -226,6 +232,9 @@ func (item *primitiveItem) VisitKind(schema *proto.Kind) {
 	item.AddValidationError(InvalidTypeError{Path: schema.GetPath().String(), Expected: "map", Actual: item.Kind})
 }
 
+func (item *primitiveItem) VisitArbitrary(schema *proto.Arbitrary) {
+}
+
 func (item *primitiveItem) VisitReference(schema proto.Reference) {
 	// passthrough
 	schema.SubSchema().Accept(item)
diff --git a/vendor/k8s.io/kubernetes/cmd/controller-manager/app/BUILD b/vendor/k8s.io/kubernetes/cmd/controller-manager/app/BUILD
new file mode 100644
index 000000000000..d36a9526ec57
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/cmd/controller-manager/app/BUILD
@@ -0,0 +1,48 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "config.go",
+        "helper.go",
+        "insecure_serving.go",
+        "serve.go",
+    ],
+    importpath = "k8s.io/kubernetes/cmd/controller-manager/app",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//pkg/api/legacyscheme:go_default_library",
+        "//pkg/apis/componentconfig:go_default_library",
+        "//pkg/util/configz:go_default_library",
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/github.com/prometheus/client_golang/prometheus:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/endpoints/filters:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server/filters:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server/healthz:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server/mux:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server/routes:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes:go_default_library",
+        "//vendor/k8s.io/client-go/rest:go_default_library",
+        "//vendor/k8s.io/client-go/tools/record:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [
+        ":package-srcs",
+        "//cmd/controller-manager/app/options:all-srcs",
+    ],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/kubernetes/cmd/controller-manager/app/config.go b/vendor/k8s.io/kubernetes/cmd/controller-manager/app/config.go
new file mode 100644
index 000000000000..d67841562e38
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/cmd/controller-manager/app/config.go
@@ -0,0 +1,65 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package app
+
+import (
+	apiserver "k8s.io/apiserver/pkg/server"
+	clientset "k8s.io/client-go/kubernetes"
+	restclient "k8s.io/client-go/rest"
+	"k8s.io/client-go/tools/record"
+	"k8s.io/kubernetes/pkg/apis/componentconfig"
+)
+
+// Config is the main context object for the controller manager.
+type Config struct {
+	// TODO: split up the component config. This is not generic.
+	ComponentConfig componentconfig.KubeControllerManagerConfiguration
+
+	SecureServing *apiserver.SecureServingInfo
+	// TODO: remove deprecated insecure serving
+	InsecureServing *InsecureServingInfo
+	Authentication  apiserver.AuthenticationInfo
+	Authorization   apiserver.AuthorizationInfo
+
+	// the general kube client
+	Client *clientset.Clientset
+
+	// the client only used for leader election
+	LeaderElectionClient *clientset.Clientset
+
+	// the rest config for the master
+	Kubeconfig *restclient.Config
+
+	// the event sink
+	EventRecorder record.EventRecorder
+}
+
+type completedConfig struct {
+	*Config
+}
+
+// CompletedConfig same as Config, just to swap private object.
+type CompletedConfig struct {
+	// Embed a private pointer that cannot be instantiated outside of this package.
+	*completedConfig
+}
+
+// Complete fills in any fields not set that are required to have valid data. It's mutating the receiver.
+func (c *Config) Complete() CompletedConfig {
+	cc := completedConfig{c}
+	return CompletedConfig{&cc}
+}
diff --git a/vendor/k8s.io/kubernetes/cmd/controller-manager/app/helper.go b/vendor/k8s.io/kubernetes/cmd/controller-manager/app/helper.go
new file mode 100644
index 000000000000..38ec45417d49
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/cmd/controller-manager/app/helper.go
@@ -0,0 +1,55 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package app
+
+import (
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/golang/glog"
+	"k8s.io/apimachinery/pkg/util/wait"
+	clientset "k8s.io/client-go/kubernetes"
+)
+
+// WaitForAPIServer waits for the API Server's /healthz endpoint to report "ok" with timeout.
+func WaitForAPIServer(client clientset.Interface, timeout time.Duration) error {
+	var lastErr error
+
+	err := wait.PollImmediate(time.Second, timeout, func() (bool, error) {
+		healthStatus := 0
+		result := client.Discovery().RESTClient().Get().AbsPath("/healthz").Do().StatusCode(&healthStatus)
+		if result.Error() != nil {
+			lastErr = fmt.Errorf("failed to get apiserver /healthz status: %v", result.Error())
+			return false, nil
+		}
+		if healthStatus != http.StatusOK {
+			content, _ := result.Raw()
+			lastErr = fmt.Errorf("APIServer isn't healthy: %v", string(content))
+			glog.Warningf("APIServer isn't healthy yet: %v. Waiting a little while.", string(content))
+			return false, nil
+		}
+
+		return true, nil
+	})
+
+	if err != nil {
+		return fmt.Errorf("%v: %v", err, lastErr)
+	}
+
+	return nil
+}
diff --git a/vendor/k8s.io/kubernetes/cmd/controller-manager/app/insecure_serving.go b/vendor/k8s.io/kubernetes/cmd/controller-manager/app/insecure_serving.go
new file mode 100644
index 000000000000..d374a92e448e
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/cmd/controller-manager/app/insecure_serving.go
@@ -0,0 +1,46 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package app
+
+import (
+	"net"
+	"net/http"
+	"time"
+
+	"github.com/golang/glog"
+
+	"k8s.io/apiserver/pkg/server"
+)
+
+// InsecureServingInfo is the main context object for the insecure http server.
+type InsecureServingInfo struct {
+	// Listener is the secure server network listener.
+	Listener net.Listener
+}
+
+// Serve starts an insecure http server with the given handler. It fails only if
+// the initial listen call fails. It does not block.
+func (s *InsecureServingInfo) Serve(handler http.Handler, shutdownTimeout time.Duration, stopCh <-chan struct{}) error {
+	insecureServer := &http.Server{
+		Addr:           s.Listener.Addr().String(),
+		Handler:        handler,
+		MaxHeaderBytes: 1 << 20,
+	}
+
+	glog.Infof("Serving insecurely on %s", s.Listener.Addr())
+	return server.RunServer(insecureServer, s.Listener, shutdownTimeout, stopCh)
+}
diff --git a/vendor/k8s.io/kubernetes/cmd/controller-manager/app/options/BUILD b/vendor/k8s.io/kubernetes/cmd/controller-manager/app/options/BUILD
new file mode 100644
index 000000000000..b449fb9c297d
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/cmd/controller-manager/app/options/BUILD
@@ -0,0 +1,42 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "insecure_serving.go",
+        "options.go",
+    ],
+    importpath = "k8s.io/kubernetes/cmd/controller-manager/app/options",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//cmd/controller-manager/app:go_default_library",
+        "//pkg/api/legacyscheme:go_default_library",
+        "//pkg/apis/componentconfig:go_default_library",
+        "//pkg/client/leaderelectionconfig:go_default_library",
+        "//vendor/github.com/cloudflare/cfssl/helpers:go_default_library",
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/github.com/spf13/pflag:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server/options:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes/typed/core/v1:go_default_library",
+        "//vendor/k8s.io/client-go/rest:go_default_library",
+        "//vendor/k8s.io/client-go/tools/clientcmd:go_default_library",
+        "//vendor/k8s.io/client-go/tools/record:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/kubernetes/cmd/controller-manager/app/options/insecure_serving.go b/vendor/k8s.io/kubernetes/cmd/controller-manager/app/options/insecure_serving.go
new file mode 100644
index 000000000000..d93c182c9517
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/cmd/controller-manager/app/options/insecure_serving.go
@@ -0,0 +1,112 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package options
+
+import (
+	"fmt"
+	"net"
+
+	"github.com/spf13/pflag"
+	"k8s.io/apiserver/pkg/server/options"
+	genericcontrollermanager "k8s.io/kubernetes/cmd/controller-manager/app"
+	"k8s.io/kubernetes/pkg/apis/componentconfig"
+)
+
+// InsecureServingOptions are for creating an unauthenticated, unauthorized, insecure port.
+// No one should be using these anymore.
+type InsecureServingOptions struct {
+	BindAddress net.IP
+	BindPort    int
+	// BindNetwork is the type of network to bind to - defaults to "tcp", accepts "tcp",
+	// "tcp4", and "tcp6".
+	BindNetwork string
+
+	// Listener is the secure server network listener.
+	// either Listener or BindAddress/BindPort/BindNetwork is set,
+	// if Listener is set, use it and omit BindAddress/BindPort/BindNetwork.
+	Listener net.Listener
+}
+
+// Validate ensures that the insecure port values within the range of the port.
+func (s *InsecureServingOptions) Validate() []error {
+	errors := []error{}
+
+	if s == nil {
+		return nil
+	}
+
+	if s.BindPort < 0 || s.BindPort > 32767 {
+		errors = append(errors, fmt.Errorf("--insecure-port %v must be between 0 and 32767, inclusive. 0 for turning off insecure (HTTP) port", s.BindPort))
+	}
+
+	return errors
+}
+
+// AddFlags adds flags related to insecure serving for controller manager to the specified FlagSet.
+func (s *InsecureServingOptions) AddFlags(fs *pflag.FlagSet) {
+	if s == nil {
+		return
+	}
+}
+
+// AddDeprecatedFlags adds deprecated flags related to insecure serving for controller manager to the specified FlagSet.
+// TODO: remove it until kops stop using `--address`
+func (s *InsecureServingOptions) AddDeprecatedFlags(fs *pflag.FlagSet) {
+	if s == nil {
+		return
+	}
+
+	fs.IPVar(&s.BindAddress, "address", s.BindAddress,
+		"DEPRECATED: the IP address on which to listen for the --port port. See --bind-address instead.")
+	// MarkDeprecated hides the flag from the help. We don't want that:
+	// fs.MarkDeprecated("address", "see --bind-address instead.")
+
+	fs.IntVar(&s.BindPort, "port", s.BindPort, "DEPRECATED: the port on which to serve HTTP insecurely without authentication and authorization. If 0, don't serve HTTPS at all. See --secure-port instead.")
+	// MarkDeprecated hides the flag from the help. We don't want that:
+	// fs.MarkDeprecated("port", "see --secure-port instead.")
+}
+
+// ApplyTo adds InsecureServingOptions to the insecureserverinfo amd kube-controller manager configuration.
+// Note: the double pointer allows to set the *InsecureServingInfo to nil without referencing the struct hosting this pointer.
+func (s *InsecureServingOptions) ApplyTo(c **genericcontrollermanager.InsecureServingInfo, cfg *componentconfig.KubeControllerManagerConfiguration) error {
+	if s == nil {
+		return nil
+	}
+	if s.BindPort <= 0 {
+		return nil
+	}
+
+	if s.Listener == nil {
+		var err error
+		addr := net.JoinHostPort(s.BindAddress.String(), fmt.Sprintf("%d", s.BindPort))
+		s.Listener, s.BindPort, err = options.CreateListener(s.BindNetwork, addr)
+		if err != nil {
+			return fmt.Errorf("failed to create listener: %v", err)
+		}
+	}
+
+	*c = &genericcontrollermanager.InsecureServingInfo{
+		Listener: s.Listener,
+	}
+
+	// sync back to component config
+	// TODO: find more elegant way than synching back the values.
+	cfg.Port = int32(s.BindPort)
+	cfg.Address = s.BindAddress.String()
+
+	return nil
+}
diff --git a/vendor/k8s.io/kubernetes/cmd/controller-manager/app/options/options.go b/vendor/k8s.io/kubernetes/cmd/controller-manager/app/options/options.go
new file mode 100644
index 000000000000..8f468f4d1ccd
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/cmd/controller-manager/app/options/options.go
@@ -0,0 +1,242 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package options
+
+import (
+	"net"
+	"time"
+
+	"github.com/cloudflare/cfssl/helpers"
+	"github.com/golang/glog"
+
+	"github.com/spf13/pflag"
+	"k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	apiserveroptions "k8s.io/apiserver/pkg/server/options"
+	"k8s.io/client-go/kubernetes"
+	clientset "k8s.io/client-go/kubernetes"
+	v1core "k8s.io/client-go/kubernetes/typed/core/v1"
+	restclient "k8s.io/client-go/rest"
+	"k8s.io/client-go/tools/clientcmd"
+	"k8s.io/client-go/tools/record"
+	genericcontrollermanager "k8s.io/kubernetes/cmd/controller-manager/app"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	"k8s.io/kubernetes/pkg/apis/componentconfig"
+	"k8s.io/kubernetes/pkg/client/leaderelectionconfig"
+)
+
+// GenericControllerManagerOptions is the common structure for a controller manager. It works with NewGenericControllerManagerOptions
+// and AddDefaultControllerFlags to create the common components of kube-controller-manager and cloud-controller-manager.
+type GenericControllerManagerOptions struct {
+	// TODO: turn ComponentConfig into modular option structs. This is not generic.
+	ComponentConfig componentconfig.KubeControllerManagerConfiguration
+
+	SecureServing *apiserveroptions.SecureServingOptions
+	// TODO: remove insecure serving mode
+	InsecureServing *InsecureServingOptions
+	Authentication  *apiserveroptions.DelegatingAuthenticationOptions
+	Authorization   *apiserveroptions.DelegatingAuthorizationOptions
+
+	Master     string
+	Kubeconfig string
+}
+
+const (
+	// These defaults are deprecated and exported so that we can warn if
+	// they are being used.
+
+	// DefaultClusterSigningCertFile is deprecated. Do not use.
+	DefaultClusterSigningCertFile = "/etc/kubernetes/ca/ca.pem"
+	// DefaultClusterSigningKeyFile is deprecated. Do not use.
+	DefaultClusterSigningKeyFile = "/etc/kubernetes/ca/ca.key"
+)
+
+// NewGenericControllerManagerOptions returns common/default configuration values for both
+// the kube-controller-manager and the cloud-contoller-manager. Any common changes should
+// be made here. Any individual changes should be made in that controller.
+func NewGenericControllerManagerOptions(componentConfig componentconfig.KubeControllerManagerConfiguration) GenericControllerManagerOptions {
+	o := GenericControllerManagerOptions{
+		ComponentConfig: componentConfig,
+		SecureServing:   apiserveroptions.NewSecureServingOptions(),
+		InsecureServing: &InsecureServingOptions{
+			BindAddress: net.ParseIP(componentConfig.Address),
+			BindPort:    int(componentConfig.Port),
+			BindNetwork: "tcp",
+		},
+		Authentication: nil, // TODO: enable with apiserveroptions.NewDelegatingAuthenticationOptions()
+		Authorization:  nil, // TODO: enable with apiserveroptions.NewDelegatingAuthorizationOptions()
+	}
+
+	// disable secure serving for now
+	// TODO: enable HTTPS by default
+	o.SecureServing.BindPort = 0
+
+	return o
+}
+
+// NewDefaultControllerManagerComponentConfig returns default kube-controller manager configuration object.
+func NewDefaultControllerManagerComponentConfig(insecurePort int32) componentconfig.KubeControllerManagerConfiguration {
+	return componentconfig.KubeControllerManagerConfiguration{
+		Controllers:                                     []string{"*"},
+		Port:                                            insecurePort,
+		Address:                                         "0.0.0.0",
+		ConcurrentEndpointSyncs:                         5,
+		ConcurrentServiceSyncs:                          1,
+		ConcurrentRCSyncs:                               5,
+		ConcurrentRSSyncs:                               5,
+		ConcurrentDaemonSetSyncs:                        2,
+		ConcurrentJobSyncs:                              5,
+		ConcurrentResourceQuotaSyncs:                    5,
+		ConcurrentDeploymentSyncs:                       5,
+		ConcurrentNamespaceSyncs:                        10,
+		ConcurrentSATokenSyncs:                          5,
+		RouteReconciliationPeriod:                       metav1.Duration{Duration: 10 * time.Second},
+		ResourceQuotaSyncPeriod:                         metav1.Duration{Duration: 5 * time.Minute},
+		NamespaceSyncPeriod:                             metav1.Duration{Duration: 5 * time.Minute},
+		PVClaimBinderSyncPeriod:                         metav1.Duration{Duration: 15 * time.Second},
+		HorizontalPodAutoscalerSyncPeriod:               metav1.Duration{Duration: 30 * time.Second},
+		HorizontalPodAutoscalerUpscaleForbiddenWindow:   metav1.Duration{Duration: 3 * time.Minute},
+		HorizontalPodAutoscalerDownscaleForbiddenWindow: metav1.Duration{Duration: 5 * time.Minute},
+		HorizontalPodAutoscalerTolerance:                0.1,
+		DeploymentControllerSyncPeriod:                  metav1.Duration{Duration: 30 * time.Second},
+		MinResyncPeriod:                                 metav1.Duration{Duration: 12 * time.Hour},
+		RegisterRetryCount:                              10,
+		PodEvictionTimeout:                              metav1.Duration{Duration: 5 * time.Minute},
+		NodeMonitorGracePeriod:                          metav1.Duration{Duration: 40 * time.Second},
+		NodeStartupGracePeriod:                          metav1.Duration{Duration: 60 * time.Second},
+		NodeMonitorPeriod:                               metav1.Duration{Duration: 5 * time.Second},
+		ClusterName:                                     "kubernetes",
+		NodeCIDRMaskSize:                                24,
+		ConfigureCloudRoutes:                            true,
+		TerminatedPodGCThreshold:                        12500,
+		VolumeConfiguration: componentconfig.VolumeConfiguration{
+			EnableHostPathProvisioning: false,
+			EnableDynamicProvisioning:  true,
+			PersistentVolumeRecyclerConfiguration: componentconfig.PersistentVolumeRecyclerConfiguration{
+				MaximumRetry:             3,
+				MinimumTimeoutNFS:        300,
+				IncrementTimeoutNFS:      30,
+				MinimumTimeoutHostPath:   60,
+				IncrementTimeoutHostPath: 30,
+			},
+			FlexVolumePluginDir: "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/",
+		},
+		ContentType:                           "application/vnd.kubernetes.protobuf",
+		KubeAPIQPS:                            20.0,
+		KubeAPIBurst:                          30,
+		LeaderElection:                        leaderelectionconfig.DefaultLeaderElectionConfiguration(),
+		ControllerStartInterval:               metav1.Duration{Duration: 0 * time.Second},
+		EnableGarbageCollector:                true,
+		ConcurrentGCSyncs:                     20,
+		ClusterSigningCertFile:                DefaultClusterSigningCertFile,
+		ClusterSigningKeyFile:                 DefaultClusterSigningKeyFile,
+		ClusterSigningDuration:                metav1.Duration{Duration: helpers.OneYear},
+		ReconcilerSyncLoopPeriod:              metav1.Duration{Duration: 60 * time.Second},
+		EnableTaintManager:                    true,
+		HorizontalPodAutoscalerUseRESTClients: true,
+	}
+}
+
+// AddFlags adds common/default flags for both the kube and cloud Controller Manager Server to the
+// specified FlagSet. Any common changes should be made here. Any individual changes should be made in that controller.
+func (o *GenericControllerManagerOptions) AddFlags(fs *pflag.FlagSet) {
+	fs.BoolVar(&o.ComponentConfig.UseServiceAccountCredentials, "use-service-account-credentials", o.ComponentConfig.UseServiceAccountCredentials, "If true, use individual service account credentials for each controller.")
+	fs.StringVar(&o.ComponentConfig.CloudConfigFile, "cloud-config", o.ComponentConfig.CloudConfigFile, "The path to the cloud provider configuration file. Empty string for no configuration file.")
+	fs.BoolVar(&o.ComponentConfig.AllowUntaggedCloud, "allow-untagged-cloud", false, "Allow the cluster to run without the cluster-id on cloud instances. This is a legacy mode of operation and a cluster-id will be required in the future.")
+	fs.MarkDeprecated("allow-untagged-cloud", "This flag is deprecated and will be removed in a future release. A cluster-id will be required on cloud instances.")
+	fs.DurationVar(&o.ComponentConfig.RouteReconciliationPeriod.Duration, "route-reconciliation-period", o.ComponentConfig.RouteReconciliationPeriod.Duration, "The period for reconciling routes created for Nodes by cloud provider.")
+	fs.DurationVar(&o.ComponentConfig.MinResyncPeriod.Duration, "min-resync-period", o.ComponentConfig.MinResyncPeriod.Duration, "The resync period in reflectors will be random between MinResyncPeriod and 2*MinResyncPeriod.")
+	fs.DurationVar(&o.ComponentConfig.NodeMonitorPeriod.Duration, "node-monitor-period", o.ComponentConfig.NodeMonitorPeriod.Duration,
+		"The period for syncing NodeStatus in NodeController.")
+	fs.BoolVar(&o.ComponentConfig.EnableProfiling, "profiling", true, "Enable profiling via web interface host:port/debug/pprof/")
+	fs.BoolVar(&o.ComponentConfig.EnableContentionProfiling, "contention-profiling", false, "Enable lock contention profiling, if profiling is enabled.")
+	fs.StringVar(&o.ComponentConfig.ClusterName, "cluster-name", o.ComponentConfig.ClusterName, "The instance prefix for the cluster.")
+	fs.StringVar(&o.ComponentConfig.ClusterCIDR, "cluster-cidr", o.ComponentConfig.ClusterCIDR, "CIDR Range for Pods in cluster. Requires --allocate-node-cidrs to be true")
+	fs.BoolVar(&o.ComponentConfig.AllocateNodeCIDRs, "allocate-node-cidrs", false, "Should CIDRs for Pods be allocated and set on the cloud provider.")
+	fs.StringVar(&o.ComponentConfig.CIDRAllocatorType, "cidr-allocator-type", "RangeAllocator", "Type of CIDR allocator to use")
+	fs.BoolVar(&o.ComponentConfig.ConfigureCloudRoutes, "configure-cloud-routes", true, "Should CIDRs allocated by allocate-node-cidrs be configured on the cloud provider.")
+	fs.StringVar(&o.Master, "master", o.Master, "The address of the Kubernetes API server (overrides any value in kubeconfig).")
+	fs.StringVar(&o.Kubeconfig, "kubeconfig", o.Kubeconfig, "Path to kubeconfig file with authorization and master location information.")
+	fs.StringVar(&o.ComponentConfig.ContentType, "kube-api-content-type", o.ComponentConfig.ContentType, "Content type of requests sent to apiserver.")
+	fs.Float32Var(&o.ComponentConfig.KubeAPIQPS, "kube-api-qps", o.ComponentConfig.KubeAPIQPS, "QPS to use while talking with kubernetes apiserver.")
+	fs.Int32Var(&o.ComponentConfig.KubeAPIBurst, "kube-api-burst", o.ComponentConfig.KubeAPIBurst, "Burst to use while talking with kubernetes apiserver.")
+	fs.DurationVar(&o.ComponentConfig.ControllerStartInterval.Duration, "controller-start-interval", o.ComponentConfig.ControllerStartInterval.Duration, "Interval between starting controller managers.")
+
+	o.SecureServing.AddFlags(fs)
+	o.InsecureServing.AddFlags(fs)
+	o.InsecureServing.AddDeprecatedFlags(fs)
+	o.Authentication.AddFlags(fs)
+	o.Authorization.AddFlags(fs)
+}
+
+// ApplyTo fills up controller manager config with options and userAgent
+func (o *GenericControllerManagerOptions) ApplyTo(c *genericcontrollermanager.Config, userAgent string) error {
+	c.ComponentConfig = o.ComponentConfig
+
+	if err := o.SecureServing.ApplyTo(&c.SecureServing); err != nil {
+		return err
+	}
+	if err := o.InsecureServing.ApplyTo(&c.InsecureServing, &c.ComponentConfig); err != nil {
+		return err
+	}
+	if err := o.Authentication.ApplyTo(&c.Authentication, c.SecureServing, nil); err != nil {
+		return err
+	}
+	if err := o.Authorization.ApplyTo(&c.Authorization); err != nil {
+		return err
+	}
+
+	var err error
+	c.Kubeconfig, err = clientcmd.BuildConfigFromFlags(o.Master, o.Kubeconfig)
+	if err != nil {
+		return err
+	}
+	c.Kubeconfig.ContentConfig.ContentType = o.ComponentConfig.ContentType
+	c.Kubeconfig.QPS = o.ComponentConfig.KubeAPIQPS
+	c.Kubeconfig.Burst = int(o.ComponentConfig.KubeAPIBurst)
+
+	c.Client, err = clientset.NewForConfig(restclient.AddUserAgent(c.Kubeconfig, userAgent))
+	if err != nil {
+		return err
+	}
+
+	c.LeaderElectionClient = clientset.NewForConfigOrDie(restclient.AddUserAgent(c.Kubeconfig, "leader-election"))
+
+	c.EventRecorder = createRecorder(c.Client, userAgent)
+
+	return nil
+}
+
+// Validate checks GenericControllerManagerOptions and return a slice of found errors.
+func (o *GenericControllerManagerOptions) Validate() []error {
+	errors := []error{}
+	errors = append(errors, o.SecureServing.Validate()...)
+	errors = append(errors, o.InsecureServing.Validate()...)
+	errors = append(errors, o.Authentication.Validate()...)
+	errors = append(errors, o.Authorization.Validate()...)
+
+	// TODO: validate component config, master and kubeconfig
+
+	return errors
+}
+
+func createRecorder(kubeClient *kubernetes.Clientset, userAgent string) record.EventRecorder {
+	eventBroadcaster := record.NewBroadcaster()
+	eventBroadcaster.StartLogging(glog.Infof)
+	eventBroadcaster.StartRecordingToSink(&v1core.EventSinkImpl{Interface: v1core.New(kubeClient.CoreV1().RESTClient()).Events("")})
+	return eventBroadcaster.NewRecorder(legacyscheme.Scheme, v1.EventSource{Component: userAgent})
+}
diff --git a/vendor/k8s.io/kubernetes/cmd/controller-manager/app/serve.go b/vendor/k8s.io/kubernetes/cmd/controller-manager/app/serve.go
new file mode 100644
index 000000000000..7a9d36d11433
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/cmd/controller-manager/app/serve.go
@@ -0,0 +1,63 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package app
+
+import (
+	"net/http"
+	goruntime "runtime"
+	"time"
+
+	"github.com/prometheus/client_golang/prometheus"
+
+	genericapifilters "k8s.io/apiserver/pkg/endpoints/filters"
+	apirequest "k8s.io/apiserver/pkg/endpoints/request"
+	genericfilters "k8s.io/apiserver/pkg/server/filters"
+	"k8s.io/apiserver/pkg/server/healthz"
+	"k8s.io/apiserver/pkg/server/mux"
+	"k8s.io/apiserver/pkg/server/routes"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	"k8s.io/kubernetes/pkg/util/configz"
+)
+
+type serveFunc func(handler http.Handler, shutdownTimeout time.Duration, stopCh <-chan struct{}) error
+
+// Serve creates a base handler chain for a controller manager. It runs the
+// the chain with the given serveFunc.
+func Serve(c *CompletedConfig, serveFunc serveFunc, stopCh <-chan struct{}) error {
+	mux := mux.NewPathRecorderMux("controller-manager")
+	healthz.InstallHandler(mux)
+	if c.ComponentConfig.EnableProfiling {
+		routes.Profiling{}.Install(mux)
+		if c.ComponentConfig.EnableContentionProfiling {
+			goruntime.SetBlockProfileRate(1)
+		}
+	}
+	configz.InstallHandler(mux)
+	mux.Handle("/metrics", prometheus.Handler())
+
+	requestContextMapper := apirequest.NewRequestContextMapper()
+	requestInfoResolver := &apirequest.RequestInfoFactory{}
+	failedHandler := genericapifilters.Unauthorized(requestContextMapper, legacyscheme.Codecs, false)
+
+	handler := genericapifilters.WithAuthorization(mux, requestContextMapper, c.Authorization.Authorizer, legacyscheme.Codecs)
+	handler = genericapifilters.WithAuthentication(handler, requestContextMapper, c.Authentication.Authenticator, failedHandler)
+	handler = genericapifilters.WithRequestInfo(handler, requestInfoResolver, requestContextMapper)
+	handler = apirequest.WithRequestContext(handler, requestContextMapper)
+	handler = genericfilters.WithPanicRecovery(handler)
+
+	return serveFunc(handler, 0, stopCh)
+}
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/BUILD b/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/BUILD
index 6f2497a161a2..876316b7aaaa 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/BUILD
+++ b/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/BUILD
@@ -23,12 +23,14 @@ go_library(
         "//pkg/apis/events:go_default_library",
         "//pkg/apis/extensions:go_default_library",
         "//pkg/apis/networking:go_default_library",
+        "//pkg/apis/policy:go_default_library",
         "//pkg/apis/storage:go_default_library",
         "//pkg/capabilities:go_default_library",
         "//pkg/client/clientset_generated/internalclientset:go_default_library",
         "//pkg/client/informers/informers_generated/internalversion:go_default_library",
         "//pkg/cloudprovider:go_default_library",
         "//pkg/controller/serviceaccount:go_default_library",
+        "//pkg/features:go_default_library",
         "//pkg/generated/openapi:go_default_library",
         "//pkg/kubeapiserver:go_default_library",
         "//pkg/kubeapiserver/admission:go_default_library",
@@ -43,14 +45,16 @@ go_library(
         "//pkg/quota/install:go_default_library",
         "//pkg/registry/cachesize:go_default_library",
         "//pkg/registry/rbac/rest:go_default_library",
+        "//pkg/serviceaccount:go_default_library",
+        "//pkg/util/flag:go_default_library",
         "//pkg/util/reflector/prometheus:go_default_library",
         "//pkg/util/workqueue/prometheus:go_default_library",
         "//pkg/version:go_default_library",
+        "//pkg/version/verflag:go_default_library",
         "//plugin/pkg/auth/authenticator/token/bootstrap:go_default_library",
         "//vendor/github.com/go-openapi/spec:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/spf13/cobra:go_default_library",
-        "//vendor/github.com/spf13/pflag:go_default_library",
         "//vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1:go_default_library",
         "//vendor/k8s.io/apiextensions-apiserver/pkg/apiserver:go_default_library",
         "//vendor/k8s.io/apiextensions-apiserver/pkg/client/informers/internalversion:go_default_library",
@@ -73,13 +77,17 @@ go_library(
         "//vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server/storage:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/etcd3/preflight:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/client-go/informers:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
         "//vendor/k8s.io/client-go/rest:go_default_library",
         "//vendor/k8s.io/client-go/tools/cache:go_default_library",
+        "//vendor/k8s.io/client-go/util/cert:go_default_library",
         "//vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration:go_default_library",
+        "//vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1:go_default_library",
         "//vendor/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1:go_default_library",
         "//vendor/k8s.io/kube-aggregator/pkg/apiserver:go_default_library",
+        "//vendor/k8s.io/kube-aggregator/pkg/apiserver/scheme:go_default_library",
         "//vendor/k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/typed/apiregistration/internalversion:go_default_library",
         "//vendor/k8s.io/kube-aggregator/pkg/client/informers/internalversion/apiregistration/internalversion:go_default_library",
         "//vendor/k8s.io/kube-aggregator/pkg/controllers/autoregister:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go b/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go
index 6d6e469434bb..6cc58a248153 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go
+++ b/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go
@@ -38,8 +38,10 @@ import (
 	kubeexternalinformers "k8s.io/client-go/informers"
 	"k8s.io/client-go/tools/cache"
 	"k8s.io/kube-aggregator/pkg/apis/apiregistration"
+	"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1"
 	"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1"
 	aggregatorapiserver "k8s.io/kube-aggregator/pkg/apiserver"
+	aggregatorscheme "k8s.io/kube-aggregator/pkg/apiserver/scheme"
 	apiregistrationclient "k8s.io/kube-aggregator/pkg/client/clientset_generated/internalclientset/typed/apiregistration/internalversion"
 	informers "k8s.io/kube-aggregator/pkg/client/informers/internalversion/apiregistration/internalversion"
 	"k8s.io/kube-aggregator/pkg/controllers/autoregister"
@@ -58,9 +60,17 @@ func createAggregatorConfig(kubeAPIServerConfig genericapiserver.Config, command
 
 	// copy the etcd options so we don't mutate originals.
 	etcdOptions := *commandOptions.Etcd
-	etcdOptions.StorageConfig.Codec = aggregatorapiserver.Codecs.LegacyCodec(v1beta1.SchemeGroupVersion)
+	etcdOptions.StorageConfig.Codec = aggregatorscheme.Codecs.LegacyCodec(v1beta1.SchemeGroupVersion, v1.SchemeGroupVersion)
 	genericConfig.RESTOptionsGetter = &genericoptions.SimpleRestOptionsFactory{Options: etcdOptions}
 
+	// override MergedResourceConfig with aggregator defaults and registry
+	if err := commandOptions.APIEnablement.ApplyTo(
+		&genericConfig,
+		aggregatorapiserver.DefaultAPIResourceConfigSource(),
+		aggregatorscheme.Registry); err != nil {
+		return nil, err
+	}
+
 	var err error
 	var certBytes, keyBytes []byte
 	if len(commandOptions.ProxyClientCertFile) > 0 && len(commandOptions.ProxyClientKeyFile) > 0 {
@@ -187,8 +197,12 @@ func makeAPIServiceAvailableHealthzCheck(name string, apiServices []*apiregistra
 	})
 }
 
+// priority defines group priority that is used in discovery. This controls
+// group position in the kubectl output.
 type priority struct {
-	group   int32
+	// group indicates the order of the group relative to other groups.
+	group int32
+	// version indicates the relative order of the version inside of its group.
 	version int32
 }
 
@@ -226,9 +240,13 @@ var apiVersionPriorities = map[schema.GroupVersion]priority{
 	{Group: "storage.k8s.io", Version: "v1beta1"}:                {group: 16800, version: 9},
 	{Group: "storage.k8s.io", Version: "v1alpha1"}:               {group: 16800, version: 1},
 	{Group: "apiextensions.k8s.io", Version: "v1beta1"}:          {group: 16700, version: 9},
+	{Group: "admissionregistration.k8s.io", Version: "v1"}:       {group: 16700, version: 15},
 	{Group: "admissionregistration.k8s.io", Version: "v1beta1"}:  {group: 16700, version: 12},
 	{Group: "admissionregistration.k8s.io", Version: "v1alpha1"}: {group: 16700, version: 9},
 	{Group: "scheduling.k8s.io", Version: "v1alpha1"}:            {group: 16600, version: 9},
+	// Append a new group to the end of the list if unsure.
+	// You can use min(existing group)-100 as the initial value for a group.
+	// Version can be set to 9 (to have space around) for a new group.
 }
 
 func apiServicesToRegister(delegateAPIServer genericapiserver.DelegationTarget, registration autoregister.AutoAPIServiceRegistration) []*apiregistration.APIService {
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/apiextensions.go b/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/apiextensions.go
index 1ef2916e7027..c8dd16e7af9d 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/apiextensions.go
+++ b/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/apiextensions.go
@@ -39,6 +39,14 @@ func createAPIExtensionsConfig(kubeAPIServerConfig genericapiserver.Config, exte
 	etcdOptions.StorageConfig.Codec = apiextensionsapiserver.Codecs.LegacyCodec(v1beta1.SchemeGroupVersion)
 	genericConfig.RESTOptionsGetter = &genericoptions.SimpleRestOptionsFactory{Options: etcdOptions}
 
+	// override MergedResourceConfig with apiextensions defaults and registry
+	if err := commandOptions.APIEnablement.ApplyTo(
+		&genericConfig,
+		apiextensionsapiserver.DefaultAPIResourceConfigSource(),
+		apiextensionsapiserver.Registry); err != nil {
+		return nil, err
+	}
+
 	apiextensionsConfig := &apiextensionsapiserver.Config{
 		GenericConfig: &genericapiserver.RecommendedConfig{
 			Config:                genericConfig,
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/BUILD b/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/BUILD
index 96087a582ebc..bb6f67d6aa2a 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/BUILD
+++ b/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/BUILD
@@ -10,59 +10,31 @@ go_library(
     name = "go_default_library",
     srcs = [
         "options.go",
-        "plugins.go",
         "validation.go",
     ],
     importpath = "k8s.io/kubernetes/cmd/kube-apiserver/app/options",
     deps = [
+        "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/validation:go_default_library",
-        "//pkg/cloudprovider/providers:go_default_library",
         "//pkg/features:go_default_library",
         "//pkg/kubeapiserver/options:go_default_library",
         "//pkg/kubelet/client:go_default_library",
         "//pkg/master/ports:go_default_library",
         "//pkg/master/reconcilers:go_default_library",
-        "//plugin/pkg/admission/admit:go_default_library",
-        "//plugin/pkg/admission/alwayspullimages:go_default_library",
-        "//plugin/pkg/admission/antiaffinity:go_default_library",
-        "//plugin/pkg/admission/defaulttolerationseconds:go_default_library",
-        "//plugin/pkg/admission/deny:go_default_library",
-        "//plugin/pkg/admission/eventratelimit:go_default_library",
-        "//plugin/pkg/admission/exec:go_default_library",
-        "//plugin/pkg/admission/extendedresourcetoleration:go_default_library",
-        "//plugin/pkg/admission/gc:go_default_library",
-        "//plugin/pkg/admission/imagepolicy:go_default_library",
-        "//plugin/pkg/admission/initialresources:go_default_library",
-        "//plugin/pkg/admission/limitranger:go_default_library",
-        "//plugin/pkg/admission/namespace/autoprovision:go_default_library",
-        "//plugin/pkg/admission/namespace/exists:go_default_library",
-        "//plugin/pkg/admission/noderestriction:go_default_library",
-        "//plugin/pkg/admission/persistentvolume/label:go_default_library",
-        "//plugin/pkg/admission/persistentvolume/resize:go_default_library",
-        "//plugin/pkg/admission/persistentvolumeclaim/pvcprotection:go_default_library",
-        "//plugin/pkg/admission/podnodeselector:go_default_library",
-        "//plugin/pkg/admission/podpreset:go_default_library",
-        "//plugin/pkg/admission/podtolerationrestriction:go_default_library",
-        "//plugin/pkg/admission/priority:go_default_library",
-        "//plugin/pkg/admission/resourcequota:go_default_library",
-        "//plugin/pkg/admission/security/podsecuritypolicy:go_default_library",
-        "//plugin/pkg/admission/securitycontext/scdeny:go_default_library",
-        "//plugin/pkg/admission/serviceaccount:go_default_library",
-        "//plugin/pkg/admission/storageclass/setdefault:go_default_library",
         "//vendor/github.com/spf13/pflag:go_default_library",
+        "//vendor/k8s.io/apiextensions-apiserver/pkg/apiserver:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server/options:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/storagebackend:go_default_library",
+        "//vendor/k8s.io/kube-aggregator/pkg/apiserver/scheme:go_default_library",
     ],
 )
 
 go_test(
     name = "go_default_test",
     srcs = ["options_test.go"],
-    importpath = "k8s.io/kubernetes/cmd/kube-apiserver/app/options",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core:go_default_library",
@@ -74,7 +46,7 @@ go_test(
         "//vendor/k8s.io/apiserver/pkg/server/options:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/storagebackend:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/flag:go_default_library",
-        "//vendor/k8s.io/apiserver/plugin/pkg/audit/webhook:go_default_library",
+        "//vendor/k8s.io/apiserver/plugin/pkg/audit/buffered:go_default_library",
         "//vendor/k8s.io/client-go/rest:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/options.go b/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/options.go
index 8b95fb66678e..23088142a70f 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/options.go
+++ b/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/options.go
@@ -42,16 +42,16 @@ import (
 type ServerRunOptions struct {
 	GenericServerRunOptions *genericoptions.ServerRunOptions
 	Etcd                    *genericoptions.EtcdOptions
-	SecureServing           *genericoptions.SecureServingOptions
+	SecureServing           *genericoptions.SecureServingOptionsWithLoopback
 	InsecureServing         *kubeoptions.InsecureServingOptions
 	Audit                   *genericoptions.AuditOptions
 	Features                *genericoptions.FeatureOptions
-	Admission               *genericoptions.AdmissionOptions
+	Admission               *kubeoptions.AdmissionOptions
 	Authentication          *kubeoptions.BuiltInAuthenticationOptions
 	Authorization           *kubeoptions.BuiltInAuthorizationOptions
 	CloudProvider           *kubeoptions.CloudProviderOptions
 	StorageSerialization    *kubeoptions.StorageSerializationOptions
-	APIEnablement           *kubeoptions.APIEnablementOptions
+	APIEnablement           *genericoptions.APIEnablementOptions
 
 	AllowPrivileged           bool
 	EnableLogsHandler         bool
@@ -71,6 +71,8 @@ type ServerRunOptions struct {
 
 	MasterCount            int
 	EndpointReconcilerType string
+
+	ServiceAccountSigningKeyFile string
 }
 
 // NewServerRunOptions creates a new ServerRunOptions object with default parameters
@@ -82,12 +84,12 @@ func NewServerRunOptions() *ServerRunOptions {
 		InsecureServing:      kubeoptions.NewInsecureServingOptions(),
 		Audit:                genericoptions.NewAuditOptions(),
 		Features:             genericoptions.NewFeatureOptions(),
-		Admission:            genericoptions.NewAdmissionOptions(),
+		Admission:            kubeoptions.NewAdmissionOptions(),
 		Authentication:       kubeoptions.NewBuiltInAuthenticationOptions().WithAll(),
 		Authorization:        kubeoptions.NewBuiltInAuthorizationOptions(),
 		CloudProvider:        kubeoptions.NewCloudProviderOptions(),
 		StorageSerialization: kubeoptions.NewStorageSerializationOptions(),
-		APIEnablement:        kubeoptions.NewAPIEnablementOptions(),
+		APIEnablement:        genericoptions.NewAPIEnablementOptions(),
 
 		EnableLogsHandler:      true,
 		EventTTL:               1 * time.Hour,
@@ -113,13 +115,11 @@ func NewServerRunOptions() *ServerRunOptions {
 		},
 		ServiceNodePortRange: kubeoptions.DefaultServiceNodePortRange,
 	}
+	s.ServiceClusterIPRange = kubeoptions.DefaultServiceIPCIDR
+
 	// Overwrite the default for storage data format.
 	s.Etcd.DefaultStorageMediaType = "application/vnd.kubernetes.protobuf"
 
-	// register all admission plugins
-	RegisterAllAdmissionPlugins(s.Admission.Plugins)
-	// Set the default for admission plugins names
-	s.Admission.PluginNames = []string{"AlwaysAdmit"}
 	return &s
 }
 
@@ -129,7 +129,6 @@ func (s *ServerRunOptions) AddFlags(fs *pflag.FlagSet) {
 	s.GenericServerRunOptions.AddUniversalFlags(fs)
 	s.Etcd.AddFlags(fs)
 	s.SecureServing.AddFlags(fs)
-	s.SecureServing.AddDeprecatedFlags(fs)
 	s.InsecureServing.AddFlags(fs)
 	s.InsecureServing.AddDeprecatedFlags(fs)
 	s.Audit.AddFlags(fs)
@@ -226,7 +225,7 @@ func (s *ServerRunOptions) AddFlags(fs *pflag.FlagSet) {
 		"api-server and calling out to webhook admission plugins. It is expected that this "+
 		"cert includes a signature from the CA in the --requestheader-client-ca-file flag. "+
 		"That CA is published in the 'extension-apiserver-authentication' configmap in "+
-		"the kube-system namespace. Components recieving calls from kube-aggregator should "+
+		"the kube-system namespace. Components receiving calls from kube-aggregator should "+
 		"use that CA to perform their half of the mutual TLS verification.")
 	fs.StringVar(&s.ProxyClientKeyFile, "proxy-client-key-file", s.ProxyClientKeyFile, ""+
 		"Private key for the client certificate used to prove the identity of the aggregator or kube-apiserver "+
@@ -236,4 +235,7 @@ func (s *ServerRunOptions) AddFlags(fs *pflag.FlagSet) {
 	fs.BoolVar(&s.EnableAggregatorRouting, "enable-aggregator-routing", s.EnableAggregatorRouting,
 		"Turns on aggregator routing requests to endoints IP rather than cluster IP.")
 
+	fs.StringVar(&s.ServiceAccountSigningKeyFile, "service-account-signing-key-file", s.ServiceAccountSigningKeyFile, ""+
+		"Path to the file that contains the current private key of the service account token issuer. The issuer will sign issued ID tokens with this private key. (Ignored unless alpha TokenRequest is enabled")
+
 }
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/plugins.go b/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/plugins.go
deleted file mode 100644
index a0d2502e7f58..000000000000
--- a/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/plugins.go
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
-Copyright 2014 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package options
-
-// This file exists to force the desired plugin implementations to be linked.
-// This should probably be part of some configuration fed into the build for a
-// given binary target.
-import (
-	// Cloud providers
-	_ "k8s.io/kubernetes/pkg/cloudprovider/providers"
-
-	// Admission policies
-	"k8s.io/apiserver/pkg/admission"
-	"k8s.io/kubernetes/plugin/pkg/admission/admit"
-	"k8s.io/kubernetes/plugin/pkg/admission/alwayspullimages"
-	"k8s.io/kubernetes/plugin/pkg/admission/antiaffinity"
-	"k8s.io/kubernetes/plugin/pkg/admission/defaulttolerationseconds"
-	"k8s.io/kubernetes/plugin/pkg/admission/deny"
-	"k8s.io/kubernetes/plugin/pkg/admission/eventratelimit"
-	"k8s.io/kubernetes/plugin/pkg/admission/exec"
-	"k8s.io/kubernetes/plugin/pkg/admission/extendedresourcetoleration"
-	"k8s.io/kubernetes/plugin/pkg/admission/gc"
-	"k8s.io/kubernetes/plugin/pkg/admission/imagepolicy"
-	"k8s.io/kubernetes/plugin/pkg/admission/initialresources"
-	"k8s.io/kubernetes/plugin/pkg/admission/limitranger"
-	"k8s.io/kubernetes/plugin/pkg/admission/namespace/autoprovision"
-	"k8s.io/kubernetes/plugin/pkg/admission/namespace/exists"
-	"k8s.io/kubernetes/plugin/pkg/admission/noderestriction"
-	"k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/label"
-	"k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/resize"
-	"k8s.io/kubernetes/plugin/pkg/admission/persistentvolumeclaim/pvcprotection"
-	"k8s.io/kubernetes/plugin/pkg/admission/podnodeselector"
-	"k8s.io/kubernetes/plugin/pkg/admission/podpreset"
-	"k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction"
-	podpriority "k8s.io/kubernetes/plugin/pkg/admission/priority"
-	"k8s.io/kubernetes/plugin/pkg/admission/resourcequota"
-	"k8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy"
-	"k8s.io/kubernetes/plugin/pkg/admission/securitycontext/scdeny"
-	"k8s.io/kubernetes/plugin/pkg/admission/serviceaccount"
-	"k8s.io/kubernetes/plugin/pkg/admission/storageclass/setdefault"
-)
-
-// RegisterAllAdmissionPlugins registers all admission plugins
-func RegisterAllAdmissionPlugins(plugins *admission.Plugins) {
-	admit.Register(plugins)
-	alwayspullimages.Register(plugins)
-	antiaffinity.Register(plugins)
-	defaulttolerationseconds.Register(plugins)
-	deny.Register(plugins)
-	eventratelimit.Register(plugins)
-	exec.Register(plugins)
-	extendedresourcetoleration.Register(plugins)
-	gc.Register(plugins)
-	imagepolicy.Register(plugins)
-	initialresources.Register(plugins)
-	limitranger.Register(plugins)
-	autoprovision.Register(plugins)
-	exists.Register(plugins)
-	noderestriction.Register(plugins)
-	label.Register(plugins) // DEPRECATED in favor of NewPersistentVolumeLabelController in CCM
-	podnodeselector.Register(plugins)
-	podpreset.Register(plugins)
-	podtolerationrestriction.Register(plugins)
-	resourcequota.Register(plugins)
-	podsecuritypolicy.Register(plugins)
-	podpriority.Register(plugins)
-	scdeny.Register(plugins)
-	serviceaccount.Register(plugins)
-	setdefault.Register(plugins)
-	resize.Register(plugins)
-	pvcprotection.Register(plugins)
-}
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/validation.go b/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/validation.go
index fb937bdf7db3..44f1df11d579 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/validation.go
+++ b/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/validation.go
@@ -18,6 +18,10 @@ package options
 
 import (
 	"fmt"
+
+	apiextensionsapiserver "k8s.io/apiextensions-apiserver/pkg/apiserver"
+	aggregatorscheme "k8s.io/kube-aggregator/pkg/apiserver/scheme"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
 )
 
 // TODO: Longer term we should read this from some config store, rather than a flag.
@@ -66,11 +70,18 @@ func (options *ServerRunOptions) Validate() []error {
 	if errs := options.Audit.Validate(); len(errs) > 0 {
 		errors = append(errors, errs...)
 	}
+	if errs := options.Admission.Validate(); len(errs) > 0 {
+		errors = append(errors, errs...)
+	}
 	if errs := options.InsecureServing.Validate("insecure-port"); len(errs) > 0 {
 		errors = append(errors, errs...)
 	}
 	if options.MasterCount <= 0 {
 		errors = append(errors, fmt.Errorf("--apiserver-count should be a positive number, but value '%d' provided", options.MasterCount))
 	}
+	if errs := options.APIEnablement.Validate(legacyscheme.Registry, apiextensionsapiserver.Registry, aggregatorscheme.Registry); len(errs) > 0 {
+		errors = append(errors, errs...)
+	}
+
 	return errors
 }
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/server.go b/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/server.go
index d3d4a0b22a2e..d2df51dfdb25 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/server.go
+++ b/vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/server.go
@@ -35,7 +35,6 @@ import (
 	"github.com/go-openapi/spec"
 	"github.com/golang/glog"
 	"github.com/spf13/cobra"
-	"github.com/spf13/pflag"
 
 	"k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime/schema"
@@ -45,21 +44,23 @@ import (
 	utilwait "k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/apiserver/pkg/admission"
 	webhookconfig "k8s.io/apiserver/pkg/admission/plugin/webhook/config"
+	webhookinit "k8s.io/apiserver/pkg/admission/plugin/webhook/initializer"
 	"k8s.io/apiserver/pkg/authentication/authenticator"
 	"k8s.io/apiserver/pkg/authorization/authorizer"
+	"k8s.io/apiserver/pkg/server"
 	genericapiserver "k8s.io/apiserver/pkg/server"
 	"k8s.io/apiserver/pkg/server/filters"
 	serveroptions "k8s.io/apiserver/pkg/server/options"
 	"k8s.io/apiserver/pkg/server/options/encryptionconfig"
 	serverstorage "k8s.io/apiserver/pkg/server/storage"
-	aggregatorapiserver "k8s.io/kube-aggregator/pkg/apiserver"
-	openapi "k8s.io/kube-openapi/pkg/common"
-
-	webhookinit "k8s.io/apiserver/pkg/admission/plugin/webhook/initializer"
 	"k8s.io/apiserver/pkg/storage/etcd3/preflight"
+	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	clientgoinformers "k8s.io/client-go/informers"
 	clientgoclientset "k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/rest"
+	certutil "k8s.io/client-go/util/cert"
+	aggregatorapiserver "k8s.io/kube-aggregator/pkg/apiserver"
+	openapi "k8s.io/kube-openapi/pkg/common"
 	"k8s.io/kubernetes/cmd/kube-apiserver/app/options"
 	"k8s.io/kubernetes/pkg/api/legacyscheme"
 	"k8s.io/kubernetes/pkg/apis/admissionregistration"
@@ -69,12 +70,14 @@ import (
 	"k8s.io/kubernetes/pkg/apis/events"
 	"k8s.io/kubernetes/pkg/apis/extensions"
 	"k8s.io/kubernetes/pkg/apis/networking"
+	"k8s.io/kubernetes/pkg/apis/policy"
 	"k8s.io/kubernetes/pkg/apis/storage"
 	"k8s.io/kubernetes/pkg/capabilities"
 	"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	informers "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion"
 	"k8s.io/kubernetes/pkg/cloudprovider"
 	serviceaccountcontroller "k8s.io/kubernetes/pkg/controller/serviceaccount"
+	"k8s.io/kubernetes/pkg/features"
 	generatedopenapi "k8s.io/kubernetes/pkg/generated/openapi"
 	"k8s.io/kubernetes/pkg/kubeapiserver"
 	kubeapiserveradmission "k8s.io/kubernetes/pkg/kubeapiserver/admission"
@@ -88,9 +91,12 @@ import (
 	quotainstall "k8s.io/kubernetes/pkg/quota/install"
 	"k8s.io/kubernetes/pkg/registry/cachesize"
 	rbacrest "k8s.io/kubernetes/pkg/registry/rbac/rest"
+	"k8s.io/kubernetes/pkg/serviceaccount"
 	"k8s.io/kubernetes/pkg/version"
+	"k8s.io/kubernetes/pkg/version/verflag"
 	"k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/bootstrap"
 
+	utilflag "k8s.io/kubernetes/pkg/util/flag"
 	_ "k8s.io/kubernetes/pkg/util/reflector/prometheus" // for reflector metric registration
 	_ "k8s.io/kubernetes/pkg/util/workqueue/prometheus" // for workqueue metric registration
 )
@@ -101,7 +107,6 @@ const etcdRetryInterval = 1 * time.Second
 // NewAPIServerCommand creates a *cobra.Command object with default parameters
 func NewAPIServerCommand() *cobra.Command {
 	s := options.NewServerRunOptions()
-	s.AddFlags(pflag.CommandLine)
 	cmd := &cobra.Command{
 		Use: "kube-apiserver",
 		Long: `The Kubernetes API server validates and configures data
@@ -109,8 +114,17 @@ for the api objects which include pods, services, replicationcontrollers, and
 others. The API Server services REST operations and provides the frontend to the
 cluster's shared state through which all other components interact.`,
 		Run: func(cmd *cobra.Command, args []string) {
+			verflag.PrintAndExitIfRequested()
+			utilflag.PrintFlags(cmd.Flags())
+
+			stopCh := server.SetupSignalHandler()
+			if err := Run(s, stopCh); err != nil {
+				fmt.Fprintf(os.Stderr, "%v\n", err)
+				os.Exit(1)
+			}
 		},
 	}
+	s.AddFlags(cmd.Flags())
 
 	return cmd
 }
@@ -134,6 +148,7 @@ func CreateServerChain(runOptions *options.ServerRunOptions, stopCh <-chan struc
 	if err != nil {
 		return nil, err
 	}
+
 	kubeAPIServerConfig, sharedInformers, versionedInformers, insecureServingOptions, serviceResolver, err := CreateKubeAPIServerConfig(runOptions, nodeTunneler, proxyTransport)
 	if err != nil {
 		return nil, err
@@ -296,7 +311,7 @@ func CreateKubeAPIServerConfig(s *options.ServerRunOptions, nodeTunneler tunnele
 		return nil, nil, nil, nil, nil, err
 	}
 
-	storageFactory, err := BuildStorageFactory(s)
+	storageFactory, err := BuildStorageFactory(s, genericConfig.MergedResourceConfig)
 	if err != nil {
 		return nil, nil, nil, nil, nil, err
 	}
@@ -310,6 +325,28 @@ func CreateKubeAPIServerConfig(s *options.ServerRunOptions, nodeTunneler tunnele
 		return nil, nil, nil, nil, nil, err
 	}
 
+	var issuer serviceaccount.TokenGenerator
+	var apiAudiences []string
+	if s.ServiceAccountSigningKeyFile != "" ||
+		s.Authentication.ServiceAccounts.Issuer != "" ||
+		len(s.Authentication.ServiceAccounts.APIAudiences) > 0 {
+		if !utilfeature.DefaultFeatureGate.Enabled(features.TokenRequest) {
+			return nil, nil, nil, nil, nil, fmt.Errorf("the TokenRequest feature is not enabled but --service-account-signing-key-file and/or --service-account-issuer-id flags were passed")
+		}
+		if s.ServiceAccountSigningKeyFile == "" ||
+			s.Authentication.ServiceAccounts.Issuer == "" ||
+			len(s.Authentication.ServiceAccounts.APIAudiences) == 0 ||
+			len(s.Authentication.ServiceAccounts.KeyFiles) == 0 {
+			return nil, nil, nil, nil, nil, fmt.Errorf("service-account-signing-key-file, service-account-issuer, service-account-api-audiences and service-account-key-file should be specified together")
+		}
+		sk, err := certutil.PrivateKeyFromFile(s.ServiceAccountSigningKeyFile)
+		if err != nil {
+			return nil, nil, nil, nil, nil, fmt.Errorf("failed to parse service-account-issuer-key-file: %v", err)
+		}
+		issuer = serviceaccount.JWTTokenGenerator(s.Authentication.ServiceAccounts.Issuer, sk)
+		apiAudiences = s.Authentication.ServiceAccounts.APIAudiences
+	}
+
 	config := &master.Config{
 		GenericConfig: genericConfig,
 		ExtraConfig: master.ExtraConfig{
@@ -327,7 +364,6 @@ func CreateKubeAPIServerConfig(s *options.ServerRunOptions, nodeTunneler tunnele
 			EnableCoreControllers:   true,
 			EventTTL:                s.EventTTL,
 			KubeletClientConfig:     s.KubeletConfig,
-			EnableUISupport:         true,
 			EnableLogsSupport:       s.EnableLogsHandler,
 			ProxyTransport:          proxyTransport,
 
@@ -342,6 +378,9 @@ func CreateKubeAPIServerConfig(s *options.ServerRunOptions, nodeTunneler tunnele
 
 			EndpointReconcilerType: reconcilers.Type(s.EndpointReconcilerType),
 			MasterCount:            s.MasterCount,
+
+			ServiceAccountIssuer:       issuer,
+			ServiceAccountAPIAudiences: apiAudiences,
 		},
 	}
 
@@ -376,6 +415,9 @@ func BuildGenericConfig(s *options.ServerRunOptions, proxyTransport *http.Transp
 	if err := s.Features.ApplyTo(genericConfig); err != nil {
 		return nil, nil, nil, nil, nil, err
 	}
+	if err := s.APIEnablement.ApplyTo(genericConfig, master.DefaultAPIResourceConfigSource(), legacyscheme.Registry); err != nil {
+		return nil, nil, nil, nil, nil, err
+	}
 
 	genericConfig.OpenAPIConfig = genericapiserver.DefaultOpenAPIConfig(generatedopenapi.GetOpenAPIDefinitions, legacyscheme.Scheme)
 	genericConfig.OpenAPIConfig.PostProcessSpec = postProcessOpenAPISpecForBackwardCompatibility
@@ -390,7 +432,7 @@ func BuildGenericConfig(s *options.ServerRunOptions, proxyTransport *http.Transp
 	kubeVersion := version.Get()
 	genericConfig.Version = &kubeVersion
 
-	storageFactory, err := BuildStorageFactory(s)
+	storageFactory, err := BuildStorageFactory(s, genericConfig.MergedResourceConfig)
 	if err != nil {
 		return nil, nil, nil, nil, nil, err
 	}
@@ -438,12 +480,12 @@ func BuildGenericConfig(s *options.ServerRunOptions, proxyTransport *http.Transp
 		)
 	}
 
-	genericConfig.Authenticator, genericConfig.OpenAPIConfig.SecurityDefinitions, err = BuildAuthenticator(s, storageFactory, client, sharedInformers)
+	genericConfig.Authentication.Authenticator, genericConfig.OpenAPIConfig.SecurityDefinitions, err = BuildAuthenticator(s, storageFactory, client, clientgoExternalClient, sharedInformers)
 	if err != nil {
 		return nil, nil, nil, nil, nil, fmt.Errorf("invalid authentication config: %v", err)
 	}
 
-	genericConfig.Authorizer, genericConfig.RuleResolver, err = BuildAuthorizer(s, sharedInformers)
+	genericConfig.Authorization.Authorizer, genericConfig.RuleResolver, err = BuildAuthorizer(s, sharedInformers, versionedInformers)
 	if err != nil {
 		return nil, nil, nil, nil, nil, fmt.Errorf("invalid authorization config: %v", err)
 	}
@@ -522,25 +564,10 @@ func BuildAdmissionPluginInitializers(s *options.ServerRunOptions, client intern
 }
 
 // BuildAuthenticator constructs the authenticator
-func BuildAuthenticator(s *options.ServerRunOptions, storageFactory serverstorage.StorageFactory, client internalclientset.Interface, sharedInformers informers.SharedInformerFactory) (authenticator.Request, *spec.SecurityDefinitions, error) {
+func BuildAuthenticator(s *options.ServerRunOptions, storageFactory serverstorage.StorageFactory, client internalclientset.Interface, extclient clientgoclientset.Interface, sharedInformers informers.SharedInformerFactory) (authenticator.Request, *spec.SecurityDefinitions, error) {
 	authenticatorConfig := s.Authentication.ToAuthenticationConfig()
 	if s.Authentication.ServiceAccounts.Lookup {
-		// we have to go direct to storage because the clientsets fail when they're initialized with some API versions excluded
-		// we should stop trying to control them like that.
-		storageConfigServiceAccounts, err := storageFactory.NewConfig(api.Resource("serviceaccounts"))
-		if err != nil {
-			return nil, nil, fmt.Errorf("unable to get serviceaccounts storage: %v", err)
-		}
-		storageConfigSecrets, err := storageFactory.NewConfig(api.Resource("secrets"))
-		if err != nil {
-			return nil, nil, fmt.Errorf("unable to get secrets storage: %v", err)
-		}
-		authenticatorConfig.ServiceAccountTokenGetter = serviceaccountcontroller.NewGetterFromStorageInterface(
-			storageConfigServiceAccounts,
-			storageFactory.ResourcePrefix(api.Resource("serviceaccounts")),
-			storageConfigSecrets,
-			storageFactory.ResourcePrefix(api.Resource("secrets")),
-		)
+		authenticatorConfig.ServiceAccountTokenGetter = serviceaccountcontroller.NewGetterFromClient(extclient)
 	}
 	if client == nil || reflect.ValueOf(client).IsNil() {
 		// TODO: Remove check once client can never be nil.
@@ -554,14 +581,14 @@ func BuildAuthenticator(s *options.ServerRunOptions, storageFactory serverstorag
 }
 
 // BuildAuthorizer constructs the authorizer
-func BuildAuthorizer(s *options.ServerRunOptions, sharedInformers informers.SharedInformerFactory) (authorizer.Authorizer, authorizer.RuleResolver, error) {
-	authorizationConfig := s.Authorization.ToAuthorizationConfig(sharedInformers)
+func BuildAuthorizer(s *options.ServerRunOptions, sharedInformers informers.SharedInformerFactory, versionedInformers clientgoinformers.SharedInformerFactory) (authorizer.Authorizer, authorizer.RuleResolver, error) {
+	authorizationConfig := s.Authorization.ToAuthorizationConfig(sharedInformers, versionedInformers)
 	return authorizationConfig.New()
 }
 
 // BuildStorageFactory constructs the storage factory. If encryption at rest is used, it expects
 // all supported KMS plugins to be registered in the KMS plugin registry before being called.
-func BuildStorageFactory(s *options.ServerRunOptions) (*serverstorage.DefaultStorageFactory, error) {
+func BuildStorageFactory(s *options.ServerRunOptions, apiResourceConfig *serverstorage.ResourceConfig) (*serverstorage.DefaultStorageFactory, error) {
 	storageGroupsToEncodingVersion, err := s.StorageSerialization.StorageGroupsToEncodingVersion()
 	if err != nil {
 		return nil, fmt.Errorf("error generating storage version map: %s", err)
@@ -574,21 +601,21 @@ func BuildStorageFactory(s *options.ServerRunOptions) (*serverstorage.DefaultSto
 		// FIXME (soltysh): this GroupVersionResource override should be configurable
 		[]schema.GroupVersionResource{
 			batch.Resource("cronjobs").WithVersion("v1beta1"),
-			storage.Resource("volumeattachments").WithVersion("v1alpha1"),
+			storage.Resource("volumeattachments").WithVersion("v1beta1"),
 			admissionregistration.Resource("initializerconfigurations").WithVersion("v1alpha1"),
 		},
-		master.DefaultAPIResourceConfigSource(), s.APIEnablement.RuntimeConfig)
+		apiResourceConfig)
 	if err != nil {
 		return nil, fmt.Errorf("error in initializing storage factory: %s", err)
 	}
 
 	storageFactory.AddCohabitatingResources(networking.Resource("networkpolicies"), extensions.Resource("networkpolicies"))
-
-	// keep Deployments, Daemonsets and ReplicaSets in extensions for backwards compatibility, we'll have to migrate at some point, eventually
-	storageFactory.AddCohabitatingResources(extensions.Resource("deployments"), apps.Resource("deployments"))
-	storageFactory.AddCohabitatingResources(extensions.Resource("daemonsets"), apps.Resource("daemonsets"))
-	storageFactory.AddCohabitatingResources(extensions.Resource("replicasets"), apps.Resource("replicasets"))
+	storageFactory.AddCohabitatingResources(apps.Resource("deployments"), extensions.Resource("deployments"))
+	storageFactory.AddCohabitatingResources(apps.Resource("daemonsets"), extensions.Resource("daemonsets"))
+	storageFactory.AddCohabitatingResources(apps.Resource("replicasets"), extensions.Resource("replicasets"))
 	storageFactory.AddCohabitatingResources(api.Resource("events"), events.Resource("events"))
+	// TODO(#54933): 1.11: switch to using policy storage and flip the order here
+	storageFactory.AddCohabitatingResources(extensions.Resource("podsecuritypolicies"), policy.Resource("podsecuritypolicies"))
 	for _, override := range s.Etcd.EtcdServersOverrides {
 		tokens := strings.Split(override, "#")
 		if len(tokens) != 2 {
@@ -624,7 +651,7 @@ func BuildStorageFactory(s *options.ServerRunOptions) (*serverstorage.DefaultSto
 
 func defaultOptions(s *options.ServerRunOptions) error {
 	// set defaults
-	if err := s.GenericServerRunOptions.DefaultAdvertiseAddress(s.SecureServing); err != nil {
+	if err := s.GenericServerRunOptions.DefaultAdvertiseAddress(s.SecureServing.SecureServingOptions); err != nil {
 		return err
 	}
 	if err := kubeoptions.DefaultAdvertiseAddress(s.GenericServerRunOptions, s.InsecureServing); err != nil {
@@ -638,18 +665,35 @@ func defaultOptions(s *options.ServerRunOptions) error {
 	if err := s.SecureServing.MaybeDefaultWithSelfSignedCerts(s.GenericServerRunOptions.AdvertiseAddress.String(), []string{"kubernetes.default.svc", "kubernetes.default", "kubernetes"}, []net.IP{apiServerServiceIP}); err != nil {
 		return fmt.Errorf("error creating self-signed certificates: %v", err)
 	}
-	if err := s.CloudProvider.DefaultExternalHost(s.GenericServerRunOptions); err != nil {
-		return fmt.Errorf("error setting the external host value: %v", err)
+
+	if len(s.GenericServerRunOptions.ExternalHost) == 0 {
+		if len(s.GenericServerRunOptions.AdvertiseAddress) > 0 {
+			s.GenericServerRunOptions.ExternalHost = s.GenericServerRunOptions.AdvertiseAddress.String()
+		} else {
+			if hostname, err := os.Hostname(); err == nil {
+				s.GenericServerRunOptions.ExternalHost = hostname
+			} else {
+				return fmt.Errorf("error finding host name: %v", err)
+			}
+		}
+		glog.Infof("external host was not specified, using %v", s.GenericServerRunOptions.ExternalHost)
 	}
 
 	s.Authentication.ApplyAuthorization(s.Authorization)
 
-	// Default to the private server key for service account token signing
-	if len(s.Authentication.ServiceAccounts.KeyFiles) == 0 && s.SecureServing.ServerCert.CertKey.KeyFile != "" {
-		if kubeauthenticator.IsValidServiceAccountKeyFile(s.SecureServing.ServerCert.CertKey.KeyFile) {
-			s.Authentication.ServiceAccounts.KeyFiles = []string{s.SecureServing.ServerCert.CertKey.KeyFile}
-		} else {
-			glog.Warning("No TLS key provided, service account token authentication disabled")
+	// Use (ServiceAccountSigningKeyFile != "") as a proxy to the user enabling
+	// TokenRequest functionality. This defaulting was convenient, but messed up
+	// a lot of people when they rotated their serving cert with no idea it was
+	// connected to their service account keys. We are taking this oppurtunity to
+	// remove this problematic defaulting.
+	if s.ServiceAccountSigningKeyFile == "" {
+		// Default to the private server key for service account token signing
+		if len(s.Authentication.ServiceAccounts.KeyFiles) == 0 && s.SecureServing.ServerCert.CertKey.KeyFile != "" {
+			if kubeauthenticator.IsValidServiceAccountKeyFile(s.SecureServing.ServerCert.CertKey.KeyFile) {
+				s.Authentication.ServiceAccounts.KeyFiles = []string{s.SecureServing.ServerCert.CertKey.KeyFile}
+			} else {
+				glog.Warning("No TLS key provided, service account token authentication disabled")
+			}
 		}
 	}
 
@@ -688,6 +732,20 @@ func defaultOptions(s *options.ServerRunOptions) error {
 		}
 	}
 
+	// TODO: remove when we stop supporting the legacy group version.
+	if s.APIEnablement.RuntimeConfig != nil {
+		for key, value := range s.APIEnablement.RuntimeConfig {
+			if key == "v1" || strings.HasPrefix(key, "v1/") ||
+				key == "api/v1" || strings.HasPrefix(key, "api/v1/") {
+				delete(s.APIEnablement.RuntimeConfig, key)
+				s.APIEnablement.RuntimeConfig["/v1"] = value
+			}
+			if key == "api/legacy" {
+				delete(s.APIEnablement.RuntimeConfig, key)
+			}
+		}
+	}
+
 	return nil
 }
 
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/BUILD b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/BUILD
index a533b2e29fc1..a3f98b1a9853 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/BUILD
+++ b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/BUILD
@@ -1,10 +1,4 @@
-package(default_visibility = ["//visibility:public"])
-
-load(
-    "@io_bazel_rules_go//go:def.bzl",
-    "go_library",
-    "go_test",
-)
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 
 go_library(
     name = "go_default_library",
@@ -14,6 +8,7 @@ go_library(
         "batch.go",
         "bootstrap.go",
         "certificates.go",
+        "cloudproviders.go",
         "controllermanager.go",
         "core.go",
         "extensions.go",
@@ -23,7 +18,11 @@ go_library(
         "rbac.go",
     ],
     importpath = "k8s.io/kubernetes/cmd/kube-controller-manager/app",
+    visibility = ["//visibility:public"],
     deps = [
+        "//cmd/controller-manager/app:go_default_library",
+        "//cmd/controller-manager/app/options:go_default_library",
+        "//cmd/kube-controller-manager/app/config:go_default_library",
         "//cmd/kube-controller-manager/app/options:go_default_library",
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/apps/install:go_default_library",
@@ -57,8 +56,9 @@ go_library(
         "//pkg/controller/garbagecollector:go_default_library",
         "//pkg/controller/job:go_default_library",
         "//pkg/controller/namespace:go_default_library",
-        "//pkg/controller/node:go_default_library",
-        "//pkg/controller/node/ipam:go_default_library",
+        "//pkg/controller/nodeipam:go_default_library",
+        "//pkg/controller/nodeipam/ipam:go_default_library",
+        "//pkg/controller/nodelifecycle:go_default_library",
         "//pkg/controller/podautoscaler:go_default_library",
         "//pkg/controller/podautoscaler/metrics:go_default_library",
         "//pkg/controller/podgc:go_default_library",
@@ -74,13 +74,16 @@ go_library(
         "//pkg/controller/volume/expand:go_default_library",
         "//pkg/controller/volume/persistentvolume:go_default_library",
         "//pkg/controller/volume/pvcprotection:go_default_library",
+        "//pkg/controller/volume/pvprotection:go_default_library",
         "//pkg/features:go_default_library",
         "//pkg/quota/generic:go_default_library",
         "//pkg/quota/install:go_default_library",
         "//pkg/serviceaccount:go_default_library",
         "//pkg/util/configz:go_default_library",
+        "//pkg/util/flag:go_default_library",
         "//pkg/util/metrics:go_default_library",
         "//pkg/version:go_default_library",
+        "//pkg/version/verflag:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/aws_ebs:go_default_library",
         "//pkg/volume/azure_dd:go_default_library",
@@ -105,32 +108,38 @@ go_library(
         "//pkg/volume/util:go_default_library",
         "//pkg/volume/vsphere_volume:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
-        "//vendor/github.com/prometheus/client_golang/prometheus:go_default_library",
         "//vendor/github.com/spf13/cobra:go_default_library",
-        "//vendor/github.com/spf13/pflag:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/meta:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/uuid:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/server/healthz:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/client-go/discovery:go_default_library",
         "//vendor/k8s.io/client-go/discovery/cached:go_default_library",
         "//vendor/k8s.io/client-go/dynamic:go_default_library",
         "//vendor/k8s.io/client-go/informers:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
-        "//vendor/k8s.io/client-go/kubernetes/typed/core/v1:go_default_library",
         "//vendor/k8s.io/client-go/rest:go_default_library",
         "//vendor/k8s.io/client-go/scale:go_default_library",
-        "//vendor/k8s.io/client-go/tools/clientcmd:go_default_library",
         "//vendor/k8s.io/client-go/tools/leaderelection:go_default_library",
         "//vendor/k8s.io/client-go/tools/leaderelection/resourcelock:go_default_library",
-        "//vendor/k8s.io/client-go/tools/record:go_default_library",
         "//vendor/k8s.io/client-go/util/cert:go_default_library",
         "//vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1:go_default_library",
         "//vendor/k8s.io/metrics/pkg/client/custom_metrics:go_default_library",
+        "//vendor/k8s.io/metrics/pkg/client/external_metrics:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["controller_manager_test.go"],
+    embed = [":go_default_library"],
+    deps = [
+        "//vendor/github.com/stretchr/testify/assert:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
     ],
 )
 
@@ -145,18 +154,9 @@ filegroup(
     name = "all-srcs",
     srcs = [
         ":package-srcs",
+        "//cmd/kube-controller-manager/app/config:all-srcs",
         "//cmd/kube-controller-manager/app/options:all-srcs",
     ],
     tags = ["automanaged"],
-)
-
-go_test(
-    name = "go_default_test",
-    srcs = ["controller_manager_test.go"],
-    importpath = "k8s.io/kubernetes/cmd/kube-controller-manager/app",
-    library = ":go_default_library",
-    deps = [
-        "//vendor/github.com/stretchr/testify/assert:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
-    ],
+    visibility = ["//visibility:public"],
 )
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/apps.go b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/apps.go
index c3e475d940c1..57898b5fcec9 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/apps.go
+++ b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/apps.go
@@ -21,19 +21,40 @@ limitations under the License.
 package app
 
 import (
+	"fmt"
+
 	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/kubernetes/pkg/controller/daemon"
 	"k8s.io/kubernetes/pkg/controller/statefulset"
 )
 
+func startDaemonSetController(ctx ControllerContext) (bool, error) {
+	if !ctx.AvailableResources[schema.GroupVersionResource{Group: "apps", Version: "v1", Resource: "daemonsets"}] {
+		return false, nil
+	}
+	dsc, err := daemon.NewDaemonSetsController(
+		ctx.InformerFactory.Apps().V1().DaemonSets(),
+		ctx.InformerFactory.Apps().V1().ControllerRevisions(),
+		ctx.InformerFactory.Core().V1().Pods(),
+		ctx.InformerFactory.Core().V1().Nodes(),
+		ctx.ClientBuilder.ClientOrDie("daemon-set-controller"),
+	)
+	if err != nil {
+		return true, fmt.Errorf("error creating DaemonSets controller: %v", err)
+	}
+	go dsc.Run(int(ctx.ComponentConfig.ConcurrentDaemonSetSyncs), ctx.Stop)
+	return true, nil
+}
+
 func startStatefulSetController(ctx ControllerContext) (bool, error) {
 	if !ctx.AvailableResources[schema.GroupVersionResource{Group: "apps", Version: "v1beta1", Resource: "statefulsets"}] {
 		return false, nil
 	}
 	go statefulset.NewStatefulSetController(
 		ctx.InformerFactory.Core().V1().Pods(),
-		ctx.InformerFactory.Apps().V1beta1().StatefulSets(),
+		ctx.InformerFactory.Apps().V1().StatefulSets(),
 		ctx.InformerFactory.Core().V1().PersistentVolumeClaims(),
-		ctx.InformerFactory.Apps().V1beta1().ControllerRevisions(),
+		ctx.InformerFactory.Apps().V1().ControllerRevisions(),
 		ctx.ClientBuilder.ClientOrDie("statefulset-controller"),
 	).Run(1, ctx.Stop)
 	return true, nil
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/autoscaling.go b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/autoscaling.go
index 43c1cd1ab009..e83ef0545081 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/autoscaling.go
+++ b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/autoscaling.go
@@ -24,13 +24,14 @@ import (
 	apimeta "k8s.io/apimachinery/pkg/api/meta"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/client-go/discovery"
-	discocache "k8s.io/client-go/discovery/cached" // Saturday Night Fever
+	discocache "k8s.io/client-go/discovery/cached"
 	"k8s.io/client-go/dynamic"
 	"k8s.io/client-go/scale"
 	"k8s.io/kubernetes/pkg/controller/podautoscaler"
 	"k8s.io/kubernetes/pkg/controller/podautoscaler/metrics"
 	resourceclient "k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1"
 	"k8s.io/metrics/pkg/client/custom_metrics"
+	"k8s.io/metrics/pkg/client/external_metrics"
 )
 
 func startHPAController(ctx ControllerContext) (bool, error) {
@@ -38,7 +39,7 @@ func startHPAController(ctx ControllerContext) (bool, error) {
 		return false, nil
 	}
 
-	if ctx.Options.HorizontalPodAutoscalerUseRESTClients {
+	if ctx.ComponentConfig.HorizontalPodAutoscalerUseRESTClients {
 		// use the new-style clients if support for custom metrics is enabled
 		return startHPAControllerWithRESTClient(ctx)
 	}
@@ -51,6 +52,7 @@ func startHPAControllerWithRESTClient(ctx ControllerContext) (bool, error) {
 	metricsClient := metrics.NewRESTMetricsClient(
 		resourceclient.NewForConfigOrDie(clientConfig),
 		custom_metrics.NewForConfigOrDie(clientConfig),
+		external_metrics.NewForConfigOrDie(clientConfig),
 	)
 	return startHPAControllerWithMetricsClient(ctx, metricsClient)
 }
@@ -88,7 +90,7 @@ func startHPAControllerWithMetricsClient(ctx ControllerContext, metricsClient me
 	replicaCalc := podautoscaler.NewReplicaCalculator(
 		metricsClient,
 		hpaClient.CoreV1(),
-		ctx.Options.HorizontalPodAutoscalerTolerance,
+		ctx.ComponentConfig.HorizontalPodAutoscalerTolerance,
 	)
 	go podautoscaler.NewHorizontalController(
 		hpaClientGoClient.CoreV1(),
@@ -97,9 +99,9 @@ func startHPAControllerWithMetricsClient(ctx ControllerContext, metricsClient me
 		restMapper,
 		replicaCalc,
 		ctx.InformerFactory.Autoscaling().V1().HorizontalPodAutoscalers(),
-		ctx.Options.HorizontalPodAutoscalerSyncPeriod.Duration,
-		ctx.Options.HorizontalPodAutoscalerUpscaleForbiddenWindow.Duration,
-		ctx.Options.HorizontalPodAutoscalerDownscaleForbiddenWindow.Duration,
+		ctx.ComponentConfig.HorizontalPodAutoscalerSyncPeriod.Duration,
+		ctx.ComponentConfig.HorizontalPodAutoscalerUpscaleForbiddenWindow.Duration,
+		ctx.ComponentConfig.HorizontalPodAutoscalerDownscaleForbiddenWindow.Duration,
 	).Run(ctx.Stop)
 	return true, nil
 }
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/batch.go b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/batch.go
index b60d7c149e57..31340eadfdf2 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/batch.go
+++ b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/batch.go
@@ -36,7 +36,7 @@ func startJobController(ctx ControllerContext) (bool, error) {
 		ctx.InformerFactory.Core().V1().Pods(),
 		ctx.InformerFactory.Batch().V1().Jobs(),
 		ctx.ClientBuilder.ClientOrDie("job-controller"),
-	).Run(int(ctx.Options.ConcurrentJobSyncs), ctx.Stop)
+	).Run(int(ctx.ComponentConfig.ConcurrentJobSyncs), ctx.Stop)
 	return true, nil
 }
 
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/bootstrap.go b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/bootstrap.go
index 046070ecb277..aeb8405612f9 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/bootstrap.go
+++ b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/bootstrap.go
@@ -25,6 +25,8 @@ import (
 func startBootstrapSignerController(ctx ControllerContext) (bool, error) {
 	bsc, err := bootstrap.NewBootstrapSigner(
 		ctx.ClientBuilder.ClientGoClientOrDie("bootstrap-signer"),
+		ctx.InformerFactory.Core().V1().Secrets(),
+		ctx.InformerFactory.Core().V1().ConfigMaps(),
 		bootstrap.DefaultBootstrapSignerOptions(),
 	)
 	if err != nil {
@@ -37,6 +39,7 @@ func startBootstrapSignerController(ctx ControllerContext) (bool, error) {
 func startTokenCleanerController(ctx ControllerContext) (bool, error) {
 	tcc, err := bootstrap.NewTokenCleaner(
 		ctx.ClientBuilder.ClientGoClientOrDie("token-cleaner"),
+		ctx.InformerFactory.Core().V1().Secrets(),
 		bootstrap.DefaultTokenCleanerOptions(),
 	)
 	if err != nil {
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/certificates.go b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/certificates.go
index 7ef295821752..98e2f2ce49e2 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/certificates.go
+++ b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/certificates.go
@@ -27,7 +27,7 @@ import (
 	"github.com/golang/glog"
 
 	"k8s.io/apimachinery/pkg/runtime/schema"
-	"k8s.io/kubernetes/cmd/kube-controller-manager/app/options"
+	cmoptions "k8s.io/kubernetes/cmd/controller-manager/app/options"
 	"k8s.io/kubernetes/pkg/controller/certificates/approver"
 	"k8s.io/kubernetes/pkg/controller/certificates/cleaner"
 	"k8s.io/kubernetes/pkg/controller/certificates/signer"
@@ -37,7 +37,7 @@ func startCSRSigningController(ctx ControllerContext) (bool, error) {
 	if !ctx.AvailableResources[schema.GroupVersionResource{Group: "certificates.k8s.io", Version: "v1beta1", Resource: "certificatesigningrequests"}] {
 		return false, nil
 	}
-	if ctx.Options.ClusterSigningCertFile == "" || ctx.Options.ClusterSigningKeyFile == "" {
+	if ctx.ComponentConfig.ClusterSigningCertFile == "" || ctx.ComponentConfig.ClusterSigningKeyFile == "" {
 		return false, nil
 	}
 
@@ -52,15 +52,15 @@ func startCSRSigningController(ctx ControllerContext) (bool, error) {
 	// bail out of startController without logging.
 	var keyFileExists, keyUsesDefault, certFileExists, certUsesDefault bool
 
-	_, err := os.Stat(ctx.Options.ClusterSigningCertFile)
+	_, err := os.Stat(ctx.ComponentConfig.ClusterSigningCertFile)
 	certFileExists = !os.IsNotExist(err)
 
-	certUsesDefault = (ctx.Options.ClusterSigningCertFile == options.DefaultClusterSigningCertFile)
+	certUsesDefault = (ctx.ComponentConfig.ClusterSigningCertFile == cmoptions.DefaultClusterSigningCertFile)
 
-	_, err = os.Stat(ctx.Options.ClusterSigningKeyFile)
+	_, err = os.Stat(ctx.ComponentConfig.ClusterSigningKeyFile)
 	keyFileExists = !os.IsNotExist(err)
 
-	keyUsesDefault = (ctx.Options.ClusterSigningKeyFile == options.DefaultClusterSigningKeyFile)
+	keyUsesDefault = (ctx.ComponentConfig.ClusterSigningKeyFile == cmoptions.DefaultClusterSigningKeyFile)
 
 	switch {
 	case (keyFileExists && keyUsesDefault) || (certFileExists && certUsesDefault):
@@ -84,9 +84,9 @@ func startCSRSigningController(ctx ControllerContext) (bool, error) {
 	signer, err := signer.NewCSRSigningController(
 		c,
 		ctx.InformerFactory.Certificates().V1beta1().CertificateSigningRequests(),
-		ctx.Options.ClusterSigningCertFile,
-		ctx.Options.ClusterSigningKeyFile,
-		ctx.Options.ClusterSigningDuration.Duration,
+		ctx.ComponentConfig.ClusterSigningCertFile,
+		ctx.ComponentConfig.ClusterSigningKeyFile,
+		ctx.ComponentConfig.ClusterSigningDuration.Duration,
 	)
 	if err != nil {
 		return false, fmt.Errorf("failed to start certificate controller: %v", err)
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/cloudproviders.go b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/cloudproviders.go
new file mode 100644
index 000000000000..4c87a2585474
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/cloudproviders.go
@@ -0,0 +1,63 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package app
+
+import (
+	"fmt"
+
+	"github.com/golang/glog"
+
+	"k8s.io/client-go/informers"
+	"k8s.io/kubernetes/pkg/cloudprovider"
+)
+
+// createCloudProvider helps consolidate what is needed for cloud providers, we explicitly list the things
+// that the cloud providers need as parameters, so we can control
+func createCloudProvider(cloudProvider string, externalCloudVolumePlugin string, cloudConfigFile string,
+	allowUntaggedCloud bool, sharedInformers informers.SharedInformerFactory) (cloudprovider.Interface, ControllerLoopMode, error) {
+	var cloud cloudprovider.Interface
+	var loopMode ControllerLoopMode
+	var err error
+	if cloudprovider.IsExternal(cloudProvider) {
+		loopMode = ExternalLoops
+		if externalCloudVolumePlugin == "" {
+			// externalCloudVolumePlugin is temporary until we split all cloud providers out.
+			// So we just tell the caller that we need to run ExternalLoops without any cloud provider.
+			return nil, loopMode, nil
+		}
+		cloud, err = cloudprovider.InitCloudProvider(externalCloudVolumePlugin, cloudConfigFile)
+	} else {
+		loopMode = IncludeCloudLoops
+		cloud, err = cloudprovider.InitCloudProvider(cloudProvider, cloudConfigFile)
+	}
+	if err != nil {
+		return nil, loopMode, fmt.Errorf("cloud provider could not be initialized: %v", err)
+	}
+
+	if cloud != nil && cloud.HasClusterID() == false {
+		if allowUntaggedCloud == true {
+			glog.Warning("detected a cluster without a ClusterID.  A ClusterID will be required in the future.  Please tag your cluster to avoid any future issues")
+		} else {
+			return nil, loopMode, fmt.Errorf("no ClusterID Found.  A ClusterID is required for the cloud provider to function properly.  This check can be bypassed by setting the allow-untagged-cloud option")
+		}
+	}
+
+	if informerUserCloud, ok := cloud.(cloudprovider.InformerUser); ok {
+		informerUserCloud.SetInformers(sharedInformers)
+	}
+	return cloud, loopMode, err
+}
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/config/BUILD b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/config/BUILD
new file mode 100644
index 000000000000..a9c61b0abad2
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/config/BUILD
@@ -0,0 +1,23 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["config.go"],
+    importpath = "k8s.io/kubernetes/cmd/kube-controller-manager/app/config",
+    visibility = ["//visibility:public"],
+    deps = ["//cmd/controller-manager/app:go_default_library"],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/config/config.go b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/config/config.go
new file mode 100644
index 000000000000..4eb9c3ff8129
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/config/config.go
@@ -0,0 +1,55 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package config
+
+import (
+	"time"
+
+	genericcontrollermanager "k8s.io/kubernetes/cmd/controller-manager/app"
+)
+
+// ExtraConfig are part of Config, also can place your custom config here.
+type ExtraConfig struct {
+	NodeStatusUpdateFrequency time.Duration
+}
+
+// Config is the main context object for the controller manager.
+type Config struct {
+	Generic genericcontrollermanager.Config
+	Extra   ExtraConfig
+}
+
+type completedConfig struct {
+	Generic genericcontrollermanager.CompletedConfig
+	Extra   *ExtraConfig
+}
+
+// CompletedConfig same as Config, just to swap private object.
+type CompletedConfig struct {
+	// Embed a private pointer that cannot be instantiated outside of this package.
+	*completedConfig
+}
+
+// Complete fills in any fields not set that are required to have valid data. It's mutating the receiver.
+func (c *Config) Complete() *CompletedConfig {
+	cc := completedConfig{
+		c.Generic.Complete(),
+		&c.Extra,
+	}
+
+	return &CompletedConfig{&cc}
+}
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/controllermanager.go b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/controllermanager.go
index 4893ae68c1fc..7658f29e32e3 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/controllermanager.go
+++ b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/controllermanager.go
@@ -24,46 +24,34 @@ import (
 	"fmt"
 	"io/ioutil"
 	"math/rand"
-	"net"
-	"net/http"
-	"net/http/pprof"
 	"os"
-	goruntime "runtime"
-	"strconv"
 	"time"
 
+	"github.com/golang/glog"
+	"github.com/spf13/cobra"
+
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/apimachinery/pkg/util/uuid"
 	"k8s.io/apimachinery/pkg/util/wait"
-
-	"k8s.io/apiserver/pkg/server/healthz"
-
-	"k8s.io/api/core/v1"
-	"k8s.io/client-go/discovery"
-	v1core "k8s.io/client-go/kubernetes/typed/core/v1"
-	restclient "k8s.io/client-go/rest"
-	"k8s.io/client-go/tools/clientcmd"
-	"k8s.io/client-go/tools/record"
-	certutil "k8s.io/client-go/util/cert"
-
 	"k8s.io/client-go/informers"
-	clientset "k8s.io/client-go/kubernetes"
+	restclient "k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/leaderelection"
 	"k8s.io/client-go/tools/leaderelection/resourcelock"
+	certutil "k8s.io/client-go/util/cert"
+	genericcontrollerconfig "k8s.io/kubernetes/cmd/controller-manager/app"
+	"k8s.io/kubernetes/cmd/kube-controller-manager/app/config"
 	"k8s.io/kubernetes/cmd/kube-controller-manager/app/options"
-	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	"k8s.io/kubernetes/pkg/apis/componentconfig"
 	"k8s.io/kubernetes/pkg/cloudprovider"
 	"k8s.io/kubernetes/pkg/controller"
 	serviceaccountcontroller "k8s.io/kubernetes/pkg/controller/serviceaccount"
 	"k8s.io/kubernetes/pkg/serviceaccount"
 	"k8s.io/kubernetes/pkg/util/configz"
+	utilflag "k8s.io/kubernetes/pkg/util/flag"
 	"k8s.io/kubernetes/pkg/version"
-
-	"github.com/golang/glog"
-	"github.com/prometheus/client_golang/prometheus"
-	"github.com/spf13/cobra"
-	"github.com/spf13/pflag"
+	"k8s.io/kubernetes/pkg/version/verflag"
 )
 
 const (
@@ -71,10 +59,16 @@ const (
 	ControllerStartJitter = 1.0
 )
 
+type ControllerLoopMode int
+
+const (
+	IncludeCloudLoops ControllerLoopMode = iota
+	ExternalLoops
+)
+
 // NewControllerManagerCommand creates a *cobra.Command object with default parameters
 func NewControllerManagerCommand() *cobra.Command {
-	s := options.NewCMServer()
-	s.AddFlags(pflag.CommandLine, KnownControllers(), ControllersDisabledByDefault.List())
+	s := options.NewKubeControllerManagerOptions()
 	cmd := &cobra.Command{
 		Use: "kube-controller-manager",
 		Long: `The Kubernetes controller manager is a daemon that embeds
@@ -86,8 +80,22 @@ current state towards the desired state. Examples of controllers that ship with
 Kubernetes today are the replication controller, endpoints controller, namespace
 controller, and serviceaccounts controller.`,
 		Run: func(cmd *cobra.Command, args []string) {
+			verflag.PrintAndExitIfRequested()
+			utilflag.PrintFlags(cmd.Flags())
+
+			c, err := s.Config(KnownControllers(), ControllersDisabledByDefault.List())
+			if err != nil {
+				fmt.Fprintf(os.Stderr, "%v\n", err)
+				os.Exit(1)
+			}
+
+			if err := Run(c.Complete()); err != nil {
+				fmt.Fprintf(os.Stderr, "%v\n", err)
+				os.Exit(1)
+			}
 		},
 	}
+	s.AddFlags(cmd.Flags(), KnownControllers(), ControllersDisabledByDefault.List())
 
 	return cmd
 }
@@ -95,63 +103,64 @@ controller, and serviceaccounts controller.`,
 // ResyncPeriod returns a function which generates a duration each time it is
 // invoked; this is so that multiple controllers don't get into lock-step and all
 // hammer the apiserver with list requests simultaneously.
-func ResyncPeriod(s *options.CMServer) func() time.Duration {
+func ResyncPeriod(c *config.CompletedConfig) func() time.Duration {
 	return func() time.Duration {
 		factor := rand.Float64() + 1
-		return time.Duration(float64(s.MinResyncPeriod.Nanoseconds()) * factor)
+		return time.Duration(float64(c.Generic.ComponentConfig.MinResyncPeriod.Nanoseconds()) * factor)
 	}
 }
 
-// Run runs the CMServer.  This should never exit.
-func Run(s *options.CMServer) error {
+// Run runs the KubeControllerManagerOptions.  This should never exit.
+func Run(c *config.CompletedConfig) error {
 	// To help debugging, immediately log version
 	glog.Infof("Version: %+v", version.Get())
-	if err := s.Validate(KnownControllers(), ControllersDisabledByDefault.List()); err != nil {
-		return err
-	}
 
-	if c, err := configz.New("componentconfig"); err == nil {
-		c.Set(s.KubeControllerManagerConfiguration)
+	if cfgz, err := configz.New("componentconfig"); err == nil {
+		cfgz.Set(c.Generic.ComponentConfig)
 	} else {
-		glog.Errorf("unable to register configz: %s", err)
+		glog.Errorf("unable to register configz: %c", err)
 	}
 
-	kubeClient, leaderElectionClient, kubeconfig, err := createClients(s)
-	if err != nil {
-		return err
+	// Start the controller manager HTTP server
+	stopCh := make(chan struct{})
+	if c.Generic.SecureServing != nil {
+		if err := genericcontrollerconfig.Serve(&c.Generic, c.Generic.SecureServing.Serve, stopCh); err != nil {
+			return err
+		}
+	}
+	if c.Generic.InsecureServing != nil {
+		if err := genericcontrollerconfig.Serve(&c.Generic, c.Generic.InsecureServing.Serve, stopCh); err != nil {
+			return err
+		}
 	}
-
-	go startHTTP(s)
-
-	recorder := createRecorder(kubeClient)
 
 	run := func(stop <-chan struct{}) {
 		rootClientBuilder := controller.SimpleControllerClientBuilder{
-			ClientConfig: kubeconfig,
+			ClientConfig: c.Generic.Kubeconfig,
 		}
 		var clientBuilder controller.ControllerClientBuilder
-		if s.UseServiceAccountCredentials {
-			if len(s.ServiceAccountKeyFile) == 0 {
-				// It's possible another controller process is creating the tokens for us.
+		if c.Generic.ComponentConfig.UseServiceAccountCredentials {
+			if len(c.Generic.ComponentConfig.ServiceAccountKeyFile) == 0 {
+				// It'c possible another controller process is creating the tokens for us.
 				// If one isn't, we'll timeout and exit when our client builder is unable to create the tokens.
 				glog.Warningf("--use-service-account-credentials was specified without providing a --service-account-private-key-file")
 			}
 			clientBuilder = controller.SAControllerClientBuilder{
-				ClientConfig:         restclient.AnonymousClientConfig(kubeconfig),
-				CoreClient:           kubeClient.CoreV1(),
-				AuthenticationClient: kubeClient.Authentication(),
+				ClientConfig:         restclient.AnonymousClientConfig(c.Generic.Kubeconfig),
+				CoreClient:           c.Generic.Client.CoreV1(),
+				AuthenticationClient: c.Generic.Client.AuthenticationV1(),
 				Namespace:            "kube-system",
 			}
 		} else {
 			clientBuilder = rootClientBuilder
 		}
-		ctx, err := CreateControllerContext(s, rootClientBuilder, clientBuilder, stop)
+		ctx, err := CreateControllerContext(c, rootClientBuilder, clientBuilder, stop)
 		if err != nil {
 			glog.Fatalf("error building controller context: %v", err)
 		}
 		saTokenControllerInitFunc := serviceAccountTokenControllerStarter{rootClientBuilder: rootClientBuilder}.startServiceAccountTokenController
 
-		if err := StartControllers(ctx, saTokenControllerInitFunc, NewControllerInitializers()); err != nil {
+		if err := StartControllers(ctx, saTokenControllerInitFunc, NewControllerInitializers(ctx.LoopMode)); err != nil {
 			glog.Fatalf("error starting controllers: %v", err)
 		}
 
@@ -161,7 +170,7 @@ func Run(s *options.CMServer) error {
 		select {}
 	}
 
-	if !s.LeaderElection.LeaderElect {
+	if !c.Generic.ComponentConfig.LeaderElection.LeaderElect {
 		run(wait.NeverStop)
 		panic("unreachable")
 	}
@@ -171,13 +180,15 @@ func Run(s *options.CMServer) error {
 		return err
 	}
 
-	rl, err := resourcelock.New(s.LeaderElection.ResourceLock,
+	// add a uniquifier so that two processes on the same host don't accidentally both become active
+	id = id + "_" + string(uuid.NewUUID())
+	rl, err := resourcelock.New(c.Generic.ComponentConfig.LeaderElection.ResourceLock,
 		"kube-system",
 		"kube-controller-manager",
-		leaderElectionClient.CoreV1(),
+		c.Generic.LeaderElectionClient.CoreV1(),
 		resourcelock.ResourceLockConfig{
 			Identity:      id,
-			EventRecorder: recorder,
+			EventRecorder: c.Generic.EventRecorder,
 		})
 	if err != nil {
 		glog.Fatalf("error creating lock: %v", err)
@@ -185,9 +196,9 @@ func Run(s *options.CMServer) error {
 
 	leaderelection.RunOrDie(leaderelection.LeaderElectionConfig{
 		Lock:          rl,
-		LeaseDuration: s.LeaderElection.LeaseDuration.Duration,
-		RenewDeadline: s.LeaderElection.RenewDeadline.Duration,
-		RetryPeriod:   s.LeaderElection.RetryPeriod.Duration,
+		LeaseDuration: c.Generic.ComponentConfig.LeaderElection.LeaseDuration.Duration,
+		RenewDeadline: c.Generic.ComponentConfig.LeaderElection.RenewDeadline.Duration,
+		RetryPeriod:   c.Generic.ComponentConfig.LeaderElection.RetryPeriod.Duration,
 		Callbacks: leaderelection.LeaderCallbacks{
 			OnStartedLeading: run,
 			OnStoppedLeading: func() {
@@ -198,53 +209,6 @@ func Run(s *options.CMServer) error {
 	panic("unreachable")
 }
 
-func startHTTP(s *options.CMServer) {
-	mux := http.NewServeMux()
-	healthz.InstallHandler(mux)
-	if s.EnableProfiling {
-		mux.HandleFunc("/debug/pprof/", pprof.Index)
-		mux.HandleFunc("/debug/pprof/profile", pprof.Profile)
-		mux.HandleFunc("/debug/pprof/symbol", pprof.Symbol)
-		mux.HandleFunc("/debug/pprof/trace", pprof.Trace)
-		if s.EnableContentionProfiling {
-			goruntime.SetBlockProfileRate(1)
-		}
-	}
-	configz.InstallHandler(mux)
-	mux.Handle("/metrics", prometheus.Handler())
-
-	server := &http.Server{
-		Addr:    net.JoinHostPort(s.Address, strconv.Itoa(int(s.Port))),
-		Handler: mux,
-	}
-	glog.Fatal(server.ListenAndServe())
-}
-
-func createRecorder(kubeClient *clientset.Clientset) record.EventRecorder {
-	eventBroadcaster := record.NewBroadcaster()
-	eventBroadcaster.StartLogging(glog.Infof)
-	eventBroadcaster.StartRecordingToSink(&v1core.EventSinkImpl{Interface: v1core.New(kubeClient.CoreV1().RESTClient()).Events("")})
-	return eventBroadcaster.NewRecorder(legacyscheme.Scheme, v1.EventSource{Component: "controller-manager"})
-}
-
-func createClients(s *options.CMServer) (*clientset.Clientset, *clientset.Clientset, *restclient.Config, error) {
-	kubeconfig, err := clientcmd.BuildConfigFromFlags(s.Master, s.Kubeconfig)
-	if err != nil {
-		return nil, nil, nil, err
-	}
-
-	kubeconfig.ContentConfig.ContentType = s.ContentType
-	// Override kubeconfig qps/burst settings from flags
-	kubeconfig.QPS = s.KubeAPIQPS
-	kubeconfig.Burst = int(s.KubeAPIBurst)
-	kubeClient, err := clientset.NewForConfig(restclient.AddUserAgent(kubeconfig, "controller-manager"))
-	if err != nil {
-		glog.Fatalf("Invalid API configuration: %v", err)
-	}
-	leaderElectionClient := clientset.NewForConfigOrDie(restclient.AddUserAgent(kubeconfig, "leader-election"))
-	return kubeClient, leaderElectionClient, kubeconfig, nil
-}
-
 type ControllerContext struct {
 	// ClientBuilder will provide a client for this controller to use
 	ClientBuilder controller.ControllerClientBuilder
@@ -253,7 +217,7 @@ type ControllerContext struct {
 	InformerFactory informers.SharedInformerFactory
 
 	// Options provides access to init options for a given controller
-	Options options.CMServer
+	ComponentConfig componentconfig.KubeControllerManagerConfiguration
 
 	// AvailableResources is a map listing currently available resources
 	AvailableResources map[schema.GroupVersionResource]bool
@@ -262,16 +226,26 @@ type ControllerContext struct {
 	// It must be initialized and ready to use.
 	Cloud cloudprovider.Interface
 
+	// Control for which control loops to be run
+	// IncludeCloudLoops is for a kube-controller-manager running all loops
+	// ExternalLoops is for a kube-controller-manager running with a cloud-controller-manager
+	LoopMode ControllerLoopMode
+
 	// Stop is the stop channel
 	Stop <-chan struct{}
 
 	// InformersStarted is closed after all of the controllers have been initialized and are running.  After this point it is safe,
 	// for an individual controller to start the shared informers. Before it is closed, they should not.
 	InformersStarted chan struct{}
+
+	// ResyncPeriod generates a duration each time it is invoked; this is so that
+	// multiple controllers don't get into lock-step and all hammer the apiserver
+	// with list requests simultaneously.
+	ResyncPeriod func() time.Duration
 }
 
 func (c ControllerContext) IsControllerEnabled(name string) bool {
-	return IsControllerEnabled(name, ControllersDisabledByDefault, c.Options.Controllers...)
+	return IsControllerEnabled(name, ControllersDisabledByDefault, c.ComponentConfig.Controllers...)
 }
 
 func IsControllerEnabled(name string, disabledByDefaultControllers sets.String, controllers ...string) bool {
@@ -305,7 +279,7 @@ func IsControllerEnabled(name string, disabledByDefaultControllers sets.String,
 type InitFunc func(ctx ControllerContext) (bool, error)
 
 func KnownControllers() []string {
-	ret := sets.StringKeySet(NewControllerInitializers())
+	ret := sets.StringKeySet(NewControllerInitializers(IncludeCloudLoops))
 
 	// add "special" controllers that aren't initialized normally.  These controllers cannot be initialized
 	// using a normal function.  The only known special case is the SA token controller which *must* be started
@@ -329,7 +303,7 @@ const (
 
 // NewControllerInitializers is a public map of named controller groups (you can start more than one in an init func)
 // paired to their InitFunc.  This allows for structured downstream composition and subdivision.
-func NewControllerInitializers() map[string]InitFunc {
+func NewControllerInitializers(loopMode ControllerLoopMode) map[string]InitFunc {
 	controllers := map[string]InitFunc{}
 	controllers["endpoint"] = startEndpointController
 	controllers["replicationcontroller"] = startReplicationController
@@ -352,14 +326,20 @@ func NewControllerInitializers() map[string]InitFunc {
 	controllers["ttl"] = startTTLController
 	controllers["bootstrapsigner"] = startBootstrapSignerController
 	controllers["tokencleaner"] = startTokenCleanerController
-	controllers["service"] = startServiceController
-	controllers["node"] = startNodeController
-	controllers["route"] = startRouteController
+	if loopMode == IncludeCloudLoops {
+		controllers["service"] = startServiceController
+		controllers["nodeipam"] = startNodeIpamController
+		controllers["route"] = startRouteController
+		// TODO: volume controller into the IncludeCloudLoops only set.
+		// TODO: Separate cluster in cloud check from node lifecycle controller.
+	}
+	controllers["nodelifecycle"] = startNodeLifecycleController
 	controllers["persistentvolume-binder"] = startPersistentVolumeBinderController
 	controllers["attachdetach"] = startAttachDetachController
 	controllers["persistentvolume-expander"] = startVolumeExpandController
 	controllers["clusterrole-aggregation"] = startClusterRoleAggregrationController
 	controllers["pvc-protection"] = startPVCProtectionController
+	controllers["pv-protection"] = startPVProtectionController
 
 	return controllers
 }
@@ -368,34 +348,8 @@ func NewControllerInitializers() map[string]InitFunc {
 //  users don't have to restart their controller manager if they change the apiserver.
 // Until we get there, the structure here needs to be exposed for the construction of a proper ControllerContext.
 func GetAvailableResources(clientBuilder controller.ControllerClientBuilder) (map[schema.GroupVersionResource]bool, error) {
-	var discoveryClient discovery.DiscoveryInterface
-
-	var healthzContent string
-	// If apiserver is not running we should wait for some time and fail only then. This is particularly
-	// important when we start apiserver and controller manager at the same time.
-	err := wait.PollImmediate(time.Second, 10*time.Second, func() (bool, error) {
-		client, err := clientBuilder.Client("controller-discovery")
-		if err != nil {
-			glog.Errorf("Failed to get api versions from server: %v", err)
-			return false, nil
-		}
-
-		healthStatus := 0
-		resp := client.Discovery().RESTClient().Get().AbsPath("/healthz").Do().StatusCode(&healthStatus)
-		if healthStatus != http.StatusOK {
-			glog.Errorf("Server isn't healthy yet.  Waiting a little while.")
-			return false, nil
-		}
-		content, _ := resp.Raw()
-		healthzContent = string(content)
-
-		discoveryClient = client.Discovery()
-		return true, nil
-	})
-	if err != nil {
-		return nil, fmt.Errorf("failed to get api versions from server: %v: %v", healthzContent, err)
-	}
-
+	client := clientBuilder.ClientOrDie("controller-discovery")
+	discoveryClient := client.Discovery()
 	resourceMap, err := discoveryClient.ServerResources()
 	if err != nil {
 		utilruntime.HandleError(fmt.Errorf("unable to get all supported resources from server: %v", err))
@@ -421,40 +375,37 @@ func GetAvailableResources(clientBuilder controller.ControllerClientBuilder) (ma
 // CreateControllerContext creates a context struct containing references to resources needed by the
 // controllers such as the cloud provider and clientBuilder. rootClientBuilder is only used for
 // the shared-informers client and token controller.
-func CreateControllerContext(s *options.CMServer, rootClientBuilder, clientBuilder controller.ControllerClientBuilder, stop <-chan struct{}) (ControllerContext, error) {
+func CreateControllerContext(s *config.CompletedConfig, rootClientBuilder, clientBuilder controller.ControllerClientBuilder, stop <-chan struct{}) (ControllerContext, error) {
 	versionedClient := rootClientBuilder.ClientOrDie("shared-informers")
 	sharedInformers := informers.NewSharedInformerFactory(versionedClient, ResyncPeriod(s)())
 
+	// If apiserver is not running we should wait for some time and fail only then. This is particularly
+	// important when we start apiserver and controller manager at the same time.
+	if err := genericcontrollerconfig.WaitForAPIServer(versionedClient, 10*time.Second); err != nil {
+		return ControllerContext{}, fmt.Errorf("failed to wait for apiserver being healthy: %v", err)
+	}
+
 	availableResources, err := GetAvailableResources(rootClientBuilder)
 	if err != nil {
 		return ControllerContext{}, err
 	}
 
-	cloud, err := cloudprovider.InitCloudProvider(s.CloudProvider, s.CloudConfigFile)
+	cloud, loopMode, err := createCloudProvider(s.Generic.ComponentConfig.CloudProvider, s.Generic.ComponentConfig.ExternalCloudVolumePlugin,
+		s.Generic.ComponentConfig.CloudConfigFile, s.Generic.ComponentConfig.AllowUntaggedCloud, sharedInformers)
 	if err != nil {
-		return ControllerContext{}, fmt.Errorf("cloud provider could not be initialized: %v", err)
-	}
-
-	if cloud != nil && cloud.HasClusterID() == false {
-		if s.AllowUntaggedCloud == true {
-			glog.Warning("detected a cluster without a ClusterID.  A ClusterID will be required in the future.  Please tag your cluster to avoid any future issues")
-		} else {
-			return ControllerContext{}, fmt.Errorf("no ClusterID Found.  A ClusterID is required for the cloud provider to function properly.  This check can be bypassed by setting the allow-untagged-cloud option")
-		}
-	}
-
-	if informerUserCloud, ok := cloud.(cloudprovider.InformerUser); ok {
-		informerUserCloud.SetInformers(sharedInformers)
+		return ControllerContext{}, err
 	}
 
 	ctx := ControllerContext{
 		ClientBuilder:      clientBuilder,
 		InformerFactory:    sharedInformers,
-		Options:            *s,
+		ComponentConfig:    s.Generic.ComponentConfig,
 		AvailableResources: availableResources,
 		Cloud:              cloud,
+		LoopMode:           loopMode,
 		Stop:               stop,
 		InformersStarted:   make(chan struct{}),
+		ResyncPeriod:       ResyncPeriod(s),
 	}
 	return ctx, nil
 }
@@ -478,7 +429,7 @@ func StartControllers(ctx ControllerContext, startSATokenController InitFunc, co
 			continue
 		}
 
-		time.Sleep(wait.Jitter(ctx.Options.ControllerStartInterval.Duration, ControllerStartJitter))
+		time.Sleep(wait.Jitter(ctx.ComponentConfig.ControllerStartInterval.Duration, ControllerStartJitter))
 
 		glog.V(1).Infof("Starting %q", controllerName)
 		started, err := initFn(ctx)
@@ -509,23 +460,23 @@ func (c serviceAccountTokenControllerStarter) startServiceAccountTokenController
 		return false, nil
 	}
 
-	if len(ctx.Options.ServiceAccountKeyFile) == 0 {
+	if len(ctx.ComponentConfig.ServiceAccountKeyFile) == 0 {
 		glog.Warningf("%q is disabled because there is no private key", saTokenControllerName)
 		return false, nil
 	}
-	privateKey, err := certutil.PrivateKeyFromFile(ctx.Options.ServiceAccountKeyFile)
+	privateKey, err := certutil.PrivateKeyFromFile(ctx.ComponentConfig.ServiceAccountKeyFile)
 	if err != nil {
 		return true, fmt.Errorf("error reading key for service account token controller: %v", err)
 	}
 
 	var rootCA []byte
-	if ctx.Options.RootCAFile != "" {
-		rootCA, err = ioutil.ReadFile(ctx.Options.RootCAFile)
+	if ctx.ComponentConfig.RootCAFile != "" {
+		rootCA, err = ioutil.ReadFile(ctx.ComponentConfig.RootCAFile)
 		if err != nil {
-			return true, fmt.Errorf("error reading root-ca-file at %s: %v", ctx.Options.RootCAFile, err)
+			return true, fmt.Errorf("error reading root-ca-file at %s: %v", ctx.ComponentConfig.RootCAFile, err)
 		}
 		if _, err := certutil.ParseCertsPEM(rootCA); err != nil {
-			return true, fmt.Errorf("error parsing root-ca-file at %s: %v", ctx.Options.RootCAFile, err)
+			return true, fmt.Errorf("error parsing root-ca-file at %s: %v", ctx.ComponentConfig.RootCAFile, err)
 		}
 	} else {
 		rootCA = c.rootClientBuilder.ConfigOrDie("tokens-controller").CAData
@@ -536,14 +487,14 @@ func (c serviceAccountTokenControllerStarter) startServiceAccountTokenController
 		ctx.InformerFactory.Core().V1().Secrets(),
 		c.rootClientBuilder.ClientOrDie("tokens-controller"),
 		serviceaccountcontroller.TokensControllerOptions{
-			TokenGenerator: serviceaccount.JWTTokenGenerator(privateKey),
+			TokenGenerator: serviceaccount.JWTTokenGenerator(serviceaccount.LegacyIssuer, privateKey),
 			RootCA:         rootCA,
 		},
 	)
 	if err != nil {
 		return true, fmt.Errorf("error creating Tokens controller: %v", err)
 	}
-	go controller.Run(int(ctx.Options.ConcurrentSATokenSyncs), ctx.Stop)
+	go controller.Run(int(ctx.ComponentConfig.ConcurrentSATokenSyncs), ctx.Stop)
 
 	// start the first set of informers now so that other controllers can start
 	ctx.InformerFactory.Start(ctx.Stop)
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/core.go b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/core.go
index 819d18e0f013..71b03ef86ecb 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/core.go
+++ b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/core.go
@@ -41,8 +41,9 @@ import (
 	endpointcontroller "k8s.io/kubernetes/pkg/controller/endpoint"
 	"k8s.io/kubernetes/pkg/controller/garbagecollector"
 	namespacecontroller "k8s.io/kubernetes/pkg/controller/namespace"
-	nodecontroller "k8s.io/kubernetes/pkg/controller/node"
-	"k8s.io/kubernetes/pkg/controller/node/ipam"
+	nodeipamcontroller "k8s.io/kubernetes/pkg/controller/nodeipam"
+	"k8s.io/kubernetes/pkg/controller/nodeipam/ipam"
+	lifecyclecontroller "k8s.io/kubernetes/pkg/controller/nodelifecycle"
 	"k8s.io/kubernetes/pkg/controller/podgc"
 	replicationcontroller "k8s.io/kubernetes/pkg/controller/replication"
 	resourcequotacontroller "k8s.io/kubernetes/pkg/controller/resourcequota"
@@ -54,6 +55,7 @@ import (
 	"k8s.io/kubernetes/pkg/controller/volume/expand"
 	persistentvolumecontroller "k8s.io/kubernetes/pkg/controller/volume/persistentvolume"
 	"k8s.io/kubernetes/pkg/controller/volume/pvcprotection"
+	"k8s.io/kubernetes/pkg/controller/volume/pvprotection"
 	"k8s.io/kubernetes/pkg/features"
 	"k8s.io/kubernetes/pkg/quota/generic"
 	quotainstall "k8s.io/kubernetes/pkg/quota/install"
@@ -66,70 +68,83 @@ func startServiceController(ctx ControllerContext) (bool, error) {
 		ctx.ClientBuilder.ClientOrDie("service-controller"),
 		ctx.InformerFactory.Core().V1().Services(),
 		ctx.InformerFactory.Core().V1().Nodes(),
-		ctx.Options.ClusterName,
+		ctx.ComponentConfig.ClusterName,
 	)
 	if err != nil {
 		// This error shouldn't fail. It lives like this as a legacy.
 		glog.Errorf("Failed to start service controller: %v", err)
 		return false, nil
 	}
-	go serviceController.Run(ctx.Stop, int(ctx.Options.ConcurrentServiceSyncs))
+	go serviceController.Run(ctx.Stop, int(ctx.ComponentConfig.ConcurrentServiceSyncs))
 	return true, nil
 }
 
-func startNodeController(ctx ControllerContext) (bool, error) {
+func startNodeIpamController(ctx ControllerContext) (bool, error) {
 	var clusterCIDR *net.IPNet = nil
 	var serviceCIDR *net.IPNet = nil
-	if ctx.Options.AllocateNodeCIDRs {
+	if ctx.ComponentConfig.AllocateNodeCIDRs {
 		var err error
-		if len(strings.TrimSpace(ctx.Options.ClusterCIDR)) != 0 {
-			_, clusterCIDR, err = net.ParseCIDR(ctx.Options.ClusterCIDR)
+		if len(strings.TrimSpace(ctx.ComponentConfig.ClusterCIDR)) != 0 {
+			_, clusterCIDR, err = net.ParseCIDR(ctx.ComponentConfig.ClusterCIDR)
 			if err != nil {
-				glog.Warningf("Unsuccessful parsing of cluster CIDR %v: %v", ctx.Options.ClusterCIDR, err)
+				glog.Warningf("Unsuccessful parsing of cluster CIDR %v: %v", ctx.ComponentConfig.ClusterCIDR, err)
 			}
 		}
 
-		if len(strings.TrimSpace(ctx.Options.ServiceCIDR)) != 0 {
-			_, serviceCIDR, err = net.ParseCIDR(ctx.Options.ServiceCIDR)
+		if len(strings.TrimSpace(ctx.ComponentConfig.ServiceCIDR)) != 0 {
+			_, serviceCIDR, err = net.ParseCIDR(ctx.ComponentConfig.ServiceCIDR)
 			if err != nil {
-				glog.Warningf("Unsuccessful parsing of service CIDR %v: %v", ctx.Options.ServiceCIDR, err)
+				glog.Warningf("Unsuccessful parsing of service CIDR %v: %v", ctx.ComponentConfig.ServiceCIDR, err)
 			}
 		}
 	}
 
-	nodeController, err := nodecontroller.NewNodeController(
-		ctx.InformerFactory.Core().V1().Pods(),
+	nodeIpamController, err := nodeipamcontroller.NewNodeIpamController(
 		ctx.InformerFactory.Core().V1().Nodes(),
-		ctx.InformerFactory.Extensions().V1beta1().DaemonSets(),
 		ctx.Cloud,
 		ctx.ClientBuilder.ClientOrDie("node-controller"),
-		ctx.Options.PodEvictionTimeout.Duration,
-		ctx.Options.NodeEvictionRate,
-		ctx.Options.SecondaryNodeEvictionRate,
-		ctx.Options.LargeClusterSizeThreshold,
-		ctx.Options.UnhealthyZoneThreshold,
-		ctx.Options.NodeMonitorGracePeriod.Duration,
-		ctx.Options.NodeStartupGracePeriod.Duration,
-		ctx.Options.NodeMonitorPeriod.Duration,
 		clusterCIDR,
 		serviceCIDR,
-		int(ctx.Options.NodeCIDRMaskSize),
-		ctx.Options.AllocateNodeCIDRs,
-		ipam.CIDRAllocatorType(ctx.Options.CIDRAllocatorType),
-		ctx.Options.EnableTaintManager,
+		int(ctx.ComponentConfig.NodeCIDRMaskSize),
+		ctx.ComponentConfig.AllocateNodeCIDRs,
+		ipam.CIDRAllocatorType(ctx.ComponentConfig.CIDRAllocatorType),
+	)
+	if err != nil {
+		return true, err
+	}
+	go nodeIpamController.Run(ctx.Stop)
+	return true, nil
+}
+
+func startNodeLifecycleController(ctx ControllerContext) (bool, error) {
+	lifecycleController, err := lifecyclecontroller.NewNodeLifecycleController(
+		ctx.InformerFactory.Core().V1().Pods(),
+		ctx.InformerFactory.Core().V1().Nodes(),
+		ctx.InformerFactory.Extensions().V1beta1().DaemonSets(),
+		ctx.Cloud,
+		ctx.ClientBuilder.ClientOrDie("node-controller"),
+		ctx.ComponentConfig.NodeMonitorPeriod.Duration,
+		ctx.ComponentConfig.NodeStartupGracePeriod.Duration,
+		ctx.ComponentConfig.NodeMonitorGracePeriod.Duration,
+		ctx.ComponentConfig.PodEvictionTimeout.Duration,
+		ctx.ComponentConfig.NodeEvictionRate,
+		ctx.ComponentConfig.SecondaryNodeEvictionRate,
+		ctx.ComponentConfig.LargeClusterSizeThreshold,
+		ctx.ComponentConfig.UnhealthyZoneThreshold,
+		ctx.ComponentConfig.EnableTaintManager,
 		utilfeature.DefaultFeatureGate.Enabled(features.TaintBasedEvictions),
 		utilfeature.DefaultFeatureGate.Enabled(features.TaintNodesByCondition),
 	)
 	if err != nil {
 		return true, err
 	}
-	go nodeController.Run(ctx.Stop)
+	go lifecycleController.Run(ctx.Stop)
 	return true, nil
 }
 
 func startRouteController(ctx ControllerContext) (bool, error) {
-	if !ctx.Options.AllocateNodeCIDRs || !ctx.Options.ConfigureCloudRoutes {
-		glog.Infof("Will not configure cloud provider routes for allocate-node-cidrs: %v, configure-cloud-routes: %v.", ctx.Options.AllocateNodeCIDRs, ctx.Options.ConfigureCloudRoutes)
+	if !ctx.ComponentConfig.AllocateNodeCIDRs || !ctx.ComponentConfig.ConfigureCloudRoutes {
+		glog.Infof("Will not configure cloud provider routes for allocate-node-cidrs: %v, configure-cloud-routes: %v.", ctx.ComponentConfig.AllocateNodeCIDRs, ctx.ComponentConfig.ConfigureCloudRoutes)
 		return false, nil
 	}
 	if ctx.Cloud == nil {
@@ -141,26 +156,27 @@ func startRouteController(ctx ControllerContext) (bool, error) {
 		glog.Warning("configure-cloud-routes is set, but cloud provider does not support routes. Will not configure cloud provider routes.")
 		return false, nil
 	}
-	_, clusterCIDR, err := net.ParseCIDR(ctx.Options.ClusterCIDR)
+	_, clusterCIDR, err := net.ParseCIDR(ctx.ComponentConfig.ClusterCIDR)
 	if err != nil {
-		glog.Warningf("Unsuccessful parsing of cluster CIDR %v: %v", ctx.Options.ClusterCIDR, err)
+		glog.Warningf("Unsuccessful parsing of cluster CIDR %v: %v", ctx.ComponentConfig.ClusterCIDR, err)
 	}
-	routeController := routecontroller.New(routes, ctx.ClientBuilder.ClientOrDie("route-controller"), ctx.InformerFactory.Core().V1().Nodes(), ctx.Options.ClusterName, clusterCIDR)
-	go routeController.Run(ctx.Stop, ctx.Options.RouteReconciliationPeriod.Duration)
+	routeController := routecontroller.New(routes, ctx.ClientBuilder.ClientOrDie("route-controller"), ctx.InformerFactory.Core().V1().Nodes(), ctx.ComponentConfig.ClusterName, clusterCIDR)
+	go routeController.Run(ctx.Stop, ctx.ComponentConfig.RouteReconciliationPeriod.Duration)
 	return true, nil
 }
 
 func startPersistentVolumeBinderController(ctx ControllerContext) (bool, error) {
 	params := persistentvolumecontroller.ControllerParameters{
 		KubeClient:                ctx.ClientBuilder.ClientOrDie("persistent-volume-binder"),
-		SyncPeriod:                ctx.Options.PVClaimBinderSyncPeriod.Duration,
-		VolumePlugins:             ProbeControllerVolumePlugins(ctx.Cloud, ctx.Options.VolumeConfiguration),
+		SyncPeriod:                ctx.ComponentConfig.PVClaimBinderSyncPeriod.Duration,
+		VolumePlugins:             ProbeControllerVolumePlugins(ctx.Cloud, ctx.ComponentConfig.VolumeConfiguration),
 		Cloud:                     ctx.Cloud,
-		ClusterName:               ctx.Options.ClusterName,
+		ClusterName:               ctx.ComponentConfig.ClusterName,
 		VolumeInformer:            ctx.InformerFactory.Core().V1().PersistentVolumes(),
 		ClaimInformer:             ctx.InformerFactory.Core().V1().PersistentVolumeClaims(),
 		ClassInformer:             ctx.InformerFactory.Storage().V1().StorageClasses(),
-		EnableDynamicProvisioning: ctx.Options.VolumeConfiguration.EnableDynamicProvisioning,
+		PodInformer:               ctx.InformerFactory.Core().V1().Pods(),
+		EnableDynamicProvisioning: ctx.ComponentConfig.VolumeConfiguration.EnableDynamicProvisioning,
 	}
 	volumeController, volumeControllerErr := persistentvolumecontroller.NewController(params)
 	if volumeControllerErr != nil {
@@ -171,7 +187,7 @@ func startPersistentVolumeBinderController(ctx ControllerContext) (bool, error)
 }
 
 func startAttachDetachController(ctx ControllerContext) (bool, error) {
-	if ctx.Options.ReconcilerSyncLoopPeriod.Duration < time.Second {
+	if ctx.ComponentConfig.ReconcilerSyncLoopPeriod.Duration < time.Second {
 		return true, fmt.Errorf("Duration time must be greater than one second as set via command line option reconcile-sync-loop-period.")
 	}
 	attachDetachController, attachDetachControllerErr :=
@@ -183,9 +199,9 @@ func startAttachDetachController(ctx ControllerContext) (bool, error) {
 			ctx.InformerFactory.Core().V1().PersistentVolumes(),
 			ctx.Cloud,
 			ProbeAttachableVolumePlugins(),
-			GetDynamicPluginProber(ctx.Options.VolumeConfiguration),
-			ctx.Options.DisableAttachDetachReconcilerSync,
-			ctx.Options.ReconcilerSyncLoopPeriod.Duration,
+			GetDynamicPluginProber(ctx.ComponentConfig.VolumeConfiguration),
+			ctx.ComponentConfig.DisableAttachDetachReconcilerSync,
+			ctx.ComponentConfig.ReconcilerSyncLoopPeriod.Duration,
 			attachdetach.DefaultTimerConfig,
 		)
 	if attachDetachControllerErr != nil {
@@ -202,7 +218,7 @@ func startVolumeExpandController(ctx ControllerContext) (bool, error) {
 			ctx.InformerFactory.Core().V1().PersistentVolumeClaims(),
 			ctx.InformerFactory.Core().V1().PersistentVolumes(),
 			ctx.Cloud,
-			ProbeExpandableVolumePlugins(ctx.Options.VolumeConfiguration))
+			ProbeExpandableVolumePlugins(ctx.ComponentConfig.VolumeConfiguration))
 
 		if expandControllerErr != nil {
 			return true, fmt.Errorf("Failed to start volume expand controller : %v", expandControllerErr)
@@ -219,7 +235,7 @@ func startEndpointController(ctx ControllerContext) (bool, error) {
 		ctx.InformerFactory.Core().V1().Services(),
 		ctx.InformerFactory.Core().V1().Endpoints(),
 		ctx.ClientBuilder.ClientOrDie("endpoint-controller"),
-	).Run(int(ctx.Options.ConcurrentEndpointSyncs), ctx.Stop)
+	).Run(int(ctx.ComponentConfig.ConcurrentEndpointSyncs), ctx.Stop)
 	return true, nil
 }
 
@@ -229,7 +245,7 @@ func startReplicationController(ctx ControllerContext) (bool, error) {
 		ctx.InformerFactory.Core().V1().ReplicationControllers(),
 		ctx.ClientBuilder.ClientOrDie("replication-controller"),
 		replicationcontroller.BurstReplicas,
-	).Run(int(ctx.Options.ConcurrentRCSyncs), ctx.Stop)
+	).Run(int(ctx.ComponentConfig.ConcurrentRCSyncs), ctx.Stop)
 	return true, nil
 }
 
@@ -237,7 +253,7 @@ func startPodGCController(ctx ControllerContext) (bool, error) {
 	go podgc.NewPodGC(
 		ctx.ClientBuilder.ClientOrDie("pod-garbage-collector"),
 		ctx.InformerFactory.Core().V1().Pods(),
-		int(ctx.Options.TerminatedPodGCThreshold),
+		int(ctx.ComponentConfig.TerminatedPodGCThreshold),
 	).Run(ctx.Stop)
 	return true, nil
 }
@@ -251,9 +267,9 @@ func startResourceQuotaController(ctx ControllerContext) (bool, error) {
 	resourceQuotaControllerOptions := &resourcequotacontroller.ResourceQuotaControllerOptions{
 		QuotaClient:               resourceQuotaControllerClient.CoreV1(),
 		ResourceQuotaInformer:     ctx.InformerFactory.Core().V1().ResourceQuotas(),
-		ResyncPeriod:              controller.StaticResyncPeriodFunc(ctx.Options.ResourceQuotaSyncPeriod.Duration),
+		ResyncPeriod:              controller.StaticResyncPeriodFunc(ctx.ComponentConfig.ResourceQuotaSyncPeriod.Duration),
 		InformerFactory:           ctx.InformerFactory,
-		ReplenishmentResyncPeriod: ResyncPeriod(&ctx.Options),
+		ReplenishmentResyncPeriod: ctx.ResyncPeriod,
 		DiscoveryFunc:             discoveryFunc,
 		IgnoredResourcesFunc:      quotaConfiguration.IgnoredResources,
 		InformersStarted:          ctx.InformersStarted,
@@ -269,7 +285,7 @@ func startResourceQuotaController(ctx ControllerContext) (bool, error) {
 	if err != nil {
 		return false, err
 	}
-	go resourceQuotaController.Run(int(ctx.Options.ConcurrentResourceQuotaSyncs), ctx.Stop)
+	go resourceQuotaController.Run(int(ctx.ComponentConfig.ConcurrentResourceQuotaSyncs), ctx.Stop)
 
 	// Periodically the quota controller to detect new resource types
 	go resourceQuotaController.Sync(discoveryFunc, 30*time.Second, ctx.Stop)
@@ -297,10 +313,10 @@ func startNamespaceController(ctx ControllerContext) (bool, error) {
 		namespaceClientPool,
 		discoverResourcesFn,
 		ctx.InformerFactory.Core().V1().Namespaces(),
-		ctx.Options.NamespaceSyncPeriod.Duration,
+		ctx.ComponentConfig.NamespaceSyncPeriod.Duration,
 		v1.FinalizerKubernetes,
 	)
-	go namespaceController.Run(int(ctx.Options.ConcurrentNamespaceSyncs), ctx.Stop)
+	go namespaceController.Run(int(ctx.ComponentConfig.ConcurrentNamespaceSyncs), ctx.Stop)
 
 	return true, nil
 }
@@ -328,7 +344,7 @@ func startTTLController(ctx ControllerContext) (bool, error) {
 }
 
 func startGarbageCollectorController(ctx ControllerContext) (bool, error) {
-	if !ctx.Options.EnableGarbageCollector {
+	if !ctx.ComponentConfig.EnableGarbageCollector {
 		return false, nil
 	}
 
@@ -344,14 +360,14 @@ func startGarbageCollectorController(ctx ControllerContext) (bool, error) {
 	// TODO: Make NewMetadataCodecFactory support arbitrary (non-compiled)
 	// resource types. Otherwise we'll be storing full Unstructured data in our
 	// caches for custom resources. Consider porting it to work with
-	// metav1alpha1.PartialObjectMetadata.
+	// metav1beta1.PartialObjectMetadata.
 	metaOnlyClientPool := dynamic.NewClientPool(config, restMapper, dynamic.LegacyAPIPathResolverFunc)
 	clientPool := dynamic.NewClientPool(config, restMapper, dynamic.LegacyAPIPathResolverFunc)
 
 	// Get an initial set of deletable resources to prime the garbage collector.
 	deletableResources := garbagecollector.GetDeletableResources(discoveryClient)
 	ignoredResources := make(map[schema.GroupResource]struct{})
-	for _, r := range ctx.Options.GCIgnoredResources {
+	for _, r := range ctx.ComponentConfig.GCIgnoredResources {
 		ignoredResources[schema.GroupResource{Group: r.Group, Resource: r.Resource}] = struct{}{}
 	}
 	garbageCollector, err := garbagecollector.NewGarbageCollector(
@@ -368,7 +384,7 @@ func startGarbageCollectorController(ctx ControllerContext) (bool, error) {
 	}
 
 	// Start the garbage collector.
-	workers := int(ctx.Options.ConcurrentGCSyncs)
+	workers := int(ctx.ComponentConfig.ConcurrentGCSyncs)
 	go garbageCollector.Run(workers, ctx.Stop)
 
 	// Periodically refresh the RESTMapper with new discovery information and sync
@@ -379,7 +395,7 @@ func startGarbageCollectorController(ctx ControllerContext) (bool, error) {
 }
 
 func startPVCProtectionController(ctx ControllerContext) (bool, error) {
-	if utilfeature.DefaultFeatureGate.Enabled(features.PVCProtection) {
+	if utilfeature.DefaultFeatureGate.Enabled(features.StorageObjectInUseProtection) {
 		go pvcprotection.NewPVCProtectionController(
 			ctx.InformerFactory.Core().V1().PersistentVolumeClaims(),
 			ctx.InformerFactory.Core().V1().Pods(),
@@ -389,3 +405,14 @@ func startPVCProtectionController(ctx ControllerContext) (bool, error) {
 	}
 	return false, nil
 }
+
+func startPVProtectionController(ctx ControllerContext) (bool, error) {
+	if utilfeature.DefaultFeatureGate.Enabled(features.StorageObjectInUseProtection) {
+		go pvprotection.NewPVProtectionController(
+			ctx.InformerFactory.Core().V1().PersistentVolumes(),
+			ctx.ClientBuilder.ClientOrDie("pv-protection-controller"),
+		).Run(1, ctx.Stop)
+		return true, nil
+	}
+	return false, nil
+}
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/extensions.go b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/extensions.go
index 060704bbf530..2c30fde86b8f 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/extensions.go
+++ b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/extensions.go
@@ -24,29 +24,10 @@ import (
 	"fmt"
 
 	"k8s.io/apimachinery/pkg/runtime/schema"
-	"k8s.io/kubernetes/pkg/controller/daemon"
 	"k8s.io/kubernetes/pkg/controller/deployment"
 	"k8s.io/kubernetes/pkg/controller/replicaset"
 )
 
-func startDaemonSetController(ctx ControllerContext) (bool, error) {
-	if !ctx.AvailableResources[schema.GroupVersionResource{Group: "extensions", Version: "v1beta1", Resource: "daemonsets"}] {
-		return false, nil
-	}
-	dsc, err := daemon.NewDaemonSetsController(
-		ctx.InformerFactory.Extensions().V1beta1().DaemonSets(),
-		ctx.InformerFactory.Apps().V1beta1().ControllerRevisions(),
-		ctx.InformerFactory.Core().V1().Pods(),
-		ctx.InformerFactory.Core().V1().Nodes(),
-		ctx.ClientBuilder.ClientOrDie("daemon-set-controller"),
-	)
-	if err != nil {
-		return true, fmt.Errorf("error creating DaemonSets controller: %v", err)
-	}
-	go dsc.Run(int(ctx.Options.ConcurrentDaemonSetSyncs), ctx.Stop)
-	return true, nil
-}
-
 func startDeploymentController(ctx ControllerContext) (bool, error) {
 	if !ctx.AvailableResources[schema.GroupVersionResource{Group: "extensions", Version: "v1beta1", Resource: "deployments"}] {
 		return false, nil
@@ -60,7 +41,7 @@ func startDeploymentController(ctx ControllerContext) (bool, error) {
 	if err != nil {
 		return true, fmt.Errorf("error creating Deployment controller: %v", err)
 	}
-	go dc.Run(int(ctx.Options.ConcurrentDeploymentSyncs), ctx.Stop)
+	go dc.Run(int(ctx.ComponentConfig.ConcurrentDeploymentSyncs), ctx.Stop)
 	return true, nil
 }
 
@@ -73,6 +54,6 @@ func startReplicaSetController(ctx ControllerContext) (bool, error) {
 		ctx.InformerFactory.Core().V1().Pods(),
 		ctx.ClientBuilder.ClientOrDie("replicaset-controller"),
 		replicaset.BurstReplicas,
-	).Run(int(ctx.Options.ConcurrentRSSyncs), ctx.Stop)
+	).Run(int(ctx.ComponentConfig.ConcurrentRSSyncs), ctx.Stop)
 	return true, nil
 }
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/options/BUILD b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/options/BUILD
index 588b64c68668..46c380fe96eb 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/options/BUILD
+++ b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/options/BUILD
@@ -11,14 +11,14 @@ go_library(
     srcs = ["options.go"],
     importpath = "k8s.io/kubernetes/cmd/kube-controller-manager/app/options",
     deps = [
+        "//cmd/controller-manager/app/options:go_default_library",
+        "//cmd/kube-controller-manager/app/config:go_default_library",
         "//pkg/apis/componentconfig:go_default_library",
         "//pkg/client/leaderelectionconfig:go_default_library",
         "//pkg/controller/garbagecollector:go_default_library",
         "//pkg/features:go_default_library",
         "//pkg/master/ports:go_default_library",
-        "//vendor/github.com/cloudflare/cfssl/helpers:go_default_library",
         "//vendor/github.com/spf13/pflag:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
@@ -41,13 +41,14 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["options_test.go"],
-    importpath = "k8s.io/kubernetes/cmd/kube-controller-manager/app/options",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     tags = ["automanaged"],
     deps = [
+        "//cmd/controller-manager/app/options:go_default_library",
         "//pkg/apis/componentconfig:go_default_library",
         "//vendor/github.com/spf13/pflag:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/diff:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server/options:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/options/options.go b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/options/options.go
index d681bfd18957..f9adc670c6d8 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/options/options.go
+++ b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/options/options.go
@@ -21,12 +21,12 @@ package options
 import (
 	"fmt"
 	"strings"
-	"time"
 
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 	"k8s.io/apimachinery/pkg/util/sets"
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
+	cmoptions "k8s.io/kubernetes/cmd/controller-manager/app/options"
+	kubecontrollerconfig "k8s.io/kubernetes/cmd/kube-controller-manager/app/config"
 	"k8s.io/kubernetes/pkg/apis/componentconfig"
 	"k8s.io/kubernetes/pkg/client/leaderelectionconfig"
 	"k8s.io/kubernetes/pkg/controller/garbagecollector"
@@ -35,213 +35,130 @@ import (
 	// add the kubernetes feature gates
 	_ "k8s.io/kubernetes/pkg/features"
 
-	"github.com/cloudflare/cfssl/helpers"
 	"github.com/spf13/pflag"
 )
 
-const (
-	// These defaults are deprecated and exported so that we can warn if
-	// they are being used.
-
-	// DefaultClusterSigningCertFile is deprecated. Do not use.
-	DefaultClusterSigningCertFile = "/etc/kubernetes/ca/ca.pem"
-	// DefaultClusterSigningKeyFile is deprecated. Do not use.
-	DefaultClusterSigningKeyFile = "/etc/kubernetes/ca/ca.key"
-)
+// KubeControllerManagerOptions is the main context object for the controller manager.
+type KubeControllerManagerOptions struct {
+	Generic cmoptions.GenericControllerManagerOptions
+}
 
-// CMServer is the main context object for the controller manager.
-type CMServer struct {
-	componentconfig.KubeControllerManagerConfiguration
+// NewKubeControllerManagerOptions creates a new KubeControllerManagerOptions with a default config.
+func NewKubeControllerManagerOptions() *KubeControllerManagerOptions {
+	componentConfig := cmoptions.NewDefaultControllerManagerComponentConfig(ports.InsecureKubeControllerManagerPort)
+	s := KubeControllerManagerOptions{
+		// The common/default are kept in 'cmd/kube-controller-manager/app/options/util.go'.
+		// Please make common changes there but put anything kube-controller specific here.
+		Generic: cmoptions.NewGenericControllerManagerOptions(componentConfig),
+	}
 
-	Master     string
-	Kubeconfig string
-}
+	s.Generic.SecureServing.ServerCert.CertDirectory = "/var/run/kubernetes"
+	s.Generic.SecureServing.ServerCert.PairName = "kube-controller-manager"
 
-// NewCMServer creates a new CMServer with a default config.
-func NewCMServer() *CMServer {
 	gcIgnoredResources := make([]componentconfig.GroupResource, 0, len(garbagecollector.DefaultIgnoredResources()))
 	for r := range garbagecollector.DefaultIgnoredResources() {
 		gcIgnoredResources = append(gcIgnoredResources, componentconfig.GroupResource{Group: r.Group, Resource: r.Resource})
 	}
+	s.Generic.ComponentConfig.GCIgnoredResources = gcIgnoredResources
+	s.Generic.ComponentConfig.LeaderElection.LeaderElect = true
 
-	s := CMServer{
-		// Part of these default values also present in 'cmd/cloud-controller-manager/app/options/options.go'.
-		// Please keep them in sync when doing update.
-		KubeControllerManagerConfiguration: componentconfig.KubeControllerManagerConfiguration{
-			Controllers:                                     []string{"*"},
-			Port:                                            ports.ControllerManagerPort,
-			Address:                                         "0.0.0.0",
-			ConcurrentEndpointSyncs:                         5,
-			ConcurrentServiceSyncs:                          1,
-			ConcurrentRCSyncs:                               5,
-			ConcurrentRSSyncs:                               5,
-			ConcurrentDaemonSetSyncs:                        2,
-			ConcurrentJobSyncs:                              5,
-			ConcurrentResourceQuotaSyncs:                    5,
-			ConcurrentDeploymentSyncs:                       5,
-			ConcurrentNamespaceSyncs:                        10,
-			ConcurrentSATokenSyncs:                          5,
-			ServiceSyncPeriod:                               metav1.Duration{Duration: 5 * time.Minute},
-			RouteReconciliationPeriod:                       metav1.Duration{Duration: 10 * time.Second},
-			ResourceQuotaSyncPeriod:                         metav1.Duration{Duration: 5 * time.Minute},
-			NamespaceSyncPeriod:                             metav1.Duration{Duration: 5 * time.Minute},
-			PVClaimBinderSyncPeriod:                         metav1.Duration{Duration: 15 * time.Second},
-			HorizontalPodAutoscalerSyncPeriod:               metav1.Duration{Duration: 30 * time.Second},
-			HorizontalPodAutoscalerUpscaleForbiddenWindow:   metav1.Duration{Duration: 3 * time.Minute},
-			HorizontalPodAutoscalerDownscaleForbiddenWindow: metav1.Duration{Duration: 5 * time.Minute},
-			HorizontalPodAutoscalerTolerance:                0.1,
-			DeploymentControllerSyncPeriod:                  metav1.Duration{Duration: 30 * time.Second},
-			MinResyncPeriod:                                 metav1.Duration{Duration: 12 * time.Hour},
-			RegisterRetryCount:                              10,
-			PodEvictionTimeout:                              metav1.Duration{Duration: 5 * time.Minute},
-			NodeMonitorGracePeriod:                          metav1.Duration{Duration: 40 * time.Second},
-			NodeStartupGracePeriod:                          metav1.Duration{Duration: 60 * time.Second},
-			NodeMonitorPeriod:                               metav1.Duration{Duration: 5 * time.Second},
-			ClusterName:                                     "kubernetes",
-			NodeCIDRMaskSize:                                24,
-			ConfigureCloudRoutes:                            true,
-			TerminatedPodGCThreshold:                        12500,
-			VolumeConfiguration: componentconfig.VolumeConfiguration{
-				EnableHostPathProvisioning: false,
-				EnableDynamicProvisioning:  true,
-				PersistentVolumeRecyclerConfiguration: componentconfig.PersistentVolumeRecyclerConfiguration{
-					MaximumRetry:             3,
-					MinimumTimeoutNFS:        300,
-					IncrementTimeoutNFS:      30,
-					MinimumTimeoutHostPath:   60,
-					IncrementTimeoutHostPath: 30,
-				},
-				FlexVolumePluginDir: "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/",
-			},
-			ContentType:                           "application/vnd.kubernetes.protobuf",
-			KubeAPIQPS:                            20.0,
-			KubeAPIBurst:                          30,
-			LeaderElection:                        leaderelectionconfig.DefaultLeaderElectionConfiguration(),
-			ControllerStartInterval:               metav1.Duration{Duration: 0 * time.Second},
-			EnableGarbageCollector:                true,
-			ConcurrentGCSyncs:                     20,
-			GCIgnoredResources:                    gcIgnoredResources,
-			ClusterSigningCertFile:                DefaultClusterSigningCertFile,
-			ClusterSigningKeyFile:                 DefaultClusterSigningKeyFile,
-			ClusterSigningDuration:                metav1.Duration{Duration: helpers.OneYear},
-			ReconcilerSyncLoopPeriod:              metav1.Duration{Duration: 60 * time.Second},
-			EnableTaintManager:                    true,
-			HorizontalPodAutoscalerUseRESTClients: true,
-		},
-	}
-	s.LeaderElection.LeaderElect = true
 	return &s
 }
 
-// AddFlags adds flags for a specific CMServer to the specified FlagSet
-func (s *CMServer) AddFlags(fs *pflag.FlagSet, allControllers []string, disabledByDefaultControllers []string) {
-	fs.StringSliceVar(&s.Controllers, "controllers", s.Controllers, fmt.Sprintf(""+
+// AddFlags adds flags for a specific KubeControllerManagerOptions to the specified FlagSet
+func (s *KubeControllerManagerOptions) AddFlags(fs *pflag.FlagSet, allControllers []string, disabledByDefaultControllers []string) {
+	s.Generic.AddFlags(fs)
+
+	fs.StringSliceVar(&s.Generic.ComponentConfig.Controllers, "controllers", s.Generic.ComponentConfig.Controllers, fmt.Sprintf(""+
 		"A list of controllers to enable.  '*' enables all on-by-default controllers, 'foo' enables the controller "+
 		"named 'foo', '-foo' disables the controller named 'foo'.\nAll controllers: %s\nDisabled-by-default controllers: %s",
 		strings.Join(allControllers, ", "), strings.Join(disabledByDefaultControllers, ", ")))
-	fs.Int32Var(&s.Port, "port", s.Port, "The port that the controller-manager's http service runs on")
-	fs.Var(componentconfig.IPVar{Val: &s.Address}, "address", "The IP address to serve on (set to 0.0.0.0 for all interfaces)")
-	fs.BoolVar(&s.UseServiceAccountCredentials, "use-service-account-credentials", s.UseServiceAccountCredentials, "If true, use individual service account credentials for each controller.")
-	fs.StringVar(&s.CloudProvider, "cloud-provider", s.CloudProvider, "The provider for cloud services.  Empty string for no provider.")
-	fs.StringVar(&s.CloudConfigFile, "cloud-config", s.CloudConfigFile, "The path to the cloud provider configuration file.  Empty string for no configuration file.")
-	fs.BoolVar(&s.AllowUntaggedCloud, "allow-untagged-cloud", false, "Allow the cluster to run without the cluster-id on cloud instances.  This is a legacy mode of operation and a cluster-id will be required in the future.")
-	fs.MarkDeprecated("allow-untagged-cloud", "This flag is deprecated and will be removed in a future release.  A cluster-id will be required on cloud instances")
-	fs.Int32Var(&s.ConcurrentEndpointSyncs, "concurrent-endpoint-syncs", s.ConcurrentEndpointSyncs, "The number of endpoint syncing operations that will be done concurrently. Larger number = faster endpoint updating, but more CPU (and network) load")
-	fs.Int32Var(&s.ConcurrentServiceSyncs, "concurrent-service-syncs", s.ConcurrentServiceSyncs, "The number of services that are allowed to sync concurrently. Larger number = more responsive service management, but more CPU (and network) load")
-	fs.Int32Var(&s.ConcurrentRCSyncs, "concurrent_rc_syncs", s.ConcurrentRCSyncs, "The number of replication controllers that are allowed to sync concurrently. Larger number = more responsive replica management, but more CPU (and network) load")
-	fs.Int32Var(&s.ConcurrentRSSyncs, "concurrent-replicaset-syncs", s.ConcurrentRSSyncs, "The number of replica sets that are allowed to sync concurrently. Larger number = more responsive replica management, but more CPU (and network) load")
-	fs.Int32Var(&s.ConcurrentResourceQuotaSyncs, "concurrent-resource-quota-syncs", s.ConcurrentResourceQuotaSyncs, "The number of resource quotas that are allowed to sync concurrently. Larger number = more responsive quota management, but more CPU (and network) load")
-	fs.Int32Var(&s.ConcurrentDeploymentSyncs, "concurrent-deployment-syncs", s.ConcurrentDeploymentSyncs, "The number of deployment objects that are allowed to sync concurrently. Larger number = more responsive deployments, but more CPU (and network) load")
-	fs.Int32Var(&s.ConcurrentNamespaceSyncs, "concurrent-namespace-syncs", s.ConcurrentNamespaceSyncs, "The number of namespace objects that are allowed to sync concurrently. Larger number = more responsive namespace termination, but more CPU (and network) load")
-	fs.Int32Var(&s.ConcurrentSATokenSyncs, "concurrent-serviceaccount-token-syncs", s.ConcurrentSATokenSyncs, "The number of service account token objects that are allowed to sync concurrently. Larger number = more responsive token generation, but more CPU (and network) load")
-	fs.DurationVar(&s.ServiceSyncPeriod.Duration, "service-sync-period", s.ServiceSyncPeriod.Duration, "The period for syncing services with their external load balancers")
-	fs.DurationVar(&s.NodeSyncPeriod.Duration, "node-sync-period", 0, ""+
+	fs.StringVar(&s.Generic.ComponentConfig.CloudProvider, "cloud-provider", s.Generic.ComponentConfig.CloudProvider, "The provider for cloud services.  Empty string for no provider.")
+	fs.StringVar(&s.Generic.ComponentConfig.ExternalCloudVolumePlugin, "external-cloud-volume-plugin", s.Generic.ComponentConfig.ExternalCloudVolumePlugin, "The plugin to use when cloud provider is set to external. Can be empty, should only be set when cloud-provider is external. Currently used to allow node and volume controllers to work for in tree cloud providers.")
+	fs.Int32Var(&s.Generic.ComponentConfig.ConcurrentEndpointSyncs, "concurrent-endpoint-syncs", s.Generic.ComponentConfig.ConcurrentEndpointSyncs, "The number of endpoint syncing operations that will be done concurrently. Larger number = faster endpoint updating, but more CPU (and network) load")
+	fs.Int32Var(&s.Generic.ComponentConfig.ConcurrentServiceSyncs, "concurrent-service-syncs", s.Generic.ComponentConfig.ConcurrentServiceSyncs, "The number of services that are allowed to sync concurrently. Larger number = more responsive service management, but more CPU (and network) load")
+	fs.Int32Var(&s.Generic.ComponentConfig.ConcurrentRCSyncs, "concurrent_rc_syncs", s.Generic.ComponentConfig.ConcurrentRCSyncs, "The number of replication controllers that are allowed to sync concurrently. Larger number = more responsive replica management, but more CPU (and network) load")
+	fs.Int32Var(&s.Generic.ComponentConfig.ConcurrentRSSyncs, "concurrent-replicaset-syncs", s.Generic.ComponentConfig.ConcurrentRSSyncs, "The number of replica sets that are allowed to sync concurrently. Larger number = more responsive replica management, but more CPU (and network) load")
+
+	fs.Int32Var(&s.Generic.ComponentConfig.ConcurrentResourceQuotaSyncs, "concurrent-resource-quota-syncs", s.Generic.ComponentConfig.ConcurrentResourceQuotaSyncs, "The number of resource quotas that are allowed to sync concurrently. Larger number = more responsive quota management, but more CPU (and network) load")
+	fs.Int32Var(&s.Generic.ComponentConfig.ConcurrentDeploymentSyncs, "concurrent-deployment-syncs", s.Generic.ComponentConfig.ConcurrentDeploymentSyncs, "The number of deployment objects that are allowed to sync concurrently. Larger number = more responsive deployments, but more CPU (and network) load")
+	fs.Int32Var(&s.Generic.ComponentConfig.ConcurrentNamespaceSyncs, "concurrent-namespace-syncs", s.Generic.ComponentConfig.ConcurrentNamespaceSyncs, "The number of namespace objects that are allowed to sync concurrently. Larger number = more responsive namespace termination, but more CPU (and network) load")
+	fs.Int32Var(&s.Generic.ComponentConfig.ConcurrentSATokenSyncs, "concurrent-serviceaccount-token-syncs", s.Generic.ComponentConfig.ConcurrentSATokenSyncs, "The number of service account token objects that are allowed to sync concurrently. Larger number = more responsive token generation, but more CPU (and network) load")
+	fs.DurationVar(&s.Generic.ComponentConfig.NodeSyncPeriod.Duration, "node-sync-period", 0, ""+
 		"This flag is deprecated and will be removed in future releases. See node-monitor-period for Node health checking or "+
 		"route-reconciliation-period for cloud provider's route configuration settings.")
 	fs.MarkDeprecated("node-sync-period", "This flag is currently no-op and will be deleted.")
-	fs.DurationVar(&s.RouteReconciliationPeriod.Duration, "route-reconciliation-period", s.RouteReconciliationPeriod.Duration, "The period for reconciling routes created for Nodes by cloud provider.")
-	fs.DurationVar(&s.ResourceQuotaSyncPeriod.Duration, "resource-quota-sync-period", s.ResourceQuotaSyncPeriod.Duration, "The period for syncing quota usage status in the system")
-	fs.DurationVar(&s.NamespaceSyncPeriod.Duration, "namespace-sync-period", s.NamespaceSyncPeriod.Duration, "The period for syncing namespace life-cycle updates")
-	fs.DurationVar(&s.PVClaimBinderSyncPeriod.Duration, "pvclaimbinder-sync-period", s.PVClaimBinderSyncPeriod.Duration, "The period for syncing persistent volumes and persistent volume claims")
-	fs.DurationVar(&s.MinResyncPeriod.Duration, "min-resync-period", s.MinResyncPeriod.Duration, "The resync period in reflectors will be random between MinResyncPeriod and 2*MinResyncPeriod")
-	fs.StringVar(&s.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.PodTemplateFilePathNFS, "pv-recycler-pod-template-filepath-nfs", s.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.PodTemplateFilePathNFS, "The file path to a pod definition used as a template for NFS persistent volume recycling")
-	fs.Int32Var(&s.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.MinimumTimeoutNFS, "pv-recycler-minimum-timeout-nfs", s.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.MinimumTimeoutNFS, "The minimum ActiveDeadlineSeconds to use for an NFS Recycler pod")
-	fs.Int32Var(&s.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.IncrementTimeoutNFS, "pv-recycler-increment-timeout-nfs", s.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.IncrementTimeoutNFS, "the increment of time added per Gi to ActiveDeadlineSeconds for an NFS scrubber pod")
-	fs.StringVar(&s.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.PodTemplateFilePathHostPath, "pv-recycler-pod-template-filepath-hostpath", s.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.PodTemplateFilePathHostPath, "The file path to a pod definition used as a template for HostPath persistent volume recycling. This is for development and testing only and will not work in a multi-node cluster.")
-	fs.Int32Var(&s.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.MinimumTimeoutHostPath, "pv-recycler-minimum-timeout-hostpath", s.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.MinimumTimeoutHostPath, "The minimum ActiveDeadlineSeconds to use for a HostPath Recycler pod.  This is for development and testing only and will not work in a multi-node cluster.")
-	fs.Int32Var(&s.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.IncrementTimeoutHostPath, "pv-recycler-timeout-increment-hostpath", s.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.IncrementTimeoutHostPath, "the increment of time added per Gi to ActiveDeadlineSeconds for a HostPath scrubber pod.  This is for development and testing only and will not work in a multi-node cluster.")
-	fs.BoolVar(&s.VolumeConfiguration.EnableHostPathProvisioning, "enable-hostpath-provisioner", s.VolumeConfiguration.EnableHostPathProvisioning, "Enable HostPath PV provisioning when running without a cloud provider. This allows testing and development of provisioning features.  HostPath provisioning is not supported in any way, won't work in a multi-node cluster, and should not be used for anything other than testing or development.")
-	fs.BoolVar(&s.VolumeConfiguration.EnableDynamicProvisioning, "enable-dynamic-provisioning", s.VolumeConfiguration.EnableDynamicProvisioning, "Enable dynamic provisioning for environments that support it.")
-	fs.StringVar(&s.VolumeConfiguration.FlexVolumePluginDir, "flex-volume-plugin-dir", s.VolumeConfiguration.FlexVolumePluginDir, "Full path of the directory in which the flex volume plugin should search for additional third party volume plugins.")
-	fs.Int32Var(&s.TerminatedPodGCThreshold, "terminated-pod-gc-threshold", s.TerminatedPodGCThreshold, "Number of terminated pods that can exist before the terminated pod garbage collector starts deleting terminated pods. If <= 0, the terminated pod garbage collector is disabled.")
-	fs.DurationVar(&s.HorizontalPodAutoscalerSyncPeriod.Duration, "horizontal-pod-autoscaler-sync-period", s.HorizontalPodAutoscalerSyncPeriod.Duration, "The period for syncing the number of pods in horizontal pod autoscaler.")
-	fs.DurationVar(&s.HorizontalPodAutoscalerUpscaleForbiddenWindow.Duration, "horizontal-pod-autoscaler-upscale-delay", s.HorizontalPodAutoscalerUpscaleForbiddenWindow.Duration, "The period since last upscale, before another upscale can be performed in horizontal pod autoscaler.")
-	fs.DurationVar(&s.HorizontalPodAutoscalerDownscaleForbiddenWindow.Duration, "horizontal-pod-autoscaler-downscale-delay", s.HorizontalPodAutoscalerDownscaleForbiddenWindow.Duration, "The period since last downscale, before another downscale can be performed in horizontal pod autoscaler.")
-	fs.Float64Var(&s.HorizontalPodAutoscalerTolerance, "horizontal-pod-autoscaler-tolerance", s.HorizontalPodAutoscalerTolerance, "The minimum change (from 1.0) in the desired-to-actual metrics ratio for the horizontal pod autoscaler to consider scaling.")
-	fs.DurationVar(&s.DeploymentControllerSyncPeriod.Duration, "deployment-controller-sync-period", s.DeploymentControllerSyncPeriod.Duration, "Period for syncing the deployments.")
-	fs.DurationVar(&s.PodEvictionTimeout.Duration, "pod-eviction-timeout", s.PodEvictionTimeout.Duration, "The grace period for deleting pods on failed nodes.")
-	fs.Float32Var(&s.DeletingPodsQps, "deleting-pods-qps", 0.1, "Number of nodes per second on which pods are deleted in case of node failure.")
+	fs.DurationVar(&s.Generic.ComponentConfig.ResourceQuotaSyncPeriod.Duration, "resource-quota-sync-period", s.Generic.ComponentConfig.ResourceQuotaSyncPeriod.Duration, "The period for syncing quota usage status in the system")
+	fs.DurationVar(&s.Generic.ComponentConfig.NamespaceSyncPeriod.Duration, "namespace-sync-period", s.Generic.ComponentConfig.NamespaceSyncPeriod.Duration, "The period for syncing namespace life-cycle updates")
+	fs.DurationVar(&s.Generic.ComponentConfig.PVClaimBinderSyncPeriod.Duration, "pvclaimbinder-sync-period", s.Generic.ComponentConfig.PVClaimBinderSyncPeriod.Duration, "The period for syncing persistent volumes and persistent volume claims")
+	fs.StringVar(&s.Generic.ComponentConfig.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.PodTemplateFilePathNFS, "pv-recycler-pod-template-filepath-nfs", s.Generic.ComponentConfig.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.PodTemplateFilePathNFS, "The file path to a pod definition used as a template for NFS persistent volume recycling")
+	fs.Int32Var(&s.Generic.ComponentConfig.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.MinimumTimeoutNFS, "pv-recycler-minimum-timeout-nfs", s.Generic.ComponentConfig.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.MinimumTimeoutNFS, "The minimum ActiveDeadlineSeconds to use for an NFS Recycler pod")
+	fs.Int32Var(&s.Generic.ComponentConfig.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.IncrementTimeoutNFS, "pv-recycler-increment-timeout-nfs", s.Generic.ComponentConfig.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.IncrementTimeoutNFS, "the increment of time added per Gi to ActiveDeadlineSeconds for an NFS scrubber pod")
+	fs.StringVar(&s.Generic.ComponentConfig.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.PodTemplateFilePathHostPath, "pv-recycler-pod-template-filepath-hostpath", s.Generic.ComponentConfig.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.PodTemplateFilePathHostPath, "The file path to a pod definition used as a template for HostPath persistent volume recycling. This is for development and testing only and will not work in a multi-node cluster.")
+	fs.Int32Var(&s.Generic.ComponentConfig.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.MinimumTimeoutHostPath, "pv-recycler-minimum-timeout-hostpath", s.Generic.ComponentConfig.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.MinimumTimeoutHostPath, "The minimum ActiveDeadlineSeconds to use for a HostPath Recycler pod.  This is for development and testing only and will not work in a multi-node cluster.")
+	fs.Int32Var(&s.Generic.ComponentConfig.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.IncrementTimeoutHostPath, "pv-recycler-timeout-increment-hostpath", s.Generic.ComponentConfig.VolumeConfiguration.PersistentVolumeRecyclerConfiguration.IncrementTimeoutHostPath, "the increment of time added per Gi to ActiveDeadlineSeconds for a HostPath scrubber pod.  This is for development and testing only and will not work in a multi-node cluster.")
+	fs.BoolVar(&s.Generic.ComponentConfig.VolumeConfiguration.EnableHostPathProvisioning, "enable-hostpath-provisioner", s.Generic.ComponentConfig.VolumeConfiguration.EnableHostPathProvisioning, "Enable HostPath PV provisioning when running without a cloud provider. This allows testing and development of provisioning features.  HostPath provisioning is not supported in any way, won't work in a multi-node cluster, and should not be used for anything other than testing or development.")
+	fs.BoolVar(&s.Generic.ComponentConfig.VolumeConfiguration.EnableDynamicProvisioning, "enable-dynamic-provisioning", s.Generic.ComponentConfig.VolumeConfiguration.EnableDynamicProvisioning, "Enable dynamic provisioning for environments that support it.")
+	fs.StringVar(&s.Generic.ComponentConfig.VolumeConfiguration.FlexVolumePluginDir, "flex-volume-plugin-dir", s.Generic.ComponentConfig.VolumeConfiguration.FlexVolumePluginDir, "Full path of the directory in which the flex volume plugin should search for additional third party volume plugins.")
+	fs.Int32Var(&s.Generic.ComponentConfig.TerminatedPodGCThreshold, "terminated-pod-gc-threshold", s.Generic.ComponentConfig.TerminatedPodGCThreshold, "Number of terminated pods that can exist before the terminated pod garbage collector starts deleting terminated pods. If <= 0, the terminated pod garbage collector is disabled.")
+	fs.DurationVar(&s.Generic.ComponentConfig.HorizontalPodAutoscalerSyncPeriod.Duration, "horizontal-pod-autoscaler-sync-period", s.Generic.ComponentConfig.HorizontalPodAutoscalerSyncPeriod.Duration, "The period for syncing the number of pods in horizontal pod autoscaler.")
+	fs.DurationVar(&s.Generic.ComponentConfig.HorizontalPodAutoscalerUpscaleForbiddenWindow.Duration, "horizontal-pod-autoscaler-upscale-delay", s.Generic.ComponentConfig.HorizontalPodAutoscalerUpscaleForbiddenWindow.Duration, "The period since last upscale, before another upscale can be performed in horizontal pod autoscaler.")
+	fs.DurationVar(&s.Generic.ComponentConfig.HorizontalPodAutoscalerDownscaleForbiddenWindow.Duration, "horizontal-pod-autoscaler-downscale-delay", s.Generic.ComponentConfig.HorizontalPodAutoscalerDownscaleForbiddenWindow.Duration, "The period since last downscale, before another downscale can be performed in horizontal pod autoscaler.")
+	fs.Float64Var(&s.Generic.ComponentConfig.HorizontalPodAutoscalerTolerance, "horizontal-pod-autoscaler-tolerance", s.Generic.ComponentConfig.HorizontalPodAutoscalerTolerance, "The minimum change (from 1.0) in the desired-to-actual metrics ratio for the horizontal pod autoscaler to consider scaling.")
+	fs.DurationVar(&s.Generic.ComponentConfig.DeploymentControllerSyncPeriod.Duration, "deployment-controller-sync-period", s.Generic.ComponentConfig.DeploymentControllerSyncPeriod.Duration, "Period for syncing the deployments.")
+	fs.DurationVar(&s.Generic.ComponentConfig.PodEvictionTimeout.Duration, "pod-eviction-timeout", s.Generic.ComponentConfig.PodEvictionTimeout.Duration, "The grace period for deleting pods on failed nodes.")
+	fs.Float32Var(&s.Generic.ComponentConfig.DeletingPodsQps, "deleting-pods-qps", 0.1, "Number of nodes per second on which pods are deleted in case of node failure.")
 	fs.MarkDeprecated("deleting-pods-qps", "This flag is currently no-op and will be deleted.")
-	fs.Int32Var(&s.DeletingPodsBurst, "deleting-pods-burst", 0, "Number of nodes on which pods are bursty deleted in case of node failure. For more details look into RateLimiter.")
+	fs.Int32Var(&s.Generic.ComponentConfig.DeletingPodsBurst, "deleting-pods-burst", 0, "Number of nodes on which pods are bursty deleted in case of node failure. For more details look into RateLimiter.")
 	fs.MarkDeprecated("deleting-pods-burst", "This flag is currently no-op and will be deleted.")
-	fs.Int32Var(&s.RegisterRetryCount, "register-retry-count", s.RegisterRetryCount, ""+
+	fs.Int32Var(&s.Generic.ComponentConfig.RegisterRetryCount, "register-retry-count", s.Generic.ComponentConfig.RegisterRetryCount, ""+
 		"The number of retries for initial node registration.  Retry interval equals node-sync-period.")
 	fs.MarkDeprecated("register-retry-count", "This flag is currently no-op and will be deleted.")
-	fs.DurationVar(&s.NodeMonitorGracePeriod.Duration, "node-monitor-grace-period", s.NodeMonitorGracePeriod.Duration,
+	fs.DurationVar(&s.Generic.ComponentConfig.NodeMonitorGracePeriod.Duration, "node-monitor-grace-period", s.Generic.ComponentConfig.NodeMonitorGracePeriod.Duration,
 		"Amount of time which we allow running Node to be unresponsive before marking it unhealthy. "+
 			"Must be N times more than kubelet's nodeStatusUpdateFrequency, "+
 			"where N means number of retries allowed for kubelet to post node status.")
-	fs.DurationVar(&s.NodeStartupGracePeriod.Duration, "node-startup-grace-period", s.NodeStartupGracePeriod.Duration,
+	fs.DurationVar(&s.Generic.ComponentConfig.NodeStartupGracePeriod.Duration, "node-startup-grace-period", s.Generic.ComponentConfig.NodeStartupGracePeriod.Duration,
 		"Amount of time which we allow starting Node to be unresponsive before marking it unhealthy.")
-	fs.DurationVar(&s.NodeMonitorPeriod.Duration, "node-monitor-period", s.NodeMonitorPeriod.Duration,
-		"The period for syncing NodeStatus in NodeController.")
-	fs.StringVar(&s.ServiceAccountKeyFile, "service-account-private-key-file", s.ServiceAccountKeyFile, "Filename containing a PEM-encoded private RSA or ECDSA key used to sign service account tokens.")
-	fs.StringVar(&s.ClusterSigningCertFile, "cluster-signing-cert-file", s.ClusterSigningCertFile, "Filename containing a PEM-encoded X509 CA certificate used to issue cluster-scoped certificates")
-	fs.StringVar(&s.ClusterSigningKeyFile, "cluster-signing-key-file", s.ClusterSigningKeyFile, "Filename containing a PEM-encoded RSA or ECDSA private key used to sign cluster-scoped certificates")
-	fs.DurationVar(&s.ClusterSigningDuration.Duration, "experimental-cluster-signing-duration", s.ClusterSigningDuration.Duration, "The length of duration signed certificates will be given.")
+	fs.StringVar(&s.Generic.ComponentConfig.ServiceAccountKeyFile, "service-account-private-key-file", s.Generic.ComponentConfig.ServiceAccountKeyFile, "Filename containing a PEM-encoded private RSA or ECDSA key used to sign service account tokens.")
+	fs.StringVar(&s.Generic.ComponentConfig.ClusterSigningCertFile, "cluster-signing-cert-file", s.Generic.ComponentConfig.ClusterSigningCertFile, "Filename containing a PEM-encoded X509 CA certificate used to issue cluster-scoped certificates")
+	fs.StringVar(&s.Generic.ComponentConfig.ClusterSigningKeyFile, "cluster-signing-key-file", s.Generic.ComponentConfig.ClusterSigningKeyFile, "Filename containing a PEM-encoded RSA or ECDSA private key used to sign cluster-scoped certificates")
+	fs.DurationVar(&s.Generic.ComponentConfig.ClusterSigningDuration.Duration, "experimental-cluster-signing-duration", s.Generic.ComponentConfig.ClusterSigningDuration.Duration, "The length of duration signed certificates will be given.")
 	var dummy string
 	fs.MarkDeprecated("insecure-experimental-approve-all-kubelet-csrs-for-group", "This flag does nothing.")
 	fs.StringVar(&dummy, "insecure-experimental-approve-all-kubelet-csrs-for-group", "", "This flag does nothing.")
-	fs.BoolVar(&s.EnableProfiling, "profiling", true, "Enable profiling via web interface host:port/debug/pprof/")
-	fs.BoolVar(&s.EnableContentionProfiling, "contention-profiling", false, "Enable lock contention profiling, if profiling is enabled")
-	fs.StringVar(&s.ClusterName, "cluster-name", s.ClusterName, "The instance prefix for the cluster")
-	fs.StringVar(&s.ClusterCIDR, "cluster-cidr", s.ClusterCIDR, "CIDR Range for Pods in cluster. Requires --allocate-node-cidrs to be true")
-	fs.StringVar(&s.ServiceCIDR, "service-cluster-ip-range", s.ServiceCIDR, "CIDR Range for Services in cluster. Requires --allocate-node-cidrs to be true")
-	fs.Int32Var(&s.NodeCIDRMaskSize, "node-cidr-mask-size", s.NodeCIDRMaskSize, "Mask size for node cidr in cluster.")
-	fs.BoolVar(&s.AllocateNodeCIDRs, "allocate-node-cidrs", false,
-		"Should CIDRs for Pods be allocated and set on the cloud provider.")
-	fs.StringVar(&s.CIDRAllocatorType, "cidr-allocator-type", "RangeAllocator",
-		"Type of CIDR allocator to use")
-	fs.BoolVar(&s.ConfigureCloudRoutes, "configure-cloud-routes", true, "Should CIDRs allocated by allocate-node-cidrs be configured on the cloud provider.")
-	fs.StringVar(&s.Master, "master", s.Master, "The address of the Kubernetes API server (overrides any value in kubeconfig)")
-	fs.StringVar(&s.Kubeconfig, "kubeconfig", s.Kubeconfig, "Path to kubeconfig file with authorization and master location information.")
-	fs.StringVar(&s.RootCAFile, "root-ca-file", s.RootCAFile, "If set, this root certificate authority will be included in service account's token secret. This must be a valid PEM-encoded CA bundle.")
-	fs.StringVar(&s.ContentType, "kube-api-content-type", s.ContentType, "Content type of requests sent to apiserver.")
-	fs.Float32Var(&s.KubeAPIQPS, "kube-api-qps", s.KubeAPIQPS, "QPS to use while talking with kubernetes apiserver")
-	fs.Int32Var(&s.KubeAPIBurst, "kube-api-burst", s.KubeAPIBurst, "Burst to use while talking with kubernetes apiserver")
-	fs.DurationVar(&s.ControllerStartInterval.Duration, "controller-start-interval", s.ControllerStartInterval.Duration, "Interval between starting controller managers.")
-	fs.BoolVar(&s.EnableGarbageCollector, "enable-garbage-collector", s.EnableGarbageCollector, "Enables the generic garbage collector. MUST be synced with the corresponding flag of the kube-apiserver.")
-	fs.Int32Var(&s.ConcurrentGCSyncs, "concurrent-gc-syncs", s.ConcurrentGCSyncs, "The number of garbage collector workers that are allowed to sync concurrently.")
-	fs.Float32Var(&s.NodeEvictionRate, "node-eviction-rate", 0.1, "Number of nodes per second on which pods are deleted in case of node failure when a zone is healthy (see --unhealthy-zone-threshold for definition of healthy/unhealthy). Zone refers to entire cluster in non-multizone clusters.")
-	fs.Float32Var(&s.SecondaryNodeEvictionRate, "secondary-node-eviction-rate", 0.01, "Number of nodes per second on which pods are deleted in case of node failure when a zone is unhealthy (see --unhealthy-zone-threshold for definition of healthy/unhealthy). Zone refers to entire cluster in non-multizone clusters. This value is implicitly overridden to 0 if the cluster size is smaller than --large-cluster-size-threshold.")
-	fs.Int32Var(&s.LargeClusterSizeThreshold, "large-cluster-size-threshold", 50, "Number of nodes from which NodeController treats the cluster as large for the eviction logic purposes. --secondary-node-eviction-rate is implicitly overridden to 0 for clusters this size or smaller.")
-	fs.Float32Var(&s.UnhealthyZoneThreshold, "unhealthy-zone-threshold", 0.55, "Fraction of Nodes in a zone which needs to be not Ready (minimum 3) for zone to be treated as unhealthy. ")
-	fs.BoolVar(&s.DisableAttachDetachReconcilerSync, "disable-attach-detach-reconcile-sync", false, "Disable volume attach detach reconciler sync. Disabling this may cause volumes to be mismatched with pods. Use wisely.")
-	fs.DurationVar(&s.ReconcilerSyncLoopPeriod.Duration, "attach-detach-reconcile-sync-period", s.ReconcilerSyncLoopPeriod.Duration, "The reconciler sync wait time between volume attach detach. This duration must be larger than one second, and increasing this value from the default may allow for volumes to be mismatched with pods.")
-	fs.BoolVar(&s.EnableTaintManager, "enable-taint-manager", s.EnableTaintManager, "WARNING: Beta feature. If set to true enables NoExecute Taints and will evict all not-tolerating Pod running on Nodes tainted with this kind of Taints.")
-	fs.BoolVar(&s.HorizontalPodAutoscalerUseRESTClients, "horizontal-pod-autoscaler-use-rest-clients", s.HorizontalPodAutoscalerUseRESTClients, "WARNING: alpha feature.  If set to true, causes the horizontal pod autoscaler controller to use REST clients through the kube-aggregator, instead of using the legacy metrics client through the API server proxy.  This is required for custom metrics support in the horizontal pod autoscaler.")
-
-	leaderelectionconfig.BindFlags(&s.LeaderElection, fs)
+	fs.StringVar(&s.Generic.ComponentConfig.ServiceCIDR, "service-cluster-ip-range", s.Generic.ComponentConfig.ServiceCIDR, "CIDR Range for Services in cluster. Requires --allocate-node-cidrs to be true")
+	fs.Int32Var(&s.Generic.ComponentConfig.NodeCIDRMaskSize, "node-cidr-mask-size", s.Generic.ComponentConfig.NodeCIDRMaskSize, "Mask size for node cidr in cluster.")
+	fs.StringVar(&s.Generic.ComponentConfig.RootCAFile, "root-ca-file", s.Generic.ComponentConfig.RootCAFile, "If set, this root certificate authority will be included in service account's token secret. This must be a valid PEM-encoded CA bundle.")
+	fs.BoolVar(&s.Generic.ComponentConfig.EnableGarbageCollector, "enable-garbage-collector", s.Generic.ComponentConfig.EnableGarbageCollector, "Enables the generic garbage collector. MUST be synced with the corresponding flag of the kube-apiserver.")
+	fs.Int32Var(&s.Generic.ComponentConfig.ConcurrentGCSyncs, "concurrent-gc-syncs", s.Generic.ComponentConfig.ConcurrentGCSyncs, "The number of garbage collector workers that are allowed to sync concurrently.")
+	fs.Int32Var(&s.Generic.ComponentConfig.LargeClusterSizeThreshold, "large-cluster-size-threshold", 50, "Number of nodes from which NodeController treats the cluster as large for the eviction logic purposes. --secondary-node-eviction-rate is implicitly overridden to 0 for clusters this size or smaller.")
+	fs.Float32Var(&s.Generic.ComponentConfig.UnhealthyZoneThreshold, "unhealthy-zone-threshold", 0.55, "Fraction of Nodes in a zone which needs to be not Ready (minimum 3) for zone to be treated as unhealthy. ")
+	fs.BoolVar(&s.Generic.ComponentConfig.DisableAttachDetachReconcilerSync, "disable-attach-detach-reconcile-sync", false, "Disable volume attach detach reconciler sync. Disabling this may cause volumes to be mismatched with pods. Use wisely.")
+	fs.DurationVar(&s.Generic.ComponentConfig.ReconcilerSyncLoopPeriod.Duration, "attach-detach-reconcile-sync-period", s.Generic.ComponentConfig.ReconcilerSyncLoopPeriod.Duration, "The reconciler sync wait time between volume attach detach. This duration must be larger than one second, and increasing this value from the default may allow for volumes to be mismatched with pods.")
+	fs.BoolVar(&s.Generic.ComponentConfig.EnableTaintManager, "enable-taint-manager", s.Generic.ComponentConfig.EnableTaintManager, "WARNING: Beta feature. If set to true enables NoExecute Taints and will evict all not-tolerating Pod running on Nodes tainted with this kind of Taints.")
+	fs.BoolVar(&s.Generic.ComponentConfig.HorizontalPodAutoscalerUseRESTClients, "horizontal-pod-autoscaler-use-rest-clients", s.Generic.ComponentConfig.HorizontalPodAutoscalerUseRESTClients, "WARNING: alpha feature.  If set to true, causes the horizontal pod autoscaler controller to use REST clients through the kube-aggregator, instead of using the legacy metrics client through the API server proxy.  This is required for custom metrics support in the horizontal pod autoscaler.")
+	fs.Float32Var(&s.Generic.ComponentConfig.NodeEvictionRate, "node-eviction-rate", 0.1, "Number of nodes per second on which pods are deleted in case of node failure when a zone is healthy (see --unhealthy-zone-threshold for definition of healthy/unhealthy). Zone refers to entire cluster in non-multizone clusters.")
+	fs.Float32Var(&s.Generic.ComponentConfig.SecondaryNodeEvictionRate, "secondary-node-eviction-rate", 0.01, "Number of nodes per second on which pods are deleted in case of node failure when a zone is unhealthy (see --unhealthy-zone-threshold for definition of healthy/unhealthy). Zone refers to entire cluster in non-multizone clusters. This value is implicitly overridden to 0 if the cluster size is smaller than --large-cluster-size-threshold.")
+
+	leaderelectionconfig.BindFlags(&s.Generic.ComponentConfig.LeaderElection, fs)
 
 	utilfeature.DefaultFeatureGate.AddFlag(fs)
 }
 
+// ApplyTo fills up controller manager config with options.
+func (s *KubeControllerManagerOptions) ApplyTo(c *kubecontrollerconfig.Config) error {
+	err := s.Generic.ApplyTo(&c.Generic, "controller-manager")
+
+	return err
+}
+
 // Validate is used to validate the options and config before launching the controller manager
-func (s *CMServer) Validate(allControllers []string, disabledByDefaultControllers []string) error {
+func (s *KubeControllerManagerOptions) Validate(allControllers []string, disabledByDefaultControllers []string) error {
 	var errs []error
 
 	allControllersSet := sets.NewString(allControllers...)
-	for _, controller := range s.Controllers {
+	for _, controller := range s.Generic.ComponentConfig.Controllers {
 		if controller == "*" {
 			continue
 		}
@@ -256,3 +173,17 @@ func (s *CMServer) Validate(allControllers []string, disabledByDefaultController
 
 	return utilerrors.NewAggregate(errs)
 }
+
+// Config return a controller manager config objective
+func (s KubeControllerManagerOptions) Config(allControllers []string, disabledByDefaultControllers []string) (*kubecontrollerconfig.Config, error) {
+	if err := s.Validate(allControllers, disabledByDefaultControllers); err != nil {
+		return nil, err
+	}
+
+	c := &kubecontrollerconfig.Config{}
+	if err := s.ApplyTo(c); err != nil {
+		return nil, err
+	}
+
+	return c, nil
+}
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/plugins.go b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/plugins.go
index 170c366c90a7..42034d5c6d53 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/plugins.go
+++ b/vendor/k8s.io/kubernetes/cmd/kube-controller-manager/app/plugins.go
@@ -102,13 +102,11 @@ func ProbeExpandableVolumePlugins(config componentconfig.VolumeConfiguration) []
 	allPlugins = append(allPlugins, glusterfs.ProbeVolumePlugins()...)
 	allPlugins = append(allPlugins, rbd.ProbeVolumePlugins()...)
 	allPlugins = append(allPlugins, azure_dd.ProbeVolumePlugins()...)
+	allPlugins = append(allPlugins, azure_file.ProbeVolumePlugins()...)
 	allPlugins = append(allPlugins, photon_pd.ProbeVolumePlugins()...)
 	allPlugins = append(allPlugins, scaleio.ProbeVolumePlugins()...)
 	allPlugins = append(allPlugins, storageos.ProbeVolumePlugins()...)
 	allPlugins = append(allPlugins, fc.ProbeVolumePlugins()...)
-	if !utilfeature.DefaultFeatureGate.Enabled(features.CSIPersistentVolume) {
-		allPlugins = append(allPlugins, csi.ProbeVolumePlugins()...)
-	}
 	return allPlugins
 }
 
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/BUILD b/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/BUILD
index 4a4cb061112a..3ae5ab8f044a 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/BUILD
+++ b/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/BUILD
@@ -11,9 +11,49 @@ go_library(
     srcs = [
         "conntrack.go",
         "server.go",
-        "server_others.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "init_others.go",
+            "server_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "init_others.go",
+            "server_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "init_others.go",
+            "server_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "init_others.go",
+            "server_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "init_others.go",
+            "server_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "init_others.go",
+            "server_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "init_others.go",
+            "server_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "init_others.go",
+            "server_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "init_others.go",
+            "server_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "init_others.go",
+            "server_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "init_windows.go",
             "server_windows.go",
         ],
         "//conditions:default": [],
@@ -24,7 +64,6 @@ go_library(
         "//pkg/apis/core:go_default_library",
         "//pkg/client/clientset_generated/internalclientset:go_default_library",
         "//pkg/client/informers/informers_generated/internalversion:go_default_library",
-        "//pkg/features:go_default_library",
         "//pkg/kubectl/cmd/util:go_default_library",
         "//pkg/kubelet/qos:go_default_library",
         "//pkg/master/ports:go_default_library",
@@ -37,10 +76,9 @@ go_library(
         "//pkg/proxy/healthcheck:go_default_library",
         "//pkg/proxy/iptables:go_default_library",
         "//pkg/proxy/ipvs:go_default_library",
-        "//pkg/proxy/metrics:go_default_library",
         "//pkg/proxy/userspace:go_default_library",
         "//pkg/util/configz:go_default_library",
-        "//pkg/util/dbus:go_default_library",
+        "//pkg/util/flag:go_default_library",
         "//pkg/util/ipset:go_default_library",
         "//pkg/util/iptables:go_default_library",
         "//pkg/util/ipvs:go_default_library",
@@ -61,12 +99,13 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/serializer/json:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server/healthz:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server/mux:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server/routes:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/flag:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes/typed/core/v1:go_default_library",
         "//vendor/k8s.io/client-go/rest:go_default_library",
@@ -75,10 +114,83 @@ go_library(
         "//vendor/k8s.io/client-go/tools/record:go_default_library",
         "//vendor/k8s.io/utils/exec:go_default_library",
     ] + select({
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "//pkg/features:go_default_library",
+            "//pkg/proxy/metrics:go_default_library",
+            "//pkg/util/dbus:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "//pkg/features:go_default_library",
+            "//pkg/proxy/metrics:go_default_library",
+            "//pkg/util/dbus:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "//pkg/features:go_default_library",
+            "//pkg/proxy/metrics:go_default_library",
+            "//pkg/util/dbus:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "//pkg/features:go_default_library",
+            "//pkg/proxy/metrics:go_default_library",
+            "//pkg/util/dbus:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "//pkg/features:go_default_library",
+            "//pkg/proxy/metrics:go_default_library",
+            "//pkg/util/dbus:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "//pkg/features:go_default_library",
+            "//pkg/proxy/metrics:go_default_library",
+            "//pkg/util/dbus:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "//pkg/features:go_default_library",
+            "//pkg/proxy/metrics:go_default_library",
+            "//pkg/util/dbus:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "//pkg/features:go_default_library",
+            "//pkg/proxy/metrics:go_default_library",
+            "//pkg/util/dbus:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "//pkg/features:go_default_library",
+            "//pkg/proxy/metrics:go_default_library",
+            "//pkg/util/dbus:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "//pkg/features:go_default_library",
+            "//pkg/proxy/metrics:go_default_library",
+            "//pkg/util/dbus:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
             "//pkg/proxy/winkernel:go_default_library",
             "//pkg/proxy/winuserspace:go_default_library",
             "//pkg/util/netsh:go_default_library",
+            "//pkg/windows/service:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
         ],
         "//conditions:default": [],
     }),
@@ -86,19 +198,104 @@ go_library(
 
 go_test(
     name = "go_default_test",
-    srcs = ["server_test.go"],
-    importpath = "k8s.io/kubernetes/cmd/kube-proxy/app",
-    library = ":go_default_library",
+    srcs = [
+        "server_test.go",
+    ] + select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "server_others_test.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "server_others_test.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "server_others_test.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "server_others_test.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "server_others_test.go",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "server_others_test.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "server_others_test.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "server_others_test.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "server_others_test.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "server_others_test.go",
+        ],
+        "//conditions:default": [],
+    }),
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
+        "//pkg/features:go_default_library",
         "//pkg/proxy/apis/kubeproxyconfig:go_default_library",
         "//pkg/util/configz:go_default_library",
-        "//pkg/util/iptables:go_default_library",
         "//pkg/util/pointer:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/diff:go_default_library",
-    ],
+    ] + select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "//pkg/proxy/ipvs:go_default_library",
+            "//pkg/util/iptables:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "//pkg/proxy/ipvs:go_default_library",
+            "//pkg/util/iptables:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "//pkg/proxy/ipvs:go_default_library",
+            "//pkg/util/iptables:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "//pkg/proxy/ipvs:go_default_library",
+            "//pkg/util/iptables:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "//pkg/proxy/ipvs:go_default_library",
+            "//pkg/util/iptables:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "//pkg/proxy/ipvs:go_default_library",
+            "//pkg/util/iptables:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "//pkg/proxy/ipvs:go_default_library",
+            "//pkg/util/iptables:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "//pkg/proxy/ipvs:go_default_library",
+            "//pkg/util/iptables:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "//pkg/proxy/ipvs:go_default_library",
+            "//pkg/util/iptables:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "//pkg/proxy/ipvs:go_default_library",
+            "//pkg/util/iptables:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
+        ],
+        "//conditions:default": [],
+    }),
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/init_others.go b/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/init_others.go
new file mode 100644
index 000000000000..6c0e6b8c7d57
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/init_others.go
@@ -0,0 +1,30 @@
+// +build !windows
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package app
+
+import (
+	"github.com/spf13/pflag"
+)
+
+func initForOS(service bool) error {
+	return nil
+}
+
+func (o *Options) addOSFlags(fs *pflag.FlagSet) {
+}
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/init_windows.go b/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/init_windows.go
new file mode 100644
index 000000000000..85cafcda53bc
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/init_windows.go
@@ -0,0 +1,40 @@
+// +build windows
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package app
+
+import (
+	"k8s.io/kubernetes/pkg/windows/service"
+
+	"github.com/spf13/pflag"
+)
+
+const (
+	serviceName = "kube-proxy"
+)
+
+func initForOS(windowsService bool) error {
+	if windowsService {
+		return service.InitService(serviceName)
+	}
+	return nil
+}
+
+func (o *Options) addOSFlags(fs *pflag.FlagSet) {
+	fs.BoolVar(&o.WindowsService, "windows-service", o.WindowsService, "Enable Windows Service Control Manager API integration")
+}
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server.go b/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server.go
index 35a7c14e58a8..b9a51961a418 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server.go
+++ b/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server.go
@@ -24,7 +24,6 @@ import (
 	"io/ioutil"
 	"net"
 	"net/http"
-	"net/http/pprof"
 	"os"
 	goruntime "runtime"
 	"strings"
@@ -38,7 +37,10 @@ import (
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/apiserver/pkg/server/healthz"
+	"k8s.io/apiserver/pkg/server/mux"
+	"k8s.io/apiserver/pkg/server/routes"
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
+	"k8s.io/apiserver/pkg/util/flag"
 	clientgoclientset "k8s.io/client-go/kubernetes"
 	v1core "k8s.io/client-go/kubernetes/typed/core/v1"
 	"k8s.io/client-go/rest"
@@ -63,6 +65,7 @@ import (
 	"k8s.io/kubernetes/pkg/proxy/ipvs"
 	"k8s.io/kubernetes/pkg/proxy/userspace"
 	"k8s.io/kubernetes/pkg/util/configz"
+	utilflag "k8s.io/kubernetes/pkg/util/flag"
 	utilipset "k8s.io/kubernetes/pkg/util/ipset"
 	utiliptables "k8s.io/kubernetes/pkg/util/iptables"
 	utilipvs "k8s.io/kubernetes/pkg/util/ipvs"
@@ -97,6 +100,9 @@ type Options struct {
 	CleanupAndExit bool
 	// CleanupIPVS, when true, makes the proxy server clean up ipvs rules before running.
 	CleanupIPVS bool
+	// WindowsService should be set to true if kube-proxy is running as a service on Windows.
+	// Its corresponding flag only gets registered in Windows builds
+	WindowsService bool
 	// config is the proxy server's configuration object.
 	config *kubeproxyconfig.KubeProxyConfiguration
 
@@ -115,58 +121,62 @@ type Options struct {
 }
 
 // AddFlags adds flags to fs and binds them to options.
-func AddFlags(options *Options, fs *pflag.FlagSet) {
-	fs.StringVar(&options.ConfigFile, "config", options.ConfigFile, "The path to the configuration file.")
-	fs.StringVar(&options.WriteConfigTo, "write-config-to", options.WriteConfigTo, "If set, write the default configuration values to this file and exit.")
-	fs.BoolVar(&options.CleanupAndExit, "cleanup-iptables", options.CleanupAndExit, "If true cleanup iptables and ipvs rules and exit.")
+func (o *Options) AddFlags(fs *pflag.FlagSet) {
+	o.addOSFlags(fs)
+	fs.StringVar(&o.ConfigFile, "config", o.ConfigFile, "The path to the configuration file.")
+	fs.StringVar(&o.WriteConfigTo, "write-config-to", o.WriteConfigTo, "If set, write the default configuration values to this file and exit.")
+	fs.BoolVar(&o.CleanupAndExit, "cleanup-iptables", o.CleanupAndExit, "If true cleanup iptables and ipvs rules and exit.")
 	fs.MarkDeprecated("cleanup-iptables", "This flag is replaced by --cleanup.")
-	fs.BoolVar(&options.CleanupAndExit, "cleanup", options.CleanupAndExit, "If true cleanup iptables and ipvs rules and exit.")
-	fs.BoolVar(&options.CleanupIPVS, "cleanup-ipvs", options.CleanupIPVS, "If true make kube-proxy cleanup ipvs rules before running.  Default is true")
+	fs.BoolVar(&o.CleanupAndExit, "cleanup", o.CleanupAndExit, "If true cleanup iptables and ipvs rules and exit.")
+	fs.BoolVar(&o.CleanupIPVS, "cleanup-ipvs", o.CleanupIPVS, "If true make kube-proxy cleanup ipvs rules before running.  Default is true")
 
 	// All flags below here are deprecated and will eventually be removed.
 
-	fs.Var(componentconfig.IPVar{Val: &options.config.BindAddress}, "bind-address", "The IP address for the proxy server to serve on (set to `0.0.0.0` for all IPv4 interfaces and `::` for all IPv6 interfaces)")
-	fs.StringVar(&options.master, "master", options.master, "The address of the Kubernetes API server (overrides any value in kubeconfig)")
-	fs.Int32Var(&options.healthzPort, "healthz-port", options.healthzPort, "The port to bind the health check server. Use 0 to disable.")
-	fs.Var(componentconfig.IPVar{Val: &options.config.HealthzBindAddress}, "healthz-bind-address", "The IP address and port for the health check server to serve on (set to `0.0.0.0` for all IPv4 interfaces and `::` for all IPv6 interfaces)")
-	fs.Var(componentconfig.IPVar{Val: &options.config.MetricsBindAddress}, "metrics-bind-address", "The IP address and port for the metrics server to serve on (set to `0.0.0.0` for all IPv4 interfaces and `::` for all IPv6 interfaces)")
-	fs.Int32Var(options.config.OOMScoreAdj, "oom-score-adj", utilpointer.Int32PtrDerefOr(options.config.OOMScoreAdj, int32(qos.KubeProxyOOMScoreAdj)), "The oom-score-adj value for kube-proxy process. Values must be within the range [-1000, 1000]")
-	fs.StringVar(&options.config.ResourceContainer, "resource-container", options.config.ResourceContainer, "Absolute name of the resource-only container to create and run the Kube-proxy in (Default: /kube-proxy).")
+	fs.Var(componentconfig.IPVar{Val: &o.config.BindAddress}, "bind-address", "The IP address for the proxy server to serve on (set to `0.0.0.0` for all IPv4 interfaces and `::` for all IPv6 interfaces)")
+	fs.StringVar(&o.master, "master", o.master, "The address of the Kubernetes API server (overrides any value in kubeconfig)")
+	fs.Int32Var(&o.healthzPort, "healthz-port", o.healthzPort, "The port to bind the health check server. Use 0 to disable.")
+	fs.Var(componentconfig.IPVar{Val: &o.config.HealthzBindAddress}, "healthz-bind-address", "The IP address and port for the health check server to serve on (set to `0.0.0.0` for all IPv4 interfaces and `::` for all IPv6 interfaces)")
+	fs.Var(componentconfig.IPVar{Val: &o.config.MetricsBindAddress}, "metrics-bind-address", "The IP address and port for the metrics server to serve on (set to `0.0.0.0` for all IPv4 interfaces and `::` for all IPv6 interfaces)")
+	fs.Int32Var(o.config.OOMScoreAdj, "oom-score-adj", utilpointer.Int32PtrDerefOr(o.config.OOMScoreAdj, int32(qos.KubeProxyOOMScoreAdj)), "The oom-score-adj value for kube-proxy process. Values must be within the range [-1000, 1000]")
+	fs.StringVar(&o.config.ResourceContainer, "resource-container", o.config.ResourceContainer, "Absolute name of the resource-only container to create and run the Kube-proxy in (Default: /kube-proxy).")
 	fs.MarkDeprecated("resource-container", "This feature will be removed in a later release.")
-	fs.StringVar(&options.config.ClientConnection.KubeConfigFile, "kubeconfig", options.config.ClientConnection.KubeConfigFile, "Path to kubeconfig file with authorization information (the master location is set by the master flag).")
-	fs.Var(componentconfig.PortRangeVar{Val: &options.config.PortRange}, "proxy-port-range", "Range of host ports (beginPort-endPort, inclusive) that may be consumed in order to proxy service traffic. If unspecified (0-0) then ports will be randomly chosen.")
-	fs.StringVar(&options.config.HostnameOverride, "hostname-override", options.config.HostnameOverride, "If non-empty, will use this string as identification instead of the actual hostname.")
-	fs.Var(&options.config.Mode, "proxy-mode", "Which proxy mode to use: 'userspace' (older) or 'iptables' (faster) or 'ipvs'(experimental)'. If blank, use the best-available proxy (currently iptables).  If the iptables proxy is selected, regardless of how, but the system's kernel or iptables versions are insufficient, this always falls back to the userspace proxy.")
-	fs.Int32Var(options.config.IPTables.MasqueradeBit, "iptables-masquerade-bit", utilpointer.Int32PtrDerefOr(options.config.IPTables.MasqueradeBit, 14), "If using the pure iptables proxy, the bit of the fwmark space to mark packets requiring SNAT with.  Must be within the range [0, 31].")
-	fs.DurationVar(&options.config.IPTables.SyncPeriod.Duration, "iptables-sync-period", options.config.IPTables.SyncPeriod.Duration, "The maximum interval of how often iptables rules are refreshed (e.g. '5s', '1m', '2h22m').  Must be greater than 0.")
-	fs.DurationVar(&options.config.IPTables.MinSyncPeriod.Duration, "iptables-min-sync-period", options.config.IPTables.MinSyncPeriod.Duration, "The minimum interval of how often the iptables rules can be refreshed as endpoints and services change (e.g. '5s', '1m', '2h22m').")
-	fs.DurationVar(&options.config.IPVS.SyncPeriod.Duration, "ipvs-sync-period", options.config.IPVS.SyncPeriod.Duration, "The maximum interval of how often ipvs rules are refreshed (e.g. '5s', '1m', '2h22m').  Must be greater than 0.")
-	fs.DurationVar(&options.config.IPVS.MinSyncPeriod.Duration, "ipvs-min-sync-period", options.config.IPVS.MinSyncPeriod.Duration, "The minimum interval of how often the ipvs rules can be refreshed as endpoints and services change (e.g. '5s', '1m', '2h22m').")
-	fs.DurationVar(&options.config.ConfigSyncPeriod.Duration, "config-sync-period", options.config.ConfigSyncPeriod.Duration, "How often configuration from the apiserver is refreshed.  Must be greater than 0.")
-	fs.BoolVar(&options.config.IPTables.MasqueradeAll, "masquerade-all", options.config.IPTables.MasqueradeAll, "If using the pure iptables proxy, SNAT all traffic sent via Service cluster IPs (this not commonly needed)")
-	fs.StringVar(&options.config.ClusterCIDR, "cluster-cidr", options.config.ClusterCIDR, "The CIDR range of pods in the cluster. When configured, traffic sent to a Service cluster IP from outside this range will be masqueraded and traffic sent from pods to an external LoadBalancer IP will be directed to the respective cluster IP instead")
-	fs.StringVar(&options.config.ClientConnection.ContentType, "kube-api-content-type", options.config.ClientConnection.ContentType, "Content type of requests sent to apiserver.")
-	fs.Float32Var(&options.config.ClientConnection.QPS, "kube-api-qps", options.config.ClientConnection.QPS, "QPS to use while talking with kubernetes apiserver")
-	fs.Int32Var(&options.config.ClientConnection.Burst, "kube-api-burst", options.config.ClientConnection.Burst, "Burst to use while talking with kubernetes apiserver")
-	fs.DurationVar(&options.config.UDPIdleTimeout.Duration, "udp-timeout", options.config.UDPIdleTimeout.Duration, "How long an idle UDP connection will be kept open (e.g. '250ms', '2s').  Must be greater than 0. Only applicable for proxy-mode=userspace")
-	if options.config.Conntrack.Max == nil {
-		options.config.Conntrack.Max = utilpointer.Int32Ptr(0)
-	}
-	fs.Int32Var(options.config.Conntrack.Max, "conntrack-max", *options.config.Conntrack.Max,
+	fs.StringVar(&o.config.ClientConnection.KubeConfigFile, "kubeconfig", o.config.ClientConnection.KubeConfigFile, "Path to kubeconfig file with authorization information (the master location is set by the master flag).")
+	fs.Var(componentconfig.PortRangeVar{Val: &o.config.PortRange}, "proxy-port-range", "Range of host ports (beginPort-endPort, inclusive) that may be consumed in order to proxy service traffic. If unspecified (0-0) then ports will be randomly chosen.")
+	fs.StringVar(&o.config.HostnameOverride, "hostname-override", o.config.HostnameOverride, "If non-empty, will use this string as identification instead of the actual hostname.")
+	fs.Var(&o.config.Mode, "proxy-mode", "Which proxy mode to use: 'userspace' (older) or 'iptables' (faster) or 'ipvs' (experimental). If blank, use the best-available proxy (currently iptables).  If the iptables proxy is selected, regardless of how, but the system's kernel or iptables versions are insufficient, this always falls back to the userspace proxy.")
+	fs.Int32Var(o.config.IPTables.MasqueradeBit, "iptables-masquerade-bit", utilpointer.Int32PtrDerefOr(o.config.IPTables.MasqueradeBit, 14), "If using the pure iptables proxy, the bit of the fwmark space to mark packets requiring SNAT with.  Must be within the range [0, 31].")
+	fs.DurationVar(&o.config.IPTables.SyncPeriod.Duration, "iptables-sync-period", o.config.IPTables.SyncPeriod.Duration, "The maximum interval of how often iptables rules are refreshed (e.g. '5s', '1m', '2h22m').  Must be greater than 0.")
+	fs.DurationVar(&o.config.IPTables.MinSyncPeriod.Duration, "iptables-min-sync-period", o.config.IPTables.MinSyncPeriod.Duration, "The minimum interval of how often the iptables rules can be refreshed as endpoints and services change (e.g. '5s', '1m', '2h22m').")
+	fs.DurationVar(&o.config.IPVS.SyncPeriod.Duration, "ipvs-sync-period", o.config.IPVS.SyncPeriod.Duration, "The maximum interval of how often ipvs rules are refreshed (e.g. '5s', '1m', '2h22m').  Must be greater than 0.")
+	fs.DurationVar(&o.config.IPVS.MinSyncPeriod.Duration, "ipvs-min-sync-period", o.config.IPVS.MinSyncPeriod.Duration, "The minimum interval of how often the ipvs rules can be refreshed as endpoints and services change (e.g. '5s', '1m', '2h22m').")
+	fs.DurationVar(&o.config.ConfigSyncPeriod.Duration, "config-sync-period", o.config.ConfigSyncPeriod.Duration, "How often configuration from the apiserver is refreshed.  Must be greater than 0.")
+	fs.BoolVar(&o.config.IPTables.MasqueradeAll, "masquerade-all", o.config.IPTables.MasqueradeAll, "If using the pure iptables proxy, SNAT all traffic sent via Service cluster IPs (this not commonly needed)")
+	fs.StringVar(&o.config.ClusterCIDR, "cluster-cidr", o.config.ClusterCIDR, "The CIDR range of pods in the cluster. When configured, traffic sent to a Service cluster IP from outside this range will be masqueraded and traffic sent from pods to an external LoadBalancer IP will be directed to the respective cluster IP instead")
+	fs.StringVar(&o.config.ClientConnection.ContentType, "kube-api-content-type", o.config.ClientConnection.ContentType, "Content type of requests sent to apiserver.")
+	fs.Float32Var(&o.config.ClientConnection.QPS, "kube-api-qps", o.config.ClientConnection.QPS, "QPS to use while talking with kubernetes apiserver")
+	fs.Int32Var(&o.config.ClientConnection.Burst, "kube-api-burst", o.config.ClientConnection.Burst, "Burst to use while talking with kubernetes apiserver")
+	fs.DurationVar(&o.config.UDPIdleTimeout.Duration, "udp-timeout", o.config.UDPIdleTimeout.Duration, "How long an idle UDP connection will be kept open (e.g. '250ms', '2s').  Must be greater than 0. Only applicable for proxy-mode=userspace")
+	if o.config.Conntrack.Max == nil {
+		o.config.Conntrack.Max = utilpointer.Int32Ptr(0)
+	}
+	fs.Int32Var(o.config.Conntrack.Max, "conntrack-max", *o.config.Conntrack.Max,
 		"Maximum number of NAT connections to track (0 to leave as-is). This overrides conntrack-max-per-core and conntrack-min.")
 	fs.MarkDeprecated("conntrack-max", "This feature will be removed in a later release.")
-	fs.Int32Var(options.config.Conntrack.MaxPerCore, "conntrack-max-per-core", *options.config.Conntrack.MaxPerCore,
+	fs.Int32Var(o.config.Conntrack.MaxPerCore, "conntrack-max-per-core", *o.config.Conntrack.MaxPerCore,
 		"Maximum number of NAT connections to track per CPU core (0 to leave the limit as-is and ignore conntrack-min).")
-	fs.Int32Var(options.config.Conntrack.Min, "conntrack-min", *options.config.Conntrack.Min,
+	fs.Int32Var(o.config.Conntrack.Min, "conntrack-min", *o.config.Conntrack.Min,
 		"Minimum number of conntrack entries to allocate, regardless of conntrack-max-per-core (set conntrack-max-per-core=0 to leave the limit as-is).")
-	fs.DurationVar(&options.config.Conntrack.TCPEstablishedTimeout.Duration, "conntrack-tcp-timeout-established", options.config.Conntrack.TCPEstablishedTimeout.Duration, "Idle timeout for established TCP connections (0 to leave as-is)")
+	fs.DurationVar(&o.config.Conntrack.TCPEstablishedTimeout.Duration, "conntrack-tcp-timeout-established", o.config.Conntrack.TCPEstablishedTimeout.Duration, "Idle timeout for established TCP connections (0 to leave as-is)")
 	fs.DurationVar(
-		&options.config.Conntrack.TCPCloseWaitTimeout.Duration, "conntrack-tcp-timeout-close-wait",
-		options.config.Conntrack.TCPCloseWaitTimeout.Duration,
+		&o.config.Conntrack.TCPCloseWaitTimeout.Duration, "conntrack-tcp-timeout-close-wait",
+		o.config.Conntrack.TCPCloseWaitTimeout.Duration,
 		"NAT timeout for TCP connections in the CLOSE_WAIT state")
-	fs.BoolVar(&options.config.EnableProfiling, "profiling", options.config.EnableProfiling, "If true enables profiling via web interface on /debug/pprof handler.")
-	fs.StringVar(&options.config.IPVS.Scheduler, "ipvs-scheduler", options.config.IPVS.Scheduler, "The ipvs scheduler type when proxy mode is ipvs")
-	utilfeature.DefaultFeatureGate.AddFlag(fs)
+	fs.BoolVar(&o.config.EnableProfiling, "profiling", o.config.EnableProfiling, "If true enables profiling via web interface on /debug/pprof handler.")
+	fs.StringVar(&o.config.IPVS.Scheduler, "ipvs-scheduler", o.config.IPVS.Scheduler, "The ipvs scheduler type when proxy mode is ipvs")
+	fs.StringSliceVar(&o.config.NodePortAddresses, "nodeport-addresses", o.config.NodePortAddresses,
+		"A string slice of values which specify the addresses to use for NodePorts. Values may be valid IP blocks (e.g. 1.2.3.0/24, 1.2.3.4/32). The default empty string slice ([]) means to use all local addresses.")
+	fs.Var(flag.NewMapStringBool(&o.config.FeatureGates), "feature-gates", "A set of key=value pairs that describe feature gates for alpha/experimental features. "+
+		"Options are:\n"+strings.Join(utilfeature.DefaultFeatureGate.KnownFeatures(), "\n"))
 }
 
 func NewOptions() *Options {
@@ -192,11 +202,14 @@ func (o *Options) Complete() error {
 			return err
 		} else {
 			o.config = c
-			// Make sure we apply the feature gate settings in the config file.
-			utilfeature.DefaultFeatureGate.Set(o.config.FeatureGates)
 		}
 	}
 
+	err := utilfeature.DefaultFeatureGate.SetFromMap(o.config.FeatureGates)
+	if err != nil {
+		return err
+	}
+
 	return nil
 }
 
@@ -318,8 +331,8 @@ func (o *Options) ApplyDefaults(in *kubeproxyconfig.KubeProxyConfiguration) (*ku
 	return out, nil
 }
 
-func (o *Options) SetConfig(in *kubeproxyconfig.KubeProxyConfiguration) {
-	o.config = in
+func (o *Options) SetConfig(cfg *kubeproxyconfig.KubeProxyConfiguration) {
+	o.config = cfg
 }
 
 // NewProxyCommand creates a *cobra.Command object with default parameters
@@ -337,6 +350,12 @@ addon that provides cluster DNS for these cluster IPs. The user must create a se
 with the apiserver API to configure the proxy.`,
 		Run: func(cmd *cobra.Command, args []string) {
 			verflag.PrintAndExitIfRequested()
+			utilflag.PrintFlags(cmd.Flags())
+
+			if err := initForOS(opts.WindowsService); err != nil {
+				glog.Fatalf("failed OS init: %v", err)
+			}
+
 			cmdutil.CheckErr(opts.Complete())
 			cmdutil.CheckErr(opts.Validate(args))
 			cmdutil.CheckErr(opts.Run())
@@ -349,8 +368,7 @@ with the apiserver API to configure the proxy.`,
 		glog.Fatalf("unable to create flag defaults: %v", err)
 	}
 
-	flags := cmd.Flags()
-	AddFlags(opts, flags)
+	opts.AddFlags(cmd.Flags())
 
 	cmd.MarkFlagFilename("config", "yaml", "yml", "json")
 
@@ -468,17 +486,14 @@ func (s *ProxyServer) Run() error {
 
 	// Start up a metrics server if requested
 	if len(s.MetricsBindAddress) > 0 {
-		mux := http.NewServeMux()
+		mux := mux.NewPathRecorderMux("kube-proxy")
 		healthz.InstallHandler(mux)
 		mux.HandleFunc("/proxyMode", func(w http.ResponseWriter, r *http.Request) {
 			fmt.Fprintf(w, "%s", s.ProxyMode)
 		})
 		mux.Handle("/metrics", prometheus.Handler())
 		if s.EnableProfiling {
-			mux.HandleFunc("/debug/pprof/", pprof.Index)
-			mux.HandleFunc("/debug/pprof/profile", pprof.Profile)
-			mux.HandleFunc("/debug/pprof/symbol", pprof.Symbol)
-			mux.HandleFunc("/debug/pprof/trace", pprof.Trace)
+			routes.Profiling{}.Install(mux)
 		}
 		configz.InstallHandler(mux)
 		go wait.Until(func() {
diff --git a/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_others.go b/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_others.go
index 51bb09fd015e..46b1acbe286b 100644
--- a/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_others.go
+++ b/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_others.go
@@ -72,7 +72,7 @@ func newProxyServer(
 	if c, err := configz.New(proxyconfigapi.GroupName); err == nil {
 		c.Set(config)
 	} else {
-		glog.Warningf("unable to register configz: %s", err)
+		return nil, fmt.Errorf("unable to register configz: %s", err)
 	}
 
 	protocol := utiliptables.ProtocolIpv4
@@ -83,6 +83,7 @@ func newProxyServer(
 
 	var iptInterface utiliptables.Interface
 	var ipvsInterface utilipvs.Interface
+	var kernelHandler ipvs.KernelHandler
 	var ipsetInterface utilipset.Interface
 	var dbus utildbus.Interface
 
@@ -92,6 +93,7 @@ func newProxyServer(
 	dbus = utildbus.New()
 	iptInterface = utiliptables.New(execer, dbus, protocol)
 	ipvsInterface = utilipvs.New(execer)
+	kernelHandler = ipvs.NewLinuxKernelHandler()
 	ipsetInterface = utilipset.New(execer)
 
 	// We omit creation of pretty much everything if we run in cleanup mode
@@ -133,7 +135,7 @@ func newProxyServer(
 	var serviceEventHandler proxyconfig.ServiceHandler
 	var endpointsEventHandler proxyconfig.EndpointsHandler
 
-	proxyMode := getProxyMode(string(config.Mode), iptInterface, ipsetInterface, iptables.LinuxKernelCompatTester{})
+	proxyMode := getProxyMode(string(config.Mode), iptInterface, kernelHandler, ipsetInterface, iptables.LinuxKernelCompatTester{})
 	if proxyMode == proxyModeIPTables {
 		glog.V(0).Info("Using iptables Proxier.")
 		nodeIP := net.ParseIP(config.BindAddress)
@@ -159,6 +161,7 @@ func newProxyServer(
 			nodeIP,
 			recorder,
 			healthzUpdater,
+			config.NodePortAddresses,
 		)
 		if err != nil {
 			return nil, fmt.Errorf("unable to create proxier: %v", err)
@@ -194,6 +197,7 @@ func newProxyServer(
 			recorder,
 			healthzServer,
 			config.IPVS.Scheduler,
+			config.NodePortAddresses,
 		)
 		if err != nil {
 			return nil, fmt.Errorf("unable to create proxier: %v", err)
@@ -224,6 +228,7 @@ func newProxyServer(
 			config.IPTables.SyncPeriod.Duration,
 			config.IPTables.MinSyncPeriod.Duration,
 			config.UDPIdleTimeout.Duration,
+			config.NodePortAddresses,
 		)
 		if err != nil {
 			return nil, fmt.Errorf("unable to create proxier: %v", err)
@@ -269,7 +274,7 @@ func newProxyServer(
 	}, nil
 }
 
-func getProxyMode(proxyMode string, iptver iptables.IPTablesVersioner, ipsetver ipvs.IPSetVersioner, kcompat iptables.KernelCompatTester) string {
+func getProxyMode(proxyMode string, iptver iptables.IPTablesVersioner, khandle ipvs.KernelHandler, ipsetver ipvs.IPSetVersioner, kcompat iptables.KernelCompatTester) string {
 	if proxyMode == proxyModeUserspace {
 		return proxyModeUserspace
 	}
@@ -280,7 +285,7 @@ func getProxyMode(proxyMode string, iptver iptables.IPTablesVersioner, ipsetver
 
 	if utilfeature.DefaultFeatureGate.Enabled(features.SupportIPVSProxyMode) {
 		if proxyMode == proxyModeIPVS {
-			return tryIPVSProxy(iptver, ipsetver, kcompat)
+			return tryIPVSProxy(iptver, khandle, ipsetver, kcompat)
 		} else {
 			glog.Warningf("Can't use ipvs proxier, trying iptables proxier")
 			return tryIPTablesProxy(iptver, kcompat)
@@ -290,10 +295,10 @@ func getProxyMode(proxyMode string, iptver iptables.IPTablesVersioner, ipsetver
 	return tryIPTablesProxy(iptver, kcompat)
 }
 
-func tryIPVSProxy(iptver iptables.IPTablesVersioner, ipsetver ipvs.IPSetVersioner, kcompat iptables.KernelCompatTester) string {
+func tryIPVSProxy(iptver iptables.IPTablesVersioner, khandle ipvs.KernelHandler, ipsetver ipvs.IPSetVersioner, kcompat iptables.KernelCompatTester) string {
 	// guaranteed false on error, error only necessary for debugging
-	// IPVS Proxier relies on ipset
-	useIPVSProxy, err := ipvs.CanUseIPVSProxier(ipsetver)
+	// IPVS Proxier relies on ip_vs_* kernel modules and ipset
+	useIPVSProxy, err := ipvs.CanUseIPVSProxier(khandle, ipsetver)
 	if err != nil {
 		// Try to fallback to iptables before falling back to userspace
 		utilruntime.HandleError(fmt.Errorf("can't determine whether to use ipvs proxy, error: %v", err))
diff --git a/vendor/k8s.io/kubernetes/plugin/cmd/kube-scheduler/app/BUILD b/vendor/k8s.io/kubernetes/cmd/kube-scheduler/app/BUILD
similarity index 82%
rename from vendor/k8s.io/kubernetes/plugin/cmd/kube-scheduler/app/BUILD
rename to vendor/k8s.io/kubernetes/cmd/kube-scheduler/app/BUILD
index 9de3152c18c2..98b42fbfff85 100644
--- a/vendor/k8s.io/kubernetes/plugin/cmd/kube-scheduler/app/BUILD
+++ b/vendor/k8s.io/kubernetes/cmd/kube-scheduler/app/BUILD
@@ -8,7 +8,7 @@ load(
 go_library(
     name = "go_default_library",
     srcs = ["server.go"],
-    importpath = "k8s.io/kubernetes/plugin/cmd/kube-scheduler/app",
+    importpath = "k8s.io/kubernetes/cmd/kube-scheduler/app",
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/componentconfig:go_default_library",
@@ -18,14 +18,15 @@ go_library(
         "//pkg/features:go_default_library",
         "//pkg/kubectl/cmd/util:go_default_library",
         "//pkg/master/ports:go_default_library",
+        "//pkg/scheduler:go_default_library",
+        "//pkg/scheduler/algorithmprovider:go_default_library",
+        "//pkg/scheduler/api:go_default_library",
+        "//pkg/scheduler/api/latest:go_default_library",
+        "//pkg/scheduler/factory:go_default_library",
         "//pkg/util/configz:go_default_library",
+        "//pkg/util/flag:go_default_library",
         "//pkg/version:go_default_library",
         "//pkg/version/verflag:go_default_library",
-        "//plugin/pkg/scheduler:go_default_library",
-        "//plugin/pkg/scheduler/algorithmprovider:go_default_library",
-        "//plugin/pkg/scheduler/api:go_default_library",
-        "//plugin/pkg/scheduler/api/latest:go_default_library",
-        "//plugin/pkg/scheduler/factory:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/prometheus/client_golang/prometheus:go_default_library",
         "//vendor/github.com/spf13/cobra:go_default_library",
@@ -35,8 +36,11 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/uuid:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server/healthz:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server/mux:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server/routes:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/client-go/informers:go_default_library",
         "//vendor/k8s.io/client-go/informers/core/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/cmd/kube-scheduler/app/server.go b/vendor/k8s.io/kubernetes/cmd/kube-scheduler/app/server.go
similarity index 82%
rename from vendor/k8s.io/kubernetes/plugin/cmd/kube-scheduler/app/server.go
rename to vendor/k8s.io/kubernetes/cmd/kube-scheduler/app/server.go
index a116da41faf3..bb8aa1b5afe2 100644
--- a/vendor/k8s.io/kubernetes/plugin/cmd/kube-scheduler/app/server.go
+++ b/vendor/k8s.io/kubernetes/cmd/kube-scheduler/app/server.go
@@ -23,7 +23,6 @@ import (
 	"io/ioutil"
 	"net"
 	"net/http"
-	"net/http/pprof"
 	"os"
 	"reflect"
 	goruntime "runtime"
@@ -35,8 +34,11 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/serializer"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
+	"k8s.io/apimachinery/pkg/util/uuid"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/apiserver/pkg/server/healthz"
+	"k8s.io/apiserver/pkg/server/mux"
+	"k8s.io/apiserver/pkg/server/routes"
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	"k8s.io/client-go/informers"
 	coreinformers "k8s.io/client-go/informers/core/v1"
@@ -57,21 +59,20 @@ import (
 	"k8s.io/kubernetes/pkg/features"
 	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
 	"k8s.io/kubernetes/pkg/master/ports"
+	"k8s.io/kubernetes/pkg/scheduler"
+	"k8s.io/kubernetes/pkg/scheduler/algorithmprovider"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	latestschedulerapi "k8s.io/kubernetes/pkg/scheduler/api/latest"
+	"k8s.io/kubernetes/pkg/scheduler/factory"
 	"k8s.io/kubernetes/pkg/util/configz"
+	utilflag "k8s.io/kubernetes/pkg/util/flag"
 	"k8s.io/kubernetes/pkg/version"
 	"k8s.io/kubernetes/pkg/version/verflag"
-	"k8s.io/kubernetes/plugin/pkg/scheduler"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	latestschedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api/latest"
-
-	"k8s.io/kubernetes/plugin/pkg/scheduler/factory"
 
 	"github.com/golang/glog"
+	"github.com/prometheus/client_golang/prometheus"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
-
-	"github.com/prometheus/client_golang/prometheus"
 )
 
 // SchedulerServer has all the context and params needed to run a Scheduler
@@ -103,36 +104,36 @@ type Options struct {
 }
 
 // AddFlags adds flags for a specific SchedulerServer to the specified FlagSet
-func AddFlags(options *Options, fs *pflag.FlagSet) {
-	fs.StringVar(&options.ConfigFile, "config", options.ConfigFile, "The path to the configuration file.")
+func (o *Options) AddFlags(fs *pflag.FlagSet) {
+	fs.StringVar(&o.ConfigFile, "config", o.ConfigFile, "The path to the configuration file.")
 
 	// All flags below here are deprecated and will eventually be removed.
 
-	fs.Int32Var(&options.healthzPort, "port", ports.SchedulerPort, "The port that the scheduler's http service runs on")
-	fs.StringVar(&options.healthzAddress, "address", options.healthzAddress, "The IP address to serve on (set to 0.0.0.0 for all interfaces)")
-	fs.StringVar(&options.algorithmProvider, "algorithm-provider", options.algorithmProvider, "The scheduling algorithm provider to use, one of: "+factory.ListAlgorithmProviders())
-	fs.StringVar(&options.policyConfigFile, "policy-config-file", options.policyConfigFile, "File with scheduler policy configuration. This file is used if policy ConfigMap is not provided or --use-legacy-policy-config==true")
+	fs.Int32Var(&o.healthzPort, "port", ports.SchedulerPort, "The port that the scheduler's http service runs on")
+	fs.StringVar(&o.healthzAddress, "address", o.healthzAddress, "The IP address to serve on (set to 0.0.0.0 for all IPv4 interfaces and :: for all IPv6 interfaces).")
+	fs.StringVar(&o.algorithmProvider, "algorithm-provider", o.algorithmProvider, "The scheduling algorithm provider to use, one of: "+factory.ListAlgorithmProviders())
+	fs.StringVar(&o.policyConfigFile, "policy-config-file", o.policyConfigFile, "File with scheduler policy configuration. This file is used if policy ConfigMap is not provided or --use-legacy-policy-config==true")
 	usage := fmt.Sprintf("Name of the ConfigMap object that contains scheduler's policy configuration. It must exist in the system namespace before scheduler initialization if --use-legacy-policy-config==false. The config must be provided as the value of an element in 'Data' map with the key='%v'", componentconfig.SchedulerPolicyConfigMapKey)
-	fs.StringVar(&options.policyConfigMapName, "policy-configmap", options.policyConfigMapName, usage)
-	fs.StringVar(&options.policyConfigMapNamespace, "policy-configmap-namespace", options.policyConfigMapNamespace, "The namespace where policy ConfigMap is located. The system namespace will be used if this is not provided or is empty.")
-	fs.BoolVar(&options.useLegacyPolicyConfig, "use-legacy-policy-config", false, "When set to true, scheduler will ignore policy ConfigMap and uses policy config file")
-	fs.BoolVar(&options.config.EnableProfiling, "profiling", options.config.EnableProfiling, "Enable profiling via web interface host:port/debug/pprof/")
-	fs.BoolVar(&options.config.EnableContentionProfiling, "contention-profiling", options.config.EnableContentionProfiling, "Enable lock contention profiling, if profiling is enabled")
-	fs.StringVar(&options.master, "master", options.master, "The address of the Kubernetes API server (overrides any value in kubeconfig)")
-	fs.StringVar(&options.config.ClientConnection.KubeConfigFile, "kubeconfig", options.config.ClientConnection.KubeConfigFile, "Path to kubeconfig file with authorization and master location information.")
-	fs.StringVar(&options.config.ClientConnection.ContentType, "kube-api-content-type", options.config.ClientConnection.ContentType, "Content type of requests sent to apiserver.")
-	fs.Float32Var(&options.config.ClientConnection.QPS, "kube-api-qps", options.config.ClientConnection.QPS, "QPS to use while talking with kubernetes apiserver")
-	fs.Int32Var(&options.config.ClientConnection.Burst, "kube-api-burst", options.config.ClientConnection.Burst, "Burst to use while talking with kubernetes apiserver")
-	fs.StringVar(&options.config.SchedulerName, "scheduler-name", options.config.SchedulerName, "Name of the scheduler, used to select which pods will be processed by this scheduler, based on pod's \"spec.SchedulerName\".")
-	fs.StringVar(&options.config.LeaderElection.LockObjectNamespace, "lock-object-namespace", options.config.LeaderElection.LockObjectNamespace, "Define the namespace of the lock object.")
-	fs.StringVar(&options.config.LeaderElection.LockObjectName, "lock-object-name", options.config.LeaderElection.LockObjectName, "Define the name of the lock object.")
-	fs.Int32Var(&options.config.HardPodAffinitySymmetricWeight, "hard-pod-affinity-symmetric-weight", options.config.HardPodAffinitySymmetricWeight,
+	fs.StringVar(&o.policyConfigMapName, "policy-configmap", o.policyConfigMapName, usage)
+	fs.StringVar(&o.policyConfigMapNamespace, "policy-configmap-namespace", o.policyConfigMapNamespace, "The namespace where policy ConfigMap is located. The system namespace will be used if this is not provided or is empty.")
+	fs.BoolVar(&o.useLegacyPolicyConfig, "use-legacy-policy-config", false, "When set to true, scheduler will ignore policy ConfigMap and uses policy config file")
+	fs.BoolVar(&o.config.EnableProfiling, "profiling", o.config.EnableProfiling, "Enable profiling via web interface host:port/debug/pprof/")
+	fs.BoolVar(&o.config.EnableContentionProfiling, "contention-profiling", o.config.EnableContentionProfiling, "Enable lock contention profiling, if profiling is enabled")
+	fs.StringVar(&o.master, "master", o.master, "The address of the Kubernetes API server (overrides any value in kubeconfig)")
+	fs.StringVar(&o.config.ClientConnection.KubeConfigFile, "kubeconfig", o.config.ClientConnection.KubeConfigFile, "Path to kubeconfig file with authorization and master location information.")
+	fs.StringVar(&o.config.ClientConnection.ContentType, "kube-api-content-type", o.config.ClientConnection.ContentType, "Content type of requests sent to apiserver.")
+	fs.Float32Var(&o.config.ClientConnection.QPS, "kube-api-qps", o.config.ClientConnection.QPS, "QPS to use while talking with kubernetes apiserver")
+	fs.Int32Var(&o.config.ClientConnection.Burst, "kube-api-burst", o.config.ClientConnection.Burst, "Burst to use while talking with kubernetes apiserver")
+	fs.StringVar(&o.config.SchedulerName, "scheduler-name", o.config.SchedulerName, "Name of the scheduler, used to select which pods will be processed by this scheduler, based on pod's \"spec.SchedulerName\".")
+	fs.StringVar(&o.config.LeaderElection.LockObjectNamespace, "lock-object-namespace", o.config.LeaderElection.LockObjectNamespace, "Define the namespace of the lock object.")
+	fs.StringVar(&o.config.LeaderElection.LockObjectName, "lock-object-name", o.config.LeaderElection.LockObjectName, "Define the name of the lock object.")
+	fs.Int32Var(&o.config.HardPodAffinitySymmetricWeight, "hard-pod-affinity-symmetric-weight", o.config.HardPodAffinitySymmetricWeight,
 		"RequiredDuringScheduling affinity is not symmetric, but there is an implicit PreferredDuringScheduling affinity rule corresponding "+
 			"to every RequiredDuringScheduling affinity rule. --hard-pod-affinity-symmetric-weight represents the weight of implicit PreferredDuringScheduling affinity rule.")
 	fs.MarkDeprecated("hard-pod-affinity-symmetric-weight", "This option was moved to the policy configuration file")
-	fs.StringVar(&options.config.FailureDomains, "failure-domains", options.config.FailureDomains, "Indicate the \"all topologies\" set for an empty topologyKey when it's used for PreferredDuringScheduling pod anti-affinity.")
+	fs.StringVar(&o.config.FailureDomains, "failure-domains", o.config.FailureDomains, "Indicate the \"all topologies\" set for an empty topologyKey when it's used for PreferredDuringScheduling pod anti-affinity.")
 	fs.MarkDeprecated("failure-domains", "Doesn't have any effect. Will be removed in future version.")
-	leaderelectionconfig.BindFlags(&options.config.LeaderElection.LeaderElectionConfiguration, fs)
+	leaderelectionconfig.BindFlags(&o.config.LeaderElection.LeaderElectionConfiguration, fs)
 	utilfeature.DefaultFeatureGate.AddFlag(fs)
 }
 
@@ -151,12 +152,15 @@ func NewOptions() (*Options, error) {
 		return nil, err
 	}
 
+	// TODO: we should fix this up better (PR 59732)
+	o.config.LeaderElection.LeaderElect = true
+
 	return o, nil
 }
 
 func (o *Options) Complete() error {
 	if len(o.ConfigFile) == 0 {
-		glog.Warning("WARNING: all flags than --config are deprecated. Please begin using a config file ASAP.")
+		glog.Warning("WARNING: all flags other than --config are deprecated. Please begin using a config file ASAP.")
 		o.applyDeprecatedHealthzAddressToConfig()
 		o.applyDeprecatedHealthzPortToConfig()
 		o.applyDeprecatedAlgorithmSourceOptionsToConfig()
@@ -195,6 +199,7 @@ func (o *Options) applyDeprecatedHealthzAddressToConfig() {
 func (o *Options) applyDeprecatedHealthzPortToConfig() {
 	if o.healthzPort == -1 {
 		o.config.HealthzBindAddress = ""
+		o.config.MetricsBindAddress = ""
 		return
 	}
 
@@ -214,7 +219,7 @@ func (o *Options) applyDeprecatedHealthzPortToConfig() {
 // 3. --algorithm-provider to use a named algorithm provider.
 func (o *Options) applyDeprecatedAlgorithmSourceOptionsToConfig() {
 	switch {
-	case o.useLegacyPolicyConfig:
+	case o.useLegacyPolicyConfig || (len(o.policyConfigFile) > 0 && o.policyConfigMapName == ""):
 		o.config.AlgorithmSource = componentconfig.SchedulerAlgorithmSource{
 			Policy: &componentconfig.SchedulerPolicySource{
 				File: &componentconfig.SchedulerPolicyFileSource{
@@ -331,6 +336,8 @@ interference, deadlines, and so on. Workload-specific requirements will be expos
 through the API as necessary.`,
 		Run: func(cmd *cobra.Command, args []string) {
 			verflag.PrintAndExitIfRequested()
+			utilflag.PrintFlags(cmd.Flags())
+
 			cmdutil.CheckErr(opts.Complete())
 			cmdutil.CheckErr(opts.Validate(args))
 			cmdutil.CheckErr(opts.Run())
@@ -342,9 +349,7 @@ through the API as necessary.`,
 		glog.Fatalf("unable to apply config defaults: %v", err)
 	}
 
-	flags := cmd.Flags()
-	AddFlags(opts, flags)
-
+	opts.AddFlags(cmd.Flags())
 	cmd.MarkFlagFilename("config", "yaml", "yml", "json")
 
 	return cmd
@@ -377,10 +382,13 @@ func NewSchedulerServer(config *componentconfig.KubeSchedulerConfiguration, mast
 	}
 
 	// Configz registration.
-	if c, err := configz.New("componentconfig"); err == nil {
-		c.Set(config)
-	} else {
-		glog.Warningf("unable to register configz: %s", err)
+	// only register if we're actually exposing it somewhere
+	if len(config.MetricsBindAddress) > 0 || len(config.HealthzBindAddress) > 0 {
+		if c, err := configz.New("componentconfig"); err == nil {
+			c.Set(config)
+		} else {
+			glog.Warningf("unable to register configz: %s", err)
+		}
 	}
 
 	// Prepare some Kube clients.
@@ -405,7 +413,7 @@ func NewSchedulerServer(config *componentconfig.KubeSchedulerConfiguration, mast
 	// Prepare a healthz server. If the metrics bind address is the same as the
 	// healthz bind address, consolidate the servers into one.
 	var healthzServer *http.Server
-	if len(config.HealthzBindAddress) != 0 {
+	if len(config.HealthzBindAddress) > 0 {
 		healthzServer = makeHealthzServer(config)
 	}
 
@@ -439,13 +447,15 @@ func makeLeaderElectionConfig(config componentconfig.KubeSchedulerLeaderElection
 	if err != nil {
 		return nil, fmt.Errorf("unable to get hostname: %v", err)
 	}
+	// add a uniquifier so that two processes on the same host don't accidentally both become active
+	id := hostname + "_" + string(uuid.NewUUID())
 
 	rl, err := resourcelock.New(config.ResourceLock,
 		config.LockObjectNamespace,
 		config.LockObjectName,
 		client.CoreV1(),
 		resourcelock.ResourceLockConfig{
-			Identity:      hostname,
+			Identity:      id,
 			EventRecorder: recorder,
 		})
 	if err != nil {
@@ -464,17 +474,14 @@ func makeLeaderElectionConfig(config componentconfig.KubeSchedulerLeaderElection
 // embed the metrics handler if the healthz and metrics address configurations
 // are the same.
 func makeHealthzServer(config *componentconfig.KubeSchedulerConfiguration) *http.Server {
-	mux := http.NewServeMux()
+	mux := mux.NewPathRecorderMux("kube-scheduler")
 	healthz.InstallHandler(mux)
 	if config.HealthzBindAddress == config.MetricsBindAddress {
 		configz.InstallHandler(mux)
 		mux.Handle("/metrics", prometheus.Handler())
 	}
 	if config.EnableProfiling {
-		mux.HandleFunc("/debug/pprof/", pprof.Index)
-		mux.HandleFunc("/debug/pprof/profile", pprof.Profile)
-		mux.HandleFunc("/debug/pprof/symbol", pprof.Symbol)
-		mux.HandleFunc("/debug/pprof/trace", pprof.Trace)
+		routes.Profiling{}.Install(mux)
 		if config.EnableContentionProfiling {
 			goruntime.SetBlockProfileRate(1)
 		}
@@ -487,14 +494,11 @@ func makeHealthzServer(config *componentconfig.KubeSchedulerConfiguration) *http
 
 // makeMetricsServer builds a metrics server from the config.
 func makeMetricsServer(config *componentconfig.KubeSchedulerConfiguration) *http.Server {
-	mux := http.NewServeMux()
+	mux := mux.NewPathRecorderMux("kube-scheduler")
 	configz.InstallHandler(mux)
 	mux.Handle("/metrics", prometheus.Handler())
 	if config.EnableProfiling {
-		mux.HandleFunc("/debug/pprof/", pprof.Index)
-		mux.HandleFunc("/debug/pprof/profile", pprof.Profile)
-		mux.HandleFunc("/debug/pprof/symbol", pprof.Symbol)
-		mux.HandleFunc("/debug/pprof/trace", pprof.Trace)
+		routes.Profiling{}.Install(mux)
 		if config.EnableContentionProfiling {
 			goruntime.SetBlockProfileRate(1)
 		}
diff --git a/vendor/k8s.io/kubernetes/cmd/kubeadm/app/constants/BUILD b/vendor/k8s.io/kubernetes/cmd/kubeadm/app/constants/BUILD
index c1a584258ea9..d700faa050ad 100644
--- a/vendor/k8s.io/kubernetes/cmd/kubeadm/app/constants/BUILD
+++ b/vendor/k8s.io/kubernetes/cmd/kubeadm/app/constants/BUILD
@@ -14,6 +14,7 @@ go_library(
         "//pkg/registry/core/service/ipallocator:go_default_library",
         "//pkg/util/version:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/client-go/tools/bootstrap/token/api:go_default_library",
     ],
 )
 
@@ -33,7 +34,6 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["constants_test.go"],
-    importpath = "k8s.io/kubernetes/cmd/kubeadm/app/constants",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//pkg/util/version:go_default_library"],
 )
diff --git a/vendor/k8s.io/kubernetes/cmd/kubeadm/app/constants/constants.go b/vendor/k8s.io/kubernetes/cmd/kubeadm/app/constants/constants.go
index a3fee74a1b14..023cd91e79ef 100644
--- a/vendor/k8s.io/kubernetes/cmd/kubeadm/app/constants/constants.go
+++ b/vendor/k8s.io/kubernetes/cmd/kubeadm/app/constants/constants.go
@@ -25,6 +25,7 @@ import (
 	"time"
 
 	"k8s.io/api/core/v1"
+	bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
 	"k8s.io/kubernetes/pkg/registry/core/service/ipallocator"
 	"k8s.io/kubernetes/pkg/util/version"
 )
@@ -64,6 +65,49 @@ const (
 	// APIServerKubeletClientCertCommonName defines kubelet client certificate common name (CN)
 	APIServerKubeletClientCertCommonName = "kube-apiserver-kubelet-client"
 
+	// EtcdCACertAndKeyBaseName defines etcd's CA certificate and key base name
+	EtcdCACertAndKeyBaseName = "etcd/ca"
+	// EtcdCACertName defines etcd's CA certificate name
+	EtcdCACertName = "etcd/ca.crt"
+	// EtcdCAKeyName defines etcd's CA key name
+	EtcdCAKeyName = "etcd/ca.key"
+
+	// EtcdServerCertAndKeyBaseName defines etcd's server certificate and key base name
+	EtcdServerCertAndKeyBaseName = "etcd/server"
+	// EtcdServerCertName defines etcd's server certificate name
+	EtcdServerCertName = "etcd/server.crt"
+	// EtcdServerKeyName defines etcd's server key name
+	EtcdServerKeyName = "etcd/server.key"
+	// EtcdServerCertCommonName defines etcd's server certificate common name (CN)
+	EtcdServerCertCommonName = "kube-etcd"
+
+	// EtcdPeerCertAndKeyBaseName defines etcd's peer certificate and key base name
+	EtcdPeerCertAndKeyBaseName = "etcd/peer"
+	// EtcdPeerCertName defines etcd's peer certificate name
+	EtcdPeerCertName = "etcd/peer.crt"
+	// EtcdPeerKeyName defines etcd's peer key name
+	EtcdPeerKeyName = "etcd/peer.key"
+	// EtcdPeerCertCommonName defines etcd's peer certificate common name (CN)
+	EtcdPeerCertCommonName = "kube-etcd-peer"
+
+	// EtcdHealthcheckClientCertAndKeyBaseName defines etcd's healthcheck client certificate and key base name
+	EtcdHealthcheckClientCertAndKeyBaseName = "etcd/healthcheck-client"
+	// EtcdHealthcheckClientCertName defines etcd's healthcheck client certificate name
+	EtcdHealthcheckClientCertName = "etcd/healthcheck-client.crt"
+	// EtcdHealthcheckClientKeyName defines etcd's healthcheck client key name
+	EtcdHealthcheckClientKeyName = "etcd/healthcheck-client.key"
+	// EtcdHealthcheckClientCertCommonName defines etcd's healthcheck client certificate common name (CN)
+	EtcdHealthcheckClientCertCommonName = "kube-etcd-healthcheck-client"
+
+	// APIServerEtcdClientCertAndKeyBaseName defines apiserver's etcd client certificate and key base name
+	APIServerEtcdClientCertAndKeyBaseName = "apiserver-etcd-client"
+	// APIServerEtcdClientCertName defines apiserver's etcd client certificate name
+	APIServerEtcdClientCertName = "apiserver-etcd-client.crt"
+	// APIServerEtcdClientKeyName defines apiserver's etcd client key name
+	APIServerEtcdClientKeyName = "apiserver-etcd-client.key"
+	// APIServerEtcdClientCertCommonName defines apiserver's etcd client certificate common name (CN)
+	APIServerEtcdClientCertCommonName = "kube-apiserver-etcd-client"
+
 	// ServiceAccountKeyBaseName defines SA key base name
 	ServiceAccountKeyBaseName = "sa"
 	// ServiceAccountPublicKeyName defines SA public key base name
@@ -164,10 +208,10 @@ const (
 	KubeletBaseConfigurationFile = "kubelet"
 
 	// MinExternalEtcdVersion indicates minimum external etcd version which kubeadm supports
-	MinExternalEtcdVersion = "3.0.14"
+	MinExternalEtcdVersion = "3.1.12"
 
 	// DefaultEtcdVersion indicates the default etcd version that kubeadm uses
-	DefaultEtcdVersion = "3.1.11"
+	DefaultEtcdVersion = "3.1.12"
 
 	// Etcd defines variable used internally when referring to etcd component
 	Etcd = "etcd"
@@ -199,6 +243,22 @@ const (
 	CoreDNS = "coredns"
 	// KubeDNS defines a variable used internally when referring to the kube-dns addon for a cluster
 	KubeDNS = "kube-dns"
+
+	// CRICtlPackage defines the go package that installs crictl
+	CRICtlPackage = "github.com/kubernetes-incubator/cri-tools/cmd/crictl"
+
+	// KubeAuditPolicyVolumeName is the name of the volume that will contain the audit policy
+	KubeAuditPolicyVolumeName = "audit"
+	// AuditPolicyDir is the directory that will contain the audit policy
+	AuditPolicyDir = "audit"
+	// AuditPolicyFile is the name of the audit policy file itself
+	AuditPolicyFile = "audit.yaml"
+	// AuditPolicyLogFile is the name of the file audit logs get written to
+	AuditPolicyLogFile = "audit.log"
+	// KubeAuditPolicyLogVolumeName is the name of the volume that will contain the audit logs
+	KubeAuditPolicyLogVolumeName = "audit-log"
+	// StaticPodAuditPolicyLogDir is the name of the directory in the static pod that will have the audit logs
+	StaticPodAuditPolicyLogDir = "/var/log/kubernetes/audit"
 )
 
 var (
@@ -220,25 +280,25 @@ var (
 	AuthorizationWebhookConfigPath = filepath.Join(KubernetesDir, "webhook_authz.conf")
 
 	// DefaultTokenUsages specifies the default functions a token will get
-	DefaultTokenUsages = []string{"signing", "authentication"}
+	DefaultTokenUsages = bootstrapapi.KnownTokenUsages
+
+	// DefaultTokenGroups specifies the default groups that this token will authenticate as when used for authentication
+	DefaultTokenGroups = []string{NodeBootstrapTokenAuthGroup}
 
 	// MasterComponents defines the master component names
 	MasterComponents = []string{KubeAPIServer, KubeControllerManager, KubeScheduler}
 
 	// MinimumControlPlaneVersion specifies the minimum control plane version kubeadm can deploy
-	MinimumControlPlaneVersion = version.MustParseSemantic("v1.8.0")
+	MinimumControlPlaneVersion = version.MustParseSemantic("v1.9.0")
 
 	// MinimumKubeletVersion specifies the minimum version of kubelet which kubeadm supports
-	MinimumKubeletVersion = version.MustParseSemantic("v1.8.0")
-
-	// MinimumKubeProxyComponentConfigVersion specifies the minimum version for the kubeProxyComponent
-	MinimumKubeProxyComponentConfigVersion = version.MustParseSemantic("v1.9.0-alpha.3")
+	MinimumKubeletVersion = version.MustParseSemantic("v1.9.0")
 
 	// SupportedEtcdVersion lists officially supported etcd versions with corresponding kubernetes releases
 	SupportedEtcdVersion = map[uint8]string{
-		8:  "3.0.17",
-		9:  "3.1.11",
-		10: "3.1.11",
+		9:  "3.1.12",
+		10: "3.1.12",
+		11: "3.1.12",
 	}
 )
 
@@ -310,3 +370,8 @@ func GetDNSIP(svcSubnet string) (net.IP, error) {
 
 	return dnsIP, nil
 }
+
+// GetStaticPodAuditPolicyFile returns the path to the audit policy file within a static pod
+func GetStaticPodAuditPolicyFile() string {
+	return filepath.Join(KubernetesDir, AuditPolicyDir, AuditPolicyFile)
+}
diff --git a/vendor/k8s.io/kubernetes/cmd/kubelet/app/BUILD b/vendor/k8s.io/kubernetes/cmd/kubelet/app/BUILD
index c7e482f49ea8..cbfb90ff1348 100644
--- a/vendor/k8s.io/kubernetes/cmd/kubelet/app/BUILD
+++ b/vendor/k8s.io/kubernetes/cmd/kubelet/app/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["server_test.go"],
-    importpath = "k8s.io/kubernetes/cmd/kubelet/app",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
@@ -19,11 +18,51 @@ go_library(
         "auth.go",
         "plugins.go",
         "server.go",
-        "server_unsupported.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "init_others.go",
+            "server_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "init_others.go",
+            "server_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "init_others.go",
+            "server_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "init_others.go",
+            "server_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "init_others.go",
             "server_linux.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "init_others.go",
+            "server_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "init_others.go",
+            "server_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "init_others.go",
+            "server_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "init_others.go",
+            "server_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "init_others.go",
+            "server_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "init_windows.go",
+            "server_unsupported.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/cmd/kubelet/app",
@@ -44,7 +83,7 @@ go_library(
         "//pkg/kubelet:go_default_library",
         "//pkg/kubelet/apis/kubeletconfig:go_default_library",
         "//pkg/kubelet/apis/kubeletconfig/scheme:go_default_library",
-        "//pkg/kubelet/apis/kubeletconfig/v1alpha1:go_default_library",
+        "//pkg/kubelet/apis/kubeletconfig/v1beta1:go_default_library",
         "//pkg/kubelet/cadvisor:go_default_library",
         "//pkg/kubelet/certificate:go_default_library",
         "//pkg/kubelet/certificate/bootstrap:go_default_library",
@@ -56,6 +95,7 @@ go_library(
         "//pkg/kubelet/eviction:go_default_library",
         "//pkg/kubelet/eviction/api:go_default_library",
         "//pkg/kubelet/kubeletconfig:go_default_library",
+        "//pkg/kubelet/kubeletconfig/configfiles:go_default_library",
         "//pkg/kubelet/network:go_default_library",
         "//pkg/kubelet/network/cni:go_default_library",
         "//pkg/kubelet/network/kubenet:go_default_library",
@@ -63,6 +103,8 @@ go_library(
         "//pkg/kubelet/server/streaming:go_default_library",
         "//pkg/kubelet/types:go_default_library",
         "//pkg/util/configz:go_default_library",
+        "//pkg/util/filesystem:go_default_library",
+        "//pkg/util/flag:go_default_library",
         "//pkg/util/flock:go_default_library",
         "//pkg/util/io:go_default_library",
         "//pkg/util/mount:go_default_library",
@@ -70,6 +112,7 @@ go_library(
         "//pkg/util/oom:go_default_library",
         "//pkg/util/rlimit:go_default_library",
         "//pkg/version:go_default_library",
+        "//pkg/version/verflag:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/aws_ebs:go_default_library",
         "//pkg/volume/azure_dd:go_default_library",
@@ -99,6 +142,7 @@ go_library(
         "//pkg/volume/secret:go_default_library",
         "//pkg/volume/storageos:go_default_library",
         "//pkg/volume/vsphere_volume:go_default_library",
+        "//vendor/github.com/coreos/go-systemd/daemon:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/spf13/cobra:go_default_library",
         "//vendor/github.com/spf13/pflag:go_default_library",
@@ -126,9 +170,12 @@ go_library(
         "//vendor/k8s.io/client-go/util/cert:go_default_library",
         "//vendor/k8s.io/client-go/util/certificate:go_default_library",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/golang.org/x/exp/inotify:go_default_library",
         ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "//pkg/windows/service:go_default_library",
+        ],
         "//conditions:default": [],
     }),
 )
diff --git a/vendor/k8s.io/kubernetes/cmd/kubelet/app/init_others.go b/vendor/k8s.io/kubernetes/cmd/kubelet/app/init_others.go
new file mode 100644
index 000000000000..4b19ac91b288
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/cmd/kubelet/app/init_others.go
@@ -0,0 +1,23 @@
+// +build !windows
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package app
+
+func initForOS(service bool) error {
+	return nil
+}
diff --git a/vendor/k8s.io/kubernetes/cmd/kubelet/app/init_windows.go b/vendor/k8s.io/kubernetes/cmd/kubelet/app/init_windows.go
new file mode 100644
index 000000000000..a2da4cf04985
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/cmd/kubelet/app/init_windows.go
@@ -0,0 +1,34 @@
+// +build windows
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package app
+
+import (
+	"k8s.io/kubernetes/pkg/windows/service"
+)
+
+const (
+	serviceName = "kubelet"
+)
+
+func initForOS(windowsService bool) error {
+	if windowsService {
+		return service.InitService(serviceName)
+	}
+	return nil
+}
diff --git a/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/BUILD b/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/BUILD
index 846d42e9c453..db6e6a9a865c 100644
--- a/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/BUILD
+++ b/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/BUILD
@@ -10,25 +10,90 @@ go_library(
     name = "go_default_library",
     srcs = [
         "container_runtime.go",
+        "globalflags.go",
         "options.go",
-    ],
+    ] + select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "globalflags_other.go",
+            "osflags_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "globalflags_other.go",
+            "osflags_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "globalflags_other.go",
+            "osflags_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "globalflags_other.go",
+            "osflags_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "globalflags_linux.go",
+            "osflags_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "globalflags_other.go",
+            "osflags_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "globalflags_other.go",
+            "osflags_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "globalflags_other.go",
+            "osflags_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "globalflags_other.go",
+            "osflags_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "globalflags_other.go",
+            "osflags_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "globalflags_other.go",
+            "osflags_windows.go",
+        ],
+        "//conditions:default": [],
+    }),
     importpath = "k8s.io/kubernetes/cmd/kubelet/app/options",
     deps = [
         "//pkg/apis/componentconfig:go_default_library",
         "//pkg/apis/core:go_default_library",
+        "//pkg/credentialprovider/azure:go_default_library",
+        "//pkg/credentialprovider/gcp:go_default_library",
         "//pkg/features:go_default_library",
         "//pkg/kubelet/apis/kubeletconfig:go_default_library",
         "//pkg/kubelet/apis/kubeletconfig/scheme:go_default_library",
-        "//pkg/kubelet/apis/kubeletconfig/v1alpha1:go_default_library",
+        "//pkg/kubelet/apis/kubeletconfig/v1beta1:go_default_library",
         "//pkg/kubelet/apis/kubeletconfig/validation:go_default_library",
         "//pkg/kubelet/config:go_default_library",
         "//pkg/kubelet/types:go_default_library",
+        "//pkg/master/ports:go_default_library",
         "//pkg/util/taints:go_default_library",
+        "//pkg/version/verflag:go_default_library",
+        "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/spf13/pflag:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/validation:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/flag:go_default_library",
-    ],
+        "//vendor/k8s.io/apiserver/pkg/util/logs:go_default_library",
+    ] + select({
+        "@io_bazel_rules_go//go/platform:linux": [
+            "//vendor/github.com/google/cadvisor/container/common:go_default_library",
+            "//vendor/github.com/google/cadvisor/container/containerd:go_default_library",
+            "//vendor/github.com/google/cadvisor/container/docker:go_default_library",
+            "//vendor/github.com/google/cadvisor/container/raw:go_default_library",
+            "//vendor/github.com/google/cadvisor/machine:go_default_library",
+            "//vendor/github.com/google/cadvisor/manager:go_default_library",
+            "//vendor/github.com/google/cadvisor/storage:go_default_library",
+        ],
+        "//conditions:default": [],
+    }),
 )
 
 filegroup(
@@ -47,8 +112,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["options_test.go"],
-    importpath = "k8s.io/kubernetes/cmd/kubelet/app/options",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/spf13/pflag:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/diff:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/container_runtime.go b/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/container_runtime.go
index d1174ea044c2..4225e8dd5073 100644
--- a/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/container_runtime.go
+++ b/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/container_runtime.go
@@ -27,8 +27,8 @@ import (
 
 const (
 	// When these values are updated, also update test/e2e/framework/util.go
-	defaultPodSandboxImageName    = "gcr.io/google_containers/pause"
-	defaultPodSandboxImageVersion = "3.0"
+	defaultPodSandboxImageName    = "k8s.gcr.io/pause"
+	defaultPodSandboxImageVersion = "3.1"
 	// From pkg/kubelet/rkt/rkt.go to avoid circular import
 	defaultRktAPIServiceEndpoint = "localhost:15441"
 )
diff --git a/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/globalflags.go b/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/globalflags.go
new file mode 100644
index 000000000000..d088245ef788
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/globalflags.go
@@ -0,0 +1,118 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package options
+
+import (
+	"flag"
+	"fmt"
+	"os"
+	"strings"
+
+	"github.com/spf13/pflag"
+
+	// libs that provide registration functions
+	"k8s.io/apiserver/pkg/util/logs"
+	"k8s.io/kubernetes/pkg/version/verflag"
+
+	// ensure libs have a chance to globally register their flags
+	_ "github.com/golang/glog"
+	_ "k8s.io/kubernetes/pkg/credentialprovider/azure"
+	_ "k8s.io/kubernetes/pkg/credentialprovider/gcp"
+)
+
+// AddGlobalFlags explicitly registers flags that libraries (glog, verflag, etc.) register
+// against the global flagsets from "flag" and "github.com/spf13/pflag".
+// We do this in order to prevent unwanted flags from leaking into the Kubelet's flagset.
+func AddGlobalFlags(fs *pflag.FlagSet) {
+	addGlogFlags(fs)
+	addCadvisorFlags(fs)
+	addCredentialProviderFlags(fs)
+	verflag.AddFlags(fs)
+	logs.AddFlags(fs)
+}
+
+// normalize replaces underscores with hyphens
+// we should always use hyphens instead of underscores when registering kubelet flags
+func normalize(s string) string {
+	return strings.Replace(s, "_", "-", -1)
+}
+
+// register adds a flag to local that targets the Value associated with the Flag named globalName in global
+func register(global *flag.FlagSet, local *pflag.FlagSet, globalName string) {
+	if f := global.Lookup(globalName); f != nil {
+		pflagFlag := pflag.PFlagFromGoFlag(f)
+		pflagFlag.Name = normalize(pflagFlag.Name)
+		local.AddFlag(pflagFlag)
+	} else {
+		panic(fmt.Sprintf("failed to find flag in global flagset (flag): %s", globalName))
+	}
+}
+
+// pflagRegister adds a flag to local that targets the Value associated with the Flag named globalName in global
+func pflagRegister(global, local *pflag.FlagSet, globalName string) {
+	if f := global.Lookup(globalName); f != nil {
+		f.Name = normalize(f.Name)
+		local.AddFlag(f)
+	} else {
+		panic(fmt.Sprintf("failed to find flag in global flagset (pflag): %s", globalName))
+	}
+}
+
+// registerDeprecated registers the flag with register, and then marks it deprecated
+func registerDeprecated(global *flag.FlagSet, local *pflag.FlagSet, globalName, deprecated string) {
+	register(global, local, globalName)
+	local.Lookup(normalize(globalName)).Deprecated = deprecated
+}
+
+// pflagRegisterDeprecated registers the flag with pflagRegister, and then marks it deprecated
+func pflagRegisterDeprecated(global, local *pflag.FlagSet, globalName, deprecated string) {
+	pflagRegister(global, local, globalName)
+	local.Lookup(normalize(globalName)).Deprecated = deprecated
+}
+
+// addCredentialProviderFlags adds flags from k8s.io/kubernetes/pkg/credentialprovider
+func addCredentialProviderFlags(fs *pflag.FlagSet) {
+	// lookup flags in global flag set and re-register the values with our flagset
+	global := pflag.CommandLine
+	local := pflag.NewFlagSet(os.Args[0], pflag.ExitOnError)
+
+	// Note this is deprecated in the library that provides it, so we just allow that deprecation
+	// notice to pass through our registration here.
+	pflagRegister(global, local, "google-json-key")
+	// TODO(#58034): This is not a static file, so it's not quite as straightforward as --google-json-key.
+	// We need to figure out how ACR users can dynamically provide pull credentials before we can deprecate this.
+	pflagRegister(global, local, "azure-container-registry-config")
+
+	fs.AddFlagSet(local)
+}
+
+// addGlogFlags adds flags from github.com/golang/glog
+func addGlogFlags(fs *pflag.FlagSet) {
+	// lookup flags in global flag set and re-register the values with our flagset
+	global := flag.CommandLine
+	local := pflag.NewFlagSet(os.Args[0], pflag.ExitOnError)
+
+	register(global, local, "logtostderr")
+	register(global, local, "alsologtostderr")
+	register(global, local, "v")
+	register(global, local, "stderrthreshold")
+	register(global, local, "vmodule")
+	register(global, local, "log_backtrace_at")
+	register(global, local, "log_dir")
+
+	fs.AddFlagSet(local)
+}
diff --git a/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/globalflags_linux.go b/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/globalflags_linux.go
new file mode 100644
index 000000000000..999119215222
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/globalflags_linux.go
@@ -0,0 +1,79 @@
+// +build linux
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package options
+
+import (
+	"flag"
+	"os"
+
+	"github.com/spf13/pflag"
+
+	// ensure libs have a chance to globally register their flags
+	_ "github.com/google/cadvisor/container/common"
+	_ "github.com/google/cadvisor/container/containerd"
+	_ "github.com/google/cadvisor/container/docker"
+	_ "github.com/google/cadvisor/container/raw"
+	_ "github.com/google/cadvisor/machine"
+	_ "github.com/google/cadvisor/manager"
+	_ "github.com/google/cadvisor/storage"
+)
+
+// addCadvisorFlags adds flags from cadvisor
+func addCadvisorFlags(fs *pflag.FlagSet) {
+	// lookup flags in global flag set and re-register the values with our flagset
+	global := flag.CommandLine
+	local := pflag.NewFlagSet(os.Args[0], pflag.ExitOnError)
+
+	// These flags were also implicit from cadvisor, but are actually used by something in the core repo:
+	// TODO(mtaufen): This one is stil used by our salt, but for heaven's sake it's even deprecated in cadvisor
+	register(global, local, "docker_root")
+	// e2e node tests rely on this
+	register(global, local, "housekeeping_interval")
+
+	// These flags were implicit from cadvisor, and are mistakes that should be registered deprecated:
+	const deprecated = "This is a cadvisor flag that was mistakenly registered with the Kubelet. Due to legacy concerns, it will follow the standard CLI deprecation timeline before being removed."
+
+	registerDeprecated(global, local, "application_metrics_count_limit", deprecated)
+	registerDeprecated(global, local, "boot_id_file", deprecated)
+	registerDeprecated(global, local, "container_hints", deprecated)
+	registerDeprecated(global, local, "containerd", deprecated)
+	registerDeprecated(global, local, "docker", deprecated)
+	registerDeprecated(global, local, "docker_env_metadata_whitelist", deprecated)
+	registerDeprecated(global, local, "docker_only", deprecated)
+	registerDeprecated(global, local, "docker-tls", deprecated)
+	registerDeprecated(global, local, "docker-tls-ca", deprecated)
+	registerDeprecated(global, local, "docker-tls-cert", deprecated)
+	registerDeprecated(global, local, "docker-tls-key", deprecated)
+	registerDeprecated(global, local, "enable_load_reader", deprecated)
+	registerDeprecated(global, local, "event_storage_age_limit", deprecated)
+	registerDeprecated(global, local, "event_storage_event_limit", deprecated)
+	registerDeprecated(global, local, "global_housekeeping_interval", deprecated)
+	registerDeprecated(global, local, "log_cadvisor_usage", deprecated)
+	registerDeprecated(global, local, "machine_id_file", deprecated)
+	registerDeprecated(global, local, "storage_driver_user", deprecated)
+	registerDeprecated(global, local, "storage_driver_password", deprecated)
+	registerDeprecated(global, local, "storage_driver_host", deprecated)
+	registerDeprecated(global, local, "storage_driver_db", deprecated)
+	registerDeprecated(global, local, "storage_driver_table", deprecated)
+	registerDeprecated(global, local, "storage_driver_secure", deprecated)
+	registerDeprecated(global, local, "storage_driver_buffer_duration", deprecated)
+
+	// finally, add cadvisor flags to the provided flagset
+	fs.AddFlagSet(local)
+}
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/apiserver.go b/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/globalflags_other.go
similarity index 79%
rename from vendor/k8s.io/apiserver/pkg/endpoints/apiserver.go
rename to vendor/k8s.io/kubernetes/cmd/kubelet/app/options/globalflags_other.go
index 933363bffeba..b4a04f9f40f8 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/apiserver.go
+++ b/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/globalflags_other.go
@@ -1,5 +1,7 @@
+// +build !linux
+
 /*
-Copyright 2014 The Kubernetes Authors.
+Copyright 2018 The Kubernetes Authors.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -14,12 +16,11 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package endpoints
+package options
 
 import (
-	"k8s.io/apiserver/pkg/endpoints/metrics"
+	"github.com/spf13/pflag"
 )
 
-func init() {
-	metrics.Register()
+func addCadvisorFlags(fs *pflag.FlagSet) {
 }
diff --git a/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/options.go b/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/options.go
index 6d8e13abe8cc..463e12b05b52 100644
--- a/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/options.go
+++ b/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/options.go
@@ -27,6 +27,7 @@ import (
 	"github.com/spf13/pflag"
 
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	utilvalidation "k8s.io/apimachinery/pkg/util/validation"
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	"k8s.io/apiserver/pkg/util/flag"
 	"k8s.io/kubernetes/pkg/apis/componentconfig"
@@ -34,12 +35,16 @@ import (
 	"k8s.io/kubernetes/pkg/features"
 	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
 	kubeletscheme "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/scheme"
-	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1"
+	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1"
 	kubeletconfigvalidation "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/validation"
 	"k8s.io/kubernetes/pkg/kubelet/config"
+	kubetypes "k8s.io/kubernetes/pkg/kubelet/types"
+	"k8s.io/kubernetes/pkg/master/ports"
 	utiltaints "k8s.io/kubernetes/pkg/util/taints"
 )
 
+const defaultRootDir = "/var/lib/kubelet"
+
 // A configuration field should go in KubeletFlags instead of KubeletConfiguration if any of these are true:
 // - its value will never, or cannot safely be changed during the lifetime of a node
 // - its value cannot be safely shared between nodes at the same time (e.g. a hostname)
@@ -47,7 +52,7 @@ import (
 // In general, please try to avoid adding flags or configuration fields,
 // we already have a confusingly large amount of them.
 type KubeletFlags struct {
-	KubeConfig          flag.StringFlag
+	KubeConfig          string
 	BootstrapKubeconfig string
 	RotateCertificates  bool
 
@@ -60,9 +65,12 @@ type KubeletFlags struct {
 	//                Kubelet's runonce mode anymore, so it may be a candidate
 	//                for deprecation and removal.
 	// If runOnce is true, the Kubelet will check the API server once for pods,
-	// run those in addition to the pods specified by the local manifest, and exit.
+	// run those in addition to the pods specified by static pod files, and exit.
 	RunOnce bool
 
+	// enableServer enables the Kubelet's server
+	EnableServer bool
+
 	// HostnameOverride is the hostname used to identify the kubelet instead
 	// of the actual hostname.
 	HostnameOverride string
@@ -101,11 +109,10 @@ type KubeletFlags struct {
 	// To use this flag, the DynamicKubeletConfig feature gate must be enabled.
 	DynamicConfigDir flag.StringFlag
 
-	// The Kubelet will look in this directory for an init configuration.
+	// The Kubelet will load its initial configuration from this file.
 	// The path may be absolute or relative; relative paths are under the Kubelet's current working directory.
 	// Omit this flag to use the combination of built-in default configuration values and flags.
-	// To use this flag, the KubeletConfigFile feature gate must be enabled.
-	InitConfigDir flag.StringFlag
+	KubeletConfigFile string
 
 	// registerNode enables automatic registration with the apiserver.
 	RegisterNode bool
@@ -115,6 +122,13 @@ type KubeletFlags struct {
 	// is true and upon the initial registration of the node.
 	RegisterWithTaints []core.Taint
 
+	// cAdvisorPort is the port of the localhost cAdvisor endpoint (set to 0 to disable)
+	CAdvisorPort int32
+
+	// WindowsService should be set to true if kubelet is running as a service on Windows.
+	// Its corresponding flag only gets registered in Windows builds.
+	WindowsService bool
+
 	// EXPERIMENTAL FLAGS
 	// Whitelist of unsafe sysctls or sysctl patterns (ending in *).
 	// +optional
@@ -178,8 +192,6 @@ type KubeletFlags struct {
 	// schedulable. Won't have any effect if register-node is false.
 	// DEPRECATED: use registerWithTaints instead
 	RegisterSchedulable bool
-	// RequireKubeConfig is deprecated! A valid KubeConfig is now required if --kubeconfig is provided.
-	RequireKubeConfig bool
 	// nonMasqueradeCIDR configures masquerading: traffic to IPs outside this range will use IP masquerade.
 	NonMasqueradeCIDR string
 	// This flag, if set, instructs the kubelet to keep volumes from terminated pods mounted to the node.
@@ -187,6 +199,19 @@ type KubeletFlags struct {
 	KeepTerminatedPodVolumes bool
 	// enable gathering custom metrics.
 	EnableCustomMetrics bool
+	// allowPrivileged enables containers to request privileged mode.
+	// Defaults to false.
+	AllowPrivileged bool
+	// hostNetworkSources is a comma-separated list of sources from which the
+	// Kubelet allows pods to use of host network. Defaults to "*". Valid
+	// options are "file", "http", "api", and "*" (all sources).
+	HostNetworkSources []string
+	// hostPIDSources is a comma-separated list of sources from which the
+	// Kubelet allows pods to use the host pid namespace. Defaults to "*".
+	HostPIDSources []string
+	// hostIPCSources is a comma-separated list of sources from which the
+	// Kubelet allows pods to use the host ipc namespace. Defaults to "*".
+	HostIPCSources []string
 }
 
 // NewKubeletFlags will create a new KubeletFlags with default values
@@ -199,12 +224,10 @@ func NewKubeletFlags() *KubeletFlags {
 	}
 
 	return &KubeletFlags{
-		// TODO(#41161:v1.10.0): Remove the default kubeconfig path and --require-kubeconfig.
-		RequireKubeConfig:                   false,
-		KubeConfig:                          flag.NewStringFlag("/var/lib/kubelet/kubeconfig"),
+		EnableServer:                        true,
 		ContainerRuntimeOptions:             *NewContainerRuntimeOptions(),
 		CertDirectory:                       "/var/lib/kubelet/pki",
-		RootDirectory:                       v1alpha1.DefaultRootDir,
+		RootDirectory:                       defaultRootDir,
 		MasterServiceNamespace:              metav1.NamespaceDefault,
 		MaxContainerCount:                   -1,
 		MaxPerPodContainerCount:             1,
@@ -220,7 +243,12 @@ func NewKubeletFlags() *KubeletFlags {
 		NodeLabels:          make(map[string]string),
 		VolumePluginDir:     "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/",
 		RegisterNode:        true,
-		SeccompProfileRoot:  filepath.Join(v1alpha1.DefaultRootDir, "seccomp"),
+		SeccompProfileRoot:  filepath.Join(defaultRootDir, "seccomp"),
+		HostNetworkSources:  []string{kubetypes.AllSource},
+		HostPIDSources:      []string{kubetypes.AllSource},
+		HostIPCSources:      []string{kubetypes.AllSource},
+		// TODO(#56523): default CAdvisorPort to 0 (disabled) and deprecate it
+		CAdvisorPort: 4194,
 	}
 }
 
@@ -229,9 +257,8 @@ func ValidateKubeletFlags(f *KubeletFlags) error {
 	if f.DynamicConfigDir.Provided() && !utilfeature.DefaultFeatureGate.Enabled(features.DynamicKubeletConfig) {
 		return fmt.Errorf("the DynamicKubeletConfig feature gate must be enabled in order to use the --dynamic-config-dir flag")
 	}
-	// ensure that nobody sets InitConfigDir if the KubeletConfigFile feature gate is turned off
-	if f.InitConfigDir.Provided() && !utilfeature.DefaultFeatureGate.Enabled(features.KubeletConfigFile) {
-		return fmt.Errorf("the KubeletConfigFile feature gate must be enabled in order to use the --init-config-dir flag")
+	if f.CAdvisorPort != 0 && utilvalidation.IsValidPortNum(int(f.CAdvisorPort)) != nil {
+		return fmt.Errorf("invalid configuration: CAdvisorPort (--cadvisor-port) %v must be between 0 and 65535, inclusive", f.CAdvisorPort)
 	}
 	return nil
 }
@@ -242,15 +269,30 @@ func NewKubeletConfiguration() (*kubeletconfig.KubeletConfiguration, error) {
 	if err != nil {
 		return nil, err
 	}
-	versioned := &v1alpha1.KubeletConfiguration{}
+	versioned := &v1beta1.KubeletConfiguration{}
 	scheme.Default(versioned)
 	config := &kubeletconfig.KubeletConfiguration{}
 	if err := scheme.Convert(versioned, config, nil); err != nil {
 		return nil, err
 	}
+	applyLegacyDefaults(config)
 	return config, nil
 }
 
+// applyLegacyDefaults applies legacy default values to the KubeletConfiguration in order to
+// preserve the command line API. This is used to construct the baseline default KubeletConfiguration
+// before the first round of flag parsing.
+func applyLegacyDefaults(kc *kubeletconfig.KubeletConfiguration) {
+	// --anonymous-auth
+	kc.Authentication.Anonymous.Enabled = true
+	// --authentication-token-webhook
+	kc.Authentication.Webhook.Enabled = false
+	// --authorization-mode
+	kc.Authorization.Mode = kubeletconfig.KubeletAuthorizationModeAlwaysAllow
+	// --read-only-port
+	kc.ReadOnlyPort = ports.KubeletReadOnlyPort
+}
+
 // KubeletServer encapsulates all of the parameters necessary for starting up
 // a kubelet. These can either be set via command line or directly.
 type KubeletServer struct {
@@ -291,11 +333,10 @@ func (s *KubeletServer) AddFlags(fs *pflag.FlagSet) {
 // AddFlags adds flags for a specific KubeletFlags to the specified FlagSet
 func (f *KubeletFlags) AddFlags(fs *pflag.FlagSet) {
 	f.ContainerRuntimeOptions.AddFlags(fs)
+	f.addOSFlags(fs)
 
-	fs.Var(&f.KubeConfig, "kubeconfig", "Path to a kubeconfig file, specifying how to connect to the API server.")
-	// TODO(#41161:v1.10.0): Remove the default kubeconfig path and --require-kubeconfig.
-	fs.BoolVar(&f.RequireKubeConfig, "require-kubeconfig", f.RequireKubeConfig, "This flag is no longer necessary. It has been deprecated and will be removed in a future version.")
-	fs.MarkDeprecated("require-kubeconfig", "You no longer need to use --require-kubeconfig. This will be removed in a future version. Providing --kubeconfig enables API server mode, omitting --kubeconfig enables standalone mode unless --require-kubeconfig=true is also set. In the latter case, the legacy default kubeconfig path will be used until --require-kubeconfig is removed.")
+	fs.StringVar(&f.KubeletConfigFile, "config", f.KubeletConfigFile, "The Kubelet will load its initial configuration from this file. The path may be absolute or relative; relative paths start at the Kubelet's current working directory. Omit this flag to use the built-in default configuration values. Command-line flags override configuration from this file.")
+	fs.StringVar(&f.KubeConfig, "kubeconfig", f.KubeConfig, "Path to a kubeconfig file, specifying how to connect to the API server. Providing --kubeconfig enables API server mode, omitting --kubeconfig enables standalone mode.")
 
 	fs.MarkDeprecated("experimental-bootstrap-kubeconfig", "Use --bootstrap-kubeconfig")
 	fs.StringVar(&f.BootstrapKubeconfig, "experimental-bootstrap-kubeconfig", f.BootstrapKubeconfig, "deprecated: use --bootstrap-kubeconfig")
@@ -308,7 +349,8 @@ func (f *KubeletFlags) AddFlags(fs *pflag.FlagSet) {
 	fs.BoolVar(&f.ReallyCrashForTesting, "really-crash-for-testing", f.ReallyCrashForTesting, "If true, when panics occur crash. Intended for testing.")
 	fs.Float64Var(&f.ChaosChance, "chaos-chance", f.ChaosChance, "If > 0.0, introduce random client errors and latency. Intended for testing.")
 
-	fs.BoolVar(&f.RunOnce, "runonce", f.RunOnce, "If true, exit after spawning pods from local manifests or remote urls. Exclusive with --enable-server")
+	fs.BoolVar(&f.RunOnce, "runonce", f.RunOnce, "If true, exit after spawning pods from static pod files or remote urls. Exclusive with --enable-server")
+	fs.BoolVar(&f.EnableServer, "enable-server", f.EnableServer, "Enable the Kubelet's server")
 
 	fs.StringVar(&f.HostnameOverride, "hostname-override", f.HostnameOverride, "If non-empty, will use this string as identification instead of the actual hostname.")
 
@@ -325,30 +367,31 @@ func (f *KubeletFlags) AddFlags(fs *pflag.FlagSet) {
 	fs.StringVar(&f.RootDirectory, "root-dir", f.RootDirectory, "Directory path for managing kubelet files (volume mounts,etc).")
 
 	fs.Var(&f.DynamicConfigDir, "dynamic-config-dir", "The Kubelet will use this directory for checkpointing downloaded configurations and tracking configuration health. The Kubelet will create this directory if it does not already exist. The path may be absolute or relative; relative paths start at the Kubelet's current working directory. Providing this flag enables dynamic Kubelet configuration. Presently, you must also enable the DynamicKubeletConfig feature gate to pass this flag.")
-	fs.Var(&f.InitConfigDir, "init-config-dir", "The Kubelet will look in this directory for the init configuration. The path may be absolute or relative; relative paths start at the Kubelet's current working directory. Omit this argument to use the built-in default configuration values. Presently, you must also enable the KubeletConfigFile feature gate to pass this flag.")
 
 	fs.BoolVar(&f.RegisterNode, "register-node", f.RegisterNode, "Register the node with the apiserver. If --kubeconfig is not provided, this flag is irrelevant, as the Kubelet won't have an apiserver to register with. Default=true.")
 	fs.Var(utiltaints.NewTaintsVar(&f.RegisterWithTaints), "register-with-taints", "Register the node with the given list of taints (comma separated \"<key>=<value>:<effect>\"). No-op if register-node is false.")
+	fs.BoolVar(&f.Containerized, "containerized", f.Containerized, "Running kubelet in a container.")
 
 	// EXPERIMENTAL FLAGS
 	fs.StringVar(&f.ExperimentalMounterPath, "experimental-mounter-path", f.ExperimentalMounterPath, "[Experimental] Path of mounter binary. Leave empty to use the default mount.")
 	fs.StringSliceVar(&f.AllowedUnsafeSysctls, "experimental-allowed-unsafe-sysctls", f.AllowedUnsafeSysctls, "Comma-separated whitelist of unsafe sysctls or unsafe sysctl patterns (ending in *). Use these at your own risk.")
-	fs.BoolVar(&f.Containerized, "containerized", f.Containerized, "Experimental support for running kubelet in a container.  Intended for testing.")
 	fs.BoolVar(&f.ExperimentalKernelMemcgNotification, "experimental-kernel-memcg-notification", f.ExperimentalKernelMemcgNotification, "If enabled, the kubelet will integrate with the kernel memcg notification to determine if memory eviction thresholds are crossed rather than polling.")
 	fs.StringVar(&f.RemoteRuntimeEndpoint, "container-runtime-endpoint", f.RemoteRuntimeEndpoint, "[Experimental] The endpoint of remote runtime service. Currently unix socket is supported on Linux, and tcp is supported on windows.  Examples:'unix:///var/run/dockershim.sock', 'tcp://localhost:3735'")
 	fs.StringVar(&f.RemoteImageEndpoint, "image-service-endpoint", f.RemoteImageEndpoint, "[Experimental] The endpoint of remote image service. If not specified, it will be the same with container-runtime-endpoint by default. Currently unix socket is supported on Linux, and tcp is supported on windows.  Examples:'unix:///var/run/dockershim.sock', 'tcp://localhost:3735'")
-	fs.BoolVar(&f.ExperimentalCheckNodeCapabilitiesBeforeMount, "experimental-check-node-capabilities-before-mount", f.ExperimentalCheckNodeCapabilitiesBeforeMount, "[Experimental] if set true, the kubelet will check the underlying node for required componenets (binaries, etc.) before performing the mount")
+	fs.BoolVar(&f.ExperimentalCheckNodeCapabilitiesBeforeMount, "experimental-check-node-capabilities-before-mount", f.ExperimentalCheckNodeCapabilitiesBeforeMount, "[Experimental] if set true, the kubelet will check the underlying node for required components (binaries, etc.) before performing the mount")
 	fs.BoolVar(&f.ExperimentalNodeAllocatableIgnoreEvictionThreshold, "experimental-allocatable-ignore-eviction", f.ExperimentalNodeAllocatableIgnoreEvictionThreshold, "When set to 'true', Hard Eviction Thresholds will be ignored while calculating Node Allocatable. See https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/ for more details. [default=false]")
 	fs.Var(flag.NewMapStringString(&f.ExperimentalQOSReserved), "experimental-qos-reserved", "A set of ResourceName=Percentage (e.g. memory=50%) pairs that describe how pod resource requests are reserved at the QoS level. Currently only memory is supported. [default=none]")
 	bindableNodeLabels := flag.ConfigurationMap(f.NodeLabels)
 	fs.Var(&bindableNodeLabels, "node-labels", "<Warning: Alpha feature> Labels to add when registering the node in the cluster.  Labels must be key=value pairs separated by ','.")
-	fs.StringVar(&f.VolumePluginDir, "volume-plugin-dir", f.VolumePluginDir, "<Warning: Alpha feature> The full path of the directory in which to search for additional third party volume plugins")
+	fs.StringVar(&f.VolumePluginDir, "volume-plugin-dir", f.VolumePluginDir, "The full path of the directory in which to search for additional third party volume plugins")
 	fs.StringVar(&f.LockFilePath, "lock-file", f.LockFilePath, "<Warning: Alpha feature> The path to file for kubelet to use as a lock file.")
 	fs.BoolVar(&f.ExitOnLockContention, "exit-on-lock-contention", f.ExitOnLockContention, "Whether kubelet should exit upon lock-file contention.")
 	fs.StringVar(&f.SeccompProfileRoot, "seccomp-profile-root", f.SeccompProfileRoot, "<Warning: Alpha feature> Directory path for seccomp profiles.")
 	fs.StringVar(&f.BootstrapCheckpointPath, "bootstrap-checkpoint-path", f.BootstrapCheckpointPath, "<Warning: Alpha feature> Path to to the directory where the checkpoints are stored")
 
 	// DEPRECATED FLAGS
+	fs.Int32Var(&f.CAdvisorPort, "cadvisor-port", f.CAdvisorPort, "The port of the localhost cAdvisor endpoint (set to 0 to disable)")
+	fs.MarkDeprecated("cadvisor-port", "The default will change to 0 (disabled) in 1.12, and the cadvisor port will be removed entirely in 1.13")
 	fs.DurationVar(&f.MinimumGCAge.Duration, "minimum-container-ttl-duration", f.MinimumGCAge.Duration, "Minimum age for a finished container before it is garbage collected.  Examples: '300ms', '10s' or '2h45m'")
 	fs.MarkDeprecated("minimum-container-ttl-duration", "Use --eviction-hard or --eviction-soft instead. Will be removed in a future version.")
 	fs.Int32Var(&f.MaxPerPodContainerCount, "maximum-dead-containers-per-container", f.MaxPerPodContainerCount, "Maximum number of old instances to retain per container.  Each container takes up some disk space.")
@@ -366,22 +409,48 @@ func (f *KubeletFlags) AddFlags(fs *pflag.FlagSet) {
 	// TODO(#54161:v1.11.0): Remove --enable-custom-metrics flag, it is deprecated.
 	fs.BoolVar(&f.EnableCustomMetrics, "enable-custom-metrics", f.EnableCustomMetrics, "Support for gathering custom metrics.")
 	fs.MarkDeprecated("enable-custom-metrics", "will be removed in a future version")
+	// TODO(#58010:v1.12.0): Remove --allow-privileged, it is deprecated
+	fs.BoolVar(&f.AllowPrivileged, "allow-privileged", f.AllowPrivileged, "If true, allow containers to request privileged mode.")
+	fs.MarkDeprecated("allow-privileged", "will be removed in a future version")
+	// TODO(#58010:v1.12.0): Remove --host-network-sources, it is deprecated
+	fs.StringSliceVar(&f.HostNetworkSources, "host-network-sources", f.HostNetworkSources, "Comma-separated list of sources from which the Kubelet allows pods to use of host network.")
+	fs.MarkDeprecated("host-network-sources", "will be removed in a future version")
+	// TODO(#58010:v1.12.0): Remove --host-pid-sources, it is deprecated
+	fs.StringSliceVar(&f.HostPIDSources, "host-pid-sources", f.HostPIDSources, "Comma-separated list of sources from which the Kubelet allows pods to use the host pid namespace.")
+	fs.MarkDeprecated("host-pid-sources", "will be removed in a future version")
+	// TODO(#58010:v1.12.0): Remove --host-ipc-sources, it is deprecated
+	fs.StringSliceVar(&f.HostIPCSources, "host-ipc-sources", f.HostIPCSources, "Comma-separated list of sources from which the Kubelet allows pods to use the host ipc namespace.")
+	fs.MarkDeprecated("host-ipc-sources", "will be removed in a future version")
 
 }
 
 // AddKubeletConfigFlags adds flags for a specific kubeletconfig.KubeletConfiguration to the specified FlagSet
-func AddKubeletConfigFlags(fs *pflag.FlagSet, c *kubeletconfig.KubeletConfiguration) {
-	fs.BoolVar(&c.FailSwapOn, "fail-swap-on", true, "Makes the Kubelet fail to start if swap is enabled on the node. ")
-	fs.BoolVar(&c.FailSwapOn, "experimental-fail-swap-on", true, "DEPRECATED: please use --fail-swap-on instead.")
+func AddKubeletConfigFlags(mainfs *pflag.FlagSet, c *kubeletconfig.KubeletConfiguration) {
+	fs := pflag.NewFlagSet("", pflag.ExitOnError)
+	defer func() {
+		// All KubeletConfiguration flags are now deprecated, and any new flags that point to
+		// KubeletConfiguration fields are deprecated-on-creation. When removing flags at the end
+		// of their deprecation period, be careful to check that they have *actually* been deprecated
+		// members of the KubeletConfiguration for the entire deprecation period:
+		// e.g. if a flag was added after this deprecation function, it may not be at the end
+		// of its lifetime yet, even if the rest are.
+		deprecated := "This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/ for more information."
+		fs.VisitAll(func(f *pflag.Flag) {
+			f.Deprecated = deprecated
+		})
+		mainfs.AddFlagSet(fs)
+	}()
+
+	fs.BoolVar(&c.FailSwapOn, "fail-swap-on", c.FailSwapOn, "Makes the Kubelet fail to start if swap is enabled on the node. ")
+	fs.BoolVar(&c.FailSwapOn, "experimental-fail-swap-on", c.FailSwapOn, "DEPRECATED: please use --fail-swap-on instead.")
 	fs.MarkDeprecated("experimental-fail-swap-on", "This flag is deprecated and will be removed in future releases. please use --fail-swap-on instead.")
 
-	fs.StringVar(&c.PodManifestPath, "pod-manifest-path", c.PodManifestPath, "Path to the directory containing pod manifest files to run, or the path to a single pod manifest file. Files starting with dots will be ignored.")
+	fs.StringVar(&c.StaticPodPath, "pod-manifest-path", c.StaticPodPath, "Path to the directory containing static pod files to run, or the path to a single static pod file. Files starting with dots will be ignored.")
 	fs.DurationVar(&c.SyncFrequency.Duration, "sync-frequency", c.SyncFrequency.Duration, "Max period between synchronizing running containers and config")
 	fs.DurationVar(&c.FileCheckFrequency.Duration, "file-check-frequency", c.FileCheckFrequency.Duration, "Duration between checking config files for new data")
 	fs.DurationVar(&c.HTTPCheckFrequency.Duration, "http-check-frequency", c.HTTPCheckFrequency.Duration, "Duration between checking http for new data")
-	fs.StringVar(&c.ManifestURL, "manifest-url", c.ManifestURL, "URL for accessing the container manifest")
-	fs.Var(flag.NewColonSeparatedMultimapStringString(&c.ManifestURLHeader), "manifest-url-header", "Comma-separated list of HTTP headers to use when accessing the manifest URL. Multiple headers with the same name will be added in the same order provided. This flag can be repeatedly invoked. For example: `--manifest-url-header 'a:hello,b:again,c:world' --manifest-url-header 'b:beautiful'`")
-	fs.BoolVar(&c.EnableServer, "enable-server", c.EnableServer, "Enable the Kubelet's server")
+	fs.StringVar(&c.StaticPodURL, "manifest-url", c.StaticPodURL, "URL for accessing additional Pod specifications to run")
+	fs.Var(flag.NewColonSeparatedMultimapStringString(&c.StaticPodURLHeader), "manifest-url-header", "Comma-separated list of HTTP headers to use when accessing the url provided to --manifest-url. Multiple headers with the same name will be added in the same order provided. This flag can be repeatedly invoked. For example: `--manifest-url-header 'a:hello,b:again,c:world' --manifest-url-header 'b:beautiful'`")
 	fs.Var(componentconfig.IPVar{Val: &c.Address}, "address", "The IP address for the Kubelet to serve on (set to `0.0.0.0` for all IPv4 interfaces and `::` for all IPv6 interfaces)")
 	fs.Int32Var(&c.Port, "port", c.Port, "The port for the Kubelet to serve on.")
 	fs.Int32Var(&c.ReadOnlyPort, "read-only-port", c.ReadOnlyPort, "The read-only port for the Kubelet to serve on with no authentication/authorization (set to 0 to disable)")
@@ -413,19 +482,21 @@ func AddKubeletConfigFlags(fs *pflag.FlagSet, c *kubeletconfig.KubeletConfigurat
 		"If --tls-cert-file and --tls-private-key-file are not provided, a self-signed certificate and key "+
 		"are generated for the public address and saved to the directory passed to --cert-dir.")
 	fs.StringVar(&c.TLSPrivateKeyFile, "tls-private-key-file", c.TLSPrivateKeyFile, "File containing x509 private key matching --tls-cert-file.")
+	fs.StringSliceVar(&c.TLSCipherSuites, "tls-cipher-suites", c.TLSCipherSuites,
+		"Comma-separated list of cipher suites for the server. "+
+			"Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants). "+
+			"If omitted, the default Go cipher suites will be used")
+	fs.StringVar(&c.TLSMinVersion, "tls-min-version", c.TLSMinVersion,
+		"Minimum TLS version supported. "+
+			"Value must match version names from https://golang.org/pkg/crypto/tls/#pkg-constants.")
 
-	fs.BoolVar(&c.AllowPrivileged, "allow-privileged", c.AllowPrivileged, "If true, allow containers to request privileged mode.")
-	fs.StringSliceVar(&c.HostNetworkSources, "host-network-sources", c.HostNetworkSources, "Comma-separated list of sources from which the Kubelet allows pods to use of host network.")
-	fs.StringSliceVar(&c.HostPIDSources, "host-pid-sources", c.HostPIDSources, "Comma-separated list of sources from which the Kubelet allows pods to use the host pid namespace.")
-	fs.StringSliceVar(&c.HostIPCSources, "host-ipc-sources", c.HostIPCSources, "Comma-separated list of sources from which the Kubelet allows pods to use the host ipc namespace.")
 	fs.Int32Var(&c.RegistryPullQPS, "registry-qps", c.RegistryPullQPS, "If > 0, limit registry pull QPS to this value.  If 0, unlimited.")
 	fs.Int32Var(&c.RegistryBurst, "registry-burst", c.RegistryBurst, "Maximum size of a bursty pulls, temporarily allows pulls to burst to this number, while still not exceeding registry-qps. Only used if --registry-qps > 0")
 	fs.Int32Var(&c.EventRecordQPS, "event-qps", c.EventRecordQPS, "If > 0, limit event creations per second to this value. If 0, unlimited.")
 	fs.Int32Var(&c.EventBurst, "event-burst", c.EventBurst, "Maximum size of a bursty event records, temporarily allows event records to burst to this number, while still not exceeding event-qps. Only used if --event-qps > 0")
 
 	fs.BoolVar(&c.EnableDebuggingHandlers, "enable-debugging-handlers", c.EnableDebuggingHandlers, "Enables server endpoints for log collection and local running of containers and commands")
-	fs.BoolVar(&c.EnableContentionProfiling, "contention-profiling", false, "Enable lock contention profiling, if profiling is enabled")
-	fs.Int32Var(&c.CAdvisorPort, "cadvisor-port", c.CAdvisorPort, "The port of the localhost cAdvisor endpoint (set to 0 to disable)")
+	fs.BoolVar(&c.EnableContentionProfiling, "contention-profiling", c.EnableContentionProfiling, "Enable lock contention profiling, if profiling is enabled")
 	fs.Int32Var(&c.HealthzPort, "healthz-port", c.HealthzPort, "The port of the localhost healthz endpoint (set to 0 to disable)")
 	fs.Var(componentconfig.IPVar{Val: &c.HealthzBindAddress}, "healthz-bind-address", "The IP address for the healthz server to serve on (set to `0.0.0.0` for all IPv4 interfaces and `::` for all IPv6 interfaces)")
 	fs.Int32Var(&c.OOMScoreAdj, "oom-score-adj", c.OOMScoreAdj, "The oom-score-adj value for kubelet process. Values must be within the range [-1000, 1000]")
@@ -452,13 +523,17 @@ func AddKubeletConfigFlags(fs *pflag.FlagSet, c *kubeletconfig.KubeletConfigurat
 	fs.StringVar(&c.HairpinMode, "hairpin-mode", c.HairpinMode, "How should the kubelet setup hairpin NAT. This allows endpoints of a Service to loadbalance back to themselves if they should try to access their own Service. Valid values are \"promiscuous-bridge\", \"hairpin-veth\" and \"none\".")
 	fs.Int32Var(&c.MaxPods, "max-pods", c.MaxPods, "Number of Pods that can run on this Kubelet.")
 
-	fs.StringVar(&c.PodCIDR, "pod-cidr", "", "The CIDR to use for pod IP addresses, only used in standalone mode.  In cluster mode, this is obtained from the master.")
+	fs.StringVar(&c.PodCIDR, "pod-cidr", c.PodCIDR, "The CIDR to use for pod IP addresses, only used in standalone mode.  In cluster mode, this is obtained from the master. For IPv6, the maximum number of IP's allocated is 65536")
+	fs.Int64Var(&c.PodPidsLimit, "pod-max-pids", c.PodPidsLimit, "<Warning: Alpha feature> Set the maximum number of processes per pod.")
+
 	fs.StringVar(&c.ResolverConfig, "resolv-conf", c.ResolverConfig, "Resolver configuration file used as the basis for the container DNS resolution configuration.")
 	fs.BoolVar(&c.CPUCFSQuota, "cpu-cfs-quota", c.CPUCFSQuota, "Enable CPU CFS quota enforcement for containers that specify CPU limits")
 	fs.BoolVar(&c.EnableControllerAttachDetach, "enable-controller-attach-detach", c.EnableControllerAttachDetach, "Enables the Attach/Detach controller to manage attachment/detachment of volumes scheduled to this node, and disables kubelet from executing any attach/detach operations")
 	fs.BoolVar(&c.MakeIPTablesUtilChains, "make-iptables-util-chains", c.MakeIPTablesUtilChains, "If true, kubelet will ensure iptables utility rules are present on host.")
 	fs.Int32Var(&c.IPTablesMasqueradeBit, "iptables-masquerade-bit", c.IPTablesMasqueradeBit, "The bit of the fwmark space to mark packets for SNAT. Must be within the range [0, 31]. Please match this parameter with corresponding parameter in kube-proxy.")
 	fs.Int32Var(&c.IPTablesDropBit, "iptables-drop-bit", c.IPTablesDropBit, "The bit of the fwmark space to mark packets for dropping. Must be within the range [0, 31].")
+	fs.StringVar(&c.ContainerLogMaxSize, "container-log-max-size", c.ContainerLogMaxSize, "<Warning: Alpha feature> Set the maximum size (e.g. 10Mi) of container log file before it is rotated.")
+	fs.Int32Var(&c.ContainerLogMaxFiles, "container-log-max-files", c.ContainerLogMaxFiles, "<Warning: Alpha feature> Set the maximum number of container log files that can be present for a container. The number must be >= 2.")
 
 	// Flags intended for testing, not recommended used in production environments.
 	fs.Int64Var(&c.MaxOpenFiles, "max-open-files", c.MaxOpenFiles, "Number of files that can be opened by Kubelet process.")
@@ -480,7 +555,7 @@ func AddKubeletConfigFlags(fs *pflag.FlagSet, c *kubeletconfig.KubeletConfigurat
 	// Node Allocatable Flags
 	fs.Var(flag.NewMapStringString(&c.SystemReserved), "system-reserved", "A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=500Mi,ephemeral-storage=1Gi) pairs that describe resources reserved for non-kubernetes components. Currently only cpu and memory are supported. See http://kubernetes.io/docs/user-guide/compute-resources for more detail. [default=none]")
 	fs.Var(flag.NewMapStringString(&c.KubeReserved), "kube-reserved", "A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=500Mi,ephemeral-storage=1Gi) pairs that describe resources reserved for kubernetes system components. Currently cpu, memory and local ephemeral storage for root file system are supported. See http://kubernetes.io/docs/user-guide/compute-resources for more detail. [default=none]")
-	fs.StringSliceVar(&c.EnforceNodeAllocatable, "enforce-node-allocatable", c.EnforceNodeAllocatable, "A comma separated list of levels of node allocatable enforcement to be enforced by kubelet. Acceptible options are 'pods', 'system-reserved' & 'kube-reserved'. If the latter two options are specified, '--system-reserved-cgroup' & '--kube-reserved-cgroup' must also be set respectively. See https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/ for more details.")
+	fs.StringSliceVar(&c.EnforceNodeAllocatable, "enforce-node-allocatable", c.EnforceNodeAllocatable, "A comma separated list of levels of node allocatable enforcement to be enforced by kubelet. Acceptable options are 'none', 'pods', 'system-reserved', and 'kube-reserved'. If the latter two options are specified, '--system-reserved-cgroup' and '--kube-reserved-cgroup' must also be set, respectively. If 'none' is specified, no additional options should be set. See https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/ for more details.")
 	fs.StringVar(&c.SystemReservedCgroup, "system-reserved-cgroup", c.SystemReservedCgroup, "Absolute name of the top level cgroup that is used to manage non-kubernetes components for which compute resources were reserved via '--system-reserved' flag. Ex. '/system-reserved'. [default='']")
 	fs.StringVar(&c.KubeReservedCgroup, "kube-reserved-cgroup", c.KubeReservedCgroup, "Absolute name of the top level cgroup that is used to manage kubernetes components for which compute resources were reserved via '--kube-reserved' flag. Ex. '/kube-reserved'. [default='']")
 }
diff --git a/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/osflags_others.go b/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/osflags_others.go
new file mode 100644
index 000000000000..ab4c0ac1c61c
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/osflags_others.go
@@ -0,0 +1,26 @@
+// +build !windows
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package options
+
+import (
+	"github.com/spf13/pflag"
+)
+
+func (f *KubeletFlags) addOSFlags(fs *pflag.FlagSet) {
+}
diff --git a/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/osflags_windows.go b/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/osflags_windows.go
new file mode 100644
index 000000000000..8923f5d6f1d3
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/cmd/kubelet/app/options/osflags_windows.go
@@ -0,0 +1,27 @@
+// +build windows
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package options
+
+import (
+	"github.com/spf13/pflag"
+)
+
+func (f *KubeletFlags) addOSFlags(fs *pflag.FlagSet) {
+	fs.BoolVar(&f.WindowsService, "windows-service", f.WindowsService, "Enable Windows Service Control Manager API integration")
+}
diff --git a/vendor/k8s.io/kubernetes/cmd/kubelet/app/server.go b/vendor/k8s.io/kubernetes/cmd/kubelet/app/server.go
index 8100b44afae2..b0329fa03e78 100644
--- a/vendor/k8s.io/kubernetes/cmd/kubelet/app/server.go
+++ b/vendor/k8s.io/kubernetes/cmd/kubelet/app/server.go
@@ -18,6 +18,7 @@ limitations under the License.
 package app
 
 import (
+	"context"
 	"crypto/tls"
 	"errors"
 	"fmt"
@@ -30,8 +31,10 @@ import (
 	"path"
 	"path/filepath"
 	"strconv"
+	"sync"
 	"time"
 
+	"github.com/coreos/go-systemd/daemon"
 	"github.com/golang/glog"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
@@ -64,7 +67,7 @@ import (
 	"k8s.io/kubernetes/pkg/kubelet"
 	kubeletconfiginternal "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
 	kubeletscheme "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/scheme"
-	kubeletconfigv1alpha1 "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1"
+	kubeletconfigv1beta1 "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1"
 	"k8s.io/kubernetes/pkg/kubelet/cadvisor"
 	kubeletcertificate "k8s.io/kubernetes/pkg/kubelet/certificate"
 	"k8s.io/kubernetes/pkg/kubelet/certificate/bootstrap"
@@ -75,11 +78,14 @@ import (
 	dockerremote "k8s.io/kubernetes/pkg/kubelet/dockershim/remote"
 	"k8s.io/kubernetes/pkg/kubelet/eviction"
 	evictionapi "k8s.io/kubernetes/pkg/kubelet/eviction/api"
-	"k8s.io/kubernetes/pkg/kubelet/kubeletconfig"
+	dynamickubeletconfig "k8s.io/kubernetes/pkg/kubelet/kubeletconfig"
+	"k8s.io/kubernetes/pkg/kubelet/kubeletconfig/configfiles"
 	"k8s.io/kubernetes/pkg/kubelet/server"
 	"k8s.io/kubernetes/pkg/kubelet/server/streaming"
 	kubetypes "k8s.io/kubernetes/pkg/kubelet/types"
 	"k8s.io/kubernetes/pkg/util/configz"
+	utilfs "k8s.io/kubernetes/pkg/util/filesystem"
+	utilflag "k8s.io/kubernetes/pkg/util/flag"
 	"k8s.io/kubernetes/pkg/util/flock"
 	kubeio "k8s.io/kubernetes/pkg/util/io"
 	"k8s.io/kubernetes/pkg/util/mount"
@@ -87,6 +93,7 @@ import (
 	"k8s.io/kubernetes/pkg/util/oom"
 	"k8s.io/kubernetes/pkg/util/rlimit"
 	"k8s.io/kubernetes/pkg/version"
+	"k8s.io/kubernetes/pkg/version/verflag"
 )
 
 const (
@@ -96,9 +103,15 @@ const (
 
 // NewKubeletCommand creates a *cobra.Command object with default parameters
 func NewKubeletCommand() *cobra.Command {
-	// ignore the error, as this is just for generating docs and the like
-	s, _ := options.NewKubeletServer()
-	s.AddFlags(pflag.CommandLine)
+	cleanFlagSet := pflag.NewFlagSet(componentKubelet, pflag.ContinueOnError)
+	cleanFlagSet.SetNormalizeFunc(flag.WordSepNormalizeFunc)
+	kubeletFlags := options.NewKubeletFlags()
+	kubeletConfig, err := options.NewKubeletConfiguration()
+	// programmer error
+	if err != nil {
+		glog.Fatal(err)
+	}
+
 	cmd := &cobra.Command{
 		Use: componentKubelet,
 		Long: `The kubelet is the primary "node agent" that runs on each
@@ -120,13 +133,194 @@ is checked every 20 seconds (also configurable with a flag).
 
 HTTP server: The kubelet can also listen for HTTP and respond to a simple API
 (underspec'd currently) to submit a new manifest.`,
+		// The Kubelet has special flag parsing requirements to enforce flag precedence rules,
+		// so we do all our parsing manually in Run, below.
+		// DisableFlagParsing=true provides the full set of flags passed to the kubelet in the
+		// `args` arg to Run, without Cobra's interference.
+		DisableFlagParsing: true,
 		Run: func(cmd *cobra.Command, args []string) {
+			// initial flag parse, since we disable cobra's flag parsing
+			if err := cleanFlagSet.Parse(args); err != nil {
+				cmd.Usage()
+				glog.Fatal(err)
+			}
+
+			// short-circuit on help
+			help, err := cleanFlagSet.GetBool("help")
+			if err != nil {
+				glog.Fatal(`"help" flag is non-bool, programmer error, please correct`)
+			}
+			if help {
+				cmd.Help()
+				return
+			}
+
+			// short-circuit on verflag
+			verflag.PrintAndExitIfRequested()
+			utilflag.PrintFlags(cleanFlagSet)
+
+			// set feature gates from initial flags-based config
+			if err := utilfeature.DefaultFeatureGate.SetFromMap(kubeletConfig.FeatureGates); err != nil {
+				glog.Fatal(err)
+			}
+
+			// validate the initial KubeletFlags
+			if err := options.ValidateKubeletFlags(kubeletFlags); err != nil {
+				glog.Fatal(err)
+			}
+
+			// load kubelet config file, if provided
+			if configFile := kubeletFlags.KubeletConfigFile; len(configFile) > 0 {
+				kubeletConfig, err = loadConfigFile(configFile)
+				if err != nil {
+					glog.Fatal(err)
+				}
+				// We must enforce flag precedence by re-parsing the command line into the new object.
+				// This is necessary to preserve backwards-compatibility across binary upgrades.
+				// See issue #56171 for more details.
+				if err := kubeletConfigFlagPrecedence(kubeletConfig, args); err != nil {
+					glog.Fatal(err)
+				}
+				// update feature gates based on new config
+				if err := utilfeature.DefaultFeatureGate.SetFromMap(kubeletConfig.FeatureGates); err != nil {
+					glog.Fatal(err)
+				}
+			}
+
+			// use dynamic kubelet config, if enabled
+			var kubeletConfigController *dynamickubeletconfig.Controller
+			if dynamicConfigDir := kubeletFlags.DynamicConfigDir.Value(); len(dynamicConfigDir) > 0 {
+				kubeletConfig, kubeletConfigController, err = BootstrapKubeletConfigController(kubeletConfig, dynamicConfigDir)
+				if err != nil {
+					glog.Fatal(err)
+				}
+				// We must enforce flag precedence by re-parsing the command line into the new object.
+				// This is necessary to preserve backwards-compatibility across binary upgrades.
+				// See issue #56171 for more details.
+				if err := kubeletConfigFlagPrecedence(kubeletConfig, args); err != nil {
+					glog.Fatal(err)
+				}
+				// update feature gates based on new config
+				if err := utilfeature.DefaultFeatureGate.SetFromMap(kubeletConfig.FeatureGates); err != nil {
+					glog.Fatal(err)
+				}
+			}
+
+			// construct a KubeletServer from kubeletFlags and kubeletConfig
+			kubeletServer := &options.KubeletServer{
+				KubeletFlags:         *kubeletFlags,
+				KubeletConfiguration: *kubeletConfig,
+			}
+
+			// use kubeletServer to construct the default KubeletDeps
+			kubeletDeps, err := UnsecuredDependencies(kubeletServer)
+			if err != nil {
+				glog.Fatal(err)
+			}
+
+			// add the kubelet config controller to kubeletDeps
+			kubeletDeps.KubeletConfigController = kubeletConfigController
+
+			// start the experimental docker shim, if enabled
+			if kubeletServer.KubeletFlags.ExperimentalDockershim {
+				if err := RunDockershim(&kubeletServer.KubeletFlags, kubeletConfig); err != nil {
+					glog.Fatal(err)
+				}
+			}
+
+			// run the kubelet
+			if err := Run(kubeletServer, kubeletDeps); err != nil {
+				glog.Fatal(err)
+			}
 		},
 	}
 
+	// keep cleanFlagSet separate, so Cobra doesn't pollute it with the global flags
+	kubeletFlags.AddFlags(cleanFlagSet)
+	options.AddKubeletConfigFlags(cleanFlagSet, kubeletConfig)
+	options.AddGlobalFlags(cleanFlagSet)
+	cleanFlagSet.BoolP("help", "h", false, fmt.Sprintf("help for %s", cmd.Name()))
+
+	// ugly, but necessary, because Cobra's default UsageFunc and HelpFunc pollute the flagset with global flags
+	const usageFmt = "Usage:\n  %s\n\nFlags:\n%s"
+	cmd.SetUsageFunc(func(cmd *cobra.Command) error {
+		fmt.Fprintf(cmd.OutOrStderr(), usageFmt, cmd.UseLine(), cleanFlagSet.FlagUsagesWrapped(2))
+		return nil
+	})
+	cmd.SetHelpFunc(func(cmd *cobra.Command, args []string) {
+		fmt.Fprintf(cmd.OutOrStdout(), "%s\n\n"+usageFmt, cmd.Long, cmd.UseLine(), cleanFlagSet.FlagUsagesWrapped(2))
+	})
+
 	return cmd
 }
 
+// newFlagSetWithGlobals constructs a new pflag.FlagSet with global flags registered
+// on it.
+func newFlagSetWithGlobals() *pflag.FlagSet {
+	fs := pflag.NewFlagSet("", pflag.ExitOnError)
+	// set the normalize func, similar to k8s.io/apiserver/pkg/util/flag/flags.go:InitFlags
+	fs.SetNormalizeFunc(flag.WordSepNormalizeFunc)
+	// explicitly add flags from libs that register global flags
+	options.AddGlobalFlags(fs)
+	return fs
+}
+
+// newFakeFlagSet constructs a pflag.FlagSet with the same flags as fs, but where
+// all values have noop Set implementations
+func newFakeFlagSet(fs *pflag.FlagSet) *pflag.FlagSet {
+	ret := pflag.NewFlagSet("", pflag.ExitOnError)
+	ret.SetNormalizeFunc(fs.GetNormalizeFunc())
+	fs.VisitAll(func(f *pflag.Flag) {
+		ret.VarP(flag.NoOp{}, f.Name, f.Shorthand, f.Usage)
+	})
+	return ret
+}
+
+// kubeletConfigFlagPrecedence re-parses flags over the KubeletConfiguration object.
+// We must enforce flag precedence by re-parsing the command line into the new object.
+// This is necessary to preserve backwards-compatibility across binary upgrades.
+// See issue #56171 for more details.
+func kubeletConfigFlagPrecedence(kc *kubeletconfiginternal.KubeletConfiguration, args []string) error {
+	// We use a throwaway kubeletFlags and a fake global flagset to avoid double-parses,
+	// as some Set implementations accumulate values from multiple flag invocations.
+	fs := newFakeFlagSet(newFlagSetWithGlobals())
+	// register throwaway KubeletFlags
+	options.NewKubeletFlags().AddFlags(fs)
+	// register new KubeletConfiguration
+	options.AddKubeletConfigFlags(fs, kc)
+	// Remember original feature gates, so we can merge with flag gates later
+	original := kc.FeatureGates
+	// re-parse flags
+	if err := fs.Parse(args); err != nil {
+		return err
+	}
+	// Add back feature gates that were set in the original kc, but not in flags
+	for k, v := range original {
+		if _, ok := kc.FeatureGates[k]; !ok {
+			kc.FeatureGates[k] = v
+		}
+	}
+	return nil
+}
+
+func loadConfigFile(name string) (*kubeletconfiginternal.KubeletConfiguration, error) {
+	const errFmt = "failed to load Kubelet config file %s, error %v"
+	// compute absolute path based on current working dir
+	kubeletConfigFile, err := filepath.Abs(name)
+	if err != nil {
+		return nil, fmt.Errorf(errFmt, name, err)
+	}
+	loader, err := configfiles.NewFsLoader(utilfs.DefaultFs{}, kubeletConfigFile)
+	if err != nil {
+		return nil, fmt.Errorf(errFmt, name, err)
+	}
+	kc, err := loader.Load()
+	if err != nil {
+		return nil, fmt.Errorf(errFmt, name, err)
+	}
+	return kc, err
+}
+
 // UnsecuredDependencies returns a Dependencies suitable for being run, or an error if the server setup
 // is not valid.  It will not start any background processes, and does not include authentication/authorization
 func UnsecuredDependencies(s *options.KubeletServer) (*kubelet.Dependencies, error) {
@@ -139,7 +333,7 @@ func UnsecuredDependencies(s *options.KubeletServer) (*kubelet.Dependencies, err
 	mounter := mount.New(s.ExperimentalMounterPath)
 	var writer kubeio.Writer = &kubeio.StdWriter{}
 	if s.Containerized {
-		glog.V(2).Info("Running kubelet in containerized mode (experimental)")
+		glog.V(2).Info("Running kubelet in containerized mode")
 		mounter = mount.NewNsenterMounter()
 		writer = &kubeio.NsenterWriter{}
 	}
@@ -180,6 +374,9 @@ func UnsecuredDependencies(s *options.KubeletServer) (*kubelet.Dependencies, err
 func Run(s *options.KubeletServer, kubeDeps *kubelet.Dependencies) error {
 	// To help debugging, immediately log version
 	glog.Infof("Version: %+v", version.Get())
+	if err := initForOS(s.KubeletFlags.WindowsService); err != nil {
+		return fmt.Errorf("failed OS init: %v", err)
+	}
 	if err := run(s, kubeDeps); err != nil {
 		return fmt.Errorf("failed to run Kubelet: %v", err)
 	}
@@ -200,7 +397,7 @@ func setConfigz(cz *configz.Config, kc *kubeletconfiginternal.KubeletConfigurati
 	if err != nil {
 		return err
 	}
-	versioned := kubeletconfigv1alpha1.KubeletConfiguration{}
+	versioned := kubeletconfigv1beta1.KubeletConfiguration{}
 	if err := scheme.Convert(kc, &versioned, nil); err != nil {
 		return err
 	}
@@ -216,7 +413,6 @@ func initConfigz(kc *kubeletconfiginternal.KubeletConfiguration) error {
 	}
 	if err := setConfigz(cz, kc); err != nil {
 		glog.Errorf("unable to register config: %s", err)
-		return err
 	}
 	return nil
 }
@@ -274,11 +470,7 @@ func run(s *options.KubeletServer, kubeDeps *kubelet.Dependencies) (err error) {
 
 	// About to get clients and such, detect standaloneMode
 	standaloneMode := true
-	switch {
-	case s.RequireKubeConfig == true:
-		standaloneMode = false
-		glog.Warningf("--require-kubeconfig is deprecated. Set --kubeconfig without using --require-kubeconfig.")
-	case s.KubeConfig.Provided():
+	if len(s.KubeConfig) > 0 {
 		standaloneMode = false
 	}
 
@@ -289,12 +481,8 @@ func run(s *options.KubeletServer, kubeDeps *kubelet.Dependencies) (err error) {
 		}
 	}
 
-	if s.CloudProvider == kubeletconfigv1alpha1.AutoDetectCloudProvider {
-		glog.Warning("--cloud-provider=auto-detect is deprecated. The desired cloud provider should be set explicitly")
-	}
-
 	if kubeDeps.Cloud == nil {
-		if !cloudprovider.IsExternal(s.CloudProvider) && s.CloudProvider != kubeletconfigv1alpha1.AutoDetectCloudProvider {
+		if !cloudprovider.IsExternal(s.CloudProvider) {
 			cloud, err := cloudprovider.InitCloudProvider(s.CloudProvider, s.CloudConfigFile)
 			if err != nil {
 				return err
@@ -314,7 +502,7 @@ func run(s *options.KubeletServer, kubeDeps *kubelet.Dependencies) (err error) {
 	}
 
 	if s.BootstrapKubeconfig != "" {
-		if err := bootstrap.LoadClientCert(s.KubeConfig.Value(), s.BootstrapKubeconfig, s.CertDirectory, nodeName); err != nil {
+		if err := bootstrap.LoadClientCert(s.KubeConfig, s.BootstrapKubeconfig, s.CertDirectory, nodeName); err != nil {
 			return err
 		}
 	}
@@ -333,59 +521,55 @@ func run(s *options.KubeletServer, kubeDeps *kubelet.Dependencies) (err error) {
 		var heartbeatClient v1core.CoreV1Interface
 		var externalKubeClient clientset.Interface
 
-		clientConfig, err := CreateAPIServerClientConfig(s)
+		clientConfig, err := createAPIServerClientConfig(s)
+		if err != nil {
+			return fmt.Errorf("invalid kubeconfig: %v", err)
+		}
 
 		var clientCertificateManager certificate.Manager
-		if err == nil {
-			if s.RotateCertificates && utilfeature.DefaultFeatureGate.Enabled(features.RotateKubeletClientCertificate) {
-				clientCertificateManager, err = kubeletcertificate.NewKubeletClientCertificateManager(s.CertDirectory, nodeName, clientConfig.CertData, clientConfig.KeyData, clientConfig.CertFile, clientConfig.KeyFile)
-				if err != nil {
-					return err
-				}
-				// we set exitIfExpired to true because we use this client configuration to request new certs - if we are unable
-				// to request new certs, we will be unable to continue normal operation
-				if err := kubeletcertificate.UpdateTransport(wait.NeverStop, clientConfig, clientCertificateManager, true); err != nil {
-					return err
-				}
-			}
-
-			kubeClient, err = clientset.NewForConfig(clientConfig)
-			if err != nil {
-				glog.Warningf("New kubeClient from clientConfig error: %v", err)
-			} else if kubeClient.CertificatesV1beta1() != nil && clientCertificateManager != nil {
-				glog.V(2).Info("Starting client certificate rotation.")
-				clientCertificateManager.SetCertificateSigningRequestClient(kubeClient.CertificatesV1beta1().CertificateSigningRequests())
-				clientCertificateManager.Start()
-			}
-			externalKubeClient, err = clientset.NewForConfig(clientConfig)
+		if s.RotateCertificates && utilfeature.DefaultFeatureGate.Enabled(features.RotateKubeletClientCertificate) {
+			clientCertificateManager, err = kubeletcertificate.NewKubeletClientCertificateManager(s.CertDirectory, nodeName, clientConfig.CertData, clientConfig.KeyData, clientConfig.CertFile, clientConfig.KeyFile)
 			if err != nil {
-				glog.Warningf("New kubeClient from clientConfig error: %v", err)
+				return err
 			}
 
-			// make a separate client for events
-			eventClientConfig := *clientConfig
-			eventClientConfig.QPS = float32(s.EventRecordQPS)
-			eventClientConfig.Burst = int(s.EventBurst)
-			eventClient, err = v1core.NewForConfig(&eventClientConfig)
-			if err != nil {
-				glog.Warningf("Failed to create API Server client for Events: %v", err)
+			// we set exitAfter to five minutes because we use this client configuration to request new certs - if we are unable
+			// to request new certs, we will be unable to continue normal operation. Exiting the process allows a wrapper
+			// or the bootstrapping credentials to potentially lay down new initial config.
+			if err := kubeletcertificate.UpdateTransport(wait.NeverStop, clientConfig, clientCertificateManager, 5*time.Minute); err != nil {
+				return err
 			}
+		}
 
-			// make a separate client for heartbeat with throttling disabled and a timeout attached
-			heartbeatClientConfig := *clientConfig
-			heartbeatClientConfig.Timeout = s.KubeletConfiguration.NodeStatusUpdateFrequency.Duration
-			heartbeatClientConfig.QPS = float32(-1)
-			heartbeatClient, err = v1core.NewForConfig(&heartbeatClientConfig)
-			if err != nil {
-				glog.Warningf("Failed to create API Server client for heartbeat: %v", err)
-			}
-		} else {
-			switch {
-			case s.RequireKubeConfig:
-				return fmt.Errorf("invalid kubeconfig: %v", err)
-			case s.KubeConfig.Provided():
-				glog.Warningf("invalid kubeconfig: %v", err)
-			}
+		kubeClient, err = clientset.NewForConfig(clientConfig)
+		if err != nil {
+			glog.Warningf("New kubeClient from clientConfig error: %v", err)
+		} else if kubeClient.CertificatesV1beta1() != nil && clientCertificateManager != nil {
+			glog.V(2).Info("Starting client certificate rotation.")
+			clientCertificateManager.SetCertificateSigningRequestClient(kubeClient.CertificatesV1beta1().CertificateSigningRequests())
+			clientCertificateManager.Start()
+		}
+		externalKubeClient, err = clientset.NewForConfig(clientConfig)
+		if err != nil {
+			glog.Warningf("New kubeClient from clientConfig error: %v", err)
+		}
+
+		// make a separate client for events
+		eventClientConfig := *clientConfig
+		eventClientConfig.QPS = float32(s.EventRecordQPS)
+		eventClientConfig.Burst = int(s.EventBurst)
+		eventClient, err = v1core.NewForConfig(&eventClientConfig)
+		if err != nil {
+			glog.Warningf("Failed to create API Server client for Events: %v", err)
+		}
+
+		// make a separate client for heartbeat with throttling disabled and a timeout attached
+		heartbeatClientConfig := *clientConfig
+		heartbeatClientConfig.Timeout = s.KubeletConfiguration.NodeStatusUpdateFrequency.Duration
+		heartbeatClientConfig.QPS = float32(-1)
+		heartbeatClient, err = v1core.NewForConfig(&heartbeatClientConfig)
+		if err != nil {
+			glog.Warningf("Failed to create API Server client for heartbeat: %v", err)
 		}
 
 		kubeDeps.KubeClient = kubeClient
@@ -398,10 +582,10 @@ func run(s *options.KubeletServer, kubeDeps *kubelet.Dependencies) (err error) {
 		}
 	}
 
-	// Alpha Dynamic Configuration Implementation;
-	// if the kubelet config controller is available, inject the latest to start the config and status sync loops
-	if utilfeature.DefaultFeatureGate.Enabled(features.DynamicKubeletConfig) && kubeDeps.KubeletConfigController != nil && !standaloneMode && !s.RunOnce {
-		kubeDeps.KubeletConfigController.StartSync(kubeDeps.KubeClient, string(nodeName))
+	// If the kubelet config controller is available, and dynamic config is enabled, start the config and status sync loops
+	if utilfeature.DefaultFeatureGate.Enabled(features.DynamicKubeletConfig) && len(s.DynamicConfigDir.Value()) > 0 &&
+		kubeDeps.KubeletConfigController != nil && !standaloneMode && !s.RunOnce {
+		kubeDeps.KubeletConfigController.StartSync(kubeDeps.KubeClient, kubeDeps.EventClient, string(nodeName))
 	}
 
 	if kubeDeps.Auth == nil {
@@ -475,6 +659,8 @@ func run(s *options.KubeletServer, kubeDeps *kubelet.Dependencies) (err error) {
 				ExperimentalQOSReserved:               *experimentalQOSReserved,
 				ExperimentalCPUManagerPolicy:          s.CPUManagerPolicy,
 				ExperimentalCPUManagerReconcilePeriod: s.CPUManagerReconcilePeriod.Duration,
+				ExperimentalPodPidsLimit:              s.PodPidsLimit,
+				EnforceCPULimits:                      s.CPUCFSQuota,
 			},
 			s.FailSwapOn,
 			devicePluginEnabled,
@@ -517,6 +703,9 @@ func run(s *options.KubeletServer, kubeDeps *kubelet.Dependencies) (err error) {
 		return nil
 	}
 
+	// If systemd is used, notify it that we have started
+	go daemon.SdNotify(false, "READY=1")
+
 	<-done
 	return nil
 }
@@ -533,7 +722,7 @@ func getNodeName(cloud cloudprovider.Interface, hostname string) (types.NodeName
 		return "", fmt.Errorf("failed to get instances from cloud provider")
 	}
 
-	nodeName, err := instances.CurrentNodeName(hostname)
+	nodeName, err := instances.CurrentNodeName(context.TODO(), hostname)
 	if err != nil {
 		return "", fmt.Errorf("error fetching current node name from cloud provider: %v", err)
 	}
@@ -571,12 +760,21 @@ func InitializeTLS(kf *options.KubeletFlags, kc *kubeletconfiginternal.KubeletCo
 			glog.V(4).Infof("Using self-signed cert (%s, %s)", kc.TLSCertFile, kc.TLSPrivateKeyFile)
 		}
 	}
+
+	tlsCipherSuites, err := flag.TLSCipherSuites(kc.TLSCipherSuites)
+	if err != nil {
+		return nil, err
+	}
+
+	minTLSVersion, err := flag.TLSVersion(kc.TLSMinVersion)
+	if err != nil {
+		return nil, err
+	}
+
 	tlsOptions := &server.TLSOptions{
 		Config: &tls.Config{
-			// Can't use SSLv3 because of POODLE and BEAST
-			// Can't use TLSv1.0 because of POODLE and BEAST using CBC cipher
-			// Can't use TLSv1.1 because of RC4 cipher usage
-			MinVersion: tls.VersionTLS12,
+			MinVersion:   minTLSVersion,
+			CipherSuites: tlsCipherSuites,
 		},
 		CertFile: kc.TLSCertFile,
 		KeyFile:  kc.TLSPrivateKeyFile,
@@ -598,29 +796,24 @@ func InitializeTLS(kf *options.KubeletFlags, kc *kubeletconfiginternal.KubeletCo
 
 func kubeconfigClientConfig(s *options.KubeletServer) (*restclient.Config, error) {
 	return clientcmd.NewNonInteractiveDeferredLoadingClientConfig(
-		&clientcmd.ClientConfigLoadingRules{ExplicitPath: s.KubeConfig.Value()},
+		&clientcmd.ClientConfigLoadingRules{ExplicitPath: s.KubeConfig},
 		&clientcmd.ConfigOverrides{},
 	).ClientConfig()
 }
 
 // createClientConfig creates a client configuration from the command line arguments.
-// If --kubeconfig is explicitly set, it will be used. If it is not set but
-// --require-kubeconfig=true, we attempt to load the default kubeconfig file.
+// If --kubeconfig is explicitly set, it will be used.
 func createClientConfig(s *options.KubeletServer) (*restclient.Config, error) {
-	// If --kubeconfig was not provided, it will have a default path set in cmd/kubelet/app/options/options.go.
-	// We only use that default path when --require-kubeconfig=true. The default path is temporary until --require-kubeconfig is removed.
-	// TODO(#41161:v1.10.0): Remove the default kubeconfig path and --require-kubeconfig.
-	if s.BootstrapKubeconfig != "" || s.KubeConfig.Provided() || s.RequireKubeConfig == true {
+	if s.BootstrapKubeconfig != "" || len(s.KubeConfig) > 0 {
 		return kubeconfigClientConfig(s)
 	} else {
 		return nil, fmt.Errorf("createClientConfig called in standalone mode")
 	}
 }
 
-// CreateAPIServerClientConfig generates a client.Config from command line flags
+// createAPIServerClientConfig generates a client.Config from command line flags
 // via createClientConfig and then injects chaos into the configuration via addChaosToClientConfig.
-// This func is exported to support integration with third party kubelet extensions (e.g. kubernetes-mesos).
-func CreateAPIServerClientConfig(s *options.KubeletServer) (*restclient.Config, error) {
+func createAPIServerClientConfig(s *options.KubeletServer) (*restclient.Config, error) {
 	clientConfig, err := createClientConfig(s)
 	if err != nil {
 		return nil, err
@@ -667,17 +860,17 @@ func RunKubelet(kubeFlags *options.KubeletFlags, kubeCfg *kubeletconfiginternal.
 	//                prefer this to be done as part of an independent validation step on the
 	//                KubeletConfiguration. But as far as I can tell, we don't have an explicit
 	//                place for validation of the KubeletConfiguration yet.
-	hostNetworkSources, err := kubetypes.GetValidatedSources(kubeCfg.HostNetworkSources)
+	hostNetworkSources, err := kubetypes.GetValidatedSources(kubeFlags.HostNetworkSources)
 	if err != nil {
 		return err
 	}
 
-	hostPIDSources, err := kubetypes.GetValidatedSources(kubeCfg.HostPIDSources)
+	hostPIDSources, err := kubetypes.GetValidatedSources(kubeFlags.HostPIDSources)
 	if err != nil {
 		return err
 	}
 
-	hostIPCSources, err := kubetypes.GetValidatedSources(kubeCfg.HostIPCSources)
+	hostIPCSources, err := kubetypes.GetValidatedSources(kubeFlags.HostIPCSources)
 	if err != nil {
 		return err
 	}
@@ -687,20 +880,16 @@ func RunKubelet(kubeFlags *options.KubeletFlags, kubeCfg *kubeletconfiginternal.
 		HostPIDSources:     hostPIDSources,
 		HostIPCSources:     hostIPCSources,
 	}
-	capabilities.Setup(kubeCfg.AllowPrivileged, privilegedSources, 0)
+	capabilities.Setup(kubeFlags.AllowPrivileged, privilegedSources, 0)
 
 	credentialprovider.SetPreferredDockercfgPath(kubeFlags.RootDirectory)
 	glog.V(2).Infof("Using root directory: %v", kubeFlags.RootDirectory)
 
-	builder := kubeDeps.Builder
-	if builder == nil {
-		builder = CreateAndInitKubelet
-	}
 	if kubeDeps.OSInterface == nil {
 		kubeDeps.OSInterface = kubecontainer.RealOS{}
 	}
 
-	k, err := builder(kubeCfg,
+	k, err := CreateAndInitKubelet(kubeCfg,
 		kubeDeps,
 		&kubeFlags.ContainerRuntimeOptions,
 		kubeFlags.ContainerRuntime,
@@ -714,7 +903,6 @@ func RunKubelet(kubeFlags *options.KubeletFlags, kubeCfg *kubeletconfiginternal.
 		kubeFlags.RegisterNode,
 		kubeFlags.RegisterWithTaints,
 		kubeFlags.AllowedUnsafeSysctls,
-		kubeFlags.Containerized,
 		kubeFlags.RemoteRuntimeEndpoint,
 		kubeFlags.RemoteImageEndpoint,
 		kubeFlags.ExperimentalMounterPath,
@@ -751,27 +939,38 @@ func RunKubelet(kubeFlags *options.KubeletFlags, kubeCfg *kubeletconfiginternal.
 		}
 		glog.Infof("Started kubelet as runonce")
 	} else {
-		startKubelet(k, podCfg, kubeCfg, kubeDeps)
+		startKubelet(k, podCfg, kubeCfg, kubeDeps, kubeFlags.EnableServer)
 		glog.Infof("Started kubelet")
 	}
 	return nil
 }
 
-func startKubelet(k kubelet.Bootstrap, podCfg *config.PodConfig, kubeCfg *kubeletconfiginternal.KubeletConfiguration, kubeDeps *kubelet.Dependencies) {
+func startKubelet(k kubelet.Bootstrap, podCfg *config.PodConfig, kubeCfg *kubeletconfiginternal.KubeletConfiguration, kubeDeps *kubelet.Dependencies, enableServer bool) {
+	wg := sync.WaitGroup{}
+
 	// start the kubelet
-	go wait.Until(func() { k.Run(podCfg.Updates()) }, 0, wait.NeverStop)
+	wg.Add(1)
+	go wait.Until(func() {
+		wg.Done()
+		k.Run(podCfg.Updates())
+	}, 0, wait.NeverStop)
 
 	// start the kubelet server
-	if kubeCfg.EnableServer {
+	if enableServer {
+		wg.Add(1)
 		go wait.Until(func() {
+			wg.Done()
 			k.ListenAndServe(net.ParseIP(kubeCfg.Address), uint(kubeCfg.Port), kubeDeps.TLSOptions, kubeDeps.Auth, kubeCfg.EnableDebuggingHandlers, kubeCfg.EnableContentionProfiling)
 		}, 0, wait.NeverStop)
 	}
 	if kubeCfg.ReadOnlyPort > 0 {
+		wg.Add(1)
 		go wait.Until(func() {
+			wg.Done()
 			k.ListenAndServeReadOnly(net.ParseIP(kubeCfg.Address), uint(kubeCfg.ReadOnlyPort))
 		}, 0, wait.NeverStop)
 	}
+	wg.Wait()
 }
 
 func CreateAndInitKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
@@ -788,7 +987,6 @@ func CreateAndInitKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 	registerNode bool,
 	registerWithTaints []api.Taint,
 	allowedUnsafeSysctls []string,
-	containerized bool,
 	remoteRuntimeEndpoint string,
 	remoteImageEndpoint string,
 	experimentalMounterPath string,
@@ -822,7 +1020,6 @@ func CreateAndInitKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 		registerNode,
 		registerWithTaints,
 		allowedUnsafeSysctls,
-		containerized,
 		remoteRuntimeEndpoint,
 		remoteImageEndpoint,
 		experimentalMounterPath,
@@ -878,36 +1075,26 @@ func parseResourceList(m map[string]string) (v1.ResourceList, error) {
 
 // BootstrapKubeletConfigController constructs and bootstrap a configuration controller
 func BootstrapKubeletConfigController(defaultConfig *kubeletconfiginternal.KubeletConfiguration,
-	initConfigDirFlag flag.StringFlag,
-	dynamicConfigDirFlag flag.StringFlag) (*kubeletconfiginternal.KubeletConfiguration, *kubeletconfig.Controller, error) {
-	var err error
-	// Alpha Dynamic Configuration Implementation; this section only loads config from disk, it does not contact the API server
-	// compute absolute paths based on current working dir
-	initConfigDir := ""
-	if utilfeature.DefaultFeatureGate.Enabled(features.KubeletConfigFile) && initConfigDirFlag.Provided() {
-		initConfigDir, err = filepath.Abs(initConfigDirFlag.Value())
-		if err != nil {
-			return nil, nil, fmt.Errorf("failed to get absolute path for --init-config-dir")
-		}
+	dynamicConfigDir string) (*kubeletconfiginternal.KubeletConfiguration, *dynamickubeletconfig.Controller, error) {
+	if !utilfeature.DefaultFeatureGate.Enabled(features.DynamicKubeletConfig) {
+		return nil, nil, fmt.Errorf("failed to bootstrap Kubelet config controller, you must enable the DynamicKubeletConfig feature gate")
 	}
-	dynamicConfigDir := ""
-	if utilfeature.DefaultFeatureGate.Enabled(features.DynamicKubeletConfig) && dynamicConfigDirFlag.Provided() {
-		dynamicConfigDir, err = filepath.Abs(dynamicConfigDirFlag.Value())
-		if err != nil {
-			return nil, nil, fmt.Errorf("failed to get absolute path for --dynamic-config-dir")
-		}
+	if len(dynamicConfigDir) == 0 {
+		return nil, nil, fmt.Errorf("cannot bootstrap Kubelet config controller, --dynamic-config-dir was not provided")
 	}
 
-	// get the latest KubeletConfiguration checkpoint from disk, or load the init or default config if no valid checkpoints exist
-	kubeletConfigController, err := kubeletconfig.NewController(defaultConfig, initConfigDir, dynamicConfigDir)
+	// compute absolute path and bootstrap controller
+	dir, err := filepath.Abs(dynamicConfigDir)
 	if err != nil {
-		return nil, nil, fmt.Errorf("failed to construct controller, error: %v", err)
+		return nil, nil, fmt.Errorf("failed to get absolute path for --dynamic-config-dir=%s", dynamicConfigDir)
 	}
-	kubeletConfig, err := kubeletConfigController.Bootstrap()
+	// get the latest KubeletConfiguration checkpoint from disk, or return the default config if no valid checkpoints exist
+	c := dynamickubeletconfig.NewController(defaultConfig, dir)
+	kc, err := c.Bootstrap()
 	if err != nil {
 		return nil, nil, fmt.Errorf("failed to determine a valid configuration, error: %v", err)
 	}
-	return kubeletConfig, kubeletConfigController, nil
+	return kc, c, nil
 }
 
 // RunDockershim only starts the dockershim in current process. This is only used for cri validate testing purpose
@@ -949,10 +1136,6 @@ func RunDockershim(f *options.KubeletFlags, c *kubeletconfiginternal.KubeletConf
 	if err != nil {
 		return err
 	}
-	if err := ds.Start(); err != nil {
-		return err
-	}
-
 	glog.V(2).Infof("Starting the GRPC server for the docker CRI shim.")
 	server := dockerremote.NewDockerServer(f.RemoteRuntimeEndpoint, ds)
 	if err := server.Start(); err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/api/endpoints/BUILD b/vendor/k8s.io/kubernetes/pkg/api/endpoints/BUILD
index 07e3aeef187a..8d87cb78aabd 100644
--- a/vendor/k8s.io/kubernetes/pkg/api/endpoints/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/api/endpoints/BUILD
@@ -20,8 +20,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["util_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/api/endpoints",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/github.com/davecgh/go-spew/spew:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/api/endpoints/util.go b/vendor/k8s.io/kubernetes/pkg/api/endpoints/util.go
index 49bdbc47a195..8fa72b56819b 100644
--- a/vendor/k8s.io/kubernetes/pkg/api/endpoints/util.go
+++ b/vendor/k8s.io/kubernetes/pkg/api/endpoints/util.go
@@ -89,8 +89,7 @@ type addressKey struct {
 // any existing ready state.
 func mapAddressByPort(addr *api.EndpointAddress, port api.EndpointPort, ready bool, allAddrs map[addressKey]*api.EndpointAddress, portToAddrReadyMap map[api.EndpointPort]addressSet) *api.EndpointAddress {
 	// use addressKey to distinguish between two endpoints that are identical addresses
-	// but may have come from different hosts, for attribution. For instance, Mesos
-	// assigns pods the node IP, but the pods are distinct.
+	// but may have come from different hosts, for attribution.
 	key := addressKey{ip: addr.IP}
 	if addr.TargetRef != nil {
 		key.uid = addr.TargetRef.UID
@@ -169,14 +168,6 @@ func LessEndpointAddress(a, b *api.EndpointAddress) bool {
 	return a.TargetRef.UID < b.TargetRef.UID
 }
 
-type addrPtrsByIpAndUID []*api.EndpointAddress
-
-func (sl addrPtrsByIpAndUID) Len() int      { return len(sl) }
-func (sl addrPtrsByIpAndUID) Swap(i, j int) { sl[i], sl[j] = sl[j], sl[i] }
-func (sl addrPtrsByIpAndUID) Less(i, j int) bool {
-	return LessEndpointAddress(sl[i], sl[j])
-}
-
 // SortSubsets sorts an array of EndpointSubset objects in place.  For ease of
 // use it returns the input slice.
 func SortSubsets(subsets []api.EndpointSubset) []api.EndpointSubset {
diff --git a/vendor/k8s.io/kubernetes/pkg/api/events/BUILD b/vendor/k8s.io/kubernetes/pkg/api/events/BUILD
index 96becd0b701e..ffce97f05439 100644
--- a/vendor/k8s.io/kubernetes/pkg/api/events/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/api/events/BUILD
@@ -16,8 +16,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["sorted_event_list_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/api/events",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/api/persistentvolume/BUILD b/vendor/k8s.io/kubernetes/pkg/api/persistentvolume/BUILD
index f65e81e9f27b..3b5428fbaed0 100644
--- a/vendor/k8s.io/kubernetes/pkg/api/persistentvolume/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/api/persistentvolume/BUILD
@@ -33,8 +33,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["util_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/api/persistentvolume",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/features:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/api/persistentvolume/util.go b/vendor/k8s.io/kubernetes/pkg/api/persistentvolume/util.go
index fe6dc9b2c6f7..d36f7c0cddb3 100644
--- a/vendor/k8s.io/kubernetes/pkg/api/persistentvolume/util.go
+++ b/vendor/k8s.io/kubernetes/pkg/api/persistentvolume/util.go
@@ -30,7 +30,7 @@ func getClaimRefNamespace(pv *api.PersistentVolume) string {
 }
 
 // Visitor is called with each object's namespace and name, and returns true if visiting should continue
-type Visitor func(namespace, name string) (shouldContinue bool)
+type Visitor func(namespace, name string, kubeletVisible bool) (shouldContinue bool)
 
 // VisitPVSecretNames invokes the visitor function with the name of every secret
 // referenced by the PV spec. If visitor returns false, visiting is short-circuited.
@@ -40,11 +40,11 @@ func VisitPVSecretNames(pv *api.PersistentVolume, visitor Visitor) bool {
 	switch {
 	case source.AzureFile != nil:
 		if source.AzureFile.SecretNamespace != nil && len(*source.AzureFile.SecretNamespace) > 0 {
-			if len(source.AzureFile.SecretName) > 0 && !visitor(*source.AzureFile.SecretNamespace, source.AzureFile.SecretName) {
+			if len(source.AzureFile.SecretName) > 0 && !visitor(*source.AzureFile.SecretNamespace, source.AzureFile.SecretName, true /* kubeletVisible */) {
 				return false
 			}
 		} else {
-			if len(source.AzureFile.SecretName) > 0 && !visitor(getClaimRefNamespace(pv), source.AzureFile.SecretName) {
+			if len(source.AzureFile.SecretName) > 0 && !visitor(getClaimRefNamespace(pv), source.AzureFile.SecretName, true /* kubeletVisible */) {
 				return false
 			}
 		}
@@ -57,13 +57,21 @@ func VisitPVSecretNames(pv *api.PersistentVolume, visitor Visitor) bool {
 				// use the secret namespace if namespace is set
 				ns = source.CephFS.SecretRef.Namespace
 			}
-			if !visitor(ns, source.CephFS.SecretRef.Name) {
+			if !visitor(ns, source.CephFS.SecretRef.Name, true /* kubeletVisible */) {
 				return false
 			}
 		}
 	case source.FlexVolume != nil:
-		if source.FlexVolume.SecretRef != nil && !visitor(getClaimRefNamespace(pv), source.FlexVolume.SecretRef.Name) {
-			return false
+		if source.FlexVolume.SecretRef != nil {
+			// previously persisted PV objects use claimRef namespace
+			ns := getClaimRefNamespace(pv)
+			if len(source.FlexVolume.SecretRef.Namespace) > 0 {
+				// use the secret namespace if namespace is set
+				ns = source.FlexVolume.SecretRef.Namespace
+			}
+			if !visitor(ns, source.FlexVolume.SecretRef.Name, true /* kubeletVisible */) {
+				return false
+			}
 		}
 	case source.RBD != nil:
 		if source.RBD.SecretRef != nil {
@@ -73,7 +81,7 @@ func VisitPVSecretNames(pv *api.PersistentVolume, visitor Visitor) bool {
 				// use the secret namespace if namespace is set
 				ns = source.RBD.SecretRef.Namespace
 			}
-			if !visitor(ns, source.RBD.SecretRef.Name) {
+			if !visitor(ns, source.RBD.SecretRef.Name, true /* kubeletVisible */) {
 				return false
 			}
 		}
@@ -83,7 +91,7 @@ func VisitPVSecretNames(pv *api.PersistentVolume, visitor Visitor) bool {
 			if source.ScaleIO.SecretRef != nil && len(source.ScaleIO.SecretRef.Namespace) > 0 {
 				ns = source.ScaleIO.SecretRef.Namespace
 			}
-			if !visitor(ns, source.ScaleIO.SecretRef.Name) {
+			if !visitor(ns, source.ScaleIO.SecretRef.Name, true /* kubeletVisible */) {
 				return false
 			}
 		}
@@ -95,14 +103,30 @@ func VisitPVSecretNames(pv *api.PersistentVolume, visitor Visitor) bool {
 				// use the secret namespace if namespace is set
 				ns = source.ISCSI.SecretRef.Namespace
 			}
-			if !visitor(ns, source.ISCSI.SecretRef.Name) {
+			if !visitor(ns, source.ISCSI.SecretRef.Name, true /* kubeletVisible */) {
 				return false
 			}
 		}
 	case source.StorageOS != nil:
-		if source.StorageOS.SecretRef != nil && !visitor(source.StorageOS.SecretRef.Namespace, source.StorageOS.SecretRef.Name) {
+		if source.StorageOS.SecretRef != nil && !visitor(source.StorageOS.SecretRef.Namespace, source.StorageOS.SecretRef.Name, true /* kubeletVisible */) {
 			return false
 		}
+	case source.CSI != nil:
+		if source.CSI.ControllerPublishSecretRef != nil {
+			if !visitor(source.CSI.ControllerPublishSecretRef.Namespace, source.CSI.ControllerPublishSecretRef.Name, false /* kubeletVisible */) {
+				return false
+			}
+		}
+		if source.CSI.NodePublishSecretRef != nil {
+			if !visitor(source.CSI.NodePublishSecretRef.Namespace, source.CSI.NodePublishSecretRef.Name, true /* kubeletVisible */) {
+				return false
+			}
+		}
+		if source.CSI.NodeStageSecretRef != nil {
+			if !visitor(source.CSI.NodeStageSecretRef.Namespace, source.CSI.NodeStageSecretRef.Name, true /* kubeletVisible */) {
+				return false
+			}
+		}
 	}
 	return true
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/api/persistentvolumeclaim/BUILD b/vendor/k8s.io/kubernetes/pkg/api/persistentvolumeclaim/BUILD
index 6c1cea847cd0..ee27d5344fdb 100644
--- a/vendor/k8s.io/kubernetes/pkg/api/persistentvolumeclaim/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/api/persistentvolumeclaim/BUILD
@@ -33,8 +33,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["util_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/api/persistentvolumeclaim",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/features:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/api/pod/BUILD b/vendor/k8s.io/kubernetes/pkg/api/pod/BUILD
index 7b189d02effd..249b7f91efec 100644
--- a/vendor/k8s.io/kubernetes/pkg/api/pod/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/api/pod/BUILD
@@ -34,8 +34,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["util_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/api/pod",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/features:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/api/pod/util.go b/vendor/k8s.io/kubernetes/pkg/api/pod/util.go
index 3cb7d69f399b..0d17feef33a1 100644
--- a/vendor/k8s.io/kubernetes/pkg/api/pod/util.go
+++ b/vendor/k8s.io/kubernetes/pkg/api/pod/util.go
@@ -172,7 +172,7 @@ func IsPodReady(pod *api.Pod) bool {
 	return IsPodReadyConditionTrue(pod.Status)
 }
 
-// IsPodReadyConditionTrue retruns true if a pod is ready; false otherwise.
+// IsPodReadyConditionTrue returns true if a pod is ready; false otherwise.
 func IsPodReadyConditionTrue(status api.PodStatus) bool {
 	condition := GetPodReadyCondition(status)
 	return condition != nil && condition.Status == api.ConditionTrue
@@ -244,6 +244,10 @@ func DropDisabledAlphaFields(podSpec *api.PodSpec) {
 		}
 	}
 
+	if !utilfeature.DefaultFeatureGate.Enabled(features.PodShareProcessNamespace) && podSpec.SecurityContext != nil {
+		podSpec.SecurityContext.ShareProcessNamespace = nil
+	}
+
 	for i := range podSpec.Containers {
 		DropDisabledVolumeMountsAlphaFields(podSpec.Containers[i].VolumeMounts)
 	}
@@ -252,6 +256,28 @@ func DropDisabledAlphaFields(podSpec *api.PodSpec) {
 	}
 
 	DropDisabledVolumeDevicesAlphaFields(podSpec)
+
+	DropDisabledRunAsGroupField(podSpec)
+}
+
+// DropDisabledRunAsGroupField removes disabled fields from PodSpec related
+// to RunAsGroup
+func DropDisabledRunAsGroupField(podSpec *api.PodSpec) {
+	if !utilfeature.DefaultFeatureGate.Enabled(features.RunAsGroup) {
+		if podSpec.SecurityContext != nil {
+			podSpec.SecurityContext.RunAsGroup = nil
+		}
+		for i := range podSpec.Containers {
+			if podSpec.Containers[i].SecurityContext != nil {
+				podSpec.Containers[i].SecurityContext.RunAsGroup = nil
+			}
+		}
+		for i := range podSpec.InitContainers {
+			if podSpec.InitContainers[i].SecurityContext != nil {
+				podSpec.InitContainers[i].SecurityContext.RunAsGroup = nil
+			}
+		}
+	}
 }
 
 // DropDisabledVolumeMountsAlphaFields removes disabled fields from []VolumeMount.
diff --git a/vendor/k8s.io/kubernetes/pkg/api/ref/BUILD b/vendor/k8s.io/kubernetes/pkg/api/ref/BUILD
index f4d23d86f80c..6e8dad528df1 100644
--- a/vendor/k8s.io/kubernetes/pkg/api/ref/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/api/ref/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["ref_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/api/ref",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/api/resource/BUILD b/vendor/k8s.io/kubernetes/pkg/api/resource/BUILD
index f31dbd9db260..9e18e57484d9 100644
--- a/vendor/k8s.io/kubernetes/pkg/api/resource/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/api/resource/BUILD
@@ -32,11 +32,9 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["helpers_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/api/resource",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/api/resource/helpers.go b/vendor/k8s.io/kubernetes/pkg/api/resource/helpers.go
index 78084393eb23..6947799e8779 100644
--- a/vendor/k8s.io/kubernetes/pkg/api/resource/helpers.go
+++ b/vendor/k8s.io/kubernetes/pkg/api/resource/helpers.go
@@ -27,7 +27,7 @@ import (
 
 // PodRequestsAndLimits returns a dictionary of all defined resources summed up for all
 // containers of the pod.
-func PodRequestsAndLimits(pod *api.Pod) (reqs map[api.ResourceName]resource.Quantity, limits map[api.ResourceName]resource.Quantity, err error) {
+func PodRequestsAndLimits(pod *api.Pod) (reqs map[api.ResourceName]resource.Quantity, limits map[api.ResourceName]resource.Quantity) {
 	reqs, limits = map[api.ResourceName]resource.Quantity{}, map[api.ResourceName]resource.Quantity{}
 	for _, container := range pod.Spec.Containers {
 		for name, quantity := range container.Resources.Requests {
diff --git a/vendor/k8s.io/kubernetes/pkg/api/service/BUILD b/vendor/k8s.io/kubernetes/pkg/api/service/BUILD
index 735bf8d5a472..e66d9bbc1751 100644
--- a/vendor/k8s.io/kubernetes/pkg/api/service/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/api/service/BUILD
@@ -19,8 +19,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["util_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/api/service",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/util/net/sets:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/api/v1/endpoints/BUILD b/vendor/k8s.io/kubernetes/pkg/api/v1/endpoints/BUILD
index f9597b402ea8..13d8f6953a0b 100644
--- a/vendor/k8s.io/kubernetes/pkg/api/v1/endpoints/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/api/v1/endpoints/BUILD
@@ -20,8 +20,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["util_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/api/v1/endpoints",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/davecgh/go-spew/spew:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/api/v1/endpoints/util.go b/vendor/k8s.io/kubernetes/pkg/api/v1/endpoints/util.go
index 89b8d9e16aea..833af440c324 100644
--- a/vendor/k8s.io/kubernetes/pkg/api/v1/endpoints/util.go
+++ b/vendor/k8s.io/kubernetes/pkg/api/v1/endpoints/util.go
@@ -169,14 +169,6 @@ func LessEndpointAddress(a, b *v1.EndpointAddress) bool {
 	return a.TargetRef.UID < b.TargetRef.UID
 }
 
-type addrPtrsByIpAndUID []*v1.EndpointAddress
-
-func (sl addrPtrsByIpAndUID) Len() int      { return len(sl) }
-func (sl addrPtrsByIpAndUID) Swap(i, j int) { sl[i], sl[j] = sl[j], sl[i] }
-func (sl addrPtrsByIpAndUID) Less(i, j int) bool {
-	return LessEndpointAddress(sl[i], sl[j])
-}
-
 // SortSubsets sorts an array of EndpointSubset objects in place.  For ease of
 // use it returns the input slice.
 func SortSubsets(subsets []v1.EndpointSubset) []v1.EndpointSubset {
diff --git a/vendor/k8s.io/kubernetes/pkg/api/v1/pod/BUILD b/vendor/k8s.io/kubernetes/pkg/api/v1/pod/BUILD
index 86a70f7b2c79..15e9597d3aa8 100644
--- a/vendor/k8s.io/kubernetes/pkg/api/v1/pod/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/api/v1/pod/BUILD
@@ -20,9 +20,9 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["util_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/api/v1/pod",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
+        "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/api/v1/pod/util.go b/vendor/k8s.io/kubernetes/pkg/api/v1/pod/util.go
index 67fc6e5ed0b4..aa79c7250dbc 100644
--- a/vendor/k8s.io/kubernetes/pkg/api/v1/pod/util.go
+++ b/vendor/k8s.io/kubernetes/pkg/api/v1/pod/util.go
@@ -238,7 +238,7 @@ func IsPodReady(pod *v1.Pod) bool {
 	return IsPodReadyConditionTrue(pod.Status)
 }
 
-// IsPodReady retruns true if a pod is ready; false otherwise.
+// IsPodReady returns true if a pod is ready; false otherwise.
 func IsPodReadyConditionTrue(status v1.PodStatus) bool {
 	condition := GetPodReadyCondition(status)
 	return condition != nil && condition.Status == v1.ConditionTrue
diff --git a/vendor/k8s.io/kubernetes/pkg/api/v1/resource/BUILD b/vendor/k8s.io/kubernetes/pkg/api/v1/resource/BUILD
index 21979e2b6cb9..f918e559934c 100644
--- a/vendor/k8s.io/kubernetes/pkg/api/v1/resource/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/api/v1/resource/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["helpers_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/api/v1/resource",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/api/v1/service/BUILD b/vendor/k8s.io/kubernetes/pkg/api/v1/service/BUILD
index 6c56835787ba..a9ef9ec5b4ba 100644
--- a/vendor/k8s.io/kubernetes/pkg/api/v1/service/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/api/v1/service/BUILD
@@ -19,8 +19,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["util_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/api/v1/service",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/util/net/sets:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/abac/v0/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/abac/v0/BUILD
index ca06165b8736..555202636466 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/abac/v0/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/abac/v0/BUILD
@@ -28,7 +28,6 @@ go_library(
 go_test(
     name = "go_default_xtest",
     srcs = ["conversion_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/abac/v0_test",
     deps = [
         ":go_default_library",
         "//pkg/apis/abac:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/abac/v0/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/abac/v0/zz_generated.deepcopy.go
index a4154af98259..3e6dcb6820e1 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/abac/v0/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/abac/v0/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v0
 
@@ -45,7 +45,6 @@ func (in *Policy) DeepCopy() *Policy {
 func (in *Policy) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/abac/v1beta1/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/abac/v1beta1/BUILD
index 6fa5b960a721..9b6d229ad94f 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/abac/v1beta1/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/abac/v1beta1/BUILD
@@ -30,7 +30,6 @@ go_library(
 go_test(
     name = "go_default_xtest",
     srcs = ["conversion_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/abac/v1beta1_test",
     deps = [
         ":go_default_library",
         "//pkg/apis/abac:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/abac/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/abac/v1beta1/zz_generated.conversion.go
index f1eaf8a678b6..d52ed7cfd6a7 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/abac/v1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/abac/v1beta1/zz_generated.conversion.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/abac/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/abac/v1beta1/zz_generated.deepcopy.go
index 3af42c83fcf0..e0557b64ee9f 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/abac/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/abac/v1beta1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1beta1
 
@@ -46,9 +46,8 @@ func (in *Policy) DeepCopy() *Policy {
 func (in *Policy) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/abac/v1beta1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/abac/v1beta1/zz_generated.defaults.go
index b61dda74c238..544e569dc2d7 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/abac/v1beta1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/abac/v1beta1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/abac/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/abac/zz_generated.deepcopy.go
index 791e9c2c6fdd..9379b9ca3b78 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/abac/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/abac/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package abac
 
@@ -46,9 +46,8 @@ func (in *Policy) DeepCopy() *Policy {
 func (in *Policy) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/admission/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/admission/v1beta1/zz_generated.conversion.go
index c0c245859cc1..d72004a30737 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/admission/v1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/admission/v1beta1/zz_generated.conversion.go
@@ -16,18 +16,19 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	unsafe "unsafe"
+
 	v1beta1 "k8s.io/api/admission/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	types "k8s.io/apimachinery/pkg/types"
 	admission "k8s.io/kubernetes/pkg/apis/admission"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/admission/v1beta1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/admission/v1beta1/zz_generated.defaults.go
index b61dda74c238..544e569dc2d7 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/admission/v1beta1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/admission/v1beta1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/admission/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/admission/zz_generated.deepcopy.go
index 84ce688d4b5c..1d13899c1a4a 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/admission/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/admission/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package admission
 
@@ -132,7 +132,6 @@ func (in *AdmissionReview) DeepCopy() *AdmissionReview {
 func (in *AdmissionReview) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/types.go b/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/types.go
index a4f229bb93bd..829688a0e544 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/types.go
@@ -106,11 +106,9 @@ type Rule struct {
 type FailurePolicyType string
 
 const (
-	// Ignore means the initializer is removed from the initializers list of an
-	// object if the initializer is timed out.
+	// Ignore means that an error calling the webhook is ignored.
 	Ignore FailurePolicyType = "Ignore"
-	// For 1.7, only "Ignore" is allowed. "Fail" will be allowed when the
-	// extensible admission feature is beta.
+	// Fail means that an error calling the webhook causes the admission to fail.
 	Fail FailurePolicyType = "Fail"
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/v1alpha1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/v1alpha1/zz_generated.conversion.go
index 95f8559570aa..ca7a24fb71de 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/v1alpha1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/v1alpha1/zz_generated.conversion.go
@@ -16,16 +16,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	unsafe "unsafe"
+
 	v1alpha1 "k8s.io/api/admissionregistration/v1alpha1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	admissionregistration "k8s.io/kubernetes/pkg/apis/admissionregistration"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/v1alpha1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/v1alpha1/zz_generated.defaults.go
index 5e24d22cacd1..2bd0078a37ef 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/v1alpha1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/v1alpha1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/v1beta1/zz_generated.conversion.go
index ad65e647291f..8bdeae37e2ac 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/v1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/v1beta1/zz_generated.conversion.go
@@ -16,17 +16,18 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	unsafe "unsafe"
+
 	v1beta1 "k8s.io/api/admissionregistration/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	admissionregistration "k8s.io/kubernetes/pkg/apis/admissionregistration"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/v1beta1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/v1beta1/zz_generated.defaults.go
index 16620a79f1aa..623028e1fea3 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/v1beta1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/v1beta1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/validation/BUILD
index fa9e0a0fe95a..c037276b41db 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/validation/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/admissionregistration/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/admissionregistration:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/zz_generated.deepcopy.go
index 83562365c201..c40fd6cd3337 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/admissionregistration/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package admissionregistration
 
@@ -77,9 +77,8 @@ func (in *InitializerConfiguration) DeepCopy() *InitializerConfiguration {
 func (in *InitializerConfiguration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -111,9 +110,8 @@ func (in *InitializerConfigurationList) DeepCopy() *InitializerConfigurationList
 func (in *InitializerConfigurationList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -145,9 +143,8 @@ func (in *MutatingWebhookConfiguration) DeepCopy() *MutatingWebhookConfiguration
 func (in *MutatingWebhookConfiguration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -179,9 +176,8 @@ func (in *MutatingWebhookConfigurationList) DeepCopy() *MutatingWebhookConfigura
 func (in *MutatingWebhookConfigurationList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -291,9 +287,8 @@ func (in *ValidatingWebhookConfiguration) DeepCopy() *ValidatingWebhookConfigura
 func (in *ValidatingWebhookConfiguration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -325,9 +320,8 @@ func (in *ValidatingWebhookConfigurationList) DeepCopy() *ValidatingWebhookConfi
 func (in *ValidatingWebhookConfigurationList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/apps/OWNERS b/vendor/k8s.io/kubernetes/pkg/apis/apps/OWNERS
index e06ff4c481e9..2f260571a709 100755
--- a/vendor/k8s.io/kubernetes/pkg/apis/apps/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/apis/apps/OWNERS
@@ -9,7 +9,6 @@ reviewers:
 - saad-ali
 - ncdc
 - tallclair
-- timothysc
 - dims
 - errordeveloper
 - mml
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/apps/install/install.go b/vendor/k8s.io/kubernetes/pkg/apis/apps/install/install.go
index 73117127693d..4f9dcfe9a183 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/apps/install/install.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/apps/install/install.go
@@ -38,7 +38,7 @@ func Install(groupFactoryRegistry announced.APIGroupFactoryRegistry, registry *r
 	if err := announced.NewGroupMetaFactory(
 		&announced.GroupMetaFactoryArgs{
 			GroupName:                  apps.GroupName,
-			VersionPreferenceOrder:     []string{v1beta1.SchemeGroupVersion.Version, v1beta2.SchemeGroupVersion.Version, v1.SchemeGroupVersion.Version},
+			VersionPreferenceOrder:     []string{v1.SchemeGroupVersion.Version, v1beta2.SchemeGroupVersion.Version, v1beta1.SchemeGroupVersion.Version},
 			AddInternalObjectsToScheme: apps.AddToScheme,
 		},
 		announced.VersionToSchemeFunc{
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/apps/v1/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/apps/v1/BUILD
index 3ffdef39f604..a2bf98c798ea 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/apps/v1/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/apps/v1/BUILD
@@ -33,7 +33,6 @@ go_test(
         "conversion_test.go",
         "defaults_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/apis/apps/v1_test",
     deps = [
         ":go_default_library",
         "//pkg/api/legacyscheme:go_default_library",
@@ -42,6 +41,7 @@ go_test(
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/install:go_default_library",
         "//pkg/apis/extensions:go_default_library",
+        "//pkg/util/pointer:go_default_library",
         "//vendor/k8s.io/api/apps/v1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/apps/v1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/apps/v1/zz_generated.conversion.go
index 4f1398c55f0f..2fc9fa23fd6a 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/apps/v1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/apps/v1/zz_generated.conversion.go
@@ -16,11 +16,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	unsafe "unsafe"
+
 	v1 "k8s.io/api/apps/v1"
 	core_v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -30,7 +32,6 @@ import (
 	core "k8s.io/kubernetes/pkg/apis/core"
 	apis_core_v1 "k8s.io/kubernetes/pkg/apis/core/v1"
 	extensions "k8s.io/kubernetes/pkg/apis/extensions"
-	unsafe "unsafe"
 )
 
 func init() {
@@ -889,7 +890,9 @@ func autoConvert_apps_StatefulSetSpec_To_v1_StatefulSetSpec(in *apps.StatefulSet
 }
 
 func autoConvert_v1_StatefulSetStatus_To_apps_StatefulSetStatus(in *v1.StatefulSetStatus, out *apps.StatefulSetStatus, s conversion.Scope) error {
-	// WARNING: in.ObservedGeneration requires manual conversion: inconvertible types (int64 vs *int64)
+	if err := meta_v1.Convert_int64_To_Pointer_int64(&in.ObservedGeneration, &out.ObservedGeneration, s); err != nil {
+		return err
+	}
 	out.Replicas = in.Replicas
 	out.ReadyReplicas = in.ReadyReplicas
 	out.CurrentReplicas = in.CurrentReplicas
@@ -902,7 +905,9 @@ func autoConvert_v1_StatefulSetStatus_To_apps_StatefulSetStatus(in *v1.StatefulS
 }
 
 func autoConvert_apps_StatefulSetStatus_To_v1_StatefulSetStatus(in *apps.StatefulSetStatus, out *v1.StatefulSetStatus, s conversion.Scope) error {
-	// WARNING: in.ObservedGeneration requires manual conversion: inconvertible types (*int64 vs int64)
+	if err := meta_v1.Convert_Pointer_int64_To_int64(&in.ObservedGeneration, &out.ObservedGeneration, s); err != nil {
+		return err
+	}
 	out.Replicas = in.Replicas
 	out.ReadyReplicas = in.ReadyReplicas
 	out.CurrentReplicas = in.CurrentReplicas
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/apps/v1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/apps/v1/zz_generated.defaults.go
index 8eb29e8d12ba..5029d8b49127 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/apps/v1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/apps/v1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta1/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta1/BUILD
index 920dcdc49a70..a4b8bea68507 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta1/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta1/BUILD
@@ -50,13 +50,13 @@ filegroup(
 go_test(
     name = "go_default_xtest",
     srcs = ["defaults_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/apps/v1beta1_test",
     deps = [
         ":go_default_library",
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/apps/install:go_default_library",
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/install:go_default_library",
+        "//pkg/util/pointer:go_default_library",
         "//vendor/k8s.io/api/apps/v1beta1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta1/zz_generated.conversion.go
index 95bdc87c29d2..e56a55bdd746 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta1/zz_generated.conversion.go
@@ -16,11 +16,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	unsafe "unsafe"
+
 	v1beta1 "k8s.io/api/apps/v1beta1"
 	v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -31,7 +33,6 @@ import (
 	core "k8s.io/kubernetes/pkg/apis/core"
 	core_v1 "k8s.io/kubernetes/pkg/apis/core/v1"
 	extensions "k8s.io/kubernetes/pkg/apis/extensions"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta1/zz_generated.defaults.go
index b28d0de74fcb..a61212ccd911 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta2/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta2/BUILD
index b27e6f362ce7..c6e75e52b770 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta2/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta2/BUILD
@@ -53,7 +53,6 @@ go_test(
         "conversion_test.go",
         "defaults_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/apis/apps/v1beta2_test",
     deps = [
         ":go_default_library",
         "//pkg/api/legacyscheme:go_default_library",
@@ -63,6 +62,7 @@ go_test(
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/install:go_default_library",
         "//pkg/apis/extensions:go_default_library",
+        "//pkg/util/pointer:go_default_library",
         "//vendor/k8s.io/api/apps/v1beta2:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta2/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta2/zz_generated.conversion.go
index b253aede9586..45c19d0d3a47 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta2/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta2/zz_generated.conversion.go
@@ -16,11 +16,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1beta2
 
 import (
+	unsafe "unsafe"
+
 	v1beta2 "k8s.io/api/apps/v1beta2"
 	v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -31,7 +33,6 @@ import (
 	core "k8s.io/kubernetes/pkg/apis/core"
 	core_v1 "k8s.io/kubernetes/pkg/apis/core/v1"
 	extensions "k8s.io/kubernetes/pkg/apis/extensions"
-	unsafe "unsafe"
 )
 
 func init() {
@@ -961,7 +962,9 @@ func autoConvert_apps_StatefulSetSpec_To_v1beta2_StatefulSetSpec(in *apps.Statef
 }
 
 func autoConvert_v1beta2_StatefulSetStatus_To_apps_StatefulSetStatus(in *v1beta2.StatefulSetStatus, out *apps.StatefulSetStatus, s conversion.Scope) error {
-	// WARNING: in.ObservedGeneration requires manual conversion: inconvertible types (int64 vs *int64)
+	if err := meta_v1.Convert_int64_To_Pointer_int64(&in.ObservedGeneration, &out.ObservedGeneration, s); err != nil {
+		return err
+	}
 	out.Replicas = in.Replicas
 	out.ReadyReplicas = in.ReadyReplicas
 	out.CurrentReplicas = in.CurrentReplicas
@@ -974,7 +977,9 @@ func autoConvert_v1beta2_StatefulSetStatus_To_apps_StatefulSetStatus(in *v1beta2
 }
 
 func autoConvert_apps_StatefulSetStatus_To_v1beta2_StatefulSetStatus(in *apps.StatefulSetStatus, out *v1beta2.StatefulSetStatus, s conversion.Scope) error {
-	// WARNING: in.ObservedGeneration requires manual conversion: inconvertible types (*int64 vs int64)
+	if err := meta_v1.Convert_Pointer_int64_To_int64(&in.ObservedGeneration, &out.ObservedGeneration, s); err != nil {
+		return err
+	}
 	out.Replicas = in.Replicas
 	out.ReadyReplicas = in.ReadyReplicas
 	out.CurrentReplicas = in.CurrentReplicas
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta2/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta2/zz_generated.defaults.go
index 5d79d92d8b1f..059718d334c6 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta2/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/apps/v1beta2/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1beta2
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/apps/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/apps/validation/BUILD
index 3d80e8e2bb46..b9af06637e94 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/apps/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/apps/validation/BUILD
@@ -24,8 +24,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/apps/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/apps:go_default_library",
         "//pkg/apis/core:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/apps/validation/validation.go b/vendor/k8s.io/kubernetes/pkg/apis/apps/validation/validation.go
index fc7c029ca7ac..77f6a6cd4fd4 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/apps/validation/validation.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/apps/validation/validation.go
@@ -94,7 +94,6 @@ func ValidateStatefulSetSpec(spec *apps.StatefulSetSpec, fldPath *field.Path) fi
 					int64(spec.UpdateStrategy.RollingUpdate.Partition),
 					fldPath.Child("updateStrategy").Child("rollingUpdate").Child("partition"))...)
 		}
-
 	default:
 		allErrs = append(allErrs,
 			field.Invalid(fldPath.Child("updateStrategy"), spec.UpdateStrategy,
@@ -124,7 +123,7 @@ func ValidateStatefulSetSpec(spec *apps.StatefulSetSpec, fldPath *field.Path) fi
 		allErrs = append(allErrs, field.NotSupported(fldPath.Child("template", "spec", "restartPolicy"), spec.Template.Spec.RestartPolicy, []string{string(api.RestartPolicyAlways)}))
 	}
 	if spec.Template.Spec.ActiveDeadlineSeconds != nil {
-		allErrs = append(allErrs, field.Invalid(fldPath.Child("spec", "activeDeadlineSeconds"), spec.Template.Spec.ActiveDeadlineSeconds, "must not be specified"))
+		allErrs = append(allErrs, field.Invalid(fldPath.Child("template", "spec", "activeDeadlineSeconds"), spec.Template.Spec.ActiveDeadlineSeconds, "must not be specified"))
 	}
 
 	return allErrs
@@ -196,6 +195,13 @@ func ValidateStatefulSetStatusUpdate(statefulSet, oldStatefulSet *apps.StatefulS
 	allErrs = append(allErrs, ValidateStatefulSetStatus(&statefulSet.Status, field.NewPath("status"))...)
 	allErrs = append(allErrs, apivalidation.ValidateObjectMetaUpdate(&statefulSet.ObjectMeta, &oldStatefulSet.ObjectMeta, field.NewPath("metadata"))...)
 	// TODO: Validate status.
+	if apivalidation.IsDecremented(statefulSet.Status.CollisionCount, oldStatefulSet.Status.CollisionCount) {
+		value := int32(0)
+		if statefulSet.Status.CollisionCount != nil {
+			value = *statefulSet.Status.CollisionCount
+		}
+		allErrs = append(allErrs, field.Invalid(field.NewPath("status").Child("collisionCount"), value, "cannot be decremented"))
+	}
 	return allErrs
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/apps/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/apps/zz_generated.deepcopy.go
index 74fab2edd20e..e711a930b4a5 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/apps/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/apps/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package apps
 
@@ -53,9 +53,8 @@ func (in *ControllerRevision) DeepCopy() *ControllerRevision {
 func (in *ControllerRevision) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -87,9 +86,8 @@ func (in *ControllerRevisionList) DeepCopy() *ControllerRevisionList {
 func (in *ControllerRevisionList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -132,9 +130,8 @@ func (in *StatefulSet) DeepCopy() *StatefulSet {
 func (in *StatefulSet) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -183,9 +180,8 @@ func (in *StatefulSetList) DeepCopy() *StatefulSetList {
 func (in *StatefulSetList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/authentication/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/authentication/BUILD
index 839995873a24..1d09c7766db4 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/authentication/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/authentication/BUILD
@@ -18,6 +18,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/authentication/OWNERS b/vendor/k8s.io/kubernetes/pkg/apis/authentication/OWNERS
index 95235234107c..2bdfd0ce5bc5 100755
--- a/vendor/k8s.io/kubernetes/pkg/apis/authentication/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/apis/authentication/OWNERS
@@ -4,7 +4,6 @@ reviewers:
 - wojtek-t
 - deads2k
 - sttts
-- timothysc
 - mbohlool
 - jianhuiz
 - enj
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/authentication/register.go b/vendor/k8s.io/kubernetes/pkg/apis/authentication/register.go
index b0ac3c28bfbc..1174d5cce505 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/authentication/register.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/authentication/register.go
@@ -45,6 +45,7 @@ var (
 func addKnownTypes(scheme *runtime.Scheme) error {
 	scheme.AddKnownTypes(SchemeGroupVersion,
 		&TokenReview{},
+		&TokenRequest{},
 	)
 	return nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/authentication/types.go b/vendor/k8s.io/kubernetes/pkg/apis/authentication/types.go
index 52cfe6bf8cae..deb33cfc1983 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/authentication/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/authentication/types.go
@@ -18,6 +18,7 @@ package authentication
 
 import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/types"
 )
 
 const (
@@ -88,3 +89,57 @@ type UserInfo struct {
 
 // ExtraValue masks the value so protobuf can generate
 type ExtraValue []string
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// TokenRequest requests a token for a given service account.
+type TokenRequest struct {
+	metav1.TypeMeta
+	// ObjectMeta fulfills the metav1.ObjectMetaAccessor interface so that the stock
+	// REST handler paths work
+	metav1.ObjectMeta
+
+	Spec   TokenRequestSpec
+	Status TokenRequestStatus
+}
+
+// TokenRequestSpec contains client provided parameters of a token request.
+type TokenRequestSpec struct {
+	// Audiences are the intendend audiences of the token. A recipient of a
+	// token must identitfy themself with an identifier in the list of
+	// audiences of the token, and otherwise should reject the token. A
+	// token issued for multiple audiences may be used to authenticate
+	// against any of the audiences listed but implies a high degree of
+	// trust between the target audiences.
+	Audiences []string
+
+	// ExpirationSeconds is the requested duration of validity of the request. The
+	// token issuer may return a token with a different validity duration so a
+	// client needs to check the 'expiration' field in a response.
+	ExpirationSeconds int64
+
+	// BoundObjectRef is a reference to an object that the token will be bound to.
+	// The token will only be valid for as long as the bound objet exists.
+	BoundObjectRef *BoundObjectReference
+}
+
+// TokenRequestStatus is the result of a token request.
+type TokenRequestStatus struct {
+	// Token is the opaque bearer token.
+	Token string
+	// ExpirationTimestamp is the time of expiration of the returned token.
+	ExpirationTimestamp metav1.Time
+}
+
+// BoundObjectReference is a reference to an object that a token is bound to.
+type BoundObjectReference struct {
+	// Kind of the referent. Valid kinds are 'Pod' and 'Secret'.
+	Kind string
+	// API version of the referent.
+	APIVersion string
+
+	// Name of the referent.
+	Name string
+	// UID of the referent.
+	UID types.UID
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1/BUILD
index 44ec34c7696b..aae0e09fb000 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1/BUILD
@@ -19,9 +19,11 @@ go_library(
     deps = [
         "//pkg/apis/authentication:go_default_library",
         "//vendor/k8s.io/api/authentication/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/conversion:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1/defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1/defaults.go
index 074e15baedb7..b9448624ee24 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1/defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1/defaults.go
@@ -17,9 +17,17 @@ limitations under the License.
 package v1
 
 import (
+	authenticationv1 "k8s.io/api/authentication/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 )
 
 func addDefaultingFuncs(scheme *runtime.Scheme) error {
 	return RegisterDefaults(scheme)
 }
+
+func SetDefaults_TokenRequestSpec(obj *authenticationv1.TokenRequestSpec) {
+	if obj.ExpirationSeconds == nil {
+		hour := int64(60 * 60)
+		obj.ExpirationSeconds = &hour
+	}
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1/zz_generated.conversion.go
index d98ef4a6fea8..cec47e2dfb2d 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1/zz_generated.conversion.go
@@ -16,16 +16,19 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	unsafe "unsafe"
+
 	v1 "k8s.io/api/authentication/v1"
+	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
+	types "k8s.io/apimachinery/pkg/types"
 	authentication "k8s.io/kubernetes/pkg/apis/authentication"
-	unsafe "unsafe"
 )
 
 func init() {
@@ -36,6 +39,14 @@ func init() {
 // Public to allow building arbitrary schemes.
 func RegisterConversions(scheme *runtime.Scheme) error {
 	return scheme.AddGeneratedConversionFuncs(
+		Convert_v1_BoundObjectReference_To_authentication_BoundObjectReference,
+		Convert_authentication_BoundObjectReference_To_v1_BoundObjectReference,
+		Convert_v1_TokenRequest_To_authentication_TokenRequest,
+		Convert_authentication_TokenRequest_To_v1_TokenRequest,
+		Convert_v1_TokenRequestSpec_To_authentication_TokenRequestSpec,
+		Convert_authentication_TokenRequestSpec_To_v1_TokenRequestSpec,
+		Convert_v1_TokenRequestStatus_To_authentication_TokenRequestStatus,
+		Convert_authentication_TokenRequestStatus_To_v1_TokenRequestStatus,
 		Convert_v1_TokenReview_To_authentication_TokenReview,
 		Convert_authentication_TokenReview_To_v1_TokenReview,
 		Convert_v1_TokenReviewSpec_To_authentication_TokenReviewSpec,
@@ -47,6 +58,114 @@ func RegisterConversions(scheme *runtime.Scheme) error {
 	)
 }
 
+func autoConvert_v1_BoundObjectReference_To_authentication_BoundObjectReference(in *v1.BoundObjectReference, out *authentication.BoundObjectReference, s conversion.Scope) error {
+	out.Kind = in.Kind
+	out.APIVersion = in.APIVersion
+	out.Name = in.Name
+	out.UID = types.UID(in.UID)
+	return nil
+}
+
+// Convert_v1_BoundObjectReference_To_authentication_BoundObjectReference is an autogenerated conversion function.
+func Convert_v1_BoundObjectReference_To_authentication_BoundObjectReference(in *v1.BoundObjectReference, out *authentication.BoundObjectReference, s conversion.Scope) error {
+	return autoConvert_v1_BoundObjectReference_To_authentication_BoundObjectReference(in, out, s)
+}
+
+func autoConvert_authentication_BoundObjectReference_To_v1_BoundObjectReference(in *authentication.BoundObjectReference, out *v1.BoundObjectReference, s conversion.Scope) error {
+	out.Kind = in.Kind
+	out.APIVersion = in.APIVersion
+	out.Name = in.Name
+	out.UID = types.UID(in.UID)
+	return nil
+}
+
+// Convert_authentication_BoundObjectReference_To_v1_BoundObjectReference is an autogenerated conversion function.
+func Convert_authentication_BoundObjectReference_To_v1_BoundObjectReference(in *authentication.BoundObjectReference, out *v1.BoundObjectReference, s conversion.Scope) error {
+	return autoConvert_authentication_BoundObjectReference_To_v1_BoundObjectReference(in, out, s)
+}
+
+func autoConvert_v1_TokenRequest_To_authentication_TokenRequest(in *v1.TokenRequest, out *authentication.TokenRequest, s conversion.Scope) error {
+	out.ObjectMeta = in.ObjectMeta
+	if err := Convert_v1_TokenRequestSpec_To_authentication_TokenRequestSpec(&in.Spec, &out.Spec, s); err != nil {
+		return err
+	}
+	if err := Convert_v1_TokenRequestStatus_To_authentication_TokenRequestStatus(&in.Status, &out.Status, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_v1_TokenRequest_To_authentication_TokenRequest is an autogenerated conversion function.
+func Convert_v1_TokenRequest_To_authentication_TokenRequest(in *v1.TokenRequest, out *authentication.TokenRequest, s conversion.Scope) error {
+	return autoConvert_v1_TokenRequest_To_authentication_TokenRequest(in, out, s)
+}
+
+func autoConvert_authentication_TokenRequest_To_v1_TokenRequest(in *authentication.TokenRequest, out *v1.TokenRequest, s conversion.Scope) error {
+	out.ObjectMeta = in.ObjectMeta
+	if err := Convert_authentication_TokenRequestSpec_To_v1_TokenRequestSpec(&in.Spec, &out.Spec, s); err != nil {
+		return err
+	}
+	if err := Convert_authentication_TokenRequestStatus_To_v1_TokenRequestStatus(&in.Status, &out.Status, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_authentication_TokenRequest_To_v1_TokenRequest is an autogenerated conversion function.
+func Convert_authentication_TokenRequest_To_v1_TokenRequest(in *authentication.TokenRequest, out *v1.TokenRequest, s conversion.Scope) error {
+	return autoConvert_authentication_TokenRequest_To_v1_TokenRequest(in, out, s)
+}
+
+func autoConvert_v1_TokenRequestSpec_To_authentication_TokenRequestSpec(in *v1.TokenRequestSpec, out *authentication.TokenRequestSpec, s conversion.Scope) error {
+	out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences))
+	if err := meta_v1.Convert_Pointer_int64_To_int64(&in.ExpirationSeconds, &out.ExpirationSeconds, s); err != nil {
+		return err
+	}
+	out.BoundObjectRef = (*authentication.BoundObjectReference)(unsafe.Pointer(in.BoundObjectRef))
+	return nil
+}
+
+// Convert_v1_TokenRequestSpec_To_authentication_TokenRequestSpec is an autogenerated conversion function.
+func Convert_v1_TokenRequestSpec_To_authentication_TokenRequestSpec(in *v1.TokenRequestSpec, out *authentication.TokenRequestSpec, s conversion.Scope) error {
+	return autoConvert_v1_TokenRequestSpec_To_authentication_TokenRequestSpec(in, out, s)
+}
+
+func autoConvert_authentication_TokenRequestSpec_To_v1_TokenRequestSpec(in *authentication.TokenRequestSpec, out *v1.TokenRequestSpec, s conversion.Scope) error {
+	out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences))
+	if err := meta_v1.Convert_int64_To_Pointer_int64(&in.ExpirationSeconds, &out.ExpirationSeconds, s); err != nil {
+		return err
+	}
+	out.BoundObjectRef = (*v1.BoundObjectReference)(unsafe.Pointer(in.BoundObjectRef))
+	return nil
+}
+
+// Convert_authentication_TokenRequestSpec_To_v1_TokenRequestSpec is an autogenerated conversion function.
+func Convert_authentication_TokenRequestSpec_To_v1_TokenRequestSpec(in *authentication.TokenRequestSpec, out *v1.TokenRequestSpec, s conversion.Scope) error {
+	return autoConvert_authentication_TokenRequestSpec_To_v1_TokenRequestSpec(in, out, s)
+}
+
+func autoConvert_v1_TokenRequestStatus_To_authentication_TokenRequestStatus(in *v1.TokenRequestStatus, out *authentication.TokenRequestStatus, s conversion.Scope) error {
+	out.Token = in.Token
+	out.ExpirationTimestamp = in.ExpirationTimestamp
+	return nil
+}
+
+// Convert_v1_TokenRequestStatus_To_authentication_TokenRequestStatus is an autogenerated conversion function.
+func Convert_v1_TokenRequestStatus_To_authentication_TokenRequestStatus(in *v1.TokenRequestStatus, out *authentication.TokenRequestStatus, s conversion.Scope) error {
+	return autoConvert_v1_TokenRequestStatus_To_authentication_TokenRequestStatus(in, out, s)
+}
+
+func autoConvert_authentication_TokenRequestStatus_To_v1_TokenRequestStatus(in *authentication.TokenRequestStatus, out *v1.TokenRequestStatus, s conversion.Scope) error {
+	out.Token = in.Token
+	out.ExpirationTimestamp = in.ExpirationTimestamp
+	return nil
+}
+
+// Convert_authentication_TokenRequestStatus_To_v1_TokenRequestStatus is an autogenerated conversion function.
+func Convert_authentication_TokenRequestStatus_To_v1_TokenRequestStatus(in *authentication.TokenRequestStatus, out *v1.TokenRequestStatus, s conversion.Scope) error {
+	return autoConvert_authentication_TokenRequestStatus_To_v1_TokenRequestStatus(in, out, s)
+}
+
 func autoConvert_v1_TokenReview_To_authentication_TokenReview(in *v1.TokenReview, out *authentication.TokenReview, s conversion.Scope) error {
 	out.ObjectMeta = in.ObjectMeta
 	if err := Convert_v1_TokenReviewSpec_To_authentication_TokenReviewSpec(&in.Spec, &out.Spec, s); err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1/zz_generated.defaults.go
index 88d7af085bec..ee4b71be38e1 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1/zz_generated.defaults.go
@@ -16,11 +16,12 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	v1 "k8s.io/api/authentication/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
 
@@ -28,5 +29,10 @@ import (
 // Public to allow building arbitrary schemes.
 // All generated defaulters are covering - they call all nested defaulters.
 func RegisterDefaults(scheme *runtime.Scheme) error {
+	scheme.AddTypeDefaultingFunc(&v1.TokenRequest{}, func(obj interface{}) { SetObjectDefaults_TokenRequest(obj.(*v1.TokenRequest)) })
 	return nil
 }
+
+func SetObjectDefaults_TokenRequest(in *v1.TokenRequest) {
+	SetDefaults_TokenRequestSpec(&in.Spec)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1beta1/zz_generated.conversion.go
index c04aba53cbf3..3031f717283f 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1beta1/zz_generated.conversion.go
@@ -16,16 +16,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	unsafe "unsafe"
+
 	v1beta1 "k8s.io/api/authentication/v1beta1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	authentication "k8s.io/kubernetes/pkg/apis/authentication"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1beta1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1beta1/zz_generated.defaults.go
index b61dda74c238..544e569dc2d7 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1beta1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/authentication/v1beta1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/authentication/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/authentication/zz_generated.deepcopy.go
index 8a7904b19cd0..90b6067f03c0 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/authentication/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/authentication/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package authentication
 
@@ -24,6 +24,117 @@ import (
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *BoundObjectReference) DeepCopyInto(out *BoundObjectReference) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BoundObjectReference.
+func (in *BoundObjectReference) DeepCopy() *BoundObjectReference {
+	if in == nil {
+		return nil
+	}
+	out := new(BoundObjectReference)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in ExtraValue) DeepCopyInto(out *ExtraValue) {
+	{
+		in := &in
+		*out = make(ExtraValue, len(*in))
+		copy(*out, *in)
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue.
+func (in ExtraValue) DeepCopy() ExtraValue {
+	if in == nil {
+		return nil
+	}
+	out := new(ExtraValue)
+	in.DeepCopyInto(out)
+	return *out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *TokenRequest) DeepCopyInto(out *TokenRequest) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	in.Status.DeepCopyInto(&out.Status)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenRequest.
+func (in *TokenRequest) DeepCopy() *TokenRequest {
+	if in == nil {
+		return nil
+	}
+	out := new(TokenRequest)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *TokenRequest) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *TokenRequestSpec) DeepCopyInto(out *TokenRequestSpec) {
+	*out = *in
+	if in.Audiences != nil {
+		in, out := &in.Audiences, &out.Audiences
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	if in.BoundObjectRef != nil {
+		in, out := &in.BoundObjectRef, &out.BoundObjectRef
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(BoundObjectReference)
+			**out = **in
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenRequestSpec.
+func (in *TokenRequestSpec) DeepCopy() *TokenRequestSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(TokenRequestSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *TokenRequestStatus) DeepCopyInto(out *TokenRequestStatus) {
+	*out = *in
+	in.ExpirationTimestamp.DeepCopyInto(&out.ExpirationTimestamp)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenRequestStatus.
+func (in *TokenRequestStatus) DeepCopy() *TokenRequestStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(TokenRequestStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *TokenReview) DeepCopyInto(out *TokenReview) {
 	*out = *in
@@ -48,9 +159,8 @@ func (in *TokenReview) DeepCopy() *TokenReview {
 func (in *TokenReview) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -98,8 +208,12 @@ func (in *UserInfo) DeepCopyInto(out *UserInfo) {
 		in, out := &in.Extra, &out.Extra
 		*out = make(map[string]ExtraValue, len(*in))
 		for key, val := range *in {
-			(*out)[key] = make(ExtraValue, len(val))
-			copy((*out)[key], val)
+			if val == nil {
+				(*out)[key] = nil
+			} else {
+				(*out)[key] = make([]string, len(val))
+				copy((*out)[key], val)
+			}
 		}
 	}
 	return
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/authorization/OWNERS b/vendor/k8s.io/kubernetes/pkg/apis/authorization/OWNERS
index a68d7eef5775..c1613fc2e026 100755
--- a/vendor/k8s.io/kubernetes/pkg/apis/authorization/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/apis/authorization/OWNERS
@@ -9,7 +9,6 @@ reviewers:
 - erictune
 - sttts
 - ncdc
-- timothysc
 - dims
 - mml
 - mbohlool
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/authorization/v1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/authorization/v1/zz_generated.conversion.go
index 415a50ec84da..c96b61ea3e15 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/authorization/v1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/authorization/v1/zz_generated.conversion.go
@@ -16,16 +16,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	unsafe "unsafe"
+
 	v1 "k8s.io/api/authorization/v1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	authorization "k8s.io/kubernetes/pkg/apis/authorization"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/authorization/v1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/authorization/v1/zz_generated.defaults.go
index 88d7af085bec..40d9ab00eae5 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/authorization/v1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/authorization/v1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/authorization/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/authorization/v1beta1/zz_generated.conversion.go
index a6b08d93db51..0e563f1ec055 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/authorization/v1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/authorization/v1beta1/zz_generated.conversion.go
@@ -16,16 +16,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	unsafe "unsafe"
+
 	v1beta1 "k8s.io/api/authorization/v1beta1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	authorization "k8s.io/kubernetes/pkg/apis/authorization"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/authorization/v1beta1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/authorization/v1beta1/zz_generated.defaults.go
index b61dda74c238..544e569dc2d7 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/authorization/v1beta1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/authorization/v1beta1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/authorization/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/authorization/validation/BUILD
index 58559f83da94..eb2ef8e0e46d 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/authorization/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/authorization/validation/BUILD
@@ -21,8 +21,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/authorization/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/authorization:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/authorization/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/authorization/zz_generated.deepcopy.go
index b35902ecec82..78453c878339 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/authorization/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/authorization/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package authorization
 
@@ -24,6 +24,26 @@ import (
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in ExtraValue) DeepCopyInto(out *ExtraValue) {
+	{
+		in := &in
+		*out = make(ExtraValue, len(*in))
+		copy(*out, *in)
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue.
+func (in ExtraValue) DeepCopy() ExtraValue {
+	if in == nil {
+		return nil
+	}
+	out := new(ExtraValue)
+	in.DeepCopyInto(out)
+	return *out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *LocalSubjectAccessReview) DeepCopyInto(out *LocalSubjectAccessReview) {
 	*out = *in
@@ -48,9 +68,8 @@ func (in *LocalSubjectAccessReview) DeepCopy() *LocalSubjectAccessReview {
 func (in *LocalSubjectAccessReview) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -171,9 +190,8 @@ func (in *SelfSubjectAccessReview) DeepCopy() *SelfSubjectAccessReview {
 func (in *SelfSubjectAccessReview) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -234,9 +252,8 @@ func (in *SelfSubjectRulesReview) DeepCopy() *SelfSubjectRulesReview {
 func (in *SelfSubjectRulesReview) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -279,9 +296,8 @@ func (in *SubjectAccessReview) DeepCopy() *SubjectAccessReview {
 func (in *SubjectAccessReview) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -314,8 +330,12 @@ func (in *SubjectAccessReviewSpec) DeepCopyInto(out *SubjectAccessReviewSpec) {
 		in, out := &in.Extra, &out.Extra
 		*out = make(map[string]ExtraValue, len(*in))
 		for key, val := range *in {
-			(*out)[key] = make(ExtraValue, len(val))
-			copy((*out)[key], val)
+			if val == nil {
+				(*out)[key] = nil
+			} else {
+				(*out)[key] = make([]string, len(val))
+				copy((*out)[key], val)
+			}
 		}
 	}
 	return
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/OWNERS b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/OWNERS
index 76dffecebdbd..4a495ec25320 100755
--- a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/OWNERS
@@ -8,7 +8,6 @@ reviewers:
 - erictune
 - sttts
 - ncdc
-- timothysc
 - piosz
 - dims
 - errordeveloper
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/types.go b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/types.go
index 0e9d669ad78d..5489742db90a 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/types.go
@@ -111,12 +111,19 @@ var (
 	// Kubernetes, and have special scaling options on top of those available
 	// to normal per-pod metrics (the "pods" source).
 	ResourceMetricSourceType MetricSourceType = "Resource"
+	// ExternalMetricSourceType is a global metric that is not associated
+	// with any Kubernetes object. It allows autoscaling based on information
+	// coming from components running outside of cluster
+	// (for example length of queue in cloud messaging service, or
+	// QPS from loadbalancer running outside of cluster).
+	ExternalMetricSourceType MetricSourceType = "External"
 )
 
 // MetricSpec specifies how to scale based on a single metric
 // (only `type` and one other matching field should be set at once).
 type MetricSpec struct {
-	// Type is the type of metric source.  It should match one of the fields below.
+	// Type is the type of metric source.  It should be one of "Object",
+	// "Pods" or "Resource", each mapping to a matching field in the object.
 	Type MetricSourceType
 
 	// Object refers to a metric describing a single kubernetes object
@@ -135,6 +142,13 @@ type MetricSpec struct {
 	// to normal per-pod metrics using the "pods" source.
 	// +optional
 	Resource *ResourceMetricSource
+	// External refers to a global metric that is not associated
+	// with any Kubernetes object. It allows autoscaling based on information
+	// coming from components running outside of cluster
+	// (for example length of queue in cloud messaging service, or
+	// QPS from loadbalancer running outside of cluster).
+	// +optional
+	External *ExternalMetricSource
 }
 
 // ObjectMetricSource indicates how to scale on a metric describing a
@@ -183,6 +197,26 @@ type ResourceMetricSource struct {
 	TargetAverageValue *resource.Quantity
 }
 
+// ExternalMetricSource indicates how to scale on a metric not associated with
+// any Kubernetes object (for example length of queue in cloud
+// messaging service, or QPS from loadbalancer running outside of cluster).
+type ExternalMetricSource struct {
+	// metricName is the name of the metric in question.
+	MetricName string
+	// MetricSelector is used to identify a specific time series
+	// within a given metric.
+	// +optional
+	MetricSelector *metav1.LabelSelector
+	// TargetValue is the target value of the metric (as a quantity).
+	// Mutually exclusive with TargetAverageValue.
+	// +optional
+	TargetValue *resource.Quantity
+	// TargetAverageValue is the target per-pod value of global metric (as a quantity).
+	// Mutually exclusive with TargetValue.
+	// +optional
+	TargetAverageValue *resource.Quantity
+}
+
 // HorizontalPodAutoscalerStatus describes the current status of a horizontal pod autoscaler.
 type HorizontalPodAutoscalerStatus struct {
 	// ObservedGeneration is the most recent generation observed by this autoscaler.
@@ -261,7 +295,8 @@ type HorizontalPodAutoscalerCondition struct {
 
 // MetricStatus describes the last-read state of a single metric.
 type MetricStatus struct {
-	// Type is the type of metric source.  It will match one of the fields below.
+	// Type is the type of metric source.  It will be one of "Object",
+	// "Pods" or "Resource", each corresponds to a matching field in the object.
 	Type MetricSourceType
 
 	// Object refers to a metric describing a single kubernetes object
@@ -280,6 +315,13 @@ type MetricStatus struct {
 	// to normal per-pod metrics using the "pods" source.
 	// +optional
 	Resource *ResourceMetricStatus
+	// External refers to a global metric that is not associated
+	// with any Kubernetes object. It allows autoscaling based on information
+	// coming from components running outside of cluster
+	// (for example length of queue in cloud messaging service, or
+	// QPS from loadbalancer running outside of cluster).
+	// +optional
+	External *ExternalMetricStatus
 }
 
 // ObjectMetricStatus indicates the current value of a metric describing a
@@ -326,6 +368,23 @@ type ResourceMetricStatus struct {
 	CurrentAverageValue resource.Quantity
 }
 
+// ExternalMetricStatus indicates the current value of a global metric
+// not associated with any Kubernetes object.
+type ExternalMetricStatus struct {
+	// MetricName is the name of a metric used for autoscaling in
+	// metric system.
+	MetricName string
+	// MetricSelector is used to identify a specific time series
+	// within a given metric.
+	// +optional
+	MetricSelector *metav1.LabelSelector
+	// CurrentValue is the current value of the metric (as a quantity)
+	CurrentValue resource.Quantity
+	// CurrentAverageValue is the current value of metric averaged over autoscaled pods.
+	// +optional
+	CurrentAverageValue *resource.Quantity
+}
+
 // +genclient
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v1/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v1/BUILD
index 4f2490f7ddae..fb475a0269ad 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v1/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v1/BUILD
@@ -33,12 +33,12 @@ go_library(
 go_test(
     name = "go_default_xtest",
     srcs = ["defaults_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/autoscaling/v1_test",
     deps = [
         ":go_default_library",
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/autoscaling/install:go_default_library",
         "//pkg/apis/core/install:go_default_library",
+        "//pkg/util/pointer:go_default_library",
         "//vendor/k8s.io/api/autoscaling/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
     ],
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v1/zz_generated.conversion.go
index 6a1c65489f4b..3b13fab2ed0e 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v1/zz_generated.conversion.go
@@ -16,11 +16,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	unsafe "unsafe"
+
 	v1 "k8s.io/api/autoscaling/v1"
 	core_v1 "k8s.io/api/core/v1"
 	resource "k8s.io/apimachinery/pkg/api/resource"
@@ -29,7 +31,6 @@ import (
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	autoscaling "k8s.io/kubernetes/pkg/apis/autoscaling"
 	core "k8s.io/kubernetes/pkg/apis/core"
-	unsafe "unsafe"
 )
 
 func init() {
@@ -42,6 +43,10 @@ func RegisterConversions(scheme *runtime.Scheme) error {
 	return scheme.AddGeneratedConversionFuncs(
 		Convert_v1_CrossVersionObjectReference_To_autoscaling_CrossVersionObjectReference,
 		Convert_autoscaling_CrossVersionObjectReference_To_v1_CrossVersionObjectReference,
+		Convert_v1_ExternalMetricSource_To_autoscaling_ExternalMetricSource,
+		Convert_autoscaling_ExternalMetricSource_To_v1_ExternalMetricSource,
+		Convert_v1_ExternalMetricStatus_To_autoscaling_ExternalMetricStatus,
+		Convert_autoscaling_ExternalMetricStatus_To_v1_ExternalMetricStatus,
 		Convert_v1_HorizontalPodAutoscaler_To_autoscaling_HorizontalPodAutoscaler,
 		Convert_autoscaling_HorizontalPodAutoscaler_To_v1_HorizontalPodAutoscaler,
 		Convert_v1_HorizontalPodAutoscalerCondition_To_autoscaling_HorizontalPodAutoscalerCondition,
@@ -101,6 +106,58 @@ func Convert_autoscaling_CrossVersionObjectReference_To_v1_CrossVersionObjectRef
 	return autoConvert_autoscaling_CrossVersionObjectReference_To_v1_CrossVersionObjectReference(in, out, s)
 }
 
+func autoConvert_v1_ExternalMetricSource_To_autoscaling_ExternalMetricSource(in *v1.ExternalMetricSource, out *autoscaling.ExternalMetricSource, s conversion.Scope) error {
+	out.MetricName = in.MetricName
+	out.MetricSelector = (*meta_v1.LabelSelector)(unsafe.Pointer(in.MetricSelector))
+	out.TargetValue = (*resource.Quantity)(unsafe.Pointer(in.TargetValue))
+	out.TargetAverageValue = (*resource.Quantity)(unsafe.Pointer(in.TargetAverageValue))
+	return nil
+}
+
+// Convert_v1_ExternalMetricSource_To_autoscaling_ExternalMetricSource is an autogenerated conversion function.
+func Convert_v1_ExternalMetricSource_To_autoscaling_ExternalMetricSource(in *v1.ExternalMetricSource, out *autoscaling.ExternalMetricSource, s conversion.Scope) error {
+	return autoConvert_v1_ExternalMetricSource_To_autoscaling_ExternalMetricSource(in, out, s)
+}
+
+func autoConvert_autoscaling_ExternalMetricSource_To_v1_ExternalMetricSource(in *autoscaling.ExternalMetricSource, out *v1.ExternalMetricSource, s conversion.Scope) error {
+	out.MetricName = in.MetricName
+	out.MetricSelector = (*meta_v1.LabelSelector)(unsafe.Pointer(in.MetricSelector))
+	out.TargetValue = (*resource.Quantity)(unsafe.Pointer(in.TargetValue))
+	out.TargetAverageValue = (*resource.Quantity)(unsafe.Pointer(in.TargetAverageValue))
+	return nil
+}
+
+// Convert_autoscaling_ExternalMetricSource_To_v1_ExternalMetricSource is an autogenerated conversion function.
+func Convert_autoscaling_ExternalMetricSource_To_v1_ExternalMetricSource(in *autoscaling.ExternalMetricSource, out *v1.ExternalMetricSource, s conversion.Scope) error {
+	return autoConvert_autoscaling_ExternalMetricSource_To_v1_ExternalMetricSource(in, out, s)
+}
+
+func autoConvert_v1_ExternalMetricStatus_To_autoscaling_ExternalMetricStatus(in *v1.ExternalMetricStatus, out *autoscaling.ExternalMetricStatus, s conversion.Scope) error {
+	out.MetricName = in.MetricName
+	out.MetricSelector = (*meta_v1.LabelSelector)(unsafe.Pointer(in.MetricSelector))
+	out.CurrentValue = in.CurrentValue
+	out.CurrentAverageValue = (*resource.Quantity)(unsafe.Pointer(in.CurrentAverageValue))
+	return nil
+}
+
+// Convert_v1_ExternalMetricStatus_To_autoscaling_ExternalMetricStatus is an autogenerated conversion function.
+func Convert_v1_ExternalMetricStatus_To_autoscaling_ExternalMetricStatus(in *v1.ExternalMetricStatus, out *autoscaling.ExternalMetricStatus, s conversion.Scope) error {
+	return autoConvert_v1_ExternalMetricStatus_To_autoscaling_ExternalMetricStatus(in, out, s)
+}
+
+func autoConvert_autoscaling_ExternalMetricStatus_To_v1_ExternalMetricStatus(in *autoscaling.ExternalMetricStatus, out *v1.ExternalMetricStatus, s conversion.Scope) error {
+	out.MetricName = in.MetricName
+	out.MetricSelector = (*meta_v1.LabelSelector)(unsafe.Pointer(in.MetricSelector))
+	out.CurrentValue = in.CurrentValue
+	out.CurrentAverageValue = (*resource.Quantity)(unsafe.Pointer(in.CurrentAverageValue))
+	return nil
+}
+
+// Convert_autoscaling_ExternalMetricStatus_To_v1_ExternalMetricStatus is an autogenerated conversion function.
+func Convert_autoscaling_ExternalMetricStatus_To_v1_ExternalMetricStatus(in *autoscaling.ExternalMetricStatus, out *v1.ExternalMetricStatus, s conversion.Scope) error {
+	return autoConvert_autoscaling_ExternalMetricStatus_To_v1_ExternalMetricStatus(in, out, s)
+}
+
 func autoConvert_v1_HorizontalPodAutoscaler_To_autoscaling_HorizontalPodAutoscaler(in *v1.HorizontalPodAutoscaler, out *autoscaling.HorizontalPodAutoscaler, s conversion.Scope) error {
 	out.ObjectMeta = in.ObjectMeta
 	if err := Convert_v1_HorizontalPodAutoscalerSpec_To_autoscaling_HorizontalPodAutoscalerSpec(&in.Spec, &out.Spec, s); err != nil {
@@ -237,6 +294,7 @@ func autoConvert_v1_MetricSpec_To_autoscaling_MetricSpec(in *v1.MetricSpec, out
 	out.Object = (*autoscaling.ObjectMetricSource)(unsafe.Pointer(in.Object))
 	out.Pods = (*autoscaling.PodsMetricSource)(unsafe.Pointer(in.Pods))
 	out.Resource = (*autoscaling.ResourceMetricSource)(unsafe.Pointer(in.Resource))
+	out.External = (*autoscaling.ExternalMetricSource)(unsafe.Pointer(in.External))
 	return nil
 }
 
@@ -250,6 +308,7 @@ func autoConvert_autoscaling_MetricSpec_To_v1_MetricSpec(in *autoscaling.MetricS
 	out.Object = (*v1.ObjectMetricSource)(unsafe.Pointer(in.Object))
 	out.Pods = (*v1.PodsMetricSource)(unsafe.Pointer(in.Pods))
 	out.Resource = (*v1.ResourceMetricSource)(unsafe.Pointer(in.Resource))
+	out.External = (*v1.ExternalMetricSource)(unsafe.Pointer(in.External))
 	return nil
 }
 
@@ -263,6 +322,7 @@ func autoConvert_v1_MetricStatus_To_autoscaling_MetricStatus(in *v1.MetricStatus
 	out.Object = (*autoscaling.ObjectMetricStatus)(unsafe.Pointer(in.Object))
 	out.Pods = (*autoscaling.PodsMetricStatus)(unsafe.Pointer(in.Pods))
 	out.Resource = (*autoscaling.ResourceMetricStatus)(unsafe.Pointer(in.Resource))
+	out.External = (*autoscaling.ExternalMetricStatus)(unsafe.Pointer(in.External))
 	return nil
 }
 
@@ -276,6 +336,7 @@ func autoConvert_autoscaling_MetricStatus_To_v1_MetricStatus(in *autoscaling.Met
 	out.Object = (*v1.ObjectMetricStatus)(unsafe.Pointer(in.Object))
 	out.Pods = (*v1.PodsMetricStatus)(unsafe.Pointer(in.Pods))
 	out.Resource = (*v1.ResourceMetricStatus)(unsafe.Pointer(in.Resource))
+	out.External = (*v1.ExternalMetricStatus)(unsafe.Pointer(in.External))
 	return nil
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v1/zz_generated.defaults.go
index 0cfceabce221..860e1ebe2a7e 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v2beta1/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v2beta1/BUILD
index 720df24df8a1..740638b00822 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v2beta1/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v2beta1/BUILD
@@ -45,13 +45,13 @@ filegroup(
 go_test(
     name = "go_default_xtest",
     srcs = ["defaults_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/autoscaling/v2beta1_test",
     deps = [
         ":go_default_library",
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/autoscaling:go_default_library",
         "//pkg/apis/autoscaling/install:go_default_library",
         "//pkg/apis/core/install:go_default_library",
+        "//pkg/util/pointer:go_default_library",
         "//vendor/k8s.io/api/autoscaling/v2beta1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v2beta1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v2beta1/zz_generated.conversion.go
index 04e256fda7b3..d9c8791b3968 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v2beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v2beta1/zz_generated.conversion.go
@@ -16,20 +16,21 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v2beta1
 
 import (
+	unsafe "unsafe"
+
 	v2beta1 "k8s.io/api/autoscaling/v2beta1"
-	v1 "k8s.io/api/core/v1"
+	core_v1 "k8s.io/api/core/v1"
 	resource "k8s.io/apimachinery/pkg/api/resource"
-	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	autoscaling "k8s.io/kubernetes/pkg/apis/autoscaling"
 	core "k8s.io/kubernetes/pkg/apis/core"
-	unsafe "unsafe"
 )
 
 func init() {
@@ -42,6 +43,10 @@ func RegisterConversions(scheme *runtime.Scheme) error {
 	return scheme.AddGeneratedConversionFuncs(
 		Convert_v2beta1_CrossVersionObjectReference_To_autoscaling_CrossVersionObjectReference,
 		Convert_autoscaling_CrossVersionObjectReference_To_v2beta1_CrossVersionObjectReference,
+		Convert_v2beta1_ExternalMetricSource_To_autoscaling_ExternalMetricSource,
+		Convert_autoscaling_ExternalMetricSource_To_v2beta1_ExternalMetricSource,
+		Convert_v2beta1_ExternalMetricStatus_To_autoscaling_ExternalMetricStatus,
+		Convert_autoscaling_ExternalMetricStatus_To_v2beta1_ExternalMetricStatus,
 		Convert_v2beta1_HorizontalPodAutoscaler_To_autoscaling_HorizontalPodAutoscaler,
 		Convert_autoscaling_HorizontalPodAutoscaler_To_v2beta1_HorizontalPodAutoscaler,
 		Convert_v2beta1_HorizontalPodAutoscalerCondition_To_autoscaling_HorizontalPodAutoscalerCondition,
@@ -95,6 +100,58 @@ func Convert_autoscaling_CrossVersionObjectReference_To_v2beta1_CrossVersionObje
 	return autoConvert_autoscaling_CrossVersionObjectReference_To_v2beta1_CrossVersionObjectReference(in, out, s)
 }
 
+func autoConvert_v2beta1_ExternalMetricSource_To_autoscaling_ExternalMetricSource(in *v2beta1.ExternalMetricSource, out *autoscaling.ExternalMetricSource, s conversion.Scope) error {
+	out.MetricName = in.MetricName
+	out.MetricSelector = (*v1.LabelSelector)(unsafe.Pointer(in.MetricSelector))
+	out.TargetValue = (*resource.Quantity)(unsafe.Pointer(in.TargetValue))
+	out.TargetAverageValue = (*resource.Quantity)(unsafe.Pointer(in.TargetAverageValue))
+	return nil
+}
+
+// Convert_v2beta1_ExternalMetricSource_To_autoscaling_ExternalMetricSource is an autogenerated conversion function.
+func Convert_v2beta1_ExternalMetricSource_To_autoscaling_ExternalMetricSource(in *v2beta1.ExternalMetricSource, out *autoscaling.ExternalMetricSource, s conversion.Scope) error {
+	return autoConvert_v2beta1_ExternalMetricSource_To_autoscaling_ExternalMetricSource(in, out, s)
+}
+
+func autoConvert_autoscaling_ExternalMetricSource_To_v2beta1_ExternalMetricSource(in *autoscaling.ExternalMetricSource, out *v2beta1.ExternalMetricSource, s conversion.Scope) error {
+	out.MetricName = in.MetricName
+	out.MetricSelector = (*v1.LabelSelector)(unsafe.Pointer(in.MetricSelector))
+	out.TargetValue = (*resource.Quantity)(unsafe.Pointer(in.TargetValue))
+	out.TargetAverageValue = (*resource.Quantity)(unsafe.Pointer(in.TargetAverageValue))
+	return nil
+}
+
+// Convert_autoscaling_ExternalMetricSource_To_v2beta1_ExternalMetricSource is an autogenerated conversion function.
+func Convert_autoscaling_ExternalMetricSource_To_v2beta1_ExternalMetricSource(in *autoscaling.ExternalMetricSource, out *v2beta1.ExternalMetricSource, s conversion.Scope) error {
+	return autoConvert_autoscaling_ExternalMetricSource_To_v2beta1_ExternalMetricSource(in, out, s)
+}
+
+func autoConvert_v2beta1_ExternalMetricStatus_To_autoscaling_ExternalMetricStatus(in *v2beta1.ExternalMetricStatus, out *autoscaling.ExternalMetricStatus, s conversion.Scope) error {
+	out.MetricName = in.MetricName
+	out.MetricSelector = (*v1.LabelSelector)(unsafe.Pointer(in.MetricSelector))
+	out.CurrentValue = in.CurrentValue
+	out.CurrentAverageValue = (*resource.Quantity)(unsafe.Pointer(in.CurrentAverageValue))
+	return nil
+}
+
+// Convert_v2beta1_ExternalMetricStatus_To_autoscaling_ExternalMetricStatus is an autogenerated conversion function.
+func Convert_v2beta1_ExternalMetricStatus_To_autoscaling_ExternalMetricStatus(in *v2beta1.ExternalMetricStatus, out *autoscaling.ExternalMetricStatus, s conversion.Scope) error {
+	return autoConvert_v2beta1_ExternalMetricStatus_To_autoscaling_ExternalMetricStatus(in, out, s)
+}
+
+func autoConvert_autoscaling_ExternalMetricStatus_To_v2beta1_ExternalMetricStatus(in *autoscaling.ExternalMetricStatus, out *v2beta1.ExternalMetricStatus, s conversion.Scope) error {
+	out.MetricName = in.MetricName
+	out.MetricSelector = (*v1.LabelSelector)(unsafe.Pointer(in.MetricSelector))
+	out.CurrentValue = in.CurrentValue
+	out.CurrentAverageValue = (*resource.Quantity)(unsafe.Pointer(in.CurrentAverageValue))
+	return nil
+}
+
+// Convert_autoscaling_ExternalMetricStatus_To_v2beta1_ExternalMetricStatus is an autogenerated conversion function.
+func Convert_autoscaling_ExternalMetricStatus_To_v2beta1_ExternalMetricStatus(in *autoscaling.ExternalMetricStatus, out *v2beta1.ExternalMetricStatus, s conversion.Scope) error {
+	return autoConvert_autoscaling_ExternalMetricStatus_To_v2beta1_ExternalMetricStatus(in, out, s)
+}
+
 func autoConvert_v2beta1_HorizontalPodAutoscaler_To_autoscaling_HorizontalPodAutoscaler(in *v2beta1.HorizontalPodAutoscaler, out *autoscaling.HorizontalPodAutoscaler, s conversion.Scope) error {
 	out.ObjectMeta = in.ObjectMeta
 	if err := Convert_v2beta1_HorizontalPodAutoscalerSpec_To_autoscaling_HorizontalPodAutoscalerSpec(&in.Spec, &out.Spec, s); err != nil {
@@ -143,7 +200,7 @@ func Convert_v2beta1_HorizontalPodAutoscalerCondition_To_autoscaling_HorizontalP
 
 func autoConvert_autoscaling_HorizontalPodAutoscalerCondition_To_v2beta1_HorizontalPodAutoscalerCondition(in *autoscaling.HorizontalPodAutoscalerCondition, out *v2beta1.HorizontalPodAutoscalerCondition, s conversion.Scope) error {
 	out.Type = v2beta1.HorizontalPodAutoscalerConditionType(in.Type)
-	out.Status = v1.ConditionStatus(in.Status)
+	out.Status = core_v1.ConditionStatus(in.Status)
 	out.LastTransitionTime = in.LastTransitionTime
 	out.Reason = in.Reason
 	out.Message = in.Message
@@ -209,7 +266,7 @@ func Convert_autoscaling_HorizontalPodAutoscalerSpec_To_v2beta1_HorizontalPodAut
 
 func autoConvert_v2beta1_HorizontalPodAutoscalerStatus_To_autoscaling_HorizontalPodAutoscalerStatus(in *v2beta1.HorizontalPodAutoscalerStatus, out *autoscaling.HorizontalPodAutoscalerStatus, s conversion.Scope) error {
 	out.ObservedGeneration = (*int64)(unsafe.Pointer(in.ObservedGeneration))
-	out.LastScaleTime = (*meta_v1.Time)(unsafe.Pointer(in.LastScaleTime))
+	out.LastScaleTime = (*v1.Time)(unsafe.Pointer(in.LastScaleTime))
 	out.CurrentReplicas = in.CurrentReplicas
 	out.DesiredReplicas = in.DesiredReplicas
 	out.CurrentMetrics = *(*[]autoscaling.MetricStatus)(unsafe.Pointer(&in.CurrentMetrics))
@@ -224,7 +281,7 @@ func Convert_v2beta1_HorizontalPodAutoscalerStatus_To_autoscaling_HorizontalPodA
 
 func autoConvert_autoscaling_HorizontalPodAutoscalerStatus_To_v2beta1_HorizontalPodAutoscalerStatus(in *autoscaling.HorizontalPodAutoscalerStatus, out *v2beta1.HorizontalPodAutoscalerStatus, s conversion.Scope) error {
 	out.ObservedGeneration = (*int64)(unsafe.Pointer(in.ObservedGeneration))
-	out.LastScaleTime = (*meta_v1.Time)(unsafe.Pointer(in.LastScaleTime))
+	out.LastScaleTime = (*v1.Time)(unsafe.Pointer(in.LastScaleTime))
 	out.CurrentReplicas = in.CurrentReplicas
 	out.DesiredReplicas = in.DesiredReplicas
 	out.CurrentMetrics = *(*[]v2beta1.MetricStatus)(unsafe.Pointer(&in.CurrentMetrics))
@@ -242,6 +299,7 @@ func autoConvert_v2beta1_MetricSpec_To_autoscaling_MetricSpec(in *v2beta1.Metric
 	out.Object = (*autoscaling.ObjectMetricSource)(unsafe.Pointer(in.Object))
 	out.Pods = (*autoscaling.PodsMetricSource)(unsafe.Pointer(in.Pods))
 	out.Resource = (*autoscaling.ResourceMetricSource)(unsafe.Pointer(in.Resource))
+	out.External = (*autoscaling.ExternalMetricSource)(unsafe.Pointer(in.External))
 	return nil
 }
 
@@ -255,6 +313,7 @@ func autoConvert_autoscaling_MetricSpec_To_v2beta1_MetricSpec(in *autoscaling.Me
 	out.Object = (*v2beta1.ObjectMetricSource)(unsafe.Pointer(in.Object))
 	out.Pods = (*v2beta1.PodsMetricSource)(unsafe.Pointer(in.Pods))
 	out.Resource = (*v2beta1.ResourceMetricSource)(unsafe.Pointer(in.Resource))
+	out.External = (*v2beta1.ExternalMetricSource)(unsafe.Pointer(in.External))
 	return nil
 }
 
@@ -268,6 +327,7 @@ func autoConvert_v2beta1_MetricStatus_To_autoscaling_MetricStatus(in *v2beta1.Me
 	out.Object = (*autoscaling.ObjectMetricStatus)(unsafe.Pointer(in.Object))
 	out.Pods = (*autoscaling.PodsMetricStatus)(unsafe.Pointer(in.Pods))
 	out.Resource = (*autoscaling.ResourceMetricStatus)(unsafe.Pointer(in.Resource))
+	out.External = (*autoscaling.ExternalMetricStatus)(unsafe.Pointer(in.External))
 	return nil
 }
 
@@ -281,6 +341,7 @@ func autoConvert_autoscaling_MetricStatus_To_v2beta1_MetricStatus(in *autoscalin
 	out.Object = (*v2beta1.ObjectMetricStatus)(unsafe.Pointer(in.Object))
 	out.Pods = (*v2beta1.PodsMetricStatus)(unsafe.Pointer(in.Pods))
 	out.Resource = (*v2beta1.ResourceMetricStatus)(unsafe.Pointer(in.Resource))
+	out.External = (*v2beta1.ExternalMetricStatus)(unsafe.Pointer(in.External))
 	return nil
 }
 
@@ -402,7 +463,7 @@ func Convert_v2beta1_ResourceMetricSource_To_autoscaling_ResourceMetricSource(in
 }
 
 func autoConvert_autoscaling_ResourceMetricSource_To_v2beta1_ResourceMetricSource(in *autoscaling.ResourceMetricSource, out *v2beta1.ResourceMetricSource, s conversion.Scope) error {
-	out.Name = v1.ResourceName(in.Name)
+	out.Name = core_v1.ResourceName(in.Name)
 	out.TargetAverageUtilization = (*int32)(unsafe.Pointer(in.TargetAverageUtilization))
 	out.TargetAverageValue = (*resource.Quantity)(unsafe.Pointer(in.TargetAverageValue))
 	return nil
@@ -426,7 +487,7 @@ func Convert_v2beta1_ResourceMetricStatus_To_autoscaling_ResourceMetricStatus(in
 }
 
 func autoConvert_autoscaling_ResourceMetricStatus_To_v2beta1_ResourceMetricStatus(in *autoscaling.ResourceMetricStatus, out *v2beta1.ResourceMetricStatus, s conversion.Scope) error {
-	out.Name = v1.ResourceName(in.Name)
+	out.Name = core_v1.ResourceName(in.Name)
 	out.CurrentAverageUtilization = (*int32)(unsafe.Pointer(in.CurrentAverageUtilization))
 	out.CurrentAverageValue = in.CurrentAverageValue
 	return nil
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v2beta1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v2beta1/zz_generated.defaults.go
index 42787931817c..dfe73d84af01 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v2beta1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/v2beta1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v2beta1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/validation/BUILD
index c6be1eff0259..308861fca804 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/validation/BUILD
@@ -22,11 +22,11 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/autoscaling/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/autoscaling:go_default_library",
         "//pkg/apis/core:go_default_library",
+        "//pkg/util/pointer:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
     ],
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/validation/validation.go b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/validation/validation.go
index 6338b2a744e0..66db577cd8e9 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/validation/validation.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/validation/validation.go
@@ -115,7 +115,7 @@ func validateMetrics(metrics []autoscaling.MetricSpec, fldPath *field.Path) fiel
 	return allErrs
 }
 
-var validMetricSourceTypes = sets.NewString(string(autoscaling.ObjectMetricSourceType), string(autoscaling.PodsMetricSourceType), string(autoscaling.ResourceMetricSourceType))
+var validMetricSourceTypes = sets.NewString(string(autoscaling.ObjectMetricSourceType), string(autoscaling.PodsMetricSourceType), string(autoscaling.ResourceMetricSourceType), string(autoscaling.ExternalMetricSourceType))
 var validMetricSourceTypesList = validMetricSourceTypes.List()
 
 func validateMetricSpec(spec autoscaling.MetricSpec, fldPath *field.Path) field.ErrorList {
@@ -137,6 +137,13 @@ func validateMetricSpec(spec autoscaling.MetricSpec, fldPath *field.Path) field.
 		}
 	}
 
+	if spec.External != nil {
+		typesPresent.Insert("external")
+		if typesPresent.Len() == 1 {
+			allErrs = append(allErrs, validateExternalSource(spec.External, fldPath.Child("external"))...)
+		}
+	}
+
 	if spec.Pods != nil {
 		typesPresent.Insert("pods")
 		if typesPresent.Len() == 1 {
@@ -183,6 +190,36 @@ func validateObjectSource(src *autoscaling.ObjectMetricSource, fldPath *field.Pa
 	return allErrs
 }
 
+func validateExternalSource(src *autoscaling.ExternalMetricSource, fldPath *field.Path) field.ErrorList {
+	allErrs := field.ErrorList{}
+
+	if len(src.MetricName) == 0 {
+		allErrs = append(allErrs, field.Required(fldPath.Child("metricName"), "must specify a metric name"))
+	} else {
+		for _, msg := range pathvalidation.IsValidPathSegmentName(src.MetricName) {
+			allErrs = append(allErrs, field.Invalid(fldPath.Child("metricName"), src.MetricName, msg))
+		}
+	}
+
+	if src.TargetValue == nil && src.TargetAverageValue == nil {
+		allErrs = append(allErrs, field.Required(fldPath.Child("targetValue"), "must set either a target value for metric or a per-pod target"))
+	}
+
+	if src.TargetValue != nil && src.TargetAverageValue != nil {
+		allErrs = append(allErrs, field.Forbidden(fldPath.Child("targetValue"), "may not set both a target value for metric and a per-pod target"))
+	}
+
+	if src.TargetAverageValue != nil && src.TargetAverageValue.Sign() != 1 {
+		allErrs = append(allErrs, field.Invalid(fldPath.Child("targetAverageValue"), src.TargetAverageValue, "must be positive"))
+	}
+
+	if src.TargetValue != nil && src.TargetValue.Sign() != 1 {
+		allErrs = append(allErrs, field.Invalid(fldPath.Child("targetValue"), src.TargetValue, "must be positive"))
+	}
+
+	return allErrs
+}
+
 func validatePodsSource(src *autoscaling.PodsMetricSource, fldPath *field.Path) field.ErrorList {
 	allErrs := field.ErrorList{}
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/zz_generated.deepcopy.go
index 520fa8a577dc..c019713840e7 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/autoscaling/zz_generated.deepcopy.go
@@ -16,12 +16,11 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package autoscaling
 
 import (
-	resource "k8s.io/apimachinery/pkg/api/resource"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
@@ -42,6 +41,84 @@ func (in *CrossVersionObjectReference) DeepCopy() *CrossVersionObjectReference {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExternalMetricSource) DeepCopyInto(out *ExternalMetricSource) {
+	*out = *in
+	if in.MetricSelector != nil {
+		in, out := &in.MetricSelector, &out.MetricSelector
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(v1.LabelSelector)
+			(*in).DeepCopyInto(*out)
+		}
+	}
+	if in.TargetValue != nil {
+		in, out := &in.TargetValue, &out.TargetValue
+		if *in == nil {
+			*out = nil
+		} else {
+			x := (*in).DeepCopy()
+			*out = &x
+		}
+	}
+	if in.TargetAverageValue != nil {
+		in, out := &in.TargetAverageValue, &out.TargetAverageValue
+		if *in == nil {
+			*out = nil
+		} else {
+			x := (*in).DeepCopy()
+			*out = &x
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalMetricSource.
+func (in *ExternalMetricSource) DeepCopy() *ExternalMetricSource {
+	if in == nil {
+		return nil
+	}
+	out := new(ExternalMetricSource)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExternalMetricStatus) DeepCopyInto(out *ExternalMetricStatus) {
+	*out = *in
+	if in.MetricSelector != nil {
+		in, out := &in.MetricSelector, &out.MetricSelector
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(v1.LabelSelector)
+			(*in).DeepCopyInto(*out)
+		}
+	}
+	out.CurrentValue = in.CurrentValue.DeepCopy()
+	if in.CurrentAverageValue != nil {
+		in, out := &in.CurrentAverageValue, &out.CurrentAverageValue
+		if *in == nil {
+			*out = nil
+		} else {
+			x := (*in).DeepCopy()
+			*out = &x
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalMetricStatus.
+func (in *ExternalMetricStatus) DeepCopy() *ExternalMetricStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(ExternalMetricStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *HorizontalPodAutoscaler) DeepCopyInto(out *HorizontalPodAutoscaler) {
 	*out = *in
@@ -66,9 +143,8 @@ func (in *HorizontalPodAutoscaler) DeepCopy() *HorizontalPodAutoscaler {
 func (in *HorizontalPodAutoscaler) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -117,9 +193,8 @@ func (in *HorizontalPodAutoscalerList) DeepCopy() *HorizontalPodAutoscalerList {
 func (in *HorizontalPodAutoscalerList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -172,8 +247,7 @@ func (in *HorizontalPodAutoscalerStatus) DeepCopyInto(out *HorizontalPodAutoscal
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(v1.Time)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	if in.CurrentMetrics != nil {
@@ -233,6 +307,15 @@ func (in *MetricSpec) DeepCopyInto(out *MetricSpec) {
 			(*in).DeepCopyInto(*out)
 		}
 	}
+	if in.External != nil {
+		in, out := &in.External, &out.External
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(ExternalMetricSource)
+			(*in).DeepCopyInto(*out)
+		}
+	}
 	return
 }
 
@@ -276,6 +359,15 @@ func (in *MetricStatus) DeepCopyInto(out *MetricStatus) {
 			(*in).DeepCopyInto(*out)
 		}
 	}
+	if in.External != nil {
+		in, out := &in.External, &out.External
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(ExternalMetricStatus)
+			(*in).DeepCopyInto(*out)
+		}
+	}
 	return
 }
 
@@ -376,8 +468,8 @@ func (in *ResourceMetricSource) DeepCopyInto(out *ResourceMetricSource) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(resource.Quantity)
-			**out = (*in).DeepCopy()
+			x := (*in).DeepCopy()
+			*out = &x
 		}
 	}
 	return
@@ -443,9 +535,8 @@ func (in *Scale) DeepCopy() *Scale {
 func (in *Scale) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/batch/OWNERS b/vendor/k8s.io/kubernetes/pkg/apis/batch/OWNERS
index 502f90771135..38935ff169a9 100755
--- a/vendor/k8s.io/kubernetes/pkg/apis/batch/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/apis/batch/OWNERS
@@ -9,7 +9,6 @@ reviewers:
 - sttts
 - saad-ali
 - ncdc
-- timothysc
 - soltysh
 - dims
 - errordeveloper
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/batch/v1/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/batch/v1/BUILD
index 2413a15ab257..b6feac5e2d89 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/batch/v1/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/batch/v1/BUILD
@@ -33,12 +33,12 @@ go_library(
 go_test(
     name = "go_default_xtest",
     srcs = ["defaults_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/batch/v1_test",
     deps = [
         ":go_default_library",
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/batch/install:go_default_library",
         "//pkg/apis/core/install:go_default_library",
+        "//pkg/util/pointer:go_default_library",
         "//vendor/k8s.io/api/batch/v1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/batch/v1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/batch/v1/zz_generated.conversion.go
index e9e6f9e20e48..816503828738 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/batch/v1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/batch/v1/zz_generated.conversion.go
@@ -16,11 +16,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	unsafe "unsafe"
+
 	v1 "k8s.io/api/batch/v1"
 	core_v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -29,7 +31,6 @@ import (
 	batch "k8s.io/kubernetes/pkg/apis/batch"
 	core "k8s.io/kubernetes/pkg/apis/core"
 	apis_core_v1 "k8s.io/kubernetes/pkg/apis/core/v1"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/batch/v1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/batch/v1/zz_generated.defaults.go
index 8140c28fa60c..9b02de39adad 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/batch/v1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/batch/v1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/batch/v1beta1/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/batch/v1beta1/BUILD
index 2985d4e9d07d..4c2a640eb18f 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/batch/v1beta1/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/batch/v1beta1/BUILD
@@ -34,12 +34,12 @@ go_library(
 go_test(
     name = "go_default_xtest",
     srcs = ["defaults_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/batch/v1beta1_test",
     deps = [
         ":go_default_library",
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/batch/install:go_default_library",
         "//pkg/apis/core/install:go_default_library",
+        "//pkg/util/pointer:go_default_library",
         "//vendor/k8s.io/api/batch/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
     ],
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/batch/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/batch/v1beta1/zz_generated.conversion.go
index 677dad829cfb..2d57654ac579 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/batch/v1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/batch/v1beta1/zz_generated.conversion.go
@@ -16,11 +16,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	unsafe "unsafe"
+
 	v1beta1 "k8s.io/api/batch/v1beta1"
 	core_v1 "k8s.io/api/core/v1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -29,7 +31,6 @@ import (
 	batch "k8s.io/kubernetes/pkg/apis/batch"
 	batch_v1 "k8s.io/kubernetes/pkg/apis/batch/v1"
 	core "k8s.io/kubernetes/pkg/apis/core"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/batch/v1beta1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/batch/v1beta1/zz_generated.defaults.go
index 938bb14eb472..1d05468cf4f6 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/batch/v1beta1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/batch/v1beta1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/batch/v2alpha1/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/batch/v2alpha1/BUILD
index 79103911e03b..4f7e9afb0fbf 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/batch/v2alpha1/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/batch/v2alpha1/BUILD
@@ -34,7 +34,6 @@ go_library(
 go_test(
     name = "go_default_xtest",
     srcs = ["defaults_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/batch/v2alpha1_test",
     deps = [
         ":go_default_library",
         "//pkg/api/legacyscheme:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/batch/v2alpha1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/batch/v2alpha1/zz_generated.conversion.go
index 119b705ccc0c..76a34b5882d6 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/batch/v2alpha1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/batch/v2alpha1/zz_generated.conversion.go
@@ -16,11 +16,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v2alpha1
 
 import (
+	unsafe "unsafe"
+
 	v2alpha1 "k8s.io/api/batch/v2alpha1"
 	core_v1 "k8s.io/api/core/v1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -29,7 +31,6 @@ import (
 	batch "k8s.io/kubernetes/pkg/apis/batch"
 	batch_v1 "k8s.io/kubernetes/pkg/apis/batch/v1"
 	core "k8s.io/kubernetes/pkg/apis/core"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/batch/v2alpha1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/batch/v2alpha1/zz_generated.defaults.go
index 427ba5cff0f6..eec4cfb9132f 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/batch/v2alpha1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/batch/v2alpha1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v2alpha1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/batch/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/batch/validation/BUILD
index 318426b359be..7a748b98bf7b 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/batch/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/batch/validation/BUILD
@@ -26,8 +26,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/batch/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/batch:go_default_library",
         "//pkg/apis/core:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/batch/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/batch/zz_generated.deepcopy.go
index 27a03db27247..7155d5c617f0 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/batch/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/batch/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package batch
 
@@ -50,9 +50,8 @@ func (in *CronJob) DeepCopy() *CronJob {
 func (in *CronJob) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -84,9 +83,8 @@ func (in *CronJobList) DeepCopy() *CronJobList {
 func (in *CronJobList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -155,8 +153,7 @@ func (in *CronJobStatus) DeepCopyInto(out *CronJobStatus) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(v1.Time)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	return
@@ -196,9 +193,8 @@ func (in *Job) DeepCopy() *Job {
 func (in *Job) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -248,9 +244,8 @@ func (in *JobList) DeepCopy() *JobList {
 func (in *JobList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -339,8 +334,7 @@ func (in *JobStatus) DeepCopyInto(out *JobStatus) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(v1.Time)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	if in.CompletionTime != nil {
@@ -348,8 +342,7 @@ func (in *JobStatus) DeepCopyInto(out *JobStatus) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(v1.Time)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	return
@@ -388,9 +381,8 @@ func (in *JobTemplate) DeepCopy() *JobTemplate {
 func (in *JobTemplate) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/certificates/OWNERS b/vendor/k8s.io/kubernetes/pkg/apis/certificates/OWNERS
index 6066d2c1218f..1d1ab36e7560 100755
--- a/vendor/k8s.io/kubernetes/pkg/apis/certificates/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/apis/certificates/OWNERS
@@ -6,7 +6,6 @@ reviewers:
 - caesarxuchao
 - liggitt
 - sttts
-- timothysc
 - dims
 - errordeveloper
 - mbohlool
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/certificates/types.go b/vendor/k8s.io/kubernetes/pkg/apis/certificates/types.go
index 1300380f29d3..77420687b0a8 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/certificates/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/certificates/types.go
@@ -122,7 +122,7 @@ type KeyUsage string
 const (
 	UsageSigning            KeyUsage = "signing"
 	UsageDigitalSignature   KeyUsage = "digital signature"
-	UsageContentCommittment KeyUsage = "content committment"
+	UsageContentCommittment KeyUsage = "content commitment"
 	UsageKeyEncipherment    KeyUsage = "key encipherment"
 	UsageKeyAgreement       KeyUsage = "key agreement"
 	UsageDataEncipherment   KeyUsage = "data encipherment"
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/certificates/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/certificates/v1beta1/zz_generated.conversion.go
index 8379477bf36e..47a3d1f46bc2 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/certificates/v1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/certificates/v1beta1/zz_generated.conversion.go
@@ -16,16 +16,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	unsafe "unsafe"
+
 	v1beta1 "k8s.io/api/certificates/v1beta1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	certificates "k8s.io/kubernetes/pkg/apis/certificates"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/certificates/v1beta1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/certificates/v1beta1/zz_generated.defaults.go
index edab232d23c0..6c987c871a5b 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/certificates/v1beta1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/certificates/v1beta1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/certificates/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/certificates/zz_generated.deepcopy.go
index 4b3e1d556da3..fda9d3aa5912 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/certificates/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/certificates/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package certificates
 
@@ -48,9 +48,8 @@ func (in *CertificateSigningRequest) DeepCopy() *CertificateSigningRequest {
 func (in *CertificateSigningRequest) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -99,9 +98,8 @@ func (in *CertificateSigningRequestList) DeepCopy() *CertificateSigningRequestLi
 func (in *CertificateSigningRequestList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -126,8 +124,12 @@ func (in *CertificateSigningRequestSpec) DeepCopyInto(out *CertificateSigningReq
 		in, out := &in.Extra, &out.Extra
 		*out = make(map[string]ExtraValue, len(*in))
 		for key, val := range *in {
-			(*out)[key] = make(ExtraValue, len(val))
-			copy((*out)[key], val)
+			if val == nil {
+				(*out)[key] = nil
+			} else {
+				(*out)[key] = make([]string, len(val))
+				copy((*out)[key], val)
+			}
 		}
 	}
 	return
@@ -170,3 +172,23 @@ func (in *CertificateSigningRequestStatus) DeepCopy() *CertificateSigningRequest
 	in.DeepCopyInto(out)
 	return out
 }
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in ExtraValue) DeepCopyInto(out *ExtraValue) {
+	{
+		in := &in
+		*out = make(ExtraValue, len(*in))
+		copy(*out, *in)
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue.
+func (in ExtraValue) DeepCopy() ExtraValue {
+	if in == nil {
+		return nil
+	}
+	out := new(ExtraValue)
+	in.DeepCopyInto(out)
+	return *out
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/BUILD
index 19d17029cb8e..8759839a5d06 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/BUILD
@@ -28,8 +28,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["helpers_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/componentconfig",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/github.com/spf13/pflag:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/OWNERS b/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/OWNERS
index 16e6aa37c33e..a1f5f1d9a403 100755
--- a/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/OWNERS
@@ -21,7 +21,6 @@ reviewers:
 - ncdc
 - yifan-gu
 - mwielgus
-- timothysc
 - feiskyer
 - dims
 - errordeveloper
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/helpers.go b/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/helpers.go
index a39ec138c81e..a8fb98c1fadb 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/helpers.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/helpers.go
@@ -20,6 +20,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"net"
+	"strconv"
 
 	"k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -61,6 +62,55 @@ func (v IPVar) Type() string {
 	return "ip"
 }
 
+// IPPortVar allows IP or IP:port formats.
+type IPPortVar struct {
+	Val *string
+}
+
+func (v IPPortVar) Set(s string) error {
+	if len(s) == 0 {
+		v.Val = nil
+		return nil
+	}
+
+	if v.Val == nil {
+		// it's okay to panic here since this is programmer error
+		panic("the string pointer passed into IPPortVar should not be nil")
+	}
+
+	// Both IP and IP:port are valid.
+	// Attempt to parse into IP first.
+	if net.ParseIP(s) != nil {
+		*v.Val = s
+		return nil
+	}
+
+	// Can not parse into IP, now assume IP:port.
+	host, port, err := net.SplitHostPort(s)
+	if err != nil {
+		return fmt.Errorf("%q is not in a valid format (ip or ip:port): %v", s, err)
+	}
+	if net.ParseIP(host) == nil {
+		return fmt.Errorf("%q is not a valid IP address", host)
+	}
+	if _, err := strconv.Atoi(port); err != nil {
+		return fmt.Errorf("%q is not a valid number", port)
+	}
+	*v.Val = s
+	return nil
+}
+
+func (v IPPortVar) String() string {
+	if v.Val == nil {
+		return ""
+	}
+	return *v.Val
+}
+
+func (v IPPortVar) Type() string {
+	return "ipport"
+}
+
 type PortRangeVar struct {
 	Val *string
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/types.go b/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/types.go
index 4a57eec48c20..89671f046a35 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/types.go
@@ -181,6 +181,9 @@ type KubeControllerManagerConfiguration struct {
 	CloudProvider string
 	// cloudConfigFile is the path to the cloud provider configuration file.
 	CloudConfigFile string
+	// externalCloudVolumePlugin specifies the plugin to use when cloudProvider is "external".
+	// It is currently used by the in repo cloud providers to handle node and volume control in the KCM.
+	ExternalCloudVolumePlugin string
 	// run with untagged cloud instances
 	AllowUntaggedCloud bool
 	// concurrentEndpointSyncs is the number of endpoint syncing operations
@@ -223,9 +226,6 @@ type KubeControllerManagerConfiguration struct {
 	ConcurrentSATokenSyncs int32
 	// lookupCacheSizeForRC is the size of lookup cache for replication controllers.
 	// Larger number = more responsive replica management, but more MEM load.
-	// serviceSyncPeriod is the period for syncing services with their external
-	// load balancers.
-	ServiceSyncPeriod metav1.Duration
 	// nodeSyncPeriod is the period for syncing nodes from cloudprovider. Longer
 	// periods will result in fewer calls to cloud provider, but may delay addition
 	// of new nodes to cluster.
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1/BUILD
index 9726d08a84a6..e89709d1eedf 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1/BUILD
@@ -46,7 +46,6 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["defaults_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//pkg/apis/componentconfig:go_default_library"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1/zz_generated.conversion.go
index 1b78cf1c2a39..b006f9ecc93f 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1/zz_generated.conversion.go
@@ -16,16 +16,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	unsafe "unsafe"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	componentconfig "k8s.io/kubernetes/pkg/apis/componentconfig"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1/zz_generated.deepcopy.go
index be2509123a4f..512979985187 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1alpha1
 
@@ -64,9 +64,8 @@ func (in *KubeSchedulerConfiguration) DeepCopy() *KubeSchedulerConfiguration {
 func (in *KubeSchedulerConfiguration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1/zz_generated.defaults.go
index 96685c35ba40..74da948de9a2 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/zz_generated.deepcopy.go
index 31fad659dfc9..1efd2d4af355 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/componentconfig/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package componentconfig
 
@@ -56,6 +56,31 @@ func (in *GroupResource) DeepCopy() *GroupResource {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *IPPortVar) DeepCopyInto(out *IPPortVar) {
+	*out = *in
+	if in.Val != nil {
+		in, out := &in.Val, &out.Val
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(string)
+			**out = **in
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPPortVar.
+func (in *IPPortVar) DeepCopy() *IPPortVar {
+	if in == nil {
+		return nil
+	}
+	out := new(IPPortVar)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *IPVar) DeepCopyInto(out *IPVar) {
 	*out = *in
@@ -90,7 +115,6 @@ func (in *KubeControllerManagerConfiguration) DeepCopyInto(out *KubeControllerMa
 		*out = make([]string, len(*in))
 		copy(*out, *in)
 	}
-	out.ServiceSyncPeriod = in.ServiceSyncPeriod
 	out.NodeSyncPeriod = in.NodeSyncPeriod
 	out.RouteReconciliationPeriod = in.RouteReconciliationPeriod
 	out.ResourceQuotaSyncPeriod = in.ResourceQuotaSyncPeriod
@@ -132,9 +156,8 @@ func (in *KubeControllerManagerConfiguration) DeepCopy() *KubeControllerManagerC
 func (in *KubeControllerManagerConfiguration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -161,9 +184,8 @@ func (in *KubeSchedulerConfiguration) DeepCopy() *KubeSchedulerConfiguration {
 func (in *KubeSchedulerConfiguration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/core/BUILD
index a4bdda2a8889..8d54d6726c51 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/BUILD
@@ -32,9 +32,11 @@ go_library(
 
 go_test(
     name = "go_default_test",
-    srcs = ["taint_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/core",
-    library = ":go_default_library",
+    srcs = [
+        "taint_test.go",
+        "toleration_test.go",
+    ],
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/OWNERS b/vendor/k8s.io/kubernetes/pkg/apis/core/OWNERS
index 0605b27b2aa2..17bebcb369cf 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/OWNERS
@@ -37,7 +37,6 @@ reviewers:
 - yifan-gu
 - eparis
 - mwielgus
-- timothysc
 - soltysh
 - piosz
 - jsafrane
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/helper/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/core/helper/BUILD
index 81b0a2fbffa2..72df5635cb45 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/helper/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/helper/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["helpers_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/core/helper",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
@@ -31,6 +30,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/selection:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/validation:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/helper/helpers.go b/vendor/k8s.io/kubernetes/pkg/apis/core/helper/helpers.go
index ca397c8eb7ff..96899f18419e 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/helper/helpers.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/helper/helpers.go
@@ -28,6 +28,7 @@ import (
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/selection"
 	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/apimachinery/pkg/util/validation"
 	"k8s.io/kubernetes/pkg/apis/core"
 )
 
@@ -146,10 +147,21 @@ func IsStandardContainerResourceName(str string) bool {
 	return standardContainerResources.Has(str) || IsHugePageResourceName(core.ResourceName(str))
 }
 
-// IsExtendedResourceName returns true if the resource name is not in the
-// default namespace.
+// IsExtendedResourceName returns true if:
+// 1. the resource name is not in the default namespace;
+// 2. resource name does not have "requests." prefix,
+// to avoid confusion with the convention in quota
+// 3. it satisfies the rules in IsQualifiedName() after converted into quota resource name
 func IsExtendedResourceName(name core.ResourceName) bool {
-	return !IsDefaultNamespaceResource(name)
+	if IsDefaultNamespaceResource(name) || strings.HasPrefix(string(name), core.DefaultResourceRequestsPrefix) {
+		return false
+	}
+	// Ensure it satisfies the rules in IsQualifiedName() after converted into quota resource name
+	nameForQuota := fmt.Sprintf("%s%s", core.DefaultResourceRequestsPrefix, string(name))
+	if errs := validation.IsQualifiedName(string(nameForQuota)); len(errs) != 0 {
+		return false
+	}
+	return true
 }
 
 // IsDefaultNamespaceResource returns true if the resource name is in the
@@ -254,46 +266,18 @@ func IsIntegerResourceName(str string) bool {
 	return integerResources.Has(str) || IsExtendedResourceName(core.ResourceName(str))
 }
 
-// Extended and HugePages resources
-func IsScalarResourceName(name core.ResourceName) bool {
-	return IsExtendedResourceName(name) || IsHugePageResourceName(name)
-}
-
 // this function aims to check if the service's ClusterIP is set or not
 // the objective is not to perform validation here
 func IsServiceIPSet(service *core.Service) bool {
 	return service.Spec.ClusterIP != core.ClusterIPNone && service.Spec.ClusterIP != ""
 }
 
-// this function aims to check if the service's cluster IP is requested or not
-func IsServiceIPRequested(service *core.Service) bool {
-	// ExternalName services are CNAME aliases to external ones. Ignore the IP.
-	if service.Spec.Type == core.ServiceTypeExternalName {
-		return false
-	}
-	return service.Spec.ClusterIP == ""
-}
-
 var standardFinalizers = sets.NewString(
 	string(core.FinalizerKubernetes),
 	metav1.FinalizerOrphanDependents,
 	metav1.FinalizerDeleteDependents,
 )
 
-// HasAnnotation returns a bool if passed in annotation exists
-func HasAnnotation(obj core.ObjectMeta, ann string) bool {
-	_, found := obj.Annotations[ann]
-	return found
-}
-
-// SetMetaDataAnnotation sets the annotation and value
-func SetMetaDataAnnotation(obj *core.ObjectMeta, ann string, value string) {
-	if obj.Annotations == nil {
-		obj.Annotations = make(map[string]string)
-	}
-	obj.Annotations[ann] = value
-}
-
 func IsStandardFinalizerName(str string) bool {
 	return standardFinalizers.Has(str)
 }
@@ -482,37 +466,6 @@ func AddOrUpdateTolerationInPod(pod *core.Pod, toleration *core.Toleration) bool
 	return true
 }
 
-// TolerationToleratesTaint checks if the toleration tolerates the taint.
-func TolerationToleratesTaint(toleration *core.Toleration, taint *core.Taint) bool {
-	if len(toleration.Effect) != 0 && toleration.Effect != taint.Effect {
-		return false
-	}
-
-	if toleration.Key != taint.Key {
-		return false
-	}
-	// TODO: Use proper defaulting when Toleration becomes a field of PodSpec
-	if (len(toleration.Operator) == 0 || toleration.Operator == core.TolerationOpEqual) && toleration.Value == taint.Value {
-		return true
-	}
-	if toleration.Operator == core.TolerationOpExists {
-		return true
-	}
-	return false
-}
-
-// TaintToleratedByTolerations checks if taint is tolerated by any of the tolerations.
-func TaintToleratedByTolerations(taint *core.Taint, tolerations []core.Toleration) bool {
-	tolerated := false
-	for i := range tolerations {
-		if TolerationToleratesTaint(&tolerations[i], taint) {
-			tolerated = true
-			break
-		}
-	}
-	return tolerated
-}
-
 // GetTaintsFromNodeAnnotations gets the json serialized taints data from Pod.Annotations
 // and converts it to the []Taint type in core.
 func GetTaintsFromNodeAnnotations(annotations map[string]string) ([]core.Taint, error) {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/helper/qos/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/core/helper/qos/BUILD
index a029fdb5b8f9..c2a1e9010b81 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/helper/qos/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/helper/qos/BUILD
@@ -11,7 +11,6 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/apis/core/helper/qos",
     deps = [
         "//pkg/apis/core:go_default_library",
-        "//pkg/apis/core/helper:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
     ],
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/helper/qos/qos.go b/vendor/k8s.io/kubernetes/pkg/apis/core/helper/qos/qos.go
index 18414322c820..fad6fb240745 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/helper/qos/qos.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/helper/qos/qos.go
@@ -22,12 +22,12 @@ import (
 	"k8s.io/apimachinery/pkg/api/resource"
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/kubernetes/pkg/apis/core"
-	"k8s.io/kubernetes/pkg/apis/core/helper"
 )
 
+var supportedQoSComputeResources = sets.NewString(string(core.ResourceCPU), string(core.ResourceMemory))
+
 func isSupportedQoSComputeResource(name core.ResourceName) bool {
-	supportedQoSComputeResources := sets.NewString(string(core.ResourceCPU), string(core.ResourceMemory))
-	return supportedQoSComputeResources.Has(string(name)) || helper.IsHugePageResourceName(name)
+	return supportedQoSComputeResources.Has(string(name))
 }
 
 // GetPodQOS returns the QoS class of a pod.
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/install/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/core/install/BUILD
index 9ed882df9943..49e8161534c8 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/install/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/install/BUILD
@@ -24,8 +24,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["install_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/core/install",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/pods/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/core/pods/BUILD
index b78e256e7c14..dea471375dc5 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/pods/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/pods/BUILD
@@ -11,8 +11,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["helpers_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/core/pods",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/types.go b/vendor/k8s.io/kubernetes/pkg/apis/core/types.go
index b6b570b06e4c..8b183deb7c41 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/types.go
@@ -354,7 +354,7 @@ type PersistentVolumeSource struct {
 	// FlexVolume represents a generic volume resource that is
 	// provisioned/attached using an exec based plugin.
 	// +optional
-	FlexVolume *FlexVolumeSource
+	FlexVolume *FlexPersistentVolumeSource
 	// Cinder represents a cinder volume attached and mounted on kubelets host machine
 	// +optional
 	Cinder *CinderVolumeSource
@@ -391,7 +391,7 @@ type PersistentVolumeSource struct {
 	// More info: https://releases.k8s.io/HEAD/examples/volumes/storageos/README.md
 	// +optional
 	StorageOS *StorageOSPersistentVolumeSource
-	// CSI (Container Storage Interface) represents storage that handled by an external CSI driver
+	// CSI (Container Storage Interface) represents storage that handled by an external CSI driver (Beta feature).
 	// +optional
 	CSI *CSIPersistentVolumeSource
 }
@@ -467,6 +467,16 @@ type PersistentVolumeSpec struct {
 	// This is an alpha feature and may change in the future.
 	// +optional
 	VolumeMode *PersistentVolumeMode
+	// NodeAffinity defines constraints that limit what nodes this volume can be accessed from.
+	// This field influences the scheduling of pods that use this volume.
+	// +optional
+	NodeAffinity *VolumeNodeAffinity
+}
+
+// VolumeNodeAffinity defines constraints that limit what nodes this volume can be accessed from.
+type VolumeNodeAffinity struct {
+	// Required specifies hard node constraints that must be met.
+	Required *NodeSelector
 }
 
 // PersistentVolumeReclaimPolicy describes a policy for end-of-life maintenance of persistent volumes
@@ -475,6 +485,7 @@ type PersistentVolumeReclaimPolicy string
 const (
 	// PersistentVolumeReclaimRecycle means the volume will be recycled back into the pool of unbound persistent volumes on release from its claim.
 	// The volume plugin must support Recycling.
+	// DEPRECATED: The PersistentVolumeReclaimRecycle called Recycle is being deprecated. See announcement here: https://groups.google.com/forum/#!topic/kubernetes-dev/uexugCza84I
 	PersistentVolumeReclaimRecycle PersistentVolumeReclaimPolicy = "Recycle"
 	// PersistentVolumeReclaimDelete means the volume will be deleted from Kubernetes on release from its claim.
 	// The volume plugin must support Deletion.
@@ -576,6 +587,8 @@ type PersistentVolumeClaimConditionType string
 const (
 	// An user trigger resize of pvc has been started
 	PersistentVolumeClaimResizing PersistentVolumeClaimConditionType = "Resizing"
+	// PersistentVolumeClaimFileSystemResizePending - controller resize is finished and a file system resize is pending on node
+	PersistentVolumeClaimFileSystemResizePending PersistentVolumeClaimConditionType = "FileSystemResizePending"
 )
 
 type PersistentVolumeClaimCondition struct {
@@ -867,6 +880,32 @@ type FCVolumeSource struct {
 	WWIDs []string
 }
 
+// FlexPersistentVolumeSource represents a generic persistent volume resource that is
+// provisioned/attached using an exec based plugin.
+type FlexPersistentVolumeSource struct {
+	// Driver is the name of the driver to use for this volume.
+	Driver string
+	// Filesystem type to mount.
+	// Must be a filesystem type supported by the host operating system.
+	// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
+	// +optional
+	FSType string
+	// Optional: SecretRef is reference to the secret object containing
+	// sensitive information to pass to the plugin scripts. This may be
+	// empty if no secret object is specified. If the secret object
+	// contains more than one secret, all secrets are passed to the plugin
+	// scripts.
+	// +optional
+	SecretRef *SecretReference
+	// Optional: Defaults to false (read/write). ReadOnly here will force
+	// the ReadOnly setting in VolumeMounts.
+	// +optional
+	ReadOnly bool
+	// Optional: Extra driver options if any.
+	// +optional
+	Options map[string]string
+}
+
 // FlexVolume represents a generic volume resource that is
 // provisioned/attached using an exec based plugin.
 type FlexVolumeSource struct {
@@ -1574,7 +1613,7 @@ type LocalVolumeSource struct {
 	Path string
 }
 
-// Represents storage that is managed by an external CSI volume driver
+// Represents storage that is managed by an external CSI volume driver (Beta feature)
 type CSIPersistentVolumeSource struct {
 	// Driver is the name of the driver to use for this volume.
 	// Required.
@@ -1589,6 +1628,40 @@ type CSIPersistentVolumeSource struct {
 	// Defaults to false (read/write).
 	// +optional
 	ReadOnly bool
+
+	// Filesystem type to mount.
+	// Must be a filesystem type supported by the host operating system.
+	// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+	// +optional
+	FSType string
+
+	// Attributes of the volume to publish.
+	// +optional
+	VolumeAttributes map[string]string
+
+	// ControllerPublishSecretRef is a reference to the secret object containing
+	// sensitive information to pass to the CSI driver to complete the CSI
+	// ControllerPublishVolume and ControllerUnpublishVolume calls.
+	// This field is optional, and  may be empty if no secret is required. If the
+	// secret object contains more than one secret, all secrets are passed.
+	// +optional
+	ControllerPublishSecretRef *SecretReference
+
+	// NodeStageSecretRef is a reference to the secret object containing sensitive
+	// information to pass to the CSI driver to complete the CSI NodeStageVolume
+	// and NodeStageVolume and NodeUnstageVolume calls.
+	// This field is optional, and  may be empty if no secret is required. If the
+	// secret object contains more than one secret, all secrets are passed.
+	// +optional
+	NodeStageSecretRef *SecretReference
+
+	// NodePublishSecretRef is a reference to the secret object containing
+	// sensitive information to pass to the CSI driver to complete the CSI
+	// NodePublishVolume and NodeUnpublishVolume calls.
+	// This field is optional, and  may be empty if no secret is required. If the
+	// secret object contains more than one secret, all secrets are passed.
+	// +optional
+	NodePublishSecretRef *SecretReference
 }
 
 // ContainerPort represents a network port in a single container
@@ -1629,8 +1702,7 @@ type VolumeMount struct {
 	// mountPropagation determines how mounts are propagated from the host
 	// to container and the other way around.
 	// When not set, MountPropagationHostToContainer is used.
-	// This field is alpha in 1.8 and can be reworked or removed in a future
-	// release.
+	// This field is beta in 1.10.
 	// +optional
 	MountPropagation *MountPropagationMode
 }
@@ -2338,13 +2410,13 @@ type PodAffinityTerm struct {
 	LabelSelector *metav1.LabelSelector
 	// namespaces specifies which namespaces the labelSelector applies to (matches against);
 	// null or empty list means "this pod's namespace"
+	// +optional
 	Namespaces []string
 	// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
 	// the labelSelector in the specified namespaces, where co-located is defined as running on a node
 	// whose value of the label with key topologyKey matches that of any node on which any of the
 	// selected pods is running.
 	// Empty topologyKey is not allowed.
-	// +optional
 	TopologyKey string
 }
 
@@ -2542,9 +2614,10 @@ type PodSpec struct {
 	// file if specified. This is only valid for non-hostNetwork pods.
 	// +optional
 	HostAliases []HostAlias
-	// If specified, indicates the pod's priority. "SYSTEM" is a special keyword
-	// which indicates the highest priority. Any other name must be defined by
-	// creating a PriorityClass object with that name.
+	// If specified, indicates the pod's priority. "system-node-critical" and
+	// "system-cluster-critical" are two special keywords which indicate the
+	// highest priorities with the former being the highest priority. Any other
+	// name must be defined by creating a PriorityClass object with that name.
 	// If not specified, the pod priority will be default or zero if there is no
 	// default.
 	// +optional
@@ -2598,6 +2671,15 @@ type PodSecurityContext struct {
 	// +k8s:conversion-gen=false
 	// +optional
 	HostIPC bool
+	// Share a single process namespace between all of the containers in a pod.
+	// When this is set containers will be able to view and signal processes from other containers
+	// in the same pod, and the first process in each container will not be assigned PID 1.
+	// HostPID and ShareProcessNamespace cannot both be set.
+	// Optional: Default to false.
+	// This field is alpha-level and is honored only by servers that enable the PodShareProcessNamespace feature.
+	// +k8s:conversion-gen=false
+	// +optional
+	ShareProcessNamespace *bool
 	// The SELinux context to be applied to all containers.
 	// If unspecified, the container runtime will allocate a random SELinux context for each
 	// container.  May also be set in SecurityContext.  If set in
@@ -2612,12 +2694,20 @@ type PodSecurityContext struct {
 	// for that container.
 	// +optional
 	RunAsUser *int64
+	// The GID to run the entrypoint of the container process.
+	// Uses runtime default if unset.
+	// May also be set in SecurityContext.  If set in both SecurityContext and
+	// PodSecurityContext, the value specified in SecurityContext takes precedence
+	// for that container.
+	// +optional
+	RunAsGroup *int64
 	// Indicates that the container must run as a non-root user.
 	// If true, the Kubelet will validate the image at runtime to ensure that it
 	// does not run as UID 0 (root) and fail to start the container if it does.
 	// If unset or false, no such validation will be performed.
 	// May also be set in SecurityContext.  If set in both SecurityContext and
-	// PodSecurityContext, the value specified in SecurityContext takes precedence.
+	// PodSecurityContext, the value specified in SecurityContext takes precedence
+	// for that container.
 	// +optional
 	RunAsNonRoot *bool
 	// A list of groups applied to the first process run in each container, in addition
@@ -2692,6 +2782,13 @@ type PodStatus struct {
 	// A brief CamelCase message indicating details about why the pod is in this state. e.g. 'Evicted'
 	// +optional
 	Reason string
+	// nominatedNodeName is set when this pod preempts other pods on the node, but it cannot be
+	// scheduled right away as preemption victims receive their graceful termination periods.
+	// This field does not guarantee that the pod will be scheduled on this node. Scheduler may decide
+	// to place the pod elsewhere if other nodes become available sooner. Scheduler may also decide to
+	// give the resources on this node to a higher priority pod that is created after preemption.
+	// +optional
+	NominatedNodeName string
 
 	// +optional
 	HostIP string
@@ -3490,8 +3587,8 @@ const (
 	NodeDiskPressure NodeConditionType = "DiskPressure"
 	// NodeNetworkUnavailable means that network for the node is not correctly configured.
 	NodeNetworkUnavailable NodeConditionType = "NetworkUnavailable"
-	// NodeConfigOK indicates whether the kubelet is correctly configured
-	NodeConfigOK NodeConditionType = "ConfigOK"
+	// NodeKubeletConfigOk indicates whether the kubelet is correctly configured
+	NodeKubeletConfigOk NodeConditionType = "KubeletConfigOk"
 )
 
 type NodeCondition struct {
@@ -4022,7 +4119,7 @@ type Event struct {
 type EventSeries struct {
 	// Number of occurrences in this series up to the last heartbeat time
 	Count int32
-	// Time of the last occurence observed
+	// Time of the last occurrence observed
 	LastObservedTime metav1.MicroTime
 	// State of this Series: Ongoing or Finished
 	State EventSeriesState
@@ -4159,6 +4256,8 @@ const (
 	// HugePages request, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
 	// As burst is not supported for HugePages, we would only quota its request, and ignore the limit.
 	ResourceRequestsHugePagesPrefix = "requests.hugepages-"
+	// Default resource requests prefix
+	DefaultResourceRequestsPrefix = "requests."
 )
 
 // A ResourceQuotaScope defines a filter that must match each object tracked by a quota
@@ -4357,8 +4456,21 @@ type ConfigMap struct {
 
 	// Data contains the configuration data.
 	// Each key must consist of alphanumeric characters, '-', '_' or '.'.
+	// Values with non-UTF-8 byte sequences must use the BinaryData field.
+	// The keys stored in Data must not overlap with the keys in
+	// the BinaryData field, this is enforced during validation process.
 	// +optional
 	Data map[string]string
+
+	// BinaryData contains the binary data.
+	// Each key must consist of alphanumeric characters, '-', '_' or '.'.
+	// BinaryData can contain byte sequences that are not in the UTF-8 range.
+	// The keys stored in BinaryData must not overlap with the ones in
+	// the Data field, this is enforced during validation process.
+	// Using this field will require 1.10+ apiserver and
+	// kubelet.
+	// +optional
+	BinaryData map[string][]byte
 }
 
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
@@ -4480,6 +4592,12 @@ type SecurityContext struct {
 	// PodSecurityContext, the value specified in SecurityContext takes precedence.
 	// +optional
 	RunAsUser *int64
+	// The GID to run the entrypoint of the container process.
+	// Uses runtime default if unset.
+	// May also be set in PodSecurityContext.  If set in both SecurityContext and
+	// PodSecurityContext, the value specified in SecurityContext takes precedence.
+	// +optional
+	RunAsGroup *int64
 	// Indicates that the container must run as a non-root user.
 	// If true, the Kubelet will validate the image at runtime to ensure that it
 	// does not run as UID 0 (root) and fail to start the container if it does.
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/BUILD
index 5796c6140760..8de59b3f6294 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/BUILD
@@ -37,7 +37,6 @@ go_test(
         "conversion_test.go",
         "defaults_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/apis/core/v1_test",
     deps = [
         ":go_default_library",
         "//pkg/api/legacyscheme:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/OWNERS b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/OWNERS
index c627c33f878e..ba0d083cedc3 100755
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/OWNERS
@@ -27,7 +27,6 @@ reviewers:
 - ncdc
 - tallclair
 - eparis
-- timothysc
 - piosz
 - jsafrane
 - dims
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/conversion.go
index 8f6e09b673ed..d5bce756c71c 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/conversion.go
@@ -163,7 +163,8 @@ func addConversionFuncs(scheme *runtime.Scheme) error {
 				"spec.restartPolicy",
 				"spec.schedulerName",
 				"status.phase",
-				"status.podIP":
+				"status.podIP",
+				"status.nominatedNodeName":
 				return label, value, nil
 			// This is for backwards compatibility with old v1 clients which send spec.host
 			case "spec.host":
@@ -349,6 +350,10 @@ func Convert_core_PodTemplateSpec_To_v1_PodTemplateSpec(in *core.PodTemplateSpec
 		return err
 	}
 
+	// drop init container annotations so they don't take effect on legacy kubelets.
+	// remove this once the oldest supported kubelet no longer honors the annotations over the field.
+	out.Annotations = dropInitContainerAnnotations(out.Annotations)
+
 	return nil
 }
 
@@ -357,6 +362,9 @@ func Convert_v1_PodTemplateSpec_To_core_PodTemplateSpec(in *v1.PodTemplateSpec,
 		return err
 	}
 
+	// drop init container annotations so they don't show up as differences when receiving requests from old clients
+	out.Annotations = dropInitContainerAnnotations(out.Annotations)
+
 	return nil
 }
 
@@ -376,6 +384,7 @@ func Convert_core_PodSpec_To_v1_PodSpec(in *core.PodSpec, out *v1.PodSpec, s con
 		out.HostPID = in.SecurityContext.HostPID
 		out.HostNetwork = in.SecurityContext.HostNetwork
 		out.HostIPC = in.SecurityContext.HostIPC
+		out.ShareProcessNamespace = in.SecurityContext.ShareProcessNamespace
 	}
 
 	return nil
@@ -400,6 +409,18 @@ func Convert_v1_PodSpec_To_core_PodSpec(in *v1.PodSpec, out *core.PodSpec, s con
 	out.SecurityContext.HostNetwork = in.HostNetwork
 	out.SecurityContext.HostPID = in.HostPID
 	out.SecurityContext.HostIPC = in.HostIPC
+	out.SecurityContext.ShareProcessNamespace = in.ShareProcessNamespace
+
+	return nil
+}
+
+func Convert_v1_Pod_To_core_Pod(in *v1.Pod, out *core.Pod, s conversion.Scope) error {
+	if err := autoConvert_v1_Pod_To_core_Pod(in, out, s); err != nil {
+		return err
+	}
+
+	// drop init container annotations so they don't show up as differences when receiving requests from old clients
+	out.Annotations = dropInitContainerAnnotations(out.Annotations)
 
 	return nil
 }
@@ -411,17 +432,7 @@ func Convert_core_Pod_To_v1_Pod(in *core.Pod, out *v1.Pod, s conversion.Scope) e
 
 	// drop init container annotations so they don't take effect on legacy kubelets.
 	// remove this once the oldest supported kubelet no longer honors the annotations over the field.
-	if len(out.Annotations) > 0 {
-		old := out.Annotations
-		out.Annotations = make(map[string]string, len(old))
-		for k, v := range old {
-			out.Annotations[k] = v
-		}
-		delete(out.Annotations, "pod.beta.kubernetes.io/init-containers")
-		delete(out.Annotations, "pod.alpha.kubernetes.io/init-containers")
-		delete(out.Annotations, "pod.beta.kubernetes.io/init-container-statuses")
-		delete(out.Annotations, "pod.alpha.kubernetes.io/init-container-statuses")
-	}
+	out.Annotations = dropInitContainerAnnotations(out.Annotations)
 
 	return nil
 }
@@ -443,6 +454,7 @@ func Convert_v1_Secret_To_core_Secret(in *v1.Secret, out *core.Secret, s convers
 
 	return nil
 }
+
 func Convert_core_SecurityContext_To_v1_SecurityContext(in *core.SecurityContext, out *v1.SecurityContext, s conversion.Scope) error {
 	if in.Capabilities != nil {
 		out.Capabilities = new(v1.Capabilities)
@@ -462,6 +474,7 @@ func Convert_core_SecurityContext_To_v1_SecurityContext(in *core.SecurityContext
 		out.SELinuxOptions = nil
 	}
 	out.RunAsUser = in.RunAsUser
+	out.RunAsGroup = in.RunAsGroup
 	out.RunAsNonRoot = in.RunAsNonRoot
 	out.ReadOnlyRootFilesystem = in.ReadOnlyRootFilesystem
 	out.AllowPrivilegeEscalation = in.AllowPrivilegeEscalation
@@ -479,6 +492,7 @@ func Convert_core_PodSecurityContext_To_v1_PodSecurityContext(in *core.PodSecuri
 		out.SELinuxOptions = nil
 	}
 	out.RunAsUser = in.RunAsUser
+	out.RunAsGroup = in.RunAsGroup
 	out.RunAsNonRoot = in.RunAsNonRoot
 	out.FSGroup = in.FSGroup
 	return nil
@@ -495,6 +509,7 @@ func Convert_v1_PodSecurityContext_To_core_PodSecurityContext(in *v1.PodSecurity
 		out.SELinuxOptions = nil
 	}
 	out.RunAsUser = in.RunAsUser
+	out.RunAsGroup = in.RunAsGroup
 	out.RunAsNonRoot = in.RunAsNonRoot
 	out.FSGroup = in.FSGroup
 	return nil
@@ -569,3 +584,40 @@ func AddFieldLabelConversionsForSecret(scheme *runtime.Scheme) error {
 			}
 		})
 }
+
+var initContainerAnnotations = map[string]bool{
+	"pod.beta.kubernetes.io/init-containers":          true,
+	"pod.alpha.kubernetes.io/init-containers":         true,
+	"pod.beta.kubernetes.io/init-container-statuses":  true,
+	"pod.alpha.kubernetes.io/init-container-statuses": true,
+}
+
+// dropInitContainerAnnotations returns a copy of the annotations with init container annotations removed,
+// or the original annotations if no init container annotations were present.
+//
+// this can be removed once no clients prior to 1.8 are supported, and no kubelets prior to 1.8 can be run
+// (we don't support kubelets older than 2 versions skewed from the apiserver, but we don't prevent them, either)
+func dropInitContainerAnnotations(oldAnnotations map[string]string) map[string]string {
+	if len(oldAnnotations) == 0 {
+		return oldAnnotations
+	}
+
+	found := false
+	for k := range initContainerAnnotations {
+		if _, ok := oldAnnotations[k]; ok {
+			found = true
+			break
+		}
+	}
+	if !found {
+		return oldAnnotations
+	}
+
+	newAnnotations := make(map[string]string, len(oldAnnotations))
+	for k, v := range oldAnnotations {
+		if !initContainerAnnotations[k] {
+			newAnnotations[k] = v
+		}
+	}
+	return newAnnotations
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/helper/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/helper/BUILD
index ea7e2ae974a2..6c74f416ac0d 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/helper/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/helper/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["helpers_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/core/v1/helper",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
@@ -31,6 +30,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/selection:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/validation:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/helper/helpers.go b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/helper/helpers.go
index 4b21aefcfced..bb6d9385f943 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/helper/helpers.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/helper/helpers.go
@@ -26,13 +26,25 @@ import (
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/selection"
 	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/apimachinery/pkg/util/validation"
 	"k8s.io/kubernetes/pkg/apis/core/helper"
 )
 
-// IsExtendedResourceName returns true if the resource name is not in the
-// default namespace.
+// IsExtendedResourceName returns true if:
+// 1. the resource name is not in the default namespace;
+// 2. resource name does not have "requests." prefix,
+// to avoid confusion with the convention in quota
+// 3. it satisfies the rules in IsQualifiedName() after converted into quota resource name
 func IsExtendedResourceName(name v1.ResourceName) bool {
-	return !IsDefaultNamespaceResource(name)
+	if IsDefaultNamespaceResource(name) || strings.HasPrefix(string(name), v1.DefaultResourceRequestsPrefix) {
+		return false
+	}
+	// Ensure it satisfies the rules in IsQualifiedName() after converted into quota resource name
+	nameForQuota := fmt.Sprintf("%s%s", v1.DefaultResourceRequestsPrefix, string(name))
+	if errs := validation.IsQualifiedName(string(nameForQuota)); len(errs) != 0 {
+		return false
+	}
+	return true
 }
 
 // IsDefaultNamespaceResource returns true if the resource name is in the
@@ -89,15 +101,6 @@ func IsServiceIPSet(service *v1.Service) bool {
 	return service.Spec.ClusterIP != v1.ClusterIPNone && service.Spec.ClusterIP != ""
 }
 
-// this function aims to check if the service's cluster IP is requested or not
-func IsServiceIPRequested(service *v1.Service) bool {
-	// ExternalName services are CNAME aliases to external ones. Ignore the IP.
-	if service.Spec.Type == v1.ServiceTypeExternalName {
-		return false
-	}
-	return service.Spec.ClusterIP == ""
-}
-
 // AddToNodeAddresses appends the NodeAddresses to the passed-by-pointer slice,
 // only if they do not already exist
 func AddToNodeAddresses(addresses *[]v1.NodeAddress, addAddresses ...v1.NodeAddress) {
@@ -416,20 +419,6 @@ func GetPersistentVolumeClaimClass(claim *v1.PersistentVolumeClaim) string {
 	return ""
 }
 
-// PersistentVolumeClaimHasClass returns true if given claim has set StorageClassName field.
-func PersistentVolumeClaimHasClass(claim *v1.PersistentVolumeClaim) bool {
-	// Use beta annotation first
-	if _, found := claim.Annotations[v1.BetaStorageClassAnnotation]; found {
-		return true
-	}
-
-	if claim.Spec.StorageClassName != nil {
-		return true
-	}
-
-	return false
-}
-
 // GetStorageNodeAffinityFromAnnotation gets the json serialized data from PersistentVolume.Annotations
 // and converts it to the NodeAffinity type in api.
 // TODO: update when storage node affinity graduates to beta
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/helper/qos/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/helper/qos/BUILD
index d29fcf09e936..f459253d1cb6 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/helper/qos/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/helper/qos/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["qos_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/core/v1/helper/qos",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/helper/qos:go_default_library",
@@ -26,7 +25,7 @@ go_library(
     srcs = ["qos.go"],
     importpath = "k8s.io/kubernetes/pkg/apis/core/v1/helper/qos",
     deps = [
-        "//pkg/apis/core/v1/helper:go_default_library",
+        "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/helper/qos/qos.go b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/helper/qos/qos.go
index 5e9dbdd7462a..426f054efa6e 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/helper/qos/qos.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/helper/qos/qos.go
@@ -20,15 +20,16 @@ import (
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/resource"
 	"k8s.io/apimachinery/pkg/util/sets"
-	v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
+	"k8s.io/kubernetes/pkg/apis/core"
 )
 
+var supportedQoSComputeResources = sets.NewString(string(core.ResourceCPU), string(core.ResourceMemory))
+
 // QOSList is a set of (resource name, QoS class) pairs.
 type QOSList map[v1.ResourceName]v1.PodQOSClass
 
 func isSupportedQoSComputeResource(name v1.ResourceName) bool {
-	supportedQoSComputeResources := sets.NewString(string(v1.ResourceCPU), string(v1.ResourceMemory))
-	return supportedQoSComputeResources.Has(string(name)) || v1helper.IsHugePageResourceName(name)
+	return supportedQoSComputeResources.Has(string(name))
 }
 
 // GetPodQOS returns the QoS class of a pod.
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/validation/BUILD
index c5b694af7bd9..2bc429732e3f 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/validation/BUILD
@@ -19,8 +19,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/core/v1/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/validation/validation.go b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/validation/validation.go
index 8e41b6c96327..cba05040c3f6 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/validation/validation.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/validation/validation.go
@@ -75,6 +75,10 @@ func validateContainerResourceName(value string, fldPath *field.Path) field.Erro
 		if !helper.IsStandardContainerResourceName(value) {
 			return append(allErrs, field.Invalid(fldPath, value, "must be a standard resource for containers"))
 		}
+	} else if !v1helper.IsDefaultNamespaceResource(v1.ResourceName(value)) {
+		if !v1helper.IsExtendedResourceName(v1.ResourceName(value)) {
+			return append(allErrs, field.Invalid(fldPath, value, "doesn't follow extended resource name standard"))
+		}
 	}
 	return allErrs
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/zz_generated.conversion.go
index cb878bf42633..cd8ae5299615 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/zz_generated.conversion.go
@@ -16,11 +16,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	unsafe "unsafe"
+
 	v1 "k8s.io/api/core/v1"
 	resource "k8s.io/apimachinery/pkg/api/resource"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -28,7 +30,6 @@ import (
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	types "k8s.io/apimachinery/pkg/types"
 	core "k8s.io/kubernetes/pkg/apis/core"
-	unsafe "unsafe"
 )
 
 func init() {
@@ -141,6 +142,8 @@ func RegisterConversions(scheme *runtime.Scheme) error {
 		Convert_core_ExecAction_To_v1_ExecAction,
 		Convert_v1_FCVolumeSource_To_core_FCVolumeSource,
 		Convert_core_FCVolumeSource_To_v1_FCVolumeSource,
+		Convert_v1_FlexPersistentVolumeSource_To_core_FlexPersistentVolumeSource,
+		Convert_core_FlexPersistentVolumeSource_To_v1_FlexPersistentVolumeSource,
 		Convert_v1_FlexVolumeSource_To_core_FlexVolumeSource,
 		Convert_core_FlexVolumeSource_To_v1_FlexVolumeSource,
 		Convert_v1_FlockerVolumeSource_To_core_FlockerVolumeSource,
@@ -403,6 +406,8 @@ func RegisterConversions(scheme *runtime.Scheme) error {
 		Convert_core_VolumeDevice_To_v1_VolumeDevice,
 		Convert_v1_VolumeMount_To_core_VolumeMount,
 		Convert_core_VolumeMount_To_v1_VolumeMount,
+		Convert_v1_VolumeNodeAffinity_To_core_VolumeNodeAffinity,
+		Convert_core_VolumeNodeAffinity_To_v1_VolumeNodeAffinity,
 		Convert_v1_VolumeProjection_To_core_VolumeProjection,
 		Convert_core_VolumeProjection_To_v1_VolumeProjection,
 		Convert_v1_VolumeSource_To_core_VolumeSource,
@@ -616,6 +621,11 @@ func autoConvert_v1_CSIPersistentVolumeSource_To_core_CSIPersistentVolumeSource(
 	out.Driver = in.Driver
 	out.VolumeHandle = in.VolumeHandle
 	out.ReadOnly = in.ReadOnly
+	out.FSType = in.FSType
+	out.VolumeAttributes = *(*map[string]string)(unsafe.Pointer(&in.VolumeAttributes))
+	out.ControllerPublishSecretRef = (*core.SecretReference)(unsafe.Pointer(in.ControllerPublishSecretRef))
+	out.NodeStageSecretRef = (*core.SecretReference)(unsafe.Pointer(in.NodeStageSecretRef))
+	out.NodePublishSecretRef = (*core.SecretReference)(unsafe.Pointer(in.NodePublishSecretRef))
 	return nil
 }
 
@@ -628,6 +638,11 @@ func autoConvert_core_CSIPersistentVolumeSource_To_v1_CSIPersistentVolumeSource(
 	out.Driver = in.Driver
 	out.VolumeHandle = in.VolumeHandle
 	out.ReadOnly = in.ReadOnly
+	out.FSType = in.FSType
+	out.VolumeAttributes = *(*map[string]string)(unsafe.Pointer(&in.VolumeAttributes))
+	out.ControllerPublishSecretRef = (*v1.SecretReference)(unsafe.Pointer(in.ControllerPublishSecretRef))
+	out.NodeStageSecretRef = (*v1.SecretReference)(unsafe.Pointer(in.NodeStageSecretRef))
+	out.NodePublishSecretRef = (*v1.SecretReference)(unsafe.Pointer(in.NodePublishSecretRef))
 	return nil
 }
 
@@ -835,6 +850,7 @@ func Convert_core_ComponentStatusList_To_v1_ComponentStatusList(in *core.Compone
 func autoConvert_v1_ConfigMap_To_core_ConfigMap(in *v1.ConfigMap, out *core.ConfigMap, s conversion.Scope) error {
 	out.ObjectMeta = in.ObjectMeta
 	out.Data = *(*map[string]string)(unsafe.Pointer(&in.Data))
+	out.BinaryData = *(*map[string][]byte)(unsafe.Pointer(&in.BinaryData))
 	return nil
 }
 
@@ -846,6 +862,7 @@ func Convert_v1_ConfigMap_To_core_ConfigMap(in *v1.ConfigMap, out *core.ConfigMa
 func autoConvert_core_ConfigMap_To_v1_ConfigMap(in *core.ConfigMap, out *v1.ConfigMap, s conversion.Scope) error {
 	out.ObjectMeta = in.ObjectMeta
 	out.Data = *(*map[string]string)(unsafe.Pointer(&in.Data))
+	out.BinaryData = *(*map[string][]byte)(unsafe.Pointer(&in.BinaryData))
 	return nil
 }
 
@@ -1758,6 +1775,34 @@ func Convert_core_FCVolumeSource_To_v1_FCVolumeSource(in *core.FCVolumeSource, o
 	return autoConvert_core_FCVolumeSource_To_v1_FCVolumeSource(in, out, s)
 }
 
+func autoConvert_v1_FlexPersistentVolumeSource_To_core_FlexPersistentVolumeSource(in *v1.FlexPersistentVolumeSource, out *core.FlexPersistentVolumeSource, s conversion.Scope) error {
+	out.Driver = in.Driver
+	out.FSType = in.FSType
+	out.SecretRef = (*core.SecretReference)(unsafe.Pointer(in.SecretRef))
+	out.ReadOnly = in.ReadOnly
+	out.Options = *(*map[string]string)(unsafe.Pointer(&in.Options))
+	return nil
+}
+
+// Convert_v1_FlexPersistentVolumeSource_To_core_FlexPersistentVolumeSource is an autogenerated conversion function.
+func Convert_v1_FlexPersistentVolumeSource_To_core_FlexPersistentVolumeSource(in *v1.FlexPersistentVolumeSource, out *core.FlexPersistentVolumeSource, s conversion.Scope) error {
+	return autoConvert_v1_FlexPersistentVolumeSource_To_core_FlexPersistentVolumeSource(in, out, s)
+}
+
+func autoConvert_core_FlexPersistentVolumeSource_To_v1_FlexPersistentVolumeSource(in *core.FlexPersistentVolumeSource, out *v1.FlexPersistentVolumeSource, s conversion.Scope) error {
+	out.Driver = in.Driver
+	out.FSType = in.FSType
+	out.SecretRef = (*v1.SecretReference)(unsafe.Pointer(in.SecretRef))
+	out.ReadOnly = in.ReadOnly
+	out.Options = *(*map[string]string)(unsafe.Pointer(&in.Options))
+	return nil
+}
+
+// Convert_core_FlexPersistentVolumeSource_To_v1_FlexPersistentVolumeSource is an autogenerated conversion function.
+func Convert_core_FlexPersistentVolumeSource_To_v1_FlexPersistentVolumeSource(in *core.FlexPersistentVolumeSource, out *v1.FlexPersistentVolumeSource, s conversion.Scope) error {
+	return autoConvert_core_FlexPersistentVolumeSource_To_v1_FlexPersistentVolumeSource(in, out, s)
+}
+
 func autoConvert_v1_FlexVolumeSource_To_core_FlexVolumeSource(in *v1.FlexVolumeSource, out *core.FlexVolumeSource, s conversion.Scope) error {
 	out.Driver = in.Driver
 	out.FSType = in.FSType
@@ -3250,7 +3295,7 @@ func autoConvert_v1_PersistentVolumeSource_To_core_PersistentVolumeSource(in *v1
 	out.CephFS = (*core.CephFSPersistentVolumeSource)(unsafe.Pointer(in.CephFS))
 	out.FC = (*core.FCVolumeSource)(unsafe.Pointer(in.FC))
 	out.Flocker = (*core.FlockerVolumeSource)(unsafe.Pointer(in.Flocker))
-	out.FlexVolume = (*core.FlexVolumeSource)(unsafe.Pointer(in.FlexVolume))
+	out.FlexVolume = (*core.FlexPersistentVolumeSource)(unsafe.Pointer(in.FlexVolume))
 	out.AzureFile = (*core.AzureFilePersistentVolumeSource)(unsafe.Pointer(in.AzureFile))
 	out.VsphereVolume = (*core.VsphereVirtualDiskVolumeSource)(unsafe.Pointer(in.VsphereVolume))
 	out.Quobyte = (*core.QuobyteVolumeSource)(unsafe.Pointer(in.Quobyte))
@@ -3278,7 +3323,7 @@ func autoConvert_core_PersistentVolumeSource_To_v1_PersistentVolumeSource(in *co
 	out.RBD = (*v1.RBDPersistentVolumeSource)(unsafe.Pointer(in.RBD))
 	out.Quobyte = (*v1.QuobyteVolumeSource)(unsafe.Pointer(in.Quobyte))
 	out.ISCSI = (*v1.ISCSIPersistentVolumeSource)(unsafe.Pointer(in.ISCSI))
-	out.FlexVolume = (*v1.FlexVolumeSource)(unsafe.Pointer(in.FlexVolume))
+	out.FlexVolume = (*v1.FlexPersistentVolumeSource)(unsafe.Pointer(in.FlexVolume))
 	out.Cinder = (*v1.CinderVolumeSource)(unsafe.Pointer(in.Cinder))
 	out.CephFS = (*v1.CephFSPersistentVolumeSource)(unsafe.Pointer(in.CephFS))
 	out.FC = (*v1.FCVolumeSource)(unsafe.Pointer(in.FC))
@@ -3311,6 +3356,7 @@ func autoConvert_v1_PersistentVolumeSpec_To_core_PersistentVolumeSpec(in *v1.Per
 	out.StorageClassName = in.StorageClassName
 	out.MountOptions = *(*[]string)(unsafe.Pointer(&in.MountOptions))
 	out.VolumeMode = (*core.PersistentVolumeMode)(unsafe.Pointer(in.VolumeMode))
+	out.NodeAffinity = (*core.VolumeNodeAffinity)(unsafe.Pointer(in.NodeAffinity))
 	return nil
 }
 
@@ -3330,6 +3376,7 @@ func autoConvert_core_PersistentVolumeSpec_To_v1_PersistentVolumeSpec(in *core.P
 	out.StorageClassName = in.StorageClassName
 	out.MountOptions = *(*[]string)(unsafe.Pointer(&in.MountOptions))
 	out.VolumeMode = (*v1.PersistentVolumeMode)(unsafe.Pointer(in.VolumeMode))
+	out.NodeAffinity = (*v1.VolumeNodeAffinity)(unsafe.Pointer(in.NodeAffinity))
 	return nil
 }
 
@@ -3395,11 +3442,6 @@ func autoConvert_v1_Pod_To_core_Pod(in *v1.Pod, out *core.Pod, s conversion.Scop
 	return nil
 }
 
-// Convert_v1_Pod_To_core_Pod is an autogenerated conversion function.
-func Convert_v1_Pod_To_core_Pod(in *v1.Pod, out *core.Pod, s conversion.Scope) error {
-	return autoConvert_v1_Pod_To_core_Pod(in, out, s)
-}
-
 func autoConvert_core_Pod_To_v1_Pod(in *core.Pod, out *v1.Pod, s conversion.Scope) error {
 	out.ObjectMeta = in.ObjectMeta
 	if err := Convert_core_PodSpec_To_v1_PodSpec(&in.Spec, &out.Spec, s); err != nil {
@@ -3732,6 +3774,7 @@ func Convert_core_PodProxyOptions_To_v1_PodProxyOptions(in *core.PodProxyOptions
 func autoConvert_v1_PodSecurityContext_To_core_PodSecurityContext(in *v1.PodSecurityContext, out *core.PodSecurityContext, s conversion.Scope) error {
 	out.SELinuxOptions = (*core.SELinuxOptions)(unsafe.Pointer(in.SELinuxOptions))
 	out.RunAsUser = (*int64)(unsafe.Pointer(in.RunAsUser))
+	out.RunAsGroup = (*int64)(unsafe.Pointer(in.RunAsGroup))
 	out.RunAsNonRoot = (*bool)(unsafe.Pointer(in.RunAsNonRoot))
 	out.SupplementalGroups = *(*[]int64)(unsafe.Pointer(&in.SupplementalGroups))
 	out.FSGroup = (*int64)(unsafe.Pointer(in.FSGroup))
@@ -3742,8 +3785,10 @@ func autoConvert_core_PodSecurityContext_To_v1_PodSecurityContext(in *core.PodSe
 	// INFO: in.HostNetwork opted out of conversion generation
 	// INFO: in.HostPID opted out of conversion generation
 	// INFO: in.HostIPC opted out of conversion generation
+	// INFO: in.ShareProcessNamespace opted out of conversion generation
 	out.SELinuxOptions = (*v1.SELinuxOptions)(unsafe.Pointer(in.SELinuxOptions))
 	out.RunAsUser = (*int64)(unsafe.Pointer(in.RunAsUser))
+	out.RunAsGroup = (*int64)(unsafe.Pointer(in.RunAsGroup))
 	out.RunAsNonRoot = (*bool)(unsafe.Pointer(in.RunAsNonRoot))
 	out.SupplementalGroups = *(*[]int64)(unsafe.Pointer(&in.SupplementalGroups))
 	out.FSGroup = (*int64)(unsafe.Pointer(in.FSGroup))
@@ -3816,6 +3861,7 @@ func autoConvert_v1_PodSpec_To_core_PodSpec(in *v1.PodSpec, out *core.PodSpec, s
 	// INFO: in.HostNetwork opted out of conversion generation
 	// INFO: in.HostPID opted out of conversion generation
 	// INFO: in.HostIPC opted out of conversion generation
+	// INFO: in.ShareProcessNamespace opted out of conversion generation
 	if in.SecurityContext != nil {
 		in, out := &in.SecurityContext, &out.SecurityContext
 		*out = new(core.PodSecurityContext)
@@ -3907,6 +3953,7 @@ func autoConvert_v1_PodStatus_To_core_PodStatus(in *v1.PodStatus, out *core.PodS
 	out.Conditions = *(*[]core.PodCondition)(unsafe.Pointer(&in.Conditions))
 	out.Message = in.Message
 	out.Reason = in.Reason
+	out.NominatedNodeName = in.NominatedNodeName
 	out.HostIP = in.HostIP
 	out.PodIP = in.PodIP
 	out.StartTime = (*meta_v1.Time)(unsafe.Pointer(in.StartTime))
@@ -3926,6 +3973,7 @@ func autoConvert_core_PodStatus_To_v1_PodStatus(in *core.PodStatus, out *v1.PodS
 	out.Conditions = *(*[]v1.PodCondition)(unsafe.Pointer(&in.Conditions))
 	out.Message = in.Message
 	out.Reason = in.Reason
+	out.NominatedNodeName = in.NominatedNodeName
 	out.HostIP = in.HostIP
 	out.PodIP = in.PodIP
 	out.StartTime = (*meta_v1.Time)(unsafe.Pointer(in.StartTime))
@@ -4937,6 +4985,7 @@ func autoConvert_v1_SecurityContext_To_core_SecurityContext(in *v1.SecurityConte
 	out.Privileged = (*bool)(unsafe.Pointer(in.Privileged))
 	out.SELinuxOptions = (*core.SELinuxOptions)(unsafe.Pointer(in.SELinuxOptions))
 	out.RunAsUser = (*int64)(unsafe.Pointer(in.RunAsUser))
+	out.RunAsGroup = (*int64)(unsafe.Pointer(in.RunAsGroup))
 	out.RunAsNonRoot = (*bool)(unsafe.Pointer(in.RunAsNonRoot))
 	out.ReadOnlyRootFilesystem = (*bool)(unsafe.Pointer(in.ReadOnlyRootFilesystem))
 	out.AllowPrivilegeEscalation = (*bool)(unsafe.Pointer(in.AllowPrivilegeEscalation))
@@ -4953,6 +5002,7 @@ func autoConvert_core_SecurityContext_To_v1_SecurityContext(in *core.SecurityCon
 	out.Privileged = (*bool)(unsafe.Pointer(in.Privileged))
 	out.SELinuxOptions = (*v1.SELinuxOptions)(unsafe.Pointer(in.SELinuxOptions))
 	out.RunAsUser = (*int64)(unsafe.Pointer(in.RunAsUser))
+	out.RunAsGroup = (*int64)(unsafe.Pointer(in.RunAsGroup))
 	out.RunAsNonRoot = (*bool)(unsafe.Pointer(in.RunAsNonRoot))
 	out.ReadOnlyRootFilesystem = (*bool)(unsafe.Pointer(in.ReadOnlyRootFilesystem))
 	out.AllowPrivilegeEscalation = (*bool)(unsafe.Pointer(in.AllowPrivilegeEscalation))
@@ -5471,6 +5521,26 @@ func Convert_core_VolumeMount_To_v1_VolumeMount(in *core.VolumeMount, out *v1.Vo
 	return autoConvert_core_VolumeMount_To_v1_VolumeMount(in, out, s)
 }
 
+func autoConvert_v1_VolumeNodeAffinity_To_core_VolumeNodeAffinity(in *v1.VolumeNodeAffinity, out *core.VolumeNodeAffinity, s conversion.Scope) error {
+	out.Required = (*core.NodeSelector)(unsafe.Pointer(in.Required))
+	return nil
+}
+
+// Convert_v1_VolumeNodeAffinity_To_core_VolumeNodeAffinity is an autogenerated conversion function.
+func Convert_v1_VolumeNodeAffinity_To_core_VolumeNodeAffinity(in *v1.VolumeNodeAffinity, out *core.VolumeNodeAffinity, s conversion.Scope) error {
+	return autoConvert_v1_VolumeNodeAffinity_To_core_VolumeNodeAffinity(in, out, s)
+}
+
+func autoConvert_core_VolumeNodeAffinity_To_v1_VolumeNodeAffinity(in *core.VolumeNodeAffinity, out *v1.VolumeNodeAffinity, s conversion.Scope) error {
+	out.Required = (*v1.NodeSelector)(unsafe.Pointer(in.Required))
+	return nil
+}
+
+// Convert_core_VolumeNodeAffinity_To_v1_VolumeNodeAffinity is an autogenerated conversion function.
+func Convert_core_VolumeNodeAffinity_To_v1_VolumeNodeAffinity(in *core.VolumeNodeAffinity, out *v1.VolumeNodeAffinity, s conversion.Scope) error {
+	return autoConvert_core_VolumeNodeAffinity_To_v1_VolumeNodeAffinity(in, out, s)
+}
+
 func autoConvert_v1_VolumeProjection_To_core_VolumeProjection(in *v1.VolumeProjection, out *core.VolumeProjection, s conversion.Scope) error {
 	out.Secret = (*core.SecretProjection)(unsafe.Pointer(in.Secret))
 	out.DownwardAPI = (*core.DownwardAPIProjection)(unsafe.Pointer(in.DownwardAPI))
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/zz_generated.defaults.go
index 468969442e04..084c9516bf1d 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/v1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/v1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/core/validation/BUILD
index e2d08109daaf..f2a9c4890811 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/validation/BUILD
@@ -24,6 +24,7 @@ go_library(
         "//pkg/capabilities:go_default_library",
         "//pkg/features:go_default_library",
         "//pkg/fieldpath:go_default_library",
+        "//pkg/master/ports:go_default_library",
         "//pkg/security/apparmor:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
@@ -50,14 +51,14 @@ go_test(
         "events_test.go",
         "validation_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/apis/core/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/api/testapi:go_default_library",
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/helper:go_default_library",
         "//pkg/capabilities:go_default_library",
+        "//pkg/features:go_default_library",
         "//pkg/security/apparmor:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
@@ -66,6 +67,7 @@ go_test(
         "//vendor/k8s.io/apimachinery/pkg/util/validation:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature/testing:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go b/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go
index a4a2f379b7f2..5b54d6fe642c 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go
@@ -51,6 +51,7 @@ import (
 	"k8s.io/kubernetes/pkg/capabilities"
 	"k8s.io/kubernetes/pkg/features"
 	"k8s.io/kubernetes/pkg/fieldpath"
+	"k8s.io/kubernetes/pkg/master/ports"
 	"k8s.io/kubernetes/pkg/security/apparmor"
 )
 
@@ -63,6 +64,8 @@ const isInvalidQuotaResource string = `must be a standard resource for quota`
 const fieldImmutableErrorMsg string = apimachineryvalidation.FieldImmutableErrorMsg
 const isNotIntegerErrorMsg string = `must be an integer`
 const isNotPositiveErrorMsg string = `must be greater than zero`
+const csiDriverNameRexpErrMsg string = "must consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character"
+const csiDriverNameRexpFmt string = `^[a-zA-Z0-9][-a-zA-Z0-9_.]{0,61}[a-zA-Z-0-9]$`
 
 var pdPartitionErrorMsg string = validation.InclusiveRangeError(1, 255)
 var fileModeErrorMsg string = "must be a number between 0 and 0777 (octal), both inclusive"
@@ -74,6 +77,8 @@ var iscsiInitiatorIqnRegex = regexp.MustCompile(`iqn\.\d{4}-\d{2}\.([[:alnum:]-.
 var iscsiInitiatorEuiRegex = regexp.MustCompile(`^eui.[[:alnum:]]{16}$`)
 var iscsiInitiatorNaaRegex = regexp.MustCompile(`^naa.[[:alnum:]]{32}$`)
 
+var csiDriverNameRexp = regexp.MustCompile(csiDriverNameRexpFmt)
+
 // ValidateHasLabel requires that metav1.ObjectMeta has a Label with key and expectedValue
 func ValidateHasLabel(meta metav1.ObjectMeta, fldPath *field.Path, key, expectedValue string) field.ErrorList {
 	allErrs := field.ErrorList{}
@@ -201,10 +206,6 @@ func ValidateEndpointsSpecificAnnotations(annotations map[string]string, fldPath
 	return allErrs
 }
 
-func ValidateOwnerReferences(ownerReferences []metav1.OwnerReference, fldPath *field.Path) field.ErrorList {
-	return apimachineryvalidation.ValidateOwnerReferences(ownerReferences, fldPath)
-}
-
 // ValidateNameFunc validates that the provided name is valid for a given resource type.
 // Not all resources have the same validation rules for names. Prefix is true
 // if the name will have a value appended to it.  If the name is not valid,
@@ -212,15 +213,6 @@ func ValidateOwnerReferences(ownerReferences []metav1.OwnerReference, fldPath *f
 // value that were not valid.  Otherwise this returns an empty list or nil.
 type ValidateNameFunc apimachineryvalidation.ValidateNameFunc
 
-// maskTrailingDash replaces the final character of a string with a subdomain safe
-// value if is a dash.
-func maskTrailingDash(name string) string {
-	if strings.HasSuffix(name, "-") {
-		return name[:len(name)-2] + "a"
-	}
-	return name
-}
-
 // ValidatePodName can be used to check whether the given pod name is valid.
 // Prefix indicates this name will be used as part of generation, in which case
 // trailing dashes are allowed.
@@ -291,11 +283,6 @@ func NameIsDNSSubdomain(name string, prefix bool) []string {
 	return apimachineryvalidation.NameIsDNSSubdomain(name, prefix)
 }
 
-// NameIsDNSLabel is a ValidateNameFunc for names that must be a DNS 1123 label.
-func NameIsDNSLabel(name string, prefix bool) []string {
-	return apimachineryvalidation.NameIsDNSLabel(name, prefix)
-}
-
 // NameIsDNS1035Label is a ValidateNameFunc for names that must be a DNS 952 label.
 func NameIsDNS1035Label(name string, prefix bool) []string {
 	return apimachineryvalidation.NameIsDNS1035Label(name, prefix)
@@ -361,10 +348,6 @@ func ValidateObjectMetaUpdate(newMeta, oldMeta *metav1.ObjectMeta, fldPath *fiel
 	return allErrs
 }
 
-func ValidateNoNewFinalizers(newFinalizers []string, oldFinalizers []string, fldPath *field.Path) field.ErrorList {
-	return apimachineryvalidation.ValidateNoNewFinalizers(newFinalizers, oldFinalizers, fldPath)
-}
-
 func ValidateVolumes(volumes []core.Volume, fldPath *field.Path) (map[string]core.VolumeSource, field.ErrorList) {
 	allErrs := field.ErrorList{}
 
@@ -1257,6 +1240,27 @@ func validateFlexVolumeSource(fv *core.FlexVolumeSource, fldPath *field.Path) fi
 	return allErrs
 }
 
+func validateFlexPersistentVolumeSource(fv *core.FlexPersistentVolumeSource, fldPath *field.Path) field.ErrorList {
+	allErrs := field.ErrorList{}
+	if len(fv.Driver) == 0 {
+		allErrs = append(allErrs, field.Required(fldPath.Child("driver"), ""))
+	}
+
+	// Make sure user-specified options don't use kubernetes namespaces
+	for k := range fv.Options {
+		namespace := k
+		if parts := strings.SplitN(k, "/", 2); len(parts) == 2 {
+			namespace = parts[0]
+		}
+		normalized := "." + strings.ToLower(namespace)
+		if strings.HasSuffix(normalized, ".kubernetes.io") || strings.HasSuffix(normalized, ".k8s.io") {
+			allErrs = append(allErrs, field.Invalid(fldPath.Child("options").Key(k), k, "kubernetes.io and k8s.io namespaces are reserved"))
+		}
+	}
+
+	return allErrs
+}
+
 func validateAzureFile(azure *core.AzureFileVolumeSource, fldPath *field.Path) field.ErrorList {
 	allErrs := field.ErrorList{}
 	if azure.SecretName == "" {
@@ -1379,6 +1383,9 @@ func validateLocalVolumeSource(ls *core.LocalVolumeSource, fldPath *field.Path)
 		return allErrs
 	}
 
+	if !path.IsAbs(ls.Path) {
+		allErrs = append(allErrs, field.Invalid(fldPath, ls.Path, "must be an absolute path"))
+	}
 	allErrs = append(allErrs, validatePathNoBacksteps(ls.Path, fldPath.Child("path"))...)
 	return allErrs
 }
@@ -1433,10 +1440,57 @@ func validateCSIPersistentVolumeSource(csi *core.CSIPersistentVolumeSource, fldP
 		allErrs = append(allErrs, field.Required(fldPath.Child("driver"), ""))
 	}
 
+	if len(csi.Driver) > 63 {
+		allErrs = append(allErrs, field.TooLong(fldPath.Child("driver"), csi.Driver, 63))
+	}
+
+	if !csiDriverNameRexp.MatchString(csi.Driver) {
+		allErrs = append(allErrs, field.Invalid(fldPath.Child("driver"), csi.Driver, validation.RegexError(csiDriverNameRexpErrMsg, csiDriverNameRexpFmt, "csi-hostpath")))
+	}
+
 	if len(csi.VolumeHandle) == 0 {
 		allErrs = append(allErrs, field.Required(fldPath.Child("volumeHandle"), ""))
 	}
 
+	if csi.ControllerPublishSecretRef != nil {
+		if len(csi.ControllerPublishSecretRef.Name) == 0 {
+			allErrs = append(allErrs, field.Required(fldPath.Child("controllerPublishSecretRef", "name"), ""))
+		} else {
+			allErrs = append(allErrs, ValidateDNS1123Label(csi.ControllerPublishSecretRef.Name, fldPath.Child("name"))...)
+		}
+		if len(csi.ControllerPublishSecretRef.Namespace) == 0 {
+			allErrs = append(allErrs, field.Required(fldPath.Child("controllerPublishSecretRef", "namespace"), ""))
+		} else {
+			allErrs = append(allErrs, ValidateDNS1123Label(csi.ControllerPublishSecretRef.Namespace, fldPath.Child("namespace"))...)
+		}
+	}
+
+	if csi.NodePublishSecretRef != nil {
+		if len(csi.NodePublishSecretRef.Name) == 0 {
+			allErrs = append(allErrs, field.Required(fldPath.Child("nodePublishSecretRef ", "name"), ""))
+		} else {
+			allErrs = append(allErrs, ValidateDNS1123Label(csi.NodePublishSecretRef.Name, fldPath.Child("name"))...)
+		}
+		if len(csi.NodePublishSecretRef.Namespace) == 0 {
+			allErrs = append(allErrs, field.Required(fldPath.Child("nodePublishSecretRef ", "namespace"), ""))
+		} else {
+			allErrs = append(allErrs, ValidateDNS1123Label(csi.NodePublishSecretRef.Namespace, fldPath.Child("namespace"))...)
+		}
+	}
+
+	if csi.NodeStageSecretRef != nil {
+		if len(csi.NodeStageSecretRef.Name) == 0 {
+			allErrs = append(allErrs, field.Required(fldPath.Child("nodeStageSecretRef", "name"), ""))
+		} else {
+			allErrs = append(allErrs, ValidateDNS1123Label(csi.NodeStageSecretRef.Name, fldPath.Child("name"))...)
+		}
+		if len(csi.NodeStageSecretRef.Namespace) == 0 {
+			allErrs = append(allErrs, field.Required(fldPath.Child("nodeStageSecretRef", "namespace"), ""))
+		} else {
+			allErrs = append(allErrs, ValidateDNS1123Label(csi.NodeStageSecretRef.Namespace, fldPath.Child("namespace"))...)
+		}
+	}
+
 	return allErrs
 }
 
@@ -1485,6 +1539,15 @@ func ValidatePersistentVolume(pv *core.PersistentVolume) field.ErrorList {
 	nodeAffinitySpecified, errs := validateStorageNodeAffinityAnnotation(pv.ObjectMeta.Annotations, metaPath.Child("annotations"))
 	allErrs = append(allErrs, errs...)
 
+	volumeNodeAffinitySpecified, errs := validateVolumeNodeAffinity(pv.Spec.NodeAffinity, specPath.Child("nodeAffinity"))
+	allErrs = append(allErrs, errs...)
+
+	if nodeAffinitySpecified && volumeNodeAffinitySpecified {
+		allErrs = append(allErrs, field.Forbidden(specPath.Child("nodeAffinity"), "may not specify both alpha nodeAffinity annotation and nodeAffinity field"))
+	}
+
+	nodeAffinitySpecified = nodeAffinitySpecified || volumeNodeAffinitySpecified
+
 	numVolumes := 0
 	if pv.Spec.HostPath != nil {
 		if numVolumes > 0 {
@@ -1588,7 +1651,7 @@ func ValidatePersistentVolume(pv *core.PersistentVolume) field.ErrorList {
 	}
 	if pv.Spec.FlexVolume != nil {
 		numVolumes++
-		allErrs = append(allErrs, validateFlexVolumeSource(pv.Spec.FlexVolume, specPath.Child("flexVolume"))...)
+		allErrs = append(allErrs, validateFlexPersistentVolumeSource(pv.Spec.FlexVolume, specPath.Child("flexVolume"))...)
 	}
 	if pv.Spec.AzureFile != nil {
 		if numVolumes > 0 {
@@ -1713,6 +1776,13 @@ func ValidatePersistentVolumeUpdate(newPv, oldPv *core.PersistentVolume) field.E
 		allErrs = append(allErrs, ValidateImmutableField(newPv.Spec.VolumeMode, oldPv.Spec.VolumeMode, field.NewPath("volumeMode"))...)
 	}
 
+	if utilfeature.DefaultFeatureGate.Enabled(features.VolumeScheduling) {
+		// Allow setting NodeAffinity if oldPv NodeAffinity was not set
+		if oldPv.Spec.NodeAffinity != nil {
+			allErrs = append(allErrs, ValidateImmutableField(newPv.Spec.NodeAffinity, oldPv.Spec.NodeAffinity, field.NewPath("nodeAffinity"))...)
+		}
+	}
+
 	return allErrs
 }
 
@@ -1773,27 +1843,36 @@ func ValidatePersistentVolumeClaimSpec(spec *core.PersistentVolumeClaimSpec, fld
 func ValidatePersistentVolumeClaimUpdate(newPvc, oldPvc *core.PersistentVolumeClaim) field.ErrorList {
 	allErrs := ValidateObjectMetaUpdate(&newPvc.ObjectMeta, &oldPvc.ObjectMeta, field.NewPath("metadata"))
 	allErrs = append(allErrs, ValidatePersistentVolumeClaim(newPvc)...)
+	newPvcClone := newPvc.DeepCopy()
+	oldPvcClone := oldPvc.DeepCopy()
+
 	// PVController needs to update PVC.Spec w/ VolumeName.
 	// Claims are immutable in order to enforce quota, range limits, etc. without gaming the system.
 	if len(oldPvc.Spec.VolumeName) == 0 {
 		// volumeName changes are allowed once.
-		// Reset back to empty string after equality check
-		oldPvc.Spec.VolumeName = newPvc.Spec.VolumeName
-		defer func() { oldPvc.Spec.VolumeName = "" }()
+		oldPvcClone.Spec.VolumeName = newPvcClone.Spec.VolumeName
 	}
 
-	if utilfeature.DefaultFeatureGate.Enabled(features.ExpandPersistentVolumes) {
-		newPVCSpecCopy := newPvc.Spec.DeepCopy()
+	if validateStorageClassUpgrade(oldPvcClone.Annotations, newPvcClone.Annotations,
+		oldPvcClone.Spec.StorageClassName, newPvcClone.Spec.StorageClassName) {
+		newPvcClone.Spec.StorageClassName = nil
+		metav1.SetMetaDataAnnotation(&newPvcClone.ObjectMeta, core.BetaStorageClassAnnotation, oldPvcClone.Annotations[core.BetaStorageClassAnnotation])
+	} else {
+		// storageclass annotation should be immutable after creation
+		// TODO: remove Beta when no longer needed
+		allErrs = append(allErrs, ValidateImmutableAnnotation(newPvc.ObjectMeta.Annotations[v1.BetaStorageClassAnnotation], oldPvc.ObjectMeta.Annotations[v1.BetaStorageClassAnnotation], v1.BetaStorageClassAnnotation, field.NewPath("metadata"))...)
+	}
 
+	if utilfeature.DefaultFeatureGate.Enabled(features.ExpandPersistentVolumes) {
 		// lets make sure storage values are same.
-		if newPvc.Status.Phase == core.ClaimBound && newPVCSpecCopy.Resources.Requests != nil {
-			newPVCSpecCopy.Resources.Requests["storage"] = oldPvc.Spec.Resources.Requests["storage"]
+		if newPvc.Status.Phase == core.ClaimBound && newPvcClone.Spec.Resources.Requests != nil {
+			newPvcClone.Spec.Resources.Requests["storage"] = oldPvc.Spec.Resources.Requests["storage"]
 		}
 
 		oldSize := oldPvc.Spec.Resources.Requests["storage"]
 		newSize := newPvc.Spec.Resources.Requests["storage"]
 
-		if !apiequality.Semantic.DeepEqual(*newPVCSpecCopy, oldPvc.Spec) {
+		if !apiequality.Semantic.DeepEqual(newPvcClone.Spec, oldPvcClone.Spec) {
 			allErrs = append(allErrs, field.Forbidden(field.NewPath("spec"), "is immutable after creation except resources.requests for bound claims"))
 		}
 		if newSize.Cmp(oldSize) < 0 {
@@ -1803,23 +1882,33 @@ func ValidatePersistentVolumeClaimUpdate(newPvc, oldPvc *core.PersistentVolumeCl
 	} else {
 		// changes to Spec are not allowed, but updates to label/and some annotations are OK.
 		// no-op updates pass validation.
-		if !apiequality.Semantic.DeepEqual(newPvc.Spec, oldPvc.Spec) {
+		if !apiequality.Semantic.DeepEqual(newPvcClone.Spec, oldPvcClone.Spec) {
 			allErrs = append(allErrs, field.Forbidden(field.NewPath("spec"), "field is immutable after creation"))
 		}
 	}
 
-	// storageclass annotation should be immutable after creation
-	// TODO: remove Beta when no longer needed
-	allErrs = append(allErrs, ValidateImmutableAnnotation(newPvc.ObjectMeta.Annotations[v1.BetaStorageClassAnnotation], oldPvc.ObjectMeta.Annotations[v1.BetaStorageClassAnnotation], v1.BetaStorageClassAnnotation, field.NewPath("metadata"))...)
-
 	if utilfeature.DefaultFeatureGate.Enabled(features.BlockVolume) {
 		allErrs = append(allErrs, ValidateImmutableField(newPvc.Spec.VolumeMode, oldPvc.Spec.VolumeMode, field.NewPath("volumeMode"))...)
 	}
-
-	newPvc.Status = oldPvc.Status
 	return allErrs
 }
 
+// Provide an upgrade path from PVC with storage class specified in beta
+// annotation to storage class specified in attribute. We allow update of
+// StorageClassName only if following four conditions are met at the same time:
+// 1. The old pvc's StorageClassAnnotation is set
+// 2. The old pvc's StorageClassName is not set
+// 3. The new pvc's StorageClassName is set and equal to the old value in annotation
+// 4. If the new pvc's StorageClassAnnotation is set,it must be equal to the old pv/pvc's StorageClassAnnotation
+func validateStorageClassUpgrade(oldAnnotations, newAnnotations map[string]string, oldScName, newScName *string) bool {
+	oldSc, oldAnnotationExist := oldAnnotations[core.BetaStorageClassAnnotation]
+	newScInAnnotation, newAnnotationExist := newAnnotations[core.BetaStorageClassAnnotation]
+	return oldAnnotationExist /* condition 1 */ &&
+		oldScName == nil /* condition 2*/ &&
+		(newScName != nil && *newScName == oldSc) /* condition 3 */ &&
+		(!newAnnotationExist || newScInAnnotation == oldSc) /* condition 4 */
+}
+
 // ValidatePersistentVolumeClaimStatusUpdate validates an update to status of a PersistentVolumeClaim
 func ValidatePersistentVolumeClaimStatusUpdate(newPvc, oldPvc *core.PersistentVolumeClaim) field.ErrorList {
 	allErrs := ValidateObjectMetaUpdate(&newPvc.ObjectMeta, &oldPvc.ObjectMeta, field.NewPath("metadata"))
@@ -2651,19 +2740,8 @@ func validateAffinity(affinity *core.Affinity, fldPath *field.Path) field.ErrorL
 	allErrs := field.ErrorList{}
 
 	if affinity != nil {
-		if na := affinity.NodeAffinity; na != nil {
-			// TODO: Uncomment the next three lines once RequiredDuringSchedulingRequiredDuringExecution is implemented.
-			// if na.RequiredDuringSchedulingRequiredDuringExecution != nil {
-			//	allErrs = append(allErrs, ValidateNodeSelector(na.RequiredDuringSchedulingRequiredDuringExecution, fldPath.Child("requiredDuringSchedulingRequiredDuringExecution"))...)
-			// }
-
-			if na.RequiredDuringSchedulingIgnoredDuringExecution != nil {
-				allErrs = append(allErrs, ValidateNodeSelector(na.RequiredDuringSchedulingIgnoredDuringExecution, fldPath.Child("requiredDuringSchedulingIgnoredDuringExecution"))...)
-			}
-
-			if len(na.PreferredDuringSchedulingIgnoredDuringExecution) > 0 {
-				allErrs = append(allErrs, ValidatePreferredSchedulingTerms(na.PreferredDuringSchedulingIgnoredDuringExecution, fldPath.Child("preferredDuringSchedulingIgnoredDuringExecution"))...)
-			}
+		if affinity.NodeAffinity != nil {
+			allErrs = append(allErrs, validateNodeAffinity(affinity.NodeAffinity, fldPath.Child("nodeAffinity"))...)
 		}
 		if affinity.PodAffinity != nil {
 			allErrs = append(allErrs, validatePodAffinity(affinity.PodAffinity, fldPath.Child("podAffinity"))...)
@@ -2901,19 +2979,13 @@ func ValidatePodSpec(spec *core.PodSpec, fldPath *field.Path) field.ErrorList {
 	}
 
 	if len(spec.PriorityClassName) > 0 {
-		if !utilfeature.DefaultFeatureGate.Enabled(features.PodPriority) {
-			allErrs = append(allErrs, field.Forbidden(fldPath.Child("priorityClassName"), "Pod priority is disabled by feature-gate"))
-		} else {
+		if utilfeature.DefaultFeatureGate.Enabled(features.PodPriority) {
 			for _, msg := range ValidatePriorityClassName(spec.PriorityClassName, false) {
 				allErrs = append(allErrs, field.Invalid(fldPath.Child("priorityClassName"), spec.PriorityClassName, msg))
 			}
 		}
 	}
 
-	if spec.Priority != nil && !utilfeature.DefaultFeatureGate.Enabled(features.PodPriority) {
-		allErrs = append(allErrs, field.Forbidden(fldPath.Child("priority"), "Pod priority is disabled by feature-gate"))
-	}
-
 	return allErrs
 }
 
@@ -3080,6 +3152,22 @@ func validatePodAntiAffinity(podAntiAffinity *core.PodAntiAffinity, fldPath *fie
 	return allErrs
 }
 
+// validateNodeAffinity tests that the specified nodeAffinity fields have valid data
+func validateNodeAffinity(na *core.NodeAffinity, fldPath *field.Path) field.ErrorList {
+	allErrs := field.ErrorList{}
+	// TODO: Uncomment the next three lines once RequiredDuringSchedulingRequiredDuringExecution is implemented.
+	// if na.RequiredDuringSchedulingRequiredDuringExecution != nil {
+	//	allErrs = append(allErrs, ValidateNodeSelector(na.RequiredDuringSchedulingRequiredDuringExecution, fldPath.Child("requiredDuringSchedulingRequiredDuringExecution"))...)
+	// }
+	if na.RequiredDuringSchedulingIgnoredDuringExecution != nil {
+		allErrs = append(allErrs, ValidateNodeSelector(na.RequiredDuringSchedulingIgnoredDuringExecution, fldPath.Child("requiredDuringSchedulingIgnoredDuringExecution"))...)
+	}
+	if len(na.PreferredDuringSchedulingIgnoredDuringExecution) > 0 {
+		allErrs = append(allErrs, ValidatePreferredSchedulingTerms(na.PreferredDuringSchedulingIgnoredDuringExecution, fldPath.Child("preferredDuringSchedulingIgnoredDuringExecution"))...)
+	}
+	return allErrs
+}
+
 // validatePodAffinity tests that the specified podAffinity fields have valid data
 func validatePodAffinity(podAffinity *core.PodAffinity, fldPath *field.Path) field.ErrorList {
 	allErrs := field.ErrorList{}
@@ -3214,11 +3302,24 @@ func ValidatePodSecurityContext(securityContext *core.PodSecurityContext, spec *
 				allErrs = append(allErrs, field.Invalid(fldPath.Child("runAsUser"), *(securityContext.RunAsUser), msg))
 			}
 		}
+		if securityContext.RunAsGroup != nil {
+			for _, msg := range validation.IsValidGroupID(*securityContext.RunAsGroup) {
+				allErrs = append(allErrs, field.Invalid(fldPath.Child("runAsGroup"), *(securityContext.RunAsGroup), msg))
+			}
+		}
+
 		for g, gid := range securityContext.SupplementalGroups {
 			for _, msg := range validation.IsValidGroupID(gid) {
 				allErrs = append(allErrs, field.Invalid(fldPath.Child("supplementalGroups").Index(g), gid, msg))
 			}
 		}
+		if securityContext.ShareProcessNamespace != nil {
+			if !utilfeature.DefaultFeatureGate.Enabled(features.PodShareProcessNamespace) {
+				allErrs = append(allErrs, field.Forbidden(fldPath.Child("shareProcessNamespace"), "Process Namespace Sharing is disabled by PodShareProcessNamespace feature-gate"))
+			} else if securityContext.HostPID && *securityContext.ShareProcessNamespace {
+				allErrs = append(allErrs, field.Invalid(fldPath.Child("shareProcessNamespace"), *securityContext.ShareProcessNamespace, "ShareProcessNamespace and HostPID cannot both be enabled"))
+			}
+		}
 	}
 
 	return allErrs
@@ -3326,6 +3427,31 @@ func ValidatePodUpdate(newPod, oldPod *core.Pod) field.ErrorList {
 	return allErrs
 }
 
+// ValidateContainerStateTransition test to if any illegal container state transitions are being attempted
+func ValidateContainerStateTransition(newStatuses, oldStatuses []core.ContainerStatus, fldpath *field.Path, restartPolicy core.RestartPolicy) field.ErrorList {
+	allErrs := field.ErrorList{}
+	// If we should always restart, containers are allowed to leave the terminated state
+	if restartPolicy == core.RestartPolicyAlways {
+		return allErrs
+	}
+	for i, oldStatus := range oldStatuses {
+		// Skip any container that is not terminated
+		if oldStatus.State.Terminated == nil {
+			continue
+		}
+		// Skip any container that failed but is allowed to restart
+		if oldStatus.State.Terminated.ExitCode != 0 && restartPolicy == core.RestartPolicyOnFailure {
+			continue
+		}
+		for _, newStatus := range newStatuses {
+			if oldStatus.Name == newStatus.Name && newStatus.State.Terminated == nil {
+				allErrs = append(allErrs, field.Forbidden(fldpath.Index(i).Child("state"), "may not be transitioned to non-terminated state"))
+			}
+		}
+	}
+	return allErrs
+}
+
 // ValidatePodStatusUpdate tests to see if the update is legal for an end user to make. newPod is updated with fields
 // that cannot be changed.
 func ValidatePodStatusUpdate(newPod, oldPod *core.Pod) field.ErrorList {
@@ -3333,10 +3459,22 @@ func ValidatePodStatusUpdate(newPod, oldPod *core.Pod) field.ErrorList {
 	allErrs := ValidateObjectMetaUpdate(&newPod.ObjectMeta, &oldPod.ObjectMeta, fldPath)
 	allErrs = append(allErrs, ValidatePodSpecificAnnotationUpdates(newPod, oldPod, fldPath.Child("annotations"))...)
 
+	fldPath = field.NewPath("status")
 	if newPod.Spec.NodeName != oldPod.Spec.NodeName {
-		allErrs = append(allErrs, field.Forbidden(field.NewPath("status", "nodeName"), "may not be changed directly"))
+		allErrs = append(allErrs, field.Forbidden(fldPath.Child("nodeName"), "may not be changed directly"))
 	}
 
+	if newPod.Status.NominatedNodeName != oldPod.Status.NominatedNodeName && len(newPod.Status.NominatedNodeName) > 0 {
+		for _, msg := range ValidateNodeName(newPod.Status.NominatedNodeName, false) {
+			allErrs = append(allErrs, field.Invalid(fldPath.Child("nominatedNodeName"), newPod.Status.NominatedNodeName, msg))
+		}
+	}
+
+	// If pod should not restart, make sure the status update does not transition
+	// any terminated containers to a non-terminated state.
+	allErrs = append(allErrs, ValidateContainerStateTransition(newPod.Status.ContainerStatuses, oldPod.Status.ContainerStatuses, fldPath.Child("containerStatuses"), oldPod.Spec.RestartPolicy)...)
+	allErrs = append(allErrs, ValidateContainerStateTransition(newPod.Status.InitContainerStatuses, oldPod.Status.InitContainerStatuses, fldPath.Child("initContainerStatuses"), oldPod.Spec.RestartPolicy)...)
+
 	// For status update we ignore changes to pod spec.
 	newPod.Spec = oldPod.Spec
 
@@ -3369,7 +3507,7 @@ func ValidatePodTemplate(pod *core.PodTemplate) field.ErrorList {
 // ValidatePodTemplateUpdate tests to see if the update is legal for an end user to make. newPod is updated with fields
 // that cannot be changed.
 func ValidatePodTemplateUpdate(newPod, oldPod *core.PodTemplate) field.ErrorList {
-	allErrs := ValidateObjectMetaUpdate(&oldPod.ObjectMeta, &newPod.ObjectMeta, field.NewPath("metadata"))
+	allErrs := ValidateObjectMetaUpdate(&newPod.ObjectMeta, &oldPod.ObjectMeta, field.NewPath("metadata"))
 	allErrs = append(allErrs, ValidatePodTemplateSpec(&newPod.Template, field.NewPath("template"))...)
 	return allErrs
 }
@@ -3394,9 +3532,9 @@ func ValidateService(service *core.Service) field.ErrorList {
 			// This is a workaround for broken cloud environments that
 			// over-open firewalls.  Hopefully it can go away when more clouds
 			// understand containers better.
-			if port.Port == 10250 {
+			if port.Port == ports.KubeletPort {
 				portPath := specPath.Child("ports").Index(ix)
-				allErrs = append(allErrs, field.Invalid(portPath, port.Port, "may not expose port 10250 externally since it is used by kubelet"))
+				allErrs = append(allErrs, field.Invalid(portPath, port.Port, fmt.Sprintf("may not expose port %v externally since it is used by kubelet", ports.KubeletPort)))
 			}
 		}
 		if service.Spec.ClusterIP == "None" {
@@ -3408,7 +3546,7 @@ func ValidateService(service *core.Service) field.ErrorList {
 		}
 	case core.ServiceTypeExternalName:
 		if service.Spec.ClusterIP != "" {
-			allErrs = append(allErrs, field.Invalid(specPath.Child("clusterIP"), service.Spec.ClusterIP, "must be empty for ExternalName services"))
+			allErrs = append(allErrs, field.Forbidden(specPath.Child("clusterIP"), "must be empty for ExternalName services"))
 		}
 		if len(service.Spec.ExternalName) > 0 {
 			allErrs = append(allErrs, ValidateDNS1123Subdomain(service.Spec.ExternalName, specPath.Child("externalName"))...)
@@ -3487,7 +3625,7 @@ func ValidateService(service *core.Service) field.ErrorList {
 		for i := range service.Spec.Ports {
 			portPath := portsPath.Index(i)
 			if service.Spec.Ports[i].NodePort != 0 {
-				allErrs = append(allErrs, field.Invalid(portPath.Child("nodePort"), service.Spec.Ports[i].NodePort, "may not be used when `type` is 'ClusterIP'"))
+				allErrs = append(allErrs, field.Forbidden(portPath.Child("nodePort"), "may not be used when `type` is 'ClusterIP'"))
 			}
 		}
 	}
@@ -3537,7 +3675,7 @@ func ValidateService(service *core.Service) field.ErrorList {
 			val = service.Annotations[core.AnnotationLoadBalancerSourceRangesKey]
 		}
 		if service.Spec.Type != core.ServiceTypeLoadBalancer {
-			allErrs = append(allErrs, field.Invalid(fieldPath, "", "may only be used when `type` is 'LoadBalancer'"))
+			allErrs = append(allErrs, field.Forbidden(fieldPath, "may only be used when `type` is 'LoadBalancer'"))
 		}
 		_, err := apiservice.GetLoadBalancerSourceRanges(service)
 		if err != nil {
@@ -4002,6 +4140,10 @@ func validateContainerResourceName(value string, fldPath *field.Path) field.Erro
 		if !helper.IsStandardContainerResourceName(value) {
 			return append(allErrs, field.Invalid(fldPath, value, "must be a standard resource for containers"))
 		}
+	} else if !helper.IsDefaultNamespaceResource(core.ResourceName(value)) {
+		if !helper.IsExtendedResourceName(core.ResourceName(value)) {
+			return append(allErrs, field.Invalid(fldPath, value, "doesn't follow extended resource name standard"))
+		}
 	}
 	return allErrs
 }
@@ -4183,7 +4325,8 @@ func ValidateLimitRange(limitRange *core.LimitRange) field.ErrorList {
 				}
 			}
 
-			// for GPU and hugepages, the default value and defaultRequest value must match if both are specified
+			// for GPU, hugepages and other resources that are not allowed to overcommit,
+			// the default value and defaultRequest value must match if both are specified
 			if !helper.IsOvercommitAllowed(core.ResourceName(k)) && defaultQuantityFound && defaultRequestQuantityFound && defaultQuantity.Cmp(defaultRequestQuantity) != 0 {
 				allErrs = append(allErrs, field.Invalid(idxPath.Child("defaultRequest").Key(string(k)), defaultRequestQuantity, fmt.Sprintf("default value %s must equal to defaultRequest value %s in %s", defaultQuantity.String(), defaultRequestQuantity.String(), k)))
 			}
@@ -4314,10 +4457,22 @@ func ValidateConfigMap(cfg *core.ConfigMap) field.ErrorList {
 		for _, msg := range validation.IsConfigMapKey(key) {
 			allErrs = append(allErrs, field.Invalid(field.NewPath("data").Key(key), key, msg))
 		}
+		// check if we have a duplicate key in the other bag
+		if _, isValue := cfg.BinaryData[key]; isValue {
+			msg := "duplicate of key present in binaryData"
+			allErrs = append(allErrs, field.Invalid(field.NewPath("data").Key(key), key, msg))
+		}
+		totalSize += len(value)
+	}
+	for key, value := range cfg.BinaryData {
+		for _, msg := range validation.IsConfigMapKey(key) {
+			allErrs = append(allErrs, field.Invalid(field.NewPath("binaryData").Key(key), key, msg))
+		}
 		totalSize += len(value)
 	}
 	if totalSize > core.MaxSecretSize {
-		allErrs = append(allErrs, field.TooLong(field.NewPath("data"), "", core.MaxSecretSize))
+		// pass back "" to indicate that the error refers to the whole object.
+		allErrs = append(allErrs, field.TooLong(field.NewPath(""), cfg, core.MaxSecretSize))
 	}
 
 	return allErrs
@@ -4344,7 +4499,13 @@ func ValidateResourceRequirements(requirements *core.ResourceRequirements, fldPa
 	allErrs := field.ErrorList{}
 	limPath := fldPath.Child("limits")
 	reqPath := fldPath.Child("requests")
+	limContainsCpuOrMemory := false
+	reqContainsCpuOrMemory := false
+	limContainsHugePages := false
+	reqContainsHugePages := false
+	supportedQoSComputeResources := sets.NewString(string(core.ResourceCPU), string(core.ResourceMemory))
 	for resourceName, quantity := range requirements.Limits {
+
 		fldPath := limPath.Key(string(resourceName))
 		// Validate resource name.
 		allErrs = append(allErrs, validateContainerResourceName(string(resourceName), fldPath)...)
@@ -4355,10 +4516,17 @@ func ValidateResourceRequirements(requirements *core.ResourceRequirements, fldPa
 		if resourceName == core.ResourceEphemeralStorage && !utilfeature.DefaultFeatureGate.Enabled(features.LocalStorageCapacityIsolation) {
 			allErrs = append(allErrs, field.Forbidden(limPath, "ResourceEphemeralStorage field disabled by feature-gate for ResourceRequirements"))
 		}
-		if helper.IsHugePageResourceName(resourceName) && !utilfeature.DefaultFeatureGate.Enabled(features.HugePages) {
-			allErrs = append(allErrs, field.Forbidden(limPath, fmt.Sprintf("%s field disabled by feature-gate for ResourceRequirements", resourceName)))
+		if helper.IsHugePageResourceName(resourceName) {
+			if !utilfeature.DefaultFeatureGate.Enabled(features.HugePages) {
+				allErrs = append(allErrs, field.Forbidden(limPath, fmt.Sprintf("%s field disabled by feature-gate for ResourceRequirements", resourceName)))
+			} else {
+				limContainsHugePages = true
+			}
 		}
 
+		if supportedQoSComputeResources.Has(string(resourceName)) {
+			limContainsCpuOrMemory = true
+		}
 	}
 	for resourceName, quantity := range requirements.Requests {
 		fldPath := reqPath.Key(string(resourceName))
@@ -4370,15 +4538,25 @@ func ValidateResourceRequirements(requirements *core.ResourceRequirements, fldPa
 		// Check that request <= limit.
 		limitQuantity, exists := requirements.Limits[resourceName]
 		if exists {
-			// For GPUs, not only requests can't exceed limits, they also can't be lower, i.e. must be equal.
+			// For non overcommitable resources, not only requests can't exceed limits, they also can't be lower, i.e. must be equal.
 			if quantity.Cmp(limitQuantity) != 0 && !helper.IsOvercommitAllowed(resourceName) {
 				allErrs = append(allErrs, field.Invalid(reqPath, quantity.String(), fmt.Sprintf("must be equal to %s limit", resourceName)))
 			} else if quantity.Cmp(limitQuantity) > 0 {
 				allErrs = append(allErrs, field.Invalid(reqPath, quantity.String(), fmt.Sprintf("must be less than or equal to %s limit", resourceName)))
 			}
-		} else if resourceName == core.ResourceNvidiaGPU {
-			allErrs = append(allErrs, field.Invalid(reqPath, quantity.String(), fmt.Sprintf("must be equal to %s request", core.ResourceNvidiaGPU)))
+		} else if !helper.IsOvercommitAllowed(resourceName) {
+			allErrs = append(allErrs, field.Required(limPath, "Limit must be set for non overcommitable resources"))
+		}
+		if helper.IsHugePageResourceName(resourceName) {
+			reqContainsHugePages = true
 		}
+		if supportedQoSComputeResources.Has(string(resourceName)) {
+			reqContainsCpuOrMemory = true
+		}
+
+	}
+	if !limContainsCpuOrMemory && !reqContainsCpuOrMemory && (reqContainsHugePages || limContainsHugePages) {
+		allErrs = append(allErrs, field.Forbidden(fldPath, fmt.Sprintf("HugePages require cpu or memory")))
 	}
 
 	return allErrs
@@ -4748,8 +4926,14 @@ func ValidateSecurityContext(sc *core.SecurityContext, fldPath *field.Path) fiel
 	}
 
 	if sc.RunAsUser != nil {
-		if *sc.RunAsUser < 0 {
-			allErrs = append(allErrs, field.Invalid(fldPath.Child("runAsUser"), *sc.RunAsUser, isNegativeErrorMsg))
+		for _, msg := range validation.IsValidUserID(*sc.RunAsUser) {
+			allErrs = append(allErrs, field.Invalid(fldPath.Child("runAsUser"), *sc.RunAsUser, msg))
+		}
+	}
+
+	if sc.RunAsGroup != nil {
+		for _, msg := range validation.IsValidGroupID(*sc.RunAsGroup) {
+			allErrs = append(allErrs, field.Invalid(fldPath.Child("runAsGroup"), *sc.RunAsGroup, msg))
 		}
 	}
 
@@ -4838,7 +5022,7 @@ func validateStorageNodeAffinityAnnotation(annotations map[string]string, fldPat
 		return false, allErrs
 	}
 
-	if !utilfeature.DefaultFeatureGate.Enabled(features.PersistentLocalVolumes) {
+	if !utilfeature.DefaultFeatureGate.Enabled(features.VolumeScheduling) {
 		allErrs = append(allErrs, field.Forbidden(fldPath, "Storage node affinity is disabled by feature-gate"))
 	}
 
@@ -4854,6 +5038,30 @@ func validateStorageNodeAffinityAnnotation(annotations map[string]string, fldPat
 	return policySpecified, allErrs
 }
 
+// validateVolumeNodeAffinity tests that the PersistentVolume.NodeAffinity has valid data
+// returns:
+// - true if volumeNodeAffinity is set
+// - errorList if there are validation errors
+func validateVolumeNodeAffinity(nodeAffinity *core.VolumeNodeAffinity, fldPath *field.Path) (bool, field.ErrorList) {
+	allErrs := field.ErrorList{}
+
+	if nodeAffinity == nil {
+		return false, allErrs
+	}
+
+	if !utilfeature.DefaultFeatureGate.Enabled(features.VolumeScheduling) {
+		allErrs = append(allErrs, field.Forbidden(fldPath, "Volume node affinity is disabled by feature-gate"))
+	}
+
+	if nodeAffinity.Required != nil {
+		allErrs = append(allErrs, ValidateNodeSelector(nodeAffinity.Required, fldPath.Child("required"))...)
+	} else {
+		allErrs = append(allErrs, field.Required(fldPath.Child("required"), "must specify required node constraints"))
+	}
+
+	return true, allErrs
+}
+
 // ValidateCIDR validates whether a CIDR matches the conventions expected by net.ParseCIDR
 func ValidateCIDR(cidr string) (*net.IPNet, error) {
 	_, net, err := net.ParseCIDR(cidr)
@@ -4862,3 +5070,13 @@ func ValidateCIDR(cidr string) (*net.IPNet, error) {
 	}
 	return net, nil
 }
+
+func IsDecremented(update, old *int32) bool {
+	if update == nil && old != nil {
+		return true
+	}
+	if update == nil || old == nil {
+		return false
+	}
+	return *update < *old
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/core/zz_generated.deepcopy.go
index 22c31da978cd..35225755d2a9 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/core/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/core/zz_generated.deepcopy.go
@@ -16,12 +16,11 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package core
 
 import (
-	resource "k8s.io/apimachinery/pkg/api/resource"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	types "k8s.io/apimachinery/pkg/types"
@@ -241,14 +240,47 @@ func (in *Binding) DeepCopy() *Binding {
 func (in *Binding) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *CSIPersistentVolumeSource) DeepCopyInto(out *CSIPersistentVolumeSource) {
 	*out = *in
+	if in.VolumeAttributes != nil {
+		in, out := &in.VolumeAttributes, &out.VolumeAttributes
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
+	if in.ControllerPublishSecretRef != nil {
+		in, out := &in.ControllerPublishSecretRef, &out.ControllerPublishSecretRef
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(SecretReference)
+			**out = **in
+		}
+	}
+	if in.NodeStageSecretRef != nil {
+		in, out := &in.NodeStageSecretRef, &out.NodeStageSecretRef
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(SecretReference)
+			**out = **in
+		}
+	}
+	if in.NodePublishSecretRef != nil {
+		in, out := &in.NodePublishSecretRef, &out.NodePublishSecretRef
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(SecretReference)
+			**out = **in
+		}
+	}
 	return
 }
 
@@ -432,9 +464,8 @@ func (in *ComponentStatus) DeepCopy() *ComponentStatus {
 func (in *ComponentStatus) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -466,9 +497,8 @@ func (in *ComponentStatusList) DeepCopy() *ComponentStatusList {
 func (in *ComponentStatusList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -483,6 +513,18 @@ func (in *ConfigMap) DeepCopyInto(out *ConfigMap) {
 			(*out)[key] = val
 		}
 	}
+	if in.BinaryData != nil {
+		in, out := &in.BinaryData, &out.BinaryData
+		*out = make(map[string][]byte, len(*in))
+		for key, val := range *in {
+			if val == nil {
+				(*out)[key] = nil
+			} else {
+				(*out)[key] = make([]byte, len(val))
+				copy((*out)[key], val)
+			}
+		}
+	}
 	return
 }
 
@@ -500,9 +542,8 @@ func (in *ConfigMap) DeepCopy() *ConfigMap {
 func (in *ConfigMap) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -586,9 +627,8 @@ func (in *ConfigMapList) DeepCopy() *ConfigMapList {
 func (in *ConfigMapList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -982,9 +1022,8 @@ func (in *DeleteOptions) DeepCopy() *DeleteOptions {
 func (in *DeleteOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -1093,8 +1132,8 @@ func (in *EmptyDirVolumeSource) DeepCopyInto(out *EmptyDirVolumeSource) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(resource.Quantity)
-			**out = (*in).DeepCopy()
+			x := (*in).DeepCopy()
+			*out = &x
 		}
 	}
 	return
@@ -1224,9 +1263,8 @@ func (in *Endpoints) DeepCopy() *Endpoints {
 func (in *Endpoints) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -1258,9 +1296,8 @@ func (in *EndpointsList) DeepCopy() *EndpointsList {
 func (in *EndpointsList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -1419,9 +1456,8 @@ func (in *Event) DeepCopy() *Event {
 func (in *Event) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -1453,9 +1489,8 @@ func (in *EventList) DeepCopy() *EventList {
 func (in *EventList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -1547,6 +1582,38 @@ func (in *FCVolumeSource) DeepCopy() *FCVolumeSource {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *FlexPersistentVolumeSource) DeepCopyInto(out *FlexPersistentVolumeSource) {
+	*out = *in
+	if in.SecretRef != nil {
+		in, out := &in.SecretRef, &out.SecretRef
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(SecretReference)
+			**out = **in
+		}
+	}
+	if in.Options != nil {
+		in, out := &in.Options, &out.Options
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FlexPersistentVolumeSource.
+func (in *FlexPersistentVolumeSource) DeepCopy() *FlexPersistentVolumeSource {
+	if in == nil {
+		return nil
+	}
+	out := new(FlexPersistentVolumeSource)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *FlexVolumeSource) DeepCopyInto(out *FlexVolumeSource) {
 	*out = *in
@@ -1930,9 +1997,8 @@ func (in *LimitRange) DeepCopy() *LimitRange {
 func (in *LimitRange) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2015,9 +2081,8 @@ func (in *LimitRangeList) DeepCopy() *LimitRangeList {
 func (in *LimitRangeList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2076,9 +2141,8 @@ func (in *List) DeepCopy() *List {
 func (in *List) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2121,9 +2185,8 @@ func (in *ListOptions) DeepCopy() *ListOptions {
 func (in *ListOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2235,9 +2298,8 @@ func (in *Namespace) DeepCopy() *Namespace {
 func (in *Namespace) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2269,9 +2331,8 @@ func (in *NamespaceList) DeepCopy() *NamespaceList {
 func (in *NamespaceList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2335,9 +2396,8 @@ func (in *Node) DeepCopy() *Node {
 func (in *Node) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2436,9 +2496,8 @@ func (in *NodeConfigSource) DeepCopy() *NodeConfigSource {
 func (in *NodeConfigSource) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2487,9 +2546,8 @@ func (in *NodeList) DeepCopy() *NodeList {
 func (in *NodeList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2513,9 +2571,8 @@ func (in *NodeProxyOptions) DeepCopy() *NodeProxyOptions {
 func (in *NodeProxyOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2742,8 +2799,7 @@ func (in *ObjectMeta) DeepCopyInto(out *ObjectMeta) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(v1.Time)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	if in.DeletionGracePeriodSeconds != nil {
@@ -2823,9 +2879,8 @@ func (in *ObjectReference) DeepCopy() *ObjectReference {
 func (in *ObjectReference) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2852,9 +2907,8 @@ func (in *PersistentVolume) DeepCopy() *PersistentVolume {
 func (in *PersistentVolume) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2881,9 +2935,8 @@ func (in *PersistentVolumeClaim) DeepCopy() *PersistentVolumeClaim {
 func (in *PersistentVolumeClaim) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -2933,9 +2986,8 @@ func (in *PersistentVolumeClaimList) DeepCopy() *PersistentVolumeClaimList {
 func (in *PersistentVolumeClaimList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -3067,9 +3119,8 @@ func (in *PersistentVolumeList) DeepCopy() *PersistentVolumeList {
 func (in *PersistentVolumeList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -3152,7 +3203,7 @@ func (in *PersistentVolumeSource) DeepCopyInto(out *PersistentVolumeSource) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(FlexVolumeSource)
+			*out = new(FlexPersistentVolumeSource)
 			(*in).DeepCopyInto(*out)
 		}
 	}
@@ -3270,7 +3321,7 @@ func (in *PersistentVolumeSource) DeepCopyInto(out *PersistentVolumeSource) {
 			*out = nil
 		} else {
 			*out = new(CSIPersistentVolumeSource)
-			**out = **in
+			(*in).DeepCopyInto(*out)
 		}
 	}
 	return
@@ -3325,6 +3376,15 @@ func (in *PersistentVolumeSpec) DeepCopyInto(out *PersistentVolumeSpec) {
 			**out = **in
 		}
 	}
+	if in.NodeAffinity != nil {
+		in, out := &in.NodeAffinity, &out.NodeAffinity
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(VolumeNodeAffinity)
+			(*in).DeepCopyInto(*out)
+		}
+	}
 	return
 }
 
@@ -3394,9 +3454,8 @@ func (in *Pod) DeepCopy() *Pod {
 func (in *Pod) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -3510,9 +3569,8 @@ func (in *PodAttachOptions) DeepCopy() *PodAttachOptions {
 func (in *PodAttachOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -3617,9 +3675,8 @@ func (in *PodExecOptions) DeepCopy() *PodExecOptions {
 func (in *PodExecOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -3651,9 +3708,8 @@ func (in *PodList) DeepCopy() *PodList {
 func (in *PodList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -3674,8 +3730,7 @@ func (in *PodLogOptions) DeepCopyInto(out *PodLogOptions) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(v1.Time)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	if in.TailLines != nil {
@@ -3713,9 +3768,8 @@ func (in *PodLogOptions) DeepCopy() *PodLogOptions {
 func (in *PodLogOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -3744,9 +3798,8 @@ func (in *PodPortForwardOptions) DeepCopy() *PodPortForwardOptions {
 func (in *PodPortForwardOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -3770,14 +3823,22 @@ func (in *PodProxyOptions) DeepCopy() *PodProxyOptions {
 func (in *PodProxyOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *PodSecurityContext) DeepCopyInto(out *PodSecurityContext) {
 	*out = *in
+	if in.ShareProcessNamespace != nil {
+		in, out := &in.ShareProcessNamespace, &out.ShareProcessNamespace
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(bool)
+			**out = **in
+		}
+	}
 	if in.SELinuxOptions != nil {
 		in, out := &in.SELinuxOptions, &out.SELinuxOptions
 		if *in == nil {
@@ -3796,6 +3857,15 @@ func (in *PodSecurityContext) DeepCopyInto(out *PodSecurityContext) {
 			**out = **in
 		}
 	}
+	if in.RunAsGroup != nil {
+		in, out := &in.RunAsGroup, &out.RunAsGroup
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(int64)
+			**out = **in
+		}
+	}
 	if in.RunAsNonRoot != nil {
 		in, out := &in.RunAsNonRoot, &out.RunAsNonRoot
 		if *in == nil {
@@ -3998,8 +4068,7 @@ func (in *PodStatus) DeepCopyInto(out *PodStatus) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(v1.Time)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	if in.InitContainerStatuses != nil {
@@ -4052,9 +4121,8 @@ func (in *PodStatusResult) DeepCopy() *PodStatusResult {
 func (in *PodStatusResult) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4080,9 +4148,8 @@ func (in *PodTemplate) DeepCopy() *PodTemplate {
 func (in *PodTemplate) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4114,9 +4181,8 @@ func (in *PodTemplateList) DeepCopy() *PodTemplateList {
 func (in *PodTemplateList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4365,9 +4431,8 @@ func (in *RangeAllocation) DeepCopy() *RangeAllocation {
 func (in *RangeAllocation) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4394,9 +4459,8 @@ func (in *ReplicationController) DeepCopy() *ReplicationController {
 func (in *ReplicationController) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4445,9 +4509,8 @@ func (in *ReplicationControllerList) DeepCopy() *ReplicationControllerList {
 func (in *ReplicationControllerList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4522,6 +4585,28 @@ func (in *ResourceFieldSelector) DeepCopy() *ResourceFieldSelector {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in ResourceList) DeepCopyInto(out *ResourceList) {
+	{
+		in := &in
+		*out = make(ResourceList, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val.DeepCopy()
+		}
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceList.
+func (in ResourceList) DeepCopy() ResourceList {
+	if in == nil {
+		return nil
+	}
+	out := new(ResourceList)
+	in.DeepCopyInto(out)
+	return *out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *ResourceQuota) DeepCopyInto(out *ResourceQuota) {
 	*out = *in
@@ -4546,9 +4631,8 @@ func (in *ResourceQuota) DeepCopy() *ResourceQuota {
 func (in *ResourceQuota) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4580,9 +4664,8 @@ func (in *ResourceQuotaList) DeepCopy() *ResourceQuotaList {
 func (in *ResourceQuotaList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4773,9 +4856,8 @@ func (in *Secret) DeepCopy() *Secret {
 func (in *Secret) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4859,9 +4941,8 @@ func (in *SecretList) DeepCopy() *SecretList {
 func (in *SecretList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -4993,6 +5074,15 @@ func (in *SecurityContext) DeepCopyInto(out *SecurityContext) {
 			**out = **in
 		}
 	}
+	if in.RunAsGroup != nil {
+		in, out := &in.RunAsGroup, &out.RunAsGroup
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(int64)
+			**out = **in
+		}
+	}
 	if in.RunAsNonRoot != nil {
 		in, out := &in.RunAsNonRoot, &out.RunAsNonRoot
 		if *in == nil {
@@ -5055,9 +5145,8 @@ func (in *SerializedReference) DeepCopy() *SerializedReference {
 func (in *SerializedReference) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -5084,9 +5173,8 @@ func (in *Service) DeepCopy() *Service {
 func (in *Service) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -5130,9 +5218,8 @@ func (in *ServiceAccount) DeepCopy() *ServiceAccount {
 func (in *ServiceAccount) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -5164,9 +5251,8 @@ func (in *ServiceAccountList) DeepCopy() *ServiceAccountList {
 func (in *ServiceAccountList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -5198,9 +5284,8 @@ func (in *ServiceList) DeepCopy() *ServiceList {
 func (in *ServiceList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -5241,9 +5326,8 @@ func (in *ServiceProxyOptions) DeepCopy() *ServiceProxyOptions {
 func (in *ServiceProxyOptions) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -5426,8 +5510,7 @@ func (in *Taint) DeepCopyInto(out *Taint) {
 		if *in == nil {
 			*out = nil
 		} else {
-			*out = new(v1.Time)
-			(*in).DeepCopyInto(*out)
+			*out = (*in).DeepCopy()
 		}
 	}
 	return
@@ -5526,6 +5609,31 @@ func (in *VolumeMount) DeepCopy() *VolumeMount {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *VolumeNodeAffinity) DeepCopyInto(out *VolumeNodeAffinity) {
+	*out = *in
+	if in.Required != nil {
+		in, out := &in.Required, &out.Required
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(NodeSelector)
+			(*in).DeepCopyInto(*out)
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeNodeAffinity.
+func (in *VolumeNodeAffinity) DeepCopy() *VolumeNodeAffinity {
+	if in == nil {
+		return nil
+	}
+	out := new(VolumeNodeAffinity)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *VolumeProjection) DeepCopyInto(out *VolumeProjection) {
 	*out = *in
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/events/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/events/v1beta1/zz_generated.conversion.go
index c588a11747aa..94a67e1bdef5 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/events/v1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/events/v1beta1/zz_generated.conversion.go
@@ -16,17 +16,18 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	unsafe "unsafe"
+
 	v1 "k8s.io/api/core/v1"
 	v1beta1 "k8s.io/api/events/v1beta1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	core "k8s.io/kubernetes/pkg/apis/core"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/events/v1beta1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/events/v1beta1/zz_generated.defaults.go
index b61dda74c238..544e569dc2d7 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/events/v1beta1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/events/v1beta1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/extensions/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/extensions/BUILD
index c52d2a9ac9ec..eecd17571c80 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/extensions/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/extensions/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["helpers_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/extensions",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/extensions/OWNERS b/vendor/k8s.io/kubernetes/pkg/apis/extensions/OWNERS
index 82c173c98276..cfac471108ca 100755
--- a/vendor/k8s.io/kubernetes/pkg/apis/extensions/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/apis/extensions/OWNERS
@@ -19,7 +19,6 @@ reviewers:
 - ncdc
 - tallclair
 - mwielgus
-- timothysc
 - soltysh
 - piosz
 - dims
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/BUILD
index 51d6bf1c77a6..cf1f13f4a4ec 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/BUILD
@@ -37,13 +37,13 @@ go_library(
 go_test(
     name = "go_default_xtest",
     srcs = ["defaults_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/extensions/v1beta1_test",
     deps = [
         ":go_default_library",
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/install:go_default_library",
         "//pkg/apis/extensions/install:go_default_library",
+        "//pkg/util/pointer:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/zz_generated.conversion.go
index 14a4f09993b6..9cefeb8d62e7 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/zz_generated.conversion.go
@@ -16,11 +16,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	unsafe "unsafe"
+
 	v1 "k8s.io/api/core/v1"
 	v1beta1 "k8s.io/api/extensions/v1beta1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -30,7 +32,6 @@ import (
 	core "k8s.io/kubernetes/pkg/apis/core"
 	core_v1 "k8s.io/kubernetes/pkg/apis/core/v1"
 	extensions "k8s.io/kubernetes/pkg/apis/extensions"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/zz_generated.defaults.go
index 6eb0bbedc549..3b009bef2ccb 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/extensions/v1beta1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/extensions/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/extensions/validation/BUILD
index d7ea42609a0a..82eaf8e82822 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/extensions/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/extensions/validation/BUILD
@@ -31,8 +31,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/extensions/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/extensions:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/extensions/validation/validation.go b/vendor/k8s.io/kubernetes/pkg/apis/extensions/validation/validation.go
index 20cc279e8fd4..a1f9aee6dc42 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/extensions/validation/validation.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/extensions/validation/validation.go
@@ -96,7 +96,7 @@ func validateDaemonSetStatus(status *extensions.DaemonSetStatus, fldPath *field.
 func ValidateDaemonSetStatusUpdate(ds, oldDS *extensions.DaemonSet) field.ErrorList {
 	allErrs := apivalidation.ValidateObjectMetaUpdate(&ds.ObjectMeta, &oldDS.ObjectMeta, field.NewPath("metadata"))
 	allErrs = append(allErrs, validateDaemonSetStatus(&ds.Status, field.NewPath("status"))...)
-	if isDecremented(ds.Status.CollisionCount, oldDS.Status.CollisionCount) {
+	if apivalidation.IsDecremented(ds.Status.CollisionCount, oldDS.Status.CollisionCount) {
 		value := int32(0)
 		if ds.Status.CollisionCount != nil {
 			value = *ds.Status.CollisionCount
@@ -341,7 +341,7 @@ func ValidateDeploymentStatusUpdate(update, old *extensions.Deployment) field.Er
 	allErrs := apivalidation.ValidateObjectMetaUpdate(&update.ObjectMeta, &old.ObjectMeta, field.NewPath("metadata"))
 	fldPath := field.NewPath("status")
 	allErrs = append(allErrs, ValidateDeploymentStatus(&update.Status, fldPath)...)
-	if isDecremented(update.Status.CollisionCount, old.Status.CollisionCount) {
+	if apivalidation.IsDecremented(update.Status.CollisionCount, old.Status.CollisionCount) {
 		value := int32(0)
 		if update.Status.CollisionCount != nil {
 			value = *update.Status.CollisionCount
@@ -351,17 +351,6 @@ func ValidateDeploymentStatusUpdate(update, old *extensions.Deployment) field.Er
 	return allErrs
 }
 
-// TODO: Move in "k8s.io/kubernetes/pkg/apis/core/validation"
-func isDecremented(update, old *int32) bool {
-	if update == nil && old != nil {
-		return true
-	}
-	if update == nil || old == nil {
-		return false
-	}
-	return *update < *old
-}
-
 func ValidateDeployment(obj *extensions.Deployment) field.ErrorList {
 	allErrs := apivalidation.ValidateObjectMeta(&obj.ObjectMeta, true, ValidateDeploymentName, field.NewPath("metadata"))
 	allErrs = append(allErrs, ValidateDeploymentSpec(&obj.Spec, field.NewPath("spec"))...)
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/extensions/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/extensions/zz_generated.deepcopy.go
index 852d4f09a9cc..b7a91b05d85f 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/extensions/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/extensions/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package extensions
 
@@ -162,9 +162,8 @@ func (in *DaemonSet) DeepCopy() *DaemonSet {
 func (in *DaemonSet) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -213,9 +212,8 @@ func (in *DaemonSetList) DeepCopy() *DaemonSetList {
 func (in *DaemonSetList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -335,9 +333,8 @@ func (in *Deployment) DeepCopy() *Deployment {
 func (in *Deployment) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -387,9 +384,8 @@ func (in *DeploymentList) DeepCopy() *DeploymentList {
 func (in *DeploymentList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -421,9 +417,8 @@ func (in *DeploymentRollback) DeepCopy() *DeploymentRollback {
 func (in *DeploymentRollback) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -652,9 +647,8 @@ func (in *Ingress) DeepCopy() *Ingress {
 func (in *Ingress) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -703,9 +697,8 @@ func (in *IngressList) DeepCopy() *IngressList {
 func (in *IngressList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -850,9 +843,8 @@ func (in *PodSecurityPolicy) DeepCopy() *PodSecurityPolicy {
 func (in *PodSecurityPolicy) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -884,9 +876,8 @@ func (in *PodSecurityPolicyList) DeepCopy() *PodSecurityPolicyList {
 func (in *PodSecurityPolicyList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -977,9 +968,8 @@ func (in *ReplicaSet) DeepCopy() *ReplicaSet {
 func (in *ReplicaSet) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -1028,9 +1018,8 @@ func (in *ReplicaSetList) DeepCopy() *ReplicaSetList {
 func (in *ReplicaSetList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -1103,9 +1092,8 @@ func (in *ReplicationControllerDummy) DeepCopy() *ReplicationControllerDummy {
 func (in *ReplicationControllerDummy) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/imagepolicy/v1alpha1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/imagepolicy/v1alpha1/zz_generated.conversion.go
index b38027736d9a..7aacf8500b55 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/imagepolicy/v1alpha1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/imagepolicy/v1alpha1/zz_generated.conversion.go
@@ -16,16 +16,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	unsafe "unsafe"
+
 	v1alpha1 "k8s.io/api/imagepolicy/v1alpha1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	imagepolicy "k8s.io/kubernetes/pkg/apis/imagepolicy"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/imagepolicy/v1alpha1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/imagepolicy/v1alpha1/zz_generated.defaults.go
index 5e24d22cacd1..2bd0078a37ef 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/imagepolicy/v1alpha1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/imagepolicy/v1alpha1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/imagepolicy/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/imagepolicy/zz_generated.deepcopy.go
index 790256b218f6..d726e82fc082 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/imagepolicy/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/imagepolicy/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package imagepolicy
 
@@ -48,9 +48,8 @@ func (in *ImageReview) DeepCopy() *ImageReview {
 func (in *ImageReview) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/networking/v1/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/networking/v1/BUILD
index a6237c850cf1..6523198e57d4 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/networking/v1/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/networking/v1/BUILD
@@ -45,7 +45,6 @@ filegroup(
 go_test(
     name = "go_default_xtest",
     srcs = ["defaults_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/networking/v1_test",
     deps = [
         ":go_default_library",
         "//pkg/api/legacyscheme:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/networking/v1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/networking/v1/zz_generated.conversion.go
index 3a3b414b7a61..a2407cca4e26 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/networking/v1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/networking/v1/zz_generated.conversion.go
@@ -16,11 +16,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	unsafe "unsafe"
+
 	core_v1 "k8s.io/api/core/v1"
 	v1 "k8s.io/api/networking/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -29,7 +31,6 @@ import (
 	intstr "k8s.io/apimachinery/pkg/util/intstr"
 	core "k8s.io/kubernetes/pkg/apis/core"
 	networking "k8s.io/kubernetes/pkg/apis/networking"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/networking/v1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/networking/v1/zz_generated.defaults.go
index 5843b99ed548..80b60245423f 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/networking/v1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/networking/v1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/networking/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/networking/validation/BUILD
index 5f1ccf041744..2b20ba2addc6 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/networking/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/networking/validation/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/networking/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/networking:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/networking/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/networking/zz_generated.deepcopy.go
index 8ab8e33ec18c..47121a572eac 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/networking/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/networking/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package networking
 
@@ -71,9 +71,8 @@ func (in *NetworkPolicy) DeepCopy() *NetworkPolicy {
 func (in *NetworkPolicy) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -165,9 +164,8 @@ func (in *NetworkPolicyList) DeepCopy() *NetworkPolicyList {
 func (in *NetworkPolicyList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/policy/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/policy/BUILD
index 86f104cff8d7..7bc57e36fad3 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/policy/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/policy/BUILD
@@ -15,6 +15,7 @@ go_library(
     ],
     importpath = "k8s.io/kubernetes/pkg/apis/policy",
     deps = [
+        "//pkg/apis/extensions:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/policy/OWNERS b/vendor/k8s.io/kubernetes/pkg/apis/policy/OWNERS
index 99e0bffb5333..a245fde358e9 100755
--- a/vendor/k8s.io/kubernetes/pkg/apis/policy/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/apis/policy/OWNERS
@@ -2,3 +2,7 @@ approvers:
 - sig-apps-api-approvers
 reviewers:
 - sig-apps-reviewers
+- pweil-
+- liggitt
+- tallclair
+- php-coder
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/policy/install/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/policy/install/BUILD
index 6cecb39790cc..c42408b00fb1 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/policy/install/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/policy/install/BUILD
@@ -16,6 +16,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/apimachinery/announced:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apimachinery/registered:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/policy/install/install.go b/vendor/k8s.io/kubernetes/pkg/apis/policy/install/install.go
index 6c5703195b90..7a6db95728ad 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/policy/install/install.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/policy/install/install.go
@@ -22,6 +22,7 @@ import (
 	"k8s.io/apimachinery/pkg/apimachinery/announced"
 	"k8s.io/apimachinery/pkg/apimachinery/registered"
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/kubernetes/pkg/api/legacyscheme"
 	"k8s.io/kubernetes/pkg/apis/policy"
 	"k8s.io/kubernetes/pkg/apis/policy/v1beta1"
@@ -37,6 +38,7 @@ func Install(groupFactoryRegistry announced.APIGroupFactoryRegistry, registry *r
 		&announced.GroupMetaFactoryArgs{
 			GroupName:                  policy.GroupName,
 			VersionPreferenceOrder:     []string{v1beta1.SchemeGroupVersion.Version},
+			RootScopedKinds:            sets.NewString("PodSecurityPolicy"),
 			AddInternalObjectsToScheme: policy.AddToScheme,
 		},
 		announced.VersionToSchemeFunc{
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/policy/register.go b/vendor/k8s.io/kubernetes/pkg/apis/policy/register.go
index 80e834b385d4..6a91919e0964 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/policy/register.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/policy/register.go
@@ -19,6 +19,7 @@ package policy
 import (
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/kubernetes/pkg/apis/extensions"
 )
 
 // GroupName is the group name use in this package
@@ -48,6 +49,8 @@ func addKnownTypes(scheme *runtime.Scheme) error {
 	scheme.AddKnownTypes(SchemeGroupVersion,
 		&PodDisruptionBudget{},
 		&PodDisruptionBudgetList{},
+		&extensions.PodSecurityPolicy{},
+		&extensions.PodSecurityPolicyList{},
 		&Eviction{},
 	)
 	return nil
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/policy/v1beta1/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/policy/v1beta1/BUILD
index 91f28a022675..3cf454b61776 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/policy/v1beta1/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/policy/v1beta1/BUILD
@@ -8,6 +8,7 @@ load(
 go_library(
     name = "go_default_library",
     srcs = [
+        "defaults.go",
         "doc.go",
         "register.go",
         "zz_generated.conversion.go",
@@ -15,7 +16,10 @@ go_library(
     ],
     importpath = "k8s.io/kubernetes/pkg/apis/policy/v1beta1",
     deps = [
+        "//pkg/apis/core:go_default_library",
+        "//pkg/apis/extensions:go_default_library",
         "//pkg/apis/policy:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/api/policy/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/conversion:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/policy/v1beta1/defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/policy/v1beta1/defaults.go
new file mode 100644
index 000000000000..47a3d1f9a581
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/apis/policy/v1beta1/defaults.go
@@ -0,0 +1,35 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta1
+
+import (
+	policyv1beta1 "k8s.io/api/policy/v1beta1"
+	"k8s.io/apimachinery/pkg/runtime"
+)
+
+func addDefaultingFuncs(scheme *runtime.Scheme) error {
+	return RegisterDefaults(scheme)
+}
+
+func SetDefaults_PodSecurityPolicySpec(obj *policyv1beta1.PodSecurityPolicySpec) {
+	// This field was added after PodSecurityPolicy was released.
+	// Policies that do not include this field must remain as permissive as they were prior to the introduction of this field.
+	if obj.AllowPrivilegeEscalation == nil {
+		t := true
+		obj.AllowPrivilegeEscalation = &t
+	}
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/policy/v1beta1/doc.go b/vendor/k8s.io/kubernetes/pkg/apis/policy/v1beta1/doc.go
index c3df0ab23581..bbbdcaeaa952 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/policy/v1beta1/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/policy/v1beta1/doc.go
@@ -15,6 +15,7 @@ limitations under the License.
 */
 
 // +k8s:conversion-gen=k8s.io/kubernetes/pkg/apis/policy
+// +k8s:conversion-gen=k8s.io/kubernetes/pkg/apis/extensions
 // +k8s:conversion-gen-external-types=k8s.io/api/policy/v1beta1
 // +k8s:defaulter-gen=TypeMeta
 // +k8s:defaulter-gen-input=../../../../vendor/k8s.io/api/policy/v1beta1
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/policy/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/policy/v1beta1/zz_generated.conversion.go
index 4e776634a2f0..1b2641798205 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/policy/v1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/policy/v1beta1/zz_generated.conversion.go
@@ -16,18 +16,22 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	unsafe "unsafe"
+
+	core_v1 "k8s.io/api/core/v1"
 	v1beta1 "k8s.io/api/policy/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	intstr "k8s.io/apimachinery/pkg/util/intstr"
+	core "k8s.io/kubernetes/pkg/apis/core"
+	extensions "k8s.io/kubernetes/pkg/apis/extensions"
 	policy "k8s.io/kubernetes/pkg/apis/policy"
-	unsafe "unsafe"
 )
 
 func init() {
@@ -38,8 +42,16 @@ func init() {
 // Public to allow building arbitrary schemes.
 func RegisterConversions(scheme *runtime.Scheme) error {
 	return scheme.AddGeneratedConversionFuncs(
+		Convert_v1beta1_AllowedFlexVolume_To_extensions_AllowedFlexVolume,
+		Convert_extensions_AllowedFlexVolume_To_v1beta1_AllowedFlexVolume,
+		Convert_v1beta1_AllowedHostPath_To_extensions_AllowedHostPath,
+		Convert_extensions_AllowedHostPath_To_v1beta1_AllowedHostPath,
 		Convert_v1beta1_Eviction_To_policy_Eviction,
 		Convert_policy_Eviction_To_v1beta1_Eviction,
+		Convert_v1beta1_FSGroupStrategyOptions_To_extensions_FSGroupStrategyOptions,
+		Convert_extensions_FSGroupStrategyOptions_To_v1beta1_FSGroupStrategyOptions,
+		Convert_v1beta1_HostPortRange_To_extensions_HostPortRange,
+		Convert_extensions_HostPortRange_To_v1beta1_HostPortRange,
 		Convert_v1beta1_PodDisruptionBudget_To_policy_PodDisruptionBudget,
 		Convert_policy_PodDisruptionBudget_To_v1beta1_PodDisruptionBudget,
 		Convert_v1beta1_PodDisruptionBudgetList_To_policy_PodDisruptionBudgetList,
@@ -48,9 +60,61 @@ func RegisterConversions(scheme *runtime.Scheme) error {
 		Convert_policy_PodDisruptionBudgetSpec_To_v1beta1_PodDisruptionBudgetSpec,
 		Convert_v1beta1_PodDisruptionBudgetStatus_To_policy_PodDisruptionBudgetStatus,
 		Convert_policy_PodDisruptionBudgetStatus_To_v1beta1_PodDisruptionBudgetStatus,
+		Convert_v1beta1_PodSecurityPolicy_To_extensions_PodSecurityPolicy,
+		Convert_extensions_PodSecurityPolicy_To_v1beta1_PodSecurityPolicy,
+		Convert_v1beta1_PodSecurityPolicyList_To_extensions_PodSecurityPolicyList,
+		Convert_extensions_PodSecurityPolicyList_To_v1beta1_PodSecurityPolicyList,
+		Convert_v1beta1_PodSecurityPolicySpec_To_extensions_PodSecurityPolicySpec,
+		Convert_extensions_PodSecurityPolicySpec_To_v1beta1_PodSecurityPolicySpec,
+		Convert_v1beta1_RunAsUserStrategyOptions_To_extensions_RunAsUserStrategyOptions,
+		Convert_extensions_RunAsUserStrategyOptions_To_v1beta1_RunAsUserStrategyOptions,
+		Convert_v1beta1_SELinuxStrategyOptions_To_extensions_SELinuxStrategyOptions,
+		Convert_extensions_SELinuxStrategyOptions_To_v1beta1_SELinuxStrategyOptions,
+		Convert_v1beta1_SupplementalGroupsStrategyOptions_To_extensions_SupplementalGroupsStrategyOptions,
+		Convert_extensions_SupplementalGroupsStrategyOptions_To_v1beta1_SupplementalGroupsStrategyOptions,
 	)
 }
 
+func autoConvert_v1beta1_AllowedFlexVolume_To_extensions_AllowedFlexVolume(in *v1beta1.AllowedFlexVolume, out *extensions.AllowedFlexVolume, s conversion.Scope) error {
+	out.Driver = in.Driver
+	return nil
+}
+
+// Convert_v1beta1_AllowedFlexVolume_To_extensions_AllowedFlexVolume is an autogenerated conversion function.
+func Convert_v1beta1_AllowedFlexVolume_To_extensions_AllowedFlexVolume(in *v1beta1.AllowedFlexVolume, out *extensions.AllowedFlexVolume, s conversion.Scope) error {
+	return autoConvert_v1beta1_AllowedFlexVolume_To_extensions_AllowedFlexVolume(in, out, s)
+}
+
+func autoConvert_extensions_AllowedFlexVolume_To_v1beta1_AllowedFlexVolume(in *extensions.AllowedFlexVolume, out *v1beta1.AllowedFlexVolume, s conversion.Scope) error {
+	out.Driver = in.Driver
+	return nil
+}
+
+// Convert_extensions_AllowedFlexVolume_To_v1beta1_AllowedFlexVolume is an autogenerated conversion function.
+func Convert_extensions_AllowedFlexVolume_To_v1beta1_AllowedFlexVolume(in *extensions.AllowedFlexVolume, out *v1beta1.AllowedFlexVolume, s conversion.Scope) error {
+	return autoConvert_extensions_AllowedFlexVolume_To_v1beta1_AllowedFlexVolume(in, out, s)
+}
+
+func autoConvert_v1beta1_AllowedHostPath_To_extensions_AllowedHostPath(in *v1beta1.AllowedHostPath, out *extensions.AllowedHostPath, s conversion.Scope) error {
+	out.PathPrefix = in.PathPrefix
+	return nil
+}
+
+// Convert_v1beta1_AllowedHostPath_To_extensions_AllowedHostPath is an autogenerated conversion function.
+func Convert_v1beta1_AllowedHostPath_To_extensions_AllowedHostPath(in *v1beta1.AllowedHostPath, out *extensions.AllowedHostPath, s conversion.Scope) error {
+	return autoConvert_v1beta1_AllowedHostPath_To_extensions_AllowedHostPath(in, out, s)
+}
+
+func autoConvert_extensions_AllowedHostPath_To_v1beta1_AllowedHostPath(in *extensions.AllowedHostPath, out *v1beta1.AllowedHostPath, s conversion.Scope) error {
+	out.PathPrefix = in.PathPrefix
+	return nil
+}
+
+// Convert_extensions_AllowedHostPath_To_v1beta1_AllowedHostPath is an autogenerated conversion function.
+func Convert_extensions_AllowedHostPath_To_v1beta1_AllowedHostPath(in *extensions.AllowedHostPath, out *v1beta1.AllowedHostPath, s conversion.Scope) error {
+	return autoConvert_extensions_AllowedHostPath_To_v1beta1_AllowedHostPath(in, out, s)
+}
+
 func autoConvert_v1beta1_Eviction_To_policy_Eviction(in *v1beta1.Eviction, out *policy.Eviction, s conversion.Scope) error {
 	out.ObjectMeta = in.ObjectMeta
 	out.DeleteOptions = (*v1.DeleteOptions)(unsafe.Pointer(in.DeleteOptions))
@@ -73,6 +137,50 @@ func Convert_policy_Eviction_To_v1beta1_Eviction(in *policy.Eviction, out *v1bet
 	return autoConvert_policy_Eviction_To_v1beta1_Eviction(in, out, s)
 }
 
+func autoConvert_v1beta1_FSGroupStrategyOptions_To_extensions_FSGroupStrategyOptions(in *v1beta1.FSGroupStrategyOptions, out *extensions.FSGroupStrategyOptions, s conversion.Scope) error {
+	out.Rule = extensions.FSGroupStrategyType(in.Rule)
+	out.Ranges = *(*[]extensions.GroupIDRange)(unsafe.Pointer(&in.Ranges))
+	return nil
+}
+
+// Convert_v1beta1_FSGroupStrategyOptions_To_extensions_FSGroupStrategyOptions is an autogenerated conversion function.
+func Convert_v1beta1_FSGroupStrategyOptions_To_extensions_FSGroupStrategyOptions(in *v1beta1.FSGroupStrategyOptions, out *extensions.FSGroupStrategyOptions, s conversion.Scope) error {
+	return autoConvert_v1beta1_FSGroupStrategyOptions_To_extensions_FSGroupStrategyOptions(in, out, s)
+}
+
+func autoConvert_extensions_FSGroupStrategyOptions_To_v1beta1_FSGroupStrategyOptions(in *extensions.FSGroupStrategyOptions, out *v1beta1.FSGroupStrategyOptions, s conversion.Scope) error {
+	out.Rule = v1beta1.FSGroupStrategyType(in.Rule)
+	out.Ranges = *(*[]v1beta1.IDRange)(unsafe.Pointer(&in.Ranges))
+	return nil
+}
+
+// Convert_extensions_FSGroupStrategyOptions_To_v1beta1_FSGroupStrategyOptions is an autogenerated conversion function.
+func Convert_extensions_FSGroupStrategyOptions_To_v1beta1_FSGroupStrategyOptions(in *extensions.FSGroupStrategyOptions, out *v1beta1.FSGroupStrategyOptions, s conversion.Scope) error {
+	return autoConvert_extensions_FSGroupStrategyOptions_To_v1beta1_FSGroupStrategyOptions(in, out, s)
+}
+
+func autoConvert_v1beta1_HostPortRange_To_extensions_HostPortRange(in *v1beta1.HostPortRange, out *extensions.HostPortRange, s conversion.Scope) error {
+	out.Min = in.Min
+	out.Max = in.Max
+	return nil
+}
+
+// Convert_v1beta1_HostPortRange_To_extensions_HostPortRange is an autogenerated conversion function.
+func Convert_v1beta1_HostPortRange_To_extensions_HostPortRange(in *v1beta1.HostPortRange, out *extensions.HostPortRange, s conversion.Scope) error {
+	return autoConvert_v1beta1_HostPortRange_To_extensions_HostPortRange(in, out, s)
+}
+
+func autoConvert_extensions_HostPortRange_To_v1beta1_HostPortRange(in *extensions.HostPortRange, out *v1beta1.HostPortRange, s conversion.Scope) error {
+	out.Min = in.Min
+	out.Max = in.Max
+	return nil
+}
+
+// Convert_extensions_HostPortRange_To_v1beta1_HostPortRange is an autogenerated conversion function.
+func Convert_extensions_HostPortRange_To_v1beta1_HostPortRange(in *extensions.HostPortRange, out *v1beta1.HostPortRange, s conversion.Scope) error {
+	return autoConvert_extensions_HostPortRange_To_v1beta1_HostPortRange(in, out, s)
+}
+
 func autoConvert_v1beta1_PodDisruptionBudget_To_policy_PodDisruptionBudget(in *v1beta1.PodDisruptionBudget, out *policy.PodDisruptionBudget, s conversion.Scope) error {
 	out.ObjectMeta = in.ObjectMeta
 	if err := Convert_v1beta1_PodDisruptionBudgetSpec_To_policy_PodDisruptionBudgetSpec(&in.Spec, &out.Spec, s); err != nil {
@@ -180,3 +288,211 @@ func autoConvert_policy_PodDisruptionBudgetStatus_To_v1beta1_PodDisruptionBudget
 func Convert_policy_PodDisruptionBudgetStatus_To_v1beta1_PodDisruptionBudgetStatus(in *policy.PodDisruptionBudgetStatus, out *v1beta1.PodDisruptionBudgetStatus, s conversion.Scope) error {
 	return autoConvert_policy_PodDisruptionBudgetStatus_To_v1beta1_PodDisruptionBudgetStatus(in, out, s)
 }
+
+func autoConvert_v1beta1_PodSecurityPolicy_To_extensions_PodSecurityPolicy(in *v1beta1.PodSecurityPolicy, out *extensions.PodSecurityPolicy, s conversion.Scope) error {
+	out.ObjectMeta = in.ObjectMeta
+	if err := Convert_v1beta1_PodSecurityPolicySpec_To_extensions_PodSecurityPolicySpec(&in.Spec, &out.Spec, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_v1beta1_PodSecurityPolicy_To_extensions_PodSecurityPolicy is an autogenerated conversion function.
+func Convert_v1beta1_PodSecurityPolicy_To_extensions_PodSecurityPolicy(in *v1beta1.PodSecurityPolicy, out *extensions.PodSecurityPolicy, s conversion.Scope) error {
+	return autoConvert_v1beta1_PodSecurityPolicy_To_extensions_PodSecurityPolicy(in, out, s)
+}
+
+func autoConvert_extensions_PodSecurityPolicy_To_v1beta1_PodSecurityPolicy(in *extensions.PodSecurityPolicy, out *v1beta1.PodSecurityPolicy, s conversion.Scope) error {
+	out.ObjectMeta = in.ObjectMeta
+	if err := Convert_extensions_PodSecurityPolicySpec_To_v1beta1_PodSecurityPolicySpec(&in.Spec, &out.Spec, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_extensions_PodSecurityPolicy_To_v1beta1_PodSecurityPolicy is an autogenerated conversion function.
+func Convert_extensions_PodSecurityPolicy_To_v1beta1_PodSecurityPolicy(in *extensions.PodSecurityPolicy, out *v1beta1.PodSecurityPolicy, s conversion.Scope) error {
+	return autoConvert_extensions_PodSecurityPolicy_To_v1beta1_PodSecurityPolicy(in, out, s)
+}
+
+func autoConvert_v1beta1_PodSecurityPolicyList_To_extensions_PodSecurityPolicyList(in *v1beta1.PodSecurityPolicyList, out *extensions.PodSecurityPolicyList, s conversion.Scope) error {
+	out.ListMeta = in.ListMeta
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]extensions.PodSecurityPolicy, len(*in))
+		for i := range *in {
+			if err := Convert_v1beta1_PodSecurityPolicy_To_extensions_PodSecurityPolicy(&(*in)[i], &(*out)[i], s); err != nil {
+				return err
+			}
+		}
+	} else {
+		out.Items = nil
+	}
+	return nil
+}
+
+// Convert_v1beta1_PodSecurityPolicyList_To_extensions_PodSecurityPolicyList is an autogenerated conversion function.
+func Convert_v1beta1_PodSecurityPolicyList_To_extensions_PodSecurityPolicyList(in *v1beta1.PodSecurityPolicyList, out *extensions.PodSecurityPolicyList, s conversion.Scope) error {
+	return autoConvert_v1beta1_PodSecurityPolicyList_To_extensions_PodSecurityPolicyList(in, out, s)
+}
+
+func autoConvert_extensions_PodSecurityPolicyList_To_v1beta1_PodSecurityPolicyList(in *extensions.PodSecurityPolicyList, out *v1beta1.PodSecurityPolicyList, s conversion.Scope) error {
+	out.ListMeta = in.ListMeta
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]v1beta1.PodSecurityPolicy, len(*in))
+		for i := range *in {
+			if err := Convert_extensions_PodSecurityPolicy_To_v1beta1_PodSecurityPolicy(&(*in)[i], &(*out)[i], s); err != nil {
+				return err
+			}
+		}
+	} else {
+		out.Items = nil
+	}
+	return nil
+}
+
+// Convert_extensions_PodSecurityPolicyList_To_v1beta1_PodSecurityPolicyList is an autogenerated conversion function.
+func Convert_extensions_PodSecurityPolicyList_To_v1beta1_PodSecurityPolicyList(in *extensions.PodSecurityPolicyList, out *v1beta1.PodSecurityPolicyList, s conversion.Scope) error {
+	return autoConvert_extensions_PodSecurityPolicyList_To_v1beta1_PodSecurityPolicyList(in, out, s)
+}
+
+func autoConvert_v1beta1_PodSecurityPolicySpec_To_extensions_PodSecurityPolicySpec(in *v1beta1.PodSecurityPolicySpec, out *extensions.PodSecurityPolicySpec, s conversion.Scope) error {
+	out.Privileged = in.Privileged
+	out.DefaultAddCapabilities = *(*[]core.Capability)(unsafe.Pointer(&in.DefaultAddCapabilities))
+	out.RequiredDropCapabilities = *(*[]core.Capability)(unsafe.Pointer(&in.RequiredDropCapabilities))
+	out.AllowedCapabilities = *(*[]core.Capability)(unsafe.Pointer(&in.AllowedCapabilities))
+	out.Volumes = *(*[]extensions.FSType)(unsafe.Pointer(&in.Volumes))
+	out.HostNetwork = in.HostNetwork
+	out.HostPorts = *(*[]extensions.HostPortRange)(unsafe.Pointer(&in.HostPorts))
+	out.HostPID = in.HostPID
+	out.HostIPC = in.HostIPC
+	if err := Convert_v1beta1_SELinuxStrategyOptions_To_extensions_SELinuxStrategyOptions(&in.SELinux, &out.SELinux, s); err != nil {
+		return err
+	}
+	if err := Convert_v1beta1_RunAsUserStrategyOptions_To_extensions_RunAsUserStrategyOptions(&in.RunAsUser, &out.RunAsUser, s); err != nil {
+		return err
+	}
+	if err := Convert_v1beta1_SupplementalGroupsStrategyOptions_To_extensions_SupplementalGroupsStrategyOptions(&in.SupplementalGroups, &out.SupplementalGroups, s); err != nil {
+		return err
+	}
+	if err := Convert_v1beta1_FSGroupStrategyOptions_To_extensions_FSGroupStrategyOptions(&in.FSGroup, &out.FSGroup, s); err != nil {
+		return err
+	}
+	out.ReadOnlyRootFilesystem = in.ReadOnlyRootFilesystem
+	out.DefaultAllowPrivilegeEscalation = (*bool)(unsafe.Pointer(in.DefaultAllowPrivilegeEscalation))
+	if err := v1.Convert_Pointer_bool_To_bool(&in.AllowPrivilegeEscalation, &out.AllowPrivilegeEscalation, s); err != nil {
+		return err
+	}
+	out.AllowedHostPaths = *(*[]extensions.AllowedHostPath)(unsafe.Pointer(&in.AllowedHostPaths))
+	out.AllowedFlexVolumes = *(*[]extensions.AllowedFlexVolume)(unsafe.Pointer(&in.AllowedFlexVolumes))
+	return nil
+}
+
+// Convert_v1beta1_PodSecurityPolicySpec_To_extensions_PodSecurityPolicySpec is an autogenerated conversion function.
+func Convert_v1beta1_PodSecurityPolicySpec_To_extensions_PodSecurityPolicySpec(in *v1beta1.PodSecurityPolicySpec, out *extensions.PodSecurityPolicySpec, s conversion.Scope) error {
+	return autoConvert_v1beta1_PodSecurityPolicySpec_To_extensions_PodSecurityPolicySpec(in, out, s)
+}
+
+func autoConvert_extensions_PodSecurityPolicySpec_To_v1beta1_PodSecurityPolicySpec(in *extensions.PodSecurityPolicySpec, out *v1beta1.PodSecurityPolicySpec, s conversion.Scope) error {
+	out.Privileged = in.Privileged
+	out.DefaultAddCapabilities = *(*[]core_v1.Capability)(unsafe.Pointer(&in.DefaultAddCapabilities))
+	out.RequiredDropCapabilities = *(*[]core_v1.Capability)(unsafe.Pointer(&in.RequiredDropCapabilities))
+	out.AllowedCapabilities = *(*[]core_v1.Capability)(unsafe.Pointer(&in.AllowedCapabilities))
+	out.Volumes = *(*[]v1beta1.FSType)(unsafe.Pointer(&in.Volumes))
+	out.HostNetwork = in.HostNetwork
+	out.HostPorts = *(*[]v1beta1.HostPortRange)(unsafe.Pointer(&in.HostPorts))
+	out.HostPID = in.HostPID
+	out.HostIPC = in.HostIPC
+	if err := Convert_extensions_SELinuxStrategyOptions_To_v1beta1_SELinuxStrategyOptions(&in.SELinux, &out.SELinux, s); err != nil {
+		return err
+	}
+	if err := Convert_extensions_RunAsUserStrategyOptions_To_v1beta1_RunAsUserStrategyOptions(&in.RunAsUser, &out.RunAsUser, s); err != nil {
+		return err
+	}
+	if err := Convert_extensions_SupplementalGroupsStrategyOptions_To_v1beta1_SupplementalGroupsStrategyOptions(&in.SupplementalGroups, &out.SupplementalGroups, s); err != nil {
+		return err
+	}
+	if err := Convert_extensions_FSGroupStrategyOptions_To_v1beta1_FSGroupStrategyOptions(&in.FSGroup, &out.FSGroup, s); err != nil {
+		return err
+	}
+	out.ReadOnlyRootFilesystem = in.ReadOnlyRootFilesystem
+	out.DefaultAllowPrivilegeEscalation = (*bool)(unsafe.Pointer(in.DefaultAllowPrivilegeEscalation))
+	if err := v1.Convert_bool_To_Pointer_bool(&in.AllowPrivilegeEscalation, &out.AllowPrivilegeEscalation, s); err != nil {
+		return err
+	}
+	out.AllowedHostPaths = *(*[]v1beta1.AllowedHostPath)(unsafe.Pointer(&in.AllowedHostPaths))
+	out.AllowedFlexVolumes = *(*[]v1beta1.AllowedFlexVolume)(unsafe.Pointer(&in.AllowedFlexVolumes))
+	return nil
+}
+
+// Convert_extensions_PodSecurityPolicySpec_To_v1beta1_PodSecurityPolicySpec is an autogenerated conversion function.
+func Convert_extensions_PodSecurityPolicySpec_To_v1beta1_PodSecurityPolicySpec(in *extensions.PodSecurityPolicySpec, out *v1beta1.PodSecurityPolicySpec, s conversion.Scope) error {
+	return autoConvert_extensions_PodSecurityPolicySpec_To_v1beta1_PodSecurityPolicySpec(in, out, s)
+}
+
+func autoConvert_v1beta1_RunAsUserStrategyOptions_To_extensions_RunAsUserStrategyOptions(in *v1beta1.RunAsUserStrategyOptions, out *extensions.RunAsUserStrategyOptions, s conversion.Scope) error {
+	out.Rule = extensions.RunAsUserStrategy(in.Rule)
+	out.Ranges = *(*[]extensions.UserIDRange)(unsafe.Pointer(&in.Ranges))
+	return nil
+}
+
+// Convert_v1beta1_RunAsUserStrategyOptions_To_extensions_RunAsUserStrategyOptions is an autogenerated conversion function.
+func Convert_v1beta1_RunAsUserStrategyOptions_To_extensions_RunAsUserStrategyOptions(in *v1beta1.RunAsUserStrategyOptions, out *extensions.RunAsUserStrategyOptions, s conversion.Scope) error {
+	return autoConvert_v1beta1_RunAsUserStrategyOptions_To_extensions_RunAsUserStrategyOptions(in, out, s)
+}
+
+func autoConvert_extensions_RunAsUserStrategyOptions_To_v1beta1_RunAsUserStrategyOptions(in *extensions.RunAsUserStrategyOptions, out *v1beta1.RunAsUserStrategyOptions, s conversion.Scope) error {
+	out.Rule = v1beta1.RunAsUserStrategy(in.Rule)
+	out.Ranges = *(*[]v1beta1.IDRange)(unsafe.Pointer(&in.Ranges))
+	return nil
+}
+
+// Convert_extensions_RunAsUserStrategyOptions_To_v1beta1_RunAsUserStrategyOptions is an autogenerated conversion function.
+func Convert_extensions_RunAsUserStrategyOptions_To_v1beta1_RunAsUserStrategyOptions(in *extensions.RunAsUserStrategyOptions, out *v1beta1.RunAsUserStrategyOptions, s conversion.Scope) error {
+	return autoConvert_extensions_RunAsUserStrategyOptions_To_v1beta1_RunAsUserStrategyOptions(in, out, s)
+}
+
+func autoConvert_v1beta1_SELinuxStrategyOptions_To_extensions_SELinuxStrategyOptions(in *v1beta1.SELinuxStrategyOptions, out *extensions.SELinuxStrategyOptions, s conversion.Scope) error {
+	out.Rule = extensions.SELinuxStrategy(in.Rule)
+	out.SELinuxOptions = (*core.SELinuxOptions)(unsafe.Pointer(in.SELinuxOptions))
+	return nil
+}
+
+// Convert_v1beta1_SELinuxStrategyOptions_To_extensions_SELinuxStrategyOptions is an autogenerated conversion function.
+func Convert_v1beta1_SELinuxStrategyOptions_To_extensions_SELinuxStrategyOptions(in *v1beta1.SELinuxStrategyOptions, out *extensions.SELinuxStrategyOptions, s conversion.Scope) error {
+	return autoConvert_v1beta1_SELinuxStrategyOptions_To_extensions_SELinuxStrategyOptions(in, out, s)
+}
+
+func autoConvert_extensions_SELinuxStrategyOptions_To_v1beta1_SELinuxStrategyOptions(in *extensions.SELinuxStrategyOptions, out *v1beta1.SELinuxStrategyOptions, s conversion.Scope) error {
+	out.Rule = v1beta1.SELinuxStrategy(in.Rule)
+	out.SELinuxOptions = (*core_v1.SELinuxOptions)(unsafe.Pointer(in.SELinuxOptions))
+	return nil
+}
+
+// Convert_extensions_SELinuxStrategyOptions_To_v1beta1_SELinuxStrategyOptions is an autogenerated conversion function.
+func Convert_extensions_SELinuxStrategyOptions_To_v1beta1_SELinuxStrategyOptions(in *extensions.SELinuxStrategyOptions, out *v1beta1.SELinuxStrategyOptions, s conversion.Scope) error {
+	return autoConvert_extensions_SELinuxStrategyOptions_To_v1beta1_SELinuxStrategyOptions(in, out, s)
+}
+
+func autoConvert_v1beta1_SupplementalGroupsStrategyOptions_To_extensions_SupplementalGroupsStrategyOptions(in *v1beta1.SupplementalGroupsStrategyOptions, out *extensions.SupplementalGroupsStrategyOptions, s conversion.Scope) error {
+	out.Rule = extensions.SupplementalGroupsStrategyType(in.Rule)
+	out.Ranges = *(*[]extensions.GroupIDRange)(unsafe.Pointer(&in.Ranges))
+	return nil
+}
+
+// Convert_v1beta1_SupplementalGroupsStrategyOptions_To_extensions_SupplementalGroupsStrategyOptions is an autogenerated conversion function.
+func Convert_v1beta1_SupplementalGroupsStrategyOptions_To_extensions_SupplementalGroupsStrategyOptions(in *v1beta1.SupplementalGroupsStrategyOptions, out *extensions.SupplementalGroupsStrategyOptions, s conversion.Scope) error {
+	return autoConvert_v1beta1_SupplementalGroupsStrategyOptions_To_extensions_SupplementalGroupsStrategyOptions(in, out, s)
+}
+
+func autoConvert_extensions_SupplementalGroupsStrategyOptions_To_v1beta1_SupplementalGroupsStrategyOptions(in *extensions.SupplementalGroupsStrategyOptions, out *v1beta1.SupplementalGroupsStrategyOptions, s conversion.Scope) error {
+	out.Rule = v1beta1.SupplementalGroupsStrategyType(in.Rule)
+	out.Ranges = *(*[]v1beta1.IDRange)(unsafe.Pointer(&in.Ranges))
+	return nil
+}
+
+// Convert_extensions_SupplementalGroupsStrategyOptions_To_v1beta1_SupplementalGroupsStrategyOptions is an autogenerated conversion function.
+func Convert_extensions_SupplementalGroupsStrategyOptions_To_v1beta1_SupplementalGroupsStrategyOptions(in *extensions.SupplementalGroupsStrategyOptions, out *v1beta1.SupplementalGroupsStrategyOptions, s conversion.Scope) error {
+	return autoConvert_extensions_SupplementalGroupsStrategyOptions_To_v1beta1_SupplementalGroupsStrategyOptions(in, out, s)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/policy/v1beta1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/policy/v1beta1/zz_generated.defaults.go
index b61dda74c238..769d0152eaa1 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/policy/v1beta1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/policy/v1beta1/zz_generated.defaults.go
@@ -16,11 +16,12 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	v1beta1 "k8s.io/api/policy/v1beta1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
 
@@ -28,5 +29,18 @@ import (
 // Public to allow building arbitrary schemes.
 // All generated defaulters are covering - they call all nested defaulters.
 func RegisterDefaults(scheme *runtime.Scheme) error {
+	scheme.AddTypeDefaultingFunc(&v1beta1.PodSecurityPolicy{}, func(obj interface{}) { SetObjectDefaults_PodSecurityPolicy(obj.(*v1beta1.PodSecurityPolicy)) })
+	scheme.AddTypeDefaultingFunc(&v1beta1.PodSecurityPolicyList{}, func(obj interface{}) { SetObjectDefaults_PodSecurityPolicyList(obj.(*v1beta1.PodSecurityPolicyList)) })
 	return nil
 }
+
+func SetObjectDefaults_PodSecurityPolicy(in *v1beta1.PodSecurityPolicy) {
+	SetDefaults_PodSecurityPolicySpec(&in.Spec)
+}
+
+func SetObjectDefaults_PodSecurityPolicyList(in *v1beta1.PodSecurityPolicyList) {
+	for i := range in.Items {
+		a := &in.Items[i]
+		SetObjectDefaults_PodSecurityPolicy(a)
+	}
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/policy/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/policy/validation/BUILD
index 1f372c738c1e..1faa84cffc8c 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/policy/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/policy/validation/BUILD
@@ -22,8 +22,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/policy/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/policy:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/policy/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/policy/zz_generated.deepcopy.go
index 539854524cad..c039c4fb5ffb 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/policy/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/policy/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package policy
 
@@ -57,9 +57,8 @@ func (in *Eviction) DeepCopy() *Eviction {
 func (in *Eviction) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -86,9 +85,8 @@ func (in *PodDisruptionBudget) DeepCopy() *PodDisruptionBudget {
 func (in *PodDisruptionBudget) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -120,9 +118,8 @@ func (in *PodDisruptionBudgetList) DeepCopy() *PodDisruptionBudgetList {
 func (in *PodDisruptionBudgetList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/rbac/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/rbac/BUILD
index ef634f03a344..4c7b65658c46 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/rbac/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/rbac/BUILD
@@ -48,7 +48,6 @@ filegroup(
 go_test(
     name = "go_default_xtest",
     srcs = ["helpers_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/rbac_test",
     deps = [
         ":go_default_library",
         "//pkg/api/legacyscheme:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/rbac/OWNERS b/vendor/k8s.io/kubernetes/pkg/apis/rbac/OWNERS
index 53710111cde1..1aefde049a0a 100755
--- a/vendor/k8s.io/kubernetes/pkg/apis/rbac/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/apis/rbac/OWNERS
@@ -5,7 +5,6 @@ reviewers:
 - deads2k
 - sttts
 - ncdc
-- timothysc
 - dims
 - krousey
 - mml
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/rbac/helpers.go b/vendor/k8s.io/kubernetes/pkg/apis/rbac/helpers.go
index 4b1a1d3a0c71..373711500b1f 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/rbac/helpers.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/rbac/helpers.go
@@ -147,6 +147,10 @@ func (r PolicyRule) String() string {
 func (r PolicyRule) CompactString() string {
 	formatStringParts := []string{}
 	formatArgs := []interface{}{}
+	if len(r.APIGroups) > 0 {
+		formatStringParts = append(formatStringParts, "APIGroups:%q")
+		formatArgs = append(formatArgs, r.APIGroups)
+	}
 	if len(r.Resources) > 0 {
 		formatStringParts = append(formatStringParts, "Resources:%q")
 		formatArgs = append(formatArgs, r.Resources)
@@ -159,10 +163,6 @@ func (r PolicyRule) CompactString() string {
 		formatStringParts = append(formatStringParts, "ResourceNames:%q")
 		formatArgs = append(formatArgs, r.ResourceNames)
 	}
-	if len(r.APIGroups) > 0 {
-		formatStringParts = append(formatStringParts, "APIGroups:%q")
-		formatArgs = append(formatArgs, r.APIGroups)
-	}
 	if len(r.Verbs) > 0 {
 		formatStringParts = append(formatStringParts, "Verbs:%q")
 		formatArgs = append(formatArgs, r.Verbs)
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1/zz_generated.conversion.go
index e58d18435f49..cf600e63abbb 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1/zz_generated.conversion.go
@@ -16,17 +16,18 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	unsafe "unsafe"
+
 	v1 "k8s.io/api/rbac/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	rbac "k8s.io/kubernetes/pkg/apis/rbac"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1/zz_generated.defaults.go
index 32fae3fa9f02..aa5fbd149a5c 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1alpha1/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1alpha1/BUILD
index fed81967eb73..e521b855596c 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1alpha1/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1alpha1/BUILD
@@ -31,7 +31,6 @@ go_library(
 go_test(
     name = "go_default_xtest",
     srcs = ["conversion_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/rbac/v1alpha1_test",
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/rbac:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1alpha1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1alpha1/zz_generated.conversion.go
index 7d84a6ce5a61..bc9fa3f15516 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1alpha1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1alpha1/zz_generated.conversion.go
@@ -16,17 +16,18 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	unsafe "unsafe"
+
 	v1alpha1 "k8s.io/api/rbac/v1alpha1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	rbac "k8s.io/kubernetes/pkg/apis/rbac"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1alpha1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1alpha1/zz_generated.defaults.go
index ee2303e65540..2d9e42b91976 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1alpha1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1alpha1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1beta1/zz_generated.conversion.go
index 952a4e4069b5..f98642dda7b5 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1beta1/zz_generated.conversion.go
@@ -16,17 +16,18 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	unsafe "unsafe"
+
 	v1beta1 "k8s.io/api/rbac/v1beta1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	rbac "k8s.io/kubernetes/pkg/apis/rbac"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1beta1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1beta1/zz_generated.defaults.go
index 8486ab7a4bce..878390508018 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1beta1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/rbac/v1beta1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/rbac/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/rbac/validation/BUILD
index 3c34083071e4..8ef016236542 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/rbac/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/rbac/validation/BUILD
@@ -23,8 +23,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/rbac/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/rbac:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/rbac/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/rbac/zz_generated.deepcopy.go
index 2d84b8bbeb60..c916c0c7ee0e 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/rbac/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/rbac/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package rbac
 
@@ -86,9 +86,8 @@ func (in *ClusterRole) DeepCopy() *ClusterRole {
 func (in *ClusterRole) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -119,9 +118,8 @@ func (in *ClusterRoleBinding) DeepCopy() *ClusterRoleBinding {
 func (in *ClusterRoleBinding) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -153,9 +151,8 @@ func (in *ClusterRoleBindingList) DeepCopy() *ClusterRoleBindingList {
 func (in *ClusterRoleBindingList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -187,9 +184,8 @@ func (in *ClusterRoleList) DeepCopy() *ClusterRoleList {
 func (in *ClusterRoleList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -262,9 +258,8 @@ func (in *Role) DeepCopy() *Role {
 func (in *Role) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -295,9 +290,8 @@ func (in *RoleBinding) DeepCopy() *RoleBinding {
 func (in *RoleBinding) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -329,9 +323,8 @@ func (in *RoleBindingList) DeepCopy() *RoleBindingList {
 func (in *RoleBindingList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -363,9 +356,8 @@ func (in *RoleList) DeepCopy() *RoleList {
 func (in *RoleList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -384,6 +376,28 @@ func (in *RoleRef) DeepCopy() *RoleRef {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in SortableRuleSlice) DeepCopyInto(out *SortableRuleSlice) {
+	{
+		in := &in
+		*out = make(SortableRuleSlice, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SortableRuleSlice.
+func (in SortableRuleSlice) DeepCopy() SortableRuleSlice {
+	if in == nil {
+		return nil
+	}
+	out := new(SortableRuleSlice)
+	in.DeepCopyInto(out)
+	return *out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *Subject) DeepCopyInto(out *Subject) {
 	*out = *in
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/scheduling/types.go b/vendor/k8s.io/kubernetes/pkg/apis/scheduling/types.go
index 06cceadb74d1..d5db894a8d0e 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/scheduling/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/scheduling/types.go
@@ -23,6 +23,9 @@ const (
 	// that do not specify any priority class and there is no priority class
 	// marked as default.
 	DefaultPriorityWhenNoDefaultClassExists = 0
+	// SystemPriorityClassPrefix is the prefix reserved for system priority class names. Other priority
+	// classes are not allowed to start with this prefix.
+	SystemPriorityClassPrefix = "system-"
 )
 
 // +genclient
@@ -41,8 +44,11 @@ type PriorityClass struct {
 	// receive when they have the name of this class in their pod spec.
 	Value int32
 
-	// GlobalDefault specifies whether this PriorityClass should be considered as
+	// globalDefault specifies whether this PriorityClass should be considered as
 	// the default priority for pods that do not have any priority class.
+	// Only one PriorityClass can be marked as `globalDefault`. However, if more than
+	// one PriorityClasses exists with their `globalDefault` field set to true,
+	// the smallest value of such global default PriorityClasses will be used as the default priority.
 	// +optional
 	GlobalDefault bool
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/scheduling/v1alpha1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/scheduling/v1alpha1/zz_generated.conversion.go
index 988c8679a34f..18fe164dffea 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/scheduling/v1alpha1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/scheduling/v1alpha1/zz_generated.conversion.go
@@ -16,16 +16,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	unsafe "unsafe"
+
 	v1alpha1 "k8s.io/api/scheduling/v1alpha1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	scheduling "k8s.io/kubernetes/pkg/apis/scheduling"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/scheduling/v1alpha1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/scheduling/v1alpha1/zz_generated.defaults.go
index 5e24d22cacd1..2bd0078a37ef 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/scheduling/v1alpha1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/scheduling/v1alpha1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/scheduling/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/scheduling/validation/BUILD
index fc4680377eeb..abfac031586f 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/scheduling/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/scheduling/validation/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/scheduling/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/scheduling:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/scheduling/validation/validation.go b/vendor/k8s.io/kubernetes/pkg/apis/scheduling/validation/validation.go
index f4fac9d9ceac..c8b85ef85d4a 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/scheduling/validation/validation.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/scheduling/validation/validation.go
@@ -17,14 +17,22 @@ limitations under the License.
 package validation
 
 import (
+	"strings"
+
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	apivalidation "k8s.io/kubernetes/pkg/apis/core/validation"
 	"k8s.io/kubernetes/pkg/apis/scheduling"
 )
 
-// ValidatePriorityClassName can be used to check whether the given priority
-// class name is valid.
-var ValidatePriorityClassName = apivalidation.NameIsDNSSubdomain
+// ValidatePriorityClassName checks whether the given priority class name is valid.
+func ValidatePriorityClassName(name string, prefix bool) []string {
+	var allErrs []string
+	if strings.HasPrefix(name, scheduling.SystemPriorityClassPrefix) {
+		allErrs = append(allErrs, "priority class names with '"+scheduling.SystemPriorityClassPrefix+"' prefix are reserved for system use only")
+	}
+	allErrs = append(allErrs, apivalidation.NameIsDNSSubdomain(name, prefix)...)
+	return allErrs
+}
 
 // ValidatePriorityClass tests whether required fields in the PriorityClass are
 // set correctly.
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/scheduling/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/scheduling/zz_generated.deepcopy.go
index 93b95da65d2f..c425f864bc4f 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/scheduling/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/scheduling/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package scheduling
 
@@ -46,9 +46,8 @@ func (in *PriorityClass) DeepCopy() *PriorityClass {
 func (in *PriorityClass) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -80,7 +79,6 @@ func (in *PriorityClassList) DeepCopy() *PriorityClassList {
 func (in *PriorityClassList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/settings/v1alpha1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/settings/v1alpha1/zz_generated.conversion.go
index f55bd43926cd..7689abf1d058 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/settings/v1alpha1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/settings/v1alpha1/zz_generated.conversion.go
@@ -16,18 +16,19 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	unsafe "unsafe"
+
 	v1 "k8s.io/api/core/v1"
 	v1alpha1 "k8s.io/api/settings/v1alpha1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	core "k8s.io/kubernetes/pkg/apis/core"
 	settings "k8s.io/kubernetes/pkg/apis/settings"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/settings/v1alpha1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/settings/v1alpha1/zz_generated.defaults.go
index ef7e61652fa4..f7604a421594 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/settings/v1alpha1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/settings/v1alpha1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/settings/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/settings/validation/BUILD
index f0e6d67f00c7..f8449b77d2e0 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/settings/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/settings/validation/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/settings/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/settings:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/settings/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/settings/zz_generated.deepcopy.go
index 90ec26ed20c7..74f79a4902fc 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/settings/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/settings/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package settings
 
@@ -48,9 +48,8 @@ func (in *PodPreset) DeepCopy() *PodPreset {
 func (in *PodPreset) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -82,9 +81,8 @@ func (in *PodPresetList) DeepCopy() *PodPresetList {
 func (in *PodPresetList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/storage/util/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/storage/util/BUILD
index 490e83721491..7a5a5fd334c6 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/storage/util/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/storage/util/BUILD
@@ -37,8 +37,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["util_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/storage/util",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/storage:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/storage/v1/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/storage/v1/BUILD
index aeb7e17d2a77..ad0fcaa0706a 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/storage/v1/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/storage/v1/BUILD
@@ -48,7 +48,6 @@ filegroup(
 go_test(
     name = "go_default_xtest",
     srcs = ["defaults_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/storage/v1_test",
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/storage/install:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/storage/v1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/storage/v1/zz_generated.conversion.go
index 19e33a11ea6d..391d169bbbd7 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/storage/v1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/storage/v1/zz_generated.conversion.go
@@ -16,18 +16,19 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1
 
 import (
+	unsafe "unsafe"
+
 	core_v1 "k8s.io/api/core/v1"
 	v1 "k8s.io/api/storage/v1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	core "k8s.io/kubernetes/pkg/apis/core"
 	storage "k8s.io/kubernetes/pkg/apis/storage"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/storage/v1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/storage/v1/zz_generated.defaults.go
index 3c2083f7f1f5..f066b2eaa84b 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/storage/v1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/storage/v1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/storage/v1alpha1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/storage/v1alpha1/zz_generated.conversion.go
index 652cc2f82f66..35a6306f3b7e 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/storage/v1alpha1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/storage/v1alpha1/zz_generated.conversion.go
@@ -16,16 +16,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	unsafe "unsafe"
+
 	v1alpha1 "k8s.io/api/storage/v1alpha1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	storage "k8s.io/kubernetes/pkg/apis/storage"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/storage/v1alpha1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/storage/v1alpha1/zz_generated.defaults.go
index 5e24d22cacd1..2bd0078a37ef 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/storage/v1alpha1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/storage/v1alpha1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/storage/v1beta1/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/storage/v1beta1/BUILD
index 368302812eb4..2bd73313179f 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/storage/v1beta1/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/storage/v1beta1/BUILD
@@ -48,7 +48,6 @@ filegroup(
 go_test(
     name = "go_default_xtest",
     srcs = ["defaults_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/storage/v1beta1_test",
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/storage/install:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/storage/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/apis/storage/v1beta1/zz_generated.conversion.go
index 1338df136b5e..8d0fc10c800c 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/storage/v1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/storage/v1beta1/zz_generated.conversion.go
@@ -16,18 +16,19 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	unsafe "unsafe"
+
 	v1 "k8s.io/api/core/v1"
 	v1beta1 "k8s.io/api/storage/v1beta1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	core "k8s.io/kubernetes/pkg/apis/core"
 	storage "k8s.io/kubernetes/pkg/apis/storage"
-	unsafe "unsafe"
 )
 
 func init() {
@@ -42,6 +43,18 @@ func RegisterConversions(scheme *runtime.Scheme) error {
 		Convert_storage_StorageClass_To_v1beta1_StorageClass,
 		Convert_v1beta1_StorageClassList_To_storage_StorageClassList,
 		Convert_storage_StorageClassList_To_v1beta1_StorageClassList,
+		Convert_v1beta1_VolumeAttachment_To_storage_VolumeAttachment,
+		Convert_storage_VolumeAttachment_To_v1beta1_VolumeAttachment,
+		Convert_v1beta1_VolumeAttachmentList_To_storage_VolumeAttachmentList,
+		Convert_storage_VolumeAttachmentList_To_v1beta1_VolumeAttachmentList,
+		Convert_v1beta1_VolumeAttachmentSource_To_storage_VolumeAttachmentSource,
+		Convert_storage_VolumeAttachmentSource_To_v1beta1_VolumeAttachmentSource,
+		Convert_v1beta1_VolumeAttachmentSpec_To_storage_VolumeAttachmentSpec,
+		Convert_storage_VolumeAttachmentSpec_To_v1beta1_VolumeAttachmentSpec,
+		Convert_v1beta1_VolumeAttachmentStatus_To_storage_VolumeAttachmentStatus,
+		Convert_storage_VolumeAttachmentStatus_To_v1beta1_VolumeAttachmentStatus,
+		Convert_v1beta1_VolumeError_To_storage_VolumeError,
+		Convert_storage_VolumeError_To_v1beta1_VolumeError,
 	)
 }
 
@@ -98,3 +111,153 @@ func autoConvert_storage_StorageClassList_To_v1beta1_StorageClassList(in *storag
 func Convert_storage_StorageClassList_To_v1beta1_StorageClassList(in *storage.StorageClassList, out *v1beta1.StorageClassList, s conversion.Scope) error {
 	return autoConvert_storage_StorageClassList_To_v1beta1_StorageClassList(in, out, s)
 }
+
+func autoConvert_v1beta1_VolumeAttachment_To_storage_VolumeAttachment(in *v1beta1.VolumeAttachment, out *storage.VolumeAttachment, s conversion.Scope) error {
+	out.ObjectMeta = in.ObjectMeta
+	if err := Convert_v1beta1_VolumeAttachmentSpec_To_storage_VolumeAttachmentSpec(&in.Spec, &out.Spec, s); err != nil {
+		return err
+	}
+	if err := Convert_v1beta1_VolumeAttachmentStatus_To_storage_VolumeAttachmentStatus(&in.Status, &out.Status, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_v1beta1_VolumeAttachment_To_storage_VolumeAttachment is an autogenerated conversion function.
+func Convert_v1beta1_VolumeAttachment_To_storage_VolumeAttachment(in *v1beta1.VolumeAttachment, out *storage.VolumeAttachment, s conversion.Scope) error {
+	return autoConvert_v1beta1_VolumeAttachment_To_storage_VolumeAttachment(in, out, s)
+}
+
+func autoConvert_storage_VolumeAttachment_To_v1beta1_VolumeAttachment(in *storage.VolumeAttachment, out *v1beta1.VolumeAttachment, s conversion.Scope) error {
+	out.ObjectMeta = in.ObjectMeta
+	if err := Convert_storage_VolumeAttachmentSpec_To_v1beta1_VolumeAttachmentSpec(&in.Spec, &out.Spec, s); err != nil {
+		return err
+	}
+	if err := Convert_storage_VolumeAttachmentStatus_To_v1beta1_VolumeAttachmentStatus(&in.Status, &out.Status, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_storage_VolumeAttachment_To_v1beta1_VolumeAttachment is an autogenerated conversion function.
+func Convert_storage_VolumeAttachment_To_v1beta1_VolumeAttachment(in *storage.VolumeAttachment, out *v1beta1.VolumeAttachment, s conversion.Scope) error {
+	return autoConvert_storage_VolumeAttachment_To_v1beta1_VolumeAttachment(in, out, s)
+}
+
+func autoConvert_v1beta1_VolumeAttachmentList_To_storage_VolumeAttachmentList(in *v1beta1.VolumeAttachmentList, out *storage.VolumeAttachmentList, s conversion.Scope) error {
+	out.ListMeta = in.ListMeta
+	out.Items = *(*[]storage.VolumeAttachment)(unsafe.Pointer(&in.Items))
+	return nil
+}
+
+// Convert_v1beta1_VolumeAttachmentList_To_storage_VolumeAttachmentList is an autogenerated conversion function.
+func Convert_v1beta1_VolumeAttachmentList_To_storage_VolumeAttachmentList(in *v1beta1.VolumeAttachmentList, out *storage.VolumeAttachmentList, s conversion.Scope) error {
+	return autoConvert_v1beta1_VolumeAttachmentList_To_storage_VolumeAttachmentList(in, out, s)
+}
+
+func autoConvert_storage_VolumeAttachmentList_To_v1beta1_VolumeAttachmentList(in *storage.VolumeAttachmentList, out *v1beta1.VolumeAttachmentList, s conversion.Scope) error {
+	out.ListMeta = in.ListMeta
+	out.Items = *(*[]v1beta1.VolumeAttachment)(unsafe.Pointer(&in.Items))
+	return nil
+}
+
+// Convert_storage_VolumeAttachmentList_To_v1beta1_VolumeAttachmentList is an autogenerated conversion function.
+func Convert_storage_VolumeAttachmentList_To_v1beta1_VolumeAttachmentList(in *storage.VolumeAttachmentList, out *v1beta1.VolumeAttachmentList, s conversion.Scope) error {
+	return autoConvert_storage_VolumeAttachmentList_To_v1beta1_VolumeAttachmentList(in, out, s)
+}
+
+func autoConvert_v1beta1_VolumeAttachmentSource_To_storage_VolumeAttachmentSource(in *v1beta1.VolumeAttachmentSource, out *storage.VolumeAttachmentSource, s conversion.Scope) error {
+	out.PersistentVolumeName = (*string)(unsafe.Pointer(in.PersistentVolumeName))
+	return nil
+}
+
+// Convert_v1beta1_VolumeAttachmentSource_To_storage_VolumeAttachmentSource is an autogenerated conversion function.
+func Convert_v1beta1_VolumeAttachmentSource_To_storage_VolumeAttachmentSource(in *v1beta1.VolumeAttachmentSource, out *storage.VolumeAttachmentSource, s conversion.Scope) error {
+	return autoConvert_v1beta1_VolumeAttachmentSource_To_storage_VolumeAttachmentSource(in, out, s)
+}
+
+func autoConvert_storage_VolumeAttachmentSource_To_v1beta1_VolumeAttachmentSource(in *storage.VolumeAttachmentSource, out *v1beta1.VolumeAttachmentSource, s conversion.Scope) error {
+	out.PersistentVolumeName = (*string)(unsafe.Pointer(in.PersistentVolumeName))
+	return nil
+}
+
+// Convert_storage_VolumeAttachmentSource_To_v1beta1_VolumeAttachmentSource is an autogenerated conversion function.
+func Convert_storage_VolumeAttachmentSource_To_v1beta1_VolumeAttachmentSource(in *storage.VolumeAttachmentSource, out *v1beta1.VolumeAttachmentSource, s conversion.Scope) error {
+	return autoConvert_storage_VolumeAttachmentSource_To_v1beta1_VolumeAttachmentSource(in, out, s)
+}
+
+func autoConvert_v1beta1_VolumeAttachmentSpec_To_storage_VolumeAttachmentSpec(in *v1beta1.VolumeAttachmentSpec, out *storage.VolumeAttachmentSpec, s conversion.Scope) error {
+	out.Attacher = in.Attacher
+	if err := Convert_v1beta1_VolumeAttachmentSource_To_storage_VolumeAttachmentSource(&in.Source, &out.Source, s); err != nil {
+		return err
+	}
+	out.NodeName = in.NodeName
+	return nil
+}
+
+// Convert_v1beta1_VolumeAttachmentSpec_To_storage_VolumeAttachmentSpec is an autogenerated conversion function.
+func Convert_v1beta1_VolumeAttachmentSpec_To_storage_VolumeAttachmentSpec(in *v1beta1.VolumeAttachmentSpec, out *storage.VolumeAttachmentSpec, s conversion.Scope) error {
+	return autoConvert_v1beta1_VolumeAttachmentSpec_To_storage_VolumeAttachmentSpec(in, out, s)
+}
+
+func autoConvert_storage_VolumeAttachmentSpec_To_v1beta1_VolumeAttachmentSpec(in *storage.VolumeAttachmentSpec, out *v1beta1.VolumeAttachmentSpec, s conversion.Scope) error {
+	out.Attacher = in.Attacher
+	if err := Convert_storage_VolumeAttachmentSource_To_v1beta1_VolumeAttachmentSource(&in.Source, &out.Source, s); err != nil {
+		return err
+	}
+	out.NodeName = in.NodeName
+	return nil
+}
+
+// Convert_storage_VolumeAttachmentSpec_To_v1beta1_VolumeAttachmentSpec is an autogenerated conversion function.
+func Convert_storage_VolumeAttachmentSpec_To_v1beta1_VolumeAttachmentSpec(in *storage.VolumeAttachmentSpec, out *v1beta1.VolumeAttachmentSpec, s conversion.Scope) error {
+	return autoConvert_storage_VolumeAttachmentSpec_To_v1beta1_VolumeAttachmentSpec(in, out, s)
+}
+
+func autoConvert_v1beta1_VolumeAttachmentStatus_To_storage_VolumeAttachmentStatus(in *v1beta1.VolumeAttachmentStatus, out *storage.VolumeAttachmentStatus, s conversion.Scope) error {
+	out.Attached = in.Attached
+	out.AttachmentMetadata = *(*map[string]string)(unsafe.Pointer(&in.AttachmentMetadata))
+	out.AttachError = (*storage.VolumeError)(unsafe.Pointer(in.AttachError))
+	out.DetachError = (*storage.VolumeError)(unsafe.Pointer(in.DetachError))
+	return nil
+}
+
+// Convert_v1beta1_VolumeAttachmentStatus_To_storage_VolumeAttachmentStatus is an autogenerated conversion function.
+func Convert_v1beta1_VolumeAttachmentStatus_To_storage_VolumeAttachmentStatus(in *v1beta1.VolumeAttachmentStatus, out *storage.VolumeAttachmentStatus, s conversion.Scope) error {
+	return autoConvert_v1beta1_VolumeAttachmentStatus_To_storage_VolumeAttachmentStatus(in, out, s)
+}
+
+func autoConvert_storage_VolumeAttachmentStatus_To_v1beta1_VolumeAttachmentStatus(in *storage.VolumeAttachmentStatus, out *v1beta1.VolumeAttachmentStatus, s conversion.Scope) error {
+	out.Attached = in.Attached
+	out.AttachmentMetadata = *(*map[string]string)(unsafe.Pointer(&in.AttachmentMetadata))
+	out.AttachError = (*v1beta1.VolumeError)(unsafe.Pointer(in.AttachError))
+	out.DetachError = (*v1beta1.VolumeError)(unsafe.Pointer(in.DetachError))
+	return nil
+}
+
+// Convert_storage_VolumeAttachmentStatus_To_v1beta1_VolumeAttachmentStatus is an autogenerated conversion function.
+func Convert_storage_VolumeAttachmentStatus_To_v1beta1_VolumeAttachmentStatus(in *storage.VolumeAttachmentStatus, out *v1beta1.VolumeAttachmentStatus, s conversion.Scope) error {
+	return autoConvert_storage_VolumeAttachmentStatus_To_v1beta1_VolumeAttachmentStatus(in, out, s)
+}
+
+func autoConvert_v1beta1_VolumeError_To_storage_VolumeError(in *v1beta1.VolumeError, out *storage.VolumeError, s conversion.Scope) error {
+	out.Time = in.Time
+	out.Message = in.Message
+	return nil
+}
+
+// Convert_v1beta1_VolumeError_To_storage_VolumeError is an autogenerated conversion function.
+func Convert_v1beta1_VolumeError_To_storage_VolumeError(in *v1beta1.VolumeError, out *storage.VolumeError, s conversion.Scope) error {
+	return autoConvert_v1beta1_VolumeError_To_storage_VolumeError(in, out, s)
+}
+
+func autoConvert_storage_VolumeError_To_v1beta1_VolumeError(in *storage.VolumeError, out *v1beta1.VolumeError, s conversion.Scope) error {
+	out.Time = in.Time
+	out.Message = in.Message
+	return nil
+}
+
+// Convert_storage_VolumeError_To_v1beta1_VolumeError is an autogenerated conversion function.
+func Convert_storage_VolumeError_To_v1beta1_VolumeError(in *storage.VolumeError, out *v1beta1.VolumeError, s conversion.Scope) error {
+	return autoConvert_storage_VolumeError_To_v1beta1_VolumeError(in, out, s)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/storage/v1beta1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/apis/storage/v1beta1/zz_generated.defaults.go
index 07847aebdfd9..5bf3557fb816 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/storage/v1beta1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/storage/v1beta1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1beta1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/storage/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/apis/storage/validation/BUILD
index e80f7838d6bf..cb0ed14d1968 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/storage/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/apis/storage/validation/BUILD
@@ -26,8 +26,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/apis/storage/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/storage:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/apis/storage/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/apis/storage/zz_generated.deepcopy.go
index 61ced04a4c44..7c5fdf78a34e 100644
--- a/vendor/k8s.io/kubernetes/pkg/apis/storage/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/apis/storage/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package storage
 
@@ -86,9 +86,8 @@ func (in *StorageClass) DeepCopy() *StorageClass {
 func (in *StorageClass) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -120,9 +119,8 @@ func (in *StorageClassList) DeepCopy() *StorageClassList {
 func (in *StorageClassList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -149,9 +147,8 @@ func (in *VolumeAttachment) DeepCopy() *VolumeAttachment {
 func (in *VolumeAttachment) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -183,9 +180,8 @@ func (in *VolumeAttachmentList) DeepCopy() *VolumeAttachmentList {
 func (in *VolumeAttachmentList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/pkg/auth/authorizer/abac/BUILD b/vendor/k8s.io/kubernetes/pkg/auth/authorizer/abac/BUILD
index efbea8e25685..07ca74f8ac02 100644
--- a/vendor/k8s.io/kubernetes/pkg/auth/authorizer/abac/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/auth/authorizer/abac/BUILD
@@ -35,8 +35,7 @@ go_test(
     data = [
         ":example_policy",
     ],
-    importpath = "k8s.io/kubernetes/pkg/auth/authorizer/abac",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/abac:go_default_library",
         "//pkg/apis/abac/v0:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/auth/authorizer/abac/abac.go b/vendor/k8s.io/kubernetes/pkg/auth/authorizer/abac/abac.go
index f3132740d2d3..86e7f8ed3e0b 100644
--- a/vendor/k8s.io/kubernetes/pkg/auth/authorizer/abac/abac.go
+++ b/vendor/k8s.io/kubernetes/pkg/auth/authorizer/abac/abac.go
@@ -53,7 +53,7 @@ type policyList []*abac.Policy
 
 // TODO: Have policies be created via an API call and stored in REST storage.
 func NewFromFile(path string) (policyList, error) {
-	// File format is one map per line.  This allows easy concatentation of files,
+	// File format is one map per line.  This allows easy concatenation of files,
 	// comments in files, and identification of errors by line number.
 	file, err := os.Open(path)
 	if err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/auth/nodeidentifier/BUILD b/vendor/k8s.io/kubernetes/pkg/auth/nodeidentifier/BUILD
index f51a1dc61196..ae75df3818d4 100644
--- a/vendor/k8s.io/kubernetes/pkg/auth/nodeidentifier/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/auth/nodeidentifier/BUILD
@@ -19,8 +19,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["default_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/auth/nodeidentifier",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/capabilities/BUILD b/vendor/k8s.io/kubernetes/pkg/capabilities/BUILD
index 6ab539698cfe..1e00cb3c4c49 100644
--- a/vendor/k8s.io/kubernetes/pkg/capabilities/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/capabilities/BUILD
@@ -18,8 +18,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["capabilities_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/capabilities",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/client/chaosclient/BUILD b/vendor/k8s.io/kubernetes/pkg/client/chaosclient/BUILD
index 8ba5b300d302..b9da712358ed 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/chaosclient/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/client/chaosclient/BUILD
@@ -16,8 +16,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["chaosclient_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/client/chaosclient",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/clientset.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/clientset.go
index 77314b2e7149..44c675b12930 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/clientset.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/clientset.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalclientset
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/doc.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/doc.go
index 4ede718dee1b..22ccee919683 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated clientset.
 package internalclientset
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/scheme/doc.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/scheme/doc.go
index 3d3ab5f4edfa..5c5c8debb6b4 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/scheme/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/scheme/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package contains the scheme of the automatically generated clientset.
 package scheme
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/scheme/register.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/scheme/register.go
index 3bbf1846c60e..26f60c8d2a5d 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/scheme/register.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/scheme/register.go
@@ -14,9 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package scheme
 
 import (
+	os "os"
+
 	announced "k8s.io/apimachinery/pkg/apimachinery/announced"
 	registered "k8s.io/apimachinery/pkg/apimachinery/registered"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -39,7 +43,6 @@ import (
 	scheduling "k8s.io/kubernetes/pkg/apis/scheduling/install"
 	settings "k8s.io/kubernetes/pkg/apis/settings/install"
 	storage "k8s.io/kubernetes/pkg/apis/storage/install"
-	os "os"
 )
 
 var Scheme = runtime.NewScheme()
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/admissionregistration_client.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/admissionregistration_client.go
index b2a30fa0d5cc..a8dc6d2583f8 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/admissionregistration_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/admissionregistration_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/doc.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/doc.go
index 8615019757db..b057e5201308 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/generated_expansion.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/generated_expansion.go
index 06f4a44cf863..2bb32341e530 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/generated_expansion.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 type InitializerConfigurationExpansion interface{}
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/initializerconfiguration.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/initializerconfiguration.go
index 45e632411869..d6e325420d16 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/initializerconfiguration.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/initializerconfiguration.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/mutatingwebhookconfiguration.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/mutatingwebhookconfiguration.go
index 06f3a5f0b38a..47edb0d3657b 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/mutatingwebhookconfiguration.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/mutatingwebhookconfiguration.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/validatingwebhookconfiguration.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/validatingwebhookconfiguration.go
index 9a57c9a81743..e3bf756c7137 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/validatingwebhookconfiguration.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/admissionregistration/internalversion/validatingwebhookconfiguration.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/apps_client.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/apps_client.go
index 184ebd389681..3aaaf7fd0ccd 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/apps_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/apps_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/controllerrevision.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/controllerrevision.go
index 120a56cfd366..9cbb44dc86ad 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/controllerrevision.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/controllerrevision.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/doc.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/doc.go
index 8615019757db..b057e5201308 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/generated_expansion.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/generated_expansion.go
index 7fd67b1f7126..f77de9fe09cb 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/generated_expansion.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 type ControllerRevisionExpansion interface{}
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/statefulset.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/statefulset.go
index cb496b53a89b..42a638cca23e 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/statefulset.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion/statefulset.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/authentication_client.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/authentication_client.go
index 68c3efadc472..29de235c1733 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/authentication_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/authentication_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/doc.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/doc.go
index 8615019757db..b057e5201308 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/generated_expansion.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/generated_expansion.go
index 36261d29dad7..4a52863e4151 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/generated_expansion.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/generated_expansion.go
@@ -14,4 +14,6 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/tokenreview.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/tokenreview.go
index 16cbd1aaf6d0..c7f71bdaf033 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/tokenreview.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/internalversion/tokenreview.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/authorization_client.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/authorization_client.go
index 3da3b1f5277d..3207f0e0ee9d 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/authorization_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/authorization_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/doc.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/doc.go
index 8615019757db..b057e5201308 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/generated_expansion.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/generated_expansion.go
index 36261d29dad7..4a52863e4151 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/generated_expansion.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/generated_expansion.go
@@ -14,4 +14,6 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/localsubjectaccessreview.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/localsubjectaccessreview.go
index 5a2916aa82b1..db51f0ac100e 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/localsubjectaccessreview.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/localsubjectaccessreview.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/selfsubjectaccessreview.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/selfsubjectaccessreview.go
index dd3120e199c7..ff7bc593a045 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/selfsubjectaccessreview.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/selfsubjectaccessreview.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/selfsubjectrulesreview.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/selfsubjectrulesreview.go
index 89015541d511..211f76605eef 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/selfsubjectrulesreview.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/selfsubjectrulesreview.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/subjectaccessreview.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/subjectaccessreview.go
index 67a2d9304efd..d2514f2b2f9f 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/subjectaccessreview.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authorization/internalversion/subjectaccessreview.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion/autoscaling_client.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion/autoscaling_client.go
index 4f7d5ab377c9..c555299ade50 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion/autoscaling_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion/autoscaling_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion/doc.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion/doc.go
index 8615019757db..b057e5201308 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion/generated_expansion.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion/generated_expansion.go
index 413f0db67f99..d7d647db44ab 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion/generated_expansion.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 type HorizontalPodAutoscalerExpansion interface{}
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion/horizontalpodautoscaler.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion/horizontalpodautoscaler.go
index 9657f0408b18..3bc0cc92d9f7 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion/horizontalpodautoscaler.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/internalversion/horizontalpodautoscaler.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/batch_client.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/batch_client.go
index 152ab4456816..b20b4ba5f548 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/batch_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/batch_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/cronjob.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/cronjob.go
index 12ef15132bb7..c2e9d5162538 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/cronjob.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/cronjob.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/doc.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/doc.go
index 8615019757db..b057e5201308 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/generated_expansion.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/generated_expansion.go
index 9fbcb6607085..d1cd2076d9e9 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/generated_expansion.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 type CronJobExpansion interface{}
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/job.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/job.go
index a1a97718d51d..b9f96aaed1b1 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/job.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion/job.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/internalversion/certificates_client.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/internalversion/certificates_client.go
index 4ccb172fa740..7399b1b672c9 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/internalversion/certificates_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/internalversion/certificates_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/internalversion/certificatesigningrequest.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/internalversion/certificatesigningrequest.go
index 51232f9f5c6a..338b1548663d 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/internalversion/certificatesigningrequest.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/internalversion/certificatesigningrequest.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/internalversion/doc.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/internalversion/doc.go
index 8615019757db..b057e5201308 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/internalversion/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/internalversion/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/internalversion/generated_expansion.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/internalversion/generated_expansion.go
index 36261d29dad7..4a52863e4151 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/internalversion/generated_expansion.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/internalversion/generated_expansion.go
@@ -14,4 +14,6 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/componentstatus.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/componentstatus.go
index 290ee6ebba6c..c9d7c6ae416d 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/componentstatus.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/componentstatus.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/configmap.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/configmap.go
index 84f39b2ffb05..c118ccc9094f 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/configmap.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/configmap.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/core_client.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/core_client.go
index 593b8872abff..d7129f33b221 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/core_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/core_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/doc.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/doc.go
index 8615019757db..b057e5201308 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/endpoints.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/endpoints.go
index 4f1a2b767764..6fe53fad170f 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/endpoints.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/endpoints.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/event.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/event.go
index 0d7e427a2958..de8d38197148 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/event.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/event.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/generated_expansion.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/generated_expansion.go
index bba3e73d108c..1b30a3590628 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/generated_expansion.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 type ComponentStatusExpansion interface{}
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/limitrange.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/limitrange.go
index 41ab70187b62..4968e5a47580 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/limitrange.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/limitrange.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/namespace.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/namespace.go
index 9e2e54b1ffe4..032c315f27d3 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/namespace.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/namespace.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/node.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/node.go
index a315e0f5c689..33a14cdcc8b7 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/node.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/node.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/persistentvolume.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/persistentvolume.go
index 7ea769f1a0d0..194482fa9fd1 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/persistentvolume.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/persistentvolume.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/persistentvolumeclaim.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/persistentvolumeclaim.go
index 8c94f646554f..472e27276537 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/persistentvolumeclaim.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/persistentvolumeclaim.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/pod.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/pod.go
index e7f6a4099bd6..6d76794d4675 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/pod.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/pod.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/podtemplate.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/podtemplate.go
index 0919e64081dc..a23f904485c3 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/podtemplate.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/podtemplate.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/replicationcontroller.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/replicationcontroller.go
index 9302f18f51af..8d5012cdc709 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/replicationcontroller.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/replicationcontroller.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/resourcequota.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/resourcequota.go
index 20e3ed8e9bdd..f0f86fc0d88b 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/resourcequota.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/resourcequota.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/secret.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/secret.go
index 478430f51f84..3d99463bc91d 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/secret.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/secret.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/service.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/service.go
index 239feca1f432..86c160b28704 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/service.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/service.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/serviceaccount.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/serviceaccount.go
index d405955d1720..a19299e3253a 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/serviceaccount.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion/serviceaccount.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/events/internalversion/doc.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/events/internalversion/doc.go
index 8615019757db..b057e5201308 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/events/internalversion/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/events/internalversion/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/events/internalversion/events_client.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/events/internalversion/events_client.go
index dcadcff69eaf..5c4665104cc5 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/events/internalversion/events_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/events/internalversion/events_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/events/internalversion/generated_expansion.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/events/internalversion/generated_expansion.go
index 36261d29dad7..4a52863e4151 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/events/internalversion/generated_expansion.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/events/internalversion/generated_expansion.go
@@ -14,4 +14,6 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/daemonset.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/daemonset.go
index 567e2d8d446c..3e0be5ff1464 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/daemonset.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/daemonset.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/deployment.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/deployment.go
index 4078b837dd14..b7cc4d918e2f 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/deployment.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/deployment.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/doc.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/doc.go
index 8615019757db..b057e5201308 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/extensions_client.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/extensions_client.go
index 48f3fef1ea8e..e2a757cc9409 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/extensions_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/extensions_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/generated_expansion.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/generated_expansion.go
index de02b2c1a4bf..85e06f40203d 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/generated_expansion.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 type DaemonSetExpansion interface{}
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/ingress.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/ingress.go
index 6a7fb410b2c2..f234f12cb5fe 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/ingress.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/ingress.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/podsecuritypolicy.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/podsecuritypolicy.go
index 14995cd4a7e6..19a8843a7312 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/podsecuritypolicy.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/podsecuritypolicy.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/replicaset.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/replicaset.go
index 231826f1ac7a..02e61d6241aa 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/replicaset.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion/replicaset.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/doc.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/doc.go
index 8615019757db..b057e5201308 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/generated_expansion.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/generated_expansion.go
index 343fed42cb41..045b840cc2b0 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/generated_expansion.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 type NetworkPolicyExpansion interface{}
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/networking_client.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/networking_client.go
index 53a927adf418..344eb2b90fc9 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/networking_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/networking_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/networkpolicy.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/networkpolicy.go
index e6aa62cc13e9..838caf2d4c82 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/networkpolicy.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/networking/internalversion/networkpolicy.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/doc.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/doc.go
index 8615019757db..b057e5201308 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/eviction.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/eviction.go
index 42760568b35c..49058cf8ee08 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/eviction.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/eviction.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/generated_expansion.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/generated_expansion.go
index a5d8910e60ee..2a9f87109d3f 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/generated_expansion.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 type PodDisruptionBudgetExpansion interface{}
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/poddisruptionbudget.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/poddisruptionbudget.go
index 2ae24ea56209..6d3898a840f3 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/poddisruptionbudget.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/poddisruptionbudget.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/policy_client.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/policy_client.go
index 86eebbdf86e4..025e748780dc 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/policy_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion/policy_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/clusterrole.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/clusterrole.go
index 2d9c34ffe077..1f230fd93e96 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/clusterrole.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/clusterrole.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/clusterrolebinding.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/clusterrolebinding.go
index 103133da3afb..d05021a6062b 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/clusterrolebinding.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/clusterrolebinding.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/doc.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/doc.go
index 8615019757db..b057e5201308 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/generated_expansion.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/generated_expansion.go
index 35e44fd40cda..18e1320f7aa3 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/generated_expansion.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 type ClusterRoleExpansion interface{}
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/rbac_client.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/rbac_client.go
index c1a5bce56913..e9d90952f5bc 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/rbac_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/rbac_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/role.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/role.go
index 46f2d54922c1..e1270b72760d 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/role.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/role.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/rolebinding.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/rolebinding.go
index 6fff7a164056..f17780ff1eec 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/rolebinding.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/rbac/internalversion/rolebinding.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion/doc.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion/doc.go
index 8615019757db..b057e5201308 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion/generated_expansion.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion/generated_expansion.go
index 8a32bee4ef4a..1f369def40f4 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion/generated_expansion.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 type PriorityClassExpansion interface{}
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion/priorityclass.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion/priorityclass.go
index 094a77c48e2c..8a787cfe8249 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion/priorityclass.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion/priorityclass.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion/scheduling_client.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion/scheduling_client.go
index 5500c19a22a7..4ed579879319 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion/scheduling_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion/scheduling_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/settings/internalversion/doc.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/settings/internalversion/doc.go
index 8615019757db..b057e5201308 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/settings/internalversion/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/settings/internalversion/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/settings/internalversion/generated_expansion.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/settings/internalversion/generated_expansion.go
index 5cc4c47d1715..83279e27bca0 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/settings/internalversion/generated_expansion.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/settings/internalversion/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 type PodPresetExpansion interface{}
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/settings/internalversion/podpreset.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/settings/internalversion/podpreset.go
index c230b0974171..b2fb3bc90bc2 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/settings/internalversion/podpreset.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/settings/internalversion/podpreset.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/settings/internalversion/settings_client.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/settings/internalversion/settings_client.go
index 797355725d45..5da169c586ec 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/settings/internalversion/settings_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/settings/internalversion/settings_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/doc.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/doc.go
index 8615019757db..b057e5201308 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package internalversion
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/generated_expansion.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/generated_expansion.go
index 17366dbd688d..05b67fff4aff 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/generated_expansion.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 type StorageClassExpansion interface{}
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/storage_client.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/storage_client.go
index b482df23b101..c79fdd6f43b0 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/storage_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/storage_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/storageclass.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/storageclass.go
index 704036ad7bd6..c4f4756990fe 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/storageclass.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/storageclass.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/volumeattachment.go b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/volumeattachment.go
index b3dd6f6b5cce..512af86f92dd 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/volumeattachment.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/storage/internalversion/volumeattachment.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package internalversion
 
 import (
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/interface.go
index 1a2aad205306..dfd08ec07ecc 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package admissionregistration
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/internalversion/initializerconfiguration.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/internalversion/initializerconfiguration.go
index 684666165836..8486090e99d1 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/internalversion/initializerconfiguration.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/internalversion/initializerconfiguration.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion"
-	time "time"
 )
 
 // InitializerConfigurationInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/internalversion/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/internalversion/interface.go
index 4afa5cd9d1c8..0c1c8cb04a02 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/internalversion/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/internalversion/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/internalversion/mutatingwebhookconfiguration.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/internalversion/mutatingwebhookconfiguration.go
index 075caa325317..5d713aa17452 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/internalversion/mutatingwebhookconfiguration.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/internalversion/mutatingwebhookconfiguration.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion"
-	time "time"
 )
 
 // MutatingWebhookConfigurationInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/internalversion/validatingwebhookconfiguration.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/internalversion/validatingwebhookconfiguration.go
index f513b63487de..87d0dd912c76 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/internalversion/validatingwebhookconfiguration.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/admissionregistration/internalversion/validatingwebhookconfiguration.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion"
-	time "time"
 )
 
 // ValidatingWebhookConfigurationInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps/interface.go
index a847b158afdb..dccba7736dc3 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package apps
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps/internalversion/controllerrevision.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps/internalversion/controllerrevision.go
index e03fe17f6e33..13e231d59a4f 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps/internalversion/controllerrevision.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps/internalversion/controllerrevision.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/apps/internalversion"
-	time "time"
 )
 
 // ControllerRevisionInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps/internalversion/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps/internalversion/interface.go
index 1c75f780edb0..8d2a857c0a45 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps/internalversion/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps/internalversion/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps/internalversion/statefulset.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps/internalversion/statefulset.go
index 6e3bb29b802d..86c44ae44527 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps/internalversion/statefulset.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/apps/internalversion/statefulset.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/apps/internalversion"
-	time "time"
 )
 
 // StatefulSetInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/autoscaling/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/autoscaling/interface.go
index 930736e5bc7d..5ddd3e8b94c5 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/autoscaling/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/autoscaling/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package autoscaling
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/autoscaling/internalversion/horizontalpodautoscaler.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/autoscaling/internalversion/horizontalpodautoscaler.go
index 7232de822170..5b5c6f713323 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/autoscaling/internalversion/horizontalpodautoscaler.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/autoscaling/internalversion/horizontalpodautoscaler.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/autoscaling/internalversion"
-	time "time"
 )
 
 // HorizontalPodAutoscalerInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/autoscaling/internalversion/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/autoscaling/internalversion/interface.go
index 37690fd99a34..3a3ae9b3a1f1 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/autoscaling/internalversion/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/autoscaling/internalversion/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch/interface.go
index afb31334d9ff..cd8f752352d4 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package batch
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch/internalversion/cronjob.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch/internalversion/cronjob.go
index 1f234cfb80c1..0ffa71d7c27a 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch/internalversion/cronjob.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch/internalversion/cronjob.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/batch/internalversion"
-	time "time"
 )
 
 // CronJobInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch/internalversion/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch/internalversion/interface.go
index 7064bd64c77a..ac6fc29d4e83 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch/internalversion/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch/internalversion/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch/internalversion/job.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch/internalversion/job.go
index 023ca84faafc..26324a1acc92 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch/internalversion/job.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/batch/internalversion/job.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/batch/internalversion"
-	time "time"
 )
 
 // JobInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/certificates/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/certificates/interface.go
index 8aa1b6eb8783..d17220007624 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/certificates/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/certificates/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package certificates
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/certificates/internalversion/certificatesigningrequest.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/certificates/internalversion/certificatesigningrequest.go
index 9ec66c83e01a..40bdf7cd9ec3 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/certificates/internalversion/certificatesigningrequest.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/certificates/internalversion/certificatesigningrequest.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/certificates/internalversion"
-	time "time"
 )
 
 // CertificateSigningRequestInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/certificates/internalversion/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/certificates/internalversion/interface.go
index b319d89c87cb..da372c1e595c 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/certificates/internalversion/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/certificates/internalversion/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/interface.go
index 5be46b908f71..1a5efd5a6dc6 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package core
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/componentstatus.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/componentstatus.go
index ec94828e3b74..99086e780d25 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/componentstatus.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/componentstatus.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/core/internalversion"
-	time "time"
 )
 
 // ComponentStatusInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/configmap.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/configmap.go
index 1681a23540a5..7ea5180099c6 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/configmap.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/configmap.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/core/internalversion"
-	time "time"
 )
 
 // ConfigMapInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/endpoints.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/endpoints.go
index 20a9319bf007..9d93a579d4f9 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/endpoints.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/endpoints.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/core/internalversion"
-	time "time"
 )
 
 // EndpointsInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/event.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/event.go
index 0a3d085ac29e..08147dc2bb3b 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/event.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/event.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/core/internalversion"
-	time "time"
 )
 
 // EventInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/interface.go
index 48a4e4a25a69..6e5fd45a9672 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/limitrange.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/limitrange.go
index 37181403c947..5655fa1cc8d6 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/limitrange.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/limitrange.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/core/internalversion"
-	time "time"
 )
 
 // LimitRangeInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/namespace.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/namespace.go
index 8d321e22264e..a12b87669da9 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/namespace.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/namespace.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/core/internalversion"
-	time "time"
 )
 
 // NamespaceInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/node.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/node.go
index 55ea586661eb..340b9b5acb97 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/node.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/node.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/core/internalversion"
-	time "time"
 )
 
 // NodeInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/persistentvolume.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/persistentvolume.go
index 90c539dc2935..356c46c8ab35 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/persistentvolume.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/persistentvolume.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/core/internalversion"
-	time "time"
 )
 
 // PersistentVolumeInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/persistentvolumeclaim.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/persistentvolumeclaim.go
index 57ceee071e3a..04561b1ccc15 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/persistentvolumeclaim.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/persistentvolumeclaim.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/core/internalversion"
-	time "time"
 )
 
 // PersistentVolumeClaimInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/pod.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/pod.go
index 53029da5d257..19f0d40ab91b 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/pod.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/pod.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/core/internalversion"
-	time "time"
 )
 
 // PodInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/podtemplate.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/podtemplate.go
index d7b3551d550f..2ce73b1556bd 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/podtemplate.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/podtemplate.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/core/internalversion"
-	time "time"
 )
 
 // PodTemplateInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/replicationcontroller.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/replicationcontroller.go
index defb354ec7a4..59c431f59a05 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/replicationcontroller.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/replicationcontroller.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/core/internalversion"
-	time "time"
 )
 
 // ReplicationControllerInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/resourcequota.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/resourcequota.go
index ea1f1fa026de..3ed48d908d3a 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/resourcequota.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/resourcequota.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/core/internalversion"
-	time "time"
 )
 
 // ResourceQuotaInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/secret.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/secret.go
index 41bb46aaa92b..e7cbe2301a50 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/secret.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/secret.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/core/internalversion"
-	time "time"
 )
 
 // SecretInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/service.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/service.go
index 55bc3328d3b4..5a9cb6ff58bb 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/service.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/service.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/core/internalversion"
-	time "time"
 )
 
 // ServiceInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/serviceaccount.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/serviceaccount.go
index aff62b4bc5c4..7cb44d913fa0 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/serviceaccount.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion/serviceaccount.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/core/internalversion"
-	time "time"
 )
 
 // ServiceAccountInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/interface.go
index 55b3aa788b7a..c6c24a40e3c0 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package extensions
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/daemonset.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/daemonset.go
index ac77b8d34be5..3f53830635b5 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/daemonset.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/daemonset.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/extensions/internalversion"
-	time "time"
 )
 
 // DaemonSetInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/deployment.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/deployment.go
index 36b8eda664ad..68286149039a 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/deployment.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/deployment.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/extensions/internalversion"
-	time "time"
 )
 
 // DeploymentInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/ingress.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/ingress.go
index 41ca2e328216..92139faf515d 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/ingress.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/ingress.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/extensions/internalversion"
-	time "time"
 )
 
 // IngressInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/interface.go
index 7d5d8573584f..43e8779c9fc9 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/podsecuritypolicy.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/podsecuritypolicy.go
index dd4254f73371..396843f3dfcf 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/podsecuritypolicy.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/podsecuritypolicy.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/extensions/internalversion"
-	time "time"
 )
 
 // PodSecurityPolicyInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/replicaset.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/replicaset.go
index 5ec97fc57d18..894482ca39e6 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/replicaset.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/extensions/internalversion/replicaset.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/extensions/internalversion"
-	time "time"
 )
 
 // ReplicaSetInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/factory.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/factory.go
index 8d006ad7d8ad..452d2cc2c287 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/factory.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/factory.go
@@ -14,11 +14,15 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	reflect "reflect"
+	sync "sync"
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	schema "k8s.io/apimachinery/pkg/runtime/schema"
@@ -38,9 +42,6 @@ import (
 	scheduling "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/scheduling"
 	settings "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/settings"
 	storage "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/storage"
-	reflect "reflect"
-	sync "sync"
-	time "time"
 )
 
 type sharedInformerFactory struct {
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/generic.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/generic.go
index ee1c51ce8ecf..5f9611d15c47 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/generic.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/generic.go
@@ -14,12 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
 	"fmt"
+
 	schema "k8s.io/apimachinery/pkg/runtime/schema"
 	cache "k8s.io/client-go/tools/cache"
 	admissionregistration "k8s.io/kubernetes/pkg/apis/admissionregistration"
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces/factory_interfaces.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces/factory_interfaces.go
index 15fe3e9964a2..42cb80185358 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces/factory_interfaces.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces/factory_interfaces.go
@@ -14,16 +14,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalinterfaces
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	cache "k8s.io/client-go/tools/cache"
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
-	time "time"
 )
 
 type NewInformerFunc func(internalclientset.Interface, time.Duration) cache.SharedIndexInformer
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/networking/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/networking/interface.go
index bf6917bb85d4..c96a74636d3e 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/networking/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/networking/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package networking
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/networking/internalversion/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/networking/internalversion/interface.go
index 48b5b4852ccb..8070e2d55626 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/networking/internalversion/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/networking/internalversion/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/networking/internalversion/networkpolicy.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/networking/internalversion/networkpolicy.go
index 2e9a688a79b0..3dcf72eb1f28 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/networking/internalversion/networkpolicy.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/networking/internalversion/networkpolicy.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/networking/internalversion"
-	time "time"
 )
 
 // NetworkPolicyInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/policy/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/policy/interface.go
index 93b04cf43f30..7c910f93ef95 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/policy/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/policy/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package policy
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/policy/internalversion/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/policy/internalversion/interface.go
index 38239a69eb25..8ccd8ce5867e 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/policy/internalversion/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/policy/internalversion/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/policy/internalversion/poddisruptionbudget.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/policy/internalversion/poddisruptionbudget.go
index 01c5b7be8205..a48310d96d4b 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/policy/internalversion/poddisruptionbudget.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/policy/internalversion/poddisruptionbudget.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/policy/internalversion"
-	time "time"
 )
 
 // PodDisruptionBudgetInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/interface.go
index 4d6cec593f4e..63f618e4570d 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package rbac
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/clusterrole.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/clusterrole.go
index 42b69e1377ab..552c22c096d1 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/clusterrole.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/clusterrole.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/rbac/internalversion"
-	time "time"
 )
 
 // ClusterRoleInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/clusterrolebinding.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/clusterrolebinding.go
index 7ba4297f2a7f..0536f98ebb4c 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/clusterrolebinding.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/clusterrolebinding.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/rbac/internalversion"
-	time "time"
 )
 
 // ClusterRoleBindingInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/interface.go
index 920ebda64dce..c336a61fd132 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/role.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/role.go
index f09a5a230be9..2d9af7d28dc9 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/role.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/role.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/rbac/internalversion"
-	time "time"
 )
 
 // RoleInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/rolebinding.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/rolebinding.go
index 5382f2d130e2..6eb1dc9b742c 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/rolebinding.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/rbac/internalversion/rolebinding.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/rbac/internalversion"
-	time "time"
 )
 
 // RoleBindingInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/scheduling/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/scheduling/interface.go
index e9f36dc1e02d..a1380471ebf0 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/scheduling/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/scheduling/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package scheduling
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/scheduling/internalversion/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/scheduling/internalversion/interface.go
index 4e856b0b671d..053e14cc2b8d 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/scheduling/internalversion/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/scheduling/internalversion/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/scheduling/internalversion/priorityclass.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/scheduling/internalversion/priorityclass.go
index addf24cd4aad..f3bdd79f8680 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/scheduling/internalversion/priorityclass.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/scheduling/internalversion/priorityclass.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/scheduling/internalversion"
-	time "time"
 )
 
 // PriorityClassInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/settings/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/settings/interface.go
index 7e3ce2132c95..c8a397b45d23 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/settings/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/settings/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package settings
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/settings/internalversion/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/settings/internalversion/interface.go
index b518c14f2f4e..01c72ac6d2a1 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/settings/internalversion/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/settings/internalversion/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/settings/internalversion/podpreset.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/settings/internalversion/podpreset.go
index 93a1dbe2bd84..56b689614f0c 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/settings/internalversion/podpreset.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/settings/internalversion/podpreset.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/settings/internalversion"
-	time "time"
 )
 
 // PodPresetInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/storage/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/storage/interface.go
index 2bffda1951cc..b25e93a6bc31 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/storage/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/storage/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package storage
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/storage/internalversion/interface.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/storage/internalversion/interface.go
index 71960e414317..7695a6df6ec5 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/storage/internalversion/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/storage/internalversion/interface.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/storage/internalversion/storageclass.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/storage/internalversion/storageclass.go
index 6c0d43ea5278..114a22145910 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/storage/internalversion/storageclass.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/storage/internalversion/storageclass.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/storage/internalversion"
-	time "time"
 )
 
 // StorageClassInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/storage/internalversion/volumeattachment.go b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/storage/internalversion/volumeattachment.go
index 62a4bca59938..4e30c7c213cf 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/storage/internalversion/volumeattachment.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/storage/internalversion/volumeattachment.go
@@ -14,11 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by informer-gen
+// Code generated by informer-gen. DO NOT EDIT.
 
 package internalversion
 
 import (
+	time "time"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"
@@ -27,7 +29,6 @@ import (
 	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	internalinterfaces "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/internalinterfaces"
 	internalversion "k8s.io/kubernetes/pkg/client/listers/storage/internalversion"
-	time "time"
 )
 
 // VolumeAttachmentInformer provides access to a shared informer and lister for
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion/expansion_generated.go b/vendor/k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion/expansion_generated.go
index c8cb4b85ea4a..b03e30bb1883 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion/expansion_generated.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion/initializerconfiguration.go b/vendor/k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion/initializerconfiguration.go
index 34641e94dcb8..bad503613759 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion/initializerconfiguration.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion/initializerconfiguration.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion/mutatingwebhookconfiguration.go b/vendor/k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion/mutatingwebhookconfiguration.go
index 0f69668f5bbe..663e519f831b 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion/mutatingwebhookconfiguration.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion/mutatingwebhookconfiguration.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion/validatingwebhookconfiguration.go b/vendor/k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion/validatingwebhookconfiguration.go
index e17c0bec989d..29cd5e4d1f09 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion/validatingwebhookconfiguration.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/admissionregistration/internalversion/validatingwebhookconfiguration.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/apps/internalversion/controllerrevision.go b/vendor/k8s.io/kubernetes/pkg/client/listers/apps/internalversion/controllerrevision.go
index 9d7be2425aeb..613265e0481d 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/apps/internalversion/controllerrevision.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/apps/internalversion/controllerrevision.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/apps/internalversion/expansion_generated.go b/vendor/k8s.io/kubernetes/pkg/client/listers/apps/internalversion/expansion_generated.go
index caae093af0db..ad7c9afd00f2 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/apps/internalversion/expansion_generated.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/apps/internalversion/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/apps/internalversion/statefulset.go b/vendor/k8s.io/kubernetes/pkg/client/listers/apps/internalversion/statefulset.go
index b43156f59e38..b2c6341559d5 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/apps/internalversion/statefulset.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/apps/internalversion/statefulset.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/autoscaling/internalversion/expansion_generated.go b/vendor/k8s.io/kubernetes/pkg/client/listers/autoscaling/internalversion/expansion_generated.go
index c1756faa9eb4..f83edbdeb54b 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/autoscaling/internalversion/expansion_generated.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/autoscaling/internalversion/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/autoscaling/internalversion/horizontalpodautoscaler.go b/vendor/k8s.io/kubernetes/pkg/client/listers/autoscaling/internalversion/horizontalpodautoscaler.go
index 69269d12fc49..f1a9dcb08219 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/autoscaling/internalversion/horizontalpodautoscaler.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/autoscaling/internalversion/horizontalpodautoscaler.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/batch/internalversion/BUILD b/vendor/k8s.io/kubernetes/pkg/client/listers/batch/internalversion/BUILD
index 1f0b2079958c..246c68acb0b6 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/batch/internalversion/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/batch/internalversion/BUILD
@@ -28,8 +28,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["job_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/client/listers/batch/internalversion",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/batch:go_default_library",
         "//pkg/apis/core:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/batch/internalversion/cronjob.go b/vendor/k8s.io/kubernetes/pkg/client/listers/batch/internalversion/cronjob.go
index 3df69bf9932b..8e7185dbfad1 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/batch/internalversion/cronjob.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/batch/internalversion/cronjob.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/batch/internalversion/expansion_generated.go b/vendor/k8s.io/kubernetes/pkg/client/listers/batch/internalversion/expansion_generated.go
index 5334bff92790..0ff3e18c845e 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/batch/internalversion/expansion_generated.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/batch/internalversion/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/batch/internalversion/job.go b/vendor/k8s.io/kubernetes/pkg/client/listers/batch/internalversion/job.go
index 139f794f23b8..df35e55ef0a7 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/batch/internalversion/job.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/batch/internalversion/job.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/certificates/internalversion/certificatesigningrequest.go b/vendor/k8s.io/kubernetes/pkg/client/listers/certificates/internalversion/certificatesigningrequest.go
index 6b3d96bb6b0d..c63428689b07 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/certificates/internalversion/certificatesigningrequest.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/certificates/internalversion/certificatesigningrequest.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/certificates/internalversion/expansion_generated.go b/vendor/k8s.io/kubernetes/pkg/client/listers/certificates/internalversion/expansion_generated.go
index 9d8c9b52e857..9fa1a05daae7 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/certificates/internalversion/expansion_generated.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/certificates/internalversion/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/componentstatus.go b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/componentstatus.go
index 34672845411c..bb8afc714402 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/componentstatus.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/componentstatus.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/configmap.go b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/configmap.go
index e3cb54f68966..d05669f063a3 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/configmap.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/configmap.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/endpoints.go b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/endpoints.go
index 181f2ef52dec..a97c81d66284 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/endpoints.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/endpoints.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/event.go b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/event.go
index 0f029d19744a..84a6f2711a9b 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/event.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/event.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/expansion_generated.go b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/expansion_generated.go
index 506f5a84ab79..2e9317629da5 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/expansion_generated.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/limitrange.go b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/limitrange.go
index caf17946c6a9..cb68ef58e643 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/limitrange.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/limitrange.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/namespace.go b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/namespace.go
index db1b724bf5c7..a371c7b50539 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/namespace.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/namespace.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/node.go b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/node.go
index 3e870fa437b9..5a50f5210b83 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/node.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/node.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/persistentvolume.go b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/persistentvolume.go
index a4acc9181658..bacd417f9148 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/persistentvolume.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/persistentvolume.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/persistentvolumeclaim.go b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/persistentvolumeclaim.go
index 0e844e2a6e7f..2e287c7dd19a 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/persistentvolumeclaim.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/persistentvolumeclaim.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/pod.go b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/pod.go
index 50c423cc7610..2933319fffc9 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/pod.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/pod.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/podtemplate.go b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/podtemplate.go
index b9107bae96ec..d2805a122ca7 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/podtemplate.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/podtemplate.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/replicationcontroller.go b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/replicationcontroller.go
index acd50236613a..0bc43e811e25 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/replicationcontroller.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/replicationcontroller.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/resourcequota.go b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/resourcequota.go
index af9f1af09cf0..19b8b1a62a07 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/resourcequota.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/resourcequota.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/secret.go b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/secret.go
index 18cd65735d01..8b35ecaaca9b 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/secret.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/secret.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/service.go b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/service.go
index a2d0644af488..147e7b797ec2 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/service.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/service.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/serviceaccount.go b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/serviceaccount.go
index 78e8e96e42bd..8a18d47985d1 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/serviceaccount.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/core/internalversion/serviceaccount.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/BUILD b/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/BUILD
index 2e76730a7c3c..464b8603ca9b 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/BUILD
@@ -46,8 +46,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["daemonset_expansion_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/client/listers/extensions/internalversion",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/extensions:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/daemonset.go b/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/daemonset.go
index 36f6b1e39187..21940cca3539 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/daemonset.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/daemonset.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/deployment.go b/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/deployment.go
index da8b8efd0c02..5f0a7c3fb958 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/deployment.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/deployment.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/expansion_generated.go b/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/expansion_generated.go
index 6b63294a7e19..48d8f033b150 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/expansion_generated.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/ingress.go b/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/ingress.go
index 79892903afcd..d3afedbb1ea6 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/ingress.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/ingress.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/podsecuritypolicy.go b/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/podsecuritypolicy.go
index 8db690522cd7..397323b3a2ac 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/podsecuritypolicy.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/podsecuritypolicy.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/replicaset.go b/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/replicaset.go
index a6d0f4c26e9d..cb9f426e7765 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/replicaset.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/extensions/internalversion/replicaset.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/networking/internalversion/expansion_generated.go b/vendor/k8s.io/kubernetes/pkg/client/listers/networking/internalversion/expansion_generated.go
index 55b40392ba62..2ccf608a9551 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/networking/internalversion/expansion_generated.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/networking/internalversion/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/networking/internalversion/networkpolicy.go b/vendor/k8s.io/kubernetes/pkg/client/listers/networking/internalversion/networkpolicy.go
index c1abebedc183..98de2f2f27f8 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/networking/internalversion/networkpolicy.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/networking/internalversion/networkpolicy.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/policy/internalversion/eviction.go b/vendor/k8s.io/kubernetes/pkg/client/listers/policy/internalversion/eviction.go
index 743271fda859..a39fde45b0e2 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/policy/internalversion/eviction.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/policy/internalversion/eviction.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/policy/internalversion/expansion_generated.go b/vendor/k8s.io/kubernetes/pkg/client/listers/policy/internalversion/expansion_generated.go
index 7591e3eb6bde..e89fa4c8b444 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/policy/internalversion/expansion_generated.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/policy/internalversion/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/policy/internalversion/poddisruptionbudget.go b/vendor/k8s.io/kubernetes/pkg/client/listers/policy/internalversion/poddisruptionbudget.go
index 9ea20e4f7287..c8ae24eb3fb5 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/policy/internalversion/poddisruptionbudget.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/policy/internalversion/poddisruptionbudget.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/clusterrole.go b/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/clusterrole.go
index c18f546052b9..ce6ea269569b 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/clusterrole.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/clusterrole.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/clusterrolebinding.go b/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/clusterrolebinding.go
index 53e6ba1fd8a7..774c25b54508 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/clusterrolebinding.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/clusterrolebinding.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/expansion_generated.go b/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/expansion_generated.go
index a4ddf2437d93..2af26bffb119 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/expansion_generated.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/role.go b/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/role.go
index 2a1355214f56..897d1cb039b2 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/role.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/role.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/rolebinding.go b/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/rolebinding.go
index 02392a00661b..7c508c7e119f 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/rolebinding.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/rbac/internalversion/rolebinding.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/scheduling/internalversion/expansion_generated.go b/vendor/k8s.io/kubernetes/pkg/client/listers/scheduling/internalversion/expansion_generated.go
index e846b204bea0..4565581d5c8d 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/scheduling/internalversion/expansion_generated.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/scheduling/internalversion/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/scheduling/internalversion/priorityclass.go b/vendor/k8s.io/kubernetes/pkg/client/listers/scheduling/internalversion/priorityclass.go
index e2d510b12471..514494ebdb20 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/scheduling/internalversion/priorityclass.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/scheduling/internalversion/priorityclass.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/settings/internalversion/expansion_generated.go b/vendor/k8s.io/kubernetes/pkg/client/listers/settings/internalversion/expansion_generated.go
index 169001b17388..583204a5168c 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/settings/internalversion/expansion_generated.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/settings/internalversion/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/settings/internalversion/podpreset.go b/vendor/k8s.io/kubernetes/pkg/client/listers/settings/internalversion/podpreset.go
index afecfe1ddfe3..797d6e1b28a7 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/settings/internalversion/podpreset.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/settings/internalversion/podpreset.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/storage/internalversion/expansion_generated.go b/vendor/k8s.io/kubernetes/pkg/client/listers/storage/internalversion/expansion_generated.go
index 7b5bff6ba320..8f104043debf 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/storage/internalversion/expansion_generated.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/storage/internalversion/expansion_generated.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/storage/internalversion/storageclass.go b/vendor/k8s.io/kubernetes/pkg/client/listers/storage/internalversion/storageclass.go
index a1f2109bc01f..a96eb5c879ce 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/storage/internalversion/storageclass.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/storage/internalversion/storageclass.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/listers/storage/internalversion/volumeattachment.go b/vendor/k8s.io/kubernetes/pkg/client/listers/storage/internalversion/volumeattachment.go
index c0d91fdbc907..af905d67da69 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/listers/storage/internalversion/volumeattachment.go
+++ b/vendor/k8s.io/kubernetes/pkg/client/listers/storage/internalversion/volumeattachment.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was automatically generated by lister-gen
+// Code generated by lister-gen. DO NOT EDIT.
 
 package internalversion
 
diff --git a/vendor/k8s.io/kubernetes/pkg/client/unversioned/BUILD b/vendor/k8s.io/kubernetes/pkg/client/unversioned/BUILD
deleted file mode 100644
index 4ed4a551f17b..000000000000
--- a/vendor/k8s.io/kubernetes/pkg/client/unversioned/BUILD
+++ /dev/null
@@ -1,67 +0,0 @@
-package(default_visibility = ["//visibility:public"])
-
-load(
-    "@io_bazel_rules_go//go:def.bzl",
-    "go_library",
-    "go_test",
-)
-
-go_library(
-    name = "go_default_library",
-    srcs = [
-        "conditions.go",
-        "helper.go",
-    ],
-    importpath = "k8s.io/kubernetes/pkg/client/unversioned",
-    deps = [
-        "//pkg/api/legacyscheme:go_default_library",
-        "//pkg/api/pod:go_default_library",
-        "//pkg/apis/apps:go_default_library",
-        "//pkg/apis/batch:go_default_library",
-        "//pkg/apis/core:go_default_library",
-        "//pkg/apis/extensions:go_default_library",
-        "//pkg/client/clientset_generated/internalclientset/typed/apps/internalversion:go_default_library",
-        "//pkg/client/clientset_generated/internalclientset/typed/batch/internalversion:go_default_library",
-        "//pkg/client/clientset_generated/internalclientset/typed/core/internalversion:go_default_library",
-        "//pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
-        "//vendor/k8s.io/client-go/plugin/pkg/client/auth:go_default_library",
-        "//vendor/k8s.io/client-go/rest:go_default_library",
-    ],
-)
-
-go_test(
-    name = "go_default_test",
-    srcs = ["helper_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/client/unversioned",
-    library = ":go_default_library",
-    deps = [
-        "//pkg/api/legacyscheme:go_default_library",
-        "//pkg/api/testapi:go_default_library",
-        "//pkg/apis/core:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
-        "//vendor/k8s.io/client-go/rest:go_default_library",
-    ],
-)
-
-filegroup(
-    name = "package-srcs",
-    srcs = glob(["**"]),
-    tags = ["automanaged"],
-    visibility = ["//visibility:private"],
-)
-
-filegroup(
-    name = "all-srcs",
-    srcs = [
-        ":package-srcs",
-        "//pkg/client/unversioned/testclient/simple:all-srcs",
-    ],
-    tags = ["automanaged"],
-)
diff --git a/vendor/k8s.io/kubernetes/pkg/client/unversioned/OWNERS b/vendor/k8s.io/kubernetes/pkg/client/unversioned/OWNERS
deleted file mode 100755
index 72344a162c34..000000000000
--- a/vendor/k8s.io/kubernetes/pkg/client/unversioned/OWNERS
+++ /dev/null
@@ -1,38 +0,0 @@
-reviewers:
-- thockin
-- lavalamp
-- smarterclayton
-- wojtek-t
-- deads2k
-- derekwaynecarr
-- caesarxuchao
-- vishh
-- mikedanese
-- liggitt
-- nikhiljindal
-- ixdy
-- gmarek
-- erictune
-- davidopp
-- pmorie
-- sttts
-- saad-ali
-- zmerlynn
-- janetkuo
-- ncdc
-- tallclair
-- mwielgus
-- timothysc
-- feiskyer
-- jlowdermilk
-- soltysh
-- piosz
-- dims
-- errordeveloper
-- madhusudancs
-- hongchaodeng
-- krousey
-- jayunit100
-- jszczepkowski
-- jdef
-- mml
diff --git a/vendor/k8s.io/kubernetes/pkg/client/unversioned/helper.go b/vendor/k8s.io/kubernetes/pkg/client/unversioned/helper.go
deleted file mode 100644
index ca0fc2c70d4e..000000000000
--- a/vendor/k8s.io/kubernetes/pkg/client/unversioned/helper.go
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
-Copyright 2014 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package unversioned
-
-import (
-	"k8s.io/apimachinery/pkg/runtime/schema"
-	restclient "k8s.io/client-go/rest"
-	"k8s.io/kubernetes/pkg/api/legacyscheme"
-	// Import solely to initialize client auth plugins.
-	_ "k8s.io/client-go/plugin/pkg/client/auth"
-)
-
-const (
-	legacyAPIPath  = "/api"
-	defaultAPIPath = "/apis"
-)
-
-// SetKubernetesDefaults sets default values on the provided client config for accessing the
-// Kubernetes API or returns an error if any of the defaults are impossible or invalid.
-// TODO: this method needs to be split into one that sets defaults per group, expected to be fix in PR "Refactoring clientcache.go and helper.go #14592"
-func SetKubernetesDefaults(config *restclient.Config) error {
-	if config.APIPath == "" {
-		config.APIPath = legacyAPIPath
-	}
-	// TODO chase down uses and tolerate nil
-	if config.GroupVersion == nil {
-		config.GroupVersion = &schema.GroupVersion{}
-	}
-	if config.NegotiatedSerializer == nil {
-		config.NegotiatedSerializer = legacyscheme.Codecs
-	}
-	return restclient.SetKubernetesDefaults(config)
-}
-
-func setGroupDefaults(groupName string, config *restclient.Config) error {
-	config.APIPath = defaultAPIPath
-	if config.UserAgent == "" {
-		config.UserAgent = restclient.DefaultKubernetesUserAgent()
-	}
-	if config.GroupVersion == nil || config.GroupVersion.Group != groupName {
-		g, err := legacyscheme.Registry.Group(groupName)
-		if err != nil {
-			return err
-		}
-		copyGroupVersion := g.GroupVersion
-		config.GroupVersion = &copyGroupVersion
-	}
-	if config.NegotiatedSerializer == nil {
-		config.NegotiatedSerializer = legacyscheme.Codecs
-	}
-	return nil
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/cloud.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/cloud.go
index 2e46d47d339d..9ca91ebf3179 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/cloud.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/cloud.go
@@ -17,6 +17,7 @@ limitations under the License.
 package cloudprovider
 
 import (
+	"context"
 	"errors"
 	"fmt"
 	"strings"
@@ -44,8 +45,6 @@ type Interface interface {
 	Routes() (Routes, bool)
 	// ProviderName returns the cloud provider ID.
 	ProviderName() string
-	// ScrubDNS provides an opportunity for cloud-provider-specific code to process DNS settings for pods.
-	ScrubDNS(nameservers, searches []string) (nsOut, srchOut []string)
 	// HasClusterID returns true if a ClusterID is required and set
 	HasClusterID() bool
 }
@@ -58,9 +57,9 @@ type InformerUser interface {
 // Clusters is an abstract, pluggable interface for clusters of containers.
 type Clusters interface {
 	// ListClusters lists the names of the available clusters.
-	ListClusters() ([]string, error)
+	ListClusters(ctx context.Context) ([]string, error)
 	// Master gets back the address (either DNS name or IP address) of the master node for the cluster.
-	Master(clusterName string) (string, error)
+	Master(ctx context.Context, clusterName string) (string, error)
 }
 
 // TODO(#6812): Use a shorter name that's less likely to be longer than cloud
@@ -77,12 +76,12 @@ func GetLoadBalancerName(service *v1.Service) string {
 }
 
 // GetInstanceProviderID builds a ProviderID for a node in a cloud.
-func GetInstanceProviderID(cloud Interface, nodeName types.NodeName) (string, error) {
+func GetInstanceProviderID(ctx context.Context, cloud Interface, nodeName types.NodeName) (string, error) {
 	instances, ok := cloud.Instances()
 	if !ok {
 		return "", fmt.Errorf("failed to get instances from cloud provider")
 	}
-	instanceID, err := instances.InstanceID(nodeName)
+	instanceID, err := instances.InstanceID(ctx, nodeName)
 	if err != nil {
 		return "", fmt.Errorf("failed to get instance ID from cloud provider: %v", err)
 	}
@@ -96,17 +95,17 @@ type LoadBalancer interface {
 	// if so, what its status is.
 	// Implementations must treat the *v1.Service parameter as read-only and not modify it.
 	// Parameter 'clusterName' is the name of the cluster as presented to kube-controller-manager
-	GetLoadBalancer(clusterName string, service *v1.Service) (status *v1.LoadBalancerStatus, exists bool, err error)
+	GetLoadBalancer(ctx context.Context, clusterName string, service *v1.Service) (status *v1.LoadBalancerStatus, exists bool, err error)
 	// EnsureLoadBalancer creates a new load balancer 'name', or updates the existing one. Returns the status of the balancer
 	// Implementations must treat the *v1.Service and *v1.Node
 	// parameters as read-only and not modify them.
 	// Parameter 'clusterName' is the name of the cluster as presented to kube-controller-manager
-	EnsureLoadBalancer(clusterName string, service *v1.Service, nodes []*v1.Node) (*v1.LoadBalancerStatus, error)
+	EnsureLoadBalancer(ctx context.Context, clusterName string, service *v1.Service, nodes []*v1.Node) (*v1.LoadBalancerStatus, error)
 	// UpdateLoadBalancer updates hosts under the specified load balancer.
 	// Implementations must treat the *v1.Service and *v1.Node
 	// parameters as read-only and not modify them.
 	// Parameter 'clusterName' is the name of the cluster as presented to kube-controller-manager
-	UpdateLoadBalancer(clusterName string, service *v1.Service, nodes []*v1.Node) error
+	UpdateLoadBalancer(ctx context.Context, clusterName string, service *v1.Service, nodes []*v1.Node) error
 	// EnsureLoadBalancerDeleted deletes the specified load balancer if it
 	// exists, returning nil if the load balancer specified either didn't exist or
 	// was successfully deleted.
@@ -115,7 +114,7 @@ type LoadBalancer interface {
 	// doesn't exist even if some part of it is still laying around.
 	// Implementations must treat the *v1.Service parameter as read-only and not modify it.
 	// Parameter 'clusterName' is the name of the cluster as presented to kube-controller-manager
-	EnsureLoadBalancerDeleted(clusterName string, service *v1.Service) error
+	EnsureLoadBalancerDeleted(ctx context.Context, clusterName string, service *v1.Service) error
 }
 
 // Instances is an abstract, pluggable interface for sets of instances.
@@ -124,31 +123,31 @@ type Instances interface {
 	// TODO(roberthbailey): This currently is only used in such a way that it
 	// returns the address of the calling instance. We should do a rename to
 	// make this clearer.
-	NodeAddresses(name types.NodeName) ([]v1.NodeAddress, error)
+	NodeAddresses(ctx context.Context, name types.NodeName) ([]v1.NodeAddress, error)
 	// NodeAddressesByProviderID returns the addresses of the specified instance.
 	// The instance is specified using the providerID of the node. The
 	// ProviderID is a unique identifier of the node. This will not be called
 	// from the node whose nodeaddresses are being queried. i.e. local metadata
 	// services cannot be used in this method to obtain nodeaddresses
-	NodeAddressesByProviderID(providerID string) ([]v1.NodeAddress, error)
+	NodeAddressesByProviderID(ctx context.Context, providerID string) ([]v1.NodeAddress, error)
 	// ExternalID returns the cloud provider ID of the node with the specified NodeName.
 	// Note that if the instance does not exist or is no longer running, we must return ("", cloudprovider.InstanceNotFound)
-	ExternalID(nodeName types.NodeName) (string, error)
+	ExternalID(ctx context.Context, nodeName types.NodeName) (string, error)
 	// InstanceID returns the cloud provider ID of the node with the specified NodeName.
-	InstanceID(nodeName types.NodeName) (string, error)
+	InstanceID(ctx context.Context, nodeName types.NodeName) (string, error)
 	// InstanceType returns the type of the specified instance.
-	InstanceType(name types.NodeName) (string, error)
+	InstanceType(ctx context.Context, name types.NodeName) (string, error)
 	// InstanceTypeByProviderID returns the type of the specified instance.
-	InstanceTypeByProviderID(providerID string) (string, error)
+	InstanceTypeByProviderID(ctx context.Context, providerID string) (string, error)
 	// AddSSHKeyToAllInstances adds an SSH public key as a legal identity for all instances
 	// expected format for the key is standard ssh-keygen format: <protocol> <blob>
-	AddSSHKeyToAllInstances(user string, keyData []byte) error
+	AddSSHKeyToAllInstances(ctx context.Context, user string, keyData []byte) error
 	// CurrentNodeName returns the name of the node we are currently running on
 	// On most clouds (e.g. GCE) this is the hostname, so we provide the hostname
-	CurrentNodeName(hostname string) (types.NodeName, error)
+	CurrentNodeName(ctx context.Context, hostname string) (types.NodeName, error)
 	// InstanceExistsByProviderID returns true if the instance for the given provider id still is running.
 	// If false is returned with no error, the instance will be immediately deleted by the cloud controller manager.
-	InstanceExistsByProviderID(providerID string) (bool, error)
+	InstanceExistsByProviderID(ctx context.Context, providerID string) (bool, error)
 }
 
 // Route is a representation of an advanced routing rule.
@@ -169,14 +168,14 @@ type Route struct {
 // Routes is an abstract, pluggable interface for advanced routing rules.
 type Routes interface {
 	// ListRoutes lists all managed routes that belong to the specified clusterName
-	ListRoutes(clusterName string) ([]*Route, error)
+	ListRoutes(ctx context.Context, clusterName string) ([]*Route, error)
 	// CreateRoute creates the described managed route
 	// route.Name will be ignored, although the cloud-provider may use nameHint
 	// to create a more user-meaningful name.
-	CreateRoute(clusterName string, nameHint string, route *Route) error
+	CreateRoute(ctx context.Context, clusterName string, nameHint string, route *Route) error
 	// DeleteRoute deletes the specified managed route
 	// Route should be as returned by ListRoutes
-	DeleteRoute(clusterName string, route *Route) error
+	DeleteRoute(ctx context.Context, clusterName string, route *Route) error
 }
 
 var (
@@ -194,23 +193,23 @@ type Zone struct {
 // Zones is an abstract, pluggable interface for zone enumeration.
 type Zones interface {
 	// GetZone returns the Zone containing the current failure zone and locality region that the program is running in
-	// In most cases, this method is called from the kubelet querying a local metadata service to aquire its zone.
+	// In most cases, this method is called from the kubelet querying a local metadata service to acquire its zone.
 	// For the case of external cloud providers, use GetZoneByProviderID or GetZoneByNodeName since GetZone
 	// can no longer be called from the kubelets.
-	GetZone() (Zone, error)
+	GetZone(ctx context.Context) (Zone, error)
 
 	// GetZoneByProviderID returns the Zone containing the current zone and locality region of the node specified by providerId
 	// This method is particularly used in the context of external cloud providers where node initialization must be down
 	// outside the kubelets.
-	GetZoneByProviderID(providerID string) (Zone, error)
+	GetZoneByProviderID(ctx context.Context, providerID string) (Zone, error)
 
 	// GetZoneByNodeName returns the Zone containing the current zone and locality region of the node specified by node name
 	// This method is particularly used in the context of external cloud providers where node initialization must be down
 	// outside the kubelets.
-	GetZoneByNodeName(nodeName types.NodeName) (Zone, error)
+	GetZoneByNodeName(ctx context.Context, nodeName types.NodeName) (Zone, error)
 }
 
 // PVLabeler is an abstract, pluggable interface for fetching labels for volumes
 type PVLabeler interface {
-	GetLabelsForVolume(pv *v1.PersistentVolume) (map[string]string, error)
+	GetLabelsForVolume(ctx context.Context, pv *v1.PersistentVolume) (map[string]string, error)
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/plugins.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/plugins.go
index 0fc41f5eaf88..739c09613394 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/plugins.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/plugins.go
@@ -60,23 +60,11 @@ func IsCloudProvider(name string) bool {
 	return found
 }
 
-// CloudProviders returns the name of all registered cloud providers in a
-// string slice
-func CloudProviders() []string {
-	names := []string{}
-	providersMutex.Lock()
-	defer providersMutex.Unlock()
-	for name := range providers {
-		names = append(names, name)
-	}
-	return names
-}
-
 // GetCloudProvider creates an instance of the named cloud provider, or nil if
 // the name is unknown.  The error return is only used if the named provider
 // was known but failed to initialize. The config parameter specifies the
 // io.Reader handler of the configuration file for the cloud provider, or nil
-// for no configuation.
+// for no configuration.
 func GetCloudProvider(name string, config io.Reader) (Interface, error) {
 	providersMutex.Lock()
 	defer providersMutex.Unlock()
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/BUILD b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/BUILD
index 9a4a6a76539f..bbe6a78f3600 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/BUILD
@@ -38,6 +38,7 @@ go_library(
         "//vendor/github.com/aws/aws-sdk-go/aws/awserr:go_default_library",
         "//vendor/github.com/aws/aws-sdk-go/aws/credentials:go_default_library",
         "//vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds:go_default_library",
+        "//vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds:go_default_library",
         "//vendor/github.com/aws/aws-sdk-go/aws/ec2metadata:go_default_library",
         "//vendor/github.com/aws/aws-sdk-go/aws/request:go_default_library",
         "//vendor/github.com/aws/aws-sdk-go/aws/session:go_default_library",
@@ -46,6 +47,7 @@ go_library(
         "//vendor/github.com/aws/aws-sdk-go/service/elb:go_default_library",
         "//vendor/github.com/aws/aws-sdk-go/service/elbv2:go_default_library",
         "//vendor/github.com/aws/aws-sdk-go/service/kms:go_default_library",
+        "//vendor/github.com/aws/aws-sdk-go/service/sts:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/prometheus/client_golang/prometheus:go_default_library",
         "//vendor/gopkg.in/gcfg.v1:go_default_library",
@@ -73,8 +75,7 @@ go_test(
         "retry_handler_test.go",
         "tags_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/cloudprovider/providers/aws",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/apis:go_default_library",
         "//vendor/github.com/aws/aws-sdk-go/aws:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/OWNERS b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/OWNERS
index 294b5c5eb552..7347e2e104a8 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/OWNERS
@@ -1,8 +1,11 @@
 approvers:
 - justinsb
 - zmerlynn
+- gnufied
+- jsafrane
 reviewers:
 - gnufied
 - jsafrane
 - justinsb
 - zmerlynn
+- chrislovecnm
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/aws.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/aws.go
index ad55f5383d77..1c006ebce1a8 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/aws.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/aws.go
@@ -17,6 +17,7 @@ limitations under the License.
 package aws
 
 import (
+	"context"
 	"errors"
 	"fmt"
 	"io"
@@ -32,6 +33,7 @@ import (
 	"github.com/aws/aws-sdk-go/aws/awserr"
 	"github.com/aws/aws-sdk-go/aws/credentials"
 	"github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds"
+	"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
 	"github.com/aws/aws-sdk-go/aws/ec2metadata"
 	"github.com/aws/aws-sdk-go/aws/request"
 	"github.com/aws/aws-sdk-go/aws/session"
@@ -40,6 +42,7 @@ import (
 	"github.com/aws/aws-sdk-go/service/elb"
 	"github.com/aws/aws-sdk-go/service/elbv2"
 	"github.com/aws/aws-sdk-go/service/kms"
+	"github.com/aws/aws-sdk-go/service/sts"
 	"github.com/golang/glog"
 	"github.com/prometheus/client_golang/prometheus"
 	clientset "k8s.io/client-go/kubernetes"
@@ -201,14 +204,13 @@ const nodeWithImpairedVolumes = "NodeWithImpairedVolumes"
 const (
 	// volumeAttachmentConsecutiveErrorLimit is the number of consecutive errors we will ignore when waiting for a volume to attach/detach
 	volumeAttachmentStatusConsecutiveErrorLimit = 10
-	// volumeAttachmentStatus* is configuration of exponential backoff for
-	// waiting for attach/detach operation to complete. Starting with 10
-	// seconds, multiplying by 1.2 with each step and taking 21 steps at maximum
-	// it will time out after 31.11 minutes, which roughly corresponds to GCE
-	// timeout (30 minutes).
-	volumeAttachmentStatusInitialDelay = 10 * time.Second
-	volumeAttachmentStatusFactor       = 1.2
-	volumeAttachmentStatusSteps        = 21
+	// most attach/detach operations on AWS finish within 1-4 seconds
+	// By using 1 second starting interval with a backoff of 1.8
+	// we get -  [1, 1.8, 3.24, 5.832000000000001, 10.4976]
+	// in total we wait for 2601 seconds
+	volumeAttachmentStatusInitialDelay = 1 * time.Second
+	volumeAttachmentStatusFactor       = 1.8
+	volumeAttachmentStatusSteps        = 13
 
 	// createTag* is configuration of exponential backoff for CreateTag call. We
 	// retry mainly because if we create an object, we cannot tag it until it is
@@ -247,11 +249,6 @@ const MaxReadThenCreateRetries = 30
 // need hardcoded defaults.
 const DefaultVolumeType = "gp2"
 
-// DefaultMaxEBSVolumes is the limit for volumes attached to an instance.
-// Amazon recommends no more than 40; the system root volume uses at least one.
-// See http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/volume_limits.html#linux-specific-volume-limits
-const DefaultMaxEBSVolumes = 39
-
 // Used to call RecognizeWellKnownRegions just once
 var once sync.Once
 
@@ -531,9 +528,12 @@ type CloudConfig struct {
 		// RouteTableID enables using a specific RouteTable
 		RouteTableID string
 
+		// RoleARN is the IAM role to assume when interaction with AWS APIs.
+		RoleARN string
+
 		// KubernetesClusterTag is the legacy cluster id we'll use to identify our cluster resources
 		KubernetesClusterTag string
-		// KubernetesClusterTag is the cluster id we'll use to identify our cluster resources
+		// KubernetesClusterID is the cluster id we'll use to identify our cluster resources
 		KubernetesClusterID string
 
 		//The aws provider creates an inbound rule per load balancer on the node security
@@ -736,12 +736,12 @@ func newEc2Filter(name string, values ...string) *ec2.Filter {
 }
 
 // AddSSHKeyToAllInstances is currently not implemented.
-func (c *Cloud) AddSSHKeyToAllInstances(user string, keyData []byte) error {
+func (c *Cloud) AddSSHKeyToAllInstances(ctx context.Context, user string, keyData []byte) error {
 	return cloudprovider.NotImplemented
 }
 
 // CurrentNodeName returns the name of the current node
-func (c *Cloud) CurrentNodeName(hostname string) (types.NodeName, error) {
+func (c *Cloud) CurrentNodeName(ctx context.Context, hostname string) (types.NodeName, error) {
 	return c.selfAWSInstance.nodeName, nil
 }
 
@@ -809,7 +809,7 @@ func (s *awsSdkEC2) DescribeVolumes(request *ec2.DescribeVolumesInput) ([]*ec2.V
 
 		if err != nil {
 			recordAwsMetric("describe_volume", 0, err)
-			return nil, fmt.Errorf("error listing AWS volumes: %q", err)
+			return nil, err
 		}
 
 		results = append(results, response.Volumes...)
@@ -932,22 +932,43 @@ func (s *awsSdkEC2) DescribeVpcs(request *ec2.DescribeVpcsInput) (*ec2.DescribeV
 func init() {
 	registerMetrics()
 	cloudprovider.RegisterCloudProvider(ProviderName, func(config io.Reader) (cloudprovider.Interface, error) {
+		cfg, err := readAWSCloudConfig(config)
+		if err != nil {
+			return nil, fmt.Errorf("unable to read AWS cloud provider config file: %v", err)
+		}
+
+		sess, err := session.NewSession(&aws.Config{})
+		if err != nil {
+			return nil, fmt.Errorf("unable to initialize AWS session: %v", err)
+		}
+
+		var provider credentials.Provider
+		if cfg.Global.RoleARN == "" {
+			provider = &ec2rolecreds.EC2RoleProvider{
+				Client: ec2metadata.New(sess),
+			}
+		} else {
+			glog.Infof("Using AWS assumed role %v", cfg.Global.RoleARN)
+			provider = &stscreds.AssumeRoleProvider{
+				Client:  sts.New(sess),
+				RoleARN: cfg.Global.RoleARN,
+			}
+		}
+
 		creds := credentials.NewChainCredentials(
 			[]credentials.Provider{
 				&credentials.EnvProvider{},
-				&ec2rolecreds.EC2RoleProvider{
-					Client: ec2metadata.New(session.New(&aws.Config{})),
-				},
+				provider,
 				&credentials.SharedCredentialsProvider{},
 			})
 
 		aws := newAWSSDKProvider(creds)
-		return newAWSCloud(config, aws)
+		return newAWSCloud(*cfg, aws)
 	})
 }
 
 // readAWSCloudConfig reads an instance of AWSCloudConfig from config reader.
-func readAWSCloudConfig(config io.Reader, metadata EC2Metadata) (*CloudConfig, error) {
+func readAWSCloudConfig(config io.Reader) (*CloudConfig, error) {
 	var cfg CloudConfig
 	var err error
 
@@ -958,20 +979,25 @@ func readAWSCloudConfig(config io.Reader, metadata EC2Metadata) (*CloudConfig, e
 		}
 	}
 
+	return &cfg, nil
+}
+
+func updateConfigZone(cfg *CloudConfig, metadata EC2Metadata) error {
 	if cfg.Global.Zone == "" {
 		if metadata != nil {
 			glog.Info("Zone not specified in configuration file; querying AWS metadata service")
+			var err error
 			cfg.Global.Zone, err = getAvailabilityZone(metadata)
 			if err != nil {
-				return nil, err
+				return err
 			}
 		}
 		if cfg.Global.Zone == "" {
-			return nil, fmt.Errorf("no zone specified in configuration file")
+			return fmt.Errorf("no zone specified in configuration file")
 		}
 	}
 
-	return &cfg, nil
+	return nil
 }
 
 func getInstanceType(metadata EC2Metadata) (string, error) {
@@ -994,7 +1020,7 @@ func azToRegion(az string) (string, error) {
 
 // newAWSCloud creates a new instance of AWSCloud.
 // AWSProvider and instanceId are primarily for tests
-func newAWSCloud(config io.Reader, awsServices Services) (*Cloud, error) {
+func newAWSCloud(cfg CloudConfig, awsServices Services) (*Cloud, error) {
 	// We have some state in the Cloud object - in particular the attaching map
 	// Log so that if we are building multiple Cloud objects, it is obvious!
 	glog.Infof("Building AWS cloudprovider")
@@ -1004,9 +1030,9 @@ func newAWSCloud(config io.Reader, awsServices Services) (*Cloud, error) {
 		return nil, fmt.Errorf("error creating AWS metadata client: %q", err)
 	}
 
-	cfg, err := readAWSCloudConfig(config, metadata)
+	err = updateConfigZone(&cfg, metadata)
 	if err != nil {
-		return nil, fmt.Errorf("unable to read AWS cloud provider config file: %v", err)
+		return nil, fmt.Errorf("unable to determine AWS zone from cloud provider config or EC2 instance metadata: %v", err)
 	}
 
 	zone := cfg.Global.Zone
@@ -1064,7 +1090,7 @@ func newAWSCloud(config io.Reader, awsServices Services) (*Cloud, error) {
 		asg:      asg,
 		metadata: metadata,
 		kms:      kms,
-		cfg:      cfg,
+		cfg:      &cfg,
 		region:   regionName,
 
 		attaching:        make(map[types.NodeName]map[mountDevice]awsVolumeID),
@@ -1072,8 +1098,9 @@ func newAWSCloud(config io.Reader, awsServices Services) (*Cloud, error) {
 	}
 	awsCloud.instanceCache.cloud = awsCloud
 
-	if cfg.Global.VPC != "" && cfg.Global.SubnetID != "" && (cfg.Global.KubernetesClusterTag != "" || cfg.Global.KubernetesClusterID != "") {
-		// When the master is running on a different AWS account, cloud provider or on-premises
+	tagged := cfg.Global.KubernetesClusterTag != "" || cfg.Global.KubernetesClusterID != ""
+	if cfg.Global.VPC != "" && (cfg.Global.SubnetID != "" || cfg.Global.RoleARN != "") && tagged {
+		// When the master is running on a different AWS account, cloud provider or on-premise
 		// build up a dummy instance and use the VPC from the nodes account
 		glog.Info("Master is configured to run on a different AWS account, different cloud provider or on-premises")
 		awsCloud.selfAWSInstance = &awsInstance{
@@ -1089,7 +1116,6 @@ func newAWSCloud(config io.Reader, awsServices Services) (*Cloud, error) {
 		}
 		awsCloud.selfAWSInstance = selfAWSInstance
 		awsCloud.vpcID = selfAWSInstance.vpcID
-
 	}
 
 	if cfg.Global.KubernetesClusterTag != "" || cfg.Global.KubernetesClusterID != "" {
@@ -1135,11 +1161,6 @@ func (c *Cloud) ProviderName() string {
 	return ProviderName
 }
 
-// ScrubDNS filters DNS settings for pods.
-func (c *Cloud) ScrubDNS(nameservers, searches []string) (nsOut, srchOut []string) {
-	return nameservers, searches
-}
-
 // LoadBalancer returns an implementation of LoadBalancer for Amazon Web Services.
 func (c *Cloud) LoadBalancer() (cloudprovider.LoadBalancer, bool) {
 	return c, true
@@ -1166,7 +1187,7 @@ func (c *Cloud) HasClusterID() bool {
 }
 
 // NodeAddresses is an implementation of Instances.NodeAddresses.
-func (c *Cloud) NodeAddresses(name types.NodeName) ([]v1.NodeAddress, error) {
+func (c *Cloud) NodeAddresses(ctx context.Context, name types.NodeName) ([]v1.NodeAddress, error) {
 	if c.selfAWSInstance.nodeName == name || len(name) == 0 {
 		addresses := []v1.NodeAddress{}
 
@@ -1283,7 +1304,7 @@ func extractNodeAddresses(instance *ec2.Instance) ([]v1.NodeAddress, error) {
 // NodeAddressesByProviderID returns the node addresses of an instances with the specified unique providerID
 // This method will not be called from the node that is requesting this ID. i.e. metadata service
 // and other local methods cannot be used here
-func (c *Cloud) NodeAddressesByProviderID(providerID string) ([]v1.NodeAddress, error) {
+func (c *Cloud) NodeAddressesByProviderID(ctx context.Context, providerID string) ([]v1.NodeAddress, error) {
 	instanceID, err := kubernetesInstanceID(providerID).mapToAWSInstanceID()
 	if err != nil {
 		return nil, err
@@ -1298,7 +1319,7 @@ func (c *Cloud) NodeAddressesByProviderID(providerID string) ([]v1.NodeAddress,
 }
 
 // ExternalID returns the cloud provider ID of the node with the specified nodeName (deprecated).
-func (c *Cloud) ExternalID(nodeName types.NodeName) (string, error) {
+func (c *Cloud) ExternalID(ctx context.Context, nodeName types.NodeName) (string, error) {
 	if c.selfAWSInstance.nodeName == nodeName {
 		// We assume that if this is run on the instance itself, the instance exists and is alive
 		return c.selfAWSInstance.awsID, nil
@@ -1317,7 +1338,7 @@ func (c *Cloud) ExternalID(nodeName types.NodeName) (string, error) {
 
 // InstanceExistsByProviderID returns true if the instance with the given provider id still exists and is running.
 // If false is returned with no error, the instance will be immediately deleted by the cloud controller manager.
-func (c *Cloud) InstanceExistsByProviderID(providerID string) (bool, error) {
+func (c *Cloud) InstanceExistsByProviderID(ctx context.Context, providerID string) (bool, error) {
 	instanceID, err := kubernetesInstanceID(providerID).mapToAWSInstanceID()
 	if err != nil {
 		return false, err
@@ -1348,7 +1369,7 @@ func (c *Cloud) InstanceExistsByProviderID(providerID string) (bool, error) {
 }
 
 // InstanceID returns the cloud provider ID of the node with the specified nodeName.
-func (c *Cloud) InstanceID(nodeName types.NodeName) (string, error) {
+func (c *Cloud) InstanceID(ctx context.Context, nodeName types.NodeName) (string, error) {
 	// In the future it is possible to also return an endpoint as:
 	// <endpoint>/<zone>/<instanceid>
 	if c.selfAWSInstance.nodeName == nodeName {
@@ -1364,7 +1385,7 @@ func (c *Cloud) InstanceID(nodeName types.NodeName) (string, error) {
 // InstanceTypeByProviderID returns the cloudprovider instance type of the node with the specified unique providerID
 // This method will not be called from the node that is requesting this ID. i.e. metadata service
 // and other local methods cannot be used here
-func (c *Cloud) InstanceTypeByProviderID(providerID string) (string, error) {
+func (c *Cloud) InstanceTypeByProviderID(ctx context.Context, providerID string) (string, error) {
 	instanceID, err := kubernetesInstanceID(providerID).mapToAWSInstanceID()
 	if err != nil {
 		return "", err
@@ -1379,7 +1400,7 @@ func (c *Cloud) InstanceTypeByProviderID(providerID string) (string, error) {
 }
 
 // InstanceType returns the type of the node with the specified nodeName.
-func (c *Cloud) InstanceType(nodeName types.NodeName) (string, error) {
+func (c *Cloud) InstanceType(ctx context.Context, nodeName types.NodeName) (string, error) {
 	if c.selfAWSInstance.nodeName == nodeName {
 		return c.selfAWSInstance.instanceType, nil
 	}
@@ -1440,7 +1461,7 @@ func (c *Cloud) getCandidateZonesForDynamicVolume() (sets.String, error) {
 }
 
 // GetZone implements Zones.GetZone
-func (c *Cloud) GetZone() (cloudprovider.Zone, error) {
+func (c *Cloud) GetZone(ctx context.Context) (cloudprovider.Zone, error) {
 	return cloudprovider.Zone{
 		FailureDomain: c.selfAWSInstance.availabilityZone,
 		Region:        c.region,
@@ -1450,7 +1471,7 @@ func (c *Cloud) GetZone() (cloudprovider.Zone, error) {
 // GetZoneByProviderID implements Zones.GetZoneByProviderID
 // This is particularly useful in external cloud providers where the kubelet
 // does not initialize node data.
-func (c *Cloud) GetZoneByProviderID(providerID string) (cloudprovider.Zone, error) {
+func (c *Cloud) GetZoneByProviderID(ctx context.Context, providerID string) (cloudprovider.Zone, error) {
 	instanceID, err := kubernetesInstanceID(providerID).mapToAWSInstanceID()
 	if err != nil {
 		return cloudprovider.Zone{}, err
@@ -1471,7 +1492,7 @@ func (c *Cloud) GetZoneByProviderID(providerID string) (cloudprovider.Zone, erro
 // GetZoneByNodeName implements Zones.GetZoneByNodeName
 // This is particularly useful in external cloud providers where the kubelet
 // does not initialize node data.
-func (c *Cloud) GetZoneByNodeName(nodeName types.NodeName) (cloudprovider.Zone, error) {
+func (c *Cloud) GetZoneByNodeName(ctx context.Context, nodeName types.NodeName) (cloudprovider.Zone, error) {
 	instance, err := c.getInstanceByNodeName(nodeName)
 	if err != nil {
 		return cloudprovider.Zone{}, err
@@ -1670,6 +1691,20 @@ func newAWSDisk(aws *Cloud, name KubernetesVolumeID) (*awsDisk, error) {
 	return disk, nil
 }
 
+// Helper function for describeVolume callers. Tries to retype given error to AWS error
+// and returns true in case the AWS error is "InvalidVolume.NotFound", false otherwise
+func isAWSErrorVolumeNotFound(err error) bool {
+	if err != nil {
+		if awsError, ok := err.(awserr.Error); ok {
+			// https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html
+			if awsError.Code() == "InvalidVolume.NotFound" {
+				return true
+			}
+		}
+	}
+	return false
+}
+
 // Gets the full information about this volume from the EC2 API
 func (d *awsDisk) describeVolume() (*ec2.Volume, error) {
 	volumeID := d.awsID
@@ -1680,13 +1715,13 @@ func (d *awsDisk) describeVolume() (*ec2.Volume, error) {
 
 	volumes, err := d.ec2.DescribeVolumes(request)
 	if err != nil {
-		return nil, fmt.Errorf("error querying ec2 for volume %q: %q", volumeID, err)
+		return nil, err
 	}
 	if len(volumes) == 0 {
-		return nil, fmt.Errorf("no volumes found for volume %q", volumeID)
+		return nil, fmt.Errorf("no volumes found")
 	}
 	if len(volumes) > 1 {
-		return nil, fmt.Errorf("multiple volumes found for volume %q", volumeID)
+		return nil, fmt.Errorf("multiple volumes found")
 	}
 	return volumes[0], nil
 }
@@ -1790,12 +1825,29 @@ func (d *awsDisk) waitForAttachmentStatus(status string) (*ec2.VolumeAttachment,
 	err := wait.ExponentialBackoff(backoff, func() (bool, error) {
 		info, err := d.describeVolume()
 		if err != nil {
+			// The VolumeNotFound error is special -- we don't need to wait for it to repeat
+			if isAWSErrorVolumeNotFound(err) {
+				if status == "detached" {
+					// The disk doesn't exist, assume it's detached, log warning and stop waiting
+					glog.Warningf("Waiting for volume %q to be detached but the volume does not exist", d.awsID)
+					stateStr := "detached"
+					attachment = &ec2.VolumeAttachment{
+						State: &stateStr,
+					}
+					return true, nil
+				}
+				if status == "attached" {
+					// The disk doesn't exist, complain, give up waiting and report error
+					glog.Warningf("Waiting for volume %q to be attached but the volume does not exist", d.awsID)
+					return false, err
+				}
+			}
 			describeErrorCount++
 			if describeErrorCount > volumeAttachmentStatusConsecutiveErrorLimit {
 				// report the error
 				return false, err
 			} else {
-				glog.Warningf("Ignoring error from describe volume; will retry: %q", err)
+				glog.Warningf("Ignoring error from describe volume for volume %q; will retry: %q", d.awsID, err)
 				return false, nil
 			}
 		} else {
@@ -1839,10 +1891,10 @@ func (d *awsDisk) deleteVolume() (bool, error) {
 	request := &ec2.DeleteVolumeInput{VolumeId: d.awsID.awsString()}
 	_, err := d.ec2.DeleteVolume(request)
 	if err != nil {
+		if isAWSErrorVolumeNotFound(err) {
+			return false, nil
+		}
 		if awsError, ok := err.(awserr.Error); ok {
-			if awsError.Code() == "InvalidVolume.NotFound" {
-				return false, nil
-			}
 			if awsError.Code() == "VolumeInUse" {
 				return false, volume.NewDeletedVolumeInUseError(err.Error())
 			}
@@ -2022,8 +2074,14 @@ func (c *Cloud) AttachDisk(diskName KubernetesVolumeID, nodeName types.NodeName,
 // DetachDisk implements Volumes.DetachDisk
 func (c *Cloud) DetachDisk(diskName KubernetesVolumeID, nodeName types.NodeName) (string, error) {
 	diskInfo, attached, err := c.checkIfAttachedToNode(diskName, nodeName)
-	if diskInfo == nil {
-		return "", err
+	if err != nil {
+		if isAWSErrorVolumeNotFound(err) {
+			// Someone deleted the volume being detached; complain, but do nothing else and return success
+			glog.Warningf("DetachDisk %s called for node %s but volume does not exist; assuming the volume is detached", diskName, nodeName)
+			return "", nil
+		} else {
+			return "", err
+		}
 	}
 
 	if !attached && diskInfo.ec2Instance != nil {
@@ -2092,17 +2150,17 @@ func (c *Cloud) CreateDisk(volumeOptions *VolumeOptions) (KubernetesVolumeID, er
 
 	var createAZ string
 	if !volumeOptions.ZonePresent && !volumeOptions.ZonesPresent {
-		createAZ = volume.ChooseZoneForVolume(allZones, volumeOptions.PVCName)
+		createAZ = volumeutil.ChooseZoneForVolume(allZones, volumeOptions.PVCName)
 	}
 	if !volumeOptions.ZonePresent && volumeOptions.ZonesPresent {
 		if adminSetOfZones, err := volumeutil.ZonesToSet(volumeOptions.AvailabilityZones); err != nil {
 			return "", err
 		} else {
-			createAZ = volume.ChooseZoneForVolume(adminSetOfZones, volumeOptions.PVCName)
+			createAZ = volumeutil.ChooseZoneForVolume(adminSetOfZones, volumeOptions.PVCName)
 		}
 	}
 	if volumeOptions.ZonePresent && !volumeOptions.ZonesPresent {
-		if err := volume.ValidateZone(volumeOptions.AvailabilityZone); err != nil {
+		if err := volumeutil.ValidateZone(volumeOptions.AvailabilityZone); err != nil {
 			return "", err
 		}
 		createAZ = volumeOptions.AvailabilityZone
@@ -2208,6 +2266,10 @@ func (c *Cloud) DeleteDisk(volumeName KubernetesVolumeID) (bool, error) {
 	}
 	available, err := c.checkIfAvailable(awsDisk, "deleting", "")
 	if err != nil {
+		if isAWSErrorVolumeNotFound(err) {
+			glog.V(2).Infof("Volume %s not found when deleting it, assuming it's deleted", awsDisk.awsID)
+			return false, nil
+		}
 		glog.Error(err)
 	}
 
@@ -2259,7 +2321,7 @@ func (c *Cloud) checkIfAvailable(disk *awsDisk, opName string, instance string)
 	return true, nil
 }
 
-func (c *Cloud) GetLabelsForVolume(pv *v1.PersistentVolume) (map[string]string, error) {
+func (c *Cloud) GetLabelsForVolume(ctx context.Context, pv *v1.PersistentVolume) (map[string]string, error) {
 	// Ignore any volumes that are being provisioned
 	if pv.Spec.AWSElasticBlockStore.VolumeID == volume.ProvisionedVolumeName {
 		return nil, nil
@@ -2318,9 +2380,15 @@ func (c *Cloud) GetDiskPath(volumeName KubernetesVolumeID) (string, error) {
 
 // DiskIsAttached implements Volumes.DiskIsAttached
 func (c *Cloud) DiskIsAttached(diskName KubernetesVolumeID, nodeName types.NodeName) (bool, error) {
-	diskInfo, attached, err := c.checkIfAttachedToNode(diskName, nodeName)
-	if diskInfo == nil {
-		return true, err
+	_, attached, err := c.checkIfAttachedToNode(diskName, nodeName)
+	if err != nil {
+		if isAWSErrorVolumeNotFound(err) {
+			// The disk doesn't exist, can't be attached
+			glog.Warningf("DiskIsAttached called for volume %s on node %s but the volume does not exist", diskName, nodeName)
+			return false, nil
+		} else {
+			return true, err
+		}
 	}
 
 	return attached, nil
@@ -2412,7 +2480,7 @@ func (c *Cloud) ResizeDisk(
 	}
 	requestBytes := newSize.Value()
 	// AWS resizes in chunks of GiB (not GB)
-	requestGiB := volume.RoundUpSize(requestBytes, 1024*1024*1024)
+	requestGiB := volumeutil.RoundUpSize(requestBytes, 1024*1024*1024)
 	newSizeQuant := resource.MustParse(fmt.Sprintf("%dGi", requestGiB))
 
 	// If disk already if of greater or equal size than requested we return
@@ -2824,8 +2892,9 @@ func (c *Cloud) removeSecurityGroupIngress(securityGroupID string, removePermiss
 
 // Makes sure the security group exists.
 // For multi-cluster isolation, name must be globally unique, for example derived from the service UUID.
+// Additional tags can be specified
 // Returns the security group id or error
-func (c *Cloud) ensureSecurityGroup(name string, description string) (string, error) {
+func (c *Cloud) ensureSecurityGroup(name string, description string, additionalTags map[string]string) (string, error) {
 	groupID := ""
 	attempt := 0
 	for {
@@ -2891,7 +2960,7 @@ func (c *Cloud) ensureSecurityGroup(name string, description string) (string, er
 		return "", fmt.Errorf("created security group, but id was not returned: %s", name)
 	}
 
-	err := c.tagging.createTags(c.ec2, groupID, ResourceLifecycleOwned, nil)
+	err := c.tagging.createTags(c.ec2, groupID, ResourceLifecycleOwned, additionalTags)
 	if err != nil {
 		// If we retry, ensureClusterTags will recover from this - it
 		// will add the missing tags.  We could delete the security
@@ -3105,9 +3174,10 @@ func getPortSets(annotation string) (ports *portSets) {
 
 // buildELBSecurityGroupList returns list of SecurityGroups which should be
 // attached to ELB created by a service. List always consist of at least
-// 1 member which is an SG created for this service or a SG from the Global config. Extra groups can be
-// specified via annotation
-func (c *Cloud) buildELBSecurityGroupList(serviceName types.NamespacedName, loadBalancerName, annotation string) ([]string, error) {
+// 1 member which is an SG created for this service or a SG from the Global config.
+// Extra groups can be specified via annotation, as can extra tags for any
+// new groups.
+func (c *Cloud) buildELBSecurityGroupList(serviceName types.NamespacedName, loadBalancerName string, annotations map[string]string) ([]string, error) {
 	var err error
 	var securityGroupID string
 
@@ -3117,7 +3187,7 @@ func (c *Cloud) buildELBSecurityGroupList(serviceName types.NamespacedName, load
 		// Create a security group for the load balancer
 		sgName := "k8s-elb-" + loadBalancerName
 		sgDescription := fmt.Sprintf("Security group for Kubernetes ELB %s (%v)", loadBalancerName, serviceName)
-		securityGroupID, err = c.ensureSecurityGroup(sgName, sgDescription)
+		securityGroupID, err = c.ensureSecurityGroup(sgName, sgDescription, getLoadBalancerAdditionalTags(annotations))
 		if err != nil {
 			glog.Errorf("Error creating load balancer security group: %q", err)
 			return nil, err
@@ -3125,7 +3195,7 @@ func (c *Cloud) buildELBSecurityGroupList(serviceName types.NamespacedName, load
 	}
 	sgList := []string{securityGroupID}
 
-	for _, extraSG := range strings.Split(annotation, ",") {
+	for _, extraSG := range strings.Split(annotations[ServiceAnnotationLoadBalancerExtraSecurityGroups], ",") {
 		extraSG = strings.TrimSpace(extraSG)
 		if len(extraSG) > 0 {
 			sgList = append(sgList, extraSG)
@@ -3172,7 +3242,7 @@ func buildListener(port v1.ServicePort, annotations map[string]string, sslPorts
 }
 
 // EnsureLoadBalancer implements LoadBalancer.EnsureLoadBalancer
-func (c *Cloud) EnsureLoadBalancer(clusterName string, apiService *v1.Service, nodes []*v1.Node) (*v1.LoadBalancerStatus, error) {
+func (c *Cloud) EnsureLoadBalancer(ctx context.Context, clusterName string, apiService *v1.Service, nodes []*v1.Node) (*v1.LoadBalancerStatus, error) {
 	annotations := apiService.Annotations
 	glog.V(2).Infof("EnsureLoadBalancer(%v, %v, %v, %v, %v, %v, %v)",
 		clusterName, apiService.Namespace, apiService.Name, c.region, apiService.Spec.LoadBalancerIP, apiService.Spec.Ports, annotations)
@@ -3423,7 +3493,7 @@ func (c *Cloud) EnsureLoadBalancer(clusterName string, apiService *v1.Service, n
 
 	loadBalancerName := cloudprovider.GetLoadBalancerName(apiService)
 	serviceName := types.NamespacedName{Namespace: apiService.Namespace, Name: apiService.Name}
-	securityGroupIDs, err := c.buildELBSecurityGroupList(serviceName, loadBalancerName, annotations[ServiceAnnotationLoadBalancerExtraSecurityGroups])
+	securityGroupIDs, err := c.buildELBSecurityGroupList(serviceName, loadBalancerName, annotations)
 	if err != nil {
 		return nil, err
 	}
@@ -3543,7 +3613,7 @@ func (c *Cloud) EnsureLoadBalancer(clusterName string, apiService *v1.Service, n
 }
 
 // GetLoadBalancer is an implementation of LoadBalancer.GetLoadBalancer
-func (c *Cloud) GetLoadBalancer(clusterName string, service *v1.Service) (*v1.LoadBalancerStatus, bool, error) {
+func (c *Cloud) GetLoadBalancer(ctx context.Context, clusterName string, service *v1.Service) (*v1.LoadBalancerStatus, bool, error) {
 	loadBalancerName := cloudprovider.GetLoadBalancerName(service)
 
 	if isNLB(service.Annotations) {
@@ -3803,7 +3873,7 @@ func (c *Cloud) updateInstanceSecurityGroupsForLoadBalancer(lb *elb.LoadBalancer
 }
 
 // EnsureLoadBalancerDeleted implements LoadBalancer.EnsureLoadBalancerDeleted.
-func (c *Cloud) EnsureLoadBalancerDeleted(clusterName string, service *v1.Service) error {
+func (c *Cloud) EnsureLoadBalancerDeleted(ctx context.Context, clusterName string, service *v1.Service) error {
 	loadBalancerName := cloudprovider.GetLoadBalancerName(service)
 
 	if isNLB(service.Annotations) {
@@ -3907,12 +3977,22 @@ func (c *Cloud) EnsureLoadBalancerDeleted(clusterName string, service *v1.Servic
 							}
 						}
 
-						if len(v4rangesToRemove) > 0 || len(v6rangesToRemove) > 0 {
+						// ipv4 and ipv6 removals cannot be included in the same permission
+						if len(v4rangesToRemove) > 0 {
 							// create a new *IpPermission to not accidentally remove UserIdGroupPairs
 							removedPermission := &ec2.IpPermission{
 								FromPort:   matchingGroups[i].IpPermissions[j].FromPort,
 								IpProtocol: matchingGroups[i].IpPermissions[j].IpProtocol,
 								IpRanges:   v4rangesToRemove,
+								ToPort:     matchingGroups[i].IpPermissions[j].ToPort,
+							}
+							removes = append(removes, removedPermission)
+						}
+						if len(v6rangesToRemove) > 0 {
+							// create a new *IpPermission to not accidentally remove UserIdGroupPairs
+							removedPermission := &ec2.IpPermission{
+								FromPort:   matchingGroups[i].IpPermissions[j].FromPort,
+								IpProtocol: matchingGroups[i].IpPermissions[j].IpProtocol,
 								Ipv6Ranges: v6rangesToRemove,
 								ToPort:     matchingGroups[i].IpPermissions[j].ToPort,
 							}
@@ -4036,7 +4116,7 @@ func (c *Cloud) EnsureLoadBalancerDeleted(clusterName string, service *v1.Servic
 }
 
 // UpdateLoadBalancer implements LoadBalancer.UpdateLoadBalancer
-func (c *Cloud) UpdateLoadBalancer(clusterName string, service *v1.Service, nodes []*v1.Node) error {
+func (c *Cloud) UpdateLoadBalancer(ctx context.Context, clusterName string, service *v1.Service, nodes []*v1.Node) error {
 	instances, err := c.findInstancesForELB(nodes)
 	if err != nil {
 		return err
@@ -4051,7 +4131,7 @@ func (c *Cloud) UpdateLoadBalancer(clusterName string, service *v1.Service, node
 		if lb == nil {
 			return fmt.Errorf("Load balancer not found")
 		}
-		_, err = c.EnsureLoadBalancer(clusterName, service, nodes)
+		_, err = c.EnsureLoadBalancer(ctx, clusterName, service, nodes)
 		return err
 	}
 	lb, err := c.describeLoadBalancer(loadBalancerName)
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/aws_loadbalancer.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/aws_loadbalancer.go
index 6baaca2ac6c0..438b5617f19f 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/aws_loadbalancer.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/aws_loadbalancer.go
@@ -662,7 +662,6 @@ func (c *Cloud) updateInstanceSecurityGroupsForNLBTraffic(actualGroups []*ec2.Se
 
 			if clientTraffic {
 				clientRuleAnnotation := fmt.Sprintf("%s=%s", NLBClientRuleDescription, lbName)
-				mtuRuleAnnotation := fmt.Sprintf("%s=%s", NLBMtuDiscoveryRuleDescription, lbName)
 				// Client Traffic
 				permission := &ec2.IpPermission{
 					FromPort:   aws.Int64(port),
@@ -682,26 +681,6 @@ func (c *Cloud) updateInstanceSecurityGroupsForNLBTraffic(actualGroups []*ec2.Se
 				} else {
 					removes = append(removes, permission)
 				}
-
-				// MTU discovery
-				permission = &ec2.IpPermission{
-					IpProtocol: aws.String("icmp"),
-					FromPort:   aws.Int64(3),
-					ToPort:     aws.Int64(4),
-				}
-				ranges = []*ec2.IpRange{}
-				for _, cidr := range clientCidrs {
-					ranges = append(ranges, &ec2.IpRange{
-						CidrIp:      aws.String(cidr),
-						Description: aws.String(mtuRuleAnnotation),
-					})
-				}
-				permission.IpRanges = ranges
-				if add {
-					adds = append(adds, permission)
-				} else {
-					removes = append(removes, permission)
-				}
 			} else {
 				healthRuleAnnotation := fmt.Sprintf("%s=%s", NLBHealthCheckRuleDescription, lbName)
 
@@ -725,8 +704,8 @@ func (c *Cloud) updateInstanceSecurityGroupsForNLBTraffic(actualGroups []*ec2.Se
 					removes = append(removes, permission)
 				}
 			}
-
 		}
+
 		if len(adds) > 0 {
 			changed, err := c.addSecurityGroupIngress(instanceSecurityGroupID, adds)
 			if err != nil {
@@ -736,6 +715,7 @@ func (c *Cloud) updateInstanceSecurityGroupsForNLBTraffic(actualGroups []*ec2.Se
 				glog.Warning("Allowing ingress was not needed; concurrent change? groupId=", instanceSecurityGroupID)
 			}
 		}
+
 		if len(removes) > 0 {
 			changed, err := c.removeSecurityGroupIngress(instanceSecurityGroupID, removes)
 			if err != nil {
@@ -745,6 +725,70 @@ func (c *Cloud) updateInstanceSecurityGroupsForNLBTraffic(actualGroups []*ec2.Se
 				glog.Warning("Revoking ingress was not needed; concurrent change? groupId=", instanceSecurityGroupID)
 			}
 		}
+
+		if clientTraffic {
+			// MTU discovery
+			mtuRuleAnnotation := fmt.Sprintf("%s=%s", NLBMtuDiscoveryRuleDescription, lbName)
+			mtuPermission := &ec2.IpPermission{
+				IpProtocol: aws.String("icmp"),
+				FromPort:   aws.Int64(3),
+				ToPort:     aws.Int64(4),
+			}
+			ranges := []*ec2.IpRange{}
+			for _, cidr := range clientCidrs {
+				ranges = append(ranges, &ec2.IpRange{
+					CidrIp:      aws.String(cidr),
+					Description: aws.String(mtuRuleAnnotation),
+				})
+			}
+			mtuPermission.IpRanges = ranges
+
+			group, err := c.findSecurityGroup(instanceSecurityGroupID)
+			if err != nil {
+				glog.Warningf("Error retrieving security group: %q", err)
+				return err
+			}
+
+			if group == nil {
+				glog.Warning("Security group not found: ", instanceSecurityGroupID)
+				return nil
+			}
+
+			icmpExists := false
+			permCount := 0
+			for _, perm := range group.IpPermissions {
+				if *perm.IpProtocol == "icmp" {
+					icmpExists = true
+					continue
+				}
+
+				if perm.FromPort != nil {
+					permCount++
+				}
+			}
+
+			if !icmpExists && permCount > 0 {
+				// the icmp permission is missing
+				changed, err := c.addSecurityGroupIngress(instanceSecurityGroupID, []*ec2.IpPermission{mtuPermission})
+				if err != nil {
+					glog.Warningf("Error adding MTU permission to security group: %q", err)
+					return err
+				}
+				if !changed {
+					glog.Warning("Allowing ingress was not needed; concurrent change? groupId=", instanceSecurityGroupID)
+				}
+			} else if icmpExists && permCount == 0 {
+				// there is no additional permissions, remove icmp
+				changed, err := c.removeSecurityGroupIngress(instanceSecurityGroupID, []*ec2.IpPermission{mtuPermission})
+				if err != nil {
+					glog.Warningf("Error removing MTU permission to security group: %q", err)
+					return err
+				}
+				if !changed {
+					glog.Warning("Revoking ingress was not needed; concurrent change? groupId=", instanceSecurityGroupID)
+				}
+			}
+		}
 	}
 	return nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/aws_routes.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/aws_routes.go
index d74a24cc8d9e..3ef0ddce575f 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/aws_routes.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/aws_routes.go
@@ -17,6 +17,7 @@ limitations under the License.
 package aws
 
 import (
+	"context"
 	"fmt"
 
 	"github.com/aws/aws-sdk-go/aws"
@@ -65,7 +66,7 @@ func (c *Cloud) findRouteTable(clusterName string) (*ec2.RouteTable, error) {
 
 // ListRoutes implements Routes.ListRoutes
 // List all routes that match the filter
-func (c *Cloud) ListRoutes(clusterName string) ([]*cloudprovider.Route, error) {
+func (c *Cloud) ListRoutes(ctx context.Context, clusterName string) ([]*cloudprovider.Route, error) {
 	table, err := c.findRouteTable(clusterName)
 	if err != nil {
 		return nil, err
@@ -138,7 +139,7 @@ func (c *Cloud) configureInstanceSourceDestCheck(instanceID string, sourceDestCh
 
 // CreateRoute implements Routes.CreateRoute
 // Create the described route
-func (c *Cloud) CreateRoute(clusterName string, nameHint string, route *cloudprovider.Route) error {
+func (c *Cloud) CreateRoute(ctx context.Context, clusterName string, nameHint string, route *cloudprovider.Route) error {
 	instance, err := c.getInstanceByNodeName(route.TargetNode)
 	if err != nil {
 		return err
@@ -198,7 +199,7 @@ func (c *Cloud) CreateRoute(clusterName string, nameHint string, route *cloudpro
 
 // DeleteRoute implements Routes.DeleteRoute
 // Delete the specified route
-func (c *Cloud) DeleteRoute(clusterName string, route *cloudprovider.Route) error {
+func (c *Cloud) DeleteRoute(ctx context.Context, clusterName string, route *cloudprovider.Route) error {
 	table, err := c.findRouteTable(clusterName)
 	if err != nil {
 		return err
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/tags.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/tags.go
index bb63fce2bfdd..40947cb379fd 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/tags.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/tags.go
@@ -75,7 +75,7 @@ func (t *awsTagging) init(legacyClusterID string, clusterID string) error {
 	if clusterID != "" {
 		glog.Infof("AWS cloud filtering on ClusterID: %v", clusterID)
 	} else {
-		glog.Warning("AWS cloud - no clusterID filtering applied for shared resources; do not run multiple clusters in this AZ.")
+		return fmt.Errorf("AWS cloud failed to find ClusterID")
 	}
 
 	return nil
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/volumes.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/volumes.go
index 2ac932d43d72..48aaded947ca 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/volumes.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/aws/volumes.go
@@ -119,10 +119,9 @@ func (c *Cloud) checkIfAttachedToNode(diskName KubernetesVolumeID, nodeName type
 	info, err := disk.describeVolume()
 
 	if err != nil {
-		describeError := fmt.Errorf("Error describing volume %s with %v", diskName, err)
-		glog.Warning(describeError)
+		glog.Warning("Error describing volume %s with %v", diskName, err)
 		awsDiskInfo.volumeState = "unknown"
-		return awsDiskInfo, false, describeError
+		return awsDiskInfo, false, err
 	}
 
 	awsDiskInfo.volumeState = aws.StringValue(info.State)
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/BUILD b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/BUILD
index 0da1432416dc..c629ee796a6e 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/BUILD
@@ -12,19 +12,25 @@ go_library(
         "azure.go",
         "azure_backoff.go",
         "azure_blobDiskController.go",
-        "azure_controllerCommon.go",
+        "azure_cache.go",
+        "azure_client.go",
+        "azure_controller_common.go",
+        "azure_controller_standard.go",
+        "azure_controller_vmss.go",
         "azure_fakes.go",
         "azure_file.go",
         "azure_instance_metadata.go",
         "azure_instances.go",
         "azure_loadbalancer.go",
         "azure_managedDiskController.go",
+        "azure_metrics.go",
         "azure_routes.go",
+        "azure_standard.go",
         "azure_storage.go",
         "azure_storageaccount.go",
-        "azure_util.go",
-        "azure_util_cache.go",
-        "azure_util_vmss.go",
+        "azure_vmsets.go",
+        "azure_vmss.go",
+        "azure_vmss_cache.go",
         "azure_wrap.go",
         "azure_zones.go",
     ],
@@ -32,6 +38,7 @@ go_library(
     deps = [
         "//pkg/api/v1/service:go_default_library",
         "//pkg/cloudprovider:go_default_library",
+        "//pkg/cloudprovider/providers/azure/auth:go_default_library",
         "//pkg/controller:go_default_library",
         "//pkg/version:go_default_library",
         "//pkg/volume:go_default_library",
@@ -39,6 +46,7 @@ go_library(
         "//vendor/github.com/Azure/azure-sdk-for-go/arm/disk:go_default_library",
         "//vendor/github.com/Azure/azure-sdk-for-go/arm/network:go_default_library",
         "//vendor/github.com/Azure/azure-sdk-for-go/arm/storage:go_default_library",
+        "//vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute:go_default_library",
         "//vendor/github.com/Azure/azure-sdk-for-go/storage:go_default_library",
         "//vendor/github.com/Azure/go-autorest/autorest:go_default_library",
         "//vendor/github.com/Azure/go-autorest/autorest/adal:go_default_library",
@@ -46,8 +54,8 @@ go_library(
         "//vendor/github.com/Azure/go-autorest/autorest/to:go_default_library",
         "//vendor/github.com/ghodss/yaml:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/github.com/prometheus/client_golang/prometheus:go_default_library",
         "//vendor/github.com/rubiojr/go-vhd/vhd:go_default_library",
-        "//vendor/golang.org/x/crypto/pkcs12:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
@@ -62,26 +70,35 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = [
+        "azure_backoff_test.go",
+        "azure_cache_test.go",
         "azure_loadbalancer_test.go",
+        "azure_metrics_test.go",
+        "azure_routes_test.go",
+        "azure_standard_test.go",
+        "azure_storage_test.go",
+        "azure_storageaccount_test.go",
         "azure_test.go",
-        "azure_util_cache_test.go",
-        "azure_util_test.go",
+        "azure_vmss_cache_test.go",
+        "azure_vmss_test.go",
         "azure_wrap_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/cloudprovider/providers/azure",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/v1/service:go_default_library",
+        "//pkg/cloudprovider:go_default_library",
+        "//pkg/cloudprovider/providers/azure/auth:go_default_library",
         "//pkg/kubelet/apis:go_default_library",
         "//vendor/github.com/Azure/azure-sdk-for-go/arm/compute:go_default_library",
         "//vendor/github.com/Azure/azure-sdk-for-go/arm/network:go_default_library",
+        "//vendor/github.com/Azure/azure-sdk-for-go/arm/storage:go_default_library",
+        "//vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute:go_default_library",
         "//vendor/github.com/Azure/go-autorest/autorest:go_default_library",
         "//vendor/github.com/Azure/go-autorest/autorest/to:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
-        "//vendor/k8s.io/client-go/util/flowcontrol:go_default_library",
     ],
 )
 
@@ -94,6 +111,9 @@ filegroup(
 
 filegroup(
     name = "all-srcs",
-    srcs = [":package-srcs"],
+    srcs = [
+        ":package-srcs",
+        "//pkg/cloudprovider/providers/azure/auth:all-srcs",
+    ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/OWNERS b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/OWNERS
index 1109bcea3468..535c3ff2dce5 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/OWNERS
@@ -1,6 +1,16 @@
 approvers:
+- andyzhangx
 - brendandburns
 - colemickens
+- feiskyer
 - jdumars
+- karataliu
+- khenidak
 reviewers:
 - andyzhangx
+- brendandburns
+- colemickens
+- feiskyer
+- jdumars
+- karataliu
+- khenidak
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/auth/BUILD b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/auth/BUILD
new file mode 100644
index 000000000000..cc733d385aa0
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/auth/BUILD
@@ -0,0 +1,28 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["azure_auth.go"],
+    importpath = "k8s.io/kubernetes/pkg/cloudprovider/providers/azure/auth",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//vendor/github.com/Azure/go-autorest/autorest/adal:go_default_library",
+        "//vendor/github.com/Azure/go-autorest/autorest/azure:go_default_library",
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/golang.org/x/crypto/pkcs12:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/auth/azure_auth.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/auth/azure_auth.go
new file mode 100644
index 000000000000..a2760fbcd142
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/auth/azure_auth.go
@@ -0,0 +1,124 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package auth
+
+import (
+	"crypto/rsa"
+	"crypto/x509"
+	"fmt"
+	"io/ioutil"
+
+	"github.com/Azure/go-autorest/autorest/adal"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/golang/glog"
+	"golang.org/x/crypto/pkcs12"
+)
+
+// AzureAuthConfig holds auth related part of cloud config
+type AzureAuthConfig struct {
+	// The cloud environment identifier. Takes values from https://github.com/Azure/go-autorest/blob/ec5f4903f77ed9927ac95b19ab8e44ada64c1356/autorest/azure/environments.go#L13
+	Cloud string `json:"cloud" yaml:"cloud"`
+	// The AAD Tenant ID for the Subscription that the cluster is deployed in
+	TenantID string `json:"tenantId" yaml:"tenantId"`
+	// The ClientID for an AAD application with RBAC access to talk to Azure RM APIs
+	AADClientID string `json:"aadClientId" yaml:"aadClientId"`
+	// The ClientSecret for an AAD application with RBAC access to talk to Azure RM APIs
+	AADClientSecret string `json:"aadClientSecret" yaml:"aadClientSecret"`
+	// The path of a client certificate for an AAD application with RBAC access to talk to Azure RM APIs
+	AADClientCertPath string `json:"aadClientCertPath" yaml:"aadClientCertPath"`
+	// The password of the client certificate for an AAD application with RBAC access to talk to Azure RM APIs
+	AADClientCertPassword string `json:"aadClientCertPassword" yaml:"aadClientCertPassword"`
+	// Use managed service identity for the virtual machine to access Azure ARM APIs
+	UseManagedIdentityExtension bool `json:"useManagedIdentityExtension" yaml:"useManagedIdentityExtension"`
+	// The ID of the Azure Subscription that the cluster is deployed in
+	SubscriptionID string `json:"subscriptionId" yaml:"subscriptionId"`
+}
+
+// GetServicePrincipalToken creates a new service principal token based on the configuration
+func GetServicePrincipalToken(config *AzureAuthConfig, env *azure.Environment) (*adal.ServicePrincipalToken, error) {
+	oauthConfig, err := adal.NewOAuthConfig(env.ActiveDirectoryEndpoint, config.TenantID)
+	if err != nil {
+		return nil, fmt.Errorf("creating the OAuth config: %v", err)
+	}
+
+	if config.UseManagedIdentityExtension {
+		glog.V(2).Infoln("azure: using managed identity extension to retrieve access token")
+		msiEndpoint, err := adal.GetMSIVMEndpoint()
+		if err != nil {
+			return nil, fmt.Errorf("Getting the managed service identity endpoint: %v", err)
+		}
+		return adal.NewServicePrincipalTokenFromMSI(
+			msiEndpoint,
+			env.ServiceManagementEndpoint)
+	}
+
+	if len(config.AADClientSecret) > 0 {
+		glog.V(2).Infoln("azure: using client_id+client_secret to retrieve access token")
+		return adal.NewServicePrincipalToken(
+			*oauthConfig,
+			config.AADClientID,
+			config.AADClientSecret,
+			env.ServiceManagementEndpoint)
+	}
+
+	if len(config.AADClientCertPath) > 0 && len(config.AADClientCertPassword) > 0 {
+		glog.V(2).Infoln("azure: using jwt client_assertion (client_cert+client_private_key) to retrieve access token")
+		certData, err := ioutil.ReadFile(config.AADClientCertPath)
+		if err != nil {
+			return nil, fmt.Errorf("reading the client certificate from file %s: %v", config.AADClientCertPath, err)
+		}
+		certificate, privateKey, err := decodePkcs12(certData, config.AADClientCertPassword)
+		if err != nil {
+			return nil, fmt.Errorf("decoding the client certificate: %v", err)
+		}
+		return adal.NewServicePrincipalTokenFromCertificate(
+			*oauthConfig,
+			config.AADClientID,
+			certificate,
+			privateKey,
+			env.ServiceManagementEndpoint)
+	}
+
+	return nil, fmt.Errorf("No credentials provided for AAD application %s", config.AADClientID)
+}
+
+// ParseAzureEnvironment returns azure environment by name
+func ParseAzureEnvironment(cloudName string) (*azure.Environment, error) {
+	var env azure.Environment
+	var err error
+	if cloudName == "" {
+		env = azure.PublicCloud
+	} else {
+		env, err = azure.EnvironmentFromName(cloudName)
+	}
+	return &env, err
+}
+
+// decodePkcs12 decodes a PKCS#12 client certificate by extracting the public certificate and
+// the private RSA key
+func decodePkcs12(pkcs []byte, password string) (*x509.Certificate, *rsa.PrivateKey, error) {
+	privateKey, certificate, err := pkcs12.Decode(pkcs, password)
+	if err != nil {
+		return nil, nil, fmt.Errorf("decoding the PKCS#12 client certificate: %v", err)
+	}
+	rsaPrivateKey, isRsaKey := privateKey.(*rsa.PrivateKey)
+	if !isRsaKey {
+		return nil, nil, fmt.Errorf("PKCS#12 certificate must contain a RSA private key")
+	}
+
+	return certificate, rsaPrivateKey, nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure.go
index ffc2030a8faf..38a1aa4426df 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure.go
@@ -17,30 +17,23 @@ limitations under the License.
 package azure
 
 import (
-	"crypto/rsa"
-	"crypto/x509"
 	"fmt"
 	"io"
 	"io/ioutil"
 	"strings"
 	"time"
 
+	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/client-go/util/flowcontrol"
 	"k8s.io/kubernetes/pkg/cloudprovider"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/azure/auth"
 	"k8s.io/kubernetes/pkg/controller"
 	"k8s.io/kubernetes/pkg/version"
 
-	"github.com/Azure/azure-sdk-for-go/arm/compute"
-	"github.com/Azure/azure-sdk-for-go/arm/disk"
-	"github.com/Azure/azure-sdk-for-go/arm/network"
-	"github.com/Azure/azure-sdk-for-go/arm/storage"
 	"github.com/Azure/go-autorest/autorest"
-	"github.com/Azure/go-autorest/autorest/adal"
 	"github.com/Azure/go-autorest/autorest/azure"
 	"github.com/ghodss/yaml"
 	"github.com/golang/glog"
-	"golang.org/x/crypto/pkcs12"
-	"k8s.io/apimachinery/pkg/util/wait"
 )
 
 const (
@@ -61,12 +54,8 @@ const (
 // Config holds the configuration parsed from the --cloud-config flag
 // All fields are required unless otherwise specified
 type Config struct {
-	// The cloud environment identifier. Takes values from https://github.com/Azure/go-autorest/blob/ec5f4903f77ed9927ac95b19ab8e44ada64c1356/autorest/azure/environments.go#L13
-	Cloud string `json:"cloud" yaml:"cloud"`
-	// The AAD Tenant ID for the Subscription that the cluster is deployed in
-	TenantID string `json:"tenantId" yaml:"tenantId"`
-	// The ID of the Azure Subscription that the cluster is deployed in
-	SubscriptionID string `json:"subscriptionId" yaml:"subscriptionId"`
+	auth.AzureAuthConfig
+
 	// The name of the resource group that the cluster is deployed in
 	ResourceGroup string `json:"resourceGroup" yaml:"resourceGroup"`
 	// The location of the resource group that the cluster is deployed in
@@ -87,7 +76,7 @@ type Config struct {
 	// the cloudprovider will try to add all nodes to a single backend pool which is forbidden.
 	// In other words, if you use multiple agent pools (availability sets), you MUST set this field.
 	PrimaryAvailabilitySetName string `json:"primaryAvailabilitySetName" yaml:"primaryAvailabilitySetName"`
-	// The type of azure nodes. Candidate valudes are: vmss and standard.
+	// The type of azure nodes. Candidate values are: vmss and standard.
 	// If not set, it will be default to standard.
 	VMType string `json:"vmType" yaml:"vmType"`
 	// The name of the scale set that should be used as the load balancer backend.
@@ -96,15 +85,6 @@ type Config struct {
 	// the cloudprovider will try to add all nodes to a single backend pool which is forbidden.
 	// In other words, if you use multiple agent pools (scale sets), you MUST set this field.
 	PrimaryScaleSetName string `json:"primaryScaleSetName" yaml:"primaryScaleSetName"`
-
-	// The ClientID for an AAD application with RBAC access to talk to Azure RM APIs
-	AADClientID string `json:"aadClientId" yaml:"aadClientId"`
-	// The ClientSecret for an AAD application with RBAC access to talk to Azure RM APIs
-	AADClientSecret string `json:"aadClientSecret" yaml:"aadClientSecret"`
-	// The path of a client certificate for an AAD application with RBAC access to talk to Azure RM APIs
-	AADClientCertPath string `json:"aadClientCertPath" yaml:"aadClientCertPath"`
-	// The password of the client certificate for an AAD application with RBAC access to talk to Azure RM APIs
-	AADClientCertPassword string `json:"aadClientCertPassword" yaml:"aadClientCertPassword"`
 	// Enable exponential backoff to manage resource request retries
 	CloudProviderBackoff bool `json:"cloudProviderBackoff" yaml:"cloudProviderBackoff"`
 	// Backoff retry limit
@@ -117,91 +97,49 @@ type Config struct {
 	CloudProviderBackoffJitter float64 `json:"cloudProviderBackoffJitter" yaml:"cloudProviderBackoffJitter"`
 	// Enable rate limiting
 	CloudProviderRateLimit bool `json:"cloudProviderRateLimit" yaml:"cloudProviderRateLimit"`
-	// Rate limit QPS
+	// Rate limit QPS (Read)
 	CloudProviderRateLimitQPS float32 `json:"cloudProviderRateLimitQPS" yaml:"cloudProviderRateLimitQPS"`
 	// Rate limit Bucket Size
 	CloudProviderRateLimitBucket int `json:"cloudProviderRateLimitBucket" yaml:"cloudProviderRateLimitBucket"`
+	// Rate limit QPS (Write)
+	CloudProviderRateLimitQPSWrite float32 `json:"cloudProviderRateLimitQPSWrite" yaml:"cloudProviderRateLimitQPSWrite"`
+	// Rate limit Bucket Size
+	CloudProviderRateLimitBucketWrite int `json:"cloudProviderRateLimitBucketWrite" yaml:"cloudProviderRateLimitBucketWrite"`
 
 	// Use instance metadata service where possible
 	UseInstanceMetadata bool `json:"useInstanceMetadata" yaml:"useInstanceMetadata"`
 
-	// Use managed service identity for the virtual machine to access Azure ARM APIs
-	UseManagedIdentityExtension bool `json:"useManagedIdentityExtension"`
-
 	// Maximum allowed LoadBalancer Rule Count is the limit enforced by Azure Load balancer
-	MaximumLoadBalancerRuleCount int `json:"maximumLoadBalancerRuleCount"`
-}
-
-// VirtualMachinesClient defines needed functions for azure network.VirtualMachinesClient
-type VirtualMachinesClient interface {
-	CreateOrUpdate(resourceGroupName string, VMName string, parameters compute.VirtualMachine, cancel <-chan struct{}) (<-chan compute.VirtualMachine, <-chan error)
-	Get(resourceGroupName string, VMName string, expand compute.InstanceViewTypes) (result compute.VirtualMachine, err error)
-	List(resourceGroupName string) (result compute.VirtualMachineListResult, err error)
-	ListNextResults(lastResults compute.VirtualMachineListResult) (result compute.VirtualMachineListResult, err error)
-}
-
-// InterfacesClient defines needed functions for azure network.InterfacesClient
-type InterfacesClient interface {
-	CreateOrUpdate(resourceGroupName string, networkInterfaceName string, parameters network.Interface, cancel <-chan struct{}) (<-chan network.Interface, <-chan error)
-	Get(resourceGroupName string, networkInterfaceName string, expand string) (result network.Interface, err error)
-	GetVirtualMachineScaleSetNetworkInterface(resourceGroupName string, virtualMachineScaleSetName string, virtualmachineIndex string, networkInterfaceName string, expand string) (result network.Interface, err error)
-}
-
-// LoadBalancersClient defines needed functions for azure network.LoadBalancersClient
-type LoadBalancersClient interface {
-	CreateOrUpdate(resourceGroupName string, loadBalancerName string, parameters network.LoadBalancer, cancel <-chan struct{}) (<-chan network.LoadBalancer, <-chan error)
-	Delete(resourceGroupName string, loadBalancerName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error)
-	Get(resourceGroupName string, loadBalancerName string, expand string) (result network.LoadBalancer, err error)
-	List(resourceGroupName string) (result network.LoadBalancerListResult, err error)
-	ListNextResults(lastResult network.LoadBalancerListResult) (result network.LoadBalancerListResult, err error)
-}
-
-// PublicIPAddressesClient defines needed functions for azure network.PublicIPAddressesClient
-type PublicIPAddressesClient interface {
-	CreateOrUpdate(resourceGroupName string, publicIPAddressName string, parameters network.PublicIPAddress, cancel <-chan struct{}) (<-chan network.PublicIPAddress, <-chan error)
-	Delete(resourceGroupName string, publicIPAddressName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error)
-	Get(resourceGroupName string, publicIPAddressName string, expand string) (result network.PublicIPAddress, err error)
-	List(resourceGroupName string) (result network.PublicIPAddressListResult, err error)
-	ListNextResults(lastResults network.PublicIPAddressListResult) (result network.PublicIPAddressListResult, err error)
-}
-
-// SubnetsClient defines needed functions for azure network.SubnetsClient
-type SubnetsClient interface {
-	CreateOrUpdate(resourceGroupName string, virtualNetworkName string, subnetName string, subnetParameters network.Subnet, cancel <-chan struct{}) (<-chan network.Subnet, <-chan error)
-	Delete(resourceGroupName string, virtualNetworkName string, subnetName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error)
-	Get(resourceGroupName string, virtualNetworkName string, subnetName string, expand string) (result network.Subnet, err error)
-	List(resourceGroupName string, virtualNetworkName string) (result network.SubnetListResult, err error)
-}
-
-// SecurityGroupsClient defines needed functions for azure network.SecurityGroupsClient
-type SecurityGroupsClient interface {
-	CreateOrUpdate(resourceGroupName string, networkSecurityGroupName string, parameters network.SecurityGroup, cancel <-chan struct{}) (<-chan network.SecurityGroup, <-chan error)
-	Delete(resourceGroupName string, networkSecurityGroupName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error)
-	Get(resourceGroupName string, networkSecurityGroupName string, expand string) (result network.SecurityGroup, err error)
-	List(resourceGroupName string) (result network.SecurityGroupListResult, err error)
+	MaximumLoadBalancerRuleCount int `json:"maximumLoadBalancerRuleCount" yaml:"maximumLoadBalancerRuleCount"`
 }
 
 // Cloud holds the config and clients
 type Cloud struct {
 	Config
-	Environment              azure.Environment
-	RoutesClient             network.RoutesClient
-	SubnetsClient            SubnetsClient
-	InterfacesClient         InterfacesClient
-	RouteTablesClient        network.RouteTablesClient
-	LoadBalancerClient       LoadBalancersClient
-	PublicIPAddressesClient  PublicIPAddressesClient
-	SecurityGroupsClient     SecurityGroupsClient
-	VirtualMachinesClient    VirtualMachinesClient
-	StorageAccountClient     storage.AccountsClient
-	DisksClient              disk.DisksClient
-	operationPollRateLimiter flowcontrol.RateLimiter
-	resourceRequestBackoff   wait.Backoff
-	metadata                 *InstanceMetadata
+	Environment             azure.Environment
+	RoutesClient            RoutesClient
+	SubnetsClient           SubnetsClient
+	InterfacesClient        InterfacesClient
+	RouteTablesClient       RouteTablesClient
+	LoadBalancerClient      LoadBalancersClient
+	PublicIPAddressesClient PublicIPAddressesClient
+	SecurityGroupsClient    SecurityGroupsClient
+	VirtualMachinesClient   VirtualMachinesClient
+	StorageAccountClient    StorageAccountClient
+	DisksClient             DisksClient
+	FileClient              FileClient
+	resourceRequestBackoff  wait.Backoff
+	metadata                *InstanceMetadata
+	vmSet                   VMSet
 
 	// Clients for vmss.
-	VirtualMachineScaleSetsClient   compute.VirtualMachineScaleSetsClient
-	VirtualMachineScaleSetVMsClient compute.VirtualMachineScaleSetVMsClient
+	VirtualMachineScaleSetsClient   VirtualMachineScaleSetsClient
+	VirtualMachineScaleSetVMsClient VirtualMachineScaleSetVMsClient
+
+	vmCache  *timedCache
+	lbCache  *timedCache
+	nsgCache *timedCache
+	rtCache  *timedCache
 
 	*BlobDiskController
 	*ManagedDiskController
@@ -212,179 +150,91 @@ func init() {
 	cloudprovider.RegisterCloudProvider(CloudProviderName, NewCloud)
 }
 
-// decodePkcs12 decodes a PKCS#12 client certificate by extracting the public certificate and
-// the private RSA key
-func decodePkcs12(pkcs []byte, password string) (*x509.Certificate, *rsa.PrivateKey, error) {
-	privateKey, certificate, err := pkcs12.Decode(pkcs, password)
+// NewCloud returns a Cloud with initialized clients
+func NewCloud(configReader io.Reader) (cloudprovider.Interface, error) {
+	config, err := parseConfig(configReader)
 	if err != nil {
-		return nil, nil, fmt.Errorf("decoding the PKCS#12 client certificate: %v", err)
-	}
-	rsaPrivateKey, isRsaKey := privateKey.(*rsa.PrivateKey)
-	if !isRsaKey {
-		return nil, nil, fmt.Errorf("PKCS#12 certificate must contain a RSA private key")
+		return nil, err
 	}
 
-	return certificate, rsaPrivateKey, nil
-}
+	if config.VMType == "" {
+		// default to standard vmType if not set.
+		config.VMType = vmTypeStandard
+	}
 
-// GetServicePrincipalToken creates a new service principal token based on the configuration
-func GetServicePrincipalToken(config *Config, env *azure.Environment) (*adal.ServicePrincipalToken, error) {
-	oauthConfig, err := adal.NewOAuthConfig(env.ActiveDirectoryEndpoint, config.TenantID)
+	env, err := auth.ParseAzureEnvironment(config.Cloud)
 	if err != nil {
-		return nil, fmt.Errorf("creating the OAuth config: %v", err)
+		return nil, err
 	}
 
-	if config.UseManagedIdentityExtension {
-		glog.V(2).Infoln("azure: using managed identity extension to retrieve access token")
-		msiEndpoint, err := adal.GetMSIVMEndpoint()
-		if err != nil {
-			return nil, fmt.Errorf("Getting the managed service identity endpoint: %v", err)
-		}
-		return adal.NewServicePrincipalTokenFromMSI(
-			msiEndpoint,
-			env.ServiceManagementEndpoint)
+	servicePrincipalToken, err := auth.GetServicePrincipalToken(&config.AzureAuthConfig, env)
+	if err != nil {
+		return nil, err
 	}
 
-	if len(config.AADClientSecret) > 0 {
-		glog.V(2).Infoln("azure: using client_id+client_secret to retrieve access token")
-		return adal.NewServicePrincipalToken(
-			*oauthConfig,
-			config.AADClientID,
-			config.AADClientSecret,
-			env.ServiceManagementEndpoint)
-	}
+	// operationPollRateLimiter.Accept() is a no-op if rate limits are configured off.
+	operationPollRateLimiter := flowcontrol.NewFakeAlwaysRateLimiter()
+	operationPollRateLimiterWrite := flowcontrol.NewFakeAlwaysRateLimiter()
 
-	if len(config.AADClientCertPath) > 0 && len(config.AADClientCertPassword) > 0 {
-		glog.V(2).Infoln("azure: using jwt client_assertion (client_cert+client_private_key) to retrieve access token")
-		certData, err := ioutil.ReadFile(config.AADClientCertPath)
-		if err != nil {
-			return nil, fmt.Errorf("reading the client certificate from file %s: %v", config.AADClientCertPath, err)
+	// If reader is provided (and no writer) we will
+	// use the same value for both.
+	if config.CloudProviderRateLimit {
+		// Assign rate limit defaults if no configuration was passed in
+		if config.CloudProviderRateLimitQPS == 0 {
+			config.CloudProviderRateLimitQPS = rateLimitQPSDefault
 		}
-		certificate, privateKey, err := decodePkcs12(certData, config.AADClientCertPassword)
-		if err != nil {
-			return nil, fmt.Errorf("decoding the client certificate: %v", err)
+		if config.CloudProviderRateLimitBucket == 0 {
+			config.CloudProviderRateLimitBucket = rateLimitBucketDefault
+		}
+		if config.CloudProviderRateLimitQPSWrite == 0 {
+			config.CloudProviderRateLimitQPSWrite = rateLimitQPSDefault
+		}
+		if config.CloudProviderRateLimitBucketWrite == 0 {
+			config.CloudProviderRateLimitBucketWrite = rateLimitBucketDefault
 		}
-		return adal.NewServicePrincipalTokenFromCertificate(
-			*oauthConfig,
-			config.AADClientID,
-			certificate,
-			privateKey,
-			env.ServiceManagementEndpoint)
-	}
 
-	return nil, fmt.Errorf("No credentials provided for AAD application %s", config.AADClientID)
-}
+		operationPollRateLimiter = flowcontrol.NewTokenBucketRateLimiter(
+			config.CloudProviderRateLimitQPS,
+			config.CloudProviderRateLimitBucket)
 
-// NewCloud returns a Cloud with initialized clients
-func NewCloud(configReader io.Reader) (cloudprovider.Interface, error) {
-	config, env, err := ParseConfig(configReader)
-	if err != nil {
-		return nil, err
+		operationPollRateLimiterWrite = flowcontrol.NewTokenBucketRateLimiter(
+			config.CloudProviderRateLimitQPSWrite,
+			config.CloudProviderRateLimitBucketWrite)
+
+		glog.V(2).Infof("Azure cloudprovider (read ops) using rate limit config: QPS=%g, bucket=%d",
+			config.CloudProviderRateLimitQPS,
+			config.CloudProviderRateLimitBucket)
+
+		glog.V(2).Infof("Azure cloudprovider (write ops) using rate limit config: QPS=%g, bucket=%d",
+			config.CloudProviderRateLimitQPSWrite,
+			config.CloudProviderRateLimitBucketWrite)
+
+	}
+
+	azClientConfig := &azClientConfig{
+		subscriptionID:          config.SubscriptionID,
+		resourceManagerEndpoint: env.ResourceManagerEndpoint,
+		servicePrincipalToken:   servicePrincipalToken,
+		rateLimiterReader:       operationPollRateLimiter,
+		rateLimiterWriter:       operationPollRateLimiterWrite,
 	}
 	az := Cloud{
 		Config:      *config,
 		Environment: *env,
-	}
 
-	servicePrincipalToken, err := GetServicePrincipalToken(config, env)
-	if err != nil {
-		return nil, err
-	}
-
-	subnetsClient := network.NewSubnetsClient(az.SubscriptionID)
-	subnetsClient.BaseURI = az.Environment.ResourceManagerEndpoint
-	subnetsClient.Authorizer = autorest.NewBearerAuthorizer(servicePrincipalToken)
-	subnetsClient.PollingDelay = 5 * time.Second
-	configureUserAgent(&subnetsClient.Client)
-	az.SubnetsClient = subnetsClient
-
-	az.RouteTablesClient = network.NewRouteTablesClient(az.SubscriptionID)
-	az.RouteTablesClient.BaseURI = az.Environment.ResourceManagerEndpoint
-	az.RouteTablesClient.Authorizer = autorest.NewBearerAuthorizer(servicePrincipalToken)
-	az.RouteTablesClient.PollingDelay = 5 * time.Second
-	configureUserAgent(&az.RouteTablesClient.Client)
-
-	az.RoutesClient = network.NewRoutesClient(az.SubscriptionID)
-	az.RoutesClient.BaseURI = az.Environment.ResourceManagerEndpoint
-	az.RoutesClient.Authorizer = autorest.NewBearerAuthorizer(servicePrincipalToken)
-	az.RoutesClient.PollingDelay = 5 * time.Second
-	configureUserAgent(&az.RoutesClient.Client)
-
-	interfacesClient := network.NewInterfacesClient(az.SubscriptionID)
-	interfacesClient.BaseURI = az.Environment.ResourceManagerEndpoint
-	interfacesClient.Authorizer = autorest.NewBearerAuthorizer(servicePrincipalToken)
-	interfacesClient.PollingDelay = 5 * time.Second
-	configureUserAgent(&interfacesClient.Client)
-	az.InterfacesClient = interfacesClient
-
-	loadBalancerClient := network.NewLoadBalancersClient(az.SubscriptionID)
-	loadBalancerClient.BaseURI = az.Environment.ResourceManagerEndpoint
-	loadBalancerClient.Authorizer = autorest.NewBearerAuthorizer(servicePrincipalToken)
-	loadBalancerClient.PollingDelay = 5 * time.Second
-	configureUserAgent(&loadBalancerClient.Client)
-	az.LoadBalancerClient = loadBalancerClient
-
-	virtualMachinesClient := compute.NewVirtualMachinesClient(az.SubscriptionID)
-	virtualMachinesClient.BaseURI = az.Environment.ResourceManagerEndpoint
-	virtualMachinesClient.Authorizer = autorest.NewBearerAuthorizer(servicePrincipalToken)
-	virtualMachinesClient.PollingDelay = 5 * time.Second
-	configureUserAgent(&virtualMachinesClient.Client)
-	az.VirtualMachinesClient = virtualMachinesClient
-
-	publicIPAddressClient := network.NewPublicIPAddressesClient(az.SubscriptionID)
-	publicIPAddressClient.BaseURI = az.Environment.ResourceManagerEndpoint
-	publicIPAddressClient.Authorizer = autorest.NewBearerAuthorizer(servicePrincipalToken)
-	publicIPAddressClient.PollingDelay = 5 * time.Second
-	configureUserAgent(&publicIPAddressClient.Client)
-	az.PublicIPAddressesClient = publicIPAddressClient
-
-	securityGroupsClient := network.NewSecurityGroupsClient(az.SubscriptionID)
-	securityGroupsClient.BaseURI = az.Environment.ResourceManagerEndpoint
-	securityGroupsClient.Authorizer = autorest.NewBearerAuthorizer(servicePrincipalToken)
-	securityGroupsClient.PollingDelay = 5 * time.Second
-	configureUserAgent(&securityGroupsClient.Client)
-	az.SecurityGroupsClient = securityGroupsClient
-
-	virtualMachineScaleSetVMsClient := compute.NewVirtualMachineScaleSetVMsClient(az.SubscriptionID)
-	az.VirtualMachineScaleSetVMsClient.BaseURI = az.Environment.ResourceManagerEndpoint
-	az.VirtualMachineScaleSetVMsClient.Authorizer = autorest.NewBearerAuthorizer(servicePrincipalToken)
-	az.VirtualMachineScaleSetVMsClient.PollingDelay = 5 * time.Second
-	configureUserAgent(&virtualMachineScaleSetVMsClient.Client)
-	az.VirtualMachineScaleSetVMsClient = virtualMachineScaleSetVMsClient
-
-	virtualMachineScaleSetsClient := compute.NewVirtualMachineScaleSetsClient(az.SubscriptionID)
-	az.VirtualMachineScaleSetsClient.BaseURI = az.Environment.ResourceManagerEndpoint
-	az.VirtualMachineScaleSetsClient.Authorizer = autorest.NewBearerAuthorizer(servicePrincipalToken)
-	az.VirtualMachineScaleSetsClient.PollingDelay = 5 * time.Second
-	configureUserAgent(&virtualMachineScaleSetsClient.Client)
-	az.VirtualMachineScaleSetsClient = virtualMachineScaleSetsClient
-
-	az.StorageAccountClient = storage.NewAccountsClientWithBaseURI(az.Environment.ResourceManagerEndpoint, az.SubscriptionID)
-	az.StorageAccountClient.Authorizer = autorest.NewBearerAuthorizer(servicePrincipalToken)
-	configureUserAgent(&az.StorageAccountClient.Client)
-
-	az.DisksClient = disk.NewDisksClientWithBaseURI(az.Environment.ResourceManagerEndpoint, az.SubscriptionID)
-	az.DisksClient.Authorizer = autorest.NewBearerAuthorizer(servicePrincipalToken)
-	configureUserAgent(&az.DisksClient.Client)
-
-	// Conditionally configure rate limits
-	if az.CloudProviderRateLimit {
-		// Assign rate limit defaults if no configuration was passed in
-		if az.CloudProviderRateLimitQPS == 0 {
-			az.CloudProviderRateLimitQPS = rateLimitQPSDefault
-		}
-		if az.CloudProviderRateLimitBucket == 0 {
-			az.CloudProviderRateLimitBucket = rateLimitBucketDefault
-		}
-		az.operationPollRateLimiter = flowcontrol.NewTokenBucketRateLimiter(
-			az.CloudProviderRateLimitQPS,
-			az.CloudProviderRateLimitBucket)
-		glog.V(2).Infof("Azure cloudprovider using rate limit config: QPS=%g, bucket=%d",
-			az.CloudProviderRateLimitQPS,
-			az.CloudProviderRateLimitBucket)
-	} else {
-		// if rate limits are configured off, az.operationPollRateLimiter.Accept() is a no-op
-		az.operationPollRateLimiter = flowcontrol.NewFakeAlwaysRateLimiter()
+		DisksClient:                     newAzDisksClient(azClientConfig),
+		RoutesClient:                    newAzRoutesClient(azClientConfig),
+		SubnetsClient:                   newAzSubnetsClient(azClientConfig),
+		InterfacesClient:                newAzInterfacesClient(azClientConfig),
+		RouteTablesClient:               newAzRouteTablesClient(azClientConfig),
+		LoadBalancerClient:              newAzLoadBalancersClient(azClientConfig),
+		SecurityGroupsClient:            newAzSecurityGroupsClient(azClientConfig),
+		StorageAccountClient:            newAzStorageAccountClient(azClientConfig),
+		VirtualMachinesClient:           newAzVirtualMachinesClient(azClientConfig),
+		PublicIPAddressesClient:         newAzPublicIPAddressesClient(azClientConfig),
+		VirtualMachineScaleSetsClient:   newAzVirtualMachineScaleSetsClient(azClientConfig),
+		VirtualMachineScaleSetVMsClient: newAzVirtualMachineScaleSetVMsClient(azClientConfig),
+		FileClient:                      &azureFileClient{env: *env},
 	}
 
 	// Conditionally configure resource request backoff
@@ -421,44 +271,59 @@ func NewCloud(configReader io.Reader) (cloudprovider.Interface, error) {
 		az.MaximumLoadBalancerRuleCount = maximumLoadBalancerRuleCount
 	}
 
+	if strings.EqualFold(vmTypeVMSS, az.Config.VMType) {
+		az.vmSet, err = newScaleSet(&az)
+		if err != nil {
+			return nil, err
+		}
+	} else {
+		az.vmSet = newAvailabilitySet(&az)
+	}
+
+	az.vmCache, err = az.newVMCache()
+	if err != nil {
+		return nil, err
+	}
+
+	az.lbCache, err = az.newLBCache()
+	if err != nil {
+		return nil, err
+	}
+
+	az.nsgCache, err = az.newNSGCache()
+	if err != nil {
+		return nil, err
+	}
+
+	az.rtCache, err = az.newRouteTableCache()
+	if err != nil {
+		return nil, err
+	}
+
 	if err := initDiskControllers(&az); err != nil {
 		return nil, err
 	}
 	return &az, nil
 }
 
-// ParseConfig returns a parsed configuration and azure.Environment for an Azure cloudprovider config file
-func ParseConfig(configReader io.Reader) (*Config, *azure.Environment, error) {
+// parseConfig returns a parsed configuration for an Azure cloudprovider config file
+func parseConfig(configReader io.Reader) (*Config, error) {
 	var config Config
-	var env azure.Environment
 
 	if configReader == nil {
-		return &config, &env, nil
+		return &config, nil
 	}
 
 	configContents, err := ioutil.ReadAll(configReader)
 	if err != nil {
-		return nil, nil, err
+		return nil, err
 	}
 	err = yaml.Unmarshal(configContents, &config)
 	if err != nil {
-		return nil, nil, err
-	}
-
-	if config.Cloud == "" {
-		env = azure.PublicCloud
-	} else {
-		env, err = azure.EnvironmentFromName(config.Cloud)
-		if err != nil {
-			return nil, nil, err
-		}
-	}
-
-	if config.VMType != "" {
-		config.VMType = strings.ToLower(config.VMType)
+		return nil, err
 	}
 
-	return &config, &env, nil
+	return &config, nil
 }
 
 // Initialize passes a Kubernetes clientBuilder interface to the cloud provider
@@ -489,11 +354,6 @@ func (az *Cloud) Routes() (cloudprovider.Routes, bool) {
 	return az, true
 }
 
-// ScrubDNS provides an opportunity for cloud-provider-specific code to process DNS settings for pods.
-func (az *Cloud) ScrubDNS(nameservers, searches []string) (nsOut, srchOut []string) {
-	return nameservers, searches
-}
-
 // HasClusterID returns true if the cluster has a clusterID
 func (az *Cloud) HasClusterID() bool {
 	return true
@@ -518,15 +378,9 @@ func initDiskControllers(az *Cloud) error {
 	// needed by both blob disk and managed disk controllers
 
 	common := &controllerCommon{
-		aadResourceEndPoint:   az.Environment.ServiceManagementEndpoint,
-		clientID:              az.AADClientID,
-		clientSecret:          az.AADClientSecret,
 		location:              az.Location,
 		storageEndpointSuffix: az.Environment.StorageEndpointSuffix,
-		managementEndpoint:    az.Environment.ResourceManagerEndpoint,
 		resourceGroup:         az.ResourceGroup,
-		tenantID:              az.TenantID,
-		tokenEndPoint:         az.Environment.ActiveDirectoryEndpoint,
 		subscriptionID:        az.SubscriptionID,
 		cloud:                 az,
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_backoff.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_backoff.go
index ca8f87885746..16fb0dfe2a9b 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_backoff.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_backoff.go
@@ -17,13 +17,17 @@ limitations under the License.
 package azure
 
 import (
-	"k8s.io/apimachinery/pkg/util/wait"
+	"context"
+	"net/http"
 
 	"github.com/Azure/azure-sdk-for-go/arm/compute"
 	"github.com/Azure/azure-sdk-for-go/arm/network"
+	computepreview "github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute"
 	"github.com/Azure/go-autorest/autorest"
 	"github.com/golang/glog"
+
 	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/apimachinery/pkg/util/wait"
 )
 
 // requestBackoff if backoff is disabled in cloud provider it
@@ -51,7 +55,7 @@ func (az *Cloud) GetVirtualMachineWithRetry(name types.NodeName) (compute.Virtua
 			glog.Errorf("backoff: failure, will retry,err=%v", retryErr)
 			return false, nil
 		}
-		glog.V(2).Infof("backoff: success")
+		glog.V(2).Info("backoff: success")
 		return true, nil
 	})
 	if err == wait.ErrWaitTimeout {
@@ -61,33 +65,13 @@ func (az *Cloud) GetVirtualMachineWithRetry(name types.NodeName) (compute.Virtua
 	return machine, err
 }
 
-// GetScaleSetsVMWithRetry invokes az.getScaleSetsVM with exponential backoff retry
-func (az *Cloud) GetScaleSetsVMWithRetry(name types.NodeName) (compute.VirtualMachineScaleSetVM, bool, error) {
-	var machine compute.VirtualMachineScaleSetVM
-	var exists bool
-	err := wait.ExponentialBackoff(az.resourceRequestBackoff, func() (bool, error) {
-		var retryErr error
-		machine, exists, retryErr = az.getVmssVirtualMachine(name)
-		if retryErr != nil {
-			glog.Errorf("GetScaleSetsVMWithRetry backoff: failure, will retry,err=%v", retryErr)
-			return false, nil
-		}
-		glog.V(10).Infof("GetScaleSetsVMWithRetry backoff: success")
-		return true, nil
-	})
-	return machine, exists, err
-}
-
 // VirtualMachineClientListWithRetry invokes az.VirtualMachinesClient.List with exponential backoff retry
 func (az *Cloud) VirtualMachineClientListWithRetry() ([]compute.VirtualMachine, error) {
 	allNodes := []compute.VirtualMachine{}
 	var result compute.VirtualMachineListResult
 	err := wait.ExponentialBackoff(az.requestBackoff(), func() (bool, error) {
 		var retryErr error
-		az.operationPollRateLimiter.Accept()
-		glog.V(10).Infof("VirtualMachinesClient.List(%v): start", az.ResourceGroup)
 		result, retryErr = az.VirtualMachinesClient.List(az.ResourceGroup)
-		glog.V(10).Infof("VirtualMachinesClient.List(%v): end", az.ResourceGroup)
 		if retryErr != nil {
 			glog.Errorf("VirtualMachinesClient.List(%v) - backoff: failure, will retry,err=%v",
 				az.ResourceGroup,
@@ -109,10 +93,7 @@ func (az *Cloud) VirtualMachineClientListWithRetry() ([]compute.VirtualMachine,
 		if result.NextLink != nil {
 			err := wait.ExponentialBackoff(az.requestBackoff(), func() (bool, error) {
 				var retryErr error
-				az.operationPollRateLimiter.Accept()
-				glog.V(10).Infof("VirtualMachinesClient.ListNextResults(%v): start", az.ResourceGroup)
-				result, retryErr = az.VirtualMachinesClient.ListNextResults(result)
-				glog.V(10).Infof("VirtualMachinesClient.ListNextResults(%v): end", az.ResourceGroup)
+				result, retryErr = az.VirtualMachinesClient.ListNextResults(az.ResourceGroup, result)
 				if retryErr != nil {
 					glog.Errorf("VirtualMachinesClient.ListNextResults(%v) - backoff: failure, will retry,err=%v",
 						az.ResourceGroup, retryErr)
@@ -132,44 +113,50 @@ func (az *Cloud) VirtualMachineClientListWithRetry() ([]compute.VirtualMachine,
 }
 
 // GetIPForMachineWithRetry invokes az.getIPForMachine with exponential backoff retry
-func (az *Cloud) GetIPForMachineWithRetry(name types.NodeName) (string, error) {
-	var ip string
+func (az *Cloud) GetIPForMachineWithRetry(name types.NodeName) (string, string, error) {
+	var ip, publicIP string
 	err := wait.ExponentialBackoff(az.requestBackoff(), func() (bool, error) {
 		var retryErr error
-		ip, retryErr = az.getIPForMachine(name)
+		ip, publicIP, retryErr = az.getIPForMachine(name)
 		if retryErr != nil {
 			glog.Errorf("backoff: failure, will retry,err=%v", retryErr)
 			return false, nil
 		}
-		glog.V(2).Infof("backoff: success")
+		glog.V(2).Info("backoff: success")
 		return true, nil
 	})
-	return ip, err
+	return ip, publicIP, err
 }
 
 // CreateOrUpdateSGWithRetry invokes az.SecurityGroupsClient.CreateOrUpdate with exponential backoff retry
 func (az *Cloud) CreateOrUpdateSGWithRetry(sg network.SecurityGroup) error {
 	return wait.ExponentialBackoff(az.requestBackoff(), func() (bool, error) {
-		az.operationPollRateLimiter.Accept()
-		glog.V(10).Infof("SecurityGroupsClient.CreateOrUpdate(%s): start", *sg.Name)
 		respChan, errChan := az.SecurityGroupsClient.CreateOrUpdate(az.ResourceGroup, *sg.Name, sg, nil)
 		resp := <-respChan
 		err := <-errChan
 		glog.V(10).Infof("SecurityGroupsClient.CreateOrUpdate(%s): end", *sg.Name)
-		return processRetryResponse(resp.Response, err)
+		done, err := processRetryResponse(resp.Response, err)
+		if done && err == nil {
+			// Invalidate the cache right after updating
+			az.nsgCache.Delete(*sg.Name)
+		}
+		return done, err
 	})
 }
 
 // CreateOrUpdateLBWithRetry invokes az.LoadBalancerClient.CreateOrUpdate with exponential backoff retry
 func (az *Cloud) CreateOrUpdateLBWithRetry(lb network.LoadBalancer) error {
 	return wait.ExponentialBackoff(az.requestBackoff(), func() (bool, error) {
-		az.operationPollRateLimiter.Accept()
-		glog.V(10).Infof("LoadBalancerClient.CreateOrUpdate(%s): start", *lb.Name)
 		respChan, errChan := az.LoadBalancerClient.CreateOrUpdate(az.ResourceGroup, *lb.Name, lb, nil)
 		resp := <-respChan
 		err := <-errChan
 		glog.V(10).Infof("LoadBalancerClient.CreateOrUpdate(%s): end", *lb.Name)
-		return processRetryResponse(resp.Response, err)
+		done, err := processRetryResponse(resp.Response, err)
+		if done && err == nil {
+			// Invalidate the cache right after updating
+			az.lbCache.Delete(*lb.Name)
+		}
+		return done, err
 	})
 }
 
@@ -180,10 +167,7 @@ func (az *Cloud) ListLBWithRetry() ([]network.LoadBalancer, error) {
 
 	err := wait.ExponentialBackoff(az.requestBackoff(), func() (bool, error) {
 		var retryErr error
-		az.operationPollRateLimiter.Accept()
-		glog.V(10).Infof("LoadBalancerClient.List(%v): start", az.ResourceGroup)
 		result, retryErr = az.LoadBalancerClient.List(az.ResourceGroup)
-		glog.V(10).Infof("LoadBalancerClient.List(%v): end", az.ResourceGroup)
 		if retryErr != nil {
 			glog.Errorf("LoadBalancerClient.List(%v) - backoff: failure, will retry,err=%v",
 				az.ResourceGroup,
@@ -206,10 +190,7 @@ func (az *Cloud) ListLBWithRetry() ([]network.LoadBalancer, error) {
 		if result.NextLink != nil {
 			err := wait.ExponentialBackoff(az.requestBackoff(), func() (bool, error) {
 				var retryErr error
-				az.operationPollRateLimiter.Accept()
-				glog.V(10).Infof("LoadBalancerClient.ListNextResults(%v): start", az.ResourceGroup)
-				result, retryErr = az.LoadBalancerClient.ListNextResults(result)
-				glog.V(10).Infof("LoadBalancerClient.ListNextResults(%v): end", az.ResourceGroup)
+				result, retryErr = az.LoadBalancerClient.ListNextResults(az.ResourceGroup, result)
 				if retryErr != nil {
 					glog.Errorf("LoadBalancerClient.ListNextResults(%v) - backoff: failure, will retry,err=%v",
 						az.ResourceGroup,
@@ -229,23 +210,20 @@ func (az *Cloud) ListLBWithRetry() ([]network.LoadBalancer, error) {
 	return allLBs, nil
 }
 
-// ListPIPWithRetry list the PIP resources in az.ResourceGroup
-func (az *Cloud) ListPIPWithRetry() ([]network.PublicIPAddress, error) {
+// ListPIPWithRetry list the PIP resources in the given resource group
+func (az *Cloud) ListPIPWithRetry(pipResourceGroup string) ([]network.PublicIPAddress, error) {
 	allPIPs := []network.PublicIPAddress{}
 	var result network.PublicIPAddressListResult
 	err := wait.ExponentialBackoff(az.requestBackoff(), func() (bool, error) {
 		var retryErr error
-		az.operationPollRateLimiter.Accept()
-		glog.V(10).Infof("PublicIPAddressesClient.List(%v): start", az.ResourceGroup)
-		result, retryErr = az.PublicIPAddressesClient.List(az.ResourceGroup)
-		glog.V(10).Infof("PublicIPAddressesClient.List(%v): end", az.ResourceGroup)
+		result, retryErr = az.PublicIPAddressesClient.List(pipResourceGroup)
 		if retryErr != nil {
 			glog.Errorf("PublicIPAddressesClient.List(%v) - backoff: failure, will retry,err=%v",
-				az.ResourceGroup,
+				pipResourceGroup,
 				retryErr)
 			return false, retryErr
 		}
-		glog.V(2).Infof("PublicIPAddressesClient.List(%v) - backoff: success", az.ResourceGroup)
+		glog.V(2).Infof("PublicIPAddressesClient.List(%v) - backoff: success", pipResourceGroup)
 		return true, nil
 	})
 	if err != nil {
@@ -257,21 +235,18 @@ func (az *Cloud) ListPIPWithRetry() ([]network.PublicIPAddress, error) {
 		allPIPs = append(allPIPs, *result.Value...)
 		appendResults = false
 
-		// follow the next link to get all the vms for resource group
+		// follow the next link to get all the pip resources for resource group
 		if result.NextLink != nil {
 			err := wait.ExponentialBackoff(az.requestBackoff(), func() (bool, error) {
 				var retryErr error
-				az.operationPollRateLimiter.Accept()
-				glog.V(10).Infof("PublicIPAddressesClient.ListNextResults(%v): start", az.ResourceGroup)
-				result, retryErr = az.PublicIPAddressesClient.ListNextResults(result)
-				glog.V(10).Infof("PublicIPAddressesClient.ListNextResults(%v): end", az.ResourceGroup)
+				result, retryErr = az.PublicIPAddressesClient.ListNextResults(az.ResourceGroup, result)
 				if retryErr != nil {
 					glog.Errorf("PublicIPAddressesClient.ListNextResults(%v) - backoff: failure, will retry,err=%v",
-						az.ResourceGroup,
+						pipResourceGroup,
 						retryErr)
 					return false, retryErr
 				}
-				glog.V(2).Infof("PublicIPAddressesClient.ListNextResults(%v) - backoff: success", az.ResourceGroup)
+				glog.V(2).Infof("PublicIPAddressesClient.ListNextResults(%v) - backoff: success", pipResourceGroup)
 				return true, nil
 			})
 			if err != nil {
@@ -285,14 +260,12 @@ func (az *Cloud) ListPIPWithRetry() ([]network.PublicIPAddress, error) {
 }
 
 // CreateOrUpdatePIPWithRetry invokes az.PublicIPAddressesClient.CreateOrUpdate with exponential backoff retry
-func (az *Cloud) CreateOrUpdatePIPWithRetry(pip network.PublicIPAddress) error {
+func (az *Cloud) CreateOrUpdatePIPWithRetry(pipResourceGroup string, pip network.PublicIPAddress) error {
 	return wait.ExponentialBackoff(az.requestBackoff(), func() (bool, error) {
-		az.operationPollRateLimiter.Accept()
-		glog.V(10).Infof("PublicIPAddressesClient.CreateOrUpdate(%s): start", *pip.Name)
-		respChan, errChan := az.PublicIPAddressesClient.CreateOrUpdate(az.ResourceGroup, *pip.Name, pip, nil)
+		respChan, errChan := az.PublicIPAddressesClient.CreateOrUpdate(pipResourceGroup, *pip.Name, pip, nil)
 		resp := <-respChan
 		err := <-errChan
-		glog.V(10).Infof("PublicIPAddressesClient.CreateOrUpdate(%s): end", *pip.Name)
+		glog.V(10).Infof("PublicIPAddressesClient.CreateOrUpdate(%s, %s): end", pipResourceGroup, *pip.Name)
 		return processRetryResponse(resp.Response, err)
 	})
 }
@@ -300,8 +273,6 @@ func (az *Cloud) CreateOrUpdatePIPWithRetry(pip network.PublicIPAddress) error {
 // CreateOrUpdateInterfaceWithRetry invokes az.PublicIPAddressesClient.CreateOrUpdate with exponential backoff retry
 func (az *Cloud) CreateOrUpdateInterfaceWithRetry(nic network.Interface) error {
 	return wait.ExponentialBackoff(az.requestBackoff(), func() (bool, error) {
-		az.operationPollRateLimiter.Accept()
-		glog.V(10).Infof("InterfacesClient.CreateOrUpdate(%s): start", *nic.Name)
 		respChan, errChan := az.InterfacesClient.CreateOrUpdate(az.ResourceGroup, *nic.Name, nic, nil)
 		resp := <-respChan
 		err := <-errChan
@@ -311,14 +282,11 @@ func (az *Cloud) CreateOrUpdateInterfaceWithRetry(nic network.Interface) error {
 }
 
 // DeletePublicIPWithRetry invokes az.PublicIPAddressesClient.Delete with exponential backoff retry
-func (az *Cloud) DeletePublicIPWithRetry(pipName string) error {
+func (az *Cloud) DeletePublicIPWithRetry(pipResourceGroup string, pipName string) error {
 	return wait.ExponentialBackoff(az.requestBackoff(), func() (bool, error) {
-		az.operationPollRateLimiter.Accept()
-		glog.V(10).Infof("PublicIPAddressesClient.Delete(%s): start", pipName)
-		respChan, errChan := az.PublicIPAddressesClient.Delete(az.ResourceGroup, pipName, nil)
+		respChan, errChan := az.PublicIPAddressesClient.Delete(pipResourceGroup, pipName, nil)
 		resp := <-respChan
 		err := <-errChan
-		glog.V(10).Infof("PublicIPAddressesClient.Delete(%s): end", pipName)
 		return processRetryResponse(resp, err)
 	})
 }
@@ -326,25 +294,24 @@ func (az *Cloud) DeletePublicIPWithRetry(pipName string) error {
 // DeleteLBWithRetry invokes az.LoadBalancerClient.Delete with exponential backoff retry
 func (az *Cloud) DeleteLBWithRetry(lbName string) error {
 	return wait.ExponentialBackoff(az.requestBackoff(), func() (bool, error) {
-		az.operationPollRateLimiter.Accept()
-		glog.V(10).Infof("LoadBalancerClient.Delete(%s): start", lbName)
 		respChan, errChan := az.LoadBalancerClient.Delete(az.ResourceGroup, lbName, nil)
 		resp := <-respChan
 		err := <-errChan
-		glog.V(10).Infof("LoadBalancerClient.Delete(%s): end", lbName)
-		return processRetryResponse(resp, err)
+		done, err := processRetryResponse(resp, err)
+		if done && err == nil {
+			// Invalidate the cache right after deleting
+			az.lbCache.Delete(lbName)
+		}
+		return done, err
 	})
 }
 
 // CreateOrUpdateRouteTableWithRetry invokes az.RouteTablesClient.CreateOrUpdate with exponential backoff retry
 func (az *Cloud) CreateOrUpdateRouteTableWithRetry(routeTable network.RouteTable) error {
 	return wait.ExponentialBackoff(az.requestBackoff(), func() (bool, error) {
-		az.operationPollRateLimiter.Accept()
-		glog.V(10).Infof("RouteTablesClient.CreateOrUpdate(%s): start", *routeTable.Name)
 		respChan, errChan := az.RouteTablesClient.CreateOrUpdate(az.ResourceGroup, az.RouteTableName, routeTable, nil)
 		resp := <-respChan
 		err := <-errChan
-		glog.V(10).Infof("RouteTablesClient.CreateOrUpdate(%s): end", *routeTable.Name)
 		return processRetryResponse(resp.Response, err)
 	})
 }
@@ -352,8 +319,6 @@ func (az *Cloud) CreateOrUpdateRouteTableWithRetry(routeTable network.RouteTable
 // CreateOrUpdateRouteWithRetry invokes az.RoutesClient.CreateOrUpdate with exponential backoff retry
 func (az *Cloud) CreateOrUpdateRouteWithRetry(route network.Route) error {
 	return wait.ExponentialBackoff(az.requestBackoff(), func() (bool, error) {
-		az.operationPollRateLimiter.Accept()
-		glog.V(10).Infof("RoutesClient.CreateOrUpdate(%s): start", *route.Name)
 		respChan, errChan := az.RoutesClient.CreateOrUpdate(az.ResourceGroup, az.RouteTableName, *route.Name, route, nil)
 		resp := <-respChan
 		err := <-errChan
@@ -365,8 +330,6 @@ func (az *Cloud) CreateOrUpdateRouteWithRetry(route network.Route) error {
 // DeleteRouteWithRetry invokes az.RoutesClient.Delete with exponential backoff retry
 func (az *Cloud) DeleteRouteWithRetry(routeName string) error {
 	return wait.ExponentialBackoff(az.requestBackoff(), func() (bool, error) {
-		az.operationPollRateLimiter.Accept()
-		glog.V(10).Infof("RoutesClient.Delete(%s): start", az.RouteTableName)
 		respChan, errChan := az.RoutesClient.Delete(az.ResourceGroup, az.RouteTableName, routeName, nil)
 		resp := <-respChan
 		err := <-errChan
@@ -378,8 +341,6 @@ func (az *Cloud) DeleteRouteWithRetry(routeName string) error {
 // CreateOrUpdateVMWithRetry invokes az.VirtualMachinesClient.CreateOrUpdate with exponential backoff retry
 func (az *Cloud) CreateOrUpdateVMWithRetry(vmName string, newVM compute.VirtualMachine) error {
 	return wait.ExponentialBackoff(az.requestBackoff(), func() (bool, error) {
-		az.operationPollRateLimiter.Accept()
-		glog.V(10).Infof("VirtualMachinesClient.CreateOrUpdate(%s): start", vmName)
 		respChan, errChan := az.VirtualMachinesClient.CreateOrUpdate(az.ResourceGroup, vmName, newVM, nil)
 		resp := <-respChan
 		err := <-errChan
@@ -388,6 +349,15 @@ func (az *Cloud) CreateOrUpdateVMWithRetry(vmName string, newVM compute.VirtualM
 	})
 }
 
+// UpdateVmssVMWithRetry invokes az.VirtualMachineScaleSetVMsClient.Update with exponential backoff retry
+func (az *Cloud) UpdateVmssVMWithRetry(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string, parameters computepreview.VirtualMachineScaleSetVM) error {
+	return wait.ExponentialBackoff(az.requestBackoff(), func() (bool, error) {
+		resp, err := az.VirtualMachineScaleSetVMsClient.Update(ctx, resourceGroupName, VMScaleSetName, instanceID, parameters)
+		glog.V(10).Infof("VirtualMachinesClient.CreateOrUpdate(%s,%s): end", VMScaleSetName, instanceID)
+		return processHTTPRetryResponse(resp, err)
+	})
+}
+
 // A wait.ConditionFunc function to deal with common HTTP backoff response conditions
 func processRetryResponse(resp autorest.Response, err error) (bool, error) {
 	if isSuccessHTTPResponse(resp) {
@@ -399,8 +369,8 @@ func processRetryResponse(resp autorest.Response, err error) (bool, error) {
 		// suppress the error object so that backoff process continues
 		return false, nil
 	}
-	// Fall-through: stop periodic backoff, return error object from most recent request
-	return true, err
+	// Fall-through: stop periodic backoff
+	return true, nil
 }
 
 // shouldRetryAPIRequest determines if the response from an HTTP request suggests periodic retry behavior
@@ -423,3 +393,36 @@ func isSuccessHTTPResponse(resp autorest.Response) bool {
 	}
 	return false
 }
+
+func shouldRetryHTTPRequest(resp *http.Response, err error) bool {
+	if err != nil {
+		return true
+	}
+
+	if resp != nil {
+		// HTTP 4xx or 5xx suggests we should retry
+		if 399 < resp.StatusCode && resp.StatusCode < 600 {
+			return true
+		}
+	}
+
+	return false
+}
+
+func processHTTPRetryResponse(resp *http.Response, err error) (bool, error) {
+	if resp != nil {
+		// HTTP 2xx suggests a successful response
+		if 199 < resp.StatusCode && resp.StatusCode < 300 {
+			return true, nil
+		}
+	}
+
+	if shouldRetryHTTPRequest(resp, err) {
+		glog.Errorf("backoff: failure, will retry, HTTP response=%d, err=%v", resp.StatusCode, err)
+		// suppress the error object so that backoff process continues
+		return false, nil
+	}
+
+	// Fall-through: stop periodic backoff
+	return true, nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_blobDiskController.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_blobDiskController.go
index 21cea1a60d58..265b96af9149 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_blobDiskController.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_blobDiskController.go
@@ -22,10 +22,8 @@ import (
 	"fmt"
 	"net/url"
 	"regexp"
-	"sync"
-
-	"strconv"
 	"strings"
+	"sync"
 	"sync/atomic"
 	"time"
 
@@ -60,15 +58,11 @@ type BlobDiskController struct {
 }
 
 var (
-	defaultContainerName     = ""
-	storageAccountNamePrefix = ""
-	storageAccountNameMatch  = ""
-	accountsLock             = &sync.Mutex{}
+	accountsLock = &sync.Mutex{}
 )
 
 func newBlobDiskController(common *controllerCommon) (*BlobDiskController, error) {
 	c := BlobDiskController{common: common}
-	c.setUniqueStrings()
 
 	// get accounts
 	accounts, err := c.getAllStorageAccounts()
@@ -84,46 +78,26 @@ func newBlobDiskController(common *controllerCommon) (*BlobDiskController, error
 // CreateVolume creates a VHD blob in a storage account that has storageType and location using the given storage account.
 // If no storage account is given, search all the storage accounts associated with the resource group and pick one that
 // fits storage type and location.
-func (c *BlobDiskController) CreateVolume(name, storageAccount, storageAccountType, location string, requestGB int) (string, string, int, error) {
-	var err error
-	accounts := []accountWithLocation{}
-	if len(storageAccount) > 0 {
-		accounts = append(accounts, accountWithLocation{Name: storageAccount})
-	} else {
-		// find a storage account
-		accounts, err = c.common.cloud.getStorageAccounts(storageAccountType, location)
-		if err != nil {
-			// TODO: create a storage account and container
-			return "", "", 0, err
-		}
+func (c *BlobDiskController) CreateVolume(blobName, accountName, accountType, location string, requestGB int) (string, string, int, error) {
+	account, key, err := c.common.cloud.ensureStorageAccount(accountName, accountType, location, dedicatedDiskAccountNamePrefix)
+	if err != nil {
+		return "", "", 0, fmt.Errorf("could not get storage key for storage account %s: %v", accountName, err)
 	}
-	for _, account := range accounts {
-		glog.V(4).Infof("account %s type %s location %s", account.Name, account.StorageType, account.Location)
-		if (storageAccountType == "" || account.StorageType == storageAccountType) && (location == "" || account.Location == location) || len(storageAccount) > 0 {
-			// find the access key with this account
-			key, err := c.common.cloud.getStorageAccesskey(account.Name)
-			if err != nil {
-				glog.V(2).Infof("no key found for storage account %s", account.Name)
-				continue
-			}
-
-			client, err := azstorage.NewBasicClientOnSovereignCloud(account.Name, key, c.common.cloud.Environment)
-			if err != nil {
-				return "", "", 0, err
-			}
-			blobClient := client.GetBlobService()
 
-			// create a page blob in this account's vhd container
-			diskName, diskURI, err := c.createVHDBlobDisk(blobClient, account.Name, name, vhdContainerName, int64(requestGB))
-			if err != nil {
-				return "", "", 0, err
-			}
+	client, err := azstorage.NewBasicClientOnSovereignCloud(account, key, c.common.cloud.Environment)
+	if err != nil {
+		return "", "", 0, err
+	}
+	blobClient := client.GetBlobService()
 
-			glog.V(4).Infof("azureDisk - created vhd blob uri: %s", diskURI)
-			return diskName, diskURI, requestGB, err
-		}
+	// create a page blob in this account's vhd container
+	diskName, diskURI, err := c.createVHDBlobDisk(blobClient, account, blobName, vhdContainerName, int64(requestGB))
+	if err != nil {
+		return "", "", 0, err
 	}
-	return "", "", 0, fmt.Errorf("failed to find a matching storage account")
+
+	glog.V(4).Infof("azureDisk - created vhd blob uri: %s", diskURI)
+	return diskName, diskURI, requestGB, err
 }
 
 // DeleteVolume deletes a VHD blob
@@ -252,7 +226,7 @@ func (c *BlobDiskController) CreateBlobDisk(dataDiskName string, storageAccountT
 		return "", err
 	}
 
-	_, diskURI, err := c.createVHDBlobDisk(blobClient, storageAccountName, dataDiskName, defaultContainerName, int64(sizeGB))
+	_, diskURI, err := c.createVHDBlobDisk(blobClient, storageAccountName, dataDiskName, vhdContainerName, int64(sizeGB))
 	if err != nil {
 		return "", err
 	}
@@ -281,9 +255,9 @@ func (c *BlobDiskController) DeleteBlobDisk(diskURI string) error {
 		return err
 	}
 
-	glog.V(4).Infof("azureDisk - About to delete vhd file %s on storage account %s container %s", vhdName, storageAccountName, defaultContainerName)
+	glog.V(4).Infof("azureDisk - About to delete vhd file %s on storage account %s container %s", vhdName, storageAccountName, vhdContainerName)
 
-	container := blobSvc.GetContainerReference(defaultContainerName)
+	container := blobSvc.GetContainerReference(vhdContainerName)
 	blob := container.GetBlobReference(vhdName)
 	_, err = blob.DeleteIfExists(nil)
 
@@ -292,26 +266,13 @@ func (c *BlobDiskController) DeleteBlobDisk(diskURI string) error {
 			c.accounts[storageAccountName].diskCount = int32(diskCount)
 		} else {
 			glog.Warningf("azureDisk - failed to get disk count for %s however the delete disk operation was ok", storageAccountName)
-			return nil // we have failed to aquire a new count. not an error condition
+			return nil // we have failed to acquire a new count. not an error condition
 		}
 	}
 	atomic.AddInt32(&c.accounts[storageAccountName].diskCount, -1)
 	return err
 }
 
-//Sets unique strings to be used as accountnames && || blob containers names
-func (c *BlobDiskController) setUniqueStrings() {
-	uniqueString := c.common.resourceGroup + c.common.location + c.common.subscriptionID
-	hash := MakeCRC32(uniqueString)
-	//used to generate a unqie container name used by this cluster PVC
-	defaultContainerName = hash
-
-	storageAccountNamePrefix = fmt.Sprintf(storageAccountNameTemplate, hash)
-	// Used to filter relevant accounts (accounts used by shared PVC)
-	storageAccountNameMatch = storageAccountNamePrefix
-	// Used as a template to create new names for relevant accounts
-	storageAccountNamePrefix = storageAccountNamePrefix + "%s"
-}
 func (c *BlobDiskController) getStorageAccountKey(SAName string) (string, error) {
 	if account, exists := c.accounts[SAName]; exists && account.key != "" {
 		return c.accounts[SAName].key, nil
@@ -359,13 +320,13 @@ func (c *BlobDiskController) ensureDefaultContainer(storageAccountName string) e
 	var err error
 	var blobSvc azstorage.BlobStorageClient
 
-	// short circut the check via local cache
+	// short circuit the check via local cache
 	// we are forgiving the fact that account may not be in cache yet
 	if v, ok := c.accounts[storageAccountName]; ok && v.defaultContainerCreated {
 		return nil
 	}
 
-	// not cached, check existance and readiness
+	// not cached, check existence and readiness
 	bExist, provisionState, _ := c.getStorageAccountState(storageAccountName)
 
 	// account does not exist
@@ -383,7 +344,7 @@ func (c *BlobDiskController) ensureDefaultContainer(storageAccountName string) e
 			counter = counter + 1
 			// check if we passed the max sleep
 			if counter >= 20 {
-				return fmt.Errorf("azureDisk - timeout waiting to aquire lock to validate account:%s readiness", storageAccountName)
+				return fmt.Errorf("azureDisk - timeout waiting to acquire lock to validate account:%s readiness", storageAccountName)
 			}
 		}
 
@@ -392,7 +353,7 @@ func (c *BlobDiskController) ensureDefaultContainer(storageAccountName string) e
 			c.accounts[storageAccountName].isValidating = 0
 		}()
 
-		// short circut the check again.
+		// short circuit the check again.
 		if v, ok := c.accounts[storageAccountName]; ok && v.defaultContainerCreated {
 			return nil
 		}
@@ -426,13 +387,13 @@ func (c *BlobDiskController) ensureDefaultContainer(storageAccountName string) e
 		return err
 	}
 
-	container := blobSvc.GetContainerReference(defaultContainerName)
+	container := blobSvc.GetContainerReference(vhdContainerName)
 	bCreated, err := container.CreateIfNotExists(&azstorage.CreateContainerOptions{Access: azstorage.ContainerAccessTypePrivate})
 	if err != nil {
 		return err
 	}
 	if bCreated {
-		glog.V(2).Infof("azureDisk - storage account:%s had no default container(%s) and it was created \n", storageAccountName, defaultContainerName)
+		glog.V(2).Infof("azureDisk - storage account:%s had no default container(%s) and it was created \n", storageAccountName, vhdContainerName)
 	}
 
 	// flag so we no longer have to check on ARM
@@ -459,7 +420,7 @@ func (c *BlobDiskController) getDiskCount(SAName string) (int, error) {
 	}
 	params := azstorage.ListBlobsParameters{}
 
-	container := blobSvc.GetContainerReference(defaultContainerName)
+	container := blobSvc.GetContainerReference(vhdContainerName)
 	response, err := container.ListBlobs(params)
 	if err != nil {
 		return 0, err
@@ -471,7 +432,7 @@ func (c *BlobDiskController) getDiskCount(SAName string) (int, error) {
 }
 
 func (c *BlobDiskController) getAllStorageAccounts() (map[string]*storageAccountState, error) {
-	accountListResult, err := c.common.cloud.StorageAccountClient.List()
+	accountListResult, err := c.common.cloud.StorageAccountClient.ListByResourceGroup(c.common.resourceGroup)
 	if err != nil {
 		return nil, err
 	}
@@ -481,11 +442,11 @@ func (c *BlobDiskController) getAllStorageAccounts() (map[string]*storageAccount
 
 	accounts := make(map[string]*storageAccountState)
 	for _, v := range *accountListResult.Value {
-		if strings.Index(*v.Name, storageAccountNameMatch) != 0 {
+		if v.Name == nil || v.Sku == nil {
+			glog.Info("azureDisk - accountListResult Name or Sku is nil")
 			continue
 		}
-		if v.Name == nil || v.Sku == nil {
-			glog.Infof("azureDisk - accountListResult Name or Sku is nil")
+		if !strings.HasPrefix(*v.Name, sharedDiskAccountNamePrefix) {
 			continue
 		}
 		glog.Infof("azureDisk - identified account %s as part of shared PVC accounts", *v.Name)
@@ -519,7 +480,7 @@ func (c *BlobDiskController) createStorageAccount(storageAccountName string, sto
 			return fmt.Errorf("azureDisk - can not create new storage account, current storage accounts count:%v Max is:%v", len(c.accounts), maxStorageAccounts)
 		}
 
-		glog.V(2).Infof("azureDisk - Creating storage account %s type %s \n", storageAccountName, string(storageAccountType))
+		glog.V(2).Infof("azureDisk - Creating storage account %s type %s", storageAccountName, string(storageAccountType))
 
 		cp := storage.AccountCreateParameters{
 			Sku:      &storage.Sku{Name: storageAccountType},
@@ -555,13 +516,13 @@ func (c *BlobDiskController) findSANameForDisk(storageAccountType storage.SkuNam
 	countAccounts := 0 // account of this type.
 	for _, v := range c.accounts {
 		// filter out any stand-alone disks/accounts
-		if strings.Index(v.name, storageAccountNameMatch) != 0 {
+		if !strings.HasPrefix(v.name, sharedDiskAccountNamePrefix) {
 			continue
 		}
 
-		// note: we compute avge stratified by type.
-		// this to enable user to grow per SA type to avoid low
-		//avg utilization on one account type skewing all data.
+		// note: we compute avg stratified by type.
+		// this is to enable user to grow per SA type to avoid low
+		// avg utilization on one account type skewing all data.
 
 		if v.saType == storageAccountType {
 			// compute average
@@ -574,7 +535,7 @@ func (c *BlobDiskController) findSANameForDisk(storageAccountType storage.SkuNam
 			// empty account
 			if dCount == 0 {
 				glog.V(2).Infof("azureDisk - account %s identified for a new disk  is because it has 0 allocated disks", v.name)
-				return v.name, nil // shortcircut, avg is good and no need to adjust
+				return v.name, nil // short circuit, avg is good and no need to adjust
 			}
 			// if this account is less allocated
 			if dCount < maxDiskCount {
@@ -587,7 +548,7 @@ func (c *BlobDiskController) findSANameForDisk(storageAccountType storage.SkuNam
 	// if we failed to find storageaccount
 	if SAName == "" {
 		glog.V(2).Infof("azureDisk - failed to identify a suitable account for new disk and will attempt to create new account")
-		SAName = getAccountNameForNum(c.getNextAccountNum())
+		SAName = generateStorageAccountName(sharedDiskAccountNamePrefix)
 		err := c.createStorageAccount(SAName, storageAccountType, c.common.location, true)
 		if err != nil {
 			return "", err
@@ -600,10 +561,10 @@ func (c *BlobDiskController) findSANameForDisk(storageAccountType storage.SkuNam
 	avgUtilization := float64(disksAfter) / float64(countAccounts*maxDisksPerStorageAccounts)
 	aboveAvg := (avgUtilization > storageAccountUtilizationBeforeGrowing)
 
-	// avg are not create and we should craete more accounts if we can
+	// avg are not create and we should create more accounts if we can
 	if aboveAvg && countAccounts < maxStorageAccounts {
-		glog.V(2).Infof("azureDisk - shared storageAccounts utilzation(%v) >  grow-at-avg-utilization (%v). New storage account will be created", avgUtilization, storageAccountUtilizationBeforeGrowing)
-		SAName = getAccountNameForNum(c.getNextAccountNum())
+		glog.V(2).Infof("azureDisk - shared storageAccounts utilization(%v) >  grow-at-avg-utilization (%v). New storage account will be created", avgUtilization, storageAccountUtilizationBeforeGrowing)
+		SAName = generateStorageAccountName(sharedDiskAccountNamePrefix)
 		err := c.createStorageAccount(SAName, storageAccountType, c.common.location, true)
 		if err != nil {
 			return "", err
@@ -611,43 +572,15 @@ func (c *BlobDiskController) findSANameForDisk(storageAccountType storage.SkuNam
 		return SAName, nil
 	}
 
-	// avergates are not ok and we are at capacity(max storage accounts allowed)
+	// averages are not ok and we are at capacity (max storage accounts allowed)
 	if aboveAvg && countAccounts == maxStorageAccounts {
-		glog.Infof("azureDisk - shared storageAccounts utilzation(%v) > grow-at-avg-utilization (%v). But k8s maxed on SAs for PVC(%v). k8s will now exceed grow-at-avg-utilization without adding accounts",
+		glog.Infof("azureDisk - shared storageAccounts utilization(%v) > grow-at-avg-utilization (%v). But k8s maxed on SAs for PVC(%v). k8s will now exceed grow-at-avg-utilization without adding accounts",
 			avgUtilization, storageAccountUtilizationBeforeGrowing, maxStorageAccounts)
 	}
 
 	// we found a  storage accounts && [ avg are ok || we reached max sa count ]
 	return SAName, nil
 }
-func (c *BlobDiskController) getNextAccountNum() int {
-	max := 0
-
-	for k := range c.accounts {
-		// filter out accounts that are for standalone
-		if strings.Index(k, storageAccountNameMatch) != 0 {
-			continue
-		}
-		num := getAccountNumFromName(k)
-		if num > max {
-			max = num
-		}
-	}
-
-	return max + 1
-}
-
-func (c *BlobDiskController) deleteStorageAccount(storageAccountName string) error {
-	resp, err := c.common.cloud.StorageAccountClient.Delete(c.common.resourceGroup, storageAccountName)
-	if err != nil {
-		return fmt.Errorf("azureDisk - Delete of storage account '%s' failed with status %s...%v", storageAccountName, resp.Status, err)
-	}
-
-	c.removeAccountState(storageAccountName)
-
-	glog.Infof("azureDisk - Storage Account %s was deleted", storageAccountName)
-	return nil
-}
 
 //Gets storage account exist, provisionStatus, Error if any
 func (c *BlobDiskController) getStorageAccountState(storageAccountName string) (bool, storage.ProvisioningState, error) {
@@ -667,33 +600,6 @@ func (c *BlobDiskController) addAccountState(key string, state *storageAccountSt
 	}
 }
 
-func (c *BlobDiskController) removeAccountState(key string) {
-	accountsLock.Lock()
-	defer accountsLock.Unlock()
-	delete(c.accounts, key)
-}
-
-// pads account num with zeros as needed
-func getAccountNameForNum(num int) string {
-	sNum := strconv.Itoa(num)
-	missingZeros := 3 - len(sNum)
-	strZero := ""
-	for missingZeros > 0 {
-		strZero = strZero + "0"
-		missingZeros = missingZeros - 1
-	}
-
-	sNum = strZero + sNum
-	return fmt.Sprintf(storageAccountNamePrefix, sNum)
-}
-
-func getAccountNumFromName(accountName string) int {
-	nameLen := len(accountName)
-	num, _ := strconv.Atoi(accountName[nameLen-3:])
-
-	return num
-}
-
 func createVHDHeader(size uint64) ([]byte, error) {
 	h := vhd.CreateFixedHeader(size, &vhd.VHDOptions{})
 	b := new(bytes.Buffer)
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_cache.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_cache.go
new file mode 100644
index 000000000000..fd69eadbff2e
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_cache.go
@@ -0,0 +1,124 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package azure
+
+import (
+	"fmt"
+	"sync"
+	"time"
+
+	"k8s.io/client-go/tools/cache"
+)
+
+// getFunc defines a getter function for timedCache.
+type getFunc func(key string) (interface{}, error)
+
+// cacheEntry is the internal structure stores inside TTLStore.
+type cacheEntry struct {
+	key  string
+	data interface{}
+
+	// The lock to ensure not updating same entry simultaneously.
+	lock sync.Mutex
+}
+
+// cacheKeyFunc defines the key function required in TTLStore.
+func cacheKeyFunc(obj interface{}) (string, error) {
+	return obj.(*cacheEntry).key, nil
+}
+
+// timedCache is a cache with TTL.
+type timedCache struct {
+	store  cache.Store
+	lock   sync.Mutex
+	getter getFunc
+}
+
+// newTimedcache creates a new timedCache.
+func newTimedcache(ttl time.Duration, getter getFunc) (*timedCache, error) {
+	if getter == nil {
+		return nil, fmt.Errorf("getter is not provided")
+	}
+
+	return &timedCache{
+		getter: getter,
+		store:  cache.NewTTLStore(cacheKeyFunc, ttl),
+	}, nil
+}
+
+// getInternal returns cacheEntry by key. If the key is not cached yet,
+// it returns a cacheEntry with nil data.
+func (t *timedCache) getInternal(key string) (*cacheEntry, error) {
+	entry, exists, err := t.store.GetByKey(key)
+	if err != nil {
+		return nil, err
+	}
+	if exists {
+		return entry.(*cacheEntry), nil
+	}
+
+	t.lock.Lock()
+	defer t.lock.Unlock()
+	entry, exists, err = t.store.GetByKey(key)
+	if err != nil {
+		return nil, err
+	}
+	if exists {
+		return entry.(*cacheEntry), nil
+	}
+
+	// Still not found, add new entry with nil data.
+	// Note the data will be filled later by getter.
+	newEntry := &cacheEntry{
+		key:  key,
+		data: nil,
+	}
+	t.store.Add(newEntry)
+	return newEntry, nil
+}
+
+// Get returns the requested item by key.
+func (t *timedCache) Get(key string) (interface{}, error) {
+	entry, err := t.getInternal(key)
+	if err != nil {
+		return nil, err
+	}
+
+	// Data is still not cached yet, cache it by getter.
+	if entry.data == nil {
+		entry.lock.Lock()
+		defer entry.lock.Unlock()
+
+		if entry.data == nil {
+			data, err := t.getter(key)
+			if err != nil {
+				return nil, err
+			}
+
+			entry.data = data
+		}
+	}
+
+	return entry.data, nil
+}
+
+// Delete removes an item from the cache.
+func (t *timedCache) Delete(key string) error {
+	return t.store.Delete(&cacheEntry{
+		key: key,
+	})
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_client.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_client.go
new file mode 100644
index 000000000000..594a19776611
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_client.go
@@ -0,0 +1,1316 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package azure
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/Azure/azure-sdk-for-go/arm/compute"
+	"github.com/Azure/azure-sdk-for-go/arm/disk"
+	"github.com/Azure/azure-sdk-for-go/arm/network"
+	"github.com/Azure/azure-sdk-for-go/arm/storage"
+	computepreview "github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/adal"
+	"github.com/golang/glog"
+
+	"k8s.io/client-go/util/flowcontrol"
+)
+
+// Helpers for rate limiting error/error channel creation
+func createARMRateLimitErr(isWrite bool, opName string) error {
+	opType := "read"
+	if isWrite {
+		opType = "write"
+	}
+	return fmt.Errorf("azure - ARM rate limited(%s) for operation:%s", opType, opName)
+}
+
+func createARMRateLimitErrChannel(isWrite bool, opName string) chan error {
+	err := createARMRateLimitErr(isWrite, opName)
+	errChan := make(chan error, 1)
+	errChan <- err
+	return errChan
+}
+
+// VirtualMachinesClient defines needed functions for azure compute.VirtualMachinesClient
+type VirtualMachinesClient interface {
+	CreateOrUpdate(resourceGroupName string, VMName string, parameters compute.VirtualMachine, cancel <-chan struct{}) (<-chan compute.VirtualMachine, <-chan error)
+	Get(resourceGroupName string, VMName string, expand compute.InstanceViewTypes) (result compute.VirtualMachine, err error)
+	List(resourceGroupName string) (result compute.VirtualMachineListResult, err error)
+	ListNextResults(resourceGroupName string, lastResults compute.VirtualMachineListResult) (result compute.VirtualMachineListResult, err error)
+}
+
+// InterfacesClient defines needed functions for azure network.InterfacesClient
+type InterfacesClient interface {
+	CreateOrUpdate(resourceGroupName string, networkInterfaceName string, parameters network.Interface, cancel <-chan struct{}) (<-chan network.Interface, <-chan error)
+	Get(resourceGroupName string, networkInterfaceName string, expand string) (result network.Interface, err error)
+	GetVirtualMachineScaleSetNetworkInterface(resourceGroupName string, virtualMachineScaleSetName string, virtualmachineIndex string, networkInterfaceName string, expand string) (result network.Interface, err error)
+}
+
+// LoadBalancersClient defines needed functions for azure network.LoadBalancersClient
+type LoadBalancersClient interface {
+	CreateOrUpdate(resourceGroupName string, loadBalancerName string, parameters network.LoadBalancer, cancel <-chan struct{}) (<-chan network.LoadBalancer, <-chan error)
+	Delete(resourceGroupName string, loadBalancerName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error)
+	Get(resourceGroupName string, loadBalancerName string, expand string) (result network.LoadBalancer, err error)
+	List(resourceGroupName string) (result network.LoadBalancerListResult, err error)
+	ListNextResults(resourceGroupName string, lastResult network.LoadBalancerListResult) (result network.LoadBalancerListResult, err error)
+}
+
+// PublicIPAddressesClient defines needed functions for azure network.PublicIPAddressesClient
+type PublicIPAddressesClient interface {
+	CreateOrUpdate(resourceGroupName string, publicIPAddressName string, parameters network.PublicIPAddress, cancel <-chan struct{}) (<-chan network.PublicIPAddress, <-chan error)
+	Delete(resourceGroupName string, publicIPAddressName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error)
+	Get(resourceGroupName string, publicIPAddressName string, expand string) (result network.PublicIPAddress, err error)
+	List(resourceGroupName string) (result network.PublicIPAddressListResult, err error)
+	ListNextResults(resourceGroupName string, lastResults network.PublicIPAddressListResult) (result network.PublicIPAddressListResult, err error)
+}
+
+// SubnetsClient defines needed functions for azure network.SubnetsClient
+type SubnetsClient interface {
+	CreateOrUpdate(resourceGroupName string, virtualNetworkName string, subnetName string, subnetParameters network.Subnet, cancel <-chan struct{}) (<-chan network.Subnet, <-chan error)
+	Delete(resourceGroupName string, virtualNetworkName string, subnetName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error)
+	Get(resourceGroupName string, virtualNetworkName string, subnetName string, expand string) (result network.Subnet, err error)
+	List(resourceGroupName string, virtualNetworkName string) (result network.SubnetListResult, err error)
+}
+
+// SecurityGroupsClient defines needed functions for azure network.SecurityGroupsClient
+type SecurityGroupsClient interface {
+	CreateOrUpdate(resourceGroupName string, networkSecurityGroupName string, parameters network.SecurityGroup, cancel <-chan struct{}) (<-chan network.SecurityGroup, <-chan error)
+	Delete(resourceGroupName string, networkSecurityGroupName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error)
+	Get(resourceGroupName string, networkSecurityGroupName string, expand string) (result network.SecurityGroup, err error)
+	List(resourceGroupName string) (result network.SecurityGroupListResult, err error)
+}
+
+// VirtualMachineScaleSetsClient defines needed functions for azure computepreview.VirtualMachineScaleSetsClient
+type VirtualMachineScaleSetsClient interface {
+	CreateOrUpdate(ctx context.Context, resourceGroupName string, VMScaleSetName string, parameters computepreview.VirtualMachineScaleSet) (resp *http.Response, err error)
+	Get(ctx context.Context, resourceGroupName string, VMScaleSetName string) (result computepreview.VirtualMachineScaleSet, err error)
+	List(ctx context.Context, resourceGroupName string) (result []computepreview.VirtualMachineScaleSet, err error)
+	UpdateInstances(ctx context.Context, resourceGroupName string, VMScaleSetName string, VMInstanceIDs computepreview.VirtualMachineScaleSetVMInstanceRequiredIDs) (resp *http.Response, err error)
+}
+
+// VirtualMachineScaleSetVMsClient defines needed functions for azure computepreview.VirtualMachineScaleSetVMsClient
+type VirtualMachineScaleSetVMsClient interface {
+	Get(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (result computepreview.VirtualMachineScaleSetVM, err error)
+	GetInstanceView(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (result computepreview.VirtualMachineScaleSetVMInstanceView, err error)
+	List(ctx context.Context, resourceGroupName string, virtualMachineScaleSetName string, filter string, selectParameter string, expand string) (result []computepreview.VirtualMachineScaleSetVM, err error)
+	Update(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string, parameters computepreview.VirtualMachineScaleSetVM) (resp *http.Response, err error)
+}
+
+// RoutesClient defines needed functions for azure network.RoutesClient
+type RoutesClient interface {
+	CreateOrUpdate(resourceGroupName string, routeTableName string, routeName string, routeParameters network.Route, cancel <-chan struct{}) (<-chan network.Route, <-chan error)
+	Delete(resourceGroupName string, routeTableName string, routeName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error)
+}
+
+// RouteTablesClient defines needed functions for azure network.RouteTablesClient
+type RouteTablesClient interface {
+	CreateOrUpdate(resourceGroupName string, routeTableName string, parameters network.RouteTable, cancel <-chan struct{}) (<-chan network.RouteTable, <-chan error)
+	Get(resourceGroupName string, routeTableName string, expand string) (result network.RouteTable, err error)
+}
+
+// StorageAccountClient defines needed functions for azure storage.AccountsClient
+type StorageAccountClient interface {
+	Create(resourceGroupName string, accountName string, parameters storage.AccountCreateParameters, cancel <-chan struct{}) (<-chan storage.Account, <-chan error)
+	Delete(resourceGroupName string, accountName string) (result autorest.Response, err error)
+	ListKeys(resourceGroupName string, accountName string) (result storage.AccountListKeysResult, err error)
+	ListByResourceGroup(resourceGroupName string) (result storage.AccountListResult, err error)
+	GetProperties(resourceGroupName string, accountName string) (result storage.Account, err error)
+}
+
+// DisksClient defines needed functions for azure disk.DisksClient
+type DisksClient interface {
+	CreateOrUpdate(resourceGroupName string, diskName string, diskParameter disk.Model, cancel <-chan struct{}) (<-chan disk.Model, <-chan error)
+	Delete(resourceGroupName string, diskName string, cancel <-chan struct{}) (<-chan disk.OperationStatusResponse, <-chan error)
+	Get(resourceGroupName string, diskName string) (result disk.Model, err error)
+}
+
+// azClientConfig contains all essential information to create an Azure client.
+type azClientConfig struct {
+	subscriptionID          string
+	resourceManagerEndpoint string
+	servicePrincipalToken   *adal.ServicePrincipalToken
+	// ARM Rate limiting for GET vs PUT/POST
+	//Details: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-request-limits
+	rateLimiterReader flowcontrol.RateLimiter
+	rateLimiterWriter flowcontrol.RateLimiter
+}
+
+// azVirtualMachinesClient implements VirtualMachinesClient.
+type azVirtualMachinesClient struct {
+	client            compute.VirtualMachinesClient
+	rateLimiterReader flowcontrol.RateLimiter
+	rateLimiterWriter flowcontrol.RateLimiter
+}
+
+func getContextWithCancel() (context.Context, context.CancelFunc) {
+	return context.WithCancel(context.Background())
+}
+
+func newAzVirtualMachinesClient(config *azClientConfig) *azVirtualMachinesClient {
+	virtualMachinesClient := compute.NewVirtualMachinesClient(config.subscriptionID)
+	virtualMachinesClient.BaseURI = config.resourceManagerEndpoint
+	virtualMachinesClient.Authorizer = autorest.NewBearerAuthorizer(config.servicePrincipalToken)
+	virtualMachinesClient.PollingDelay = 5 * time.Second
+	configureUserAgent(&virtualMachinesClient.Client)
+
+	return &azVirtualMachinesClient{
+		rateLimiterReader: config.rateLimiterReader,
+		rateLimiterWriter: config.rateLimiterWriter,
+		client:            virtualMachinesClient,
+	}
+}
+
+func (az *azVirtualMachinesClient) CreateOrUpdate(resourceGroupName string, VMName string, parameters compute.VirtualMachine, cancel <-chan struct{}) (<-chan compute.VirtualMachine, <-chan error) {
+	/* Write rate limiting */
+	if !az.rateLimiterWriter.TryAccept() {
+		errChan := createARMRateLimitErrChannel(true, "NSGCreateOrUpdate")
+		resultChan := make(chan compute.VirtualMachine, 1)
+		resultChan <- compute.VirtualMachine{}
+		return resultChan, errChan
+	}
+
+	glog.V(10).Infof("azVirtualMachinesClient.CreateOrUpdate(%q, %q): start", resourceGroupName, VMName)
+	defer func() {
+		glog.V(10).Infof("azVirtualMachinesClient.CreateOrUpdate(%q, %q): end", resourceGroupName, VMName)
+	}()
+
+	errChan := make(chan error, 1)
+	mc := newMetricContext("vm", "create_or_update", resourceGroupName, az.client.SubscriptionID)
+	resultChan, proxyErrChan := az.client.CreateOrUpdate(resourceGroupName, VMName, parameters, cancel)
+	err := <-proxyErrChan
+	mc.Observe(err)
+	errChan <- err
+	return resultChan, errChan
+}
+
+func (az *azVirtualMachinesClient) Get(resourceGroupName string, VMName string, expand compute.InstanceViewTypes) (result compute.VirtualMachine, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "VMGet")
+		return
+	}
+
+	glog.V(10).Infof("azVirtualMachinesClient.Get(%q, %q): start", resourceGroupName, VMName)
+	defer func() {
+		glog.V(10).Infof("azVirtualMachinesClient.Get(%q, %q): end", resourceGroupName, VMName)
+	}()
+
+	mc := newMetricContext("vm", "get", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.Get(resourceGroupName, VMName, expand)
+	mc.Observe(err)
+	return
+}
+
+func (az *azVirtualMachinesClient) List(resourceGroupName string) (result compute.VirtualMachineListResult, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "VMList")
+		return
+	}
+
+	glog.V(10).Infof("azVirtualMachinesClient.List(%q): start", resourceGroupName)
+	defer func() {
+		glog.V(10).Infof("azVirtualMachinesClient.List(%q): end", resourceGroupName)
+	}()
+
+	mc := newMetricContext("vm", "list", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.List(resourceGroupName)
+	mc.Observe(err)
+	return
+}
+
+func (az *azVirtualMachinesClient) ListNextResults(resourceGroupName string, lastResults compute.VirtualMachineListResult) (result compute.VirtualMachineListResult, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "VMListNextResults")
+		return
+	}
+
+	glog.V(10).Infof("azVirtualMachinesClient.ListNextResults(%q): start", lastResults)
+	defer func() {
+		glog.V(10).Infof("azVirtualMachinesClient.ListNextResults(%q): end", lastResults)
+	}()
+
+	mc := newMetricContext("vm", "list_next_results", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.ListNextResults(lastResults)
+	mc.Observe(err)
+	return
+}
+
+// azInterfacesClient implements InterfacesClient.
+type azInterfacesClient struct {
+	client            network.InterfacesClient
+	rateLimiterReader flowcontrol.RateLimiter
+	rateLimiterWriter flowcontrol.RateLimiter
+}
+
+func newAzInterfacesClient(config *azClientConfig) *azInterfacesClient {
+	interfacesClient := network.NewInterfacesClient(config.subscriptionID)
+	interfacesClient.BaseURI = config.resourceManagerEndpoint
+	interfacesClient.Authorizer = autorest.NewBearerAuthorizer(config.servicePrincipalToken)
+	interfacesClient.PollingDelay = 5 * time.Second
+	configureUserAgent(&interfacesClient.Client)
+
+	return &azInterfacesClient{
+		rateLimiterReader: config.rateLimiterReader,
+		rateLimiterWriter: config.rateLimiterWriter,
+		client:            interfacesClient,
+	}
+}
+
+func (az *azInterfacesClient) CreateOrUpdate(resourceGroupName string, networkInterfaceName string, parameters network.Interface, cancel <-chan struct{}) (<-chan network.Interface, <-chan error) {
+	/* Write rate limiting */
+	if !az.rateLimiterWriter.TryAccept() {
+		errChan := createARMRateLimitErrChannel(true, "NiCreateOrUpdate")
+		resultChan := make(chan network.Interface, 1)
+		resultChan <- network.Interface{}
+		return resultChan, errChan
+	}
+
+	glog.V(10).Infof("azInterfacesClient.CreateOrUpdate(%q,%q): start", resourceGroupName, networkInterfaceName)
+	defer func() {
+		glog.V(10).Infof("azInterfacesClient.CreateOrUpdate(%q,%q): end", resourceGroupName, networkInterfaceName)
+	}()
+
+	errChan := make(chan error, 1)
+	mc := newMetricContext("interfaces", "create_or_update", resourceGroupName, az.client.SubscriptionID)
+	resultChan, proxyErrChan := az.client.CreateOrUpdate(resourceGroupName, networkInterfaceName, parameters, cancel)
+	err := <-proxyErrChan
+	mc.Observe(err)
+	errChan <- err
+	return resultChan, errChan
+}
+
+func (az *azInterfacesClient) Get(resourceGroupName string, networkInterfaceName string, expand string) (result network.Interface, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "NicGet")
+		return
+	}
+
+	glog.V(10).Infof("azInterfacesClient.Get(%q,%q): start", resourceGroupName, networkInterfaceName)
+	defer func() {
+		glog.V(10).Infof("azInterfacesClient.Get(%q,%q): end", resourceGroupName, networkInterfaceName)
+	}()
+
+	mc := newMetricContext("interfaces", "get", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.Get(resourceGroupName, networkInterfaceName, expand)
+	mc.Observe(err)
+	return
+}
+
+func (az *azInterfacesClient) GetVirtualMachineScaleSetNetworkInterface(resourceGroupName string, virtualMachineScaleSetName string, virtualmachineIndex string, networkInterfaceName string, expand string) (result network.Interface, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "NicGetVirtualMachineScaleSetNetworkInterface")
+		return
+	}
+
+	glog.V(10).Infof("azInterfacesClient.GetVirtualMachineScaleSetNetworkInterface(%q,%q,%q,%q): start", resourceGroupName, virtualMachineScaleSetName, virtualmachineIndex, networkInterfaceName)
+	defer func() {
+		glog.V(10).Infof("azInterfacesClient.GetVirtualMachineScaleSetNetworkInterface(%q,%q,%q,%q): end", resourceGroupName, virtualMachineScaleSetName, virtualmachineIndex, networkInterfaceName)
+	}()
+
+	mc := newMetricContext("interfaces", "get_vmss_ni", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.GetVirtualMachineScaleSetNetworkInterface(resourceGroupName, virtualMachineScaleSetName, virtualmachineIndex, networkInterfaceName, expand)
+	mc.Observe(err)
+	return
+}
+
+// azLoadBalancersClient implements LoadBalancersClient.
+type azLoadBalancersClient struct {
+	client            network.LoadBalancersClient
+	rateLimiterReader flowcontrol.RateLimiter
+	rateLimiterWriter flowcontrol.RateLimiter
+}
+
+func newAzLoadBalancersClient(config *azClientConfig) *azLoadBalancersClient {
+	loadBalancerClient := network.NewLoadBalancersClient(config.subscriptionID)
+	loadBalancerClient.BaseURI = config.resourceManagerEndpoint
+	loadBalancerClient.Authorizer = autorest.NewBearerAuthorizer(config.servicePrincipalToken)
+	loadBalancerClient.PollingDelay = 5 * time.Second
+	configureUserAgent(&loadBalancerClient.Client)
+
+	return &azLoadBalancersClient{
+		rateLimiterReader: config.rateLimiterReader,
+		rateLimiterWriter: config.rateLimiterWriter,
+		client:            loadBalancerClient,
+	}
+}
+
+func (az *azLoadBalancersClient) CreateOrUpdate(resourceGroupName string, loadBalancerName string, parameters network.LoadBalancer, cancel <-chan struct{}) (<-chan network.LoadBalancer, <-chan error) {
+	/* Write rate limiting */
+	if !az.rateLimiterWriter.TryAccept() {
+		errChan := createARMRateLimitErrChannel(true, "LBCreateOrUpdate")
+		resultChan := make(chan network.LoadBalancer, 1)
+		resultChan <- network.LoadBalancer{}
+		return resultChan, errChan
+	}
+
+	glog.V(10).Infof("azLoadBalancersClient.CreateOrUpdate(%q,%q): start", resourceGroupName, loadBalancerName)
+	defer func() {
+		glog.V(10).Infof("azLoadBalancersClient.CreateOrUpdate(%q,%q): end", resourceGroupName, loadBalancerName)
+	}()
+
+	errChan := make(chan error, 1)
+	mc := newMetricContext("load_balancers", "create_or_update", resourceGroupName, az.client.SubscriptionID)
+	resultChan, proxyErrChan := az.client.CreateOrUpdate(resourceGroupName, loadBalancerName, parameters, cancel)
+	err := <-proxyErrChan
+	mc.Observe(err)
+	errChan <- err
+	return resultChan, errChan
+}
+
+func (az *azLoadBalancersClient) Delete(resourceGroupName string, loadBalancerName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error) {
+	/* Write rate limiting */
+	if !az.rateLimiterWriter.TryAccept() {
+		errChan := createARMRateLimitErrChannel(true, "LBDelete")
+		resultChan := make(chan autorest.Response, 1)
+		resultChan <- autorest.Response{}
+		return resultChan, errChan
+	}
+
+	glog.V(10).Infof("azLoadBalancersClient.Delete(%q,%q): start", resourceGroupName, loadBalancerName)
+	defer func() {
+		glog.V(10).Infof("azLoadBalancersClient.Delete(%q,%q): end", resourceGroupName, loadBalancerName)
+	}()
+
+	errChan := make(chan error, 1)
+	mc := newMetricContext("load_balancers", "delete", resourceGroupName, az.client.SubscriptionID)
+	resultChan, proxyErrChan := az.client.Delete(resourceGroupName, loadBalancerName, cancel)
+	err := <-proxyErrChan
+	mc.Observe(err)
+	errChan <- err
+	return resultChan, errChan
+}
+
+func (az *azLoadBalancersClient) Get(resourceGroupName string, loadBalancerName string, expand string) (result network.LoadBalancer, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "LBGet")
+		return
+	}
+
+	glog.V(10).Infof("azLoadBalancersClient.Get(%q,%q): start", resourceGroupName, loadBalancerName)
+	defer func() {
+		glog.V(10).Infof("azLoadBalancersClient.Get(%q,%q): end", resourceGroupName, loadBalancerName)
+	}()
+
+	mc := newMetricContext("load_balancers", "get", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.Get(resourceGroupName, loadBalancerName, expand)
+	mc.Observe(err)
+	return
+}
+
+func (az *azLoadBalancersClient) List(resourceGroupName string) (result network.LoadBalancerListResult, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "LBList")
+		return
+	}
+
+	glog.V(10).Infof("azLoadBalancersClient.List(%q): start", resourceGroupName)
+	defer func() {
+		glog.V(10).Infof("azLoadBalancersClient.List(%q): end", resourceGroupName)
+	}()
+
+	mc := newMetricContext("load_balancers", "list", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.List(resourceGroupName)
+	mc.Observe(err)
+	return
+}
+
+func (az *azLoadBalancersClient) ListNextResults(resourceGroupName string, lastResult network.LoadBalancerListResult) (result network.LoadBalancerListResult, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "LBListNextResults")
+		return
+	}
+
+	glog.V(10).Infof("azLoadBalancersClient.ListNextResults(%q): start", lastResult)
+	defer func() {
+		glog.V(10).Infof("azLoadBalancersClient.ListNextResults(%q): end", lastResult)
+	}()
+
+	mc := newMetricContext("load_balancers", "list_next_results", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.ListNextResults(lastResult)
+	mc.Observe(err)
+	return
+}
+
+// azPublicIPAddressesClient implements PublicIPAddressesClient.
+type azPublicIPAddressesClient struct {
+	client            network.PublicIPAddressesClient
+	rateLimiterReader flowcontrol.RateLimiter
+	rateLimiterWriter flowcontrol.RateLimiter
+}
+
+func newAzPublicIPAddressesClient(config *azClientConfig) *azPublicIPAddressesClient {
+	publicIPAddressClient := network.NewPublicIPAddressesClient(config.subscriptionID)
+	publicIPAddressClient.BaseURI = config.resourceManagerEndpoint
+	publicIPAddressClient.Authorizer = autorest.NewBearerAuthorizer(config.servicePrincipalToken)
+	publicIPAddressClient.PollingDelay = 5 * time.Second
+	configureUserAgent(&publicIPAddressClient.Client)
+
+	return &azPublicIPAddressesClient{
+		rateLimiterReader: config.rateLimiterReader,
+		rateLimiterWriter: config.rateLimiterWriter,
+		client:            publicIPAddressClient,
+	}
+}
+
+func (az *azPublicIPAddressesClient) CreateOrUpdate(resourceGroupName string, publicIPAddressName string, parameters network.PublicIPAddress, cancel <-chan struct{}) (<-chan network.PublicIPAddress, <-chan error) {
+	/* Write rate limiting */
+	if !az.rateLimiterWriter.TryAccept() {
+		errChan := createARMRateLimitErrChannel(true, "PublicIPCreateOrUpdate")
+		resultChan := make(chan network.PublicIPAddress, 1)
+		resultChan <- network.PublicIPAddress{}
+		return resultChan, errChan
+	}
+
+	glog.V(10).Infof("azPublicIPAddressesClient.CreateOrUpdate(%q,%q): start", resourceGroupName, publicIPAddressName)
+	defer func() {
+		glog.V(10).Infof("azPublicIPAddressesClient.CreateOrUpdate(%q,%q): end", resourceGroupName, publicIPAddressName)
+	}()
+
+	errChan := make(chan error, 1)
+	mc := newMetricContext("public_ip_addresses", "create_or_update", resourceGroupName, az.client.SubscriptionID)
+	resultChan, proxyErrChan := az.client.CreateOrUpdate(resourceGroupName, publicIPAddressName, parameters, cancel)
+	err := <-proxyErrChan
+	mc.Observe(err)
+	errChan <- err
+	return resultChan, errChan
+}
+
+func (az *azPublicIPAddressesClient) Delete(resourceGroupName string, publicIPAddressName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error) {
+	/* Write rate limiting */
+	if !az.rateLimiterWriter.TryAccept() {
+		errChan := createARMRateLimitErrChannel(true, "PublicIPDelete")
+		resultChan := make(chan autorest.Response, 1)
+		resultChan <- autorest.Response{}
+		return resultChan, errChan
+	}
+
+	glog.V(10).Infof("azPublicIPAddressesClient.Delete(%q,%q): start", resourceGroupName, publicIPAddressName)
+	defer func() {
+		glog.V(10).Infof("azPublicIPAddressesClient.Delete(%q,%q): end", resourceGroupName, publicIPAddressName)
+	}()
+
+	errChan := make(chan error, 1)
+	mc := newMetricContext("public_ip_addresses", "delete", resourceGroupName, az.client.SubscriptionID)
+	resultChan, proxyErrChan := az.client.Delete(resourceGroupName, publicIPAddressName, cancel)
+	err := <-proxyErrChan
+	mc.Observe(err)
+	errChan <- err
+	return resultChan, errChan
+}
+
+func (az *azPublicIPAddressesClient) Get(resourceGroupName string, publicIPAddressName string, expand string) (result network.PublicIPAddress, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "PublicIPGet")
+		return
+	}
+
+	glog.V(10).Infof("azPublicIPAddressesClient.Get(%q,%q): start", resourceGroupName, publicIPAddressName)
+	defer func() {
+		glog.V(10).Infof("azPublicIPAddressesClient.Get(%q,%q): end", resourceGroupName, publicIPAddressName)
+	}()
+
+	mc := newMetricContext("public_ip_addresses", "get", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.Get(resourceGroupName, publicIPAddressName, expand)
+	mc.Observe(err)
+	return
+}
+
+func (az *azPublicIPAddressesClient) List(resourceGroupName string) (result network.PublicIPAddressListResult, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "PublicIPList")
+		return
+	}
+
+	glog.V(10).Infof("azPublicIPAddressesClient.List(%q): start", resourceGroupName)
+	defer func() {
+		glog.V(10).Infof("azPublicIPAddressesClient.List(%q): end", resourceGroupName)
+	}()
+
+	mc := newMetricContext("public_ip_addresses", "list", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.List(resourceGroupName)
+	mc.Observe(err)
+	return
+}
+
+func (az *azPublicIPAddressesClient) ListNextResults(resourceGroupName string, lastResults network.PublicIPAddressListResult) (result network.PublicIPAddressListResult, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "PublicIPListNextResults")
+		return
+	}
+
+	glog.V(10).Infof("azPublicIPAddressesClient.ListNextResults(%q): start", lastResults)
+	defer func() {
+		glog.V(10).Infof("azPublicIPAddressesClient.ListNextResults(%q): end", lastResults)
+	}()
+
+	mc := newMetricContext("public_ip_addresses", "list_next_results", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.ListNextResults(lastResults)
+	mc.Observe(err)
+	return
+}
+
+// azSubnetsClient implements SubnetsClient.
+type azSubnetsClient struct {
+	client            network.SubnetsClient
+	rateLimiterReader flowcontrol.RateLimiter
+	rateLimiterWriter flowcontrol.RateLimiter
+}
+
+func newAzSubnetsClient(config *azClientConfig) *azSubnetsClient {
+	subnetsClient := network.NewSubnetsClient(config.subscriptionID)
+	subnetsClient.BaseURI = config.resourceManagerEndpoint
+	subnetsClient.Authorizer = autorest.NewBearerAuthorizer(config.servicePrincipalToken)
+	subnetsClient.PollingDelay = 5 * time.Second
+	configureUserAgent(&subnetsClient.Client)
+
+	return &azSubnetsClient{
+		client:            subnetsClient,
+		rateLimiterReader: config.rateLimiterReader,
+		rateLimiterWriter: config.rateLimiterWriter,
+	}
+}
+
+func (az *azSubnetsClient) CreateOrUpdate(resourceGroupName string, virtualNetworkName string, subnetName string, subnetParameters network.Subnet, cancel <-chan struct{}) (<-chan network.Subnet, <-chan error) {
+	/* Write rate limiting */
+	if !az.rateLimiterWriter.TryAccept() {
+		errChan := createARMRateLimitErrChannel(true, "SubnetCreateOrUpdate")
+		resultChan := make(chan network.Subnet, 1)
+		resultChan <- network.Subnet{}
+		return resultChan, errChan
+	}
+
+	glog.V(10).Infof("azSubnetsClient.CreateOrUpdate(%q,%q,%q): start", resourceGroupName, virtualNetworkName, subnetName)
+	defer func() {
+		glog.V(10).Infof("azSubnetsClient.CreateOrUpdate(%q,%q,%q): end", resourceGroupName, virtualNetworkName, subnetName)
+	}()
+
+	errChan := make(chan error, 1)
+	mc := newMetricContext("subnets", "create_or_update", resourceGroupName, az.client.SubscriptionID)
+	resultChan, proxyErrChan := az.client.CreateOrUpdate(resourceGroupName, virtualNetworkName, subnetName, subnetParameters, cancel)
+	err := <-proxyErrChan
+	mc.Observe(err)
+	errChan <- err
+	return resultChan, errChan
+}
+
+func (az *azSubnetsClient) Delete(resourceGroupName string, virtualNetworkName string, subnetName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error) {
+	/* Write rate limiting */
+	if !az.rateLimiterWriter.TryAccept() {
+		errChan := createARMRateLimitErrChannel(true, "SubnetDelete")
+		resultChan := make(chan autorest.Response, 1)
+		resultChan <- autorest.Response{}
+		return resultChan, errChan
+	}
+
+	glog.V(10).Infof("azSubnetsClient.Delete(%q,%q,%q): start", resourceGroupName, virtualNetworkName, subnetName)
+	defer func() {
+		glog.V(10).Infof("azSubnetsClient.Delete(%q,%q,%q): end", resourceGroupName, virtualNetworkName, subnetName)
+	}()
+
+	errChan := make(chan error, 1)
+	mc := newMetricContext("subnets", "delete", resourceGroupName, az.client.SubscriptionID)
+	resultChan, proxyErrChan := az.client.Delete(resourceGroupName, virtualNetworkName, subnetName, cancel)
+	err := <-proxyErrChan
+	mc.Observe(err)
+	errChan <- err
+	return resultChan, errChan
+}
+
+func (az *azSubnetsClient) Get(resourceGroupName string, virtualNetworkName string, subnetName string, expand string) (result network.Subnet, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "SubnetGet")
+		return
+	}
+
+	glog.V(10).Infof("azSubnetsClient.Get(%q,%q,%q): start", resourceGroupName, virtualNetworkName, subnetName)
+	defer func() {
+		glog.V(10).Infof("azSubnetsClient.Get(%q,%q,%q): end", resourceGroupName, virtualNetworkName, subnetName)
+	}()
+
+	mc := newMetricContext("subnets", "get", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.Get(resourceGroupName, virtualNetworkName, subnetName, expand)
+	mc.Observe(err)
+	return
+}
+
+func (az *azSubnetsClient) List(resourceGroupName string, virtualNetworkName string) (result network.SubnetListResult, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "SubnetList")
+		return
+	}
+
+	glog.V(10).Infof("azSubnetsClient.List(%q,%q): start", resourceGroupName, virtualNetworkName)
+	defer func() {
+		glog.V(10).Infof("azSubnetsClient.List(%q,%q): end", resourceGroupName, virtualNetworkName)
+	}()
+
+	mc := newMetricContext("subnets", "list", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.List(resourceGroupName, virtualNetworkName)
+	mc.Observe(err)
+	return
+}
+
+// azSecurityGroupsClient implements SecurityGroupsClient.
+type azSecurityGroupsClient struct {
+	client            network.SecurityGroupsClient
+	rateLimiterReader flowcontrol.RateLimiter
+	rateLimiterWriter flowcontrol.RateLimiter
+}
+
+func newAzSecurityGroupsClient(config *azClientConfig) *azSecurityGroupsClient {
+	securityGroupsClient := network.NewSecurityGroupsClient(config.subscriptionID)
+	securityGroupsClient.BaseURI = config.resourceManagerEndpoint
+	securityGroupsClient.Authorizer = autorest.NewBearerAuthorizer(config.servicePrincipalToken)
+	securityGroupsClient.PollingDelay = 5 * time.Second
+	configureUserAgent(&securityGroupsClient.Client)
+
+	return &azSecurityGroupsClient{
+		client:            securityGroupsClient,
+		rateLimiterReader: config.rateLimiterReader,
+		rateLimiterWriter: config.rateLimiterWriter,
+	}
+}
+
+func (az *azSecurityGroupsClient) CreateOrUpdate(resourceGroupName string, networkSecurityGroupName string, parameters network.SecurityGroup, cancel <-chan struct{}) (<-chan network.SecurityGroup, <-chan error) {
+	/* Write rate limiting */
+	if !az.rateLimiterWriter.TryAccept() {
+		errChan := createARMRateLimitErrChannel(true, "NSGCreateOrUpdate")
+		resultChan := make(chan network.SecurityGroup, 1)
+		resultChan <- network.SecurityGroup{}
+		return resultChan, errChan
+	}
+
+	glog.V(10).Infof("azSecurityGroupsClient.CreateOrUpdate(%q,%q): start", resourceGroupName, networkSecurityGroupName)
+	defer func() {
+		glog.V(10).Infof("azSecurityGroupsClient.CreateOrUpdate(%q,%q): end", resourceGroupName, networkSecurityGroupName)
+	}()
+
+	errChan := make(chan error, 1)
+	mc := newMetricContext("security_groups", "create_or_update", resourceGroupName, az.client.SubscriptionID)
+	resultChan, proxyErrChan := az.client.CreateOrUpdate(resourceGroupName, networkSecurityGroupName, parameters, cancel)
+	err := <-proxyErrChan
+	mc.Observe(err)
+	errChan <- err
+	return resultChan, errChan
+}
+
+func (az *azSecurityGroupsClient) Delete(resourceGroupName string, networkSecurityGroupName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error) {
+	/* Write rate limiting */
+	if !az.rateLimiterWriter.TryAccept() {
+		errChan := createARMRateLimitErrChannel(true, "NSGDelete")
+		resultChan := make(chan autorest.Response, 1)
+		resultChan <- autorest.Response{}
+		return resultChan, errChan
+	}
+
+	glog.V(10).Infof("azSecurityGroupsClient.Delete(%q,%q): start", resourceGroupName, networkSecurityGroupName)
+	defer func() {
+		glog.V(10).Infof("azSecurityGroupsClient.Delete(%q,%q): end", resourceGroupName, networkSecurityGroupName)
+	}()
+
+	errChan := make(chan error, 1)
+	mc := newMetricContext("security_groups", "delete", resourceGroupName, az.client.SubscriptionID)
+	resultChan, proxyErrChan := az.client.Delete(resourceGroupName, networkSecurityGroupName, cancel)
+	err := <-proxyErrChan
+	mc.Observe(err)
+	errChan <- err
+	return resultChan, errChan
+}
+
+func (az *azSecurityGroupsClient) Get(resourceGroupName string, networkSecurityGroupName string, expand string) (result network.SecurityGroup, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "NSGGet")
+		return
+	}
+
+	glog.V(10).Infof("azSecurityGroupsClient.Get(%q,%q): start", resourceGroupName, networkSecurityGroupName)
+	defer func() {
+		glog.V(10).Infof("azSecurityGroupsClient.Get(%q,%q): end", resourceGroupName, networkSecurityGroupName)
+	}()
+
+	mc := newMetricContext("security_groups", "get", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.Get(resourceGroupName, networkSecurityGroupName, expand)
+	mc.Observe(err)
+	return
+}
+
+func (az *azSecurityGroupsClient) List(resourceGroupName string) (result network.SecurityGroupListResult, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "NSGList")
+		return
+	}
+
+	glog.V(10).Infof("azSecurityGroupsClient.List(%q): start", resourceGroupName)
+	defer func() {
+		glog.V(10).Infof("azSecurityGroupsClient.List(%q): end", resourceGroupName)
+	}()
+
+	mc := newMetricContext("security_groups", "list", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.List(resourceGroupName)
+	mc.Observe(err)
+	return
+}
+
+// azVirtualMachineScaleSetsClient implements VirtualMachineScaleSetsClient.
+type azVirtualMachineScaleSetsClient struct {
+	client            computepreview.VirtualMachineScaleSetsClient
+	rateLimiterReader flowcontrol.RateLimiter
+	rateLimiterWriter flowcontrol.RateLimiter
+}
+
+func newAzVirtualMachineScaleSetsClient(config *azClientConfig) *azVirtualMachineScaleSetsClient {
+	virtualMachineScaleSetsClient := computepreview.NewVirtualMachineScaleSetsClient(config.subscriptionID)
+	virtualMachineScaleSetsClient.BaseURI = config.resourceManagerEndpoint
+	virtualMachineScaleSetsClient.Authorizer = autorest.NewBearerAuthorizer(config.servicePrincipalToken)
+	virtualMachineScaleSetsClient.PollingDelay = 5 * time.Second
+	configureUserAgent(&virtualMachineScaleSetsClient.Client)
+
+	return &azVirtualMachineScaleSetsClient{
+		client:            virtualMachineScaleSetsClient,
+		rateLimiterReader: config.rateLimiterReader,
+		rateLimiterWriter: config.rateLimiterWriter,
+	}
+}
+
+func (az *azVirtualMachineScaleSetsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, VMScaleSetName string, parameters computepreview.VirtualMachineScaleSet) (resp *http.Response, err error) {
+	/* Write rate limiting */
+	if !az.rateLimiterWriter.TryAccept() {
+		err = createARMRateLimitErr(true, "VMSSCreateOrUpdate")
+		return
+	}
+
+	glog.V(10).Infof("azVirtualMachineScaleSetsClient.CreateOrUpdate(%q,%q): start", resourceGroupName, VMScaleSetName)
+	defer func() {
+		glog.V(10).Infof("azVirtualMachineScaleSetsClient.CreateOrUpdate(%q,%q): end", resourceGroupName, VMScaleSetName)
+	}()
+
+	mc := newMetricContext("vmss", "create_or_update", resourceGroupName, az.client.SubscriptionID)
+	future, err := az.client.CreateOrUpdate(ctx, resourceGroupName, VMScaleSetName, parameters)
+	mc.Observe(err)
+	if err != nil {
+		return future.Response(), err
+	}
+
+	err = future.WaitForCompletion(ctx, az.client.Client)
+	mc.Observe(err)
+	return future.Response(), err
+}
+
+func (az *azVirtualMachineScaleSetsClient) Get(ctx context.Context, resourceGroupName string, VMScaleSetName string) (result computepreview.VirtualMachineScaleSet, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "VMSSGet")
+		return
+	}
+
+	glog.V(10).Infof("azVirtualMachineScaleSetsClient.Get(%q,%q): start", resourceGroupName, VMScaleSetName)
+	defer func() {
+		glog.V(10).Infof("azVirtualMachineScaleSetsClient.Get(%q,%q): end", resourceGroupName, VMScaleSetName)
+	}()
+
+	mc := newMetricContext("vmss", "get", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.Get(ctx, resourceGroupName, VMScaleSetName)
+	mc.Observe(err)
+	return
+}
+
+func (az *azVirtualMachineScaleSetsClient) List(ctx context.Context, resourceGroupName string) (result []computepreview.VirtualMachineScaleSet, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "VMSSList")
+		return
+	}
+
+	glog.V(10).Infof("azVirtualMachineScaleSetsClient.List(%q,%q): start", resourceGroupName)
+	defer func() {
+		glog.V(10).Infof("azVirtualMachineScaleSetsClient.List(%q,%q): end", resourceGroupName)
+	}()
+
+	mc := newMetricContext("vmss", "list", resourceGroupName, az.client.SubscriptionID)
+	iterator, err := az.client.ListComplete(ctx, resourceGroupName)
+	mc.Observe(err)
+	if err != nil {
+		return nil, err
+	}
+
+	result = make([]computepreview.VirtualMachineScaleSet, 0)
+	for ; iterator.NotDone(); err = iterator.Next() {
+		if err != nil {
+			return nil, err
+		}
+
+		result = append(result, iterator.Value())
+	}
+
+	return result, nil
+}
+
+func (az *azVirtualMachineScaleSetsClient) UpdateInstances(ctx context.Context, resourceGroupName string, VMScaleSetName string, VMInstanceIDs computepreview.VirtualMachineScaleSetVMInstanceRequiredIDs) (resp *http.Response, err error) {
+	/* Write rate limiting */
+	if !az.rateLimiterWriter.TryAccept() {
+		err = createARMRateLimitErr(true, "VMSSUpdateInstances")
+		return
+	}
+
+	glog.V(10).Infof("azVirtualMachineScaleSetsClient.UpdateInstances(%q,%q,%q): start", resourceGroupName, VMScaleSetName, VMInstanceIDs)
+	defer func() {
+		glog.V(10).Infof("azVirtualMachineScaleSetsClient.UpdateInstances(%q,%q,%q): end", resourceGroupName, VMScaleSetName, VMInstanceIDs)
+	}()
+
+	mc := newMetricContext("vmss", "update_instances", resourceGroupName, az.client.SubscriptionID)
+	future, err := az.client.UpdateInstances(ctx, resourceGroupName, VMScaleSetName, VMInstanceIDs)
+	mc.Observe(err)
+	if err != nil {
+		return future.Response(), err
+	}
+
+	err = future.WaitForCompletion(ctx, az.client.Client)
+	mc.Observe(err)
+	return future.Response(), err
+}
+
+// azVirtualMachineScaleSetVMsClient implements VirtualMachineScaleSetVMsClient.
+type azVirtualMachineScaleSetVMsClient struct {
+	client            computepreview.VirtualMachineScaleSetVMsClient
+	rateLimiterReader flowcontrol.RateLimiter
+	rateLimiterWriter flowcontrol.RateLimiter
+}
+
+func newAzVirtualMachineScaleSetVMsClient(config *azClientConfig) *azVirtualMachineScaleSetVMsClient {
+	virtualMachineScaleSetVMsClient := computepreview.NewVirtualMachineScaleSetVMsClient(config.subscriptionID)
+	virtualMachineScaleSetVMsClient.BaseURI = config.resourceManagerEndpoint
+	virtualMachineScaleSetVMsClient.Authorizer = autorest.NewBearerAuthorizer(config.servicePrincipalToken)
+	virtualMachineScaleSetVMsClient.PollingDelay = 5 * time.Second
+	configureUserAgent(&virtualMachineScaleSetVMsClient.Client)
+
+	return &azVirtualMachineScaleSetVMsClient{
+		client:            virtualMachineScaleSetVMsClient,
+		rateLimiterReader: config.rateLimiterReader,
+		rateLimiterWriter: config.rateLimiterWriter,
+	}
+}
+
+func (az *azVirtualMachineScaleSetVMsClient) Get(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (result computepreview.VirtualMachineScaleSetVM, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "VMSSGet")
+		return
+	}
+
+	glog.V(10).Infof("azVirtualMachineScaleSetVMsClient.Get(%q,%q,%q): start", resourceGroupName, VMScaleSetName, instanceID)
+	defer func() {
+		glog.V(10).Infof("azVirtualMachineScaleSetVMsClient.Get(%q,%q,%q): end", resourceGroupName, VMScaleSetName, instanceID)
+	}()
+
+	mc := newMetricContext("vmssvm", "get", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.Get(ctx, resourceGroupName, VMScaleSetName, instanceID)
+	mc.Observe(err)
+	return
+}
+
+func (az *azVirtualMachineScaleSetVMsClient) GetInstanceView(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (result computepreview.VirtualMachineScaleSetVMInstanceView, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "VMSSGetInstanceView")
+		return
+	}
+
+	glog.V(10).Infof("azVirtualMachineScaleSetVMsClient.GetInstanceView(%q,%q,%q): start", resourceGroupName, VMScaleSetName, instanceID)
+	defer func() {
+		glog.V(10).Infof("azVirtualMachineScaleSetVMsClient.GetInstanceView(%q,%q,%q): end", resourceGroupName, VMScaleSetName, instanceID)
+	}()
+
+	mc := newMetricContext("vmssvm", "get_instance_view", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.GetInstanceView(ctx, resourceGroupName, VMScaleSetName, instanceID)
+	mc.Observe(err)
+	return
+}
+
+func (az *azVirtualMachineScaleSetVMsClient) List(ctx context.Context, resourceGroupName string, virtualMachineScaleSetName string, filter string, selectParameter string, expand string) (result []computepreview.VirtualMachineScaleSetVM, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "VMSSList")
+		return
+	}
+
+	glog.V(10).Infof("azVirtualMachineScaleSetVMsClient.List(%q,%q,%q): start", resourceGroupName, virtualMachineScaleSetName, filter)
+	defer func() {
+		glog.V(10).Infof("azVirtualMachineScaleSetVMsClient.List(%q,%q,%q): end", resourceGroupName, virtualMachineScaleSetName, filter)
+	}()
+
+	mc := newMetricContext("vmssvm", "list", resourceGroupName, az.client.SubscriptionID)
+	iterator, err := az.client.ListComplete(ctx, resourceGroupName, virtualMachineScaleSetName, filter, selectParameter, expand)
+	mc.Observe(err)
+	if err != nil {
+		return nil, err
+	}
+
+	result = make([]computepreview.VirtualMachineScaleSetVM, 0)
+	for ; iterator.NotDone(); err = iterator.Next() {
+		if err != nil {
+			return nil, err
+		}
+
+		result = append(result, iterator.Value())
+	}
+
+	return result, nil
+}
+
+func (az *azVirtualMachineScaleSetVMsClient) Update(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string, parameters computepreview.VirtualMachineScaleSetVM) (resp *http.Response, err error) {
+	if !az.rateLimiterWriter.TryAccept() {
+		err = createARMRateLimitErr(true, "VMSSUpdate")
+		return
+	}
+
+	glog.V(10).Infof("azVirtualMachineScaleSetVMsClient.Update(%q,%q,%q): start", resourceGroupName, VMScaleSetName, instanceID)
+	defer func() {
+		glog.V(10).Infof("azVirtualMachineScaleSetVMsClient.Update(%q,%q,%q): end", resourceGroupName, VMScaleSetName, instanceID)
+	}()
+
+	mc := newMetricContext("vmssvm", "update", resourceGroupName, az.client.SubscriptionID)
+	future, err := az.client.Update(ctx, resourceGroupName, VMScaleSetName, instanceID, parameters)
+	mc.Observe(err)
+	if err != nil {
+		return future.Response(), err
+	}
+
+	err = future.WaitForCompletion(ctx, az.client.Client)
+	mc.Observe(err)
+	return future.Response(), err
+}
+
+// azRoutesClient implements RoutesClient.
+type azRoutesClient struct {
+	client            network.RoutesClient
+	rateLimiterReader flowcontrol.RateLimiter
+	rateLimiterWriter flowcontrol.RateLimiter
+}
+
+func newAzRoutesClient(config *azClientConfig) *azRoutesClient {
+	routesClient := network.NewRoutesClient(config.subscriptionID)
+	routesClient.BaseURI = config.resourceManagerEndpoint
+	routesClient.Authorizer = autorest.NewBearerAuthorizer(config.servicePrincipalToken)
+	routesClient.PollingDelay = 5 * time.Second
+	configureUserAgent(&routesClient.Client)
+
+	return &azRoutesClient{
+		client:            routesClient,
+		rateLimiterReader: config.rateLimiterReader,
+		rateLimiterWriter: config.rateLimiterWriter,
+	}
+}
+
+func (az *azRoutesClient) CreateOrUpdate(resourceGroupName string, routeTableName string, routeName string, routeParameters network.Route, cancel <-chan struct{}) (<-chan network.Route, <-chan error) {
+	/* Write rate limiting */
+	if !az.rateLimiterWriter.TryAccept() {
+		errChan := createARMRateLimitErrChannel(true, "RouteCreateOrUpdate")
+		resultChan := make(chan network.Route, 1)
+		resultChan <- network.Route{}
+		return resultChan, errChan
+	}
+
+	glog.V(10).Infof("azRoutesClient.CreateOrUpdate(%q,%q,%q): start", resourceGroupName, routeTableName, routeName)
+	defer func() {
+		glog.V(10).Infof("azRoutesClient.CreateOrUpdate(%q,%q,%q): end", resourceGroupName, routeTableName, routeName)
+	}()
+
+	errChan := make(chan error, 1)
+	mc := newMetricContext("routes", "create_or_update", resourceGroupName, az.client.SubscriptionID)
+	resultChan, proxyErrChan := az.client.CreateOrUpdate(resourceGroupName, routeTableName, routeName, routeParameters, cancel)
+	err := <-proxyErrChan
+	mc.Observe(err)
+	errChan <- err
+	return resultChan, errChan
+}
+
+func (az *azRoutesClient) Delete(resourceGroupName string, routeTableName string, routeName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error) {
+	/* Write rate limiting */
+	if !az.rateLimiterWriter.TryAccept() {
+		errChan := createARMRateLimitErrChannel(true, "RouteDelete")
+		resultChan := make(chan autorest.Response, 1)
+		resultChan <- autorest.Response{}
+		return resultChan, errChan
+	}
+
+	glog.V(10).Infof("azRoutesClient.Delete(%q,%q,%q): start", resourceGroupName, routeTableName, routeName)
+	defer func() {
+		glog.V(10).Infof("azRoutesClient.Delete(%q,%q,%q): end", resourceGroupName, routeTableName, routeName)
+	}()
+
+	errChan := make(chan error, 1)
+	mc := newMetricContext("routes", "delete", resourceGroupName, az.client.SubscriptionID)
+	resultChan, proxyErrChan := az.client.Delete(resourceGroupName, routeTableName, routeName, cancel)
+	err := <-proxyErrChan
+	mc.Observe(err)
+	errChan <- err
+	return resultChan, errChan
+}
+
+// azRouteTablesClient implements RouteTablesClient.
+type azRouteTablesClient struct {
+	client            network.RouteTablesClient
+	rateLimiterReader flowcontrol.RateLimiter
+	rateLimiterWriter flowcontrol.RateLimiter
+}
+
+func newAzRouteTablesClient(config *azClientConfig) *azRouteTablesClient {
+	routeTablesClient := network.NewRouteTablesClient(config.subscriptionID)
+	routeTablesClient.BaseURI = config.resourceManagerEndpoint
+	routeTablesClient.Authorizer = autorest.NewBearerAuthorizer(config.servicePrincipalToken)
+	routeTablesClient.PollingDelay = 5 * time.Second
+	configureUserAgent(&routeTablesClient.Client)
+
+	return &azRouteTablesClient{
+		client:            routeTablesClient,
+		rateLimiterReader: config.rateLimiterReader,
+		rateLimiterWriter: config.rateLimiterWriter,
+	}
+}
+
+func (az *azRouteTablesClient) CreateOrUpdate(resourceGroupName string, routeTableName string, parameters network.RouteTable, cancel <-chan struct{}) (<-chan network.RouteTable, <-chan error) {
+	/* Write rate limiting */
+	if !az.rateLimiterWriter.TryAccept() {
+		errChan := createARMRateLimitErrChannel(true, "RouteTableCreateOrUpdate")
+		resultChan := make(chan network.RouteTable, 1)
+		resultChan <- network.RouteTable{}
+		return resultChan, errChan
+	}
+
+	glog.V(10).Infof("azRouteTablesClient.CreateOrUpdate(%q,%q): start", resourceGroupName, routeTableName)
+	defer func() {
+		glog.V(10).Infof("azRouteTablesClient.CreateOrUpdate(%q,%q): end", resourceGroupName, routeTableName)
+	}()
+
+	errChan := make(chan error, 1)
+	mc := newMetricContext("route_tables", "create_or_update", resourceGroupName, az.client.SubscriptionID)
+	resultChan, proxyErrChan := az.client.CreateOrUpdate(resourceGroupName, routeTableName, parameters, cancel)
+	err := <-proxyErrChan
+	mc.Observe(err)
+	errChan <- err
+	return resultChan, errChan
+}
+
+func (az *azRouteTablesClient) Get(resourceGroupName string, routeTableName string, expand string) (result network.RouteTable, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "GetRouteTable")
+		return
+	}
+
+	glog.V(10).Infof("azRouteTablesClient.Get(%q,%q): start", resourceGroupName, routeTableName)
+	defer func() {
+		glog.V(10).Infof("azRouteTablesClient.Get(%q,%q): end", resourceGroupName, routeTableName)
+	}()
+
+	mc := newMetricContext("route_tables", "get", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.Get(resourceGroupName, routeTableName, expand)
+	mc.Observe(err)
+	return
+}
+
+// azStorageAccountClient implements StorageAccountClient.
+type azStorageAccountClient struct {
+	client            storage.AccountsClient
+	rateLimiterReader flowcontrol.RateLimiter
+	rateLimiterWriter flowcontrol.RateLimiter
+}
+
+func newAzStorageAccountClient(config *azClientConfig) *azStorageAccountClient {
+	storageAccountClient := storage.NewAccountsClientWithBaseURI(config.resourceManagerEndpoint, config.subscriptionID)
+	storageAccountClient.Authorizer = autorest.NewBearerAuthorizer(config.servicePrincipalToken)
+	storageAccountClient.PollingDelay = 5 * time.Second
+	configureUserAgent(&storageAccountClient.Client)
+
+	return &azStorageAccountClient{
+		client:            storageAccountClient,
+		rateLimiterReader: config.rateLimiterReader,
+		rateLimiterWriter: config.rateLimiterWriter,
+	}
+}
+
+func (az *azStorageAccountClient) Create(resourceGroupName string, accountName string, parameters storage.AccountCreateParameters, cancel <-chan struct{}) (<-chan storage.Account, <-chan error) {
+	/* Write rate limiting */
+	if !az.rateLimiterWriter.TryAccept() {
+		errChan := createARMRateLimitErrChannel(true, "StorageAccountCreate")
+		resultChan := make(chan storage.Account, 1)
+		resultChan <- storage.Account{}
+		return resultChan, errChan
+	}
+
+	glog.V(10).Infof("azStorageAccountClient.Create(%q,%q): start", resourceGroupName, accountName)
+	defer func() {
+		glog.V(10).Infof("azStorageAccountClient.Create(%q,%q): end", resourceGroupName, accountName)
+	}()
+
+	errChan := make(chan error, 1)
+	mc := newMetricContext("storage_account", "create", resourceGroupName, az.client.SubscriptionID)
+	resultChan, proxyErrChan := az.client.Create(resourceGroupName, accountName, parameters, cancel)
+	err := <-proxyErrChan
+	mc.Observe(err)
+	errChan <- err
+	return resultChan, errChan
+}
+
+func (az *azStorageAccountClient) Delete(resourceGroupName string, accountName string) (result autorest.Response, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "DeleteStorageAccount")
+		return
+	}
+
+	glog.V(10).Infof("azStorageAccountClient.Delete(%q,%q): start", resourceGroupName, accountName)
+	defer func() {
+		glog.V(10).Infof("azStorageAccountClient.Delete(%q,%q): end", resourceGroupName, accountName)
+	}()
+
+	mc := newMetricContext("storage_account", "delete", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.Delete(resourceGroupName, accountName)
+	mc.Observe(err)
+	return
+}
+
+func (az *azStorageAccountClient) ListKeys(resourceGroupName string, accountName string) (result storage.AccountListKeysResult, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "ListStorageAccountKeys")
+		return
+	}
+
+	glog.V(10).Infof("azStorageAccountClient.ListKeys(%q,%q): start", resourceGroupName, accountName)
+	defer func() {
+		glog.V(10).Infof("azStorageAccountClient.ListKeys(%q,%q): end", resourceGroupName, accountName)
+	}()
+
+	mc := newMetricContext("storage_account", "list_keys", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.ListKeys(resourceGroupName, accountName)
+	mc.Observe(err)
+	return
+}
+
+func (az *azStorageAccountClient) ListByResourceGroup(resourceGroupName string) (result storage.AccountListResult, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "ListStorageAccountsByResourceGroup")
+		return
+	}
+
+	glog.V(10).Infof("azStorageAccountClient.ListByResourceGroup(%q): start", resourceGroupName)
+	defer func() {
+		glog.V(10).Infof("azStorageAccountClient.ListByResourceGroup(%q): end", resourceGroupName)
+	}()
+
+	mc := newMetricContext("storage_account", "list_by_resource_group", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.ListByResourceGroup(resourceGroupName)
+	mc.Observe(err)
+	return
+}
+
+func (az *azStorageAccountClient) GetProperties(resourceGroupName string, accountName string) (result storage.Account, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "GetStorageAccount/Properties")
+		return
+	}
+
+	glog.V(10).Infof("azStorageAccountClient.GetProperties(%q,%q): start", resourceGroupName, accountName)
+	defer func() {
+		glog.V(10).Infof("azStorageAccountClient.GetProperties(%q,%q): end", resourceGroupName, accountName)
+	}()
+
+	mc := newMetricContext("storage_account", "get_properties", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.GetProperties(resourceGroupName, accountName)
+	mc.Observe(err)
+	return
+}
+
+// azDisksClient implements DisksClient.
+type azDisksClient struct {
+	client            disk.DisksClient
+	rateLimiterReader flowcontrol.RateLimiter
+	rateLimiterWriter flowcontrol.RateLimiter
+}
+
+func newAzDisksClient(config *azClientConfig) *azDisksClient {
+	disksClient := disk.NewDisksClientWithBaseURI(config.resourceManagerEndpoint, config.subscriptionID)
+	disksClient.Authorizer = autorest.NewBearerAuthorizer(config.servicePrincipalToken)
+	disksClient.PollingDelay = 5 * time.Second
+	configureUserAgent(&disksClient.Client)
+
+	return &azDisksClient{
+		client:            disksClient,
+		rateLimiterReader: config.rateLimiterReader,
+		rateLimiterWriter: config.rateLimiterWriter,
+	}
+}
+
+func (az *azDisksClient) CreateOrUpdate(resourceGroupName string, diskName string, diskParameter disk.Model, cancel <-chan struct{}) (<-chan disk.Model, <-chan error) {
+	/* Write rate limiting */
+	if !az.rateLimiterWriter.TryAccept() {
+		errChan := createARMRateLimitErrChannel(true, "DiskCreateOrUpdate")
+		resultChan := make(chan disk.Model, 1)
+		resultChan <- disk.Model{}
+		return resultChan, errChan
+	}
+
+	glog.V(10).Infof("azDisksClient.CreateOrUpdate(%q,%q): start", resourceGroupName, diskName)
+	defer func() {
+		glog.V(10).Infof("azDisksClient.CreateOrUpdate(%q,%q): end", resourceGroupName, diskName)
+	}()
+
+	errChan := make(chan error, 1)
+	mc := newMetricContext("disks", "create_or_update", resourceGroupName, az.client.SubscriptionID)
+	resultChan, proxyErrChan := az.client.CreateOrUpdate(resourceGroupName, diskName, diskParameter, cancel)
+	err := <-proxyErrChan
+	mc.Observe(err)
+	errChan <- err
+	return resultChan, errChan
+}
+
+func (az *azDisksClient) Delete(resourceGroupName string, diskName string, cancel <-chan struct{}) (<-chan disk.OperationStatusResponse, <-chan error) {
+	/* Write rate limiting */
+	if !az.rateLimiterWriter.TryAccept() {
+		errChan := createARMRateLimitErrChannel(true, "DiskDelete")
+		resultChan := make(chan disk.OperationStatusResponse, 1)
+		resultChan <- disk.OperationStatusResponse{}
+		return resultChan, errChan
+	}
+
+	glog.V(10).Infof("azDisksClient.Delete(%q,%q): start", resourceGroupName, diskName)
+	defer func() {
+		glog.V(10).Infof("azDisksClient.Delete(%q,%q): end", resourceGroupName, diskName)
+	}()
+
+	errChan := make(chan error, 1)
+	mc := newMetricContext("disks", "delete", resourceGroupName, az.client.SubscriptionID)
+	resultChan, proxyErrChan := az.client.Delete(resourceGroupName, diskName, cancel)
+	err := <-proxyErrChan
+	mc.Observe(err)
+	errChan <- err
+	return resultChan, errChan
+}
+
+func (az *azDisksClient) Get(resourceGroupName string, diskName string) (result disk.Model, err error) {
+	if !az.rateLimiterReader.TryAccept() {
+		err = createARMRateLimitErr(false, "GetDisk")
+		return
+	}
+
+	glog.V(10).Infof("azDisksClient.Get(%q,%q): start", resourceGroupName, diskName)
+	defer func() {
+		glog.V(10).Infof("azDisksClient.Get(%q,%q): end", resourceGroupName, diskName)
+	}()
+
+	mc := newMetricContext("disks", "get", resourceGroupName, az.client.SubscriptionID)
+	result, err = az.client.Get(resourceGroupName, diskName)
+	mc.Observe(err)
+	return
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_controller_common.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_controller_common.go
new file mode 100644
index 000000000000..84a911c4c8f5
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_controller_common.go
@@ -0,0 +1,192 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package azure
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/Azure/azure-sdk-for-go/arm/compute"
+
+	"k8s.io/apimachinery/pkg/types"
+	kwait "k8s.io/apimachinery/pkg/util/wait"
+)
+
+const (
+	storageAccountNameTemplate = "pvc%s"
+
+	// for limits check https://docs.microsoft.com/en-us/azure/azure-subscription-service-limits#storage-limits
+	maxStorageAccounts                     = 100 // max # is 200 (250 with special request). this allows 100 for everything else including stand alone disks
+	maxDisksPerStorageAccounts             = 60
+	storageAccountUtilizationBeforeGrowing = 0.5
+
+	maxLUN               = 64 // max number of LUNs per VM
+	errLeaseFailed       = "AcquireDiskLeaseFailed"
+	errLeaseIDMissing    = "LeaseIdMissing"
+	errContainerNotFound = "ContainerNotFound"
+	errDiskBlobNotFound  = "DiskBlobNotFound"
+)
+
+var defaultBackOff = kwait.Backoff{
+	Steps:    20,
+	Duration: 2 * time.Second,
+	Factor:   1.5,
+	Jitter:   0.0,
+}
+
+type controllerCommon struct {
+	subscriptionID        string
+	location              string
+	storageEndpointSuffix string
+	resourceGroup         string
+	cloud                 *Cloud
+}
+
+// AttachDisk attaches a vhd to vm. The vhd must exist, can be identified by diskName, diskURI, and lun.
+func (c *controllerCommon) AttachDisk(isManagedDisk bool, diskName, diskURI string, nodeName types.NodeName, lun int32, cachingMode compute.CachingTypes) error {
+	// 1. vmType is standard, attach with availabilitySet.AttachDisk.
+	if c.cloud.VMType == vmTypeStandard {
+		return c.cloud.vmSet.AttachDisk(isManagedDisk, diskName, diskURI, nodeName, lun, cachingMode)
+	}
+
+	// 2. vmType is Virtual Machine Scale Set (vmss), convert vmSet to scaleSet.
+	ss, ok := c.cloud.vmSet.(*scaleSet)
+	if !ok {
+		return fmt.Errorf("error of converting vmSet (%q) to scaleSet with vmType %q", c.cloud.vmSet, c.cloud.VMType)
+	}
+
+	// 3. If the node is managed by availability set, then attach with availabilitySet.AttachDisk.
+	managedByAS, err := ss.isNodeManagedByAvailabilitySet(mapNodeNameToVMName(nodeName))
+	if err != nil {
+		return err
+	}
+	if managedByAS {
+		// vm is managed by availability set.
+		return ss.availabilitySet.AttachDisk(isManagedDisk, diskName, diskURI, nodeName, lun, cachingMode)
+	}
+
+	// 4. Node is managed by vmss, attach with scaleSet.AttachDisk.
+	return ss.AttachDisk(isManagedDisk, diskName, diskURI, nodeName, lun, cachingMode)
+}
+
+// DetachDiskByName detaches a vhd from host. The vhd can be identified by diskName or diskURI.
+func (c *controllerCommon) DetachDiskByName(diskName, diskURI string, nodeName types.NodeName) error {
+	// 1. vmType is standard, detach with availabilitySet.DetachDiskByName.
+	if c.cloud.VMType == vmTypeStandard {
+		return c.cloud.vmSet.DetachDiskByName(diskName, diskURI, nodeName)
+	}
+
+	// 2. vmType is Virtual Machine Scale Set (vmss), convert vmSet to scaleSet.
+	ss, ok := c.cloud.vmSet.(*scaleSet)
+	if !ok {
+		return fmt.Errorf("error of converting vmSet (%q) to scaleSet with vmType %q", c.cloud.vmSet, c.cloud.VMType)
+	}
+
+	// 3. If the node is managed by availability set, then detach with availabilitySet.DetachDiskByName.
+	managedByAS, err := ss.isNodeManagedByAvailabilitySet(mapNodeNameToVMName(nodeName))
+	if err != nil {
+		return err
+	}
+	if managedByAS {
+		// vm is managed by availability set.
+		return ss.availabilitySet.DetachDiskByName(diskName, diskURI, nodeName)
+	}
+
+	// 4. Node is managed by vmss, detach with scaleSet.DetachDiskByName.
+	return ss.DetachDiskByName(diskName, diskURI, nodeName)
+}
+
+// GetDiskLun finds the lun on the host that the vhd is attached to, given a vhd's diskName and diskURI.
+func (c *controllerCommon) GetDiskLun(diskName, diskURI string, nodeName types.NodeName) (int32, error) {
+	// 1. vmType is standard, get with availabilitySet.GetDiskLun.
+	if c.cloud.VMType == vmTypeStandard {
+		return c.cloud.vmSet.GetDiskLun(diskName, diskURI, nodeName)
+	}
+
+	// 2. vmType is Virtual Machine Scale Set (vmss), convert vmSet to scaleSet.
+	ss, ok := c.cloud.vmSet.(*scaleSet)
+	if !ok {
+		return -1, fmt.Errorf("error of converting vmSet (%q) to scaleSet with vmType %q", c.cloud.vmSet, c.cloud.VMType)
+	}
+
+	// 3. If the node is managed by availability set, then get with availabilitySet.GetDiskLun.
+	managedByAS, err := ss.isNodeManagedByAvailabilitySet(mapNodeNameToVMName(nodeName))
+	if err != nil {
+		return -1, err
+	}
+	if managedByAS {
+		// vm is managed by availability set.
+		return ss.availabilitySet.GetDiskLun(diskName, diskURI, nodeName)
+	}
+
+	// 4. Node is managed by vmss, get with scaleSet.GetDiskLun.
+	return ss.GetDiskLun(diskName, diskURI, nodeName)
+}
+
+// GetNextDiskLun searches all vhd attachment on the host and find unused lun. Return -1 if all luns are used.
+func (c *controllerCommon) GetNextDiskLun(nodeName types.NodeName) (int32, error) {
+	// 1. vmType is standard, get with availabilitySet.GetNextDiskLun.
+	if c.cloud.VMType == vmTypeStandard {
+		return c.cloud.vmSet.GetNextDiskLun(nodeName)
+	}
+
+	// 2. vmType is Virtual Machine Scale Set (vmss), convert vmSet to scaleSet.
+	ss, ok := c.cloud.vmSet.(*scaleSet)
+	if !ok {
+		return -1, fmt.Errorf("error of converting vmSet (%q) to scaleSet with vmType %q", c.cloud.vmSet, c.cloud.VMType)
+	}
+
+	// 3. If the node is managed by availability set, then get with availabilitySet.GetNextDiskLun.
+	managedByAS, err := ss.isNodeManagedByAvailabilitySet(mapNodeNameToVMName(nodeName))
+	if err != nil {
+		return -1, err
+	}
+	if managedByAS {
+		// vm is managed by availability set.
+		return ss.availabilitySet.GetNextDiskLun(nodeName)
+	}
+
+	// 4. Node is managed by vmss, get with scaleSet.GetNextDiskLun.
+	return ss.GetNextDiskLun(nodeName)
+}
+
+// DisksAreAttached checks if a list of volumes are attached to the node with the specified NodeName.
+func (c *controllerCommon) DisksAreAttached(diskNames []string, nodeName types.NodeName) (map[string]bool, error) {
+	// 1. vmType is standard, check with availabilitySet.DisksAreAttached.
+	if c.cloud.VMType == vmTypeStandard {
+		return c.cloud.vmSet.DisksAreAttached(diskNames, nodeName)
+	}
+
+	// 2. vmType is Virtual Machine Scale Set (vmss), convert vmSet to scaleSet.
+	ss, ok := c.cloud.vmSet.(*scaleSet)
+	if !ok {
+		return nil, fmt.Errorf("error of converting vmSet (%q) to scaleSet with vmType %q", c.cloud.vmSet, c.cloud.VMType)
+	}
+
+	// 3. If the node is managed by availability set, then check with availabilitySet.DisksAreAttached.
+	managedByAS, err := ss.isNodeManagedByAvailabilitySet(mapNodeNameToVMName(nodeName))
+	if err != nil {
+		return nil, err
+	}
+	if managedByAS {
+		// vm is managed by availability set.
+		return ss.availabilitySet.DisksAreAttached(diskNames, nodeName)
+	}
+
+	// 4. Node is managed by vmss, check with scaleSet.DisksAreAttached.
+	return ss.DisksAreAttached(diskNames, nodeName)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_controllerCommon.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_controller_standard.go
similarity index 66%
rename from vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_controllerCommon.go
rename to vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_controller_standard.go
index b14cda02dd22..5563f4cf7439 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_controllerCommon.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_controller_standard.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2017 The Kubernetes Authors.
+Copyright 2018 The Kubernetes Authors.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -19,60 +19,18 @@ package azure
 import (
 	"fmt"
 	"strings"
-	"time"
-
-	"k8s.io/apimachinery/pkg/types"
-	kwait "k8s.io/apimachinery/pkg/util/wait"
-	"k8s.io/kubernetes/pkg/cloudprovider"
 
 	"github.com/Azure/azure-sdk-for-go/arm/compute"
 	"github.com/golang/glog"
-)
-
-const (
-	defaultDataDiskCount       int = 16 // which will allow you to work with most medium size VMs (if not found in map)
-	storageAccountNameTemplate     = "pvc%s"
-
-	// for limits check https://docs.microsoft.com/en-us/azure/azure-subscription-service-limits#storage-limits
-	maxStorageAccounts                     = 100 // max # is 200 (250 with special request). this allows 100 for everything else including stand alone disks
-	maxDisksPerStorageAccounts             = 60
-	storageAccountUtilizationBeforeGrowing = 0.5
-	storageAccountsCountInit               = 2 // When the plug-in is init-ed, 2 storage accounts will be created to allow fast pvc create/attach/mount
 
-	maxLUN               = 64 // max number of LUNs per VM
-	errLeaseFailed       = "AcquireDiskLeaseFailed"
-	errLeaseIDMissing    = "LeaseIdMissing"
-	errContainerNotFound = "ContainerNotFound"
-	errDiskBlobNotFound  = "DiskBlobNotFound"
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/kubernetes/pkg/cloudprovider"
 )
 
-var defaultBackOff = kwait.Backoff{
-	Steps:    20,
-	Duration: 2 * time.Second,
-	Factor:   1.5,
-	Jitter:   0.0,
-}
-
-type controllerCommon struct {
-	tenantID              string
-	subscriptionID        string
-	location              string
-	storageEndpointSuffix string
-	resourceGroup         string
-	clientID              string
-	clientSecret          string
-	managementEndpoint    string
-	tokenEndPoint         string
-	aadResourceEndPoint   string
-	aadToken              string
-	expiresOn             time.Time
-	cloud                 *Cloud
-}
-
 // AttachDisk attaches a vhd to vm
 // the vhd must exist, can be identified by diskName, diskURI, and lun.
-func (c *controllerCommon) AttachDisk(isManagedDisk bool, diskName, diskURI string, nodeName types.NodeName, lun int32, cachingMode compute.CachingTypes) error {
-	vm, err := c.cloud.getVirtualMachine(nodeName)
+func (as *availabilitySet) AttachDisk(isManagedDisk bool, diskName, diskURI string, nodeName types.NodeName, lun int32, cachingMode compute.CachingTypes) error {
+	vm, err := as.getVirtualMachine(nodeName)
 	if err != nil {
 		return err
 	}
@@ -111,17 +69,16 @@ func (c *controllerCommon) AttachDisk(isManagedDisk bool, diskName, diskURI stri
 		},
 	}
 	vmName := mapNodeNameToVMName(nodeName)
-	glog.V(2).Infof("azureDisk - update(%s): vm(%s) - attach disk", c.resourceGroup, vmName)
-	c.cloud.operationPollRateLimiter.Accept()
-	respChan, errChan := c.cloud.VirtualMachinesClient.CreateOrUpdate(c.resourceGroup, vmName, newVM, nil)
+	glog.V(2).Infof("azureDisk - update(%s): vm(%s) - attach disk", as.resourceGroup, vmName)
+	respChan, errChan := as.VirtualMachinesClient.CreateOrUpdate(as.resourceGroup, vmName, newVM, nil)
 	resp := <-respChan
 	err = <-errChan
-	if c.cloud.CloudProviderBackoff && shouldRetryAPIRequest(resp.Response, err) {
-		glog.V(2).Infof("azureDisk - update(%s) backing off: vm(%s)", c.resourceGroup, vmName)
-		retryErr := c.cloud.CreateOrUpdateVMWithRetry(vmName, newVM)
+	if as.CloudProviderBackoff && shouldRetryAPIRequest(resp.Response, err) {
+		glog.V(2).Infof("azureDisk - update(%s) backing off: vm(%s)", as.resourceGroup, vmName)
+		retryErr := as.CreateOrUpdateVMWithRetry(vmName, newVM)
 		if retryErr != nil {
 			err = retryErr
-			glog.V(2).Infof("azureDisk - update(%s) abort backoff: vm(%s)", c.resourceGroup, vmName)
+			glog.V(2).Infof("azureDisk - update(%s) abort backoff: vm(%s)", as.resourceGroup, vmName)
 		}
 	}
 	if err != nil {
@@ -130,20 +87,20 @@ func (c *controllerCommon) AttachDisk(isManagedDisk bool, diskName, diskURI stri
 		if strings.Contains(detail, errLeaseFailed) || strings.Contains(detail, errDiskBlobNotFound) {
 			// if lease cannot be acquired or disk not found, immediately detach the disk and return the original error
 			glog.Infof("azureDisk - err %s, try detach", detail)
-			c.cloud.DetachDiskByName(diskName, diskURI, nodeName)
+			as.DetachDiskByName(diskName, diskURI, nodeName)
 		}
 	} else {
-		glog.V(4).Infof("azureDisk - azure attach succeeded")
+		glog.V(4).Info("azureDisk - azure attach succeeded")
 		// Invalidate the cache right after updating
-		vmCache.Delete(vmName)
+		as.cloud.vmCache.Delete(vmName)
 	}
 	return err
 }
 
 // DetachDiskByName detaches a vhd from host
 // the vhd can be identified by diskName or diskURI
-func (c *controllerCommon) DetachDiskByName(diskName, diskURI string, nodeName types.NodeName) error {
-	vm, err := c.cloud.getVirtualMachine(nodeName)
+func (as *availabilitySet) DetachDiskByName(diskName, diskURI string, nodeName types.NodeName) error {
+	vm, err := as.getVirtualMachine(nodeName)
 	if err != nil {
 		// if host doesn't exist, no need to detach
 		glog.Warningf("azureDisk - cannot find node %s, skip detaching disk %s", nodeName, diskName)
@@ -177,32 +134,31 @@ func (c *controllerCommon) DetachDiskByName(diskName, diskURI string, nodeName t
 		},
 	}
 	vmName := mapNodeNameToVMName(nodeName)
-	glog.V(2).Infof("azureDisk - update(%s): vm(%s) - detach disk", c.resourceGroup, vmName)
-	c.cloud.operationPollRateLimiter.Accept()
-	respChan, errChan := c.cloud.VirtualMachinesClient.CreateOrUpdate(c.resourceGroup, vmName, newVM, nil)
+	glog.V(2).Infof("azureDisk - update(%s): vm(%s) - detach disk", as.resourceGroup, vmName)
+	respChan, errChan := as.VirtualMachinesClient.CreateOrUpdate(as.resourceGroup, vmName, newVM, nil)
 	resp := <-respChan
 	err = <-errChan
-	if c.cloud.CloudProviderBackoff && shouldRetryAPIRequest(resp.Response, err) {
-		glog.V(2).Infof("azureDisk - update(%s) backing off: vm(%s)", c.resourceGroup, vmName)
-		retryErr := c.cloud.CreateOrUpdateVMWithRetry(vmName, newVM)
+	if as.CloudProviderBackoff && shouldRetryAPIRequest(resp.Response, err) {
+		glog.V(2).Infof("azureDisk - update(%s) backing off: vm(%s)", as.resourceGroup, vmName)
+		retryErr := as.CreateOrUpdateVMWithRetry(vmName, newVM)
 		if retryErr != nil {
 			err = retryErr
-			glog.V(2).Infof("azureDisk - update(%s) abort backoff: vm(%s)", c.cloud.ResourceGroup, vmName)
+			glog.V(2).Infof("azureDisk - update(%s) abort backoff: vm(%s)", as.ResourceGroup, vmName)
 		}
 	}
 	if err != nil {
 		glog.Errorf("azureDisk - azure disk detach failed, err: %v", err)
 	} else {
-		glog.V(4).Infof("azureDisk - azure disk detach succeeded")
+		glog.V(4).Info("azureDisk - azure disk detach succeeded")
 		// Invalidate the cache right after updating
-		vmCache.Delete(vmName)
+		as.cloud.vmCache.Delete(vmName)
 	}
 	return err
 }
 
 // GetDiskLun finds the lun on the host that the vhd is attached to, given a vhd's diskName and diskURI
-func (c *controllerCommon) GetDiskLun(diskName, diskURI string, nodeName types.NodeName) (int32, error) {
-	vm, err := c.cloud.getVirtualMachine(nodeName)
+func (as *availabilitySet) GetDiskLun(diskName, diskURI string, nodeName types.NodeName) (int32, error) {
+	vm, err := as.getVirtualMachine(nodeName)
 	if err != nil {
 		return -1, err
 	}
@@ -221,8 +177,8 @@ func (c *controllerCommon) GetDiskLun(diskName, diskURI string, nodeName types.N
 
 // GetNextDiskLun searches all vhd attachment on the host and find unused lun
 // return -1 if all luns are used
-func (c *controllerCommon) GetNextDiskLun(nodeName types.NodeName) (int32, error) {
-	vm, err := c.cloud.getVirtualMachine(nodeName)
+func (as *availabilitySet) GetNextDiskLun(nodeName types.NodeName) (int32, error) {
+	vm, err := as.getVirtualMachine(nodeName)
 	if err != nil {
 		return -1, err
 	}
@@ -242,12 +198,12 @@ func (c *controllerCommon) GetNextDiskLun(nodeName types.NodeName) (int32, error
 }
 
 // DisksAreAttached checks if a list of volumes are attached to the node with the specified NodeName
-func (c *controllerCommon) DisksAreAttached(diskNames []string, nodeName types.NodeName) (map[string]bool, error) {
+func (as *availabilitySet) DisksAreAttached(diskNames []string, nodeName types.NodeName) (map[string]bool, error) {
 	attached := make(map[string]bool)
 	for _, diskName := range diskNames {
 		attached[diskName] = false
 	}
-	vm, err := c.cloud.getVirtualMachine(nodeName)
+	vm, err := as.getVirtualMachine(nodeName)
 	if err == cloudprovider.InstanceNotFound {
 		// if host doesn't exist, no need to detach
 		glog.Warningf("azureDisk - Cannot find node %q, DisksAreAttached will assume disks %v are not attached to it.",
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_controller_vmss.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_controller_vmss.go
new file mode 100644
index 000000000000..ea07a8a30c75
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_controller_vmss.go
@@ -0,0 +1,214 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package azure
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/Azure/azure-sdk-for-go/arm/compute"
+	computepreview "github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute"
+	"github.com/golang/glog"
+
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/kubernetes/pkg/cloudprovider"
+)
+
+// AttachDisk attaches a vhd to vm
+// the vhd must exist, can be identified by diskName, diskURI, and lun.
+func (ss *scaleSet) AttachDisk(isManagedDisk bool, diskName, diskURI string, nodeName types.NodeName, lun int32, cachingMode compute.CachingTypes) error {
+	ssName, instanceID, vm, err := ss.getVmssVM(string(nodeName))
+	if err != nil {
+		return err
+	}
+
+	disks := *vm.StorageProfile.DataDisks
+	if isManagedDisk {
+		disks = append(disks,
+			computepreview.DataDisk{
+				Name:         &diskName,
+				Lun:          &lun,
+				Caching:      computepreview.CachingTypes(cachingMode),
+				CreateOption: "attach",
+				ManagedDisk: &computepreview.ManagedDiskParameters{
+					ID: &diskURI,
+				},
+			})
+	} else {
+		disks = append(disks,
+			computepreview.DataDisk{
+				Name: &diskName,
+				Vhd: &computepreview.VirtualHardDisk{
+					URI: &diskURI,
+				},
+				Lun:          &lun,
+				Caching:      computepreview.CachingTypes(cachingMode),
+				CreateOption: "attach",
+			})
+	}
+	vm.StorageProfile.DataDisks = &disks
+
+	ctx, cancel := getContextWithCancel()
+	defer cancel()
+	glog.V(2).Infof("azureDisk - update(%s): vm(%s) - attach disk", ss.resourceGroup, nodeName)
+	resp, err := ss.VirtualMachineScaleSetVMsClient.Update(ctx, ss.resourceGroup, ssName, instanceID, vm)
+	if ss.CloudProviderBackoff && shouldRetryHTTPRequest(resp, err) {
+		glog.V(2).Infof("azureDisk - update(%s) backing off: vm(%s)", ss.resourceGroup, nodeName)
+		retryErr := ss.UpdateVmssVMWithRetry(ctx, ss.resourceGroup, ssName, instanceID, vm)
+		if retryErr != nil {
+			err = retryErr
+			glog.V(2).Infof("azureDisk - update(%s) abort backoff: vm(%s)", ss.resourceGroup, nodeName)
+		}
+	}
+	if err != nil {
+		detail := err.Error()
+		if strings.Contains(detail, errLeaseFailed) || strings.Contains(detail, errDiskBlobNotFound) {
+			// if lease cannot be acquired or disk not found, immediately detach the disk and return the original error
+			glog.Infof("azureDisk - err %s, try detach", detail)
+			ss.DetachDiskByName(diskName, diskURI, nodeName)
+		}
+	} else {
+		glog.V(4).Info("azureDisk - azure attach succeeded")
+		// Invalidate the cache right after updating
+		ss.vmssVMCache.Delete(ss.makeVmssVMName(ssName, instanceID))
+	}
+	return err
+}
+
+// DetachDiskByName detaches a vhd from host
+// the vhd can be identified by diskName or diskURI
+func (ss *scaleSet) DetachDiskByName(diskName, diskURI string, nodeName types.NodeName) error {
+	ssName, instanceID, vm, err := ss.getVmssVM(string(nodeName))
+	if err != nil {
+		return err
+	}
+
+	disks := *vm.StorageProfile.DataDisks
+	bFoundDisk := false
+	for i, disk := range disks {
+		if disk.Lun != nil && (disk.Name != nil && diskName != "" && *disk.Name == diskName) ||
+			(disk.Vhd != nil && disk.Vhd.URI != nil && diskURI != "" && *disk.Vhd.URI == diskURI) ||
+			(disk.ManagedDisk != nil && diskURI != "" && *disk.ManagedDisk.ID == diskURI) {
+			// found the disk
+			glog.V(4).Infof("azureDisk - detach disk: name %q uri %q", diskName, diskURI)
+			disks = append(disks[:i], disks[i+1:]...)
+			bFoundDisk = true
+			break
+		}
+	}
+
+	if !bFoundDisk {
+		return fmt.Errorf("detach azure disk failure, disk %s not found, diskURI: %s", diskName, diskURI)
+	}
+
+	vm.StorageProfile.DataDisks = &disks
+	ctx, cancel := getContextWithCancel()
+	defer cancel()
+	glog.V(2).Infof("azureDisk - update(%s): vm(%s) - detach disk", ss.resourceGroup, nodeName)
+	resp, err := ss.VirtualMachineScaleSetVMsClient.Update(ctx, ss.resourceGroup, ssName, instanceID, vm)
+	if ss.CloudProviderBackoff && shouldRetryHTTPRequest(resp, err) {
+		glog.V(2).Infof("azureDisk - update(%s) backing off: vm(%s)", ss.resourceGroup, nodeName)
+		retryErr := ss.UpdateVmssVMWithRetry(ctx, ss.resourceGroup, ssName, instanceID, vm)
+		if retryErr != nil {
+			err = retryErr
+			glog.V(2).Infof("azureDisk - update(%s) abort backoff: vm(%s)", ss.resourceGroup, nodeName)
+		}
+	}
+	if err != nil {
+		glog.Errorf("azureDisk - azure disk detach %q from %s failed, err: %v", diskName, nodeName, err)
+	} else {
+		glog.V(4).Info("azureDisk - azure detach succeeded")
+		// Invalidate the cache right after updating
+		ss.vmssVMCache.Delete(ss.makeVmssVMName(ssName, instanceID))
+	}
+
+	return err
+}
+
+// GetDiskLun finds the lun on the host that the vhd is attached to, given a vhd's diskName and diskURI
+func (ss *scaleSet) GetDiskLun(diskName, diskURI string, nodeName types.NodeName) (int32, error) {
+	_, _, vm, err := ss.getVmssVM(string(nodeName))
+	if err != nil {
+		return -1, err
+	}
+
+	disks := *vm.StorageProfile.DataDisks
+	for _, disk := range disks {
+		if disk.Lun != nil && (disk.Name != nil && diskName != "" && *disk.Name == diskName) ||
+			(disk.Vhd != nil && disk.Vhd.URI != nil && diskURI != "" && *disk.Vhd.URI == diskURI) ||
+			(disk.ManagedDisk != nil && *disk.ManagedDisk.ID == diskURI) {
+			// found the disk
+			glog.V(4).Infof("azureDisk - find disk: lun %d name %q uri %q", *disk.Lun, diskName, diskURI)
+			return *disk.Lun, nil
+		}
+	}
+	return -1, fmt.Errorf("Cannot find Lun for disk %s", diskName)
+}
+
+// GetNextDiskLun searches all vhd attachment on the host and find unused lun
+// return -1 if all luns are used
+func (ss *scaleSet) GetNextDiskLun(nodeName types.NodeName) (int32, error) {
+	_, _, vm, err := ss.getVmssVM(string(nodeName))
+	if err != nil {
+		return -1, err
+	}
+
+	used := make([]bool, maxLUN)
+	disks := *vm.StorageProfile.DataDisks
+	for _, disk := range disks {
+		if disk.Lun != nil {
+			used[*disk.Lun] = true
+		}
+	}
+	for k, v := range used {
+		if !v {
+			return int32(k), nil
+		}
+	}
+	return -1, fmt.Errorf("All Luns are used")
+}
+
+// DisksAreAttached checks if a list of volumes are attached to the node with the specified NodeName
+func (ss *scaleSet) DisksAreAttached(diskNames []string, nodeName types.NodeName) (map[string]bool, error) {
+	attached := make(map[string]bool)
+	for _, diskName := range diskNames {
+		attached[diskName] = false
+	}
+
+	_, _, vm, err := ss.getVmssVM(string(nodeName))
+	if err != nil {
+		if err == cloudprovider.InstanceNotFound {
+			// if host doesn't exist, no need to detach
+			glog.Warningf("azureDisk - Cannot find node %q, DisksAreAttached will assume disks %v are not attached to it.",
+				nodeName, diskNames)
+			return attached, nil
+		}
+
+		return attached, err
+	}
+
+	disks := *vm.StorageProfile.DataDisks
+	for _, disk := range disks {
+		for _, diskName := range diskNames {
+			if disk.Name != nil && diskName != "" && *disk.Name == diskName {
+				attached[diskName] = true
+			}
+		}
+	}
+
+	return attached, nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_fakes.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_fakes.go
index 1bc0d0c811d5..69be811de3a4 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_fakes.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_fakes.go
@@ -17,6 +17,7 @@ limitations under the License.
 package azure
 
 import (
+	"context"
 	"fmt"
 	"math/rand"
 	"net/http"
@@ -24,11 +25,17 @@ import (
 	"sync"
 	"time"
 
-	"github.com/Azure/go-autorest/autorest/to"
+	"k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/kubernetes/pkg/cloudprovider"
 
 	"github.com/Azure/azure-sdk-for-go/arm/compute"
+	"github.com/Azure/azure-sdk-for-go/arm/disk"
 	"github.com/Azure/azure-sdk-for-go/arm/network"
+	"github.com/Azure/azure-sdk-for-go/arm/storage"
+	computepreview "github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute"
 	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/to"
 )
 
 type fakeAzureLBClient struct {
@@ -36,14 +43,14 @@ type fakeAzureLBClient struct {
 	FakeStore map[string]map[string]network.LoadBalancer
 }
 
-func newFakeAzureLBClient() fakeAzureLBClient {
-	fLBC := fakeAzureLBClient{}
+func newFakeAzureLBClient() *fakeAzureLBClient {
+	fLBC := &fakeAzureLBClient{}
 	fLBC.FakeStore = make(map[string]map[string]network.LoadBalancer)
 	fLBC.mutex = &sync.Mutex{}
 	return fLBC
 }
 
-func (fLBC fakeAzureLBClient) CreateOrUpdate(resourceGroupName string, loadBalancerName string, parameters network.LoadBalancer, cancel <-chan struct{}) (<-chan network.LoadBalancer, <-chan error) {
+func (fLBC *fakeAzureLBClient) CreateOrUpdate(resourceGroupName string, loadBalancerName string, parameters network.LoadBalancer, cancel <-chan struct{}) (<-chan network.LoadBalancer, <-chan error) {
 	fLBC.mutex.Lock()
 	defer fLBC.mutex.Unlock()
 	resultChan := make(chan network.LoadBalancer, 1)
@@ -65,7 +72,7 @@ func (fLBC fakeAzureLBClient) CreateOrUpdate(resourceGroupName string, loadBalan
 		for idx, config := range *parameters.FrontendIPConfigurations {
 			if config.PrivateIPAllocationMethod == network.Dynamic {
 				// Here we randomly assign an ip as private ip
-				// It dosen't smart enough to know whether it is in the subnet's range
+				// It doesn't smart enough to know whether it is in the subnet's range
 				(*parameters.FrontendIPConfigurations)[idx].PrivateIPAddress = getRandomIPPtr()
 			}
 		}
@@ -79,7 +86,7 @@ func (fLBC fakeAzureLBClient) CreateOrUpdate(resourceGroupName string, loadBalan
 	return resultChan, errChan
 }
 
-func (fLBC fakeAzureLBClient) Delete(resourceGroupName string, loadBalancerName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error) {
+func (fLBC *fakeAzureLBClient) Delete(resourceGroupName string, loadBalancerName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error) {
 	fLBC.mutex.Lock()
 	defer fLBC.mutex.Unlock()
 	respChan := make(chan autorest.Response, 1)
@@ -112,7 +119,7 @@ func (fLBC fakeAzureLBClient) Delete(resourceGroupName string, loadBalancerName
 	return respChan, errChan
 }
 
-func (fLBC fakeAzureLBClient) Get(resourceGroupName string, loadBalancerName string, expand string) (result network.LoadBalancer, err error) {
+func (fLBC *fakeAzureLBClient) Get(resourceGroupName string, loadBalancerName string, expand string) (result network.LoadBalancer, err error) {
 	fLBC.mutex.Lock()
 	defer fLBC.mutex.Unlock()
 	if _, ok := fLBC.FakeStore[resourceGroupName]; ok {
@@ -126,7 +133,7 @@ func (fLBC fakeAzureLBClient) Get(resourceGroupName string, loadBalancerName str
 	}
 }
 
-func (fLBC fakeAzureLBClient) List(resourceGroupName string) (result network.LoadBalancerListResult, err error) {
+func (fLBC *fakeAzureLBClient) List(resourceGroupName string) (result network.LoadBalancerListResult, err error) {
 	fLBC.mutex.Lock()
 	defer fLBC.mutex.Unlock()
 	var value []network.LoadBalancer
@@ -143,7 +150,7 @@ func (fLBC fakeAzureLBClient) List(resourceGroupName string) (result network.Loa
 	return result, nil
 }
 
-func (fLBC fakeAzureLBClient) ListNextResults(lastResult network.LoadBalancerListResult) (result network.LoadBalancerListResult, err error) {
+func (fLBC *fakeAzureLBClient) ListNextResults(resourceGroupName string, lastResult network.LoadBalancerListResult) (result network.LoadBalancerListResult, err error) {
 	fLBC.mutex.Lock()
 	defer fLBC.mutex.Unlock()
 	result.Response.Response = &http.Response{
@@ -171,15 +178,15 @@ func getpublicIPAddressID(subscriptionID string, resourceGroupName, pipName stri
 		pipName)
 }
 
-func newFakeAzurePIPClient(subscriptionID string) fakeAzurePIPClient {
-	fAPC := fakeAzurePIPClient{}
+func newFakeAzurePIPClient(subscriptionID string) *fakeAzurePIPClient {
+	fAPC := &fakeAzurePIPClient{}
 	fAPC.FakeStore = make(map[string]map[string]network.PublicIPAddress)
 	fAPC.SubscriptionID = subscriptionID
 	fAPC.mutex = &sync.Mutex{}
 	return fAPC
 }
 
-func (fAPC fakeAzurePIPClient) CreateOrUpdate(resourceGroupName string, publicIPAddressName string, parameters network.PublicIPAddress, cancel <-chan struct{}) (<-chan network.PublicIPAddress, <-chan error) {
+func (fAPC *fakeAzurePIPClient) CreateOrUpdate(resourceGroupName string, publicIPAddressName string, parameters network.PublicIPAddress, cancel <-chan struct{}) (<-chan network.PublicIPAddress, <-chan error) {
 	fAPC.mutex.Lock()
 	defer fAPC.mutex.Unlock()
 	resultChan := make(chan network.PublicIPAddress, 1)
@@ -216,7 +223,7 @@ func (fAPC fakeAzurePIPClient) CreateOrUpdate(resourceGroupName string, publicIP
 	return resultChan, errChan
 }
 
-func (fAPC fakeAzurePIPClient) Delete(resourceGroupName string, publicIPAddressName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error) {
+func (fAPC *fakeAzurePIPClient) Delete(resourceGroupName string, publicIPAddressName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error) {
 	fAPC.mutex.Lock()
 	defer fAPC.mutex.Unlock()
 	respChan := make(chan autorest.Response, 1)
@@ -249,7 +256,7 @@ func (fAPC fakeAzurePIPClient) Delete(resourceGroupName string, publicIPAddressN
 	return respChan, errChan
 }
 
-func (fAPC fakeAzurePIPClient) Get(resourceGroupName string, publicIPAddressName string, expand string) (result network.PublicIPAddress, err error) {
+func (fAPC *fakeAzurePIPClient) Get(resourceGroupName string, publicIPAddressName string, expand string) (result network.PublicIPAddress, err error) {
 	fAPC.mutex.Lock()
 	defer fAPC.mutex.Unlock()
 	if _, ok := fAPC.FakeStore[resourceGroupName]; ok {
@@ -263,13 +270,13 @@ func (fAPC fakeAzurePIPClient) Get(resourceGroupName string, publicIPAddressName
 	}
 }
 
-func (fAPC fakeAzurePIPClient) ListNextResults(lastResults network.PublicIPAddressListResult) (result network.PublicIPAddressListResult, err error) {
+func (fAPC *fakeAzurePIPClient) ListNextResults(resourceGroupName string, lastResults network.PublicIPAddressListResult) (result network.PublicIPAddressListResult, err error) {
 	fAPC.mutex.Lock()
 	defer fAPC.mutex.Unlock()
 	return network.PublicIPAddressListResult{}, nil
 }
 
-func (fAPC fakeAzurePIPClient) List(resourceGroupName string) (result network.PublicIPAddressListResult, err error) {
+func (fAPC *fakeAzurePIPClient) List(resourceGroupName string) (result network.PublicIPAddressListResult, err error) {
 	fAPC.mutex.Lock()
 	defer fAPC.mutex.Unlock()
 	var value []network.PublicIPAddress
@@ -291,15 +298,15 @@ type fakeAzureInterfacesClient struct {
 	FakeStore map[string]map[string]network.Interface
 }
 
-func newFakeAzureInterfacesClient() fakeAzureInterfacesClient {
-	fIC := fakeAzureInterfacesClient{}
+func newFakeAzureInterfacesClient() *fakeAzureInterfacesClient {
+	fIC := &fakeAzureInterfacesClient{}
 	fIC.FakeStore = make(map[string]map[string]network.Interface)
 	fIC.mutex = &sync.Mutex{}
 
 	return fIC
 }
 
-func (fIC fakeAzureInterfacesClient) CreateOrUpdate(resourceGroupName string, networkInterfaceName string, parameters network.Interface, cancel <-chan struct{}) (<-chan network.Interface, <-chan error) {
+func (fIC *fakeAzureInterfacesClient) CreateOrUpdate(resourceGroupName string, networkInterfaceName string, parameters network.Interface, cancel <-chan struct{}) (<-chan network.Interface, <-chan error) {
 	fIC.mutex.Lock()
 	defer fIC.mutex.Unlock()
 	resultChan := make(chan network.Interface, 1)
@@ -325,7 +332,7 @@ func (fIC fakeAzureInterfacesClient) CreateOrUpdate(resourceGroupName string, ne
 	return resultChan, errChan
 }
 
-func (fIC fakeAzureInterfacesClient) Get(resourceGroupName string, networkInterfaceName string, expand string) (result network.Interface, err error) {
+func (fIC *fakeAzureInterfacesClient) Get(resourceGroupName string, networkInterfaceName string, expand string) (result network.Interface, err error) {
 	fIC.mutex.Lock()
 	defer fIC.mutex.Unlock()
 	if _, ok := fIC.FakeStore[resourceGroupName]; ok {
@@ -339,7 +346,7 @@ func (fIC fakeAzureInterfacesClient) Get(resourceGroupName string, networkInterf
 	}
 }
 
-func (fIC fakeAzureInterfacesClient) GetVirtualMachineScaleSetNetworkInterface(resourceGroupName string, virtualMachineScaleSetName string, virtualmachineIndex string, networkInterfaceName string, expand string) (result network.Interface, err error) {
+func (fIC *fakeAzureInterfacesClient) GetVirtualMachineScaleSetNetworkInterface(resourceGroupName string, virtualMachineScaleSetName string, virtualmachineIndex string, networkInterfaceName string, expand string) (result network.Interface, err error) {
 	return result, nil
 }
 
@@ -348,14 +355,14 @@ type fakeAzureVirtualMachinesClient struct {
 	FakeStore map[string]map[string]compute.VirtualMachine
 }
 
-func newFakeAzureVirtualMachinesClient() fakeAzureVirtualMachinesClient {
-	fVMC := fakeAzureVirtualMachinesClient{}
+func newFakeAzureVirtualMachinesClient() *fakeAzureVirtualMachinesClient {
+	fVMC := &fakeAzureVirtualMachinesClient{}
 	fVMC.FakeStore = make(map[string]map[string]compute.VirtualMachine)
 	fVMC.mutex = &sync.Mutex{}
 	return fVMC
 }
 
-func (fVMC fakeAzureVirtualMachinesClient) CreateOrUpdate(resourceGroupName string, VMName string, parameters compute.VirtualMachine, cancel <-chan struct{}) (<-chan compute.VirtualMachine, <-chan error) {
+func (fVMC *fakeAzureVirtualMachinesClient) CreateOrUpdate(resourceGroupName string, VMName string, parameters compute.VirtualMachine, cancel <-chan struct{}) (<-chan compute.VirtualMachine, <-chan error) {
 	fVMC.mutex.Lock()
 	defer fVMC.mutex.Unlock()
 	resultChan := make(chan compute.VirtualMachine, 1)
@@ -380,7 +387,7 @@ func (fVMC fakeAzureVirtualMachinesClient) CreateOrUpdate(resourceGroupName stri
 	return resultChan, errChan
 }
 
-func (fVMC fakeAzureVirtualMachinesClient) Get(resourceGroupName string, VMName string, expand compute.InstanceViewTypes) (result compute.VirtualMachine, err error) {
+func (fVMC *fakeAzureVirtualMachinesClient) Get(resourceGroupName string, VMName string, expand compute.InstanceViewTypes) (result compute.VirtualMachine, err error) {
 	fVMC.mutex.Lock()
 	defer fVMC.mutex.Unlock()
 	if _, ok := fVMC.FakeStore[resourceGroupName]; ok {
@@ -394,7 +401,7 @@ func (fVMC fakeAzureVirtualMachinesClient) Get(resourceGroupName string, VMName
 	}
 }
 
-func (fVMC fakeAzureVirtualMachinesClient) List(resourceGroupName string) (result compute.VirtualMachineListResult, err error) {
+func (fVMC *fakeAzureVirtualMachinesClient) List(resourceGroupName string) (result compute.VirtualMachineListResult, err error) {
 	fVMC.mutex.Lock()
 	defer fVMC.mutex.Unlock()
 	var value []compute.VirtualMachine
@@ -410,7 +417,7 @@ func (fVMC fakeAzureVirtualMachinesClient) List(resourceGroupName string) (resul
 	result.Value = &value
 	return result, nil
 }
-func (fVMC fakeAzureVirtualMachinesClient) ListNextResults(lastResults compute.VirtualMachineListResult) (result compute.VirtualMachineListResult, err error) {
+func (fVMC *fakeAzureVirtualMachinesClient) ListNextResults(resourceGroupName string, lastResults compute.VirtualMachineListResult) (result compute.VirtualMachineListResult, err error) {
 	fVMC.mutex.Lock()
 	defer fVMC.mutex.Unlock()
 	return compute.VirtualMachineListResult{}, nil
@@ -421,14 +428,14 @@ type fakeAzureSubnetsClient struct {
 	FakeStore map[string]map[string]network.Subnet
 }
 
-func newFakeAzureSubnetsClient() fakeAzureSubnetsClient {
-	fASC := fakeAzureSubnetsClient{}
+func newFakeAzureSubnetsClient() *fakeAzureSubnetsClient {
+	fASC := &fakeAzureSubnetsClient{}
 	fASC.FakeStore = make(map[string]map[string]network.Subnet)
 	fASC.mutex = &sync.Mutex{}
 	return fASC
 }
 
-func (fASC fakeAzureSubnetsClient) CreateOrUpdate(resourceGroupName string, virtualNetworkName string, subnetName string, subnetParameters network.Subnet, cancel <-chan struct{}) (<-chan network.Subnet, <-chan error) {
+func (fASC *fakeAzureSubnetsClient) CreateOrUpdate(resourceGroupName string, virtualNetworkName string, subnetName string, subnetParameters network.Subnet, cancel <-chan struct{}) (<-chan network.Subnet, <-chan error) {
 	fASC.mutex.Lock()
 	defer fASC.mutex.Unlock()
 	resultChan := make(chan network.Subnet, 1)
@@ -454,7 +461,7 @@ func (fASC fakeAzureSubnetsClient) CreateOrUpdate(resourceGroupName string, virt
 	return resultChan, errChan
 }
 
-func (fASC fakeAzureSubnetsClient) Delete(resourceGroupName string, virtualNetworkName string, subnetName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error) {
+func (fASC *fakeAzureSubnetsClient) Delete(resourceGroupName string, virtualNetworkName string, subnetName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error) {
 	fASC.mutex.Lock()
 	defer fASC.mutex.Unlock()
 	respChan := make(chan autorest.Response, 1)
@@ -488,7 +495,7 @@ func (fASC fakeAzureSubnetsClient) Delete(resourceGroupName string, virtualNetwo
 	}
 	return respChan, errChan
 }
-func (fASC fakeAzureSubnetsClient) Get(resourceGroupName string, virtualNetworkName string, subnetName string, expand string) (result network.Subnet, err error) {
+func (fASC *fakeAzureSubnetsClient) Get(resourceGroupName string, virtualNetworkName string, subnetName string, expand string) (result network.Subnet, err error) {
 	fASC.mutex.Lock()
 	defer fASC.mutex.Unlock()
 	rgVnet := strings.Join([]string{resourceGroupName, virtualNetworkName}, "AND")
@@ -502,7 +509,7 @@ func (fASC fakeAzureSubnetsClient) Get(resourceGroupName string, virtualNetworkN
 		Message:    "Not such Subnet",
 	}
 }
-func (fASC fakeAzureSubnetsClient) List(resourceGroupName string, virtualNetworkName string) (result network.SubnetListResult, err error) {
+func (fASC *fakeAzureSubnetsClient) List(resourceGroupName string, virtualNetworkName string) (result network.SubnetListResult, err error) {
 	fASC.mutex.Lock()
 	defer fASC.mutex.Unlock()
 	rgVnet := strings.Join([]string{resourceGroupName, virtualNetworkName}, "AND")
@@ -525,14 +532,14 @@ type fakeAzureNSGClient struct {
 	FakeStore map[string]map[string]network.SecurityGroup
 }
 
-func newFakeAzureNSGClient() fakeAzureNSGClient {
-	fNSG := fakeAzureNSGClient{}
+func newFakeAzureNSGClient() *fakeAzureNSGClient {
+	fNSG := &fakeAzureNSGClient{}
 	fNSG.FakeStore = make(map[string]map[string]network.SecurityGroup)
 	fNSG.mutex = &sync.Mutex{}
 	return fNSG
 }
 
-func (fNSG fakeAzureNSGClient) CreateOrUpdate(resourceGroupName string, networkSecurityGroupName string, parameters network.SecurityGroup, cancel <-chan struct{}) (<-chan network.SecurityGroup, <-chan error) {
+func (fNSG *fakeAzureNSGClient) CreateOrUpdate(resourceGroupName string, networkSecurityGroupName string, parameters network.SecurityGroup, cancel <-chan struct{}) (<-chan network.SecurityGroup, <-chan error) {
 	fNSG.mutex.Lock()
 	defer fNSG.mutex.Unlock()
 	resultChan := make(chan network.SecurityGroup, 1)
@@ -557,7 +564,7 @@ func (fNSG fakeAzureNSGClient) CreateOrUpdate(resourceGroupName string, networkS
 	return resultChan, errChan
 }
 
-func (fNSG fakeAzureNSGClient) Delete(resourceGroupName string, networkSecurityGroupName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error) {
+func (fNSG *fakeAzureNSGClient) Delete(resourceGroupName string, networkSecurityGroupName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error) {
 	fNSG.mutex.Lock()
 	defer fNSG.mutex.Unlock()
 	respChan := make(chan autorest.Response, 1)
@@ -590,7 +597,7 @@ func (fNSG fakeAzureNSGClient) Delete(resourceGroupName string, networkSecurityG
 	return respChan, errChan
 }
 
-func (fNSG fakeAzureNSGClient) Get(resourceGroupName string, networkSecurityGroupName string, expand string) (result network.SecurityGroup, err error) {
+func (fNSG *fakeAzureNSGClient) Get(resourceGroupName string, networkSecurityGroupName string, expand string) (result network.SecurityGroup, err error) {
 	fNSG.mutex.Lock()
 	defer fNSG.mutex.Unlock()
 	if _, ok := fNSG.FakeStore[resourceGroupName]; ok {
@@ -604,7 +611,7 @@ func (fNSG fakeAzureNSGClient) Get(resourceGroupName string, networkSecurityGrou
 	}
 }
 
-func (fNSG fakeAzureNSGClient) List(resourceGroupName string) (result network.SecurityGroupListResult, err error) {
+func (fNSG *fakeAzureNSGClient) List(resourceGroupName string) (result network.SecurityGroupListResult, err error) {
 	fNSG.mutex.Lock()
 	defer fNSG.mutex.Unlock()
 	var value []network.SecurityGroup
@@ -625,3 +632,556 @@ func getRandomIPPtr() *string {
 	rand.Seed(time.Now().UnixNano())
 	return to.StringPtr(fmt.Sprintf("%d.%d.%d.%d", rand.Intn(256), rand.Intn(256), rand.Intn(256), rand.Intn(256)))
 }
+
+type fakeVirtualMachineScaleSetVMsClient struct {
+	mutex     *sync.Mutex
+	FakeStore map[string]map[string]computepreview.VirtualMachineScaleSetVM
+}
+
+func newFakeVirtualMachineScaleSetVMsClient() *fakeVirtualMachineScaleSetVMsClient {
+	fVMC := &fakeVirtualMachineScaleSetVMsClient{}
+	fVMC.FakeStore = make(map[string]map[string]computepreview.VirtualMachineScaleSetVM)
+	fVMC.mutex = &sync.Mutex{}
+
+	return fVMC
+}
+
+func (fVMC *fakeVirtualMachineScaleSetVMsClient) setFakeStore(store map[string]map[string]computepreview.VirtualMachineScaleSetVM) {
+	fVMC.mutex.Lock()
+	defer fVMC.mutex.Unlock()
+
+	fVMC.FakeStore = store
+}
+
+func (fVMC *fakeVirtualMachineScaleSetVMsClient) List(ctx context.Context, resourceGroupName string, virtualMachineScaleSetName string, filter string, selectParameter string, expand string) (result []computepreview.VirtualMachineScaleSetVM, err error) {
+	fVMC.mutex.Lock()
+	defer fVMC.mutex.Unlock()
+
+	result = []computepreview.VirtualMachineScaleSetVM{}
+	if _, ok := fVMC.FakeStore[resourceGroupName]; ok {
+		for _, v := range fVMC.FakeStore[resourceGroupName] {
+			result = append(result, v)
+		}
+	}
+
+	return result, nil
+}
+
+func (fVMC *fakeVirtualMachineScaleSetVMsClient) Get(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (result computepreview.VirtualMachineScaleSetVM, err error) {
+	fVMC.mutex.Lock()
+	defer fVMC.mutex.Unlock()
+
+	vmKey := fmt.Sprintf("%s_%s", VMScaleSetName, instanceID)
+	if scaleSetMap, ok := fVMC.FakeStore[resourceGroupName]; ok {
+		if entity, ok := scaleSetMap[vmKey]; ok {
+			return entity, nil
+		}
+	}
+
+	return result, autorest.DetailedError{
+		StatusCode: http.StatusNotFound,
+		Message:    "No such VirtualMachineScaleSetVM",
+	}
+}
+
+func (fVMC *fakeVirtualMachineScaleSetVMsClient) GetInstanceView(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string) (result computepreview.VirtualMachineScaleSetVMInstanceView, err error) {
+	_, err = fVMC.Get(ctx, resourceGroupName, VMScaleSetName, instanceID)
+	if err != nil {
+		return result, err
+	}
+
+	return result, nil
+}
+
+func (fVMC *fakeVirtualMachineScaleSetVMsClient) Update(ctx context.Context, resourceGroupName string, VMScaleSetName string, instanceID string, parameters computepreview.VirtualMachineScaleSetVM) (resp *http.Response, err error) {
+	fVMC.mutex.Lock()
+	defer fVMC.mutex.Unlock()
+
+	vmKey := fmt.Sprintf("%s_%s", VMScaleSetName, instanceID)
+	if scaleSetMap, ok := fVMC.FakeStore[resourceGroupName]; ok {
+		if _, ok := scaleSetMap[vmKey]; ok {
+			scaleSetMap[vmKey] = parameters
+		}
+	}
+
+	return nil, nil
+}
+
+type fakeVirtualMachineScaleSetsClient struct {
+	mutex     *sync.Mutex
+	FakeStore map[string]map[string]computepreview.VirtualMachineScaleSet
+}
+
+func newFakeVirtualMachineScaleSetsClient() *fakeVirtualMachineScaleSetsClient {
+	fVMSSC := &fakeVirtualMachineScaleSetsClient{}
+	fVMSSC.FakeStore = make(map[string]map[string]computepreview.VirtualMachineScaleSet)
+	fVMSSC.mutex = &sync.Mutex{}
+
+	return fVMSSC
+}
+
+func (fVMSSC *fakeVirtualMachineScaleSetsClient) setFakeStore(store map[string]map[string]computepreview.VirtualMachineScaleSet) {
+	fVMSSC.mutex.Lock()
+	defer fVMSSC.mutex.Unlock()
+
+	fVMSSC.FakeStore = store
+}
+
+func (fVMSSC *fakeVirtualMachineScaleSetsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, VMScaleSetName string, parameters computepreview.VirtualMachineScaleSet) (resp *http.Response, err error) {
+	fVMSSC.mutex.Lock()
+	defer fVMSSC.mutex.Unlock()
+
+	if _, ok := fVMSSC.FakeStore[resourceGroupName]; !ok {
+		fVMSSC.FakeStore[resourceGroupName] = make(map[string]computepreview.VirtualMachineScaleSet)
+	}
+	fVMSSC.FakeStore[resourceGroupName][VMScaleSetName] = parameters
+
+	return nil, nil
+}
+
+func (fVMSSC *fakeVirtualMachineScaleSetsClient) Get(ctx context.Context, resourceGroupName string, VMScaleSetName string) (result computepreview.VirtualMachineScaleSet, err error) {
+	fVMSSC.mutex.Lock()
+	defer fVMSSC.mutex.Unlock()
+
+	if scaleSetMap, ok := fVMSSC.FakeStore[resourceGroupName]; ok {
+		if entity, ok := scaleSetMap[VMScaleSetName]; ok {
+			return entity, nil
+		}
+	}
+
+	return result, autorest.DetailedError{
+		StatusCode: http.StatusNotFound,
+		Message:    "No such ScaleSet",
+	}
+}
+
+func (fVMSSC *fakeVirtualMachineScaleSetsClient) List(ctx context.Context, resourceGroupName string) (result []computepreview.VirtualMachineScaleSet, err error) {
+	fVMSSC.mutex.Lock()
+	defer fVMSSC.mutex.Unlock()
+
+	result = []computepreview.VirtualMachineScaleSet{}
+	if _, ok := fVMSSC.FakeStore[resourceGroupName]; ok {
+		for _, v := range fVMSSC.FakeStore[resourceGroupName] {
+			result = append(result, v)
+		}
+	}
+
+	return result, nil
+}
+
+func (fVMSSC *fakeVirtualMachineScaleSetsClient) UpdateInstances(ctx context.Context, resourceGroupName string, VMScaleSetName string, VMInstanceIDs computepreview.VirtualMachineScaleSetVMInstanceRequiredIDs) (resp *http.Response, err error) {
+	return nil, nil
+}
+
+type fakeRoutesClient struct {
+	mutex     *sync.Mutex
+	FakeStore map[string]map[string]network.Route
+}
+
+func newFakeRoutesClient() *fakeRoutesClient {
+	fRC := &fakeRoutesClient{}
+	fRC.FakeStore = make(map[string]map[string]network.Route)
+	fRC.mutex = &sync.Mutex{}
+	return fRC
+}
+
+func (fRC *fakeRoutesClient) CreateOrUpdate(resourceGroupName string, routeTableName string, routeName string, routeParameters network.Route, cancel <-chan struct{}) (<-chan network.Route, <-chan error) {
+	fRC.mutex.Lock()
+	defer fRC.mutex.Unlock()
+
+	resultChan := make(chan network.Route, 1)
+	errChan := make(chan error, 1)
+	var result network.Route
+	var err error
+	defer func() {
+		resultChan <- result
+		errChan <- err
+		close(resultChan)
+		close(errChan)
+	}()
+
+	if _, ok := fRC.FakeStore[routeTableName]; !ok {
+		fRC.FakeStore[routeTableName] = make(map[string]network.Route)
+	}
+	fRC.FakeStore[routeTableName][routeName] = routeParameters
+	result = fRC.FakeStore[routeTableName][routeName]
+	result.Response.Response = &http.Response{
+		StatusCode: http.StatusOK,
+	}
+	err = nil
+	return resultChan, errChan
+}
+
+func (fRC *fakeRoutesClient) Delete(resourceGroupName string, routeTableName string, routeName string, cancel <-chan struct{}) (<-chan autorest.Response, <-chan error) {
+	fRC.mutex.Lock()
+	defer fRC.mutex.Unlock()
+
+	respChan := make(chan autorest.Response, 1)
+	errChan := make(chan error, 1)
+	var resp autorest.Response
+	var err error
+	defer func() {
+		respChan <- resp
+		errChan <- err
+		close(respChan)
+		close(errChan)
+	}()
+	if routes, ok := fRC.FakeStore[routeTableName]; ok {
+		if _, ok := routes[routeName]; ok {
+			delete(routes, routeName)
+			resp.Response = &http.Response{
+				StatusCode: http.StatusAccepted,
+			}
+
+			err = nil
+			return respChan, errChan
+		}
+	}
+	resp.Response = &http.Response{
+		StatusCode: http.StatusNotFound,
+	}
+	err = autorest.DetailedError{
+		StatusCode: http.StatusNotFound,
+		Message:    "Not such Route",
+	}
+	return respChan, errChan
+}
+
+type fakeRouteTablesClient struct {
+	mutex     *sync.Mutex
+	FakeStore map[string]map[string]network.RouteTable
+	Calls     []string
+}
+
+func newFakeRouteTablesClient() *fakeRouteTablesClient {
+	fRTC := &fakeRouteTablesClient{}
+	fRTC.FakeStore = make(map[string]map[string]network.RouteTable)
+	fRTC.mutex = &sync.Mutex{}
+	return fRTC
+}
+
+func (fRTC *fakeRouteTablesClient) CreateOrUpdate(resourceGroupName string, routeTableName string, parameters network.RouteTable, cancel <-chan struct{}) (<-chan network.RouteTable, <-chan error) {
+	fRTC.mutex.Lock()
+	defer fRTC.mutex.Unlock()
+
+	fRTC.Calls = append(fRTC.Calls, "CreateOrUpdate")
+
+	resultChan := make(chan network.RouteTable, 1)
+	errChan := make(chan error, 1)
+	var result network.RouteTable
+	var err error
+	defer func() {
+		resultChan <- result
+		errChan <- err
+		close(resultChan)
+		close(errChan)
+	}()
+
+	if _, ok := fRTC.FakeStore[resourceGroupName]; !ok {
+		fRTC.FakeStore[resourceGroupName] = make(map[string]network.RouteTable)
+	}
+	fRTC.FakeStore[resourceGroupName][routeTableName] = parameters
+	result = fRTC.FakeStore[resourceGroupName][routeTableName]
+	result.Response.Response = &http.Response{
+		StatusCode: http.StatusOK,
+	}
+	err = nil
+	return resultChan, errChan
+}
+
+func (fRTC *fakeRouteTablesClient) Get(resourceGroupName string, routeTableName string, expand string) (result network.RouteTable, err error) {
+	fRTC.mutex.Lock()
+	defer fRTC.mutex.Unlock()
+
+	fRTC.Calls = append(fRTC.Calls, "Get")
+
+	if _, ok := fRTC.FakeStore[resourceGroupName]; ok {
+		if entity, ok := fRTC.FakeStore[resourceGroupName][routeTableName]; ok {
+			return entity, nil
+		}
+	}
+	return result, autorest.DetailedError{
+		StatusCode: http.StatusNotFound,
+		Message:    "Not such RouteTable",
+	}
+}
+
+type fakeFileClient struct {
+}
+
+func (fFC *fakeFileClient) createFileShare(accountName, accountKey, name string, sizeGiB int) error {
+	return nil
+}
+
+func (fFC *fakeFileClient) deleteFileShare(accountName, accountKey, name string) error {
+	return nil
+}
+
+func (fFC *fakeFileClient) resizeFileShare(accountName, accountKey, name string, sizeGiB int) error {
+	return nil
+}
+
+type fakeStorageAccountClient struct {
+	mutex     *sync.Mutex
+	FakeStore map[string]map[string]storage.Account
+	Keys      storage.AccountListKeysResult
+	Accounts  storage.AccountListResult
+	Err       error
+}
+
+func newFakeStorageAccountClient() *fakeStorageAccountClient {
+	fSAC := &fakeStorageAccountClient{}
+	fSAC.FakeStore = make(map[string]map[string]storage.Account)
+	fSAC.mutex = &sync.Mutex{}
+	return fSAC
+}
+
+func (fSAC *fakeStorageAccountClient) Create(resourceGroupName string, accountName string, parameters storage.AccountCreateParameters, cancel <-chan struct{}) (<-chan storage.Account, <-chan error) {
+	fSAC.mutex.Lock()
+	defer fSAC.mutex.Unlock()
+
+	resultChan := make(chan storage.Account, 1)
+	errChan := make(chan error, 1)
+	var result storage.Account
+	var err error
+	defer func() {
+		resultChan <- result
+		errChan <- err
+		close(resultChan)
+		close(errChan)
+	}()
+
+	if _, ok := fSAC.FakeStore[resourceGroupName]; !ok {
+		fSAC.FakeStore[resourceGroupName] = make(map[string]storage.Account)
+	}
+	fSAC.FakeStore[resourceGroupName][accountName] = storage.Account{
+		Name:              &accountName,
+		Sku:               parameters.Sku,
+		Kind:              parameters.Kind,
+		Location:          parameters.Location,
+		Identity:          parameters.Identity,
+		Tags:              parameters.Tags,
+		AccountProperties: &storage.AccountProperties{},
+	}
+	result = fSAC.FakeStore[resourceGroupName][accountName]
+	result.Response.Response = &http.Response{
+		StatusCode: http.StatusOK,
+	}
+	err = nil
+	return resultChan, errChan
+}
+
+func (fSAC *fakeStorageAccountClient) Delete(resourceGroupName string, accountName string) (result autorest.Response, err error) {
+	fSAC.mutex.Lock()
+	defer fSAC.mutex.Unlock()
+
+	if rgAccounts, ok := fSAC.FakeStore[resourceGroupName]; ok {
+		if _, ok := rgAccounts[accountName]; ok {
+			delete(rgAccounts, accountName)
+			result.Response = &http.Response{
+				StatusCode: http.StatusAccepted,
+			}
+			return result, nil
+		}
+	}
+
+	result.Response = &http.Response{
+		StatusCode: http.StatusNotFound,
+	}
+	err = autorest.DetailedError{
+		StatusCode: http.StatusNotFound,
+		Message:    "Not such StorageAccount",
+	}
+	return result, err
+}
+
+func (fSAC *fakeStorageAccountClient) ListKeys(resourceGroupName string, accountName string) (result storage.AccountListKeysResult, err error) {
+	return fSAC.Keys, fSAC.Err
+}
+
+func (fSAC *fakeStorageAccountClient) ListByResourceGroup(resourceGroupName string) (result storage.AccountListResult, err error) {
+	return fSAC.Accounts, fSAC.Err
+}
+
+func (fSAC *fakeStorageAccountClient) GetProperties(resourceGroupName string, accountName string) (result storage.Account, err error) {
+	fSAC.mutex.Lock()
+	defer fSAC.mutex.Unlock()
+
+	if _, ok := fSAC.FakeStore[resourceGroupName]; ok {
+		if entity, ok := fSAC.FakeStore[resourceGroupName][accountName]; ok {
+			return entity, nil
+		}
+	}
+
+	return result, autorest.DetailedError{
+		StatusCode: http.StatusNotFound,
+		Message:    "Not such StorageAccount",
+	}
+}
+
+type fakeDisksClient struct {
+	mutex     *sync.Mutex
+	FakeStore map[string]map[string]disk.Model
+}
+
+func newFakeDisksClient() *fakeDisksClient {
+	fDC := &fakeDisksClient{}
+	fDC.FakeStore = make(map[string]map[string]disk.Model)
+	fDC.mutex = &sync.Mutex{}
+	return fDC
+}
+
+func (fDC *fakeDisksClient) CreateOrUpdate(resourceGroupName string, diskName string, diskParameter disk.Model, cancel <-chan struct{}) (<-chan disk.Model, <-chan error) {
+	fDC.mutex.Lock()
+	defer fDC.mutex.Unlock()
+
+	resultChan := make(chan disk.Model, 1)
+	errChan := make(chan error, 1)
+	var result disk.Model
+	var err error
+	defer func() {
+		resultChan <- result
+		errChan <- err
+		close(resultChan)
+		close(errChan)
+	}()
+
+	if _, ok := fDC.FakeStore[resourceGroupName]; !ok {
+		fDC.FakeStore[resourceGroupName] = make(map[string]disk.Model)
+	}
+	fDC.FakeStore[resourceGroupName][diskName] = diskParameter
+	result = fDC.FakeStore[resourceGroupName][diskName]
+	result.Response.Response = &http.Response{
+		StatusCode: http.StatusOK,
+	}
+	err = nil
+	return resultChan, errChan
+}
+
+func (fDC *fakeDisksClient) Delete(resourceGroupName string, diskName string, cancel <-chan struct{}) (<-chan disk.OperationStatusResponse, <-chan error) {
+	fDC.mutex.Lock()
+	defer fDC.mutex.Unlock()
+
+	respChan := make(chan disk.OperationStatusResponse, 1)
+	errChan := make(chan error, 1)
+	var resp disk.OperationStatusResponse
+	var err error
+	defer func() {
+		respChan <- resp
+		errChan <- err
+		close(respChan)
+		close(errChan)
+	}()
+	if rgDisks, ok := fDC.FakeStore[resourceGroupName]; ok {
+		if _, ok := rgDisks[diskName]; ok {
+			delete(rgDisks, diskName)
+			resp.Response = autorest.Response{
+				Response: &http.Response{
+					StatusCode: http.StatusAccepted,
+				},
+			}
+
+			err = nil
+			return respChan, errChan
+		}
+	}
+	resp.Response = autorest.Response{
+		Response: &http.Response{
+			StatusCode: http.StatusNotFound,
+		},
+	}
+	err = autorest.DetailedError{
+		StatusCode: http.StatusNotFound,
+		Message:    "Not such Disk",
+	}
+	return respChan, errChan
+}
+
+func (fDC *fakeDisksClient) Get(resourceGroupName string, diskName string) (result disk.Model, err error) {
+	fDC.mutex.Lock()
+	defer fDC.mutex.Unlock()
+
+	if _, ok := fDC.FakeStore[resourceGroupName]; ok {
+		if entity, ok := fDC.FakeStore[resourceGroupName][diskName]; ok {
+			return entity, nil
+		}
+	}
+
+	return result, autorest.DetailedError{
+		StatusCode: http.StatusNotFound,
+		Message:    "Not such Disk",
+	}
+}
+
+type fakeVMSet struct {
+	NodeToIP map[string]map[string]string
+	Err      error
+}
+
+func (f *fakeVMSet) GetInstanceIDByNodeName(name string) (string, error) {
+	return "", fmt.Errorf("unimplemented")
+}
+
+func (f *fakeVMSet) GetInstanceTypeByNodeName(name string) (string, error) {
+	return "", fmt.Errorf("unimplemented")
+}
+
+func (f *fakeVMSet) GetIPByNodeName(name, vmSetName string) (string, string, error) {
+	nodes, found := f.NodeToIP[vmSetName]
+	if !found {
+		return "", "", fmt.Errorf("not found")
+	}
+	ip, found := nodes[name]
+	if !found {
+		return "", "", fmt.Errorf("not found")
+	}
+	return ip, "", nil
+}
+
+func (f *fakeVMSet) GetPrimaryInterface(nodeName, vmSetName string) (network.Interface, error) {
+	return network.Interface{}, fmt.Errorf("unimplemented")
+}
+
+func (f *fakeVMSet) GetNodeNameByProviderID(providerID string) (types.NodeName, error) {
+	return types.NodeName(""), fmt.Errorf("unimplemented")
+}
+
+func (f *fakeVMSet) GetZoneByNodeName(name string) (cloudprovider.Zone, error) {
+	return cloudprovider.Zone{}, fmt.Errorf("unimplemented")
+}
+
+func (f *fakeVMSet) GetPrimaryVMSetName() string {
+	return ""
+}
+
+func (f *fakeVMSet) GetVMSetNames(service *v1.Service, nodes []*v1.Node) (availabilitySetNames *[]string, err error) {
+	return nil, fmt.Errorf("unimplemented")
+}
+
+func (f *fakeVMSet) EnsureHostsInPool(serviceName string, nodes []*v1.Node, backendPoolID string, vmSetName string) error {
+	return fmt.Errorf("unimplemented")
+}
+
+func (f *fakeVMSet) EnsureBackendPoolDeleted(poolID, vmSetName string) error {
+	return fmt.Errorf("unimplemented")
+}
+
+func (f *fakeVMSet) AttachDisk(isManagedDisk bool, diskName, diskURI string, nodeName types.NodeName, lun int32, cachingMode compute.CachingTypes) error {
+	return fmt.Errorf("unimplemented")
+}
+
+func (f *fakeVMSet) DetachDiskByName(diskName, diskURI string, nodeName types.NodeName) error {
+	return fmt.Errorf("unimplemented")
+}
+
+func (f *fakeVMSet) GetDiskLun(diskName, diskURI string, nodeName types.NodeName) (int32, error) {
+	return -1, fmt.Errorf("unimplemented")
+}
+
+func (f *fakeVMSet) GetNextDiskLun(nodeName types.NodeName) (int32, error) {
+	return -1, fmt.Errorf("unimplemented")
+}
+
+func (f *fakeVMSet) DisksAreAttached(diskNames []string, nodeName types.NodeName) (map[string]bool, error) {
+	return nil, fmt.Errorf("unimplemented")
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_file.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_file.go
index 482911283243..138dabb5765b 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_file.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_file.go
@@ -20,6 +20,7 @@ import (
 	"fmt"
 
 	azs "github.com/Azure/azure-sdk-for-go/storage"
+	"github.com/Azure/go-autorest/autorest/azure"
 	"github.com/golang/glog"
 )
 
@@ -27,9 +28,33 @@ const (
 	useHTTPS = true
 )
 
+// FileClient is the interface for creating file shares, interface for test
+// injection.
+type FileClient interface {
+	createFileShare(accountName, accountKey, name string, sizeGiB int) error
+	deleteFileShare(accountName, accountKey, name string) error
+	resizeFileShare(accountName, accountKey, name string, sizeGiB int) error
+}
+
 // create file share
-func (az *Cloud) createFileShare(accountName, accountKey, name string, sizeGB int) error {
-	fileClient, err := az.getFileSvcClient(accountName, accountKey)
+func (az *Cloud) createFileShare(accountName, accountKey, name string, sizeGiB int) error {
+	return az.FileClient.createFileShare(accountName, accountKey, name, sizeGiB)
+}
+
+func (az *Cloud) deleteFileShare(accountName, accountKey, name string) error {
+	return az.FileClient.deleteFileShare(accountName, accountKey, name)
+}
+
+func (az *Cloud) resizeFileShare(accountName, accountKey, name string, sizeGiB int) error {
+	return az.FileClient.resizeFileShare(accountName, accountKey, name, sizeGiB)
+}
+
+type azureFileClient struct {
+	env azure.Environment
+}
+
+func (f *azureFileClient) createFileShare(accountName, accountKey, name string, sizeGiB int) error {
+	fileClient, err := f.getFileSvcClient(accountName, accountKey)
 	if err != nil {
 		return err
 	}
@@ -42,7 +67,7 @@ func (az *Cloud) createFileShare(accountName, accountKey, name string, sizeGB in
 	if err = share.Create(nil); err != nil {
 		return fmt.Errorf("failed to create file share, err: %v", err)
 	}
-	share.Properties.Quota = sizeGB
+	share.Properties.Quota = sizeGiB
 	if err = share.SetProperties(nil); err != nil {
 		if err := share.Delete(nil); err != nil {
 			glog.Errorf("Error deleting share: %v", err)
@@ -53,20 +78,38 @@ func (az *Cloud) createFileShare(accountName, accountKey, name string, sizeGB in
 }
 
 // delete a file share
-func (az *Cloud) deleteFileShare(accountName, accountKey, name string) error {
-	fileClient, err := az.getFileSvcClient(accountName, accountKey)
-	if err == nil {
-		share := fileClient.GetShareReference(name)
-		return share.Delete(nil)
+func (f *azureFileClient) deleteFileShare(accountName, accountKey, name string) error {
+	fileClient, err := f.getFileSvcClient(accountName, accountKey)
+	if err != nil {
+		return err
+	}
+	return fileClient.GetShareReference(name).Delete(nil)
+}
+
+func (f *azureFileClient) resizeFileShare(accountName, accountKey, name string, sizeGiB int) error {
+	fileClient, err := f.getFileSvcClient(accountName, accountKey)
+	if err != nil {
+		return err
+	}
+	share := fileClient.GetShareReference(name)
+	if share.Properties.Quota >= sizeGiB {
+		glog.Warningf("file share size(%dGi) is already greater or equal than requested size(%dGi), accountName: %s, shareName: %s",
+			share.Properties.Quota, sizeGiB, accountName, name)
+		return nil
+	}
+	share.Properties.Quota = sizeGiB
+	if err = share.SetProperties(nil); err != nil {
+		return fmt.Errorf("failed to set quota on file share %s, err: %v", name, err)
 	}
+	glog.V(4).Infof("resize file share completed, accountName: %s, shareName: %s, sizeGiB: %d", accountName, name, sizeGiB)
 	return nil
 }
 
-func (az *Cloud) getFileSvcClient(accountName, accountKey string) (*azs.FileServiceClient, error) {
-	client, err := azs.NewClient(accountName, accountKey, az.Environment.StorageEndpointSuffix, azs.DefaultAPIVersion, useHTTPS)
+func (f *azureFileClient) getFileSvcClient(accountName, accountKey string) (*azs.FileServiceClient, error) {
+	fileClient, err := azs.NewClient(accountName, accountKey, f.env.StorageEndpointSuffix, azs.DefaultAPIVersion, useHTTPS)
 	if err != nil {
 		return nil, fmt.Errorf("error creating azure client: %v", err)
 	}
-	f := client.GetFileService()
-	return &f, nil
+	fc := fileClient.GetFileService()
+	return &fc, nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_instance_metadata.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_instance_metadata.go
index 6df990832726..a9d29ec5a518 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_instance_metadata.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_instance_metadata.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2016 The Kubernetes Authors.
+Copyright 2018 The Kubernetes Authors.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_instances.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_instances.go
index bea1cb2ff359..1f7daac0f251 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_instances.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_instances.go
@@ -17,21 +17,53 @@ limitations under the License.
 package azure
 
 import (
+	"context"
 	"fmt"
+	"os"
+	"strings"
 
 	"k8s.io/api/core/v1"
 	"k8s.io/kubernetes/pkg/cloudprovider"
 
-	"github.com/Azure/azure-sdk-for-go/arm/compute"
 	"github.com/golang/glog"
 	"k8s.io/apimachinery/pkg/types"
 )
 
 // NodeAddresses returns the addresses of the specified instance.
-func (az *Cloud) NodeAddresses(name types.NodeName) ([]v1.NodeAddress, error) {
+func (az *Cloud) NodeAddresses(ctx context.Context, name types.NodeName) ([]v1.NodeAddress, error) {
+	addressGetter := func(nodeName types.NodeName) ([]v1.NodeAddress, error) {
+		ip, publicIP, err := az.GetIPForMachineWithRetry(nodeName)
+		if err != nil {
+			glog.V(2).Infof("NodeAddresses(%s) abort backoff", nodeName)
+			return nil, err
+		}
+
+		addresses := []v1.NodeAddress{
+			{Type: v1.NodeInternalIP, Address: ip},
+			{Type: v1.NodeHostName, Address: string(name)},
+		}
+		if len(publicIP) > 0 {
+			addresses = append(addresses, v1.NodeAddress{
+				Type:    v1.NodeExternalIP,
+				Address: publicIP,
+			})
+		}
+		return addresses, nil
+	}
+
 	if az.UseInstanceMetadata {
+		isLocalInstance, err := az.isCurrentInstance(name)
+		if err != nil {
+			return nil, err
+		}
+
+		// Not local instance, get addresses from Azure ARM API.
+		if !isLocalInstance {
+			return addressGetter(name)
+		}
+
 		ipAddress := IPAddress{}
-		err := az.metadata.Object("instance/network/interface/0/ipv4/ipAddress/0", &ipAddress)
+		err = az.metadata.Object("instance/network/interface/0/ipv4/ipAddress/0", &ipAddress)
 		if err != nil {
 			return nil, err
 		}
@@ -48,44 +80,36 @@ func (az *Cloud) NodeAddresses(name types.NodeName) ([]v1.NodeAddress, error) {
 		}
 		return addresses, nil
 	}
-	ip, err := az.GetIPForMachineWithRetry(name)
-	if err != nil {
-		glog.V(2).Infof("NodeAddresses(%s) abort backoff", name)
-		return nil, err
-	}
 
-	return []v1.NodeAddress{
-		{Type: v1.NodeInternalIP, Address: ip},
-		{Type: v1.NodeHostName, Address: string(name)},
-	}, nil
+	return addressGetter(name)
 }
 
 // NodeAddressesByProviderID returns the node addresses of an instances with the specified unique providerID
 // This method will not be called from the node that is requesting this ID. i.e. metadata service
 // and other local methods cannot be used here
-func (az *Cloud) NodeAddressesByProviderID(providerID string) ([]v1.NodeAddress, error) {
-	name, err := splitProviderID(providerID)
+func (az *Cloud) NodeAddressesByProviderID(ctx context.Context, providerID string) ([]v1.NodeAddress, error) {
+	name, err := az.vmSet.GetNodeNameByProviderID(providerID)
 	if err != nil {
 		return nil, err
 	}
 
-	return az.NodeAddresses(name)
+	return az.NodeAddresses(ctx, name)
 }
 
 // ExternalID returns the cloud provider ID of the specified instance (deprecated).
-func (az *Cloud) ExternalID(name types.NodeName) (string, error) {
-	return az.InstanceID(name)
+func (az *Cloud) ExternalID(ctx context.Context, name types.NodeName) (string, error) {
+	return az.InstanceID(ctx, name)
 }
 
 // InstanceExistsByProviderID returns true if the instance with the given provider id still exists and is running.
 // If false is returned with no error, the instance will be immediately deleted by the cloud controller manager.
-func (az *Cloud) InstanceExistsByProviderID(providerID string) (bool, error) {
-	name, err := splitProviderID(providerID)
+func (az *Cloud) InstanceExistsByProviderID(ctx context.Context, providerID string) (bool, error) {
+	name, err := az.vmSet.GetNodeNameByProviderID(providerID)
 	if err != nil {
 		return false, err
 	}
 
-	_, err = az.InstanceID(name)
+	_, err = az.InstanceID(ctx, name)
 	if err != nil {
 		if err == cloudprovider.InstanceNotFound {
 			return false, nil
@@ -99,96 +123,76 @@ func (az *Cloud) InstanceExistsByProviderID(providerID string) (bool, error) {
 func (az *Cloud) isCurrentInstance(name types.NodeName) (bool, error) {
 	nodeName := mapNodeNameToVMName(name)
 	metadataName, err := az.metadata.Text("instance/compute/name")
+	if err != nil {
+		return false, err
+	}
+
+	if az.VMType == vmTypeVMSS {
+		// VMSS vmName is not same with hostname, use hostname instead.
+		metadataName, err = os.Hostname()
+		if err != nil {
+			return false, err
+		}
+	}
+
+	metadataName = strings.ToLower(metadataName)
 	return (metadataName == nodeName), err
 }
 
 // InstanceID returns the cloud provider ID of the specified instance.
 // Note that if the instance does not exist or is no longer running, we must return ("", cloudprovider.InstanceNotFound)
-func (az *Cloud) InstanceID(name types.NodeName) (string, error) {
+func (az *Cloud) InstanceID(ctx context.Context, name types.NodeName) (string, error) {
+	nodeName := mapNodeNameToVMName(name)
+
 	if az.UseInstanceMetadata {
 		isLocalInstance, err := az.isCurrentInstance(name)
 		if err != nil {
 			return "", err
 		}
-		if isLocalInstance {
-			nodeName := mapNodeNameToVMName(name)
-			return az.getMachineID(nodeName), nil
-		}
-	}
 
-	if az.Config.VMType == vmTypeVMSS {
-		id, err := az.getVmssInstanceID(name)
-		if err == cloudprovider.InstanceNotFound || err == ErrorNotVmssInstance {
-			// Retry with standard type because master nodes may not belong to any vmss.
-			return az.getStandardInstanceID(name)
+		// Not local instance, get instanceID from Azure ARM API.
+		if !isLocalInstance {
+			return az.vmSet.GetInstanceIDByNodeName(nodeName)
 		}
 
-		return id, err
-	}
-
-	return az.getStandardInstanceID(name)
-}
+		// Compose instanceID based on nodeName for standard instance.
+		if az.VMType == vmTypeStandard {
+			return az.getStandardMachineID(nodeName), nil
+		}
 
-func (az *Cloud) getVmssInstanceID(name types.NodeName) (string, error) {
-	var machine compute.VirtualMachineScaleSetVM
-	var exists bool
-	var err error
-	az.operationPollRateLimiter.Accept()
-	machine, exists, err = az.getVmssVirtualMachine(name)
-	if err != nil {
-		if az.CloudProviderBackoff {
-			glog.V(2).Infof("InstanceID(%s) backing off", name)
-			machine, exists, err = az.GetScaleSetsVMWithRetry(name)
-			if err != nil {
-				glog.V(2).Infof("InstanceID(%s) abort backoff", name)
-				return "", err
-			}
-		} else {
+		// Get scale set name and instanceID from vmName for vmss.
+		metadataName, err := az.metadata.Text("instance/compute/name")
+		if err != nil {
 			return "", err
 		}
-	} else if !exists {
-		return "", cloudprovider.InstanceNotFound
-	}
-	return *machine.ID, nil
-}
-
-func (az *Cloud) getStandardInstanceID(name types.NodeName) (string, error) {
-	var machine compute.VirtualMachine
-	var err error
-	az.operationPollRateLimiter.Accept()
-	machine, err = az.getVirtualMachine(name)
-	if err != nil {
-		if az.CloudProviderBackoff {
-			glog.V(2).Infof("InstanceID(%s) backing off", name)
-			machine, err = az.GetVirtualMachineWithRetry(name)
-			if err != nil {
-				glog.V(2).Infof("InstanceID(%s) abort backoff", name)
-				return "", err
-			}
-		} else {
+		ssName, instanceID, err := extractVmssVMName(metadataName)
+		if err != nil {
 			return "", err
 		}
+		// Compose instanceID based on ssName and instanceID for vmss instance.
+		return az.getVmssMachineID(ssName, instanceID), nil
 	}
-	return *machine.ID, nil
+
+	return az.vmSet.GetInstanceIDByNodeName(nodeName)
 }
 
 // InstanceTypeByProviderID returns the cloudprovider instance type of the node with the specified unique providerID
 // This method will not be called from the node that is requesting this ID. i.e. metadata service
 // and other local methods cannot be used here
-func (az *Cloud) InstanceTypeByProviderID(providerID string) (string, error) {
-	name, err := splitProviderID(providerID)
+func (az *Cloud) InstanceTypeByProviderID(ctx context.Context, providerID string) (string, error) {
+	name, err := az.vmSet.GetNodeNameByProviderID(providerID)
 	if err != nil {
 		return "", err
 	}
 
-	return az.InstanceType(name)
+	return az.InstanceType(ctx, name)
 }
 
 // InstanceType returns the type of the specified instance.
 // Note that if the instance does not exist or is no longer running, we must return ("", cloudprovider.InstanceNotFound)
 // (Implementer Note): This is used by kubelet. Kubelet will label the node. Real log from kubelet:
 //       Adding node label from cloud provider: beta.kubernetes.io/instance-type=[value]
-func (az *Cloud) InstanceType(name types.NodeName) (string, error) {
+func (az *Cloud) InstanceType(ctx context.Context, name types.NodeName) (string, error) {
 	if az.UseInstanceMetadata {
 		isLocalInstance, err := az.isCurrentInstance(name)
 		if err != nil {
@@ -202,55 +206,18 @@ func (az *Cloud) InstanceType(name types.NodeName) (string, error) {
 		}
 	}
 
-	if az.Config.VMType == vmTypeVMSS {
-		machineType, err := az.getVmssInstanceType(name)
-		if err == cloudprovider.InstanceNotFound || err == ErrorNotVmssInstance {
-			// Retry with standard type because master nodes may not belong to any vmss.
-			return az.getStandardInstanceType(name)
-		}
-
-		return machineType, err
-	}
-
-	return az.getStandardInstanceType(name)
-}
-
-// getVmssInstanceType gets instance with type vmss.
-func (az *Cloud) getVmssInstanceType(name types.NodeName) (string, error) {
-	machine, exists, err := az.getVmssVirtualMachine(name)
-	if err != nil {
-		glog.Errorf("error: az.InstanceType(%s), az.getVmssVirtualMachine(%s) err=%v", name, name, err)
-		return "", err
-	} else if !exists {
-		return "", cloudprovider.InstanceNotFound
-	}
-
-	if machine.Sku.Name != nil {
-		return *machine.Sku.Name, nil
-	}
-
-	return "", fmt.Errorf("instance type is not set")
-}
-
-// getStandardInstanceType gets instance with standard type.
-func (az *Cloud) getStandardInstanceType(name types.NodeName) (string, error) {
-	machine, err := az.getVirtualMachine(name)
-	if err != nil {
-		glog.Errorf("error: az.InstanceType(%s), az.getVirtualMachine(%s) err=%v", name, name, err)
-		return "", err
-	}
-	return string(machine.HardwareProfile.VMSize), nil
+	return az.vmSet.GetInstanceTypeByNodeName(string(name))
 }
 
 // AddSSHKeyToAllInstances adds an SSH public key as a legal identity for all instances
 // expected format for the key is standard ssh-keygen format: <protocol> <blob>
-func (az *Cloud) AddSSHKeyToAllInstances(user string, keyData []byte) error {
+func (az *Cloud) AddSSHKeyToAllInstances(ctx context.Context, user string, keyData []byte) error {
 	return fmt.Errorf("not supported")
 }
 
-// CurrentNodeName returns the name of the node we are currently running on
-// On most clouds (e.g. GCE) this is the hostname, so we provide the hostname
-func (az *Cloud) CurrentNodeName(hostname string) (types.NodeName, error) {
+// CurrentNodeName returns the name of the node we are currently running on.
+// On Azure this is the hostname, so we just return the hostname.
+func (az *Cloud) CurrentNodeName(ctx context.Context, hostname string) (types.NodeName, error) {
 	return types.NodeName(hostname), nil
 }
 
@@ -259,9 +226,3 @@ func (az *Cloud) CurrentNodeName(hostname string) (types.NodeName, error) {
 func mapNodeNameToVMName(nodeName types.NodeName) string {
 	return string(nodeName)
 }
-
-// mapVMNameToNodeName maps an Azure VM Name to a k8s NodeName
-// This is a simple string cast.
-func mapVMNameToNodeName(vmName string) types.NodeName {
-	return types.NodeName(vmName)
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_loadbalancer.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_loadbalancer.go
index c6c60dbce756..13577e065819 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_loadbalancer.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_loadbalancer.go
@@ -17,72 +17,76 @@ limitations under the License.
 package azure
 
 import (
+	"context"
 	"fmt"
 	"math"
 	"strconv"
 	"strings"
 
 	"k8s.io/api/core/v1"
-	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 	"k8s.io/apimachinery/pkg/util/sets"
 	serviceapi "k8s.io/kubernetes/pkg/api/v1/service"
 
-	"github.com/Azure/azure-sdk-for-go/arm/compute"
 	"github.com/Azure/azure-sdk-for-go/arm/network"
 	"github.com/Azure/go-autorest/autorest/to"
 	"github.com/golang/glog"
-	"k8s.io/apimachinery/pkg/types"
 )
 
-// ServiceAnnotationLoadBalancerInternal is the annotation used on the service
-const ServiceAnnotationLoadBalancerInternal = "service.beta.kubernetes.io/azure-load-balancer-internal"
-
-// ServiceAnnotationLoadBalancerInternalSubnet is the annotation used on the service
-// to specify what subnet it is exposed on
-const ServiceAnnotationLoadBalancerInternalSubnet = "service.beta.kubernetes.io/azure-load-balancer-internal-subnet"
-
-// ServiceAnnotationLoadBalancerMode is the annotation used on the service to specify the
-// Azure load balancer selection based on availability sets
-// There are currently three possible load balancer selection modes :
-// 1. Default mode - service has no annotation ("service.beta.kubernetes.io/azure-load-balancer-mode")
-//	  In this case the Loadbalancer of the primary Availability set is selected
-// 2. "__auto__" mode - service is annotated with __auto__ value, this when loadbalancer from any availability set
-//    is selected which has the miinimum rules associated with it.
-// 3. "as1,as2" mode - this is when the laod balancer from the specified availability sets is selected that has the
-//    miinimum rules associated with it.
-const ServiceAnnotationLoadBalancerMode = "service.beta.kubernetes.io/azure-load-balancer-mode"
-
-// ServiceAnnotationLoadBalancerAutoModeValue the annotation used on the service to specify the
-// Azure load balancer auto selection from the availability sets
-const ServiceAnnotationLoadBalancerAutoModeValue = "__auto__"
-
-// ServiceAnnotationDNSLabelName annotation speficying the DNS label name for the service.
-const ServiceAnnotationDNSLabelName = "service.beta.kubernetes.io/azure-dns-label-name"
-
-// ServiceAnnotationSharedSecurityRule is the annotation used on the service
-// to specify that the service should be exposed using an Azure security rule
-// that may be shared with other service, trading specificity of rules for an
-// increase in the number of services that can be exposed. This relies on the
-// Azure "augmented security rules" feature which at the time of writing is in
-// preview and available only in certain regions.
-const ServiceAnnotationSharedSecurityRule = "service.beta.kubernetes.io/azure-shared-securityrule"
+const (
+	// ServiceAnnotationLoadBalancerInternal is the annotation used on the service
+	ServiceAnnotationLoadBalancerInternal = "service.beta.kubernetes.io/azure-load-balancer-internal"
+
+	// ServiceAnnotationLoadBalancerInternalSubnet is the annotation used on the service
+	// to specify what subnet it is exposed on
+	ServiceAnnotationLoadBalancerInternalSubnet = "service.beta.kubernetes.io/azure-load-balancer-internal-subnet"
+
+	// ServiceAnnotationLoadBalancerMode is the annotation used on the service to specify the
+	// Azure load balancer selection based on availability sets
+	// There are currently three possible load balancer selection modes :
+	// 1. Default mode - service has no annotation ("service.beta.kubernetes.io/azure-load-balancer-mode")
+	//	  In this case the Loadbalancer of the primary Availability set is selected
+	// 2. "__auto__" mode - service is annotated with __auto__ value, this when loadbalancer from any availability set
+	//    is selected which has the minimum rules associated with it.
+	// 3. "as1,as2" mode - this is when the load balancer from the specified availability sets is selected that has the
+	//    minimum rules associated with it.
+	ServiceAnnotationLoadBalancerMode = "service.beta.kubernetes.io/azure-load-balancer-mode"
+
+	// ServiceAnnotationLoadBalancerAutoModeValue is the annotation used on the service to specify the
+	// Azure load balancer auto selection from the availability sets
+	ServiceAnnotationLoadBalancerAutoModeValue = "__auto__"
+
+	// ServiceAnnotationDNSLabelName is the annotation used on the service
+	// to specify the DNS label name for the service.
+	ServiceAnnotationDNSLabelName = "service.beta.kubernetes.io/azure-dns-label-name"
+
+	// ServiceAnnotationSharedSecurityRule is the annotation used on the service
+	// to specify that the service should be exposed using an Azure security rule
+	// that may be shared with other service, trading specificity of rules for an
+	// increase in the number of services that can be exposed. This relies on the
+	// Azure "augmented security rules" feature.
+	ServiceAnnotationSharedSecurityRule = "service.beta.kubernetes.io/azure-shared-securityrule"
+
+	// ServiceAnnotationLoadBalancerResourceGroup is the annotation used on the service
+	// to specify the resource group of load balancer objects that are not in the same resource group as the cluster.
+	ServiceAnnotationLoadBalancerResourceGroup = "service.beta.kubernetes.io/azure-load-balancer-resource-group"
+)
 
 // GetLoadBalancer returns whether the specified load balancer exists, and
 // if so, what its status is.
-func (az *Cloud) GetLoadBalancer(clusterName string, service *v1.Service) (status *v1.LoadBalancerStatus, exists bool, err error) {
+func (az *Cloud) GetLoadBalancer(ctx context.Context, clusterName string, service *v1.Service) (status *v1.LoadBalancerStatus, exists bool, err error) {
 	_, status, exists, err = az.getServiceLoadBalancer(service, clusterName, nil, false)
 	if err != nil {
 		return nil, false, err
 	}
-	if exists == false {
+	if !exists {
 		serviceName := getServiceName(service)
-		glog.V(5).Infof("getloadbalancer (cluster:%s) (service:%s)- IP doesn't exist in any of the lbs", clusterName, serviceName)
-		return nil, false, fmt.Errorf("Service(%s) - Loadbalancer not found", serviceName)
+		glog.V(5).Infof("getloadbalancer (cluster:%s) (service:%s) - doesn't exist", clusterName, serviceName)
+		return nil, false, nil
 	}
 	return status, true, nil
 }
 
-func getPublicIPLabel(service *v1.Service) string {
+func getPublicIPDomainNameLabel(service *v1.Service) string {
 	if labelName, found := service.Annotations[ServiceAnnotationDNSLabelName]; found {
 		return labelName
 	}
@@ -90,7 +94,7 @@ func getPublicIPLabel(service *v1.Service) string {
 }
 
 // EnsureLoadBalancer creates a new load balancer 'name', or updates the existing one. Returns the status of the balancer
-func (az *Cloud) EnsureLoadBalancer(clusterName string, service *v1.Service, nodes []*v1.Node) (*v1.LoadBalancerStatus, error) {
+func (az *Cloud) EnsureLoadBalancer(ctx context.Context, clusterName string, service *v1.Service, nodes []*v1.Node) (*v1.LoadBalancerStatus, error) {
 	// When a client updates the internal load balancer annotation,
 	// the service may be switched from an internal LB to a public one, or vise versa.
 	// Here we'll firstly ensure service do not lie in the opposite LB.
@@ -128,8 +132,8 @@ func (az *Cloud) EnsureLoadBalancer(clusterName string, service *v1.Service, nod
 }
 
 // UpdateLoadBalancer updates hosts under the specified load balancer.
-func (az *Cloud) UpdateLoadBalancer(clusterName string, service *v1.Service, nodes []*v1.Node) error {
-	_, err := az.EnsureLoadBalancer(clusterName, service, nodes)
+func (az *Cloud) UpdateLoadBalancer(ctx context.Context, clusterName string, service *v1.Service, nodes []*v1.Node) error {
+	_, err := az.EnsureLoadBalancer(ctx, clusterName, service, nodes)
 	return err
 }
 
@@ -139,12 +143,12 @@ func (az *Cloud) UpdateLoadBalancer(clusterName string, service *v1.Service, nod
 // This construction is useful because many cloud providers' load balancers
 // have multiple underlying components, meaning a Get could say that the LB
 // doesn't exist even if some part of it is still laying around.
-func (az *Cloud) EnsureLoadBalancerDeleted(clusterName string, service *v1.Service) error {
+func (az *Cloud) EnsureLoadBalancerDeleted(ctx context.Context, clusterName string, service *v1.Service) error {
 	isInternal := requiresInternalLoadBalancer(service)
 	serviceName := getServiceName(service)
 	glog.V(5).Infof("delete(%s): START clusterName=%q", serviceName, clusterName)
 
-	serviceIPToCleanup, err := az.findServiceIPAddress(clusterName, service, isInternal)
+	serviceIPToCleanup, err := az.findServiceIPAddress(ctx, clusterName, service, isInternal)
 	if err != nil {
 		return err
 	}
@@ -166,15 +170,16 @@ func (az *Cloud) EnsureLoadBalancerDeleted(clusterName string, service *v1.Servi
 	return nil
 }
 
-// getServiceLoadBalancer gets the loadbalancer for the service if it already exists
-// If wantLb is TRUE then -it selects a new load balancer
-// In case the selected load balancer does not exists it returns network.LoadBalancer struct
-// with added metadata (such as name, location) and existsLB set to FALSE
-// By default - cluster default LB is returned
+// getServiceLoadBalancer gets the loadbalancer for the service if it already exists.
+// If wantLb is TRUE then -it selects a new load balancer.
+// In case the selected load balancer does not exist it returns network.LoadBalancer struct
+// with added metadata (such as name, location) and existsLB set to FALSE.
+// By default - cluster default LB is returned.
 func (az *Cloud) getServiceLoadBalancer(service *v1.Service, clusterName string, nodes []*v1.Node, wantLb bool) (lb *network.LoadBalancer, status *v1.LoadBalancerStatus, exists bool, err error) {
 	isInternal := requiresInternalLoadBalancer(service)
 	var defaultLB *network.LoadBalancer
-	defaultLBName := az.getLoadBalancerName(clusterName, az.Config.PrimaryAvailabilitySetName, isInternal)
+	primaryVMSetName := az.vmSet.GetPrimaryVMSetName()
+	defaultLBName := az.getLoadBalancerName(clusterName, primaryVMSetName, isInternal)
 
 	existingLBs, err := az.ListLBWithRetry()
 	if err != nil {
@@ -226,26 +231,27 @@ func (az *Cloud) getServiceLoadBalancer(service *v1.Service, clusterName string,
 	return defaultLB, nil, false, nil
 }
 
-// select load balancer for the service in the cluster
-// the selection algorithm selectes the the load balancer with currently has
-// the minimum lb rules, there there are multiple LB's with same number of rules
-// it selects the first one (sorted based on name)
+// selectLoadBalancer selects load balancer for the service in the cluster.
+// The selection algorithm selects the load balancer which currently has
+// the minimum lb rules. If there are multiple LBs with same number of rules,
+// then selects the first one (sorted based on name).
 func (az *Cloud) selectLoadBalancer(clusterName string, service *v1.Service, existingLBs *[]network.LoadBalancer, nodes []*v1.Node) (selectedLB *network.LoadBalancer, existsLb bool, err error) {
 	isInternal := requiresInternalLoadBalancer(service)
 	serviceName := getServiceName(service)
 	glog.V(3).Infof("selectLoadBalancer(%s): isInternal(%s) - start", serviceName, isInternal)
-	availabilitySetNames, err := az.getLoadBalancerAvailabilitySetNames(service, nodes)
+	vmSetNames, err := az.vmSet.GetVMSetNames(service, nodes)
 	if err != nil {
-		glog.Errorf("az.selectLoadBalancer: cluster(%s) service(%s) isInternal(%t) - az.getLoadBalancerAvailabilitySetNames failed, err=(%v)", clusterName, serviceName, isInternal, err)
+		glog.Errorf("az.selectLoadBalancer: cluster(%s) service(%s) isInternal(%t) - az.GetVMSetNames failed, err=(%v)", clusterName, serviceName, isInternal, err)
 		return nil, false, err
 	}
-	glog.Infof("selectLoadBalancer: cluster(%s) service(%s) isInternal(%t) - availabilitysetsnames %v", clusterName, serviceName, isInternal, *availabilitySetNames)
+	glog.Infof("selectLoadBalancer: cluster(%s) service(%s) isInternal(%t) - vmSetNames %v", clusterName, serviceName, isInternal, *vmSetNames)
+
 	mapExistingLBs := map[string]network.LoadBalancer{}
 	for _, lb := range *existingLBs {
 		mapExistingLBs[*lb.Name] = lb
 	}
 	selectedLBRuleCount := math.MaxInt32
-	for _, currASName := range *availabilitySetNames {
+	for _, currASName := range *vmSetNames {
 		currLBName := az.getLoadBalancerName(clusterName, currASName, isInternal)
 		lb, exists := mapExistingLBs[currLBName]
 		if !exists {
@@ -272,13 +278,13 @@ func (az *Cloud) selectLoadBalancer(clusterName string, service *v1.Service, exi
 	}
 
 	if selectedLB == nil {
-		err = fmt.Errorf("selectLoadBalancer: cluster(%s) service(%s) isInternal(%t) - unable to find load balancer for selected availability sets %v", clusterName, serviceName, isInternal, *availabilitySetNames)
+		err = fmt.Errorf("selectLoadBalancer: cluster(%s) service(%s) isInternal(%t) - unable to find load balancer for selected VM sets %v", clusterName, serviceName, isInternal, *vmSetNames)
 		glog.Error(err)
 		return nil, false, err
 	}
 	// validate if the selected LB has not exceeded the MaximumLoadBalancerRuleCount
 	if az.Config.MaximumLoadBalancerRuleCount != 0 && selectedLBRuleCount >= az.Config.MaximumLoadBalancerRuleCount {
-		err = fmt.Errorf("selectLoadBalancer: cluster(%s) service(%s) isInternal(%t) -  all available load balancers have exceeded maximum rule limit %d, availabilitysetnames (%v)", clusterName, serviceName, isInternal, selectedLBRuleCount, *availabilitySetNames)
+		err = fmt.Errorf("selectLoadBalancer: cluster(%s) service(%s) isInternal(%t) -  all available load balancers have exceeded maximum rule limit %d, vmSetNames (%v)", clusterName, serviceName, isInternal, selectedLBRuleCount, *vmSetNames)
 		glog.Error(err)
 		return selectedLB, existsLb, err
 	}
@@ -288,7 +294,7 @@ func (az *Cloud) selectLoadBalancer(clusterName string, service *v1.Service, exi
 
 func (az *Cloud) getServiceLoadBalancerStatus(service *v1.Service, lb *network.LoadBalancer) (status *v1.LoadBalancerStatus, err error) {
 	if lb == nil {
-		glog.V(10).Infof("getServiceLoadBalancerStatus lb is nil")
+		glog.V(10).Info("getServiceLoadBalancerStatus lb is nil")
 		return nil, nil
 	}
 	if lb.FrontendIPConfigurations == nil || *lb.FrontendIPConfigurations == nil {
@@ -314,7 +320,7 @@ func (az *Cloud) getServiceLoadBalancerStatus(service *v1.Service, lb *network.L
 				if err != nil {
 					return nil, fmt.Errorf("get(%s): lb(%s) - failed to get LB PublicIPAddress Name from ID(%s)", serviceName, *lb.Name, *pipID)
 				}
-				pip, existsPip, err := az.getPublicIPAddress(pipName)
+				pip, existsPip, err := az.getPublicIPAddress(az.getPublicIPAddressResourceGroup(service), pipName)
 				if err != nil {
 					return nil, err
 				}
@@ -336,7 +342,9 @@ func (az *Cloud) determinePublicIPName(clusterName string, service *v1.Service)
 		return getPublicIPName(clusterName, service), nil
 	}
 
-	pips, err := az.ListPIPWithRetry()
+	pipResourceGroup := az.getPublicIPAddressResourceGroup(service)
+
+	pips, err := az.ListPIPWithRetry(pipResourceGroup)
 	if err != nil {
 		return "", err
 	}
@@ -347,7 +355,7 @@ func (az *Cloud) determinePublicIPName(clusterName string, service *v1.Service)
 			return *pip.Name, nil
 		}
 	}
-	return "", fmt.Errorf("user supplied IP Address %s was not found", loadBalancerIP)
+	return "", fmt.Errorf("user supplied IP Address %s was not found in resource group %s", loadBalancerIP, pipResourceGroup)
 }
 
 func flipServiceInternalAnnotation(service *v1.Service) *v1.Service {
@@ -365,12 +373,12 @@ func flipServiceInternalAnnotation(service *v1.Service) *v1.Service {
 	return copyService
 }
 
-func (az *Cloud) findServiceIPAddress(clusterName string, service *v1.Service, isInternalLb bool) (string, error) {
+func (az *Cloud) findServiceIPAddress(ctx context.Context, clusterName string, service *v1.Service, isInternalLb bool) (string, error) {
 	if len(service.Spec.LoadBalancerIP) > 0 {
 		return service.Spec.LoadBalancerIP, nil
 	}
 
-	lbStatus, existsLb, err := az.GetLoadBalancer(clusterName, service)
+	lbStatus, existsLb, err := az.GetLoadBalancer(ctx, clusterName, service)
 	if err != nil {
 		return "", err
 	}
@@ -386,8 +394,9 @@ func (az *Cloud) findServiceIPAddress(clusterName string, service *v1.Service, i
 	return lbStatus.Ingress[0].IP, nil
 }
 
-func (az *Cloud) ensurePublicIPExists(serviceName, pipName, domainNameLabel string) (*network.PublicIPAddress, error) {
-	pip, existsPip, err := az.getPublicIPAddress(pipName)
+func (az *Cloud) ensurePublicIPExists(service *v1.Service, pipName string, domainNameLabel string) (*network.PublicIPAddress, error) {
+	pipResourceGroup := az.getPublicIPAddressResourceGroup(service)
+	pip, existsPip, err := az.getPublicIPAddress(pipResourceGroup, pipName)
 	if err != nil {
 		return nil, err
 	}
@@ -395,6 +404,7 @@ func (az *Cloud) ensurePublicIPExists(serviceName, pipName, domainNameLabel stri
 		return &pip, nil
 	}
 
+	serviceName := getServiceName(service)
 	pip.Name = to.StringPtr(pipName)
 	pip.Location = to.StringPtr(az.Location)
 	pip.PublicIPAddressPropertiesFormat = &network.PublicIPAddressPropertiesFormat{
@@ -407,19 +417,15 @@ func (az *Cloud) ensurePublicIPExists(serviceName, pipName, domainNameLabel stri
 	}
 	pip.Tags = &map[string]*string{"service": &serviceName}
 	glog.V(3).Infof("ensure(%s): pip(%s) - creating", serviceName, *pip.Name)
-	az.operationPollRateLimiter.Accept()
-	glog.V(10).Infof("CreateOrUpdatePIPWithRetry(%q): start", *pip.Name)
-	err = az.CreateOrUpdatePIPWithRetry(pip)
+	glog.V(10).Infof("CreateOrUpdatePIPWithRetry(%s, %q): start", pipResourceGroup, *pip.Name)
+	err = az.CreateOrUpdatePIPWithRetry(pipResourceGroup, pip)
 	if err != nil {
 		glog.V(2).Infof("ensure(%s) abort backoff: pip(%s) - creating", serviceName, *pip.Name)
 		return nil, err
 	}
-	glog.V(10).Infof("CreateOrUpdatePIPWithRetry(%q): end", *pip.Name)
+	glog.V(10).Infof("CreateOrUpdatePIPWithRetry(%s, %q): end", pipResourceGroup, *pip.Name)
 
-	az.operationPollRateLimiter.Accept()
-	glog.V(10).Infof("PublicIPAddressesClient.Get(%q): start", *pip.Name)
-	pip, err = az.PublicIPAddressesClient.Get(az.ResourceGroup, *pip.Name, "")
-	glog.V(10).Infof("PublicIPAddressesClient.Get(%q): end", *pip.Name)
+	pip, err = az.PublicIPAddressesClient.Get(pipResourceGroup, *pip.Name, "")
 	if err != nil {
 		return nil, err
 	}
@@ -546,8 +552,8 @@ func (az *Cloud) reconcileLoadBalancer(clusterName string, service *v1.Service,
 				if err != nil {
 					return nil, err
 				}
-				domainNameLabel := getPublicIPLabel(service)
-				pip, err := az.ensurePublicIPExists(serviceName, pipName, domainNameLabel)
+				domainNameLabel := getPublicIPDomainNameLabel(service)
+				pip, err := az.ensurePublicIPExists(service, pipName, domainNameLabel)
 				if err != nil {
 					return nil, err
 				}
@@ -743,14 +749,24 @@ func (az *Cloud) reconcileLoadBalancer(clusterName string, service *v1.Service,
 			// because an Azure load balancer cannot have an empty FrontendIPConfigurations collection
 			glog.V(3).Infof("delete(%s): lb(%s) - deleting; no remaining frontendipconfigs", serviceName, lbName)
 
-			az.operationPollRateLimiter.Accept()
-			glog.V(10).Infof("LoadBalancerClient.Delete(%q): start", lbName)
-			err := az.DeleteLBWithRetry(lbName)
+			// Remove backend pools from vmSets. This is required for virtual machine scale sets before removing the LB.
+			vmSetName := az.mapLoadBalancerNameToVMSet(lbName, clusterName)
+			glog.V(10).Infof("EnsureBackendPoolDeleted(%s, %s): start", lbBackendPoolID, vmSetName)
+			err := az.vmSet.EnsureBackendPoolDeleted(lbBackendPoolID, vmSetName)
+			if err != nil {
+				glog.Errorf("EnsureBackendPoolDeleted(%s, %s) failed: %v", lbBackendPoolID, vmSetName, err)
+				return nil, err
+			}
+			glog.V(10).Infof("EnsureBackendPoolDeleted(%s, %s): end", lbBackendPoolID, vmSetName)
+
+			// Remove the LB.
+			glog.V(10).Infof("az.DeleteLBWithRetry(%q): start", lbName)
+			err = az.DeleteLBWithRetry(lbName)
 			if err != nil {
 				glog.V(2).Infof("delete(%s) abort backoff: lb(%s) - deleting; no remaining frontendipconfigs", serviceName, lbName)
 				return nil, err
 			}
-			glog.V(10).Infof("LoadBalancerClient.Delete(%q): end", lbName)
+			glog.V(10).Infof("az.DeleteLBWithRetry(%q): end", lbName)
 		} else {
 			glog.V(3).Infof("ensure(%s): lb(%s) - updating", serviceName, lbName)
 			err := az.CreateOrUpdateLBWithRetry(*lb)
@@ -776,23 +792,10 @@ func (az *Cloud) reconcileLoadBalancer(clusterName string, service *v1.Service,
 
 	if wantLb && nodes != nil {
 		// Add the machines to the backend pool if they're not already
-		availabilitySetName := az.mapLoadBalancerNameToAvailabilitySet(lbName, clusterName)
-		hostUpdates := make([]func() error, len(nodes))
-		for i, node := range nodes {
-			localNodeName := node.Name
-			f := func() error {
-				err := az.ensureHostInPool(serviceName, types.NodeName(localNodeName), lbBackendPoolID, availabilitySetName)
-				if err != nil {
-					return fmt.Errorf("ensure(%s): lb(%s) - failed to ensure host in pool: %q", serviceName, lbName, err)
-				}
-				return nil
-			}
-			hostUpdates[i] = f
-		}
-
-		errs := utilerrors.AggregateGoroutines(hostUpdates...)
-		if errs != nil {
-			return nil, utilerrors.Flatten(errs)
+		vmSetName := az.mapLoadBalancerNameToVMSet(lbName, clusterName)
+		err := az.vmSet.EnsureHostsInPool(serviceName, nodes, lbBackendPoolID, vmSetName)
+		if err != nil {
+			return nil, err
 		}
 	}
 
@@ -815,10 +818,7 @@ func (az *Cloud) reconcileSecurityGroup(clusterName string, service *v1.Service,
 		ports = []v1.ServicePort{}
 	}
 
-	az.operationPollRateLimiter.Accept()
-	glog.V(10).Infof("SecurityGroupsClient.Get(%q): start", az.SecurityGroupName)
-	sg, err := az.SecurityGroupsClient.Get(az.ResourceGroup, az.SecurityGroupName, "")
-	glog.V(10).Infof("SecurityGroupsClient.Get(%q): end", az.SecurityGroupName)
+	sg, err := az.getSecurityGroup()
 	if err != nil {
 		return nil, err
 	}
@@ -987,7 +987,6 @@ func (az *Cloud) reconcileSecurityGroup(clusterName string, service *v1.Service,
 	if dirtySg {
 		sg.SecurityRules = &updatedRules
 		glog.V(3).Infof("ensure(%s): sg(%s) - updating", serviceName, *sg.Name)
-		az.operationPollRateLimiter.Accept()
 		glog.V(10).Infof("CreateOrUpdateSGWithRetry(%q): start", *sg.Name)
 		err := az.CreateOrUpdateSGWithRetry(sg)
 		if err != nil {
@@ -1158,7 +1157,9 @@ func (az *Cloud) reconcilePublicIP(clusterName string, service *v1.Service, want
 		}
 	}
 
-	pips, err := az.ListPIPWithRetry()
+	pipResourceGroup := az.getPublicIPAddressResourceGroup(service)
+
+	pips, err := az.ListPIPWithRetry(pipResourceGroup)
 	if err != nil {
 		return nil, err
 	}
@@ -1174,15 +1175,14 @@ func (az *Cloud) reconcilePublicIP(clusterName string, service *v1.Service, want
 				// Public ip resource with match service tag
 			} else {
 				glog.V(2).Infof("ensure(%s): pip(%s) - deleting", serviceName, pipName)
-				az.operationPollRateLimiter.Accept()
-				glog.V(10).Infof("DeletePublicIPWithRetry(%q): start", pipName)
-				err = az.DeletePublicIPWithRetry(pipName)
+				glog.V(10).Infof("DeletePublicIPWithRetry(%s, %q): start", pipResourceGroup, pipName)
+				err = az.DeletePublicIPWithRetry(pipResourceGroup, pipName)
 				if err != nil {
 					glog.V(2).Infof("ensure(%s) abort backoff: pip(%s) - deleting", serviceName, pipName)
 					// We let err to pass through
 					// It may be ignorable
 				}
-				glog.V(10).Infof("DeletePublicIPWithRetry(%q): end", pipName) // response not read yet...
+				glog.V(10).Infof("DeletePublicIPWithRetry(%s, %q): end", pipResourceGroup, pipName) // response not read yet...
 
 				err = ignoreStatusNotFoundFromError(err)
 				if err != nil {
@@ -1197,8 +1197,8 @@ func (az *Cloud) reconcilePublicIP(clusterName string, service *v1.Service, want
 	if !isInternal && wantLb {
 		// Confirm desired public ip resource exists
 		var pip *network.PublicIPAddress
-		domainNameLabel := getPublicIPLabel(service)
-		if pip, err = az.ensurePublicIPExists(serviceName, desiredPipName, domainNameLabel); err != nil {
+		domainNameLabel := getPublicIPDomainNameLabel(service)
+		if pip, err = az.ensurePublicIPExists(service, desiredPipName, domainNameLabel); err != nil {
 			return nil, err
 		}
 		return pip, nil
@@ -1261,95 +1261,17 @@ func findSecurityRule(rules []network.SecurityRule, rule network.SecurityRule) b
 	return false
 }
 
-// This ensures the given VM's Primary NIC's Primary IP Configuration is
-// participating in the specified LoadBalancer Backend Pool.
-func (az *Cloud) ensureHostInPool(serviceName string, nodeName types.NodeName, backendPoolID string, availabilitySetName string) error {
-	var machine compute.VirtualMachine
-	az.operationPollRateLimiter.Accept()
-	machine, err := az.GetVirtualMachineWithRetry(nodeName)
-	if err != nil {
-		glog.V(2).Infof("ensureHostInPool(%s, %s, %s) abort backoff", serviceName, nodeName, backendPoolID)
-		return err
+func (az *Cloud) getPublicIPAddressResourceGroup(service *v1.Service) string {
+	if resourceGroup, found := service.Annotations[ServiceAnnotationLoadBalancerResourceGroup]; found {
+		return resourceGroup
 	}
 
-	primaryNicID, err := getPrimaryInterfaceID(machine)
-	if err != nil {
-		return err
-	}
-	nicName, err := getLastSegment(primaryNicID)
-	if err != nil {
-		return err
-	}
-
-	// Check availability set
-	if availabilitySetName != "" {
-		expectedAvailabilitySetName := az.getAvailabilitySetID(availabilitySetName)
-		if machine.AvailabilitySet == nil || !strings.EqualFold(*machine.AvailabilitySet.ID, expectedAvailabilitySetName) {
-			glog.V(3).Infof(
-				"nicupdate(%s): skipping nic (%s) since it is not in the availabilitySet(%s)",
-				serviceName, nicName, availabilitySetName)
-			return nil
-		}
-	}
-
-	az.operationPollRateLimiter.Accept()
-	glog.V(10).Infof("InterfacesClient.Get(%q): start", nicName)
-	nic, err := az.InterfacesClient.Get(az.ResourceGroup, nicName, "")
-	glog.V(10).Infof("InterfacesClient.Get(%q): end", nicName)
-	if err != nil {
-		return err
-	}
-
-	var primaryIPConfig *network.InterfaceIPConfiguration
-	primaryIPConfig, err = getPrimaryIPConfig(nic)
-	if err != nil {
-		return err
-	}
-
-	foundPool := false
-	newBackendPools := []network.BackendAddressPool{}
-	if primaryIPConfig.LoadBalancerBackendAddressPools != nil {
-		newBackendPools = *primaryIPConfig.LoadBalancerBackendAddressPools
-	}
-	for _, existingPool := range newBackendPools {
-		if strings.EqualFold(backendPoolID, *existingPool.ID) {
-			foundPool = true
-			break
-		}
-	}
-	if !foundPool {
-		newBackendPools = append(newBackendPools,
-			network.BackendAddressPool{
-				ID: to.StringPtr(backendPoolID),
-			})
-
-		primaryIPConfig.LoadBalancerBackendAddressPools = &newBackendPools
-
-		glog.V(3).Infof("nicupdate(%s): nic(%s) - updating", serviceName, nicName)
-		az.operationPollRateLimiter.Accept()
-		glog.V(10).Infof("InterfacesClient.CreateOrUpdate(%q): start", *nic.Name)
-		respChan, errChan := az.InterfacesClient.CreateOrUpdate(az.ResourceGroup, *nic.Name, nic, nil)
-		resp := <-respChan
-		err := <-errChan
-		glog.V(10).Infof("InterfacesClient.CreateOrUpdate(%q): end", *nic.Name)
-		if az.CloudProviderBackoff && shouldRetryAPIRequest(resp.Response, err) {
-			glog.V(2).Infof("nicupdate(%s) backing off: nic(%s) - updating, err=%v", serviceName, nicName, err)
-			retryErr := az.CreateOrUpdateInterfaceWithRetry(nic)
-			if retryErr != nil {
-				err = retryErr
-				glog.V(2).Infof("nicupdate(%s) abort backoff: nic(%s) - updating", serviceName, nicName)
-			}
-		}
-		if err != nil {
-			return err
-		}
-	}
-	return nil
+	return az.ResourceGroup
 }
 
 // Check if service requires an internal load balancer.
 func requiresInternalLoadBalancer(service *v1.Service) bool {
-	if l, ok := service.Annotations[ServiceAnnotationLoadBalancerInternal]; ok {
+	if l, found := service.Annotations[ServiceAnnotationLoadBalancerInternal]; found {
 		return l == "true"
 	}
 
@@ -1358,7 +1280,7 @@ func requiresInternalLoadBalancer(service *v1.Service) bool {
 
 func subnet(service *v1.Service) *string {
 	if requiresInternalLoadBalancer(service) {
-		if l, ok := service.Annotations[ServiceAnnotationLoadBalancerInternalSubnet]; ok {
+		if l, found := service.Annotations[ServiceAnnotationLoadBalancerInternalSubnet]; found {
 			return &l
 		}
 	}
@@ -1366,28 +1288,28 @@ func subnet(service *v1.Service) *string {
 	return nil
 }
 
-// getServiceLoadBalancerMode parses the mode value
-// if the value is __auto__ it returns isAuto = TRUE
-// if anything else it returns the unique availability set names after triming spaces
-func getServiceLoadBalancerMode(service *v1.Service) (hasMode bool, isAuto bool, availabilitySetNames []string) {
+// getServiceLoadBalancerMode parses the mode value.
+// if the value is __auto__ it returns isAuto = TRUE.
+// if anything else it returns the unique VM set names after triming spaces.
+func getServiceLoadBalancerMode(service *v1.Service) (hasMode bool, isAuto bool, vmSetNames []string) {
 	mode, hasMode := service.Annotations[ServiceAnnotationLoadBalancerMode]
 	mode = strings.TrimSpace(mode)
 	isAuto = strings.EqualFold(mode, ServiceAnnotationLoadBalancerAutoModeValue)
 	if !isAuto {
 		// Break up list of "AS1,AS2"
-		availabilitySetParsedList := strings.Split(mode, ",")
+		vmSetParsedList := strings.Split(mode, ",")
 
-		// Trim the availability set names and remove duplicates
+		// Trim the VM set names and remove duplicates
 		//  e.g. {"AS1"," AS2", "AS3", "AS3"} => {"AS1", "AS2", "AS3"}
-		availabilitySetNameSet := sets.NewString()
-		for _, v := range availabilitySetParsedList {
-			availabilitySetNameSet.Insert(strings.TrimSpace(v))
+		vmSetNameSet := sets.NewString()
+		for _, v := range vmSetParsedList {
+			vmSetNameSet.Insert(strings.TrimSpace(v))
 		}
 
-		availabilitySetNames = availabilitySetNameSet.List()
+		vmSetNames = vmSetNameSet.List()
 	}
 
-	return hasMode, isAuto, availabilitySetNames
+	return hasMode, isAuto, vmSetNames
 }
 
 func useSharedSecurityRule(service *v1.Service) bool {
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_loadbalancer.md b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_loadbalancer.md
index 141d066cf159..31741cd4e934 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_loadbalancer.md
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_loadbalancer.md
@@ -9,7 +9,7 @@ Despite the ideal philosophy above, we have to face the reality. NSG depends on
 And also, For Azure, we cannot afford to have more than 1 worker of service_controller. Because, different services could operate on the same LB, concurrent execution could result in conflict or unexpected result. For AWS and GCE, they apparently doesn't have the problem, they use one LB per service, no such conflict.
 
 There are two load balancers per availability set internal and external. There is a limit on number of services that can be associated with a single load balancer.
-By default primary load balancer is selected. Services can be annotated to allow auto selection of available load balancers. Service annotations can also be used to provide specific availability sets that host the load balancers. Note that in case of auto selection or specific availability set selection, when the availability set is lost incase of downtime or cluster scale down the services are currently not auto assigned to an available load balancer.
+By default primary load balancer is selected. Services can be annotated to allow auto selection of available load balancers. Service annotations can also be used to provide specific availability sets that host the load balancers. Note that in case of auto selection or specific availability set selection, when the availability set is lost in case of downtime or cluster scale down the services are currently not auto assigned to an available load balancer.
 Service Annotation for Auto and specific load balancer mode
 
 - service.beta.kubernetes.io/azure-load-balancer-mode" (__auto__|as1,as2...)
@@ -40,7 +40,7 @@ Service Annotation for Auto and specific load balancer mode
 
 - getServiceLoadBalancer(service *v1.Service, clusterName string, nodes []*v1.Node, wantLb bool) (lb, status, exists, error)
   - gets the loadbalancer for the service if it already exists
-  - If wantLb is TRUE then -it selects a new load balancer, the selction helps distribute the services across load balancers
+  - If wantLb is TRUE then -it selects a new load balancer, the selection helps distribute the services across load balancers
   - In case the selected load balancer does not exists it returns network.LoadBalancer struct with added metadata (such as name, location) and existsLB set to FALSE 
   - By default - cluster default LB is returned
 
@@ -74,4 +74,4 @@ Service Annotation for Auto and specific load balancer mode
 - Reconcile LB's related and owned resources, such as FrontEndIPConfig, Rules, Probe.
   - Call reconcileLoadBalancer(clusterName, service, nodes, false)
 - Reconcile Public IP, public IP needs related LB reconciled first
-  - Call reconcilePublicIP(cluster, service, false)
\ No newline at end of file
+  - Call reconcilePublicIP(cluster, service, false)
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_managedDiskController.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_managedDiskController.go
index 5acdf5835836..207392680f66 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_managedDiskController.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_managedDiskController.go
@@ -73,7 +73,7 @@ func (c *ManagedDiskController) CreateManagedDisk(diskName string, storageAccoun
 	diskID := ""
 
 	err = kwait.ExponentialBackoff(defaultBackOff, func() (bool, error) {
-		provisonState, id, err := c.getDisk(diskName)
+		provisionState, id, err := c.getDisk(diskName)
 		diskID = id
 		// We are waiting for provisioningState==Succeeded
 		// We don't want to hand-off managed disks to k8s while they are
@@ -81,7 +81,7 @@ func (c *ManagedDiskController) CreateManagedDisk(diskName string, storageAccoun
 		if err != nil {
 			return false, err
 		}
-		if strings.ToLower(provisonState) == "succeeded" {
+		if strings.ToLower(provisionState) == "succeeded" {
 			return true, nil
 		}
 		return false, nil
@@ -106,8 +106,8 @@ func (c *ManagedDiskController) DeleteManagedDisk(diskURI string) error {
 	if err != nil {
 		return err
 	}
-	// We don't need poll here, k8s will immediatly stop referencing the disk
-	// the disk will be evantually deleted - cleanly - by ARM
+	// We don't need poll here, k8s will immediately stop referencing the disk
+	// the disk will be eventually deleted - cleanly - by ARM
 
 	glog.V(2).Infof("azureDisk - deleted a managed disk: %s", diskURI)
 
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_metrics.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_metrics.go
new file mode 100644
index 000000000000..cae35c594b66
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_metrics.go
@@ -0,0 +1,82 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package azure
+
+import (
+	"time"
+
+	"github.com/prometheus/client_golang/prometheus"
+)
+
+type apiCallMetrics struct {
+	latency *prometheus.HistogramVec
+	errors  *prometheus.CounterVec
+}
+
+var (
+	metricLabels = []string{
+		"request",         // API function that is being invoked
+		"resource_group",  // Resource group of the resource being monitored
+		"subscription_id", // Subscription ID of the resource being monitored
+	}
+
+	apiMetrics = registerAPIMetrics(metricLabels...)
+)
+
+type metricContext struct {
+	start      time.Time
+	attributes []string
+}
+
+func newMetricContext(prefix, request, resourceGroup, subscriptionID string) *metricContext {
+	return &metricContext{
+		start:      time.Now(),
+		attributes: []string{prefix + "_" + request, resourceGroup, subscriptionID},
+	}
+}
+
+func (mc *metricContext) Observe(err error) {
+	apiMetrics.latency.WithLabelValues(mc.attributes...).Observe(
+		time.Since(mc.start).Seconds())
+	if err != nil {
+		apiMetrics.errors.WithLabelValues(mc.attributes...).Inc()
+	}
+}
+
+func registerAPIMetrics(attributes ...string) *apiCallMetrics {
+	metrics := &apiCallMetrics{
+		latency: prometheus.NewHistogramVec(
+			prometheus.HistogramOpts{
+				Name: "cloudprovider_azure_api_request_duration_seconds",
+				Help: "Latency of an Azure API call",
+			},
+			attributes,
+		),
+		errors: prometheus.NewCounterVec(
+			prometheus.CounterOpts{
+				Name: "cloudprovider_azure_api_request_errors",
+				Help: "Number of errors for an Azure API call",
+			},
+			attributes,
+		),
+	}
+
+	prometheus.MustRegister(metrics.latency)
+	prometheus.MustRegister(metrics.errors)
+
+	return metrics
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_routes.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_routes.go
index 60c5049b052a..486064290ead 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_routes.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_routes.go
@@ -17,6 +17,7 @@ limitations under the License.
 package azure
 
 import (
+	"context"
 	"fmt"
 
 	"k8s.io/kubernetes/pkg/cloudprovider"
@@ -28,18 +29,23 @@ import (
 )
 
 // ListRoutes lists all managed routes that belong to the specified clusterName
-func (az *Cloud) ListRoutes(clusterName string) (routes []*cloudprovider.Route, err error) {
+func (az *Cloud) ListRoutes(ctx context.Context, clusterName string) ([]*cloudprovider.Route, error) {
 	glog.V(10).Infof("list: START clusterName=%q", clusterName)
 	routeTable, existsRouteTable, err := az.getRouteTable()
+	return processRoutes(routeTable, existsRouteTable, err)
+}
+
+// Injectable for testing
+func processRoutes(routeTable network.RouteTable, exists bool, err error) ([]*cloudprovider.Route, error) {
 	if err != nil {
 		return nil, err
 	}
-	if !existsRouteTable {
+	if !exists {
 		return []*cloudprovider.Route{}, nil
 	}
 
 	var kubeRoutes []*cloudprovider.Route
-	if routeTable.Routes != nil {
+	if routeTable.RouteTablePropertiesFormat != nil && routeTable.Routes != nil {
 		kubeRoutes = make([]*cloudprovider.Route, len(*routeTable.Routes))
 		for i, route := range *routeTable.Routes {
 			instance := mapRouteNameToNodeName(*route.Name)
@@ -58,52 +64,54 @@ func (az *Cloud) ListRoutes(clusterName string) (routes []*cloudprovider.Route,
 	return kubeRoutes, nil
 }
 
-// CreateRoute creates the described managed route
-// route.Name will be ignored, although the cloud-provider may use nameHint
-// to create a more user-meaningful name.
-func (az *Cloud) CreateRoute(clusterName string, nameHint string, kubeRoute *cloudprovider.Route) error {
-	glog.V(2).Infof("create: creating route. clusterName=%q instance=%q cidr=%q", clusterName, kubeRoute.TargetNode, kubeRoute.DestinationCIDR)
-
-	routeTable, existsRouteTable, err := az.getRouteTable()
-	if err != nil {
+func (az *Cloud) createRouteTableIfNotExists(clusterName string, kubeRoute *cloudprovider.Route) error {
+	if _, existsRouteTable, err := az.getRouteTable(); err != nil {
 		glog.V(2).Infof("create error: couldn't get routetable. clusterName=%q instance=%q cidr=%q", clusterName, kubeRoute.TargetNode, kubeRoute.DestinationCIDR)
 		return err
+	} else if existsRouteTable {
+		return nil
 	}
-	if !existsRouteTable {
-		routeTable = network.RouteTable{
-			Name:                       to.StringPtr(az.RouteTableName),
-			Location:                   to.StringPtr(az.Location),
-			RouteTablePropertiesFormat: &network.RouteTablePropertiesFormat{},
-		}
+	return az.createRouteTable()
+}
 
-		glog.V(3).Infof("create: creating routetable. routeTableName=%q", az.RouteTableName)
-		az.operationPollRateLimiter.Accept()
-		glog.V(10).Infof("RouteTablesClient.CreateOrUpdate(%q): start", az.RouteTableName)
-		respChan, errChan := az.RouteTablesClient.CreateOrUpdate(az.ResourceGroup, az.RouteTableName, routeTable, nil)
-		resp := <-respChan
-		err := <-errChan
-		glog.V(10).Infof("RouteTablesClient.CreateOrUpdate(%q): end", az.RouteTableName)
-		if az.CloudProviderBackoff && shouldRetryAPIRequest(resp.Response, err) {
-			glog.V(2).Infof("create backing off: creating routetable. routeTableName=%q", az.RouteTableName)
-			retryErr := az.CreateOrUpdateRouteTableWithRetry(routeTable)
-			if retryErr != nil {
-				err = retryErr
-				glog.V(2).Infof("create abort backoff: creating routetable. routeTableName=%q", az.RouteTableName)
-			}
-		}
-		if err != nil {
-			return err
-		}
+func (az *Cloud) createRouteTable() error {
+	routeTable := network.RouteTable{
+		Name:                       to.StringPtr(az.RouteTableName),
+		Location:                   to.StringPtr(az.Location),
+		RouteTablePropertiesFormat: &network.RouteTablePropertiesFormat{},
+	}
 
-		glog.V(10).Infof("RouteTablesClient.Get(%q): start", az.RouteTableName)
-		routeTable, err = az.RouteTablesClient.Get(az.ResourceGroup, az.RouteTableName, "")
-		glog.V(10).Infof("RouteTablesClient.Get(%q): end", az.RouteTableName)
-		if err != nil {
-			return err
+	glog.V(3).Infof("create: creating routetable. routeTableName=%q", az.RouteTableName)
+	respChan, errChan := az.RouteTablesClient.CreateOrUpdate(az.ResourceGroup, az.RouteTableName, routeTable, nil)
+	resp := <-respChan
+	err := <-errChan
+	glog.V(10).Infof("RouteTablesClient.CreateOrUpdate(%q): end", az.RouteTableName)
+	if az.CloudProviderBackoff && shouldRetryAPIRequest(resp.Response, err) {
+		glog.V(2).Infof("create backing off: creating routetable. routeTableName=%q", az.RouteTableName)
+		retryErr := az.CreateOrUpdateRouteTableWithRetry(routeTable)
+		if retryErr != nil {
+			err = retryErr
+			glog.V(2).Infof("create abort backoff: creating routetable. routeTableName=%q", az.RouteTableName)
 		}
 	}
+	if err != nil {
+		return err
+	}
+
+	// Invalidate the cache right after updating
+	az.rtCache.Delete(az.RouteTableName)
+	return nil
+}
 
-	targetIP, err := az.getIPForMachine(kubeRoute.TargetNode)
+// CreateRoute creates the described managed route
+// route.Name will be ignored, although the cloud-provider may use nameHint
+// to create a more user-meaningful name.
+func (az *Cloud) CreateRoute(ctx context.Context, clusterName string, nameHint string, kubeRoute *cloudprovider.Route) error {
+	glog.V(2).Infof("create: creating route. clusterName=%q instance=%q cidr=%q", clusterName, kubeRoute.TargetNode, kubeRoute.DestinationCIDR)
+	if err := az.createRouteTableIfNotExists(clusterName, kubeRoute); err != nil {
+		return err
+	}
+	targetIP, _, err := az.getIPForMachine(kubeRoute.TargetNode)
 	if err != nil {
 		return err
 	}
@@ -119,8 +127,6 @@ func (az *Cloud) CreateRoute(clusterName string, nameHint string, kubeRoute *clo
 	}
 
 	glog.V(3).Infof("create: creating route: instance=%q cidr=%q", kubeRoute.TargetNode, kubeRoute.DestinationCIDR)
-	az.operationPollRateLimiter.Accept()
-	glog.V(10).Infof("RoutesClient.CreateOrUpdate(%q): start", az.RouteTableName)
 	respChan, errChan := az.RoutesClient.CreateOrUpdate(az.ResourceGroup, az.RouteTableName, *route.Name, route, nil)
 	resp := <-respChan
 	err = <-errChan
@@ -143,12 +149,10 @@ func (az *Cloud) CreateRoute(clusterName string, nameHint string, kubeRoute *clo
 
 // DeleteRoute deletes the specified managed route
 // Route should be as returned by ListRoutes
-func (az *Cloud) DeleteRoute(clusterName string, kubeRoute *cloudprovider.Route) error {
+func (az *Cloud) DeleteRoute(ctx context.Context, clusterName string, kubeRoute *cloudprovider.Route) error {
 	glog.V(2).Infof("delete: deleting route. clusterName=%q instance=%q cidr=%q", clusterName, kubeRoute.TargetNode, kubeRoute.DestinationCIDR)
 
 	routeName := mapNodeNameToRouteName(kubeRoute.TargetNode)
-	az.operationPollRateLimiter.Accept()
-	glog.V(10).Infof("RoutesClient.Delete(%q): start", az.RouteTableName)
 	respChan, errChan := az.RoutesClient.Delete(az.ResourceGroup, az.RouteTableName, routeName, nil)
 	resp := <-respChan
 	err := <-errChan
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_util.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_standard.go
similarity index 57%
rename from vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_util.go
rename to vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_standard.go
index 01be3461fb40..9c5a9c333465 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_standard.go
@@ -30,8 +30,10 @@ import (
 
 	"github.com/Azure/azure-sdk-for-go/arm/compute"
 	"github.com/Azure/azure-sdk-for-go/arm/network"
+	"github.com/Azure/go-autorest/autorest/to"
 	"github.com/golang/glog"
 	"k8s.io/apimachinery/pkg/types"
+	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/apimachinery/pkg/util/uuid"
 )
@@ -44,9 +46,7 @@ const (
 	availabilitySetIDTemplate   = "/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Compute/availabilitySets/%s"
 	frontendIPConfigIDTemplate  = "/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Network/loadBalancers/%s/frontendIPConfigurations/%s"
 	backendPoolIDTemplate       = "/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Network/loadBalancers/%s/backendAddressPools/%s"
-	loadBalancerRuleIDTemplate  = "/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Network/loadBalancers/%s/loadBalancingRules/%s"
 	loadBalancerProbeIDTemplate = "/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Network/loadBalancers/%s/probes/%s"
-	securityRuleIDTemplate      = "/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Network/networkSecurityGroups/%s/securityRules/%s"
 
 	// InternalLoadBalancerNameSuffix is load balancer posfix
 	InternalLoadBalancerNameSuffix = "-internal"
@@ -57,10 +57,11 @@ const (
 	storageAccountNameMaxLength = 24
 )
 
+var errNotInVMSet = errors.New("vm is not in the vmset")
 var providerIDRE = regexp.MustCompile(`^` + CloudProviderName + `://(?:.*)/Microsoft.Compute/virtualMachines/(.+)$`)
 
-// returns the full identifier of a machine
-func (az *Cloud) getMachineID(machineName string) string {
+// getStandardMachineID returns the full identifier of a virtual machine.
+func (az *Cloud) getStandardMachineID(machineName string) string {
 	return fmt.Sprintf(
 		machineIDTemplate,
 		az.SubscriptionID,
@@ -97,16 +98,6 @@ func (az *Cloud) getBackendPoolID(lbName, backendPoolName string) string {
 		backendPoolName)
 }
 
-// returns the full identifier of a loadbalancer rule.
-func (az *Cloud) getLoadBalancerRuleID(lbName, lbRuleName string) string {
-	return fmt.Sprintf(
-		loadBalancerRuleIDTemplate,
-		az.SubscriptionID,
-		az.ResourceGroup,
-		lbName,
-		lbRuleName)
-}
-
 // returns the full identifier of a loadbalancer probe.
 func (az *Cloud) getLoadBalancerProbeID(lbName, lbRuleName string) string {
 	return fmt.Sprintf(
@@ -117,134 +108,22 @@ func (az *Cloud) getLoadBalancerProbeID(lbName, lbRuleName string) string {
 		lbRuleName)
 }
 
-// returns the full identifier of a network security group security rule.
-func (az *Cloud) getSecurityRuleID(securityRuleName string) string {
-	return fmt.Sprintf(
-		securityRuleIDTemplate,
-		az.SubscriptionID,
-		az.ResourceGroup,
-		az.SecurityGroupName,
-		securityRuleName)
-}
-
-// returns the full identifier of a publicIPAddress.
-func (az *Cloud) getpublicIPAddressID(pipName string) string {
-	return fmt.Sprintf(
-		publicIPAddressIDTemplate,
-		az.SubscriptionID,
-		az.ResourceGroup,
-		pipName)
-}
-
-// getLoadBalancerAvailabilitySetNames selects all possible availability sets for
-// service load balancer, if the service has no loadbalancer mode annotaion returns the
-// primary availability set if service annotation for loadbalancer availability set
-// exists then return the eligible a availability set
-func (az *Cloud) getLoadBalancerAvailabilitySetNames(service *v1.Service, nodes []*v1.Node) (availabilitySetNames *[]string, err error) {
-	hasMode, isAuto, serviceAvailabilitySetNames := getServiceLoadBalancerMode(service)
-	if !hasMode {
-		// no mode specified in service annotation default to PrimaryAvailabilitySetName
-		availabilitySetNames = &[]string{az.Config.PrimaryAvailabilitySetName}
-		return availabilitySetNames, nil
-	}
-	availabilitySetNames, err = az.getAgentPoolAvailabiliySets(nodes)
-	if err != nil {
-		glog.Errorf("az.getLoadBalancerAvailabilitySetNames - getAgentPoolAvailabiliySets failed err=(%v)", err)
-		return nil, err
-	}
-	if len(*availabilitySetNames) == 0 {
-		glog.Errorf("az.getLoadBalancerAvailabilitySetNames - No availability sets found for nodes in the cluster, node count(%d)", len(nodes))
-		return nil, fmt.Errorf("No availability sets found for nodes, node count(%d)", len(nodes))
-	}
-	// sort the list to have deterministic selection
-	sort.Strings(*availabilitySetNames)
-	if !isAuto {
-		if serviceAvailabilitySetNames == nil || len(serviceAvailabilitySetNames) == 0 {
-			return nil, fmt.Errorf("service annotation for LoadBalancerMode is empty, it should have __auto__ or availability sets value")
-		}
-		// validate availability set exists
-		var found bool
-		for sasx := range serviceAvailabilitySetNames {
-			for asx := range *availabilitySetNames {
-				if strings.EqualFold((*availabilitySetNames)[asx], serviceAvailabilitySetNames[sasx]) {
-					found = true
-					serviceAvailabilitySetNames[sasx] = (*availabilitySetNames)[asx]
-					break
-				}
-			}
-			if !found {
-				glog.Errorf("az.getLoadBalancerAvailabilitySetNames - Availability set (%s) in service annotation not found", serviceAvailabilitySetNames[sasx])
-				return nil, fmt.Errorf("availability set (%s) - not found", serviceAvailabilitySetNames[sasx])
-			}
-		}
-		availabilitySetNames = &serviceAvailabilitySetNames
-	}
-
-	return availabilitySetNames, nil
-}
-
-// lists the virtual machines for for the resource group and then builds
-// a list of availability sets that match the nodes available to k8s
-func (az *Cloud) getAgentPoolAvailabiliySets(nodes []*v1.Node) (agentPoolAvailabilitySets *[]string, err error) {
-	vms, err := az.VirtualMachineClientListWithRetry()
-	if err != nil {
-		glog.Errorf("az.getNodeAvailabilitySet - VirtualMachineClientListWithRetry failed, err=%v", err)
-		return nil, err
-	}
-	vmNameToAvailabilitySetID := make(map[string]string, len(vms))
-	for vmx := range vms {
-		vm := vms[vmx]
-		if vm.AvailabilitySet != nil {
-			vmNameToAvailabilitySetID[*vm.Name] = *vm.AvailabilitySet.ID
-		}
-	}
-	availabilitySetIDs := sets.NewString()
-	agentPoolAvailabilitySets = &[]string{}
-	for nx := range nodes {
-		nodeName := (*nodes[nx]).Name
-		if isMasterNode(nodes[nx]) {
-			continue
-		}
-		asID, ok := vmNameToAvailabilitySetID[nodeName]
-		if !ok {
-			glog.Errorf("az.getNodeAvailabilitySet - Node(%s) has no availability sets", nodeName)
-			return nil, fmt.Errorf("Node (%s) - has no availability sets", nodeName)
-		}
-		if availabilitySetIDs.Has(asID) {
-			// already added in the list
-			continue
-		}
-		asName, err := getLastSegment(asID)
-		if err != nil {
-			glog.Errorf("az.getNodeAvailabilitySet - Node (%s)- getLastSegment(%s), err=%v", nodeName, asID, err)
-			return nil, err
-		}
-		// AvailabilitySet ID is currently upper cased in a indeterministic way
-		// We want to keep it lower case, before the ID get fixed
-		asName = strings.ToLower(asName)
-
-		*agentPoolAvailabilitySets = append(*agentPoolAvailabilitySets, asName)
-	}
-
-	return agentPoolAvailabilitySets, nil
-}
-
-func (az *Cloud) mapLoadBalancerNameToAvailabilitySet(lbName string, clusterName string) (availabilitySetName string) {
-	availabilitySetName = strings.TrimSuffix(lbName, InternalLoadBalancerNameSuffix)
-	if strings.EqualFold(clusterName, availabilitySetName) {
-		availabilitySetName = az.Config.PrimaryAvailabilitySetName
+func (az *Cloud) mapLoadBalancerNameToVMSet(lbName string, clusterName string) (vmSetName string) {
+	vmSetName = strings.TrimSuffix(lbName, InternalLoadBalancerNameSuffix)
+	if strings.EqualFold(clusterName, vmSetName) {
+		vmSetName = az.vmSet.GetPrimaryVMSetName()
 	}
 
-	return availabilitySetName
+	return vmSetName
 }
 
 // For a load balancer, all frontend ip should reference either a subnet or publicIpAddress.
 // Thus Azure do not allow mixed type (public and internal) load balancer.
 // So we'd have a separate name for internal load balancer.
 // This would be the name for Azure LoadBalancer resource.
-func (az *Cloud) getLoadBalancerName(clusterName string, availabilitySetName string, isInternal bool) string {
-	lbNamePrefix := availabilitySetName
-	if strings.EqualFold(availabilitySetName, az.Config.PrimaryAvailabilitySetName) {
+func (az *Cloud) getLoadBalancerName(clusterName string, vmSetName string, isInternal bool) string {
+	lbNamePrefix := vmSetName
+	if strings.EqualFold(vmSetName, az.vmSet.GetPrimaryVMSetName()) {
 		lbNamePrefix = clusterName
 	}
 	if isInternal {
@@ -253,7 +132,7 @@ func (az *Cloud) getLoadBalancerName(clusterName string, availabilitySetName str
 	return lbNamePrefix
 }
 
-// isMasterNode returns returns true is the node has a master role label.
+// isMasterNode returns true if the node has a master role label.
 // The master role is determined by looking for:
 // * a kubernetes.io/role="master" label
 func isMasterNode(node *v1.Node) bool {
@@ -314,6 +193,10 @@ func getPrimaryInterfaceID(machine compute.VirtualMachine) (string, error) {
 }
 
 func getPrimaryIPConfig(nic network.Interface) (*network.InterfaceIPConfiguration, error) {
+	if nic.IPConfigurations == nil {
+		return nil, fmt.Errorf("nic.IPConfigurations for nic (nicname=%q) is nil", *nic.Name)
+	}
+
 	if len(*nic.IPConfigurations) == 1 {
 		return &((*nic.IPConfigurations)[0]), nil
 	}
@@ -324,7 +207,7 @@ func getPrimaryIPConfig(nic network.Interface) (*network.InterfaceIPConfiguratio
 		}
 	}
 
-	return nil, fmt.Errorf("failed to determine the determine primary ipconfig. nicname=%q", *nic.Name)
+	return nil, fmt.Errorf("failed to determine the primary ipconfig. nicname=%q", *nic.Name)
 }
 
 func isInternalLoadBalancer(lb *network.LoadBalancer) bool {
@@ -404,65 +287,8 @@ outer:
 	return -1, fmt.Errorf("SecurityGroup priorities are exhausted")
 }
 
-func (az *Cloud) getIPForMachine(nodeName types.NodeName) (string, error) {
-	if az.Config.VMType == vmTypeVMSS {
-		ip, err := az.getIPForVmssMachine(nodeName)
-		if err == cloudprovider.InstanceNotFound || err == ErrorNotVmssInstance {
-			return az.getIPForStandardMachine(nodeName)
-		}
-
-		return ip, err
-	}
-
-	return az.getIPForStandardMachine(nodeName)
-}
-
-func (az *Cloud) getIPForStandardMachine(nodeName types.NodeName) (string, error) {
-	az.operationPollRateLimiter.Accept()
-	machine, err := az.getVirtualMachine(nodeName)
-	if err != nil {
-		glog.Errorf("error: az.getIPForMachine(%s), az.getVirtualMachine(%s), err=%v", nodeName, nodeName, err)
-		return "", err
-	}
-
-	nicID, err := getPrimaryInterfaceID(machine)
-	if err != nil {
-		glog.Errorf("error: az.getIPForMachine(%s), getPrimaryInterfaceID(%v), err=%v", nodeName, machine, err)
-		return "", err
-	}
-
-	nicName, err := getLastSegment(nicID)
-	if err != nil {
-		glog.Errorf("error: az.getIPForMachine(%s), getLastSegment(%s), err=%v", nodeName, nicID, err)
-		return "", err
-	}
-
-	az.operationPollRateLimiter.Accept()
-	glog.V(10).Infof("InterfacesClient.Get(%q): start", nicName)
-	nic, err := az.InterfacesClient.Get(az.ResourceGroup, nicName, "")
-	glog.V(10).Infof("InterfacesClient.Get(%q): end", nicName)
-	if err != nil {
-		glog.Errorf("error: az.getIPForMachine(%s), az.InterfacesClient.Get(%s, %s, %s), err=%v", nodeName, az.ResourceGroup, nicName, "", err)
-		return "", err
-	}
-
-	ipConfig, err := getPrimaryIPConfig(nic)
-	if err != nil {
-		glog.Errorf("error: az.getIPForMachine(%s), getPrimaryIPConfig(%v), err=%v", nodeName, nic, err)
-		return "", err
-	}
-
-	targetIP := *ipConfig.PrivateIPAddress
-	return targetIP, nil
-}
-
-// splitProviderID converts a providerID to a NodeName.
-func splitProviderID(providerID string) (types.NodeName, error) {
-	matches := providerIDRE.FindStringSubmatch(providerID)
-	if len(matches) != 2 {
-		return "", errors.New("error splitting providerID")
-	}
-	return types.NodeName(matches[1]), nil
+func (az *Cloud) getIPForMachine(nodeName types.NodeName) (string, string, error) {
+	return az.vmSet.GetIPByNodeName(string(nodeName), "")
 }
 
 var polyTable = crc32.MakeTable(crc32.Koopman)
@@ -520,6 +346,338 @@ func ExtractDiskData(diskData interface{}) (provisioningState string, diskState
 	return provisioningState, diskState, nil
 }
 
+// availabilitySet implements VMSet interface for Azure availability sets.
+type availabilitySet struct {
+	*Cloud
+}
+
+// newStandardSet creates a new availabilitySet.
+func newAvailabilitySet(az *Cloud) VMSet {
+	return &availabilitySet{
+		Cloud: az,
+	}
+}
+
+// GetInstanceIDByNodeName gets the cloud provider ID by node name.
+// It must return ("", cloudprovider.InstanceNotFound) if the instance does
+// not exist or is no longer running.
+func (as *availabilitySet) GetInstanceIDByNodeName(name string) (string, error) {
+	var machine compute.VirtualMachine
+	var err error
+
+	machine, err = as.getVirtualMachine(types.NodeName(name))
+	if err != nil {
+		if as.CloudProviderBackoff {
+			glog.V(2).Infof("InstanceID(%s) backing off", name)
+			machine, err = as.GetVirtualMachineWithRetry(types.NodeName(name))
+			if err != nil {
+				glog.V(2).Infof("InstanceID(%s) abort backoff", name)
+				return "", err
+			}
+		} else {
+			return "", err
+		}
+	}
+	return *machine.ID, nil
+}
+
+// GetNodeNameByProviderID gets the node name by provider ID.
+func (as *availabilitySet) GetNodeNameByProviderID(providerID string) (types.NodeName, error) {
+	// NodeName is part of providerID for standard instances.
+	matches := providerIDRE.FindStringSubmatch(providerID)
+	if len(matches) != 2 {
+		return "", errors.New("error splitting providerID")
+	}
+
+	return types.NodeName(matches[1]), nil
+}
+
+// GetInstanceTypeByNodeName gets the instance type by node name.
+func (as *availabilitySet) GetInstanceTypeByNodeName(name string) (string, error) {
+	machine, err := as.getVirtualMachine(types.NodeName(name))
+	if err != nil {
+		glog.Errorf("error: as.GetInstanceTypeByNodeName(%s), as.getVirtualMachine(%s) err=%v", name, name, err)
+		return "", err
+	}
+
+	return string(machine.HardwareProfile.VMSize), nil
+}
+
+// GetZoneByNodeName gets zone from instance view.
+func (as *availabilitySet) GetZoneByNodeName(name string) (cloudprovider.Zone, error) {
+	vm, err := as.getVirtualMachine(types.NodeName(name))
+	if err != nil {
+		return cloudprovider.Zone{}, err
+	}
+
+	failureDomain := strconv.Itoa(int(*vm.VirtualMachineProperties.InstanceView.PlatformFaultDomain))
+	zone := cloudprovider.Zone{
+		FailureDomain: failureDomain,
+		Region:        *(vm.Location),
+	}
+	return zone, nil
+}
+
+// GetPrimaryVMSetName returns the VM set name depending on the configured vmType.
+// It returns config.PrimaryScaleSetName for vmss and config.PrimaryAvailabilitySetName for standard vmType.
+func (as *availabilitySet) GetPrimaryVMSetName() string {
+	return as.Config.PrimaryAvailabilitySetName
+}
+
+// GetIPByNodeName gets machine private IP and public IP by node name.
+func (as *availabilitySet) GetIPByNodeName(name, vmSetName string) (string, string, error) {
+	nic, err := as.GetPrimaryInterface(name, vmSetName)
+	if err != nil {
+		return "", "", err
+	}
+
+	ipConfig, err := getPrimaryIPConfig(nic)
+	if err != nil {
+		glog.Errorf("error: as.GetIPByNodeName(%s), getPrimaryIPConfig(%v), err=%v", name, nic, err)
+		return "", "", err
+	}
+
+	privateIP := *ipConfig.PrivateIPAddress
+	publicIP := ""
+	if ipConfig.PublicIPAddress != nil && ipConfig.PublicIPAddress.ID != nil {
+		pipID := *ipConfig.PublicIPAddress.ID
+		pipName, err := getLastSegment(pipID)
+		if err != nil {
+			return "", "", fmt.Errorf("failed to publicIP name for node %q with pipID %q", name, pipID)
+		}
+		pip, existsPip, err := as.getPublicIPAddress(as.ResourceGroup, pipName)
+		if err != nil {
+			return "", "", err
+		}
+		if existsPip {
+			publicIP = *pip.IPAddress
+		}
+	}
+
+	return privateIP, publicIP, nil
+}
+
+// getAgentPoolAvailabiliySets lists the virtual machines for the resource group and then builds
+// a list of availability sets that match the nodes available to k8s.
+func (as *availabilitySet) getAgentPoolAvailabiliySets(nodes []*v1.Node) (agentPoolAvailabilitySets *[]string, err error) {
+	vms, err := as.VirtualMachineClientListWithRetry()
+	if err != nil {
+		glog.Errorf("as.getNodeAvailabilitySet - VirtualMachineClientListWithRetry failed, err=%v", err)
+		return nil, err
+	}
+	vmNameToAvailabilitySetID := make(map[string]string, len(vms))
+	for vmx := range vms {
+		vm := vms[vmx]
+		if vm.AvailabilitySet != nil {
+			vmNameToAvailabilitySetID[*vm.Name] = *vm.AvailabilitySet.ID
+		}
+	}
+	availabilitySetIDs := sets.NewString()
+	agentPoolAvailabilitySets = &[]string{}
+	for nx := range nodes {
+		nodeName := (*nodes[nx]).Name
+		if isMasterNode(nodes[nx]) {
+			continue
+		}
+		asID, ok := vmNameToAvailabilitySetID[nodeName]
+		if !ok {
+			glog.Errorf("as.getNodeAvailabilitySet - Node(%s) has no availability sets", nodeName)
+			return nil, fmt.Errorf("Node (%s) - has no availability sets", nodeName)
+		}
+		if availabilitySetIDs.Has(asID) {
+			// already added in the list
+			continue
+		}
+		asName, err := getLastSegment(asID)
+		if err != nil {
+			glog.Errorf("as.getNodeAvailabilitySet - Node (%s)- getLastSegment(%s), err=%v", nodeName, asID, err)
+			return nil, err
+		}
+		// AvailabilitySet ID is currently upper cased in a indeterministic way
+		// We want to keep it lower case, before the ID get fixed
+		asName = strings.ToLower(asName)
+
+		*agentPoolAvailabilitySets = append(*agentPoolAvailabilitySets, asName)
+	}
+
+	return agentPoolAvailabilitySets, nil
+}
+
+// GetVMSetNames selects all possible availability sets or scale sets
+// (depending vmType configured) for service load balancer, if the service has
+// no loadbalancer mode annotaion returns the primary VMSet. If service annotation
+// for loadbalancer exists then return the eligible VMSet.
+func (as *availabilitySet) GetVMSetNames(service *v1.Service, nodes []*v1.Node) (availabilitySetNames *[]string, err error) {
+	hasMode, isAuto, serviceAvailabilitySetNames := getServiceLoadBalancerMode(service)
+	if !hasMode {
+		// no mode specified in service annotation default to PrimaryAvailabilitySetName
+		availabilitySetNames = &[]string{as.Config.PrimaryAvailabilitySetName}
+		return availabilitySetNames, nil
+	}
+	availabilitySetNames, err = as.getAgentPoolAvailabiliySets(nodes)
+	if err != nil {
+		glog.Errorf("as.GetVMSetNames - getAgentPoolAvailabiliySets failed err=(%v)", err)
+		return nil, err
+	}
+	if len(*availabilitySetNames) == 0 {
+		glog.Errorf("as.GetVMSetNames - No availability sets found for nodes in the cluster, node count(%d)", len(nodes))
+		return nil, fmt.Errorf("No availability sets found for nodes, node count(%d)", len(nodes))
+	}
+	// sort the list to have deterministic selection
+	sort.Strings(*availabilitySetNames)
+	if !isAuto {
+		if serviceAvailabilitySetNames == nil || len(serviceAvailabilitySetNames) == 0 {
+			return nil, fmt.Errorf("service annotation for LoadBalancerMode is empty, it should have __auto__ or availability sets value")
+		}
+		// validate availability set exists
+		var found bool
+		for sasx := range serviceAvailabilitySetNames {
+			for asx := range *availabilitySetNames {
+				if strings.EqualFold((*availabilitySetNames)[asx], serviceAvailabilitySetNames[sasx]) {
+					found = true
+					serviceAvailabilitySetNames[sasx] = (*availabilitySetNames)[asx]
+					break
+				}
+			}
+			if !found {
+				glog.Errorf("as.GetVMSetNames - Availability set (%s) in service annotation not found", serviceAvailabilitySetNames[sasx])
+				return nil, fmt.Errorf("availability set (%s) - not found", serviceAvailabilitySetNames[sasx])
+			}
+		}
+		availabilitySetNames = &serviceAvailabilitySetNames
+	}
+
+	return availabilitySetNames, nil
+}
+
+// GetPrimaryInterface gets machine primary network interface by node name and vmSet.
+func (as *availabilitySet) GetPrimaryInterface(nodeName, vmSetName string) (network.Interface, error) {
+	var machine compute.VirtualMachine
+
+	machine, err := as.GetVirtualMachineWithRetry(types.NodeName(nodeName))
+	if err != nil {
+		glog.V(2).Infof("GetPrimaryInterface(%s, %s) abort backoff", nodeName, vmSetName)
+		return network.Interface{}, err
+	}
+
+	primaryNicID, err := getPrimaryInterfaceID(machine)
+	if err != nil {
+		return network.Interface{}, err
+	}
+	nicName, err := getLastSegment(primaryNicID)
+	if err != nil {
+		return network.Interface{}, err
+	}
+
+	// Check availability set
+	if vmSetName != "" {
+		expectedAvailabilitySetName := as.getAvailabilitySetID(vmSetName)
+		if machine.AvailabilitySet == nil || !strings.EqualFold(*machine.AvailabilitySet.ID, expectedAvailabilitySetName) {
+			glog.V(3).Infof(
+				"GetPrimaryInterface: nic (%s) is not in the availabilitySet(%s)", nicName, vmSetName)
+			return network.Interface{}, errNotInVMSet
+		}
+	}
+
+	nic, err := as.InterfacesClient.Get(as.ResourceGroup, nicName, "")
+	if err != nil {
+		return network.Interface{}, err
+	}
+
+	return nic, nil
+}
+
+// ensureHostInPool ensures the given VM's Primary NIC's Primary IP Configuration is
+// participating in the specified LoadBalancer Backend Pool.
+func (as *availabilitySet) ensureHostInPool(serviceName string, nodeName types.NodeName, backendPoolID string, vmSetName string) error {
+	vmName := mapNodeNameToVMName(nodeName)
+	nic, err := as.GetPrimaryInterface(vmName, vmSetName)
+	if err != nil {
+		if err == errNotInVMSet {
+			glog.V(3).Infof("ensureHostInPool skips node %s because it is not in the vmSet %s", nodeName, vmSetName)
+			return nil
+		}
+
+		glog.Errorf("error: az.ensureHostInPool(%s), az.vmSet.GetPrimaryInterface.Get(%s, %s), err=%v", nodeName, vmName, vmSetName, err)
+		return err
+	}
+
+	var primaryIPConfig *network.InterfaceIPConfiguration
+	primaryIPConfig, err = getPrimaryIPConfig(nic)
+	if err != nil {
+		return err
+	}
+
+	foundPool := false
+	newBackendPools := []network.BackendAddressPool{}
+	if primaryIPConfig.LoadBalancerBackendAddressPools != nil {
+		newBackendPools = *primaryIPConfig.LoadBalancerBackendAddressPools
+	}
+	for _, existingPool := range newBackendPools {
+		if strings.EqualFold(backendPoolID, *existingPool.ID) {
+			foundPool = true
+			break
+		}
+	}
+	if !foundPool {
+		newBackendPools = append(newBackendPools,
+			network.BackendAddressPool{
+				ID: to.StringPtr(backendPoolID),
+			})
+
+		primaryIPConfig.LoadBalancerBackendAddressPools = &newBackendPools
+
+		nicName := *nic.Name
+		glog.V(3).Infof("nicupdate(%s): nic(%s) - updating", serviceName, nicName)
+		respChan, errChan := as.InterfacesClient.CreateOrUpdate(as.ResourceGroup, *nic.Name, nic, nil)
+		resp := <-respChan
+		err := <-errChan
+		glog.V(10).Infof("InterfacesClient.CreateOrUpdate(%q): end", *nic.Name)
+		if as.CloudProviderBackoff && shouldRetryAPIRequest(resp.Response, err) {
+			glog.V(2).Infof("nicupdate(%s) backing off: nic(%s) - updating, err=%v", serviceName, nicName, err)
+			retryErr := as.CreateOrUpdateInterfaceWithRetry(nic)
+			if retryErr != nil {
+				err = retryErr
+				glog.V(2).Infof("nicupdate(%s) abort backoff: nic(%s) - updating", serviceName, nicName)
+			}
+		}
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// EnsureHostsInPool ensures the given Node's primary IP configurations are
+// participating in the specified LoadBalancer Backend Pool.
+func (as *availabilitySet) EnsureHostsInPool(serviceName string, nodes []*v1.Node, backendPoolID string, vmSetName string) error {
+	hostUpdates := make([]func() error, len(nodes))
+	for i, node := range nodes {
+		localNodeName := node.Name
+		f := func() error {
+			err := as.ensureHostInPool(serviceName, types.NodeName(localNodeName), backendPoolID, vmSetName)
+			if err != nil {
+				return fmt.Errorf("ensure(%s): backendPoolID(%s) - failed to ensure host in pool: %q", serviceName, backendPoolID, err)
+			}
+			return nil
+		}
+		hostUpdates[i] = f
+	}
+
+	errs := utilerrors.AggregateGoroutines(hostUpdates...)
+	if errs != nil {
+		return utilerrors.Flatten(errs)
+	}
+
+	return nil
+}
+
+// EnsureBackendPoolDeleted ensures the loadBalancer backendAddressPools deleted from the specified vmSet.
+func (as *availabilitySet) EnsureBackendPoolDeleted(poolID, vmSetName string) error {
+	// Do nothing for availability set.
+	return nil
+}
+
 // get a storage account by UUID
 func generateStorageAccountName(accountNamePrefix string) string {
 	uniqueID := strings.Replace(string(uuid.NewUUID()), "-", "", -1)
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_storage.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_storage.go
index 5ceed1bcd269..03d919daa558 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_storage.go
@@ -20,66 +20,28 @@ import (
 	"fmt"
 
 	"github.com/Azure/azure-sdk-for-go/arm/storage"
-	"github.com/Azure/go-autorest/autorest/to"
 	"github.com/golang/glog"
 )
 
 const (
-	defaultStorageAccountType  = string(storage.StandardLRS)
-	fileShareAccountNamePrefix = "f"
+	defaultStorageAccountType      = string(storage.StandardLRS)
+	fileShareAccountNamePrefix     = "f"
+	sharedDiskAccountNamePrefix    = "ds"
+	dedicatedDiskAccountNamePrefix = "dd"
 )
 
 // CreateFileShare creates a file share, using a matching storage account
 func (az *Cloud) CreateFileShare(shareName, accountName, accountType, location string, requestGiB int) (string, string, error) {
-	if len(accountName) == 0 {
-		// find a storage account that matches accountType
-		accounts, err := az.getStorageAccounts(accountType, location)
-		if err != nil {
-			return "", "", fmt.Errorf("could not list storage accounts for account type %s: %v", accountType, err)
-		}
-
-		if len(accounts) > 0 {
-			accountName = accounts[0].Name
-			glog.V(4).Infof("found a matching account %s type %s location %s", accounts[0].Name, accounts[0].StorageType, accounts[0].Location)
-		}
-
-		if len(accountName) == 0 {
-			// not found a matching account, now create a new account in current resource group
-			accountName = generateStorageAccountName(fileShareAccountNamePrefix)
-			if location == "" {
-				location = az.Location
-			}
-			if accountType == "" {
-				accountType = defaultStorageAccountType
-			}
-
-			glog.V(2).Infof("azureFile - no matching account found, begin to create a new account %s in resource group %s, location: %s, accountType: %s",
-				accountName, az.ResourceGroup, location, accountType)
-			cp := storage.AccountCreateParameters{
-				Sku:      &storage.Sku{Name: storage.SkuName(accountType)},
-				Tags:     &map[string]*string{"created-by": to.StringPtr("azure-file")},
-				Location: &location}
-			cancel := make(chan struct{})
-
-			_, errchan := az.StorageAccountClient.Create(az.ResourceGroup, accountName, cp, cancel)
-			err := <-errchan
-			if err != nil {
-				return "", "", fmt.Errorf(fmt.Sprintf("Failed to create storage account %s, error: %s", accountName, err))
-			}
-		}
-	}
-
-	// find the access key with this account
-	accountKey, err := az.getStorageAccesskey(accountName)
+	account, key, err := az.ensureStorageAccount(accountName, accountType, location, fileShareAccountNamePrefix)
 	if err != nil {
 		return "", "", fmt.Errorf("could not get storage key for storage account %s: %v", accountName, err)
 	}
 
-	if err := az.createFileShare(accountName, accountKey, shareName, requestGiB); err != nil {
-		return "", "", fmt.Errorf("failed to create share %s in account %s: %v", shareName, accountName, err)
+	if err := az.createFileShare(account, key, shareName, requestGiB); err != nil {
+		return "", "", fmt.Errorf("failed to create share %s in account %s: %v", shareName, account, err)
 	}
-	glog.V(4).Infof("created share %s in account %s", shareName, accountName)
-	return accountName, accountKey, nil
+	glog.V(4).Infof("created share %s in account %s", shareName, account)
+	return account, key, nil
 }
 
 // DeleteFileShare deletes a file share using storage account name and key
@@ -89,5 +51,9 @@ func (az *Cloud) DeleteFileShare(accountName, accountKey, shareName string) erro
 	}
 	glog.V(4).Infof("share %s deleted", shareName)
 	return nil
+}
 
+// ResizeFileShare resizes a file share
+func (az *Cloud) ResizeFileShare(accountName, accountKey, name string, sizeGiB int) error {
+	return az.resizeFileShare(accountName, accountKey, name, sizeGiB)
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_storageaccount.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_storageaccount.go
index 787444c9413e..8425463b5634 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_storageaccount.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_storageaccount.go
@@ -20,6 +20,8 @@ import (
 	"fmt"
 	"strings"
 
+	"github.com/Azure/azure-sdk-for-go/arm/storage"
+	"github.com/Azure/go-autorest/autorest/to"
 	"github.com/golang/glog"
 )
 
@@ -27,12 +29,9 @@ type accountWithLocation struct {
 	Name, StorageType, Location string
 }
 
-// getStorageAccounts gets name, type, location of all storage accounts in a resource group which matches matchingAccountType
+// getStorageAccounts gets name, type, location of all storage accounts in a resource group which matches matchingAccountType, matchingLocation
 func (az *Cloud) getStorageAccounts(matchingAccountType, matchingLocation string) ([]accountWithLocation, error) {
-	az.operationPollRateLimiter.Accept()
-	glog.V(10).Infof("StorageAccountClient.ListByResourceGroup(%v): start", az.ResourceGroup)
 	result, err := az.StorageAccountClient.ListByResourceGroup(az.ResourceGroup)
-	glog.V(10).Infof("StorageAccountClient.ListByResourceGroup(%v): end", az.ResourceGroup)
 	if err != nil {
 		return nil, err
 	}
@@ -61,10 +60,7 @@ func (az *Cloud) getStorageAccounts(matchingAccountType, matchingLocation string
 
 // getStorageAccesskey gets the storage account access key
 func (az *Cloud) getStorageAccesskey(account string) (string, error) {
-	az.operationPollRateLimiter.Accept()
-	glog.V(10).Infof("StorageAccountClient.ListKeys(%q): start", account)
 	result, err := az.StorageAccountClient.ListKeys(az.ResourceGroup, account)
-	glog.V(10).Infof("StorageAccountClient.ListKeys(%q): end", account)
 	if err != nil {
 		return "", err
 	}
@@ -83,3 +79,52 @@ func (az *Cloud) getStorageAccesskey(account string) (string, error) {
 	}
 	return "", fmt.Errorf("no valid keys")
 }
+
+// ensureStorageAccount search storage account, create one storage account(with genAccountNamePrefix) if not found, return accountName, accountKey
+func (az *Cloud) ensureStorageAccount(accountName, accountType, location, genAccountNamePrefix string) (string, string, error) {
+	if len(accountName) == 0 {
+		// find a storage account that matches accountType
+		accounts, err := az.getStorageAccounts(accountType, location)
+		if err != nil {
+			return "", "", fmt.Errorf("could not list storage accounts for account type %s: %v", accountType, err)
+		}
+
+		if len(accounts) > 0 {
+			accountName = accounts[0].Name
+			glog.V(4).Infof("found a matching account %s type %s location %s", accounts[0].Name, accounts[0].StorageType, accounts[0].Location)
+		}
+
+		if len(accountName) == 0 {
+			// not found a matching account, now create a new account in current resource group
+			accountName = generateStorageAccountName(genAccountNamePrefix)
+			if location == "" {
+				location = az.Location
+			}
+			if accountType == "" {
+				accountType = defaultStorageAccountType
+			}
+
+			glog.V(2).Infof("azure - no matching account found, begin to create a new account %s in resource group %s, location: %s, accountType: %s",
+				accountName, az.ResourceGroup, location, accountType)
+			cp := storage.AccountCreateParameters{
+				Sku:      &storage.Sku{Name: storage.SkuName(accountType)},
+				Tags:     &map[string]*string{"created-by": to.StringPtr("azure")},
+				Location: &location}
+			cancel := make(chan struct{})
+
+			_, errchan := az.StorageAccountClient.Create(az.ResourceGroup, accountName, cp, cancel)
+			err := <-errchan
+			if err != nil {
+				return "", "", fmt.Errorf(fmt.Sprintf("Failed to create storage account %s, error: %s", accountName, err))
+			}
+		}
+	}
+
+	// find the access key with this account
+	accountKey, err := az.getStorageAccesskey(accountName)
+	if err != nil {
+		return "", "", fmt.Errorf("could not get storage key for storage account %s: %v", accountName, err)
+	}
+
+	return accountName, accountKey, nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_util_cache.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_util_cache.go
deleted file mode 100644
index 8e416601ad89..000000000000
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_util_cache.go
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
-Copyright 2017 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package azure
-
-import (
-	"sync"
-	"time"
-
-	"k8s.io/client-go/tools/cache"
-)
-
-type timedcacheEntry struct {
-	key  string
-	data interface{}
-}
-
-type timedcache struct {
-	store cache.Store
-	lock  sync.Mutex
-}
-
-// ttl time.Duration
-func newTimedcache(ttl time.Duration) timedcache {
-	return timedcache{
-		store: cache.NewTTLStore(cacheKeyFunc, ttl),
-	}
-}
-
-func cacheKeyFunc(obj interface{}) (string, error) {
-	return obj.(*timedcacheEntry).key, nil
-}
-
-func (t *timedcache) GetOrCreate(key string, createFunc func() interface{}) (interface{}, error) {
-	entry, exists, err := t.store.GetByKey(key)
-	if err != nil {
-		return nil, err
-	}
-	if exists {
-		return (entry.(*timedcacheEntry)).data, nil
-	}
-
-	t.lock.Lock()
-	defer t.lock.Unlock()
-	entry, exists, err = t.store.GetByKey(key)
-	if err != nil {
-		return nil, err
-	}
-	if exists {
-		return (entry.(*timedcacheEntry)).data, nil
-	}
-
-	if createFunc == nil {
-		return nil, nil
-	}
-	created := createFunc()
-	t.store.Add(&timedcacheEntry{
-		key:  key,
-		data: created,
-	})
-	return created, nil
-}
-
-func (t *timedcache) Delete(key string) {
-	_ = t.store.Delete(&timedcacheEntry{
-		key: key,
-	})
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_util_vmss.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_util_vmss.go
deleted file mode 100644
index e16e31735526..000000000000
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_util_vmss.go
+++ /dev/null
@@ -1,102 +0,0 @@
-/*
-Copyright 2017 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package azure
-
-import (
-	"fmt"
-	"strconv"
-
-	"github.com/Azure/azure-sdk-for-go/arm/compute"
-	"github.com/golang/glog"
-
-	"k8s.io/apimachinery/pkg/types"
-	"k8s.io/kubernetes/pkg/cloudprovider"
-)
-
-func (az *Cloud) getIPForVmssMachine(nodeName types.NodeName) (string, error) {
-	az.operationPollRateLimiter.Accept()
-	machine, exists, err := az.getVmssVirtualMachine(nodeName)
-	if !exists {
-		return "", cloudprovider.InstanceNotFound
-	}
-	if err != nil {
-		glog.Errorf("error: az.getIPForVmssMachine(%s), az.getVmssVirtualMachine(%s), err=%v", nodeName, nodeName, err)
-		return "", err
-	}
-
-	nicID, err := getPrimaryInterfaceIDForVmssMachine(machine)
-	if err != nil {
-		glog.Errorf("error: az.getIPForVmssMachine(%s), getPrimaryInterfaceID(%v), err=%v", nodeName, machine, err)
-		return "", err
-	}
-
-	nicName, err := getLastSegment(nicID)
-	if err != nil {
-		glog.Errorf("error: az.getIPForVmssMachine(%s), getLastSegment(%s), err=%v", nodeName, nicID, err)
-		return "", err
-	}
-
-	az.operationPollRateLimiter.Accept()
-	glog.V(10).Infof("InterfacesClient.Get(%q): start", nicName)
-	nic, err := az.InterfacesClient.GetVirtualMachineScaleSetNetworkInterface(az.ResourceGroup, az.Config.PrimaryScaleSetName, *machine.InstanceID, nicName, "")
-	glog.V(10).Infof("InterfacesClient.Get(%q): end", nicName)
-	if err != nil {
-		glog.Errorf("error: az.getIPForVmssMachine(%s), az.GetVirtualMachineScaleSetNetworkInterface.Get(%s, %s, %s), err=%v", nodeName, az.ResourceGroup, nicName, "", err)
-		return "", err
-	}
-
-	ipConfig, err := getPrimaryIPConfig(nic)
-	if err != nil {
-		glog.Errorf("error: az.getIPForVmssMachine(%s), getPrimaryIPConfig(%v), err=%v", nodeName, nic, err)
-		return "", err
-	}
-
-	targetIP := *ipConfig.PrivateIPAddress
-	return targetIP, nil
-}
-
-// This returns the full identifier of the primary NIC for the given VM.
-func getPrimaryInterfaceIDForVmssMachine(machine compute.VirtualMachineScaleSetVM) (string, error) {
-	if len(*machine.NetworkProfile.NetworkInterfaces) == 1 {
-		return *(*machine.NetworkProfile.NetworkInterfaces)[0].ID, nil
-	}
-
-	for _, ref := range *machine.NetworkProfile.NetworkInterfaces {
-		if *ref.Primary {
-			return *ref.ID, nil
-		}
-	}
-
-	return "", fmt.Errorf("failed to find a primary nic for the vm. vmname=%q", *machine.Name)
-}
-
-// machineName is composed of computerNamePrefix and 36-based instanceID.
-// And instanceID part if in fixed length of 6 characters.
-// Refer https://msftstack.wordpress.com/2017/05/10/figuring-out-azure-vm-scale-set-machine-names/.
-func getVmssInstanceID(machineName string) (string, error) {
-	nameLength := len(machineName)
-	if nameLength < 6 {
-		return "", ErrorNotVmssInstance
-	}
-
-	instanceID, err := strconv.ParseUint(machineName[nameLength-6:], 36, 64)
-	if err != nil {
-		return "", ErrorNotVmssInstance
-	}
-
-	return fmt.Sprintf("%d", instanceID), nil
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_vmsets.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_vmsets.go
new file mode 100644
index 000000000000..4d78b7595870
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_vmsets.go
@@ -0,0 +1,71 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package azure
+
+import (
+	"github.com/Azure/azure-sdk-for-go/arm/compute"
+	"github.com/Azure/azure-sdk-for-go/arm/network"
+
+	"k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/kubernetes/pkg/cloudprovider"
+)
+
+// VMSet defines functions all vmsets (including scale set and availability
+// set) should be implemented.
+type VMSet interface {
+	// GetInstanceIDByNodeName gets the cloud provider ID by node name.
+	// It must return ("", cloudprovider.InstanceNotFound) if the instance does
+	// not exist or is no longer running.
+	GetInstanceIDByNodeName(name string) (string, error)
+	// GetInstanceTypeByNodeName gets the instance type by node name.
+	GetInstanceTypeByNodeName(name string) (string, error)
+	// GetIPByNodeName gets machine private IP and public IP by node name.
+	GetIPByNodeName(name, vmSetName string) (string, string, error)
+	// GetPrimaryInterface gets machine primary network interface by node name and vmSet.
+	GetPrimaryInterface(nodeName, vmSetName string) (network.Interface, error)
+	// GetNodeNameByProviderID gets the node name by provider ID.
+	GetNodeNameByProviderID(providerID string) (types.NodeName, error)
+
+	// GetZoneByNodeName gets cloudprovider.Zone by node name.
+	GetZoneByNodeName(name string) (cloudprovider.Zone, error)
+
+	// GetPrimaryVMSetName returns the VM set name depending on the configured vmType.
+	// It returns config.PrimaryScaleSetName for vmss and config.PrimaryAvailabilitySetName for standard vmType.
+	GetPrimaryVMSetName() string
+	// GetVMSetNames selects all possible availability sets or scale sets
+	// (depending vmType configured) for service load balancer, if the service has
+	// no loadbalancer mode annotation returns the primary VMSet. If service annotation
+	// for loadbalancer exists then return the eligible VMSet.
+	GetVMSetNames(service *v1.Service, nodes []*v1.Node) (availabilitySetNames *[]string, err error)
+	// EnsureHostsInPool ensures the given Node's primary IP configurations are
+	// participating in the specified LoadBalancer Backend Pool.
+	EnsureHostsInPool(serviceName string, nodes []*v1.Node, backendPoolID string, vmSetName string) error
+	// EnsureBackendPoolDeleted ensures the loadBalancer backendAddressPools deleted from the specified vmSet.
+	EnsureBackendPoolDeleted(poolID, vmSetName string) error
+
+	// AttachDisk attaches a vhd to vm. The vhd must exist, can be identified by diskName, diskURI, and lun.
+	AttachDisk(isManagedDisk bool, diskName, diskURI string, nodeName types.NodeName, lun int32, cachingMode compute.CachingTypes) error
+	// DetachDiskByName detaches a vhd from host. The vhd can be identified by diskName or diskURI.
+	DetachDiskByName(diskName, diskURI string, nodeName types.NodeName) error
+	// GetDiskLun finds the lun on the host that the vhd is attached to, given a vhd's diskName and diskURI.
+	GetDiskLun(diskName, diskURI string, nodeName types.NodeName) (int32, error)
+	// GetNextDiskLun searches all vhd attachment on the host and find unused lun. Return -1 if all luns are used.
+	GetNextDiskLun(nodeName types.NodeName) (int32, error)
+	// DisksAreAttached checks if a list of volumes are attached to the node with the specified NodeName.
+	DisksAreAttached(diskNames []string, nodeName types.NodeName) (map[string]bool, error)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_vmss.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_vmss.go
new file mode 100644
index 000000000000..bc064bbd2c47
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_vmss.go
@@ -0,0 +1,766 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package azure
+
+import (
+	"errors"
+	"fmt"
+	"regexp"
+	"sort"
+	"strconv"
+	"strings"
+
+	"github.com/Azure/azure-sdk-for-go/arm/network"
+	computepreview "github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2017-12-01/compute"
+	"github.com/Azure/go-autorest/autorest/to"
+	"github.com/golang/glog"
+
+	"k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/apimachinery/pkg/util/wait"
+	"k8s.io/kubernetes/pkg/cloudprovider"
+)
+
+var (
+	// ErrorNotVmssInstance indicates an instance is not belongint to any vmss.
+	ErrorNotVmssInstance = errors.New("not a vmss instance")
+
+	scaleSetNameRE        = regexp.MustCompile(`.*/subscriptions/(?:.*)/Microsoft.Compute/virtualMachineScaleSets/(.+)/virtualMachines(?:.*)`)
+	vmssMachineIDTemplate = "/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Compute/virtualMachineScaleSets/%s/virtualMachines/%s"
+)
+
+// scaleSet implements VMSet interface for Azure scale set.
+type scaleSet struct {
+	*Cloud
+
+	// availabilitySet is also required for scaleSet because some instances
+	// (e.g. master nodes) may not belong to any scale sets.
+	availabilitySet VMSet
+
+	vmssCache                      *timedCache
+	vmssVMCache                    *timedCache
+	nodeNameToScaleSetMappingCache *timedCache
+	availabilitySetNodesCache      *timedCache
+}
+
+// newScaleSet creates a new scaleSet.
+func newScaleSet(az *Cloud) (VMSet, error) {
+	var err error
+	ss := &scaleSet{
+		Cloud:           az,
+		availabilitySet: newAvailabilitySet(az),
+	}
+
+	ss.nodeNameToScaleSetMappingCache, err = ss.newNodeNameToScaleSetMappingCache()
+	if err != nil {
+		return nil, err
+	}
+
+	ss.availabilitySetNodesCache, err = ss.newAvailabilitySetNodesCache()
+	if err != nil {
+		return nil, err
+	}
+
+	ss.vmssCache, err = ss.newVmssCache()
+	if err != nil {
+		return nil, err
+	}
+
+	ss.vmssVMCache, err = ss.newVmssVMCache()
+	if err != nil {
+		return nil, err
+	}
+
+	return ss, nil
+}
+
+// getVmssVM gets virtualMachineScaleSetVM by nodeName from cache.
+// It returns cloudprovider.InstanceNotFound if node does not belong to any scale sets.
+func (ss *scaleSet) getVmssVM(nodeName string) (ssName, instanceID string, vm computepreview.VirtualMachineScaleSetVM, err error) {
+	instanceID, err = getScaleSetVMInstanceID(nodeName)
+	if err != nil {
+		return ssName, instanceID, vm, err
+	}
+
+	ssName, err = ss.getScaleSetNameByNodeName(nodeName)
+	if err != nil {
+		return ssName, instanceID, vm, err
+	}
+
+	if ssName == "" {
+		return "", "", vm, cloudprovider.InstanceNotFound
+	}
+
+	glog.V(4).Infof("getVmssVM gets scaleSetName (%q) and instanceID (%q) for node %q", ssName, instanceID, nodeName)
+	cachedVM, err := ss.vmssVMCache.Get(ss.makeVmssVMName(ssName, instanceID))
+	if err != nil {
+		return ssName, instanceID, vm, err
+	}
+
+	if cachedVM == nil {
+		glog.Errorf("Can't find node (%q) in any scale sets", nodeName)
+		return ssName, instanceID, vm, cloudprovider.InstanceNotFound
+	}
+
+	return ssName, instanceID, *(cachedVM.(*computepreview.VirtualMachineScaleSetVM)), nil
+}
+
+// getCachedVirtualMachineByInstanceID gets scaleSetVMInfo from cache.
+// The node must belong to one of scale sets.
+func (ss *scaleSet) getVmssVMByInstanceID(scaleSetName, instanceID string) (vm computepreview.VirtualMachineScaleSetVM, err error) {
+	vmName := ss.makeVmssVMName(scaleSetName, instanceID)
+	cachedVM, err := ss.vmssVMCache.Get(vmName)
+	if err != nil {
+		return vm, err
+	}
+
+	if cachedVM == nil {
+		glog.Errorf("cound't find vmss virtual machine by scaleSetName (%q) and instanceID (%q)", scaleSetName, instanceID)
+		return vm, cloudprovider.InstanceNotFound
+	}
+
+	return *(cachedVM.(*computepreview.VirtualMachineScaleSetVM)), nil
+}
+
+// GetInstanceIDByNodeName gets the cloud provider ID by node name.
+// It must return ("", cloudprovider.InstanceNotFound) if the instance does
+// not exist or is no longer running.
+func (ss *scaleSet) GetInstanceIDByNodeName(name string) (string, error) {
+	managedByAS, err := ss.isNodeManagedByAvailabilitySet(name)
+	if err != nil {
+		glog.Errorf("Failed to check isNodeManagedByAvailabilitySet: %v", err)
+		return "", err
+	}
+	if managedByAS {
+		// vm is managed by availability set.
+		return ss.availabilitySet.GetInstanceIDByNodeName(name)
+	}
+
+	_, _, vm, err := ss.getVmssVM(name)
+	if err != nil {
+		return "", err
+	}
+
+	return *vm.ID, nil
+}
+
+// GetNodeNameByProviderID gets the node name by provider ID.
+func (ss *scaleSet) GetNodeNameByProviderID(providerID string) (types.NodeName, error) {
+	// NodeName is not part of providerID for vmss instances.
+	scaleSetName, err := extractScaleSetNameByExternalID(providerID)
+	if err != nil {
+		glog.V(4).Infof("Can not extract scale set name from providerID (%s), assuming it is mananaged by availability set: %v", providerID, err)
+		return ss.availabilitySet.GetNodeNameByProviderID(providerID)
+	}
+
+	instanceID, err := getLastSegment(providerID)
+	if err != nil {
+		glog.V(4).Infof("Can not extract instanceID from providerID (%s), assuming it is mananaged by availability set: %v", providerID, err)
+		return ss.availabilitySet.GetNodeNameByProviderID(providerID)
+	}
+
+	vm, err := ss.getVmssVMByInstanceID(scaleSetName, instanceID)
+	if err != nil {
+		return "", err
+	}
+
+	if vm.OsProfile != nil && vm.OsProfile.ComputerName != nil {
+		nodeName := strings.ToLower(*vm.OsProfile.ComputerName)
+		return types.NodeName(nodeName), nil
+	}
+
+	return "", nil
+}
+
+// GetInstanceTypeByNodeName gets the instance type by node name.
+func (ss *scaleSet) GetInstanceTypeByNodeName(name string) (string, error) {
+	managedByAS, err := ss.isNodeManagedByAvailabilitySet(name)
+	if err != nil {
+		glog.Errorf("Failed to check isNodeManagedByAvailabilitySet: %v", err)
+		return "", err
+	}
+	if managedByAS {
+		// vm is managed by availability set.
+		return ss.availabilitySet.GetInstanceTypeByNodeName(name)
+	}
+
+	_, _, vm, err := ss.getVmssVM(name)
+	if err != nil {
+		return "", err
+	}
+
+	if vm.Sku != nil && vm.Sku.Name != nil {
+		return *vm.Sku.Name, nil
+	}
+
+	return "", nil
+}
+
+// GetZoneByNodeName gets cloudprovider.Zone by node name.
+func (ss *scaleSet) GetZoneByNodeName(name string) (cloudprovider.Zone, error) {
+	managedByAS, err := ss.isNodeManagedByAvailabilitySet(name)
+	if err != nil {
+		glog.Errorf("Failed to check isNodeManagedByAvailabilitySet: %v", err)
+		return cloudprovider.Zone{}, err
+	}
+	if managedByAS {
+		// vm is managed by availability set.
+		return ss.availabilitySet.GetZoneByNodeName(name)
+	}
+
+	_, _, vm, err := ss.getVmssVM(name)
+	if err != nil {
+		return cloudprovider.Zone{}, err
+	}
+
+	if vm.InstanceView != nil && vm.InstanceView.PlatformFaultDomain != nil {
+		return cloudprovider.Zone{
+			FailureDomain: strconv.Itoa(int(*vm.InstanceView.PlatformFaultDomain)),
+			Region:        *vm.Location,
+		}, nil
+	}
+
+	return cloudprovider.Zone{}, nil
+}
+
+// GetPrimaryVMSetName returns the VM set name depending on the configured vmType.
+// It returns config.PrimaryScaleSetName for vmss and config.PrimaryAvailabilitySetName for standard vmType.
+func (ss *scaleSet) GetPrimaryVMSetName() string {
+	return ss.Config.PrimaryScaleSetName
+}
+
+// GetIPByNodeName gets machine private IP and public IP by node name.
+// TODO(feiskyer): Azure vmss doesn't support associating a public IP to single virtual machine yet,
+// fix this after it is supported.
+func (ss *scaleSet) GetIPByNodeName(nodeName, vmSetName string) (string, string, error) {
+	nic, err := ss.GetPrimaryInterface(nodeName, vmSetName)
+	if err != nil {
+		glog.Errorf("error: ss.GetIPByNodeName(%s), GetPrimaryInterface(%q, %q), err=%v", nodeName, nodeName, vmSetName, err)
+		return "", "", err
+	}
+
+	ipConfig, err := getPrimaryIPConfig(nic)
+	if err != nil {
+		glog.Errorf("error: ss.GetIPByNodeName(%s), getPrimaryIPConfig(%v), err=%v", nodeName, nic, err)
+		return "", "", err
+	}
+
+	targetIP := *ipConfig.PrivateIPAddress
+	return targetIP, "", nil
+}
+
+// This returns the full identifier of the primary NIC for the given VM.
+func (ss *scaleSet) getPrimaryInterfaceID(machine computepreview.VirtualMachineScaleSetVM) (string, error) {
+	if len(*machine.NetworkProfile.NetworkInterfaces) == 1 {
+		return *(*machine.NetworkProfile.NetworkInterfaces)[0].ID, nil
+	}
+
+	for _, ref := range *machine.NetworkProfile.NetworkInterfaces {
+		if *ref.Primary {
+			return *ref.ID, nil
+		}
+	}
+
+	return "", fmt.Errorf("failed to find a primary nic for the vm. vmname=%q", *machine.Name)
+}
+
+// machineName is composed of computerNamePrefix and 36-based instanceID.
+// And instanceID part if in fixed length of 6 characters.
+// Refer https://msftstack.wordpress.com/2017/05/10/figuring-out-azure-vm-scale-set-machine-names/.
+func getScaleSetVMInstanceID(machineName string) (string, error) {
+	nameLength := len(machineName)
+	if nameLength < 6 {
+		return "", ErrorNotVmssInstance
+	}
+
+	instanceID, err := strconv.ParseUint(machineName[nameLength-6:], 36, 64)
+	if err != nil {
+		return "", ErrorNotVmssInstance
+	}
+
+	return fmt.Sprintf("%d", instanceID), nil
+}
+
+// extractScaleSetNameByExternalID extracts the scaleset name by node's externalID.
+func extractScaleSetNameByExternalID(externalID string) (string, error) {
+	matches := scaleSetNameRE.FindStringSubmatch(externalID)
+	if len(matches) != 2 {
+		return "", ErrorNotVmssInstance
+	}
+
+	return matches[1], nil
+}
+
+// listScaleSets lists all scale sets.
+func (ss *scaleSet) listScaleSets() ([]string, error) {
+	var err error
+	ctx, cancel := getContextWithCancel()
+	defer cancel()
+
+	allScaleSets, err := ss.VirtualMachineScaleSetsClient.List(ctx, ss.ResourceGroup)
+	if err != nil {
+		glog.Errorf("VirtualMachineScaleSetsClient.List failed: %v", err)
+		return nil, err
+	}
+
+	ssNames := make([]string, len(allScaleSets))
+	for i := range allScaleSets {
+		ssNames[i] = *(allScaleSets[i].Name)
+	}
+
+	return ssNames, nil
+}
+
+// listScaleSetVMs lists VMs belonging to the specified scale set.
+func (ss *scaleSet) listScaleSetVMs(scaleSetName string) ([]computepreview.VirtualMachineScaleSetVM, error) {
+	var err error
+	ctx, cancel := getContextWithCancel()
+	defer cancel()
+
+	allVMs, err := ss.VirtualMachineScaleSetVMsClient.List(ctx, ss.ResourceGroup, scaleSetName, "", "", string(computepreview.InstanceView))
+	if err != nil {
+		glog.Errorf("VirtualMachineScaleSetVMsClient.List failed: %v", err)
+		return nil, err
+	}
+
+	return allVMs, nil
+}
+
+// getAgentPoolScaleSets lists the virtual machines for the resource group and then builds
+// a list of scale sets that match the nodes available to k8s.
+func (ss *scaleSet) getAgentPoolScaleSets(nodes []*v1.Node) (*[]string, error) {
+	agentPoolScaleSets := &[]string{}
+	for nx := range nodes {
+		if isMasterNode(nodes[nx]) {
+			continue
+		}
+
+		nodeName := nodes[nx].Name
+		ssName, err := ss.getScaleSetNameByNodeName(nodeName)
+		if err != nil {
+			return nil, err
+		}
+
+		if ssName == "" {
+			glog.V(3).Infof("Node %q is not belonging to any known scale sets", nodeName)
+			continue
+		}
+
+		*agentPoolScaleSets = append(*agentPoolScaleSets, ssName)
+	}
+
+	return agentPoolScaleSets, nil
+}
+
+// GetVMSetNames selects all possible availability sets or scale sets
+// (depending vmType configured) for service load balancer. If the service has
+// no loadbalancer mode annotation returns the primary VMSet. If service annotation
+// for loadbalancer exists then return the eligible VMSet.
+func (ss *scaleSet) GetVMSetNames(service *v1.Service, nodes []*v1.Node) (vmSetNames *[]string, err error) {
+	hasMode, isAuto, serviceVMSetNames := getServiceLoadBalancerMode(service)
+	if !hasMode {
+		// no mode specified in service annotation default to PrimaryScaleSetName.
+		scaleSetNames := &[]string{ss.Config.PrimaryScaleSetName}
+		return scaleSetNames, nil
+	}
+
+	scaleSetNames, err := ss.getAgentPoolScaleSets(nodes)
+	if err != nil {
+		glog.Errorf("ss.GetVMSetNames - getAgentPoolScaleSets failed err=(%v)", err)
+		return nil, err
+	}
+	if len(*scaleSetNames) == 0 {
+		glog.Errorf("ss.GetVMSetNames - No scale sets found for nodes in the cluster, node count(%d)", len(nodes))
+		return nil, fmt.Errorf("No scale sets found for nodes, node count(%d)", len(nodes))
+	}
+
+	// sort the list to have deterministic selection
+	sort.Strings(*scaleSetNames)
+
+	if !isAuto {
+		if serviceVMSetNames == nil || len(serviceVMSetNames) == 0 {
+			return nil, fmt.Errorf("service annotation for LoadBalancerMode is empty, it should have __auto__ or availability sets value")
+		}
+		// validate scale set exists
+		var found bool
+		for sasx := range serviceVMSetNames {
+			for asx := range *scaleSetNames {
+				if strings.EqualFold((*scaleSetNames)[asx], serviceVMSetNames[sasx]) {
+					found = true
+					serviceVMSetNames[sasx] = (*scaleSetNames)[asx]
+					break
+				}
+			}
+			if !found {
+				glog.Errorf("ss.GetVMSetNames - scale set (%s) in service annotation not found", serviceVMSetNames[sasx])
+				return nil, fmt.Errorf("scale set (%s) - not found", serviceVMSetNames[sasx])
+			}
+		}
+		vmSetNames = &serviceVMSetNames
+	}
+
+	return vmSetNames, nil
+}
+
+// GetPrimaryInterface gets machine primary network interface by node name and vmSet.
+func (ss *scaleSet) GetPrimaryInterface(nodeName, vmSetName string) (network.Interface, error) {
+	managedByAS, err := ss.isNodeManagedByAvailabilitySet(nodeName)
+	if err != nil {
+		glog.Errorf("Failed to check isNodeManagedByAvailabilitySet: %v", err)
+		return network.Interface{}, err
+	}
+	if managedByAS {
+		// vm is managed by availability set.
+		return ss.availabilitySet.GetPrimaryInterface(nodeName, "")
+	}
+
+	ssName, instanceID, vm, err := ss.getVmssVM(nodeName)
+	if err != nil {
+		glog.Errorf("error: ss.GetPrimaryInterface(%s), ss.getVmssVM(%s), err=%v", nodeName, nodeName, err)
+		return network.Interface{}, err
+	}
+
+	// Check scale set name.
+	if vmSetName != "" && !strings.EqualFold(ssName, vmSetName) {
+		return network.Interface{}, errNotInVMSet
+	}
+
+	primaryInterfaceID, err := ss.getPrimaryInterfaceID(vm)
+	if err != nil {
+		glog.Errorf("error: ss.GetPrimaryInterface(%s), ss.getPrimaryInterfaceID(), err=%v", nodeName, err)
+		return network.Interface{}, err
+	}
+
+	nicName, err := getLastSegment(primaryInterfaceID)
+	if err != nil {
+		glog.Errorf("error: ss.GetPrimaryInterface(%s), getLastSegment(%s), err=%v", nodeName, primaryInterfaceID, err)
+		return network.Interface{}, err
+	}
+
+	nic, err := ss.InterfacesClient.GetVirtualMachineScaleSetNetworkInterface(ss.ResourceGroup, ssName, instanceID, nicName, "")
+	if err != nil {
+		glog.Errorf("error: ss.GetPrimaryInterface(%s), ss.GetVirtualMachineScaleSetNetworkInterface.Get(%s, %s, %s), err=%v", nodeName, ss.ResourceGroup, ssName, nicName, err)
+		return network.Interface{}, err
+	}
+
+	// Fix interface's location, which is required when updating the interface.
+	// TODO: is this a bug of azure SDK?
+	if nic.Location == nil || *nic.Location == "" {
+		nic.Location = vm.Location
+	}
+
+	return nic, nil
+}
+
+// getScaleSetWithRetry gets scale set with exponential backoff retry
+func (ss *scaleSet) getScaleSetWithRetry(name string) (computepreview.VirtualMachineScaleSet, bool, error) {
+	var result computepreview.VirtualMachineScaleSet
+	var exists bool
+
+	err := wait.ExponentialBackoff(ss.requestBackoff(), func() (bool, error) {
+		cached, retryErr := ss.vmssCache.Get(name)
+		if retryErr != nil {
+			glog.Errorf("backoff: failure for scale set %q, will retry,err=%v", name, retryErr)
+			return false, nil
+		}
+		glog.V(4).Info("backoff: success for scale set %q", name)
+
+		if cached != nil {
+			exists = true
+			result = *(cached.(*computepreview.VirtualMachineScaleSet))
+		}
+
+		return true, nil
+	})
+
+	return result, exists, err
+}
+
+// getPrimaryNetworkConfiguration gets primary network interface configuration for scale sets.
+func (ss *scaleSet) getPrimaryNetworkConfiguration(networkConfigurationList *[]computepreview.VirtualMachineScaleSetNetworkConfiguration, scaleSetName string) (*computepreview.VirtualMachineScaleSetNetworkConfiguration, error) {
+	networkConfigurations := *networkConfigurationList
+	if len(networkConfigurations) == 1 {
+		return &networkConfigurations[0], nil
+	}
+
+	for idx := range networkConfigurations {
+		networkConfig := &networkConfigurations[idx]
+		if networkConfig.Primary != nil && *networkConfig.Primary == true {
+			return networkConfig, nil
+		}
+	}
+
+	return nil, fmt.Errorf("failed to find a primary network configuration for the scale set %q", scaleSetName)
+}
+
+func (ss *scaleSet) getPrimaryIPConfigForScaleSet(config *computepreview.VirtualMachineScaleSetNetworkConfiguration, scaleSetName string) (*computepreview.VirtualMachineScaleSetIPConfiguration, error) {
+	ipConfigurations := *config.IPConfigurations
+	if len(ipConfigurations) == 1 {
+		return &ipConfigurations[0], nil
+	}
+
+	for idx := range ipConfigurations {
+		ipConfig := &ipConfigurations[idx]
+		if ipConfig.Primary != nil && *ipConfig.Primary == true {
+			return ipConfig, nil
+		}
+	}
+
+	return nil, fmt.Errorf("failed to find a primary IP configuration for the scale set %q", scaleSetName)
+}
+
+// createOrUpdateVMSSWithRetry invokes ss.VirtualMachineScaleSetsClient.CreateOrUpdate with exponential backoff retry.
+func (ss *scaleSet) createOrUpdateVMSSWithRetry(virtualMachineScaleSet computepreview.VirtualMachineScaleSet) error {
+	return wait.ExponentialBackoff(ss.requestBackoff(), func() (bool, error) {
+		ctx, cancel := getContextWithCancel()
+		defer cancel()
+		resp, err := ss.VirtualMachineScaleSetsClient.CreateOrUpdate(ctx, ss.ResourceGroup, *virtualMachineScaleSet.Name, virtualMachineScaleSet)
+		glog.V(10).Infof("VirtualMachineScaleSetsClient.CreateOrUpdate(%s): end", *virtualMachineScaleSet.Name)
+		return processHTTPRetryResponse(resp, err)
+	})
+}
+
+// updateVMSSInstancesWithRetry invokes ss.VirtualMachineScaleSetsClient.UpdateInstances with exponential backoff retry.
+func (ss *scaleSet) updateVMSSInstancesWithRetry(scaleSetName string, vmInstanceIDs computepreview.VirtualMachineScaleSetVMInstanceRequiredIDs) error {
+	return wait.ExponentialBackoff(ss.requestBackoff(), func() (bool, error) {
+		ctx, cancel := getContextWithCancel()
+		defer cancel()
+		resp, err := ss.VirtualMachineScaleSetsClient.UpdateInstances(ctx, ss.ResourceGroup, scaleSetName, vmInstanceIDs)
+		glog.V(10).Infof("VirtualMachineScaleSetsClient.UpdateInstances(%s): end", scaleSetName)
+		return processHTTPRetryResponse(resp, err)
+	})
+}
+
+// EnsureHostsInPool ensures the given Node's primary IP configurations are
+// participating in the specified LoadBalancer Backend Pool.
+func (ss *scaleSet) EnsureHostsInPool(serviceName string, nodes []*v1.Node, backendPoolID string, vmSetName string) error {
+	virtualMachineScaleSet, exists, err := ss.getScaleSetWithRetry(vmSetName)
+	if err != nil {
+		glog.Errorf("ss.getScaleSetWithRetry(%s) for service %q failed: %v", vmSetName, serviceName, err)
+		return err
+	}
+	if !exists {
+		errorMessage := fmt.Errorf("Scale set %q not found", vmSetName)
+		glog.Errorf("%v", errorMessage)
+		return errorMessage
+	}
+
+	// Find primary network interface configuration.
+	networkConfigureList := virtualMachineScaleSet.VirtualMachineProfile.NetworkProfile.NetworkInterfaceConfigurations
+	primaryNetworkConfiguration, err := ss.getPrimaryNetworkConfiguration(networkConfigureList, vmSetName)
+	if err != nil {
+		return err
+	}
+
+	// Find primary IP configuration.
+	primaryIPConfiguration, err := ss.getPrimaryIPConfigForScaleSet(primaryNetworkConfiguration, vmSetName)
+	if err != nil {
+		return err
+	}
+
+	// Update primary IP configuration's LoadBalancerBackendAddressPools.
+	foundPool := false
+	newBackendPools := []computepreview.SubResource{}
+	if primaryIPConfiguration.LoadBalancerBackendAddressPools != nil {
+		newBackendPools = *primaryIPConfiguration.LoadBalancerBackendAddressPools
+	}
+	for _, existingPool := range newBackendPools {
+		if strings.EqualFold(backendPoolID, *existingPool.ID) {
+			foundPool = true
+			break
+		}
+	}
+	if !foundPool {
+		newBackendPools = append(newBackendPools,
+			computepreview.SubResource{
+				ID: to.StringPtr(backendPoolID),
+			})
+		primaryIPConfiguration.LoadBalancerBackendAddressPools = &newBackendPools
+
+		ctx, cancel := getContextWithCancel()
+		defer cancel()
+		glog.V(3).Infof("VirtualMachineScaleSetsClient.CreateOrUpdate for service (%s): scale set (%s) - updating", serviceName, vmSetName)
+		resp, err := ss.VirtualMachineScaleSetsClient.CreateOrUpdate(ctx, ss.ResourceGroup, vmSetName, virtualMachineScaleSet)
+		glog.V(10).Infof("VirtualMachineScaleSetsClient.CreateOrUpdate(%q): end", vmSetName)
+		if ss.CloudProviderBackoff && shouldRetryHTTPRequest(resp, err) {
+			glog.V(2).Infof("VirtualMachineScaleSetsClient.CreateOrUpdate for service (%s): scale set (%s) - updating, err=%v", serviceName, vmSetName, err)
+			retryErr := ss.createOrUpdateVMSSWithRetry(virtualMachineScaleSet)
+			if retryErr != nil {
+				err = retryErr
+				glog.V(2).Infof("VirtualMachineScaleSetsClient.CreateOrUpdate for service (%s) abort backoff: scale set (%s) - updating", serviceName, vmSetName)
+			}
+		}
+		if err != nil {
+			return err
+		}
+	}
+
+	// Construct instanceIDs from nodes.
+	instanceIDs := []string{}
+	for _, curNode := range nodes {
+		curScaleSetName, err := extractScaleSetNameByExternalID(curNode.Spec.ExternalID)
+		if err != nil {
+			glog.V(4).Infof("Node %q is not belonging to any scale sets, omitting it", curNode.Name)
+			continue
+		}
+		if curScaleSetName != vmSetName {
+			glog.V(4).Infof("Node %q is not belonging to scale set %q, omitting it", curNode.Name, vmSetName)
+			continue
+		}
+
+		instanceID, err := getLastSegment(curNode.Spec.ExternalID)
+		if err != nil {
+			glog.Errorf("Failed to get last segment from %q: %v", curNode.Spec.ExternalID, err)
+			return err
+		}
+
+		instanceIDs = append(instanceIDs, instanceID)
+	}
+
+	// Update instances to latest VMSS model.
+	vmInstanceIDs := computepreview.VirtualMachineScaleSetVMInstanceRequiredIDs{
+		InstanceIds: &instanceIDs,
+	}
+	ctx, cancel := getContextWithCancel()
+	defer cancel()
+	instanceResp, err := ss.VirtualMachineScaleSetsClient.UpdateInstances(ctx, ss.ResourceGroup, vmSetName, vmInstanceIDs)
+	glog.V(10).Infof("VirtualMachineScaleSetsClient.CreateOrUpdate(%q): end", vmSetName)
+	if ss.CloudProviderBackoff && shouldRetryHTTPRequest(instanceResp, err) {
+		glog.V(2).Infof("VirtualMachineScaleSetsClient.UpdateInstances for service (%s): scale set (%s) - updating, err=%v", serviceName, vmSetName, err)
+		retryErr := ss.updateVMSSInstancesWithRetry(vmSetName, vmInstanceIDs)
+		if retryErr != nil {
+			err = retryErr
+			glog.V(2).Infof("VirtualMachineScaleSetsClient.UpdateInstances for service (%s) abort backoff: scale set (%s) - updating", serviceName, vmSetName)
+		}
+	}
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// EnsureBackendPoolDeleted ensures the loadBalancer backendAddressPools deleted from the specified vmSet.
+func (ss *scaleSet) EnsureBackendPoolDeleted(poolID, vmSetName string) error {
+	virtualMachineScaleSet, exists, err := ss.getScaleSetWithRetry(vmSetName)
+	if err != nil {
+		glog.Errorf("ss.EnsureBackendPoolDeleted(%s, %s) getScaleSetWithRetry(%s) failed: %v", poolID, vmSetName, vmSetName, err)
+		return err
+	}
+	if !exists {
+		glog.V(2).Infof("ss.EnsureBackendPoolDeleted(%s, %s), scale set %s has already been non-exist", poolID, vmSetName, vmSetName)
+		return nil
+	}
+
+	// Find primary network interface configuration.
+	networkConfigureList := virtualMachineScaleSet.VirtualMachineProfile.NetworkProfile.NetworkInterfaceConfigurations
+	primaryNetworkConfiguration, err := ss.getPrimaryNetworkConfiguration(networkConfigureList, vmSetName)
+	if err != nil {
+		return err
+	}
+
+	// Find primary IP configuration.
+	primaryIPConfiguration, err := ss.getPrimaryIPConfigForScaleSet(primaryNetworkConfiguration, vmSetName)
+	if err != nil {
+		return err
+	}
+
+	// Construct new loadBalancerBackendAddressPools and remove backendAddressPools from primary IP configuration.
+	if primaryIPConfiguration.LoadBalancerBackendAddressPools == nil || len(*primaryIPConfiguration.LoadBalancerBackendAddressPools) == 0 {
+		return nil
+	}
+	existingBackendPools := *primaryIPConfiguration.LoadBalancerBackendAddressPools
+	newBackendPools := []computepreview.SubResource{}
+	foundPool := false
+	for i := len(existingBackendPools) - 1; i >= 0; i-- {
+		curPool := existingBackendPools[i]
+		if strings.EqualFold(poolID, *curPool.ID) {
+			glog.V(10).Infof("EnsureBackendPoolDeleted gets unwanted backend pool %q for scale set %q", poolID, vmSetName)
+			foundPool = true
+			newBackendPools = append(existingBackendPools[:i], existingBackendPools[i+1:]...)
+		}
+	}
+	if !foundPool {
+		// Pool not found, assume it has been already removed.
+		return nil
+	}
+
+	// Update scale set with backoff.
+	primaryIPConfiguration.LoadBalancerBackendAddressPools = &newBackendPools
+	glog.V(3).Infof("VirtualMachineScaleSetsClient.CreateOrUpdate: scale set (%s) - updating", vmSetName)
+	ctx, cancel := getContextWithCancel()
+	defer cancel()
+	resp, err := ss.VirtualMachineScaleSetsClient.CreateOrUpdate(ctx, ss.ResourceGroup, vmSetName, virtualMachineScaleSet)
+	glog.V(10).Infof("VirtualMachineScaleSetsClient.CreateOrUpdate(%q): end", vmSetName)
+	if ss.CloudProviderBackoff && shouldRetryHTTPRequest(resp, err) {
+		glog.V(2).Infof("VirtualMachineScaleSetsClient.CreateOrUpdate: scale set (%s) - updating, err=%v", vmSetName, err)
+		retryErr := ss.createOrUpdateVMSSWithRetry(virtualMachineScaleSet)
+		if retryErr != nil {
+			err = retryErr
+			glog.V(2).Infof("VirtualMachineScaleSetsClient.CreateOrUpdate abort backoff: scale set (%s) - updating", vmSetName)
+		}
+	}
+	if err != nil {
+		return err
+	}
+
+	// Update instances to latest VMSS model.
+	instanceIDs := []string{"*"}
+	vmInstanceIDs := computepreview.VirtualMachineScaleSetVMInstanceRequiredIDs{
+		InstanceIds: &instanceIDs,
+	}
+	instanceResp, err := ss.VirtualMachineScaleSetsClient.UpdateInstances(ctx, ss.ResourceGroup, vmSetName, vmInstanceIDs)
+	glog.V(10).Infof("VirtualMachineScaleSetsClient.UpdateInstances(%q): end", vmSetName)
+	if ss.CloudProviderBackoff && shouldRetryHTTPRequest(instanceResp, err) {
+		glog.V(2).Infof("VirtualMachineScaleSetsClient.UpdateInstances scale set (%s) - updating, err=%v", vmSetName, err)
+		retryErr := ss.updateVMSSInstancesWithRetry(vmSetName, vmInstanceIDs)
+		if retryErr != nil {
+			err = retryErr
+			glog.V(2).Infof("VirtualMachineScaleSetsClient.UpdateInstances abort backoff: scale set (%s) - updating", vmSetName)
+		}
+	}
+	if err != nil {
+		return err
+	}
+
+	// Update virtualMachineScaleSet again. This is a workaround for removing VMSS reference from LB.
+	// TODO: remove this workaround when figuring out the root cause.
+	if len(newBackendPools) == 0 {
+		glog.V(3).Infof("VirtualMachineScaleSetsClient.CreateOrUpdate: scale set (%s) - updating second time", vmSetName)
+		resp, err = ss.VirtualMachineScaleSetsClient.CreateOrUpdate(ctx, ss.ResourceGroup, vmSetName, virtualMachineScaleSet)
+		glog.V(10).Infof("VirtualMachineScaleSetsClient.CreateOrUpdate(%q): end", vmSetName)
+		if ss.CloudProviderBackoff && shouldRetryHTTPRequest(resp, err) {
+			glog.V(2).Infof("VirtualMachineScaleSetsClient.CreateOrUpdate: scale set (%s) - updating, err=%v", vmSetName, err)
+			retryErr := ss.createOrUpdateVMSSWithRetry(virtualMachineScaleSet)
+			if retryErr != nil {
+				glog.V(2).Infof("VirtualMachineScaleSetsClient.CreateOrUpdate abort backoff: scale set (%s) - updating", vmSetName)
+			}
+		}
+	}
+
+	return nil
+}
+
+// getVmssMachineID returns the full identifier of a vmss virtual machine.
+func (az *Cloud) getVmssMachineID(scaleSetName, instanceID string) string {
+	return fmt.Sprintf(
+		vmssMachineIDTemplate,
+		az.SubscriptionID,
+		az.ResourceGroup,
+		scaleSetName,
+		instanceID)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_vmss_cache.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_vmss_cache.go
new file mode 100644
index 000000000000..b7f1552d7b7c
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_vmss_cache.go
@@ -0,0 +1,197 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package azure
+
+import (
+	"fmt"
+	"strings"
+	"time"
+
+	"github.com/golang/glog"
+
+	"k8s.io/apimachinery/pkg/util/sets"
+)
+
+var (
+	vmssNameSeparator = "_"
+
+	nodeNameToScaleSetMappingKey = "k8sNodeNameToScaleSetMappingKey"
+	availabilitySetNodesKey      = "k8sAvailabilitySetNodesKey"
+
+	vmssCacheTTL                      = time.Minute
+	vmssVMCacheTTL                    = time.Minute
+	availabilitySetNodesCacheTTL      = 15 * time.Minute
+	nodeNameToScaleSetMappingCacheTTL = 15 * time.Minute
+)
+
+// nodeNameToScaleSetMapping maps nodeName to scaleSet name.
+// The map is required because vmss nodeName is not equal to its vmName.
+type nodeNameToScaleSetMapping map[string]string
+
+func (ss *scaleSet) makeVmssVMName(scaleSetName, instanceID string) string {
+	return fmt.Sprintf("%s%s%s", scaleSetName, vmssNameSeparator, instanceID)
+}
+
+func extractVmssVMName(name string) (string, string, error) {
+	ret := strings.Split(name, vmssNameSeparator)
+	if len(ret) != 2 {
+		glog.Errorf("Failed to extract vmssVMName %q", name)
+		return "", "", ErrorNotVmssInstance
+	}
+
+	return ret[0], ret[1], nil
+}
+
+func (ss *scaleSet) newVmssCache() (*timedCache, error) {
+	getter := func(key string) (interface{}, error) {
+		ctx, cancel := getContextWithCancel()
+		defer cancel()
+		result, err := ss.VirtualMachineScaleSetsClient.Get(ctx, ss.ResourceGroup, key)
+		exists, realErr := checkResourceExistsFromError(err)
+		if realErr != nil {
+			return nil, realErr
+		}
+
+		if !exists {
+			return nil, nil
+		}
+
+		return &result, nil
+	}
+
+	return newTimedcache(vmssCacheTTL, getter)
+}
+
+func (ss *scaleSet) newNodeNameToScaleSetMappingCache() (*timedCache, error) {
+	getter := func(key string) (interface{}, error) {
+		scaleSetNames, err := ss.listScaleSets()
+		if err != nil {
+			return nil, err
+		}
+
+		localCache := make(nodeNameToScaleSetMapping)
+		for _, ssName := range scaleSetNames {
+			vms, err := ss.listScaleSetVMs(ssName)
+			if err != nil {
+				return nil, err
+			}
+
+			for _, vm := range vms {
+				if vm.OsProfile == nil || vm.OsProfile.ComputerName == nil {
+					glog.Warningf("failed to get computerName for vmssVM (%q)", vm.Name)
+					continue
+				}
+
+				computerName := strings.ToLower(*vm.OsProfile.ComputerName)
+				localCache[computerName] = ssName
+			}
+		}
+
+		return localCache, nil
+	}
+
+	return newTimedcache(nodeNameToScaleSetMappingCacheTTL, getter)
+}
+
+func (ss *scaleSet) newAvailabilitySetNodesCache() (*timedCache, error) {
+	getter := func(key string) (interface{}, error) {
+		vmList, err := ss.Cloud.VirtualMachineClientListWithRetry()
+		if err != nil {
+			return nil, err
+		}
+
+		localCache := sets.NewString()
+		for _, vm := range vmList {
+			localCache.Insert(*vm.Name)
+		}
+
+		return localCache, nil
+	}
+
+	return newTimedcache(availabilitySetNodesCacheTTL, getter)
+}
+
+func (ss *scaleSet) newVmssVMCache() (*timedCache, error) {
+	getter := func(key string) (interface{}, error) {
+		// vmssVM name's format is 'scaleSetName_instanceID'
+		ssName, instanceID, err := extractVmssVMName(key)
+		if err != nil {
+			return nil, err
+		}
+
+		// Not found, the VM doesn't belong to any known scale sets.
+		if ssName == "" {
+			return nil, nil
+		}
+
+		ctx, cancel := getContextWithCancel()
+		defer cancel()
+		result, err := ss.VirtualMachineScaleSetVMsClient.Get(ctx, ss.ResourceGroup, ssName, instanceID)
+		exists, realErr := checkResourceExistsFromError(err)
+		if realErr != nil {
+			return nil, realErr
+		}
+
+		if !exists {
+			return nil, nil
+		}
+
+		return &result, nil
+	}
+
+	return newTimedcache(vmssVMCacheTTL, getter)
+}
+
+func (ss *scaleSet) getScaleSetNameByNodeName(nodeName string) (string, error) {
+	getScaleSetName := func(nodeName string) (string, error) {
+		nodeNameMapping, err := ss.nodeNameToScaleSetMappingCache.Get(nodeNameToScaleSetMappingKey)
+		if err != nil {
+			return "", err
+		}
+
+		realMapping := nodeNameMapping.(nodeNameToScaleSetMapping)
+		if ssName, ok := realMapping[nodeName]; ok {
+			return ssName, nil
+		}
+
+		return "", nil
+	}
+
+	ssName, err := getScaleSetName(nodeName)
+	if err != nil {
+		return "", err
+	}
+
+	if ssName != "" {
+		return ssName, nil
+	}
+
+	// ssName is still not found, it is likely that new Nodes are created.
+	// Force refresh the cache and try again.
+	ss.nodeNameToScaleSetMappingCache.Delete(nodeNameToScaleSetMappingKey)
+	return getScaleSetName(nodeName)
+}
+
+func (ss *scaleSet) isNodeManagedByAvailabilitySet(nodeName string) (bool, error) {
+	cached, err := ss.availabilitySetNodesCache.Get(availabilitySetNodesKey)
+	if err != nil {
+		return false, err
+	}
+
+	availabilitySetNodes := cached.(sets.String)
+	return availabilitySetNodes.Has(nodeName), nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_wrap.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_wrap.go
index ccdc1835a995..4c295c1a7cb2 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_wrap.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_wrap.go
@@ -17,22 +17,23 @@ limitations under the License.
 package azure
 
 import (
-	"errors"
+	"fmt"
 	"net/http"
-	"sync"
 	"time"
 
 	"github.com/Azure/azure-sdk-for-go/arm/compute"
 	"github.com/Azure/azure-sdk-for-go/arm/network"
 	"github.com/Azure/go-autorest/autorest"
-	"github.com/golang/glog"
+
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/kubernetes/pkg/cloudprovider"
 )
 
 var (
-	// ErrorNotVmssInstance indicates an instance is not belongint to any vmss.
-	ErrorNotVmssInstance = errors.New("not a vmss instance")
+	vmCacheTTL  = time.Minute
+	lbCacheTTL  = 2 * time.Minute
+	nsgCacheTTL = 2 * time.Minute
+	rtCacheTTL  = 2 * time.Minute
 )
 
 // checkExistsFromError inspects an error and returns a true if err is nil,
@@ -65,212 +66,179 @@ func ignoreStatusNotFoundFromError(err error) error {
 	return err
 }
 
-// cache used by getVirtualMachine
-// 15s for expiration duration
-var vmCache = newTimedcache(15 * time.Second)
-
-type vmRequest struct {
-	lock *sync.Mutex
-	vm   *compute.VirtualMachine
-}
-
 /// getVirtualMachine calls 'VirtualMachinesClient.Get' with a timed cache
 /// The service side has throttling control that delays responses if there're multiple requests onto certain vm
 /// resource request in short period.
 func (az *Cloud) getVirtualMachine(nodeName types.NodeName) (vm compute.VirtualMachine, err error) {
 	vmName := string(nodeName)
-
-	cachedRequest, err := vmCache.GetOrCreate(vmName, func() interface{} {
-		return &vmRequest{
-			lock: &sync.Mutex{},
-			vm:   nil,
-		}
-	})
+	cachedVM, err := az.vmCache.Get(vmName)
 	if err != nil {
-		return compute.VirtualMachine{}, err
+		return vm, err
 	}
-	request := cachedRequest.(*vmRequest)
-
-	if request.vm == nil {
-		request.lock.Lock()
-		defer request.lock.Unlock()
-		if request.vm == nil {
-			// Currently InstanceView request are used by azure_zones, while the calls come after non-InstanceView
-			// request. If we first send an InstanceView request and then a non InstanceView request, the second
-			// request will still hit throttling. This is what happens now for cloud controller manager: In this
-			// case we do get instance view every time to fulfill the azure_zones requirement without hitting
-			// throttling.
-			// Consider adding separate parameter for controlling 'InstanceView' once node update issue #56276 is fixed
-			az.operationPollRateLimiter.Accept()
-			glog.V(10).Infof("VirtualMachinesClient.Get(%s): start", vmName)
-			vm, err = az.VirtualMachinesClient.Get(az.ResourceGroup, vmName, compute.InstanceView)
-			glog.V(10).Infof("VirtualMachinesClient.Get(%s): end", vmName)
-
-			exists, realErr := checkResourceExistsFromError(err)
-			if realErr != nil {
-				return vm, realErr
-			}
-
-			if !exists {
-				return vm, cloudprovider.InstanceNotFound
-			}
-
-			request.vm = &vm
-		}
-		return *request.vm, nil
+
+	if cachedVM == nil {
+		return vm, cloudprovider.InstanceNotFound
 	}
 
-	glog.V(6).Infof("getVirtualMachine hits cache for(%s)", vmName)
-	return *request.vm, nil
+	return *(cachedVM.(*compute.VirtualMachine)), nil
 }
 
-func (az *Cloud) getVmssVirtualMachine(nodeName types.NodeName) (vm compute.VirtualMachineScaleSetVM, exists bool, err error) {
-	var realErr error
-
-	vmName := string(nodeName)
-	instanceID, err := getVmssInstanceID(vmName)
+func (az *Cloud) getRouteTable() (routeTable network.RouteTable, exists bool, err error) {
+	cachedRt, err := az.rtCache.Get(az.RouteTableName)
 	if err != nil {
-		return vm, false, err
-	}
-
-	az.operationPollRateLimiter.Accept()
-	glog.V(10).Infof("VirtualMachineScaleSetVMsClient.Get(%s): start", vmName)
-	vm, err = az.VirtualMachineScaleSetVMsClient.Get(az.ResourceGroup, az.PrimaryScaleSetName, instanceID)
-	glog.V(10).Infof("VirtualMachineScaleSetVMsClient.Get(%s): end", vmName)
-
-	exists, realErr = checkResourceExistsFromError(err)
-	if realErr != nil {
-		return vm, false, realErr
+		return routeTable, false, err
 	}
 
-	if !exists {
-		return vm, false, nil
+	if cachedRt == nil {
+		return routeTable, false, nil
 	}
 
-	return vm, exists, err
+	return *(cachedRt.(*network.RouteTable)), true, nil
 }
 
-func (az *Cloud) getRouteTable() (routeTable network.RouteTable, exists bool, err error) {
-	var realErr error
-
-	az.operationPollRateLimiter.Accept()
-	glog.V(10).Infof("RouteTablesClient.Get(%s): start", az.RouteTableName)
-	routeTable, err = az.RouteTablesClient.Get(az.ResourceGroup, az.RouteTableName, "")
-	glog.V(10).Infof("RouteTablesClient.Get(%s): end", az.RouteTableName)
+func (az *Cloud) getPublicIPAddress(pipResourceGroup string, pipName string) (pip network.PublicIPAddress, exists bool, err error) {
+	resourceGroup := az.ResourceGroup
+	if pipResourceGroup != "" {
+		resourceGroup = pipResourceGroup
+	}
 
+	var realErr error
+	pip, err = az.PublicIPAddressesClient.Get(resourceGroup, pipName, "")
 	exists, realErr = checkResourceExistsFromError(err)
 	if realErr != nil {
-		return routeTable, false, realErr
+		return pip, false, realErr
 	}
 
 	if !exists {
-		return routeTable, false, nil
+		return pip, false, nil
 	}
 
-	return routeTable, exists, err
+	return pip, exists, err
 }
 
-func (az *Cloud) getSecurityGroup() (sg network.SecurityGroup, exists bool, err error) {
+func (az *Cloud) getSubnet(virtualNetworkName string, subnetName string) (subnet network.Subnet, exists bool, err error) {
 	var realErr error
+	var rg string
 
-	az.operationPollRateLimiter.Accept()
-	glog.V(10).Infof("SecurityGroupsClient.Get(%s): start", az.SecurityGroupName)
-	sg, err = az.SecurityGroupsClient.Get(az.ResourceGroup, az.SecurityGroupName, "")
-	glog.V(10).Infof("SecurityGroupsClient.Get(%s): end", az.SecurityGroupName)
+	if len(az.VnetResourceGroup) > 0 {
+		rg = az.VnetResourceGroup
+	} else {
+		rg = az.ResourceGroup
+	}
 
+	subnet, err = az.SubnetsClient.Get(rg, virtualNetworkName, subnetName, "")
 	exists, realErr = checkResourceExistsFromError(err)
 	if realErr != nil {
-		return sg, false, realErr
+		return subnet, false, realErr
 	}
 
 	if !exists {
-		return sg, false, nil
+		return subnet, false, nil
 	}
 
-	return sg, exists, err
+	return subnet, exists, err
 }
 
 func (az *Cloud) getAzureLoadBalancer(name string) (lb network.LoadBalancer, exists bool, err error) {
-	var realErr error
-	az.operationPollRateLimiter.Accept()
-	glog.V(10).Infof("LoadBalancerClient.Get(%s): start", name)
-	lb, err = az.LoadBalancerClient.Get(az.ResourceGroup, name, "")
-	glog.V(10).Infof("LoadBalancerClient.Get(%s): end", name)
-
-	exists, realErr = checkResourceExistsFromError(err)
-	if realErr != nil {
-		return lb, false, realErr
+	cachedLB, err := az.lbCache.Get(name)
+	if err != nil {
+		return lb, false, err
 	}
 
-	if !exists {
+	if cachedLB == nil {
 		return lb, false, nil
 	}
 
-	return lb, exists, err
+	return *(cachedLB.(*network.LoadBalancer)), true, nil
 }
 
-func (az *Cloud) listLoadBalancers() (lbListResult network.LoadBalancerListResult, exists bool, err error) {
-	var realErr error
-
-	az.operationPollRateLimiter.Accept()
-	glog.V(10).Infof("LoadBalancerClient.List(%s): start", az.ResourceGroup)
-	lbListResult, err = az.LoadBalancerClient.List(az.ResourceGroup)
-	glog.V(10).Infof("LoadBalancerClient.List(%s): end", az.ResourceGroup)
-	exists, realErr = checkResourceExistsFromError(err)
-	if realErr != nil {
-		return lbListResult, false, realErr
+func (az *Cloud) getSecurityGroup() (nsg network.SecurityGroup, err error) {
+	securityGroup, err := az.nsgCache.Get(az.SecurityGroupName)
+	if err != nil {
+		return nsg, err
 	}
 
-	if !exists {
-		return lbListResult, false, nil
+	if securityGroup == nil {
+		return nsg, fmt.Errorf("nsg %q not found", az.SecurityGroupName)
 	}
 
-	return lbListResult, exists, err
+	return *(securityGroup.(*network.SecurityGroup)), nil
 }
 
-func (az *Cloud) getPublicIPAddress(name string) (pip network.PublicIPAddress, exists bool, err error) {
-	var realErr error
+func (az *Cloud) newVMCache() (*timedCache, error) {
+	getter := func(key string) (interface{}, error) {
+		// Currently InstanceView request are used by azure_zones, while the calls come after non-InstanceView
+		// request. If we first send an InstanceView request and then a non InstanceView request, the second
+		// request will still hit throttling. This is what happens now for cloud controller manager: In this
+		// case we do get instance view every time to fulfill the azure_zones requirement without hitting
+		// throttling.
+		// Consider adding separate parameter for controlling 'InstanceView' once node update issue #56276 is fixed
+		vm, err := az.VirtualMachinesClient.Get(az.ResourceGroup, key, compute.InstanceView)
+		exists, realErr := checkResourceExistsFromError(err)
+		if realErr != nil {
+			return nil, realErr
+		}
 
-	az.operationPollRateLimiter.Accept()
-	glog.V(10).Infof("PublicIPAddressesClient.Get(%s): start", name)
-	pip, err = az.PublicIPAddressesClient.Get(az.ResourceGroup, name, "")
-	glog.V(10).Infof("PublicIPAddressesClient.Get(%s): end", name)
+		if !exists {
+			return nil, nil
+		}
 
-	exists, realErr = checkResourceExistsFromError(err)
-	if realErr != nil {
-		return pip, false, realErr
+		return &vm, nil
 	}
 
-	if !exists {
-		return pip, false, nil
+	return newTimedcache(vmCacheTTL, getter)
+}
+
+func (az *Cloud) newLBCache() (*timedCache, error) {
+	getter := func(key string) (interface{}, error) {
+		lb, err := az.LoadBalancerClient.Get(az.ResourceGroup, key, "")
+		exists, realErr := checkResourceExistsFromError(err)
+		if realErr != nil {
+			return nil, realErr
+		}
+
+		if !exists {
+			return nil, nil
+		}
+
+		return &lb, nil
 	}
 
-	return pip, exists, err
+	return newTimedcache(lbCacheTTL, getter)
 }
 
-func (az *Cloud) getSubnet(virtualNetworkName string, subnetName string) (subnet network.Subnet, exists bool, err error) {
-	var realErr error
-	var rg string
+func (az *Cloud) newNSGCache() (*timedCache, error) {
+	getter := func(key string) (interface{}, error) {
+		nsg, err := az.SecurityGroupsClient.Get(az.ResourceGroup, key, "")
+		exists, realErr := checkResourceExistsFromError(err)
+		if realErr != nil {
+			return nil, realErr
+		}
 
-	if len(az.VnetResourceGroup) > 0 {
-		rg = az.VnetResourceGroup
-	} else {
-		rg = az.ResourceGroup
+		if !exists {
+			return nil, nil
+		}
+
+		return &nsg, nil
 	}
 
-	az.operationPollRateLimiter.Accept()
-	glog.V(10).Infof("SubnetsClient.Get(%s): start", subnetName)
-	subnet, err = az.SubnetsClient.Get(rg, virtualNetworkName, subnetName, "")
-	glog.V(10).Infof("SubnetsClient.Get(%s): end", subnetName)
+	return newTimedcache(nsgCacheTTL, getter)
+}
 
-	exists, realErr = checkResourceExistsFromError(err)
-	if realErr != nil {
-		return subnet, false, realErr
-	}
+func (az *Cloud) newRouteTableCache() (*timedCache, error) {
+	getter := func(key string) (interface{}, error) {
+		rt, err := az.RouteTablesClient.Get(az.ResourceGroup, key, "")
+		exists, realErr := checkResourceExistsFromError(err)
+		if realErr != nil {
+			return nil, realErr
+		}
 
-	if !exists {
-		return subnet, false, nil
+		if !exists {
+			return nil, nil
+		}
+
+		return &rt, nil
 	}
 
-	return subnet, exists, err
+	return newTimedcache(rtCacheTTL, getter)
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_zones.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_zones.go
index ce106e360c49..1cf1bb929fb3 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_zones.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/azure/azure_zones.go
@@ -17,11 +17,11 @@ limitations under the License.
 package azure
 
 import (
+	"context"
 	"encoding/json"
 	"io"
 	"io/ioutil"
 	"net/http"
-	"strconv"
 	"sync"
 
 	"k8s.io/apimachinery/pkg/types"
@@ -40,12 +40,17 @@ type instanceInfo struct {
 }
 
 // GetZone returns the Zone containing the current failure zone and locality region that the program is running in
-func (az *Cloud) GetZone() (cloudprovider.Zone, error) {
+func (az *Cloud) GetZone(ctx context.Context) (cloudprovider.Zone, error) {
+	return az.getZoneFromURL(instanceInfoURL)
+}
+
+// This is injectable for testing.
+func (az *Cloud) getZoneFromURL(url string) (cloudprovider.Zone, error) {
 	faultMutex.Lock()
 	defer faultMutex.Unlock()
 	if faultDomain == nil {
 		var err error
-		faultDomain, err = fetchFaultDomain()
+		faultDomain, err = fetchFaultDomain(url)
 		if err != nil {
 			return cloudprovider.Zone{}, err
 		}
@@ -60,35 +65,24 @@ func (az *Cloud) GetZone() (cloudprovider.Zone, error) {
 // GetZoneByProviderID implements Zones.GetZoneByProviderID
 // This is particularly useful in external cloud providers where the kubelet
 // does not initialize node data.
-func (az *Cloud) GetZoneByProviderID(providerID string) (cloudprovider.Zone, error) {
-	nodeName, err := splitProviderID(providerID)
+func (az *Cloud) GetZoneByProviderID(ctx context.Context, providerID string) (cloudprovider.Zone, error) {
+	nodeName, err := az.vmSet.GetNodeNameByProviderID(providerID)
 	if err != nil {
 		return cloudprovider.Zone{}, err
 	}
-	return az.GetZoneByNodeName(nodeName)
+
+	return az.GetZoneByNodeName(ctx, nodeName)
 }
 
 // GetZoneByNodeName implements Zones.GetZoneByNodeName
 // This is particularly useful in external cloud providers where the kubelet
 // does not initialize node data.
-func (az *Cloud) GetZoneByNodeName(nodeName types.NodeName) (cloudprovider.Zone, error) {
-	vm, err := az.getVirtualMachine(nodeName)
-
-	if err != nil {
-		return cloudprovider.Zone{}, err
-	}
-
-	failureDomain := strconv.Itoa(int(*vm.VirtualMachineProperties.InstanceView.PlatformFaultDomain))
-
-	zone := cloudprovider.Zone{
-		FailureDomain: failureDomain,
-		Region:        *(vm.Location),
-	}
-	return zone, nil
+func (az *Cloud) GetZoneByNodeName(ctx context.Context, nodeName types.NodeName) (cloudprovider.Zone, error) {
+	return az.vmSet.GetZoneByNodeName(string(nodeName))
 }
 
-func fetchFaultDomain() (*string, error) {
-	resp, err := http.Get(instanceInfoURL)
+func fetchFaultDomain(url string) (*string, error) {
+	resp, err := http.Get(url)
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/BUILD b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/BUILD
index 9798a63fb13c..b71eb8e40404 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/BUILD
@@ -13,11 +13,40 @@ go_library(
         "cloudstack_instances.go",
         "cloudstack_loadbalancer.go",
         "metadata.go",
-        "metadata_other.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "metadata_other.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "metadata_other.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "metadata_other.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "metadata_other.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "metadata_linux.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "metadata_other.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "metadata_other.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "metadata_other.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "metadata_other.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "metadata_other.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "metadata_other.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack",
@@ -25,21 +54,54 @@ go_library(
         "//pkg/cloudprovider:go_default_library",
         "//pkg/controller:go_default_library",
         "//vendor/github.com/d2g/dhcp4:go_default_library",
-        "//vendor/github.com/d2g/dhcp4client:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/kardianos/osext:go_default_library",
         "//vendor/github.com/xanzy/go-cloudstack/cloudstack:go_default_library",
         "//vendor/gopkg.in/gcfg.v1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
-    ],
+    ] + select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "//vendor/github.com/d2g/dhcp4client:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "//vendor/github.com/d2g/dhcp4client:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "//vendor/github.com/d2g/dhcp4client:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "//vendor/github.com/d2g/dhcp4client:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "//vendor/github.com/d2g/dhcp4client:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "//vendor/github.com/d2g/dhcp4client:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "//vendor/github.com/d2g/dhcp4client:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "//vendor/github.com/d2g/dhcp4client:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "//vendor/github.com/d2g/dhcp4client:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "//vendor/github.com/d2g/dhcp4client:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "//vendor/github.com/d2g/dhcp4client:go_default_library",
+        ],
+        "//conditions:default": [],
+    }),
 )
 
 go_test(
     name = "go_default_test",
     srcs = ["cloudstack_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/cloudstack.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/cloudstack.go
index e4979a75c425..4fdab73e58d2 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/cloudstack.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/cloudstack.go
@@ -17,6 +17,7 @@ limitations under the License.
 package cloudstack
 
 import (
+	"context"
 	"errors"
 	"fmt"
 	"io"
@@ -181,18 +182,13 @@ func (cs *CSCloud) ProviderName() string {
 	return ProviderName
 }
 
-// ScrubDNS filters DNS settings for pods.
-func (cs *CSCloud) ScrubDNS(nameservers, searches []string) (nsOut, srchOut []string) {
-	return nameservers, searches
-}
-
 // HasClusterID returns true if the cluster has a clusterID
 func (cs *CSCloud) HasClusterID() bool {
 	return true
 }
 
 // GetZone returns the Zone containing the region that the program is running in.
-func (cs *CSCloud) GetZone() (cloudprovider.Zone, error) {
+func (cs *CSCloud) GetZone(ctx context.Context) (cloudprovider.Zone, error) {
 	zone := cloudprovider.Zone{}
 
 	if cs.zone == "" {
@@ -220,7 +216,7 @@ func (cs *CSCloud) GetZone() (cloudprovider.Zone, error) {
 }
 
 // GetZoneByProviderID returns the Zone, found by using the provider ID.
-func (cs *CSCloud) GetZoneByProviderID(providerID string) (cloudprovider.Zone, error) {
+func (cs *CSCloud) GetZoneByProviderID(ctx context.Context, providerID string) (cloudprovider.Zone, error) {
 	zone := cloudprovider.Zone{}
 
 	instance, count, err := cs.client.VirtualMachine.GetVirtualMachineByID(
@@ -242,7 +238,7 @@ func (cs *CSCloud) GetZoneByProviderID(providerID string) (cloudprovider.Zone, e
 }
 
 // GetZoneByNodeName returns the Zone, found by using the node name.
-func (cs *CSCloud) GetZoneByNodeName(nodeName types.NodeName) (cloudprovider.Zone, error) {
+func (cs *CSCloud) GetZoneByNodeName(ctx context.Context, nodeName types.NodeName) (cloudprovider.Zone, error) {
 	zone := cloudprovider.Zone{}
 
 	instance, count, err := cs.client.VirtualMachine.GetVirtualMachineByName(
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/cloudstack_instances.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/cloudstack_instances.go
index 755012f16725..cf8559a2b0b1 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/cloudstack_instances.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/cloudstack_instances.go
@@ -17,6 +17,7 @@ limitations under the License.
 package cloudstack
 
 import (
+	"context"
 	"errors"
 	"fmt"
 
@@ -28,7 +29,7 @@ import (
 )
 
 // NodeAddresses returns the addresses of the specified instance.
-func (cs *CSCloud) NodeAddresses(name types.NodeName) ([]v1.NodeAddress, error) {
+func (cs *CSCloud) NodeAddresses(ctx context.Context, name types.NodeName) ([]v1.NodeAddress, error) {
 	instance, count, err := cs.client.VirtualMachine.GetVirtualMachineByName(
 		string(name),
 		cloudstack.WithProject(cs.projectID),
@@ -44,7 +45,7 @@ func (cs *CSCloud) NodeAddresses(name types.NodeName) ([]v1.NodeAddress, error)
 }
 
 // NodeAddressesByProviderID returns the addresses of the specified instance.
-func (cs *CSCloud) NodeAddressesByProviderID(providerID string) ([]v1.NodeAddress, error) {
+func (cs *CSCloud) NodeAddressesByProviderID(ctx context.Context, providerID string) ([]v1.NodeAddress, error) {
 	instance, count, err := cs.client.VirtualMachine.GetVirtualMachineByID(
 		providerID,
 		cloudstack.WithProject(cs.projectID),
@@ -80,12 +81,12 @@ func (cs *CSCloud) nodeAddresses(instance *cloudstack.VirtualMachine) ([]v1.Node
 }
 
 // ExternalID returns the cloud provider ID of the specified instance (deprecated).
-func (cs *CSCloud) ExternalID(name types.NodeName) (string, error) {
-	return cs.InstanceID(name)
+func (cs *CSCloud) ExternalID(ctx context.Context, name types.NodeName) (string, error) {
+	return cs.InstanceID(ctx, name)
 }
 
 // InstanceID returns the cloud provider ID of the specified instance.
-func (cs *CSCloud) InstanceID(name types.NodeName) (string, error) {
+func (cs *CSCloud) InstanceID(ctx context.Context, name types.NodeName) (string, error) {
 	instance, count, err := cs.client.VirtualMachine.GetVirtualMachineByName(
 		string(name),
 		cloudstack.WithProject(cs.projectID),
@@ -101,7 +102,7 @@ func (cs *CSCloud) InstanceID(name types.NodeName) (string, error) {
 }
 
 // InstanceType returns the type of the specified instance.
-func (cs *CSCloud) InstanceType(name types.NodeName) (string, error) {
+func (cs *CSCloud) InstanceType(ctx context.Context, name types.NodeName) (string, error) {
 	instance, count, err := cs.client.VirtualMachine.GetVirtualMachineByName(
 		string(name),
 		cloudstack.WithProject(cs.projectID),
@@ -117,7 +118,7 @@ func (cs *CSCloud) InstanceType(name types.NodeName) (string, error) {
 }
 
 // InstanceTypeByProviderID returns the type of the specified instance.
-func (cs *CSCloud) InstanceTypeByProviderID(providerID string) (string, error) {
+func (cs *CSCloud) InstanceTypeByProviderID(ctx context.Context, providerID string) (string, error) {
 	instance, count, err := cs.client.VirtualMachine.GetVirtualMachineByID(
 		providerID,
 		cloudstack.WithProject(cs.projectID),
@@ -133,17 +134,17 @@ func (cs *CSCloud) InstanceTypeByProviderID(providerID string) (string, error) {
 }
 
 // AddSSHKeyToAllInstances is currently not implemented.
-func (cs *CSCloud) AddSSHKeyToAllInstances(user string, keyData []byte) error {
+func (cs *CSCloud) AddSSHKeyToAllInstances(ctx context.Context, user string, keyData []byte) error {
 	return errors.New("AddSSHKeyToAllInstances not implemented")
 }
 
 // CurrentNodeName returns the name of the node we are currently running on.
-func (cs *CSCloud) CurrentNodeName(hostname string) (types.NodeName, error) {
+func (cs *CSCloud) CurrentNodeName(ctx context.Context, hostname string) (types.NodeName, error) {
 	return types.NodeName(hostname), nil
 }
 
 // InstanceExistsByProviderID returns if the instance still exists.
-func (cs *CSCloud) InstanceExistsByProviderID(providerID string) (bool, error) {
+func (cs *CSCloud) InstanceExistsByProviderID(ctx context.Context, providerID string) (bool, error) {
 	_, count, err := cs.client.VirtualMachine.GetVirtualMachineByID(
 		providerID,
 		cloudstack.WithProject(cs.projectID),
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/cloudstack_loadbalancer.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/cloudstack_loadbalancer.go
index fd1c0af8dd1f..c4431d41cc54 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/cloudstack_loadbalancer.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/cloudstack_loadbalancer.go
@@ -17,6 +17,7 @@ limitations under the License.
 package cloudstack
 
 import (
+	"context"
 	"fmt"
 	"strconv"
 
@@ -40,7 +41,7 @@ type loadBalancer struct {
 }
 
 // GetLoadBalancer returns whether the specified load balancer exists, and if so, what its status is.
-func (cs *CSCloud) GetLoadBalancer(clusterName string, service *v1.Service) (*v1.LoadBalancerStatus, bool, error) {
+func (cs *CSCloud) GetLoadBalancer(ctx context.Context, clusterName string, service *v1.Service) (*v1.LoadBalancerStatus, bool, error) {
 	glog.V(4).Infof("GetLoadBalancer(%v, %v, %v)", clusterName, service.Namespace, service.Name)
 
 	// Get the load balancer details and existing rules.
@@ -63,7 +64,7 @@ func (cs *CSCloud) GetLoadBalancer(clusterName string, service *v1.Service) (*v1
 }
 
 // EnsureLoadBalancer creates a new load balancer, or updates the existing one. Returns the status of the balancer.
-func (cs *CSCloud) EnsureLoadBalancer(clusterName string, service *v1.Service, nodes []*v1.Node) (status *v1.LoadBalancerStatus, err error) {
+func (cs *CSCloud) EnsureLoadBalancer(ctx context.Context, clusterName string, service *v1.Service, nodes []*v1.Node) (status *v1.LoadBalancerStatus, err error) {
 	glog.V(4).Infof("EnsureLoadBalancer(%v, %v, %v, %v, %v, %v)", clusterName, service.Namespace, service.Name, service.Spec.LoadBalancerIP, service.Spec.Ports, nodes)
 
 	if len(service.Spec.Ports) == 0 {
@@ -165,7 +166,7 @@ func (cs *CSCloud) EnsureLoadBalancer(clusterName string, service *v1.Service, n
 }
 
 // UpdateLoadBalancer updates hosts under the specified load balancer.
-func (cs *CSCloud) UpdateLoadBalancer(clusterName string, service *v1.Service, nodes []*v1.Node) error {
+func (cs *CSCloud) UpdateLoadBalancer(ctx context.Context, clusterName string, service *v1.Service, nodes []*v1.Node) error {
 	glog.V(4).Infof("UpdateLoadBalancer(%v, %v, %v, %v)", clusterName, service.Namespace, service.Name, nodes)
 
 	// Get the load balancer details and existing rules.
@@ -211,7 +212,7 @@ func (cs *CSCloud) UpdateLoadBalancer(clusterName string, service *v1.Service, n
 
 // EnsureLoadBalancerDeleted deletes the specified load balancer if it exists, returning
 // nil if the load balancer specified either didn't exist or was successfully deleted.
-func (cs *CSCloud) EnsureLoadBalancerDeleted(clusterName string, service *v1.Service) error {
+func (cs *CSCloud) EnsureLoadBalancerDeleted(ctx context.Context, clusterName string, service *v1.Service) error {
 	glog.V(4).Infof("EnsureLoadBalancerDeleted(%v, %v, %v)", clusterName, service.Namespace, service.Name)
 
 	// Get the load balancer details and existing rules.
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/metadata.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/metadata.go
index 1d76b609a329..bffeb49cf9ea 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/metadata.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/cloudstack/metadata.go
@@ -17,6 +17,7 @@ limitations under the License.
 package cloudstack
 
 import (
+	"context"
 	"errors"
 	"fmt"
 	"io/ioutil"
@@ -46,7 +47,7 @@ const (
 )
 
 // NodeAddresses returns the addresses of the specified instance.
-func (m *metadata) NodeAddresses(name types.NodeName) ([]v1.NodeAddress, error) {
+func (m *metadata) NodeAddresses(ctx context.Context, name types.NodeName) ([]v1.NodeAddress, error) {
 	externalIP, err := m.get(metadataTypeExternalIP)
 	if err != nil {
 		return nil, fmt.Errorf("could not get external IP: %v", err)
@@ -64,17 +65,17 @@ func (m *metadata) NodeAddresses(name types.NodeName) ([]v1.NodeAddress, error)
 }
 
 // NodeAddressesByProviderID returns the addresses of the specified instance.
-func (m *metadata) NodeAddressesByProviderID(providerID string) ([]v1.NodeAddress, error) {
+func (m *metadata) NodeAddressesByProviderID(ctx context.Context, providerID string) ([]v1.NodeAddress, error) {
 	return nil, errors.New("NodeAddressesByProviderID not implemented")
 }
 
 // ExternalID returns the cloud provider ID of the specified instance (deprecated).
-func (m *metadata) ExternalID(name types.NodeName) (string, error) {
-	return m.InstanceID(name)
+func (m *metadata) ExternalID(ctx context.Context, name types.NodeName) (string, error) {
+	return m.InstanceID(ctx, name)
 }
 
 // InstanceID returns the cloud provider ID of the specified instance.
-func (m *metadata) InstanceID(name types.NodeName) (string, error) {
+func (m *metadata) InstanceID(ctx context.Context, name types.NodeName) (string, error) {
 	instanceID, err := m.get(metadataTypeInstanceID)
 	if err != nil {
 		return "", fmt.Errorf("could not get instance ID: %v", err)
@@ -89,7 +90,7 @@ func (m *metadata) InstanceID(name types.NodeName) (string, error) {
 }
 
 // InstanceType returns the type of the specified instance.
-func (m *metadata) InstanceType(name types.NodeName) (string, error) {
+func (m *metadata) InstanceType(ctx context.Context, name types.NodeName) (string, error) {
 	instanceType, err := m.get(metadataTypeInstanceType)
 	if err != nil {
 		return "", fmt.Errorf("could not get instance type: %v", err)
@@ -99,27 +100,27 @@ func (m *metadata) InstanceType(name types.NodeName) (string, error) {
 }
 
 // InstanceTypeByProviderID returns the type of the specified instance.
-func (m *metadata) InstanceTypeByProviderID(providerID string) (string, error) {
+func (m *metadata) InstanceTypeByProviderID(ctx context.Context, providerID string) (string, error) {
 	return "", errors.New("InstanceTypeByProviderID not implemented")
 }
 
 // AddSSHKeyToAllInstances is currently not implemented.
-func (m *metadata) AddSSHKeyToAllInstances(user string, keyData []byte) error {
+func (m *metadata) AddSSHKeyToAllInstances(ctx context.Context, user string, keyData []byte) error {
 	return errors.New("AddSSHKeyToAllInstances not implemented")
 }
 
 // CurrentNodeName returns the name of the node we are currently running on.
-func (m *metadata) CurrentNodeName(hostname string) (types.NodeName, error) {
+func (m *metadata) CurrentNodeName(ctx context.Context, hostname string) (types.NodeName, error) {
 	return types.NodeName(hostname), nil
 }
 
 // InstanceExistsByProviderID returns if the instance still exists.
-func (m *metadata) InstanceExistsByProviderID(providerID string) (bool, error) {
+func (m *metadata) InstanceExistsByProviderID(ctx context.Context, providerID string) (bool, error) {
 	return false, errors.New("InstanceExistsByProviderID not implemented")
 }
 
 // GetZone returns the Zone containing the region that the program is running in.
-func (m *metadata) GetZone() (cloudprovider.Zone, error) {
+func (m *metadata) GetZone(ctx context.Context) (cloudprovider.Zone, error) {
 	zone := cloudprovider.Zone{}
 
 	if m.zone == "" {
@@ -139,12 +140,12 @@ func (m *metadata) GetZone() (cloudprovider.Zone, error) {
 }
 
 // GetZoneByProviderID returns the Zone, found by using the provider ID.
-func (m *metadata) GetZoneByProviderID(providerID string) (cloudprovider.Zone, error) {
+func (m *metadata) GetZoneByProviderID(ctx context.Context, providerID string) (cloudprovider.Zone, error) {
 	return cloudprovider.Zone{}, errors.New("GetZoneByProviderID not implemented")
 }
 
 // GetZoneByNodeName returns the Zone, found by using the node name.
-func (m *metadata) GetZoneByNodeName(nodeName types.NodeName) (cloudprovider.Zone, error) {
+func (m *metadata) GetZoneByNodeName(ctx context.Context, nodeName types.NodeName) (cloudprovider.Zone, error) {
 	return cloudprovider.Zone{}, errors.New("GetZoneByNodeName not implemented")
 }
 
@@ -195,7 +196,7 @@ func findDHCPServer() (string, error) {
 
 				offerPacket, err := client.GetOffer(&discoverPacket)
 				if err != nil {
-					return "", fmt.Errorf("error recieving DHCP offer package: %v", err)
+					return "", fmt.Errorf("error receiving DHCP offer package: %v", err)
 				}
 
 				offerPacketOptions := offerPacket.ParseOptions()
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/BUILD b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/BUILD
index 69509a2243a8..5c04c174800b 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/BUILD
@@ -23,7 +23,6 @@ go_library(
         "gce_disks.go",
         "gce_firewall.go",
         "gce_forwardingrule.go",
-        "gce_forwardingrule_fakes.go",
         "gce_healthchecks.go",
         "gce_instancegroup.go",
         "gce_instances.go",
@@ -37,17 +36,23 @@ go_library(
         "gce_routes.go",
         "gce_targetpool.go",
         "gce_targetproxy.go",
+        "gce_tpu.go",
         "gce_urlmap.go",
         "gce_util.go",
         "gce_zones.go",
         "metrics.go",
+        "support.go",
         "token_source.go",
     ],
     importpath = "k8s.io/kubernetes/pkg/cloudprovider/providers/gce",
     deps = [
         "//pkg/api/v1/service:go_default_library",
         "//pkg/cloudprovider:go_default_library",
+        "//pkg/cloudprovider/providers/gce/cloud:go_default_library",
+        "//pkg/cloudprovider/providers/gce/cloud/filter:go_default_library",
+        "//pkg/cloudprovider/providers/gce/cloud/meta:go_default_library",
         "//pkg/controller:go_default_library",
+        "//pkg/features:go_default_library",
         "//pkg/kubelet/apis:go_default_library",
         "//pkg/master/ports:go_default_library",
         "//pkg/util/net/sets:go_default_library",
@@ -65,6 +70,7 @@ go_library(
         "//vendor/google.golang.org/api/compute/v1:go_default_library",
         "//vendor/google.golang.org/api/container/v1:go_default_library",
         "//vendor/google.golang.org/api/googleapi:go_default_library",
+        "//vendor/google.golang.org/api/tpu/v1alpha1:go_default_library",
         "//vendor/gopkg.in/gcfg.v1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
@@ -76,6 +82,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/client-go/informers:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes/scheme:go_default_library",
@@ -98,10 +105,11 @@ go_test(
         "gce_util_test.go",
         "metrics_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/cloudprovider/providers/gce",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/cloudprovider:go_default_library",
+        "//pkg/cloudprovider/providers/gce/cloud:go_default_library",
+        "//pkg/cloudprovider/providers/gce/cloud/mock:go_default_library",
         "//pkg/kubelet/apis:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/github.com/stretchr/testify/require:go_default_library",
@@ -112,6 +120,7 @@ go_test(
         "//vendor/google.golang.org/api/googleapi:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
     ],
 )
@@ -125,6 +134,9 @@ filegroup(
 
 filegroup(
     name = "all-srcs",
-    srcs = [":package-srcs"],
+    srcs = [
+        ":package-srcs",
+        "//pkg/cloudprovider/providers/gce/cloud:all-srcs",
+    ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/BUILD b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/BUILD
new file mode 100644
index 000000000000..fa46310777dc
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/BUILD
@@ -0,0 +1,64 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "constants.go",
+        "doc.go",
+        "gce_projects.go",
+        "gen.go",
+        "op.go",
+        "project.go",
+        "ratelimit.go",
+        "service.go",
+        "utils.go",
+    ],
+    importpath = "k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//pkg/cloudprovider/providers/gce/cloud/filter:go_default_library",
+        "//pkg/cloudprovider/providers/gce/cloud/meta:go_default_library",
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/google.golang.org/api/compute/v0.alpha:go_default_library",
+        "//vendor/google.golang.org/api/compute/v0.beta:go_default_library",
+        "//vendor/google.golang.org/api/compute/v1:go_default_library",
+        "//vendor/google.golang.org/api/googleapi:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = [
+        "gen_test.go",
+        "mock_test.go",
+        "utils_test.go",
+    ],
+    embed = [":go_default_library"],
+    deps = [
+        "//pkg/cloudprovider/providers/gce/cloud/filter:go_default_library",
+        "//pkg/cloudprovider/providers/gce/cloud/meta:go_default_library",
+        "//vendor/google.golang.org/api/compute/v0.alpha:go_default_library",
+        "//vendor/google.golang.org/api/compute/v0.beta:go_default_library",
+        "//vendor/google.golang.org/api/compute/v1:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [
+        ":package-srcs",
+        "//pkg/cloudprovider/providers/gce/cloud/filter:all-srcs",
+        "//pkg/cloudprovider/providers/gce/cloud/gen:all-srcs",
+        "//pkg/cloudprovider/providers/gce/cloud/meta:all-srcs",
+        "//pkg/cloudprovider/providers/gce/cloud/mock:all-srcs",
+    ],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/constants.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/constants.go
new file mode 100644
index 000000000000..8d09c8bead8b
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/constants.go
@@ -0,0 +1,55 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cloud
+
+import (
+	"strings"
+)
+
+// NetworkTier represents the Network Service Tier used by a resource
+type NetworkTier string
+
+// LbScheme represents the possible types of load balancers
+type LbScheme string
+
+const (
+	NetworkTierStandard NetworkTier = "Standard"
+	NetworkTierPremium  NetworkTier = "Premium"
+	NetworkTierDefault  NetworkTier = NetworkTierPremium
+
+	SchemeExternal LbScheme = "EXTERNAL"
+	SchemeInternal LbScheme = "INTERNAL"
+)
+
+// ToGCEValue converts NetworkTier to a string that we can populate the
+// NetworkTier field of GCE objects, including ForwardingRules and Addresses.
+func (n NetworkTier) ToGCEValue() string {
+	return strings.ToUpper(string(n))
+}
+
+// NetworkTierGCEValueToType converts the value of the NetworkTier field of a
+// GCE object to the NetworkTier type.
+func NetworkTierGCEValueToType(s string) NetworkTier {
+	switch s {
+	case NetworkTierStandard.ToGCEValue():
+		return NetworkTierStandard
+	case NetworkTierPremium.ToGCEValue():
+		return NetworkTierPremium
+	default:
+		return NetworkTier(s)
+	}
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/doc.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/doc.go
new file mode 100644
index 000000000000..a6b121457cd7
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/doc.go
@@ -0,0 +1,112 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package cloud implements a more golang friendly interface to the GCE compute
+// API. The code in this package is generated automatically via the generator
+// implemented in "gen/main.go".  The code generator creates the basic CRUD
+// actions for the given resource: "Insert", "Get", "List" and "Delete".
+// Additional methods by customizing the ServiceInfo object (see below).
+// Generated code includes a full mock of the GCE compute API.
+//
+// Usage
+//
+// The root of the GCE compute API is the interface "Cloud". Code written using
+// Cloud can be used against the actual implementation "GCE" or "MockGCE".
+//
+//  func foo(cloud Cloud) {
+//    igs, err := cloud.InstanceGroups().List(ctx, "us-central1-b", filter.None)
+//    ...
+//  }
+//  // Run foo against the actual cloud.
+//  foo(NewGCE(&Service{...}))
+//  // Run foo with a mock.
+//  foo(NewMockGCE())
+//
+// Rate limiting and routing
+//
+// The generated code allows for custom policies for operation rate limiting
+// and GCE project routing. See RateLimiter and ProjectRouter for more details.
+//
+// Mocks
+//
+// Mocks are automatically generated for each type implementing basic logic for
+// resource manipulation.  This eliminates the boilerplate required to mock GCE
+// functionality.  Each method will also have a corresponding "xxxHook"
+// function generated in the mock structure where unit test code can hook the
+// execution of the method.
+//
+// Mocks for different versions of the same service will share the same set of
+// objects, i.e. an alpha object will be visible with beta and GA methods.
+// Note that translation is done with JSON serialization between the API versions.
+//
+// Changing service code generation
+//
+// The list of services to generate is contained in "meta/meta.go". To add a
+// service, add an entry to the list "meta.AllServices". An example entry:
+//
+//  &ServiceInfo{
+//    Object:      "InstanceGroup",   // Name of the object type.
+//    Service:     "InstanceGroups",  // Name of the service.
+//    Resource:    "instanceGroups",  // Lowercase resource name (as appears in the URL).
+//    version:     meta.VersionAlpha, // API version (one entry per version is needed).
+//    keyType:     Zonal,             // What kind of resource this is.
+//    serviceType: reflect.TypeOf(&alpha.InstanceGroupsService{}), // Associated golang type.
+//    additionalMethods: []string{    // Additional methods to generate code for.
+//      "SetNamedPorts",
+//    },
+//    options: <options>              // Or'd ("|") together.
+//  }
+//
+// Read-only objects
+//
+// Services such as Regions and Zones do not allow for mutations. Specify
+// "ReadOnly" in ServiceInfo.options to omit the mutation methods.
+//
+// Adding custom methods
+//
+// Some methods that may not be properly handled by the generated code. To enable
+// addition of custom code to the generated mocks, set the "CustomOps" option
+// in "meta.ServiceInfo" entry. This will make the generated service interface
+// embed a "<ServiceName>Ops" interface. This interface MUST be written by hand
+// and contain the custom method logic. Corresponding methods must be added to
+// the corresponding Mockxxx and GCExxx struct types.
+//
+//  // In "meta/meta.go":
+//  &ServiceInfo{
+//    Object: "InstanceGroup",
+//    ...
+//    options: CustomOps,
+//  }
+//
+//  // In the generated code "gen.go":
+//  type InstanceGroups interface {
+//    InstanceGroupsOps // Added by CustomOps option.
+//    ...
+//  }
+//
+//  // In hand written file:
+//  type InstanceGroupsOps interface {
+//    MyMethod()
+//  }
+//
+//  func (mock *MockInstanceGroups) MyMethod() {
+//    // Custom mock implementation.
+//  }
+//
+//  func (gce *GCEInstanceGroups) MyMethod() {
+//    // Custom implementation.
+//  }
+package cloud
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter/BUILD b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter/BUILD
new file mode 100644
index 000000000000..a2e0c7941cf7
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter/BUILD
@@ -0,0 +1,29 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["filter.go"],
+    importpath = "k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter",
+    visibility = ["//visibility:public"],
+    deps = ["//vendor/github.com/golang/glog:go_default_library"],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["filter_test.go"],
+    embed = [":go_default_library"],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter/filter.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter/filter.go
new file mode 100644
index 000000000000..c08005726c87
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter/filter.go
@@ -0,0 +1,303 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package filter encapsulates the filter argument to compute API calls.
+//
+//  // List all global addresses (no filter).
+//  c.GlobalAddresses().List(ctx, filter.None)
+//
+//  // List global addresses filtering for name matching "abc.*".
+//  c.GlobalAddresses().List(ctx, filter.Regexp("name", "abc.*"))
+//
+//  // List on multiple conditions.
+//  f := filter.Regexp("name", "homer.*").AndNotRegexp("name", "homers")
+//  c.GlobalAddresses().List(ctx, f)
+package filter
+
+import (
+	"errors"
+	"fmt"
+	"reflect"
+	"regexp"
+	"strings"
+
+	"github.com/golang/glog"
+)
+
+var (
+	// None indicates that the List result set should not be filter (i.e.
+	// return all values).
+	None *F
+)
+
+// Regexp returns a filter for fieldName matches regexp v.
+func Regexp(fieldName, v string) *F {
+	return (&F{}).AndRegexp(fieldName, v)
+}
+
+// NotRegexp returns a filter for fieldName not matches regexp v.
+func NotRegexp(fieldName, v string) *F {
+	return (&F{}).AndNotRegexp(fieldName, v)
+}
+
+// EqualInt returns a filter for fieldName ~ v.
+func EqualInt(fieldName string, v int) *F {
+	return (&F{}).AndEqualInt(fieldName, v)
+}
+
+// NotEqualInt returns a filter for fieldName != v.
+func NotEqualInt(fieldName string, v int) *F {
+	return (&F{}).AndNotEqualInt(fieldName, v)
+}
+
+// EqualBool returns a filter for fieldName == v.
+func EqualBool(fieldName string, v bool) *F {
+	return (&F{}).AndEqualBool(fieldName, v)
+}
+
+// NotEqualBool returns a filter for fieldName != v.
+func NotEqualBool(fieldName string, v bool) *F {
+	return (&F{}).AndNotEqualBool(fieldName, v)
+}
+
+// F is a filter to be used with List() operations.
+//
+// From the compute API description:
+//
+// Sets a filter {expression} for filtering listed resources. Your {expression}
+// must be in the format: field_name comparison_string literal_string.
+//
+// The field_name is the name of the field you want to compare. Only atomic field
+// types are supported (string, number, boolean). The comparison_string must be
+// either eq (equals) or ne (not equals). The literal_string is the string value
+// to filter to. The literal value must be valid for the type of field you are
+// filtering by (string, number, boolean). For string fields, the literal value is
+// interpreted as a regular expression using RE2 syntax. The literal value must
+// match the entire field.
+//
+// For example, to filter for instances that do not have a name of
+// example-instance, you would use name ne example-instance.
+//
+// You can filter on nested fields. For example, you could filter on instances
+// that have set the scheduling.automaticRestart field to true. Use filtering on
+// nested fields to take advantage of labels to organize and search for results
+// based on label values.
+//
+// To filter on multiple expressions, provide each separate expression within
+// parentheses. For example, (scheduling.automaticRestart eq true)
+// (zone eq us-central1-f). Multiple expressions are treated as AND expressions,
+// meaning that resources must match all expressions to pass the filters.
+type F struct {
+	predicates []filterPredicate
+}
+
+// And joins two filters together.
+func (fl *F) And(rest *F) *F {
+	fl.predicates = append(fl.predicates, rest.predicates...)
+	return fl
+}
+
+// AndRegexp adds a field match string predicate.
+func (fl *F) AndRegexp(fieldName, v string) *F {
+	fl.predicates = append(fl.predicates, filterPredicate{fieldName: fieldName, op: equals, s: &v})
+	return fl
+}
+
+// AndNotRegexp adds a field not match string predicate.
+func (fl *F) AndNotRegexp(fieldName, v string) *F {
+	fl.predicates = append(fl.predicates, filterPredicate{fieldName: fieldName, op: notEquals, s: &v})
+	return fl
+}
+
+// AndEqualInt adds a field == int predicate.
+func (fl *F) AndEqualInt(fieldName string, v int) *F {
+	fl.predicates = append(fl.predicates, filterPredicate{fieldName: fieldName, op: equals, i: &v})
+	return fl
+}
+
+// AndNotEqualInt adds a field != int predicate.
+func (fl *F) AndNotEqualInt(fieldName string, v int) *F {
+	fl.predicates = append(fl.predicates, filterPredicate{fieldName: fieldName, op: notEquals, i: &v})
+	return fl
+}
+
+// AndEqualBool adds a field == bool predicate.
+func (fl *F) AndEqualBool(fieldName string, v bool) *F {
+	fl.predicates = append(fl.predicates, filterPredicate{fieldName: fieldName, op: equals, b: &v})
+	return fl
+}
+
+// AndNotEqualBool adds a field != bool predicate.
+func (fl *F) AndNotEqualBool(fieldName string, v bool) *F {
+	fl.predicates = append(fl.predicates, filterPredicate{fieldName: fieldName, op: notEquals, b: &v})
+	return fl
+}
+
+func (fl *F) String() string {
+	if len(fl.predicates) == 1 {
+		return fl.predicates[0].String()
+	}
+
+	var pl []string
+	for _, p := range fl.predicates {
+		pl = append(pl, "("+p.String()+")")
+	}
+	return strings.Join(pl, " ")
+}
+
+// Match returns true if the F as specifies matches the given object. This
+// is used by the Mock implementations to perform filtering and SHOULD NOT be
+// used in production code as it is not well-tested to be equivalent to the
+// actual compute API.
+func (fl *F) Match(obj interface{}) bool {
+	if fl == nil {
+		return true
+	}
+	for _, p := range fl.predicates {
+		if !p.match(obj) {
+			return false
+		}
+	}
+	return true
+}
+
+type filterOp int
+
+const (
+	equals    filterOp = iota
+	notEquals filterOp = iota
+)
+
+// filterPredicate is an individual predicate for a fieldName and value.
+type filterPredicate struct {
+	fieldName string
+
+	op filterOp
+	s  *string
+	i  *int
+	b  *bool
+}
+
+func (fp *filterPredicate) String() string {
+	var op string
+	switch fp.op {
+	case equals:
+		op = "eq"
+	case notEquals:
+		op = "ne"
+	default:
+		op = "invalidOp"
+	}
+
+	var value string
+	switch {
+	case fp.s != nil:
+		// There does not seem to be any sort of escaping as specified in the
+		// document. This means it's possible to create malformed expressions.
+		value = *fp.s
+	case fp.i != nil:
+		value = fmt.Sprintf("%d", *fp.i)
+	case fp.b != nil:
+		value = fmt.Sprintf("%t", *fp.b)
+	default:
+		value = "invalidValue"
+	}
+
+	return fmt.Sprintf("%s %s %s", fp.fieldName, op, value)
+}
+
+func (fp *filterPredicate) match(o interface{}) bool {
+	v, err := extractValue(fp.fieldName, o)
+	glog.V(6).Infof("extractValue(%q, %#v) = %v, %v", fp.fieldName, o, v, err)
+	if err != nil {
+		return false
+	}
+
+	var match bool
+	switch x := v.(type) {
+	case string:
+		if fp.s == nil {
+			return false
+		}
+		re, err := regexp.Compile(*fp.s)
+		if err != nil {
+			glog.Errorf("Match regexp %q is invalid: %v", *fp.s, err)
+			return false
+		}
+		match = re.Match([]byte(x))
+	case int:
+		if fp.i == nil {
+			return false
+		}
+		match = x == *fp.i
+	case bool:
+		if fp.b == nil {
+			return false
+		}
+		match = x == *fp.b
+	}
+
+	switch fp.op {
+	case equals:
+		return match
+	case notEquals:
+		return !match
+	}
+
+	return false
+}
+
+// snakeToCamelCase converts from "names_like_this" to "NamesLikeThis" to
+// interoperate between proto and Golang naming conventions.
+func snakeToCamelCase(s string) string {
+	parts := strings.Split(s, "_")
+	var ret string
+	for _, x := range parts {
+		ret += strings.Title(x)
+	}
+	return ret
+}
+
+// extractValue returns the value of the field named by path in object o if it exists.
+func extractValue(path string, o interface{}) (interface{}, error) {
+	parts := strings.Split(path, ".")
+	for _, f := range parts {
+		v := reflect.ValueOf(o)
+		// Dereference Ptr to handle *struct.
+		if v.Kind() == reflect.Ptr {
+			if v.IsNil() {
+				return nil, errors.New("field is nil")
+			}
+			v = v.Elem()
+		}
+		if v.Kind() != reflect.Struct {
+			return nil, fmt.Errorf("cannot get field from non-struct (%T)", o)
+		}
+		v = v.FieldByName(snakeToCamelCase(f))
+		if !v.IsValid() {
+			return nil, fmt.Errorf("cannot get field %q as it is not a valid field in %T", f, o)
+		}
+		if !v.CanInterface() {
+			return nil, fmt.Errorf("cannot get field %q in obj of type %T", f, o)
+		}
+		o = v.Interface()
+	}
+	switch o.(type) {
+	case string, int, bool:
+		return o, nil
+	}
+	return nil, fmt.Errorf("unhandled object of type %T", o)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/gce_projects.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/gce_projects.go
new file mode 100644
index 000000000000..c531881a94ac
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/gce_projects.go
@@ -0,0 +1,99 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cloud
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+
+	compute "google.golang.org/api/compute/v1"
+	"google.golang.org/api/googleapi"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
+)
+
+// ProjectsOps is the manually implemented methods for the Projects service.
+type ProjectsOps interface {
+	Get(ctx context.Context, projectID string) (*compute.Project, error)
+	SetCommonInstanceMetadata(ctx context.Context, projectID string, m *compute.Metadata) error
+}
+
+// MockProjectOpsState is stored in the mock.X field.
+type MockProjectOpsState struct {
+	metadata map[string]*compute.Metadata
+}
+
+// Get a project by projectID.
+func (m *MockProjects) Get(ctx context.Context, projectID string) (*compute.Project, error) {
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if p, ok := m.Objects[*meta.GlobalKey(projectID)]; ok {
+		return p.ToGA(), nil
+	}
+	return nil, &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockProjects %v not found", projectID),
+	}
+}
+
+// Get a project by projectID.
+func (g *GCEProjects) Get(ctx context.Context, projectID string) (*compute.Project, error) {
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "Projects",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	call := g.s.GA.Projects.Get(projectID)
+	call.Context(ctx)
+	return call.Do()
+}
+
+// SetCommonInstanceMetadata for a given project.
+func (m *MockProjects) SetCommonInstanceMetadata(ctx context.Context, projectID string, meta *compute.Metadata) error {
+	if m.X == nil {
+		m.X = &MockProjectOpsState{metadata: map[string]*compute.Metadata{}}
+	}
+	state := m.X.(*MockProjectOpsState)
+	state.metadata[projectID] = meta
+	return nil
+}
+
+// SetCommonInstanceMetadata for a given project.
+func (g *GCEProjects) SetCommonInstanceMetadata(ctx context.Context, projectID string, m *compute.Metadata) error {
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "SetCommonInstanceMetadata",
+		Version:   meta.Version("ga"),
+		Service:   "Projects",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return err
+	}
+	call := g.s.GA.Projects.SetCommonInstanceMetadata(projectID, m)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		return err
+	}
+	return g.s.WaitForCompletion(ctx, op)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/gen.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/gen.go
new file mode 100644
index 000000000000..3992adca90dc
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/gen.go
@@ -0,0 +1,13154 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// This file was generated by "go run gen/main.go > gen.go". Do not edit
+// directly.
+
+package cloud
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"sync"
+
+	"github.com/golang/glog"
+	"google.golang.org/api/googleapi"
+
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
+
+	alpha "google.golang.org/api/compute/v0.alpha"
+	beta "google.golang.org/api/compute/v0.beta"
+	ga "google.golang.org/api/compute/v1"
+)
+
+// Cloud is an interface for the GCE compute API.
+type Cloud interface {
+	Addresses() Addresses
+	AlphaAddresses() AlphaAddresses
+	BetaAddresses() BetaAddresses
+	GlobalAddresses() GlobalAddresses
+	BackendServices() BackendServices
+	AlphaBackendServices() AlphaBackendServices
+	RegionBackendServices() RegionBackendServices
+	AlphaRegionBackendServices() AlphaRegionBackendServices
+	Disks() Disks
+	AlphaDisks() AlphaDisks
+	AlphaRegionDisks() AlphaRegionDisks
+	Firewalls() Firewalls
+	ForwardingRules() ForwardingRules
+	AlphaForwardingRules() AlphaForwardingRules
+	GlobalForwardingRules() GlobalForwardingRules
+	HealthChecks() HealthChecks
+	AlphaHealthChecks() AlphaHealthChecks
+	HttpHealthChecks() HttpHealthChecks
+	HttpsHealthChecks() HttpsHealthChecks
+	InstanceGroups() InstanceGroups
+	Instances() Instances
+	BetaInstances() BetaInstances
+	AlphaInstances() AlphaInstances
+	AlphaNetworkEndpointGroups() AlphaNetworkEndpointGroups
+	Projects() Projects
+	Regions() Regions
+	Routes() Routes
+	SslCertificates() SslCertificates
+	TargetHttpProxies() TargetHttpProxies
+	TargetHttpsProxies() TargetHttpsProxies
+	TargetPools() TargetPools
+	UrlMaps() UrlMaps
+	Zones() Zones
+}
+
+// NewGCE returns a GCE.
+func NewGCE(s *Service) *GCE {
+	g := &GCE{
+		gceAddresses:                  &GCEAddresses{s},
+		gceAlphaAddresses:             &GCEAlphaAddresses{s},
+		gceBetaAddresses:              &GCEBetaAddresses{s},
+		gceGlobalAddresses:            &GCEGlobalAddresses{s},
+		gceBackendServices:            &GCEBackendServices{s},
+		gceAlphaBackendServices:       &GCEAlphaBackendServices{s},
+		gceRegionBackendServices:      &GCERegionBackendServices{s},
+		gceAlphaRegionBackendServices: &GCEAlphaRegionBackendServices{s},
+		gceDisks:                      &GCEDisks{s},
+		gceAlphaDisks:                 &GCEAlphaDisks{s},
+		gceAlphaRegionDisks:           &GCEAlphaRegionDisks{s},
+		gceFirewalls:                  &GCEFirewalls{s},
+		gceForwardingRules:            &GCEForwardingRules{s},
+		gceAlphaForwardingRules:       &GCEAlphaForwardingRules{s},
+		gceGlobalForwardingRules:      &GCEGlobalForwardingRules{s},
+		gceHealthChecks:               &GCEHealthChecks{s},
+		gceAlphaHealthChecks:          &GCEAlphaHealthChecks{s},
+		gceHttpHealthChecks:           &GCEHttpHealthChecks{s},
+		gceHttpsHealthChecks:          &GCEHttpsHealthChecks{s},
+		gceInstanceGroups:             &GCEInstanceGroups{s},
+		gceInstances:                  &GCEInstances{s},
+		gceBetaInstances:              &GCEBetaInstances{s},
+		gceAlphaInstances:             &GCEAlphaInstances{s},
+		gceAlphaNetworkEndpointGroups: &GCEAlphaNetworkEndpointGroups{s},
+		gceProjects:                   &GCEProjects{s},
+		gceRegions:                    &GCERegions{s},
+		gceRoutes:                     &GCERoutes{s},
+		gceSslCertificates:            &GCESslCertificates{s},
+		gceTargetHttpProxies:          &GCETargetHttpProxies{s},
+		gceTargetHttpsProxies:         &GCETargetHttpsProxies{s},
+		gceTargetPools:                &GCETargetPools{s},
+		gceUrlMaps:                    &GCEUrlMaps{s},
+		gceZones:                      &GCEZones{s},
+	}
+	return g
+}
+
+// GCE implements Cloud.
+var _ Cloud = (*GCE)(nil)
+
+// GCE is the golang adapter for the compute APIs.
+type GCE struct {
+	gceAddresses                  *GCEAddresses
+	gceAlphaAddresses             *GCEAlphaAddresses
+	gceBetaAddresses              *GCEBetaAddresses
+	gceGlobalAddresses            *GCEGlobalAddresses
+	gceBackendServices            *GCEBackendServices
+	gceAlphaBackendServices       *GCEAlphaBackendServices
+	gceRegionBackendServices      *GCERegionBackendServices
+	gceAlphaRegionBackendServices *GCEAlphaRegionBackendServices
+	gceDisks                      *GCEDisks
+	gceAlphaDisks                 *GCEAlphaDisks
+	gceAlphaRegionDisks           *GCEAlphaRegionDisks
+	gceFirewalls                  *GCEFirewalls
+	gceForwardingRules            *GCEForwardingRules
+	gceAlphaForwardingRules       *GCEAlphaForwardingRules
+	gceGlobalForwardingRules      *GCEGlobalForwardingRules
+	gceHealthChecks               *GCEHealthChecks
+	gceAlphaHealthChecks          *GCEAlphaHealthChecks
+	gceHttpHealthChecks           *GCEHttpHealthChecks
+	gceHttpsHealthChecks          *GCEHttpsHealthChecks
+	gceInstanceGroups             *GCEInstanceGroups
+	gceInstances                  *GCEInstances
+	gceBetaInstances              *GCEBetaInstances
+	gceAlphaInstances             *GCEAlphaInstances
+	gceAlphaNetworkEndpointGroups *GCEAlphaNetworkEndpointGroups
+	gceProjects                   *GCEProjects
+	gceRegions                    *GCERegions
+	gceRoutes                     *GCERoutes
+	gceSslCertificates            *GCESslCertificates
+	gceTargetHttpProxies          *GCETargetHttpProxies
+	gceTargetHttpsProxies         *GCETargetHttpsProxies
+	gceTargetPools                *GCETargetPools
+	gceUrlMaps                    *GCEUrlMaps
+	gceZones                      *GCEZones
+}
+
+// Addresses returns the interface for the ga Addresses.
+func (gce *GCE) Addresses() Addresses {
+	return gce.gceAddresses
+}
+
+// AlphaAddresses returns the interface for the alpha Addresses.
+func (gce *GCE) AlphaAddresses() AlphaAddresses {
+	return gce.gceAlphaAddresses
+}
+
+// BetaAddresses returns the interface for the beta Addresses.
+func (gce *GCE) BetaAddresses() BetaAddresses {
+	return gce.gceBetaAddresses
+}
+
+// GlobalAddresses returns the interface for the ga GlobalAddresses.
+func (gce *GCE) GlobalAddresses() GlobalAddresses {
+	return gce.gceGlobalAddresses
+}
+
+// BackendServices returns the interface for the ga BackendServices.
+func (gce *GCE) BackendServices() BackendServices {
+	return gce.gceBackendServices
+}
+
+// AlphaBackendServices returns the interface for the alpha BackendServices.
+func (gce *GCE) AlphaBackendServices() AlphaBackendServices {
+	return gce.gceAlphaBackendServices
+}
+
+// RegionBackendServices returns the interface for the ga RegionBackendServices.
+func (gce *GCE) RegionBackendServices() RegionBackendServices {
+	return gce.gceRegionBackendServices
+}
+
+// AlphaRegionBackendServices returns the interface for the alpha RegionBackendServices.
+func (gce *GCE) AlphaRegionBackendServices() AlphaRegionBackendServices {
+	return gce.gceAlphaRegionBackendServices
+}
+
+// Disks returns the interface for the ga Disks.
+func (gce *GCE) Disks() Disks {
+	return gce.gceDisks
+}
+
+// AlphaDisks returns the interface for the alpha Disks.
+func (gce *GCE) AlphaDisks() AlphaDisks {
+	return gce.gceAlphaDisks
+}
+
+// AlphaRegionDisks returns the interface for the alpha RegionDisks.
+func (gce *GCE) AlphaRegionDisks() AlphaRegionDisks {
+	return gce.gceAlphaRegionDisks
+}
+
+// Firewalls returns the interface for the ga Firewalls.
+func (gce *GCE) Firewalls() Firewalls {
+	return gce.gceFirewalls
+}
+
+// ForwardingRules returns the interface for the ga ForwardingRules.
+func (gce *GCE) ForwardingRules() ForwardingRules {
+	return gce.gceForwardingRules
+}
+
+// AlphaForwardingRules returns the interface for the alpha ForwardingRules.
+func (gce *GCE) AlphaForwardingRules() AlphaForwardingRules {
+	return gce.gceAlphaForwardingRules
+}
+
+// GlobalForwardingRules returns the interface for the ga GlobalForwardingRules.
+func (gce *GCE) GlobalForwardingRules() GlobalForwardingRules {
+	return gce.gceGlobalForwardingRules
+}
+
+// HealthChecks returns the interface for the ga HealthChecks.
+func (gce *GCE) HealthChecks() HealthChecks {
+	return gce.gceHealthChecks
+}
+
+// AlphaHealthChecks returns the interface for the alpha HealthChecks.
+func (gce *GCE) AlphaHealthChecks() AlphaHealthChecks {
+	return gce.gceAlphaHealthChecks
+}
+
+// HttpHealthChecks returns the interface for the ga HttpHealthChecks.
+func (gce *GCE) HttpHealthChecks() HttpHealthChecks {
+	return gce.gceHttpHealthChecks
+}
+
+// HttpsHealthChecks returns the interface for the ga HttpsHealthChecks.
+func (gce *GCE) HttpsHealthChecks() HttpsHealthChecks {
+	return gce.gceHttpsHealthChecks
+}
+
+// InstanceGroups returns the interface for the ga InstanceGroups.
+func (gce *GCE) InstanceGroups() InstanceGroups {
+	return gce.gceInstanceGroups
+}
+
+// Instances returns the interface for the ga Instances.
+func (gce *GCE) Instances() Instances {
+	return gce.gceInstances
+}
+
+// BetaInstances returns the interface for the beta Instances.
+func (gce *GCE) BetaInstances() BetaInstances {
+	return gce.gceBetaInstances
+}
+
+// AlphaInstances returns the interface for the alpha Instances.
+func (gce *GCE) AlphaInstances() AlphaInstances {
+	return gce.gceAlphaInstances
+}
+
+// AlphaNetworkEndpointGroups returns the interface for the alpha NetworkEndpointGroups.
+func (gce *GCE) AlphaNetworkEndpointGroups() AlphaNetworkEndpointGroups {
+	return gce.gceAlphaNetworkEndpointGroups
+}
+
+// Projects returns the interface for the ga Projects.
+func (gce *GCE) Projects() Projects {
+	return gce.gceProjects
+}
+
+// Regions returns the interface for the ga Regions.
+func (gce *GCE) Regions() Regions {
+	return gce.gceRegions
+}
+
+// Routes returns the interface for the ga Routes.
+func (gce *GCE) Routes() Routes {
+	return gce.gceRoutes
+}
+
+// SslCertificates returns the interface for the ga SslCertificates.
+func (gce *GCE) SslCertificates() SslCertificates {
+	return gce.gceSslCertificates
+}
+
+// TargetHttpProxies returns the interface for the ga TargetHttpProxies.
+func (gce *GCE) TargetHttpProxies() TargetHttpProxies {
+	return gce.gceTargetHttpProxies
+}
+
+// TargetHttpsProxies returns the interface for the ga TargetHttpsProxies.
+func (gce *GCE) TargetHttpsProxies() TargetHttpsProxies {
+	return gce.gceTargetHttpsProxies
+}
+
+// TargetPools returns the interface for the ga TargetPools.
+func (gce *GCE) TargetPools() TargetPools {
+	return gce.gceTargetPools
+}
+
+// UrlMaps returns the interface for the ga UrlMaps.
+func (gce *GCE) UrlMaps() UrlMaps {
+	return gce.gceUrlMaps
+}
+
+// Zones returns the interface for the ga Zones.
+func (gce *GCE) Zones() Zones {
+	return gce.gceZones
+}
+
+// NewMockGCE returns a new mock for GCE.
+func NewMockGCE(projectRouter ProjectRouter) *MockGCE {
+	mockAddressesObjs := map[meta.Key]*MockAddressesObj{}
+	mockBackendServicesObjs := map[meta.Key]*MockBackendServicesObj{}
+	mockDisksObjs := map[meta.Key]*MockDisksObj{}
+	mockFirewallsObjs := map[meta.Key]*MockFirewallsObj{}
+	mockForwardingRulesObjs := map[meta.Key]*MockForwardingRulesObj{}
+	mockGlobalAddressesObjs := map[meta.Key]*MockGlobalAddressesObj{}
+	mockGlobalForwardingRulesObjs := map[meta.Key]*MockGlobalForwardingRulesObj{}
+	mockHealthChecksObjs := map[meta.Key]*MockHealthChecksObj{}
+	mockHttpHealthChecksObjs := map[meta.Key]*MockHttpHealthChecksObj{}
+	mockHttpsHealthChecksObjs := map[meta.Key]*MockHttpsHealthChecksObj{}
+	mockInstanceGroupsObjs := map[meta.Key]*MockInstanceGroupsObj{}
+	mockInstancesObjs := map[meta.Key]*MockInstancesObj{}
+	mockNetworkEndpointGroupsObjs := map[meta.Key]*MockNetworkEndpointGroupsObj{}
+	mockProjectsObjs := map[meta.Key]*MockProjectsObj{}
+	mockRegionBackendServicesObjs := map[meta.Key]*MockRegionBackendServicesObj{}
+	mockRegionDisksObjs := map[meta.Key]*MockRegionDisksObj{}
+	mockRegionsObjs := map[meta.Key]*MockRegionsObj{}
+	mockRoutesObjs := map[meta.Key]*MockRoutesObj{}
+	mockSslCertificatesObjs := map[meta.Key]*MockSslCertificatesObj{}
+	mockTargetHttpProxiesObjs := map[meta.Key]*MockTargetHttpProxiesObj{}
+	mockTargetHttpsProxiesObjs := map[meta.Key]*MockTargetHttpsProxiesObj{}
+	mockTargetPoolsObjs := map[meta.Key]*MockTargetPoolsObj{}
+	mockUrlMapsObjs := map[meta.Key]*MockUrlMapsObj{}
+	mockZonesObjs := map[meta.Key]*MockZonesObj{}
+
+	mock := &MockGCE{
+		MockAddresses:                  NewMockAddresses(projectRouter, mockAddressesObjs),
+		MockAlphaAddresses:             NewMockAlphaAddresses(projectRouter, mockAddressesObjs),
+		MockBetaAddresses:              NewMockBetaAddresses(projectRouter, mockAddressesObjs),
+		MockGlobalAddresses:            NewMockGlobalAddresses(projectRouter, mockGlobalAddressesObjs),
+		MockBackendServices:            NewMockBackendServices(projectRouter, mockBackendServicesObjs),
+		MockAlphaBackendServices:       NewMockAlphaBackendServices(projectRouter, mockBackendServicesObjs),
+		MockRegionBackendServices:      NewMockRegionBackendServices(projectRouter, mockRegionBackendServicesObjs),
+		MockAlphaRegionBackendServices: NewMockAlphaRegionBackendServices(projectRouter, mockRegionBackendServicesObjs),
+		MockDisks:                      NewMockDisks(projectRouter, mockDisksObjs),
+		MockAlphaDisks:                 NewMockAlphaDisks(projectRouter, mockDisksObjs),
+		MockAlphaRegionDisks:           NewMockAlphaRegionDisks(projectRouter, mockRegionDisksObjs),
+		MockFirewalls:                  NewMockFirewalls(projectRouter, mockFirewallsObjs),
+		MockForwardingRules:            NewMockForwardingRules(projectRouter, mockForwardingRulesObjs),
+		MockAlphaForwardingRules:       NewMockAlphaForwardingRules(projectRouter, mockForwardingRulesObjs),
+		MockGlobalForwardingRules:      NewMockGlobalForwardingRules(projectRouter, mockGlobalForwardingRulesObjs),
+		MockHealthChecks:               NewMockHealthChecks(projectRouter, mockHealthChecksObjs),
+		MockAlphaHealthChecks:          NewMockAlphaHealthChecks(projectRouter, mockHealthChecksObjs),
+		MockHttpHealthChecks:           NewMockHttpHealthChecks(projectRouter, mockHttpHealthChecksObjs),
+		MockHttpsHealthChecks:          NewMockHttpsHealthChecks(projectRouter, mockHttpsHealthChecksObjs),
+		MockInstanceGroups:             NewMockInstanceGroups(projectRouter, mockInstanceGroupsObjs),
+		MockInstances:                  NewMockInstances(projectRouter, mockInstancesObjs),
+		MockBetaInstances:              NewMockBetaInstances(projectRouter, mockInstancesObjs),
+		MockAlphaInstances:             NewMockAlphaInstances(projectRouter, mockInstancesObjs),
+		MockAlphaNetworkEndpointGroups: NewMockAlphaNetworkEndpointGroups(projectRouter, mockNetworkEndpointGroupsObjs),
+		MockProjects:                   NewMockProjects(projectRouter, mockProjectsObjs),
+		MockRegions:                    NewMockRegions(projectRouter, mockRegionsObjs),
+		MockRoutes:                     NewMockRoutes(projectRouter, mockRoutesObjs),
+		MockSslCertificates:            NewMockSslCertificates(projectRouter, mockSslCertificatesObjs),
+		MockTargetHttpProxies:          NewMockTargetHttpProxies(projectRouter, mockTargetHttpProxiesObjs),
+		MockTargetHttpsProxies:         NewMockTargetHttpsProxies(projectRouter, mockTargetHttpsProxiesObjs),
+		MockTargetPools:                NewMockTargetPools(projectRouter, mockTargetPoolsObjs),
+		MockUrlMaps:                    NewMockUrlMaps(projectRouter, mockUrlMapsObjs),
+		MockZones:                      NewMockZones(projectRouter, mockZonesObjs),
+	}
+	return mock
+}
+
+// MockGCE implements Cloud.
+var _ Cloud = (*MockGCE)(nil)
+
+// MockGCE is the mock for the compute API.
+type MockGCE struct {
+	MockAddresses                  *MockAddresses
+	MockAlphaAddresses             *MockAlphaAddresses
+	MockBetaAddresses              *MockBetaAddresses
+	MockGlobalAddresses            *MockGlobalAddresses
+	MockBackendServices            *MockBackendServices
+	MockAlphaBackendServices       *MockAlphaBackendServices
+	MockRegionBackendServices      *MockRegionBackendServices
+	MockAlphaRegionBackendServices *MockAlphaRegionBackendServices
+	MockDisks                      *MockDisks
+	MockAlphaDisks                 *MockAlphaDisks
+	MockAlphaRegionDisks           *MockAlphaRegionDisks
+	MockFirewalls                  *MockFirewalls
+	MockForwardingRules            *MockForwardingRules
+	MockAlphaForwardingRules       *MockAlphaForwardingRules
+	MockGlobalForwardingRules      *MockGlobalForwardingRules
+	MockHealthChecks               *MockHealthChecks
+	MockAlphaHealthChecks          *MockAlphaHealthChecks
+	MockHttpHealthChecks           *MockHttpHealthChecks
+	MockHttpsHealthChecks          *MockHttpsHealthChecks
+	MockInstanceGroups             *MockInstanceGroups
+	MockInstances                  *MockInstances
+	MockBetaInstances              *MockBetaInstances
+	MockAlphaInstances             *MockAlphaInstances
+	MockAlphaNetworkEndpointGroups *MockAlphaNetworkEndpointGroups
+	MockProjects                   *MockProjects
+	MockRegions                    *MockRegions
+	MockRoutes                     *MockRoutes
+	MockSslCertificates            *MockSslCertificates
+	MockTargetHttpProxies          *MockTargetHttpProxies
+	MockTargetHttpsProxies         *MockTargetHttpsProxies
+	MockTargetPools                *MockTargetPools
+	MockUrlMaps                    *MockUrlMaps
+	MockZones                      *MockZones
+}
+
+// Addresses returns the interface for the ga Addresses.
+func (mock *MockGCE) Addresses() Addresses {
+	return mock.MockAddresses
+}
+
+// AlphaAddresses returns the interface for the alpha Addresses.
+func (mock *MockGCE) AlphaAddresses() AlphaAddresses {
+	return mock.MockAlphaAddresses
+}
+
+// BetaAddresses returns the interface for the beta Addresses.
+func (mock *MockGCE) BetaAddresses() BetaAddresses {
+	return mock.MockBetaAddresses
+}
+
+// GlobalAddresses returns the interface for the ga GlobalAddresses.
+func (mock *MockGCE) GlobalAddresses() GlobalAddresses {
+	return mock.MockGlobalAddresses
+}
+
+// BackendServices returns the interface for the ga BackendServices.
+func (mock *MockGCE) BackendServices() BackendServices {
+	return mock.MockBackendServices
+}
+
+// AlphaBackendServices returns the interface for the alpha BackendServices.
+func (mock *MockGCE) AlphaBackendServices() AlphaBackendServices {
+	return mock.MockAlphaBackendServices
+}
+
+// RegionBackendServices returns the interface for the ga RegionBackendServices.
+func (mock *MockGCE) RegionBackendServices() RegionBackendServices {
+	return mock.MockRegionBackendServices
+}
+
+// AlphaRegionBackendServices returns the interface for the alpha RegionBackendServices.
+func (mock *MockGCE) AlphaRegionBackendServices() AlphaRegionBackendServices {
+	return mock.MockAlphaRegionBackendServices
+}
+
+// Disks returns the interface for the ga Disks.
+func (mock *MockGCE) Disks() Disks {
+	return mock.MockDisks
+}
+
+// AlphaDisks returns the interface for the alpha Disks.
+func (mock *MockGCE) AlphaDisks() AlphaDisks {
+	return mock.MockAlphaDisks
+}
+
+// AlphaRegionDisks returns the interface for the alpha RegionDisks.
+func (mock *MockGCE) AlphaRegionDisks() AlphaRegionDisks {
+	return mock.MockAlphaRegionDisks
+}
+
+// Firewalls returns the interface for the ga Firewalls.
+func (mock *MockGCE) Firewalls() Firewalls {
+	return mock.MockFirewalls
+}
+
+// ForwardingRules returns the interface for the ga ForwardingRules.
+func (mock *MockGCE) ForwardingRules() ForwardingRules {
+	return mock.MockForwardingRules
+}
+
+// AlphaForwardingRules returns the interface for the alpha ForwardingRules.
+func (mock *MockGCE) AlphaForwardingRules() AlphaForwardingRules {
+	return mock.MockAlphaForwardingRules
+}
+
+// GlobalForwardingRules returns the interface for the ga GlobalForwardingRules.
+func (mock *MockGCE) GlobalForwardingRules() GlobalForwardingRules {
+	return mock.MockGlobalForwardingRules
+}
+
+// HealthChecks returns the interface for the ga HealthChecks.
+func (mock *MockGCE) HealthChecks() HealthChecks {
+	return mock.MockHealthChecks
+}
+
+// AlphaHealthChecks returns the interface for the alpha HealthChecks.
+func (mock *MockGCE) AlphaHealthChecks() AlphaHealthChecks {
+	return mock.MockAlphaHealthChecks
+}
+
+// HttpHealthChecks returns the interface for the ga HttpHealthChecks.
+func (mock *MockGCE) HttpHealthChecks() HttpHealthChecks {
+	return mock.MockHttpHealthChecks
+}
+
+// HttpsHealthChecks returns the interface for the ga HttpsHealthChecks.
+func (mock *MockGCE) HttpsHealthChecks() HttpsHealthChecks {
+	return mock.MockHttpsHealthChecks
+}
+
+// InstanceGroups returns the interface for the ga InstanceGroups.
+func (mock *MockGCE) InstanceGroups() InstanceGroups {
+	return mock.MockInstanceGroups
+}
+
+// Instances returns the interface for the ga Instances.
+func (mock *MockGCE) Instances() Instances {
+	return mock.MockInstances
+}
+
+// BetaInstances returns the interface for the beta Instances.
+func (mock *MockGCE) BetaInstances() BetaInstances {
+	return mock.MockBetaInstances
+}
+
+// AlphaInstances returns the interface for the alpha Instances.
+func (mock *MockGCE) AlphaInstances() AlphaInstances {
+	return mock.MockAlphaInstances
+}
+
+// AlphaNetworkEndpointGroups returns the interface for the alpha NetworkEndpointGroups.
+func (mock *MockGCE) AlphaNetworkEndpointGroups() AlphaNetworkEndpointGroups {
+	return mock.MockAlphaNetworkEndpointGroups
+}
+
+// Projects returns the interface for the ga Projects.
+func (mock *MockGCE) Projects() Projects {
+	return mock.MockProjects
+}
+
+// Regions returns the interface for the ga Regions.
+func (mock *MockGCE) Regions() Regions {
+	return mock.MockRegions
+}
+
+// Routes returns the interface for the ga Routes.
+func (mock *MockGCE) Routes() Routes {
+	return mock.MockRoutes
+}
+
+// SslCertificates returns the interface for the ga SslCertificates.
+func (mock *MockGCE) SslCertificates() SslCertificates {
+	return mock.MockSslCertificates
+}
+
+// TargetHttpProxies returns the interface for the ga TargetHttpProxies.
+func (mock *MockGCE) TargetHttpProxies() TargetHttpProxies {
+	return mock.MockTargetHttpProxies
+}
+
+// TargetHttpsProxies returns the interface for the ga TargetHttpsProxies.
+func (mock *MockGCE) TargetHttpsProxies() TargetHttpsProxies {
+	return mock.MockTargetHttpsProxies
+}
+
+// TargetPools returns the interface for the ga TargetPools.
+func (mock *MockGCE) TargetPools() TargetPools {
+	return mock.MockTargetPools
+}
+
+// UrlMaps returns the interface for the ga UrlMaps.
+func (mock *MockGCE) UrlMaps() UrlMaps {
+	return mock.MockUrlMaps
+}
+
+// Zones returns the interface for the ga Zones.
+func (mock *MockGCE) Zones() Zones {
+	return mock.MockZones
+}
+
+// MockAddressesObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockAddressesObj struct {
+	Obj interface{}
+}
+
+// ToAlpha retrieves the given version of the object.
+func (m *MockAddressesObj) ToAlpha() *alpha.Address {
+	if ret, ok := m.Obj.(*alpha.Address); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &alpha.Address{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *alpha.Address via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// ToBeta retrieves the given version of the object.
+func (m *MockAddressesObj) ToBeta() *beta.Address {
+	if ret, ok := m.Obj.(*beta.Address); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &beta.Address{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *beta.Address via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockAddressesObj) ToGA() *ga.Address {
+	if ret, ok := m.Obj.(*ga.Address); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.Address{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.Address via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockBackendServicesObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockBackendServicesObj struct {
+	Obj interface{}
+}
+
+// ToAlpha retrieves the given version of the object.
+func (m *MockBackendServicesObj) ToAlpha() *alpha.BackendService {
+	if ret, ok := m.Obj.(*alpha.BackendService); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &alpha.BackendService{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *alpha.BackendService via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockBackendServicesObj) ToGA() *ga.BackendService {
+	if ret, ok := m.Obj.(*ga.BackendService); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.BackendService{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.BackendService via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockDisksObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockDisksObj struct {
+	Obj interface{}
+}
+
+// ToAlpha retrieves the given version of the object.
+func (m *MockDisksObj) ToAlpha() *alpha.Disk {
+	if ret, ok := m.Obj.(*alpha.Disk); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &alpha.Disk{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *alpha.Disk via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockDisksObj) ToGA() *ga.Disk {
+	if ret, ok := m.Obj.(*ga.Disk); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.Disk{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.Disk via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockFirewallsObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockFirewallsObj struct {
+	Obj interface{}
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockFirewallsObj) ToGA() *ga.Firewall {
+	if ret, ok := m.Obj.(*ga.Firewall); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.Firewall{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.Firewall via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockForwardingRulesObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockForwardingRulesObj struct {
+	Obj interface{}
+}
+
+// ToAlpha retrieves the given version of the object.
+func (m *MockForwardingRulesObj) ToAlpha() *alpha.ForwardingRule {
+	if ret, ok := m.Obj.(*alpha.ForwardingRule); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &alpha.ForwardingRule{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *alpha.ForwardingRule via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockForwardingRulesObj) ToGA() *ga.ForwardingRule {
+	if ret, ok := m.Obj.(*ga.ForwardingRule); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.ForwardingRule{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.ForwardingRule via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockGlobalAddressesObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockGlobalAddressesObj struct {
+	Obj interface{}
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockGlobalAddressesObj) ToGA() *ga.Address {
+	if ret, ok := m.Obj.(*ga.Address); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.Address{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.Address via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockGlobalForwardingRulesObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockGlobalForwardingRulesObj struct {
+	Obj interface{}
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockGlobalForwardingRulesObj) ToGA() *ga.ForwardingRule {
+	if ret, ok := m.Obj.(*ga.ForwardingRule); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.ForwardingRule{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.ForwardingRule via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockHealthChecksObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockHealthChecksObj struct {
+	Obj interface{}
+}
+
+// ToAlpha retrieves the given version of the object.
+func (m *MockHealthChecksObj) ToAlpha() *alpha.HealthCheck {
+	if ret, ok := m.Obj.(*alpha.HealthCheck); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &alpha.HealthCheck{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *alpha.HealthCheck via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockHealthChecksObj) ToGA() *ga.HealthCheck {
+	if ret, ok := m.Obj.(*ga.HealthCheck); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.HealthCheck{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.HealthCheck via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockHttpHealthChecksObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockHttpHealthChecksObj struct {
+	Obj interface{}
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockHttpHealthChecksObj) ToGA() *ga.HttpHealthCheck {
+	if ret, ok := m.Obj.(*ga.HttpHealthCheck); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.HttpHealthCheck{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.HttpHealthCheck via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockHttpsHealthChecksObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockHttpsHealthChecksObj struct {
+	Obj interface{}
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockHttpsHealthChecksObj) ToGA() *ga.HttpsHealthCheck {
+	if ret, ok := m.Obj.(*ga.HttpsHealthCheck); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.HttpsHealthCheck{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.HttpsHealthCheck via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockInstanceGroupsObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockInstanceGroupsObj struct {
+	Obj interface{}
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockInstanceGroupsObj) ToGA() *ga.InstanceGroup {
+	if ret, ok := m.Obj.(*ga.InstanceGroup); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.InstanceGroup{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.InstanceGroup via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockInstancesObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockInstancesObj struct {
+	Obj interface{}
+}
+
+// ToAlpha retrieves the given version of the object.
+func (m *MockInstancesObj) ToAlpha() *alpha.Instance {
+	if ret, ok := m.Obj.(*alpha.Instance); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &alpha.Instance{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *alpha.Instance via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// ToBeta retrieves the given version of the object.
+func (m *MockInstancesObj) ToBeta() *beta.Instance {
+	if ret, ok := m.Obj.(*beta.Instance); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &beta.Instance{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *beta.Instance via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockInstancesObj) ToGA() *ga.Instance {
+	if ret, ok := m.Obj.(*ga.Instance); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.Instance{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.Instance via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockNetworkEndpointGroupsObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockNetworkEndpointGroupsObj struct {
+	Obj interface{}
+}
+
+// ToAlpha retrieves the given version of the object.
+func (m *MockNetworkEndpointGroupsObj) ToAlpha() *alpha.NetworkEndpointGroup {
+	if ret, ok := m.Obj.(*alpha.NetworkEndpointGroup); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &alpha.NetworkEndpointGroup{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *alpha.NetworkEndpointGroup via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockProjectsObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockProjectsObj struct {
+	Obj interface{}
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockProjectsObj) ToGA() *ga.Project {
+	if ret, ok := m.Obj.(*ga.Project); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.Project{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.Project via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockRegionBackendServicesObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockRegionBackendServicesObj struct {
+	Obj interface{}
+}
+
+// ToAlpha retrieves the given version of the object.
+func (m *MockRegionBackendServicesObj) ToAlpha() *alpha.BackendService {
+	if ret, ok := m.Obj.(*alpha.BackendService); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &alpha.BackendService{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *alpha.BackendService via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockRegionBackendServicesObj) ToGA() *ga.BackendService {
+	if ret, ok := m.Obj.(*ga.BackendService); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.BackendService{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.BackendService via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockRegionDisksObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockRegionDisksObj struct {
+	Obj interface{}
+}
+
+// ToAlpha retrieves the given version of the object.
+func (m *MockRegionDisksObj) ToAlpha() *alpha.Disk {
+	if ret, ok := m.Obj.(*alpha.Disk); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &alpha.Disk{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *alpha.Disk via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockRegionsObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockRegionsObj struct {
+	Obj interface{}
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockRegionsObj) ToGA() *ga.Region {
+	if ret, ok := m.Obj.(*ga.Region); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.Region{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.Region via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockRoutesObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockRoutesObj struct {
+	Obj interface{}
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockRoutesObj) ToGA() *ga.Route {
+	if ret, ok := m.Obj.(*ga.Route); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.Route{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.Route via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockSslCertificatesObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockSslCertificatesObj struct {
+	Obj interface{}
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockSslCertificatesObj) ToGA() *ga.SslCertificate {
+	if ret, ok := m.Obj.(*ga.SslCertificate); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.SslCertificate{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.SslCertificate via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockTargetHttpProxiesObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockTargetHttpProxiesObj struct {
+	Obj interface{}
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockTargetHttpProxiesObj) ToGA() *ga.TargetHttpProxy {
+	if ret, ok := m.Obj.(*ga.TargetHttpProxy); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.TargetHttpProxy{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.TargetHttpProxy via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockTargetHttpsProxiesObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockTargetHttpsProxiesObj struct {
+	Obj interface{}
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockTargetHttpsProxiesObj) ToGA() *ga.TargetHttpsProxy {
+	if ret, ok := m.Obj.(*ga.TargetHttpsProxy); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.TargetHttpsProxy{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.TargetHttpsProxy via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockTargetPoolsObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockTargetPoolsObj struct {
+	Obj interface{}
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockTargetPoolsObj) ToGA() *ga.TargetPool {
+	if ret, ok := m.Obj.(*ga.TargetPool); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.TargetPool{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.TargetPool via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockUrlMapsObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockUrlMapsObj struct {
+	Obj interface{}
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockUrlMapsObj) ToGA() *ga.UrlMap {
+	if ret, ok := m.Obj.(*ga.UrlMap); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.UrlMap{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.UrlMap via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// MockZonesObj is used to store the various object versions in the shared
+// map of mocked objects. This allows for multiple API versions to co-exist and
+// share the same "view" of the objects in the backend.
+type MockZonesObj struct {
+	Obj interface{}
+}
+
+// ToGA retrieves the given version of the object.
+func (m *MockZonesObj) ToGA() *ga.Zone {
+	if ret, ok := m.Obj.(*ga.Zone); ok {
+		return ret
+	}
+	// Convert the object via JSON copying to the type that was requested.
+	ret := &ga.Zone{}
+	if err := copyViaJSON(ret, m.Obj); err != nil {
+		glog.Errorf("Could not convert %T to *ga.Zone via JSON: %v", m.Obj, err)
+	}
+	return ret
+}
+
+// Addresses is an interface that allows for mocking of Addresses.
+type Addresses interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.Address, error)
+	List(ctx context.Context, region string, fl *filter.F) ([]*ga.Address, error)
+	Insert(ctx context.Context, key *meta.Key, obj *ga.Address) error
+	Delete(ctx context.Context, key *meta.Key) error
+}
+
+// NewMockAddresses returns a new mock for Addresses.
+func NewMockAddresses(pr ProjectRouter, objs map[meta.Key]*MockAddressesObj) *MockAddresses {
+	mock := &MockAddresses{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockAddresses is the mock for Addresses.
+type MockAddresses struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockAddressesObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook    func(ctx context.Context, key *meta.Key, m *MockAddresses) (bool, *ga.Address, error)
+	ListHook   func(ctx context.Context, region string, fl *filter.F, m *MockAddresses) (bool, []*ga.Address, error)
+	InsertHook func(ctx context.Context, key *meta.Key, obj *ga.Address, m *MockAddresses) (bool, error)
+	DeleteHook func(ctx context.Context, key *meta.Key, m *MockAddresses) (bool, error)
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockAddresses) Get(ctx context.Context, key *meta.Key) (*ga.Address, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAddresses.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockAddresses.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockAddresses.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockAddresses %v not found", key),
+	}
+	glog.V(5).Infof("MockAddresses.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock in the given region.
+func (m *MockAddresses) List(ctx context.Context, region string, fl *filter.F) ([]*ga.Address, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, region, fl, m); intercept {
+			glog.V(5).Infof("MockAddresses.List(%v, %q, %v) = [%v items], %v", ctx, region, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockAddresses.List(%v, %q, %v) = nil, %v", ctx, region, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.Address
+	for key, obj := range m.Objects {
+		if key.Region != region {
+			continue
+		}
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockAddresses.List(%v, %q, %v) = [%v items], nil", ctx, region, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockAddresses) Insert(ctx context.Context, key *meta.Key, obj *ga.Address) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockAddresses.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockAddresses.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockAddresses %v exists", key),
+		}
+		glog.V(5).Infof("MockAddresses.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "ga", "addresses")
+	obj.SelfLink = SelfLink(meta.VersionGA, projectID, "addresses", key)
+
+	m.Objects[*key] = &MockAddressesObj{obj}
+	glog.V(5).Infof("MockAddresses.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockAddresses) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAddresses.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockAddresses.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockAddresses %v not found", key),
+		}
+		glog.V(5).Infof("MockAddresses.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockAddresses.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockAddresses) Obj(o *ga.Address) *MockAddressesObj {
+	return &MockAddressesObj{o}
+}
+
+// GCEAddresses is a simplifying adapter for the GCE Addresses.
+type GCEAddresses struct {
+	s *Service
+}
+
+// Get the Address named by key.
+func (g *GCEAddresses) Get(ctx context.Context, key *meta.Key) (*ga.Address, error) {
+	glog.V(5).Infof("GCEAddresses.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAddresses.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Addresses")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "Addresses",
+	}
+	glog.V(5).Infof("GCEAddresses.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAddresses.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.Addresses.Get(projectID, key.Region, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEAddresses.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all Address objects.
+func (g *GCEAddresses) List(ctx context.Context, region string, fl *filter.F) ([]*ga.Address, error) {
+	glog.V(5).Infof("GCEAddresses.List(%v, %v, %v) called", ctx, region, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Addresses")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "Addresses",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEAddresses.List(%v, %v, %v): projectID = %v, rk = %+v", ctx, region, fl, projectID, rk)
+	call := g.s.GA.Addresses.List(projectID, region)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.Address
+	f := func(l *ga.AddressList) error {
+		glog.V(5).Infof("GCEAddresses.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEAddresses.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEAddresses.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEAddresses.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert Address with key of value obj.
+func (g *GCEAddresses) Insert(ctx context.Context, key *meta.Key, obj *ga.Address) error {
+	glog.V(5).Infof("GCEAddresses.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAddresses.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Addresses")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("ga"),
+		Service:   "Addresses",
+	}
+	glog.V(5).Infof("GCEAddresses.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAddresses.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.GA.Addresses.Insert(projectID, key.Region, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAddresses.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAddresses.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the Address referenced by key.
+func (g *GCEAddresses) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEAddresses.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAddresses.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Addresses")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("ga"),
+		Service:   "Addresses",
+	}
+	glog.V(5).Infof("GCEAddresses.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAddresses.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.Addresses.Delete(projectID, key.Region, key.Name)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAddresses.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAddresses.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// AlphaAddresses is an interface that allows for mocking of Addresses.
+type AlphaAddresses interface {
+	Get(ctx context.Context, key *meta.Key) (*alpha.Address, error)
+	List(ctx context.Context, region string, fl *filter.F) ([]*alpha.Address, error)
+	Insert(ctx context.Context, key *meta.Key, obj *alpha.Address) error
+	Delete(ctx context.Context, key *meta.Key) error
+}
+
+// NewMockAlphaAddresses returns a new mock for Addresses.
+func NewMockAlphaAddresses(pr ProjectRouter, objs map[meta.Key]*MockAddressesObj) *MockAlphaAddresses {
+	mock := &MockAlphaAddresses{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockAlphaAddresses is the mock for Addresses.
+type MockAlphaAddresses struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockAddressesObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook    func(ctx context.Context, key *meta.Key, m *MockAlphaAddresses) (bool, *alpha.Address, error)
+	ListHook   func(ctx context.Context, region string, fl *filter.F, m *MockAlphaAddresses) (bool, []*alpha.Address, error)
+	InsertHook func(ctx context.Context, key *meta.Key, obj *alpha.Address, m *MockAlphaAddresses) (bool, error)
+	DeleteHook func(ctx context.Context, key *meta.Key, m *MockAlphaAddresses) (bool, error)
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockAlphaAddresses) Get(ctx context.Context, key *meta.Key) (*alpha.Address, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAlphaAddresses.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockAlphaAddresses.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToAlpha()
+		glog.V(5).Infof("MockAlphaAddresses.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockAlphaAddresses %v not found", key),
+	}
+	glog.V(5).Infof("MockAlphaAddresses.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock in the given region.
+func (m *MockAlphaAddresses) List(ctx context.Context, region string, fl *filter.F) ([]*alpha.Address, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, region, fl, m); intercept {
+			glog.V(5).Infof("MockAlphaAddresses.List(%v, %q, %v) = [%v items], %v", ctx, region, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockAlphaAddresses.List(%v, %q, %v) = nil, %v", ctx, region, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*alpha.Address
+	for key, obj := range m.Objects {
+		if key.Region != region {
+			continue
+		}
+		if !fl.Match(obj.ToAlpha()) {
+			continue
+		}
+		objs = append(objs, obj.ToAlpha())
+	}
+
+	glog.V(5).Infof("MockAlphaAddresses.List(%v, %q, %v) = [%v items], nil", ctx, region, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockAlphaAddresses) Insert(ctx context.Context, key *meta.Key, obj *alpha.Address) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockAlphaAddresses.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockAlphaAddresses.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockAlphaAddresses %v exists", key),
+		}
+		glog.V(5).Infof("MockAlphaAddresses.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "alpha", "addresses")
+	obj.SelfLink = SelfLink(meta.VersionAlpha, projectID, "addresses", key)
+
+	m.Objects[*key] = &MockAddressesObj{obj}
+	glog.V(5).Infof("MockAlphaAddresses.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockAlphaAddresses) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAlphaAddresses.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockAlphaAddresses.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockAlphaAddresses %v not found", key),
+		}
+		glog.V(5).Infof("MockAlphaAddresses.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockAlphaAddresses.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockAlphaAddresses) Obj(o *alpha.Address) *MockAddressesObj {
+	return &MockAddressesObj{o}
+}
+
+// GCEAlphaAddresses is a simplifying adapter for the GCE Addresses.
+type GCEAlphaAddresses struct {
+	s *Service
+}
+
+// Get the Address named by key.
+func (g *GCEAlphaAddresses) Get(ctx context.Context, key *meta.Key) (*alpha.Address, error) {
+	glog.V(5).Infof("GCEAlphaAddresses.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaAddresses.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "Addresses")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("alpha"),
+		Service:   "Addresses",
+	}
+	glog.V(5).Infof("GCEAlphaAddresses.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaAddresses.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.Alpha.Addresses.Get(projectID, key.Region, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEAlphaAddresses.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all Address objects.
+func (g *GCEAlphaAddresses) List(ctx context.Context, region string, fl *filter.F) ([]*alpha.Address, error) {
+	glog.V(5).Infof("GCEAlphaAddresses.List(%v, %v, %v) called", ctx, region, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "Addresses")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("alpha"),
+		Service:   "Addresses",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEAlphaAddresses.List(%v, %v, %v): projectID = %v, rk = %+v", ctx, region, fl, projectID, rk)
+	call := g.s.Alpha.Addresses.List(projectID, region)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*alpha.Address
+	f := func(l *alpha.AddressList) error {
+		glog.V(5).Infof("GCEAlphaAddresses.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEAlphaAddresses.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEAlphaAddresses.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEAlphaAddresses.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert Address with key of value obj.
+func (g *GCEAlphaAddresses) Insert(ctx context.Context, key *meta.Key, obj *alpha.Address) error {
+	glog.V(5).Infof("GCEAlphaAddresses.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaAddresses.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "Addresses")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("alpha"),
+		Service:   "Addresses",
+	}
+	glog.V(5).Infof("GCEAlphaAddresses.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaAddresses.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.Alpha.Addresses.Insert(projectID, key.Region, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaAddresses.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaAddresses.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the Address referenced by key.
+func (g *GCEAlphaAddresses) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEAlphaAddresses.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaAddresses.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "Addresses")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("alpha"),
+		Service:   "Addresses",
+	}
+	glog.V(5).Infof("GCEAlphaAddresses.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaAddresses.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Alpha.Addresses.Delete(projectID, key.Region, key.Name)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaAddresses.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaAddresses.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// BetaAddresses is an interface that allows for mocking of Addresses.
+type BetaAddresses interface {
+	Get(ctx context.Context, key *meta.Key) (*beta.Address, error)
+	List(ctx context.Context, region string, fl *filter.F) ([]*beta.Address, error)
+	Insert(ctx context.Context, key *meta.Key, obj *beta.Address) error
+	Delete(ctx context.Context, key *meta.Key) error
+}
+
+// NewMockBetaAddresses returns a new mock for Addresses.
+func NewMockBetaAddresses(pr ProjectRouter, objs map[meta.Key]*MockAddressesObj) *MockBetaAddresses {
+	mock := &MockBetaAddresses{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockBetaAddresses is the mock for Addresses.
+type MockBetaAddresses struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockAddressesObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook    func(ctx context.Context, key *meta.Key, m *MockBetaAddresses) (bool, *beta.Address, error)
+	ListHook   func(ctx context.Context, region string, fl *filter.F, m *MockBetaAddresses) (bool, []*beta.Address, error)
+	InsertHook func(ctx context.Context, key *meta.Key, obj *beta.Address, m *MockBetaAddresses) (bool, error)
+	DeleteHook func(ctx context.Context, key *meta.Key, m *MockBetaAddresses) (bool, error)
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockBetaAddresses) Get(ctx context.Context, key *meta.Key) (*beta.Address, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockBetaAddresses.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockBetaAddresses.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToBeta()
+		glog.V(5).Infof("MockBetaAddresses.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockBetaAddresses %v not found", key),
+	}
+	glog.V(5).Infof("MockBetaAddresses.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock in the given region.
+func (m *MockBetaAddresses) List(ctx context.Context, region string, fl *filter.F) ([]*beta.Address, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, region, fl, m); intercept {
+			glog.V(5).Infof("MockBetaAddresses.List(%v, %q, %v) = [%v items], %v", ctx, region, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockBetaAddresses.List(%v, %q, %v) = nil, %v", ctx, region, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*beta.Address
+	for key, obj := range m.Objects {
+		if key.Region != region {
+			continue
+		}
+		if !fl.Match(obj.ToBeta()) {
+			continue
+		}
+		objs = append(objs, obj.ToBeta())
+	}
+
+	glog.V(5).Infof("MockBetaAddresses.List(%v, %q, %v) = [%v items], nil", ctx, region, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockBetaAddresses) Insert(ctx context.Context, key *meta.Key, obj *beta.Address) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockBetaAddresses.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockBetaAddresses.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockBetaAddresses %v exists", key),
+		}
+		glog.V(5).Infof("MockBetaAddresses.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "beta", "addresses")
+	obj.SelfLink = SelfLink(meta.VersionBeta, projectID, "addresses", key)
+
+	m.Objects[*key] = &MockAddressesObj{obj}
+	glog.V(5).Infof("MockBetaAddresses.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockBetaAddresses) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockBetaAddresses.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockBetaAddresses.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockBetaAddresses %v not found", key),
+		}
+		glog.V(5).Infof("MockBetaAddresses.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockBetaAddresses.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockBetaAddresses) Obj(o *beta.Address) *MockAddressesObj {
+	return &MockAddressesObj{o}
+}
+
+// GCEBetaAddresses is a simplifying adapter for the GCE Addresses.
+type GCEBetaAddresses struct {
+	s *Service
+}
+
+// Get the Address named by key.
+func (g *GCEBetaAddresses) Get(ctx context.Context, key *meta.Key) (*beta.Address, error) {
+	glog.V(5).Infof("GCEBetaAddresses.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEBetaAddresses.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "beta", "Addresses")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("beta"),
+		Service:   "Addresses",
+	}
+	glog.V(5).Infof("GCEBetaAddresses.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEBetaAddresses.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.Beta.Addresses.Get(projectID, key.Region, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEBetaAddresses.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all Address objects.
+func (g *GCEBetaAddresses) List(ctx context.Context, region string, fl *filter.F) ([]*beta.Address, error) {
+	glog.V(5).Infof("GCEBetaAddresses.List(%v, %v, %v) called", ctx, region, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "beta", "Addresses")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("beta"),
+		Service:   "Addresses",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEBetaAddresses.List(%v, %v, %v): projectID = %v, rk = %+v", ctx, region, fl, projectID, rk)
+	call := g.s.Beta.Addresses.List(projectID, region)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*beta.Address
+	f := func(l *beta.AddressList) error {
+		glog.V(5).Infof("GCEBetaAddresses.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEBetaAddresses.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEBetaAddresses.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEBetaAddresses.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert Address with key of value obj.
+func (g *GCEBetaAddresses) Insert(ctx context.Context, key *meta.Key, obj *beta.Address) error {
+	glog.V(5).Infof("GCEBetaAddresses.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEBetaAddresses.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "beta", "Addresses")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("beta"),
+		Service:   "Addresses",
+	}
+	glog.V(5).Infof("GCEBetaAddresses.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEBetaAddresses.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.Beta.Addresses.Insert(projectID, key.Region, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEBetaAddresses.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEBetaAddresses.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the Address referenced by key.
+func (g *GCEBetaAddresses) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEBetaAddresses.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEBetaAddresses.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "beta", "Addresses")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("beta"),
+		Service:   "Addresses",
+	}
+	glog.V(5).Infof("GCEBetaAddresses.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEBetaAddresses.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Beta.Addresses.Delete(projectID, key.Region, key.Name)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEBetaAddresses.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEBetaAddresses.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// GlobalAddresses is an interface that allows for mocking of GlobalAddresses.
+type GlobalAddresses interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.Address, error)
+	List(ctx context.Context, fl *filter.F) ([]*ga.Address, error)
+	Insert(ctx context.Context, key *meta.Key, obj *ga.Address) error
+	Delete(ctx context.Context, key *meta.Key) error
+}
+
+// NewMockGlobalAddresses returns a new mock for GlobalAddresses.
+func NewMockGlobalAddresses(pr ProjectRouter, objs map[meta.Key]*MockGlobalAddressesObj) *MockGlobalAddresses {
+	mock := &MockGlobalAddresses{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockGlobalAddresses is the mock for GlobalAddresses.
+type MockGlobalAddresses struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockGlobalAddressesObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook    func(ctx context.Context, key *meta.Key, m *MockGlobalAddresses) (bool, *ga.Address, error)
+	ListHook   func(ctx context.Context, fl *filter.F, m *MockGlobalAddresses) (bool, []*ga.Address, error)
+	InsertHook func(ctx context.Context, key *meta.Key, obj *ga.Address, m *MockGlobalAddresses) (bool, error)
+	DeleteHook func(ctx context.Context, key *meta.Key, m *MockGlobalAddresses) (bool, error)
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockGlobalAddresses) Get(ctx context.Context, key *meta.Key) (*ga.Address, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockGlobalAddresses.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockGlobalAddresses.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockGlobalAddresses.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockGlobalAddresses %v not found", key),
+	}
+	glog.V(5).Infof("MockGlobalAddresses.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock.
+func (m *MockGlobalAddresses) List(ctx context.Context, fl *filter.F) ([]*ga.Address, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, fl, m); intercept {
+			glog.V(5).Infof("MockGlobalAddresses.List(%v, %v) = [%v items], %v", ctx, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockGlobalAddresses.List(%v, %v) = nil, %v", ctx, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.Address
+	for _, obj := range m.Objects {
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockGlobalAddresses.List(%v, %v) = [%v items], nil", ctx, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockGlobalAddresses) Insert(ctx context.Context, key *meta.Key, obj *ga.Address) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockGlobalAddresses.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockGlobalAddresses.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockGlobalAddresses %v exists", key),
+		}
+		glog.V(5).Infof("MockGlobalAddresses.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "ga", "addresses")
+	obj.SelfLink = SelfLink(meta.VersionGA, projectID, "addresses", key)
+
+	m.Objects[*key] = &MockGlobalAddressesObj{obj}
+	glog.V(5).Infof("MockGlobalAddresses.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockGlobalAddresses) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockGlobalAddresses.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockGlobalAddresses.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockGlobalAddresses %v not found", key),
+		}
+		glog.V(5).Infof("MockGlobalAddresses.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockGlobalAddresses.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockGlobalAddresses) Obj(o *ga.Address) *MockGlobalAddressesObj {
+	return &MockGlobalAddressesObj{o}
+}
+
+// GCEGlobalAddresses is a simplifying adapter for the GCE GlobalAddresses.
+type GCEGlobalAddresses struct {
+	s *Service
+}
+
+// Get the Address named by key.
+func (g *GCEGlobalAddresses) Get(ctx context.Context, key *meta.Key) (*ga.Address, error) {
+	glog.V(5).Infof("GCEGlobalAddresses.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEGlobalAddresses.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "GlobalAddresses")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "GlobalAddresses",
+	}
+	glog.V(5).Infof("GCEGlobalAddresses.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEGlobalAddresses.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.GlobalAddresses.Get(projectID, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEGlobalAddresses.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all Address objects.
+func (g *GCEGlobalAddresses) List(ctx context.Context, fl *filter.F) ([]*ga.Address, error) {
+	glog.V(5).Infof("GCEGlobalAddresses.List(%v, %v) called", ctx, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "GlobalAddresses")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "GlobalAddresses",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEGlobalAddresses.List(%v, %v): projectID = %v, rk = %+v", ctx, fl, projectID, rk)
+	call := g.s.GA.GlobalAddresses.List(projectID)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.Address
+	f := func(l *ga.AddressList) error {
+		glog.V(5).Infof("GCEGlobalAddresses.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEGlobalAddresses.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEGlobalAddresses.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEGlobalAddresses.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert Address with key of value obj.
+func (g *GCEGlobalAddresses) Insert(ctx context.Context, key *meta.Key, obj *ga.Address) error {
+	glog.V(5).Infof("GCEGlobalAddresses.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEGlobalAddresses.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "GlobalAddresses")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("ga"),
+		Service:   "GlobalAddresses",
+	}
+	glog.V(5).Infof("GCEGlobalAddresses.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEGlobalAddresses.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.GA.GlobalAddresses.Insert(projectID, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEGlobalAddresses.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEGlobalAddresses.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the Address referenced by key.
+func (g *GCEGlobalAddresses) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEGlobalAddresses.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEGlobalAddresses.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "GlobalAddresses")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("ga"),
+		Service:   "GlobalAddresses",
+	}
+	glog.V(5).Infof("GCEGlobalAddresses.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEGlobalAddresses.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.GlobalAddresses.Delete(projectID, key.Name)
+
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEGlobalAddresses.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEGlobalAddresses.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// BackendServices is an interface that allows for mocking of BackendServices.
+type BackendServices interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.BackendService, error)
+	List(ctx context.Context, fl *filter.F) ([]*ga.BackendService, error)
+	Insert(ctx context.Context, key *meta.Key, obj *ga.BackendService) error
+	Delete(ctx context.Context, key *meta.Key) error
+	GetHealth(context.Context, *meta.Key, *ga.ResourceGroupReference) (*ga.BackendServiceGroupHealth, error)
+	Update(context.Context, *meta.Key, *ga.BackendService) error
+}
+
+// NewMockBackendServices returns a new mock for BackendServices.
+func NewMockBackendServices(pr ProjectRouter, objs map[meta.Key]*MockBackendServicesObj) *MockBackendServices {
+	mock := &MockBackendServices{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockBackendServices is the mock for BackendServices.
+type MockBackendServices struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockBackendServicesObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook       func(ctx context.Context, key *meta.Key, m *MockBackendServices) (bool, *ga.BackendService, error)
+	ListHook      func(ctx context.Context, fl *filter.F, m *MockBackendServices) (bool, []*ga.BackendService, error)
+	InsertHook    func(ctx context.Context, key *meta.Key, obj *ga.BackendService, m *MockBackendServices) (bool, error)
+	DeleteHook    func(ctx context.Context, key *meta.Key, m *MockBackendServices) (bool, error)
+	GetHealthHook func(context.Context, *meta.Key, *ga.ResourceGroupReference, *MockBackendServices) (*ga.BackendServiceGroupHealth, error)
+	UpdateHook    func(context.Context, *meta.Key, *ga.BackendService, *MockBackendServices) error
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockBackendServices) Get(ctx context.Context, key *meta.Key) (*ga.BackendService, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockBackendServices.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockBackendServices.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockBackendServices.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockBackendServices %v not found", key),
+	}
+	glog.V(5).Infof("MockBackendServices.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock.
+func (m *MockBackendServices) List(ctx context.Context, fl *filter.F) ([]*ga.BackendService, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, fl, m); intercept {
+			glog.V(5).Infof("MockBackendServices.List(%v, %v) = [%v items], %v", ctx, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockBackendServices.List(%v, %v) = nil, %v", ctx, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.BackendService
+	for _, obj := range m.Objects {
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockBackendServices.List(%v, %v) = [%v items], nil", ctx, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockBackendServices) Insert(ctx context.Context, key *meta.Key, obj *ga.BackendService) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockBackendServices.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockBackendServices.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockBackendServices %v exists", key),
+		}
+		glog.V(5).Infof("MockBackendServices.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "ga", "backendServices")
+	obj.SelfLink = SelfLink(meta.VersionGA, projectID, "backendServices", key)
+
+	m.Objects[*key] = &MockBackendServicesObj{obj}
+	glog.V(5).Infof("MockBackendServices.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockBackendServices) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockBackendServices %v not found", key),
+		}
+		glog.V(5).Infof("MockBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockBackendServices.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockBackendServices) Obj(o *ga.BackendService) *MockBackendServicesObj {
+	return &MockBackendServicesObj{o}
+}
+
+// GetHealth is a mock for the corresponding method.
+func (m *MockBackendServices) GetHealth(ctx context.Context, key *meta.Key, arg0 *ga.ResourceGroupReference) (*ga.BackendServiceGroupHealth, error) {
+	if m.GetHealthHook != nil {
+		return m.GetHealthHook(ctx, key, arg0, m)
+	}
+	return nil, fmt.Errorf("GetHealthHook must be set")
+}
+
+// Update is a mock for the corresponding method.
+func (m *MockBackendServices) Update(ctx context.Context, key *meta.Key, arg0 *ga.BackendService) error {
+	if m.UpdateHook != nil {
+		return m.UpdateHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// GCEBackendServices is a simplifying adapter for the GCE BackendServices.
+type GCEBackendServices struct {
+	s *Service
+}
+
+// Get the BackendService named by key.
+func (g *GCEBackendServices) Get(ctx context.Context, key *meta.Key) (*ga.BackendService, error) {
+	glog.V(5).Infof("GCEBackendServices.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEBackendServices.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "BackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "BackendServices",
+	}
+	glog.V(5).Infof("GCEBackendServices.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEBackendServices.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.BackendServices.Get(projectID, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEBackendServices.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all BackendService objects.
+func (g *GCEBackendServices) List(ctx context.Context, fl *filter.F) ([]*ga.BackendService, error) {
+	glog.V(5).Infof("GCEBackendServices.List(%v, %v) called", ctx, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "BackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "BackendServices",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEBackendServices.List(%v, %v): projectID = %v, rk = %+v", ctx, fl, projectID, rk)
+	call := g.s.GA.BackendServices.List(projectID)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.BackendService
+	f := func(l *ga.BackendServiceList) error {
+		glog.V(5).Infof("GCEBackendServices.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEBackendServices.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEBackendServices.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEBackendServices.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert BackendService with key of value obj.
+func (g *GCEBackendServices) Insert(ctx context.Context, key *meta.Key, obj *ga.BackendService) error {
+	glog.V(5).Infof("GCEBackendServices.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEBackendServices.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "BackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("ga"),
+		Service:   "BackendServices",
+	}
+	glog.V(5).Infof("GCEBackendServices.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEBackendServices.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.GA.BackendServices.Insert(projectID, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEBackendServices.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEBackendServices.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the BackendService referenced by key.
+func (g *GCEBackendServices) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEBackendServices.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEBackendServices.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "BackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("ga"),
+		Service:   "BackendServices",
+	}
+	glog.V(5).Infof("GCEBackendServices.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEBackendServices.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.BackendServices.Delete(projectID, key.Name)
+
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// GetHealth is a method on GCEBackendServices.
+func (g *GCEBackendServices) GetHealth(ctx context.Context, key *meta.Key, arg0 *ga.ResourceGroupReference) (*ga.BackendServiceGroupHealth, error) {
+	glog.V(5).Infof("GCEBackendServices.GetHealth(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEBackendServices.GetHealth(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "BackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "GetHealth",
+		Version:   meta.Version("ga"),
+		Service:   "BackendServices",
+	}
+	glog.V(5).Infof("GCEBackendServices.GetHealth(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEBackendServices.GetHealth(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.BackendServices.GetHealth(projectID, key.Name, arg0)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEBackendServices.GetHealth(%v, %v, ...) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// Update is a method on GCEBackendServices.
+func (g *GCEBackendServices) Update(ctx context.Context, key *meta.Key, arg0 *ga.BackendService) error {
+	glog.V(5).Infof("GCEBackendServices.Update(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEBackendServices.Update(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "BackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Update",
+		Version:   meta.Version("ga"),
+		Service:   "BackendServices",
+	}
+	glog.V(5).Infof("GCEBackendServices.Update(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEBackendServices.Update(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.BackendServices.Update(projectID, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEBackendServices.Update(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEBackendServices.Update(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// AlphaBackendServices is an interface that allows for mocking of BackendServices.
+type AlphaBackendServices interface {
+	Get(ctx context.Context, key *meta.Key) (*alpha.BackendService, error)
+	List(ctx context.Context, fl *filter.F) ([]*alpha.BackendService, error)
+	Insert(ctx context.Context, key *meta.Key, obj *alpha.BackendService) error
+	Delete(ctx context.Context, key *meta.Key) error
+	Update(context.Context, *meta.Key, *alpha.BackendService) error
+}
+
+// NewMockAlphaBackendServices returns a new mock for BackendServices.
+func NewMockAlphaBackendServices(pr ProjectRouter, objs map[meta.Key]*MockBackendServicesObj) *MockAlphaBackendServices {
+	mock := &MockAlphaBackendServices{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockAlphaBackendServices is the mock for BackendServices.
+type MockAlphaBackendServices struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockBackendServicesObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook    func(ctx context.Context, key *meta.Key, m *MockAlphaBackendServices) (bool, *alpha.BackendService, error)
+	ListHook   func(ctx context.Context, fl *filter.F, m *MockAlphaBackendServices) (bool, []*alpha.BackendService, error)
+	InsertHook func(ctx context.Context, key *meta.Key, obj *alpha.BackendService, m *MockAlphaBackendServices) (bool, error)
+	DeleteHook func(ctx context.Context, key *meta.Key, m *MockAlphaBackendServices) (bool, error)
+	UpdateHook func(context.Context, *meta.Key, *alpha.BackendService, *MockAlphaBackendServices) error
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockAlphaBackendServices) Get(ctx context.Context, key *meta.Key) (*alpha.BackendService, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAlphaBackendServices.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockAlphaBackendServices.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToAlpha()
+		glog.V(5).Infof("MockAlphaBackendServices.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockAlphaBackendServices %v not found", key),
+	}
+	glog.V(5).Infof("MockAlphaBackendServices.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock.
+func (m *MockAlphaBackendServices) List(ctx context.Context, fl *filter.F) ([]*alpha.BackendService, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, fl, m); intercept {
+			glog.V(5).Infof("MockAlphaBackendServices.List(%v, %v) = [%v items], %v", ctx, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockAlphaBackendServices.List(%v, %v) = nil, %v", ctx, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*alpha.BackendService
+	for _, obj := range m.Objects {
+		if !fl.Match(obj.ToAlpha()) {
+			continue
+		}
+		objs = append(objs, obj.ToAlpha())
+	}
+
+	glog.V(5).Infof("MockAlphaBackendServices.List(%v, %v) = [%v items], nil", ctx, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockAlphaBackendServices) Insert(ctx context.Context, key *meta.Key, obj *alpha.BackendService) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockAlphaBackendServices.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockAlphaBackendServices.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockAlphaBackendServices %v exists", key),
+		}
+		glog.V(5).Infof("MockAlphaBackendServices.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "alpha", "backendServices")
+	obj.SelfLink = SelfLink(meta.VersionAlpha, projectID, "backendServices", key)
+
+	m.Objects[*key] = &MockBackendServicesObj{obj}
+	glog.V(5).Infof("MockAlphaBackendServices.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockAlphaBackendServices) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAlphaBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockAlphaBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockAlphaBackendServices %v not found", key),
+		}
+		glog.V(5).Infof("MockAlphaBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockAlphaBackendServices.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockAlphaBackendServices) Obj(o *alpha.BackendService) *MockBackendServicesObj {
+	return &MockBackendServicesObj{o}
+}
+
+// Update is a mock for the corresponding method.
+func (m *MockAlphaBackendServices) Update(ctx context.Context, key *meta.Key, arg0 *alpha.BackendService) error {
+	if m.UpdateHook != nil {
+		return m.UpdateHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// GCEAlphaBackendServices is a simplifying adapter for the GCE BackendServices.
+type GCEAlphaBackendServices struct {
+	s *Service
+}
+
+// Get the BackendService named by key.
+func (g *GCEAlphaBackendServices) Get(ctx context.Context, key *meta.Key) (*alpha.BackendService, error) {
+	glog.V(5).Infof("GCEAlphaBackendServices.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaBackendServices.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "BackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("alpha"),
+		Service:   "BackendServices",
+	}
+	glog.V(5).Infof("GCEAlphaBackendServices.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaBackendServices.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.Alpha.BackendServices.Get(projectID, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEAlphaBackendServices.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all BackendService objects.
+func (g *GCEAlphaBackendServices) List(ctx context.Context, fl *filter.F) ([]*alpha.BackendService, error) {
+	glog.V(5).Infof("GCEAlphaBackendServices.List(%v, %v) called", ctx, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "BackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("alpha"),
+		Service:   "BackendServices",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEAlphaBackendServices.List(%v, %v): projectID = %v, rk = %+v", ctx, fl, projectID, rk)
+	call := g.s.Alpha.BackendServices.List(projectID)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*alpha.BackendService
+	f := func(l *alpha.BackendServiceList) error {
+		glog.V(5).Infof("GCEAlphaBackendServices.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEAlphaBackendServices.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEAlphaBackendServices.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEAlphaBackendServices.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert BackendService with key of value obj.
+func (g *GCEAlphaBackendServices) Insert(ctx context.Context, key *meta.Key, obj *alpha.BackendService) error {
+	glog.V(5).Infof("GCEAlphaBackendServices.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaBackendServices.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "BackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("alpha"),
+		Service:   "BackendServices",
+	}
+	glog.V(5).Infof("GCEAlphaBackendServices.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaBackendServices.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.Alpha.BackendServices.Insert(projectID, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaBackendServices.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaBackendServices.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the BackendService referenced by key.
+func (g *GCEAlphaBackendServices) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEAlphaBackendServices.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaBackendServices.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "BackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("alpha"),
+		Service:   "BackendServices",
+	}
+	glog.V(5).Infof("GCEAlphaBackendServices.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaBackendServices.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Alpha.BackendServices.Delete(projectID, key.Name)
+
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// Update is a method on GCEAlphaBackendServices.
+func (g *GCEAlphaBackendServices) Update(ctx context.Context, key *meta.Key, arg0 *alpha.BackendService) error {
+	glog.V(5).Infof("GCEAlphaBackendServices.Update(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaBackendServices.Update(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "BackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Update",
+		Version:   meta.Version("alpha"),
+		Service:   "BackendServices",
+	}
+	glog.V(5).Infof("GCEAlphaBackendServices.Update(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaBackendServices.Update(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Alpha.BackendServices.Update(projectID, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaBackendServices.Update(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaBackendServices.Update(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// RegionBackendServices is an interface that allows for mocking of RegionBackendServices.
+type RegionBackendServices interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.BackendService, error)
+	List(ctx context.Context, region string, fl *filter.F) ([]*ga.BackendService, error)
+	Insert(ctx context.Context, key *meta.Key, obj *ga.BackendService) error
+	Delete(ctx context.Context, key *meta.Key) error
+	GetHealth(context.Context, *meta.Key, *ga.ResourceGroupReference) (*ga.BackendServiceGroupHealth, error)
+	Update(context.Context, *meta.Key, *ga.BackendService) error
+}
+
+// NewMockRegionBackendServices returns a new mock for RegionBackendServices.
+func NewMockRegionBackendServices(pr ProjectRouter, objs map[meta.Key]*MockRegionBackendServicesObj) *MockRegionBackendServices {
+	mock := &MockRegionBackendServices{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockRegionBackendServices is the mock for RegionBackendServices.
+type MockRegionBackendServices struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockRegionBackendServicesObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook       func(ctx context.Context, key *meta.Key, m *MockRegionBackendServices) (bool, *ga.BackendService, error)
+	ListHook      func(ctx context.Context, region string, fl *filter.F, m *MockRegionBackendServices) (bool, []*ga.BackendService, error)
+	InsertHook    func(ctx context.Context, key *meta.Key, obj *ga.BackendService, m *MockRegionBackendServices) (bool, error)
+	DeleteHook    func(ctx context.Context, key *meta.Key, m *MockRegionBackendServices) (bool, error)
+	GetHealthHook func(context.Context, *meta.Key, *ga.ResourceGroupReference, *MockRegionBackendServices) (*ga.BackendServiceGroupHealth, error)
+	UpdateHook    func(context.Context, *meta.Key, *ga.BackendService, *MockRegionBackendServices) error
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockRegionBackendServices) Get(ctx context.Context, key *meta.Key) (*ga.BackendService, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockRegionBackendServices.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockRegionBackendServices.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockRegionBackendServices.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockRegionBackendServices %v not found", key),
+	}
+	glog.V(5).Infof("MockRegionBackendServices.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock in the given region.
+func (m *MockRegionBackendServices) List(ctx context.Context, region string, fl *filter.F) ([]*ga.BackendService, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, region, fl, m); intercept {
+			glog.V(5).Infof("MockRegionBackendServices.List(%v, %q, %v) = [%v items], %v", ctx, region, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockRegionBackendServices.List(%v, %q, %v) = nil, %v", ctx, region, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.BackendService
+	for key, obj := range m.Objects {
+		if key.Region != region {
+			continue
+		}
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockRegionBackendServices.List(%v, %q, %v) = [%v items], nil", ctx, region, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockRegionBackendServices) Insert(ctx context.Context, key *meta.Key, obj *ga.BackendService) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockRegionBackendServices.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockRegionBackendServices.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockRegionBackendServices %v exists", key),
+		}
+		glog.V(5).Infof("MockRegionBackendServices.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "ga", "backendServices")
+	obj.SelfLink = SelfLink(meta.VersionGA, projectID, "backendServices", key)
+
+	m.Objects[*key] = &MockRegionBackendServicesObj{obj}
+	glog.V(5).Infof("MockRegionBackendServices.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockRegionBackendServices) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockRegionBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockRegionBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockRegionBackendServices %v not found", key),
+		}
+		glog.V(5).Infof("MockRegionBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockRegionBackendServices.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockRegionBackendServices) Obj(o *ga.BackendService) *MockRegionBackendServicesObj {
+	return &MockRegionBackendServicesObj{o}
+}
+
+// GetHealth is a mock for the corresponding method.
+func (m *MockRegionBackendServices) GetHealth(ctx context.Context, key *meta.Key, arg0 *ga.ResourceGroupReference) (*ga.BackendServiceGroupHealth, error) {
+	if m.GetHealthHook != nil {
+		return m.GetHealthHook(ctx, key, arg0, m)
+	}
+	return nil, fmt.Errorf("GetHealthHook must be set")
+}
+
+// Update is a mock for the corresponding method.
+func (m *MockRegionBackendServices) Update(ctx context.Context, key *meta.Key, arg0 *ga.BackendService) error {
+	if m.UpdateHook != nil {
+		return m.UpdateHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// GCERegionBackendServices is a simplifying adapter for the GCE RegionBackendServices.
+type GCERegionBackendServices struct {
+	s *Service
+}
+
+// Get the BackendService named by key.
+func (g *GCERegionBackendServices) Get(ctx context.Context, key *meta.Key) (*ga.BackendService, error) {
+	glog.V(5).Infof("GCERegionBackendServices.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCERegionBackendServices.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "RegionBackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "RegionBackendServices",
+	}
+	glog.V(5).Infof("GCERegionBackendServices.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCERegionBackendServices.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.RegionBackendServices.Get(projectID, key.Region, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCERegionBackendServices.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all BackendService objects.
+func (g *GCERegionBackendServices) List(ctx context.Context, region string, fl *filter.F) ([]*ga.BackendService, error) {
+	glog.V(5).Infof("GCERegionBackendServices.List(%v, %v, %v) called", ctx, region, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "RegionBackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "RegionBackendServices",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCERegionBackendServices.List(%v, %v, %v): projectID = %v, rk = %+v", ctx, region, fl, projectID, rk)
+	call := g.s.GA.RegionBackendServices.List(projectID, region)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.BackendService
+	f := func(l *ga.BackendServiceList) error {
+		glog.V(5).Infof("GCERegionBackendServices.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCERegionBackendServices.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCERegionBackendServices.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCERegionBackendServices.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert BackendService with key of value obj.
+func (g *GCERegionBackendServices) Insert(ctx context.Context, key *meta.Key, obj *ga.BackendService) error {
+	glog.V(5).Infof("GCERegionBackendServices.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCERegionBackendServices.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "RegionBackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("ga"),
+		Service:   "RegionBackendServices",
+	}
+	glog.V(5).Infof("GCERegionBackendServices.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCERegionBackendServices.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.GA.RegionBackendServices.Insert(projectID, key.Region, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCERegionBackendServices.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCERegionBackendServices.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the BackendService referenced by key.
+func (g *GCERegionBackendServices) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCERegionBackendServices.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCERegionBackendServices.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "RegionBackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("ga"),
+		Service:   "RegionBackendServices",
+	}
+	glog.V(5).Infof("GCERegionBackendServices.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCERegionBackendServices.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.RegionBackendServices.Delete(projectID, key.Region, key.Name)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCERegionBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCERegionBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// GetHealth is a method on GCERegionBackendServices.
+func (g *GCERegionBackendServices) GetHealth(ctx context.Context, key *meta.Key, arg0 *ga.ResourceGroupReference) (*ga.BackendServiceGroupHealth, error) {
+	glog.V(5).Infof("GCERegionBackendServices.GetHealth(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCERegionBackendServices.GetHealth(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "RegionBackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "GetHealth",
+		Version:   meta.Version("ga"),
+		Service:   "RegionBackendServices",
+	}
+	glog.V(5).Infof("GCERegionBackendServices.GetHealth(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCERegionBackendServices.GetHealth(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.RegionBackendServices.GetHealth(projectID, key.Region, key.Name, arg0)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCERegionBackendServices.GetHealth(%v, %v, ...) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// Update is a method on GCERegionBackendServices.
+func (g *GCERegionBackendServices) Update(ctx context.Context, key *meta.Key, arg0 *ga.BackendService) error {
+	glog.V(5).Infof("GCERegionBackendServices.Update(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCERegionBackendServices.Update(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "RegionBackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Update",
+		Version:   meta.Version("ga"),
+		Service:   "RegionBackendServices",
+	}
+	glog.V(5).Infof("GCERegionBackendServices.Update(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCERegionBackendServices.Update(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.RegionBackendServices.Update(projectID, key.Region, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCERegionBackendServices.Update(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCERegionBackendServices.Update(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// AlphaRegionBackendServices is an interface that allows for mocking of RegionBackendServices.
+type AlphaRegionBackendServices interface {
+	Get(ctx context.Context, key *meta.Key) (*alpha.BackendService, error)
+	List(ctx context.Context, region string, fl *filter.F) ([]*alpha.BackendService, error)
+	Insert(ctx context.Context, key *meta.Key, obj *alpha.BackendService) error
+	Delete(ctx context.Context, key *meta.Key) error
+	GetHealth(context.Context, *meta.Key, *alpha.ResourceGroupReference) (*alpha.BackendServiceGroupHealth, error)
+	Update(context.Context, *meta.Key, *alpha.BackendService) error
+}
+
+// NewMockAlphaRegionBackendServices returns a new mock for RegionBackendServices.
+func NewMockAlphaRegionBackendServices(pr ProjectRouter, objs map[meta.Key]*MockRegionBackendServicesObj) *MockAlphaRegionBackendServices {
+	mock := &MockAlphaRegionBackendServices{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockAlphaRegionBackendServices is the mock for RegionBackendServices.
+type MockAlphaRegionBackendServices struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockRegionBackendServicesObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook       func(ctx context.Context, key *meta.Key, m *MockAlphaRegionBackendServices) (bool, *alpha.BackendService, error)
+	ListHook      func(ctx context.Context, region string, fl *filter.F, m *MockAlphaRegionBackendServices) (bool, []*alpha.BackendService, error)
+	InsertHook    func(ctx context.Context, key *meta.Key, obj *alpha.BackendService, m *MockAlphaRegionBackendServices) (bool, error)
+	DeleteHook    func(ctx context.Context, key *meta.Key, m *MockAlphaRegionBackendServices) (bool, error)
+	GetHealthHook func(context.Context, *meta.Key, *alpha.ResourceGroupReference, *MockAlphaRegionBackendServices) (*alpha.BackendServiceGroupHealth, error)
+	UpdateHook    func(context.Context, *meta.Key, *alpha.BackendService, *MockAlphaRegionBackendServices) error
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockAlphaRegionBackendServices) Get(ctx context.Context, key *meta.Key) (*alpha.BackendService, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAlphaRegionBackendServices.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockAlphaRegionBackendServices.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToAlpha()
+		glog.V(5).Infof("MockAlphaRegionBackendServices.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockAlphaRegionBackendServices %v not found", key),
+	}
+	glog.V(5).Infof("MockAlphaRegionBackendServices.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock in the given region.
+func (m *MockAlphaRegionBackendServices) List(ctx context.Context, region string, fl *filter.F) ([]*alpha.BackendService, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, region, fl, m); intercept {
+			glog.V(5).Infof("MockAlphaRegionBackendServices.List(%v, %q, %v) = [%v items], %v", ctx, region, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockAlphaRegionBackendServices.List(%v, %q, %v) = nil, %v", ctx, region, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*alpha.BackendService
+	for key, obj := range m.Objects {
+		if key.Region != region {
+			continue
+		}
+		if !fl.Match(obj.ToAlpha()) {
+			continue
+		}
+		objs = append(objs, obj.ToAlpha())
+	}
+
+	glog.V(5).Infof("MockAlphaRegionBackendServices.List(%v, %q, %v) = [%v items], nil", ctx, region, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockAlphaRegionBackendServices) Insert(ctx context.Context, key *meta.Key, obj *alpha.BackendService) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockAlphaRegionBackendServices.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockAlphaRegionBackendServices.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockAlphaRegionBackendServices %v exists", key),
+		}
+		glog.V(5).Infof("MockAlphaRegionBackendServices.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "alpha", "backendServices")
+	obj.SelfLink = SelfLink(meta.VersionAlpha, projectID, "backendServices", key)
+
+	m.Objects[*key] = &MockRegionBackendServicesObj{obj}
+	glog.V(5).Infof("MockAlphaRegionBackendServices.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockAlphaRegionBackendServices) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAlphaRegionBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockAlphaRegionBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockAlphaRegionBackendServices %v not found", key),
+		}
+		glog.V(5).Infof("MockAlphaRegionBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockAlphaRegionBackendServices.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockAlphaRegionBackendServices) Obj(o *alpha.BackendService) *MockRegionBackendServicesObj {
+	return &MockRegionBackendServicesObj{o}
+}
+
+// GetHealth is a mock for the corresponding method.
+func (m *MockAlphaRegionBackendServices) GetHealth(ctx context.Context, key *meta.Key, arg0 *alpha.ResourceGroupReference) (*alpha.BackendServiceGroupHealth, error) {
+	if m.GetHealthHook != nil {
+		return m.GetHealthHook(ctx, key, arg0, m)
+	}
+	return nil, fmt.Errorf("GetHealthHook must be set")
+}
+
+// Update is a mock for the corresponding method.
+func (m *MockAlphaRegionBackendServices) Update(ctx context.Context, key *meta.Key, arg0 *alpha.BackendService) error {
+	if m.UpdateHook != nil {
+		return m.UpdateHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// GCEAlphaRegionBackendServices is a simplifying adapter for the GCE RegionBackendServices.
+type GCEAlphaRegionBackendServices struct {
+	s *Service
+}
+
+// Get the BackendService named by key.
+func (g *GCEAlphaRegionBackendServices) Get(ctx context.Context, key *meta.Key) (*alpha.BackendService, error) {
+	glog.V(5).Infof("GCEAlphaRegionBackendServices.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaRegionBackendServices.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "RegionBackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("alpha"),
+		Service:   "RegionBackendServices",
+	}
+	glog.V(5).Infof("GCEAlphaRegionBackendServices.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaRegionBackendServices.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.Alpha.RegionBackendServices.Get(projectID, key.Region, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEAlphaRegionBackendServices.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all BackendService objects.
+func (g *GCEAlphaRegionBackendServices) List(ctx context.Context, region string, fl *filter.F) ([]*alpha.BackendService, error) {
+	glog.V(5).Infof("GCEAlphaRegionBackendServices.List(%v, %v, %v) called", ctx, region, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "RegionBackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("alpha"),
+		Service:   "RegionBackendServices",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEAlphaRegionBackendServices.List(%v, %v, %v): projectID = %v, rk = %+v", ctx, region, fl, projectID, rk)
+	call := g.s.Alpha.RegionBackendServices.List(projectID, region)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*alpha.BackendService
+	f := func(l *alpha.BackendServiceList) error {
+		glog.V(5).Infof("GCEAlphaRegionBackendServices.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEAlphaRegionBackendServices.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEAlphaRegionBackendServices.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEAlphaRegionBackendServices.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert BackendService with key of value obj.
+func (g *GCEAlphaRegionBackendServices) Insert(ctx context.Context, key *meta.Key, obj *alpha.BackendService) error {
+	glog.V(5).Infof("GCEAlphaRegionBackendServices.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaRegionBackendServices.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "RegionBackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("alpha"),
+		Service:   "RegionBackendServices",
+	}
+	glog.V(5).Infof("GCEAlphaRegionBackendServices.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaRegionBackendServices.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.Alpha.RegionBackendServices.Insert(projectID, key.Region, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaRegionBackendServices.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaRegionBackendServices.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the BackendService referenced by key.
+func (g *GCEAlphaRegionBackendServices) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEAlphaRegionBackendServices.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaRegionBackendServices.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "RegionBackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("alpha"),
+		Service:   "RegionBackendServices",
+	}
+	glog.V(5).Infof("GCEAlphaRegionBackendServices.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaRegionBackendServices.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Alpha.RegionBackendServices.Delete(projectID, key.Region, key.Name)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaRegionBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaRegionBackendServices.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// GetHealth is a method on GCEAlphaRegionBackendServices.
+func (g *GCEAlphaRegionBackendServices) GetHealth(ctx context.Context, key *meta.Key, arg0 *alpha.ResourceGroupReference) (*alpha.BackendServiceGroupHealth, error) {
+	glog.V(5).Infof("GCEAlphaRegionBackendServices.GetHealth(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaRegionBackendServices.GetHealth(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "RegionBackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "GetHealth",
+		Version:   meta.Version("alpha"),
+		Service:   "RegionBackendServices",
+	}
+	glog.V(5).Infof("GCEAlphaRegionBackendServices.GetHealth(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaRegionBackendServices.GetHealth(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.Alpha.RegionBackendServices.GetHealth(projectID, key.Region, key.Name, arg0)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEAlphaRegionBackendServices.GetHealth(%v, %v, ...) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// Update is a method on GCEAlphaRegionBackendServices.
+func (g *GCEAlphaRegionBackendServices) Update(ctx context.Context, key *meta.Key, arg0 *alpha.BackendService) error {
+	glog.V(5).Infof("GCEAlphaRegionBackendServices.Update(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaRegionBackendServices.Update(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "RegionBackendServices")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Update",
+		Version:   meta.Version("alpha"),
+		Service:   "RegionBackendServices",
+	}
+	glog.V(5).Infof("GCEAlphaRegionBackendServices.Update(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaRegionBackendServices.Update(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Alpha.RegionBackendServices.Update(projectID, key.Region, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaRegionBackendServices.Update(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaRegionBackendServices.Update(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// Disks is an interface that allows for mocking of Disks.
+type Disks interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.Disk, error)
+	List(ctx context.Context, zone string, fl *filter.F) ([]*ga.Disk, error)
+	Insert(ctx context.Context, key *meta.Key, obj *ga.Disk) error
+	Delete(ctx context.Context, key *meta.Key) error
+}
+
+// NewMockDisks returns a new mock for Disks.
+func NewMockDisks(pr ProjectRouter, objs map[meta.Key]*MockDisksObj) *MockDisks {
+	mock := &MockDisks{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockDisks is the mock for Disks.
+type MockDisks struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockDisksObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook    func(ctx context.Context, key *meta.Key, m *MockDisks) (bool, *ga.Disk, error)
+	ListHook   func(ctx context.Context, zone string, fl *filter.F, m *MockDisks) (bool, []*ga.Disk, error)
+	InsertHook func(ctx context.Context, key *meta.Key, obj *ga.Disk, m *MockDisks) (bool, error)
+	DeleteHook func(ctx context.Context, key *meta.Key, m *MockDisks) (bool, error)
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockDisks) Get(ctx context.Context, key *meta.Key) (*ga.Disk, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockDisks.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockDisks.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockDisks.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockDisks %v not found", key),
+	}
+	glog.V(5).Infof("MockDisks.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock in the given zone.
+func (m *MockDisks) List(ctx context.Context, zone string, fl *filter.F) ([]*ga.Disk, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, zone, fl, m); intercept {
+			glog.V(5).Infof("MockDisks.List(%v, %q, %v) = [%v items], %v", ctx, zone, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockDisks.List(%v, %q, %v) = nil, %v", ctx, zone, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.Disk
+	for key, obj := range m.Objects {
+		if key.Zone != zone {
+			continue
+		}
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockDisks.List(%v, %q, %v) = [%v items], nil", ctx, zone, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockDisks) Insert(ctx context.Context, key *meta.Key, obj *ga.Disk) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockDisks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockDisks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockDisks %v exists", key),
+		}
+		glog.V(5).Infof("MockDisks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "ga", "disks")
+	obj.SelfLink = SelfLink(meta.VersionGA, projectID, "disks", key)
+
+	m.Objects[*key] = &MockDisksObj{obj}
+	glog.V(5).Infof("MockDisks.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockDisks) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockDisks.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockDisks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockDisks %v not found", key),
+		}
+		glog.V(5).Infof("MockDisks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockDisks.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockDisks) Obj(o *ga.Disk) *MockDisksObj {
+	return &MockDisksObj{o}
+}
+
+// GCEDisks is a simplifying adapter for the GCE Disks.
+type GCEDisks struct {
+	s *Service
+}
+
+// Get the Disk named by key.
+func (g *GCEDisks) Get(ctx context.Context, key *meta.Key) (*ga.Disk, error) {
+	glog.V(5).Infof("GCEDisks.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEDisks.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Disks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "Disks",
+	}
+	glog.V(5).Infof("GCEDisks.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEDisks.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.Disks.Get(projectID, key.Zone, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEDisks.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all Disk objects.
+func (g *GCEDisks) List(ctx context.Context, zone string, fl *filter.F) ([]*ga.Disk, error) {
+	glog.V(5).Infof("GCEDisks.List(%v, %v, %v) called", ctx, zone, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Disks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "Disks",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEDisks.List(%v, %v, %v): projectID = %v, rk = %+v", ctx, zone, fl, projectID, rk)
+	call := g.s.GA.Disks.List(projectID, zone)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.Disk
+	f := func(l *ga.DiskList) error {
+		glog.V(5).Infof("GCEDisks.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEDisks.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEDisks.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEDisks.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert Disk with key of value obj.
+func (g *GCEDisks) Insert(ctx context.Context, key *meta.Key, obj *ga.Disk) error {
+	glog.V(5).Infof("GCEDisks.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEDisks.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Disks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("ga"),
+		Service:   "Disks",
+	}
+	glog.V(5).Infof("GCEDisks.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEDisks.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.GA.Disks.Insert(projectID, key.Zone, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEDisks.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEDisks.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the Disk referenced by key.
+func (g *GCEDisks) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEDisks.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEDisks.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Disks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("ga"),
+		Service:   "Disks",
+	}
+	glog.V(5).Infof("GCEDisks.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEDisks.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.Disks.Delete(projectID, key.Zone, key.Name)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEDisks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEDisks.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// AlphaDisks is an interface that allows for mocking of Disks.
+type AlphaDisks interface {
+	Get(ctx context.Context, key *meta.Key) (*alpha.Disk, error)
+	List(ctx context.Context, zone string, fl *filter.F) ([]*alpha.Disk, error)
+	Insert(ctx context.Context, key *meta.Key, obj *alpha.Disk) error
+	Delete(ctx context.Context, key *meta.Key) error
+}
+
+// NewMockAlphaDisks returns a new mock for Disks.
+func NewMockAlphaDisks(pr ProjectRouter, objs map[meta.Key]*MockDisksObj) *MockAlphaDisks {
+	mock := &MockAlphaDisks{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockAlphaDisks is the mock for Disks.
+type MockAlphaDisks struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockDisksObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook    func(ctx context.Context, key *meta.Key, m *MockAlphaDisks) (bool, *alpha.Disk, error)
+	ListHook   func(ctx context.Context, zone string, fl *filter.F, m *MockAlphaDisks) (bool, []*alpha.Disk, error)
+	InsertHook func(ctx context.Context, key *meta.Key, obj *alpha.Disk, m *MockAlphaDisks) (bool, error)
+	DeleteHook func(ctx context.Context, key *meta.Key, m *MockAlphaDisks) (bool, error)
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockAlphaDisks) Get(ctx context.Context, key *meta.Key) (*alpha.Disk, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAlphaDisks.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockAlphaDisks.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToAlpha()
+		glog.V(5).Infof("MockAlphaDisks.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockAlphaDisks %v not found", key),
+	}
+	glog.V(5).Infof("MockAlphaDisks.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock in the given zone.
+func (m *MockAlphaDisks) List(ctx context.Context, zone string, fl *filter.F) ([]*alpha.Disk, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, zone, fl, m); intercept {
+			glog.V(5).Infof("MockAlphaDisks.List(%v, %q, %v) = [%v items], %v", ctx, zone, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockAlphaDisks.List(%v, %q, %v) = nil, %v", ctx, zone, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*alpha.Disk
+	for key, obj := range m.Objects {
+		if key.Zone != zone {
+			continue
+		}
+		if !fl.Match(obj.ToAlpha()) {
+			continue
+		}
+		objs = append(objs, obj.ToAlpha())
+	}
+
+	glog.V(5).Infof("MockAlphaDisks.List(%v, %q, %v) = [%v items], nil", ctx, zone, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockAlphaDisks) Insert(ctx context.Context, key *meta.Key, obj *alpha.Disk) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockAlphaDisks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockAlphaDisks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockAlphaDisks %v exists", key),
+		}
+		glog.V(5).Infof("MockAlphaDisks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "alpha", "disks")
+	obj.SelfLink = SelfLink(meta.VersionAlpha, projectID, "disks", key)
+
+	m.Objects[*key] = &MockDisksObj{obj}
+	glog.V(5).Infof("MockAlphaDisks.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockAlphaDisks) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAlphaDisks.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockAlphaDisks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockAlphaDisks %v not found", key),
+		}
+		glog.V(5).Infof("MockAlphaDisks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockAlphaDisks.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockAlphaDisks) Obj(o *alpha.Disk) *MockDisksObj {
+	return &MockDisksObj{o}
+}
+
+// GCEAlphaDisks is a simplifying adapter for the GCE Disks.
+type GCEAlphaDisks struct {
+	s *Service
+}
+
+// Get the Disk named by key.
+func (g *GCEAlphaDisks) Get(ctx context.Context, key *meta.Key) (*alpha.Disk, error) {
+	glog.V(5).Infof("GCEAlphaDisks.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaDisks.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "Disks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("alpha"),
+		Service:   "Disks",
+	}
+	glog.V(5).Infof("GCEAlphaDisks.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaDisks.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.Alpha.Disks.Get(projectID, key.Zone, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEAlphaDisks.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all Disk objects.
+func (g *GCEAlphaDisks) List(ctx context.Context, zone string, fl *filter.F) ([]*alpha.Disk, error) {
+	glog.V(5).Infof("GCEAlphaDisks.List(%v, %v, %v) called", ctx, zone, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "Disks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("alpha"),
+		Service:   "Disks",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEAlphaDisks.List(%v, %v, %v): projectID = %v, rk = %+v", ctx, zone, fl, projectID, rk)
+	call := g.s.Alpha.Disks.List(projectID, zone)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*alpha.Disk
+	f := func(l *alpha.DiskList) error {
+		glog.V(5).Infof("GCEAlphaDisks.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEAlphaDisks.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEAlphaDisks.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEAlphaDisks.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert Disk with key of value obj.
+func (g *GCEAlphaDisks) Insert(ctx context.Context, key *meta.Key, obj *alpha.Disk) error {
+	glog.V(5).Infof("GCEAlphaDisks.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaDisks.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "Disks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("alpha"),
+		Service:   "Disks",
+	}
+	glog.V(5).Infof("GCEAlphaDisks.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaDisks.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.Alpha.Disks.Insert(projectID, key.Zone, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaDisks.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaDisks.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the Disk referenced by key.
+func (g *GCEAlphaDisks) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEAlphaDisks.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaDisks.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "Disks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("alpha"),
+		Service:   "Disks",
+	}
+	glog.V(5).Infof("GCEAlphaDisks.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaDisks.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Alpha.Disks.Delete(projectID, key.Zone, key.Name)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaDisks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaDisks.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// AlphaRegionDisks is an interface that allows for mocking of RegionDisks.
+type AlphaRegionDisks interface {
+	Get(ctx context.Context, key *meta.Key) (*alpha.Disk, error)
+	List(ctx context.Context, region string, fl *filter.F) ([]*alpha.Disk, error)
+	Insert(ctx context.Context, key *meta.Key, obj *alpha.Disk) error
+	Delete(ctx context.Context, key *meta.Key) error
+}
+
+// NewMockAlphaRegionDisks returns a new mock for RegionDisks.
+func NewMockAlphaRegionDisks(pr ProjectRouter, objs map[meta.Key]*MockRegionDisksObj) *MockAlphaRegionDisks {
+	mock := &MockAlphaRegionDisks{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockAlphaRegionDisks is the mock for RegionDisks.
+type MockAlphaRegionDisks struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockRegionDisksObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook    func(ctx context.Context, key *meta.Key, m *MockAlphaRegionDisks) (bool, *alpha.Disk, error)
+	ListHook   func(ctx context.Context, region string, fl *filter.F, m *MockAlphaRegionDisks) (bool, []*alpha.Disk, error)
+	InsertHook func(ctx context.Context, key *meta.Key, obj *alpha.Disk, m *MockAlphaRegionDisks) (bool, error)
+	DeleteHook func(ctx context.Context, key *meta.Key, m *MockAlphaRegionDisks) (bool, error)
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockAlphaRegionDisks) Get(ctx context.Context, key *meta.Key) (*alpha.Disk, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAlphaRegionDisks.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockAlphaRegionDisks.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToAlpha()
+		glog.V(5).Infof("MockAlphaRegionDisks.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockAlphaRegionDisks %v not found", key),
+	}
+	glog.V(5).Infof("MockAlphaRegionDisks.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock in the given region.
+func (m *MockAlphaRegionDisks) List(ctx context.Context, region string, fl *filter.F) ([]*alpha.Disk, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, region, fl, m); intercept {
+			glog.V(5).Infof("MockAlphaRegionDisks.List(%v, %q, %v) = [%v items], %v", ctx, region, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockAlphaRegionDisks.List(%v, %q, %v) = nil, %v", ctx, region, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*alpha.Disk
+	for key, obj := range m.Objects {
+		if key.Region != region {
+			continue
+		}
+		if !fl.Match(obj.ToAlpha()) {
+			continue
+		}
+		objs = append(objs, obj.ToAlpha())
+	}
+
+	glog.V(5).Infof("MockAlphaRegionDisks.List(%v, %q, %v) = [%v items], nil", ctx, region, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockAlphaRegionDisks) Insert(ctx context.Context, key *meta.Key, obj *alpha.Disk) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockAlphaRegionDisks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockAlphaRegionDisks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockAlphaRegionDisks %v exists", key),
+		}
+		glog.V(5).Infof("MockAlphaRegionDisks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "alpha", "disks")
+	obj.SelfLink = SelfLink(meta.VersionAlpha, projectID, "disks", key)
+
+	m.Objects[*key] = &MockRegionDisksObj{obj}
+	glog.V(5).Infof("MockAlphaRegionDisks.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockAlphaRegionDisks) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAlphaRegionDisks.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockAlphaRegionDisks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockAlphaRegionDisks %v not found", key),
+		}
+		glog.V(5).Infof("MockAlphaRegionDisks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockAlphaRegionDisks.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockAlphaRegionDisks) Obj(o *alpha.Disk) *MockRegionDisksObj {
+	return &MockRegionDisksObj{o}
+}
+
+// GCEAlphaRegionDisks is a simplifying adapter for the GCE RegionDisks.
+type GCEAlphaRegionDisks struct {
+	s *Service
+}
+
+// Get the Disk named by key.
+func (g *GCEAlphaRegionDisks) Get(ctx context.Context, key *meta.Key) (*alpha.Disk, error) {
+	glog.V(5).Infof("GCEAlphaRegionDisks.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaRegionDisks.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "RegionDisks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("alpha"),
+		Service:   "RegionDisks",
+	}
+	glog.V(5).Infof("GCEAlphaRegionDisks.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaRegionDisks.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.Alpha.RegionDisks.Get(projectID, key.Region, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEAlphaRegionDisks.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all Disk objects.
+func (g *GCEAlphaRegionDisks) List(ctx context.Context, region string, fl *filter.F) ([]*alpha.Disk, error) {
+	glog.V(5).Infof("GCEAlphaRegionDisks.List(%v, %v, %v) called", ctx, region, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "RegionDisks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("alpha"),
+		Service:   "RegionDisks",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEAlphaRegionDisks.List(%v, %v, %v): projectID = %v, rk = %+v", ctx, region, fl, projectID, rk)
+	call := g.s.Alpha.RegionDisks.List(projectID, region)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*alpha.Disk
+	f := func(l *alpha.DiskList) error {
+		glog.V(5).Infof("GCEAlphaRegionDisks.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEAlphaRegionDisks.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEAlphaRegionDisks.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEAlphaRegionDisks.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert Disk with key of value obj.
+func (g *GCEAlphaRegionDisks) Insert(ctx context.Context, key *meta.Key, obj *alpha.Disk) error {
+	glog.V(5).Infof("GCEAlphaRegionDisks.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaRegionDisks.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "RegionDisks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("alpha"),
+		Service:   "RegionDisks",
+	}
+	glog.V(5).Infof("GCEAlphaRegionDisks.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaRegionDisks.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.Alpha.RegionDisks.Insert(projectID, key.Region, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaRegionDisks.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaRegionDisks.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the Disk referenced by key.
+func (g *GCEAlphaRegionDisks) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEAlphaRegionDisks.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaRegionDisks.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "RegionDisks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("alpha"),
+		Service:   "RegionDisks",
+	}
+	glog.V(5).Infof("GCEAlphaRegionDisks.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaRegionDisks.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Alpha.RegionDisks.Delete(projectID, key.Region, key.Name)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaRegionDisks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaRegionDisks.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// Firewalls is an interface that allows for mocking of Firewalls.
+type Firewalls interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.Firewall, error)
+	List(ctx context.Context, fl *filter.F) ([]*ga.Firewall, error)
+	Insert(ctx context.Context, key *meta.Key, obj *ga.Firewall) error
+	Delete(ctx context.Context, key *meta.Key) error
+	Update(context.Context, *meta.Key, *ga.Firewall) error
+}
+
+// NewMockFirewalls returns a new mock for Firewalls.
+func NewMockFirewalls(pr ProjectRouter, objs map[meta.Key]*MockFirewallsObj) *MockFirewalls {
+	mock := &MockFirewalls{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockFirewalls is the mock for Firewalls.
+type MockFirewalls struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockFirewallsObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook    func(ctx context.Context, key *meta.Key, m *MockFirewalls) (bool, *ga.Firewall, error)
+	ListHook   func(ctx context.Context, fl *filter.F, m *MockFirewalls) (bool, []*ga.Firewall, error)
+	InsertHook func(ctx context.Context, key *meta.Key, obj *ga.Firewall, m *MockFirewalls) (bool, error)
+	DeleteHook func(ctx context.Context, key *meta.Key, m *MockFirewalls) (bool, error)
+	UpdateHook func(context.Context, *meta.Key, *ga.Firewall, *MockFirewalls) error
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockFirewalls) Get(ctx context.Context, key *meta.Key) (*ga.Firewall, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockFirewalls.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockFirewalls.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockFirewalls.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockFirewalls %v not found", key),
+	}
+	glog.V(5).Infof("MockFirewalls.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock.
+func (m *MockFirewalls) List(ctx context.Context, fl *filter.F) ([]*ga.Firewall, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, fl, m); intercept {
+			glog.V(5).Infof("MockFirewalls.List(%v, %v) = [%v items], %v", ctx, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockFirewalls.List(%v, %v) = nil, %v", ctx, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.Firewall
+	for _, obj := range m.Objects {
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockFirewalls.List(%v, %v) = [%v items], nil", ctx, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockFirewalls) Insert(ctx context.Context, key *meta.Key, obj *ga.Firewall) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockFirewalls.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockFirewalls.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockFirewalls %v exists", key),
+		}
+		glog.V(5).Infof("MockFirewalls.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "ga", "firewalls")
+	obj.SelfLink = SelfLink(meta.VersionGA, projectID, "firewalls", key)
+
+	m.Objects[*key] = &MockFirewallsObj{obj}
+	glog.V(5).Infof("MockFirewalls.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockFirewalls) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockFirewalls.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockFirewalls.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockFirewalls %v not found", key),
+		}
+		glog.V(5).Infof("MockFirewalls.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockFirewalls.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockFirewalls) Obj(o *ga.Firewall) *MockFirewallsObj {
+	return &MockFirewallsObj{o}
+}
+
+// Update is a mock for the corresponding method.
+func (m *MockFirewalls) Update(ctx context.Context, key *meta.Key, arg0 *ga.Firewall) error {
+	if m.UpdateHook != nil {
+		return m.UpdateHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// GCEFirewalls is a simplifying adapter for the GCE Firewalls.
+type GCEFirewalls struct {
+	s *Service
+}
+
+// Get the Firewall named by key.
+func (g *GCEFirewalls) Get(ctx context.Context, key *meta.Key) (*ga.Firewall, error) {
+	glog.V(5).Infof("GCEFirewalls.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEFirewalls.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Firewalls")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "Firewalls",
+	}
+	glog.V(5).Infof("GCEFirewalls.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEFirewalls.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.Firewalls.Get(projectID, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEFirewalls.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all Firewall objects.
+func (g *GCEFirewalls) List(ctx context.Context, fl *filter.F) ([]*ga.Firewall, error) {
+	glog.V(5).Infof("GCEFirewalls.List(%v, %v) called", ctx, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Firewalls")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "Firewalls",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEFirewalls.List(%v, %v): projectID = %v, rk = %+v", ctx, fl, projectID, rk)
+	call := g.s.GA.Firewalls.List(projectID)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.Firewall
+	f := func(l *ga.FirewallList) error {
+		glog.V(5).Infof("GCEFirewalls.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEFirewalls.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEFirewalls.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEFirewalls.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert Firewall with key of value obj.
+func (g *GCEFirewalls) Insert(ctx context.Context, key *meta.Key, obj *ga.Firewall) error {
+	glog.V(5).Infof("GCEFirewalls.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEFirewalls.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Firewalls")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("ga"),
+		Service:   "Firewalls",
+	}
+	glog.V(5).Infof("GCEFirewalls.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEFirewalls.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.GA.Firewalls.Insert(projectID, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEFirewalls.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEFirewalls.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the Firewall referenced by key.
+func (g *GCEFirewalls) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEFirewalls.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEFirewalls.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Firewalls")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("ga"),
+		Service:   "Firewalls",
+	}
+	glog.V(5).Infof("GCEFirewalls.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEFirewalls.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.Firewalls.Delete(projectID, key.Name)
+
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEFirewalls.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEFirewalls.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// Update is a method on GCEFirewalls.
+func (g *GCEFirewalls) Update(ctx context.Context, key *meta.Key, arg0 *ga.Firewall) error {
+	glog.V(5).Infof("GCEFirewalls.Update(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEFirewalls.Update(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Firewalls")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Update",
+		Version:   meta.Version("ga"),
+		Service:   "Firewalls",
+	}
+	glog.V(5).Infof("GCEFirewalls.Update(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEFirewalls.Update(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.Firewalls.Update(projectID, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEFirewalls.Update(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEFirewalls.Update(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// ForwardingRules is an interface that allows for mocking of ForwardingRules.
+type ForwardingRules interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.ForwardingRule, error)
+	List(ctx context.Context, region string, fl *filter.F) ([]*ga.ForwardingRule, error)
+	Insert(ctx context.Context, key *meta.Key, obj *ga.ForwardingRule) error
+	Delete(ctx context.Context, key *meta.Key) error
+}
+
+// NewMockForwardingRules returns a new mock for ForwardingRules.
+func NewMockForwardingRules(pr ProjectRouter, objs map[meta.Key]*MockForwardingRulesObj) *MockForwardingRules {
+	mock := &MockForwardingRules{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockForwardingRules is the mock for ForwardingRules.
+type MockForwardingRules struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockForwardingRulesObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook    func(ctx context.Context, key *meta.Key, m *MockForwardingRules) (bool, *ga.ForwardingRule, error)
+	ListHook   func(ctx context.Context, region string, fl *filter.F, m *MockForwardingRules) (bool, []*ga.ForwardingRule, error)
+	InsertHook func(ctx context.Context, key *meta.Key, obj *ga.ForwardingRule, m *MockForwardingRules) (bool, error)
+	DeleteHook func(ctx context.Context, key *meta.Key, m *MockForwardingRules) (bool, error)
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockForwardingRules) Get(ctx context.Context, key *meta.Key) (*ga.ForwardingRule, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockForwardingRules.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockForwardingRules.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockForwardingRules.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockForwardingRules %v not found", key),
+	}
+	glog.V(5).Infof("MockForwardingRules.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock in the given region.
+func (m *MockForwardingRules) List(ctx context.Context, region string, fl *filter.F) ([]*ga.ForwardingRule, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, region, fl, m); intercept {
+			glog.V(5).Infof("MockForwardingRules.List(%v, %q, %v) = [%v items], %v", ctx, region, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockForwardingRules.List(%v, %q, %v) = nil, %v", ctx, region, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.ForwardingRule
+	for key, obj := range m.Objects {
+		if key.Region != region {
+			continue
+		}
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockForwardingRules.List(%v, %q, %v) = [%v items], nil", ctx, region, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockForwardingRules) Insert(ctx context.Context, key *meta.Key, obj *ga.ForwardingRule) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockForwardingRules.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockForwardingRules.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockForwardingRules %v exists", key),
+		}
+		glog.V(5).Infof("MockForwardingRules.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "ga", "forwardingRules")
+	obj.SelfLink = SelfLink(meta.VersionGA, projectID, "forwardingRules", key)
+
+	m.Objects[*key] = &MockForwardingRulesObj{obj}
+	glog.V(5).Infof("MockForwardingRules.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockForwardingRules) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockForwardingRules.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockForwardingRules.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockForwardingRules %v not found", key),
+		}
+		glog.V(5).Infof("MockForwardingRules.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockForwardingRules.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockForwardingRules) Obj(o *ga.ForwardingRule) *MockForwardingRulesObj {
+	return &MockForwardingRulesObj{o}
+}
+
+// GCEForwardingRules is a simplifying adapter for the GCE ForwardingRules.
+type GCEForwardingRules struct {
+	s *Service
+}
+
+// Get the ForwardingRule named by key.
+func (g *GCEForwardingRules) Get(ctx context.Context, key *meta.Key) (*ga.ForwardingRule, error) {
+	glog.V(5).Infof("GCEForwardingRules.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEForwardingRules.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "ForwardingRules")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "ForwardingRules",
+	}
+	glog.V(5).Infof("GCEForwardingRules.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEForwardingRules.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.ForwardingRules.Get(projectID, key.Region, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEForwardingRules.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all ForwardingRule objects.
+func (g *GCEForwardingRules) List(ctx context.Context, region string, fl *filter.F) ([]*ga.ForwardingRule, error) {
+	glog.V(5).Infof("GCEForwardingRules.List(%v, %v, %v) called", ctx, region, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "ForwardingRules")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "ForwardingRules",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEForwardingRules.List(%v, %v, %v): projectID = %v, rk = %+v", ctx, region, fl, projectID, rk)
+	call := g.s.GA.ForwardingRules.List(projectID, region)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.ForwardingRule
+	f := func(l *ga.ForwardingRuleList) error {
+		glog.V(5).Infof("GCEForwardingRules.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEForwardingRules.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEForwardingRules.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEForwardingRules.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert ForwardingRule with key of value obj.
+func (g *GCEForwardingRules) Insert(ctx context.Context, key *meta.Key, obj *ga.ForwardingRule) error {
+	glog.V(5).Infof("GCEForwardingRules.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEForwardingRules.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "ForwardingRules")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("ga"),
+		Service:   "ForwardingRules",
+	}
+	glog.V(5).Infof("GCEForwardingRules.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEForwardingRules.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.GA.ForwardingRules.Insert(projectID, key.Region, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEForwardingRules.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEForwardingRules.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the ForwardingRule referenced by key.
+func (g *GCEForwardingRules) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEForwardingRules.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEForwardingRules.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "ForwardingRules")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("ga"),
+		Service:   "ForwardingRules",
+	}
+	glog.V(5).Infof("GCEForwardingRules.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEForwardingRules.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.ForwardingRules.Delete(projectID, key.Region, key.Name)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEForwardingRules.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEForwardingRules.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// AlphaForwardingRules is an interface that allows for mocking of ForwardingRules.
+type AlphaForwardingRules interface {
+	Get(ctx context.Context, key *meta.Key) (*alpha.ForwardingRule, error)
+	List(ctx context.Context, region string, fl *filter.F) ([]*alpha.ForwardingRule, error)
+	Insert(ctx context.Context, key *meta.Key, obj *alpha.ForwardingRule) error
+	Delete(ctx context.Context, key *meta.Key) error
+}
+
+// NewMockAlphaForwardingRules returns a new mock for ForwardingRules.
+func NewMockAlphaForwardingRules(pr ProjectRouter, objs map[meta.Key]*MockForwardingRulesObj) *MockAlphaForwardingRules {
+	mock := &MockAlphaForwardingRules{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockAlphaForwardingRules is the mock for ForwardingRules.
+type MockAlphaForwardingRules struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockForwardingRulesObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook    func(ctx context.Context, key *meta.Key, m *MockAlphaForwardingRules) (bool, *alpha.ForwardingRule, error)
+	ListHook   func(ctx context.Context, region string, fl *filter.F, m *MockAlphaForwardingRules) (bool, []*alpha.ForwardingRule, error)
+	InsertHook func(ctx context.Context, key *meta.Key, obj *alpha.ForwardingRule, m *MockAlphaForwardingRules) (bool, error)
+	DeleteHook func(ctx context.Context, key *meta.Key, m *MockAlphaForwardingRules) (bool, error)
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockAlphaForwardingRules) Get(ctx context.Context, key *meta.Key) (*alpha.ForwardingRule, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAlphaForwardingRules.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockAlphaForwardingRules.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToAlpha()
+		glog.V(5).Infof("MockAlphaForwardingRules.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockAlphaForwardingRules %v not found", key),
+	}
+	glog.V(5).Infof("MockAlphaForwardingRules.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock in the given region.
+func (m *MockAlphaForwardingRules) List(ctx context.Context, region string, fl *filter.F) ([]*alpha.ForwardingRule, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, region, fl, m); intercept {
+			glog.V(5).Infof("MockAlphaForwardingRules.List(%v, %q, %v) = [%v items], %v", ctx, region, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockAlphaForwardingRules.List(%v, %q, %v) = nil, %v", ctx, region, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*alpha.ForwardingRule
+	for key, obj := range m.Objects {
+		if key.Region != region {
+			continue
+		}
+		if !fl.Match(obj.ToAlpha()) {
+			continue
+		}
+		objs = append(objs, obj.ToAlpha())
+	}
+
+	glog.V(5).Infof("MockAlphaForwardingRules.List(%v, %q, %v) = [%v items], nil", ctx, region, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockAlphaForwardingRules) Insert(ctx context.Context, key *meta.Key, obj *alpha.ForwardingRule) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockAlphaForwardingRules.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockAlphaForwardingRules.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockAlphaForwardingRules %v exists", key),
+		}
+		glog.V(5).Infof("MockAlphaForwardingRules.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "alpha", "forwardingRules")
+	obj.SelfLink = SelfLink(meta.VersionAlpha, projectID, "forwardingRules", key)
+
+	m.Objects[*key] = &MockForwardingRulesObj{obj}
+	glog.V(5).Infof("MockAlphaForwardingRules.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockAlphaForwardingRules) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAlphaForwardingRules.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockAlphaForwardingRules.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockAlphaForwardingRules %v not found", key),
+		}
+		glog.V(5).Infof("MockAlphaForwardingRules.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockAlphaForwardingRules.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockAlphaForwardingRules) Obj(o *alpha.ForwardingRule) *MockForwardingRulesObj {
+	return &MockForwardingRulesObj{o}
+}
+
+// GCEAlphaForwardingRules is a simplifying adapter for the GCE ForwardingRules.
+type GCEAlphaForwardingRules struct {
+	s *Service
+}
+
+// Get the ForwardingRule named by key.
+func (g *GCEAlphaForwardingRules) Get(ctx context.Context, key *meta.Key) (*alpha.ForwardingRule, error) {
+	glog.V(5).Infof("GCEAlphaForwardingRules.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaForwardingRules.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "ForwardingRules")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("alpha"),
+		Service:   "ForwardingRules",
+	}
+	glog.V(5).Infof("GCEAlphaForwardingRules.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaForwardingRules.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.Alpha.ForwardingRules.Get(projectID, key.Region, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEAlphaForwardingRules.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all ForwardingRule objects.
+func (g *GCEAlphaForwardingRules) List(ctx context.Context, region string, fl *filter.F) ([]*alpha.ForwardingRule, error) {
+	glog.V(5).Infof("GCEAlphaForwardingRules.List(%v, %v, %v) called", ctx, region, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "ForwardingRules")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("alpha"),
+		Service:   "ForwardingRules",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEAlphaForwardingRules.List(%v, %v, %v): projectID = %v, rk = %+v", ctx, region, fl, projectID, rk)
+	call := g.s.Alpha.ForwardingRules.List(projectID, region)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*alpha.ForwardingRule
+	f := func(l *alpha.ForwardingRuleList) error {
+		glog.V(5).Infof("GCEAlphaForwardingRules.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEAlphaForwardingRules.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEAlphaForwardingRules.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEAlphaForwardingRules.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert ForwardingRule with key of value obj.
+func (g *GCEAlphaForwardingRules) Insert(ctx context.Context, key *meta.Key, obj *alpha.ForwardingRule) error {
+	glog.V(5).Infof("GCEAlphaForwardingRules.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaForwardingRules.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "ForwardingRules")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("alpha"),
+		Service:   "ForwardingRules",
+	}
+	glog.V(5).Infof("GCEAlphaForwardingRules.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaForwardingRules.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.Alpha.ForwardingRules.Insert(projectID, key.Region, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaForwardingRules.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaForwardingRules.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the ForwardingRule referenced by key.
+func (g *GCEAlphaForwardingRules) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEAlphaForwardingRules.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaForwardingRules.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "ForwardingRules")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("alpha"),
+		Service:   "ForwardingRules",
+	}
+	glog.V(5).Infof("GCEAlphaForwardingRules.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaForwardingRules.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Alpha.ForwardingRules.Delete(projectID, key.Region, key.Name)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaForwardingRules.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaForwardingRules.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// GlobalForwardingRules is an interface that allows for mocking of GlobalForwardingRules.
+type GlobalForwardingRules interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.ForwardingRule, error)
+	List(ctx context.Context, fl *filter.F) ([]*ga.ForwardingRule, error)
+	Insert(ctx context.Context, key *meta.Key, obj *ga.ForwardingRule) error
+	Delete(ctx context.Context, key *meta.Key) error
+	SetTarget(context.Context, *meta.Key, *ga.TargetReference) error
+}
+
+// NewMockGlobalForwardingRules returns a new mock for GlobalForwardingRules.
+func NewMockGlobalForwardingRules(pr ProjectRouter, objs map[meta.Key]*MockGlobalForwardingRulesObj) *MockGlobalForwardingRules {
+	mock := &MockGlobalForwardingRules{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockGlobalForwardingRules is the mock for GlobalForwardingRules.
+type MockGlobalForwardingRules struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockGlobalForwardingRulesObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook       func(ctx context.Context, key *meta.Key, m *MockGlobalForwardingRules) (bool, *ga.ForwardingRule, error)
+	ListHook      func(ctx context.Context, fl *filter.F, m *MockGlobalForwardingRules) (bool, []*ga.ForwardingRule, error)
+	InsertHook    func(ctx context.Context, key *meta.Key, obj *ga.ForwardingRule, m *MockGlobalForwardingRules) (bool, error)
+	DeleteHook    func(ctx context.Context, key *meta.Key, m *MockGlobalForwardingRules) (bool, error)
+	SetTargetHook func(context.Context, *meta.Key, *ga.TargetReference, *MockGlobalForwardingRules) error
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockGlobalForwardingRules) Get(ctx context.Context, key *meta.Key) (*ga.ForwardingRule, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockGlobalForwardingRules.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockGlobalForwardingRules.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockGlobalForwardingRules.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockGlobalForwardingRules %v not found", key),
+	}
+	glog.V(5).Infof("MockGlobalForwardingRules.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock.
+func (m *MockGlobalForwardingRules) List(ctx context.Context, fl *filter.F) ([]*ga.ForwardingRule, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, fl, m); intercept {
+			glog.V(5).Infof("MockGlobalForwardingRules.List(%v, %v) = [%v items], %v", ctx, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockGlobalForwardingRules.List(%v, %v) = nil, %v", ctx, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.ForwardingRule
+	for _, obj := range m.Objects {
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockGlobalForwardingRules.List(%v, %v) = [%v items], nil", ctx, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockGlobalForwardingRules) Insert(ctx context.Context, key *meta.Key, obj *ga.ForwardingRule) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockGlobalForwardingRules.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockGlobalForwardingRules.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockGlobalForwardingRules %v exists", key),
+		}
+		glog.V(5).Infof("MockGlobalForwardingRules.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "ga", "forwardingRules")
+	obj.SelfLink = SelfLink(meta.VersionGA, projectID, "forwardingRules", key)
+
+	m.Objects[*key] = &MockGlobalForwardingRulesObj{obj}
+	glog.V(5).Infof("MockGlobalForwardingRules.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockGlobalForwardingRules) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockGlobalForwardingRules.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockGlobalForwardingRules.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockGlobalForwardingRules %v not found", key),
+		}
+		glog.V(5).Infof("MockGlobalForwardingRules.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockGlobalForwardingRules.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockGlobalForwardingRules) Obj(o *ga.ForwardingRule) *MockGlobalForwardingRulesObj {
+	return &MockGlobalForwardingRulesObj{o}
+}
+
+// SetTarget is a mock for the corresponding method.
+func (m *MockGlobalForwardingRules) SetTarget(ctx context.Context, key *meta.Key, arg0 *ga.TargetReference) error {
+	if m.SetTargetHook != nil {
+		return m.SetTargetHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// GCEGlobalForwardingRules is a simplifying adapter for the GCE GlobalForwardingRules.
+type GCEGlobalForwardingRules struct {
+	s *Service
+}
+
+// Get the ForwardingRule named by key.
+func (g *GCEGlobalForwardingRules) Get(ctx context.Context, key *meta.Key) (*ga.ForwardingRule, error) {
+	glog.V(5).Infof("GCEGlobalForwardingRules.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEGlobalForwardingRules.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "GlobalForwardingRules")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "GlobalForwardingRules",
+	}
+	glog.V(5).Infof("GCEGlobalForwardingRules.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEGlobalForwardingRules.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.GlobalForwardingRules.Get(projectID, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEGlobalForwardingRules.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all ForwardingRule objects.
+func (g *GCEGlobalForwardingRules) List(ctx context.Context, fl *filter.F) ([]*ga.ForwardingRule, error) {
+	glog.V(5).Infof("GCEGlobalForwardingRules.List(%v, %v) called", ctx, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "GlobalForwardingRules")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "GlobalForwardingRules",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEGlobalForwardingRules.List(%v, %v): projectID = %v, rk = %+v", ctx, fl, projectID, rk)
+	call := g.s.GA.GlobalForwardingRules.List(projectID)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.ForwardingRule
+	f := func(l *ga.ForwardingRuleList) error {
+		glog.V(5).Infof("GCEGlobalForwardingRules.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEGlobalForwardingRules.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEGlobalForwardingRules.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEGlobalForwardingRules.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert ForwardingRule with key of value obj.
+func (g *GCEGlobalForwardingRules) Insert(ctx context.Context, key *meta.Key, obj *ga.ForwardingRule) error {
+	glog.V(5).Infof("GCEGlobalForwardingRules.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEGlobalForwardingRules.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "GlobalForwardingRules")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("ga"),
+		Service:   "GlobalForwardingRules",
+	}
+	glog.V(5).Infof("GCEGlobalForwardingRules.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEGlobalForwardingRules.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.GA.GlobalForwardingRules.Insert(projectID, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEGlobalForwardingRules.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEGlobalForwardingRules.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the ForwardingRule referenced by key.
+func (g *GCEGlobalForwardingRules) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEGlobalForwardingRules.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEGlobalForwardingRules.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "GlobalForwardingRules")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("ga"),
+		Service:   "GlobalForwardingRules",
+	}
+	glog.V(5).Infof("GCEGlobalForwardingRules.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEGlobalForwardingRules.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.GlobalForwardingRules.Delete(projectID, key.Name)
+
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEGlobalForwardingRules.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEGlobalForwardingRules.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// SetTarget is a method on GCEGlobalForwardingRules.
+func (g *GCEGlobalForwardingRules) SetTarget(ctx context.Context, key *meta.Key, arg0 *ga.TargetReference) error {
+	glog.V(5).Infof("GCEGlobalForwardingRules.SetTarget(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEGlobalForwardingRules.SetTarget(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "GlobalForwardingRules")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "SetTarget",
+		Version:   meta.Version("ga"),
+		Service:   "GlobalForwardingRules",
+	}
+	glog.V(5).Infof("GCEGlobalForwardingRules.SetTarget(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEGlobalForwardingRules.SetTarget(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.GlobalForwardingRules.SetTarget(projectID, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEGlobalForwardingRules.SetTarget(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEGlobalForwardingRules.SetTarget(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// HealthChecks is an interface that allows for mocking of HealthChecks.
+type HealthChecks interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.HealthCheck, error)
+	List(ctx context.Context, fl *filter.F) ([]*ga.HealthCheck, error)
+	Insert(ctx context.Context, key *meta.Key, obj *ga.HealthCheck) error
+	Delete(ctx context.Context, key *meta.Key) error
+	Update(context.Context, *meta.Key, *ga.HealthCheck) error
+}
+
+// NewMockHealthChecks returns a new mock for HealthChecks.
+func NewMockHealthChecks(pr ProjectRouter, objs map[meta.Key]*MockHealthChecksObj) *MockHealthChecks {
+	mock := &MockHealthChecks{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockHealthChecks is the mock for HealthChecks.
+type MockHealthChecks struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockHealthChecksObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook    func(ctx context.Context, key *meta.Key, m *MockHealthChecks) (bool, *ga.HealthCheck, error)
+	ListHook   func(ctx context.Context, fl *filter.F, m *MockHealthChecks) (bool, []*ga.HealthCheck, error)
+	InsertHook func(ctx context.Context, key *meta.Key, obj *ga.HealthCheck, m *MockHealthChecks) (bool, error)
+	DeleteHook func(ctx context.Context, key *meta.Key, m *MockHealthChecks) (bool, error)
+	UpdateHook func(context.Context, *meta.Key, *ga.HealthCheck, *MockHealthChecks) error
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockHealthChecks) Get(ctx context.Context, key *meta.Key) (*ga.HealthCheck, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockHealthChecks.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockHealthChecks.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockHealthChecks.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockHealthChecks %v not found", key),
+	}
+	glog.V(5).Infof("MockHealthChecks.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock.
+func (m *MockHealthChecks) List(ctx context.Context, fl *filter.F) ([]*ga.HealthCheck, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, fl, m); intercept {
+			glog.V(5).Infof("MockHealthChecks.List(%v, %v) = [%v items], %v", ctx, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockHealthChecks.List(%v, %v) = nil, %v", ctx, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.HealthCheck
+	for _, obj := range m.Objects {
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockHealthChecks.List(%v, %v) = [%v items], nil", ctx, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockHealthChecks) Insert(ctx context.Context, key *meta.Key, obj *ga.HealthCheck) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockHealthChecks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockHealthChecks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockHealthChecks %v exists", key),
+		}
+		glog.V(5).Infof("MockHealthChecks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "ga", "healthChecks")
+	obj.SelfLink = SelfLink(meta.VersionGA, projectID, "healthChecks", key)
+
+	m.Objects[*key] = &MockHealthChecksObj{obj}
+	glog.V(5).Infof("MockHealthChecks.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockHealthChecks) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockHealthChecks %v not found", key),
+		}
+		glog.V(5).Infof("MockHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockHealthChecks.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockHealthChecks) Obj(o *ga.HealthCheck) *MockHealthChecksObj {
+	return &MockHealthChecksObj{o}
+}
+
+// Update is a mock for the corresponding method.
+func (m *MockHealthChecks) Update(ctx context.Context, key *meta.Key, arg0 *ga.HealthCheck) error {
+	if m.UpdateHook != nil {
+		return m.UpdateHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// GCEHealthChecks is a simplifying adapter for the GCE HealthChecks.
+type GCEHealthChecks struct {
+	s *Service
+}
+
+// Get the HealthCheck named by key.
+func (g *GCEHealthChecks) Get(ctx context.Context, key *meta.Key) (*ga.HealthCheck, error) {
+	glog.V(5).Infof("GCEHealthChecks.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEHealthChecks.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "HealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "HealthChecks",
+	}
+	glog.V(5).Infof("GCEHealthChecks.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEHealthChecks.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.HealthChecks.Get(projectID, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEHealthChecks.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all HealthCheck objects.
+func (g *GCEHealthChecks) List(ctx context.Context, fl *filter.F) ([]*ga.HealthCheck, error) {
+	glog.V(5).Infof("GCEHealthChecks.List(%v, %v) called", ctx, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "HealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "HealthChecks",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEHealthChecks.List(%v, %v): projectID = %v, rk = %+v", ctx, fl, projectID, rk)
+	call := g.s.GA.HealthChecks.List(projectID)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.HealthCheck
+	f := func(l *ga.HealthCheckList) error {
+		glog.V(5).Infof("GCEHealthChecks.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEHealthChecks.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEHealthChecks.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEHealthChecks.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert HealthCheck with key of value obj.
+func (g *GCEHealthChecks) Insert(ctx context.Context, key *meta.Key, obj *ga.HealthCheck) error {
+	glog.V(5).Infof("GCEHealthChecks.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEHealthChecks.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "HealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("ga"),
+		Service:   "HealthChecks",
+	}
+	glog.V(5).Infof("GCEHealthChecks.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEHealthChecks.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.GA.HealthChecks.Insert(projectID, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEHealthChecks.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEHealthChecks.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the HealthCheck referenced by key.
+func (g *GCEHealthChecks) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEHealthChecks.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEHealthChecks.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "HealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("ga"),
+		Service:   "HealthChecks",
+	}
+	glog.V(5).Infof("GCEHealthChecks.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEHealthChecks.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.HealthChecks.Delete(projectID, key.Name)
+
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// Update is a method on GCEHealthChecks.
+func (g *GCEHealthChecks) Update(ctx context.Context, key *meta.Key, arg0 *ga.HealthCheck) error {
+	glog.V(5).Infof("GCEHealthChecks.Update(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEHealthChecks.Update(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "HealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Update",
+		Version:   meta.Version("ga"),
+		Service:   "HealthChecks",
+	}
+	glog.V(5).Infof("GCEHealthChecks.Update(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEHealthChecks.Update(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.HealthChecks.Update(projectID, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEHealthChecks.Update(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEHealthChecks.Update(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// AlphaHealthChecks is an interface that allows for mocking of HealthChecks.
+type AlphaHealthChecks interface {
+	Get(ctx context.Context, key *meta.Key) (*alpha.HealthCheck, error)
+	List(ctx context.Context, fl *filter.F) ([]*alpha.HealthCheck, error)
+	Insert(ctx context.Context, key *meta.Key, obj *alpha.HealthCheck) error
+	Delete(ctx context.Context, key *meta.Key) error
+	Update(context.Context, *meta.Key, *alpha.HealthCheck) error
+}
+
+// NewMockAlphaHealthChecks returns a new mock for HealthChecks.
+func NewMockAlphaHealthChecks(pr ProjectRouter, objs map[meta.Key]*MockHealthChecksObj) *MockAlphaHealthChecks {
+	mock := &MockAlphaHealthChecks{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockAlphaHealthChecks is the mock for HealthChecks.
+type MockAlphaHealthChecks struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockHealthChecksObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook    func(ctx context.Context, key *meta.Key, m *MockAlphaHealthChecks) (bool, *alpha.HealthCheck, error)
+	ListHook   func(ctx context.Context, fl *filter.F, m *MockAlphaHealthChecks) (bool, []*alpha.HealthCheck, error)
+	InsertHook func(ctx context.Context, key *meta.Key, obj *alpha.HealthCheck, m *MockAlphaHealthChecks) (bool, error)
+	DeleteHook func(ctx context.Context, key *meta.Key, m *MockAlphaHealthChecks) (bool, error)
+	UpdateHook func(context.Context, *meta.Key, *alpha.HealthCheck, *MockAlphaHealthChecks) error
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockAlphaHealthChecks) Get(ctx context.Context, key *meta.Key) (*alpha.HealthCheck, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAlphaHealthChecks.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockAlphaHealthChecks.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToAlpha()
+		glog.V(5).Infof("MockAlphaHealthChecks.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockAlphaHealthChecks %v not found", key),
+	}
+	glog.V(5).Infof("MockAlphaHealthChecks.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock.
+func (m *MockAlphaHealthChecks) List(ctx context.Context, fl *filter.F) ([]*alpha.HealthCheck, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, fl, m); intercept {
+			glog.V(5).Infof("MockAlphaHealthChecks.List(%v, %v) = [%v items], %v", ctx, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockAlphaHealthChecks.List(%v, %v) = nil, %v", ctx, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*alpha.HealthCheck
+	for _, obj := range m.Objects {
+		if !fl.Match(obj.ToAlpha()) {
+			continue
+		}
+		objs = append(objs, obj.ToAlpha())
+	}
+
+	glog.V(5).Infof("MockAlphaHealthChecks.List(%v, %v) = [%v items], nil", ctx, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockAlphaHealthChecks) Insert(ctx context.Context, key *meta.Key, obj *alpha.HealthCheck) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockAlphaHealthChecks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockAlphaHealthChecks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockAlphaHealthChecks %v exists", key),
+		}
+		glog.V(5).Infof("MockAlphaHealthChecks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "alpha", "healthChecks")
+	obj.SelfLink = SelfLink(meta.VersionAlpha, projectID, "healthChecks", key)
+
+	m.Objects[*key] = &MockHealthChecksObj{obj}
+	glog.V(5).Infof("MockAlphaHealthChecks.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockAlphaHealthChecks) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAlphaHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockAlphaHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockAlphaHealthChecks %v not found", key),
+		}
+		glog.V(5).Infof("MockAlphaHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockAlphaHealthChecks.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockAlphaHealthChecks) Obj(o *alpha.HealthCheck) *MockHealthChecksObj {
+	return &MockHealthChecksObj{o}
+}
+
+// Update is a mock for the corresponding method.
+func (m *MockAlphaHealthChecks) Update(ctx context.Context, key *meta.Key, arg0 *alpha.HealthCheck) error {
+	if m.UpdateHook != nil {
+		return m.UpdateHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// GCEAlphaHealthChecks is a simplifying adapter for the GCE HealthChecks.
+type GCEAlphaHealthChecks struct {
+	s *Service
+}
+
+// Get the HealthCheck named by key.
+func (g *GCEAlphaHealthChecks) Get(ctx context.Context, key *meta.Key) (*alpha.HealthCheck, error) {
+	glog.V(5).Infof("GCEAlphaHealthChecks.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaHealthChecks.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "HealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("alpha"),
+		Service:   "HealthChecks",
+	}
+	glog.V(5).Infof("GCEAlphaHealthChecks.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaHealthChecks.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.Alpha.HealthChecks.Get(projectID, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEAlphaHealthChecks.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all HealthCheck objects.
+func (g *GCEAlphaHealthChecks) List(ctx context.Context, fl *filter.F) ([]*alpha.HealthCheck, error) {
+	glog.V(5).Infof("GCEAlphaHealthChecks.List(%v, %v) called", ctx, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "HealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("alpha"),
+		Service:   "HealthChecks",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEAlphaHealthChecks.List(%v, %v): projectID = %v, rk = %+v", ctx, fl, projectID, rk)
+	call := g.s.Alpha.HealthChecks.List(projectID)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*alpha.HealthCheck
+	f := func(l *alpha.HealthCheckList) error {
+		glog.V(5).Infof("GCEAlphaHealthChecks.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEAlphaHealthChecks.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEAlphaHealthChecks.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEAlphaHealthChecks.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert HealthCheck with key of value obj.
+func (g *GCEAlphaHealthChecks) Insert(ctx context.Context, key *meta.Key, obj *alpha.HealthCheck) error {
+	glog.V(5).Infof("GCEAlphaHealthChecks.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaHealthChecks.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "HealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("alpha"),
+		Service:   "HealthChecks",
+	}
+	glog.V(5).Infof("GCEAlphaHealthChecks.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaHealthChecks.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.Alpha.HealthChecks.Insert(projectID, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaHealthChecks.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaHealthChecks.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the HealthCheck referenced by key.
+func (g *GCEAlphaHealthChecks) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEAlphaHealthChecks.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaHealthChecks.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "HealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("alpha"),
+		Service:   "HealthChecks",
+	}
+	glog.V(5).Infof("GCEAlphaHealthChecks.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaHealthChecks.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Alpha.HealthChecks.Delete(projectID, key.Name)
+
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// Update is a method on GCEAlphaHealthChecks.
+func (g *GCEAlphaHealthChecks) Update(ctx context.Context, key *meta.Key, arg0 *alpha.HealthCheck) error {
+	glog.V(5).Infof("GCEAlphaHealthChecks.Update(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaHealthChecks.Update(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "HealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Update",
+		Version:   meta.Version("alpha"),
+		Service:   "HealthChecks",
+	}
+	glog.V(5).Infof("GCEAlphaHealthChecks.Update(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaHealthChecks.Update(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Alpha.HealthChecks.Update(projectID, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaHealthChecks.Update(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaHealthChecks.Update(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// HttpHealthChecks is an interface that allows for mocking of HttpHealthChecks.
+type HttpHealthChecks interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.HttpHealthCheck, error)
+	List(ctx context.Context, fl *filter.F) ([]*ga.HttpHealthCheck, error)
+	Insert(ctx context.Context, key *meta.Key, obj *ga.HttpHealthCheck) error
+	Delete(ctx context.Context, key *meta.Key) error
+	Update(context.Context, *meta.Key, *ga.HttpHealthCheck) error
+}
+
+// NewMockHttpHealthChecks returns a new mock for HttpHealthChecks.
+func NewMockHttpHealthChecks(pr ProjectRouter, objs map[meta.Key]*MockHttpHealthChecksObj) *MockHttpHealthChecks {
+	mock := &MockHttpHealthChecks{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockHttpHealthChecks is the mock for HttpHealthChecks.
+type MockHttpHealthChecks struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockHttpHealthChecksObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook    func(ctx context.Context, key *meta.Key, m *MockHttpHealthChecks) (bool, *ga.HttpHealthCheck, error)
+	ListHook   func(ctx context.Context, fl *filter.F, m *MockHttpHealthChecks) (bool, []*ga.HttpHealthCheck, error)
+	InsertHook func(ctx context.Context, key *meta.Key, obj *ga.HttpHealthCheck, m *MockHttpHealthChecks) (bool, error)
+	DeleteHook func(ctx context.Context, key *meta.Key, m *MockHttpHealthChecks) (bool, error)
+	UpdateHook func(context.Context, *meta.Key, *ga.HttpHealthCheck, *MockHttpHealthChecks) error
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockHttpHealthChecks) Get(ctx context.Context, key *meta.Key) (*ga.HttpHealthCheck, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockHttpHealthChecks.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockHttpHealthChecks.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockHttpHealthChecks.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockHttpHealthChecks %v not found", key),
+	}
+	glog.V(5).Infof("MockHttpHealthChecks.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock.
+func (m *MockHttpHealthChecks) List(ctx context.Context, fl *filter.F) ([]*ga.HttpHealthCheck, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, fl, m); intercept {
+			glog.V(5).Infof("MockHttpHealthChecks.List(%v, %v) = [%v items], %v", ctx, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockHttpHealthChecks.List(%v, %v) = nil, %v", ctx, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.HttpHealthCheck
+	for _, obj := range m.Objects {
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockHttpHealthChecks.List(%v, %v) = [%v items], nil", ctx, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockHttpHealthChecks) Insert(ctx context.Context, key *meta.Key, obj *ga.HttpHealthCheck) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockHttpHealthChecks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockHttpHealthChecks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockHttpHealthChecks %v exists", key),
+		}
+		glog.V(5).Infof("MockHttpHealthChecks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "ga", "httpHealthChecks")
+	obj.SelfLink = SelfLink(meta.VersionGA, projectID, "httpHealthChecks", key)
+
+	m.Objects[*key] = &MockHttpHealthChecksObj{obj}
+	glog.V(5).Infof("MockHttpHealthChecks.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockHttpHealthChecks) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockHttpHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockHttpHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockHttpHealthChecks %v not found", key),
+		}
+		glog.V(5).Infof("MockHttpHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockHttpHealthChecks.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockHttpHealthChecks) Obj(o *ga.HttpHealthCheck) *MockHttpHealthChecksObj {
+	return &MockHttpHealthChecksObj{o}
+}
+
+// Update is a mock for the corresponding method.
+func (m *MockHttpHealthChecks) Update(ctx context.Context, key *meta.Key, arg0 *ga.HttpHealthCheck) error {
+	if m.UpdateHook != nil {
+		return m.UpdateHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// GCEHttpHealthChecks is a simplifying adapter for the GCE HttpHealthChecks.
+type GCEHttpHealthChecks struct {
+	s *Service
+}
+
+// Get the HttpHealthCheck named by key.
+func (g *GCEHttpHealthChecks) Get(ctx context.Context, key *meta.Key) (*ga.HttpHealthCheck, error) {
+	glog.V(5).Infof("GCEHttpHealthChecks.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEHttpHealthChecks.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "HttpHealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "HttpHealthChecks",
+	}
+	glog.V(5).Infof("GCEHttpHealthChecks.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEHttpHealthChecks.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.HttpHealthChecks.Get(projectID, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEHttpHealthChecks.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all HttpHealthCheck objects.
+func (g *GCEHttpHealthChecks) List(ctx context.Context, fl *filter.F) ([]*ga.HttpHealthCheck, error) {
+	glog.V(5).Infof("GCEHttpHealthChecks.List(%v, %v) called", ctx, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "HttpHealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "HttpHealthChecks",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEHttpHealthChecks.List(%v, %v): projectID = %v, rk = %+v", ctx, fl, projectID, rk)
+	call := g.s.GA.HttpHealthChecks.List(projectID)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.HttpHealthCheck
+	f := func(l *ga.HttpHealthCheckList) error {
+		glog.V(5).Infof("GCEHttpHealthChecks.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEHttpHealthChecks.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEHttpHealthChecks.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEHttpHealthChecks.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert HttpHealthCheck with key of value obj.
+func (g *GCEHttpHealthChecks) Insert(ctx context.Context, key *meta.Key, obj *ga.HttpHealthCheck) error {
+	glog.V(5).Infof("GCEHttpHealthChecks.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEHttpHealthChecks.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "HttpHealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("ga"),
+		Service:   "HttpHealthChecks",
+	}
+	glog.V(5).Infof("GCEHttpHealthChecks.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEHttpHealthChecks.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.GA.HttpHealthChecks.Insert(projectID, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEHttpHealthChecks.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEHttpHealthChecks.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the HttpHealthCheck referenced by key.
+func (g *GCEHttpHealthChecks) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEHttpHealthChecks.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEHttpHealthChecks.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "HttpHealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("ga"),
+		Service:   "HttpHealthChecks",
+	}
+	glog.V(5).Infof("GCEHttpHealthChecks.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEHttpHealthChecks.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.HttpHealthChecks.Delete(projectID, key.Name)
+
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEHttpHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEHttpHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// Update is a method on GCEHttpHealthChecks.
+func (g *GCEHttpHealthChecks) Update(ctx context.Context, key *meta.Key, arg0 *ga.HttpHealthCheck) error {
+	glog.V(5).Infof("GCEHttpHealthChecks.Update(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEHttpHealthChecks.Update(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "HttpHealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Update",
+		Version:   meta.Version("ga"),
+		Service:   "HttpHealthChecks",
+	}
+	glog.V(5).Infof("GCEHttpHealthChecks.Update(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEHttpHealthChecks.Update(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.HttpHealthChecks.Update(projectID, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEHttpHealthChecks.Update(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEHttpHealthChecks.Update(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// HttpsHealthChecks is an interface that allows for mocking of HttpsHealthChecks.
+type HttpsHealthChecks interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.HttpsHealthCheck, error)
+	List(ctx context.Context, fl *filter.F) ([]*ga.HttpsHealthCheck, error)
+	Insert(ctx context.Context, key *meta.Key, obj *ga.HttpsHealthCheck) error
+	Delete(ctx context.Context, key *meta.Key) error
+	Update(context.Context, *meta.Key, *ga.HttpsHealthCheck) error
+}
+
+// NewMockHttpsHealthChecks returns a new mock for HttpsHealthChecks.
+func NewMockHttpsHealthChecks(pr ProjectRouter, objs map[meta.Key]*MockHttpsHealthChecksObj) *MockHttpsHealthChecks {
+	mock := &MockHttpsHealthChecks{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockHttpsHealthChecks is the mock for HttpsHealthChecks.
+type MockHttpsHealthChecks struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockHttpsHealthChecksObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook    func(ctx context.Context, key *meta.Key, m *MockHttpsHealthChecks) (bool, *ga.HttpsHealthCheck, error)
+	ListHook   func(ctx context.Context, fl *filter.F, m *MockHttpsHealthChecks) (bool, []*ga.HttpsHealthCheck, error)
+	InsertHook func(ctx context.Context, key *meta.Key, obj *ga.HttpsHealthCheck, m *MockHttpsHealthChecks) (bool, error)
+	DeleteHook func(ctx context.Context, key *meta.Key, m *MockHttpsHealthChecks) (bool, error)
+	UpdateHook func(context.Context, *meta.Key, *ga.HttpsHealthCheck, *MockHttpsHealthChecks) error
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockHttpsHealthChecks) Get(ctx context.Context, key *meta.Key) (*ga.HttpsHealthCheck, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockHttpsHealthChecks.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockHttpsHealthChecks.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockHttpsHealthChecks.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockHttpsHealthChecks %v not found", key),
+	}
+	glog.V(5).Infof("MockHttpsHealthChecks.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock.
+func (m *MockHttpsHealthChecks) List(ctx context.Context, fl *filter.F) ([]*ga.HttpsHealthCheck, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, fl, m); intercept {
+			glog.V(5).Infof("MockHttpsHealthChecks.List(%v, %v) = [%v items], %v", ctx, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockHttpsHealthChecks.List(%v, %v) = nil, %v", ctx, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.HttpsHealthCheck
+	for _, obj := range m.Objects {
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockHttpsHealthChecks.List(%v, %v) = [%v items], nil", ctx, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockHttpsHealthChecks) Insert(ctx context.Context, key *meta.Key, obj *ga.HttpsHealthCheck) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockHttpsHealthChecks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockHttpsHealthChecks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockHttpsHealthChecks %v exists", key),
+		}
+		glog.V(5).Infof("MockHttpsHealthChecks.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "ga", "httpsHealthChecks")
+	obj.SelfLink = SelfLink(meta.VersionGA, projectID, "httpsHealthChecks", key)
+
+	m.Objects[*key] = &MockHttpsHealthChecksObj{obj}
+	glog.V(5).Infof("MockHttpsHealthChecks.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockHttpsHealthChecks) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockHttpsHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockHttpsHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockHttpsHealthChecks %v not found", key),
+		}
+		glog.V(5).Infof("MockHttpsHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockHttpsHealthChecks.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockHttpsHealthChecks) Obj(o *ga.HttpsHealthCheck) *MockHttpsHealthChecksObj {
+	return &MockHttpsHealthChecksObj{o}
+}
+
+// Update is a mock for the corresponding method.
+func (m *MockHttpsHealthChecks) Update(ctx context.Context, key *meta.Key, arg0 *ga.HttpsHealthCheck) error {
+	if m.UpdateHook != nil {
+		return m.UpdateHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// GCEHttpsHealthChecks is a simplifying adapter for the GCE HttpsHealthChecks.
+type GCEHttpsHealthChecks struct {
+	s *Service
+}
+
+// Get the HttpsHealthCheck named by key.
+func (g *GCEHttpsHealthChecks) Get(ctx context.Context, key *meta.Key) (*ga.HttpsHealthCheck, error) {
+	glog.V(5).Infof("GCEHttpsHealthChecks.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEHttpsHealthChecks.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "HttpsHealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "HttpsHealthChecks",
+	}
+	glog.V(5).Infof("GCEHttpsHealthChecks.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEHttpsHealthChecks.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.HttpsHealthChecks.Get(projectID, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEHttpsHealthChecks.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all HttpsHealthCheck objects.
+func (g *GCEHttpsHealthChecks) List(ctx context.Context, fl *filter.F) ([]*ga.HttpsHealthCheck, error) {
+	glog.V(5).Infof("GCEHttpsHealthChecks.List(%v, %v) called", ctx, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "HttpsHealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "HttpsHealthChecks",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEHttpsHealthChecks.List(%v, %v): projectID = %v, rk = %+v", ctx, fl, projectID, rk)
+	call := g.s.GA.HttpsHealthChecks.List(projectID)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.HttpsHealthCheck
+	f := func(l *ga.HttpsHealthCheckList) error {
+		glog.V(5).Infof("GCEHttpsHealthChecks.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEHttpsHealthChecks.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEHttpsHealthChecks.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEHttpsHealthChecks.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert HttpsHealthCheck with key of value obj.
+func (g *GCEHttpsHealthChecks) Insert(ctx context.Context, key *meta.Key, obj *ga.HttpsHealthCheck) error {
+	glog.V(5).Infof("GCEHttpsHealthChecks.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEHttpsHealthChecks.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "HttpsHealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("ga"),
+		Service:   "HttpsHealthChecks",
+	}
+	glog.V(5).Infof("GCEHttpsHealthChecks.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEHttpsHealthChecks.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.GA.HttpsHealthChecks.Insert(projectID, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEHttpsHealthChecks.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEHttpsHealthChecks.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the HttpsHealthCheck referenced by key.
+func (g *GCEHttpsHealthChecks) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEHttpsHealthChecks.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEHttpsHealthChecks.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "HttpsHealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("ga"),
+		Service:   "HttpsHealthChecks",
+	}
+	glog.V(5).Infof("GCEHttpsHealthChecks.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEHttpsHealthChecks.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.HttpsHealthChecks.Delete(projectID, key.Name)
+
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEHttpsHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEHttpsHealthChecks.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// Update is a method on GCEHttpsHealthChecks.
+func (g *GCEHttpsHealthChecks) Update(ctx context.Context, key *meta.Key, arg0 *ga.HttpsHealthCheck) error {
+	glog.V(5).Infof("GCEHttpsHealthChecks.Update(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEHttpsHealthChecks.Update(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "HttpsHealthChecks")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Update",
+		Version:   meta.Version("ga"),
+		Service:   "HttpsHealthChecks",
+	}
+	glog.V(5).Infof("GCEHttpsHealthChecks.Update(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEHttpsHealthChecks.Update(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.HttpsHealthChecks.Update(projectID, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEHttpsHealthChecks.Update(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEHttpsHealthChecks.Update(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// InstanceGroups is an interface that allows for mocking of InstanceGroups.
+type InstanceGroups interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.InstanceGroup, error)
+	List(ctx context.Context, zone string, fl *filter.F) ([]*ga.InstanceGroup, error)
+	Insert(ctx context.Context, key *meta.Key, obj *ga.InstanceGroup) error
+	Delete(ctx context.Context, key *meta.Key) error
+	AddInstances(context.Context, *meta.Key, *ga.InstanceGroupsAddInstancesRequest) error
+	ListInstances(context.Context, *meta.Key, *ga.InstanceGroupsListInstancesRequest, *filter.F) ([]*ga.InstanceWithNamedPorts, error)
+	RemoveInstances(context.Context, *meta.Key, *ga.InstanceGroupsRemoveInstancesRequest) error
+	SetNamedPorts(context.Context, *meta.Key, *ga.InstanceGroupsSetNamedPortsRequest) error
+}
+
+// NewMockInstanceGroups returns a new mock for InstanceGroups.
+func NewMockInstanceGroups(pr ProjectRouter, objs map[meta.Key]*MockInstanceGroupsObj) *MockInstanceGroups {
+	mock := &MockInstanceGroups{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockInstanceGroups is the mock for InstanceGroups.
+type MockInstanceGroups struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockInstanceGroupsObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook             func(ctx context.Context, key *meta.Key, m *MockInstanceGroups) (bool, *ga.InstanceGroup, error)
+	ListHook            func(ctx context.Context, zone string, fl *filter.F, m *MockInstanceGroups) (bool, []*ga.InstanceGroup, error)
+	InsertHook          func(ctx context.Context, key *meta.Key, obj *ga.InstanceGroup, m *MockInstanceGroups) (bool, error)
+	DeleteHook          func(ctx context.Context, key *meta.Key, m *MockInstanceGroups) (bool, error)
+	AddInstancesHook    func(context.Context, *meta.Key, *ga.InstanceGroupsAddInstancesRequest, *MockInstanceGroups) error
+	ListInstancesHook   func(context.Context, *meta.Key, *ga.InstanceGroupsListInstancesRequest, *filter.F, *MockInstanceGroups) ([]*ga.InstanceWithNamedPorts, error)
+	RemoveInstancesHook func(context.Context, *meta.Key, *ga.InstanceGroupsRemoveInstancesRequest, *MockInstanceGroups) error
+	SetNamedPortsHook   func(context.Context, *meta.Key, *ga.InstanceGroupsSetNamedPortsRequest, *MockInstanceGroups) error
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockInstanceGroups) Get(ctx context.Context, key *meta.Key) (*ga.InstanceGroup, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockInstanceGroups.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockInstanceGroups.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockInstanceGroups.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockInstanceGroups %v not found", key),
+	}
+	glog.V(5).Infof("MockInstanceGroups.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock in the given zone.
+func (m *MockInstanceGroups) List(ctx context.Context, zone string, fl *filter.F) ([]*ga.InstanceGroup, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, zone, fl, m); intercept {
+			glog.V(5).Infof("MockInstanceGroups.List(%v, %q, %v) = [%v items], %v", ctx, zone, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockInstanceGroups.List(%v, %q, %v) = nil, %v", ctx, zone, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.InstanceGroup
+	for key, obj := range m.Objects {
+		if key.Zone != zone {
+			continue
+		}
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockInstanceGroups.List(%v, %q, %v) = [%v items], nil", ctx, zone, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockInstanceGroups) Insert(ctx context.Context, key *meta.Key, obj *ga.InstanceGroup) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockInstanceGroups.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockInstanceGroups.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockInstanceGroups %v exists", key),
+		}
+		glog.V(5).Infof("MockInstanceGroups.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "ga", "instanceGroups")
+	obj.SelfLink = SelfLink(meta.VersionGA, projectID, "instanceGroups", key)
+
+	m.Objects[*key] = &MockInstanceGroupsObj{obj}
+	glog.V(5).Infof("MockInstanceGroups.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockInstanceGroups) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockInstanceGroups.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockInstanceGroups.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockInstanceGroups %v not found", key),
+		}
+		glog.V(5).Infof("MockInstanceGroups.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockInstanceGroups.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockInstanceGroups) Obj(o *ga.InstanceGroup) *MockInstanceGroupsObj {
+	return &MockInstanceGroupsObj{o}
+}
+
+// AddInstances is a mock for the corresponding method.
+func (m *MockInstanceGroups) AddInstances(ctx context.Context, key *meta.Key, arg0 *ga.InstanceGroupsAddInstancesRequest) error {
+	if m.AddInstancesHook != nil {
+		return m.AddInstancesHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// ListInstances is a mock for the corresponding method.
+func (m *MockInstanceGroups) ListInstances(ctx context.Context, key *meta.Key, arg0 *ga.InstanceGroupsListInstancesRequest, fl *filter.F) ([]*ga.InstanceWithNamedPorts, error) {
+	if m.ListInstancesHook != nil {
+		return m.ListInstancesHook(ctx, key, arg0, fl, m)
+	}
+	return nil, nil
+}
+
+// RemoveInstances is a mock for the corresponding method.
+func (m *MockInstanceGroups) RemoveInstances(ctx context.Context, key *meta.Key, arg0 *ga.InstanceGroupsRemoveInstancesRequest) error {
+	if m.RemoveInstancesHook != nil {
+		return m.RemoveInstancesHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// SetNamedPorts is a mock for the corresponding method.
+func (m *MockInstanceGroups) SetNamedPorts(ctx context.Context, key *meta.Key, arg0 *ga.InstanceGroupsSetNamedPortsRequest) error {
+	if m.SetNamedPortsHook != nil {
+		return m.SetNamedPortsHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// GCEInstanceGroups is a simplifying adapter for the GCE InstanceGroups.
+type GCEInstanceGroups struct {
+	s *Service
+}
+
+// Get the InstanceGroup named by key.
+func (g *GCEInstanceGroups) Get(ctx context.Context, key *meta.Key) (*ga.InstanceGroup, error) {
+	glog.V(5).Infof("GCEInstanceGroups.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEInstanceGroups.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "InstanceGroups")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "InstanceGroups",
+	}
+	glog.V(5).Infof("GCEInstanceGroups.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEInstanceGroups.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.InstanceGroups.Get(projectID, key.Zone, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEInstanceGroups.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all InstanceGroup objects.
+func (g *GCEInstanceGroups) List(ctx context.Context, zone string, fl *filter.F) ([]*ga.InstanceGroup, error) {
+	glog.V(5).Infof("GCEInstanceGroups.List(%v, %v, %v) called", ctx, zone, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "InstanceGroups")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "InstanceGroups",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEInstanceGroups.List(%v, %v, %v): projectID = %v, rk = %+v", ctx, zone, fl, projectID, rk)
+	call := g.s.GA.InstanceGroups.List(projectID, zone)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.InstanceGroup
+	f := func(l *ga.InstanceGroupList) error {
+		glog.V(5).Infof("GCEInstanceGroups.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEInstanceGroups.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEInstanceGroups.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEInstanceGroups.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert InstanceGroup with key of value obj.
+func (g *GCEInstanceGroups) Insert(ctx context.Context, key *meta.Key, obj *ga.InstanceGroup) error {
+	glog.V(5).Infof("GCEInstanceGroups.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEInstanceGroups.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "InstanceGroups")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("ga"),
+		Service:   "InstanceGroups",
+	}
+	glog.V(5).Infof("GCEInstanceGroups.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEInstanceGroups.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.GA.InstanceGroups.Insert(projectID, key.Zone, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEInstanceGroups.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEInstanceGroups.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the InstanceGroup referenced by key.
+func (g *GCEInstanceGroups) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEInstanceGroups.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEInstanceGroups.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "InstanceGroups")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("ga"),
+		Service:   "InstanceGroups",
+	}
+	glog.V(5).Infof("GCEInstanceGroups.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEInstanceGroups.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.InstanceGroups.Delete(projectID, key.Zone, key.Name)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEInstanceGroups.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEInstanceGroups.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// AddInstances is a method on GCEInstanceGroups.
+func (g *GCEInstanceGroups) AddInstances(ctx context.Context, key *meta.Key, arg0 *ga.InstanceGroupsAddInstancesRequest) error {
+	glog.V(5).Infof("GCEInstanceGroups.AddInstances(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEInstanceGroups.AddInstances(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "InstanceGroups")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "AddInstances",
+		Version:   meta.Version("ga"),
+		Service:   "InstanceGroups",
+	}
+	glog.V(5).Infof("GCEInstanceGroups.AddInstances(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEInstanceGroups.AddInstances(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.InstanceGroups.AddInstances(projectID, key.Zone, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEInstanceGroups.AddInstances(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEInstanceGroups.AddInstances(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// ListInstances is a method on GCEInstanceGroups.
+func (g *GCEInstanceGroups) ListInstances(ctx context.Context, key *meta.Key, arg0 *ga.InstanceGroupsListInstancesRequest, fl *filter.F) ([]*ga.InstanceWithNamedPorts, error) {
+	glog.V(5).Infof("GCEInstanceGroups.ListInstances(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEInstanceGroups.ListInstances(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "InstanceGroups")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "ListInstances",
+		Version:   meta.Version("ga"),
+		Service:   "InstanceGroups",
+	}
+	glog.V(5).Infof("GCEInstanceGroups.ListInstances(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEInstanceGroups.ListInstances(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.InstanceGroups.ListInstances(projectID, key.Zone, key.Name, arg0)
+	var all []*ga.InstanceWithNamedPorts
+	f := func(l *ga.InstanceGroupsListInstances) error {
+		glog.V(5).Infof("GCEInstanceGroups.ListInstances(%v, %v, ...): page %+v", ctx, key, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEInstanceGroups.ListInstances(%v, %v, ...) = %v, %v", ctx, key, nil, err)
+		return nil, err
+	}
+	if glog.V(4) {
+		glog.V(4).Infof("GCEInstanceGroups.ListInstances(%v, %v, ...) = [%v items], %v", ctx, key, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEInstanceGroups.ListInstances(%v, %v, ...) = %v, %v", ctx, key, asStr, nil)
+	}
+	return all, nil
+}
+
+// RemoveInstances is a method on GCEInstanceGroups.
+func (g *GCEInstanceGroups) RemoveInstances(ctx context.Context, key *meta.Key, arg0 *ga.InstanceGroupsRemoveInstancesRequest) error {
+	glog.V(5).Infof("GCEInstanceGroups.RemoveInstances(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEInstanceGroups.RemoveInstances(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "InstanceGroups")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "RemoveInstances",
+		Version:   meta.Version("ga"),
+		Service:   "InstanceGroups",
+	}
+	glog.V(5).Infof("GCEInstanceGroups.RemoveInstances(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEInstanceGroups.RemoveInstances(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.InstanceGroups.RemoveInstances(projectID, key.Zone, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEInstanceGroups.RemoveInstances(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEInstanceGroups.RemoveInstances(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// SetNamedPorts is a method on GCEInstanceGroups.
+func (g *GCEInstanceGroups) SetNamedPorts(ctx context.Context, key *meta.Key, arg0 *ga.InstanceGroupsSetNamedPortsRequest) error {
+	glog.V(5).Infof("GCEInstanceGroups.SetNamedPorts(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEInstanceGroups.SetNamedPorts(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "InstanceGroups")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "SetNamedPorts",
+		Version:   meta.Version("ga"),
+		Service:   "InstanceGroups",
+	}
+	glog.V(5).Infof("GCEInstanceGroups.SetNamedPorts(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEInstanceGroups.SetNamedPorts(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.InstanceGroups.SetNamedPorts(projectID, key.Zone, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEInstanceGroups.SetNamedPorts(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEInstanceGroups.SetNamedPorts(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// Instances is an interface that allows for mocking of Instances.
+type Instances interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.Instance, error)
+	List(ctx context.Context, zone string, fl *filter.F) ([]*ga.Instance, error)
+	Insert(ctx context.Context, key *meta.Key, obj *ga.Instance) error
+	Delete(ctx context.Context, key *meta.Key) error
+	AttachDisk(context.Context, *meta.Key, *ga.AttachedDisk) error
+	DetachDisk(context.Context, *meta.Key, string) error
+}
+
+// NewMockInstances returns a new mock for Instances.
+func NewMockInstances(pr ProjectRouter, objs map[meta.Key]*MockInstancesObj) *MockInstances {
+	mock := &MockInstances{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockInstances is the mock for Instances.
+type MockInstances struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockInstancesObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook        func(ctx context.Context, key *meta.Key, m *MockInstances) (bool, *ga.Instance, error)
+	ListHook       func(ctx context.Context, zone string, fl *filter.F, m *MockInstances) (bool, []*ga.Instance, error)
+	InsertHook     func(ctx context.Context, key *meta.Key, obj *ga.Instance, m *MockInstances) (bool, error)
+	DeleteHook     func(ctx context.Context, key *meta.Key, m *MockInstances) (bool, error)
+	AttachDiskHook func(context.Context, *meta.Key, *ga.AttachedDisk, *MockInstances) error
+	DetachDiskHook func(context.Context, *meta.Key, string, *MockInstances) error
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockInstances) Get(ctx context.Context, key *meta.Key) (*ga.Instance, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockInstances.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockInstances.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockInstances.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockInstances %v not found", key),
+	}
+	glog.V(5).Infof("MockInstances.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock in the given zone.
+func (m *MockInstances) List(ctx context.Context, zone string, fl *filter.F) ([]*ga.Instance, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, zone, fl, m); intercept {
+			glog.V(5).Infof("MockInstances.List(%v, %q, %v) = [%v items], %v", ctx, zone, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockInstances.List(%v, %q, %v) = nil, %v", ctx, zone, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.Instance
+	for key, obj := range m.Objects {
+		if key.Zone != zone {
+			continue
+		}
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockInstances.List(%v, %q, %v) = [%v items], nil", ctx, zone, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockInstances) Insert(ctx context.Context, key *meta.Key, obj *ga.Instance) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockInstances.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockInstances.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockInstances %v exists", key),
+		}
+		glog.V(5).Infof("MockInstances.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "ga", "instances")
+	obj.SelfLink = SelfLink(meta.VersionGA, projectID, "instances", key)
+
+	m.Objects[*key] = &MockInstancesObj{obj}
+	glog.V(5).Infof("MockInstances.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockInstances) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockInstances.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockInstances.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockInstances %v not found", key),
+		}
+		glog.V(5).Infof("MockInstances.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockInstances.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockInstances) Obj(o *ga.Instance) *MockInstancesObj {
+	return &MockInstancesObj{o}
+}
+
+// AttachDisk is a mock for the corresponding method.
+func (m *MockInstances) AttachDisk(ctx context.Context, key *meta.Key, arg0 *ga.AttachedDisk) error {
+	if m.AttachDiskHook != nil {
+		return m.AttachDiskHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// DetachDisk is a mock for the corresponding method.
+func (m *MockInstances) DetachDisk(ctx context.Context, key *meta.Key, arg0 string) error {
+	if m.DetachDiskHook != nil {
+		return m.DetachDiskHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// GCEInstances is a simplifying adapter for the GCE Instances.
+type GCEInstances struct {
+	s *Service
+}
+
+// Get the Instance named by key.
+func (g *GCEInstances) Get(ctx context.Context, key *meta.Key) (*ga.Instance, error) {
+	glog.V(5).Infof("GCEInstances.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEInstances.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "Instances",
+	}
+	glog.V(5).Infof("GCEInstances.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEInstances.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.Instances.Get(projectID, key.Zone, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEInstances.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all Instance objects.
+func (g *GCEInstances) List(ctx context.Context, zone string, fl *filter.F) ([]*ga.Instance, error) {
+	glog.V(5).Infof("GCEInstances.List(%v, %v, %v) called", ctx, zone, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "Instances",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEInstances.List(%v, %v, %v): projectID = %v, rk = %+v", ctx, zone, fl, projectID, rk)
+	call := g.s.GA.Instances.List(projectID, zone)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.Instance
+	f := func(l *ga.InstanceList) error {
+		glog.V(5).Infof("GCEInstances.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEInstances.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEInstances.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEInstances.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert Instance with key of value obj.
+func (g *GCEInstances) Insert(ctx context.Context, key *meta.Key, obj *ga.Instance) error {
+	glog.V(5).Infof("GCEInstances.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEInstances.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("ga"),
+		Service:   "Instances",
+	}
+	glog.V(5).Infof("GCEInstances.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEInstances.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.GA.Instances.Insert(projectID, key.Zone, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEInstances.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEInstances.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the Instance referenced by key.
+func (g *GCEInstances) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEInstances.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEInstances.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("ga"),
+		Service:   "Instances",
+	}
+	glog.V(5).Infof("GCEInstances.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEInstances.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.Instances.Delete(projectID, key.Zone, key.Name)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEInstances.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEInstances.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// AttachDisk is a method on GCEInstances.
+func (g *GCEInstances) AttachDisk(ctx context.Context, key *meta.Key, arg0 *ga.AttachedDisk) error {
+	glog.V(5).Infof("GCEInstances.AttachDisk(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEInstances.AttachDisk(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "AttachDisk",
+		Version:   meta.Version("ga"),
+		Service:   "Instances",
+	}
+	glog.V(5).Infof("GCEInstances.AttachDisk(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEInstances.AttachDisk(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.Instances.AttachDisk(projectID, key.Zone, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEInstances.AttachDisk(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEInstances.AttachDisk(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// DetachDisk is a method on GCEInstances.
+func (g *GCEInstances) DetachDisk(ctx context.Context, key *meta.Key, arg0 string) error {
+	glog.V(5).Infof("GCEInstances.DetachDisk(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEInstances.DetachDisk(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "DetachDisk",
+		Version:   meta.Version("ga"),
+		Service:   "Instances",
+	}
+	glog.V(5).Infof("GCEInstances.DetachDisk(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEInstances.DetachDisk(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.Instances.DetachDisk(projectID, key.Zone, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEInstances.DetachDisk(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEInstances.DetachDisk(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// BetaInstances is an interface that allows for mocking of Instances.
+type BetaInstances interface {
+	Get(ctx context.Context, key *meta.Key) (*beta.Instance, error)
+	List(ctx context.Context, zone string, fl *filter.F) ([]*beta.Instance, error)
+	Insert(ctx context.Context, key *meta.Key, obj *beta.Instance) error
+	Delete(ctx context.Context, key *meta.Key) error
+	AttachDisk(context.Context, *meta.Key, *beta.AttachedDisk) error
+	DetachDisk(context.Context, *meta.Key, string) error
+	UpdateNetworkInterface(context.Context, *meta.Key, string, *beta.NetworkInterface) error
+}
+
+// NewMockBetaInstances returns a new mock for Instances.
+func NewMockBetaInstances(pr ProjectRouter, objs map[meta.Key]*MockInstancesObj) *MockBetaInstances {
+	mock := &MockBetaInstances{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockBetaInstances is the mock for Instances.
+type MockBetaInstances struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockInstancesObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook                    func(ctx context.Context, key *meta.Key, m *MockBetaInstances) (bool, *beta.Instance, error)
+	ListHook                   func(ctx context.Context, zone string, fl *filter.F, m *MockBetaInstances) (bool, []*beta.Instance, error)
+	InsertHook                 func(ctx context.Context, key *meta.Key, obj *beta.Instance, m *MockBetaInstances) (bool, error)
+	DeleteHook                 func(ctx context.Context, key *meta.Key, m *MockBetaInstances) (bool, error)
+	AttachDiskHook             func(context.Context, *meta.Key, *beta.AttachedDisk, *MockBetaInstances) error
+	DetachDiskHook             func(context.Context, *meta.Key, string, *MockBetaInstances) error
+	UpdateNetworkInterfaceHook func(context.Context, *meta.Key, string, *beta.NetworkInterface, *MockBetaInstances) error
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockBetaInstances) Get(ctx context.Context, key *meta.Key) (*beta.Instance, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockBetaInstances.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockBetaInstances.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToBeta()
+		glog.V(5).Infof("MockBetaInstances.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockBetaInstances %v not found", key),
+	}
+	glog.V(5).Infof("MockBetaInstances.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock in the given zone.
+func (m *MockBetaInstances) List(ctx context.Context, zone string, fl *filter.F) ([]*beta.Instance, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, zone, fl, m); intercept {
+			glog.V(5).Infof("MockBetaInstances.List(%v, %q, %v) = [%v items], %v", ctx, zone, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockBetaInstances.List(%v, %q, %v) = nil, %v", ctx, zone, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*beta.Instance
+	for key, obj := range m.Objects {
+		if key.Zone != zone {
+			continue
+		}
+		if !fl.Match(obj.ToBeta()) {
+			continue
+		}
+		objs = append(objs, obj.ToBeta())
+	}
+
+	glog.V(5).Infof("MockBetaInstances.List(%v, %q, %v) = [%v items], nil", ctx, zone, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockBetaInstances) Insert(ctx context.Context, key *meta.Key, obj *beta.Instance) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockBetaInstances.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockBetaInstances.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockBetaInstances %v exists", key),
+		}
+		glog.V(5).Infof("MockBetaInstances.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "beta", "instances")
+	obj.SelfLink = SelfLink(meta.VersionBeta, projectID, "instances", key)
+
+	m.Objects[*key] = &MockInstancesObj{obj}
+	glog.V(5).Infof("MockBetaInstances.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockBetaInstances) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockBetaInstances.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockBetaInstances.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockBetaInstances %v not found", key),
+		}
+		glog.V(5).Infof("MockBetaInstances.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockBetaInstances.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockBetaInstances) Obj(o *beta.Instance) *MockInstancesObj {
+	return &MockInstancesObj{o}
+}
+
+// AttachDisk is a mock for the corresponding method.
+func (m *MockBetaInstances) AttachDisk(ctx context.Context, key *meta.Key, arg0 *beta.AttachedDisk) error {
+	if m.AttachDiskHook != nil {
+		return m.AttachDiskHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// DetachDisk is a mock for the corresponding method.
+func (m *MockBetaInstances) DetachDisk(ctx context.Context, key *meta.Key, arg0 string) error {
+	if m.DetachDiskHook != nil {
+		return m.DetachDiskHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// UpdateNetworkInterface is a mock for the corresponding method.
+func (m *MockBetaInstances) UpdateNetworkInterface(ctx context.Context, key *meta.Key, arg0 string, arg1 *beta.NetworkInterface) error {
+	if m.UpdateNetworkInterfaceHook != nil {
+		return m.UpdateNetworkInterfaceHook(ctx, key, arg0, arg1, m)
+	}
+	return nil
+}
+
+// GCEBetaInstances is a simplifying adapter for the GCE Instances.
+type GCEBetaInstances struct {
+	s *Service
+}
+
+// Get the Instance named by key.
+func (g *GCEBetaInstances) Get(ctx context.Context, key *meta.Key) (*beta.Instance, error) {
+	glog.V(5).Infof("GCEBetaInstances.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEBetaInstances.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "beta", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("beta"),
+		Service:   "Instances",
+	}
+	glog.V(5).Infof("GCEBetaInstances.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEBetaInstances.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.Beta.Instances.Get(projectID, key.Zone, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEBetaInstances.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all Instance objects.
+func (g *GCEBetaInstances) List(ctx context.Context, zone string, fl *filter.F) ([]*beta.Instance, error) {
+	glog.V(5).Infof("GCEBetaInstances.List(%v, %v, %v) called", ctx, zone, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "beta", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("beta"),
+		Service:   "Instances",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEBetaInstances.List(%v, %v, %v): projectID = %v, rk = %+v", ctx, zone, fl, projectID, rk)
+	call := g.s.Beta.Instances.List(projectID, zone)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*beta.Instance
+	f := func(l *beta.InstanceList) error {
+		glog.V(5).Infof("GCEBetaInstances.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEBetaInstances.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEBetaInstances.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEBetaInstances.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert Instance with key of value obj.
+func (g *GCEBetaInstances) Insert(ctx context.Context, key *meta.Key, obj *beta.Instance) error {
+	glog.V(5).Infof("GCEBetaInstances.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEBetaInstances.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "beta", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("beta"),
+		Service:   "Instances",
+	}
+	glog.V(5).Infof("GCEBetaInstances.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEBetaInstances.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.Beta.Instances.Insert(projectID, key.Zone, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEBetaInstances.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEBetaInstances.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the Instance referenced by key.
+func (g *GCEBetaInstances) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEBetaInstances.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEBetaInstances.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "beta", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("beta"),
+		Service:   "Instances",
+	}
+	glog.V(5).Infof("GCEBetaInstances.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEBetaInstances.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Beta.Instances.Delete(projectID, key.Zone, key.Name)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEBetaInstances.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEBetaInstances.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// AttachDisk is a method on GCEBetaInstances.
+func (g *GCEBetaInstances) AttachDisk(ctx context.Context, key *meta.Key, arg0 *beta.AttachedDisk) error {
+	glog.V(5).Infof("GCEBetaInstances.AttachDisk(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEBetaInstances.AttachDisk(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "beta", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "AttachDisk",
+		Version:   meta.Version("beta"),
+		Service:   "Instances",
+	}
+	glog.V(5).Infof("GCEBetaInstances.AttachDisk(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEBetaInstances.AttachDisk(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Beta.Instances.AttachDisk(projectID, key.Zone, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEBetaInstances.AttachDisk(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEBetaInstances.AttachDisk(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// DetachDisk is a method on GCEBetaInstances.
+func (g *GCEBetaInstances) DetachDisk(ctx context.Context, key *meta.Key, arg0 string) error {
+	glog.V(5).Infof("GCEBetaInstances.DetachDisk(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEBetaInstances.DetachDisk(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "beta", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "DetachDisk",
+		Version:   meta.Version("beta"),
+		Service:   "Instances",
+	}
+	glog.V(5).Infof("GCEBetaInstances.DetachDisk(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEBetaInstances.DetachDisk(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Beta.Instances.DetachDisk(projectID, key.Zone, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEBetaInstances.DetachDisk(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEBetaInstances.DetachDisk(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// UpdateNetworkInterface is a method on GCEBetaInstances.
+func (g *GCEBetaInstances) UpdateNetworkInterface(ctx context.Context, key *meta.Key, arg0 string, arg1 *beta.NetworkInterface) error {
+	glog.V(5).Infof("GCEBetaInstances.UpdateNetworkInterface(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEBetaInstances.UpdateNetworkInterface(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "beta", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "UpdateNetworkInterface",
+		Version:   meta.Version("beta"),
+		Service:   "Instances",
+	}
+	glog.V(5).Infof("GCEBetaInstances.UpdateNetworkInterface(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEBetaInstances.UpdateNetworkInterface(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Beta.Instances.UpdateNetworkInterface(projectID, key.Zone, key.Name, arg0, arg1)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEBetaInstances.UpdateNetworkInterface(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEBetaInstances.UpdateNetworkInterface(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// AlphaInstances is an interface that allows for mocking of Instances.
+type AlphaInstances interface {
+	Get(ctx context.Context, key *meta.Key) (*alpha.Instance, error)
+	List(ctx context.Context, zone string, fl *filter.F) ([]*alpha.Instance, error)
+	Insert(ctx context.Context, key *meta.Key, obj *alpha.Instance) error
+	Delete(ctx context.Context, key *meta.Key) error
+	AttachDisk(context.Context, *meta.Key, *alpha.AttachedDisk) error
+	DetachDisk(context.Context, *meta.Key, string) error
+	UpdateNetworkInterface(context.Context, *meta.Key, string, *alpha.NetworkInterface) error
+}
+
+// NewMockAlphaInstances returns a new mock for Instances.
+func NewMockAlphaInstances(pr ProjectRouter, objs map[meta.Key]*MockInstancesObj) *MockAlphaInstances {
+	mock := &MockAlphaInstances{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockAlphaInstances is the mock for Instances.
+type MockAlphaInstances struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockInstancesObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook                    func(ctx context.Context, key *meta.Key, m *MockAlphaInstances) (bool, *alpha.Instance, error)
+	ListHook                   func(ctx context.Context, zone string, fl *filter.F, m *MockAlphaInstances) (bool, []*alpha.Instance, error)
+	InsertHook                 func(ctx context.Context, key *meta.Key, obj *alpha.Instance, m *MockAlphaInstances) (bool, error)
+	DeleteHook                 func(ctx context.Context, key *meta.Key, m *MockAlphaInstances) (bool, error)
+	AttachDiskHook             func(context.Context, *meta.Key, *alpha.AttachedDisk, *MockAlphaInstances) error
+	DetachDiskHook             func(context.Context, *meta.Key, string, *MockAlphaInstances) error
+	UpdateNetworkInterfaceHook func(context.Context, *meta.Key, string, *alpha.NetworkInterface, *MockAlphaInstances) error
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockAlphaInstances) Get(ctx context.Context, key *meta.Key) (*alpha.Instance, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAlphaInstances.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockAlphaInstances.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToAlpha()
+		glog.V(5).Infof("MockAlphaInstances.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockAlphaInstances %v not found", key),
+	}
+	glog.V(5).Infof("MockAlphaInstances.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock in the given zone.
+func (m *MockAlphaInstances) List(ctx context.Context, zone string, fl *filter.F) ([]*alpha.Instance, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, zone, fl, m); intercept {
+			glog.V(5).Infof("MockAlphaInstances.List(%v, %q, %v) = [%v items], %v", ctx, zone, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockAlphaInstances.List(%v, %q, %v) = nil, %v", ctx, zone, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*alpha.Instance
+	for key, obj := range m.Objects {
+		if key.Zone != zone {
+			continue
+		}
+		if !fl.Match(obj.ToAlpha()) {
+			continue
+		}
+		objs = append(objs, obj.ToAlpha())
+	}
+
+	glog.V(5).Infof("MockAlphaInstances.List(%v, %q, %v) = [%v items], nil", ctx, zone, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockAlphaInstances) Insert(ctx context.Context, key *meta.Key, obj *alpha.Instance) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockAlphaInstances.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockAlphaInstances.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockAlphaInstances %v exists", key),
+		}
+		glog.V(5).Infof("MockAlphaInstances.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "alpha", "instances")
+	obj.SelfLink = SelfLink(meta.VersionAlpha, projectID, "instances", key)
+
+	m.Objects[*key] = &MockInstancesObj{obj}
+	glog.V(5).Infof("MockAlphaInstances.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockAlphaInstances) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAlphaInstances.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockAlphaInstances.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockAlphaInstances %v not found", key),
+		}
+		glog.V(5).Infof("MockAlphaInstances.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockAlphaInstances.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockAlphaInstances) Obj(o *alpha.Instance) *MockInstancesObj {
+	return &MockInstancesObj{o}
+}
+
+// AttachDisk is a mock for the corresponding method.
+func (m *MockAlphaInstances) AttachDisk(ctx context.Context, key *meta.Key, arg0 *alpha.AttachedDisk) error {
+	if m.AttachDiskHook != nil {
+		return m.AttachDiskHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// DetachDisk is a mock for the corresponding method.
+func (m *MockAlphaInstances) DetachDisk(ctx context.Context, key *meta.Key, arg0 string) error {
+	if m.DetachDiskHook != nil {
+		return m.DetachDiskHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// UpdateNetworkInterface is a mock for the corresponding method.
+func (m *MockAlphaInstances) UpdateNetworkInterface(ctx context.Context, key *meta.Key, arg0 string, arg1 *alpha.NetworkInterface) error {
+	if m.UpdateNetworkInterfaceHook != nil {
+		return m.UpdateNetworkInterfaceHook(ctx, key, arg0, arg1, m)
+	}
+	return nil
+}
+
+// GCEAlphaInstances is a simplifying adapter for the GCE Instances.
+type GCEAlphaInstances struct {
+	s *Service
+}
+
+// Get the Instance named by key.
+func (g *GCEAlphaInstances) Get(ctx context.Context, key *meta.Key) (*alpha.Instance, error) {
+	glog.V(5).Infof("GCEAlphaInstances.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaInstances.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("alpha"),
+		Service:   "Instances",
+	}
+	glog.V(5).Infof("GCEAlphaInstances.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaInstances.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.Alpha.Instances.Get(projectID, key.Zone, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEAlphaInstances.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all Instance objects.
+func (g *GCEAlphaInstances) List(ctx context.Context, zone string, fl *filter.F) ([]*alpha.Instance, error) {
+	glog.V(5).Infof("GCEAlphaInstances.List(%v, %v, %v) called", ctx, zone, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("alpha"),
+		Service:   "Instances",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEAlphaInstances.List(%v, %v, %v): projectID = %v, rk = %+v", ctx, zone, fl, projectID, rk)
+	call := g.s.Alpha.Instances.List(projectID, zone)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*alpha.Instance
+	f := func(l *alpha.InstanceList) error {
+		glog.V(5).Infof("GCEAlphaInstances.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEAlphaInstances.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEAlphaInstances.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEAlphaInstances.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert Instance with key of value obj.
+func (g *GCEAlphaInstances) Insert(ctx context.Context, key *meta.Key, obj *alpha.Instance) error {
+	glog.V(5).Infof("GCEAlphaInstances.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaInstances.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("alpha"),
+		Service:   "Instances",
+	}
+	glog.V(5).Infof("GCEAlphaInstances.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaInstances.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.Alpha.Instances.Insert(projectID, key.Zone, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaInstances.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaInstances.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the Instance referenced by key.
+func (g *GCEAlphaInstances) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEAlphaInstances.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaInstances.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("alpha"),
+		Service:   "Instances",
+	}
+	glog.V(5).Infof("GCEAlphaInstances.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaInstances.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Alpha.Instances.Delete(projectID, key.Zone, key.Name)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaInstances.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaInstances.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// AttachDisk is a method on GCEAlphaInstances.
+func (g *GCEAlphaInstances) AttachDisk(ctx context.Context, key *meta.Key, arg0 *alpha.AttachedDisk) error {
+	glog.V(5).Infof("GCEAlphaInstances.AttachDisk(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaInstances.AttachDisk(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "AttachDisk",
+		Version:   meta.Version("alpha"),
+		Service:   "Instances",
+	}
+	glog.V(5).Infof("GCEAlphaInstances.AttachDisk(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaInstances.AttachDisk(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Alpha.Instances.AttachDisk(projectID, key.Zone, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaInstances.AttachDisk(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaInstances.AttachDisk(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// DetachDisk is a method on GCEAlphaInstances.
+func (g *GCEAlphaInstances) DetachDisk(ctx context.Context, key *meta.Key, arg0 string) error {
+	glog.V(5).Infof("GCEAlphaInstances.DetachDisk(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaInstances.DetachDisk(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "DetachDisk",
+		Version:   meta.Version("alpha"),
+		Service:   "Instances",
+	}
+	glog.V(5).Infof("GCEAlphaInstances.DetachDisk(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaInstances.DetachDisk(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Alpha.Instances.DetachDisk(projectID, key.Zone, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaInstances.DetachDisk(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaInstances.DetachDisk(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// UpdateNetworkInterface is a method on GCEAlphaInstances.
+func (g *GCEAlphaInstances) UpdateNetworkInterface(ctx context.Context, key *meta.Key, arg0 string, arg1 *alpha.NetworkInterface) error {
+	glog.V(5).Infof("GCEAlphaInstances.UpdateNetworkInterface(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaInstances.UpdateNetworkInterface(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "Instances")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "UpdateNetworkInterface",
+		Version:   meta.Version("alpha"),
+		Service:   "Instances",
+	}
+	glog.V(5).Infof("GCEAlphaInstances.UpdateNetworkInterface(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaInstances.UpdateNetworkInterface(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Alpha.Instances.UpdateNetworkInterface(projectID, key.Zone, key.Name, arg0, arg1)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaInstances.UpdateNetworkInterface(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaInstances.UpdateNetworkInterface(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// AlphaNetworkEndpointGroups is an interface that allows for mocking of NetworkEndpointGroups.
+type AlphaNetworkEndpointGroups interface {
+	Get(ctx context.Context, key *meta.Key) (*alpha.NetworkEndpointGroup, error)
+	List(ctx context.Context, zone string, fl *filter.F) ([]*alpha.NetworkEndpointGroup, error)
+	Insert(ctx context.Context, key *meta.Key, obj *alpha.NetworkEndpointGroup) error
+	Delete(ctx context.Context, key *meta.Key) error
+	AggregatedList(ctx context.Context, fl *filter.F) (map[string][]*alpha.NetworkEndpointGroup, error)
+	AttachNetworkEndpoints(context.Context, *meta.Key, *alpha.NetworkEndpointGroupsAttachEndpointsRequest) error
+	DetachNetworkEndpoints(context.Context, *meta.Key, *alpha.NetworkEndpointGroupsDetachEndpointsRequest) error
+	ListNetworkEndpoints(context.Context, *meta.Key, *alpha.NetworkEndpointGroupsListEndpointsRequest, *filter.F) ([]*alpha.NetworkEndpointWithHealthStatus, error)
+}
+
+// NewMockAlphaNetworkEndpointGroups returns a new mock for NetworkEndpointGroups.
+func NewMockAlphaNetworkEndpointGroups(pr ProjectRouter, objs map[meta.Key]*MockNetworkEndpointGroupsObj) *MockAlphaNetworkEndpointGroups {
+	mock := &MockAlphaNetworkEndpointGroups{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockAlphaNetworkEndpointGroups is the mock for NetworkEndpointGroups.
+type MockAlphaNetworkEndpointGroups struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockNetworkEndpointGroupsObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError            map[meta.Key]error
+	ListError           *error
+	InsertError         map[meta.Key]error
+	DeleteError         map[meta.Key]error
+	AggregatedListError *error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook                    func(ctx context.Context, key *meta.Key, m *MockAlphaNetworkEndpointGroups) (bool, *alpha.NetworkEndpointGroup, error)
+	ListHook                   func(ctx context.Context, zone string, fl *filter.F, m *MockAlphaNetworkEndpointGroups) (bool, []*alpha.NetworkEndpointGroup, error)
+	InsertHook                 func(ctx context.Context, key *meta.Key, obj *alpha.NetworkEndpointGroup, m *MockAlphaNetworkEndpointGroups) (bool, error)
+	DeleteHook                 func(ctx context.Context, key *meta.Key, m *MockAlphaNetworkEndpointGroups) (bool, error)
+	AggregatedListHook         func(ctx context.Context, fl *filter.F, m *MockAlphaNetworkEndpointGroups) (bool, map[string][]*alpha.NetworkEndpointGroup, error)
+	AttachNetworkEndpointsHook func(context.Context, *meta.Key, *alpha.NetworkEndpointGroupsAttachEndpointsRequest, *MockAlphaNetworkEndpointGroups) error
+	DetachNetworkEndpointsHook func(context.Context, *meta.Key, *alpha.NetworkEndpointGroupsDetachEndpointsRequest, *MockAlphaNetworkEndpointGroups) error
+	ListNetworkEndpointsHook   func(context.Context, *meta.Key, *alpha.NetworkEndpointGroupsListEndpointsRequest, *filter.F, *MockAlphaNetworkEndpointGroups) ([]*alpha.NetworkEndpointWithHealthStatus, error)
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockAlphaNetworkEndpointGroups) Get(ctx context.Context, key *meta.Key) (*alpha.NetworkEndpointGroup, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAlphaNetworkEndpointGroups.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockAlphaNetworkEndpointGroups.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToAlpha()
+		glog.V(5).Infof("MockAlphaNetworkEndpointGroups.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockAlphaNetworkEndpointGroups %v not found", key),
+	}
+	glog.V(5).Infof("MockAlphaNetworkEndpointGroups.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock in the given zone.
+func (m *MockAlphaNetworkEndpointGroups) List(ctx context.Context, zone string, fl *filter.F) ([]*alpha.NetworkEndpointGroup, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, zone, fl, m); intercept {
+			glog.V(5).Infof("MockAlphaNetworkEndpointGroups.List(%v, %q, %v) = [%v items], %v", ctx, zone, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockAlphaNetworkEndpointGroups.List(%v, %q, %v) = nil, %v", ctx, zone, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*alpha.NetworkEndpointGroup
+	for key, obj := range m.Objects {
+		if key.Zone != zone {
+			continue
+		}
+		if !fl.Match(obj.ToAlpha()) {
+			continue
+		}
+		objs = append(objs, obj.ToAlpha())
+	}
+
+	glog.V(5).Infof("MockAlphaNetworkEndpointGroups.List(%v, %q, %v) = [%v items], nil", ctx, zone, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockAlphaNetworkEndpointGroups) Insert(ctx context.Context, key *meta.Key, obj *alpha.NetworkEndpointGroup) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockAlphaNetworkEndpointGroups.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockAlphaNetworkEndpointGroups.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockAlphaNetworkEndpointGroups %v exists", key),
+		}
+		glog.V(5).Infof("MockAlphaNetworkEndpointGroups.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "alpha", "networkEndpointGroups")
+	obj.SelfLink = SelfLink(meta.VersionAlpha, projectID, "networkEndpointGroups", key)
+
+	m.Objects[*key] = &MockNetworkEndpointGroupsObj{obj}
+	glog.V(5).Infof("MockAlphaNetworkEndpointGroups.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockAlphaNetworkEndpointGroups) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockAlphaNetworkEndpointGroups.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockAlphaNetworkEndpointGroups.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockAlphaNetworkEndpointGroups %v not found", key),
+		}
+		glog.V(5).Infof("MockAlphaNetworkEndpointGroups.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockAlphaNetworkEndpointGroups.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// AggregatedList is a mock for AggregatedList.
+func (m *MockAlphaNetworkEndpointGroups) AggregatedList(ctx context.Context, fl *filter.F) (map[string][]*alpha.NetworkEndpointGroup, error) {
+	if m.AggregatedListHook != nil {
+		if intercept, objs, err := m.AggregatedListHook(ctx, fl, m); intercept {
+			glog.V(5).Infof("MockAlphaNetworkEndpointGroups.AggregatedList(%v, %v) = [%v items], %v", ctx, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.AggregatedListError != nil {
+		err := *m.AggregatedListError
+		glog.V(5).Infof("MockAlphaNetworkEndpointGroups.AggregatedList(%v, %v) = nil, %v", ctx, fl, err)
+		return nil, err
+	}
+
+	objs := map[string][]*alpha.NetworkEndpointGroup{}
+	for _, obj := range m.Objects {
+		res, err := ParseResourceURL(obj.ToAlpha().SelfLink)
+		location := res.Key.Zone
+		if err != nil {
+			glog.V(5).Infof("MockAlphaNetworkEndpointGroups.AggregatedList(%v, %v) = nil, %v", ctx, fl, err)
+			return nil, err
+		}
+		if !fl.Match(obj.ToAlpha()) {
+			continue
+		}
+		objs[location] = append(objs[location], obj.ToAlpha())
+	}
+	glog.V(5).Infof("MockAlphaNetworkEndpointGroups.AggregatedList(%v, %v) = [%v items], nil", ctx, fl, len(objs))
+	return objs, nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockAlphaNetworkEndpointGroups) Obj(o *alpha.NetworkEndpointGroup) *MockNetworkEndpointGroupsObj {
+	return &MockNetworkEndpointGroupsObj{o}
+}
+
+// AttachNetworkEndpoints is a mock for the corresponding method.
+func (m *MockAlphaNetworkEndpointGroups) AttachNetworkEndpoints(ctx context.Context, key *meta.Key, arg0 *alpha.NetworkEndpointGroupsAttachEndpointsRequest) error {
+	if m.AttachNetworkEndpointsHook != nil {
+		return m.AttachNetworkEndpointsHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// DetachNetworkEndpoints is a mock for the corresponding method.
+func (m *MockAlphaNetworkEndpointGroups) DetachNetworkEndpoints(ctx context.Context, key *meta.Key, arg0 *alpha.NetworkEndpointGroupsDetachEndpointsRequest) error {
+	if m.DetachNetworkEndpointsHook != nil {
+		return m.DetachNetworkEndpointsHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// ListNetworkEndpoints is a mock for the corresponding method.
+func (m *MockAlphaNetworkEndpointGroups) ListNetworkEndpoints(ctx context.Context, key *meta.Key, arg0 *alpha.NetworkEndpointGroupsListEndpointsRequest, fl *filter.F) ([]*alpha.NetworkEndpointWithHealthStatus, error) {
+	if m.ListNetworkEndpointsHook != nil {
+		return m.ListNetworkEndpointsHook(ctx, key, arg0, fl, m)
+	}
+	return nil, nil
+}
+
+// GCEAlphaNetworkEndpointGroups is a simplifying adapter for the GCE NetworkEndpointGroups.
+type GCEAlphaNetworkEndpointGroups struct {
+	s *Service
+}
+
+// Get the NetworkEndpointGroup named by key.
+func (g *GCEAlphaNetworkEndpointGroups) Get(ctx context.Context, key *meta.Key) (*alpha.NetworkEndpointGroup, error) {
+	glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaNetworkEndpointGroups.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "NetworkEndpointGroups")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("alpha"),
+		Service:   "NetworkEndpointGroups",
+	}
+	glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.Alpha.NetworkEndpointGroups.Get(projectID, key.Zone, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all NetworkEndpointGroup objects.
+func (g *GCEAlphaNetworkEndpointGroups) List(ctx context.Context, zone string, fl *filter.F) ([]*alpha.NetworkEndpointGroup, error) {
+	glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.List(%v, %v, %v) called", ctx, zone, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "NetworkEndpointGroups")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("alpha"),
+		Service:   "NetworkEndpointGroups",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.List(%v, %v, %v): projectID = %v, rk = %+v", ctx, zone, fl, projectID, rk)
+	call := g.s.Alpha.NetworkEndpointGroups.List(projectID, zone)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*alpha.NetworkEndpointGroup
+	f := func(l *alpha.NetworkEndpointGroupList) error {
+		glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert NetworkEndpointGroup with key of value obj.
+func (g *GCEAlphaNetworkEndpointGroups) Insert(ctx context.Context, key *meta.Key, obj *alpha.NetworkEndpointGroup) error {
+	glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaNetworkEndpointGroups.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "NetworkEndpointGroups")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("alpha"),
+		Service:   "NetworkEndpointGroups",
+	}
+	glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.Alpha.NetworkEndpointGroups.Insert(projectID, key.Zone, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the NetworkEndpointGroup referenced by key.
+func (g *GCEAlphaNetworkEndpointGroups) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaNetworkEndpointGroups.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "NetworkEndpointGroups")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("alpha"),
+		Service:   "NetworkEndpointGroups",
+	}
+	glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Alpha.NetworkEndpointGroups.Delete(projectID, key.Zone, key.Name)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// AggregatedList lists all resources of the given type across all locations.
+func (g *GCEAlphaNetworkEndpointGroups) AggregatedList(ctx context.Context, fl *filter.F) (map[string][]*alpha.NetworkEndpointGroup, error) {
+	glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.AggregatedList(%v, %v) called", ctx, fl)
+
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "NetworkEndpointGroups")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "AggregatedList",
+		Version:   meta.Version("alpha"),
+		Service:   "NetworkEndpointGroups",
+	}
+
+	glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.AggregatedList(%v, %v): projectID = %v, rk = %+v", ctx, fl, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.AggregatedList(%v, %v): RateLimiter error: %v", ctx, fl, err)
+		return nil, err
+	}
+
+	call := g.s.Alpha.NetworkEndpointGroups.AggregatedList(projectID)
+	call.Context(ctx)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+
+	all := map[string][]*alpha.NetworkEndpointGroup{}
+	f := func(l *alpha.NetworkEndpointGroupAggregatedList) error {
+		for k, v := range l.Items {
+			glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.AggregatedList(%v, %v): page[%v]%+v", ctx, fl, k, v)
+			all[k] = append(all[k], v.NetworkEndpointGroups...)
+		}
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.AggregatedList(%v, %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+	if glog.V(4) {
+		glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.AggregatedList(%v, %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.AggregatedList(%v, %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+	return all, nil
+}
+
+// AttachNetworkEndpoints is a method on GCEAlphaNetworkEndpointGroups.
+func (g *GCEAlphaNetworkEndpointGroups) AttachNetworkEndpoints(ctx context.Context, key *meta.Key, arg0 *alpha.NetworkEndpointGroupsAttachEndpointsRequest) error {
+	glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.AttachNetworkEndpoints(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaNetworkEndpointGroups.AttachNetworkEndpoints(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "NetworkEndpointGroups")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "AttachNetworkEndpoints",
+		Version:   meta.Version("alpha"),
+		Service:   "NetworkEndpointGroups",
+	}
+	glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.AttachNetworkEndpoints(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.AttachNetworkEndpoints(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Alpha.NetworkEndpointGroups.AttachNetworkEndpoints(projectID, key.Zone, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.AttachNetworkEndpoints(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.AttachNetworkEndpoints(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// DetachNetworkEndpoints is a method on GCEAlphaNetworkEndpointGroups.
+func (g *GCEAlphaNetworkEndpointGroups) DetachNetworkEndpoints(ctx context.Context, key *meta.Key, arg0 *alpha.NetworkEndpointGroupsDetachEndpointsRequest) error {
+	glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.DetachNetworkEndpoints(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaNetworkEndpointGroups.DetachNetworkEndpoints(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "NetworkEndpointGroups")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "DetachNetworkEndpoints",
+		Version:   meta.Version("alpha"),
+		Service:   "NetworkEndpointGroups",
+	}
+	glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.DetachNetworkEndpoints(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.DetachNetworkEndpoints(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.Alpha.NetworkEndpointGroups.DetachNetworkEndpoints(projectID, key.Zone, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.DetachNetworkEndpoints(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.DetachNetworkEndpoints(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// ListNetworkEndpoints is a method on GCEAlphaNetworkEndpointGroups.
+func (g *GCEAlphaNetworkEndpointGroups) ListNetworkEndpoints(ctx context.Context, key *meta.Key, arg0 *alpha.NetworkEndpointGroupsListEndpointsRequest, fl *filter.F) ([]*alpha.NetworkEndpointWithHealthStatus, error) {
+	glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.ListNetworkEndpoints(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEAlphaNetworkEndpointGroups.ListNetworkEndpoints(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "alpha", "NetworkEndpointGroups")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "ListNetworkEndpoints",
+		Version:   meta.Version("alpha"),
+		Service:   "NetworkEndpointGroups",
+	}
+	glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.ListNetworkEndpoints(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.ListNetworkEndpoints(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.Alpha.NetworkEndpointGroups.ListNetworkEndpoints(projectID, key.Zone, key.Name, arg0)
+	var all []*alpha.NetworkEndpointWithHealthStatus
+	f := func(l *alpha.NetworkEndpointGroupsListNetworkEndpoints) error {
+		glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.ListNetworkEndpoints(%v, %v, ...): page %+v", ctx, key, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.ListNetworkEndpoints(%v, %v, ...) = %v, %v", ctx, key, nil, err)
+		return nil, err
+	}
+	if glog.V(4) {
+		glog.V(4).Infof("GCEAlphaNetworkEndpointGroups.ListNetworkEndpoints(%v, %v, ...) = [%v items], %v", ctx, key, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEAlphaNetworkEndpointGroups.ListNetworkEndpoints(%v, %v, ...) = %v, %v", ctx, key, asStr, nil)
+	}
+	return all, nil
+}
+
+// Projects is an interface that allows for mocking of Projects.
+type Projects interface {
+	// ProjectsOps is an interface with additional non-CRUD type methods.
+	// This interface is expected to be implemented by hand (non-autogenerated).
+	ProjectsOps
+}
+
+// NewMockProjects returns a new mock for Projects.
+func NewMockProjects(pr ProjectRouter, objs map[meta.Key]*MockProjectsObj) *MockProjects {
+	mock := &MockProjects{
+		ProjectRouter: pr,
+
+		Objects: objs,
+	}
+	return mock
+}
+
+// MockProjects is the mock for Projects.
+type MockProjects struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockProjectsObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockProjects) Obj(o *ga.Project) *MockProjectsObj {
+	return &MockProjectsObj{o}
+}
+
+// GCEProjects is a simplifying adapter for the GCE Projects.
+type GCEProjects struct {
+	s *Service
+}
+
+// Regions is an interface that allows for mocking of Regions.
+type Regions interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.Region, error)
+	List(ctx context.Context, fl *filter.F) ([]*ga.Region, error)
+}
+
+// NewMockRegions returns a new mock for Regions.
+func NewMockRegions(pr ProjectRouter, objs map[meta.Key]*MockRegionsObj) *MockRegions {
+	mock := &MockRegions{
+		ProjectRouter: pr,
+
+		Objects:  objs,
+		GetError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockRegions is the mock for Regions.
+type MockRegions struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockRegionsObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError  map[meta.Key]error
+	ListError *error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook  func(ctx context.Context, key *meta.Key, m *MockRegions) (bool, *ga.Region, error)
+	ListHook func(ctx context.Context, fl *filter.F, m *MockRegions) (bool, []*ga.Region, error)
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockRegions) Get(ctx context.Context, key *meta.Key) (*ga.Region, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockRegions.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockRegions.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockRegions.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockRegions %v not found", key),
+	}
+	glog.V(5).Infof("MockRegions.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock.
+func (m *MockRegions) List(ctx context.Context, fl *filter.F) ([]*ga.Region, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, fl, m); intercept {
+			glog.V(5).Infof("MockRegions.List(%v, %v) = [%v items], %v", ctx, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockRegions.List(%v, %v) = nil, %v", ctx, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.Region
+	for _, obj := range m.Objects {
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockRegions.List(%v, %v) = [%v items], nil", ctx, fl, len(objs))
+	return objs, nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockRegions) Obj(o *ga.Region) *MockRegionsObj {
+	return &MockRegionsObj{o}
+}
+
+// GCERegions is a simplifying adapter for the GCE Regions.
+type GCERegions struct {
+	s *Service
+}
+
+// Get the Region named by key.
+func (g *GCERegions) Get(ctx context.Context, key *meta.Key) (*ga.Region, error) {
+	glog.V(5).Infof("GCERegions.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCERegions.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Regions")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "Regions",
+	}
+	glog.V(5).Infof("GCERegions.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCERegions.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.Regions.Get(projectID, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCERegions.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all Region objects.
+func (g *GCERegions) List(ctx context.Context, fl *filter.F) ([]*ga.Region, error) {
+	glog.V(5).Infof("GCERegions.List(%v, %v) called", ctx, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Regions")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "Regions",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCERegions.List(%v, %v): projectID = %v, rk = %+v", ctx, fl, projectID, rk)
+	call := g.s.GA.Regions.List(projectID)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.Region
+	f := func(l *ga.RegionList) error {
+		glog.V(5).Infof("GCERegions.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCERegions.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCERegions.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCERegions.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Routes is an interface that allows for mocking of Routes.
+type Routes interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.Route, error)
+	List(ctx context.Context, fl *filter.F) ([]*ga.Route, error)
+	Insert(ctx context.Context, key *meta.Key, obj *ga.Route) error
+	Delete(ctx context.Context, key *meta.Key) error
+}
+
+// NewMockRoutes returns a new mock for Routes.
+func NewMockRoutes(pr ProjectRouter, objs map[meta.Key]*MockRoutesObj) *MockRoutes {
+	mock := &MockRoutes{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockRoutes is the mock for Routes.
+type MockRoutes struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockRoutesObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook    func(ctx context.Context, key *meta.Key, m *MockRoutes) (bool, *ga.Route, error)
+	ListHook   func(ctx context.Context, fl *filter.F, m *MockRoutes) (bool, []*ga.Route, error)
+	InsertHook func(ctx context.Context, key *meta.Key, obj *ga.Route, m *MockRoutes) (bool, error)
+	DeleteHook func(ctx context.Context, key *meta.Key, m *MockRoutes) (bool, error)
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockRoutes) Get(ctx context.Context, key *meta.Key) (*ga.Route, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockRoutes.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockRoutes.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockRoutes.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockRoutes %v not found", key),
+	}
+	glog.V(5).Infof("MockRoutes.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock.
+func (m *MockRoutes) List(ctx context.Context, fl *filter.F) ([]*ga.Route, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, fl, m); intercept {
+			glog.V(5).Infof("MockRoutes.List(%v, %v) = [%v items], %v", ctx, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockRoutes.List(%v, %v) = nil, %v", ctx, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.Route
+	for _, obj := range m.Objects {
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockRoutes.List(%v, %v) = [%v items], nil", ctx, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockRoutes) Insert(ctx context.Context, key *meta.Key, obj *ga.Route) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockRoutes.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockRoutes.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockRoutes %v exists", key),
+		}
+		glog.V(5).Infof("MockRoutes.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "ga", "routes")
+	obj.SelfLink = SelfLink(meta.VersionGA, projectID, "routes", key)
+
+	m.Objects[*key] = &MockRoutesObj{obj}
+	glog.V(5).Infof("MockRoutes.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockRoutes) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockRoutes.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockRoutes.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockRoutes %v not found", key),
+		}
+		glog.V(5).Infof("MockRoutes.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockRoutes.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockRoutes) Obj(o *ga.Route) *MockRoutesObj {
+	return &MockRoutesObj{o}
+}
+
+// GCERoutes is a simplifying adapter for the GCE Routes.
+type GCERoutes struct {
+	s *Service
+}
+
+// Get the Route named by key.
+func (g *GCERoutes) Get(ctx context.Context, key *meta.Key) (*ga.Route, error) {
+	glog.V(5).Infof("GCERoutes.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCERoutes.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Routes")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "Routes",
+	}
+	glog.V(5).Infof("GCERoutes.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCERoutes.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.Routes.Get(projectID, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCERoutes.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all Route objects.
+func (g *GCERoutes) List(ctx context.Context, fl *filter.F) ([]*ga.Route, error) {
+	glog.V(5).Infof("GCERoutes.List(%v, %v) called", ctx, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Routes")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "Routes",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCERoutes.List(%v, %v): projectID = %v, rk = %+v", ctx, fl, projectID, rk)
+	call := g.s.GA.Routes.List(projectID)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.Route
+	f := func(l *ga.RouteList) error {
+		glog.V(5).Infof("GCERoutes.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCERoutes.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCERoutes.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCERoutes.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert Route with key of value obj.
+func (g *GCERoutes) Insert(ctx context.Context, key *meta.Key, obj *ga.Route) error {
+	glog.V(5).Infof("GCERoutes.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCERoutes.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Routes")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("ga"),
+		Service:   "Routes",
+	}
+	glog.V(5).Infof("GCERoutes.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCERoutes.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.GA.Routes.Insert(projectID, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCERoutes.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCERoutes.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the Route referenced by key.
+func (g *GCERoutes) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCERoutes.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCERoutes.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Routes")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("ga"),
+		Service:   "Routes",
+	}
+	glog.V(5).Infof("GCERoutes.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCERoutes.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.Routes.Delete(projectID, key.Name)
+
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCERoutes.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCERoutes.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// SslCertificates is an interface that allows for mocking of SslCertificates.
+type SslCertificates interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.SslCertificate, error)
+	List(ctx context.Context, fl *filter.F) ([]*ga.SslCertificate, error)
+	Insert(ctx context.Context, key *meta.Key, obj *ga.SslCertificate) error
+	Delete(ctx context.Context, key *meta.Key) error
+}
+
+// NewMockSslCertificates returns a new mock for SslCertificates.
+func NewMockSslCertificates(pr ProjectRouter, objs map[meta.Key]*MockSslCertificatesObj) *MockSslCertificates {
+	mock := &MockSslCertificates{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockSslCertificates is the mock for SslCertificates.
+type MockSslCertificates struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockSslCertificatesObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook    func(ctx context.Context, key *meta.Key, m *MockSslCertificates) (bool, *ga.SslCertificate, error)
+	ListHook   func(ctx context.Context, fl *filter.F, m *MockSslCertificates) (bool, []*ga.SslCertificate, error)
+	InsertHook func(ctx context.Context, key *meta.Key, obj *ga.SslCertificate, m *MockSslCertificates) (bool, error)
+	DeleteHook func(ctx context.Context, key *meta.Key, m *MockSslCertificates) (bool, error)
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockSslCertificates) Get(ctx context.Context, key *meta.Key) (*ga.SslCertificate, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockSslCertificates.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockSslCertificates.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockSslCertificates.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockSslCertificates %v not found", key),
+	}
+	glog.V(5).Infof("MockSslCertificates.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock.
+func (m *MockSslCertificates) List(ctx context.Context, fl *filter.F) ([]*ga.SslCertificate, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, fl, m); intercept {
+			glog.V(5).Infof("MockSslCertificates.List(%v, %v) = [%v items], %v", ctx, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockSslCertificates.List(%v, %v) = nil, %v", ctx, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.SslCertificate
+	for _, obj := range m.Objects {
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockSslCertificates.List(%v, %v) = [%v items], nil", ctx, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockSslCertificates) Insert(ctx context.Context, key *meta.Key, obj *ga.SslCertificate) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockSslCertificates.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockSslCertificates.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockSslCertificates %v exists", key),
+		}
+		glog.V(5).Infof("MockSslCertificates.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "ga", "sslCertificates")
+	obj.SelfLink = SelfLink(meta.VersionGA, projectID, "sslCertificates", key)
+
+	m.Objects[*key] = &MockSslCertificatesObj{obj}
+	glog.V(5).Infof("MockSslCertificates.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockSslCertificates) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockSslCertificates.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockSslCertificates.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockSslCertificates %v not found", key),
+		}
+		glog.V(5).Infof("MockSslCertificates.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockSslCertificates.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockSslCertificates) Obj(o *ga.SslCertificate) *MockSslCertificatesObj {
+	return &MockSslCertificatesObj{o}
+}
+
+// GCESslCertificates is a simplifying adapter for the GCE SslCertificates.
+type GCESslCertificates struct {
+	s *Service
+}
+
+// Get the SslCertificate named by key.
+func (g *GCESslCertificates) Get(ctx context.Context, key *meta.Key) (*ga.SslCertificate, error) {
+	glog.V(5).Infof("GCESslCertificates.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCESslCertificates.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "SslCertificates")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "SslCertificates",
+	}
+	glog.V(5).Infof("GCESslCertificates.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCESslCertificates.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.SslCertificates.Get(projectID, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCESslCertificates.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all SslCertificate objects.
+func (g *GCESslCertificates) List(ctx context.Context, fl *filter.F) ([]*ga.SslCertificate, error) {
+	glog.V(5).Infof("GCESslCertificates.List(%v, %v) called", ctx, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "SslCertificates")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "SslCertificates",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCESslCertificates.List(%v, %v): projectID = %v, rk = %+v", ctx, fl, projectID, rk)
+	call := g.s.GA.SslCertificates.List(projectID)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.SslCertificate
+	f := func(l *ga.SslCertificateList) error {
+		glog.V(5).Infof("GCESslCertificates.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCESslCertificates.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCESslCertificates.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCESslCertificates.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert SslCertificate with key of value obj.
+func (g *GCESslCertificates) Insert(ctx context.Context, key *meta.Key, obj *ga.SslCertificate) error {
+	glog.V(5).Infof("GCESslCertificates.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCESslCertificates.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "SslCertificates")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("ga"),
+		Service:   "SslCertificates",
+	}
+	glog.V(5).Infof("GCESslCertificates.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCESslCertificates.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.GA.SslCertificates.Insert(projectID, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCESslCertificates.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCESslCertificates.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the SslCertificate referenced by key.
+func (g *GCESslCertificates) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCESslCertificates.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCESslCertificates.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "SslCertificates")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("ga"),
+		Service:   "SslCertificates",
+	}
+	glog.V(5).Infof("GCESslCertificates.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCESslCertificates.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.SslCertificates.Delete(projectID, key.Name)
+
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCESslCertificates.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCESslCertificates.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// TargetHttpProxies is an interface that allows for mocking of TargetHttpProxies.
+type TargetHttpProxies interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.TargetHttpProxy, error)
+	List(ctx context.Context, fl *filter.F) ([]*ga.TargetHttpProxy, error)
+	Insert(ctx context.Context, key *meta.Key, obj *ga.TargetHttpProxy) error
+	Delete(ctx context.Context, key *meta.Key) error
+	SetUrlMap(context.Context, *meta.Key, *ga.UrlMapReference) error
+}
+
+// NewMockTargetHttpProxies returns a new mock for TargetHttpProxies.
+func NewMockTargetHttpProxies(pr ProjectRouter, objs map[meta.Key]*MockTargetHttpProxiesObj) *MockTargetHttpProxies {
+	mock := &MockTargetHttpProxies{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockTargetHttpProxies is the mock for TargetHttpProxies.
+type MockTargetHttpProxies struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockTargetHttpProxiesObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook       func(ctx context.Context, key *meta.Key, m *MockTargetHttpProxies) (bool, *ga.TargetHttpProxy, error)
+	ListHook      func(ctx context.Context, fl *filter.F, m *MockTargetHttpProxies) (bool, []*ga.TargetHttpProxy, error)
+	InsertHook    func(ctx context.Context, key *meta.Key, obj *ga.TargetHttpProxy, m *MockTargetHttpProxies) (bool, error)
+	DeleteHook    func(ctx context.Context, key *meta.Key, m *MockTargetHttpProxies) (bool, error)
+	SetUrlMapHook func(context.Context, *meta.Key, *ga.UrlMapReference, *MockTargetHttpProxies) error
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockTargetHttpProxies) Get(ctx context.Context, key *meta.Key) (*ga.TargetHttpProxy, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockTargetHttpProxies.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockTargetHttpProxies.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockTargetHttpProxies.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockTargetHttpProxies %v not found", key),
+	}
+	glog.V(5).Infof("MockTargetHttpProxies.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock.
+func (m *MockTargetHttpProxies) List(ctx context.Context, fl *filter.F) ([]*ga.TargetHttpProxy, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, fl, m); intercept {
+			glog.V(5).Infof("MockTargetHttpProxies.List(%v, %v) = [%v items], %v", ctx, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockTargetHttpProxies.List(%v, %v) = nil, %v", ctx, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.TargetHttpProxy
+	for _, obj := range m.Objects {
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockTargetHttpProxies.List(%v, %v) = [%v items], nil", ctx, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockTargetHttpProxies) Insert(ctx context.Context, key *meta.Key, obj *ga.TargetHttpProxy) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockTargetHttpProxies.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockTargetHttpProxies.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockTargetHttpProxies %v exists", key),
+		}
+		glog.V(5).Infof("MockTargetHttpProxies.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "ga", "targetHttpProxies")
+	obj.SelfLink = SelfLink(meta.VersionGA, projectID, "targetHttpProxies", key)
+
+	m.Objects[*key] = &MockTargetHttpProxiesObj{obj}
+	glog.V(5).Infof("MockTargetHttpProxies.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockTargetHttpProxies) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockTargetHttpProxies.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockTargetHttpProxies.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockTargetHttpProxies %v not found", key),
+		}
+		glog.V(5).Infof("MockTargetHttpProxies.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockTargetHttpProxies.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockTargetHttpProxies) Obj(o *ga.TargetHttpProxy) *MockTargetHttpProxiesObj {
+	return &MockTargetHttpProxiesObj{o}
+}
+
+// SetUrlMap is a mock for the corresponding method.
+func (m *MockTargetHttpProxies) SetUrlMap(ctx context.Context, key *meta.Key, arg0 *ga.UrlMapReference) error {
+	if m.SetUrlMapHook != nil {
+		return m.SetUrlMapHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// GCETargetHttpProxies is a simplifying adapter for the GCE TargetHttpProxies.
+type GCETargetHttpProxies struct {
+	s *Service
+}
+
+// Get the TargetHttpProxy named by key.
+func (g *GCETargetHttpProxies) Get(ctx context.Context, key *meta.Key) (*ga.TargetHttpProxy, error) {
+	glog.V(5).Infof("GCETargetHttpProxies.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCETargetHttpProxies.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "TargetHttpProxies")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "TargetHttpProxies",
+	}
+	glog.V(5).Infof("GCETargetHttpProxies.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCETargetHttpProxies.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.TargetHttpProxies.Get(projectID, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCETargetHttpProxies.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all TargetHttpProxy objects.
+func (g *GCETargetHttpProxies) List(ctx context.Context, fl *filter.F) ([]*ga.TargetHttpProxy, error) {
+	glog.V(5).Infof("GCETargetHttpProxies.List(%v, %v) called", ctx, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "TargetHttpProxies")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "TargetHttpProxies",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCETargetHttpProxies.List(%v, %v): projectID = %v, rk = %+v", ctx, fl, projectID, rk)
+	call := g.s.GA.TargetHttpProxies.List(projectID)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.TargetHttpProxy
+	f := func(l *ga.TargetHttpProxyList) error {
+		glog.V(5).Infof("GCETargetHttpProxies.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCETargetHttpProxies.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCETargetHttpProxies.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCETargetHttpProxies.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert TargetHttpProxy with key of value obj.
+func (g *GCETargetHttpProxies) Insert(ctx context.Context, key *meta.Key, obj *ga.TargetHttpProxy) error {
+	glog.V(5).Infof("GCETargetHttpProxies.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCETargetHttpProxies.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "TargetHttpProxies")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("ga"),
+		Service:   "TargetHttpProxies",
+	}
+	glog.V(5).Infof("GCETargetHttpProxies.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCETargetHttpProxies.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.GA.TargetHttpProxies.Insert(projectID, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCETargetHttpProxies.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCETargetHttpProxies.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the TargetHttpProxy referenced by key.
+func (g *GCETargetHttpProxies) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCETargetHttpProxies.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCETargetHttpProxies.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "TargetHttpProxies")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("ga"),
+		Service:   "TargetHttpProxies",
+	}
+	glog.V(5).Infof("GCETargetHttpProxies.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCETargetHttpProxies.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.TargetHttpProxies.Delete(projectID, key.Name)
+
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCETargetHttpProxies.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCETargetHttpProxies.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// SetUrlMap is a method on GCETargetHttpProxies.
+func (g *GCETargetHttpProxies) SetUrlMap(ctx context.Context, key *meta.Key, arg0 *ga.UrlMapReference) error {
+	glog.V(5).Infof("GCETargetHttpProxies.SetUrlMap(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCETargetHttpProxies.SetUrlMap(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "TargetHttpProxies")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "SetUrlMap",
+		Version:   meta.Version("ga"),
+		Service:   "TargetHttpProxies",
+	}
+	glog.V(5).Infof("GCETargetHttpProxies.SetUrlMap(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCETargetHttpProxies.SetUrlMap(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.TargetHttpProxies.SetUrlMap(projectID, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCETargetHttpProxies.SetUrlMap(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCETargetHttpProxies.SetUrlMap(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// TargetHttpsProxies is an interface that allows for mocking of TargetHttpsProxies.
+type TargetHttpsProxies interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.TargetHttpsProxy, error)
+	List(ctx context.Context, fl *filter.F) ([]*ga.TargetHttpsProxy, error)
+	Insert(ctx context.Context, key *meta.Key, obj *ga.TargetHttpsProxy) error
+	Delete(ctx context.Context, key *meta.Key) error
+	SetSslCertificates(context.Context, *meta.Key, *ga.TargetHttpsProxiesSetSslCertificatesRequest) error
+	SetUrlMap(context.Context, *meta.Key, *ga.UrlMapReference) error
+}
+
+// NewMockTargetHttpsProxies returns a new mock for TargetHttpsProxies.
+func NewMockTargetHttpsProxies(pr ProjectRouter, objs map[meta.Key]*MockTargetHttpsProxiesObj) *MockTargetHttpsProxies {
+	mock := &MockTargetHttpsProxies{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockTargetHttpsProxies is the mock for TargetHttpsProxies.
+type MockTargetHttpsProxies struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockTargetHttpsProxiesObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook                func(ctx context.Context, key *meta.Key, m *MockTargetHttpsProxies) (bool, *ga.TargetHttpsProxy, error)
+	ListHook               func(ctx context.Context, fl *filter.F, m *MockTargetHttpsProxies) (bool, []*ga.TargetHttpsProxy, error)
+	InsertHook             func(ctx context.Context, key *meta.Key, obj *ga.TargetHttpsProxy, m *MockTargetHttpsProxies) (bool, error)
+	DeleteHook             func(ctx context.Context, key *meta.Key, m *MockTargetHttpsProxies) (bool, error)
+	SetSslCertificatesHook func(context.Context, *meta.Key, *ga.TargetHttpsProxiesSetSslCertificatesRequest, *MockTargetHttpsProxies) error
+	SetUrlMapHook          func(context.Context, *meta.Key, *ga.UrlMapReference, *MockTargetHttpsProxies) error
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockTargetHttpsProxies) Get(ctx context.Context, key *meta.Key) (*ga.TargetHttpsProxy, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockTargetHttpsProxies.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockTargetHttpsProxies.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockTargetHttpsProxies.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockTargetHttpsProxies %v not found", key),
+	}
+	glog.V(5).Infof("MockTargetHttpsProxies.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock.
+func (m *MockTargetHttpsProxies) List(ctx context.Context, fl *filter.F) ([]*ga.TargetHttpsProxy, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, fl, m); intercept {
+			glog.V(5).Infof("MockTargetHttpsProxies.List(%v, %v) = [%v items], %v", ctx, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockTargetHttpsProxies.List(%v, %v) = nil, %v", ctx, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.TargetHttpsProxy
+	for _, obj := range m.Objects {
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockTargetHttpsProxies.List(%v, %v) = [%v items], nil", ctx, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockTargetHttpsProxies) Insert(ctx context.Context, key *meta.Key, obj *ga.TargetHttpsProxy) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockTargetHttpsProxies.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockTargetHttpsProxies.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockTargetHttpsProxies %v exists", key),
+		}
+		glog.V(5).Infof("MockTargetHttpsProxies.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "ga", "targetHttpsProxies")
+	obj.SelfLink = SelfLink(meta.VersionGA, projectID, "targetHttpsProxies", key)
+
+	m.Objects[*key] = &MockTargetHttpsProxiesObj{obj}
+	glog.V(5).Infof("MockTargetHttpsProxies.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockTargetHttpsProxies) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockTargetHttpsProxies.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockTargetHttpsProxies.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockTargetHttpsProxies %v not found", key),
+		}
+		glog.V(5).Infof("MockTargetHttpsProxies.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockTargetHttpsProxies.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockTargetHttpsProxies) Obj(o *ga.TargetHttpsProxy) *MockTargetHttpsProxiesObj {
+	return &MockTargetHttpsProxiesObj{o}
+}
+
+// SetSslCertificates is a mock for the corresponding method.
+func (m *MockTargetHttpsProxies) SetSslCertificates(ctx context.Context, key *meta.Key, arg0 *ga.TargetHttpsProxiesSetSslCertificatesRequest) error {
+	if m.SetSslCertificatesHook != nil {
+		return m.SetSslCertificatesHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// SetUrlMap is a mock for the corresponding method.
+func (m *MockTargetHttpsProxies) SetUrlMap(ctx context.Context, key *meta.Key, arg0 *ga.UrlMapReference) error {
+	if m.SetUrlMapHook != nil {
+		return m.SetUrlMapHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// GCETargetHttpsProxies is a simplifying adapter for the GCE TargetHttpsProxies.
+type GCETargetHttpsProxies struct {
+	s *Service
+}
+
+// Get the TargetHttpsProxy named by key.
+func (g *GCETargetHttpsProxies) Get(ctx context.Context, key *meta.Key) (*ga.TargetHttpsProxy, error) {
+	glog.V(5).Infof("GCETargetHttpsProxies.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCETargetHttpsProxies.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "TargetHttpsProxies")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "TargetHttpsProxies",
+	}
+	glog.V(5).Infof("GCETargetHttpsProxies.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCETargetHttpsProxies.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.TargetHttpsProxies.Get(projectID, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCETargetHttpsProxies.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all TargetHttpsProxy objects.
+func (g *GCETargetHttpsProxies) List(ctx context.Context, fl *filter.F) ([]*ga.TargetHttpsProxy, error) {
+	glog.V(5).Infof("GCETargetHttpsProxies.List(%v, %v) called", ctx, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "TargetHttpsProxies")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "TargetHttpsProxies",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCETargetHttpsProxies.List(%v, %v): projectID = %v, rk = %+v", ctx, fl, projectID, rk)
+	call := g.s.GA.TargetHttpsProxies.List(projectID)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.TargetHttpsProxy
+	f := func(l *ga.TargetHttpsProxyList) error {
+		glog.V(5).Infof("GCETargetHttpsProxies.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCETargetHttpsProxies.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCETargetHttpsProxies.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCETargetHttpsProxies.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert TargetHttpsProxy with key of value obj.
+func (g *GCETargetHttpsProxies) Insert(ctx context.Context, key *meta.Key, obj *ga.TargetHttpsProxy) error {
+	glog.V(5).Infof("GCETargetHttpsProxies.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCETargetHttpsProxies.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "TargetHttpsProxies")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("ga"),
+		Service:   "TargetHttpsProxies",
+	}
+	glog.V(5).Infof("GCETargetHttpsProxies.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCETargetHttpsProxies.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.GA.TargetHttpsProxies.Insert(projectID, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCETargetHttpsProxies.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCETargetHttpsProxies.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the TargetHttpsProxy referenced by key.
+func (g *GCETargetHttpsProxies) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCETargetHttpsProxies.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCETargetHttpsProxies.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "TargetHttpsProxies")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("ga"),
+		Service:   "TargetHttpsProxies",
+	}
+	glog.V(5).Infof("GCETargetHttpsProxies.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCETargetHttpsProxies.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.TargetHttpsProxies.Delete(projectID, key.Name)
+
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCETargetHttpsProxies.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCETargetHttpsProxies.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// SetSslCertificates is a method on GCETargetHttpsProxies.
+func (g *GCETargetHttpsProxies) SetSslCertificates(ctx context.Context, key *meta.Key, arg0 *ga.TargetHttpsProxiesSetSslCertificatesRequest) error {
+	glog.V(5).Infof("GCETargetHttpsProxies.SetSslCertificates(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCETargetHttpsProxies.SetSslCertificates(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "TargetHttpsProxies")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "SetSslCertificates",
+		Version:   meta.Version("ga"),
+		Service:   "TargetHttpsProxies",
+	}
+	glog.V(5).Infof("GCETargetHttpsProxies.SetSslCertificates(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCETargetHttpsProxies.SetSslCertificates(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.TargetHttpsProxies.SetSslCertificates(projectID, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCETargetHttpsProxies.SetSslCertificates(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCETargetHttpsProxies.SetSslCertificates(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// SetUrlMap is a method on GCETargetHttpsProxies.
+func (g *GCETargetHttpsProxies) SetUrlMap(ctx context.Context, key *meta.Key, arg0 *ga.UrlMapReference) error {
+	glog.V(5).Infof("GCETargetHttpsProxies.SetUrlMap(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCETargetHttpsProxies.SetUrlMap(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "TargetHttpsProxies")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "SetUrlMap",
+		Version:   meta.Version("ga"),
+		Service:   "TargetHttpsProxies",
+	}
+	glog.V(5).Infof("GCETargetHttpsProxies.SetUrlMap(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCETargetHttpsProxies.SetUrlMap(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.TargetHttpsProxies.SetUrlMap(projectID, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCETargetHttpsProxies.SetUrlMap(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCETargetHttpsProxies.SetUrlMap(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// TargetPools is an interface that allows for mocking of TargetPools.
+type TargetPools interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.TargetPool, error)
+	List(ctx context.Context, region string, fl *filter.F) ([]*ga.TargetPool, error)
+	Insert(ctx context.Context, key *meta.Key, obj *ga.TargetPool) error
+	Delete(ctx context.Context, key *meta.Key) error
+	AddInstance(context.Context, *meta.Key, *ga.TargetPoolsAddInstanceRequest) error
+	RemoveInstance(context.Context, *meta.Key, *ga.TargetPoolsRemoveInstanceRequest) error
+}
+
+// NewMockTargetPools returns a new mock for TargetPools.
+func NewMockTargetPools(pr ProjectRouter, objs map[meta.Key]*MockTargetPoolsObj) *MockTargetPools {
+	mock := &MockTargetPools{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockTargetPools is the mock for TargetPools.
+type MockTargetPools struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockTargetPoolsObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook            func(ctx context.Context, key *meta.Key, m *MockTargetPools) (bool, *ga.TargetPool, error)
+	ListHook           func(ctx context.Context, region string, fl *filter.F, m *MockTargetPools) (bool, []*ga.TargetPool, error)
+	InsertHook         func(ctx context.Context, key *meta.Key, obj *ga.TargetPool, m *MockTargetPools) (bool, error)
+	DeleteHook         func(ctx context.Context, key *meta.Key, m *MockTargetPools) (bool, error)
+	AddInstanceHook    func(context.Context, *meta.Key, *ga.TargetPoolsAddInstanceRequest, *MockTargetPools) error
+	RemoveInstanceHook func(context.Context, *meta.Key, *ga.TargetPoolsRemoveInstanceRequest, *MockTargetPools) error
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockTargetPools) Get(ctx context.Context, key *meta.Key) (*ga.TargetPool, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockTargetPools.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockTargetPools.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockTargetPools.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockTargetPools %v not found", key),
+	}
+	glog.V(5).Infof("MockTargetPools.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock in the given region.
+func (m *MockTargetPools) List(ctx context.Context, region string, fl *filter.F) ([]*ga.TargetPool, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, region, fl, m); intercept {
+			glog.V(5).Infof("MockTargetPools.List(%v, %q, %v) = [%v items], %v", ctx, region, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockTargetPools.List(%v, %q, %v) = nil, %v", ctx, region, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.TargetPool
+	for key, obj := range m.Objects {
+		if key.Region != region {
+			continue
+		}
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockTargetPools.List(%v, %q, %v) = [%v items], nil", ctx, region, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockTargetPools) Insert(ctx context.Context, key *meta.Key, obj *ga.TargetPool) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockTargetPools.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockTargetPools.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockTargetPools %v exists", key),
+		}
+		glog.V(5).Infof("MockTargetPools.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "ga", "targetPools")
+	obj.SelfLink = SelfLink(meta.VersionGA, projectID, "targetPools", key)
+
+	m.Objects[*key] = &MockTargetPoolsObj{obj}
+	glog.V(5).Infof("MockTargetPools.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockTargetPools) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockTargetPools.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockTargetPools.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockTargetPools %v not found", key),
+		}
+		glog.V(5).Infof("MockTargetPools.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockTargetPools.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockTargetPools) Obj(o *ga.TargetPool) *MockTargetPoolsObj {
+	return &MockTargetPoolsObj{o}
+}
+
+// AddInstance is a mock for the corresponding method.
+func (m *MockTargetPools) AddInstance(ctx context.Context, key *meta.Key, arg0 *ga.TargetPoolsAddInstanceRequest) error {
+	if m.AddInstanceHook != nil {
+		return m.AddInstanceHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// RemoveInstance is a mock for the corresponding method.
+func (m *MockTargetPools) RemoveInstance(ctx context.Context, key *meta.Key, arg0 *ga.TargetPoolsRemoveInstanceRequest) error {
+	if m.RemoveInstanceHook != nil {
+		return m.RemoveInstanceHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// GCETargetPools is a simplifying adapter for the GCE TargetPools.
+type GCETargetPools struct {
+	s *Service
+}
+
+// Get the TargetPool named by key.
+func (g *GCETargetPools) Get(ctx context.Context, key *meta.Key) (*ga.TargetPool, error) {
+	glog.V(5).Infof("GCETargetPools.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCETargetPools.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "TargetPools")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "TargetPools",
+	}
+	glog.V(5).Infof("GCETargetPools.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCETargetPools.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.TargetPools.Get(projectID, key.Region, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCETargetPools.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all TargetPool objects.
+func (g *GCETargetPools) List(ctx context.Context, region string, fl *filter.F) ([]*ga.TargetPool, error) {
+	glog.V(5).Infof("GCETargetPools.List(%v, %v, %v) called", ctx, region, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "TargetPools")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "TargetPools",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCETargetPools.List(%v, %v, %v): projectID = %v, rk = %+v", ctx, region, fl, projectID, rk)
+	call := g.s.GA.TargetPools.List(projectID, region)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.TargetPool
+	f := func(l *ga.TargetPoolList) error {
+		glog.V(5).Infof("GCETargetPools.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCETargetPools.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCETargetPools.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCETargetPools.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert TargetPool with key of value obj.
+func (g *GCETargetPools) Insert(ctx context.Context, key *meta.Key, obj *ga.TargetPool) error {
+	glog.V(5).Infof("GCETargetPools.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCETargetPools.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "TargetPools")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("ga"),
+		Service:   "TargetPools",
+	}
+	glog.V(5).Infof("GCETargetPools.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCETargetPools.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.GA.TargetPools.Insert(projectID, key.Region, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCETargetPools.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCETargetPools.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the TargetPool referenced by key.
+func (g *GCETargetPools) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCETargetPools.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCETargetPools.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "TargetPools")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("ga"),
+		Service:   "TargetPools",
+	}
+	glog.V(5).Infof("GCETargetPools.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCETargetPools.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.TargetPools.Delete(projectID, key.Region, key.Name)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCETargetPools.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCETargetPools.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// AddInstance is a method on GCETargetPools.
+func (g *GCETargetPools) AddInstance(ctx context.Context, key *meta.Key, arg0 *ga.TargetPoolsAddInstanceRequest) error {
+	glog.V(5).Infof("GCETargetPools.AddInstance(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCETargetPools.AddInstance(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "TargetPools")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "AddInstance",
+		Version:   meta.Version("ga"),
+		Service:   "TargetPools",
+	}
+	glog.V(5).Infof("GCETargetPools.AddInstance(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCETargetPools.AddInstance(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.TargetPools.AddInstance(projectID, key.Region, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCETargetPools.AddInstance(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCETargetPools.AddInstance(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// RemoveInstance is a method on GCETargetPools.
+func (g *GCETargetPools) RemoveInstance(ctx context.Context, key *meta.Key, arg0 *ga.TargetPoolsRemoveInstanceRequest) error {
+	glog.V(5).Infof("GCETargetPools.RemoveInstance(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCETargetPools.RemoveInstance(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "TargetPools")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "RemoveInstance",
+		Version:   meta.Version("ga"),
+		Service:   "TargetPools",
+	}
+	glog.V(5).Infof("GCETargetPools.RemoveInstance(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCETargetPools.RemoveInstance(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.TargetPools.RemoveInstance(projectID, key.Region, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCETargetPools.RemoveInstance(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCETargetPools.RemoveInstance(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// UrlMaps is an interface that allows for mocking of UrlMaps.
+type UrlMaps interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.UrlMap, error)
+	List(ctx context.Context, fl *filter.F) ([]*ga.UrlMap, error)
+	Insert(ctx context.Context, key *meta.Key, obj *ga.UrlMap) error
+	Delete(ctx context.Context, key *meta.Key) error
+	Update(context.Context, *meta.Key, *ga.UrlMap) error
+}
+
+// NewMockUrlMaps returns a new mock for UrlMaps.
+func NewMockUrlMaps(pr ProjectRouter, objs map[meta.Key]*MockUrlMapsObj) *MockUrlMaps {
+	mock := &MockUrlMaps{
+		ProjectRouter: pr,
+
+		Objects:     objs,
+		GetError:    map[meta.Key]error{},
+		InsertError: map[meta.Key]error{},
+		DeleteError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockUrlMaps is the mock for UrlMaps.
+type MockUrlMaps struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockUrlMapsObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError    map[meta.Key]error
+	ListError   *error
+	InsertError map[meta.Key]error
+	DeleteError map[meta.Key]error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook    func(ctx context.Context, key *meta.Key, m *MockUrlMaps) (bool, *ga.UrlMap, error)
+	ListHook   func(ctx context.Context, fl *filter.F, m *MockUrlMaps) (bool, []*ga.UrlMap, error)
+	InsertHook func(ctx context.Context, key *meta.Key, obj *ga.UrlMap, m *MockUrlMaps) (bool, error)
+	DeleteHook func(ctx context.Context, key *meta.Key, m *MockUrlMaps) (bool, error)
+	UpdateHook func(context.Context, *meta.Key, *ga.UrlMap, *MockUrlMaps) error
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockUrlMaps) Get(ctx context.Context, key *meta.Key) (*ga.UrlMap, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockUrlMaps.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockUrlMaps.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockUrlMaps.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockUrlMaps %v not found", key),
+	}
+	glog.V(5).Infof("MockUrlMaps.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock.
+func (m *MockUrlMaps) List(ctx context.Context, fl *filter.F) ([]*ga.UrlMap, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, fl, m); intercept {
+			glog.V(5).Infof("MockUrlMaps.List(%v, %v) = [%v items], %v", ctx, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockUrlMaps.List(%v, %v) = nil, %v", ctx, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.UrlMap
+	for _, obj := range m.Objects {
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockUrlMaps.List(%v, %v) = [%v items], nil", ctx, fl, len(objs))
+	return objs, nil
+}
+
+// Insert is a mock for inserting/creating a new object.
+func (m *MockUrlMaps) Insert(ctx context.Context, key *meta.Key, obj *ga.UrlMap) error {
+	if m.InsertHook != nil {
+		if intercept, err := m.InsertHook(ctx, key, obj, m); intercept {
+			glog.V(5).Infof("MockUrlMaps.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.InsertError[*key]; ok {
+		glog.V(5).Infof("MockUrlMaps.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; ok {
+		err := &googleapi.Error{
+			Code:    http.StatusConflict,
+			Message: fmt.Sprintf("MockUrlMaps %v exists", key),
+		}
+		glog.V(5).Infof("MockUrlMaps.Insert(%v, %v, %+v) = %v", ctx, key, obj, err)
+		return err
+	}
+
+	obj.Name = key.Name
+	projectID := m.ProjectRouter.ProjectID(ctx, "ga", "urlMaps")
+	obj.SelfLink = SelfLink(meta.VersionGA, projectID, "urlMaps", key)
+
+	m.Objects[*key] = &MockUrlMapsObj{obj}
+	glog.V(5).Infof("MockUrlMaps.Insert(%v, %v, %+v) = nil", ctx, key, obj)
+	return nil
+}
+
+// Delete is a mock for deleting the object.
+func (m *MockUrlMaps) Delete(ctx context.Context, key *meta.Key) error {
+	if m.DeleteHook != nil {
+		if intercept, err := m.DeleteHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockUrlMaps.Delete(%v, %v) = %v", ctx, key, err)
+			return err
+		}
+	}
+	if !key.Valid() {
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.DeleteError[*key]; ok {
+		glog.V(5).Infof("MockUrlMaps.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+	if _, ok := m.Objects[*key]; !ok {
+		err := &googleapi.Error{
+			Code:    http.StatusNotFound,
+			Message: fmt.Sprintf("MockUrlMaps %v not found", key),
+		}
+		glog.V(5).Infof("MockUrlMaps.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	delete(m.Objects, *key)
+	glog.V(5).Infof("MockUrlMaps.Delete(%v, %v) = nil", ctx, key)
+	return nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockUrlMaps) Obj(o *ga.UrlMap) *MockUrlMapsObj {
+	return &MockUrlMapsObj{o}
+}
+
+// Update is a mock for the corresponding method.
+func (m *MockUrlMaps) Update(ctx context.Context, key *meta.Key, arg0 *ga.UrlMap) error {
+	if m.UpdateHook != nil {
+		return m.UpdateHook(ctx, key, arg0, m)
+	}
+	return nil
+}
+
+// GCEUrlMaps is a simplifying adapter for the GCE UrlMaps.
+type GCEUrlMaps struct {
+	s *Service
+}
+
+// Get the UrlMap named by key.
+func (g *GCEUrlMaps) Get(ctx context.Context, key *meta.Key) (*ga.UrlMap, error) {
+	glog.V(5).Infof("GCEUrlMaps.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEUrlMaps.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "UrlMaps")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "UrlMaps",
+	}
+	glog.V(5).Infof("GCEUrlMaps.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEUrlMaps.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.UrlMaps.Get(projectID, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEUrlMaps.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all UrlMap objects.
+func (g *GCEUrlMaps) List(ctx context.Context, fl *filter.F) ([]*ga.UrlMap, error) {
+	glog.V(5).Infof("GCEUrlMaps.List(%v, %v) called", ctx, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "UrlMaps")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "UrlMaps",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEUrlMaps.List(%v, %v): projectID = %v, rk = %+v", ctx, fl, projectID, rk)
+	call := g.s.GA.UrlMaps.List(projectID)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.UrlMap
+	f := func(l *ga.UrlMapList) error {
+		glog.V(5).Infof("GCEUrlMaps.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEUrlMaps.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEUrlMaps.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEUrlMaps.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
+
+// Insert UrlMap with key of value obj.
+func (g *GCEUrlMaps) Insert(ctx context.Context, key *meta.Key, obj *ga.UrlMap) error {
+	glog.V(5).Infof("GCEUrlMaps.Insert(%v, %v, %+v): called", ctx, key, obj)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEUrlMaps.Insert(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "UrlMaps")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Insert",
+		Version:   meta.Version("ga"),
+		Service:   "UrlMaps",
+	}
+	glog.V(5).Infof("GCEUrlMaps.Insert(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEUrlMaps.Insert(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	obj.Name = key.Name
+	call := g.s.GA.UrlMaps.Insert(projectID, obj)
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEUrlMaps.Insert(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEUrlMaps.Insert(%v, %v, %+v) = %+v", ctx, key, obj, err)
+	return err
+}
+
+// Delete the UrlMap referenced by key.
+func (g *GCEUrlMaps) Delete(ctx context.Context, key *meta.Key) error {
+	glog.V(5).Infof("GCEUrlMaps.Delete(%v, %v): called", ctx, key)
+	if !key.Valid() {
+		glog.V(2).Infof("GCEUrlMaps.Delete(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "UrlMaps")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Delete",
+		Version:   meta.Version("ga"),
+		Service:   "UrlMaps",
+	}
+	glog.V(5).Infof("GCEUrlMaps.Delete(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEUrlMaps.Delete(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.UrlMaps.Delete(projectID, key.Name)
+
+	call.Context(ctx)
+
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEUrlMaps.Delete(%v, %v) = %v", ctx, key, err)
+		return err
+	}
+
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEUrlMaps.Delete(%v, %v) = %v", ctx, key, err)
+	return err
+}
+
+// Update is a method on GCEUrlMaps.
+func (g *GCEUrlMaps) Update(ctx context.Context, key *meta.Key, arg0 *ga.UrlMap) error {
+	glog.V(5).Infof("GCEUrlMaps.Update(%v, %v, ...): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEUrlMaps.Update(%v, %v, ...): key is invalid (%#v)", ctx, key, key)
+		return fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "UrlMaps")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Update",
+		Version:   meta.Version("ga"),
+		Service:   "UrlMaps",
+	}
+	glog.V(5).Infof("GCEUrlMaps.Update(%v, %v, ...): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEUrlMaps.Update(%v, %v, ...): RateLimiter error: %v", ctx, key, err)
+		return err
+	}
+	call := g.s.GA.UrlMaps.Update(projectID, key.Name, arg0)
+	call.Context(ctx)
+	op, err := call.Do()
+	if err != nil {
+		glog.V(4).Infof("GCEUrlMaps.Update(%v, %v, ...) = %+v", ctx, key, err)
+		return err
+	}
+	err = g.s.WaitForCompletion(ctx, op)
+	glog.V(4).Infof("GCEUrlMaps.Update(%v, %v, ...) = %+v", ctx, key, err)
+	return err
+}
+
+// Zones is an interface that allows for mocking of Zones.
+type Zones interface {
+	Get(ctx context.Context, key *meta.Key) (*ga.Zone, error)
+	List(ctx context.Context, fl *filter.F) ([]*ga.Zone, error)
+}
+
+// NewMockZones returns a new mock for Zones.
+func NewMockZones(pr ProjectRouter, objs map[meta.Key]*MockZonesObj) *MockZones {
+	mock := &MockZones{
+		ProjectRouter: pr,
+
+		Objects:  objs,
+		GetError: map[meta.Key]error{},
+	}
+	return mock
+}
+
+// MockZones is the mock for Zones.
+type MockZones struct {
+	Lock sync.Mutex
+
+	ProjectRouter ProjectRouter
+
+	// Objects maintained by the mock.
+	Objects map[meta.Key]*MockZonesObj
+
+	// If an entry exists for the given key and operation, then the error
+	// will be returned instead of the operation.
+	GetError  map[meta.Key]error
+	ListError *error
+
+	// xxxHook allow you to intercept the standard processing of the mock in
+	// order to add your own logic. Return (true, _, _) to prevent the normal
+	// execution flow of the mock. Return (false, nil, nil) to continue with
+	// normal mock behavior/ after the hook function executes.
+	GetHook  func(ctx context.Context, key *meta.Key, m *MockZones) (bool, *ga.Zone, error)
+	ListHook func(ctx context.Context, fl *filter.F, m *MockZones) (bool, []*ga.Zone, error)
+
+	// X is extra state that can be used as part of the mock. Generated code
+	// will not use this field.
+	X interface{}
+}
+
+// Get returns the object from the mock.
+func (m *MockZones) Get(ctx context.Context, key *meta.Key) (*ga.Zone, error) {
+	if m.GetHook != nil {
+		if intercept, obj, err := m.GetHook(ctx, key, m); intercept {
+			glog.V(5).Infof("MockZones.Get(%v, %s) = %+v, %v", ctx, key, obj, err)
+			return obj, err
+		}
+	}
+	if !key.Valid() {
+		return nil, fmt.Errorf("invalid GCE key (%+v)", key)
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if err, ok := m.GetError[*key]; ok {
+		glog.V(5).Infof("MockZones.Get(%v, %s) = nil, %v", ctx, key, err)
+		return nil, err
+	}
+	if obj, ok := m.Objects[*key]; ok {
+		typedObj := obj.ToGA()
+		glog.V(5).Infof("MockZones.Get(%v, %s) = %+v, nil", ctx, key, typedObj)
+		return typedObj, nil
+	}
+
+	err := &googleapi.Error{
+		Code:    http.StatusNotFound,
+		Message: fmt.Sprintf("MockZones %v not found", key),
+	}
+	glog.V(5).Infof("MockZones.Get(%v, %s) = nil, %v", ctx, key, err)
+	return nil, err
+}
+
+// List all of the objects in the mock.
+func (m *MockZones) List(ctx context.Context, fl *filter.F) ([]*ga.Zone, error) {
+	if m.ListHook != nil {
+		if intercept, objs, err := m.ListHook(ctx, fl, m); intercept {
+			glog.V(5).Infof("MockZones.List(%v, %v) = [%v items], %v", ctx, fl, len(objs), err)
+			return objs, err
+		}
+	}
+
+	m.Lock.Lock()
+	defer m.Lock.Unlock()
+
+	if m.ListError != nil {
+		err := *m.ListError
+		glog.V(5).Infof("MockZones.List(%v, %v) = nil, %v", ctx, fl, err)
+
+		return nil, *m.ListError
+	}
+
+	var objs []*ga.Zone
+	for _, obj := range m.Objects {
+		if !fl.Match(obj.ToGA()) {
+			continue
+		}
+		objs = append(objs, obj.ToGA())
+	}
+
+	glog.V(5).Infof("MockZones.List(%v, %v) = [%v items], nil", ctx, fl, len(objs))
+	return objs, nil
+}
+
+// Obj wraps the object for use in the mock.
+func (m *MockZones) Obj(o *ga.Zone) *MockZonesObj {
+	return &MockZonesObj{o}
+}
+
+// GCEZones is a simplifying adapter for the GCE Zones.
+type GCEZones struct {
+	s *Service
+}
+
+// Get the Zone named by key.
+func (g *GCEZones) Get(ctx context.Context, key *meta.Key) (*ga.Zone, error) {
+	glog.V(5).Infof("GCEZones.Get(%v, %v): called", ctx, key)
+
+	if !key.Valid() {
+		glog.V(2).Infof("GCEZones.Get(%v, %v): key is invalid (%#v)", ctx, key, key)
+		return nil, fmt.Errorf("invalid GCE key (%#v)", key)
+	}
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Zones")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "Get",
+		Version:   meta.Version("ga"),
+		Service:   "Zones",
+	}
+	glog.V(5).Infof("GCEZones.Get(%v, %v): projectID = %v, rk = %+v", ctx, key, projectID, rk)
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		glog.V(4).Infof("GCEZones.Get(%v, %v): RateLimiter error: %v", ctx, key, err)
+		return nil, err
+	}
+	call := g.s.GA.Zones.Get(projectID, key.Name)
+	call.Context(ctx)
+	v, err := call.Do()
+	glog.V(4).Infof("GCEZones.Get(%v, %v) = %+v, %v", ctx, key, v, err)
+	return v, err
+}
+
+// List all Zone objects.
+func (g *GCEZones) List(ctx context.Context, fl *filter.F) ([]*ga.Zone, error) {
+	glog.V(5).Infof("GCEZones.List(%v, %v) called", ctx, fl)
+	projectID := g.s.ProjectRouter.ProjectID(ctx, "ga", "Zones")
+	rk := &RateLimitKey{
+		ProjectID: projectID,
+		Operation: "List",
+		Version:   meta.Version("ga"),
+		Service:   "Zones",
+	}
+	if err := g.s.RateLimiter.Accept(ctx, rk); err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("GCEZones.List(%v, %v): projectID = %v, rk = %+v", ctx, fl, projectID, rk)
+	call := g.s.GA.Zones.List(projectID)
+	if fl != filter.None {
+		call.Filter(fl.String())
+	}
+	var all []*ga.Zone
+	f := func(l *ga.ZoneList) error {
+		glog.V(5).Infof("GCEZones.List(%v, ..., %v): page %+v", ctx, fl, l)
+		all = append(all, l.Items...)
+		return nil
+	}
+	if err := call.Pages(ctx, f); err != nil {
+		glog.V(4).Infof("GCEZones.List(%v, ..., %v) = %v, %v", ctx, fl, nil, err)
+		return nil, err
+	}
+
+	if glog.V(4) {
+		glog.V(4).Infof("GCEZones.List(%v, ..., %v) = [%v items], %v", ctx, fl, len(all), nil)
+	} else if glog.V(5) {
+		var asStr []string
+		for _, o := range all {
+			asStr = append(asStr, fmt.Sprintf("%+v", o))
+		}
+		glog.V(5).Infof("GCEZones.List(%v, ..., %v) = %v, %v", ctx, fl, asStr, nil)
+	}
+
+	return all, nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta/BUILD b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta/BUILD
new file mode 100644
index 000000000000..591e6f22be54
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta/BUILD
@@ -0,0 +1,39 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "doc.go",
+        "key.go",
+        "meta.go",
+        "method.go",
+        "service.go",
+    ],
+    importpath = "k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//vendor/google.golang.org/api/compute/v0.alpha:go_default_library",
+        "//vendor/google.golang.org/api/compute/v0.beta:go_default_library",
+        "//vendor/google.golang.org/api/compute/v1:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["key_test.go"],
+    embed = [":go_default_library"],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta/doc.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta/doc.go
new file mode 100644
index 000000000000..7aa24e063792
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta/doc.go
@@ -0,0 +1,19 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package meta contains the meta description of the GCE cloud types to
+// generate code for.
+package meta
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta/key.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta/key.go
new file mode 100644
index 000000000000..4b6241d2b907
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta/key.go
@@ -0,0 +1,108 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package meta
+
+import (
+	"fmt"
+	"regexp"
+)
+
+// Key for a GCP resource.
+type Key struct {
+	Name   string
+	Zone   string
+	Region string
+}
+
+// KeyType is the type of the key.
+type KeyType string
+
+const (
+	// Zonal key type.
+	Zonal = "zonal"
+	// Regional key type.
+	Regional = "regional"
+	// Global key type.
+	Global = "global"
+)
+
+var (
+	// locationRegexp is the format of regions/zone names in GCE.
+	locationRegexp = regexp.MustCompile("^[a-z](?:[-a-z0-9]+)?$")
+)
+
+// ZonalKey returns the key for a zonal resource.
+func ZonalKey(name, zone string) *Key {
+	return &Key{name, zone, ""}
+}
+
+// RegionalKey returns the key for a regional resource.
+func RegionalKey(name, region string) *Key {
+	return &Key{name, "", region}
+}
+
+// GlobalKey returns the key for a global resource.
+func GlobalKey(name string) *Key {
+	return &Key{name, "", ""}
+}
+
+// Type returns the type of the key.
+func (k *Key) Type() KeyType {
+	switch {
+	case k.Zone != "":
+		return Zonal
+	case k.Region != "":
+		return Regional
+	default:
+		return Global
+	}
+}
+
+// String returns a string representation of the key.
+func (k Key) String() string {
+	switch k.Type() {
+	case Zonal:
+		return fmt.Sprintf("Key{%q, zone: %q}", k.Name, k.Zone)
+	case Regional:
+		return fmt.Sprintf("Key{%q, region: %q}", k.Name, k.Region)
+	default:
+		return fmt.Sprintf("Key{%q}", k.Name)
+	}
+}
+
+// Valid is true if the key is valid.
+func (k *Key) Valid() bool {
+	if k.Zone != "" && k.Region != "" {
+		return false
+	}
+	switch {
+	case k.Region != "":
+		return locationRegexp.Match([]byte(k.Region))
+	case k.Zone != "":
+		return locationRegexp.Match([]byte(k.Zone))
+	}
+	return true
+}
+
+// KeysToMap creates a map[Key]bool from a list of keys.
+func KeysToMap(keys ...Key) map[Key]bool {
+	ret := map[Key]bool{}
+	for _, k := range keys {
+		ret[k] = true
+	}
+	return ret
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta/meta.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta/meta.go
new file mode 100644
index 000000000000..852248beb804
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta/meta.go
@@ -0,0 +1,386 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package meta
+
+import (
+	"reflect"
+
+	alpha "google.golang.org/api/compute/v0.alpha"
+	beta "google.golang.org/api/compute/v0.beta"
+	ga "google.golang.org/api/compute/v1"
+)
+
+// Version of the API (ga, alpha, beta).
+type Version string
+
+const (
+	// NoGet prevents the Get() method from being generated.
+	NoGet = 1 << iota
+	// NoList prevents the List() method from being generated.
+	NoList = 1 << iota
+	// NoDelete prevents the Delete() method from being generated.
+	NoDelete = 1 << iota
+	// NoInsert prevents the Insert() method from being generated.
+	NoInsert = 1 << iota
+	// CustomOps specifies that an empty interface xxxOps will be generated to
+	// enable custom method calls to be attached to the generated service
+	// interface.
+	CustomOps = 1 << iota
+	// AggregatedList will generated a method for AggregatedList().
+	AggregatedList = 1 << iota
+
+	// ReadOnly specifies that the given resource is read-only and should not
+	// have insert() or delete() methods generated for the wrapper.
+	ReadOnly = NoDelete | NoInsert
+
+	// VersionGA is the API version in compute.v1.
+	VersionGA Version = "ga"
+	// VersionAlpha is the API version in computer.v0.alpha.
+	VersionAlpha Version = "alpha"
+	// VersionBeta is the API version in computer.v0.beta.
+	VersionBeta Version = "beta"
+)
+
+// AllVersions is a list of all versions of the GCE API.
+var AllVersions = []Version{
+	VersionGA,
+	VersionAlpha,
+	VersionBeta,
+}
+
+// AllServices are a list of all the services to generate code for. Keep
+// this list in lexiographical order by object type.
+var AllServices = []*ServiceInfo{
+	{
+		Object:      "Address",
+		Service:     "Addresses",
+		Resource:    "addresses",
+		keyType:     Regional,
+		serviceType: reflect.TypeOf(&ga.AddressesService{}),
+	},
+	{
+		Object:      "Address",
+		Service:     "Addresses",
+		Resource:    "addresses",
+		version:     VersionAlpha,
+		keyType:     Regional,
+		serviceType: reflect.TypeOf(&alpha.AddressesService{}),
+	},
+	{
+		Object:      "Address",
+		Service:     "Addresses",
+		Resource:    "addresses",
+		version:     VersionBeta,
+		keyType:     Regional,
+		serviceType: reflect.TypeOf(&beta.AddressesService{}),
+	},
+	{
+		Object:      "Address",
+		Service:     "GlobalAddresses",
+		Resource:    "addresses",
+		keyType:     Global,
+		serviceType: reflect.TypeOf(&ga.GlobalAddressesService{}),
+	},
+	{
+		Object:      "BackendService",
+		Service:     "BackendServices",
+		Resource:    "backendServices",
+		keyType:     Global,
+		serviceType: reflect.TypeOf(&ga.BackendServicesService{}),
+		additionalMethods: []string{
+			"GetHealth",
+			"Update",
+		},
+	},
+	{
+		Object:            "BackendService",
+		Service:           "BackendServices",
+		Resource:          "backendServices",
+		version:           VersionAlpha,
+		keyType:           Global,
+		serviceType:       reflect.TypeOf(&alpha.BackendServicesService{}),
+		additionalMethods: []string{"Update"},
+	},
+	{
+		Object:      "BackendService",
+		Service:     "RegionBackendServices",
+		Resource:    "backendServices",
+		version:     VersionGA,
+		keyType:     Regional,
+		serviceType: reflect.TypeOf(&ga.RegionBackendServicesService{}),
+		additionalMethods: []string{
+			"GetHealth",
+			"Update",
+		},
+	},
+	{
+		Object:      "BackendService",
+		Service:     "RegionBackendServices",
+		Resource:    "backendServices",
+		version:     VersionAlpha,
+		keyType:     Regional,
+		serviceType: reflect.TypeOf(&alpha.RegionBackendServicesService{}),
+		additionalMethods: []string{
+			"GetHealth",
+			"Update",
+		},
+	},
+	{
+		Object:      "Disk",
+		Service:     "Disks",
+		Resource:    "disks",
+		keyType:     Zonal,
+		serviceType: reflect.TypeOf(&ga.DisksService{}),
+	},
+	{
+		Object:      "Disk",
+		Service:     "Disks",
+		Resource:    "disks",
+		version:     VersionAlpha,
+		keyType:     Zonal,
+		serviceType: reflect.TypeOf(&alpha.DisksService{}),
+	},
+	{
+		Object:      "Disk",
+		Service:     "RegionDisks",
+		Resource:    "disks",
+		version:     VersionAlpha,
+		keyType:     Regional,
+		serviceType: reflect.TypeOf(&alpha.DisksService{}),
+	},
+	{
+		Object:      "Firewall",
+		Service:     "Firewalls",
+		Resource:    "firewalls",
+		keyType:     Global,
+		serviceType: reflect.TypeOf(&ga.FirewallsService{}),
+		additionalMethods: []string{
+			"Update",
+		},
+	},
+	{
+		Object:      "ForwardingRule",
+		Service:     "ForwardingRules",
+		Resource:    "forwardingRules",
+		keyType:     Regional,
+		serviceType: reflect.TypeOf(&ga.ForwardingRulesService{}),
+	},
+	{
+		Object:      "ForwardingRule",
+		Service:     "ForwardingRules",
+		Resource:    "forwardingRules",
+		version:     VersionAlpha,
+		keyType:     Regional,
+		serviceType: reflect.TypeOf(&alpha.ForwardingRulesService{}),
+	},
+	{
+		Object:      "ForwardingRule",
+		Service:     "GlobalForwardingRules",
+		Resource:    "forwardingRules",
+		keyType:     Global,
+		serviceType: reflect.TypeOf(&ga.GlobalForwardingRulesService{}),
+		additionalMethods: []string{
+			"SetTarget",
+		},
+	},
+	{
+		Object:      "HealthCheck",
+		Service:     "HealthChecks",
+		Resource:    "healthChecks",
+		keyType:     Global,
+		serviceType: reflect.TypeOf(&ga.HealthChecksService{}),
+		additionalMethods: []string{
+			"Update",
+		},
+	},
+	{
+		Object:      "HealthCheck",
+		Service:     "HealthChecks",
+		Resource:    "healthChecks",
+		version:     VersionAlpha,
+		keyType:     Global,
+		serviceType: reflect.TypeOf(&alpha.HealthChecksService{}),
+		additionalMethods: []string{
+			"Update",
+		},
+	},
+	{
+		Object:      "HttpHealthCheck",
+		Service:     "HttpHealthChecks",
+		Resource:    "httpHealthChecks",
+		keyType:     Global,
+		serviceType: reflect.TypeOf(&ga.HttpHealthChecksService{}),
+		additionalMethods: []string{
+			"Update",
+		},
+	},
+	{
+		Object:      "HttpsHealthCheck",
+		Service:     "HttpsHealthChecks",
+		Resource:    "httpsHealthChecks",
+		keyType:     Global,
+		serviceType: reflect.TypeOf(&ga.HttpsHealthChecksService{}),
+		additionalMethods: []string{
+			"Update",
+		},
+	},
+	{
+		Object:      "InstanceGroup",
+		Service:     "InstanceGroups",
+		Resource:    "instanceGroups",
+		keyType:     Zonal,
+		serviceType: reflect.TypeOf(&ga.InstanceGroupsService{}),
+		additionalMethods: []string{
+			"AddInstances",
+			"ListInstances",
+			"RemoveInstances",
+			"SetNamedPorts",
+		},
+	},
+	{
+		Object:      "Instance",
+		Service:     "Instances",
+		Resource:    "instances",
+		keyType:     Zonal,
+		serviceType: reflect.TypeOf(&ga.InstancesService{}),
+		additionalMethods: []string{
+			"AttachDisk",
+			"DetachDisk",
+		},
+	},
+	{
+		Object:      "Instance",
+		Service:     "Instances",
+		Resource:    "instances",
+		version:     VersionBeta,
+		keyType:     Zonal,
+		serviceType: reflect.TypeOf(&beta.InstancesService{}),
+		additionalMethods: []string{
+			"AttachDisk",
+			"DetachDisk",
+			"UpdateNetworkInterface",
+		},
+	},
+	{
+		Object:      "Instance",
+		Service:     "Instances",
+		Resource:    "instances",
+		version:     VersionAlpha,
+		keyType:     Zonal,
+		serviceType: reflect.TypeOf(&alpha.InstancesService{}),
+		additionalMethods: []string{
+			"AttachDisk",
+			"DetachDisk",
+			"UpdateNetworkInterface",
+		},
+	},
+	{
+		Object:      "NetworkEndpointGroup",
+		Service:     "NetworkEndpointGroups",
+		Resource:    "networkEndpointGroups",
+		version:     VersionAlpha,
+		keyType:     Zonal,
+		serviceType: reflect.TypeOf(&alpha.NetworkEndpointGroupsService{}),
+		additionalMethods: []string{
+			"AttachNetworkEndpoints",
+			"DetachNetworkEndpoints",
+			"ListNetworkEndpoints",
+		},
+		options: AggregatedList,
+	},
+	{
+		Object:   "Project",
+		Service:  "Projects",
+		Resource: "projects",
+		keyType:  Global,
+		// Generate only the stub with no methods.
+		options:     NoGet | NoList | NoInsert | NoDelete | CustomOps,
+		serviceType: reflect.TypeOf(&ga.ProjectsService{}),
+	},
+	{
+		Object:      "Region",
+		Service:     "Regions",
+		Resource:    "regions",
+		keyType:     Global,
+		options:     ReadOnly,
+		serviceType: reflect.TypeOf(&ga.RegionsService{}),
+	},
+	{
+		Object:      "Route",
+		Service:     "Routes",
+		Resource:    "routes",
+		keyType:     Global,
+		serviceType: reflect.TypeOf(&ga.RoutesService{}),
+	},
+	{
+		Object:      "SslCertificate",
+		Service:     "SslCertificates",
+		Resource:    "sslCertificates",
+		keyType:     Global,
+		serviceType: reflect.TypeOf(&ga.SslCertificatesService{}),
+	},
+	{
+		Object:      "TargetHttpProxy",
+		Service:     "TargetHttpProxies",
+		Resource:    "targetHttpProxies",
+		keyType:     Global,
+		serviceType: reflect.TypeOf(&ga.TargetHttpProxiesService{}),
+		additionalMethods: []string{
+			"SetUrlMap",
+		},
+	},
+	{
+		Object:      "TargetHttpsProxy",
+		Service:     "TargetHttpsProxies",
+		Resource:    "targetHttpsProxies",
+		keyType:     Global,
+		serviceType: reflect.TypeOf(&ga.TargetHttpsProxiesService{}),
+		additionalMethods: []string{
+			"SetSslCertificates",
+			"SetUrlMap",
+		},
+	},
+	{
+		Object:      "TargetPool",
+		Service:     "TargetPools",
+		Resource:    "targetPools",
+		keyType:     Regional,
+		serviceType: reflect.TypeOf(&ga.TargetPoolsService{}),
+		additionalMethods: []string{
+			"AddInstance",
+			"RemoveInstance",
+		},
+	},
+	{
+		Object:      "UrlMap",
+		Service:     "UrlMaps",
+		Resource:    "urlMaps",
+		keyType:     Global,
+		serviceType: reflect.TypeOf(&ga.UrlMapsService{}),
+		additionalMethods: []string{
+			"Update",
+		},
+	},
+	{
+		Object:      "Zone",
+		Service:     "Zones",
+		Resource:    "zones",
+		keyType:     Global,
+		options:     ReadOnly,
+		serviceType: reflect.TypeOf(&ga.ZonesService{}),
+	},
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta/method.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta/method.go
new file mode 100644
index 000000000000..b37258705a2b
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta/method.go
@@ -0,0 +1,337 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package meta
+
+import (
+	"fmt"
+	"reflect"
+	"strings"
+)
+
+func newArg(t reflect.Type) *arg {
+	ret := &arg{}
+
+	// Dereference the pointer types to get at the underlying concrete type.
+Loop:
+	for {
+		switch t.Kind() {
+		case reflect.Ptr:
+			ret.numPtr++
+			t = t.Elem()
+		default:
+			ret.pkg = t.PkgPath()
+			ret.typeName += t.Name()
+			break Loop
+		}
+	}
+	return ret
+}
+
+type arg struct {
+	pkg, typeName string
+	numPtr        int
+}
+
+func (a *arg) normalizedPkg() string {
+	if a.pkg == "" {
+		return ""
+	}
+
+	// Strip the repo.../vendor/ prefix from the package path if present.
+	parts := strings.Split(a.pkg, "/")
+	// Remove vendor prefix.
+	for i := 0; i < len(parts); i++ {
+		if parts[i] == "vendor" {
+			parts = parts[i+1:]
+			break
+		}
+	}
+	switch strings.Join(parts, "/") {
+	case "google.golang.org/api/compute/v1":
+		return "ga."
+	case "google.golang.org/api/compute/v0.alpha":
+		return "alpha."
+	case "google.golang.org/api/compute/v0.beta":
+		return "beta."
+	default:
+		panic(fmt.Errorf("unhandled package %q", a.pkg))
+	}
+}
+
+func (a *arg) String() string {
+	var ret string
+	for i := 0; i < a.numPtr; i++ {
+		ret += "*"
+	}
+	ret += a.normalizedPkg()
+	ret += a.typeName
+	return ret
+}
+
+// newMethod returns a newly initialized method.
+func newMethod(s *ServiceInfo, m reflect.Method) *Method {
+	ret := &Method{
+		ServiceInfo: s,
+		m:           m,
+		kind:        MethodOperation,
+		ReturnType:  "",
+	}
+	ret.init()
+	return ret
+}
+
+// MethodKind is the type of method that we are generated code for.
+type MethodKind int
+
+const (
+	// MethodOperation is a long running method that returns an operation.
+	MethodOperation MethodKind = iota
+	// MethodGet is a method that immediately returns some data.
+	MethodGet MethodKind = iota
+	// MethodPaged is a method that returns a paged set of data.
+	MethodPaged MethodKind = iota
+)
+
+// Method is used to generate the calling code for non-standard methods.
+type Method struct {
+	*ServiceInfo
+	m reflect.Method
+
+	kind MethodKind
+	// ReturnType is the return type for the method.
+	ReturnType string
+	// ItemType is the type of the individual elements returns from a
+	// Pages() call. This is only applicable for MethodPaged kind.
+	ItemType string
+}
+
+// IsOperation is true if the method is an Operation.
+func (m *Method) IsOperation() bool {
+	return m.kind == MethodOperation
+}
+
+// IsPaged is true if the method paged.
+func (m *Method) IsPaged() bool {
+	return m.kind == MethodPaged
+}
+
+// IsGet is true if the method simple get.
+func (m *Method) IsGet() bool {
+	return m.kind == MethodGet
+}
+
+// argsSkip is the number of arguments to skip when generating the
+// synthesized method.
+func (m *Method) argsSkip() int {
+	switch m.keyType {
+	case Zonal:
+		return 4
+	case Regional:
+		return 4
+	case Global:
+		return 3
+	}
+	panic(fmt.Errorf("invalid KeyType %v", m.keyType))
+}
+
+// args return a list of arguments to the method, skipping the first skip
+// elements. If nameArgs is true, then the arguments will include a generated
+// parameter name (arg<N>). prefix will be added to the parameters.
+func (m *Method) args(skip int, nameArgs bool, prefix []string) []string {
+	var args []*arg
+	fType := m.m.Func.Type()
+	for i := 0; i < fType.NumIn(); i++ {
+		t := fType.In(i)
+		args = append(args, newArg(t))
+	}
+
+	var a []string
+	for i := skip; i < fType.NumIn(); i++ {
+		if nameArgs {
+			a = append(a, fmt.Sprintf("arg%d %s", i-skip, args[i]))
+		} else {
+			a = append(a, args[i].String())
+		}
+	}
+	return append(prefix, a...)
+}
+
+// init the method. This performs some rudimentary static checking as well as
+// determines the kind of method by looking at the shape (method signature) of
+// the object.
+func (m *Method) init() {
+	fType := m.m.Func.Type()
+	if fType.NumIn() < m.argsSkip() {
+		err := fmt.Errorf("method %q.%q, arity = %d which is less than required (< %d)",
+			m.Service, m.Name(), fType.NumIn(), m.argsSkip())
+		panic(err)
+	}
+	// Skipped args should all be string (they will be projectID, zone, region etc).
+	for i := 1; i < m.argsSkip(); i++ {
+		if fType.In(i).Kind() != reflect.String {
+			panic(fmt.Errorf("method %q.%q: skipped args can only be strings", m.Service, m.Name()))
+		}
+	}
+	// Return of the method must return a single value of type *xxxCall.
+	if fType.NumOut() != 1 || fType.Out(0).Kind() != reflect.Ptr || !strings.HasSuffix(fType.Out(0).Elem().Name(), "Call") {
+		panic(fmt.Errorf("method %q.%q: generator only supports methods returning an *xxxCall object",
+			m.Service, m.Name()))
+	}
+	returnType := fType.Out(0)
+	returnTypeName := fType.Out(0).Elem().Name()
+	// xxxCall must have a Do() method.
+	doMethod, ok := returnType.MethodByName("Do")
+	if !ok {
+		panic(fmt.Errorf("method %q.%q: return type %q does not have a Do() method",
+			m.Service, m.Name(), returnTypeName))
+	}
+	_, hasPages := returnType.MethodByName("Pages")
+	// Do() method must return (*T, error).
+	switch doMethod.Func.Type().NumOut() {
+	case 2:
+		out0 := doMethod.Func.Type().Out(0)
+		if out0.Kind() != reflect.Ptr {
+			panic(fmt.Errorf("method %q.%q: return type %q of Do() = S, _; S must be pointer type (%v)",
+				m.Service, m.Name(), returnTypeName, out0))
+		}
+		m.ReturnType = out0.Elem().Name()
+		switch {
+		case out0.Elem().Name() == "Operation":
+			m.kind = MethodOperation
+		case hasPages:
+			m.kind = MethodPaged
+			// Pages() returns a xxxList that has the actual list
+			// of objects in the xxxList.Items field.
+			listType := out0.Elem()
+			itemsField, ok := listType.FieldByName("Items")
+			if !ok {
+				panic(fmt.Errorf("method %q.%q: paged return type %q does not have a .Items field", m.Service, m.Name(), listType.Name()))
+			}
+			// itemsField will be a []*ItemType. Dereference to
+			// extract the ItemType.
+			itemsType := itemsField.Type
+			if itemsType.Kind() != reflect.Slice && itemsType.Elem().Kind() != reflect.Ptr {
+				panic(fmt.Errorf("method %q.%q: paged return type %q.Items is not an array of pointers", m.Service, m.Name(), listType.Name()))
+			}
+			m.ItemType = itemsType.Elem().Elem().Name()
+		default:
+			m.kind = MethodGet
+		}
+		// Second argument must be "error".
+		if doMethod.Func.Type().Out(1).Name() != "error" {
+			panic(fmt.Errorf("method %q.%q: return type %q of Do() = S, T; T must be 'error'",
+				m.Service, m.Name(), returnTypeName))
+		}
+		break
+	default:
+		panic(fmt.Errorf("method %q.%q: %q Do() return type is not handled by the generator",
+			m.Service, m.Name(), returnTypeName))
+	}
+}
+
+// Name is the name of the method.
+func (m *Method) Name() string {
+	return m.m.Name
+}
+
+// CallArgs is a list of comma separated "argN" used for calling the method.
+// For example, if the method has two additional arguments, this will return
+// "arg0, arg1".
+func (m *Method) CallArgs() string {
+	var args []string
+	for i := m.argsSkip(); i < m.m.Func.Type().NumIn(); i++ {
+		args = append(args, fmt.Sprintf("arg%d", i-m.argsSkip()))
+	}
+	if len(args) == 0 {
+		return ""
+	}
+	return fmt.Sprintf(", %s", strings.Join(args, ", "))
+}
+
+// MockHookName is the name of the hook function in the mock.
+func (m *Method) MockHookName() string {
+	return m.m.Name + "Hook"
+}
+
+// MockHook is the definition of the hook function.
+func (m *Method) MockHook() string {
+	args := m.args(m.argsSkip(), false, []string{
+		"context.Context",
+		"*meta.Key",
+	})
+	if m.kind == MethodPaged {
+		args = append(args, "*filter.F")
+	}
+
+	args = append(args, fmt.Sprintf("*%s", m.MockWrapType()))
+
+	switch m.kind {
+	case MethodOperation:
+		return fmt.Sprintf("%v func(%v) error", m.MockHookName(), strings.Join(args, ", "))
+	case MethodGet:
+		return fmt.Sprintf("%v func(%v) (*%v.%v, error)", m.MockHookName(), strings.Join(args, ", "), m.Version(), m.ReturnType)
+	case MethodPaged:
+		return fmt.Sprintf("%v func(%v) ([]*%v.%v, error)", m.MockHookName(), strings.Join(args, ", "), m.Version(), m.ItemType)
+	default:
+		panic(fmt.Errorf("invalid method kind: %v", m.kind))
+	}
+}
+
+// FcnArgs is the function signature for the definition of the method.
+func (m *Method) FcnArgs() string {
+	args := m.args(m.argsSkip(), true, []string{
+		"ctx context.Context",
+		"key *meta.Key",
+	})
+	if m.kind == MethodPaged {
+		args = append(args, "fl *filter.F")
+	}
+
+	switch m.kind {
+	case MethodOperation:
+		return fmt.Sprintf("%v(%v) error", m.m.Name, strings.Join(args, ", "))
+	case MethodGet:
+		return fmt.Sprintf("%v(%v) (*%v.%v, error)", m.m.Name, strings.Join(args, ", "), m.Version(), m.ReturnType)
+	case MethodPaged:
+		return fmt.Sprintf("%v(%v) ([]*%v.%v, error)", m.m.Name, strings.Join(args, ", "), m.Version(), m.ItemType)
+	default:
+		panic(fmt.Errorf("invalid method kind: %v", m.kind))
+	}
+}
+
+// InterfaceFunc is the function declaration of the method in the interface.
+func (m *Method) InterfaceFunc() string {
+	args := []string{
+		"context.Context",
+		"*meta.Key",
+	}
+	args = m.args(m.argsSkip(), false, args)
+	if m.kind == MethodPaged {
+		args = append(args, "*filter.F")
+	}
+
+	switch m.kind {
+	case MethodOperation:
+		return fmt.Sprintf("%v(%v) error", m.m.Name, strings.Join(args, ", "))
+	case MethodGet:
+		return fmt.Sprintf("%v(%v) (*%v.%v, error)", m.m.Name, strings.Join(args, ", "), m.Version(), m.ReturnType)
+	case MethodPaged:
+		return fmt.Sprintf("%v(%v) ([]*%v.%v, error)", m.m.Name, strings.Join(args, ", "), m.Version(), m.ItemType)
+	default:
+		panic(fmt.Errorf("invalid method kind: %v", m.kind))
+	}
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta/service.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta/service.go
new file mode 100644
index 000000000000..b2ba91c8ec59
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta/service.go
@@ -0,0 +1,277 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package meta
+
+import (
+	"errors"
+	"fmt"
+	"reflect"
+)
+
+// ServiceInfo defines the entry for a Service that code will be generated for.
+type ServiceInfo struct {
+	// Object is the Go name of the object type that the service deals
+	// with. Example: "ForwardingRule".
+	Object string
+	// Service is the Go name of the service struct i.e. where the methods
+	// are defined. Examples: "GlobalForwardingRules".
+	Service string
+	// Resource is the plural noun of the resource in the compute API URL (e.g.
+	// "forwardingRules").
+	Resource string
+	// version if unspecified will be assumed to be VersionGA.
+	version     Version
+	keyType     KeyType
+	serviceType reflect.Type
+
+	additionalMethods   []string
+	options             int
+	aggregatedListField string
+}
+
+// Version returns the version of the Service, defaulting to GA if APIVersion
+// is empty.
+func (i *ServiceInfo) Version() Version {
+	if i.version == "" {
+		return VersionGA
+	}
+	return i.version
+}
+
+// VersionTitle returns the capitalized golang CamelCase name for the version.
+func (i *ServiceInfo) VersionTitle() string {
+	switch i.Version() {
+	case VersionGA:
+		return "GA"
+	case VersionAlpha:
+		return "Alpha"
+	case VersionBeta:
+		return "Beta"
+	}
+	panic(fmt.Errorf("invalid version %q", i.Version()))
+}
+
+// WrapType is the name of the wrapper service type.
+func (i *ServiceInfo) WrapType() string {
+	switch i.Version() {
+	case VersionGA:
+		return i.Service
+	case VersionAlpha:
+		return "Alpha" + i.Service
+	case VersionBeta:
+		return "Beta" + i.Service
+	}
+	return "Invalid"
+}
+
+// WrapTypeOps is the name of the additional operations type.
+func (i *ServiceInfo) WrapTypeOps() string {
+	return i.WrapType() + "Ops"
+}
+
+// FQObjectType is fully qualified name of the object (e.g. compute.Instance).
+func (i *ServiceInfo) FQObjectType() string {
+	return fmt.Sprintf("%v.%v", i.Version(), i.Object)
+}
+
+// ObjectListType is the compute List type for the object (contains Items field).
+func (i *ServiceInfo) ObjectListType() string {
+	return fmt.Sprintf("%v.%vList", i.Version(), i.Object)
+}
+
+// ObjectAggregatedListType is the compute List type for the object (contains Items field).
+func (i *ServiceInfo) ObjectAggregatedListType() string {
+	return fmt.Sprintf("%v.%vAggregatedList", i.Version(), i.Object)
+}
+
+// MockWrapType is the name of the concrete mock for this type.
+func (i *ServiceInfo) MockWrapType() string {
+	return "Mock" + i.WrapType()
+}
+
+// MockField is the name of the field in the mock struct.
+func (i *ServiceInfo) MockField() string {
+	return "Mock" + i.WrapType()
+}
+
+// GCEWrapType is the name of the GCE wrapper type.
+func (i *ServiceInfo) GCEWrapType() string {
+	return "GCE" + i.WrapType()
+}
+
+// Field is the name of the GCE struct.
+func (i *ServiceInfo) Field() string {
+	return "gce" + i.WrapType()
+}
+
+// Methods returns a list of additional methods to generate code for.
+func (i *ServiceInfo) Methods() []*Method {
+	methods := map[string]bool{}
+	for _, m := range i.additionalMethods {
+		methods[m] = true
+	}
+
+	var ret []*Method
+	for j := 0; j < i.serviceType.NumMethod(); j++ {
+		m := i.serviceType.Method(j)
+		if _, ok := methods[m.Name]; !ok {
+			continue
+		}
+		ret = append(ret, newMethod(i, m))
+		methods[m.Name] = false
+	}
+
+	for k, b := range methods {
+		if b {
+			panic(fmt.Errorf("method %q was not found in service %q", k, i.Service))
+		}
+	}
+
+	return ret
+}
+
+// KeyIsGlobal is true if the key is global.
+func (i *ServiceInfo) KeyIsGlobal() bool {
+	return i.keyType == Global
+}
+
+// KeyIsRegional is true if the key is regional.
+func (i *ServiceInfo) KeyIsRegional() bool {
+	return i.keyType == Regional
+}
+
+// KeyIsZonal is true if the key is zonal.
+func (i *ServiceInfo) KeyIsZonal() bool {
+	return i.keyType == Zonal
+}
+
+// MakeKey returns the call used to create the appropriate key type.
+func (i *ServiceInfo) MakeKey(name, location string) string {
+	switch i.keyType {
+	case Global:
+		return fmt.Sprintf("GlobalKey(%q)", name)
+	case Regional:
+		return fmt.Sprintf("RegionalKey(%q, %q)", name, location)
+	case Zonal:
+		return fmt.Sprintf("ZonalKey(%q, %q)", name, location)
+	}
+	return "Invalid"
+}
+
+// GenerateGet is true if the method is to be generated.
+func (i *ServiceInfo) GenerateGet() bool {
+	return i.options&NoGet == 0
+}
+
+// GenerateList is true if the method is to be generated.
+func (i *ServiceInfo) GenerateList() bool {
+	return i.options&NoList == 0
+}
+
+// GenerateDelete is true if the method is to be generated.
+func (i *ServiceInfo) GenerateDelete() bool {
+	return i.options&NoDelete == 0
+}
+
+// GenerateInsert is true if the method is to be generated.
+func (i *ServiceInfo) GenerateInsert() bool {
+	return i.options&NoInsert == 0
+}
+
+// GenerateCustomOps is true if we should generated a xxxOps interface for
+// adding additional methods to the generated interface.
+func (i *ServiceInfo) GenerateCustomOps() bool {
+	return i.options&CustomOps != 0
+}
+
+// AggregatedList is true if the method is to be generated.
+func (i *ServiceInfo) AggregatedList() bool {
+	return i.options&AggregatedList != 0
+}
+
+// AggregatedListField is the name of the field used for the aggregated list
+// call. This is typically the same as the name of the service, but can be
+// customized by setting the aggregatedListField field.
+func (i *ServiceInfo) AggregatedListField() string {
+	if i.aggregatedListField == "" {
+		return i.Service
+	}
+	return i.aggregatedListField
+}
+
+// ServiceGroup is a grouping of the same service but at different API versions.
+type ServiceGroup struct {
+	Alpha *ServiceInfo
+	Beta  *ServiceInfo
+	GA    *ServiceInfo
+}
+
+// Service returns any ServiceInfo object belonging to the ServiceGroup.
+func (sg *ServiceGroup) Service() string {
+	switch {
+	case sg.GA != nil:
+		return sg.GA.Service
+	case sg.Alpha != nil:
+		return sg.Alpha.Service
+	case sg.Beta != nil:
+		return sg.Beta.Service
+	default:
+		panic(errors.New("service group is empty"))
+	}
+}
+
+// HasGA returns true if this object has a GA representation.
+func (sg *ServiceGroup) HasGA() bool {
+	return sg.GA != nil
+}
+
+// HasAlpha returns true if this object has a Alpha representation.
+func (sg *ServiceGroup) HasAlpha() bool {
+	return sg.Alpha != nil
+}
+
+// HasBeta returns true if this object has a Beta representation.
+func (sg *ServiceGroup) HasBeta() bool {
+	return sg.Beta != nil
+}
+
+// groupServices together by version.
+func groupServices(services []*ServiceInfo) map[string]*ServiceGroup {
+	ret := map[string]*ServiceGroup{}
+	for _, si := range services {
+		if _, ok := ret[si.Service]; !ok {
+			ret[si.Service] = &ServiceGroup{}
+		}
+		group := ret[si.Service]
+		switch si.Version() {
+		case VersionAlpha:
+			group.Alpha = si
+		case VersionBeta:
+			group.Beta = si
+		case VersionGA:
+			group.GA = si
+		}
+	}
+	return ret
+}
+
+// AllServicesByGroup is a map of service name to ServicesGroup.
+var AllServicesByGroup map[string]*ServiceGroup
+
+func init() {
+	AllServicesByGroup = groupServices(AllServices)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/op.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/op.go
new file mode 100644
index 000000000000..1bd2e0c484b9
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/op.go
@@ -0,0 +1,172 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cloud
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/golang/glog"
+
+	alpha "google.golang.org/api/compute/v0.alpha"
+	beta "google.golang.org/api/compute/v0.beta"
+	ga "google.golang.org/api/compute/v1"
+
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
+)
+
+// operation is a GCE operation that can be watied on.
+type operation interface {
+	// isDone queries GCE for the done status. This call can block.
+	isDone(ctx context.Context) (bool, error)
+	// rateLimitKey returns the rate limit key to use for the given operation.
+	// This rate limit will govern how fast the server will be polled for
+	// operation completion status.
+	rateLimitKey() *RateLimitKey
+}
+
+type gaOperation struct {
+	s         *Service
+	projectID string
+	key       *meta.Key
+}
+
+func (o *gaOperation) String() string {
+	return fmt.Sprintf("gaOperation{%q, %v}", o.projectID, o.key)
+}
+
+func (o *gaOperation) isDone(ctx context.Context) (bool, error) {
+	var (
+		op  *ga.Operation
+		err error
+	)
+
+	switch o.key.Type() {
+	case meta.Regional:
+		op, err = o.s.GA.RegionOperations.Get(o.projectID, o.key.Region, o.key.Name).Context(ctx).Do()
+		glog.V(5).Infof("GA.RegionOperations.Get(%v, %v, %v) = %+v, %v; ctx = %v", o.projectID, o.key.Region, o.key.Name, op, err, ctx)
+	case meta.Zonal:
+		op, err = o.s.GA.ZoneOperations.Get(o.projectID, o.key.Zone, o.key.Name).Context(ctx).Do()
+		glog.V(5).Infof("GA.ZoneOperations.Get(%v, %v, %v) = %+v, %v; ctx = %v", o.projectID, o.key.Zone, o.key.Name, op, err, ctx)
+	case meta.Global:
+		op, err = o.s.GA.GlobalOperations.Get(o.projectID, o.key.Name).Context(ctx).Do()
+		glog.V(5).Infof("GA.GlobalOperations.Get(%v, %v) = %+v, %v; ctx = %v", o.projectID, o.key.Name, op, err, ctx)
+	default:
+		return false, fmt.Errorf("invalid key type: %#v", o.key)
+	}
+	if err != nil {
+		return false, err
+	}
+	return op != nil && op.Status == "DONE", nil
+}
+
+func (o *gaOperation) rateLimitKey() *RateLimitKey {
+	return &RateLimitKey{
+		ProjectID: o.projectID,
+		Operation: "Get",
+		Service:   "Operations",
+		Version:   meta.VersionGA,
+	}
+}
+
+type alphaOperation struct {
+	s         *Service
+	projectID string
+	key       *meta.Key
+}
+
+func (o *alphaOperation) String() string {
+	return fmt.Sprintf("alphaOperation{%q, %v}", o.projectID, o.key)
+}
+
+func (o *alphaOperation) isDone(ctx context.Context) (bool, error) {
+	var (
+		op  *alpha.Operation
+		err error
+	)
+
+	switch o.key.Type() {
+	case meta.Regional:
+		op, err = o.s.Alpha.RegionOperations.Get(o.projectID, o.key.Region, o.key.Name).Context(ctx).Do()
+		glog.V(5).Infof("Alpha.RegionOperations.Get(%v, %v, %v) = %+v, %v; ctx = %v", o.projectID, o.key.Region, o.key.Name, op, err, ctx)
+	case meta.Zonal:
+		op, err = o.s.Alpha.ZoneOperations.Get(o.projectID, o.key.Zone, o.key.Name).Context(ctx).Do()
+		glog.V(5).Infof("Alpha.ZoneOperations.Get(%v, %v, %v) = %+v, %v; ctx = %v", o.projectID, o.key.Zone, o.key.Name, op, err, ctx)
+	case meta.Global:
+		op, err = o.s.Alpha.GlobalOperations.Get(o.projectID, o.key.Name).Context(ctx).Do()
+		glog.V(5).Infof("Alpha.GlobalOperations.Get(%v, %v) = %+v, %v; ctx = %v", o.projectID, o.key.Name, op, err, ctx)
+	default:
+		return false, fmt.Errorf("invalid key type: %#v", o.key)
+	}
+	if err != nil {
+		return false, err
+	}
+	return op != nil && op.Status == "DONE", nil
+}
+
+func (o *alphaOperation) rateLimitKey() *RateLimitKey {
+	return &RateLimitKey{
+		ProjectID: o.projectID,
+		Operation: "Get",
+		Service:   "Operations",
+		Version:   meta.VersionAlpha,
+	}
+}
+
+type betaOperation struct {
+	s         *Service
+	projectID string
+	key       *meta.Key
+}
+
+func (o *betaOperation) String() string {
+	return fmt.Sprintf("betaOperation{%q, %v}", o.projectID, o.key)
+}
+
+func (o *betaOperation) isDone(ctx context.Context) (bool, error) {
+	var (
+		op  *beta.Operation
+		err error
+	)
+
+	switch o.key.Type() {
+	case meta.Regional:
+		op, err = o.s.Beta.RegionOperations.Get(o.projectID, o.key.Region, o.key.Name).Context(ctx).Do()
+		glog.V(5).Infof("Beta.RegionOperations.Get(%v, %v, %v) = %+v, %v; ctx = %v", o.projectID, o.key.Region, o.key.Name, op, err, ctx)
+	case meta.Zonal:
+		op, err = o.s.Beta.ZoneOperations.Get(o.projectID, o.key.Zone, o.key.Name).Context(ctx).Do()
+		glog.V(5).Infof("Beta.ZoneOperations.Get(%v, %v, %v) = %+v, %v; ctx = %v", o.projectID, o.key.Zone, o.key.Name, op, err, ctx)
+	case meta.Global:
+		op, err = o.s.Beta.GlobalOperations.Get(o.projectID, o.key.Name).Context(ctx).Do()
+		glog.V(5).Infof("Beta.GlobalOperations.Get(%v, %v) = %+v, %v; ctx = %v", o.projectID, o.key.Name, op, err, ctx)
+	default:
+		return false, fmt.Errorf("invalid key type: %#v", o.key)
+	}
+	if err != nil {
+		return false, err
+	}
+	return op != nil && op.Status == "DONE", nil
+}
+
+func (o *betaOperation) rateLimitKey() *RateLimitKey {
+	return &RateLimitKey{
+		ProjectID: o.projectID,
+		Operation: "Get",
+		Service:   "Operations",
+		Version:   meta.VersionBeta,
+	}
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/project.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/project.go
new file mode 100644
index 000000000000..231e7cf916a8
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/project.go
@@ -0,0 +1,45 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cloud
+
+import (
+	"context"
+
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
+)
+
+// ProjectRouter routes service calls to the appropriate GCE project.
+type ProjectRouter interface {
+	// ProjectID returns the project ID (non-numeric) to be used for a call
+	// to an API (version,service). Example tuples: ("ga", "ForwardingRules"),
+	// ("alpha", "GlobalAddresses").
+	//
+	// This allows for plumbing different service calls to the appropriate
+	// project, for instance, networking services to a separate project
+	// than instance management.
+	ProjectID(ctx context.Context, version meta.Version, service string) string
+}
+
+// SingleProjectRouter routes all service calls to the same project ID.
+type SingleProjectRouter struct {
+	ID string
+}
+
+// ProjectID returns the project ID to be used for a call to the API.
+func (r *SingleProjectRouter) ProjectID(ctx context.Context, version meta.Version, service string) string {
+	return r.ID
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/ratelimit.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/ratelimit.go
new file mode 100644
index 000000000000..e38b8f7de3ca
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/ratelimit.go
@@ -0,0 +1,68 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cloud
+
+import (
+	"context"
+	"time"
+
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
+)
+
+// RateLimitKey is a key identifying the operation to be rate limited. The rate limit
+// queue will be determined based on the contents of RateKey.
+type RateLimitKey struct {
+	// ProjectID is the non-numeric ID of the project.
+	ProjectID string
+	// Operation is the specific method being invoked (e.g. "Get", "List").
+	Operation string
+	// Version is the API version of the call.
+	Version meta.Version
+	// Service is the service being invoked (e.g. "Firewalls", "BackendServices")
+	Service string
+}
+
+// RateLimiter is the interface for a rate limiting policy.
+type RateLimiter interface {
+	// Accept uses the RateLimitKey to derive a sleep time for the calling
+	// goroutine. This call will block until the operation is ready for
+	// execution.
+	//
+	// Accept returns an error if the given context ctx was canceled
+	// while waiting for acceptance into the queue.
+	Accept(ctx context.Context, key *RateLimitKey) error
+}
+
+// NopRateLimiter is a rate limiter that performs no rate limiting.
+type NopRateLimiter struct {
+}
+
+// Accept the operation to be rate limited.
+func (*NopRateLimiter) Accept(ctx context.Context, key *RateLimitKey) error {
+	// Rate limit polling of the Operation status to avoid hammering GCE
+	// for the status of an operation.
+	const pollTime = time.Duration(1) * time.Second
+	if key.Operation == "Get" && key.Service == "Operations" {
+		select {
+		case <-time.NewTimer(pollTime).C:
+			break
+		case <-ctx.Done():
+			return ctx.Err()
+		}
+	}
+	return nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/service.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/service.go
new file mode 100644
index 000000000000..99ed7d226b73
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/service.go
@@ -0,0 +1,85 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cloud
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/golang/glog"
+
+	alpha "google.golang.org/api/compute/v0.alpha"
+	beta "google.golang.org/api/compute/v0.beta"
+	ga "google.golang.org/api/compute/v1"
+)
+
+// Service is the top-level adapter for all of the different compute API
+// versions.
+type Service struct {
+	GA            *ga.Service
+	Alpha         *alpha.Service
+	Beta          *beta.Service
+	ProjectRouter ProjectRouter
+	RateLimiter   RateLimiter
+}
+
+// wrapOperation wraps a GCE anyOP in a version generic operation type.
+func (s *Service) wrapOperation(anyOp interface{}) (operation, error) {
+	switch o := anyOp.(type) {
+	case *ga.Operation:
+		r, err := ParseResourceURL(o.SelfLink)
+		if err != nil {
+			return nil, err
+		}
+		return &gaOperation{s, r.ProjectID, r.Key}, nil
+	case *alpha.Operation:
+		r, err := ParseResourceURL(o.SelfLink)
+		if err != nil {
+			return nil, err
+		}
+		return &alphaOperation{s, r.ProjectID, r.Key}, nil
+	case *beta.Operation:
+		r, err := ParseResourceURL(o.SelfLink)
+		if err != nil {
+			return nil, err
+		}
+		return &betaOperation{s, r.ProjectID, r.Key}, nil
+	default:
+		return nil, fmt.Errorf("invalid type %T", anyOp)
+	}
+}
+
+// WaitForCompletion of a long running operation. This will poll the state of
+// GCE for the completion status of the given operation. genericOp can be one
+// of alpha, beta, ga Operation types.
+func (s *Service) WaitForCompletion(ctx context.Context, genericOp interface{}) error {
+	op, err := s.wrapOperation(genericOp)
+	if err != nil {
+		glog.Errorf("wrapOperation(%+v) error: %v", genericOp, err)
+		return err
+	}
+	for done, err := op.isDone(ctx); !done; done, err = op.isDone(ctx) {
+		if err != nil {
+			glog.V(4).Infof("op.isDone(%v) error; op = %v, err = %v", ctx, op, err)
+			return err
+		}
+		glog.V(5).Infof("op.isDone(%v) waiting; op = %v", ctx, op)
+		s.RateLimiter.Accept(ctx, op.rateLimitKey())
+	}
+	glog.V(5).Infof("op.isDone(%v) complete; op = %v", ctx, op)
+	return nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/utils.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/utils.go
new file mode 100644
index 000000000000..fb258866fbbd
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/utils.go
@@ -0,0 +1,158 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cloud
+
+import (
+	"encoding/json"
+	"fmt"
+	"strings"
+
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
+)
+
+const (
+	gaPrefix    = "https://www.googleapis.com/compute/v1/"
+	alphaPrefix = "https://www.googleapis.com/compute/alpha/"
+	betaPrefix  = "https://www.googleapis.com/compute/beta/"
+)
+
+// ResourceID identifies a GCE resource as parsed from compute resource URL.
+type ResourceID struct {
+	ProjectID string
+	Resource  string
+	Key       *meta.Key
+}
+
+// Equal returns true if two resource IDs are equal.
+func (r *ResourceID) Equal(other *ResourceID) bool {
+	if r.ProjectID != other.ProjectID || r.Resource != other.Resource {
+		return false
+	}
+	if r.Key != nil && other.Key != nil {
+		return *r.Key == *other.Key
+	}
+	if r.Key == nil && other.Key == nil {
+		return true
+	}
+	return false
+}
+
+// ParseResourceURL parses resource URLs of the following formats:
+//
+//   projects/<proj>/global/<res>/<name>
+//   projects/<proj>/regions/<region>/<res>/<name>
+//   projects/<proj>/zones/<zone>/<res>/<name>
+//   [https://www.googleapis.com/compute/<ver>]/projects/<proj>/global/<res>/<name>
+//   [https://www.googleapis.com/compute/<ver>]/projects/<proj>/regions/<region>/<res>/<name>
+//   [https://www.googleapis.com/compute/<ver>]/projects/<proj>/zones/<zone>/<res>/<name>
+func ParseResourceURL(url string) (*ResourceID, error) {
+	errNotValid := fmt.Errorf("%q is not a valid resource URL", url)
+
+	// Remove the prefix up to ...projects/
+	projectsIndex := strings.Index(url, "/projects/")
+	if projectsIndex >= 0 {
+		url = url[projectsIndex+1:]
+	}
+
+	parts := strings.Split(url, "/")
+	if len(parts) < 2 || parts[0] != "projects" {
+		return nil, errNotValid
+	}
+
+	ret := &ResourceID{ProjectID: parts[1]}
+	if len(parts) == 2 {
+		ret.Resource = "projects"
+		return ret, nil
+	}
+
+	if len(parts) < 4 {
+		return nil, errNotValid
+	}
+
+	if len(parts) == 4 {
+		switch parts[2] {
+		case "regions":
+			ret.Resource = "regions"
+			ret.Key = meta.GlobalKey(parts[3])
+			return ret, nil
+		case "zones":
+			ret.Resource = "zones"
+			ret.Key = meta.GlobalKey(parts[3])
+			return ret, nil
+		default:
+			return nil, errNotValid
+		}
+	}
+
+	switch parts[2] {
+	case "global":
+		if len(parts) != 5 {
+			return nil, errNotValid
+		}
+		ret.Resource = parts[3]
+		ret.Key = meta.GlobalKey(parts[4])
+		return ret, nil
+	case "regions":
+		if len(parts) != 6 {
+			return nil, errNotValid
+		}
+		ret.Resource = parts[4]
+		ret.Key = meta.RegionalKey(parts[5], parts[3])
+		return ret, nil
+	case "zones":
+		if len(parts) != 6 {
+			return nil, errNotValid
+		}
+		ret.Resource = parts[4]
+		ret.Key = meta.ZonalKey(parts[5], parts[3])
+		return ret, nil
+	}
+	return nil, errNotValid
+}
+
+func copyViaJSON(dest, src interface{}) error {
+	bytes, err := json.Marshal(src)
+	if err != nil {
+		return err
+	}
+	return json.Unmarshal(bytes, dest)
+}
+
+// SelfLink returns the self link URL for the given object.
+func SelfLink(ver meta.Version, project, resource string, key *meta.Key) string {
+	var prefix string
+	switch ver {
+	case meta.VersionAlpha:
+		prefix = alphaPrefix
+	case meta.VersionBeta:
+		prefix = betaPrefix
+	case meta.VersionGA:
+		prefix = gaPrefix
+	default:
+		prefix = "invalid-prefix"
+	}
+
+	switch key.Type() {
+	case meta.Zonal:
+		return fmt.Sprintf("%sprojects/%s/zones/%s/%s/%s", prefix, project, key.Zone, resource, key.Name)
+	case meta.Regional:
+		return fmt.Sprintf("%sprojects/%s/regions/%s/%s/%s", prefix, project, key.Region, resource, key.Name)
+	case meta.Global:
+		return fmt.Sprintf("%sprojects/%s/%s/%s", prefix, project, resource, key.Name)
+	}
+	return "invalid-self-link"
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce.go
index 26d00248cdeb..4698c52b0e5e 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce.go
@@ -21,7 +21,6 @@ import (
 	"fmt"
 	"io"
 	"net/http"
-	"regexp"
 	"runtime"
 	"strconv"
 	"strings"
@@ -31,6 +30,13 @@ import (
 	gcfg "gopkg.in/gcfg.v1"
 
 	"cloud.google.com/go/compute/metadata"
+	"github.com/golang/glog"
+	"golang.org/x/oauth2"
+	"golang.org/x/oauth2/google"
+	computealpha "google.golang.org/api/compute/v0.alpha"
+	computebeta "google.golang.org/api/compute/v0.beta"
+	compute "google.golang.org/api/compute/v1"
+	container "google.golang.org/api/container/v1"
 
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/util/sets"
@@ -42,18 +48,12 @@ import (
 	"k8s.io/client-go/tools/cache"
 	"k8s.io/client-go/tools/record"
 	"k8s.io/client-go/util/flowcontrol"
+
 	"k8s.io/kubernetes/pkg/cloudprovider"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud"
 	"k8s.io/kubernetes/pkg/controller"
 	kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis"
 	"k8s.io/kubernetes/pkg/version"
-
-	"github.com/golang/glog"
-	"golang.org/x/oauth2"
-	"golang.org/x/oauth2/google"
-	computealpha "google.golang.org/api/compute/v0.alpha"
-	computebeta "google.golang.org/api/compute/v0.beta"
-	compute "google.golang.org/api/compute/v1"
-	container "google.golang.org/api/container/v1"
 )
 
 const (
@@ -88,8 +88,8 @@ const (
 	// Defaults to 5 * 2 = 10 seconds before the LB will steer traffic away
 	gceHcUnhealthyThreshold = int64(5)
 
-	gceComputeAPIEndpoint      = "https://www.googleapis.com/compute/v1/"
-	gceComputeAPIEndpointAlpha = "https://www.googleapis.com/compute/alpha/"
+	gceComputeAPIEndpoint     = "https://www.googleapis.com/compute/v1/"
+	gceComputeAPIEndpointBeta = "https://www.googleapis.com/compute/beta/"
 )
 
 // gceObject is an abstraction of all GCE API object in go client
@@ -107,6 +107,7 @@ type GCECloud struct {
 	serviceBeta      *computebeta.Service
 	serviceAlpha     *computealpha.Service
 	containerService *container.Service
+	tpuService       *tpuService
 	client           clientset.Interface
 	clientBuilder    controller.ControllerClientBuilder
 	eventBroadcaster record.EventBroadcaster
@@ -148,6 +149,9 @@ type GCECloud struct {
 	// the corresponding api is enabled.
 	// If not enabled, it should return error.
 	AlphaFeatureGate *AlphaFeatureGate
+
+	// New code generated interface to the GCE compute library.
+	c cloud.Cloud
 }
 
 // TODO: replace gcfg with json
@@ -213,9 +217,22 @@ func init() {
 		})
 }
 
-// Raw access to the underlying GCE service, probably should only be used for e2e tests
-func (g *GCECloud) GetComputeService() *compute.Service {
-	return g.service
+// Services is the set of all versions of the compute service.
+type Services struct {
+	// GA, Alpha, Beta versions of the compute API.
+	GA    *compute.Service
+	Alpha *computealpha.Service
+	Beta  *computebeta.Service
+}
+
+// ComputeServices returns access to the internal compute services.
+func (g *GCECloud) ComputeServices() *Services {
+	return &Services{g.service, g.serviceAlpha, g.serviceBeta}
+}
+
+// Compute returns the generated stubs for the compute API.
+func (g *GCECloud) Compute() cloud.Cloud {
+	return g.c
 }
 
 // newGCECloud creates a new instance of GCECloud.
@@ -236,7 +253,6 @@ func newGCECloud(config io.Reader) (gceCloud *GCECloud, err error) {
 		return nil, err
 	}
 	return CreateGCECloud(cloudConfig)
-
 }
 
 func readConfig(reader io.Reader) (*ConfigFile, error) {
@@ -356,11 +372,12 @@ func generateCloudConfig(configFile *ConfigFile) (cloudConfig *CloudConfig, err
 // If no tokenSource is specified, uses oauth2.DefaultTokenSource.
 // If managedZones is nil / empty all zones in the region will be managed.
 func CreateGCECloud(config *CloudConfig) (*GCECloud, error) {
-	// Remove any pre-release version and build metadata from the semver, leaving only the MAJOR.MINOR.PATCH portion.
-	// See http://semver.org/.
+	// Remove any pre-release version and build metadata from the semver,
+	// leaving only the MAJOR.MINOR.PATCH portion. See http://semver.org/.
 	version := strings.TrimLeft(strings.Split(strings.Split(version.Get().GitVersion, "-")[0], "+")[0], "v")
 
-	// Create a user-agent header append string to supply to the Google API clients, to identify Kubernetes as the origin of the GCP API calls.
+	// Create a user-agent header append string to supply to the Google API
+	// clients, to identify Kubernetes as the origin of the GCP API calls.
 	userAgent := fmt.Sprintf("Kubernetes/%s (%s %s)", version, runtime.GOOS, runtime.GOARCH)
 
 	// Use ProjectID for NetworkProjectID, if it wasn't explicitly set.
@@ -414,6 +431,11 @@ func CreateGCECloud(config *CloudConfig) (*GCECloud, error) {
 	}
 	containerService.UserAgent = userAgent
 
+	tpuService, err := newTPUService(client)
+	if err != nil {
+		return nil, err
+	}
+
 	// ProjectID and.NetworkProjectID may be project number or name.
 	projID, netProjID := tryConvertToProjectNames(config.ProjectID, config.NetworkProjectID, service)
 	onXPN := projID != netProjID
@@ -480,6 +502,7 @@ func CreateGCECloud(config *CloudConfig) (*GCECloud, error) {
 		serviceAlpha:             serviceAlpha,
 		serviceBeta:              serviceBeta,
 		containerService:         containerService,
+		tpuService:               tpuService,
 		projectID:                projID,
 		networkProjectID:         netProjID,
 		onXPN:                    onXPN,
@@ -499,6 +522,13 @@ func CreateGCECloud(config *CloudConfig) (*GCECloud, error) {
 	}
 
 	gce.manager = &gceServiceManager{gce}
+	gce.c = cloud.NewGCE(&cloud.Service{
+		GA:            service,
+		Alpha:         serviceAlpha,
+		Beta:          serviceBeta,
+		ProjectRouter: &gceProjectRouter{gce},
+		RateLimiter:   &gceRateLimiter{gce},
+	})
 
 	return gce, nil
 }
@@ -694,20 +724,6 @@ func (gce *GCECloud) updateNodeZones(prevNode, newNode *v1.Node) {
 	}
 }
 
-// Known-useless DNS search path.
-var uselessDNSSearchRE = regexp.MustCompile(`^[0-9]+.google.internal.$`)
-
-// ScrubDNS filters DNS settings for pods.
-func (gce *GCECloud) ScrubDNS(nameservers, searches []string) (nsOut, srchOut []string) {
-	// GCE has too many search paths by default. Filter the ones we know are useless.
-	for _, s := range searches {
-		if !uselessDNSSearchRE.MatchString(s) {
-			srchOut = append(srchOut, s)
-		}
-	}
-	return nameservers, srchOut
-}
-
 // HasClusterID returns true if the cluster has a clusterID
 func (gce *GCECloud) HasClusterID() bool {
 	return true
@@ -737,20 +753,6 @@ func gceSubnetworkURL(apiEndpoint, project, region, subnetwork string) string {
 	return apiEndpoint + strings.Join([]string{"projects", project, "regions", region, "subnetworks", subnetwork}, "/")
 }
 
-// getProjectIDInURL parses full resource URLS and shorter URLS
-// https://www.googleapis.com/compute/v1/projects/myproject/global/networks/mycustom
-// projects/myproject/global/networks/mycustom
-// All return "myproject"
-func getProjectIDInURL(urlStr string) (string, error) {
-	fields := strings.Split(urlStr, "/")
-	for i, v := range fields {
-		if v == "projects" && i < len(fields)-1 {
-			return fields[i+1], nil
-		}
-	}
-	return "", fmt.Errorf("could not find project field in url: %v", urlStr)
-}
-
 // getRegionInURL parses full resource URLS and shorter URLS
 // https://www.googleapis.com/compute/v1/projects/myproject/regions/us-central1/subnetworks/a
 // projects/myproject/regions/us-central1/subnetworks/a
@@ -848,7 +850,13 @@ func newOauthClient(tokenSource oauth2.TokenSource) (*http.Client, error) {
 		glog.Infof("Using existing Token Source %#v", tokenSource)
 	}
 
-	if err := wait.PollImmediate(5*time.Second, 30*time.Second, func() (bool, error) {
+	backoff := wait.Backoff{
+		// These values will add up to about a minute. See #56293 for background.
+		Duration: time.Second,
+		Factor:   1.4,
+		Steps:    10,
+	}
+	if err := wait.ExponentialBackoff(backoff, func() (bool, error) {
 		if _, err := tokenSource.Token(); err != nil {
 			glog.Errorf("error fetching initial token: %v", err)
 			return false, nil
@@ -870,10 +878,10 @@ func (manager *gceServiceManager) getProjectsAPIEndpoint() string {
 	return projectsApiEndpoint
 }
 
-func (manager *gceServiceManager) getProjectsAPIEndpointAlpha() string {
-	projectsApiEndpoint := gceComputeAPIEndpointAlpha + "projects/"
+func (manager *gceServiceManager) getProjectsAPIEndpointBeta() string {
+	projectsApiEndpoint := gceComputeAPIEndpointBeta + "projects/"
 	if manager.gce.service != nil {
-		projectsApiEndpoint = manager.gce.serviceAlpha.BasePath
+		projectsApiEndpoint = manager.gce.serviceBeta.BasePath
 	}
 
 	return projectsApiEndpoint
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_address_manager.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_address_manager.go
index 004148f249b5..4f642a92ccfb 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_address_manager.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_address_manager.go
@@ -20,9 +20,10 @@ import (
 	"fmt"
 	"net/http"
 
-	computebeta "google.golang.org/api/compute/v0.beta"
+	compute "google.golang.org/api/compute/v1"
 
 	"github.com/golang/glog"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud"
 )
 
 type addressManager struct {
@@ -31,13 +32,13 @@ type addressManager struct {
 	name        string
 	serviceName string
 	targetIP    string
-	addressType lbScheme
+	addressType cloud.LbScheme
 	region      string
 	subnetURL   string
 	tryRelease  bool
 }
 
-func newAddressManager(svc CloudAddressService, serviceName, region, subnetURL, name, targetIP string, addressType lbScheme) *addressManager {
+func newAddressManager(svc CloudAddressService, serviceName, region, subnetURL, name, targetIP string, addressType cloud.LbScheme) *addressManager {
 	return &addressManager{
 		svc:         svc,
 		logPrefix:   fmt.Sprintf("AddressManager(%q)", name),
@@ -63,7 +64,7 @@ func (am *addressManager) HoldAddress() (string, error) {
 	// calls since it indicates whether a Delete is necessary before Reserve.
 	glog.V(4).Infof("%v: attempting hold of IP %q Type %q", am.logPrefix, am.targetIP, am.addressType)
 	// Get the address in case it was orphaned earlier
-	addr, err := am.svc.GetBetaRegionAddress(am.name, am.region)
+	addr, err := am.svc.GetRegionAddress(am.name, am.region)
 	if err != nil && !isNotFound(err) {
 		return "", err
 	}
@@ -118,7 +119,7 @@ func (am *addressManager) ReleaseAddress() error {
 func (am *addressManager) ensureAddressReservation() (string, error) {
 	// Try reserving the IP with controller-owned address name
 	// If am.targetIP is an empty string, a new IP will be created.
-	newAddr := &computebeta.Address{
+	newAddr := &compute.Address{
 		Name:        am.name,
 		Description: fmt.Sprintf(`{"kubernetes.io/service-name":"%s"}`, am.serviceName),
 		Address:     am.targetIP,
@@ -126,7 +127,7 @@ func (am *addressManager) ensureAddressReservation() (string, error) {
 		Subnetwork:  am.subnetURL,
 	}
 
-	reserveErr := am.svc.ReserveBetaRegionAddress(newAddr, am.region)
+	reserveErr := am.svc.ReserveRegionAddress(newAddr, am.region)
 	if reserveErr == nil {
 		if newAddr.Address != "" {
 			glog.V(4).Infof("%v: successfully reserved IP %q with name %q", am.logPrefix, newAddr.Address, newAddr.Name)
@@ -155,7 +156,7 @@ func (am *addressManager) ensureAddressReservation() (string, error) {
 
 	// Reserving the address failed due to a conflict or bad request. The address manager just checked that no address
 	// exists with the name, so it may belong to the user.
-	addr, err := am.svc.GetBetaRegionAddressByIP(am.region, am.targetIP)
+	addr, err := am.svc.GetRegionAddressByIP(am.region, am.targetIP)
 	if err != nil {
 		return "", fmt.Errorf("failed to get address by IP %q after reservation attempt, err: %q, reservation err: %q", am.targetIP, err, reserveErr)
 	}
@@ -178,7 +179,7 @@ func (am *addressManager) ensureAddressReservation() (string, error) {
 	return addr.Address, nil
 }
 
-func (am *addressManager) validateAddress(addr *computebeta.Address) error {
+func (am *addressManager) validateAddress(addr *compute.Address) error {
 	if am.targetIP != "" && am.targetIP != addr.Address {
 		return fmt.Errorf("address %q does not have the expected IP %q, actual: %q", addr.Name, am.targetIP, addr.Address)
 	}
@@ -189,7 +190,7 @@ func (am *addressManager) validateAddress(addr *computebeta.Address) error {
 	return nil
 }
 
-func (am *addressManager) isManagedAddress(addr *computebeta.Address) bool {
+func (am *addressManager) isManagedAddress(addr *compute.Address) bool {
 	return addr.Name == am.name
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_addresses.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_addresses.go
index 254c08a3b8e1..37e2f5e9a7b0 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_addresses.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_addresses.go
@@ -17,6 +17,7 @@ limitations under the License.
 package gce
 
 import (
+	"context"
 	"fmt"
 
 	"github.com/golang/glog"
@@ -24,6 +25,10 @@ import (
 	computealpha "google.golang.org/api/compute/v0.alpha"
 	computebeta "google.golang.org/api/compute/v0.beta"
 	compute "google.golang.org/api/compute/v1"
+
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
 )
 
 func newAddressMetricContext(request, region string) *metricContext {
@@ -40,110 +45,81 @@ func newAddressMetricContextWithVersion(request, region, version string) *metric
 // ephemeral IP associated with a global forwarding rule.
 func (gce *GCECloud) ReserveGlobalAddress(addr *compute.Address) error {
 	mc := newAddressMetricContext("reserve", "")
-	op, err := gce.service.GlobalAddresses.Insert(gce.projectID, addr).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.GlobalAddresses().Insert(context.Background(), meta.GlobalKey(addr.Name), addr))
 }
 
 // DeleteGlobalAddress deletes a global address by name.
 func (gce *GCECloud) DeleteGlobalAddress(name string) error {
 	mc := newAddressMetricContext("delete", "")
-	op, err := gce.service.GlobalAddresses.Delete(gce.projectID, name).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.GlobalAddresses().Delete(context.Background(), meta.GlobalKey(name)))
 }
 
 // GetGlobalAddress returns the global address by name.
 func (gce *GCECloud) GetGlobalAddress(name string) (*compute.Address, error) {
 	mc := newAddressMetricContext("get", "")
-	v, err := gce.service.GlobalAddresses.Get(gce.projectID, name).Do()
+	v, err := gce.c.GlobalAddresses().Get(context.Background(), meta.GlobalKey(name))
 	return v, mc.Observe(err)
 }
 
 // ReserveRegionAddress creates a region address
 func (gce *GCECloud) ReserveRegionAddress(addr *compute.Address, region string) error {
 	mc := newAddressMetricContext("reserve", region)
-	op, err := gce.service.Addresses.Insert(gce.projectID, region, addr).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForRegionOp(op, region, mc)
+	return mc.Observe(gce.c.Addresses().Insert(context.Background(), meta.RegionalKey(addr.Name, region), addr))
 }
 
 // ReserveAlphaRegionAddress creates an Alpha, regional address.
 func (gce *GCECloud) ReserveAlphaRegionAddress(addr *computealpha.Address, region string) error {
-	mc := newAddressMetricContextWithVersion("reserve", region, computeAlphaVersion)
-	op, err := gce.serviceAlpha.Addresses.Insert(gce.projectID, region, addr).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForRegionOp(op, region, mc)
+	mc := newAddressMetricContext("reserve", region)
+	return mc.Observe(gce.c.AlphaAddresses().Insert(context.Background(), meta.RegionalKey(addr.Name, region), addr))
 }
 
 // ReserveBetaRegionAddress creates a beta region address
 func (gce *GCECloud) ReserveBetaRegionAddress(addr *computebeta.Address, region string) error {
-	mc := newAddressMetricContextWithVersion("reserve", region, computeBetaVersion)
-	op, err := gce.serviceBeta.Addresses.Insert(gce.projectID, region, addr).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForRegionOp(op, region, mc)
+	mc := newAddressMetricContext("reserve", region)
+	return mc.Observe(gce.c.BetaAddresses().Insert(context.Background(), meta.RegionalKey(addr.Name, region), addr))
 }
 
 // DeleteRegionAddress deletes a region address by name.
 func (gce *GCECloud) DeleteRegionAddress(name, region string) error {
 	mc := newAddressMetricContext("delete", region)
-	op, err := gce.service.Addresses.Delete(gce.projectID, region, name).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForRegionOp(op, region, mc)
+	return mc.Observe(gce.c.Addresses().Delete(context.Background(), meta.RegionalKey(name, region)))
 }
 
 // GetRegionAddress returns the region address by name
 func (gce *GCECloud) GetRegionAddress(name, region string) (*compute.Address, error) {
 	mc := newAddressMetricContext("get", region)
-	v, err := gce.service.Addresses.Get(gce.projectID, region, name).Do()
+	v, err := gce.c.Addresses().Get(context.Background(), meta.RegionalKey(name, region))
 	return v, mc.Observe(err)
 }
 
 // GetAlphaRegionAddress returns the Alpha, regional address by name.
 func (gce *GCECloud) GetAlphaRegionAddress(name, region string) (*computealpha.Address, error) {
-	mc := newAddressMetricContextWithVersion("get", region, computeAlphaVersion)
-	v, err := gce.serviceAlpha.Addresses.Get(gce.projectID, region, name).Do()
+	mc := newAddressMetricContext("get", region)
+	v, err := gce.c.AlphaAddresses().Get(context.Background(), meta.RegionalKey(name, region))
 	return v, mc.Observe(err)
 }
 
 // GetBetaRegionAddress returns the beta region address by name
 func (gce *GCECloud) GetBetaRegionAddress(name, region string) (*computebeta.Address, error) {
-	mc := newAddressMetricContextWithVersion("get", region, computeBetaVersion)
-	v, err := gce.serviceBeta.Addresses.Get(gce.projectID, region, name).Do()
+	mc := newAddressMetricContext("get", region)
+	v, err := gce.c.BetaAddresses().Get(context.Background(), meta.RegionalKey(name, region))
 	return v, mc.Observe(err)
 }
 
 // GetRegionAddressByIP returns the regional address matching the given IP address.
 func (gce *GCECloud) GetRegionAddressByIP(region, ipAddress string) (*compute.Address, error) {
 	mc := newAddressMetricContext("list", region)
-	addrs, err := gce.service.Addresses.List(gce.projectID, region).Filter("address eq " + ipAddress).Do()
-	// Record the metrics for the call.
+	addrs, err := gce.c.Addresses().List(context.Background(), region, filter.Regexp("address", ipAddress))
+
 	mc.Observe(err)
 	if err != nil {
 		return nil, err
 	}
 
-	if len(addrs.Items) > 1 {
-		// We don't expect more than one match.
-		addrsToPrint := []compute.Address{}
-		for _, addr := range addrs.Items {
-			addrsToPrint = append(addrsToPrint, *addr)
-		}
-		glog.Errorf("More than one addresses matching the IP %q: %+v", ipAddress, addrsToPrint)
+	if len(addrs) > 1 {
+		glog.Warningf("More than one addresses matching the IP %q: %v", ipAddress, addrNames(addrs))
 	}
-	for _, addr := range addrs.Items {
+	for _, addr := range addrs {
 		if addr.Address == ipAddress {
 			return addr, nil
 		}
@@ -154,22 +130,17 @@ func (gce *GCECloud) GetRegionAddressByIP(region, ipAddress string) (*compute.Ad
 // GetBetaRegionAddressByIP returns the beta regional address matching the given IP address.
 func (gce *GCECloud) GetBetaRegionAddressByIP(region, ipAddress string) (*computebeta.Address, error) {
 	mc := newAddressMetricContext("list", region)
-	addrs, err := gce.serviceBeta.Addresses.List(gce.projectID, region).Filter("address eq " + ipAddress).Do()
-	// Record the metrics for the call.
+	addrs, err := gce.c.BetaAddresses().List(context.Background(), region, filter.Regexp("address", ipAddress))
+
 	mc.Observe(err)
 	if err != nil {
 		return nil, err
 	}
 
-	if len(addrs.Items) > 1 {
-		// We don't expect more than one match.
-		addrsToPrint := []computebeta.Address{}
-		for _, addr := range addrs.Items {
-			addrsToPrint = append(addrsToPrint, *addr)
-		}
-		glog.Errorf("More than one addresses matching the IP %q: %+v", ipAddress, addrsToPrint)
+	if len(addrs) > 1 {
+		glog.Warningf("More than one addresses matching the IP %q: %v", ipAddress, addrNames(addrs))
 	}
-	for _, addr := range addrs.Items {
+	for _, addr := range addrs {
 		if addr.Address == ipAddress {
 			return addr, nil
 		}
@@ -180,7 +151,7 @@ func (gce *GCECloud) GetBetaRegionAddressByIP(region, ipAddress string) (*comput
 // TODO(#51665): retire this function once Network Tiers becomes Beta in GCP.
 func (gce *GCECloud) getNetworkTierFromAddress(name, region string) (string, error) {
 	if !gce.AlphaFeatureGate.Enabled(AlphaFeatureNetworkTiers) {
-		return NetworkTierDefault.ToGCEValue(), nil
+		return cloud.NetworkTierDefault.ToGCEValue(), nil
 	}
 	addr, err := gce.GetAlphaRegionAddress(name, region)
 	if err != nil {
@@ -188,3 +159,18 @@ func (gce *GCECloud) getNetworkTierFromAddress(name, region string) (string, err
 	}
 	return addr.NetworkTier, nil
 }
+
+func addrNames(items interface{}) []string {
+	var ret []string
+	switch items := items.(type) {
+	case []compute.Address:
+		for _, a := range items {
+			ret = append(ret, a.Name)
+		}
+	case []computebeta.Address:
+		for _, a := range items {
+			ret = append(ret, a.Name)
+		}
+	}
+	return ret
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_addresses_fakes.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_addresses_fakes.go
index 1fd8e91a8cc2..75dfa571c9c4 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_addresses_fakes.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_addresses_fakes.go
@@ -25,6 +25,8 @@ import (
 	computealpha "google.golang.org/api/compute/v0.alpha"
 	computebeta "google.golang.org/api/compute/v0.beta"
 	compute "google.golang.org/api/compute/v1"
+
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud"
 )
 
 // test
@@ -49,7 +51,7 @@ func NewFakeCloudAddressService() *FakeCloudAddressService {
 	}
 }
 
-// SetRegionalAddresses sets the addresses of ther region. This is used for
+// SetRegionalAddresses sets the addresses of there region. This is used for
 // setting the test environment.
 func (cas *FakeCloudAddressService) SetRegionalAddresses(region string, addrs []*computealpha.Address) {
 	// Reset addresses in the region.
@@ -68,7 +70,7 @@ func (cas *FakeCloudAddressService) ReserveAlphaRegionAddress(addr *computealpha
 	}
 
 	if addr.AddressType == "" {
-		addr.AddressType = string(schemeExternal)
+		addr.AddressType = string(cloud.SchemeExternal)
 	}
 
 	if cas.reservedAddrs[addr.Address] {
@@ -76,8 +78,8 @@ func (cas *FakeCloudAddressService) ReserveAlphaRegionAddress(addr *computealpha
 		// When the IP is already in use, this call returns an error code based
 		// on the type (internal vs external) of the address. This is to be
 		// consistent with actual GCE API.
-		switch lbScheme(addr.AddressType) {
-		case schemeExternal:
+		switch cloud.LbScheme(addr.AddressType) {
+		case cloud.SchemeExternal:
 			return makeGoogleAPIError(http.StatusBadRequest, msg)
 		default:
 			return makeGoogleAPIError(http.StatusConflict, msg)
@@ -209,7 +211,7 @@ func convertToAlphaAddress(object gceObject) *computealpha.Address {
 		panic(fmt.Sprintf("Failed to convert GCE apiObject %v to alpha address: %v", object, err))
 	}
 	// Set the default values for the Alpha fields.
-	addr.NetworkTier = NetworkTierDefault.ToGCEValue()
+	addr.NetworkTier = cloud.NetworkTierDefault.ToGCEValue()
 	return &addr
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_alpha.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_alpha.go
index 8b9c98f5816a..6e2272527731 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_alpha.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_alpha.go
@@ -29,15 +29,12 @@ const (
 	// tier to use. Currently supports "Standard" and "Premium" (default).
 	AlphaFeatureNetworkTiers = "NetworkTiers"
 
-	AlphaFeatureGCEDisk = "DiskAlphaAPI"
-
 	AlphaFeatureNetworkEndpointGroup = "NetworkEndpointGroup"
 )
 
 // All known alpha features
 var knownAlphaFeatures = map[string]bool{
 	AlphaFeatureNetworkTiers:         true,
-	AlphaFeatureGCEDisk:              true,
 	AlphaFeatureNetworkEndpointGroup: true,
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_annotations.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_annotations.go
index 37671aeb2a94..ccc0f4441181 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_annotations.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_annotations.go
@@ -18,15 +18,14 @@ package gce
 
 import (
 	"fmt"
-	"strings"
 
 	"github.com/golang/glog"
 
 	"k8s.io/api/core/v1"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud"
 )
 
 type LoadBalancerType string
-type NetworkTier string
 
 const (
 	// ServiceAnnotationLoadBalancerType is annotated on a service with type LoadBalancer
@@ -49,12 +48,8 @@ const (
 	// network tier a GCP LB should use. The valid values are "Standard" and
 	// "Premium" (default).
 	NetworkTierAnnotationKey      = "cloud.google.com/network-tier"
-	NetworkTierAnnotationStandard = "Standard"
-	NetworkTierAnnotationPremium  = "Premium"
-
-	NetworkTierStandard NetworkTier = NetworkTierAnnotationStandard
-	NetworkTierPremium  NetworkTier = NetworkTierAnnotationPremium
-	NetworkTierDefault  NetworkTier = NetworkTierPremium
+	NetworkTierAnnotationStandard = cloud.NetworkTierStandard
+	NetworkTierAnnotationPremium  = cloud.NetworkTierPremium
 )
 
 // GetLoadBalancerAnnotationType returns the type of GCP load balancer which should be assembled.
@@ -97,38 +92,19 @@ func GetLoadBalancerAnnotationBackendShare(service *v1.Service) bool {
 // GetServiceNetworkTier returns the network tier of GCP load balancer
 // which should be assembled, and an error if the specified tier is not
 // supported.
-func GetServiceNetworkTier(service *v1.Service) (NetworkTier, error) {
+func GetServiceNetworkTier(service *v1.Service) (cloud.NetworkTier, error) {
 	l, ok := service.Annotations[NetworkTierAnnotationKey]
 	if !ok {
-		return NetworkTierDefault, nil
+		return cloud.NetworkTierDefault, nil
 	}
 
-	v := NetworkTier(l)
+	v := cloud.NetworkTier(l)
 	switch v {
-	case NetworkTierStandard:
+	case cloud.NetworkTierStandard:
 		fallthrough
-	case NetworkTierPremium:
+	case cloud.NetworkTierPremium:
 		return v, nil
 	default:
-		return NetworkTierDefault, fmt.Errorf("unsupported network tier: %q", v)
-	}
-}
-
-// ToGCEValue converts NetworkTier to a string that we can populate the
-// NetworkTier field of GCE objects.
-func (n NetworkTier) ToGCEValue() string {
-	return strings.ToUpper(string(n))
-}
-
-// NetworkTierGCEValueToType converts the value of the NetworkTier field of a
-// GCE object to the NetworkTier type.
-func NetworkTierGCEValueToType(s string) NetworkTier {
-	switch s {
-	case "STANDARD":
-		return NetworkTierStandard
-	case "PREMIUM":
-		return NetworkTierPremium
-	default:
-		return NetworkTier(s)
+		return cloud.NetworkTierDefault, fmt.Errorf("unsupported network tier: %q", v)
 	}
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_backendservice.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_backendservice.go
index cbbc5db7d79b..66bd4d59e981 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_backendservice.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_backendservice.go
@@ -17,10 +17,13 @@ limitations under the License.
 package gce
 
 import (
-	"net/http"
+	"context"
 
 	computealpha "google.golang.org/api/compute/v0.alpha"
 	compute "google.golang.org/api/compute/v1"
+
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
 )
 
 func newBackendServiceMetricContext(request, region string) *metricContext {
@@ -34,150 +37,105 @@ func newBackendServiceMetricContextWithVersion(request, region, version string)
 // GetGlobalBackendService retrieves a backend by name.
 func (gce *GCECloud) GetGlobalBackendService(name string) (*compute.BackendService, error) {
 	mc := newBackendServiceMetricContext("get", "")
-	v, err := gce.service.BackendServices.Get(gce.projectID, name).Do()
+	v, err := gce.c.BackendServices().Get(context.Background(), meta.GlobalKey(name))
 	return v, mc.Observe(err)
 }
 
 // GetAlphaGlobalBackendService retrieves alpha backend by name.
 func (gce *GCECloud) GetAlphaGlobalBackendService(name string) (*computealpha.BackendService, error) {
 	mc := newBackendServiceMetricContextWithVersion("get", "", computeAlphaVersion)
-	v, err := gce.serviceAlpha.BackendServices.Get(gce.projectID, name).Do()
+	v, err := gce.c.AlphaBackendServices().Get(context.Background(), meta.GlobalKey(name))
 	return v, mc.Observe(err)
 }
 
-// UpdateGlobalBackendService applies the given BackendService as an update to an existing service.
+// UpdateGlobalBackendService applies the given BackendService as an update to
+// an existing service.
 func (gce *GCECloud) UpdateGlobalBackendService(bg *compute.BackendService) error {
 	mc := newBackendServiceMetricContext("update", "")
-	op, err := gce.service.BackendServices.Update(gce.projectID, bg.Name, bg).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.BackendServices().Update(context.Background(), meta.GlobalKey(bg.Name), bg))
 }
 
-// UpdateAlphaGlobalBackendService applies the given alpha BackendService as an update to an existing service.
+// UpdateAlphaGlobalBackendService applies the given alpha BackendService as an
+// update to an existing service.
 func (gce *GCECloud) UpdateAlphaGlobalBackendService(bg *computealpha.BackendService) error {
-	mc := newBackendServiceMetricContextWithVersion("update", "", computeAlphaVersion)
-	op, err := gce.serviceAlpha.BackendServices.Update(gce.projectID, bg.Name, bg).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOp(op, mc)
+	mc := newBackendServiceMetricContext("update", "")
+	return mc.Observe(gce.c.AlphaBackendServices().Update(context.Background(), meta.GlobalKey(bg.Name), bg))
 }
 
 // DeleteGlobalBackendService deletes the given BackendService by name.
 func (gce *GCECloud) DeleteGlobalBackendService(name string) error {
 	mc := newBackendServiceMetricContext("delete", "")
-	op, err := gce.service.BackendServices.Delete(gce.projectID, name).Do()
-	if err != nil {
-		if isHTTPErrorCode(err, http.StatusNotFound) {
-			return nil
-		}
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.BackendServices().Delete(context.Background(), meta.GlobalKey(name)))
 }
 
 // CreateGlobalBackendService creates the given BackendService.
 func (gce *GCECloud) CreateGlobalBackendService(bg *compute.BackendService) error {
 	mc := newBackendServiceMetricContext("create", "")
-	op, err := gce.service.BackendServices.Insert(gce.projectID, bg).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.BackendServices().Insert(context.Background(), meta.GlobalKey(bg.Name), bg))
 }
 
 // CreateAlphaGlobalBackendService creates the given alpha BackendService.
 func (gce *GCECloud) CreateAlphaGlobalBackendService(bg *computealpha.BackendService) error {
-	mc := newBackendServiceMetricContextWithVersion("create", "", computeAlphaVersion)
-	op, err := gce.serviceAlpha.BackendServices.Insert(gce.projectID, bg).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOp(op, mc)
+	mc := newBackendServiceMetricContext("create", "")
+	return mc.Observe(gce.c.AlphaBackendServices().Insert(context.Background(), meta.GlobalKey(bg.Name), bg))
 }
 
 // ListGlobalBackendServices lists all backend services in the project.
-func (gce *GCECloud) ListGlobalBackendServices() (*compute.BackendServiceList, error) {
+func (gce *GCECloud) ListGlobalBackendServices() ([]*compute.BackendService, error) {
 	mc := newBackendServiceMetricContext("list", "")
-	// TODO: use PageToken to list all not just the first 500
-	v, err := gce.service.BackendServices.List(gce.projectID).Do()
+	v, err := gce.c.BackendServices().List(context.Background(), filter.None)
 	return v, mc.Observe(err)
 }
 
-// GetGlobalBackendServiceHealth returns the health of the BackendService identified by the given
-// name, in the given instanceGroup. The instanceGroupLink is the fully
-// qualified self link of an instance group.
+// GetGlobalBackendServiceHealth returns the health of the BackendService
+// identified by the given name, in the given instanceGroup. The
+// instanceGroupLink is the fully qualified self link of an instance group.
 func (gce *GCECloud) GetGlobalBackendServiceHealth(name string, instanceGroupLink string) (*compute.BackendServiceGroupHealth, error) {
 	mc := newBackendServiceMetricContext("get_health", "")
 	groupRef := &compute.ResourceGroupReference{Group: instanceGroupLink}
-	v, err := gce.service.BackendServices.GetHealth(gce.projectID, name, groupRef).Do()
+	v, err := gce.c.BackendServices().GetHealth(context.Background(), meta.GlobalKey(name), groupRef)
 	return v, mc.Observe(err)
 }
 
 // GetRegionBackendService retrieves a backend by name.
 func (gce *GCECloud) GetRegionBackendService(name, region string) (*compute.BackendService, error) {
 	mc := newBackendServiceMetricContext("get", region)
-	v, err := gce.service.RegionBackendServices.Get(gce.projectID, region, name).Do()
+	v, err := gce.c.RegionBackendServices().Get(context.Background(), meta.RegionalKey(name, region))
 	return v, mc.Observe(err)
 }
 
-// UpdateRegionBackendService applies the given BackendService as an update to an existing service.
+// UpdateRegionBackendService applies the given BackendService as an update to
+// an existing service.
 func (gce *GCECloud) UpdateRegionBackendService(bg *compute.BackendService, region string) error {
 	mc := newBackendServiceMetricContext("update", region)
-	op, err := gce.service.RegionBackendServices.Update(gce.projectID, region, bg.Name, bg).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForRegionOp(op, region, mc)
+	return mc.Observe(gce.c.RegionBackendServices().Update(context.Background(), meta.RegionalKey(bg.Name, region), bg))
 }
 
 // DeleteRegionBackendService deletes the given BackendService by name.
 func (gce *GCECloud) DeleteRegionBackendService(name, region string) error {
 	mc := newBackendServiceMetricContext("delete", region)
-	op, err := gce.service.RegionBackendServices.Delete(gce.projectID, region, name).Do()
-	if err != nil {
-		if isHTTPErrorCode(err, http.StatusNotFound) {
-			return nil
-		}
-		return mc.Observe(err)
-	}
-
-	return gce.waitForRegionOp(op, region, mc)
+	return mc.Observe(gce.c.RegionBackendServices().Delete(context.Background(), meta.RegionalKey(name, region)))
 }
 
 // CreateRegionBackendService creates the given BackendService.
 func (gce *GCECloud) CreateRegionBackendService(bg *compute.BackendService, region string) error {
 	mc := newBackendServiceMetricContext("create", region)
-	op, err := gce.service.RegionBackendServices.Insert(gce.projectID, region, bg).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForRegionOp(op, region, mc)
+	return mc.Observe(gce.c.RegionBackendServices().Insert(context.Background(), meta.RegionalKey(bg.Name, region), bg))
 }
 
 // ListRegionBackendServices lists all backend services in the project.
-func (gce *GCECloud) ListRegionBackendServices(region string) (*compute.BackendServiceList, error) {
+func (gce *GCECloud) ListRegionBackendServices(region string) ([]*compute.BackendService, error) {
 	mc := newBackendServiceMetricContext("list", region)
-	// TODO: use PageToken to list all not just the first 500
-	v, err := gce.service.RegionBackendServices.List(gce.projectID, region).Do()
+	v, err := gce.c.RegionBackendServices().List(context.Background(), region, filter.None)
 	return v, mc.Observe(err)
 }
 
-// GetRegionalBackendServiceHealth returns the health of the BackendService identified by the given
-// name, in the given instanceGroup. The instanceGroupLink is the fully
-// qualified self link of an instance group.
+// GetRegionalBackendServiceHealth returns the health of the BackendService
+// identified by the given name, in the given instanceGroup. The
+// instanceGroupLink is the fully qualified self link of an instance group.
 func (gce *GCECloud) GetRegionalBackendServiceHealth(name, region string, instanceGroupLink string) (*compute.BackendServiceGroupHealth, error) {
 	mc := newBackendServiceMetricContext("get_health", region)
-	groupRef := &compute.ResourceGroupReference{Group: instanceGroupLink}
-	v, err := gce.service.RegionBackendServices.GetHealth(gce.projectID, region, name, groupRef).Do()
+	ref := &compute.ResourceGroupReference{Group: instanceGroupLink}
+	v, err := gce.c.RegionBackendServices().GetHealth(context.Background(), meta.RegionalKey(name, region), ref)
 	return v, mc.Observe(err)
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_cert.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_cert.go
index e981fe71765e..f91ce879e39b 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_cert.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_cert.go
@@ -17,9 +17,12 @@ limitations under the License.
 package gce
 
 import (
-	"net/http"
+	"context"
 
 	compute "google.golang.org/api/compute/v1"
+
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
 )
 
 func newCertMetricContext(request string) *metricContext {
@@ -29,46 +32,29 @@ func newCertMetricContext(request string) *metricContext {
 // GetSslCertificate returns the SslCertificate by name.
 func (gce *GCECloud) GetSslCertificate(name string) (*compute.SslCertificate, error) {
 	mc := newCertMetricContext("get")
-	v, err := gce.service.SslCertificates.Get(gce.projectID, name).Do()
+	v, err := gce.c.SslCertificates().Get(context.Background(), meta.GlobalKey(name))
 	return v, mc.Observe(err)
 }
 
 // CreateSslCertificate creates and returns a SslCertificate.
 func (gce *GCECloud) CreateSslCertificate(sslCerts *compute.SslCertificate) (*compute.SslCertificate, error) {
 	mc := newCertMetricContext("create")
-	op, err := gce.service.SslCertificates.Insert(gce.projectID, sslCerts).Do()
-
+	err := gce.c.SslCertificates().Insert(context.Background(), meta.GlobalKey(sslCerts.Name), sslCerts)
 	if err != nil {
 		return nil, mc.Observe(err)
 	}
-
-	if err = gce.waitForGlobalOp(op, mc); err != nil {
-		return nil, mc.Observe(err)
-	}
-
 	return gce.GetSslCertificate(sslCerts.Name)
 }
 
 // DeleteSslCertificate deletes the SslCertificate by name.
 func (gce *GCECloud) DeleteSslCertificate(name string) error {
 	mc := newCertMetricContext("delete")
-	op, err := gce.service.SslCertificates.Delete(gce.projectID, name).Do()
-
-	if err != nil {
-		if isHTTPErrorCode(err, http.StatusNotFound) {
-			return nil
-		}
-
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.SslCertificates().Delete(context.Background(), meta.GlobalKey(name)))
 }
 
 // ListSslCertificates lists all SslCertificates in the project.
-func (gce *GCECloud) ListSslCertificates() (*compute.SslCertificateList, error) {
+func (gce *GCECloud) ListSslCertificates() ([]*compute.SslCertificate, error) {
 	mc := newCertMetricContext("list")
-	// TODO: use PageToken to list all not just the first 500
-	v, err := gce.service.SslCertificates.List(gce.projectID).Do()
+	v, err := gce.c.SslCertificates().List(context.Background(), filter.None)
 	return v, mc.Observe(err)
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_clusters.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_clusters.go
index dad330ca5d55..615f9379b247 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_clusters.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_clusters.go
@@ -16,11 +16,13 @@ limitations under the License.
 
 package gce
 
+import "context"
+
 func newClustersMetricContext(request, zone string) *metricContext {
 	return newGenericMetricContext("clusters", request, unusedMetricLabel, zone, computeV1Version)
 }
 
-func (gce *GCECloud) ListClusters() ([]string, error) {
+func (gce *GCECloud) ListClusters(ctx context.Context) ([]string, error) {
 	allClusters := []string{}
 
 	for _, zone := range gce.managedZones {
@@ -35,7 +37,7 @@ func (gce *GCECloud) ListClusters() ([]string, error) {
 	return allClusters, nil
 }
 
-func (gce *GCECloud) Master(clusterName string) (string, error) {
+func (gce *GCECloud) Master(ctx context.Context, clusterName string) (string, error) {
 	return "k8s-" + clusterName + "-master.internal", nil
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_disks.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_disks.go
index 6918c57c0df7..18b1c080932f 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_disks.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_disks.go
@@ -17,6 +17,7 @@ limitations under the License.
 package gce
 
 import (
+	"context"
 	"encoding/json"
 	"fmt"
 	"net/http"
@@ -33,9 +34,11 @@ import (
 	volumeutil "k8s.io/kubernetes/pkg/volume/util"
 
 	"github.com/golang/glog"
-	computealpha "google.golang.org/api/compute/v0.alpha"
+	computebeta "google.golang.org/api/compute/v0.beta"
 	compute "google.golang.org/api/compute/v1"
 	"google.golang.org/api/googleapi"
+	utilfeature "k8s.io/apiserver/pkg/util/feature"
+	"k8s.io/kubernetes/pkg/features"
 )
 
 type DiskType string
@@ -111,6 +114,8 @@ type gceServiceManager struct {
 	gce *GCECloud
 }
 
+var _ diskServiceManager = &gceServiceManager{}
+
 func (manager *gceServiceManager) CreateDiskOnCloudProvider(
 	name string,
 	sizeGb int64,
@@ -118,23 +123,11 @@ func (manager *gceServiceManager) CreateDiskOnCloudProvider(
 	diskType string,
 	zone string) (gceObject, error) {
 	diskTypeURI, err := manager.getDiskTypeURI(
-		manager.gce.region /* diskRegion */, singleZone{zone}, diskType)
+		manager.gce.region /* diskRegion */, singleZone{zone}, diskType, false /* useBetaAPI */)
 	if err != nil {
 		return nil, err
 	}
 
-	if manager.gce.AlphaFeatureGate.Enabled(AlphaFeatureGCEDisk) {
-		diskToCreateAlpha := &computealpha.Disk{
-			Name:        name,
-			SizeGb:      sizeGb,
-			Description: tagsStr,
-			Type:        diskTypeURI,
-		}
-
-		return manager.gce.serviceAlpha.Disks.Insert(
-			manager.gce.projectID, zone, diskToCreateAlpha).Do()
-	}
-
 	diskToCreateV1 := &compute.Disk{
 		Name:        name,
 		SizeGb:      sizeGb,
@@ -151,29 +144,31 @@ func (manager *gceServiceManager) CreateRegionalDiskOnCloudProvider(
 	tagsStr string,
 	diskType string,
 	replicaZones sets.String) (gceObject, error) {
-	diskTypeURI, err := manager.getDiskTypeURI(
-		manager.gce.region /* diskRegion */, multiZone{replicaZones}, diskType)
-	if err != nil {
-		return nil, err
-	}
-	fullyQualifiedReplicaZones := []string{}
-	for _, replicaZone := range replicaZones.UnsortedList() {
-		fullyQualifiedReplicaZones = append(
-			fullyQualifiedReplicaZones, manager.getReplicaZoneURI(replicaZone))
-	}
-	if manager.gce.AlphaFeatureGate.Enabled(AlphaFeatureGCEDisk) {
-		diskToCreateAlpha := &computealpha.Disk{
+
+	if utilfeature.DefaultFeatureGate.Enabled(features.GCERegionalPersistentDisk) {
+		diskTypeURI, err := manager.getDiskTypeURI(
+			manager.gce.region /* diskRegion */, multiZone{replicaZones}, diskType, true /* useBetaAPI */)
+		if err != nil {
+			return nil, err
+		}
+		fullyQualifiedReplicaZones := []string{}
+		for _, replicaZone := range replicaZones.UnsortedList() {
+			fullyQualifiedReplicaZones = append(
+				fullyQualifiedReplicaZones, manager.getReplicaZoneURI(replicaZone, true))
+		}
+
+		diskToCreateBeta := &computebeta.Disk{
 			Name:         name,
 			SizeGb:       sizeGb,
 			Description:  tagsStr,
 			Type:         diskTypeURI,
 			ReplicaZones: fullyQualifiedReplicaZones,
 		}
-		return manager.gce.serviceAlpha.RegionDisks.Insert(
-			manager.gce.projectID, manager.gce.region, diskToCreateAlpha).Do()
+		return manager.gce.serviceBeta.RegionDisks.Insert(
+			manager.gce.projectID, manager.gce.region, diskToCreateBeta).Do()
 	}
 
-	return nil, fmt.Errorf("The regional PD feature is only available via the GCE Alpha API. Enable \"GCEDiskAlphaAPI\" in the list of \"alpha-features\" in \"gce.conf\" to use the feature.")
+	return nil, fmt.Errorf("the regional PD feature is only available with the %s Kubernetes feature gate enabled", features.GCERegionalPersistentDisk)
 }
 
 func (manager *gceServiceManager) AttachDiskOnCloudProvider(
@@ -186,24 +181,12 @@ func (manager *gceServiceManager) AttachDiskOnCloudProvider(
 		return nil, err
 	}
 
-	if manager.gce.AlphaFeatureGate.Enabled(AlphaFeatureGCEDisk) {
-		attachedDiskAlpha := &computealpha.AttachedDisk{
-			DeviceName: disk.Name,
-			Kind:       disk.Kind,
-			Mode:       readWrite,
-			Source:     source,
-			Type:       diskTypePersistent,
-		}
-		return manager.gce.serviceAlpha.Instances.AttachDisk(
-			manager.gce.projectID, instanceZone, instanceName, attachedDiskAlpha).Do()
-	}
-
 	attachedDiskV1 := &compute.AttachedDisk{
 		DeviceName: disk.Name,
 		Kind:       disk.Kind,
 		Mode:       readWrite,
 		Source:     source,
-		Type:       disk.Type,
+		Type:       diskTypePersistent,
 	}
 	return manager.gce.service.Instances.AttachDisk(
 		manager.gce.projectID, instanceZone, instanceName, attachedDiskV1).Do()
@@ -213,11 +196,6 @@ func (manager *gceServiceManager) DetachDiskOnCloudProvider(
 	instanceZone string,
 	instanceName string,
 	devicePath string) (gceObject, error) {
-	if manager.gce.AlphaFeatureGate.Enabled(AlphaFeatureGCEDisk) {
-		manager.gce.serviceAlpha.Instances.DetachDisk(
-			manager.gce.projectID, instanceZone, instanceName, devicePath).Do()
-	}
-
 	return manager.gce.service.Instances.DetachDisk(
 		manager.gce.projectID, instanceZone, instanceName, devicePath).Do()
 }
@@ -233,45 +211,6 @@ func (manager *gceServiceManager) GetDiskFromCloudProvider(
 		return nil, fmt.Errorf("Can not fetch disk. Zone is specified (%q). But disk name is empty.", zone)
 	}
 
-	if manager.gce.AlphaFeatureGate.Enabled(AlphaFeatureGCEDisk) {
-		diskAlpha, err := manager.gce.serviceAlpha.Disks.Get(
-			manager.gce.projectID, zone, diskName).Do()
-		if err != nil {
-			return nil, err
-		}
-
-		var zoneInfo zoneType
-		if len(diskAlpha.ReplicaZones) > 1 {
-			zones := sets.NewString()
-			for _, zoneURI := range diskAlpha.ReplicaZones {
-				zones.Insert(lastComponent(zoneURI))
-			}
-			zoneInfo = multiZone{zones}
-		} else {
-			zoneInfo = singleZone{lastComponent(diskAlpha.Zone)}
-			if diskAlpha.Zone == "" {
-				zoneInfo = singleZone{lastComponent(zone)}
-			}
-		}
-
-		region := strings.TrimSpace(lastComponent(diskAlpha.Region))
-		if region == "" {
-			region, err = manager.getRegionFromZone(zoneInfo)
-			if err != nil {
-				return nil, fmt.Errorf("failed to extract region from zone for %q/%q err=%v", zone, diskName, err)
-			}
-		}
-
-		return &GCEDisk{
-			ZoneInfo: zoneInfo,
-			Region:   region,
-			Name:     diskAlpha.Name,
-			Kind:     diskAlpha.Kind,
-			Type:     diskAlpha.Type,
-			SizeGb:   diskAlpha.SizeGb,
-		}, nil
-	}
-
 	diskStable, err := manager.gce.service.Disks.Get(
 		manager.gce.projectID, zone, diskName).Do()
 	if err != nil {
@@ -301,52 +240,46 @@ func (manager *gceServiceManager) GetDiskFromCloudProvider(
 func (manager *gceServiceManager) GetRegionalDiskFromCloudProvider(
 	diskName string) (*GCEDisk, error) {
 
-	if manager.gce.AlphaFeatureGate.Enabled(AlphaFeatureGCEDisk) {
-		diskAlpha, err := manager.gce.serviceAlpha.RegionDisks.Get(
+	if utilfeature.DefaultFeatureGate.Enabled(features.GCERegionalPersistentDisk) {
+		diskBeta, err := manager.gce.serviceBeta.RegionDisks.Get(
 			manager.gce.projectID, manager.gce.region, diskName).Do()
 		if err != nil {
 			return nil, err
 		}
 
 		zones := sets.NewString()
-		for _, zoneURI := range diskAlpha.ReplicaZones {
+		for _, zoneURI := range diskBeta.ReplicaZones {
 			zones.Insert(lastComponent(zoneURI))
 		}
 
 		return &GCEDisk{
 			ZoneInfo: multiZone{zones},
-			Region:   lastComponent(diskAlpha.Region),
-			Name:     diskAlpha.Name,
-			Kind:     diskAlpha.Kind,
-			Type:     diskAlpha.Type,
-			SizeGb:   diskAlpha.SizeGb,
+			Region:   lastComponent(diskBeta.Region),
+			Name:     diskBeta.Name,
+			Kind:     diskBeta.Kind,
+			Type:     diskBeta.Type,
+			SizeGb:   diskBeta.SizeGb,
 		}, nil
 	}
 
-	return nil, fmt.Errorf("The regional PD feature is only available via the GCE Alpha API. Enable \"GCEDiskAlphaAPI\" in the list of \"alpha-features\" in \"gce.conf\" to use the feature.")
+	return nil, fmt.Errorf("the regional PD feature is only available with the %s Kubernetes feature gate enabled", features.GCERegionalPersistentDisk)
 }
 
 func (manager *gceServiceManager) DeleteDiskOnCloudProvider(
 	zone string,
 	diskName string) (gceObject, error) {
-
-	if manager.gce.AlphaFeatureGate.Enabled(AlphaFeatureGCEDisk) {
-		return manager.gce.serviceAlpha.Disks.Delete(
-			manager.gce.projectID, zone, diskName).Do()
-	}
-
 	return manager.gce.service.Disks.Delete(
 		manager.gce.projectID, zone, diskName).Do()
 }
 
 func (manager *gceServiceManager) DeleteRegionalDiskOnCloudProvider(
 	diskName string) (gceObject, error) {
-	if manager.gce.AlphaFeatureGate.Enabled(AlphaFeatureGCEDisk) {
-		return manager.gce.serviceAlpha.RegionDisks.Delete(
+	if utilfeature.DefaultFeatureGate.Enabled(features.GCERegionalPersistentDisk) {
+		return manager.gce.serviceBeta.RegionDisks.Delete(
 			manager.gce.projectID, manager.gce.region, diskName).Do()
 	}
 
-	return nil, fmt.Errorf("DeleteRegionalDiskOnCloudProvider is a regional PD feature and is only available via the GCE Alpha API. Enable \"GCEDiskAlphaAPI\" in the list of \"alpha-features\" in \"gce.conf\" to use the feature.")
+	return nil, fmt.Errorf("the regional PD feature is only available with the %s Kubernetes feature gate enabled", features.GCERegionalPersistentDisk)
 }
 
 func (manager *gceServiceManager) WaitForZoneOp(
@@ -361,9 +294,6 @@ func (manager *gceServiceManager) WaitForRegionalOp(
 
 func (manager *gceServiceManager) getDiskSourceURI(disk *GCEDisk) (string, error) {
 	getProjectsAPIEndpoint := manager.getProjectsAPIEndpoint()
-	if manager.gce.AlphaFeatureGate.Enabled(AlphaFeatureGCEDisk) {
-		getProjectsAPIEndpoint = manager.getProjectsAPIEndpointAlpha()
-	}
 
 	switch zoneInfo := disk.ZoneInfo.(type) {
 	case singleZone:
@@ -397,10 +327,13 @@ func (manager *gceServiceManager) getDiskSourceURI(disk *GCEDisk) (string, error
 }
 
 func (manager *gceServiceManager) getDiskTypeURI(
-	diskRegion string, diskZoneInfo zoneType, diskType string) (string, error) {
-	getProjectsAPIEndpoint := manager.getProjectsAPIEndpoint()
-	if manager.gce.AlphaFeatureGate.Enabled(AlphaFeatureGCEDisk) {
-		getProjectsAPIEndpoint = manager.getProjectsAPIEndpointAlpha()
+	diskRegion string, diskZoneInfo zoneType, diskType string, useBetaAPI bool) (string, error) {
+
+	var getProjectsAPIEndpoint string
+	if useBetaAPI {
+		getProjectsAPIEndpoint = manager.getProjectsAPIEndpointBeta()
+	} else {
+		getProjectsAPIEndpoint = manager.getProjectsAPIEndpoint()
 	}
 
 	switch zoneInfo := diskZoneInfo.(type) {
@@ -430,10 +363,12 @@ func (manager *gceServiceManager) getDiskTypeURI(
 	}
 }
 
-func (manager *gceServiceManager) getReplicaZoneURI(zone string) string {
-	getProjectsAPIEndpoint := manager.getProjectsAPIEndpoint()
-	if manager.gce.AlphaFeatureGate.Enabled(AlphaFeatureGCEDisk) {
-		getProjectsAPIEndpoint = manager.getProjectsAPIEndpointAlpha()
+func (manager *gceServiceManager) getReplicaZoneURI(zone string, useBetaAPI bool) string {
+	var getProjectsAPIEndpoint string
+	if useBetaAPI {
+		getProjectsAPIEndpoint = manager.getProjectsAPIEndpointBeta()
+	} else {
+		getProjectsAPIEndpoint = manager.getProjectsAPIEndpoint()
 	}
 
 	return getProjectsAPIEndpoint + fmt.Sprintf(
@@ -477,13 +412,6 @@ func (manager *gceServiceManager) getRegionFromZone(zoneInfo zoneType) (string,
 }
 
 func (manager *gceServiceManager) ResizeDiskOnCloudProvider(disk *GCEDisk, sizeGb int64, zone string) (gceObject, error) {
-	if manager.gce.AlphaFeatureGate.Enabled(AlphaFeatureGCEDisk) {
-		resizeServiceRequest := &computealpha.DisksResizeRequest{
-			SizeGb: sizeGb,
-		}
-		return manager.gce.serviceAlpha.Disks.Resize(manager.gce.projectID, zone, disk.Name, resizeServiceRequest).Do()
-
-	}
 	resizeServiceRequest := &compute.DisksResizeRequest{
 		SizeGb: sizeGb,
 	}
@@ -491,20 +419,20 @@ func (manager *gceServiceManager) ResizeDiskOnCloudProvider(disk *GCEDisk, sizeG
 }
 
 func (manager *gceServiceManager) RegionalResizeDiskOnCloudProvider(disk *GCEDisk, sizeGb int64) (gceObject, error) {
-	if manager.gce.AlphaFeatureGate.Enabled(AlphaFeatureGCEDisk) {
-		resizeServiceRequest := &computealpha.RegionDisksResizeRequest{
+	if utilfeature.DefaultFeatureGate.Enabled(features.GCERegionalPersistentDisk) {
+		resizeServiceRequest := &computebeta.RegionDisksResizeRequest{
 			SizeGb: sizeGb,
 		}
-		return manager.gce.serviceAlpha.RegionDisks.Resize(manager.gce.projectID, disk.Region, disk.Name, resizeServiceRequest).Do()
+		return manager.gce.serviceBeta.RegionDisks.Resize(manager.gce.projectID, disk.Region, disk.Name, resizeServiceRequest).Do()
 	}
-	return nil, fmt.Errorf("RegionalResizeDiskOnCloudProvider is a regional PD feature and is only available via the GCE Alpha API. Enable \"GCEDiskAlphaAPI\" in the list of \"alpha-features\" in \"gce.conf\" to use the feature.")
+	return nil, fmt.Errorf("the regional PD feature is only available with the %s Kubernetes feature gate enabled", features.GCERegionalPersistentDisk)
 }
 
 // Disks is interface for manipulation with GCE PDs.
 type Disks interface {
 	// AttachDisk attaches given disk to the node with the specified NodeName.
 	// Current instance is used when instanceID is empty string.
-	AttachDisk(diskName string, nodeName types.NodeName, readOnly bool) error
+	AttachDisk(diskName string, nodeName types.NodeName, readOnly bool, regional bool) error
 
 	// DetachDisk detaches given disk to the node with the specified NodeName.
 	// Current instance is used when nodeName is empty string.
@@ -577,7 +505,7 @@ func newDiskMetricContextRegional(request, region string) *metricContext {
 	return newGenericMetricContext("disk", request, region, unusedMetricLabel, computeV1Version)
 }
 
-func (gce *GCECloud) GetLabelsForVolume(pv *v1.PersistentVolume) (map[string]string, error) {
+func (gce *GCECloud) GetLabelsForVolume(ctx context.Context, pv *v1.PersistentVolume) (map[string]string, error) {
 	// Ignore any volumes that are being provisioned
 	if pv.Spec.GCEPersistentDisk.PDName == volume.ProvisionedVolumeName {
 		return nil, nil
@@ -594,7 +522,7 @@ func (gce *GCECloud) GetLabelsForVolume(pv *v1.PersistentVolume) (map[string]str
 	return labels, nil
 }
 
-func (gce *GCECloud) AttachDisk(diskName string, nodeName types.NodeName, readOnly bool) error {
+func (gce *GCECloud) AttachDisk(diskName string, nodeName types.NodeName, readOnly bool, regional bool) error {
 	instanceName := mapNodeNameToInstanceName(nodeName)
 	instance, err := gce.getInstanceByName(instanceName)
 	if err != nil {
@@ -604,7 +532,7 @@ func (gce *GCECloud) AttachDisk(diskName string, nodeName types.NodeName, readOn
 	// Try fetching as regional PD
 	var disk *GCEDisk
 	var mc *metricContext
-	if gce.AlphaFeatureGate.Enabled(AlphaFeatureGCEDisk) {
+	if regional && utilfeature.DefaultFeatureGate.Enabled(features.GCERegionalPersistentDisk) {
 		disk, err = gce.getRegionalDiskByName(diskName)
 		if err != nil {
 			glog.V(5).Infof("Could not find regional PD named %q to Attach. Will look for a zonal PD", diskName)
@@ -845,7 +773,7 @@ func (gce *GCECloud) ResizeDisk(diskToResize string, oldSize resource.Quantity,
 
 	requestBytes := newSize.Value()
 	// GCE resizes in chunks of GBs (not GiB)
-	requestGB := volume.RoundUpSize(requestBytes, 1000*1000*1000)
+	requestGB := volumeutil.RoundUpSize(requestBytes, 1000*1000*1000)
 	newSizeQuant := resource.MustParse(fmt.Sprintf("%dG", requestGB))
 
 	// If disk is already of size equal or greater than requested size, we simply return
@@ -869,17 +797,20 @@ func (gce *GCECloud) ResizeDisk(diskToResize string, oldSize resource.Quantity,
 		}
 		return newSizeQuant, nil
 	case multiZone:
-		mc = newDiskMetricContextRegional("resize", disk.Region)
-		resizeOp, err := gce.manager.RegionalResizeDiskOnCloudProvider(disk, requestGB)
+		if utilfeature.DefaultFeatureGate.Enabled(features.GCERegionalPersistentDisk) {
+			mc = newDiskMetricContextRegional("resize", disk.Region)
+			resizeOp, err := gce.manager.RegionalResizeDiskOnCloudProvider(disk, requestGB)
 
-		if err != nil {
-			return oldSize, mc.Observe(err)
-		}
-		waitErr := gce.manager.WaitForRegionalOp(resizeOp, mc)
-		if waitErr != nil {
-			return oldSize, waitErr
+			if err != nil {
+				return oldSize, mc.Observe(err)
+			}
+			waitErr := gce.manager.WaitForRegionalOp(resizeOp, mc)
+			if waitErr != nil {
+				return oldSize, waitErr
+			}
+			return newSizeQuant, nil
 		}
-		return newSizeQuant, nil
+		return oldSize, fmt.Errorf("disk.ZoneInfo has unexpected type %T", zoneInfo)
 	case nil:
 		return oldSize, fmt.Errorf("PD has nil ZoneInfo: %v", disk)
 	default:
@@ -912,19 +843,26 @@ func (gce *GCECloud) GetAutoLabelsForPD(name string, zone string) (map[string]st
 		// We could assume the disks exists; we have all the information we need
 		// However it is more consistent to ensure the disk exists,
 		// and in future we may gather addition information (e.g. disk type, IOPS etc)
-		zoneSet, err := volumeutil.LabelZonesToSet(zone)
-		if err != nil {
-			glog.Warningf("Failed to parse zone field: %q. Will use raw field.", zone)
-		}
-
-		if len(zoneSet) > 1 {
-			// Regional PD
-			disk, err = gce.getRegionalDiskByName(name)
+		if utilfeature.DefaultFeatureGate.Enabled(features.GCERegionalPersistentDisk) {
+			zoneSet, err := volumeutil.LabelZonesToSet(zone)
 			if err != nil {
-				return nil, err
+				glog.Warningf("Failed to parse zone field: %q. Will use raw field.", zone)
+			}
+
+			if len(zoneSet) > 1 {
+				// Regional PD
+				disk, err = gce.getRegionalDiskByName(name)
+				if err != nil {
+					return nil, err
+				}
+			} else {
+				// Zonal PD
+				disk, err = gce.getDiskByName(name, zone)
+				if err != nil {
+					return nil, err
+				}
 			}
 		} else {
-			// Zonal PD
 			disk, err = gce.getDiskByName(name, zone)
 			if err != nil {
 				return nil, err
@@ -1010,7 +948,7 @@ func (gce *GCECloud) getRegionalDiskByName(diskName string) (*GCEDisk, error) {
 // Prefer getDiskByName, if the zone can be established
 // Return cloudprovider.DiskNotFound if the given disk cannot be found in any zone
 func (gce *GCECloud) GetDiskByNameUnknownZone(diskName string) (*GCEDisk, error) {
-	if gce.AlphaFeatureGate.Enabled(AlphaFeatureGCEDisk) {
+	if utilfeature.DefaultFeatureGate.Enabled(features.GCERegionalPersistentDisk) {
 		regionalDisk, err := gce.getRegionalDiskByName(diskName)
 		if err == nil {
 			return regionalDisk, err
@@ -1020,7 +958,7 @@ func (gce *GCECloud) GetDiskByNameUnknownZone(diskName string) (*GCEDisk, error)
 	// Note: this is the gotcha right now with GCE PD support:
 	// disk names are not unique per-region.
 	// (I can create two volumes with name "myvol" in e.g. us-central1-b & us-central1-f)
-	// For now, this is simply undefined behvaiour.
+	// For now, this is simply undefined behaviour.
 	//
 	// In future, we will have to require users to qualify their disk
 	// "us-central1-a/mydisk".  We could do this for them as part of
@@ -1094,12 +1032,15 @@ func (gce *GCECloud) doDeleteDisk(diskToDelete string) error {
 		}
 		return gce.manager.WaitForZoneOp(deleteOp, zoneInfo.zone, mc)
 	case multiZone:
-		mc = newDiskMetricContextRegional("delete", disk.Region)
-		deleteOp, err := gce.manager.DeleteRegionalDiskOnCloudProvider(disk.Name)
-		if err != nil {
-			return mc.Observe(err)
+		if utilfeature.DefaultFeatureGate.Enabled(features.GCERegionalPersistentDisk) {
+			mc = newDiskMetricContextRegional("delete", disk.Region)
+			deleteOp, err := gce.manager.DeleteRegionalDiskOnCloudProvider(disk.Name)
+			if err != nil {
+				return mc.Observe(err)
+			}
+			return gce.manager.WaitForRegionalOp(deleteOp, mc)
 		}
-		return gce.manager.WaitForRegionalOp(deleteOp, mc)
+		return fmt.Errorf("disk.ZoneInfo has unexpected type %T", zoneInfo)
 	case nil:
 		return fmt.Errorf("PD has nil ZoneInfo: %v", disk)
 	default:
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_firewall.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_firewall.go
index 2e5297275f97..88db0ebd3b9d 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_firewall.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_firewall.go
@@ -17,7 +17,11 @@ limitations under the License.
 package gce
 
 import (
+	"context"
+
 	compute "google.golang.org/api/compute/v1"
+
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
 )
 
 func newFirewallMetricContext(request string) *metricContext {
@@ -27,38 +31,24 @@ func newFirewallMetricContext(request string) *metricContext {
 // GetFirewall returns the Firewall by name.
 func (gce *GCECloud) GetFirewall(name string) (*compute.Firewall, error) {
 	mc := newFirewallMetricContext("get")
-	v, err := gce.service.Firewalls.Get(gce.NetworkProjectID(), name).Do()
+	v, err := gce.c.Firewalls().Get(context.Background(), meta.GlobalKey(name))
 	return v, mc.Observe(err)
 }
 
 // CreateFirewall creates the passed firewall
 func (gce *GCECloud) CreateFirewall(f *compute.Firewall) error {
 	mc := newFirewallMetricContext("create")
-	op, err := gce.service.Firewalls.Insert(gce.NetworkProjectID(), f).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOpInProject(op, gce.NetworkProjectID(), mc)
+	return mc.Observe(gce.c.Firewalls().Insert(context.Background(), meta.GlobalKey(f.Name), f))
 }
 
 // DeleteFirewall deletes the given firewall rule.
 func (gce *GCECloud) DeleteFirewall(name string) error {
 	mc := newFirewallMetricContext("delete")
-	op, err := gce.service.Firewalls.Delete(gce.NetworkProjectID(), name).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForGlobalOpInProject(op, gce.NetworkProjectID(), mc)
+	return mc.Observe(gce.c.Firewalls().Delete(context.Background(), meta.GlobalKey(name)))
 }
 
 // UpdateFirewall applies the given firewall as an update to an existing service.
 func (gce *GCECloud) UpdateFirewall(f *compute.Firewall) error {
 	mc := newFirewallMetricContext("update")
-	op, err := gce.service.Firewalls.Update(gce.NetworkProjectID(), f.Name, f).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOpInProject(op, gce.NetworkProjectID(), mc)
+	return mc.Observe(gce.c.Firewalls().Update(context.Background(), meta.GlobalKey(f.Name), f))
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_forwardingrule.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_forwardingrule.go
index f674b205705d..9fe0da9f7ccf 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_forwardingrule.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_forwardingrule.go
@@ -17,8 +17,13 @@ limitations under the License.
 package gce
 
 import (
+	"context"
+
 	computealpha "google.golang.org/api/compute/v0.alpha"
 	compute "google.golang.org/api/compute/v1"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
 )
 
 func newForwardingRuleMetricContext(request, region string) *metricContext {
@@ -31,79 +36,62 @@ func newForwardingRuleMetricContextWithVersion(request, region, version string)
 // CreateGlobalForwardingRule creates the passed GlobalForwardingRule
 func (gce *GCECloud) CreateGlobalForwardingRule(rule *compute.ForwardingRule) error {
 	mc := newForwardingRuleMetricContext("create", "")
-	op, err := gce.service.GlobalForwardingRules.Insert(gce.projectID, rule).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.GlobalForwardingRules().Insert(context.Background(), meta.GlobalKey(rule.Name), rule))
 }
 
 // SetProxyForGlobalForwardingRule links the given TargetHttp(s)Proxy with the given GlobalForwardingRule.
 // targetProxyLink is the SelfLink of a TargetHttp(s)Proxy.
 func (gce *GCECloud) SetProxyForGlobalForwardingRule(forwardingRuleName, targetProxyLink string) error {
 	mc := newForwardingRuleMetricContext("set_proxy", "")
-	op, err := gce.service.GlobalForwardingRules.SetTarget(
-		gce.projectID, forwardingRuleName, &compute.TargetReference{Target: targetProxyLink}).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOp(op, mc)
+	target := &compute.TargetReference{Target: targetProxyLink}
+	return mc.Observe(gce.c.GlobalForwardingRules().SetTarget(context.Background(), meta.GlobalKey(forwardingRuleName), target))
 }
 
 // DeleteGlobalForwardingRule deletes the GlobalForwardingRule by name.
 func (gce *GCECloud) DeleteGlobalForwardingRule(name string) error {
 	mc := newForwardingRuleMetricContext("delete", "")
-	op, err := gce.service.GlobalForwardingRules.Delete(gce.projectID, name).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.GlobalForwardingRules().Delete(context.Background(), meta.GlobalKey(name)))
 }
 
 // GetGlobalForwardingRule returns the GlobalForwardingRule by name.
 func (gce *GCECloud) GetGlobalForwardingRule(name string) (*compute.ForwardingRule, error) {
 	mc := newForwardingRuleMetricContext("get", "")
-	v, err := gce.service.GlobalForwardingRules.Get(gce.projectID, name).Do()
+	v, err := gce.c.GlobalForwardingRules().Get(context.Background(), meta.GlobalKey(name))
 	return v, mc.Observe(err)
 }
 
 // ListGlobalForwardingRules lists all GlobalForwardingRules in the project.
-func (gce *GCECloud) ListGlobalForwardingRules() (*compute.ForwardingRuleList, error) {
+func (gce *GCECloud) ListGlobalForwardingRules() ([]*compute.ForwardingRule, error) {
 	mc := newForwardingRuleMetricContext("list", "")
-	// TODO: use PageToken to list all not just the first 500
-	v, err := gce.service.GlobalForwardingRules.List(gce.projectID).Do()
+	v, err := gce.c.GlobalForwardingRules().List(context.Background(), filter.None)
 	return v, mc.Observe(err)
 }
 
 // GetRegionForwardingRule returns the RegionalForwardingRule by name & region.
 func (gce *GCECloud) GetRegionForwardingRule(name, region string) (*compute.ForwardingRule, error) {
 	mc := newForwardingRuleMetricContext("get", region)
-	v, err := gce.service.ForwardingRules.Get(gce.projectID, region, name).Do()
+	v, err := gce.c.ForwardingRules().Get(context.Background(), meta.RegionalKey(name, region))
 	return v, mc.Observe(err)
 }
 
 // GetAlphaRegionForwardingRule returns the Alpha forwarding rule by name & region.
 func (gce *GCECloud) GetAlphaRegionForwardingRule(name, region string) (*computealpha.ForwardingRule, error) {
 	mc := newForwardingRuleMetricContextWithVersion("get", region, computeAlphaVersion)
-	v, err := gce.serviceAlpha.ForwardingRules.Get(gce.projectID, region, name).Do()
+	v, err := gce.c.AlphaForwardingRules().Get(context.Background(), meta.RegionalKey(name, region))
 	return v, mc.Observe(err)
 }
 
 // ListRegionForwardingRules lists all RegionalForwardingRules in the project & region.
-func (gce *GCECloud) ListRegionForwardingRules(region string) (*compute.ForwardingRuleList, error) {
+func (gce *GCECloud) ListRegionForwardingRules(region string) ([]*compute.ForwardingRule, error) {
 	mc := newForwardingRuleMetricContext("list", region)
-	// TODO: use PageToken to list all not just the first 500
-	v, err := gce.service.ForwardingRules.List(gce.projectID, region).Do()
+	v, err := gce.c.ForwardingRules().List(context.Background(), region, filter.None)
 	return v, mc.Observe(err)
 }
 
-// ListRegionForwardingRules lists all RegionalForwardingRules in the project & region.
-func (gce *GCECloud) ListAlphaRegionForwardingRules(region string) (*computealpha.ForwardingRuleList, error) {
+// ListAlphaRegionForwardingRules lists all RegionalForwardingRules in the project & region.
+func (gce *GCECloud) ListAlphaRegionForwardingRules(region string) ([]*computealpha.ForwardingRule, error) {
 	mc := newForwardingRuleMetricContextWithVersion("list", region, computeAlphaVersion)
-	// TODO: use PageToken to list all not just the first 500
-	v, err := gce.serviceAlpha.ForwardingRules.List(gce.projectID, region).Do()
+	v, err := gce.c.AlphaForwardingRules().List(context.Background(), region, filter.None)
 	return v, mc.Observe(err)
 }
 
@@ -111,41 +99,26 @@ func (gce *GCECloud) ListAlphaRegionForwardingRules(region string) (*computealph
 // RegionalForwardingRule that points to the given BackendService
 func (gce *GCECloud) CreateRegionForwardingRule(rule *compute.ForwardingRule, region string) error {
 	mc := newForwardingRuleMetricContext("create", region)
-	op, err := gce.service.ForwardingRules.Insert(gce.projectID, region, rule).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForRegionOp(op, region, mc)
+	return mc.Observe(gce.c.ForwardingRules().Insert(context.Background(), meta.RegionalKey(rule.Name, region), rule))
 }
 
 // CreateAlphaRegionForwardingRule creates and returns an Alpha
 // forwarding fule in the given region.
 func (gce *GCECloud) CreateAlphaRegionForwardingRule(rule *computealpha.ForwardingRule, region string) error {
 	mc := newForwardingRuleMetricContextWithVersion("create", region, computeAlphaVersion)
-	op, err := gce.serviceAlpha.ForwardingRules.Insert(gce.projectID, region, rule).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForRegionOp(op, region, mc)
+	return mc.Observe(gce.c.AlphaForwardingRules().Insert(context.Background(), meta.RegionalKey(rule.Name, region), rule))
 }
 
 // DeleteRegionForwardingRule deletes the RegionalForwardingRule by name & region.
 func (gce *GCECloud) DeleteRegionForwardingRule(name, region string) error {
 	mc := newForwardingRuleMetricContext("delete", region)
-	op, err := gce.service.ForwardingRules.Delete(gce.projectID, region, name).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForRegionOp(op, region, mc)
+	return mc.Observe(gce.c.ForwardingRules().Delete(context.Background(), meta.RegionalKey(name, region)))
 }
 
 // TODO(#51665): retire this function once Network Tiers becomes Beta in GCP.
 func (gce *GCECloud) getNetworkTierFromForwardingRule(name, region string) (string, error) {
 	if !gce.AlphaFeatureGate.Enabled(AlphaFeatureNetworkTiers) {
-		return NetworkTierDefault.ToGCEValue(), nil
+		return cloud.NetworkTierDefault.ToGCEValue(), nil
 	}
 	fwdRule, err := gce.GetAlphaRegionForwardingRule(name, region)
 	if err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_forwardingrule_fakes.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_forwardingrule_fakes.go
deleted file mode 100644
index 780012791fc1..000000000000
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_forwardingrule_fakes.go
+++ /dev/null
@@ -1,138 +0,0 @@
-/*
-Copyright 2017 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package gce
-
-import (
-	"encoding/json"
-	"fmt"
-	"net/http"
-
-	computealpha "google.golang.org/api/compute/v0.alpha"
-	compute "google.golang.org/api/compute/v1"
-	"google.golang.org/api/googleapi"
-)
-
-type FakeCloudForwardingRuleService struct {
-	// fwdRulesByRegionAndName
-	// Outer key is for region string; inner key is for fwdRuleess name.
-	fwdRulesByRegionAndName map[string]map[string]*computealpha.ForwardingRule
-}
-
-// FakeCloudForwardingRuleService Implements CloudForwardingRuleService
-var _ CloudForwardingRuleService = &FakeCloudForwardingRuleService{}
-
-func NewFakeCloudForwardingRuleService() *FakeCloudForwardingRuleService {
-	return &FakeCloudForwardingRuleService{
-		fwdRulesByRegionAndName: make(map[string]map[string]*computealpha.ForwardingRule),
-	}
-}
-
-// SetRegionalForwardingRulees sets the fwdRuleesses of ther region. This is used for
-// setting the test environment.
-func (f *FakeCloudForwardingRuleService) SetRegionalForwardingRulees(region string, fwdRules []*computealpha.ForwardingRule) {
-	// Reset fwdRuleesses in the region.
-	f.fwdRulesByRegionAndName[region] = make(map[string]*computealpha.ForwardingRule)
-
-	for _, fwdRule := range fwdRules {
-		f.fwdRulesByRegionAndName[region][fwdRule.Name] = fwdRule
-	}
-}
-
-func (f *FakeCloudForwardingRuleService) CreateAlphaRegionForwardingRule(fwdRule *computealpha.ForwardingRule, region string) error {
-	if _, exists := f.fwdRulesByRegionAndName[region]; !exists {
-		f.fwdRulesByRegionAndName[region] = make(map[string]*computealpha.ForwardingRule)
-	}
-
-	if _, exists := f.fwdRulesByRegionAndName[region][fwdRule.Name]; exists {
-		return &googleapi.Error{Code: http.StatusConflict}
-	}
-
-	f.fwdRulesByRegionAndName[region][fwdRule.Name] = fwdRule
-	return nil
-}
-
-func (f *FakeCloudForwardingRuleService) CreateRegionForwardingRule(fwdRule *compute.ForwardingRule, region string) error {
-	alphafwdRule := convertToAlphaForwardingRule(fwdRule)
-	return f.CreateAlphaRegionForwardingRule(alphafwdRule, region)
-}
-
-func (f *FakeCloudForwardingRuleService) DeleteRegionForwardingRule(name, region string) error {
-	if _, exists := f.fwdRulesByRegionAndName[region]; !exists {
-		return makeGoogleAPINotFoundError("")
-	}
-
-	if _, exists := f.fwdRulesByRegionAndName[region][name]; !exists {
-		return makeGoogleAPINotFoundError("")
-	}
-	delete(f.fwdRulesByRegionAndName[region], name)
-	return nil
-}
-
-func (f *FakeCloudForwardingRuleService) GetAlphaRegionForwardingRule(name, region string) (*computealpha.ForwardingRule, error) {
-	if _, exists := f.fwdRulesByRegionAndName[region]; !exists {
-		return nil, makeGoogleAPINotFoundError("")
-	}
-
-	if fwdRule, exists := f.fwdRulesByRegionAndName[region][name]; !exists {
-		return nil, makeGoogleAPINotFoundError("")
-	} else {
-		return fwdRule, nil
-	}
-}
-
-func (f *FakeCloudForwardingRuleService) GetRegionForwardingRule(name, region string) (*compute.ForwardingRule, error) {
-	fwdRule, err := f.GetAlphaRegionForwardingRule(name, region)
-	if fwdRule != nil {
-		return convertToV1ForwardingRule(fwdRule), err
-	}
-	return nil, err
-}
-
-func (f *FakeCloudForwardingRuleService) getNetworkTierFromForwardingRule(name, region string) (string, error) {
-	fwdRule, err := f.GetAlphaRegionForwardingRule(name, region)
-	if err != nil {
-		return "", err
-	}
-	return fwdRule.NetworkTier, nil
-}
-
-func convertToV1ForwardingRule(object gceObject) *compute.ForwardingRule {
-	enc, err := object.MarshalJSON()
-	if err != nil {
-		panic(fmt.Sprintf("Failed to encode to json: %v", err))
-	}
-	var fwdRule compute.ForwardingRule
-	if err := json.Unmarshal(enc, &fwdRule); err != nil {
-		panic(fmt.Sprintf("Failed to convert GCE apiObject %v to v1 fwdRuleess: %v", object, err))
-	}
-	return &fwdRule
-}
-
-func convertToAlphaForwardingRule(object gceObject) *computealpha.ForwardingRule {
-	enc, err := object.MarshalJSON()
-	if err != nil {
-		panic(fmt.Sprintf("Failed to encode to json: %v", err))
-	}
-	var fwdRule computealpha.ForwardingRule
-	if err := json.Unmarshal(enc, &fwdRule); err != nil {
-		panic(fmt.Sprintf("Failed to convert GCE apiObject %v to alpha fwdRuleess: %v", object, err))
-	}
-	// Set the default values for the Alpha fields.
-	fwdRule.NetworkTier = NetworkTierDefault.ToGCEValue()
-
-	return &fwdRule
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_healthchecks.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_healthchecks.go
index 7c71f5ae3919..e4c0829e1088 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_healthchecks.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_healthchecks.go
@@ -17,13 +17,18 @@ limitations under the License.
 package gce
 
 import (
-	"k8s.io/api/core/v1"
-	"k8s.io/kubernetes/pkg/master/ports"
-	utilversion "k8s.io/kubernetes/pkg/util/version"
+	"context"
 
 	"github.com/golang/glog"
+
 	computealpha "google.golang.org/api/compute/v0.alpha"
 	compute "google.golang.org/api/compute/v1"
+
+	"k8s.io/api/core/v1"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
+	"k8s.io/kubernetes/pkg/master/ports"
+	utilversion "k8s.io/kubernetes/pkg/util/version"
 )
 
 const (
@@ -54,48 +59,32 @@ func newHealthcheckMetricContextWithVersion(request, version string) *metricCont
 // GetHttpHealthCheck returns the given HttpHealthCheck by name.
 func (gce *GCECloud) GetHttpHealthCheck(name string) (*compute.HttpHealthCheck, error) {
 	mc := newHealthcheckMetricContext("get_legacy")
-	v, err := gce.service.HttpHealthChecks.Get(gce.projectID, name).Do()
+	v, err := gce.c.HttpHealthChecks().Get(context.Background(), meta.GlobalKey(name))
 	return v, mc.Observe(err)
 }
 
 // UpdateHttpHealthCheck applies the given HttpHealthCheck as an update.
 func (gce *GCECloud) UpdateHttpHealthCheck(hc *compute.HttpHealthCheck) error {
 	mc := newHealthcheckMetricContext("update_legacy")
-	op, err := gce.service.HttpHealthChecks.Update(gce.projectID, hc.Name, hc).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.HttpHealthChecks().Update(context.Background(), meta.GlobalKey(hc.Name), hc))
 }
 
 // DeleteHttpHealthCheck deletes the given HttpHealthCheck by name.
 func (gce *GCECloud) DeleteHttpHealthCheck(name string) error {
 	mc := newHealthcheckMetricContext("delete_legacy")
-	op, err := gce.service.HttpHealthChecks.Delete(gce.projectID, name).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.HttpHealthChecks().Delete(context.Background(), meta.GlobalKey(name)))
 }
 
 // CreateHttpHealthCheck creates the given HttpHealthCheck.
 func (gce *GCECloud) CreateHttpHealthCheck(hc *compute.HttpHealthCheck) error {
 	mc := newHealthcheckMetricContext("create_legacy")
-	op, err := gce.service.HttpHealthChecks.Insert(gce.projectID, hc).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.HttpHealthChecks().Insert(context.Background(), meta.GlobalKey(hc.Name), hc))
 }
 
 // ListHttpHealthChecks lists all HttpHealthChecks in the project.
-func (gce *GCECloud) ListHttpHealthChecks() (*compute.HttpHealthCheckList, error) {
+func (gce *GCECloud) ListHttpHealthChecks() ([]*compute.HttpHealthCheck, error) {
 	mc := newHealthcheckMetricContext("list_legacy")
-	// TODO: use PageToken to list all not just the first 500
-	v, err := gce.service.HttpHealthChecks.List(gce.projectID).Do()
+	v, err := gce.c.HttpHealthChecks().List(context.Background(), filter.None)
 	return v, mc.Observe(err)
 }
 
@@ -104,50 +93,32 @@ func (gce *GCECloud) ListHttpHealthChecks() (*compute.HttpHealthCheckList, error
 // GetHttpsHealthCheck returns the given HttpsHealthCheck by name.
 func (gce *GCECloud) GetHttpsHealthCheck(name string) (*compute.HttpsHealthCheck, error) {
 	mc := newHealthcheckMetricContext("get_legacy")
-	v, err := gce.service.HttpsHealthChecks.Get(gce.projectID, name).Do()
-	mc.Observe(err)
-	return v, err
+	v, err := gce.c.HttpsHealthChecks().Get(context.Background(), meta.GlobalKey(name))
+	return v, mc.Observe(err)
 }
 
 // UpdateHttpsHealthCheck applies the given HttpsHealthCheck as an update.
 func (gce *GCECloud) UpdateHttpsHealthCheck(hc *compute.HttpsHealthCheck) error {
 	mc := newHealthcheckMetricContext("update_legacy")
-	op, err := gce.service.HttpsHealthChecks.Update(gce.projectID, hc.Name, hc).Do()
-	if err != nil {
-		mc.Observe(err)
-		return err
-	}
-
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.HttpsHealthChecks().Update(context.Background(), meta.GlobalKey(hc.Name), hc))
 }
 
 // DeleteHttpsHealthCheck deletes the given HttpsHealthCheck by name.
 func (gce *GCECloud) DeleteHttpsHealthCheck(name string) error {
 	mc := newHealthcheckMetricContext("delete_legacy")
-	op, err := gce.service.HttpsHealthChecks.Delete(gce.projectID, name).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.HttpsHealthChecks().Delete(context.Background(), meta.GlobalKey(name)))
 }
 
 // CreateHttpsHealthCheck creates the given HttpsHealthCheck.
 func (gce *GCECloud) CreateHttpsHealthCheck(hc *compute.HttpsHealthCheck) error {
 	mc := newHealthcheckMetricContext("create_legacy")
-	op, err := gce.service.HttpsHealthChecks.Insert(gce.projectID, hc).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.HttpsHealthChecks().Insert(context.Background(), meta.GlobalKey(hc.Name), hc))
 }
 
 // ListHttpsHealthChecks lists all HttpsHealthChecks in the project.
-func (gce *GCECloud) ListHttpsHealthChecks() (*compute.HttpsHealthCheckList, error) {
+func (gce *GCECloud) ListHttpsHealthChecks() ([]*compute.HttpsHealthCheck, error) {
 	mc := newHealthcheckMetricContext("list_legacy")
-	// TODO: use PageToken to list all not just the first 500
-	v, err := gce.service.HttpsHealthChecks.List(gce.projectID).Do()
+	v, err := gce.c.HttpsHealthChecks().List(context.Background(), filter.None)
 	return v, mc.Observe(err)
 }
 
@@ -156,77 +127,51 @@ func (gce *GCECloud) ListHttpsHealthChecks() (*compute.HttpsHealthCheckList, err
 // GetHealthCheck returns the given HealthCheck by name.
 func (gce *GCECloud) GetHealthCheck(name string) (*compute.HealthCheck, error) {
 	mc := newHealthcheckMetricContext("get")
-	v, err := gce.service.HealthChecks.Get(gce.projectID, name).Do()
+	v, err := gce.c.HealthChecks().Get(context.Background(), meta.GlobalKey(name))
 	return v, mc.Observe(err)
 }
 
 // GetAlphaHealthCheck returns the given alpha HealthCheck by name.
 func (gce *GCECloud) GetAlphaHealthCheck(name string) (*computealpha.HealthCheck, error) {
 	mc := newHealthcheckMetricContextWithVersion("get", computeAlphaVersion)
-	v, err := gce.serviceAlpha.HealthChecks.Get(gce.projectID, name).Do()
+	v, err := gce.c.AlphaHealthChecks().Get(context.Background(), meta.GlobalKey(name))
 	return v, mc.Observe(err)
 }
 
 // UpdateHealthCheck applies the given HealthCheck as an update.
 func (gce *GCECloud) UpdateHealthCheck(hc *compute.HealthCheck) error {
 	mc := newHealthcheckMetricContext("update")
-	op, err := gce.service.HealthChecks.Update(gce.projectID, hc.Name, hc).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.HealthChecks().Update(context.Background(), meta.GlobalKey(hc.Name), hc))
 }
 
 // UpdateAlphaHealthCheck applies the given alpha HealthCheck as an update.
 func (gce *GCECloud) UpdateAlphaHealthCheck(hc *computealpha.HealthCheck) error {
 	mc := newHealthcheckMetricContextWithVersion("update", computeAlphaVersion)
-	op, err := gce.serviceAlpha.HealthChecks.Update(gce.projectID, hc.Name, hc).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.AlphaHealthChecks().Update(context.Background(), meta.GlobalKey(hc.Name), hc))
 }
 
 // DeleteHealthCheck deletes the given HealthCheck by name.
 func (gce *GCECloud) DeleteHealthCheck(name string) error {
 	mc := newHealthcheckMetricContext("delete")
-	op, err := gce.service.HealthChecks.Delete(gce.projectID, name).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.HealthChecks().Delete(context.Background(), meta.GlobalKey(name)))
 }
 
 // CreateHealthCheck creates the given HealthCheck.
 func (gce *GCECloud) CreateHealthCheck(hc *compute.HealthCheck) error {
 	mc := newHealthcheckMetricContext("create")
-	op, err := gce.service.HealthChecks.Insert(gce.projectID, hc).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.HealthChecks().Insert(context.Background(), meta.GlobalKey(hc.Name), hc))
 }
 
 // CreateAlphaHealthCheck creates the given alpha HealthCheck.
 func (gce *GCECloud) CreateAlphaHealthCheck(hc *computealpha.HealthCheck) error {
 	mc := newHealthcheckMetricContextWithVersion("create", computeAlphaVersion)
-	op, err := gce.serviceAlpha.HealthChecks.Insert(gce.projectID, hc).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.AlphaHealthChecks().Insert(context.Background(), meta.GlobalKey(hc.Name), hc))
 }
 
 // ListHealthChecks lists all HealthCheck in the project.
-func (gce *GCECloud) ListHealthChecks() (*compute.HealthCheckList, error) {
+func (gce *GCECloud) ListHealthChecks() ([]*compute.HealthCheck, error) {
 	mc := newHealthcheckMetricContext("list")
-	// TODO: use PageToken to list all not just the first 500
-	v, err := gce.service.HealthChecks.List(gce.projectID).Do()
+	v, err := gce.c.HealthChecks().List(context.Background(), filter.None)
 	return v, mc.Observe(err)
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_instancegroup.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_instancegroup.go
index 67083224bb2c..84b9724bfae6 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_instancegroup.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_instancegroup.go
@@ -16,7 +16,14 @@ limitations under the License.
 
 package gce
 
-import compute "google.golang.org/api/compute/v1"
+import (
+	"context"
+
+	compute "google.golang.org/api/compute/v1"
+
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
+)
 
 func newInstanceGroupMetricContext(request string, zone string) *metricContext {
 	return newGenericMetricContext("instancegroup", request, unusedMetricLabel, zone, computeV1Version)
@@ -26,43 +33,29 @@ func newInstanceGroupMetricContext(request string, zone string) *metricContext {
 // instances. It is the callers responsibility to add named ports.
 func (gce *GCECloud) CreateInstanceGroup(ig *compute.InstanceGroup, zone string) error {
 	mc := newInstanceGroupMetricContext("create", zone)
-	op, err := gce.service.InstanceGroups.Insert(gce.projectID, zone, ig).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForZoneOp(op, zone, mc)
+	return mc.Observe(gce.c.InstanceGroups().Insert(context.Background(), meta.ZonalKey(ig.Name, zone), ig))
 }
 
 // DeleteInstanceGroup deletes an instance group.
 func (gce *GCECloud) DeleteInstanceGroup(name string, zone string) error {
 	mc := newInstanceGroupMetricContext("delete", zone)
-	op, err := gce.service.InstanceGroups.Delete(
-		gce.projectID, zone, name).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForZoneOp(op, zone, mc)
+	return mc.Observe(gce.c.InstanceGroups().Delete(context.Background(), meta.ZonalKey(name, zone)))
 }
 
 // ListInstanceGroups lists all InstanceGroups in the project and
 // zone.
-func (gce *GCECloud) ListInstanceGroups(zone string) (*compute.InstanceGroupList, error) {
+func (gce *GCECloud) ListInstanceGroups(zone string) ([]*compute.InstanceGroup, error) {
 	mc := newInstanceGroupMetricContext("list", zone)
-	// TODO: use PageToken to list all not just the first 500
-	v, err := gce.service.InstanceGroups.List(gce.projectID, zone).Do()
+	v, err := gce.c.InstanceGroups().List(context.Background(), zone, filter.None)
 	return v, mc.Observe(err)
 }
 
 // ListInstancesInInstanceGroup lists all the instances in a given
 // instance group and state.
-func (gce *GCECloud) ListInstancesInInstanceGroup(name string, zone string, state string) (*compute.InstanceGroupsListInstances, error) {
+func (gce *GCECloud) ListInstancesInInstanceGroup(name string, zone string, state string) ([]*compute.InstanceWithNamedPorts, error) {
 	mc := newInstanceGroupMetricContext("list_instances", zone)
-	// TODO: use PageToken to list all not just the first 500
-	v, err := gce.service.InstanceGroups.ListInstances(
-		gce.projectID, zone, name,
-		&compute.InstanceGroupsListInstancesRequest{InstanceState: state}).Do()
+	req := &compute.InstanceGroupsListInstancesRequest{InstanceState: state}
+	v, err := gce.c.InstanceGroups().ListInstances(context.Background(), meta.ZonalKey(name, zone), req, filter.None)
 	return v, mc.Observe(err)
 }
 
@@ -70,58 +63,40 @@ func (gce *GCECloud) ListInstancesInInstanceGroup(name string, zone string, stat
 // instance group.
 func (gce *GCECloud) AddInstancesToInstanceGroup(name string, zone string, instanceRefs []*compute.InstanceReference) error {
 	mc := newInstanceGroupMetricContext("add_instances", zone)
+	// TODO: should cull operation above this layer.
 	if len(instanceRefs) == 0 {
 		return nil
 	}
-
-	op, err := gce.service.InstanceGroups.AddInstances(
-		gce.projectID, zone, name,
-		&compute.InstanceGroupsAddInstancesRequest{
-			Instances: instanceRefs,
-		}).Do()
-	if err != nil {
-		return mc.Observe(err)
+	req := &compute.InstanceGroupsAddInstancesRequest{
+		Instances: instanceRefs,
 	}
-
-	return gce.waitForZoneOp(op, zone, mc)
+	return mc.Observe(gce.c.InstanceGroups().AddInstances(context.Background(), meta.ZonalKey(name, zone), req))
 }
 
 // RemoveInstancesFromInstanceGroup removes the given instances from
 // the instance group.
 func (gce *GCECloud) RemoveInstancesFromInstanceGroup(name string, zone string, instanceRefs []*compute.InstanceReference) error {
 	mc := newInstanceGroupMetricContext("remove_instances", zone)
+	// TODO: should cull operation above this layer.
 	if len(instanceRefs) == 0 {
 		return nil
 	}
-
-	op, err := gce.service.InstanceGroups.RemoveInstances(
-		gce.projectID, zone, name,
-		&compute.InstanceGroupsRemoveInstancesRequest{
-			Instances: instanceRefs,
-		}).Do()
-	if err != nil {
-		return mc.Observe(err)
+	req := &compute.InstanceGroupsRemoveInstancesRequest{
+		Instances: instanceRefs,
 	}
-
-	return gce.waitForZoneOp(op, zone, mc)
+	return mc.Observe(gce.c.InstanceGroups().RemoveInstances(context.Background(), meta.ZonalKey(name, zone), req))
 }
 
 // SetNamedPortsOfInstanceGroup sets the list of named ports on a given instance group
 func (gce *GCECloud) SetNamedPortsOfInstanceGroup(igName, zone string, namedPorts []*compute.NamedPort) error {
 	mc := newInstanceGroupMetricContext("set_namedports", zone)
-	op, err := gce.service.InstanceGroups.SetNamedPorts(
-		gce.projectID, zone, igName,
-		&compute.InstanceGroupsSetNamedPortsRequest{NamedPorts: namedPorts}).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForZoneOp(op, zone, mc)
+	req := &compute.InstanceGroupsSetNamedPortsRequest{NamedPorts: namedPorts}
+	return mc.Observe(gce.c.InstanceGroups().SetNamedPorts(context.Background(), meta.ZonalKey(igName, zone), req))
 }
 
 // GetInstanceGroup returns an instance group by name.
 func (gce *GCECloud) GetInstanceGroup(name string, zone string) (*compute.InstanceGroup, error) {
 	mc := newInstanceGroupMetricContext("get", zone)
-	v, err := gce.service.InstanceGroups.Get(gce.projectID, zone, name).Do()
+	v, err := gce.c.InstanceGroups().Get(context.Background(), meta.ZonalKey(name, zone))
 	return v, mc.Observe(err)
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_instances.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_instances.go
index 606322d65c23..aa31f5e3a3ed 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_instances.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_instances.go
@@ -17,6 +17,7 @@ limitations under the License.
 package gce
 
 import (
+	"context"
 	"fmt"
 	"net"
 	"net/http"
@@ -34,6 +35,8 @@ import (
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/kubernetes/pkg/cloudprovider"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
 	kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis"
 )
 
@@ -64,6 +67,11 @@ func getZone(n *v1.Node) string {
 	return zone
 }
 
+func makeHostURL(projectsApiEndpoint, projectID, zone, host string) string {
+	host = canonicalizeInstanceName(host)
+	return projectsApiEndpoint + strings.Join([]string{projectID, "zones", zone, "instances", host}, "/")
+}
+
 // ToInstanceReferences returns instance references by links
 func (gce *GCECloud) ToInstanceReferences(zone string, instanceNames []string) (refs []*compute.InstanceReference) {
 	for _, ins := range instanceNames {
@@ -74,7 +82,7 @@ func (gce *GCECloud) ToInstanceReferences(zone string, instanceNames []string) (
 }
 
 // NodeAddresses is an implementation of Instances.NodeAddresses.
-func (gce *GCECloud) NodeAddresses(_ types.NodeName) ([]v1.NodeAddress, error) {
+func (gce *GCECloud) NodeAddresses(_ context.Context, _ types.NodeName) ([]v1.NodeAddress, error) {
 	internalIP, err := metadata.Get("instance/network-interfaces/0/ip")
 	if err != nil {
 		return nil, fmt.Errorf("couldn't get internal IP: %v", err)
@@ -89,15 +97,15 @@ func (gce *GCECloud) NodeAddresses(_ types.NodeName) ([]v1.NodeAddress, error) {
 	}, nil
 }
 
-// This method will not be called from the node that is requesting this ID.
+// NodeAddressesByProviderID will not be called from the node that is requesting this ID.
 // i.e. metadata service and other local methods cannot be used here
-func (gce *GCECloud) NodeAddressesByProviderID(providerID string) ([]v1.NodeAddress, error) {
-	project, zone, name, err := splitProviderID(providerID)
+func (gce *GCECloud) NodeAddressesByProviderID(ctx context.Context, providerID string) ([]v1.NodeAddress, error) {
+	_, zone, name, err := splitProviderID(providerID)
 	if err != nil {
 		return []v1.NodeAddress{}, err
 	}
 
-	instance, err := gce.service.Instances.Get(project, zone, canonicalizeInstanceName(name)).Do()
+	instance, err := gce.c.Instances().Get(context.Background(), meta.ZonalKey(canonicalizeInstanceName(name), zone))
 	if err != nil {
 		return []v1.NodeAddress{}, fmt.Errorf("error while querying for providerID %q: %v", providerID, err)
 	}
@@ -138,7 +146,7 @@ func (gce *GCECloud) instanceByProviderID(providerID string) (*gceInstance, erro
 // with the specified unique providerID This method will not be called from the
 // node that is requesting this ID. i.e. metadata service and other local
 // methods cannot be used here
-func (gce *GCECloud) InstanceTypeByProviderID(providerID string) (string, error) {
+func (gce *GCECloud) InstanceTypeByProviderID(ctx context.Context, providerID string) (string, error) {
 	instance, err := gce.instanceByProviderID(providerID)
 	if err != nil {
 		return "", err
@@ -148,7 +156,7 @@ func (gce *GCECloud) InstanceTypeByProviderID(providerID string) (string, error)
 }
 
 // ExternalID returns the cloud provider ID of the node with the specified NodeName (deprecated).
-func (gce *GCECloud) ExternalID(nodeName types.NodeName) (string, error) {
+func (gce *GCECloud) ExternalID(ctx context.Context, nodeName types.NodeName) (string, error) {
 	instanceName := mapNodeNameToInstanceName(nodeName)
 	if gce.useMetadataServer {
 		// Use metadata, if possible, to fetch ID. See issue #12000
@@ -170,7 +178,7 @@ func (gce *GCECloud) ExternalID(nodeName types.NodeName) (string, error) {
 
 // InstanceExistsByProviderID returns true if the instance with the given provider id still exists and is running.
 // If false is returned with no error, the instance will be immediately deleted by the cloud controller manager.
-func (gce *GCECloud) InstanceExistsByProviderID(providerID string) (bool, error) {
+func (gce *GCECloud) InstanceExistsByProviderID(ctx context.Context, providerID string) (bool, error) {
 	_, err := gce.instanceByProviderID(providerID)
 	if err != nil {
 		if err == cloudprovider.InstanceNotFound {
@@ -183,7 +191,7 @@ func (gce *GCECloud) InstanceExistsByProviderID(providerID string) (bool, error)
 }
 
 // InstanceID returns the cloud provider ID of the node with the specified NodeName.
-func (gce *GCECloud) InstanceID(nodeName types.NodeName) (string, error) {
+func (gce *GCECloud) InstanceID(ctx context.Context, nodeName types.NodeName) (string, error) {
 	instanceName := mapNodeNameToInstanceName(nodeName)
 	if gce.useMetadataServer {
 		// Use metadata, if possible, to fetch ID. See issue #12000
@@ -202,7 +210,7 @@ func (gce *GCECloud) InstanceID(nodeName types.NodeName) (string, error) {
 }
 
 // InstanceType returns the type of the specified node with the specified NodeName.
-func (gce *GCECloud) InstanceType(nodeName types.NodeName) (string, error) {
+func (gce *GCECloud) InstanceType(ctx context.Context, nodeName types.NodeName) (string, error) {
 	instanceName := mapNodeNameToInstanceName(nodeName)
 	if gce.useMetadataServer {
 		// Use metadata, if possible, to fetch ID. See issue #12000
@@ -220,9 +228,9 @@ func (gce *GCECloud) InstanceType(nodeName types.NodeName) (string, error) {
 	return instance.Type, nil
 }
 
-func (gce *GCECloud) AddSSHKeyToAllInstances(user string, keyData []byte) error {
+func (gce *GCECloud) AddSSHKeyToAllInstances(ctx context.Context, user string, keyData []byte) error {
 	return wait.Poll(2*time.Second, 30*time.Second, func() (bool, error) {
-		project, err := gce.service.Projects.Get(gce.projectID).Do()
+		project, err := gce.c.Projects().Get(context.Background(), gce.projectID)
 		if err != nil {
 			glog.Errorf("Could not get project: %v", err)
 			return false, nil
@@ -253,20 +261,13 @@ func (gce *GCECloud) AddSSHKeyToAllInstances(user string, keyData []byte) error
 		}
 
 		mc := newInstancesMetricContext("add_ssh_key", "")
-		op, err := gce.service.Projects.SetCommonInstanceMetadata(
-			gce.projectID, project.CommonInstanceMetadata).Do()
+		err = gce.c.Projects().SetCommonInstanceMetadata(context.Background(), gce.projectID, project.CommonInstanceMetadata)
+		mc.Observe(err)
 
 		if err != nil {
-			glog.Errorf("Could not Set Metadata: %v", err)
-			mc.Observe(err)
-			return false, nil
-		}
-
-		if err := gce.waitForGlobalOp(op, mc); err != nil {
 			glog.Errorf("Could not Set Metadata: %v", err)
 			return false, nil
 		}
-
 		glog.Infof("Successfully added sshKey to project metadata")
 		return true, nil
 	})
@@ -281,7 +282,7 @@ func (gce *GCECloud) GetAllCurrentZones() (sets.String, error) {
 	gce.nodeZonesLock.Lock()
 	defer gce.nodeZonesLock.Unlock()
 	if !gce.nodeInformerSynced() {
-		return nil, fmt.Errorf("Node informer is not synced when trying to GetAllCurrentZones")
+		return nil, fmt.Errorf("node informer is not synced when trying to GetAllCurrentZones")
 	}
 	zones := sets.NewString()
 	for zone, nodes := range gce.nodeZones {
@@ -297,59 +298,50 @@ func (gce *GCECloud) GetAllCurrentZones() (sets.String, error) {
 // get all zones with compute instances in them even if not k8s instances!!!
 // ex. I have k8s nodes in us-central1-c and us-central1-b. I also have
 // a non-k8s compute in us-central1-a. This func will return a,b, and c.
+//
+// TODO: this should be removed from the cloud provider.
 func (gce *GCECloud) GetAllZonesFromCloudProvider() (sets.String, error) {
 	zones := sets.NewString()
-
 	for _, zone := range gce.managedZones {
-		mc := newInstancesMetricContext("list", zone)
-		// We only retrieve one page in each zone - we only care about existence
-		listCall := gce.service.Instances.List(gce.projectID, zone)
-
-		listCall = listCall.Fields("items(name)")
-		res, err := listCall.Do()
+		instances, err := gce.c.Instances().List(context.Background(), zone, filter.None)
 		if err != nil {
-			return nil, mc.Observe(err)
+			return sets.NewString(), err
 		}
-		mc.Observe(nil)
-
-		if len(res.Items) != 0 {
+		if len(instances) > 0 {
 			zones.Insert(zone)
 		}
 	}
-
 	return zones, nil
 }
 
 // InsertInstance creates a new instance on GCP
-func (gce *GCECloud) InsertInstance(project string, zone string, rb *compute.Instance) error {
+func (gce *GCECloud) InsertInstance(project string, zone string, i *compute.Instance) error {
 	mc := newInstancesMetricContext("create", zone)
-	op, err := gce.service.Instances.Insert(project, zone, rb).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForZoneOp(op, zone, mc)
+	return mc.Observe(gce.c.Instances().Insert(context.Background(), meta.ZonalKey(i.Name, zone), i))
 }
 
-// ListInstanceNames returns a string of instance names seperated by spaces.
+// ListInstanceNames returns a string of instance names separated by spaces.
+// This method should only be used for e2e testing.
+// TODO: remove this method.
 func (gce *GCECloud) ListInstanceNames(project, zone string) (string, error) {
-	res, err := gce.service.Instances.List(project, zone).Fields("items(name)").Do()
+	l, err := gce.c.Instances().List(context.Background(), zone, filter.None)
 	if err != nil {
 		return "", err
 	}
-	var output string
-	for _, item := range res.Items {
-		output += item.Name + " "
+	var names []string
+	for _, i := range l {
+		names = append(names, i.Name)
 	}
-	return output, nil
+	return strings.Join(names, " "), nil
 }
 
 // DeleteInstance deletes an instance specified by project, zone, and name
-func (gce *GCECloud) DeleteInstance(project, zone, name string) (*compute.Operation, error) {
-	return gce.service.Instances.Delete(project, zone, name).Do()
+func (gce *GCECloud) DeleteInstance(project, zone, name string) error {
+	return gce.c.Instances().Delete(context.Background(), meta.ZonalKey(name, zone))
 }
 
 // Implementation of Instances.CurrentNodeName
-func (gce *GCECloud) CurrentNodeName(hostname string) (types.NodeName, error) {
+func (gce *GCECloud) CurrentNodeName(ctx context.Context, hostname string) (types.NodeName, error) {
 	return types.NodeName(hostname), nil
 }
 
@@ -364,15 +356,14 @@ func (gce *GCECloud) AliasRanges(nodeName types.NodeName) (cidrs []string, err e
 	}
 
 	var res *computebeta.Instance
-	res, err = gce.serviceBeta.Instances.Get(
-		gce.projectID, instance.Zone, instance.Name).Do()
+	res, err = gce.c.BetaInstances().Get(context.Background(), meta.ZonalKey(instance.Name, lastComponent(instance.Zone)))
 	if err != nil {
 		return
 	}
 
 	for _, networkInterface := range res.NetworkInterfaces {
-		for _, aliasIpRange := range networkInterface.AliasIpRanges {
-			cidrs = append(cidrs, aliasIpRange.IpCidrRange)
+		for _, r := range networkInterface.AliasIpRanges {
+			cidrs = append(cidrs, r.IpCidrRange)
 		}
 	}
 	return
@@ -386,14 +377,14 @@ func (gce *GCECloud) AddAliasToInstance(nodeName types.NodeName, alias *net.IPNe
 	if err != nil {
 		return err
 	}
-	instance, err := gce.serviceBeta.Instances.Get(gce.projectID, v1instance.Zone, v1instance.Name).Do()
+	instance, err := gce.c.BetaInstances().Get(context.Background(), meta.ZonalKey(v1instance.Name, lastComponent(v1instance.Zone)))
 	if err != nil {
 		return err
 	}
 
 	switch len(instance.NetworkInterfaces) {
 	case 0:
-		return fmt.Errorf("Instance %q has no network interfaces", nodeName)
+		return fmt.Errorf("instance %q has no network interfaces", nodeName)
 	case 1:
 	default:
 		glog.Warningf("Instance %q has more than one network interface, using only the first (%v)",
@@ -408,90 +399,74 @@ func (gce *GCECloud) AddAliasToInstance(nodeName types.NodeName, alias *net.IPNe
 		SubnetworkRangeName: gce.secondaryRangeName,
 	})
 
-	mc := newInstancesMetricContext("addalias", v1instance.Zone)
-	op, err := gce.serviceBeta.Instances.UpdateNetworkInterface(
-		gce.projectID, lastComponent(instance.Zone), instance.Name, iface.Name, iface).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForZoneOp(op, v1instance.Zone, mc)
+	mc := newInstancesMetricContext("add_alias", v1instance.Zone)
+	err = gce.c.BetaInstances().UpdateNetworkInterface(context.Background(), meta.ZonalKey(instance.Name, lastComponent(instance.Zone)), iface.Name, iface)
+	return mc.Observe(err)
 }
 
-// Gets the named instances, returning cloudprovider.InstanceNotFound if any instance is not found
+// Gets the named instances, returning cloudprovider.InstanceNotFound if any
+// instance is not found
 func (gce *GCECloud) getInstancesByNames(names []string) ([]*gceInstance, error) {
-	instances := make(map[string]*gceInstance)
+	found := map[string]*gceInstance{}
 	remaining := len(names)
 
 	nodeInstancePrefix := gce.nodeInstancePrefix
 	for _, name := range names {
 		name = canonicalizeInstanceName(name)
 		if !strings.HasPrefix(name, gce.nodeInstancePrefix) {
-			glog.Warningf("instance '%s' does not conform to prefix '%s', removing filter", name, gce.nodeInstancePrefix)
+			glog.Warningf("Instance %q does not conform to prefix %q, removing filter", name, gce.nodeInstancePrefix)
 			nodeInstancePrefix = ""
 		}
-		instances[name] = nil
+		found[name] = nil
 	}
 
 	for _, zone := range gce.managedZones {
 		if remaining == 0 {
 			break
 		}
-
-		pageToken := ""
-		page := 0
-		for ; page == 0 || (pageToken != "" && page < maxPages); page++ {
-			listCall := gce.service.Instances.List(gce.projectID, zone)
-
-			if nodeInstancePrefix != "" {
-				// Add the filter for hosts
-				listCall = listCall.Filter("name eq " + nodeInstancePrefix + ".*")
+		instances, err := gce.c.Instances().List(context.Background(), zone, filter.Regexp("name", nodeInstancePrefix+".*"))
+		if err != nil {
+			return nil, err
+		}
+		for _, inst := range instances {
+			if remaining == 0 {
+				break
 			}
-
-			// TODO(zmerlynn): Internal bug 29524655
-			// listCall = listCall.Fields("items(name,id,disks,machineType)")
-			if pageToken != "" {
-				listCall.PageToken(pageToken)
+			if _, ok := found[inst.Name]; !ok {
+				continue
 			}
-
-			res, err := listCall.Do()
-			if err != nil {
-				return nil, err
+			if found[inst.Name] != nil {
+				glog.Errorf("Instance name %q was duplicated (in zone %q and %q)", inst.Name, zone, found[inst.Name].Zone)
+				continue
 			}
-			pageToken = res.NextPageToken
-			for _, i := range res.Items {
-				name := i.Name
-				if _, ok := instances[name]; !ok {
-					continue
-				}
-
-				instance := &gceInstance{
-					Zone:  zone,
-					Name:  name,
-					ID:    i.Id,
-					Disks: i.Disks,
-					Type:  lastComponent(i.MachineType),
-				}
-				instances[name] = instance
-				remaining--
+			found[inst.Name] = &gceInstance{
+				Zone:  zone,
+				Name:  inst.Name,
+				ID:    inst.Id,
+				Disks: inst.Disks,
+				Type:  lastComponent(inst.MachineType),
 			}
-		}
-		if page >= maxPages {
-			glog.Errorf("getInstancesByNames exceeded maxPages=%d for Instances.List: truncating.", maxPages)
+			remaining--
 		}
 	}
 
-	instanceArray := make([]*gceInstance, len(names))
-	for i, name := range names {
-		name = canonicalizeInstanceName(name)
-		instance := instances[name]
-		if instance == nil {
-			glog.Errorf("Failed to retrieve instance: %q", name)
-			return nil, cloudprovider.InstanceNotFound
+	if remaining > 0 {
+		var failed []string
+		for k := range found {
+			if found[k] == nil {
+				failed = append(failed, k)
+			}
 		}
-		instanceArray[i] = instances[name]
+		glog.Errorf("Failed to retrieve instances: %v", failed)
+		return nil, cloudprovider.InstanceNotFound
 	}
 
-	return instanceArray, nil
+	var ret []*gceInstance
+	for _, instance := range found {
+		ret = append(ret, instance)
+	}
+
+	return ret, nil
 }
 
 // Gets the named instance, returning cloudprovider.InstanceNotFound if the instance is not found
@@ -515,12 +490,11 @@ func (gce *GCECloud) getInstanceByName(name string) (*gceInstance, error) {
 func (gce *GCECloud) getInstanceFromProjectInZoneByName(project, zone, name string) (*gceInstance, error) {
 	name = canonicalizeInstanceName(name)
 	mc := newInstancesMetricContext("get", zone)
-	res, err := gce.service.Instances.Get(project, zone, name).Do()
+	res, err := gce.c.Instances().Get(context.Background(), meta.ZonalKey(name, zone))
 	mc.Observe(err)
 	if err != nil {
 		return nil, err
 	}
-
 	return &gceInstance{
 		Zone:  lastComponent(res.Zone),
 		Name:  res.Name,
@@ -579,16 +553,16 @@ func (gce *GCECloud) isCurrentInstance(instanceID string) bool {
 // ComputeHostTags grabs all tags from all instances being added to the pool.
 // * The longest tag that is a prefix of the instance name is used
 // * If any instance has no matching prefix tag, return error
-// Invoking this method to get host tags is risky since it depends on the format
-// of the host names in the cluster. Only use it as a fallback if gce.nodeTags
-// is unspecified
+// Invoking this method to get host tags is risky since it depends on the
+// format of the host names in the cluster. Only use it as a fallback if
+// gce.nodeTags is unspecified
 func (gce *GCECloud) computeHostTags(hosts []*gceInstance) ([]string, error) {
 	// TODO: We could store the tags in gceInstance, so we could have already fetched it
 	hostNamesByZone := make(map[string]map[string]bool) // map of zones -> map of names -> bool (for easy lookup)
 	nodeInstancePrefix := gce.nodeInstancePrefix
 	for _, host := range hosts {
 		if !strings.HasPrefix(host.Name, gce.nodeInstancePrefix) {
-			glog.Warningf("instance '%s' does not conform to prefix '%s', ignoring filter", host, gce.nodeInstancePrefix)
+			glog.Warningf("instance %v does not conform to prefix '%s', ignoring filter", host, gce.nodeInstancePrefix)
 			nodeInstancePrefix = ""
 		}
 
@@ -602,54 +576,34 @@ func (gce *GCECloud) computeHostTags(hosts []*gceInstance) ([]string, error) {
 
 	tags := sets.NewString()
 
+	filt := filter.None
+	if nodeInstancePrefix != "" {
+		filt = filter.Regexp("name", nodeInstancePrefix+".*")
+	}
 	for zone, hostNames := range hostNamesByZone {
-		pageToken := ""
-		page := 0
-		for ; page == 0 || (pageToken != "" && page < maxPages); page++ {
-			listCall := gce.service.Instances.List(gce.projectID, zone)
-
-			if nodeInstancePrefix != "" {
-				// Add the filter for hosts
-				listCall = listCall.Filter("name eq " + nodeInstancePrefix + ".*")
-			}
-
-			// Add the fields we want
-			// TODO(zmerlynn): Internal bug 29524655
-			// listCall = listCall.Fields("items(name,tags)")
-
-			if pageToken != "" {
-				listCall = listCall.PageToken(pageToken)
-			}
-
-			res, err := listCall.Do()
-			if err != nil {
-				return nil, err
+		instances, err := gce.c.Instances().List(context.Background(), zone, filt)
+		if err != nil {
+			return nil, err
+		}
+		for _, instance := range instances {
+			if !hostNames[instance.Name] {
+				continue
 			}
-			pageToken = res.NextPageToken
-			for _, instance := range res.Items {
-				if !hostNames[instance.Name] {
-					continue
-				}
-
-				longest_tag := ""
-				for _, tag := range instance.Tags.Items {
-					if strings.HasPrefix(instance.Name, tag) && len(tag) > len(longest_tag) {
-						longest_tag = tag
-					}
-				}
-				if len(longest_tag) > 0 {
-					tags.Insert(longest_tag)
-				} else {
-					return nil, fmt.Errorf("Could not find any tag that is a prefix of instance name for instance %s", instance.Name)
+			longest_tag := ""
+			for _, tag := range instance.Tags.Items {
+				if strings.HasPrefix(instance.Name, tag) && len(tag) > len(longest_tag) {
+					longest_tag = tag
 				}
 			}
-		}
-		if page >= maxPages {
-			glog.Errorf("computeHostTags exceeded maxPages=%d for Instances.List: truncating.", maxPages)
+			if len(longest_tag) > 0 {
+				tags.Insert(longest_tag)
+			} else {
+				return nil, fmt.Errorf("could not find any tag that is a prefix of instance name for instance %s", instance.Name)
+			}
 		}
 	}
 	if len(tags) == 0 {
-		return nil, fmt.Errorf("No instances found")
+		return nil, fmt.Errorf("no instances found")
 	}
 	return tags.List(), nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_loadbalancer.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_loadbalancer.go
index 6b8995b2f501..4cb66234661c 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_loadbalancer.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_loadbalancer.go
@@ -17,15 +17,18 @@ limitations under the License.
 package gce
 
 import (
+	"context"
 	"flag"
 	"fmt"
 	"net"
+	"sort"
 	"strings"
 
 	"github.com/golang/glog"
 
 	"k8s.io/api/core/v1"
 	"k8s.io/kubernetes/pkg/cloudprovider"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud"
 	netsets "k8s.io/kubernetes/pkg/util/net/sets"
 )
 
@@ -42,13 +45,6 @@ func newLoadBalancerMetricContext(request, region string) *metricContext {
 	return newGenericMetricContext("loadbalancer", request, region, unusedMetricLabel, computeV1Version)
 }
 
-type lbScheme string
-
-const (
-	schemeExternal lbScheme = "EXTERNAL"
-	schemeInternal lbScheme = "INTERNAL"
-)
-
 func init() {
 	var err error
 	// LB L7 proxies and all L3/4/7 health checkers have client addresses within these known CIDRs.
@@ -62,7 +58,9 @@ func init() {
 
 // String is the method to format the flag's value, part of the flag.Value interface.
 func (c *cidrs) String() string {
-	return strings.Join(c.ipn.StringSlice(), ",")
+	s := c.ipn.StringSlice()
+	sort.Strings(s)
+	return strings.Join(s, ",")
 }
 
 // Set supports a value of CSV or the flag repeated multiple times
@@ -93,7 +91,7 @@ func LoadBalancerSrcRanges() []string {
 }
 
 // GetLoadBalancer is an implementation of LoadBalancer.GetLoadBalancer
-func (gce *GCECloud) GetLoadBalancer(clusterName string, svc *v1.Service) (*v1.LoadBalancerStatus, bool, error) {
+func (gce *GCECloud) GetLoadBalancer(ctx context.Context, clusterName string, svc *v1.Service) (*v1.LoadBalancerStatus, bool, error) {
 	loadBalancerName := cloudprovider.GetLoadBalancerName(svc)
 	fwd, err := gce.GetRegionForwardingRule(loadBalancerName, gce.region)
 	if err == nil {
@@ -106,7 +104,7 @@ func (gce *GCECloud) GetLoadBalancer(clusterName string, svc *v1.Service) (*v1.L
 }
 
 // EnsureLoadBalancer is an implementation of LoadBalancer.EnsureLoadBalancer.
-func (gce *GCECloud) EnsureLoadBalancer(clusterName string, svc *v1.Service, nodes []*v1.Node) (*v1.LoadBalancerStatus, error) {
+func (gce *GCECloud) EnsureLoadBalancer(ctx context.Context, clusterName string, svc *v1.Service, nodes []*v1.Node) (*v1.LoadBalancerStatus, error) {
 	loadBalancerName := cloudprovider.GetLoadBalancerName(svc)
 	desiredScheme := getSvcScheme(svc)
 	clusterID, err := gce.ClusterID.GetID()
@@ -122,13 +120,13 @@ func (gce *GCECloud) EnsureLoadBalancer(clusterName string, svc *v1.Service, nod
 	}
 
 	if existingFwdRule != nil {
-		existingScheme := lbScheme(strings.ToUpper(existingFwdRule.LoadBalancingScheme))
+		existingScheme := cloud.LbScheme(strings.ToUpper(existingFwdRule.LoadBalancingScheme))
 
 		// If the loadbalancer type changes between INTERNAL and EXTERNAL, the old load balancer should be deleted.
 		if existingScheme != desiredScheme {
 			glog.V(4).Infof("EnsureLoadBalancer(%v, %v, %v, %v, %v): deleting existing %v loadbalancer", clusterName, svc.Namespace, svc.Name, loadBalancerName, gce.region, existingScheme)
 			switch existingScheme {
-			case schemeInternal:
+			case cloud.SchemeInternal:
 				err = gce.ensureInternalLoadBalancerDeleted(clusterName, clusterID, svc)
 			default:
 				err = gce.ensureExternalLoadBalancerDeleted(clusterName, clusterID, svc)
@@ -145,7 +143,7 @@ func (gce *GCECloud) EnsureLoadBalancer(clusterName string, svc *v1.Service, nod
 
 	var status *v1.LoadBalancerStatus
 	switch desiredScheme {
-	case schemeInternal:
+	case cloud.SchemeInternal:
 		status, err = gce.ensureInternalLoadBalancer(clusterName, clusterID, svc, existingFwdRule, nodes)
 	default:
 		status, err = gce.ensureExternalLoadBalancer(clusterName, clusterID, svc, existingFwdRule, nodes)
@@ -155,7 +153,7 @@ func (gce *GCECloud) EnsureLoadBalancer(clusterName string, svc *v1.Service, nod
 }
 
 // UpdateLoadBalancer is an implementation of LoadBalancer.UpdateLoadBalancer.
-func (gce *GCECloud) UpdateLoadBalancer(clusterName string, svc *v1.Service, nodes []*v1.Node) error {
+func (gce *GCECloud) UpdateLoadBalancer(ctx context.Context, clusterName string, svc *v1.Service, nodes []*v1.Node) error {
 	loadBalancerName := cloudprovider.GetLoadBalancerName(svc)
 	scheme := getSvcScheme(svc)
 	clusterID, err := gce.ClusterID.GetID()
@@ -166,7 +164,7 @@ func (gce *GCECloud) UpdateLoadBalancer(clusterName string, svc *v1.Service, nod
 	glog.V(4).Infof("UpdateLoadBalancer(%v, %v, %v, %v, %v): updating with %d nodes", clusterName, svc.Namespace, svc.Name, loadBalancerName, gce.region, len(nodes))
 
 	switch scheme {
-	case schemeInternal:
+	case cloud.SchemeInternal:
 		err = gce.updateInternalLoadBalancer(clusterName, clusterID, svc, nodes)
 	default:
 		err = gce.updateExternalLoadBalancer(clusterName, svc, nodes)
@@ -176,7 +174,7 @@ func (gce *GCECloud) UpdateLoadBalancer(clusterName string, svc *v1.Service, nod
 }
 
 // EnsureLoadBalancerDeleted is an implementation of LoadBalancer.EnsureLoadBalancerDeleted.
-func (gce *GCECloud) EnsureLoadBalancerDeleted(clusterName string, svc *v1.Service) error {
+func (gce *GCECloud) EnsureLoadBalancerDeleted(ctx context.Context, clusterName string, svc *v1.Service) error {
 	loadBalancerName := cloudprovider.GetLoadBalancerName(svc)
 	scheme := getSvcScheme(svc)
 	clusterID, err := gce.ClusterID.GetID()
@@ -187,7 +185,7 @@ func (gce *GCECloud) EnsureLoadBalancerDeleted(clusterName string, svc *v1.Servi
 	glog.V(4).Infof("EnsureLoadBalancerDeleted(%v, %v, %v, %v, %v): deleting loadbalancer", clusterName, svc.Namespace, svc.Name, loadBalancerName, gce.region)
 
 	switch scheme {
-	case schemeInternal:
+	case cloud.SchemeInternal:
 		err = gce.ensureInternalLoadBalancerDeleted(clusterName, clusterID, svc)
 	default:
 		err = gce.ensureExternalLoadBalancerDeleted(clusterName, clusterID, svc)
@@ -196,9 +194,9 @@ func (gce *GCECloud) EnsureLoadBalancerDeleted(clusterName string, svc *v1.Servi
 	return err
 }
 
-func getSvcScheme(svc *v1.Service) lbScheme {
+func getSvcScheme(svc *v1.Service) cloud.LbScheme {
 	if typ, ok := GetLoadBalancerAnnotationType(svc); ok && typ == LBTypeInternal {
-		return schemeInternal
+		return cloud.SchemeInternal
 	}
-	return schemeExternal
+	return cloud.SchemeExternal
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_loadbalancer_external.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_loadbalancer_external.go
index aabef25feb79..4fd60b969da2 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_loadbalancer_external.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_loadbalancer_external.go
@@ -28,6 +28,7 @@ import (
 	"k8s.io/apimachinery/pkg/util/sets"
 	apiservice "k8s.io/kubernetes/pkg/api/v1/service"
 	"k8s.io/kubernetes/pkg/cloudprovider"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud"
 	netsets "k8s.io/kubernetes/pkg/util/net/sets"
 
 	"github.com/golang/glog"
@@ -63,8 +64,6 @@ func (gce *GCECloud) ensureExternalLoadBalancer(clusterName, clusterID string, a
 		portStr = append(portStr, fmt.Sprintf("%s/%d", p.Protocol, p.Port))
 	}
 
-	affinityType := apiService.Spec.SessionAffinity
-
 	serviceName := types.NamespacedName{Namespace: apiService.Namespace, Name: apiService.Name}
 	lbRefStr := fmt.Sprintf("%v(%v)", loadBalancerName, serviceName)
 	glog.V(2).Infof("ensureExternalLoadBalancer(%s, %v, %v, %v, %v, %v)", lbRefStr, gce.region, requestedIP, portStr, hostNames, apiService.Annotations)
@@ -192,7 +191,7 @@ func (gce *GCECloud) ensureExternalLoadBalancer(clusterName, clusterID string, a
 		}
 	}
 
-	tpExists, tpNeedsUpdate, err := gce.targetPoolNeedsUpdate(loadBalancerName, gce.region, affinityType)
+	tpExists, tpNeedsRecreation, err := gce.targetPoolNeedsRecreation(loadBalancerName, gce.region, apiService.Spec.SessionAffinity)
 	if err != nil {
 		return nil, err
 	}
@@ -211,24 +210,24 @@ func (gce *GCECloud) ensureExternalLoadBalancer(clusterName, clusterID string, a
 		glog.V(4).Infof("ensureExternalLoadBalancer(%s): Service needs local traffic health checks on: %d%s.", lbRefStr, healthCheckNodePort, path)
 		if hcLocalTrafficExisting == nil {
 			// This logic exists to detect a transition for non-OnlyLocal to OnlyLocal service
-			// turn on the tpNeedsUpdate flag to delete/recreate fwdrule/tpool updating the
+			// turn on the tpNeedsRecreation flag to delete/recreate fwdrule/tpool updating the
 			// target pool to use local traffic health check.
 			glog.V(2).Infof("ensureExternalLoadBalancer(%s): Updating from nodes health checks to local traffic health checks.", lbRefStr)
 			if supportsNodesHealthCheck {
 				hcToDelete = makeHttpHealthCheck(MakeNodesHealthCheckName(clusterID), GetNodesHealthCheckPath(), GetNodesHealthCheckPort())
 			}
-			tpNeedsUpdate = true
+			tpNeedsRecreation = true
 		}
 		hcToCreate = makeHttpHealthCheck(loadBalancerName, path, healthCheckNodePort)
 	} else {
 		glog.V(4).Infof("ensureExternalLoadBalancer(%s): Service needs nodes health checks.", lbRefStr)
 		if hcLocalTrafficExisting != nil {
 			// This logic exists to detect a transition from OnlyLocal to non-OnlyLocal service
-			// and turn on the tpNeedsUpdate flag to delete/recreate fwdrule/tpool updating the
+			// and turn on the tpNeedsRecreation flag to delete/recreate fwdrule/tpool updating the
 			// target pool to use nodes health check.
 			glog.V(2).Infof("ensureExternalLoadBalancer(%s): Updating from local traffic health checks to nodes health checks.", lbRefStr)
 			hcToDelete = hcLocalTrafficExisting
-			tpNeedsUpdate = true
+			tpNeedsRecreation = true
 		}
 		if supportsNodesHealthCheck {
 			hcToCreate = makeHttpHealthCheck(MakeNodesHealthCheckName(clusterID), GetNodesHealthCheckPath(), GetNodesHealthCheckPort())
@@ -241,7 +240,7 @@ func (gce *GCECloud) ensureExternalLoadBalancer(clusterName, clusterID string, a
 	// can't delete a target pool that's currently in use by a forwarding rule.
 	// Thus, we have to tear down the forwarding rule if either it or the target
 	// pool needs to be updated.
-	if fwdRuleExists && (fwdRuleNeedsUpdate || tpNeedsUpdate) {
+	if fwdRuleExists && (fwdRuleNeedsUpdate || tpNeedsRecreation) {
 		// Begin critical section. If we have to delete the forwarding rule,
 		// and something should fail before we recreate it, don't release the
 		// IP.  That way we can come back to it later.
@@ -251,48 +250,12 @@ func (gce *GCECloud) ensureExternalLoadBalancer(clusterName, clusterID string, a
 		}
 		glog.Infof("ensureExternalLoadBalancer(%s): Deleted forwarding rule.", lbRefStr)
 	}
-	if tpExists && tpNeedsUpdate {
-		// Pass healthchecks to DeleteExternalTargetPoolAndChecks to cleanup health checks after cleaning up the target pool itself.
-		var hcNames []string
-		if hcToDelete != nil {
-			hcNames = append(hcNames, hcToDelete.Name)
-		}
-		if err := gce.DeleteExternalTargetPoolAndChecks(apiService, loadBalancerName, gce.region, clusterID, hcNames...); err != nil {
-			return nil, fmt.Errorf("failed to delete existing target pool for load balancer (%s) update: %v", lbRefStr, err)
-		}
-		glog.Infof("ensureExternalLoadBalancer(%s): Deleted target pool.", lbRefStr)
-	}
 
-	// Once we've deleted the resources (if necessary), build them back up (or for
-	// the first time if they're new).
-	if tpNeedsUpdate {
-		createInstances := hosts
-		if len(hosts) > maxTargetPoolCreateInstances {
-			createInstances = createInstances[:maxTargetPoolCreateInstances]
-		}
-		// Pass healthchecks to createTargetPool which needs them as health check links in the target pool
-		if err := gce.createTargetPool(apiService, loadBalancerName, serviceName.String(), ipAddressToUse, gce.region, clusterID, createInstances, affinityType, hcToCreate); err != nil {
-			return nil, fmt.Errorf("failed to create target pool for load balancer (%s): %v", lbRefStr, err)
-		}
-		if hcToCreate != nil {
-			glog.Infof("ensureExternalLoadBalancer(%s): Created health checks %v.", lbRefStr, hcToCreate.Name)
-		}
-		if len(hosts) <= maxTargetPoolCreateInstances {
-			glog.Infof("ensureExternalLoadBalancer(%s): Created target pool.", lbRefStr)
-		} else {
-			glog.Infof("ensureExternalLoadBalancer(%s): Created initial target pool (now updating with %d hosts).", lbRefStr, len(hosts)-maxTargetPoolCreateInstances)
-
-			created := sets.NewString()
-			for _, host := range createInstances {
-				created.Insert(host.makeComparableHostPath())
-			}
-			if err := gce.updateTargetPool(loadBalancerName, created, hosts); err != nil {
-				return nil, fmt.Errorf("failed to update target pool for load balancer (%s): %v", lbRefStr, err)
-			}
-			glog.Infof("ensureExternalLoadBalancer(%s): Updated target pool (with %d hosts).", lbRefStr, len(hosts)-maxTargetPoolCreateInstances)
-		}
+	if err := gce.ensureTargetPoolAndHealthCheck(tpExists, tpNeedsRecreation, apiService, loadBalancerName, clusterID, ipAddressToUse, hosts, hcToCreate, hcToDelete); err != nil {
+		return nil, err
 	}
-	if tpNeedsUpdate || fwdRuleNeedsUpdate {
+
+	if tpNeedsRecreation || fwdRuleNeedsUpdate {
 		glog.Infof("ensureExternalLoadBalancer(%s): Creating forwarding rule, IP %s (tier: %s).", lbRefStr, ipAddressToUse, netTier)
 		if err := createForwardingRule(gce, loadBalancerName, serviceName.String(), gce.region, ipAddressToUse, gce.targetPoolURL(loadBalancerName), ports, netTier); err != nil {
 			return nil, fmt.Errorf("failed to create forwarding rule for load balancer (%s): %v", lbRefStr, err)
@@ -319,16 +282,7 @@ func (gce *GCECloud) updateExternalLoadBalancer(clusterName string, service *v1.
 	}
 
 	loadBalancerName := cloudprovider.GetLoadBalancerName(service)
-	pool, err := gce.service.TargetPools.Get(gce.projectID, gce.region, loadBalancerName).Do()
-	if err != nil {
-		return err
-	}
-	existing := sets.NewString()
-	for _, instance := range pool.Instances {
-		existing.Insert(hostURLToComparablePath(instance))
-	}
-
-	return gce.updateTargetPool(loadBalancerName, existing, hosts)
+	return gce.updateTargetPool(loadBalancerName, hosts)
 }
 
 // ensureExternalLoadBalancerDeleted is the external implementation of LoadBalancer.EnsureLoadBalancerDeleted
@@ -463,7 +417,7 @@ func (gce *GCECloud) DeleteExternalTargetPoolAndChecks(service *v1.Service, name
 // the verification failed. It also returns a boolean to indicate whether the
 // IP address is considered owned by the user (i.e., not managed by the
 // controller.
-func verifyUserRequestedIP(s CloudAddressService, region, requestedIP, fwdRuleIP, lbRef string, desiredNetTier NetworkTier) (isUserOwnedIP bool, err error) {
+func verifyUserRequestedIP(s CloudAddressService, region, requestedIP, fwdRuleIP, lbRef string, desiredNetTier cloud.NetworkTier) (isUserOwnedIP bool, err error) {
 	if requestedIP == "" {
 		return false, nil
 	}
@@ -486,7 +440,7 @@ func verifyUserRequestedIP(s CloudAddressService, region, requestedIP, fwdRuleIP
 		if err != nil {
 			return false, fmt.Errorf("failed to check the network tier of the IP %q: %v", requestedIP, err)
 		}
-		netTier := NetworkTierGCEValueToType(netTierStr)
+		netTier := cloud.NetworkTierGCEValueToType(netTierStr)
 		if netTier != desiredNetTier {
 			glog.Errorf("verifyUserRequestedIP: requested static IP %q (name: %s) for LB %s has network tier %s, need %s.", requestedIP, existingAddress.Name, lbRef, netTier, desiredNetTier)
 			return false, fmt.Errorf("requrested IP %q belongs to the %s network tier; expected %s", requestedIP, netTier, desiredNetTier)
@@ -508,7 +462,54 @@ func verifyUserRequestedIP(s CloudAddressService, region, requestedIP, fwdRuleIP
 	return false, fmt.Errorf("requested ip %q is neither static nor assigned to the LB", requestedIP)
 }
 
-func (gce *GCECloud) createTargetPool(svc *v1.Service, name, serviceName, ipAddress, region, clusterID string, hosts []*gceInstance, affinityType v1.ServiceAffinity, hc *compute.HttpHealthCheck) error {
+func (gce *GCECloud) ensureTargetPoolAndHealthCheck(tpExists, tpNeedsRecreation bool, svc *v1.Service, loadBalancerName, clusterID, ipAddressToUse string, hosts []*gceInstance, hcToCreate, hcToDelete *compute.HttpHealthCheck) error {
+	serviceName := types.NamespacedName{Namespace: svc.Namespace, Name: svc.Name}
+	lbRefStr := fmt.Sprintf("%v(%v)", loadBalancerName, serviceName)
+
+	if tpExists && tpNeedsRecreation {
+		// Pass healthchecks to DeleteExternalTargetPoolAndChecks to cleanup health checks after cleaning up the target pool itself.
+		var hcNames []string
+		if hcToDelete != nil {
+			hcNames = append(hcNames, hcToDelete.Name)
+		}
+		if err := gce.DeleteExternalTargetPoolAndChecks(svc, loadBalancerName, gce.region, clusterID, hcNames...); err != nil {
+			return fmt.Errorf("failed to delete existing target pool for load balancer (%s) update: %v", lbRefStr, err)
+		}
+		glog.Infof("ensureTargetPoolAndHealthCheck(%s): Deleted target pool.", lbRefStr)
+	}
+	// Once we've deleted the resources (if necessary), build them back up (or for
+	// the first time if they're new).
+	if tpNeedsRecreation {
+		createInstances := hosts
+		if len(hosts) > maxTargetPoolCreateInstances {
+			createInstances = createInstances[:maxTargetPoolCreateInstances]
+		}
+		if err := gce.createTargetPoolAndHealthCheck(svc, loadBalancerName, serviceName.String(), ipAddressToUse, gce.region, clusterID, createInstances, hcToCreate); err != nil {
+			return fmt.Errorf("failed to create target pool for load balancer (%s): %v", lbRefStr, err)
+		}
+		if hcToCreate != nil {
+			glog.Infof("ensureTargetPoolAndHealthCheck(%s): Created health checks %v.", lbRefStr, hcToCreate.Name)
+		}
+		if len(hosts) <= maxTargetPoolCreateInstances {
+			glog.Infof("ensureTargetPoolAndHealthCheck(%s): Created target pool.", lbRefStr)
+		} else {
+			glog.Infof("ensureTargetPoolAndHealthCheck(%s): Created initial target pool (now updating the remaining %d hosts).", lbRefStr, len(hosts)-maxTargetPoolCreateInstances)
+			if err := gce.updateTargetPool(loadBalancerName, hosts); err != nil {
+				return fmt.Errorf("failed to update target pool for load balancer (%s): %v", lbRefStr, err)
+			}
+			glog.Infof("ensureTargetPoolAndHealthCheck(%s): Updated target pool (with %d hosts).", lbRefStr, len(hosts)-maxTargetPoolCreateInstances)
+		}
+	} else if tpExists {
+		// Ensure hosts are updated even if there is no other changes required on target pool.
+		if err := gce.updateTargetPool(loadBalancerName, hosts); err != nil {
+			return fmt.Errorf("failed to update target pool for load balancer (%s): %v", lbRefStr, err)
+		}
+		glog.Infof("ensureTargetPoolAndHealthCheck(%s): Updated target pool (with %d hosts).", lbRefStr, len(hosts))
+	}
+	return nil
+}
+
+func (gce *GCECloud) createTargetPoolAndHealthCheck(svc *v1.Service, name, serviceName, ipAddress, region, clusterID string, hosts []*gceInstance, hc *compute.HttpHealthCheck) error {
 	// health check management is coupled with targetPools to prevent leaks. A
 	// target pool is the only thing that requires a health check, so we delete
 	// associated checks on teardown, and ensure checks on setup.
@@ -535,14 +536,14 @@ func (gce *GCECloud) createTargetPool(svc *v1.Service, name, serviceName, ipAddr
 
 	var instances []string
 	for _, host := range hosts {
-		instances = append(instances, makeHostURL(gce.service.BasePath, gce.projectID, host.Zone, host.Name))
+		instances = append(instances, host.makeComparableHostPath())
 	}
 	glog.Infof("Creating targetpool %v with %d healthchecks", name, len(hcLinks))
 	pool := &compute.TargetPool{
 		Name:            name,
 		Description:     fmt.Sprintf(`{"kubernetes.io/service-name":"%s"}`, serviceName),
 		Instances:       instances,
-		SessionAffinity: translateAffinityType(affinityType),
+		SessionAffinity: translateAffinityType(svc.Spec.SessionAffinity),
 		HealthChecks:    hcLinks,
 	}
 
@@ -552,7 +553,16 @@ func (gce *GCECloud) createTargetPool(svc *v1.Service, name, serviceName, ipAddr
 	return nil
 }
 
-func (gce *GCECloud) updateTargetPool(loadBalancerName string, existing sets.String, hosts []*gceInstance) error {
+func (gce *GCECloud) updateTargetPool(loadBalancerName string, hosts []*gceInstance) error {
+	pool, err := gce.GetTargetPool(loadBalancerName, gce.region)
+	if err != nil {
+		return err
+	}
+	existing := sets.NewString()
+	for _, instance := range pool.Instances {
+		existing.Insert(hostURLToComparablePath(instance))
+	}
+
 	var toAdd []*compute.InstanceReference
 	var toRemove []*compute.InstanceReference
 	for _, host := range hosts {
@@ -648,7 +658,7 @@ func (gce *GCECloud) ensureHttpHealthCheck(name, path string, port int32) (hc *c
 // Returns whether the forwarding rule exists, whether it needs to be updated,
 // what its IP address is (if it exists), and any error we encountered.
 func (gce *GCECloud) forwardingRuleNeedsUpdate(name, region string, loadBalancerIP string, ports []v1.ServicePort) (exists bool, needsUpdate bool, ipAddress string, err error) {
-	fwd, err := gce.service.ForwardingRules.Get(gce.projectID, region, name).Do()
+	fwd, err := gce.GetRegionForwardingRule(name, region)
 	if err != nil {
 		if isHTTPErrorCode(err, http.StatusNotFound) {
 			return false, true, "", nil
@@ -686,8 +696,8 @@ func (gce *GCECloud) forwardingRuleNeedsUpdate(name, region string, loadBalancer
 
 // Doesn't check whether the hosts have changed, since host updating is handled
 // separately.
-func (gce *GCECloud) targetPoolNeedsUpdate(name, region string, affinityType v1.ServiceAffinity) (exists bool, needsUpdate bool, err error) {
-	tp, err := gce.service.TargetPools.Get(gce.projectID, region, name).Do()
+func (gce *GCECloud) targetPoolNeedsRecreation(name, region string, affinityType v1.ServiceAffinity) (exists bool, needsRecreation bool, err error) {
+	tp, err := gce.GetTargetPool(name, region)
 	if err != nil {
 		if isHTTPErrorCode(err, http.StatusNotFound) {
 			return false, true, nil
@@ -723,11 +733,6 @@ func nodeNames(nodes []*v1.Node) []string {
 	return ret
 }
 
-func makeHostURL(projectsApiEndpoint, projectID, zone, host string) string {
-	host = canonicalizeInstanceName(host)
-	return projectsApiEndpoint + strings.Join([]string{projectID, "zones", zone, "instances", host}, "/")
-}
-
 func hostURLToComparablePath(hostURL string) string {
 	idx := strings.Index(hostURL, "/zones/")
 	if idx < 0 {
@@ -773,7 +778,7 @@ func translateAffinityType(affinityType v1.ServiceAffinity) string {
 }
 
 func (gce *GCECloud) firewallNeedsUpdate(name, serviceName, region, ipAddress string, ports []v1.ServicePort, sourceRanges netsets.IPNet) (exists bool, needsUpdate bool, err error) {
-	fw, err := gce.service.Firewalls.Get(gce.NetworkProjectID(), MakeFirewallName(name)).Do()
+	fw, err := gce.GetFirewall(MakeFirewallName(name))
 	if err != nil {
 		if isHTTPErrorCode(err, http.StatusNotFound) {
 			return false, true, nil
@@ -820,7 +825,7 @@ func (gce *GCECloud) ensureHttpHealthCheckFirewall(svc *v1.Service, serviceName,
 	ports := []v1.ServicePort{{Protocol: "tcp", Port: hcPort}}
 
 	fwName := MakeHealthCheckFirewallName(clusterID, hcName, isNodesHealthCheck)
-	fw, err := gce.service.Firewalls.Get(gce.NetworkProjectID(), fwName).Do()
+	fw, err := gce.GetFirewall(fwName)
 	if err != nil {
 		if !isHTTPErrorCode(err, http.StatusNotFound) {
 			return fmt.Errorf("error getting firewall for health checks: %v", err)
@@ -848,7 +853,7 @@ func (gce *GCECloud) ensureHttpHealthCheckFirewall(svc *v1.Service, serviceName,
 	return nil
 }
 
-func createForwardingRule(s CloudForwardingRuleService, name, serviceName, region, ipAddress, target string, ports []v1.ServicePort, netTier NetworkTier) error {
+func createForwardingRule(s CloudForwardingRuleService, name, serviceName, region, ipAddress, target string, ports []v1.ServicePort, netTier cloud.NetworkTier) error {
 	portRange, err := loadBalancerPortRange(ports)
 	if err != nil {
 		return err
@@ -857,7 +862,7 @@ func createForwardingRule(s CloudForwardingRuleService, name, serviceName, regio
 	ipProtocol := string(ports[0].Protocol)
 
 	switch netTier {
-	case NetworkTierPremium:
+	case cloud.NetworkTierPremium:
 		rule := &compute.ForwardingRule{
 			Name:        name,
 			Description: desc,
@@ -960,7 +965,7 @@ func (gce *GCECloud) firewallObject(name, region, desc string, sourceRanges nets
 	return firewall, nil
 }
 
-func ensureStaticIP(s CloudAddressService, name, serviceName, region, existingIP string, netTier NetworkTier) (ipAddress string, existing bool, err error) {
+func ensureStaticIP(s CloudAddressService, name, serviceName, region, existingIP string, netTier cloud.NetworkTier) (ipAddress string, existing bool, err error) {
 	// If the address doesn't exist, this will create it.
 	// If the existingIP exists but is ephemeral, this will promote it to static.
 	// If the address already exists, this will harmlessly return a StatusConflict
@@ -970,7 +975,7 @@ func ensureStaticIP(s CloudAddressService, name, serviceName, region, existingIP
 
 	var creationErr error
 	switch netTier {
-	case NetworkTierPremium:
+	case cloud.NetworkTierPremium:
 		addressObj := &compute.Address{
 			Name:        name,
 			Description: desc,
@@ -1008,19 +1013,19 @@ func ensureStaticIP(s CloudAddressService, name, serviceName, region, existingIP
 	return addr.Address, existed, nil
 }
 
-func (gce *GCECloud) getServiceNetworkTier(svc *v1.Service) (NetworkTier, error) {
+func (gce *GCECloud) getServiceNetworkTier(svc *v1.Service) (cloud.NetworkTier, error) {
 	if !gce.AlphaFeatureGate.Enabled(AlphaFeatureNetworkTiers) {
-		return NetworkTierDefault, nil
+		return cloud.NetworkTierDefault, nil
 	}
 	tier, err := GetServiceNetworkTier(svc)
 	if err != nil {
 		// Returns an error if the annotation is invalid.
-		return NetworkTier(""), err
+		return cloud.NetworkTier(""), err
 	}
 	return tier, nil
 }
 
-func (gce *GCECloud) deleteWrongNetworkTieredResources(lbName, lbRef string, desiredNetTier NetworkTier) error {
+func (gce *GCECloud) deleteWrongNetworkTieredResources(lbName, lbRef string, desiredNetTier cloud.NetworkTier) error {
 	logPrefix := fmt.Sprintf("deleteWrongNetworkTieredResources:(%s)", lbRef)
 	if err := deleteFWDRuleWithWrongTier(gce, gce.region, lbName, logPrefix, desiredNetTier); err != nil {
 		return err
@@ -1033,14 +1038,14 @@ func (gce *GCECloud) deleteWrongNetworkTieredResources(lbName, lbRef string, des
 
 // deleteFWDRuleWithWrongTier checks the network tier of existing forwarding
 // rule and delete the rule if the tier does not matched the desired tier.
-func deleteFWDRuleWithWrongTier(s CloudForwardingRuleService, region, name, logPrefix string, desiredNetTier NetworkTier) error {
+func deleteFWDRuleWithWrongTier(s CloudForwardingRuleService, region, name, logPrefix string, desiredNetTier cloud.NetworkTier) error {
 	tierStr, err := s.getNetworkTierFromForwardingRule(name, region)
 	if isNotFound(err) {
 		return nil
 	} else if err != nil {
 		return err
 	}
-	existingTier := NetworkTierGCEValueToType(tierStr)
+	existingTier := cloud.NetworkTierGCEValueToType(tierStr)
 	if existingTier == desiredNetTier {
 		return nil
 	}
@@ -1052,7 +1057,7 @@ func deleteFWDRuleWithWrongTier(s CloudForwardingRuleService, region, name, logP
 
 // deleteAddressWithWrongTier checks the network tier of existing address
 // and delete the address if the tier does not matched the desired tier.
-func deleteAddressWithWrongTier(s CloudAddressService, region, name, logPrefix string, desiredNetTier NetworkTier) error {
+func deleteAddressWithWrongTier(s CloudAddressService, region, name, logPrefix string, desiredNetTier cloud.NetworkTier) error {
 	// We only check the IP address matching the reserved name that the
 	// controller assigned to the LB. We make the assumption that an address of
 	// such name is owned by the controller and is safe to release. Whether an
@@ -1068,7 +1073,7 @@ func deleteAddressWithWrongTier(s CloudAddressService, region, name, logPrefix s
 	} else if err != nil {
 		return err
 	}
-	existingTier := NetworkTierGCEValueToType(tierStr)
+	existingTier := cloud.NetworkTierGCEValueToType(tierStr)
 	if existingTier == desiredNetTier {
 		return nil
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_loadbalancer_internal.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_loadbalancer_internal.go
index 948d95166ef8..51251fe26d26 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_loadbalancer_internal.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_loadbalancer_internal.go
@@ -28,6 +28,7 @@ import (
 	"k8s.io/apimachinery/pkg/util/sets"
 	v1_service "k8s.io/kubernetes/pkg/api/v1/service"
 	"k8s.io/kubernetes/pkg/cloudprovider"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud"
 )
 
 const (
@@ -37,7 +38,7 @@ const (
 func (gce *GCECloud) ensureInternalLoadBalancer(clusterName, clusterID string, svc *v1.Service, existingFwdRule *compute.ForwardingRule, nodes []*v1.Node) (*v1.LoadBalancerStatus, error) {
 	nm := types.NamespacedName{Name: svc.Name, Namespace: svc.Namespace}
 	ports, protocol := getPortsAndProtocol(svc.Spec.Ports)
-	scheme := schemeInternal
+	scheme := cloud.SchemeInternal
 	loadBalancerName := cloudprovider.GetLoadBalancerName(svc)
 	sharedBackend := shareBackendService(svc)
 	backendServiceName := makeBackendServiceName(loadBalancerName, clusterID, sharedBackend, scheme, protocol, svc.Spec.SessionAffinity)
@@ -93,7 +94,7 @@ func (gce *GCECloud) ensureInternalLoadBalancer(clusterName, clusterID string, s
 	var addrMgr *addressManager
 	// If the network is not a legacy network, use the address manager
 	if !gce.IsLegacyNetwork() {
-		addrMgr = newAddressManager(gce, nm.String(), gce.Region(), subnetworkURL, loadBalancerName, requestedIP, schemeInternal)
+		addrMgr = newAddressManager(gce, nm.String(), gce.Region(), subnetworkURL, loadBalancerName, requestedIP, cloud.SchemeInternal)
 		ipToUse, err = addrMgr.HoldAddress()
 		if err != nil {
 			return nil, err
@@ -208,7 +209,7 @@ func (gce *GCECloud) updateInternalLoadBalancer(clusterName, clusterID string, s
 
 	// Generate the backend service name
 	_, protocol := getPortsAndProtocol(svc.Spec.Ports)
-	scheme := schemeInternal
+	scheme := cloud.SchemeInternal
 	loadBalancerName := cloudprovider.GetLoadBalancerName(svc)
 	backendServiceName := makeBackendServiceName(loadBalancerName, clusterID, shareBackendService(svc), scheme, protocol, svc.Spec.SessionAffinity)
 	// Ensure the backend service has the proper backend/instance-group links
@@ -218,7 +219,7 @@ func (gce *GCECloud) updateInternalLoadBalancer(clusterName, clusterID string, s
 func (gce *GCECloud) ensureInternalLoadBalancerDeleted(clusterName, clusterID string, svc *v1.Service) error {
 	loadBalancerName := cloudprovider.GetLoadBalancerName(svc)
 	_, protocol := getPortsAndProtocol(svc.Spec.Ports)
-	scheme := schemeInternal
+	scheme := cloud.SchemeInternal
 	sharedBackend := shareBackendService(svc)
 	sharedHealthCheck := !v1_service.RequestsOnlyLocalTraffic(svc)
 
@@ -444,7 +445,7 @@ func (gce *GCECloud) ensureInternalInstanceGroup(name, zone string, nodes []*v1.
 			return "", err
 		}
 
-		for _, ins := range instances.Items {
+		for _, ins := range instances {
 			parts := strings.Split(ins.Instance, "/")
 			gceNodes.Insert(parts[len(parts)-1])
 		}
@@ -506,7 +507,7 @@ func (gce *GCECloud) ensureInternalInstanceGroupsDeleted(name string) error {
 	return nil
 }
 
-func (gce *GCECloud) ensureInternalBackendService(name, description string, affinityType v1.ServiceAffinity, scheme lbScheme, protocol v1.Protocol, igLinks []string, hcLink string) error {
+func (gce *GCECloud) ensureInternalBackendService(name, description string, affinityType v1.ServiceAffinity, scheme cloud.LbScheme, protocol v1.Protocol, igLinks []string, hcLink string) error {
 	glog.V(2).Infof("ensureInternalBackendService(%v, %v, %v): checking existing backend service with %d groups", name, scheme, protocol, len(igLinks))
 	bs, err := gce.GetRegionBackendService(name, gce.region)
 	if err != nil && !isNotFound(err) {
@@ -534,11 +535,6 @@ func (gce *GCECloud) ensureInternalBackendService(name, description string, affi
 		glog.V(2).Infof("ensureInternalBackendService: created backend service %v successfully", name)
 		return nil
 	}
-	// Check existing backend service
-	existingIGLinks := sets.NewString()
-	for _, be := range bs.Backends {
-		existingIGLinks.Insert(be.Group)
-	}
 
 	if backendSvcEqual(expectedBS, bs) {
 		return nil
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_loadbalancer_naming.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_loadbalancer_naming.go
index 7fee340a629c..1e1feeff53bb 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_loadbalancer_naming.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_loadbalancer_naming.go
@@ -24,6 +24,7 @@ import (
 
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud"
 )
 
 // Internal Load Balancer
@@ -33,7 +34,7 @@ func makeInstanceGroupName(clusterID string) string {
 	return fmt.Sprintf("k8s-ig--%s", clusterID)
 }
 
-func makeBackendServiceName(loadBalancerName, clusterID string, shared bool, scheme lbScheme, protocol v1.Protocol, svcAffinity v1.ServiceAffinity) string {
+func makeBackendServiceName(loadBalancerName, clusterID string, shared bool, scheme cloud.LbScheme, protocol v1.Protocol, svcAffinity v1.ServiceAffinity) string {
 	if shared {
 		hash := sha1.New()
 
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_networkendpointgroup.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_networkendpointgroup.go
index f8d3e80f4f3e..f0e3fb538d29 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_networkendpointgroup.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_networkendpointgroup.go
@@ -18,8 +18,13 @@ package gce
 
 import (
 	"context"
-	computealpha "google.golang.org/api/compute/v0.alpha"
+	"fmt"
 	"strings"
+
+	computealpha "google.golang.org/api/compute/v0.alpha"
+
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
 )
 
 const (
@@ -32,48 +37,45 @@ func newNetworkEndpointGroupMetricContext(request string, zone string) *metricCo
 }
 
 func (gce *GCECloud) GetNetworkEndpointGroup(name string, zone string) (*computealpha.NetworkEndpointGroup, error) {
+	mc := newNetworkEndpointGroupMetricContext("get", zone)
 	if err := gce.alphaFeatureEnabled(AlphaFeatureNetworkEndpointGroup); err != nil {
-		return nil, err
+		return nil, mc.Observe(err)
 	}
-	mc := newNetworkEndpointGroupMetricContext("get", zone)
-	v, err := gce.serviceAlpha.NetworkEndpointGroups.Get(gce.ProjectID(), zone, name).Do()
+	v, err := gce.c.AlphaNetworkEndpointGroups().Get(context.Background(), meta.ZonalKey(name, zone))
 	return v, mc.Observe(err)
 }
 
 func (gce *GCECloud) ListNetworkEndpointGroup(zone string) ([]*computealpha.NetworkEndpointGroup, error) {
+	mc := newNetworkEndpointGroupMetricContext("list", zone)
 	if err := gce.alphaFeatureEnabled(AlphaFeatureNetworkEndpointGroup); err != nil {
-		return nil, err
+		return nil, mc.Observe(err)
 	}
-	mc := newNetworkEndpointGroupMetricContext("list", zone)
-	networkEndpointGroups := []*computealpha.NetworkEndpointGroup{}
-	err := gce.serviceAlpha.NetworkEndpointGroups.List(gce.ProjectID(), zone).Pages(context.Background(), func(res *computealpha.NetworkEndpointGroupList) error {
-		networkEndpointGroups = append(networkEndpointGroups, res.Items...)
-		return nil
-	})
-	return networkEndpointGroups, mc.Observe(err)
+	negs, err := gce.c.AlphaNetworkEndpointGroups().List(context.Background(), zone, filter.None)
+	return negs, mc.Observe(err)
 }
 
+// AggregatedListNetworkEndpointGroup returns a map of zone -> endpoint group.
 func (gce *GCECloud) AggregatedListNetworkEndpointGroup() (map[string][]*computealpha.NetworkEndpointGroup, error) {
+	mc := newNetworkEndpointGroupMetricContext("aggregated_list", "")
 	if err := gce.alphaFeatureEnabled(AlphaFeatureNetworkEndpointGroup); err != nil {
-		return nil, err
+		return nil, mc.Observe(err)
 	}
-	mc := newNetworkEndpointGroupMetricContext("aggregated_list", "")
-	zoneNetworkEndpointGroupMap := map[string][]*computealpha.NetworkEndpointGroup{}
-	err := gce.serviceAlpha.NetworkEndpointGroups.AggregatedList(gce.ProjectID()).Pages(context.Background(), func(res *computealpha.NetworkEndpointGroupAggregatedList) error {
-		for key, negs := range res.Items {
-			if len(negs.NetworkEndpointGroups) == 0 {
-				continue
-			}
-			// key has the format of "zones/${zone_name}"
-			zone := strings.Split(key, "/")[1]
-			if _, ok := zoneNetworkEndpointGroupMap[zone]; !ok {
-				zoneNetworkEndpointGroupMap[zone] = []*computealpha.NetworkEndpointGroup{}
-			}
-			zoneNetworkEndpointGroupMap[zone] = append(zoneNetworkEndpointGroupMap[zone], negs.NetworkEndpointGroups...)
+	// TODO: filter for the region the cluster is in.
+	all, err := gce.c.AlphaNetworkEndpointGroups().AggregatedList(context.Background(), filter.None)
+	if err != nil {
+		return nil, mc.Observe(err)
+	}
+	ret := map[string][]*computealpha.NetworkEndpointGroup{}
+	for key, byZone := range all {
+		// key is "zones/<zone name>"
+		parts := strings.Split(key, "/")
+		if len(parts) != 2 {
+			return nil, mc.Observe(fmt.Errorf("invalid key for AggregatedListNetworkEndpointGroup: %q", key))
 		}
-		return nil
-	})
-	return zoneNetworkEndpointGroupMap, mc.Observe(err)
+		zone := parts[1]
+		ret[zone] = append(ret[zone], byZone...)
+	}
+	return ret, mc.Observe(nil)
 }
 
 func (gce *GCECloud) CreateNetworkEndpointGroup(neg *computealpha.NetworkEndpointGroup, zone string) error {
@@ -81,11 +83,7 @@ func (gce *GCECloud) CreateNetworkEndpointGroup(neg *computealpha.NetworkEndpoin
 		return err
 	}
 	mc := newNetworkEndpointGroupMetricContext("create", zone)
-	op, err := gce.serviceAlpha.NetworkEndpointGroups.Insert(gce.ProjectID(), zone, neg).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForZoneOp(op, zone, mc)
+	return mc.Observe(gce.c.AlphaNetworkEndpointGroups().Insert(context.Background(), meta.ZonalKey(neg.Name, zone), neg))
 }
 
 func (gce *GCECloud) DeleteNetworkEndpointGroup(name string, zone string) error {
@@ -93,56 +91,43 @@ func (gce *GCECloud) DeleteNetworkEndpointGroup(name string, zone string) error
 		return err
 	}
 	mc := newNetworkEndpointGroupMetricContext("delete", zone)
-	op, err := gce.serviceAlpha.NetworkEndpointGroups.Delete(gce.ProjectID(), zone, name).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForZoneOp(op, zone, mc)
+	return mc.Observe(gce.c.AlphaNetworkEndpointGroups().Delete(context.Background(), meta.ZonalKey(name, zone)))
 }
 
 func (gce *GCECloud) AttachNetworkEndpoints(name, zone string, endpoints []*computealpha.NetworkEndpoint) error {
+	mc := newNetworkEndpointGroupMetricContext("attach", zone)
 	if err := gce.alphaFeatureEnabled(AlphaFeatureNetworkEndpointGroup); err != nil {
-		return err
+		return mc.Observe(err)
 	}
-	mc := newNetworkEndpointGroupMetricContext("attach", zone)
-	op, err := gce.serviceAlpha.NetworkEndpointGroups.AttachNetworkEndpoints(gce.ProjectID(), zone, name, &computealpha.NetworkEndpointGroupsAttachEndpointsRequest{
+	req := &computealpha.NetworkEndpointGroupsAttachEndpointsRequest{
 		NetworkEndpoints: endpoints,
-	}).Do()
-	if err != nil {
-		return mc.Observe(err)
 	}
-	return gce.waitForZoneOp(op, zone, mc)
+	return mc.Observe(gce.c.AlphaNetworkEndpointGroups().AttachNetworkEndpoints(context.Background(), meta.ZonalKey(name, zone), req))
 }
 
 func (gce *GCECloud) DetachNetworkEndpoints(name, zone string, endpoints []*computealpha.NetworkEndpoint) error {
+	mc := newNetworkEndpointGroupMetricContext("detach", zone)
 	if err := gce.alphaFeatureEnabled(AlphaFeatureNetworkEndpointGroup); err != nil {
-		return err
+		return mc.Observe(err)
 	}
-	mc := newNetworkEndpointGroupMetricContext("detach", zone)
-	op, err := gce.serviceAlpha.NetworkEndpointGroups.DetachNetworkEndpoints(gce.ProjectID(), zone, name, &computealpha.NetworkEndpointGroupsDetachEndpointsRequest{
+	req := &computealpha.NetworkEndpointGroupsDetachEndpointsRequest{
 		NetworkEndpoints: endpoints,
-	}).Do()
-	if err != nil {
-		return mc.Observe(err)
 	}
-	return gce.waitForZoneOp(op, zone, mc)
+	return mc.Observe(gce.c.AlphaNetworkEndpointGroups().DetachNetworkEndpoints(context.Background(), meta.ZonalKey(name, zone), req))
 }
 
 func (gce *GCECloud) ListNetworkEndpoints(name, zone string, showHealthStatus bool) ([]*computealpha.NetworkEndpointWithHealthStatus, error) {
+	mc := newNetworkEndpointGroupMetricContext("list_networkendpoints", zone)
 	if err := gce.alphaFeatureEnabled(AlphaFeatureNetworkEndpointGroup); err != nil {
-		return nil, err
+		return nil, mc.Observe(err)
 	}
 	healthStatus := "SKIP"
 	if showHealthStatus {
 		healthStatus = "SHOW"
 	}
-	mc := newNetworkEndpointGroupMetricContext("list_networkendpoints", zone)
-	networkEndpoints := []*computealpha.NetworkEndpointWithHealthStatus{}
-	err := gce.serviceAlpha.NetworkEndpointGroups.ListNetworkEndpoints(gce.ProjectID(), zone, name, &computealpha.NetworkEndpointGroupsListEndpointsRequest{
+	req := &computealpha.NetworkEndpointGroupsListEndpointsRequest{
 		HealthStatus: healthStatus,
-	}).Pages(context.Background(), func(res *computealpha.NetworkEndpointGroupsListNetworkEndpoints) error {
-		networkEndpoints = append(networkEndpoints, res.Items...)
-		return nil
-	})
-	return networkEndpoints, mc.Observe(err)
+	}
+	l, err := gce.c.AlphaNetworkEndpointGroups().ListNetworkEndpoints(context.Background(), meta.ZonalKey(name, zone), req, filter.None)
+	return l, mc.Observe(err)
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_routes.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_routes.go
index 87184aef1142..4a7cea5b382b 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_routes.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_routes.go
@@ -17,95 +17,75 @@ limitations under the License.
 package gce
 
 import (
+	"context"
 	"fmt"
 	"net/http"
 	"path"
 
-	"k8s.io/apimachinery/pkg/types"
-	"k8s.io/kubernetes/pkg/cloudprovider"
-
 	"github.com/golang/glog"
 	compute "google.golang.org/api/compute/v1"
+	"k8s.io/apimachinery/pkg/types"
+
+	"k8s.io/kubernetes/pkg/cloudprovider"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
 )
 
 func newRoutesMetricContext(request string) *metricContext {
 	return newGenericMetricContext("routes", request, unusedMetricLabel, unusedMetricLabel, computeV1Version)
 }
 
-func (gce *GCECloud) ListRoutes(clusterName string) ([]*cloudprovider.Route, error) {
-	var routes []*cloudprovider.Route
-	pageToken := ""
-	page := 0
-	for ; page == 0 || (pageToken != "" && page < maxPages); page++ {
-		mc := newRoutesMetricContext("list_page")
-		listCall := gce.service.Routes.List(gce.NetworkProjectID())
-
-		prefix := truncateClusterName(clusterName)
-		// Filter for routes starting with clustername AND belonging to the
-		// relevant gcp network AND having description = "k8s-node-route".
-		filter := "(name eq " + prefix + "-.*) "
-		filter = filter + "(network eq " + gce.NetworkURL() + ") "
-		filter = filter + "(description eq " + k8sNodeRouteTag + ")"
-		listCall = listCall.Filter(filter)
-		if pageToken != "" {
-			listCall = listCall.PageToken(pageToken)
-		}
-		res, err := listCall.Do()
-		mc.Observe(err)
-		if err != nil {
-			glog.Errorf("Error getting routes from GCE: %v", err)
-			return nil, err
-		}
-		pageToken = res.NextPageToken
-		for _, r := range res.Items {
-			target := path.Base(r.NextHopInstance)
-			// TODO: Should we lastComponent(target) this?
-			targetNodeName := types.NodeName(target) // NodeName == Instance Name on GCE
-			routes = append(routes, &cloudprovider.Route{Name: r.Name, TargetNode: targetNodeName, DestinationCIDR: r.DestRange})
-		}
+// ListRoutes in the cloud environment.
+func (gce *GCECloud) ListRoutes(ctx context.Context, clusterName string) ([]*cloudprovider.Route, error) {
+	mc := newRoutesMetricContext("list")
+	prefix := truncateClusterName(clusterName)
+	f := filter.Regexp("name", prefix+"-.*").AndRegexp("network", gce.NetworkURL()).AndRegexp("description", k8sNodeRouteTag)
+	routes, err := gce.c.Routes().List(context.Background(), f)
+	if err != nil {
+		return nil, mc.Observe(err)
 	}
-	if page >= maxPages {
-		glog.Errorf("ListRoutes exceeded maxPages=%d for Routes.List; truncating.", maxPages)
+	var croutes []*cloudprovider.Route
+	for _, r := range routes {
+		target := path.Base(r.NextHopInstance)
+		// TODO: Should we lastComponent(target) this?
+		targetNodeName := types.NodeName(target) // NodeName == Instance Name on GCE
+		croutes = append(croutes, &cloudprovider.Route{
+			Name:            r.Name,
+			TargetNode:      targetNodeName,
+			DestinationCIDR: r.DestRange,
+		})
 	}
-	return routes, nil
+	return croutes, mc.Observe(nil)
 }
 
-func (gce *GCECloud) CreateRoute(clusterName string, nameHint string, route *cloudprovider.Route) error {
-	routeName := truncateClusterName(clusterName) + "-" + nameHint
+// CreateRoute in the cloud environment.
+func (gce *GCECloud) CreateRoute(ctx context.Context, clusterName string, nameHint string, route *cloudprovider.Route) error {
+	mc := newRoutesMetricContext("create")
 
-	instanceName := mapNodeNameToInstanceName(route.TargetNode)
-	targetInstance, err := gce.getInstanceByName(instanceName)
+	targetInstance, err := gce.getInstanceByName(mapNodeNameToInstanceName(route.TargetNode))
 	if err != nil {
-		return err
+		return mc.Observe(err)
 	}
-
-	mc := newRoutesMetricContext("create")
-	insertOp, err := gce.service.Routes.Insert(gce.NetworkProjectID(), &compute.Route{
-		Name:            routeName,
+	cr := &compute.Route{
+		Name:            truncateClusterName(clusterName) + "-" + nameHint,
 		DestRange:       route.DestinationCIDR,
 		NextHopInstance: fmt.Sprintf("zones/%s/instances/%s", targetInstance.Zone, targetInstance.Name),
 		Network:         gce.NetworkURL(),
 		Priority:        1000,
 		Description:     k8sNodeRouteTag,
-	}).Do()
-	if err != nil {
-		if isHTTPErrorCode(err, http.StatusConflict) {
-			glog.Infof("Route %v already exists.", routeName)
-			return nil
-		} else {
-			return mc.Observe(err)
-		}
 	}
-	return gce.waitForGlobalOpInProject(insertOp, gce.NetworkProjectID(), mc)
+	err = gce.c.Routes().Insert(context.Background(), meta.GlobalKey(cr.Name), cr)
+	if isHTTPErrorCode(err, http.StatusConflict) {
+		glog.Infof("Route %q already exists.", cr.Name)
+		err = nil
+	}
+	return mc.Observe(err)
 }
 
-func (gce *GCECloud) DeleteRoute(clusterName string, route *cloudprovider.Route) error {
+// DeleteRoute from the cloud environment.
+func (gce *GCECloud) DeleteRoute(ctx context.Context, clusterName string, route *cloudprovider.Route) error {
 	mc := newRoutesMetricContext("delete")
-	deleteOp, err := gce.service.Routes.Delete(gce.NetworkProjectID(), route.Name).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForGlobalOpInProject(deleteOp, gce.NetworkProjectID(), mc)
+	return mc.Observe(gce.c.Routes().Delete(context.Background(), meta.GlobalKey(route.Name)))
 }
 
 func truncateClusterName(clusterName string) string {
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_targetpool.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_targetpool.go
index 0efe15adfc0f..8fd3b3704e51 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_targetpool.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_targetpool.go
@@ -16,7 +16,13 @@ limitations under the License.
 
 package gce
 
-import compute "google.golang.org/api/compute/v1"
+import (
+	"context"
+
+	compute "google.golang.org/api/compute/v1"
+
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
+)
 
 func newTargetPoolMetricContext(request, region string) *metricContext {
 	return newGenericMetricContext("targetpool", request, region, unusedMetricLabel, computeV1Version)
@@ -25,49 +31,36 @@ func newTargetPoolMetricContext(request, region string) *metricContext {
 // GetTargetPool returns the TargetPool by name.
 func (gce *GCECloud) GetTargetPool(name, region string) (*compute.TargetPool, error) {
 	mc := newTargetPoolMetricContext("get", region)
-	v, err := gce.service.TargetPools.Get(gce.projectID, region, name).Do()
+	v, err := gce.c.TargetPools().Get(context.Background(), meta.RegionalKey(name, region))
 	return v, mc.Observe(err)
 }
 
 // CreateTargetPool creates the passed TargetPool
 func (gce *GCECloud) CreateTargetPool(tp *compute.TargetPool, region string) error {
 	mc := newTargetPoolMetricContext("create", region)
-	op, err := gce.service.TargetPools.Insert(gce.projectID, region, tp).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-
-	return gce.waitForRegionOp(op, region, mc)
+	return mc.Observe(gce.c.TargetPools().Insert(context.Background(), meta.RegionalKey(tp.Name, region), tp))
 }
 
 // DeleteTargetPool deletes TargetPool by name.
 func (gce *GCECloud) DeleteTargetPool(name, region string) error {
 	mc := newTargetPoolMetricContext("delete", region)
-	op, err := gce.service.TargetPools.Delete(gce.projectID, region, name).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForRegionOp(op, region, mc)
+	return mc.Observe(gce.c.TargetPools().Delete(context.Background(), meta.RegionalKey(name, region)))
 }
 
 // AddInstancesToTargetPool adds instances by link to the TargetPool
 func (gce *GCECloud) AddInstancesToTargetPool(name, region string, instanceRefs []*compute.InstanceReference) error {
-	add := &compute.TargetPoolsAddInstanceRequest{Instances: instanceRefs}
-	mc := newTargetPoolMetricContext("add_instances", region)
-	op, err := gce.service.TargetPools.AddInstance(gce.projectID, region, name, add).Do()
-	if err != nil {
-		return mc.Observe(err)
+	req := &compute.TargetPoolsAddInstanceRequest{
+		Instances: instanceRefs,
 	}
-	return gce.waitForRegionOp(op, region, mc)
+	mc := newTargetPoolMetricContext("add_instances", region)
+	return mc.Observe(gce.c.TargetPools().AddInstance(context.Background(), meta.RegionalKey(name, region), req))
 }
 
-// RemoveInstancesToTargetPool removes instances by link to the TargetPool
+// RemoveInstancesFromTargetPool removes instances by link to the TargetPool
 func (gce *GCECloud) RemoveInstancesFromTargetPool(name, region string, instanceRefs []*compute.InstanceReference) error {
-	remove := &compute.TargetPoolsRemoveInstanceRequest{Instances: instanceRefs}
-	mc := newTargetPoolMetricContext("remove_instances", region)
-	op, err := gce.service.TargetPools.RemoveInstance(gce.projectID, region, name, remove).Do()
-	if err != nil {
-		return mc.Observe(err)
+	req := &compute.TargetPoolsRemoveInstanceRequest{
+		Instances: instanceRefs,
 	}
-	return gce.waitForRegionOp(op, region, mc)
+	mc := newTargetPoolMetricContext("remove_instances", region)
+	return mc.Observe(gce.c.TargetPools().RemoveInstance(context.Background(), meta.RegionalKey(name, region), req))
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_targetproxy.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_targetproxy.go
index b92206cfc4e0..47a9626fee85 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_targetproxy.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_targetproxy.go
@@ -17,9 +17,12 @@ limitations under the License.
 package gce
 
 import (
-	"net/http"
+	"context"
 
 	compute "google.golang.org/api/compute/v1"
+
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
 )
 
 func newTargetProxyMetricContext(request string) *metricContext {
@@ -29,49 +32,33 @@ func newTargetProxyMetricContext(request string) *metricContext {
 // GetTargetHttpProxy returns the UrlMap by name.
 func (gce *GCECloud) GetTargetHttpProxy(name string) (*compute.TargetHttpProxy, error) {
 	mc := newTargetProxyMetricContext("get")
-	v, err := gce.service.TargetHttpProxies.Get(gce.projectID, name).Do()
+	v, err := gce.c.TargetHttpProxies().Get(context.Background(), meta.GlobalKey(name))
 	return v, mc.Observe(err)
 }
 
 // CreateTargetHttpProxy creates a TargetHttpProxy
 func (gce *GCECloud) CreateTargetHttpProxy(proxy *compute.TargetHttpProxy) error {
 	mc := newTargetProxyMetricContext("create")
-	op, err := gce.service.TargetHttpProxies.Insert(gce.projectID, proxy).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.TargetHttpProxies().Insert(context.Background(), meta.GlobalKey(proxy.Name), proxy))
 }
 
 // SetUrlMapForTargetHttpProxy sets the given UrlMap for the given TargetHttpProxy.
 func (gce *GCECloud) SetUrlMapForTargetHttpProxy(proxy *compute.TargetHttpProxy, urlMap *compute.UrlMap) error {
+	ref := &compute.UrlMapReference{UrlMap: urlMap.SelfLink}
 	mc := newTargetProxyMetricContext("set_url_map")
-	op, err := gce.service.TargetHttpProxies.SetUrlMap(
-		gce.projectID, proxy.Name, &compute.UrlMapReference{UrlMap: urlMap.SelfLink}).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.TargetHttpProxies().SetUrlMap(context.Background(), meta.GlobalKey(proxy.Name), ref))
 }
 
 // DeleteTargetHttpProxy deletes the TargetHttpProxy by name.
 func (gce *GCECloud) DeleteTargetHttpProxy(name string) error {
 	mc := newTargetProxyMetricContext("delete")
-	op, err := gce.service.TargetHttpProxies.Delete(gce.projectID, name).Do()
-	if err != nil {
-		if isHTTPErrorCode(err, http.StatusNotFound) {
-			return nil
-		}
-		return mc.Observe(err)
-	}
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.TargetHttpProxies().Delete(context.Background(), meta.GlobalKey(name)))
 }
 
 // ListTargetHttpProxies lists all TargetHttpProxies in the project.
-func (gce *GCECloud) ListTargetHttpProxies() (*compute.TargetHttpProxyList, error) {
+func (gce *GCECloud) ListTargetHttpProxies() ([]*compute.TargetHttpProxy, error) {
 	mc := newTargetProxyMetricContext("list")
-	// TODO: use PageToken to list all not just the first 500
-	v, err := gce.service.TargetHttpProxies.List(gce.projectID).Do()
+	v, err := gce.c.TargetHttpProxies().List(context.Background(), filter.None)
 	return v, mc.Observe(err)
 }
 
@@ -80,59 +67,41 @@ func (gce *GCECloud) ListTargetHttpProxies() (*compute.TargetHttpProxyList, erro
 // GetTargetHttpsProxy returns the UrlMap by name.
 func (gce *GCECloud) GetTargetHttpsProxy(name string) (*compute.TargetHttpsProxy, error) {
 	mc := newTargetProxyMetricContext("get")
-	v, err := gce.service.TargetHttpsProxies.Get(gce.projectID, name).Do()
+	v, err := gce.c.TargetHttpsProxies().Get(context.Background(), meta.GlobalKey(name))
 	return v, mc.Observe(err)
 }
 
 // CreateTargetHttpsProxy creates a TargetHttpsProxy
 func (gce *GCECloud) CreateTargetHttpsProxy(proxy *compute.TargetHttpsProxy) error {
 	mc := newTargetProxyMetricContext("create")
-	op, err := gce.service.TargetHttpsProxies.Insert(gce.projectID, proxy).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.TargetHttpsProxies().Insert(context.Background(), meta.GlobalKey(proxy.Name), proxy))
 }
 
 // SetUrlMapForTargetHttpsProxy sets the given UrlMap for the given TargetHttpsProxy.
 func (gce *GCECloud) SetUrlMapForTargetHttpsProxy(proxy *compute.TargetHttpsProxy, urlMap *compute.UrlMap) error {
 	mc := newTargetProxyMetricContext("set_url_map")
-	op, err := gce.service.TargetHttpsProxies.SetUrlMap(
-		gce.projectID, proxy.Name, &compute.UrlMapReference{UrlMap: urlMap.SelfLink}).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForGlobalOp(op, mc)
+	ref := &compute.UrlMapReference{UrlMap: urlMap.SelfLink}
+	return mc.Observe(gce.c.TargetHttpsProxies().SetUrlMap(context.Background(), meta.GlobalKey(proxy.Name), ref))
 }
 
 // SetSslCertificateForTargetHttpsProxy sets the given SslCertificate for the given TargetHttpsProxy.
 func (gce *GCECloud) SetSslCertificateForTargetHttpsProxy(proxy *compute.TargetHttpsProxy, sslCert *compute.SslCertificate) error {
 	mc := newTargetProxyMetricContext("set_ssl_cert")
-	op, err := gce.service.TargetHttpsProxies.SetSslCertificates(
-		gce.projectID, proxy.Name, &compute.TargetHttpsProxiesSetSslCertificatesRequest{SslCertificates: []string{sslCert.SelfLink}}).Do()
-	if err != nil {
-		return mc.Observe(err)
+	req := &compute.TargetHttpsProxiesSetSslCertificatesRequest{
+		SslCertificates: []string{sslCert.SelfLink},
 	}
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.TargetHttpsProxies().SetSslCertificates(context.Background(), meta.GlobalKey(proxy.Name), req))
 }
 
 // DeleteTargetHttpsProxy deletes the TargetHttpsProxy by name.
 func (gce *GCECloud) DeleteTargetHttpsProxy(name string) error {
 	mc := newTargetProxyMetricContext("delete")
-	op, err := gce.service.TargetHttpsProxies.Delete(gce.projectID, name).Do()
-	if err != nil {
-		if isHTTPErrorCode(err, http.StatusNotFound) {
-			return nil
-		}
-		return mc.Observe(err)
-	}
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.TargetHttpsProxies().Delete(context.Background(), meta.GlobalKey(name)))
 }
 
 // ListTargetHttpsProxies lists all TargetHttpsProxies in the project.
-func (gce *GCECloud) ListTargetHttpsProxies() (*compute.TargetHttpsProxyList, error) {
+func (gce *GCECloud) ListTargetHttpsProxies() ([]*compute.TargetHttpsProxy, error) {
 	mc := newTargetProxyMetricContext("list")
-	// TODO: use PageToken to list all not just the first 500
-	v, err := gce.service.TargetHttpsProxies.List(gce.projectID).Do()
+	v, err := gce.c.TargetHttpsProxies().List(context.Background(), filter.None)
 	return v, mc.Observe(err)
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_tpu.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_tpu.go
new file mode 100644
index 000000000000..fe71e57abdc3
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_tpu.go
@@ -0,0 +1,189 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package gce
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/golang/glog"
+	"google.golang.org/api/googleapi"
+	tpuapi "google.golang.org/api/tpu/v1alpha1"
+
+	"k8s.io/apimachinery/pkg/util/wait"
+)
+
+// newTPUService returns a new tpuService using the client to communicate with
+// the Cloud TPU APIs.
+func newTPUService(client *http.Client) (*tpuService, error) {
+	s, err := tpuapi.New(client)
+	if err != nil {
+		return nil, err
+	}
+	return &tpuService{
+		nodesService:      tpuapi.NewProjectsLocationsNodesService(s),
+		operationsService: tpuapi.NewProjectsLocationsOperationsService(s),
+	}, nil
+}
+
+// tpuService encapsulates the TPU services on nodes and the operations on the
+// nodes.
+type tpuService struct {
+	nodesService      *tpuapi.ProjectsLocationsNodesService
+	operationsService *tpuapi.ProjectsLocationsOperationsService
+}
+
+// CreateTPU creates the Cloud TPU node with the specified name in the
+// specified zone.
+func (gce *GCECloud) CreateTPU(ctx context.Context, name, zone string, node *tpuapi.Node) (*tpuapi.Node, error) {
+	var err error
+	mc := newTPUMetricContext("create", zone)
+	defer mc.Observe(err)
+
+	var op *tpuapi.Operation
+	parent := getTPUParentName(gce.projectID, zone)
+	op, err = gce.tpuService.nodesService.Create(parent, node).NodeId(name).Do()
+	if err != nil {
+		return nil, err
+	}
+	glog.V(2).Infof("Creating Cloud TPU %q in zone %q with operation %q", name, zone, op.Name)
+
+	op, err = gce.waitForTPUOp(30*time.Second, 10*time.Minute, op)
+	if err != nil {
+		return nil, err
+	}
+	err = getErrorFromTPUOp(op)
+	if err != nil {
+		return nil, err
+	}
+
+	output := new(tpuapi.Node)
+	err = json.Unmarshal(op.Response, output)
+	if err != nil {
+		err = fmt.Errorf("failed to unmarshal response from operation %q: response = %v, err = %v", op.Name, op.Response, err)
+		return nil, err
+	}
+	return output, nil
+}
+
+// DeleteTPU deletes the Cloud TPU with the specified name in the specified
+// zone.
+func (gce *GCECloud) DeleteTPU(ctx context.Context, name, zone string) error {
+	var err error
+	mc := newTPUMetricContext("delete", zone)
+	defer mc.Observe(err)
+
+	var op *tpuapi.Operation
+	name = getTPUName(gce.projectID, zone, name)
+	op, err = gce.tpuService.nodesService.Delete(name).Do()
+	if err != nil {
+		return err
+	}
+	glog.V(2).Infof("Deleting Cloud TPU %q in zone %q with operation %q", name, zone, op.Name)
+
+	op, err = gce.waitForTPUOp(30*time.Second, 10*time.Minute, op)
+	if err != nil {
+		return err
+	}
+	err = getErrorFromTPUOp(op)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+// GetTPU returns the Cloud TPU with the specified name in the specified zone.
+func (gce *GCECloud) GetTPU(ctx context.Context, name, zone string) (*tpuapi.Node, error) {
+	mc := newTPUMetricContext("get", zone)
+
+	name = getTPUName(gce.projectID, zone, name)
+	node, err := gce.tpuService.nodesService.Get(name).Do()
+	if err != nil {
+		return nil, mc.Observe(err)
+	}
+	return node, mc.Observe(nil)
+}
+
+// ListTPUs returns Cloud TPUs in the specified zone.
+func (gce *GCECloud) ListTPUs(ctx context.Context, zone string) ([]*tpuapi.Node, error) {
+	mc := newTPUMetricContext("list", zone)
+
+	parent := getTPUParentName(gce.projectID, zone)
+	response, err := gce.tpuService.nodesService.List(parent).Do()
+	if err != nil {
+		return nil, mc.Observe(err)
+	}
+	return response.Nodes, mc.Observe(nil)
+}
+
+// waitForTPUOp checks whether the op is done every interval before the timeout
+// occurs.
+func (gce *GCECloud) waitForTPUOp(interval, timeout time.Duration, op *tpuapi.Operation) (*tpuapi.Operation, error) {
+	if err := wait.PollImmediate(interval, timeout, func() (bool, error) {
+		glog.V(3).Infof("Waiting for operation %q to complete...", op.Name)
+
+		start := time.Now()
+		gce.operationPollRateLimiter.Accept()
+		duration := time.Now().Sub(start)
+		if duration > 5*time.Second {
+			glog.V(2).Infof("Getting operation %q throttled for %v", op.Name, duration)
+		}
+
+		var err error
+		op, err = gce.tpuService.operationsService.Get(op.Name).Do()
+		if err != nil {
+			return true, err
+		}
+		if op.Done {
+			glog.V(3).Infof("Operation %q has completed", op.Name)
+			return true, nil
+		}
+		return false, nil
+	}); err != nil {
+		return nil, fmt.Errorf("failed to wait for operation %q: %s", op.Name, err)
+	}
+	return op, nil
+}
+
+// newTPUMetricContext returns a new metricContext used for recording metrics
+// of Cloud TPU API calls.
+func newTPUMetricContext(request, zone string) *metricContext {
+	return newGenericMetricContext("tpus", request, unusedMetricLabel, zone, "alpha")
+}
+
+// getErrorFromTPUOp returns the error in the failed op, or nil if the op
+// succeed.
+func getErrorFromTPUOp(op *tpuapi.Operation) error {
+	if op != nil && op.Error != nil {
+		return &googleapi.Error{
+			Code:    op.ServerResponse.HTTPStatusCode,
+			Message: op.Error.Message,
+		}
+	}
+	return nil
+}
+
+func getTPUParentName(project, zone string) string {
+	return fmt.Sprintf("projects/%s/locations/%s", project, zone)
+}
+
+func getTPUName(project, zone, name string) string {
+	return fmt.Sprintf("projects/%s/locations/%s/nodes/%s", project, zone, name)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_urlmap.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_urlmap.go
index 60184ac43549..54ceccbf54d2 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_urlmap.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_urlmap.go
@@ -17,9 +17,12 @@ limitations under the License.
 package gce
 
 import (
-	"net/http"
+	"context"
 
 	compute "google.golang.org/api/compute/v1"
+
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
 )
 
 func newUrlMapMetricContext(request string) *metricContext {
@@ -29,47 +32,31 @@ func newUrlMapMetricContext(request string) *metricContext {
 // GetUrlMap returns the UrlMap by name.
 func (gce *GCECloud) GetUrlMap(name string) (*compute.UrlMap, error) {
 	mc := newUrlMapMetricContext("get")
-	v, err := gce.service.UrlMaps.Get(gce.projectID, name).Do()
+	v, err := gce.c.UrlMaps().Get(context.Background(), meta.GlobalKey(name))
 	return v, mc.Observe(err)
 }
 
 // CreateUrlMap creates a url map
 func (gce *GCECloud) CreateUrlMap(urlMap *compute.UrlMap) error {
 	mc := newUrlMapMetricContext("create")
-	op, err := gce.service.UrlMaps.Insert(gce.projectID, urlMap).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.UrlMaps().Insert(context.Background(), meta.GlobalKey(urlMap.Name), urlMap))
 }
 
 // UpdateUrlMap applies the given UrlMap as an update
 func (gce *GCECloud) UpdateUrlMap(urlMap *compute.UrlMap) error {
 	mc := newUrlMapMetricContext("update")
-	op, err := gce.service.UrlMaps.Update(gce.projectID, urlMap.Name, urlMap).Do()
-	if err != nil {
-		return mc.Observe(err)
-	}
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.UrlMaps().Update(context.Background(), meta.GlobalKey(urlMap.Name), urlMap))
 }
 
 // DeleteUrlMap deletes a url map by name.
 func (gce *GCECloud) DeleteUrlMap(name string) error {
 	mc := newUrlMapMetricContext("delete")
-	op, err := gce.service.UrlMaps.Delete(gce.projectID, name).Do()
-	if err != nil {
-		if isHTTPErrorCode(err, http.StatusNotFound) {
-			return nil
-		}
-		return mc.Observe(err)
-	}
-	return gce.waitForGlobalOp(op, mc)
+	return mc.Observe(gce.c.UrlMaps().Delete(context.Background(), meta.GlobalKey(name)))
 }
 
 // ListUrlMaps lists all UrlMaps in the project.
-func (gce *GCECloud) ListUrlMaps() (*compute.UrlMapList, error) {
+func (gce *GCECloud) ListUrlMaps() ([]*compute.UrlMap, error) {
 	mc := newUrlMapMetricContext("list")
-	// TODO: use PageToken to list all not just the first 500
-	v, err := gce.service.UrlMaps.List(gce.projectID).Do()
+	v, err := gce.c.UrlMaps().List(context.Background(), filter.None)
 	return v, mc.Observe(err)
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_util.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_util.go
index fb70d1dd0533..363b5173abee 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_util.go
@@ -22,11 +22,13 @@ import (
 	"net"
 	"net/http"
 	"regexp"
+	"sort"
 	"strings"
 
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud"
 
 	"cloud.google.com/go/compute/metadata"
 	compute "google.golang.org/api/compute/v1"
@@ -98,8 +100,13 @@ func firewallToGcloudArgs(fw *compute.Firewall, projectID string) string {
 			allPorts = append(allPorts, fmt.Sprintf("%v:%v", a.IPProtocol, p))
 		}
 	}
+
+	// Sort all slices to prevent the event from being duped
+	sort.Strings(allPorts)
 	allow := strings.Join(allPorts, ",")
+	sort.Strings(fw.SourceRanges)
 	srcRngs := strings.Join(fw.SourceRanges, ",")
+	sort.Strings(fw.TargetTags)
 	targets := strings.Join(fw.TargetTags, ",")
 	return fmt.Sprintf("--description %q --allow %v --source-ranges %v --target-tags %v --project %v", fw.Description, allow, srcRngs, targets, projectID)
 }
@@ -214,7 +221,7 @@ func handleAlphaNetworkTierGetError(err error) (string, error) {
 		// Network tier is still an Alpha feature in GCP, and not every project
 		// is whitelisted to access the API. If we cannot access the API, just
 		// assume the tier is premium.
-		return NetworkTierDefault.ToGCEValue(), nil
+		return cloud.NetworkTierDefault.ToGCEValue(), nil
 	}
 	// Can't get the network tier, just return an error.
 	return "", err
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_zones.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_zones.go
index 26ccc37740c4..6c745e34c2c9 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_zones.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/gce_zones.go
@@ -17,13 +17,14 @@ limitations under the License.
 package gce
 
 import (
-	"fmt"
+	"context"
 	"strings"
 
 	compute "google.golang.org/api/compute/v1"
 
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/kubernetes/pkg/cloudprovider"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/filter"
 )
 
 func newZonesMetricContext(request, region string) *metricContext {
@@ -31,7 +32,7 @@ func newZonesMetricContext(request, region string) *metricContext {
 }
 
 // GetZone creates a cloudprovider.Zone of the current zone and region
-func (gce *GCECloud) GetZone() (cloudprovider.Zone, error) {
+func (gce *GCECloud) GetZone(ctx context.Context) (cloudprovider.Zone, error) {
 	return cloudprovider.Zone{
 		FailureDomain: gce.localZone,
 		Region:        gce.region,
@@ -41,7 +42,7 @@ func (gce *GCECloud) GetZone() (cloudprovider.Zone, error) {
 // GetZoneByProviderID implements Zones.GetZoneByProviderID
 // This is particularly useful in external cloud providers where the kubelet
 // does not initialize node data.
-func (gce *GCECloud) GetZoneByProviderID(providerID string) (cloudprovider.Zone, error) {
+func (gce *GCECloud) GetZoneByProviderID(ctx context.Context, providerID string) (cloudprovider.Zone, error) {
 	_, zone, _, err := splitProviderID(providerID)
 	if err != nil {
 		return cloudprovider.Zone{}, err
@@ -56,7 +57,7 @@ func (gce *GCECloud) GetZoneByProviderID(providerID string) (cloudprovider.Zone,
 // GetZoneByNodeName implements Zones.GetZoneByNodeName
 // This is particularly useful in external cloud providers where the kubelet
 // does not initialize node data.
-func (gce *GCECloud) GetZoneByNodeName(nodeName types.NodeName) (cloudprovider.Zone, error) {
+func (gce *GCECloud) GetZoneByNodeName(ctx context.Context, nodeName types.NodeName) (cloudprovider.Zone, error) {
 	instanceName := mapNodeNameToInstanceName(nodeName)
 	instance, err := gce.getInstanceByName(instanceName)
 	if err != nil {
@@ -72,12 +73,11 @@ func (gce *GCECloud) GetZoneByNodeName(nodeName types.NodeName) (cloudprovider.Z
 // ListZonesInRegion returns all zones in a GCP region
 func (gce *GCECloud) ListZonesInRegion(region string) ([]*compute.Zone, error) {
 	mc := newZonesMetricContext("list", region)
-	filter := fmt.Sprintf("region eq %v", gce.getRegionLink(region))
-	list, err := gce.service.Zones.List(gce.projectID).Filter(filter).Do()
+	list, err := gce.c.Zones().List(context.Background(), filter.Regexp("region", gce.getRegionLink(region)))
 	if err != nil {
 		return nil, mc.Observe(err)
 	}
-	return list.Items, mc.Observe(err)
+	return list, mc.Observe(err)
 }
 
 func (gce *GCECloud) getRegionLink(region string) string {
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/support.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/support.go
new file mode 100644
index 000000000000..42903af4579d
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/gce/support.go
@@ -0,0 +1,66 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package gce
+
+import (
+	"context"
+
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
+)
+
+// gceProjectRouter sends requests to the appropriate project ID.
+type gceProjectRouter struct {
+	gce *GCECloud
+}
+
+// ProjectID returns the project ID to be used for the given operation.
+func (r *gceProjectRouter) ProjectID(ctx context.Context, version meta.Version, service string) string {
+	switch service {
+	case "Firewalls", "Routes":
+		return r.gce.NetworkProjectID()
+	default:
+		return r.gce.projectID
+	}
+}
+
+// gceRateLimiter implements cloud.RateLimiter.
+type gceRateLimiter struct {
+	gce *GCECloud
+}
+
+// Accept blocks until the operation can be performed.
+//
+// TODO: the current cloud provider policy doesn't seem to be correct as it
+// only rate limits the polling operations, but not the /submission/ of
+// operations.
+func (l *gceRateLimiter) Accept(ctx context.Context, key *cloud.RateLimitKey) error {
+	if key.Operation == "Get" && key.Service == "Operations" {
+		ch := make(chan struct{})
+		go func() {
+			l.gce.operationPollRateLimiter.Accept()
+			close(ch)
+		}()
+		select {
+		case <-ch:
+			break
+		case <-ctx.Done():
+			return ctx.Err()
+		}
+	}
+	return nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/BUILD b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/BUILD
index 117014a5a203..bf9d4c7dfd64 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/BUILD
@@ -24,8 +24,10 @@ go_library(
         "//pkg/apis/core/v1/helper:go_default_library",
         "//pkg/cloudprovider:go_default_library",
         "//pkg/controller:go_default_library",
+        "//pkg/kubelet/apis:go_default_library",
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
+        "//pkg/volume/util:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/gophercloud/gophercloud:go_default_library",
         "//vendor/github.com/gophercloud/gophercloud/openstack:go_default_library",
@@ -72,14 +74,14 @@ go_test(
         "openstack_routes_test.go",
         "openstack_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/cloudprovider/providers/openstack",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/cloudprovider:go_default_library",
         "//vendor/github.com/gophercloud/gophercloud:go_default_library",
         "//vendor/github.com/gophercloud/gophercloud/openstack/compute/v2/servers:go_default_library",
         "//vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/layer3/routers:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/rand:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/OWNERS b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/OWNERS
index 8f4d575d6dff..4bc4fbc4cbb0 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/OWNERS
@@ -2,9 +2,9 @@ approvers:
 - anguslees
 - NickrenREN
 - dims
-- FengyunPan
+- FengyunPan2
 reviewers:
 - anguslees
 - NickrenREN
 - dims
-- FengyunPan
+- FengyunPan2
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/metadata.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/metadata.go
index d3cf22d9238d..a69b3d817635 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/metadata.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/metadata.go
@@ -33,19 +33,19 @@ import (
 )
 
 const (
-	// metadataUrlTemplate allows building an OpenStack Metadata service URL.
+	// metadataURLTemplate allows building an OpenStack Metadata service URL.
 	// It's a hardcoded IPv4 link-local address as documented in "OpenStack Cloud
 	// Administrator Guide", chapter Compute - Networking with nova-network.
-	// https://docs.openstack.org/admin-guide/compute-networking-nova.html#metadata-service
+	//https://docs.openstack.org/nova/latest/admin/networking-nova.html#metadata-service
 	defaultMetadataVersion = "2012-08-10"
-	metadataUrlTemplate    = "http://169.254.169.254/openstack/%s/meta_data.json"
+	metadataURLTemplate    = "http://169.254.169.254/openstack/%s/meta_data.json"
 
 	// metadataID is used as an identifier on the metadata search order configuration.
 	metadataID = "metadataService"
 
 	// Config drive is defined as an iso9660 or vfat (deprecated) drive
 	// with the "config-2" label.
-	// http://docs.openstack.org/user-guide/cli-config-drive.html
+	//https://docs.openstack.org/nova/latest/user/config-drive.html
 	configDriveLabel        = "config-2"
 	configDrivePathTemplate = "openstack/%s/meta_data.json"
 
@@ -53,10 +53,10 @@ const (
 	configDriveID = "configDrive"
 )
 
+// ErrBadMetadata is used to indicate a problem parsing data from metadata server
 var ErrBadMetadata = errors.New("invalid OpenStack metadata, got empty uuid")
 
-// There are multiple device types. To keep it simple, we're using a single structure
-// for all device metadata types.
+// DeviceMetadata is a single/simplified data structure for all kinds of device metadata types.
 type DeviceMetadata struct {
 	Type    string `json:"type"`
 	Bus     string `json:"bus,omitempty"`
@@ -65,11 +65,12 @@ type DeviceMetadata struct {
 	// .. and other fields.
 }
 
-// Assumes the "2012-08-10" meta_data.json format.
+// Metadata has the information fetched from OpenStack metadata service or
+// config drives. Assumes the "2012-08-10" meta_data.json format.
 // See http://docs.openstack.org/user-guide/cli_config_drive.html
 type Metadata struct {
-	Uuid             string           `json:"uuid"`
-	Name             string           `json:"name"`
+	UUID             string           `json:"uuid"`
+	Hostname         string           `json:"hostname"`
 	AvailabilityZone string           `json:"availability_zone"`
 	Devices          []DeviceMetadata `json:"devices,omitempty"`
 	// .. and other fields we don't care about.  Expand as necessary.
@@ -84,15 +85,15 @@ func parseMetadata(r io.Reader) (*Metadata, error) {
 		return nil, err
 	}
 
-	if metadata.Uuid == "" {
+	if metadata.UUID == "" {
 		return nil, ErrBadMetadata
 	}
 
 	return &metadata, nil
 }
 
-func getMetadataUrl(metadataVersion string) string {
-	return fmt.Sprintf(metadataUrlTemplate, metadataVersion)
+func getMetadataURL(metadataVersion string) string {
+	return fmt.Sprintf(metadataURLTemplate, metadataVersion)
 }
 
 func getConfigDrivePath(metadataVersion string) string {
@@ -147,16 +148,16 @@ func getMetadataFromConfigDrive(metadataVersion string) (*Metadata, error) {
 
 func getMetadataFromMetadataService(metadataVersion string) (*Metadata, error) {
 	// Try to get JSON from metadata server.
-	metadataUrl := getMetadataUrl(metadataVersion)
-	glog.V(4).Infof("Attempting to fetch metadata from %s", metadataUrl)
-	resp, err := http.Get(metadataUrl)
+	metadataURL := getMetadataURL(metadataVersion)
+	glog.V(4).Infof("Attempting to fetch metadata from %s", metadataURL)
+	resp, err := http.Get(metadataURL)
 	if err != nil {
-		return nil, fmt.Errorf("error fetching %s: %v", metadataUrl, err)
+		return nil, fmt.Errorf("error fetching %s: %v", metadataURL, err)
 	}
 	defer resp.Body.Close()
 
 	if resp.StatusCode != http.StatusOK {
-		err = fmt.Errorf("unexpected status code when reading metadata from %s: %s", metadataUrl, resp.Status)
+		err = fmt.Errorf("unexpected status code when reading metadata from %s: %s", metadataURL, resp.Status)
 		return nil, err
 	}
 
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack.go
index 93a6cb9a57fd..56eb351b8bb1 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack.go
@@ -17,6 +17,7 @@ limitations under the License.
 package openstack
 
 import (
+	"context"
 	"crypto/tls"
 	"errors"
 	"fmt"
@@ -24,6 +25,7 @@ import (
 	"io/ioutil"
 	"net"
 	"net/http"
+	"os"
 	"regexp"
 	"strings"
 	"time"
@@ -49,20 +51,27 @@ import (
 )
 
 const (
+	// ProviderName is the name of the openstack provider
 	ProviderName     = "openstack"
-	AvailabilityZone = "availability_zone"
+	availabilityZone = "availability_zone"
 	defaultTimeOut   = 60 * time.Second
 )
 
+// ErrNotFound is used to inform that the object is missing
 var ErrNotFound = errors.New("failed to find object")
+
+// ErrMultipleResults is used when we unexpectedly get back multiple results
 var ErrMultipleResults = errors.New("multiple results where only one expected")
+
+// ErrNoAddressFound is used when we cannot find an ip address for the host
 var ErrNoAddressFound = errors.New("no address found for host")
 
-// encoding.TextUnmarshaler interface for time.Duration
+// MyDuration is the encoding.TextUnmarshaler interface for time.Duration
 type MyDuration struct {
 	time.Duration
 }
 
+// UnmarshalText is used to convert from text to Duration
 func (d *MyDuration) UnmarshalText(text []byte) error {
 	res, err := time.ParseDuration(string(text))
 	if err != nil {
@@ -72,6 +81,7 @@ func (d *MyDuration) UnmarshalText(text []byte) error {
 	return nil
 }
 
+// LoadBalancer is used for creating and maintaining load balancers
 type LoadBalancer struct {
 	network *gophercloud.ServiceClient
 	compute *gophercloud.ServiceClient
@@ -79,11 +89,12 @@ type LoadBalancer struct {
 	opts    LoadBalancerOpts
 }
 
+// LoadBalancerOpts have the options to talk to Neutron LBaaSV2 or Octavia
 type LoadBalancerOpts struct {
 	LBVersion            string     `gcfg:"lb-version"`          // overrides autodetection. Only support v2.
 	UseOctavia           bool       `gcfg:"use-octavia"`         // uses Octavia V2 service catalog endpoint
-	SubnetId             string     `gcfg:"subnet-id"`           // overrides autodetection.
-	FloatingNetworkId    string     `gcfg:"floating-network-id"` // If specified, will create floating ip for loadbalancer, or do not create floating ip.
+	SubnetID             string     `gcfg:"subnet-id"`           // overrides autodetection.
+	FloatingNetworkID    string     `gcfg:"floating-network-id"` // If specified, will create floating ip for loadbalancer, or do not create floating ip.
 	LBMethod             string     `gcfg:"lb-method"`           // default to ROUND_ROBIN.
 	LBProvider           string     `gcfg:"lb-provider"`
 	CreateMonitor        bool       `gcfg:"create-monitor"`
@@ -94,16 +105,19 @@ type LoadBalancerOpts struct {
 	NodeSecurityGroupIDs []string   // Do not specify, get it automatically when enable manage-security-groups. TODO(FengyunPan): move it into cache
 }
 
+// BlockStorageOpts is used to talk to Cinder service
 type BlockStorageOpts struct {
 	BSVersion       string `gcfg:"bs-version"`        // overrides autodetection. v1 or v2. Defaults to auto
 	TrustDevicePath bool   `gcfg:"trust-device-path"` // See Issue #33128
 	IgnoreVolumeAZ  bool   `gcfg:"ignore-volume-az"`
 }
 
+// RouterOpts is used for Neutron routes
 type RouterOpts struct {
-	RouterId string `gcfg:"router-id"` // required
+	RouterID string `gcfg:"router-id"` // required
 }
 
+// MetadataOpts is used for configuring how to talk to metadata service or config drive
 type MetadataOpts struct {
 	SearchOrder    string     `gcfg:"search-order"`
 	RequestTimeout MyDuration `gcfg:"request-timeout"`
@@ -121,16 +135,17 @@ type OpenStack struct {
 	localInstanceID string
 }
 
+// Config is used to read and store information from the cloud configuration file
 type Config struct {
 	Global struct {
-		AuthUrl    string `gcfg:"auth-url"`
+		AuthURL    string `gcfg:"auth-url"`
 		Username   string
-		UserId     string `gcfg:"user-id"`
+		UserID     string `gcfg:"user-id"`
 		Password   string
-		TenantId   string `gcfg:"tenant-id"`
+		TenantID   string `gcfg:"tenant-id"`
 		TenantName string `gcfg:"tenant-name"`
-		TrustId    string `gcfg:"trust-id"`
-		DomainId   string `gcfg:"domain-id"`
+		TrustID    string `gcfg:"trust-id"`
+		DomainID   string `gcfg:"domain-id"`
 		DomainName string `gcfg:"domain-name"`
 		Region     string
 		CAFile     string `gcfg:"ca-file"`
@@ -142,7 +157,7 @@ type Config struct {
 }
 
 func init() {
-	RegisterMetrics()
+	registerMetrics()
 
 	cloudprovider.RegisterCloudProvider(ProviderName, func(config io.Reader) (cloudprovider.Interface, error) {
 		cfg, err := readConfig(config)
@@ -155,13 +170,13 @@ func init() {
 
 func (cfg Config) toAuthOptions() gophercloud.AuthOptions {
 	return gophercloud.AuthOptions{
-		IdentityEndpoint: cfg.Global.AuthUrl,
+		IdentityEndpoint: cfg.Global.AuthURL,
 		Username:         cfg.Global.Username,
-		UserID:           cfg.Global.UserId,
+		UserID:           cfg.Global.UserID,
 		Password:         cfg.Global.Password,
-		TenantID:         cfg.Global.TenantId,
+		TenantID:         cfg.Global.TenantID,
 		TenantName:       cfg.Global.TenantName,
-		DomainID:         cfg.Global.DomainId,
+		DomainID:         cfg.Global.DomainID,
 		DomainName:       cfg.Global.DomainName,
 
 		// Persistent service, so we need to be able to renew tokens.
@@ -171,22 +186,64 @@ func (cfg Config) toAuthOptions() gophercloud.AuthOptions {
 
 func (cfg Config) toAuth3Options() tokens3.AuthOptions {
 	return tokens3.AuthOptions{
-		IdentityEndpoint: cfg.Global.AuthUrl,
+		IdentityEndpoint: cfg.Global.AuthURL,
 		Username:         cfg.Global.Username,
-		UserID:           cfg.Global.UserId,
+		UserID:           cfg.Global.UserID,
 		Password:         cfg.Global.Password,
-		DomainID:         cfg.Global.DomainId,
+		DomainID:         cfg.Global.DomainID,
 		DomainName:       cfg.Global.DomainName,
 		AllowReauth:      true,
 	}
 }
 
+// configFromEnv allows setting up credentials etc using the
+// standard OS_* OpenStack client environment variables.
+func configFromEnv() (cfg Config, ok bool) {
+	cfg.Global.AuthURL = os.Getenv("OS_AUTH_URL")
+	cfg.Global.Username = os.Getenv("OS_USERNAME")
+	cfg.Global.Password = os.Getenv("OS_PASSWORD")
+	cfg.Global.Region = os.Getenv("OS_REGION_NAME")
+	cfg.Global.UserID = os.Getenv("OS_USER_ID")
+	cfg.Global.TrustID = os.Getenv("OS_TRUST_ID")
+
+	cfg.Global.TenantID = os.Getenv("OS_TENANT_ID")
+	if cfg.Global.TenantID == "" {
+		cfg.Global.TenantID = os.Getenv("OS_PROJECT_ID")
+	}
+	cfg.Global.TenantName = os.Getenv("OS_TENANT_NAME")
+	if cfg.Global.TenantName == "" {
+		cfg.Global.TenantName = os.Getenv("OS_PROJECT_NAME")
+	}
+
+	cfg.Global.DomainID = os.Getenv("OS_DOMAIN_ID")
+	if cfg.Global.DomainID == "" {
+		cfg.Global.DomainID = os.Getenv("OS_USER_DOMAIN_ID")
+	}
+	cfg.Global.DomainName = os.Getenv("OS_DOMAIN_NAME")
+	if cfg.Global.DomainName == "" {
+		cfg.Global.DomainName = os.Getenv("OS_USER_DOMAIN_NAME")
+	}
+
+	ok = cfg.Global.AuthURL != "" &&
+		cfg.Global.Username != "" &&
+		cfg.Global.Password != "" &&
+		(cfg.Global.TenantID != "" || cfg.Global.TenantName != "" ||
+			cfg.Global.DomainID != "" || cfg.Global.DomainName != "" ||
+			cfg.Global.Region != "" || cfg.Global.UserID != "" ||
+			cfg.Global.TrustID != "")
+
+	cfg.Metadata.SearchOrder = fmt.Sprintf("%s,%s", configDriveID, metadataID)
+	cfg.BlockStorage.BSVersion = "auto"
+
+	return
+}
+
 func readConfig(config io.Reader) (Config, error) {
 	if config == nil {
 		return Config{}, fmt.Errorf("no OpenStack cloud provider config file given")
 	}
 
-	var cfg Config
+	cfg, _ := configFromEnv()
 
 	// Set default values for config params
 	cfg.BlockStorage.BSVersion = "auto"
@@ -198,13 +255,13 @@ func readConfig(config io.Reader) (Config, error) {
 	return cfg, err
 }
 
-// Tiny helper for conditional unwind logic
-type Caller bool
+// caller is a tiny helper for conditional unwind logic
+type caller bool
 
-func NewCaller() Caller   { return Caller(true) }
-func (c *Caller) Disarm() { *c = false }
+func newCaller() caller   { return caller(true) }
+func (c *caller) disarm() { *c = false }
 
-func (c *Caller) Call(f func()) {
+func (c *caller) call(f func()) {
 	if *c {
 		f()
 	}
@@ -229,7 +286,7 @@ func readInstanceID(searchOrder string) (string, error) {
 		return "", err
 	}
 
-	return md.Uuid, nil
+	return md.UUID, nil
 }
 
 // check opts for OpenStack
@@ -250,16 +307,11 @@ func checkOpenStackOpts(openstackOpts *OpenStack) error {
 			return fmt.Errorf("monitor-max-retries not set in cloud provider config")
 		}
 	}
-
-	if err := checkMetadataSearchOrder(openstackOpts.metadataOpts.SearchOrder); err != nil {
-		return err
-	}
-
-	return nil
+	return checkMetadataSearchOrder(openstackOpts.metadataOpts.SearchOrder)
 }
 
 func newOpenStack(cfg Config) (*OpenStack, error) {
-	provider, err := openstack.NewClient(cfg.Global.AuthUrl)
+	provider, err := openstack.NewClient(cfg.Global.AuthURL)
 	if err != nil {
 		return nil, err
 	}
@@ -273,10 +325,10 @@ func newOpenStack(cfg Config) (*OpenStack, error) {
 		provider.HTTPClient.Transport = netutil.SetOldTransportDefaults(&http.Transport{TLSClientConfig: config})
 
 	}
-	if cfg.Global.TrustId != "" {
+	if cfg.Global.TrustID != "" {
 		opts := cfg.toAuth3Options()
 		authOptsExt := trusts.AuthOptsExt{
-			TrustID:            cfg.Global.TrustId,
+			TrustID:            cfg.Global.TrustID,
 			AuthOptionsBuilder: &opts,
 		}
 		err = openstack.AuthenticateV3(provider, authOptsExt, gophercloud.EndpointOpts{})
@@ -320,6 +372,22 @@ func mapNodeNameToServerName(nodeName types.NodeName) string {
 	return string(nodeName)
 }
 
+// GetNodeNameByID maps instanceid to types.NodeName
+func (os *OpenStack) GetNodeNameByID(instanceID string) (types.NodeName, error) {
+	client, err := os.NewComputeV2()
+	var nodeName types.NodeName
+	if err != nil {
+		return nodeName, err
+	}
+
+	server, err := servers.Get(client, instanceID).Extract()
+	if err != nil {
+		return nodeName, err
+	}
+	nodeName = mapServerToNodeName(server)
+	return nodeName, nil
+}
+
 // mapServerToNodeName maps an OpenStack Server to a k8s NodeName
 func mapServerToNodeName(server *servers.Server) types.NodeName {
 	// Node names are always lowercase, and (at least)
@@ -347,11 +415,14 @@ func foreachServer(client *gophercloud.ServiceClient, opts servers.ListOptsBuild
 	return err
 }
 
-func getServerByName(client *gophercloud.ServiceClient, name types.NodeName) (*servers.Server, error) {
+func getServerByName(client *gophercloud.ServiceClient, name types.NodeName, showOnlyActive bool) (*servers.Server, error) {
 	opts := servers.ListOpts{
-		Name:   fmt.Sprintf("^%s$", regexp.QuoteMeta(mapNodeNameToServerName(name))),
-		Status: "ACTIVE",
+		Name: fmt.Sprintf("^%s$", regexp.QuoteMeta(mapNodeNameToServerName(name))),
+	}
+	if showOnlyActive {
+		opts.Status = "ACTIVE"
 	}
+
 	pager := servers.List(client, opts)
 
 	serverList := make([]servers.Server, 0, 1)
@@ -382,7 +453,7 @@ func nodeAddresses(srv *servers.Server) ([]v1.NodeAddress, error) {
 	addrs := []v1.NodeAddress{}
 
 	type Address struct {
-		IpType string `mapstructure:"OS-EXT-IPS:type"`
+		IPType string `mapstructure:"OS-EXT-IPS:type"`
 		Addr   string
 	}
 
@@ -395,7 +466,7 @@ func nodeAddresses(srv *servers.Server) ([]v1.NodeAddress, error) {
 	for network, addrList := range addresses {
 		for _, props := range addrList {
 			var addressType v1.NodeAddressType
-			if props.IpType == "floating" || network == "public" {
+			if props.IPType == "floating" || network == "public" {
 				addressType = v1.NodeExternalIP
 			} else {
 				addressType = v1.NodeInternalIP
@@ -433,7 +504,7 @@ func nodeAddresses(srv *servers.Server) ([]v1.NodeAddress, error) {
 }
 
 func getAddressesByName(client *gophercloud.ServiceClient, name types.NodeName) ([]v1.NodeAddress, error) {
-	srv, err := getServerByName(client, name)
+	srv, err := getServerByName(client, name, true)
 	if err != nil {
 		return nil, err
 	}
@@ -486,6 +557,7 @@ func getAttachedInterfacesByID(client *gophercloud.ServiceClient, serviceID stri
 	return interfaces, nil
 }
 
+// Clusters is a no-op
 func (os *OpenStack) Clusters() (cloudprovider.Clusters, bool) {
 	return nil, false
 }
@@ -495,16 +567,12 @@ func (os *OpenStack) ProviderName() string {
 	return ProviderName
 }
 
-// ScrubDNS filters DNS settings for pods.
-func (os *OpenStack) ScrubDNS(nameServers, searches []string) ([]string, []string) {
-	return nameServers, searches
-}
-
 // HasClusterID returns true if the cluster has a clusterID
 func (os *OpenStack) HasClusterID() bool {
 	return true
 }
 
+// LoadBalancer initializes a LbaasV2 object
 func (os *OpenStack) LoadBalancer() (cloudprovider.LoadBalancer, bool) {
 	glog.V(4).Info("openstack.LoadBalancer() called")
 
@@ -541,12 +609,14 @@ func isNotFound(err error) bool {
 	return ok && e.Actual == http.StatusNotFound
 }
 
+// Zones indicates that we support zones
 func (os *OpenStack) Zones() (cloudprovider.Zones, bool) {
 	glog.V(1).Info("Claiming to support Zones")
 	return os, true
 }
 
-func (os *OpenStack) GetZone() (cloudprovider.Zone, error) {
+// GetZone returns the current zone
+func (os *OpenStack) GetZone(ctx context.Context) (cloudprovider.Zone, error) {
 	md, err := getMetadata(os.metadataOpts.SearchOrder)
 	if err != nil {
 		return cloudprovider.Zone{}, err
@@ -563,7 +633,7 @@ func (os *OpenStack) GetZone() (cloudprovider.Zone, error) {
 // GetZoneByProviderID implements Zones.GetZoneByProviderID
 // This is particularly useful in external cloud providers where the kubelet
 // does not initialize node data.
-func (os *OpenStack) GetZoneByProviderID(providerID string) (cloudprovider.Zone, error) {
+func (os *OpenStack) GetZoneByProviderID(ctx context.Context, providerID string) (cloudprovider.Zone, error) {
 	instanceID, err := instanceIDFromProviderID(providerID)
 	if err != nil {
 		return cloudprovider.Zone{}, err
@@ -580,7 +650,7 @@ func (os *OpenStack) GetZoneByProviderID(providerID string) (cloudprovider.Zone,
 	}
 
 	zone := cloudprovider.Zone{
-		FailureDomain: srv.Metadata[AvailabilityZone],
+		FailureDomain: srv.Metadata[availabilityZone],
 		Region:        os.region,
 	}
 	glog.V(4).Infof("The instance %s in zone %v", srv.Name, zone)
@@ -590,13 +660,13 @@ func (os *OpenStack) GetZoneByProviderID(providerID string) (cloudprovider.Zone,
 // GetZoneByNodeName implements Zones.GetZoneByNodeName
 // This is particularly useful in external cloud providers where the kubelet
 // does not initialize node data.
-func (os *OpenStack) GetZoneByNodeName(nodeName types.NodeName) (cloudprovider.Zone, error) {
+func (os *OpenStack) GetZoneByNodeName(ctx context.Context, nodeName types.NodeName) (cloudprovider.Zone, error) {
 	compute, err := os.NewComputeV2()
 	if err != nil {
 		return cloudprovider.Zone{}, err
 	}
 
-	srv, err := getServerByName(compute, nodeName)
+	srv, err := getServerByName(compute, nodeName, true)
 	if err != nil {
 		if err == ErrNotFound {
 			return cloudprovider.Zone{}, cloudprovider.InstanceNotFound
@@ -605,13 +675,14 @@ func (os *OpenStack) GetZoneByNodeName(nodeName types.NodeName) (cloudprovider.Z
 	}
 
 	zone := cloudprovider.Zone{
-		FailureDomain: srv.Metadata[AvailabilityZone],
+		FailureDomain: srv.Metadata[availabilityZone],
 		Region:        os.region,
 	}
 	glog.V(4).Infof("The instance %s in zone %v", srv.Name, zone)
 	return zone, nil
 }
 
+// Routes initializes routes support
 func (os *OpenStack) Routes() (cloudprovider.Routes, bool) {
 	glog.V(4).Info("openstack.Routes() called")
 
@@ -627,7 +698,7 @@ func (os *OpenStack) Routes() (cloudprovider.Routes, bool) {
 	}
 
 	if !netExts["extraroute"] {
-		glog.V(3).Infof("Neutron extraroute extension not found, required for Routes support")
+		glog.V(3).Info("Neutron extraroute extension not found, required for Routes support")
 		return nil, false
 	}
 
@@ -660,21 +731,21 @@ func (os *OpenStack) volumeService(forceVersion string) (volumeService, error) {
 		if err != nil {
 			return nil, err
 		}
-		glog.V(3).Infof("Using Blockstorage API V1")
+		glog.V(3).Info("Using Blockstorage API V1")
 		return &VolumesV1{sClient, os.bsOpts}, nil
 	case "v2":
 		sClient, err := os.NewBlockStorageV2()
 		if err != nil {
 			return nil, err
 		}
-		glog.V(3).Infof("Using Blockstorage API V2")
+		glog.V(3).Info("Using Blockstorage API V2")
 		return &VolumesV2{sClient, os.bsOpts}, nil
 	case "v3":
 		sClient, err := os.NewBlockStorageV3()
 		if err != nil {
 			return nil, err
 		}
-		glog.V(3).Infof("Using Blockstorage API V3")
+		glog.V(3).Info("Using Blockstorage API V3")
 		return &VolumesV3{sClient, os.bsOpts}, nil
 	case "auto":
 		// Currently kubernetes support Cinder v1 / Cinder v2 / Cinder v3.
@@ -682,26 +753,26 @@ func (os *OpenStack) volumeService(forceVersion string) (volumeService, error) {
 		// If kubernetes can't initialize cinder v2 client, try to initialize cinder v1 client.
 		// Return appropriate message when kubernetes can't initialize them.
 		if sClient, err := os.NewBlockStorageV3(); err == nil {
-			glog.V(3).Infof("Using Blockstorage API V3")
+			glog.V(3).Info("Using Blockstorage API V3")
 			return &VolumesV3{sClient, os.bsOpts}, nil
 		}
 
 		if sClient, err := os.NewBlockStorageV2(); err == nil {
-			glog.V(3).Infof("Using Blockstorage API V2")
+			glog.V(3).Info("Using Blockstorage API V2")
 			return &VolumesV2{sClient, os.bsOpts}, nil
 		}
 
 		if sClient, err := os.NewBlockStorageV1(); err == nil {
-			glog.V(3).Infof("Using Blockstorage API V1")
+			glog.V(3).Info("Using Blockstorage API V1")
 			return &VolumesV1{sClient, os.bsOpts}, nil
 		}
 
-		err_txt := "BlockStorage API version autodetection failed. " +
+		errTxt := "BlockStorage API version autodetection failed. " +
 			"Please set it explicitly in cloud.conf in section [BlockStorage] with key `bs-version`"
-		return nil, errors.New(err_txt)
+		return nil, errors.New(errTxt)
 	default:
-		err_txt := fmt.Sprintf("Config error: unrecognised bs-version \"%v\"", os.bsOpts.BSVersion)
-		return nil, errors.New(err_txt)
+		errTxt := fmt.Sprintf("Config error: unrecognised bs-version \"%v\"", os.bsOpts.BSVersion)
+		return nil, errors.New(errTxt)
 	}
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_client.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_client.go
index 04851070e4d1..2eb2c24ddc18 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_client.go
@@ -23,6 +23,7 @@ import (
 	"github.com/gophercloud/gophercloud/openstack"
 )
 
+// NewNetworkV2 creates a ServiceClient that may be used with the neutron v2 API
 func (os *OpenStack) NewNetworkV2() (*gophercloud.ServiceClient, error) {
 	network, err := openstack.NewNetworkV2(os.provider, gophercloud.EndpointOpts{
 		Region: os.region,
@@ -33,6 +34,7 @@ func (os *OpenStack) NewNetworkV2() (*gophercloud.ServiceClient, error) {
 	return network, nil
 }
 
+// NewComputeV2 creates a ServiceClient that may be used with the nova v2 API
 func (os *OpenStack) NewComputeV2() (*gophercloud.ServiceClient, error) {
 	compute, err := openstack.NewComputeV2(os.provider, gophercloud.EndpointOpts{
 		Region: os.region,
@@ -43,6 +45,7 @@ func (os *OpenStack) NewComputeV2() (*gophercloud.ServiceClient, error) {
 	return compute, nil
 }
 
+// NewBlockStorageV1 creates a ServiceClient that may be used with the Cinder v1 API
 func (os *OpenStack) NewBlockStorageV1() (*gophercloud.ServiceClient, error) {
 	storage, err := openstack.NewBlockStorageV1(os.provider, gophercloud.EndpointOpts{
 		Region: os.region,
@@ -53,6 +56,7 @@ func (os *OpenStack) NewBlockStorageV1() (*gophercloud.ServiceClient, error) {
 	return storage, nil
 }
 
+// NewBlockStorageV2 creates a ServiceClient that may be used with the Cinder v2 API
 func (os *OpenStack) NewBlockStorageV2() (*gophercloud.ServiceClient, error) {
 	storage, err := openstack.NewBlockStorageV2(os.provider, gophercloud.EndpointOpts{
 		Region: os.region,
@@ -63,6 +67,7 @@ func (os *OpenStack) NewBlockStorageV2() (*gophercloud.ServiceClient, error) {
 	return storage, nil
 }
 
+// NewBlockStorageV3 creates a ServiceClient that may be used with the Cinder v3 API
 func (os *OpenStack) NewBlockStorageV3() (*gophercloud.ServiceClient, error) {
 	storage, err := openstack.NewBlockStorageV3(os.provider, gophercloud.EndpointOpts{
 		Region: os.region,
@@ -73,6 +78,7 @@ func (os *OpenStack) NewBlockStorageV3() (*gophercloud.ServiceClient, error) {
 	return storage, nil
 }
 
+// NewLoadBalancerV2 creates a ServiceClient that may be used with the Neutron LBaaS v2 API
 func (os *OpenStack) NewLoadBalancerV2() (*gophercloud.ServiceClient, error) {
 	var lb *gophercloud.ServiceClient
 	var err error
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_instances.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_instances.go
index 3cf1733b322e..b8ea557e6744 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_instances.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_instances.go
@@ -17,6 +17,7 @@ limitations under the License.
 package openstack
 
 import (
+	"context"
 	"fmt"
 	"regexp"
 
@@ -29,6 +30,7 @@ import (
 	"k8s.io/kubernetes/pkg/cloudprovider"
 )
 
+// Instances encapsulates an implementation of Instances for OpenStack.
 type Instances struct {
 	compute *gophercloud.ServiceClient
 	opts    MetadataOpts
@@ -43,7 +45,7 @@ func (os *OpenStack) Instances() (cloudprovider.Instances, bool) {
 		return nil, false
 	}
 
-	glog.V(1).Info("Claiming to support Instances")
+	glog.V(4).Info("Claiming to support Instances")
 
 	return &Instances{
 		compute: compute,
@@ -51,21 +53,23 @@ func (os *OpenStack) Instances() (cloudprovider.Instances, bool) {
 	}, true
 }
 
-// Implementation of Instances.CurrentNodeName
+// CurrentNodeName implements Instances.CurrentNodeName
 // Note this is *not* necessarily the same as hostname.
-func (i *Instances) CurrentNodeName(hostname string) (types.NodeName, error) {
+func (i *Instances) CurrentNodeName(ctx context.Context, hostname string) (types.NodeName, error) {
 	md, err := getMetadata(i.opts.SearchOrder)
 	if err != nil {
 		return "", err
 	}
-	return types.NodeName(md.Name), nil
+	return types.NodeName(md.Hostname), nil
 }
 
-func (i *Instances) AddSSHKeyToAllInstances(user string, keyData []byte) error {
+// AddSSHKeyToAllInstances is not implemented for OpenStack
+func (i *Instances) AddSSHKeyToAllInstances(ctx context.Context, user string, keyData []byte) error {
 	return cloudprovider.NotImplemented
 }
 
-func (i *Instances) NodeAddresses(name types.NodeName) ([]v1.NodeAddress, error) {
+// NodeAddresses implements Instances.NodeAddresses
+func (i *Instances) NodeAddresses(ctx context.Context, name types.NodeName) ([]v1.NodeAddress, error) {
 	glog.V(4).Infof("NodeAddresses(%v) called", name)
 
 	addrs, err := getAddressesByName(i.compute, name)
@@ -80,7 +84,7 @@ func (i *Instances) NodeAddresses(name types.NodeName) ([]v1.NodeAddress, error)
 // NodeAddressesByProviderID returns the node addresses of an instances with the specified unique providerID
 // This method will not be called from the node that is requesting this ID. i.e. metadata service
 // and other local methods cannot be used here
-func (i *Instances) NodeAddressesByProviderID(providerID string) ([]v1.NodeAddress, error) {
+func (i *Instances) NodeAddressesByProviderID(ctx context.Context, providerID string) ([]v1.NodeAddress, error) {
 	instanceID, err := instanceIDFromProviderID(providerID)
 
 	if err != nil {
@@ -102,8 +106,8 @@ func (i *Instances) NodeAddressesByProviderID(providerID string) ([]v1.NodeAddre
 }
 
 // ExternalID returns the cloud provider ID of the specified instance (deprecated).
-func (i *Instances) ExternalID(name types.NodeName) (string, error) {
-	srv, err := getServerByName(i.compute, name)
+func (i *Instances) ExternalID(ctx context.Context, name types.NodeName) (string, error) {
+	srv, err := getServerByName(i.compute, name, true)
 	if err != nil {
 		if err == ErrNotFound {
 			return "", cloudprovider.InstanceNotFound
@@ -115,7 +119,7 @@ func (i *Instances) ExternalID(name types.NodeName) (string, error) {
 
 // InstanceExistsByProviderID returns true if the instance with the given provider id still exists and is running.
 // If false is returned with no error, the instance will be immediately deleted by the cloud controller manager.
-func (i *Instances) InstanceExistsByProviderID(providerID string) (bool, error) {
+func (i *Instances) InstanceExistsByProviderID(ctx context.Context, providerID string) (bool, error) {
 	instanceID, err := instanceIDFromProviderID(providerID)
 	if err != nil {
 		return false, err
@@ -150,8 +154,8 @@ func (os *OpenStack) InstanceID() (string, error) {
 }
 
 // InstanceID returns the cloud provider ID of the specified instance.
-func (i *Instances) InstanceID(name types.NodeName) (string, error) {
-	srv, err := getServerByName(i.compute, name)
+func (i *Instances) InstanceID(ctx context.Context, name types.NodeName) (string, error) {
+	srv, err := getServerByName(i.compute, name, true)
 	if err != nil {
 		if err == ErrNotFound {
 			return "", cloudprovider.InstanceNotFound
@@ -166,7 +170,7 @@ func (i *Instances) InstanceID(name types.NodeName) (string, error) {
 // InstanceTypeByProviderID returns the cloudprovider instance type of the node with the specified unique providerID
 // This method will not be called from the node that is requesting this ID. i.e. metadata service
 // and other local methods cannot be used here
-func (i *Instances) InstanceTypeByProviderID(providerID string) (string, error) {
+func (i *Instances) InstanceTypeByProviderID(ctx context.Context, providerID string) (string, error) {
 	instanceID, err := instanceIDFromProviderID(providerID)
 
 	if err != nil {
@@ -183,8 +187,8 @@ func (i *Instances) InstanceTypeByProviderID(providerID string) (string, error)
 }
 
 // InstanceType returns the type of the specified instance.
-func (i *Instances) InstanceType(name types.NodeName) (string, error) {
-	srv, err := getServerByName(i.compute, name)
+func (i *Instances) InstanceType(ctx context.Context, name types.NodeName) (string, error) {
+	srv, err := getServerByName(i.compute, name, true)
 
 	if err != nil {
 		return "", err
@@ -212,9 +216,9 @@ func srvInstanceType(srv *servers.Server) (string, error) {
 // See cloudprovider.GetInstanceProviderID and Instances.InstanceID.
 func instanceIDFromProviderID(providerID string) (instanceID string, err error) {
 	// If Instances.InstanceID or cloudprovider.GetInstanceProviderID is changed, the regexp should be changed too.
-	var providerIdRegexp = regexp.MustCompile(`^` + ProviderName + `:///([^/]+)$`)
+	var providerIDRegexp = regexp.MustCompile(`^` + ProviderName + `:///([^/]+)$`)
 
-	matches := providerIdRegexp.FindStringSubmatch(providerID)
+	matches := providerIDRegexp.FindStringSubmatch(providerID)
 	if len(matches) != 2 {
 		return "", fmt.Errorf("ProviderID \"%s\" didn't match expected format \"openstack:///InstanceID\"", providerID)
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_loadbalancer.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_loadbalancer.go
index 7be667e75ff2..1d894db22d7a 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_loadbalancer.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_loadbalancer.go
@@ -17,8 +17,10 @@ limitations under the License.
 package openstack
 
 import (
+	"context"
 	"fmt"
 	"net"
+	"reflect"
 	"strings"
 	"time"
 
@@ -52,7 +54,7 @@ const (
 	// going into ACTIVE loadbalancer provisioning status. Starting with 1
 	// seconds, multiplying by 1.2 with each step and taking 19 steps at maximum
 	// it will time out after 128s, which roughly corresponds to 120s
-	loadbalancerActiveInitDealy = 1 * time.Second
+	loadbalancerActiveInitDelay = 1 * time.Second
 	loadbalancerActiveFactor    = 1.2
 	loadbalancerActiveSteps     = 19
 
@@ -60,14 +62,14 @@ const (
 	// waiting for delete operation to complete. Starting with 1
 	// seconds, multiplying by 1.2 with each step and taking 13 steps at maximum
 	// it will time out after 32s, which roughly corresponds to 30s
-	loadbalancerDeleteInitDealy = 1 * time.Second
+	loadbalancerDeleteInitDelay = 1 * time.Second
 	loadbalancerDeleteFactor    = 1.2
 	loadbalancerDeleteSteps     = 13
 
 	activeStatus = "ACTIVE"
 	errorStatus  = "ERROR"
 
-	ServiceAnnotationLoadBalancerFloatingNetworkId = "loadbalancer.openstack.org/floating-network-id"
+	ServiceAnnotationLoadBalancerFloatingNetworkID = "loadbalancer.openstack.org/floating-network-id"
 
 	// ServiceAnnotationLoadBalancerInternal is the annotation used on the service
 	// to indicate that we want an internal loadbalancer service.
@@ -75,7 +77,7 @@ const (
 	ServiceAnnotationLoadBalancerInternal = "service.beta.kubernetes.io/openstack-internal-load-balancer"
 )
 
-// LoadBalancer implementation for LBaaS v2
+// LbaasV2 is a LoadBalancer implementation for Neutron LBaaS v2 API
 type LbaasV2 struct {
 	LoadBalancer
 }
@@ -328,7 +330,7 @@ func getSecurityGroupRules(client *gophercloud.ServiceClient, opts rules.ListOpt
 
 func waitLoadbalancerActiveProvisioningStatus(client *gophercloud.ServiceClient, loadbalancerID string) (string, error) {
 	backoff := wait.Backoff{
-		Duration: loadbalancerActiveInitDealy,
+		Duration: loadbalancerActiveInitDelay,
 		Factor:   loadbalancerActiveFactor,
 		Steps:    loadbalancerActiveSteps,
 	}
@@ -358,7 +360,7 @@ func waitLoadbalancerActiveProvisioningStatus(client *gophercloud.ServiceClient,
 
 func waitLoadbalancerDeleted(client *gophercloud.ServiceClient, loadbalancerID string) error {
 	backoff := wait.Backoff{
-		Duration: loadbalancerDeleteInitDealy,
+		Duration: loadbalancerDeleteInitDelay,
 		Factor:   loadbalancerDeleteFactor,
 		Steps:    loadbalancerDeleteSteps,
 	}
@@ -367,12 +369,10 @@ func waitLoadbalancerDeleted(client *gophercloud.ServiceClient, loadbalancerID s
 		if err != nil {
 			if err == ErrNotFound {
 				return true, nil
-			} else {
-				return false, err
 			}
-		} else {
-			return false, nil
+			return false, err
 		}
+		return false, nil
 	})
 
 	if err == wait.ErrWaitTimeout {
@@ -441,7 +441,7 @@ func (lbaas *LbaasV2) createLoadBalancer(service *v1.Service, name string, inter
 	createOpts := loadbalancers.CreateOpts{
 		Name:        name,
 		Description: fmt.Sprintf("Kubernetes external service %s", name),
-		VipSubnetID: lbaas.opts.SubnetId,
+		VipSubnetID: lbaas.opts.SubnetID,
 		Provider:    lbaas.opts.LBProvider,
 	}
 
@@ -457,7 +457,8 @@ func (lbaas *LbaasV2) createLoadBalancer(service *v1.Service, name string, inter
 	return loadbalancer, nil
 }
 
-func (lbaas *LbaasV2) GetLoadBalancer(clusterName string, service *v1.Service) (*v1.LoadBalancerStatus, bool, error) {
+// GetLoadBalancer returns whether the specified load balancer exists and its status
+func (lbaas *LbaasV2) GetLoadBalancer(ctx context.Context, clusterName string, service *v1.Service) (*v1.LoadBalancerStatus, bool, error) {
 	loadBalancerName := cloudprovider.GetLoadBalancerName(service)
 	loadbalancer, err := getLoadbalancerByName(lbaas.lb, loadBalancerName)
 	if err == ErrNotFound {
@@ -484,7 +485,7 @@ func (lbaas *LbaasV2) GetLoadBalancer(clusterName string, service *v1.Service) (
 }
 
 // The LB needs to be configured with instance addresses on the same
-// subnet as the LB (aka opts.SubnetId).  Currently we're just
+// subnet as the LB (aka opts.SubnetID).  Currently we're just
 // guessing that the node's InternalIP is the right address - and that
 // should be sufficient for all "normal" cases.
 func nodeAddressForLB(node *v1.Node) (string, error) {
@@ -551,7 +552,7 @@ func getNodeSecurityGroupIDForLB(compute *gophercloud.ServiceClient, nodes []*v1
 
 	for _, node := range nodes {
 		nodeName := types.NodeName(node.Name)
-		srv, err := getServerByName(compute, nodeName)
+		srv, err := getServerByName(compute, nodeName, true)
 		if err != nil {
 			return nodeSecurityGroupIDs.List(), err
 		}
@@ -568,8 +569,23 @@ func getNodeSecurityGroupIDForLB(compute *gophercloud.ServiceClient, nodes []*v1
 	return nodeSecurityGroupIDs.List(), nil
 }
 
-// getFloatingNetworkIdForLB returns a floating-network-id for cluster.
-func getFloatingNetworkIdForLB(client *gophercloud.ServiceClient) (string, error) {
+// isSecurityGroupNotFound return true while 'err' is object of gophercloud.ErrResourceNotFound
+func isSecurityGroupNotFound(err error) bool {
+	errType := reflect.TypeOf(err).String()
+	errTypeSlice := strings.Split(errType, ".")
+	errTypeValue := ""
+	if len(errTypeSlice) != 0 {
+		errTypeValue = errTypeSlice[len(errTypeSlice)-1]
+	}
+	if errTypeValue == "ErrResourceNotFound" {
+		return true
+	}
+
+	return false
+}
+
+// getFloatingNetworkIDForLB returns a floating-network-id for cluster.
+func getFloatingNetworkIDForLB(client *gophercloud.ServiceClient) (string, error) {
 	var floatingNetworkIds []string
 
 	type NetworkWithExternalExt struct {
@@ -619,23 +635,24 @@ func getFloatingNetworkIdForLB(client *gophercloud.ServiceClient) (string, error
 // a list of regions (from config) and query/create loadbalancers in
 // each region.
 
-func (lbaas *LbaasV2) EnsureLoadBalancer(clusterName string, apiService *v1.Service, nodes []*v1.Node) (*v1.LoadBalancerStatus, error) {
+// EnsureLoadBalancer creates a new load balancer 'name', or updates the existing one.
+func (lbaas *LbaasV2) EnsureLoadBalancer(ctx context.Context, clusterName string, apiService *v1.Service, nodes []*v1.Node) (*v1.LoadBalancerStatus, error) {
 	glog.V(4).Infof("EnsureLoadBalancer(%v, %v, %v, %v, %v, %v, %v)", clusterName, apiService.Namespace, apiService.Name, apiService.Spec.LoadBalancerIP, apiService.Spec.Ports, nodes, apiService.Annotations)
 
 	if len(nodes) == 0 {
 		return nil, fmt.Errorf("there are no available nodes for LoadBalancer service %s/%s", apiService.Namespace, apiService.Name)
 	}
 
-	if len(lbaas.opts.SubnetId) == 0 {
-		// Get SubnetId automatically.
-		// The LB needs to be configured with instance addresses on the same subnet, so get SubnetId by one node.
+	if len(lbaas.opts.SubnetID) == 0 {
+		// Get SubnetID automatically.
+		// The LB needs to be configured with instance addresses on the same subnet, so get SubnetID by one node.
 		subnetID, err := getSubnetIDForLB(lbaas.compute, *nodes[0])
 		if err != nil {
 			glog.Warningf("Failed to find subnet-id for loadbalancer service %s/%s: %v", apiService.Namespace, apiService.Name, err)
 			return nil, fmt.Errorf("no subnet-id for service %s/%s : subnet-id not set in cloud provider config, "+
 				"and failed to find subnet-id from OpenStack: %v", apiService.Namespace, apiService.Name, err)
 		}
-		lbaas.opts.SubnetId = subnetID
+		lbaas.opts.SubnetID = subnetID
 	}
 
 	ports := apiService.Spec.Ports
@@ -643,10 +660,10 @@ func (lbaas *LbaasV2) EnsureLoadBalancer(clusterName string, apiService *v1.Serv
 		return nil, fmt.Errorf("no ports provided to openstack load balancer")
 	}
 
-	floatingPool := getStringFromServiceAnnotation(apiService, ServiceAnnotationLoadBalancerFloatingNetworkId, lbaas.opts.FloatingNetworkId)
+	floatingPool := getStringFromServiceAnnotation(apiService, ServiceAnnotationLoadBalancerFloatingNetworkID, lbaas.opts.FloatingNetworkID)
 	if len(floatingPool) == 0 {
 		var err error
-		floatingPool, err = getFloatingNetworkIdForLB(lbaas.network)
+		floatingPool, err = getFloatingNetworkIDForLB(lbaas.network)
 		if err != nil {
 			glog.Warningf("Failed to find floating-network-id for loadbalancer service %s/%s: %v", apiService.Namespace, apiService.Name, err)
 		}
@@ -714,7 +731,10 @@ func (lbaas *LbaasV2) EnsureLoadBalancer(clusterName string, apiService *v1.Serv
 		glog.V(2).Infof("LoadBalancer %s already exists", name)
 	}
 
-	waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+	provisioningStatus, err := waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+	if err != nil {
+		return nil, fmt.Errorf("failed to loadbalance ACTIVE provisioning status %v: %v", provisioningStatus, err)
+	}
 
 	lbmethod := v2pools.LBMethod(lbaas.opts.LBMethod)
 	if lbmethod == "" {
@@ -739,7 +759,10 @@ func (lbaas *LbaasV2) EnsureLoadBalancer(clusterName string, apiService *v1.Serv
 				// Unknown error, retry later
 				return nil, fmt.Errorf("error creating LB listener: %v", err)
 			}
-			waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+			provisioningStatus, err := waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+			if err != nil {
+				return nil, fmt.Errorf("failed to loadbalance ACTIVE provisioning status %v: %v", provisioningStatus, err)
+			}
 		}
 
 		glog.V(4).Infof("Listener for %s port %d: %s", string(port.Protocol), int(port.Port), listener.ID)
@@ -765,7 +788,11 @@ func (lbaas *LbaasV2) EnsureLoadBalancer(clusterName string, apiService *v1.Serv
 				// Unknown error, retry later
 				return nil, fmt.Errorf("error creating pool for listener %s: %v", listener.ID, err)
 			}
-			waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+			provisioningStatus, err := waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+			if err != nil {
+				return nil, fmt.Errorf("failed to loadbalance ACTIVE provisioning status %v: %v", provisioningStatus, err)
+			}
+
 		}
 
 		glog.V(4).Infof("Pool for listener %s: %s", listener.ID, pool.ID)
@@ -790,13 +817,16 @@ func (lbaas *LbaasV2) EnsureLoadBalancer(clusterName string, apiService *v1.Serv
 				_, err := v2pools.CreateMember(lbaas.lb, pool.ID, v2pools.CreateMemberOpts{
 					ProtocolPort: int(port.NodePort),
 					Address:      addr,
-					SubnetID:     lbaas.opts.SubnetId,
+					SubnetID:     lbaas.opts.SubnetID,
 				}).Extract()
 				if err != nil {
 					return nil, fmt.Errorf("error creating LB pool member for node: %s, %v", node.Name, err)
 				}
 
-				waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+				provisioningStatus, err := waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+				if err != nil {
+					return nil, fmt.Errorf("failed to loadbalance ACTIVE provisioning status %v: %v", provisioningStatus, err)
+				}
 			} else {
 				// After all members have been processed, remaining members are deleted as obsolete.
 				members = popMember(members, addr, int(port.NodePort))
@@ -812,7 +842,10 @@ func (lbaas *LbaasV2) EnsureLoadBalancer(clusterName string, apiService *v1.Serv
 			if err != nil && !isNotFound(err) {
 				return nil, fmt.Errorf("error deleting obsolete member %s for pool %s address %s: %v", member.ID, pool.ID, member.Address, err)
 			}
-			waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+			provisioningStatus, err := waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+			if err != nil {
+				return nil, fmt.Errorf("failed to loadbalance ACTIVE provisioning status %v: %v", provisioningStatus, err)
+			}
 		}
 
 		monitorID := pool.MonitorID
@@ -828,7 +861,10 @@ func (lbaas *LbaasV2) EnsureLoadBalancer(clusterName string, apiService *v1.Serv
 			if err != nil {
 				return nil, fmt.Errorf("error creating LB pool healthmonitor: %v", err)
 			}
-			waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+			provisioningStatus, err := waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+			if err != nil {
+				return nil, fmt.Errorf("failed to loadbalance ACTIVE provisioning status %v: %v", provisioningStatus, err)
+			}
 			monitorID = monitor.ID
 		} else if lbaas.opts.CreateMonitor == false {
 			glog.V(4).Infof("Do not create monitor for pool %s when create-monitor is false", pool.ID)
@@ -856,7 +892,10 @@ func (lbaas *LbaasV2) EnsureLoadBalancer(clusterName string, apiService *v1.Serv
 				if err != nil && !isNotFound(err) {
 					return nil, fmt.Errorf("error deleting obsolete monitor %s for pool %s: %v", monitorID, pool.ID, err)
 				}
-				waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+				provisioningStatus, err := waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+				if err != nil {
+					return nil, fmt.Errorf("failed to loadbalance ACTIVE provisioning status %v: %v", provisioningStatus, err)
+				}
 			}
 			// get and delete pool members
 			members, err := getMembersByPoolID(lbaas.lb, pool.ID)
@@ -870,7 +909,10 @@ func (lbaas *LbaasV2) EnsureLoadBalancer(clusterName string, apiService *v1.Serv
 					if err != nil && !isNotFound(err) {
 						return nil, fmt.Errorf("error deleting obsolete member %s for pool %s address %s: %v", member.ID, pool.ID, member.Address, err)
 					}
-					waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+					provisioningStatus, err := waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+					if err != nil {
+						return nil, fmt.Errorf("failed to loadbalance ACTIVE provisioning status %v: %v", provisioningStatus, err)
+					}
 				}
 			}
 			glog.V(4).Infof("Deleting obsolete pool %s for listener %s", pool.ID, listener.ID)
@@ -879,14 +921,20 @@ func (lbaas *LbaasV2) EnsureLoadBalancer(clusterName string, apiService *v1.Serv
 			if err != nil && !isNotFound(err) {
 				return nil, fmt.Errorf("error deleting obsolete pool %s for listener %s: %v", pool.ID, listener.ID, err)
 			}
-			waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+			provisioningStatus, err := waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+			if err != nil {
+				return nil, fmt.Errorf("failed to loadbalance ACTIVE provisioning status %v: %v", provisioningStatus, err)
+			}
 		}
 		// delete listener
 		err = listeners.Delete(lbaas.lb, listener.ID).ExtractErr()
 		if err != nil && !isNotFound(err) {
 			return nil, fmt.Errorf("error deleteting obsolete listener: %v", err)
 		}
-		waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+		provisioningStatus, err := waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+		if err != nil {
+			return nil, fmt.Errorf("failed to loadbalance ACTIVE provisioning status %v: %v", provisioningStatus, err)
+		}
 		glog.V(2).Infof("Deleted obsolete listener: %s", listener.ID)
 	}
 
@@ -925,17 +973,9 @@ func (lbaas *LbaasV2) EnsureLoadBalancer(clusterName string, apiService *v1.Serv
 		err := lbaas.ensureSecurityGroup(clusterName, apiService, nodes, loadbalancer)
 		if err != nil {
 			// cleanup what was created so far
-			_ = lbaas.EnsureLoadBalancerDeleted(clusterName, apiService)
+			_ = lbaas.EnsureLoadBalancerDeleted(ctx, clusterName, apiService)
 			return status, err
 		}
-
-		// delete the old Security Group for the service
-		// Related to #53764
-		// TODO(FengyunPan): Remove it at V1.10
-		err = lbaas.EnsureOldSecurityGroupDeleted(clusterName, apiService)
-		if err != nil {
-			return status, fmt.Errorf("Failed to delete the Security Group for loadbalancer service %s/%s: %v", apiService.Namespace, apiService.Name, err)
-		}
 	}
 
 	return status, nil
@@ -970,10 +1010,8 @@ func (lbaas *LbaasV2) ensureSecurityGroup(clusterName string, apiService *v1.Ser
 	lbSecGroupName := getSecurityGroupName(apiService)
 	lbSecGroupID, err := groups.IDFromName(lbaas.network, lbSecGroupName)
 	if err != nil {
-		// check whether security group does not exist
-		_, ok := err.(*gophercloud.ErrResourceNotFound)
-		if ok {
-			// create it later
+		// If the security group of LB not exist, create it later
+		if isSecurityGroupNotFound(err) {
 			lbSecGroupID = ""
 		} else {
 			return fmt.Errorf("error occurred finding security group: %s: %v", lbSecGroupName, err)
@@ -1019,7 +1057,7 @@ func (lbaas *LbaasV2) ensureSecurityGroup(clusterName string, apiService *v1.Ser
 				_, err = rules.Create(lbaas.network, lbSecGroupRuleCreateOpts).Extract()
 
 				if err != nil {
-					return fmt.Errorf("error occured creating rule for SecGroup %s: %v", lbSecGroup.ID, err)
+					return fmt.Errorf("error occurred creating rule for SecGroup %s: %v", lbSecGroup.ID, err)
 				}
 			}
 		}
@@ -1037,7 +1075,7 @@ func (lbaas *LbaasV2) ensureSecurityGroup(clusterName string, apiService *v1.Ser
 		_, err = rules.Create(lbaas.network, lbSecGroupRuleCreateOpts).Extract()
 
 		if err != nil {
-			return fmt.Errorf("error occured creating rule for SecGroup %s: %v", lbSecGroup.ID, err)
+			return fmt.Errorf("error occurred creating rule for SecGroup %s: %v", lbSecGroup.ID, err)
 		}
 
 		lbSecGroupRuleCreateOpts = rules.CreateOpts{
@@ -1052,7 +1090,7 @@ func (lbaas *LbaasV2) ensureSecurityGroup(clusterName string, apiService *v1.Ser
 
 		_, err = rules.Create(lbaas.network, lbSecGroupRuleCreateOpts).Extract()
 		if err != nil {
-			return fmt.Errorf("error occured creating rule for SecGroup %s: %v", lbSecGroup.ID, err)
+			return fmt.Errorf("error occurred creating rule for SecGroup %s: %v", lbSecGroup.ID, err)
 		}
 
 		// get security groups of port
@@ -1074,10 +1112,10 @@ func (lbaas *LbaasV2) ensureSecurityGroup(clusterName string, apiService *v1.Ser
 		// update loadbalancer vip port
 		if !found {
 			port.SecurityGroups = append(port.SecurityGroups, lbSecGroup.ID)
-			update_opts := neutronports.UpdateOpts{SecurityGroups: &port.SecurityGroups}
-			res := neutronports.Update(lbaas.network, portID, update_opts)
+			updateOpts := neutronports.UpdateOpts{SecurityGroups: &port.SecurityGroups}
+			res := neutronports.Update(lbaas.network, portID, updateOpts)
 			if res.Err != nil {
-				msg := fmt.Sprintf("Error occured updating port %s for loadbalancer service %s/%s: %v", portID, apiService.Namespace, apiService.Name, res.Err)
+				msg := fmt.Sprintf("Error occurred updating port %s for loadbalancer service %s/%s: %v", portID, apiService.Namespace, apiService.Name, res.Err)
 				return fmt.Errorf(msg)
 			}
 		}
@@ -1107,7 +1145,7 @@ func (lbaas *LbaasV2) ensureSecurityGroup(clusterName string, apiService *v1.Ser
 			// Add the rules in the Node Security Group
 			err = createNodeSecurityGroup(lbaas.network, nodeSecurityGroupID, int(port.NodePort), port.Protocol, lbSecGroupID)
 			if err != nil {
-				return fmt.Errorf("error occured creating security group for loadbalancer service %s/%s: %v", apiService.Namespace, apiService.Name, err)
+				return fmt.Errorf("error occurred creating security group for loadbalancer service %s/%s: %v", apiService.Namespace, apiService.Name, err)
 			}
 		}
 	}
@@ -1115,20 +1153,21 @@ func (lbaas *LbaasV2) ensureSecurityGroup(clusterName string, apiService *v1.Ser
 	return nil
 }
 
-func (lbaas *LbaasV2) UpdateLoadBalancer(clusterName string, service *v1.Service, nodes []*v1.Node) error {
+// UpdateLoadBalancer updates hosts under the specified load balancer.
+func (lbaas *LbaasV2) UpdateLoadBalancer(ctx context.Context, clusterName string, service *v1.Service, nodes []*v1.Node) error {
 	loadBalancerName := cloudprovider.GetLoadBalancerName(service)
 	glog.V(4).Infof("UpdateLoadBalancer(%v, %v, %v)", clusterName, loadBalancerName, nodes)
 
-	if len(lbaas.opts.SubnetId) == 0 && len(nodes) > 0 {
-		// Get SubnetId automatically.
-		// The LB needs to be configured with instance addresses on the same subnet, so get SubnetId by one node.
+	if len(lbaas.opts.SubnetID) == 0 && len(nodes) > 0 {
+		// Get SubnetID automatically.
+		// The LB needs to be configured with instance addresses on the same subnet, so get SubnetID by one node.
 		subnetID, err := getSubnetIDForLB(lbaas.compute, *nodes[0])
 		if err != nil {
 			glog.Warningf("Failed to find subnet-id for loadbalancer service %s/%s: %v", service.Namespace, service.Name, err)
 			return fmt.Errorf("no subnet-id for service %s/%s : subnet-id not set in cloud provider config, "+
 				"and failed to find subnet-id from OpenStack: %v", service.Namespace, service.Name, err)
 		}
-		lbaas.opts.SubnetId = subnetID
+		lbaas.opts.SubnetID = subnetID
 	}
 
 	ports := service.Spec.Ports
@@ -1217,12 +1256,15 @@ func (lbaas *LbaasV2) UpdateLoadBalancer(clusterName string, service *v1.Service
 			_, err := v2pools.CreateMember(lbaas.lb, pool.ID, v2pools.CreateMemberOpts{
 				Address:      addr,
 				ProtocolPort: int(port.NodePort),
-				SubnetID:     lbaas.opts.SubnetId,
+				SubnetID:     lbaas.opts.SubnetID,
 			}).Extract()
 			if err != nil {
 				return err
 			}
-			waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+			provisioningStatus, err := waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+			if err != nil {
+				return fmt.Errorf("failed to loadbalance ACTIVE provisioning status %v: %v", provisioningStatus, err)
+			}
 		}
 
 		// Remove any old members for this port
@@ -1235,7 +1277,10 @@ func (lbaas *LbaasV2) UpdateLoadBalancer(clusterName string, service *v1.Service
 			if err != nil && !isNotFound(err) {
 				return err
 			}
-			waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+			provisioningStatus, err := waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+			if err != nil {
+				return fmt.Errorf("failed to loadbalance ACTIVE provisioning status %v: %v", provisioningStatus, err)
+			}
 		}
 	}
 
@@ -1321,7 +1366,7 @@ func (lbaas *LbaasV2) updateSecurityGroup(clusterName string, apiService *v1.Ser
 			// Add the rules in the Node Security Group
 			err = createNodeSecurityGroup(lbaas.network, nodeSecurityGroupID, int(port.NodePort), port.Protocol, lbSecGroupID)
 			if err != nil {
-				return fmt.Errorf("error occured creating security group for loadbalancer service %s/%s: %v", apiService.Namespace, apiService.Name, err)
+				return fmt.Errorf("error occurred creating security group for loadbalancer service %s/%s: %v", apiService.Namespace, apiService.Name, err)
 			}
 		}
 	}
@@ -1329,7 +1374,8 @@ func (lbaas *LbaasV2) updateSecurityGroup(clusterName string, apiService *v1.Ser
 	return nil
 }
 
-func (lbaas *LbaasV2) EnsureLoadBalancerDeleted(clusterName string, service *v1.Service) error {
+// EnsureLoadBalancerDeleted deletes the specified load balancer
+func (lbaas *LbaasV2) EnsureLoadBalancerDeleted(ctx context.Context, clusterName string, service *v1.Service) error {
 	loadBalancerName := cloudprovider.GetLoadBalancerName(service)
 	glog.V(4).Infof("EnsureLoadBalancerDeleted(%v, %v)", clusterName, loadBalancerName)
 
@@ -1341,7 +1387,7 @@ func (lbaas *LbaasV2) EnsureLoadBalancerDeleted(clusterName string, service *v1.
 		return nil
 	}
 
-	if loadbalancer != nil && loadbalancer.VipPortID != "" {
+	if loadbalancer.VipPortID != "" {
 		portID := loadbalancer.VipPortID
 		floatingIP, err := getFloatingIPByPortID(lbaas.network, portID)
 		if err != nil && err != ErrNotFound {
@@ -1396,7 +1442,10 @@ func (lbaas *LbaasV2) EnsureLoadBalancerDeleted(clusterName string, service *v1.
 		if err != nil && !isNotFound(err) {
 			return err
 		}
-		waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+		provisioningStatus, err := waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+		if err != nil {
+			return fmt.Errorf("failed to loadbalance ACTIVE provisioning status %v: %v", provisioningStatus, err)
+		}
 	}
 
 	// delete all members and pools
@@ -1407,7 +1456,10 @@ func (lbaas *LbaasV2) EnsureLoadBalancerDeleted(clusterName string, service *v1.
 			if err != nil && !isNotFound(err) {
 				return err
 			}
-			waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+			provisioningStatus, err := waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+			if err != nil {
+				return fmt.Errorf("failed to loadbalance ACTIVE provisioning status %v: %v", provisioningStatus, err)
+			}
 		}
 
 		// delete pool
@@ -1415,7 +1467,10 @@ func (lbaas *LbaasV2) EnsureLoadBalancerDeleted(clusterName string, service *v1.
 		if err != nil && !isNotFound(err) {
 			return err
 		}
-		waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+		provisioningStatus, err := waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+		if err != nil {
+			return fmt.Errorf("failed to loadbalance ACTIVE provisioning status %v: %v", provisioningStatus, err)
+		}
 	}
 
 	// delete all listeners
@@ -1424,7 +1479,10 @@ func (lbaas *LbaasV2) EnsureLoadBalancerDeleted(clusterName string, service *v1.
 		if err != nil && !isNotFound(err) {
 			return err
 		}
-		waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+		provisioningStatus, err := waitLoadbalancerActiveProvisioningStatus(lbaas.lb, loadbalancer.ID)
+		if err != nil {
+			return fmt.Errorf("failed to loadbalance ACTIVE provisioning status %v: %v", provisioningStatus, err)
+		}
 	}
 
 	// delete loadbalancer
@@ -1432,7 +1490,10 @@ func (lbaas *LbaasV2) EnsureLoadBalancerDeleted(clusterName string, service *v1.
 	if err != nil && !isNotFound(err) {
 		return err
 	}
-	waitLoadbalancerDeleted(lbaas.lb, loadbalancer.ID)
+	err = waitLoadbalancerDeleted(lbaas.lb, loadbalancer.ID)
+	if err != nil {
+		return fmt.Errorf("failed to delete loadbalancer: %v", err)
+	}
 
 	// Delete the Security Group
 	if lbaas.opts.ManageSecurityGroups {
@@ -1440,14 +1501,6 @@ func (lbaas *LbaasV2) EnsureLoadBalancerDeleted(clusterName string, service *v1.
 		if err != nil {
 			return fmt.Errorf("Failed to delete Security Group for loadbalancer service %s/%s: %v", service.Namespace, service.Name, err)
 		}
-
-		// delete the old Security Group for the service
-		// Related to #53764
-		// TODO(FengyunPan): Remove it at V1.10
-		err = lbaas.EnsureOldSecurityGroupDeleted(clusterName, service)
-		if err != nil {
-			return fmt.Errorf("Failed to delete the Security Group for loadbalancer service %s/%s: %v", service.Namespace, service.Name, err)
-		}
 	}
 
 	return nil
@@ -1459,77 +1512,11 @@ func (lbaas *LbaasV2) EnsureSecurityGroupDeleted(clusterName string, service *v1
 	lbSecGroupName := getSecurityGroupName(service)
 	lbSecGroupID, err := groups.IDFromName(lbaas.network, lbSecGroupName)
 	if err != nil {
-		// check whether security group does not exist
-		_, ok := err.(*gophercloud.ErrResourceNotFound)
-		if ok {
+		if isSecurityGroupNotFound(err) {
 			// It is OK when the security group has been deleted by others.
 			return nil
-		} else {
-			return fmt.Errorf("Error occurred finding security group: %s: %v", lbSecGroupName, err)
-		}
-	}
-
-	lbSecGroup := groups.Delete(lbaas.network, lbSecGroupID)
-	if lbSecGroup.Err != nil && !isNotFound(lbSecGroup.Err) {
-		return lbSecGroup.Err
-	}
-
-	if len(lbaas.opts.NodeSecurityGroupIDs) == 0 {
-		// Just happen when nodes have not Security Group, or should not happen
-		// UpdateLoadBalancer and EnsureLoadBalancer can set lbaas.opts.NodeSecurityGroupIDs when it is empty
-		// And service controller call UpdateLoadBalancer to set lbaas.opts.NodeSecurityGroupIDs when controller manager service is restarted.
-		glog.Warningf("Can not find node-security-group from all the nodes of this cluster when delete loadbalancer service %s/%s",
-			service.Namespace, service.Name)
-	} else {
-		// Delete the rules in the Node Security Group
-		for _, nodeSecurityGroupID := range lbaas.opts.NodeSecurityGroupIDs {
-			opts := rules.ListOpts{
-				SecGroupID:    nodeSecurityGroupID,
-				RemoteGroupID: lbSecGroupID,
-			}
-			secGroupRules, err := getSecurityGroupRules(lbaas.network, opts)
-
-			if err != nil && !isNotFound(err) {
-				msg := fmt.Sprintf("Error finding rules for remote group id %s in security group id %s: %v", lbSecGroupID, nodeSecurityGroupID, err)
-				return fmt.Errorf(msg)
-			}
-
-			for _, rule := range secGroupRules {
-				res := rules.Delete(lbaas.network, rule.ID)
-				if res.Err != nil && !isNotFound(res.Err) {
-					return fmt.Errorf("Error occurred deleting security group rule: %s: %v", rule.ID, res.Err)
-				}
-			}
-		}
-	}
-
-	return nil
-}
-
-// getOldSecurityGroupName is used to get the old security group name
-// Related to #53764
-// TODO(FengyunPan): Remove it at V1.10
-func getOldSecurityGroupName(clusterName string, service *v1.Service) string {
-	return fmt.Sprintf("lb-sg-%s-%v", clusterName, service.Name)
-}
-
-// EnsureOldSecurityGroupDeleted deleting old security group for specific loadbalancer service.
-// Related to #53764
-// TODO(FengyunPan): Remove it at V1.10
-func (lbaas *LbaasV2) EnsureOldSecurityGroupDeleted(clusterName string, service *v1.Service) error {
-	glog.V(4).Infof("EnsureOldSecurityGroupDeleted(%v, %v)", clusterName, service)
-	// Generate Name
-	lbSecGroupName := getOldSecurityGroupName(clusterName, service)
-	lbSecGroupID, err := groups.IDFromName(lbaas.network, lbSecGroupName)
-	if err != nil {
-		// check whether security group does not exist
-		_, ok := err.(*gophercloud.ErrResourceNotFound)
-		if ok {
-			// It is OK when the security group has been deleted by others.
-			return nil
-		} else {
-			return fmt.Errorf("Error occurred finding security group: %s: %v", lbSecGroupName, err)
 		}
+		return fmt.Errorf("Error occurred finding security group: %s: %v", lbSecGroupName, err)
 	}
 
 	lbSecGroup := groups.Delete(lbaas.network, lbSecGroupID)
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_metrics.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_metrics.go
index 75dc398cb5bc..ab8f9b687072 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_metrics.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_metrics.go
@@ -19,32 +19,32 @@ package openstack
 import "github.com/prometheus/client_golang/prometheus"
 
 const (
-	OpenstackSubsystem         = "openstack"
-	OpenstackOperationKey      = "cloudprovider_openstack_api_request_duration_seconds"
-	OpenstackOperationErrorKey = "cloudprovider_openstack_api_request_errors"
+	openstackSubsystem         = "openstack"
+	openstackOperationKey      = "cloudprovider_openstack_api_request_duration_seconds"
+	openstackOperationErrorKey = "cloudprovider_openstack_api_request_errors"
 )
 
 var (
-	OpenstackOperationsLatency = prometheus.NewHistogramVec(
+	openstackOperationsLatency = prometheus.NewHistogramVec(
 		prometheus.HistogramOpts{
-			Subsystem: OpenstackSubsystem,
-			Name:      OpenstackOperationKey,
+			Subsystem: openstackSubsystem,
+			Name:      openstackOperationKey,
 			Help:      "Latency of openstack api call",
 		},
 		[]string{"request"},
 	)
 
-	OpenstackApiRequestErrors = prometheus.NewCounterVec(
+	openstackAPIRequestErrors = prometheus.NewCounterVec(
 		prometheus.CounterOpts{
-			Subsystem: OpenstackSubsystem,
-			Name:      OpenstackOperationErrorKey,
+			Subsystem: openstackSubsystem,
+			Name:      openstackOperationErrorKey,
 			Help:      "Cumulative number of openstack Api call errors",
 		},
 		[]string{"request"},
 	)
 )
 
-func RegisterMetrics() {
-	prometheus.MustRegister(OpenstackOperationsLatency)
-	prometheus.MustRegister(OpenstackApiRequestErrors)
+func registerMetrics() {
+	prometheus.MustRegister(openstackOperationsLatency)
+	prometheus.MustRegister(openstackAPIRequestErrors)
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_routes.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_routes.go
index 2bffa8387d71..4b0b8047a7dd 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_routes.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_routes.go
@@ -17,6 +17,7 @@ limitations under the License.
 package openstack
 
 import (
+	"context"
 	"errors"
 	"net"
 
@@ -30,17 +31,19 @@ import (
 	"k8s.io/kubernetes/pkg/cloudprovider"
 )
 
-var ErrNoRouterId = errors.New("router-id not set in cloud provider config")
+var errNoRouterID = errors.New("router-id not set in cloud provider config")
 
+// Routes implements the cloudprovider.Routes for OpenStack clouds
 type Routes struct {
 	compute *gophercloud.ServiceClient
 	network *gophercloud.ServiceClient
 	opts    RouterOpts
 }
 
+// NewRoutes creates a new instance of Routes
 func NewRoutes(compute *gophercloud.ServiceClient, network *gophercloud.ServiceClient, opts RouterOpts) (cloudprovider.Routes, error) {
-	if opts.RouterId == "" {
-		return nil, ErrNoRouterId
+	if opts.RouterID == "" {
+		return nil, errNoRouterID
 	}
 
 	return &Routes{
@@ -50,11 +53,12 @@ func NewRoutes(compute *gophercloud.ServiceClient, network *gophercloud.ServiceC
 	}, nil
 }
 
-func (r *Routes) ListRoutes(clusterName string) ([]*cloudprovider.Route, error) {
+// ListRoutes lists all managed routes that belong to the specified clusterName
+func (r *Routes) ListRoutes(ctx context.Context, clusterName string) ([]*cloudprovider.Route, error) {
 	glog.V(4).Infof("ListRoutes(%v)", clusterName)
 
 	nodeNamesByAddr := make(map[string]types.NodeName)
-	err := foreachServer(r.compute, servers.ListOpts{Status: "ACTIVE"}, func(srv *servers.Server) (bool, error) {
+	err := foreachServer(r.compute, servers.ListOpts{}, func(srv *servers.Server) (bool, error) {
 		addrs, err := nodeAddresses(srv)
 		if err != nil {
 			return false, err
@@ -71,22 +75,18 @@ func (r *Routes) ListRoutes(clusterName string) ([]*cloudprovider.Route, error)
 		return nil, err
 	}
 
-	router, err := routers.Get(r.network, r.opts.RouterId).Extract()
+	router, err := routers.Get(r.network, r.opts.RouterID).Extract()
 	if err != nil {
 		return nil, err
 	}
 
 	var routes []*cloudprovider.Route
 	for _, item := range router.Routes {
-		nodeName, ok := nodeNamesByAddr[item.NextHop]
-		if !ok {
-			// Not one of our routes?
-			glog.V(4).Infof("Skipping route with unknown nexthop %v", item.NextHop)
-			continue
-		}
+		nodeName, foundNode := nodeNamesByAddr[item.NextHop]
 		route := cloudprovider.Route{
 			Name:            item.DestinationCIDR,
-			TargetNode:      nodeName,
+			TargetNode:      nodeName, //empty if NextHop is unknown
+			Blackhole:       !foundNode,
 			DestinationCIDR: item.DestinationCIDR,
 		}
 		routes = append(routes, &route)
@@ -141,10 +141,11 @@ func updateAllowedAddressPairs(network *gophercloud.ServiceClient, port *neutron
 	return unwinder, nil
 }
 
-func (r *Routes) CreateRoute(clusterName string, nameHint string, route *cloudprovider.Route) error {
+// CreateRoute creates the described managed route
+func (r *Routes) CreateRoute(ctx context.Context, clusterName string, nameHint string, route *cloudprovider.Route) error {
 	glog.V(4).Infof("CreateRoute(%v, %v, %v)", clusterName, nameHint, route)
 
-	onFailure := NewCaller()
+	onFailure := newCaller()
 
 	ip, _, _ := net.ParseCIDR(route.DestinationCIDR)
 	isCIDRv6 := ip.To4() == nil
@@ -156,7 +157,7 @@ func (r *Routes) CreateRoute(clusterName string, nameHint string, route *cloudpr
 
 	glog.V(4).Infof("Using nexthop %v for node %v", addr, route.TargetNode)
 
-	router, err := routers.Get(r.network, r.opts.RouterId).Extract()
+	router, err := routers.Get(r.network, r.opts.RouterID).Extract()
 	if err != nil {
 		return err
 	}
@@ -179,7 +180,7 @@ func (r *Routes) CreateRoute(clusterName string, nameHint string, route *cloudpr
 	if err != nil {
 		return err
 	}
-	defer onFailure.Call(unwind)
+	defer onFailure.call(unwind)
 
 	// get the port of addr on target node.
 	portID, err := getPortIDByIP(r.compute, route.TargetNode, addr)
@@ -208,18 +209,19 @@ func (r *Routes) CreateRoute(clusterName string, nameHint string, route *cloudpr
 		if err != nil {
 			return err
 		}
-		defer onFailure.Call(unwind)
+		defer onFailure.call(unwind)
 	}
 
 	glog.V(4).Infof("Route created: %v", route)
-	onFailure.Disarm()
+	onFailure.disarm()
 	return nil
 }
 
-func (r *Routes) DeleteRoute(clusterName string, route *cloudprovider.Route) error {
+// DeleteRoute deletes the specified managed route
+func (r *Routes) DeleteRoute(ctx context.Context, clusterName string, route *cloudprovider.Route) error {
 	glog.V(4).Infof("DeleteRoute(%v, %v)", clusterName, route)
 
-	onFailure := NewCaller()
+	onFailure := newCaller()
 
 	ip, _, _ := net.ParseCIDR(route.DestinationCIDR)
 	isCIDRv6 := ip.To4() == nil
@@ -229,7 +231,7 @@ func (r *Routes) DeleteRoute(clusterName string, route *cloudprovider.Route) err
 		return err
 	}
 
-	router, err := routers.Get(r.network, r.opts.RouterId).Extract()
+	router, err := routers.Get(r.network, r.opts.RouterID).Extract()
 	if err != nil {
 		return err
 	}
@@ -256,7 +258,7 @@ func (r *Routes) DeleteRoute(clusterName string, route *cloudprovider.Route) err
 	if err != nil {
 		return err
 	}
-	defer onFailure.Call(unwind)
+	defer onFailure.call(unwind)
 
 	// get the port of addr on target node.
 	portID, err := getPortIDByIP(r.compute, route.TargetNode, addr)
@@ -268,9 +270,9 @@ func (r *Routes) DeleteRoute(clusterName string, route *cloudprovider.Route) err
 		return err
 	}
 
-	addr_pairs := port.AllowedAddressPairs
+	addrPairs := port.AllowedAddressPairs
 	index = -1
-	for i, item := range addr_pairs {
+	for i, item := range addrPairs {
 		if item.IPAddress == route.DestinationCIDR {
 			index = i
 			break
@@ -279,23 +281,23 @@ func (r *Routes) DeleteRoute(clusterName string, route *cloudprovider.Route) err
 
 	if index != -1 {
 		// Delete element `index`
-		addr_pairs[index] = addr_pairs[len(addr_pairs)-1]
-		addr_pairs = addr_pairs[:len(addr_pairs)-1]
+		addrPairs[index] = addrPairs[len(addrPairs)-1]
+		addrPairs = addrPairs[:len(addrPairs)-1]
 
-		unwind, err := updateAllowedAddressPairs(r.network, port, addr_pairs)
+		unwind, err := updateAllowedAddressPairs(r.network, port, addrPairs)
 		if err != nil {
 			return err
 		}
-		defer onFailure.Call(unwind)
+		defer onFailure.call(unwind)
 	}
 
 	glog.V(4).Infof("Route deleted: %v", route)
-	onFailure.Disarm()
+	onFailure.disarm()
 	return nil
 }
 
 func getPortIDByIP(compute *gophercloud.ServiceClient, targetNode types.NodeName, ipAddress string) (string, error) {
-	srv, err := getServerByName(compute, targetNode)
+	srv, err := getServerByName(compute, targetNode, true)
 	if err != nil {
 		return "", err
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_volumes.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_volumes.go
index e95f2330fd20..37c71c36fe9a 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_volumes.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/openstack/openstack_volumes.go
@@ -17,6 +17,8 @@ limitations under the License.
 package openstack
 
 import (
+	"context"
+	"errors"
 	"fmt"
 	"io/ioutil"
 	"path"
@@ -24,8 +26,13 @@ import (
 	"strings"
 	"time"
 
+	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/resource"
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/kubernetes/pkg/cloudprovider"
+	kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis"
 	k8s_volume "k8s.io/kubernetes/pkg/volume"
+	volumeutil "k8s.io/kubernetes/pkg/volume/util"
 
 	"github.com/gophercloud/gophercloud"
 	volumeexpand "github.com/gophercloud/gophercloud/openstack/blockstorage/extensions/volumeactions"
@@ -39,35 +46,38 @@ import (
 )
 
 type volumeService interface {
-	createVolume(opts VolumeCreateOpts) (string, string, error)
+	createVolume(opts volumeCreateOpts) (string, string, error)
 	getVolume(volumeID string) (Volume, error)
 	deleteVolume(volumeName string) error
 	expandVolume(volumeID string, newSize int) error
 }
 
-// Volumes implementation for v1
+// VolumesV1 is a Volumes implementation for cinder v1
 type VolumesV1 struct {
 	blockstorage *gophercloud.ServiceClient
 	opts         BlockStorageOpts
 }
 
-// Volumes implementation for v2
+// VolumesV2 is a Volumes implementation for cinder v2
 type VolumesV2 struct {
 	blockstorage *gophercloud.ServiceClient
 	opts         BlockStorageOpts
 }
 
-// Volumes implementation for v3
+// VolumesV3 is a Volumes implementation for cinder v3
 type VolumesV3 struct {
 	blockstorage *gophercloud.ServiceClient
 	opts         BlockStorageOpts
 }
 
+// Volume stores information about a single volume
 type Volume struct {
 	// ID of the instance, to which this volume is attached. "" if not attached
-	AttachedServerId string
+	AttachedServerID string
 	// Device file path
 	AttachedDevice string
+	// availabilityZone is which availability zone the volume is in
+	AvailabilityZone string
 	// Unique identifier for the volume.
 	ID string
 	// Human-readable display name for the volume.
@@ -78,7 +88,7 @@ type Volume struct {
 	Size int
 }
 
-type VolumeCreateOpts struct {
+type volumeCreateOpts struct {
 	Size         int
 	Availability string
 	Name         string
@@ -86,22 +96,25 @@ type VolumeCreateOpts struct {
 	Metadata     map[string]string
 }
 
+// implements PVLabeler.
+var _ cloudprovider.PVLabeler = (*OpenStack)(nil)
+
 const (
-	VolumeAvailableStatus = "available"
-	VolumeInUseStatus     = "in-use"
-	VolumeDeletedStatus   = "deleted"
-	VolumeErrorStatus     = "error"
+	volumeAvailableStatus = "available"
+	volumeInUseStatus     = "in-use"
+	volumeDeletedStatus   = "deleted"
+	volumeErrorStatus     = "error"
 
 	// On some environments, we need to query the metadata service in order
 	// to locate disks. We'll use the Newton version, which includes device
 	// metadata.
-	NewtonMetadataVersion = "2016-06-30"
+	newtonMetadataVersion = "2016-06-30"
 )
 
-func (volumes *VolumesV1) createVolume(opts VolumeCreateOpts) (string, string, error) {
+func (volumes *VolumesV1) createVolume(opts volumeCreateOpts) (string, string, error) {
 	startTime := time.Now()
 
-	create_opts := volumes_v1.CreateOpts{
+	createOpts := volumes_v1.CreateOpts{
 		Name:             opts.Name,
 		Size:             opts.Size,
 		VolumeType:       opts.VolumeType,
@@ -109,7 +122,7 @@ func (volumes *VolumesV1) createVolume(opts VolumeCreateOpts) (string, string, e
 		Metadata:         opts.Metadata,
 	}
 
-	vol, err := volumes_v1.Create(volumes.blockstorage, create_opts).Extract()
+	vol, err := volumes_v1.Create(volumes.blockstorage, createOpts).Extract()
 	timeTaken := time.Since(startTime).Seconds()
 	recordOpenstackOperationMetric("create_v1_volume", timeTaken, err)
 	if err != nil {
@@ -118,10 +131,10 @@ func (volumes *VolumesV1) createVolume(opts VolumeCreateOpts) (string, string, e
 	return vol.ID, vol.AvailabilityZone, nil
 }
 
-func (volumes *VolumesV2) createVolume(opts VolumeCreateOpts) (string, string, error) {
+func (volumes *VolumesV2) createVolume(opts volumeCreateOpts) (string, string, error) {
 	startTime := time.Now()
 
-	create_opts := volumes_v2.CreateOpts{
+	createOpts := volumes_v2.CreateOpts{
 		Name:             opts.Name,
 		Size:             opts.Size,
 		VolumeType:       opts.VolumeType,
@@ -129,7 +142,7 @@ func (volumes *VolumesV2) createVolume(opts VolumeCreateOpts) (string, string, e
 		Metadata:         opts.Metadata,
 	}
 
-	vol, err := volumes_v2.Create(volumes.blockstorage, create_opts).Extract()
+	vol, err := volumes_v2.Create(volumes.blockstorage, createOpts).Extract()
 	timeTaken := time.Since(startTime).Seconds()
 	recordOpenstackOperationMetric("create_v2_volume", timeTaken, err)
 	if err != nil {
@@ -138,10 +151,10 @@ func (volumes *VolumesV2) createVolume(opts VolumeCreateOpts) (string, string, e
 	return vol.ID, vol.AvailabilityZone, nil
 }
 
-func (volumes *VolumesV3) createVolume(opts VolumeCreateOpts) (string, string, error) {
+func (volumes *VolumesV3) createVolume(opts volumeCreateOpts) (string, string, error) {
 	startTime := time.Now()
 
-	create_opts := volumes_v3.CreateOpts{
+	createOpts := volumes_v3.CreateOpts{
 		Name:             opts.Name,
 		Size:             opts.Size,
 		VolumeType:       opts.VolumeType,
@@ -149,7 +162,7 @@ func (volumes *VolumesV3) createVolume(opts VolumeCreateOpts) (string, string, e
 		Metadata:         opts.Metadata,
 	}
 
-	vol, err := volumes_v3.Create(volumes.blockstorage, create_opts).Extract()
+	vol, err := volumes_v3.Create(volumes.blockstorage, createOpts).Extract()
 	timeTaken := time.Since(startTime).Seconds()
 	recordOpenstackOperationMetric("create_v3_volume", timeTaken, err)
 	if err != nil {
@@ -168,14 +181,15 @@ func (volumes *VolumesV1) getVolume(volumeID string) (Volume, error) {
 	}
 
 	volume := Volume{
-		ID:     volumeV1.ID,
-		Name:   volumeV1.Name,
-		Status: volumeV1.Status,
-		Size:   volumeV1.Size,
+		AvailabilityZone: volumeV1.AvailabilityZone,
+		ID:               volumeV1.ID,
+		Name:             volumeV1.Name,
+		Status:           volumeV1.Status,
+		Size:             volumeV1.Size,
 	}
 
 	if len(volumeV1.Attachments) > 0 && volumeV1.Attachments[0]["server_id"] != nil {
-		volume.AttachedServerId = volumeV1.Attachments[0]["server_id"].(string)
+		volume.AttachedServerID = volumeV1.Attachments[0]["server_id"].(string)
 		volume.AttachedDevice = volumeV1.Attachments[0]["device"].(string)
 	}
 
@@ -192,14 +206,15 @@ func (volumes *VolumesV2) getVolume(volumeID string) (Volume, error) {
 	}
 
 	volume := Volume{
-		ID:     volumeV2.ID,
-		Name:   volumeV2.Name,
-		Status: volumeV2.Status,
-		Size:   volumeV2.Size,
+		AvailabilityZone: volumeV2.AvailabilityZone,
+		ID:               volumeV2.ID,
+		Name:             volumeV2.Name,
+		Status:           volumeV2.Status,
+		Size:             volumeV2.Size,
 	}
 
 	if len(volumeV2.Attachments) > 0 {
-		volume.AttachedServerId = volumeV2.Attachments[0].ServerID
+		volume.AttachedServerID = volumeV2.Attachments[0].ServerID
 		volume.AttachedDevice = volumeV2.Attachments[0].Device
 	}
 
@@ -216,13 +231,14 @@ func (volumes *VolumesV3) getVolume(volumeID string) (Volume, error) {
 	}
 
 	volume := Volume{
-		ID:     volumeV3.ID,
-		Name:   volumeV3.Name,
-		Status: volumeV3.Status,
+		AvailabilityZone: volumeV3.AvailabilityZone,
+		ID:               volumeV3.ID,
+		Name:             volumeV3.Name,
+		Status:           volumeV3.Status,
 	}
 
 	if len(volumeV3.Attachments) > 0 {
-		volume.AttachedServerId = volumeV3.Attachments[0].ServerID
+		volume.AttachedServerID = volumeV3.Attachments[0].ServerID
 		volume.AttachedDevice = volumeV3.Attachments[0].Device
 	}
 
@@ -255,10 +271,10 @@ func (volumes *VolumesV3) deleteVolume(volumeID string) error {
 
 func (volumes *VolumesV1) expandVolume(volumeID string, newSize int) error {
 	startTime := time.Now()
-	create_opts := volumeexpand.ExtendSizeOpts{
+	createOpts := volumeexpand.ExtendSizeOpts{
 		NewSize: newSize,
 	}
-	err := volumeexpand.ExtendSize(volumes.blockstorage, volumeID, create_opts).ExtractErr()
+	err := volumeexpand.ExtendSize(volumes.blockstorage, volumeID, createOpts).ExtractErr()
 	timeTaken := time.Since(startTime).Seconds()
 	recordOpenstackOperationMetric("expand_volume", timeTaken, err)
 	return err
@@ -266,10 +282,10 @@ func (volumes *VolumesV1) expandVolume(volumeID string, newSize int) error {
 
 func (volumes *VolumesV2) expandVolume(volumeID string, newSize int) error {
 	startTime := time.Now()
-	create_opts := volumeexpand.ExtendSizeOpts{
+	createOpts := volumeexpand.ExtendSizeOpts{
 		NewSize: newSize,
 	}
-	err := volumeexpand.ExtendSize(volumes.blockstorage, volumeID, create_opts).ExtractErr()
+	err := volumeexpand.ExtendSize(volumes.blockstorage, volumeID, createOpts).ExtractErr()
 	timeTaken := time.Since(startTime).Seconds()
 	recordOpenstackOperationMetric("expand_volume", timeTaken, err)
 	return err
@@ -277,25 +293,26 @@ func (volumes *VolumesV2) expandVolume(volumeID string, newSize int) error {
 
 func (volumes *VolumesV3) expandVolume(volumeID string, newSize int) error {
 	startTime := time.Now()
-	create_opts := volumeexpand.ExtendSizeOpts{
+	createOpts := volumeexpand.ExtendSizeOpts{
 		NewSize: newSize,
 	}
-	err := volumeexpand.ExtendSize(volumes.blockstorage, volumeID, create_opts).ExtractErr()
+	err := volumeexpand.ExtendSize(volumes.blockstorage, volumeID, createOpts).ExtractErr()
 	timeTaken := time.Since(startTime).Seconds()
 	recordOpenstackOperationMetric("expand_volume", timeTaken, err)
 	return err
 }
 
+// OperationPending checks if there is an operation pending on a volume
 func (os *OpenStack) OperationPending(diskName string) (bool, string, error) {
 	volume, err := os.getVolume(diskName)
 	if err != nil {
 		return false, "", err
 	}
 	volumeStatus := volume.Status
-	if volumeStatus == VolumeErrorStatus {
+	if volumeStatus == volumeErrorStatus {
 		return false, volumeStatus, nil
 	}
-	if volumeStatus == VolumeAvailableStatus || volumeStatus == VolumeInUseStatus || volumeStatus == VolumeDeletedStatus {
+	if volumeStatus == volumeAvailableStatus || volumeStatus == volumeInUseStatus || volumeStatus == volumeDeletedStatus {
 		return false, volume.Status, nil
 	}
 	return true, volumeStatus, nil
@@ -313,12 +330,22 @@ func (os *OpenStack) AttachDisk(instanceID, volumeID string) (string, error) {
 		return "", err
 	}
 
-	if volume.AttachedServerId != "" {
-		if instanceID == volume.AttachedServerId {
+	if volume.AttachedServerID != "" {
+		if instanceID == volume.AttachedServerID {
 			glog.V(4).Infof("Disk %s is already attached to instance %s", volumeID, instanceID)
 			return volume.ID, nil
 		}
-		return "", fmt.Errorf("disk %s is attached to a different instance (%s)", volumeID, volume.AttachedServerId)
+		nodeName, err := os.GetNodeNameByID(volume.AttachedServerID)
+		attachErr := fmt.Sprintf("disk %s path %s is attached to a different instance (%s)", volumeID, volume.AttachedDevice, volume.AttachedServerID)
+		if err != nil {
+			glog.Error(attachErr)
+			return "", errors.New(attachErr)
+		}
+		// using volume.AttachedDevice may cause problems because cinder does not report device path correctly see issue #33128
+		devicePath := volume.AttachedDevice
+		danglingErr := volumeutil.NewDanglingError(attachErr, nodeName, devicePath)
+		glog.V(2).Infof("Found dangling volume %s attached to node %s", volumeID, nodeName)
+		return "", danglingErr
 	}
 
 	startTime := time.Now()
@@ -341,34 +368,34 @@ func (os *OpenStack) DetachDisk(instanceID, volumeID string) error {
 	if err != nil {
 		return err
 	}
-	if volume.Status == VolumeAvailableStatus {
+	if volume.Status == volumeAvailableStatus {
 		// "available" is fine since that means the volume is detached from instance already.
 		glog.V(2).Infof("volume: %s has been detached from compute: %s ", volume.ID, instanceID)
 		return nil
 	}
 
-	if volume.Status != VolumeInUseStatus {
+	if volume.Status != volumeInUseStatus {
 		return fmt.Errorf("can not detach volume %s, its status is %s", volume.Name, volume.Status)
 	}
 	cClient, err := os.NewComputeV2()
 	if err != nil {
 		return err
 	}
-	if volume.AttachedServerId != instanceID {
+	if volume.AttachedServerID != instanceID {
 		return fmt.Errorf("disk: %s has no attachments or is not attached to compute: %s", volume.Name, instanceID)
-	} else {
-		startTime := time.Now()
-		// This is a blocking call and effects kubelet's performance directly.
-		// We should consider kicking it out into a separate routine, if it is bad.
-		err = volumeattach.Delete(cClient, instanceID, volume.ID).ExtractErr()
-		timeTaken := time.Since(startTime).Seconds()
-		recordOpenstackOperationMetric("detach_disk", timeTaken, err)
-		if err != nil {
-			return fmt.Errorf("failed to delete volume %s from compute %s attached %v", volume.ID, instanceID, err)
-		}
-		glog.V(2).Infof("Successfully detached volume: %s from compute: %s", volume.ID, instanceID)
 	}
 
+	startTime := time.Now()
+	// This is a blocking call and effects kubelet's performance directly.
+	// We should consider kicking it out into a separate routine, if it is bad.
+	err = volumeattach.Delete(cClient, instanceID, volume.ID).ExtractErr()
+	timeTaken := time.Since(startTime).Seconds()
+	recordOpenstackOperationMetric("detach_disk", timeTaken, err)
+	if err != nil {
+		return fmt.Errorf("failed to delete volume %s from compute %s attached %v", volume.ID, instanceID, err)
+	}
+	glog.V(2).Infof("Successfully detached volume: %s from compute: %s", volume.ID, instanceID)
+
 	return nil
 }
 
@@ -378,14 +405,14 @@ func (os *OpenStack) ExpandVolume(volumeID string, oldSize resource.Quantity, ne
 	if err != nil {
 		return oldSize, err
 	}
-	if volume.Status != VolumeAvailableStatus {
+	if volume.Status != volumeAvailableStatus {
 		// cinder volume can not be expanded if its status is not available
 		return oldSize, fmt.Errorf("volume status is not available")
 	}
 
 	volSizeBytes := newSize.Value()
 	// Cinder works with gigabytes, convert to GiB with rounding up
-	volSizeGB := int(k8s_volume.RoundUpSize(volSizeBytes, 1024*1024*1024))
+	volSizeGB := int(volumeutil.RoundUpSize(volSizeBytes, 1024*1024*1024))
 	newSizeQuant := resource.MustParse(fmt.Sprintf("%dGi", volSizeGB))
 
 	// if volume size equals to or greater than the newSize, return nil
@@ -421,7 +448,7 @@ func (os *OpenStack) CreateVolume(name string, size int, vtype, availability str
 		return "", "", os.bsOpts.IgnoreVolumeAZ, fmt.Errorf("unable to initialize cinder client for region: %s, err: %v", os.region, err)
 	}
 
-	opts := VolumeCreateOpts{
+	opts := volumeCreateOpts{
 		Name:         name,
 		Size:         size,
 		VolumeType:   vtype,
@@ -441,8 +468,8 @@ func (os *OpenStack) CreateVolume(name string, size int, vtype, availability str
 	return volumeID, volumeAZ, os.bsOpts.IgnoreVolumeAZ, nil
 }
 
-// GetDevicePath returns the path of an attached block storage volume, specified by its id.
-func (os *OpenStack) GetDevicePathBySerialId(volumeID string) string {
+// GetDevicePathBySerialID returns the path of an attached block storage volume, specified by its id.
+func (os *OpenStack) GetDevicePathBySerialID(volumeID string) string {
 	// Build a list of candidate device paths.
 	// Certain Nova drivers will set the disk serial ID, including the Cinder volume id.
 	candidateDeviceNodes := []string{
@@ -469,7 +496,7 @@ func (os *OpenStack) GetDevicePathBySerialId(volumeID string) string {
 	return ""
 }
 
-func (os *OpenStack) GetDevicePathFromInstanceMetadata(volumeID string) string {
+func (os *OpenStack) getDevicePathFromInstanceMetadata(volumeID string) string {
 	// Nova Hyper-V hosts cannot override disk SCSI IDs. In order to locate
 	// volumes, we're querying the metadata service. Note that the Hyper-V
 	// driver will include device metadata for untagged volumes as well.
@@ -477,7 +504,7 @@ func (os *OpenStack) GetDevicePathFromInstanceMetadata(volumeID string) string {
 	// We're avoiding using cached metadata (or the configdrive),
 	// relying on the metadata service.
 	instanceMetadata, err := getMetadataFromMetadataService(
-		NewtonMetadataVersion)
+		newtonMetadataVersion)
 
 	if err != nil {
 		glog.V(4).Infof(
@@ -520,10 +547,10 @@ func (os *OpenStack) GetDevicePathFromInstanceMetadata(volumeID string) string {
 
 // GetDevicePath returns the path of an attached block storage volume, specified by its id.
 func (os *OpenStack) GetDevicePath(volumeID string) string {
-	devicePath := os.GetDevicePathBySerialId(volumeID)
+	devicePath := os.GetDevicePathBySerialID(volumeID)
 
 	if devicePath == "" {
-		devicePath = os.GetDevicePathFromInstanceMetadata(volumeID)
+		devicePath = os.getDevicePathFromInstanceMetadata(volumeID)
 	}
 
 	if devicePath == "" {
@@ -533,6 +560,7 @@ func (os *OpenStack) GetDevicePath(volumeID string) string {
 	return devicePath
 }
 
+// DeleteVolume deletes a volume given volume name.
 func (os *OpenStack) DeleteVolume(volumeID string) error {
 	used, err := os.diskIsUsed(volumeID)
 	if err != nil {
@@ -561,48 +589,101 @@ func (os *OpenStack) GetAttachmentDiskPath(instanceID, volumeID string) (string,
 	if err != nil {
 		return "", err
 	}
-	if volume.Status != VolumeInUseStatus {
+	if volume.Status != volumeInUseStatus {
 		return "", fmt.Errorf("can not get device path of volume %s, its status is %s ", volume.Name, volume.Status)
 	}
-	if volume.AttachedServerId != "" {
-		if instanceID == volume.AttachedServerId {
+	if volume.AttachedServerID != "" {
+		if instanceID == volume.AttachedServerID {
 			// Attachment[0]["device"] points to the device path
 			// see http://developer.openstack.org/api-ref-blockstorage-v1.html
 			return volume.AttachedDevice, nil
-		} else {
-			return "", fmt.Errorf("disk %q is attached to a different compute: %q, should be detached before proceeding", volumeID, volume.AttachedServerId)
 		}
+		return "", fmt.Errorf("disk %q is attached to a different compute: %q, should be detached before proceeding", volumeID, volume.AttachedServerID)
 	}
 	return "", fmt.Errorf("volume %s has no ServerId", volumeID)
 }
 
 // DiskIsAttached queries if a volume is attached to a compute instance
 func (os *OpenStack) DiskIsAttached(instanceID, volumeID string) (bool, error) {
+	if instanceID == "" {
+		glog.Warningf("calling DiskIsAttached with empty instanceid: %s %s", instanceID, volumeID)
+	}
 	volume, err := os.getVolume(volumeID)
 	if err != nil {
 		return false, err
 	}
 
-	return instanceID == volume.AttachedServerId, nil
+	return instanceID == volume.AttachedServerID, nil
+}
+
+// DiskIsAttachedByName queries if a volume is attached to a compute instance by name
+func (os *OpenStack) DiskIsAttachedByName(nodeName types.NodeName, volumeID string) (bool, string, error) {
+	cClient, err := os.NewComputeV2()
+	if err != nil {
+		return false, "", err
+	}
+	srv, err := getServerByName(cClient, nodeName, false)
+	if err != nil {
+		if err == ErrNotFound {
+			// instance not found anymore in cloudprovider, assume that cinder is detached
+			return false, "", nil
+		}
+		return false, "", err
+	}
+	instanceID := "/" + srv.ID
+	if ind := strings.LastIndex(instanceID, "/"); ind >= 0 {
+		instanceID = instanceID[(ind + 1):]
+	}
+	attached, err := os.DiskIsAttached(instanceID, volumeID)
+	return attached, instanceID, err
 }
 
 // DisksAreAttached queries if a list of volumes are attached to a compute instance
 func (os *OpenStack) DisksAreAttached(instanceID string, volumeIDs []string) (map[string]bool, error) {
 	attached := make(map[string]bool)
 	for _, volumeID := range volumeIDs {
-		isAttached, _ := os.DiskIsAttached(instanceID, volumeID)
+		isAttached, err := os.DiskIsAttached(instanceID, volumeID)
+		if err != nil && err != ErrNotFound {
+			attached[volumeID] = true
+			continue
+		}
 		attached[volumeID] = isAttached
 	}
 	return attached, nil
 }
 
+// DisksAreAttachedByName queries if a list of volumes are attached to a compute instance by name
+func (os *OpenStack) DisksAreAttachedByName(nodeName types.NodeName, volumeIDs []string) (map[string]bool, error) {
+	attached := make(map[string]bool)
+	cClient, err := os.NewComputeV2()
+	if err != nil {
+		return attached, err
+	}
+	srv, err := getServerByName(cClient, nodeName, false)
+	if err != nil {
+		if err == ErrNotFound {
+			// instance not found anymore, mark all volumes as detached
+			for _, volumeID := range volumeIDs {
+				attached[volumeID] = false
+			}
+			return attached, nil
+		}
+		return attached, err
+	}
+	instanceID := "/" + srv.ID
+	if ind := strings.LastIndex(instanceID, "/"); ind >= 0 {
+		instanceID = instanceID[(ind + 1):]
+	}
+	return os.DisksAreAttached(instanceID, volumeIDs)
+}
+
 // diskIsUsed returns true a disk is attached to any node.
 func (os *OpenStack) diskIsUsed(volumeID string) (bool, error) {
 	volume, err := os.getVolume(volumeID)
 	if err != nil {
 		return false, err
 	}
-	return volume.AttachedServerId != "", nil
+	return volume.AttachedServerID != "", nil
 }
 
 // ShouldTrustDevicePath queries if we should trust the cinder provide deviceName, See issue #33128
@@ -610,11 +691,33 @@ func (os *OpenStack) ShouldTrustDevicePath() bool {
 	return os.bsOpts.TrustDevicePath
 }
 
+// GetLabelsForVolume implements PVLabeler.GetLabelsForVolume
+func (os *OpenStack) GetLabelsForVolume(ctx context.Context, pv *v1.PersistentVolume) (map[string]string, error) {
+	// Ignore any volumes that are being provisioned
+	if pv.Spec.Cinder.VolumeID == k8s_volume.ProvisionedVolumeName {
+		return nil, nil
+	}
+
+	// Get Volume
+	volume, err := os.getVolume(pv.Spec.Cinder.VolumeID)
+	if err != nil {
+		return nil, err
+	}
+
+	// Construct Volume Labels
+	labels := make(map[string]string)
+	labels[kubeletapis.LabelZoneFailureDomain] = volume.AvailabilityZone
+	labels[kubeletapis.LabelZoneRegion] = os.region
+	glog.V(4).Infof("The Volume %s has labels %v", pv.Spec.Cinder.VolumeID, labels)
+
+	return labels, nil
+}
+
 // recordOpenstackOperationMetric records openstack operation metrics
 func recordOpenstackOperationMetric(operation string, timeTaken float64, err error) {
 	if err != nil {
-		OpenstackApiRequestErrors.With(prometheus.Labels{"request": operation}).Inc()
+		openstackAPIRequestErrors.With(prometheus.Labels{"request": operation}).Inc()
 	} else {
-		OpenstackOperationsLatency.With(prometheus.Labels{"request": operation}).Observe(timeTaken)
+		openstackOperationsLatency.With(prometheus.Labels{"request": operation}).Observe(timeTaken)
 	}
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/ovirt/BUILD b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/ovirt/BUILD
index a3ec5a0034a0..72d16ebcfe4d 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/ovirt/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/ovirt/BUILD
@@ -22,8 +22,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["ovirt_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/cloudprovider/providers/ovirt",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//pkg/cloudprovider:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/ovirt/ovirt.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/ovirt/ovirt.go
index e688257ad87c..708358eec6d3 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/ovirt/ovirt.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/ovirt/ovirt.go
@@ -17,6 +17,7 @@ limitations under the License.
 package ovirt
 
 import (
+	"context"
 	"encoding/xml"
 	"fmt"
 	"io"
@@ -128,11 +129,6 @@ func (v *OVirtCloud) ProviderName() string {
 	return ProviderName
 }
 
-// ScrubDNS filters DNS settings for pods.
-func (v *OVirtCloud) ScrubDNS(nameservers, searches []string) (nsOut, srchOut []string) {
-	return nameservers, searches
-}
-
 // HasClusterID returns true if the cluster has a clusterID
 func (v *OVirtCloud) HasClusterID() bool {
 	return true
@@ -159,7 +155,7 @@ func (v *OVirtCloud) Routes() (cloudprovider.Routes, bool) {
 }
 
 // NodeAddresses returns the NodeAddresses of the instance with the specified nodeName.
-func (v *OVirtCloud) NodeAddresses(nodeName types.NodeName) ([]v1.NodeAddress, error) {
+func (v *OVirtCloud) NodeAddresses(ctx context.Context, nodeName types.NodeName) ([]v1.NodeAddress, error) {
 	name := mapNodeNameToInstanceName(nodeName)
 	instance, err := v.fetchInstance(name)
 	if err != nil {
@@ -190,7 +186,7 @@ func (v *OVirtCloud) NodeAddresses(nodeName types.NodeName) ([]v1.NodeAddress, e
 // NodeAddressesByProviderID returns the node addresses of an instances with the specified unique providerID
 // This method will not be called from the node that is requesting this ID. i.e. metadata service
 // and other local methods cannot be used here
-func (v *OVirtCloud) NodeAddressesByProviderID(providerID string) ([]v1.NodeAddress, error) {
+func (v *OVirtCloud) NodeAddressesByProviderID(ctx context.Context, providerID string) ([]v1.NodeAddress, error) {
 	return []v1.NodeAddress{}, cloudprovider.NotImplemented
 }
 
@@ -201,7 +197,7 @@ func mapNodeNameToInstanceName(nodeName types.NodeName) string {
 }
 
 // ExternalID returns the cloud provider ID of the specified node with the specified NodeName (deprecated).
-func (v *OVirtCloud) ExternalID(nodeName types.NodeName) (string, error) {
+func (v *OVirtCloud) ExternalID(ctx context.Context, nodeName types.NodeName) (string, error) {
 	name := mapNodeNameToInstanceName(nodeName)
 	instance, err := v.fetchInstance(name)
 	if err != nil {
@@ -212,12 +208,12 @@ func (v *OVirtCloud) ExternalID(nodeName types.NodeName) (string, error) {
 
 // InstanceExistsByProviderID returns true if the instance with the given provider id still exists and is running.
 // If false is returned with no error, the instance will be immediately deleted by the cloud controller manager.
-func (v *OVirtCloud) InstanceExistsByProviderID(providerID string) (bool, error) {
+func (v *OVirtCloud) InstanceExistsByProviderID(ctx context.Context, providerID string) (bool, error) {
 	return false, cloudprovider.NotImplemented
 }
 
 // InstanceID returns the cloud provider ID of the node with the specified NodeName.
-func (v *OVirtCloud) InstanceID(nodeName types.NodeName) (string, error) {
+func (v *OVirtCloud) InstanceID(ctx context.Context, nodeName types.NodeName) (string, error) {
 	name := mapNodeNameToInstanceName(nodeName)
 	instance, err := v.fetchInstance(name)
 	if err != nil {
@@ -231,12 +227,12 @@ func (v *OVirtCloud) InstanceID(nodeName types.NodeName) (string, error) {
 // InstanceTypeByProviderID returns the cloudprovider instance type of the node with the specified unique providerID
 // This method will not be called from the node that is requesting this ID. i.e. metadata service
 // and other local methods cannot be used here
-func (v *OVirtCloud) InstanceTypeByProviderID(providerID string) (string, error) {
+func (v *OVirtCloud) InstanceTypeByProviderID(ctx context.Context, providerID string) (string, error) {
 	return "", cloudprovider.NotImplemented
 }
 
 // InstanceType returns the type of the specified instance.
-func (v *OVirtCloud) InstanceType(name types.NodeName) (string, error) {
+func (v *OVirtCloud) InstanceType(ctx context.Context, name types.NodeName) (string, error) {
 	return "", nil
 }
 
@@ -315,10 +311,10 @@ func (m *OVirtInstanceMap) ListSortedNames() []string {
 }
 
 // Implementation of Instances.CurrentNodeName
-func (v *OVirtCloud) CurrentNodeName(hostname string) (types.NodeName, error) {
+func (v *OVirtCloud) CurrentNodeName(ctx context.Context, hostname string) (types.NodeName, error) {
 	return types.NodeName(hostname), nil
 }
 
-func (v *OVirtCloud) AddSSHKeyToAllInstances(user string, keyData []byte) error {
+func (v *OVirtCloud) AddSSHKeyToAllInstances(ctx context.Context, user string, keyData []byte) error {
 	return cloudprovider.NotImplemented
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/photon/BUILD b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/photon/BUILD
index 052159a13e88..145d76672965 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/photon/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/photon/BUILD
@@ -25,8 +25,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["photon_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/cloudprovider/providers/photon",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/cloudprovider:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/photon/photon.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/photon/photon.go
index 5071de5c5318..424b6f91af60 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/photon/photon.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/photon/photon.go
@@ -25,6 +25,7 @@ package photon
 
 import (
 	"bufio"
+	"context"
 	"errors"
 	"fmt"
 	"io"
@@ -50,7 +51,7 @@ const (
 	MAC_OUI_ESX  = "00:0c:29"
 )
 
-// overrideIP indicates if the hostname is overriden by IP address, such as when
+// overrideIP indicates if the hostname is overridden by IP address, such as when
 // running multi-node kubernetes using docker. In this case the user should set
 // overrideIP = true in cloud config file. Default value is false.
 var overrideIP bool = false
@@ -92,18 +93,18 @@ type PCConfig struct {
 type Disks interface {
 	// AttachDisk attaches given disk to given node. Current node
 	// is used when nodeName is empty string.
-	AttachDisk(pdID string, nodeName k8stypes.NodeName) error
+	AttachDisk(ctx context.Context, pdID string, nodeName k8stypes.NodeName) error
 
 	// DetachDisk detaches given disk to given node. Current node
 	// is used when nodeName is empty string.
-	DetachDisk(pdID string, nodeName k8stypes.NodeName) error
+	DetachDisk(ctx context.Context, pdID string, nodeName k8stypes.NodeName) error
 
 	// DiskIsAttached checks if a disk is attached to the given node.
-	DiskIsAttached(pdID string, nodeName k8stypes.NodeName) (bool, error)
+	DiskIsAttached(ctx context.Context, pdID string, nodeName k8stypes.NodeName) (bool, error)
 
 	// DisksAreAttached is a batch function to check if a list of disks are attached
 	// to the node with the specified NodeName.
-	DisksAreAttached(pdIDs []string, nodeName k8stypes.NodeName) (map[string]bool, error)
+	DisksAreAttached(ctx context.Context, pdIDs []string, nodeName k8stypes.NodeName) (map[string]bool, error)
 
 	// CreateDisk creates a new PD with given properties.
 	CreateDisk(volumeOptions *VolumeOptions) (pdID string, err error)
@@ -299,7 +300,7 @@ func (pc *PCCloud) List(filter string) ([]k8stypes.NodeName, error) {
 }
 
 // NodeAddresses is an implementation of Instances.NodeAddresses.
-func (pc *PCCloud) NodeAddresses(nodeName k8stypes.NodeName) ([]v1.NodeAddress, error) {
+func (pc *PCCloud) NodeAddresses(ctx context.Context, nodeName k8stypes.NodeName) ([]v1.NodeAddress, error) {
 	nodeAddrs := []v1.NodeAddress{}
 	name := string(nodeName)
 
@@ -420,15 +421,15 @@ func (pc *PCCloud) NodeAddresses(nodeName k8stypes.NodeName) ([]v1.NodeAddress,
 // NodeAddressesByProviderID returns the node addresses of an instances with the specified unique providerID
 // This method will not be called from the node that is requesting this ID. i.e. metadata service
 // and other local methods cannot be used here
-func (pc *PCCloud) NodeAddressesByProviderID(providerID string) ([]v1.NodeAddress, error) {
+func (pc *PCCloud) NodeAddressesByProviderID(ctx context.Context, providerID string) ([]v1.NodeAddress, error) {
 	return []v1.NodeAddress{}, cloudprovider.NotImplemented
 }
 
-func (pc *PCCloud) AddSSHKeyToAllInstances(user string, keyData []byte) error {
+func (pc *PCCloud) AddSSHKeyToAllInstances(ctx context.Context, user string, keyData []byte) error {
 	return cloudprovider.NotImplemented
 }
 
-func (pc *PCCloud) CurrentNodeName(hostname string) (k8stypes.NodeName, error) {
+func (pc *PCCloud) CurrentNodeName(ctx context.Context, hostname string) (k8stypes.NodeName, error) {
 	pc.localK8sHostname = hostname
 	return k8stypes.NodeName(hostname), nil
 }
@@ -454,7 +455,7 @@ func getInstanceID(pc *PCCloud, name string) (string, error) {
 }
 
 // ExternalID returns the cloud provider ID of the specified instance (deprecated).
-func (pc *PCCloud) ExternalID(nodeName k8stypes.NodeName) (string, error) {
+func (pc *PCCloud) ExternalID(ctx context.Context, nodeName k8stypes.NodeName) (string, error) {
 	name := string(nodeName)
 	if name == pc.localK8sHostname {
 		return pc.localInstanceID, nil
@@ -472,12 +473,12 @@ func (pc *PCCloud) ExternalID(nodeName k8stypes.NodeName) (string, error) {
 
 // InstanceExistsByProviderID returns true if the instance with the given provider id still exists and is running.
 // If false is returned with no error, the instance will be immediately deleted by the cloud controller manager.
-func (pc *PCCloud) InstanceExistsByProviderID(providerID string) (bool, error) {
+func (pc *PCCloud) InstanceExistsByProviderID(ctx context.Context, providerID string) (bool, error) {
 	return false, cloudprovider.NotImplemented
 }
 
 // InstanceID returns the cloud provider ID of the specified instance.
-func (pc *PCCloud) InstanceID(nodeName k8stypes.NodeName) (string, error) {
+func (pc *PCCloud) InstanceID(ctx context.Context, nodeName k8stypes.NodeName) (string, error) {
 	name := string(nodeName)
 	if name == pc.localK8sHostname {
 		return pc.localInstanceID, nil
@@ -496,11 +497,11 @@ func (pc *PCCloud) InstanceID(nodeName k8stypes.NodeName) (string, error) {
 // InstanceTypeByProviderID returns the cloudprovider instance type of the node with the specified unique providerID
 // This method will not be called from the node that is requesting this ID. i.e. metadata service
 // and other local methods cannot be used here
-func (pc *PCCloud) InstanceTypeByProviderID(providerID string) (string, error) {
+func (pc *PCCloud) InstanceTypeByProviderID(ctx context.Context, providerID string) (string, error) {
 	return "", cloudprovider.NotImplemented
 }
 
-func (pc *PCCloud) InstanceType(nodeName k8stypes.NodeName) (string, error) {
+func (pc *PCCloud) InstanceType(ctx context.Context, nodeName k8stypes.NodeName) (string, error) {
 	return "", nil
 }
 
@@ -523,21 +524,21 @@ func (pc *PCCloud) Zones() (cloudprovider.Zones, bool) {
 	return pc, true
 }
 
-func (pc *PCCloud) GetZone() (cloudprovider.Zone, error) {
+func (pc *PCCloud) GetZone(ctx context.Context) (cloudprovider.Zone, error) {
 	return pc.Zone, nil
 }
 
 // GetZoneByProviderID implements Zones.GetZoneByProviderID
 // This is particularly useful in external cloud providers where the kubelet
 // does not initialize node data.
-func (pc *PCCloud) GetZoneByProviderID(providerID string) (cloudprovider.Zone, error) {
+func (pc *PCCloud) GetZoneByProviderID(ctx context.Context, providerID string) (cloudprovider.Zone, error) {
 	return cloudprovider.Zone{}, errors.New("GetZoneByProviderID not implemented")
 }
 
 // GetZoneByNodeName implements Zones.GetZoneByNodeName
 // This is particularly useful in external cloud providers where the kubelet
 // does not initialize node data.
-func (pc *PCCloud) GetZoneByNodeName(nodeName k8stypes.NodeName) (cloudprovider.Zone, error) {
+func (pc *PCCloud) GetZoneByNodeName(ctx context.Context, nodeName k8stypes.NodeName) (cloudprovider.Zone, error) {
 	return cloudprovider.Zone{}, errors.New("GetZoneByNodeName not imeplemented")
 }
 
@@ -546,18 +547,13 @@ func (pc *PCCloud) Routes() (cloudprovider.Routes, bool) {
 	return nil, false
 }
 
-// ScrubDNS filters DNS settings for pods.
-func (pc *PCCloud) ScrubDNS(nameservers, searches []string) (nsOut, srchOut []string) {
-	return nameservers, searches
-}
-
 // HasClusterID returns true if the cluster has a clusterID
 func (pc *PCCloud) HasClusterID() bool {
 	return true
 }
 
 // Attaches given virtual disk volume to the compute running kubelet.
-func (pc *PCCloud) AttachDisk(pdID string, nodeName k8stypes.NodeName) error {
+func (pc *PCCloud) AttachDisk(ctx context.Context, pdID string, nodeName k8stypes.NodeName) error {
 	photonClient, err := getPhotonClient(pc)
 	if err != nil {
 		glog.Errorf("Photon Cloud Provider: Failed to get photon client for AttachDisk, error: [%v]", err)
@@ -568,7 +564,7 @@ func (pc *PCCloud) AttachDisk(pdID string, nodeName k8stypes.NodeName) error {
 		DiskID: pdID,
 	}
 
-	vmID, err := pc.InstanceID(nodeName)
+	vmID, err := pc.InstanceID(ctx, nodeName)
 	if err != nil {
 		glog.Errorf("Photon Cloud Provider: pc.InstanceID failed for AttachDisk. Error[%v]", err)
 		return err
@@ -590,7 +586,7 @@ func (pc *PCCloud) AttachDisk(pdID string, nodeName k8stypes.NodeName) error {
 }
 
 // Detaches given virtual disk volume from the compute running kubelet.
-func (pc *PCCloud) DetachDisk(pdID string, nodeName k8stypes.NodeName) error {
+func (pc *PCCloud) DetachDisk(ctx context.Context, pdID string, nodeName k8stypes.NodeName) error {
 	photonClient, err := getPhotonClient(pc)
 	if err != nil {
 		glog.Errorf("Photon Cloud Provider: Failed to get photon client for DetachDisk, error: [%v]", err)
@@ -601,7 +597,7 @@ func (pc *PCCloud) DetachDisk(pdID string, nodeName k8stypes.NodeName) error {
 		DiskID: pdID,
 	}
 
-	vmID, err := pc.InstanceID(nodeName)
+	vmID, err := pc.InstanceID(ctx, nodeName)
 	if err != nil {
 		glog.Errorf("Photon Cloud Provider: pc.InstanceID failed for DetachDisk. Error[%v]", err)
 		return err
@@ -623,7 +619,7 @@ func (pc *PCCloud) DetachDisk(pdID string, nodeName k8stypes.NodeName) error {
 }
 
 // DiskIsAttached returns if disk is attached to the VM using controllers supported by the plugin.
-func (pc *PCCloud) DiskIsAttached(pdID string, nodeName k8stypes.NodeName) (bool, error) {
+func (pc *PCCloud) DiskIsAttached(ctx context.Context, pdID string, nodeName k8stypes.NodeName) (bool, error) {
 	photonClient, err := getPhotonClient(pc)
 	if err != nil {
 		glog.Errorf("Photon Cloud Provider: Failed to get photon client for DiskIsAttached, error: [%v]", err)
@@ -636,7 +632,7 @@ func (pc *PCCloud) DiskIsAttached(pdID string, nodeName k8stypes.NodeName) (bool
 		return false, err
 	}
 
-	vmID, err := pc.InstanceID(nodeName)
+	vmID, err := pc.InstanceID(ctx, nodeName)
 	if err == cloudprovider.InstanceNotFound {
 		glog.Infof("Instance %q does not exist, disk %s will be detached automatically.", nodeName, pdID)
 		return false, nil
@@ -656,7 +652,7 @@ func (pc *PCCloud) DiskIsAttached(pdID string, nodeName k8stypes.NodeName) (bool
 }
 
 // DisksAreAttached returns if disks are attached to the VM using controllers supported by the plugin.
-func (pc *PCCloud) DisksAreAttached(pdIDs []string, nodeName k8stypes.NodeName) (map[string]bool, error) {
+func (pc *PCCloud) DisksAreAttached(ctx context.Context, pdIDs []string, nodeName k8stypes.NodeName) (map[string]bool, error) {
 	attached := make(map[string]bool)
 	photonClient, err := getPhotonClient(pc)
 	if err != nil {
@@ -668,7 +664,7 @@ func (pc *PCCloud) DisksAreAttached(pdIDs []string, nodeName k8stypes.NodeName)
 		attached[pdID] = false
 	}
 
-	vmID, err := pc.InstanceID(nodeName)
+	vmID, err := pc.InstanceID(ctx, nodeName)
 	if err == cloudprovider.InstanceNotFound {
 		glog.Infof("Instance %q does not exist, its disks will be detached automatically.", nodeName)
 		// make all the disks as detached.
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/BUILD b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/BUILD
index 4237bc88f763..76fe4f7c7d69 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/BUILD
@@ -21,7 +21,6 @@ go_library(
         "//pkg/cloudprovider/providers/vsphere/vclib/diskmanagers:go_default_library",
         "//pkg/controller:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
-        "//vendor/github.com/vmware/govmomi:go_default_library",
         "//vendor/github.com/vmware/govmomi/vim25:go_default_library",
         "//vendor/github.com/vmware/govmomi/vim25/mo:go_default_library",
         "//vendor/golang.org/x/net/context:go_default_library",
@@ -36,8 +35,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["vsphere_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/cloudprovider:go_default_library",
         "//pkg/cloudprovider/providers/vsphere/vclib:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/nodemanager.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/nodemanager.go
index 770cd6d4167e..1ed39bccd58b 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/nodemanager.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/nodemanager.go
@@ -359,3 +359,10 @@ func (nm *NodeManager) renewNodeInfo(nodeInfo *NodeInfo, reconnect bool) (*NodeI
 	vm := nodeInfo.vm.RenewVM(vsphereInstance.conn.GoVmomiClient)
 	return &NodeInfo{vm: &vm, dataCenter: vm.Datacenter, vcServer: nodeInfo.vcServer}, nil
 }
+
+func (nodeInfo *NodeInfo) VM() *vclib.VirtualMachine {
+	if nodeInfo == nil {
+		return nil
+	}
+	return nodeInfo.vm
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib/BUILD b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib/BUILD
index 6750d560e4ce..f1a11cecbbc6 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib/BUILD
@@ -3,6 +3,7 @@ package(default_visibility = ["//visibility:public"])
 load(
     "@io_bazel_rules_go//go:def.bzl",
     "go_library",
+    "go_test",
 )
 
 go_library(
@@ -55,3 +56,19 @@ filegroup(
     ],
     tags = ["automanaged"],
 )
+
+go_test(
+    name = "go_default_test",
+    srcs = [
+        "datacenter_test.go",
+        "datastore_test.go",
+        "folder_test.go",
+        "virtualmachine_test.go",
+    ],
+    embed = [":go_default_library"],
+    deps = [
+        "//vendor/github.com/vmware/govmomi:go_default_library",
+        "//vendor/github.com/vmware/govmomi/object:go_default_library",
+        "//vendor/github.com/vmware/govmomi/simulator:go_default_library",
+    ],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib/constants.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib/constants.go
index 812cbe3856dd..451d92411800 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib/constants.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib/constants.go
@@ -50,3 +50,10 @@ const (
 	DummyVMPrefixName        = "vsphere-k8s"
 	ActivePowerState         = "poweredOn"
 )
+
+// Test Constants
+const (
+	testDefaultDatacenter = "DC0"
+	testDefaultDatastore  = "LocalDS_0"
+	testNameNotFound      = "enoent"
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib/datacenter.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib/datacenter.go
index d325c72dfe1a..8b0a10e9a924 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib/datacenter.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib/datacenter.go
@@ -138,14 +138,8 @@ func (dc *Datacenter) GetDatastoreByPath(ctx context.Context, vmDiskPath string)
 		glog.Errorf("Failed to parse vmDiskPath: %s", vmDiskPath)
 		return nil, errors.New("Failed to parse vmDiskPath")
 	}
-	finder := getFinder(dc)
-	ds, err := finder.Datastore(ctx, datastorePathObj.Datastore)
-	if err != nil {
-		glog.Errorf("Failed while searching for datastore: %s. err: %+v", datastorePathObj.Datastore, err)
-		return nil, err
-	}
-	datastore := Datastore{ds, dc}
-	return &datastore, nil
+
+	return dc.GetDatastoreByName(ctx, datastorePathObj.Datastore)
 }
 
 // GetDatastoreByName gets the Datastore object for the given datastore name
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib/utils.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib/utils.go
index bac429d6debd..d449e5fe9054 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib/utils.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib/utils.go
@@ -146,18 +146,6 @@ func GetPathFromVMDiskPath(vmDiskPath string) string {
 	return datastorePathObj.Path
 }
 
-// GetDatastoreFromVMDiskPath retrieves the path from VM Disk Path.
-// Example: For vmDiskPath - [vsanDatastore] kubevols/volume.vmdk, the path is vsanDatastore
-func GetDatastoreFromVMDiskPath(vmDiskPath string) string {
-	datastorePathObj := new(object.DatastorePath)
-	isSuccess := datastorePathObj.FromString(vmDiskPath)
-	if !isSuccess {
-		glog.Errorf("Failed to parse vmDiskPath: %s", vmDiskPath)
-		return ""
-	}
-	return datastorePathObj.Datastore
-}
-
 //GetDatastorePathObjFromVMDiskPath gets the datastorePathObj from VM disk path.
 func GetDatastorePathObjFromVMDiskPath(vmDiskPath string) (*object.DatastorePath, error) {
 	datastorePathObj := new(object.DatastorePath)
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vsphere.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vsphere.go
index 2662230bc659..4835306d156b 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vsphere.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vsphere.go
@@ -379,14 +379,6 @@ func newControllerNode(cfg VSphereConfig) (*VSphere, error) {
 	if cfg.Global.VCenterPort == "" {
 		cfg.Global.VCenterPort = "443"
 	}
-	if cfg.Global.VMUUID == "" {
-		// This needs root privileges on the host, and will fail otherwise.
-		cfg.Global.VMUUID, err = getvmUUID()
-		if err != nil {
-			glog.Errorf("Failed to get VM UUID. err: %+v", err)
-			return nil, err
-		}
-	}
 	vsphereInstanceMap, err := populateVsphereInstanceMap(&cfg)
 	if err != nil {
 		return nil, err
@@ -504,7 +496,7 @@ func (vs *VSphere) getVMFromNodeName(ctx context.Context, nodeName k8stypes.Node
 }
 
 // NodeAddresses is an implementation of Instances.NodeAddresses.
-func (vs *VSphere) NodeAddresses(nodeName k8stypes.NodeName) ([]v1.NodeAddress, error) {
+func (vs *VSphere) NodeAddresses(ctx context.Context, nodeName k8stypes.NodeName) ([]v1.NodeAddress, error) {
 	// Get local IP addresses if node is local node
 	if vs.hostName == convertToString(nodeName) {
 		return getLocalIP()
@@ -563,17 +555,17 @@ func (vs *VSphere) NodeAddresses(nodeName k8stypes.NodeName) ([]v1.NodeAddress,
 // NodeAddressesByProviderID returns the node addresses of an instances with the specified unique providerID
 // This method will not be called from the node that is requesting this ID. i.e. metadata service
 // and other local methods cannot be used here
-func (vs *VSphere) NodeAddressesByProviderID(providerID string) ([]v1.NodeAddress, error) {
-	return vs.NodeAddresses(convertToK8sType(providerID))
+func (vs *VSphere) NodeAddressesByProviderID(ctx context.Context, providerID string) ([]v1.NodeAddress, error) {
+	return vs.NodeAddresses(ctx, convertToK8sType(providerID))
 }
 
 // AddSSHKeyToAllInstances add SSH key to all instances
-func (vs *VSphere) AddSSHKeyToAllInstances(user string, keyData []byte) error {
+func (vs *VSphere) AddSSHKeyToAllInstances(ctx context.Context, user string, keyData []byte) error {
 	return cloudprovider.NotImplemented
 }
 
 // CurrentNodeName gives the current node name
-func (vs *VSphere) CurrentNodeName(hostname string) (k8stypes.NodeName, error) {
+func (vs *VSphere) CurrentNodeName(ctx context.Context, hostname string) (k8stypes.NodeName, error) {
 	return convertToK8sType(vs.hostName), nil
 }
 
@@ -586,13 +578,13 @@ func convertToK8sType(vmName string) k8stypes.NodeName {
 }
 
 // ExternalID returns the cloud provider ID of the node with the specified Name (deprecated).
-func (vs *VSphere) ExternalID(nodeName k8stypes.NodeName) (string, error) {
-	return vs.InstanceID(nodeName)
+func (vs *VSphere) ExternalID(ctx context.Context, nodeName k8stypes.NodeName) (string, error) {
+	return vs.InstanceID(ctx, nodeName)
 }
 
 // InstanceExistsByProviderID returns true if the instance with the given provider id still exists and is running.
 // If false is returned with no error, the instance will be immediately deleted by the cloud controller manager.
-func (vs *VSphere) InstanceExistsByProviderID(providerID string) (bool, error) {
+func (vs *VSphere) InstanceExistsByProviderID(ctx context.Context, providerID string) (bool, error) {
 	var nodeName string
 	nodes, err := vs.nodeManager.GetNodeDetails()
 	if err != nil {
@@ -609,7 +601,7 @@ func (vs *VSphere) InstanceExistsByProviderID(providerID string) (bool, error) {
 		msg := fmt.Sprintf("Error while obtaining Kubernetes nodename for providerID %s.", providerID)
 		return false, errors.New(msg)
 	}
-	_, err = vs.InstanceID(convertToK8sType(nodeName))
+	_, err = vs.InstanceID(ctx, convertToK8sType(nodeName))
 	if err == nil {
 		return true, nil
 	}
@@ -618,7 +610,7 @@ func (vs *VSphere) InstanceExistsByProviderID(providerID string) (bool, error) {
 }
 
 // InstanceID returns the cloud provider ID of the node with the specified Name.
-func (vs *VSphere) InstanceID(nodeName k8stypes.NodeName) (string, error) {
+func (vs *VSphere) InstanceID(ctx context.Context, nodeName k8stypes.NodeName) (string, error) {
 
 	instanceIDInternal := func() (string, error) {
 		if vs.hostName == convertToString(nodeName) {
@@ -682,11 +674,11 @@ func (vs *VSphere) InstanceID(nodeName k8stypes.NodeName) (string, error) {
 // InstanceTypeByProviderID returns the cloudprovider instance type of the node with the specified unique providerID
 // This method will not be called from the node that is requesting this ID. i.e. metadata service
 // and other local methods cannot be used here
-func (vs *VSphere) InstanceTypeByProviderID(providerID string) (string, error) {
+func (vs *VSphere) InstanceTypeByProviderID(ctx context.Context, providerID string) (string, error) {
 	return "", nil
 }
 
-func (vs *VSphere) InstanceType(name k8stypes.NodeName) (string, error) {
+func (vs *VSphere) InstanceType(ctx context.Context, name k8stypes.NodeName) (string, error) {
 	return "", nil
 }
 
@@ -715,11 +707,6 @@ func (vs *VSphere) Routes() (cloudprovider.Routes, bool) {
 	return nil, false
 }
 
-// ScrubDNS filters DNS settings for pods.
-func (vs *VSphere) ScrubDNS(nameservers, searches []string) (nsOut, srchOut []string) {
-	return nameservers, searches
-}
-
 // AttachDisk attaches given virtual disk volume to the compute running kubelet.
 func (vs *VSphere) AttachDisk(vmDiskPath string, storagePolicyName string, nodeName k8stypes.NodeName) (diskUUID string, err error) {
 	attachDiskInternal := func(vmDiskPath string, storagePolicyName string, nodeName k8stypes.NodeName) (diskUUID string, err error) {
@@ -1197,3 +1184,10 @@ func (vs *VSphere) NodeDeleted(obj interface{}) {
 	glog.V(4).Infof("Node deleted: %+v", node)
 	vs.nodeManager.UnRegisterNode(node)
 }
+
+func (vs *VSphere) NodeManager() (nodeManager *NodeManager) {
+	if vs == nil {
+		return nil
+	}
+	return vs.nodeManager
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vsphere_util.go b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vsphere_util.go
index 78af14f75023..20077a43ccc7 100644
--- a/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vsphere_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vsphere_util.go
@@ -19,15 +19,12 @@ package vsphere
 import (
 	"context"
 	"errors"
-	"io/ioutil"
 	"os"
 	"regexp"
-	"runtime"
 	"strings"
 	"time"
 
 	"github.com/golang/glog"
-	"github.com/vmware/govmomi"
 	"github.com/vmware/govmomi/vim25"
 
 	"fmt"
@@ -35,8 +32,7 @@ import (
 	"path/filepath"
 
 	"github.com/vmware/govmomi/vim25/mo"
-
-	"k8s.io/api/core/v1"
+	"io/ioutil"
 	k8stypes "k8s.io/apimachinery/pkg/types"
 	"k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib"
 	"k8s.io/kubernetes/pkg/cloudprovider/providers/vsphere/vclib/diskmanagers"
@@ -48,7 +44,6 @@ const (
 	Folder                = "Folder"
 	VirtualMachine        = "VirtualMachine"
 	DummyDiskName         = "kube-dummyDisk.vmdk"
-
 	UUIDPath              = "/sys/class/dmi/id/product_serial"
 	UUIDPrefix            = "VMware-"
 	ProviderPrefix        = "vsphere://"
@@ -57,59 +52,32 @@ const (
 
 // GetVSphere reads vSphere configuration from system environment and construct vSphere object
 func GetVSphere() (*VSphere, error) {
-	cfg := getVSphereConfig()
-	vSphereConn := getVSphereConn(cfg)
-	client, err := GetgovmomiClient(vSphereConn)
+	cfg, err := getVSphereConfig()
+	if err != nil {
+		return nil, err
+	}
+	vs, err := newControllerNode(*cfg)
 	if err != nil {
 		return nil, err
 	}
-	vSphereConn.GoVmomiClient = client
-	vsphereIns := &VSphereInstance{
-		conn: vSphereConn,
-		cfg: &VirtualCenterConfig{
-			User:              cfg.Global.User,
-			Password:          cfg.Global.Password,
-			VCenterPort:       cfg.Global.VCenterPort,
-			Datacenters:       cfg.Global.Datacenters,
-			RoundTripperCount: cfg.Global.RoundTripperCount,
-		},
-	}
-	vsphereInsMap := make(map[string]*VSphereInstance)
-	vsphereInsMap[cfg.Global.VCenterIP] = vsphereIns
-	// TODO: Initialize nodeManager and set it in VSphere.
-	vs := &VSphere{
-		vsphereInstanceMap: vsphereInsMap,
-		hostName:           "",
-		cfg:                cfg,
-		nodeManager: &NodeManager{
-			vsphereInstanceMap: vsphereInsMap,
-			nodeInfoMap:        make(map[string]*NodeInfo),
-			registeredNodes:    make(map[string]*v1.Node),
-		},
-	}
-	runtime.SetFinalizer(vs, logout)
 	return vs, nil
 }
 
-func getVSphereConfig() *VSphereConfig {
-	var cfg VSphereConfig
-	cfg.Global.VCenterIP = os.Getenv("VSPHERE_VCENTER")
-	cfg.Global.VCenterPort = os.Getenv("VSPHERE_VCENTER_PORT")
-	cfg.Global.User = os.Getenv("VSPHERE_USER")
-	cfg.Global.Password = os.Getenv("VSPHERE_PASSWORD")
-	cfg.Global.Datacenters = os.Getenv("VSPHERE_DATACENTER")
-	cfg.Global.DefaultDatastore = os.Getenv("VSPHERE_DATASTORE")
-	cfg.Global.WorkingDir = os.Getenv("VSPHERE_WORKING_DIR")
-	cfg.Global.VMName = os.Getenv("VSPHERE_VM_NAME")
-	cfg.Global.InsecureFlag = false
-	if strings.ToLower(os.Getenv("VSPHERE_INSECURE")) == "true" {
-		cfg.Global.InsecureFlag = true
-	}
-	cfg.Workspace.VCenterIP = cfg.Global.VCenterIP
-	cfg.Workspace.Datacenter = cfg.Global.Datacenters
-	cfg.Workspace.DefaultDatastore = cfg.Global.DefaultDatastore
-	cfg.Workspace.Folder = cfg.Global.WorkingDir
-	return &cfg
+func getVSphereConfig() (*VSphereConfig, error) {
+	confFileLocation := os.Getenv(vSphereConfFileEnvVar)
+	if confFileLocation == "" {
+		return nil, fmt.Errorf("Env variable 'VSPHERE_CONF_FILE' is not set.")
+	}
+	confFile, err := os.Open(confFileLocation)
+	if err != nil {
+		return nil, err
+	}
+	defer confFile.Close()
+	cfg, err := readConfig(confFile)
+	if err != nil {
+		return nil, err
+	}
+	return &cfg, nil
 }
 
 func getVSphereConn(cfg *VSphereConfig) *vclib.VSphereConnection {
@@ -124,40 +92,6 @@ func getVSphereConn(cfg *VSphereConfig) *vclib.VSphereConnection {
 	return vSphereConn
 }
 
-// GetgovmomiClient gets the goVMOMI client for the vsphere connection object
-func GetgovmomiClient(conn *vclib.VSphereConnection) (*govmomi.Client, error) {
-	if conn == nil {
-		cfg := getVSphereConfig()
-		conn = getVSphereConn(cfg)
-	}
-	client, err := conn.NewClient(context.TODO())
-	return client, err
-}
-
-// getvmUUID gets the BIOS UUID via the sys interface.  This UUID is known by vsphere
-func getvmUUID() (string, error) {
-	id, err := ioutil.ReadFile(UUIDPath)
-	if err != nil {
-		return "", fmt.Errorf("error retrieving vm uuid: %s", err)
-	}
-	uuidFromFile := string(id[:])
-	//strip leading and trailing white space and new line char
-	uuid := strings.TrimSpace(uuidFromFile)
-	// check the uuid starts with "VMware-"
-	if !strings.HasPrefix(uuid, UUIDPrefix) {
-		return "", fmt.Errorf("Failed to match Prefix, UUID read from the file is %v", uuidFromFile)
-	}
-	// Strip the prefix and while spaces and -
-	uuid = strings.Replace(uuid[len(UUIDPrefix):(len(uuid))], " ", "", -1)
-	uuid = strings.Replace(uuid, "-", "", -1)
-	if len(uuid) != 32 {
-		return "", fmt.Errorf("Length check failed, UUID read from the file is %v", uuidFromFile)
-	}
-	// need to add dashes, e.g. "564d395e-d807-e18a-cb25-b79f65eb2b9f"
-	uuid = fmt.Sprintf("%s-%s-%s-%s-%s", uuid[0:8], uuid[8:12], uuid[12:16], uuid[16:20], uuid[20:32])
-	return uuid, nil
-}
-
 // Returns the accessible datastores for the given node VM.
 func getAccessibleDatastores(ctx context.Context, nodeVmDetail *NodeDetails, nodeManager *NodeManager) ([]*vclib.DatastoreInfo, error) {
 	accessibleDatastores, err := nodeVmDetail.vm.GetAllAccessibleDatastores(ctx)
@@ -538,7 +472,6 @@ func (vs *VSphere) checkDiskAttached(ctx context.Context, nodes []k8stypes.NodeN
 		if err != nil {
 			return nodesToRetry, err
 		}
-
 		nodeUUID := strings.ToLower(GetUUIDFromProviderID(node.Spec.ProviderID))
 		glog.V(9).Infof("Verifying volume for node %s with nodeuuid %q: %s", nodeName, nodeUUID, vmMoMap)
 		vclib.VerifyVolumePathsForVM(vmMoMap[nodeUUID], nodeVolumes[nodeName], convertToString(nodeName), attached)
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/BUILD
index fe5a3adc085a..a63a13123101 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/BUILD
@@ -12,8 +12,7 @@ go_test(
         "controller_ref_manager_test.go",
         "controller_utils_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/controller",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/api/testapi:go_default_library",
@@ -62,7 +61,7 @@ go_library(
         "//pkg/util/taints:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/golang/groupcache/lru:go_default_library",
-        "//vendor/k8s.io/api/apps/v1beta1:go_default_library",
+        "//vendor/k8s.io/api/apps/v1:go_default_library",
         "//vendor/k8s.io/api/authentication/v1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
@@ -117,7 +116,8 @@ filegroup(
         "//pkg/controller/history:all-srcs",
         "//pkg/controller/job:all-srcs",
         "//pkg/controller/namespace:all-srcs",
-        "//pkg/controller/node:all-srcs",
+        "//pkg/controller/nodeipam:all-srcs",
+        "//pkg/controller/nodelifecycle:all-srcs",
         "//pkg/controller/podautoscaler:all-srcs",
         "//pkg/controller/podgc:all-srcs",
         "//pkg/controller/replicaset:all-srcs",
@@ -129,11 +129,13 @@ filegroup(
         "//pkg/controller/statefulset:all-srcs",
         "//pkg/controller/testutil:all-srcs",
         "//pkg/controller/ttl:all-srcs",
+        "//pkg/controller/util/node:all-srcs",
         "//pkg/controller/volume/attachdetach:all-srcs",
         "//pkg/controller/volume/events:all-srcs",
         "//pkg/controller/volume/expand:all-srcs",
         "//pkg/controller/volume/persistentvolume:all-srcs",
         "//pkg/controller/volume/pvcprotection:all-srcs",
+        "//pkg/controller/volume/pvprotection:all-srcs",
     ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/BUILD
index 6dfcd204c9d5..dde09ddd40b0 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/BUILD
@@ -15,19 +15,21 @@ go_test(
         "tokencleaner_test.go",
         "util_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/controller/bootstrap",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/helper:go_default_library",
-        "//pkg/bootstrap/api:go_default_library",
+        "//pkg/controller:go_default_library",
         "//vendor/github.com/davecgh/go-spew/spew:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/client-go/informers:go_default_library",
+        "//vendor/k8s.io/client-go/informers/core/v1:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes/fake:go_default_library",
         "//vendor/k8s.io/client-go/testing:go_default_library",
+        "//vendor/k8s.io/client-go/tools/bootstrap/token/api:go_default_library",
     ],
 )
 
@@ -43,19 +45,20 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/controller/bootstrap",
     deps = [
         "//pkg/apis/core:go_default_library",
-        "//pkg/bootstrap/api:go_default_library",
+        "//pkg/controller:go_default_library",
         "//pkg/util/metrics:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
-        "//vendor/github.com/square/go-jose:go_default_library",
+        "//vendor/gopkg.in/square/go-jose.v2:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/fields:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
+        "//vendor/k8s.io/client-go/informers/core/v1:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
+        "//vendor/k8s.io/client-go/listers/core/v1:go_default_library",
+        "//vendor/k8s.io/client-go/tools/bootstrap/token/api:go_default_library",
         "//vendor/k8s.io/client-go/tools/cache:go_default_library",
         "//vendor/k8s.io/client-go/util/workqueue:go_default_library",
     ],
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/bootstrapsigner.go b/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/bootstrapsigner.go
index 5bb53a448378..7677a677859f 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/bootstrapsigner.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/bootstrapsigner.go
@@ -22,25 +22,25 @@ import (
 
 	"github.com/golang/glog"
 
+	"fmt"
 	"k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/fields"
-	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/labels"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/wait"
-	"k8s.io/apimachinery/pkg/watch"
+	informers "k8s.io/client-go/informers/core/v1"
 	clientset "k8s.io/client-go/kubernetes"
+	corelisters "k8s.io/client-go/listers/core/v1"
+	bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
 	"k8s.io/client-go/tools/cache"
 	"k8s.io/client-go/util/workqueue"
 	api "k8s.io/kubernetes/pkg/apis/core"
-	bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
+	"k8s.io/kubernetes/pkg/controller"
 	"k8s.io/kubernetes/pkg/util/metrics"
 )
 
 // BootstrapSignerOptions contains options for the BootstrapSigner
 type BootstrapSignerOptions struct {
-
 	// ConfigMapNamespace is the namespace of the ConfigMap
 	ConfigMapNamespace string
 
@@ -71,88 +71,101 @@ func DefaultBootstrapSignerOptions() BootstrapSignerOptions {
 
 // BootstrapSigner is a controller that signs a ConfigMap with a set of tokens.
 type BootstrapSigner struct {
-	client          clientset.Interface
-	configMapKey    string
-	secretNamespace string
-
-	configMaps cache.Store
-	secrets    cache.Store
+	client             clientset.Interface
+	configMapKey       string
+	configMapName      string
+	configMapNamespace string
+	secretNamespace    string
 
 	// syncQueue handles synchronizing updates to the ConfigMap.  We'll only ever
 	// have one item (Named <ConfigMapName>) in this queue. We are using it
 	// serializes and collapses updates as they can come from both the ConfigMap
 	// and Secrets controllers.
-	syncQueue workqueue.Interface
+	syncQueue workqueue.RateLimitingInterface
+
+	secretLister corelisters.SecretLister
+	secretSynced cache.InformerSynced
 
-	// Since we join two objects, we'll watch both of them with controllers.
-	configMapsController cache.Controller
-	secretsController    cache.Controller
+	configMapLister corelisters.ConfigMapLister
+	configMapSynced cache.InformerSynced
 }
 
 // NewBootstrapSigner returns a new *BootstrapSigner.
-//
-// TODO: Switch to shared informers
-func NewBootstrapSigner(cl clientset.Interface, options BootstrapSignerOptions) (*BootstrapSigner, error) {
+func NewBootstrapSigner(cl clientset.Interface, secrets informers.SecretInformer, configMaps informers.ConfigMapInformer, options BootstrapSignerOptions) (*BootstrapSigner, error) {
 	e := &BootstrapSigner{
-		client:          cl,
-		configMapKey:    options.ConfigMapNamespace + "/" + options.ConfigMapName,
-		secretNamespace: options.TokenSecretNamespace,
-		syncQueue:       workqueue.NewNamed("bootstrap_signer_queue"),
+		client:             cl,
+		configMapKey:       options.ConfigMapNamespace + "/" + options.ConfigMapName,
+		configMapName:      options.ConfigMapName,
+		configMapNamespace: options.ConfigMapNamespace,
+		secretNamespace:    options.TokenSecretNamespace,
+		secretLister:       secrets.Lister(),
+		secretSynced:       secrets.Informer().HasSynced,
+		configMapLister:    configMaps.Lister(),
+		configMapSynced:    configMaps.Informer().HasSynced,
+		syncQueue:          workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "bootstrap_signer_queue"),
 	}
 	if cl.CoreV1().RESTClient().GetRateLimiter() != nil {
 		if err := metrics.RegisterMetricAndTrackRateLimiterUsage("bootstrap_signer", cl.CoreV1().RESTClient().GetRateLimiter()); err != nil {
 			return nil, err
 		}
 	}
-	configMapSelector := fields.SelectorFromSet(map[string]string{api.ObjectNameField: options.ConfigMapName})
-	e.configMaps, e.configMapsController = cache.NewInformer(
-		&cache.ListWatch{
-			ListFunc: func(lo metav1.ListOptions) (runtime.Object, error) {
-				lo.FieldSelector = configMapSelector.String()
-				return e.client.CoreV1().ConfigMaps(options.ConfigMapNamespace).List(lo)
+
+	configMaps.Informer().AddEventHandlerWithResyncPeriod(
+		cache.FilteringResourceEventHandler{
+			FilterFunc: func(obj interface{}) bool {
+				switch t := obj.(type) {
+				case *v1.ConfigMap:
+					return t.Name == options.ConfigMapName && t.Namespace == options.ConfigMapNamespace
+				default:
+					utilruntime.HandleError(fmt.Errorf("object passed to %T that is not expected: %T", e, obj))
+					return false
+				}
 			},
-			WatchFunc: func(lo metav1.ListOptions) (watch.Interface, error) {
-				lo.FieldSelector = configMapSelector.String()
-				return e.client.CoreV1().ConfigMaps(options.ConfigMapNamespace).Watch(lo)
+			Handler: cache.ResourceEventHandlerFuncs{
+				AddFunc:    func(_ interface{}) { e.pokeConfigMapSync() },
+				UpdateFunc: func(_, _ interface{}) { e.pokeConfigMapSync() },
 			},
 		},
-		&v1.ConfigMap{},
 		options.ConfigMapResync,
-		cache.ResourceEventHandlerFuncs{
-			AddFunc:    func(_ interface{}) { e.pokeConfigMapSync() },
-			UpdateFunc: func(_, _ interface{}) { e.pokeConfigMapSync() },
-		},
 	)
 
-	secretSelector := fields.SelectorFromSet(map[string]string{api.SecretTypeField: string(bootstrapapi.SecretTypeBootstrapToken)})
-	e.secrets, e.secretsController = cache.NewInformer(
-		&cache.ListWatch{
-			ListFunc: func(lo metav1.ListOptions) (runtime.Object, error) {
-				lo.FieldSelector = secretSelector.String()
-				return e.client.CoreV1().Secrets(e.secretNamespace).List(lo)
+	secrets.Informer().AddEventHandlerWithResyncPeriod(
+		cache.FilteringResourceEventHandler{
+			FilterFunc: func(obj interface{}) bool {
+				switch t := obj.(type) {
+				case *v1.Secret:
+					return t.Type == bootstrapapi.SecretTypeBootstrapToken && t.Namespace == e.secretNamespace
+				default:
+					utilruntime.HandleError(fmt.Errorf("object passed to %T that is not expected: %T", e, obj))
+					return false
+				}
 			},
-			WatchFunc: func(lo metav1.ListOptions) (watch.Interface, error) {
-				lo.FieldSelector = secretSelector.String()
-				return e.client.CoreV1().Secrets(e.secretNamespace).Watch(lo)
+			Handler: cache.ResourceEventHandlerFuncs{
+				AddFunc:    func(_ interface{}) { e.pokeConfigMapSync() },
+				UpdateFunc: func(_, _ interface{}) { e.pokeConfigMapSync() },
+				DeleteFunc: func(_ interface{}) { e.pokeConfigMapSync() },
 			},
 		},
-		&v1.Secret{},
 		options.SecretResync,
-		cache.ResourceEventHandlerFuncs{
-			AddFunc:    func(_ interface{}) { e.pokeConfigMapSync() },
-			UpdateFunc: func(_, _ interface{}) { e.pokeConfigMapSync() },
-			DeleteFunc: func(_ interface{}) { e.pokeConfigMapSync() },
-		},
 	)
+
 	return e, nil
 }
 
 // Run runs controller loops and returns when they are done
 func (e *BootstrapSigner) Run(stopCh <-chan struct{}) {
-	go e.configMapsController.Run(stopCh)
-	go e.secretsController.Run(stopCh)
+	// Shut down queues
+	defer utilruntime.HandleCrash()
+	defer e.syncQueue.ShutDown()
+
+	if !controller.WaitForCacheSync("bootstrap_signer", stopCh, e.configMapSynced, e.secretSynced) {
+		return
+	}
+
+	glog.V(5).Infof("Starting workers")
 	go wait.Until(e.serviceConfigMapQueue, 0, stopCh)
 	<-stopCh
+	glog.V(1).Infof("Shutting down")
 }
 
 func (e *BootstrapSigner) pokeConfigMapSync() {
@@ -237,27 +250,32 @@ func (e *BootstrapSigner) updateConfigMap(cm *v1.ConfigMap) {
 
 // getConfigMap gets the ConfigMap we are interested in
 func (e *BootstrapSigner) getConfigMap() *v1.ConfigMap {
-	configMap, exists, err := e.configMaps.GetByKey(e.configMapKey)
+	configMap, err := e.configMapLister.ConfigMaps(e.configMapNamespace).Get(e.configMapName)
 
 	// If we can't get the configmap just return nil. The resync will eventually
 	// sync things up.
 	if err != nil {
-		utilruntime.HandleError(err)
+		if !apierrors.IsNotFound(err) {
+			utilruntime.HandleError(err)
+		}
 		return nil
 	}
 
-	if exists {
-		return configMap.(*v1.ConfigMap)
-	}
-	return nil
+	return configMap
 }
 
 func (e *BootstrapSigner) listSecrets() []*v1.Secret {
-	secrets := e.secrets.List()
+	secrets, err := e.secretLister.Secrets(e.secretNamespace).List(labels.Everything())
+	if err != nil {
+		utilruntime.HandleError(err)
+		return nil
+	}
 
 	items := []*v1.Secret{}
-	for _, obj := range secrets {
-		items = append(items, obj.(*v1.Secret))
+	for _, secret := range secrets {
+		if secret.Type == bootstrapapi.SecretTypeBootstrapToken {
+			items = append(items, secret)
+		}
 	}
 	return items
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/jws.go b/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/jws.go
index ec73ceb4887d..81f87ce1d5bb 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/jws.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/jws.go
@@ -20,19 +20,28 @@ import (
 	"fmt"
 	"strings"
 
-	jose "github.com/square/go-jose"
+	jose "gopkg.in/square/go-jose.v2"
 )
 
 // computeDetachedSig takes content and token details and computes a detached
 // JWS signature.  This is described in Appendix F of RFC 7515.  Basically, this
 // is a regular JWS with the content part of the signature elided.
 func computeDetachedSig(content, tokenID, tokenSecret string) (string, error) {
-	jwk := &jose.JsonWebKey{
+	jwk := &jose.JSONWebKey{
 		Key:   []byte(tokenSecret),
 		KeyID: tokenID,
 	}
 
-	signer, err := jose.NewSigner(jose.HS256, jwk)
+	opts := &jose.SignerOptions{
+		// Since this is a symmetric key, go-jose doesn't automatically include
+		// the KeyID as part of the protected header. We have to pass it here
+		// explicitly.
+		ExtraHeaders: map[jose.HeaderKey]interface{}{
+			"kid": tokenID,
+		},
+	}
+
+	signer, err := jose.NewSigner(jose.SigningKey{Algorithm: jose.HS256, Key: jwk}, opts)
 	if err != nil {
 		return "", fmt.Errorf("can't make a HS256 signer from the given token: %v", err)
 	}
@@ -51,7 +60,7 @@ func computeDetachedSig(content, tokenID, tokenSecret string) (string, error) {
 
 // stripContent will remove the content part of a compact JWS
 //
-// The `go-jose` library doesn't support generating signatures with "detatched"
+// The `go-jose` library doesn't support generating signatures with "detached"
 // content. To make up for this we take the full compact signature, break it
 // apart and put it back together without the content section.
 func stripContent(fullSig string) (string, error) {
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/tokencleaner.go b/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/tokencleaner.go
index 6c099a4c733e..d39582b2fb96 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/tokencleaner.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/tokencleaner.go
@@ -17,21 +17,23 @@ limitations under the License.
 package bootstrap
 
 import (
+	"fmt"
 	"time"
 
 	"github.com/golang/glog"
-
 	"k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/fields"
-	"k8s.io/apimachinery/pkg/runtime"
+	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/wait"
-	"k8s.io/apimachinery/pkg/watch"
+	coreinformers "k8s.io/client-go/informers/core/v1"
 	clientset "k8s.io/client-go/kubernetes"
+	corelisters "k8s.io/client-go/listers/core/v1"
+	bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
 	"k8s.io/client-go/tools/cache"
+	"k8s.io/client-go/util/workqueue"
 	api "k8s.io/kubernetes/pkg/apis/core"
-	bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
+	"k8s.io/kubernetes/pkg/controller"
 	"k8s.io/kubernetes/pkg/util/metrics"
 )
 
@@ -59,57 +61,128 @@ type TokenCleaner struct {
 
 	client clientset.Interface
 
-	secrets           cache.Store
-	secretsController cache.Controller
+	// secretLister is able to list/get secrets and is populated by the shared informer passed to NewTokenCleaner.
+	secretLister corelisters.SecretLister
+
+	// secretSynced returns true if the secret shared informer has been synced at least once.
+	secretSynced cache.InformerSynced
+
+	queue workqueue.RateLimitingInterface
 }
 
 // NewTokenCleaner returns a new *NewTokenCleaner.
-//
-// TODO: Switch to shared informers
-func NewTokenCleaner(cl clientset.Interface, options TokenCleanerOptions) (*TokenCleaner, error) {
+func NewTokenCleaner(cl clientset.Interface, secrets coreinformers.SecretInformer, options TokenCleanerOptions) (*TokenCleaner, error) {
 	e := &TokenCleaner{
 		client:               cl,
+		secretLister:         secrets.Lister(),
+		secretSynced:         secrets.Informer().HasSynced,
 		tokenSecretNamespace: options.TokenSecretNamespace,
+		queue:                workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "token_cleaner"),
 	}
+
 	if cl.CoreV1().RESTClient().GetRateLimiter() != nil {
 		if err := metrics.RegisterMetricAndTrackRateLimiterUsage("token_cleaner", cl.CoreV1().RESTClient().GetRateLimiter()); err != nil {
 			return nil, err
 		}
 	}
 
-	secretSelector := fields.SelectorFromSet(map[string]string{api.SecretTypeField: string(bootstrapapi.SecretTypeBootstrapToken)})
-	e.secrets, e.secretsController = cache.NewInformer(
-		&cache.ListWatch{
-			ListFunc: func(lo metav1.ListOptions) (runtime.Object, error) {
-				lo.FieldSelector = secretSelector.String()
-				return e.client.CoreV1().Secrets(e.tokenSecretNamespace).List(lo)
+	secrets.Informer().AddEventHandlerWithResyncPeriod(
+		cache.FilteringResourceEventHandler{
+			FilterFunc: func(obj interface{}) bool {
+				switch t := obj.(type) {
+				case *v1.Secret:
+					return t.Type == bootstrapapi.SecretTypeBootstrapToken && t.Namespace == e.tokenSecretNamespace
+				default:
+					utilruntime.HandleError(fmt.Errorf("object passed to %T that is not expected: %T", e, obj))
+					return false
+				}
 			},
-			WatchFunc: func(lo metav1.ListOptions) (watch.Interface, error) {
-				lo.FieldSelector = secretSelector.String()
-				return e.client.CoreV1().Secrets(e.tokenSecretNamespace).Watch(lo)
+			Handler: cache.ResourceEventHandlerFuncs{
+				AddFunc:    e.enqueueSecrets,
+				UpdateFunc: func(oldSecret, newSecret interface{}) { e.enqueueSecrets(newSecret) },
 			},
 		},
-		&v1.Secret{},
 		options.SecretResync,
-		cache.ResourceEventHandlerFuncs{
-			AddFunc:    e.evalSecret,
-			UpdateFunc: func(oldSecret, newSecret interface{}) { e.evalSecret(newSecret) },
-		},
 	)
+
 	return e, nil
 }
 
 // Run runs controller loops and returns when they are done
 func (tc *TokenCleaner) Run(stopCh <-chan struct{}) {
-	go tc.secretsController.Run(stopCh)
-	go wait.Until(tc.evalSecrets, 10*time.Second, stopCh)
+	defer utilruntime.HandleCrash()
+	defer tc.queue.ShutDown()
+
+	glog.Infof("Starting token cleaner controller")
+	defer glog.Infof("Shutting down token cleaner controller")
+
+	if !controller.WaitForCacheSync("token_cleaner", stopCh, tc.secretSynced) {
+		return
+	}
+
+	go wait.Until(tc.worker, 10*time.Second, stopCh)
+
 	<-stopCh
 }
 
-func (tc *TokenCleaner) evalSecrets() {
-	for _, obj := range tc.secrets.List() {
-		tc.evalSecret(obj)
+func (tc *TokenCleaner) enqueueSecrets(obj interface{}) {
+	key, err := controller.KeyFunc(obj)
+	if err != nil {
+		utilruntime.HandleError(err)
+		return
+	}
+	tc.queue.Add(key)
+}
+
+// worker runs a thread that dequeues secrets, handles them, and marks them done.
+func (tc *TokenCleaner) worker() {
+	for tc.processNextWorkItem() {
+	}
+}
+
+// processNextWorkItem deals with one key off the queue.  It returns false when it's time to quit.
+func (tc *TokenCleaner) processNextWorkItem() bool {
+	key, quit := tc.queue.Get()
+	if quit {
+		return false
+	}
+	defer tc.queue.Done(key)
+
+	if err := tc.syncFunc(key.(string)); err != nil {
+		tc.queue.AddRateLimited(key)
+		utilruntime.HandleError(fmt.Errorf("Sync %v failed with : %v", key, err))
+		return true
+	}
+
+	tc.queue.Forget(key)
+	return true
+}
+
+func (tc *TokenCleaner) syncFunc(key string) error {
+	startTime := time.Now()
+	defer func() {
+		glog.V(4).Infof("Finished syncing secret %q (%v)", key, time.Now().Sub(startTime))
+	}()
+
+	namespace, name, err := cache.SplitMetaNamespaceKey(key)
+	if err != nil {
+		return err
+	}
+
+	ret, err := tc.secretLister.Secrets(namespace).Get(name)
+	if apierrors.IsNotFound(err) {
+		glog.V(3).Infof("secret has been deleted: %v", key)
+		return nil
+	}
+
+	if err != nil {
+		return err
+	}
+
+	if ret.Type == bootstrapapi.SecretTypeBootstrapToken {
+		tc.evalSecret(ret)
 	}
+	return nil
 }
 
 func (tc *TokenCleaner) evalSecret(o interface{}) {
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/util.go b/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/util.go
index b0f1aecc7f88..d679fb17cc06 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/util.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/bootstrap/util.go
@@ -23,7 +23,7 @@ import (
 	"github.com/golang/glog"
 
 	"k8s.io/api/core/v1"
-	bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
+	bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
 )
 
 var namePattern = `^` + regexp.QuoteMeta(bootstrapapi.BootstrapTokenSecretPrefix) + `([a-z0-9]{6})$`
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/certificates/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/certificates/BUILD
index b4470499d06e..6c4730e59027 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/certificates/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/certificates/BUILD
@@ -15,7 +15,7 @@ go_library(
     deps = [
         "//pkg/controller:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
-        "//vendor/github.com/juju/ratelimit:go_default_library",
+        "//vendor/golang.org/x/time/rate:go_default_library",
         "//vendor/k8s.io/api/certificates/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
@@ -54,8 +54,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["certificate_controller_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/certificates",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/controller:go_default_library",
         "//vendor/k8s.io/api/certificates/v1beta1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/certificates/approver/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/certificates/approver/BUILD
index 1e05a1408ac2..e54a142236e0 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/certificates/approver/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/certificates/approver/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["sarapprove_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/certificates/approver",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/certificates/v1beta1:go_default_library",
         "//vendor/k8s.io/api/authorization/v1beta1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/certificates/certificate_controller.go b/vendor/k8s.io/kubernetes/pkg/controller/certificates/certificate_controller.go
index e86810a4be18..23e9f342e17f 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/certificates/certificate_controller.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/certificates/certificate_controller.go
@@ -22,6 +22,9 @@ import (
 	"fmt"
 	"time"
 
+	"github.com/golang/glog"
+	"golang.org/x/time/rate"
+
 	certificates "k8s.io/api/certificates/v1beta1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
@@ -34,9 +37,6 @@ import (
 	"k8s.io/client-go/tools/record"
 	"k8s.io/client-go/util/workqueue"
 	"k8s.io/kubernetes/pkg/controller"
-
-	"github.com/golang/glog"
-	"github.com/juju/ratelimit"
 )
 
 type CertificateController struct {
@@ -65,7 +65,7 @@ func NewCertificateController(
 		queue: workqueue.NewNamedRateLimitingQueue(workqueue.NewMaxOfRateLimiter(
 			workqueue.NewItemExponentialFailureRateLimiter(200*time.Millisecond, 1000*time.Second),
 			// 10 qps, 100 bucket size.  This is only for retry speed and its only the overall factor (not per item)
-			&workqueue.BucketRateLimiter{Bucket: ratelimit.NewBucketWithRate(float64(10), int64(100))},
+			&workqueue.BucketRateLimiter{Limiter: rate.NewLimiter(rate.Limit(10), 100)},
 		), "certificate"),
 		handler: handler,
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/certificates/cleaner/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/certificates/cleaner/BUILD
index 14ca29e60ee2..f59837fdf5cb 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/certificates/cleaner/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/certificates/cleaner/BUILD
@@ -35,8 +35,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["cleaner_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/certificates/cleaner",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/certificates/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/certificates/cleaner/cleaner.go b/vendor/k8s.io/kubernetes/pkg/controller/certificates/cleaner/cleaner.go
index 0cbc8c232ca8..51de92fd605c 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/certificates/cleaner/cleaner.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/certificates/cleaner/cleaner.go
@@ -124,7 +124,7 @@ func isIssuedExpired(csr *capi.CertificateSigningRequest) (bool, error) {
 			return false, err
 		}
 		if c.Type == capi.CertificateApproved && isIssued(csr) && isExpired {
-			glog.Infof("Cleaning CSR %q as the associated certificate is expired.", csr.Name, approvedExpiration)
+			glog.Infof("Cleaning CSR %q as the associated certificate is expired.", csr.Name)
 			return true, nil
 		}
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/certificates/signer/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/certificates/signer/BUILD
index d7da4d31e076..573ffad48167 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/certificates/signer/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/certificates/signer/BUILD
@@ -14,8 +14,7 @@ go_test(
         "testdata/ca.key",
         "testdata/kubelet.csr",
     ],
-    importpath = "k8s.io/kubernetes/pkg/controller/certificates/signer",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/certificates/v1beta1:go_default_library",
         "//vendor/k8s.io/client-go/util/cert:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/clusterroleaggregation/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/clusterroleaggregation/BUILD
index 94a93af996da..c9f4f3eac10e 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/clusterroleaggregation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/clusterroleaggregation/BUILD
@@ -40,8 +40,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["clusterroleaggregation_controller_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/clusterroleaggregation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/controller:go_default_library",
         "//vendor/k8s.io/api/rbac/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/controller_ref_manager.go b/vendor/k8s.io/kubernetes/pkg/controller/controller_ref_manager.go
index 564a67ca5497..21d7aa302ea2 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/controller_ref_manager.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/controller_ref_manager.go
@@ -21,7 +21,7 @@ import (
 	"sync"
 
 	"github.com/golang/glog"
-	appsv1beta1 "k8s.io/api/apps/v1beta1"
+	apps "k8s.io/api/apps/v1"
 	"k8s.io/api/core/v1"
 	extensions "k8s.io/api/extensions/v1beta1"
 	"k8s.io/apimachinery/pkg/api/errors"
@@ -429,25 +429,25 @@ func NewControllerRevisionControllerRefManager(
 //   * Adopt orphans if the selector matches.
 //   * Release owned objects if the selector no longer matches.
 //
-// A non-nil error is returned if some form of reconciliation was attemped and
+// A non-nil error is returned if some form of reconciliation was attempted and
 // failed. Usually, controllers should try again later in case reconciliation
 // is still needed.
 //
 // If the error is nil, either the reconciliation succeeded, or no
 // reconciliation was necessary. The list of ControllerRevisions that you now own is
 // returned.
-func (m *ControllerRevisionControllerRefManager) ClaimControllerRevisions(histories []*appsv1beta1.ControllerRevision) ([]*appsv1beta1.ControllerRevision, error) {
-	var claimed []*appsv1beta1.ControllerRevision
+func (m *ControllerRevisionControllerRefManager) ClaimControllerRevisions(histories []*apps.ControllerRevision) ([]*apps.ControllerRevision, error) {
+	var claimed []*apps.ControllerRevision
 	var errlist []error
 
 	match := func(obj metav1.Object) bool {
 		return m.Selector.Matches(labels.Set(obj.GetLabels()))
 	}
 	adopt := func(obj metav1.Object) error {
-		return m.AdoptControllerRevision(obj.(*appsv1beta1.ControllerRevision))
+		return m.AdoptControllerRevision(obj.(*apps.ControllerRevision))
 	}
 	release := func(obj metav1.Object) error {
-		return m.ReleaseControllerRevision(obj.(*appsv1beta1.ControllerRevision))
+		return m.ReleaseControllerRevision(obj.(*apps.ControllerRevision))
 	}
 
 	for _, h := range histories {
@@ -465,7 +465,7 @@ func (m *ControllerRevisionControllerRefManager) ClaimControllerRevisions(histor
 
 // AdoptControllerRevision sends a patch to take control of the ControllerRevision. It returns the error if
 // the patching fails.
-func (m *ControllerRevisionControllerRefManager) AdoptControllerRevision(history *appsv1beta1.ControllerRevision) error {
+func (m *ControllerRevisionControllerRefManager) AdoptControllerRevision(history *apps.ControllerRevision) error {
 	if err := m.CanAdopt(); err != nil {
 		return fmt.Errorf("can't adopt ControllerRevision %v/%v (%v): %v", history.Namespace, history.Name, history.UID, err)
 	}
@@ -480,7 +480,7 @@ func (m *ControllerRevisionControllerRefManager) AdoptControllerRevision(history
 
 // ReleaseControllerRevision sends a patch to free the ControllerRevision from the control of its controller.
 // It returns the error if the patching fails. 404 and 422 errors are ignored.
-func (m *ControllerRevisionControllerRefManager) ReleaseControllerRevision(history *appsv1beta1.ControllerRevision) error {
+func (m *ControllerRevisionControllerRefManager) ReleaseControllerRevision(history *apps.ControllerRevision) error {
 	glog.V(2).Infof("patching ControllerRevision %s_%s to remove its controllerRef to %s/%s:%s",
 		history.Namespace, history.Name, m.controllerKind.GroupVersion(), m.controllerKind.Kind, m.Controller.GetName())
 	deleteOwnerRefPatch := fmt.Sprintf(`{"metadata":{"ownerReferences":[{"$patch":"delete","uid":"%s"}],"uid":"%s"}}`, m.Controller.GetUID(), history.UID)
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/controller_utils.go b/vendor/k8s.io/kubernetes/pkg/controller/controller_utils.go
index b662fa6fb574..d7d755ebfd16 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/controller_utils.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/controller_utils.go
@@ -64,7 +64,7 @@ const (
 	// latency/pod at the scale of 3000 pods over 100 nodes.
 	ExpectationsTimeout = 5 * time.Minute
 	// When batching pod creates, SlowStartInitialBatchSize is the size of the
-	// inital batch.  The size of each successive batch is twice the size of
+	// initial batch.  The size of each successive batch is twice the size of
 	// the previous batch.  For example, for a value of 1, batch sizes would be
 	// 1, 2, 4, 8, ...  and for a value of 10, batch sizes would be
 	// 10, 20, 40, 80, ...  Setting the value higher means that quota denials
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/cronjob/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/cronjob/BUILD
index e484d2c50a2a..6f3a54eaf152 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/cronjob/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/cronjob/BUILD
@@ -46,8 +46,7 @@ go_test(
         "cronjob_controller_test.go",
         "utils_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/controller/cronjob",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/batch/install:go_default_library",
         "//pkg/apis/core/install:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/cronjob/cronjob_controller.go b/vendor/k8s.io/kubernetes/pkg/controller/cronjob/cronjob_controller.go
index 679895e85dfc..5d4d7dc3d845 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/cronjob/cronjob_controller.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/cronjob/cronjob_controller.go
@@ -297,7 +297,7 @@ func syncOne(sj *batchv1beta1.CronJob, js []batchv1.Job, now time.Time, jc jobCo
 		// there is some risk that we won't see an active job when there is one.
 		// (because we haven't seen the status update to the SJ or the created pod).
 		// So it is theoretically possible to have concurrency with Forbid.
-		// As long the as the invokations are "far enough apart in time", this usually won't happen.
+		// As long the as the invocations are "far enough apart in time", this usually won't happen.
 		//
 		// TODO: for Forbid, we could use the same name for every execution, as a lock.
 		// With replace, we could use a name that is deterministic per execution time.
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/daemon/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/daemon/BUILD
index dd082c9ac27a..81c11c383dc7 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/daemon/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/daemon/BUILD
@@ -21,15 +21,14 @@ go_library(
         "//pkg/controller/daemon/util:go_default_library",
         "//pkg/features:go_default_library",
         "//pkg/kubelet/types:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
+        "//pkg/scheduler/algorithm/predicates:go_default_library",
+        "//pkg/scheduler/schedulercache:go_default_library",
         "//pkg/util/labels:go_default_library",
         "//pkg/util/metrics:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/predicates:go_default_library",
-        "//plugin/pkg/scheduler/schedulercache:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
-        "//vendor/k8s.io/api/apps/v1beta1:go_default_library",
+        "//vendor/k8s.io/api/apps/v1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
-        "//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
@@ -42,16 +41,14 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
-        "//vendor/k8s.io/client-go/informers/apps/v1beta1:go_default_library",
+        "//vendor/k8s.io/client-go/informers/apps/v1:go_default_library",
         "//vendor/k8s.io/client-go/informers/core/v1:go_default_library",
-        "//vendor/k8s.io/client-go/informers/extensions/v1beta1:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes/scheme:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes/typed/apps/v1:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes/typed/core/v1:go_default_library",
-        "//vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1:go_default_library",
-        "//vendor/k8s.io/client-go/listers/apps/v1beta1:go_default_library",
+        "//vendor/k8s.io/client-go/listers/apps/v1:go_default_library",
         "//vendor/k8s.io/client-go/listers/core/v1:go_default_library",
-        "//vendor/k8s.io/client-go/listers/extensions/v1beta1:go_default_library",
         "//vendor/k8s.io/client-go/tools/cache:go_default_library",
         "//vendor/k8s.io/client-go/tools/record:go_default_library",
         "//vendor/k8s.io/client-go/util/integer:go_default_library",
@@ -65,20 +62,20 @@ go_test(
         "daemon_controller_test.go",
         "update_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/controller/daemon",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
-        "//pkg/api/testapi:go_default_library",
         "//pkg/api/v1/pod:go_default_library",
         "//pkg/apis/core:go_default_library",
         "//pkg/controller:go_default_library",
+        "//pkg/features:go_default_library",
+        "//pkg/kubelet/apis:go_default_library",
         "//pkg/kubelet/types:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
         "//pkg/securitycontext:go_default_library",
         "//pkg/util/labels:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
+        "//vendor/k8s.io/api/apps/v1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
-        "//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/daemon/daemon_controller.go b/vendor/k8s.io/kubernetes/pkg/controller/daemon/daemon_controller.go
index 72308b93b5aa..a640f1acdac3 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/daemon/daemon_controller.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/daemon/daemon_controller.go
@@ -23,9 +23,10 @@ import (
 	"sync"
 	"time"
 
-	apps "k8s.io/api/apps/v1beta1"
+	"github.com/golang/glog"
+
+	apps "k8s.io/api/apps/v1"
 	"k8s.io/api/core/v1"
-	extensions "k8s.io/api/extensions/v1beta1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
@@ -34,16 +35,14 @@ import (
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/apimachinery/pkg/util/wait"
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
-	appsinformers "k8s.io/client-go/informers/apps/v1beta1"
+	appsinformers "k8s.io/client-go/informers/apps/v1"
 	coreinformers "k8s.io/client-go/informers/core/v1"
-	extensionsinformers "k8s.io/client-go/informers/extensions/v1beta1"
 	clientset "k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/kubernetes/scheme"
+	unversionedapps "k8s.io/client-go/kubernetes/typed/apps/v1"
 	v1core "k8s.io/client-go/kubernetes/typed/core/v1"
-	unversionedextensions "k8s.io/client-go/kubernetes/typed/extensions/v1beta1"
-	appslisters "k8s.io/client-go/listers/apps/v1beta1"
+	appslisters "k8s.io/client-go/listers/apps/v1"
 	corelisters "k8s.io/client-go/listers/core/v1"
-	extensionslisters "k8s.io/client-go/listers/extensions/v1beta1"
 	"k8s.io/client-go/tools/cache"
 	"k8s.io/client-go/tools/record"
 	"k8s.io/client-go/util/integer"
@@ -54,22 +53,23 @@ import (
 	"k8s.io/kubernetes/pkg/controller/daemon/util"
 	"k8s.io/kubernetes/pkg/features"
 	kubelettypes "k8s.io/kubernetes/pkg/kubelet/types"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm/predicates"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 	"k8s.io/kubernetes/pkg/util/metrics"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
-
-	"github.com/golang/glog"
 )
 
 const (
-	// The value of 250 is chosen b/c values that are too high can cause registry DoS issues
+	// BurstReplicas is a rate limiter for booting pods on a lot of pods.
+	// The value of 250 is chosen b/c values that are too high can cause registry DoS issues.
 	BurstReplicas = 250
 
-	// If sending a status update to API server fails, we retry a finite number of times.
+	// StatusUpdateRetries limits the number of retries if sending a status update to API server fails.
 	StatusUpdateRetries = 1
+)
 
-	// Reasons for DaemonSet events
+// Reasons for DaemonSet events
+const (
 	// SelectingAllReason is added to an event when a DaemonSet selects all Pods.
 	SelectingAllReason = "SelectingAll"
 	// FailedPlacementReason is added to an event when a DaemonSet can't schedule a Pod to a specified node.
@@ -79,7 +79,7 @@ const (
 )
 
 // controllerKind contains the schema.GroupVersionKind for this controller type.
-var controllerKind = extensions.SchemeGroupVersion.WithKind("DaemonSet")
+var controllerKind = apps.SchemeGroupVersion.WithKind("DaemonSet")
 
 // DaemonSetsController is responsible for synchronizing DaemonSet objects stored
 // in the system with actual running pods.
@@ -96,12 +96,12 @@ type DaemonSetsController struct {
 	// To allow injection of syncDaemonSet for testing.
 	syncHandler func(dsKey string) error
 	// used for unit testing
-	enqueueDaemonSet            func(ds *extensions.DaemonSet)
-	enqueueDaemonSetRateLimited func(ds *extensions.DaemonSet)
+	enqueueDaemonSet            func(ds *apps.DaemonSet)
+	enqueueDaemonSetRateLimited func(ds *apps.DaemonSet)
 	// A TTLCache of pod creates/deletes each ds expects to see
 	expectations controller.ControllerExpectationsInterface
 	// dsLister can list/get daemonsets from the shared informer's store
-	dsLister extensionslisters.DaemonSetLister
+	dsLister appslisters.DaemonSetLister
 	// dsStoreSynced returns true if the daemonset store has been synced at least once.
 	// Added as a member to the struct to allow injection for testing.
 	dsStoreSynced cache.InformerSynced
@@ -130,7 +130,8 @@ type DaemonSetsController struct {
 	suspendedDaemonPods      map[string]sets.String
 }
 
-func NewDaemonSetsController(daemonSetInformer extensionsinformers.DaemonSetInformer, historyInformer appsinformers.ControllerRevisionInformer, podInformer coreinformers.PodInformer, nodeInformer coreinformers.NodeInformer, kubeClient clientset.Interface) (*DaemonSetsController, error) {
+// NewDaemonSetsController creates a new DaemonSetsController
+func NewDaemonSetsController(daemonSetInformer appsinformers.DaemonSetInformer, historyInformer appsinformers.ControllerRevisionInformer, podInformer coreinformers.PodInformer, nodeInformer coreinformers.NodeInformer, kubeClient clientset.Interface) (*DaemonSetsController, error) {
 	eventBroadcaster := record.NewBroadcaster()
 	eventBroadcaster.StartLogging(glog.Infof)
 	// TODO: remove the wrapper when every clients have moved to use the clientset.
@@ -159,13 +160,13 @@ func NewDaemonSetsController(daemonSetInformer extensionsinformers.DaemonSetInfo
 
 	daemonSetInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
 		AddFunc: func(obj interface{}) {
-			ds := obj.(*extensions.DaemonSet)
+			ds := obj.(*apps.DaemonSet)
 			glog.V(4).Infof("Adding daemon set %s", ds.Name)
 			dsc.enqueueDaemonSet(ds)
 		},
 		UpdateFunc: func(old, cur interface{}) {
-			oldDS := old.(*extensions.DaemonSet)
-			curDS := cur.(*extensions.DaemonSet)
+			oldDS := old.(*apps.DaemonSet)
+			curDS := cur.(*apps.DaemonSet)
 			glog.V(4).Infof("Updating daemon set %s", oldDS.Name)
 			dsc.enqueueDaemonSet(curDS)
 		},
@@ -207,14 +208,14 @@ func NewDaemonSetsController(daemonSetInformer extensionsinformers.DaemonSetInfo
 }
 
 func (dsc *DaemonSetsController) deleteDaemonset(obj interface{}) {
-	ds, ok := obj.(*extensions.DaemonSet)
+	ds, ok := obj.(*apps.DaemonSet)
 	if !ok {
 		tombstone, ok := obj.(cache.DeletedFinalStateUnknown)
 		if !ok {
 			utilruntime.HandleError(fmt.Errorf("Couldn't get object from tombstone %#v", obj))
 			return
 		}
-		ds, ok = tombstone.Obj.(*extensions.DaemonSet)
+		ds, ok = tombstone.Obj.(*apps.DaemonSet)
 		if !ok {
 			utilruntime.HandleError(fmt.Errorf("Tombstone contained object that is not a DaemonSet %#v", obj))
 			return
@@ -268,7 +269,7 @@ func (dsc *DaemonSetsController) processNextWorkItem() bool {
 	return true
 }
 
-func (dsc *DaemonSetsController) enqueue(ds *extensions.DaemonSet) {
+func (dsc *DaemonSetsController) enqueue(ds *apps.DaemonSet) {
 	key, err := controller.KeyFunc(ds)
 	if err != nil {
 		utilruntime.HandleError(fmt.Errorf("Couldn't get key for object %#v: %v", ds, err))
@@ -279,7 +280,7 @@ func (dsc *DaemonSetsController) enqueue(ds *extensions.DaemonSet) {
 	dsc.queue.Add(key)
 }
 
-func (dsc *DaemonSetsController) enqueueRateLimited(ds *extensions.DaemonSet) {
+func (dsc *DaemonSetsController) enqueueRateLimited(ds *apps.DaemonSet) {
 	key, err := controller.KeyFunc(ds)
 	if err != nil {
 		utilruntime.HandleError(fmt.Errorf("Couldn't get key for object %#v: %v", ds, err))
@@ -301,7 +302,7 @@ func (dsc *DaemonSetsController) enqueueDaemonSetAfter(obj interface{}, after ti
 }
 
 // getDaemonSetsForPod returns a list of DaemonSets that potentially match the pod.
-func (dsc *DaemonSetsController) getDaemonSetsForPod(pod *v1.Pod) []*extensions.DaemonSet {
+func (dsc *DaemonSetsController) getDaemonSetsForPod(pod *v1.Pod) []*apps.DaemonSet {
 	sets, err := dsc.dsLister.GetPodDaemonSets(pod)
 	if err != nil {
 		return nil
@@ -316,7 +317,7 @@ func (dsc *DaemonSetsController) getDaemonSetsForPod(pod *v1.Pod) []*extensions.
 
 // getDaemonSetsForHistory returns a list of DaemonSets that potentially
 // match a ControllerRevision.
-func (dsc *DaemonSetsController) getDaemonSetsForHistory(history *apps.ControllerRevision) []*extensions.DaemonSet {
+func (dsc *DaemonSetsController) getDaemonSetsForHistory(history *apps.ControllerRevision) []*apps.DaemonSet {
 	daemonSets, err := dsc.dsLister.GetHistoryDaemonSets(history)
 	if err != nil || len(daemonSets) == 0 {
 		return nil
@@ -732,7 +733,7 @@ func (dsc *DaemonSetsController) updateNode(old, cur interface{}) {
 // This also reconciles ControllerRef by adopting/orphaning.
 // Note that returned Pods are pointers to objects in the cache.
 // If you want to modify one, you need to deep-copy it first.
-func (dsc *DaemonSetsController) getDaemonPods(ds *extensions.DaemonSet) ([]*v1.Pod, error) {
+func (dsc *DaemonSetsController) getDaemonPods(ds *apps.DaemonSet) ([]*v1.Pod, error) {
 	selector, err := metav1.LabelSelectorAsSelector(ds.Spec.Selector)
 	if err != nil {
 		return nil, err
@@ -747,7 +748,7 @@ func (dsc *DaemonSetsController) getDaemonPods(ds *extensions.DaemonSet) ([]*v1.
 	// If any adoptions are attempted, we should first recheck for deletion with
 	// an uncached quorum read sometime after listing Pods (see #42639).
 	dsNotDeleted := controller.RecheckDeletionTimestamp(func() (metav1.Object, error) {
-		fresh, err := dsc.kubeClient.ExtensionsV1beta1().DaemonSets(ds.Namespace).Get(ds.Name, metav1.GetOptions{})
+		fresh, err := dsc.kubeClient.AppsV1().DaemonSets(ds.Namespace).Get(ds.Name, metav1.GetOptions{})
 		if err != nil {
 			return nil, err
 		}
@@ -766,7 +767,7 @@ func (dsc *DaemonSetsController) getDaemonPods(ds *extensions.DaemonSet) ([]*v1.
 // This also reconciles ControllerRef by adopting/orphaning.
 // Note that returned Pods are pointers to objects in the cache.
 // If you want to modify one, you need to deep-copy it first.
-func (dsc *DaemonSetsController) getNodesToDaemonPods(ds *extensions.DaemonSet) (map[string][]*v1.Pod, error) {
+func (dsc *DaemonSetsController) getNodesToDaemonPods(ds *apps.DaemonSet) (map[string][]*v1.Pod, error) {
 	claimedPods, err := dsc.getDaemonPods(ds)
 	if err != nil {
 		return nil, err
@@ -783,7 +784,7 @@ func (dsc *DaemonSetsController) getNodesToDaemonPods(ds *extensions.DaemonSet)
 // resolveControllerRef returns the controller referenced by a ControllerRef,
 // or nil if the ControllerRef could not be resolved to a matching controller
 // of the correct Kind.
-func (dsc *DaemonSetsController) resolveControllerRef(namespace string, controllerRef *metav1.OwnerReference) *extensions.DaemonSet {
+func (dsc *DaemonSetsController) resolveControllerRef(namespace string, controllerRef *metav1.OwnerReference) *apps.DaemonSet {
 	// We can't look up by UID, so look up by Name and then verify UID.
 	// Don't even try to look up by Name if it's the wrong Kind.
 	if controllerRef.Kind != controllerKind.Kind {
@@ -805,7 +806,7 @@ func (dsc *DaemonSetsController) resolveControllerRef(namespace string, controll
 // After figuring out which nodes should run a Pod of ds but not yet running one and
 // which nodes should not run a Pod of ds but currently running one, it calls function
 // syncNodes with a list of pods to remove and a list of nodes to run a Pod of ds.
-func (dsc *DaemonSetsController) manage(ds *extensions.DaemonSet, hash string) error {
+func (dsc *DaemonSetsController) manage(ds *apps.DaemonSet, hash string) error {
 	// Find out which nodes are running the daemon pods controlled by ds.
 	nodeToDaemonPods, err := dsc.getNodesToDaemonPods(ds)
 	if err != nil {
@@ -887,7 +888,7 @@ func (dsc *DaemonSetsController) manage(ds *extensions.DaemonSet, hash string) e
 
 // syncNodes deletes given pods and creates new daemon set pods on the given nodes
 // returns slice with erros if any
-func (dsc *DaemonSetsController) syncNodes(ds *extensions.DaemonSet, podsToDelete, nodesNeedingDaemonPods []string, hash string) error {
+func (dsc *DaemonSetsController) syncNodes(ds *apps.DaemonSet, podsToDelete, nodesNeedingDaemonPods []string, hash string) error {
 	// We need to set expectations before creating/deleting pods to avoid race conditions.
 	dsKey, err := controller.KeyFunc(ds)
 	if err != nil {
@@ -911,7 +912,13 @@ func (dsc *DaemonSetsController) syncNodes(ds *extensions.DaemonSet, podsToDelet
 
 	glog.V(4).Infof("Nodes needing daemon pods for daemon set %s: %+v, creating %d", ds.Name, nodesNeedingDaemonPods, createDiff)
 	createWait := sync.WaitGroup{}
-	template := util.CreatePodTemplate(ds.Spec.Template, ds.Spec.TemplateGeneration, hash)
+	// If the returned error is not nil we have a parse error.
+	// The controller handles this via the hash.
+	generation, err := util.GetTemplateGeneration(ds)
+	if err != nil {
+		generation = nil
+	}
+	template := util.CreatePodTemplate(ds.Spec.Template, generation, hash)
 	// Batch the pod creates. Batch sizes start at SlowStartInitialBatchSize
 	// and double with each successful iteration in a kind of "slow start".
 	// This handles attempts to start large numbers of pods that would
@@ -927,7 +934,23 @@ func (dsc *DaemonSetsController) syncNodes(ds *extensions.DaemonSet, podsToDelet
 		for i := pos; i < pos+batchSize; i++ {
 			go func(ix int) {
 				defer createWait.Done()
-				err := dsc.podControl.CreatePodsOnNode(nodesNeedingDaemonPods[ix], ds.Namespace, &template, ds, metav1.NewControllerRef(ds, controllerKind))
+				var err error
+
+				podTemplate := &template
+
+				if false /*disabled for 1.10*/ && utilfeature.DefaultFeatureGate.Enabled(features.ScheduleDaemonSetPods) {
+					podTemplate = template.DeepCopy()
+					podTemplate.Spec.Affinity = util.ReplaceDaemonSetPodHostnameNodeAffinity(
+						podTemplate.Spec.Affinity, nodesNeedingDaemonPods[ix])
+					podTemplate.Spec.Tolerations = util.AppendNoScheduleTolerationIfNotExist(podTemplate.Spec.Tolerations)
+
+					err = dsc.podControl.CreatePodsWithControllerRef(ds.Namespace, podTemplate,
+						ds, metav1.NewControllerRef(ds, controllerKind))
+				} else {
+					err = dsc.podControl.CreatePodsOnNode(nodesNeedingDaemonPods[ix], ds.Namespace, podTemplate,
+						ds, metav1.NewControllerRef(ds, controllerKind))
+				}
+
 				if err != nil && errors.IsTimeout(err) {
 					// Pod is created but its initialization has timed out.
 					// If the initialization is successful eventually, the
@@ -985,7 +1008,7 @@ func (dsc *DaemonSetsController) syncNodes(ds *extensions.DaemonSet, podsToDelet
 	return utilerrors.NewAggregate(errors)
 }
 
-func storeDaemonSetStatus(dsClient unversionedextensions.DaemonSetInterface, ds *extensions.DaemonSet, desiredNumberScheduled, currentNumberScheduled, numberMisscheduled, numberReady, updatedNumberScheduled, numberAvailable, numberUnavailable int) error {
+func storeDaemonSetStatus(dsClient unversionedapps.DaemonSetInterface, ds *apps.DaemonSet, desiredNumberScheduled, currentNumberScheduled, numberMisscheduled, numberReady, updatedNumberScheduled, numberAvailable, numberUnavailable int) error {
 	if int(ds.Status.DesiredNumberScheduled) == desiredNumberScheduled &&
 		int(ds.Status.CurrentNumberScheduled) == currentNumberScheduled &&
 		int(ds.Status.NumberMisscheduled) == numberMisscheduled &&
@@ -1024,7 +1047,7 @@ func storeDaemonSetStatus(dsClient unversionedextensions.DaemonSetInterface, ds
 	return updateErr
 }
 
-func (dsc *DaemonSetsController) updateDaemonSetStatus(ds *extensions.DaemonSet, hash string) error {
+func (dsc *DaemonSetsController) updateDaemonSetStatus(ds *apps.DaemonSet, hash string) error {
 	glog.V(4).Infof("Updating daemon set status")
 	nodeToDaemonPods, err := dsc.getNodesToDaemonPods(ds)
 	if err != nil {
@@ -1059,7 +1082,13 @@ func (dsc *DaemonSetsController) updateDaemonSetStatus(ds *extensions.DaemonSet,
 						numberAvailable++
 					}
 				}
-				if util.IsPodUpdated(ds.Spec.TemplateGeneration, pod, hash) {
+				// If the returned error is not nil we have a parse error.
+				// The controller handles this via the hash.
+				generation, err := util.GetTemplateGeneration(ds)
+				if err != nil {
+					generation = nil
+				}
+				if util.IsPodUpdated(pod, hash, generation) {
 					updatedNumberScheduled++
 				}
 			}
@@ -1071,7 +1100,7 @@ func (dsc *DaemonSetsController) updateDaemonSetStatus(ds *extensions.DaemonSet,
 	}
 	numberUnavailable := desiredNumberScheduled - numberAvailable
 
-	err = storeDaemonSetStatus(dsc.kubeClient.ExtensionsV1beta1().DaemonSets(ds.Namespace), ds, desiredNumberScheduled, currentNumberScheduled, numberMisscheduled, numberReady, updatedNumberScheduled, numberAvailable, numberUnavailable)
+	err = storeDaemonSetStatus(dsc.kubeClient.AppsV1().DaemonSets(ds.Namespace), ds, desiredNumberScheduled, currentNumberScheduled, numberMisscheduled, numberReady, updatedNumberScheduled, numberAvailable, numberUnavailable)
 	if err != nil {
 		return fmt.Errorf("error storing status for daemon set %#v: %v", ds, err)
 	}
@@ -1118,7 +1147,7 @@ func (dsc *DaemonSetsController) syncDaemonSet(key string) error {
 	if err != nil {
 		return fmt.Errorf("failed to construct revisions of DaemonSet: %v", err)
 	}
-	hash := cur.Labels[extensions.DefaultDaemonSetUniqueLabelKey]
+	hash := cur.Labels[apps.DefaultDaemonSetUniqueLabelKey]
 
 	if ds.DeletionTimestamp != nil || !dsc.expectations.SatisfiedExpectations(dsKey) {
 		// Only update status.
@@ -1133,8 +1162,8 @@ func (dsc *DaemonSetsController) syncDaemonSet(key string) error {
 	// Process rolling updates if we're ready.
 	if dsc.expectations.SatisfiedExpectations(dsKey) {
 		switch ds.Spec.UpdateStrategy.Type {
-		case extensions.OnDeleteDaemonSetStrategyType:
-		case extensions.RollingUpdateDaemonSetStrategyType:
+		case apps.OnDeleteDaemonSetStrategyType:
+		case apps.RollingUpdateDaemonSetStrategyType:
 			err = dsc.rollingUpdate(ds, hash)
 		}
 		if err != nil {
@@ -1150,7 +1179,7 @@ func (dsc *DaemonSetsController) syncDaemonSet(key string) error {
 	return dsc.updateDaemonSetStatus(ds, hash)
 }
 
-func (dsc *DaemonSetsController) simulate(newPod *v1.Pod, node *v1.Node, ds *extensions.DaemonSet) ([]algorithm.PredicateFailureReason, *schedulercache.NodeInfo, error) {
+func (dsc *DaemonSetsController) simulate(newPod *v1.Pod, node *v1.Node, ds *apps.DaemonSet) ([]algorithm.PredicateFailureReason, *schedulercache.NodeInfo, error) {
 	// DaemonSet pods shouldn't be deleted by NodeController in case of node problems.
 	// Add infinite toleration for taint notReady:NoExecute here
 	// to survive taint-based eviction enforced by NodeController
@@ -1236,7 +1265,7 @@ func (dsc *DaemonSetsController) simulate(newPod *v1.Pod, node *v1.Node, ds *ext
 // * shouldContinueRunning:
 //     Returns true when a daemonset should continue running on a node if a daemonset pod is already
 //     running on that node.
-func (dsc *DaemonSetsController) nodeShouldRunDaemonPod(node *v1.Node, ds *extensions.DaemonSet) (wantToRun, shouldSchedule, shouldContinueRunning bool, err error) {
+func (dsc *DaemonSetsController) nodeShouldRunDaemonPod(node *v1.Node, ds *apps.DaemonSet) (wantToRun, shouldSchedule, shouldContinueRunning bool, err error) {
 	newPod := NewPod(ds, node.Name)
 
 	// Because these bools require an && of all their required conditions, we start
@@ -1254,6 +1283,9 @@ func (dsc *DaemonSetsController) nodeShouldRunDaemonPod(node *v1.Node, ds *exten
 		return false, false, false, err
 	}
 
+	// TODO(k82cn): When 'ScheduleDaemonSetPods' upgrade to beta or GA, remove unnecessary check on failure reason,
+	//              e.g. InsufficientResourceError; and simplify "wantToRun, shouldSchedule, shouldContinueRunning"
+	//              into one result, e.g. selectedNode.
 	var insufficientResourceErr error
 	for _, r := range reasons {
 		glog.V(4).Infof("DaemonSet Predicates failed on node %s for ds '%s/%s' for reason: %v", node.Name, ds.ObjectMeta.Namespace, ds.ObjectMeta.Name, r.GetReason())
@@ -1320,18 +1352,58 @@ func (dsc *DaemonSetsController) nodeShouldRunDaemonPod(node *v1.Node, ds *exten
 	return
 }
 
-func NewPod(ds *extensions.DaemonSet, nodeName string) *v1.Pod {
+// NewPod creates a new pod
+func NewPod(ds *apps.DaemonSet, nodeName string) *v1.Pod {
 	newPod := &v1.Pod{Spec: ds.Spec.Template.Spec, ObjectMeta: ds.Spec.Template.ObjectMeta}
 	newPod.Namespace = ds.Namespace
 	newPod.Spec.NodeName = nodeName
 	return newPod
 }
 
+// nodeSelectionPredicates runs a set of predicates that select candidate nodes for the DaemonSet;
+// the predicates include:
+//   - PodFitsHost: checks pod's NodeName against node
+//   - PodMatchNodeSelector: checks pod's NodeSelector and NodeAffinity against node
+func nodeSelectionPredicates(pod *v1.Pod, meta algorithm.PredicateMetadata, nodeInfo *schedulercache.NodeInfo) (bool, []algorithm.PredicateFailureReason, error) {
+	var predicateFails []algorithm.PredicateFailureReason
+	fit, reasons, err := predicates.PodFitsHost(pod, meta, nodeInfo)
+	if err != nil {
+		return false, predicateFails, err
+	}
+	if !fit {
+		predicateFails = append(predicateFails, reasons...)
+	}
+
+	fit, reasons, err = predicates.PodMatchNodeSelector(pod, meta, nodeInfo)
+	if err != nil {
+		return false, predicateFails, err
+	}
+	if !fit {
+		predicateFails = append(predicateFails, reasons...)
+	}
+	return len(predicateFails) == 0, predicateFails, nil
+}
+
 // Predicates checks if a DaemonSet's pod can be scheduled on a node using GeneralPredicates
 // and PodToleratesNodeTaints predicate
 func Predicates(pod *v1.Pod, nodeInfo *schedulercache.NodeInfo) (bool, []algorithm.PredicateFailureReason, error) {
 	var predicateFails []algorithm.PredicateFailureReason
-	critical := utilfeature.DefaultFeatureGate.Enabled(features.ExperimentalCriticalPodAnnotation) && kubelettypes.IsCriticalPod(pod)
+
+	// If ScheduleDaemonSetPods is enabled, only check nodeSelector and nodeAffinity.
+	if false /*disabled for 1.10*/ && utilfeature.DefaultFeatureGate.Enabled(features.ScheduleDaemonSetPods) {
+		fit, reasons, err := nodeSelectionPredicates(pod, nil, nodeInfo)
+		if err != nil {
+			return false, predicateFails, err
+		}
+		if !fit {
+			predicateFails = append(predicateFails, reasons...)
+		}
+
+		return len(predicateFails) == 0, predicateFails, nil
+	}
+
+	critical := utilfeature.DefaultFeatureGate.Enabled(features.ExperimentalCriticalPodAnnotation) &&
+		kubelettypes.IsCriticalPod(pod)
 
 	fit, reasons, err := predicates.PodToleratesNodeTaints(pod, nil, nodeInfo)
 	if err != nil {
@@ -1358,7 +1430,7 @@ func Predicates(pod *v1.Pod, nodeInfo *schedulercache.NodeInfo) (bool, []algorit
 }
 
 // byCreationTimestamp sorts a list by creation timestamp, using their names as a tie breaker.
-type byCreationTimestamp []*extensions.DaemonSet
+type byCreationTimestamp []*apps.DaemonSet
 
 func (o byCreationTimestamp) Len() int      { return len(o) }
 func (o byCreationTimestamp) Swap(i, j int) { o[i], o[j] = o[j], o[i] }
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/daemon/update.go b/vendor/k8s.io/kubernetes/pkg/controller/daemon/update.go
index bbc9015a28a0..6f1c1a9d3d2e 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/daemon/update.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/daemon/update.go
@@ -23,9 +23,8 @@ import (
 
 	"github.com/golang/glog"
 
-	apps "k8s.io/api/apps/v1beta1"
+	apps "k8s.io/api/apps/v1"
 	"k8s.io/api/core/v1"
-	extensions "k8s.io/api/extensions/v1beta1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
@@ -41,7 +40,7 @@ import (
 
 // rollingUpdate deletes old daemon set pods making sure that no more than
 // ds.Spec.UpdateStrategy.RollingUpdate.MaxUnavailable pods are unavailable
-func (dsc *DaemonSetsController) rollingUpdate(ds *extensions.DaemonSet, hash string) error {
+func (dsc *DaemonSetsController) rollingUpdate(ds *apps.DaemonSet, hash string) error {
 	nodeToDaemonPods, err := dsc.getNodesToDaemonPods(ds)
 	if err != nil {
 		return fmt.Errorf("couldn't get node to daemon pod mapping for daemon set %q: %v", ds.Name, err)
@@ -82,7 +81,7 @@ func (dsc *DaemonSetsController) rollingUpdate(ds *extensions.DaemonSet, hash st
 // constructHistory finds all histories controlled by the given DaemonSet, and
 // update current history revision number, or create current history if need to.
 // It also deduplicates current history, and adds missing unique labels to existing histories.
-func (dsc *DaemonSetsController) constructHistory(ds *extensions.DaemonSet) (cur *apps.ControllerRevision, old []*apps.ControllerRevision, err error) {
+func (dsc *DaemonSetsController) constructHistory(ds *apps.DaemonSet) (cur *apps.ControllerRevision, old []*apps.ControllerRevision, err error) {
 	var histories []*apps.ControllerRevision
 	var currentHistories []*apps.ControllerRevision
 	histories, err = dsc.controlledHistories(ds)
@@ -92,10 +91,10 @@ func (dsc *DaemonSetsController) constructHistory(ds *extensions.DaemonSet) (cur
 	for _, history := range histories {
 		// Add the unique label if it's not already added to the history
 		// We use history name instead of computing hash, so that we don't need to worry about hash collision
-		if _, ok := history.Labels[extensions.DefaultDaemonSetUniqueLabelKey]; !ok {
+		if _, ok := history.Labels[apps.DefaultDaemonSetUniqueLabelKey]; !ok {
 			toUpdate := history.DeepCopy()
-			toUpdate.Labels[extensions.DefaultDaemonSetUniqueLabelKey] = toUpdate.Name
-			history, err = dsc.kubeClient.AppsV1beta1().ControllerRevisions(ds.Namespace).Update(toUpdate)
+			toUpdate.Labels[apps.DefaultDaemonSetUniqueLabelKey] = toUpdate.Name
+			history, err = dsc.kubeClient.AppsV1().ControllerRevisions(ds.Namespace).Update(toUpdate)
 			if err != nil {
 				return nil, nil, err
 			}
@@ -130,7 +129,7 @@ func (dsc *DaemonSetsController) constructHistory(ds *extensions.DaemonSet) (cur
 		if cur.Revision < currRevision {
 			toUpdate := cur.DeepCopy()
 			toUpdate.Revision = currRevision
-			_, err = dsc.kubeClient.AppsV1beta1().ControllerRevisions(ds.Namespace).Update(toUpdate)
+			_, err = dsc.kubeClient.AppsV1().ControllerRevisions(ds.Namespace).Update(toUpdate)
 			if err != nil {
 				return nil, nil, err
 			}
@@ -139,7 +138,7 @@ func (dsc *DaemonSetsController) constructHistory(ds *extensions.DaemonSet) (cur
 	return cur, old, err
 }
 
-func (dsc *DaemonSetsController) cleanupHistory(ds *extensions.DaemonSet, old []*apps.ControllerRevision) error {
+func (dsc *DaemonSetsController) cleanupHistory(ds *apps.DaemonSet, old []*apps.ControllerRevision) error {
 	nodesToDaemonPods, err := dsc.getNodesToDaemonPods(ds)
 	if err != nil {
 		return fmt.Errorf("couldn't get node to daemon pod mapping for daemon set %q: %v", ds.Name, err)
@@ -155,7 +154,7 @@ func (dsc *DaemonSetsController) cleanupHistory(ds *extensions.DaemonSet, old []
 	liveHashes := make(map[string]bool)
 	for _, pods := range nodesToDaemonPods {
 		for _, pod := range pods {
-			if hash := pod.Labels[extensions.DefaultDaemonSetUniqueLabelKey]; len(hash) > 0 {
+			if hash := pod.Labels[apps.DefaultDaemonSetUniqueLabelKey]; len(hash) > 0 {
 				liveHashes[hash] = true
 			}
 		}
@@ -164,7 +163,7 @@ func (dsc *DaemonSetsController) cleanupHistory(ds *extensions.DaemonSet, old []
 	// Find all live history with the above hashes
 	liveHistory := make(map[string]bool)
 	for _, history := range old {
-		if hash := history.Labels[extensions.DefaultDaemonSetUniqueLabelKey]; liveHashes[hash] {
+		if hash := history.Labels[apps.DefaultDaemonSetUniqueLabelKey]; liveHashes[hash] {
 			liveHistory[history.Name] = true
 		}
 	}
@@ -199,7 +198,7 @@ func maxRevision(histories []*apps.ControllerRevision) int64 {
 	return max
 }
 
-func (dsc *DaemonSetsController) dedupCurHistories(ds *extensions.DaemonSet, curHistories []*apps.ControllerRevision) (*apps.ControllerRevision, error) {
+func (dsc *DaemonSetsController) dedupCurHistories(ds *apps.DaemonSet, curHistories []*apps.ControllerRevision) (*apps.ControllerRevision, error) {
 	if len(curHistories) == 1 {
 		return curHistories[0], nil
 	}
@@ -222,12 +221,12 @@ func (dsc *DaemonSetsController) dedupCurHistories(ds *extensions.DaemonSet, cur
 			return nil, err
 		}
 		for _, pod := range pods {
-			if pod.Labels[extensions.DefaultDaemonSetUniqueLabelKey] != keepCur.Labels[extensions.DefaultDaemonSetUniqueLabelKey] {
+			if pod.Labels[apps.DefaultDaemonSetUniqueLabelKey] != keepCur.Labels[apps.DefaultDaemonSetUniqueLabelKey] {
 				toUpdate := pod.DeepCopy()
 				if toUpdate.Labels == nil {
 					toUpdate.Labels = make(map[string]string)
 				}
-				toUpdate.Labels[extensions.DefaultDaemonSetUniqueLabelKey] = keepCur.Labels[extensions.DefaultDaemonSetUniqueLabelKey]
+				toUpdate.Labels[apps.DefaultDaemonSetUniqueLabelKey] = keepCur.Labels[apps.DefaultDaemonSetUniqueLabelKey]
 				_, err = dsc.kubeClient.CoreV1().Pods(ds.Namespace).Update(toUpdate)
 				if err != nil {
 					return nil, err
@@ -247,7 +246,7 @@ func (dsc *DaemonSetsController) dedupCurHistories(ds *extensions.DaemonSet, cur
 // This also reconciles ControllerRef by adopting/orphaning.
 // Note that returned histories are pointers to objects in the cache.
 // If you want to modify one, you need to deep-copy it first.
-func (dsc *DaemonSetsController) controlledHistories(ds *extensions.DaemonSet) ([]*apps.ControllerRevision, error) {
+func (dsc *DaemonSetsController) controlledHistories(ds *apps.DaemonSet) ([]*apps.ControllerRevision, error) {
 	selector, err := metav1.LabelSelectorAsSelector(ds.Spec.Selector)
 	if err != nil {
 		return nil, err
@@ -277,7 +276,7 @@ func (dsc *DaemonSetsController) controlledHistories(ds *extensions.DaemonSet) (
 }
 
 // Match check if the given DaemonSet's template matches the template stored in the given history.
-func Match(ds *extensions.DaemonSet, history *apps.ControllerRevision) (bool, error) {
+func Match(ds *apps.DaemonSet, history *apps.ControllerRevision) (bool, error) {
 	patch, err := getPatch(ds)
 	if err != nil {
 		return false, err
@@ -289,7 +288,7 @@ func Match(ds *extensions.DaemonSet, history *apps.ControllerRevision) (bool, er
 // previous version. If the returned error is nil the patch is valid. The current state that we save is just the
 // PodSpecTemplate. We can modify this later to encompass more state (or less) and remain compatible with previously
 // recorded patches.
-func getPatch(ds *extensions.DaemonSet) ([]byte, error) {
+func getPatch(ds *apps.DaemonSet) ([]byte, error) {
 	dsBytes, err := json.Marshal(ds)
 	if err != nil {
 		return nil, err
@@ -312,7 +311,7 @@ func getPatch(ds *extensions.DaemonSet) ([]byte, error) {
 	return patch, err
 }
 
-func (dsc *DaemonSetsController) snapshot(ds *extensions.DaemonSet, revision int64) (*apps.ControllerRevision, error) {
+func (dsc *DaemonSetsController) snapshot(ds *apps.DaemonSet, revision int64) (*apps.ControllerRevision, error) {
 	patch, err := getPatch(ds)
 	if err != nil {
 		return nil, err
@@ -323,7 +322,7 @@ func (dsc *DaemonSetsController) snapshot(ds *extensions.DaemonSet, revision int
 		ObjectMeta: metav1.ObjectMeta{
 			Name:            name,
 			Namespace:       ds.Namespace,
-			Labels:          labelsutil.CloneAndAddLabel(ds.Spec.Template.Labels, extensions.DefaultDaemonSetUniqueLabelKey, hash),
+			Labels:          labelsutil.CloneAndAddLabel(ds.Spec.Template.Labels, apps.DefaultDaemonSetUniqueLabelKey, hash),
 			Annotations:     ds.Annotations,
 			OwnerReferences: []metav1.OwnerReference{*metav1.NewControllerRef(ds, controllerKind)},
 		},
@@ -331,10 +330,10 @@ func (dsc *DaemonSetsController) snapshot(ds *extensions.DaemonSet, revision int
 		Revision: revision,
 	}
 
-	history, err = dsc.kubeClient.AppsV1beta1().ControllerRevisions(ds.Namespace).Create(history)
+	history, err = dsc.kubeClient.AppsV1().ControllerRevisions(ds.Namespace).Create(history)
 	if errors.IsAlreadyExists(err) {
 		// TODO: Is it okay to get from historyLister?
-		existedHistory, getErr := dsc.kubeClient.AppsV1beta1().ControllerRevisions(ds.Namespace).Get(name, metav1.GetOptions{})
+		existedHistory, getErr := dsc.kubeClient.AppsV1().ControllerRevisions(ds.Namespace).Get(name, metav1.GetOptions{})
 		if getErr != nil {
 			return nil, getErr
 		}
@@ -367,13 +366,19 @@ func (dsc *DaemonSetsController) snapshot(ds *extensions.DaemonSet, revision int
 	return history, err
 }
 
-func (dsc *DaemonSetsController) getAllDaemonSetPods(ds *extensions.DaemonSet, nodeToDaemonPods map[string][]*v1.Pod, hash string) ([]*v1.Pod, []*v1.Pod) {
+func (dsc *DaemonSetsController) getAllDaemonSetPods(ds *apps.DaemonSet, nodeToDaemonPods map[string][]*v1.Pod, hash string) ([]*v1.Pod, []*v1.Pod) {
 	var newPods []*v1.Pod
 	var oldPods []*v1.Pod
 
 	for _, pods := range nodeToDaemonPods {
 		for _, pod := range pods {
-			if util.IsPodUpdated(ds.Spec.TemplateGeneration, pod, hash) {
+			// If the returned error is not nil we have a parse error.
+			// The controller handles this via the hash.
+			generation, err := util.GetTemplateGeneration(ds)
+			if err != nil {
+				generation = nil
+			}
+			if util.IsPodUpdated(pod, hash, generation) {
 				newPods = append(newPods, pod)
 			} else {
 				oldPods = append(oldPods, pod)
@@ -383,7 +388,7 @@ func (dsc *DaemonSetsController) getAllDaemonSetPods(ds *extensions.DaemonSet, n
 	return newPods, oldPods
 }
 
-func (dsc *DaemonSetsController) getUnavailableNumbers(ds *extensions.DaemonSet, nodeToDaemonPods map[string][]*v1.Pod) (int, int, error) {
+func (dsc *DaemonSetsController) getUnavailableNumbers(ds *apps.DaemonSet, nodeToDaemonPods map[string][]*v1.Pod) (int, int, error) {
 	glog.V(4).Infof("Getting unavailable numbers")
 	// TODO: get nodeList once in syncDaemonSet and pass it to other functions
 	nodeList, err := dsc.nodeLister.List(labels.Everything())
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/daemon/util/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/daemon/util/BUILD
index 4a87a1eacd99..9a64e9a62e00 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/daemon/util/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/daemon/util/BUILD
@@ -14,11 +14,13 @@ go_library(
         "//pkg/api/v1/pod:go_default_library",
         "//pkg/apis/core/v1/helper:go_default_library",
         "//pkg/features:go_default_library",
+        "//pkg/kubelet/apis:go_default_library",
         "//pkg/kubelet/types:go_default_library",
-        "//pkg/util/labels:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
+        "//vendor/k8s.io/api/apps/v1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
     ],
@@ -40,10 +42,10 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["daemonset_util_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/daemon/util",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/testapi:go_default_library",
+        "//pkg/kubelet/apis:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/daemon/util/daemonset_util.go b/vendor/k8s.io/kubernetes/pkg/controller/daemon/util/daemonset_util.go
index 1ea30b713fd8..e39f1620f178 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/daemon/util/daemonset_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/daemon/util/daemonset_util.go
@@ -18,23 +18,42 @@ package util
 
 import (
 	"fmt"
+	"strconv"
 
+	apps "k8s.io/api/apps/v1"
 	"k8s.io/api/core/v1"
 	extensions "k8s.io/api/extensions/v1beta1"
+	apiequality "k8s.io/apimachinery/pkg/api/equality"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	podutil "k8s.io/kubernetes/pkg/api/v1/pod"
 	v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
 	"k8s.io/kubernetes/pkg/features"
+	kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis"
 	kubelettypes "k8s.io/kubernetes/pkg/kubelet/types"
-	labelsutil "k8s.io/kubernetes/pkg/util/labels"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
 )
 
+// GetTemplateGeneration gets the template generation associated with a v1.DaemonSet by extracting it from the
+// deprecated annotation. If no annotation is found nil is returned. If the annotation is found and fails to parse
+// nil is returned with an error. If the generation can be parsed from the annotation, a pointer to the parsed int64
+// value is returned.
+func GetTemplateGeneration(ds *apps.DaemonSet) (*int64, error) {
+	annotation, found := ds.Annotations[apps.DeprecatedTemplateGeneration]
+	if !found {
+		return nil, nil
+	}
+	generation, err := strconv.ParseInt(annotation, 10, 64)
+	if err != nil {
+		return nil, err
+	}
+	return &generation, nil
+}
+
 // CreatePodTemplate returns copy of provided template with additional
 // label which contains templateGeneration (for backward compatibility),
 // hash of provided template and sets default daemon tolerations.
-func CreatePodTemplate(template v1.PodTemplateSpec, generation int64, hash string) v1.PodTemplateSpec {
+func CreatePodTemplate(template v1.PodTemplateSpec, generation *int64, hash string) v1.PodTemplateSpec {
 	newTemplate := *template.DeepCopy()
 	// DaemonSet pods shouldn't be deleted by NodeController in case of node problems.
 	// Add infinite toleration for taint notReady:NoExecute here
@@ -81,12 +100,12 @@ func CreatePodTemplate(template v1.PodTemplateSpec, generation int64, hash strin
 		})
 	}
 
-	templateGenerationStr := fmt.Sprint(generation)
-	newTemplate.ObjectMeta.Labels = labelsutil.CloneAndAddLabel(
-		template.ObjectMeta.Labels,
-		extensions.DaemonSetTemplateGenerationKey,
-		templateGenerationStr,
-	)
+	if newTemplate.ObjectMeta.Labels == nil {
+		newTemplate.ObjectMeta.Labels = make(map[string]string)
+	}
+	if generation != nil {
+		newTemplate.ObjectMeta.Labels[extensions.DaemonSetTemplateGenerationKey] = fmt.Sprint(*generation)
+	}
 	// TODO: do we need to validate if the DaemonSet is RollingUpdate or not?
 	if len(hash) > 0 {
 		newTemplate.ObjectMeta.Labels[extensions.DefaultDaemonSetUniqueLabelKey] = hash
@@ -94,15 +113,16 @@ func CreatePodTemplate(template v1.PodTemplateSpec, generation int64, hash strin
 	return newTemplate
 }
 
-// IsPodUpdate checks if pod contains label value that either matches templateGeneration or hash
-func IsPodUpdated(dsTemplateGeneration int64, pod *v1.Pod, hash string) bool {
+// IsPodUpdated checks if pod contains label value that either matches templateGeneration or hash
+func IsPodUpdated(pod *v1.Pod, hash string, dsTemplateGeneration *int64) bool {
 	// Compare with hash to see if the pod is updated, need to maintain backward compatibility of templateGeneration
-	templateMatches := pod.Labels[extensions.DaemonSetTemplateGenerationKey] == fmt.Sprint(dsTemplateGeneration)
+	templateMatches := dsTemplateGeneration != nil &&
+		pod.Labels[extensions.DaemonSetTemplateGenerationKey] == fmt.Sprint(dsTemplateGeneration)
 	hashMatches := len(hash) > 0 && pod.Labels[extensions.DefaultDaemonSetUniqueLabelKey] == hash
 	return hashMatches || templateMatches
 }
 
-// SplitByAvailablePods splits provided daemon set pods by availabilty
+// SplitByAvailablePods splits provided daemon set pods by availability
 func SplitByAvailablePods(minReadySeconds int32, pods []*v1.Pod) ([]*v1.Pod, []*v1.Pod) {
 	unavailablePods := []*v1.Pod{}
 	availablePods := []*v1.Pod{}
@@ -115,3 +135,93 @@ func SplitByAvailablePods(minReadySeconds int32, pods []*v1.Pod) ([]*v1.Pod, []*
 	}
 	return availablePods, unavailablePods
 }
+
+// ReplaceDaemonSetPodHostnameNodeAffinity replaces the 'kubernetes.io/hostname' NodeAffinity term with
+// the given "nodeName" in the "affinity" terms.
+func ReplaceDaemonSetPodHostnameNodeAffinity(affinity *v1.Affinity, nodename string) *v1.Affinity {
+	nodeSelector := &v1.NodeSelector{
+		NodeSelectorTerms: []v1.NodeSelectorTerm{
+			{
+				MatchExpressions: []v1.NodeSelectorRequirement{
+					{
+						Key:      kubeletapis.LabelHostname,
+						Operator: v1.NodeSelectorOpIn,
+						Values:   []string{nodename},
+					},
+				},
+			},
+		},
+	}
+
+	if affinity == nil {
+		return &v1.Affinity{
+			NodeAffinity: &v1.NodeAffinity{
+				RequiredDuringSchedulingIgnoredDuringExecution: nodeSelector,
+			},
+		}
+	}
+
+	if affinity.NodeAffinity == nil {
+		affinity.NodeAffinity = &v1.NodeAffinity{
+			RequiredDuringSchedulingIgnoredDuringExecution: nodeSelector,
+		}
+		return affinity
+	}
+
+	nodeAffinity := affinity.NodeAffinity
+
+	if nodeAffinity.RequiredDuringSchedulingIgnoredDuringExecution == nil {
+		nodeAffinity.RequiredDuringSchedulingIgnoredDuringExecution = nodeSelector
+		return affinity
+	}
+
+	nodeSelectorTerms := []v1.NodeSelectorTerm{}
+
+	// Removes hostname node selector, as only the target hostname will take effect.
+	for _, term := range nodeAffinity.RequiredDuringSchedulingIgnoredDuringExecution.NodeSelectorTerms {
+		exps := []v1.NodeSelectorRequirement{}
+		for _, exp := range term.MatchExpressions {
+			if exp.Key != kubeletapis.LabelHostname {
+				exps = append(exps, exp)
+			}
+		}
+
+		if len(exps) > 0 {
+			term.MatchExpressions = exps
+			nodeSelectorTerms = append(nodeSelectorTerms, term)
+		}
+	}
+
+	// Adds target hostname NodeAffinity term.
+	nodeSelectorTerms = append(nodeSelectorTerms, nodeSelector.NodeSelectorTerms[0])
+
+	// Replace node selector with the new one.
+	nodeAffinity.RequiredDuringSchedulingIgnoredDuringExecution.NodeSelectorTerms = nodeSelectorTerms
+
+	return affinity
+}
+
+// AppendNoScheduleTolerationIfNotExist appends unschedulable toleration to `.spec` if not exist; otherwise,
+// no changes to `.spec.tolerations`.
+func AppendNoScheduleTolerationIfNotExist(tolerations []v1.Toleration) []v1.Toleration {
+	unschedulableToleration := v1.Toleration{
+		Key:      algorithm.TaintNodeUnschedulable,
+		Operator: v1.TolerationOpExists,
+		Effect:   v1.TaintEffectNoSchedule,
+	}
+
+	unschedulableTaintExist := false
+
+	for _, t := range tolerations {
+		if apiequality.Semantic.DeepEqual(t, unschedulableToleration) {
+			unschedulableTaintExist = true
+			break
+		}
+	}
+
+	if !unschedulableTaintExist {
+		tolerations = append(tolerations, unschedulableToleration)
+	}
+
+	return tolerations
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/deployment/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/deployment/BUILD
index 6995ca4c33dd..5754aad46c43 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/deployment/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/deployment/BUILD
@@ -56,8 +56,7 @@ go_test(
         "rolling_test.go",
         "sync_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/controller/deployment",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/apps/install:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/deployment/sync.go b/vendor/k8s.io/kubernetes/pkg/controller/deployment/sync.go
index 497e82cb1d95..cfd147b5072a 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/deployment/sync.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/deployment/sync.go
@@ -318,35 +318,40 @@ func (dc *DeploymentController) getNewReplicaSet(d *extensions.Deployment, rsLis
 	createdRS, err := dc.client.ExtensionsV1beta1().ReplicaSets(d.Namespace).Create(&newRS)
 	switch {
 	// We may end up hitting this due to a slow cache or a fast resync of the Deployment.
-	// Fetch a copy of the ReplicaSet. If its PodTemplateSpec is semantically deep equal
-	// with the PodTemplateSpec of the Deployment, then that is our new ReplicaSet. Otherwise,
-	// this is a hash collision and we need to increment the collisionCount field in the
-	// status of the Deployment and try the creation again.
 	case errors.IsAlreadyExists(err):
 		alreadyExists = true
+
+		// Fetch a copy of the ReplicaSet.
 		rs, rsErr := dc.rsLister.ReplicaSets(newRS.Namespace).Get(newRS.Name)
 		if rsErr != nil {
 			return nil, rsErr
 		}
+
+		// If the Deployment owns the ReplicaSet and the ReplicaSet's PodTemplateSpec is semantically
+		// deep equal to the PodTemplateSpec of the Deployment, it's the Deployment's new ReplicaSet.
+		// Otherwise, this is a hash collision and we need to increment the collisionCount field in
+		// the status of the Deployment and requeue to try the creation in the next sync.
+		controllerRef := metav1.GetControllerOf(rs)
+		if controllerRef != nil && controllerRef.UID == d.UID && deploymentutil.EqualIgnoreHash(&d.Spec.Template, &rs.Spec.Template) {
+			createdRS = rs
+			err = nil
+			break
+		}
+
 		// Matching ReplicaSet is not equal - increment the collisionCount in the DeploymentStatus
 		// and requeue the Deployment.
-		if !deploymentutil.EqualIgnoreHash(&d.Spec.Template, &rs.Spec.Template) {
-			if d.Status.CollisionCount == nil {
-				d.Status.CollisionCount = new(int32)
-			}
-			preCollisionCount := *d.Status.CollisionCount
-			*d.Status.CollisionCount++
-			// Update the collisionCount for the Deployment and let it requeue by returning the original
-			// error.
-			_, dErr := dc.client.ExtensionsV1beta1().Deployments(d.Namespace).UpdateStatus(d)
-			if dErr == nil {
-				glog.V(2).Infof("Found a hash collision for deployment %q - bumping collisionCount (%d->%d) to resolve it", d.Name, preCollisionCount, *d.Status.CollisionCount)
-			}
-			return nil, err
+		if d.Status.CollisionCount == nil {
+			d.Status.CollisionCount = new(int32)
 		}
-		// Pass through the matching ReplicaSet as the new ReplicaSet.
-		createdRS = rs
-		err = nil
+		preCollisionCount := *d.Status.CollisionCount
+		*d.Status.CollisionCount++
+		// Update the collisionCount for the Deployment and let it requeue by returning the original
+		// error.
+		_, dErr := dc.client.ExtensionsV1beta1().Deployments(d.Namespace).UpdateStatus(d)
+		if dErr == nil {
+			glog.V(2).Infof("Found a hash collision for deployment %q - bumping collisionCount (%d->%d) to resolve it", d.Name, preCollisionCount, *d.Status.CollisionCount)
+		}
+		return nil, err
 	case err != nil:
 		msg := fmt.Sprintf("Failed to create new replica set %q: %v", newRS.Name, err)
 		if d.Spec.ProgressDeadlineSeconds != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/deployment/util/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/deployment/util/BUILD
index fd967e837f8d..58890da6347c 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/deployment/util/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/deployment/util/BUILD
@@ -45,8 +45,7 @@ go_test(
         "deployment_util_test.go",
         "hash_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/controller/deployment/util",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/controller:go_default_library",
         "//pkg/util/hash:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/deployment/util/deployment_util.go b/vendor/k8s.io/kubernetes/pkg/controller/deployment/util/deployment_util.go
index d017e33709e3..763b8debdb31 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/deployment/util/deployment_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/deployment/util/deployment_util.go
@@ -124,18 +124,6 @@ func GetDeploymentCondition(status extensions.DeploymentStatus, condType extensi
 	return nil
 }
 
-// TODO: remove the duplicate
-// GetDeploymentConditionInternal returns the condition with the provided type.
-func GetDeploymentConditionInternal(status internalextensions.DeploymentStatus, condType internalextensions.DeploymentConditionType) *internalextensions.DeploymentCondition {
-	for i := range status.Conditions {
-		c := status.Conditions[i]
-		if c.Type == condType {
-			return &c
-		}
-	}
-	return nil
-}
-
 // SetDeploymentCondition updates the deployment to include the provided condition. If the condition that
 // we are about to add already exists and has the same status and reason then we are not going to update.
 func SetDeploymentCondition(status *extensions.DeploymentStatus, condition extensions.DeploymentCondition) {
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/deployment/util/pod_util.go b/vendor/k8s.io/kubernetes/pkg/controller/deployment/util/pod_util.go
index c388e2d6c7ed..e7c231c1e65f 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/deployment/util/pod_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/deployment/util/pod_util.go
@@ -30,8 +30,7 @@ import (
 //       see https://github.com/kubernetes/kubernetes/issues/21479
 type updatePodFunc func(pod *v1.Pod) error
 
-// UpdatePodWithRetries updates a pod with given applyUpdate function. Note that pod not found error is ignored.
-// The returned bool value can be used to tell if the pod is actually updated.
+// UpdatePodWithRetries updates a pod with given applyUpdate function.
 func UpdatePodWithRetries(podClient v1core.PodInterface, podLister corelisters.PodLister, namespace, name string, applyUpdate updatePodFunc) (*v1.Pod, error) {
 	var pod *v1.Pod
 
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/disruption/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/disruption/BUILD
index b92a2e2c9496..f210ecb10984 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/disruption/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/disruption/BUILD
@@ -45,8 +45,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["disruption_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/disruption",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core/install:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/disruption/disruption.go b/vendor/k8s.io/kubernetes/pkg/controller/disruption/disruption.go
index b234f5ca0b64..6ec9663fd8c6 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/disruption/disruption.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/disruption/disruption.go
@@ -617,7 +617,7 @@ func (dc *DisruptionController) getExpectedScale(pdb *policy.PodDisruptionBudget
 func countHealthyPods(pods []*v1.Pod, disruptedPods map[string]metav1.Time, currentTime time.Time) (currentHealthy int32) {
 Pod:
 	for _, pod := range pods {
-		// Pod is beeing deleted.
+		// Pod is being deleted.
 		if pod.DeletionTimestamp != nil {
 			continue
 		}
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/endpoint/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/endpoint/BUILD
index ed8acb206d5b..27e74d323892 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/endpoint/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/endpoint/BUILD
@@ -40,8 +40,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["endpoints_controller_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/endpoint",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/api/testapi:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/endpoint/endpoints_controller.go b/vendor/k8s.io/kubernetes/pkg/controller/endpoint/endpoints_controller.go
index 8aa41da8a838..a0ae0e4e8955 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/endpoint/endpoints_controller.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/endpoint/endpoints_controller.go
@@ -193,7 +193,7 @@ func (e *EndpointController) addPod(obj interface{}) {
 	pod := obj.(*v1.Pod)
 	services, err := e.getPodServiceMemberships(pod)
 	if err != nil {
-		utilruntime.HandleError(fmt.Errorf("Unable to get pod %v/%v's service memberships: %v", pod.Namespace, pod.Name, err))
+		utilruntime.HandleError(fmt.Errorf("Unable to get pod %s/%s's service memberships: %v", pod.Namespace, pod.Name, err))
 		return
 	}
 	for key := range services {
@@ -269,7 +269,7 @@ func (e *EndpointController) updatePod(old, cur interface{}) {
 
 	podChangedFlag := podChanged(oldPod, newPod)
 
-	// Check if the pod labels have changed, indicating a possibe
+	// Check if the pod labels have changed, indicating a possible
 	// change in the service membership
 	labelsChanged := false
 	if !reflect.DeepEqual(newPod.Labels, oldPod.Labels) ||
@@ -328,7 +328,7 @@ func (e *EndpointController) deletePod(obj interface{}) {
 		utilruntime.HandleError(fmt.Errorf("Tombstone contained object that is not a Pod: %#v", obj))
 		return
 	}
-	glog.V(4).Infof("Enqueuing services of deleted pod %s having final state unrecorded", pod.Name)
+	glog.V(4).Infof("Enqueuing services of deleted pod %s/%s having final state unrecorded", pod.Namespace, pod.Name)
 	e.addPod(pod)
 }
 
@@ -571,7 +571,7 @@ func addEndpointSubset(subsets []v1.EndpointSubset, pod *v1.Pod, epa v1.Endpoint
 		})
 		readyEps++
 	} else if shouldPodBeInEndpoints(pod) {
-		glog.V(5).Infof("Pod is out of service: %v/%v", pod.Namespace, pod.Name)
+		glog.V(5).Infof("Pod is out of service: %s/%s", pod.Namespace, pod.Name)
 		subsets = append(subsets, v1.EndpointSubset{
 			NotReadyAddresses: []v1.EndpointAddress{epa},
 			Ports:             []v1.EndpointPort{epp},
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/BUILD
index 1ea321cce933..1ef247e24473 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/BUILD
@@ -50,8 +50,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["garbagecollector_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/garbagecollector",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core/install:go_default_library",
@@ -69,6 +68,7 @@ go_test(
         "//vendor/k8s.io/client-go/discovery:go_default_library",
         "//vendor/k8s.io/client-go/dynamic:go_default_library",
         "//vendor/k8s.io/client-go/informers:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes/fake:go_default_library",
         "//vendor/k8s.io/client-go/rest:go_default_library",
         "//vendor/k8s.io/client-go/util/workqueue:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/garbagecollector.go b/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/garbagecollector.go
index da2a643da13f..93a96c20feb4 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/garbagecollector.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/garbagecollector.go
@@ -166,12 +166,20 @@ type resettableRESTMapper interface {
 // Note that discoveryClient should NOT be shared with gc.restMapper, otherwise
 // the mapper's underlying discovery client will be unnecessarily reset during
 // the course of detecting new resources.
-func (gc *GarbageCollector) Sync(discoveryClient discovery.DiscoveryInterface, period time.Duration, stopCh <-chan struct{}) {
+func (gc *GarbageCollector) Sync(discoveryClient discovery.ServerResourcesInterface, period time.Duration, stopCh <-chan struct{}) {
 	oldResources := make(map[schema.GroupVersionResource]struct{})
 	wait.Until(func() {
 		// Get the current resource list from discovery.
 		newResources := GetDeletableResources(discoveryClient)
 
+		// This can occur if there is an internal error in GetDeletableResources.
+		// If the gc attempts to sync with 0 resources it will block forever.
+		// TODO: Implement a more complete solution for the garbage collector hanging.
+		if len(newResources) == 0 {
+			glog.V(5).Infof("no resources reported by discovery, skipping garbage collector sync")
+			return
+		}
+
 		// Decide whether discovery has reported a change.
 		if reflect.DeepEqual(oldResources, newResources) {
 			glog.V(5).Infof("no resource updates from discovery, skipping garbage collector sync")
@@ -197,7 +205,7 @@ func (gc *GarbageCollector) Sync(discoveryClient discovery.DiscoveryInterface, p
 		// discovered by restMapper during the call to Reset, since they are
 		// distinct discovery clients invalidated at different times. For example,
 		// newResources may contain resources not returned in the restMapper's
-		// discovery call if the resources appeared inbetween the calls. In that
+		// discovery call if the resources appeared in-between the calls. In that
 		// case, the restMapper will fail to map some of newResources until the next
 		// sync period.
 		if err := gc.resyncMonitors(newResources); err != nil {
@@ -214,7 +222,7 @@ func (gc *GarbageCollector) Sync(discoveryClient discovery.DiscoveryInterface, p
 
 		// Finally, keep track of our new state. Do this after all preceding steps
 		// have succeeded to ensure we'll retry on subsequent syncs if an error
-		// occured.
+		// occurred.
 		oldResources = newResources
 		glog.V(2).Infof("synced garbage collector")
 	}, period, stopCh)
@@ -587,9 +595,9 @@ func GetDeletableResources(discoveryClient discovery.ServerResourcesInterface) m
 	preferredResources, err := discoveryClient.ServerPreferredResources()
 	if err != nil {
 		if discovery.IsGroupDiscoveryFailedError(err) {
-			glog.Warning("failed to discover some groups: %v", err.(*discovery.ErrGroupDiscoveryFailed).Groups)
+			glog.Warningf("failed to discover some groups: %v", err.(*discovery.ErrGroupDiscoveryFailed).Groups)
 		} else {
-			glog.Warning("failed to discover preferred resources: %v", err)
+			glog.Warningf("failed to discover preferred resources: %v", err)
 		}
 	}
 	if preferredResources == nil {
@@ -603,7 +611,7 @@ func GetDeletableResources(discoveryClient discovery.ServerResourcesInterface) m
 	for _, rl := range deletableResources {
 		gv, err := schema.ParseGroupVersion(rl.GroupVersion)
 		if err != nil {
-			glog.Warning("ignoring invalid discovered resource %q: %v", rl.GroupVersion, err)
+			glog.Warningf("ignoring invalid discovered resource %q: %v", rl.GroupVersion, err)
 			continue
 		}
 		for i := range rl.APIResources {
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/metaonly/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/metaonly/BUILD
index 157f4ba9a146..d20f61e88b1b 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/metaonly/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/metaonly/BUILD
@@ -26,8 +26,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["metaonly_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/garbagecollector/metaonly",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core/install:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/metaonly/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/metaonly/zz_generated.deepcopy.go
index edc16e4f13d0..5fd2559b0d3c 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/metaonly/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/metaonly/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package metaonly
 
@@ -46,9 +46,8 @@ func (in *MetadataOnlyObject) DeepCopy() *MetadataOnlyObject {
 func (in *MetadataOnlyObject) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -80,7 +79,6 @@ func (in *MetadataOnlyObjectList) DeepCopy() *MetadataOnlyObjectList {
 func (in *MetadataOnlyObjectList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/operations.go b/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/operations.go
index 16f631f489b5..4fd59ad187af 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/operations.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/garbagecollector/operations.go
@@ -34,7 +34,7 @@ import (
 // namespace> tuple to a unversioned.APIResource struct.
 func (gc *GarbageCollector) apiResource(apiVersion, kind string) (*metav1.APIResource, error) {
 	fqKind := schema.FromAPIVersionAndKind(apiVersion, kind)
-	mapping, err := gc.restMapper.RESTMapping(fqKind.GroupKind(), apiVersion)
+	mapping, err := gc.restMapper.RESTMapping(fqKind.GroupKind(), fqKind.Version)
 	if err != nil {
 		return nil, newRESTMappingError(kind, apiVersion)
 	}
@@ -128,7 +128,7 @@ func (gc *GarbageCollector) removeFinalizer(owner *node, targetFinalizer string)
 			newFinalizers = append(newFinalizers, f)
 		}
 		if !found {
-			glog.V(5).Infof("the orphan finalizer is already removed from object %s", owner.identity)
+			glog.V(5).Infof("the %s finalizer is already removed from object %s", targetFinalizer, owner.identity)
 			return nil
 		}
 		// remove the owner from dependent's OwnerReferences
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/history/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/history/BUILD
index 5a5f4ebae9c3..9824a0b9d8d5 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/history/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/history/BUILD
@@ -9,12 +9,11 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["controller_history_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/history",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/testapi:go_default_library",
         "//pkg/controller:go_default_library",
-        "//vendor/k8s.io/api/apps/v1beta1:go_default_library",
+        "//vendor/k8s.io/api/apps/v1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
@@ -35,7 +34,7 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/controller/history",
     deps = [
         "//pkg/util/hash:go_default_library",
-        "//vendor/k8s.io/api/apps/v1beta1:go_default_library",
+        "//vendor/k8s.io/api/apps/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
@@ -44,9 +43,9 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/rand:go_default_library",
-        "//vendor/k8s.io/client-go/informers/apps/v1beta1:go_default_library",
+        "//vendor/k8s.io/client-go/informers/apps/v1:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
-        "//vendor/k8s.io/client-go/listers/apps/v1beta1:go_default_library",
+        "//vendor/k8s.io/client-go/listers/apps/v1:go_default_library",
         "//vendor/k8s.io/client-go/tools/cache:go_default_library",
         "//vendor/k8s.io/client-go/util/retry:go_default_library",
     ],
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/history/controller_history.go b/vendor/k8s.io/kubernetes/pkg/controller/history/controller_history.go
index 40281adcf1b4..5e4e8f95c613 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/history/controller_history.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/history/controller_history.go
@@ -23,10 +23,10 @@ import (
 	"sort"
 	"strconv"
 
-	apps "k8s.io/api/apps/v1beta1"
-	appsinformers "k8s.io/client-go/informers/apps/v1beta1"
+	apps "k8s.io/api/apps/v1"
+	appsinformers "k8s.io/client-go/informers/apps/v1"
 	clientset "k8s.io/client-go/kubernetes"
-	appslisters "k8s.io/client-go/listers/apps/v1beta1"
+	appslisters "k8s.io/client-go/listers/apps/v1"
 	hashutil "k8s.io/kubernetes/pkg/util/hash"
 
 	apiequality "k8s.io/apimachinery/pkg/api/equality"
@@ -56,19 +56,19 @@ func ControllerRevisionName(prefix string, hash uint32) string {
 }
 
 // NewControllerRevision returns a ControllerRevision with a ControllerRef pointing to parent and indicating that
-// parent is of parentKind. The ControllerRevision has labels matching selector, contains Data equal to data, and
+// parent is of parentKind. The ControllerRevision has labels matching template labels, contains Data equal to data, and
 // has a Revision equal to revision. The collisionCount is used when creating the name of the ControllerRevision
 // so the name is likely unique. If the returned error is nil, the returned ControllerRevision is valid. If the
 // returned error is not nil, the returned ControllerRevision is invalid for use.
 func NewControllerRevision(parent metav1.Object,
 	parentKind schema.GroupVersionKind,
-	selector labels.Selector,
+	templateLabels map[string]string,
 	data runtime.RawExtension,
 	revision int64,
 	collisionCount *int32) (*apps.ControllerRevision, error) {
-	labelMap, err := labels.ConvertSelectorToLabelsMap(selector.String())
-	if err != nil {
-		return nil, err
+	labelMap := make(map[string]string)
+	for k, v := range templateLabels {
+		labelMap[k] = v
 	}
 	blockOwnerDeletion := true
 	isController := true
@@ -251,7 +251,7 @@ func (rh *realHistory) CreateControllerRevision(parent metav1.Object, revision *
 		hash := HashControllerRevision(revision, collisionCount)
 		// Update the revisions name and labels
 		clone.Name = ControllerRevisionName(parent.GetName(), hash)
-		created, err := rh.client.AppsV1beta1().ControllerRevisions(parent.GetNamespace()).Create(clone)
+		created, err := rh.client.AppsV1().ControllerRevisions(parent.GetNamespace()).Create(clone)
 		if errors.IsAlreadyExists(err) {
 			*collisionCount++
 			continue
@@ -267,7 +267,7 @@ func (rh *realHistory) UpdateControllerRevision(revision *apps.ControllerRevisio
 			return nil
 		}
 		clone.Revision = newRevision
-		updated, updateErr := rh.client.AppsV1beta1().ControllerRevisions(clone.Namespace).Update(clone)
+		updated, updateErr := rh.client.AppsV1().ControllerRevisions(clone.Namespace).Update(clone)
 		if updateErr == nil {
 			return nil
 		}
@@ -284,7 +284,7 @@ func (rh *realHistory) UpdateControllerRevision(revision *apps.ControllerRevisio
 }
 
 func (rh *realHistory) DeleteControllerRevision(revision *apps.ControllerRevision) error {
-	return rh.client.AppsV1beta1().ControllerRevisions(revision.Namespace).Delete(revision.Name, nil)
+	return rh.client.AppsV1().ControllerRevisions(revision.Namespace).Delete(revision.Name, nil)
 }
 
 func (rh *realHistory) AdoptControllerRevision(parent metav1.Object, parentKind schema.GroupVersionKind, revision *apps.ControllerRevision) (*apps.ControllerRevision, error) {
@@ -293,7 +293,7 @@ func (rh *realHistory) AdoptControllerRevision(parent metav1.Object, parentKind
 		return nil, fmt.Errorf("attempt to adopt revision owned by %v", owner)
 	}
 	// Use strategic merge patch to add an owner reference indicating a controller ref
-	return rh.client.AppsV1beta1().ControllerRevisions(parent.GetNamespace()).Patch(revision.GetName(),
+	return rh.client.AppsV1().ControllerRevisions(parent.GetNamespace()).Patch(revision.GetName(),
 		types.StrategicMergePatchType, []byte(fmt.Sprintf(
 			`{"metadata":{"ownerReferences":[{"apiVersion":"%s","kind":"%s","name":"%s","uid":"%s","controller":true,"blockOwnerDeletion":true}],"uid":"%s"}}`,
 			parentKind.GroupVersion().String(), parentKind.Kind,
@@ -302,7 +302,7 @@ func (rh *realHistory) AdoptControllerRevision(parent metav1.Object, parentKind
 
 func (rh *realHistory) ReleaseControllerRevision(parent metav1.Object, revision *apps.ControllerRevision) (*apps.ControllerRevision, error) {
 	// Use strategic merge patch to add an owner reference indicating a controller ref
-	released, err := rh.client.AppsV1beta1().ControllerRevisions(revision.GetNamespace()).Patch(revision.GetName(),
+	released, err := rh.client.AppsV1().ControllerRevisions(revision.GetNamespace()).Patch(revision.GetName(),
 		types.StrategicMergePatchType,
 		[]byte(fmt.Sprintf(`{"metadata":{"ownerReferences":[{"$patch":"delete","uid":"%s"}],"uid":"%s"}}`, parent.GetUID(), revision.UID)))
 
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/job/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/job/BUILD
index a5ab7ba7aea7..94dfcfa513de 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/job/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/job/BUILD
@@ -45,8 +45,7 @@ go_test(
         "job_controller_test.go",
         "utils_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/controller/job",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core/install:go_default_library",
@@ -65,6 +64,7 @@ go_test(
         "//vendor/k8s.io/client-go/rest:go_default_library",
         "//vendor/k8s.io/client-go/testing:go_default_library",
         "//vendor/k8s.io/client-go/tools/cache:go_default_library",
+        "//vendor/k8s.io/client-go/util/workqueue:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/job/job_controller.go b/vendor/k8s.io/kubernetes/pkg/controller/job/job_controller.go
index a12cbed1c46b..366eacc463f0 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/job/job_controller.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/job/job_controller.go
@@ -109,9 +109,13 @@ func NewJobController(podInformer coreinformers.PodInformer, jobInformer batchin
 	}
 
 	jobInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
-		AddFunc:    jm.enqueueController,
+		AddFunc: func(obj interface{}) {
+			jm.enqueueController(obj, true)
+		},
 		UpdateFunc: jm.updateJob,
-		DeleteFunc: jm.enqueueController,
+		DeleteFunc: func(obj interface{}) {
+			jm.enqueueController(obj, true)
+		},
 	})
 	jm.jobLister = jobInformer.Lister()
 	jm.jobStoreSynced = jobInformer.Informer().HasSynced
@@ -209,7 +213,7 @@ func (jm *JobController) addPod(obj interface{}) {
 			return
 		}
 		jm.expectations.CreationObserved(jobKey)
-		jm.enqueueController(job)
+		jm.enqueueController(job, true)
 		return
 	}
 
@@ -218,7 +222,7 @@ func (jm *JobController) addPod(obj interface{}) {
 	// DO NOT observe creation because no controller should be waiting for an
 	// orphan.
 	for _, job := range jm.getPodJobs(pod) {
-		jm.enqueueController(job)
+		jm.enqueueController(job, true)
 	}
 }
 
@@ -242,7 +246,8 @@ func (jm *JobController) updatePod(old, cur interface{}) {
 		return
 	}
 
-	labelChanged := !reflect.DeepEqual(curPod.Labels, oldPod.Labels)
+	// the only time we want the backoff to kick-in, is when the pod failed
+	immediate := curPod.Status.Phase != v1.PodFailed
 
 	curControllerRef := metav1.GetControllerOf(curPod)
 	oldControllerRef := metav1.GetControllerOf(oldPod)
@@ -250,7 +255,7 @@ func (jm *JobController) updatePod(old, cur interface{}) {
 	if controllerRefChanged && oldControllerRef != nil {
 		// The ControllerRef was changed. Sync the old controller, if any.
 		if job := jm.resolveControllerRef(oldPod.Namespace, oldControllerRef); job != nil {
-			jm.enqueueController(job)
+			jm.enqueueController(job, immediate)
 		}
 	}
 
@@ -260,15 +265,16 @@ func (jm *JobController) updatePod(old, cur interface{}) {
 		if job == nil {
 			return
 		}
-		jm.enqueueController(job)
+		jm.enqueueController(job, immediate)
 		return
 	}
 
 	// Otherwise, it's an orphan. If anything changed, sync matching controllers
 	// to see if anyone wants to adopt it now.
+	labelChanged := !reflect.DeepEqual(curPod.Labels, oldPod.Labels)
 	if labelChanged || controllerRefChanged {
 		for _, job := range jm.getPodJobs(curPod) {
-			jm.enqueueController(job)
+			jm.enqueueController(job, immediate)
 		}
 	}
 }
@@ -309,7 +315,7 @@ func (jm *JobController) deletePod(obj interface{}) {
 		return
 	}
 	jm.expectations.DeletionObserved(jobKey)
-	jm.enqueueController(job)
+	jm.enqueueController(job, true)
 }
 
 func (jm *JobController) updateJob(old, cur interface{}) {
@@ -321,7 +327,7 @@ func (jm *JobController) updateJob(old, cur interface{}) {
 	if err != nil {
 		return
 	}
-	jm.enqueueController(curJob)
+	jm.enqueueController(curJob, true)
 	// check if need to add a new rsync for ActiveDeadlineSeconds
 	if curJob.Status.StartTime != nil {
 		curADS := curJob.Spec.ActiveDeadlineSeconds
@@ -341,15 +347,19 @@ func (jm *JobController) updateJob(old, cur interface{}) {
 	}
 }
 
-// obj could be an *batch.Job, or a DeletionFinalStateUnknown marker item.
-func (jm *JobController) enqueueController(job interface{}) {
-	key, err := controller.KeyFunc(job)
+// obj could be an *batch.Job, or a DeletionFinalStateUnknown marker item,
+// immediate tells the controller to update the status right away, and should
+// happen ONLY when there was a successful pod run.
+func (jm *JobController) enqueueController(obj interface{}, immediate bool) {
+	key, err := controller.KeyFunc(obj)
 	if err != nil {
-		utilruntime.HandleError(fmt.Errorf("Couldn't get key for object %+v: %v", job, err))
+		utilruntime.HandleError(fmt.Errorf("Couldn't get key for object %+v: %v", obj, err))
 		return
 	}
 
-	// Retrieves the backoff duration for this Job
+	if immediate {
+		jm.queue.Forget(key)
+	}
 	backoff := getBackoff(jm.queue, key)
 
 	// TODO: Handle overlapping controllers better. Either disallow them at admission time or
@@ -553,6 +563,14 @@ func (jm *JobController) syncJob(key string) (bool, error) {
 	}
 
 	forget := false
+	// Check if the number of jobs succeeded increased since the last check. If yes "forget" should be true
+	// This logic is linked to the issue: https://github.com/kubernetes/kubernetes/issues/56853 that aims to
+	// improve the Job backoff policy when parallelism > 1 and few Jobs failed but others succeed.
+	// In this case, we should clear the backoff delay.
+	if job.Status.Succeeded < succeeded {
+		forget = true
+	}
+
 	// no need to update the job if the status hasn't changed since last time
 	if job.Status.Active != active || job.Status.Succeeded != succeeded || job.Status.Failed != failed || len(job.Status.Conditions) != conditions {
 		job.Status.Active = active
@@ -560,12 +578,12 @@ func (jm *JobController) syncJob(key string) (bool, error) {
 		job.Status.Failed = failed
 
 		if err := jm.updateHandler(&job); err != nil {
-			return false, err
+			return forget, err
 		}
 
 		if jobHaveNewFailure && !IsJobFinished(&job) {
 			// returning an error will re-enqueue Job after the backoff period
-			return false, fmt.Errorf("failed pod(s) detected for job key %q", key)
+			return forget, fmt.Errorf("failed pod(s) detected for job key %q", key)
 		}
 
 		forget = true
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/namespace/deletion/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/namespace/deletion/BUILD
index 3ff183f2e42c..672e19936eb9 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/namespace/deletion/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/namespace/deletion/BUILD
@@ -29,8 +29,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["namespaced_resources_deleter_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/namespace/deletion",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/BUILD
new file mode 100644
index 000000000000..46a62bb93b6e
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/BUILD
@@ -0,0 +1,48 @@
+package(default_visibility = ["//visibility:public"])
+
+load(
+    "@io_bazel_rules_go//go:def.bzl",
+    "go_library",
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "doc.go",
+        "metrics.go",
+        "node_ipam_controller.go",
+    ],
+    importpath = "k8s.io/kubernetes/pkg/controller/nodeipam",
+    deps = [
+        "//pkg/cloudprovider:go_default_library",
+        "//pkg/controller:go_default_library",
+        "//pkg/controller/nodeipam/ipam:go_default_library",
+        "//pkg/controller/nodeipam/ipam/sync:go_default_library",
+        "//pkg/util/metrics:go_default_library",
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
+        "//vendor/k8s.io/client-go/informers/core/v1:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes/typed/core/v1:go_default_library",
+        "//vendor/k8s.io/client-go/listers/core/v1:go_default_library",
+        "//vendor/k8s.io/client-go/tools/cache:go_default_library",
+        "//vendor/k8s.io/client-go/tools/record:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [
+        ":package-srcs",
+        "//pkg/controller/nodeipam/ipam:all-srcs",
+    ],
+    tags = ["automanaged"],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/OWNERS b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/OWNERS
similarity index 100%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/OWNERS
rename to vendor/k8s.io/kubernetes/pkg/controller/nodeipam/OWNERS
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/doc.go b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/doc.go
similarity index 87%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/doc.go
rename to vendor/k8s.io/kubernetes/pkg/controller/nodeipam/doc.go
index ac61e4858653..af4cd15c0784 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/node/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/doc.go
@@ -14,6 +14,6 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// Package node contains code for syncing cloud instances with
+// Package nodeipam contains code for syncing cloud instances with
 // node registry
-package node
+package nodeipam
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/BUILD
similarity index 82%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/ipam/BUILD
rename to vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/BUILD
index e72f938e9411..22da77729124 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/BUILD
@@ -13,12 +13,11 @@ go_test(
         "range_allocator_test.go",
         "timeout_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/controller/node/ipam",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/controller:go_default_library",
-        "//pkg/controller/node/ipam/cidrset:go_default_library",
-        "//pkg/controller/node/ipam/test:go_default_library",
+        "//pkg/controller/nodeipam/ipam/cidrset:go_default_library",
+        "//pkg/controller/nodeipam/ipam/test:go_default_library",
         "//pkg/controller/testutil:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
@@ -40,15 +39,15 @@ go_library(
         "range_allocator.go",
         "timeout.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/controller/node/ipam",
+    importpath = "k8s.io/kubernetes/pkg/controller/nodeipam/ipam",
     deps = [
         "//pkg/api/v1/node:go_default_library",
         "//pkg/cloudprovider:go_default_library",
         "//pkg/cloudprovider/providers/gce:go_default_library",
         "//pkg/controller:go_default_library",
-        "//pkg/controller/node/ipam/cidrset:go_default_library",
-        "//pkg/controller/node/ipam/sync:go_default_library",
-        "//pkg/controller/node/util:go_default_library",
+        "//pkg/controller/nodeipam/ipam/cidrset:go_default_library",
+        "//pkg/controller/nodeipam/ipam/sync:go_default_library",
+        "//pkg/controller/util/node:go_default_library",
         "//pkg/util/node:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
@@ -82,9 +81,9 @@ filegroup(
     name = "all-srcs",
     srcs = [
         ":package-srcs",
-        "//pkg/controller/node/ipam/cidrset:all-srcs",
-        "//pkg/controller/node/ipam/sync:all-srcs",
-        "//pkg/controller/node/ipam/test:all-srcs",
+        "//pkg/controller/nodeipam/ipam/cidrset:all-srcs",
+        "//pkg/controller/nodeipam/ipam/sync:all-srcs",
+        "//pkg/controller/nodeipam/ipam/test:all-srcs",
     ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/OWNERS b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/OWNERS
similarity index 100%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/ipam/OWNERS
rename to vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/OWNERS
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/adapter.go b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/adapter.go
similarity index 100%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/ipam/adapter.go
rename to vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/adapter.go
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/cidr_allocator.go b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/cidr_allocator.go
similarity index 99%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/ipam/cidr_allocator.go
rename to vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/cidr_allocator.go
index b9a97938ad31..4a5cee34d839 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/cidr_allocator.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/cidr_allocator.go
@@ -68,7 +68,7 @@ const (
 	cidrUpdateQueueSize = 5000
 
 	// cidrUpdateRetries is the no. of times a NodeSpec update will be retried before dropping it.
-	cidrUpdateRetries = 10
+	cidrUpdateRetries = 3
 )
 
 // CIDRAllocator is an interface implemented by things that know how
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/cidrset/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/cidrset/BUILD
similarity index 76%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/ipam/cidrset/BUILD
rename to vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/cidrset/BUILD
index 5ea716c59ff1..805174fd3c26 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/cidrset/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/cidrset/BUILD
@@ -9,15 +9,14 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["cidr_set_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/node/ipam/cidrset",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/github.com/golang/glog:go_default_library"],
 )
 
 go_library(
     name = "go_default_library",
     srcs = ["cidr_set.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/node/ipam/cidrset",
+    importpath = "k8s.io/kubernetes/pkg/controller/nodeipam/ipam/cidrset",
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/cidrset/cidr_set.go b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/cidrset/cidr_set.go
similarity index 100%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/ipam/cidrset/cidr_set.go
rename to vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/cidrset/cidr_set.go
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/cloud_cidr_allocator.go b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/cloud_cidr_allocator.go
similarity index 84%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/ipam/cloud_cidr_allocator.go
rename to vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/cloud_cidr_allocator.go
index 643f3d5037b5..6f4e4cfcc7ac 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/cloud_cidr_allocator.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/cloud_cidr_allocator.go
@@ -40,7 +40,7 @@ import (
 	"k8s.io/kubernetes/pkg/cloudprovider"
 	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce"
 	"k8s.io/kubernetes/pkg/controller"
-	"k8s.io/kubernetes/pkg/controller/node/util"
+	nodeutil "k8s.io/kubernetes/pkg/controller/util/node"
 	utilnode "k8s.io/kubernetes/pkg/util/node"
 )
 
@@ -101,8 +101,8 @@ func NewCloudCIDRAllocator(client clientset.Interface, cloud cloudprovider.Inter
 	}
 
 	nodeInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
-		AddFunc: util.CreateAddNodeHandler(ca.AllocateOrOccupyCIDR),
-		UpdateFunc: util.CreateUpdateNodeHandler(func(_, newNode *v1.Node) error {
+		AddFunc: nodeutil.CreateAddNodeHandler(ca.AllocateOrOccupyCIDR),
+		UpdateFunc: nodeutil.CreateUpdateNodeHandler(func(_, newNode *v1.Node) error {
 			if newNode.Spec.PodCIDR == "" {
 				return ca.AllocateOrOccupyCIDR(newNode)
 			}
@@ -114,7 +114,7 @@ func NewCloudCIDRAllocator(client clientset.Interface, cloud cloudprovider.Inter
 			}
 			return nil
 		}),
-		DeleteFunc: util.CreateDeleteNodeHandler(ca.ReleaseCIDR),
+		DeleteFunc: nodeutil.CreateDeleteNodeHandler(ca.ReleaseCIDR),
 	})
 
 	glog.V(0).Infof("Using cloud CIDR allocator (provider: %v)", cloud.ProviderName())
@@ -195,17 +195,17 @@ func (ca *cloudCIDRAllocator) updateCIDRAllocation(nodeName string) error {
 
 	node, err := ca.nodeLister.Get(nodeName)
 	if err != nil {
-		glog.Errorf("Failed to get node %v: %v", nodeName, err)
+		glog.Errorf("Failed while getting node %v for updating Node.Spec.PodCIDR: %v", nodeName, err)
 		return err
 	}
 
 	cidrs, err := ca.cloud.AliasRanges(types.NodeName(nodeName))
 	if err != nil {
-		util.RecordNodeStatusChange(ca.recorder, node, "CIDRNotAvailable")
+		nodeutil.RecordNodeStatusChange(ca.recorder, node, "CIDRNotAvailable")
 		return fmt.Errorf("failed to allocate cidr: %v", err)
 	}
 	if len(cidrs) == 0 {
-		util.RecordNodeStatusChange(ca.recorder, node, "CIDRNotAvailable")
+		nodeutil.RecordNodeStatusChange(ca.recorder, node, "CIDRNotAvailable")
 		return fmt.Errorf("failed to allocate cidr: Node %v has no CIDRs", node.Name)
 	}
 	_, cidr, err := net.ParseCIDR(cidrs[0])
@@ -214,35 +214,28 @@ func (ca *cloudCIDRAllocator) updateCIDRAllocation(nodeName string) error {
 	}
 	podCIDR := cidr.String()
 
-	for rep := 0; rep < cidrUpdateRetries; rep++ {
-		node, err = ca.nodeLister.Get(nodeName)
-		if err != nil {
-			glog.Errorf("Failed while getting node %v to retry updating Node.Spec.PodCIDR: %v", nodeName, err)
-			continue
-		}
+	if node.Spec.PodCIDR == podCIDR {
+		glog.V(4).Infof("Node %v already has allocated CIDR %v. It matches the proposed one.", node.Name, podCIDR)
+		// We don't return here, in order to set the NetworkUnavailable condition later below.
+	} else {
 		if node.Spec.PodCIDR != "" {
-			if node.Spec.PodCIDR == podCIDR {
-				glog.V(4).Infof("Node %v already has allocated CIDR %v. It matches the proposed one.", node.Name, podCIDR)
-				// We don't return to set the NetworkUnavailable condition if needed.
-				break
-			}
-			glog.Errorf("PodCIDR being reassigned! Node %v spec has %v, but cloud provider has assigned %v",
-				node.Name, node.Spec.PodCIDR, podCIDR)
+			glog.Errorf("PodCIDR being reassigned! Node %v spec has %v, but cloud provider has assigned %v", node.Name, node.Spec.PodCIDR, podCIDR)
 			// We fall through and set the CIDR despite this error. This
 			// implements the same logic as implemented in the
 			// rangeAllocator.
 			//
 			// See https://github.com/kubernetes/kubernetes/pull/42147#discussion_r103357248
 		}
-		if err = utilnode.PatchNodeCIDR(ca.client, types.NodeName(node.Name), podCIDR); err == nil {
-			glog.Infof("Set node %v PodCIDR to %v", node.Name, podCIDR)
-			break
+		for i := 0; i < cidrUpdateRetries; i++ {
+			if err = utilnode.PatchNodeCIDR(ca.client, types.NodeName(node.Name), podCIDR); err == nil {
+				glog.Infof("Set node %v PodCIDR to %v", node.Name, podCIDR)
+				break
+			}
 		}
-		glog.Errorf("Failed to update node %v PodCIDR to %v (%d retries left): %v", node.Name, podCIDR, cidrUpdateRetries-rep-1, err)
 	}
 	if err != nil {
-		util.RecordNodeStatusChange(ca.recorder, node, "CIDRAssignmentFailed")
-		glog.Errorf("CIDR assignment for node %v failed: %v.", nodeName, err)
+		nodeutil.RecordNodeStatusChange(ca.recorder, node, "CIDRAssignmentFailed")
+		glog.Errorf("Failed to update node %v PodCIDR to %v after multiple attempts: %v", node.Name, podCIDR, err)
 		return err
 	}
 
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/controller.go b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/controller.go
similarity index 91%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/ipam/controller.go
rename to vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/controller.go
index 4b1221b6781b..bf59418a488f 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/controller.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/controller.go
@@ -30,9 +30,9 @@ import (
 	"k8s.io/client-go/tools/cache"
 	"k8s.io/kubernetes/pkg/cloudprovider"
 	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce"
-	"k8s.io/kubernetes/pkg/controller/node/ipam/cidrset"
-	nodesync "k8s.io/kubernetes/pkg/controller/node/ipam/sync"
-	"k8s.io/kubernetes/pkg/controller/node/util"
+	"k8s.io/kubernetes/pkg/controller/nodeipam/ipam/cidrset"
+	nodesync "k8s.io/kubernetes/pkg/controller/nodeipam/ipam/sync"
+	nodeutil "k8s.io/kubernetes/pkg/controller/util/node"
 )
 
 // Config for the IPAM controller.
@@ -96,7 +96,7 @@ func NewController(
 }
 
 // Start initializes the Controller with the existing list of nodes and
-// registers the informers for node chnages. This will start synchronization
+// registers the informers for node changes. This will start synchronization
 // of the node and cloud CIDR range allocations.
 func (c *Controller) Start(nodeInformer informers.NodeInformer) error {
 	glog.V(0).Infof("Starting IPAM controller (config=%+v)", c.config)
@@ -128,9 +128,9 @@ func (c *Controller) Start(nodeInformer informers.NodeInformer) error {
 	}
 
 	nodeInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
-		AddFunc:    util.CreateAddNodeHandler(c.onAdd),
-		UpdateFunc: util.CreateUpdateNodeHandler(c.onUpdate),
-		DeleteFunc: util.CreateDeleteNodeHandler(c.onDelete),
+		AddFunc:    nodeutil.CreateAddNodeHandler(c.onAdd),
+		UpdateFunc: nodeutil.CreateUpdateNodeHandler(c.onUpdate),
+		DeleteFunc: nodeutil.CreateDeleteNodeHandler(c.onDelete),
 	})
 
 	return nil
@@ -193,7 +193,7 @@ func (c *Controller) onUpdate(_, node *v1.Node) error {
 	if sync, ok := c.syncers[node.Name]; ok {
 		sync.Update(node)
 	} else {
-		glog.Errorf("Received update for non-existant node %q", node.Name)
+		glog.Errorf("Received update for non-existent node %q", node.Name)
 		return fmt.Errorf("unknown node %q", node.Name)
 	}
 
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/doc.go b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/doc.go
similarity index 100%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/ipam/doc.go
rename to vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/doc.go
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/range_allocator.go b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/range_allocator.go
similarity index 83%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/ipam/range_allocator.go
rename to vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/range_allocator.go
index d3037b1d1d11..241bc2f1b8e5 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/range_allocator.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/range_allocator.go
@@ -36,9 +36,9 @@ import (
 	"k8s.io/client-go/tools/cache"
 	"k8s.io/client-go/tools/record"
 	"k8s.io/kubernetes/pkg/controller"
-	"k8s.io/kubernetes/pkg/controller/node/ipam/cidrset"
-	"k8s.io/kubernetes/pkg/controller/node/util"
-	nodeutil "k8s.io/kubernetes/pkg/util/node"
+	"k8s.io/kubernetes/pkg/controller/nodeipam/ipam/cidrset"
+	nodeutil "k8s.io/kubernetes/pkg/controller/util/node"
+	utilnode "k8s.io/kubernetes/pkg/util/node"
 )
 
 type rangeAllocator struct {
@@ -119,8 +119,8 @@ func NewCIDRRangeAllocator(client clientset.Interface, nodeInformer informers.No
 	}
 
 	nodeInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
-		AddFunc: util.CreateAddNodeHandler(ra.AllocateOrOccupyCIDR),
-		UpdateFunc: util.CreateUpdateNodeHandler(func(_, newNode *v1.Node) error {
+		AddFunc: nodeutil.CreateAddNodeHandler(ra.AllocateOrOccupyCIDR),
+		UpdateFunc: nodeutil.CreateUpdateNodeHandler(func(_, newNode *v1.Node) error {
 			// If the PodCIDR is not empty we either:
 			// - already processed a Node that already had a CIDR after NC restarted
 			//   (cidr is marked as used),
@@ -145,7 +145,7 @@ func NewCIDRRangeAllocator(client clientset.Interface, nodeInformer informers.No
 			}
 			return nil
 		}),
-		DeleteFunc: util.CreateDeleteNodeHandler(ra.ReleaseCIDR),
+		DeleteFunc: nodeutil.CreateDeleteNodeHandler(ra.ReleaseCIDR),
 	})
 
 	return ra, nil
@@ -234,7 +234,7 @@ func (r *rangeAllocator) AllocateOrOccupyCIDR(node *v1.Node) error {
 	podCIDR, err := r.cidrs.AllocateNext()
 	if err != nil {
 		r.removeNodeFromProcessing(node.Name)
-		util.RecordNodeStatusChange(r.recorder, node, "CIDRNotAvailable")
+		nodeutil.RecordNodeStatusChange(r.recorder, node, "CIDRNotAvailable")
 		return fmt.Errorf("failed to allocate cidr: %v", err)
 	}
 
@@ -286,39 +286,40 @@ func (r *rangeAllocator) updateCIDRAllocation(data nodeAndCIDR) error {
 	defer r.removeNodeFromProcessing(data.nodeName)
 
 	podCIDR := data.cidr.String()
-	for rep := 0; rep < cidrUpdateRetries; rep++ {
-		node, err = r.nodeLister.Get(data.nodeName)
-		if err != nil {
-			glog.Errorf("Failed while getting node %v to retry updating Node.Spec.PodCIDR: %v", data.nodeName, err)
-			continue
-		}
-		if node.Spec.PodCIDR != "" {
-			glog.V(4).Infof("Node %v already has allocated CIDR %v. Releasing assigned one if different.", node.Name, node.Spec.PodCIDR)
-			if node.Spec.PodCIDR != podCIDR {
-				glog.Errorf("Node %q PodCIDR seems to have changed (original=%v, current=%v), releasing original and occupying new CIDR",
-					node.Name, node.Spec.PodCIDR, podCIDR)
-				if err := r.cidrs.Release(data.cidr); err != nil {
-					glog.Errorf("Error when releasing CIDR %v", podCIDR)
-				}
-			}
-			return nil
+
+	node, err = r.nodeLister.Get(data.nodeName)
+	if err != nil {
+		glog.Errorf("Failed while getting node %v for updating Node.Spec.PodCIDR: %v", data.nodeName, err)
+		return err
+	}
+
+	if node.Spec.PodCIDR == podCIDR {
+		glog.V(4).Infof("Node %v already has allocated CIDR %v. It matches the proposed one.", node.Name, podCIDR)
+		return nil
+	}
+	if node.Spec.PodCIDR != "" {
+		glog.Errorf("Node %v already has a CIDR allocated %v. Releasing the new one %v.", node.Name, node.Spec.PodCIDR, podCIDR)
+		if err := r.cidrs.Release(data.cidr); err != nil {
+			glog.Errorf("Error when releasing CIDR %v", podCIDR)
 		}
-		if err = nodeutil.PatchNodeCIDR(r.client, types.NodeName(node.Name), podCIDR); err == nil {
+		return nil
+	}
+	// If we reached here, it means that the node has no CIDR currently assigned. So we set it.
+	for i := 0; i < cidrUpdateRetries; i++ {
+		if err = utilnode.PatchNodeCIDR(r.client, types.NodeName(node.Name), podCIDR); err == nil {
 			glog.Infof("Set node %v PodCIDR to %v", node.Name, podCIDR)
-			break
+			return nil
 		}
-		glog.Errorf("Failed to update node %v PodCIDR to %v (%d retries left): %v", node.Name, podCIDR, cidrUpdateRetries-rep-1, err)
 	}
-	if err != nil {
-		util.RecordNodeStatusChange(r.recorder, node, "CIDRAssignmentFailed")
-		// We accept the fact that we may leek CIDRs here. This is safer than releasing
-		// them in case when we don't know if request went through.
-		// NodeController restart will return all falsely allocated CIDRs to the pool.
-		if !apierrors.IsServerTimeout(err) {
-			glog.Errorf("CIDR assignment for node %v failed: %v. Releasing allocated CIDR", data.nodeName, err)
-			if releaseErr := r.cidrs.Release(data.cidr); releaseErr != nil {
-				glog.Errorf("Error releasing allocated CIDR for node %v: %v", data.nodeName, releaseErr)
-			}
+	glog.Errorf("Failed to update node %v PodCIDR to %v after multiple attempts: %v", node.Name, podCIDR, err)
+	nodeutil.RecordNodeStatusChange(r.recorder, node, "CIDRAssignmentFailed")
+	// We accept the fact that we may leak CIDRs here. This is safer than releasing
+	// them in case when we don't know if request went through.
+	// NodeController restart will return all falsely allocated CIDRs to the pool.
+	if !apierrors.IsServerTimeout(err) {
+		glog.Errorf("CIDR assignment for node %v failed: %v. Releasing allocated CIDR", node.Name, err)
+		if releaseErr := r.cidrs.Release(data.cidr); releaseErr != nil {
+			glog.Errorf("Error releasing allocated CIDR for node %v: %v", node.Name, releaseErr)
 		}
 	}
 	return err
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/sync/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/sync/BUILD
similarity index 70%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/ipam/sync/BUILD
rename to vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/sync/BUILD
index bc34f435e843..68934150c425 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/sync/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/sync/BUILD
@@ -3,10 +3,10 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 go_library(
     name = "go_default_library",
     srcs = ["sync.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/node/ipam/sync",
+    importpath = "k8s.io/kubernetes/pkg/controller/nodeipam/ipam/sync",
     visibility = ["//visibility:public"],
     deps = [
-        "//pkg/controller/node/ipam/cidrset:go_default_library",
+        "//pkg/controller/nodeipam/ipam/cidrset:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
     ],
@@ -15,11 +15,10 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["sync_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/node/ipam/sync",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
-        "//pkg/controller/node/ipam/cidrset:go_default_library",
-        "//pkg/controller/node/ipam/test:go_default_library",
+        "//pkg/controller/nodeipam/ipam/cidrset:go_default_library",
+        "//pkg/controller/nodeipam/ipam/test:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/sync/sync.go b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/sync/sync.go
similarity index 96%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/ipam/sync/sync.go
rename to vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/sync/sync.go
index eeff4a6d5fc0..fabc3a112601 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/sync/sync.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/sync/sync.go
@@ -25,7 +25,7 @@ import (
 	"github.com/golang/glog"
 
 	"k8s.io/api/core/v1"
-	"k8s.io/kubernetes/pkg/controller/node/ipam/cidrset"
+	"k8s.io/kubernetes/pkg/controller/nodeipam/ipam/cidrset"
 )
 
 const (
@@ -244,7 +244,9 @@ func (op *updateOp) validateRange(ctx context.Context, sync *NodeSync, node *v1.
 // alias.
 func (op *updateOp) updateNodeFromAlias(ctx context.Context, sync *NodeSync, node *v1.Node, aliasRange *net.IPNet) error {
 	if sync.mode != SyncFromCloud {
-		glog.Warningf("Detect mode %q while expect to sync from cloud", sync.mode)
+		sync.kubeAPI.EmitNodeWarningEvent(node.Name, InvalidModeEvent,
+			"Cannot sync from cloud in mode %q", sync.mode)
+		return fmt.Errorf("cannot sync from cloud in mode %q", sync.mode)
 	}
 
 	glog.V(2).Infof("Updating node spec with alias range, node.PodCIDR = %v", aliasRange)
@@ -274,7 +276,9 @@ func (op *updateOp) updateNodeFromAlias(ctx context.Context, sync *NodeSync, nod
 // updateAliasFromNode updates the cloud alias given the node allocation.
 func (op *updateOp) updateAliasFromNode(ctx context.Context, sync *NodeSync, node *v1.Node) error {
 	if sync.mode != SyncFromCluster {
-		glog.Warningf("Detect mode %q while expect to sync from cluster", sync.mode)
+		sync.kubeAPI.EmitNodeWarningEvent(
+			node.Name, InvalidModeEvent, "Cannot sync to cloud in mode %q", sync.mode)
+		return fmt.Errorf("cannot sync to cloud in mode %q", sync.mode)
 	}
 
 	_, aliasRange, err := net.ParseCIDR(node.Spec.PodCIDR)
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/ipam/timeout.go b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/timeout.go
similarity index 100%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/ipam/timeout.go
rename to vendor/k8s.io/kubernetes/pkg/controller/nodeipam/ipam/timeout.go
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/metrics.go b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/metrics.go
new file mode 100644
index 000000000000..9211ce3f3827
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/metrics.go
@@ -0,0 +1,21 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package nodeipam
+
+// Register the metrics that are to be monitored.
+func Register() {
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/node_ipam_controller.go b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/node_ipam_controller.go
new file mode 100644
index 000000000000..e2dad9e4f587
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/controller/nodeipam/node_ipam_controller.go
@@ -0,0 +1,187 @@
+/*
+Copyright 2014 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package nodeipam
+
+import (
+	"net"
+	"time"
+
+	"github.com/golang/glog"
+
+	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
+
+	v1core "k8s.io/client-go/kubernetes/typed/core/v1"
+	"k8s.io/client-go/tools/cache"
+	"k8s.io/client-go/tools/record"
+
+	"k8s.io/api/core/v1"
+	coreinformers "k8s.io/client-go/informers/core/v1"
+	clientset "k8s.io/client-go/kubernetes"
+	corelisters "k8s.io/client-go/listers/core/v1"
+	"k8s.io/kubernetes/pkg/cloudprovider"
+	"k8s.io/kubernetes/pkg/controller"
+	"k8s.io/kubernetes/pkg/controller/nodeipam/ipam"
+	nodesync "k8s.io/kubernetes/pkg/controller/nodeipam/ipam/sync"
+	"k8s.io/kubernetes/pkg/util/metrics"
+)
+
+func init() {
+	// Register prometheus metrics
+	Register()
+}
+
+const (
+	// ipamResyncInterval is the amount of time between when the cloud and node
+	// CIDR range assignments are synchronized.
+	ipamResyncInterval = 30 * time.Second
+	// ipamMaxBackoff is the maximum backoff for retrying synchronization of a
+	// given in the error state.
+	ipamMaxBackoff = 10 * time.Second
+	// ipamInitialRetry is the initial retry interval for retrying synchronization of a
+	// given in the error state.
+	ipamInitialBackoff = 250 * time.Millisecond
+)
+
+// Controller is the controller that manages node ipam state.
+type Controller struct {
+	allocateNodeCIDRs bool
+	allocatorType     ipam.CIDRAllocatorType
+
+	cloud       cloudprovider.Interface
+	clusterCIDR *net.IPNet
+	serviceCIDR *net.IPNet
+	kubeClient  clientset.Interface
+	// Method for easy mocking in unittest.
+	lookupIP func(host string) ([]net.IP, error)
+
+	nodeLister         corelisters.NodeLister
+	nodeInformerSynced cache.InformerSynced
+
+	cidrAllocator ipam.CIDRAllocator
+
+	forcefullyDeletePod func(*v1.Pod) error
+}
+
+// NewNodeIpamController returns a new node IP Address Management controller to
+// sync instances from cloudprovider.
+// This method returns an error if it is unable to initialize the CIDR bitmap with
+// podCIDRs it has already allocated to nodes. Since we don't allow podCIDR changes
+// currently, this should be handled as a fatal error.
+func NewNodeIpamController(
+	nodeInformer coreinformers.NodeInformer,
+	cloud cloudprovider.Interface,
+	kubeClient clientset.Interface,
+	clusterCIDR *net.IPNet,
+	serviceCIDR *net.IPNet,
+	nodeCIDRMaskSize int,
+	allocateNodeCIDRs bool,
+	allocatorType ipam.CIDRAllocatorType) (*Controller, error) {
+
+	if kubeClient == nil {
+		glog.Fatalf("kubeClient is nil when starting Controller")
+	}
+
+	eventBroadcaster := record.NewBroadcaster()
+	eventBroadcaster.StartLogging(glog.Infof)
+
+	glog.V(0).Infof("Sending events to api server.")
+	eventBroadcaster.StartRecordingToSink(
+		&v1core.EventSinkImpl{
+			Interface: v1core.New(kubeClient.CoreV1().RESTClient()).Events(""),
+		})
+
+	if kubeClient != nil && kubeClient.CoreV1().RESTClient().GetRateLimiter() != nil {
+		metrics.RegisterMetricAndTrackRateLimiterUsage("node_ipam_controller", kubeClient.CoreV1().RESTClient().GetRateLimiter())
+	}
+
+	if allocateNodeCIDRs {
+		if clusterCIDR == nil {
+			glog.Fatal("Controller: Must specify clusterCIDR if allocateNodeCIDRs == true.")
+		}
+		mask := clusterCIDR.Mask
+		if maskSize, _ := mask.Size(); maskSize > nodeCIDRMaskSize {
+			glog.Fatal("Controller: Invalid clusterCIDR, mask size of clusterCIDR must be less than nodeCIDRMaskSize.")
+		}
+	}
+
+	ic := &Controller{
+		cloud:             cloud,
+		kubeClient:        kubeClient,
+		lookupIP:          net.LookupIP,
+		clusterCIDR:       clusterCIDR,
+		serviceCIDR:       serviceCIDR,
+		allocateNodeCIDRs: allocateNodeCIDRs,
+		allocatorType:     allocatorType,
+	}
+
+	// TODO: Abstract this check into a generic controller manager should run method.
+	if ic.allocateNodeCIDRs {
+		if ic.allocatorType == ipam.IPAMFromClusterAllocatorType || ic.allocatorType == ipam.IPAMFromCloudAllocatorType {
+			cfg := &ipam.Config{
+				Resync:       ipamResyncInterval,
+				MaxBackoff:   ipamMaxBackoff,
+				InitialRetry: ipamInitialBackoff,
+			}
+			switch ic.allocatorType {
+			case ipam.IPAMFromClusterAllocatorType:
+				cfg.Mode = nodesync.SyncFromCluster
+			case ipam.IPAMFromCloudAllocatorType:
+				cfg.Mode = nodesync.SyncFromCloud
+			}
+			ipamc, err := ipam.NewController(cfg, kubeClient, cloud, clusterCIDR, serviceCIDR, nodeCIDRMaskSize)
+			if err != nil {
+				glog.Fatalf("Error creating ipam controller: %v", err)
+			}
+			if err := ipamc.Start(nodeInformer); err != nil {
+				glog.Fatalf("Error trying to Init(): %v", err)
+			}
+		} else {
+			var err error
+			ic.cidrAllocator, err = ipam.New(
+				kubeClient, cloud, nodeInformer, ic.allocatorType, ic.clusterCIDR, ic.serviceCIDR, nodeCIDRMaskSize)
+			if err != nil {
+				return nil, err
+			}
+		}
+	}
+
+	ic.nodeLister = nodeInformer.Lister()
+	ic.nodeInformerSynced = nodeInformer.Informer().HasSynced
+
+	return ic, nil
+}
+
+// Run starts an asynchronous loop that monitors the status of cluster nodes.
+func (nc *Controller) Run(stopCh <-chan struct{}) {
+	defer utilruntime.HandleCrash()
+
+	glog.Infof("Starting ipam controller")
+	defer glog.Infof("Shutting down ipam controller")
+
+	if !controller.WaitForCacheSync("node", stopCh, nc.nodeInformerSynced) {
+		return
+	}
+
+	// TODO: Abstract this check into a generic controller manager should run method.
+	if nc.allocateNodeCIDRs {
+		if nc.allocatorType != ipam.IPAMFromClusterAllocatorType && nc.allocatorType != ipam.IPAMFromCloudAllocatorType {
+			go nc.cidrAllocator.Run(stopCh)
+		}
+	}
+
+	<-stopCh
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/BUILD
similarity index 75%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/BUILD
rename to vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/BUILD
index 7ed48e2dc620..6549510d2d5e 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/node/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/BUILD
@@ -1,66 +1,25 @@
-package(default_visibility = ["//visibility:public"])
-
-load(
-    "@io_bazel_rules_go//go:def.bzl",
-    "go_library",
-    "go_test",
-)
-
-go_test(
-    name = "go_default_test",
-    srcs = ["nodecontroller_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/node",
-    library = ":go_default_library",
-    deps = [
-        "//pkg/cloudprovider:go_default_library",
-        "//pkg/cloudprovider/providers/fake:go_default_library",
-        "//pkg/controller:go_default_library",
-        "//pkg/controller/node/ipam:go_default_library",
-        "//pkg/controller/node/scheduler:go_default_library",
-        "//pkg/controller/node/util:go_default_library",
-        "//pkg/controller/testutil:go_default_library",
-        "//pkg/kubelet/apis:go_default_library",
-        "//pkg/util/node:go_default_library",
-        "//pkg/util/taints:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
-        "//vendor/k8s.io/api/core/v1:go_default_library",
-        "//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/diff:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
-        "//vendor/k8s.io/client-go/informers:go_default_library",
-        "//vendor/k8s.io/client-go/informers/core/v1:go_default_library",
-        "//vendor/k8s.io/client-go/informers/extensions/v1beta1:go_default_library",
-        "//vendor/k8s.io/client-go/kubernetes:go_default_library",
-        "//vendor/k8s.io/client-go/kubernetes/fake:go_default_library",
-        "//vendor/k8s.io/client-go/testing:go_default_library",
-    ],
-)
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 
 go_library(
     name = "go_default_library",
     srcs = [
-        "doc.go",
         "metrics.go",
-        "node_controller.go",
+        "node_lifecycle_controller.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/controller/node",
+    importpath = "k8s.io/kubernetes/pkg/controller/nodelifecycle",
+    visibility = ["//visibility:public"],
     deps = [
         "//pkg/api/v1/node:go_default_library",
         "//pkg/cloudprovider:go_default_library",
         "//pkg/controller:go_default_library",
-        "//pkg/controller/node/ipam:go_default_library",
-        "//pkg/controller/node/ipam/sync:go_default_library",
-        "//pkg/controller/node/scheduler:go_default_library",
-        "//pkg/controller/node/util:go_default_library",
+        "//pkg/controller/nodelifecycle/scheduler:go_default_library",
+        "//pkg/controller/util/node:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
         "//pkg/util/metrics:go_default_library",
         "//pkg/util/node:go_default_library",
         "//pkg/util/system:go_default_library",
         "//pkg/util/taints:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
+        "//pkg/util/version:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/prometheus/client_golang/prometheus:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
@@ -75,7 +34,6 @@ go_library(
         "//vendor/k8s.io/client-go/informers/extensions/v1beta1:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes/scheme:go_default_library",
-        "//vendor/k8s.io/client-go/kubernetes/typed/core/v1:go_default_library",
         "//vendor/k8s.io/client-go/listers/core/v1:go_default_library",
         "//vendor/k8s.io/client-go/listers/extensions/v1beta1:go_default_library",
         "//vendor/k8s.io/client-go/tools/cache:go_default_library",
@@ -95,9 +53,40 @@ filegroup(
     name = "all-srcs",
     srcs = [
         ":package-srcs",
-        "//pkg/controller/node/ipam:all-srcs",
-        "//pkg/controller/node/scheduler:all-srcs",
-        "//pkg/controller/node/util:all-srcs",
+        "//pkg/controller/nodelifecycle/scheduler:all-srcs",
     ],
     tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["node_lifecycle_controller_test.go"],
+    embed = [":go_default_library"],
+    deps = [
+        "//pkg/cloudprovider:go_default_library",
+        "//pkg/cloudprovider/providers/fake:go_default_library",
+        "//pkg/controller:go_default_library",
+        "//pkg/controller/nodelifecycle/scheduler:go_default_library",
+        "//pkg/controller/testutil:go_default_library",
+        "//pkg/controller/util/node:go_default_library",
+        "//pkg/kubelet/apis:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
+        "//pkg/util/node:go_default_library",
+        "//pkg/util/taints:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/diff:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
+        "//vendor/k8s.io/client-go/informers:go_default_library",
+        "//vendor/k8s.io/client-go/informers/core/v1:go_default_library",
+        "//vendor/k8s.io/client-go/informers/extensions/v1beta1:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes/fake:go_default_library",
+        "//vendor/k8s.io/client-go/testing:go_default_library",
+    ],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/OWNERS b/vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/OWNERS
new file mode 100755
index 000000000000..99dd2eda0e10
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/OWNERS
@@ -0,0 +1,9 @@
+approvers:
+- gmarek
+- bowei
+reviewers:
+- gmarek
+- smarterclayton
+- ingvagabund
+- aveshagarwal
+- k82cn
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/metrics.go b/vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/metrics.go
similarity index 97%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/metrics.go
rename to vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/metrics.go
index 31bba5b23324..ae61266c8ad1 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/node/metrics.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/metrics.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2016 The Kubernetes Authors.
+Copyright 2017 The Kubernetes Authors.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package node
+package nodelifecycle
 
 import (
 	"sync"
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/node_controller.go b/vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/node_lifecycle_controller.go
similarity index 84%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/node_controller.go
rename to vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/node_lifecycle_controller.go
index ff77e6c7d5cd..5337f715f61d 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/node/node_controller.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/node_lifecycle_controller.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2014 The Kubernetes Authors.
+Copyright 2017 The Kubernetes Authors.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -14,16 +14,21 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package node
+// The Controller sets tainted annotations on nodes.
+// Tainted nodes should not be used for new work loads and
+// some effort should be given to getting existing work
+// loads off of tainted nodes.
+
+package nodelifecycle
 
 import (
 	"fmt"
-	"net"
 	"sync"
 	"time"
 
 	"github.com/golang/glog"
 
+	"k8s.io/api/core/v1"
 	apiequality "k8s.io/apimachinery/pkg/api/equality"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -31,31 +36,26 @@ import (
 	"k8s.io/apimachinery/pkg/types"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/wait"
-
-	"k8s.io/client-go/kubernetes/scheme"
-	v1core "k8s.io/client-go/kubernetes/typed/core/v1"
-	"k8s.io/client-go/tools/cache"
-	"k8s.io/client-go/tools/record"
-	"k8s.io/client-go/util/flowcontrol"
-
-	"k8s.io/api/core/v1"
 	coreinformers "k8s.io/client-go/informers/core/v1"
 	extensionsinformers "k8s.io/client-go/informers/extensions/v1beta1"
 	clientset "k8s.io/client-go/kubernetes"
+	"k8s.io/client-go/kubernetes/scheme"
 	corelisters "k8s.io/client-go/listers/core/v1"
 	extensionslisters "k8s.io/client-go/listers/extensions/v1beta1"
+	"k8s.io/client-go/tools/cache"
+	"k8s.io/client-go/tools/record"
+	"k8s.io/client-go/util/flowcontrol"
 	v1node "k8s.io/kubernetes/pkg/api/v1/node"
 	"k8s.io/kubernetes/pkg/cloudprovider"
 	"k8s.io/kubernetes/pkg/controller"
-	"k8s.io/kubernetes/pkg/controller/node/ipam"
-	nodesync "k8s.io/kubernetes/pkg/controller/node/ipam/sync"
-	"k8s.io/kubernetes/pkg/controller/node/scheduler"
-	"k8s.io/kubernetes/pkg/controller/node/util"
+	"k8s.io/kubernetes/pkg/controller/nodelifecycle/scheduler"
+	nodeutil "k8s.io/kubernetes/pkg/controller/util/node"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
 	"k8s.io/kubernetes/pkg/util/metrics"
 	utilnode "k8s.io/kubernetes/pkg/util/node"
 	"k8s.io/kubernetes/pkg/util/system"
 	taintutils "k8s.io/kubernetes/pkg/util/taints"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
+	utilversion "k8s.io/kubernetes/pkg/util/version"
 )
 
 func init() {
@@ -64,11 +64,14 @@ func init() {
 }
 
 var (
+	gracefulDeletionVersion = utilversion.MustParseSemantic("v1.1.0")
+
 	// UnreachableTaintTemplate is the taint for when a node becomes unreachable.
 	UnreachableTaintTemplate = &v1.Taint{
 		Key:    algorithm.TaintNodeUnreachable,
 		Effect: v1.TaintEffectNoExecute,
 	}
+
 	// NotReadyTaintTemplate is the taint for when a node is not ready for
 	// executing pods
 	NotReadyTaintTemplate = &v1.Taint{
@@ -81,6 +84,7 @@ var (
 		v1.NodeOutOfDisk:          algorithm.TaintNodeOutOfDisk,
 		v1.NodeDiskPressure:       algorithm.TaintNodeDiskPressure,
 		v1.NodeNetworkUnavailable: algorithm.TaintNodeNetworkUnavailable,
+		v1.NodePIDPressure:        algorithm.TaintNodePIDPressure,
 	}
 
 	taintKeyToNodeConditionMap = map[string]v1.NodeConditionType{
@@ -88,26 +92,10 @@ var (
 		algorithm.TaintNodeMemoryPressure:     v1.NodeMemoryPressure,
 		algorithm.TaintNodeOutOfDisk:          v1.NodeOutOfDisk,
 		algorithm.TaintNodeDiskPressure:       v1.NodeDiskPressure,
+		algorithm.TaintNodePIDPressure:        v1.NodePIDPressure,
 	}
 )
 
-const (
-	// The amount of time the nodecontroller polls on the list nodes endpoint.
-	apiserverStartupGracePeriod = 10 * time.Minute
-	// The amount of time the nodecontroller should sleep between retrying NodeStatus updates
-	retrySleepTime = 20 * time.Millisecond
-
-	// ipamResyncInterval is the amount of time between when the cloud and node
-	// CIDR range assignments are synchronized.
-	ipamResyncInterval = 30 * time.Second
-	// ipamMaxBackoff is the maximum backoff for retrying synchronization of a
-	// given in the error state.
-	ipamMaxBackoff = 10 * time.Second
-	// ipamInitialRetry is the initial retry interval for retrying synchronization of a
-	// given in the error state.
-	ipamInitialBackoff = 250 * time.Millisecond
-)
-
 // ZoneState is the state of a given zone.
 type ZoneState string
 
@@ -118,24 +106,68 @@ const (
 	statePartialDisruption = ZoneState("PartialDisruption")
 )
 
+const (
+	// The amount of time the nodecontroller polls on the list nodes endpoint.
+	apiserverStartupGracePeriod = 10 * time.Minute
+	// The amount of time the nodecontroller should sleep between retrying NodeStatus updates
+	retrySleepTime = 20 * time.Millisecond
+)
+
 type nodeStatusData struct {
 	probeTimestamp           metav1.Time
 	readyTransitionTimestamp metav1.Time
 	status                   v1.NodeStatus
 }
 
-// Controller is the controller that manages node related cluster state.
+// Controller is the controller that manages node's life cycle.
 type Controller struct {
-	allocateNodeCIDRs bool
-	allocatorType     ipam.CIDRAllocatorType
+	taintManager *scheduler.NoExecuteTaintManager
+
+	podInformerSynced cache.InformerSynced
+	cloud             cloudprovider.Interface
+	kubeClient        clientset.Interface
+
+	// This timestamp is to be used instead of LastProbeTime stored in Condition. We do this
+	// to aviod the problem with time skew across the cluster.
+	now func() metav1.Time
+
+	enterPartialDisruptionFunc func(nodeNum int) float32
+	enterFullDisruptionFunc    func(nodeNum int) float32
+	computeZoneStateFunc       func(nodeConditions []*v1.NodeCondition) (int, ZoneState)
 
-	cloud        cloudprovider.Interface
-	clusterCIDR  *net.IPNet
-	serviceCIDR  *net.IPNet
 	knownNodeSet map[string]*v1.Node
-	kubeClient   clientset.Interface
-	// Method for easy mocking in unittest.
-	lookupIP func(host string) ([]net.IP, error)
+	// per Node map storing last observed Status together with a local time when it was observed.
+	nodeStatusMap map[string]nodeStatusData
+
+	// Lock to access evictor workers
+	evictorLock sync.Mutex
+
+	// workers that evicts pods from unresponsive nodes.
+	zonePodEvictor map[string]*scheduler.RateLimitedTimedQueue
+
+	// workers that are responsible for tainting nodes.
+	zoneNoExecuteTainter map[string]*scheduler.RateLimitedTimedQueue
+
+	zoneStates map[string]ZoneState
+
+	daemonSetStore          extensionslisters.DaemonSetLister
+	daemonSetInformerSynced cache.InformerSynced
+
+	nodeLister                corelisters.NodeLister
+	nodeInformerSynced        cache.InformerSynced
+	nodeExistsInCloudProvider func(types.NodeName) (bool, error)
+
+	recorder record.EventRecorder
+
+	// Value controlling Controller monitoring period, i.e. how often does Controller
+	// check node status posted from kubelet. This value should be lower than nodeMonitorGracePeriod.
+	// TODO: Change node status monitor to watch based.
+	nodeMonitorPeriod time.Duration
+
+	// Value used if sync_nodes_status=False, only for node startup. When node
+	// is just created, e.g. cluster bootstrap or node creation, we give a longer grace period.
+	nodeStartupGracePeriod time.Duration
+
 	// Value used if sync_nodes_status=False. Controller will not proactively
 	// sync node status in this case, but will monitor node status updated from kubelet. If
 	// it doesn't receive update for this amount of time, it will start posting "NodeReady==
@@ -151,45 +183,8 @@ type Controller struct {
 	// 2. nodeMonitorGracePeriod can't be too large for user experience - larger value takes
 	//    longer for user to see up-to-date node status.
 	nodeMonitorGracePeriod time.Duration
-	// Value controlling Controller monitoring period, i.e. how often does Controller
-	// check node status posted from kubelet. This value should be lower than nodeMonitorGracePeriod.
-	// TODO: Change node status monitor to watch based.
-	nodeMonitorPeriod time.Duration
-	// Value used if sync_nodes_status=False, only for node startup. When node
-	// is just created, e.g. cluster bootstrap or node creation, we give a longer grace period.
-	nodeStartupGracePeriod time.Duration
-	// per Node map storing last observed Status together with a local time when it was observed.
-	nodeStatusMap map[string]nodeStatusData
-	// This timestamp is to be used instead of LastProbeTime stored in Condition. We do this
-	// to aviod the problem with time skew across the cluster.
-	now func() metav1.Time
-	// Lock to access evictor workers
-	evictorLock sync.Mutex
-	// workers that evicts pods from unresponsive nodes.
-	zonePodEvictor map[string]*scheduler.RateLimitedTimedQueue
-	// workers that are responsible for tainting nodes.
-	zoneNoExecuteTainer map[string]*scheduler.RateLimitedTimedQueue
-	podEvictionTimeout  time.Duration
-	// The maximum duration before a pod evicted from a node can be forcefully terminated.
-	maximumGracePeriod time.Duration
-	recorder           record.EventRecorder
-
-	nodeLister         corelisters.NodeLister
-	nodeInformerSynced cache.InformerSynced
-
-	daemonSetStore          extensionslisters.DaemonSetLister
-	daemonSetInformerSynced cache.InformerSynced
-
-	podInformerSynced cache.InformerSynced
-	cidrAllocator     ipam.CIDRAllocator
-	taintManager      *scheduler.NoExecuteTaintManager
-
-	nodeExistsInCloudProvider  func(types.NodeName) (bool, error)
-	computeZoneStateFunc       func(nodeConditions []*v1.NodeCondition) (int, ZoneState)
-	enterPartialDisruptionFunc func(nodeNum int) float32
-	enterFullDisruptionFunc    func(nodeNum int) float32
 
-	zoneStates                  map[string]ZoneState
+	podEvictionTimeout          time.Duration
 	evictionLimiterQPS          float32
 	secondaryEvictionLimiterQPS float32
 	largeClusterThreshold       int32
@@ -208,29 +203,20 @@ type Controller struct {
 	taintNodeByCondition bool
 }
 
-// NewNodeController returns a new node controller to sync instances from cloudprovider.
-// This method returns an error if it is unable to initialize the CIDR bitmap with
-// podCIDRs it has already allocated to nodes. Since we don't allow podCIDR changes
-// currently, this should be handled as a fatal error.
-func NewNodeController(
-	podInformer coreinformers.PodInformer,
+// NewNodeLifecycleController returns a new taint controller.
+func NewNodeLifecycleController(podInformer coreinformers.PodInformer,
 	nodeInformer coreinformers.NodeInformer,
 	daemonSetInformer extensionsinformers.DaemonSetInformer,
 	cloud cloudprovider.Interface,
 	kubeClient clientset.Interface,
+	nodeMonitorPeriod time.Duration,
+	nodeStartupGracePeriod time.Duration,
+	nodeMonitorGracePeriod time.Duration,
 	podEvictionTimeout time.Duration,
 	evictionLimiterQPS float32,
 	secondaryEvictionLimiterQPS float32,
 	largeClusterThreshold int32,
 	unhealthyZoneThreshold float32,
-	nodeMonitorGracePeriod time.Duration,
-	nodeStartupGracePeriod time.Duration,
-	nodeMonitorPeriod time.Duration,
-	clusterCIDR *net.IPNet,
-	serviceCIDR *net.IPNet,
-	nodeCIDRMaskSize int,
-	allocateNodeCIDRs bool,
-	allocatorType ipam.CIDRAllocatorType,
 	runTaintManager bool,
 	useTaintBasedEvictions bool,
 	taintNodeByCondition bool) (*Controller, error) {
@@ -241,55 +227,32 @@ func NewNodeController(
 
 	eventBroadcaster := record.NewBroadcaster()
 	recorder := eventBroadcaster.NewRecorder(scheme.Scheme, v1.EventSource{Component: "node-controller"})
-	eventBroadcaster.StartLogging(glog.Infof)
-
-	glog.V(0).Infof("Sending events to api server.")
-	eventBroadcaster.StartRecordingToSink(
-		&v1core.EventSinkImpl{
-			Interface: v1core.New(kubeClient.CoreV1().RESTClient()).Events(""),
-		})
 
 	if kubeClient != nil && kubeClient.CoreV1().RESTClient().GetRateLimiter() != nil {
-		metrics.RegisterMetricAndTrackRateLimiterUsage("node_controller", kubeClient.CoreV1().RESTClient().GetRateLimiter())
-	}
-
-	if allocateNodeCIDRs {
-		if clusterCIDR == nil {
-			glog.Fatal("Controller: Must specify clusterCIDR if allocateNodeCIDRs == true.")
-		}
-		mask := clusterCIDR.Mask
-		if maskSize, _ := mask.Size(); maskSize > nodeCIDRMaskSize {
-			glog.Fatal("Controller: Invalid clusterCIDR, mask size of clusterCIDR must be less than nodeCIDRMaskSize.")
-		}
+		metrics.RegisterMetricAndTrackRateLimiterUsage("node_lifecycle_controller", kubeClient.CoreV1().RESTClient().GetRateLimiter())
 	}
 
 	nc := &Controller{
-		cloud:                  cloud,
-		knownNodeSet:           make(map[string]*v1.Node),
-		kubeClient:             kubeClient,
-		recorder:               recorder,
-		podEvictionTimeout:     podEvictionTimeout,
-		maximumGracePeriod:     5 * time.Minute,
-		zonePodEvictor:         make(map[string]*scheduler.RateLimitedTimedQueue),
-		zoneNoExecuteTainer:    make(map[string]*scheduler.RateLimitedTimedQueue),
-		nodeStatusMap:          make(map[string]nodeStatusData),
-		nodeMonitorGracePeriod: nodeMonitorGracePeriod,
-		nodeMonitorPeriod:      nodeMonitorPeriod,
-		nodeStartupGracePeriod: nodeStartupGracePeriod,
-		lookupIP:               net.LookupIP,
-		now:                    metav1.Now,
-		clusterCIDR:            clusterCIDR,
-		serviceCIDR:            serviceCIDR,
-		allocateNodeCIDRs:      allocateNodeCIDRs,
-		allocatorType:          allocatorType,
+		cloud:         cloud,
+		kubeClient:    kubeClient,
+		now:           metav1.Now,
+		knownNodeSet:  make(map[string]*v1.Node),
+		nodeStatusMap: make(map[string]nodeStatusData),
 		nodeExistsInCloudProvider: func(nodeName types.NodeName) (bool, error) {
-			return util.NodeExistsInCloudProvider(cloud, nodeName)
+			return nodeutil.ExistsInCloudProvider(cloud, nodeName)
 		},
+		recorder:                    recorder,
+		nodeMonitorPeriod:           nodeMonitorPeriod,
+		nodeStartupGracePeriod:      nodeStartupGracePeriod,
+		nodeMonitorGracePeriod:      nodeMonitorGracePeriod,
+		zonePodEvictor:              make(map[string]*scheduler.RateLimitedTimedQueue),
+		zoneNoExecuteTainter:        make(map[string]*scheduler.RateLimitedTimedQueue),
+		zoneStates:                  make(map[string]ZoneState),
+		podEvictionTimeout:          podEvictionTimeout,
 		evictionLimiterQPS:          evictionLimiterQPS,
 		secondaryEvictionLimiterQPS: secondaryEvictionLimiterQPS,
 		largeClusterThreshold:       largeClusterThreshold,
 		unhealthyZoneThreshold:      unhealthyZoneThreshold,
-		zoneStates:                  make(map[string]ZoneState),
 		runTaintManager:             runTaintManager,
 		useTaintBasedEvictions:      useTaintBasedEvictions && runTaintManager,
 		taintNodeByCondition:        taintNodeByCondition,
@@ -297,6 +260,7 @@ func NewNodeController(
 	if useTaintBasedEvictions {
 		glog.Infof("Controller is using taint based evictions.")
 	}
+
 	nc.enterPartialDisruptionFunc = nc.ReducedQPSFunc
 	nc.enterFullDisruptionFunc = nc.HealthyQPSFunc
 	nc.computeZoneStateFunc = nc.ComputeZoneState
@@ -337,48 +301,18 @@ func NewNodeController(
 	})
 	nc.podInformerSynced = podInformer.Informer().HasSynced
 
-	if nc.allocateNodeCIDRs {
-		if nc.allocatorType == ipam.IPAMFromClusterAllocatorType || nc.allocatorType == ipam.IPAMFromCloudAllocatorType {
-			cfg := &ipam.Config{
-				Resync:       ipamResyncInterval,
-				MaxBackoff:   ipamMaxBackoff,
-				InitialRetry: ipamInitialBackoff,
-			}
-			switch nc.allocatorType {
-			case ipam.IPAMFromClusterAllocatorType:
-				cfg.Mode = nodesync.SyncFromCluster
-			case ipam.IPAMFromCloudAllocatorType:
-				cfg.Mode = nodesync.SyncFromCloud
-			}
-			ipamc, err := ipam.NewController(cfg, kubeClient, cloud, clusterCIDR, serviceCIDR, nodeCIDRMaskSize)
-			if err != nil {
-				glog.Fatalf("Error creating ipam controller: %v", err)
-			}
-			if err := ipamc.Start(nodeInformer); err != nil {
-				glog.Fatalf("Error trying to Init(): %v", err)
-			}
-		} else {
-			var err error
-			nc.cidrAllocator, err = ipam.New(
-				kubeClient, cloud, nodeInformer, nc.allocatorType, nc.clusterCIDR, nc.serviceCIDR, nodeCIDRMaskSize)
-			if err != nil {
-				return nil, err
-			}
-		}
-	}
-
 	if nc.runTaintManager {
 		nc.taintManager = scheduler.NewNoExecuteTaintManager(kubeClient)
 		nodeInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
-			AddFunc: util.CreateAddNodeHandler(func(node *v1.Node) error {
+			AddFunc: nodeutil.CreateAddNodeHandler(func(node *v1.Node) error {
 				nc.taintManager.NodeUpdated(nil, node)
 				return nil
 			}),
-			UpdateFunc: util.CreateUpdateNodeHandler(func(oldNode, newNode *v1.Node) error {
+			UpdateFunc: nodeutil.CreateUpdateNodeHandler(func(oldNode, newNode *v1.Node) error {
 				nc.taintManager.NodeUpdated(oldNode, newNode)
 				return nil
 			}),
-			DeleteFunc: util.CreateDeleteNodeHandler(func(node *v1.Node) error {
+			DeleteFunc: nodeutil.CreateDeleteNodeHandler(func(node *v1.Node) error {
 				nc.taintManager.NodeUpdated(node, nil)
 				return nil
 			}),
@@ -388,10 +322,10 @@ func NewNodeController(
 	if nc.taintNodeByCondition {
 		glog.Infof("Controller will taint node by condition.")
 		nodeInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
-			AddFunc: util.CreateAddNodeHandler(func(node *v1.Node) error {
+			AddFunc: nodeutil.CreateAddNodeHandler(func(node *v1.Node) error {
 				return nc.doNoScheduleTaintingPass(node)
 			}),
-			UpdateFunc: util.CreateUpdateNodeHandler(func(_, newNode *v1.Node) error {
+			UpdateFunc: nodeutil.CreateUpdateNodeHandler(func(_, newNode *v1.Node) error {
 				return nc.doNoScheduleTaintingPass(newNode)
 			}),
 		})
@@ -400,10 +334,10 @@ func NewNodeController(
 	// NOTE(resouer): nodeInformer to substitute deprecated taint key (notReady -> not-ready).
 	// Remove this logic when we don't need this backwards compatibility
 	nodeInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
-		AddFunc: util.CreateAddNodeHandler(func(node *v1.Node) error {
+		AddFunc: nodeutil.CreateAddNodeHandler(func(node *v1.Node) error {
 			return nc.doFixDeprecatedTaintKeyPass(node)
 		}),
-		UpdateFunc: util.CreateUpdateNodeHandler(func(_, newNode *v1.Node) error {
+		UpdateFunc: nodeutil.CreateUpdateNodeHandler(func(_, newNode *v1.Node) error {
 			return nc.doFixDeprecatedTaintKeyPass(newNode)
 		}),
 	})
@@ -417,33 +351,40 @@ func NewNodeController(
 	return nc, nil
 }
 
-func (nc *Controller) doEvictionPass() {
-	nc.evictorLock.Lock()
-	defer nc.evictorLock.Unlock()
-	for k := range nc.zonePodEvictor {
-		// Function should return 'false' and a time after which it should be retried, or 'true' if it shouldn't (it succeeded).
-		nc.zonePodEvictor[k].Try(func(value scheduler.TimedValue) (bool, time.Duration) {
-			node, err := nc.nodeLister.Get(value.Value)
-			if apierrors.IsNotFound(err) {
-				glog.Warningf("Node %v no longer present in nodeLister!", value.Value)
-			} else if err != nil {
-				glog.Warningf("Failed to get Node %v from the nodeLister: %v", value.Value, err)
-			} else {
-				zone := utilnode.GetZoneKey(node)
-				evictionsNumber.WithLabelValues(zone).Inc()
-			}
-			nodeUID, _ := value.UID.(string)
-			remaining, err := util.DeletePods(nc.kubeClient, nc.recorder, value.Value, nodeUID, nc.daemonSetStore)
-			if err != nil {
-				utilruntime.HandleError(fmt.Errorf("unable to evict node %q: %v", value.Value, err))
-				return false, 0
-			}
-			if remaining {
-				glog.Infof("Pods awaiting deletion due to Controller eviction")
-			}
-			return true, 0
-		})
+// Run starts an asynchronous loop that monitors the status of cluster nodes.
+func (nc *Controller) Run(stopCh <-chan struct{}) {
+	defer utilruntime.HandleCrash()
+
+	glog.Infof("Starting node controller")
+	defer glog.Infof("Shutting down node controller")
+
+	if !controller.WaitForCacheSync("taint", stopCh, nc.nodeInformerSynced, nc.podInformerSynced, nc.daemonSetInformerSynced) {
+		return
+	}
+
+	if nc.runTaintManager {
+		go nc.taintManager.Run(wait.NeverStop)
+	}
+
+	if nc.useTaintBasedEvictions {
+		// Handling taint based evictions. Because we don't want a dedicated logic in TaintManager for NC-originated
+		// taints and we normally don't rate limit evictions caused by taints, we need to rate limit adding taints.
+		go wait.Until(nc.doNoExecuteTaintingPass, scheduler.NodeEvictionPeriod, wait.NeverStop)
+	} else {
+		// Managing eviction of nodes:
+		// When we delete pods off a node, if the node was not empty at the time we then
+		// queue an eviction watcher. If we hit an error, retry deletion.
+		go wait.Until(nc.doEvictionPass, scheduler.NodeEvictionPeriod, wait.NeverStop)
 	}
+
+	// Incorporate the results of node status pushed from kubelet to master.
+	go wait.Until(func() {
+		if err := nc.monitorNodeStatus(); err != nil {
+			glog.Errorf("Error monitoring node status: %v", err)
+		}
+	}, nc.nodeMonitorPeriod, wait.NeverStop)
+
+	<-stopCh
 }
 
 // doFixDeprecatedTaintKeyPass checks and replaces deprecated taint key with proper key name if needed.
@@ -478,7 +419,7 @@ func (nc *Controller) doFixDeprecatedTaintKeyPass(node *v1.Node) error {
 	glog.Warningf("Detected deprecated taint keys: %v on node: %v, will substitute them with %v",
 		taintsToDel, node.GetName(), taintsToAdd)
 
-	if !util.SwapNodeControllerTaint(nc.kubeClient, taintsToAdd, taintsToDel, node) {
+	if !nodeutil.SwapNodeControllerTaint(nc.kubeClient, taintsToAdd, taintsToDel, node) {
 		return fmt.Errorf("failed to swap taints of node %+v", node)
 	}
 	return nil
@@ -497,7 +438,21 @@ func (nc *Controller) doNoScheduleTaintingPass(node *v1.Node) error {
 			}
 		}
 	}
+	if node.Spec.Unschedulable {
+		// If unschedulable, append related taint.
+		taints = append(taints, v1.Taint{
+			Key:    algorithm.TaintNodeUnschedulable,
+			Effect: v1.TaintEffectNoSchedule,
+		})
+	}
+
+	// Get exist taints of node.
 	nodeTaints := taintutils.TaintSetFilter(node.Spec.Taints, func(t *v1.Taint) bool {
+		// Find unschedulable taint of node.
+		if t.Key == algorithm.TaintNodeUnschedulable {
+			return true
+		}
+		// Find node condition taints of node.
 		_, found := taintKeyToNodeConditionMap[t.Key]
 		return found
 	})
@@ -506,7 +461,7 @@ func (nc *Controller) doNoScheduleTaintingPass(node *v1.Node) error {
 	if len(taintsToAdd) == 0 && len(taintsToDel) == 0 {
 		return nil
 	}
-	if !util.SwapNodeControllerTaint(nc.kubeClient, taintsToAdd, taintsToDel, node) {
+	if !nodeutil.SwapNodeControllerTaint(nc.kubeClient, taintsToAdd, taintsToDel, node) {
 		return fmt.Errorf("failed to swap taints of node %+v", node)
 	}
 	return nil
@@ -515,9 +470,9 @@ func (nc *Controller) doNoScheduleTaintingPass(node *v1.Node) error {
 func (nc *Controller) doNoExecuteTaintingPass() {
 	nc.evictorLock.Lock()
 	defer nc.evictorLock.Unlock()
-	for k := range nc.zoneNoExecuteTainer {
+	for k := range nc.zoneNoExecuteTainter {
 		// Function should return 'false' and a time after which it should be retried, or 'true' if it shouldn't (it succeeded).
-		nc.zoneNoExecuteTainer[k].Try(func(value scheduler.TimedValue) (bool, time.Duration) {
+		nc.zoneNoExecuteTainter[k].Try(func(value scheduler.TimedValue) (bool, time.Duration) {
 			node, err := nc.nodeLister.Get(value.Value)
 			if apierrors.IsNotFound(err) {
 				glog.Warningf("Node %v no longer present in nodeLister!", value.Value)
@@ -546,104 +501,71 @@ func (nc *Controller) doNoExecuteTaintingPass() {
 				return true, 0
 			}
 
-			return util.SwapNodeControllerTaint(nc.kubeClient, []*v1.Taint{&taintToAdd}, []*v1.Taint{&oppositeTaint}, node), 0
+			return nodeutil.SwapNodeControllerTaint(nc.kubeClient, []*v1.Taint{&taintToAdd}, []*v1.Taint{&oppositeTaint}, node), 0
 		})
 	}
 }
 
-// Run starts an asynchronous loop that monitors the status of cluster nodes.
-func (nc *Controller) Run(stopCh <-chan struct{}) {
-	defer utilruntime.HandleCrash()
-
-	glog.Infof("Starting node controller")
-	defer glog.Infof("Shutting down node controller")
-
-	if !controller.WaitForCacheSync("node", stopCh, nc.nodeInformerSynced, nc.podInformerSynced, nc.daemonSetInformerSynced) {
-		return
+func (nc *Controller) doEvictionPass() {
+	nc.evictorLock.Lock()
+	defer nc.evictorLock.Unlock()
+	for k := range nc.zonePodEvictor {
+		// Function should return 'false' and a time after which it should be retried, or 'true' if it shouldn't (it succeeded).
+		nc.zonePodEvictor[k].Try(func(value scheduler.TimedValue) (bool, time.Duration) {
+			node, err := nc.nodeLister.Get(value.Value)
+			if apierrors.IsNotFound(err) {
+				glog.Warningf("Node %v no longer present in nodeLister!", value.Value)
+			} else if err != nil {
+				glog.Warningf("Failed to get Node %v from the nodeLister: %v", value.Value, err)
+			} else {
+				zone := utilnode.GetZoneKey(node)
+				evictionsNumber.WithLabelValues(zone).Inc()
+			}
+			nodeUID, _ := value.UID.(string)
+			remaining, err := nodeutil.DeletePods(nc.kubeClient, nc.recorder, value.Value, nodeUID, nc.daemonSetStore)
+			if err != nil {
+				utilruntime.HandleError(fmt.Errorf("unable to evict node %q: %v", value.Value, err))
+				return false, 0
+			}
+			if remaining {
+				glog.Infof("Pods awaiting deletion due to Controller eviction")
+			}
+			return true, 0
+		})
 	}
+}
 
-	// Incorporate the results of node status pushed from kubelet to master.
-	go wait.Until(func() {
-		if err := nc.monitorNodeStatus(); err != nil {
-			glog.Errorf("Error monitoring node status: %v", err)
-		}
-	}, nc.nodeMonitorPeriod, wait.NeverStop)
-
-	if nc.runTaintManager {
-		go nc.taintManager.Run(wait.NeverStop)
+// monitorNodeStatus verifies node status are constantly updated by kubelet, and if not,
+// post "NodeReady==ConditionUnknown". It also evicts all pods if node is not ready or
+// not reachable for a long period of time.
+func (nc *Controller) monitorNodeStatus() error {
+	// We are listing nodes from local cache as we can tolerate some small delays
+	// comparing to state from etcd and there is eventual consistency anyway.
+	nodes, err := nc.nodeLister.List(labels.Everything())
+	if err != nil {
+		return err
 	}
+	added, deleted, newZoneRepresentatives := nc.classifyNodes(nodes)
 
-	if nc.useTaintBasedEvictions {
-		// Handling taint based evictions. Because we don't want a dedicated logic in TaintManager for NC-originated
-		// taints and we normally don't rate limit evictions caused by taints, we need to rate limit adding taints.
-		go wait.Until(nc.doNoExecuteTaintingPass, scheduler.NodeEvictionPeriod, wait.NeverStop)
-	} else {
-		// Managing eviction of nodes:
-		// When we delete pods off a node, if the node was not empty at the time we then
-		// queue an eviction watcher. If we hit an error, retry deletion.
-		go wait.Until(nc.doEvictionPass, scheduler.NodeEvictionPeriod, wait.NeverStop)
+	for i := range newZoneRepresentatives {
+		nc.addPodEvictorForNewZone(newZoneRepresentatives[i])
 	}
 
-	if nc.allocateNodeCIDRs {
-		if nc.allocatorType != ipam.IPAMFromClusterAllocatorType && nc.allocatorType != ipam.IPAMFromCloudAllocatorType {
-			go nc.cidrAllocator.Run(wait.NeverStop)
-		}
-	}
-
-	<-stopCh
-}
-
-// addPodEvictorForNewZone checks if new zone appeared, and if so add new evictor.
-func (nc *Controller) addPodEvictorForNewZone(node *v1.Node) {
-	zone := utilnode.GetZoneKey(node)
-	if _, found := nc.zoneStates[zone]; !found {
-		nc.zoneStates[zone] = stateInitial
-		if !nc.useTaintBasedEvictions {
-			nc.zonePodEvictor[zone] =
-				scheduler.NewRateLimitedTimedQueue(
-					flowcontrol.NewTokenBucketRateLimiter(nc.evictionLimiterQPS, scheduler.EvictionRateLimiterBurst))
-		} else {
-			nc.zoneNoExecuteTainer[zone] =
-				scheduler.NewRateLimitedTimedQueue(
-					flowcontrol.NewTokenBucketRateLimiter(nc.evictionLimiterQPS, scheduler.EvictionRateLimiterBurst))
-		}
-		// Init the metric for the new zone.
-		glog.Infof("Initializing eviction metric for zone: %v", zone)
-		evictionsNumber.WithLabelValues(zone).Add(0)
-	}
-}
-
-// monitorNodeStatus verifies node status are constantly updated by kubelet, and if not,
-// post "NodeReady==ConditionUnknown". It also evicts all pods if node is not ready or
-// not reachable for a long period of time.
-func (nc *Controller) monitorNodeStatus() error {
-	// We are listing nodes from local cache as we can tolerate some small delays
-	// comparing to state from etcd and there is eventual consistency anyway.
-	nodes, err := nc.nodeLister.List(labels.Everything())
-	if err != nil {
-		return err
-	}
-	added, deleted, newZoneRepresentatives := nc.classifyNodes(nodes)
-
-	for i := range newZoneRepresentatives {
-		nc.addPodEvictorForNewZone(newZoneRepresentatives[i])
-	}
-
-	for i := range added {
-		glog.V(1).Infof("Controller observed a new Node: %#v", added[i].Name)
-		util.RecordNodeEvent(nc.recorder, added[i].Name, string(added[i].UID), v1.EventTypeNormal, "RegisteredNode", fmt.Sprintf("Registered Node %v in Controller", added[i].Name))
-		nc.knownNodeSet[added[i].Name] = added[i]
-		nc.addPodEvictorForNewZone(added[i])
-		if nc.useTaintBasedEvictions {
-			nc.markNodeAsReachable(added[i])
-		} else {
-			nc.cancelPodEviction(added[i])
+	for i := range added {
+		glog.V(1).Infof("Controller observed a new Node: %#v", added[i].Name)
+		nodeutil.RecordNodeEvent(nc.recorder, added[i].Name, string(added[i].UID), v1.EventTypeNormal, "RegisteredNode", fmt.Sprintf("Registered Node %v in Controller", added[i].Name))
+		nc.knownNodeSet[added[i].Name] = added[i]
+		nc.addPodEvictorForNewZone(added[i])
+		if nc.useTaintBasedEvictions {
+			nc.markNodeAsReachable(added[i])
+		} else {
+			nc.cancelPodEviction(added[i])
 		}
 	}
 
 	for i := range deleted {
 		glog.V(1).Infof("Controller observed a Node deletion: %v", deleted[i].Name)
-		util.RecordNodeEvent(nc.recorder, deleted[i].Name, string(deleted[i].UID), v1.EventTypeNormal, "RemovingNode", fmt.Sprintf("Removing Node %v from Controller", deleted[i].Name))
+		nodeutil.RecordNodeEvent(nc.recorder, deleted[i].Name, string(deleted[i].UID), v1.EventTypeNormal, "RemovingNode", fmt.Sprintf("Removing Node %v from Controller", deleted[i].Name))
 		delete(nc.knownNodeSet, deleted[i].Name)
 	}
 
@@ -684,7 +606,7 @@ func (nc *Controller) monitorNodeStatus() error {
 					// We want to update the taint straight away if Node is already tainted with the UnreachableTaint
 					if taintutils.TaintExists(node.Spec.Taints, UnreachableTaintTemplate) {
 						taintToAdd := *NotReadyTaintTemplate
-						if !util.SwapNodeControllerTaint(nc.kubeClient, []*v1.Taint{&taintToAdd}, []*v1.Taint{UnreachableTaintTemplate}, node) {
+						if !nodeutil.SwapNodeControllerTaint(nc.kubeClient, []*v1.Taint{&taintToAdd}, []*v1.Taint{UnreachableTaintTemplate}, node) {
 							glog.Errorf("Failed to instantly swap UnreachableTaint to NotReadyTaint. Will try again in the next cycle.")
 						}
 					} else if nc.markNodeForTainting(node) {
@@ -711,7 +633,7 @@ func (nc *Controller) monitorNodeStatus() error {
 					// We want to update the taint straight away if Node is already tainted with the UnreachableTaint
 					if taintutils.TaintExists(node.Spec.Taints, NotReadyTaintTemplate) {
 						taintToAdd := *UnreachableTaintTemplate
-						if !util.SwapNodeControllerTaint(nc.kubeClient, []*v1.Taint{&taintToAdd}, []*v1.Taint{NotReadyTaintTemplate}, node) {
+						if !nodeutil.SwapNodeControllerTaint(nc.kubeClient, []*v1.Taint{&taintToAdd}, []*v1.Taint{NotReadyTaintTemplate}, node) {
 							glog.Errorf("Failed to instantly swap UnreachableTaint to NotReadyTaint. Will try again in the next cycle.")
 						}
 					} else if nc.markNodeForTainting(node) {
@@ -751,8 +673,8 @@ func (nc *Controller) monitorNodeStatus() error {
 
 			// Report node event.
 			if currentReadyCondition.Status != v1.ConditionTrue && observedReadyCondition.Status == v1.ConditionTrue {
-				util.RecordNodeStatusChange(nc.recorder, node, "NodeNotReady")
-				if err = util.MarkAllPodsNotReady(nc.kubeClient, node); err != nil {
+				nodeutil.RecordNodeStatusChange(nc.recorder, node, "NodeNotReady")
+				if err = nodeutil.MarkAllPodsNotReady(nc.kubeClient, node); err != nil {
 					utilruntime.HandleError(fmt.Errorf("Unable to mark all pods NotReady on node %v: %v", node.Name, err))
 				}
 			}
@@ -767,13 +689,13 @@ func (nc *Controller) monitorNodeStatus() error {
 				}
 				if !exists {
 					glog.V(2).Infof("Deleting node (no longer present in cloud provider): %s", node.Name)
-					util.RecordNodeEvent(nc.recorder, node.Name, string(node.UID), v1.EventTypeNormal, "DeletingNode", fmt.Sprintf("Deleting Node %v because it's not present according to cloud provider", node.Name))
+					nodeutil.RecordNodeEvent(nc.recorder, node.Name, string(node.UID), v1.EventTypeNormal, "DeletingNode", fmt.Sprintf("Deleting Node %v because it's not present according to cloud provider", node.Name))
 					go func(nodeName string) {
 						defer utilruntime.HandleCrash()
 						// Kubelet is not reporting and Cloud Provider says node
 						// is gone. Delete it without worrying about grace
 						// periods.
-						if err := util.ForcefullyDeleteNode(nc.kubeClient, nodeName); err != nil {
+						if err := nodeutil.ForcefullyDeleteNode(nc.kubeClient, nodeName); err != nil {
 							glog.Errorf("Unable to forcefully delete node %q: %v", nodeName, err)
 						}
 					}(node.Name)
@@ -786,131 +708,6 @@ func (nc *Controller) monitorNodeStatus() error {
 	return nil
 }
 
-func (nc *Controller) handleDisruption(zoneToNodeConditions map[string][]*v1.NodeCondition, nodes []*v1.Node) {
-	newZoneStates := map[string]ZoneState{}
-	allAreFullyDisrupted := true
-	for k, v := range zoneToNodeConditions {
-		zoneSize.WithLabelValues(k).Set(float64(len(v)))
-		unhealthy, newState := nc.computeZoneStateFunc(v)
-		zoneHealth.WithLabelValues(k).Set(float64(100*(len(v)-unhealthy)) / float64(len(v)))
-		unhealthyNodes.WithLabelValues(k).Set(float64(unhealthy))
-		if newState != stateFullDisruption {
-			allAreFullyDisrupted = false
-		}
-		newZoneStates[k] = newState
-		if _, had := nc.zoneStates[k]; !had {
-			glog.Errorf("Setting initial state for unseen zone: %v", k)
-			nc.zoneStates[k] = stateInitial
-		}
-	}
-
-	allWasFullyDisrupted := true
-	for k, v := range nc.zoneStates {
-		if _, have := zoneToNodeConditions[k]; !have {
-			zoneSize.WithLabelValues(k).Set(0)
-			zoneHealth.WithLabelValues(k).Set(100)
-			unhealthyNodes.WithLabelValues(k).Set(0)
-			delete(nc.zoneStates, k)
-			continue
-		}
-		if v != stateFullDisruption {
-			allWasFullyDisrupted = false
-			break
-		}
-	}
-
-	// At least one node was responding in previous pass or in the current pass. Semantics is as follows:
-	// - if the new state is "partialDisruption" we call a user defined function that returns a new limiter to use,
-	// - if the new state is "normal" we resume normal operation (go back to default limiter settings),
-	// - if new state is "fullDisruption" we restore normal eviction rate,
-	//   - unless all zones in the cluster are in "fullDisruption" - in that case we stop all evictions.
-	if !allAreFullyDisrupted || !allWasFullyDisrupted {
-		// We're switching to full disruption mode
-		if allAreFullyDisrupted {
-			glog.V(0).Info("Controller detected that all Nodes are not-Ready. Entering master disruption mode.")
-			for i := range nodes {
-				if nc.useTaintBasedEvictions {
-					_, err := nc.markNodeAsReachable(nodes[i])
-					if err != nil {
-						glog.Errorf("Failed to remove taints from Node %v", nodes[i].Name)
-					}
-				} else {
-					nc.cancelPodEviction(nodes[i])
-				}
-			}
-			// We stop all evictions.
-			for k := range nc.zoneStates {
-				if nc.useTaintBasedEvictions {
-					nc.zoneNoExecuteTainer[k].SwapLimiter(0)
-				} else {
-					nc.zonePodEvictor[k].SwapLimiter(0)
-				}
-			}
-			for k := range nc.zoneStates {
-				nc.zoneStates[k] = stateFullDisruption
-			}
-			// All rate limiters are updated, so we can return early here.
-			return
-		}
-		// We're exiting full disruption mode
-		if allWasFullyDisrupted {
-			glog.V(0).Info("Controller detected that some Nodes are Ready. Exiting master disruption mode.")
-			// When exiting disruption mode update probe timestamps on all Nodes.
-			now := nc.now()
-			for i := range nodes {
-				v := nc.nodeStatusMap[nodes[i].Name]
-				v.probeTimestamp = now
-				v.readyTransitionTimestamp = now
-				nc.nodeStatusMap[nodes[i].Name] = v
-			}
-			// We reset all rate limiters to settings appropriate for the given state.
-			for k := range nc.zoneStates {
-				nc.setLimiterInZone(k, len(zoneToNodeConditions[k]), newZoneStates[k])
-				nc.zoneStates[k] = newZoneStates[k]
-			}
-			return
-		}
-		// We know that there's at least one not-fully disrupted so,
-		// we can use default behavior for rate limiters
-		for k, v := range nc.zoneStates {
-			newState := newZoneStates[k]
-			if v == newState {
-				continue
-			}
-			glog.V(0).Infof("Controller detected that zone %v is now in state %v.", k, newState)
-			nc.setLimiterInZone(k, len(zoneToNodeConditions[k]), newState)
-			nc.zoneStates[k] = newState
-		}
-	}
-}
-
-func (nc *Controller) setLimiterInZone(zone string, zoneSize int, state ZoneState) {
-	switch state {
-	case stateNormal:
-		if nc.useTaintBasedEvictions {
-			nc.zoneNoExecuteTainer[zone].SwapLimiter(nc.evictionLimiterQPS)
-		} else {
-			nc.zonePodEvictor[zone].SwapLimiter(nc.evictionLimiterQPS)
-		}
-	case statePartialDisruption:
-		if nc.useTaintBasedEvictions {
-			nc.zoneNoExecuteTainer[zone].SwapLimiter(
-				nc.enterPartialDisruptionFunc(zoneSize))
-		} else {
-			nc.zonePodEvictor[zone].SwapLimiter(
-				nc.enterPartialDisruptionFunc(zoneSize))
-		}
-	case stateFullDisruption:
-		if nc.useTaintBasedEvictions {
-			nc.zoneNoExecuteTainer[zone].SwapLimiter(
-				nc.enterFullDisruptionFunc(zoneSize))
-		} else {
-			nc.zonePodEvictor[zone].SwapLimiter(
-				nc.enterFullDisruptionFunc(zoneSize))
-		}
-	}
-}
-
 // tryUpdateNodeStatus checks a given node's conditions and tries to update it. Returns grace period to
 // which given node is entitled, state of current and last observed Ready Condition, and an error if it occurred.
 func (nc *Controller) tryUpdateNodeStatus(node *v1.Node) (time.Duration, v1.NodeCondition, *v1.NodeCondition, error) {
@@ -987,7 +784,7 @@ func (nc *Controller) tryUpdateNodeStatus(node *v1.Node) (time.Duration, v1.Node
 		// If ReadyCondition changed since the last time we checked, we update the transition timestamp to "now",
 		// otherwise we leave it as it is.
 		if savedCondition.LastTransitionTime != observedCondition.LastTransitionTime {
-			glog.V(3).Infof("ReadyCondition for Node %s transitioned from %v to %v", node.Name, savedCondition.Status, observedCondition)
+			glog.V(3).Infof("ReadyCondition for Node %s transitioned from %v to %v", node.Name, savedCondition, observedCondition)
 			transitionTime = nc.now()
 		} else {
 			transitionTime = savedNodeStatus.readyTransitionTimestamp
@@ -1033,6 +830,7 @@ func (nc *Controller) tryUpdateNodeStatus(node *v1.Node) (time.Duration, v1.Node
 
 		// remaining node conditions should also be set to Unknown
 		remainingNodeConditionTypes := []v1.NodeConditionType{
+			v1.NodeOutOfDisk,
 			v1.NodeMemoryPressure,
 			v1.NodeDiskPressure,
 			// We don't change 'NodeNetworkUnavailable' condition, as it's managed on a control plane level.
@@ -1082,6 +880,131 @@ func (nc *Controller) tryUpdateNodeStatus(node *v1.Node) (time.Duration, v1.Node
 	return gracePeriod, observedReadyCondition, currentReadyCondition, err
 }
 
+func (nc *Controller) handleDisruption(zoneToNodeConditions map[string][]*v1.NodeCondition, nodes []*v1.Node) {
+	newZoneStates := map[string]ZoneState{}
+	allAreFullyDisrupted := true
+	for k, v := range zoneToNodeConditions {
+		zoneSize.WithLabelValues(k).Set(float64(len(v)))
+		unhealthy, newState := nc.computeZoneStateFunc(v)
+		zoneHealth.WithLabelValues(k).Set(float64(100*(len(v)-unhealthy)) / float64(len(v)))
+		unhealthyNodes.WithLabelValues(k).Set(float64(unhealthy))
+		if newState != stateFullDisruption {
+			allAreFullyDisrupted = false
+		}
+		newZoneStates[k] = newState
+		if _, had := nc.zoneStates[k]; !had {
+			glog.Errorf("Setting initial state for unseen zone: %v", k)
+			nc.zoneStates[k] = stateInitial
+		}
+	}
+
+	allWasFullyDisrupted := true
+	for k, v := range nc.zoneStates {
+		if _, have := zoneToNodeConditions[k]; !have {
+			zoneSize.WithLabelValues(k).Set(0)
+			zoneHealth.WithLabelValues(k).Set(100)
+			unhealthyNodes.WithLabelValues(k).Set(0)
+			delete(nc.zoneStates, k)
+			continue
+		}
+		if v != stateFullDisruption {
+			allWasFullyDisrupted = false
+			break
+		}
+	}
+
+	// At least one node was responding in previous pass or in the current pass. Semantics is as follows:
+	// - if the new state is "partialDisruption" we call a user defined function that returns a new limiter to use,
+	// - if the new state is "normal" we resume normal operation (go back to default limiter settings),
+	// - if new state is "fullDisruption" we restore normal eviction rate,
+	//   - unless all zones in the cluster are in "fullDisruption" - in that case we stop all evictions.
+	if !allAreFullyDisrupted || !allWasFullyDisrupted {
+		// We're switching to full disruption mode
+		if allAreFullyDisrupted {
+			glog.V(0).Info("Controller detected that all Nodes are not-Ready. Entering master disruption mode.")
+			for i := range nodes {
+				if nc.useTaintBasedEvictions {
+					_, err := nc.markNodeAsReachable(nodes[i])
+					if err != nil {
+						glog.Errorf("Failed to remove taints from Node %v", nodes[i].Name)
+					}
+				} else {
+					nc.cancelPodEviction(nodes[i])
+				}
+			}
+			// We stop all evictions.
+			for k := range nc.zoneStates {
+				if nc.useTaintBasedEvictions {
+					nc.zoneNoExecuteTainter[k].SwapLimiter(0)
+				} else {
+					nc.zonePodEvictor[k].SwapLimiter(0)
+				}
+			}
+			for k := range nc.zoneStates {
+				nc.zoneStates[k] = stateFullDisruption
+			}
+			// All rate limiters are updated, so we can return early here.
+			return
+		}
+		// We're exiting full disruption mode
+		if allWasFullyDisrupted {
+			glog.V(0).Info("Controller detected that some Nodes are Ready. Exiting master disruption mode.")
+			// When exiting disruption mode update probe timestamps on all Nodes.
+			now := nc.now()
+			for i := range nodes {
+				v := nc.nodeStatusMap[nodes[i].Name]
+				v.probeTimestamp = now
+				v.readyTransitionTimestamp = now
+				nc.nodeStatusMap[nodes[i].Name] = v
+			}
+			// We reset all rate limiters to settings appropriate for the given state.
+			for k := range nc.zoneStates {
+				nc.setLimiterInZone(k, len(zoneToNodeConditions[k]), newZoneStates[k])
+				nc.zoneStates[k] = newZoneStates[k]
+			}
+			return
+		}
+		// We know that there's at least one not-fully disrupted so,
+		// we can use default behavior for rate limiters
+		for k, v := range nc.zoneStates {
+			newState := newZoneStates[k]
+			if v == newState {
+				continue
+			}
+			glog.V(0).Infof("Controller detected that zone %v is now in state %v.", k, newState)
+			nc.setLimiterInZone(k, len(zoneToNodeConditions[k]), newState)
+			nc.zoneStates[k] = newState
+		}
+	}
+}
+
+func (nc *Controller) setLimiterInZone(zone string, zoneSize int, state ZoneState) {
+	switch state {
+	case stateNormal:
+		if nc.useTaintBasedEvictions {
+			nc.zoneNoExecuteTainter[zone].SwapLimiter(nc.evictionLimiterQPS)
+		} else {
+			nc.zonePodEvictor[zone].SwapLimiter(nc.evictionLimiterQPS)
+		}
+	case statePartialDisruption:
+		if nc.useTaintBasedEvictions {
+			nc.zoneNoExecuteTainter[zone].SwapLimiter(
+				nc.enterPartialDisruptionFunc(zoneSize))
+		} else {
+			nc.zonePodEvictor[zone].SwapLimiter(
+				nc.enterPartialDisruptionFunc(zoneSize))
+		}
+	case stateFullDisruption:
+		if nc.useTaintBasedEvictions {
+			nc.zoneNoExecuteTainter[zone].SwapLimiter(
+				nc.enterFullDisruptionFunc(zoneSize))
+		} else {
+			nc.zonePodEvictor[zone].SwapLimiter(
+				nc.enterFullDisruptionFunc(zoneSize))
+		}
+	}
+}
+
 // classifyNodes classifies the allNodes to three categories:
 //   1. added: the nodes that in 'allNodes', but not in 'knownNodeSet'
 //   2. deleted: the nodes that in 'knownNodeSet', but not in 'allNodes'
@@ -1116,6 +1039,41 @@ func (nc *Controller) classifyNodes(allNodes []*v1.Node) (added, deleted, newZon
 	return
 }
 
+// HealthyQPSFunc returns the default value for cluster eviction rate - we take
+// nodeNum for consistency with ReducedQPSFunc.
+func (nc *Controller) HealthyQPSFunc(nodeNum int) float32 {
+	return nc.evictionLimiterQPS
+}
+
+// ReducedQPSFunc returns the QPS for when a the cluster is large make
+// evictions slower, if they're small stop evictions altogether.
+func (nc *Controller) ReducedQPSFunc(nodeNum int) float32 {
+	if int32(nodeNum) > nc.largeClusterThreshold {
+		return nc.secondaryEvictionLimiterQPS
+	}
+	return 0
+}
+
+// addPodEvictorForNewZone checks if new zone appeared, and if so add new evictor.
+func (nc *Controller) addPodEvictorForNewZone(node *v1.Node) {
+	zone := utilnode.GetZoneKey(node)
+	if _, found := nc.zoneStates[zone]; !found {
+		nc.zoneStates[zone] = stateInitial
+		if !nc.useTaintBasedEvictions {
+			nc.zonePodEvictor[zone] =
+				scheduler.NewRateLimitedTimedQueue(
+					flowcontrol.NewTokenBucketRateLimiter(nc.evictionLimiterQPS, scheduler.EvictionRateLimiterBurst))
+		} else {
+			nc.zoneNoExecuteTainter[zone] =
+				scheduler.NewRateLimitedTimedQueue(
+					flowcontrol.NewTokenBucketRateLimiter(nc.evictionLimiterQPS, scheduler.EvictionRateLimiterBurst))
+		}
+		// Init the metric for the new zone.
+		glog.Infof("Initializing eviction metric for zone: %v", zone)
+		evictionsNumber.WithLabelValues(zone).Add(0)
+	}
+}
+
 // cancelPodEviction removes any queued evictions, typically because the node is available again. It
 // returns true if an eviction was queued.
 func (nc *Controller) cancelPodEviction(node *v1.Node) bool {
@@ -1141,7 +1099,7 @@ func (nc *Controller) evictPods(node *v1.Node) bool {
 func (nc *Controller) markNodeForTainting(node *v1.Node) bool {
 	nc.evictorLock.Lock()
 	defer nc.evictorLock.Unlock()
-	return nc.zoneNoExecuteTainer[utilnode.GetZoneKey(node)].Add(node.Name, string(node.UID))
+	return nc.zoneNoExecuteTainter[utilnode.GetZoneKey(node)].Add(node.Name, string(node.UID))
 }
 
 func (nc *Controller) markNodeAsReachable(node *v1.Node) (bool, error) {
@@ -1157,22 +1115,7 @@ func (nc *Controller) markNodeAsReachable(node *v1.Node) (bool, error) {
 		glog.Errorf("Failed to remove taint from node %v: %v", node.Name, err)
 		return false, err
 	}
-	return nc.zoneNoExecuteTainer[utilnode.GetZoneKey(node)].Remove(node.Name), nil
-}
-
-// HealthyQPSFunc returns the default value for cluster eviction rate - we take
-// nodeNum for consistency with ReducedQPSFunc.
-func (nc *Controller) HealthyQPSFunc(nodeNum int) float32 {
-	return nc.evictionLimiterQPS
-}
-
-// ReducedQPSFunc returns the QPS for when a the cluster is large make
-// evictions slower, if they're small stop evictions altogether.
-func (nc *Controller) ReducedQPSFunc(nodeNum int) float32 {
-	if int32(nodeNum) > nc.largeClusterThreshold {
-		return nc.secondaryEvictionLimiterQPS
-	}
-	return 0
+	return nc.zoneNoExecuteTainter[utilnode.GetZoneKey(node)].Remove(node.Name), nil
 }
 
 // ComputeZoneState returns a slice of NodeReadyConditions for all Nodes in a given zone.
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/scheduler/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/scheduler/BUILD
similarity index 84%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/scheduler/BUILD
rename to vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/scheduler/BUILD
index eb6465351405..5828f11f0795 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/node/scheduler/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/scheduler/BUILD
@@ -1,39 +1,14 @@
-package(default_visibility = ["//visibility:public"])
-
-load(
-    "@io_bazel_rules_go//go:def.bzl",
-    "go_library",
-    "go_test",
-)
-
-go_test(
-    name = "go_default_test",
-    srcs = [
-        "rate_limited_queue_test.go",
-        "taint_controller_test.go",
-        "timed_workers_test.go",
-    ],
-    importpath = "k8s.io/kubernetes/pkg/controller/node/scheduler",
-    library = ":go_default_library",
-    deps = [
-        "//pkg/controller/testutil:go_default_library",
-        "//vendor/k8s.io/api/core/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
-        "//vendor/k8s.io/client-go/kubernetes/fake:go_default_library",
-        "//vendor/k8s.io/client-go/testing:go_default_library",
-        "//vendor/k8s.io/client-go/util/flowcontrol:go_default_library",
-    ],
-)
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 
 go_library(
     name = "go_default_library",
     srcs = [
         "rate_limited_queue.go",
-        "taint_controller.go",
+        "taint_manager.go",
         "timed_workers.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/controller/node/scheduler",
+    importpath = "k8s.io/kubernetes/pkg/controller/nodelifecycle/scheduler",
+    visibility = ["//visibility:public"],
     deps = [
         "//pkg/apis/core/helper:go_default_library",
         "//pkg/apis/core/v1/helper:go_default_library",
@@ -53,6 +28,25 @@ go_library(
     ],
 )
 
+go_test(
+    name = "go_default_test",
+    srcs = [
+        "rate_limited_queue_test.go",
+        "taint_manager_test.go",
+        "timed_workers_test.go",
+    ],
+    embed = [":go_default_library"],
+    deps = [
+        "//pkg/controller/testutil:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes/fake:go_default_library",
+        "//vendor/k8s.io/client-go/testing:go_default_library",
+        "//vendor/k8s.io/client-go/util/flowcontrol:go_default_library",
+    ],
+)
+
 filegroup(
     name = "package-srcs",
     srcs = glob(["**"]),
@@ -64,4 +58,5 @@ filegroup(
     name = "all-srcs",
     srcs = [":package-srcs"],
     tags = ["automanaged"],
+    visibility = ["//visibility:public"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/scheduler/rate_limited_queue.go b/vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/scheduler/rate_limited_queue.go
similarity index 92%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/scheduler/rate_limited_queue.go
rename to vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/scheduler/rate_limited_queue.go
index da544fa96ca2..2a0a92f6010b 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/node/scheduler/rate_limited_queue.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/scheduler/rate_limited_queue.go
@@ -293,20 +293,15 @@ func (q *RateLimitedTimedQueue) SwapLimiter(newQPS float32) {
 		newLimiter = flowcontrol.NewFakeNeverRateLimiter()
 	} else {
 		newLimiter = flowcontrol.NewTokenBucketRateLimiter(newQPS, EvictionRateLimiterBurst)
-	}
-	// If we're currently waiting on limiter, we drain the new one - this is a good approach when Burst value is 1
-	// TODO: figure out if we need to support higher Burst values and decide on the drain logic, should we keep:
-	// - saturation (percentage of used tokens)
-	// - number of used tokens
-	// - number of available tokens
-	// - something else
-	for q.limiter.Saturation() > newLimiter.Saturation() {
-		// Check if we're not using fake limiter
-		previousSaturation := newLimiter.Saturation()
-		newLimiter.TryAccept()
-		// It's a fake limiter
-		if newLimiter.Saturation() == previousSaturation {
-			break
+
+		// If we're currently waiting on limiter, we drain the new one - this is a good approach when Burst value is 1
+		// TODO: figure out if we need to support higher Burst values and decide on the drain logic, should we keep:
+		// - saturation (percentage of used tokens)
+		// - number of used tokens
+		// - number of available tokens
+		// - something else
+		if q.limiter.TryAccept() == false {
+			newLimiter.TryAccept()
 		}
 	}
 	q.limiter.Stop()
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/scheduler/taint_controller.go b/vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/scheduler/taint_manager.go
similarity index 99%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/scheduler/taint_controller.go
rename to vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/scheduler/taint_manager.go
index bf641f69fb48..a71fa8fc788c 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/node/scheduler/taint_controller.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/scheduler/taint_manager.go
@@ -18,9 +18,6 @@ package scheduler
 
 import (
 	"fmt"
-	"sync"
-	"time"
-
 	"k8s.io/api/core/v1"
 	clientset "k8s.io/client-go/kubernetes"
 	"k8s.io/kubernetes/pkg/apis/core/helper"
@@ -30,6 +27,8 @@ import (
 	"k8s.io/apimachinery/pkg/fields"
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/types"
+	"sync"
+	"time"
 
 	"k8s.io/client-go/kubernetes/scheme"
 	v1core "k8s.io/client-go/kubernetes/typed/core/v1"
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/scheduler/timed_workers.go b/vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/scheduler/timed_workers.go
similarity index 100%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/scheduler/timed_workers.go
rename to vendor/k8s.io/kubernetes/pkg/controller/nodelifecycle/scheduler/timed_workers.go
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/BUILD
index 08701232be6f..7313619df2fc 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/BUILD
@@ -55,8 +55,7 @@ go_test(
         "legacy_replica_calculator_test.go",
         "replica_calculator_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/controller/podautoscaler",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/autoscaling:go_default_library",
@@ -83,10 +82,12 @@ go_test(
         "//vendor/k8s.io/client-go/testing:go_default_library",
         "//vendor/k8s.io/heapster/metrics/api/v1/types:go_default_library",
         "//vendor/k8s.io/metrics/pkg/apis/custom_metrics/v1beta1:go_default_library",
+        "//vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1:go_default_library",
         "//vendor/k8s.io/metrics/pkg/apis/metrics/v1alpha1:go_default_library",
         "//vendor/k8s.io/metrics/pkg/apis/metrics/v1beta1:go_default_library",
         "//vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/fake:go_default_library",
         "//vendor/k8s.io/metrics/pkg/client/custom_metrics/fake:go_default_library",
+        "//vendor/k8s.io/metrics/pkg/client/external_metrics/fake:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/horizontal.go b/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/horizontal.go
index 65a7a6f17021..737ceb9bb5f1 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/horizontal.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/horizontal.go
@@ -299,6 +299,45 @@ func (a *HorizontalController) computeReplicasForMetrics(hpa *autoscalingv2.Hori
 					},
 				}
 			}
+		case autoscalingv2.ExternalMetricSourceType:
+			if metricSpec.External.TargetAverageValue != nil {
+				replicaCountProposal, utilizationProposal, timestampProposal, err = a.replicaCalc.GetExternalPerPodMetricReplicas(currentReplicas, metricSpec.External.TargetAverageValue.MilliValue(), metricSpec.External.MetricName, hpa.Namespace, metricSpec.External.MetricSelector)
+				if err != nil {
+					a.eventRecorder.Event(hpa, v1.EventTypeWarning, "FailedGetExternalMetric", err.Error())
+					setCondition(hpa, autoscalingv2.ScalingActive, v1.ConditionFalse, "FailedGetExternalMetric", "the HPA was unable to compute the replica count: %v", err)
+					return 0, "", nil, time.Time{}, fmt.Errorf("failed to get %s external metric: %v", metricSpec.External.MetricName, err)
+				}
+				metricNameProposal = fmt.Sprintf("external metric %s(%+v)", metricSpec.External.MetricName, metricSpec.External.MetricSelector)
+				statuses[i] = autoscalingv2.MetricStatus{
+					Type: autoscalingv2.ExternalMetricSourceType,
+					External: &autoscalingv2.ExternalMetricStatus{
+						MetricSelector:      metricSpec.External.MetricSelector,
+						MetricName:          metricSpec.External.MetricName,
+						CurrentAverageValue: resource.NewMilliQuantity(utilizationProposal, resource.DecimalSI),
+					},
+				}
+			} else if metricSpec.External.TargetValue != nil {
+				replicaCountProposal, utilizationProposal, timestampProposal, err = a.replicaCalc.GetExternalMetricReplicas(currentReplicas, metricSpec.External.TargetValue.MilliValue(), metricSpec.External.MetricName, hpa.Namespace, metricSpec.External.MetricSelector)
+				if err != nil {
+					a.eventRecorder.Event(hpa, v1.EventTypeWarning, "FailedGetExternalMetric", err.Error())
+					setCondition(hpa, autoscalingv2.ScalingActive, v1.ConditionFalse, "FailedGetExternalMetric", "the HPA was unable to compute the replica count: %v", err)
+					return 0, "", nil, time.Time{}, fmt.Errorf("failed to get external metric %s: %v", metricSpec.External.MetricName, err)
+				}
+				metricNameProposal = fmt.Sprintf("external metric %s(%+v)", metricSpec.External.MetricName, metricSpec.External.MetricSelector)
+				statuses[i] = autoscalingv2.MetricStatus{
+					Type: autoscalingv2.ExternalMetricSourceType,
+					External: &autoscalingv2.ExternalMetricStatus{
+						MetricSelector: metricSpec.External.MetricSelector,
+						MetricName:     metricSpec.External.MetricName,
+						CurrentValue:   *resource.NewMilliQuantity(utilizationProposal, resource.DecimalSI),
+					},
+				}
+			} else {
+				errMsg := "invalid external metric source: neither a value target nor an average value target was set"
+				a.eventRecorder.Event(hpa, v1.EventTypeWarning, "FailedGetExternalMetric", errMsg)
+				setCondition(hpa, autoscalingv2.ScalingActive, v1.ConditionFalse, "FailedGetExternalMetric", "the HPA was unable to compute the replica count: %v", err)
+				return 0, "", nil, time.Time{}, fmt.Errorf(errMsg)
+			}
 		default:
 			errMsg := fmt.Sprintf("unknown metric source type %q", string(metricSpec.Type))
 			a.eventRecorder.Event(hpa, v1.EventTypeWarning, "InvalidMetricSourceType", errMsg)
@@ -313,7 +352,7 @@ func (a *HorizontalController) computeReplicasForMetrics(hpa *autoscalingv2.Hori
 		}
 	}
 
-	setCondition(hpa, autoscalingv2.ScalingActive, v1.ConditionTrue, "ValidMetricFound", "the HPA was able to succesfully calculate a replica count from %s", metric)
+	setCondition(hpa, autoscalingv2.ScalingActive, v1.ConditionTrue, "ValidMetricFound", "the HPA was able to successfully calculate a replica count from %s", metric)
 	return replicas, metric, statuses, timestamp, nil
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/metrics/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/metrics/BUILD
index f0d328fdb575..7dd3d7acca10 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/metrics/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/metrics/BUILD
@@ -29,6 +29,7 @@ go_library(
         "//vendor/k8s.io/metrics/pkg/apis/metrics/v1alpha1:go_default_library",
         "//vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1:go_default_library",
         "//vendor/k8s.io/metrics/pkg/client/custom_metrics:go_default_library",
+        "//vendor/k8s.io/metrics/pkg/client/external_metrics:go_default_library",
     ],
 )
 
@@ -37,9 +38,9 @@ go_test(
     srcs = [
         "legacy_metrics_client_test.go",
         "rest_metrics_client_test.go",
+        "utilization_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/controller/podautoscaler/metrics",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/extensions/install:go_default_library",
@@ -56,10 +57,12 @@ go_test(
         "//vendor/k8s.io/client-go/testing:go_default_library",
         "//vendor/k8s.io/heapster/metrics/api/v1/types:go_default_library",
         "//vendor/k8s.io/metrics/pkg/apis/custom_metrics/v1beta1:go_default_library",
+        "//vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1:go_default_library",
         "//vendor/k8s.io/metrics/pkg/apis/metrics/v1alpha1:go_default_library",
         "//vendor/k8s.io/metrics/pkg/apis/metrics/v1beta1:go_default_library",
         "//vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/fake:go_default_library",
         "//vendor/k8s.io/metrics/pkg/client/custom_metrics/fake:go_default_library",
+        "//vendor/k8s.io/metrics/pkg/client/external_metrics/fake:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/metrics/interfaces.go b/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/metrics/interfaces.go
index ead083f2770a..29fccc48e3a5 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/metrics/interfaces.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/metrics/interfaces.go
@@ -42,4 +42,8 @@ type MetricsClient interface {
 	// GetObjectMetric gets the given metric (and an associated timestamp) for the given
 	// object in the given namespace
 	GetObjectMetric(metricName string, namespace string, objectRef *autoscaling.CrossVersionObjectReference) (int64, time.Time, error)
+
+	// GetExternalMetric gets all the values of a given external metric
+	// that match the specified selector.
+	GetExternalMetric(metricName string, namespace string, selector labels.Selector) ([]int64, time.Time, error)
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/metrics/legacy_metrics_client.go b/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/metrics/legacy_metrics_client.go
index 5d13acbd65be..c9846602773e 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/metrics/legacy_metrics_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/metrics/legacy_metrics_client.go
@@ -28,7 +28,6 @@ import (
 
 	autoscaling "k8s.io/api/autoscaling/v2beta1"
 	"k8s.io/api/core/v1"
-	clientgov1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
 	clientset "k8s.io/client-go/kubernetes"
@@ -91,7 +90,7 @@ func (h *HeapsterMetricsClient) GetResourceMetric(resource v1.ResourceName, name
 		podSum := int64(0)
 		missing := len(m.Containers) == 0
 		for _, c := range m.Containers {
-			resValue, found := c.Usage[clientgov1.ResourceName(resource)]
+			resValue, found := c.Usage[v1.ResourceName(resource)]
 			if !found {
 				missing = true
 				glog.V(2).Infof("missing resource metric %v for container %s in pod %s/%s", resource, c.Name, namespace, m.Name)
@@ -178,6 +177,10 @@ func (h *HeapsterMetricsClient) GetObjectMetric(metricName string, namespace str
 	return 0, time.Time{}, fmt.Errorf("object metrics are not yet supported")
 }
 
+func (h *HeapsterMetricsClient) GetExternalMetric(metricName, namespace string, selector labels.Selector) ([]int64, time.Time, error) {
+	return nil, time.Time{}, fmt.Errorf("external metrics aren't supported")
+}
+
 func collapseTimeSamples(metrics heapster.MetricResult, duration time.Duration) (int64, time.Time, bool) {
 	floatSum := float64(0)
 	intSum := int64(0)
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/metrics/rest_metrics_client.go b/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/metrics/rest_metrics_client.go
index 07dd290a5638..22adce34837b 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/metrics/rest_metrics_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/metrics/rest_metrics_client.go
@@ -30,12 +30,14 @@ import (
 	customapi "k8s.io/metrics/pkg/apis/custom_metrics/v1beta1"
 	resourceclient "k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1"
 	customclient "k8s.io/metrics/pkg/client/custom_metrics"
+	externalclient "k8s.io/metrics/pkg/client/external_metrics"
 )
 
-func NewRESTMetricsClient(resourceClient resourceclient.PodMetricsesGetter, customClient customclient.CustomMetricsClient) MetricsClient {
+func NewRESTMetricsClient(resourceClient resourceclient.PodMetricsesGetter, customClient customclient.CustomMetricsClient, externalClient externalclient.ExternalMetricsClient) MetricsClient {
 	return &restMetricsClient{
 		&resourceMetricsClient{resourceClient},
 		&customMetricsClient{customClient},
+		&externalMetricsClient{externalClient},
 	}
 }
 
@@ -45,6 +47,7 @@ func NewRESTMetricsClient(resourceClient resourceclient.PodMetricsesGetter, cust
 type restMetricsClient struct {
 	*resourceMetricsClient
 	*customMetricsClient
+	*externalMetricsClient
 }
 
 // resourceMetricsClient implements the resource-metrics-related parts of MetricsClient,
@@ -58,11 +61,11 @@ type resourceMetricsClient struct {
 func (c *resourceMetricsClient) GetResourceMetric(resource v1.ResourceName, namespace string, selector labels.Selector) (PodMetricsInfo, time.Time, error) {
 	metrics, err := c.client.PodMetricses(namespace).List(metav1.ListOptions{LabelSelector: selector.String()})
 	if err != nil {
-		return nil, time.Time{}, fmt.Errorf("unable to fetch metrics from API: %v", err)
+		return nil, time.Time{}, fmt.Errorf("unable to fetch metrics from resource metrics API: %v", err)
 	}
 
 	if len(metrics.Items) == 0 {
-		return nil, time.Time{}, fmt.Errorf("no metrics returned from heapster")
+		return nil, time.Time{}, fmt.Errorf("no metrics returned from resource metrics API")
 	}
 
 	res := make(PodMetricsInfo, len(metrics.Items))
@@ -101,7 +104,7 @@ type customMetricsClient struct {
 func (c *customMetricsClient) GetRawMetric(metricName string, namespace string, selector labels.Selector) (PodMetricsInfo, time.Time, error) {
 	metrics, err := c.client.NamespacedMetrics(namespace).GetForObjects(schema.GroupKind{Kind: "Pod"}, selector, metricName)
 	if err != nil {
-		return nil, time.Time{}, fmt.Errorf("unable to fetch metrics from API: %v", err)
+		return nil, time.Time{}, fmt.Errorf("unable to fetch metrics from custom metrics API: %v", err)
 	}
 
 	if len(metrics.Items) == 0 {
@@ -134,8 +137,34 @@ func (c *customMetricsClient) GetObjectMetric(metricName string, namespace strin
 	}
 
 	if err != nil {
-		return 0, time.Time{}, fmt.Errorf("unable to fetch metrics from API: %v", err)
+		return 0, time.Time{}, fmt.Errorf("unable to fetch metrics from custom metrics API: %v", err)
 	}
 
 	return metricValue.Value.MilliValue(), metricValue.Timestamp.Time, nil
 }
+
+// externalMetricsClient implenets the external metrics related parts of MetricsClient,
+// using data from the external metrics API.
+type externalMetricsClient struct {
+	client externalclient.ExternalMetricsClient
+}
+
+// GetExternalMetric gets all the values of a given external metric
+// that match the specified selector.
+func (c *externalMetricsClient) GetExternalMetric(metricName, namespace string, selector labels.Selector) ([]int64, time.Time, error) {
+	metrics, err := c.client.NamespacedMetrics(namespace).List(metricName, selector)
+	if err != nil {
+		return []int64{}, time.Time{}, fmt.Errorf("unable to fetch metrics from external metrics API: %v", err)
+	}
+
+	if len(metrics.Items) == 0 {
+		return nil, time.Time{}, fmt.Errorf("no metrics returned from external metrics API")
+	}
+
+	res := make([]int64, 0)
+	for _, m := range metrics.Items {
+		res = append(res, m.Value.MilliValue())
+	}
+	timestamp := metrics.Items[0].Timestamp.Time
+	return res, timestamp, nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/replica_calculator.go b/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/replica_calculator.go
index 62f863c3b180..a7a54677c021 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/replica_calculator.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/podautoscaler/replica_calculator.go
@@ -88,7 +88,11 @@ func (c *ReplicaCalculator) GetResourceReplicas(currentReplicas int32, targetUti
 
 		if pod.Status.Phase != v1.PodRunning || !podutil.IsPodReady(&pod) {
 			// save this pod name for later, but pretend it doesn't exist for now
-			unreadyPods.Insert(pod.Name)
+			if pod.Status.Phase != v1.PodFailed {
+				// Failed pods should not be counted as unready pods as they will
+				// not become running anymore.
+				unreadyPods.Insert(pod.Name)
+			}
 			delete(metrics, pod.Name)
 			continue
 		}
@@ -278,6 +282,33 @@ func (c *ReplicaCalculator) GetObjectMetricReplicas(currentReplicas int32, targe
 		return 0, 0, time.Time{}, fmt.Errorf("unable to get metric %s: %v on %s %s/%s", metricName, objectRef.Kind, namespace, objectRef.Name, err)
 	}
 
+	usageRatio := float64(utilization) / float64(targetUtilization)
+	if math.Abs(1.0-usageRatio) <= c.tolerance {
+		// return the current replicas if the change would be too small
+		return currentReplicas, utilization, timestamp, nil
+	}
+	replicaCount = int32(math.Ceil(usageRatio * float64(currentReplicas)))
+
+	return replicaCount, utilization, timestamp, nil
+}
+
+// GetExternalMetricReplicas calculates the desired replica count based on a
+// target metric value (as a milli-value) for the external metric in the given
+// namespace, and the current replica count.
+func (c *ReplicaCalculator) GetExternalMetricReplicas(currentReplicas int32, targetUtilization int64, metricName, namespace string, selector *metav1.LabelSelector) (replicaCount int32, utilization int64, timestamp time.Time, err error) {
+	labelSelector, err := metav1.LabelSelectorAsSelector(selector)
+	if err != nil {
+		return 0, 0, time.Time{}, err
+	}
+	metrics, timestamp, err := c.metricsClient.GetExternalMetric(metricName, namespace, labelSelector)
+	if err != nil {
+		return 0, 0, time.Time{}, fmt.Errorf("unable to get external metric %s/%s/%+v: %s", namespace, metricName, selector, err)
+	}
+	utilization = 0
+	for _, val := range metrics {
+		utilization = utilization + val
+	}
+
 	usageRatio := float64(utilization) / float64(targetUtilization)
 	if math.Abs(1.0-usageRatio) <= c.tolerance {
 		// return the current replicas if the change would be too small
@@ -286,3 +317,30 @@ func (c *ReplicaCalculator) GetObjectMetricReplicas(currentReplicas int32, targe
 
 	return int32(math.Ceil(usageRatio * float64(currentReplicas))), utilization, timestamp, nil
 }
+
+// GetExternalPerPodMetricReplicas calculates the desired replica count based on a
+// target metric value per pod (as a milli-value) for the external metric in the
+// given namespace, and the current replica count.
+func (c *ReplicaCalculator) GetExternalPerPodMetricReplicas(currentReplicas int32, targetUtilizationPerPod int64, metricName, namespace string, selector *metav1.LabelSelector) (replicaCount int32, utilization int64, timestamp time.Time, err error) {
+	labelSelector, err := metav1.LabelSelectorAsSelector(selector)
+	if err != nil {
+		return 0, 0, time.Time{}, err
+	}
+	metrics, timestamp, err := c.metricsClient.GetExternalMetric(metricName, namespace, labelSelector)
+	if err != nil {
+		return 0, 0, time.Time{}, fmt.Errorf("unable to get external metric %s/%s/%+v: %s", namespace, metricName, selector, err)
+	}
+	utilization = 0
+	for _, val := range metrics {
+		utilization = utilization + val
+	}
+
+	replicaCount = currentReplicas
+	usageRatio := float64(utilization) / (float64(targetUtilizationPerPod) * float64(replicaCount))
+	if math.Abs(1.0-usageRatio) > c.tolerance {
+		// update number of replicas if the change is large enough
+		replicaCount = int32(math.Ceil(float64(utilization) / float64(targetUtilizationPerPod)))
+	}
+	utilization = int64(math.Ceil(float64(utilization) / float64(currentReplicas)))
+	return replicaCount, utilization, timestamp, nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/podgc/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/podgc/BUILD
index 01209d81fc75..66ca7696e00d 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/podgc/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/podgc/BUILD
@@ -33,8 +33,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["gc_controller_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/podgc",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/controller:go_default_library",
         "//pkg/controller/testutil:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/replicaset/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/replicaset/BUILD
index 3711a751aa5f..20a82ccf33de 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/replicaset/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/replicaset/BUILD
@@ -48,8 +48,7 @@ go_test(
         "replica_set_test.go",
         "replica_set_utils_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/controller/replicaset",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/controller:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/replicaset/replica_set.go b/vendor/k8s.io/kubernetes/pkg/controller/replicaset/replica_set.go
index a111e5b62414..7c7ee2b778d3 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/replicaset/replica_set.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/replicaset/replica_set.go
@@ -37,7 +37,6 @@ import (
 
 	"github.com/golang/glog"
 	"k8s.io/api/core/v1"
-	"k8s.io/api/extensions/v1beta1"
 	extensions "k8s.io/api/extensions/v1beta1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -112,7 +111,7 @@ func NewReplicaSetController(rsInformer extensionsinformers.ReplicaSetInformer,
 	eventBroadcaster.StartLogging(glog.Infof)
 	eventBroadcaster.StartRecordingToSink(&v1core.EventSinkImpl{Interface: v1core.New(kubeClient.CoreV1().RESTClient()).Events("")})
 	return NewBaseController(rsInformer, podInformer, kubeClient, burstReplicas,
-		v1beta1.SchemeGroupVersion.WithKind("ReplicaSet"),
+		extensions.SchemeGroupVersion.WithKind("ReplicaSet"),
 		"replicaset_controller",
 		"replicaset",
 		controller.RealPodControl{
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/replication/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/replication/BUILD
index 17eb6701a8d0..c3f4b39782e2 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/replication/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/replication/BUILD
@@ -47,8 +47,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["replication_controller_utils_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/replication",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/api/core/v1:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/replication/conversion.go b/vendor/k8s.io/kubernetes/pkg/controller/replication/conversion.go
index 67c1847a95ef..044c1b24081e 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/replication/conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/replication/conversion.go
@@ -187,7 +187,7 @@ func (c clientsetAdapter) ExtensionsV1beta1() extensionsv1beta1client.Extensions
 }
 
 func (c clientsetAdapter) Extensions() extensionsv1beta1client.ExtensionsV1beta1Interface {
-	return conversionExtensionsClient{c.Interface, c.Interface.Extensions()}
+	return conversionExtensionsClient{c.Interface, c.Interface.ExtensionsV1beta1()}
 }
 
 func (c clientsetAdapter) AppsV1beta2() appsv1beta2.AppsV1beta2Interface {
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/resourcequota/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/resourcequota/BUILD
index 2b4bf45648d9..8f4e73219a72 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/resourcequota/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/resourcequota/BUILD
@@ -46,8 +46,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["resource_quota_controller_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/resourcequota",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/controller:go_default_library",
         "//pkg/quota:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/resourcequota/resource_quota_controller.go b/vendor/k8s.io/kubernetes/pkg/controller/resourcequota/resource_quota_controller.go
index e6fc0c6aeac5..71cf8310e2b3 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/resourcequota/resource_quota_controller.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/resourcequota/resource_quota_controller.go
@@ -148,28 +148,31 @@ func NewResourceQuotaController(options *ResourceQuotaControllerOptions) (*Resou
 		rq.resyncPeriod(),
 	)
 
-	qm := &QuotaMonitor{
-		informersStarted:  options.InformersStarted,
-		informerFactory:   options.InformerFactory,
-		ignoredResources:  options.IgnoredResourcesFunc(),
-		resourceChanges:   workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "resource_quota_controller_resource_changes"),
-		resyncPeriod:      options.ReplenishmentResyncPeriod,
-		replenishmentFunc: rq.replenishQuota,
-		registry:          rq.registry,
-	}
-	rq.quotaMonitor = qm
+	if options.DiscoveryFunc != nil {
+		qm := &QuotaMonitor{
+			informersStarted:  options.InformersStarted,
+			informerFactory:   options.InformerFactory,
+			ignoredResources:  options.IgnoredResourcesFunc(),
+			resourceChanges:   workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "resource_quota_controller_resource_changes"),
+			resyncPeriod:      options.ReplenishmentResyncPeriod,
+			replenishmentFunc: rq.replenishQuota,
+			registry:          rq.registry,
+		}
 
-	// do initial quota monitor setup
-	resources, err := GetQuotableResources(options.DiscoveryFunc)
-	if err != nil {
-		return nil, err
-	}
-	if err = qm.syncMonitors(resources); err != nil {
-		utilruntime.HandleError(fmt.Errorf("initial monitor sync has error: %v", err))
-	}
+		rq.quotaMonitor = qm
 
-	// only start quota once all informers synced
-	rq.informerSyncedFuncs = append(rq.informerSyncedFuncs, qm.IsSynced)
+		// do initial quota monitor setup
+		resources, err := GetQuotableResources(options.DiscoveryFunc)
+		if err != nil {
+			return nil, err
+		}
+		if err = qm.SyncMonitors(resources); err != nil {
+			utilruntime.HandleError(fmt.Errorf("initial monitor sync has error: %v", err))
+		}
+
+		// only start quota once all informers synced
+		rq.informerSyncedFuncs = append(rq.informerSyncedFuncs, qm.IsSynced)
+	}
 
 	return rq, nil
 }
@@ -272,7 +275,9 @@ func (rq *ResourceQuotaController) Run(workers int, stopCh <-chan struct{}) {
 	glog.Infof("Starting resource quota controller")
 	defer glog.Infof("Shutting down resource quota controller")
 
-	go rq.quotaMonitor.Run(stopCh)
+	if rq.quotaMonitor != nil {
+		go rq.quotaMonitor.Run(stopCh)
+	}
 
 	if !controller.WaitForCacheSync("resource quota", stopCh, rq.informerSyncedFuncs...) {
 		return
@@ -306,7 +311,6 @@ func (rq *ResourceQuotaController) syncResourceQuotaFromKey(key string) (err err
 	}
 	if err != nil {
 		glog.Infof("Unable to retrieve resource quota %v from store: %v", key, err)
-		rq.queue.Add(key)
 		return err
 	}
 	return rq.syncResourceQuota(quota)
@@ -444,7 +448,7 @@ func (rq *ResourceQuotaController) Sync(discoveryFunc NamespacedResourcesFunc, p
 			utilruntime.HandleError(fmt.Errorf("failed to sync resource monitors: %v", err))
 			return
 		}
-		if !controller.WaitForCacheSync("resource quota", stopCh, rq.quotaMonitor.IsSynced) {
+		if rq.quotaMonitor != nil && !controller.WaitForCacheSync("resource quota", stopCh, rq.quotaMonitor.IsSynced) {
 			utilruntime.HandleError(fmt.Errorf("timed out waiting for quota monitor sync"))
 		}
 	}, period, stopCh)
@@ -453,10 +457,14 @@ func (rq *ResourceQuotaController) Sync(discoveryFunc NamespacedResourcesFunc, p
 // resyncMonitors starts or stops quota monitors as needed to ensure that all
 // (and only) those resources present in the map are monitored.
 func (rq *ResourceQuotaController) resyncMonitors(resources map[schema.GroupVersionResource]struct{}) error {
-	if err := rq.quotaMonitor.syncMonitors(resources); err != nil {
+	if rq.quotaMonitor == nil {
+		return nil
+	}
+
+	if err := rq.quotaMonitor.SyncMonitors(resources); err != nil {
 		return err
 	}
-	rq.quotaMonitor.startMonitors()
+	rq.quotaMonitor.StartMonitors()
 	return nil
 }
 
@@ -467,7 +475,7 @@ func GetQuotableResources(discoveryFunc NamespacedResourcesFunc) (map[schema.Gro
 	if err != nil {
 		return nil, fmt.Errorf("failed to discover resources: %v", err)
 	}
-	quotableResources := discovery.FilteredBy(discovery.SupportsAllVerbs{Verbs: []string{"create", "list", "delete"}}, possibleResources)
+	quotableResources := discovery.FilteredBy(discovery.SupportsAllVerbs{Verbs: []string{"create", "list", "watch", "delete"}}, possibleResources)
 	quotableGroupVersionResources, err := discovery.GroupVersionResources(quotableResources)
 	if err != nil {
 		return nil, fmt.Errorf("Failed to parse resources: %v", err)
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/resourcequota/resource_quota_monitor.go b/vendor/k8s.io/kubernetes/pkg/controller/resourcequota/resource_quota_monitor.go
index a412e02ff417..c437b48b2712 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/resourcequota/resource_quota_monitor.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/resourcequota/resource_quota_monitor.go
@@ -101,6 +101,18 @@ type QuotaMonitor struct {
 	registry quota.Registry
 }
 
+func NewQuotaMonitor(informersStarted <-chan struct{}, informerFactory InformerFactory, ignoredResources map[schema.GroupResource]struct{}, resyncPeriod controller.ResyncPeriodFunc, replenishmentFunc ReplenishmentFunc, registry quota.Registry) *QuotaMonitor {
+	return &QuotaMonitor{
+		informersStarted:  informersStarted,
+		informerFactory:   informerFactory,
+		ignoredResources:  ignoredResources,
+		resourceChanges:   workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "resource_quota_controller_resource_changes"),
+		resyncPeriod:      resyncPeriod,
+		replenishmentFunc: replenishmentFunc,
+		registry:          registry,
+	}
+}
+
 // monitor runs a Controller with a local stop channel.
 type monitor struct {
 	controller cache.Controller
@@ -172,13 +184,13 @@ func (qm *QuotaMonitor) controllerFor(resource schema.GroupVersionResource) (cac
 	return nil, fmt.Errorf("unable to monitor quota for resource %q", resource.String())
 }
 
-// syncMonitors rebuilds the monitor set according to the supplied resources,
+// SyncMonitors rebuilds the monitor set according to the supplied resources,
 // creating or deleting monitors as necessary. It will return any error
 // encountered, but will make an attempt to create a monitor for each resource
 // instead of immediately exiting on an error. It may be called before or after
 // Run. Monitors are NOT started as part of the sync. To ensure all existing
-// monitors are started, call startMonitors.
-func (qm *QuotaMonitor) syncMonitors(resources map[schema.GroupVersionResource]struct{}) error {
+// monitors are started, call StartMonitors.
+func (qm *QuotaMonitor) SyncMonitors(resources map[schema.GroupVersionResource]struct{}) error {
 	qm.monitorLock.Lock()
 	defer qm.monitorLock.Unlock()
 
@@ -233,12 +245,12 @@ func (qm *QuotaMonitor) syncMonitors(resources map[schema.GroupVersionResource]s
 	return utilerrors.NewAggregate(errs)
 }
 
-// startMonitors ensures the current set of monitors are running. Any newly
+// StartMonitors ensures the current set of monitors are running. Any newly
 // started monitors will also cause shared informers to be started.
 //
-// If called before Run, startMonitors does nothing (as there is no stop channel
+// If called before Run, StartMonitors does nothing (as there is no stop channel
 // to support monitor/informer execution).
-func (qm *QuotaMonitor) startMonitors() {
+func (qm *QuotaMonitor) StartMonitors() {
 	qm.monitorLock.Lock()
 	defer qm.monitorLock.Unlock()
 
@@ -297,7 +309,7 @@ func (qm *QuotaMonitor) Run(stopCh <-chan struct{}) {
 
 	// Start monitors and begin change processing until the stop channel is
 	// closed.
-	qm.startMonitors()
+	qm.StartMonitors()
 	wait.Until(qm.runProcessResourceChanges, 1*time.Second, stopCh)
 
 	// Stop any running monitors.
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/route/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/route/BUILD
index 02efb7343d92..fe0e240fe3a9 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/route/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/route/BUILD
@@ -40,8 +40,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["route_controller_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/route",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/v1/node:go_default_library",
         "//pkg/cloudprovider:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/route/route_controller.go b/vendor/k8s.io/kubernetes/pkg/controller/route/route_controller.go
index 9a399a02709c..dd51fb06d080 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/route/route_controller.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/route/route_controller.go
@@ -17,6 +17,7 @@ limitations under the License.
 package route
 
 import (
+	"context"
 	"fmt"
 	"net"
 	"sync"
@@ -121,7 +122,7 @@ func (rc *RouteController) Run(stopCh <-chan struct{}, syncPeriod time.Duration)
 }
 
 func (rc *RouteController) reconcileNodeRoutes() error {
-	routeList, err := rc.routes.ListRoutes(rc.clusterName)
+	routeList, err := rc.routes.ListRoutes(context.TODO(), rc.clusterName)
 	if err != nil {
 		return fmt.Errorf("error listing routes: %v", err)
 	}
@@ -170,7 +171,7 @@ func (rc *RouteController) reconcile(nodes []*v1.Node, routes []*cloudprovider.R
 					// CreateRoute calls in flight.
 					rateLimiter <- struct{}{}
 					glog.Infof("Creating route for node %s %s with hint %s, throttled %v", nodeName, route.DestinationCIDR, nameHint, time.Now().Sub(startTime))
-					err := rc.routes.CreateRoute(rc.clusterName, nameHint, route)
+					err := rc.routes.CreateRoute(context.TODO(), rc.clusterName, nameHint, route)
 					<-rateLimiter
 
 					rc.updateNetworkingCondition(nodeName, err == nil)
@@ -210,7 +211,7 @@ func (rc *RouteController) reconcile(nodes []*v1.Node, routes []*cloudprovider.R
 				// Delete the route.
 				go func(route *cloudprovider.Route, startTime time.Time) {
 					glog.Infof("Deleting route %s %s", route.Name, route.DestinationCIDR)
-					if err := rc.routes.DeleteRoute(rc.clusterName, route); err != nil {
+					if err := rc.routes.DeleteRoute(context.TODO(), rc.clusterName, route); err != nil {
 						glog.Errorf("Could not delete route %s %s after %v: %v", route.Name, route.DestinationCIDR, time.Now().Sub(startTime), err)
 					} else {
 						glog.Infof("Deleted route %s %s after %v", route.Name, route.DestinationCIDR, time.Now().Sub(startTime))
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/service/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/service/BUILD
index cfb191f9ca0b..588f7fce6a5d 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/service/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/service/BUILD
@@ -23,6 +23,7 @@ go_library(
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/client-go/informers/core/v1:go_default_library",
@@ -39,8 +40,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["service_controller_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/service",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/testapi:go_default_library",
         "//pkg/cloudprovider/providers/fake:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/service/service_controller.go b/vendor/k8s.io/kubernetes/pkg/controller/service/service_controller.go
index 38c6b99da2cf..69e129958834 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/service/service_controller.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/service/service_controller.go
@@ -17,8 +17,8 @@ limitations under the License.
 package service
 
 import (
+	"context"
 	"fmt"
-	"sort"
 	"sync"
 	"time"
 
@@ -28,6 +28,7 @@ import (
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/util/runtime"
+	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/apimachinery/pkg/util/wait"
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	coreinformers "k8s.io/client-go/informers/core/v1"
@@ -60,11 +61,6 @@ const (
 	clientRetryCount    = 5
 	clientRetryInterval = 5 * time.Second
 
-	retryable    = true
-	notRetryable = false
-
-	doNotRetry = time.Duration(0)
-
 	// LabelNodeRoleMaster specifies that a node is a master
 	// It's copied over to kubeadm until it's merged in core: https://github.com/kubernetes/kubernetes/pull/39112
 	LabelNodeRoleMaster = "node-role.kubernetes.io/master"
@@ -77,8 +73,6 @@ const (
 type cachedService struct {
 	// The cached state of the service
 	state *v1.Service
-	// Controls error back-off
-	lastRetryDelay time.Duration
 }
 
 type serviceCache struct {
@@ -86,6 +80,8 @@ type serviceCache struct {
 	serviceMap map[string]*cachedService
 }
 
+// ServiceController keeps cloud provider service resources
+// (like load balancers) in sync with the registry.
 type ServiceController struct {
 	cloud               cloudprovider.Interface
 	knownHosts          []*v1.Node
@@ -101,7 +97,7 @@ type ServiceController struct {
 	nodeLister          corelisters.NodeLister
 	nodeListerSynced    cache.InformerSynced
 	// services that need to be synced
-	workingQueue workqueue.DelayingInterface
+	queue workqueue.RateLimitingInterface
 }
 
 // New returns a new service controller to keep cloud provider service resources
@@ -134,7 +130,7 @@ func New(
 		eventRecorder:    recorder,
 		nodeLister:       nodeInformer.Lister(),
 		nodeListerSynced: nodeInformer.Informer().HasSynced,
-		workingQueue:     workqueue.NewNamedDelayingQueue("service"),
+		queue:            workqueue.NewNamedRateLimitingQueue(workqueue.NewItemExponentialFailureRateLimiter(minRetryDelay, maxRetryDelay), "service"),
 	}
 
 	serviceInformer.Informer().AddEventHandlerWithResyncPeriod(
@@ -167,7 +163,7 @@ func (s *ServiceController) enqueueService(obj interface{}) {
 		glog.Errorf("Couldn't get key for object %#v: %v", obj, err)
 		return
 	}
-	s.workingQueue.Add(key)
+	s.queue.Add(key)
 }
 
 // Run starts a background goroutine that watches for changes to services that
@@ -182,7 +178,7 @@ func (s *ServiceController) enqueueService(obj interface{}) {
 // object.
 func (s *ServiceController) Run(stopCh <-chan struct{}, workers int) {
 	defer runtime.HandleCrash()
-	defer s.workingQueue.ShutDown()
+	defer s.queue.ShutDown()
 
 	glog.Info("Starting service controller")
 	defer glog.Info("Shutting down service controller")
@@ -203,21 +199,28 @@ func (s *ServiceController) Run(stopCh <-chan struct{}, workers int) {
 // worker runs a worker thread that just dequeues items, processes them, and marks them done.
 // It enforces that the syncHandler is never invoked concurrently with the same key.
 func (s *ServiceController) worker() {
-	for {
-		func() {
-			key, quit := s.workingQueue.Get()
-			if quit {
-				return
-			}
-			defer s.workingQueue.Done(key)
-			err := s.syncService(key.(string))
-			if err != nil {
-				glog.Errorf("Error syncing service: %v", err)
-			}
-		}()
+	for s.processNextWorkItem() {
 	}
 }
 
+func (s *ServiceController) processNextWorkItem() bool {
+	key, quit := s.queue.Get()
+	if quit {
+		return false
+	}
+	defer s.queue.Done(key)
+
+	err := s.syncService(key.(string))
+	if err == nil {
+		s.queue.Forget(key)
+		return true
+	}
+
+	runtime.HandleError(fmt.Errorf("error processing service %v (will retry): %v", key, err))
+	s.queue.AddRateLimited(key)
+	return true
+}
+
 func (s *ServiceController) init() error {
 	if s.cloud == nil {
 		return fmt.Errorf("WARNING: no cloud provider provided, services of type LoadBalancer will fail")
@@ -235,31 +238,28 @@ func (s *ServiceController) init() error {
 // Returns an error if processing the service update failed, along with a time.Duration
 // indicating whether processing should be retried; zero means no-retry; otherwise
 // we should retry in that Duration.
-func (s *ServiceController) processServiceUpdate(cachedService *cachedService, service *v1.Service, key string) (error, time.Duration) {
+func (s *ServiceController) processServiceUpdate(cachedService *cachedService, service *v1.Service, key string) error {
 	if cachedService.state != nil {
 		if cachedService.state.UID != service.UID {
-			err, retry := s.processLoadBalancerDelete(cachedService, key)
+			err := s.processLoadBalancerDelete(cachedService, key)
 			if err != nil {
-				return err, retry
+				return err
 			}
 		}
 	}
 	// cache the service, we need the info for service deletion
 	cachedService.state = service
-	err, retry := s.createLoadBalancerIfNeeded(key, service)
+	err := s.createLoadBalancerIfNeeded(key, service)
 	if err != nil {
-		message := "Error creating load balancer"
-		var retryToReturn time.Duration
-		if retry {
-			message += " (will retry): "
-			retryToReturn = cachedService.nextRetryDelay()
-		} else {
-			message += " (will not retry): "
-			retryToReturn = doNotRetry
+		eventType := "CreatingLoadBalancerFailed"
+		message := "Error creating load balancer (will retry): "
+		if !wantsLoadBalancer(service) {
+			eventType = "CleanupLoadBalancerFailed"
+			message = "Error cleaning up load balancer (will retry): "
 		}
 		message += err.Error()
-		s.eventRecorder.Event(service, v1.EventTypeWarning, "CreatingLoadBalancerFailed", message)
-		return err, retryToReturn
+		s.eventRecorder.Event(service, v1.EventTypeWarning, eventType, message)
+		return err
 	}
 	// Always update the cache upon success.
 	// NOTE: Since we update the cached service if and only if we successfully
@@ -267,13 +267,12 @@ func (s *ServiceController) processServiceUpdate(cachedService *cachedService, s
 	// been successfully processed.
 	s.cache.set(key, cachedService)
 
-	cachedService.resetRetryDelay()
-	return nil, doNotRetry
+	return nil
 }
 
 // Returns whatever error occurred along with a boolean indicator of whether it
 // should be retried.
-func (s *ServiceController) createLoadBalancerIfNeeded(key string, service *v1.Service) (error, bool) {
+func (s *ServiceController) createLoadBalancerIfNeeded(key string, service *v1.Service) error {
 	// Note: It is safe to just call EnsureLoadBalancer.  But, on some clouds that requires a delete & create,
 	// which may involve service interruption.  Also, we would like user-friendly events.
 
@@ -283,15 +282,15 @@ func (s *ServiceController) createLoadBalancerIfNeeded(key string, service *v1.S
 	var err error
 
 	if !wantsLoadBalancer(service) {
-		_, exists, err := s.balancer.GetLoadBalancer(s.clusterName, service)
+		_, exists, err := s.balancer.GetLoadBalancer(context.TODO(), s.clusterName, service)
 		if err != nil {
-			return fmt.Errorf("error getting LB for service %s: %v", key, err), retryable
+			return fmt.Errorf("error getting LB for service %s: %v", key, err)
 		}
 		if exists {
 			glog.Infof("Deleting existing load balancer for service %s that no longer needs a load balancer.", key)
 			s.eventRecorder.Event(service, v1.EventTypeNormal, "DeletingLoadBalancer", "Deleting load balancer")
-			if err := s.balancer.EnsureLoadBalancerDeleted(s.clusterName, service); err != nil {
-				return err, retryable
+			if err := s.balancer.EnsureLoadBalancerDeleted(context.TODO(), s.clusterName, service); err != nil {
+				return err
 			}
 			s.eventRecorder.Event(service, v1.EventTypeNormal, "DeletedLoadBalancer", "Deleted load balancer")
 		}
@@ -305,7 +304,7 @@ func (s *ServiceController) createLoadBalancerIfNeeded(key string, service *v1.S
 		s.eventRecorder.Event(service, v1.EventTypeNormal, "EnsuringLoadBalancer", "Ensuring load balancer")
 		newState, err = s.ensureLoadBalancer(service)
 		if err != nil {
-			return fmt.Errorf("failed to ensure load balancer for service %s: %v", key, err), retryable
+			return fmt.Errorf("failed to ensure load balancer for service %s: %v", key, err)
 		}
 		s.eventRecorder.Event(service, v1.EventTypeNormal, "EnsuredLoadBalancer", "Ensured load balancer")
 	}
@@ -320,13 +319,14 @@ func (s *ServiceController) createLoadBalancerIfNeeded(key string, service *v1.S
 		service.Status.LoadBalancer = *newState
 
 		if err := s.persistUpdate(service); err != nil {
-			return fmt.Errorf("failed to persist updated status to apiserver, even after retries. Giving up: %v", err), notRetryable
+			runtime.HandleError(fmt.Errorf("failed to persist service %q updated status to apiserver, even after retries. Giving up: %v", key, err))
+			return nil
 		}
 	} else {
 		glog.V(2).Infof("Not persisting unchanged LoadBalancerStatus for service %s to registry.", key)
 	}
 
-	return nil, notRetryable
+	return nil
 }
 
 func (s *ServiceController) persistUpdate(service *v1.Service) error {
@@ -371,7 +371,7 @@ func (s *ServiceController) ensureLoadBalancer(service *v1.Service) (*v1.LoadBal
 	// - Only one protocol supported per service
 	// - Not all cloud providers support all protocols and the next step is expected to return
 	//   an error for unsupported protocols
-	return s.balancer.EnsureLoadBalancer(s.clusterName, service, nodes)
+	return s.balancer.EnsureLoadBalancer(context.TODO(), s.clusterName, service, nodes)
 }
 
 // ListKeys implements the interface required by DeltaFIFO to list the keys we
@@ -567,10 +567,10 @@ func portEqualForLB(x, y *v1.ServicePort) bool {
 	return true
 }
 
-func nodeNames(nodes []*v1.Node) []string {
-	ret := make([]string, len(nodes))
-	for i, node := range nodes {
-		ret[i] = node.Name
+func nodeNames(nodes []*v1.Node) sets.String {
+	ret := sets.NewString()
+	for _, node := range nodes {
+		ret.Insert(node.Name)
 	}
 	return ret
 }
@@ -579,25 +579,7 @@ func nodeSlicesEqualForLB(x, y []*v1.Node) bool {
 	if len(x) != len(y) {
 		return false
 	}
-	return stringSlicesEqual(nodeNames(x), nodeNames(y))
-}
-
-func stringSlicesEqual(x, y []string) bool {
-	if len(x) != len(y) {
-		return false
-	}
-	if !sort.StringsAreSorted(x) {
-		sort.Strings(x)
-	}
-	if !sort.StringsAreSorted(y) {
-		sort.Strings(y)
-	}
-	for i := range x {
-		if x[i] != y[i] {
-			return false
-		}
-	}
-	return true
+	return nodeNames(x).Equal(nodeNames(y))
 }
 
 func getNodeConditionPredicate() corelisters.NodeConditionPredicate {
@@ -691,7 +673,7 @@ func (s *ServiceController) lockedUpdateLoadBalancerHosts(service *v1.Service, h
 	}
 
 	// This operation doesn't normally take very long (and happens pretty often), so we only record the final event
-	err := s.balancer.UpdateLoadBalancer(s.clusterName, service, hosts)
+	err := s.balancer.UpdateLoadBalancer(context.TODO(), s.clusterName, service, hosts)
 	if err == nil {
 		// If there are no available nodes for LoadBalancer service, make a EventTypeWarning event for it.
 		if len(hosts) == 0 {
@@ -703,7 +685,7 @@ func (s *ServiceController) lockedUpdateLoadBalancerHosts(service *v1.Service, h
 	}
 
 	// It's only an actual error if the load balancer still exists.
-	if _, exists, err := s.balancer.GetLoadBalancer(s.clusterName, service); err != nil {
+	if _, exists, err := s.balancer.GetLoadBalancer(context.TODO(), s.clusterName, service); err != nil {
 		glog.Errorf("External error while checking if load balancer %q exists: name, %v", cloudprovider.GetLoadBalancerName(service), err)
 	} else if !exists {
 		return nil
@@ -721,33 +703,14 @@ func loadBalancerIPsAreEqual(oldService, newService *v1.Service) bool {
 	return oldService.Spec.LoadBalancerIP == newService.Spec.LoadBalancerIP
 }
 
-// Computes the next retry, using exponential backoff
-// mutex must be held.
-func (s *cachedService) nextRetryDelay() time.Duration {
-	s.lastRetryDelay = s.lastRetryDelay * 2
-	if s.lastRetryDelay < minRetryDelay {
-		s.lastRetryDelay = minRetryDelay
-	}
-	if s.lastRetryDelay > maxRetryDelay {
-		s.lastRetryDelay = maxRetryDelay
-	}
-	return s.lastRetryDelay
-}
-
-// Resets the retry exponential backoff.  mutex must be held.
-func (s *cachedService) resetRetryDelay() {
-	s.lastRetryDelay = time.Duration(0)
-}
-
 // syncService will sync the Service with the given key if it has had its expectations fulfilled,
 // meaning it did not expect to see any more of its pods created or deleted. This function is not meant to be
 // invoked concurrently with the same key.
 func (s *ServiceController) syncService(key string) error {
 	startTime := time.Now()
 	var cachedService *cachedService
-	var retryDelay time.Duration
 	defer func() {
-		glog.V(4).Infof("Finished syncing service %q (%v)", key, time.Now().Sub(startTime))
+		glog.V(4).Infof("Finished syncing service %q (%v)", key, time.Since(startTime))
 	}()
 
 	namespace, name, err := cache.SplitMetaNamespaceKey(key)
@@ -760,59 +723,44 @@ func (s *ServiceController) syncService(key string) error {
 	switch {
 	case errors.IsNotFound(err):
 		// service absence in store means watcher caught the deletion, ensure LB info is cleaned
-		glog.Infof("Service has been deleted %v", key)
-		err, retryDelay = s.processServiceDeletion(key)
+		glog.Infof("Service has been deleted %v. Attempting to cleanup load balancer resources", key)
+		err = s.processServiceDeletion(key)
 	case err != nil:
 		glog.Infof("Unable to retrieve service %v from store: %v", key, err)
-		s.workingQueue.Add(key)
-		return err
 	default:
 		cachedService = s.cache.getOrCreate(key)
-		err, retryDelay = s.processServiceUpdate(cachedService, service, key)
+		err = s.processServiceUpdate(cachedService, service, key)
 	}
 
-	if retryDelay != 0 {
-		// Add the failed service back to the queue so we'll retry it.
-		glog.Errorf("Failed to process service %v. Retrying in %s: %v", key, retryDelay, err)
-		go func(obj interface{}, delay time.Duration) {
-			// put back the service key to working queue, it is possible that more entries of the service
-			// were added into the queue during the delay, but it does not mess as when handling the retry,
-			// it always get the last service info from service store
-			s.workingQueue.AddAfter(obj, delay)
-		}(key, retryDelay)
-	} else if err != nil {
-		runtime.HandleError(fmt.Errorf("failed to process service %v. Not retrying: %v", key, err))
-	}
-	return nil
+	return err
 }
 
 // Returns an error if processing the service deletion failed, along with a time.Duration
 // indicating whether processing should be retried; zero means no-retry; otherwise
 // we should retry after that Duration.
-func (s *ServiceController) processServiceDeletion(key string) (error, time.Duration) {
+func (s *ServiceController) processServiceDeletion(key string) error {
 	cachedService, ok := s.cache.get(key)
 	if !ok {
-		return fmt.Errorf("service %s not in cache even though the watcher thought it was. Ignoring the deletion", key), doNotRetry
+		glog.Errorf("service %s not in cache even though the watcher thought it was. Ignoring the deletion", key)
+		return nil
 	}
 	return s.processLoadBalancerDelete(cachedService, key)
 }
 
-func (s *ServiceController) processLoadBalancerDelete(cachedService *cachedService, key string) (error, time.Duration) {
+func (s *ServiceController) processLoadBalancerDelete(cachedService *cachedService, key string) error {
 	service := cachedService.state
 	// delete load balancer info only if the service type is LoadBalancer
 	if !wantsLoadBalancer(service) {
-		return nil, doNotRetry
+		return nil
 	}
 	s.eventRecorder.Event(service, v1.EventTypeNormal, "DeletingLoadBalancer", "Deleting load balancer")
-	err := s.balancer.EnsureLoadBalancerDeleted(s.clusterName, service)
+	err := s.balancer.EnsureLoadBalancerDeleted(context.TODO(), s.clusterName, service)
 	if err != nil {
-		message := "Error deleting load balancer (will retry): " + err.Error()
-		s.eventRecorder.Event(service, v1.EventTypeWarning, "DeletingLoadBalancerFailed", message)
-		return err, cachedService.nextRetryDelay()
+		s.eventRecorder.Eventf(service, v1.EventTypeWarning, "DeletingLoadBalancerFailed", "Error deleting load balancer (will retry): %v", err)
+		return err
 	}
 	s.eventRecorder.Event(service, v1.EventTypeNormal, "DeletedLoadBalancer", "Deleted load balancer")
 	s.cache.delete(key)
 
-	cachedService.resetRetryDelay()
-	return nil, doNotRetry
+	return nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/serviceaccount/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/serviceaccount/BUILD
index ef389de512c9..f1da2dc72a02 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/serviceaccount/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/serviceaccount/BUILD
@@ -16,12 +16,8 @@ go_library(
     ],
     importpath = "k8s.io/kubernetes/pkg/controller/serviceaccount",
     deps = [
-        "//pkg/apis/core/v1:go_default_library",
         "//pkg/controller:go_default_library",
         "//pkg/registry/core/secret:go_default_library",
-        "//pkg/registry/core/secret/storage:go_default_library",
-        "//pkg/registry/core/serviceaccount:go_default_library",
-        "//pkg/registry/core/serviceaccount/storage:go_default_library",
         "//pkg/serviceaccount:go_default_library",
         "//pkg/util/metrics:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
@@ -33,9 +29,6 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/storage/storagebackend:go_default_library",
         "//vendor/k8s.io/client-go/informers/core/v1:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
         "//vendor/k8s.io/client-go/listers/core/v1:go_default_library",
@@ -51,13 +44,13 @@ go_test(
         "serviceaccounts_controller_test.go",
         "tokens_controller_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/controller/serviceaccount",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/controller:go_default_library",
         "//vendor/github.com/davecgh/go-spew/spew:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/gopkg.in/square/go-jose.v2/jwt:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/serviceaccount/tokengetter.go b/vendor/k8s.io/kubernetes/pkg/controller/serviceaccount/tokengetter.go
index d21f578b29c4..ed86489639ff 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/serviceaccount/tokengetter.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/serviceaccount/tokengetter.go
@@ -19,15 +19,7 @@ package serviceaccount
 import (
 	"k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
-	"k8s.io/apiserver/pkg/registry/generic"
-	"k8s.io/apiserver/pkg/storage/storagebackend"
 	clientset "k8s.io/client-go/kubernetes"
-	apiv1 "k8s.io/kubernetes/pkg/apis/core/v1"
-	"k8s.io/kubernetes/pkg/registry/core/secret"
-	secretstore "k8s.io/kubernetes/pkg/registry/core/secret/storage"
-	serviceaccountregistry "k8s.io/kubernetes/pkg/registry/core/serviceaccount"
-	serviceaccountstore "k8s.io/kubernetes/pkg/registry/core/serviceaccount/storage"
 	"k8s.io/kubernetes/pkg/serviceaccount"
 )
 
@@ -43,59 +35,15 @@ type clientGetter struct {
 func NewGetterFromClient(c clientset.Interface) serviceaccount.ServiceAccountTokenGetter {
 	return clientGetter{c}
 }
+
 func (c clientGetter) GetServiceAccount(namespace, name string) (*v1.ServiceAccount, error) {
 	return c.client.CoreV1().ServiceAccounts(namespace).Get(name, metav1.GetOptions{})
 }
-func (c clientGetter) GetSecret(namespace, name string) (*v1.Secret, error) {
-	return c.client.CoreV1().Secrets(namespace).Get(name, metav1.GetOptions{})
-}
 
-// registryGetter implements ServiceAccountTokenGetter using a service account and secret registry
-type registryGetter struct {
-	serviceAccounts serviceaccountregistry.Registry
-	secrets         secret.Registry
+func (c clientGetter) GetPod(namespace, name string) (*v1.Pod, error) {
+	return c.client.CoreV1().Pods(namespace).Get(name, metav1.GetOptions{})
 }
 
-// NewGetterFromRegistries returns a ServiceAccountTokenGetter that
-// uses the specified registries to retrieve service accounts and secrets.
-func NewGetterFromRegistries(serviceAccounts serviceaccountregistry.Registry, secrets secret.Registry) serviceaccount.ServiceAccountTokenGetter {
-	return &registryGetter{serviceAccounts, secrets}
-}
-func (r *registryGetter) GetServiceAccount(namespace, name string) (*v1.ServiceAccount, error) {
-	ctx := genericapirequest.WithNamespace(genericapirequest.NewContext(), namespace)
-	internalServiceAccount, err := r.serviceAccounts.GetServiceAccount(ctx, name, &metav1.GetOptions{})
-	if err != nil {
-		return nil, err
-	}
-	v1ServiceAccount := v1.ServiceAccount{}
-	err = apiv1.Convert_core_ServiceAccount_To_v1_ServiceAccount(internalServiceAccount, &v1ServiceAccount, nil)
-	return &v1ServiceAccount, err
-
-}
-func (r *registryGetter) GetSecret(namespace, name string) (*v1.Secret, error) {
-	ctx := genericapirequest.WithNamespace(genericapirequest.NewContext(), namespace)
-	internalSecret, err := r.secrets.GetSecret(ctx, name, &metav1.GetOptions{})
-	if err != nil {
-		return nil, err
-	}
-	v1Secret := v1.Secret{}
-	err = apiv1.Convert_core_Secret_To_v1_Secret(internalSecret, &v1Secret, nil)
-	return &v1Secret, err
-
-}
-
-// NewGetterFromStorageInterface returns a ServiceAccountTokenGetter that
-// uses the specified storage to retrieve service accounts and secrets.
-func NewGetterFromStorageInterface(
-	saConfig *storagebackend.Config,
-	saPrefix string,
-	secretConfig *storagebackend.Config,
-	secretPrefix string) serviceaccount.ServiceAccountTokenGetter {
-
-	saOpts := generic.RESTOptions{StorageConfig: saConfig, Decorator: generic.UndecoratedStorage, ResourcePrefix: saPrefix}
-	secretOpts := generic.RESTOptions{StorageConfig: secretConfig, Decorator: generic.UndecoratedStorage, ResourcePrefix: secretPrefix}
-	return NewGetterFromRegistries(
-		serviceaccountregistry.NewRegistry(serviceaccountstore.NewREST(saOpts)),
-		secret.NewRegistry(secretstore.NewREST(secretOpts)),
-	)
+func (c clientGetter) GetSecret(namespace, name string) (*v1.Secret, error) {
+	return c.client.CoreV1().Secrets(namespace).Get(name, metav1.GetOptions{})
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/serviceaccount/tokens_controller.go b/vendor/k8s.io/kubernetes/pkg/controller/serviceaccount/tokens_controller.go
index c34e600ef112..7b7f80ce43db 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/serviceaccount/tokens_controller.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/serviceaccount/tokens_controller.go
@@ -395,7 +395,7 @@ func (e *TokensController) ensureReferencedToken(serviceAccount *v1.ServiceAccou
 	}
 
 	// Generate the token
-	token, err := e.token.GenerateToken(*serviceAccount, *secret)
+	token, err := e.token.GenerateToken(serviceaccount.LegacyClaims(*serviceAccount, *secret))
 	if err != nil {
 		// retriable error
 		return true, err
@@ -551,7 +551,7 @@ func (e *TokensController) generateTokenIfNeeded(serviceAccount *v1.ServiceAccou
 
 	// Generate the token
 	if needsToken {
-		token, err := e.token.GenerateToken(*serviceAccount, *liveSecret)
+		token, err := e.token.GenerateToken(serviceaccount.LegacyClaims(*serviceAccount, *liveSecret))
 		if err != nil {
 			return false, err
 		}
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/statefulset/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/statefulset/BUILD
index d35a9de07807..22f6b9f8a024 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/statefulset/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/statefulset/BUILD
@@ -21,7 +21,7 @@ go_library(
         "//pkg/controller:go_default_library",
         "//pkg/controller/history:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
-        "//vendor/k8s.io/api/apps/v1beta1:go_default_library",
+        "//vendor/k8s.io/api/apps/v1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
@@ -31,12 +31,12 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/strategicpatch:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
-        "//vendor/k8s.io/client-go/informers/apps/v1beta1:go_default_library",
+        "//vendor/k8s.io/client-go/informers/apps/v1:go_default_library",
         "//vendor/k8s.io/client-go/informers/core/v1:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes/scheme:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes/typed/core/v1:go_default_library",
-        "//vendor/k8s.io/client-go/listers/apps/v1beta1:go_default_library",
+        "//vendor/k8s.io/client-go/listers/apps/v1:go_default_library",
         "//vendor/k8s.io/client-go/listers/core/v1:go_default_library",
         "//vendor/k8s.io/client-go/tools/cache:go_default_library",
         "//vendor/k8s.io/client-go/tools/record:go_default_library",
@@ -54,15 +54,14 @@ go_test(
         "stateful_set_test.go",
         "stateful_set_utils_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/controller/statefulset",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/v1/pod:go_default_library",
         "//pkg/apis/apps/install:go_default_library",
         "//pkg/apis/core/install:go_default_library",
         "//pkg/controller:go_default_library",
         "//pkg/controller/history:go_default_library",
-        "//vendor/k8s.io/api/apps/v1beta1:go_default_library",
+        "//vendor/k8s.io/api/apps/v1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
@@ -72,11 +71,11 @@ go_test(
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/client-go/informers:go_default_library",
-        "//vendor/k8s.io/client-go/informers/apps/v1beta1:go_default_library",
+        "//vendor/k8s.io/client-go/informers/apps/v1:go_default_library",
         "//vendor/k8s.io/client-go/informers/core/v1:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes/fake:go_default_library",
-        "//vendor/k8s.io/client-go/listers/apps/v1beta1:go_default_library",
+        "//vendor/k8s.io/client-go/listers/apps/v1:go_default_library",
         "//vendor/k8s.io/client-go/listers/core/v1:go_default_library",
         "//vendor/k8s.io/client-go/testing:go_default_library",
         "//vendor/k8s.io/client-go/tools/cache:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_pod_control.go b/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_pod_control.go
index fff08046297b..50433dbdbe46 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_pod_control.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_pod_control.go
@@ -20,13 +20,13 @@ import (
 	"fmt"
 	"strings"
 
-	apps "k8s.io/api/apps/v1beta1"
+	apps "k8s.io/api/apps/v1"
 	"k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	errorutils "k8s.io/apimachinery/pkg/util/errors"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	clientset "k8s.io/client-go/kubernetes"
-	appslisters "k8s.io/client-go/listers/apps/v1beta1"
+	appslisters "k8s.io/client-go/listers/apps/v1"
 	corelisters "k8s.io/client-go/listers/core/v1"
 	"k8s.io/client-go/tools/record"
 	"k8s.io/client-go/util/retry"
@@ -172,7 +172,7 @@ func (spc *realStatefulPodControl) recordClaimEvent(verb string, set *apps.State
 	}
 }
 
-// createPersistentVolumeClaims creates all of the required PersistentVolumeClaims for pod, which mush be a member of
+// createPersistentVolumeClaims creates all of the required PersistentVolumeClaims for pod, which must be a member of
 // set. If all of the claims for Pod are successfully created, the returned error is nil. If creation fails, this method
 // may be called again until no error is returned, indicating the PersistentVolumeClaims for pod are consistent with
 // set's Spec.
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_set.go b/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_set.go
index a49ba7deb3ce..1890fb271cb3 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_set.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_set.go
@@ -21,19 +21,19 @@ import (
 	"reflect"
 	"time"
 
-	apps "k8s.io/api/apps/v1beta1"
+	apps "k8s.io/api/apps/v1"
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/wait"
-	appsinformers "k8s.io/client-go/informers/apps/v1beta1"
+	appsinformers "k8s.io/client-go/informers/apps/v1"
 	coreinformers "k8s.io/client-go/informers/core/v1"
 	clientset "k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/kubernetes/scheme"
 	v1core "k8s.io/client-go/kubernetes/typed/core/v1"
-	appslisters "k8s.io/client-go/listers/apps/v1beta1"
+	appslisters "k8s.io/client-go/listers/apps/v1"
 	corelisters "k8s.io/client-go/listers/core/v1"
 	"k8s.io/client-go/tools/cache"
 	"k8s.io/client-go/tools/record"
@@ -101,6 +101,7 @@ func NewStatefulSetController(
 				recorder),
 			NewRealStatefulSetStatusUpdater(kubeClient, setInformer.Lister()),
 			history.NewHistory(kubeClient, revInformer.Lister()),
+			recorder,
 		),
 		pvcListerSynced: pvcInformer.Informer().HasSynced,
 		queue:           workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "statefulset"),
@@ -297,7 +298,7 @@ func (ssc *StatefulSetController) getPodsForStatefulSet(set *apps.StatefulSet, s
 	// If any adoptions are attempted, we should first recheck for deletion with
 	// an uncached quorum read sometime after listing Pods (see #42639).
 	canAdoptFunc := controller.RecheckDeletionTimestamp(func() (metav1.Object, error) {
-		fresh, err := ssc.kubeClient.AppsV1beta1().StatefulSets(set.Namespace).Get(set.Name, metav1.GetOptions{})
+		fresh, err := ssc.kubeClient.AppsV1().StatefulSets(set.Namespace).Get(set.Name, metav1.GetOptions{})
 		if err != nil {
 			return nil, err
 		}
@@ -325,7 +326,7 @@ func (ssc *StatefulSetController) adoptOrphanRevisions(set *apps.StatefulSet) er
 		}
 	}
 	if hasOrphans {
-		fresh, err := ssc.kubeClient.AppsV1beta1().StatefulSets(set.Namespace).Get(set.Name, metav1.GetOptions{})
+		fresh, err := ssc.kubeClient.AppsV1().StatefulSets(set.Namespace).Get(set.Name, metav1.GetOptions{})
 		if err != nil {
 			return err
 		}
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_set_control.go b/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_set_control.go
index 5102808c4475..b1b589860432 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_set_control.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_set_control.go
@@ -22,9 +22,10 @@ import (
 
 	"github.com/golang/glog"
 
-	apps "k8s.io/api/apps/v1beta1"
+	apps "k8s.io/api/apps/v1"
 	"k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/client-go/tools/record"
 	"k8s.io/kubernetes/pkg/controller/history"
 )
 
@@ -53,14 +54,16 @@ type StatefulSetControlInterface interface {
 func NewDefaultStatefulSetControl(
 	podControl StatefulPodControlInterface,
 	statusUpdater StatefulSetStatusUpdaterInterface,
-	controllerHistory history.Interface) StatefulSetControlInterface {
-	return &defaultStatefulSetControl{podControl, statusUpdater, controllerHistory}
+	controllerHistory history.Interface,
+	recorder record.EventRecorder) StatefulSetControlInterface {
+	return &defaultStatefulSetControl{podControl, statusUpdater, controllerHistory, recorder}
 }
 
 type defaultStatefulSetControl struct {
 	podControl        StatefulPodControlInterface
 	statusUpdater     StatefulSetStatusUpdaterInterface
 	controllerHistory history.Interface
+	recorder          record.EventRecorder
 }
 
 // UpdateStatefulSet executes the core logic loop for a stateful set, applying the predictable and
@@ -266,8 +269,7 @@ func (ssc *defaultStatefulSetControl) updateStatefulSet(
 
 	// set the generation, and revisions in the returned status
 	status := apps.StatefulSetStatus{}
-	status.ObservedGeneration = new(int64)
-	*status.ObservedGeneration = set.Generation
+	status.ObservedGeneration = set.Generation
 	status.CurrentRevision = currentRevision.Name
 	status.UpdateRevision = updateRevision.Name
 	status.CollisionCount = new(int32)
@@ -367,7 +369,8 @@ func (ssc *defaultStatefulSetControl) updateStatefulSet(
 	for i := range replicas {
 		// delete and recreate failed pods
 		if isFailed(replicas[i]) {
-			glog.V(4).Infof("StatefulSet %s/%s is recreating failed Pod %s",
+			ssc.recorder.Eventf(set, v1.EventTypeWarning, "RecreatingFailedPod",
+				"StatefulSet %s/%s is recreating failed Pod %s",
 				set.Namespace,
 				set.Name,
 				replicas[i].Name)
@@ -466,7 +469,7 @@ func (ssc *defaultStatefulSetControl) updateStatefulSet(
 				firstUnhealthyPod.Name)
 			return &status, nil
 		}
-		glog.V(4).Infof("StatefulSet %s/%s terminating Pod %s for scale dowm",
+		glog.V(2).Infof("StatefulSet %s/%s terminating Pod %s for scale dowm",
 			set.Namespace,
 			set.Name,
 			condemned[target].Name)
@@ -499,7 +502,7 @@ func (ssc *defaultStatefulSetControl) updateStatefulSet(
 
 		// delete the Pod if it is not already terminating and does not match the update revision.
 		if getPodRevision(replicas[target]) != updateRevision.Name && !isTerminating(replicas[target]) {
-			glog.V(4).Infof("StatefulSet %s/%s terminating Pod %s for update",
+			glog.V(2).Infof("StatefulSet %s/%s terminating Pod %s for update",
 				set.Namespace,
 				set.Name,
 				replicas[target].Name)
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_set_status_updater.go b/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_set_status_updater.go
index d56e01469a4c..78b22dbbb53f 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_set_status_updater.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_set_status_updater.go
@@ -19,10 +19,10 @@ package statefulset
 import (
 	"fmt"
 
-	apps "k8s.io/api/apps/v1beta1"
+	apps "k8s.io/api/apps/v1"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	clientset "k8s.io/client-go/kubernetes"
-	appslisters "k8s.io/client-go/listers/apps/v1beta1"
+	appslisters "k8s.io/client-go/listers/apps/v1"
 	"k8s.io/client-go/util/retry"
 )
 
@@ -53,7 +53,7 @@ func (ssu *realStatefulSetStatusUpdater) UpdateStatefulSetStatus(
 	// don't wait due to limited number of clients, but backoff after the default number of steps
 	return retry.RetryOnConflict(retry.DefaultRetry, func() error {
 		set.Status = *status
-		_, updateErr := ssu.client.AppsV1beta1().StatefulSets(set.Namespace).UpdateStatus(set)
+		_, updateErr := ssu.client.AppsV1().StatefulSets(set.Namespace).UpdateStatus(set)
 		if updateErr == nil {
 			return nil
 		}
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_set_utils.go b/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_set_utils.go
index 4e23784ac3d6..77f5809b82d9 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_set_utils.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/statefulset/stateful_set_utils.go
@@ -23,7 +23,7 @@ import (
 	"regexp"
 	"strconv"
 
-	apps "k8s.io/api/apps/v1beta1"
+	apps "k8s.io/api/apps/v1"
 	"k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -312,13 +312,9 @@ func newRevision(set *apps.StatefulSet, revision int64, collisionCount *int32) (
 	if err != nil {
 		return nil, err
 	}
-	selector, err := metav1.LabelSelectorAsSelector(set.Spec.Selector)
-	if err != nil {
-		return nil, err
-	}
 	cr, err := history.NewControllerRevision(set,
 		controllerKind,
-		selector,
+		set.Spec.Template.Labels,
 		runtime.RawExtension{Raw: patch},
 		revision,
 		collisionCount)
@@ -363,8 +359,7 @@ func nextRevision(revisions []*apps.ControllerRevision) int64 {
 // inconsistentStatus returns true if the ObservedGeneration of status is greater than set's
 // Generation or if any of the status's fields do not match those of set's status.
 func inconsistentStatus(set *apps.StatefulSet, status *apps.StatefulSetStatus) bool {
-	return set.Status.ObservedGeneration == nil ||
-		*status.ObservedGeneration > *set.Status.ObservedGeneration ||
+	return status.ObservedGeneration > set.Status.ObservedGeneration ||
 		status.Replicas != set.Status.Replicas ||
 		status.CurrentReplicas != set.Status.CurrentReplicas ||
 		status.ReadyReplicas != set.Status.ReadyReplicas ||
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/ttl/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/ttl/BUILD
index 7c96860f7573..50cb9757ec20 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/ttl/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/ttl/BUILD
@@ -44,8 +44,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["ttl_controller_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/ttl",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/util/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/util/node/BUILD
similarity index 87%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/util/BUILD
rename to vendor/k8s.io/kubernetes/pkg/controller/util/node/BUILD
index b14d0cb92607..8a4625104062 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/node/util/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/util/node/BUILD
@@ -1,14 +1,10 @@
-package(default_visibility = ["//visibility:public"])
-
-load(
-    "@io_bazel_rules_go//go:def.bzl",
-    "go_library",
-)
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
 
 go_library(
     name = "go_default_library",
     srcs = ["controller_utils.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/node/util",
+    importpath = "k8s.io/kubernetes/pkg/controller/util/node",
+    visibility = ["//visibility:public"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/cloudprovider:go_default_library",
@@ -41,4 +37,5 @@ filegroup(
     name = "all-srcs",
     srcs = [":package-srcs"],
     tags = ["automanaged"],
+    visibility = ["//visibility:public"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/node/util/controller_utils.go b/vendor/k8s.io/kubernetes/pkg/controller/util/node/controller_utils.go
similarity index 95%
rename from vendor/k8s.io/kubernetes/pkg/controller/node/util/controller_utils.go
rename to vendor/k8s.io/kubernetes/pkg/controller/util/node/controller_utils.go
index a9d8e08fadc3..b2c0ec23cf5e 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/node/util/controller_utils.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/util/node/controller_utils.go
@@ -14,9 +14,10 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package util
+package node
 
 import (
+	"context"
 	"errors"
 	"fmt"
 	"strings"
@@ -170,14 +171,14 @@ func MarkAllPodsNotReady(kubeClient clientset.Interface, node *v1.Node) error {
 	return fmt.Errorf("%v", strings.Join(errMsg, "; "))
 }
 
-// NodeExistsInCloudProvider returns true if the node exists in the
+// ExistsInCloudProvider returns true if the node exists in the
 // cloud provider.
-func NodeExistsInCloudProvider(cloud cloudprovider.Interface, nodeName types.NodeName) (bool, error) {
+func ExistsInCloudProvider(cloud cloudprovider.Interface, nodeName types.NodeName) (bool, error) {
 	instances, ok := cloud.Instances()
 	if !ok {
 		return false, fmt.Errorf("%v", ErrCloudInstance)
 	}
-	if _, err := instances.ExternalID(nodeName); err != nil {
+	if _, err := instances.ExternalID(context.TODO(), nodeName); err != nil {
 		if err == cloudprovider.InstanceNotFound {
 			return false, nil
 		}
@@ -198,7 +199,7 @@ func RecordNodeEvent(recorder record.EventRecorder, nodeName, nodeUID, eventtype
 	recorder.Eventf(ref, eventtype, reason, "Node %s event: %s", nodeName, event)
 }
 
-// RecordNodeStatusChange records a event related to a node status change.
+// RecordNodeStatusChange records a event related to a node status change. (Common to lifecycle and ipam)
 func RecordNodeStatusChange(recorder record.EventRecorder, node *v1.Node, newStatus string) {
 	ref := &v1.ObjectReference{
 		Kind:      "Node",
@@ -252,12 +253,12 @@ func CreateAddNodeHandler(f func(node *v1.Node) error) func(obj interface{}) {
 	return func(originalObj interface{}) {
 		node := originalObj.(*v1.Node).DeepCopy()
 		if err := f(node); err != nil {
-			utilruntime.HandleError(fmt.Errorf("Error while processing Node Delete: %v", err))
+			utilruntime.HandleError(fmt.Errorf("Error while processing Node Add: %v", err))
 		}
 	}
 }
 
-// CreateUpdateNodeHandler creates a node update handler.
+// CreateUpdateNodeHandler creates a node update handler. (Common to lifecycle and ipam)
 func CreateUpdateNodeHandler(f func(oldNode, newNode *v1.Node) error) func(oldObj, newObj interface{}) {
 	return func(origOldObj, origNewObj interface{}) {
 		node := origNewObj.(*v1.Node).DeepCopy()
@@ -269,7 +270,7 @@ func CreateUpdateNodeHandler(f func(oldNode, newNode *v1.Node) error) func(oldOb
 	}
 }
 
-// CreateDeleteNodeHandler creates a delete node handler.
+// CreateDeleteNodeHandler creates a delete node handler. (Common to lifecycle and ipam)
 func CreateDeleteNodeHandler(f func(node *v1.Node) error) func(obj interface{}) {
 	return func(originalObj interface{}) {
 		originalNode, isNode := originalObj.(*v1.Node)
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/BUILD
index d3b76f22ff4c..4d5908494ed1 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/BUILD
@@ -23,7 +23,7 @@ go_library(
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
         "//pkg/volume/util/operationexecutor:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
+        "//pkg/volume/util/volumepathhandler:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
@@ -42,8 +42,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["attach_detach_controller_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/volume/attachdetach",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/controller:go_default_library",
         "//pkg/controller/volume/attachdetach/cache:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/attach_detach_controller.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/attach_detach_controller.go
index 3c01e6b05a4c..b719ffaaa354 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/attach_detach_controller.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/attach_detach_controller.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// Package volume implements a controller to manage volume attach and detach
+// Package attachdetach implements a controller to manage volume attach and detach
 // operations.
 package attachdetach
 
@@ -47,7 +47,7 @@ import (
 	"k8s.io/kubernetes/pkg/volume"
 	volumeutil "k8s.io/kubernetes/pkg/volume/util"
 	"k8s.io/kubernetes/pkg/volume/util/operationexecutor"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
+	"k8s.io/kubernetes/pkg/volume/util/volumepathhandler"
 )
 
 // TimerConfig contains configuration of internal attach/detach timers and
@@ -137,7 +137,7 @@ func NewAttachDetachController(
 	eventBroadcaster.StartLogging(glog.Infof)
 	eventBroadcaster.StartRecordingToSink(&v1core.EventSinkImpl{Interface: v1core.New(kubeClient.CoreV1().RESTClient()).Events("")})
 	recorder := eventBroadcaster.NewRecorder(scheme.Scheme, v1.EventSource{Component: "attachdetach-controller"})
-	blkutil := volumeutil.NewBlockVolumePathHandler()
+	blkutil := volumepathhandler.NewBlockVolumePathHandler()
 
 	adc.desiredStateOfWorld = cache.NewDesiredStateOfWorld(&adc.volumePluginMgr)
 	adc.actualStateOfWorld = cache.NewActualStateOfWorld(&adc.volumePluginMgr)
@@ -335,7 +335,7 @@ func (adc *attachDetachController) populateDesiredStateOfWorld() error {
 	}
 	for _, pod := range pods {
 		podToAdd := pod
-		adc.podAdd(&podToAdd)
+		adc.podAdd(podToAdd)
 		for _, podVolume := range podToAdd.Spec.Volumes {
 			// The volume specs present in the ActualStateOfWorld are nil, let's replace those
 			// with the correct ones found on pods. The present in the ASW with no corresponding
@@ -361,7 +361,7 @@ func (adc *attachDetachController) populateDesiredStateOfWorld() error {
 					err)
 				continue
 			}
-			volumeName, err := volumehelper.GetUniqueVolumeNameFromSpec(plugin, volumeSpec)
+			volumeName, err := volumeutil.GetUniqueVolumeNameFromSpec(plugin, volumeSpec)
 			if err != nil {
 				glog.Errorf(
 					"Failed to find unique name for volume %q, pod %q/%q: %v",
@@ -587,10 +587,10 @@ func (adc *attachDetachController) GetExec(pluginName string) mount.Exec {
 }
 
 func (adc *attachDetachController) addNodeToDswp(node *v1.Node, nodeName types.NodeName) {
-	if _, exists := node.Annotations[volumehelper.ControllerManagedAttachAnnotation]; exists {
+	if _, exists := node.Annotations[volumeutil.ControllerManagedAttachAnnotation]; exists {
 		keepTerminatedPodVolumes := false
 
-		if t, ok := node.Annotations[volumehelper.KeepTerminatedPodVolumesAnnotation]; ok {
+		if t, ok := node.Annotations[volumeutil.KeepTerminatedPodVolumesAnnotation]; ok {
 			keepTerminatedPodVolumes = (t == "true")
 		}
 
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache/BUILD
index 6bc3d938c54e..76f3b46b59bf 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache/BUILD
@@ -15,9 +15,9 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache",
     deps = [
         "//pkg/volume:go_default_library",
+        "//pkg/volume/util:go_default_library",
         "//pkg/volume/util/operationexecutor:go_default_library",
         "//pkg/volume/util/types:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
@@ -30,8 +30,7 @@ go_test(
         "actual_state_of_world_test.go",
         "desired_state_of_world_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/controller/volume/attachdetach/testing:go_default_library",
         "//pkg/volume/testing:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache/actual_state_of_world.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache/actual_state_of_world.go
index 9bb6320c6621..985b29962dae 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache/actual_state_of_world.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache/actual_state_of_world.go
@@ -31,8 +31,8 @@ import (
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/kubernetes/pkg/volume"
+	"k8s.io/kubernetes/pkg/volume/util"
 	"k8s.io/kubernetes/pkg/volume/util/operationexecutor"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 // ActualStateOfWorld defines a set of thread-safe operations supported on
@@ -73,7 +73,7 @@ type ActualStateOfWorld interface {
 	// SetNodeStatusUpdateNeeded sets statusUpdateNeeded for the specified
 	// node to true indicating the AttachedVolume field in the Node's Status
 	// object needs to be updated by the node updater again.
-	// If the specifed node does not exist in the nodesToUpdateStatusFor list,
+	// If the specified node does not exist in the nodesToUpdateStatusFor list,
 	// log the error and return
 	SetNodeStatusUpdateNeeded(nodeName types.NodeName)
 
@@ -131,8 +131,8 @@ type ActualStateOfWorld interface {
 type AttachedVolume struct {
 	operationexecutor.AttachedVolume
 
-	// MountedByNode indicates that this volume has been been mounted by the
-	// node and is unsafe to detach.
+	// MountedByNode indicates that this volume has been mounted by the node and
+	// is unsafe to detach.
 	// The value is set and unset by SetVolumeMountedByNode(...).
 	MountedByNode bool
 
@@ -275,7 +275,7 @@ func (asw *actualStateOfWorld) AddVolumeNode(
 				err)
 		}
 
-		volumeName, err = volumehelper.GetUniqueVolumeNameFromSpec(
+		volumeName, err = util.GetUniqueVolumeNameFromSpec(
 			attachableVolumePlugin, volumeSpec)
 		if err != nil {
 			return "", fmt.Errorf(
@@ -467,13 +467,13 @@ func (asw *actualStateOfWorld) addVolumeToReportAsAttached(
 
 // Update the flag statusUpdateNeeded to indicate whether node status is already updated or
 // needs to be updated again by the node status updater.
-// If the specifed node does not exist in the nodesToUpdateStatusFor list, log the error and return
+// If the specified node does not exist in the nodesToUpdateStatusFor list, log the error and return
 // This is an internal function and caller should acquire and release the lock
 func (asw *actualStateOfWorld) updateNodeStatusUpdateNeeded(nodeName types.NodeName, needed bool) error {
 	nodeToUpdate, nodeToUpdateExists := asw.nodesToUpdateStatusFor[nodeName]
 	if !nodeToUpdateExists {
 		// should not happen
-		errMsg := fmt.Sprintf("Failed to set statusUpdateNeeded to needed %t because nodeName=%q  does not exist",
+		errMsg := fmt.Sprintf("Failed to set statusUpdateNeeded to needed %t, because nodeName=%q does not exist",
 			needed, nodeName)
 		return fmt.Errorf(errMsg)
 	}
@@ -488,7 +488,7 @@ func (asw *actualStateOfWorld) SetNodeStatusUpdateNeeded(nodeName types.NodeName
 	asw.Lock()
 	defer asw.Unlock()
 	if err := asw.updateNodeStatusUpdateNeeded(nodeName, true); err != nil {
-		glog.Errorf("Failed to update statusUpdateNeeded field in actual state of world: %v", err)
+		glog.Warningf("Failed to update statusUpdateNeeded field in actual state of world: %v", err)
 	}
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache/desired_state_of_world.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache/desired_state_of_world.go
index 57ee9253ec1d..520d2ca38b9e 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache/desired_state_of_world.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache/desired_state_of_world.go
@@ -28,9 +28,9 @@ import (
 	"k8s.io/api/core/v1"
 	k8stypes "k8s.io/apimachinery/pkg/types"
 	"k8s.io/kubernetes/pkg/volume"
+	"k8s.io/kubernetes/pkg/volume/util"
 	"k8s.io/kubernetes/pkg/volume/util/operationexecutor"
 	"k8s.io/kubernetes/pkg/volume/util/types"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 // DesiredStateOfWorld defines a set of thread-safe operations supported on
@@ -40,14 +40,14 @@ import (
 // should be attached to the specified node, and pods are the pods that
 // reference the volume and are scheduled to that node.
 // Note: This is distinct from the DesiredStateOfWorld implemented by the
-// kubelet volume manager. The both keep track of different objects. This
+// kubelet volume manager. They both keep track of different objects. This
 // contains attach/detach controller specific state.
 type DesiredStateOfWorld interface {
 	// AddNode adds the given node to the list of nodes managed by the attach/
 	// detach controller.
 	// If the node already exists this is a no-op.
 	// keepTerminatedPodVolumes is a property of the node that determines
-	// if for terminated pods volumes should be mounted and attached.
+	// if volumes should be mounted and attached for terminated pods.
 	AddNode(nodeName k8stypes.NodeName, keepTerminatedPodVolumes bool)
 
 	// AddPod adds the given pod to the list of pods that reference the
@@ -105,6 +105,10 @@ type DesiredStateOfWorld interface {
 	// Mark multiattach error as reported to prevent spamming multiple
 	// events for same error
 	SetMultiAttachError(v1.UniqueVolumeName, k8stypes.NodeName)
+
+	// GetPodsOnNodes returns list of pods ("namespace/name") that require
+	// given volume on given nodes.
+	GetVolumePodsOnNodes(nodes []k8stypes.NodeName, volumeName v1.UniqueVolumeName) []*v1.Pod
 }
 
 // VolumeToAttach represents a volume that should be attached to a node.
@@ -152,7 +156,7 @@ type nodeManaged struct {
 
 	// volumesToAttach is a map containing the set of volumes that should be
 	// attached to this node. The key in the map is the name of the volume and
-	// the value is a pod object containing more information about the volume.
+	// the value is a volumeToAttach object containing more information about the volume.
 	volumesToAttach map[v1.UniqueVolumeName]volumeToAttach
 
 	// keepTerminatedPodVolumes determines if for terminated pods(on this node) - volumes
@@ -160,10 +164,10 @@ type nodeManaged struct {
 	keepTerminatedPodVolumes bool
 }
 
-// The volume object represents a volume that should be attached to a node.
+// The volumeToAttach object represents a volume that should be attached to a node.
 type volumeToAttach struct {
 	// multiAttachErrorReported indicates whether the multi-attach error has been reported for the given volume.
-	// It is used to to prevent reporting the error from being reported more than once for a given volume.
+	// It is used to prevent reporting the error from being reported more than once for a given volume.
 	multiAttachErrorReported bool
 
 	// volumeName contains the unique identifier for this volume.
@@ -227,11 +231,12 @@ func (dsw *desiredStateOfWorld) AddPod(
 			err)
 	}
 
-	volumeName, err := volumehelper.GetUniqueVolumeNameFromSpec(
+	volumeName, err := util.GetUniqueVolumeNameFromSpec(
 		attachableVolumePlugin, volumeSpec)
 	if err != nil {
 		return "", fmt.Errorf(
-			"failed to GetUniqueVolumeNameFromSpec for volumeSpec %q err=%v",
+			"failed to get UniqueVolumeName from volumeSpec for plugin=%q and volume=%q err=%v",
+			attachableVolumePlugin.GetPluginName(),
 			volumeSpec.Name(),
 			err)
 	}
@@ -412,3 +417,24 @@ func (dsw *desiredStateOfWorld) GetPodToAdd() map[types.UniquePodName]PodToAdd {
 	}
 	return pods
 }
+
+func (dsw *desiredStateOfWorld) GetVolumePodsOnNodes(nodes []k8stypes.NodeName, volumeName v1.UniqueVolumeName) []*v1.Pod {
+	dsw.RLock()
+	defer dsw.RUnlock()
+
+	pods := []*v1.Pod{}
+	for _, nodeName := range nodes {
+		node, ok := dsw.nodesManaged[nodeName]
+		if !ok {
+			continue
+		}
+		volume, ok := node.volumesToAttach[volumeName]
+		if !ok {
+			continue
+		}
+		for _, pod := range volume.scheduledPods {
+			pods = append(pods, pod.podObj)
+		}
+	}
+	return pods
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/populator/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/populator/BUILD
index 78f4ac364736..1ed2bce09e27 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/populator/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/populator/BUILD
@@ -14,7 +14,7 @@ go_library(
         "//pkg/controller/volume/attachdetach/cache:go_default_library",
         "//pkg/controller/volume/attachdetach/util:go_default_library",
         "//pkg/volume:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
+        "//pkg/volume/util:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
@@ -41,13 +41,12 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["desired_state_of_world_populator_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/volume/attachdetach/populator",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/controller:go_default_library",
         "//pkg/controller/volume/attachdetach/cache:go_default_library",
         "//pkg/volume/testing:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
+        "//pkg/volume/util:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/populator/desired_state_of_world_populator.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/populator/desired_state_of_world_populator.go
index 379996b18e82..4065e25a8041 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/populator/desired_state_of_world_populator.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/populator/desired_state_of_world_populator.go
@@ -33,7 +33,7 @@ import (
 	"k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache"
 	"k8s.io/kubernetes/pkg/controller/volume/attachdetach/util"
 	"k8s.io/kubernetes/pkg/volume"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
+	volutil "k8s.io/kubernetes/pkg/volume/util"
 )
 
 // DesiredStateOfWorldPopulator periodically verifies that the pods in the
@@ -133,7 +133,7 @@ func (dswp *desiredStateOfWorldPopulator) findAndRemoveDeletedPods() {
 				true /* default volume action */)
 
 			if volumeActionFlag {
-				informerPodUID := volumehelper.GetUniquePodName(informerPod)
+				informerPodUID := volutil.GetUniquePodName(informerPod)
 				// Check whether the unique identifier of the pod from dsw matches the one retrieved from pod informer
 				if informerPodUID == dswPodUID {
 					glog.V(10).Infof("Verified pod %q (UID %q) from dsw exists in pod informer.", dswPodKey, dswPodUID)
@@ -142,7 +142,7 @@ func (dswp *desiredStateOfWorldPopulator) findAndRemoveDeletedPods() {
 			}
 		}
 
-		// the pod from dsw does not exist in pod informer, or it does not match the unique identifer retrieved
+		// the pod from dsw does not exist in pod informer, or it does not match the unique identifier retrieved
 		// from the informer, delete it from dsw
 		glog.V(1).Infof("Removing pod %q (UID %q) from dsw because it does not exist in pod informer.", dswPodKey, dswPodUID)
 		dswp.desiredStateOfWorld.DeletePod(dswPodUID, dswPodToAdd.VolumeName, dswPodToAdd.NodeName)
@@ -158,7 +158,7 @@ func (dswp *desiredStateOfWorldPopulator) findAndAddActivePods() {
 	dswp.timeOfLastListPods = time.Now()
 
 	for _, pod := range pods {
-		if volumehelper.IsPodTerminated(pod, pod.Status) {
+		if volutil.IsPodTerminated(pod, pod.Status) {
 			// Do not add volumes for terminated pods
 			continue
 		}
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/reconciler/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/reconciler/BUILD
index 16379f5c0b9c..a2e8802c5111 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/reconciler/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/reconciler/BUILD
@@ -19,6 +19,7 @@ go_library(
         "//pkg/volume/util/operationexecutor:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/client-go/tools/record:go_default_library",
     ],
@@ -27,13 +28,13 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["reconciler_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/volume/attachdetach/reconciler",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/controller:go_default_library",
         "//pkg/controller/volume/attachdetach/cache:go_default_library",
         "//pkg/controller/volume/attachdetach/statusupdater:go_default_library",
         "//pkg/controller/volume/attachdetach/testing:go_default_library",
+        "//pkg/util/strings:go_default_library",
         "//pkg/volume/testing:go_default_library",
         "//pkg/volume/util/operationexecutor:go_default_library",
         "//pkg/volume/util/types:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/reconciler/reconciler.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/reconciler/reconciler.go
index ac81f98c6ae1..47c690f83a75 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/reconciler/reconciler.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/reconciler/reconciler.go
@@ -21,10 +21,12 @@ package reconciler
 
 import (
 	"fmt"
+	"strings"
 	"time"
 
 	"github.com/golang/glog"
 	"k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/client-go/tools/record"
 	"k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache"
@@ -145,7 +147,7 @@ func (rc *reconciler) isMultiAttachForbidden(volumeSpec *volume.Spec) bool {
 		}
 	}
 
-	// Only if this volume is a persistent volume, we have reliable information on wether it's allowed or not to
+	// Only if this volume is a persistent volume, we have reliable information on whether it's allowed or not to
 	// multi-attach. We trust in the individual volume implementations to not allow unsupported access modes
 	if volumeSpec.PersistentVolume != nil {
 		// Check for persistent volume types which do not fail when trying to multi-attach
@@ -269,12 +271,8 @@ func (rc *reconciler) attachDesiredVolumes() {
 			nodes := rc.actualStateOfWorld.GetNodesForVolume(volumeToAttach.VolumeName)
 			if len(nodes) > 0 {
 				if !volumeToAttach.MultiAttachErrorReported {
-					simpleMsg, detailedMsg := volumeToAttach.GenerateMsg("Multi-Attach error", "Volume is already exclusively attached to one node and can't be attached to another")
-					for _, pod := range volumeToAttach.ScheduledPods {
-						rc.recorder.Eventf(pod, v1.EventTypeWarning, kevents.FailedAttachVolume, simpleMsg)
-					}
+					rc.reportMultiAttachError(volumeToAttach, nodes)
 					rc.desiredStateOfWorld.SetMultiAttachError(volumeToAttach.VolumeName, volumeToAttach.NodeName)
-					glog.Warningf(detailedMsg)
 				}
 				continue
 			}
@@ -292,5 +290,78 @@ func (rc *reconciler) attachDesiredVolumes() {
 			glog.Errorf(volumeToAttach.GenerateErrorDetailed("attacherDetacher.AttachVolume failed to start", err).Error())
 		}
 	}
+}
+
+// reportMultiAttachError sends events and logs situation that a volume that
+// should be attached to a node is already attached to different node(s).
+func (rc *reconciler) reportMultiAttachError(volumeToAttach cache.VolumeToAttach, nodes []types.NodeName) {
+	// Filter out the current node from list of nodes where the volume is
+	// attached.
+	// Some methods need []string, some other needs []NodeName, collect both.
+	// In theory, these arrays should have always only one element - the
+	// controller does not allow more than one attachment. But use array just
+	// in case...
+	otherNodes := []types.NodeName{}
+	otherNodesStr := []string{}
+	for _, node := range nodes {
+		if node != volumeToAttach.NodeName {
+			otherNodes = append(otherNodes, node)
+			otherNodesStr = append(otherNodesStr, string(node))
+		}
+	}
+
+	// Get list of pods that use the volume on the other nodes.
+	pods := rc.desiredStateOfWorld.GetVolumePodsOnNodes(otherNodes, volumeToAttach.VolumeName)
+
+	if len(pods) == 0 {
+		// We did not find any pods that requests the volume. The pod must have been deleted already.
+		simpleMsg, _ := volumeToAttach.GenerateMsg("Multi-Attach error", "Volume is already exclusively attached to one node and can't be attached to another")
+		for _, pod := range volumeToAttach.ScheduledPods {
+			rc.recorder.Eventf(pod, v1.EventTypeWarning, kevents.FailedAttachVolume, simpleMsg)
+		}
+		// Log detailed message to system admin
+		nodeList := strings.Join(otherNodesStr, ", ")
+		detailedMsg := volumeToAttach.GenerateMsgDetailed("Multi-Attach error", fmt.Sprintf("Volume is already exclusively attached to node %s and can't be attached to another", nodeList))
+		glog.Warningf(detailedMsg)
+		return
+	}
 
+	// There are pods that require the volume and run on another node. Typically
+	// it's user error, e.g. a ReplicaSet uses a PVC and has >1 replicas. Let
+	// the user know what pods are blocking the volume.
+	for _, scheduledPod := range volumeToAttach.ScheduledPods {
+		// Each scheduledPod must get a custom message. They can run in
+		// different namespaces and user of a namespace should not see names of
+		// pods in other namespaces.
+		localPodNames := []string{} // Names of pods in scheduledPods's namespace
+		otherPods := 0              // Count of pods in other namespaces
+		for _, pod := range pods {
+			if pod.Namespace == scheduledPod.Namespace {
+				localPodNames = append(localPodNames, pod.Name)
+			} else {
+				otherPods++
+			}
+		}
+
+		var msg string
+		if len(localPodNames) > 0 {
+			msg = fmt.Sprintf("Volume is already used by pod(s) %s", strings.Join(localPodNames, ", "))
+			if otherPods > 0 {
+				msg = fmt.Sprintf("%s and %d pod(s) in different namespaces", msg, otherPods)
+			}
+		} else {
+			// No local pods, there are pods only in different namespaces.
+			msg = fmt.Sprintf("Volume is already used by %d pod(s) in different namespaces", otherPods)
+		}
+		simpleMsg, _ := volumeToAttach.GenerateMsg("Multi-Attach error", msg)
+		rc.recorder.Eventf(scheduledPod, v1.EventTypeWarning, kevents.FailedAttachVolume, simpleMsg)
+	}
+
+	// Log all pods for system admin
+	podNames := []string{}
+	for _, pod := range pods {
+		podNames = append(podNames, pod.Namespace+"/"+pod.Name)
+	}
+	detailedMsg := volumeToAttach.GenerateMsgDetailed("Multi-Attach error", fmt.Sprintf("Volume is already used by pods %s on node %s", strings.Join(podNames, ", "), strings.Join(otherNodesStr, ", ")))
+	glog.Warningf(detailedMsg)
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/statusupdater/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/statusupdater/BUILD
index e60d31be92e2..2ef64b0f6e9a 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/statusupdater/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/statusupdater/BUILD
@@ -14,11 +14,11 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/controller/volume/attachdetach/statusupdater",
     deps = [
         "//pkg/controller/volume/attachdetach/cache:go_default_library",
+        "//pkg/util/node:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/strategicpatch:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
         "//vendor/k8s.io/client-go/listers/core/v1:go_default_library",
     ],
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/statusupdater/node_status_updater.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/statusupdater/node_status_updater.go
index ab6dd05ecc4d..b5cbb2244648 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/statusupdater/node_status_updater.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/statusupdater/node_status_updater.go
@@ -19,18 +19,15 @@ limitations under the License.
 package statusupdater
 
 import (
-	"encoding/json"
-	"fmt"
-
 	"github.com/golang/glog"
 
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/types"
-	"k8s.io/apimachinery/pkg/util/strategicpatch"
 	clientset "k8s.io/client-go/kubernetes"
 	corelisters "k8s.io/client-go/listers/core/v1"
 	"k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache"
+	nodeutil "k8s.io/kubernetes/pkg/util/node"
 )
 
 // NodeStatusUpdater defines a set of operations for updating the
@@ -100,47 +97,12 @@ func (nsu *nodeStatusUpdater) UpdateNodeStatuses() error {
 
 func (nsu *nodeStatusUpdater) updateNodeStatus(nodeName types.NodeName, nodeObj *v1.Node, attachedVolumes []v1.AttachedVolume) error {
 	node := nodeObj.DeepCopy()
-
-	// TODO: Change to pkg/util/node.UpdateNodeStatus.
-	oldData, err := json.Marshal(node)
-	if err != nil {
-		return fmt.Errorf(
-			"failed to Marshal oldData for node %q. %v",
-			nodeName,
-			err)
-	}
-
 	node.Status.VolumesAttached = attachedVolumes
-
-	newData, err := json.Marshal(node)
-	if err != nil {
-		return fmt.Errorf(
-			"failed to Marshal newData for node %q. %v",
-			nodeName,
-			err)
-	}
-
-	patchBytes, err :=
-		strategicpatch.CreateTwoWayMergePatch(oldData, newData, node)
-	if err != nil {
-		return fmt.Errorf(
-			"failed to CreateTwoWayMergePatch for node %q. %v",
-			nodeName,
-			err)
-	}
-
-	_, err = nsu.kubeClient.CoreV1().Nodes().PatchStatus(string(nodeName), patchBytes)
+	_, patchBytes, err := nodeutil.PatchNodeStatus(nsu.kubeClient.CoreV1(), nodeName, nodeObj, node)
 	if err != nil {
-		return fmt.Errorf(
-			"failed to kubeClient.CoreV1().Nodes().Patch for node %q. %v",
-			nodeName,
-			err)
+		return err
 	}
-	glog.V(4).Infof(
-		"Updating status for node %q succeeded. patchBytes: %q VolumesAttached: %v",
-		nodeName,
-		string(patchBytes),
-		node.Status.VolumesAttached)
 
+	glog.V(4).Infof("Updating status %q for node %q succeeded. VolumesAttached: %v", patchBytes, nodeName, attachedVolumes)
 	return nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/util/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/util/BUILD
index 06848fecca38..f74cdd3f1201 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/util/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/util/BUILD
@@ -12,7 +12,7 @@ go_library(
     deps = [
         "//pkg/controller/volume/attachdetach/cache:go_default_library",
         "//pkg/volume:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
+        "//pkg/volume/util:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/util/util.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/util/util.go
index 370486b36184..6f3dfd0a7831 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/util/util.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/util/util.go
@@ -25,7 +25,7 @@ import (
 	corelisters "k8s.io/client-go/listers/core/v1"
 	"k8s.io/kubernetes/pkg/controller/volume/attachdetach/cache"
 	"k8s.io/kubernetes/pkg/volume"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
+	"k8s.io/kubernetes/pkg/volume/util"
 )
 
 // CreateVolumeSpec creates and returns a mutatable volume.Spec object for the
@@ -150,7 +150,7 @@ func DetermineVolumeAction(pod *v1.Pod, desiredStateOfWorld cache.DesiredStateOf
 	nodeName := types.NodeName(pod.Spec.NodeName)
 	keepTerminatedPodVolume := desiredStateOfWorld.GetKeepTerminatedPodVolumesForNode(nodeName)
 
-	if volumehelper.IsPodTerminated(pod, pod.Status) {
+	if util.IsPodTerminated(pod, pod.Status) {
 		// if pod is terminate we let kubelet policy dictate if volume
 		// should be detached or not
 		return keepTerminatedPodVolume
@@ -216,7 +216,7 @@ func ProcessPodVolumes(pod *v1.Pod, addVolumes bool, desiredStateOfWorld cache.D
 			continue
 		}
 
-		uniquePodName := volumehelper.GetUniquePodName(pod)
+		uniquePodName := util.GetUniquePodName(pod)
 		if addVolumes {
 			// Add volume to desired state of world
 			_, err := desiredStateOfWorld.AddPod(
@@ -232,7 +232,7 @@ func ProcessPodVolumes(pod *v1.Pod, addVolumes bool, desiredStateOfWorld cache.D
 
 		} else {
 			// Remove volume from desired state of world
-			uniqueVolumeName, err := volumehelper.GetUniqueVolumeNameFromSpec(
+			uniqueVolumeName, err := util.GetUniqueVolumeNameFromSpec(
 				attachableVolumePlugin, volumeSpec)
 			if err != nil {
 				glog.V(10).Infof(
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/BUILD
index 74ae103b74c2..5a067da6a444 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/BUILD
@@ -17,13 +17,13 @@ go_library(
         "//pkg/cloudprovider:go_default_library",
         "//pkg/controller:go_default_library",
         "//pkg/controller/volume/expand/cache:go_default_library",
-        "//pkg/controller/volume/expand/util:go_default_library",
         "//pkg/util/goroutinemap/exponentialbackoff:go_default_library",
         "//pkg/util/io:go_default_library",
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
         "//pkg/volume/util/operationexecutor:go_default_library",
+        "//pkg/volume/util/volumepathhandler:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
@@ -53,7 +53,6 @@ filegroup(
     srcs = [
         ":package-srcs",
         "//pkg/controller/volume/expand/cache:all-srcs",
-        "//pkg/controller/volume/expand/util:all-srcs",
     ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/cache/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/cache/BUILD
index c9f64da1a972..68b2315974e4 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/cache/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/cache/BUILD
@@ -11,12 +11,13 @@ go_library(
     srcs = ["volume_resize_map.go"],
     importpath = "k8s.io/kubernetes/pkg/controller/volume/expand/cache",
     deps = [
-        "//pkg/controller/volume/expand/util:go_default_library",
         "//pkg/util/strings:go_default_library",
+        "//pkg/volume/util:go_default_library",
         "//pkg/volume/util/types:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/strategicpatch:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
@@ -39,8 +40,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["volume_resize_map_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/volume/expand/cache",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/volume/util/types:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/cache/volume_resize_map.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/cache/volume_resize_map.go
index 2645a294c23b..aadfd9833e73 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/cache/volume_resize_map.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/cache/volume_resize_map.go
@@ -24,11 +24,12 @@ import (
 	"github.com/golang/glog"
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/resource"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	commontypes "k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/strategicpatch"
 	clientset "k8s.io/client-go/kubernetes"
-	"k8s.io/kubernetes/pkg/controller/volume/expand/util"
 	"k8s.io/kubernetes/pkg/util/strings"
+	"k8s.io/kubernetes/pkg/volume/util"
 	"k8s.io/kubernetes/pkg/volume/util/types"
 )
 
@@ -44,6 +45,8 @@ type VolumeResizeMap interface {
 	MarkAsResized(*PVCWithResizeRequest, resource.Quantity) error
 	// UpdatePVSize updates just pv size after cloudprovider resizing is successful
 	UpdatePVSize(*PVCWithResizeRequest, resource.Quantity) error
+	// MarkForFSResize updates pvc condition to indicate that a file system resize is pending
+	MarkForFSResize(*PVCWithResizeRequest) error
 }
 
 type volumeResizeMap struct {
@@ -52,7 +55,7 @@ type volumeResizeMap struct {
 	// kube client for making API calls
 	kubeClient clientset.Interface
 	// for guarding access to pvcrs map
-	sync.RWMutex
+	sync.Mutex
 }
 
 // PVCWithResizeRequest struct defines data structure that stores state needed for
@@ -103,9 +106,6 @@ func (resizeMap *volumeResizeMap) AddPVCUpdate(pvc *v1.PersistentVolumeClaim, pv
 		return
 	}
 
-	resizeMap.Lock()
-	defer resizeMap.Unlock()
-
 	pvcSize := pvc.Spec.Resources.Requests[v1.ResourceStorage]
 	pvcStatusSize := pvc.Status.Capacity[v1.ResourceStorage]
 
@@ -121,6 +121,9 @@ func (resizeMap *volumeResizeMap) AddPVCUpdate(pvc *v1.PersistentVolumeClaim, pv
 		ExpectedSize:     pvcSize,
 		PersistentVolume: pv,
 	}
+
+	resizeMap.Lock()
+	defer resizeMap.Unlock()
 	resizeMap.pvcrs[types.UniquePVCName(pvc.UID)] = pvcRequest
 }
 
@@ -141,18 +144,15 @@ func (resizeMap *volumeResizeMap) GetPVCsWithResizeRequest() []*PVCWithResizeReq
 // DeletePVC removes given pvc object from list of pvcs that needs resizing.
 // deleting a pvc in this map doesn't affect operations that are already inflight.
 func (resizeMap *volumeResizeMap) DeletePVC(pvc *v1.PersistentVolumeClaim) {
-	resizeMap.Lock()
-	defer resizeMap.Unlock()
 	pvcUniqueName := types.UniquePVCName(pvc.UID)
 	glog.V(5).Infof("Removing PVC %v from resize map", pvcUniqueName)
+	resizeMap.Lock()
+	defer resizeMap.Unlock()
 	delete(resizeMap.pvcrs, pvcUniqueName)
 }
 
 // MarkAsResized marks a pvc as fully resized
 func (resizeMap *volumeResizeMap) MarkAsResized(pvcr *PVCWithResizeRequest, newSize resource.Quantity) error {
-	resizeMap.Lock()
-	defer resizeMap.Unlock()
-
 	emptyCondition := []v1.PersistentVolumeClaimCondition{}
 
 	err := resizeMap.updatePVCCapacityAndConditions(pvcr, newSize, emptyCondition)
@@ -163,11 +163,23 @@ func (resizeMap *volumeResizeMap) MarkAsResized(pvcr *PVCWithResizeRequest, newS
 	return nil
 }
 
+// MarkForFSResize marks pvc with condition that indicates a fs resize is pending
+func (resizeMap *volumeResizeMap) MarkForFSResize(pvcr *PVCWithResizeRequest) error {
+	pvcCondition := v1.PersistentVolumeClaimCondition{
+		Type:               v1.PersistentVolumeClaimFileSystemResizePending,
+		Status:             v1.ConditionTrue,
+		LastTransitionTime: metav1.Now(),
+		Message:            "Waiting for user to (re-)start a pod to finish file system resize of volume on node.",
+	}
+	conditions := []v1.PersistentVolumeClaimCondition{pvcCondition}
+	newPVC := pvcr.PVC.DeepCopy()
+	newPVC = util.MergeResizeConditionOnPVC(newPVC, conditions)
+	_, err := util.PatchPVCStatus(pvcr.PVC /*oldPVC*/, newPVC, resizeMap.kubeClient)
+	return err
+}
+
 // UpdatePVSize updates just pv size after cloudprovider resizing is successful
 func (resizeMap *volumeResizeMap) UpdatePVSize(pvcr *PVCWithResizeRequest, newSize resource.Quantity) error {
-	resizeMap.Lock()
-	defer resizeMap.Unlock()
-
 	oldPv := pvcr.PersistentVolume
 	pvClone := oldPv.DeepCopy()
 
@@ -201,16 +213,9 @@ func (resizeMap *volumeResizeMap) UpdatePVSize(pvcr *PVCWithResizeRequest, newSi
 }
 
 func (resizeMap *volumeResizeMap) updatePVCCapacityAndConditions(pvcr *PVCWithResizeRequest, newSize resource.Quantity, pvcConditions []v1.PersistentVolumeClaimCondition) error {
-
-	claimClone := pvcr.PVC.DeepCopy()
-
-	claimClone.Status.Capacity[v1.ResourceStorage] = newSize
-	claimClone.Status.Conditions = pvcConditions
-
-	_, updateErr := resizeMap.kubeClient.CoreV1().PersistentVolumeClaims(claimClone.Namespace).UpdateStatus(claimClone)
-	if updateErr != nil {
-		glog.V(4).Infof("updating PersistentVolumeClaim[%s] status: failed: %v", pvcr.QualifiedName(), updateErr)
-		return updateErr
-	}
-	return nil
+	newPVC := pvcr.PVC.DeepCopy()
+	newPVC.Status.Capacity[v1.ResourceStorage] = newSize
+	newPVC = util.MergeResizeConditionOnPVC(newPVC, pvcConditions)
+	_, err := util.PatchPVCStatus(pvcr.PVC /*oldPVC*/, newPVC, resizeMap.kubeClient)
+	return err
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/expand_controller.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/expand_controller.go
index 6d6ac0edf9bd..e41785f34c1e 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/expand_controller.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/expand_controller.go
@@ -42,13 +42,13 @@ import (
 	"k8s.io/kubernetes/pkg/util/io"
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
-	"k8s.io/kubernetes/pkg/volume/util"
 	"k8s.io/kubernetes/pkg/volume/util/operationexecutor"
+	"k8s.io/kubernetes/pkg/volume/util/volumepathhandler"
 )
 
 const (
 	// How often resizing loop runs
-	syncLoopPeriod time.Duration = 30 * time.Second
+	syncLoopPeriod time.Duration = 400 * time.Millisecond
 	// How often pvc populator runs
 	populatorLoopPeriod time.Duration = 2 * time.Minute
 )
@@ -118,7 +118,7 @@ func NewExpandController(
 	eventBroadcaster.StartLogging(glog.Infof)
 	eventBroadcaster.StartRecordingToSink(&v1core.EventSinkImpl{Interface: v1core.New(kubeClient.CoreV1().RESTClient()).Events("")})
 	recorder := eventBroadcaster.NewRecorder(scheme.Scheme, v1.EventSource{Component: "volume_expand"})
-	blkutil := util.NewBlockVolumePathHandler()
+	blkutil := volumepathhandler.NewBlockVolumePathHandler()
 
 	expc.opExecutor = operationexecutor.NewOperationExecutor(operationexecutor.NewOperationGenerator(
 		kubeClient,
@@ -162,9 +162,17 @@ func (expc *expandController) Run(stopCh <-chan struct{}) {
 
 func (expc *expandController) deletePVC(obj interface{}) {
 	pvc, ok := obj.(*v1.PersistentVolumeClaim)
-
-	if pvc == nil || !ok {
-		return
+	if !ok {
+		tombstone, ok := obj.(kcache.DeletedFinalStateUnknown)
+		if !ok {
+			runtime.HandleError(fmt.Errorf("couldn't get object from tombstone %+v", obj))
+			return
+		}
+		pvc, ok = tombstone.Obj.(*v1.PersistentVolumeClaim)
+		if !ok {
+			runtime.HandleError(fmt.Errorf("tombstone contained object that is not a pvc %#v", obj))
+			return
+		}
 	}
 
 	expc.resizeMap.DeletePVC(pvc)
@@ -182,12 +190,21 @@ func (expc *expandController) pvcUpdate(oldObj, newObj interface{}) {
 	if newPVC == nil || !ok {
 		return
 	}
-	pv, err := getPersistentVolume(newPVC, expc.pvLister)
-	if err != nil {
-		glog.V(5).Infof("Error getting Persistent Volume for pvc %q : %v", newPVC.UID, err)
-		return
+
+	newSize := newPVC.Spec.Resources.Requests[v1.ResourceStorage]
+	oldSize := oldPvc.Spec.Resources.Requests[v1.ResourceStorage]
+
+	// We perform additional checks inside resizeMap.AddPVCUpdate function
+	// this check here exists to ensure - we do not consider every
+	// PVC update event for resizing, just those where the PVC size changes
+	if newSize.Cmp(oldSize) > 0 {
+		pv, err := getPersistentVolume(newPVC, expc.pvLister)
+		if err != nil {
+			glog.V(5).Infof("Error getting Persistent Volume for pvc %q : %v", newPVC.UID, err)
+			return
+		}
+		expc.resizeMap.AddPVCUpdate(newPVC, pv)
 	}
-	expc.resizeMap.AddPVCUpdate(newPVC, pv)
 }
 
 func getPersistentVolume(pvc *v1.PersistentVolumeClaim, pvLister corelisters.PersistentVolumeLister) (*v1.PersistentVolume, error) {
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/sync_volume_resize.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/sync_volume_resize.go
index 06565775e63d..17ecba5330f5 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/sync_volume_resize.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/sync_volume_resize.go
@@ -25,8 +25,8 @@ import (
 	"k8s.io/apimachinery/pkg/util/wait"
 	clientset "k8s.io/client-go/kubernetes"
 	"k8s.io/kubernetes/pkg/controller/volume/expand/cache"
-	"k8s.io/kubernetes/pkg/controller/volume/expand/util"
 	"k8s.io/kubernetes/pkg/util/goroutinemap/exponentialbackoff"
+	"k8s.io/kubernetes/pkg/volume/util"
 	"k8s.io/kubernetes/pkg/volume/util/operationexecutor"
 )
 
@@ -96,6 +96,8 @@ func markPVCResizeInProgress(pvcWithResizeRequest *cache.PVCWithResizeRequest, k
 		LastTransitionTime: metav1.Now(),
 	}
 	conditions := []v1.PersistentVolumeClaimCondition{progressCondition}
+	newPVC := pvcWithResizeRequest.PVC.DeepCopy()
+	newPVC = util.MergeResizeConditionOnPVC(newPVC, conditions)
 
-	return util.UpdatePVCCondition(pvcWithResizeRequest.PVC, conditions, kubeClient)
+	return util.PatchPVCStatus(pvcWithResizeRequest.PVC /*oldPVC*/, newPVC, kubeClient)
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/util/util.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/util/util.go
deleted file mode 100644
index bc6795c4fa75..000000000000
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/util/util.go
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
-Copyright 2017 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package util
-
-import (
-	"fmt"
-
-	"github.com/golang/glog"
-
-	"k8s.io/api/core/v1"
-	clientset "k8s.io/client-go/kubernetes"
-)
-
-// ClaimToClaimKey return namespace/name string for pvc
-func ClaimToClaimKey(claim *v1.PersistentVolumeClaim) string {
-	return fmt.Sprintf("%s/%s", claim.Namespace, claim.Name)
-}
-
-// UpdatePVCCondition updates pvc with given condition status
-func UpdatePVCCondition(pvc *v1.PersistentVolumeClaim,
-	pvcConditions []v1.PersistentVolumeClaimCondition,
-	kubeClient clientset.Interface) (*v1.PersistentVolumeClaim, error) {
-
-	claimClone := pvc.DeepCopy()
-	claimClone.Status.Conditions = pvcConditions
-	updatedClaim, updateErr := kubeClient.CoreV1().PersistentVolumeClaims(claimClone.Namespace).UpdateStatus(claimClone)
-	if updateErr != nil {
-		glog.V(4).Infof("updating PersistentVolumeClaim[%s] status: failed: %v", ClaimToClaimKey(pvc), updateErr)
-		return nil, updateErr
-	}
-	return updatedClaim, nil
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/BUILD
index 01ab29857e6c..5367ef78fab4 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/BUILD
@@ -24,6 +24,7 @@ go_library(
         "//pkg/cloudprovider:go_default_library",
         "//pkg/controller:go_default_library",
         "//pkg/controller/volume/events:go_default_library",
+        "//pkg/controller/volume/persistentvolume/metrics:go_default_library",
         "//pkg/features:go_default_library",
         "//pkg/util/goroutinemap:go_default_library",
         "//pkg/util/goroutinemap/exponentialbackoff:go_default_library",
@@ -31,6 +32,7 @@ go_library(
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
+        "//pkg/volume/util/recyclerclient:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/api/storage/v1:go_default_library",
@@ -41,6 +43,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/client-go/informers/core/v1:go_default_library",
@@ -71,14 +74,14 @@ go_test(
         "scheduler_binder_cache_test.go",
         "scheduler_binder_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/controller/volume/persistentvolume",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/testapi:go_default_library",
         "//pkg/apis/core:go_default_library",
-        "//pkg/apis/core/v1/helper:go_default_library",
         "//pkg/controller:go_default_library",
         "//pkg/volume:go_default_library",
+        "//pkg/volume/util:go_default_library",
+        "//pkg/volume/util/recyclerclient:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/api/storage/v1:go_default_library",
@@ -95,6 +98,7 @@ go_test(
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes/fake:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes/scheme:go_default_library",
+        "//vendor/k8s.io/client-go/listers/core/v1:go_default_library",
         "//vendor/k8s.io/client-go/listers/storage/v1:go_default_library",
         "//vendor/k8s.io/client-go/testing:go_default_library",
         "//vendor/k8s.io/client-go/tools/cache:go_default_library",
@@ -114,6 +118,7 @@ filegroup(
     name = "all-srcs",
     srcs = [
         ":package-srcs",
+        "//pkg/controller/volume/persistentvolume/metrics:all-srcs",
         "//pkg/controller/volume/persistentvolume/options:all-srcs",
     ],
     tags = ["automanaged"],
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/index.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/index.go
index 5c3457445643..a23cd6faa0b6 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/index.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/index.go
@@ -28,7 +28,6 @@ import (
 	"k8s.io/client-go/tools/cache"
 	v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
 	"k8s.io/kubernetes/pkg/features"
-	"k8s.io/kubernetes/pkg/volume"
 	volumeutil "k8s.io/kubernetes/pkg/volume/util"
 )
 
@@ -169,6 +168,13 @@ func findMatchingVolume(
 			continue
 		}
 
+		// check if PV's DeletionTimeStamp is set, if so, skip this volume.
+		if utilfeature.DefaultFeatureGate.Enabled(features.StorageObjectInUseProtection) {
+			if volume.ObjectMeta.DeletionTimestamp != nil {
+				continue
+			}
+		}
+
 		nodeAffinityValid := true
 		if node != nil {
 			// Scheduler path, check that the PV NodeAffinity
@@ -314,7 +320,7 @@ func (pvIndex *persistentVolumeOrderedIndex) allPossibleMatchingAccessModes(requ
 	keys := pvIndex.store.ListIndexFuncValues("accessmodes")
 	for _, key := range keys {
 		indexedModes := v1helper.GetAccessModesFromString(key)
-		if volume.AccessModesContainedInAll(indexedModes, requestedModes) {
+		if volumeutil.AccessModesContainedInAll(indexedModes, requestedModes) {
 			matchedModes = append(matchedModes, indexedModes)
 		}
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/volumehelper/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/metrics/BUILD
similarity index 64%
rename from vendor/k8s.io/kubernetes/pkg/volume/util/volumehelper/BUILD
rename to vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/metrics/BUILD
index 3a57c7dbdfb4..e5a37cbfd422 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/volumehelper/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/metrics/BUILD
@@ -7,12 +7,11 @@ load(
 
 go_library(
     name = "go_default_library",
-    srcs = ["volumehelper.go"],
-    importpath = "k8s.io/kubernetes/pkg/volume/util/volumehelper",
+    srcs = ["metrics.go"],
+    importpath = "k8s.io/kubernetes/pkg/controller/volume/persistentvolume/metrics",
     deps = [
-        "//pkg/util/mount:go_default_library",
-        "//pkg/volume:go_default_library",
-        "//pkg/volume/util/types:go_default_library",
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/github.com/prometheus/client_golang/prometheus:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/metrics/metrics.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/metrics/metrics.go
new file mode 100644
index 000000000000..5035b1bb9e0a
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/metrics/metrics.go
@@ -0,0 +1,184 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package metrics
+
+import (
+	"sync"
+
+	"k8s.io/api/core/v1"
+
+	"github.com/golang/glog"
+	"github.com/prometheus/client_golang/prometheus"
+)
+
+const (
+	// Subsystem names.
+	pvControllerSubsystem = "pv_collector"
+
+	// Metric names.
+	boundPVKey    = "bound_pv_count"
+	unboundPVKey  = "unbound_pv_count"
+	boundPVCKey   = "bound_pvc_count"
+	unboundPVCKey = "unbound_pvc_count"
+
+	// Label names.
+	namespaceLabel    = "namespace"
+	storageClassLabel = "storage_class"
+)
+
+var registerMetrics sync.Once
+
+// PVLister used to list persistent volumes.
+type PVLister interface {
+	List() []interface{}
+}
+
+// PVCLister used to list persistent volume claims.
+type PVCLister interface {
+	List() []interface{}
+}
+
+// Register all metrics for pv controller.
+func Register(pvLister PVLister, pvcLister PVCLister) {
+	registerMetrics.Do(func() {
+		prometheus.MustRegister(newPVAndPVCCountCollector(pvLister, pvcLister))
+	})
+}
+
+func newPVAndPVCCountCollector(pvLister PVLister, pvcLister PVCLister) *pvAndPVCCountCollector {
+	return &pvAndPVCCountCollector{pvLister, pvcLister}
+}
+
+// Custom collector for current pod and container counts.
+type pvAndPVCCountCollector struct {
+	// Cache for accessing information about PersistentVolumes.
+	pvLister PVLister
+	// Cache for accessing information about PersistentVolumeClaims.
+	pvcLister PVCLister
+}
+
+var (
+	boundPVCountDesc = prometheus.NewDesc(
+		prometheus.BuildFQName("", pvControllerSubsystem, boundPVKey),
+		"Gauge measuring number of persistent volume currently bound",
+		[]string{storageClassLabel}, nil)
+	unboundPVCountDesc = prometheus.NewDesc(
+		prometheus.BuildFQName("", pvControllerSubsystem, unboundPVKey),
+		"Gauge measuring number of persistent volume currently unbound",
+		[]string{storageClassLabel}, nil)
+
+	boundPVCCountDesc = prometheus.NewDesc(
+		prometheus.BuildFQName("", pvControllerSubsystem, boundPVCKey),
+		"Gauge measuring number of persistent volume claim currently bound",
+		[]string{namespaceLabel}, nil)
+	unboundPVCCountDesc = prometheus.NewDesc(
+		prometheus.BuildFQName("", pvControllerSubsystem, unboundPVCKey),
+		"Gauge measuring number of persistent volume claim currently unbound",
+		[]string{namespaceLabel}, nil)
+)
+
+func (collector *pvAndPVCCountCollector) Describe(ch chan<- *prometheus.Desc) {
+	ch <- boundPVCountDesc
+	ch <- unboundPVCountDesc
+	ch <- boundPVCCountDesc
+	ch <- unboundPVCCountDesc
+}
+
+func (collector *pvAndPVCCountCollector) Collect(ch chan<- prometheus.Metric) {
+	collector.pvCollect(ch)
+	collector.pvcCollect(ch)
+}
+
+func (collector *pvAndPVCCountCollector) pvCollect(ch chan<- prometheus.Metric) {
+	boundNumberByStorageClass := make(map[string]int)
+	unboundNumberByStorageClass := make(map[string]int)
+	for _, pvObj := range collector.pvLister.List() {
+		pv, ok := pvObj.(*v1.PersistentVolume)
+		if !ok {
+			continue
+		}
+		if pv.Status.Phase == v1.VolumeBound {
+			boundNumberByStorageClass[pv.Spec.StorageClassName]++
+		} else {
+			unboundNumberByStorageClass[pv.Spec.StorageClassName]++
+		}
+	}
+	for storageClassName, number := range boundNumberByStorageClass {
+		metric, err := prometheus.NewConstMetric(
+			boundPVCountDesc,
+			prometheus.GaugeValue,
+			float64(number),
+			storageClassName)
+		if err != nil {
+			glog.Warningf("Create bound pv number metric failed: %v", err)
+			continue
+		}
+		ch <- metric
+	}
+	for storageClassName, number := range unboundNumberByStorageClass {
+		metric, err := prometheus.NewConstMetric(
+			unboundPVCountDesc,
+			prometheus.GaugeValue,
+			float64(number),
+			storageClassName)
+		if err != nil {
+			glog.Warningf("Create unbound pv number metric failed: %v", err)
+			continue
+		}
+		ch <- metric
+	}
+}
+
+func (collector *pvAndPVCCountCollector) pvcCollect(ch chan<- prometheus.Metric) {
+	boundNumberByNamespace := make(map[string]int)
+	unboundNumberByNamespace := make(map[string]int)
+	for _, pvcObj := range collector.pvcLister.List() {
+		pvc, ok := pvcObj.(*v1.PersistentVolumeClaim)
+		if !ok {
+			continue
+		}
+		if pvc.Status.Phase == v1.ClaimBound {
+			boundNumberByNamespace[pvc.Namespace]++
+		} else {
+			unboundNumberByNamespace[pvc.Namespace]++
+		}
+	}
+	for namespace, number := range boundNumberByNamespace {
+		metric, err := prometheus.NewConstMetric(
+			boundPVCCountDesc,
+			prometheus.GaugeValue,
+			float64(number),
+			namespace)
+		if err != nil {
+			glog.Warningf("Create bound pvc number metric failed: %v", err)
+			continue
+		}
+		ch <- metric
+	}
+	for namespace, number := range unboundNumberByNamespace {
+		metric, err := prometheus.NewConstMetric(
+			unboundPVCCountDesc,
+			prometheus.GaugeValue,
+			float64(number),
+			namespace)
+		if err != nil {
+			glog.Warningf("Create unbound pvc number metric failed: %v", err)
+			continue
+		}
+		ch <- metric
+	}
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/pv_controller.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/pv_controller.go
index 980d960c750b..c245fb15bb9e 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/pv_controller.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/pv_controller.go
@@ -26,6 +26,8 @@ import (
 	storage "k8s.io/api/storage/v1"
 	apierrs "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/labels"
+	"k8s.io/apimachinery/pkg/util/sets"
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	clientset "k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/kubernetes/scheme"
@@ -43,6 +45,7 @@ import (
 	"k8s.io/kubernetes/pkg/util/goroutinemap/exponentialbackoff"
 	vol "k8s.io/kubernetes/pkg/volume"
 	"k8s.io/kubernetes/pkg/volume/util"
+	"k8s.io/kubernetes/pkg/volume/util/recyclerclient"
 
 	"github.com/golang/glog"
 )
@@ -161,6 +164,8 @@ type PersistentVolumeController struct {
 	claimListerSynced  cache.InformerSynced
 	classLister        storagelisters.StorageClassLister
 	classListerSynced  cache.InformerSynced
+	podLister          corelisters.PodLister
+	podListerSynced    cache.InformerSynced
 
 	kubeClient                clientset.Interface
 	eventRecorder             record.EventRecorder
@@ -233,24 +238,35 @@ func (ctrl *PersistentVolumeController) syncClaim(claim *v1.PersistentVolumeClai
 func checkVolumeSatisfyClaim(volume *v1.PersistentVolume, claim *v1.PersistentVolumeClaim) error {
 	requestedQty := claim.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)]
 	requestedSize := requestedQty.Value()
-	isMisMatch, err := checkVolumeModeMisMatches(&claim.Spec, &volume.Spec)
-	if err != nil {
-		return fmt.Errorf("error checking if volumeMode was a mismatch: %v", err)
+
+	// check if PV's DeletionTimeStamp is set, if so, return error.
+	if utilfeature.DefaultFeatureGate.Enabled(features.StorageObjectInUseProtection) {
+		if volume.ObjectMeta.DeletionTimestamp != nil {
+			return fmt.Errorf("the volume is marked for deletion")
+		}
 	}
 
 	volumeQty := volume.Spec.Capacity[v1.ResourceStorage]
 	volumeSize := volumeQty.Value()
 	if volumeSize < requestedSize {
-		return fmt.Errorf("Storage capacity of volume[%s] requested by claim[%v] is not enough", volume.Name, claimToClaimKey(claim))
+		return fmt.Errorf("requested PV is too small")
 	}
 
 	requestedClass := v1helper.GetPersistentVolumeClaimClass(claim)
 	if v1helper.GetPersistentVolumeClass(volume) != requestedClass {
-		return fmt.Errorf("Class of volume[%s] is not the same as claim[%v]", volume.Name, claimToClaimKey(claim))
+		return fmt.Errorf("storageClasseName does not match")
 	}
 
+	isMisMatch, err := checkVolumeModeMisMatches(&claim.Spec, &volume.Spec)
+	if err != nil {
+		return fmt.Errorf("error checking volumeMode: %v", err)
+	}
 	if isMisMatch {
-		return fmt.Errorf("VolumeMode[%v] of volume[%s] is incompatible with VolumeMode[%v] of claim[%v]", volume.Spec.VolumeMode, volume.Name, claim.Spec.VolumeMode, claim.Name)
+		return fmt.Errorf("incompatible volumeMode")
+	}
+
+	if !checkAccessModes(claim, volume) {
+		return fmt.Errorf("incompatible accessMode")
 	}
 
 	return nil
@@ -362,8 +378,9 @@ func (ctrl *PersistentVolumeController) syncUnboundClaim(claim *v1.PersistentVol
 				glog.V(4).Infof("synchronizing unbound PersistentVolumeClaim[%s]: volume is unbound, binding", claimToClaimKey(claim))
 				if err = checkVolumeSatisfyClaim(volume, claim); err != nil {
 					glog.V(4).Infof("Can't bind the claim to volume %q: %v", volume.Name, err)
-					//send a event
-					ctrl.eventRecorder.Event(claim, v1.EventTypeWarning, events.VolumeMismatch, "Volume's size is smaller than requested or volume's class does not match with claim")
+					//send an event
+					msg := fmt.Sprintf("Cannot bind to requested volume %q: %s", volume.Name, err)
+					ctrl.eventRecorder.Event(claim, v1.EventTypeWarning, events.VolumeMismatch, msg)
 					//volume does not satisfy the requirements of the claim
 					if _, err = ctrl.updateClaimStatus(claim, v1.ClaimPending, nil); err != nil {
 						return err
@@ -802,7 +819,7 @@ func (ctrl *PersistentVolumeController) bindVolumeToClaim(volume *v1.PersistentV
 // API server. The claim is not modified in this method!
 func (ctrl *PersistentVolumeController) updateBindVolumeToClaim(volumeClone *v1.PersistentVolume, claim *v1.PersistentVolumeClaim, updateCache bool) (*v1.PersistentVolume, error) {
 	glog.V(2).Infof("claim %q bound to volume %q", claimToClaimKey(claim), volumeClone.Name)
-	newVol, err := ctrl.kubeClient.Core().PersistentVolumes().Update(volumeClone)
+	newVol, err := ctrl.kubeClient.CoreV1().PersistentVolumes().Update(volumeClone)
 	if err != nil {
 		glog.V(4).Infof("updating PersistentVolume[%s]: binding to %q failed: %v", volumeClone.Name, claimToClaimKey(claim), err)
 		return newVol, err
@@ -961,7 +978,7 @@ func (ctrl *PersistentVolumeController) bind(volume *v1.PersistentVolume, claim
 func (ctrl *PersistentVolumeController) unbindVolume(volume *v1.PersistentVolume) error {
 	glog.V(4).Infof("updating PersistentVolume[%s]: rolling back binding from %q", volume.Name, claimrefToClaimKey(volume.Spec.ClaimRef))
 
-	// Save the PV only when any modification is neccessary.
+	// Save the PV only when any modification is necessary.
 	volumeClone := volume.DeepCopy()
 
 	if metav1.HasAnnotation(volume.ObjectMeta, annBoundByController) {
@@ -1041,7 +1058,7 @@ func (ctrl *PersistentVolumeController) recycleVolumeOperation(arg interface{})
 	// so read current volume state now.
 	newVolume, err := ctrl.kubeClient.CoreV1().PersistentVolumes().Get(volume.Name, metav1.GetOptions{})
 	if err != nil {
-		glog.V(3).Infof("error reading peristent volume %q: %v", volume.Name, err)
+		glog.V(3).Infof("error reading persistent volume %q: %v", volume.Name, err)
 		return
 	}
 	needsReclaim, err := ctrl.isVolumeReleased(newVolume)
@@ -1053,6 +1070,17 @@ func (ctrl *PersistentVolumeController) recycleVolumeOperation(arg interface{})
 		glog.V(3).Infof("volume %q no longer needs recycling, skipping", volume.Name)
 		return
 	}
+	pods, used, err := ctrl.isVolumeUsed(newVolume)
+	if err != nil {
+		glog.V(3).Infof("can't recycle volume %q: %v", volume.Name, err)
+		return
+	}
+	if used {
+		msg := fmt.Sprintf("Volume is used by pods: %s", strings.Join(pods, ","))
+		glog.V(3).Infof("can't recycle volume %q: %s", volume.Name, msg)
+		ctrl.eventRecorder.Event(volume, v1.EventTypeNormal, events.VolumeFailedRecycle, msg)
+		return
+	}
 
 	// Use the newest volume copy, this will save us from version conflicts on
 	// saving.
@@ -1120,7 +1148,7 @@ func (ctrl *PersistentVolumeController) deleteVolumeOperation(arg interface{}) e
 	// read current volume state now.
 	newVolume, err := ctrl.kubeClient.CoreV1().PersistentVolumes().Get(volume.Name, metav1.GetOptions{})
 	if err != nil {
-		glog.V(3).Infof("error reading peristent volume %q: %v", volume.Name, err)
+		glog.V(3).Infof("error reading persistent volume %q: %v", volume.Name, err)
 		return nil
 	}
 	needsReclaim, err := ctrl.isVolumeReleased(newVolume)
@@ -1221,6 +1249,32 @@ func (ctrl *PersistentVolumeController) isVolumeReleased(volume *v1.PersistentVo
 	return true, nil
 }
 
+// isVolumeUsed returns list of pods that use given PV.
+func (ctrl *PersistentVolumeController) isVolumeUsed(pv *v1.PersistentVolume) ([]string, bool, error) {
+	if pv.Spec.ClaimRef == nil {
+		return nil, false, nil
+	}
+	claimName := pv.Spec.ClaimRef.Name
+
+	podNames := sets.NewString()
+	pods, err := ctrl.podLister.Pods(pv.Spec.ClaimRef.Namespace).List(labels.Everything())
+	if err != nil {
+		return nil, false, fmt.Errorf("error listing pods: %s", err)
+	}
+	for _, pod := range pods {
+		if util.IsPodTerminated(pod, pod.Status) {
+			continue
+		}
+		for i := range pod.Spec.Volumes {
+			usedPV := &pod.Spec.Volumes[i]
+			if usedPV.PersistentVolumeClaim != nil && usedPV.PersistentVolumeClaim.ClaimName == claimName {
+				podNames.Insert(pod.Namespace + "/" + pod.Name)
+			}
+		}
+	}
+	return podNames.List(), podNames.Len() != 0, nil
+}
+
 // doDeleteVolume finds appropriate delete plugin and deletes given volume. It
 // returns 'true', when the volume was deleted and 'false' when the volume
 // cannot be deleted because of the deleter is external. No error should be
@@ -1250,7 +1304,7 @@ func (ctrl *PersistentVolumeController) doDeleteVolume(volume *v1.PersistentVolu
 
 	opComplete := util.OperationCompleteHook(plugin.GetPluginName(), "volume_delete")
 	err = deleter.Delete()
-	opComplete(err)
+	opComplete(&err)
 	if err != nil {
 		// Deleter failed
 		return false, err
@@ -1373,7 +1427,7 @@ func (ctrl *PersistentVolumeController) provisionClaimOperation(claimObj interfa
 
 	opComplete := util.OperationCompleteHook(plugin.GetPluginName(), "volume_provision")
 	volume, err = provisioner.Provision()
-	opComplete(err)
+	opComplete(&err)
 	if err != nil {
 		strerr := fmt.Sprintf("Failed to provision volume with StorageClass %q: %v", storageClass.Name, err)
 		glog.V(2).Infof("failed to provision volume for claim %q with StorageClass %q: %v", claimToClaimKey(claim), storageClass.Name, err)
@@ -1496,7 +1550,7 @@ func (ctrl *PersistentVolumeController) scheduleOperation(operationName string,
 
 // newRecyclerEventRecorder returns a RecycleEventRecorder that sends all events
 // to given volume.
-func (ctrl *PersistentVolumeController) newRecyclerEventRecorder(volume *v1.PersistentVolume) vol.RecycleEventRecorder {
+func (ctrl *PersistentVolumeController) newRecyclerEventRecorder(volume *v1.PersistentVolume) recyclerclient.RecycleEventRecorder {
 	return func(eventtype, message string) {
 		ctrl.eventRecorder.Eventf(volume, eventtype, events.RecyclerPod, "Recycler pod: %s", message)
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/pv_controller_base.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/pv_controller_base.go
index 2ba5d831cbd3..1b745ef937dd 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/pv_controller_base.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/pv_controller_base.go
@@ -40,6 +40,7 @@ import (
 	"k8s.io/client-go/util/workqueue"
 	"k8s.io/kubernetes/pkg/cloudprovider"
 	"k8s.io/kubernetes/pkg/controller"
+	"k8s.io/kubernetes/pkg/controller/volume/persistentvolume/metrics"
 	"k8s.io/kubernetes/pkg/util/goroutinemap"
 	vol "k8s.io/kubernetes/pkg/volume"
 
@@ -61,6 +62,7 @@ type ControllerParameters struct {
 	VolumeInformer            coreinformers.PersistentVolumeInformer
 	ClaimInformer             coreinformers.PersistentVolumeClaimInformer
 	ClassInformer             storageinformers.StorageClassInformer
+	PodInformer               coreinformers.PodInformer
 	EventRecorder             record.EventRecorder
 	EnableDynamicProvisioning bool
 }
@@ -118,6 +120,8 @@ func NewController(p ControllerParameters) (*PersistentVolumeController, error)
 
 	controller.classLister = p.ClassInformer.Lister()
 	controller.classListerSynced = p.ClassInformer.Informer().HasSynced
+	controller.podLister = p.PodInformer.Lister()
+	controller.podListerSynced = p.PodInformer.Informer().HasSynced
 	return controller, nil
 }
 
@@ -262,9 +266,9 @@ func (ctrl *PersistentVolumeController) Run(stopCh <-chan struct{}) {
 	defer ctrl.volumeQueue.ShutDown()
 
 	glog.Infof("Starting persistent volume controller")
-	defer glog.Infof("Shutting down peristent volume controller")
+	defer glog.Infof("Shutting down persistent volume controller")
 
-	if !controller.WaitForCacheSync("persistent volume", stopCh, ctrl.volumeListerSynced, ctrl.claimListerSynced, ctrl.classListerSynced) {
+	if !controller.WaitForCacheSync("persistent volume", stopCh, ctrl.volumeListerSynced, ctrl.claimListerSynced, ctrl.classListerSynced, ctrl.podListerSynced) {
 		return
 	}
 
@@ -274,6 +278,8 @@ func (ctrl *PersistentVolumeController) Run(stopCh <-chan struct{}) {
 	go wait.Until(ctrl.volumeWorker, time.Second, stopCh)
 	go wait.Until(ctrl.claimWorker, time.Second, stopCh)
 
+	metrics.Register(ctrl.volumes.store, ctrl.claims)
+
 	<-stopCh
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/scheduler_assume_cache.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/scheduler_assume_cache.go
index 28884004d7cc..c5217be0e7e4 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/scheduler_assume_cache.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/scheduler_assume_cache.go
@@ -43,7 +43,7 @@ type AssumeCache interface {
 	Get(objName string) (interface{}, error)
 
 	// List all the objects in the cache
-	List() []interface{}
+	List(indexObj interface{}) []interface{}
 }
 
 type errWrongType struct {
@@ -89,7 +89,11 @@ type assumeCache struct {
 	description string
 
 	// Stores objInfo pointers
-	store cache.Store
+	store cache.Indexer
+
+	// Index function for object
+	indexFunc cache.IndexFunc
+	indexName string
 }
 
 type objInfo struct {
@@ -111,9 +115,21 @@ func objInfoKeyFunc(obj interface{}) (string, error) {
 	return objInfo.name, nil
 }
 
-func NewAssumeCache(informer cache.SharedIndexInformer, description string) *assumeCache {
-	// TODO: index by storageclass
-	c := &assumeCache{store: cache.NewStore(objInfoKeyFunc), description: description}
+func (c *assumeCache) objInfoIndexFunc(obj interface{}) ([]string, error) {
+	objInfo, ok := obj.(*objInfo)
+	if !ok {
+		return []string{""}, &errWrongType{"objInfo", obj}
+	}
+	return c.indexFunc(objInfo.latestObj)
+}
+
+func NewAssumeCache(informer cache.SharedIndexInformer, description, indexName string, indexFunc cache.IndexFunc) *assumeCache {
+	c := &assumeCache{
+		description: description,
+		indexFunc:   indexFunc,
+		indexName:   indexName,
+	}
+	c.store = cache.NewIndexer(objInfoKeyFunc, cache.Indexers{indexName: c.objInfoIndexFunc})
 
 	// Unit tests don't use informers
 	if informer != nil {
@@ -211,12 +227,18 @@ func (c *assumeCache) Get(objName string) (interface{}, error) {
 	return objInfo.latestObj, nil
 }
 
-func (c *assumeCache) List() []interface{} {
+func (c *assumeCache) List(indexObj interface{}) []interface{} {
 	c.mutex.Lock()
 	defer c.mutex.Unlock()
 
 	allObjs := []interface{}{}
-	for _, obj := range c.store.List() {
+	objs, err := c.store.Index(c.indexName, &objInfo{latestObj: indexObj})
+	if err != nil {
+		glog.Errorf("list index error: %v", err)
+		return nil
+	}
+
+	for _, obj := range objs {
 		objInfo, ok := obj.(*objInfo)
 		if !ok {
 			glog.Errorf("list error: %v", &errWrongType{"objInfo", obj})
@@ -280,15 +302,22 @@ type PVAssumeCache interface {
 	AssumeCache
 
 	GetPV(pvName string) (*v1.PersistentVolume, error)
-	ListPVs() []*v1.PersistentVolume
+	ListPVs(storageClassName string) []*v1.PersistentVolume
 }
 
 type pvAssumeCache struct {
 	*assumeCache
 }
 
+func pvStorageClassIndexFunc(obj interface{}) ([]string, error) {
+	if pv, ok := obj.(*v1.PersistentVolume); ok {
+		return []string{pv.Spec.StorageClassName}, nil
+	}
+	return []string{""}, fmt.Errorf("object is not a v1.PersistentVolume: %v", obj)
+}
+
 func NewPVAssumeCache(informer cache.SharedIndexInformer) PVAssumeCache {
-	return &pvAssumeCache{assumeCache: NewAssumeCache(informer, "v1.PersistentVolume")}
+	return &pvAssumeCache{assumeCache: NewAssumeCache(informer, "v1.PersistentVolume", "storageclass", pvStorageClassIndexFunc)}
 }
 
 func (c *pvAssumeCache) GetPV(pvName string) (*v1.PersistentVolume, error) {
@@ -304,8 +333,12 @@ func (c *pvAssumeCache) GetPV(pvName string) (*v1.PersistentVolume, error) {
 	return pv, nil
 }
 
-func (c *pvAssumeCache) ListPVs() []*v1.PersistentVolume {
-	objs := c.List()
+func (c *pvAssumeCache) ListPVs(storageClassName string) []*v1.PersistentVolume {
+	objs := c.List(&v1.PersistentVolume{
+		Spec: v1.PersistentVolumeSpec{
+			StorageClassName: storageClassName,
+		},
+	})
 	pvs := []*v1.PersistentVolume{}
 	for _, obj := range objs {
 		pv, ok := obj.(*v1.PersistentVolume)
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/scheduler_binder.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/scheduler_binder.go
index 7edd1ef459d2..54d2c11ead33 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/scheduler_binder.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/persistentvolume/scheduler_binder.go
@@ -130,7 +130,8 @@ func (b *volumeBinder) GetBindingsCache() PodBindingCache {
 func (b *volumeBinder) FindPodVolumes(pod *v1.Pod, nodeName string) (unboundVolumesSatisfied, boundVolumesSatisfied bool, err error) {
 	podName := getPodName(pod)
 
-	glog.V(4).Infof("FindPodVolumes for pod %q, node %q", podName, nodeName)
+	// Warning: Below log needs high verbosity as it can be printed several times (#60933).
+	glog.V(5).Infof("FindPodVolumes for pod %q, node %q", podName, nodeName)
 
 	// Initialize to true for pods that don't have volumes
 	unboundVolumesSatisfied = true
@@ -350,10 +351,17 @@ func (b *volumeBinder) findMatchingVolumes(pod *v1.Pod, claimsToBind []*bindingI
 	// Sort all the claims by increasing size request to get the smallest fits
 	sort.Sort(byPVCSize(claimsToBind))
 
-	allPVs := b.pvCache.ListPVs()
 	chosenPVs := map[string]*v1.PersistentVolume{}
 
 	for _, bindingInfo := range claimsToBind {
+		// Get storage class name from each PVC
+		storageClassName := ""
+		storageClass := bindingInfo.pvc.Spec.StorageClassName
+		if storageClass != nil {
+			storageClassName = *storageClass
+		}
+		allPVs := b.pvCache.ListPVs(storageClassName)
+
 		// Find a matching PV
 		bindingInfo.pv, err = findMatchingVolume(bindingInfo.pvc, allPVs, node, chosenPVs, true)
 		if err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/pvcprotection/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/volume/pvcprotection/BUILD
index 5c713a259d2b..7794f30168a9 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/pvcprotection/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/pvcprotection/BUILD
@@ -8,8 +8,8 @@ go_library(
     deps = [
         "//pkg/controller:go_default_library",
         "//pkg/util/metrics:go_default_library",
+        "//pkg/util/slice:go_default_library",
         "//pkg/volume/util:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
@@ -27,8 +27,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["pvc_protection_controller_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/volume/pvcprotection",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/controller:go_default_library",
         "//pkg/volume/util:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/pvcprotection/pvc_protection_controller.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/pvcprotection/pvc_protection_controller.go
index 40bf3e5de5c1..7c1ae1f562df 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/pvcprotection/pvc_protection_controller.go
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/pvcprotection/pvc_protection_controller.go
@@ -33,8 +33,8 @@ import (
 	"k8s.io/client-go/util/workqueue"
 	"k8s.io/kubernetes/pkg/controller"
 	"k8s.io/kubernetes/pkg/util/metrics"
+	"k8s.io/kubernetes/pkg/util/slice"
 	volumeutil "k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 // Controller is controller that removes PVCProtectionFinalizer
@@ -153,7 +153,7 @@ func (c *Controller) processPVC(pvcNamespace, pvcName string) error {
 		return err
 	}
 
-	if volumeutil.IsPVCBeingDeleted(pvc) && volumeutil.IsProtectionFinalizerPresent(pvc) {
+	if isDeletionCandidate(pvc) {
 		// PVC should be deleted. Check if it's used and remove finalizer if
 		// it's not.
 		isUsed, err := c.isBeingUsed(pvc)
@@ -165,7 +165,7 @@ func (c *Controller) processPVC(pvcNamespace, pvcName string) error {
 		}
 	}
 
-	if !volumeutil.IsPVCBeingDeleted(pvc) && !volumeutil.IsProtectionFinalizerPresent(pvc) {
+	if needToAddFinalizer(pvc) {
 		// PVC is not being deleted -> it should have the finalizer. The
 		// finalizer should be added by admission plugin, this is just to add
 		// the finalizer to old PVCs that were created before the admission
@@ -177,10 +177,10 @@ func (c *Controller) processPVC(pvcNamespace, pvcName string) error {
 
 func (c *Controller) addFinalizer(pvc *v1.PersistentVolumeClaim) error {
 	claimClone := pvc.DeepCopy()
-	volumeutil.AddProtectionFinalizer(claimClone)
+	claimClone.ObjectMeta.Finalizers = append(claimClone.ObjectMeta.Finalizers, volumeutil.PVCProtectionFinalizer)
 	_, err := c.client.CoreV1().PersistentVolumeClaims(claimClone.Namespace).Update(claimClone)
 	if err != nil {
-		glog.V(3).Infof("Error adding protection finalizer to PVC %s/%s: %v", pvc.Namespace, pvc.Name)
+		glog.V(3).Infof("Error adding protection finalizer to PVC %s/%s: %v", pvc.Namespace, pvc.Name, err)
 		return err
 	}
 	glog.V(3).Infof("Added protection finalizer to PVC %s/%s", pvc.Namespace, pvc.Name)
@@ -189,7 +189,7 @@ func (c *Controller) addFinalizer(pvc *v1.PersistentVolumeClaim) error {
 
 func (c *Controller) removeFinalizer(pvc *v1.PersistentVolumeClaim) error {
 	claimClone := pvc.DeepCopy()
-	volumeutil.RemoveProtectionFinalizer(claimClone)
+	claimClone.ObjectMeta.Finalizers = slice.RemoveString(claimClone.ObjectMeta.Finalizers, volumeutil.PVCProtectionFinalizer, nil)
 	_, err := c.client.CoreV1().PersistentVolumeClaims(claimClone.Namespace).Update(claimClone)
 	if err != nil {
 		glog.V(3).Infof("Error removing protection finalizer from PVC %s/%s: %v", pvc.Namespace, pvc.Name, err)
@@ -213,7 +213,7 @@ func (c *Controller) isBeingUsed(pvc *v1.PersistentVolumeClaim) (bool, error) {
 			glog.V(4).Infof("Skipping unscheduled pod %s when checking PVC %s/%s", pod.Name, pvc.Namespace, pvc.Name)
 			continue
 		}
-		if volumehelper.IsPodTerminated(pod, pod.Status) {
+		if volumeutil.IsPodTerminated(pod, pod.Status) {
 			// This pod is being unmounted/detached or is already
 			// unmounted/detached. It does not block the PVC from deletion.
 			continue
@@ -247,7 +247,7 @@ func (c *Controller) pvcAddedUpdated(obj interface{}) {
 	}
 	glog.V(4).Infof("Got event on PVC %s", key)
 
-	if (!volumeutil.IsPVCBeingDeleted(pvc) && !volumeutil.IsProtectionFinalizerPresent(pvc)) || (volumeutil.IsPVCBeingDeleted(pvc) && volumeutil.IsProtectionFinalizerPresent(pvc)) {
+	if needToAddFinalizer(pvc) || isDeletionCandidate(pvc) {
 		c.queue.Add(key)
 	}
 }
@@ -269,7 +269,7 @@ func (c *Controller) podAddedDeletedUpdated(obj interface{}, deleted bool) {
 	}
 
 	// Filter out pods that can't help us to remove a finalizer on PVC
-	if !deleted && !volumehelper.IsPodTerminated(pod, pod.Status) && pod.Spec.NodeName != "" {
+	if !deleted && !volumeutil.IsPodTerminated(pod, pod.Status) && pod.Spec.NodeName != "" {
 		return
 	}
 
@@ -282,3 +282,11 @@ func (c *Controller) podAddedDeletedUpdated(obj interface{}, deleted bool) {
 		}
 	}
 }
+
+func isDeletionCandidate(pvc *v1.PersistentVolumeClaim) bool {
+	return pvc.ObjectMeta.DeletionTimestamp != nil && slice.ContainsString(pvc.ObjectMeta.Finalizers, volumeutil.PVCProtectionFinalizer, nil)
+}
+
+func needToAddFinalizer(pvc *v1.PersistentVolumeClaim) bool {
+	return pvc.ObjectMeta.DeletionTimestamp == nil && !slice.ContainsString(pvc.ObjectMeta.Finalizers, volumeutil.PVCProtectionFinalizer, nil)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/pvprotection/BUILD b/vendor/k8s.io/kubernetes/pkg/controller/volume/pvprotection/BUILD
new file mode 100644
index 000000000000..76aae9387fdb
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/pvprotection/BUILD
@@ -0,0 +1,59 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["pv_protection_controller.go"],
+    importpath = "k8s.io/kubernetes/pkg/controller/volume/pvprotection",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//pkg/controller:go_default_library",
+        "//pkg/util/metrics:go_default_library",
+        "//pkg/util/slice:go_default_library",
+        "//pkg/volume/util:go_default_library",
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
+        "//vendor/k8s.io/client-go/informers/core/v1:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes:go_default_library",
+        "//vendor/k8s.io/client-go/listers/core/v1:go_default_library",
+        "//vendor/k8s.io/client-go/tools/cache:go_default_library",
+        "//vendor/k8s.io/client-go/util/workqueue:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["pv_protection_controller_test.go"],
+    embed = [":go_default_library"],
+    deps = [
+        "//pkg/controller:go_default_library",
+        "//pkg/volume/util:go_default_library",
+        "//vendor/github.com/davecgh/go-spew/spew:go_default_library",
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/meta:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/client-go/informers:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes/fake:go_default_library",
+        "//vendor/k8s.io/client-go/testing:go_default_library",
+    ],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/pvprotection/pv_protection_controller.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/pvprotection/pv_protection_controller.go
new file mode 100644
index 000000000000..cd4b384141de
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/pvprotection/pv_protection_controller.go
@@ -0,0 +1,208 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package pvprotection
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/golang/glog"
+	"k8s.io/api/core/v1"
+	apierrs "k8s.io/apimachinery/pkg/api/errors"
+	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
+	"k8s.io/apimachinery/pkg/util/wait"
+	coreinformers "k8s.io/client-go/informers/core/v1"
+	clientset "k8s.io/client-go/kubernetes"
+	corelisters "k8s.io/client-go/listers/core/v1"
+	"k8s.io/client-go/tools/cache"
+	"k8s.io/client-go/util/workqueue"
+	"k8s.io/kubernetes/pkg/controller"
+	"k8s.io/kubernetes/pkg/util/metrics"
+	"k8s.io/kubernetes/pkg/util/slice"
+	volumeutil "k8s.io/kubernetes/pkg/volume/util"
+)
+
+// Controller is controller that removes PVProtectionFinalizer
+// from PVs that are not bound to PVCs.
+type Controller struct {
+	client clientset.Interface
+
+	pvLister       corelisters.PersistentVolumeLister
+	pvListerSynced cache.InformerSynced
+
+	queue workqueue.RateLimitingInterface
+}
+
+// NewPVProtectionController returns a new *Controller.
+func NewPVProtectionController(pvInformer coreinformers.PersistentVolumeInformer, cl clientset.Interface) *Controller {
+	e := &Controller{
+		client: cl,
+		queue:  workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "pvprotection"),
+	}
+	if cl != nil && cl.CoreV1().RESTClient().GetRateLimiter() != nil {
+		metrics.RegisterMetricAndTrackRateLimiterUsage("persistentvolume_protection_controller", cl.CoreV1().RESTClient().GetRateLimiter())
+	}
+
+	e.pvLister = pvInformer.Lister()
+	e.pvListerSynced = pvInformer.Informer().HasSynced
+	pvInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
+		AddFunc: e.pvAddedUpdated,
+		UpdateFunc: func(old, new interface{}) {
+			e.pvAddedUpdated(new)
+		},
+	})
+
+	return e
+}
+
+// Run runs the controller goroutines.
+func (c *Controller) Run(workers int, stopCh <-chan struct{}) {
+	defer utilruntime.HandleCrash()
+	defer c.queue.ShutDown()
+
+	glog.Infof("Starting PV protection controller")
+	defer glog.Infof("Shutting down PV protection controller")
+
+	if !controller.WaitForCacheSync("PV protection", stopCh, c.pvListerSynced) {
+		return
+	}
+
+	for i := 0; i < workers; i++ {
+		go wait.Until(c.runWorker, time.Second, stopCh)
+	}
+
+	<-stopCh
+}
+
+func (c *Controller) runWorker() {
+	for c.processNextWorkItem() {
+	}
+}
+
+// processNextWorkItem deals with one pvcKey off the queue.  It returns false when it's time to quit.
+func (c *Controller) processNextWorkItem() bool {
+	pvKey, quit := c.queue.Get()
+	if quit {
+		return false
+	}
+	defer c.queue.Done(pvKey)
+
+	pvName := pvKey.(string)
+
+	err := c.processPV(pvName)
+	if err == nil {
+		c.queue.Forget(pvKey)
+		return true
+	}
+
+	utilruntime.HandleError(fmt.Errorf("PV %v failed with : %v", pvKey, err))
+	c.queue.AddRateLimited(pvKey)
+
+	return true
+}
+
+func (c *Controller) processPV(pvName string) error {
+	glog.V(4).Infof("Processing PV %s", pvName)
+	startTime := time.Now()
+	defer func() {
+		glog.V(4).Infof("Finished processing PV %s (%v)", pvName, time.Now().Sub(startTime))
+	}()
+
+	pv, err := c.pvLister.Get(pvName)
+	if apierrs.IsNotFound(err) {
+		glog.V(4).Infof("PV %s not found, ignoring", pvName)
+		return nil
+	}
+	if err != nil {
+		return err
+	}
+
+	if isDeletionCandidate(pv) {
+		// PV should be deleted. Check if it's used and remove finalizer if
+		// it's not.
+		isUsed := c.isBeingUsed(pv)
+		if !isUsed {
+			return c.removeFinalizer(pv)
+		}
+	}
+
+	if needToAddFinalizer(pv) {
+		// PV is not being deleted -> it should have the finalizer. The
+		// finalizer should be added by admission plugin, this is just to add
+		// the finalizer to old PVs that were created before the admission
+		// plugin was enabled.
+		return c.addFinalizer(pv)
+	}
+	return nil
+}
+
+func (c *Controller) addFinalizer(pv *v1.PersistentVolume) error {
+	pvClone := pv.DeepCopy()
+	pvClone.ObjectMeta.Finalizers = append(pvClone.ObjectMeta.Finalizers, volumeutil.PVProtectionFinalizer)
+	_, err := c.client.CoreV1().PersistentVolumes().Update(pvClone)
+	if err != nil {
+		glog.V(3).Infof("Error adding protection finalizer to PV %s: %v", pv.Name)
+		return err
+	}
+	glog.V(3).Infof("Added protection finalizer to PV %s", pv.Name)
+	return nil
+}
+
+func (c *Controller) removeFinalizer(pv *v1.PersistentVolume) error {
+	pvClone := pv.DeepCopy()
+	pvClone.ObjectMeta.Finalizers = slice.RemoveString(pvClone.ObjectMeta.Finalizers, volumeutil.PVProtectionFinalizer, nil)
+	_, err := c.client.CoreV1().PersistentVolumes().Update(pvClone)
+	if err != nil {
+		glog.V(3).Infof("Error removing protection finalizer from PV %s: %v", pv.Name, err)
+		return err
+	}
+	glog.V(3).Infof("Removed protection finalizer from PV %s", pv.Name)
+	return nil
+}
+
+func (c *Controller) isBeingUsed(pv *v1.PersistentVolume) bool {
+	// check if PV is being bound to a PVC by its status
+	// the status will be updated by PV controller
+	if pv.Status.Phase == v1.VolumeBound {
+		// the PV is being used now
+		return true
+	}
+
+	return false
+}
+
+// pvAddedUpdated reacts to pv added/updated events
+func (c *Controller) pvAddedUpdated(obj interface{}) {
+	pv, ok := obj.(*v1.PersistentVolume)
+	if !ok {
+		utilruntime.HandleError(fmt.Errorf("PV informer returned non-PV object: %#v", obj))
+		return
+	}
+	glog.V(4).Infof("Got event on PV %s", pv.Name)
+
+	if needToAddFinalizer(pv) || isDeletionCandidate(pv) {
+		c.queue.Add(pv.Name)
+	}
+}
+
+func isDeletionCandidate(pv *v1.PersistentVolume) bool {
+	return pv.ObjectMeta.DeletionTimestamp != nil && slice.ContainsString(pv.ObjectMeta.Finalizers, volumeutil.PVProtectionFinalizer, nil)
+}
+
+func needToAddFinalizer(pv *v1.PersistentVolume) bool {
+	return pv.ObjectMeta.DeletionTimestamp == nil && !slice.ContainsString(pv.ObjectMeta.Finalizers, volumeutil.PVProtectionFinalizer, nil)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/credentialprovider/BUILD b/vendor/k8s.io/kubernetes/pkg/credentialprovider/BUILD
index 89f836f49055..e397729b718b 100644
--- a/vendor/k8s.io/kubernetes/pkg/credentialprovider/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/credentialprovider/BUILD
@@ -19,7 +19,6 @@ go_library(
     deps = [
         "//vendor/github.com/docker/docker/api/types:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
-        "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
     ],
 )
@@ -31,8 +30,7 @@ go_test(
         "keyring_test.go",
         "provider_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/credentialprovider",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/github.com/docker/docker/api/types:go_default_library"],
 )
 
@@ -51,6 +49,7 @@ filegroup(
         "//pkg/credentialprovider/azure:all-srcs",
         "//pkg/credentialprovider/gcp:all-srcs",
         "//pkg/credentialprovider/rancher:all-srcs",
+        "//pkg/credentialprovider/secrets:all-srcs",
     ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/credentialprovider/aws/BUILD b/vendor/k8s.io/kubernetes/pkg/credentialprovider/aws/BUILD
index 5cb5b7647f76..198572435588 100644
--- a/vendor/k8s.io/kubernetes/pkg/credentialprovider/aws/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/credentialprovider/aws/BUILD
@@ -23,8 +23,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["aws_credentials_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/credentialprovider/aws",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/credentialprovider:go_default_library",
         "//vendor/github.com/aws/aws-sdk-go/aws:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/credentialprovider/aws/OWNERS b/vendor/k8s.io/kubernetes/pkg/credentialprovider/aws/OWNERS
index 2fedc3d63ba0..5d2b86e103f1 100755
--- a/vendor/k8s.io/kubernetes/pkg/credentialprovider/aws/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/credentialprovider/aws/OWNERS
@@ -4,3 +4,4 @@ reviewers:
 - therc
 - lixiaobing10051267
 - goltermann
+- chrislovecnm
diff --git a/vendor/k8s.io/kubernetes/pkg/credentialprovider/azure/BUILD b/vendor/k8s.io/kubernetes/pkg/credentialprovider/azure/BUILD
index ee3b570baf0a..a52c99dbc82b 100644
--- a/vendor/k8s.io/kubernetes/pkg/credentialprovider/azure/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/credentialprovider/azure/BUILD
@@ -14,13 +14,14 @@ go_library(
     ],
     importpath = "k8s.io/kubernetes/pkg/credentialprovider/azure",
     deps = [
-        "//pkg/cloudprovider/providers/azure:go_default_library",
+        "//pkg/cloudprovider/providers/azure/auth:go_default_library",
         "//pkg/credentialprovider:go_default_library",
         "//vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry:go_default_library",
         "//vendor/github.com/Azure/go-autorest/autorest:go_default_library",
         "//vendor/github.com/Azure/go-autorest/autorest/adal:go_default_library",
         "//vendor/github.com/Azure/go-autorest/autorest/azure:go_default_library",
         "//vendor/github.com/dgrijalva/jwt-go:go_default_library",
+        "//vendor/github.com/ghodss/yaml:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/spf13/pflag:go_default_library",
     ],
@@ -29,8 +30,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["azure_credentials_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/credentialprovider/azure",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/Azure/azure-sdk-for-go/arm/containerregistry:go_default_library",
         "//vendor/github.com/Azure/go-autorest/autorest/to:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/credentialprovider/azure/OWNERS b/vendor/k8s.io/kubernetes/pkg/credentialprovider/azure/OWNERS
new file mode 100644
index 000000000000..6b1eb11dd343
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/credentialprovider/azure/OWNERS
@@ -0,0 +1,12 @@
+approvers:
+- andyzhangx
+- brendandburns
+- feiskyer
+- karataliu
+- khenidak
+reviewers:
+- andyzhangx
+- brendandburns
+- feiskyer
+- karataliu
+- khenidak
diff --git a/vendor/k8s.io/kubernetes/pkg/credentialprovider/azure/azure_credentials.go b/vendor/k8s.io/kubernetes/pkg/credentialprovider/azure/azure_credentials.go
index ff251497ce30..486128dc0eb4 100644
--- a/vendor/k8s.io/kubernetes/pkg/credentialprovider/azure/azure_credentials.go
+++ b/vendor/k8s.io/kubernetes/pkg/credentialprovider/azure/azure_credentials.go
@@ -18,21 +18,23 @@ package azure
 
 import (
 	"io"
+	"io/ioutil"
 	"os"
 	"time"
 
 	"github.com/Azure/azure-sdk-for-go/arm/containerregistry"
 	"github.com/Azure/go-autorest/autorest"
 	"github.com/Azure/go-autorest/autorest/adal"
-	azureapi "github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/ghodss/yaml"
 	"github.com/golang/glog"
 	"github.com/spf13/pflag"
-	"k8s.io/kubernetes/pkg/cloudprovider/providers/azure"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/azure/auth"
 	"k8s.io/kubernetes/pkg/credentialprovider"
 )
 
 var flagConfigFile = pflag.String("azure-container-registry-config", "",
-	"Path to the file container Azure container registry configuration information.")
+	"Path to the file containing Azure container registry configuration information.")
 
 const dummyRegistryEmail = "name@contoso.com"
 
@@ -60,18 +62,44 @@ func NewACRProvider(configFile *string) credentialprovider.DockerConfigProvider
 
 type acrProvider struct {
 	file                  *string
-	config                *azure.Config
-	environment           *azureapi.Environment
+	config                *auth.AzureAuthConfig
+	environment           *azure.Environment
 	registryClient        RegistriesClient
 	servicePrincipalToken *adal.ServicePrincipalToken
 }
 
+// ParseConfig returns a parsed configuration for an Azure cloudprovider config file
+func parseConfig(configReader io.Reader) (*auth.AzureAuthConfig, error) {
+	var config auth.AzureAuthConfig
+
+	if configReader == nil {
+		return &config, nil
+	}
+
+	configContents, err := ioutil.ReadAll(configReader)
+	if err != nil {
+		return nil, err
+	}
+	err = yaml.Unmarshal(configContents, &config)
+	if err != nil {
+		return nil, err
+	}
+
+	return &config, nil
+}
+
 func (a *acrProvider) loadConfig(rdr io.Reader) error {
 	var err error
-	a.config, a.environment, err = azure.ParseConfig(rdr)
+	a.config, err = parseConfig(rdr)
 	if err != nil {
 		glog.Errorf("Failed to load azure credential file: %v", err)
 	}
+
+	a.environment, err = auth.ParseAzureEnvironment(a.config.Cloud)
+	if err != nil {
+		return err
+	}
+
 	return nil
 }
 
@@ -94,7 +122,7 @@ func (a *acrProvider) Enabled() bool {
 		return false
 	}
 
-	a.servicePrincipalToken, err = azure.GetServicePrincipalToken(a.config, a.environment)
+	a.servicePrincipalToken, err = auth.GetServicePrincipalToken(a.config, a.environment)
 	if err != nil {
 		glog.Errorf("Failed to create service principal token: %v", err)
 		return false
@@ -145,7 +173,7 @@ func getLoginServer(registry containerregistry.Registry) string {
 }
 
 func getACRDockerEntryFromARMToken(a *acrProvider, loginServer string) (*credentialprovider.DockerConfigEntry, error) {
-	armAccessToken := a.servicePrincipalToken.AccessToken
+	armAccessToken := a.servicePrincipalToken.OAuthToken()
 
 	glog.V(4).Infof("discovering auth redirects for: %s", loginServer)
 	directive, err := receiveChallengeFromLoginServer(loginServer)
diff --git a/vendor/k8s.io/kubernetes/pkg/credentialprovider/gcp/BUILD b/vendor/k8s.io/kubernetes/pkg/credentialprovider/gcp/BUILD
index 4d903e0dcf70..8f39959603ad 100644
--- a/vendor/k8s.io/kubernetes/pkg/credentialprovider/gcp/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/credentialprovider/gcp/BUILD
@@ -31,8 +31,7 @@ go_test(
         "jwt_test.go",
         "metadata_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/credentialprovider/gcp",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/credentialprovider:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/credentialprovider/gcp/jwt.go b/vendor/k8s.io/kubernetes/pkg/credentialprovider/gcp/jwt.go
index b34c0fcaaf05..d187560a3513 100644
--- a/vendor/k8s.io/kubernetes/pkg/credentialprovider/gcp/jwt.go
+++ b/vendor/k8s.io/kubernetes/pkg/credentialprovider/gcp/jwt.go
@@ -31,10 +31,11 @@ import (
 
 const (
 	storageReadOnlyScope = "https://www.googleapis.com/auth/devstorage.read_only"
+	jwtFileFlagName      = "google-json-key"
 )
 
 var (
-	flagJwtFile = pflag.String("google-json-key", "",
+	flagJwtFile = pflag.String(jwtFileFlagName, "",
 		"The Google Cloud Platform Service Account JSON Key to use for authentication.")
 )
 
@@ -49,6 +50,9 @@ type jwtProvider struct {
 // init registers the various means by which credentials may
 // be resolved on GCP.
 func init() {
+	pflag.CommandLine.MarkDeprecated(jwtFileFlagName, "Will be removed in a future version. "+
+		"To maintain node-level authentication, credentials should instead be included in a docker "+
+		"config.json file, located inside the Kubelet's --root-dir.")
 	credentialprovider.RegisterCredentialProvider("google-jwt-key",
 		&credentialprovider.CachingDockerConfigProvider{
 			Provider: &jwtProvider{
diff --git a/vendor/k8s.io/kubernetes/pkg/credentialprovider/gcp/metadata.go b/vendor/k8s.io/kubernetes/pkg/credentialprovider/gcp/metadata.go
index 0216e2a80eb9..4c668d0b3847 100644
--- a/vendor/k8s.io/kubernetes/pkg/credentialprovider/gcp/metadata.go
+++ b/vendor/k8s.io/kubernetes/pkg/credentialprovider/gcp/metadata.go
@@ -39,7 +39,6 @@ const (
 	metadataEmail            = metadataUrl + "instance/service-accounts/default/email"
 	storageScopePrefix       = "https://www.googleapis.com/auth/devstorage"
 	cloudPlatformScopePrefix = "https://www.googleapis.com/auth/cloud-platform"
-	googleProductName        = "Google"
 	defaultServiceAccount    = "default/"
 )
 
@@ -121,7 +120,8 @@ func onGCEVM() bool {
 		glog.V(2).Infof("Error while reading product_name: %v", err)
 		return false
 	}
-	return strings.Contains(string(data), googleProductName)
+	name := strings.TrimSpace(string(data))
+	return name == "Google" || name == "Google Compute Engine"
 }
 
 // Enabled implements DockerConfigProvider for all of the Google implementations.
diff --git a/vendor/k8s.io/kubernetes/pkg/credentialprovider/keyring.go b/vendor/k8s.io/kubernetes/pkg/credentialprovider/keyring.go
index 9ec96312577e..b269f474600f 100644
--- a/vendor/k8s.io/kubernetes/pkg/credentialprovider/keyring.go
+++ b/vendor/k8s.io/kubernetes/pkg/credentialprovider/keyring.go
@@ -17,7 +17,6 @@ limitations under the License.
 package credentialprovider
 
 import (
-	"encoding/json"
 	"net"
 	"net/url"
 	"path/filepath"
@@ -27,7 +26,6 @@ import (
 	"github.com/golang/glog"
 
 	dockertypes "github.com/docker/docker/api/types"
-	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/util/sets"
 )
 
@@ -284,14 +282,12 @@ func (f *FakeKeyring) Lookup(image string) ([]LazyAuthConfiguration, bool) {
 	return f.auth, f.ok
 }
 
-// unionDockerKeyring delegates to a set of keyrings.
-type unionDockerKeyring struct {
-	keyrings []DockerKeyring
-}
+// UnionDockerKeyring delegates to a set of keyrings.
+type UnionDockerKeyring []DockerKeyring
 
-func (k *unionDockerKeyring) Lookup(image string) ([]LazyAuthConfiguration, bool) {
+func (k UnionDockerKeyring) Lookup(image string) ([]LazyAuthConfiguration, bool) {
 	authConfigs := []LazyAuthConfiguration{}
-	for _, subKeyring := range k.keyrings {
+	for _, subKeyring := range k {
 		if subKeyring == nil {
 			continue
 		}
@@ -302,37 +298,3 @@ func (k *unionDockerKeyring) Lookup(image string) ([]LazyAuthConfiguration, bool
 
 	return authConfigs, (len(authConfigs) > 0)
 }
-
-// MakeDockerKeyring inspects the passedSecrets to see if they contain any DockerConfig secrets.  If they do,
-// then a DockerKeyring is built based on every hit and unioned with the defaultKeyring.
-// If they do not, then the default keyring is returned
-func MakeDockerKeyring(passedSecrets []v1.Secret, defaultKeyring DockerKeyring) (DockerKeyring, error) {
-	passedCredentials := []DockerConfig{}
-	for _, passedSecret := range passedSecrets {
-		if dockerConfigJsonBytes, dockerConfigJsonExists := passedSecret.Data[v1.DockerConfigJsonKey]; (passedSecret.Type == v1.SecretTypeDockerConfigJson) && dockerConfigJsonExists && (len(dockerConfigJsonBytes) > 0) {
-			dockerConfigJson := DockerConfigJson{}
-			if err := json.Unmarshal(dockerConfigJsonBytes, &dockerConfigJson); err != nil {
-				return nil, err
-			}
-
-			passedCredentials = append(passedCredentials, dockerConfigJson.Auths)
-		} else if dockercfgBytes, dockercfgExists := passedSecret.Data[v1.DockerConfigKey]; (passedSecret.Type == v1.SecretTypeDockercfg) && dockercfgExists && (len(dockercfgBytes) > 0) {
-			dockercfg := DockerConfig{}
-			if err := json.Unmarshal(dockercfgBytes, &dockercfg); err != nil {
-				return nil, err
-			}
-
-			passedCredentials = append(passedCredentials, dockercfg)
-		}
-	}
-
-	if len(passedCredentials) > 0 {
-		basicKeyring := &BasicDockerKeyring{}
-		for _, currCredentials := range passedCredentials {
-			basicKeyring.Add(currCredentials)
-		}
-		return &unionDockerKeyring{[]DockerKeyring{basicKeyring, defaultKeyring}}, nil
-	}
-
-	return defaultKeyring, nil
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/credentialprovider/rancher/BUILD b/vendor/k8s.io/kubernetes/pkg/credentialprovider/rancher/BUILD
index afc26b6ddef8..af1f490b1038 100644
--- a/vendor/k8s.io/kubernetes/pkg/credentialprovider/rancher/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/credentialprovider/rancher/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["rancher_registry_credentials_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/credentialprovider/rancher",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/credentialprovider:go_default_library",
         "//vendor/github.com/rancher/go-rancher/client:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/util/BUILD b/vendor/k8s.io/kubernetes/pkg/credentialprovider/secrets/BUILD
similarity index 68%
rename from vendor/k8s.io/kubernetes/pkg/controller/volume/expand/util/BUILD
rename to vendor/k8s.io/kubernetes/pkg/credentialprovider/secrets/BUILD
index b7bb8c69f0ac..15d41a637116 100644
--- a/vendor/k8s.io/kubernetes/pkg/controller/volume/expand/util/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/credentialprovider/secrets/BUILD
@@ -2,13 +2,12 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library")
 
 go_library(
     name = "go_default_library",
-    srcs = ["util.go"],
-    importpath = "k8s.io/kubernetes/pkg/controller/volume/expand/util",
+    srcs = ["secrets.go"],
+    importpath = "k8s.io/kubernetes/pkg/credentialprovider/secrets",
     visibility = ["//visibility:public"],
     deps = [
-        "//vendor/github.com/golang/glog:go_default_library",
+        "//pkg/credentialprovider:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
-        "//vendor/k8s.io/client-go/kubernetes:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/credentialprovider/secrets/secrets.go b/vendor/k8s.io/kubernetes/pkg/credentialprovider/secrets/secrets.go
new file mode 100644
index 000000000000..d5397d931c27
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/credentialprovider/secrets/secrets.go
@@ -0,0 +1,58 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package secrets
+
+import (
+	"encoding/json"
+
+	"k8s.io/api/core/v1"
+	"k8s.io/kubernetes/pkg/credentialprovider"
+)
+
+// MakeDockerKeyring inspects the passedSecrets to see if they contain any DockerConfig secrets.  If they do,
+// then a DockerKeyring is built based on every hit and unioned with the defaultKeyring.
+// If they do not, then the default keyring is returned
+func MakeDockerKeyring(passedSecrets []v1.Secret, defaultKeyring credentialprovider.DockerKeyring) (credentialprovider.DockerKeyring, error) {
+	passedCredentials := []credentialprovider.DockerConfig{}
+	for _, passedSecret := range passedSecrets {
+		if dockerConfigJSONBytes, dockerConfigJSONExists := passedSecret.Data[v1.DockerConfigJsonKey]; (passedSecret.Type == v1.SecretTypeDockerConfigJson) && dockerConfigJSONExists && (len(dockerConfigJSONBytes) > 0) {
+			dockerConfigJSON := credentialprovider.DockerConfigJson{}
+			if err := json.Unmarshal(dockerConfigJSONBytes, &dockerConfigJSON); err != nil {
+				return nil, err
+			}
+
+			passedCredentials = append(passedCredentials, dockerConfigJSON.Auths)
+		} else if dockercfgBytes, dockercfgExists := passedSecret.Data[v1.DockerConfigKey]; (passedSecret.Type == v1.SecretTypeDockercfg) && dockercfgExists && (len(dockercfgBytes) > 0) {
+			dockercfg := credentialprovider.DockerConfig{}
+			if err := json.Unmarshal(dockercfgBytes, &dockercfg); err != nil {
+				return nil, err
+			}
+
+			passedCredentials = append(passedCredentials, dockercfg)
+		}
+	}
+
+	if len(passedCredentials) > 0 {
+		basicKeyring := &credentialprovider.BasicDockerKeyring{}
+		for _, currCredentials := range passedCredentials {
+			basicKeyring.Add(currCredentials)
+		}
+		return credentialprovider.UnionDockerKeyring{basicKeyring, defaultKeyring}, nil
+	}
+
+	return defaultKeyring, nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/features/kube_features.go b/vendor/k8s.io/kubernetes/pkg/features/kube_features.go
index fbe2a0109ff7..dd8f24c28957 100644
--- a/vendor/k8s.io/kubernetes/pkg/features/kube_features.go
+++ b/vendor/k8s.io/kubernetes/pkg/features/kube_features.go
@@ -33,18 +33,10 @@ const (
 	// beta: v1.4
 	AppArmor utilfeature.Feature = "AppArmor"
 
-	// owner: @girishkalele
-	// alpha: v1.4
-	ExternalTrafficLocalOnly utilfeature.Feature = "AllowExtTrafficLocalEndpoints"
-
 	// owner: @mtaufen
 	// alpha: v1.4
 	DynamicKubeletConfig utilfeature.Feature = "DynamicKubeletConfig"
 
-	// owner: @mtaufen
-	// alpha: v1.8
-	KubeletConfigFile utilfeature.Feature = "KubeletConfigFile"
-
 	// owner: @pweil-
 	// alpha: v1.5
 	//
@@ -64,16 +56,17 @@ const (
 	// owner: @vishh
 	// alpha: v1.6
 	//
+	// This is deprecated and will be removed in v1.11. Use DevicePlugins instead.
+	//
 	// Enables support for GPUs as a schedulable resource.
 	// Only Nvidia GPUs are supported as of v1.6.
 	// Works only with Docker Container Runtime.
 	Accelerators utilfeature.Feature = "Accelerators"
 
 	// owner: @jiayingz
-	// alpha: v1.8
+	// beta: v1.10
 	//
 	// Enables support for Device Plugins
-	// Only Nvidia GPUs are tested as of v1.8.
 	DevicePlugins utilfeature.Feature = "DevicePlugins"
 
 	// owner: @gmarek
@@ -105,7 +98,7 @@ const (
 	PersistentLocalVolumes utilfeature.Feature = "PersistentLocalVolumes"
 
 	// owner: @jinxu
-	// alpha: v1.7
+	// beta: v1.10
 	//
 	// New local storage types to support local storage capacity isolation
 	LocalStorageCapacityIsolation utilfeature.Feature = "LocalStorageCapacityIsolation"
@@ -116,11 +109,17 @@ const (
 	ExpandPersistentVolumes utilfeature.Feature = "ExpandPersistentVolumes"
 
 	// owner: @verb
-	// alpha: v1.8
+	// alpha: v1.10
 	//
 	// Allows running a "debug container" in a pod namespaces to troubleshoot a running pod.
 	DebugContainers utilfeature.Feature = "DebugContainers"
 
+	// owner: @verb
+	// alpha: v1.10
+	//
+	// Allows all containers in a pod to share a process namespace.
+	PodShareProcessNamespace utilfeature.Feature = "PodShareProcessNamespace"
+
 	// owner: @bsalamat
 	// alpha: v1.8
 	//
@@ -141,7 +140,7 @@ const (
 	TaintNodesByCondition utilfeature.Feature = "TaintNodesByCondition"
 
 	// owner: @jsafrane
-	// alpha: v1.8
+	// beta: v1.10
 	//
 	// Enable mount propagation of volumes.
 	MountPropagation utilfeature.Feature = "MountPropagation"
@@ -153,13 +152,13 @@ const (
 	CPUManager utilfeature.Feature = "CPUManager"
 
 	// owner: @derekwaynecarr
-	// alpha: v1.8
+	// beta: v1.10
 	//
 	// Enable pods to consume pre-allocated huge pages of varying page sizes
 	HugePages utilfeature.Feature = "HugePages"
 
 	// owner @brendandburns
-	// alpha: v1.8
+	// alpha: v1.9
 	//
 	// Enable nodes to exclude themselves from service load balancers
 	ServiceNodeExclusion utilfeature.Feature = "ServiceNodeExclusion"
@@ -168,7 +167,7 @@ const (
 	// deprecated: v1.10
 	//
 	// Enable the service proxy to contact external IP addresses. Note this feature is present
-	// only for backward compatability, it will be removed in the 1.11 release.
+	// only for backward compatibility, it will be removed in the 1.11 release.
 	ServiceProxyAllowExternalIPs utilfeature.Feature = "ServiceProxyAllowExternalIPs"
 
 	// owner: @jsafrane
@@ -191,7 +190,7 @@ const (
 	CSIPersistentVolume utilfeature.Feature = "CSIPersistentVolume"
 
 	// owner @MrHohn
-	// alpha: v1.9
+	// beta: v1.10
 	//
 	// Support configurable pod DNS parameters.
 	CustomPodDNS utilfeature.Feature = "CustomPodDNS"
@@ -203,10 +202,10 @@ const (
 	BlockVolume utilfeature.Feature = "BlockVolume"
 
 	// owner: @pospispa
+	// beta: v1.10
 	//
-	// alpha: v1.9
-	// Postpone deletion of a persistent volume claim in case it is used by a pod
-	PVCProtection utilfeature.Feature = "PVCProtection"
+	// Postpone deletion of a PV or a PVC when they are being used
+	StorageObjectInUseProtection utilfeature.Feature = "StorageObjectInUseProtection"
 
 	// owner: @aveshagarwal
 	// alpha: v1.9
@@ -220,13 +219,55 @@ const (
 	// Implement IPVS-based in-cluster service load balancing
 	SupportIPVSProxyMode utilfeature.Feature = "SupportIPVSProxyMode"
 
+	// owner: @dims
+	// alpha: v1.10
+	//
+	// Implement support for limiting pids in pods
+	SupportPodPidsLimit utilfeature.Feature = "SupportPodPidsLimit"
+
+	// owner: @feiskyer
+	// alpha: v1.10
+	//
+	// Enable Hyper-V containers on Windows
+	HyperVContainer utilfeature.Feature = "HyperVContainer"
+
 	// owner: @joelsmith
 	// deprecated: v1.10
 	//
 	// Mount secret, configMap, downwardAPI and projected volumes ReadOnly. Note: this feature
-	// gate is present only for backward compatability, it will be removed in the 1.11 release.
+	// gate is present only for backward compatibility, it will be removed in the 1.11 release.
 	ReadOnlyAPIDataVolumes utilfeature.Feature = "ReadOnlyAPIDataVolumes"
 
+	// owner: @k82cn
+	// alpha: v1.10
+	//
+	// Schedule DaemonSet Pods by default scheduler instead of DaemonSet controller
+	ScheduleDaemonSetPods utilfeature.Feature = "ScheduleDaemonSetPods"
+
+	// owner: @mikedanese
+	// alpha: v1.10
+	//
+	// Implement TokenRequest endpoint on service account resources.
+	TokenRequest utilfeature.Feature = "TokenRequest"
+
+	// owner: @Random-Liu
+	// alpha: v1.10
+	//
+	// Enable container log rotation for cri container runtime
+	CRIContainerLogRotation utilfeature.Feature = "CRIContainerLogRotation"
+
+	// owner: @verult
+	// beta: v1.10
+	//
+	// Enables the regional PD feature on GCE.
+	GCERegionalPersistentDisk utilfeature.Feature = "GCERegionalPersistentDisk"
+
+	// owner: @krmayankk
+	// alpha: v1.10
+	//
+	// Enables control over the primary group ID of containers' init processes.
+	RunAsGroup utilfeature.Feature = "RunAsGroup"
+
 	// owner: @saad-ali
 	// ga
 	//
@@ -243,36 +284,42 @@ func init() {
 // To add a new feature, define a key for it above and add it here. The features will be
 // available throughout Kubernetes binaries.
 var defaultKubernetesFeatureGates = map[utilfeature.Feature]utilfeature.FeatureSpec{
-	ExternalTrafficLocalOnly:                    {Default: true, PreRelease: utilfeature.GA},
 	AppArmor:                                    {Default: true, PreRelease: utilfeature.Beta},
 	DynamicKubeletConfig:                        {Default: false, PreRelease: utilfeature.Alpha},
-	KubeletConfigFile:                           {Default: false, PreRelease: utilfeature.Alpha},
 	ExperimentalHostUserNamespaceDefaultingGate: {Default: false, PreRelease: utilfeature.Beta},
 	ExperimentalCriticalPodAnnotation:           {Default: false, PreRelease: utilfeature.Alpha},
 	Accelerators:                                {Default: false, PreRelease: utilfeature.Alpha},
-	DevicePlugins:                               {Default: false, PreRelease: utilfeature.Alpha},
+	DevicePlugins:                               {Default: true, PreRelease: utilfeature.Beta},
 	TaintBasedEvictions:                         {Default: false, PreRelease: utilfeature.Alpha},
 	RotateKubeletServerCertificate:              {Default: false, PreRelease: utilfeature.Alpha},
 	RotateKubeletClientCertificate:              {Default: true, PreRelease: utilfeature.Beta},
-	PersistentLocalVolumes:                      {Default: false, PreRelease: utilfeature.Alpha},
-	LocalStorageCapacityIsolation:               {Default: false, PreRelease: utilfeature.Alpha},
-	HugePages:                                   {Default: false, PreRelease: utilfeature.Alpha},
+	PersistentLocalVolumes:                      {Default: true, PreRelease: utilfeature.Beta},
+	LocalStorageCapacityIsolation:               {Default: true, PreRelease: utilfeature.Beta},
+	HugePages:                                   {Default: true, PreRelease: utilfeature.Beta},
 	DebugContainers:                             {Default: false, PreRelease: utilfeature.Alpha},
+	PodShareProcessNamespace:                    {Default: false, PreRelease: utilfeature.Alpha},
 	PodPriority:                                 {Default: false, PreRelease: utilfeature.Alpha},
 	EnableEquivalenceClassCache:                 {Default: false, PreRelease: utilfeature.Alpha},
 	TaintNodesByCondition:                       {Default: false, PreRelease: utilfeature.Alpha},
-	MountPropagation:                            {Default: false, PreRelease: utilfeature.Alpha},
+	MountPropagation:                            {Default: true, PreRelease: utilfeature.Beta},
 	ExpandPersistentVolumes:                     {Default: false, PreRelease: utilfeature.Alpha},
-	CPUManager:                                  {Default: false, PreRelease: utilfeature.Alpha},
+	CPUManager:                                  {Default: true, PreRelease: utilfeature.Beta},
 	ServiceNodeExclusion:                        {Default: false, PreRelease: utilfeature.Alpha},
 	MountContainers:                             {Default: false, PreRelease: utilfeature.Alpha},
-	VolumeScheduling:                            {Default: false, PreRelease: utilfeature.Alpha},
-	CSIPersistentVolume:                         {Default: false, PreRelease: utilfeature.Alpha},
-	CustomPodDNS:                                {Default: false, PreRelease: utilfeature.Alpha},
+	VolumeScheduling:                            {Default: true, PreRelease: utilfeature.Beta},
+	CSIPersistentVolume:                         {Default: true, PreRelease: utilfeature.Beta},
+	CustomPodDNS:                                {Default: true, PreRelease: utilfeature.Beta},
 	BlockVolume:                                 {Default: false, PreRelease: utilfeature.Alpha},
-	PVCProtection:                               {Default: false, PreRelease: utilfeature.Alpha},
+	StorageObjectInUseProtection:                {Default: true, PreRelease: utilfeature.Beta},
 	ResourceLimitsPriorityFunction:              {Default: false, PreRelease: utilfeature.Alpha},
-	SupportIPVSProxyMode:                        {Default: false, PreRelease: utilfeature.Beta},
+	SupportIPVSProxyMode:                        {Default: true, PreRelease: utilfeature.Beta},
+	SupportPodPidsLimit:                         {Default: false, PreRelease: utilfeature.Alpha},
+	HyperVContainer:                             {Default: false, PreRelease: utilfeature.Alpha},
+	ScheduleDaemonSetPods:                       {Default: false, PreRelease: utilfeature.Alpha},
+	TokenRequest:                                {Default: false, PreRelease: utilfeature.Alpha},
+	CRIContainerLogRotation:                     {Default: false, PreRelease: utilfeature.Alpha},
+	GCERegionalPersistentDisk:                   {Default: true, PreRelease: utilfeature.Beta},
+	RunAsGroup:                                  {Default: false, PreRelease: utilfeature.Alpha},
 	VolumeSubpath:                               {Default: true, PreRelease: utilfeature.GA},
 
 	// inherited features from generic apiserver, relisted here to get a conflict if it is changed
@@ -285,9 +332,10 @@ var defaultKubernetesFeatureGates = map[utilfeature.Feature]utilfeature.FeatureS
 
 	// inherited features from apiextensions-apiserver, relisted here to get a conflict if it is changed
 	// unintentionally on either side:
-	apiextensionsfeatures.CustomResourceValidation: {Default: true, PreRelease: utilfeature.Beta},
+	apiextensionsfeatures.CustomResourceValidation:   {Default: true, PreRelease: utilfeature.Beta},
+	apiextensionsfeatures.CustomResourceSubresources: {Default: false, PreRelease: utilfeature.Alpha},
 
-	// features that enable backwards compatability but are scheduled to be removed
+	// features that enable backwards compatibility but are scheduled to be removed
 	ServiceProxyAllowExternalIPs: {Default: false, PreRelease: utilfeature.Deprecated},
 	ReadOnlyAPIDataVolumes:       {Default: true, PreRelease: utilfeature.Deprecated},
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/fieldpath/BUILD b/vendor/k8s.io/kubernetes/pkg/fieldpath/BUILD
index 0e4dae6a921e..b3cde577f4a5 100644
--- a/vendor/k8s.io/kubernetes/pkg/fieldpath/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/fieldpath/BUILD
@@ -22,8 +22,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["fieldpath_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/fieldpath",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/generated/openapi/BUILD b/vendor/k8s.io/kubernetes/pkg/generated/openapi/BUILD
index 5c2245822149..444088c8ae5c 100644
--- a/vendor/k8s.io/kubernetes/pkg/generated/openapi/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/generated/openapi/BUILD
@@ -14,7 +14,7 @@ openapi_library(
         "pkg/apis/abac/v0",
         "pkg/apis/abac/v1beta1",
         "pkg/apis/componentconfig/v1alpha1",
-        "pkg/kubelet/apis/kubeletconfig/v1alpha1",
+        "pkg/kubelet/apis/kubeletconfig/v1beta1",
         "pkg/proxy/apis/kubeproxyconfig/v1alpha1",
         "pkg/version",
     ],
@@ -54,7 +54,7 @@ openapi_library(
         "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1",
         "k8s.io/apimachinery/pkg/api/resource",
         "k8s.io/apimachinery/pkg/apis/meta/v1",
-        "k8s.io/apimachinery/pkg/apis/meta/v1alpha1",
+        "k8s.io/apimachinery/pkg/apis/meta/v1beta1",
         "k8s.io/apimachinery/pkg/apis/testapigroup/v1",
         "k8s.io/apimachinery/pkg/runtime",
         "k8s.io/apimachinery/pkg/util/intstr",
@@ -63,9 +63,12 @@ openapi_library(
         "k8s.io/apiserver/pkg/apis/audit/v1beta1",
         "k8s.io/apiserver/pkg/apis/example/v1",
         "k8s.io/apiserver/pkg/apis/example2/v1",
+        "k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1",
         "k8s.io/client-go/pkg/version",
+        "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1",
         "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1",
         "k8s.io/metrics/pkg/apis/custom_metrics/v1beta1",
+        "k8s.io/metrics/pkg/apis/external_metrics/v1beta1",
         "k8s.io/metrics/pkg/apis/metrics/v1alpha1",
         "k8s.io/metrics/pkg/apis/metrics/v1beta1",
     ],
diff --git a/vendor/k8s.io/kubernetes/pkg/generated/openapi/def.bzl b/vendor/k8s.io/kubernetes/pkg/generated/openapi/def.bzl
index 87fa23acd1c7..dcb894282f21 100644
--- a/vendor/k8s.io/kubernetes/pkg/generated/openapi/def.bzl
+++ b/vendor/k8s.io/kubernetes/pkg/generated/openapi/def.bzl
@@ -1,3 +1,17 @@
+# Copyright 2017 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 load("@io_bazel_rules_go//go:def.bzl", "go_library")
 load("@io_kubernetes_build//defs:go.bzl", "go_genrule")
 
diff --git a/vendor/k8s.io/kubernetes/pkg/generated/openapi/zz_generated.openapi.go b/vendor/k8s.io/kubernetes/pkg/generated/openapi/zz_generated.openapi.go
index f5d42f08c205..f85c7e862dbb 100644
--- a/vendor/k8s.io/kubernetes/pkg/generated/openapi/zz_generated.openapi.go
+++ b/vendor/k8s.io/kubernetes/pkg/generated/openapi/zz_generated.openapi.go
@@ -16,6 +16,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by openapi-gen. DO NOT EDIT.
+
 // This file was autogenerated by openapi-gen. Do not edit it manually!
 
 package openapi
@@ -569,7 +571,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"rules": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Rules describes what operations on what resources/subresources the webhook cares about. The webhook cares about an operation if it matches _any_ Rule.",
+								Description: "Rules describes what operations on what resources/subresources the webhook cares about. The webhook cares about an operation if it matches _any_ Rule. However, in order to prevent ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks from putting the cluster in a state which cannot be recovered from without completely disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
@@ -1594,7 +1596,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"maxSurge": {
 							SchemaProps: spec.SchemaProps{
-								Description: "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new RC can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new RC can be scaled up further, ensuring that total number of pods running at any time during the update is atmost 130% of desired pods.",
+								Description: "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new RC can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new RC can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods.",
 								Ref:         ref("k8s.io/apimachinery/pkg/util/intstr.IntOrString"),
 							},
 						},
@@ -4261,6 +4263,149 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			Dependencies: []string{
 				"k8s.io/api/apps/v1beta2.RollingUpdateStatefulSetStrategy"},
 		},
+		"k8s.io/api/authentication/v1.BoundObjectReference": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "BoundObjectReference is a reference to an object that a token is bound to.",
+					Properties: map[string]spec.Schema{
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Kind of the referent. Valid kinds are 'Pod' and 'Secret'.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"apiVersion": {
+							SchemaProps: spec.SchemaProps{
+								Description: "API version of the referent.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"name": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Name of the referent.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"uid": {
+							SchemaProps: spec.SchemaProps{
+								Description: "UID of the referent.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+					},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/api/authentication/v1.TokenRequest": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "TokenRequest requests a token for a given service account.",
+					Properties: map[string]spec.Schema{
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"apiVersion": {
+							SchemaProps: spec.SchemaProps{
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"metadata": {
+							SchemaProps: spec.SchemaProps{
+								Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
+							},
+						},
+						"spec": {
+							SchemaProps: spec.SchemaProps{
+								Ref: ref("k8s.io/api/authentication/v1.TokenRequestSpec"),
+							},
+						},
+						"status": {
+							SchemaProps: spec.SchemaProps{
+								Ref: ref("k8s.io/api/authentication/v1.TokenRequestStatus"),
+							},
+						},
+					},
+					Required: []string{"spec"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/api/authentication/v1.TokenRequestSpec", "k8s.io/api/authentication/v1.TokenRequestStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+		},
+		"k8s.io/api/authentication/v1.TokenRequestSpec": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "TokenRequestSpec contains client provided parameters of a token request.",
+					Properties: map[string]spec.Schema{
+						"audiences": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Audiences are the intendend audiences of the token. A recipient of a token must identitfy themself with an identifier in the list of audiences of the token, and otherwise should reject the token. A token issued for multiple audiences may be used to authenticate against any of the audiences listed but implies a high degree of trust between the target audiences.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
+							},
+						},
+						"expirationSeconds": {
+							SchemaProps: spec.SchemaProps{
+								Description: "ExpirationSeconds is the requested duration of validity of the request. The token issuer may return a token with a different validity duration so a client needs to check the 'expiration' field in a response.",
+								Type:        []string{"integer"},
+								Format:      "int64",
+							},
+						},
+						"boundObjectRef": {
+							SchemaProps: spec.SchemaProps{
+								Description: "BoundObjectRef is a reference to an object that the token will be bound to. The token will only be valid for as long as the bound objet exists.",
+								Ref:         ref("k8s.io/api/authentication/v1.BoundObjectReference"),
+							},
+						},
+					},
+					Required: []string{"audiences"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/api/authentication/v1.BoundObjectReference"},
+		},
+		"k8s.io/api/authentication/v1.TokenRequestStatus": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "TokenRequestStatus is the result of a token request.",
+					Properties: map[string]spec.Schema{
+						"token": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Token is the opaque bearer token.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"expirationTimestamp": {
+							SchemaProps: spec.SchemaProps{
+								Description: "ExpirationTimestamp is the time of expiration of the returned token.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"),
+							},
+						},
+					},
+					Required: []string{"token", "expirationTimestamp"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/apis/meta/v1.Time"},
+		},
 		"k8s.io/api/authentication/v1.TokenReview": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
@@ -5719,6 +5864,80 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			},
 			Dependencies: []string{},
 		},
+		"k8s.io/api/autoscaling/v1.ExternalMetricSource": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "ExternalMetricSource indicates how to scale on a metric not associated with any Kubernetes object (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).",
+					Properties: map[string]spec.Schema{
+						"metricName": {
+							SchemaProps: spec.SchemaProps{
+								Description: "metricName is the name of the metric in question.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"metricSelector": {
+							SchemaProps: spec.SchemaProps{
+								Description: "metricSelector is used to identify a specific time series within a given metric.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"),
+							},
+						},
+						"targetValue": {
+							SchemaProps: spec.SchemaProps{
+								Description: "targetValue is the target value of the metric (as a quantity). Mutually exclusive with TargetAverageValue.",
+								Ref:         ref("k8s.io/apimachinery/pkg/api/resource.Quantity"),
+							},
+						},
+						"targetAverageValue": {
+							SchemaProps: spec.SchemaProps{
+								Description: "targetAverageValue is the target per-pod value of global metric (as a quantity). Mutually exclusive with TargetValue.",
+								Ref:         ref("k8s.io/apimachinery/pkg/api/resource.Quantity"),
+							},
+						},
+					},
+					Required: []string{"metricName"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/api/resource.Quantity", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"},
+		},
+		"k8s.io/api/autoscaling/v1.ExternalMetricStatus": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "ExternalMetricStatus indicates the current value of a global metric not associated with any Kubernetes object.",
+					Properties: map[string]spec.Schema{
+						"metricName": {
+							SchemaProps: spec.SchemaProps{
+								Description: "metricName is the name of a metric used for autoscaling in metric system.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"metricSelector": {
+							SchemaProps: spec.SchemaProps{
+								Description: "metricSelector is used to identify a specific time series within a given metric.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"),
+							},
+						},
+						"currentValue": {
+							SchemaProps: spec.SchemaProps{
+								Description: "currentValue is the current value of the metric (as a quantity)",
+								Ref:         ref("k8s.io/apimachinery/pkg/api/resource.Quantity"),
+							},
+						},
+						"currentAverageValue": {
+							SchemaProps: spec.SchemaProps{
+								Description: "currentAverageValue is the current value of metric averaged over autoscaled pods.",
+								Ref:         ref("k8s.io/apimachinery/pkg/api/resource.Quantity"),
+							},
+						},
+					},
+					Required: []string{"metricName", "currentValue"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/api/resource.Quantity", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"},
+		},
 		"k8s.io/api/autoscaling/v1.HorizontalPodAutoscaler": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
@@ -5945,7 +6164,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 					Properties: map[string]spec.Schema{
 						"type": {
 							SchemaProps: spec.SchemaProps{
-								Description: "type is the type of metric source.  It should match one of the fields below.",
+								Description: "type is the type of metric source.  It should be one of \"Object\", \"Pods\" or \"Resource\", each mapping to a matching field in the object.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
@@ -5968,12 +6187,18 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Ref:         ref("k8s.io/api/autoscaling/v1.ResourceMetricSource"),
 							},
 						},
+						"external": {
+							SchemaProps: spec.SchemaProps{
+								Description: "external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).",
+								Ref:         ref("k8s.io/api/autoscaling/v1.ExternalMetricSource"),
+							},
+						},
 					},
 					Required: []string{"type"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/autoscaling/v1.ObjectMetricSource", "k8s.io/api/autoscaling/v1.PodsMetricSource", "k8s.io/api/autoscaling/v1.ResourceMetricSource"},
+				"k8s.io/api/autoscaling/v1.ExternalMetricSource", "k8s.io/api/autoscaling/v1.ObjectMetricSource", "k8s.io/api/autoscaling/v1.PodsMetricSource", "k8s.io/api/autoscaling/v1.ResourceMetricSource"},
 		},
 		"k8s.io/api/autoscaling/v1.MetricStatus": {
 			Schema: spec.Schema{
@@ -5982,7 +6207,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 					Properties: map[string]spec.Schema{
 						"type": {
 							SchemaProps: spec.SchemaProps{
-								Description: "type is the type of metric source.  It will match one of the fields below.",
+								Description: "type is the type of metric source.  It will be one of \"Object\", \"Pods\" or \"Resource\", each corresponds to a matching field in the object.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
@@ -6005,12 +6230,18 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Ref:         ref("k8s.io/api/autoscaling/v1.ResourceMetricStatus"),
 							},
 						},
+						"external": {
+							SchemaProps: spec.SchemaProps{
+								Description: "external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).",
+								Ref:         ref("k8s.io/api/autoscaling/v1.ExternalMetricStatus"),
+							},
+						},
 					},
 					Required: []string{"type"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/autoscaling/v1.ObjectMetricStatus", "k8s.io/api/autoscaling/v1.PodsMetricStatus", "k8s.io/api/autoscaling/v1.ResourceMetricStatus"},
+				"k8s.io/api/autoscaling/v1.ExternalMetricStatus", "k8s.io/api/autoscaling/v1.ObjectMetricStatus", "k8s.io/api/autoscaling/v1.PodsMetricStatus", "k8s.io/api/autoscaling/v1.ResourceMetricStatus"},
 		},
 		"k8s.io/api/autoscaling/v1.ObjectMetricSource": {
 			Schema: spec.Schema{
@@ -6305,6 +6536,80 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			},
 			Dependencies: []string{},
 		},
+		"k8s.io/api/autoscaling/v2beta1.ExternalMetricSource": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "ExternalMetricSource indicates how to scale on a metric not associated with any Kubernetes object (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster). Exactly one \"target\" type should be set.",
+					Properties: map[string]spec.Schema{
+						"metricName": {
+							SchemaProps: spec.SchemaProps{
+								Description: "metricName is the name of the metric in question.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"metricSelector": {
+							SchemaProps: spec.SchemaProps{
+								Description: "metricSelector is used to identify a specific time series within a given metric.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"),
+							},
+						},
+						"targetValue": {
+							SchemaProps: spec.SchemaProps{
+								Description: "targetValue is the target value of the metric (as a quantity). Mutually exclusive with TargetAverageValue.",
+								Ref:         ref("k8s.io/apimachinery/pkg/api/resource.Quantity"),
+							},
+						},
+						"targetAverageValue": {
+							SchemaProps: spec.SchemaProps{
+								Description: "targetAverageValue is the target per-pod value of global metric (as a quantity). Mutually exclusive with TargetValue.",
+								Ref:         ref("k8s.io/apimachinery/pkg/api/resource.Quantity"),
+							},
+						},
+					},
+					Required: []string{"metricName"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/api/resource.Quantity", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"},
+		},
+		"k8s.io/api/autoscaling/v2beta1.ExternalMetricStatus": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "ExternalMetricStatus indicates the current value of a global metric not associated with any Kubernetes object.",
+					Properties: map[string]spec.Schema{
+						"metricName": {
+							SchemaProps: spec.SchemaProps{
+								Description: "metricName is the name of a metric used for autoscaling in metric system.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"metricSelector": {
+							SchemaProps: spec.SchemaProps{
+								Description: "metricSelector is used to identify a specific time series within a given metric.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"),
+							},
+						},
+						"currentValue": {
+							SchemaProps: spec.SchemaProps{
+								Description: "currentValue is the current value of the metric (as a quantity)",
+								Ref:         ref("k8s.io/apimachinery/pkg/api/resource.Quantity"),
+							},
+						},
+						"currentAverageValue": {
+							SchemaProps: spec.SchemaProps{
+								Description: "currentAverageValue is the current value of metric averaged over autoscaled pods.",
+								Ref:         ref("k8s.io/apimachinery/pkg/api/resource.Quantity"),
+							},
+						},
+					},
+					Required: []string{"metricName", "currentValue"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/api/resource.Quantity", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"},
+		},
 		"k8s.io/api/autoscaling/v2beta1.HorizontalPodAutoscaler": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
@@ -6556,7 +6861,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 					Properties: map[string]spec.Schema{
 						"type": {
 							SchemaProps: spec.SchemaProps{
-								Description: "type is the type of metric source.  It should match one of the fields below.",
+								Description: "type is the type of metric source.  It should be one of \"Object\", \"Pods\" or \"Resource\", each mapping to a matching field in the object.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
@@ -6579,12 +6884,18 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Ref:         ref("k8s.io/api/autoscaling/v2beta1.ResourceMetricSource"),
 							},
 						},
+						"external": {
+							SchemaProps: spec.SchemaProps{
+								Description: "external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).",
+								Ref:         ref("k8s.io/api/autoscaling/v2beta1.ExternalMetricSource"),
+							},
+						},
 					},
 					Required: []string{"type"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/autoscaling/v2beta1.ObjectMetricSource", "k8s.io/api/autoscaling/v2beta1.PodsMetricSource", "k8s.io/api/autoscaling/v2beta1.ResourceMetricSource"},
+				"k8s.io/api/autoscaling/v2beta1.ExternalMetricSource", "k8s.io/api/autoscaling/v2beta1.ObjectMetricSource", "k8s.io/api/autoscaling/v2beta1.PodsMetricSource", "k8s.io/api/autoscaling/v2beta1.ResourceMetricSource"},
 		},
 		"k8s.io/api/autoscaling/v2beta1.MetricStatus": {
 			Schema: spec.Schema{
@@ -6593,7 +6904,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 					Properties: map[string]spec.Schema{
 						"type": {
 							SchemaProps: spec.SchemaProps{
-								Description: "type is the type of metric source.  It will match one of the fields below.",
+								Description: "type is the type of metric source.  It will be one of \"Object\", \"Pods\" or \"Resource\", each corresponds to a matching field in the object.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
@@ -6616,12 +6927,18 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Ref:         ref("k8s.io/api/autoscaling/v2beta1.ResourceMetricStatus"),
 							},
 						},
+						"external": {
+							SchemaProps: spec.SchemaProps{
+								Description: "external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).",
+								Ref:         ref("k8s.io/api/autoscaling/v2beta1.ExternalMetricStatus"),
+							},
+						},
 					},
 					Required: []string{"type"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/autoscaling/v2beta1.ObjectMetricStatus", "k8s.io/api/autoscaling/v2beta1.PodsMetricStatus", "k8s.io/api/autoscaling/v2beta1.ResourceMetricStatus"},
+				"k8s.io/api/autoscaling/v2beta1.ExternalMetricStatus", "k8s.io/api/autoscaling/v2beta1.ObjectMetricStatus", "k8s.io/api/autoscaling/v2beta1.PodsMetricStatus", "k8s.io/api/autoscaling/v2beta1.ResourceMetricStatus"},
 		},
 		"k8s.io/api/autoscaling/v2beta1.ObjectMetricSource": {
 			Schema: spec.Schema{
@@ -8052,7 +8369,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 		"k8s.io/api/core/v1.CSIPersistentVolumeSource": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "Represents storage that is managed by an external CSI volume driver",
+					Description: "Represents storage that is managed by an external CSI volume driver (Beta feature)",
 					Properties: map[string]spec.Schema{
 						"driver": {
 							SchemaProps: spec.SchemaProps{
@@ -8075,17 +8392,57 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Format:      "",
 							},
 						},
-					},
-					Required: []string{"driver", "volumeHandle"},
-				},
-			},
-			Dependencies: []string{},
-		},
-		"k8s.io/api/core/v1.Capabilities": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "Adds and removes POSIX capabilities from running containers.",
-					Properties: map[string]spec.Schema{
+						"fsType": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"volumeAttributes": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Attributes of the volume to publish.",
+								Type:        []string{"object"},
+								AdditionalProperties: &spec.SchemaOrBool{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
+							},
+						},
+						"controllerPublishSecretRef": {
+							SchemaProps: spec.SchemaProps{
+								Description: "ControllerPublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerPublishVolume and ControllerUnpublishVolume calls. This field is optional, and  may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.",
+								Ref:         ref("k8s.io/api/core/v1.SecretReference"),
+							},
+						},
+						"nodeStageSecretRef": {
+							SchemaProps: spec.SchemaProps{
+								Description: "NodeStageSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeStageVolume and NodeStageVolume and NodeUnstageVolume calls. This field is optional, and  may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.",
+								Ref:         ref("k8s.io/api/core/v1.SecretReference"),
+							},
+						},
+						"nodePublishSecretRef": {
+							SchemaProps: spec.SchemaProps{
+								Description: "NodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and  may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.",
+								Ref:         ref("k8s.io/api/core/v1.SecretReference"),
+							},
+						},
+					},
+					Required: []string{"driver", "volumeHandle"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/api/core/v1.SecretReference"},
+		},
+		"k8s.io/api/core/v1.Capabilities": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "Adds and removes POSIX capabilities from running containers.",
+					Properties: map[string]spec.Schema{
 						"add": {
 							SchemaProps: spec.SchemaProps{
 								Description: "Added capabilities",
@@ -8449,7 +8806,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"data": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Data contains the configuration data. Each key must consist of alphanumeric characters, '-', '_' or '.'.",
+								Description: "Data contains the configuration data. Each key must consist of alphanumeric characters, '-', '_' or '.'. Values with non-UTF-8 byte sequences must use the BinaryData field. The keys stored in Data must not overlap with the keys in the BinaryData field, this is enforced during validation process.",
 								Type:        []string{"object"},
 								AdditionalProperties: &spec.SchemaOrBool{
 									Schema: &spec.Schema{
@@ -8461,6 +8818,20 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								},
 							},
 						},
+						"binaryData": {
+							SchemaProps: spec.SchemaProps{
+								Description: "BinaryData contains the binary data. Each key must consist of alphanumeric characters, '-', '_' or '.'. BinaryData can contain byte sequences that are not in the UTF-8 range. The keys stored in BinaryData must not overlap with the ones in the Data field, this is enforced during validation process. Using this field will require 1.10+ apiserver and kubelet.",
+								Type:        []string{"object"},
+								AdditionalProperties: &spec.SchemaOrBool{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "byte",
+										},
+									},
+								},
+							},
+						},
 					},
 				},
 			},
@@ -8880,7 +9251,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 					Properties: map[string]spec.Schema{
 						"names": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Names by which this image is known. e.g. [\"gcr.io/google_containers/hyperkube:v1.0.7\", \"dockerhub.io/google_containers/hyperkube:v1.0.7\"]",
+								Description: "Names by which this image is known. e.g. [\"k8s.gcr.io/hyperkube:v1.0.7\", \"dockerhub.io/google_containers/hyperkube:v1.0.7\"]",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
@@ -9441,7 +9812,6 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 							},
 						},
 					},
-					Required: []string{"subsets"},
 				},
 			},
 			Dependencies: []string{
@@ -9499,7 +9869,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 					Properties: map[string]spec.Schema{
 						"prefix": {
 							SchemaProps: spec.SchemaProps{
-								Description: "An optional identifer to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.",
+								Description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
@@ -9760,7 +10130,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 		"k8s.io/api/core/v1.EventSeries": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "EventSeries contain information on series of events, i.e. thing that was/is happening continously for some time.",
+					Description: "EventSeries contain information on series of events, i.e. thing that was/is happening continuously for some time.",
 					Properties: map[string]spec.Schema{
 						"count": {
 							SchemaProps: spec.SchemaProps{
@@ -9771,7 +10141,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"lastObservedTime": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Time of the last occurence observed",
+								Description: "Time of the last occurrence observed",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"),
 							},
 						},
@@ -9895,6 +10265,59 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			},
 			Dependencies: []string{},
 		},
+		"k8s.io/api/core/v1.FlexPersistentVolumeSource": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "FlexPersistentVolumeSource represents a generic persistent volume resource that is provisioned/attached using an exec based plugin.",
+					Properties: map[string]spec.Schema{
+						"driver": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Driver is the name of the driver to use for this volume.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"fsType": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"secretRef": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.",
+								Ref:         ref("k8s.io/api/core/v1.SecretReference"),
+							},
+						},
+						"readOnly": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.",
+								Type:        []string{"boolean"},
+								Format:      "",
+							},
+						},
+						"options": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Optional: Extra command options if any.",
+								Type:        []string{"object"},
+								AdditionalProperties: &spec.SchemaOrBool{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
+							},
+						},
+					},
+					Required: []string{"driver"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/api/core/v1.SecretReference"},
+		},
 		"k8s.io/api/core/v1.FlexVolumeSource": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
@@ -12152,7 +12575,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						"flexVolume": {
 							SchemaProps: spec.SchemaProps{
 								Description: "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.",
-								Ref:         ref("k8s.io/api/core/v1.FlexVolumeSource"),
+								Ref:         ref("k8s.io/api/core/v1.FlexPersistentVolumeSource"),
 							},
 						},
 						"azureFile": {
@@ -12211,7 +12634,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"csi": {
 							SchemaProps: spec.SchemaProps{
-								Description: "CSI represents storage that handled by an external CSI driver",
+								Description: "CSI represents storage that handled by an external CSI driver (Beta feature).",
 								Ref:         ref("k8s.io/api/core/v1.CSIPersistentVolumeSource"),
 							},
 						},
@@ -12219,7 +12642,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFilePersistentVolumeSource", "k8s.io/api/core/v1.CSIPersistentVolumeSource", "k8s.io/api/core/v1.CephFSPersistentVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIPersistentVolumeSource", "k8s.io/api/core/v1.LocalVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDPersistentVolumeSource", "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource", "k8s.io/api/core/v1.StorageOSPersistentVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"},
+				"k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFilePersistentVolumeSource", "k8s.io/api/core/v1.CSIPersistentVolumeSource", "k8s.io/api/core/v1.CephFSPersistentVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexPersistentVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIPersistentVolumeSource", "k8s.io/api/core/v1.LocalVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDPersistentVolumeSource", "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource", "k8s.io/api/core/v1.StorageOSPersistentVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource"},
 		},
 		"k8s.io/api/core/v1.PersistentVolumeSpec": {
 			Schema: spec.Schema{
@@ -12308,7 +12731,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						"flexVolume": {
 							SchemaProps: spec.SchemaProps{
 								Description: "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.",
-								Ref:         ref("k8s.io/api/core/v1.FlexVolumeSource"),
+								Ref:         ref("k8s.io/api/core/v1.FlexPersistentVolumeSource"),
 							},
 						},
 						"azureFile": {
@@ -12367,7 +12790,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"csi": {
 							SchemaProps: spec.SchemaProps{
-								Description: "CSI represents storage that handled by an external CSI driver",
+								Description: "CSI represents storage that handled by an external CSI driver (Beta feature).",
 								Ref:         ref("k8s.io/api/core/v1.CSIPersistentVolumeSource"),
 							},
 						},
@@ -12393,7 +12816,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"persistentVolumeReclaimPolicy": {
 							SchemaProps: spec.SchemaProps{
-								Description: "What happens to a persistent volume when released from its claim. Valid options are Retain (default) and Recycle. Recycling must be supported by the volume plugin underlying this persistent volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming",
+								Description: "What happens to a persistent volume when released from its claim. Valid options are Retain (default for manually created PersistentVolumes), Delete (default for dynamically provisioned PersistentVolumes), and Recycle (deprecated). Recycle must be supported by the volume plugin underlying this PersistentVolume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming",
 								Type:        []string{"string"},
 								Format:      "",
 							},
@@ -12426,11 +12849,17 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Format:      "",
 							},
 						},
+						"nodeAffinity": {
+							SchemaProps: spec.SchemaProps{
+								Description: "NodeAffinity defines constraints that limit what nodes this volume can be accessed from. This field influences the scheduling of pods that use this volume.",
+								Ref:         ref("k8s.io/api/core/v1.VolumeNodeAffinity"),
+							},
+						},
 					},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFilePersistentVolumeSource", "k8s.io/api/core/v1.CSIPersistentVolumeSource", "k8s.io/api/core/v1.CephFSPersistentVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIPersistentVolumeSource", "k8s.io/api/core/v1.LocalVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.ObjectReference", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDPersistentVolumeSource", "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource", "k8s.io/api/core/v1.StorageOSPersistentVolumeSource", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource", "k8s.io/apimachinery/pkg/api/resource.Quantity"},
+				"k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource", "k8s.io/api/core/v1.AzureDiskVolumeSource", "k8s.io/api/core/v1.AzureFilePersistentVolumeSource", "k8s.io/api/core/v1.CSIPersistentVolumeSource", "k8s.io/api/core/v1.CephFSPersistentVolumeSource", "k8s.io/api/core/v1.CinderVolumeSource", "k8s.io/api/core/v1.FCVolumeSource", "k8s.io/api/core/v1.FlexPersistentVolumeSource", "k8s.io/api/core/v1.FlockerVolumeSource", "k8s.io/api/core/v1.GCEPersistentDiskVolumeSource", "k8s.io/api/core/v1.GlusterfsVolumeSource", "k8s.io/api/core/v1.HostPathVolumeSource", "k8s.io/api/core/v1.ISCSIPersistentVolumeSource", "k8s.io/api/core/v1.LocalVolumeSource", "k8s.io/api/core/v1.NFSVolumeSource", "k8s.io/api/core/v1.ObjectReference", "k8s.io/api/core/v1.PhotonPersistentDiskVolumeSource", "k8s.io/api/core/v1.PortworxVolumeSource", "k8s.io/api/core/v1.QuobyteVolumeSource", "k8s.io/api/core/v1.RBDPersistentVolumeSource", "k8s.io/api/core/v1.ScaleIOPersistentVolumeSource", "k8s.io/api/core/v1.StorageOSPersistentVolumeSource", "k8s.io/api/core/v1.VolumeNodeAffinity", "k8s.io/api/core/v1.VsphereVirtualDiskVolumeSource", "k8s.io/apimachinery/pkg/api/resource.Quantity"},
 		},
 		"k8s.io/api/core/v1.PersistentVolumeStatus": {
 			Schema: spec.Schema{
@@ -13116,6 +13545,13 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Format:      "int64",
 							},
 						},
+						"runAsGroup": {
+							SchemaProps: spec.SchemaProps{
+								Description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.",
+								Type:        []string{"integer"},
+								Format:      "int64",
+							},
+						},
 						"runAsNonRoot": {
 							SchemaProps: spec.SchemaProps{
 								Description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
@@ -13252,7 +13688,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"dnsPolicy": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Set DNS policy for the pod. Defaults to \"ClusterFirst\". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. Note that 'None' policy is an alpha feature introduced in v1.9 and CustomPodDNS feature gate must be enabled to use it.",
+								Description: "Set DNS policy for the pod. Defaults to \"ClusterFirst\". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
@@ -13320,6 +13756,13 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Format:      "",
 							},
 						},
+						"shareProcessNamespace": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Share a single process namespace between all of the containers in a pod. When this is set containers will be able to view and signal processes from other containers in the same pod, and the first process in each container will not be assigned PID 1. HostPID and ShareProcessNamespace cannot both be set. Optional: Default to false. This field is alpha-level and is honored only by servers that enable the PodShareProcessNamespace feature.",
+								Type:        []string{"boolean"},
+								Format:      "",
+							},
+						},
 						"securityContext": {
 							SchemaProps: spec.SchemaProps{
 								Description: "SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty.  See type description for default values of each field.",
@@ -13406,7 +13849,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"priorityClassName": {
 							SchemaProps: spec.SchemaProps{
-								Description: "If specified, indicates the pod's priority. \"SYSTEM\" is a special keyword which indicates the highest priority. Any other name must be defined by creating a PriorityClass object with that name. If not specified, the pod priority will be default or zero if there is no default.",
+								Description: "If specified, indicates the pod's priority. \"system-node-critical\" and \"system-cluster-critical\" are two special keywords which indicate the highest priorities with the former being the highest priority. Any other name must be defined by creating a PriorityClass object with that name. If not specified, the pod priority will be default or zero if there is no default.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
@@ -13420,7 +13863,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"dnsConfig": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy. This is an alpha feature introduced in v1.9 and CustomPodDNS feature gate must be enabled to use it.",
+								Description: "Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy.",
 								Ref:         ref("k8s.io/api/core/v1.PodDNSConfig"),
 							},
 						},
@@ -13476,6 +13919,13 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Format:      "",
 							},
 						},
+						"nominatedNodeName": {
+							SchemaProps: spec.SchemaProps{
+								Description: "nominatedNodeName is set only when this pod preempts other pods on the node, but it cannot be scheduled right away as preemption victims receive their graceful termination periods. This field does not guarantee that the pod will be scheduled on this node. Scheduler may decide to place the pod elsewhere if other nodes become available sooner. Scheduler may also decide to give the resources on this node to a higher priority pod that is created after preemption. As a result, this field may be different than PodSpec.nodeName when the pod is scheduled.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
 						"hostIP": {
 							SchemaProps: spec.SchemaProps{
 								Description: "IP address of the host to which the pod is assigned. Empty if not yet scheduled.",
@@ -13524,7 +13974,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"qosClass": {
 							SchemaProps: spec.SchemaProps{
-								Description: "The Quality of Service (QOS) classification assigned to the pod based on resource requirements See PodQOSClass type for available QOS classes More info: https://github.com/kubernetes/kubernetes/blob/master/docs/design/resource-qos.md",
+								Description: "The Quality of Service (QOS) classification assigned to the pod based on resource requirements See PodQOSClass type for available QOS classes More info: https://git.k8s.io/community/contributors/design-proposals/node/resource-qos.md",
 								Type:        []string{"string"},
 								Format:      "",
 							},
@@ -15090,6 +15540,13 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Format:      "int64",
 							},
 						},
+						"runAsGroup": {
+							SchemaProps: spec.SchemaProps{
+								Description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+								Type:        []string{"integer"},
+								Format:      "int64",
+							},
+						},
 						"runAsNonRoot": {
 							SchemaProps: spec.SchemaProps{
 								Description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
@@ -16061,7 +16518,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"mountPropagation": {
 							SchemaProps: spec.SchemaProps{
-								Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is alpha in 1.8 and can be reworked or removed in a future release.",
+								Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
@@ -16072,6 +16529,23 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			},
 			Dependencies: []string{},
 		},
+		"k8s.io/api/core/v1.VolumeNodeAffinity": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "VolumeNodeAffinity defines constraints that limit what nodes this volume can be accessed from.",
+					Properties: map[string]spec.Schema{
+						"required": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Required specifies hard node constraints that must be met.",
+								Ref:         ref("k8s.io/api/core/v1.NodeSelector"),
+							},
+						},
+					},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/api/core/v1.NodeSelector"},
+		},
 		"k8s.io/api/core/v1.VolumeProjection": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
@@ -16508,7 +16982,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 		"k8s.io/api/events/v1beta1.EventSeries": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "EventSeries contain information on series of events, i.e. thing that was/is happening continously for some time.",
+					Description: "EventSeries contain information on series of events, i.e. thing that was/is happening continuously for some time.",
 					Properties: map[string]spec.Schema{
 						"count": {
 							SchemaProps: spec.SchemaProps{
@@ -19210,6 +19684,41 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			Dependencies: []string{
 				"k8s.io/api/networking/v1.NetworkPolicyEgressRule", "k8s.io/api/networking/v1.NetworkPolicyIngressRule", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"},
 		},
+		"k8s.io/api/policy/v1beta1.AllowedFlexVolume": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "AllowedFlexVolume represents a single Flexvolume that is allowed to be used.",
+					Properties: map[string]spec.Schema{
+						"driver": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Driver is the name of the Flexvolume driver.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+					},
+					Required: []string{"driver"},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/api/policy/v1beta1.AllowedHostPath": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "defines the host volume conditions that will be enabled by a policy for pods to use. It requires the path prefix to be defined.",
+					Properties: map[string]spec.Schema{
+						"pathPrefix": {
+							SchemaProps: spec.SchemaProps{
+								Description: "is the path prefix that the host volume must match. It does not support `*`. Trailing slashes are trimmed when validating the path prefix with a host path.\n\nExamples: `/foo` would allow `/foo`, `/foo/` and `/foo/bar` `/foo` would not allow `/food` or `/etc/foo`",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+					},
+				},
+			},
+			Dependencies: []string{},
+		},
 		"k8s.io/api/policy/v1beta1.Eviction": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
@@ -19247,6 +19756,87 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			Dependencies: []string{
 				"k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
+		"k8s.io/api/policy/v1beta1.FSGroupStrategyOptions": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "FSGroupStrategyOptions defines the strategy type and options used to create the strategy.",
+					Properties: map[string]spec.Schema{
+						"rule": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Rule is the strategy that will dictate what FSGroup is used in the SecurityContext.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"ranges": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Ranges are the allowed ranges of fs groups.  If you would like to force a single fs group then supply a single range with the same start and end.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/api/policy/v1beta1.IDRange"),
+										},
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/api/policy/v1beta1.IDRange"},
+		},
+		"k8s.io/api/policy/v1beta1.HostPortRange": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "Host Port Range defines a range of host ports that will be enabled by a policy for pods to use.  It requires both the start and end to be defined.",
+					Properties: map[string]spec.Schema{
+						"min": {
+							SchemaProps: spec.SchemaProps{
+								Description: "min is the start of the range, inclusive.",
+								Type:        []string{"integer"},
+								Format:      "int32",
+							},
+						},
+						"max": {
+							SchemaProps: spec.SchemaProps{
+								Description: "max is the end of the range, inclusive.",
+								Type:        []string{"integer"},
+								Format:      "int32",
+							},
+						},
+					},
+					Required: []string{"min", "max"},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/api/policy/v1beta1.IDRange": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "ID Range provides a min/max of an allowed range of IDs.",
+					Properties: map[string]spec.Schema{
+						"min": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Min is the start of the range, inclusive.",
+								Type:        []string{"integer"},
+								Format:      "int64",
+							},
+						},
+						"max": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Max is the end of the range, inclusive.",
+								Type:        []string{"integer"},
+								Format:      "int64",
+							},
+						},
+					},
+					Required: []string{"min", "max"},
+				},
+			},
+			Dependencies: []string{},
+		},
 		"k8s.io/api/policy/v1beta1.PodDisruptionBudget": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
@@ -19421,34 +20011,10 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			Dependencies: []string{
 				"k8s.io/apimachinery/pkg/apis/meta/v1.Time"},
 		},
-		"k8s.io/api/rbac/v1.AggregationRule": {
+		"k8s.io/api/policy/v1beta1.PodSecurityPolicy": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole",
-					Properties: map[string]spec.Schema{
-						"clusterRoleSelectors": {
-							SchemaProps: spec.SchemaProps{
-								Description: "ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules. If any of the selectors match, then the ClusterRole's permissions will be added",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"),
-										},
-									},
-								},
-							},
-						},
-					},
-				},
-			},
-			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"},
-		},
-		"k8s.io/api/rbac/v1.ClusterRole": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.",
+					Description: "Pod Security Policy governs the ability to make requests that affect the Security Context that will be applied to a pod and container.",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -19466,40 +20032,26 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Standard object's metadata.",
+								Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
 							},
 						},
-						"rules": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Rules holds all the PolicyRules for this ClusterRole",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1.PolicyRule"),
-										},
-									},
-								},
-							},
-						},
-						"aggregationRule": {
+						"spec": {
 							SchemaProps: spec.SchemaProps{
-								Description: "AggregationRule is an optional field that describes how to build the Rules for this ClusterRole. If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be stomped by the controller.",
-								Ref:         ref("k8s.io/api/rbac/v1.AggregationRule"),
+								Description: "spec defines the policy enforced.",
+								Ref:         ref("k8s.io/api/policy/v1beta1.PodSecurityPolicySpec"),
 							},
 						},
 					},
-					Required: []string{"rules"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1.AggregationRule", "k8s.io/api/rbac/v1.PolicyRule", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+				"k8s.io/api/policy/v1beta1.PodSecurityPolicySpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
-		"k8s.io/api/rbac/v1.ClusterRoleBinding": {
+		"k8s.io/api/policy/v1beta1.PodSecurityPolicyList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "ClusterRoleBinding references a ClusterRole, but not contain it.  It can reference a ClusterRole in the global namespace, and adds who information via Subject.",
+					Description: "Pod Security Policy List is a list of PodSecurityPolicy objects.",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -19517,134 +20069,73 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Standard object's metadata.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
+								Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
 							},
 						},
-						"subjects": {
+						"items": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Subjects holds references to the objects the role applies to.",
+								Description: "Items is a list of schema objects.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1.Subject"),
+											Ref: ref("k8s.io/api/policy/v1beta1.PodSecurityPolicy"),
 										},
 									},
 								},
 							},
 						},
-						"roleRef": {
-							SchemaProps: spec.SchemaProps{
-								Description: "RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.",
-								Ref:         ref("k8s.io/api/rbac/v1.RoleRef"),
-							},
-						},
 					},
-					Required: []string{"subjects", "roleRef"},
+					Required: []string{"items"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1.RoleRef", "k8s.io/api/rbac/v1.Subject", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+				"k8s.io/api/policy/v1beta1.PodSecurityPolicy", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
 		},
-		"k8s.io/api/rbac/v1.ClusterRoleBindingList": {
+		"k8s.io/api/policy/v1beta1.PodSecurityPolicySpec": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "ClusterRoleBindingList is a collection of ClusterRoleBindings",
+					Description: "Pod Security Policy Spec defines the policy enforced.",
 					Properties: map[string]spec.Schema{
-						"kind": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"apiVersion": {
+						"privileged": {
 							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
-								Type:        []string{"string"},
+								Description: "privileged determines if a pod can request to be run as privileged.",
+								Type:        []string{"boolean"},
 								Format:      "",
 							},
 						},
-						"metadata": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Standard object's metadata.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
-							},
-						},
-						"items": {
+						"defaultAddCapabilities": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Items is a list of ClusterRoleBindings",
+								Description: "DefaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.  You may not list a capability in both DefaultAddCapabilities and RequiredDropCapabilities. Capabilities added here are implicitly allowed, and need not be included in the AllowedCapabilities list.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1.ClusterRoleBinding"),
+											Type:   []string{"string"},
+											Format: "",
 										},
 									},
 								},
 							},
 						},
-					},
-					Required: []string{"items"},
-				},
-			},
-			Dependencies: []string{
-				"k8s.io/api/rbac/v1.ClusterRoleBinding", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
-		},
-		"k8s.io/api/rbac/v1.ClusterRoleList": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "ClusterRoleList is a collection of ClusterRoles",
-					Properties: map[string]spec.Schema{
-						"kind": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"apiVersion": {
-							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"metadata": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Standard object's metadata.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
-							},
-						},
-						"items": {
+						"requiredDropCapabilities": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Items is a list of ClusterRoles",
+								Description: "RequiredDropCapabilities are the capabilities that will be dropped from the container.  These are required to be dropped and cannot be added.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1.ClusterRole"),
+											Type:   []string{"string"},
+											Format: "",
 										},
 									},
 								},
 							},
 						},
-					},
-					Required: []string{"items"},
-				},
-			},
-			Dependencies: []string{
-				"k8s.io/api/rbac/v1.ClusterRole", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
-		},
-		"k8s.io/api/rbac/v1.PolicyRule": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to.",
-					Properties: map[string]spec.Schema{
-						"verbs": {
+						"allowedCapabilities": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions contained in this rule.  VerbAll represents all kinds.",
+								Description: "AllowedCapabilities is a list of capabilities that can be requested to add to the container. Capabilities in this field may be added at the pod author's discretion. You must not list a capability in both AllowedCapabilities and RequiredDropCapabilities.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
@@ -19656,9 +20147,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								},
 							},
 						},
-						"apiGroups": {
+						"volumes": {
 							SchemaProps: spec.SchemaProps{
-								Description: "APIGroups is the name of the APIGroup that contains the resources.  If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed.",
+								Description: "volumes is a white list of allowed volume plugins.  Empty indicates that all plugins may be used.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
@@ -19670,312 +20161,207 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								},
 							},
 						},
-						"resources": {
+						"hostNetwork": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Resources is a list of resources this rule applies to.  ResourceAll represents all resources.",
+								Description: "hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.",
+								Type:        []string{"boolean"},
+								Format:      "",
+							},
+						},
+						"hostPorts": {
+							SchemaProps: spec.SchemaProps{
+								Description: "hostPorts determines which host port ranges are allowed to be exposed.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
+											Ref: ref("k8s.io/api/policy/v1beta1.HostPortRange"),
 										},
 									},
 								},
 							},
 						},
-						"resourceNames": {
+						"hostPID": {
 							SchemaProps: spec.SchemaProps{
-								Description: "ResourceNames is an optional white list of names that the rule applies to.  An empty set means that everything is allowed.",
+								Description: "hostPID determines if the policy allows the use of HostPID in the pod spec.",
+								Type:        []string{"boolean"},
+								Format:      "",
+							},
+						},
+						"hostIPC": {
+							SchemaProps: spec.SchemaProps{
+								Description: "hostIPC determines if the policy allows the use of HostIPC in the pod spec.",
+								Type:        []string{"boolean"},
+								Format:      "",
+							},
+						},
+						"seLinux": {
+							SchemaProps: spec.SchemaProps{
+								Description: "seLinux is the strategy that will dictate the allowable labels that may be set.",
+								Ref:         ref("k8s.io/api/policy/v1beta1.SELinuxStrategyOptions"),
+							},
+						},
+						"runAsUser": {
+							SchemaProps: spec.SchemaProps{
+								Description: "runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.",
+								Ref:         ref("k8s.io/api/policy/v1beta1.RunAsUserStrategyOptions"),
+							},
+						},
+						"supplementalGroups": {
+							SchemaProps: spec.SchemaProps{
+								Description: "SupplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.",
+								Ref:         ref("k8s.io/api/policy/v1beta1.SupplementalGroupsStrategyOptions"),
+							},
+						},
+						"fsGroup": {
+							SchemaProps: spec.SchemaProps{
+								Description: "FSGroup is the strategy that will dictate what fs group is used by the SecurityContext.",
+								Ref:         ref("k8s.io/api/policy/v1beta1.FSGroupStrategyOptions"),
+							},
+						},
+						"readOnlyRootFilesystem": {
+							SchemaProps: spec.SchemaProps{
+								Description: "ReadOnlyRootFilesystem when set to true will force containers to run with a read only root file system.  If the container specifically requests to run with a non-read only root file system the PSP should deny the pod. If set to false the container may run with a read only root file system if it wishes but it will not be forced to.",
+								Type:        []string{"boolean"},
+								Format:      "",
+							},
+						},
+						"defaultAllowPrivilegeEscalation": {
+							SchemaProps: spec.SchemaProps{
+								Description: "DefaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.",
+								Type:        []string{"boolean"},
+								Format:      "",
+							},
+						},
+						"allowPrivilegeEscalation": {
+							SchemaProps: spec.SchemaProps{
+								Description: "AllowPrivilegeEscalation determines if a pod can request to allow privilege escalation. If unspecified, defaults to true.",
+								Type:        []string{"boolean"},
+								Format:      "",
+							},
+						},
+						"allowedHostPaths": {
+							SchemaProps: spec.SchemaProps{
+								Description: "is a white list of allowed host paths. Empty indicates that all host paths may be used.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
+											Ref: ref("k8s.io/api/policy/v1beta1.AllowedHostPath"),
 										},
 									},
 								},
 							},
 						},
-						"nonResourceURLs": {
+						"allowedFlexVolumes": {
 							SchemaProps: spec.SchemaProps{
-								Description: "NonResourceURLs is a set of partial urls that a user should have access to.  *s are allowed, but only as the full, final step in the path Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"),  but not both.",
+								Description: "AllowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes is allowed in the \"Volumes\" field.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
+											Ref: ref("k8s.io/api/policy/v1beta1.AllowedFlexVolume"),
 										},
 									},
 								},
 							},
 						},
 					},
-					Required: []string{"verbs"},
+					Required: []string{"seLinux", "runAsUser", "supplementalGroups", "fsGroup"},
 				},
 			},
-			Dependencies: []string{},
+			Dependencies: []string{
+				"k8s.io/api/policy/v1beta1.AllowedFlexVolume", "k8s.io/api/policy/v1beta1.AllowedHostPath", "k8s.io/api/policy/v1beta1.FSGroupStrategyOptions", "k8s.io/api/policy/v1beta1.HostPortRange", "k8s.io/api/policy/v1beta1.RunAsUserStrategyOptions", "k8s.io/api/policy/v1beta1.SELinuxStrategyOptions", "k8s.io/api/policy/v1beta1.SupplementalGroupsStrategyOptions"},
 		},
-		"k8s.io/api/rbac/v1.Role": {
+		"k8s.io/api/policy/v1beta1.RunAsUserStrategyOptions": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.",
+					Description: "Run A sUser Strategy Options defines the strategy type and any options used to create the strategy.",
 					Properties: map[string]spec.Schema{
-						"kind": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"apiVersion": {
+						"rule": {
 							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Description: "Rule is the strategy that will dictate the allowable RunAsUser values that may be set.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"metadata": {
+						"ranges": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Standard object's metadata.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
-							},
-						},
-						"rules": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Rules holds all the PolicyRules for this Role",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1.PolicyRule"),
-										},
-									},
-								},
-							},
-						},
-					},
-					Required: []string{"rules"},
-				},
-			},
-			Dependencies: []string{
-				"k8s.io/api/rbac/v1.PolicyRule", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
-		},
-		"k8s.io/api/rbac/v1.RoleBinding": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "RoleBinding references a role, but does not contain it.  It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in.  RoleBindings in a given namespace only have effect in that namespace.",
-					Properties: map[string]spec.Schema{
-						"kind": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"apiVersion": {
-							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"metadata": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Standard object's metadata.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
-							},
-						},
-						"subjects": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Subjects holds references to the objects the role applies to.",
+								Description: "Ranges are the allowed ranges of uids that may be used.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1.Subject"),
+											Ref: ref("k8s.io/api/policy/v1beta1.IDRange"),
 										},
 									},
 								},
 							},
 						},
-						"roleRef": {
-							SchemaProps: spec.SchemaProps{
-								Description: "RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.",
-								Ref:         ref("k8s.io/api/rbac/v1.RoleRef"),
-							},
-						},
 					},
-					Required: []string{"subjects", "roleRef"},
+					Required: []string{"rule"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1.RoleRef", "k8s.io/api/rbac/v1.Subject", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+				"k8s.io/api/policy/v1beta1.IDRange"},
 		},
-		"k8s.io/api/rbac/v1.RoleBindingList": {
+		"k8s.io/api/policy/v1beta1.SELinuxStrategyOptions": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "RoleBindingList is a collection of RoleBindings",
+					Description: "SELinux  Strategy Options defines the strategy type and any options used to create the strategy.",
 					Properties: map[string]spec.Schema{
-						"kind": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"apiVersion": {
+						"rule": {
 							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Description: "type is the strategy that will dictate the allowable labels that may be set.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"metadata": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Standard object's metadata.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
-							},
-						},
-						"items": {
+						"seLinuxOptions": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Items is a list of RoleBindings",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1.RoleBinding"),
-										},
-									},
-								},
+								Description: "seLinuxOptions required to run as; required for MustRunAs More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/",
+								Ref:         ref("k8s.io/api/core/v1.SELinuxOptions"),
 							},
 						},
 					},
-					Required: []string{"items"},
+					Required: []string{"rule"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1.RoleBinding", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+				"k8s.io/api/core/v1.SELinuxOptions"},
 		},
-		"k8s.io/api/rbac/v1.RoleList": {
+		"k8s.io/api/policy/v1beta1.SupplementalGroupsStrategyOptions": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "RoleList is a collection of Roles",
+					Description: "SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy.",
 					Properties: map[string]spec.Schema{
-						"kind": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"apiVersion": {
+						"rule": {
 							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Description: "Rule is the strategy that will dictate what supplemental groups is used in the SecurityContext.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"metadata": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Standard object's metadata.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
-							},
-						},
-						"items": {
+						"ranges": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Items is a list of Roles",
+								Description: "Ranges are the allowed ranges of supplemental groups.  If you would like to force a single supplemental group then supply a single range with the same start and end.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1.Role"),
+											Ref: ref("k8s.io/api/policy/v1beta1.IDRange"),
 										},
 									},
 								},
 							},
 						},
 					},
-					Required: []string{"items"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1.Role", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
-		},
-		"k8s.io/api/rbac/v1.RoleRef": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "RoleRef contains information that points to the role being used",
-					Properties: map[string]spec.Schema{
-						"apiGroup": {
-							SchemaProps: spec.SchemaProps{
-								Description: "APIGroup is the group for the resource being referenced",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"kind": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Kind is the type of resource being referenced",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"name": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Name is the name of resource being referenced",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-					},
-					Required: []string{"apiGroup", "kind", "name"},
-				},
-			},
-			Dependencies: []string{},
-		},
-		"k8s.io/api/rbac/v1.Subject": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "Subject contains a reference to the object or user identities a role binding applies to.  This can either hold a direct API object reference, or a value for non-objects such as user and group names.",
-					Properties: map[string]spec.Schema{
-						"kind": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Kind of object being referenced. Values defined by this API group are \"User\", \"Group\", and \"ServiceAccount\". If the Authorizer does not recognized the kind value, the Authorizer should report an error.",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"apiGroup": {
-							SchemaProps: spec.SchemaProps{
-								Description: "APIGroup holds the API group of the referenced subject. Defaults to \"\" for ServiceAccount subjects. Defaults to \"rbac.authorization.k8s.io\" for User and Group subjects.",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"name": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Name of the object being referenced.",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"namespace": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Namespace of the referenced object.  If the object kind is non-namespace, such as \"User\" or \"Group\", and this value is not empty the Authorizer should report an error.",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-					},
-					Required: []string{"kind", "name"},
-				},
-			},
-			Dependencies: []string{},
+				"k8s.io/api/policy/v1beta1.IDRange"},
 		},
-		"k8s.io/api/rbac/v1alpha1.AggregationRule": {
+		"k8s.io/api/rbac/v1.AggregationRule": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole",
@@ -19999,7 +20385,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			Dependencies: []string{
 				"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"},
 		},
-		"k8s.io/api/rbac/v1alpha1.ClusterRole": {
+		"k8s.io/api/rbac/v1.ClusterRole": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.",
@@ -20031,7 +20417,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1alpha1.PolicyRule"),
+											Ref: ref("k8s.io/api/rbac/v1.PolicyRule"),
 										},
 									},
 								},
@@ -20040,7 +20426,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						"aggregationRule": {
 							SchemaProps: spec.SchemaProps{
 								Description: "AggregationRule is an optional field that describes how to build the Rules for this ClusterRole. If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be stomped by the controller.",
-								Ref:         ref("k8s.io/api/rbac/v1alpha1.AggregationRule"),
+								Ref:         ref("k8s.io/api/rbac/v1.AggregationRule"),
 							},
 						},
 					},
@@ -20048,9 +20434,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1alpha1.AggregationRule", "k8s.io/api/rbac/v1alpha1.PolicyRule", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+				"k8s.io/api/rbac/v1.AggregationRule", "k8s.io/api/rbac/v1.PolicyRule", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
-		"k8s.io/api/rbac/v1alpha1.ClusterRoleBinding": {
+		"k8s.io/api/rbac/v1.ClusterRoleBinding": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "ClusterRoleBinding references a ClusterRole, but not contain it.  It can reference a ClusterRole in the global namespace, and adds who information via Subject.",
@@ -20082,7 +20468,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1alpha1.Subject"),
+											Ref: ref("k8s.io/api/rbac/v1.Subject"),
 										},
 									},
 								},
@@ -20091,7 +20477,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						"roleRef": {
 							SchemaProps: spec.SchemaProps{
 								Description: "RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.",
-								Ref:         ref("k8s.io/api/rbac/v1alpha1.RoleRef"),
+								Ref:         ref("k8s.io/api/rbac/v1.RoleRef"),
 							},
 						},
 					},
@@ -20099,9 +20485,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1alpha1.RoleRef", "k8s.io/api/rbac/v1alpha1.Subject", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+				"k8s.io/api/rbac/v1.RoleRef", "k8s.io/api/rbac/v1.Subject", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
-		"k8s.io/api/rbac/v1alpha1.ClusterRoleBindingList": {
+		"k8s.io/api/rbac/v1.ClusterRoleBindingList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "ClusterRoleBindingList is a collection of ClusterRoleBindings",
@@ -20133,7 +20519,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1alpha1.ClusterRoleBinding"),
+											Ref: ref("k8s.io/api/rbac/v1.ClusterRoleBinding"),
 										},
 									},
 								},
@@ -20144,9 +20530,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1alpha1.ClusterRoleBinding", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+				"k8s.io/api/rbac/v1.ClusterRoleBinding", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
 		},
-		"k8s.io/api/rbac/v1alpha1.ClusterRoleList": {
+		"k8s.io/api/rbac/v1.ClusterRoleList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "ClusterRoleList is a collection of ClusterRoles",
@@ -20178,7 +20564,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1alpha1.ClusterRole"),
+											Ref: ref("k8s.io/api/rbac/v1.ClusterRole"),
 										},
 									},
 								},
@@ -20189,9 +20575,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1alpha1.ClusterRole", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+				"k8s.io/api/rbac/v1.ClusterRole", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
 		},
-		"k8s.io/api/rbac/v1alpha1.PolicyRule": {
+		"k8s.io/api/rbac/v1.PolicyRule": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to.",
@@ -20254,7 +20640,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"nonResourceURLs": {
 							SchemaProps: spec.SchemaProps{
-								Description: "NonResourceURLs is a set of partial urls that a user should have access to.  *s are allowed, but only as the full, final step in the path This name is intentionally different than the internal type so that the DefaultConvert works nicely and because the ordering may be different. Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"),  but not both.",
+								Description: "NonResourceURLs is a set of partial urls that a user should have access to.  *s are allowed, but only as the full, final step in the path Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"),  but not both.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
@@ -20272,7 +20658,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/api/rbac/v1alpha1.Role": {
+		"k8s.io/api/rbac/v1.Role": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.",
@@ -20304,7 +20690,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1alpha1.PolicyRule"),
+											Ref: ref("k8s.io/api/rbac/v1.PolicyRule"),
 										},
 									},
 								},
@@ -20315,9 +20701,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1alpha1.PolicyRule", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+				"k8s.io/api/rbac/v1.PolicyRule", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
-		"k8s.io/api/rbac/v1alpha1.RoleBinding": {
+		"k8s.io/api/rbac/v1.RoleBinding": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "RoleBinding references a role, but does not contain it.  It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in.  RoleBindings in a given namespace only have effect in that namespace.",
@@ -20349,7 +20735,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1alpha1.Subject"),
+											Ref: ref("k8s.io/api/rbac/v1.Subject"),
 										},
 									},
 								},
@@ -20358,7 +20744,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						"roleRef": {
 							SchemaProps: spec.SchemaProps{
 								Description: "RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.",
-								Ref:         ref("k8s.io/api/rbac/v1alpha1.RoleRef"),
+								Ref:         ref("k8s.io/api/rbac/v1.RoleRef"),
 							},
 						},
 					},
@@ -20366,9 +20752,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1alpha1.RoleRef", "k8s.io/api/rbac/v1alpha1.Subject", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+				"k8s.io/api/rbac/v1.RoleRef", "k8s.io/api/rbac/v1.Subject", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
-		"k8s.io/api/rbac/v1alpha1.RoleBindingList": {
+		"k8s.io/api/rbac/v1.RoleBindingList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "RoleBindingList is a collection of RoleBindings",
@@ -20400,7 +20786,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1alpha1.RoleBinding"),
+											Ref: ref("k8s.io/api/rbac/v1.RoleBinding"),
 										},
 									},
 								},
@@ -20411,9 +20797,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1alpha1.RoleBinding", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+				"k8s.io/api/rbac/v1.RoleBinding", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
 		},
-		"k8s.io/api/rbac/v1alpha1.RoleList": {
+		"k8s.io/api/rbac/v1.RoleList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "RoleList is a collection of Roles",
@@ -20445,7 +20831,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1alpha1.Role"),
+											Ref: ref("k8s.io/api/rbac/v1.Role"),
 										},
 									},
 								},
@@ -20456,9 +20842,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1alpha1.Role", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+				"k8s.io/api/rbac/v1.Role", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
 		},
-		"k8s.io/api/rbac/v1alpha1.RoleRef": {
+		"k8s.io/api/rbac/v1.RoleRef": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "RoleRef contains information that points to the role being used",
@@ -20490,7 +20876,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/api/rbac/v1alpha1.Subject": {
+		"k8s.io/api/rbac/v1.Subject": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "Subject contains a reference to the object or user identities a role binding applies to.  This can either hold a direct API object reference, or a value for non-objects such as user and group names.",
@@ -20502,9 +20888,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Format:      "",
 							},
 						},
-						"apiVersion": {
+						"apiGroup": {
 							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion holds the API group and version of the referenced subject. Defaults to \"v1\" for ServiceAccount subjects. Defaults to \"rbac.authorization.k8s.io/v1alpha1\" for User and Group subjects.",
+								Description: "APIGroup holds the API group of the referenced subject. Defaults to \"\" for ServiceAccount subjects. Defaults to \"rbac.authorization.k8s.io\" for User and Group subjects.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
@@ -20529,7 +20915,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/api/rbac/v1beta1.AggregationRule": {
+		"k8s.io/api/rbac/v1alpha1.AggregationRule": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole",
@@ -20553,7 +20939,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			Dependencies: []string{
 				"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"},
 		},
-		"k8s.io/api/rbac/v1beta1.ClusterRole": {
+		"k8s.io/api/rbac/v1alpha1.ClusterRole": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.",
@@ -20585,7 +20971,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1beta1.PolicyRule"),
+											Ref: ref("k8s.io/api/rbac/v1alpha1.PolicyRule"),
 										},
 									},
 								},
@@ -20594,7 +20980,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						"aggregationRule": {
 							SchemaProps: spec.SchemaProps{
 								Description: "AggregationRule is an optional field that describes how to build the Rules for this ClusterRole. If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be stomped by the controller.",
-								Ref:         ref("k8s.io/api/rbac/v1beta1.AggregationRule"),
+								Ref:         ref("k8s.io/api/rbac/v1alpha1.AggregationRule"),
 							},
 						},
 					},
@@ -20602,9 +20988,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1beta1.AggregationRule", "k8s.io/api/rbac/v1beta1.PolicyRule", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+				"k8s.io/api/rbac/v1alpha1.AggregationRule", "k8s.io/api/rbac/v1alpha1.PolicyRule", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
-		"k8s.io/api/rbac/v1beta1.ClusterRoleBinding": {
+		"k8s.io/api/rbac/v1alpha1.ClusterRoleBinding": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "ClusterRoleBinding references a ClusterRole, but not contain it.  It can reference a ClusterRole in the global namespace, and adds who information via Subject.",
@@ -20636,7 +21022,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1beta1.Subject"),
+											Ref: ref("k8s.io/api/rbac/v1alpha1.Subject"),
 										},
 									},
 								},
@@ -20645,7 +21031,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						"roleRef": {
 							SchemaProps: spec.SchemaProps{
 								Description: "RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.",
-								Ref:         ref("k8s.io/api/rbac/v1beta1.RoleRef"),
+								Ref:         ref("k8s.io/api/rbac/v1alpha1.RoleRef"),
 							},
 						},
 					},
@@ -20653,9 +21039,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1beta1.RoleRef", "k8s.io/api/rbac/v1beta1.Subject", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+				"k8s.io/api/rbac/v1alpha1.RoleRef", "k8s.io/api/rbac/v1alpha1.Subject", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
-		"k8s.io/api/rbac/v1beta1.ClusterRoleBindingList": {
+		"k8s.io/api/rbac/v1alpha1.ClusterRoleBindingList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "ClusterRoleBindingList is a collection of ClusterRoleBindings",
@@ -20687,7 +21073,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1beta1.ClusterRoleBinding"),
+											Ref: ref("k8s.io/api/rbac/v1alpha1.ClusterRoleBinding"),
 										},
 									},
 								},
@@ -20698,9 +21084,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1beta1.ClusterRoleBinding", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+				"k8s.io/api/rbac/v1alpha1.ClusterRoleBinding", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
 		},
-		"k8s.io/api/rbac/v1beta1.ClusterRoleList": {
+		"k8s.io/api/rbac/v1alpha1.ClusterRoleList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "ClusterRoleList is a collection of ClusterRoles",
@@ -20732,7 +21118,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1beta1.ClusterRole"),
+											Ref: ref("k8s.io/api/rbac/v1alpha1.ClusterRole"),
 										},
 									},
 								},
@@ -20743,9 +21129,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1beta1.ClusterRole", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+				"k8s.io/api/rbac/v1alpha1.ClusterRole", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
 		},
-		"k8s.io/api/rbac/v1beta1.PolicyRule": {
+		"k8s.io/api/rbac/v1alpha1.PolicyRule": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to.",
@@ -20780,7 +21166,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"resources": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Resources is a list of resources this rule applies to.  '*' represents all resources in the specified apiGroups. '*/foo' represents the subresource 'foo' for all resources in the specified apiGroups.",
+								Description: "Resources is a list of resources this rule applies to.  ResourceAll represents all resources.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
@@ -20808,7 +21194,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"nonResourceURLs": {
 							SchemaProps: spec.SchemaProps{
-								Description: "NonResourceURLs is a set of partial urls that a user should have access to.  *s are allowed, but only as the full, final step in the path Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"),  but not both.",
+								Description: "NonResourceURLs is a set of partial urls that a user should have access to.  *s are allowed, but only as the full, final step in the path This name is intentionally different than the internal type so that the DefaultConvert works nicely and because the ordering may be different. Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"),  but not both.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
@@ -20826,7 +21212,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/api/rbac/v1beta1.Role": {
+		"k8s.io/api/rbac/v1alpha1.Role": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.",
@@ -20858,7 +21244,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1beta1.PolicyRule"),
+											Ref: ref("k8s.io/api/rbac/v1alpha1.PolicyRule"),
 										},
 									},
 								},
@@ -20869,9 +21255,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1beta1.PolicyRule", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+				"k8s.io/api/rbac/v1alpha1.PolicyRule", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
-		"k8s.io/api/rbac/v1beta1.RoleBinding": {
+		"k8s.io/api/rbac/v1alpha1.RoleBinding": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "RoleBinding references a role, but does not contain it.  It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in.  RoleBindings in a given namespace only have effect in that namespace.",
@@ -20903,7 +21289,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1beta1.Subject"),
+											Ref: ref("k8s.io/api/rbac/v1alpha1.Subject"),
 										},
 									},
 								},
@@ -20912,7 +21298,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						"roleRef": {
 							SchemaProps: spec.SchemaProps{
 								Description: "RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.",
-								Ref:         ref("k8s.io/api/rbac/v1beta1.RoleRef"),
+								Ref:         ref("k8s.io/api/rbac/v1alpha1.RoleRef"),
 							},
 						},
 					},
@@ -20920,9 +21306,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1beta1.RoleRef", "k8s.io/api/rbac/v1beta1.Subject", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+				"k8s.io/api/rbac/v1alpha1.RoleRef", "k8s.io/api/rbac/v1alpha1.Subject", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
-		"k8s.io/api/rbac/v1beta1.RoleBindingList": {
+		"k8s.io/api/rbac/v1alpha1.RoleBindingList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "RoleBindingList is a collection of RoleBindings",
@@ -20954,7 +21340,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1beta1.RoleBinding"),
+											Ref: ref("k8s.io/api/rbac/v1alpha1.RoleBinding"),
 										},
 									},
 								},
@@ -20965,9 +21351,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1beta1.RoleBinding", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+				"k8s.io/api/rbac/v1alpha1.RoleBinding", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
 		},
-		"k8s.io/api/rbac/v1beta1.RoleList": {
+		"k8s.io/api/rbac/v1alpha1.RoleList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "RoleList is a collection of Roles",
@@ -20999,7 +21385,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/rbac/v1beta1.Role"),
+											Ref: ref("k8s.io/api/rbac/v1alpha1.Role"),
 										},
 									},
 								},
@@ -21010,9 +21396,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/rbac/v1beta1.Role", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+				"k8s.io/api/rbac/v1alpha1.Role", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
 		},
-		"k8s.io/api/rbac/v1beta1.RoleRef": {
+		"k8s.io/api/rbac/v1alpha1.RoleRef": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "RoleRef contains information that points to the role being used",
@@ -21044,7 +21430,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/api/rbac/v1beta1.Subject": {
+		"k8s.io/api/rbac/v1alpha1.Subject": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "Subject contains a reference to the object or user identities a role binding applies to.  This can either hold a direct API object reference, or a value for non-objects such as user and group names.",
@@ -21056,9 +21442,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Format:      "",
 							},
 						},
-						"apiGroup": {
+						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "APIGroup holds the API group of the referenced subject. Defaults to \"\" for ServiceAccount subjects. Defaults to \"rbac.authorization.k8s.io\" for User and Group subjects.",
+								Description: "APIVersion holds the API group and version of the referenced subject. Defaults to \"v1\" for ServiceAccount subjects. Defaults to \"rbac.authorization.k8s.io/v1alpha1\" for User and Group subjects.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
@@ -21083,10 +21469,34 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/api/scheduling/v1alpha1.PriorityClass": {
+		"k8s.io/api/rbac/v1beta1.AggregationRule": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "PriorityClass defines mapping from a priority class name to the priority integer value. The value can be any valid integer.",
+					Description: "AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole",
+					Properties: map[string]spec.Schema{
+						"clusterRoleSelectors": {
+							SchemaProps: spec.SchemaProps{
+								Description: "ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules. If any of the selectors match, then the ClusterRole's permissions will be added",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"),
+										},
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"},
+		},
+		"k8s.io/api/rbac/v1beta1.ClusterRole": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -21104,42 +21514,40 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Standard object's metadata. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata",
+								Description: "Standard object's metadata.",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
 							},
 						},
-						"value": {
-							SchemaProps: spec.SchemaProps{
-								Description: "The value of this priority class. This is the actual priority that pods receive when they have the name of this class in their pod spec.",
-								Type:        []string{"integer"},
-								Format:      "int32",
-							},
-						},
-						"globalDefault": {
+						"rules": {
 							SchemaProps: spec.SchemaProps{
-								Description: "globalDefault specifies whether this PriorityClass should be considered as the default priority for pods that do not have any priority class.",
-								Type:        []string{"boolean"},
-								Format:      "",
+								Description: "Rules holds all the PolicyRules for this ClusterRole",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/api/rbac/v1beta1.PolicyRule"),
+										},
+									},
+								},
 							},
 						},
-						"description": {
+						"aggregationRule": {
 							SchemaProps: spec.SchemaProps{
-								Description: "description is an arbitrary string that usually provides guidelines on when this priority class should be used.",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "AggregationRule is an optional field that describes how to build the Rules for this ClusterRole. If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be stomped by the controller.",
+								Ref:         ref("k8s.io/api/rbac/v1beta1.AggregationRule"),
 							},
 						},
 					},
-					Required: []string{"value"},
+					Required: []string{"rules"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+				"k8s.io/api/rbac/v1beta1.AggregationRule", "k8s.io/api/rbac/v1beta1.PolicyRule", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
-		"k8s.io/api/scheduling/v1alpha1.PriorityClassList": {
+		"k8s.io/api/rbac/v1beta1.ClusterRoleBinding": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "PriorityClassList is a collection of priority classes.",
+					Description: "ClusterRoleBinding references a ClusterRole, but not contain it.  It can reference a ClusterRole in the global namespace, and adds who information via Subject.",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -21157,34 +21565,40 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Standard list metadata More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
+								Description: "Standard object's metadata.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
 							},
 						},
-						"items": {
+						"subjects": {
 							SchemaProps: spec.SchemaProps{
-								Description: "items is the list of PriorityClasses",
+								Description: "Subjects holds references to the objects the role applies to.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/scheduling/v1alpha1.PriorityClass"),
+											Ref: ref("k8s.io/api/rbac/v1beta1.Subject"),
 										},
 									},
 								},
 							},
 						},
+						"roleRef": {
+							SchemaProps: spec.SchemaProps{
+								Description: "RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.",
+								Ref:         ref("k8s.io/api/rbac/v1beta1.RoleRef"),
+							},
+						},
 					},
-					Required: []string{"items"},
+					Required: []string{"subjects", "roleRef"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/scheduling/v1alpha1.PriorityClass", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+				"k8s.io/api/rbac/v1beta1.RoleRef", "k8s.io/api/rbac/v1beta1.Subject", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
-		"k8s.io/api/settings/v1alpha1.PodPreset": {
+		"k8s.io/api/rbac/v1beta1.ClusterRoleBindingList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "PodPreset is a policy resource that defines additional runtime requirements for a Pod.",
+					Description: "ClusterRoleBindingList is a collection of ClusterRoleBindings",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -21202,24 +21616,34 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
+								Description: "Standard object's metadata.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
 							},
 						},
-						"spec": {
+						"items": {
 							SchemaProps: spec.SchemaProps{
-								Ref: ref("k8s.io/api/settings/v1alpha1.PodPresetSpec"),
+								Description: "Items is a list of ClusterRoleBindings",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/api/rbac/v1beta1.ClusterRoleBinding"),
+										},
+									},
+								},
 							},
 						},
 					},
+					Required: []string{"items"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/settings/v1alpha1.PodPresetSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+				"k8s.io/api/rbac/v1beta1.ClusterRoleBinding", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
 		},
-		"k8s.io/api/settings/v1alpha1.PodPresetList": {
+		"k8s.io/api/rbac/v1beta1.ClusterRoleList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "PodPresetList is a list of PodPreset objects.",
+					Description: "ClusterRoleList is a collection of ClusterRoles",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -21237,18 +21661,18 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+								Description: "Standard object's metadata.",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
 							},
 						},
 						"items": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Items is a list of schema objects.",
+								Description: "Items is a list of ClusterRoles",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/settings/v1alpha1.PodPreset"),
+											Ref: ref("k8s.io/api/rbac/v1beta1.ClusterRole"),
 										},
 									},
 								},
@@ -21259,81 +21683,93 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/settings/v1alpha1.PodPreset", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+				"k8s.io/api/rbac/v1beta1.ClusterRole", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
 		},
-		"k8s.io/api/settings/v1alpha1.PodPresetSpec": {
+		"k8s.io/api/rbac/v1beta1.PolicyRule": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "PodPresetSpec is a description of a pod preset.",
+					Description: "PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to.",
 					Properties: map[string]spec.Schema{
-						"selector": {
+						"verbs": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Selector is a label query over a set of resources, in this case pods. Required.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"),
+								Description: "Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions contained in this rule.  VerbAll represents all kinds.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
 							},
 						},
-						"env": {
+						"apiGroups": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Env defines the collection of EnvVar to inject into containers.",
+								Description: "APIGroups is the name of the APIGroup that contains the resources.  If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/core/v1.EnvVar"),
+											Type:   []string{"string"},
+											Format: "",
 										},
 									},
 								},
 							},
 						},
-						"envFrom": {
+						"resources": {
 							SchemaProps: spec.SchemaProps{
-								Description: "EnvFrom defines the collection of EnvFromSource to inject into containers.",
+								Description: "Resources is a list of resources this rule applies to.  '*' represents all resources in the specified apiGroups. '*/foo' represents the subresource 'foo' for all resources in the specified apiGroups.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/core/v1.EnvFromSource"),
+											Type:   []string{"string"},
+											Format: "",
 										},
 									},
 								},
 							},
 						},
-						"volumes": {
+						"resourceNames": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Volumes defines the collection of Volume to inject into the pod.",
+								Description: "ResourceNames is an optional white list of names that the rule applies to.  An empty set means that everything is allowed.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/core/v1.Volume"),
+											Type:   []string{"string"},
+											Format: "",
 										},
 									},
 								},
 							},
 						},
-						"volumeMounts": {
+						"nonResourceURLs": {
 							SchemaProps: spec.SchemaProps{
-								Description: "VolumeMounts defines the collection of VolumeMount to inject into containers.",
+								Description: "NonResourceURLs is a set of partial urls that a user should have access to.  *s are allowed, but only as the full, final step in the path Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"),  but not both.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/core/v1.VolumeMount"),
+											Type:   []string{"string"},
+											Format: "",
 										},
 									},
 								},
 							},
 						},
 					},
+					Required: []string{"verbs"},
 				},
 			},
-			Dependencies: []string{
-				"k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Volume", "k8s.io/api/core/v1.VolumeMount", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"},
+			Dependencies: []string{},
 		},
-		"k8s.io/api/storage/v1.StorageClass": {
+		"k8s.io/api/rbac/v1beta1.Role": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "StorageClass describes the parameters for a class of storage for which PersistentVolumes can be dynamically provisioned.\n\nStorageClasses are non-namespaced; the name of the storage class according to etcd is in ObjectMeta.Name.",
+					Description: "Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -21351,77 +21787,34 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+								Description: "Standard object's metadata.",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
 							},
 						},
-						"provisioner": {
+						"rules": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Provisioner indicates the type of the provisioner.",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"parameters": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Parameters holds the parameters for the provisioner that should create volumes of this storage class.",
-								Type:        []string{"object"},
-								AdditionalProperties: &spec.SchemaOrBool{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
-							},
-						},
-						"reclaimPolicy": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Dynamically provisioned PersistentVolumes of this storage class are created with this reclaimPolicy. Defaults to Delete.",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"mountOptions": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Dynamically provisioned PersistentVolumes of this storage class are created with these mountOptions, e.g. [\"ro\", \"soft\"]. Not validated - mount of the PVs will simply fail if one is invalid.",
+								Description: "Rules holds all the PolicyRules for this Role",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
+											Ref: ref("k8s.io/api/rbac/v1beta1.PolicyRule"),
 										},
 									},
 								},
 							},
 						},
-						"allowVolumeExpansion": {
-							SchemaProps: spec.SchemaProps{
-								Description: "AllowVolumeExpansion shows whether the storage class allow volume expand",
-								Type:        []string{"boolean"},
-								Format:      "",
-							},
-						},
-						"volumeBindingMode": {
-							SchemaProps: spec.SchemaProps{
-								Description: "VolumeBindingMode indicates how PersistentVolumeClaims should be provisioned and bound.  When unset, VolumeBindingImmediate is used. This field is alpha-level and is only honored by servers that enable the VolumeScheduling feature.",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
 					},
-					Required: []string{"provisioner"},
+					Required: []string{"rules"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+				"k8s.io/api/rbac/v1beta1.PolicyRule", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
-		"k8s.io/api/storage/v1.StorageClassList": {
+		"k8s.io/api/rbac/v1beta1.RoleBinding": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "StorageClassList is a collection of storage classes.",
+					Description: "RoleBinding references a role, but does not contain it.  It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in.  RoleBindings in a given namespace only have effect in that namespace.",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -21439,34 +21832,40 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
+								Description: "Standard object's metadata.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
 							},
 						},
-						"items": {
+						"subjects": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Items is the list of StorageClasses",
+								Description: "Subjects holds references to the objects the role applies to.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/storage/v1.StorageClass"),
+											Ref: ref("k8s.io/api/rbac/v1beta1.Subject"),
 										},
 									},
 								},
 							},
 						},
+						"roleRef": {
+							SchemaProps: spec.SchemaProps{
+								Description: "RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.",
+								Ref:         ref("k8s.io/api/rbac/v1beta1.RoleRef"),
+							},
+						},
 					},
-					Required: []string{"items"},
+					Required: []string{"subjects", "roleRef"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/storage/v1.StorageClass", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+				"k8s.io/api/rbac/v1beta1.RoleRef", "k8s.io/api/rbac/v1beta1.Subject", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
-		"k8s.io/api/storage/v1alpha1.VolumeAttachment": {
+		"k8s.io/api/rbac/v1beta1.RoleBindingList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "VolumeAttachment captures the intent to attach or detach the specified volume to/from the specified node.\n\nVolumeAttachment objects are non-namespaced.",
+					Description: "RoleBindingList is a collection of RoleBindings",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -21484,33 +21883,34 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
-							},
-						},
-						"spec": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Specification of the desired attach/detach volume behavior. Populated by the Kubernetes system.",
-								Ref:         ref("k8s.io/api/storage/v1alpha1.VolumeAttachmentSpec"),
+								Description: "Standard object's metadata.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
 							},
 						},
-						"status": {
+						"items": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Status of the VolumeAttachment request. Populated by the entity completing the attach or detach operation, i.e. the external-attacher.",
-								Ref:         ref("k8s.io/api/storage/v1alpha1.VolumeAttachmentStatus"),
+								Description: "Items is a list of RoleBindings",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/api/rbac/v1beta1.RoleBinding"),
+										},
+									},
+								},
 							},
 						},
 					},
-					Required: []string{"spec"},
+					Required: []string{"items"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/storage/v1alpha1.VolumeAttachmentSpec", "k8s.io/api/storage/v1alpha1.VolumeAttachmentStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+				"k8s.io/api/rbac/v1beta1.RoleBinding", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
 		},
-		"k8s.io/api/storage/v1alpha1.VolumeAttachmentList": {
+		"k8s.io/api/rbac/v1beta1.RoleList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "VolumeAttachmentList is a collection of VolumeAttachment objects.",
+					Description: "RoleList is a collection of Roles",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -21528,18 +21928,18 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+								Description: "Standard object's metadata.",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
 							},
 						},
 						"items": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Items is the list of VolumeAttachments",
+								Description: "Items is a list of Roles",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/storage/v1alpha1.VolumeAttachment"),
+											Ref: ref("k8s.io/api/rbac/v1beta1.Role"),
 										},
 									},
 								},
@@ -21550,130 +21950,136 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/storage/v1alpha1.VolumeAttachment", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+				"k8s.io/api/rbac/v1beta1.Role", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
 		},
-		"k8s.io/api/storage/v1alpha1.VolumeAttachmentSource": {
+		"k8s.io/api/rbac/v1beta1.RoleRef": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "VolumeAttachmentSource represents a volume that should be attached. Right now only PersistenVolumes can be attached via external attacher, in future we may allow also inline volumes in pods. Exactly one member can be set.",
+					Description: "RoleRef contains information that points to the role being used",
 					Properties: map[string]spec.Schema{
-						"persistentVolumeName": {
+						"apiGroup": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Name of the persistent volume to attach.",
+								Description: "APIGroup is the group for the resource being referenced",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Kind is the type of resource being referenced",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"name": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Name is the name of resource being referenced",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 					},
+					Required: []string{"apiGroup", "kind", "name"},
 				},
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/api/storage/v1alpha1.VolumeAttachmentSpec": {
+		"k8s.io/api/rbac/v1beta1.Subject": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "VolumeAttachmentSpec is the specification of a VolumeAttachment request.",
+					Description: "Subject contains a reference to the object or user identities a role binding applies to.  This can either hold a direct API object reference, or a value for non-objects such as user and group names.",
 					Properties: map[string]spec.Schema{
-						"attacher": {
+						"kind": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Attacher indicates the name of the volume driver that MUST handle this request. This is the name returned by GetPluginName().",
+								Description: "Kind of object being referenced. Values defined by this API group are \"User\", \"Group\", and \"ServiceAccount\". If the Authorizer does not recognized the kind value, the Authorizer should report an error.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"source": {
+						"apiGroup": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Source represents the volume that should be attached.",
-								Ref:         ref("k8s.io/api/storage/v1alpha1.VolumeAttachmentSource"),
+								Description: "APIGroup holds the API group of the referenced subject. Defaults to \"\" for ServiceAccount subjects. Defaults to \"rbac.authorization.k8s.io\" for User and Group subjects.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"nodeName": {
+						"name": {
 							SchemaProps: spec.SchemaProps{
-								Description: "The node that the volume should be attached to.",
+								Description: "Name of the object being referenced.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"namespace": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Namespace of the referenced object.  If the object kind is non-namespace, such as \"User\" or \"Group\", and this value is not empty the Authorizer should report an error.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 					},
-					Required: []string{"attacher", "source", "nodeName"},
+					Required: []string{"kind", "name"},
 				},
 			},
-			Dependencies: []string{
-				"k8s.io/api/storage/v1alpha1.VolumeAttachmentSource"},
+			Dependencies: []string{},
 		},
-		"k8s.io/api/storage/v1alpha1.VolumeAttachmentStatus": {
+		"k8s.io/api/scheduling/v1alpha1.PriorityClass": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "VolumeAttachmentStatus is the status of a VolumeAttachment request.",
+					Description: "PriorityClass defines mapping from a priority class name to the priority integer value. The value can be any valid integer.",
 					Properties: map[string]spec.Schema{
-						"attached": {
+						"kind": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Indicates the volume is successfully attached. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.",
-								Type:        []string{"boolean"},
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"attachmentMetadata": {
+						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Upon successful attach, this field is populated with any information returned by the attach operation that must be passed into subsequent WaitForAttach or Mount calls. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.",
-								Type:        []string{"object"},
-								AdditionalProperties: &spec.SchemaOrBool{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"attachError": {
+						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "The last error encountered during attach operation, if any. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.",
-								Ref:         ref("k8s.io/api/storage/v1alpha1.VolumeError"),
+								Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
 							},
 						},
-						"detachError": {
+						"value": {
 							SchemaProps: spec.SchemaProps{
-								Description: "The last error encountered during detach operation, if any. This field must only be set by the entity completing the detach operation, i.e. the external-attacher.",
-								Ref:         ref("k8s.io/api/storage/v1alpha1.VolumeError"),
+								Description: "The value of this priority class. This is the actual priority that pods receive when they have the name of this class in their pod spec.",
+								Type:        []string{"integer"},
+								Format:      "int32",
 							},
 						},
-					},
-					Required: []string{"attached"},
-				},
-			},
-			Dependencies: []string{
-				"k8s.io/api/storage/v1alpha1.VolumeError"},
-		},
-		"k8s.io/api/storage/v1alpha1.VolumeError": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "VolumeError captures an error encountered during a volume operation.",
-					Properties: map[string]spec.Schema{
-						"time": {
+						"globalDefault": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Time the error was encountered.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"),
+								Description: "globalDefault specifies whether this PriorityClass should be considered as the default priority for pods that do not have any priority class. Only one PriorityClass can be marked as `globalDefault`. However, if more than one PriorityClasses exists with their `globalDefault` field set to true, the smallest value of such global default PriorityClasses will be used as the default priority.",
+								Type:        []string{"boolean"},
+								Format:      "",
 							},
 						},
-						"message": {
+						"description": {
 							SchemaProps: spec.SchemaProps{
-								Description: "String detailing the error encountered during Attach or Detach operation. This string maybe logged, so it should not contain sensitive information.",
+								Description: "description is an arbitrary string that usually provides guidelines on when this priority class should be used.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 					},
+					Required: []string{"value"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.Time"},
+				"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
-		"k8s.io/api/storage/v1beta1.StorageClass": {
+		"k8s.io/api/scheduling/v1alpha1.PriorityClassList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "StorageClass describes the parameters for a class of storage for which PersistentVolumes can be dynamically provisioned.\n\nStorageClasses are non-namespaced; the name of the storage class according to etcd is in ObjectMeta.Name.",
+					Description: "PriorityClassList is a collection of priority classes.",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -21691,77 +22097,69 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
+								Description: "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
 							},
 						},
-						"provisioner": {
+						"items": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Provisioner indicates the type of the provisioner.",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "items is the list of PriorityClasses",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/api/scheduling/v1alpha1.PriorityClass"),
+										},
+									},
+								},
 							},
 						},
-						"parameters": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Parameters holds the parameters for the provisioner that should create volumes of this storage class.",
-								Type:        []string{"object"},
-								AdditionalProperties: &spec.SchemaOrBool{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
-							},
-						},
-						"reclaimPolicy": {
+					},
+					Required: []string{"items"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/api/scheduling/v1alpha1.PriorityClass", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+		},
+		"k8s.io/api/settings/v1alpha1.PodPreset": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "PodPreset is a policy resource that defines additional runtime requirements for a Pod.",
+					Properties: map[string]spec.Schema{
+						"kind": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Dynamically provisioned PersistentVolumes of this storage class are created with this reclaimPolicy. Defaults to Delete.",
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"mountOptions": {
+						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Dynamically provisioned PersistentVolumes of this storage class are created with these mountOptions, e.g. [\"ro\", \"soft\"]. Not validated - mount of the PVs will simply fail if one is invalid.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"allowVolumeExpansion": {
+						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "AllowVolumeExpansion shows whether the storage class allow volume expand",
-								Type:        []string{"boolean"},
-								Format:      "",
+								Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
 							},
 						},
-						"volumeBindingMode": {
+						"spec": {
 							SchemaProps: spec.SchemaProps{
-								Description: "VolumeBindingMode indicates how PersistentVolumeClaims should be provisioned and bound.  When unset, VolumeBindingImmediate is used. This field is alpha-level and is only honored by servers that enable the VolumeScheduling feature.",
-								Type:        []string{"string"},
-								Format:      "",
+								Ref: ref("k8s.io/api/settings/v1alpha1.PodPresetSpec"),
 							},
 						},
 					},
-					Required: []string{"provisioner"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+				"k8s.io/api/settings/v1alpha1.PodPresetSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
-		"k8s.io/api/storage/v1beta1.StorageClassList": {
+		"k8s.io/api/settings/v1alpha1.PodPresetList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "StorageClassList is a collection of storage classes.",
+					Description: "PodPresetList is a list of PodPreset objects.",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -21779,18 +22177,18 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+								Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
 							},
 						},
 						"items": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Items is the list of StorageClasses",
+								Description: "Items is a list of schema objects.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/api/storage/v1beta1.StorageClass"),
+											Ref: ref("k8s.io/api/settings/v1alpha1.PodPreset"),
 										},
 									},
 								},
@@ -21801,100 +22199,169 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/storage/v1beta1.StorageClass", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+				"k8s.io/api/settings/v1alpha1.PodPreset", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
 		},
-		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinition": {
+		"k8s.io/api/settings/v1alpha1.PodPresetSpec": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "CustomResourceDefinition represents a resource that should be exposed on the API server.  Its name MUST be in the format <.spec.name>.<.spec.group>.",
+					Description: "PodPresetSpec is a description of a pod preset.",
 					Properties: map[string]spec.Schema{
-						"kind": {
+						"selector": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "Selector is a label query over a set of resources, in this case pods. Required.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"),
 							},
 						},
-						"apiVersion": {
+						"env": {
 							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "Env defines the collection of EnvVar to inject into containers.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/api/core/v1.EnvVar"),
+										},
+									},
+								},
 							},
 						},
-						"metadata": {
+						"envFrom": {
 							SchemaProps: spec.SchemaProps{
-								Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
+								Description: "EnvFrom defines the collection of EnvFromSource to inject into containers.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/api/core/v1.EnvFromSource"),
+										},
+									},
+								},
 							},
 						},
-						"spec": {
+						"volumes": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Spec describes how the user wants the resources to appear",
-								Ref:         ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionSpec"),
+								Description: "Volumes defines the collection of Volume to inject into the pod.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/api/core/v1.Volume"),
+										},
+									},
+								},
 							},
 						},
-						"status": {
+						"volumeMounts": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Status indicates the actual state of the CustomResourceDefinition",
-								Ref:         ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionStatus"),
+								Description: "VolumeMounts defines the collection of VolumeMount to inject into containers.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/api/core/v1.VolumeMount"),
+										},
+									},
+								},
 							},
 						},
 					},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionSpec", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+				"k8s.io/api/core/v1.EnvFromSource", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Volume", "k8s.io/api/core/v1.VolumeMount", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"},
 		},
-		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionCondition": {
+		"k8s.io/api/storage/v1.StorageClass": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "CustomResourceDefinitionCondition contains details for the current condition of this pod.",
+					Description: "StorageClass describes the parameters for a class of storage for which PersistentVolumes can be dynamically provisioned.\n\nStorageClasses are non-namespaced; the name of the storage class according to etcd is in ObjectMeta.Name.",
 					Properties: map[string]spec.Schema{
-						"type": {
+						"kind": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Type is the type of the condition.",
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"status": {
+						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Status is the status of the condition. Can be True, False, Unknown.",
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"lastTransitionTime": {
+						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Last time the condition transitioned from one status to another.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"),
+								Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
 							},
 						},
-						"reason": {
+						"provisioner": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Unique, one-word, CamelCase reason for the condition's last transition.",
+								Description: "Provisioner indicates the type of the provisioner.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"message": {
+						"parameters": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Human-readable message indicating details about last transition.",
+								Description: "Parameters holds the parameters for the provisioner that should create volumes of this storage class.",
+								Type:        []string{"object"},
+								AdditionalProperties: &spec.SchemaOrBool{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
+							},
+						},
+						"reclaimPolicy": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Dynamically provisioned PersistentVolumes of this storage class are created with this reclaimPolicy. Defaults to Delete.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"mountOptions": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Dynamically provisioned PersistentVolumes of this storage class are created with these mountOptions, e.g. [\"ro\", \"soft\"]. Not validated - mount of the PVs will simply fail if one is invalid.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
+							},
+						},
+						"allowVolumeExpansion": {
+							SchemaProps: spec.SchemaProps{
+								Description: "AllowVolumeExpansion shows whether the storage class allow volume expand",
+								Type:        []string{"boolean"},
+								Format:      "",
+							},
+						},
+						"volumeBindingMode": {
+							SchemaProps: spec.SchemaProps{
+								Description: "VolumeBindingMode indicates how PersistentVolumeClaims should be provisioned and bound.  When unset, VolumeBindingImmediate is used. This field is alpha-level and is only honored by servers that enable the VolumeScheduling feature.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 					},
-					Required: []string{"type", "status"},
+					Required: []string{"provisioner"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.Time"},
+				"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
-		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionList": {
+		"k8s.io/api/storage/v1.StorageClassList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "CustomResourceDefinitionList is a list of CustomResourceDefinition objects.",
+					Description: "StorageClassList is a collection of storage classes.",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -21912,17 +22379,18 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
+								Description: "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
 							},
 						},
 						"items": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Items individual CustomResourceDefinitions",
+								Description: "Items is the list of StorageClasses",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinition"),
+											Ref: ref("k8s.io/api/storage/v1.StorageClass"),
 										},
 									},
 								},
@@ -21933,578 +22401,2106 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinition", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+				"k8s.io/api/storage/v1.StorageClass", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
 		},
-		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionNames": {
+		"k8s.io/api/storage/v1alpha1.VolumeAttachment": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "CustomResourceDefinitionNames indicates the names to serve this CustomResourceDefinition",
+					Description: "VolumeAttachment captures the intent to attach or detach the specified volume to/from the specified node.\n\nVolumeAttachment objects are non-namespaced.",
 					Properties: map[string]spec.Schema{
-						"plural": {
+						"kind": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Plural is the plural name of the resource to serve.  It must match the name of the CustomResourceDefinition-registration too: plural.group and it must be all lowercase.",
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"singular": {
+						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Singular is the singular name of the resource.  It must be all lowercase  Defaults to lowercased <kind>",
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"shortNames": {
+						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "ShortNames are short names for the resource.  It must be all lowercase.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Description: "Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
 							},
 						},
-						"kind": {
+						"spec": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Kind is the serialized kind of the resource.  It is normally CamelCase and singular.",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "Specification of the desired attach/detach volume behavior. Populated by the Kubernetes system.",
+								Ref:         ref("k8s.io/api/storage/v1alpha1.VolumeAttachmentSpec"),
 							},
 						},
-						"listKind": {
+						"status": {
 							SchemaProps: spec.SchemaProps{
-								Description: "ListKind is the serialized kind of the list for this resource.  Defaults to <kind>List.",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "Status of the VolumeAttachment request. Populated by the entity completing the attach or detach operation, i.e. the external-attacher.",
+								Ref:         ref("k8s.io/api/storage/v1alpha1.VolumeAttachmentStatus"),
 							},
 						},
 					},
-					Required: []string{"plural", "kind"},
+					Required: []string{"spec"},
 				},
 			},
-			Dependencies: []string{},
+			Dependencies: []string{
+				"k8s.io/api/storage/v1alpha1.VolumeAttachmentSpec", "k8s.io/api/storage/v1alpha1.VolumeAttachmentStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
-		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionSpec": {
+		"k8s.io/api/storage/v1alpha1.VolumeAttachmentList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "CustomResourceDefinitionSpec describes how a user wants their resource to appear",
+					Description: "VolumeAttachmentList is a collection of VolumeAttachment objects.",
 					Properties: map[string]spec.Schema{
-						"group": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Group is the group this resource belongs in",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"version": {
+						"kind": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Version is the version this resource belongs in",
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"names": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Names are the names used to describe this custom resource",
-								Ref:         ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionNames"),
-							},
-						},
-						"scope": {
+						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Scope indicates whether this resource is cluster or namespace scoped.  Default is namespaced",
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"validation": {
+						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Validation describes the validation methods for CustomResources",
-								Ref:         ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceValidation"),
+								Description: "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
 							},
 						},
-					},
-					Required: []string{"group", "version", "names", "scope"},
-				},
-			},
-			Dependencies: []string{
-				"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionNames", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceValidation"},
-		},
-		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionStatus": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "CustomResourceDefinitionStatus indicates the state of the CustomResourceDefinition",
-					Properties: map[string]spec.Schema{
-						"conditions": {
+						"items": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Conditions indicate state for particular aspects of a CustomResourceDefinition",
+								Description: "Items is the list of VolumeAttachments",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionCondition"),
+											Ref: ref("k8s.io/api/storage/v1alpha1.VolumeAttachment"),
 										},
 									},
 								},
 							},
 						},
-						"acceptedNames": {
-							SchemaProps: spec.SchemaProps{
-								Description: "AcceptedNames are the names that are actually being used to serve discovery They may be different than the names in spec.",
-								Ref:         ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionNames"),
-							},
-						},
 					},
-					Required: []string{"conditions", "acceptedNames"},
+					Required: []string{"items"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionCondition", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionNames"},
+				"k8s.io/api/storage/v1alpha1.VolumeAttachment", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
 		},
-		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceValidation": {
+		"k8s.io/api/storage/v1alpha1.VolumeAttachmentSource": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "CustomResourceValidation is a list of validation methods for CustomResources.",
+					Description: "VolumeAttachmentSource represents a volume that should be attached. Right now only PersistenVolumes can be attached via external attacher, in future we may allow also inline volumes in pods. Exactly one member can be set.",
 					Properties: map[string]spec.Schema{
-						"openAPIV3Schema": {
+						"persistentVolumeName": {
 							SchemaProps: spec.SchemaProps{
-								Description: "OpenAPIV3Schema is the OpenAPI v3 schema to be validated against.",
-								Ref:         ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+								Description: "Name of the persistent volume to attach.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
 					},
 				},
 			},
-			Dependencies: []string{
-				"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"},
+			Dependencies: []string{},
 		},
-		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.ExternalDocumentation": {
+		"k8s.io/api/storage/v1alpha1.VolumeAttachmentSpec": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "ExternalDocumentation allows referencing an external resource for extended documentation.",
+					Description: "VolumeAttachmentSpec is the specification of a VolumeAttachment request.",
 					Properties: map[string]spec.Schema{
-						"description": {
+						"attacher": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "Attacher indicates the name of the volume driver that MUST handle this request. This is the name returned by GetPluginName().",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"url": {
+						"source": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "Source represents the volume that should be attached.",
+								Ref:         ref("k8s.io/api/storage/v1alpha1.VolumeAttachmentSource"),
+							},
+						},
+						"nodeName": {
+							SchemaProps: spec.SchemaProps{
+								Description: "The node that the volume should be attached to.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
 					},
+					Required: []string{"attacher", "source", "nodeName"},
 				},
 			},
-			Dependencies: []string{},
+			Dependencies: []string{
+				"k8s.io/api/storage/v1alpha1.VolumeAttachmentSource"},
 		},
-		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSON": {
+		"k8s.io/api/storage/v1alpha1.VolumeAttachmentStatus": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.",
+					Description: "VolumeAttachmentStatus is the status of a VolumeAttachment request.",
 					Properties: map[string]spec.Schema{
-						"Raw": {
+						"attached": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "byte",
+								Description: "Indicates the volume is successfully attached. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.",
+								Type:        []string{"boolean"},
+								Format:      "",
+							},
+						},
+						"attachmentMetadata": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Upon successful attach, this field is populated with any information returned by the attach operation that must be passed into subsequent WaitForAttach or Mount calls. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.",
+								Type:        []string{"object"},
+								AdditionalProperties: &spec.SchemaOrBool{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
+							},
+						},
+						"attachError": {
+							SchemaProps: spec.SchemaProps{
+								Description: "The last error encountered during attach operation, if any. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.",
+								Ref:         ref("k8s.io/api/storage/v1alpha1.VolumeError"),
+							},
+						},
+						"detachError": {
+							SchemaProps: spec.SchemaProps{
+								Description: "The last error encountered during detach operation, if any. This field must only be set by the entity completing the detach operation, i.e. the external-attacher.",
+								Ref:         ref("k8s.io/api/storage/v1alpha1.VolumeError"),
 							},
 						},
 					},
-					Required: []string{"Raw"},
+					Required: []string{"attached"},
 				},
 			},
-			Dependencies: []string{},
+			Dependencies: []string{
+				"k8s.io/api/storage/v1alpha1.VolumeError"},
 		},
-		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps": {
+		"k8s.io/api/storage/v1alpha1.VolumeError": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "JSONSchemaProps is a JSON-Schema following Specification Draft 4 (http://json-schema.org/).",
+					Description: "VolumeError captures an error encountered during a volume operation.",
 					Properties: map[string]spec.Schema{
-						"id": {
+						"time": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "Time the error was encountered.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"),
 							},
 						},
-						"$schema": {
+						"message": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "String detailing the error encountered during Attach or Detach operation. This string maybe logged, so it should not contain sensitive information.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"$ref": {
+					},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/apis/meta/v1.Time"},
+		},
+		"k8s.io/api/storage/v1beta1.StorageClass": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "StorageClass describes the parameters for a class of storage for which PersistentVolumes can be dynamically provisioned.\n\nStorageClasses are non-namespaced; the name of the storage class according to etcd is in ObjectMeta.Name.",
+					Properties: map[string]spec.Schema{
+						"kind": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"description": {
+						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"type": {
+						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
 							},
 						},
-						"format": {
+						"provisioner": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "Provisioner indicates the type of the provisioner.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"title": {
+						"parameters": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "Parameters holds the parameters for the provisioner that should create volumes of this storage class.",
+								Type:        []string{"object"},
+								AdditionalProperties: &spec.SchemaOrBool{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
 							},
 						},
-						"default": {
+						"reclaimPolicy": {
 							SchemaProps: spec.SchemaProps{
-								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSON"),
+								Description: "Dynamically provisioned PersistentVolumes of this storage class are created with this reclaimPolicy. Defaults to Delete.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"maximum": {
+						"mountOptions": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"number"},
-								Format: "double",
+								Description: "Dynamically provisioned PersistentVolumes of this storage class are created with these mountOptions, e.g. [\"ro\", \"soft\"]. Not validated - mount of the PVs will simply fail if one is invalid.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
 							},
 						},
-						"exclusiveMaximum": {
+						"allowVolumeExpansion": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"boolean"},
-								Format: "",
+								Description: "AllowVolumeExpansion shows whether the storage class allow volume expand",
+								Type:        []string{"boolean"},
+								Format:      "",
 							},
 						},
-						"minimum": {
+						"volumeBindingMode": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"number"},
-								Format: "double",
+								Description: "VolumeBindingMode indicates how PersistentVolumeClaims should be provisioned and bound.  When unset, VolumeBindingImmediate is used. This field is alpha-level and is only honored by servers that enable the VolumeScheduling feature.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"exclusiveMinimum": {
+					},
+					Required: []string{"provisioner"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+		},
+		"k8s.io/api/storage/v1beta1.StorageClassList": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "StorageClassList is a collection of storage classes.",
+					Properties: map[string]spec.Schema{
+						"kind": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"boolean"},
-								Format: "",
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"maxLength": {
+						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"integer"},
-								Format: "int64",
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"minLength": {
+						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"integer"},
-								Format: "int64",
+								Description: "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
 							},
 						},
-						"pattern": {
+						"items": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "Items is the list of StorageClasses",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/api/storage/v1beta1.StorageClass"),
+										},
+									},
+								},
 							},
 						},
-						"maxItems": {
+					},
+					Required: []string{"items"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/api/storage/v1beta1.StorageClass", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+		},
+		"k8s.io/api/storage/v1beta1.VolumeAttachment": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "VolumeAttachment captures the intent to attach or detach the specified volume to/from the specified node.\n\nVolumeAttachment objects are non-namespaced.",
+					Properties: map[string]spec.Schema{
+						"kind": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"integer"},
-								Format: "int64",
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"minItems": {
+						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"integer"},
-								Format: "int64",
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"uniqueItems": {
+						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"boolean"},
-								Format: "",
+								Description: "Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
 							},
 						},
-						"multipleOf": {
+						"spec": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"number"},
-								Format: "double",
+								Description: "Specification of the desired attach/detach volume behavior. Populated by the Kubernetes system.",
+								Ref:         ref("k8s.io/api/storage/v1beta1.VolumeAttachmentSpec"),
 							},
 						},
-						"enum": {
+						"status": {
 							SchemaProps: spec.SchemaProps{
-								Type: []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSON"),
-										},
-									},
-								},
+								Description: "Status of the VolumeAttachment request. Populated by the entity completing the attach or detach operation, i.e. the external-attacher.",
+								Ref:         ref("k8s.io/api/storage/v1beta1.VolumeAttachmentStatus"),
 							},
 						},
-						"maxProperties": {
+					},
+					Required: []string{"spec"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/api/storage/v1beta1.VolumeAttachmentSpec", "k8s.io/api/storage/v1beta1.VolumeAttachmentStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
+		},
+		"k8s.io/api/storage/v1beta1.VolumeAttachmentList": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "VolumeAttachmentList is a collection of VolumeAttachment objects.",
+					Properties: map[string]spec.Schema{
+						"kind": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"integer"},
-								Format: "int64",
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"minProperties": {
+						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"integer"},
-								Format: "int64",
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"required": {
+						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Type: []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Description: "Standard list metadata More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
 							},
 						},
 						"items": {
 							SchemaProps: spec.SchemaProps{
-								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrArray"),
-							},
-						},
-						"allOf": {
-							SchemaProps: spec.SchemaProps{
-								Type: []string{"array"},
+								Description: "Items is the list of VolumeAttachments",
+								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+											Ref: ref("k8s.io/api/storage/v1beta1.VolumeAttachment"),
 										},
 									},
 								},
 							},
 						},
-						"oneOf": {
+					},
+					Required: []string{"items"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/api/storage/v1beta1.VolumeAttachment", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+		},
+		"k8s.io/api/storage/v1beta1.VolumeAttachmentSource": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "VolumeAttachmentSource represents a volume that should be attached. Right now only PersistenVolumes can be attached via external attacher, in future we may allow also inline volumes in pods. Exactly one member can be set.",
+					Properties: map[string]spec.Schema{
+						"persistentVolumeName": {
 							SchemaProps: spec.SchemaProps{
-								Type: []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
-										},
-									},
-								},
+								Description: "Name of the persistent volume to attach.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"anyOf": {
+					},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/api/storage/v1beta1.VolumeAttachmentSpec": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "VolumeAttachmentSpec is the specification of a VolumeAttachment request.",
+					Properties: map[string]spec.Schema{
+						"attacher": {
 							SchemaProps: spec.SchemaProps{
-								Type: []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
-										},
-									},
-								},
+								Description: "Attacher indicates the name of the volume driver that MUST handle this request. This is the name returned by GetPluginName().",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"not": {
+						"source": {
 							SchemaProps: spec.SchemaProps{
-								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+								Description: "Source represents the volume that should be attached.",
+								Ref:         ref("k8s.io/api/storage/v1beta1.VolumeAttachmentSource"),
 							},
 						},
-						"properties": {
+						"nodeName": {
 							SchemaProps: spec.SchemaProps{
-								Type: []string{"object"},
-								AdditionalProperties: &spec.SchemaOrBool{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
-										},
-									},
-								},
+								Description: "The node that the volume should be attached to.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"additionalProperties": {
+					},
+					Required: []string{"attacher", "source", "nodeName"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/api/storage/v1beta1.VolumeAttachmentSource"},
+		},
+		"k8s.io/api/storage/v1beta1.VolumeAttachmentStatus": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "VolumeAttachmentStatus is the status of a VolumeAttachment request.",
+					Properties: map[string]spec.Schema{
+						"attached": {
 							SchemaProps: spec.SchemaProps{
-								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrBool"),
+								Description: "Indicates the volume is successfully attached. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.",
+								Type:        []string{"boolean"},
+								Format:      "",
 							},
 						},
-						"patternProperties": {
+						"attachmentMetadata": {
 							SchemaProps: spec.SchemaProps{
-								Type: []string{"object"},
+								Description: "Upon successful attach, this field is populated with any information returned by the attach operation that must be passed into subsequent WaitForAttach or Mount calls. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.",
+								Type:        []string{"object"},
 								AdditionalProperties: &spec.SchemaOrBool{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+											Type:   []string{"string"},
+											Format: "",
 										},
 									},
 								},
 							},
 						},
-						"dependencies": {
+						"attachError": {
 							SchemaProps: spec.SchemaProps{
-								Type: []string{"object"},
-								AdditionalProperties: &spec.SchemaOrBool{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrStringArray"),
-										},
-									},
-								},
+								Description: "The last error encountered during attach operation, if any. This field must only be set by the entity completing the attach operation, i.e. the external-attacher.",
+								Ref:         ref("k8s.io/api/storage/v1beta1.VolumeError"),
 							},
 						},
-						"additionalItems": {
+						"detachError": {
 							SchemaProps: spec.SchemaProps{
-								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrBool"),
+								Description: "The last error encountered during detach operation, if any. This field must only be set by the entity completing the detach operation, i.e. the external-attacher.",
+								Ref:         ref("k8s.io/api/storage/v1beta1.VolumeError"),
 							},
 						},
-						"definitions": {
+					},
+					Required: []string{"attached"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/api/storage/v1beta1.VolumeError"},
+		},
+		"k8s.io/api/storage/v1beta1.VolumeError": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "VolumeError captures an error encountered during a volume operation.",
+					Properties: map[string]spec.Schema{
+						"time": {
 							SchemaProps: spec.SchemaProps{
-								Type: []string{"object"},
-								AdditionalProperties: &spec.SchemaOrBool{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
-										},
-									},
-								},
+								Description: "Time the error was encountered.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"),
 							},
 						},
-						"externalDocs": {
+						"message": {
 							SchemaProps: spec.SchemaProps{
-								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.ExternalDocumentation"),
+								Description: "String detailing the error encountered during Attach or Detach operation. This string maybe logged, so it should not contain sensitive information.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"example": {
+					},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/apis/meta/v1.Time"},
+		},
+		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinition": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "CustomResourceDefinition represents a resource that should be exposed on the API server.  Its name MUST be in the format <.spec.name>.<.spec.group>.",
+					Properties: map[string]spec.Schema{
+						"kind": {
 							SchemaProps: spec.SchemaProps{
-								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSON"),
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"apiVersion": {
+							SchemaProps: spec.SchemaProps{
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"metadata": {
+							SchemaProps: spec.SchemaProps{
+								Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
+							},
+						},
+						"spec": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Spec describes how the user wants the resources to appear",
+								Ref:         ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionSpec"),
+							},
+						},
+						"status": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Status indicates the actual state of the CustomResourceDefinition",
+								Ref:         ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionStatus"),
 							},
 						},
 					},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.ExternalDocumentation", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSON", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrArray", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrBool", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrStringArray"},
+				"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionSpec", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
-		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrArray": {
+		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionCondition": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "JSONSchemaPropsOrArray represents a value that can either be a JSONSchemaProps or an array of JSONSchemaProps. Mainly here for serialization purposes.",
+					Description: "CustomResourceDefinitionCondition contains details for the current condition of this pod.",
 					Properties: map[string]spec.Schema{
-						"Schema": {
+						"type": {
 							SchemaProps: spec.SchemaProps{
-								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+								Description: "Type is the type of the condition.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"JSONSchemas": {
+						"status": {
 							SchemaProps: spec.SchemaProps{
-								Type: []string{"array"},
+								Description: "Status is the status of the condition. Can be True, False, Unknown.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"lastTransitionTime": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Last time the condition transitioned from one status to another.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"),
+							},
+						},
+						"reason": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Unique, one-word, CamelCase reason for the condition's last transition.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"message": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Human-readable message indicating details about last transition.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+					},
+					Required: []string{"type", "status"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/apis/meta/v1.Time"},
+		},
+		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionList": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "CustomResourceDefinitionList is a list of CustomResourceDefinition objects.",
+					Properties: map[string]spec.Schema{
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"apiVersion": {
+							SchemaProps: spec.SchemaProps{
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"metadata": {
+							SchemaProps: spec.SchemaProps{
+								Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
+							},
+						},
+						"items": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Items individual CustomResourceDefinitions",
+								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinition"),
+										},
+									},
+								},
+							},
+						},
+					},
+					Required: []string{"items"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinition", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
+		},
+		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionNames": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "CustomResourceDefinitionNames indicates the names to serve this CustomResourceDefinition",
+					Properties: map[string]spec.Schema{
+						"plural": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Plural is the plural name of the resource to serve.  It must match the name of the CustomResourceDefinition-registration too: plural.group and it must be all lowercase.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"singular": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Singular is the singular name of the resource.  It must be all lowercase  Defaults to lowercased <kind>",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"shortNames": {
+							SchemaProps: spec.SchemaProps{
+								Description: "ShortNames are short names for the resource.  It must be all lowercase.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
+							},
+						},
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Kind is the serialized kind of the resource.  It is normally CamelCase and singular.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"listKind": {
+							SchemaProps: spec.SchemaProps{
+								Description: "ListKind is the serialized kind of the list for this resource.  Defaults to <kind>List.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"categories": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Categories is a list of grouped resources custom resources belong to (e.g. 'all')",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
 										},
 									},
 								},
 							},
 						},
 					},
-					Required: []string{"Schema", "JSONSchemas"},
+					Required: []string{"plural", "kind"},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionSpec": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "CustomResourceDefinitionSpec describes how a user wants their resource to appear",
+					Properties: map[string]spec.Schema{
+						"group": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Group is the group this resource belongs in",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"version": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Version is the version this resource belongs in",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"names": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Names are the names used to describe this custom resource",
+								Ref:         ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionNames"),
+							},
+						},
+						"scope": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Scope indicates whether this resource is cluster or namespace scoped.  Default is namespaced",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"validation": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Validation describes the validation methods for CustomResources",
+								Ref:         ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceValidation"),
+							},
+						},
+						"subresources": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Subresources describes the subresources for CustomResources This field is alpha-level and should only be sent to servers that enable subresources via the CustomResourceSubresources feature gate.",
+								Ref:         ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceSubresources"),
+							},
+						},
+					},
+					Required: []string{"group", "version", "names", "scope"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionNames", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceSubresources", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceValidation"},
+		},
+		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionStatus": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "CustomResourceDefinitionStatus indicates the state of the CustomResourceDefinition",
+					Properties: map[string]spec.Schema{
+						"conditions": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Conditions indicate state for particular aspects of a CustomResourceDefinition",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionCondition"),
+										},
+									},
+								},
+							},
+						},
+						"acceptedNames": {
+							SchemaProps: spec.SchemaProps{
+								Description: "AcceptedNames are the names that are actually being used to serve discovery They may be different than the names in spec.",
+								Ref:         ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionNames"),
+							},
+						},
+					},
+					Required: []string{"conditions", "acceptedNames"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionCondition", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceDefinitionNames"},
+		},
+		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceSubresourceScale": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "CustomResourceSubresourceScale defines how to serve the scale subresource for CustomResources.",
+					Properties: map[string]spec.Schema{
+						"specReplicasPath": {
+							SchemaProps: spec.SchemaProps{
+								Description: "SpecReplicasPath defines the JSON path inside of a CustomResource that corresponds to Scale.Spec.Replicas. Only JSON paths without the array notation are allowed. Must be a JSON Path under .spec. If there is no value under the given path in the CustomResource, the /scale subresource will return an error on GET.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"statusReplicasPath": {
+							SchemaProps: spec.SchemaProps{
+								Description: "StatusReplicasPath defines the JSON path inside of a CustomResource that corresponds to Scale.Status.Replicas. Only JSON paths without the array notation are allowed. Must be a JSON Path under .status. If there is no value under the given path in the CustomResource, the status replica value in the /scale subresource will default to 0.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"labelSelectorPath": {
+							SchemaProps: spec.SchemaProps{
+								Description: "LabelSelectorPath defines the JSON path inside of a CustomResource that corresponds to Scale.Status.Selector. Only JSON paths without the array notation are allowed. Must be a JSON Path under .status. Must be set to work with HPA. If there is no value under the given path in the CustomResource, the status label selector value in the /scale subresource will default to the empty string.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+					},
+					Required: []string{"specReplicasPath", "statusReplicasPath"},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceSubresourceStatus": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "CustomResourceSubresourceStatus defines how to serve the status subresource for CustomResources. Status is represented by the `.status` JSON path inside of a CustomResource. When set, * exposes a /status subresource for the custom resource * PUT requests to the /status subresource take a custom resource object, and ignore changes to anything except the status stanza * PUT/POST/PATCH requests to the custom resource ignore changes to the status stanza",
+					Properties:  map[string]spec.Schema{},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceSubresources": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "CustomResourceSubresources defines the status and scale subresources for CustomResources.",
+					Properties: map[string]spec.Schema{
+						"status": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Status denotes the status subresource for CustomResources",
+								Ref:         ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceSubresourceStatus"),
+							},
+						},
+						"scale": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Scale denotes the scale subresource for CustomResources",
+								Ref:         ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceSubresourceScale"),
+							},
+						},
+					},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceSubresourceScale", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceSubresourceStatus"},
+		},
+		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.CustomResourceValidation": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "CustomResourceValidation is a list of validation methods for CustomResources.",
+					Properties: map[string]spec.Schema{
+						"openAPIV3Schema": {
+							SchemaProps: spec.SchemaProps{
+								Description: "OpenAPIV3Schema is the OpenAPI v3 schema to be validated against.",
+								Ref:         ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+							},
+						},
+					},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"},
+		},
+		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.ExternalDocumentation": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "ExternalDocumentation allows referencing an external resource for extended documentation.",
+					Properties: map[string]spec.Schema{
+						"description": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"url": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+					},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSON": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil.",
+					Properties: map[string]spec.Schema{
+						"Raw": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "byte",
+							},
+						},
+					},
+					Required: []string{"Raw"},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "JSONSchemaProps is a JSON-Schema following Specification Draft 4 (http://json-schema.org/).",
+					Properties: map[string]spec.Schema{
+						"id": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"$schema": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"$ref": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"description": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"type": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"format": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"title": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"default": {
+							SchemaProps: spec.SchemaProps{
+								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSON"),
+							},
+						},
+						"maximum": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"number"},
+								Format: "double",
+							},
+						},
+						"exclusiveMaximum": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"boolean"},
+								Format: "",
+							},
+						},
+						"minimum": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"number"},
+								Format: "double",
+							},
+						},
+						"exclusiveMinimum": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"boolean"},
+								Format: "",
+							},
+						},
+						"maxLength": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"integer"},
+								Format: "int64",
+							},
+						},
+						"minLength": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"integer"},
+								Format: "int64",
+							},
+						},
+						"pattern": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"maxItems": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"integer"},
+								Format: "int64",
+							},
+						},
+						"minItems": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"integer"},
+								Format: "int64",
+							},
+						},
+						"uniqueItems": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"boolean"},
+								Format: "",
+							},
+						},
+						"multipleOf": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"number"},
+								Format: "double",
+							},
+						},
+						"enum": {
+							SchemaProps: spec.SchemaProps{
+								Type: []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSON"),
+										},
+									},
+								},
+							},
+						},
+						"maxProperties": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"integer"},
+								Format: "int64",
+							},
+						},
+						"minProperties": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"integer"},
+								Format: "int64",
+							},
+						},
+						"required": {
+							SchemaProps: spec.SchemaProps{
+								Type: []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
+							},
+						},
+						"items": {
+							SchemaProps: spec.SchemaProps{
+								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrArray"),
+							},
+						},
+						"allOf": {
+							SchemaProps: spec.SchemaProps{
+								Type: []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+										},
+									},
+								},
+							},
+						},
+						"oneOf": {
+							SchemaProps: spec.SchemaProps{
+								Type: []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+										},
+									},
+								},
+							},
+						},
+						"anyOf": {
+							SchemaProps: spec.SchemaProps{
+								Type: []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+										},
+									},
+								},
+							},
+						},
+						"not": {
+							SchemaProps: spec.SchemaProps{
+								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+							},
+						},
+						"properties": {
+							SchemaProps: spec.SchemaProps{
+								Type: []string{"object"},
+								AdditionalProperties: &spec.SchemaOrBool{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+										},
+									},
+								},
+							},
+						},
+						"additionalProperties": {
+							SchemaProps: spec.SchemaProps{
+								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrBool"),
+							},
+						},
+						"patternProperties": {
+							SchemaProps: spec.SchemaProps{
+								Type: []string{"object"},
+								AdditionalProperties: &spec.SchemaOrBool{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+										},
+									},
+								},
+							},
+						},
+						"dependencies": {
+							SchemaProps: spec.SchemaProps{
+								Type: []string{"object"},
+								AdditionalProperties: &spec.SchemaOrBool{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrStringArray"),
+										},
+									},
+								},
+							},
+						},
+						"additionalItems": {
+							SchemaProps: spec.SchemaProps{
+								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrBool"),
+							},
+						},
+						"definitions": {
+							SchemaProps: spec.SchemaProps{
+								Type: []string{"object"},
+								AdditionalProperties: &spec.SchemaOrBool{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+										},
+									},
+								},
+							},
+						},
+						"externalDocs": {
+							SchemaProps: spec.SchemaProps{
+								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.ExternalDocumentation"),
+							},
+						},
+						"example": {
+							SchemaProps: spec.SchemaProps{
+								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSON"),
+							},
+						},
+					},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.ExternalDocumentation", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSON", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrArray", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrBool", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrStringArray"},
+		},
+		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrArray": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "JSONSchemaPropsOrArray represents a value that can either be a JSONSchemaProps or an array of JSONSchemaProps. Mainly here for serialization purposes.",
+					Properties: map[string]spec.Schema{
+						"Schema": {
+							SchemaProps: spec.SchemaProps{
+								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+							},
+						},
+						"JSONSchemas": {
+							SchemaProps: spec.SchemaProps{
+								Type: []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+										},
+									},
+								},
+							},
+						},
+					},
+					Required: []string{"Schema", "JSONSchemas"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"},
+		},
+		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrBool": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "JSONSchemaPropsOrBool represents JSONSchemaProps or a boolean value. Defaults to true for the boolean property.",
+					Properties: map[string]spec.Schema{
+						"Allows": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"boolean"},
+								Format: "",
+							},
+						},
+						"Schema": {
+							SchemaProps: spec.SchemaProps{
+								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+							},
+						},
+					},
+					Required: []string{"Allows", "Schema"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"},
+		},
+		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrStringArray": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "JSONSchemaPropsOrStringArray represents a JSONSchemaProps or a string array.",
+					Properties: map[string]spec.Schema{
+						"Schema": {
+							SchemaProps: spec.SchemaProps{
+								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+							},
+						},
+						"Property": {
+							SchemaProps: spec.SchemaProps{
+								Type: []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
+							},
+						},
+					},
+					Required: []string{"Schema", "Property"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"},
+		},
+		"k8s.io/apimachinery/pkg/api/resource.Quantity": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Type:   resource.Quantity{}.OpenAPISchemaType(),
+					Format: resource.Quantity{}.OpenAPISchemaFormat(),
+				},
+			},
+		},
+		"k8s.io/apimachinery/pkg/api/resource.int64Amount": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "int64Amount represents a fixed precision numerator and arbitrary scale exponent. It is faster than operations on inf.Dec for values that can be represented as int64.",
+					Properties: map[string]spec.Schema{
+						"value": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"integer"},
+								Format: "int64",
+							},
+						},
+						"scale": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"integer"},
+								Format: "int32",
+							},
+						},
+					},
+					Required: []string{"value", "scale"},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "APIGroup contains the name, the supported versions, and the preferred version of a group.",
+					Properties: map[string]spec.Schema{
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"apiVersion": {
+							SchemaProps: spec.SchemaProps{
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"name": {
+							SchemaProps: spec.SchemaProps{
+								Description: "name is the name of the group.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"versions": {
+							SchemaProps: spec.SchemaProps{
+								Description: "versions are the versions supported in this group.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"),
+										},
+									},
+								},
+							},
+						},
+						"preferredVersion": {
+							SchemaProps: spec.SchemaProps{
+								Description: "preferredVersion is the version preferred by the API server, which probably is the storage version.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"),
+							},
+						},
+						"serverAddressByClientCIDRs": {
+							SchemaProps: spec.SchemaProps{
+								Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"),
+										},
+									},
+								},
+							},
+						},
+					},
+					Required: []string{"name", "versions", "serverAddressByClientCIDRs"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery", "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "APIGroupList is a list of APIGroup, to allow clients to discover the API at /apis.",
+					Properties: map[string]spec.Schema{
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"apiVersion": {
+							SchemaProps: spec.SchemaProps{
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"groups": {
+							SchemaProps: spec.SchemaProps{
+								Description: "groups is a list of APIGroup.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"),
+										},
+									},
+								},
+							},
+						},
+					},
+					Required: []string{"groups"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "APIResource specifies the name of a resource and whether it is namespaced.",
+					Properties: map[string]spec.Schema{
+						"name": {
+							SchemaProps: spec.SchemaProps{
+								Description: "name is the plural name of the resource.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"singularName": {
+							SchemaProps: spec.SchemaProps{
+								Description: "singularName is the singular name of the resource.  This allows clients to handle plural and singular opaquely. The singularName is more correct for reporting status on a single item and both singular and plural are allowed from the kubectl CLI interface.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"namespaced": {
+							SchemaProps: spec.SchemaProps{
+								Description: "namespaced indicates if a resource is namespaced or not.",
+								Type:        []string{"boolean"},
+								Format:      "",
+							},
+						},
+						"group": {
+							SchemaProps: spec.SchemaProps{
+								Description: "group is the preferred group of the resource.  Empty implies the group of the containing resource list. For subresources, this may have a different value, for example: Scale\".",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"version": {
+							SchemaProps: spec.SchemaProps{
+								Description: "version is the preferred version of the resource.  Empty implies the version of the containing resource list For subresources, this may have a different value, for example: v1 (while inside a v1beta1 version of the core resource's group)\".",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Description: "kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo')",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"verbs": {
+							SchemaProps: spec.SchemaProps{
+								Description: "verbs is a list of supported kube verbs (this includes get, list, watch, create, update, patch, delete, deletecollection, and proxy)",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
+							},
+						},
+						"shortNames": {
+							SchemaProps: spec.SchemaProps{
+								Description: "shortNames is a list of suggested short names of the resource.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
+							},
+						},
+						"categories": {
+							SchemaProps: spec.SchemaProps{
+								Description: "categories is a list of the grouped resources this resource belongs to (e.g. 'all')",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
+							},
+						},
+					},
+					Required: []string{"name", "singularName", "namespaced", "kind", "verbs"},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.",
+					Properties: map[string]spec.Schema{
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"apiVersion": {
+							SchemaProps: spec.SchemaProps{
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"groupVersion": {
+							SchemaProps: spec.SchemaProps{
+								Description: "groupVersion is the group and version this APIResourceList is for.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"resources": {
+							SchemaProps: spec.SchemaProps{
+								Description: "resources contains the name of the resources and if they are namespaced.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"),
+										},
+									},
+								},
+							},
+						},
+					},
+					Required: []string{"groupVersion", "resources"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "APIVersions lists the versions that are available, to allow clients to discover the API at /api, which is the root path of the legacy v1 API.",
+					Properties: map[string]spec.Schema{
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"apiVersion": {
+							SchemaProps: spec.SchemaProps{
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"versions": {
+							SchemaProps: spec.SchemaProps{
+								Description: "versions are the api versions that are available.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
+							},
+						},
+						"serverAddressByClientCIDRs": {
+							SchemaProps: spec.SchemaProps{
+								Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"),
+										},
+									},
+								},
+							},
+						},
+					},
+					Required: []string{"versions", "serverAddressByClientCIDRs"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "DeleteOptions may be provided when deleting an API object.",
+					Properties: map[string]spec.Schema{
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"apiVersion": {
+							SchemaProps: spec.SchemaProps{
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"gracePeriodSeconds": {
+							SchemaProps: spec.SchemaProps{
+								Description: "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.",
+								Type:        []string{"integer"},
+								Format:      "int64",
+							},
+						},
+						"preconditions": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"),
+							},
+						},
+						"orphanDependents": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.",
+								Type:        []string{"boolean"},
+								Format:      "",
+							},
+						},
+						"propagationPolicy": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+					},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.Duration": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "Duration is a wrapper around time.Duration which supports correct marshaling to YAML and JSON. In particular, it marshals into strings, which can be used as map keys in json.",
+					Properties: map[string]spec.Schema{
+						"Duration": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"integer"},
+								Format: "int64",
+							},
+						},
+					},
+					Required: []string{"Duration"},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.ExportOptions": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "ExportOptions is the query options to the standard REST get call.",
+					Properties: map[string]spec.Schema{
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"apiVersion": {
+							SchemaProps: spec.SchemaProps{
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"export": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Should this value be exported.  Export strips fields that a user can not specify.",
+								Type:        []string{"boolean"},
+								Format:      "",
+							},
+						},
+						"exact": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Should the export be exact.  Exact export maintains cluster-specific fields like 'Namespace'.",
+								Type:        []string{"boolean"},
+								Format:      "",
+							},
+						},
+					},
+					Required: []string{"export", "exact"},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "GetOptions is the standard query options to the standard REST get call.",
+					Properties: map[string]spec.Schema{
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"apiVersion": {
+							SchemaProps: spec.SchemaProps{
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"resourceVersion": {
+							SchemaProps: spec.SchemaProps{
+								Description: "When specified: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"includeUninitialized": {
+							SchemaProps: spec.SchemaProps{
+								Description: "If true, partially initialized resources are included in the response.",
+								Type:        []string{"boolean"},
+								Format:      "",
+							},
+						},
+					},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "GroupKind specifies a Group and a Kind, but does not force a version.  This is useful for identifying concepts during lookup stages without having partially valid types",
+					Properties: map[string]spec.Schema{
+						"group": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+					},
+					Required: []string{"group", "kind"},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "GroupResource specifies a Group and a Resource, but does not force a version.  This is useful for identifying concepts during lookup stages without having partially valid types",
+					Properties: map[string]spec.Schema{
+						"group": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"resource": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+					},
+					Required: []string{"group", "resource"},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "GroupVersion contains the \"group\" and the \"version\", which uniquely identifies the API.",
+					Properties: map[string]spec.Schema{
+						"group": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"version": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+					},
+					Required: []string{"group", "version"},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "GroupVersion contains the \"group/version\" and \"version\" string of a version. It is made a struct to keep extensibility.",
+					Properties: map[string]spec.Schema{
+						"groupVersion": {
+							SchemaProps: spec.SchemaProps{
+								Description: "groupVersion specifies the API group and version in the form \"group/version\"",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"version": {
+							SchemaProps: spec.SchemaProps{
+								Description: "version specifies the version in the form of \"version\". This is to save the clients the trouble of splitting the GroupVersion.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+					},
+					Required: []string{"groupVersion", "version"},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "GroupVersionKind unambiguously identifies a kind.  It doesn't anonymously include GroupVersion to avoid automatic coersion.  It doesn't use a GroupVersion to avoid custom marshalling",
+					Properties: map[string]spec.Schema{
+						"group": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"version": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+					},
+					Required: []string{"group", "version", "kind"},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "GroupVersionResource unambiguously identifies a resource.  It doesn't anonymously include GroupVersion to avoid automatic coersion.  It doesn't use a GroupVersion to avoid custom marshalling",
+					Properties: map[string]spec.Schema{
+						"group": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"version": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"resource": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+					},
+					Required: []string{"group", "version", "resource"},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.Initializer": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "Initializer is information about an initializer that has not yet completed.",
+					Properties: map[string]spec.Schema{
+						"name": {
+							SchemaProps: spec.SchemaProps{
+								Description: "name of the process that is responsible for initializing this object.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+					},
+					Required: []string{"name"},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.Initializers": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "Initializers tracks the progress of initialization.",
+					Properties: map[string]spec.Schema{
+						"pending": {
+							VendorExtensible: spec.VendorExtensible{
+								Extensions: spec.Extensions{
+									"x-kubernetes-patch-merge-key": "name",
+									"x-kubernetes-patch-strategy":  "merge",
+								},
+							},
+							SchemaProps: spec.SchemaProps{
+								Description: "Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Initializer"),
+										},
+									},
+								},
+							},
+						},
+						"result": {
+							SchemaProps: spec.SchemaProps{
+								Description: "If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Status"),
+							},
+						},
+					},
+					Required: []string{"pending"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"},
+				"k8s.io/apimachinery/pkg/apis/meta/v1.Initializer", "k8s.io/apimachinery/pkg/apis/meta/v1.Status"},
 		},
-		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrBool": {
+		"k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "JSONSchemaPropsOrBool represents JSONSchemaProps or a boolean value. Defaults to true for the boolean property.",
+					Description: "InternalEvent makes watch.Event versioned",
 					Properties: map[string]spec.Schema{
-						"Allows": {
+						"Type": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"boolean"},
+								Type:   []string{"string"},
 								Format: "",
 							},
 						},
-						"Schema": {
+						"Object": {
 							SchemaProps: spec.SchemaProps{
-								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+								Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *api.Status is recommended; other types may make sense\n   depending on context.",
+								Ref:         ref("k8s.io/apimachinery/pkg/runtime.Object"),
 							},
 						},
 					},
-					Required: []string{"Allows", "Schema"},
+					Required: []string{"Type", "Object"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"},
+				"k8s.io/apimachinery/pkg/runtime.Object"},
 		},
-		"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaPropsOrStringArray": {
+		"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "JSONSchemaPropsOrStringArray represents a JSONSchemaProps or a string array.",
+					Description: "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.",
 					Properties: map[string]spec.Schema{
-						"Schema": {
+						"matchLabels": {
 							SchemaProps: spec.SchemaProps{
-								Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"),
+								Description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.",
+								Type:        []string{"object"},
+								AdditionalProperties: &spec.SchemaOrBool{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
 							},
 						},
-						"Property": {
+						"matchExpressions": {
 							SchemaProps: spec.SchemaProps{
-								Type: []string{"array"},
+								Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
+								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
+											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"),
 										},
 									},
 								},
 							},
 						},
 					},
-					Required: []string{"Schema", "Property"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1.JSONSchemaProps"},
+				"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"},
 		},
-		"k8s.io/apimachinery/pkg/api/resource.Quantity": resource.Quantity{}.OpenAPIDefinition(),
-		"k8s.io/apimachinery/pkg/api/resource.int64Amount": {
+		"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "int64Amount represents a fixed precision numerator and arbitrary scale exponent. It is faster than operations on inf.Dec for values that can be represented as int64.",
+					Description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.",
 					Properties: map[string]spec.Schema{
-						"value": {
+						"key": {
+							VendorExtensible: spec.VendorExtensible{
+								Extensions: spec.Extensions{
+									"x-kubernetes-patch-merge-key": "key",
+									"x-kubernetes-patch-strategy":  "merge",
+								},
+							},
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"integer"},
-								Format: "int64",
+								Description: "key is the label key that the selector applies to.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"scale": {
+						"operator": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"integer"},
-								Format: "int32",
+								Description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"values": {
+							SchemaProps: spec.SchemaProps{
+								Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
 							},
 						},
 					},
-					Required: []string{"value", "scale"},
+					Required: []string{"key", "operator"},
 				},
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": {
+		"k8s.io/apimachinery/pkg/apis/meta/v1.List": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "APIGroup contains the name, the supported versions, and the preferred version of a group.",
+					Description: "List holds a list of objects, which may not be known by the server.",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -22520,256 +24516,229 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Format:      "",
 							},
 						},
-						"name": {
-							SchemaProps: spec.SchemaProps{
-								Description: "name is the name of the group.",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"versions": {
-							SchemaProps: spec.SchemaProps{
-								Description: "versions are the versions supported in this group.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"),
-										},
-									},
-								},
-							},
-						},
-						"preferredVersion": {
+						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "preferredVersion is the version preferred by the API server, which probably is the storage version.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery"),
+								Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
 							},
 						},
-						"serverAddressByClientCIDRs": {
+						"items": {
 							SchemaProps: spec.SchemaProps{
-								Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.",
+								Description: "List of objects",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"),
+											Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"),
 										},
 									},
 								},
 							},
 						},
 					},
-					Required: []string{"name", "versions", "serverAddressByClientCIDRs"},
+					Required: []string{"items"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery", "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"},
+				"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/runtime.RawExtension"},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": {
+		"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "APIGroupList is a list of APIGroup, to allow clients to discover the API at /apis.",
+					Description: "ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.",
 					Properties: map[string]spec.Schema{
-						"kind": {
+						"selfLink": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Description: "selfLink is a URL representing this object. Populated by the system. Read-only.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"apiVersion": {
+						"resourceVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Description: "String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"groups": {
+						"continue": {
 							SchemaProps: spec.SchemaProps{
-								Description: "groups is a list of APIGroup.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"),
-										},
-									},
-								},
+								Description: "continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
 					},
-					Required: []string{"groups"},
 				},
 			},
-			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup"},
+			Dependencies: []string{},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": {
+		"k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "APIResource specifies the name of a resource and whether it is namespaced.",
+					Description: "ListOptions is the query options to a standard REST list call.",
 					Properties: map[string]spec.Schema{
-						"name": {
+						"kind": {
 							SchemaProps: spec.SchemaProps{
-								Description: "name is the plural name of the resource.",
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"singularName": {
+						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "singularName is the singular name of the resource.  This allows clients to handle plural and singular opaquely. The singularName is more correct for reporting status on a single item and both singular and plural are allowed from the kubectl CLI interface.",
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"namespaced": {
+						"labelSelector": {
 							SchemaProps: spec.SchemaProps{
-								Description: "namespaced indicates if a resource is namespaced or not.",
-								Type:        []string{"boolean"},
+								Description: "A selector to restrict the list of returned objects by their labels. Defaults to everything.",
+								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"group": {
+						"fieldSelector": {
 							SchemaProps: spec.SchemaProps{
-								Description: "group is the preferred group of the resource.  Empty implies the group of the containing resource list. For subresources, this may have a different value, for example: Scale\".",
+								Description: "A selector to restrict the list of returned objects by their fields. Defaults to everything.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"version": {
+						"includeUninitialized": {
 							SchemaProps: spec.SchemaProps{
-								Description: "version is the preferred version of the resource.  Empty implies the version of the containing resource list For subresources, this may have a different value, for example: v1 (while inside a v1beta1 version of the core resource's group)\".",
-								Type:        []string{"string"},
+								Description: "If true, partially initialized resources are included in the response.",
+								Type:        []string{"boolean"},
 								Format:      "",
 							},
 						},
-						"kind": {
+						"watch": {
 							SchemaProps: spec.SchemaProps{
-								Description: "kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo')",
+								Description: "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.",
+								Type:        []string{"boolean"},
+								Format:      "",
+							},
+						},
+						"resourceVersion": {
+							SchemaProps: spec.SchemaProps{
+								Description: "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"verbs": {
+						"timeoutSeconds": {
 							SchemaProps: spec.SchemaProps{
-								Description: "verbs is a list of supported kube verbs (this includes get, list, watch, create, update, patch, delete, deletecollection, and proxy)",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Description: "Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.",
+								Type:        []string{"integer"},
+								Format:      "int64",
 							},
 						},
-						"shortNames": {
+						"limit": {
 							SchemaProps: spec.SchemaProps{
-								Description: "shortNames is a list of suggested short names of the resource.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Description: "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.",
+								Type:        []string{"integer"},
+								Format:      "int64",
 							},
 						},
-						"categories": {
+						"continue": {
 							SchemaProps: spec.SchemaProps{
-								Description: "categories is a list of the grouped resources this resource belongs to (e.g. 'all')",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Description: "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server the server will respond with a 410 ResourceExpired error indicating the client must restart their list without the continue field. This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
 					},
-					Required: []string{"name", "singularName", "namespaced", "kind", "verbs"},
 				},
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": {
+		"k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.",
+					Type:   v1.MicroTime{}.OpenAPISchemaType(),
+					Format: v1.MicroTime{}.OpenAPISchemaFormat(),
+				},
+			},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.",
 					Properties: map[string]spec.Schema{
-						"kind": {
+						"name": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Description: "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"apiVersion": {
+						"generateName": {
 							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"groupVersion": {
+						"namespace": {
 							SchemaProps: spec.SchemaProps{
-								Description: "groupVersion is the group and version this APIResourceList is for.",
+								Description: "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"resources": {
+						"selfLink": {
 							SchemaProps: spec.SchemaProps{
-								Description: "resources contains the name of the resources and if they are namespaced.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"),
-										},
-									},
-								},
+								Description: "SelfLink is a URL representing this object. Populated by the system. Read-only.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-					},
-					Required: []string{"groupVersion", "resources"},
-				},
-			},
-			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.APIResource"},
-		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "APIVersions lists the versions that are available, to allow clients to discover the API at /api, which is the root path of the legacy v1 API.",
-					Properties: map[string]spec.Schema{
-						"kind": {
+						"uid": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"apiVersion": {
+						"resourceVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Description: "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"versions": {
+						"generation": {
 							SchemaProps: spec.SchemaProps{
-								Description: "versions are the api versions that are available.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
+								Description: "A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.",
+								Type:        []string{"integer"},
+								Format:      "int64",
+							},
+						},
+						"creationTimestamp": {
+							SchemaProps: spec.SchemaProps{
+								Description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.\n\nPopulated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"),
+							},
+						},
+						"deletionTimestamp": {
+							SchemaProps: spec.SchemaProps{
+								Description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.\n\nPopulated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"),
+							},
+						},
+						"deletionGracePeriodSeconds": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.",
+								Type:        []string{"integer"},
+								Format:      "int64",
+							},
+						},
+						"labels": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels",
+								Type:        []string{"object"},
+								AdditionalProperties: &spec.SchemaOrBool{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
 											Type:   []string{"string"},
@@ -22779,68 +24748,67 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								},
 							},
 						},
-						"serverAddressByClientCIDRs": {
+						"annotations": {
 							SchemaProps: spec.SchemaProps{
-								Description: "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
+								Description: "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations",
+								Type:        []string{"object"},
+								AdditionalProperties: &spec.SchemaOrBool{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"),
+											Type:   []string{"string"},
+											Format: "",
 										},
 									},
 								},
 							},
 						},
-					},
-					Required: []string{"versions", "serverAddressByClientCIDRs"},
-				},
-			},
-			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR"},
-		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "DeleteOptions may be provided when deleting an API object.",
-					Properties: map[string]spec.Schema{
-						"kind": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
-								Type:        []string{"string"},
-								Format:      "",
+						"ownerReferences": {
+							VendorExtensible: spec.VendorExtensible{
+								Extensions: spec.Extensions{
+									"x-kubernetes-patch-merge-key": "uid",
+									"x-kubernetes-patch-strategy":  "merge",
+								},
 							},
-						},
-						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"),
+										},
+									},
+								},
 							},
 						},
-						"gracePeriodSeconds": {
+						"initializers": {
 							SchemaProps: spec.SchemaProps{
-								Description: "The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.",
-								Type:        []string{"integer"},
-								Format:      "int64",
+								Description: "An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects.\n\nWhen an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Initializers"),
 							},
 						},
-						"preconditions": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"),
+						"finalizers": {
+							VendorExtensible: spec.VendorExtensible{
+								Extensions: spec.Extensions{
+									"x-kubernetes-patch-strategy": "merge",
+								},
 							},
-						},
-						"orphanDependents": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the \"orphan\" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.",
-								Type:        []string{"boolean"},
-								Format:      "",
+								Description: "Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
 							},
 						},
-						"propagationPolicy": {
+						"clusterName": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.",
+								Description: "The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
@@ -22849,420 +24817,329 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions"},
-		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.Duration": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "Duration is a wrapper around time.Duration which supports correct marshaling to YAML and JSON. In particular, it marshals into strings, which can be used as map keys in json.",
-					Properties: map[string]spec.Schema{
-						"Duration": {
-							SchemaProps: spec.SchemaProps{
-								Type:   []string{"integer"},
-								Format: "int64",
-							},
-						},
-					},
-					Required: []string{"Duration"},
-				},
-			},
-			Dependencies: []string{},
+				"k8s.io/apimachinery/pkg/apis/meta/v1.Initializers", "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.ExportOptions": {
+		"k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "ExportOptions is the query options to the standard REST get call.",
+					Description: "OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.",
 					Properties: map[string]spec.Schema{
-						"kind": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
 						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Description: "API version of the referent.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"export": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Should this value be exported.  Export strips fields that a user can not specify.",
-								Type:        []string{"boolean"},
-								Format:      "",
-							},
-						},
-						"exact": {
+						"kind": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Should the export be exact.  Exact export maintains cluster-specific fields like 'Namespace'.",
-								Type:        []string{"boolean"},
+								Description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-					},
-					Required: []string{"export", "exact"},
-				},
-			},
-			Dependencies: []string{},
-		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "GetOptions is the standard query options to the standard REST get call.",
-					Properties: map[string]spec.Schema{
-						"kind": {
+						"name": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Description: "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"apiVersion": {
+						"uid": {
 							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Description: "UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"resourceVersion": {
+						"controller": {
 							SchemaProps: spec.SchemaProps{
-								Description: "When specified: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.",
-								Type:        []string{"string"},
+								Description: "If true, this reference points to the managing controller.",
+								Type:        []string{"boolean"},
 								Format:      "",
 							},
 						},
-						"includeUninitialized": {
+						"blockOwnerDeletion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "If true, partially initialized resources are included in the response.",
+								Description: "If true, AND if the owner has the \"foregroundDeletion\" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs \"delete\" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.",
 								Type:        []string{"boolean"},
 								Format:      "",
 							},
 						},
 					},
+					Required: []string{"apiVersion", "kind", "name", "uid"},
 				},
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "GroupKind specifies a Group and a Kind, but does not force a version.  This is useful for identifying concepts during lookup stages without having partially valid types",
-					Properties: map[string]spec.Schema{
-						"group": {
-							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
-							},
-						},
-						"kind": {
-							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
-							},
-						},
-					},
-					Required: []string{"group", "kind"},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.Patch": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.",
+					Properties:  map[string]spec.Schema{},
 				},
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": {
+		"k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "GroupResource specifies a Group and a Resource, but does not force a version.  This is useful for identifying concepts during lookup stages without having partially valid types",
+					Description: "Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.",
 					Properties: map[string]spec.Schema{
-						"group": {
-							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
-							},
-						},
-						"resource": {
+						"uid": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "Specifies the target UID.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
 					},
-					Required: []string{"group", "resource"},
 				},
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": {
+		"k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "GroupVersion contains the \"group\" and the \"version\", which uniquely identifies the API.",
+					Description: "RootPaths lists the paths available at root. For example: \"/healthz\", \"/apis\".",
 					Properties: map[string]spec.Schema{
-						"group": {
-							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
-							},
-						},
-						"version": {
+						"paths": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "paths are the paths available at root.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
 							},
 						},
 					},
-					Required: []string{"group", "version"},
+					Required: []string{"paths"},
 				},
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": {
+		"k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "GroupVersion contains the \"group/version\" and \"version\" string of a version. It is made a struct to keep extensibility.",
+					Description: "ServerAddressByClientCIDR helps the client to determine the server address that they should use, depending on the clientCIDR that they match.",
 					Properties: map[string]spec.Schema{
-						"groupVersion": {
+						"clientCIDR": {
 							SchemaProps: spec.SchemaProps{
-								Description: "groupVersion specifies the API group and version in the form \"group/version\"",
+								Description: "The CIDR with which clients can match their IP to figure out the server address that they should use.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"version": {
+						"serverAddress": {
 							SchemaProps: spec.SchemaProps{
-								Description: "version specifies the version in the form of \"version\". This is to save the clients the trouble of splitting the GroupVersion.",
+								Description: "Address of this server, suitable for a client that matches the above CIDR. This can be a hostname, hostname:port, IP or IP:port.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 					},
-					Required: []string{"groupVersion", "version"},
+					Required: []string{"clientCIDR", "serverAddress"},
 				},
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": {
+		"k8s.io/apimachinery/pkg/apis/meta/v1.Status": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "GroupVersionKind unambiguously identifies a kind.  It doesn't anonymously include GroupVersion to avoid automatic coersion.  It doesn't use a GroupVersion to avoid custom marshalling",
+					Description: "Status is a return value for calls that don't return other objects.",
 					Properties: map[string]spec.Schema{
-						"group": {
-							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
-							},
-						},
-						"version": {
+						"kind": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"kind": {
+						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-					},
-					Required: []string{"group", "version", "kind"},
-				},
-			},
-			Dependencies: []string{},
-		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "GroupVersionResource unambiguously identifies a resource.  It doesn't anonymously include GroupVersion to avoid automatic coersion.  It doesn't use a GroupVersion to avoid custom marshalling",
-					Properties: map[string]spec.Schema{
-						"group": {
+						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
 							},
 						},
-						"version": {
+						"status": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "Status of the operation. One of: \"Success\" or \"Failure\". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"resource": {
+						"message": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "A human-readable description of the status of this operation.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-					},
-					Required: []string{"group", "version", "resource"},
-				},
-			},
-			Dependencies: []string{},
-		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.Initializer": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "Initializer is information about an initializer that has not yet completed.",
-					Properties: map[string]spec.Schema{
-						"name": {
+						"reason": {
 							SchemaProps: spec.SchemaProps{
-								Description: "name of the process that is responsible for initializing this object.",
+								Description: "A machine-readable description of why this operation is in the \"Failure\" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-					},
-					Required: []string{"name"},
-				},
-			},
-			Dependencies: []string{},
-		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.Initializers": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "Initializers tracks the progress of initialization.",
-					Properties: map[string]spec.Schema{
-						"pending": {
-							VendorExtensible: spec.VendorExtensible{
-								Extensions: spec.Extensions{
-									"x-kubernetes-patch-merge-key": "name",
-									"x-kubernetes-patch-strategy":  "merge",
-								},
-							},
+						"details": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Initializer"),
-										},
-									},
-								},
+								Description: "Extended data associated with the reason.  Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"),
 							},
 						},
-						"result": {
+						"code": {
 							SchemaProps: spec.SchemaProps{
-								Description: "If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Status"),
+								Description: "Suggested HTTP return code for this status, 0 if not set.",
+								Type:        []string{"integer"},
+								Format:      "int32",
 							},
 						},
 					},
-					Required: []string{"pending"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.Initializer", "k8s.io/apimachinery/pkg/apis/meta/v1.Status"},
+				"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": {
+		"k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "InternalEvent makes watch.Event versioned",
+					Description: "StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.",
 					Properties: map[string]spec.Schema{
-						"Type": {
+						"reason": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "A machine-readable description of the cause of the error. If this value is empty there is no information available.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"Object": {
+						"message": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *api.Status is recommended; other types may make sense\n   depending on context.",
-								Ref:         ref("k8s.io/apimachinery/pkg/runtime.Object"),
+								Description: "A human-readable description of the cause of the error.  This field may be presented as-is to a reader.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"field": {
+							SchemaProps: spec.SchemaProps{
+								Description: "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed.  Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.\n\nExamples:\n  \"name\" - the field \"name\" on the current resource\n  \"items[0].name\" - the field \"name\" on the first array entry in \"items\"",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
 					},
-					Required: []string{"Type", "Object"},
 				},
 			},
-			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/runtime.Object"},
+			Dependencies: []string{},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": {
+		"k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.",
+					Description: "StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.",
 					Properties: map[string]spec.Schema{
-						"matchLabels": {
+						"name": {
 							SchemaProps: spec.SchemaProps{
-								Description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.",
-								Type:        []string{"object"},
-								AdditionalProperties: &spec.SchemaOrBool{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Description: "The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"matchExpressions": {
+						"group": {
 							SchemaProps: spec.SchemaProps{
-								Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"),
-										},
-									},
-								},
+								Description: "The group attribute of the resource associated with the status StatusReason.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-					},
-				},
-			},
-			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"},
-		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.",
-					Properties: map[string]spec.Schema{
-						"key": {
-							VendorExtensible: spec.VendorExtensible{
-								Extensions: spec.Extensions{
-									"x-kubernetes-patch-merge-key": "key",
-									"x-kubernetes-patch-strategy":  "merge",
-								},
-							},
+						"kind": {
 							SchemaProps: spec.SchemaProps{
-								Description: "key is the label key that the selector applies to.",
+								Description: "The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"operator": {
+						"uid": {
 							SchemaProps: spec.SchemaProps{
-								Description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.",
+								Description: "UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"values": {
+						"causes": {
 							SchemaProps: spec.SchemaProps{
-								Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.",
+								Description: "The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
+											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"),
 										},
 									},
 								},
 							},
 						},
+						"retryAfterSeconds": {
+							SchemaProps: spec.SchemaProps{
+								Description: "If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.",
+								Type:        []string{"integer"},
+								Format:      "int32",
+							},
+						},
 					},
-					Required: []string{"key", "operator"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.Time": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Type:   v1.Time{}.OpenAPISchemaType(),
+					Format: v1.Time{}.OpenAPISchemaFormat(),
+				},
+			},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "Timestamp is a struct that is equivalent to Time, but intended for protobuf marshalling/unmarshalling. It is generated into a serialization that matches Time. Do not use in Go structs.",
+					Properties: map[string]spec.Schema{
+						"seconds": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Represents seconds of UTC time since Unix epoch 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59Z inclusive.",
+								Type:        []string{"integer"},
+								Format:      "int64",
+							},
+						},
+						"nanos": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Non-negative fractions of a second at nanosecond resolution. Negative second values with fractions must still have non-negative nanos values that count forward in time. Must be from 0 to 999,999,999 inclusive. This field may be limited in precision depending on context.",
+								Type:        []string{"integer"},
+								Format:      "int32",
+							},
+						},
+					},
+					Required: []string{"seconds", "nanos"},
 				},
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.List": {
+		"k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "List holds a list of objects, which may not be known by the server.",
+					Description: "TypeMeta describes an individual object in an API response or request with strings representing the type of the object and its API schema version. Structures that are versioned or persisted should inline TypeMeta.",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -23278,67 +25155,70 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Format:      "",
 							},
 						},
-						"metadata": {
+					},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "Event represents a single event to a watched resource.",
+					Properties: map[string]spec.Schema{
+						"type": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
+								Type:   []string{"string"},
+								Format: "",
 							},
 						},
-						"items": {
+						"object": {
 							SchemaProps: spec.SchemaProps{
-								Description: "List of objects",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"),
-										},
-									},
-								},
+								Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *Status is recommended; other types may make sense\n   depending on context.",
+								Ref:         ref("k8s.io/apimachinery/pkg/runtime.RawExtension"),
 							},
 						},
 					},
-					Required: []string{"items"},
+					Required: []string{"type", "object"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/runtime.RawExtension"},
+				"k8s.io/apimachinery/pkg/runtime.RawExtension"},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": {
+		"k8s.io/apimachinery/pkg/apis/meta/v1beta1.PartialObjectMetadata": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}.",
+					Description: "PartialObjectMetadata is a generic representation of any object with ObjectMeta. It allows clients to get access to a particular ObjectMeta schema without knowing the details of the version.",
 					Properties: map[string]spec.Schema{
-						"selfLink": {
+						"kind": {
 							SchemaProps: spec.SchemaProps{
-								Description: "selfLink is a URL representing this object. Populated by the system. Read-only.",
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"resourceVersion": {
+						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency",
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"continue": {
+						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response.",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
 							},
 						},
 					},
 				},
 			},
-			Dependencies: []string{},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": {
+		"k8s.io/apimachinery/pkg/apis/meta/v1beta1.PartialObjectMetadataList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "ListOptions is the query options to a standard REST list call.",
+					Description: "PartialObjectMetadataList contains a list of objects containing only their metadata",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -23354,298 +25234,278 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Format:      "",
 							},
 						},
-						"labelSelector": {
+						"items": {
 							SchemaProps: spec.SchemaProps{
-								Description: "A selector to restrict the list of returned objects by their labels. Defaults to everything.",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "items contains each of the included items.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1beta1.PartialObjectMetadata"),
+										},
+									},
+								},
 							},
 						},
-						"fieldSelector": {
+					},
+					Required: []string{"items"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/apis/meta/v1beta1.PartialObjectMetadata"},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1beta1.Table": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "Table is a tabular representation of a set of API resources. The server transforms the object into a set of preferred columns for quickly reviewing the objects.",
+					Properties: map[string]spec.Schema{
+						"kind": {
 							SchemaProps: spec.SchemaProps{
-								Description: "A selector to restrict the list of returned objects by their fields. Defaults to everything.",
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"includeUninitialized": {
-							SchemaProps: spec.SchemaProps{
-								Description: "If true, partially initialized resources are included in the response.",
-								Type:        []string{"boolean"},
-								Format:      "",
-							},
-						},
-						"watch": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.",
-								Type:        []string{"boolean"},
-								Format:      "",
-							},
-						},
-						"resourceVersion": {
+						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv.",
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"timeoutSeconds": {
+						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Timeout for the list/watch call.",
-								Type:        []string{"integer"},
-								Format:      "int64",
+								Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
 							},
 						},
-						"limit": {
+						"columnDefinitions": {
 							SchemaProps: spec.SchemaProps{
-								Description: "limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.\n\nThe server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.",
-								Type:        []string{"integer"},
-								Format:      "int64",
+								Description: "columnDefinitions describes each column in the returned items array. The number of cells per row will always match the number of column definitions.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1beta1.TableColumnDefinition"),
+										},
+									},
+								},
 							},
 						},
-						"continue": {
+						"rows": {
 							SchemaProps: spec.SchemaProps{
-								Description: "The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server the server will respond with a 410 ResourceExpired error indicating the client must restart their list without the continue field. This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "rows is the list of items in the table.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1beta1.TableRow"),
+										},
+									},
+								},
 							},
 						},
 					},
+					Required: []string{"columnDefinitions", "rows"},
 				},
 			},
-			Dependencies: []string{},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1beta1.TableColumnDefinition", "k8s.io/apimachinery/pkg/apis/meta/v1beta1.TableRow"},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": v1.MicroTime{}.OpenAPIDefinition(),
-		"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": {
+		"k8s.io/apimachinery/pkg/apis/meta/v1beta1.TableColumnDefinition": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.",
+					Description: "TableColumnDefinition contains information about a column returned in the Table.",
 					Properties: map[string]spec.Schema{
 						"name": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"generateName": {
-							SchemaProps: spec.SchemaProps{
-								Description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"namespace": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces",
+								Description: "name is a human readable name for the column.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"selfLink": {
+						"type": {
 							SchemaProps: spec.SchemaProps{
-								Description: "SelfLink is a URL representing this object. Populated by the system. Read-only.",
+								Description: "type is an OpenAPI type definition for this column. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"uid": {
+						"format": {
 							SchemaProps: spec.SchemaProps{
-								Description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids",
+								Description: "format is an optional OpenAPI type definition for this column. The 'name' format is applied to the primary identifier column to assist in clients identifying column is the resource name. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"resourceVersion": {
+						"description": {
 							SchemaProps: spec.SchemaProps{
-								Description: "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency",
+								Description: "description is a human readable description of this column.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"generation": {
+						"priority": {
 							SchemaProps: spec.SchemaProps{
-								Description: "A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.",
+								Description: "priority is an integer defining the relative importance of this column compared to others. Lower numbers are considered higher priority. Columns that may be omitted in limited space scenarios should be given a higher priority.",
 								Type:        []string{"integer"},
-								Format:      "int64",
-							},
-						},
-						"creationTimestamp": {
-							SchemaProps: spec.SchemaProps{
-								Description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.\n\nPopulated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"),
-							},
-						},
-						"deletionTimestamp": {
-							SchemaProps: spec.SchemaProps{
-								Description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.\n\nPopulated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"),
+								Format:      "int32",
 							},
 						},
-						"deletionGracePeriodSeconds": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.",
-								Type:        []string{"integer"},
-								Format:      "int64",
+					},
+					Required: []string{"name", "type", "format", "description", "priority"},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1beta1.TableOptions": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "TableOptions are used when a Table is requested by the caller.",
+					Properties: map[string]spec.Schema{
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"labels": {
+						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels",
-								Type:        []string{"object"},
-								AdditionalProperties: &spec.SchemaOrBool{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"annotations": {
+						"includeObject": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations",
-								Type:        []string{"object"},
-								AdditionalProperties: &spec.SchemaOrBool{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Description: "includeObject decides whether to include each object along with its columnar information. Specifying \"None\" will return no object, specifying \"Object\" will return the full object contents, and specifying \"Metadata\" (the default) will return the object's metadata in the PartialObjectMetadata kind in version v1beta1 of the meta.k8s.io API group.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"ownerReferences": {
-							VendorExtensible: spec.VendorExtensible{
-								Extensions: spec.Extensions{
-									"x-kubernetes-patch-merge-key": "uid",
-									"x-kubernetes-patch-strategy":  "merge",
-								},
-							},
+					},
+				},
+			},
+			Dependencies: []string{},
+		},
+		"k8s.io/apimachinery/pkg/apis/meta/v1beta1.TableRow": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "TableRow is an individual row in a table.",
+					Properties: map[string]spec.Schema{
+						"cells": {
 							SchemaProps: spec.SchemaProps{
-								Description: "List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.",
+								Description: "cells will be as wide as headers and may contain strings, numbers, booleans, simple maps, or lists, or null. See the type field of the column definition for a more detailed description.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference"),
+											Type:   []string{"object"},
+											Format: "",
 										},
 									},
 								},
 							},
 						},
-						"initializers": {
-							SchemaProps: spec.SchemaProps{
-								Description: "An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects.\n\nWhen an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Initializers"),
-							},
-						},
-						"finalizers": {
-							VendorExtensible: spec.VendorExtensible{
-								Extensions: spec.Extensions{
-									"x-kubernetes-patch-strategy": "merge",
-								},
-							},
+						"conditions": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed.",
+								Description: "conditions describe additional status of a row that are relevant for a human user.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
+											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1beta1.TableRowCondition"),
 										},
 									},
 								},
 							},
 						},
-						"clusterName": {
+						"object": {
 							SchemaProps: spec.SchemaProps{
-								Description: "The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "This field contains the requested additional information about each object based on the includeObject policy when requesting the Table. If \"None\", this field is empty, if \"Object\" this will be the default serialization of the object for the current API version, and if \"Metadata\" (the default) will contain the object metadata. Check the returned kind and apiVersion of the object before parsing.",
+								Ref:         ref("k8s.io/apimachinery/pkg/runtime.RawExtension"),
 							},
 						},
 					},
+					Required: []string{"cells"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.Initializers", "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"},
+				"k8s.io/apimachinery/pkg/apis/meta/v1beta1.TableRowCondition", "k8s.io/apimachinery/pkg/runtime.RawExtension"},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": {
+		"k8s.io/apimachinery/pkg/apis/meta/v1beta1.TableRowCondition": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.",
+					Description: "TableRowCondition allows a row to be marked with additional information.",
 					Properties: map[string]spec.Schema{
-						"apiVersion": {
+						"type": {
 							SchemaProps: spec.SchemaProps{
-								Description: "API version of the referent.",
+								Description: "Type of row condition.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"kind": {
+						"status": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Description: "Status of the condition, one of True, False, Unknown.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"name": {
+						"reason": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names",
+								Description: "(brief) machine readable reason for the condition's last transition.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"uid": {
+						"message": {
 							SchemaProps: spec.SchemaProps{
-								Description: "UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids",
+								Description: "Human readable message indicating details about last transition.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"controller": {
-							SchemaProps: spec.SchemaProps{
-								Description: "If true, this reference points to the managing controller.",
-								Type:        []string{"boolean"},
-								Format:      "",
-							},
-						},
-						"blockOwnerDeletion": {
-							SchemaProps: spec.SchemaProps{
-								Description: "If true, AND if the owner has the \"foregroundDeletion\" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs \"delete\" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.",
-								Type:        []string{"boolean"},
-								Format:      "",
-							},
-						},
 					},
-					Required: []string{"apiVersion", "kind", "name", "uid"},
+					Required: []string{"type", "status"},
 				},
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.Patch": {
+		"k8s.io/apimachinery/pkg/runtime.RawExtension": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.",
-					Properties:  map[string]spec.Schema{},
+					Description: "RawExtension is used to hold extensions in external versions.\n\nTo use this, make a field which has RawExtension as its type in your external, versioned struct, and Object in your internal struct. You also need to register your various plugin types.\n\n// Internal package: type MyAPIObject struct {\n\truntime.TypeMeta `json:\",inline\"`\n\tMyPlugin runtime.Object `json:\"myPlugin\"`\n} type PluginA struct {\n\tAOption string `json:\"aOption\"`\n}\n\n// External package: type MyAPIObject struct {\n\truntime.TypeMeta `json:\",inline\"`\n\tMyPlugin runtime.RawExtension `json:\"myPlugin\"`\n} type PluginA struct {\n\tAOption string `json:\"aOption\"`\n}\n\n// On the wire, the JSON will look something like this: {\n\t\"kind\":\"MyAPIObject\",\n\t\"apiVersion\":\"v1\",\n\t\"myPlugin\": {\n\t\t\"kind\":\"PluginA\",\n\t\t\"aOption\":\"foo\",\n\t},\n}\n\nSo what happens? Decode first uses json or yaml to unmarshal the serialized data into your external MyAPIObject. That causes the raw JSON to be stored, but not unpacked. The next step is to copy (using pkg/conversion) into the internal struct. The runtime package's DefaultScheme has conversion functions installed which will unpack the JSON stored in RawExtension, turning it into the correct object type, and storing it in the Object. (TODO: In the case where the object is of an unknown type, a runtime.Unknown object will be created and stored.)",
+					Properties: map[string]spec.Schema{
+						"Raw": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Raw is the underlying serialization of this object.",
+								Type:        []string{"string"},
+								Format:      "byte",
+							},
+						},
+					},
+					Required: []string{"Raw"},
 				},
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": {
+		"k8s.io/apimachinery/pkg/runtime.TypeMeta": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.",
+					Description: "TypeMeta is shared by all top level objects. The proper way to use it is to inline it in your type, like this: type MyAwesomeAPIObject struct {\n     runtime.TypeMeta    `json:\",inline\"`\n     ... // other fields\n} func (obj *MyAwesomeAPIObject) SetGroupVersionKind(gvk *metav1.GroupVersionKind) { metav1.UpdateTypeMeta(obj,gvk) }; GroupVersionKind() *GroupVersionKind\n\nTypeMeta is provided here for convenience. You may use it directly from this package or define your own with the same fields.",
 					Properties: map[string]spec.Schema{
-						"uid": {
+						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Specifies the target UID.",
-								Type:        []string{"string"},
-								Format:      "",
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
 							},
 						},
 					},
@@ -23653,60 +25513,127 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": {
+		"k8s.io/apimachinery/pkg/runtime.Unknown": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "RootPaths lists the paths available at root. For example: \"/healthz\", \"/apis\".",
+					Description: "Unknown allows api objects with unknown types to be passed-through. This can be used to deal with the API objects from a plug-in. Unknown objects still have functioning TypeMeta features-- kind, version, etc. metadata and field mutatation.",
 					Properties: map[string]spec.Schema{
-						"paths": {
+						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "paths are the paths available at root.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"Raw": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Raw will hold the complete serialized object which couldn't be matched with a registered type. Most likely, nothing should be done with this except for passing it through the system.",
+								Type:        []string{"string"},
+								Format:      "byte",
+							},
+						},
+						"ContentEncoding": {
+							SchemaProps: spec.SchemaProps{
+								Description: "ContentEncoding is encoding used to encode 'Raw' data. Unspecified means no encoding.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"ContentType": {
+							SchemaProps: spec.SchemaProps{
+								Description: "ContentType  is serialization method used to serialize 'Raw'. Unspecified means ContentTypeJSON.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
 					},
-					Required: []string{"paths"},
+					Required: []string{"Raw", "ContentEncoding", "ContentType"},
 				},
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": {
+		"k8s.io/apimachinery/pkg/util/intstr.IntOrString": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "ServerAddressByClientCIDR helps the client to determine the server address that they should use, depending on the clientCIDR that they match.",
+					Type:   intstr.IntOrString{}.OpenAPISchemaType(),
+					Format: intstr.IntOrString{}.OpenAPISchemaFormat(),
+				},
+			},
+		},
+		"k8s.io/apimachinery/pkg/version.Info": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "Info contains versioning information. how we'll want to distribute that information.",
 					Properties: map[string]spec.Schema{
-						"clientCIDR": {
+						"major": {
 							SchemaProps: spec.SchemaProps{
-								Description: "The CIDR with which clients can match their IP to figure out the server address that they should use.",
-								Type:        []string{"string"},
-								Format:      "",
+								Type:   []string{"string"},
+								Format: "",
 							},
 						},
-						"serverAddress": {
+						"minor": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Address of this server, suitable for a client that matches the above CIDR. This can be a hostname, hostname:port, IP or IP:port.",
-								Type:        []string{"string"},
-								Format:      "",
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"gitVersion": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"gitCommit": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"gitTreeState": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"buildDate": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"goVersion": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"compiler": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"platform": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
 							},
 						},
 					},
-					Required: []string{"clientCIDR", "serverAddress"},
+					Required: []string{"major", "minor", "gitVersion", "gitCommit", "gitTreeState", "buildDate", "goVersion", "compiler", "platform"},
 				},
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.Status": {
+		"k8s.io/apiserver/pkg/apis/audit/v1alpha1.Event": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "Status is a return value for calls that don't return other objects.",
+					Description: "Event captures all the information that can be included in an API audit log.",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -23724,218 +25651,138 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
-							},
-						},
-						"status": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Status of the operation. One of: \"Success\" or \"Failure\". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"message": {
-							SchemaProps: spec.SchemaProps{
-								Description: "A human-readable description of the status of this operation.",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "ObjectMeta is included for interoperability with API infrastructure.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
 							},
 						},
-						"reason": {
+						"level": {
 							SchemaProps: spec.SchemaProps{
-								Description: "A machine-readable description of why this operation is in the \"Failure\" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.",
+								Description: "AuditLevel at which event was generated",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"details": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Extended data associated with the reason.  Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"),
-							},
-						},
-						"code": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Suggested HTTP return code for this status, 0 if not set.",
-								Type:        []string{"integer"},
-								Format:      "int32",
-							},
-						},
-					},
-				},
-			},
-			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails"},
-		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "StatusCause provides more information about an api.Status failure, including cases when multiple errors are encountered.",
-					Properties: map[string]spec.Schema{
-						"reason": {
+						"timestamp": {
 							SchemaProps: spec.SchemaProps{
-								Description: "A machine-readable description of the cause of the error. If this value is empty there is no information available.",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "Time the request reached the apiserver.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"),
 							},
 						},
-						"message": {
+						"auditID": {
 							SchemaProps: spec.SchemaProps{
-								Description: "A human-readable description of the cause of the error.  This field may be presented as-is to a reader.",
+								Description: "Unique audit ID, generated for each request.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"field": {
+						"stage": {
 							SchemaProps: spec.SchemaProps{
-								Description: "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed.  Fields may appear more than once in an array of causes due to fields having multiple errors. Optional.\n\nExamples:\n  \"name\" - the field \"name\" on the current resource\n  \"items[0].name\" - the field \"name\" on the first array entry in \"items\"",
+								Description: "Stage of the request handling when this event instance was generated.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-					},
-				},
-			},
-			Dependencies: []string{},
-		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "StatusDetails is a set of additional properties that MAY be set by the server to provide additional information about a response. The Reason field of a Status object defines what attributes will be set. Clients must ignore fields that do not match the defined type of each attribute, and should assume that any attribute may be empty, invalid, or under defined.",
-					Properties: map[string]spec.Schema{
-						"name": {
+						"requestURI": {
 							SchemaProps: spec.SchemaProps{
-								Description: "The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).",
+								Description: "RequestURI is the request URI as sent by the client to a server.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"group": {
+						"verb": {
 							SchemaProps: spec.SchemaProps{
-								Description: "The group attribute of the resource associated with the status StatusReason.",
+								Description: "Verb is the kubernetes verb associated with the request. For non-resource requests, this is the lower-cased HTTP method.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"kind": {
+						"user": {
 							SchemaProps: spec.SchemaProps{
-								Description: "The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "Authenticated user information.",
+								Ref:         ref("k8s.io/api/authentication/v1.UserInfo"),
 							},
 						},
-						"uid": {
+						"impersonatedUser": {
 							SchemaProps: spec.SchemaProps{
-								Description: "UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "Impersonated user information.",
+								Ref:         ref("k8s.io/api/authentication/v1.UserInfo"),
 							},
 						},
-						"causes": {
+						"sourceIPs": {
 							SchemaProps: spec.SchemaProps{
-								Description: "The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.",
+								Description: "Source IPs, from where the request originated and intermediate proxies.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"),
+											Type:   []string{"string"},
+											Format: "",
 										},
 									},
 								},
 							},
 						},
-						"retryAfterSeconds": {
+						"objectRef": {
 							SchemaProps: spec.SchemaProps{
-								Description: "If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.",
-								Type:        []string{"integer"},
-								Format:      "int32",
+								Description: "Object reference this request is targeted at. Does not apply for List-type requests, or non-resource requests.",
+								Ref:         ref("k8s.io/apiserver/pkg/apis/audit/v1alpha1.ObjectReference"),
 							},
 						},
-					},
-				},
-			},
-			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause"},
-		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.Time": v1.Time{}.OpenAPIDefinition(),
-		"k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "Timestamp is a struct that is equivalent to Time, but intended for protobuf marshalling/unmarshalling. It is generated into a serialization that matches Time. Do not use in Go structs.",
-					Properties: map[string]spec.Schema{
-						"seconds": {
+						"responseStatus": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Represents seconds of UTC time since Unix epoch 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59Z inclusive.",
-								Type:        []string{"integer"},
-								Format:      "int64",
+								Description: "The response status, populated even when the ResponseObject is not a Status type. For successful responses, this will only include the Code and StatusSuccess. For non-status type error responses, this will be auto-populated with the error Message.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Status"),
 							},
 						},
-						"nanos": {
+						"requestObject": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Non-negative fractions of a second at nanosecond resolution. Negative second values with fractions must still have non-negative nanos values that count forward in time. Must be from 0 to 999,999,999 inclusive. This field may be limited in precision depending on context.",
-								Type:        []string{"integer"},
-								Format:      "int32",
+								Description: "API object from the request, in JSON format. The RequestObject is recorded as-is in the request (possibly re-encoded as JSON), prior to version conversion, defaulting, admission or merging. It is an external versioned object type, and may not be a valid object on its own. Omitted for non-resource requests.  Only logged at Request Level and higher.",
+								Ref:         ref("k8s.io/apimachinery/pkg/runtime.Unknown"),
 							},
 						},
-					},
-					Required: []string{"seconds", "nanos"},
-				},
-			},
-			Dependencies: []string{},
-		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "TypeMeta describes an individual object in an API response or request with strings representing the type of the object and its API schema version. Structures that are versioned or persisted should inline TypeMeta.",
-					Properties: map[string]spec.Schema{
-						"kind": {
+						"responseObject": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "API object returned in the response, in JSON. The ResponseObject is recorded after conversion to the external type, and serialized as JSON.  Omitted for non-resource requests.  Only logged at Response Level.",
+								Ref:         ref("k8s.io/apimachinery/pkg/runtime.Unknown"),
 							},
 						},
-						"apiVersion": {
+						"requestReceivedTimestamp": {
 							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "Time the request reached the apiserver.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"),
 							},
 						},
-					},
-				},
-			},
-			Dependencies: []string{},
-		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "Event represents a single event to a watched resource.",
-					Properties: map[string]spec.Schema{
-						"type": {
+						"stageTimestamp": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "Time the request reached current audit stage.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"),
 							},
 						},
-						"object": {
+						"annotations": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Object is:\n * If Type is Added or Modified: the new state of the object.\n * If Type is Deleted: the state of the object immediately before deletion.\n * If Type is Error: *Status is recommended; other types may make sense\n   depending on context.",
-								Ref:         ref("k8s.io/apimachinery/pkg/runtime.RawExtension"),
+								Description: "Annotations is an unstructured key value map stored with an audit event that may be set by plugins invoked in the request serving chain, including authentication, authorization and admission plugins. Keys should uniquely identify the informing component to avoid name collisions (e.g. podsecuritypolicy.admission.k8s.io/policy). Values should be short. Annotations are included in the Metadata level.",
+								Type:        []string{"object"},
+								AdditionalProperties: &spec.SchemaOrBool{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
 							},
 						},
 					},
-					Required: []string{"type", "object"},
+					Required: []string{"level", "timestamp", "auditID", "stage", "requestURI", "verb", "user"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/runtime.RawExtension"},
+				"k8s.io/api/authentication/v1.UserInfo", "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.Status", "k8s.io/apimachinery/pkg/apis/meta/v1.Time", "k8s.io/apimachinery/pkg/runtime.Unknown", "k8s.io/apiserver/pkg/apis/audit/v1alpha1.ObjectReference"},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1alpha1.PartialObjectMetadata": {
+		"k8s.io/apiserver/pkg/apis/audit/v1alpha1.EventList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "PartialObjectMetadata is a generic representation of any object with ObjectMeta. It allows clients to get access to a particular ObjectMeta schema without knowing the details of the version.",
+					Description: "EventList is a list of audit Events.",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -23953,43 +25800,16 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
-							},
-						},
-					},
-				},
-			},
-			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
-		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1alpha1.PartialObjectMetadataList": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "PartialObjectMetadataList contains a list of objects containing only their metadata",
-					Properties: map[string]spec.Schema{
-						"kind": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"apiVersion": {
-							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
-								Type:        []string{"string"},
-								Format:      "",
+								Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
 							},
 						},
 						"items": {
 							SchemaProps: spec.SchemaProps{
-								Description: "items contains each of the included items.",
-								Type:        []string{"array"},
+								Type: []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1alpha1.PartialObjectMetadata"),
+											Ref: ref("k8s.io/apiserver/pkg/apis/audit/v1alpha1.Event"),
 										},
 									},
 								},
@@ -24000,116 +25820,109 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1alpha1.PartialObjectMetadata"},
+				"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apiserver/pkg/apis/audit/v1alpha1.Event"},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1alpha1.Table": {
+		"k8s.io/apiserver/pkg/apis/audit/v1alpha1.GroupResources": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "Table is a tabular representation of a set of API resources. The server transforms the object into a set of preferred columns for quickly reviewing the objects.",
+					Description: "GroupResources represents resource kinds in an API group.",
 					Properties: map[string]spec.Schema{
-						"kind": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"apiVersion": {
-							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"metadata": {
+						"group": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
+								Description: "Group is the name of the API group that contains the resources. The empty string represents the core API group.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"columnDefinitions": {
+						"resources": {
 							SchemaProps: spec.SchemaProps{
-								Description: "columnDefinitions describes each column in the returned items array. The number of cells per row will always match the number of column definitions.",
+								Description: "Resources is a list of resources this rule applies to.\n\nFor example: 'pods' matches pods. 'pods/log' matches the log subresource of pods. '*' matches all resources and their subresources. 'pods/*' matches all subresources of pods. '*/scale' matches all scale subresources.\n\nIf wildcard is present, the validation rule will ensure resources do not overlap with each other.\n\nAn empty list implies all resources and subresources in this API groups apply.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1alpha1.TableColumnDefinition"),
+											Type:   []string{"string"},
+											Format: "",
 										},
 									},
 								},
 							},
 						},
-						"rows": {
+						"resourceNames": {
 							SchemaProps: spec.SchemaProps{
-								Description: "rows is the list of items in the table.",
+								Description: "ResourceNames is a list of resource instance names that the policy matches. Using this field requires Resources to be specified. An empty list implies that every instance of the resource is matched.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1alpha1.TableRow"),
+											Type:   []string{"string"},
+											Format: "",
 										},
 									},
 								},
 							},
 						},
 					},
-					Required: []string{"columnDefinitions", "rows"},
 				},
 			},
-			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apimachinery/pkg/apis/meta/v1alpha1.TableColumnDefinition", "k8s.io/apimachinery/pkg/apis/meta/v1alpha1.TableRow"},
+			Dependencies: []string{},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1alpha1.TableColumnDefinition": {
+		"k8s.io/apiserver/pkg/apis/audit/v1alpha1.ObjectReference": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "TableColumnDefinition contains information about a column returned in the Table.",
+					Description: "ObjectReference contains enough information to let you inspect or modify the referred object.",
 					Properties: map[string]spec.Schema{
+						"resource": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
+						"namespace": {
+							SchemaProps: spec.SchemaProps{
+								Type:   []string{"string"},
+								Format: "",
+							},
+						},
 						"name": {
 							SchemaProps: spec.SchemaProps{
-								Description: "name is a human readable name for the column.",
-								Type:        []string{"string"},
-								Format:      "",
+								Type:   []string{"string"},
+								Format: "",
 							},
 						},
-						"type": {
+						"uid": {
 							SchemaProps: spec.SchemaProps{
-								Description: "type is an OpenAPI type definition for this column. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.",
-								Type:        []string{"string"},
-								Format:      "",
+								Type:   []string{"string"},
+								Format: "",
 							},
 						},
-						"format": {
+						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "format is an optional OpenAPI type definition for this column. The 'name' format is applied to the primary identifier column to assist in clients identifying column is the resource name. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.",
-								Type:        []string{"string"},
-								Format:      "",
+								Type:   []string{"string"},
+								Format: "",
 							},
 						},
-						"description": {
+						"resourceVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "description is a human readable description of this column.",
-								Type:        []string{"string"},
-								Format:      "",
+								Type:   []string{"string"},
+								Format: "",
 							},
 						},
-						"priority": {
+						"subresource": {
 							SchemaProps: spec.SchemaProps{
-								Description: "priority is an integer defining the relative importance of this column compared to others. Lower numbers are considered higher priority. Columns that may be omitted in limited space scenarios should be given a higher priority.",
-								Type:        []string{"integer"},
-								Format:      "int32",
+								Type:   []string{"string"},
+								Format: "",
 							},
 						},
 					},
-					Required: []string{"name", "type", "format", "description", "priority"},
 				},
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1alpha1.TableOptions": {
+		"k8s.io/apiserver/pkg/apis/audit/v1alpha1.Policy": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "TableOptions are used when a Table is requested by the caller.",
+					Description: "Policy defines the configuration of audit logging, and the rules for how different request categories are logged.",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -24125,253 +25938,206 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Format:      "",
 							},
 						},
-						"includeObject": {
+						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "includeObject decides whether to include each object along with its columnar information. Specifying \"None\" will return no object, specifying \"Object\" will return the full object contents, and specifying \"Metadata\" (the default) will return the object's metadata in the PartialObjectMetadata kind in version v1alpha1 of the meta.k8s.io API group.",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "ObjectMeta is included for interoperability with API infrastructure.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
 							},
 						},
-					},
-				},
-			},
-			Dependencies: []string{},
-		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1alpha1.TableRow": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "TableRow is an individual row in a table.",
-					Properties: map[string]spec.Schema{
-						"cells": {
+						"rules": {
 							SchemaProps: spec.SchemaProps{
-								Description: "cells will be as wide as headers and may contain strings, numbers, booleans, simple maps, or lists, or null. See the type field of the column definition for a more detailed description.",
+								Description: "Rules specify the audit Level a request should be recorded at. A request may match multiple rules, in which case the FIRST matching rule is used. The default audit level is None, but can be overridden by a catch-all rule at the end of the list. PolicyRules are strictly ordered.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Type:   []string{"object"},
-											Format: "",
+											Ref: ref("k8s.io/apiserver/pkg/apis/audit/v1alpha1.PolicyRule"),
 										},
 									},
 								},
 							},
 						},
-						"conditions": {
+						"omitStages": {
 							SchemaProps: spec.SchemaProps{
-								Description: "conditions describe additional status of a row that are relevant for a human user.",
+								Description: "OmitStages is a list of stages for which no events are created. Note that this can also be specified per rule in which case the union of both are omitted.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1alpha1.TableRowCondition"),
+											Type:   []string{"string"},
+											Format: "",
 										},
 									},
 								},
 							},
 						},
-						"object": {
-							SchemaProps: spec.SchemaProps{
-								Description: "This field contains the requested additional information about each object based on the includeObject policy when requesting the Table. If \"None\", this field is empty, if \"Object\" this will be the default serialization of the object for the current API version, and if \"Metadata\" (the default) will contain the object metadata. Check the returned kind and apiVersion of the object before parsing.",
-								Ref:         ref("k8s.io/apimachinery/pkg/runtime.RawExtension"),
-							},
-						},
 					},
-					Required: []string{"cells"},
+					Required: []string{"rules"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1alpha1.TableRowCondition", "k8s.io/apimachinery/pkg/runtime.RawExtension"},
+				"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta", "k8s.io/apiserver/pkg/apis/audit/v1alpha1.PolicyRule"},
 		},
-		"k8s.io/apimachinery/pkg/apis/meta/v1alpha1.TableRowCondition": {
+		"k8s.io/apiserver/pkg/apis/audit/v1alpha1.PolicyList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "TableRowCondition allows a row to be marked with additional information.",
+					Description: "PolicyList is a list of audit Policies.",
 					Properties: map[string]spec.Schema{
-						"type": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Type of row condition.",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"status": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Status of the condition, one of True, False, Unknown.",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"reason": {
+						"kind": {
 							SchemaProps: spec.SchemaProps{
-								Description: "(brief) machine readable reason for the condition's last transition.",
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"message": {
+						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Human readable message indicating details about last transition.",
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-					},
-					Required: []string{"type", "status"},
-				},
-			},
-			Dependencies: []string{},
-		},
-		"k8s.io/apimachinery/pkg/runtime.RawExtension": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "RawExtension is used to hold extensions in external versions.\n\nTo use this, make a field which has RawExtension as its type in your external, versioned struct, and Object in your internal struct. You also need to register your various plugin types.\n\n// Internal package: type MyAPIObject struct {\n\truntime.TypeMeta `json:\",inline\"`\n\tMyPlugin runtime.Object `json:\"myPlugin\"`\n} type PluginA struct {\n\tAOption string `json:\"aOption\"`\n}\n\n// External package: type MyAPIObject struct {\n\truntime.TypeMeta `json:\",inline\"`\n\tMyPlugin runtime.RawExtension `json:\"myPlugin\"`\n} type PluginA struct {\n\tAOption string `json:\"aOption\"`\n}\n\n// On the wire, the JSON will look something like this: {\n\t\"kind\":\"MyAPIObject\",\n\t\"apiVersion\":\"v1\",\n\t\"myPlugin\": {\n\t\t\"kind\":\"PluginA\",\n\t\t\"aOption\":\"foo\",\n\t},\n}\n\nSo what happens? Decode first uses json or yaml to unmarshal the serialized data into your external MyAPIObject. That causes the raw JSON to be stored, but not unpacked. The next step is to copy (using pkg/conversion) into the internal struct. The runtime package's DefaultScheme has conversion functions installed which will unpack the JSON stored in RawExtension, turning it into the correct object type, and storing it in the Object. (TODO: In the case where the object is of an unknown type, a runtime.Unknown object will be created and stored.)",
-					Properties: map[string]spec.Schema{
-						"Raw": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Raw is the underlying serialization of this object.",
-								Type:        []string{"string"},
-								Format:      "byte",
-							},
-						},
-					},
-					Required: []string{"Raw"},
-				},
-			},
-			Dependencies: []string{},
-		},
-		"k8s.io/apimachinery/pkg/runtime.TypeMeta": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "TypeMeta is shared by all top level objects. The proper way to use it is to inline it in your type, like this: type MyAwesomeAPIObject struct {\n     runtime.TypeMeta    `json:\",inline\"`\n     ... // other fields\n} func (obj *MyAwesomeAPIObject) SetGroupVersionKind(gvk *metav1.GroupVersionKind) { metav1.UpdateTypeMeta(obj,gvk) }; GroupVersionKind() *GroupVersionKind\n\nTypeMeta is provided here for convenience. You may use it directly from this package or define your own with the same fields.",
-					Properties: map[string]spec.Schema{
-						"apiVersion": {
+						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
 							},
 						},
-						"kind": {
+						"items": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Type: []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apiserver/pkg/apis/audit/v1alpha1.Policy"),
+										},
+									},
+								},
 							},
 						},
 					},
+					Required: []string{"items"},
 				},
 			},
-			Dependencies: []string{},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apiserver/pkg/apis/audit/v1alpha1.Policy"},
 		},
-		"k8s.io/apimachinery/pkg/runtime.Unknown": {
+		"k8s.io/apiserver/pkg/apis/audit/v1alpha1.PolicyRule": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "Unknown allows api objects with unknown types to be passed-through. This can be used to deal with the API objects from a plug-in. Unknown objects still have functioning TypeMeta features-- kind, version, etc. metadata and field mutatation.",
+					Description: "PolicyRule maps requests based off metadata to an audit Level. Requests must match the rules of every field (an intersection of rules).",
 					Properties: map[string]spec.Schema{
-						"apiVersion": {
-							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
-							},
-						},
-						"kind": {
-							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
-							},
-						},
-						"Raw": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Raw will hold the complete serialized object which couldn't be matched with a registered type. Most likely, nothing should be done with this except for passing it through the system.",
-								Type:        []string{"string"},
-								Format:      "byte",
-							},
-						},
-						"ContentEncoding": {
-							SchemaProps: spec.SchemaProps{
-								Description: "ContentEncoding is encoding used to encode 'Raw' data. Unspecified means no encoding.",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"ContentType": {
+						"level": {
 							SchemaProps: spec.SchemaProps{
-								Description: "ContentType  is serialization method used to serialize 'Raw'. Unspecified means ContentTypeJSON.",
+								Description: "The Level that requests matching this rule are recorded at.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-					},
-					Required: []string{"Raw", "ContentEncoding", "ContentType"},
-				},
-			},
-			Dependencies: []string{},
-		},
-		"k8s.io/apimachinery/pkg/util/intstr.IntOrString": intstr.IntOrString{}.OpenAPIDefinition(),
-		"k8s.io/apimachinery/pkg/version.Info": {
-			Schema: spec.Schema{
-				SchemaProps: spec.SchemaProps{
-					Description: "Info contains versioning information. how we'll want to distribute that information.",
-					Properties: map[string]spec.Schema{
-						"major": {
-							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
-							},
-						},
-						"minor": {
-							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
-							},
-						},
-						"gitVersion": {
+						"users": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "The users (by authenticated user name) this rule applies to. An empty list implies every user.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
 							},
 						},
-						"gitCommit": {
+						"userGroups": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "The user groups this rule applies to. A user is considered matching if it is a member of any of the UserGroups. An empty list implies every user group.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
 							},
 						},
-						"gitTreeState": {
+						"verbs": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "The verbs that match this rule. An empty list implies every verb.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
 							},
 						},
-						"buildDate": {
+						"resources": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "Resources that this rule matches. An empty list implies all kinds in all API groups.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/apiserver/pkg/apis/audit/v1alpha1.GroupResources"),
+										},
+									},
+								},
 							},
 						},
-						"goVersion": {
+						"namespaces": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "Namespaces that this rule matches. The empty string \"\" matches non-namespaced resources. An empty list implies every namespace.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
 							},
 						},
-						"compiler": {
+						"nonResourceURLs": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "NonResourceURLs is a set of URL paths that should be audited. *s are allowed, but only as the full, final step in the path. Examples:\n \"/metrics\" - Log requests for apiserver metrics\n \"/healthz*\" - Log all health checks",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
 							},
 						},
-						"platform": {
+						"omitStages": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "OmitStages is a list of stages for which no events are created. Note that this can also be specified policy wide in which case the union of both are omitted. An empty list means no restrictions will apply.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
 							},
 						},
 					},
-					Required: []string{"major", "minor", "gitVersion", "gitCommit", "gitTreeState", "buildDate", "goVersion", "compiler", "platform"},
+					Required: []string{"level"},
 				},
 			},
-			Dependencies: []string{},
+			Dependencies: []string{
+				"k8s.io/apiserver/pkg/apis/audit/v1alpha1.GroupResources"},
 		},
-		"k8s.io/apiserver/pkg/apis/audit/v1alpha1.Event": {
+		"k8s.io/apiserver/pkg/apis/audit/v1beta1.Event": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "Event captures all the information that can be included in an API audit log.",
@@ -24392,7 +26158,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Description: "ObjectMeta is included for interoperability with API infrastructure.",
+								Description: "ObjectMeta is included for interoperability with API infrastructure. DEPRECATED: Use StageTimestamp which supports micro second instead of ObjectMeta.CreateTimestamp and the rest of the object is not used",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
 							},
 						},
@@ -24405,7 +26171,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"timestamp": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Time the request reached the apiserver.",
+								Description: "Time the request reached the apiserver. DEPRECATED: Use RequestReceivedTimestamp which supports micro second instead.",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"),
 							},
 						},
@@ -24466,7 +26232,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						"objectRef": {
 							SchemaProps: spec.SchemaProps{
 								Description: "Object reference this request is targeted at. Does not apply for List-type requests, or non-resource requests.",
-								Ref:         ref("k8s.io/apiserver/pkg/apis/audit/v1alpha1.ObjectReference"),
+								Ref:         ref("k8s.io/apiserver/pkg/apis/audit/v1beta1.ObjectReference"),
 							},
 						},
 						"responseStatus": {
@@ -24499,14 +26265,28 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"),
 							},
 						},
+						"annotations": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Annotations is an unstructured key value map stored with an audit event that may be set by plugins invoked in the request serving chain, including authentication, authorization and admission plugins. Keys should uniquely identify the informing component to avoid name collisions (e.g. podsecuritypolicy.admission.k8s.io/policy). Values should be short. Annotations are included in the Metadata level.",
+								Type:        []string{"object"},
+								AdditionalProperties: &spec.SchemaOrBool{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
+							},
+						},
 					},
 					Required: []string{"level", "timestamp", "auditID", "stage", "requestURI", "verb", "user"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/authentication/v1.UserInfo", "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.Status", "k8s.io/apimachinery/pkg/apis/meta/v1.Time", "k8s.io/apimachinery/pkg/runtime.Unknown", "k8s.io/apiserver/pkg/apis/audit/v1alpha1.ObjectReference"},
+				"k8s.io/api/authentication/v1.UserInfo", "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.Status", "k8s.io/apimachinery/pkg/apis/meta/v1.Time", "k8s.io/apimachinery/pkg/runtime.Unknown", "k8s.io/apiserver/pkg/apis/audit/v1beta1.ObjectReference"},
 		},
-		"k8s.io/apiserver/pkg/apis/audit/v1alpha1.EventList": {
+		"k8s.io/apiserver/pkg/apis/audit/v1beta1.EventList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "EventList is a list of audit Events.",
@@ -24536,7 +26316,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apiserver/pkg/apis/audit/v1alpha1.Event"),
+											Ref: ref("k8s.io/apiserver/pkg/apis/audit/v1beta1.Event"),
 										},
 									},
 								},
@@ -24547,9 +26327,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apiserver/pkg/apis/audit/v1alpha1.Event"},
+				"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apiserver/pkg/apis/audit/v1beta1.Event"},
 		},
-		"k8s.io/apiserver/pkg/apis/audit/v1alpha1.GroupResources": {
+		"k8s.io/apiserver/pkg/apis/audit/v1beta1.GroupResources": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "GroupResources represents resource kinds in an API group.",
@@ -24563,7 +26343,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"resources": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Resources is a list of resources within the API group. Subresources are matched using a \"/\" to indicate the subresource. For example, \"pods/logs\" would match request to the logs subresource of pods. The top level resource does not match subresources, \"pods\" doesn't match \"pods/logs\".",
+								Description: "Resources is a list of resources this rule applies to.\n\nFor example: 'pods' matches pods. 'pods/log' matches the log subresource of pods. '*' matches all resources and their subresources. 'pods/*' matches all subresources of pods. '*/scale' matches all scale subresources.\n\nIf wildcard is present, the validation rule will ensure resources do not overlap with each other.\n\nAn empty list implies all resources and subresources in this API groups apply.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
@@ -24594,7 +26374,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/apiserver/pkg/apis/audit/v1alpha1.ObjectReference": {
+		"k8s.io/apiserver/pkg/apis/audit/v1beta1.ObjectReference": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "ObjectReference contains enough information to let you inspect or modify the referred object.",
@@ -24623,10 +26403,18 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Format: "",
 							},
 						},
+						"apiGroup": {
+							SchemaProps: spec.SchemaProps{
+								Description: "APIGroup is the name of the API group that contains the referred object. The empty string represents the core API group.",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
 						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "APIVersion is the version of the API group that contains the referred object.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
 						"resourceVersion": {
@@ -24646,7 +26434,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/apiserver/pkg/apis/audit/v1alpha1.Policy": {
+		"k8s.io/apiserver/pkg/apis/audit/v1beta1.Policy": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "Policy defines the configuration of audit logging, and the rules for how different request categories are logged.",
@@ -24678,7 +26466,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apiserver/pkg/apis/audit/v1alpha1.PolicyRule"),
+											Ref: ref("k8s.io/apiserver/pkg/apis/audit/v1beta1.PolicyRule"),
 										},
 									},
 								},
@@ -24703,9 +26491,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta", "k8s.io/apiserver/pkg/apis/audit/v1alpha1.PolicyRule"},
+				"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta", "k8s.io/apiserver/pkg/apis/audit/v1beta1.PolicyRule"},
 		},
-		"k8s.io/apiserver/pkg/apis/audit/v1alpha1.PolicyList": {
+		"k8s.io/apiserver/pkg/apis/audit/v1beta1.PolicyList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "PolicyList is a list of audit Policies.",
@@ -24735,7 +26523,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apiserver/pkg/apis/audit/v1alpha1.Policy"),
+											Ref: ref("k8s.io/apiserver/pkg/apis/audit/v1beta1.Policy"),
 										},
 									},
 								},
@@ -24746,9 +26534,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apiserver/pkg/apis/audit/v1alpha1.Policy"},
+				"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apiserver/pkg/apis/audit/v1beta1.Policy"},
 		},
-		"k8s.io/apiserver/pkg/apis/audit/v1alpha1.PolicyRule": {
+		"k8s.io/apiserver/pkg/apis/audit/v1beta1.PolicyRule": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Description: "PolicyRule maps requests based off metadata to an audit Level. Requests must match the rules of every field (an intersection of rules).",
@@ -24809,7 +26597,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apiserver/pkg/apis/audit/v1alpha1.GroupResources"),
+											Ref: ref("k8s.io/apiserver/pkg/apis/audit/v1beta1.GroupResources"),
 										},
 									},
 								},
@@ -24862,12 +26650,12 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apiserver/pkg/apis/audit/v1alpha1.GroupResources"},
+				"k8s.io/apiserver/pkg/apis/audit/v1beta1.GroupResources"},
 		},
-		"k8s.io/apiserver/pkg/apis/audit/v1beta1.Event": {
+		"k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1.ExecCredential": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "Event captures all the information that can be included in an API audit log.",
+					Description: "ExecCredentials is used by exec-based plugins to communicate credentials to HTTP transports.",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -24883,203 +26671,103 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Format:      "",
 							},
 						},
-						"metadata": {
-							SchemaProps: spec.SchemaProps{
-								Description: "ObjectMeta is included for interoperability with API infrastructure. DEPRECATED: Use StageTimestamp which supports micro second instead of ObjectMeta.CreateTimestamp and the rest of the object is not used",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
-							},
-						},
-						"level": {
-							SchemaProps: spec.SchemaProps{
-								Description: "AuditLevel at which event was generated",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"timestamp": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Time the request reached the apiserver. DEPRECATED: Use RequestReceivedTimestamp which supports micro second instead.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"),
-							},
-						},
-						"auditID": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Unique audit ID, generated for each request.",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"stage": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Stage of the request handling when this event instance was generated.",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"requestURI": {
-							SchemaProps: spec.SchemaProps{
-								Description: "RequestURI is the request URI as sent by the client to a server.",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"verb": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Verb is the kubernetes verb associated with the request. For non-resource requests, this is the lower-cased HTTP method.",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"user": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Authenticated user information.",
-								Ref:         ref("k8s.io/api/authentication/v1.UserInfo"),
-							},
-						},
-						"impersonatedUser": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Impersonated user information.",
-								Ref:         ref("k8s.io/api/authentication/v1.UserInfo"),
-							},
-						},
-						"sourceIPs": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Source IPs, from where the request originated and intermediate proxies.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
-							},
-						},
-						"objectRef": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Object reference this request is targeted at. Does not apply for List-type requests, or non-resource requests.",
-								Ref:         ref("k8s.io/apiserver/pkg/apis/audit/v1beta1.ObjectReference"),
-							},
-						},
-						"responseStatus": {
-							SchemaProps: spec.SchemaProps{
-								Description: "The response status, populated even when the ResponseObject is not a Status type. For successful responses, this will only include the Code and StatusSuccess. For non-status type error responses, this will be auto-populated with the error Message.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Status"),
-							},
-						},
-						"requestObject": {
+						"spec": {
 							SchemaProps: spec.SchemaProps{
-								Description: "API object from the request, in JSON format. The RequestObject is recorded as-is in the request (possibly re-encoded as JSON), prior to version conversion, defaulting, admission or merging. It is an external versioned object type, and may not be a valid object on its own. Omitted for non-resource requests.  Only logged at Request Level and higher.",
-								Ref:         ref("k8s.io/apimachinery/pkg/runtime.Unknown"),
+								Description: "Spec holds information passed to the plugin by the transport. This contains request and runtime specific information, such as if the session is interactive.",
+								Ref:         ref("k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1.ExecCredentialSpec"),
 							},
 						},
-						"responseObject": {
+						"status": {
 							SchemaProps: spec.SchemaProps{
-								Description: "API object returned in the response, in JSON. The ResponseObject is recorded after conversion to the external type, and serialized as JSON.  Omitted for non-resource requests.  Only logged at Response Level.",
-								Ref:         ref("k8s.io/apimachinery/pkg/runtime.Unknown"),
+								Description: "Status is filled in by the plugin and holds the credentials that the transport should use to contact the API.",
+								Ref:         ref("k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1.ExecCredentialStatus"),
 							},
 						},
-						"requestReceivedTimestamp": {
+					},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1.ExecCredentialSpec", "k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1.ExecCredentialStatus"},
+		},
+		"k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1.ExecCredentialSpec": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "ExecCredenitalSpec holds request and runtime specific information provided by the transport.",
+					Properties: map[string]spec.Schema{
+						"response": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Time the request reached the apiserver.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"),
+								Description: "Response is populated when the transport encounters HTTP status codes, such as 401, suggesting previous credentials were invalid.",
+								Ref:         ref("k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1.Response"),
 							},
 						},
-						"stageTimestamp": {
+						"interactive": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Time the request reached current audit stage.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime"),
+								Description: "Interactive is true when the transport detects the command is being called from an interactive prompt.",
+								Type:        []string{"boolean"},
+								Format:      "",
 							},
 						},
 					},
-					Required: []string{"level", "timestamp", "auditID", "stage", "requestURI", "verb", "user"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/api/authentication/v1.UserInfo", "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta", "k8s.io/apimachinery/pkg/apis/meta/v1.Status", "k8s.io/apimachinery/pkg/apis/meta/v1.Time", "k8s.io/apimachinery/pkg/runtime.Unknown", "k8s.io/apiserver/pkg/apis/audit/v1beta1.ObjectReference"},
+				"k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1.Response"},
 		},
-		"k8s.io/apiserver/pkg/apis/audit/v1beta1.EventList": {
+		"k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1.ExecCredentialStatus": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "EventList is a list of audit Events.",
+					Description: "ExecCredentialStatus holds credentials for the transport to use.",
 					Properties: map[string]spec.Schema{
-						"kind": {
+						"expirationTimestamp": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "ExpirationTimestamp indicates a time when the provided credentials expire.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"),
 							},
 						},
-						"apiVersion": {
+						"token": {
 							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Description: "Token is a bearer token used by the client for request authentication.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"metadata": {
-							SchemaProps: spec.SchemaProps{
-								Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
-							},
-						},
-						"items": {
-							SchemaProps: spec.SchemaProps{
-								Type: []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apiserver/pkg/apis/audit/v1beta1.Event"),
-										},
-									},
-								},
-							},
-						},
 					},
-					Required: []string{"items"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apiserver/pkg/apis/audit/v1beta1.Event"},
+				"k8s.io/apimachinery/pkg/apis/meta/v1.Time"},
 		},
-		"k8s.io/apiserver/pkg/apis/audit/v1beta1.GroupResources": {
+		"k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1.Response": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "GroupResources represents resource kinds in an API group.",
+					Description: "Response defines metadata about a failed request, including HTTP status code and response headers.",
 					Properties: map[string]spec.Schema{
-						"group": {
-							SchemaProps: spec.SchemaProps{
-								Description: "Group is the name of the API group that contains the resources. The empty string represents the core API group.",
-								Type:        []string{"string"},
-								Format:      "",
-							},
-						},
-						"resources": {
+						"header": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Resources is a list of resources within the API group. Subresources are matched using a \"/\" to indicate the subresource. For example, \"pods/log\" would match request to the log subresource of pods. The top level resource does not match subresources, \"pods\" doesn't match \"pods/log\".",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
+								Description: "Header holds HTTP headers returned by the server.",
+								Type:        []string{"object"},
+								AdditionalProperties: &spec.SchemaOrBool{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
+											Type: []string{"array"},
+											Items: &spec.SchemaOrArray{
+												Schema: &spec.Schema{
+													SchemaProps: spec.SchemaProps{
+														Type:   []string{"string"},
+														Format: "",
+													},
+												},
+											},
 										},
 									},
 								},
 							},
 						},
-						"resourceNames": {
+						"code": {
 							SchemaProps: spec.SchemaProps{
-								Description: "ResourceNames is a list of resource instance names that the policy matches. Using this field requires Resources to be specified. An empty list implies that every instance of the resource is matched.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Description: "Code is the HTTP status code returned by the server.",
+								Type:        []string{"integer"},
+								Format:      "int32",
 							},
 						},
 					},
@@ -25087,129 +26775,97 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/apiserver/pkg/apis/audit/v1beta1.ObjectReference": {
+		"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1.APIService": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "ObjectReference contains enough information to let you inspect or modify the referred object.",
+					Description: "APIService represents a server for a particular GroupVersion. Name must be \"version.group\".",
 					Properties: map[string]spec.Schema{
-						"resource": {
-							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
-							},
-						},
-						"namespace": {
-							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
-							},
-						},
-						"name": {
-							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
-							},
-						},
-						"uid": {
-							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
-							},
-						},
-						"apiGroup": {
+						"kind": {
 							SchemaProps: spec.SchemaProps{
-								Description: "APIGroup is the name of the API group that contains the referred object. The empty string represents the core API group.",
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 						"apiVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion is the version of the API group that contains the referred object.",
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"resourceVersion": {
+						"metadata": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
 							},
 						},
-						"subresource": {
+						"spec": {
 							SchemaProps: spec.SchemaProps{
-								Type:   []string{"string"},
-								Format: "",
+								Description: "Spec contains information for locating and communicating with a server",
+								Ref:         ref("k8s.io/kube-aggregator/pkg/apis/apiregistration/v1.APIServiceSpec"),
+							},
+						},
+						"status": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Status contains derived information about an API server",
+								Ref:         ref("k8s.io/kube-aggregator/pkg/apis/apiregistration/v1.APIServiceStatus"),
 							},
 						},
 					},
 				},
 			},
-			Dependencies: []string{},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta", "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1.APIServiceSpec", "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1.APIServiceStatus"},
 		},
-		"k8s.io/apiserver/pkg/apis/audit/v1beta1.Policy": {
+		"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1.APIServiceCondition": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "Policy defines the configuration of audit logging, and the rules for how different request categories are logged.",
 					Properties: map[string]spec.Schema{
-						"kind": {
+						"type": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Description: "Type is the type of the condition.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"apiVersion": {
+						"status": {
 							SchemaProps: spec.SchemaProps{
-								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Description: "Status is the status of the condition. Can be True, False, Unknown.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"metadata": {
+						"lastTransitionTime": {
 							SchemaProps: spec.SchemaProps{
-								Description: "ObjectMeta is included for interoperability with API infrastructure.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
+								Description: "Last time the condition transitioned from one status to another.",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"),
 							},
 						},
-						"rules": {
+						"reason": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Rules specify the audit Level a request should be recorded at. A request may match multiple rules, in which case the FIRST matching rule is used. The default audit level is None, but can be overridden by a catch-all rule at the end of the list. PolicyRules are strictly ordered.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apiserver/pkg/apis/audit/v1beta1.PolicyRule"),
-										},
-									},
-								},
+								Description: "Unique, one-word, CamelCase reason for the condition's last transition.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"omitStages": {
+						"message": {
 							SchemaProps: spec.SchemaProps{
-								Description: "OmitStages is a list of stages for which no events are created. Note that this can also be specified per rule in which case the union of both are omitted.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Description: "Human-readable message indicating details about last transition.",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
 					},
-					Required: []string{"rules"},
+					Required: []string{"type", "status"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta", "k8s.io/apiserver/pkg/apis/audit/v1beta1.PolicyRule"},
+				"k8s.io/apimachinery/pkg/apis/meta/v1.Time"},
 		},
-		"k8s.io/apiserver/pkg/apis/audit/v1beta1.PolicyList": {
+		"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1.APIServiceList": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "PolicyList is a list of audit Policies.",
+					Description: "APIServiceList is a list of APIService objects.",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -25236,7 +26892,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apiserver/pkg/apis/audit/v1beta1.Policy"),
+											Ref: ref("k8s.io/kube-aggregator/pkg/apis/apiregistration/v1.APIService"),
 										},
 									},
 								},
@@ -25247,123 +26903,121 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/apiserver/pkg/apis/audit/v1beta1.Policy"},
+				"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1.APIService"},
 		},
-		"k8s.io/apiserver/pkg/apis/audit/v1beta1.PolicyRule": {
+		"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1.APIServiceSpec": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "PolicyRule maps requests based off metadata to an audit Level. Requests must match the rules of every field (an intersection of rules).",
+					Description: "APIServiceSpec contains information for locating and communicating with a server. Only https is supported, though you are able to disable certificate verification.",
 					Properties: map[string]spec.Schema{
-						"level": {
+						"service": {
 							SchemaProps: spec.SchemaProps{
-								Description: "The Level that requests matching this rule are recorded at.",
+								Description: "Service is a reference to the service for this API server.  It must communicate on port 443 If the Service is nil, that means the handling for the API groupversion is handled locally on this server. The call will simply delegate to the normal handler chain to be fulfilled.",
+								Ref:         ref("k8s.io/kube-aggregator/pkg/apis/apiregistration/v1.ServiceReference"),
+							},
+						},
+						"group": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Group is the API group name this server hosts",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"users": {
+						"version": {
 							SchemaProps: spec.SchemaProps{
-								Description: "The users (by authenticated user name) this rule applies to. An empty list implies every user.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Description: "Version is the API version this server hosts.  For example, \"v1\"",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"userGroups": {
+						"insecureSkipTLSVerify": {
 							SchemaProps: spec.SchemaProps{
-								Description: "The user groups this rule applies to. A user is considered matching if it is a member of any of the UserGroups. An empty list implies every user group.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Description: "InsecureSkipTLSVerify disables TLS certificate verification when communicating with this server. This is strongly discouraged.  You should use the CABundle instead.",
+								Type:        []string{"boolean"},
+								Format:      "",
 							},
 						},
-						"verbs": {
+						"caBundle": {
 							SchemaProps: spec.SchemaProps{
-								Description: "The verbs that match this rule. An empty list implies every verb.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Description: "CABundle is a PEM encoded CA bundle which will be used to validate an API server's serving certificate.",
+								Type:        []string{"string"},
+								Format:      "byte",
 							},
 						},
-						"resources": {
+						"groupPriorityMinimum": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Resources that this rule matches. An empty list implies all kinds in all API groups.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Ref: ref("k8s.io/apiserver/pkg/apis/audit/v1beta1.GroupResources"),
-										},
-									},
+								Description: "GroupPriorityMininum is the priority this group should have at least. Higher priority means that the group is preferred by clients over lower priority ones. Note that other versions of this group might specify even higher GroupPriorityMininum values such that the whole group gets a higher priority. The primary sort is based on GroupPriorityMinimum, ordered highest number to lowest (20 before 10). The secondary sort is based on the alphabetical comparison of the name of the object.  (v1.bar before v1.foo) We'd recommend something like: *.k8s.io (except extensions) at 18000 and PaaSes (OpenShift, Deis) are recommended to be in the 2000s",
+								Type:        []string{"integer"},
+								Format:      "int32",
+							},
+						},
+						"versionPriority": {
+							SchemaProps: spec.SchemaProps{
+								Description: "VersionPriority controls the ordering of this API version inside of its group.  Must be greater than zero. The primary sort is based on VersionPriority, ordered highest to lowest (20 before 10). The secondary sort is based on the alphabetical comparison of the name of the object.  (v1.bar before v1.foo) Since it's inside of a group, the number can be small, probably in the 10s.",
+								Type:        []string{"integer"},
+								Format:      "int32",
+							},
+						},
+					},
+					Required: []string{"service", "caBundle", "groupPriorityMinimum", "versionPriority"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1.ServiceReference"},
+		},
+		"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1.APIServiceStatus": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "APIServiceStatus contains derived information about an API server",
+					Properties: map[string]spec.Schema{
+						"conditions": {
+							VendorExtensible: spec.VendorExtensible{
+								Extensions: spec.Extensions{
+									"x-kubernetes-patch-merge-key": "type",
+									"x-kubernetes-patch-strategy":  "merge",
 								},
 							},
-						},
-						"namespaces": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Namespaces that this rule matches. The empty string \"\" matches non-namespaced resources. An empty list implies every namespace.",
+								Description: "Current service state of apiService.",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
 										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
+											Ref: ref("k8s.io/kube-aggregator/pkg/apis/apiregistration/v1.APIServiceCondition"),
 										},
 									},
 								},
 							},
 						},
-						"nonResourceURLs": {
+					},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1.APIServiceCondition"},
+		},
+		"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1.ServiceReference": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "ServiceReference holds a reference to Service.legacy.k8s.io",
+					Properties: map[string]spec.Schema{
+						"namespace": {
 							SchemaProps: spec.SchemaProps{
-								Description: "NonResourceURLs is a set of URL paths that should be audited. *s are allowed, but only as the full, final step in the path. Examples:\n \"/metrics\" - Log requests for apiserver metrics\n \"/healthz*\" - Log all health checks",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Description: "Namespace is the namespace of the service",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"omitStages": {
+						"name": {
 							SchemaProps: spec.SchemaProps{
-								Description: "OmitStages is a list of stages for which no events are created. Note that this can also be specified policy wide in which case the union of both are omitted. An empty list means no restrictions will apply.",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Description: "Name is the name of the service",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
 					},
-					Required: []string{"level"},
 				},
 			},
-			Dependencies: []string{
-				"k8s.io/apiserver/pkg/apis/audit/v1beta1.GroupResources"},
+			Dependencies: []string{},
 		},
 		"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1.APIService": {
 			Schema: spec.Schema{
@@ -26030,7 +27684,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			Dependencies: []string{
 				"k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1.SchedulerPolicyConfigMapSource", "k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1.SchedulerPolicyFileSource"},
 		},
-		"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1.KubeletAnonymousAuthentication": {
+		"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1.KubeletAnonymousAuthentication": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Properties: map[string]spec.Schema{
@@ -26042,41 +27696,39 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 							},
 						},
 					},
-					Required: []string{"enabled"},
 				},
 			},
 			Dependencies: []string{},
 		},
-		"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1.KubeletAuthentication": {
+		"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1.KubeletAuthentication": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Properties: map[string]spec.Schema{
 						"x509": {
 							SchemaProps: spec.SchemaProps{
 								Description: "x509 contains settings related to x509 client certificate authentication",
-								Ref:         ref("k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1.KubeletX509Authentication"),
+								Ref:         ref("k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1.KubeletX509Authentication"),
 							},
 						},
 						"webhook": {
 							SchemaProps: spec.SchemaProps{
 								Description: "webhook contains settings related to webhook bearer token authentication",
-								Ref:         ref("k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1.KubeletWebhookAuthentication"),
+								Ref:         ref("k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1.KubeletWebhookAuthentication"),
 							},
 						},
 						"anonymous": {
 							SchemaProps: spec.SchemaProps{
 								Description: "anonymous contains settings related to anonymous authentication",
-								Ref:         ref("k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1.KubeletAnonymousAuthentication"),
+								Ref:         ref("k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1.KubeletAnonymousAuthentication"),
 							},
 						},
 					},
-					Required: []string{"x509", "webhook", "anonymous"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1.KubeletAnonymousAuthentication", "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1.KubeletWebhookAuthentication", "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1.KubeletX509Authentication"},
+				"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1.KubeletAnonymousAuthentication", "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1.KubeletWebhookAuthentication", "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1.KubeletX509Authentication"},
 		},
-		"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1.KubeletAuthorization": {
+		"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1.KubeletAuthorization": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Properties: map[string]spec.Schema{
@@ -26090,20 +27742,19 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						"webhook": {
 							SchemaProps: spec.SchemaProps{
 								Description: "webhook contains settings related to Webhook authorization.",
-								Ref:         ref("k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1.KubeletWebhookAuthorization"),
+								Ref:         ref("k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1.KubeletWebhookAuthorization"),
 							},
 						},
 					},
-					Required: []string{"mode", "webhook"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1.KubeletWebhookAuthorization"},
+				"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1.KubeletWebhookAuthorization"},
 		},
-		"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1.KubeletConfiguration": {
+		"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1.KubeletConfiguration": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
-					Description: "A configuration field should go in KubeletFlags instead of KubeletConfiguration if its value cannot be safely shared between nodes at the same time (e.g. a hostname) In general, please try to avoid adding flags or configuration fields, we already have a confusingly large amount of them.",
+					Description: "KubeletConfiguration contains the configuration for the Kubelet",
 					Properties: map[string]spec.Schema{
 						"kind": {
 							SchemaProps: spec.SchemaProps{
@@ -26119,47 +27770,41 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Format:      "",
 							},
 						},
-						"configTrialDuration": {
+						"staticPodPath": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Only used for dynamic configuration. The length of the trial period for this configuration. This configuration will become the last-known-good after this duration.",
-								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Duration"),
-							},
-						},
-						"podManifestPath": {
-							SchemaProps: spec.SchemaProps{
-								Description: "podManifestPath is the path to the directory containing pod manifests to run, or the path to a single manifest file",
+								Description: "staticPodPath is the path to the directory containing local (static) pods to run, or the path to a single static pod file. Default: \"\"",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 						"syncFrequency": {
 							SchemaProps: spec.SchemaProps{
-								Description: "syncFrequency is the max period between synchronizing running containers and config",
+								Description: "syncFrequency is the max period between synchronizing running containers and config. Default: \"1m\"",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Duration"),
 							},
 						},
 						"fileCheckFrequency": {
 							SchemaProps: spec.SchemaProps{
-								Description: "fileCheckFrequency is the duration between checking config files for new data",
+								Description: "fileCheckFrequency is the duration between checking config files for new data Default: \"20s\"",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Duration"),
 							},
 						},
 						"httpCheckFrequency": {
 							SchemaProps: spec.SchemaProps{
-								Description: "httpCheckFrequency is the duration between checking http for new data",
+								Description: "httpCheckFrequency is the duration between checking http for new data Default: \"20s\"",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Duration"),
 							},
 						},
-						"manifestURL": {
+						"staticPodURL": {
 							SchemaProps: spec.SchemaProps{
-								Description: "manifestURL is the URL for accessing the container manifest",
+								Description: "staticPodURL is the URL for accessing static pods to run Default: \"\"",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"manifestURLHeader": {
+						"staticPodURLHeader": {
 							SchemaProps: spec.SchemaProps{
-								Description: "manifestURLHeader is the HTTP header to use when accessing the manifest URL, with the key separated from the value with a ':', as in 'key:value'",
+								Description: "staticPodURLHeader is a map of slices with HTTP headers to use when accessing the podURL Default: nil",
 								Type:        []string{"object"},
 								AdditionalProperties: &spec.SchemaOrBool{
 									Schema: &spec.Schema{
@@ -26178,70 +27823,44 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								},
 							},
 						},
-						"enableServer": {
-							SchemaProps: spec.SchemaProps{
-								Description: "enableServer enables the Kubelet's server",
-								Type:        []string{"boolean"},
-								Format:      "",
-							},
-						},
 						"address": {
 							SchemaProps: spec.SchemaProps{
-								Description: "address is the IP address for the Kubelet to serve on (set to 0.0.0.0 for all interfaces)",
+								Description: "address is the IP address for the Kubelet to serve on (set to 0.0.0.0 for all interfaces). Default: \"0.0.0.0\"",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 						"port": {
 							SchemaProps: spec.SchemaProps{
-								Description: "port is the port for the Kubelet to serve on.",
+								Description: "port is the port for the Kubelet to serve on. Default: 10250",
 								Type:        []string{"integer"},
 								Format:      "int32",
 							},
 						},
 						"readOnlyPort": {
 							SchemaProps: spec.SchemaProps{
-								Description: "readOnlyPort is the read-only port for the Kubelet to serve on with no authentication/authorization (set to 0 to disable)",
+								Description: "readOnlyPort is the read-only port for the Kubelet to serve on with no authentication/authorization. Default: 0 (disabled)",
 								Type:        []string{"integer"},
 								Format:      "int32",
 							},
 						},
 						"tlsCertFile": {
 							SchemaProps: spec.SchemaProps{
-								Description: "tlsCertFile is the file containing x509 Certificate for HTTPS.  (CA cert, if any, concatenated after server cert). If tlsCertFile and tlsPrivateKeyFile are not provided, a self-signed certificate and key are generated for the public address and saved to the directory passed to certDir.",
+								Description: "tlsCertFile is the file containing x509 Certificate for HTTPS.  (CA cert, if any, concatenated after server cert). If tlsCertFile and tlsPrivateKeyFile are not provided, a self-signed certificate and key are generated for the public address and saved to the directory passed to the Kubelet's --cert-dir flag. Default: \"\"",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 						"tlsPrivateKeyFile": {
 							SchemaProps: spec.SchemaProps{
-								Description: "tlsPrivateKeyFile is the ile containing x509 private key matching tlsCertFile.",
+								Description: "tlsPrivateKeyFile is the file containing x509 private key matching tlsCertFile Default: \"\"",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
-						"authentication": {
-							SchemaProps: spec.SchemaProps{
-								Description: "authentication specifies how requests to the Kubelet's server are authenticated",
-								Ref:         ref("k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1.KubeletAuthentication"),
-							},
-						},
-						"authorization": {
-							SchemaProps: spec.SchemaProps{
-								Description: "authorization specifies how requests to the Kubelet's server are authorized",
-								Ref:         ref("k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1.KubeletAuthorization"),
-							},
-						},
-						"allowPrivileged": {
-							SchemaProps: spec.SchemaProps{
-								Description: "allowPrivileged enables containers to request privileged mode. Defaults to false.",
-								Type:        []string{"boolean"},
-								Format:      "",
-							},
-						},
-						"hostNetworkSources": {
+						"tlsCipherSuites": {
 							SchemaProps: spec.SchemaProps{
-								Description: "hostNetworkSources is a comma-separated list of sources from which the Kubelet allows pods to use of host network. Defaults to \"*\". Valid options are \"file\", \"http\", \"api\", and \"*\" (all sources).",
+								Description: "TLSCipherSuites is the list of allowed cipher suites for the server. Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants). Default: nil",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
@@ -26253,114 +27872,98 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								},
 							},
 						},
-						"hostPIDSources": {
+						"tlsMinVersion": {
 							SchemaProps: spec.SchemaProps{
-								Description: "hostPIDSources is a comma-separated list of sources from which the Kubelet allows pods to use the host pid namespace. Defaults to \"*\".",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Description: "TLSMinVersion is the minimum TLS version supported. Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants). Default: \"\"",
+								Type:        []string{"string"},
+								Format:      "",
 							},
 						},
-						"hostIPCSources": {
+						"authentication": {
 							SchemaProps: spec.SchemaProps{
-								Description: "hostIPCSources is a comma-separated list of sources from which the Kubelet allows pods to use the host ipc namespace. Defaults to \"*\".",
-								Type:        []string{"array"},
-								Items: &spec.SchemaOrArray{
-									Schema: &spec.Schema{
-										SchemaProps: spec.SchemaProps{
-											Type:   []string{"string"},
-											Format: "",
-										},
-									},
-								},
+								Description: "authentication specifies how requests to the Kubelet's server are authenticated Defaults:\n  anonymous:\n    enabled: false\n  webhook:\n    enabled: true\n    cacheTTL: \"2m\"",
+								Ref:         ref("k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1.KubeletAuthentication"),
+							},
+						},
+						"authorization": {
+							SchemaProps: spec.SchemaProps{
+								Description: "authorization specifies how requests to the Kubelet's server are authorized Defaults:\n  mode: Webhook\n  webhook:\n    cacheAuthorizedTTL: \"5m\"\n    cacheUnauthorizedTTL: \"30s\"",
+								Ref:         ref("k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1.KubeletAuthorization"),
 							},
 						},
 						"registryPullQPS": {
 							SchemaProps: spec.SchemaProps{
-								Description: "registryPullQPS is the limit of registry pulls per second. If 0, unlimited. Set to 0 for no limit. Defaults to 5.0.",
+								Description: "registryPullQPS is the limit of registry pulls per second. Set to 0 for no limit. Default: 5",
 								Type:        []string{"integer"},
 								Format:      "int32",
 							},
 						},
 						"registryBurst": {
 							SchemaProps: spec.SchemaProps{
-								Description: "registryBurst is the maximum size of a bursty pulls, temporarily allows pulls to burst to this number, while still not exceeding registryQps. Only used if registryQPS > 0.",
+								Description: "registryBurst is the maximum size of bursty pulls, temporarily allows pulls to burst to this number, while still not exceeding registryPullQPS. Only used if registryPullQPS > 0. Default: 10",
 								Type:        []string{"integer"},
 								Format:      "int32",
 							},
 						},
 						"eventRecordQPS": {
 							SchemaProps: spec.SchemaProps{
-								Description: "eventRecordQPS is the maximum event creations per second. If 0, there is no limit enforced.",
+								Description: "eventRecordQPS is the maximum event creations per second. If 0, there is no limit enforced. Default: 5",
 								Type:        []string{"integer"},
 								Format:      "int32",
 							},
 						},
 						"eventBurst": {
 							SchemaProps: spec.SchemaProps{
-								Description: "eventBurst is the maximum size of a bursty event records, temporarily allows event records to burst to this number, while still not exceeding event-qps. Only used if eventQps > 0",
+								Description: "eventBurst is the maximum size of a burst of event creations, temporarily allows event creations to burst to this number, while still not exceeding eventRecordQPS. Only used if eventRecordQPS > 0. Default: 10",
 								Type:        []string{"integer"},
 								Format:      "int32",
 							},
 						},
 						"enableDebuggingHandlers": {
 							SchemaProps: spec.SchemaProps{
-								Description: "enableDebuggingHandlers enables server endpoints for log collection and local running of containers and commands",
+								Description: "enableDebuggingHandlers enables server endpoints for log collection and local running of containers and commands Default: true",
 								Type:        []string{"boolean"},
 								Format:      "",
 							},
 						},
 						"enableContentionProfiling": {
 							SchemaProps: spec.SchemaProps{
-								Description: "enableContentionProfiling enables lock contention profiling, if enableDebuggingHandlers is true.",
+								Description: "enableContentionProfiling enables lock contention profiling, if enableDebuggingHandlers is true. Default: false",
 								Type:        []string{"boolean"},
 								Format:      "",
 							},
 						},
-						"cAdvisorPort": {
-							SchemaProps: spec.SchemaProps{
-								Description: "cAdvisorPort is the port of the localhost cAdvisor endpoint (set to 0 to disable)",
-								Type:        []string{"integer"},
-								Format:      "int32",
-							},
-						},
 						"healthzPort": {
 							SchemaProps: spec.SchemaProps{
-								Description: "healthzPort is the port of the localhost healthz endpoint (set to 0 to disable)",
+								Description: "healthzPort is the port of the localhost healthz endpoint (set to 0 to disable) Default: 10248",
 								Type:        []string{"integer"},
 								Format:      "int32",
 							},
 						},
 						"healthzBindAddress": {
 							SchemaProps: spec.SchemaProps{
-								Description: "healthzBindAddress is the IP address for the healthz server to serve on.",
+								Description: "healthzBindAddress is the IP address for the healthz server to serve on Default: \"127.0.0.1\"",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 						"oomScoreAdj": {
 							SchemaProps: spec.SchemaProps{
-								Description: "oomScoreAdj is The oom-score-adj value for kubelet process. Values must be within the range [-1000, 1000].",
+								Description: "oomScoreAdj is The oom-score-adj value for kubelet process. Values must be within the range [-1000, 1000]. Default: -999",
 								Type:        []string{"integer"},
 								Format:      "int32",
 							},
 						},
 						"clusterDomain": {
 							SchemaProps: spec.SchemaProps{
-								Description: "clusterDomain is the DNS domain for this cluster. If set, kubelet will configure all containers to search this domain in addition to the host's search domains.",
+								Description: "clusterDomain is the DNS domain for this cluster. If set, kubelet will configure all containers to search this domain in addition to the host's search domains. Default: \"\"",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 						"clusterDNS": {
 							SchemaProps: spec.SchemaProps{
-								Description: "clusterDNS is a list of IP address for the cluster DNS server.  If set, kubelet will configure all containers to use this for DNS resolution instead of the host's DNS servers",
+								Description: "clusterDNS is a list of IP addresses for the cluster DNS server. If set, kubelet will configure all containers to use this for DNS resolution instead of the host's DNS servers. Default: nil",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
@@ -26374,169 +27977,176 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"streamingConnectionIdleTimeout": {
 							SchemaProps: spec.SchemaProps{
-								Description: "streamingConnectionIdleTimeout is the maximum time a streaming connection can be idle before the connection is automatically closed.",
+								Description: "streamingConnectionIdleTimeout is the maximum time a streaming connection can be idle before the connection is automatically closed. Default: \"4h\"",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Duration"),
 							},
 						},
 						"nodeStatusUpdateFrequency": {
 							SchemaProps: spec.SchemaProps{
-								Description: "nodeStatusUpdateFrequency is the frequency that kubelet posts node status to master. Note: be cautious when changing the constant, it must work with nodeMonitorGracePeriod in nodecontroller.",
+								Description: "nodeStatusUpdateFrequency is the frequency that kubelet posts node status to master. Note: be cautious when changing the constant, it must work with nodeMonitorGracePeriod in nodecontroller. Default: \"10s\"",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Duration"),
 							},
 						},
 						"imageMinimumGCAge": {
 							SchemaProps: spec.SchemaProps{
-								Description: "imageMinimumGCAge is the minimum age for an unused image before it is garbage collected.",
+								Description: "imageMinimumGCAge is the minimum age for an unused image before it is garbage collected. Default: \"2m\"",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Duration"),
 							},
 						},
 						"imageGCHighThresholdPercent": {
 							SchemaProps: spec.SchemaProps{
-								Description: "imageGCHighThresholdPercent is the percent of disk usage after which image garbage collection is always run. The percent is calculated as this field value out of 100.",
+								Description: "imageGCHighThresholdPercent is the percent of disk usage after which image garbage collection is always run. The percent is calculated as this field value out of 100. Default: 85",
 								Type:        []string{"integer"},
 								Format:      "int32",
 							},
 						},
 						"imageGCLowThresholdPercent": {
 							SchemaProps: spec.SchemaProps{
-								Description: "imageGCLowThresholdPercent is the percent of disk usage before which image garbage collection is never run. Lowest disk usage to garbage collect to. The percent is calculated as this field value out of 100.",
+								Description: "imageGCLowThresholdPercent is the percent of disk usage before which image garbage collection is never run. Lowest disk usage to garbage collect to. The percent is calculated as this field value out of 100. Default: 80",
 								Type:        []string{"integer"},
 								Format:      "int32",
 							},
 						},
 						"volumeStatsAggPeriod": {
 							SchemaProps: spec.SchemaProps{
-								Description: "How frequently to calculate and cache volume disk usage for all pods",
+								Description: "How frequently to calculate and cache volume disk usage for all pods Default: \"1m\"",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Duration"),
 							},
 						},
 						"kubeletCgroups": {
 							SchemaProps: spec.SchemaProps{
-								Description: "kubeletCgroups is the absolute name of cgroups to isolate the kubelet in.",
+								Description: "kubeletCgroups is the absolute name of cgroups to isolate the kubelet in Default: \"\"",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 						"systemCgroups": {
 							SchemaProps: spec.SchemaProps{
-								Description: "systemCgroups is absolute name of cgroups in which to place all non-kernel processes that are not already in a container. Empty for no container. Rolling back the flag requires a reboot.",
+								Description: "systemCgroups is absolute name of cgroups in which to place all non-kernel processes that are not already in a container. Empty for no container. Rolling back the flag requires a reboot. Default: \"\"",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 						"cgroupRoot": {
 							SchemaProps: spec.SchemaProps{
-								Description: "cgroupRoot is the root cgroup to use for pods. This is handled by the container runtime on a best effort basis.",
+								Description: "cgroupRoot is the root cgroup to use for pods. This is handled by the container runtime on a best effort basis. Default: \"\"",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 						"cgroupsPerQOS": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Enable QoS based Cgroup hierarchy: top level cgroups for QoS Classes And all Burstable and BestEffort pods are brought up under their specific top level QoS cgroup.",
+								Description: "Enable QoS based Cgroup hierarchy: top level cgroups for QoS Classes And all Burstable and BestEffort pods are brought up under their specific top level QoS cgroup. Default: true",
 								Type:        []string{"boolean"},
 								Format:      "",
 							},
 						},
 						"cgroupDriver": {
 							SchemaProps: spec.SchemaProps{
-								Description: "driver that the kubelet uses to manipulate cgroups on the host (cgroupfs or systemd)",
+								Description: "driver that the kubelet uses to manipulate cgroups on the host (cgroupfs or systemd) Default: \"cgroupfs\"",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 						"cpuManagerPolicy": {
 							SchemaProps: spec.SchemaProps{
-								Description: "CPUManagerPolicy is the name of the policy to use.",
+								Description: "CPUManagerPolicy is the name of the policy to use. Requires the CPUManager feature gate to be enabled. Default: \"none\"",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 						"cpuManagerReconcilePeriod": {
 							SchemaProps: spec.SchemaProps{
-								Description: "CPU Manager reconciliation period.",
+								Description: "CPU Manager reconciliation period. Requires the CPUManager feature gate to be enabled. Default: \"10s\"",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Duration"),
 							},
 						},
 						"runtimeRequestTimeout": {
 							SchemaProps: spec.SchemaProps{
-								Description: "runtimeRequestTimeout is the timeout for all runtime requests except long running requests - pull, logs, exec and attach.",
+								Description: "runtimeRequestTimeout is the timeout for all runtime requests except long running requests - pull, logs, exec and attach. Default: \"2m\"",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Duration"),
 							},
 						},
 						"hairpinMode": {
 							SchemaProps: spec.SchemaProps{
-								Description: "How should the kubelet configure the container bridge for hairpin packets. Setting this flag allows endpoints in a Service to loadbalance back to themselves if they should try to access their own Service. Values:\n  \"promiscuous-bridge\": make the container bridge promiscuous.\n  \"hairpin-veth\":       set the hairpin flag on container veth interfaces.\n  \"none\":               do nothing.\nGenerally, one must set --hairpin-mode=veth-flag to achieve hairpin NAT, because promiscous-bridge assumes the existence of a container bridge named cbr0.",
+								Description: "hairpinMode specifies how the Kubelet should configure the container bridge for hairpin packets. Setting this flag allows endpoints in a Service to loadbalance back to themselves if they should try to access their own Service. Values:\n  \"promiscuous-bridge\": make the container bridge promiscuous.\n  \"hairpin-veth\":       set the hairpin flag on container veth interfaces.\n  \"none\":               do nothing.\nGenerally, one must set --hairpin-mode=hairpin-veth to achieve hairpin NAT, because promiscuous-bridge assumes the existence of a container bridge named cbr0. Default: \"promiscuous-bridge\"",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 						"maxPods": {
 							SchemaProps: spec.SchemaProps{
-								Description: "maxPods is the number of pods that can run on this Kubelet.",
+								Description: "maxPods is the number of pods that can run on this Kubelet. Default: 110",
 								Type:        []string{"integer"},
 								Format:      "int32",
 							},
 						},
 						"podCIDR": {
 							SchemaProps: spec.SchemaProps{
-								Description: "The CIDR to use for pod IP addresses, only used in standalone mode. In cluster mode, this is obtained from the master.",
+								Description: "The CIDR to use for pod IP addresses, only used in standalone mode. In cluster mode, this is obtained from the master. Default: \"\"",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
+						"podPidsLimit": {
+							SchemaProps: spec.SchemaProps{
+								Description: "PodPidsLimit is the maximum number of pids in any pod. Requires the SupportPodPidsLimit feature gate to be enabled. Default: -1",
+								Type:        []string{"integer"},
+								Format:      "int64",
+							},
+						},
 						"resolvConf": {
 							SchemaProps: spec.SchemaProps{
-								Description: "ResolverConfig is the resolver configuration file used as the basis for the container DNS resolution configuration.",
+								Description: "ResolverConfig is the resolver configuration file used as the basis for the container DNS resolution configuration. Default: \"/etc/resolv.conf\"",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 						"cpuCFSQuota": {
 							SchemaProps: spec.SchemaProps{
-								Description: "cpuCFSQuota is Enable CPU CFS quota enforcement for containers that specify CPU limits",
+								Description: "cpuCFSQuota enables CPU CFS quota enforcement for containers that specify CPU limits. Default: true",
 								Type:        []string{"boolean"},
 								Format:      "",
 							},
 						},
 						"maxOpenFiles": {
 							SchemaProps: spec.SchemaProps{
-								Description: "maxOpenFiles is Number of files that can be opened by Kubelet process.",
+								Description: "maxOpenFiles is Number of files that can be opened by Kubelet process. Default: 1000000",
 								Type:        []string{"integer"},
 								Format:      "int64",
 							},
 						},
 						"contentType": {
 							SchemaProps: spec.SchemaProps{
-								Description: "contentType is contentType of requests sent to apiserver.",
+								Description: "contentType is contentType of requests sent to apiserver. Default: \"application/vnd.kubernetes.protobuf\"",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 						"kubeAPIQPS": {
 							SchemaProps: spec.SchemaProps{
-								Description: "kubeAPIQPS is the QPS to use while talking with kubernetes apiserver",
+								Description: "kubeAPIQPS is the QPS to use while talking with kubernetes apiserver Default: 5",
 								Type:        []string{"integer"},
 								Format:      "int32",
 							},
 						},
 						"kubeAPIBurst": {
 							SchemaProps: spec.SchemaProps{
-								Description: "kubeAPIBurst is the burst to allow while talking with kubernetes apiserver",
+								Description: "kubeAPIBurst is the burst to allow while talking with kubernetes apiserver Default: 10",
 								Type:        []string{"integer"},
 								Format:      "int32",
 							},
 						},
 						"serializeImagePulls": {
 							SchemaProps: spec.SchemaProps{
-								Description: "serializeImagePulls when enabled, tells the Kubelet to pull images one at a time. We recommend *not* changing the default value on nodes that run docker daemon with version  < 1.9 or an Aufs storage backend. Issue #10959 has more details.",
+								Description: "serializeImagePulls when enabled, tells the Kubelet to pull images one at a time. We recommend *not* changing the default value on nodes that run docker daemon with version  < 1.9 or an Aufs storage backend. Issue #10959 has more details. Default: true",
 								Type:        []string{"boolean"},
 								Format:      "",
 							},
 						},
 						"evictionHard": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Map of signal names to quantities that defines hard eviction thresholds. For example: {\"memory.available\": \"300Mi\"}.",
+								Description: "Map of signal names to quantities that defines hard eviction thresholds. For example: {\"memory.available\": \"300Mi\"}. To explicitly disable, pass a 0% or 100% threshold on an arbitrary resource. Default:\n  memory.available:  \"100Mi\"\n  nodefs.available:  \"10%\"\n  nodefs.inodesFree: \"5%\"\n  imagefs.available: \"15%\"",
 								Type:        []string{"object"},
 								AdditionalProperties: &spec.SchemaOrBool{
 									Schema: &spec.Schema{
@@ -26550,7 +28160,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"evictionSoft": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Map of signal names to quantities that defines soft eviction thresholds.  For example: {\"memory.available\": \"300Mi\"}.",
+								Description: "Map of signal names to quantities that defines soft eviction thresholds.  For example: {\"memory.available\": \"300Mi\"}. Default: nil",
 								Type:        []string{"object"},
 								AdditionalProperties: &spec.SchemaOrBool{
 									Schema: &spec.Schema{
@@ -26564,7 +28174,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"evictionSoftGracePeriod": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Map of signal names to quantities that defines grace periods for each soft eviction signal. For example: {\"memory.available\": \"30s\"}.",
+								Description: "Map of signal names to quantities that defines grace periods for each soft eviction signal. For example: {\"memory.available\": \"30s\"}. Default: nil",
 								Type:        []string{"object"},
 								AdditionalProperties: &spec.SchemaOrBool{
 									Schema: &spec.Schema{
@@ -26578,20 +28188,20 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"evictionPressureTransitionPeriod": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Duration for which the kubelet has to wait before transitioning out of an eviction pressure condition.",
+								Description: "Duration for which the kubelet has to wait before transitioning out of an eviction pressure condition. Default: \"5m\"",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Duration"),
 							},
 						},
 						"evictionMaxPodGracePeriod": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met.",
+								Description: "Maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met. Default: 0",
 								Type:        []string{"integer"},
 								Format:      "int32",
 							},
 						},
 						"evictionMinimumReclaim": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Map of signal names to quantities that defines minimum reclaims, which describe the minimum amount of a given resource the kubelet will reclaim when performing a pod eviction while that resource is under pressure. For example: {\"imagefs.available\": \"2Gi\"}",
+								Description: "Map of signal names to quantities that defines minimum reclaims, which describe the minimum amount of a given resource the kubelet will reclaim when performing a pod eviction while that resource is under pressure. For example: {\"imagefs.available\": \"2Gi\"} Default: nil",
 								Type:        []string{"object"},
 								AdditionalProperties: &spec.SchemaOrBool{
 									Schema: &spec.Schema{
@@ -26605,49 +28215,49 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"podsPerCore": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Maximum number of pods per core. Cannot exceed MaxPods",
+								Description: "podsPerCore is the maximum number of pods per core. Cannot exceed MaxPods. If 0, this field is ignored. Default: 0",
 								Type:        []string{"integer"},
 								Format:      "int32",
 							},
 						},
 						"enableControllerAttachDetach": {
 							SchemaProps: spec.SchemaProps{
-								Description: "enableControllerAttachDetach enables the Attach/Detach controller to manage attachment/detachment of volumes scheduled to this node, and disables kubelet from executing any attach/detach operations",
+								Description: "enableControllerAttachDetach enables the Attach/Detach controller to manage attachment/detachment of volumes scheduled to this node, and disables kubelet from executing any attach/detach operations Default: true",
 								Type:        []string{"boolean"},
 								Format:      "",
 							},
 						},
 						"protectKernelDefaults": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Default behaviour for kernel tuning",
+								Description: "protectKernelDefaults, if true, causes the Kubelet to error if kernel flags are not as it expects. Otherwise the Kubelet will attempt to modify kernel flags to match its expectation. Default: false",
 								Type:        []string{"boolean"},
 								Format:      "",
 							},
 						},
 						"makeIPTablesUtilChains": {
 							SchemaProps: spec.SchemaProps{
-								Description: "If true, Kubelet ensures a set of iptables rules are present on host. These rules will serve as utility rules for various components, e.g. KubeProxy. The rules will be created based on IPTablesMasqueradeBit and IPTablesDropBit.",
+								Description: "If true, Kubelet ensures a set of iptables rules are present on host. These rules will serve as utility rules for various components, e.g. KubeProxy. The rules will be created based on IPTablesMasqueradeBit and IPTablesDropBit. Default: true",
 								Type:        []string{"boolean"},
 								Format:      "",
 							},
 						},
 						"iptablesMasqueradeBit": {
 							SchemaProps: spec.SchemaProps{
-								Description: "iptablesMasqueradeBit is the bit of the iptables fwmark space to mark for SNAT Values must be within the range [0, 31]. Must be different from other mark bits. Warning: Please match the value of corresponding parameter in kube-proxy",
+								Description: "iptablesMasqueradeBit is the bit of the iptables fwmark space to mark for SNAT Values must be within the range [0, 31]. Must be different from other mark bits. Warning: Please match the value of the corresponding parameter in kube-proxy. Default: 14",
 								Type:        []string{"integer"},
 								Format:      "int32",
 							},
 						},
 						"iptablesDropBit": {
 							SchemaProps: spec.SchemaProps{
-								Description: "iptablesDropBit is the bit of the iptables fwmark space to mark for dropping packets. Values must be within the range [0, 31]. Must be different from other mark bits.",
+								Description: "iptablesDropBit is the bit of the iptables fwmark space to mark for dropping packets. Values must be within the range [0, 31]. Must be different from other mark bits. Default: 15",
 								Type:        []string{"integer"},
 								Format:      "int32",
 							},
 						},
 						"featureGates": {
 							SchemaProps: spec.SchemaProps{
-								Description: "featureGates is a map of feature names to bools that enable or disable alpha/experimental features.",
+								Description: "featureGates is a map of feature names to bools that enable or disable alpha/experimental features. This field modifies piecemeal the built-in default values from \"k8s.io/kubernetes/pkg/features/kube_features.go\". Default: nil",
 								Type:        []string{"object"},
 								AdditionalProperties: &spec.SchemaOrBool{
 									Schema: &spec.Schema{
@@ -26661,14 +28271,28 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"failSwapOn": {
 							SchemaProps: spec.SchemaProps{
-								Description: "Tells the Kubelet to fail to start if swap is enabled on the node.",
+								Description: "failSwapOn tells the Kubelet to fail to start if swap is enabled on the node. Default: true",
 								Type:        []string{"boolean"},
 								Format:      "",
 							},
 						},
+						"containerLogMaxSize": {
+							SchemaProps: spec.SchemaProps{
+								Description: "A quantity defines the maximum size of the container log file before it is rotated. For example: \"5Mi\" or \"256Ki\". Default: \"10Mi\"",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"containerLogMaxFiles": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Maximum number of container log files that can be present for a container. Default: 5",
+								Type:        []string{"integer"},
+								Format:      "int32",
+							},
+						},
 						"systemReserved": {
 							SchemaProps: spec.SchemaProps{
-								Description: "A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs that describe resources reserved for non-kubernetes components. Currently only cpu and memory are supported. [default=none] See http://kubernetes.io/docs/user-guide/compute-resources for more detail.",
+								Description: "A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs that describe resources reserved for non-kubernetes components. Currently only cpu and memory are supported. See http://kubernetes.io/docs/user-guide/compute-resources for more detail. Default: nil",
 								Type:        []string{"object"},
 								AdditionalProperties: &spec.SchemaOrBool{
 									Schema: &spec.Schema{
@@ -26682,7 +28306,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"kubeReserved": {
 							SchemaProps: spec.SchemaProps{
-								Description: "A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs that describe resources reserved for kubernetes system components. Currently cpu, memory and local storage for root file system are supported. [default=none] See http://kubernetes.io/docs/user-guide/compute-resources for more detail.",
+								Description: "A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs that describe resources reserved for kubernetes system components. Currently cpu, memory and local storage for root file system are supported. See http://kubernetes.io/docs/user-guide/compute-resources for more detail. Default: nil",
 								Type:        []string{"object"},
 								AdditionalProperties: &spec.SchemaOrBool{
 									Schema: &spec.Schema{
@@ -26696,21 +28320,21 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"systemReservedCgroup": {
 							SchemaProps: spec.SchemaProps{
-								Description: "This flag helps kubelet identify absolute name of top level cgroup used to enforce `SystemReserved` compute resource reservation for OS system daemons. Refer to [Node Allocatable](https://git.k8s.io/community/contributors/design-proposals/node/node-allocatable.md) doc for more information.",
+								Description: "This flag helps kubelet identify absolute name of top level cgroup used to enforce `SystemReserved` compute resource reservation for OS system daemons. Refer to [Node Allocatable](https://git.k8s.io/community/contributors/design-proposals/node/node-allocatable.md) doc for more information. Default: \"\"",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 						"kubeReservedCgroup": {
 							SchemaProps: spec.SchemaProps{
-								Description: "This flag helps kubelet identify absolute name of top level cgroup used to enforce `KubeReserved` compute resource reservation for Kubernetes node system daemons. Refer to [Node Allocatable](https://git.k8s.io/community/contributors/design-proposals/node/node-allocatable.md) doc for more information.",
+								Description: "This flag helps kubelet identify absolute name of top level cgroup used to enforce `KubeReserved` compute resource reservation for Kubernetes node system daemons. Refer to [Node Allocatable](https://git.k8s.io/community/contributors/design-proposals/node/node-allocatable.md) doc for more information. Default: \"\"",
 								Type:        []string{"string"},
 								Format:      "",
 							},
 						},
 						"enforceNodeAllocatable": {
 							SchemaProps: spec.SchemaProps{
-								Description: "This flag specifies the various Node Allocatable enforcements that Kubelet needs to perform. This flag accepts a list of options. Acceptible options are `pods`, `system-reserved` & `kube-reserved`. Refer to [Node Allocatable](https://git.k8s.io/community/contributors/design-proposals/node/node-allocatable.md) doc for more information.",
+								Description: "This flag specifies the various Node Allocatable enforcements that Kubelet needs to perform. This flag accepts a list of options. Acceptable options are `none`, `pods`, `system-reserved` & `kube-reserved`. If `none` is specified, no other options may be specified. Refer to [Node Allocatable](https://git.k8s.io/community/contributors/design-proposals/node/node-allocatable.md) doc for more information. Default: [\"pods\"]",
 								Type:        []string{"array"},
 								Items: &spec.SchemaOrArray{
 									Schema: &spec.Schema{
@@ -26723,13 +28347,12 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 							},
 						},
 					},
-					Required: []string{"configTrialDuration", "podManifestPath", "syncFrequency", "fileCheckFrequency", "httpCheckFrequency", "manifestURL", "manifestURLHeader", "enableServer", "address", "port", "readOnlyPort", "tlsCertFile", "tlsPrivateKeyFile", "authentication", "authorization", "allowPrivileged", "hostNetworkSources", "hostPIDSources", "hostIPCSources", "registryPullQPS", "registryBurst", "eventRecordQPS", "eventBurst", "enableDebuggingHandlers", "enableContentionProfiling", "cAdvisorPort", "healthzPort", "healthzBindAddress", "oomScoreAdj", "clusterDomain", "clusterDNS", "streamingConnectionIdleTimeout", "nodeStatusUpdateFrequency", "imageMinimumGCAge", "imageGCHighThresholdPercent", "imageGCLowThresholdPercent", "volumeStatsAggPeriod", "kubeletCgroups", "systemCgroups", "cgroupRoot", "cpuManagerPolicy", "cpuManagerReconcilePeriod", "runtimeRequestTimeout", "hairpinMode", "maxPods", "podCIDR", "resolvConf", "cpuCFSQuota", "maxOpenFiles", "contentType", "kubeAPIQPS", "kubeAPIBurst", "serializeImagePulls", "evictionPressureTransitionPeriod", "evictionMaxPodGracePeriod", "podsPerCore", "enableControllerAttachDetach", "protectKernelDefaults", "makeIPTablesUtilChains", "iptablesMasqueradeBit", "iptablesDropBit", "systemReserved", "kubeReserved", "enforceNodeAllocatable"},
 				},
 			},
 			Dependencies: []string{
-				"k8s.io/apimachinery/pkg/apis/meta/v1.Duration", "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1.KubeletAuthentication", "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1.KubeletAuthorization"},
+				"k8s.io/apimachinery/pkg/apis/meta/v1.Duration", "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1.KubeletAuthentication", "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1.KubeletAuthorization"},
 		},
-		"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1.KubeletWebhookAuthentication": {
+		"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1.KubeletWebhookAuthentication": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Properties: map[string]spec.Schema{
@@ -26747,13 +28370,12 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 							},
 						},
 					},
-					Required: []string{"enabled", "cacheTTL"},
 				},
 			},
 			Dependencies: []string{
 				"k8s.io/apimachinery/pkg/apis/meta/v1.Duration"},
 		},
-		"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1.KubeletWebhookAuthorization": {
+		"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1.KubeletWebhookAuthorization": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Properties: map[string]spec.Schema{
@@ -26770,13 +28392,12 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 							},
 						},
 					},
-					Required: []string{"cacheAuthorizedTTL", "cacheUnauthorizedTTL"},
 				},
 			},
 			Dependencies: []string{
 				"k8s.io/apimachinery/pkg/apis/meta/v1.Duration"},
 		},
-		"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1.KubeletX509Authentication": {
+		"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1.KubeletX509Authentication": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
 					Properties: map[string]spec.Schema{
@@ -26788,7 +28409,6 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 							},
 						},
 					},
-					Required: []string{"clientCAFile"},
 				},
 			},
 			Dependencies: []string{},
@@ -26800,7 +28420,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 					Properties: map[string]spec.Schema{
 						"kubeconfig": {
 							SchemaProps: spec.SchemaProps{
-								Description: "kubeConfigFile is the path to a kubeconfig file.",
+								Description: "kubeconfig is the path to a kubeconfig file.",
 								Type:        []string{"string"},
 								Format:      "",
 							},
@@ -26821,7 +28441,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"qps": {
 							SchemaProps: spec.SchemaProps{
-								Description: "cps controls the number of queries per second allowed for this connection.",
+								Description: "qps controls the number of queries per second allowed for this connection.",
 								Type:        []string{"number"},
 								Format:      "float",
 							},
@@ -26860,9 +28480,16 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 						},
 						"featureGates": {
 							SchemaProps: spec.SchemaProps{
-								Description: "featureGates is a comma-separated list of key=value pairs that control which alpha/beta features are enabled.\n\ncomponents to use config files because local-up-cluster.sh only supports the --feature-gates flag right now, which is comma-separated key=value pairs.",
-								Type:        []string{"string"},
-								Format:      "",
+								Description: "featureGates is a map of feature names to bools that enable or disable alpha/experimental features.",
+								Type:        []string{"object"},
+								AdditionalProperties: &spec.SchemaOrBool{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"boolean"},
+											Format: "",
+										},
+									},
+								},
 							},
 						},
 						"bindAddress": {
@@ -26953,7 +28580,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Format:      "",
 							},
 						},
-						"udpTimeoutMilliseconds": {
+						"udpIdleTimeout": {
 							SchemaProps: spec.SchemaProps{
 								Description: "udpIdleTimeout is how long an idle UDP connection will be kept open (e.g. '250ms', '2s'). Must be greater than 0. Only applicable for proxyMode=userspace.",
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Duration"),
@@ -26971,8 +28598,22 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Duration"),
 							},
 						},
+						"nodePortAddresses": {
+							SchemaProps: spec.SchemaProps{
+								Description: "nodePortAddresses is the --nodeport-addresses value for kube-proxy process. Values must be valid IP blocks. These values are as a parameter to select the interfaces where nodeport works. In case someone would like to expose a service on localhost for local visit and some other interfaces for particular purpose, a list of IP blocks would do that. If set it to \"127.0.0.0/8\", kube-proxy will only select the loopback interface for NodePort. If set it to a non-zero IP block, kube-proxy will filter that down to just the IPs that applied to the node. An empty string slice is meant to select all network interfaces.",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
+							},
+						},
 					},
-					Required: []string{"featureGates", "bindAddress", "healthzBindAddress", "metricsBindAddress", "enableProfiling", "clusterCIDR", "hostnameOverride", "clientConnection", "iptables", "ipvs", "oomScoreAdj", "mode", "portRange", "resourceContainer", "udpTimeoutMilliseconds", "conntrack", "configSyncPeriod"},
+					Required: []string{"bindAddress", "healthzBindAddress", "metricsBindAddress", "enableProfiling", "clusterCIDR", "hostnameOverride", "clientConnection", "iptables", "ipvs", "oomScoreAdj", "mode", "portRange", "resourceContainer", "udpIdleTimeout", "conntrack", "configSyncPeriod", "nodePortAddresses"},
 				},
 			},
 			Dependencies: []string{
@@ -27194,6 +28835,116 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
 			Dependencies: []string{
 				"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/metrics/pkg/apis/custom_metrics/v1beta1.MetricValue"},
 		},
+		"k8s.io/metrics/pkg/apis/external_metrics/v1beta1.ExternalMetricValue": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "a metric value for external metric A single metric value is identified by metric name and a set of string labels. For one metric there can be multiple values with different sets of labels.",
+					Properties: map[string]spec.Schema{
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"apiVersion": {
+							SchemaProps: spec.SchemaProps{
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"metricName": {
+							SchemaProps: spec.SchemaProps{
+								Description: "the name of the metric",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"metricLabels": {
+							SchemaProps: spec.SchemaProps{
+								Description: "a set of labels that identify a single time series for the metric",
+								Type:        []string{"object"},
+								AdditionalProperties: &spec.SchemaOrBool{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Type:   []string{"string"},
+											Format: "",
+										},
+									},
+								},
+							},
+						},
+						"timestamp": {
+							SchemaProps: spec.SchemaProps{
+								Description: "indicates the time at which the metrics were produced",
+								Ref:         ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"),
+							},
+						},
+						"window": {
+							SchemaProps: spec.SchemaProps{
+								Description: "indicates the window ([Timestamp-Window, Timestamp]) from which these metrics were calculated, when returning rate metrics calculated from cumulative metrics (or zero for non-calculated instantaneous metrics).",
+								Type:        []string{"integer"},
+								Format:      "int64",
+							},
+						},
+						"value": {
+							SchemaProps: spec.SchemaProps{
+								Description: "the value of the metric",
+								Ref:         ref("k8s.io/apimachinery/pkg/api/resource.Quantity"),
+							},
+						},
+					},
+					Required: []string{"metricName", "metricLabels", "timestamp", "value"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/api/resource.Quantity", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"},
+		},
+		"k8s.io/metrics/pkg/apis/external_metrics/v1beta1.ExternalMetricValueList": {
+			Schema: spec.Schema{
+				SchemaProps: spec.SchemaProps{
+					Description: "a list of values for a given metric for some set labels",
+					Properties: map[string]spec.Schema{
+						"kind": {
+							SchemaProps: spec.SchemaProps{
+								Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"apiVersion": {
+							SchemaProps: spec.SchemaProps{
+								Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources",
+								Type:        []string{"string"},
+								Format:      "",
+							},
+						},
+						"metadata": {
+							SchemaProps: spec.SchemaProps{
+								Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"),
+							},
+						},
+						"items": {
+							SchemaProps: spec.SchemaProps{
+								Description: "value of the metric matching a given set of labels",
+								Type:        []string{"array"},
+								Items: &spec.SchemaOrArray{
+									Schema: &spec.Schema{
+										SchemaProps: spec.SchemaProps{
+											Ref: ref("k8s.io/metrics/pkg/apis/external_metrics/v1beta1.ExternalMetricValue"),
+										},
+									},
+								},
+							},
+						},
+					},
+					Required: []string{"items"},
+				},
+			},
+			Dependencies: []string{
+				"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta", "k8s.io/metrics/pkg/apis/external_metrics/v1beta1.ExternalMetricValue"},
+		},
 		"k8s.io/metrics/pkg/apis/metrics/v1alpha1.ContainerMetrics": {
 			Schema: spec.Schema{
 				SchemaProps: spec.SchemaProps{
diff --git a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/BUILD b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/BUILD
index e72de1f9f939..fe0074b48c9f 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/BUILD
@@ -3,7 +3,6 @@ package(default_visibility = ["//visibility:public"])
 load(
     "@io_bazel_rules_go//go:def.bzl",
     "go_library",
-    "go_test",
 )
 
 go_library(
@@ -14,12 +13,11 @@ go_library(
     ],
     importpath = "k8s.io/kubernetes/pkg/kubeapiserver",
     deps = [
-        "//pkg/api/legacyscheme:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server/resourceconfig:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server/storage:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/storagebackend:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/util/flag:go_default_library",
     ],
 )
 
@@ -42,19 +40,3 @@ filegroup(
     ],
     tags = ["automanaged"],
 )
-
-go_test(
-    name = "go_default_test",
-    srcs = ["default_storage_factory_builder_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubeapiserver",
-    library = ":go_default_library",
-    deps = [
-        "//pkg/api/legacyscheme:go_default_library",
-        "//pkg/apis/core/install:go_default_library",
-        "//pkg/apis/extensions/install:go_default_library",
-        "//vendor/k8s.io/api/core/v1:go_default_library",
-        "//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/server/storage:go_default_library",
-    ],
-)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/admission/BUILD b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/admission/BUILD
index b3ec0cb6f9f8..1f39808cd7e2 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/admission/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/admission/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["initializer_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubeapiserver/admission",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apiserver/pkg/admission:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authenticator/BUILD b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authenticator/BUILD
index 44c8ae56b794..31bd91614f97 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authenticator/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authenticator/BUILD
@@ -10,6 +10,7 @@ go_library(
     srcs = ["config.go"],
     importpath = "k8s.io/kubernetes/pkg/kubeapiserver/authenticator",
     deps = [
+        "//pkg/features:go_default_library",
         "//pkg/serviceaccount:go_default_library",
         "//vendor/github.com/go-openapi/spec:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/authenticator:go_default_library",
@@ -24,13 +25,12 @@ go_library(
         "//vendor/k8s.io/apiserver/pkg/authentication/token/cache:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/token/tokenfile:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/token/union:go_default_library",
-        "//vendor/k8s.io/apiserver/plugin/pkg/authenticator/password/keystone:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/apiserver/plugin/pkg/authenticator/password/passwordfile:go_default_library",
         "//vendor/k8s.io/apiserver/plugin/pkg/authenticator/request/basicauth:go_default_library",
         "//vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc:go_default_library",
         "//vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/webhook:go_default_library",
-        "//vendor/k8s.io/client-go/plugin/pkg/client/auth/gcp:go_default_library",
-        "//vendor/k8s.io/client-go/plugin/pkg/client/auth/oidc:go_default_library",
+        "//vendor/k8s.io/client-go/plugin/pkg/client/auth:go_default_library",
         "//vendor/k8s.io/client-go/util/cert:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authenticator/config.go b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authenticator/config.go
index d47ec98d534e..05c4c377aa97 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authenticator/config.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authenticator/config.go
@@ -33,17 +33,16 @@ import (
 	tokencache "k8s.io/apiserver/pkg/authentication/token/cache"
 	"k8s.io/apiserver/pkg/authentication/token/tokenfile"
 	tokenunion "k8s.io/apiserver/pkg/authentication/token/union"
-	"k8s.io/apiserver/plugin/pkg/authenticator/password/keystone"
+	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	"k8s.io/apiserver/plugin/pkg/authenticator/password/passwordfile"
 	"k8s.io/apiserver/plugin/pkg/authenticator/request/basicauth"
 	"k8s.io/apiserver/plugin/pkg/authenticator/token/oidc"
 	"k8s.io/apiserver/plugin/pkg/authenticator/token/webhook"
 	certutil "k8s.io/client-go/util/cert"
+	"k8s.io/kubernetes/pkg/features"
 	"k8s.io/kubernetes/pkg/serviceaccount"
 
-	// Initialize all known client auth plugins.
-	_ "k8s.io/client-go/plugin/pkg/client/auth/gcp"
-	_ "k8s.io/client-go/plugin/pkg/client/auth/oidc"
+	_ "k8s.io/client-go/plugin/pkg/client/auth"
 )
 
 type AuthenticatorConfig struct {
@@ -59,10 +58,11 @@ type AuthenticatorConfig struct {
 	OIDCUsernamePrefix          string
 	OIDCGroupsClaim             string
 	OIDCGroupsPrefix            string
+	OIDCSigningAlgs             []string
 	ServiceAccountKeyFiles      []string
 	ServiceAccountLookup        bool
-	KeystoneURL                 string
-	KeystoneCAFile              string
+	ServiceAccountIssuer        string
+	ServiceAccountAPIAudiences  []string
 	WebhookTokenAuthnConfigFile string
 	WebhookTokenAuthnCacheTTL   time.Duration
 
@@ -108,14 +108,6 @@ func (config AuthenticatorConfig) New() (authenticator.Request, *spec.SecurityDe
 		authenticators = append(authenticators, basicAuth)
 		hasBasicAuth = true
 	}
-	if len(config.KeystoneURL) > 0 {
-		keystoneAuth, err := newAuthenticatorFromKeystoneURL(config.KeystoneURL, config.KeystoneCAFile)
-		if err != nil {
-			return nil, nil, err
-		}
-		authenticators = append(authenticators, keystoneAuth)
-		hasBasicAuth = true
-	}
 
 	// X509 methods
 	if len(config.ClientCAFile) > 0 {
@@ -135,7 +127,14 @@ func (config AuthenticatorConfig) New() (authenticator.Request, *spec.SecurityDe
 		tokenAuthenticators = append(tokenAuthenticators, tokenAuth)
 	}
 	if len(config.ServiceAccountKeyFiles) > 0 {
-		serviceAccountAuth, err := newServiceAccountAuthenticator(config.ServiceAccountKeyFiles, config.ServiceAccountLookup, config.ServiceAccountTokenGetter)
+		serviceAccountAuth, err := newLegacyServiceAccountAuthenticator(config.ServiceAccountKeyFiles, config.ServiceAccountLookup, config.ServiceAccountTokenGetter)
+		if err != nil {
+			return nil, nil, err
+		}
+		tokenAuthenticators = append(tokenAuthenticators, serviceAccountAuth)
+	}
+	if utilfeature.DefaultFeatureGate.Enabled(features.TokenRequest) && config.ServiceAccountIssuer != "" {
+		serviceAccountAuth, err := newServiceAccountAuthenticator(config.ServiceAccountIssuer, config.ServiceAccountAPIAudiences, config.ServiceAccountKeyFiles, config.ServiceAccountTokenGetter)
 		if err != nil {
 			return nil, nil, err
 		}
@@ -154,7 +153,7 @@ func (config AuthenticatorConfig) New() (authenticator.Request, *spec.SecurityDe
 	// simply returns an error, the OpenID Connect plugin may query the provider to
 	// update the keys, causing performance hits.
 	if len(config.OIDCIssuerURL) > 0 && len(config.OIDCClientID) > 0 {
-		oidcAuth, err := newAuthenticatorFromOIDCIssuerURL(config.OIDCIssuerURL, config.OIDCClientID, config.OIDCCAFile, config.OIDCUsernameClaim, config.OIDCUsernamePrefix, config.OIDCGroupsClaim, config.OIDCGroupsPrefix)
+		oidcAuth, err := newAuthenticatorFromOIDCIssuerURL(config.OIDCIssuerURL, config.OIDCClientID, config.OIDCCAFile, config.OIDCUsernameClaim, config.OIDCUsernamePrefix, config.OIDCGroupsClaim, config.OIDCGroupsPrefix, config.OIDCSigningAlgs)
 		if err != nil {
 			return nil, nil, err
 		}
@@ -246,7 +245,7 @@ func newAuthenticatorFromTokenFile(tokenAuthFile string) (authenticator.Token, e
 }
 
 // newAuthenticatorFromOIDCIssuerURL returns an authenticator.Token or an error.
-func newAuthenticatorFromOIDCIssuerURL(issuerURL, clientID, caFile, usernameClaim, usernamePrefix, groupsClaim, groupsPrefix string) (authenticator.Token, error) {
+func newAuthenticatorFromOIDCIssuerURL(issuerURL, clientID, caFile, usernameClaim, usernamePrefix, groupsClaim, groupsPrefix string, signingAlgs []string) (authenticator.Token, error) {
 	const noUsernamePrefix = "-"
 
 	if usernamePrefix == "" && usernameClaim != "email" {
@@ -262,14 +261,15 @@ func newAuthenticatorFromOIDCIssuerURL(issuerURL, clientID, caFile, usernameClai
 		usernamePrefix = ""
 	}
 
-	tokenAuthenticator, err := oidc.New(oidc.OIDCOptions{
-		IssuerURL:      issuerURL,
-		ClientID:       clientID,
-		CAFile:         caFile,
-		UsernameClaim:  usernameClaim,
-		UsernamePrefix: usernamePrefix,
-		GroupsClaim:    groupsClaim,
-		GroupsPrefix:   groupsPrefix,
+	tokenAuthenticator, err := oidc.New(oidc.Options{
+		IssuerURL:            issuerURL,
+		ClientID:             clientID,
+		CAFile:               caFile,
+		UsernameClaim:        usernameClaim,
+		UsernamePrefix:       usernamePrefix,
+		GroupsClaim:          groupsClaim,
+		GroupsPrefix:         groupsPrefix,
+		SupportedSigningAlgs: signingAlgs,
 	})
 	if err != nil {
 		return nil, err
@@ -278,8 +278,23 @@ func newAuthenticatorFromOIDCIssuerURL(issuerURL, clientID, caFile, usernameClai
 	return tokenAuthenticator, nil
 }
 
+// newLegacyServiceAccountAuthenticator returns an authenticator.Token or an error
+func newLegacyServiceAccountAuthenticator(keyfiles []string, lookup bool, serviceAccountGetter serviceaccount.ServiceAccountTokenGetter) (authenticator.Token, error) {
+	allPublicKeys := []interface{}{}
+	for _, keyfile := range keyfiles {
+		publicKeys, err := certutil.PublicKeysFromFile(keyfile)
+		if err != nil {
+			return nil, err
+		}
+		allPublicKeys = append(allPublicKeys, publicKeys...)
+	}
+
+	tokenAuthenticator := serviceaccount.JWTTokenAuthenticator(serviceaccount.LegacyIssuer, allPublicKeys, serviceaccount.NewLegacyValidator(lookup, serviceAccountGetter))
+	return tokenAuthenticator, nil
+}
+
 // newServiceAccountAuthenticator returns an authenticator.Token or an error
-func newServiceAccountAuthenticator(keyfiles []string, lookup bool, serviceAccountGetter serviceaccount.ServiceAccountTokenGetter) (authenticator.Token, error) {
+func newServiceAccountAuthenticator(iss string, audiences []string, keyfiles []string, serviceAccountGetter serviceaccount.ServiceAccountTokenGetter) (authenticator.Token, error) {
 	allPublicKeys := []interface{}{}
 	for _, keyfile := range keyfiles {
 		publicKeys, err := certutil.PublicKeysFromFile(keyfile)
@@ -289,7 +304,7 @@ func newServiceAccountAuthenticator(keyfiles []string, lookup bool, serviceAccou
 		allPublicKeys = append(allPublicKeys, publicKeys...)
 	}
 
-	tokenAuthenticator := serviceaccount.JWTTokenAuthenticator(allPublicKeys, lookup, serviceAccountGetter)
+	tokenAuthenticator := serviceaccount.JWTTokenAuthenticator(iss, allPublicKeys, serviceaccount.NewValidator(audiences, serviceAccountGetter))
 	return tokenAuthenticator, nil
 }
 
@@ -306,16 +321,6 @@ func newAuthenticatorFromClientCAFile(clientCAFile string) (authenticator.Reques
 	return x509.New(opts, x509.CommonNameUserConversion), nil
 }
 
-// newAuthenticatorFromKeystoneURL returns an authenticator.Request or an error
-func newAuthenticatorFromKeystoneURL(keystoneURL string, keystoneCAFile string) (authenticator.Request, error) {
-	keystoneAuthenticator, err := keystone.NewKeystoneAuthenticator(keystoneURL, keystoneCAFile)
-	if err != nil {
-		return nil, err
-	}
-
-	return basicauth.New(keystoneAuthenticator), nil
-}
-
 func newWebhookTokenAuthenticator(webhookConfigFile string, ttl time.Duration) (authenticator.Token, error) {
 	webhookTokenAuthenticator, err := webhook.New(webhookConfigFile, ttl)
 	if err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authorizer/BUILD b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authorizer/BUILD
index 5d5acebfb764..59bd54a40cfb 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authorizer/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authorizer/BUILD
@@ -12,8 +12,7 @@ go_test(
     data = [
         "//pkg/auth/authorizer/abac:example_policy",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubeapiserver/authorizer",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//pkg/kubeapiserver/authorizer/modes:go_default_library"],
 )
 
@@ -33,6 +32,7 @@ go_library(
         "//vendor/k8s.io/apiserver/pkg/authorization/authorizerfactory:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authorization/union:go_default_library",
         "//vendor/k8s.io/apiserver/plugin/pkg/authorizer/webhook:go_default_library",
+        "//vendor/k8s.io/client-go/informers:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authorizer/config.go b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authorizer/config.go
index 659f2ae7a051..30661bc14fcb 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authorizer/config.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authorizer/config.go
@@ -25,6 +25,7 @@ import (
 	"k8s.io/apiserver/pkg/authorization/authorizerfactory"
 	"k8s.io/apiserver/pkg/authorization/union"
 	"k8s.io/apiserver/plugin/pkg/authorizer/webhook"
+	versionedinformers "k8s.io/client-go/informers"
 	"k8s.io/kubernetes/pkg/auth/authorizer/abac"
 	"k8s.io/kubernetes/pkg/auth/nodeidentifier"
 	informers "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion"
@@ -51,7 +52,8 @@ type AuthorizationConfig struct {
 	// TTL for caching of unauthorized responses from the webhook server.
 	WebhookCacheUnauthorizedTTL time.Duration
 
-	InformerFactory informers.SharedInformerFactory
+	InformerFactory          informers.SharedInformerFactory
+	VersionedInformerFactory versionedinformers.SharedInformerFactory
 }
 
 // New returns the right sort of union of multiple authorizer.Authorizer objects
@@ -71,6 +73,7 @@ func (config AuthorizationConfig) New() (authorizer.Authorizer, authorizer.RuleR
 		if authorizerMap[authorizationMode] {
 			return nil, nil, fmt.Errorf("Authorization mode %s specified more than once", authorizationMode)
 		}
+
 		// Keep cases in sync with constant list above.
 		switch authorizationMode {
 		case modes.ModeNode:
@@ -79,6 +82,7 @@ func (config AuthorizationConfig) New() (authorizer.Authorizer, authorizer.RuleR
 				graph,
 				config.InformerFactory.Core().InternalVersion().Pods(),
 				config.InformerFactory.Core().InternalVersion().PersistentVolumes(),
+				config.VersionedInformerFactory.Storage().V1beta1().VolumeAttachments(),
 			)
 			nodeAuthorizer := node.NewAuthorizer(graph, nodeidentifier.NewDefaultNodeIdentifier(), bootstrappolicy.NodeRules())
 			authorizers = append(authorizers, nodeAuthorizer)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authorizer/modes/BUILD b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authorizer/modes/BUILD
index 9be3d02c9a8a..97b233aa930f 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authorizer/modes/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authorizer/modes/BUILD
@@ -9,14 +9,14 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["modes_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubeapiserver/authorizer/modes",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
     name = "go_default_library",
     srcs = ["modes.go"],
     importpath = "k8s.io/kubernetes/pkg/kubeapiserver/authorizer/modes",
+    deps = ["//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authorizer/modes/modes.go b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authorizer/modes/modes.go
index 56a708a6b1d5..54d0a627701d 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authorizer/modes/modes.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/authorizer/modes/modes.go
@@ -16,6 +16,8 @@ limitations under the License.
 
 package modes
 
+import "k8s.io/apimachinery/pkg/util/sets"
+
 const (
 	ModeAlwaysAllow string = "AlwaysAllow"
 	ModeAlwaysDeny  string = "AlwaysDeny"
@@ -29,10 +31,5 @@ var AuthorizationModeChoices = []string{ModeAlwaysAllow, ModeAlwaysDeny, ModeABA
 
 // IsValidAuthorizationMode returns true if the given authorization mode is a valid one for the apiserver
 func IsValidAuthorizationMode(authzMode string) bool {
-	for _, validMode := range AuthorizationModeChoices {
-		if authzMode == validMode {
-			return true
-		}
-	}
-	return false
+	return sets.NewString(AuthorizationModeChoices...).Has(authzMode)
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/default_storage_factory_builder.go b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/default_storage_factory_builder.go
index ca1a3d35b331..9b09d914128f 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/default_storage_factory_builder.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/default_storage_factory_builder.go
@@ -17,20 +17,15 @@ limitations under the License.
 package kubeapiserver
 
 import (
-	"fmt"
-	"strconv"
-	"strings"
-
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apiserver/pkg/server/resourceconfig"
 	serverstorage "k8s.io/apiserver/pkg/server/storage"
 	"k8s.io/apiserver/pkg/storage/storagebackend"
-	utilflag "k8s.io/apiserver/pkg/util/flag"
-	"k8s.io/kubernetes/pkg/api/legacyscheme"
 )
 
-// specialDefaultResourcePrefixes are prefixes compiled into Kubernetes.
-var specialDefaultResourcePrefixes = map[schema.GroupResource]string{
+// SpecialDefaultResourcePrefixes are prefixes compiled into Kubernetes.
+var SpecialDefaultResourcePrefixes = map[schema.GroupResource]string{
 	{Group: "", Resource: "replicationControllers"}:        "controllers",
 	{Group: "", Resource: "replicationcontrollers"}:        "controllers",
 	{Group: "", Resource: "endpoints"}:                     "services/endpoints",
@@ -38,154 +33,21 @@ var specialDefaultResourcePrefixes = map[schema.GroupResource]string{
 	{Group: "", Resource: "services"}:                      "services/specs",
 	{Group: "extensions", Resource: "ingresses"}:           "ingress",
 	{Group: "extensions", Resource: "podsecuritypolicies"}: "podsecuritypolicy",
+	{Group: "policy", Resource: "podsecuritypolicies"}:     "podsecuritypolicy",
 }
 
 // NewStorageFactory builds the DefaultStorageFactory.
-// Merges defaultResourceConfig with the user specified overrides and merges
-// defaultAPIResourceConfig with the corresponding user specified overrides as well.
-func NewStorageFactory(storageConfig storagebackend.Config, defaultMediaType string, serializer runtime.StorageSerializer,
-	defaultResourceEncoding *serverstorage.DefaultResourceEncodingConfig, storageEncodingOverrides map[string]schema.GroupVersion, resourceEncodingOverrides []schema.GroupVersionResource,
-	defaultAPIResourceConfig *serverstorage.ResourceConfig, resourceConfigOverrides utilflag.ConfigurationMap) (*serverstorage.DefaultStorageFactory, error) {
-
-	resourceEncodingConfig := mergeGroupEncodingConfigs(defaultResourceEncoding, storageEncodingOverrides)
-	resourceEncodingConfig = mergeResourceEncodingConfigs(resourceEncodingConfig, resourceEncodingOverrides)
-	apiResourceConfig, err := mergeAPIResourceConfigs(defaultAPIResourceConfig, resourceConfigOverrides)
-	if err != nil {
-		return nil, err
-	}
-	return serverstorage.NewDefaultStorageFactory(storageConfig, defaultMediaType, serializer, resourceEncodingConfig, apiResourceConfig, specialDefaultResourcePrefixes), nil
-}
-
-// Merges the given defaultResourceConfig with specifc GroupvVersionResource overrides.
-func mergeResourceEncodingConfigs(defaultResourceEncoding *serverstorage.DefaultResourceEncodingConfig, resourceEncodingOverrides []schema.GroupVersionResource) *serverstorage.DefaultResourceEncodingConfig {
-	resourceEncodingConfig := defaultResourceEncoding
-	for _, gvr := range resourceEncodingOverrides {
-		resourceEncodingConfig.SetResourceEncoding(gvr.GroupResource(), gvr.GroupVersion(),
-			schema.GroupVersion{Group: gvr.Group, Version: runtime.APIVersionInternal})
-	}
-	return resourceEncodingConfig
-}
-
-// Merges the given defaultResourceConfig with specifc GroupVersion overrides.
-func mergeGroupEncodingConfigs(defaultResourceEncoding *serverstorage.DefaultResourceEncodingConfig, storageEncodingOverrides map[string]schema.GroupVersion) *serverstorage.DefaultResourceEncodingConfig {
-	resourceEncodingConfig := defaultResourceEncoding
-	for group, storageEncodingVersion := range storageEncodingOverrides {
-		resourceEncodingConfig.SetVersionEncoding(group, storageEncodingVersion, schema.GroupVersion{Group: group, Version: runtime.APIVersionInternal})
-	}
-	return resourceEncodingConfig
-}
-
-// Merges the given defaultAPIResourceConfig with the given resourceConfigOverrides.
-func mergeAPIResourceConfigs(defaultAPIResourceConfig *serverstorage.ResourceConfig, resourceConfigOverrides utilflag.ConfigurationMap) (*serverstorage.ResourceConfig, error) {
-	resourceConfig := defaultAPIResourceConfig
-	overrides := resourceConfigOverrides
-
-	// "api/all=false" allows users to selectively enable specific api versions.
-	allAPIFlagValue, ok := overrides["api/all"]
-	if ok {
-		if allAPIFlagValue == "false" {
-			// Disable all group versions.
-			resourceConfig.DisableVersions(legacyscheme.Registry.RegisteredGroupVersions()...)
-		} else if allAPIFlagValue == "true" {
-			resourceConfig.EnableVersions(legacyscheme.Registry.RegisteredGroupVersions()...)
-		}
-	}
-
-	// "api/legacy=false" allows users to disable legacy api versions.
-	disableLegacyAPIs := false
-	legacyAPIFlagValue, ok := overrides["api/legacy"]
-	if ok && legacyAPIFlagValue == "false" {
-		disableLegacyAPIs = true
-	}
-	_ = disableLegacyAPIs // hush the compiler while we don't have legacy APIs to disable.
-
-	// "<resourceSpecifier>={true|false} allows users to enable/disable API.
-	// This takes preference over api/all and api/legacy, if specified.
-	// Iterate through all group/version overrides specified in runtimeConfig.
-	for key := range overrides {
-		if key == "api/all" || key == "api/legacy" {
-			// Have already handled them above. Can skip them here.
-			continue
-		}
-		tokens := strings.Split(key, "/")
-		if len(tokens) != 2 {
-			continue
-		}
-		groupVersionString := tokens[0] + "/" + tokens[1]
-		// HACK: Hack for "v1" legacy group version.
-		// Remove when we stop supporting the legacy group version.
-		if groupVersionString == "api/v1" {
-			groupVersionString = "v1"
-		}
-		groupVersion, err := schema.ParseGroupVersion(groupVersionString)
-		if err != nil {
-			return nil, fmt.Errorf("invalid key %s", key)
-		}
-		// Verify that the groupVersion is legacyscheme.Registry.
-		if !legacyscheme.Registry.IsRegisteredVersion(groupVersion) {
-			return nil, fmt.Errorf("group version %s that has not been registered", groupVersion.String())
-		}
-		enabled, err := getRuntimeConfigValue(overrides, key, false)
-		if err != nil {
-			return nil, err
-		}
-		if enabled {
-			resourceConfig.EnableVersions(groupVersion)
-		} else {
-			resourceConfig.DisableVersions(groupVersion)
-		}
-	}
-
-	// Iterate through all group/version/resource overrides specified in runtimeConfig.
-	for key := range overrides {
-		tokens := strings.Split(key, "/")
-		if len(tokens) != 3 {
-			continue
-		}
-		groupVersionString := tokens[0] + "/" + tokens[1]
-		// HACK: Hack for "v1" legacy group version.
-		// Remove when we stop supporting the legacy group version.
-		if groupVersionString == "api/v1" {
-			groupVersionString = "v1"
-		}
-		groupVersion, err := schema.ParseGroupVersion(groupVersionString)
-		if err != nil {
-			return nil, fmt.Errorf("invalid key %s", key)
-		}
-		resource := tokens[2]
-		// Verify that the groupVersion is legacyscheme.Registry.
-		if !legacyscheme.Registry.IsRegisteredVersion(groupVersion) {
-			return nil, fmt.Errorf("group version %s that has not been registered", groupVersion.String())
-		}
-
-		if !resourceConfig.AnyResourcesForVersionEnabled(groupVersion) {
-			return nil, fmt.Errorf("%v is disabled, you cannot configure its resources individually", groupVersion)
-		}
-
-		enabled, err := getRuntimeConfigValue(overrides, key, false)
-		if err != nil {
-			return nil, err
-		}
-		if enabled {
-			resourceConfig.EnableResources(groupVersion.WithResource(resource))
-		} else {
-			resourceConfig.DisableResources(groupVersion.WithResource(resource))
-		}
-	}
-	return resourceConfig, nil
-}
-
-func getRuntimeConfigValue(overrides utilflag.ConfigurationMap, apiKey string, defaultValue bool) (bool, error) {
-	flagValue, ok := overrides[apiKey]
-	if ok {
-		if flagValue == "" {
-			return true, nil
-		}
-		boolValue, err := strconv.ParseBool(flagValue)
-		if err != nil {
-			return false, fmt.Errorf("invalid value of %s: %s, err: %v", apiKey, flagValue, err)
-		}
-		return boolValue, nil
-	}
-	return defaultValue, nil
+// Merges defaultResourceEncoding with the user specified overrides.
+func NewStorageFactory(
+	storageConfig storagebackend.Config,
+	defaultMediaType string,
+	serializer runtime.StorageSerializer,
+	defaultResourceEncoding *serverstorage.DefaultResourceEncodingConfig,
+	storageEncodingOverrides map[string]schema.GroupVersion,
+	resourceEncodingOverrides []schema.GroupVersionResource,
+	apiResourceConfig *serverstorage.ResourceConfig,
+) (*serverstorage.DefaultStorageFactory, error) {
+	resourceEncodingConfig := resourceconfig.MergeGroupEncodingConfigs(defaultResourceEncoding, storageEncodingOverrides)
+	resourceEncodingConfig = resourceconfig.MergeResourceEncodingConfigs(resourceEncodingConfig, resourceEncodingOverrides)
+	return serverstorage.NewDefaultStorageFactory(storageConfig, defaultMediaType, serializer, resourceEncodingConfig, apiResourceConfig, SpecialDefaultResourcePrefixes), nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/BUILD b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/BUILD
index 4c8d3d517cd6..b4fae4a15414 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/BUILD
@@ -9,11 +9,12 @@ load(
 go_library(
     name = "go_default_library",
     srcs = [
-        "api_enablement.go",
+        "admission.go",
         "authentication.go",
         "authorization.go",
         "cloudprovider.go",
         "options.go",
+        "plugins.go",
         "serving.go",
         "storage_versions.go",
     ],
@@ -21,20 +22,54 @@ go_library(
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/client/informers/informers_generated/internalversion:go_default_library",
-        "//pkg/cloudprovider:go_default_library",
+        "//pkg/cloudprovider/providers:go_default_library",
         "//pkg/kubeapiserver/authenticator:go_default_library",
         "//pkg/kubeapiserver/authorizer:go_default_library",
         "//pkg/kubeapiserver/authorizer/modes:go_default_library",
         "//pkg/kubeapiserver/server:go_default_library",
+        "//plugin/pkg/admission/admit:go_default_library",
+        "//plugin/pkg/admission/alwayspullimages:go_default_library",
+        "//plugin/pkg/admission/antiaffinity:go_default_library",
+        "//plugin/pkg/admission/defaulttolerationseconds:go_default_library",
+        "//plugin/pkg/admission/deny:go_default_library",
+        "//plugin/pkg/admission/eventratelimit:go_default_library",
+        "//plugin/pkg/admission/exec:go_default_library",
+        "//plugin/pkg/admission/extendedresourcetoleration:go_default_library",
+        "//plugin/pkg/admission/gc:go_default_library",
+        "//plugin/pkg/admission/imagepolicy:go_default_library",
+        "//plugin/pkg/admission/initialresources:go_default_library",
+        "//plugin/pkg/admission/limitranger:go_default_library",
+        "//plugin/pkg/admission/namespace/autoprovision:go_default_library",
+        "//plugin/pkg/admission/namespace/exists:go_default_library",
+        "//plugin/pkg/admission/noderestriction:go_default_library",
+        "//plugin/pkg/admission/persistentvolume/label:go_default_library",
+        "//plugin/pkg/admission/persistentvolume/resize:go_default_library",
+        "//plugin/pkg/admission/podnodeselector:go_default_library",
+        "//plugin/pkg/admission/podpreset:go_default_library",
+        "//plugin/pkg/admission/podtolerationrestriction:go_default_library",
+        "//plugin/pkg/admission/priority:go_default_library",
+        "//plugin/pkg/admission/resourcequota:go_default_library",
+        "//plugin/pkg/admission/security/podsecuritypolicy:go_default_library",
+        "//plugin/pkg/admission/securitycontext/scdeny:go_default_library",
+        "//plugin/pkg/admission/serviceaccount:go_default_library",
+        "//plugin/pkg/admission/storage/storageclass/setdefault:go_default_library",
+        "//plugin/pkg/admission/storage/storageobjectinuseprotection:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/pborman/uuid:go_default_library",
         "//vendor/github.com/spf13/pflag:go_default_library",
-        "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/admission/plugin/initialization:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/mutating:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/validating:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server/options:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/util/flag:go_default_library",
+        "//vendor/k8s.io/client-go/informers:go_default_library",
+        "//vendor/k8s.io/client-go/rest:go_default_library",
     ],
 )
 
@@ -53,8 +88,10 @@ filegroup(
 
 go_test(
     name = "go_default_test",
-    srcs = ["storage_versions_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubeapiserver/options",
-    library = ":go_default_library",
+    srcs = [
+        "admission_test.go",
+        "storage_versions_test.go",
+    ],
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/admission.go b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/admission.go
new file mode 100644
index 000000000000..77f42c3a6f18
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/admission.go
@@ -0,0 +1,128 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package options
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/spf13/pflag"
+
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/apiserver/pkg/admission"
+	"k8s.io/apiserver/pkg/server"
+	genericoptions "k8s.io/apiserver/pkg/server/options"
+	"k8s.io/client-go/informers"
+	"k8s.io/client-go/rest"
+)
+
+// AdmissionOptions holds the admission options.
+// It is a wrap of generic AdmissionOptions.
+type AdmissionOptions struct {
+	// GenericAdmission holds the generic admission options.
+	GenericAdmission *genericoptions.AdmissionOptions
+	// DEPRECATED flag, should use EnabledAdmissionPlugins and DisabledAdmissionPlugins.
+	// They are mutually exclusive, specify both will lead to an error.
+	PluginNames []string
+}
+
+// NewAdmissionOptions creates a new instance of AdmissionOptions
+// Note:
+//  In addition it calls RegisterAllAdmissionPlugins to register
+//  all kube-apiserver admission plugins.
+//
+//  Provides the list of RecommendedPluginOrder that holds sane values
+//  that can be used by servers that don't care about admission chain.
+//  Servers that do care can overwrite/append that field after creation.
+func NewAdmissionOptions() *AdmissionOptions {
+	options := genericoptions.NewAdmissionOptions()
+	// register all admission plugins
+	RegisterAllAdmissionPlugins(options.Plugins)
+	// set RecommendedPluginOrder
+	options.RecommendedPluginOrder = AllOrderedPlugins
+	// set DefaultOffPlugins
+	options.DefaultOffPlugins = DefaultOffAdmissionPlugins()
+
+	return &AdmissionOptions{
+		GenericAdmission: options,
+	}
+}
+
+// AddFlags adds flags related to admission for kube-apiserver to the specified FlagSet
+func (a *AdmissionOptions) AddFlags(fs *pflag.FlagSet) {
+	fs.StringSliceVar(&a.PluginNames, "admission-control", a.PluginNames, ""+
+		"Admission is divided into two phases. "+
+		"In the first phase, only mutating admission plugins run. "+
+		"In the second phase, only validating admission plugins run. "+
+		"The names in the below list may represent a validating plugin, a mutating plugin, or both. "+
+		"The order of plugins in which they are passed to this flag does not matter. "+
+		"Comma-delimited list of: "+strings.Join(a.GenericAdmission.Plugins.Registered(), ", ")+".")
+	fs.MarkDeprecated("admission-control", "Use --enable-admission-plugins or --disable-admission-plugins instead. Will be removed in a future version.")
+
+	a.GenericAdmission.AddFlags(fs)
+}
+
+// Validate verifies flags passed to kube-apiserver AdmissionOptions.
+// Kube-apiserver verifies PluginNames and then call generic AdmissionOptions.Validate.
+func (a *AdmissionOptions) Validate() []error {
+	if a == nil {
+		return nil
+	}
+	errs := []error{}
+	if a.PluginNames != nil &&
+		(a.GenericAdmission.EnablePlugins != nil || a.GenericAdmission.DisablePlugins != nil) {
+		errs = append(errs, fmt.Errorf("admission-control and enable-admission-plugins/disable-admission-plugins flags are mutually exclusive"))
+	}
+
+	registeredPlugins := sets.NewString(a.GenericAdmission.Plugins.Registered()...)
+	for _, name := range a.PluginNames {
+		if !registeredPlugins.Has(name) {
+			errs = append(errs, fmt.Errorf("admission-control plugin %q is unknown", name))
+		}
+	}
+
+	errs = append(errs, a.GenericAdmission.Validate()...)
+
+	return errs
+}
+
+// ApplyTo adds the admission chain to the server configuration.
+// Kube-apiserver just call generic AdmissionOptions.ApplyTo.
+func (a *AdmissionOptions) ApplyTo(
+	c *server.Config,
+	informers informers.SharedInformerFactory,
+	kubeAPIServerClientConfig *rest.Config,
+	scheme *runtime.Scheme,
+	pluginInitializers ...admission.PluginInitializer,
+) error {
+	if a == nil {
+		return nil
+	}
+
+	if a.PluginNames != nil {
+		// pass PluginNames to generic AdmissionOptions
+		a.GenericAdmission.EnablePlugins, a.GenericAdmission.DisablePlugins = computePluginNames(a.PluginNames, a.GenericAdmission.RecommendedPluginOrder)
+	}
+
+	return a.GenericAdmission.ApplyTo(c, informers, kubeAPIServerClientConfig, scheme, pluginInitializers...)
+}
+
+// explicitly disable all plugins that are not in the enabled list
+func computePluginNames(explicitlyEnabled []string, all []string) (enabled []string, disabled []string) {
+	return explicitlyEnabled, sets.NewString(all...).Difference(sets.NewString(explicitlyEnabled...)).List()
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/api_enablement.go b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/api_enablement.go
deleted file mode 100644
index fe5accd4f1a8..000000000000
--- a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/api_enablement.go
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
-Copyright 2017 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package options
-
-import (
-	"github.com/spf13/pflag"
-
-	utilflag "k8s.io/apiserver/pkg/util/flag"
-)
-
-// APIEnablementOptions contains the options for which resources to turn on and off.
-// Given small aggregated API servers, this option isn't required for "normal" API servers
-type APIEnablementOptions struct {
-	RuntimeConfig utilflag.ConfigurationMap
-}
-
-func NewAPIEnablementOptions() *APIEnablementOptions {
-	return &APIEnablementOptions{
-		RuntimeConfig: make(utilflag.ConfigurationMap),
-	}
-}
-
-// AddFlags adds flags for a specific APIServer to the specified FlagSet
-func (s *APIEnablementOptions) AddFlags(fs *pflag.FlagSet) {
-	fs.Var(&s.RuntimeConfig, "runtime-config", ""+
-		"A set of key=value pairs that describe runtime configuration that may be passed "+
-		"to apiserver. apis/<groupVersion> key can be used to turn on/off specific api versions. "+
-		"apis/<groupVersion>/<resource> can be used to turn on/off specific resources. api/all and "+
-		"api/legacy are special keys to control all and legacy api versions respectively.")
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/authentication.go b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/authentication.go
index 6a6b579f2153..1a71fb177347 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/authentication.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/authentication.go
@@ -18,6 +18,7 @@ package options
 
 import (
 	"fmt"
+	"net/url"
 	"strings"
 	"time"
 
@@ -34,7 +35,6 @@ type BuiltInAuthenticationOptions struct {
 	Anonymous       *AnonymousAuthenticationOptions
 	BootstrapToken  *BootstrapTokenAuthenticationOptions
 	ClientCert      *genericoptions.ClientCertAuthenticationOptions
-	Keystone        *KeystoneAuthenticationOptions
 	OIDC            *OIDCAuthenticationOptions
 	PasswordFile    *PasswordFileAuthenticationOptions
 	RequestHeader   *genericoptions.RequestHeaderAuthenticationOptions
@@ -54,11 +54,6 @@ type BootstrapTokenAuthenticationOptions struct {
 	Enable bool
 }
 
-type KeystoneAuthenticationOptions struct {
-	URL    string
-	CAFile string
-}
-
 type OIDCAuthenticationOptions struct {
 	CAFile         string
 	ClientID       string
@@ -67,6 +62,7 @@ type OIDCAuthenticationOptions struct {
 	UsernamePrefix string
 	GroupsClaim    string
 	GroupsPrefix   string
+	SigningAlgs    []string
 }
 
 type PasswordFileAuthenticationOptions struct {
@@ -74,8 +70,10 @@ type PasswordFileAuthenticationOptions struct {
 }
 
 type ServiceAccountAuthenticationOptions struct {
-	KeyFiles []string
-	Lookup   bool
+	KeyFiles     []string
+	Lookup       bool
+	Issuer       string
+	APIAudiences []string
 }
 
 type TokenFileAuthenticationOptions struct {
@@ -99,7 +97,6 @@ func (s *BuiltInAuthenticationOptions) WithAll() *BuiltInAuthenticationOptions {
 		WithAnonymous().
 		WithBootstrapToken().
 		WithClientCert().
-		WithKeystone().
 		WithOIDC().
 		WithPasswordFile().
 		WithRequestHeader().
@@ -123,11 +120,6 @@ func (s *BuiltInAuthenticationOptions) WithClientCert() *BuiltInAuthenticationOp
 	return s
 }
 
-func (s *BuiltInAuthenticationOptions) WithKeystone() *BuiltInAuthenticationOptions {
-	s.Keystone = &KeystoneAuthenticationOptions{}
-	return s
-}
-
 func (s *BuiltInAuthenticationOptions) WithOIDC() *BuiltInAuthenticationOptions {
 	s.OIDC = &OIDCAuthenticationOptions{}
 	return s
@@ -168,6 +160,12 @@ func (s *BuiltInAuthenticationOptions) Validate() []error {
 		allErrors = append(allErrors, fmt.Errorf("oidc-issuer-url and oidc-client-id should be specified together"))
 	}
 
+	if s.ServiceAccounts != nil && len(s.ServiceAccounts.Issuer) > 0 && strings.Contains(s.ServiceAccounts.Issuer, ":") {
+		if _, err := url.Parse(s.ServiceAccounts.Issuer); err != nil {
+			allErrors = append(allErrors, fmt.Errorf("service-account-issuer contained a ':' but was not a valid URL: %v", err))
+		}
+	}
+
 	return allErrors
 }
 
@@ -189,15 +187,6 @@ func (s *BuiltInAuthenticationOptions) AddFlags(fs *pflag.FlagSet) {
 		s.ClientCert.AddFlags(fs)
 	}
 
-	if s.Keystone != nil {
-		fs.StringVar(&s.Keystone.URL, "experimental-keystone-url", s.Keystone.URL,
-			"If passed, activates the keystone authentication plugin.")
-
-		fs.StringVar(&s.Keystone.CAFile, "experimental-keystone-ca-file", s.Keystone.CAFile, ""+
-			"If set, the Keystone server's certificate will be verified by one of the authorities "+
-			"in the experimental-keystone-ca-file, otherwise the host's root CA set will be used.")
-	}
-
 	if s.OIDC != nil {
 		fs.StringVar(&s.OIDC.IssuerURL, "oidc-issuer-url", s.OIDC.IssuerURL, ""+
 			"The URL of the OpenID issuer, only HTTPS scheme will be accepted. "+
@@ -229,6 +218,10 @@ func (s *BuiltInAuthenticationOptions) AddFlags(fs *pflag.FlagSet) {
 			"If provided, all groups will be prefixed with this value to prevent conflicts with "+
 			"other authentication strategies.")
 
+		fs.StringSliceVar(&s.OIDC.SigningAlgs, "oidc-signing-algs", []string{"RS256"}, ""+
+			"Comma-separated list of allowed JOSE asymmetric signing algorithms. JWTs with a "+
+			"'alg' header value not in this list will be rejected. "+
+			"Values are defined by RFC 7518 https://tools.ietf.org/html/rfc7518#section-3.1.")
 	}
 
 	if s.PasswordFile != nil {
@@ -244,11 +237,21 @@ func (s *BuiltInAuthenticationOptions) AddFlags(fs *pflag.FlagSet) {
 	if s.ServiceAccounts != nil {
 		fs.StringArrayVar(&s.ServiceAccounts.KeyFiles, "service-account-key-file", s.ServiceAccounts.KeyFiles, ""+
 			"File containing PEM-encoded x509 RSA or ECDSA private or public keys, used to verify "+
-			"ServiceAccount tokens. If unspecified, --tls-private-key-file is used. "+
-			"The specified file can contain multiple keys, and the flag can be specified multiple times with different files.")
+			"ServiceAccount tokens. The specified file can contain multiple keys, and the flag can "+
+			"be specified multiple times with different files. If unspecified, "+
+			"--tls-private-key-file is used. Must be specified when "+
+			"--service-account-signing-key is provided")
 
 		fs.BoolVar(&s.ServiceAccounts.Lookup, "service-account-lookup", s.ServiceAccounts.Lookup,
 			"If true, validate ServiceAccount tokens exist in etcd as part of authentication.")
+
+		fs.StringVar(&s.ServiceAccounts.Issuer, "service-account-issuer", s.ServiceAccounts.Issuer, ""+
+			"Identifier of the service account token issuer. The issuer will assert this identifier "+
+			"in \"iss\" claim of issued tokens. This value is a string or URI.")
+
+		fs.StringSliceVar(&s.ServiceAccounts.APIAudiences, "service-account-api-audiences", s.ServiceAccounts.APIAudiences, ""+
+			"Identifiers of the API. The service account token authenticator will validate that "+
+			"tokens used against the API are bound to at least one of these audiences.")
 	}
 
 	if s.TokenFile != nil {
@@ -285,11 +288,6 @@ func (s *BuiltInAuthenticationOptions) ToAuthenticationConfig() authenticator.Au
 		ret.ClientCAFile = s.ClientCert.ClientCA
 	}
 
-	if s.Keystone != nil {
-		ret.KeystoneURL = s.Keystone.URL
-		ret.KeystoneCAFile = s.Keystone.CAFile
-	}
-
 	if s.OIDC != nil {
 		ret.OIDCCAFile = s.OIDC.CAFile
 		ret.OIDCClientID = s.OIDC.ClientID
@@ -298,6 +296,7 @@ func (s *BuiltInAuthenticationOptions) ToAuthenticationConfig() authenticator.Au
 		ret.OIDCIssuerURL = s.OIDC.IssuerURL
 		ret.OIDCUsernameClaim = s.OIDC.UsernameClaim
 		ret.OIDCUsernamePrefix = s.OIDC.UsernamePrefix
+		ret.OIDCSigningAlgs = s.OIDC.SigningAlgs
 	}
 
 	if s.PasswordFile != nil {
@@ -311,6 +310,8 @@ func (s *BuiltInAuthenticationOptions) ToAuthenticationConfig() authenticator.Au
 	if s.ServiceAccounts != nil {
 		ret.ServiceAccountKeyFiles = s.ServiceAccounts.KeyFiles
 		ret.ServiceAccountLookup = s.ServiceAccounts.Lookup
+		ret.ServiceAccountIssuer = s.ServiceAccounts.Issuer
+		ret.ServiceAccountAPIAudiences = s.ServiceAccounts.APIAudiences
 	}
 
 	if s.TokenFile != nil {
@@ -341,19 +342,17 @@ func (o *BuiltInAuthenticationOptions) ApplyTo(c *genericapiserver.Config) error
 
 	var err error
 	if o.ClientCert != nil {
-		c, err = c.ApplyClientCert(o.ClientCert.ClientCA)
-		if err != nil {
+		if err = c.Authentication.ApplyClientCert(o.ClientCert.ClientCA, c.SecureServing); err != nil {
 			return fmt.Errorf("unable to load client CA file: %v", err)
 		}
 	}
 	if o.RequestHeader != nil {
-		c, err = c.ApplyClientCert(o.RequestHeader.ClientCAFile)
-		if err != nil {
+		if err = c.Authentication.ApplyClientCert(o.RequestHeader.ClientCAFile, c.SecureServing); err != nil {
 			return fmt.Errorf("unable to load client CA file: %v", err)
 		}
 	}
 
-	c.SupportsBasicAuth = o.PasswordFile != nil && len(o.PasswordFile.BasicAuthFile) > 0
+	c.Authentication.SupportsBasicAuth = o.PasswordFile != nil && len(o.PasswordFile.BasicAuthFile) > 0
 
 	return nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/authorization.go b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/authorization.go
index 1f69c7d55f72..88c04e7e1146 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/authorization.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/authorization.go
@@ -22,6 +22,7 @@ import (
 
 	"github.com/spf13/pflag"
 
+	versionedinformers "k8s.io/client-go/informers"
 	informers "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion"
 	"k8s.io/kubernetes/pkg/kubeapiserver/authorizer"
 	authzmodes "k8s.io/kubernetes/pkg/kubeapiserver/authorizer/modes"
@@ -83,7 +84,7 @@ func (s *BuiltInAuthorizationOptions) Modes() []string {
 	return modes
 }
 
-func (s *BuiltInAuthorizationOptions) ToAuthorizationConfig(informerFactory informers.SharedInformerFactory) authorizer.AuthorizationConfig {
+func (s *BuiltInAuthorizationOptions) ToAuthorizationConfig(informerFactory informers.SharedInformerFactory, versionedInformerFactory versionedinformers.SharedInformerFactory) authorizer.AuthorizationConfig {
 	return authorizer.AuthorizationConfig{
 		AuthorizationModes:          s.Modes(),
 		PolicyFile:                  s.PolicyFile,
@@ -91,5 +92,6 @@ func (s *BuiltInAuthorizationOptions) ToAuthorizationConfig(informerFactory info
 		WebhookCacheAuthorizedTTL:   s.WebhookCacheAuthorizedTTL,
 		WebhookCacheUnauthorizedTTL: s.WebhookCacheUnauthorizedTTL,
 		InformerFactory:             informerFactory,
+		VersionedInformerFactory:    versionedInformerFactory,
 	}
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/cloudprovider.go b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/cloudprovider.go
index 310acb592ced..9b8119fb0722 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/cloudprovider.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/cloudprovider.go
@@ -17,15 +17,7 @@ limitations under the License.
 package options
 
 import (
-	"fmt"
-	"os"
-
-	"github.com/golang/glog"
 	"github.com/spf13/pflag"
-
-	"k8s.io/api/core/v1"
-	genericoptions "k8s.io/apiserver/pkg/server/options"
-	"k8s.io/kubernetes/pkg/cloudprovider"
 )
 
 type CloudProviderOptions struct {
@@ -49,44 +41,3 @@ func (s *CloudProviderOptions) AddFlags(fs *pflag.FlagSet) {
 	fs.StringVar(&s.CloudConfigFile, "cloud-config", s.CloudConfigFile,
 		"The path to the cloud provider configuration file. Empty string for no configuration file.")
 }
-
-func (s *CloudProviderOptions) DefaultExternalHost(genericoptions *genericoptions.ServerRunOptions) error {
-	if len(genericoptions.ExternalHost) != 0 {
-		return nil
-	}
-
-	if cloudprovider.IsCloudProvider(s.CloudProvider) {
-		glog.Info("--external-hostname was not specified. Trying to get it from the cloud provider.")
-
-		cloud, err := cloudprovider.InitCloudProvider(s.CloudProvider, s.CloudConfigFile)
-		if err != nil {
-			return fmt.Errorf("%q cloud provider could not be initialized: %v", s.CloudProvider, err)
-		}
-		instances, supported := cloud.Instances()
-		if !supported {
-			return fmt.Errorf("%q cloud provider has no instances", s.CloudProvider)
-		}
-		hostname, err := os.Hostname()
-		if err != nil {
-			return fmt.Errorf("failed to get hostname: %v", err)
-		}
-		nodeName, err := instances.CurrentNodeName(hostname)
-		if err != nil {
-			return fmt.Errorf("failed to get NodeName from %q cloud provider: %v", s.CloudProvider, err)
-		}
-		addrs, err := instances.NodeAddresses(nodeName)
-		if err != nil {
-			return fmt.Errorf("failed to get external host address from %q cloud provider: %v", s.CloudProvider, err)
-		} else {
-			for _, addr := range addrs {
-				if addr.Type == v1.NodeExternalIP {
-					genericoptions.ExternalHost = addr.Address
-					glog.Warning("[Deprecated] Getting host address using cloud provider is " +
-						"now deprecated. Please use --external-hostname explicitly")
-				}
-			}
-		}
-	}
-
-	return nil
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/options.go b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/options.go
index acc1c91f9f22..f7e6eedaf717 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/options.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/options.go
@@ -17,8 +17,13 @@ limitations under the License.
 package options
 
 import (
+	"net"
+
 	utilnet "k8s.io/apimachinery/pkg/util/net"
 )
 
 // DefaultServiceNodePortRange is the default port range for NodePort services.
 var DefaultServiceNodePortRange = utilnet.PortRange{Base: 30000, Size: 2768}
+
+// DefaultServiceIPCIDR is a CIDR notation of IP range from which to allocate service cluster IPs
+var DefaultServiceIPCIDR net.IPNet = net.IPNet{IP: net.ParseIP("10.0.0.0"), Mask: net.CIDRMask(24, 32)}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/plugins.go b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/plugins.go
new file mode 100644
index 000000000000..75095b20d1fc
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/plugins.go
@@ -0,0 +1,146 @@
+/*
+Copyright 2014 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package options
+
+// This file exists to force the desired plugin implementations to be linked.
+// This should probably be part of some configuration fed into the build for a
+// given binary target.
+import (
+	// Cloud providers
+	_ "k8s.io/kubernetes/pkg/cloudprovider/providers"
+
+	// Admission policies
+	"k8s.io/kubernetes/plugin/pkg/admission/admit"
+	"k8s.io/kubernetes/plugin/pkg/admission/alwayspullimages"
+	"k8s.io/kubernetes/plugin/pkg/admission/antiaffinity"
+	"k8s.io/kubernetes/plugin/pkg/admission/defaulttolerationseconds"
+	"k8s.io/kubernetes/plugin/pkg/admission/deny"
+	"k8s.io/kubernetes/plugin/pkg/admission/eventratelimit"
+	"k8s.io/kubernetes/plugin/pkg/admission/exec"
+	"k8s.io/kubernetes/plugin/pkg/admission/extendedresourcetoleration"
+	"k8s.io/kubernetes/plugin/pkg/admission/gc"
+	"k8s.io/kubernetes/plugin/pkg/admission/imagepolicy"
+	"k8s.io/kubernetes/plugin/pkg/admission/initialresources"
+	"k8s.io/kubernetes/plugin/pkg/admission/limitranger"
+	"k8s.io/kubernetes/plugin/pkg/admission/namespace/autoprovision"
+	"k8s.io/kubernetes/plugin/pkg/admission/namespace/exists"
+	"k8s.io/kubernetes/plugin/pkg/admission/noderestriction"
+	"k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/label"
+	"k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/resize"
+	"k8s.io/kubernetes/plugin/pkg/admission/podnodeselector"
+	"k8s.io/kubernetes/plugin/pkg/admission/podpreset"
+	"k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction"
+	podpriority "k8s.io/kubernetes/plugin/pkg/admission/priority"
+	"k8s.io/kubernetes/plugin/pkg/admission/resourcequota"
+	"k8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy"
+	"k8s.io/kubernetes/plugin/pkg/admission/securitycontext/scdeny"
+	"k8s.io/kubernetes/plugin/pkg/admission/serviceaccount"
+	"k8s.io/kubernetes/plugin/pkg/admission/storage/storageclass/setdefault"
+	"k8s.io/kubernetes/plugin/pkg/admission/storage/storageobjectinuseprotection"
+
+	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/apiserver/pkg/admission"
+	"k8s.io/apiserver/pkg/admission/plugin/initialization"
+	"k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle"
+	mutatingwebhook "k8s.io/apiserver/pkg/admission/plugin/webhook/mutating"
+	validatingwebhook "k8s.io/apiserver/pkg/admission/plugin/webhook/validating"
+)
+
+// AllOrderedPlugins is the list of all the plugins in order.
+var AllOrderedPlugins = []string{
+	admit.PluginName,                        // AlwaysAdmit
+	autoprovision.PluginName,                // NamespaceAutoProvision
+	lifecycle.PluginName,                    // NamespaceLifecycle
+	exists.PluginName,                       // NamespaceExists
+	scdeny.PluginName,                       // SecurityContextDeny
+	antiaffinity.PluginName,                 // LimitPodHardAntiAffinityTopology
+	initialresources.PluginName,             // InitialResources
+	podpreset.PluginName,                    // PodPreset
+	limitranger.PluginName,                  // LimitRanger
+	serviceaccount.PluginName,               // ServiceAccount
+	noderestriction.PluginName,              // NodeRestriction
+	alwayspullimages.PluginName,             // AlwaysPullImages
+	imagepolicy.PluginName,                  // ImagePolicyWebhook
+	podsecuritypolicy.PluginName,            // PodSecurityPolicy
+	podnodeselector.PluginName,              // PodNodeSelector
+	podpriority.PluginName,                  // Priority
+	defaulttolerationseconds.PluginName,     // DefaultTolerationSeconds
+	podtolerationrestriction.PluginName,     // PodTolerationRestriction
+	exec.DenyEscalatingExec,                 // DenyEscalatingExec
+	exec.DenyExecOnPrivileged,               // DenyExecOnPrivileged
+	eventratelimit.PluginName,               // EventRateLimit
+	extendedresourcetoleration.PluginName,   // ExtendedResourceToleration
+	label.PluginName,                        // PersistentVolumeLabel
+	setdefault.PluginName,                   // DefaultStorageClass
+	storageobjectinuseprotection.PluginName, // StorageObjectInUseProtection
+	gc.PluginName,                           // OwnerReferencesPermissionEnforcement
+	resize.PluginName,                       // PersistentVolumeClaimResize
+	mutatingwebhook.PluginName,              // MutatingAdmissionWebhook
+	initialization.PluginName,               // Initializers
+	validatingwebhook.PluginName,            // ValidatingAdmissionWebhook
+	resourcequota.PluginName,                // ResourceQuota
+	deny.PluginName,                         // AlwaysDeny
+}
+
+// RegisterAllAdmissionPlugins registers all admission plugins and
+// sets the recommended plugins order.
+func RegisterAllAdmissionPlugins(plugins *admission.Plugins) {
+	admit.Register(plugins) // DEPRECATED as no real meaning
+	alwayspullimages.Register(plugins)
+	antiaffinity.Register(plugins)
+	defaulttolerationseconds.Register(plugins)
+	deny.Register(plugins) // DEPRECATED as no real meaning
+	eventratelimit.Register(plugins)
+	exec.Register(plugins)
+	extendedresourcetoleration.Register(plugins)
+	gc.Register(plugins)
+	imagepolicy.Register(plugins)
+	initialresources.Register(plugins)
+	limitranger.Register(plugins)
+	autoprovision.Register(plugins)
+	exists.Register(plugins)
+	noderestriction.Register(plugins)
+	label.Register(plugins) // DEPRECATED in favor of NewPersistentVolumeLabelController in CCM
+	podnodeselector.Register(plugins)
+	podpreset.Register(plugins)
+	podtolerationrestriction.Register(plugins)
+	resourcequota.Register(plugins)
+	podsecuritypolicy.Register(plugins)
+	podpriority.Register(plugins)
+	scdeny.Register(plugins)
+	serviceaccount.Register(plugins)
+	setdefault.Register(plugins)
+	resize.Register(plugins)
+	storageobjectinuseprotection.Register(plugins)
+}
+
+// DefaultOffAdmissionPlugins get admission plugins off by default for kube-apiserver.
+func DefaultOffAdmissionPlugins() sets.String {
+	defaultOnPlugins := sets.NewString(
+		lifecycle.PluginName,                //NamespaceLifecycle
+		limitranger.PluginName,              //LimitRanger
+		serviceaccount.PluginName,           //ServiceAccount
+		label.PluginName,                    //PersistentVolumeLabel
+		setdefault.PluginName,               //DefaultStorageClass
+		defaulttolerationseconds.PluginName, //DefaultTolerationSeconds
+		mutatingwebhook.PluginName,          //MutatingAdmissionWebhook
+		validatingwebhook.PluginName,        //ValidatingAdmissionWebhook
+		resourcequota.PluginName,            //ResourceQuota
+	)
+
+	return sets.NewString(AllOrderedPlugins...).Difference(defaultOnPlugins)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/serving.go b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/serving.go
index d3d2614921a9..cca398cd973a 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/serving.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubeapiserver/options/serving.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// Package options contains flags and options for initializing an apiserver
+// Package options contains flags and options for initializing kube-apiserver
 package options
 
 import (
@@ -31,17 +31,17 @@ import (
 	kubeserver "k8s.io/kubernetes/pkg/kubeapiserver/server"
 )
 
-// NewSecureServingOptions gives default values for the kube-apiserver and federation-apiserver which are not the options wanted by
+// NewSecureServingOptions gives default values for the kube-apiserver which are not the options wanted by
 // "normal" API servers running on the platform
-func NewSecureServingOptions() *genericoptions.SecureServingOptions {
-	return &genericoptions.SecureServingOptions{
+func NewSecureServingOptions() *genericoptions.SecureServingOptionsWithLoopback {
+	return genericoptions.WithLoopback(&genericoptions.SecureServingOptions{
 		BindAddress: net.ParseIP("0.0.0.0"),
 		BindPort:    6443,
 		ServerCert: genericoptions.GeneratableKeyCert{
 			PairName:      "apiserver",
 			CertDirectory: "/var/run/kubernetes",
 		},
-	}
+	})
 }
 
 // DefaultAdvertiseAddress sets the field AdvertiseAddress if
@@ -56,8 +56,8 @@ func DefaultAdvertiseAddress(s *genericoptions.ServerRunOptions, insecure *Insec
 	if s.AdvertiseAddress == nil || s.AdvertiseAddress.IsUnspecified() {
 		hostIP, err := insecure.DefaultExternalAddress()
 		if err != nil {
-			return fmt.Errorf("Unable to find suitable network address.error='%v'. "+
-				"Try to set the AdvertiseAddress directly or provide a valid BindAddress to fix this.", err)
+			return fmt.Errorf("unable to find suitable network address.error='%v'. "+
+				"Try to set the AdvertiseAddress directly or provide a valid BindAddress to fix this", err)
 		}
 		s.AdvertiseAddress = hostIP
 	}
@@ -85,7 +85,7 @@ func (s InsecureServingOptions) Validate(portArg string) []error {
 	errors := []error{}
 
 	if s.BindPort < 0 || s.BindPort > 65535 {
-		errors = append(errors, fmt.Errorf("--insecure-port %v must be between 0 and 65535, inclusive. 0 for turning off secure port.", s.BindPort))
+		errors = append(errors, fmt.Errorf("--insecure-port %v must be between 0 and 65535, inclusive. 0 for turning off insecure (HTTP) port", s.BindPort))
 	}
 
 	return errors
@@ -97,15 +97,18 @@ func (s *InsecureServingOptions) DefaultExternalAddress() (net.IP, error) {
 
 func (s *InsecureServingOptions) AddFlags(fs *pflag.FlagSet) {
 	fs.IPVar(&s.BindAddress, "insecure-bind-address", s.BindAddress, ""+
-		"The IP address on which to serve the --insecure-port (set to 0.0.0.0 for all interfaces).")
+		"The IP address on which to serve the --insecure-port (set to 0.0.0.0 for all IPv4 interfaces and :: for all IPv6 interfaces).")
+	fs.MarkDeprecated("insecure-bind-address", "This flag will be removed in a future version.")
 
 	fs.IntVar(&s.BindPort, "insecure-port", s.BindPort, ""+
 		"The port on which to serve unsecured, unauthenticated access. It is assumed "+
 		"that firewall rules are set up such that this port is not reachable from outside of "+
 		"the cluster and that port 443 on the cluster's public address is proxied to this "+
-		"port. This is performed by nginx in the default setup.")
+		"port. This is performed by nginx in the default setup. Set to zero to disable.")
+	fs.MarkDeprecated("insecure-port", "This flag will be removed in a future version.")
 }
 
+// TODO: remove it until kops stop using `--address`
 func (s *InsecureServingOptions) AddDeprecatedFlags(fs *pflag.FlagSet) {
 	fs.IPVar(&s.BindAddress, "address", s.BindAddress,
 		"DEPRECATED: see --insecure-bind-address instead.")
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/.import-restrictions b/vendor/k8s.io/kubernetes/pkg/kubectl/.import-restrictions
index 875f997dd52b..6d8fdf7cb8c2 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/.import-restrictions
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/.import-restrictions
@@ -117,6 +117,13 @@
                 "k8s.io/kubernetes/pkg/printers/internalversion",
                 "k8s.io/kubernetes/pkg/registry/rbac/reconciliation",
                 "k8s.io/kubernetes/pkg/registry/rbac/validation",
+                "k8s.io/kubernetes/pkg/scheduler/algorithm",
+                "k8s.io/kubernetes/pkg/scheduler/algorithm/predicates",
+                "k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util",
+                "k8s.io/kubernetes/pkg/scheduler/api",
+                "k8s.io/kubernetes/pkg/scheduler/schedulercache",
+                "k8s.io/kubernetes/pkg/scheduler/util",
+                "k8s.io/kubernetes/pkg/scheduler/volumebinder",
                 "k8s.io/kubernetes/pkg/security/apparmor",
                 "k8s.io/kubernetes/pkg/serviceaccount",
                 "k8s.io/kubernetes/pkg/util/file",
@@ -137,13 +144,7 @@
                 "k8s.io/kubernetes/pkg/version",
                 "k8s.io/kubernetes/pkg/version/prometheus",
                 "k8s.io/kubernetes/pkg/volume",
-                "k8s.io/kubernetes/pkg/volume/util",
-                "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm",
-                "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates",
-                "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util",
-                "k8s.io/kubernetes/plugin/pkg/scheduler/api",
-                "k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache",
-                "k8s.io/kubernetes/plugin/pkg/scheduler/util"
+                "k8s.io/kubernetes/pkg/volume/util"
 		],
 		"ForbiddenPrefixes": []
 	}]
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/BUILD b/vendor/k8s.io/kubernetes/pkg/kubectl/BUILD
index fd1a9876c1aa..7fe68ccde17e 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/BUILD
@@ -23,6 +23,7 @@ go_test(
         "quota_test.go",
         "resource_filter_test.go",
         "rolebinding_test.go",
+        "rollback_test.go",
         "rolling_updater_test.go",
         "rollout_status_test.go",
         "run_test.go",
@@ -35,17 +36,18 @@ go_test(
         "serviceaccount_test.go",
         "sorting_printer_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubectl",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/api/testapi:go_default_library",
         "//pkg/api/testing:go_default_library",
+        "//pkg/apis/apps:go_default_library",
         "//pkg/apis/batch:go_default_library",
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/extensions:go_default_library",
         "//pkg/client/clientset_generated/internalclientset:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/fake:go_default_library",
+        "//pkg/client/clientset_generated/internalclientset/typed/apps/internalversion:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/typed/batch/internalversion:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/typed/core/internalversion:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion:go_default_library",
@@ -53,6 +55,7 @@ go_test(
         "//pkg/printers:go_default_library",
         "//vendor/github.com/spf13/cobra:go_default_library",
         "//vendor/k8s.io/api/apps/v1beta1:go_default_library",
+        "//vendor/k8s.io/api/apps/v1beta2:go_default_library",
         "//vendor/k8s.io/api/autoscaling/v1:go_default_library",
         "//vendor/k8s.io/api/batch/v1:go_default_library",
         "//vendor/k8s.io/api/batch/v1beta1:go_default_library",
@@ -65,18 +68,24 @@ go_test(
         "//vendor/k8s.io/api/scheduling/v1alpha1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/meta:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/uuid:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
+        "//vendor/k8s.io/client-go/discovery:go_default_library",
+        "//vendor/k8s.io/client-go/discovery/fake:go_default_library",
+        "//vendor/k8s.io/client-go/dynamic:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes/fake:go_default_library",
         "//vendor/k8s.io/client-go/rest:go_default_library",
         "//vendor/k8s.io/client-go/rest/fake:go_default_library",
+        "//vendor/k8s.io/client-go/scale:go_default_library",
         "//vendor/k8s.io/client-go/testing:go_default_library",
         "//vendor/k8s.io/client-go/util/testing:go_default_library",
     ],
@@ -89,6 +98,7 @@ go_library(
         "autoscale.go",
         "bash_comp_utils.go",
         "clusterrolebinding.go",
+        "conditions.go",
         "configmap.go",
         "delete.go",
         "deployment.go",
@@ -116,11 +126,11 @@ go_library(
         "service_basic.go",
         "serviceaccount.go",
         "sorting_printer.go",
-        "versioned_client.go",
     ],
     importpath = "k8s.io/kubernetes/pkg/kubectl",
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
+        "//pkg/api/pod:go_default_library",
         "//pkg/api/v1/pod:go_default_library",
         "//pkg/apis/apps:go_default_library",
         "//pkg/apis/batch:go_default_library",
@@ -132,7 +142,6 @@ go_library(
         "//pkg/client/clientset_generated/internalclientset/typed/batch/internalversion:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/typed/core/internalversion:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion:go_default_library",
-        "//pkg/client/unversioned:go_default_library",
         "//pkg/controller/daemon:go_default_library",
         "//pkg/controller/deployment/util:go_default_library",
         "//pkg/controller/statefulset:go_default_library",
@@ -147,6 +156,7 @@ go_library(
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/spf13/cobra:go_default_library",
         "//vendor/github.com/spf13/pflag:go_default_library",
+        "//vendor/k8s.io/api/apps/v1:go_default_library",
         "//vendor/k8s.io/api/apps/v1beta1:go_default_library",
         "//vendor/k8s.io/api/autoscaling/v1:go_default_library",
         "//vendor/k8s.io/api/batch/v1:go_default_library",
@@ -163,7 +173,6 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/fields:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
@@ -178,9 +187,11 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes/typed/apps/v1:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1:go_default_library",
         "//vendor/k8s.io/client-go/rest:go_default_library",
+        "//vendor/k8s.io/client-go/scale:go_default_library",
         "//vendor/k8s.io/client-go/util/integer:go_default_library",
         "//vendor/k8s.io/client-go/util/jsonpath:go_default_library",
         "//vendor/k8s.io/client-go/util/retry:go_default_library",
@@ -209,7 +220,6 @@ filegroup(
         "//pkg/kubectl/proxy:all-srcs",
         "//pkg/kubectl/resource:all-srcs",
         "//pkg/kubectl/scheme:all-srcs",
-        "//pkg/kubectl/testing:all-srcs",
         "//pkg/kubectl/util:all-srcs",
         "//pkg/kubectl/validation:all-srcs",
     ],
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/apply.go b/vendor/k8s.io/kubernetes/pkg/kubectl/apply.go
index fc716369a13b..1e8f79caecdb 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/apply.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/apply.go
@@ -17,9 +17,9 @@ limitations under the License.
 package kubectl
 
 import (
+	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/meta"
 	"k8s.io/apimachinery/pkg/runtime"
-	api "k8s.io/kubernetes/pkg/apis/core"
 	"k8s.io/kubernetes/pkg/kubectl/resource"
 )
 
@@ -35,7 +35,7 @@ func GetOriginalConfiguration(mapping *meta.RESTMapping, obj runtime.Object) ([]
 		return nil, nil
 	}
 
-	original, ok := annots[api.LastAppliedConfigAnnotation]
+	original, ok := annots[v1.LastAppliedConfigAnnotation]
 	if !ok {
 		return nil, nil
 	}
@@ -60,7 +60,7 @@ func SetOriginalConfiguration(info *resource.Info, original []byte) error {
 		annots = map[string]string{}
 	}
 
-	annots[api.LastAppliedConfigAnnotation] = string(original)
+	annots[v1.LastAppliedConfigAnnotation] = string(original)
 	return info.Mapping.MetadataAccessor.SetAnnotations(info.Object, annots)
 }
 
@@ -85,8 +85,8 @@ func GetModifiedConfiguration(info *resource.Info, annotate bool, codec runtime.
 		annots = map[string]string{}
 	}
 
-	original := annots[api.LastAppliedConfigAnnotation]
-	delete(annots, api.LastAppliedConfigAnnotation)
+	original := annots[v1.LastAppliedConfigAnnotation]
+	delete(annots, v1.LastAppliedConfigAnnotation)
 	if err := accessor.SetAnnotations(info.Object, annots); err != nil {
 		return nil, err
 	}
@@ -97,7 +97,7 @@ func GetModifiedConfiguration(info *resource.Info, annotate bool, codec runtime.
 	}
 
 	if annotate {
-		annots[api.LastAppliedConfigAnnotation] = string(modified)
+		annots[v1.LastAppliedConfigAnnotation] = string(modified)
 		if err := info.Mapping.MetadataAccessor.SetAnnotations(info.Object, annots); err != nil {
 			return nil, err
 		}
@@ -109,7 +109,7 @@ func GetModifiedConfiguration(info *resource.Info, annotate bool, codec runtime.
 	}
 
 	// Restore the object to its original condition.
-	annots[api.LastAppliedConfigAnnotation] = original
+	annots[v1.LastAppliedConfigAnnotation] = original
 	if err := info.Mapping.MetadataAccessor.SetAnnotations(info.Object, annots); err != nil {
 		return nil, err
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/apps/BUILD b/vendor/k8s.io/kubernetes/pkg/kubectl/apps/BUILD
index e60af52bd6f0..81962245183f 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/apps/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/apps/BUILD
@@ -32,7 +32,6 @@ go_test(
         "apps_suite_test.go",
         "kind_visitor_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubectl/apps_test",
     deps = [
         ":go_default_library",
         "//vendor/github.com/onsi/ginkgo:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/autoscale.go b/vendor/k8s.io/kubernetes/pkg/kubectl/autoscale.go
index dcbfadde84ae..39c78ca31df2 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/autoscale.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/autoscale.go
@@ -18,98 +18,68 @@ package kubectl
 
 import (
 	"fmt"
-	"strconv"
 
 	autoscalingv1 "k8s.io/api/autoscaling/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 )
 
-type HorizontalPodAutoscalerV1 struct{}
-
-func (HorizontalPodAutoscalerV1) ParamNames() []GeneratorParam {
-	return []GeneratorParam{
-		{"default-name", true},
-		{"name", false},
-		{"scaleRef-kind", false},
-		{"scaleRef-name", false},
-		{"scaleRef-apiVersion", false},
-		{"min", false},
-		{"max", true},
-		{"cpu-percent", false},
-	}
+// HorizontalPodAutoscalerV1Generator supports stable generation of a horizontal pod autoscaler.
+type HorizontalPodAutoscalerGeneratorV1 struct {
+	Name               string
+	ScaleRefKind       string
+	ScaleRefName       string
+	ScaleRefApiVersion string
+	MinReplicas        int32
+	MaxReplicas        int32
+	CPUPercent         int32
 }
 
-func (HorizontalPodAutoscalerV1) Generate(genericParams map[string]interface{}) (runtime.Object, error) {
-	return generateHPA(genericParams)
-}
-
-func generateHPA(genericParams map[string]interface{}) (runtime.Object, error) {
-	params := map[string]string{}
-	for key, value := range genericParams {
-		strVal, isString := value.(string)
-		if !isString {
-			return nil, fmt.Errorf("expected string, saw %v for '%s'", value, key)
-		}
-		params[key] = strVal
-	}
+// Ensure it supports the generator pattern that uses parameters specified during construction.
+var _ StructuredGenerator = &HorizontalPodAutoscalerGeneratorV1{}
 
-	name, found := params["name"]
-	if !found || len(name) == 0 {
-		name, found = params["default-name"]
-		if !found || len(name) == 0 {
-			return nil, fmt.Errorf("'name' is a required parameter.")
-		}
-	}
-	minString, found := params["min"]
-	min := -1
-	var err error
-	if found {
-		if min, err = strconv.Atoi(minString); err != nil {
-			return nil, err
-		}
-	}
-	maxString, found := params["max"]
-	if !found {
-		return nil, fmt.Errorf("'max' is a required parameter.")
-	}
-	max, err := strconv.Atoi(maxString)
-	if err != nil {
+// StructuredGenerate outputs a horizontal pod autoscaler object using the configured fields.
+func (s *HorizontalPodAutoscalerGeneratorV1) StructuredGenerate() (runtime.Object, error) {
+	if err := s.validate(); err != nil {
 		return nil, err
 	}
 
-	if min > max {
-		return nil, fmt.Errorf("'max' must be greater than or equal to 'min'.")
-	}
-
-	cpuString, found := params["cpu-percent"]
-	cpu := -1
-	if found {
-		if cpu, err = strconv.Atoi(cpuString); err != nil {
-			return nil, err
-		}
-	}
-
 	scaler := autoscalingv1.HorizontalPodAutoscaler{
 		ObjectMeta: metav1.ObjectMeta{
-			Name: name,
+			Name: s.Name,
 		},
 		Spec: autoscalingv1.HorizontalPodAutoscalerSpec{
 			ScaleTargetRef: autoscalingv1.CrossVersionObjectReference{
-				Kind:       params["scaleRef-kind"],
-				Name:       params["scaleRef-name"],
-				APIVersion: params["scaleRef-apiVersion"],
+				Kind:       s.ScaleRefKind,
+				Name:       s.ScaleRefName,
+				APIVersion: s.ScaleRefApiVersion,
 			},
-			MaxReplicas: int32(max),
+			MaxReplicas: s.MaxReplicas,
 		},
 	}
-	if min > 0 {
-		v := int32(min)
+
+	if s.MinReplicas > 0 {
+		v := int32(s.MinReplicas)
 		scaler.Spec.MinReplicas = &v
 	}
-	if cpu >= 0 {
-		c := int32(cpu)
+	if s.CPUPercent >= 0 {
+		c := int32(s.CPUPercent)
 		scaler.Spec.TargetCPUUtilizationPercentage = &c
 	}
+
 	return &scaler, nil
 }
+
+// validate check if the caller has set the right fields.
+func (s HorizontalPodAutoscalerGeneratorV1) validate() error {
+	if len(s.Name) == 0 {
+		return fmt.Errorf("name must be specified")
+	}
+	if s.MaxReplicas < 1 {
+		return fmt.Errorf("'max' is a required parameter and must be at least 1")
+	}
+	if s.MinReplicas > s.MaxReplicas {
+		return fmt.Errorf("'max' must be greater than or equal to 'min'")
+	}
+	return nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/categories/BUILD b/vendor/k8s.io/kubernetes/pkg/kubectl/categories/BUILD
index d26c196dd582..2a7d7588ec37 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/categories/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/categories/BUILD
@@ -14,8 +14,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["categories_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubectl/categories",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/googleapis/gnostic/OpenAPIv2:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/categories/categories.go b/vendor/k8s.io/kubernetes/pkg/kubectl/categories/categories.go
index 4a669599af71..29bcc5d39482 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/categories/categories.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/categories/categories.go
@@ -21,10 +21,14 @@ import (
 	"k8s.io/client-go/discovery"
 )
 
+// CategoryExpander maps category strings to GroupResouces.
+// Categories are classification or 'tag' of a group of resources.
 type CategoryExpander interface {
 	Expand(category string) ([]schema.GroupResource, bool)
 }
 
+// SimpleCategoryExpander implements CategoryExpander interface
+// using a static mapping of categories to GroupResource mapping.
 type SimpleCategoryExpander struct {
 	Expansions map[string][]schema.GroupResource
 }
@@ -34,6 +38,8 @@ func (e SimpleCategoryExpander) Expand(category string) ([]schema.GroupResource,
 	return ret, ok
 }
 
+// discoveryCategoryExpander struct lets a REST Client wrapper (discoveryClient) to retrieve list of APIResourceList,
+// and then convert to fallbackExpander
 type discoveryCategoryExpander struct {
 	fallbackExpander CategoryExpander
 	discoveryClient  discovery.DiscoveryInterface
@@ -50,6 +56,7 @@ func NewDiscoveryCategoryExpander(fallbackExpander CategoryExpander, client disc
 }
 
 func (e discoveryCategoryExpander) Expand(category string) ([]schema.GroupResource, bool) {
+	// Get all supported resources for groups and versions from server, if no resource found, fallback anyway.
 	apiResourceLists, _ := e.discoveryClient.ServerResources()
 	if len(apiResourceLists) == 0 {
 		return e.fallbackExpander.Expand(category)
@@ -62,7 +69,7 @@ func (e discoveryCategoryExpander) Expand(category string) ([]schema.GroupResour
 		if err != nil {
 			return e.fallbackExpander.Expand(category)
 		}
-
+		// Collect GroupVersions by categories
 		for _, apiResource := range apiResourceList.APIResources {
 			if categories := apiResource.Categories; len(categories) > 0 {
 				for _, category := range categories {
@@ -86,14 +93,15 @@ func (e discoveryCategoryExpander) Expand(category string) ([]schema.GroupResour
 	return ret, ok
 }
 
+// discoveryFilteredExpander expands the given CategoryExpander (delegate) to filter group and resource returned from server
 type discoveryFilteredExpander struct {
 	delegate CategoryExpander
 
 	discoveryClient discovery.DiscoveryInterface
 }
 
-// NewDiscoveryFilteredExpander returns a category expander that filters the returned groupresources by
-// what the server has available
+// NewDiscoveryFilteredExpander returns a category expander that filters the returned groupresources
+// by what the server has available
 func NewDiscoveryFilteredExpander(delegate CategoryExpander, client discovery.DiscoveryInterface) (discoveryFilteredExpander, error) {
 	if client == nil {
 		panic("Please provide discovery client to shortcut expander")
@@ -129,12 +137,15 @@ func (e discoveryFilteredExpander) Expand(category string) ([]schema.GroupResour
 	return available, ok
 }
 
+// UnionCategoryExpander implements CategoryExpander interface.
+// It maps given category string to union of expansions returned by all the CategoryExpanders in the list.
 type UnionCategoryExpander []CategoryExpander
 
 func (u UnionCategoryExpander) Expand(category string) ([]schema.GroupResource, bool) {
 	ret := []schema.GroupResource{}
 	ok := false
 
+	// Expand the category for each CategoryExpander in the list and merge/combine the results.
 	for _, expansion := range u {
 		curr, currOk := expansion.Expand(category)
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/BUILD b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/BUILD
index bf458175abbb..5abbe5b5bae8 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/BUILD
@@ -30,7 +30,6 @@ go_library(
         "//pkg/apis/extensions:go_default_library",
         "//pkg/client/clientset_generated/internalclientset:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/typed/core/internalversion:go_default_library",
-        "//pkg/client/unversioned:go_default_library",
         "//pkg/controller:go_default_library",
         "//pkg/kubectl:go_default_library",
         "//pkg/kubectl/categories:go_default_library",
@@ -40,6 +39,7 @@ go_library(
         "//pkg/kubectl/plugins:go_default_library",
         "//pkg/kubectl/resource:go_default_library",
         "//pkg/kubectl/scheme:go_default_library",
+        "//pkg/kubectl/util/transport:go_default_library",
         "//pkg/kubectl/validation:go_default_library",
         "//pkg/printers:go_default_library",
         "//pkg/printers/internalversion:go_default_library",
@@ -53,6 +53,7 @@ go_library(
         "//vendor/k8s.io/api/apps/v1beta1:go_default_library",
         "//vendor/k8s.io/api/apps/v1beta2:go_default_library",
         "//vendor/k8s.io/api/batch/v1:go_default_library",
+        "//vendor/k8s.io/api/batch/v1beta1:go_default_library",
         "//vendor/k8s.io/api/batch/v2alpha1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
@@ -76,6 +77,7 @@ go_library(
         "//vendor/k8s.io/client-go/dynamic:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
         "//vendor/k8s.io/client-go/rest:go_default_library",
+        "//vendor/k8s.io/client-go/scale:go_default_library",
         "//vendor/k8s.io/client-go/tools/clientcmd:go_default_library",
         "//vendor/k8s.io/client-go/util/homedir:go_default_library",
         "//vendor/k8s.io/utils/exec:go_default_library",
@@ -94,8 +96,7 @@ go_test(
     data = [
         "//api/swagger-spec",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubectl/cmd/util",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     visibility = [
         "//build/visible_to:COMMON_testing",
     ],
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/clientcache.go b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/clientcache.go
index 124216d2e8f2..4019f0fbc249 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/clientcache.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/clientcache.go
@@ -24,8 +24,8 @@ import (
 	"k8s.io/client-go/kubernetes"
 	restclient "k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/clientcmd"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
 	"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
-	oldclient "k8s.io/kubernetes/pkg/client/unversioned"
 	"k8s.io/kubernetes/pkg/version"
 )
 
@@ -150,7 +150,7 @@ func (c *ClientCache) clientConfigForVersion(requiredVersion *schema.GroupVersio
 	}
 
 	// TODO this isn't what we want.  Each clientset should be setting defaults as it sees fit.
-	oldclient.SetKubernetesDefaults(&config)
+	setKubernetesDefaults(&config)
 
 	if requiredVersion != nil {
 		c.configs[*requiredVersion] = copyConfig(&config)
@@ -165,6 +165,22 @@ func (c *ClientCache) clientConfigForVersion(requiredVersion *schema.GroupVersio
 	return copyConfig(&config), nil
 }
 
+// setKubernetesDefaults sets default values on the provided client config for accessing the
+// Kubernetes API or returns an error if any of the defaults are impossible or invalid.
+func setKubernetesDefaults(config *restclient.Config) error {
+	if config.APIPath == "" {
+		config.APIPath = "/api"
+	}
+	// TODO chase down uses and tolerate nil
+	if config.GroupVersion == nil {
+		config.GroupVersion = &schema.GroupVersion{}
+	}
+	if config.NegotiatedSerializer == nil {
+		config.NegotiatedSerializer = legacyscheme.Codecs
+	}
+	return restclient.SetKubernetesDefaults(config)
+}
+
 func copyConfig(in *restclient.Config) *restclient.Config {
 	configCopy := *in
 	copyGroupVersion := *configCopy.GroupVersion
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/factory.go b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/factory.go
index f4c0799596f9..3cb44ab4db9b 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/factory.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/factory.go
@@ -18,7 +18,6 @@ package util
 
 import (
 	"fmt"
-	"io"
 	"sort"
 	"strconv"
 	"strings"
@@ -60,10 +59,10 @@ var (
 
 // Factory provides abstractions that allow the Kubectl command to be extended across multiple types
 // of resources and different API sets.
-// The rings are here for a reason.  In order for composers to be able to provide alternative factory implementations
+// The rings are here for a reason. In order for composers to be able to provide alternative factory implementations
 // they need to provide low level pieces of *certain* functions so that when the factory calls back into itself
-// it uses the custom version of the function.  Rather than try to enumerate everything that someone would want to override
-// we split the factory into rings, where each ring can depend on methods  an earlier ring, but cannot depend
+// it uses the custom version of the function. Rather than try to enumerate everything that someone would want to override
+// we split the factory into rings, where each ring can depend on methods in an earlier ring, but cannot depend
 // upon peer methods in its own ring.
 // TODO: make the functions interfaces
 // TODO: pass the various interfaces on the factory directly into the command constructors (so the
@@ -103,18 +102,6 @@ type ClientAccessFactory interface {
 	// just directions to the server. People use this to build RESTMappers on top of
 	BareClientConfig() (*restclient.Config, error)
 
-	// TODO remove.  This should be rolled into `ClientSet`
-	ClientSetForVersion(requiredVersion *schema.GroupVersion) (internalclientset.Interface, error)
-	// TODO remove.  This should be rolled into `ClientConfig`
-	ClientConfigForVersion(requiredVersion *schema.GroupVersion) (*restclient.Config, error)
-
-	// Returns interfaces for decoding objects - if toInternal is set, decoded objects will be converted
-	// into their internal form (if possible). Eventually the internal form will be removed as an option,
-	// and only versioned objects will be returned.
-	Decoder(toInternal bool) runtime.Decoder
-	// Returns an encoder capable of encoding a provided object into JSON in the default desired version.
-	JSONEncoder() runtime.Encoder
-
 	// UpdatePodSpecForObject will call the provided function on the pod spec this object supports,
 	// return false if no pod spec is supported, or return an error.
 	UpdatePodSpecForObject(obj runtime.Object, fn func(*v1.PodSpec) error) (bool, error)
@@ -146,14 +133,12 @@ type ClientAccessFactory interface {
 	// SuggestedPodTemplateResources returns a list of resource types that declare a pod template
 	SuggestedPodTemplateResources() []schema.GroupResource
 
-	// Returns a Printer for formatting objects of the given type or an error.
-	Printer(mapping *meta.RESTMapping, options printers.PrintOptions) (printers.ResourcePrinter, error)
 	// Pauser marks the object in the info as paused. Currently supported only for Deployments.
-	// Returns the patched object in bytes and any error that occured during the encoding or
+	// Returns the patched object in bytes and any error that occurred during the encoding or
 	// in case the object is already paused.
 	Pauser(info *resource.Info) ([]byte, error)
 	// Resumer resumes a paused object inside the info. Currently supported only for Deployments.
-	// Returns the patched object in bytes and any error that occured during the encoding or
+	// Returns the patched object in bytes and any error that occurred during the encoding or
 	// in case the object is already resumed.
 	Resumer(info *resource.Info) ([]byte, error)
 
@@ -177,12 +162,9 @@ type ClientAccessFactory interface {
 	// can range over in order to determine if the user has specified an editor
 	// of their choice.
 	EditorEnvs() []string
-
-	// PrintObjectSpecificMessage prints object-specific messages on the provided writer
-	PrintObjectSpecificMessage(obj runtime.Object, out io.Writer)
 }
 
-// ObjectMappingFactory holds the second level of factory methods.  These functions depend upon ClientAccessFactory methods.
+// ObjectMappingFactory holds the second level of factory methods. These functions depend upon ClientAccessFactory methods.
 // Generally they provide object typing and functions that build requests based on the negotiated clients.
 type ObjectMappingFactory interface {
 	// Returns interfaces for dealing with arbitrary runtime.Objects.
@@ -220,31 +202,13 @@ type ObjectMappingFactory interface {
 
 	// Returns a schema that can validate objects stored on disk.
 	Validator(validate bool) (validation.Schema, error)
-	// OpenAPISchema returns the schema openapi schema definiton
+	// OpenAPISchema returns the schema openapi schema definition
 	OpenAPISchema() (openapi.Resources, error)
 }
 
-// BuilderFactory holds the second level of factory methods.  These functions depend upon ObjectMappingFactory and ClientAccessFactory methods.
+// BuilderFactory holds the third level of factory methods. These functions depend upon ObjectMappingFactory and ClientAccessFactory methods.
 // Generally they depend upon client mapper functions
 type BuilderFactory interface {
-	// PrinterForCommand returns the default printer for the command. It requires that certain options
-	// are declared on the command (see AddPrinterFlags). Returns a printer, or an error if a printer
-	// could not be found.
-	PrinterForOptions(options *printers.PrintOptions) (printers.ResourcePrinter, error)
-	// PrinterForMapping returns a printer suitable for displaying the provided resource type.
-	// Requires that printer flags have been added to cmd (see AddPrinterFlags).
-	// Returns a printer, true if the printer is generic (is not internal), or
-	// an error if a printer could not be found.
-	PrinterForMapping(options *printers.PrintOptions, mapping *meta.RESTMapping) (printers.ResourcePrinter, error)
-	// PrintObject prints an api object given command line flags to modify the output format
-	PrintObject(cmd *cobra.Command, isLocal bool, mapper meta.RESTMapper, obj runtime.Object, out io.Writer) error
-	// PrintResourceInfoForCommand receives a *cobra.Command and a *resource.Info and
-	// attempts to print an info object based on the specified output format. If the
-	// object passed is non-generic, it attempts to print the object using a HumanReadablePrinter.
-	// Requires that printer flags have been added to cmd (see AddPrinterFlags).
-	PrintResourceInfoForCommand(cmd *cobra.Command, info *resource.Info, out io.Writer) error
-	// PrintSuccess prints message after finishing mutating operations
-	PrintSuccess(mapper meta.RESTMapper, shortOutput bool, out io.Writer, resource, name string, dryRun bool, operation string)
 	// NewBuilder returns an object that assists in loading objects from both disk and the server
 	// and which implements the common patterns for CLI interactions with generic resources.
 	NewBuilder() *resource.Builder
@@ -254,16 +218,6 @@ type BuilderFactory interface {
 	PluginRunner() plugins.PluginRunner
 }
 
-func getGroupVersionKinds(gvks []schema.GroupVersionKind, group string) []schema.GroupVersionKind {
-	result := []schema.GroupVersionKind{}
-	for ix := range gvks {
-		if gvks[ix].Group == group {
-			result = append(result, gvks[ix])
-		}
-	}
-	return result
-}
-
 type factory struct {
 	ClientAccessFactory
 	ObjectMappingFactory
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/factory_builder.go b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/factory_builder.go
index 2c433032e4ad..98407d179454 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/factory_builder.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/factory_builder.go
@@ -19,18 +19,11 @@ limitations under the License.
 package util
 
 import (
-	"fmt"
-	"io"
 	"os"
 
-	"github.com/spf13/cobra"
-
-	"k8s.io/apimachinery/pkg/api/meta"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
-	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/kubernetes/pkg/kubectl/plugins"
 	"k8s.io/kubernetes/pkg/kubectl/resource"
-	"k8s.io/kubernetes/pkg/printers"
 )
 
 type ring2Factory struct {
@@ -47,105 +40,6 @@ func NewBuilderFactory(clientAccessFactory ClientAccessFactory, objectMappingFac
 	return f
 }
 
-func (f *ring2Factory) PrinterForOptions(options *printers.PrintOptions) (printers.ResourcePrinter, error) {
-	var mapper meta.RESTMapper
-	var typer runtime.ObjectTyper
-
-	mapper, typer = f.objectMappingFactory.Object()
-
-	// TODO: used by the custom column implementation and the name implementation, break this dependency
-	decoders := []runtime.Decoder{f.clientAccessFactory.Decoder(true), unstructured.UnstructuredJSONScheme}
-	encoder := f.clientAccessFactory.JSONEncoder()
-	return PrinterForOptions(mapper, typer, encoder, decoders, options)
-}
-
-func (f *ring2Factory) PrinterForMapping(options *printers.PrintOptions, mapping *meta.RESTMapping) (printers.ResourcePrinter, error) {
-	printer, err := f.PrinterForOptions(options)
-	if err != nil {
-		return nil, err
-	}
-
-	// Make sure we output versioned data for generic printers
-	if printer.IsGeneric() {
-		if mapping == nil {
-			return nil, fmt.Errorf("no serialization format found")
-		}
-		version := mapping.GroupVersionKind.GroupVersion()
-		if version.Empty() {
-			return nil, fmt.Errorf("no serialization format found")
-		}
-
-		printer = printers.NewVersionedPrinter(printer, mapping.ObjectConvertor, version, mapping.GroupVersionKind.GroupVersion())
-
-	}
-
-	return printer, nil
-}
-
-func (f *ring2Factory) PrintSuccess(mapper meta.RESTMapper, shortOutput bool, out io.Writer, resource, name string, dryRun bool, operation string) {
-	resource, _ = mapper.ResourceSingularizer(resource)
-	dryRunMsg := ""
-	if dryRun {
-		dryRunMsg = " (dry run)"
-	}
-	if shortOutput {
-		// -o name: prints resource/name
-		if len(resource) > 0 {
-			fmt.Fprintf(out, "%s/%s\n", resource, name)
-		} else {
-			fmt.Fprintf(out, "%s\n", name)
-		}
-	} else {
-		// understandable output by default
-		if len(resource) > 0 {
-			fmt.Fprintf(out, "%s \"%s\" %s%s\n", resource, name, operation, dryRunMsg)
-		} else {
-			fmt.Fprintf(out, "\"%s\" %s%s\n", name, operation, dryRunMsg)
-		}
-	}
-}
-
-func (f *ring2Factory) PrintObject(cmd *cobra.Command, isLocal bool, mapper meta.RESTMapper, obj runtime.Object, out io.Writer) error {
-	// try to get a typed object
-	_, typer := f.objectMappingFactory.Object()
-	gvks, _, err := typer.ObjectKinds(obj)
-
-	if err != nil {
-		return err
-	}
-	// Prefer the existing external version if specified
-	var preferredVersion []string
-	if gvks[0].Version != "" && gvks[0].Version != runtime.APIVersionInternal {
-		preferredVersion = []string{gvks[0].Version}
-	}
-
-	mapping, err := mapper.RESTMapping(gvks[0].GroupKind(), preferredVersion...)
-	if err != nil {
-		return err
-	}
-
-	printer, err := f.PrinterForMapping(ExtractCmdPrintOptions(cmd, false), mapping)
-	if err != nil {
-		return err
-	}
-	return printer.PrintObj(obj, out)
-}
-
-func (f *ring2Factory) PrintResourceInfoForCommand(cmd *cobra.Command, info *resource.Info, out io.Writer) error {
-	printOpts := ExtractCmdPrintOptions(cmd, false)
-	printer, err := f.PrinterForOptions(printOpts)
-	if err != nil {
-		return err
-	}
-	if !printer.IsGeneric() {
-		printer, err = f.PrinterForMapping(printOpts, nil)
-		if err != nil {
-			return err
-		}
-	}
-	return printer.PrintObj(info.Object, out)
-}
-
 // NewBuilder returns a new resource builder for structured api objects.
 func (f *ring2Factory) NewBuilder() *resource.Builder {
 	clientMapperFunc := resource.ClientMapperFunc(f.objectMappingFactory.ClientForMapping)
@@ -160,7 +54,7 @@ func (f *ring2Factory) NewBuilder() *resource.Builder {
 			RESTMapper:   mapper,
 			ObjectTyper:  typer,
 			ClientMapper: clientMapperFunc,
-			Decoder:      f.clientAccessFactory.Decoder(true),
+			Decoder:      InternalVersionDecoder(),
 		},
 		&resource.Mapper{
 			RESTMapper:   mapper,
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/factory_client_access.go b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/factory_client_access.go
index bf354932a88d..4ca24730962c 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/factory_client_access.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/factory_client_access.go
@@ -23,6 +23,7 @@ import (
 	"flag"
 	"fmt"
 	"io"
+	"net/http"
 	"os"
 	"path/filepath"
 	"regexp"
@@ -38,6 +39,7 @@ import (
 	appsv1beta1 "k8s.io/api/apps/v1beta1"
 	appsv1beta2 "k8s.io/api/apps/v1beta2"
 	batchv1 "k8s.io/api/batch/v1"
+	batchv1beta1 "k8s.io/api/batch/v1beta1"
 	batchv2alpha1 "k8s.io/api/batch/v2alpha1"
 	extensionsv1beta1 "k8s.io/api/extensions/v1beta1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
@@ -58,8 +60,7 @@ import (
 	"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
 	"k8s.io/kubernetes/pkg/kubectl"
 	"k8s.io/kubernetes/pkg/kubectl/resource"
-	"k8s.io/kubernetes/pkg/printers"
-	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
+	"k8s.io/kubernetes/pkg/kubectl/util/transport"
 )
 
 type ring0Factory struct {
@@ -108,7 +109,15 @@ func (f *discoveryFactory) DiscoveryClient() (discovery.CachedDiscoveryInterface
 		return nil, err
 	}
 
-	cfg.CacheDir = f.cacheDir
+	if f.cacheDir != "" {
+		wt := cfg.WrapTransport
+		cfg.WrapTransport = func(rt http.RoundTripper) http.RoundTripper {
+			if wt != nil {
+				rt = wt(rt)
+			}
+			return transport.NewCacheRoundTripper(f.cacheDir, rt)
+		}
+	}
 
 	discoveryClient, err := discovery.NewDiscoveryClientForConfig(cfg)
 	if err != nil {
@@ -194,10 +203,6 @@ func (f *ring0Factory) ClientSet() (internalclientset.Interface, error) {
 	return f.clientCache.ClientSetForVersion(nil)
 }
 
-func (f *ring0Factory) ClientSetForVersion(requiredVersion *schema.GroupVersion) (internalclientset.Interface, error) {
-	return f.clientCache.ClientSetForVersion(requiredVersion)
-}
-
 func (f *ring0Factory) ClientConfig() (*restclient.Config, error) {
 	return f.clientCache.ClientConfigForVersion(nil)
 }
@@ -205,10 +210,6 @@ func (f *ring0Factory) BareClientConfig() (*restclient.Config, error) {
 	return f.clientConfig.ClientConfig()
 }
 
-func (f *ring0Factory) ClientConfigForVersion(requiredVersion *schema.GroupVersion) (*restclient.Config, error) {
-	return f.clientCache.ClientConfigForVersion(nil)
-}
-
 func (f *ring0Factory) RESTClient() (*restclient.RESTClient, error) {
 	clientConfig, err := f.clientCache.ClientConfigForVersion(nil)
 	if err != nil {
@@ -217,20 +218,6 @@ func (f *ring0Factory) RESTClient() (*restclient.RESTClient, error) {
 	return restclient.RESTClientFor(clientConfig)
 }
 
-func (f *ring0Factory) Decoder(toInternal bool) runtime.Decoder {
-	var decoder runtime.Decoder
-	if toInternal {
-		decoder = legacyscheme.Codecs.UniversalDecoder()
-	} else {
-		decoder = legacyscheme.Codecs.UniversalDeserializer()
-	}
-	return decoder
-}
-
-func (f *ring0Factory) JSONEncoder() runtime.Encoder {
-	return legacyscheme.Codecs.LegacyCodec(legacyscheme.Registry.EnabledVersions()...)
-}
-
 func (f *ring0Factory) UpdatePodSpecForObject(obj runtime.Object, fn func(*v1.PodSpec) error) (bool, error) {
 	// TODO: replace with a swagger schema based approach (identify pod template via schema introspection)
 	switch t := obj.(type) {
@@ -275,6 +262,11 @@ func (f *ring0Factory) UpdatePodSpecForObject(obj runtime.Object, fn func(*v1.Po
 	// Job
 	case *batchv1.Job:
 		return true, fn(&t.Spec.Template.Spec)
+	// CronJob
+	case *batchv1beta1.CronJob:
+		return true, fn(&t.Spec.JobTemplate.Spec.Template.Spec)
+	case *batchv2alpha1.CronJob:
+		return true, fn(&t.Spec.JobTemplate.Spec.Template.Spec)
 	default:
 		return false, fmt.Errorf("the object is not a pod or does not have a pod template")
 	}
@@ -425,12 +417,6 @@ func (f *ring0Factory) SuggestedPodTemplateResources() []schema.GroupResource {
 	}
 }
 
-func (f *ring0Factory) Printer(mapping *meta.RESTMapping, options printers.PrintOptions) (printers.ResourcePrinter, error) {
-	p := printers.NewHumanReadablePrinter(f.JSONEncoder(), f.Decoder(true), options)
-	printersinternal.AddHandlers(p)
-	return p, nil
-}
-
 func (f *ring0Factory) Pauser(info *resource.Info) ([]byte, error) {
 	switch obj := info.Object.(type) {
 	case *extensions.Deployment:
@@ -438,7 +424,7 @@ func (f *ring0Factory) Pauser(info *resource.Info) ([]byte, error) {
 			return nil, errors.New("is already paused")
 		}
 		obj.Spec.Paused = true
-		return runtime.Encode(f.JSONEncoder(), info.Object)
+		return runtime.Encode(InternalVersionJSONEncoder(), info.Object)
 	default:
 		return nil, fmt.Errorf("pausing is not supported")
 	}
@@ -455,7 +441,7 @@ func (f *ring0Factory) Resumer(info *resource.Info) ([]byte, error) {
 			return nil, errors.New("is not paused")
 		}
 		obj.Spec.Paused = false
-		return runtime.Encode(f.JSONEncoder(), info.Object)
+		return runtime.Encode(InternalVersionJSONEncoder(), info.Object)
 	default:
 		return nil, fmt.Errorf("resuming is not supported")
 	}
@@ -538,10 +524,6 @@ func DefaultGenerators(cmdName string) map[string]kubectl.Generator {
 			CronJobV2Alpha1GeneratorName:       kubectl.CronJobV2Alpha1{},
 			CronJobV1Beta1GeneratorName:        kubectl.CronJobV1Beta1{},
 		}
-	case "autoscale":
-		generator = map[string]kubectl.Generator{
-			HorizontalPodAutoscalerV1GeneratorName: kubectl.HorizontalPodAutoscalerV1{},
-		}
 	case "namespace":
 		generator = map[string]kubectl.Generator{
 			NamespaceV1GeneratorName: kubectl.NamespaceGeneratorV1{},
@@ -665,34 +647,6 @@ func (f *ring0Factory) EditorEnvs() []string {
 	return []string{"KUBE_EDITOR", "EDITOR"}
 }
 
-func (f *ring0Factory) PrintObjectSpecificMessage(obj runtime.Object, out io.Writer) {
-	switch obj := obj.(type) {
-	case *api.Service:
-		if obj.Spec.Type == api.ServiceTypeNodePort {
-			msg := fmt.Sprintf(
-				`You have exposed your service on an external port on all nodes in your
-cluster.  If you want to expose this service to the external internet, you may
-need to set up firewall rules for the service port(s) (%s) to serve traffic.
-
-See http://kubernetes.io/docs/user-guide/services-firewalls for more details.
-`,
-				makePortsString(obj.Spec.Ports, true))
-			out.Write([]byte(msg))
-		}
-
-		if _, ok := obj.Annotations[api.AnnotationLoadBalancerSourceRangesKey]; ok {
-			msg := fmt.Sprintf(
-				`You are using service annotation [service.beta.kubernetes.io/load-balancer-source-ranges].
-It has been promoted to field [loadBalancerSourceRanges] in service spec. This annotation will be deprecated in the future.
-Please use the loadBalancerSourceRanges field instead.
-
-See http://kubernetes.io/docs/user-guide/services-firewalls for more details.
-`)
-			out.Write([]byte(msg))
-		}
-	}
-}
-
 // overlyCautiousIllegalFileCharacters matches characters that *might* not be supported.  Windows is really restrictive, so this is really restrictive
 var overlyCautiousIllegalFileCharacters = regexp.MustCompile(`[^(\w/\.)]`)
 
@@ -705,3 +659,12 @@ func computeDiscoverCacheDir(parentDir, host string) string {
 
 	return filepath.Join(parentDir, safeHost)
 }
+
+// this method exists to help us find the points still relying on internal types.
+func InternalVersionDecoder() runtime.Decoder {
+	return legacyscheme.Codecs.UniversalDecoder()
+}
+
+func InternalVersionJSONEncoder() runtime.Encoder {
+	return legacyscheme.Codecs.LegacyCodec(legacyscheme.Registry.EnabledVersions()...)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/factory_object_mapping.go b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/factory_object_mapping.go
index dfd82d406c57..835fe7992985 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/factory_object_mapping.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/factory_object_mapping.go
@@ -37,12 +37,12 @@ import (
 	"k8s.io/client-go/discovery"
 	"k8s.io/client-go/dynamic"
 	restclient "k8s.io/client-go/rest"
+	scaleclient "k8s.io/client-go/scale"
 	"k8s.io/kubernetes/pkg/api/legacyscheme"
 	"k8s.io/kubernetes/pkg/apis/apps"
 	"k8s.io/kubernetes/pkg/apis/batch"
 	api "k8s.io/kubernetes/pkg/apis/core"
 	"k8s.io/kubernetes/pkg/apis/extensions"
-	client "k8s.io/kubernetes/pkg/client/unversioned"
 	"k8s.io/kubernetes/pkg/controller"
 	"k8s.io/kubernetes/pkg/kubectl"
 	"k8s.io/kubernetes/pkg/kubectl/categories"
@@ -131,7 +131,7 @@ func (f *ring1Factory) ClientForMapping(mapping *meta.RESTMapping) (resource.RES
 	if err != nil {
 		return nil, err
 	}
-	if err := client.SetKubernetesDefaults(cfg); err != nil {
+	if err := setKubernetesDefaults(cfg); err != nil {
 		return nil, err
 	}
 	gvk := mapping.GroupVersionKind
@@ -165,9 +165,7 @@ func (f *ring1Factory) UnstructuredClientForMapping(mapping *meta.RESTMapping) (
 }
 
 func (f *ring1Factory) Describer(mapping *meta.RESTMapping) (printers.Describer, error) {
-	mappingVersion := mapping.GroupVersionKind.GroupVersion()
-
-	clientset, err := f.clientAccessFactory.ClientSetForVersion(&mappingVersion)
+	clientset, err := f.clientAccessFactory.ClientSet()
 	if err != nil {
 		// if we can't make a client for this group/version, go generic if possible
 		if genericDescriber, genericErr := genericDescriber(f.clientAccessFactory, mapping); genericErr == nil {
@@ -218,7 +216,7 @@ func genericDescriber(clientAccessFactory ClientAccessFactory, mapping *meta.RES
 }
 
 func (f *ring1Factory) LogsForObject(object, options runtime.Object, timeout time.Duration) (*restclient.Request, error) {
-	clientset, err := f.clientAccessFactory.ClientSetForVersion(nil)
+	clientset, err := f.clientAccessFactory.ClientSet()
 	if err != nil {
 		return nil, err
 	}
@@ -281,17 +279,31 @@ func (f *ring1Factory) LogsForObject(object, options runtime.Object, timeout tim
 }
 
 func (f *ring1Factory) Scaler(mapping *meta.RESTMapping) (kubectl.Scaler, error) {
-	mappingVersion := mapping.GroupVersionKind.GroupVersion()
-	clientset, err := f.clientAccessFactory.ClientSetForVersion(&mappingVersion)
+	clientset, err := f.clientAccessFactory.ClientSet()
 	if err != nil {
 		return nil, err
 	}
-	return kubectl.ScalerFor(mapping.GroupVersionKind.GroupKind(), clientset)
+
+	// create scales getter
+	// TODO(p0lyn0mial): put scalesGetter to a factory
+	discoClient, err := f.clientAccessFactory.DiscoveryClient()
+	if err != nil {
+		return nil, err
+	}
+	restClient, err := f.clientAccessFactory.RESTClient()
+	if err != nil {
+		return nil, err
+	}
+	mapper, _ := f.Object()
+	resolver := scaleclient.NewDiscoveryScaleKindResolver(discoClient)
+	scalesGetter := scaleclient.New(restClient, mapper, dynamic.LegacyAPIPathResolverFunc, resolver)
+	gvk := mapping.GroupVersionKind.GroupVersion().WithResource(mapping.Resource)
+
+	return kubectl.ScalerFor(mapping.GroupVersionKind.GroupKind(), clientset.Batch(), scalesGetter, gvk.GroupResource()), nil
 }
 
 func (f *ring1Factory) Reaper(mapping *meta.RESTMapping) (kubectl.Reaper, error) {
-	mappingVersion := mapping.GroupVersionKind.GroupVersion()
-	clientset, clientsetErr := f.clientAccessFactory.ClientSetForVersion(&mappingVersion)
+	clientset, clientsetErr := f.clientAccessFactory.ClientSet()
 	reaper, reaperErr := kubectl.ReaperFor(mapping.GroupVersionKind.GroupKind(), clientset)
 
 	if kubectl.IsNoSuchReaperError(reaperErr) {
@@ -350,7 +362,7 @@ func (f *ring1Factory) ApproximatePodTemplateForObject(object runtime.Object) (*
 }
 
 func (f *ring1Factory) AttachablePodForObject(object runtime.Object, timeout time.Duration) (*api.Pod, error) {
-	clientset, err := f.clientAccessFactory.ClientSetForVersion(nil)
+	clientset, err := f.clientAccessFactory.ClientSet()
 	if err != nil {
 		return nil, err
 	}
@@ -386,6 +398,13 @@ func (f *ring1Factory) AttachablePodForObject(object runtime.Object, timeout tim
 			return nil, fmt.Errorf("invalid label selector: %v", err)
 		}
 
+	case *api.Service:
+		namespace = t.Namespace
+		if t.Spec.Selector == nil || len(t.Spec.Selector) == 0 {
+			return nil, fmt.Errorf("invalid service '%s': Service is defined without a selector", t.Name)
+		}
+		selector = labels.SelectorFromSet(t.Spec.Selector)
+
 	case *api.Pod:
 		return t, nil
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/helpers.go b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/helpers.go
index b982d86b8734..5a5409c5f57f 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/helpers.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/helpers.go
@@ -401,7 +401,7 @@ func AddValidateFlags(cmd *cobra.Command) {
 }
 
 func AddValidateOptionFlags(cmd *cobra.Command, options *ValidateOptions) {
-	cmd.Flags().BoolVar(&options.EnableValidation, "validate", true, "If true, use a schema to validate the input before sending it")
+	cmd.Flags().BoolVar(&options.EnableValidation, "validate", options.EnableValidation, "If true, use a schema to validate the input before sending it")
 }
 
 func AddFilenameOptionFlags(cmd *cobra.Command, options *resource.FilenameOptions, usage string) {
@@ -427,7 +427,7 @@ func AddApplyAnnotationFlags(cmd *cobra.Command) {
 }
 
 func AddApplyAnnotationVarFlags(cmd *cobra.Command, applyAnnotation *bool) {
-	cmd.Flags().BoolVar(applyAnnotation, ApplyAnnotationsFlag, false, "If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future.")
+	cmd.Flags().BoolVar(applyAnnotation, ApplyAnnotationsFlag, *applyAnnotation, "If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future.")
 }
 
 // AddGeneratorFlags adds flags common to resource generation commands
@@ -524,7 +524,7 @@ func AddRecordFlag(cmd *cobra.Command) {
 }
 
 func AddRecordVarFlag(cmd *cobra.Command, record *bool) {
-	cmd.Flags().BoolVar(record, "record", false, "Record current kubectl command in the resource annotation. If set to false, do not record the command. If set to true, record the command. If not set, default to updating the existing annotation value only if one already exists.")
+	cmd.Flags().BoolVar(record, "record", *record, "Record current kubectl command in the resource annotation. If set to false, do not record the command. If set to true, record the command. If not set, default to updating the existing annotation value only if one already exists.")
 }
 
 func GetRecordFlag(cmd *cobra.Command) bool {
@@ -601,7 +601,7 @@ func AddInclude3rdPartyFlags(cmd *cobra.Command) {
 }
 
 func AddInclude3rdPartyVarFlags(cmd *cobra.Command, include3rdParty *bool) {
-	cmd.Flags().BoolVar(include3rdParty, "include-extended-apis", true, "If true, include definitions of new APIs via calls to the API server. [default true]")
+	cmd.Flags().BoolVar(include3rdParty, "include-extended-apis", *include3rdParty, "If true, include definitions of new APIs via calls to the API server. [default true]")
 	cmd.Flags().MarkDeprecated("include-extended-apis", "No longer required.")
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/openapi/BUILD b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/openapi/BUILD
index 149567c293eb..bb6b3e240485 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/openapi/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/openapi/BUILD
@@ -33,7 +33,6 @@ go_test(
         "openapi_test.go",
     ],
     data = ["//api/openapi-spec:swagger-spec"],
-    importpath = "k8s.io/kubernetes/pkg/kubectl/cmd/util/openapi_test",
     deps = [
         ":go_default_library",
         "//pkg/kubectl/cmd/util/openapi/testing:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/openapi/openapi.go b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/openapi/openapi.go
index fef6a187ba64..80164862198d 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/openapi/openapi.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/openapi/openapi.go
@@ -56,9 +56,11 @@ func NewOpenAPIData(doc *openapi_v2.Document) (Resources, error) {
 		if model == nil {
 			panic("ListModels returns a model that can't be looked-up.")
 		}
-		gvk := parseGroupVersionKind(model)
-		if len(gvk.Kind) > 0 {
-			resources[gvk] = modelName
+		gvkList := parseGroupVersionKind(model)
+		for _, gvk := range gvkList {
+			if len(gvk.Kind) > 0 {
+				resources[gvk] = modelName
+			}
 		}
 	}
 
@@ -77,48 +79,49 @@ func (d *document) LookupResource(gvk schema.GroupVersionKind) proto.Schema {
 }
 
 // Get and parse GroupVersionKind from the extension. Returns empty if it doesn't have one.
-func parseGroupVersionKind(s proto.Schema) schema.GroupVersionKind {
+func parseGroupVersionKind(s proto.Schema) []schema.GroupVersionKind {
 	extensions := s.GetExtensions()
 
+	gvkListResult := []schema.GroupVersionKind{}
+
 	// Get the extensions
 	gvkExtension, ok := extensions[groupVersionKindExtensionKey]
 	if !ok {
-		return schema.GroupVersionKind{}
+		return []schema.GroupVersionKind{}
 	}
 
-	// gvk extension must be a list of 1 element.
+	// gvk extension must be a list of at least 1 element.
 	gvkList, ok := gvkExtension.([]interface{})
 	if !ok {
-		return schema.GroupVersionKind{}
+		return []schema.GroupVersionKind{}
 	}
-	if len(gvkList) != 1 {
-		return schema.GroupVersionKind{}
 
-	}
-	gvk := gvkList[0]
+	for _, gvk := range gvkList {
+		// gvk extension list must be a map with group, version, and
+		// kind fields
+		gvkMap, ok := gvk.(map[interface{}]interface{})
+		if !ok {
+			continue
+		}
+		group, ok := gvkMap["group"].(string)
+		if !ok {
+			continue
+		}
+		version, ok := gvkMap["version"].(string)
+		if !ok {
+			continue
+		}
+		kind, ok := gvkMap["kind"].(string)
+		if !ok {
+			continue
+		}
 
-	// gvk extension list must be a map with group, version, and
-	// kind fields
-	gvkMap, ok := gvk.(map[interface{}]interface{})
-	if !ok {
-		return schema.GroupVersionKind{}
-	}
-	group, ok := gvkMap["group"].(string)
-	if !ok {
-		return schema.GroupVersionKind{}
-	}
-	version, ok := gvkMap["version"].(string)
-	if !ok {
-		return schema.GroupVersionKind{}
-	}
-	kind, ok := gvkMap["kind"].(string)
-	if !ok {
-		return schema.GroupVersionKind{}
+		gvkListResult = append(gvkListResult, schema.GroupVersionKind{
+			Group:   group,
+			Version: version,
+			Kind:    kind,
+		})
 	}
 
-	return schema.GroupVersionKind{
-		Group:   group,
-		Version: version,
-		Kind:    kind,
-	}
+	return gvkListResult
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/openapi/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/openapi/validation/BUILD
index cf05b074a9a9..b1fa6fb0ae07 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/openapi/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/openapi/validation/BUILD
@@ -27,8 +27,7 @@ go_test(
         "validation_test.go",
     ],
     data = ["//api/openapi-spec:swagger-spec"],
-    importpath = "k8s.io/kubernetes/pkg/kubectl/cmd/util/openapi/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/testapi:go_default_library",
         "//pkg/kubectl/cmd/util/openapi:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/printing.go b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/printing.go
index d978b9ef96c8..fa33f25a3650 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/printing.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/printing.go
@@ -18,16 +18,20 @@ package util
 
 import (
 	"fmt"
+	"io"
 	"strings"
 
 	"k8s.io/apimachinery/pkg/api/meta"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/kubernetes/pkg/kubectl"
 	"k8s.io/kubernetes/pkg/kubectl/cmd/templates"
+	kubectlscheme "k8s.io/kubernetes/pkg/kubectl/scheme"
 	"k8s.io/kubernetes/pkg/printers"
 	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
 
 	"github.com/spf13/cobra"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
 )
 
 // AddPrinterFlags adds printing related flags to a command (e.g. output format, no headers, template path)
@@ -48,7 +52,8 @@ func AddNonDeprecatedPrinterFlags(cmd *cobra.Command) {
 	cmd.Flags().String("template", "", "Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].")
 	cmd.MarkFlagFilename("template")
 	cmd.Flags().String("sort-by", "", "If non-empty, sort list types using this field specification.  The field specification is expressed as a JSONPath expression (e.g. '{.metadata.name}'). The field in the API resource specified by this JSONPath expression must be an integer or a string.")
-	cmd.Flags().BoolP("show-all", "a", false, "When printing, show all resources (default hide terminated pods.)")
+	cmd.Flags().BoolP("show-all", "a", true, "When printing, show all resources (default show all pods including terminated one.)")
+	cmd.Flags().MarkDeprecated("show-all", "will be removed in an upcoming release")
 }
 
 // AddOutputFlagsForMutation adds output related flags to a command. Used by mutations only.
@@ -58,7 +63,7 @@ func AddOutputFlagsForMutation(cmd *cobra.Command) {
 
 // AddOutputVarFlagsForMutation adds output related flags to a command. Used by mutations only.
 func AddOutputVarFlagsForMutation(cmd *cobra.Command, output *string) {
-	cmd.Flags().StringVarP(output, "output", "o", "", "Output mode. Use \"-o name\" for shorter output (resource/name).")
+	cmd.Flags().StringVarP(output, "output", "o", *output, "Output mode. Use \"-o name\" for shorter output (resource/name).")
 }
 
 // AddOutputFlags adds output related flags to a command.
@@ -81,11 +86,59 @@ func ValidateOutputArgs(cmd *cobra.Command) error {
 	return nil
 }
 
+// PrintSuccess prints a success message and can do a "-o name" as "shortOutput"
+// TODO this should really just be a printer.  It's got just about the exact same signature.
+func PrintSuccess(shortOutput bool, out io.Writer, obj runtime.Object, dryRun bool, operation string) {
+	dryRunMsg := ""
+	if dryRun {
+		dryRunMsg = " (dry run)"
+	}
+
+	// match name printer format
+	name := "<unknown>"
+	if acc, err := meta.Accessor(obj); err == nil {
+		if n := acc.GetName(); len(n) > 0 {
+			name = n
+		}
+	}
+
+	// legacy scheme to be sure we work ok with internal types.
+	// TODO internal types aren't supposed to exist here
+	groupKind := printers.GetObjectGroupKind(obj, legacyscheme.Scheme)
+	kindString := fmt.Sprintf("%s.%s", strings.ToLower(groupKind.Kind), groupKind.Group)
+	if len(groupKind.Group) == 0 {
+		kindString = strings.ToLower(groupKind.Kind)
+	}
+
+	if shortOutput {
+		// -o name: prints resource/name
+		fmt.Fprintf(out, "%s/%s\n", kindString, name)
+		return
+	}
+
+	// understandable output by default
+	fmt.Fprintf(out, "%s \"%s\" %s%s\n", kindString, name, operation, dryRunMsg)
+}
+
+// PrintObject prints a single object based on the default command options
+// TODO this should go away once commands can embed the PrintOptions instead
+func PrintObject(cmd *cobra.Command, obj runtime.Object, out io.Writer) error {
+	printer, err := PrinterForOptions(ExtractCmdPrintOptions(cmd, false))
+	if err != nil {
+		return err
+	}
+	return printer.PrintObj(obj, out)
+}
+
 // PrinterForOptions returns the printer for the outputOptions (if given) or
-// returns the default printer for the command. Requires that printer flags have
-// been added to cmd (see AddPrinterFlags).
-func PrinterForOptions(mapper meta.RESTMapper, typer runtime.ObjectTyper, encoder runtime.Encoder, decoders []runtime.Decoder, options *printers.PrintOptions) (printers.ResourcePrinter, error) {
-	printer, err := printers.GetStandardPrinter(mapper, typer, encoder, decoders, *options)
+// returns the default printer for the command.
+// TODO this should become a function on the PrintOptions struct
+func PrinterForOptions(options *printers.PrintOptions) (printers.ResourcePrinter, error) {
+	// TODO: used by the custom column implementation and the name implementation, break this dependency
+	decoders := []runtime.Decoder{kubectlscheme.Codecs.UniversalDecoder(), unstructured.UnstructuredJSONScheme}
+	encoder := kubectlscheme.Codecs.LegacyCodec(kubectlscheme.Registry.EnabledVersions()...)
+
+	printer, err := printers.GetStandardPrinter(kubectlscheme.Scheme, encoder, decoders, *options)
 	if err != nil {
 		return nil, err
 	}
@@ -93,11 +146,18 @@ func PrinterForOptions(mapper meta.RESTMapper, typer runtime.ObjectTyper, encode
 	// we try to convert to HumanReadablePrinter, if return ok, it must be no generic
 	// we execute AddHandlers() here before maybeWrapSortingPrinter so that we don't
 	// need to convert to delegatePrinter again then invoke AddHandlers()
-	if humanReadablePrinter, ok := printer.(*printers.HumanReadablePrinter); ok {
+	// TODO this looks highly questionable.  human readable printers are baked into code.  This can just live in the definition of the handler itself
+	// TODO or be registered there
+	if humanReadablePrinter, ok := printer.(printers.PrintHandler); ok {
 		printersinternal.AddHandlers(humanReadablePrinter)
 	}
 
-	return maybeWrapSortingPrinter(printer, *options), nil
+	printer = maybeWrapSortingPrinter(printer, *options)
+
+	// wrap the printer in a versioning printer that understands when to convert and when not to convert
+	printer = printers.NewVersionedPrinter(printer, legacyscheme.Scheme, legacyscheme.Scheme, kubectlscheme.Versions...)
+
+	return printer, nil
 }
 
 // ExtractCmdPrintOptions parses printer specific commandline args and
@@ -223,3 +283,15 @@ func ValidResourceTypeList(f ClientAccessFactory) string {
 	
 	`)
 }
+
+// Retrieve a list of handled resources from printer as valid args
+// TODO: This function implementation should be replaced with a real implementation from the discovery service.
+func ValidArgList(f ClientAccessFactory) []string {
+	validArgs := []string{}
+
+	humanReadablePrinter := printers.NewHumanReadablePrinter(nil, nil, printers.PrintOptions{})
+	printersinternal.AddHandlers(humanReadablePrinter)
+	validArgs = humanReadablePrinter.HandledResources()
+
+	return validArgs
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/shortcut_restmapper.go b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/shortcut_restmapper.go
index c5ecfa84b123..2ef8ce02bd62 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/shortcut_restmapper.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/util/shortcut_restmapper.go
@@ -22,6 +22,7 @@ import (
 	"github.com/golang/glog"
 
 	"k8s.io/apimachinery/pkg/api/meta"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/client-go/discovery"
 	"k8s.io/kubernetes/pkg/kubectl"
@@ -72,7 +73,7 @@ func (e shortcutExpander) RESTMappings(gk schema.GroupKind, versions ...string)
 // First the list of potential resources will be taken from the API server.
 // Next we will append the hardcoded list of resources - to be backward compatible with old servers.
 // NOTE that the list is ordered by group priority.
-func (e shortcutExpander) getShortcutMappings() ([]kubectl.ResourceShortcuts, error) {
+func (e shortcutExpander) getShortcutMappings() ([]*metav1.APIResourceList, []kubectl.ResourceShortcuts, error) {
 	res := []kubectl.ResourceShortcuts{}
 	// get server resources
 	// This can return an error *and* the results it was able to find.  We don't need to fail on the error.
@@ -81,13 +82,13 @@ func (e shortcutExpander) getShortcutMappings() ([]kubectl.ResourceShortcuts, er
 		glog.V(1).Infof("Error loading discovery information: %v", err)
 	}
 	for _, apiResources := range apiResList {
+		gv, err := schema.ParseGroupVersion(apiResources.GroupVersion)
+		if err != nil {
+			glog.V(1).Infof("Unable to parse groupversion = %s due to = %s", apiResources.GroupVersion, err.Error())
+			continue
+		}
 		for _, apiRes := range apiResources.APIResources {
 			for _, shortName := range apiRes.ShortNames {
-				gv, err := schema.ParseGroupVersion(apiResources.GroupVersion)
-				if err != nil {
-					glog.V(1).Infof("Unable to parse groupversion = %s due to = %s", apiResources.GroupVersion, err.Error())
-					continue
-				}
 				rs := kubectl.ResourceShortcuts{
 					ShortForm: schema.GroupResource{Group: gv.Group, Resource: shortName},
 					LongForm:  schema.GroupResource{Group: gv.Group, Resource: apiRes.Name},
@@ -99,7 +100,7 @@ func (e shortcutExpander) getShortcutMappings() ([]kubectl.ResourceShortcuts, er
 
 	// append hardcoded short forms at the end of the list
 	res = append(res, kubectl.ResourcesShortcutStatic...)
-	return res, nil
+	return apiResList, res, nil
 }
 
 // expandResourceShortcut will return the expanded version of resource
@@ -108,13 +109,33 @@ func (e shortcutExpander) getShortcutMappings() ([]kubectl.ResourceShortcuts, er
 // Lastly we will return resource unmodified.
 func (e shortcutExpander) expandResourceShortcut(resource schema.GroupVersionResource) schema.GroupVersionResource {
 	// get the shortcut mappings and return on first match.
-	if resources, err := e.getShortcutMappings(); err == nil {
-		for _, item := range resources {
+	if allResources, shortcutResources, err := e.getShortcutMappings(); err == nil {
+		// avoid expanding if there's an exact match to a full resource name
+		for _, apiResources := range allResources {
+			gv, err := schema.ParseGroupVersion(apiResources.GroupVersion)
+			if err != nil {
+				continue
+			}
+			if len(resource.Group) != 0 && resource.Group != gv.Group {
+				continue
+			}
+			for _, apiRes := range apiResources.APIResources {
+				if resource.Resource == apiRes.Name {
+					return resource
+				}
+				if resource.Resource == apiRes.SingularName {
+					return resource
+				}
+			}
+		}
+
+		for _, item := range shortcutResources {
 			if len(resource.Group) != 0 && resource.Group != item.ShortForm.Group {
 				continue
 			}
 			if resource.Resource == item.ShortForm.Resource {
 				resource.Resource = item.LongForm.Resource
+				resource.Group = item.LongForm.Group
 				return resource
 			}
 		}
@@ -123,12 +144,13 @@ func (e shortcutExpander) expandResourceShortcut(resource schema.GroupVersionRes
 		if len(resource.Group) == 0 {
 			return resource
 		}
-		for _, item := range resources {
+		for _, item := range shortcutResources {
 			if !strings.HasPrefix(item.ShortForm.Group, resource.Group) {
 				continue
 			}
 			if resource.Resource == item.ShortForm.Resource {
 				resource.Resource = item.LongForm.Resource
+				resource.Group = item.LongForm.Group
 				return resource
 			}
 		}
diff --git a/vendor/k8s.io/kubernetes/pkg/client/unversioned/conditions.go b/vendor/k8s.io/kubernetes/pkg/kubectl/conditions.go
similarity index 99%
rename from vendor/k8s.io/kubernetes/pkg/client/unversioned/conditions.go
rename to vendor/k8s.io/kubernetes/pkg/kubectl/conditions.go
index 042d13a6fa8c..666b248f416a 100644
--- a/vendor/k8s.io/kubernetes/pkg/client/unversioned/conditions.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/conditions.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package unversioned
+package kubectl
 
 import (
 	"fmt"
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/configmap.go b/vendor/k8s.io/kubernetes/pkg/kubectl/configmap.go
index 8d1ef5281ede..ba4ac1ee2026 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/configmap.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/configmap.go
@@ -22,6 +22,7 @@ import (
 	"os"
 	"path"
 	"strings"
+	"unicode/utf8"
 
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -130,6 +131,7 @@ func (s ConfigMapGeneratorV1) StructuredGenerate() (runtime.Object, error) {
 	configMap := &v1.ConfigMap{}
 	configMap.Name = s.Name
 	configMap.Data = map[string]string{}
+	configMap.BinaryData = map[string][]byte{}
 	if len(s.FileSources) > 0 {
 		if err := handleConfigMapFromFileSources(configMap, s.FileSources); err != nil {
 			return nil, err
@@ -255,19 +257,41 @@ func addKeyFromFileToConfigMap(configMap *v1.ConfigMap, keyName, filePath string
 	if err != nil {
 		return err
 	}
-	return addKeyFromLiteralToConfigMap(configMap, keyName, string(data))
+
+	if utf8.Valid(data) {
+		return addKeyFromLiteralToConfigMap(configMap, keyName, string(data))
+	}
+
+	err = validateNewConfigMap(configMap, keyName)
+	if err != nil {
+		return err
+	}
+	configMap.BinaryData[keyName] = data
+	return nil
 }
 
 // addKeyFromLiteralToConfigMap adds the given key and data to the given config map,
 // returning an error if the key is not valid or if the key already exists.
 func addKeyFromLiteralToConfigMap(configMap *v1.ConfigMap, keyName, data string) error {
+	err := validateNewConfigMap(configMap, keyName)
+	if err != nil {
+		return err
+	}
+	configMap.Data[keyName] = data
+	return nil
+}
+
+func validateNewConfigMap(configMap *v1.ConfigMap, keyName string) error {
 	// Note, the rules for ConfigMap keys are the exact same as the ones for SecretKeys.
 	if errs := validation.IsConfigMapKey(keyName); len(errs) != 0 {
 		return fmt.Errorf("%q is not a valid key name for a ConfigMap: %s", keyName, strings.Join(errs, ";"))
 	}
-	if _, entryExists := configMap.Data[keyName]; entryExists {
-		return fmt.Errorf("cannot add key %s, another key by that name already exists: %v.", keyName, configMap.Data)
+
+	if _, exists := configMap.Data[keyName]; exists {
+		return fmt.Errorf("cannot add key %s, another key by that name already exists in data: %v", keyName, configMap.Data)
+	}
+	if _, exists := configMap.BinaryData[keyName]; exists {
+		return fmt.Errorf("cannot add key %s, another key by that name already exists in binaryData: %v", keyName, configMap.BinaryData)
 	}
-	configMap.Data[keyName] = data
 	return nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/delete.go b/vendor/k8s.io/kubernetes/pkg/kubectl/delete.go
index 1522f71b68eb..2c8e32676932 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/delete.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/delete.go
@@ -347,7 +347,7 @@ func (reaper *StatefulSetReaper) Stop(namespace, name string, timeout time.Durat
 func (reaper *JobReaper) Stop(namespace, name string, timeout time.Duration, gracePeriod *metav1.DeleteOptions) error {
 	jobs := reaper.client.Jobs(namespace)
 	pods := reaper.podClient.Pods(namespace)
-	scaler := &JobScaler{reaper.client}
+	scaler := ScalerFor(schema.GroupKind{Group: batch.GroupName, Kind: "Job"}, reaper.client, nil, schema.GroupResource{})
 	job, err := jobs.Get(name, metav1.GetOptions{})
 	if err != nil {
 		return err
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/env_file.go b/vendor/k8s.io/kubernetes/pkg/kubectl/env_file.go
index 19598d5354a4..8221d5936cd1 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/env_file.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/env_file.go
@@ -81,7 +81,7 @@ func addFromEnvFile(filePath string, addTo func(key, value string) error) error
 	scanner := bufio.NewScanner(f)
 	currentLine := 0
 	for scanner.Scan() {
-		// Proccess the current line, retrieving a key/value pair if
+		// Process the current line, retrieving a key/value pair if
 		// possible.
 		scannedBytes := scanner.Bytes()
 		key, value, err := proccessEnvFileLine(scannedBytes, filePath, currentLine)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/history.go b/vendor/k8s.io/kubernetes/pkg/kubectl/history.go
index 36f95776d231..9344e194ad86 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/history.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/history.go
@@ -22,9 +22,9 @@ import (
 	"io"
 	"text/tabwriter"
 
-	appsv1beta1 "k8s.io/api/apps/v1beta1"
+	appsv1 "k8s.io/api/apps/v1"
 	"k8s.io/api/core/v1"
-	extensionsv1beta1 "k8s.io/api/extensions/v1beta1"
+
 	"k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
@@ -33,8 +33,7 @@ import (
 	"k8s.io/apimachinery/pkg/util/json"
 	"k8s.io/apimachinery/pkg/util/strategicpatch"
 	"k8s.io/client-go/kubernetes"
-	clientappsv1beta1 "k8s.io/client-go/kubernetes/typed/apps/v1beta1"
-	clientextv1beta1 "k8s.io/client-go/kubernetes/typed/extensions/v1beta1"
+	clientappsv1 "k8s.io/client-go/kubernetes/typed/apps/v1"
 	api "k8s.io/kubernetes/pkg/apis/core"
 	apiv1 "k8s.io/kubernetes/pkg/apis/core/v1"
 	deploymentutil "k8s.io/kubernetes/pkg/controller/deployment/util"
@@ -185,11 +184,11 @@ type DaemonSetHistoryViewer struct {
 // ViewHistory returns a revision-to-history map as the revision history of a deployment
 // TODO: this should be a describer
 func (h *DaemonSetHistoryViewer) ViewHistory(namespace, name string, revision int64) (string, error) {
-	ds, history, err := daemonSetHistory(h.c.ExtensionsV1beta1(), h.c.AppsV1beta1(), namespace, name)
+	ds, history, err := daemonSetHistory(h.c.AppsV1(), namespace, name)
 	if err != nil {
 		return "", err
 	}
-	historyInfo := make(map[int64]*appsv1beta1.ControllerRevision)
+	historyInfo := make(map[int64]*appsv1.ControllerRevision)
 	for _, history := range history {
 		// TODO: for now we assume revisions don't overlap, we may need to handle it
 		historyInfo[history.Revision] = history
@@ -241,7 +240,7 @@ type StatefulSetHistoryViewer struct {
 // TODO: this should be a describer
 // TODO: needs to implement detailed revision view
 func (h *StatefulSetHistoryViewer) ViewHistory(namespace, name string, revision int64) (string, error) {
-	_, history, err := statefulSetHistory(h.c.AppsV1beta1(), namespace, name)
+	_, history, err := statefulSetHistory(h.c.AppsV1(), namespace, name)
 	if err != nil {
 		return "", err
 	}
@@ -264,13 +263,35 @@ func (h *StatefulSetHistoryViewer) ViewHistory(namespace, name string, revision
 	})
 }
 
+// controlledHistories returns all ControllerRevisions in namespace that selected by selector and owned by accessor
+// TODO: Rename this to controllerHistory when other controllers have been upgraded
+func controlledHistoryV1(
+	apps clientappsv1.AppsV1Interface,
+	namespace string,
+	selector labels.Selector,
+	accessor metav1.Object) ([]*appsv1.ControllerRevision, error) {
+	var result []*appsv1.ControllerRevision
+	historyList, err := apps.ControllerRevisions(namespace).List(metav1.ListOptions{LabelSelector: selector.String()})
+	if err != nil {
+		return nil, err
+	}
+	for i := range historyList.Items {
+		history := historyList.Items[i]
+		// Only add history that belongs to the API object
+		if metav1.IsControlledBy(&history, accessor) {
+			result = append(result, &history)
+		}
+	}
+	return result, nil
+}
+
 // controlledHistories returns all ControllerRevisions in namespace that selected by selector and owned by accessor
 func controlledHistory(
-	apps clientappsv1beta1.AppsV1beta1Interface,
+	apps clientappsv1.AppsV1Interface,
 	namespace string,
 	selector labels.Selector,
-	accessor metav1.Object) ([]*appsv1beta1.ControllerRevision, error) {
-	var result []*appsv1beta1.ControllerRevision
+	accessor metav1.Object) ([]*appsv1.ControllerRevision, error) {
+	var result []*appsv1.ControllerRevision
 	historyList, err := apps.ControllerRevisions(namespace).List(metav1.ListOptions{LabelSelector: selector.String()})
 	if err != nil {
 		return nil, err
@@ -287,10 +308,9 @@ func controlledHistory(
 
 // daemonSetHistory returns the DaemonSet named name in namespace and all ControllerRevisions in its history.
 func daemonSetHistory(
-	ext clientextv1beta1.ExtensionsV1beta1Interface,
-	apps clientappsv1beta1.AppsV1beta1Interface,
-	namespace, name string) (*extensionsv1beta1.DaemonSet, []*appsv1beta1.ControllerRevision, error) {
-	ds, err := ext.DaemonSets(namespace).Get(name, metav1.GetOptions{})
+	apps clientappsv1.AppsV1Interface,
+	namespace, name string) (*appsv1.DaemonSet, []*appsv1.ControllerRevision, error) {
+	ds, err := apps.DaemonSets(namespace).Get(name, metav1.GetOptions{})
 	if err != nil {
 		return nil, nil, fmt.Errorf("failed to retrieve DaemonSet %s: %v", name, err)
 	}
@@ -311,8 +331,8 @@ func daemonSetHistory(
 
 // statefulSetHistory returns the StatefulSet named name in namespace and all ControllerRevisions in its history.
 func statefulSetHistory(
-	apps clientappsv1beta1.AppsV1beta1Interface,
-	namespace, name string) (*appsv1beta1.StatefulSet, []*appsv1beta1.ControllerRevision, error) {
+	apps clientappsv1.AppsV1Interface,
+	namespace, name string) (*appsv1.StatefulSet, []*appsv1.ControllerRevision, error) {
 	sts, err := apps.StatefulSets(namespace).Get(name, metav1.GetOptions{})
 	if err != nil {
 		return nil, nil, fmt.Errorf("failed to retrieve Statefulset %s: %s", name, err.Error())
@@ -325,7 +345,7 @@ func statefulSetHistory(
 	if err != nil {
 		return nil, nil, fmt.Errorf("failed to obtain accessor for StatefulSet %s: %s", name, err.Error())
 	}
-	history, err := controlledHistory(apps, namespace, selector, accessor)
+	history, err := controlledHistoryV1(apps, namespace, selector, accessor)
 	if err != nil {
 		return nil, nil, fmt.Errorf("unable to find history controlled by StatefulSet %s: %v", name, err)
 	}
@@ -333,7 +353,7 @@ func statefulSetHistory(
 }
 
 // applyDaemonSetHistory returns a specific revision of DaemonSet by applying the given history to a copy of the given DaemonSet
-func applyDaemonSetHistory(ds *extensionsv1beta1.DaemonSet, history *appsv1beta1.ControllerRevision) (*extensionsv1beta1.DaemonSet, error) {
+func applyDaemonSetHistory(ds *appsv1.DaemonSet, history *appsv1.ControllerRevision) (*appsv1.DaemonSet, error) {
 	clone := ds.DeepCopy()
 	cloneBytes, err := json.Marshal(clone)
 	if err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/plugins/BUILD b/vendor/k8s.io/kubernetes/pkg/kubectl/plugins/BUILD
index 4c497cac9408..e2f32b7d607e 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/plugins/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/plugins/BUILD
@@ -44,7 +44,6 @@ go_test(
         "plugins_test.go",
         "runner_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubectl/plugins",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/github.com/spf13/pflag:go_default_library"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/plugins/plugins.go b/vendor/k8s.io/kubernetes/pkg/kubectl/plugins/plugins.go
index f2cc17847b30..7eca6a2f35f4 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/plugins/plugins.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/plugins/plugins.go
@@ -65,7 +65,7 @@ func (p Plugin) Validate() error {
 	if len(p.Name) == 0 || len(p.ShortDesc) == 0 || (len(p.Command) == 0 && len(p.Tree) == 0) {
 		return ErrIncompletePlugin
 	}
-	if strings.Index(p.Name, " ") > -1 {
+	if strings.Contains(p.Name, " ") {
 		return ErrInvalidPluginName
 	}
 	for _, flag := range p.Flags {
@@ -102,7 +102,7 @@ func (f Flag) Validate() error {
 	if len(f.Name) == 0 || len(f.Desc) == 0 {
 		return ErrIncompleteFlag
 	}
-	if strings.Index(f.Name, " ") > -1 {
+	if strings.Contains(f.Name, " ") {
 		return ErrInvalidFlagName
 	}
 	return f.ValidateShorthand()
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/resource/BUILD b/vendor/k8s.io/kubernetes/pkg/kubectl/resource/BUILD
index 2df1069b41f6..fc5d02053875 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/resource/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/resource/BUILD
@@ -54,8 +54,7 @@ go_test(
         "//examples:config",
         "//test/fixtures",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubectl/resource",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubectl/categories:go_default_library",
         "//pkg/kubectl/scheme:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/resource/builder.go b/vendor/k8s.io/kubernetes/pkg/kubectl/resource/builder.go
index 4ff130b7f904..5c48c44fc3d4 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/resource/builder.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/resource/builder.go
@@ -341,6 +341,10 @@ func (b *Builder) LabelSelectorParam(s string) *Builder {
 // LabelSelector accepts a selector directly and will filter the resulting list by that object.
 // Use LabelSelectorParam instead for user input.
 func (b *Builder) LabelSelector(selector string) *Builder {
+	if len(selector) == 0 {
+		return b
+	}
+
 	b.labelSelector = &selector
 	return b
 }
@@ -594,23 +598,43 @@ func (b *Builder) SingleResourceType() *Builder {
 	return b
 }
 
-// mappingFor returns the RESTMapping for the Kind referenced by the resource.
-// prefers a fully specified GroupVersionResource match.  If we don't have one match on GroupResource
-func (b *Builder) mappingFor(resourceArg string) (*meta.RESTMapping, error) {
-	fullySpecifiedGVR, groupResource := schema.ParseResourceArg(resourceArg)
+// mappingFor returns the RESTMapping for the Kind given, or the Kind referenced by the resource.
+// Prefers a fully specified GroupVersionResource match. If one is not found, we match on a fully
+// specified GroupVersionKind, or fallback to a match on GroupKind.
+func (b *Builder) mappingFor(resourceOrKindArg string) (*meta.RESTMapping, error) {
+	fullySpecifiedGVR, groupResource := schema.ParseResourceArg(resourceOrKindArg)
 	gvk := schema.GroupVersionKind{}
 	if fullySpecifiedGVR != nil {
 		gvk, _ = b.mapper.KindFor(*fullySpecifiedGVR)
 	}
 	if gvk.Empty() {
-		var err error
-		gvk, err = b.mapper.KindFor(groupResource.WithVersion(""))
-		if err != nil {
-			return nil, err
+		gvk, _ = b.mapper.KindFor(groupResource.WithVersion(""))
+	}
+	if !gvk.Empty() {
+		return b.mapper.RESTMapping(gvk.GroupKind(), gvk.Version)
+	}
+
+	fullySpecifiedGVK, groupKind := schema.ParseKindArg(resourceOrKindArg)
+	if fullySpecifiedGVK == nil {
+		gvk := groupKind.WithVersion("")
+		fullySpecifiedGVK = &gvk
+	}
+
+	if !fullySpecifiedGVK.Empty() {
+		if mapping, err := b.mapper.RESTMapping(fullySpecifiedGVK.GroupKind(), fullySpecifiedGVK.Version); err == nil {
+			return mapping, nil
 		}
 	}
 
-	return b.mapper.RESTMapping(gvk.GroupKind(), gvk.Version)
+	mapping, err := b.mapper.RESTMapping(groupKind, gvk.Version)
+	if err != nil {
+		// if we error out here, it is because we could not match a resource or a kind
+		// for the given argument. To maintain consistency with previous behavior,
+		// announce that a resource type could not be found.
+		return nil, fmt.Errorf("the server doesn't have a resource type %q", groupResource.Resource)
+	}
+
+	return mapping, nil
 }
 
 func (b *Builder) resourceMappings() ([]*meta.RESTMapping, error) {
@@ -618,11 +642,17 @@ func (b *Builder) resourceMappings() ([]*meta.RESTMapping, error) {
 		return nil, fmt.Errorf("you may only specify a single resource type")
 	}
 	mappings := []*meta.RESTMapping{}
+	seen := map[schema.GroupVersionKind]bool{}
 	for _, r := range b.resources {
 		mapping, err := b.mappingFor(r)
 		if err != nil {
 			return nil, err
 		}
+		// This ensures the mappings for resources(shortcuts, plural) unique
+		if seen[mapping.GroupVersionKind] {
+			continue
+		}
+		seen[mapping.GroupVersionKind] = true
 
 		mappings = append(mappings, mapping)
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/rollback.go b/vendor/k8s.io/kubernetes/pkg/kubectl/rollback.go
index 7f6dfa80fb11..10ede4b53d3c 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/rollback.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/rollback.go
@@ -24,7 +24,7 @@ import (
 	"sort"
 	"syscall"
 
-	appsv1beta1 "k8s.io/api/apps/v1beta1"
+	appsv1 "k8s.io/api/apps/v1"
 	"k8s.io/api/core/v1"
 	extv1beta1 "k8s.io/api/extensions/v1beta1"
 	"k8s.io/apimachinery/pkg/api/meta"
@@ -35,13 +35,13 @@ import (
 	"k8s.io/apimachinery/pkg/watch"
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/kubernetes/pkg/api/legacyscheme"
-	"k8s.io/kubernetes/pkg/apis/apps"
 	api "k8s.io/kubernetes/pkg/apis/core"
 	apiv1 "k8s.io/kubernetes/pkg/apis/core/v1"
 	"k8s.io/kubernetes/pkg/apis/extensions"
 	"k8s.io/kubernetes/pkg/controller/daemon"
 	deploymentutil "k8s.io/kubernetes/pkg/controller/deployment/util"
 	"k8s.io/kubernetes/pkg/controller/statefulset"
+	kapps "k8s.io/kubernetes/pkg/kubectl/apps"
 	sliceutil "k8s.io/kubernetes/pkg/kubectl/util/slice"
 	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
 )
@@ -56,16 +56,47 @@ type Rollbacker interface {
 	Rollback(obj runtime.Object, updatedAnnotations map[string]string, toRevision int64, dryRun bool) (string, error)
 }
 
+type RollbackVisitor struct {
+	clientset kubernetes.Interface
+	result    Rollbacker
+}
+
+func (v *RollbackVisitor) VisitDeployment(elem kapps.GroupKindElement) {
+	v.result = &DeploymentRollbacker{v.clientset}
+}
+
+func (v *RollbackVisitor) VisitStatefulSet(kind kapps.GroupKindElement) {
+	v.result = &StatefulSetRollbacker{v.clientset}
+}
+
+func (v *RollbackVisitor) VisitDaemonSet(kind kapps.GroupKindElement) {
+	v.result = &DaemonSetRollbacker{v.clientset}
+}
+
+func (v *RollbackVisitor) VisitJob(kind kapps.GroupKindElement)                   {}
+func (v *RollbackVisitor) VisitPod(kind kapps.GroupKindElement)                   {}
+func (v *RollbackVisitor) VisitReplicaSet(kind kapps.GroupKindElement)            {}
+func (v *RollbackVisitor) VisitReplicationController(kind kapps.GroupKindElement) {}
+func (v *RollbackVisitor) VisitCronJob(kind kapps.GroupKindElement)               {}
+
+// RollbackerFor returns an implementation of Rollbacker interface for the given schema kind
 func RollbackerFor(kind schema.GroupKind, c kubernetes.Interface) (Rollbacker, error) {
-	switch kind {
-	case extensions.Kind("Deployment"), apps.Kind("Deployment"):
-		return &DeploymentRollbacker{c}, nil
-	case extensions.Kind("DaemonSet"), apps.Kind("DaemonSet"):
-		return &DaemonSetRollbacker{c}, nil
-	case apps.Kind("StatefulSet"):
-		return &StatefulSetRollbacker{c}, nil
-	}
-	return nil, fmt.Errorf("no rollbacker has been implemented for %q", kind)
+	elem := kapps.GroupKindElement(kind)
+	visitor := &RollbackVisitor{
+		clientset: c,
+	}
+
+	err := elem.Accept(visitor)
+
+	if err != nil {
+		return nil, fmt.Errorf("error retrieving rollbacker for %q, %v", kind.String(), err)
+	}
+
+	if visitor.result == nil {
+		return nil, fmt.Errorf("no rollbacker has been implemented for %q", kind)
+	}
+
+	return visitor.result, nil
 }
 
 type DeploymentRollbacker struct {
@@ -225,7 +256,7 @@ func (r *DaemonSetRollbacker) Rollback(obj runtime.Object, updatedAnnotations ma
 	if err != nil {
 		return "", fmt.Errorf("failed to create accessor for kind %v: %s", obj.GetObjectKind(), err.Error())
 	}
-	ds, history, err := daemonSetHistory(r.c.ExtensionsV1beta1(), r.c.AppsV1beta1(), accessor.GetNamespace(), accessor.GetName())
+	ds, history, err := daemonSetHistory(r.c.AppsV1(), accessor.GetNamespace(), accessor.GetName())
 	if err != nil {
 		return "", err
 	}
@@ -276,7 +307,7 @@ func (r *StatefulSetRollbacker) Rollback(obj runtime.Object, updatedAnnotations
 	if err != nil {
 		return "", fmt.Errorf("failed to create accessor for kind %v: %s", obj.GetObjectKind(), err.Error())
 	}
-	sts, history, err := statefulSetHistory(r.c.AppsV1beta1(), accessor.GetNamespace(), accessor.GetName())
+	sts, history, err := statefulSetHistory(r.c.AppsV1(), accessor.GetNamespace(), accessor.GetName())
 	if err != nil {
 		return "", err
 	}
@@ -307,7 +338,7 @@ func (r *StatefulSetRollbacker) Rollback(obj runtime.Object, updatedAnnotations
 	}
 
 	// Restore revision
-	if _, err = r.c.AppsV1beta1().StatefulSets(sts.Namespace).Patch(sts.Name, types.StrategicMergePatchType, toHistory.Data.Raw); err != nil {
+	if _, err = r.c.AppsV1().StatefulSets(sts.Namespace).Patch(sts.Name, types.StrategicMergePatchType, toHistory.Data.Raw); err != nil {
 		return "", fmt.Errorf("failed restoring revision %d: %v", toRevision, err)
 	}
 
@@ -317,13 +348,13 @@ func (r *StatefulSetRollbacker) Rollback(obj runtime.Object, updatedAnnotations
 // findHistory returns a controllerrevision of a specific revision from the given controllerrevisions.
 // It returns nil if no such controllerrevision exists.
 // If toRevision is 0, the last previously used history is returned.
-func findHistory(toRevision int64, allHistory []*appsv1beta1.ControllerRevision) *appsv1beta1.ControllerRevision {
+func findHistory(toRevision int64, allHistory []*appsv1.ControllerRevision) *appsv1.ControllerRevision {
 	if toRevision == 0 && len(allHistory) <= 1 {
 		return nil
 	}
 
 	// Find the history to rollback to
-	var toHistory *appsv1beta1.ControllerRevision
+	var toHistory *appsv1.ControllerRevision
 	if toRevision == 0 {
 		// If toRevision == 0, find the latest revision (2nd max)
 		sort.Sort(historiesByRevision(allHistory))
@@ -357,7 +388,7 @@ func revisionNotFoundErr(r int64) error {
 }
 
 // TODO: copied from daemon controller, should extract to a library
-type historiesByRevision []*appsv1beta1.ControllerRevision
+type historiesByRevision []*appsv1.ControllerRevision
 
 func (h historiesByRevision) Len() int      { return len(h) }
 func (h historiesByRevision) Swap(i, j int) { h[i], h[j] = h[j], h[i] }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/rolling_updater.go b/vendor/k8s.io/kubernetes/pkg/kubectl/rolling_updater.go
index 1a1f8dfb3300..3d640184c484 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/rolling_updater.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/rolling_updater.go
@@ -36,7 +36,6 @@ import (
 	api "k8s.io/kubernetes/pkg/apis/core"
 	apiv1 "k8s.io/kubernetes/pkg/apis/core/v1"
 	coreclient "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion"
-	client "k8s.io/kubernetes/pkg/client/unversioned"
 	deploymentutil "k8s.io/kubernetes/pkg/controller/deployment/util"
 	"k8s.io/kubernetes/pkg/kubectl/util"
 )
@@ -513,7 +512,7 @@ func (r *RollingUpdater) cleanupWithClients(oldRc, newRc *api.ReplicationControl
 		return err
 	}
 
-	if err = wait.Poll(config.Interval, config.Timeout, client.ControllerHasDesiredReplicas(r.rcClient, newRc)); err != nil {
+	if err = wait.Poll(config.Interval, config.Timeout, ControllerHasDesiredReplicas(r.rcClient, newRc)); err != nil {
 		return err
 	}
 	newRc, err = r.rcClient.ReplicationControllers(r.ns).Get(newRc.Name, metav1.GetOptions{})
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/rollout_status.go b/vendor/k8s.io/kubernetes/pkg/kubectl/rollout_status.go
index 2f58cb28eec0..24fcdf568f56 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/rollout_status.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/rollout_status.go
@@ -38,9 +38,9 @@ type StatusViewer interface {
 func StatusViewerFor(kind schema.GroupKind, c kubernetes.Interface) (StatusViewer, error) {
 	switch kind {
 	case extensionsv1beta1.SchemeGroupVersion.WithKind("Deployment").GroupKind(), apps.Kind("Deployment"):
-		return &DeploymentStatusViewer{c.Extensions()}, nil
+		return &DeploymentStatusViewer{c.ExtensionsV1beta1()}, nil
 	case extensionsv1beta1.SchemeGroupVersion.WithKind("DaemonSet").GroupKind(), apps.Kind("DaemonSet"):
-		return &DaemonSetStatusViewer{c.Extensions()}, nil
+		return &DaemonSetStatusViewer{c.ExtensionsV1beta1()}, nil
 	case apps.Kind("StatefulSet"):
 		return &StatefulSetStatusViewer{c.AppsV1beta1()}, nil
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/scale.go b/vendor/k8s.io/kubernetes/pkg/kubectl/scale.go
index da6d4fbb796d..99e4b365db98 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/scale.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/scale.go
@@ -21,49 +21,48 @@ import (
 	"strconv"
 	"time"
 
+	autoscalingapi "k8s.io/api/autoscaling/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/fields"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/util/wait"
-	"k8s.io/apimachinery/pkg/watch"
 	"k8s.io/kubernetes/pkg/apis/apps"
 	"k8s.io/kubernetes/pkg/apis/batch"
 	api "k8s.io/kubernetes/pkg/apis/core"
 	"k8s.io/kubernetes/pkg/apis/extensions"
-	"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
+
+	scaleclient "k8s.io/client-go/scale"
 	appsclient "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/apps/internalversion"
 	batchclient "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/internalversion"
 	coreclient "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion"
 	extensionsclient "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/extensions/internalversion"
-	client "k8s.io/kubernetes/pkg/client/unversioned"
 )
 
+// TODO: Figure out if we should be waiting on initializers in the Scale() functions below.
+
 // Scaler provides an interface for resources that can be scaled.
 type Scaler interface {
 	// Scale scales the named resource after checking preconditions. It optionally
 	// retries in the event of resource version mismatch (if retry is not nil),
 	// and optionally waits until the status of the resource matches newSize (if wait is not nil)
+	// TODO: Make the implementation of this watch-based (#56075) once #31345 is fixed.
 	Scale(namespace, name string, newSize uint, preconditions *ScalePrecondition, retry, wait *RetryParams) error
 	// ScaleSimple does a simple one-shot attempt at scaling - not useful on its own, but
 	// a necessary building block for Scale
 	ScaleSimple(namespace, name string, preconditions *ScalePrecondition, newSize uint) (updatedResourceVersion string, err error)
 }
 
-func ScalerFor(kind schema.GroupKind, c internalclientset.Interface) (Scaler, error) {
+// ScalerFor gets a scaler for a given resource
+func ScalerFor(kind schema.GroupKind, jobsClient batchclient.JobsGetter, scalesGetter scaleclient.ScalesGetter, gr schema.GroupResource) Scaler {
+	// it seems like jobs dont't follow "normal" scale semantics.
+	// For example it is not clear whether HPA could make use of it or not.
+	// For more details see: https://github.com/kubernetes/kubernetes/pull/58468
 	switch kind {
-	case api.Kind("ReplicationController"):
-		return &ReplicationControllerScaler{c.Core()}, nil
-	case extensions.Kind("ReplicaSet"), apps.Kind("ReplicaSet"):
-		return &ReplicaSetScaler{c.Extensions()}, nil
 	case batch.Kind("Job"):
-		return &JobScaler{c.Batch()}, nil // Either kind of job can be scaled with Batch interface.
-	case apps.Kind("StatefulSet"):
-		return &StatefulSetScaler{c.Apps()}, nil
-	case extensions.Kind("Deployment"), apps.Kind("Deployment"):
-		return &DeploymentScaler{c.Extensions()}, nil
+		return &jobScaler{jobsClient} // Either kind of job can be scaled with Batch interface.
+	default:
+		return &genericScaler{scalesGetter, gr}
 	}
-	return nil, fmt.Errorf("no scaler has been implemented for %q", kind)
 }
 
 // ScalePrecondition describes a condition that must be true for the scale to take place
@@ -162,6 +161,7 @@ func (precondition *ScalePrecondition) ValidateReplicationController(controller
 	return nil
 }
 
+// TODO(p0lyn0mial): remove ReplicationControllerScaler
 type ReplicationControllerScaler struct {
 	c coreclient.ReplicationControllersGetter
 }
@@ -200,51 +200,23 @@ func (scaler *ReplicationControllerScaler) Scale(namespace, name string, newSize
 		// Make it try only once, immediately
 		retry = &RetryParams{Interval: time.Millisecond, Timeout: time.Millisecond}
 	}
-	var updatedResourceVersion string
-	cond := ScaleCondition(scaler, preconditions, namespace, name, newSize, &updatedResourceVersion)
+	cond := ScaleCondition(scaler, preconditions, namespace, name, newSize, nil)
 	if err := wait.PollImmediate(retry.Interval, retry.Timeout, cond); err != nil {
 		return err
 	}
 	if waitForReplicas != nil {
-		checkRC := func(rc *api.ReplicationController) bool {
-			if uint(rc.Spec.Replicas) != newSize {
-				// the size is changed by other party. Don't need to wait for the new change to complete.
-				return true
-			}
-			return rc.Status.ObservedGeneration >= rc.Generation && rc.Status.Replicas == rc.Spec.Replicas
-		}
-		// If number of replicas doesn't change, then the update may not event
-		// be sent to underlying databse (we don't send no-op changes).
-		// In such case, <updatedResourceVersion> will have value of the most
-		// recent update (which may be far in the past) so we may get "too old
-		// RV" error from watch or potentially no ReplicationController events
-		// will be deliver, since it may already be in the expected state.
-		// To protect from these two, we first issue Get() to ensure that we
-		// are not already in the expected state.
-		currentRC, err := scaler.c.ReplicationControllers(namespace).Get(name, metav1.GetOptions{})
+		rc, err := scaler.c.ReplicationControllers(namespace).Get(name, metav1.GetOptions{})
 		if err != nil {
 			return err
 		}
-		if !checkRC(currentRC) {
-			watchOptions := metav1.ListOptions{
-				FieldSelector:   fields.OneTermEqualSelector("metadata.name", name).String(),
-				ResourceVersion: updatedResourceVersion,
-			}
-			watcher, err := scaler.c.ReplicationControllers(namespace).Watch(watchOptions)
-			if err != nil {
-				return err
-			}
-			_, err = watch.Until(waitForReplicas.Timeout, watcher, func(event watch.Event) (bool, error) {
-				if event.Type != watch.Added && event.Type != watch.Modified {
-					return false, nil
-				}
-				return checkRC(event.Object.(*api.ReplicationController)), nil
-			})
-			if err == wait.ErrWaitTimeout {
-				return fmt.Errorf("timed out waiting for %q to be synced", name)
-			}
-			return err
+		if rc.Initializers != nil {
+			return nil
+		}
+		err = wait.PollImmediate(waitForReplicas.Interval, waitForReplicas.Timeout, ControllerHasDesiredReplicas(scaler.c, rc))
+		if err == wait.ErrWaitTimeout {
+			return fmt.Errorf("timed out waiting for %q to be synced", name)
 		}
+		return err
 	}
 	return nil
 }
@@ -260,6 +232,7 @@ func (precondition *ScalePrecondition) ValidateReplicaSet(replicaSet *extensions
 	return nil
 }
 
+// TODO(p0lyn0mial): remove ReplicaSetScaler
 type ReplicaSetScaler struct {
 	c extensionsclient.ReplicaSetsGetter
 }
@@ -299,7 +272,7 @@ func (scaler *ReplicaSetScaler) Scale(namespace, name string, newSize uint, prec
 		retry = &RetryParams{Interval: time.Millisecond, Timeout: time.Millisecond}
 	}
 	cond := ScaleCondition(scaler, preconditions, namespace, name, newSize, nil)
-	if err := wait.Poll(retry.Interval, retry.Timeout, cond); err != nil {
+	if err := wait.PollImmediate(retry.Interval, retry.Timeout, cond); err != nil {
 		return err
 	}
 	if waitForReplicas != nil {
@@ -310,7 +283,7 @@ func (scaler *ReplicaSetScaler) Scale(namespace, name string, newSize uint, prec
 		if rs.Initializers != nil {
 			return nil
 		}
-		err = wait.Poll(waitForReplicas.Interval, waitForReplicas.Timeout, client.ReplicaSetHasDesiredReplicas(scaler.c, rs))
+		err = wait.PollImmediate(waitForReplicas.Interval, waitForReplicas.Timeout, ReplicaSetHasDesiredReplicas(scaler.c, rs))
 
 		if err == wait.ErrWaitTimeout {
 			return fmt.Errorf("timed out waiting for %q to be synced", name)
@@ -334,6 +307,7 @@ func (precondition *ScalePrecondition) ValidateJob(job *batch.Job) error {
 	return nil
 }
 
+// TODO(p0lyn0mial): remove StatefulSetsGetter
 type StatefulSetScaler struct {
 	c appsclient.StatefulSetsGetter
 }
@@ -370,7 +344,7 @@ func (scaler *StatefulSetScaler) Scale(namespace, name string, newSize uint, pre
 		retry = &RetryParams{Interval: time.Millisecond, Timeout: time.Millisecond}
 	}
 	cond := ScaleCondition(scaler, preconditions, namespace, name, newSize, nil)
-	if err := wait.Poll(retry.Interval, retry.Timeout, cond); err != nil {
+	if err := wait.PollImmediate(retry.Interval, retry.Timeout, cond); err != nil {
 		return err
 	}
 	if waitForReplicas != nil {
@@ -381,7 +355,7 @@ func (scaler *StatefulSetScaler) Scale(namespace, name string, newSize uint, pre
 		if job.Initializers != nil {
 			return nil
 		}
-		err = wait.Poll(waitForReplicas.Interval, waitForReplicas.Timeout, client.StatefulSetHasDesiredReplicas(scaler.c, job))
+		err = wait.PollImmediate(waitForReplicas.Interval, waitForReplicas.Timeout, StatefulSetHasDesiredReplicas(scaler.c, job))
 		if err == wait.ErrWaitTimeout {
 			return fmt.Errorf("timed out waiting for %q to be synced", name)
 		}
@@ -390,13 +364,13 @@ func (scaler *StatefulSetScaler) Scale(namespace, name string, newSize uint, pre
 	return nil
 }
 
-type JobScaler struct {
+type jobScaler struct {
 	c batchclient.JobsGetter
 }
 
 // ScaleSimple is responsible for updating job's parallelism. It returns the
 // resourceVersion of the job if the update is successful.
-func (scaler *JobScaler) ScaleSimple(namespace, name string, preconditions *ScalePrecondition, newSize uint) (string, error) {
+func (scaler *jobScaler) ScaleSimple(namespace, name string, preconditions *ScalePrecondition, newSize uint) (string, error) {
 	job, err := scaler.c.Jobs(namespace).Get(name, metav1.GetOptions{})
 	if err != nil {
 		return "", ScaleError{ScaleGetFailure, "", err}
@@ -421,7 +395,7 @@ func (scaler *JobScaler) ScaleSimple(namespace, name string, preconditions *Scal
 // Scale updates a Job to a new size, with optional precondition check (if preconditions is not nil),
 // optional retries (if retry is not nil), and then optionally waits for parallelism to reach desired
 // number, which can be less than requested based on job's current progress.
-func (scaler *JobScaler) Scale(namespace, name string, newSize uint, preconditions *ScalePrecondition, retry, waitForReplicas *RetryParams) error {
+func (scaler *jobScaler) Scale(namespace, name string, newSize uint, preconditions *ScalePrecondition, retry, waitForReplicas *RetryParams) error {
 	if preconditions == nil {
 		preconditions = &ScalePrecondition{-1, ""}
 	}
@@ -430,7 +404,7 @@ func (scaler *JobScaler) Scale(namespace, name string, newSize uint, preconditio
 		retry = &RetryParams{Interval: time.Millisecond, Timeout: time.Millisecond}
 	}
 	cond := ScaleCondition(scaler, preconditions, namespace, name, newSize, nil)
-	if err := wait.Poll(retry.Interval, retry.Timeout, cond); err != nil {
+	if err := wait.PollImmediate(retry.Interval, retry.Timeout, cond); err != nil {
 		return err
 	}
 	if waitForReplicas != nil {
@@ -438,7 +412,7 @@ func (scaler *JobScaler) Scale(namespace, name string, newSize uint, preconditio
 		if err != nil {
 			return err
 		}
-		err = wait.Poll(waitForReplicas.Interval, waitForReplicas.Timeout, client.JobHasDesiredParallelism(scaler.c, job))
+		err = wait.PollImmediate(waitForReplicas.Interval, waitForReplicas.Timeout, JobHasDesiredParallelism(scaler.c, job))
 		if err == wait.ErrWaitTimeout {
 			return fmt.Errorf("timed out waiting for %q to be synced", name)
 		}
@@ -458,6 +432,7 @@ func (precondition *ScalePrecondition) ValidateDeployment(deployment *extensions
 	return nil
 }
 
+// TODO(p0lyn0mial): remove DeploymentScaler
 type DeploymentScaler struct {
 	c extensionsclient.DeploymentsGetter
 }
@@ -500,7 +475,7 @@ func (scaler *DeploymentScaler) Scale(namespace, name string, newSize uint, prec
 		retry = &RetryParams{Interval: time.Millisecond, Timeout: time.Millisecond}
 	}
 	cond := ScaleCondition(scaler, preconditions, namespace, name, newSize, nil)
-	if err := wait.Poll(retry.Interval, retry.Timeout, cond); err != nil {
+	if err := wait.PollImmediate(retry.Interval, retry.Timeout, cond); err != nil {
 		return err
 	}
 	if waitForReplicas != nil {
@@ -508,7 +483,7 @@ func (scaler *DeploymentScaler) Scale(namespace, name string, newSize uint, prec
 		if err != nil {
 			return err
 		}
-		err = wait.Poll(waitForReplicas.Interval, waitForReplicas.Timeout, client.DeploymentHasDesiredReplicas(scaler.c, deployment))
+		err = wait.PollImmediate(waitForReplicas.Interval, waitForReplicas.Timeout, DeploymentHasDesiredReplicas(scaler.c, deployment))
 		if err == wait.ErrWaitTimeout {
 			return fmt.Errorf("timed out waiting for %q to be synced", name)
 		}
@@ -516,3 +491,90 @@ func (scaler *DeploymentScaler) Scale(namespace, name string, newSize uint, prec
 	}
 	return nil
 }
+
+// validateGeneric ensures that the preconditions match. Returns nil if they are valid, otherwise an error
+// TODO(p0lyn0mial): when the work on GenericScaler is done, rename validateGeneric to validate
+func (precondition *ScalePrecondition) validateGeneric(scale *autoscalingapi.Scale) error {
+	if precondition.Size != -1 && int(scale.Spec.Replicas) != precondition.Size {
+		return PreconditionError{"replicas", strconv.Itoa(precondition.Size), strconv.Itoa(int(scale.Spec.Replicas))}
+	}
+	if len(precondition.ResourceVersion) > 0 && scale.ResourceVersion != precondition.ResourceVersion {
+		return PreconditionError{"resource version", precondition.ResourceVersion, scale.ResourceVersion}
+	}
+	return nil
+}
+
+// genericScaler can update scales for resources in a particular namespace
+type genericScaler struct {
+	scaleNamespacer scaleclient.ScalesGetter
+	targetGR        schema.GroupResource
+}
+
+var _ Scaler = &genericScaler{}
+
+// ScaleSimple updates a scale of a given resource. It returns the resourceVersion of the scale if the update was successful.
+func (s *genericScaler) ScaleSimple(namespace, name string, preconditions *ScalePrecondition, newSize uint) (updatedResourceVersion string, err error) {
+	scale, err := s.scaleNamespacer.Scales(namespace).Get(s.targetGR, name)
+	if err != nil {
+		return "", ScaleError{ScaleGetFailure, "", err}
+	}
+	if preconditions != nil {
+		if err := preconditions.validateGeneric(scale); err != nil {
+			return "", err
+		}
+	}
+
+	scale.Spec.Replicas = int32(newSize)
+	updatedScale, err := s.scaleNamespacer.Scales(namespace).Update(s.targetGR, scale)
+	if err != nil {
+		if errors.IsConflict(err) {
+			return "", ScaleError{ScaleUpdateConflictFailure, scale.ResourceVersion, err}
+		}
+		return "", ScaleError{ScaleUpdateFailure, scale.ResourceVersion, err}
+	}
+	return updatedScale.ResourceVersion, nil
+}
+
+// Scale updates a scale of a given resource to a new size, with optional precondition check (if preconditions is not nil),
+// optional retries (if retry is not nil), and then optionally waits for the status to reach desired count.
+func (s *genericScaler) Scale(namespace, resourceName string, newSize uint, preconditions *ScalePrecondition, retry, waitForReplicas *RetryParams) error {
+	if preconditions == nil {
+		preconditions = &ScalePrecondition{-1, ""}
+	}
+	if retry == nil {
+		// make it try only once, immediately
+		retry = &RetryParams{Interval: time.Millisecond, Timeout: time.Millisecond}
+	}
+	cond := ScaleCondition(s, preconditions, namespace, resourceName, newSize, nil)
+	if err := wait.PollImmediate(retry.Interval, retry.Timeout, cond); err != nil {
+		return err
+	}
+	if waitForReplicas != nil {
+		err := wait.PollImmediate(
+			waitForReplicas.Interval,
+			waitForReplicas.Timeout,
+			scaleHasDesiredReplicas(s.scaleNamespacer, s.targetGR, resourceName, namespace, int32(newSize)))
+		if err == wait.ErrWaitTimeout {
+			return fmt.Errorf("timed out waiting for %q to be synced", resourceName)
+		}
+		return err
+	}
+	return nil
+}
+
+// scaleHasDesiredReplicas returns a condition that will be true if and only if the desired replica
+// count for a scale (Spec) equals its updated replicas count (Status)
+func scaleHasDesiredReplicas(sClient scaleclient.ScalesGetter, gr schema.GroupResource, resourceName string, namespace string, desiredReplicas int32) wait.ConditionFunc {
+	return func() (bool, error) {
+		actualScale, err := sClient.Scales(namespace).Get(gr, resourceName)
+		if err != nil {
+			return false, err
+		}
+		// this means the desired scale target has been reset by something else
+		if actualScale.Spec.Replicas != desiredReplicas {
+			return true, nil
+		}
+		return actualScale.Spec.Replicas == actualScale.Status.Replicas &&
+			desiredReplicas == actualScale.Status.Replicas, nil
+	}
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/scheme/install.go b/vendor/k8s.io/kubernetes/pkg/kubectl/scheme/install.go
index 51d4e16f18a1..95838f55703e 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/scheme/install.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/scheme/install.go
@@ -60,6 +60,7 @@ func init() {
 	scheme.AddToScheme(Scheme)
 
 	// Register external types for Registry
+	Versions = append(Versions, corev1.SchemeGroupVersion)
 	if err := announced.NewGroupMetaFactory(
 		&announced.GroupMetaFactoryArgs{
 			GroupName:              corev1.GroupName,
@@ -90,6 +91,7 @@ func init() {
 		panic(err)
 	}
 
+	Versions = append(Versions, admissionv1alpha1.SchemeGroupVersion)
 	if err := announced.NewGroupMetaFactory(
 		&announced.GroupMetaFactoryArgs{
 			GroupName:              admissionv1alpha1.GroupName,
@@ -103,6 +105,7 @@ func init() {
 		panic(err)
 	}
 
+	Versions = append(Versions, admissionregistrationv1alpha1.SchemeGroupVersion)
 	if err := announced.NewGroupMetaFactory(
 		&announced.GroupMetaFactoryArgs{
 			GroupName:              admissionregistrationv1alpha1.GroupName,
@@ -116,6 +119,7 @@ func init() {
 		panic(err)
 	}
 
+	Versions = append(Versions, appsv1.SchemeGroupVersion, appsv1beta2.SchemeGroupVersion, appsv1beta1.SchemeGroupVersion)
 	if err := announced.NewGroupMetaFactory(
 		&announced.GroupMetaFactoryArgs{
 			GroupName:              appsv1.GroupName,
@@ -130,6 +134,7 @@ func init() {
 		panic(err)
 	}
 
+	Versions = append(Versions, authenticationv1.SchemeGroupVersion, authenticationv1beta1.SchemeGroupVersion)
 	if err := announced.NewGroupMetaFactory(
 		&announced.GroupMetaFactoryArgs{
 			GroupName:              authenticationv1beta1.GroupName,
@@ -144,6 +149,7 @@ func init() {
 		panic(err)
 	}
 
+	Versions = append(Versions, authorizationv1.SchemeGroupVersion, authorizationv1beta1.SchemeGroupVersion)
 	if err := announced.NewGroupMetaFactory(
 		&announced.GroupMetaFactoryArgs{
 			GroupName:              authorizationv1.GroupName,
@@ -158,6 +164,7 @@ func init() {
 		panic(err)
 	}
 
+	Versions = append(Versions, autoscalingv1.SchemeGroupVersion, autoscalingv2beta1.SchemeGroupVersion)
 	if err := announced.NewGroupMetaFactory(
 		&announced.GroupMetaFactoryArgs{
 			GroupName:              autoscalingv1.GroupName,
@@ -171,6 +178,7 @@ func init() {
 		panic(err)
 	}
 
+	Versions = append(Versions, batchv1.SchemeGroupVersion, batchv1beta1.SchemeGroupVersion, batchv2alpha1.SchemeGroupVersion)
 	if err := announced.NewGroupMetaFactory(
 		&announced.GroupMetaFactoryArgs{
 			GroupName:              batchv1.GroupName,
@@ -185,6 +193,7 @@ func init() {
 		panic(err)
 	}
 
+	Versions = append(Versions, certificatesv1beta1.SchemeGroupVersion)
 	if err := announced.NewGroupMetaFactory(
 		&announced.GroupMetaFactoryArgs{
 			GroupName:              certificatesv1beta1.GroupName,
@@ -198,6 +207,7 @@ func init() {
 		panic(err)
 	}
 
+	Versions = append(Versions, extensionsv1beta1.SchemeGroupVersion)
 	if err := announced.NewGroupMetaFactory(
 		&announced.GroupMetaFactoryArgs{
 			GroupName:              extensionsv1beta1.GroupName,
@@ -211,6 +221,7 @@ func init() {
 		panic(err)
 	}
 
+	Versions = append(Versions, imagepolicyv1alpha1.SchemeGroupVersion)
 	if err := announced.NewGroupMetaFactory(
 		&announced.GroupMetaFactoryArgs{
 			GroupName:              imagepolicyv1alpha1.GroupName,
@@ -224,6 +235,7 @@ func init() {
 		panic(err)
 	}
 
+	Versions = append(Versions, networkingv1.SchemeGroupVersion)
 	if err := announced.NewGroupMetaFactory(
 		&announced.GroupMetaFactoryArgs{
 			GroupName:              networkingv1.GroupName,
@@ -236,6 +248,7 @@ func init() {
 		panic(err)
 	}
 
+	Versions = append(Versions, policyv1beta1.SchemeGroupVersion)
 	if err := announced.NewGroupMetaFactory(
 		&announced.GroupMetaFactoryArgs{
 			GroupName:              policyv1beta1.GroupName,
@@ -248,6 +261,7 @@ func init() {
 		panic(err)
 	}
 
+	Versions = append(Versions, rbacv1.SchemeGroupVersion, rbacv1beta1.SchemeGroupVersion, rbacv1alpha1.SchemeGroupVersion)
 	if err := announced.NewGroupMetaFactory(
 		&announced.GroupMetaFactoryArgs{
 			GroupName:              rbacv1.GroupName,
@@ -263,6 +277,7 @@ func init() {
 		panic(err)
 	}
 
+	Versions = append(Versions, schedulingv1alpha1.SchemeGroupVersion)
 	if err := announced.NewGroupMetaFactory(
 		&announced.GroupMetaFactoryArgs{
 			GroupName:              schedulingv1alpha1.GroupName,
@@ -276,6 +291,7 @@ func init() {
 		panic(err)
 	}
 
+	Versions = append(Versions, settingsv1alpha1.SchemeGroupVersion)
 	if err := announced.NewGroupMetaFactory(
 		&announced.GroupMetaFactoryArgs{
 			GroupName:              settingsv1alpha1.GroupName,
@@ -288,6 +304,7 @@ func init() {
 		panic(err)
 	}
 
+	Versions = append(Versions, storagev1.SchemeGroupVersion, storagev1beta1.SchemeGroupVersion)
 	if err := announced.NewGroupMetaFactory(
 		&announced.GroupMetaFactoryArgs{
 			GroupName:              storagev1.GroupName,
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/scheme/scheme.go b/vendor/k8s.io/kubernetes/pkg/kubectl/scheme/scheme.go
index cd38d22a1838..d2e7ca978cb3 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/scheme/scheme.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/scheme/scheme.go
@@ -22,6 +22,7 @@ import (
 	"k8s.io/apimachinery/pkg/apimachinery/announced"
 	"k8s.io/apimachinery/pkg/apimachinery/registered"
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/runtime/serializer"
 )
 
@@ -41,3 +42,13 @@ var Codecs = serializer.NewCodecFactory(Scheme)
 
 // ParameterCodec handles versioning of objects that are converted to query parameters.
 var ParameterCodec = runtime.NewParameterCodec(Scheme)
+
+// Versions is a list of group versions in order of preferred serialization.  This used to be discovered dynamically,
+// from the server for use in the client, but that gives conflicting lists of non-existent versions.  This only needs to
+// live until we stop attempting to perform any conversion client-side and is only valid for items existent in our scheme.
+var Versions = []schema.GroupVersion{}
+
+// DefaultJSONEncoder returns a default encoder for our scheme
+func DefaultJSONEncoder() runtime.Encoder {
+	return Codecs.LegacyCodec(Versions...)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/util/BUILD b/vendor/k8s.io/kubernetes/pkg/kubectl/util/BUILD
index 535db1587a25..16c098d196c9 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/util/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/util/BUILD
@@ -7,10 +7,40 @@ load(
 go_library(
     name = "go_default_library",
     srcs = [
-        "umask.go",
+        "service_port.go",
         "util.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "umask.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "umask.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "umask.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "umask.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "umask.go",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "umask.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "umask.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "umask.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "umask.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "umask.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
             "umask_windows.go",
         ],
         "//conditions:default": [],
@@ -18,10 +48,43 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/kubectl/util",
     visibility = ["//build/visible_to:pkg_kubectl_util_CONSUMERS"],
     deps = [
-        "//vendor/golang.org/x/sys/unix:go_default_library",
+        "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
-    ],
+        "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
+    ] + select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "//conditions:default": [],
+    }),
 )
 
 filegroup(
@@ -41,6 +104,7 @@ filegroup(
         "//pkg/kubectl/util/logs:all-srcs",
         "//pkg/kubectl/util/slice:all-srcs",
         "//pkg/kubectl/util/term:all-srcs",
+        "//pkg/kubectl/util/transport:all-srcs",
     ],
     tags = ["automanaged"],
     visibility = ["//build/visible_to:pkg_kubectl_util_CONSUMERS"],
@@ -48,7 +112,13 @@ filegroup(
 
 go_test(
     name = "go_default_test",
-    srcs = ["util_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubectl/util",
-    library = ":go_default_library",
+    srcs = [
+        "service_port_test.go",
+        "util_test.go",
+    ],
+    embed = [":go_default_library"],
+    deps = [
+        "//pkg/apis/core:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
+    ],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/util/hash/BUILD b/vendor/k8s.io/kubernetes/pkg/kubectl/util/hash/BUILD
index 7e8885b65350..8c1c4a34c3a3 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/util/hash/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/util/hash/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["hash_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubectl/util/hash",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/api/core/v1:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/util/service_port.go b/vendor/k8s.io/kubernetes/pkg/kubectl/util/service_port.go
new file mode 100644
index 000000000000..8bcaab99798c
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/util/service_port.go
@@ -0,0 +1,63 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package util
+
+import (
+	"fmt"
+
+	"k8s.io/apimachinery/pkg/util/intstr"
+	api "k8s.io/kubernetes/pkg/apis/core"
+)
+
+// Lookup containerPort number by its named port name
+func LookupContainerPortNumberByName(pod api.Pod, name string) (int32, error) {
+	for _, ctr := range pod.Spec.Containers {
+		for _, ctrportspec := range ctr.Ports {
+			if ctrportspec.Name == name {
+				return ctrportspec.ContainerPort, nil
+			}
+		}
+	}
+
+	return int32(-1), fmt.Errorf("Pod '%s' does not have a named port '%s'", pod.Name, name)
+}
+
+// Lookup containerPort number from Service port number
+// It implements the handling of resolving container named port, as well as ignoring targetPort when clusterIP=None
+// It returns an error when a named port can't find a match (with -1 returned), or when the service does not
+// declare such port (with the input port number returned).
+func LookupContainerPortNumberByServicePort(svc api.Service, pod api.Pod, port int32) (int32, error) {
+	for _, svcportspec := range svc.Spec.Ports {
+		if svcportspec.Port != port {
+			continue
+		}
+		if svc.Spec.ClusterIP == api.ClusterIPNone {
+			return port, nil
+		}
+		if svcportspec.TargetPort.Type == intstr.Int {
+			if svcportspec.TargetPort.IntValue() == 0 {
+				// targetPort is omitted, and the IntValue() would be zero
+				return svcportspec.Port, nil
+			} else {
+				return int32(svcportspec.TargetPort.IntValue()), nil
+			}
+		} else {
+			return LookupContainerPortNumberByName(pod, svcportspec.TargetPort.String())
+		}
+	}
+	return port, fmt.Errorf("Service %s does not have a service port %d", svc.Name, port)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/util/slice/BUILD b/vendor/k8s.io/kubernetes/pkg/kubectl/util/slice/BUILD
index 03567ebbaf9a..c786caaf9cfd 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/util/slice/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/util/slice/BUILD
@@ -15,8 +15,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["slice_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubectl/util/slice",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/util/slice/slice.go b/vendor/k8s.io/kubernetes/pkg/kubectl/util/slice/slice.go
index 6885c4888db2..8130753c300f 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/util/slice/slice.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/util/slice/slice.go
@@ -20,13 +20,5 @@ import (
 	"sort"
 )
 
-// Int64Slice attaches the methods of Interface to []int64,
-// sorting in increasing order.
-type Int64Slice []int64
-
-func (p Int64Slice) Len() int           { return len(p) }
-func (p Int64Slice) Less(i, j int) bool { return p[i] < p[j] }
-func (p Int64Slice) Swap(i, j int)      { p[i], p[j] = p[j], p[i] }
-
 // Sorts []int64 in increasing order
-func SortInts64(a []int64) { sort.Sort(Int64Slice(a)) }
+func SortInts64(a []int64) { sort.Slice(a, func(i, j int) bool { return a[i] < a[j] }) }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/util/term/BUILD b/vendor/k8s.io/kubernetes/pkg/kubectl/util/term/BUILD
index d05dc402eddc..3c0db1dc68af 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/util/term/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/util/term/BUILD
@@ -10,11 +10,40 @@ go_library(
     name = "go_default_library",
     srcs = [
         "resize.go",
-        "resizeevents.go",
         "term.go",
         "term_writer.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "resizeevents.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "resizeevents.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "resizeevents.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "resizeevents.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "resizeevents.go",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "resizeevents.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "resizeevents.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "resizeevents.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "resizeevents.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "resizeevents.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
             "resizeevents_windows.go",
         ],
         "//conditions:default": [],
@@ -24,17 +53,47 @@ go_library(
         "//pkg/util/interrupt:go_default_library",
         "//vendor/github.com/docker/docker/pkg/term:go_default_library",
         "//vendor/github.com/mitchellh/go-wordwrap:go_default_library",
-        "//vendor/golang.org/x/sys/unix:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
         "//vendor/k8s.io/client-go/tools/remotecommand:go_default_library",
-    ],
+    ] + select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "//conditions:default": [],
+    }),
 )
 
 go_test(
     name = "go_default_test",
     srcs = ["term_writer_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubectl/util/term",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/util/transport/BUILD b/vendor/k8s.io/kubernetes/pkg/kubectl/util/transport/BUILD
new file mode 100644
index 000000000000..c077a903c5b4
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/util/transport/BUILD
@@ -0,0 +1,33 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["round_tripper.go"],
+    importpath = "k8s.io/kubernetes/pkg/kubectl/util/transport",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//vendor/github.com/gregjones/httpcache:go_default_library",
+        "//vendor/github.com/gregjones/httpcache/diskcache:go_default_library",
+        "//vendor/github.com/peterbourgon/diskv:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["round_tripper_test.go"],
+    embed = [":go_default_library"],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/util/transport/round_tripper.go b/vendor/k8s.io/kubernetes/pkg/kubectl/util/transport/round_tripper.go
new file mode 100644
index 000000000000..82e3e502e5e4
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/util/transport/round_tripper.go
@@ -0,0 +1,51 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package transport provides a round tripper capable of caching HTTP responses.
+package transport
+
+import (
+	"net/http"
+	"path/filepath"
+
+	"github.com/gregjones/httpcache"
+	"github.com/gregjones/httpcache/diskcache"
+	"github.com/peterbourgon/diskv"
+)
+
+type cacheRoundTripper struct {
+	rt *httpcache.Transport
+}
+
+// NewCacheRoundTripper creates a roundtripper that reads the ETag on
+// response headers and send the If-None-Match header on subsequent
+// corresponding requests.
+func NewCacheRoundTripper(cacheDir string, rt http.RoundTripper) http.RoundTripper {
+	d := diskv.New(diskv.Options{
+		BasePath: cacheDir,
+		TempDir:  filepath.Join(cacheDir, ".diskv-temp"),
+	})
+	t := httpcache.NewTransport(diskcache.NewWithDiskv(d))
+	t.Transport = rt
+
+	return &cacheRoundTripper{rt: t}
+}
+
+func (rt *cacheRoundTripper) RoundTrip(req *http.Request) (*http.Response, error) {
+	return rt.rt.RoundTrip(req)
+}
+
+func (rt *cacheRoundTripper) WrappedRoundTripper() http.RoundTripper { return rt.rt.Transport }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/kubectl/validation/BUILD
index 0854e64950c2..5ab2958b41f6 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubectl/validation/BUILD
@@ -17,8 +17,7 @@ go_test(
     data = [
         ":testdata",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubectl/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/kubernetes/pkg/kubectl/versioned_client.go b/vendor/k8s.io/kubernetes/pkg/kubectl/versioned_client.go
deleted file mode 100644
index f381aed69d41..000000000000
--- a/vendor/k8s.io/kubernetes/pkg/kubectl/versioned_client.go
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
-Copyright 2016 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package kubectl
-
-import (
-	clientappsv1beta1 "k8s.io/client-go/kubernetes/typed/apps/v1beta1"
-	clientextensionsv1beta1 "k8s.io/client-go/kubernetes/typed/extensions/v1beta1"
-	internalclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
-)
-
-// TODO: get rid of this and plumb the caller correctly
-func versionedExtensionsClientV1beta1(internalClient internalclientset.Interface) clientextensionsv1beta1.ExtensionsV1beta1Interface {
-	if internalClient == nil {
-		return &clientextensionsv1beta1.ExtensionsV1beta1Client{}
-	}
-	return clientextensionsv1beta1.New(internalClient.Extensions().RESTClient())
-}
-
-// TODO: get rid of this and plumb the caller correctly
-func versionedAppsClientV1beta1(internalClient internalclientset.Interface) clientappsv1beta1.AppsV1beta1Interface {
-	if internalClient == nil {
-		return &clientappsv1beta1.AppsV1beta1Client{}
-	}
-	return clientappsv1beta1.New(internalClient.Apps().RESTClient())
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/BUILD
index 7fb535012420..f0230fbb113c 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/BUILD
@@ -36,16 +36,14 @@ go_library(
         "//pkg/apis/core/v1:go_default_library",
         "//pkg/apis/core/v1/helper:go_default_library",
         "//pkg/apis/core/v1/helper/qos:go_default_library",
-        "//pkg/apis/core/v1/validation:go_default_library",
         "//pkg/capabilities:go_default_library",
         "//pkg/cloudprovider:go_default_library",
         "//pkg/features:go_default_library",
         "//pkg/fieldpath:go_default_library",
         "//pkg/kubelet/apis:go_default_library",
         "//pkg/kubelet/apis/cri:go_default_library",
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//pkg/kubelet/apis/kubeletconfig:go_default_library",
-        "//pkg/kubelet/apis/kubeletconfig/v1alpha1:go_default_library",
         "//pkg/kubelet/cadvisor:go_default_library",
         "//pkg/kubelet/certificate:go_default_library",
         "//pkg/kubelet/cm:go_default_library",
@@ -63,7 +61,9 @@ go_library(
         "//pkg/kubelet/kubeletconfig:go_default_library",
         "//pkg/kubelet/kuberuntime:go_default_library",
         "//pkg/kubelet/lifecycle:go_default_library",
+        "//pkg/kubelet/logs:go_default_library",
         "//pkg/kubelet/metrics:go_default_library",
+        "//pkg/kubelet/metrics/collectors:go_default_library",
         "//pkg/kubelet/mountpod:go_default_library",
         "//pkg/kubelet/network:go_default_library",
         "//pkg/kubelet/network/dns:go_default_library",
@@ -89,6 +89,8 @@ go_library(
         "//pkg/kubelet/util/queue:go_default_library",
         "//pkg/kubelet/util/sliceutils:go_default_library",
         "//pkg/kubelet/volumemanager:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
+        "//pkg/scheduler/algorithm/predicates:go_default_library",
         "//pkg/security/apparmor:go_default_library",
         "//pkg/securitycontext:go_default_library",
         "//pkg/util/dbus:go_default_library",
@@ -103,10 +105,8 @@ go_library(
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
         "//pkg/volume/util/types:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
+        "//pkg/volume/util/volumepathhandler:go_default_library",
         "//pkg/volume/validation:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/predicates:go_default_library",
         "//third_party/forked/golang/expansion:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/golang/groupcache/lru:go_default_library",
@@ -126,7 +126,6 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/validation:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
@@ -159,20 +158,19 @@ go_test(
         "reason_cache_test.go",
         "runonce_test.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:windows": [
             "kubelet_pods_windows_test.go",
         ],
         "//conditions:default": [],
     }),
-    importpath = "k8s.io/kubernetes/pkg/kubelet",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core/install:go_default_library",
         "//pkg/capabilities:go_default_library",
         "//pkg/cloudprovider/providers/fake:go_default_library",
         "//pkg/kubelet/apis:go_default_library",
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//pkg/kubelet/apis/kubeletconfig:go_default_library",
         "//pkg/kubelet/cadvisor/testing:go_default_library",
         "//pkg/kubelet/cm:go_default_library",
@@ -184,6 +182,7 @@ go_test(
         "//pkg/kubelet/gpu:go_default_library",
         "//pkg/kubelet/images:go_default_library",
         "//pkg/kubelet/lifecycle:go_default_library",
+        "//pkg/kubelet/logs:go_default_library",
         "//pkg/kubelet/network:go_default_library",
         "//pkg/kubelet/network/testing:go_default_library",
         "//pkg/kubelet/pleg:go_default_library",
@@ -202,13 +201,13 @@ go_test(
         "//pkg/kubelet/util/queue:go_default_library",
         "//pkg/kubelet/util/sliceutils:go_default_library",
         "//pkg/kubelet/volumemanager:go_default_library",
+        "//pkg/scheduler/schedulercache:go_default_library",
         "//pkg/util/mount:go_default_library",
         "//pkg/version:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/host_path:go_default_library",
         "//pkg/volume/testing:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
-        "//plugin/pkg/scheduler/schedulercache:go_default_library",
+        "//pkg/volume/util:go_default_library",
         "//vendor/github.com/google/cadvisor/info/v1:go_default_library",
         "//vendor/github.com/google/cadvisor/info/v2:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
@@ -271,6 +270,7 @@ filegroup(
         "//pkg/kubelet/kuberuntime:all-srcs",
         "//pkg/kubelet/leaky:all-srcs",
         "//pkg/kubelet/lifecycle:all-srcs",
+        "//pkg/kubelet/logs:all-srcs",
         "//pkg/kubelet/metrics:all-srcs",
         "//pkg/kubelet/mountpod:all-srcs",
         "//pkg/kubelet/network:all-srcs",
@@ -281,7 +281,6 @@ filegroup(
         "//pkg/kubelet/qos:all-srcs",
         "//pkg/kubelet/remote:all-srcs",
         "//pkg/kubelet/rkt:all-srcs",
-        "//pkg/kubelet/rktshim:all-srcs",
         "//pkg/kubelet/secret:all-srcs",
         "//pkg/kubelet/server:all-srcs",
         "//pkg/kubelet/stats:all-srcs",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/BUILD
index 490bbd581f90..47cb8184ccb6 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/BUILD
@@ -10,8 +10,20 @@ go_library(
     srcs = [
         "well_known_annotations.go",
         "well_known_labels.go",
-    ],
+    ] + select({
+        "@io_bazel_rules_go//go/platform:windows": [
+            "well_known_annotations_windows.go",
+        ],
+        "//conditions:default": [],
+    }),
     importpath = "k8s.io/kubernetes/pkg/kubelet/apis",
+    deps = select({
+        "@io_bazel_rules_go//go/platform:windows": [
+            "//pkg/features:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
+        ],
+        "//conditions:default": [],
+    }),
 )
 
 filegroup(
@@ -27,6 +39,7 @@ filegroup(
         ":package-srcs",
         "//pkg/kubelet/apis/cri:all-srcs",
         "//pkg/kubelet/apis/deviceplugin/v1alpha:all-srcs",
+        "//pkg/kubelet/apis/deviceplugin/v1beta1:all-srcs",
         "//pkg/kubelet/apis/kubeletconfig:all-srcs",
         "//pkg/kubelet/apis/stats/v1alpha1:all-srcs",
     ],
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/BUILD
index 399cf489a3f9..de2fea67d2c0 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/BUILD
@@ -9,7 +9,7 @@ go_library(
     name = "go_default_library",
     srcs = ["services.go"],
     importpath = "k8s.io/kubernetes/pkg/kubelet/apis/cri",
-    deps = ["//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library"],
+    deps = ["//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library"],
 )
 
 filegroup(
@@ -23,8 +23,8 @@ filegroup(
     name = "all-srcs",
     srcs = [
         ":package-srcs",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:all-srcs",
         "//pkg/kubelet/apis/cri/testing:all-srcs",
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:all-srcs",
     ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2/BUILD
similarity index 88%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime/BUILD
rename to vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2/BUILD
index a2ed4b6686d8..6685cd128968 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2/BUILD
@@ -11,7 +11,7 @@ go_library(
         "api.pb.go",
         "constants.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime",
+    importpath = "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2",
     deps = [
         "//vendor/github.com/gogo/protobuf/gogoproto:go_default_library",
         "//vendor/github.com/gogo/protobuf/proto:go_default_library",
@@ -37,5 +37,4 @@ filegroup(
 filegroup(
     name = "go_default_library_protos",
     srcs = ["api.proto"],
-    visibility = ["//visibility:public"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime/api.pb.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2/api.pb.go
similarity index 89%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime/api.pb.go
rename to vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2/api.pb.go
index 9df3390c369d..82e5a5e5e3d5 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime/api.pb.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2/api.pb.go
@@ -19,7 +19,7 @@ limitations under the License.
 // DO NOT EDIT!
 
 /*
-	Package runtime is a generated protocol buffer package.
+	Package v1alpha2 is a generated protocol buffer package.
 
 	It is generated from these files:
 		api.proto
@@ -60,6 +60,8 @@ limitations under the License.
 		Capability
 		LinuxContainerSecurityContext
 		LinuxContainerConfig
+		WindowsContainerConfig
+		WindowsContainerResources
 		ContainerMetadata
 		Device
 		ContainerConfig
@@ -110,7 +112,7 @@ limitations under the License.
 		StatusResponse
 		ImageFsInfoRequest
 		UInt64Value
-		StorageIdentifier
+		FilesystemIdentifier
 		FilesystemUsage
 		ImageFsInfoResponse
 		ContainerStatsRequest
@@ -122,8 +124,10 @@ limitations under the License.
 		ContainerStats
 		CpuUsage
 		MemoryUsage
+		ReopenContainerLogRequest
+		ReopenContainerLogResponse
 */
-package runtime
+package v1alpha2
 
 import proto "github.com/gogo/protobuf/proto"
 import fmt "fmt"
@@ -201,6 +205,42 @@ func (x MountPropagation) String() string {
 }
 func (MountPropagation) EnumDescriptor() ([]byte, []int) { return fileDescriptorApi, []int{1} }
 
+// A NamespaceMode describes the intended namespace configuration for each
+// of the namespaces (Network, PID, IPC) in NamespaceOption. Runtimes should
+// map these modes as appropriate for the technology underlying the runtime.
+type NamespaceMode int32
+
+const (
+	// A POD namespace is common to all containers in a pod.
+	// For example, a container with a PID namespace of POD expects to view
+	// all of the processes in all of the containers in the pod.
+	NamespaceMode_POD NamespaceMode = 0
+	// A CONTAINER namespace is restricted to a single container.
+	// For example, a container with a PID namespace of CONTAINER expects to
+	// view only the processes in that container.
+	NamespaceMode_CONTAINER NamespaceMode = 1
+	// A NODE namespace is the namespace of the Kubernetes node.
+	// For example, a container with a PID namespace of NODE expects to view
+	// all of the processes on the host running the kubelet.
+	NamespaceMode_NODE NamespaceMode = 2
+)
+
+var NamespaceMode_name = map[int32]string{
+	0: "POD",
+	1: "CONTAINER",
+	2: "NODE",
+}
+var NamespaceMode_value = map[string]int32{
+	"POD":       0,
+	"CONTAINER": 1,
+	"NODE":      2,
+}
+
+func (x NamespaceMode) String() string {
+	return proto.EnumName(NamespaceMode_name, int32(x))
+}
+func (NamespaceMode) EnumDescriptor() ([]byte, []int) { return fileDescriptorApi, []int{2} }
+
 type PodSandboxState int32
 
 const (
@@ -220,7 +260,7 @@ var PodSandboxState_value = map[string]int32{
 func (x PodSandboxState) String() string {
 	return proto.EnumName(PodSandboxState_name, int32(x))
 }
-func (PodSandboxState) EnumDescriptor() ([]byte, []int) { return fileDescriptorApi, []int{2} }
+func (PodSandboxState) EnumDescriptor() ([]byte, []int) { return fileDescriptorApi, []int{3} }
 
 type ContainerState int32
 
@@ -247,7 +287,7 @@ var ContainerState_value = map[string]int32{
 func (x ContainerState) String() string {
 	return proto.EnumName(ContainerState_name, int32(x))
 }
-func (ContainerState) EnumDescriptor() ([]byte, []int) { return fileDescriptorApi, []int{3} }
+func (ContainerState) EnumDescriptor() ([]byte, []int) { return fileDescriptorApi, []int{4} }
 
 type VersionRequest struct {
 	// Version of the kubelet runtime API.
@@ -349,7 +389,7 @@ func (m *DNSConfig) GetOptions() []string {
 // PortMapping specifies the port mapping configurations of a sandbox.
 type PortMapping struct {
 	// Protocol of the port mapping.
-	Protocol Protocol `protobuf:"varint,1,opt,name=protocol,proto3,enum=runtime.Protocol" json:"protocol,omitempty"`
+	Protocol Protocol `protobuf:"varint,1,opt,name=protocol,proto3,enum=runtime.v1alpha2.Protocol" json:"protocol,omitempty"`
 	// Port number within the container. Default: 0 (not specified).
 	ContainerPort int32 `protobuf:"varint,2,opt,name=container_port,json=containerPort,proto3" json:"container_port,omitempty"`
 	// Port number on the host. Default: 0 (not specified).
@@ -401,7 +441,7 @@ type Mount struct {
 	// If set, the mount needs SELinux relabeling.
 	SelinuxRelabel bool `protobuf:"varint,4,opt,name=selinux_relabel,json=selinuxRelabel,proto3" json:"selinux_relabel,omitempty"`
 	// Requested propagation mode.
-	Propagation MountPropagation `protobuf:"varint,5,opt,name=propagation,proto3,enum=runtime.MountPropagation" json:"propagation,omitempty"`
+	Propagation MountPropagation `protobuf:"varint,5,opt,name=propagation,proto3,enum=runtime.v1alpha2.MountPropagation" json:"propagation,omitempty"`
 }
 
 func (m *Mount) Reset()                    { *m = Mount{} }
@@ -445,37 +485,44 @@ func (m *Mount) GetPropagation() MountPropagation {
 
 // NamespaceOption provides options for Linux namespaces.
 type NamespaceOption struct {
-	// If set, use the host's network namespace.
-	HostNetwork bool `protobuf:"varint,1,opt,name=host_network,json=hostNetwork,proto3" json:"host_network,omitempty"`
-	// If set, use the host's PID namespace.
-	HostPid bool `protobuf:"varint,2,opt,name=host_pid,json=hostPid,proto3" json:"host_pid,omitempty"`
-	// If set, use the host's IPC namespace.
-	HostIpc bool `protobuf:"varint,3,opt,name=host_ipc,json=hostIpc,proto3" json:"host_ipc,omitempty"`
+	// Network namespace for this container/sandbox.
+	// Note: There is currently no way to set CONTAINER scoped network in the Kubernetes API.
+	// Namespaces currently set by the kubelet: POD, NODE
+	Network NamespaceMode `protobuf:"varint,1,opt,name=network,proto3,enum=runtime.v1alpha2.NamespaceMode" json:"network,omitempty"`
+	// PID namespace for this container/sandbox.
+	// Note: The CRI default is POD, but the v1.PodSpec default is CONTAINER.
+	// The kubelet's runtime manager will set this to CONTAINER explicitly for v1 pods.
+	// Namespaces currently set by the kubelet: POD, CONTAINER, NODE
+	Pid NamespaceMode `protobuf:"varint,2,opt,name=pid,proto3,enum=runtime.v1alpha2.NamespaceMode" json:"pid,omitempty"`
+	// IPC namespace for this container/sandbox.
+	// Note: There is currently no way to set CONTAINER scoped IPC in the Kubernetes API.
+	// Namespaces currently set by the kubelet: POD, NODE
+	Ipc NamespaceMode `protobuf:"varint,3,opt,name=ipc,proto3,enum=runtime.v1alpha2.NamespaceMode" json:"ipc,omitempty"`
 }
 
 func (m *NamespaceOption) Reset()                    { *m = NamespaceOption{} }
 func (*NamespaceOption) ProtoMessage()               {}
 func (*NamespaceOption) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{5} }
 
-func (m *NamespaceOption) GetHostNetwork() bool {
+func (m *NamespaceOption) GetNetwork() NamespaceMode {
 	if m != nil {
-		return m.HostNetwork
+		return m.Network
 	}
-	return false
+	return NamespaceMode_POD
 }
 
-func (m *NamespaceOption) GetHostPid() bool {
+func (m *NamespaceOption) GetPid() NamespaceMode {
 	if m != nil {
-		return m.HostPid
+		return m.Pid
 	}
-	return false
+	return NamespaceMode_POD
 }
 
-func (m *NamespaceOption) GetHostIpc() bool {
+func (m *NamespaceOption) GetIpc() NamespaceMode {
 	if m != nil {
-		return m.HostIpc
+		return m.Ipc
 	}
-	return false
+	return NamespaceMode_POD
 }
 
 // Int64Value is the wrapper of int64.
@@ -508,6 +555,8 @@ type LinuxSandboxSecurityContext struct {
 	SelinuxOptions *SELinuxOption `protobuf:"bytes,2,opt,name=selinux_options,json=selinuxOptions" json:"selinux_options,omitempty"`
 	// UID to run sandbox processes as, when applicable.
 	RunAsUser *Int64Value `protobuf:"bytes,3,opt,name=run_as_user,json=runAsUser" json:"run_as_user,omitempty"`
+	// GID to run sandbox processes as, when applicable.
+	RunAsGroup *Int64Value `protobuf:"bytes,8,opt,name=run_as_group,json=runAsGroup" json:"run_as_group,omitempty"`
 	// If set, the root filesystem of the sandbox is read-only.
 	ReadonlyRootfs bool `protobuf:"varint,4,opt,name=readonly_rootfs,json=readonlyRootfs,proto3" json:"readonly_rootfs,omitempty"`
 	// List of groups applied to the first process run in the sandbox, in
@@ -553,6 +602,13 @@ func (m *LinuxSandboxSecurityContext) GetRunAsUser() *Int64Value {
 	return nil
 }
 
+func (m *LinuxSandboxSecurityContext) GetRunAsGroup() *Int64Value {
+	if m != nil {
+		return m.RunAsGroup
+	}
+	return nil
+}
+
 func (m *LinuxSandboxSecurityContext) GetReadonlyRootfs() bool {
 	if m != nil {
 		return m.ReadonlyRootfs
@@ -940,7 +996,7 @@ type PodSandboxStatus struct {
 	// Metadata of the sandbox.
 	Metadata *PodSandboxMetadata `protobuf:"bytes,2,opt,name=metadata" json:"metadata,omitempty"`
 	// State of the sandbox.
-	State PodSandboxState `protobuf:"varint,3,opt,name=state,proto3,enum=runtime.PodSandboxState" json:"state,omitempty"`
+	State PodSandboxState `protobuf:"varint,3,opt,name=state,proto3,enum=runtime.v1alpha2.PodSandboxState" json:"state,omitempty"`
 	// Creation timestamp of the sandbox in nanoseconds. Must be > 0.
 	CreatedAt int64 `protobuf:"varint,4,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
 	// Network contains network status if network is handled by the runtime.
@@ -1019,7 +1075,7 @@ func (m *PodSandboxStatus) GetAnnotations() map[string]string {
 type PodSandboxStatusResponse struct {
 	// Status of the PodSandbox.
 	Status *PodSandboxStatus `protobuf:"bytes,1,opt,name=status" json:"status,omitempty"`
-	// Info is extra information of the PodSandbox. The key could be abitrary string, and
+	// Info is extra information of the PodSandbox. The key could be arbitrary string, and
 	// value should be in json format. The information could include anything useful for
 	// debug, e.g. network namespace for linux container based container runtime.
 	// It should only be returned non-empty when Verbose is true.
@@ -1047,7 +1103,7 @@ func (m *PodSandboxStatusResponse) GetInfo() map[string]string {
 // PodSandboxStateValue is the wrapper of PodSandboxState.
 type PodSandboxStateValue struct {
 	// State of the sandbox.
-	State PodSandboxState `protobuf:"varint,1,opt,name=state,proto3,enum=runtime.PodSandboxState" json:"state,omitempty"`
+	State PodSandboxState `protobuf:"varint,1,opt,name=state,proto3,enum=runtime.v1alpha2.PodSandboxState" json:"state,omitempty"`
 }
 
 func (m *PodSandboxStateValue) Reset()                    { *m = PodSandboxStateValue{} }
@@ -1122,7 +1178,7 @@ type PodSandbox struct {
 	// Metadata of the PodSandbox.
 	Metadata *PodSandboxMetadata `protobuf:"bytes,2,opt,name=metadata" json:"metadata,omitempty"`
 	// State of the PodSandbox.
-	State PodSandboxState `protobuf:"varint,3,opt,name=state,proto3,enum=runtime.PodSandboxState" json:"state,omitempty"`
+	State PodSandboxState `protobuf:"varint,3,opt,name=state,proto3,enum=runtime.v1alpha2.PodSandboxState" json:"state,omitempty"`
 	// Creation timestamps of the PodSandbox in nanoseconds. Must be > 0.
 	CreatedAt int64 `protobuf:"varint,4,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
 	// Labels of the PodSandbox.
@@ -1407,6 +1463,9 @@ type LinuxContainerSecurityContext struct {
 	// UID to run the container process as. Only one of run_as_user and
 	// run_as_username can be specified at a time.
 	RunAsUser *Int64Value `protobuf:"bytes,5,opt,name=run_as_user,json=runAsUser" json:"run_as_user,omitempty"`
+	// GID to run the container process as. Only one of run_as_group and
+	// run_as_groupname can be specified at a time.
+	RunAsGroup *Int64Value `protobuf:"bytes,12,opt,name=run_as_group,json=runAsGroup" json:"run_as_group,omitempty"`
 	// User name to run the container process as. If specified, the user MUST
 	// exist in the container image (i.e. in the /etc/passwd inside the image),
 	// and be resolved there by the runtime; otherwise, the runtime MUST error.
@@ -1476,6 +1535,13 @@ func (m *LinuxContainerSecurityContext) GetRunAsUser() *Int64Value {
 	return nil
 }
 
+func (m *LinuxContainerSecurityContext) GetRunAsGroup() *Int64Value {
+	if m != nil {
+		return m.RunAsGroup
+	}
+	return nil
+}
+
 func (m *LinuxContainerSecurityContext) GetRunAsUsername() string {
 	if m != nil {
 		return m.RunAsUsername
@@ -1545,6 +1611,69 @@ func (m *LinuxContainerConfig) GetSecurityContext() *LinuxContainerSecurityConte
 	return nil
 }
 
+// WindowsContainerConfig contains platform-specific configuration for
+// Windows-based containers.
+type WindowsContainerConfig struct {
+	// Resources specification for the container.
+	Resources *WindowsContainerResources `protobuf:"bytes,1,opt,name=resources" json:"resources,omitempty"`
+}
+
+func (m *WindowsContainerConfig) Reset()                    { *m = WindowsContainerConfig{} }
+func (*WindowsContainerConfig) ProtoMessage()               {}
+func (*WindowsContainerConfig) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{35} }
+
+func (m *WindowsContainerConfig) GetResources() *WindowsContainerResources {
+	if m != nil {
+		return m.Resources
+	}
+	return nil
+}
+
+// WindowsContainerResources specifies Windows specific configuration for
+// resources.
+type WindowsContainerResources struct {
+	// CPU shares (relative weight vs. other containers). Default: 0 (not specified).
+	CpuShares int64 `protobuf:"varint,1,opt,name=cpu_shares,json=cpuShares,proto3" json:"cpu_shares,omitempty"`
+	// Number of CPUs available to the container. Default: 0 (not specified).
+	CpuCount int64 `protobuf:"varint,2,opt,name=cpu_count,json=cpuCount,proto3" json:"cpu_count,omitempty"`
+	// Specifies the portion of processor cycles that this container can use as a percentage times 100.
+	CpuMaximum int64 `protobuf:"varint,3,opt,name=cpu_maximum,json=cpuMaximum,proto3" json:"cpu_maximum,omitempty"`
+	// Memory limit in bytes. Default: 0 (not specified).
+	MemoryLimitInBytes int64 `protobuf:"varint,4,opt,name=memory_limit_in_bytes,json=memoryLimitInBytes,proto3" json:"memory_limit_in_bytes,omitempty"`
+}
+
+func (m *WindowsContainerResources) Reset()                    { *m = WindowsContainerResources{} }
+func (*WindowsContainerResources) ProtoMessage()               {}
+func (*WindowsContainerResources) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{36} }
+
+func (m *WindowsContainerResources) GetCpuShares() int64 {
+	if m != nil {
+		return m.CpuShares
+	}
+	return 0
+}
+
+func (m *WindowsContainerResources) GetCpuCount() int64 {
+	if m != nil {
+		return m.CpuCount
+	}
+	return 0
+}
+
+func (m *WindowsContainerResources) GetCpuMaximum() int64 {
+	if m != nil {
+		return m.CpuMaximum
+	}
+	return 0
+}
+
+func (m *WindowsContainerResources) GetMemoryLimitInBytes() int64 {
+	if m != nil {
+		return m.MemoryLimitInBytes
+	}
+	return 0
+}
+
 // ContainerMetadata holds all necessary information for building the container
 // name. The container runtime is encouraged to expose the metadata in its user
 // interface for better user experience. E.g., runtime can construct a unique
@@ -1559,7 +1688,7 @@ type ContainerMetadata struct {
 
 func (m *ContainerMetadata) Reset()                    { *m = ContainerMetadata{} }
 func (*ContainerMetadata) ProtoMessage()               {}
-func (*ContainerMetadata) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{35} }
+func (*ContainerMetadata) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{37} }
 
 func (m *ContainerMetadata) GetName() string {
 	if m != nil {
@@ -1590,7 +1719,7 @@ type Device struct {
 
 func (m *Device) Reset()                    { *m = Device{} }
 func (*Device) ProtoMessage()               {}
-func (*Device) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{36} }
+func (*Device) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{38} }
 
 func (m *Device) GetContainerPath() string {
 	if m != nil {
@@ -1673,11 +1802,13 @@ type ContainerConfig struct {
 	Tty       bool `protobuf:"varint,14,opt,name=tty,proto3" json:"tty,omitempty"`
 	// Configuration specific to Linux containers.
 	Linux *LinuxContainerConfig `protobuf:"bytes,15,opt,name=linux" json:"linux,omitempty"`
+	// Configuration specific to Windows containers.
+	Windows *WindowsContainerConfig `protobuf:"bytes,16,opt,name=windows" json:"windows,omitempty"`
 }
 
 func (m *ContainerConfig) Reset()                    { *m = ContainerConfig{} }
 func (*ContainerConfig) ProtoMessage()               {}
-func (*ContainerConfig) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{37} }
+func (*ContainerConfig) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{39} }
 
 func (m *ContainerConfig) GetMetadata() *ContainerMetadata {
 	if m != nil {
@@ -1784,6 +1915,13 @@ func (m *ContainerConfig) GetLinux() *LinuxContainerConfig {
 	return nil
 }
 
+func (m *ContainerConfig) GetWindows() *WindowsContainerConfig {
+	if m != nil {
+		return m.Windows
+	}
+	return nil
+}
+
 type CreateContainerRequest struct {
 	// ID of the PodSandbox in which the container should be created.
 	PodSandboxId string `protobuf:"bytes,1,opt,name=pod_sandbox_id,json=podSandboxId,proto3" json:"pod_sandbox_id,omitempty"`
@@ -1798,7 +1936,7 @@ type CreateContainerRequest struct {
 
 func (m *CreateContainerRequest) Reset()                    { *m = CreateContainerRequest{} }
 func (*CreateContainerRequest) ProtoMessage()               {}
-func (*CreateContainerRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{38} }
+func (*CreateContainerRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{40} }
 
 func (m *CreateContainerRequest) GetPodSandboxId() string {
 	if m != nil {
@@ -1828,7 +1966,7 @@ type CreateContainerResponse struct {
 
 func (m *CreateContainerResponse) Reset()                    { *m = CreateContainerResponse{} }
 func (*CreateContainerResponse) ProtoMessage()               {}
-func (*CreateContainerResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{39} }
+func (*CreateContainerResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{41} }
 
 func (m *CreateContainerResponse) GetContainerId() string {
 	if m != nil {
@@ -1844,7 +1982,7 @@ type StartContainerRequest struct {
 
 func (m *StartContainerRequest) Reset()                    { *m = StartContainerRequest{} }
 func (*StartContainerRequest) ProtoMessage()               {}
-func (*StartContainerRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{40} }
+func (*StartContainerRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{42} }
 
 func (m *StartContainerRequest) GetContainerId() string {
 	if m != nil {
@@ -1858,7 +1996,7 @@ type StartContainerResponse struct {
 
 func (m *StartContainerResponse) Reset()                    { *m = StartContainerResponse{} }
 func (*StartContainerResponse) ProtoMessage()               {}
-func (*StartContainerResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{41} }
+func (*StartContainerResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{43} }
 
 type StopContainerRequest struct {
 	// ID of the container to stop.
@@ -1870,7 +2008,7 @@ type StopContainerRequest struct {
 
 func (m *StopContainerRequest) Reset()                    { *m = StopContainerRequest{} }
 func (*StopContainerRequest) ProtoMessage()               {}
-func (*StopContainerRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{42} }
+func (*StopContainerRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{44} }
 
 func (m *StopContainerRequest) GetContainerId() string {
 	if m != nil {
@@ -1891,7 +2029,7 @@ type StopContainerResponse struct {
 
 func (m *StopContainerResponse) Reset()                    { *m = StopContainerResponse{} }
 func (*StopContainerResponse) ProtoMessage()               {}
-func (*StopContainerResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{43} }
+func (*StopContainerResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{45} }
 
 type RemoveContainerRequest struct {
 	// ID of the container to remove.
@@ -1900,7 +2038,7 @@ type RemoveContainerRequest struct {
 
 func (m *RemoveContainerRequest) Reset()                    { *m = RemoveContainerRequest{} }
 func (*RemoveContainerRequest) ProtoMessage()               {}
-func (*RemoveContainerRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{44} }
+func (*RemoveContainerRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{46} }
 
 func (m *RemoveContainerRequest) GetContainerId() string {
 	if m != nil {
@@ -1914,17 +2052,17 @@ type RemoveContainerResponse struct {
 
 func (m *RemoveContainerResponse) Reset()                    { *m = RemoveContainerResponse{} }
 func (*RemoveContainerResponse) ProtoMessage()               {}
-func (*RemoveContainerResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{45} }
+func (*RemoveContainerResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{47} }
 
 // ContainerStateValue is the wrapper of ContainerState.
 type ContainerStateValue struct {
 	// State of the container.
-	State ContainerState `protobuf:"varint,1,opt,name=state,proto3,enum=runtime.ContainerState" json:"state,omitempty"`
+	State ContainerState `protobuf:"varint,1,opt,name=state,proto3,enum=runtime.v1alpha2.ContainerState" json:"state,omitempty"`
 }
 
 func (m *ContainerStateValue) Reset()                    { *m = ContainerStateValue{} }
 func (*ContainerStateValue) ProtoMessage()               {}
-func (*ContainerStateValue) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{46} }
+func (*ContainerStateValue) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{48} }
 
 func (m *ContainerStateValue) GetState() ContainerState {
 	if m != nil {
@@ -1950,7 +2088,7 @@ type ContainerFilter struct {
 
 func (m *ContainerFilter) Reset()                    { *m = ContainerFilter{} }
 func (*ContainerFilter) ProtoMessage()               {}
-func (*ContainerFilter) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{47} }
+func (*ContainerFilter) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{49} }
 
 func (m *ContainerFilter) GetId() string {
 	if m != nil {
@@ -1986,7 +2124,7 @@ type ListContainersRequest struct {
 
 func (m *ListContainersRequest) Reset()                    { *m = ListContainersRequest{} }
 func (*ListContainersRequest) ProtoMessage()               {}
-func (*ListContainersRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{48} }
+func (*ListContainersRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{50} }
 
 func (m *ListContainersRequest) GetFilter() *ContainerFilter {
 	if m != nil {
@@ -2011,7 +2149,7 @@ type Container struct {
 	// image ID.
 	ImageRef string `protobuf:"bytes,5,opt,name=image_ref,json=imageRef,proto3" json:"image_ref,omitempty"`
 	// State of the container.
-	State ContainerState `protobuf:"varint,6,opt,name=state,proto3,enum=runtime.ContainerState" json:"state,omitempty"`
+	State ContainerState `protobuf:"varint,6,opt,name=state,proto3,enum=runtime.v1alpha2.ContainerState" json:"state,omitempty"`
 	// Creation time of the container in nanoseconds.
 	CreatedAt int64 `protobuf:"varint,7,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
 	// Key-value pairs that may be used to scope and select individual resources.
@@ -2025,7 +2163,7 @@ type Container struct {
 
 func (m *Container) Reset()                    { *m = Container{} }
 func (*Container) ProtoMessage()               {}
-func (*Container) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{49} }
+func (*Container) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{51} }
 
 func (m *Container) GetId() string {
 	if m != nil {
@@ -2097,7 +2235,7 @@ type ListContainersResponse struct {
 
 func (m *ListContainersResponse) Reset()                    { *m = ListContainersResponse{} }
 func (*ListContainersResponse) ProtoMessage()               {}
-func (*ListContainersResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{50} }
+func (*ListContainersResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{52} }
 
 func (m *ListContainersResponse) GetContainers() []*Container {
 	if m != nil {
@@ -2115,7 +2253,7 @@ type ContainerStatusRequest struct {
 
 func (m *ContainerStatusRequest) Reset()                    { *m = ContainerStatusRequest{} }
 func (*ContainerStatusRequest) ProtoMessage()               {}
-func (*ContainerStatusRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{51} }
+func (*ContainerStatusRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{53} }
 
 func (m *ContainerStatusRequest) GetContainerId() string {
 	if m != nil {
@@ -2138,7 +2276,7 @@ type ContainerStatus struct {
 	// Metadata of the container.
 	Metadata *ContainerMetadata `protobuf:"bytes,2,opt,name=metadata" json:"metadata,omitempty"`
 	// Status of the container.
-	State ContainerState `protobuf:"varint,3,opt,name=state,proto3,enum=runtime.ContainerState" json:"state,omitempty"`
+	State ContainerState `protobuf:"varint,3,opt,name=state,proto3,enum=runtime.v1alpha2.ContainerState" json:"state,omitempty"`
 	// Creation time of the container in nanoseconds.
 	CreatedAt int64 `protobuf:"varint,4,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
 	// Start time of the container in nanoseconds. Default: 0 (not specified).
@@ -2172,7 +2310,7 @@ type ContainerStatus struct {
 
 func (m *ContainerStatus) Reset()                    { *m = ContainerStatus{} }
 func (*ContainerStatus) ProtoMessage()               {}
-func (*ContainerStatus) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{52} }
+func (*ContainerStatus) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{54} }
 
 func (m *ContainerStatus) GetId() string {
 	if m != nil {
@@ -2282,7 +2420,7 @@ func (m *ContainerStatus) GetLogPath() string {
 type ContainerStatusResponse struct {
 	// Status of the container.
 	Status *ContainerStatus `protobuf:"bytes,1,opt,name=status" json:"status,omitempty"`
-	// Info is extra information of the Container. The key could be abitrary string, and
+	// Info is extra information of the Container. The key could be arbitrary string, and
 	// value should be in json format. The information could include anything useful for
 	// debug, e.g. pid for linux container based container runtime.
 	// It should only be returned non-empty when Verbose is true.
@@ -2291,7 +2429,7 @@ type ContainerStatusResponse struct {
 
 func (m *ContainerStatusResponse) Reset()                    { *m = ContainerStatusResponse{} }
 func (*ContainerStatusResponse) ProtoMessage()               {}
-func (*ContainerStatusResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{53} }
+func (*ContainerStatusResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{55} }
 
 func (m *ContainerStatusResponse) GetStatus() *ContainerStatus {
 	if m != nil {
@@ -2317,7 +2455,7 @@ type UpdateContainerResourcesRequest struct {
 func (m *UpdateContainerResourcesRequest) Reset()      { *m = UpdateContainerResourcesRequest{} }
 func (*UpdateContainerResourcesRequest) ProtoMessage() {}
 func (*UpdateContainerResourcesRequest) Descriptor() ([]byte, []int) {
-	return fileDescriptorApi, []int{54}
+	return fileDescriptorApi, []int{56}
 }
 
 func (m *UpdateContainerResourcesRequest) GetContainerId() string {
@@ -2340,7 +2478,7 @@ type UpdateContainerResourcesResponse struct {
 func (m *UpdateContainerResourcesResponse) Reset()      { *m = UpdateContainerResourcesResponse{} }
 func (*UpdateContainerResourcesResponse) ProtoMessage() {}
 func (*UpdateContainerResourcesResponse) Descriptor() ([]byte, []int) {
-	return fileDescriptorApi, []int{55}
+	return fileDescriptorApi, []int{57}
 }
 
 type ExecSyncRequest struct {
@@ -2354,7 +2492,7 @@ type ExecSyncRequest struct {
 
 func (m *ExecSyncRequest) Reset()                    { *m = ExecSyncRequest{} }
 func (*ExecSyncRequest) ProtoMessage()               {}
-func (*ExecSyncRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{56} }
+func (*ExecSyncRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{58} }
 
 func (m *ExecSyncRequest) GetContainerId() string {
 	if m != nil {
@@ -2388,7 +2526,7 @@ type ExecSyncResponse struct {
 
 func (m *ExecSyncResponse) Reset()                    { *m = ExecSyncResponse{} }
 func (*ExecSyncResponse) ProtoMessage()               {}
-func (*ExecSyncResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{57} }
+func (*ExecSyncResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{59} }
 
 func (m *ExecSyncResponse) GetStdout() []byte {
 	if m != nil {
@@ -2434,7 +2572,7 @@ type ExecRequest struct {
 
 func (m *ExecRequest) Reset()                    { *m = ExecRequest{} }
 func (*ExecRequest) ProtoMessage()               {}
-func (*ExecRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{58} }
+func (*ExecRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{60} }
 
 func (m *ExecRequest) GetContainerId() string {
 	if m != nil {
@@ -2485,7 +2623,7 @@ type ExecResponse struct {
 
 func (m *ExecResponse) Reset()                    { *m = ExecResponse{} }
 func (*ExecResponse) ProtoMessage()               {}
-func (*ExecResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{59} }
+func (*ExecResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{61} }
 
 func (m *ExecResponse) GetUrl() string {
 	if m != nil {
@@ -2516,7 +2654,7 @@ type AttachRequest struct {
 
 func (m *AttachRequest) Reset()                    { *m = AttachRequest{} }
 func (*AttachRequest) ProtoMessage()               {}
-func (*AttachRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{60} }
+func (*AttachRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{62} }
 
 func (m *AttachRequest) GetContainerId() string {
 	if m != nil {
@@ -2560,7 +2698,7 @@ type AttachResponse struct {
 
 func (m *AttachResponse) Reset()                    { *m = AttachResponse{} }
 func (*AttachResponse) ProtoMessage()               {}
-func (*AttachResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{61} }
+func (*AttachResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{63} }
 
 func (m *AttachResponse) GetUrl() string {
 	if m != nil {
@@ -2578,7 +2716,7 @@ type PortForwardRequest struct {
 
 func (m *PortForwardRequest) Reset()                    { *m = PortForwardRequest{} }
 func (*PortForwardRequest) ProtoMessage()               {}
-func (*PortForwardRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{62} }
+func (*PortForwardRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{64} }
 
 func (m *PortForwardRequest) GetPodSandboxId() string {
 	if m != nil {
@@ -2601,7 +2739,7 @@ type PortForwardResponse struct {
 
 func (m *PortForwardResponse) Reset()                    { *m = PortForwardResponse{} }
 func (*PortForwardResponse) ProtoMessage()               {}
-func (*PortForwardResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{63} }
+func (*PortForwardResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{65} }
 
 func (m *PortForwardResponse) GetUrl() string {
 	if m != nil {
@@ -2617,7 +2755,7 @@ type ImageFilter struct {
 
 func (m *ImageFilter) Reset()                    { *m = ImageFilter{} }
 func (*ImageFilter) ProtoMessage()               {}
-func (*ImageFilter) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{64} }
+func (*ImageFilter) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{66} }
 
 func (m *ImageFilter) GetImage() *ImageSpec {
 	if m != nil {
@@ -2633,7 +2771,7 @@ type ListImagesRequest struct {
 
 func (m *ListImagesRequest) Reset()                    { *m = ListImagesRequest{} }
 func (*ListImagesRequest) ProtoMessage()               {}
-func (*ListImagesRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{65} }
+func (*ListImagesRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{67} }
 
 func (m *ListImagesRequest) GetFilter() *ImageFilter {
 	if m != nil {
@@ -2663,7 +2801,7 @@ type Image struct {
 
 func (m *Image) Reset()                    { *m = Image{} }
 func (*Image) ProtoMessage()               {}
-func (*Image) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{66} }
+func (*Image) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{68} }
 
 func (m *Image) GetId() string {
 	if m != nil {
@@ -2714,7 +2852,7 @@ type ListImagesResponse struct {
 
 func (m *ListImagesResponse) Reset()                    { *m = ListImagesResponse{} }
 func (*ListImagesResponse) ProtoMessage()               {}
-func (*ListImagesResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{67} }
+func (*ListImagesResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{69} }
 
 func (m *ListImagesResponse) GetImages() []*Image {
 	if m != nil {
@@ -2732,7 +2870,7 @@ type ImageStatusRequest struct {
 
 func (m *ImageStatusRequest) Reset()                    { *m = ImageStatusRequest{} }
 func (*ImageStatusRequest) ProtoMessage()               {}
-func (*ImageStatusRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{68} }
+func (*ImageStatusRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{70} }
 
 func (m *ImageStatusRequest) GetImage() *ImageSpec {
 	if m != nil {
@@ -2751,7 +2889,7 @@ func (m *ImageStatusRequest) GetVerbose() bool {
 type ImageStatusResponse struct {
 	// Status of the image.
 	Image *Image `protobuf:"bytes,1,opt,name=image" json:"image,omitempty"`
-	// Info is extra information of the Image. The key could be abitrary string, and
+	// Info is extra information of the Image. The key could be arbitrary string, and
 	// value should be in json format. The information could include anything useful
 	// for debug, e.g. image config for oci image based container runtime.
 	// It should only be returned non-empty when Verbose is true.
@@ -2760,7 +2898,7 @@ type ImageStatusResponse struct {
 
 func (m *ImageStatusResponse) Reset()                    { *m = ImageStatusResponse{} }
 func (*ImageStatusResponse) ProtoMessage()               {}
-func (*ImageStatusResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{69} }
+func (*ImageStatusResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{71} }
 
 func (m *ImageStatusResponse) GetImage() *Image {
 	if m != nil {
@@ -2791,7 +2929,7 @@ type AuthConfig struct {
 
 func (m *AuthConfig) Reset()                    { *m = AuthConfig{} }
 func (*AuthConfig) ProtoMessage()               {}
-func (*AuthConfig) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{70} }
+func (*AuthConfig) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{72} }
 
 func (m *AuthConfig) GetUsername() string {
 	if m != nil {
@@ -2846,7 +2984,7 @@ type PullImageRequest struct {
 
 func (m *PullImageRequest) Reset()                    { *m = PullImageRequest{} }
 func (*PullImageRequest) ProtoMessage()               {}
-func (*PullImageRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{71} }
+func (*PullImageRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{73} }
 
 func (m *PullImageRequest) GetImage() *ImageSpec {
 	if m != nil {
@@ -2877,7 +3015,7 @@ type PullImageResponse struct {
 
 func (m *PullImageResponse) Reset()                    { *m = PullImageResponse{} }
 func (*PullImageResponse) ProtoMessage()               {}
-func (*PullImageResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{72} }
+func (*PullImageResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{74} }
 
 func (m *PullImageResponse) GetImageRef() string {
 	if m != nil {
@@ -2893,7 +3031,7 @@ type RemoveImageRequest struct {
 
 func (m *RemoveImageRequest) Reset()                    { *m = RemoveImageRequest{} }
 func (*RemoveImageRequest) ProtoMessage()               {}
-func (*RemoveImageRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{73} }
+func (*RemoveImageRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{75} }
 
 func (m *RemoveImageRequest) GetImage() *ImageSpec {
 	if m != nil {
@@ -2907,7 +3045,7 @@ type RemoveImageResponse struct {
 
 func (m *RemoveImageResponse) Reset()                    { *m = RemoveImageResponse{} }
 func (*RemoveImageResponse) ProtoMessage()               {}
-func (*RemoveImageResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{74} }
+func (*RemoveImageResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{76} }
 
 type NetworkConfig struct {
 	// CIDR to use for pod IP addresses.
@@ -2916,7 +3054,7 @@ type NetworkConfig struct {
 
 func (m *NetworkConfig) Reset()                    { *m = NetworkConfig{} }
 func (*NetworkConfig) ProtoMessage()               {}
-func (*NetworkConfig) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{75} }
+func (*NetworkConfig) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{77} }
 
 func (m *NetworkConfig) GetPodCidr() string {
 	if m != nil {
@@ -2931,7 +3069,7 @@ type RuntimeConfig struct {
 
 func (m *RuntimeConfig) Reset()                    { *m = RuntimeConfig{} }
 func (*RuntimeConfig) ProtoMessage()               {}
-func (*RuntimeConfig) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{76} }
+func (*RuntimeConfig) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{78} }
 
 func (m *RuntimeConfig) GetNetworkConfig() *NetworkConfig {
 	if m != nil {
@@ -2946,7 +3084,7 @@ type UpdateRuntimeConfigRequest struct {
 
 func (m *UpdateRuntimeConfigRequest) Reset()                    { *m = UpdateRuntimeConfigRequest{} }
 func (*UpdateRuntimeConfigRequest) ProtoMessage()               {}
-func (*UpdateRuntimeConfigRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{77} }
+func (*UpdateRuntimeConfigRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{79} }
 
 func (m *UpdateRuntimeConfigRequest) GetRuntimeConfig() *RuntimeConfig {
 	if m != nil {
@@ -2960,7 +3098,7 @@ type UpdateRuntimeConfigResponse struct {
 
 func (m *UpdateRuntimeConfigResponse) Reset()                    { *m = UpdateRuntimeConfigResponse{} }
 func (*UpdateRuntimeConfigResponse) ProtoMessage()               {}
-func (*UpdateRuntimeConfigResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{78} }
+func (*UpdateRuntimeConfigResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{80} }
 
 // RuntimeCondition contains condition information for the runtime.
 // There are 2 kinds of runtime conditions:
@@ -2988,7 +3126,7 @@ type RuntimeCondition struct {
 
 func (m *RuntimeCondition) Reset()                    { *m = RuntimeCondition{} }
 func (*RuntimeCondition) ProtoMessage()               {}
-func (*RuntimeCondition) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{79} }
+func (*RuntimeCondition) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{81} }
 
 func (m *RuntimeCondition) GetType() string {
 	if m != nil {
@@ -3026,7 +3164,7 @@ type RuntimeStatus struct {
 
 func (m *RuntimeStatus) Reset()                    { *m = RuntimeStatus{} }
 func (*RuntimeStatus) ProtoMessage()               {}
-func (*RuntimeStatus) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{80} }
+func (*RuntimeStatus) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{82} }
 
 func (m *RuntimeStatus) GetConditions() []*RuntimeCondition {
 	if m != nil {
@@ -3042,7 +3180,7 @@ type StatusRequest struct {
 
 func (m *StatusRequest) Reset()                    { *m = StatusRequest{} }
 func (*StatusRequest) ProtoMessage()               {}
-func (*StatusRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{81} }
+func (*StatusRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{83} }
 
 func (m *StatusRequest) GetVerbose() bool {
 	if m != nil {
@@ -3054,7 +3192,7 @@ func (m *StatusRequest) GetVerbose() bool {
 type StatusResponse struct {
 	// Status of the Runtime.
 	Status *RuntimeStatus `protobuf:"bytes,1,opt,name=status" json:"status,omitempty"`
-	// Info is extra information of the Runtime. The key could be abitrary string, and
+	// Info is extra information of the Runtime. The key could be arbitrary string, and
 	// value should be in json format. The information could include anything useful for
 	// debug, e.g. plugins used by the container runtime.
 	// It should only be returned non-empty when Verbose is true.
@@ -3063,7 +3201,7 @@ type StatusResponse struct {
 
 func (m *StatusResponse) Reset()                    { *m = StatusResponse{} }
 func (*StatusResponse) ProtoMessage()               {}
-func (*StatusResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{82} }
+func (*StatusResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{84} }
 
 func (m *StatusResponse) GetStatus() *RuntimeStatus {
 	if m != nil {
@@ -3084,7 +3222,7 @@ type ImageFsInfoRequest struct {
 
 func (m *ImageFsInfoRequest) Reset()                    { *m = ImageFsInfoRequest{} }
 func (*ImageFsInfoRequest) ProtoMessage()               {}
-func (*ImageFsInfoRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{83} }
+func (*ImageFsInfoRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{85} }
 
 // UInt64Value is the wrapper of uint64.
 type UInt64Value struct {
@@ -3094,7 +3232,7 @@ type UInt64Value struct {
 
 func (m *UInt64Value) Reset()                    { *m = UInt64Value{} }
 func (*UInt64Value) ProtoMessage()               {}
-func (*UInt64Value) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{84} }
+func (*UInt64Value) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{86} }
 
 func (m *UInt64Value) GetValue() uint64 {
 	if m != nil {
@@ -3103,19 +3241,19 @@ func (m *UInt64Value) GetValue() uint64 {
 	return 0
 }
 
-// StorageIdentifier uniquely identify the storage..
-type StorageIdentifier struct {
-	// UUID of the device.
-	Uuid string `protobuf:"bytes,1,opt,name=uuid,proto3" json:"uuid,omitempty"`
+// FilesystemIdentifier uniquely identify the filesystem.
+type FilesystemIdentifier struct {
+	// Mountpoint of a filesystem.
+	Mountpoint string `protobuf:"bytes,1,opt,name=mountpoint,proto3" json:"mountpoint,omitempty"`
 }
 
-func (m *StorageIdentifier) Reset()                    { *m = StorageIdentifier{} }
-func (*StorageIdentifier) ProtoMessage()               {}
-func (*StorageIdentifier) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{85} }
+func (m *FilesystemIdentifier) Reset()                    { *m = FilesystemIdentifier{} }
+func (*FilesystemIdentifier) ProtoMessage()               {}
+func (*FilesystemIdentifier) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{87} }
 
-func (m *StorageIdentifier) GetUuid() string {
+func (m *FilesystemIdentifier) GetMountpoint() string {
 	if m != nil {
-		return m.Uuid
+		return m.Mountpoint
 	}
 	return ""
 }
@@ -3124,8 +3262,8 @@ func (m *StorageIdentifier) GetUuid() string {
 type FilesystemUsage struct {
 	// Timestamp in nanoseconds at which the information were collected. Must be > 0.
 	Timestamp int64 `protobuf:"varint,1,opt,name=timestamp,proto3" json:"timestamp,omitempty"`
-	// The underlying storage of the filesystem.
-	StorageId *StorageIdentifier `protobuf:"bytes,2,opt,name=storage_id,json=storageId" json:"storage_id,omitempty"`
+	// The unique identifier of the filesystem.
+	FsId *FilesystemIdentifier `protobuf:"bytes,2,opt,name=fs_id,json=fsId" json:"fs_id,omitempty"`
 	// UsedBytes represents the bytes used for images on the filesystem.
 	// This may differ from the total bytes used on the filesystem and may not
 	// equal CapacityBytes - AvailableBytes.
@@ -3138,7 +3276,7 @@ type FilesystemUsage struct {
 
 func (m *FilesystemUsage) Reset()                    { *m = FilesystemUsage{} }
 func (*FilesystemUsage) ProtoMessage()               {}
-func (*FilesystemUsage) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{86} }
+func (*FilesystemUsage) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{88} }
 
 func (m *FilesystemUsage) GetTimestamp() int64 {
 	if m != nil {
@@ -3147,9 +3285,9 @@ func (m *FilesystemUsage) GetTimestamp() int64 {
 	return 0
 }
 
-func (m *FilesystemUsage) GetStorageId() *StorageIdentifier {
+func (m *FilesystemUsage) GetFsId() *FilesystemIdentifier {
 	if m != nil {
-		return m.StorageId
+		return m.FsId
 	}
 	return nil
 }
@@ -3175,7 +3313,7 @@ type ImageFsInfoResponse struct {
 
 func (m *ImageFsInfoResponse) Reset()                    { *m = ImageFsInfoResponse{} }
 func (*ImageFsInfoResponse) ProtoMessage()               {}
-func (*ImageFsInfoResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{87} }
+func (*ImageFsInfoResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{89} }
 
 func (m *ImageFsInfoResponse) GetImageFilesystems() []*FilesystemUsage {
 	if m != nil {
@@ -3191,7 +3329,7 @@ type ContainerStatsRequest struct {
 
 func (m *ContainerStatsRequest) Reset()                    { *m = ContainerStatsRequest{} }
 func (*ContainerStatsRequest) ProtoMessage()               {}
-func (*ContainerStatsRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{88} }
+func (*ContainerStatsRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{90} }
 
 func (m *ContainerStatsRequest) GetContainerId() string {
 	if m != nil {
@@ -3207,7 +3345,7 @@ type ContainerStatsResponse struct {
 
 func (m *ContainerStatsResponse) Reset()                    { *m = ContainerStatsResponse{} }
 func (*ContainerStatsResponse) ProtoMessage()               {}
-func (*ContainerStatsResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{89} }
+func (*ContainerStatsResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{91} }
 
 func (m *ContainerStatsResponse) GetStats() *ContainerStats {
 	if m != nil {
@@ -3223,7 +3361,7 @@ type ListContainerStatsRequest struct {
 
 func (m *ListContainerStatsRequest) Reset()                    { *m = ListContainerStatsRequest{} }
 func (*ListContainerStatsRequest) ProtoMessage()               {}
-func (*ListContainerStatsRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{90} }
+func (*ListContainerStatsRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{92} }
 
 func (m *ListContainerStatsRequest) GetFilter() *ContainerStatsFilter {
 	if m != nil {
@@ -3247,7 +3385,7 @@ type ContainerStatsFilter struct {
 
 func (m *ContainerStatsFilter) Reset()                    { *m = ContainerStatsFilter{} }
 func (*ContainerStatsFilter) ProtoMessage()               {}
-func (*ContainerStatsFilter) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{91} }
+func (*ContainerStatsFilter) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{93} }
 
 func (m *ContainerStatsFilter) GetId() string {
 	if m != nil {
@@ -3277,7 +3415,7 @@ type ListContainerStatsResponse struct {
 
 func (m *ListContainerStatsResponse) Reset()                    { *m = ListContainerStatsResponse{} }
 func (*ListContainerStatsResponse) ProtoMessage()               {}
-func (*ListContainerStatsResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{92} }
+func (*ListContainerStatsResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{94} }
 
 func (m *ListContainerStatsResponse) GetStats() []*ContainerStats {
 	if m != nil {
@@ -3303,7 +3441,7 @@ type ContainerAttributes struct {
 
 func (m *ContainerAttributes) Reset()                    { *m = ContainerAttributes{} }
 func (*ContainerAttributes) ProtoMessage()               {}
-func (*ContainerAttributes) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{93} }
+func (*ContainerAttributes) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{95} }
 
 func (m *ContainerAttributes) GetId() string {
 	if m != nil {
@@ -3347,7 +3485,7 @@ type ContainerStats struct {
 
 func (m *ContainerStats) Reset()                    { *m = ContainerStats{} }
 func (*ContainerStats) ProtoMessage()               {}
-func (*ContainerStats) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{94} }
+func (*ContainerStats) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{96} }
 
 func (m *ContainerStats) GetAttributes() *ContainerAttributes {
 	if m != nil {
@@ -3387,7 +3525,7 @@ type CpuUsage struct {
 
 func (m *CpuUsage) Reset()                    { *m = CpuUsage{} }
 func (*CpuUsage) ProtoMessage()               {}
-func (*CpuUsage) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{95} }
+func (*CpuUsage) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{97} }
 
 func (m *CpuUsage) GetTimestamp() int64 {
 	if m != nil {
@@ -3413,7 +3551,7 @@ type MemoryUsage struct {
 
 func (m *MemoryUsage) Reset()                    { *m = MemoryUsage{} }
 func (*MemoryUsage) ProtoMessage()               {}
-func (*MemoryUsage) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{96} }
+func (*MemoryUsage) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{98} }
 
 func (m *MemoryUsage) GetTimestamp() int64 {
 	if m != nil {
@@ -3429,108 +3567,136 @@ func (m *MemoryUsage) GetWorkingSetBytes() *UInt64Value {
 	return nil
 }
 
+type ReopenContainerLogRequest struct {
+	// ID of the container for which to reopen the log.
+	ContainerId string `protobuf:"bytes,1,opt,name=container_id,json=containerId,proto3" json:"container_id,omitempty"`
+}
+
+func (m *ReopenContainerLogRequest) Reset()                    { *m = ReopenContainerLogRequest{} }
+func (*ReopenContainerLogRequest) ProtoMessage()               {}
+func (*ReopenContainerLogRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{99} }
+
+func (m *ReopenContainerLogRequest) GetContainerId() string {
+	if m != nil {
+		return m.ContainerId
+	}
+	return ""
+}
+
+type ReopenContainerLogResponse struct {
+}
+
+func (m *ReopenContainerLogResponse) Reset()                    { *m = ReopenContainerLogResponse{} }
+func (*ReopenContainerLogResponse) ProtoMessage()               {}
+func (*ReopenContainerLogResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{100} }
+
 func init() {
-	proto.RegisterType((*VersionRequest)(nil), "runtime.VersionRequest")
-	proto.RegisterType((*VersionResponse)(nil), "runtime.VersionResponse")
-	proto.RegisterType((*DNSConfig)(nil), "runtime.DNSConfig")
-	proto.RegisterType((*PortMapping)(nil), "runtime.PortMapping")
-	proto.RegisterType((*Mount)(nil), "runtime.Mount")
-	proto.RegisterType((*NamespaceOption)(nil), "runtime.NamespaceOption")
-	proto.RegisterType((*Int64Value)(nil), "runtime.Int64Value")
-	proto.RegisterType((*LinuxSandboxSecurityContext)(nil), "runtime.LinuxSandboxSecurityContext")
-	proto.RegisterType((*LinuxPodSandboxConfig)(nil), "runtime.LinuxPodSandboxConfig")
-	proto.RegisterType((*PodSandboxMetadata)(nil), "runtime.PodSandboxMetadata")
-	proto.RegisterType((*PodSandboxConfig)(nil), "runtime.PodSandboxConfig")
-	proto.RegisterType((*RunPodSandboxRequest)(nil), "runtime.RunPodSandboxRequest")
-	proto.RegisterType((*RunPodSandboxResponse)(nil), "runtime.RunPodSandboxResponse")
-	proto.RegisterType((*StopPodSandboxRequest)(nil), "runtime.StopPodSandboxRequest")
-	proto.RegisterType((*StopPodSandboxResponse)(nil), "runtime.StopPodSandboxResponse")
-	proto.RegisterType((*RemovePodSandboxRequest)(nil), "runtime.RemovePodSandboxRequest")
-	proto.RegisterType((*RemovePodSandboxResponse)(nil), "runtime.RemovePodSandboxResponse")
-	proto.RegisterType((*PodSandboxStatusRequest)(nil), "runtime.PodSandboxStatusRequest")
-	proto.RegisterType((*PodSandboxNetworkStatus)(nil), "runtime.PodSandboxNetworkStatus")
-	proto.RegisterType((*Namespace)(nil), "runtime.Namespace")
-	proto.RegisterType((*LinuxPodSandboxStatus)(nil), "runtime.LinuxPodSandboxStatus")
-	proto.RegisterType((*PodSandboxStatus)(nil), "runtime.PodSandboxStatus")
-	proto.RegisterType((*PodSandboxStatusResponse)(nil), "runtime.PodSandboxStatusResponse")
-	proto.RegisterType((*PodSandboxStateValue)(nil), "runtime.PodSandboxStateValue")
-	proto.RegisterType((*PodSandboxFilter)(nil), "runtime.PodSandboxFilter")
-	proto.RegisterType((*ListPodSandboxRequest)(nil), "runtime.ListPodSandboxRequest")
-	proto.RegisterType((*PodSandbox)(nil), "runtime.PodSandbox")
-	proto.RegisterType((*ListPodSandboxResponse)(nil), "runtime.ListPodSandboxResponse")
-	proto.RegisterType((*ImageSpec)(nil), "runtime.ImageSpec")
-	proto.RegisterType((*KeyValue)(nil), "runtime.KeyValue")
-	proto.RegisterType((*LinuxContainerResources)(nil), "runtime.LinuxContainerResources")
-	proto.RegisterType((*SELinuxOption)(nil), "runtime.SELinuxOption")
-	proto.RegisterType((*Capability)(nil), "runtime.Capability")
-	proto.RegisterType((*LinuxContainerSecurityContext)(nil), "runtime.LinuxContainerSecurityContext")
-	proto.RegisterType((*LinuxContainerConfig)(nil), "runtime.LinuxContainerConfig")
-	proto.RegisterType((*ContainerMetadata)(nil), "runtime.ContainerMetadata")
-	proto.RegisterType((*Device)(nil), "runtime.Device")
-	proto.RegisterType((*ContainerConfig)(nil), "runtime.ContainerConfig")
-	proto.RegisterType((*CreateContainerRequest)(nil), "runtime.CreateContainerRequest")
-	proto.RegisterType((*CreateContainerResponse)(nil), "runtime.CreateContainerResponse")
-	proto.RegisterType((*StartContainerRequest)(nil), "runtime.StartContainerRequest")
-	proto.RegisterType((*StartContainerResponse)(nil), "runtime.StartContainerResponse")
-	proto.RegisterType((*StopContainerRequest)(nil), "runtime.StopContainerRequest")
-	proto.RegisterType((*StopContainerResponse)(nil), "runtime.StopContainerResponse")
-	proto.RegisterType((*RemoveContainerRequest)(nil), "runtime.RemoveContainerRequest")
-	proto.RegisterType((*RemoveContainerResponse)(nil), "runtime.RemoveContainerResponse")
-	proto.RegisterType((*ContainerStateValue)(nil), "runtime.ContainerStateValue")
-	proto.RegisterType((*ContainerFilter)(nil), "runtime.ContainerFilter")
-	proto.RegisterType((*ListContainersRequest)(nil), "runtime.ListContainersRequest")
-	proto.RegisterType((*Container)(nil), "runtime.Container")
-	proto.RegisterType((*ListContainersResponse)(nil), "runtime.ListContainersResponse")
-	proto.RegisterType((*ContainerStatusRequest)(nil), "runtime.ContainerStatusRequest")
-	proto.RegisterType((*ContainerStatus)(nil), "runtime.ContainerStatus")
-	proto.RegisterType((*ContainerStatusResponse)(nil), "runtime.ContainerStatusResponse")
-	proto.RegisterType((*UpdateContainerResourcesRequest)(nil), "runtime.UpdateContainerResourcesRequest")
-	proto.RegisterType((*UpdateContainerResourcesResponse)(nil), "runtime.UpdateContainerResourcesResponse")
-	proto.RegisterType((*ExecSyncRequest)(nil), "runtime.ExecSyncRequest")
-	proto.RegisterType((*ExecSyncResponse)(nil), "runtime.ExecSyncResponse")
-	proto.RegisterType((*ExecRequest)(nil), "runtime.ExecRequest")
-	proto.RegisterType((*ExecResponse)(nil), "runtime.ExecResponse")
-	proto.RegisterType((*AttachRequest)(nil), "runtime.AttachRequest")
-	proto.RegisterType((*AttachResponse)(nil), "runtime.AttachResponse")
-	proto.RegisterType((*PortForwardRequest)(nil), "runtime.PortForwardRequest")
-	proto.RegisterType((*PortForwardResponse)(nil), "runtime.PortForwardResponse")
-	proto.RegisterType((*ImageFilter)(nil), "runtime.ImageFilter")
-	proto.RegisterType((*ListImagesRequest)(nil), "runtime.ListImagesRequest")
-	proto.RegisterType((*Image)(nil), "runtime.Image")
-	proto.RegisterType((*ListImagesResponse)(nil), "runtime.ListImagesResponse")
-	proto.RegisterType((*ImageStatusRequest)(nil), "runtime.ImageStatusRequest")
-	proto.RegisterType((*ImageStatusResponse)(nil), "runtime.ImageStatusResponse")
-	proto.RegisterType((*AuthConfig)(nil), "runtime.AuthConfig")
-	proto.RegisterType((*PullImageRequest)(nil), "runtime.PullImageRequest")
-	proto.RegisterType((*PullImageResponse)(nil), "runtime.PullImageResponse")
-	proto.RegisterType((*RemoveImageRequest)(nil), "runtime.RemoveImageRequest")
-	proto.RegisterType((*RemoveImageResponse)(nil), "runtime.RemoveImageResponse")
-	proto.RegisterType((*NetworkConfig)(nil), "runtime.NetworkConfig")
-	proto.RegisterType((*RuntimeConfig)(nil), "runtime.RuntimeConfig")
-	proto.RegisterType((*UpdateRuntimeConfigRequest)(nil), "runtime.UpdateRuntimeConfigRequest")
-	proto.RegisterType((*UpdateRuntimeConfigResponse)(nil), "runtime.UpdateRuntimeConfigResponse")
-	proto.RegisterType((*RuntimeCondition)(nil), "runtime.RuntimeCondition")
-	proto.RegisterType((*RuntimeStatus)(nil), "runtime.RuntimeStatus")
-	proto.RegisterType((*StatusRequest)(nil), "runtime.StatusRequest")
-	proto.RegisterType((*StatusResponse)(nil), "runtime.StatusResponse")
-	proto.RegisterType((*ImageFsInfoRequest)(nil), "runtime.ImageFsInfoRequest")
-	proto.RegisterType((*UInt64Value)(nil), "runtime.UInt64Value")
-	proto.RegisterType((*StorageIdentifier)(nil), "runtime.StorageIdentifier")
-	proto.RegisterType((*FilesystemUsage)(nil), "runtime.FilesystemUsage")
-	proto.RegisterType((*ImageFsInfoResponse)(nil), "runtime.ImageFsInfoResponse")
-	proto.RegisterType((*ContainerStatsRequest)(nil), "runtime.ContainerStatsRequest")
-	proto.RegisterType((*ContainerStatsResponse)(nil), "runtime.ContainerStatsResponse")
-	proto.RegisterType((*ListContainerStatsRequest)(nil), "runtime.ListContainerStatsRequest")
-	proto.RegisterType((*ContainerStatsFilter)(nil), "runtime.ContainerStatsFilter")
-	proto.RegisterType((*ListContainerStatsResponse)(nil), "runtime.ListContainerStatsResponse")
-	proto.RegisterType((*ContainerAttributes)(nil), "runtime.ContainerAttributes")
-	proto.RegisterType((*ContainerStats)(nil), "runtime.ContainerStats")
-	proto.RegisterType((*CpuUsage)(nil), "runtime.CpuUsage")
-	proto.RegisterType((*MemoryUsage)(nil), "runtime.MemoryUsage")
-	proto.RegisterEnum("runtime.Protocol", Protocol_name, Protocol_value)
-	proto.RegisterEnum("runtime.MountPropagation", MountPropagation_name, MountPropagation_value)
-	proto.RegisterEnum("runtime.PodSandboxState", PodSandboxState_name, PodSandboxState_value)
-	proto.RegisterEnum("runtime.ContainerState", ContainerState_name, ContainerState_value)
+	proto.RegisterType((*VersionRequest)(nil), "runtime.v1alpha2.VersionRequest")
+	proto.RegisterType((*VersionResponse)(nil), "runtime.v1alpha2.VersionResponse")
+	proto.RegisterType((*DNSConfig)(nil), "runtime.v1alpha2.DNSConfig")
+	proto.RegisterType((*PortMapping)(nil), "runtime.v1alpha2.PortMapping")
+	proto.RegisterType((*Mount)(nil), "runtime.v1alpha2.Mount")
+	proto.RegisterType((*NamespaceOption)(nil), "runtime.v1alpha2.NamespaceOption")
+	proto.RegisterType((*Int64Value)(nil), "runtime.v1alpha2.Int64Value")
+	proto.RegisterType((*LinuxSandboxSecurityContext)(nil), "runtime.v1alpha2.LinuxSandboxSecurityContext")
+	proto.RegisterType((*LinuxPodSandboxConfig)(nil), "runtime.v1alpha2.LinuxPodSandboxConfig")
+	proto.RegisterType((*PodSandboxMetadata)(nil), "runtime.v1alpha2.PodSandboxMetadata")
+	proto.RegisterType((*PodSandboxConfig)(nil), "runtime.v1alpha2.PodSandboxConfig")
+	proto.RegisterType((*RunPodSandboxRequest)(nil), "runtime.v1alpha2.RunPodSandboxRequest")
+	proto.RegisterType((*RunPodSandboxResponse)(nil), "runtime.v1alpha2.RunPodSandboxResponse")
+	proto.RegisterType((*StopPodSandboxRequest)(nil), "runtime.v1alpha2.StopPodSandboxRequest")
+	proto.RegisterType((*StopPodSandboxResponse)(nil), "runtime.v1alpha2.StopPodSandboxResponse")
+	proto.RegisterType((*RemovePodSandboxRequest)(nil), "runtime.v1alpha2.RemovePodSandboxRequest")
+	proto.RegisterType((*RemovePodSandboxResponse)(nil), "runtime.v1alpha2.RemovePodSandboxResponse")
+	proto.RegisterType((*PodSandboxStatusRequest)(nil), "runtime.v1alpha2.PodSandboxStatusRequest")
+	proto.RegisterType((*PodSandboxNetworkStatus)(nil), "runtime.v1alpha2.PodSandboxNetworkStatus")
+	proto.RegisterType((*Namespace)(nil), "runtime.v1alpha2.Namespace")
+	proto.RegisterType((*LinuxPodSandboxStatus)(nil), "runtime.v1alpha2.LinuxPodSandboxStatus")
+	proto.RegisterType((*PodSandboxStatus)(nil), "runtime.v1alpha2.PodSandboxStatus")
+	proto.RegisterType((*PodSandboxStatusResponse)(nil), "runtime.v1alpha2.PodSandboxStatusResponse")
+	proto.RegisterType((*PodSandboxStateValue)(nil), "runtime.v1alpha2.PodSandboxStateValue")
+	proto.RegisterType((*PodSandboxFilter)(nil), "runtime.v1alpha2.PodSandboxFilter")
+	proto.RegisterType((*ListPodSandboxRequest)(nil), "runtime.v1alpha2.ListPodSandboxRequest")
+	proto.RegisterType((*PodSandbox)(nil), "runtime.v1alpha2.PodSandbox")
+	proto.RegisterType((*ListPodSandboxResponse)(nil), "runtime.v1alpha2.ListPodSandboxResponse")
+	proto.RegisterType((*ImageSpec)(nil), "runtime.v1alpha2.ImageSpec")
+	proto.RegisterType((*KeyValue)(nil), "runtime.v1alpha2.KeyValue")
+	proto.RegisterType((*LinuxContainerResources)(nil), "runtime.v1alpha2.LinuxContainerResources")
+	proto.RegisterType((*SELinuxOption)(nil), "runtime.v1alpha2.SELinuxOption")
+	proto.RegisterType((*Capability)(nil), "runtime.v1alpha2.Capability")
+	proto.RegisterType((*LinuxContainerSecurityContext)(nil), "runtime.v1alpha2.LinuxContainerSecurityContext")
+	proto.RegisterType((*LinuxContainerConfig)(nil), "runtime.v1alpha2.LinuxContainerConfig")
+	proto.RegisterType((*WindowsContainerConfig)(nil), "runtime.v1alpha2.WindowsContainerConfig")
+	proto.RegisterType((*WindowsContainerResources)(nil), "runtime.v1alpha2.WindowsContainerResources")
+	proto.RegisterType((*ContainerMetadata)(nil), "runtime.v1alpha2.ContainerMetadata")
+	proto.RegisterType((*Device)(nil), "runtime.v1alpha2.Device")
+	proto.RegisterType((*ContainerConfig)(nil), "runtime.v1alpha2.ContainerConfig")
+	proto.RegisterType((*CreateContainerRequest)(nil), "runtime.v1alpha2.CreateContainerRequest")
+	proto.RegisterType((*CreateContainerResponse)(nil), "runtime.v1alpha2.CreateContainerResponse")
+	proto.RegisterType((*StartContainerRequest)(nil), "runtime.v1alpha2.StartContainerRequest")
+	proto.RegisterType((*StartContainerResponse)(nil), "runtime.v1alpha2.StartContainerResponse")
+	proto.RegisterType((*StopContainerRequest)(nil), "runtime.v1alpha2.StopContainerRequest")
+	proto.RegisterType((*StopContainerResponse)(nil), "runtime.v1alpha2.StopContainerResponse")
+	proto.RegisterType((*RemoveContainerRequest)(nil), "runtime.v1alpha2.RemoveContainerRequest")
+	proto.RegisterType((*RemoveContainerResponse)(nil), "runtime.v1alpha2.RemoveContainerResponse")
+	proto.RegisterType((*ContainerStateValue)(nil), "runtime.v1alpha2.ContainerStateValue")
+	proto.RegisterType((*ContainerFilter)(nil), "runtime.v1alpha2.ContainerFilter")
+	proto.RegisterType((*ListContainersRequest)(nil), "runtime.v1alpha2.ListContainersRequest")
+	proto.RegisterType((*Container)(nil), "runtime.v1alpha2.Container")
+	proto.RegisterType((*ListContainersResponse)(nil), "runtime.v1alpha2.ListContainersResponse")
+	proto.RegisterType((*ContainerStatusRequest)(nil), "runtime.v1alpha2.ContainerStatusRequest")
+	proto.RegisterType((*ContainerStatus)(nil), "runtime.v1alpha2.ContainerStatus")
+	proto.RegisterType((*ContainerStatusResponse)(nil), "runtime.v1alpha2.ContainerStatusResponse")
+	proto.RegisterType((*UpdateContainerResourcesRequest)(nil), "runtime.v1alpha2.UpdateContainerResourcesRequest")
+	proto.RegisterType((*UpdateContainerResourcesResponse)(nil), "runtime.v1alpha2.UpdateContainerResourcesResponse")
+	proto.RegisterType((*ExecSyncRequest)(nil), "runtime.v1alpha2.ExecSyncRequest")
+	proto.RegisterType((*ExecSyncResponse)(nil), "runtime.v1alpha2.ExecSyncResponse")
+	proto.RegisterType((*ExecRequest)(nil), "runtime.v1alpha2.ExecRequest")
+	proto.RegisterType((*ExecResponse)(nil), "runtime.v1alpha2.ExecResponse")
+	proto.RegisterType((*AttachRequest)(nil), "runtime.v1alpha2.AttachRequest")
+	proto.RegisterType((*AttachResponse)(nil), "runtime.v1alpha2.AttachResponse")
+	proto.RegisterType((*PortForwardRequest)(nil), "runtime.v1alpha2.PortForwardRequest")
+	proto.RegisterType((*PortForwardResponse)(nil), "runtime.v1alpha2.PortForwardResponse")
+	proto.RegisterType((*ImageFilter)(nil), "runtime.v1alpha2.ImageFilter")
+	proto.RegisterType((*ListImagesRequest)(nil), "runtime.v1alpha2.ListImagesRequest")
+	proto.RegisterType((*Image)(nil), "runtime.v1alpha2.Image")
+	proto.RegisterType((*ListImagesResponse)(nil), "runtime.v1alpha2.ListImagesResponse")
+	proto.RegisterType((*ImageStatusRequest)(nil), "runtime.v1alpha2.ImageStatusRequest")
+	proto.RegisterType((*ImageStatusResponse)(nil), "runtime.v1alpha2.ImageStatusResponse")
+	proto.RegisterType((*AuthConfig)(nil), "runtime.v1alpha2.AuthConfig")
+	proto.RegisterType((*PullImageRequest)(nil), "runtime.v1alpha2.PullImageRequest")
+	proto.RegisterType((*PullImageResponse)(nil), "runtime.v1alpha2.PullImageResponse")
+	proto.RegisterType((*RemoveImageRequest)(nil), "runtime.v1alpha2.RemoveImageRequest")
+	proto.RegisterType((*RemoveImageResponse)(nil), "runtime.v1alpha2.RemoveImageResponse")
+	proto.RegisterType((*NetworkConfig)(nil), "runtime.v1alpha2.NetworkConfig")
+	proto.RegisterType((*RuntimeConfig)(nil), "runtime.v1alpha2.RuntimeConfig")
+	proto.RegisterType((*UpdateRuntimeConfigRequest)(nil), "runtime.v1alpha2.UpdateRuntimeConfigRequest")
+	proto.RegisterType((*UpdateRuntimeConfigResponse)(nil), "runtime.v1alpha2.UpdateRuntimeConfigResponse")
+	proto.RegisterType((*RuntimeCondition)(nil), "runtime.v1alpha2.RuntimeCondition")
+	proto.RegisterType((*RuntimeStatus)(nil), "runtime.v1alpha2.RuntimeStatus")
+	proto.RegisterType((*StatusRequest)(nil), "runtime.v1alpha2.StatusRequest")
+	proto.RegisterType((*StatusResponse)(nil), "runtime.v1alpha2.StatusResponse")
+	proto.RegisterType((*ImageFsInfoRequest)(nil), "runtime.v1alpha2.ImageFsInfoRequest")
+	proto.RegisterType((*UInt64Value)(nil), "runtime.v1alpha2.UInt64Value")
+	proto.RegisterType((*FilesystemIdentifier)(nil), "runtime.v1alpha2.FilesystemIdentifier")
+	proto.RegisterType((*FilesystemUsage)(nil), "runtime.v1alpha2.FilesystemUsage")
+	proto.RegisterType((*ImageFsInfoResponse)(nil), "runtime.v1alpha2.ImageFsInfoResponse")
+	proto.RegisterType((*ContainerStatsRequest)(nil), "runtime.v1alpha2.ContainerStatsRequest")
+	proto.RegisterType((*ContainerStatsResponse)(nil), "runtime.v1alpha2.ContainerStatsResponse")
+	proto.RegisterType((*ListContainerStatsRequest)(nil), "runtime.v1alpha2.ListContainerStatsRequest")
+	proto.RegisterType((*ContainerStatsFilter)(nil), "runtime.v1alpha2.ContainerStatsFilter")
+	proto.RegisterType((*ListContainerStatsResponse)(nil), "runtime.v1alpha2.ListContainerStatsResponse")
+	proto.RegisterType((*ContainerAttributes)(nil), "runtime.v1alpha2.ContainerAttributes")
+	proto.RegisterType((*ContainerStats)(nil), "runtime.v1alpha2.ContainerStats")
+	proto.RegisterType((*CpuUsage)(nil), "runtime.v1alpha2.CpuUsage")
+	proto.RegisterType((*MemoryUsage)(nil), "runtime.v1alpha2.MemoryUsage")
+	proto.RegisterType((*ReopenContainerLogRequest)(nil), "runtime.v1alpha2.ReopenContainerLogRequest")
+	proto.RegisterType((*ReopenContainerLogResponse)(nil), "runtime.v1alpha2.ReopenContainerLogResponse")
+	proto.RegisterEnum("runtime.v1alpha2.Protocol", Protocol_name, Protocol_value)
+	proto.RegisterEnum("runtime.v1alpha2.MountPropagation", MountPropagation_name, MountPropagation_value)
+	proto.RegisterEnum("runtime.v1alpha2.NamespaceMode", NamespaceMode_name, NamespaceMode_value)
+	proto.RegisterEnum("runtime.v1alpha2.PodSandboxState", PodSandboxState_name, PodSandboxState_value)
+	proto.RegisterEnum("runtime.v1alpha2.ContainerState", ContainerState_name, ContainerState_value)
 }
 
 // Reference imports to suppress errors if they are not otherwise used.
@@ -3590,6 +3756,12 @@ type RuntimeServiceClient interface {
 	ContainerStatus(ctx context.Context, in *ContainerStatusRequest, opts ...grpc.CallOption) (*ContainerStatusResponse, error)
 	// UpdateContainerResources updates ContainerConfig of the container.
 	UpdateContainerResources(ctx context.Context, in *UpdateContainerResourcesRequest, opts ...grpc.CallOption) (*UpdateContainerResourcesResponse, error)
+	// ReopenContainerLog asks runtime to reopen the stdout/stderr log file
+	// for the container. This is often called after the log file has been
+	// rotated. If the container is not running, container runtime can choose
+	// to either create a new log file and return nil, or return an error.
+	// Once it returns error, new container log file MUST NOT be created.
+	ReopenContainerLog(ctx context.Context, in *ReopenContainerLogRequest, opts ...grpc.CallOption) (*ReopenContainerLogResponse, error)
 	// ExecSync runs a command in a container synchronously.
 	ExecSync(ctx context.Context, in *ExecSyncRequest, opts ...grpc.CallOption) (*ExecSyncResponse, error)
 	// Exec prepares a streaming endpoint to execute a command in the container.
@@ -3619,7 +3791,7 @@ func NewRuntimeServiceClient(cc *grpc.ClientConn) RuntimeServiceClient {
 
 func (c *runtimeServiceClient) Version(ctx context.Context, in *VersionRequest, opts ...grpc.CallOption) (*VersionResponse, error) {
 	out := new(VersionResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/Version", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/Version", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3628,7 +3800,7 @@ func (c *runtimeServiceClient) Version(ctx context.Context, in *VersionRequest,
 
 func (c *runtimeServiceClient) RunPodSandbox(ctx context.Context, in *RunPodSandboxRequest, opts ...grpc.CallOption) (*RunPodSandboxResponse, error) {
 	out := new(RunPodSandboxResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/RunPodSandbox", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/RunPodSandbox", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3637,7 +3809,7 @@ func (c *runtimeServiceClient) RunPodSandbox(ctx context.Context, in *RunPodSand
 
 func (c *runtimeServiceClient) StopPodSandbox(ctx context.Context, in *StopPodSandboxRequest, opts ...grpc.CallOption) (*StopPodSandboxResponse, error) {
 	out := new(StopPodSandboxResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/StopPodSandbox", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/StopPodSandbox", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3646,7 +3818,7 @@ func (c *runtimeServiceClient) StopPodSandbox(ctx context.Context, in *StopPodSa
 
 func (c *runtimeServiceClient) RemovePodSandbox(ctx context.Context, in *RemovePodSandboxRequest, opts ...grpc.CallOption) (*RemovePodSandboxResponse, error) {
 	out := new(RemovePodSandboxResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/RemovePodSandbox", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/RemovePodSandbox", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3655,7 +3827,7 @@ func (c *runtimeServiceClient) RemovePodSandbox(ctx context.Context, in *RemoveP
 
 func (c *runtimeServiceClient) PodSandboxStatus(ctx context.Context, in *PodSandboxStatusRequest, opts ...grpc.CallOption) (*PodSandboxStatusResponse, error) {
 	out := new(PodSandboxStatusResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/PodSandboxStatus", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/PodSandboxStatus", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3664,7 +3836,7 @@ func (c *runtimeServiceClient) PodSandboxStatus(ctx context.Context, in *PodSand
 
 func (c *runtimeServiceClient) ListPodSandbox(ctx context.Context, in *ListPodSandboxRequest, opts ...grpc.CallOption) (*ListPodSandboxResponse, error) {
 	out := new(ListPodSandboxResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/ListPodSandbox", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/ListPodSandbox", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3673,7 +3845,7 @@ func (c *runtimeServiceClient) ListPodSandbox(ctx context.Context, in *ListPodSa
 
 func (c *runtimeServiceClient) CreateContainer(ctx context.Context, in *CreateContainerRequest, opts ...grpc.CallOption) (*CreateContainerResponse, error) {
 	out := new(CreateContainerResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/CreateContainer", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/CreateContainer", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3682,7 +3854,7 @@ func (c *runtimeServiceClient) CreateContainer(ctx context.Context, in *CreateCo
 
 func (c *runtimeServiceClient) StartContainer(ctx context.Context, in *StartContainerRequest, opts ...grpc.CallOption) (*StartContainerResponse, error) {
 	out := new(StartContainerResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/StartContainer", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/StartContainer", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3691,7 +3863,7 @@ func (c *runtimeServiceClient) StartContainer(ctx context.Context, in *StartCont
 
 func (c *runtimeServiceClient) StopContainer(ctx context.Context, in *StopContainerRequest, opts ...grpc.CallOption) (*StopContainerResponse, error) {
 	out := new(StopContainerResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/StopContainer", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/StopContainer", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3700,7 +3872,7 @@ func (c *runtimeServiceClient) StopContainer(ctx context.Context, in *StopContai
 
 func (c *runtimeServiceClient) RemoveContainer(ctx context.Context, in *RemoveContainerRequest, opts ...grpc.CallOption) (*RemoveContainerResponse, error) {
 	out := new(RemoveContainerResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/RemoveContainer", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/RemoveContainer", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3709,7 +3881,7 @@ func (c *runtimeServiceClient) RemoveContainer(ctx context.Context, in *RemoveCo
 
 func (c *runtimeServiceClient) ListContainers(ctx context.Context, in *ListContainersRequest, opts ...grpc.CallOption) (*ListContainersResponse, error) {
 	out := new(ListContainersResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/ListContainers", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/ListContainers", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3718,7 +3890,7 @@ func (c *runtimeServiceClient) ListContainers(ctx context.Context, in *ListConta
 
 func (c *runtimeServiceClient) ContainerStatus(ctx context.Context, in *ContainerStatusRequest, opts ...grpc.CallOption) (*ContainerStatusResponse, error) {
 	out := new(ContainerStatusResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/ContainerStatus", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/ContainerStatus", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3727,7 +3899,16 @@ func (c *runtimeServiceClient) ContainerStatus(ctx context.Context, in *Containe
 
 func (c *runtimeServiceClient) UpdateContainerResources(ctx context.Context, in *UpdateContainerResourcesRequest, opts ...grpc.CallOption) (*UpdateContainerResourcesResponse, error) {
 	out := new(UpdateContainerResourcesResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/UpdateContainerResources", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/UpdateContainerResources", in, out, c.cc, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *runtimeServiceClient) ReopenContainerLog(ctx context.Context, in *ReopenContainerLogRequest, opts ...grpc.CallOption) (*ReopenContainerLogResponse, error) {
+	out := new(ReopenContainerLogResponse)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/ReopenContainerLog", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3736,7 +3917,7 @@ func (c *runtimeServiceClient) UpdateContainerResources(ctx context.Context, in
 
 func (c *runtimeServiceClient) ExecSync(ctx context.Context, in *ExecSyncRequest, opts ...grpc.CallOption) (*ExecSyncResponse, error) {
 	out := new(ExecSyncResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/ExecSync", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/ExecSync", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3745,7 +3926,7 @@ func (c *runtimeServiceClient) ExecSync(ctx context.Context, in *ExecSyncRequest
 
 func (c *runtimeServiceClient) Exec(ctx context.Context, in *ExecRequest, opts ...grpc.CallOption) (*ExecResponse, error) {
 	out := new(ExecResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/Exec", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/Exec", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3754,7 +3935,7 @@ func (c *runtimeServiceClient) Exec(ctx context.Context, in *ExecRequest, opts .
 
 func (c *runtimeServiceClient) Attach(ctx context.Context, in *AttachRequest, opts ...grpc.CallOption) (*AttachResponse, error) {
 	out := new(AttachResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/Attach", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/Attach", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3763,7 +3944,7 @@ func (c *runtimeServiceClient) Attach(ctx context.Context, in *AttachRequest, op
 
 func (c *runtimeServiceClient) PortForward(ctx context.Context, in *PortForwardRequest, opts ...grpc.CallOption) (*PortForwardResponse, error) {
 	out := new(PortForwardResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/PortForward", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/PortForward", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3772,7 +3953,7 @@ func (c *runtimeServiceClient) PortForward(ctx context.Context, in *PortForwardR
 
 func (c *runtimeServiceClient) ContainerStats(ctx context.Context, in *ContainerStatsRequest, opts ...grpc.CallOption) (*ContainerStatsResponse, error) {
 	out := new(ContainerStatsResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/ContainerStats", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/ContainerStats", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3781,7 +3962,7 @@ func (c *runtimeServiceClient) ContainerStats(ctx context.Context, in *Container
 
 func (c *runtimeServiceClient) ListContainerStats(ctx context.Context, in *ListContainerStatsRequest, opts ...grpc.CallOption) (*ListContainerStatsResponse, error) {
 	out := new(ListContainerStatsResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/ListContainerStats", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/ListContainerStats", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3790,7 +3971,7 @@ func (c *runtimeServiceClient) ListContainerStats(ctx context.Context, in *ListC
 
 func (c *runtimeServiceClient) UpdateRuntimeConfig(ctx context.Context, in *UpdateRuntimeConfigRequest, opts ...grpc.CallOption) (*UpdateRuntimeConfigResponse, error) {
 	out := new(UpdateRuntimeConfigResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/UpdateRuntimeConfig", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/UpdateRuntimeConfig", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3799,7 +3980,7 @@ func (c *runtimeServiceClient) UpdateRuntimeConfig(ctx context.Context, in *Upda
 
 func (c *runtimeServiceClient) Status(ctx context.Context, in *StatusRequest, opts ...grpc.CallOption) (*StatusResponse, error) {
 	out := new(StatusResponse)
-	err := grpc.Invoke(ctx, "/runtime.RuntimeService/Status", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.RuntimeService/Status", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -3855,6 +4036,12 @@ type RuntimeServiceServer interface {
 	ContainerStatus(context.Context, *ContainerStatusRequest) (*ContainerStatusResponse, error)
 	// UpdateContainerResources updates ContainerConfig of the container.
 	UpdateContainerResources(context.Context, *UpdateContainerResourcesRequest) (*UpdateContainerResourcesResponse, error)
+	// ReopenContainerLog asks runtime to reopen the stdout/stderr log file
+	// for the container. This is often called after the log file has been
+	// rotated. If the container is not running, container runtime can choose
+	// to either create a new log file and return nil, or return an error.
+	// Once it returns error, new container log file MUST NOT be created.
+	ReopenContainerLog(context.Context, *ReopenContainerLogRequest) (*ReopenContainerLogResponse, error)
 	// ExecSync runs a command in a container synchronously.
 	ExecSync(context.Context, *ExecSyncRequest) (*ExecSyncResponse, error)
 	// Exec prepares a streaming endpoint to execute a command in the container.
@@ -3888,7 +4075,7 @@ func _RuntimeService_Version_Handler(srv interface{}, ctx context.Context, dec f
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/Version",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/Version",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).Version(ctx, req.(*VersionRequest))
@@ -3906,7 +4093,7 @@ func _RuntimeService_RunPodSandbox_Handler(srv interface{}, ctx context.Context,
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/RunPodSandbox",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/RunPodSandbox",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).RunPodSandbox(ctx, req.(*RunPodSandboxRequest))
@@ -3924,7 +4111,7 @@ func _RuntimeService_StopPodSandbox_Handler(srv interface{}, ctx context.Context
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/StopPodSandbox",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/StopPodSandbox",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).StopPodSandbox(ctx, req.(*StopPodSandboxRequest))
@@ -3942,7 +4129,7 @@ func _RuntimeService_RemovePodSandbox_Handler(srv interface{}, ctx context.Conte
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/RemovePodSandbox",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/RemovePodSandbox",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).RemovePodSandbox(ctx, req.(*RemovePodSandboxRequest))
@@ -3960,7 +4147,7 @@ func _RuntimeService_PodSandboxStatus_Handler(srv interface{}, ctx context.Conte
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/PodSandboxStatus",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/PodSandboxStatus",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).PodSandboxStatus(ctx, req.(*PodSandboxStatusRequest))
@@ -3978,7 +4165,7 @@ func _RuntimeService_ListPodSandbox_Handler(srv interface{}, ctx context.Context
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/ListPodSandbox",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/ListPodSandbox",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).ListPodSandbox(ctx, req.(*ListPodSandboxRequest))
@@ -3996,7 +4183,7 @@ func _RuntimeService_CreateContainer_Handler(srv interface{}, ctx context.Contex
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/CreateContainer",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/CreateContainer",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).CreateContainer(ctx, req.(*CreateContainerRequest))
@@ -4014,7 +4201,7 @@ func _RuntimeService_StartContainer_Handler(srv interface{}, ctx context.Context
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/StartContainer",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/StartContainer",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).StartContainer(ctx, req.(*StartContainerRequest))
@@ -4032,7 +4219,7 @@ func _RuntimeService_StopContainer_Handler(srv interface{}, ctx context.Context,
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/StopContainer",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/StopContainer",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).StopContainer(ctx, req.(*StopContainerRequest))
@@ -4050,7 +4237,7 @@ func _RuntimeService_RemoveContainer_Handler(srv interface{}, ctx context.Contex
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/RemoveContainer",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/RemoveContainer",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).RemoveContainer(ctx, req.(*RemoveContainerRequest))
@@ -4068,7 +4255,7 @@ func _RuntimeService_ListContainers_Handler(srv interface{}, ctx context.Context
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/ListContainers",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/ListContainers",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).ListContainers(ctx, req.(*ListContainersRequest))
@@ -4086,7 +4273,7 @@ func _RuntimeService_ContainerStatus_Handler(srv interface{}, ctx context.Contex
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/ContainerStatus",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/ContainerStatus",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).ContainerStatus(ctx, req.(*ContainerStatusRequest))
@@ -4104,7 +4291,7 @@ func _RuntimeService_UpdateContainerResources_Handler(srv interface{}, ctx conte
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/UpdateContainerResources",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/UpdateContainerResources",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).UpdateContainerResources(ctx, req.(*UpdateContainerResourcesRequest))
@@ -4112,6 +4299,24 @@ func _RuntimeService_UpdateContainerResources_Handler(srv interface{}, ctx conte
 	return interceptor(ctx, in, info, handler)
 }
 
+func _RuntimeService_ReopenContainerLog_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(ReopenContainerLogRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(RuntimeServiceServer).ReopenContainerLog(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/runtime.v1alpha2.RuntimeService/ReopenContainerLog",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(RuntimeServiceServer).ReopenContainerLog(ctx, req.(*ReopenContainerLogRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
 func _RuntimeService_ExecSync_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
 	in := new(ExecSyncRequest)
 	if err := dec(in); err != nil {
@@ -4122,7 +4327,7 @@ func _RuntimeService_ExecSync_Handler(srv interface{}, ctx context.Context, dec
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/ExecSync",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/ExecSync",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).ExecSync(ctx, req.(*ExecSyncRequest))
@@ -4140,7 +4345,7 @@ func _RuntimeService_Exec_Handler(srv interface{}, ctx context.Context, dec func
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/Exec",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/Exec",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).Exec(ctx, req.(*ExecRequest))
@@ -4158,7 +4363,7 @@ func _RuntimeService_Attach_Handler(srv interface{}, ctx context.Context, dec fu
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/Attach",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/Attach",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).Attach(ctx, req.(*AttachRequest))
@@ -4176,7 +4381,7 @@ func _RuntimeService_PortForward_Handler(srv interface{}, ctx context.Context, d
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/PortForward",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/PortForward",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).PortForward(ctx, req.(*PortForwardRequest))
@@ -4194,7 +4399,7 @@ func _RuntimeService_ContainerStats_Handler(srv interface{}, ctx context.Context
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/ContainerStats",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/ContainerStats",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).ContainerStats(ctx, req.(*ContainerStatsRequest))
@@ -4212,7 +4417,7 @@ func _RuntimeService_ListContainerStats_Handler(srv interface{}, ctx context.Con
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/ListContainerStats",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/ListContainerStats",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).ListContainerStats(ctx, req.(*ListContainerStatsRequest))
@@ -4230,7 +4435,7 @@ func _RuntimeService_UpdateRuntimeConfig_Handler(srv interface{}, ctx context.Co
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/UpdateRuntimeConfig",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/UpdateRuntimeConfig",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).UpdateRuntimeConfig(ctx, req.(*UpdateRuntimeConfigRequest))
@@ -4248,7 +4453,7 @@ func _RuntimeService_Status_Handler(srv interface{}, ctx context.Context, dec fu
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.RuntimeService/Status",
+		FullMethod: "/runtime.v1alpha2.RuntimeService/Status",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RuntimeServiceServer).Status(ctx, req.(*StatusRequest))
@@ -4257,7 +4462,7 @@ func _RuntimeService_Status_Handler(srv interface{}, ctx context.Context, dec fu
 }
 
 var _RuntimeService_serviceDesc = grpc.ServiceDesc{
-	ServiceName: "runtime.RuntimeService",
+	ServiceName: "runtime.v1alpha2.RuntimeService",
 	HandlerType: (*RuntimeServiceServer)(nil),
 	Methods: []grpc.MethodDesc{
 		{
@@ -4312,6 +4517,10 @@ var _RuntimeService_serviceDesc = grpc.ServiceDesc{
 			MethodName: "UpdateContainerResources",
 			Handler:    _RuntimeService_UpdateContainerResources_Handler,
 		},
+		{
+			MethodName: "ReopenContainerLog",
+			Handler:    _RuntimeService_ReopenContainerLog_Handler,
+		},
 		{
 			MethodName: "ExecSync",
 			Handler:    _RuntimeService_ExecSync_Handler,
@@ -4378,7 +4587,7 @@ func NewImageServiceClient(cc *grpc.ClientConn) ImageServiceClient {
 
 func (c *imageServiceClient) ListImages(ctx context.Context, in *ListImagesRequest, opts ...grpc.CallOption) (*ListImagesResponse, error) {
 	out := new(ListImagesResponse)
-	err := grpc.Invoke(ctx, "/runtime.ImageService/ListImages", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.ImageService/ListImages", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -4387,7 +4596,7 @@ func (c *imageServiceClient) ListImages(ctx context.Context, in *ListImagesReque
 
 func (c *imageServiceClient) ImageStatus(ctx context.Context, in *ImageStatusRequest, opts ...grpc.CallOption) (*ImageStatusResponse, error) {
 	out := new(ImageStatusResponse)
-	err := grpc.Invoke(ctx, "/runtime.ImageService/ImageStatus", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.ImageService/ImageStatus", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -4396,7 +4605,7 @@ func (c *imageServiceClient) ImageStatus(ctx context.Context, in *ImageStatusReq
 
 func (c *imageServiceClient) PullImage(ctx context.Context, in *PullImageRequest, opts ...grpc.CallOption) (*PullImageResponse, error) {
 	out := new(PullImageResponse)
-	err := grpc.Invoke(ctx, "/runtime.ImageService/PullImage", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.ImageService/PullImage", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -4405,7 +4614,7 @@ func (c *imageServiceClient) PullImage(ctx context.Context, in *PullImageRequest
 
 func (c *imageServiceClient) RemoveImage(ctx context.Context, in *RemoveImageRequest, opts ...grpc.CallOption) (*RemoveImageResponse, error) {
 	out := new(RemoveImageResponse)
-	err := grpc.Invoke(ctx, "/runtime.ImageService/RemoveImage", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.ImageService/RemoveImage", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -4414,7 +4623,7 @@ func (c *imageServiceClient) RemoveImage(ctx context.Context, in *RemoveImageReq
 
 func (c *imageServiceClient) ImageFsInfo(ctx context.Context, in *ImageFsInfoRequest, opts ...grpc.CallOption) (*ImageFsInfoResponse, error) {
 	out := new(ImageFsInfoResponse)
-	err := grpc.Invoke(ctx, "/runtime.ImageService/ImageFsInfo", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/runtime.v1alpha2.ImageService/ImageFsInfo", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -4454,7 +4663,7 @@ func _ImageService_ListImages_Handler(srv interface{}, ctx context.Context, dec
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.ImageService/ListImages",
+		FullMethod: "/runtime.v1alpha2.ImageService/ListImages",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(ImageServiceServer).ListImages(ctx, req.(*ListImagesRequest))
@@ -4472,7 +4681,7 @@ func _ImageService_ImageStatus_Handler(srv interface{}, ctx context.Context, dec
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.ImageService/ImageStatus",
+		FullMethod: "/runtime.v1alpha2.ImageService/ImageStatus",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(ImageServiceServer).ImageStatus(ctx, req.(*ImageStatusRequest))
@@ -4490,7 +4699,7 @@ func _ImageService_PullImage_Handler(srv interface{}, ctx context.Context, dec f
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.ImageService/PullImage",
+		FullMethod: "/runtime.v1alpha2.ImageService/PullImage",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(ImageServiceServer).PullImage(ctx, req.(*PullImageRequest))
@@ -4508,7 +4717,7 @@ func _ImageService_RemoveImage_Handler(srv interface{}, ctx context.Context, dec
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.ImageService/RemoveImage",
+		FullMethod: "/runtime.v1alpha2.ImageService/RemoveImage",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(ImageServiceServer).RemoveImage(ctx, req.(*RemoveImageRequest))
@@ -4526,7 +4735,7 @@ func _ImageService_ImageFsInfo_Handler(srv interface{}, ctx context.Context, dec
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/runtime.ImageService/ImageFsInfo",
+		FullMethod: "/runtime.v1alpha2.ImageService/ImageFsInfo",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(ImageServiceServer).ImageFsInfo(ctx, req.(*ImageFsInfoRequest))
@@ -4535,7 +4744,7 @@ func _ImageService_ImageFsInfo_Handler(srv interface{}, ctx context.Context, dec
 }
 
 var _ImageService_serviceDesc = grpc.ServiceDesc{
-	ServiceName: "runtime.ImageService",
+	ServiceName: "runtime.v1alpha2.ImageService",
 	HandlerType: (*ImageServiceServer)(nil),
 	Methods: []grpc.MethodDesc{
 		{
@@ -4801,35 +5010,20 @@ func (m *NamespaceOption) MarshalTo(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
-	if m.HostNetwork {
+	if m.Network != 0 {
 		dAtA[i] = 0x8
 		i++
-		if m.HostNetwork {
-			dAtA[i] = 1
-		} else {
-			dAtA[i] = 0
-		}
-		i++
+		i = encodeVarintApi(dAtA, i, uint64(m.Network))
 	}
-	if m.HostPid {
+	if m.Pid != 0 {
 		dAtA[i] = 0x10
 		i++
-		if m.HostPid {
-			dAtA[i] = 1
-		} else {
-			dAtA[i] = 0
-		}
-		i++
+		i = encodeVarintApi(dAtA, i, uint64(m.Pid))
 	}
-	if m.HostIpc {
+	if m.Ipc != 0 {
 		dAtA[i] = 0x18
 		i++
-		if m.HostIpc {
-			dAtA[i] = 1
-		} else {
-			dAtA[i] = 0
-		}
-		i++
+		i = encodeVarintApi(dAtA, i, uint64(m.Ipc))
 	}
 	return i, nil
 }
@@ -4946,6 +5140,16 @@ func (m *LinuxSandboxSecurityContext) MarshalTo(dAtA []byte) (int, error) {
 		i = encodeVarintApi(dAtA, i, uint64(len(m.SeccompProfilePath)))
 		i += copy(dAtA[i:], m.SeccompProfilePath)
 	}
+	if m.RunAsGroup != nil {
+		dAtA[i] = 0x42
+		i++
+		i = encodeVarintApi(dAtA, i, uint64(m.RunAsGroup.Size()))
+		n6, err := m.RunAsGroup.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n6
+	}
 	return i, nil
 }
 
@@ -4974,11 +5178,11 @@ func (m *LinuxPodSandboxConfig) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.SecurityContext.Size()))
-		n6, err := m.SecurityContext.MarshalTo(dAtA[i:])
+		n7, err := m.SecurityContext.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n6
+		i += n7
 	}
 	if len(m.Sysctls) > 0 {
 		for k := range m.Sysctls {
@@ -5060,11 +5264,11 @@ func (m *PodSandboxConfig) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Metadata.Size()))
-		n7, err := m.Metadata.MarshalTo(dAtA[i:])
+		n8, err := m.Metadata.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n7
+		i += n8
 	}
 	if len(m.Hostname) > 0 {
 		dAtA[i] = 0x12
@@ -5082,11 +5286,11 @@ func (m *PodSandboxConfig) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x22
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.DnsConfig.Size()))
-		n8, err := m.DnsConfig.MarshalTo(dAtA[i:])
+		n9, err := m.DnsConfig.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n8
+		i += n9
 	}
 	if len(m.PortMappings) > 0 {
 		for _, msg := range m.PortMappings {
@@ -5138,11 +5342,11 @@ func (m *PodSandboxConfig) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x42
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Linux.Size()))
-		n9, err := m.Linux.MarshalTo(dAtA[i:])
+		n10, err := m.Linux.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n9
+		i += n10
 	}
 	return i, nil
 }
@@ -5166,11 +5370,11 @@ func (m *RunPodSandboxRequest) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Config.Size()))
-		n10, err := m.Config.MarshalTo(dAtA[i:])
+		n11, err := m.Config.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n10
+		i += n11
 	}
 	return i, nil
 }
@@ -5360,11 +5564,11 @@ func (m *Namespace) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Options.Size()))
-		n11, err := m.Options.MarshalTo(dAtA[i:])
+		n12, err := m.Options.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n11
+		i += n12
 	}
 	return i, nil
 }
@@ -5388,11 +5592,11 @@ func (m *LinuxPodSandboxStatus) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Namespaces.Size()))
-		n12, err := m.Namespaces.MarshalTo(dAtA[i:])
+		n13, err := m.Namespaces.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n12
+		i += n13
 	}
 	return i, nil
 }
@@ -5422,11 +5626,11 @@ func (m *PodSandboxStatus) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Metadata.Size()))
-		n13, err := m.Metadata.MarshalTo(dAtA[i:])
+		n14, err := m.Metadata.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n13
+		i += n14
 	}
 	if m.State != 0 {
 		dAtA[i] = 0x18
@@ -5442,21 +5646,21 @@ func (m *PodSandboxStatus) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x2a
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Network.Size()))
-		n14, err := m.Network.MarshalTo(dAtA[i:])
+		n15, err := m.Network.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n14
+		i += n15
 	}
 	if m.Linux != nil {
 		dAtA[i] = 0x32
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Linux.Size()))
-		n15, err := m.Linux.MarshalTo(dAtA[i:])
+		n16, err := m.Linux.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n15
+		i += n16
 	}
 	if len(m.Labels) > 0 {
 		for k := range m.Labels {
@@ -5514,11 +5718,11 @@ func (m *PodSandboxStatusResponse) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Status.Size()))
-		n16, err := m.Status.MarshalTo(dAtA[i:])
+		n17, err := m.Status.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n16
+		i += n17
 	}
 	if len(m.Info) > 0 {
 		for k := range m.Info {
@@ -5588,11 +5792,11 @@ func (m *PodSandboxFilter) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.State.Size()))
-		n17, err := m.State.MarshalTo(dAtA[i:])
+		n18, err := m.State.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n17
+		i += n18
 	}
 	if len(m.LabelSelector) > 0 {
 		for k := range m.LabelSelector {
@@ -5633,11 +5837,11 @@ func (m *ListPodSandboxRequest) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Filter.Size()))
-		n18, err := m.Filter.MarshalTo(dAtA[i:])
+		n19, err := m.Filter.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n18
+		i += n19
 	}
 	return i, nil
 }
@@ -5667,11 +5871,11 @@ func (m *PodSandbox) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Metadata.Size()))
-		n19, err := m.Metadata.MarshalTo(dAtA[i:])
+		n20, err := m.Metadata.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n19
+		i += n20
 	}
 	if m.State != 0 {
 		dAtA[i] = 0x18
@@ -5968,11 +6172,11 @@ func (m *LinuxContainerSecurityContext) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Capabilities.Size()))
-		n20, err := m.Capabilities.MarshalTo(dAtA[i:])
+		n21, err := m.Capabilities.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n20
+		i += n21
 	}
 	if m.Privileged {
 		dAtA[i] = 0x10
@@ -5988,31 +6192,31 @@ func (m *LinuxContainerSecurityContext) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.NamespaceOptions.Size()))
-		n21, err := m.NamespaceOptions.MarshalTo(dAtA[i:])
+		n22, err := m.NamespaceOptions.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n21
+		i += n22
 	}
 	if m.SelinuxOptions != nil {
 		dAtA[i] = 0x22
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.SelinuxOptions.Size()))
-		n22, err := m.SelinuxOptions.MarshalTo(dAtA[i:])
+		n23, err := m.SelinuxOptions.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n22
+		i += n23
 	}
 	if m.RunAsUser != nil {
 		dAtA[i] = 0x2a
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.RunAsUser.Size()))
-		n23, err := m.RunAsUser.MarshalTo(dAtA[i:])
+		n24, err := m.RunAsUser.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n23
+		i += n24
 	}
 	if len(m.RunAsUsername) > 0 {
 		dAtA[i] = 0x32
@@ -6031,22 +6235,22 @@ func (m *LinuxContainerSecurityContext) MarshalTo(dAtA []byte) (int, error) {
 		i++
 	}
 	if len(m.SupplementalGroups) > 0 {
-		dAtA25 := make([]byte, len(m.SupplementalGroups)*10)
-		var j24 int
+		dAtA26 := make([]byte, len(m.SupplementalGroups)*10)
+		var j25 int
 		for _, num1 := range m.SupplementalGroups {
 			num := uint64(num1)
 			for num >= 1<<7 {
-				dAtA25[j24] = uint8(uint64(num)&0x7f | 0x80)
+				dAtA26[j25] = uint8(uint64(num)&0x7f | 0x80)
 				num >>= 7
-				j24++
+				j25++
 			}
-			dAtA25[j24] = uint8(num)
-			j24++
+			dAtA26[j25] = uint8(num)
+			j25++
 		}
 		dAtA[i] = 0x42
 		i++
-		i = encodeVarintApi(dAtA, i, uint64(j24))
-		i += copy(dAtA[i:], dAtA25[:j24])
+		i = encodeVarintApi(dAtA, i, uint64(j25))
+		i += copy(dAtA[i:], dAtA26[:j25])
 	}
 	if len(m.ApparmorProfile) > 0 {
 		dAtA[i] = 0x4a
@@ -6070,6 +6274,16 @@ func (m *LinuxContainerSecurityContext) MarshalTo(dAtA []byte) (int, error) {
 		}
 		i++
 	}
+	if m.RunAsGroup != nil {
+		dAtA[i] = 0x62
+		i++
+		i = encodeVarintApi(dAtA, i, uint64(m.RunAsGroup.Size()))
+		n27, err := m.RunAsGroup.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n27
+	}
 	return i, nil
 }
 
@@ -6092,21 +6306,87 @@ func (m *LinuxContainerConfig) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Resources.Size()))
-		n26, err := m.Resources.MarshalTo(dAtA[i:])
+		n28, err := m.Resources.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n26
+		i += n28
 	}
 	if m.SecurityContext != nil {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.SecurityContext.Size()))
-		n27, err := m.SecurityContext.MarshalTo(dAtA[i:])
+		n29, err := m.SecurityContext.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n27
+		i += n29
+	}
+	return i, nil
+}
+
+func (m *WindowsContainerConfig) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *WindowsContainerConfig) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if m.Resources != nil {
+		dAtA[i] = 0xa
+		i++
+		i = encodeVarintApi(dAtA, i, uint64(m.Resources.Size()))
+		n30, err := m.Resources.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n30
+	}
+	return i, nil
+}
+
+func (m *WindowsContainerResources) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *WindowsContainerResources) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if m.CpuShares != 0 {
+		dAtA[i] = 0x8
+		i++
+		i = encodeVarintApi(dAtA, i, uint64(m.CpuShares))
+	}
+	if m.CpuCount != 0 {
+		dAtA[i] = 0x10
+		i++
+		i = encodeVarintApi(dAtA, i, uint64(m.CpuCount))
+	}
+	if m.CpuMaximum != 0 {
+		dAtA[i] = 0x18
+		i++
+		i = encodeVarintApi(dAtA, i, uint64(m.CpuMaximum))
+	}
+	if m.MemoryLimitInBytes != 0 {
+		dAtA[i] = 0x20
+		i++
+		i = encodeVarintApi(dAtA, i, uint64(m.MemoryLimitInBytes))
 	}
 	return i, nil
 }
@@ -6195,21 +6475,21 @@ func (m *ContainerConfig) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Metadata.Size()))
-		n28, err := m.Metadata.MarshalTo(dAtA[i:])
+		n31, err := m.Metadata.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n28
+		i += n31
 	}
 	if m.Image != nil {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Image.Size()))
-		n29, err := m.Image.MarshalTo(dAtA[i:])
+		n32, err := m.Image.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n29
+		i += n32
 	}
 	if len(m.Command) > 0 {
 		for _, s := range m.Command {
@@ -6357,11 +6637,23 @@ func (m *ContainerConfig) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x7a
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Linux.Size()))
-		n30, err := m.Linux.MarshalTo(dAtA[i:])
+		n33, err := m.Linux.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n30
+		i += n33
+	}
+	if m.Windows != nil {
+		dAtA[i] = 0x82
+		i++
+		dAtA[i] = 0x1
+		i++
+		i = encodeVarintApi(dAtA, i, uint64(m.Windows.Size()))
+		n34, err := m.Windows.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n34
 	}
 	return i, nil
 }
@@ -6391,21 +6683,21 @@ func (m *CreateContainerRequest) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Config.Size()))
-		n31, err := m.Config.MarshalTo(dAtA[i:])
+		n35, err := m.Config.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n31
+		i += n35
 	}
 	if m.SandboxConfig != nil {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.SandboxConfig.Size()))
-		n32, err := m.SandboxConfig.MarshalTo(dAtA[i:])
+		n36, err := m.SandboxConfig.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n32
+		i += n36
 	}
 	return i, nil
 }
@@ -6613,11 +6905,11 @@ func (m *ContainerFilter) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.State.Size()))
-		n33, err := m.State.MarshalTo(dAtA[i:])
+		n37, err := m.State.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n33
+		i += n37
 	}
 	if len(m.PodSandboxId) > 0 {
 		dAtA[i] = 0x1a
@@ -6664,11 +6956,11 @@ func (m *ListContainersRequest) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Filter.Size()))
-		n34, err := m.Filter.MarshalTo(dAtA[i:])
+		n38, err := m.Filter.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n34
+		i += n38
 	}
 	return i, nil
 }
@@ -6704,21 +6996,21 @@ func (m *Container) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Metadata.Size()))
-		n35, err := m.Metadata.MarshalTo(dAtA[i:])
+		n39, err := m.Metadata.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n35
+		i += n39
 	}
 	if m.Image != nil {
 		dAtA[i] = 0x22
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Image.Size()))
-		n36, err := m.Image.MarshalTo(dAtA[i:])
+		n40, err := m.Image.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n36
+		i += n40
 	}
 	if len(m.ImageRef) > 0 {
 		dAtA[i] = 0x2a
@@ -6862,11 +7154,11 @@ func (m *ContainerStatus) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Metadata.Size()))
-		n37, err := m.Metadata.MarshalTo(dAtA[i:])
+		n41, err := m.Metadata.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n37
+		i += n41
 	}
 	if m.State != 0 {
 		dAtA[i] = 0x18
@@ -6897,11 +7189,11 @@ func (m *ContainerStatus) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x42
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Image.Size()))
-		n38, err := m.Image.MarshalTo(dAtA[i:])
+		n42, err := m.Image.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n38
+		i += n42
 	}
 	if len(m.ImageRef) > 0 {
 		dAtA[i] = 0x4a
@@ -6995,11 +7287,11 @@ func (m *ContainerStatusResponse) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Status.Size()))
-		n39, err := m.Status.MarshalTo(dAtA[i:])
+		n43, err := m.Status.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n39
+		i += n43
 	}
 	if len(m.Info) > 0 {
 		for k := range m.Info {
@@ -7046,11 +7338,11 @@ func (m *UpdateContainerResourcesRequest) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Linux.Size()))
-		n40, err := m.Linux.MarshalTo(dAtA[i:])
+		n44, err := m.Linux.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n40
+		i += n44
 	}
 	return i, nil
 }
@@ -7365,22 +7657,22 @@ func (m *PortForwardRequest) MarshalTo(dAtA []byte) (int, error) {
 		i += copy(dAtA[i:], m.PodSandboxId)
 	}
 	if len(m.Port) > 0 {
-		dAtA42 := make([]byte, len(m.Port)*10)
-		var j41 int
+		dAtA46 := make([]byte, len(m.Port)*10)
+		var j45 int
 		for _, num1 := range m.Port {
 			num := uint64(num1)
 			for num >= 1<<7 {
-				dAtA42[j41] = uint8(uint64(num)&0x7f | 0x80)
+				dAtA46[j45] = uint8(uint64(num)&0x7f | 0x80)
 				num >>= 7
-				j41++
+				j45++
 			}
-			dAtA42[j41] = uint8(num)
-			j41++
+			dAtA46[j45] = uint8(num)
+			j45++
 		}
 		dAtA[i] = 0x12
 		i++
-		i = encodeVarintApi(dAtA, i, uint64(j41))
-		i += copy(dAtA[i:], dAtA42[:j41])
+		i = encodeVarintApi(dAtA, i, uint64(j45))
+		i += copy(dAtA[i:], dAtA46[:j45])
 	}
 	return i, nil
 }
@@ -7428,11 +7720,11 @@ func (m *ImageFilter) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Image.Size()))
-		n43, err := m.Image.MarshalTo(dAtA[i:])
+		n47, err := m.Image.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n43
+		i += n47
 	}
 	return i, nil
 }
@@ -7456,11 +7748,11 @@ func (m *ListImagesRequest) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Filter.Size()))
-		n44, err := m.Filter.MarshalTo(dAtA[i:])
+		n48, err := m.Filter.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n44
+		i += n48
 	}
 	return i, nil
 }
@@ -7525,11 +7817,11 @@ func (m *Image) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x2a
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Uid.Size()))
-		n45, err := m.Uid.MarshalTo(dAtA[i:])
+		n49, err := m.Uid.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n45
+		i += n49
 	}
 	if len(m.Username) > 0 {
 		dAtA[i] = 0x32
@@ -7589,11 +7881,11 @@ func (m *ImageStatusRequest) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Image.Size()))
-		n46, err := m.Image.MarshalTo(dAtA[i:])
+		n50, err := m.Image.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n46
+		i += n50
 	}
 	if m.Verbose {
 		dAtA[i] = 0x10
@@ -7627,11 +7919,11 @@ func (m *ImageStatusResponse) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Image.Size()))
-		n47, err := m.Image.MarshalTo(dAtA[i:])
+		n51, err := m.Image.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n47
+		i += n51
 	}
 	if len(m.Info) > 0 {
 		for k := range m.Info {
@@ -7726,31 +8018,31 @@ func (m *PullImageRequest) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Image.Size()))
-		n48, err := m.Image.MarshalTo(dAtA[i:])
+		n52, err := m.Image.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n48
+		i += n52
 	}
 	if m.Auth != nil {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Auth.Size()))
-		n49, err := m.Auth.MarshalTo(dAtA[i:])
+		n53, err := m.Auth.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n49
+		i += n53
 	}
 	if m.SandboxConfig != nil {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.SandboxConfig.Size()))
-		n50, err := m.SandboxConfig.MarshalTo(dAtA[i:])
+		n54, err := m.SandboxConfig.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n50
+		i += n54
 	}
 	return i, nil
 }
@@ -7798,11 +8090,11 @@ func (m *RemoveImageRequest) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Image.Size()))
-		n51, err := m.Image.MarshalTo(dAtA[i:])
+		n55, err := m.Image.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n51
+		i += n55
 	}
 	return i, nil
 }
@@ -7868,11 +8160,11 @@ func (m *RuntimeConfig) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.NetworkConfig.Size()))
-		n52, err := m.NetworkConfig.MarshalTo(dAtA[i:])
+		n56, err := m.NetworkConfig.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n52
+		i += n56
 	}
 	return i, nil
 }
@@ -7896,11 +8188,11 @@ func (m *UpdateRuntimeConfigRequest) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.RuntimeConfig.Size()))
-		n53, err := m.RuntimeConfig.MarshalTo(dAtA[i:])
+		n57, err := m.RuntimeConfig.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n53
+		i += n57
 	}
 	return i, nil
 }
@@ -8046,11 +8338,11 @@ func (m *StatusResponse) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Status.Size()))
-		n54, err := m.Status.MarshalTo(dAtA[i:])
+		n58, err := m.Status.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n54
+		i += n58
 	}
 	if len(m.Info) > 0 {
 		for k := range m.Info {
@@ -8113,7 +8405,7 @@ func (m *UInt64Value) MarshalTo(dAtA []byte) (int, error) {
 	return i, nil
 }
 
-func (m *StorageIdentifier) Marshal() (dAtA []byte, err error) {
+func (m *FilesystemIdentifier) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalTo(dAtA)
@@ -8123,16 +8415,16 @@ func (m *StorageIdentifier) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *StorageIdentifier) MarshalTo(dAtA []byte) (int, error) {
+func (m *FilesystemIdentifier) MarshalTo(dAtA []byte) (int, error) {
 	var i int
 	_ = i
 	var l int
 	_ = l
-	if len(m.Uuid) > 0 {
+	if len(m.Mountpoint) > 0 {
 		dAtA[i] = 0xa
 		i++
-		i = encodeVarintApi(dAtA, i, uint64(len(m.Uuid)))
-		i += copy(dAtA[i:], m.Uuid)
+		i = encodeVarintApi(dAtA, i, uint64(len(m.Mountpoint)))
+		i += copy(dAtA[i:], m.Mountpoint)
 	}
 	return i, nil
 }
@@ -8157,35 +8449,35 @@ func (m *FilesystemUsage) MarshalTo(dAtA []byte) (int, error) {
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Timestamp))
 	}
-	if m.StorageId != nil {
+	if m.FsId != nil {
 		dAtA[i] = 0x12
 		i++
-		i = encodeVarintApi(dAtA, i, uint64(m.StorageId.Size()))
-		n55, err := m.StorageId.MarshalTo(dAtA[i:])
+		i = encodeVarintApi(dAtA, i, uint64(m.FsId.Size()))
+		n59, err := m.FsId.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n55
+		i += n59
 	}
 	if m.UsedBytes != nil {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.UsedBytes.Size()))
-		n56, err := m.UsedBytes.MarshalTo(dAtA[i:])
+		n60, err := m.UsedBytes.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n56
+		i += n60
 	}
 	if m.InodesUsed != nil {
 		dAtA[i] = 0x22
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.InodesUsed.Size()))
-		n57, err := m.InodesUsed.MarshalTo(dAtA[i:])
+		n61, err := m.InodesUsed.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n57
+		i += n61
 	}
 	return i, nil
 }
@@ -8263,11 +8555,11 @@ func (m *ContainerStatsResponse) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Stats.Size()))
-		n58, err := m.Stats.MarshalTo(dAtA[i:])
+		n62, err := m.Stats.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n58
+		i += n62
 	}
 	return i, nil
 }
@@ -8291,11 +8583,11 @@ func (m *ListContainerStatsRequest) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Filter.Size()))
-		n59, err := m.Filter.MarshalTo(dAtA[i:])
+		n63, err := m.Filter.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n59
+		i += n63
 	}
 	return i, nil
 }
@@ -8402,11 +8694,11 @@ func (m *ContainerAttributes) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Metadata.Size()))
-		n60, err := m.Metadata.MarshalTo(dAtA[i:])
+		n64, err := m.Metadata.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n60
+		i += n64
 	}
 	if len(m.Labels) > 0 {
 		for k := range m.Labels {
@@ -8464,41 +8756,41 @@ func (m *ContainerStats) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0xa
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Attributes.Size()))
-		n61, err := m.Attributes.MarshalTo(dAtA[i:])
+		n65, err := m.Attributes.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n61
+		i += n65
 	}
 	if m.Cpu != nil {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Cpu.Size()))
-		n62, err := m.Cpu.MarshalTo(dAtA[i:])
+		n66, err := m.Cpu.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n62
+		i += n66
 	}
 	if m.Memory != nil {
 		dAtA[i] = 0x1a
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.Memory.Size()))
-		n63, err := m.Memory.MarshalTo(dAtA[i:])
+		n67, err := m.Memory.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n63
+		i += n67
 	}
 	if m.WritableLayer != nil {
 		dAtA[i] = 0x22
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.WritableLayer.Size()))
-		n64, err := m.WritableLayer.MarshalTo(dAtA[i:])
+		n68, err := m.WritableLayer.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n64
+		i += n68
 	}
 	return i, nil
 }
@@ -8527,11 +8819,11 @@ func (m *CpuUsage) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.UsageCoreNanoSeconds.Size()))
-		n65, err := m.UsageCoreNanoSeconds.MarshalTo(dAtA[i:])
+		n69, err := m.UsageCoreNanoSeconds.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n65
+		i += n69
 	}
 	return i, nil
 }
@@ -8560,15 +8852,57 @@ func (m *MemoryUsage) MarshalTo(dAtA []byte) (int, error) {
 		dAtA[i] = 0x12
 		i++
 		i = encodeVarintApi(dAtA, i, uint64(m.WorkingSetBytes.Size()))
-		n66, err := m.WorkingSetBytes.MarshalTo(dAtA[i:])
+		n70, err := m.WorkingSetBytes.MarshalTo(dAtA[i:])
 		if err != nil {
 			return 0, err
 		}
-		i += n66
+		i += n70
 	}
 	return i, nil
 }
 
+func (m *ReopenContainerLogRequest) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ReopenContainerLogRequest) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if len(m.ContainerId) > 0 {
+		dAtA[i] = 0xa
+		i++
+		i = encodeVarintApi(dAtA, i, uint64(len(m.ContainerId)))
+		i += copy(dAtA[i:], m.ContainerId)
+	}
+	return i, nil
+}
+
+func (m *ReopenContainerLogResponse) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ReopenContainerLogResponse) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	return i, nil
+}
+
 func encodeFixed64Api(dAtA []byte, offset int, v uint64) int {
 	dAtA[offset] = uint8(v)
 	dAtA[offset+1] = uint8(v >> 8)
@@ -8697,14 +9031,14 @@ func (m *Mount) Size() (n int) {
 func (m *NamespaceOption) Size() (n int) {
 	var l int
 	_ = l
-	if m.HostNetwork {
-		n += 2
+	if m.Network != 0 {
+		n += 1 + sovApi(uint64(m.Network))
 	}
-	if m.HostPid {
-		n += 2
+	if m.Pid != 0 {
+		n += 1 + sovApi(uint64(m.Pid))
 	}
-	if m.HostIpc {
-		n += 2
+	if m.Ipc != 0 {
+		n += 1 + sovApi(uint64(m.Ipc))
 	}
 	return n
 }
@@ -8750,6 +9084,10 @@ func (m *LinuxSandboxSecurityContext) Size() (n int) {
 	if l > 0 {
 		n += 1 + l + sovApi(uint64(l))
 	}
+	if m.RunAsGroup != nil {
+		l = m.RunAsGroup.Size()
+		n += 1 + l + sovApi(uint64(l))
+	}
 	return n
 }
 
@@ -9230,6 +9568,10 @@ func (m *LinuxContainerSecurityContext) Size() (n int) {
 	if m.NoNewPrivs {
 		n += 2
 	}
+	if m.RunAsGroup != nil {
+		l = m.RunAsGroup.Size()
+		n += 1 + l + sovApi(uint64(l))
+	}
 	return n
 }
 
@@ -9247,6 +9589,34 @@ func (m *LinuxContainerConfig) Size() (n int) {
 	return n
 }
 
+func (m *WindowsContainerConfig) Size() (n int) {
+	var l int
+	_ = l
+	if m.Resources != nil {
+		l = m.Resources.Size()
+		n += 1 + l + sovApi(uint64(l))
+	}
+	return n
+}
+
+func (m *WindowsContainerResources) Size() (n int) {
+	var l int
+	_ = l
+	if m.CpuShares != 0 {
+		n += 1 + sovApi(uint64(m.CpuShares))
+	}
+	if m.CpuCount != 0 {
+		n += 1 + sovApi(uint64(m.CpuCount))
+	}
+	if m.CpuMaximum != 0 {
+		n += 1 + sovApi(uint64(m.CpuMaximum))
+	}
+	if m.MemoryLimitInBytes != 0 {
+		n += 1 + sovApi(uint64(m.MemoryLimitInBytes))
+	}
+	return n
+}
+
 func (m *ContainerMetadata) Size() (n int) {
 	var l int
 	_ = l
@@ -9356,6 +9726,10 @@ func (m *ContainerConfig) Size() (n int) {
 		l = m.Linux.Size()
 		n += 1 + l + sovApi(uint64(l))
 	}
+	if m.Windows != nil {
+		l = m.Windows.Size()
+		n += 2 + l + sovApi(uint64(l))
+	}
 	return n
 }
 
@@ -10079,10 +10453,10 @@ func (m *UInt64Value) Size() (n int) {
 	return n
 }
 
-func (m *StorageIdentifier) Size() (n int) {
+func (m *FilesystemIdentifier) Size() (n int) {
 	var l int
 	_ = l
-	l = len(m.Uuid)
+	l = len(m.Mountpoint)
 	if l > 0 {
 		n += 1 + l + sovApi(uint64(l))
 	}
@@ -10095,8 +10469,8 @@ func (m *FilesystemUsage) Size() (n int) {
 	if m.Timestamp != 0 {
 		n += 1 + sovApi(uint64(m.Timestamp))
 	}
-	if m.StorageId != nil {
-		l = m.StorageId.Size()
+	if m.FsId != nil {
+		l = m.FsId.Size()
 		n += 1 + l + sovApi(uint64(l))
 	}
 	if m.UsedBytes != nil {
@@ -10264,6 +10638,22 @@ func (m *MemoryUsage) Size() (n int) {
 	return n
 }
 
+func (m *ReopenContainerLogRequest) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.ContainerId)
+	if l > 0 {
+		n += 1 + l + sovApi(uint64(l))
+	}
+	return n
+}
+
+func (m *ReopenContainerLogResponse) Size() (n int) {
+	var l int
+	_ = l
+	return n
+}
+
 func sovApi(x uint64) (n int) {
 	for {
 		n++
@@ -10344,9 +10734,9 @@ func (this *NamespaceOption) String() string {
 		return "nil"
 	}
 	s := strings.Join([]string{`&NamespaceOption{`,
-		`HostNetwork:` + fmt.Sprintf("%v", this.HostNetwork) + `,`,
-		`HostPid:` + fmt.Sprintf("%v", this.HostPid) + `,`,
-		`HostIpc:` + fmt.Sprintf("%v", this.HostIpc) + `,`,
+		`Network:` + fmt.Sprintf("%v", this.Network) + `,`,
+		`Pid:` + fmt.Sprintf("%v", this.Pid) + `,`,
+		`Ipc:` + fmt.Sprintf("%v", this.Ipc) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -10373,6 +10763,7 @@ func (this *LinuxSandboxSecurityContext) String() string {
 		`SupplementalGroups:` + fmt.Sprintf("%v", this.SupplementalGroups) + `,`,
 		`Privileged:` + fmt.Sprintf("%v", this.Privileged) + `,`,
 		`SeccompProfilePath:` + fmt.Sprintf("%v", this.SeccompProfilePath) + `,`,
+		`RunAsGroup:` + strings.Replace(fmt.Sprintf("%v", this.RunAsGroup), "Int64Value", "Int64Value", 1) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -10770,6 +11161,7 @@ func (this *LinuxContainerSecurityContext) String() string {
 		`ApparmorProfile:` + fmt.Sprintf("%v", this.ApparmorProfile) + `,`,
 		`SeccompProfilePath:` + fmt.Sprintf("%v", this.SeccompProfilePath) + `,`,
 		`NoNewPrivs:` + fmt.Sprintf("%v", this.NoNewPrivs) + `,`,
+		`RunAsGroup:` + strings.Replace(fmt.Sprintf("%v", this.RunAsGroup), "Int64Value", "Int64Value", 1) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -10785,6 +11177,29 @@ func (this *LinuxContainerConfig) String() string {
 	}, "")
 	return s
 }
+func (this *WindowsContainerConfig) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&WindowsContainerConfig{`,
+		`Resources:` + strings.Replace(fmt.Sprintf("%v", this.Resources), "WindowsContainerResources", "WindowsContainerResources", 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *WindowsContainerResources) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&WindowsContainerResources{`,
+		`CpuShares:` + fmt.Sprintf("%v", this.CpuShares) + `,`,
+		`CpuCount:` + fmt.Sprintf("%v", this.CpuCount) + `,`,
+		`CpuMaximum:` + fmt.Sprintf("%v", this.CpuMaximum) + `,`,
+		`MemoryLimitInBytes:` + fmt.Sprintf("%v", this.MemoryLimitInBytes) + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *ContainerMetadata) String() string {
 	if this == nil {
 		return "nil"
@@ -10848,6 +11263,7 @@ func (this *ContainerConfig) String() string {
 		`StdinOnce:` + fmt.Sprintf("%v", this.StdinOnce) + `,`,
 		`Tty:` + fmt.Sprintf("%v", this.Tty) + `,`,
 		`Linux:` + strings.Replace(fmt.Sprintf("%v", this.Linux), "LinuxContainerConfig", "LinuxContainerConfig", 1) + `,`,
+		`Windows:` + strings.Replace(fmt.Sprintf("%v", this.Windows), "WindowsContainerConfig", "WindowsContainerConfig", 1) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -11458,12 +11874,12 @@ func (this *UInt64Value) String() string {
 	}, "")
 	return s
 }
-func (this *StorageIdentifier) String() string {
+func (this *FilesystemIdentifier) String() string {
 	if this == nil {
 		return "nil"
 	}
-	s := strings.Join([]string{`&StorageIdentifier{`,
-		`Uuid:` + fmt.Sprintf("%v", this.Uuid) + `,`,
+	s := strings.Join([]string{`&FilesystemIdentifier{`,
+		`Mountpoint:` + fmt.Sprintf("%v", this.Mountpoint) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -11474,7 +11890,7 @@ func (this *FilesystemUsage) String() string {
 	}
 	s := strings.Join([]string{`&FilesystemUsage{`,
 		`Timestamp:` + fmt.Sprintf("%v", this.Timestamp) + `,`,
-		`StorageId:` + strings.Replace(fmt.Sprintf("%v", this.StorageId), "StorageIdentifier", "StorageIdentifier", 1) + `,`,
+		`FsId:` + strings.Replace(fmt.Sprintf("%v", this.FsId), "FilesystemIdentifier", "FilesystemIdentifier", 1) + `,`,
 		`UsedBytes:` + strings.Replace(fmt.Sprintf("%v", this.UsedBytes), "UInt64Value", "UInt64Value", 1) + `,`,
 		`InodesUsed:` + strings.Replace(fmt.Sprintf("%v", this.InodesUsed), "UInt64Value", "UInt64Value", 1) + `,`,
 		`}`,
@@ -11621,6 +12037,25 @@ func (this *MemoryUsage) String() string {
 	}, "")
 	return s
 }
+func (this *ReopenContainerLogRequest) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ReopenContainerLogRequest{`,
+		`ContainerId:` + fmt.Sprintf("%v", this.ContainerId) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ReopenContainerLogResponse) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ReopenContainerLogResponse{`,
+		`}`,
+	}, "")
+	return s
+}
 func valueToStringApi(v interface{}) string {
 	rv := reflect.ValueOf(v)
 	if rv.IsNil() {
@@ -12345,9 +12780,9 @@ func (m *NamespaceOption) Unmarshal(dAtA []byte) error {
 		switch fieldNum {
 		case 1:
 			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field HostNetwork", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Network", wireType)
 			}
-			var v int
+			m.Network = 0
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowApi
@@ -12357,17 +12792,16 @@ func (m *NamespaceOption) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				v |= (int(b) & 0x7F) << shift
+				m.Network |= (NamespaceMode(b) & 0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			m.HostNetwork = bool(v != 0)
 		case 2:
 			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field HostPid", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Pid", wireType)
 			}
-			var v int
+			m.Pid = 0
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowApi
@@ -12377,17 +12811,16 @@ func (m *NamespaceOption) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				v |= (int(b) & 0x7F) << shift
+				m.Pid |= (NamespaceMode(b) & 0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			m.HostPid = bool(v != 0)
 		case 3:
 			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field HostIpc", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Ipc", wireType)
 			}
-			var v int
+			m.Ipc = 0
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowApi
@@ -12397,12 +12830,11 @@ func (m *NamespaceOption) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				v |= (int(b) & 0x7F) << shift
+				m.Ipc |= (NamespaceMode(b) & 0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			m.HostIpc = bool(v != 0)
 		default:
 			iNdEx = preIndex
 			skippy, err := skipApi(dAtA[iNdEx:])
@@ -12752,6 +13184,39 @@ func (m *LinuxSandboxSecurityContext) Unmarshal(dAtA []byte) error {
 			}
 			m.SeccompProfilePath = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
+		case 8:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field RunAsGroup", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowApi
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthApi
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.RunAsGroup == nil {
+				m.RunAsGroup = &Int64Value{}
+			}
+			if err := m.RunAsGroup.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipApi(dAtA[iNdEx:])
@@ -16870,7 +17335,255 @@ func (m *LinuxContainerSecurityContext) Unmarshal(dAtA []byte) error {
 			if wireType != 2 {
 				return fmt.Errorf("proto: wrong wireType = %d for field SeccompProfilePath", wireType)
 			}
-			var stringLen uint64
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowApi
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthApi
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.SeccompProfilePath = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 11:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field NoNewPrivs", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowApi
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.NoNewPrivs = bool(v != 0)
+		case 12:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field RunAsGroup", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowApi
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthApi
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.RunAsGroup == nil {
+				m.RunAsGroup = &Int64Value{}
+			}
+			if err := m.RunAsGroup.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipApi(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthApi
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *LinuxContainerConfig) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowApi
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: LinuxContainerConfig: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: LinuxContainerConfig: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Resources", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowApi
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthApi
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Resources == nil {
+				m.Resources = &LinuxContainerResources{}
+			}
+			if err := m.Resources.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field SecurityContext", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowApi
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthApi
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.SecurityContext == nil {
+				m.SecurityContext = &LinuxContainerSecurityContext{}
+			}
+			if err := m.SecurityContext.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipApi(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthApi
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *WindowsContainerConfig) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowApi
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: WindowsContainerConfig: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: WindowsContainerConfig: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Resources", wireType)
+			}
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowApi
@@ -16880,41 +17593,25 @@ func (m *LinuxContainerSecurityContext) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= (uint64(b) & 0x7F) << shift
+				msglen |= (int(b) & 0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthApi
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.SeccompProfilePath = string(dAtA[iNdEx:postIndex])
-			iNdEx = postIndex
-		case 11:
-			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field NoNewPrivs", wireType)
+			if m.Resources == nil {
+				m.Resources = &WindowsContainerResources{}
 			}
-			var v int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowApi
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				v |= (int(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
+			if err := m.Resources.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
 			}
-			m.NoNewPrivs = bool(v != 0)
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipApi(dAtA[iNdEx:])
@@ -16936,7 +17633,7 @@ func (m *LinuxContainerSecurityContext) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *LinuxContainerConfig) Unmarshal(dAtA []byte) error {
+func (m *WindowsContainerResources) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -16959,17 +17656,17 @@ func (m *LinuxContainerConfig) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: LinuxContainerConfig: wiretype end group for non-group")
+			return fmt.Errorf("proto: WindowsContainerResources: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: LinuxContainerConfig: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: WindowsContainerResources: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Resources", wireType)
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field CpuShares", wireType)
 			}
-			var msglen int
+			m.CpuShares = 0
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowApi
@@ -16979,30 +17676,16 @@ func (m *LinuxContainerConfig) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= (int(b) & 0x7F) << shift
+				m.CpuShares |= (int64(b) & 0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
-				return ErrInvalidLengthApi
-			}
-			postIndex := iNdEx + msglen
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			if m.Resources == nil {
-				m.Resources = &LinuxContainerResources{}
-			}
-			if err := m.Resources.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
-			iNdEx = postIndex
 		case 2:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field SecurityContext", wireType)
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field CpuCount", wireType)
 			}
-			var msglen int
+			m.CpuCount = 0
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowApi
@@ -17012,25 +17695,49 @@ func (m *LinuxContainerConfig) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= (int(b) & 0x7F) << shift
+				m.CpuCount |= (int64(b) & 0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
-				return ErrInvalidLengthApi
+		case 3:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field CpuMaximum", wireType)
 			}
-			postIndex := iNdEx + msglen
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
+			m.CpuMaximum = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowApi
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.CpuMaximum |= (int64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
 			}
-			if m.SecurityContext == nil {
-				m.SecurityContext = &LinuxContainerSecurityContext{}
+		case 4:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field MemoryLimitInBytes", wireType)
 			}
-			if err := m.SecurityContext.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
+			m.MemoryLimitInBytes = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowApi
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.MemoryLimitInBytes |= (int64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
 			}
-			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipApi(dAtA[iNdEx:])
@@ -17916,6 +18623,39 @@ func (m *ContainerConfig) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 16:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Windows", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowApi
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthApi
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Windows == nil {
+				m.Windows = &WindowsContainerConfig{}
+			}
+			if err := m.Windows.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipApi(dAtA[iNdEx:])
@@ -23865,7 +24605,7 @@ func (m *UInt64Value) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *StorageIdentifier) Unmarshal(dAtA []byte) error {
+func (m *FilesystemIdentifier) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -23888,15 +24628,15 @@ func (m *StorageIdentifier) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: StorageIdentifier: wiretype end group for non-group")
+			return fmt.Errorf("proto: FilesystemIdentifier: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: StorageIdentifier: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: FilesystemIdentifier: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Uuid", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Mountpoint", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -23921,7 +24661,7 @@ func (m *StorageIdentifier) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Uuid = string(dAtA[iNdEx:postIndex])
+			m.Mountpoint = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -23994,7 +24734,7 @@ func (m *FilesystemUsage) Unmarshal(dAtA []byte) error {
 			}
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field StorageId", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field FsId", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -24018,10 +24758,10 @@ func (m *FilesystemUsage) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.StorageId == nil {
-				m.StorageId = &StorageIdentifier{}
+			if m.FsId == nil {
+				m.FsId = &FilesystemIdentifier{}
 			}
-			if err := m.StorageId.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.FsId.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -25473,6 +26213,135 @@ func (m *MemoryUsage) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
+func (m *ReopenContainerLogRequest) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowApi
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ReopenContainerLogRequest: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ReopenContainerLogRequest: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ContainerId", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowApi
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthApi
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.ContainerId = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipApi(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthApi
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ReopenContainerLogResponse) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowApi
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ReopenContainerLogResponse: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ReopenContainerLogResponse: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		default:
+			iNdEx = preIndex
+			skippy, err := skipApi(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthApi
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
 func skipApi(dAtA []byte) (n int, err error) {
 	l := len(dAtA)
 	iNdEx := 0
@@ -25581,280 +26450,294 @@ var (
 func init() { proto.RegisterFile("api.proto", fileDescriptorApi) }
 
 var fileDescriptorApi = []byte{
-	// 4392 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x5b, 0xcd, 0x6f, 0x1c, 0x47,
-	0x76, 0xe7, 0xcc, 0xf0, 0x63, 0xe6, 0x0d, 0x67, 0x38, 0x2c, 0x51, 0xe4, 0x70, 0x24, 0x51, 0x54,
-	0xcb, 0x92, 0x25, 0xed, 0x4a, 0x96, 0xe9, 0xb5, 0x14, 0xcb, 0xb6, 0xe4, 0x31, 0x49, 0x29, 0xb4,
-	0x24, 0x92, 0xdb, 0x43, 0x7a, 0x6d, 0x6c, 0x80, 0x4e, 0x73, 0xba, 0x38, 0x6c, 0x7b, 0xa6, 0xab,
-	0xdd, 0x1f, 0x92, 0x18, 0xe4, 0x90, 0x5c, 0x82, 0x20, 0x40, 0x80, 0xcd, 0x31, 0x39, 0xe5, 0x10,
-	0x60, 0x91, 0x4b, 0x10, 0xe4, 0x10, 0xe4, 0x0f, 0x08, 0x92, 0xbd, 0x2c, 0x10, 0x20, 0x40, 0x90,
-	0xdc, 0xb2, 0xca, 0x21, 0x87, 0x00, 0xf9, 0x1b, 0x16, 0xf5, 0xd5, 0x5d, 0xfd, 0x35, 0x22, 0x65,
-	0xef, 0x5a, 0xa7, 0xe9, 0x7a, 0xf5, 0xea, 0xd5, 0xab, 0xaa, 0x57, 0xaf, 0xde, 0xfb, 0x55, 0x0d,
-	0xd4, 0x4c, 0xd7, 0xbe, 0xe5, 0x7a, 0x24, 0x20, 0x68, 0xc6, 0x0b, 0x9d, 0xc0, 0x1e, 0xe1, 0xce,
-	0xcd, 0x81, 0x1d, 0x1c, 0x85, 0x07, 0xb7, 0xfa, 0x64, 0xf4, 0xce, 0x80, 0x0c, 0xc8, 0x3b, 0xac,
-	0xfe, 0x20, 0x3c, 0x64, 0x25, 0x56, 0x60, 0x5f, 0xbc, 0x9d, 0x76, 0x03, 0x9a, 0x9f, 0x63, 0xcf,
-	0xb7, 0x89, 0xa3, 0xe3, 0x6f, 0x42, 0xec, 0x07, 0xa8, 0x0d, 0x33, 0xcf, 0x38, 0xa5, 0x5d, 0x5a,
-	0x2d, 0x5d, 0xab, 0xe9, 0xb2, 0xa8, 0xfd, 0xbc, 0x04, 0x73, 0x11, 0xb3, 0xef, 0x12, 0xc7, 0xc7,
-	0xc5, 0xdc, 0xe8, 0x12, 0xcc, 0x0a, 0x9d, 0x0c, 0xc7, 0x1c, 0xe1, 0x76, 0x99, 0x55, 0xd7, 0x05,
-	0x6d, 0xdb, 0x1c, 0x61, 0xf4, 0x36, 0xcc, 0x49, 0x16, 0x29, 0xa4, 0xc2, 0xb8, 0x9a, 0x82, 0x2c,
-	0x7a, 0x43, 0xb7, 0xe0, 0x8c, 0x64, 0x34, 0x5d, 0x3b, 0x62, 0x9e, 0x64, 0xcc, 0xf3, 0xa2, 0xaa,
-	0xeb, 0xda, 0x82, 0x5f, 0xfb, 0x29, 0xd4, 0x36, 0xb6, 0x7b, 0xeb, 0xc4, 0x39, 0xb4, 0x07, 0x54,
-	0x45, 0x1f, 0x7b, 0xb4, 0x4d, 0xbb, 0xb4, 0x5a, 0xa1, 0x2a, 0x8a, 0x22, 0xea, 0x40, 0xd5, 0xc7,
-	0xa6, 0xd7, 0x3f, 0xc2, 0x7e, 0xbb, 0xcc, 0xaa, 0xa2, 0x32, 0x6d, 0x45, 0xdc, 0xc0, 0x26, 0x8e,
-	0xdf, 0xae, 0xf0, 0x56, 0xa2, 0xa8, 0xfd, 0x65, 0x09, 0xea, 0xbb, 0xc4, 0x0b, 0x9e, 0x9a, 0xae,
-	0x6b, 0x3b, 0x03, 0x74, 0x13, 0xaa, 0x6c, 0x2e, 0xfb, 0x64, 0xc8, 0xe6, 0xa0, 0xb9, 0x36, 0x7f,
-	0x4b, 0xa8, 0x74, 0x6b, 0x57, 0x54, 0xe8, 0x11, 0x0b, 0xba, 0x02, 0xcd, 0x3e, 0x71, 0x02, 0xd3,
-	0x76, 0xb0, 0x67, 0xb8, 0xc4, 0x0b, 0xd8, 0xcc, 0x4c, 0xe9, 0x8d, 0x88, 0x4a, 0x85, 0xa3, 0x73,
-	0x50, 0x3b, 0x22, 0x7e, 0xc0, 0x39, 0x2a, 0x8c, 0xa3, 0x4a, 0x09, 0xac, 0x72, 0x09, 0x66, 0x58,
-	0xa5, 0xed, 0x8a, 0x39, 0x98, 0xa6, 0xc5, 0x2d, 0x57, 0xfb, 0x65, 0x09, 0xa6, 0x9e, 0x92, 0xd0,
-	0x09, 0x52, 0xdd, 0x98, 0xc1, 0x91, 0x58, 0x1f, 0xa5, 0x1b, 0x33, 0x38, 0x8a, 0xbb, 0xa1, 0x1c,
-	0x7c, 0x89, 0x78, 0x37, 0xb4, 0xb2, 0x03, 0x55, 0x0f, 0x9b, 0x16, 0x71, 0x86, 0xc7, 0x4c, 0x85,
-	0xaa, 0x1e, 0x95, 0xe9, 0xda, 0xf9, 0x78, 0x68, 0x3b, 0xe1, 0x0b, 0xc3, 0xc3, 0x43, 0xf3, 0x00,
-	0x0f, 0x99, 0x2a, 0x55, 0xbd, 0x29, 0xc8, 0x3a, 0xa7, 0xa2, 0x0f, 0xa1, 0xee, 0x7a, 0xc4, 0x35,
-	0x07, 0x26, 0x9d, 0xbe, 0xf6, 0x14, 0x9b, 0xa1, 0xe5, 0x68, 0x86, 0x98, 0xb6, 0xbb, 0x31, 0x83,
-	0xae, 0x72, 0x6b, 0x5f, 0xc1, 0x1c, 0xb5, 0x14, 0xdf, 0x35, 0xfb, 0x78, 0x87, 0xcd, 0x3f, 0xb5,
-	0x2b, 0xa6, 0xb1, 0x83, 0x83, 0xe7, 0xc4, 0xfb, 0x9a, 0x0d, 0xab, 0xaa, 0xd7, 0x29, 0x6d, 0x9b,
-	0x93, 0xd0, 0x32, 0x54, 0xf9, 0xa0, 0x6c, 0x8b, 0x8d, 0xa9, 0xaa, 0xb3, 0xe9, 0xda, 0xb5, 0xad,
-	0xa8, 0xca, 0x76, 0xfb, 0x62, 0x48, 0x33, 0x7c, 0xea, 0xfa, 0x9a, 0x06, 0xb0, 0xe5, 0x04, 0x77,
-	0x7e, 0xf4, 0xb9, 0x39, 0x0c, 0x31, 0x5a, 0x80, 0xa9, 0x67, 0xf4, 0x83, 0xc9, 0xaf, 0xe8, 0xbc,
-	0xa0, 0xfd, 0x49, 0x05, 0xce, 0x3d, 0xa1, 0xa3, 0xeb, 0x99, 0x8e, 0x75, 0x40, 0x5e, 0xf4, 0x70,
-	0x3f, 0xf4, 0xec, 0xe0, 0x78, 0x9d, 0x38, 0x01, 0x7e, 0x11, 0xa0, 0x4d, 0x98, 0x77, 0xa4, 0xbe,
-	0x86, 0xb4, 0x1f, 0x2a, 0xa1, 0xbe, 0xd6, 0x8e, 0x86, 0x9c, 0x1a, 0x91, 0xde, 0x72, 0x92, 0x04,
-	0x1f, 0x3d, 0x88, 0x27, 0x57, 0x0a, 0x29, 0x33, 0x21, 0x8b, 0x91, 0x90, 0xde, 0x26, 0xd3, 0x43,
-	0x88, 0x90, 0x93, 0x2e, 0x05, 0xbc, 0x07, 0x74, 0xa3, 0x19, 0xa6, 0x6f, 0x84, 0x3e, 0xf6, 0xd8,
-	0x48, 0xeb, 0x6b, 0x67, 0xa2, 0xc6, 0xf1, 0x38, 0xf5, 0x9a, 0x17, 0x3a, 0x5d, 0x7f, 0xdf, 0xc7,
-	0x1e, 0xdb, 0x8e, 0x62, 0x79, 0x0d, 0x8f, 0x90, 0xe0, 0xd0, 0x97, 0x4b, 0x2a, 0xc9, 0x3a, 0xa3,
-	0xa2, 0x77, 0xe0, 0x8c, 0x1f, 0xba, 0xee, 0x10, 0x8f, 0xb0, 0x13, 0x98, 0x43, 0x63, 0xe0, 0x91,
-	0xd0, 0xf5, 0xdb, 0x53, 0xab, 0x95, 0x6b, 0x15, 0x1d, 0xa9, 0x55, 0x8f, 0x58, 0x0d, 0x5a, 0x01,
-	0x70, 0x3d, 0xfb, 0x99, 0x3d, 0xc4, 0x03, 0x6c, 0xb5, 0xa7, 0x99, 0x50, 0x85, 0x82, 0x6e, 0xc3,
-	0x82, 0x8f, 0xfb, 0x7d, 0x32, 0x72, 0x0d, 0xd7, 0x23, 0x87, 0xf6, 0x10, 0x73, 0x83, 0x9c, 0x61,
-	0x06, 0x89, 0x44, 0xdd, 0x2e, 0xaf, 0xa2, 0xa6, 0xa9, 0xfd, 0xac, 0x0c, 0x67, 0xd9, 0x04, 0xec,
-	0x12, 0x4b, 0xac, 0x85, 0xd8, 0xee, 0x97, 0xa1, 0xd1, 0x67, 0x0a, 0x19, 0xae, 0xe9, 0x61, 0x27,
-	0x10, 0x76, 0x3f, 0xcb, 0x89, 0xbb, 0x8c, 0x86, 0x76, 0xa0, 0xe5, 0x8b, 0xa5, 0x33, 0xfa, 0x7c,
-	0xed, 0xc4, 0x0c, 0xbf, 0x15, 0x4d, 0xd2, 0x98, 0x75, 0xd6, 0xe7, 0xfc, 0xcc, 0xc2, 0xcf, 0xf8,
-	0xc7, 0x7e, 0x3f, 0x18, 0x72, 0x77, 0x51, 0x5f, 0xfb, 0x41, 0x52, 0x4e, 0x5a, 0xcd, 0x5b, 0x3d,
-	0xce, 0xbd, 0xe9, 0x04, 0xde, 0xb1, 0x2e, 0xdb, 0x76, 0xee, 0xc1, 0xac, 0x5a, 0x81, 0x5a, 0x50,
-	0xf9, 0x1a, 0x1f, 0x8b, 0x21, 0xd0, 0xcf, 0xd8, 0x2e, 0xf9, 0x66, 0xe5, 0x85, 0x7b, 0xe5, 0xdf,
-	0x29, 0x69, 0x1e, 0xa0, 0xb8, 0x97, 0xa7, 0x38, 0x30, 0x2d, 0x33, 0x30, 0x11, 0x82, 0x49, 0xe6,
-	0x7e, 0xb9, 0x08, 0xf6, 0x4d, 0xa5, 0x86, 0x62, 0x6b, 0xd4, 0x74, 0xfa, 0x89, 0xce, 0x43, 0x2d,
-	0x32, 0x42, 0xe1, 0x83, 0x63, 0x02, 0xf5, 0x85, 0x66, 0x10, 0xe0, 0x91, 0x1b, 0x30, 0x83, 0x68,
-	0xe8, 0xb2, 0xa8, 0xfd, 0xd3, 0x24, 0xb4, 0x32, 0x2b, 0x70, 0x17, 0xaa, 0x23, 0xd1, 0xbd, 0xb0,
-	0xfd, 0x73, 0xb1, 0x43, 0xcc, 0x68, 0xa8, 0x47, 0xcc, 0xd4, 0xdf, 0xd0, 0xcd, 0xa8, 0x1c, 0x17,
-	0x51, 0x99, 0x2e, 0xeb, 0x90, 0x0c, 0x0c, 0xcb, 0xf6, 0x70, 0x3f, 0x20, 0xde, 0xb1, 0xd0, 0x72,
-	0x76, 0x48, 0x06, 0x1b, 0x92, 0x86, 0xde, 0x05, 0xb0, 0x1c, 0x9f, 0xae, 0xe8, 0xa1, 0x3d, 0x60,
-	0xba, 0xd6, 0xd7, 0x50, 0xd4, 0x77, 0x74, 0x24, 0xe8, 0x35, 0xcb, 0xf1, 0x85, 0xb2, 0x1f, 0x40,
-	0x83, 0xba, 0x58, 0x63, 0xc4, 0xbd, 0x39, 0xb7, 0xe2, 0xfa, 0xda, 0x82, 0xa2, 0x71, 0xe4, 0xea,
-	0xf5, 0x59, 0x37, 0x2e, 0xf8, 0xe8, 0x63, 0x98, 0x66, 0x2e, 0xce, 0x6f, 0x4f, 0xb3, 0x36, 0x57,
-	0x72, 0x46, 0x29, 0x56, 0xfb, 0x09, 0xe3, 0xe3, 0x8b, 0x2d, 0x1a, 0xa1, 0x27, 0x50, 0x37, 0x1d,
-	0x87, 0x04, 0x26, 0xdf, 0xe0, 0x33, 0x4c, 0xc6, 0x8d, 0x62, 0x19, 0xdd, 0x98, 0x99, 0x0b, 0x52,
-	0x9b, 0xa3, 0x1f, 0xc1, 0x14, 0xf3, 0x00, 0xed, 0x2a, 0x1b, 0xf5, 0xca, 0x78, 0xf3, 0xd3, 0x39,
-	0x73, 0xe7, 0x03, 0xa8, 0x2b, 0xaa, 0x9d, 0xc6, 0xdc, 0x3a, 0xf7, 0xa1, 0x95, 0xd6, 0xe8, 0x54,
-	0xe6, 0xba, 0x05, 0x0b, 0x7a, 0xe8, 0xc4, 0x8a, 0xc9, 0xf8, 0xe3, 0x5d, 0x98, 0x16, 0xeb, 0xc7,
-	0x6d, 0x67, 0xb9, 0x70, 0x46, 0x74, 0xc1, 0xa8, 0x7d, 0x0c, 0x67, 0x53, 0xa2, 0x44, 0x74, 0xf2,
-	0x16, 0x34, 0x5d, 0x62, 0x19, 0x3e, 0x27, 0x1b, 0xb6, 0x25, 0x9d, 0x81, 0x1b, 0xf1, 0x6e, 0x59,
-	0xb4, 0x79, 0x2f, 0x20, 0x6e, 0x56, 0x95, 0x93, 0x35, 0x6f, 0xc3, 0x62, 0xba, 0x39, 0xef, 0x5e,
-	0x7b, 0x00, 0x4b, 0x3a, 0x1e, 0x91, 0x67, 0xf8, 0x75, 0x45, 0x77, 0xa0, 0x9d, 0x15, 0x20, 0x84,
-	0x7f, 0x09, 0x4b, 0x31, 0xb5, 0x17, 0x98, 0x41, 0xe8, 0x9f, 0x4a, 0xb8, 0x08, 0xdd, 0x0e, 0x88,
-	0x8f, 0xe5, 0x21, 0x29, 0x8a, 0xda, 0x75, 0x55, 0xb4, 0x38, 0x54, 0x79, 0x0f, 0xa8, 0x09, 0x65,
-	0xdb, 0x15, 0xe2, 0xca, 0xb6, 0xab, 0x3d, 0x80, 0x5a, 0x74, 0x9c, 0xa1, 0xb5, 0x38, 0x66, 0x2a,
-	0xbf, 0xe2, 0xcc, 0x8b, 0xa2, 0xa9, 0xc7, 0x19, 0x3f, 0x2e, 0x7a, 0x5a, 0x03, 0x88, 0x3c, 0x90,
-	0x3c, 0x43, 0x51, 0x56, 0x9e, 0xae, 0x70, 0x69, 0x7f, 0x93, 0x70, 0x47, 0x8a, 0xca, 0x56, 0xa4,
-	0xb2, 0x95, 0x70, 0x4f, 0xe5, 0xd3, 0xb8, 0xa7, 0x5b, 0x30, 0xe5, 0x07, 0x66, 0xc0, 0x1d, 0x64,
-	0x53, 0x19, 0x5c, 0xb2, 0x4b, 0xac, 0x73, 0x36, 0x74, 0x01, 0xa0, 0xef, 0x61, 0x33, 0xc0, 0x96,
-	0x61, 0x72, 0xcf, 0x59, 0xd1, 0x6b, 0x82, 0xd2, 0x0d, 0xd0, 0x3d, 0x98, 0x91, 0x31, 0xcc, 0x14,
-	0x53, 0x63, 0x35, 0x47, 0x60, 0x62, 0xf6, 0x75, 0xd9, 0x20, 0xde, 0xed, 0xd3, 0xe3, 0x77, 0xbb,
-	0x68, 0xc7, 0x99, 0x15, 0x87, 0x35, 0x53, 0xe8, 0xb0, 0x78, 0x8b, 0x93, 0x38, 0xac, 0x6a, 0xa1,
-	0xc3, 0x12, 0x32, 0xc6, 0x3a, 0xac, 0xef, 0xd3, 0xf5, 0xfc, 0x6b, 0x09, 0xda, 0xd9, 0xbd, 0x23,
-	0x7c, 0xc6, 0xbb, 0x30, 0xed, 0x33, 0xca, 0x18, 0xff, 0x23, 0x9a, 0x08, 0x46, 0xf4, 0x00, 0x26,
-	0x6d, 0xe7, 0x90, 0xb0, 0x1c, 0x42, 0x3d, 0xf9, 0x8b, 0xfa, 0xb8, 0xb5, 0xe5, 0x1c, 0x12, 0x3e,
-	0x25, 0xac, 0x61, 0xe7, 0x2e, 0xd4, 0x22, 0xd2, 0xa9, 0x46, 0xf2, 0x10, 0x16, 0x52, 0xc6, 0xc7,
-	0xa3, 0xd7, 0xc8, 0x54, 0x4b, 0x27, 0x32, 0x55, 0xed, 0xff, 0x4b, 0xea, 0xc6, 0x79, 0x68, 0x0f,
-	0x03, 0xec, 0x65, 0x36, 0xce, 0x7b, 0x52, 0x28, 0xdf, 0x35, 0x17, 0x8a, 0x84, 0xf2, 0xc0, 0x52,
-	0x6c, 0x82, 0x1e, 0x34, 0x99, 0xf9, 0x18, 0x3e, 0x1e, 0xb2, 0x53, 0x5a, 0xc4, 0x47, 0x3f, 0xcc,
-	0x69, 0xcd, 0xfb, 0xe5, 0xb6, 0xd7, 0x13, 0xec, 0x7c, 0x9a, 0x1a, 0x43, 0x95, 0xd6, 0xf9, 0x04,
-	0x50, 0x96, 0xe9, 0x54, 0x13, 0xf7, 0x19, 0x75, 0x3b, 0x34, 0x9b, 0xca, 0x39, 0x7e, 0x0e, 0x99,
-	0x1a, 0x63, 0x96, 0x9f, 0xeb, 0xa9, 0x0b, 0x46, 0xed, 0xaf, 0x2b, 0x00, 0x71, 0xe5, 0x1b, 0xeb,
-	0x6f, 0xee, 0x46, 0xbb, 0x9f, 0x87, 0x38, 0x17, 0x73, 0xe4, 0xe5, 0xee, 0xfb, 0x87, 0xc9, 0x7d,
-	0xcf, 0x83, 0x9d, 0xb7, 0xf2, 0x5a, 0xbf, 0xb1, 0x3b, 0x7e, 0x1d, 0x16, 0xd3, 0xcb, 0x2d, 0xb6,
-	0xfb, 0x75, 0x98, 0xb2, 0x03, 0x3c, 0xe2, 0xd8, 0x80, 0x9a, 0x23, 0x29, 0xbc, 0x9c, 0x43, 0xbb,
-	0x04, 0xb5, 0xad, 0x91, 0x39, 0xc0, 0x3d, 0x17, 0xf7, 0x69, 0x5f, 0x36, 0x2d, 0x88, 0xfe, 0x79,
-	0x41, 0x5b, 0x83, 0xea, 0x63, 0x7c, 0xcc, 0xf7, 0xe0, 0x09, 0xf5, 0xd3, 0xfe, 0xbc, 0x0c, 0x4b,
-	0xcc, 0x6d, 0xaf, 0xcb, 0xcc, 0x5c, 0xc7, 0x3e, 0x09, 0xbd, 0x3e, 0xf6, 0xd9, 0x92, 0xba, 0xa1,
-	0xe1, 0x62, 0xcf, 0x26, 0x96, 0x48, 0x45, 0x6b, 0x7d, 0x37, 0xdc, 0x65, 0x04, 0x9a, 0xbd, 0xd3,
-	0xea, 0x6f, 0x42, 0x22, 0x6c, 0xab, 0xa2, 0x57, 0xfb, 0x6e, 0xf8, 0x63, 0x5a, 0x96, 0x6d, 0xfd,
-	0x23, 0xd3, 0xc3, 0x3e, 0xb3, 0x21, 0xde, 0xb6, 0xc7, 0x08, 0xe8, 0x5d, 0x38, 0x3b, 0xc2, 0x23,
-	0xe2, 0x1d, 0x1b, 0x43, 0x7b, 0x64, 0x07, 0x86, 0xed, 0x18, 0x07, 0xc7, 0x01, 0xf6, 0x85, 0xe1,
-	0x20, 0x5e, 0xf9, 0x84, 0xd6, 0x6d, 0x39, 0x9f, 0xd2, 0x1a, 0xa4, 0x41, 0x83, 0x90, 0x91, 0xe1,
-	0xf7, 0x89, 0x87, 0x0d, 0xd3, 0xfa, 0x8a, 0x9d, 0x5b, 0x15, 0xbd, 0x4e, 0xc8, 0xa8, 0x47, 0x69,
-	0x5d, 0xeb, 0x2b, 0x74, 0x11, 0xea, 0x7d, 0x37, 0xf4, 0x71, 0x60, 0xd0, 0x1f, 0x76, 0x3e, 0xd5,
-	0x74, 0xe0, 0xa4, 0x75, 0x37, 0xf4, 0x15, 0x86, 0x11, 0x9d, 0xf6, 0x19, 0x95, 0xe1, 0x29, 0x9d,
-	0x66, 0x13, 0x1a, 0x89, 0xe4, 0x96, 0xa6, 0x30, 0x2c, 0x8b, 0x15, 0x29, 0x0c, 0xfd, 0xa6, 0x34,
-	0x8f, 0x0c, 0xe5, 0x4c, 0xb2, 0x6f, 0x4a, 0x0b, 0x8e, 0x5d, 0x99, 0xbf, 0xb0, 0x6f, 0x3a, 0xe5,
-	0x43, 0xfc, 0x4c, 0x80, 0x13, 0x35, 0x9d, 0x17, 0x34, 0x0b, 0x60, 0xdd, 0x74, 0xcd, 0x03, 0x7b,
-	0x68, 0x07, 0xc7, 0xe8, 0x3a, 0xb4, 0x4c, 0xcb, 0x32, 0xfa, 0x92, 0x62, 0x63, 0x89, 0x14, 0xcd,
-	0x99, 0x96, 0xb5, 0xae, 0x90, 0xd1, 0x0f, 0x60, 0xde, 0xf2, 0x88, 0x9b, 0xe4, 0xe5, 0xd0, 0x51,
-	0x8b, 0x56, 0xa8, 0xcc, 0xda, 0x3f, 0x4e, 0xc2, 0x85, 0xe4, 0xc2, 0xa6, 0xe1, 0x82, 0xbb, 0x30,
-	0x9b, 0xea, 0x35, 0x99, 0xa7, 0xc7, 0x4a, 0xea, 0x09, 0xc6, 0x54, 0x42, 0x5d, 0xce, 0x24, 0xd4,
-	0xb9, 0x38, 0x44, 0xe5, 0xbb, 0xc0, 0x21, 0x26, 0xbf, 0x0d, 0x0e, 0x31, 0x75, 0x22, 0x1c, 0xe2,
-	0x2a, 0x83, 0x05, 0x65, 0x23, 0x96, 0x0d, 0x72, 0x33, 0x6a, 0x44, 0x3c, 0x8e, 0x84, 0x0f, 0x53,
-	0x78, 0xc5, 0xcc, 0x69, 0xf0, 0x8a, 0x6a, 0x21, 0x5e, 0x41, 0x2d, 0xc2, 0x75, 0x4d, 0x6f, 0x44,
-	0x3c, 0x09, 0x48, 0xb4, 0x6b, 0x4c, 0x85, 0x39, 0x49, 0x17, 0x60, 0x44, 0x21, 0x74, 0x01, 0x45,
-	0xd0, 0x05, 0x5a, 0x85, 0x59, 0x87, 0x18, 0x0e, 0x7e, 0x6e, 0xd0, 0x05, 0xf3, 0xdb, 0x75, 0xbe,
-	0x7a, 0x0e, 0xd9, 0xc6, 0xcf, 0x77, 0x29, 0x45, 0xfb, 0xdb, 0x12, 0x2c, 0x24, 0x0d, 0x47, 0x24,
-	0xab, 0xf7, 0xa1, 0xe6, 0x49, 0xdf, 0x20, 0x8c, 0x65, 0x35, 0x19, 0xfa, 0x65, 0x7d, 0x88, 0x1e,
-	0x37, 0x41, 0x3f, 0x2e, 0x84, 0x3d, 0xae, 0x16, 0x88, 0x79, 0x15, 0xf0, 0xa1, 0x75, 0x61, 0x3e,
-	0x62, 0x1e, 0x0b, 0x3a, 0x28, 0x20, 0x42, 0x39, 0x09, 0x22, 0x38, 0x30, 0xbd, 0x81, 0x9f, 0xd9,
-	0x7d, 0xfc, 0x9d, 0x80, 0x96, 0xab, 0x50, 0x77, 0xb1, 0x37, 0xb2, 0x7d, 0x3f, 0x32, 0xfa, 0x9a,
-	0xae, 0x92, 0xb4, 0xff, 0x9a, 0x82, 0xb9, 0xf4, 0xcc, 0xde, 0xc9, 0x60, 0x16, 0x9d, 0x78, 0x17,
-	0xa6, 0xc7, 0xa7, 0x9c, 0xd1, 0xd7, 0xe4, 0x31, 0x50, 0x4e, 0x25, 0x28, 0xd1, 0x49, 0x21, 0x8e,
-	0x06, 0x3a, 0xfe, 0x3e, 0x19, 0x8d, 0x4c, 0xc7, 0x92, 0x80, 0xb2, 0x28, 0xd2, 0xd9, 0x32, 0xbd,
-	0x01, 0xdd, 0x5a, 0x94, 0xcc, 0xbe, 0xa9, 0x97, 0xa4, 0x81, 0xbe, 0xed, 0x30, 0xc8, 0x83, 0x6d,
-	0x9c, 0x9a, 0x0e, 0x82, 0xb4, 0x61, 0x7b, 0xe8, 0x0a, 0x4c, 0x62, 0xe7, 0x99, 0x3c, 0x8d, 0x63,
-	0xc4, 0x59, 0x1e, 0x3f, 0x3a, 0xab, 0x46, 0x57, 0x61, 0x7a, 0x44, 0x42, 0x27, 0x90, 0x21, 0x7f,
-	0x33, 0x09, 0xbc, 0xea, 0xa2, 0x16, 0x5d, 0x87, 0x19, 0x8b, 0xad, 0x81, 0x8c, 0xeb, 0xe7, 0x62,
-	0xd8, 0x84, 0xd1, 0x75, 0x59, 0x8f, 0x3e, 0x8a, 0xe2, 0x88, 0x5a, 0x2a, 0x12, 0x48, 0x4d, 0x6a,
-	0x6e, 0x30, 0xf1, 0x38, 0x19, 0x4c, 0x00, 0x13, 0x71, 0xbd, 0x50, 0xc4, 0x78, 0xd0, 0x63, 0x19,
-	0xaa, 0x43, 0x32, 0xe0, 0x76, 0x50, 0xe7, 0xd7, 0x0f, 0x43, 0x32, 0x60, 0x66, 0xb0, 0x40, 0x83,
-	0x27, 0xcb, 0x76, 0xda, 0xb3, 0x6c, 0x7b, 0xf1, 0x02, 0x3d, 0x13, 0xd9, 0x87, 0x41, 0x9c, 0x3e,
-	0x6e, 0x37, 0x58, 0x55, 0x8d, 0x51, 0x76, 0x9c, 0x3e, 0x3b, 0xb2, 0x83, 0xe0, 0xb8, 0xdd, 0x64,
-	0x74, 0xfa, 0x49, 0x63, 0x5e, 0x9e, 0x68, 0xcd, 0xa5, 0x62, 0xde, 0xbc, 0xfd, 0xf9, 0x06, 0xa0,
-	0x2a, 0xff, 0x50, 0x82, 0xc5, 0x75, 0x16, 0xf2, 0x29, 0x9e, 0xe0, 0x34, 0xa8, 0xc0, 0xed, 0x08,
-	0x7e, 0x49, 0xa7, 0xf0, 0xe9, 0xc1, 0x0a, 0x3e, 0xf4, 0x09, 0x34, 0xa5, 0x4c, 0xd1, 0xb2, 0xf2,
-	0x2a, 0xe0, 0xa6, 0xe1, 0xab, 0x45, 0xed, 0x23, 0x58, 0xca, 0xe8, 0x2c, 0xc2, 0xb3, 0x4b, 0x30,
-	0x1b, 0x7b, 0x84, 0x48, 0xe5, 0x7a, 0x44, 0xdb, 0xb2, 0xb4, 0x7b, 0x70, 0xb6, 0x17, 0x98, 0x5e,
-	0x90, 0x19, 0xf0, 0x09, 0xda, 0x32, 0xec, 0x26, 0xd9, 0x56, 0xc0, 0x2b, 0x3d, 0x58, 0xe8, 0x05,
-	0xc4, 0x7d, 0x0d, 0xa1, 0x74, 0xa7, 0xd3, 0x61, 0x93, 0x30, 0x10, 0x31, 0x99, 0x2c, 0x6a, 0x4b,
-	0x1c, 0x69, 0xca, 0xf6, 0xf6, 0x21, 0x2c, 0x72, 0xa0, 0xe7, 0x75, 0x06, 0xb1, 0x2c, 0x61, 0xa6,
-	0xac, 0xdc, 0x0d, 0x38, 0x13, 0xbb, 0xf2, 0x38, 0x3d, 0xbc, 0x99, 0x4c, 0x0f, 0x97, 0xb2, 0x6b,
-	0x9c, 0xc8, 0x0e, 0xff, 0xa2, 0xac, 0x38, 0xcc, 0x82, 0xe4, 0x70, 0x2d, 0x99, 0x1c, 0x9e, 0x2f,
-	0x10, 0x99, 0xc8, 0x0d, 0xb3, 0x16, 0x59, 0xc9, 0xb1, 0x48, 0x3d, 0x93, 0x41, 0x4e, 0xa6, 0xf2,
-	0xec, 0x94, 0x6e, 0xbf, 0x95, 0x04, 0x72, 0x8b, 0x27, 0x90, 0x51, 0xd7, 0x11, 0xf8, 0x76, 0x3b,
-	0x95, 0x40, 0xb6, 0x8b, 0xd4, 0x8c, 0xf2, 0xc7, 0x3f, 0x9d, 0x84, 0x5a, 0x54, 0x97, 0x99, 0xd8,
-	0xec, 0x24, 0x95, 0x73, 0x26, 0x49, 0x3d, 0xbf, 0x2a, 0xaf, 0x73, 0x7e, 0x4d, 0xbe, 0xea, 0xfc,
-	0x3a, 0x07, 0x35, 0xf6, 0x61, 0x78, 0xf8, 0x50, 0x9c, 0x47, 0x55, 0x46, 0xd0, 0xf1, 0x61, 0x6c,
-	0x50, 0xd3, 0x27, 0x31, 0xa8, 0x54, 0xa6, 0x3a, 0x93, 0xce, 0x54, 0xef, 0x44, 0x27, 0x0c, 0x3f,
-	0x8b, 0x56, 0xb2, 0xe2, 0x72, 0xcf, 0x96, 0xcd, 0xe4, 0xd9, 0xc2, 0x8f, 0xa7, 0xcb, 0x39, 0x8d,
-	0xdf, 0xd8, 0x3c, 0xf5, 0x09, 0xcf, 0x53, 0x55, 0xab, 0x12, 0x8e, 0x70, 0x0d, 0x20, 0xda, 0xf3,
-	0x32, 0x59, 0x45, 0xd9, 0xa1, 0xe9, 0x0a, 0x97, 0xb6, 0x0f, 0x8b, 0x89, 0xf9, 0x8f, 0x11, 0xe2,
-	0x93, 0x79, 0xb1, 0x02, 0x78, 0xf8, 0x5f, 0xd4, 0xf8, 0xa9, 0x00, 0x64, 0xbd, 0x93, 0x01, 0x3d,
-	0x4e, 0x66, 0x8f, 0x37, 0x93, 0x98, 0xc7, 0xe9, 0x0c, 0x29, 0x03, 0x79, 0xb0, 0xe3, 0xde, 0xf4,
-	0x44, 0x35, 0xcf, 0x56, 0x6b, 0x82, 0xd2, 0x0d, 0x68, 0x90, 0x75, 0x68, 0x3b, 0xb6, 0x7f, 0xc4,
-	0xeb, 0xa7, 0x59, 0x3d, 0x48, 0x52, 0x97, 0x5d, 0xc2, 0xe3, 0x17, 0x76, 0x60, 0xf4, 0x89, 0x85,
-	0x99, 0x99, 0x4e, 0xe9, 0x55, 0x4a, 0x58, 0x27, 0x16, 0x8e, 0xb7, 0x4e, 0xf5, 0x54, 0x5b, 0xa7,
-	0x96, 0xda, 0x3a, 0x8b, 0x30, 0xed, 0x61, 0xd3, 0x27, 0x8e, 0x48, 0x19, 0x44, 0x89, 0xce, 0xff,
-	0x08, 0xfb, 0x3e, 0xed, 0x40, 0x84, 0x36, 0xa2, 0xa8, 0x04, 0x60, 0xb3, 0x45, 0x01, 0xd8, 0x18,
-	0x14, 0x37, 0x15, 0x80, 0x35, 0x8a, 0x02, 0xb0, 0x93, 0x80, 0xb8, 0x4a, 0x78, 0xd9, 0x1c, 0x1b,
-	0x5e, 0xaa, 0x81, 0xda, 0x5c, 0x22, 0x50, 0xfb, 0x3e, 0x77, 0xdb, 0x3f, 0x97, 0x60, 0x29, 0xb3,
-	0x41, 0xc4, 0x7e, 0xbb, 0x9d, 0x82, 0x81, 0xdb, 0x45, 0x33, 0x14, 0xa1, 0xc0, 0xf7, 0x13, 0x28,
-	0xf0, 0x8d, 0x42, 0xfe, 0xef, 0x1c, 0x04, 0xfe, 0x43, 0xb8, 0xb8, 0xef, 0x5a, 0xa9, 0xf0, 0x49,
-	0x24, 0x7f, 0x27, 0xdf, 0xef, 0x77, 0x64, 0xa4, 0x5b, 0x3e, 0x61, 0x5e, 0xc9, 0xd9, 0x35, 0x0d,
-	0x56, 0x8b, 0x7b, 0x17, 0x61, 0xc8, 0xef, 0xc3, 0xdc, 0xe6, 0x0b, 0xdc, 0xef, 0x1d, 0x3b, 0xfd,
-	0x53, 0x68, 0xd4, 0x82, 0x4a, 0x7f, 0x64, 0x09, 0x78, 0x85, 0x7e, 0xaa, 0x91, 0x55, 0x25, 0x19,
-	0x59, 0x19, 0xd0, 0x8a, 0x7b, 0x10, 0x4b, 0xb8, 0x48, 0x97, 0xd0, 0xa2, 0xcc, 0x54, 0xf8, 0xac,
-	0x2e, 0x4a, 0x82, 0x8e, 0x3d, 0x8f, 0x0d, 0x95, 0xd3, 0xb1, 0xe7, 0x25, 0x77, 0x7b, 0x25, 0xb9,
-	0xdb, 0xb5, 0xbf, 0x2a, 0x41, 0x9d, 0xf6, 0xf0, 0xad, 0xf4, 0x17, 0xf9, 0x45, 0x25, 0xce, 0x2f,
-	0xa2, 0x34, 0x65, 0x52, 0x4d, 0x53, 0x62, 0xcd, 0xa7, 0x18, 0x39, 0xab, 0xf9, 0x74, 0x44, 0xc7,
-	0x9e, 0xa7, 0xad, 0xc2, 0x2c, 0xd7, 0x4d, 0x8c, 0xbc, 0x05, 0x95, 0xd0, 0x1b, 0x4a, 0xeb, 0x09,
-	0xbd, 0xa1, 0xf6, 0x67, 0x25, 0x68, 0x74, 0x83, 0xc0, 0xec, 0x1f, 0x9d, 0x62, 0x00, 0x91, 0x72,
-	0x65, 0x55, 0xb9, 0xec, 0x20, 0x62, 0x75, 0x27, 0x0b, 0xd4, 0x9d, 0x4a, 0xa8, 0xab, 0x41, 0x53,
-	0xea, 0x52, 0xa8, 0xf0, 0x36, 0xa0, 0x5d, 0xe2, 0x05, 0x0f, 0x89, 0xf7, 0xdc, 0xf4, 0xac, 0xd3,
-	0xe5, 0x30, 0x08, 0x26, 0xc5, 0xc3, 0xaa, 0xca, 0xb5, 0x29, 0x9d, 0x7d, 0x6b, 0x6f, 0xc3, 0x99,
-	0x84, 0xbc, 0xc2, 0x8e, 0xef, 0x42, 0x9d, 0x39, 0x70, 0x11, 0xe7, 0x5e, 0x53, 0x71, 0xde, 0x71,
-	0x5e, 0x5e, 0xeb, 0xc2, 0x3c, 0x3d, 0xbb, 0x19, 0x3d, 0xda, 0x78, 0x3f, 0x4c, 0x45, 0x83, 0x0b,
-	0xc9, 0xf6, 0xa9, 0x48, 0xf0, 0xef, 0x4a, 0x30, 0xc5, 0xe8, 0x99, 0xf3, 0xf4, 0x1c, 0xd4, 0x3c,
-	0xec, 0x12, 0x23, 0x30, 0x07, 0xd1, 0x5b, 0x35, 0x4a, 0xd8, 0x33, 0x07, 0x3e, 0x7b, 0x6a, 0x47,
-	0x2b, 0x2d, 0x7b, 0x80, 0xfd, 0x40, 0x3e, 0x58, 0xab, 0x53, 0xda, 0x06, 0x27, 0xd1, 0x29, 0xf1,
-	0xed, 0x3f, 0xe0, 0x61, 0xde, 0xa4, 0xce, 0xbe, 0xd1, 0x15, 0xfe, 0x0c, 0x64, 0x0c, 0x28, 0xc7,
-	0xde, 0x86, 0x74, 0xa0, 0x9a, 0xc2, 0xe1, 0xa2, 0xb2, 0xf6, 0x11, 0x20, 0x75, 0xcc, 0x62, 0x52,
-	0xaf, 0xc2, 0x34, 0x9b, 0x12, 0x19, 0xa7, 0x34, 0x93, 0x83, 0xd6, 0x45, 0xad, 0xf6, 0x05, 0x20,
-	0x3e, 0x8b, 0x89, 0xd8, 0xe4, 0xc4, 0x33, 0x3e, 0x26, 0x44, 0xf9, 0xfb, 0x12, 0x9c, 0x49, 0x88,
-	0x8e, 0x1e, 0x04, 0x24, 0x64, 0xa7, 0x15, 0x13, 0x72, 0xef, 0x25, 0x3c, 0xf9, 0xd5, 0x94, 0x02,
-	0xbf, 0x21, 0x2f, 0xfe, 0xcb, 0x12, 0x40, 0x37, 0x0c, 0x8e, 0x04, 0x20, 0xa5, 0xce, 0x7a, 0x29,
-	0x39, 0xeb, 0xb4, 0xce, 0x35, 0x7d, 0xff, 0x39, 0xf1, 0x64, 0x32, 0x10, 0x95, 0x19, 0x98, 0x14,
-	0x06, 0x47, 0x12, 0x04, 0xa7, 0xdf, 0xe8, 0x0a, 0x34, 0xf9, 0x93, 0x47, 0xc3, 0xb4, 0x2c, 0x0f,
-	0xfb, 0xbe, 0x40, 0xc3, 0x1b, 0x9c, 0xda, 0xe5, 0x44, 0xca, 0x66, 0x5b, 0xd8, 0x09, 0xec, 0xe0,
-	0xd8, 0x08, 0xc8, 0xd7, 0xd8, 0x11, 0x61, 0x7e, 0x43, 0x52, 0xf7, 0x28, 0x91, 0xb2, 0x79, 0x78,
-	0x60, 0xfb, 0x81, 0x27, 0xd9, 0x24, 0x3a, 0x2b, 0xa8, 0x8c, 0x4d, 0xfb, 0x79, 0x09, 0x5a, 0xbb,
-	0xe1, 0x70, 0xc8, 0x67, 0xf6, 0xd4, 0x6b, 0xfb, 0xb6, 0x18, 0x47, 0x39, 0x65, 0x9d, 0xf1, 0x14,
-	0x89, 0xc1, 0x7d, 0x7b, 0xf8, 0xe1, 0x36, 0xcc, 0x2b, 0x8a, 0x0a, 0x4b, 0x49, 0xc4, 0x6c, 0xa5,
-	0x64, 0xcc, 0xa6, 0xdd, 0x07, 0xc4, 0x33, 0xee, 0xd7, 0x1b, 0x9c, 0x76, 0x16, 0xce, 0x24, 0xda,
-	0x8b, 0x63, 0xf2, 0x06, 0x34, 0xc4, 0x7d, 0xbf, 0x30, 0x82, 0x65, 0xa8, 0x52, 0x77, 0xd7, 0xb7,
-	0x2d, 0x79, 0xfb, 0x31, 0xe3, 0x12, 0x6b, 0xdd, 0xb6, 0x3c, 0x6d, 0x1b, 0x1a, 0x3a, 0x17, 0x2f,
-	0x78, 0x3f, 0x86, 0xa6, 0x78, 0x1d, 0x60, 0x24, 0xde, 0xcf, 0xc4, 0x50, 0x7d, 0x42, 0xb6, 0xde,
-	0x70, 0xd4, 0xa2, 0xf6, 0x53, 0xe8, 0xf0, 0x63, 0x3c, 0x21, 0x55, 0x0e, 0xed, 0x63, 0x90, 0x4f,
-	0x72, 0x8b, 0x84, 0x27, 0x9b, 0x35, 0x3c, 0xb5, 0xa8, 0x5d, 0x80, 0x73, 0xb9, 0xc2, 0xc5, 0xb8,
-	0x5d, 0x68, 0xc5, 0x15, 0x96, 0x2d, 0x2f, 0x7d, 0xd8, 0x65, 0x4e, 0x49, 0xb9, 0xcc, 0x59, 0x8c,
-	0x62, 0xb2, 0xb2, 0x3c, 0x4f, 0x58, 0xe4, 0x15, 0x87, 0xd0, 0x95, 0xa2, 0x10, 0x7a, 0x32, 0x11,
-	0x42, 0x6b, 0x9f, 0x45, 0xb3, 0x27, 0xf2, 0x97, 0x0f, 0x58, 0x7a, 0xc5, 0xfb, 0x96, 0x6e, 0x6b,
-	0x39, 0x67, 0x70, 0x9c, 0x43, 0x57, 0x98, 0xb5, 0xeb, 0xd0, 0x48, 0x3a, 0x30, 0xc5, 0x2d, 0x95,
-	0x32, 0x6e, 0xa9, 0x99, 0xf2, 0x48, 0xb7, 0x52, 0x71, 0x66, 0x66, 0x46, 0x53, 0x51, 0xe6, 0xfb,
-	0x09, 0xdf, 0x74, 0x29, 0xbe, 0x87, 0xf9, 0x0d, 0xb9, 0xa5, 0x05, 0xe1, 0xa3, 0x1f, 0xfa, 0xb4,
-	0xbd, 0x18, 0xa2, 0x76, 0x19, 0xea, 0xfb, 0x45, 0x8f, 0x65, 0x27, 0xe5, 0xc5, 0xe6, 0xdb, 0x30,
-	0xdf, 0x0b, 0x88, 0x67, 0x0e, 0xf0, 0x16, 0x73, 0x20, 0x87, 0x36, 0xbf, 0xb8, 0x0b, 0xc3, 0xe8,
-	0x68, 0x63, 0xdf, 0xda, 0x7f, 0x94, 0x60, 0xee, 0xa1, 0x3d, 0xc4, 0xfe, 0xb1, 0x1f, 0xe0, 0xd1,
-	0x3e, 0x4b, 0x72, 0xce, 0x43, 0x8d, 0x8e, 0xcb, 0x0f, 0xcc, 0x91, 0x2b, 0x2f, 0x3e, 0x23, 0x02,
-	0x5d, 0x2e, 0x9f, 0x8b, 0x96, 0x80, 0x88, 0x9a, 0x60, 0x66, 0x7a, 0xa5, 0x49, 0x9f, 0x20, 0xa1,
-	0xf7, 0x00, 0x42, 0x1f, 0x5b, 0xe2, 0xb2, 0xb3, 0x92, 0x3a, 0x95, 0xf7, 0xd5, 0x2b, 0x29, 0xca,
-	0xc7, 0x6f, 0x3e, 0xdf, 0x87, 0xba, 0xed, 0x10, 0x0b, 0xb3, 0x2b, 0x29, 0x4b, 0x80, 0x25, 0xf9,
-	0xad, 0x80, 0x33, 0xee, 0xfb, 0xd8, 0xd2, 0x7e, 0x4f, 0x9c, 0x42, 0x72, 0xf2, 0xc4, 0x9a, 0x6f,
-	0xc2, 0x3c, 0xf7, 0x2d, 0x87, 0xd1, 0xa0, 0xa5, 0xcd, 0xc5, 0x69, 0x46, 0x6a, 0x42, 0xf4, 0x96,
-	0x2d, 0x02, 0x06, 0xd9, 0x42, 0xbb, 0x07, 0x67, 0x13, 0xb9, 0xc5, 0x29, 0xa2, 0x7d, 0xed, 0x51,
-	0x0a, 0x1a, 0x88, 0x0d, 0x52, 0x64, 0xe0, 0xd2, 0x1e, 0x0b, 0x32, 0x70, 0x9f, 0x67, 0xe0, 0xbe,
-	0xa6, 0xc3, 0x72, 0x02, 0xb1, 0x48, 0x28, 0xf2, 0x7e, 0x2a, 0xfa, 0xb9, 0x50, 0x20, 0x2c, 0x15,
-	0x06, 0xfd, 0x6f, 0x09, 0x16, 0xf2, 0x18, 0x5e, 0x13, 0x1b, 0xfb, 0x49, 0xc1, 0x13, 0x94, 0xdb,
-	0x63, 0xb5, 0xf9, 0xad, 0xa0, 0x88, 0x8f, 0xa1, 0x93, 0x37, 0x7b, 0xd9, 0xa5, 0xa8, 0x9c, 0x60,
-	0x29, 0xfe, 0xaf, 0xac, 0xa0, 0xbd, 0xdd, 0x20, 0xf0, 0xec, 0x83, 0x90, 0x1a, 0xef, 0x77, 0x85,
-	0xcd, 0x7c, 0x12, 0xe1, 0x0e, 0x7c, 0xfe, 0xae, 0x65, 0x5b, 0xc5, 0xbd, 0xe6, 0x62, 0x0f, 0x3b,
-	0x49, 0xec, 0x81, 0xe3, 0xb8, 0x37, 0xc7, 0x8a, 0x79, 0x63, 0xa1, 0xba, 0x97, 0x25, 0x68, 0x26,
-	0xd7, 0x01, 0x7d, 0x04, 0x60, 0x46, 0x9a, 0x0b, 0x93, 0x3f, 0x3f, 0x6e, 0x74, 0xba, 0xc2, 0x8f,
-	0x2e, 0x43, 0xa5, 0xef, 0x86, 0x62, 0x45, 0xe2, 0x0b, 0xbd, 0x75, 0x37, 0xe4, 0x0e, 0x80, 0xd6,
-	0xd2, 0x7c, 0x82, 0x3f, 0xcc, 0xc8, 0x78, 0xae, 0xa7, 0x8c, 0xcc, 0x59, 0x05, 0x0f, 0x7a, 0x00,
-	0xcd, 0xe7, 0x9e, 0x1d, 0x98, 0x07, 0x43, 0x6c, 0x0c, 0xcd, 0x63, 0xec, 0x09, 0xcf, 0x55, 0xec,
-	0x65, 0x1a, 0x92, 0xff, 0x09, 0x65, 0xd7, 0x42, 0xa8, 0xca, 0xfe, 0x5f, 0xe1, 0x91, 0x1f, 0xc3,
-	0x52, 0x48, 0xd9, 0x0c, 0xf6, 0x38, 0xc4, 0x31, 0x1d, 0x62, 0xf8, 0x98, 0x9e, 0x92, 0xf2, 0x2d,
-	0x68, 0xbe, 0xb7, 0x5c, 0x60, 0x8d, 0xd6, 0x89, 0x87, 0xb7, 0x4d, 0x87, 0xf4, 0x78, 0x0b, 0x6d,
-	0x04, 0x75, 0x65, 0x38, 0xaf, 0xe8, 0xf9, 0x13, 0x98, 0x97, 0x57, 0xa5, 0x3e, 0x0e, 0x84, 0x5f,
-	0x1f, 0xd7, 0xe7, 0x9c, 0x60, 0xef, 0xe1, 0x80, 0x79, 0xf7, 0x1b, 0xe7, 0xa1, 0x2a, 0xff, 0xa8,
-	0x83, 0x66, 0xa0, 0xb2, 0xb7, 0xbe, 0xdb, 0x9a, 0xa0, 0x1f, 0xfb, 0x1b, 0xbb, 0xad, 0xd2, 0x8d,
-	0x11, 0xb4, 0xd2, 0x7f, 0x52, 0x41, 0x4b, 0x70, 0x66, 0x57, 0xdf, 0xd9, 0xed, 0x3e, 0xea, 0xee,
-	0x6d, 0xed, 0x6c, 0x1b, 0xbb, 0xfa, 0xd6, 0xe7, 0xdd, 0xbd, 0xcd, 0xd6, 0x04, 0xba, 0x04, 0x17,
-	0xd4, 0x8a, 0xdf, 0xdd, 0xe9, 0xed, 0x19, 0x7b, 0x3b, 0xc6, 0xfa, 0xce, 0xf6, 0x5e, 0x77, 0x6b,
-	0x7b, 0x53, 0x6f, 0x95, 0xd0, 0x05, 0x58, 0x56, 0x59, 0x3e, 0xdd, 0xda, 0xd8, 0xd2, 0x37, 0xd7,
-	0xe9, 0x77, 0xf7, 0x49, 0xab, 0x7c, 0xe3, 0x1e, 0xcc, 0xa5, 0xde, 0x77, 0xa1, 0x79, 0x68, 0xf4,
-	0xba, 0xdb, 0x1b, 0x9f, 0xee, 0x7c, 0x61, 0xe8, 0x9b, 0xdd, 0x8d, 0x2f, 0x5b, 0x13, 0x68, 0x01,
-	0x5a, 0x92, 0xb4, 0xbd, 0xb3, 0xc7, 0xa9, 0xa5, 0x1b, 0x5f, 0xa7, 0x4c, 0x12, 0xa3, 0xb3, 0x30,
-	0x1f, 0xf5, 0x6d, 0xac, 0xeb, 0x9b, 0xdd, 0xbd, 0xcd, 0x8d, 0xd6, 0x44, 0x92, 0xac, 0xef, 0x6f,
-	0x6f, 0x6f, 0x6d, 0x3f, 0x6a, 0x95, 0xa8, 0xd4, 0x98, 0xbc, 0xf9, 0xc5, 0x16, 0x65, 0x2e, 0x27,
-	0x99, 0xf7, 0xb7, 0x1f, 0x6f, 0xef, 0xfc, 0x64, 0xbb, 0x55, 0x59, 0xfb, 0xf7, 0x06, 0x34, 0x65,
-	0x8c, 0x82, 0x3d, 0x76, 0x7f, 0x7f, 0x1f, 0x66, 0xe4, 0x5f, 0xb6, 0x62, 0x67, 0x95, 0xfc, 0x7f,
-	0x59, 0xa7, 0x9d, 0xad, 0x10, 0x61, 0xe0, 0x04, 0xda, 0x65, 0x61, 0x99, 0xf2, 0x96, 0xee, 0x82,
-	0x1a, 0x0d, 0x65, 0x1e, 0xeb, 0x75, 0x56, 0x8a, 0xaa, 0x23, 0x89, 0x3d, 0x1a, 0x70, 0xa9, 0x8f,
-	0xb3, 0xd1, 0x8a, 0x1a, 0x26, 0x64, 0x1f, 0x7d, 0x77, 0x2e, 0x16, 0xd6, 0x47, 0x42, 0xbf, 0x84,
-	0x56, 0xfa, 0x59, 0x36, 0x8a, 0xf1, 0xb2, 0x82, 0x27, 0xdf, 0x9d, 0x4b, 0x63, 0x38, 0x54, 0xd1,
-	0x99, 0x07, 0xcc, 0xab, 0x63, 0x1e, 0x94, 0xa6, 0x45, 0x17, 0x3d, 0x39, 0xe5, 0x53, 0x91, 0x7c,
-	0x03, 0x87, 0xd4, 0x67, 0xc3, 0x39, 0x6f, 0x21, 0x95, 0xa9, 0xc8, 0x7f, 0x3c, 0xa7, 0x4d, 0xa0,
-	0xcf, 0x61, 0x2e, 0x75, 0x75, 0x8b, 0xe2, 0x56, 0xf9, 0x17, 0xd1, 0x9d, 0xd5, 0x62, 0x86, 0xe4,
-	0xba, 0xa9, 0x17, 0xb3, 0x89, 0x75, 0xcb, 0xb9, 0xed, 0x4d, 0xac, 0x5b, 0xee, 0x8d, 0x2e, 0x33,
-	0xaf, 0xc4, 0xf5, 0xab, 0x62, 0x5e, 0x79, 0x77, 0xbd, 0x9d, 0x95, 0xa2, 0x6a, 0x75, 0xf8, 0xa9,
-	0xab, 0x57, 0x65, 0xf8, 0xf9, 0x37, 0xba, 0x9d, 0xd5, 0x62, 0x86, 0xf4, 0x5a, 0xc5, 0xf7, 0x40,
-	0xa9, 0xb5, 0xca, 0x5c, 0x3b, 0xa6, 0xd6, 0x2a, 0x7b, 0x81, 0x24, 0xd6, 0x2a, 0x75, 0x6d, 0x73,
-	0xb1, 0x18, 0xa5, 0xce, 0xac, 0x55, 0x3e, 0x8c, 0xad, 0x4d, 0xa0, 0x6f, 0xa0, 0x5d, 0x84, 0x00,
-	0xa3, 0x38, 0x46, 0x78, 0x05, 0x44, 0xdd, 0xb9, 0x7e, 0x02, 0xce, 0xa8, 0xcb, 0x2e, 0x54, 0x25,
-	0xdc, 0x8b, 0x62, 0x87, 0x92, 0xc2, 0x98, 0x3b, 0xcb, 0x39, 0x35, 0x91, 0x88, 0xf7, 0x61, 0x92,
-	0x52, 0xd1, 0x42, 0x82, 0x49, 0x36, 0x3d, 0x9b, 0xa2, 0x46, 0xcd, 0x3e, 0x84, 0x69, 0x8e, 0x5d,
-	0xa2, 0x38, 0x53, 0x4b, 0x00, 0xab, 0x9d, 0xa5, 0x0c, 0x3d, 0x6a, 0xfc, 0x19, 0xff, 0xe7, 0xa8,
-	0x00, 0x21, 0xd1, 0xb9, 0xc4, 0x9f, 0x8c, 0x92, 0x50, 0x67, 0xe7, 0x7c, 0x7e, 0xa5, 0x6a, 0x22,
-	0xa9, 0xf0, 0x63, 0xa5, 0x28, 0x3e, 0xcc, 0x98, 0x48, 0x7e, 0xbc, 0xa9, 0x4d, 0x20, 0x83, 0xe3,
-	0x79, 0x29, 0xc1, 0x5a, 0xbe, 0x6d, 0x25, 0x84, 0x5f, 0x1e, 0xcb, 0x13, 0x75, 0x70, 0x00, 0x67,
-	0x72, 0x90, 0x00, 0x74, 0x39, 0xb5, 0xf8, 0x79, 0x20, 0x44, 0xe7, 0xad, 0xf1, 0x4c, 0xea, 0x12,
-	0x09, 0xf3, 0x5e, 0xcc, 0xa4, 0xc7, 0xe9, 0x25, 0x4a, 0x1b, 0xf3, 0xda, 0x1f, 0x57, 0x60, 0x96,
-	0xe3, 0x35, 0xe2, 0x4c, 0x7b, 0x04, 0x10, 0x43, 0x9c, 0xa8, 0x93, 0x18, 0x66, 0x02, 0xeb, 0xed,
-	0x9c, 0xcb, 0xad, 0x53, 0x17, 0x5f, 0x01, 0x10, 0x95, 0xc5, 0xcf, 0x62, 0xa0, 0xca, 0xe2, 0xe7,
-	0x60, 0x8e, 0xda, 0x04, 0xda, 0x80, 0x5a, 0x04, 0x59, 0x21, 0x05, 0xe9, 0x4a, 0xe1, 0x6d, 0x9d,
-	0x4e, 0x5e, 0x95, 0xaa, 0x91, 0x02, 0x43, 0x29, 0x1a, 0x65, 0xc1, 0x2d, 0x45, 0xa3, 0x3c, 0xe4,
-	0x2a, 0x1e, 0x1d, 0x4f, 0x75, 0xd3, 0xa3, 0x4b, 0xa0, 0x07, 0xe9, 0xd1, 0x25, 0xb3, 0x63, 0x6d,
-	0xe2, 0xd3, 0xf3, 0xbf, 0xf8, 0xd5, 0x4a, 0xe9, 0x3f, 0x7f, 0xb5, 0x32, 0xf1, 0x47, 0x2f, 0x57,
-	0x4a, 0xbf, 0x78, 0xb9, 0x52, 0xfa, 0xb7, 0x97, 0x2b, 0xa5, 0xff, 0x7e, 0xb9, 0x52, 0xfa, 0xd9,
-	0xff, 0xac, 0x4c, 0x1c, 0x4c, 0xb3, 0xbf, 0x52, 0xbf, 0xf7, 0xeb, 0x00, 0x00, 0x00, 0xff, 0xff,
-	0xa6, 0x04, 0x77, 0x58, 0xfe, 0x3e, 0x00, 0x00,
+	// 4623 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xd4, 0x5c, 0xcd, 0x6f, 0x1b, 0x49,
+	0x76, 0x17, 0x49, 0x7d, 0x90, 0x8f, 0xa2, 0x44, 0x95, 0x65, 0x8b, 0xa6, 0x6d, 0x8d, 0xd5, 0x1e,
+	0x7f, 0xce, 0x58, 0x1e, 0x6b, 0x76, 0x3d, 0xb1, 0x3d, 0x6b, 0x9b, 0x96, 0x64, 0x9b, 0x59, 0x9b,
+	0x52, 0x9a, 0xd2, 0x7c, 0xec, 0x2c, 0xd0, 0xdb, 0x62, 0x97, 0xa8, 0x5e, 0x93, 0x5d, 0x3d, 0xdd,
+	0x4d, 0xdb, 0xca, 0x21, 0x58, 0x20, 0xc8, 0x1e, 0x02, 0x04, 0xc8, 0x79, 0x8f, 0x9b, 0x43, 0x0e,
+	0xb9, 0x05, 0x08, 0x72, 0xc8, 0x29, 0xc1, 0x1e, 0xf6, 0x12, 0x20, 0xa7, 0x45, 0x3e, 0x2e, 0x99,
+	0x09, 0x72, 0xc9, 0x21, 0xc8, 0x1f, 0x90, 0x43, 0x50, 0x5f, 0xfd, 0xdd, 0xfc, 0xd0, 0x78, 0x77,
+	0x26, 0x27, 0x75, 0xbd, 0x7a, 0xef, 0xd5, 0xab, 0xaa, 0x57, 0xaf, 0x5e, 0xfd, 0xaa, 0x28, 0x28,
+	0xe9, 0xb6, 0xb9, 0x6e, 0x3b, 0xc4, 0x23, 0xa8, 0xea, 0x0c, 0x2c, 0xcf, 0xec, 0xe3, 0xf5, 0x57,
+	0xb7, 0xf5, 0x9e, 0x7d, 0xa4, 0x6f, 0xd4, 0x6f, 0x76, 0x4d, 0xef, 0x68, 0x70, 0xb0, 0xde, 0x21,
+	0xfd, 0x5b, 0x5d, 0xd2, 0x25, 0xb7, 0x18, 0xe3, 0xc1, 0xe0, 0x90, 0x95, 0x58, 0x81, 0x7d, 0x71,
+	0x05, 0xca, 0x0d, 0x58, 0xf8, 0x04, 0x3b, 0xae, 0x49, 0x2c, 0x15, 0x7f, 0x39, 0xc0, 0xae, 0x87,
+	0x6a, 0x30, 0xf7, 0x8a, 0x53, 0x6a, 0xb9, 0x8b, 0xb9, 0x6b, 0x25, 0x55, 0x16, 0x95, 0xbf, 0xcc,
+	0xc1, 0xa2, 0xcf, 0xec, 0xda, 0xc4, 0x72, 0x71, 0x36, 0x37, 0x5a, 0x83, 0x79, 0x61, 0x9c, 0x66,
+	0xe9, 0x7d, 0x5c, 0xcb, 0xb3, 0xea, 0xb2, 0xa0, 0xb5, 0xf4, 0x3e, 0x46, 0x57, 0x61, 0x51, 0xb2,
+	0x48, 0x25, 0x05, 0xc6, 0xb5, 0x20, 0xc8, 0xa2, 0x35, 0xb4, 0x0e, 0xa7, 0x24, 0xa3, 0x6e, 0x9b,
+	0x3e, 0xf3, 0x34, 0x63, 0x5e, 0x12, 0x55, 0x0d, 0xdb, 0x14, 0xfc, 0xca, 0x17, 0x50, 0xda, 0x6a,
+	0xb5, 0x37, 0x89, 0x75, 0x68, 0x76, 0xa9, 0x89, 0x2e, 0x76, 0xa8, 0x4c, 0x2d, 0x77, 0xb1, 0x40,
+	0x4d, 0x14, 0x45, 0x54, 0x87, 0xa2, 0x8b, 0x75, 0xa7, 0x73, 0x84, 0xdd, 0x5a, 0x9e, 0x55, 0xf9,
+	0x65, 0x2a, 0x45, 0x6c, 0xcf, 0x24, 0x96, 0x5b, 0x2b, 0x70, 0x29, 0x51, 0x54, 0x7e, 0x99, 0x83,
+	0xf2, 0x2e, 0x71, 0xbc, 0x17, 0xba, 0x6d, 0x9b, 0x56, 0x17, 0xdd, 0x81, 0x22, 0x1b, 0xcb, 0x0e,
+	0xe9, 0xb1, 0x31, 0x58, 0xd8, 0xa8, 0xaf, 0xc7, 0xa7, 0x65, 0x7d, 0x57, 0x70, 0xa8, 0x3e, 0x2f,
+	0xba, 0x0c, 0x0b, 0x1d, 0x62, 0x79, 0xba, 0x69, 0x61, 0x47, 0xb3, 0x89, 0xe3, 0xb1, 0x21, 0x9a,
+	0x51, 0x2b, 0x3e, 0x95, 0xb6, 0x82, 0xce, 0x41, 0xe9, 0x88, 0xb8, 0x1e, 0xe7, 0x28, 0x30, 0x8e,
+	0x22, 0x25, 0xb0, 0xca, 0x15, 0x98, 0x63, 0x95, 0xa6, 0x2d, 0x06, 0x63, 0x96, 0x16, 0x9b, 0xb6,
+	0xf2, 0x9b, 0x1c, 0xcc, 0xbc, 0x20, 0x03, 0xcb, 0x8b, 0x35, 0xa3, 0x7b, 0x47, 0x62, 0xa2, 0x42,
+	0xcd, 0xe8, 0xde, 0x51, 0xd0, 0x0c, 0xe5, 0xe0, 0x73, 0xc5, 0x9b, 0xa1, 0x95, 0x75, 0x28, 0x3a,
+	0x58, 0x37, 0x88, 0xd5, 0x3b, 0x66, 0x26, 0x14, 0x55, 0xbf, 0x4c, 0x27, 0xd1, 0xc5, 0x3d, 0xd3,
+	0x1a, 0xbc, 0xd1, 0x1c, 0xdc, 0xd3, 0x0f, 0x70, 0x8f, 0x99, 0x52, 0x54, 0x17, 0x04, 0x59, 0xe5,
+	0x54, 0xb4, 0x05, 0x65, 0xdb, 0x21, 0xb6, 0xde, 0xd5, 0xe9, 0x38, 0xd6, 0x66, 0xd8, 0x50, 0x29,
+	0xc9, 0xa1, 0x62, 0x66, 0xef, 0x06, 0x9c, 0x6a, 0x58, 0x4c, 0xf9, 0xeb, 0x1c, 0x2c, 0x52, 0xe7,
+	0x71, 0x6d, 0xbd, 0x83, 0x77, 0xd8, 0x94, 0xa0, 0xbb, 0x30, 0x67, 0x61, 0xef, 0x35, 0x71, 0x5e,
+	0x8a, 0x09, 0x78, 0x27, 0xa9, 0xd5, 0x97, 0x79, 0x41, 0x0c, 0xac, 0x4a, 0x7e, 0x74, 0x1b, 0x0a,
+	0xb6, 0x69, 0xb0, 0x0e, 0x8f, 0x21, 0x46, 0x79, 0xa9, 0x88, 0x69, 0x77, 0xd8, 0x38, 0x8c, 0x23,
+	0x62, 0xda, 0x1d, 0x45, 0x01, 0x68, 0x5a, 0xde, 0x9d, 0xef, 0x7d, 0xa2, 0xf7, 0x06, 0x18, 0x2d,
+	0xc3, 0xcc, 0x2b, 0xfa, 0xc1, 0x8c, 0x2d, 0xa8, 0xbc, 0xa0, 0x7c, 0x55, 0x80, 0x73, 0xcf, 0xe9,
+	0x78, 0xb5, 0x75, 0xcb, 0x38, 0x20, 0x6f, 0xda, 0xb8, 0x33, 0x70, 0x4c, 0xef, 0x78, 0x93, 0x58,
+	0x1e, 0x7e, 0xe3, 0xa1, 0x16, 0x2c, 0x59, 0x52, 0xb3, 0x26, 0x5d, 0x93, 0x6a, 0x28, 0x6f, 0xac,
+	0x0d, 0x31, 0x82, 0x0f, 0x91, 0x5a, 0xb5, 0xa2, 0x04, 0x17, 0x3d, 0x0b, 0xe6, 0x4d, 0x6a, 0xcb,
+	0x33, 0x6d, 0x29, 0x5d, 0x6a, 0x6f, 0x33, 0xcb, 0x84, 0x2e, 0x39, 0xb1, 0x52, 0xd3, 0xc7, 0x40,
+	0x57, 0xb5, 0xa6, 0xbb, 0xda, 0xc0, 0xc5, 0x0e, 0x1b, 0x98, 0xf2, 0xc6, 0xf9, 0xa4, 0x96, 0x60,
+	0x08, 0xd4, 0x92, 0x33, 0xb0, 0x1a, 0xee, 0xbe, 0x8b, 0x1d, 0x16, 0x04, 0x84, 0x2f, 0x69, 0x0e,
+	0x21, 0xde, 0xa1, 0x2b, 0xfd, 0x47, 0x92, 0x55, 0x46, 0x45, 0xb7, 0xe0, 0x94, 0x3b, 0xb0, 0xed,
+	0x1e, 0xee, 0x63, 0xcb, 0xd3, 0x7b, 0x5a, 0xd7, 0x21, 0x03, 0xdb, 0xad, 0xcd, 0x5c, 0x2c, 0x5c,
+	0x2b, 0xa8, 0x28, 0x5c, 0xf5, 0x94, 0xd5, 0xa0, 0x55, 0x00, 0xdb, 0x31, 0x5f, 0x99, 0x3d, 0xdc,
+	0xc5, 0x46, 0x6d, 0x96, 0x29, 0x0d, 0x51, 0xd0, 0x07, 0xb0, 0xec, 0xe2, 0x4e, 0x87, 0xf4, 0x6d,
+	0xcd, 0x76, 0xc8, 0xa1, 0xd9, 0xc3, 0xdc, 0xfb, 0xe7, 0x98, 0xf7, 0x23, 0x51, 0xb7, 0xcb, 0xab,
+	0xd8, 0x3a, 0x78, 0xc0, 0x62, 0x1a, 0xed, 0x29, 0x6b, 0xbc, 0x56, 0x1c, 0xa3, 0xab, 0xc0, 0xba,
+	0xca, 0x4c, 0x52, 0x7e, 0x99, 0x87, 0xd3, 0x6c, 0x24, 0x77, 0x89, 0x21, 0xa6, 0x59, 0x04, 0xa9,
+	0x4b, 0x50, 0xe9, 0x30, 0x9d, 0x9a, 0xad, 0x3b, 0xd8, 0xf2, 0xc4, 0x22, 0x9d, 0xe7, 0xc4, 0x5d,
+	0x46, 0x43, 0x9f, 0x41, 0xd5, 0x15, 0x5e, 0xa1, 0x75, 0xb8, 0x5b, 0x88, 0x39, 0xbb, 0x99, 0x34,
+	0x61, 0x88, 0x2f, 0xa9, 0x8b, 0x6e, 0xc2, 0xb9, 0xe6, 0xdc, 0x63, 0xb7, 0xe3, 0xf5, 0x78, 0xb4,
+	0x2b, 0x6f, 0x7c, 0x2f, 0x43, 0x61, 0xdc, 0xf0, 0xf5, 0x36, 0x17, 0xdb, 0xb6, 0x3c, 0xe7, 0x58,
+	0x95, 0x4a, 0xea, 0xf7, 0x60, 0x3e, 0x5c, 0x81, 0xaa, 0x50, 0x78, 0x89, 0x8f, 0x45, 0xa7, 0xe8,
+	0x67, 0xb0, 0x08, 0x78, 0xac, 0xe1, 0x85, 0x7b, 0xf9, 0xdf, 0xcb, 0x29, 0x0e, 0xa0, 0xa0, 0x95,
+	0x17, 0xd8, 0xd3, 0x0d, 0xdd, 0xd3, 0x11, 0x82, 0x69, 0xb6, 0x8d, 0x70, 0x15, 0xec, 0x9b, 0x6a,
+	0x1d, 0x88, 0xc5, 0x5b, 0x52, 0xe9, 0x27, 0x3a, 0x0f, 0x25, 0xdf, 0xd1, 0xc5, 0x5e, 0x12, 0x10,
+	0x68, 0x4c, 0xd7, 0x3d, 0x0f, 0xf7, 0x6d, 0x8f, 0xb9, 0x58, 0x45, 0x95, 0x45, 0xe5, 0xbf, 0xa7,
+	0xa1, 0x9a, 0x98, 0x93, 0x47, 0x50, 0xec, 0x8b, 0xe6, 0xc5, 0x42, 0x7b, 0x37, 0x25, 0xb0, 0x27,
+	0x4c, 0x55, 0x7d, 0x29, 0x1a, 0x37, 0x69, 0x0c, 0x0d, 0xed, 0x7f, 0x7e, 0x99, 0xce, 0x78, 0x8f,
+	0x74, 0x35, 0xc3, 0x74, 0x70, 0xc7, 0x23, 0xce, 0xb1, 0x30, 0x77, 0xbe, 0x47, 0xba, 0x5b, 0x92,
+	0x86, 0xee, 0x01, 0x18, 0x96, 0x4b, 0x27, 0xfb, 0xd0, 0xec, 0x32, 0xa3, 0xcb, 0x1b, 0xe7, 0x92,
+	0x46, 0xf8, 0x9b, 0x9d, 0x5a, 0x32, 0x2c, 0x57, 0x98, 0xff, 0x18, 0x2a, 0x74, 0xcf, 0xd0, 0xfa,
+	0x7c, 0x9f, 0xe2, 0x2b, 0xa5, 0xbc, 0x71, 0x21, 0xad, 0x0f, 0xfe, 0x6e, 0xa6, 0xce, 0xdb, 0x41,
+	0xc1, 0x45, 0x4f, 0x60, 0x96, 0x05, 0x6f, 0xb7, 0x36, 0xcb, 0x84, 0xd7, 0x87, 0x0d, 0x80, 0xf0,
+	0x88, 0xe7, 0x4c, 0x80, 0x3b, 0x84, 0x90, 0x46, 0xfb, 0x50, 0xd6, 0x2d, 0x8b, 0x78, 0x3a, 0x0f,
+	0x34, 0x73, 0x4c, 0xd9, 0x87, 0x63, 0x28, 0x6b, 0x04, 0x52, 0x5c, 0x63, 0x58, 0x0f, 0xfa, 0x01,
+	0xcc, 0xb0, 0x48, 0x24, 0x16, 0xe2, 0xd5, 0x31, 0x9d, 0x56, 0xe5, 0x52, 0xf5, 0xbb, 0x50, 0x0e,
+	0x19, 0x3b, 0x89, 0x93, 0xd6, 0x1f, 0x40, 0x35, 0x6e, 0xda, 0x44, 0x4e, 0xae, 0xc2, 0xb2, 0x3a,
+	0xb0, 0x02, 0xc3, 0x64, 0xf6, 0x75, 0x0f, 0x66, 0xc5, 0x64, 0x73, 0x8f, 0x53, 0x46, 0x8f, 0x91,
+	0x2a, 0x24, 0x94, 0x1f, 0xc0, 0xe9, 0x98, 0x4e, 0x91, 0xa4, 0xbd, 0x0b, 0x0b, 0x36, 0x31, 0x34,
+	0x97, 0x93, 0x35, 0xd3, 0x90, 0xd1, 0xc5, 0xf6, 0x79, 0x9b, 0x06, 0x15, 0x6f, 0x7b, 0xc4, 0x4e,
+	0xda, 0x34, 0x9e, 0x78, 0x0d, 0xce, 0xc4, 0xc5, 0x79, 0xf3, 0xca, 0x43, 0x58, 0x51, 0x71, 0x9f,
+	0xbc, 0xc2, 0x27, 0x55, 0x5d, 0x87, 0x5a, 0x52, 0x81, 0x50, 0xfe, 0x39, 0xac, 0x04, 0xd4, 0xb6,
+	0xa7, 0x7b, 0x03, 0x77, 0x22, 0xe5, 0x22, 0x83, 0x3d, 0x20, 0x2e, 0x9f, 0xa5, 0xa2, 0x2a, 0x8b,
+	0xca, 0xf5, 0xb0, 0xea, 0x16, 0x4f, 0x18, 0x78, 0x0b, 0x68, 0x01, 0xf2, 0xa6, 0x2d, 0xd4, 0xe5,
+	0x4d, 0x5b, 0x79, 0x06, 0x25, 0x7f, 0xc7, 0x45, 0xf7, 0x83, 0xd4, 0x31, 0x3f, 0xee, 0xfe, 0xec,
+	0x67, 0x97, 0x7b, 0x89, 0x1d, 0x42, 0x34, 0x79, 0x1f, 0xc0, 0x8f, 0x64, 0x72, 0xe3, 0x3f, 0x37,
+	0x44, 0xb1, 0x1a, 0x62, 0x57, 0xfe, 0x35, 0x12, 0xdf, 0x42, 0x9d, 0x30, 0xfc, 0x4e, 0x18, 0x91,
+	0x78, 0x97, 0x3f, 0x51, 0xbc, 0xfb, 0x08, 0x66, 0x5c, 0x4f, 0xf7, 0xb0, 0x48, 0x8e, 0xd6, 0x86,
+	0x89, 0x53, 0x23, 0xb0, 0xca, 0xf9, 0xd1, 0x05, 0x80, 0x8e, 0x83, 0x75, 0x0f, 0x1b, 0x9a, 0xce,
+	0x83, 0x73, 0x41, 0x2d, 0x09, 0x4a, 0xc3, 0x43, 0x9b, 0x41, 0x82, 0x37, 0xc3, 0x0c, 0xbb, 0x3e,
+	0x4c, 0x73, 0x64, 0xaa, 0x82, 0x54, 0xcf, 0x0f, 0x16, 0xb3, 0x63, 0x06, 0x0b, 0xa1, 0x80, 0x4b,
+	0x85, 0x42, 0xe1, 0xdc, 0xe8, 0x50, 0xc8, 0x45, 0xc7, 0x09, 0x85, 0xc5, 0xd1, 0xa1, 0x50, 0x28,
+	0x1b, 0x1a, 0x0a, 0xbf, 0xcd, 0x58, 0xf6, 0x2f, 0x39, 0xa8, 0x25, 0xd7, 0xa0, 0x88, 0x3d, 0xf7,
+	0x60, 0xd6, 0x65, 0x94, 0x71, 0x02, 0x9a, 0x90, 0x15, 0x12, 0xe8, 0x19, 0x4c, 0x9b, 0xd6, 0x21,
+	0x61, 0x67, 0xb3, 0xd4, 0x94, 0x24, 0xab, 0xd5, 0xf5, 0xa6, 0x75, 0x48, 0xf8, 0x20, 0x31, 0x0d,
+	0xf5, 0x8f, 0xa0, 0xe4, 0x93, 0x26, 0xea, 0xdb, 0x0e, 0x2c, 0xc7, 0x5c, 0x96, 0xe7, 0xf0, 0xbe,
+	0xa7, 0xe7, 0x26, 0xf3, 0x74, 0xe5, 0x67, 0xf9, 0xf0, 0x4a, 0x7c, 0x62, 0xf6, 0x3c, 0xec, 0x24,
+	0x56, 0xe2, 0xc7, 0x52, 0x3b, 0x5f, 0x86, 0x57, 0x46, 0x6a, 0xe7, 0xa9, 0xa6, 0x58, 0x4c, 0x3f,
+	0x86, 0x05, 0xe6, 0x6b, 0x9a, 0x8b, 0x7b, 0x2c, 0x8f, 0x10, 0x39, 0xdd, 0xf7, 0x87, 0xa9, 0xe1,
+	0x96, 0x70, 0x8f, 0x6d, 0x0b, 0x39, 0x3e, 0x82, 0x95, 0x5e, 0x98, 0x56, 0x7f, 0x04, 0x28, 0xc9,
+	0x34, 0xd1, 0x98, 0xb6, 0x69, 0x88, 0xa3, 0x07, 0xd8, 0x94, 0xcd, 0xef, 0x90, 0x99, 0x31, 0x8e,
+	0xaf, 0x70, 0x83, 0x55, 0x21, 0xa1, 0xfc, 0xaa, 0x00, 0x10, 0x54, 0xfe, 0x3f, 0x8a, 0x6d, 0x8f,
+	0xfc, 0xb8, 0xc2, 0xf3, 0xb3, 0x6b, 0xc3, 0x14, 0xa7, 0x46, 0x94, 0x9d, 0x68, 0x44, 0xe1, 0x99,
+	0xda, 0xcd, 0xa1, 0x6a, 0xbe, 0xb3, 0xb1, 0xe4, 0x39, 0x9c, 0x89, 0xfb, 0x86, 0x08, 0x24, 0x1b,
+	0x30, 0x63, 0x7a, 0xb8, 0xcf, 0x41, 0x9c, 0xd4, 0x43, 0x57, 0x48, 0x88, 0xb3, 0x2a, 0x6b, 0x50,
+	0x6a, 0xf6, 0xf5, 0x2e, 0x6e, 0xdb, 0xb8, 0x43, 0x1b, 0x35, 0x69, 0x41, 0x18, 0xc2, 0x0b, 0xca,
+	0x06, 0x14, 0x7f, 0x88, 0x8f, 0xf9, 0xa2, 0x1e, 0xd3, 0x50, 0xe5, 0xcf, 0xf2, 0xb0, 0xc2, 0xf6,
+	0x8a, 0x4d, 0x09, 0xa1, 0xa8, 0xd8, 0x25, 0x03, 0xa7, 0x83, 0x5d, 0x36, 0xdb, 0xf6, 0x40, 0xb3,
+	0xb1, 0x63, 0x12, 0x43, 0x9c, 0xf0, 0x4b, 0x1d, 0x7b, 0xb0, 0xcb, 0x08, 0xe8, 0x1c, 0xd0, 0x82,
+	0xf6, 0xe5, 0x80, 0x08, 0x47, 0x2c, 0xa8, 0xc5, 0x8e, 0x3d, 0xf8, 0x03, 0x5a, 0x96, 0xb2, 0xee,
+	0x91, 0xee, 0x60, 0x97, 0xf9, 0x19, 0x97, 0x6d, 0x33, 0x02, 0xba, 0x0d, 0xa7, 0xfb, 0xb8, 0x4f,
+	0x9c, 0x63, 0xad, 0x67, 0xf6, 0x4d, 0x4f, 0x33, 0x2d, 0xed, 0xe0, 0xd8, 0xc3, 0xae, 0xf0, 0x29,
+	0xc4, 0x2b, 0x9f, 0xd3, 0xba, 0xa6, 0xf5, 0x98, 0xd6, 0x20, 0x05, 0x2a, 0x84, 0xf4, 0x35, 0xb7,
+	0x43, 0x1c, 0xac, 0xe9, 0xc6, 0x4f, 0xd9, 0xf6, 0x59, 0x50, 0xcb, 0x84, 0xf4, 0xdb, 0x94, 0xd6,
+	0x30, 0x7e, 0x8a, 0xde, 0x81, 0x72, 0xc7, 0x1e, 0xb8, 0xd8, 0xd3, 0xe8, 0x1f, 0xb6, 0x3b, 0x96,
+	0x54, 0xe0, 0xa4, 0x4d, 0x7b, 0xe0, 0x86, 0x18, 0xfa, 0x74, 0xfc, 0xe7, 0xc2, 0x0c, 0x2f, 0xe8,
+	0x30, 0xeb, 0x50, 0x89, 0x20, 0x04, 0xf4, 0xb0, 0xc6, 0xa0, 0x00, 0x71, 0x58, 0xa3, 0xdf, 0x94,
+	0xe6, 0x90, 0x9e, 0x1c, 0x49, 0xf6, 0x4d, 0x69, 0xde, 0xb1, 0x2d, 0x4f, 0x6a, 0xec, 0x9b, 0x0e,
+	0x79, 0x0f, 0xbf, 0x12, 0x28, 0x52, 0x49, 0xe5, 0x05, 0xc5, 0x00, 0xd8, 0xd4, 0x6d, 0xfd, 0xc0,
+	0xec, 0x99, 0xde, 0x31, 0xba, 0x0e, 0x55, 0xdd, 0x30, 0xb4, 0x8e, 0xa4, 0x98, 0x58, 0x62, 0x7b,
+	0x8b, 0xba, 0x61, 0x6c, 0x86, 0xc8, 0xe8, 0x3d, 0x58, 0x32, 0x1c, 0x62, 0x47, 0x79, 0x39, 0xd8,
+	0x57, 0xa5, 0x15, 0x61, 0x66, 0xe5, 0x17, 0x33, 0x70, 0x21, 0x3a, 0xb1, 0x71, 0x14, 0xe6, 0x11,
+	0xcc, 0xc7, 0x5a, 0xcd, 0x40, 0x00, 0x02, 0x6b, 0xd5, 0x88, 0x44, 0x0c, 0x95, 0xc8, 0x27, 0x50,
+	0x89, 0x54, 0x9c, 0xa7, 0xf0, 0x56, 0x71, 0x9e, 0xe9, 0xb7, 0x82, 0xf3, 0xcc, 0x4c, 0x86, 0xf3,
+	0x5c, 0x61, 0x60, 0xaf, 0x94, 0x66, 0x47, 0x62, 0xee, 0x6a, 0x15, 0x9f, 0xc7, 0x92, 0xa0, 0x70,
+	0x0c, 0x0f, 0x9a, 0x9b, 0x04, 0x0f, 0x2a, 0x66, 0xe2, 0x41, 0xd4, 0x6b, 0x6c, 0x5b, 0x77, 0xfa,
+	0xc4, 0x91, 0x80, 0x4f, 0xad, 0xc4, 0x4c, 0x58, 0x94, 0x74, 0x01, 0xf6, 0x64, 0x42, 0x43, 0x90,
+	0x09, 0x0d, 0x5d, 0x84, 0x79, 0x8b, 0x68, 0x16, 0x7e, 0xad, 0xd1, 0xb9, 0x74, 0x6b, 0x65, 0x3e,
+	0xb1, 0x16, 0x69, 0xe1, 0xd7, 0xbb, 0x94, 0x92, 0x00, 0x8f, 0xe6, 0x27, 0x04, 0x8f, 0xfe, 0x2e,
+	0x07, 0xcb, 0x51, 0xe7, 0x14, 0x07, 0xfd, 0xa7, 0x50, 0x72, 0x64, 0xfc, 0x11, 0x0e, 0x79, 0x3d,
+	0x23, 0xb9, 0x4d, 0x06, 0x2c, 0x35, 0x90, 0x45, 0x3f, 0xca, 0xc4, 0x97, 0x6e, 0x8d, 0xd2, 0x37,
+	0x0a, 0x61, 0x52, 0x3a, 0x70, 0xe6, 0x53, 0xd3, 0x32, 0xc8, 0x6b, 0x37, 0x6e, 0x7e, 0x33, 0x69,
+	0xfe, 0x7b, 0xc9, 0xe6, 0xe2, 0xc2, 0x69, 0x1d, 0x50, 0xfe, 0x2a, 0x07, 0x67, 0x33, 0x19, 0x63,
+	0xe1, 0x35, 0x17, 0x0f, 0xaf, 0x22, 0x34, 0x77, 0xc8, 0xc0, 0xf2, 0x42, 0xa1, 0x79, 0x93, 0xa1,
+	0xe8, 0x3c, 0x06, 0x6a, 0x7d, 0xfd, 0x8d, 0xd9, 0x1f, 0xf4, 0x45, 0x6c, 0xa6, 0xea, 0x5e, 0x70,
+	0xca, 0x09, 0x82, 0xb3, 0xd2, 0x80, 0x25, 0xdf, 0xca, 0xa1, 0x38, 0x57, 0x08, 0xb7, 0xca, 0x47,
+	0x71, 0x2b, 0x0b, 0x66, 0xb7, 0xf0, 0x2b, 0xb3, 0x83, 0xdf, 0x0a, 0xcc, 0x7f, 0x11, 0xca, 0x36,
+	0x76, 0xfa, 0xa6, 0xeb, 0xfa, 0x41, 0xa7, 0xa4, 0x86, 0x49, 0xca, 0x7f, 0xce, 0xc2, 0x62, 0x7c,
+	0xfe, 0x1e, 0x26, 0x60, 0xb2, 0x4b, 0x29, 0xe1, 0x30, 0xde, 0xd1, 0x50, 0x66, 0x75, 0x5b, 0x6e,
+	0xcc, 0xf9, 0xac, 0x43, 0xad, 0xbf, 0x89, 0x8b, 0x5d, 0x9b, 0x8e, 0x48, 0x87, 0xf4, 0xfb, 0xba,
+	0x65, 0xc8, 0xdb, 0x19, 0x51, 0xa4, 0xe3, 0xa7, 0x3b, 0x5d, 0x3a, 0xec, 0x94, 0xcc, 0xbe, 0xe9,
+	0xe4, 0xd1, 0x13, 0xa0, 0x69, 0x31, 0xb8, 0x8d, 0x05, 0xae, 0x92, 0x0a, 0x82, 0xb4, 0x65, 0x3a,
+	0x68, 0x1d, 0xa6, 0xb1, 0xf5, 0x4a, 0xa6, 0x4e, 0x29, 0xd7, 0x37, 0x32, 0x45, 0x50, 0x19, 0x1f,
+	0xba, 0x05, 0xb3, 0x7d, 0xea, 0x16, 0xf2, 0x2c, 0xb8, 0x92, 0x71, 0x8b, 0xa1, 0x0a, 0x36, 0xb4,
+	0x01, 0x73, 0x06, 0x9b, 0x27, 0x79, 0xe0, 0xab, 0xa5, 0x80, 0x78, 0x8c, 0x41, 0x95, 0x8c, 0x68,
+	0xdb, 0x4f, 0x0c, 0x4b, 0x59, 0x19, 0x5d, 0x6c, 0x2a, 0x52, 0xb3, 0xc3, 0xbd, 0x68, 0x76, 0x08,
+	0x4c, 0xd7, 0xc6, 0x68, 0x5d, 0xc3, 0x91, 0xb7, 0xb3, 0x50, 0xec, 0x91, 0x2e, 0x77, 0xa3, 0x32,
+	0xbf, 0xf8, 0xeb, 0x91, 0x2e, 0xf3, 0xa2, 0x65, 0x9a, 0x28, 0x1b, 0xa6, 0xc5, 0x02, 0x5c, 0x51,
+	0xe5, 0x05, 0xba, 0xf8, 0xd8, 0x87, 0x46, 0xac, 0x0e, 0xae, 0x55, 0x58, 0x55, 0x89, 0x51, 0x76,
+	0xac, 0x0e, 0x4b, 0xbd, 0x3c, 0xef, 0xb8, 0xb6, 0xc0, 0xe8, 0xf4, 0x93, 0x9e, 0x81, 0xf8, 0x71,
+	0x7d, 0x31, 0xeb, 0x0c, 0x94, 0x16, 0x0c, 0xe5, 0x69, 0xfd, 0x31, 0xcc, 0xbd, 0xe6, 0x81, 0xa0,
+	0x56, 0x65, 0xf2, 0xd7, 0x46, 0x87, 0x14, 0xa1, 0x41, 0x0a, 0x7e, 0x9b, 0x69, 0xf0, 0xaf, 0x72,
+	0x70, 0x66, 0x93, 0x1d, 0x11, 0x42, 0x71, 0x6c, 0x12, 0x54, 0xeb, 0xae, 0x8f, 0x23, 0x66, 0x42,
+	0x50, 0xf1, 0x7e, 0x0b, 0x01, 0xd4, 0x84, 0x05, 0xa9, 0x5c, 0xa8, 0x28, 0x8c, 0x0d, 0x45, 0x56,
+	0xdc, 0x70, 0x51, 0xf9, 0x18, 0x56, 0x12, 0xbd, 0x10, 0xe9, 0xfc, 0x1a, 0xcc, 0x07, 0xf1, 0xca,
+	0xef, 0x44, 0xd9, 0xa7, 0x35, 0x0d, 0xe5, 0x1e, 0x9c, 0x6e, 0x7b, 0xba, 0xe3, 0x25, 0x86, 0x60,
+	0x0c, 0x59, 0x86, 0x46, 0x46, 0x65, 0x05, 0x60, 0xd8, 0x86, 0xe5, 0xb6, 0x47, 0xec, 0x13, 0x28,
+	0xa5, 0x51, 0x87, 0xf6, 0x9f, 0x0c, 0xe4, 0xfe, 0x20, 0x8b, 0xca, 0x0a, 0xc7, 0x4e, 0x93, 0xad,
+	0xdd, 0x87, 0x33, 0x1c, 0xba, 0x3c, 0x49, 0x27, 0xce, 0x4a, 0xe0, 0x34, 0xa9, 0xf7, 0x05, 0x9c,
+	0x0a, 0xf6, 0xde, 0x00, 0x96, 0xb8, 0x13, 0x85, 0x25, 0x2e, 0x0e, 0x99, 0xf5, 0x08, 0x2a, 0xf1,
+	0x17, 0xf9, 0x50, 0x5c, 0xcf, 0x00, 0x25, 0xee, 0x47, 0x41, 0x89, 0xcb, 0xa3, 0x74, 0x47, 0x30,
+	0x89, 0xa4, 0xd7, 0x16, 0x52, 0xbc, 0xf6, 0x8b, 0x04, 0x72, 0x31, 0x9d, 0x05, 0xfd, 0xc4, 0xac,
+	0xfd, 0x9d, 0x00, 0x17, 0x2a, 0x07, 0x2e, 0xfc, 0xa6, 0x7d, 0xa4, 0xf9, 0x6e, 0x0c, 0xb8, 0x58,
+	0x1b, 0x69, 0xaf, 0x8f, 0x5b, 0xfc, 0xcd, 0x34, 0x94, 0xfc, 0xba, 0xc4, 0x98, 0x27, 0x87, 0x2d,
+	0x9f, 0x32, 0x6c, 0xe1, 0x1d, 0xb8, 0xf0, 0x8d, 0x76, 0xe0, 0xe9, 0xb1, 0x77, 0xe0, 0x73, 0x50,
+	0x62, 0x1f, 0x9a, 0x83, 0x0f, 0xc5, 0x8e, 0x5a, 0x64, 0x04, 0x15, 0x1f, 0x06, 0x6e, 0x38, 0x3b,
+	0x91, 0x1b, 0xc6, 0xa0, 0x92, 0xb9, 0x38, 0x54, 0xf2, 0xd0, 0xdf, 0x11, 0xf9, 0x26, 0x7a, 0x75,
+	0x88, 0xde, 0xd4, 0xbd, 0xb0, 0x15, 0xdd, 0x0b, 0xf9, 0xbe, 0xfa, 0xfe, 0x30, 0x2d, 0xdf, 0x59,
+	0xa0, 0x64, 0x9f, 0x03, 0x25, 0x61, 0x5f, 0x14, 0x91, 0xf5, 0x3e, 0x80, 0x1f, 0x44, 0x24, 0x5a,
+	0x72, 0x6e, 0x48, 0x1f, 0xd5, 0x10, 0x3b, 0x55, 0x1b, 0x99, 0x9a, 0xe0, 0x36, 0x65, 0xbc, 0xf8,
+	0x98, 0x71, 0x95, 0xf2, 0xbf, 0x33, 0xa1, 0xf8, 0x92, 0x71, 0xfd, 0xf0, 0x30, 0x01, 0xd1, 0x4d,
+	0xe8, 0xc5, 0x77, 0xa2, 0x08, 0xdd, 0x09, 0xbd, 0x2e, 0x01, 0xd0, 0xb1, 0xcc, 0x45, 0x77, 0x44,
+	0x35, 0x07, 0x50, 0x4a, 0x82, 0xd2, 0x60, 0x27, 0x83, 0x43, 0xd3, 0x32, 0xdd, 0x23, 0x5e, 0x3f,
+	0xcb, 0x4f, 0x06, 0x92, 0xd4, 0x60, 0x0f, 0x78, 0xf0, 0x1b, 0xd3, 0xd3, 0x3a, 0xc4, 0xc0, 0xcc,
+	0xa7, 0x67, 0xd4, 0x22, 0x25, 0x6c, 0x12, 0x03, 0x07, 0x2b, 0xaf, 0x78, 0xb2, 0x95, 0x57, 0x8a,
+	0xad, 0xbc, 0x33, 0x30, 0xeb, 0x60, 0xdd, 0x25, 0x96, 0x38, 0xaa, 0x8a, 0x12, 0x9d, 0x9a, 0x3e,
+	0x76, 0x5d, 0xda, 0x92, 0x48, 0xd7, 0x44, 0x31, 0x94, 0x66, 0xce, 0x8f, 0x4c, 0x33, 0x87, 0x5c,
+	0x6b, 0xc4, 0xd2, 0xcc, 0xca, 0xc8, 0x34, 0x73, 0x9c, 0x5b, 0x8d, 0x50, 0xa2, 0xbd, 0x30, 0x5e,
+	0xa2, 0x1d, 0xce, 0x4b, 0x17, 0x23, 0x79, 0xe9, 0xb7, 0xb9, 0x58, 0x7f, 0x93, 0x83, 0x95, 0xc4,
+	0xb2, 0x12, 0xcb, 0xf5, 0x6e, 0xec, 0x82, 0x64, 0x6d, 0xe4, 0x98, 0xf9, 0xf7, 0x23, 0x4f, 0x23,
+	0xf7, 0x23, 0x1f, 0x8e, 0x16, 0x7c, 0xeb, 0xd7, 0x23, 0x7f, 0x92, 0x83, 0x77, 0xf6, 0x6d, 0x23,
+	0x96, 0xe1, 0x89, 0x83, 0xf9, 0xf8, 0x81, 0xe3, 0xa1, 0xcc, 0xf5, 0xf3, 0x93, 0xa2, 0x17, 0x5c,
+	0x4e, 0x51, 0xe0, 0x62, 0xb6, 0x19, 0x22, 0x65, 0xfa, 0x09, 0x2c, 0x6e, 0xbf, 0xc1, 0x9d, 0xf6,
+	0xb1, 0xd5, 0x99, 0xc0, 0xb4, 0x2a, 0x14, 0x3a, 0x7d, 0x43, 0x20, 0x86, 0xf4, 0x33, 0x9c, 0x05,
+	0x16, 0xa2, 0x59, 0xa0, 0x06, 0xd5, 0xa0, 0x05, 0x31, 0xbd, 0x67, 0xe8, 0xf4, 0x1a, 0x94, 0x99,
+	0x2a, 0x9f, 0x57, 0x45, 0x49, 0xd0, 0xb1, 0xe3, 0xb0, 0x3e, 0x73, 0x3a, 0x76, 0x9c, 0x68, 0xb4,
+	0x28, 0x44, 0xa3, 0x85, 0xf2, 0x8b, 0x1c, 0x94, 0x69, 0x0b, 0xdf, 0xc8, 0x7e, 0x71, 0xd4, 0x2a,
+	0x04, 0x47, 0x2d, 0xff, 0xc4, 0x36, 0x1d, 0x3e, 0xb1, 0x05, 0x96, 0xcf, 0x30, 0x72, 0xd2, 0xf2,
+	0x59, 0x9f, 0x8e, 0x1d, 0x47, 0xb9, 0x08, 0xf3, 0xdc, 0x36, 0xd1, 0xf3, 0x2a, 0x14, 0x06, 0x4e,
+	0x4f, 0xfa, 0xd1, 0xc0, 0xe9, 0x29, 0x7f, 0x9a, 0x83, 0x4a, 0xc3, 0xf3, 0xf4, 0xce, 0xd1, 0x04,
+	0x1d, 0xf0, 0x8d, 0xcb, 0x87, 0x8d, 0x4b, 0x76, 0x22, 0x30, 0x77, 0x3a, 0xc3, 0xdc, 0x99, 0x88,
+	0xb9, 0x0a, 0x2c, 0x48, 0x5b, 0x32, 0x0d, 0x6e, 0x01, 0xda, 0x25, 0x8e, 0xf7, 0x84, 0x38, 0xaf,
+	0x75, 0xc7, 0x98, 0xec, 0x04, 0x86, 0x60, 0x5a, 0x3c, 0xea, 0x2c, 0x5c, 0x9b, 0x51, 0xd9, 0xb7,
+	0x72, 0x15, 0x4e, 0x45, 0xf4, 0x65, 0x36, 0xfc, 0x08, 0xca, 0x2c, 0xee, 0x8b, 0x54, 0xfc, 0x76,
+	0xf8, 0xea, 0x62, 0xac, 0x5d, 0x42, 0xf9, 0x7d, 0x58, 0xa2, 0xf9, 0x01, 0xa3, 0xfb, 0x4b, 0xf1,
+	0xfb, 0xb1, 0x3c, 0xf5, 0x42, 0x86, 0xa2, 0x58, 0x8e, 0xfa, 0xb7, 0x39, 0x98, 0x61, 0xf4, 0xc4,
+	0x9e, 0x7d, 0x0e, 0x4a, 0x0e, 0xb6, 0x89, 0xe6, 0xe9, 0x5d, 0xff, 0x09, 0x2d, 0x25, 0xec, 0xe9,
+	0x5d, 0x97, 0xbd, 0x00, 0xa6, 0x95, 0x86, 0xd9, 0xc5, 0xae, 0x27, 0xdf, 0xd1, 0x96, 0x29, 0x6d,
+	0x8b, 0x93, 0xe8, 0x20, 0xb9, 0xe6, 0x1f, 0xf2, 0xbc, 0x73, 0x5a, 0x65, 0xdf, 0x68, 0x9d, 0xbf,
+	0xea, 0x1a, 0x07, 0x5e, 0x66, 0x6f, 0xbe, 0xea, 0x50, 0x8c, 0x21, 0xca, 0x7e, 0x59, 0xd9, 0x06,
+	0x14, 0x1e, 0x05, 0x31, 0xde, 0xb7, 0x60, 0x96, 0x0d, 0x92, 0xcc, 0x8e, 0x56, 0x32, 0x86, 0x41,
+	0x15, 0x6c, 0x8a, 0x0e, 0x88, 0x0f, 0x70, 0x24, 0x23, 0x9a, 0x7c, 0x56, 0x86, 0x64, 0x48, 0xff,
+	0x90, 0x83, 0x53, 0x91, 0x36, 0x84, 0xad, 0x37, 0xa3, 0x8d, 0x64, 0x9a, 0x2a, 0x1a, 0xd8, 0x8c,
+	0x6c, 0x09, 0xb7, 0xb2, 0x4c, 0xfa, 0x2d, 0x6d, 0x07, 0xff, 0x98, 0x03, 0x68, 0x0c, 0xbc, 0x23,
+	0x81, 0x0c, 0x86, 0x67, 0x26, 0x17, 0x9d, 0x19, 0x5a, 0x67, 0xeb, 0xae, 0xfb, 0x9a, 0x38, 0xf2,
+	0x4c, 0xe3, 0x97, 0x19, 0x86, 0x37, 0xf0, 0x8e, 0xe4, 0xb5, 0x10, 0xfd, 0x46, 0x97, 0x61, 0x81,
+	0x3f, 0xdb, 0xd6, 0x74, 0xc3, 0x70, 0xb0, 0xeb, 0x8a, 0xfb, 0xa1, 0x0a, 0xa7, 0x36, 0x38, 0x91,
+	0xb2, 0x99, 0x06, 0xb6, 0x3c, 0xd3, 0x3b, 0xd6, 0x3c, 0xf2, 0x12, 0x5b, 0xe2, 0x6c, 0x52, 0x91,
+	0xd4, 0x3d, 0x4a, 0xa4, 0x6c, 0x0e, 0xee, 0x9a, 0xae, 0xe7, 0x48, 0x36, 0x79, 0x17, 0x21, 0xa8,
+	0x8c, 0x8d, 0x4e, 0x4a, 0x75, 0x77, 0xd0, 0xeb, 0xf1, 0x21, 0x3e, 0xf9, 0xb4, 0x7f, 0x20, 0x3a,
+	0x94, 0xcf, 0xf2, 0xe9, 0x60, 0xd0, 0x44, 0x77, 0xdf, 0x22, 0x08, 0xf3, 0x01, 0x2c, 0x85, 0xfa,
+	0x20, 0xdc, 0x2a, 0x92, 0x44, 0xe6, 0xa2, 0x49, 0xa4, 0xf2, 0x14, 0x10, 0xc7, 0x1d, 0xbe, 0x61,
+	0xbf, 0x95, 0xd3, 0x70, 0x2a, 0xa2, 0x48, 0xec, 0xc4, 0x37, 0xa0, 0x22, 0xde, 0xe8, 0x08, 0x47,
+	0x39, 0x0b, 0x45, 0x1a, 0x51, 0x3b, 0xa6, 0x21, 0xef, 0x0c, 0xe7, 0x6c, 0x62, 0x6c, 0x9a, 0x86,
+	0xa3, 0x7c, 0x0a, 0x15, 0x95, 0xb7, 0x23, 0x78, 0x9f, 0xc0, 0x82, 0x78, 0xd1, 0xa3, 0x45, 0x5e,
+	0xca, 0xa5, 0xbd, 0xc4, 0x0e, 0x37, 0xa2, 0x56, 0xac, 0x70, 0x51, 0x31, 0xa0, 0xce, 0x53, 0x86,
+	0x88, 0x7a, 0xd9, 0xd9, 0x27, 0x20, 0x7f, 0x83, 0x30, 0xb2, 0x95, 0xa8, 0x7c, 0xc5, 0x09, 0x17,
+	0x95, 0x0b, 0x70, 0x2e, 0xb5, 0x15, 0x31, 0x12, 0x36, 0x54, 0x83, 0x0a, 0xc3, 0x94, 0x97, 0xa7,
+	0xec, 0x52, 0x34, 0x17, 0xba, 0x14, 0x3d, 0xe3, 0x27, 0x89, 0x79, 0xb9, 0x89, 0xb1, 0x0c, 0x30,
+	0x48, 0xf7, 0x0b, 0x59, 0xe9, 0xfe, 0x74, 0x24, 0xdd, 0x57, 0xda, 0xfe, 0x78, 0x8a, 0x63, 0xd8,
+	0x63, 0x76, 0x5c, 0xe4, 0x6d, 0xcb, 0x80, 0xa8, 0x0c, 0xeb, 0x25, 0x67, 0x55, 0x43, 0x52, 0xca,
+	0x75, 0xa8, 0x44, 0x43, 0x63, 0x28, 0xce, 0xe5, 0x12, 0x71, 0x6e, 0x21, 0x16, 0xe2, 0x3e, 0x8a,
+	0x65, 0xc0, 0xd9, 0x63, 0x1c, 0xcb, 0x7f, 0x1f, 0x44, 0x82, 0xdd, 0x8d, 0x94, 0xfb, 0xcc, 0xdf,
+	0x52, 0x9c, 0x5b, 0x16, 0xfb, 0xc1, 0x13, 0x97, 0xca, 0x8b, 0x4e, 0x2b, 0x97, 0xa0, 0xbc, 0x9f,
+	0xf5, 0xcc, 0x7f, 0x5a, 0xbe, 0x1d, 0xb8, 0x03, 0xcb, 0x4f, 0xcc, 0x1e, 0x76, 0x8f, 0x5d, 0x0f,
+	0xf7, 0x9b, 0x2c, 0x28, 0x1d, 0x9a, 0xd8, 0x41, 0xab, 0x00, 0xec, 0x08, 0x63, 0x13, 0xd3, 0x7f,
+	0xfd, 0x1d, 0xa2, 0x28, 0xff, 0x95, 0x83, 0xc5, 0x40, 0x70, 0x9f, 0x1d, 0xdd, 0xce, 0x43, 0x89,
+	0xf6, 0xd7, 0xf5, 0xf4, 0xbe, 0x2d, 0xef, 0xb3, 0x7c, 0x02, 0xba, 0x0f, 0x33, 0x87, 0xae, 0x84,
+	0x8c, 0x52, 0x01, 0xf4, 0x34, 0x43, 0xd4, 0xe9, 0x43, 0xb7, 0x69, 0xa0, 0x8f, 0x01, 0x06, 0x2e,
+	0x36, 0xc4, 0x1d, 0x56, 0x21, 0x2b, 0x5b, 0xd8, 0x0f, 0xdf, 0xf5, 0x52, 0x01, 0xfe, 0xec, 0xe0,
+	0x01, 0x94, 0x4d, 0x8b, 0x18, 0x98, 0xdd, 0xf5, 0x1a, 0x02, 0x55, 0x1a, 0x21, 0x0e, 0x5c, 0x62,
+	0xdf, 0xc5, 0x86, 0x82, 0xc5, 0x5e, 0x28, 0xc7, 0x57, 0x38, 0x4a, 0x0b, 0x96, 0x78, 0xd0, 0x3a,
+	0xf4, 0x0d, 0x97, 0x1e, 0xbb, 0x36, 0xac, 0x77, 0x6c, 0xb4, 0xd4, 0xaa, 0x29, 0x52, 0x1b, 0x29,
+	0xaa, 0xdc, 0x83, 0xd3, 0x91, 0x13, 0xd2, 0x04, 0x47, 0x16, 0x65, 0x37, 0x06, 0x94, 0x04, 0xee,
+	0x2c, 0x60, 0x08, 0xe9, 0xcd, 0xa3, 0x60, 0x08, 0x97, 0xc3, 0x10, 0xae, 0xf2, 0x05, 0x9c, 0x8d,
+	0x20, 0x3a, 0x11, 0x8b, 0x1e, 0xc4, 0x32, 0xb7, 0x2b, 0xa3, 0xb4, 0xc6, 0x52, 0xb8, 0xff, 0xc9,
+	0xc1, 0x72, 0x1a, 0xc3, 0x09, 0x11, 0xc7, 0x9f, 0x64, 0x3c, 0x31, 0xbb, 0x3b, 0x9e, 0x59, 0xbf,
+	0x13, 0xb4, 0x76, 0x0f, 0xea, 0x69, 0xe3, 0x99, 0x9c, 0xa5, 0xc2, 0x24, 0xb3, 0xf4, 0xf3, 0x42,
+	0x08, 0x79, 0x6f, 0x78, 0x9e, 0x63, 0x1e, 0x0c, 0xa8, 0xcb, 0xbf, 0x75, 0x34, 0xab, 0xe9, 0xe3,
+	0x32, 0x7c, 0x68, 0x6f, 0x0f, 0x11, 0x0f, 0xec, 0x48, 0xc5, 0x66, 0x3e, 0x8b, 0x62, 0x33, 0x1c,
+	0x53, 0xbf, 0x33, 0x9e, 0xbe, 0xef, 0x2c, 0x00, 0xfa, 0xf3, 0x3c, 0x2c, 0x44, 0xa7, 0x08, 0x6d,
+	0x03, 0xe8, 0xbe, 0xe5, 0x62, 0xa1, 0x5c, 0x1e, 0xab, 0x9b, 0x6a, 0x48, 0x10, 0xbd, 0x0f, 0x85,
+	0x8e, 0x3d, 0x10, 0xb3, 0x96, 0x72, 0x19, 0xbc, 0x69, 0x0f, 0x78, 0x44, 0xa1, 0x6c, 0xf4, 0x4c,
+	0xc5, 0xef, 0xf6, 0xb3, 0xa3, 0xe4, 0x0b, 0x56, 0xcf, 0x65, 0x04, 0x33, 0x7a, 0x06, 0x0b, 0xaf,
+	0x1d, 0xd3, 0xd3, 0x0f, 0x7a, 0x58, 0xeb, 0xe9, 0xc7, 0xd8, 0x11, 0x51, 0x72, 0x8c, 0x40, 0x56,
+	0x91, 0x82, 0xcf, 0xa9, 0x9c, 0xf2, 0x47, 0x50, 0x94, 0x16, 0x8d, 0xd8, 0x11, 0xf6, 0x60, 0x65,
+	0x40, 0xd9, 0x34, 0xf6, 0x1c, 0xcc, 0xd2, 0x2d, 0xa2, 0xb9, 0x98, 0x6e, 0xe3, 0xf2, 0xa1, 0xfa,
+	0x88, 0x10, 0xbd, 0xcc, 0xa4, 0x37, 0x89, 0x83, 0x5b, 0xba, 0x45, 0xda, 0x5c, 0x54, 0x79, 0x05,
+	0xe5, 0x50, 0x07, 0x47, 0x98, 0xd0, 0x84, 0x25, 0x79, 0x15, 0xef, 0x62, 0x4f, 0x6c, 0x2f, 0x63,
+	0x35, 0xbe, 0x28, 0xe4, 0xda, 0xd8, 0xe3, 0xcf, 0x27, 0x1e, 0xc0, 0x59, 0x15, 0x13, 0x1b, 0x5b,
+	0xfe, 0x7c, 0x3e, 0x27, 0xdd, 0x09, 0x22, 0xf8, 0x79, 0xa8, 0xa7, 0xc9, 0xf3, 0xf8, 0x70, 0xe3,
+	0x3c, 0x14, 0xe5, 0x6f, 0x36, 0xd1, 0x1c, 0x14, 0xf6, 0x36, 0x77, 0xab, 0x53, 0xf4, 0x63, 0x7f,
+	0x6b, 0xb7, 0x9a, 0xbb, 0xd1, 0x87, 0x6a, 0xfc, 0x67, 0x8a, 0x68, 0x05, 0x4e, 0xed, 0xaa, 0x3b,
+	0xbb, 0x8d, 0xa7, 0x8d, 0xbd, 0xe6, 0x4e, 0x4b, 0xdb, 0x55, 0x9b, 0x9f, 0x34, 0xf6, 0xb6, 0xab,
+	0x53, 0x68, 0x0d, 0x2e, 0x84, 0x2b, 0x9e, 0xed, 0xb4, 0xf7, 0xb4, 0xbd, 0x1d, 0x6d, 0x73, 0xa7,
+	0xb5, 0xd7, 0x68, 0xb6, 0xb6, 0xd5, 0x6a, 0x0e, 0x5d, 0x80, 0xb3, 0x61, 0x96, 0xc7, 0xcd, 0xad,
+	0xa6, 0xba, 0xbd, 0x49, 0xbf, 0x1b, 0xcf, 0xab, 0xf9, 0x1b, 0xb7, 0xa1, 0x12, 0xf9, 0x55, 0x21,
+	0x35, 0x64, 0x77, 0x67, 0xab, 0x3a, 0x85, 0x2a, 0x50, 0x0a, 0xeb, 0x29, 0xc2, 0x74, 0x6b, 0x67,
+	0x6b, 0xbb, 0x9a, 0xbf, 0x71, 0x0f, 0x16, 0x63, 0xef, 0x51, 0xd1, 0x12, 0x54, 0xda, 0x8d, 0xd6,
+	0xd6, 0xe3, 0x9d, 0xcf, 0x34, 0x75, 0xbb, 0xb1, 0xf5, 0x79, 0x75, 0x0a, 0x2d, 0x43, 0x55, 0x92,
+	0x5a, 0x3b, 0x7b, 0x9c, 0x9a, 0xbb, 0xf1, 0x32, 0xb6, 0xb2, 0x30, 0x3a, 0x0d, 0x4b, 0x7e, 0x33,
+	0xda, 0xa6, 0xba, 0xdd, 0xd8, 0xdb, 0xa6, 0xad, 0x47, 0xc8, 0xea, 0x7e, 0xab, 0xd5, 0x6c, 0x3d,
+	0xad, 0xe6, 0xa8, 0xd6, 0x80, 0xbc, 0xfd, 0x59, 0x93, 0x32, 0xe7, 0xa3, 0xcc, 0xfb, 0xad, 0x1f,
+	0xb6, 0x76, 0x3e, 0x6d, 0x55, 0x0b, 0x1b, 0x7f, 0xbf, 0x04, 0x0b, 0x32, 0xbd, 0xc3, 0x0e, 0x7b,
+	0xcb, 0xb2, 0x0b, 0x73, 0xf2, 0x97, 0xbf, 0x29, 0x71, 0x39, 0xfa, 0x7b, 0xe5, 0xfa, 0xda, 0x10,
+	0x0e, 0x91, 0x65, 0x4f, 0xa1, 0x03, 0x96, 0xf5, 0x86, 0xde, 0x07, 0x5f, 0x49, 0xcd, 0x31, 0x13,
+	0x4f, 0x92, 0xeb, 0x57, 0x47, 0xf2, 0xf9, 0x6d, 0x60, 0x9a, 0xd8, 0x86, 0x7f, 0x00, 0x83, 0xae,
+	0xa6, 0x65, 0xa4, 0x29, 0xbf, 0xb0, 0xa9, 0x5f, 0x1b, 0xcd, 0xe8, 0x37, 0xf3, 0x12, 0xaa, 0xf1,
+	0x1f, 0xc3, 0xa0, 0x14, 0xc0, 0x34, 0xe3, 0x17, 0x37, 0xf5, 0x1b, 0xe3, 0xb0, 0x86, 0x1b, 0x4b,
+	0xfc, 0x6c, 0xe4, 0xfa, 0x38, 0xef, 0xf0, 0x33, 0x1b, 0xcb, 0x7a, 0xb2, 0xcf, 0x07, 0x30, 0xfa,
+	0xf6, 0x17, 0xa5, 0xfe, 0x46, 0x23, 0xe5, 0xe5, 0x78, 0xda, 0x00, 0xa6, 0x3f, 0x23, 0x56, 0xa6,
+	0xd0, 0x11, 0x2c, 0xc6, 0x1e, 0x25, 0xa0, 0x14, 0xf1, 0xf4, 0xd7, 0x17, 0xf5, 0xeb, 0x63, 0x70,
+	0x46, 0x3d, 0x22, 0xfc, 0x08, 0x21, 0xdd, 0x23, 0x52, 0x9e, 0x38, 0xa4, 0x7b, 0x44, 0xea, 0x7b,
+	0x06, 0xe6, 0xdc, 0x91, 0xc7, 0x07, 0x69, 0xce, 0x9d, 0xf6, 0xe4, 0xa1, 0x7e, 0x75, 0x24, 0x5f,
+	0x78, 0xd0, 0x62, 0x4f, 0x11, 0xd2, 0x06, 0x2d, 0xfd, 0xa9, 0x43, 0xfd, 0xfa, 0x18, 0x9c, 0x71,
+	0x2f, 0x08, 0x2e, 0x36, 0xb3, 0xbc, 0x20, 0x71, 0x0d, 0x9f, 0xe5, 0x05, 0xc9, 0x3b, 0x52, 0xe1,
+	0x05, 0xb1, 0x0b, 0xc9, 0x6b, 0x63, 0x5c, 0xa0, 0x64, 0x7b, 0x41, 0xfa, 0x55, 0x8b, 0x32, 0x85,
+	0xfe, 0x38, 0x07, 0xb5, 0xac, 0xcb, 0x09, 0x94, 0x92, 0xd5, 0x8d, 0xb8, 0x4f, 0xa9, 0x6f, 0x4c,
+	0x22, 0xe2, 0x5b, 0xf1, 0x25, 0xa0, 0xe4, 0x6e, 0x87, 0xde, 0x4b, 0x9b, 0x99, 0x8c, 0x3d, 0xb5,
+	0xfe, 0xfe, 0x78, 0xcc, 0x7e, 0x93, 0x6d, 0x28, 0xca, 0xeb, 0x10, 0x94, 0x12, 0xa5, 0x63, 0x97,
+	0x31, 0x75, 0x65, 0x18, 0x8b, 0xaf, 0xf4, 0x29, 0x4c, 0x53, 0x2a, 0xba, 0x90, 0xce, 0x2d, 0x95,
+	0xad, 0x66, 0x55, 0xfb, 0x8a, 0x5e, 0xc0, 0x2c, 0xc7, 0xff, 0x51, 0x0a, 0xde, 0x10, 0xb9, 0xa5,
+	0xa8, 0x5f, 0xcc, 0x66, 0xf0, 0xd5, 0xfd, 0x98, 0xff, 0x53, 0x08, 0x01, 0xed, 0xa3, 0x77, 0xd3,
+	0x7f, 0x65, 0x1b, 0xbd, 0x49, 0xa8, 0x5f, 0x1e, 0xc1, 0x15, 0x5e, 0x14, 0xb1, 0x5c, 0xf7, 0xea,
+	0xc8, 0x03, 0x4b, 0xf6, 0xa2, 0x48, 0x3f, 0x12, 0x71, 0x27, 0x49, 0x1e, 0x99, 0xd2, 0x9c, 0x24,
+	0xf3, 0xa0, 0x9a, 0xe6, 0x24, 0xd9, 0xa7, 0x30, 0x65, 0x0a, 0x79, 0x70, 0x2a, 0x05, 0x20, 0x43,
+	0xef, 0x67, 0x39, 0x79, 0x1a, 0x5a, 0x57, 0xbf, 0x39, 0x26, 0x77, 0x78, 0xf2, 0xc5, 0xa2, 0x7f,
+	0x27, 0x1b, 0x35, 0xca, 0x9c, 0xfc, 0xf8, 0x12, 0xdf, 0xf8, 0xb7, 0x02, 0xcc, 0x73, 0xf0, 0x53,
+	0x64, 0x30, 0x9f, 0x03, 0x04, 0xf7, 0x0e, 0xe8, 0x52, 0xfa, 0x98, 0x44, 0xee, 0x66, 0xea, 0xef,
+	0x0e, 0x67, 0x0a, 0x3b, 0x5a, 0x08, 0xc3, 0x4f, 0x73, 0xb4, 0xe4, 0x55, 0x45, 0x9a, 0xa3, 0xa5,
+	0x5c, 0x04, 0x28, 0x53, 0xe8, 0x13, 0x28, 0xf9, 0x60, 0x31, 0x4a, 0x03, 0x9b, 0x63, 0x68, 0x78,
+	0xfd, 0xd2, 0x50, 0x9e, 0xb0, 0xd5, 0x21, 0x24, 0x38, 0xcd, 0xea, 0x24, 0xe2, 0x9c, 0x66, 0x75,
+	0x1a, 0x9c, 0x1c, 0x8c, 0x09, 0xc7, 0x8b, 0x32, 0xc7, 0x24, 0x02, 0xd7, 0x65, 0x8e, 0x49, 0x14,
+	0x74, 0x52, 0xa6, 0x1e, 0x5f, 0xf9, 0xf5, 0x57, 0xab, 0xb9, 0x7f, 0xfe, 0x6a, 0x75, 0xea, 0x67,
+	0x5f, 0xaf, 0xe6, 0x7e, 0xfd, 0xf5, 0x6a, 0xee, 0x9f, 0xbe, 0x5e, 0xcd, 0xfd, 0xfb, 0xd7, 0xab,
+	0xb9, 0x3f, 0xff, 0x8f, 0xd5, 0xa9, 0x1f, 0x15, 0xa5, 0xf4, 0xc1, 0x2c, 0xfb, 0xd7, 0x2e, 0x1f,
+	0xfe, 0x5f, 0x00, 0x00, 0x00, 0xff, 0xff, 0x44, 0x4e, 0x61, 0x00, 0xa0, 0x47, 0x00, 0x00,
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime/api.proto b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2/api.proto
similarity index 91%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime/api.proto
rename to vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2/api.proto
index 93428edc8afb..382f18138950 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime/api.proto
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2/api.proto
@@ -1,7 +1,8 @@
 // To regenerate api.pb.go run hack/update-generated-runtime.sh
 syntax = 'proto3';
 
-package runtime;
+package runtime.v1alpha2;
+option go_package = "v1alpha2";
 
 import "github.com/gogo/protobuf/gogoproto/gogo.proto";
 
@@ -63,6 +64,12 @@ service RuntimeService {
     rpc ContainerStatus(ContainerStatusRequest) returns (ContainerStatusResponse) {}
     // UpdateContainerResources updates ContainerConfig of the container.
     rpc UpdateContainerResources(UpdateContainerResourcesRequest) returns (UpdateContainerResourcesResponse) {}
+    // ReopenContainerLog asks runtime to reopen the stdout/stderr log file
+    // for the container. This is often called after the log file has been
+    // rotated. If the container is not running, container runtime can choose
+    // to either create a new log file and return nil, or return an error.
+    // Once it returns error, new container log file MUST NOT be created.
+    rpc ReopenContainerLog(ReopenContainerLogRequest) returns (ReopenContainerLogResponse) {}
 
     // ExecSync runs a command in a container synchronously.
     rpc ExecSync(ExecSyncRequest) returns (ExecSyncResponse) {}
@@ -174,14 +181,39 @@ message Mount {
     MountPropagation propagation = 5;
 }
 
+// A NamespaceMode describes the intended namespace configuration for each
+// of the namespaces (Network, PID, IPC) in NamespaceOption. Runtimes should
+// map these modes as appropriate for the technology underlying the runtime.
+enum NamespaceMode {
+    // A POD namespace is common to all containers in a pod.
+    // For example, a container with a PID namespace of POD expects to view
+    // all of the processes in all of the containers in the pod.
+    POD       = 0;
+    // A CONTAINER namespace is restricted to a single container.
+    // For example, a container with a PID namespace of CONTAINER expects to
+    // view only the processes in that container.
+    CONTAINER = 1;
+    // A NODE namespace is the namespace of the Kubernetes node.
+    // For example, a container with a PID namespace of NODE expects to view
+    // all of the processes on the host running the kubelet.
+    NODE      = 2;
+}
+
 // NamespaceOption provides options for Linux namespaces.
 message NamespaceOption {
-    // If set, use the host's network namespace.
-    bool host_network = 1;
-    // If set, use the host's PID namespace.
-    bool host_pid = 2;
-    // If set, use the host's IPC namespace.
-    bool host_ipc = 3;
+    // Network namespace for this container/sandbox.
+    // Note: There is currently no way to set CONTAINER scoped network in the Kubernetes API.
+    // Namespaces currently set by the kubelet: POD, NODE
+    NamespaceMode network = 1;
+    // PID namespace for this container/sandbox.
+    // Note: The CRI default is POD, but the v1.PodSpec default is CONTAINER.
+    // The kubelet's runtime manager will set this to CONTAINER explicitly for v1 pods.
+    // Namespaces currently set by the kubelet: POD, CONTAINER, NODE
+    NamespaceMode pid = 2;
+    // IPC namespace for this container/sandbox.
+    // Note: There is currently no way to set CONTAINER scoped IPC in the Kubernetes API.
+    // Namespaces currently set by the kubelet: POD, NODE
+    NamespaceMode ipc = 3;
 }
 
 // Int64Value is the wrapper of int64.
@@ -203,6 +235,8 @@ message LinuxSandboxSecurityContext {
     SELinuxOption selinux_options = 2;
     // UID to run sandbox processes as, when applicable.
     Int64Value run_as_user = 3;
+    // GID to run sandbox processes as, when applicable.
+    Int64Value run_as_group = 8;
     // If set, the root filesystem of the sandbox is read-only.
     bool readonly_rootfs = 4;
     // List of groups applied to the first process run in the sandbox, in
@@ -384,7 +418,7 @@ message PodSandboxStatus {
 message PodSandboxStatusResponse {
     // Status of the PodSandbox.
     PodSandboxStatus status = 1;
-    // Info is extra information of the PodSandbox. The key could be abitrary string, and
+    // Info is extra information of the PodSandbox. The key could be arbitrary string, and
     // value should be in json format. The information could include anything useful for
     // debug, e.g. network namespace for linux container based container runtime.
     // It should only be returned non-empty when Verbose is true.
@@ -519,6 +553,9 @@ message LinuxContainerSecurityContext {
     // UID to run the container process as. Only one of run_as_user and
     // run_as_username can be specified at a time.
     Int64Value run_as_user = 5;
+    // GID to run the container process as. Only one of run_as_group and
+    // run_as_groupname can be specified at a time.
+    Int64Value run_as_group = 12;
     // User name to run the container process as. If specified, the user MUST
     // exist in the container image (i.e. in the /etc/passwd inside the image),
     // and be resolved there by the runtime; otherwise, the runtime MUST error.
@@ -556,6 +593,26 @@ message LinuxContainerConfig {
     LinuxContainerSecurityContext security_context = 2;
 }
 
+// WindowsContainerConfig contains platform-specific configuration for
+// Windows-based containers.
+message WindowsContainerConfig {
+    // Resources specification for the container.
+    WindowsContainerResources resources = 1;
+}
+
+// WindowsContainerResources specifies Windows specific configuration for
+// resources.
+message WindowsContainerResources {
+    // CPU shares (relative weight vs. other containers). Default: 0 (not specified).
+    int64 cpu_shares = 1;
+    // Number of CPUs available to the container. Default: 0 (not specified).
+    int64 cpu_count = 2;
+    // Specifies the portion of processor cycles that this container can use as a percentage times 100.
+    int64 cpu_maximum = 3;
+    // Memory limit in bytes. Default: 0 (not specified).
+    int64 memory_limit_in_bytes = 4;
+}
+
 // ContainerMetadata holds all necessary information for building the container
 // name. The container runtime is encouraged to expose the metadata in its user
 // interface for better user experience. E.g., runtime can construct a unique
@@ -643,6 +700,8 @@ message ContainerConfig {
 
     // Configuration specific to Linux containers.
     LinuxContainerConfig linux = 15;
+   // Configuration specific to Windows containers.
+   WindowsContainerConfig windows = 16;
 }
 
 message CreateContainerRequest {
@@ -800,7 +859,7 @@ message ContainerStatus {
 message ContainerStatusResponse {
     // Status of the container.
     ContainerStatus status = 1;
-    // Info is extra information of the Container. The key could be abitrary string, and
+    // Info is extra information of the Container. The key could be arbitrary string, and
     // value should be in json format. The information could include anything useful for
     // debug, e.g. pid for linux container based container runtime.
     // It should only be returned non-empty when Verbose is true.
@@ -941,7 +1000,7 @@ message ImageStatusRequest {
 message ImageStatusResponse {
     // Status of the image.
     Image image = 1;
-    // Info is extra information of the Image. The key could be abitrary string, and
+    // Info is extra information of the Image. The key could be arbitrary string, and
     // value should be in json format. The information could include anything useful
     // for debug, e.g. image config for oci image based container runtime.
     // It should only be returned non-empty when Verbose is true.
@@ -1036,7 +1095,7 @@ message StatusRequest {
 message StatusResponse {
     // Status of the Runtime.
     RuntimeStatus status = 1;
-    // Info is extra information of the Runtime. The key could be abitrary string, and
+    // Info is extra information of the Runtime. The key could be arbitrary string, and
     // value should be in json format. The information could include anything useful for
     // debug, e.g. plugins used by the container runtime.
     // It should only be returned non-empty when Verbose is true.
@@ -1051,18 +1110,18 @@ message UInt64Value {
     uint64 value = 1;
 }
 
-// StorageIdentifier uniquely identify the storage..
-message StorageIdentifier{
-    // UUID of the device.
-    string uuid = 1;
+// FilesystemIdentifier uniquely identify the filesystem.
+message FilesystemIdentifier{
+    // Mountpoint of a filesystem.
+    string mountpoint = 1;
 }
 
 // FilesystemUsage provides the filesystem usage information.
 message FilesystemUsage {
     // Timestamp in nanoseconds at which the information were collected. Must be > 0.
     int64 timestamp = 1;
-    // The underlying storage of the filesystem.
-    StorageIdentifier storage_id = 2;
+    // The unique identifier of the filesystem.
+    FilesystemIdentifier fs_id = 2;
     // UsedBytes represents the bytes used for images on the filesystem.
     // This may differ from the total bytes used on the filesystem and may not
     // equal CapacityBytes - AvailableBytes.
@@ -1153,3 +1212,11 @@ message MemoryUsage {
     // The amount of working set memory in bytes.
     UInt64Value working_set_bytes = 2;
 }
+
+message ReopenContainerLogRequest {
+    // ID of the container for which to reopen the log.
+    string container_id = 1;
+}
+
+message ReopenContainerLogResponse{
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime/constants.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2/constants.go
similarity index 97%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime/constants.go
rename to vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2/constants.go
index 04cac264d149..0e141b7d796c 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime/constants.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2/constants.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package runtime
+package v1alpha2
 
 // This file contains all constants defined in CRI.
 
@@ -38,7 +38,7 @@ const (
 
 // LogTag is the tag of a log line in CRI container log.
 // Currently defined log tags:
-// * First tag: Partial/End - P/E.
+// * First tag: Partial/Full - P/F.
 // The field in the container log format can be extended to include multiple
 // tags by using a delimiter, but changes should be rare. If it becomes clear
 // that better extensibility is desired, a more extensible format (e.g., json)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/services.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/services.go
index 9c8ba0899c32..d8387dc2fc24 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/services.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/cri/services.go
@@ -19,7 +19,7 @@ package cri
 import (
 	"time"
 
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 )
 
 // RuntimeVersioner contains methods for runtime name, version and API version.
@@ -52,6 +52,10 @@ type ContainerManager interface {
 	Exec(*runtimeapi.ExecRequest) (*runtimeapi.ExecResponse, error)
 	// Attach prepares a streaming endpoint to attach to a running container, and returns the address.
 	Attach(req *runtimeapi.AttachRequest) (*runtimeapi.AttachResponse, error)
+	// ReopenContainerLog asks runtime to reopen the stdout/stderr log file
+	// for the container. If it returns error, new container log file MUST NOT
+	// be created.
+	ReopenContainerLog(ContainerID string) error
 }
 
 // PodSandboxManager contains methods for operating on PodSandboxes. The methods
@@ -74,7 +78,7 @@ type PodSandboxManager interface {
 	PortForward(*runtimeapi.PortForwardRequest) (*runtimeapi.PortForwardResponse, error)
 }
 
-// ContainerStatsManager contains methods for retriving the container
+// ContainerStatsManager contains methods for retrieving the container
 // statistics.
 type ContainerStatsManager interface {
 	// ContainerStats returns stats of the container. If the container does not
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1/BUILD
similarity index 94%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha/BUILD
rename to vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1/BUILD
index b60d55569c95..82a6bdd917de 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1/BUILD
@@ -11,7 +11,7 @@ go_library(
         "api.pb.go",
         "constants.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha",
+    importpath = "k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1",
     deps = [
         "//vendor/github.com/gogo/protobuf/gogoproto:go_default_library",
         "//vendor/github.com/gogo/protobuf/proto:go_default_library",
@@ -37,5 +37,4 @@ filegroup(
 filegroup(
     name = "go_default_library_protos",
     srcs = ["api.proto"],
-    visibility = ["//visibility:public"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha/api.pb.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1/api.pb.go
similarity index 60%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha/api.pb.go
rename to vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1/api.pb.go
index c29447ccf97b..dc6d68efdc60 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha/api.pb.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1/api.pb.go
@@ -19,22 +19,27 @@ limitations under the License.
 // DO NOT EDIT!
 
 /*
-	Package deviceplugin is a generated protocol buffer package.
+	Package v1beta1 is a generated protocol buffer package.
 
 	It is generated from these files:
 		api.proto
 
 	It has these top-level messages:
+		DevicePluginOptions
 		RegisterRequest
 		Empty
 		ListAndWatchResponse
 		Device
+		PreStartContainerRequest
+		PreStartContainerResponse
 		AllocateRequest
+		ContainerAllocateRequest
 		AllocateResponse
+		ContainerAllocateResponse
 		Mount
 		DeviceSpec
 */
-package deviceplugin
+package v1beta1
 
 import proto "github.com/gogo/protobuf/proto"
 import fmt "fmt"
@@ -63,6 +68,22 @@ var _ = math.Inf
 // proto package needs to be updated.
 const _ = proto.GoGoProtoPackageIsVersion2 // please upgrade the proto package
 
+type DevicePluginOptions struct {
+	// Indicates if PreStartContainer call is required before each container start
+	PreStartRequired bool `protobuf:"varint,1,opt,name=pre_start_required,json=preStartRequired,proto3" json:"pre_start_required,omitempty"`
+}
+
+func (m *DevicePluginOptions) Reset()                    { *m = DevicePluginOptions{} }
+func (*DevicePluginOptions) ProtoMessage()               {}
+func (*DevicePluginOptions) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{0} }
+
+func (m *DevicePluginOptions) GetPreStartRequired() bool {
+	if m != nil {
+		return m.PreStartRequired
+	}
+	return false
+}
+
 type RegisterRequest struct {
 	// Version of the API the Device Plugin was built against
 	Version string `protobuf:"bytes,1,opt,name=version,proto3" json:"version,omitempty"`
@@ -71,11 +92,13 @@ type RegisterRequest struct {
 	Endpoint string `protobuf:"bytes,2,opt,name=endpoint,proto3" json:"endpoint,omitempty"`
 	// Schedulable resource name. As of now it's expected to be a DNS Label
 	ResourceName string `protobuf:"bytes,3,opt,name=resource_name,json=resourceName,proto3" json:"resource_name,omitempty"`
+	// Options to be communicated with Device Manager
+	Options *DevicePluginOptions `protobuf:"bytes,4,opt,name=options" json:"options,omitempty"`
 }
 
 func (m *RegisterRequest) Reset()                    { *m = RegisterRequest{} }
 func (*RegisterRequest) ProtoMessage()               {}
-func (*RegisterRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{0} }
+func (*RegisterRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{1} }
 
 func (m *RegisterRequest) GetVersion() string {
 	if m != nil {
@@ -98,12 +121,19 @@ func (m *RegisterRequest) GetResourceName() string {
 	return ""
 }
 
+func (m *RegisterRequest) GetOptions() *DevicePluginOptions {
+	if m != nil {
+		return m.Options
+	}
+	return nil
+}
+
 type Empty struct {
 }
 
 func (m *Empty) Reset()                    { *m = Empty{} }
 func (*Empty) ProtoMessage()               {}
-func (*Empty) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{1} }
+func (*Empty) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{2} }
 
 // ListAndWatch returns a stream of List of Devices
 // Whenever a Device state change or a Device disapears, ListAndWatch
@@ -114,7 +144,7 @@ type ListAndWatchResponse struct {
 
 func (m *ListAndWatchResponse) Reset()                    { *m = ListAndWatchResponse{} }
 func (*ListAndWatchResponse) ProtoMessage()               {}
-func (*ListAndWatchResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{2} }
+func (*ListAndWatchResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{3} }
 
 func (m *ListAndWatchResponse) GetDevices() []*Device {
 	if m != nil {
@@ -139,7 +169,7 @@ type Device struct {
 
 func (m *Device) Reset()                    { *m = Device{} }
 func (*Device) ProtoMessage()               {}
-func (*Device) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{3} }
+func (*Device) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{4} }
 
 func (m *Device) GetID() string {
 	if m != nil {
@@ -155,6 +185,33 @@ func (m *Device) GetHealth() string {
 	return ""
 }
 
+// - PreStartContainer is expected to be called before each container start if indicated by plugin during registration phase.
+// - PreStartContainer allows kubelet to pass reinitialized devices to containers.
+// - PreStartContainer allows Device Plugin to run device specific operations on
+//   the Devices requested
+type PreStartContainerRequest struct {
+	DevicesIDs []string `protobuf:"bytes,1,rep,name=devicesIDs" json:"devicesIDs,omitempty"`
+}
+
+func (m *PreStartContainerRequest) Reset()                    { *m = PreStartContainerRequest{} }
+func (*PreStartContainerRequest) ProtoMessage()               {}
+func (*PreStartContainerRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{5} }
+
+func (m *PreStartContainerRequest) GetDevicesIDs() []string {
+	if m != nil {
+		return m.DevicesIDs
+	}
+	return nil
+}
+
+// PreStartContainerResponse will be send by plugin in response to PreStartContainerRequest
+type PreStartContainerResponse struct {
+}
+
+func (m *PreStartContainerResponse) Reset()                    { *m = PreStartContainerResponse{} }
+func (*PreStartContainerResponse) ProtoMessage()               {}
+func (*PreStartContainerResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{6} }
+
 // - Allocate is expected to be called during pod creation since allocation
 //   failures for any container would result in pod startup failure.
 // - Allocate allows kubelet to exposes additional artifacts in a pod's
@@ -162,14 +219,29 @@ func (m *Device) GetHealth() string {
 // - Allocate allows Device Plugin to run device specific operations on
 //   the Devices requested
 type AllocateRequest struct {
-	DevicesIDs []string `protobuf:"bytes,1,rep,name=devicesIDs" json:"devicesIDs,omitempty"`
+	ContainerRequests []*ContainerAllocateRequest `protobuf:"bytes,1,rep,name=container_requests,json=containerRequests" json:"container_requests,omitempty"`
 }
 
 func (m *AllocateRequest) Reset()                    { *m = AllocateRequest{} }
 func (*AllocateRequest) ProtoMessage()               {}
-func (*AllocateRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{4} }
+func (*AllocateRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{7} }
+
+func (m *AllocateRequest) GetContainerRequests() []*ContainerAllocateRequest {
+	if m != nil {
+		return m.ContainerRequests
+	}
+	return nil
+}
+
+type ContainerAllocateRequest struct {
+	DevicesIDs []string `protobuf:"bytes,1,rep,name=devicesIDs" json:"devicesIDs,omitempty"`
+}
 
-func (m *AllocateRequest) GetDevicesIDs() []string {
+func (m *ContainerAllocateRequest) Reset()                    { *m = ContainerAllocateRequest{} }
+func (*ContainerAllocateRequest) ProtoMessage()               {}
+func (*ContainerAllocateRequest) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{8} }
+
+func (m *ContainerAllocateRequest) GetDevicesIDs() []string {
 	if m != nil {
 		return m.DevicesIDs
 	}
@@ -185,39 +257,63 @@ func (m *AllocateRequest) GetDevicesIDs() []string {
 // The Device plugin should send a ListAndWatch update and fail the
 // Allocation request
 type AllocateResponse struct {
+	ContainerResponses []*ContainerAllocateResponse `protobuf:"bytes,1,rep,name=container_responses,json=containerResponses" json:"container_responses,omitempty"`
+}
+
+func (m *AllocateResponse) Reset()                    { *m = AllocateResponse{} }
+func (*AllocateResponse) ProtoMessage()               {}
+func (*AllocateResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{9} }
+
+func (m *AllocateResponse) GetContainerResponses() []*ContainerAllocateResponse {
+	if m != nil {
+		return m.ContainerResponses
+	}
+	return nil
+}
+
+type ContainerAllocateResponse struct {
 	// List of environment variable to be set in the container to access one of more devices.
 	Envs map[string]string `protobuf:"bytes,1,rep,name=envs" json:"envs,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
 	// Mounts for the container.
 	Mounts []*Mount `protobuf:"bytes,2,rep,name=mounts" json:"mounts,omitempty"`
 	// Devices for the container.
 	Devices []*DeviceSpec `protobuf:"bytes,3,rep,name=devices" json:"devices,omitempty"`
+	// Container annotations to pass to the container runtime
+	Annotations map[string]string `protobuf:"bytes,4,rep,name=annotations" json:"annotations,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
 }
 
-func (m *AllocateResponse) Reset()                    { *m = AllocateResponse{} }
-func (*AllocateResponse) ProtoMessage()               {}
-func (*AllocateResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{5} }
+func (m *ContainerAllocateResponse) Reset()                    { *m = ContainerAllocateResponse{} }
+func (*ContainerAllocateResponse) ProtoMessage()               {}
+func (*ContainerAllocateResponse) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{10} }
 
-func (m *AllocateResponse) GetEnvs() map[string]string {
+func (m *ContainerAllocateResponse) GetEnvs() map[string]string {
 	if m != nil {
 		return m.Envs
 	}
 	return nil
 }
 
-func (m *AllocateResponse) GetMounts() []*Mount {
+func (m *ContainerAllocateResponse) GetMounts() []*Mount {
 	if m != nil {
 		return m.Mounts
 	}
 	return nil
 }
 
-func (m *AllocateResponse) GetDevices() []*DeviceSpec {
+func (m *ContainerAllocateResponse) GetDevices() []*DeviceSpec {
 	if m != nil {
 		return m.Devices
 	}
 	return nil
 }
 
+func (m *ContainerAllocateResponse) GetAnnotations() map[string]string {
+	if m != nil {
+		return m.Annotations
+	}
+	return nil
+}
+
 // Mount specifies a host volume to mount into a container.
 // where device library or tools are installed on host and container
 type Mount struct {
@@ -231,7 +327,7 @@ type Mount struct {
 
 func (m *Mount) Reset()                    { *m = Mount{} }
 func (*Mount) ProtoMessage()               {}
-func (*Mount) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{6} }
+func (*Mount) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{11} }
 
 func (m *Mount) GetContainerPath() string {
 	if m != nil {
@@ -269,7 +365,7 @@ type DeviceSpec struct {
 
 func (m *DeviceSpec) Reset()                    { *m = DeviceSpec{} }
 func (*DeviceSpec) ProtoMessage()               {}
-func (*DeviceSpec) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{7} }
+func (*DeviceSpec) Descriptor() ([]byte, []int) { return fileDescriptorApi, []int{12} }
 
 func (m *DeviceSpec) GetContainerPath() string {
 	if m != nil {
@@ -293,14 +389,19 @@ func (m *DeviceSpec) GetPermissions() string {
 }
 
 func init() {
-	proto.RegisterType((*RegisterRequest)(nil), "deviceplugin.RegisterRequest")
-	proto.RegisterType((*Empty)(nil), "deviceplugin.Empty")
-	proto.RegisterType((*ListAndWatchResponse)(nil), "deviceplugin.ListAndWatchResponse")
-	proto.RegisterType((*Device)(nil), "deviceplugin.Device")
-	proto.RegisterType((*AllocateRequest)(nil), "deviceplugin.AllocateRequest")
-	proto.RegisterType((*AllocateResponse)(nil), "deviceplugin.AllocateResponse")
-	proto.RegisterType((*Mount)(nil), "deviceplugin.Mount")
-	proto.RegisterType((*DeviceSpec)(nil), "deviceplugin.DeviceSpec")
+	proto.RegisterType((*DevicePluginOptions)(nil), "v1beta1.DevicePluginOptions")
+	proto.RegisterType((*RegisterRequest)(nil), "v1beta1.RegisterRequest")
+	proto.RegisterType((*Empty)(nil), "v1beta1.Empty")
+	proto.RegisterType((*ListAndWatchResponse)(nil), "v1beta1.ListAndWatchResponse")
+	proto.RegisterType((*Device)(nil), "v1beta1.Device")
+	proto.RegisterType((*PreStartContainerRequest)(nil), "v1beta1.PreStartContainerRequest")
+	proto.RegisterType((*PreStartContainerResponse)(nil), "v1beta1.PreStartContainerResponse")
+	proto.RegisterType((*AllocateRequest)(nil), "v1beta1.AllocateRequest")
+	proto.RegisterType((*ContainerAllocateRequest)(nil), "v1beta1.ContainerAllocateRequest")
+	proto.RegisterType((*AllocateResponse)(nil), "v1beta1.AllocateResponse")
+	proto.RegisterType((*ContainerAllocateResponse)(nil), "v1beta1.ContainerAllocateResponse")
+	proto.RegisterType((*Mount)(nil), "v1beta1.Mount")
+	proto.RegisterType((*DeviceSpec)(nil), "v1beta1.DeviceSpec")
 }
 
 // Reference imports to suppress errors if they are not otherwise used.
@@ -327,7 +428,7 @@ func NewRegistrationClient(cc *grpc.ClientConn) RegistrationClient {
 
 func (c *registrationClient) Register(ctx context.Context, in *RegisterRequest, opts ...grpc.CallOption) (*Empty, error) {
 	out := new(Empty)
-	err := grpc.Invoke(ctx, "/deviceplugin.Registration/Register", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/v1beta1.Registration/Register", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -354,7 +455,7 @@ func _Registration_Register_Handler(srv interface{}, ctx context.Context, dec fu
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/deviceplugin.Registration/Register",
+		FullMethod: "/v1beta1.Registration/Register",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(RegistrationServer).Register(ctx, req.(*RegisterRequest))
@@ -363,7 +464,7 @@ func _Registration_Register_Handler(srv interface{}, ctx context.Context, dec fu
 }
 
 var _Registration_serviceDesc = grpc.ServiceDesc{
-	ServiceName: "deviceplugin.Registration",
+	ServiceName: "v1beta1.Registration",
 	HandlerType: (*RegistrationServer)(nil),
 	Methods: []grpc.MethodDesc{
 		{
@@ -378,6 +479,9 @@ var _Registration_serviceDesc = grpc.ServiceDesc{
 // Client API for DevicePlugin service
 
 type DevicePluginClient interface {
+	// GetDevicePluginOptions returns options to be communicated with Device
+	// Manager
+	GetDevicePluginOptions(ctx context.Context, in *Empty, opts ...grpc.CallOption) (*DevicePluginOptions, error)
 	// ListAndWatch returns a stream of List of Devices
 	// Whenever a Device state change or a Device disapears, ListAndWatch
 	// returns the new list
@@ -386,6 +490,10 @@ type DevicePluginClient interface {
 	// Plugin can run device specific operations and instruct Kubelet
 	// of the steps to make the Device available in the container
 	Allocate(ctx context.Context, in *AllocateRequest, opts ...grpc.CallOption) (*AllocateResponse, error)
+	// PreStartContainer is called, if indicated by Device Plugin during registeration phase,
+	// before each container start. Device plugin can run device specific operations
+	// such as reseting the device before making devices available to the container
+	PreStartContainer(ctx context.Context, in *PreStartContainerRequest, opts ...grpc.CallOption) (*PreStartContainerResponse, error)
 }
 
 type devicePluginClient struct {
@@ -396,8 +504,17 @@ func NewDevicePluginClient(cc *grpc.ClientConn) DevicePluginClient {
 	return &devicePluginClient{cc}
 }
 
+func (c *devicePluginClient) GetDevicePluginOptions(ctx context.Context, in *Empty, opts ...grpc.CallOption) (*DevicePluginOptions, error) {
+	out := new(DevicePluginOptions)
+	err := grpc.Invoke(ctx, "/v1beta1.DevicePlugin/GetDevicePluginOptions", in, out, c.cc, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
 func (c *devicePluginClient) ListAndWatch(ctx context.Context, in *Empty, opts ...grpc.CallOption) (DevicePlugin_ListAndWatchClient, error) {
-	stream, err := grpc.NewClientStream(ctx, &_DevicePlugin_serviceDesc.Streams[0], c.cc, "/deviceplugin.DevicePlugin/ListAndWatch", opts...)
+	stream, err := grpc.NewClientStream(ctx, &_DevicePlugin_serviceDesc.Streams[0], c.cc, "/v1beta1.DevicePlugin/ListAndWatch", opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -430,7 +547,16 @@ func (x *devicePluginListAndWatchClient) Recv() (*ListAndWatchResponse, error) {
 
 func (c *devicePluginClient) Allocate(ctx context.Context, in *AllocateRequest, opts ...grpc.CallOption) (*AllocateResponse, error) {
 	out := new(AllocateResponse)
-	err := grpc.Invoke(ctx, "/deviceplugin.DevicePlugin/Allocate", in, out, c.cc, opts...)
+	err := grpc.Invoke(ctx, "/v1beta1.DevicePlugin/Allocate", in, out, c.cc, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *devicePluginClient) PreStartContainer(ctx context.Context, in *PreStartContainerRequest, opts ...grpc.CallOption) (*PreStartContainerResponse, error) {
+	out := new(PreStartContainerResponse)
+	err := grpc.Invoke(ctx, "/v1beta1.DevicePlugin/PreStartContainer", in, out, c.cc, opts...)
 	if err != nil {
 		return nil, err
 	}
@@ -440,6 +566,9 @@ func (c *devicePluginClient) Allocate(ctx context.Context, in *AllocateRequest,
 // Server API for DevicePlugin service
 
 type DevicePluginServer interface {
+	// GetDevicePluginOptions returns options to be communicated with Device
+	// Manager
+	GetDevicePluginOptions(context.Context, *Empty) (*DevicePluginOptions, error)
 	// ListAndWatch returns a stream of List of Devices
 	// Whenever a Device state change or a Device disapears, ListAndWatch
 	// returns the new list
@@ -448,12 +577,34 @@ type DevicePluginServer interface {
 	// Plugin can run device specific operations and instruct Kubelet
 	// of the steps to make the Device available in the container
 	Allocate(context.Context, *AllocateRequest) (*AllocateResponse, error)
+	// PreStartContainer is called, if indicated by Device Plugin during registeration phase,
+	// before each container start. Device plugin can run device specific operations
+	// such as reseting the device before making devices available to the container
+	PreStartContainer(context.Context, *PreStartContainerRequest) (*PreStartContainerResponse, error)
 }
 
 func RegisterDevicePluginServer(s *grpc.Server, srv DevicePluginServer) {
 	s.RegisterService(&_DevicePlugin_serviceDesc, srv)
 }
 
+func _DevicePlugin_GetDevicePluginOptions_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(Empty)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(DevicePluginServer).GetDevicePluginOptions(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/v1beta1.DevicePlugin/GetDevicePluginOptions",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(DevicePluginServer).GetDevicePluginOptions(ctx, req.(*Empty))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
 func _DevicePlugin_ListAndWatch_Handler(srv interface{}, stream grpc.ServerStream) error {
 	m := new(Empty)
 	if err := stream.RecvMsg(m); err != nil {
@@ -485,7 +636,7 @@ func _DevicePlugin_Allocate_Handler(srv interface{}, ctx context.Context, dec fu
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: "/deviceplugin.DevicePlugin/Allocate",
+		FullMethod: "/v1beta1.DevicePlugin/Allocate",
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(DevicePluginServer).Allocate(ctx, req.(*AllocateRequest))
@@ -493,14 +644,40 @@ func _DevicePlugin_Allocate_Handler(srv interface{}, ctx context.Context, dec fu
 	return interceptor(ctx, in, info, handler)
 }
 
+func _DevicePlugin_PreStartContainer_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(PreStartContainerRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(DevicePluginServer).PreStartContainer(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/v1beta1.DevicePlugin/PreStartContainer",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(DevicePluginServer).PreStartContainer(ctx, req.(*PreStartContainerRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
 var _DevicePlugin_serviceDesc = grpc.ServiceDesc{
-	ServiceName: "deviceplugin.DevicePlugin",
+	ServiceName: "v1beta1.DevicePlugin",
 	HandlerType: (*DevicePluginServer)(nil),
 	Methods: []grpc.MethodDesc{
+		{
+			MethodName: "GetDevicePluginOptions",
+			Handler:    _DevicePlugin_GetDevicePluginOptions_Handler,
+		},
 		{
 			MethodName: "Allocate",
 			Handler:    _DevicePlugin_Allocate_Handler,
 		},
+		{
+			MethodName: "PreStartContainer",
+			Handler:    _DevicePlugin_PreStartContainer_Handler,
+		},
 	},
 	Streams: []grpc.StreamDesc{
 		{
@@ -512,6 +689,34 @@ var _DevicePlugin_serviceDesc = grpc.ServiceDesc{
 	Metadata: "api.proto",
 }
 
+func (m *DevicePluginOptions) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DevicePluginOptions) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if m.PreStartRequired {
+		dAtA[i] = 0x8
+		i++
+		if m.PreStartRequired {
+			dAtA[i] = 1
+		} else {
+			dAtA[i] = 0
+		}
+		i++
+	}
+	return i, nil
+}
+
 func (m *RegisterRequest) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -545,6 +750,16 @@ func (m *RegisterRequest) MarshalTo(dAtA []byte) (int, error) {
 		i = encodeVarintApi(dAtA, i, uint64(len(m.ResourceName)))
 		i += copy(dAtA[i:], m.ResourceName)
 	}
+	if m.Options != nil {
+		dAtA[i] = 0x22
+		i++
+		i = encodeVarintApi(dAtA, i, uint64(m.Options.Size()))
+		n1, err := m.Options.MarshalTo(dAtA[i:])
+		if err != nil {
+			return 0, err
+		}
+		i += n1
+	}
 	return i, nil
 }
 
@@ -626,6 +841,57 @@ func (m *Device) MarshalTo(dAtA []byte) (int, error) {
 	return i, nil
 }
 
+func (m *PreStartContainerRequest) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *PreStartContainerRequest) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if len(m.DevicesIDs) > 0 {
+		for _, s := range m.DevicesIDs {
+			dAtA[i] = 0xa
+			i++
+			l = len(s)
+			for l >= 1<<7 {
+				dAtA[i] = uint8(uint64(l)&0x7f | 0x80)
+				l >>= 7
+				i++
+			}
+			dAtA[i] = uint8(l)
+			i++
+			i += copy(dAtA[i:], s)
+		}
+	}
+	return i, nil
+}
+
+func (m *PreStartContainerResponse) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *PreStartContainerResponse) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	return i, nil
+}
+
 func (m *AllocateRequest) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -637,6 +903,36 @@ func (m *AllocateRequest) Marshal() (dAtA []byte, err error) {
 }
 
 func (m *AllocateRequest) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if len(m.ContainerRequests) > 0 {
+		for _, msg := range m.ContainerRequests {
+			dAtA[i] = 0xa
+			i++
+			i = encodeVarintApi(dAtA, i, uint64(msg.Size()))
+			n, err := msg.MarshalTo(dAtA[i:])
+			if err != nil {
+				return 0, err
+			}
+			i += n
+		}
+	}
+	return i, nil
+}
+
+func (m *ContainerAllocateRequest) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ContainerAllocateRequest) MarshalTo(dAtA []byte) (int, error) {
 	var i int
 	_ = i
 	var l int
@@ -670,6 +966,36 @@ func (m *AllocateResponse) Marshal() (dAtA []byte, err error) {
 }
 
 func (m *AllocateResponse) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	if len(m.ContainerResponses) > 0 {
+		for _, msg := range m.ContainerResponses {
+			dAtA[i] = 0xa
+			i++
+			i = encodeVarintApi(dAtA, i, uint64(msg.Size()))
+			n, err := msg.MarshalTo(dAtA[i:])
+			if err != nil {
+				return 0, err
+			}
+			i += n
+		}
+	}
+	return i, nil
+}
+
+func (m *ContainerAllocateResponse) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ContainerAllocateResponse) MarshalTo(dAtA []byte) (int, error) {
 	var i int
 	_ = i
 	var l int
@@ -715,6 +1041,23 @@ func (m *AllocateResponse) MarshalTo(dAtA []byte) (int, error) {
 			i += n
 		}
 	}
+	if len(m.Annotations) > 0 {
+		for k := range m.Annotations {
+			dAtA[i] = 0x22
+			i++
+			v := m.Annotations[k]
+			mapSize := 1 + len(k) + sovApi(uint64(len(k))) + 1 + len(v) + sovApi(uint64(len(v)))
+			i = encodeVarintApi(dAtA, i, uint64(mapSize))
+			dAtA[i] = 0xa
+			i++
+			i = encodeVarintApi(dAtA, i, uint64(len(k)))
+			i += copy(dAtA[i:], k)
+			dAtA[i] = 0x12
+			i++
+			i = encodeVarintApi(dAtA, i, uint64(len(v)))
+			i += copy(dAtA[i:], v)
+		}
+	}
 	return i, nil
 }
 
@@ -821,6 +1164,15 @@ func encodeVarintApi(dAtA []byte, offset int, v uint64) int {
 	dAtA[offset] = uint8(v)
 	return offset + 1
 }
+func (m *DevicePluginOptions) Size() (n int) {
+	var l int
+	_ = l
+	if m.PreStartRequired {
+		n += 2
+	}
+	return n
+}
+
 func (m *RegisterRequest) Size() (n int) {
 	var l int
 	_ = l
@@ -836,6 +1188,10 @@ func (m *RegisterRequest) Size() (n int) {
 	if l > 0 {
 		n += 1 + l + sovApi(uint64(l))
 	}
+	if m.Options != nil {
+		l = m.Options.Size()
+		n += 1 + l + sovApi(uint64(l))
+	}
 	return n
 }
 
@@ -871,7 +1227,7 @@ func (m *Device) Size() (n int) {
 	return n
 }
 
-func (m *AllocateRequest) Size() (n int) {
+func (m *PreStartContainerRequest) Size() (n int) {
 	var l int
 	_ = l
 	if len(m.DevicesIDs) > 0 {
@@ -883,20 +1239,62 @@ func (m *AllocateRequest) Size() (n int) {
 	return n
 }
 
-func (m *AllocateResponse) Size() (n int) {
+func (m *PreStartContainerResponse) Size() (n int) {
 	var l int
 	_ = l
-	if len(m.Envs) > 0 {
-		for k, v := range m.Envs {
-			_ = k
-			_ = v
-			mapEntrySize := 1 + len(k) + sovApi(uint64(len(k))) + 1 + len(v) + sovApi(uint64(len(v)))
-			n += mapEntrySize + 1 + sovApi(uint64(mapEntrySize))
-		}
-	}
-	if len(m.Mounts) > 0 {
-		for _, e := range m.Mounts {
-			l = e.Size()
+	return n
+}
+
+func (m *AllocateRequest) Size() (n int) {
+	var l int
+	_ = l
+	if len(m.ContainerRequests) > 0 {
+		for _, e := range m.ContainerRequests {
+			l = e.Size()
+			n += 1 + l + sovApi(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *ContainerAllocateRequest) Size() (n int) {
+	var l int
+	_ = l
+	if len(m.DevicesIDs) > 0 {
+		for _, s := range m.DevicesIDs {
+			l = len(s)
+			n += 1 + l + sovApi(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *AllocateResponse) Size() (n int) {
+	var l int
+	_ = l
+	if len(m.ContainerResponses) > 0 {
+		for _, e := range m.ContainerResponses {
+			l = e.Size()
+			n += 1 + l + sovApi(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *ContainerAllocateResponse) Size() (n int) {
+	var l int
+	_ = l
+	if len(m.Envs) > 0 {
+		for k, v := range m.Envs {
+			_ = k
+			_ = v
+			mapEntrySize := 1 + len(k) + sovApi(uint64(len(k))) + 1 + len(v) + sovApi(uint64(len(v)))
+			n += mapEntrySize + 1 + sovApi(uint64(mapEntrySize))
+		}
+	}
+	if len(m.Mounts) > 0 {
+		for _, e := range m.Mounts {
+			l = e.Size()
 			n += 1 + l + sovApi(uint64(l))
 		}
 	}
@@ -906,6 +1304,14 @@ func (m *AllocateResponse) Size() (n int) {
 			n += 1 + l + sovApi(uint64(l))
 		}
 	}
+	if len(m.Annotations) > 0 {
+		for k, v := range m.Annotations {
+			_ = k
+			_ = v
+			mapEntrySize := 1 + len(k) + sovApi(uint64(len(k))) + 1 + len(v) + sovApi(uint64(len(v)))
+			n += mapEntrySize + 1 + sovApi(uint64(mapEntrySize))
+		}
+	}
 	return n
 }
 
@@ -957,6 +1363,16 @@ func sovApi(x uint64) (n int) {
 func sozApi(x uint64) (n int) {
 	return sovApi(uint64((x << 1) ^ uint64((int64(x) >> 63))))
 }
+func (this *DevicePluginOptions) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&DevicePluginOptions{`,
+		`PreStartRequired:` + fmt.Sprintf("%v", this.PreStartRequired) + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *RegisterRequest) String() string {
 	if this == nil {
 		return "nil"
@@ -965,6 +1381,7 @@ func (this *RegisterRequest) String() string {
 		`Version:` + fmt.Sprintf("%v", this.Version) + `,`,
 		`Endpoint:` + fmt.Sprintf("%v", this.Endpoint) + `,`,
 		`ResourceName:` + fmt.Sprintf("%v", this.ResourceName) + `,`,
+		`Options:` + strings.Replace(fmt.Sprintf("%v", this.Options), "DevicePluginOptions", "DevicePluginOptions", 1) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -999,17 +1416,56 @@ func (this *Device) String() string {
 	}, "")
 	return s
 }
+func (this *PreStartContainerRequest) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&PreStartContainerRequest{`,
+		`DevicesIDs:` + fmt.Sprintf("%v", this.DevicesIDs) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *PreStartContainerResponse) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&PreStartContainerResponse{`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *AllocateRequest) String() string {
 	if this == nil {
 		return "nil"
 	}
 	s := strings.Join([]string{`&AllocateRequest{`,
+		`ContainerRequests:` + strings.Replace(fmt.Sprintf("%v", this.ContainerRequests), "ContainerAllocateRequest", "ContainerAllocateRequest", 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ContainerAllocateRequest) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ContainerAllocateRequest{`,
 		`DevicesIDs:` + fmt.Sprintf("%v", this.DevicesIDs) + `,`,
 		`}`,
 	}, "")
 	return s
 }
 func (this *AllocateResponse) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&AllocateResponse{`,
+		`ContainerResponses:` + strings.Replace(fmt.Sprintf("%v", this.ContainerResponses), "ContainerAllocateResponse", "ContainerAllocateResponse", 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ContainerAllocateResponse) String() string {
 	if this == nil {
 		return "nil"
 	}
@@ -1023,10 +1479,21 @@ func (this *AllocateResponse) String() string {
 		mapStringForEnvs += fmt.Sprintf("%v: %v,", k, this.Envs[k])
 	}
 	mapStringForEnvs += "}"
-	s := strings.Join([]string{`&AllocateResponse{`,
+	keysForAnnotations := make([]string, 0, len(this.Annotations))
+	for k := range this.Annotations {
+		keysForAnnotations = append(keysForAnnotations, k)
+	}
+	github_com_gogo_protobuf_sortkeys.Strings(keysForAnnotations)
+	mapStringForAnnotations := "map[string]string{"
+	for _, k := range keysForAnnotations {
+		mapStringForAnnotations += fmt.Sprintf("%v: %v,", k, this.Annotations[k])
+	}
+	mapStringForAnnotations += "}"
+	s := strings.Join([]string{`&ContainerAllocateResponse{`,
 		`Envs:` + mapStringForEnvs + `,`,
 		`Mounts:` + strings.Replace(fmt.Sprintf("%v", this.Mounts), "Mount", "Mount", 1) + `,`,
 		`Devices:` + strings.Replace(fmt.Sprintf("%v", this.Devices), "DeviceSpec", "DeviceSpec", 1) + `,`,
+		`Annotations:` + mapStringForAnnotations + `,`,
 		`}`,
 	}, "")
 	return s
@@ -1063,6 +1530,76 @@ func valueToStringApi(v interface{}) string {
 	pv := reflect.Indirect(rv).Interface()
 	return fmt.Sprintf("*%v", pv)
 }
+func (m *DevicePluginOptions) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowApi
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DevicePluginOptions: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DevicePluginOptions: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field PreStartRequired", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowApi
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.PreStartRequired = bool(v != 0)
+		default:
+			iNdEx = preIndex
+			skippy, err := skipApi(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthApi
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
 func (m *RegisterRequest) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
@@ -1179,6 +1716,39 @@ func (m *RegisterRequest) Unmarshal(dAtA []byte) error {
 			}
 			m.ResourceName = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Options", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowApi
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthApi
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Options == nil {
+				m.Options = &DevicePluginOptions{}
+			}
+			if err := m.Options.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipApi(dAtA[iNdEx:])
@@ -1439,7 +2009,7 @@ func (m *Device) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *AllocateRequest) Unmarshal(dAtA []byte) error {
+func (m *PreStartContainerRequest) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -1462,10 +2032,10 @@ func (m *AllocateRequest) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: AllocateRequest: wiretype end group for non-group")
+			return fmt.Errorf("proto: PreStartContainerRequest: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: AllocateRequest: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: PreStartContainerRequest: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
@@ -1518,7 +2088,7 @@ func (m *AllocateRequest) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *AllocateResponse) Unmarshal(dAtA []byte) error {
+func (m *PreStartContainerResponse) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -1541,15 +2111,65 @@ func (m *AllocateResponse) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: AllocateResponse: wiretype end group for non-group")
+			return fmt.Errorf("proto: PreStartContainerResponse: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: AllocateResponse: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: PreStartContainerResponse: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		default:
+			iNdEx = preIndex
+			skippy, err := skipApi(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthApi
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *AllocateRequest) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowApi
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: AllocateRequest: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: AllocateRequest: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Envs", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field ContainerRequests", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -1573,18 +2193,259 @@ func (m *AllocateResponse) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			var keykey uint64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowApi
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				keykey |= (uint64(b) & 0x7F) << shift
-				if b < 0x80 {
+			m.ContainerRequests = append(m.ContainerRequests, &ContainerAllocateRequest{})
+			if err := m.ContainerRequests[len(m.ContainerRequests)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipApi(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthApi
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ContainerAllocateRequest) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowApi
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ContainerAllocateRequest: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ContainerAllocateRequest: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field DevicesIDs", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowApi
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthApi
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.DevicesIDs = append(m.DevicesIDs, string(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipApi(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthApi
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *AllocateResponse) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowApi
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: AllocateResponse: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: AllocateResponse: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ContainerResponses", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowApi
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthApi
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.ContainerResponses = append(m.ContainerResponses, &ContainerAllocateResponse{})
+			if err := m.ContainerResponses[len(m.ContainerResponses)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipApi(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthApi
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ContainerAllocateResponse) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowApi
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ContainerAllocateResponse: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ContainerAllocateResponse: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Envs", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowApi
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthApi
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			var keykey uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowApi
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				keykey |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
 					break
 				}
 			}
@@ -1725,6 +2586,122 @@ func (m *AllocateResponse) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Annotations", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowApi
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthApi
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			var keykey uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowApi
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				keykey |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			var stringLenmapkey uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowApi
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLenmapkey |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLenmapkey := int(stringLenmapkey)
+			if intStringLenmapkey < 0 {
+				return ErrInvalidLengthApi
+			}
+			postStringIndexmapkey := iNdEx + intStringLenmapkey
+			if postStringIndexmapkey > l {
+				return io.ErrUnexpectedEOF
+			}
+			mapkey := string(dAtA[iNdEx:postStringIndexmapkey])
+			iNdEx = postStringIndexmapkey
+			if m.Annotations == nil {
+				m.Annotations = make(map[string]string)
+			}
+			if iNdEx < postIndex {
+				var valuekey uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowApi
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					valuekey |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				var stringLenmapvalue uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowApi
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					stringLenmapvalue |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				intStringLenmapvalue := int(stringLenmapvalue)
+				if intStringLenmapvalue < 0 {
+					return ErrInvalidLengthApi
+				}
+				postStringIndexmapvalue := iNdEx + intStringLenmapvalue
+				if postStringIndexmapvalue > l {
+					return io.ErrUnexpectedEOF
+				}
+				mapvalue := string(dAtA[iNdEx:postStringIndexmapvalue])
+				iNdEx = postStringIndexmapvalue
+				m.Annotations[mapkey] = mapvalue
+			} else {
+				var mapvalue string
+				m.Annotations[mapkey] = mapvalue
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipApi(dAtA[iNdEx:])
@@ -2119,41 +3096,53 @@ var (
 func init() { proto.RegisterFile("api.proto", fileDescriptorApi) }
 
 var fileDescriptorApi = []byte{
-	// 562 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x54, 0xcb, 0x8e, 0xd3, 0x4a,
-	0x10, 0x4d, 0x27, 0x77, 0xf2, 0xa8, 0xc9, 0x3c, 0xd4, 0x37, 0x42, 0x96, 0x01, 0x2b, 0x32, 0x42,
-	0x8a, 0x84, 0xf0, 0x0c, 0x61, 0x01, 0x42, 0x2c, 0x18, 0x94, 0x20, 0x8d, 0x86, 0x47, 0x64, 0x16,
-	0x2c, 0xa3, 0x8e, 0x53, 0xc4, 0x16, 0x76, 0xb7, 0x71, 0xb7, 0x23, 0x65, 0xc7, 0x27, 0xf0, 0x19,
-	0x7c, 0xca, 0x2c, 0x59, 0xb2, 0x64, 0xc2, 0x8e, 0xaf, 0x40, 0x6e, 0xdb, 0x79, 0x29, 0x62, 0xc5,
-	0xce, 0x75, 0xea, 0x9c, 0xd4, 0xa9, 0xca, 0xb1, 0xa1, 0xc5, 0xe2, 0xc0, 0x89, 0x13, 0xa1, 0x04,
-	0x6d, 0x4f, 0x71, 0x1e, 0x78, 0x18, 0x87, 0xe9, 0x2c, 0xe0, 0xe6, 0xc3, 0x59, 0xa0, 0xfc, 0x74,
-	0xe2, 0x78, 0x22, 0x3a, 0x9b, 0x89, 0x99, 0x38, 0xd3, 0xa4, 0x49, 0xfa, 0x51, 0x57, 0xba, 0xd0,
-	0x4f, 0xb9, 0xd8, 0x0e, 0xe1, 0xc4, 0xc5, 0x59, 0x20, 0x15, 0x26, 0x2e, 0x7e, 0x4e, 0x51, 0x2a,
-	0x6a, 0x40, 0x63, 0x8e, 0x89, 0x0c, 0x04, 0x37, 0x48, 0x97, 0xf4, 0x5a, 0x6e, 0x59, 0x52, 0x13,
-	0x9a, 0xc8, 0xa7, 0xb1, 0x08, 0xb8, 0x32, 0xaa, 0xba, 0xb5, 0xaa, 0xe9, 0x3d, 0x38, 0x4a, 0x50,
-	0x8a, 0x34, 0xf1, 0x70, 0xcc, 0x59, 0x84, 0x46, 0x4d, 0x13, 0xda, 0x25, 0xf8, 0x96, 0x45, 0x68,
-	0x37, 0xe0, 0x60, 0x18, 0xc5, 0x6a, 0x61, 0xbf, 0x82, 0xce, 0xeb, 0x40, 0xaa, 0x0b, 0x3e, 0xfd,
-	0xc0, 0x94, 0xe7, 0xbb, 0x28, 0x63, 0xc1, 0x25, 0x52, 0x07, 0x1a, 0xf9, 0x36, 0xd2, 0x20, 0xdd,
-	0x5a, 0xef, 0xb0, 0xdf, 0x71, 0x36, 0xb7, 0x73, 0x06, 0xba, 0x70, 0x4b, 0x92, 0x7d, 0x0e, 0xf5,
-	0x1c, 0xa2, 0xc7, 0x50, 0xbd, 0x1c, 0x14, 0x86, 0xab, 0xc1, 0x80, 0xde, 0x82, 0xba, 0x8f, 0x2c,
-	0x54, 0x7e, 0xe1, 0xb4, 0xa8, 0xec, 0x47, 0x70, 0x72, 0x11, 0x86, 0xc2, 0x63, 0x0a, 0xcb, 0x85,
-	0x2d, 0x80, 0xe2, 0xf7, 0x2e, 0x07, 0xf9, 0xdc, 0x96, 0xbb, 0x81, 0xd8, 0xbf, 0x09, 0x9c, 0xae,
-	0x35, 0x85, 0xd3, 0xe7, 0xf0, 0x1f, 0xf2, 0x79, 0x69, 0xb3, 0xb7, 0x6d, 0x73, 0x97, 0xed, 0x0c,
-	0xf9, 0x5c, 0x0e, 0xb9, 0x4a, 0x16, 0xae, 0x56, 0xd1, 0x07, 0x50, 0x8f, 0x44, 0xca, 0x95, 0x34,
-	0xaa, 0x5a, 0xff, 0xff, 0xb6, 0xfe, 0x4d, 0xd6, 0x73, 0x0b, 0x0a, 0xed, 0xaf, 0x8f, 0x52, 0xd3,
-	0x6c, 0x63, 0xdf, 0x51, 0xde, 0xc7, 0xe8, 0xad, 0x0e, 0x63, 0x3e, 0x81, 0xd6, 0x6a, 0x26, 0x3d,
-	0x85, 0xda, 0x27, 0x5c, 0x14, 0xc7, 0xc9, 0x1e, 0x69, 0x07, 0x0e, 0xe6, 0x2c, 0x4c, 0xb1, 0x38,
-	0x4e, 0x5e, 0x3c, 0xab, 0x3e, 0x25, 0xb6, 0x0f, 0x07, 0x7a, 0x3a, 0xbd, 0x0f, 0xc7, 0x9e, 0xe0,
-	0x8a, 0x05, 0x1c, 0x93, 0x71, 0xcc, 0x94, 0x5f, 0xe8, 0x8f, 0x56, 0xe8, 0x88, 0x29, 0x9f, 0xde,
-	0x86, 0x96, 0x2f, 0xa4, 0xca, 0x19, 0x45, 0x28, 0x32, 0xa0, 0x6c, 0x26, 0xc8, 0xa6, 0x63, 0xc1,
-	0xc3, 0x85, 0x0e, 0x44, 0xd3, 0x6d, 0x66, 0xc0, 0x3b, 0x1e, 0x2e, 0xec, 0x04, 0x60, 0xed, 0xfc,
-	0x9f, 0x8c, 0xeb, 0xc2, 0x61, 0x8c, 0x49, 0x14, 0xc8, 0x2c, 0xad, 0xb2, 0x48, 0xe0, 0x26, 0xd4,
-	0x1f, 0x41, 0x3b, 0x8f, 0x7b, 0xc2, 0x54, 0x96, 0xe8, 0x17, 0xd0, 0x2c, 0xe3, 0x4f, 0xef, 0x6e,
-	0x5f, 0x75, 0xe7, 0xb5, 0x30, 0x77, 0xfe, 0xa2, 0x3c, 0xc7, 0x95, 0xfe, 0x37, 0x02, 0xed, 0x7c,
-	0x8d, 0x91, 0x6e, 0xd0, 0x2b, 0x68, 0x6f, 0x46, 0x9b, 0xee, 0xd3, 0x99, 0xf6, 0x36, 0xb8, 0xef,
-	0x5d, 0xb0, 0x2b, 0xe7, 0x84, 0x5e, 0x41, 0xb3, 0xcc, 0xd2, 0xae, 0xbf, 0x9d, 0x14, 0x9b, 0xd6,
-	0xdf, 0x23, 0x68, 0x57, 0x5e, 0xde, 0xb9, 0xbe, 0xb1, 0xc8, 0x8f, 0x1b, 0xab, 0xf2, 0x65, 0x69,
-	0x91, 0xeb, 0xa5, 0x45, 0xbe, 0x2f, 0x2d, 0xf2, 0x73, 0x69, 0x91, 0xaf, 0xbf, 0xac, 0xca, 0xa4,
-	0xae, 0x3f, 0x08, 0x8f, 0xff, 0x04, 0x00, 0x00, 0xff, 0xff, 0x17, 0x55, 0xaf, 0xe1, 0x5a, 0x04,
-	0x00, 0x00,
+	// 760 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x55, 0xcd, 0x4e, 0xdb, 0x4a,
+	0x14, 0x8e, 0x13, 0xc8, 0xcf, 0x49, 0x80, 0x30, 0x20, 0x64, 0x0c, 0xd7, 0xca, 0xf5, 0xd5, 0xbd,
+	0xe2, 0x4a, 0x10, 0x20, 0x48, 0xdc, 0x2b, 0x16, 0x55, 0x53, 0x42, 0x5b, 0xa4, 0xb6, 0x44, 0x46,
+	0x55, 0x37, 0x95, 0x22, 0xc7, 0x99, 0xc6, 0x56, 0x93, 0x19, 0xd7, 0x33, 0x89, 0x94, 0x5d, 0x17,
+	0x7d, 0x80, 0x3e, 0x44, 0x1f, 0xa3, 0x0f, 0xc0, 0xb2, 0xcb, 0x2e, 0x4b, 0xfa, 0x22, 0x95, 0xc7,
+	0x1e, 0x3b, 0x32, 0x01, 0x5a, 0xa9, 0x3b, 0xcf, 0x77, 0xce, 0xf7, 0xcd, 0x39, 0x67, 0x4e, 0xbe,
+	0x40, 0xc9, 0xf2, 0xdc, 0xba, 0xe7, 0x53, 0x4e, 0x51, 0x61, 0x7c, 0xd8, 0xc5, 0xdc, 0x3a, 0xd4,
+	0xf6, 0xfa, 0x2e, 0x77, 0x46, 0xdd, 0xba, 0x4d, 0x87, 0xfb, 0x7d, 0xda, 0xa7, 0xfb, 0x22, 0xde,
+	0x1d, 0xbd, 0x11, 0x27, 0x71, 0x10, 0x5f, 0x21, 0xcf, 0x38, 0x85, 0xb5, 0x16, 0x1e, 0xbb, 0x36,
+	0x6e, 0x0f, 0x46, 0x7d, 0x97, 0x5c, 0x78, 0xdc, 0xa5, 0x84, 0xa1, 0x5d, 0x40, 0x9e, 0x8f, 0x3b,
+	0x8c, 0x5b, 0x3e, 0xef, 0xf8, 0xf8, 0xdd, 0xc8, 0xf5, 0x71, 0x4f, 0x55, 0x6a, 0xca, 0x4e, 0xd1,
+	0xac, 0x7a, 0x3e, 0xbe, 0x0c, 0x02, 0x66, 0x84, 0x1b, 0x9f, 0x14, 0x58, 0x31, 0x71, 0xdf, 0x65,
+	0x1c, 0xfb, 0x01, 0x88, 0x19, 0x47, 0x2a, 0x14, 0xc6, 0xd8, 0x67, 0x2e, 0x25, 0x82, 0x56, 0x32,
+	0xe5, 0x11, 0x69, 0x50, 0xc4, 0xa4, 0xe7, 0x51, 0x97, 0x70, 0x35, 0x2b, 0x42, 0xf1, 0x19, 0xfd,
+	0x05, 0x4b, 0x3e, 0x66, 0x74, 0xe4, 0xdb, 0xb8, 0x43, 0xac, 0x21, 0x56, 0x73, 0x22, 0xa1, 0x22,
+	0xc1, 0x17, 0xd6, 0x10, 0xa3, 0x63, 0x28, 0xd0, 0xb0, 0x4e, 0x75, 0xa1, 0xa6, 0xec, 0x94, 0x1b,
+	0xdb, 0xf5, 0xa8, 0xfb, 0xfa, 0x9c, 0x5e, 0x4c, 0x99, 0x6c, 0x14, 0x60, 0xf1, 0x6c, 0xe8, 0xf1,
+	0x89, 0xd1, 0x84, 0xf5, 0x67, 0x2e, 0xe3, 0x4d, 0xd2, 0x7b, 0x65, 0x71, 0xdb, 0x31, 0x31, 0xf3,
+	0x28, 0x61, 0x18, 0xfd, 0x0b, 0x85, 0x9e, 0x10, 0x60, 0xaa, 0x52, 0xcb, 0xed, 0x94, 0x1b, 0x2b,
+	0x29, 0x61, 0x53, 0xc6, 0x8d, 0x03, 0xc8, 0x87, 0x10, 0x5a, 0x86, 0xec, 0x79, 0x2b, 0xea, 0x31,
+	0xeb, 0xb6, 0xd0, 0x06, 0xe4, 0x1d, 0x6c, 0x0d, 0xb8, 0x13, 0x35, 0x17, 0x9d, 0x8c, 0x13, 0x50,
+	0xdb, 0xd1, 0xe0, 0x4e, 0x29, 0xe1, 0x96, 0x4b, 0x92, 0x61, 0xe9, 0x00, 0x91, 0xf0, 0x79, 0x2b,
+	0xbc, 0xbb, 0x64, 0xce, 0x20, 0xc6, 0x16, 0x6c, 0xce, 0xe1, 0x86, 0x55, 0x1b, 0x36, 0xac, 0x34,
+	0x07, 0x03, 0x6a, 0x5b, 0x1c, 0x4b, 0xbd, 0x36, 0x20, 0x5b, 0xe6, 0x89, 0xe7, 0xc3, 0x8c, 0xcb,
+	0x9e, 0xfe, 0x8c, 0x7b, 0x8a, 0xa5, 0x52, 0x74, 0x73, 0xd5, 0x4e, 0x15, 0xc8, 0x82, 0xea, 0x6f,
+	0x4b, 0xbf, 0xb7, 0xfa, 0x3e, 0x54, 0x13, 0x4a, 0x34, 0xea, 0x4b, 0x58, 0x9b, 0xad, 0x30, 0x44,
+	0x65, 0x89, 0xc6, 0x5d, 0x25, 0x86, 0xa9, 0x26, 0xb2, 0xd3, 0x83, 0x60, 0xc6, 0x87, 0x1c, 0x6c,
+	0xde, 0xca, 0x40, 0x0f, 0x61, 0x01, 0x93, 0xb1, 0xbc, 0x63, 0xf7, 0xfe, 0x3b, 0xea, 0x67, 0x64,
+	0xcc, 0xce, 0x08, 0xf7, 0x27, 0xa6, 0x60, 0xa2, 0x7f, 0x20, 0x3f, 0xa4, 0x23, 0xc2, 0x99, 0x9a,
+	0x15, 0x1a, 0xcb, 0xb1, 0xc6, 0xf3, 0x00, 0x36, 0xa3, 0x28, 0xda, 0x4b, 0xf6, 0x28, 0x27, 0x12,
+	0xd7, 0x52, 0x7b, 0x74, 0xe9, 0x61, 0x3b, 0xde, 0x25, 0xf4, 0x12, 0xca, 0x16, 0x21, 0x94, 0x5b,
+	0x72, 0xa7, 0x03, 0xca, 0xd1, 0x4f, 0xd4, 0xd7, 0x4c, 0x58, 0x61, 0x99, 0xb3, 0x3a, 0xda, 0x7f,
+	0x50, 0x8a, 0x1b, 0x40, 0x55, 0xc8, 0xbd, 0xc5, 0x93, 0x68, 0x4d, 0x83, 0x4f, 0xb4, 0x0e, 0x8b,
+	0x63, 0x6b, 0x30, 0xc2, 0xd1, 0x9a, 0x86, 0x87, 0x93, 0xec, 0xff, 0x8a, 0xf6, 0x00, 0xaa, 0x69,
+	0xe5, 0x5f, 0xe1, 0x1b, 0x0e, 0x2c, 0x8a, 0x79, 0xa0, 0xbf, 0x61, 0x39, 0x79, 0x64, 0xcf, 0xe2,
+	0x4e, 0xc4, 0x5f, 0x8a, 0xd1, 0xb6, 0xc5, 0x1d, 0xb4, 0x05, 0x25, 0x87, 0x32, 0x1e, 0x66, 0x44,
+	0x8e, 0x10, 0x00, 0x32, 0xe8, 0x63, 0xab, 0xd7, 0xa1, 0x64, 0x30, 0x11, 0x6e, 0x50, 0x34, 0x8b,
+	0x01, 0x70, 0x41, 0x06, 0x13, 0xc3, 0x07, 0x48, 0x06, 0xfa, 0x5b, 0xae, 0xab, 0x41, 0xd9, 0xc3,
+	0xfe, 0xd0, 0x65, 0x4c, 0xbc, 0x45, 0x68, 0x3f, 0xb3, 0x50, 0xe3, 0x31, 0x54, 0x42, 0xaf, 0xf3,
+	0xc5, 0x7c, 0xd0, 0x31, 0x14, 0xa5, 0xf7, 0x21, 0x35, 0x7e, 0xb4, 0x94, 0x1d, 0x6a, 0xc9, 0xaa,
+	0x84, 0x16, 0x94, 0x69, 0x7c, 0xce, 0x42, 0x65, 0xd6, 0xae, 0xd0, 0x53, 0xd8, 0x78, 0x82, 0xf9,
+	0x3c, 0x37, 0x4e, 0x91, 0xb5, 0x3b, 0xfd, 0xce, 0xc8, 0xa0, 0x26, 0x54, 0x66, 0xfd, 0xed, 0x06,
+	0xff, 0x8f, 0xf8, 0x3c, 0xcf, 0x06, 0x8d, 0xcc, 0x81, 0x82, 0x9a, 0x50, 0x94, 0xeb, 0x36, 0xd3,
+	0x55, 0xea, 0x97, 0xaf, 0x6d, 0xce, 0x89, 0x48, 0x11, 0xf4, 0x1a, 0x56, 0x6f, 0x98, 0x16, 0x4a,
+	0xdc, 0xe7, 0x36, 0x33, 0xd4, 0x8c, 0xbb, 0x52, 0xa4, 0xfa, 0xa3, 0xed, 0xab, 0x6b, 0x5d, 0xf9,
+	0x7a, 0xad, 0x67, 0xde, 0x4f, 0x75, 0xe5, 0x6a, 0xaa, 0x2b, 0x5f, 0xa6, 0xba, 0xf2, 0x6d, 0xaa,
+	0x2b, 0x1f, 0xbf, 0xeb, 0x99, 0x6e, 0x5e, 0xfc, 0xbb, 0x1d, 0xfd, 0x08, 0x00, 0x00, 0xff, 0xff,
+	0xb9, 0xc2, 0x87, 0x92, 0x22, 0x07, 0x00, 0x00,
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha/api.proto b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1/api.proto
similarity index 73%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha/api.proto
rename to vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1/api.proto
index 05408cbb1fa8..efbd72c133c5 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha/api.proto
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1/api.proto
@@ -1,7 +1,7 @@
 // To regenerate api.pb.go run hack/update-device-plugin.sh
 syntax = 'proto3';
 
-package deviceplugin;
+package v1beta1;
 
 import "github.com/gogo/protobuf/gogoproto/gogo.proto";
 
@@ -24,6 +24,11 @@ service Registration {
 	rpc Register(RegisterRequest) returns (Empty) {}
 }
 
+message DevicePluginOptions {
+        // Indicates if PreStartContainer call is required before each container start
+	bool pre_start_required = 1;
+}
+
 message RegisterRequest {
 	// Version of the API the Device Plugin was built against
 	string version = 1;
@@ -32,6 +37,8 @@ message RegisterRequest {
 	string endpoint = 2;
 	// Schedulable resource name. As of now it's expected to be a DNS Label
 	string resource_name = 3;
+        // Options to be communicated with Device Manager
+        DevicePluginOptions options = 4;
 }
 
 message Empty {
@@ -39,6 +46,10 @@ message Empty {
 
 // DevicePlugin is the service advertised by Device Plugins
 service DevicePlugin {
+	// GetDevicePluginOptions returns options to be communicated with Device
+        // Manager
+	rpc GetDevicePluginOptions(Empty) returns (DevicePluginOptions) {}
+
 	// ListAndWatch returns a stream of List of Devices
 	// Whenever a Device state change or a Device disapears, ListAndWatch
 	// returns the new list
@@ -48,6 +59,11 @@ service DevicePlugin {
 	// Plugin can run device specific operations and instruct Kubelet
 	// of the steps to make the Device available in the container
 	rpc Allocate(AllocateRequest) returns (AllocateResponse) {}
+
+        // PreStartContainer is called, if indicated by Device Plugin during registeration phase,
+        // before each container start. Device plugin can run device specific operations
+        // such as reseting the device before making devices available to the container
+	rpc PreStartContainer(PreStartContainerRequest) returns (PreStartContainerResponse) {}
 }
 
 // ListAndWatch returns a stream of List of Devices
@@ -71,6 +87,18 @@ message Device {
 	string health = 2;
 }
 
+// - PreStartContainer is expected to be called before each container start if indicated by plugin during registration phase.
+// - PreStartContainer allows kubelet to pass reinitialized devices to containers.
+// - PreStartContainer allows Device Plugin to run device specific operations on
+//   the Devices requested
+message PreStartContainerRequest {
+        repeated string devicesIDs = 1;
+}
+
+// PreStartContainerResponse will be send by plugin in response to PreStartContainerRequest
+message PreStartContainerResponse {
+}
+
 // - Allocate is expected to be called during pod creation since allocation
 //   failures for any container would result in pod startup failure.
 // - Allocate allows kubelet to exposes additional artifacts in a pod's
@@ -78,6 +106,10 @@ message Device {
 // - Allocate allows Device Plugin to run device specific operations on
 //   the Devices requested
 message AllocateRequest {
+	repeated ContainerAllocateRequest container_requests = 1;
+}
+
+message ContainerAllocateRequest {
 	repeated string devicesIDs = 1;
 }
 
@@ -90,12 +122,18 @@ message AllocateRequest {
 // The Device plugin should send a ListAndWatch update and fail the
 // Allocation request
 message AllocateResponse {
+	repeated ContainerAllocateResponse container_responses = 1;
+}
+
+message ContainerAllocateResponse {
   	// List of environment variable to be set in the container to access one of more devices.
 	map<string, string> envs = 1;
 	// Mounts for the container.
 	repeated Mount mounts = 2;
 	// Devices for the container.
 	repeated DeviceSpec devices = 3;
+	// Container annotations to pass to the container runtime
+	map<string, string> annotations = 4;
 }
 
 // Mount specifies a host volume to mount into a container.
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha/constants.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1/constants.go
similarity index 79%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha/constants.go
rename to vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1/constants.go
index 896354ab9019..13c9bdd10138 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha/constants.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1/constants.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2017 The Kubernetes Authors.
+Copyright 2018 The Kubernetes Authors.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -14,20 +14,24 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package deviceplugin
+package v1beta1
 
 const (
 	// Healthy means that the device is healty
 	Healthy = "Healthy"
-	// UnHealthy means that the device is unhealty
+	// UnHealthy means that the device is unhealthy
 	Unhealthy = "Unhealthy"
 
 	// Current version of the API supported by kubelet
-	Version = "v1alpha2"
+	Version = "v1beta1"
 	// DevicePluginPath is the folder the Device Plugin is expecting sockets to be on
 	// Only privileged pods have access to this path
 	// Note: Placeholder until we find a "standard path"
 	DevicePluginPath = "/var/lib/kubelet/device-plugins/"
 	// KubeletSocket is the path of the Kubelet registry socket
 	KubeletSocket = DevicePluginPath + "kubelet.sock"
+	// Timeout duration in secs for PreStartContainer RPC
+	KubeletPreStartContainerRPCTimeoutInSecs = 30
 )
+
+var SupportedVersions = [...]string{"v1beta1"}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/BUILD
index c62439d6261a..0aa5579dde4a 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/BUILD
@@ -36,7 +36,7 @@ filegroup(
         ":package-srcs",
         "//pkg/kubelet/apis/kubeletconfig/fuzzer:all-srcs",
         "//pkg/kubelet/apis/kubeletconfig/scheme:all-srcs",
-        "//pkg/kubelet/apis/kubeletconfig/v1alpha1:all-srcs",
+        "//pkg/kubelet/apis/kubeletconfig/v1beta1:all-srcs",
         "//pkg/kubelet/apis/kubeletconfig/validation:all-srcs",
     ],
     tags = ["automanaged"],
@@ -45,8 +45,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["helpers_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/helpers.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/helpers.go
index 392dd4ea2c55..3563fb7fd9e2 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/helpers.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/helpers.go
@@ -21,7 +21,7 @@ package kubeletconfig
 // passing the configuration to the application. This method must be kept up to date as new fields are added.
 func KubeletConfigurationPathRefs(kc *KubeletConfiguration) []*string {
 	paths := []*string{}
-	paths = append(paths, &kc.PodManifestPath)
+	paths = append(paths, &kc.StaticPodPath)
 	paths = append(paths, &kc.Authentication.X509.ClientCAFile)
 	paths = append(paths, &kc.TLSCertFile)
 	paths = append(paths, &kc.TLSPrivateKeyFile)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/register.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/register.go
index 57d16d447684..fd5d5de5f739 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/register.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/register.go
@@ -27,7 +27,7 @@ var (
 )
 
 // GroupName is the group name use in this package
-const GroupName = "kubeletconfig"
+const GroupName = "kubelet.config.k8s.io"
 
 // SchemeGroupVersion is group version used to register these objects
 var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/scheme/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/scheme/BUILD
index 9bc425ac6b07..246d476bce64 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/scheme/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/scheme/BUILD
@@ -7,7 +7,7 @@ go_library(
     visibility = ["//visibility:public"],
     deps = [
         "//pkg/kubelet/apis/kubeletconfig:go_default_library",
-        "//pkg/kubelet/apis/kubeletconfig/v1alpha1:go_default_library",
+        "//pkg/kubelet/apis/kubeletconfig/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library",
     ],
@@ -30,8 +30,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["scheme_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/scheme",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/apis/kubeletconfig/fuzzer:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/testing/roundtrip:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/scheme/scheme.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/scheme/scheme.go
index 76f042818e6d..2afd75312832 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/scheme/scheme.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/scheme/scheme.go
@@ -20,19 +20,19 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/serializer"
 	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
-	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1"
+	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1"
 )
 
 // Utility functions for the Kubelet's kubeletconfig API group
 
-// NewSchemeAndCodecs is a utility funciton that returns a Scheme and CodecFactory
+// NewSchemeAndCodecs is a utility function that returns a Scheme and CodecFactory
 // that understand the types in the kubeletconfig API group.
 func NewSchemeAndCodecs() (*runtime.Scheme, *serializer.CodecFactory, error) {
 	scheme := runtime.NewScheme()
 	if err := kubeletconfig.AddToScheme(scheme); err != nil {
 		return nil, nil, err
 	}
-	if err := v1alpha1.AddToScheme(scheme); err != nil {
+	if err := v1beta1.AddToScheme(scheme); err != nil {
 		return nil, nil, err
 	}
 	codecs := serializer.NewCodecFactory(scheme)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/types.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/types.go
index 3b7f42509a59..b593c2c25d82 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/types.go
@@ -40,19 +40,13 @@ const (
 
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 
-// A configuration field should go in KubeletFlags instead of KubeletConfiguration if
-// its value cannot be safely shared between nodes at the same time (e.g. a hostname)
-// In general, please try to avoid adding flags or configuration fields,
-// we already have a confusingly large amount of them.
+// KubeletConfiguration contains the configuration for the Kubelet
 type KubeletConfiguration struct {
 	metav1.TypeMeta
 
-	// Only used for dynamic configuration.
-	// The length of the trial period for this configuration. This configuration will become the last-known-good after this duration.
-	ConfigTrialDuration *metav1.Duration
-	// podManifestPath is the path to the directory containing pod manifests to
-	// run, or the path to a single manifest file
-	PodManifestPath string
+	// staticPodPath is the path to the directory containing local (static) pods to
+	// run, or the path to a single static pod file.
+	StaticPodPath string
 	// syncFrequency is the max period between synchronizing running
 	// containers and config
 	SyncFrequency metav1.Duration
@@ -61,13 +55,10 @@ type KubeletConfiguration struct {
 	FileCheckFrequency metav1.Duration
 	// httpCheckFrequency is the duration between checking http for new data
 	HTTPCheckFrequency metav1.Duration
-	// manifestURL is the URL for accessing the container manifest
-	ManifestURL string
-	// manifestURLHeader is the HTTP header to use when accessing the manifest
-	// URL, with the key separated from the value with a ':', as in 'key:value'
-	ManifestURLHeader map[string][]string
-	// enableServer enables the Kubelet's server
-	EnableServer bool
+	// staticPodURL is the URL for accessing static pods to run
+	StaticPodURL string
+	// staticPodURLHeader is a map of slices with HTTP headers to use when accessing the podURL
+	StaticPodURLHeader map[string][]string
 	// address is the IP address for the Kubelet to serve on (set to 0.0.0.0
 	// for all interfaces)
 	Address string
@@ -80,53 +71,42 @@ type KubeletConfiguration struct {
 	// if any, concatenated after server cert). If tlsCertFile and
 	// tlsPrivateKeyFile are not provided, a self-signed certificate
 	// and key are generated for the public address and saved to the directory
-	// passed to certDir.
+	// passed to the Kubelet's --cert-dir flag.
 	TLSCertFile string
-	// tlsPrivateKeyFile is the ile containing x509 private key matching
-	// tlsCertFile.
+	// tlsPrivateKeyFile is the file containing x509 private key matching tlsCertFile
 	TLSPrivateKeyFile string
+	// TLSCipherSuites is the list of allowed cipher suites for the server.
+	// Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants).
+	TLSCipherSuites []string
+	// TLSMinVersion is the minimum TLS version supported.
+	// Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants).
+	TLSMinVersion string
 	// authentication specifies how requests to the Kubelet's server are authenticated
 	Authentication KubeletAuthentication
 	// authorization specifies how requests to the Kubelet's server are authorized
 	Authorization KubeletAuthorization
-	// allowPrivileged enables containers to request privileged mode.
-	// Defaults to false.
-	AllowPrivileged bool
-	// hostNetworkSources is a comma-separated list of sources from which the
-	// Kubelet allows pods to use of host network. Defaults to "*". Valid
-	// options are "file", "http", "api", and "*" (all sources).
-	HostNetworkSources []string
-	// hostPIDSources is a comma-separated list of sources from which the
-	// Kubelet allows pods to use the host pid namespace. Defaults to "*".
-	HostPIDSources []string
-	// hostIPCSources is a comma-separated list of sources from which the
-	// Kubelet allows pods to use the host ipc namespace. Defaults to "*".
-	HostIPCSources []string
-	// registryPullQPS is the limit of registry pulls per second. If 0,
-	// unlimited. Set to 0 for no limit. Defaults to 5.0.
+	// registryPullQPS is the limit of registry pulls per second.
+	// Set to 0 for no limit.
 	RegistryPullQPS int32
-	// registryBurst is the maximum size of a bursty pulls, temporarily allows
-	// pulls to burst to this number, while still not exceeding registryQps.
-	// Only used if registryQPS > 0.
+	// registryBurst is the maximum size of bursty pulls, temporarily allows
+	// pulls to burst to this number, while still not exceeding registryPullQPS.
+	// Only used if registryPullQPS > 0.
 	RegistryBurst int32
 	// eventRecordQPS is the maximum event creations per second. If 0, there
 	// is no limit enforced.
 	EventRecordQPS int32
-	// eventBurst is the maximum size of a bursty event records, temporarily
-	// allows event records to burst to this number, while still not exceeding
-	// event-qps. Only used if eventQps > 0
+	// eventBurst is the maximum size of a burst of event creations, temporarily
+	// allows event creations to burst to this number, while still not exceeding
+	// eventRecordQPS. Only used if eventRecordQPS > 0.
 	EventBurst int32
 	// enableDebuggingHandlers enables server endpoints for log collection
 	// and local running of containers and commands
 	EnableDebuggingHandlers bool
 	// enableContentionProfiling enables lock contention profiling, if enableDebuggingHandlers is true.
 	EnableContentionProfiling bool
-	// cAdvisorPort is the port of the localhost cAdvisor endpoint (set to 0 to disable)
-	CAdvisorPort int32
 	// healthzPort is the port of the localhost healthz endpoint (set to 0 to disable)
 	HealthzPort int32
-	// healthzBindAddress is the IP address for the healthz server to serve
-	// on.
+	// healthzBindAddress is the IP address for the healthz server to serve on
 	HealthzBindAddress string
 	// oomScoreAdj is The oom-score-adj value for kubelet process. Values
 	// must be within the range [-1000, 1000].
@@ -135,9 +115,9 @@ type KubeletConfiguration struct {
 	// configure all containers to search this domain in addition to the
 	// host's search domains.
 	ClusterDomain string
-	// clusterDNS is a list of IP address for a cluster DNS server.  If set,
+	// clusterDNS is a list of IP addresses for a cluster DNS server. If set,
 	// kubelet will configure all containers to use this for DNS resolution
-	// instead of the host's DNS servers
+	// instead of the host's DNS servers.
 	ClusterDNS []string
 	// streamingConnectionIdleTimeout is the maximum time a streaming connection
 	// can be idle before the connection is automatically closed.
@@ -150,60 +130,60 @@ type KubeletConfiguration struct {
 	// garbage collected.
 	ImageMinimumGCAge metav1.Duration
 	// imageGCHighThresholdPercent is the percent of disk usage after which
-	// image garbage collection is always run.
+	// image garbage collection is always run. The percent is calculated as
+	// this field value out of 100.
 	ImageGCHighThresholdPercent int32
 	// imageGCLowThresholdPercent is the percent of disk usage before which
 	// image garbage collection is never run. Lowest disk usage to garbage
-	// collect to.
+	// collect to. The percent is calculated as this field value out of 100.
 	ImageGCLowThresholdPercent int32
 	// How frequently to calculate and cache volume disk usage for all pods
 	VolumeStatsAggPeriod metav1.Duration
-	// KubeletCgroups is the absolute name of cgroups to isolate the kubelet in.
-	// +optional
+	// KubeletCgroups is the absolute name of cgroups to isolate the kubelet in
 	KubeletCgroups string
-	// Enable QoS based Cgroup hierarchy: top level cgroups for QoS Classes
-	// And all Burstable and BestEffort pods are brought up under their
-	// specific top level QoS cgroup.
-	// +optional
-	CgroupsPerQOS bool
-	// driver that the kubelet uses to manipulate cgroups on the host (cgroupfs or systemd)
-	// +optional
-	CgroupDriver string
 	// SystemCgroups is absolute name of cgroups in which to place
 	// all non-kernel processes that are not already in a container. Empty
 	// for no container. Rolling back the flag requires a reboot.
-	// +optional
 	SystemCgroups string
 	// CgroupRoot is the root cgroup to use for pods.
 	// If CgroupsPerQOS is enabled, this is the root of the QoS cgroup hierarchy.
-	// +optional
 	CgroupRoot string
+	// Enable QoS based Cgroup hierarchy: top level cgroups for QoS Classes
+	// And all Burstable and BestEffort pods are brought up under their
+	// specific top level QoS cgroup.
+	CgroupsPerQOS bool
+	// driver that the kubelet uses to manipulate cgroups on the host (cgroupfs or systemd)
+	CgroupDriver string
 	// CPUManagerPolicy is the name of the policy to use.
+	// Requires the CPUManager feature gate to be enabled.
 	CPUManagerPolicy string
 	// CPU Manager reconciliation period.
+	// Requires the CPUManager feature gate to be enabled.
 	CPUManagerReconcilePeriod metav1.Duration
 	// runtimeRequestTimeout is the timeout for all runtime requests except long running
 	// requests - pull, logs, exec and attach.
-	// +optional
 	RuntimeRequestTimeout metav1.Duration
-	// How should the kubelet configure the container bridge for hairpin packets.
+	// hairpinMode specifies how the Kubelet should configure the container
+	// bridge for hairpin packets.
 	// Setting this flag allows endpoints in a Service to loadbalance back to
 	// themselves if they should try to access their own Service. Values:
 	//   "promiscuous-bridge": make the container bridge promiscuous.
 	//   "hairpin-veth":       set the hairpin flag on container veth interfaces.
 	//   "none":               do nothing.
-	// Generally, one must set --hairpin-mode=veth-flag to achieve hairpin NAT,
-	// because promiscous-bridge assumes the existence of a container bridge named cbr0.
+	// Generally, one must set --hairpin-mode=hairpin-veth to achieve hairpin NAT,
+	// because promiscuous-bridge assumes the existence of a container bridge named cbr0.
 	HairpinMode string
 	// maxPods is the number of pods that can run on this Kubelet.
 	MaxPods int32
 	// The CIDR to use for pod IP addresses, only used in standalone mode.
 	// In cluster mode, this is obtained from the master.
 	PodCIDR string
+	// PodPidsLimit is the maximum number of pids in any pod.
+	PodPidsLimit int64
 	// ResolverConfig is the resolver configuration file used as the basis
 	// for the container DNS resolution configuration.
 	ResolverConfig string
-	// cpuCFSQuota is Enable CPU CFS quota enforcement for containers that
+	// cpuCFSQuota enables CPU CFS quota enforcement for containers that
 	// specify CPU limits
 	CPUCFSQuota bool
 	// maxOpenFiles is Number of files that can be opened by Kubelet process.
@@ -215,66 +195,66 @@ type KubeletConfiguration struct {
 	// kubeAPIBurst is the burst to allow while talking with kubernetes
 	// apiserver
 	KubeAPIBurst int32
-	// serializeImagePulls when enabled, tells the Kubelet to pull images one
-	// at a time. We recommend *not* changing the default value on nodes that
-	// run docker daemon with version  < 1.9 or an Aufs storage backend.
-	// Issue #10959 has more details.
+	// serializeImagePulls when enabled, tells the Kubelet to pull images one at a time.
 	SerializeImagePulls bool
 	// Map of signal names to quantities that defines hard eviction thresholds. For example: {"memory.available": "300Mi"}.
-	// +optional
 	EvictionHard map[string]string
 	// Map of signal names to quantities that defines soft eviction thresholds.  For example: {"memory.available": "300Mi"}.
-	// +optional
 	EvictionSoft map[string]string
 	// Map of signal names to quantities that defines grace periods for each soft eviction signal. For example: {"memory.available": "30s"}.
-	// +optional
 	EvictionSoftGracePeriod map[string]string
 	// Duration for which the kubelet has to wait before transitioning out of an eviction pressure condition.
-	// +optional
 	EvictionPressureTransitionPeriod metav1.Duration
 	// Maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met.
-	// +optional
 	EvictionMaxPodGracePeriod int32
 	// Map of signal names to quantities that defines minimum reclaims, which describe the minimum
 	// amount of a given resource the kubelet will reclaim when performing a pod eviction while
 	// that resource is under pressure. For example: {"imagefs.available": "2Gi"}
-	// +optional
 	EvictionMinimumReclaim map[string]string
-	// Maximum number of pods per core. Cannot exceed MaxPods
+	// podsPerCore is the maximum number of pods per core. Cannot exceed MaxPods.
+	// If 0, this field is ignored.
 	PodsPerCore int32
 	// enableControllerAttachDetach enables the Attach/Detach controller to
 	// manage attachment/detachment of volumes scheduled to this node, and
 	// disables kubelet from executing any attach/detach operations
 	EnableControllerAttachDetach bool
-	// Default behaviour for kernel tuning
+	// protectKernelDefaults, if true, causes the Kubelet to error if kernel
+	// flags are not as it expects. Otherwise the Kubelet will attempt to modify
+	// kernel flags to match its expectation.
 	ProtectKernelDefaults bool
 	// If true, Kubelet ensures a set of iptables rules are present on host.
 	// These rules will serve as utility for various components, e.g. kube-proxy.
 	// The rules will be created based on IPTablesMasqueradeBit and IPTablesDropBit.
 	MakeIPTablesUtilChains bool
-	// iptablesMasqueradeBit is the bit of the iptables fwmark space to use for SNAT
-	// Values must be within the range [0, 31].
-	// Warning: Please match the value of corresponding parameter in kube-proxy
+	// iptablesMasqueradeBit is the bit of the iptables fwmark space to mark for SNAT
+	// Values must be within the range [0, 31]. Must be different from other mark bits.
+	// Warning: Please match the value of the corresponding parameter in kube-proxy.
 	// TODO: clean up IPTablesMasqueradeBit in kube-proxy
 	IPTablesMasqueradeBit int32
-	// iptablesDropBit is the bit of the iptables fwmark space to use for dropping packets. Kubelet will ensure iptables mark and drop rules.
-	// Values must be within the range [0, 31]. Must be different from IPTablesMasqueradeBit
+	// iptablesDropBit is the bit of the iptables fwmark space to mark for dropping packets.
+	// Values must be within the range [0, 31]. Must be different from other mark bits.
 	IPTablesDropBit int32
-	// featureGates is a map of feature names to bools that enable or disable alpha/experimental features.
+	// featureGates is a map of feature names to bools that enable or disable alpha/experimental
+	// features. This field modifies piecemeal the built-in default values from
+	// "k8s.io/kubernetes/pkg/features/kube_features.go".
 	FeatureGates map[string]bool
 	// Tells the Kubelet to fail to start if swap is enabled on the node.
 	FailSwapOn bool
+	// A quantity defines the maximum size of the container log file before it is rotated. For example: "5Mi" or "256Ki".
+	ContainerLogMaxSize string
+	// Maximum number of container log files that can be present for a container.
+	ContainerLogMaxFiles int32
 
 	/* following flags are meant for Node Allocatable */
 
 	// A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs
 	// that describe resources reserved for non-kubernetes components.
-	// Currently only cpu and memory are supported. [default=none]
+	// Currently only cpu and memory are supported.
 	// See http://kubernetes.io/docs/user-guide/compute-resources for more detail.
 	SystemReserved map[string]string
 	// A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs
 	// that describe resources reserved for kubernetes system components.
-	// Currently cpu, memory and local ephemeral storage for root file system are supported. [default=none]
+	// Currently cpu, memory and local ephemeral storage for root file system are supported.
 	// See http://kubernetes.io/docs/user-guide/compute-resources for more detail.
 	KubeReserved map[string]string
 	// This flag helps kubelet identify absolute name of top level cgroup used to enforce `SystemReserved` compute resource reservation for OS system daemons.
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/zz_generated.conversion.go
deleted file mode 100644
index fd5d707b072f..000000000000
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/zz_generated.conversion.go
+++ /dev/null
@@ -1,458 +0,0 @@
-// +build !ignore_autogenerated
-
-/*
-Copyright 2018 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-// This file was autogenerated by conversion-gen. Do not edit it manually!
-
-package v1alpha1
-
-import (
-	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	conversion "k8s.io/apimachinery/pkg/conversion"
-	runtime "k8s.io/apimachinery/pkg/runtime"
-	kubeletconfig "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
-	unsafe "unsafe"
-)
-
-func init() {
-	localSchemeBuilder.Register(RegisterConversions)
-}
-
-// RegisterConversions adds conversion functions to the given scheme.
-// Public to allow building arbitrary schemes.
-func RegisterConversions(scheme *runtime.Scheme) error {
-	return scheme.AddGeneratedConversionFuncs(
-		Convert_v1alpha1_KubeletAnonymousAuthentication_To_kubeletconfig_KubeletAnonymousAuthentication,
-		Convert_kubeletconfig_KubeletAnonymousAuthentication_To_v1alpha1_KubeletAnonymousAuthentication,
-		Convert_v1alpha1_KubeletAuthentication_To_kubeletconfig_KubeletAuthentication,
-		Convert_kubeletconfig_KubeletAuthentication_To_v1alpha1_KubeletAuthentication,
-		Convert_v1alpha1_KubeletAuthorization_To_kubeletconfig_KubeletAuthorization,
-		Convert_kubeletconfig_KubeletAuthorization_To_v1alpha1_KubeletAuthorization,
-		Convert_v1alpha1_KubeletConfiguration_To_kubeletconfig_KubeletConfiguration,
-		Convert_kubeletconfig_KubeletConfiguration_To_v1alpha1_KubeletConfiguration,
-		Convert_v1alpha1_KubeletWebhookAuthentication_To_kubeletconfig_KubeletWebhookAuthentication,
-		Convert_kubeletconfig_KubeletWebhookAuthentication_To_v1alpha1_KubeletWebhookAuthentication,
-		Convert_v1alpha1_KubeletWebhookAuthorization_To_kubeletconfig_KubeletWebhookAuthorization,
-		Convert_kubeletconfig_KubeletWebhookAuthorization_To_v1alpha1_KubeletWebhookAuthorization,
-		Convert_v1alpha1_KubeletX509Authentication_To_kubeletconfig_KubeletX509Authentication,
-		Convert_kubeletconfig_KubeletX509Authentication_To_v1alpha1_KubeletX509Authentication,
-	)
-}
-
-func autoConvert_v1alpha1_KubeletAnonymousAuthentication_To_kubeletconfig_KubeletAnonymousAuthentication(in *KubeletAnonymousAuthentication, out *kubeletconfig.KubeletAnonymousAuthentication, s conversion.Scope) error {
-	if err := v1.Convert_Pointer_bool_To_bool(&in.Enabled, &out.Enabled, s); err != nil {
-		return err
-	}
-	return nil
-}
-
-// Convert_v1alpha1_KubeletAnonymousAuthentication_To_kubeletconfig_KubeletAnonymousAuthentication is an autogenerated conversion function.
-func Convert_v1alpha1_KubeletAnonymousAuthentication_To_kubeletconfig_KubeletAnonymousAuthentication(in *KubeletAnonymousAuthentication, out *kubeletconfig.KubeletAnonymousAuthentication, s conversion.Scope) error {
-	return autoConvert_v1alpha1_KubeletAnonymousAuthentication_To_kubeletconfig_KubeletAnonymousAuthentication(in, out, s)
-}
-
-func autoConvert_kubeletconfig_KubeletAnonymousAuthentication_To_v1alpha1_KubeletAnonymousAuthentication(in *kubeletconfig.KubeletAnonymousAuthentication, out *KubeletAnonymousAuthentication, s conversion.Scope) error {
-	if err := v1.Convert_bool_To_Pointer_bool(&in.Enabled, &out.Enabled, s); err != nil {
-		return err
-	}
-	return nil
-}
-
-// Convert_kubeletconfig_KubeletAnonymousAuthentication_To_v1alpha1_KubeletAnonymousAuthentication is an autogenerated conversion function.
-func Convert_kubeletconfig_KubeletAnonymousAuthentication_To_v1alpha1_KubeletAnonymousAuthentication(in *kubeletconfig.KubeletAnonymousAuthentication, out *KubeletAnonymousAuthentication, s conversion.Scope) error {
-	return autoConvert_kubeletconfig_KubeletAnonymousAuthentication_To_v1alpha1_KubeletAnonymousAuthentication(in, out, s)
-}
-
-func autoConvert_v1alpha1_KubeletAuthentication_To_kubeletconfig_KubeletAuthentication(in *KubeletAuthentication, out *kubeletconfig.KubeletAuthentication, s conversion.Scope) error {
-	if err := Convert_v1alpha1_KubeletX509Authentication_To_kubeletconfig_KubeletX509Authentication(&in.X509, &out.X509, s); err != nil {
-		return err
-	}
-	if err := Convert_v1alpha1_KubeletWebhookAuthentication_To_kubeletconfig_KubeletWebhookAuthentication(&in.Webhook, &out.Webhook, s); err != nil {
-		return err
-	}
-	if err := Convert_v1alpha1_KubeletAnonymousAuthentication_To_kubeletconfig_KubeletAnonymousAuthentication(&in.Anonymous, &out.Anonymous, s); err != nil {
-		return err
-	}
-	return nil
-}
-
-// Convert_v1alpha1_KubeletAuthentication_To_kubeletconfig_KubeletAuthentication is an autogenerated conversion function.
-func Convert_v1alpha1_KubeletAuthentication_To_kubeletconfig_KubeletAuthentication(in *KubeletAuthentication, out *kubeletconfig.KubeletAuthentication, s conversion.Scope) error {
-	return autoConvert_v1alpha1_KubeletAuthentication_To_kubeletconfig_KubeletAuthentication(in, out, s)
-}
-
-func autoConvert_kubeletconfig_KubeletAuthentication_To_v1alpha1_KubeletAuthentication(in *kubeletconfig.KubeletAuthentication, out *KubeletAuthentication, s conversion.Scope) error {
-	if err := Convert_kubeletconfig_KubeletX509Authentication_To_v1alpha1_KubeletX509Authentication(&in.X509, &out.X509, s); err != nil {
-		return err
-	}
-	if err := Convert_kubeletconfig_KubeletWebhookAuthentication_To_v1alpha1_KubeletWebhookAuthentication(&in.Webhook, &out.Webhook, s); err != nil {
-		return err
-	}
-	if err := Convert_kubeletconfig_KubeletAnonymousAuthentication_To_v1alpha1_KubeletAnonymousAuthentication(&in.Anonymous, &out.Anonymous, s); err != nil {
-		return err
-	}
-	return nil
-}
-
-// Convert_kubeletconfig_KubeletAuthentication_To_v1alpha1_KubeletAuthentication is an autogenerated conversion function.
-func Convert_kubeletconfig_KubeletAuthentication_To_v1alpha1_KubeletAuthentication(in *kubeletconfig.KubeletAuthentication, out *KubeletAuthentication, s conversion.Scope) error {
-	return autoConvert_kubeletconfig_KubeletAuthentication_To_v1alpha1_KubeletAuthentication(in, out, s)
-}
-
-func autoConvert_v1alpha1_KubeletAuthorization_To_kubeletconfig_KubeletAuthorization(in *KubeletAuthorization, out *kubeletconfig.KubeletAuthorization, s conversion.Scope) error {
-	out.Mode = kubeletconfig.KubeletAuthorizationMode(in.Mode)
-	if err := Convert_v1alpha1_KubeletWebhookAuthorization_To_kubeletconfig_KubeletWebhookAuthorization(&in.Webhook, &out.Webhook, s); err != nil {
-		return err
-	}
-	return nil
-}
-
-// Convert_v1alpha1_KubeletAuthorization_To_kubeletconfig_KubeletAuthorization is an autogenerated conversion function.
-func Convert_v1alpha1_KubeletAuthorization_To_kubeletconfig_KubeletAuthorization(in *KubeletAuthorization, out *kubeletconfig.KubeletAuthorization, s conversion.Scope) error {
-	return autoConvert_v1alpha1_KubeletAuthorization_To_kubeletconfig_KubeletAuthorization(in, out, s)
-}
-
-func autoConvert_kubeletconfig_KubeletAuthorization_To_v1alpha1_KubeletAuthorization(in *kubeletconfig.KubeletAuthorization, out *KubeletAuthorization, s conversion.Scope) error {
-	out.Mode = KubeletAuthorizationMode(in.Mode)
-	if err := Convert_kubeletconfig_KubeletWebhookAuthorization_To_v1alpha1_KubeletWebhookAuthorization(&in.Webhook, &out.Webhook, s); err != nil {
-		return err
-	}
-	return nil
-}
-
-// Convert_kubeletconfig_KubeletAuthorization_To_v1alpha1_KubeletAuthorization is an autogenerated conversion function.
-func Convert_kubeletconfig_KubeletAuthorization_To_v1alpha1_KubeletAuthorization(in *kubeletconfig.KubeletAuthorization, out *KubeletAuthorization, s conversion.Scope) error {
-	return autoConvert_kubeletconfig_KubeletAuthorization_To_v1alpha1_KubeletAuthorization(in, out, s)
-}
-
-func autoConvert_v1alpha1_KubeletConfiguration_To_kubeletconfig_KubeletConfiguration(in *KubeletConfiguration, out *kubeletconfig.KubeletConfiguration, s conversion.Scope) error {
-	out.ConfigTrialDuration = (*v1.Duration)(unsafe.Pointer(in.ConfigTrialDuration))
-	out.PodManifestPath = in.PodManifestPath
-	out.SyncFrequency = in.SyncFrequency
-	out.FileCheckFrequency = in.FileCheckFrequency
-	out.HTTPCheckFrequency = in.HTTPCheckFrequency
-	out.ManifestURL = in.ManifestURL
-	out.ManifestURLHeader = *(*map[string][]string)(unsafe.Pointer(&in.ManifestURLHeader))
-	if err := v1.Convert_Pointer_bool_To_bool(&in.EnableServer, &out.EnableServer, s); err != nil {
-		return err
-	}
-	out.Address = in.Address
-	out.Port = in.Port
-	if err := v1.Convert_Pointer_int32_To_int32(&in.ReadOnlyPort, &out.ReadOnlyPort, s); err != nil {
-		return err
-	}
-	out.TLSCertFile = in.TLSCertFile
-	out.TLSPrivateKeyFile = in.TLSPrivateKeyFile
-	if err := Convert_v1alpha1_KubeletAuthentication_To_kubeletconfig_KubeletAuthentication(&in.Authentication, &out.Authentication, s); err != nil {
-		return err
-	}
-	if err := Convert_v1alpha1_KubeletAuthorization_To_kubeletconfig_KubeletAuthorization(&in.Authorization, &out.Authorization, s); err != nil {
-		return err
-	}
-	if err := v1.Convert_Pointer_bool_To_bool(&in.AllowPrivileged, &out.AllowPrivileged, s); err != nil {
-		return err
-	}
-	out.HostNetworkSources = *(*[]string)(unsafe.Pointer(&in.HostNetworkSources))
-	out.HostPIDSources = *(*[]string)(unsafe.Pointer(&in.HostPIDSources))
-	out.HostIPCSources = *(*[]string)(unsafe.Pointer(&in.HostIPCSources))
-	if err := v1.Convert_Pointer_int32_To_int32(&in.RegistryPullQPS, &out.RegistryPullQPS, s); err != nil {
-		return err
-	}
-	out.RegistryBurst = in.RegistryBurst
-	if err := v1.Convert_Pointer_int32_To_int32(&in.EventRecordQPS, &out.EventRecordQPS, s); err != nil {
-		return err
-	}
-	out.EventBurst = in.EventBurst
-	if err := v1.Convert_Pointer_bool_To_bool(&in.EnableDebuggingHandlers, &out.EnableDebuggingHandlers, s); err != nil {
-		return err
-	}
-	out.EnableContentionProfiling = in.EnableContentionProfiling
-	if err := v1.Convert_Pointer_int32_To_int32(&in.CAdvisorPort, &out.CAdvisorPort, s); err != nil {
-		return err
-	}
-	if err := v1.Convert_Pointer_int32_To_int32(&in.HealthzPort, &out.HealthzPort, s); err != nil {
-		return err
-	}
-	out.HealthzBindAddress = in.HealthzBindAddress
-	if err := v1.Convert_Pointer_int32_To_int32(&in.OOMScoreAdj, &out.OOMScoreAdj, s); err != nil {
-		return err
-	}
-	out.ClusterDomain = in.ClusterDomain
-	out.ClusterDNS = *(*[]string)(unsafe.Pointer(&in.ClusterDNS))
-	out.StreamingConnectionIdleTimeout = in.StreamingConnectionIdleTimeout
-	out.NodeStatusUpdateFrequency = in.NodeStatusUpdateFrequency
-	out.ImageMinimumGCAge = in.ImageMinimumGCAge
-	if err := v1.Convert_Pointer_int32_To_int32(&in.ImageGCHighThresholdPercent, &out.ImageGCHighThresholdPercent, s); err != nil {
-		return err
-	}
-	if err := v1.Convert_Pointer_int32_To_int32(&in.ImageGCLowThresholdPercent, &out.ImageGCLowThresholdPercent, s); err != nil {
-		return err
-	}
-	out.VolumeStatsAggPeriod = in.VolumeStatsAggPeriod
-	out.KubeletCgroups = in.KubeletCgroups
-	out.SystemCgroups = in.SystemCgroups
-	out.CgroupRoot = in.CgroupRoot
-	if err := v1.Convert_Pointer_bool_To_bool(&in.CgroupsPerQOS, &out.CgroupsPerQOS, s); err != nil {
-		return err
-	}
-	out.CgroupDriver = in.CgroupDriver
-	out.CPUManagerPolicy = in.CPUManagerPolicy
-	out.CPUManagerReconcilePeriod = in.CPUManagerReconcilePeriod
-	out.RuntimeRequestTimeout = in.RuntimeRequestTimeout
-	out.HairpinMode = in.HairpinMode
-	out.MaxPods = in.MaxPods
-	out.PodCIDR = in.PodCIDR
-	out.ResolverConfig = in.ResolverConfig
-	if err := v1.Convert_Pointer_bool_To_bool(&in.CPUCFSQuota, &out.CPUCFSQuota, s); err != nil {
-		return err
-	}
-	out.MaxOpenFiles = in.MaxOpenFiles
-	out.ContentType = in.ContentType
-	if err := v1.Convert_Pointer_int32_To_int32(&in.KubeAPIQPS, &out.KubeAPIQPS, s); err != nil {
-		return err
-	}
-	out.KubeAPIBurst = in.KubeAPIBurst
-	if err := v1.Convert_Pointer_bool_To_bool(&in.SerializeImagePulls, &out.SerializeImagePulls, s); err != nil {
-		return err
-	}
-	out.EvictionHard = *(*map[string]string)(unsafe.Pointer(&in.EvictionHard))
-	out.EvictionSoft = *(*map[string]string)(unsafe.Pointer(&in.EvictionSoft))
-	out.EvictionSoftGracePeriod = *(*map[string]string)(unsafe.Pointer(&in.EvictionSoftGracePeriod))
-	out.EvictionPressureTransitionPeriod = in.EvictionPressureTransitionPeriod
-	out.EvictionMaxPodGracePeriod = in.EvictionMaxPodGracePeriod
-	out.EvictionMinimumReclaim = *(*map[string]string)(unsafe.Pointer(&in.EvictionMinimumReclaim))
-	out.PodsPerCore = in.PodsPerCore
-	if err := v1.Convert_Pointer_bool_To_bool(&in.EnableControllerAttachDetach, &out.EnableControllerAttachDetach, s); err != nil {
-		return err
-	}
-	out.ProtectKernelDefaults = in.ProtectKernelDefaults
-	if err := v1.Convert_Pointer_bool_To_bool(&in.MakeIPTablesUtilChains, &out.MakeIPTablesUtilChains, s); err != nil {
-		return err
-	}
-	if err := v1.Convert_Pointer_int32_To_int32(&in.IPTablesMasqueradeBit, &out.IPTablesMasqueradeBit, s); err != nil {
-		return err
-	}
-	if err := v1.Convert_Pointer_int32_To_int32(&in.IPTablesDropBit, &out.IPTablesDropBit, s); err != nil {
-		return err
-	}
-	out.FeatureGates = *(*map[string]bool)(unsafe.Pointer(&in.FeatureGates))
-	out.FailSwapOn = in.FailSwapOn
-	out.SystemReserved = *(*map[string]string)(unsafe.Pointer(&in.SystemReserved))
-	out.KubeReserved = *(*map[string]string)(unsafe.Pointer(&in.KubeReserved))
-	out.SystemReservedCgroup = in.SystemReservedCgroup
-	out.KubeReservedCgroup = in.KubeReservedCgroup
-	out.EnforceNodeAllocatable = *(*[]string)(unsafe.Pointer(&in.EnforceNodeAllocatable))
-	return nil
-}
-
-// Convert_v1alpha1_KubeletConfiguration_To_kubeletconfig_KubeletConfiguration is an autogenerated conversion function.
-func Convert_v1alpha1_KubeletConfiguration_To_kubeletconfig_KubeletConfiguration(in *KubeletConfiguration, out *kubeletconfig.KubeletConfiguration, s conversion.Scope) error {
-	return autoConvert_v1alpha1_KubeletConfiguration_To_kubeletconfig_KubeletConfiguration(in, out, s)
-}
-
-func autoConvert_kubeletconfig_KubeletConfiguration_To_v1alpha1_KubeletConfiguration(in *kubeletconfig.KubeletConfiguration, out *KubeletConfiguration, s conversion.Scope) error {
-	out.ConfigTrialDuration = (*v1.Duration)(unsafe.Pointer(in.ConfigTrialDuration))
-	out.PodManifestPath = in.PodManifestPath
-	out.SyncFrequency = in.SyncFrequency
-	out.FileCheckFrequency = in.FileCheckFrequency
-	out.HTTPCheckFrequency = in.HTTPCheckFrequency
-	out.ManifestURL = in.ManifestURL
-	out.ManifestURLHeader = *(*map[string][]string)(unsafe.Pointer(&in.ManifestURLHeader))
-	if err := v1.Convert_bool_To_Pointer_bool(&in.EnableServer, &out.EnableServer, s); err != nil {
-		return err
-	}
-	out.Address = in.Address
-	out.Port = in.Port
-	if err := v1.Convert_int32_To_Pointer_int32(&in.ReadOnlyPort, &out.ReadOnlyPort, s); err != nil {
-		return err
-	}
-	out.TLSCertFile = in.TLSCertFile
-	out.TLSPrivateKeyFile = in.TLSPrivateKeyFile
-	if err := Convert_kubeletconfig_KubeletAuthentication_To_v1alpha1_KubeletAuthentication(&in.Authentication, &out.Authentication, s); err != nil {
-		return err
-	}
-	if err := Convert_kubeletconfig_KubeletAuthorization_To_v1alpha1_KubeletAuthorization(&in.Authorization, &out.Authorization, s); err != nil {
-		return err
-	}
-	if err := v1.Convert_bool_To_Pointer_bool(&in.AllowPrivileged, &out.AllowPrivileged, s); err != nil {
-		return err
-	}
-	out.HostNetworkSources = *(*[]string)(unsafe.Pointer(&in.HostNetworkSources))
-	out.HostPIDSources = *(*[]string)(unsafe.Pointer(&in.HostPIDSources))
-	out.HostIPCSources = *(*[]string)(unsafe.Pointer(&in.HostIPCSources))
-	if err := v1.Convert_int32_To_Pointer_int32(&in.RegistryPullQPS, &out.RegistryPullQPS, s); err != nil {
-		return err
-	}
-	out.RegistryBurst = in.RegistryBurst
-	if err := v1.Convert_int32_To_Pointer_int32(&in.EventRecordQPS, &out.EventRecordQPS, s); err != nil {
-		return err
-	}
-	out.EventBurst = in.EventBurst
-	if err := v1.Convert_bool_To_Pointer_bool(&in.EnableDebuggingHandlers, &out.EnableDebuggingHandlers, s); err != nil {
-		return err
-	}
-	out.EnableContentionProfiling = in.EnableContentionProfiling
-	if err := v1.Convert_int32_To_Pointer_int32(&in.CAdvisorPort, &out.CAdvisorPort, s); err != nil {
-		return err
-	}
-	if err := v1.Convert_int32_To_Pointer_int32(&in.HealthzPort, &out.HealthzPort, s); err != nil {
-		return err
-	}
-	out.HealthzBindAddress = in.HealthzBindAddress
-	if err := v1.Convert_int32_To_Pointer_int32(&in.OOMScoreAdj, &out.OOMScoreAdj, s); err != nil {
-		return err
-	}
-	out.ClusterDomain = in.ClusterDomain
-	out.ClusterDNS = *(*[]string)(unsafe.Pointer(&in.ClusterDNS))
-	out.StreamingConnectionIdleTimeout = in.StreamingConnectionIdleTimeout
-	out.NodeStatusUpdateFrequency = in.NodeStatusUpdateFrequency
-	out.ImageMinimumGCAge = in.ImageMinimumGCAge
-	if err := v1.Convert_int32_To_Pointer_int32(&in.ImageGCHighThresholdPercent, &out.ImageGCHighThresholdPercent, s); err != nil {
-		return err
-	}
-	if err := v1.Convert_int32_To_Pointer_int32(&in.ImageGCLowThresholdPercent, &out.ImageGCLowThresholdPercent, s); err != nil {
-		return err
-	}
-	out.VolumeStatsAggPeriod = in.VolumeStatsAggPeriod
-	out.KubeletCgroups = in.KubeletCgroups
-	if err := v1.Convert_bool_To_Pointer_bool(&in.CgroupsPerQOS, &out.CgroupsPerQOS, s); err != nil {
-		return err
-	}
-	out.CgroupDriver = in.CgroupDriver
-	out.SystemCgroups = in.SystemCgroups
-	out.CgroupRoot = in.CgroupRoot
-	out.CPUManagerPolicy = in.CPUManagerPolicy
-	out.CPUManagerReconcilePeriod = in.CPUManagerReconcilePeriod
-	out.RuntimeRequestTimeout = in.RuntimeRequestTimeout
-	out.HairpinMode = in.HairpinMode
-	out.MaxPods = in.MaxPods
-	out.PodCIDR = in.PodCIDR
-	out.ResolverConfig = in.ResolverConfig
-	if err := v1.Convert_bool_To_Pointer_bool(&in.CPUCFSQuota, &out.CPUCFSQuota, s); err != nil {
-		return err
-	}
-	out.MaxOpenFiles = in.MaxOpenFiles
-	out.ContentType = in.ContentType
-	if err := v1.Convert_int32_To_Pointer_int32(&in.KubeAPIQPS, &out.KubeAPIQPS, s); err != nil {
-		return err
-	}
-	out.KubeAPIBurst = in.KubeAPIBurst
-	if err := v1.Convert_bool_To_Pointer_bool(&in.SerializeImagePulls, &out.SerializeImagePulls, s); err != nil {
-		return err
-	}
-	out.EvictionHard = *(*map[string]string)(unsafe.Pointer(&in.EvictionHard))
-	out.EvictionSoft = *(*map[string]string)(unsafe.Pointer(&in.EvictionSoft))
-	out.EvictionSoftGracePeriod = *(*map[string]string)(unsafe.Pointer(&in.EvictionSoftGracePeriod))
-	out.EvictionPressureTransitionPeriod = in.EvictionPressureTransitionPeriod
-	out.EvictionMaxPodGracePeriod = in.EvictionMaxPodGracePeriod
-	out.EvictionMinimumReclaim = *(*map[string]string)(unsafe.Pointer(&in.EvictionMinimumReclaim))
-	out.PodsPerCore = in.PodsPerCore
-	if err := v1.Convert_bool_To_Pointer_bool(&in.EnableControllerAttachDetach, &out.EnableControllerAttachDetach, s); err != nil {
-		return err
-	}
-	out.ProtectKernelDefaults = in.ProtectKernelDefaults
-	if err := v1.Convert_bool_To_Pointer_bool(&in.MakeIPTablesUtilChains, &out.MakeIPTablesUtilChains, s); err != nil {
-		return err
-	}
-	if err := v1.Convert_int32_To_Pointer_int32(&in.IPTablesMasqueradeBit, &out.IPTablesMasqueradeBit, s); err != nil {
-		return err
-	}
-	if err := v1.Convert_int32_To_Pointer_int32(&in.IPTablesDropBit, &out.IPTablesDropBit, s); err != nil {
-		return err
-	}
-	out.FeatureGates = *(*map[string]bool)(unsafe.Pointer(&in.FeatureGates))
-	out.FailSwapOn = in.FailSwapOn
-	out.SystemReserved = *(*map[string]string)(unsafe.Pointer(&in.SystemReserved))
-	out.KubeReserved = *(*map[string]string)(unsafe.Pointer(&in.KubeReserved))
-	out.SystemReservedCgroup = in.SystemReservedCgroup
-	out.KubeReservedCgroup = in.KubeReservedCgroup
-	out.EnforceNodeAllocatable = *(*[]string)(unsafe.Pointer(&in.EnforceNodeAllocatable))
-	return nil
-}
-
-// Convert_kubeletconfig_KubeletConfiguration_To_v1alpha1_KubeletConfiguration is an autogenerated conversion function.
-func Convert_kubeletconfig_KubeletConfiguration_To_v1alpha1_KubeletConfiguration(in *kubeletconfig.KubeletConfiguration, out *KubeletConfiguration, s conversion.Scope) error {
-	return autoConvert_kubeletconfig_KubeletConfiguration_To_v1alpha1_KubeletConfiguration(in, out, s)
-}
-
-func autoConvert_v1alpha1_KubeletWebhookAuthentication_To_kubeletconfig_KubeletWebhookAuthentication(in *KubeletWebhookAuthentication, out *kubeletconfig.KubeletWebhookAuthentication, s conversion.Scope) error {
-	if err := v1.Convert_Pointer_bool_To_bool(&in.Enabled, &out.Enabled, s); err != nil {
-		return err
-	}
-	out.CacheTTL = in.CacheTTL
-	return nil
-}
-
-// Convert_v1alpha1_KubeletWebhookAuthentication_To_kubeletconfig_KubeletWebhookAuthentication is an autogenerated conversion function.
-func Convert_v1alpha1_KubeletWebhookAuthentication_To_kubeletconfig_KubeletWebhookAuthentication(in *KubeletWebhookAuthentication, out *kubeletconfig.KubeletWebhookAuthentication, s conversion.Scope) error {
-	return autoConvert_v1alpha1_KubeletWebhookAuthentication_To_kubeletconfig_KubeletWebhookAuthentication(in, out, s)
-}
-
-func autoConvert_kubeletconfig_KubeletWebhookAuthentication_To_v1alpha1_KubeletWebhookAuthentication(in *kubeletconfig.KubeletWebhookAuthentication, out *KubeletWebhookAuthentication, s conversion.Scope) error {
-	if err := v1.Convert_bool_To_Pointer_bool(&in.Enabled, &out.Enabled, s); err != nil {
-		return err
-	}
-	out.CacheTTL = in.CacheTTL
-	return nil
-}
-
-// Convert_kubeletconfig_KubeletWebhookAuthentication_To_v1alpha1_KubeletWebhookAuthentication is an autogenerated conversion function.
-func Convert_kubeletconfig_KubeletWebhookAuthentication_To_v1alpha1_KubeletWebhookAuthentication(in *kubeletconfig.KubeletWebhookAuthentication, out *KubeletWebhookAuthentication, s conversion.Scope) error {
-	return autoConvert_kubeletconfig_KubeletWebhookAuthentication_To_v1alpha1_KubeletWebhookAuthentication(in, out, s)
-}
-
-func autoConvert_v1alpha1_KubeletWebhookAuthorization_To_kubeletconfig_KubeletWebhookAuthorization(in *KubeletWebhookAuthorization, out *kubeletconfig.KubeletWebhookAuthorization, s conversion.Scope) error {
-	out.CacheAuthorizedTTL = in.CacheAuthorizedTTL
-	out.CacheUnauthorizedTTL = in.CacheUnauthorizedTTL
-	return nil
-}
-
-// Convert_v1alpha1_KubeletWebhookAuthorization_To_kubeletconfig_KubeletWebhookAuthorization is an autogenerated conversion function.
-func Convert_v1alpha1_KubeletWebhookAuthorization_To_kubeletconfig_KubeletWebhookAuthorization(in *KubeletWebhookAuthorization, out *kubeletconfig.KubeletWebhookAuthorization, s conversion.Scope) error {
-	return autoConvert_v1alpha1_KubeletWebhookAuthorization_To_kubeletconfig_KubeletWebhookAuthorization(in, out, s)
-}
-
-func autoConvert_kubeletconfig_KubeletWebhookAuthorization_To_v1alpha1_KubeletWebhookAuthorization(in *kubeletconfig.KubeletWebhookAuthorization, out *KubeletWebhookAuthorization, s conversion.Scope) error {
-	out.CacheAuthorizedTTL = in.CacheAuthorizedTTL
-	out.CacheUnauthorizedTTL = in.CacheUnauthorizedTTL
-	return nil
-}
-
-// Convert_kubeletconfig_KubeletWebhookAuthorization_To_v1alpha1_KubeletWebhookAuthorization is an autogenerated conversion function.
-func Convert_kubeletconfig_KubeletWebhookAuthorization_To_v1alpha1_KubeletWebhookAuthorization(in *kubeletconfig.KubeletWebhookAuthorization, out *KubeletWebhookAuthorization, s conversion.Scope) error {
-	return autoConvert_kubeletconfig_KubeletWebhookAuthorization_To_v1alpha1_KubeletWebhookAuthorization(in, out, s)
-}
-
-func autoConvert_v1alpha1_KubeletX509Authentication_To_kubeletconfig_KubeletX509Authentication(in *KubeletX509Authentication, out *kubeletconfig.KubeletX509Authentication, s conversion.Scope) error {
-	out.ClientCAFile = in.ClientCAFile
-	return nil
-}
-
-// Convert_v1alpha1_KubeletX509Authentication_To_kubeletconfig_KubeletX509Authentication is an autogenerated conversion function.
-func Convert_v1alpha1_KubeletX509Authentication_To_kubeletconfig_KubeletX509Authentication(in *KubeletX509Authentication, out *kubeletconfig.KubeletX509Authentication, s conversion.Scope) error {
-	return autoConvert_v1alpha1_KubeletX509Authentication_To_kubeletconfig_KubeletX509Authentication(in, out, s)
-}
-
-func autoConvert_kubeletconfig_KubeletX509Authentication_To_v1alpha1_KubeletX509Authentication(in *kubeletconfig.KubeletX509Authentication, out *KubeletX509Authentication, s conversion.Scope) error {
-	out.ClientCAFile = in.ClientCAFile
-	return nil
-}
-
-// Convert_kubeletconfig_KubeletX509Authentication_To_v1alpha1_KubeletX509Authentication is an autogenerated conversion function.
-func Convert_kubeletconfig_KubeletX509Authentication_To_v1alpha1_KubeletX509Authentication(in *kubeletconfig.KubeletX509Authentication, out *KubeletX509Authentication, s conversion.Scope) error {
-	return autoConvert_kubeletconfig_KubeletX509Authentication_To_v1alpha1_KubeletX509Authentication(in, out, s)
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/BUILD
similarity index 98%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/BUILD
rename to vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/BUILD
index bfab5b2758dc..e54e8b0a34a4 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/BUILD
@@ -16,7 +16,7 @@ go_library(
         "zz_generated.deepcopy.go",
         "zz_generated.defaults.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1",
+    importpath = "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1",
     deps = [
         "//pkg/kubelet/apis/kubeletconfig:go_default_library",
         "//pkg/kubelet/qos:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/defaults.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/defaults.go
similarity index 69%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/defaults.go
rename to vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/defaults.go
index 90ac66813b51..b8d6bb32f738 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/defaults.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package v1alpha1
+package v1beta1
 
 import (
 	"time"
@@ -28,14 +28,6 @@ import (
 )
 
 const (
-	DefaultRootDir = "/var/lib/kubelet"
-
-	// DEPRECATED: auto detecting cloud providers goes against the initiative
-	// for out-of-tree cloud providers as we'll now depend on cAdvisor integrations
-	// with cloud providers instead of in the core repo.
-	// More details here: https://github.com/kubernetes/kubernetes/issues/50986
-	AutoDetectCloudProvider = "auto-detect"
-
 	DefaultIPTablesMasqueradeBit = 14
 	DefaultIPTablesDropBit       = 15
 )
@@ -51,21 +43,32 @@ func addDefaultingFuncs(scheme *kruntime.Scheme) error {
 }
 
 func SetDefaults_KubeletConfiguration(obj *KubeletConfiguration) {
-	// pointer because the zeroDuration is valid - if you want to skip the trial period
-	if obj.ConfigTrialDuration == nil {
-		obj.ConfigTrialDuration = &metav1.Duration{Duration: 10 * time.Minute}
+	if obj.SyncFrequency == zeroDuration {
+		obj.SyncFrequency = metav1.Duration{Duration: 1 * time.Minute}
+	}
+	if obj.FileCheckFrequency == zeroDuration {
+		obj.FileCheckFrequency = metav1.Duration{Duration: 20 * time.Second}
+	}
+	if obj.HTTPCheckFrequency == zeroDuration {
+		obj.HTTPCheckFrequency = metav1.Duration{Duration: 20 * time.Second}
+	}
+	if obj.Address == "" {
+		obj.Address = "0.0.0.0"
+	}
+	if obj.Port == 0 {
+		obj.Port = ports.KubeletPort
 	}
 	if obj.Authentication.Anonymous.Enabled == nil {
-		obj.Authentication.Anonymous.Enabled = boolVar(true)
+		obj.Authentication.Anonymous.Enabled = utilpointer.BoolPtr(false)
 	}
 	if obj.Authentication.Webhook.Enabled == nil {
-		obj.Authentication.Webhook.Enabled = boolVar(false)
+		obj.Authentication.Webhook.Enabled = utilpointer.BoolPtr(true)
 	}
 	if obj.Authentication.Webhook.CacheTTL == zeroDuration {
 		obj.Authentication.Webhook.CacheTTL = metav1.Duration{Duration: 2 * time.Minute}
 	}
 	if obj.Authorization.Mode == "" {
-		obj.Authorization.Mode = KubeletAuthorizationModeAlwaysAllow
+		obj.Authorization.Mode = KubeletAuthorizationModeWebhook
 	}
 	if obj.Authorization.Webhook.CacheAuthorizedTTL == zeroDuration {
 		obj.Authorization.Webhook.CacheAuthorizedTTL = metav1.Duration{Duration: 5 * time.Minute}
@@ -73,127 +76,95 @@ func SetDefaults_KubeletConfiguration(obj *KubeletConfiguration) {
 	if obj.Authorization.Webhook.CacheUnauthorizedTTL == zeroDuration {
 		obj.Authorization.Webhook.CacheUnauthorizedTTL = metav1.Duration{Duration: 30 * time.Second}
 	}
-
-	if obj.Address == "" {
-		obj.Address = "0.0.0.0"
-	}
-	if obj.CAdvisorPort == nil {
-		obj.CAdvisorPort = utilpointer.Int32Ptr(4194)
-	}
-	if obj.VolumeStatsAggPeriod == zeroDuration {
-		obj.VolumeStatsAggPeriod = metav1.Duration{Duration: time.Minute}
+	if obj.RegistryPullQPS == nil {
+		obj.RegistryPullQPS = utilpointer.Int32Ptr(5)
 	}
-	if obj.RuntimeRequestTimeout == zeroDuration {
-		obj.RuntimeRequestTimeout = metav1.Duration{Duration: 2 * time.Minute}
+	if obj.RegistryBurst == 0 {
+		obj.RegistryBurst = 10
 	}
-	if obj.CPUCFSQuota == nil {
-		obj.CPUCFSQuota = boolVar(true)
+	if obj.EventRecordQPS == nil {
+		obj.EventRecordQPS = utilpointer.Int32Ptr(5)
 	}
 	if obj.EventBurst == 0 {
 		obj.EventBurst = 10
 	}
-	if obj.EventRecordQPS == nil {
-		temp := int32(5)
-		obj.EventRecordQPS = &temp
-	}
-	if obj.EnableControllerAttachDetach == nil {
-		obj.EnableControllerAttachDetach = boolVar(true)
-	}
 	if obj.EnableDebuggingHandlers == nil {
-		obj.EnableDebuggingHandlers = boolVar(true)
-	}
-	if obj.EnableServer == nil {
-		obj.EnableServer = boolVar(true)
-	}
-	if obj.FileCheckFrequency == zeroDuration {
-		obj.FileCheckFrequency = metav1.Duration{Duration: 20 * time.Second}
-	}
-	if obj.HealthzBindAddress == "" {
-		obj.HealthzBindAddress = "127.0.0.1"
+		obj.EnableDebuggingHandlers = utilpointer.BoolPtr(true)
 	}
 	if obj.HealthzPort == nil {
 		obj.HealthzPort = utilpointer.Int32Ptr(10248)
 	}
-	if obj.HostNetworkSources == nil {
-		obj.HostNetworkSources = []string{kubetypes.AllSource}
+	if obj.HealthzBindAddress == "" {
+		obj.HealthzBindAddress = "127.0.0.1"
 	}
-	if obj.HostPIDSources == nil {
-		obj.HostPIDSources = []string{kubetypes.AllSource}
+	if obj.OOMScoreAdj == nil {
+		obj.OOMScoreAdj = utilpointer.Int32Ptr(int32(qos.KubeletOOMScoreAdj))
 	}
-	if obj.HostIPCSources == nil {
-		obj.HostIPCSources = []string{kubetypes.AllSource}
+	if obj.StreamingConnectionIdleTimeout == zeroDuration {
+		obj.StreamingConnectionIdleTimeout = metav1.Duration{Duration: 4 * time.Hour}
 	}
-	if obj.HTTPCheckFrequency == zeroDuration {
-		obj.HTTPCheckFrequency = metav1.Duration{Duration: 20 * time.Second}
+	if obj.NodeStatusUpdateFrequency == zeroDuration {
+		obj.NodeStatusUpdateFrequency = metav1.Duration{Duration: 10 * time.Second}
 	}
 	if obj.ImageMinimumGCAge == zeroDuration {
 		obj.ImageMinimumGCAge = metav1.Duration{Duration: 2 * time.Minute}
 	}
 	if obj.ImageGCHighThresholdPercent == nil {
 		// default is below docker's default dm.min_free_space of 90%
-		temp := int32(85)
-		obj.ImageGCHighThresholdPercent = &temp
+		obj.ImageGCHighThresholdPercent = utilpointer.Int32Ptr(85)
 	}
 	if obj.ImageGCLowThresholdPercent == nil {
-		temp := int32(80)
-		obj.ImageGCLowThresholdPercent = &temp
+		obj.ImageGCLowThresholdPercent = utilpointer.Int32Ptr(80)
 	}
-	if obj.MaxOpenFiles == 0 {
-		obj.MaxOpenFiles = 1000000
+	if obj.VolumeStatsAggPeriod == zeroDuration {
+		obj.VolumeStatsAggPeriod = metav1.Duration{Duration: time.Minute}
 	}
-	if obj.MaxPods == 0 {
-		obj.MaxPods = 110
+	if obj.CgroupsPerQOS == nil {
+		obj.CgroupsPerQOS = utilpointer.BoolPtr(true)
 	}
-	if obj.NodeStatusUpdateFrequency == zeroDuration {
-		obj.NodeStatusUpdateFrequency = metav1.Duration{Duration: 10 * time.Second}
+	if obj.CgroupDriver == "" {
+		obj.CgroupDriver = "cgroupfs"
 	}
 	if obj.CPUManagerPolicy == "" {
 		obj.CPUManagerPolicy = "none"
 	}
 	if obj.CPUManagerReconcilePeriod == zeroDuration {
-		obj.CPUManagerReconcilePeriod = obj.NodeStatusUpdateFrequency
+		// Keep the same as default NodeStatusUpdateFrequency
+		obj.CPUManagerReconcilePeriod = metav1.Duration{Duration: 10 * time.Second}
 	}
-	if obj.OOMScoreAdj == nil {
-		temp := int32(qos.KubeletOOMScoreAdj)
-		obj.OOMScoreAdj = &temp
+	if obj.RuntimeRequestTimeout == zeroDuration {
+		obj.RuntimeRequestTimeout = metav1.Duration{Duration: 2 * time.Minute}
 	}
-	if obj.Port == 0 {
-		obj.Port = ports.KubeletPort
+	if obj.HairpinMode == "" {
+		obj.HairpinMode = PromiscuousBridge
 	}
-	if obj.ReadOnlyPort == nil {
-		obj.ReadOnlyPort = utilpointer.Int32Ptr(ports.KubeletReadOnlyPort)
+	if obj.MaxPods == 0 {
+		obj.MaxPods = 110
 	}
-	if obj.RegistryBurst == 0 {
-		obj.RegistryBurst = 10
-	}
-	if obj.RegistryPullQPS == nil {
-		temp := int32(5)
-		obj.RegistryPullQPS = &temp
+	if obj.PodPidsLimit == nil {
+		temp := int64(-1)
+		obj.PodPidsLimit = &temp
 	}
 	if obj.ResolverConfig == "" {
 		obj.ResolverConfig = kubetypes.ResolvConfDefault
 	}
-	if obj.SerializeImagePulls == nil {
-		obj.SerializeImagePulls = boolVar(true)
-	}
-	if obj.StreamingConnectionIdleTimeout == zeroDuration {
-		obj.StreamingConnectionIdleTimeout = metav1.Duration{Duration: 4 * time.Hour}
+	if obj.CPUCFSQuota == nil {
+		obj.CPUCFSQuota = utilpointer.BoolPtr(true)
 	}
-	if obj.SyncFrequency == zeroDuration {
-		obj.SyncFrequency = metav1.Duration{Duration: 1 * time.Minute}
+	if obj.MaxOpenFiles == 0 {
+		obj.MaxOpenFiles = 1000000
 	}
 	if obj.ContentType == "" {
 		obj.ContentType = "application/vnd.kubernetes.protobuf"
 	}
 	if obj.KubeAPIQPS == nil {
-		temp := int32(5)
-		obj.KubeAPIQPS = &temp
+		obj.KubeAPIQPS = utilpointer.Int32Ptr(5)
 	}
 	if obj.KubeAPIBurst == 0 {
 		obj.KubeAPIBurst = 10
 	}
-	if string(obj.HairpinMode) == "" {
-		obj.HairpinMode = PromiscuousBridge
+	if obj.SerializeImagePulls == nil {
+		obj.SerializeImagePulls = utilpointer.BoolPtr(true)
 	}
 	if obj.EvictionHard == nil {
 		obj.EvictionHard = map[string]string{
@@ -206,33 +177,28 @@ func SetDefaults_KubeletConfiguration(obj *KubeletConfiguration) {
 	if obj.EvictionPressureTransitionPeriod == zeroDuration {
 		obj.EvictionPressureTransitionPeriod = metav1.Duration{Duration: 5 * time.Minute}
 	}
+	if obj.EnableControllerAttachDetach == nil {
+		obj.EnableControllerAttachDetach = utilpointer.BoolPtr(true)
+	}
 	if obj.MakeIPTablesUtilChains == nil {
-		obj.MakeIPTablesUtilChains = boolVar(true)
+		obj.MakeIPTablesUtilChains = utilpointer.BoolPtr(true)
 	}
 	if obj.IPTablesMasqueradeBit == nil {
-		temp := int32(DefaultIPTablesMasqueradeBit)
-		obj.IPTablesMasqueradeBit = &temp
+		obj.IPTablesMasqueradeBit = utilpointer.Int32Ptr(DefaultIPTablesMasqueradeBit)
 	}
 	if obj.IPTablesDropBit == nil {
-		temp := int32(DefaultIPTablesDropBit)
-		obj.IPTablesDropBit = &temp
+		obj.IPTablesDropBit = utilpointer.Int32Ptr(DefaultIPTablesDropBit)
 	}
-	if obj.CgroupsPerQOS == nil {
-		temp := true
-		obj.CgroupsPerQOS = &temp
+	if obj.FailSwapOn == nil {
+		obj.FailSwapOn = utilpointer.BoolPtr(true)
 	}
-	if obj.CgroupDriver == "" {
-		obj.CgroupDriver = "cgroupfs"
+	if obj.ContainerLogMaxSize == "" {
+		obj.ContainerLogMaxSize = "10Mi"
+	}
+	if obj.ContainerLogMaxFiles == nil {
+		obj.ContainerLogMaxFiles = utilpointer.Int32Ptr(5)
 	}
 	if obj.EnforceNodeAllocatable == nil {
 		obj.EnforceNodeAllocatable = DefaultNodeAllocatableEnforcement
 	}
 }
-
-func boolVar(b bool) *bool {
-	return &b
-}
-
-var (
-	defaultCfg = KubeletConfiguration{}
-)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/doc.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/doc.go
similarity index 97%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/doc.go
rename to vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/doc.go
index c3f38c345379..06d8233af9ab 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/doc.go
@@ -19,4 +19,4 @@ limitations under the License.
 // +k8s:openapi-gen=true
 // +k8s:defaulter-gen=TypeMeta
 
-package v1alpha1
+package v1beta1
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/register.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/register.go
similarity index 95%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/register.go
rename to vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/register.go
index 79347d161717..306fc55e09bd 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/register.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/register.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package v1alpha1
+package v1beta1
 
 import (
 	"k8s.io/apimachinery/pkg/runtime"
@@ -22,10 +22,10 @@ import (
 )
 
 // GroupName is the group name use in this package
-const GroupName = "kubeletconfig"
+const GroupName = "kubelet.config.k8s.io"
 
 // SchemeGroupVersion is group version used to register these objects
-var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}
+var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1beta1"}
 
 var (
 	// TODO: move SchemeBuilder with zz_generated.deepcopy.go to k8s.io/api.
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/types.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/types.go
similarity index 57%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/types.go
rename to vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/types.go
index 0c661f8a0eed..fd46f3c9dff2 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/types.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package v1alpha1
+package v1beta1
 
 import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -40,249 +40,398 @@ const (
 
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 
-// A configuration field should go in KubeletFlags instead of KubeletConfiguration if
-// its value cannot be safely shared between nodes at the same time (e.g. a hostname)
-// In general, please try to avoid adding flags or configuration fields,
-// we already have a confusingly large amount of them.
+// KubeletConfiguration contains the configuration for the Kubelet
 type KubeletConfiguration struct {
 	metav1.TypeMeta `json:",inline"`
 
-	// Only used for dynamic configuration.
-	// The length of the trial period for this configuration. This configuration will become the last-known-good after this duration.
-	ConfigTrialDuration *metav1.Duration `json:"configTrialDuration"`
-	// podManifestPath is the path to the directory containing pod manifests to
-	// run, or the path to a single manifest file
-	PodManifestPath string `json:"podManifestPath"`
+	// staticPodPath is the path to the directory containing local (static) pods to
+	// run, or the path to a single static pod file.
+	// Default: ""
+	// +optional
+	StaticPodPath string `json:"staticPodPath,omitempty"`
 	// syncFrequency is the max period between synchronizing running
-	// containers and config
-	SyncFrequency metav1.Duration `json:"syncFrequency"`
+	// containers and config.
+	// Default: "1m"
+	// +optional
+	SyncFrequency metav1.Duration `json:"syncFrequency,omitempty"`
 	// fileCheckFrequency is the duration between checking config files for
 	// new data
-	FileCheckFrequency metav1.Duration `json:"fileCheckFrequency"`
+	// Default: "20s"
+	// +optional
+	FileCheckFrequency metav1.Duration `json:"fileCheckFrequency,omitempty"`
 	// httpCheckFrequency is the duration between checking http for new data
-	HTTPCheckFrequency metav1.Duration `json:"httpCheckFrequency"`
-	// manifestURL is the URL for accessing the container manifest
-	ManifestURL string `json:"manifestURL"`
-	// manifestURLHeader is the HTTP header to use when accessing the manifest
-	// URL, with the key separated from the value with a ':', as in 'key:value'
-	ManifestURLHeader map[string][]string `json:"manifestURLHeader"`
-	// enableServer enables the Kubelet's server
-	EnableServer *bool `json:"enableServer"`
+	// Default: "20s"
+	// +optional
+	HTTPCheckFrequency metav1.Duration `json:"httpCheckFrequency,omitempty"`
+	// staticPodURL is the URL for accessing static pods to run
+	// Default: ""
+	// +optional
+	StaticPodURL string `json:"staticPodURL,omitempty"`
+	// staticPodURLHeader is a map of slices with HTTP headers to use when accessing the podURL
+	// Default: nil
+	// +optional
+	StaticPodURLHeader map[string][]string `json:"staticPodURLHeader,omitempty"`
 	// address is the IP address for the Kubelet to serve on (set to 0.0.0.0
-	// for all interfaces)
-	Address string `json:"address"`
+	// for all interfaces).
+	// Default: "0.0.0.0"
+	// +optional
+	Address string `json:"address,omitempty"`
 	// port is the port for the Kubelet to serve on.
-	Port int32 `json:"port"`
+	// Default: 10250
+	// +optional
+	Port int32 `json:"port,omitempty"`
 	// readOnlyPort is the read-only port for the Kubelet to serve on with
-	// no authentication/authorization (set to 0 to disable)
-	ReadOnlyPort *int32 `json:"readOnlyPort"`
+	// no authentication/authorization.
+	// Default: 0 (disabled)
+	// +optional
+	ReadOnlyPort int32 `json:"readOnlyPort,omitempty"`
 	// tlsCertFile is the file containing x509 Certificate for HTTPS.  (CA cert,
 	// if any, concatenated after server cert). If tlsCertFile and
 	// tlsPrivateKeyFile are not provided, a self-signed certificate
 	// and key are generated for the public address and saved to the directory
-	// passed to certDir.
-	TLSCertFile string `json:"tlsCertFile"`
-	// tlsPrivateKeyFile is the ile containing x509 private key matching
-	// tlsCertFile.
-	TLSPrivateKeyFile string `json:"tlsPrivateKeyFile"`
+	// passed to the Kubelet's --cert-dir flag.
+	// Default: ""
+	// +optional
+	TLSCertFile string `json:"tlsCertFile,omitempty"`
+	// tlsPrivateKeyFile is the file containing x509 private key matching tlsCertFile
+	// Default: ""
+	// +optional
+	TLSPrivateKeyFile string `json:"tlsPrivateKeyFile,omitempty"`
+	// TLSCipherSuites is the list of allowed cipher suites for the server.
+	// Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants).
+	// Default: nil
+	// +optional
+	TLSCipherSuites []string `json:"tlsCipherSuites,omitempty"`
+	// TLSMinVersion is the minimum TLS version supported.
+	// Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants).
+	// Default: ""
+	// +optional
+	TLSMinVersion string `json:"tlsMinVersion,omitempty"`
 	// authentication specifies how requests to the Kubelet's server are authenticated
+	// Defaults:
+	//   anonymous:
+	//     enabled: false
+	//   webhook:
+	//     enabled: true
+	//     cacheTTL: "2m"
+	// +optional
 	Authentication KubeletAuthentication `json:"authentication"`
 	// authorization specifies how requests to the Kubelet's server are authorized
+	// Defaults:
+	//   mode: Webhook
+	//   webhook:
+	//     cacheAuthorizedTTL: "5m"
+	//     cacheUnauthorizedTTL: "30s"
+	// +optional
 	Authorization KubeletAuthorization `json:"authorization"`
-	// allowPrivileged enables containers to request privileged mode.
-	// Defaults to false.
-	AllowPrivileged *bool `json:"allowPrivileged"`
-	// hostNetworkSources is a comma-separated list of sources from which the
-	// Kubelet allows pods to use of host network. Defaults to "*". Valid
-	// options are "file", "http", "api", and "*" (all sources).
-	HostNetworkSources []string `json:"hostNetworkSources"`
-	// hostPIDSources is a comma-separated list of sources from which the
-	// Kubelet allows pods to use the host pid namespace. Defaults to "*".
-	HostPIDSources []string `json:"hostPIDSources"`
-	// hostIPCSources is a comma-separated list of sources from which the
-	// Kubelet allows pods to use the host ipc namespace. Defaults to "*".
-	HostIPCSources []string `json:"hostIPCSources"`
-	// registryPullQPS is the limit of registry pulls per second. If 0,
-	// unlimited. Set to 0 for no limit. Defaults to 5.0.
-	RegistryPullQPS *int32 `json:"registryPullQPS"`
-	// registryBurst is the maximum size of a bursty pulls, temporarily allows
-	// pulls to burst to this number, while still not exceeding registryQps.
-	// Only used if registryQPS > 0.
-	RegistryBurst int32 `json:"registryBurst"`
+	// registryPullQPS is the limit of registry pulls per second.
+	// Set to 0 for no limit.
+	// Default: 5
+	// +optional
+	RegistryPullQPS *int32 `json:"registryPullQPS,omitempty"`
+	// registryBurst is the maximum size of bursty pulls, temporarily allows
+	// pulls to burst to this number, while still not exceeding registryPullQPS.
+	// Only used if registryPullQPS > 0.
+	// Default: 10
+	// +optional
+	RegistryBurst int32 `json:"registryBurst,omitempty"`
 	// eventRecordQPS is the maximum event creations per second. If 0, there
 	// is no limit enforced.
-	EventRecordQPS *int32 `json:"eventRecordQPS"`
-	// eventBurst is the maximum size of a bursty event records, temporarily
-	// allows event records to burst to this number, while still not exceeding
-	// event-qps. Only used if eventQps > 0
-	EventBurst int32 `json:"eventBurst"`
+	// Default: 5
+	// +optional
+	EventRecordQPS *int32 `json:"eventRecordQPS,omitempty"`
+	// eventBurst is the maximum size of a burst of event creations, temporarily
+	// allows event creations to burst to this number, while still not exceeding
+	// eventRecordQPS. Only used if eventRecordQPS > 0.
+	// Default: 10
+	// +optional
+	EventBurst int32 `json:"eventBurst,omitempty"`
 	// enableDebuggingHandlers enables server endpoints for log collection
 	// and local running of containers and commands
-	EnableDebuggingHandlers *bool `json:"enableDebuggingHandlers"`
+	// Default: true
+	// +optional
+	EnableDebuggingHandlers *bool `json:"enableDebuggingHandlers,omitempty"`
 	// enableContentionProfiling enables lock contention profiling, if enableDebuggingHandlers is true.
-	EnableContentionProfiling bool `json:"enableContentionProfiling"`
-	// cAdvisorPort is the port of the localhost cAdvisor endpoint (set to 0 to disable)
-	CAdvisorPort *int32 `json:"cAdvisorPort"`
+	// Default: false
+	// +optional
+	EnableContentionProfiling bool `json:"enableContentionProfiling,omitempty"`
 	// healthzPort is the port of the localhost healthz endpoint (set to 0 to disable)
-	HealthzPort *int32 `json:"healthzPort"`
-	// healthzBindAddress is the IP address for the healthz server to serve
-	// on.
-	HealthzBindAddress string `json:"healthzBindAddress"`
+	// Default: 10248
+	// +optional
+	HealthzPort *int32 `json:"healthzPort,omitempty"`
+	// healthzBindAddress is the IP address for the healthz server to serve on
+	// Default: "127.0.0.1"
+	// +optional
+	HealthzBindAddress string `json:"healthzBindAddress,omitempty"`
 	// oomScoreAdj is The oom-score-adj value for kubelet process. Values
 	// must be within the range [-1000, 1000].
-	OOMScoreAdj *int32 `json:"oomScoreAdj"`
+	// Default: -999
+	// +optional
+	OOMScoreAdj *int32 `json:"oomScoreAdj,omitempty"`
 	// clusterDomain is the DNS domain for this cluster. If set, kubelet will
 	// configure all containers to search this domain in addition to the
 	// host's search domains.
-	ClusterDomain string `json:"clusterDomain"`
-	// clusterDNS is a list of IP address for the cluster DNS server.  If set,
+	// Default: ""
+	// +optional
+	ClusterDomain string `json:"clusterDomain,omitempty"`
+	// clusterDNS is a list of IP addresses for the cluster DNS server. If set,
 	// kubelet will configure all containers to use this for DNS resolution
-	// instead of the host's DNS servers
-	ClusterDNS []string `json:"clusterDNS"`
+	// instead of the host's DNS servers.
+	// Default: nil
+	// +optional
+	ClusterDNS []string `json:"clusterDNS,omitempty"`
 	// streamingConnectionIdleTimeout is the maximum time a streaming connection
 	// can be idle before the connection is automatically closed.
-	StreamingConnectionIdleTimeout metav1.Duration `json:"streamingConnectionIdleTimeout"`
+	// Default: "4h"
+	// +optional
+	StreamingConnectionIdleTimeout metav1.Duration `json:"streamingConnectionIdleTimeout,omitempty"`
 	// nodeStatusUpdateFrequency is the frequency that kubelet posts node
 	// status to master. Note: be cautious when changing the constant, it
 	// must work with nodeMonitorGracePeriod in nodecontroller.
-	NodeStatusUpdateFrequency metav1.Duration `json:"nodeStatusUpdateFrequency"`
+	// Default: "10s"
+	// +optional
+	NodeStatusUpdateFrequency metav1.Duration `json:"nodeStatusUpdateFrequency,omitempty"`
 	// imageMinimumGCAge is the minimum age for an unused image before it is
 	// garbage collected.
-	ImageMinimumGCAge metav1.Duration `json:"imageMinimumGCAge"`
+	// Default: "2m"
+	// +optional
+	ImageMinimumGCAge metav1.Duration `json:"imageMinimumGCAge,omitempty"`
 	// imageGCHighThresholdPercent is the percent of disk usage after which
 	// image garbage collection is always run. The percent is calculated as
 	// this field value out of 100.
-	ImageGCHighThresholdPercent *int32 `json:"imageGCHighThresholdPercent"`
+	// Default: 85
+	// +optional
+	ImageGCHighThresholdPercent *int32 `json:"imageGCHighThresholdPercent,omitempty"`
 	// imageGCLowThresholdPercent is the percent of disk usage before which
 	// image garbage collection is never run. Lowest disk usage to garbage
 	// collect to. The percent is calculated as this field value out of 100.
-	ImageGCLowThresholdPercent *int32 `json:"imageGCLowThresholdPercent"`
+	// Default: 80
+	// +optional
+	ImageGCLowThresholdPercent *int32 `json:"imageGCLowThresholdPercent,omitempty"`
 	// How frequently to calculate and cache volume disk usage for all pods
-	VolumeStatsAggPeriod metav1.Duration `json:"volumeStatsAggPeriod"`
-	// kubeletCgroups is the absolute name of cgroups to isolate the kubelet in.
-	KubeletCgroups string `json:"kubeletCgroups"`
+	// Default: "1m"
+	// +optional
+	VolumeStatsAggPeriod metav1.Duration `json:"volumeStatsAggPeriod,omitempty"`
+	// kubeletCgroups is the absolute name of cgroups to isolate the kubelet in
+	// Default: ""
+	// +optional
+	KubeletCgroups string `json:"kubeletCgroups,omitempty"`
 	// systemCgroups is absolute name of cgroups in which to place
 	// all non-kernel processes that are not already in a container. Empty
 	// for no container. Rolling back the flag requires a reboot.
-	SystemCgroups string `json:"systemCgroups"`
+	// Default: ""
+	// +optional
+	SystemCgroups string `json:"systemCgroups,omitempty"`
 	// cgroupRoot is the root cgroup to use for pods. This is handled by the
 	// container runtime on a best effort basis.
-	CgroupRoot string `json:"cgroupRoot"`
+	// Default: ""
+	// +optional
+	CgroupRoot string `json:"cgroupRoot,omitempty"`
 	// Enable QoS based Cgroup hierarchy: top level cgroups for QoS Classes
 	// And all Burstable and BestEffort pods are brought up under their
 	// specific top level QoS cgroup.
 	// +optional
+	// Default: true
+	// +optional
 	CgroupsPerQOS *bool `json:"cgroupsPerQOS,omitempty"`
 	// driver that the kubelet uses to manipulate cgroups on the host (cgroupfs or systemd)
 	// +optional
+	// Default: "cgroupfs"
+	// +optional
 	CgroupDriver string `json:"cgroupDriver,omitempty"`
 	// CPUManagerPolicy is the name of the policy to use.
-	CPUManagerPolicy string `json:"cpuManagerPolicy"`
+	// Requires the CPUManager feature gate to be enabled.
+	// Default: "none"
+	// +optional
+	CPUManagerPolicy string `json:"cpuManagerPolicy,omitempty"`
 	// CPU Manager reconciliation period.
-	CPUManagerReconcilePeriod metav1.Duration `json:"cpuManagerReconcilePeriod"`
+	// Requires the CPUManager feature gate to be enabled.
+	// Default: "10s"
+	// +optional
+	CPUManagerReconcilePeriod metav1.Duration `json:"cpuManagerReconcilePeriod,omitempty"`
 	// runtimeRequestTimeout is the timeout for all runtime requests except long running
 	// requests - pull, logs, exec and attach.
-	RuntimeRequestTimeout metav1.Duration `json:"runtimeRequestTimeout"`
-	// How should the kubelet configure the container bridge for hairpin packets.
+	// Default: "2m"
+	// +optional
+	RuntimeRequestTimeout metav1.Duration `json:"runtimeRequestTimeout,omitempty"`
+	// hairpinMode specifies how the Kubelet should configure the container
+	// bridge for hairpin packets.
 	// Setting this flag allows endpoints in a Service to loadbalance back to
 	// themselves if they should try to access their own Service. Values:
 	//   "promiscuous-bridge": make the container bridge promiscuous.
 	//   "hairpin-veth":       set the hairpin flag on container veth interfaces.
 	//   "none":               do nothing.
-	// Generally, one must set --hairpin-mode=veth-flag to achieve hairpin NAT,
-	// because promiscous-bridge assumes the existence of a container bridge named cbr0.
-	HairpinMode string `json:"hairpinMode"`
+	// Generally, one must set --hairpin-mode=hairpin-veth to achieve hairpin NAT,
+	// because promiscuous-bridge assumes the existence of a container bridge named cbr0.
+	// Default: "promiscuous-bridge"
+	// +optional
+	HairpinMode string `json:"hairpinMode,omitempty"`
 	// maxPods is the number of pods that can run on this Kubelet.
-	MaxPods int32 `json:"maxPods"`
+	// Default: 110
+	// +optional
+	MaxPods int32 `json:"maxPods,omitempty"`
 	// The CIDR to use for pod IP addresses, only used in standalone mode.
 	// In cluster mode, this is obtained from the master.
-	PodCIDR string `json:"podCIDR"`
+	// Default: ""
+	// +optional
+	PodCIDR string `json:"podCIDR,omitempty"`
+	// PodPidsLimit is the maximum number of pids in any pod.
+	// Requires the SupportPodPidsLimit feature gate to be enabled.
+	// Default: -1
+	// +optional
+	PodPidsLimit *int64 `json:"podPidsLimit,omitempty"`
 	// ResolverConfig is the resolver configuration file used as the basis
 	// for the container DNS resolution configuration.
-	ResolverConfig string `json:"resolvConf"`
-	// cpuCFSQuota is Enable CPU CFS quota enforcement for containers that
-	// specify CPU limits
-	CPUCFSQuota *bool `json:"cpuCFSQuota"`
+	// Default: "/etc/resolv.conf"
+	// +optional
+	ResolverConfig string `json:"resolvConf,omitempty"`
+	// cpuCFSQuota enables CPU CFS quota enforcement for containers that
+	// specify CPU limits.
+	// Default: true
+	// +optional
+	CPUCFSQuota *bool `json:"cpuCFSQuota,omitempty"`
 	// maxOpenFiles is Number of files that can be opened by Kubelet process.
-	MaxOpenFiles int64 `json:"maxOpenFiles"`
+	// Default: 1000000
+	// +optional
+	MaxOpenFiles int64 `json:"maxOpenFiles,omitempty"`
 	// contentType is contentType of requests sent to apiserver.
-	ContentType string `json:"contentType"`
+	// Default: "application/vnd.kubernetes.protobuf"
+	// +optional
+	ContentType string `json:"contentType,omitempty"`
 	// kubeAPIQPS is the QPS to use while talking with kubernetes apiserver
-	KubeAPIQPS *int32 `json:"kubeAPIQPS"`
-	// kubeAPIBurst is the burst to allow while talking with kubernetes
-	// apiserver
-	KubeAPIBurst int32 `json:"kubeAPIBurst"`
+	// Default: 5
+	// +optional
+	KubeAPIQPS *int32 `json:"kubeAPIQPS,omitempty"`
+	// kubeAPIBurst is the burst to allow while talking with kubernetes apiserver
+	// Default: 10
+	// +optional
+	KubeAPIBurst int32 `json:"kubeAPIBurst,omitempty"`
 	// serializeImagePulls when enabled, tells the Kubelet to pull images one
 	// at a time. We recommend *not* changing the default value on nodes that
 	// run docker daemon with version  < 1.9 or an Aufs storage backend.
 	// Issue #10959 has more details.
-	SerializeImagePulls *bool `json:"serializeImagePulls"`
+	// Default: true
+	// +optional
+	SerializeImagePulls *bool `json:"serializeImagePulls,omitempty"`
 	// Map of signal names to quantities that defines hard eviction thresholds. For example: {"memory.available": "300Mi"}.
+	// To explicitly disable, pass a 0% or 100% threshold on an arbitrary resource.
+	// Default:
+	//   memory.available:  "100Mi"
+	//   nodefs.available:  "10%"
+	//   nodefs.inodesFree: "5%"
+	//   imagefs.available: "15%"
 	// +optional
-	EvictionHard map[string]string `json:"evictionHard"`
+	EvictionHard map[string]string `json:"evictionHard,omitempty"`
 	// Map of signal names to quantities that defines soft eviction thresholds.  For example: {"memory.available": "300Mi"}.
+	// Default: nil
 	// +optional
-	EvictionSoft map[string]string `json:"evictionSoft"`
+	EvictionSoft map[string]string `json:"evictionSoft,omitempty"`
 	// Map of signal names to quantities that defines grace periods for each soft eviction signal. For example: {"memory.available": "30s"}.
+	// Default: nil
 	// +optional
-	EvictionSoftGracePeriod map[string]string `json:"evictionSoftGracePeriod"`
+	EvictionSoftGracePeriod map[string]string `json:"evictionSoftGracePeriod,omitempty"`
 	// Duration for which the kubelet has to wait before transitioning out of an eviction pressure condition.
-	EvictionPressureTransitionPeriod metav1.Duration `json:"evictionPressureTransitionPeriod"`
+	// Default: "5m"
+	// +optional
+	EvictionPressureTransitionPeriod metav1.Duration `json:"evictionPressureTransitionPeriod,omitempty"`
 	// Maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met.
-	EvictionMaxPodGracePeriod int32 `json:"evictionMaxPodGracePeriod"`
+	// Default: 0
+	// +optional
+	EvictionMaxPodGracePeriod int32 `json:"evictionMaxPodGracePeriod,omitempty"`
 	// Map of signal names to quantities that defines minimum reclaims, which describe the minimum
 	// amount of a given resource the kubelet will reclaim when performing a pod eviction while
 	// that resource is under pressure. For example: {"imagefs.available": "2Gi"}
 	// +optional
-	EvictionMinimumReclaim map[string]string `json:"evictionMinimumReclaim"`
-	// Maximum number of pods per core. Cannot exceed MaxPods
-	PodsPerCore int32 `json:"podsPerCore"`
+	// Default: nil
+	// +optional
+	EvictionMinimumReclaim map[string]string `json:"evictionMinimumReclaim,omitempty"`
+	// podsPerCore is the maximum number of pods per core. Cannot exceed MaxPods.
+	// If 0, this field is ignored.
+	// Default: 0
+	// +optional
+	PodsPerCore int32 `json:"podsPerCore,omitempty"`
 	// enableControllerAttachDetach enables the Attach/Detach controller to
 	// manage attachment/detachment of volumes scheduled to this node, and
 	// disables kubelet from executing any attach/detach operations
-	EnableControllerAttachDetach *bool `json:"enableControllerAttachDetach"`
-	// Default behaviour for kernel tuning
-	ProtectKernelDefaults bool `json:"protectKernelDefaults"`
+	// Default: true
+	// +optional
+	EnableControllerAttachDetach *bool `json:"enableControllerAttachDetach,omitempty"`
+	// protectKernelDefaults, if true, causes the Kubelet to error if kernel
+	// flags are not as it expects. Otherwise the Kubelet will attempt to modify
+	// kernel flags to match its expectation.
+	// Default: false
+	// +optional
+	ProtectKernelDefaults bool `json:"protectKernelDefaults,omitempty"`
 	// If true, Kubelet ensures a set of iptables rules are present on host.
 	// These rules will serve as utility rules for various components, e.g. KubeProxy.
 	// The rules will be created based on IPTablesMasqueradeBit and IPTablesDropBit.
-	MakeIPTablesUtilChains *bool `json:"makeIPTablesUtilChains"`
+	// Default: true
+	// +optional
+	MakeIPTablesUtilChains *bool `json:"makeIPTablesUtilChains,omitempty"`
 	// iptablesMasqueradeBit is the bit of the iptables fwmark space to mark for SNAT
 	// Values must be within the range [0, 31]. Must be different from other mark bits.
-	// Warning: Please match the value of corresponding parameter in kube-proxy
+	// Warning: Please match the value of the corresponding parameter in kube-proxy.
 	// TODO: clean up IPTablesMasqueradeBit in kube-proxy
-	IPTablesMasqueradeBit *int32 `json:"iptablesMasqueradeBit"`
+	// Default: 14
+	// +optional
+	IPTablesMasqueradeBit *int32 `json:"iptablesMasqueradeBit,omitempty"`
 	// iptablesDropBit is the bit of the iptables fwmark space to mark for dropping packets.
 	// Values must be within the range [0, 31]. Must be different from other mark bits.
-	IPTablesDropBit *int32 `json:"iptablesDropBit"`
-	// featureGates is a map of feature names to bools that enable or disable alpha/experimental features.
+	// Default: 15
+	// +optional
+	IPTablesDropBit *int32 `json:"iptablesDropBit,omitempty"`
+	// featureGates is a map of feature names to bools that enable or disable alpha/experimental
+	// features. This field modifies piecemeal the built-in default values from
+	// "k8s.io/kubernetes/pkg/features/kube_features.go".
+	// Default: nil
+	// +optional
 	FeatureGates map[string]bool `json:"featureGates,omitempty"`
-	// Tells the Kubelet to fail to start if swap is enabled on the node.
-	FailSwapOn bool `json:"failSwapOn,omitempty"`
+	// failSwapOn tells the Kubelet to fail to start if swap is enabled on the node.
+	// Default: true
+	// +optional
+	FailSwapOn *bool `json:"failSwapOn,omitempty"`
+	// A quantity defines the maximum size of the container log file before it is rotated. For example: "5Mi" or "256Ki".
+	// Default: "10Mi"
+	// +optional
+	ContainerLogMaxSize string `json:"containerLogMaxSize,omitempty"`
+	// Maximum number of container log files that can be present for a container.
+	// Default: 5
+	// +optional
+	ContainerLogMaxFiles *int32 `json:"containerLogMaxFiles,omitempty"`
 
 	/* following flags are meant for Node Allocatable */
 
 	// A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs
 	// that describe resources reserved for non-kubernetes components.
-	// Currently only cpu and memory are supported. [default=none]
+	// Currently only cpu and memory are supported.
 	// See http://kubernetes.io/docs/user-guide/compute-resources for more detail.
-	SystemReserved map[string]string `json:"systemReserved"`
+	// Default: nil
+	// +optional
+	SystemReserved map[string]string `json:"systemReserved,omitempty"`
 	// A set of ResourceName=ResourceQuantity (e.g. cpu=200m,memory=150G) pairs
 	// that describe resources reserved for kubernetes system components.
-	// Currently cpu, memory and local storage for root file system are supported. [default=none]
+	// Currently cpu, memory and local storage for root file system are supported.
 	// See http://kubernetes.io/docs/user-guide/compute-resources for more detail.
-	KubeReserved map[string]string `json:"kubeReserved"`
-
+	// Default: nil
+	// +optional
+	KubeReserved map[string]string `json:"kubeReserved,omitempty"`
 	// This flag helps kubelet identify absolute name of top level cgroup used to enforce `SystemReserved` compute resource reservation for OS system daemons.
 	// Refer to [Node Allocatable](https://git.k8s.io/community/contributors/design-proposals/node/node-allocatable.md) doc for more information.
+	// Default: ""
+	// +optional
 	SystemReservedCgroup string `json:"systemReservedCgroup,omitempty"`
 	// This flag helps kubelet identify absolute name of top level cgroup used to enforce `KubeReserved` compute resource reservation for Kubernetes node system daemons.
 	// Refer to [Node Allocatable](https://git.k8s.io/community/contributors/design-proposals/node/node-allocatable.md) doc for more information.
+	// Default: ""
+	// +optional
 	KubeReservedCgroup string `json:"kubeReservedCgroup,omitempty"`
 	// This flag specifies the various Node Allocatable enforcements that Kubelet needs to perform.
-	// This flag accepts a list of options. Acceptible options are `pods`, `system-reserved` & `kube-reserved`.
+	// This flag accepts a list of options. Acceptable options are `none`, `pods`, `system-reserved` & `kube-reserved`.
+	// If `none` is specified, no other options may be specified.
 	// Refer to [Node Allocatable](https://git.k8s.io/community/contributors/design-proposals/node/node-allocatable.md) doc for more information.
-	EnforceNodeAllocatable []string `json:"enforceNodeAllocatable"`
+	// Default: ["pods"]
+	// +optional
+	EnforceNodeAllocatable []string `json:"enforceNodeAllocatable,omitempty"`
 }
 
 type KubeletAuthorizationMode string
@@ -298,25 +447,32 @@ type KubeletAuthorization struct {
 	// mode is the authorization mode to apply to requests to the kubelet server.
 	// Valid values are AlwaysAllow and Webhook.
 	// Webhook mode uses the SubjectAccessReview API to determine authorization.
-	Mode KubeletAuthorizationMode `json:"mode"`
+	// +optional
+	Mode KubeletAuthorizationMode `json:"mode,omitempty"`
 
 	// webhook contains settings related to Webhook authorization.
+	// +optional
 	Webhook KubeletWebhookAuthorization `json:"webhook"`
 }
 
 type KubeletWebhookAuthorization struct {
 	// cacheAuthorizedTTL is the duration to cache 'authorized' responses from the webhook authorizer.
-	CacheAuthorizedTTL metav1.Duration `json:"cacheAuthorizedTTL"`
+	// +optional
+	CacheAuthorizedTTL metav1.Duration `json:"cacheAuthorizedTTL,omitempty"`
 	// cacheUnauthorizedTTL is the duration to cache 'unauthorized' responses from the webhook authorizer.
-	CacheUnauthorizedTTL metav1.Duration `json:"cacheUnauthorizedTTL"`
+	// +optional
+	CacheUnauthorizedTTL metav1.Duration `json:"cacheUnauthorizedTTL,omitempty"`
 }
 
 type KubeletAuthentication struct {
 	// x509 contains settings related to x509 client certificate authentication
+	// +optional
 	X509 KubeletX509Authentication `json:"x509"`
 	// webhook contains settings related to webhook bearer token authentication
+	// +optional
 	Webhook KubeletWebhookAuthentication `json:"webhook"`
 	// anonymous contains settings related to anonymous authentication
+	// +optional
 	Anonymous KubeletAnonymousAuthentication `json:"anonymous"`
 }
 
@@ -324,19 +480,23 @@ type KubeletX509Authentication struct {
 	// clientCAFile is the path to a PEM-encoded certificate bundle. If set, any request presenting a client certificate
 	// signed by one of the authorities in the bundle is authenticated with a username corresponding to the CommonName,
 	// and groups corresponding to the Organization in the client certificate.
-	ClientCAFile string `json:"clientCAFile"`
+	// +optional
+	ClientCAFile string `json:"clientCAFile,omitempty"`
 }
 
 type KubeletWebhookAuthentication struct {
 	// enabled allows bearer token authentication backed by the tokenreviews.authentication.k8s.io API
-	Enabled *bool `json:"enabled"`
+	// +optional
+	Enabled *bool `json:"enabled,omitempty"`
 	// cacheTTL enables caching of authentication results
-	CacheTTL metav1.Duration `json:"cacheTTL"`
+	// +optional
+	CacheTTL metav1.Duration `json:"cacheTTL,omitempty"`
 }
 
 type KubeletAnonymousAuthentication struct {
 	// enabled allows anonymous requests to the kubelet server.
 	// Requests that are not rejected by another authentication method are treated as anonymous requests.
 	// Anonymous requests have a username of system:anonymous, and a group name of system:unauthenticated.
-	Enabled *bool `json:"enabled"`
+	// +optional
+	Enabled *bool `json:"enabled,omitempty"`
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/zz_generated.conversion.go
new file mode 100644
index 000000000000..1a166b006939
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/zz_generated.conversion.go
@@ -0,0 +1,451 @@
+// +build !ignore_autogenerated
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by conversion-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	unsafe "unsafe"
+
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	conversion "k8s.io/apimachinery/pkg/conversion"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	kubeletconfig "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
+)
+
+func init() {
+	localSchemeBuilder.Register(RegisterConversions)
+}
+
+// RegisterConversions adds conversion functions to the given scheme.
+// Public to allow building arbitrary schemes.
+func RegisterConversions(scheme *runtime.Scheme) error {
+	return scheme.AddGeneratedConversionFuncs(
+		Convert_v1beta1_KubeletAnonymousAuthentication_To_kubeletconfig_KubeletAnonymousAuthentication,
+		Convert_kubeletconfig_KubeletAnonymousAuthentication_To_v1beta1_KubeletAnonymousAuthentication,
+		Convert_v1beta1_KubeletAuthentication_To_kubeletconfig_KubeletAuthentication,
+		Convert_kubeletconfig_KubeletAuthentication_To_v1beta1_KubeletAuthentication,
+		Convert_v1beta1_KubeletAuthorization_To_kubeletconfig_KubeletAuthorization,
+		Convert_kubeletconfig_KubeletAuthorization_To_v1beta1_KubeletAuthorization,
+		Convert_v1beta1_KubeletConfiguration_To_kubeletconfig_KubeletConfiguration,
+		Convert_kubeletconfig_KubeletConfiguration_To_v1beta1_KubeletConfiguration,
+		Convert_v1beta1_KubeletWebhookAuthentication_To_kubeletconfig_KubeletWebhookAuthentication,
+		Convert_kubeletconfig_KubeletWebhookAuthentication_To_v1beta1_KubeletWebhookAuthentication,
+		Convert_v1beta1_KubeletWebhookAuthorization_To_kubeletconfig_KubeletWebhookAuthorization,
+		Convert_kubeletconfig_KubeletWebhookAuthorization_To_v1beta1_KubeletWebhookAuthorization,
+		Convert_v1beta1_KubeletX509Authentication_To_kubeletconfig_KubeletX509Authentication,
+		Convert_kubeletconfig_KubeletX509Authentication_To_v1beta1_KubeletX509Authentication,
+	)
+}
+
+func autoConvert_v1beta1_KubeletAnonymousAuthentication_To_kubeletconfig_KubeletAnonymousAuthentication(in *KubeletAnonymousAuthentication, out *kubeletconfig.KubeletAnonymousAuthentication, s conversion.Scope) error {
+	if err := v1.Convert_Pointer_bool_To_bool(&in.Enabled, &out.Enabled, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_v1beta1_KubeletAnonymousAuthentication_To_kubeletconfig_KubeletAnonymousAuthentication is an autogenerated conversion function.
+func Convert_v1beta1_KubeletAnonymousAuthentication_To_kubeletconfig_KubeletAnonymousAuthentication(in *KubeletAnonymousAuthentication, out *kubeletconfig.KubeletAnonymousAuthentication, s conversion.Scope) error {
+	return autoConvert_v1beta1_KubeletAnonymousAuthentication_To_kubeletconfig_KubeletAnonymousAuthentication(in, out, s)
+}
+
+func autoConvert_kubeletconfig_KubeletAnonymousAuthentication_To_v1beta1_KubeletAnonymousAuthentication(in *kubeletconfig.KubeletAnonymousAuthentication, out *KubeletAnonymousAuthentication, s conversion.Scope) error {
+	if err := v1.Convert_bool_To_Pointer_bool(&in.Enabled, &out.Enabled, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_kubeletconfig_KubeletAnonymousAuthentication_To_v1beta1_KubeletAnonymousAuthentication is an autogenerated conversion function.
+func Convert_kubeletconfig_KubeletAnonymousAuthentication_To_v1beta1_KubeletAnonymousAuthentication(in *kubeletconfig.KubeletAnonymousAuthentication, out *KubeletAnonymousAuthentication, s conversion.Scope) error {
+	return autoConvert_kubeletconfig_KubeletAnonymousAuthentication_To_v1beta1_KubeletAnonymousAuthentication(in, out, s)
+}
+
+func autoConvert_v1beta1_KubeletAuthentication_To_kubeletconfig_KubeletAuthentication(in *KubeletAuthentication, out *kubeletconfig.KubeletAuthentication, s conversion.Scope) error {
+	if err := Convert_v1beta1_KubeletX509Authentication_To_kubeletconfig_KubeletX509Authentication(&in.X509, &out.X509, s); err != nil {
+		return err
+	}
+	if err := Convert_v1beta1_KubeletWebhookAuthentication_To_kubeletconfig_KubeletWebhookAuthentication(&in.Webhook, &out.Webhook, s); err != nil {
+		return err
+	}
+	if err := Convert_v1beta1_KubeletAnonymousAuthentication_To_kubeletconfig_KubeletAnonymousAuthentication(&in.Anonymous, &out.Anonymous, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_v1beta1_KubeletAuthentication_To_kubeletconfig_KubeletAuthentication is an autogenerated conversion function.
+func Convert_v1beta1_KubeletAuthentication_To_kubeletconfig_KubeletAuthentication(in *KubeletAuthentication, out *kubeletconfig.KubeletAuthentication, s conversion.Scope) error {
+	return autoConvert_v1beta1_KubeletAuthentication_To_kubeletconfig_KubeletAuthentication(in, out, s)
+}
+
+func autoConvert_kubeletconfig_KubeletAuthentication_To_v1beta1_KubeletAuthentication(in *kubeletconfig.KubeletAuthentication, out *KubeletAuthentication, s conversion.Scope) error {
+	if err := Convert_kubeletconfig_KubeletX509Authentication_To_v1beta1_KubeletX509Authentication(&in.X509, &out.X509, s); err != nil {
+		return err
+	}
+	if err := Convert_kubeletconfig_KubeletWebhookAuthentication_To_v1beta1_KubeletWebhookAuthentication(&in.Webhook, &out.Webhook, s); err != nil {
+		return err
+	}
+	if err := Convert_kubeletconfig_KubeletAnonymousAuthentication_To_v1beta1_KubeletAnonymousAuthentication(&in.Anonymous, &out.Anonymous, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_kubeletconfig_KubeletAuthentication_To_v1beta1_KubeletAuthentication is an autogenerated conversion function.
+func Convert_kubeletconfig_KubeletAuthentication_To_v1beta1_KubeletAuthentication(in *kubeletconfig.KubeletAuthentication, out *KubeletAuthentication, s conversion.Scope) error {
+	return autoConvert_kubeletconfig_KubeletAuthentication_To_v1beta1_KubeletAuthentication(in, out, s)
+}
+
+func autoConvert_v1beta1_KubeletAuthorization_To_kubeletconfig_KubeletAuthorization(in *KubeletAuthorization, out *kubeletconfig.KubeletAuthorization, s conversion.Scope) error {
+	out.Mode = kubeletconfig.KubeletAuthorizationMode(in.Mode)
+	if err := Convert_v1beta1_KubeletWebhookAuthorization_To_kubeletconfig_KubeletWebhookAuthorization(&in.Webhook, &out.Webhook, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_v1beta1_KubeletAuthorization_To_kubeletconfig_KubeletAuthorization is an autogenerated conversion function.
+func Convert_v1beta1_KubeletAuthorization_To_kubeletconfig_KubeletAuthorization(in *KubeletAuthorization, out *kubeletconfig.KubeletAuthorization, s conversion.Scope) error {
+	return autoConvert_v1beta1_KubeletAuthorization_To_kubeletconfig_KubeletAuthorization(in, out, s)
+}
+
+func autoConvert_kubeletconfig_KubeletAuthorization_To_v1beta1_KubeletAuthorization(in *kubeletconfig.KubeletAuthorization, out *KubeletAuthorization, s conversion.Scope) error {
+	out.Mode = KubeletAuthorizationMode(in.Mode)
+	if err := Convert_kubeletconfig_KubeletWebhookAuthorization_To_v1beta1_KubeletWebhookAuthorization(&in.Webhook, &out.Webhook, s); err != nil {
+		return err
+	}
+	return nil
+}
+
+// Convert_kubeletconfig_KubeletAuthorization_To_v1beta1_KubeletAuthorization is an autogenerated conversion function.
+func Convert_kubeletconfig_KubeletAuthorization_To_v1beta1_KubeletAuthorization(in *kubeletconfig.KubeletAuthorization, out *KubeletAuthorization, s conversion.Scope) error {
+	return autoConvert_kubeletconfig_KubeletAuthorization_To_v1beta1_KubeletAuthorization(in, out, s)
+}
+
+func autoConvert_v1beta1_KubeletConfiguration_To_kubeletconfig_KubeletConfiguration(in *KubeletConfiguration, out *kubeletconfig.KubeletConfiguration, s conversion.Scope) error {
+	out.StaticPodPath = in.StaticPodPath
+	out.SyncFrequency = in.SyncFrequency
+	out.FileCheckFrequency = in.FileCheckFrequency
+	out.HTTPCheckFrequency = in.HTTPCheckFrequency
+	out.StaticPodURL = in.StaticPodURL
+	out.StaticPodURLHeader = *(*map[string][]string)(unsafe.Pointer(&in.StaticPodURLHeader))
+	out.Address = in.Address
+	out.Port = in.Port
+	out.ReadOnlyPort = in.ReadOnlyPort
+	out.TLSCertFile = in.TLSCertFile
+	out.TLSPrivateKeyFile = in.TLSPrivateKeyFile
+	out.TLSCipherSuites = *(*[]string)(unsafe.Pointer(&in.TLSCipherSuites))
+	out.TLSMinVersion = in.TLSMinVersion
+	if err := Convert_v1beta1_KubeletAuthentication_To_kubeletconfig_KubeletAuthentication(&in.Authentication, &out.Authentication, s); err != nil {
+		return err
+	}
+	if err := Convert_v1beta1_KubeletAuthorization_To_kubeletconfig_KubeletAuthorization(&in.Authorization, &out.Authorization, s); err != nil {
+		return err
+	}
+	if err := v1.Convert_Pointer_int32_To_int32(&in.RegistryPullQPS, &out.RegistryPullQPS, s); err != nil {
+		return err
+	}
+	out.RegistryBurst = in.RegistryBurst
+	if err := v1.Convert_Pointer_int32_To_int32(&in.EventRecordQPS, &out.EventRecordQPS, s); err != nil {
+		return err
+	}
+	out.EventBurst = in.EventBurst
+	if err := v1.Convert_Pointer_bool_To_bool(&in.EnableDebuggingHandlers, &out.EnableDebuggingHandlers, s); err != nil {
+		return err
+	}
+	out.EnableContentionProfiling = in.EnableContentionProfiling
+	if err := v1.Convert_Pointer_int32_To_int32(&in.HealthzPort, &out.HealthzPort, s); err != nil {
+		return err
+	}
+	out.HealthzBindAddress = in.HealthzBindAddress
+	if err := v1.Convert_Pointer_int32_To_int32(&in.OOMScoreAdj, &out.OOMScoreAdj, s); err != nil {
+		return err
+	}
+	out.ClusterDomain = in.ClusterDomain
+	out.ClusterDNS = *(*[]string)(unsafe.Pointer(&in.ClusterDNS))
+	out.StreamingConnectionIdleTimeout = in.StreamingConnectionIdleTimeout
+	out.NodeStatusUpdateFrequency = in.NodeStatusUpdateFrequency
+	out.ImageMinimumGCAge = in.ImageMinimumGCAge
+	if err := v1.Convert_Pointer_int32_To_int32(&in.ImageGCHighThresholdPercent, &out.ImageGCHighThresholdPercent, s); err != nil {
+		return err
+	}
+	if err := v1.Convert_Pointer_int32_To_int32(&in.ImageGCLowThresholdPercent, &out.ImageGCLowThresholdPercent, s); err != nil {
+		return err
+	}
+	out.VolumeStatsAggPeriod = in.VolumeStatsAggPeriod
+	out.KubeletCgroups = in.KubeletCgroups
+	out.SystemCgroups = in.SystemCgroups
+	out.CgroupRoot = in.CgroupRoot
+	if err := v1.Convert_Pointer_bool_To_bool(&in.CgroupsPerQOS, &out.CgroupsPerQOS, s); err != nil {
+		return err
+	}
+	out.CgroupDriver = in.CgroupDriver
+	out.CPUManagerPolicy = in.CPUManagerPolicy
+	out.CPUManagerReconcilePeriod = in.CPUManagerReconcilePeriod
+	out.RuntimeRequestTimeout = in.RuntimeRequestTimeout
+	out.HairpinMode = in.HairpinMode
+	out.MaxPods = in.MaxPods
+	out.PodCIDR = in.PodCIDR
+	if err := v1.Convert_Pointer_int64_To_int64(&in.PodPidsLimit, &out.PodPidsLimit, s); err != nil {
+		return err
+	}
+	out.ResolverConfig = in.ResolverConfig
+	if err := v1.Convert_Pointer_bool_To_bool(&in.CPUCFSQuota, &out.CPUCFSQuota, s); err != nil {
+		return err
+	}
+	out.MaxOpenFiles = in.MaxOpenFiles
+	out.ContentType = in.ContentType
+	if err := v1.Convert_Pointer_int32_To_int32(&in.KubeAPIQPS, &out.KubeAPIQPS, s); err != nil {
+		return err
+	}
+	out.KubeAPIBurst = in.KubeAPIBurst
+	if err := v1.Convert_Pointer_bool_To_bool(&in.SerializeImagePulls, &out.SerializeImagePulls, s); err != nil {
+		return err
+	}
+	out.EvictionHard = *(*map[string]string)(unsafe.Pointer(&in.EvictionHard))
+	out.EvictionSoft = *(*map[string]string)(unsafe.Pointer(&in.EvictionSoft))
+	out.EvictionSoftGracePeriod = *(*map[string]string)(unsafe.Pointer(&in.EvictionSoftGracePeriod))
+	out.EvictionPressureTransitionPeriod = in.EvictionPressureTransitionPeriod
+	out.EvictionMaxPodGracePeriod = in.EvictionMaxPodGracePeriod
+	out.EvictionMinimumReclaim = *(*map[string]string)(unsafe.Pointer(&in.EvictionMinimumReclaim))
+	out.PodsPerCore = in.PodsPerCore
+	if err := v1.Convert_Pointer_bool_To_bool(&in.EnableControllerAttachDetach, &out.EnableControllerAttachDetach, s); err != nil {
+		return err
+	}
+	out.ProtectKernelDefaults = in.ProtectKernelDefaults
+	if err := v1.Convert_Pointer_bool_To_bool(&in.MakeIPTablesUtilChains, &out.MakeIPTablesUtilChains, s); err != nil {
+		return err
+	}
+	if err := v1.Convert_Pointer_int32_To_int32(&in.IPTablesMasqueradeBit, &out.IPTablesMasqueradeBit, s); err != nil {
+		return err
+	}
+	if err := v1.Convert_Pointer_int32_To_int32(&in.IPTablesDropBit, &out.IPTablesDropBit, s); err != nil {
+		return err
+	}
+	out.FeatureGates = *(*map[string]bool)(unsafe.Pointer(&in.FeatureGates))
+	if err := v1.Convert_Pointer_bool_To_bool(&in.FailSwapOn, &out.FailSwapOn, s); err != nil {
+		return err
+	}
+	out.ContainerLogMaxSize = in.ContainerLogMaxSize
+	if err := v1.Convert_Pointer_int32_To_int32(&in.ContainerLogMaxFiles, &out.ContainerLogMaxFiles, s); err != nil {
+		return err
+	}
+	out.SystemReserved = *(*map[string]string)(unsafe.Pointer(&in.SystemReserved))
+	out.KubeReserved = *(*map[string]string)(unsafe.Pointer(&in.KubeReserved))
+	out.SystemReservedCgroup = in.SystemReservedCgroup
+	out.KubeReservedCgroup = in.KubeReservedCgroup
+	out.EnforceNodeAllocatable = *(*[]string)(unsafe.Pointer(&in.EnforceNodeAllocatable))
+	return nil
+}
+
+// Convert_v1beta1_KubeletConfiguration_To_kubeletconfig_KubeletConfiguration is an autogenerated conversion function.
+func Convert_v1beta1_KubeletConfiguration_To_kubeletconfig_KubeletConfiguration(in *KubeletConfiguration, out *kubeletconfig.KubeletConfiguration, s conversion.Scope) error {
+	return autoConvert_v1beta1_KubeletConfiguration_To_kubeletconfig_KubeletConfiguration(in, out, s)
+}
+
+func autoConvert_kubeletconfig_KubeletConfiguration_To_v1beta1_KubeletConfiguration(in *kubeletconfig.KubeletConfiguration, out *KubeletConfiguration, s conversion.Scope) error {
+	out.StaticPodPath = in.StaticPodPath
+	out.SyncFrequency = in.SyncFrequency
+	out.FileCheckFrequency = in.FileCheckFrequency
+	out.HTTPCheckFrequency = in.HTTPCheckFrequency
+	out.StaticPodURL = in.StaticPodURL
+	out.StaticPodURLHeader = *(*map[string][]string)(unsafe.Pointer(&in.StaticPodURLHeader))
+	out.Address = in.Address
+	out.Port = in.Port
+	out.ReadOnlyPort = in.ReadOnlyPort
+	out.TLSCertFile = in.TLSCertFile
+	out.TLSPrivateKeyFile = in.TLSPrivateKeyFile
+	out.TLSCipherSuites = *(*[]string)(unsafe.Pointer(&in.TLSCipherSuites))
+	out.TLSMinVersion = in.TLSMinVersion
+	if err := Convert_kubeletconfig_KubeletAuthentication_To_v1beta1_KubeletAuthentication(&in.Authentication, &out.Authentication, s); err != nil {
+		return err
+	}
+	if err := Convert_kubeletconfig_KubeletAuthorization_To_v1beta1_KubeletAuthorization(&in.Authorization, &out.Authorization, s); err != nil {
+		return err
+	}
+	if err := v1.Convert_int32_To_Pointer_int32(&in.RegistryPullQPS, &out.RegistryPullQPS, s); err != nil {
+		return err
+	}
+	out.RegistryBurst = in.RegistryBurst
+	if err := v1.Convert_int32_To_Pointer_int32(&in.EventRecordQPS, &out.EventRecordQPS, s); err != nil {
+		return err
+	}
+	out.EventBurst = in.EventBurst
+	if err := v1.Convert_bool_To_Pointer_bool(&in.EnableDebuggingHandlers, &out.EnableDebuggingHandlers, s); err != nil {
+		return err
+	}
+	out.EnableContentionProfiling = in.EnableContentionProfiling
+	if err := v1.Convert_int32_To_Pointer_int32(&in.HealthzPort, &out.HealthzPort, s); err != nil {
+		return err
+	}
+	out.HealthzBindAddress = in.HealthzBindAddress
+	if err := v1.Convert_int32_To_Pointer_int32(&in.OOMScoreAdj, &out.OOMScoreAdj, s); err != nil {
+		return err
+	}
+	out.ClusterDomain = in.ClusterDomain
+	out.ClusterDNS = *(*[]string)(unsafe.Pointer(&in.ClusterDNS))
+	out.StreamingConnectionIdleTimeout = in.StreamingConnectionIdleTimeout
+	out.NodeStatusUpdateFrequency = in.NodeStatusUpdateFrequency
+	out.ImageMinimumGCAge = in.ImageMinimumGCAge
+	if err := v1.Convert_int32_To_Pointer_int32(&in.ImageGCHighThresholdPercent, &out.ImageGCHighThresholdPercent, s); err != nil {
+		return err
+	}
+	if err := v1.Convert_int32_To_Pointer_int32(&in.ImageGCLowThresholdPercent, &out.ImageGCLowThresholdPercent, s); err != nil {
+		return err
+	}
+	out.VolumeStatsAggPeriod = in.VolumeStatsAggPeriod
+	out.KubeletCgroups = in.KubeletCgroups
+	out.SystemCgroups = in.SystemCgroups
+	out.CgroupRoot = in.CgroupRoot
+	if err := v1.Convert_bool_To_Pointer_bool(&in.CgroupsPerQOS, &out.CgroupsPerQOS, s); err != nil {
+		return err
+	}
+	out.CgroupDriver = in.CgroupDriver
+	out.CPUManagerPolicy = in.CPUManagerPolicy
+	out.CPUManagerReconcilePeriod = in.CPUManagerReconcilePeriod
+	out.RuntimeRequestTimeout = in.RuntimeRequestTimeout
+	out.HairpinMode = in.HairpinMode
+	out.MaxPods = in.MaxPods
+	out.PodCIDR = in.PodCIDR
+	if err := v1.Convert_int64_To_Pointer_int64(&in.PodPidsLimit, &out.PodPidsLimit, s); err != nil {
+		return err
+	}
+	out.ResolverConfig = in.ResolverConfig
+	if err := v1.Convert_bool_To_Pointer_bool(&in.CPUCFSQuota, &out.CPUCFSQuota, s); err != nil {
+		return err
+	}
+	out.MaxOpenFiles = in.MaxOpenFiles
+	out.ContentType = in.ContentType
+	if err := v1.Convert_int32_To_Pointer_int32(&in.KubeAPIQPS, &out.KubeAPIQPS, s); err != nil {
+		return err
+	}
+	out.KubeAPIBurst = in.KubeAPIBurst
+	if err := v1.Convert_bool_To_Pointer_bool(&in.SerializeImagePulls, &out.SerializeImagePulls, s); err != nil {
+		return err
+	}
+	out.EvictionHard = *(*map[string]string)(unsafe.Pointer(&in.EvictionHard))
+	out.EvictionSoft = *(*map[string]string)(unsafe.Pointer(&in.EvictionSoft))
+	out.EvictionSoftGracePeriod = *(*map[string]string)(unsafe.Pointer(&in.EvictionSoftGracePeriod))
+	out.EvictionPressureTransitionPeriod = in.EvictionPressureTransitionPeriod
+	out.EvictionMaxPodGracePeriod = in.EvictionMaxPodGracePeriod
+	out.EvictionMinimumReclaim = *(*map[string]string)(unsafe.Pointer(&in.EvictionMinimumReclaim))
+	out.PodsPerCore = in.PodsPerCore
+	if err := v1.Convert_bool_To_Pointer_bool(&in.EnableControllerAttachDetach, &out.EnableControllerAttachDetach, s); err != nil {
+		return err
+	}
+	out.ProtectKernelDefaults = in.ProtectKernelDefaults
+	if err := v1.Convert_bool_To_Pointer_bool(&in.MakeIPTablesUtilChains, &out.MakeIPTablesUtilChains, s); err != nil {
+		return err
+	}
+	if err := v1.Convert_int32_To_Pointer_int32(&in.IPTablesMasqueradeBit, &out.IPTablesMasqueradeBit, s); err != nil {
+		return err
+	}
+	if err := v1.Convert_int32_To_Pointer_int32(&in.IPTablesDropBit, &out.IPTablesDropBit, s); err != nil {
+		return err
+	}
+	out.FeatureGates = *(*map[string]bool)(unsafe.Pointer(&in.FeatureGates))
+	if err := v1.Convert_bool_To_Pointer_bool(&in.FailSwapOn, &out.FailSwapOn, s); err != nil {
+		return err
+	}
+	out.ContainerLogMaxSize = in.ContainerLogMaxSize
+	if err := v1.Convert_int32_To_Pointer_int32(&in.ContainerLogMaxFiles, &out.ContainerLogMaxFiles, s); err != nil {
+		return err
+	}
+	out.SystemReserved = *(*map[string]string)(unsafe.Pointer(&in.SystemReserved))
+	out.KubeReserved = *(*map[string]string)(unsafe.Pointer(&in.KubeReserved))
+	out.SystemReservedCgroup = in.SystemReservedCgroup
+	out.KubeReservedCgroup = in.KubeReservedCgroup
+	out.EnforceNodeAllocatable = *(*[]string)(unsafe.Pointer(&in.EnforceNodeAllocatable))
+	return nil
+}
+
+// Convert_kubeletconfig_KubeletConfiguration_To_v1beta1_KubeletConfiguration is an autogenerated conversion function.
+func Convert_kubeletconfig_KubeletConfiguration_To_v1beta1_KubeletConfiguration(in *kubeletconfig.KubeletConfiguration, out *KubeletConfiguration, s conversion.Scope) error {
+	return autoConvert_kubeletconfig_KubeletConfiguration_To_v1beta1_KubeletConfiguration(in, out, s)
+}
+
+func autoConvert_v1beta1_KubeletWebhookAuthentication_To_kubeletconfig_KubeletWebhookAuthentication(in *KubeletWebhookAuthentication, out *kubeletconfig.KubeletWebhookAuthentication, s conversion.Scope) error {
+	if err := v1.Convert_Pointer_bool_To_bool(&in.Enabled, &out.Enabled, s); err != nil {
+		return err
+	}
+	out.CacheTTL = in.CacheTTL
+	return nil
+}
+
+// Convert_v1beta1_KubeletWebhookAuthentication_To_kubeletconfig_KubeletWebhookAuthentication is an autogenerated conversion function.
+func Convert_v1beta1_KubeletWebhookAuthentication_To_kubeletconfig_KubeletWebhookAuthentication(in *KubeletWebhookAuthentication, out *kubeletconfig.KubeletWebhookAuthentication, s conversion.Scope) error {
+	return autoConvert_v1beta1_KubeletWebhookAuthentication_To_kubeletconfig_KubeletWebhookAuthentication(in, out, s)
+}
+
+func autoConvert_kubeletconfig_KubeletWebhookAuthentication_To_v1beta1_KubeletWebhookAuthentication(in *kubeletconfig.KubeletWebhookAuthentication, out *KubeletWebhookAuthentication, s conversion.Scope) error {
+	if err := v1.Convert_bool_To_Pointer_bool(&in.Enabled, &out.Enabled, s); err != nil {
+		return err
+	}
+	out.CacheTTL = in.CacheTTL
+	return nil
+}
+
+// Convert_kubeletconfig_KubeletWebhookAuthentication_To_v1beta1_KubeletWebhookAuthentication is an autogenerated conversion function.
+func Convert_kubeletconfig_KubeletWebhookAuthentication_To_v1beta1_KubeletWebhookAuthentication(in *kubeletconfig.KubeletWebhookAuthentication, out *KubeletWebhookAuthentication, s conversion.Scope) error {
+	return autoConvert_kubeletconfig_KubeletWebhookAuthentication_To_v1beta1_KubeletWebhookAuthentication(in, out, s)
+}
+
+func autoConvert_v1beta1_KubeletWebhookAuthorization_To_kubeletconfig_KubeletWebhookAuthorization(in *KubeletWebhookAuthorization, out *kubeletconfig.KubeletWebhookAuthorization, s conversion.Scope) error {
+	out.CacheAuthorizedTTL = in.CacheAuthorizedTTL
+	out.CacheUnauthorizedTTL = in.CacheUnauthorizedTTL
+	return nil
+}
+
+// Convert_v1beta1_KubeletWebhookAuthorization_To_kubeletconfig_KubeletWebhookAuthorization is an autogenerated conversion function.
+func Convert_v1beta1_KubeletWebhookAuthorization_To_kubeletconfig_KubeletWebhookAuthorization(in *KubeletWebhookAuthorization, out *kubeletconfig.KubeletWebhookAuthorization, s conversion.Scope) error {
+	return autoConvert_v1beta1_KubeletWebhookAuthorization_To_kubeletconfig_KubeletWebhookAuthorization(in, out, s)
+}
+
+func autoConvert_kubeletconfig_KubeletWebhookAuthorization_To_v1beta1_KubeletWebhookAuthorization(in *kubeletconfig.KubeletWebhookAuthorization, out *KubeletWebhookAuthorization, s conversion.Scope) error {
+	out.CacheAuthorizedTTL = in.CacheAuthorizedTTL
+	out.CacheUnauthorizedTTL = in.CacheUnauthorizedTTL
+	return nil
+}
+
+// Convert_kubeletconfig_KubeletWebhookAuthorization_To_v1beta1_KubeletWebhookAuthorization is an autogenerated conversion function.
+func Convert_kubeletconfig_KubeletWebhookAuthorization_To_v1beta1_KubeletWebhookAuthorization(in *kubeletconfig.KubeletWebhookAuthorization, out *KubeletWebhookAuthorization, s conversion.Scope) error {
+	return autoConvert_kubeletconfig_KubeletWebhookAuthorization_To_v1beta1_KubeletWebhookAuthorization(in, out, s)
+}
+
+func autoConvert_v1beta1_KubeletX509Authentication_To_kubeletconfig_KubeletX509Authentication(in *KubeletX509Authentication, out *kubeletconfig.KubeletX509Authentication, s conversion.Scope) error {
+	out.ClientCAFile = in.ClientCAFile
+	return nil
+}
+
+// Convert_v1beta1_KubeletX509Authentication_To_kubeletconfig_KubeletX509Authentication is an autogenerated conversion function.
+func Convert_v1beta1_KubeletX509Authentication_To_kubeletconfig_KubeletX509Authentication(in *KubeletX509Authentication, out *kubeletconfig.KubeletX509Authentication, s conversion.Scope) error {
+	return autoConvert_v1beta1_KubeletX509Authentication_To_kubeletconfig_KubeletX509Authentication(in, out, s)
+}
+
+func autoConvert_kubeletconfig_KubeletX509Authentication_To_v1beta1_KubeletX509Authentication(in *kubeletconfig.KubeletX509Authentication, out *KubeletX509Authentication, s conversion.Scope) error {
+	out.ClientCAFile = in.ClientCAFile
+	return nil
+}
+
+// Convert_kubeletconfig_KubeletX509Authentication_To_v1beta1_KubeletX509Authentication is an autogenerated conversion function.
+func Convert_kubeletconfig_KubeletX509Authentication_To_v1beta1_KubeletX509Authentication(in *kubeletconfig.KubeletX509Authentication, out *KubeletX509Authentication, s conversion.Scope) error {
+	return autoConvert_kubeletconfig_KubeletX509Authentication_To_v1beta1_KubeletX509Authentication(in, out, s)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/zz_generated.deepcopy.go
similarity index 89%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/zz_generated.deepcopy.go
rename to vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/zz_generated.deepcopy.go
index 123cee3f73cb..296850b3b507 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/zz_generated.deepcopy.go
@@ -16,12 +16,11 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
-package v1alpha1
+package v1beta1
 
 import (
-	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
 
@@ -90,20 +89,11 @@ func (in *KubeletAuthorization) DeepCopy() *KubeletAuthorization {
 func (in *KubeletConfiguration) DeepCopyInto(out *KubeletConfiguration) {
 	*out = *in
 	out.TypeMeta = in.TypeMeta
-	if in.ConfigTrialDuration != nil {
-		in, out := &in.ConfigTrialDuration, &out.ConfigTrialDuration
-		if *in == nil {
-			*out = nil
-		} else {
-			*out = new(v1.Duration)
-			**out = **in
-		}
-	}
 	out.SyncFrequency = in.SyncFrequency
 	out.FileCheckFrequency = in.FileCheckFrequency
 	out.HTTPCheckFrequency = in.HTTPCheckFrequency
-	if in.ManifestURLHeader != nil {
-		in, out := &in.ManifestURLHeader, &out.ManifestURLHeader
+	if in.StaticPodURLHeader != nil {
+		in, out := &in.StaticPodURLHeader, &out.StaticPodURLHeader
 		*out = make(map[string][]string, len(*in))
 		for key, val := range *in {
 			if val == nil {
@@ -114,50 +104,13 @@ func (in *KubeletConfiguration) DeepCopyInto(out *KubeletConfiguration) {
 			}
 		}
 	}
-	if in.EnableServer != nil {
-		in, out := &in.EnableServer, &out.EnableServer
-		if *in == nil {
-			*out = nil
-		} else {
-			*out = new(bool)
-			**out = **in
-		}
-	}
-	if in.ReadOnlyPort != nil {
-		in, out := &in.ReadOnlyPort, &out.ReadOnlyPort
-		if *in == nil {
-			*out = nil
-		} else {
-			*out = new(int32)
-			**out = **in
-		}
-	}
-	in.Authentication.DeepCopyInto(&out.Authentication)
-	out.Authorization = in.Authorization
-	if in.AllowPrivileged != nil {
-		in, out := &in.AllowPrivileged, &out.AllowPrivileged
-		if *in == nil {
-			*out = nil
-		} else {
-			*out = new(bool)
-			**out = **in
-		}
-	}
-	if in.HostNetworkSources != nil {
-		in, out := &in.HostNetworkSources, &out.HostNetworkSources
-		*out = make([]string, len(*in))
-		copy(*out, *in)
-	}
-	if in.HostPIDSources != nil {
-		in, out := &in.HostPIDSources, &out.HostPIDSources
-		*out = make([]string, len(*in))
-		copy(*out, *in)
-	}
-	if in.HostIPCSources != nil {
-		in, out := &in.HostIPCSources, &out.HostIPCSources
+	if in.TLSCipherSuites != nil {
+		in, out := &in.TLSCipherSuites, &out.TLSCipherSuites
 		*out = make([]string, len(*in))
 		copy(*out, *in)
 	}
+	in.Authentication.DeepCopyInto(&out.Authentication)
+	out.Authorization = in.Authorization
 	if in.RegistryPullQPS != nil {
 		in, out := &in.RegistryPullQPS, &out.RegistryPullQPS
 		if *in == nil {
@@ -185,15 +138,6 @@ func (in *KubeletConfiguration) DeepCopyInto(out *KubeletConfiguration) {
 			**out = **in
 		}
 	}
-	if in.CAdvisorPort != nil {
-		in, out := &in.CAdvisorPort, &out.CAdvisorPort
-		if *in == nil {
-			*out = nil
-		} else {
-			*out = new(int32)
-			**out = **in
-		}
-	}
 	if in.HealthzPort != nil {
 		in, out := &in.HealthzPort, &out.HealthzPort
 		if *in == nil {
@@ -250,6 +194,15 @@ func (in *KubeletConfiguration) DeepCopyInto(out *KubeletConfiguration) {
 	}
 	out.CPUManagerReconcilePeriod = in.CPUManagerReconcilePeriod
 	out.RuntimeRequestTimeout = in.RuntimeRequestTimeout
+	if in.PodPidsLimit != nil {
+		in, out := &in.PodPidsLimit, &out.PodPidsLimit
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(int64)
+			**out = **in
+		}
+	}
 	if in.CPUCFSQuota != nil {
 		in, out := &in.CPUCFSQuota, &out.CPUCFSQuota
 		if *in == nil {
@@ -349,6 +302,24 @@ func (in *KubeletConfiguration) DeepCopyInto(out *KubeletConfiguration) {
 			(*out)[key] = val
 		}
 	}
+	if in.FailSwapOn != nil {
+		in, out := &in.FailSwapOn, &out.FailSwapOn
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(bool)
+			**out = **in
+		}
+	}
+	if in.ContainerLogMaxFiles != nil {
+		in, out := &in.ContainerLogMaxFiles, &out.ContainerLogMaxFiles
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(int32)
+			**out = **in
+		}
+	}
 	if in.SystemReserved != nil {
 		in, out := &in.SystemReserved, &out.SystemReserved
 		*out = make(map[string]string, len(*in))
@@ -385,9 +356,8 @@ func (in *KubeletConfiguration) DeepCopy() *KubeletConfiguration {
 func (in *KubeletConfiguration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/zz_generated.defaults.go
similarity index 92%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/zz_generated.defaults.go
rename to vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/zz_generated.defaults.go
index 739dadbd6061..0d6d832b1cce 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1beta1/zz_generated.defaults.go
@@ -16,9 +16,9 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
-package v1alpha1
+package v1beta1
 
 import (
 	runtime "k8s.io/apimachinery/pkg/runtime"
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/validation/BUILD
index 7383b8a0c225..18fbe0afdf8a 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/validation/BUILD
@@ -12,7 +12,7 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/validation",
     deps = [
         "//pkg/kubelet/apis/kubeletconfig:go_default_library",
-        "//pkg/kubelet/cm:go_default_library",
+        "//pkg/kubelet/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/validation:go_default_library",
     ],
@@ -34,8 +34,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/apis/kubeletconfig:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/validation/validation.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/validation/validation.go
index f0b243081bb0..3f3e354be82c 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/validation/validation.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/validation/validation.go
@@ -22,7 +22,7 @@ import (
 	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 	utilvalidation "k8s.io/apimachinery/pkg/util/validation"
 	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
-	containermanager "k8s.io/kubernetes/pkg/kubelet/cm"
+	kubetypes "k8s.io/kubernetes/pkg/kubelet/types"
 )
 
 // ValidateKubeletConfiguration validates `kc` and returns an error if it is invalid
@@ -30,75 +30,83 @@ func ValidateKubeletConfiguration(kc *kubeletconfig.KubeletConfiguration) error
 	allErrors := []error{}
 
 	if !kc.CgroupsPerQOS && len(kc.EnforceNodeAllocatable) > 0 {
-		allErrors = append(allErrors, fmt.Errorf("EnforceNodeAllocatable (--enforce-node-allocatable) is not supported unless CgroupsPerQOS (--cgroups-per-qos) feature is turned on"))
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: EnforceNodeAllocatable (--enforce-node-allocatable) is not supported unless CgroupsPerQOS (--cgroups-per-qos) feature is turned on"))
 	}
 	if kc.SystemCgroups != "" && kc.CgroupRoot == "" {
-		allErrors = append(allErrors, fmt.Errorf("Invalid configuration: SystemCgroups (--system-cgroups) was specified and CgroupRoot (--cgroup-root) was not specified"))
-	}
-	if kc.CAdvisorPort != 0 && utilvalidation.IsValidPortNum(int(kc.CAdvisorPort)) != nil {
-		allErrors = append(allErrors, fmt.Errorf("Invalid configuration: CAdvisorPort (--cadvisor-port) %v must be between 0 and 65535, inclusive", kc.CAdvisorPort))
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: SystemCgroups (--system-cgroups) was specified and CgroupRoot (--cgroup-root) was not specified"))
 	}
 	if kc.EventBurst < 0 {
-		allErrors = append(allErrors, fmt.Errorf("Invalid configuration: EventBurst (--event-burst) %v must not be a negative number", kc.EventBurst))
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: EventBurst (--event-burst) %v must not be a negative number", kc.EventBurst))
 	}
 	if kc.EventRecordQPS < 0 {
-		allErrors = append(allErrors, fmt.Errorf("Invalid configuration: EventRecordQPS (--event-qps) %v must not be a negative number", kc.EventRecordQPS))
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: EventRecordQPS (--event-qps) %v must not be a negative number", kc.EventRecordQPS))
 	}
 	if kc.HealthzPort != 0 && utilvalidation.IsValidPortNum(int(kc.HealthzPort)) != nil {
-		allErrors = append(allErrors, fmt.Errorf("Invalid configuration: HealthzPort (--healthz-port) %v must be between 1 and 65535, inclusive", kc.HealthzPort))
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: HealthzPort (--healthz-port) %v must be between 1 and 65535, inclusive", kc.HealthzPort))
 	}
 	if utilvalidation.IsInRange(int(kc.ImageGCHighThresholdPercent), 0, 100) != nil {
-		allErrors = append(allErrors, fmt.Errorf("Invalid configuration: ImageGCHighThresholdPercent (--image-gc-high-threshold) %v must be between 0 and 100, inclusive", kc.ImageGCHighThresholdPercent))
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: ImageGCHighThresholdPercent (--image-gc-high-threshold) %v must be between 0 and 100, inclusive", kc.ImageGCHighThresholdPercent))
 	}
 	if utilvalidation.IsInRange(int(kc.ImageGCLowThresholdPercent), 0, 100) != nil {
-		allErrors = append(allErrors, fmt.Errorf("Invalid configuration: ImageGCLowThresholdPercent (--image-gc-low-threshold) %v must be between 0 and 100, inclusive", kc.ImageGCLowThresholdPercent))
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: ImageGCLowThresholdPercent (--image-gc-low-threshold) %v must be between 0 and 100, inclusive", kc.ImageGCLowThresholdPercent))
 	}
 	if utilvalidation.IsInRange(int(kc.IPTablesDropBit), 0, 31) != nil {
-		allErrors = append(allErrors, fmt.Errorf("Invalid configuration: IPTablesDropBit (--iptables-drop-bit) %v must be between 0 and 31, inclusive", kc.IPTablesDropBit))
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: IPTablesDropBit (--iptables-drop-bit) %v must be between 0 and 31, inclusive", kc.IPTablesDropBit))
 	}
 	if utilvalidation.IsInRange(int(kc.IPTablesMasqueradeBit), 0, 31) != nil {
-		allErrors = append(allErrors, fmt.Errorf("Invalid configuration: IPTablesMasqueradeBit (--iptables-masquerade-bit) %v must be between 0 and 31, inclusive", kc.IPTablesMasqueradeBit))
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: IPTablesMasqueradeBit (--iptables-masquerade-bit) %v must be between 0 and 31, inclusive", kc.IPTablesMasqueradeBit))
 	}
 	if kc.KubeAPIBurst < 0 {
-		allErrors = append(allErrors, fmt.Errorf("Invalid configuration: KubeAPIBurst (--kube-api-burst) %v must not be a negative number", kc.KubeAPIBurst))
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: KubeAPIBurst (--kube-api-burst) %v must not be a negative number", kc.KubeAPIBurst))
 	}
 	if kc.KubeAPIQPS < 0 {
-		allErrors = append(allErrors, fmt.Errorf("Invalid configuration: KubeAPIQPS (--kube-api-qps) %v must not be a negative number", kc.KubeAPIQPS))
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: KubeAPIQPS (--kube-api-qps) %v must not be a negative number", kc.KubeAPIQPS))
 	}
 	if kc.MaxOpenFiles < 0 {
-		allErrors = append(allErrors, fmt.Errorf("Invalid configuration: MaxOpenFiles (--max-open-files) %v must not be a negative number", kc.MaxOpenFiles))
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: MaxOpenFiles (--max-open-files) %v must not be a negative number", kc.MaxOpenFiles))
 	}
 	if kc.MaxPods < 0 {
-		allErrors = append(allErrors, fmt.Errorf("Invalid configuration: MaxPods (--max-pods) %v must not be a negative number", kc.MaxPods))
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: MaxPods (--max-pods) %v must not be a negative number", kc.MaxPods))
 	}
 	if utilvalidation.IsInRange(int(kc.OOMScoreAdj), -1000, 1000) != nil {
-		allErrors = append(allErrors, fmt.Errorf("Invalid configuration: OOMScoreAdj (--oom-score-adj) %v must be between -1000 and 1000, inclusive", kc.OOMScoreAdj))
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: OOMScoreAdj (--oom-score-adj) %v must be between -1000 and 1000, inclusive", kc.OOMScoreAdj))
 	}
 	if kc.PodsPerCore < 0 {
-		allErrors = append(allErrors, fmt.Errorf("Invalid configuration: PodsPerCore (--pods-per-core) %v must not be a negative number", kc.PodsPerCore))
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: PodsPerCore (--pods-per-core) %v must not be a negative number", kc.PodsPerCore))
 	}
 	if utilvalidation.IsValidPortNum(int(kc.Port)) != nil {
-		allErrors = append(allErrors, fmt.Errorf("Invalid configuration: Port (--port) %v must be between 1 and 65535, inclusive", kc.Port))
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: Port (--port) %v must be between 1 and 65535, inclusive", kc.Port))
 	}
 	if kc.ReadOnlyPort != 0 && utilvalidation.IsValidPortNum(int(kc.ReadOnlyPort)) != nil {
-		allErrors = append(allErrors, fmt.Errorf("Invalid configuration: ReadOnlyPort (--read-only-port) %v must be between 0 and 65535, inclusive", kc.ReadOnlyPort))
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: ReadOnlyPort (--read-only-port) %v must be between 0 and 65535, inclusive", kc.ReadOnlyPort))
 	}
 	if kc.RegistryBurst < 0 {
-		allErrors = append(allErrors, fmt.Errorf("Invalid configuration: RegistryBurst (--registry-burst) %v must not be a negative number", kc.RegistryBurst))
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: RegistryBurst (--registry-burst) %v must not be a negative number", kc.RegistryBurst))
 	}
 	if kc.RegistryPullQPS < 0 {
-		allErrors = append(allErrors, fmt.Errorf("Invalid configuration: RegistryPullQPS (--registry-qps) %v must not be a negative number", kc.RegistryPullQPS))
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: RegistryPullQPS (--registry-qps) %v must not be a negative number", kc.RegistryPullQPS))
 	}
 	for _, val := range kc.EnforceNodeAllocatable {
 		switch val {
-		case containermanager.NodeAllocatableEnforcementKey:
-		case containermanager.SystemReservedEnforcementKey:
-		case containermanager.KubeReservedEnforcementKey:
-			continue
+		case kubetypes.NodeAllocatableEnforcementKey:
+		case kubetypes.SystemReservedEnforcementKey:
+		case kubetypes.KubeReservedEnforcementKey:
+		case kubetypes.NodeAllocatableNoneKey:
+			if len(kc.EnforceNodeAllocatable) > 1 {
+				allErrors = append(allErrors, fmt.Errorf("invalid configuration: EnforceNodeAllocatable (--enforce-node-allocatable) may not contain additional enforcements when '%s' is specified", kubetypes.NodeAllocatableNoneKey))
+			}
 		default:
-			allErrors = append(allErrors, fmt.Errorf("Invalid option %q specified for EnforceNodeAllocatable (--enforce-node-allocatable) setting. Valid options are %q, %q or %q",
-				val, containermanager.NodeAllocatableEnforcementKey, containermanager.SystemReservedEnforcementKey, containermanager.KubeReservedEnforcementKey))
+			allErrors = append(allErrors, fmt.Errorf("invalid configuration: option %q specified for EnforceNodeAllocatable (--enforce-node-allocatable). Valid options are %q, %q, %q, or %q",
+				val, kubetypes.NodeAllocatableEnforcementKey, kubetypes.SystemReservedEnforcementKey, kubetypes.KubeReservedEnforcementKey, kubetypes.NodeAllocatableEnforcementKey))
 		}
 	}
+	switch kc.HairpinMode {
+	case kubeletconfig.HairpinNone:
+	case kubeletconfig.HairpinVeth:
+	case kubeletconfig.PromiscuousBridge:
+	default:
+		allErrors = append(allErrors, fmt.Errorf("invalid configuration: option %q specified for HairpinMode (--hairpin-mode). Valid options are %q, %q or %q",
+			kc.HairpinMode, kubeletconfig.HairpinNone, kubeletconfig.HairpinVeth, kubeletconfig.PromiscuousBridge))
+	}
 	return utilerrors.NewAggregate(allErrors)
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/zz_generated.deepcopy.go
index 8a6b1a2a5159..7c2c9e454ade 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/zz_generated.deepcopy.go
@@ -16,12 +16,11 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package kubeletconfig
 
 import (
-	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
 
@@ -81,20 +80,11 @@ func (in *KubeletAuthorization) DeepCopy() *KubeletAuthorization {
 func (in *KubeletConfiguration) DeepCopyInto(out *KubeletConfiguration) {
 	*out = *in
 	out.TypeMeta = in.TypeMeta
-	if in.ConfigTrialDuration != nil {
-		in, out := &in.ConfigTrialDuration, &out.ConfigTrialDuration
-		if *in == nil {
-			*out = nil
-		} else {
-			*out = new(v1.Duration)
-			**out = **in
-		}
-	}
 	out.SyncFrequency = in.SyncFrequency
 	out.FileCheckFrequency = in.FileCheckFrequency
 	out.HTTPCheckFrequency = in.HTTPCheckFrequency
-	if in.ManifestURLHeader != nil {
-		in, out := &in.ManifestURLHeader, &out.ManifestURLHeader
+	if in.StaticPodURLHeader != nil {
+		in, out := &in.StaticPodURLHeader, &out.StaticPodURLHeader
 		*out = make(map[string][]string, len(*in))
 		for key, val := range *in {
 			if val == nil {
@@ -105,23 +95,13 @@ func (in *KubeletConfiguration) DeepCopyInto(out *KubeletConfiguration) {
 			}
 		}
 	}
-	out.Authentication = in.Authentication
-	out.Authorization = in.Authorization
-	if in.HostNetworkSources != nil {
-		in, out := &in.HostNetworkSources, &out.HostNetworkSources
-		*out = make([]string, len(*in))
-		copy(*out, *in)
-	}
-	if in.HostPIDSources != nil {
-		in, out := &in.HostPIDSources, &out.HostPIDSources
-		*out = make([]string, len(*in))
-		copy(*out, *in)
-	}
-	if in.HostIPCSources != nil {
-		in, out := &in.HostIPCSources, &out.HostIPCSources
+	if in.TLSCipherSuites != nil {
+		in, out := &in.TLSCipherSuites, &out.TLSCipherSuites
 		*out = make([]string, len(*in))
 		copy(*out, *in)
 	}
+	out.Authentication = in.Authentication
+	out.Authorization = in.Authorization
 	if in.ClusterDNS != nil {
 		in, out := &in.ClusterDNS, &out.ClusterDNS
 		*out = make([]string, len(*in))
@@ -205,9 +185,8 @@ func (in *KubeletConfiguration) DeepCopy() *KubeletConfiguration {
 func (in *KubeletConfiguration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1/types.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1/types.go
index 916ea822742f..2f7f56e4bba5 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1/types.go
@@ -56,6 +56,19 @@ type NodeStats struct {
 	// Stats about the underlying container runtime.
 	// +optional
 	Runtime *RuntimeStats `json:"runtime,omitempty"`
+	// Stats about the rlimit of system.
+	// +optional
+	Rlimit *RlimitStats `json:"rlimit,omitempty"`
+}
+
+// RlimitStats are stats rlimit of OS.
+type RlimitStats struct {
+	Time metav1.Time `json:"time"`
+
+	// The max PID of OS.
+	MaxPID *int64 `json:"maxpid,omitempty"`
+	// The number of running process in the OS.
+	NumOfRunningProcesses *int64 `json:"curproc,omitempty"`
 }
 
 // RuntimeStats are stats pertaining to the underlying container runtime.
@@ -74,6 +87,8 @@ const (
 	SystemContainerRuntime = "runtime"
 	// SystemContainerMisc is the container name for the system container tracking non-kubernetes processes.
 	SystemContainerMisc = "misc"
+	// SystemContainerPods is the container name for the system container tracking user pods.
+	SystemContainerPods = "pods"
 )
 
 // PodStats holds pod-level unprocessed sample stats.
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/apis/well_known_annotations_windows.go b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/well_known_annotations_windows.go
new file mode 100644
index 000000000000..0e738895ee0b
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/apis/well_known_annotations_windows.go
@@ -0,0 +1,41 @@
+// +build windows
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package apis
+
+import (
+	utilfeature "k8s.io/apiserver/pkg/util/feature"
+	"k8s.io/kubernetes/pkg/features"
+)
+
+const (
+	// HypervIsolationAnnotationKey and HypervIsolationValue are used to run windows containers with hyperv isolation.
+	// Refer https://aka.ms/hyperv-container.
+	HypervIsolationAnnotationKey = "experimental.windows.kubernetes.io/isolation-type"
+	HypervIsolationValue         = "hyperv"
+)
+
+// ShouldIsolatedByHyperV returns true if a windows container should be run with hyperv isolation.
+func ShouldIsolatedByHyperV(annotations map[string]string) bool {
+	if !utilfeature.DefaultFeatureGate.Enabled(features.HyperVContainer) {
+		return false
+	}
+
+	v, ok := annotations[HypervIsolationAnnotationKey]
+	return ok && v == HypervIsolationValue
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/BUILD
index faa9d5005b22..5f73322bb289 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/BUILD
@@ -9,18 +9,55 @@ load(
 go_library(
     name = "go_default_library",
     srcs = [
-        "cadvisor_unsupported.go",
         "doc.go",
-        "helpers_unsupported.go",
         "types.go",
         "util.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "cadvisor_unsupported.go",
+            "helpers_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "cadvisor_unsupported.go",
+            "helpers_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "cadvisor_unsupported.go",
+            "helpers_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "cadvisor_unsupported.go",
+            "helpers_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "cadvisor_linux.go",
+            "cadvisor_unsupported.go",
             "helpers_linux.go",
+            "helpers_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "cadvisor_unsupported.go",
+            "helpers_unsupported.go",
         ],
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "cadvisor_unsupported.go",
+            "helpers_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "cadvisor_unsupported.go",
+            "helpers_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "cadvisor_unsupported.go",
+            "helpers_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "cadvisor_unsupported.go",
+            "helpers_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
             "cadvisor_windows.go",
+            "helpers_unsupported.go",
         ],
         "//conditions:default": [],
     }),
@@ -36,7 +73,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/github.com/golang/glog:go_default_library",
             "//vendor/github.com/google/cadvisor/cache/memory:go_default_library",
             "//vendor/github.com/google/cadvisor/container:go_default_library",
@@ -47,7 +84,7 @@ go_library(
             "//vendor/github.com/google/cadvisor/utils/sysfs:go_default_library",
             "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
         ],
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:windows": [
             "//pkg/kubelet/winstats:go_default_library",
         ],
         "//conditions:default": [],
@@ -57,18 +94,23 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "cadvisor_linux_test.go",
+            "util_test.go",
         ],
         "//conditions:default": [],
     }),
-    importpath = "k8s.io/kubernetes/pkg/kubelet/cadvisor",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
+            "//pkg/apis/core/v1/helper:go_default_library",
+            "//pkg/features:go_default_library",
             "//pkg/kubelet/types:go_default_library",
             "//vendor/github.com/google/cadvisor/info/v1:go_default_library",
             "//vendor/github.com/google/cadvisor/metrics:go_default_library",
+            "//vendor/github.com/stretchr/testify/assert:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
+            "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         ],
         "//conditions:default": [],
     }),
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/cadvisor_linux.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/cadvisor_linux.go
index 948cb651b300..ffc2b0417be1 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/cadvisor_linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/cadvisor_linux.go
@@ -108,7 +108,11 @@ func containerLabels(c *cadvisorapi.ContainerInfo) map[string]string {
 func New(address string, port uint, imageFsInfoProvider ImageFsInfoProvider, rootPath string, usingLegacyStats bool) (Interface, error) {
 	sysFs := sysfs.NewRealSysFs()
 
-	ignoreMetrics := cadvisormetrics.MetricSet{cadvisormetrics.NetworkTcpUsageMetrics: struct{}{}, cadvisormetrics.NetworkUdpUsageMetrics: struct{}{}}
+	ignoreMetrics := cadvisormetrics.MetricSet{
+		cadvisormetrics.NetworkTcpUsageMetrics: struct{}{},
+		cadvisormetrics.NetworkUdpUsageMetrics: struct{}{},
+		cadvisormetrics.PerCpuUsageMetrics:     struct{}{},
+	}
 	if !usingLegacyStats {
 		ignoreMetrics[cadvisormetrics.DiskUsageMetrics] = struct{}{}
 	}
@@ -242,16 +246,3 @@ func (cc *cadvisorClient) getFsInfo(label string) (cadvisorapiv2.FsInfo, error)
 func (cc *cadvisorClient) WatchEvents(request *events.Request) (*events.EventChannel, error) {
 	return cc.WatchForEvents(request)
 }
-
-// HasDedicatedImageFs returns true if the imagefs has a dedicated device.
-func (cc *cadvisorClient) HasDedicatedImageFs() (bool, error) {
-	imageFsInfo, err := cc.ImagesFsInfo()
-	if err != nil {
-		return false, err
-	}
-	rootFsInfo, err := cc.RootFsInfo()
-	if err != nil {
-		return false, err
-	}
-	return imageFsInfo.Device != rootFsInfo.Device, nil
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/cadvisor_unsupported.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/cadvisor_unsupported.go
index f1ae9486d873..501c743d359b 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/cadvisor_unsupported.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/cadvisor_unsupported.go
@@ -77,10 +77,6 @@ func (cu *cadvisorUnsupported) WatchEvents(request *events.Request) (*events.Eve
 	return nil, unsupportedErr
 }
 
-func (cu *cadvisorUnsupported) HasDedicatedImageFs() (bool, error) {
-	return false, unsupportedErr
-}
-
-func (c *cadvisorUnsupported) GetFsInfoByFsUUID(uuid string) (cadvisorapiv2.FsInfo, error) {
+func (cu *cadvisorUnsupported) GetDirFsInfo(path string) (cadvisorapiv2.FsInfo, error) {
 	return cadvisorapiv2.FsInfo{}, nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/cadvisor_windows.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/cadvisor_windows.go
index 6ce1f8d1b38f..597721cd176d 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/cadvisor_windows.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/cadvisor_windows.go
@@ -77,10 +77,6 @@ func (cu *cadvisorClient) WatchEvents(request *events.Request) (*events.EventCha
 	return &events.EventChannel{}, nil
 }
 
-func (cu *cadvisorClient) HasDedicatedImageFs() (bool, error) {
-	return false, nil
-}
-
-func (c *cadvisorClient) GetFsInfoByFsUUID(uuid string) (cadvisorapiv2.FsInfo, error) {
-	return cadvisorapiv2.FsInfo{}, nil
+func (cu *cadvisorClient) GetDirFsInfo(path string) (cadvisorapiv2.FsInfo, error) {
+	return cu.winStatsClient.GetDirFsInfo(path)
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/helpers_linux.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/helpers_linux.go
index 10b5e05a008d..bff89894c5e6 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/helpers_linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/helpers_linux.go
@@ -22,6 +22,7 @@ import (
 	"fmt"
 
 	cadvisorfs "github.com/google/cadvisor/fs"
+	"k8s.io/kubernetes/pkg/kubelet/types"
 )
 
 // imageFsInfoProvider knows how to translate the configured runtime
@@ -35,11 +36,11 @@ type imageFsInfoProvider struct {
 // For remote runtimes, it handles additional runtimes natively understood by cAdvisor.
 func (i *imageFsInfoProvider) ImageFsInfoLabel() (string, error) {
 	switch i.runtime {
-	case "docker":
+	case types.DockerContainerRuntime:
 		return cadvisorfs.LabelDockerImages, nil
-	case "rkt":
+	case types.RktContainerRuntime:
 		return cadvisorfs.LabelRktImages, nil
-	case "remote":
+	case types.RemoteContainerRuntime:
 		// This is a temporary workaround to get stats for cri-o from cadvisor
 		// and should be removed.
 		// Related to https://github.com/kubernetes/kubernetes/issues/51798
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/types.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/types.go
index 4777798f2ff4..72ffcec23d4e 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cadvisor/types.go
@@ -42,12 +42,8 @@ type Interface interface {
 	// Get events streamed through passedChannel that fit the request.
 	WatchEvents(request *events.Request) (*events.EventChannel, error)
 
-	// HasDedicatedImageFs returns true iff a dedicated image filesystem exists for storing images.
-	HasDedicatedImageFs() (bool, error)
-
-	// GetFsInfoByFsUUID returns the stats of the filesystem with the specified
-	// uuid.
-	GetFsInfoByFsUUID(uuid string) (cadvisorapiv2.FsInfo, error)
+	// Get filesystem information for the filesystem that contains the given file.
+	GetDirFsInfo(path string) (cadvisorapiv2.FsInfo, error)
 }
 
 // ImageFsInfoProvider informs cAdvisor how to find imagefs for container images.
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/certificate/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/certificate/BUILD
index 4d30fec92ece..23ec4341c53b 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/certificate/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/certificate/BUILD
@@ -32,8 +32,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["transport_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/certificate",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/certificate/bootstrap/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/certificate/bootstrap/BUILD
index 05d24e0c0f40..74fd47647f1b 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/certificate/bootstrap/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/certificate/bootstrap/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["bootstrap_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/certificate/bootstrap",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/util/diff:go_default_library",
         "//vendor/k8s.io/client-go/rest:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/certificate/transport.go b/vendor/k8s.io/kubernetes/pkg/kubelet/certificate/transport.go
index 1683ad09735a..b8d200efc293 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/certificate/transport.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/certificate/transport.go
@@ -43,15 +43,21 @@ import (
 // connections, forcing the client to re-handshake with the server and use the
 // new certificate.
 //
+// The exitAfter duration, if set, will terminate the current process if a certificate
+// is not available from the store (because it has been deleted on disk or is corrupt)
+// or if the certificate has expired and the server is responsive. This allows the
+// process parent or the bootstrap credentials an opportunity to retrieve a new initial
+// certificate.
+//
 // stopCh should be used to indicate when the transport is unused and doesn't need
 // to continue checking the manager.
-func UpdateTransport(stopCh <-chan struct{}, clientConfig *restclient.Config, clientCertificateManager certificate.Manager, exitIfExpired bool) error {
-	return updateTransport(stopCh, 10*time.Second, clientConfig, clientCertificateManager, exitIfExpired)
+func UpdateTransport(stopCh <-chan struct{}, clientConfig *restclient.Config, clientCertificateManager certificate.Manager, exitAfter time.Duration) error {
+	return updateTransport(stopCh, 10*time.Second, clientConfig, clientCertificateManager, exitAfter)
 }
 
 // updateTransport is an internal method that exposes how often this method checks that the
-// client cert has changed. Intended for testing.
-func updateTransport(stopCh <-chan struct{}, period time.Duration, clientConfig *restclient.Config, clientCertificateManager certificate.Manager, exitIfExpired bool) error {
+// client cert has changed.
+func updateTransport(stopCh <-chan struct{}, period time.Duration, clientConfig *restclient.Config, clientCertificateManager certificate.Manager, exitAfter time.Duration) error {
 	if clientConfig.Transport != nil {
 		return fmt.Errorf("there is already a transport configured")
 	}
@@ -77,16 +83,35 @@ func updateTransport(stopCh <-chan struct{}, period time.Duration, clientConfig
 		conns:  make(map[*closableConn]struct{}),
 	}
 
+	lastCertAvailable := time.Now()
 	lastCert := clientCertificateManager.Current()
 	go wait.Until(func() {
 		curr := clientCertificateManager.Current()
-		if exitIfExpired && curr != nil && time.Now().After(curr.Leaf.NotAfter) {
-			if clientCertificateManager.ServerHealthy() {
-				glog.Fatalf("The currently active client certificate has expired and the server is responsive, exiting.")
+
+		if exitAfter > 0 {
+			now := time.Now()
+			if curr == nil {
+				// the certificate has been deleted from disk or is otherwise corrupt
+				if now.After(lastCertAvailable.Add(exitAfter)) {
+					if clientCertificateManager.ServerHealthy() {
+						glog.Fatalf("It has been %s since a valid client cert was found and the server is responsive, exiting.", exitAfter)
+					} else {
+						glog.Errorf("It has been %s since a valid client cert was found, but the server is not responsive. A restart may be necessary to retrieve new initial credentials.", exitAfter)
+					}
+				}
 			} else {
-				glog.Errorf("The currently active client certificate has expired, but the server is not responsive. A restart may be necessary to retrieve new initial credentials.")
+				// the certificate is expired
+				if now.After(curr.Leaf.NotAfter) {
+					if clientCertificateManager.ServerHealthy() {
+						glog.Fatalf("The currently active client certificate has expired and the server is responsive, exiting.")
+					} else {
+						glog.Errorf("The currently active client certificate has expired, but the server is not responsive. A restart may be necessary to retrieve new initial credentials.")
+					}
+				}
+				lastCertAvailable = now
 			}
 		}
+
 		if curr == nil || lastCert == curr {
 			// Cert hasn't been rotated.
 			return
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/checkpoint/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/checkpoint/BUILD
index c8035650883e..c04d198192c5 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/checkpoint/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/checkpoint/BUILD
@@ -18,8 +18,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["checkpoint_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/checkpoint",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/client/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/client/BUILD
index 3bf79dc1f088..0d21851072e0 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/client/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/client/BUILD
@@ -25,8 +25,7 @@ go_test(
     name = "go_default_test",
     srcs = ["kubelet_client_test.go"],
     data = ["//pkg/client/testdata"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/client",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/client-go/kubernetes/typed/core/v1:go_default_library",
         "//vendor/k8s.io/client-go/rest:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/BUILD
index 127192c637dc..6ecc6527909b 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/BUILD
@@ -3,18 +3,38 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 go_library(
     name = "go_default_library",
     srcs = [
-        "cgroup_manager_unsupported.go",
         "container_manager.go",
         "container_manager_stub.go",
-        "container_manager_unsupported.go",
         "fake_internal_container_lifecycle.go",
-        "helpers_unsupported.go",
         "internal_container_lifecycle.go",
         "pod_container_manager_stub.go",
-        "pod_container_manager_unsupported.go",
         "types.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "cgroup_manager_unsupported.go",
+            "container_manager_unsupported.go",
+            "helpers_unsupported.go",
+            "pod_container_manager_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "cgroup_manager_unsupported.go",
+            "container_manager_unsupported.go",
+            "helpers_unsupported.go",
+            "pod_container_manager_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "cgroup_manager_unsupported.go",
+            "container_manager_unsupported.go",
+            "helpers_unsupported.go",
+            "pod_container_manager_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "cgroup_manager_unsupported.go",
+            "container_manager_unsupported.go",
+            "helpers_unsupported.go",
+            "pod_container_manager_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "cgroup_manager_linux.go",
             "container_manager_linux.go",
             "helpers_linux.go",
@@ -22,8 +42,41 @@ go_library(
             "pod_container_manager_linux.go",
             "qos_container_manager_linux.go",
         ],
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "cgroup_manager_unsupported.go",
+            "container_manager_unsupported.go",
+            "helpers_unsupported.go",
+            "pod_container_manager_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "cgroup_manager_unsupported.go",
+            "container_manager_unsupported.go",
+            "helpers_unsupported.go",
+            "pod_container_manager_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "cgroup_manager_unsupported.go",
+            "container_manager_unsupported.go",
+            "helpers_unsupported.go",
+            "pod_container_manager_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "cgroup_manager_unsupported.go",
+            "container_manager_unsupported.go",
+            "helpers_unsupported.go",
+            "pod_container_manager_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "cgroup_manager_unsupported.go",
+            "container_manager_unsupported.go",
+            "helpers_unsupported.go",
+            "pod_container_manager_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "cgroup_manager_unsupported.go",
             "container_manager_windows.go",
+            "helpers_unsupported.go",
+            "pod_container_manager_unsupported.go",
         ],
         "//conditions:default": [],
     }),
@@ -32,32 +85,53 @@ go_library(
     deps = [
         "//pkg/features:go_default_library",
         "//pkg/kubelet/apis/cri:go_default_library",
-        "//pkg/kubelet/cadvisor:go_default_library",
         "//pkg/kubelet/cm/cpumanager:go_default_library",
         "//pkg/kubelet/config:go_default_library",
         "//pkg/kubelet/container:go_default_library",
         "//pkg/kubelet/eviction/api:go_default_library",
         "//pkg/kubelet/lifecycle:go_default_library",
         "//pkg/kubelet/status:go_default_library",
-        "//pkg/util/mount:go_default_library",
-        "//plugin/pkg/scheduler/schedulercache:go_default_library",
+        "//pkg/scheduler/schedulercache:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
-        "//vendor/k8s.io/client-go/tools/record:go_default_library",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "//pkg/kubelet/cadvisor:go_default_library",
+            "//pkg/util/mount:go_default_library",
+            "//vendor/k8s.io/client-go/tools/record:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "//pkg/kubelet/cadvisor:go_default_library",
+            "//pkg/util/mount:go_default_library",
+            "//vendor/k8s.io/client-go/tools/record:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "//pkg/kubelet/cadvisor:go_default_library",
+            "//pkg/util/mount:go_default_library",
+            "//vendor/k8s.io/client-go/tools/record:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "//pkg/kubelet/cadvisor:go_default_library",
+            "//pkg/util/mount:go_default_library",
+            "//vendor/k8s.io/client-go/tools/record:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "//pkg/api/v1/resource:go_default_library",
             "//pkg/apis/core/v1/helper:go_default_library",
             "//pkg/apis/core/v1/helper/qos:go_default_library",
-            "//pkg/kubelet/cm/deviceplugin:go_default_library",
+            "//pkg/kubelet/cadvisor:go_default_library",
+            "//pkg/kubelet/cm/devicemanager:go_default_library",
             "//pkg/kubelet/cm/util:go_default_library",
             "//pkg/kubelet/events:go_default_library",
             "//pkg/kubelet/metrics:go_default_library",
             "//pkg/kubelet/qos:go_default_library",
+            "//pkg/kubelet/types:go_default_library",
             "//pkg/util/file:go_default_library",
+            "//pkg/util/mount:go_default_library",
             "//pkg/util/oom:go_default_library",
             "//pkg/util/procfs:go_default_library",
             "//pkg/util/sysctl:go_default_library",
@@ -67,9 +141,39 @@ go_library(
             "//vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs:go_default_library",
             "//vendor/github.com/opencontainers/runc/libcontainer/cgroups/systemd:go_default_library",
             "//vendor/github.com/opencontainers/runc/libcontainer/configs:go_default_library",
-            "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
             "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
             "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
+            "//vendor/k8s.io/client-go/tools/record:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "//pkg/kubelet/cadvisor:go_default_library",
+            "//pkg/util/mount:go_default_library",
+            "//vendor/k8s.io/client-go/tools/record:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "//pkg/kubelet/cadvisor:go_default_library",
+            "//pkg/util/mount:go_default_library",
+            "//vendor/k8s.io/client-go/tools/record:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "//pkg/kubelet/cadvisor:go_default_library",
+            "//pkg/util/mount:go_default_library",
+            "//vendor/k8s.io/client-go/tools/record:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "//pkg/kubelet/cadvisor:go_default_library",
+            "//pkg/util/mount:go_default_library",
+            "//vendor/k8s.io/client-go/tools/record:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "//pkg/kubelet/cadvisor:go_default_library",
+            "//pkg/util/mount:go_default_library",
+            "//vendor/k8s.io/client-go/tools/record:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "//pkg/kubelet/cadvisor:go_default_library",
+            "//pkg/util/mount:go_default_library",
+            "//vendor/k8s.io/client-go/tools/record:go_default_library",
         ],
         "//conditions:default": [],
     }),
@@ -77,10 +181,8 @@ go_library(
 
 go_test(
     name = "go_default_test",
-    srcs = [
-        "container_manager_unsupported_test.go",
-    ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+    srcs = select({
+        "@io_bazel_rules_go//go/platform:linux": [
             "cgroup_manager_linux_test.go",
             "cgroup_manager_test.go",
             "container_manager_linux_test.go",
@@ -89,13 +191,11 @@ go_test(
         ],
         "//conditions:default": [],
     }),
-    importpath = "k8s.io/kubernetes/pkg/kubelet/cm",
-    library = ":go_default_library",
-    deps = [
-        "//pkg/util/mount:go_default_library",
-    ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+    embed = [":go_default_library"],
+    deps = select({
+        "@io_bazel_rules_go//go/platform:linux": [
             "//pkg/kubelet/eviction/api:go_default_library",
+            "//pkg/util/mount:go_default_library",
             "//vendor/github.com/stretchr/testify/assert:go_default_library",
             "//vendor/github.com/stretchr/testify/require:go_default_library",
             "//vendor/k8s.io/api/core/v1:go_default_library",
@@ -118,7 +218,7 @@ filegroup(
         ":package-srcs",
         "//pkg/kubelet/cm/cpumanager:all-srcs",
         "//pkg/kubelet/cm/cpuset:all-srcs",
-        "//pkg/kubelet/cm/deviceplugin:all-srcs",
+        "//pkg/kubelet/cm/devicemanager:all-srcs",
         "//pkg/kubelet/cm/util:all-srcs",
     ],
     tags = ["automanaged"],
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/OWNERS b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/OWNERS
new file mode 100644
index 000000000000..307f9436c00f
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/OWNERS
@@ -0,0 +1,10 @@
+approvers:
+- Random-Liu
+- dchen1107
+- derekwaynecarr
+- tallclair
+- vishh
+- yujuhong
+- ConnorDoyle
+reviewers:
+- sig-node-reviewers
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cgroup_manager_linux.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cgroup_manager_linux.go
index d1d99713429c..9f23817f166c 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cgroup_manager_linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cgroup_manager_linux.go
@@ -319,14 +319,18 @@ type subsystem interface {
 	GetStats(path string, stats *libcontainercgroups.Stats) error
 }
 
-// getSupportedSubsystems returns list of subsystems supported
-func getSupportedSubsystems() []subsystem {
-	supportedSubsystems := []subsystem{
-		&cgroupfs.MemoryGroup{},
-		&cgroupfs.CpuGroup{},
+// getSupportedSubsystems returns a map of subsystem and if it must be mounted for the kubelet to function.
+func getSupportedSubsystems() map[subsystem]bool {
+	supportedSubsystems := map[subsystem]bool{
+		&cgroupfs.MemoryGroup{}: true,
+		&cgroupfs.CpuGroup{}:    true,
 	}
+	// not all hosts support hugetlb cgroup, and in the absent of hugetlb, we will fail silently by reporting no capacity.
 	if utilfeature.DefaultFeatureGate.Enabled(kubefeatures.HugePages) {
-		supportedSubsystems = append(supportedSubsystems, &cgroupfs.HugetlbGroup{})
+		supportedSubsystems[&cgroupfs.HugetlbGroup{}] = false
+	}
+	if utilfeature.DefaultFeatureGate.Enabled(kubefeatures.SupportPodPidsLimit) {
+		supportedSubsystems[&cgroupfs.PidsGroup{}] = true
 	}
 	return supportedSubsystems
 }
@@ -341,9 +345,14 @@ func getSupportedSubsystems() []subsystem {
 // but this is not possible with libcontainers Set() method
 // See https://github.com/opencontainers/runc/issues/932
 func setSupportedSubsystems(cgroupConfig *libcontainerconfigs.Cgroup) error {
-	for _, sys := range getSupportedSubsystems() {
+	for sys, required := range getSupportedSubsystems() {
 		if _, ok := cgroupConfig.Paths[sys.Name()]; !ok {
-			return fmt.Errorf("Failed to find subsystem mount for subsystem: %v", sys.Name())
+			if required {
+				return fmt.Errorf("Failed to find subsystem mount for required subsystem: %v", sys.Name())
+			}
+			// the cgroup is not mounted, but its not required so continue...
+			glog.V(6).Infof("Unable to find subsystem mount for optional subsystem: %v", sys.Name())
+			continue
 		}
 		if err := sys.Set(cgroupConfig.Paths[sys.Name()], cgroupConfig); err != nil {
 			return fmt.Errorf("Failed to set config for supported subsystems : %v", err)
@@ -430,6 +439,10 @@ func (m *cgroupManagerImpl) Update(cgroupConfig *CgroupConfig) error {
 		Paths:     cgroupPaths,
 	}
 
+	if utilfeature.DefaultFeatureGate.Enabled(kubefeatures.SupportPodPidsLimit) && cgroupConfig.ResourceParameters.PodPidsLimit != nil {
+		libcontainerCgroupConfig.PidsLimit = *cgroupConfig.ResourceParameters.PodPidsLimit
+	}
+
 	if err := setSupportedSubsystems(libcontainerCgroupConfig); err != nil {
 		return fmt.Errorf("failed to set supported cgroup subsystems for cgroup %v: %v", cgroupConfig.Name, err)
 	}
@@ -463,6 +476,10 @@ func (m *cgroupManagerImpl) Create(cgroupConfig *CgroupConfig) error {
 		Resources: resources,
 	}
 
+	if utilfeature.DefaultFeatureGate.Enabled(kubefeatures.SupportPodPidsLimit) && cgroupConfig.ResourceParameters.PodPidsLimit != nil {
+		libcontainerCgroupConfig.PidsLimit = *cgroupConfig.ResourceParameters.PodPidsLimit
+	}
+
 	// get the manager with the specified cgroup configuration
 	manager, err := m.adapter.newManager(libcontainerCgroupConfig, nil)
 	if err != nil {
@@ -552,9 +569,14 @@ func (m *cgroupManagerImpl) ReduceCPULimits(cgroupName CgroupName) error {
 
 func getStatsSupportedSubsystems(cgroupPaths map[string]string) (*libcontainercgroups.Stats, error) {
 	stats := libcontainercgroups.NewStats()
-	for _, sys := range getSupportedSubsystems() {
+	for sys, required := range getSupportedSubsystems() {
 		if _, ok := cgroupPaths[sys.Name()]; !ok {
-			return nil, fmt.Errorf("Failed to find subsystem mount for subsystem: %v", sys.Name())
+			if required {
+				return nil, fmt.Errorf("Failed to find subsystem mount for required subsystem: %v", sys.Name())
+			}
+			// the cgroup is not mounted, but its not required so continue...
+			glog.V(6).Infof("Unable to find subsystem mount for optional subsystem: %v", sys.Name())
+			continue
 		}
 		if err := sys.GetStats(cgroupPaths[sys.Name()], stats); err != nil {
 			return nil, fmt.Errorf("Failed to get stats for supported subsystems : %v", err)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/container_manager.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/container_manager.go
index dfdcf8d82c84..2a64db671437 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/container_manager.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/container_manager.go
@@ -28,7 +28,7 @@ import (
 	evictionapi "k8s.io/kubernetes/pkg/kubelet/eviction/api"
 	"k8s.io/kubernetes/pkg/kubelet/lifecycle"
 	"k8s.io/kubernetes/pkg/kubelet/status"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 
 	"fmt"
 	"strconv"
@@ -70,9 +70,10 @@ type ContainerManager interface {
 	// GetCapacity returns the amount of compute resources tracked by container manager available on the node.
 	GetCapacity() v1.ResourceList
 
-	// GetDevicePluginResourceCapacity returns the amount of device plugin resources available on the node
+	// GetDevicePluginResourceCapacity returns the node capacity (amount of total device plugin resources),
+	// node allocatable (amount of total healthy resources reported by device plugin),
 	// and inactive device plugin resources previously registered on the node.
-	GetDevicePluginResourceCapacity() (v1.ResourceList, []string)
+	GetDevicePluginResourceCapacity() (v1.ResourceList, v1.ResourceList, []string)
 
 	// UpdateQOSCgroups performs housekeeping updates to ensure that the top
 	// level QoS containers have their desired state in a thread-safe way
@@ -90,6 +91,9 @@ type ContainerManager interface {
 	UpdatePluginResources(*schedulercache.NodeInfo, *lifecycle.PodAdmitAttributes) error
 
 	InternalContainerLifecycle() InternalContainerLifecycle
+
+	// GetPodCgroupRoot returns the cgroup which contains all pods.
+	GetPodCgroupRoot() string
 }
 
 type NodeConfig struct {
@@ -106,6 +110,8 @@ type NodeConfig struct {
 	ExperimentalQOSReserved               map[v1.ResourceName]int64
 	ExperimentalCPUManagerPolicy          string
 	ExperimentalCPUManagerReconcilePeriod time.Duration
+	ExperimentalPodPidsLimit              int64
+	EnforceCPULimits                      bool
 }
 
 type NodeAllocatableConfig struct {
@@ -122,18 +128,7 @@ type Status struct {
 	SoftRequirements error
 }
 
-const (
-	// Uer visible keys for managing node allocatable enforcement on the node.
-	NodeAllocatableEnforcementKey = "pods"
-	SystemReservedEnforcementKey  = "system-reserved"
-	KubeReservedEnforcementKey    = "kube-reserved"
-)
-
-// containerManager for the kubelet is currently an injected dependency.
-// We need to parse the --qos-reserve-requests option in
-// cmd/kubelet/app/server.go and there isn't really a good place to put
-// the code.  If/When the kubelet dependency injection gets worked out,
-// maybe there will be a better place for it.
+// parsePercentage parses the percentage string to numeric value.
 func parsePercentage(v string) (int64, error) {
 	if !strings.HasSuffix(v, "%") {
 		return 0, fmt.Errorf("percentage expected, got '%s'", v)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/container_manager_linux.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/container_manager_linux.go
index 6c6c7068172d..236ac71dc1c2 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/container_manager_linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/container_manager_linux.go
@@ -45,20 +45,20 @@ import (
 	internalapi "k8s.io/kubernetes/pkg/kubelet/apis/cri"
 	"k8s.io/kubernetes/pkg/kubelet/cadvisor"
 	"k8s.io/kubernetes/pkg/kubelet/cm/cpumanager"
-	"k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin"
+	"k8s.io/kubernetes/pkg/kubelet/cm/devicemanager"
 	cmutil "k8s.io/kubernetes/pkg/kubelet/cm/util"
 	"k8s.io/kubernetes/pkg/kubelet/config"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/kubelet/lifecycle"
 	"k8s.io/kubernetes/pkg/kubelet/qos"
 	"k8s.io/kubernetes/pkg/kubelet/status"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 	utilfile "k8s.io/kubernetes/pkg/util/file"
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/util/oom"
 	"k8s.io/kubernetes/pkg/util/procfs"
 	utilsysctl "k8s.io/kubernetes/pkg/util/sysctl"
 	utilversion "k8s.io/kubernetes/pkg/util/version"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
 )
 
 const (
@@ -129,7 +129,7 @@ type containerManagerImpl struct {
 	// Interface for QoS cgroup management
 	qosContainerManager QOSContainerManager
 	// Interface for exporting and allocating devices reported by device plugins.
-	devicePluginManager deviceplugin.Manager
+	deviceManager devicemanager.Manager
 	// Interface for CPU affinity management.
 	cpuManager cpumanager.Manager
 }
@@ -265,9 +265,9 @@ func NewContainerManager(mountUtil mount.Interface, cadvisorInterface cadvisor.I
 
 	glog.Infof("Creating device plugin manager: %t", devicePluginEnabled)
 	if devicePluginEnabled {
-		cm.devicePluginManager, err = deviceplugin.NewManagerImpl()
+		cm.deviceManager, err = devicemanager.NewManagerImpl()
 	} else {
-		cm.devicePluginManager, err = deviceplugin.NewManagerStub()
+		cm.deviceManager, err = devicemanager.NewManagerStub()
 	}
 	if err != nil {
 		return nil, err
@@ -300,6 +300,8 @@ func (cm *containerManagerImpl) NewPodContainerManager() PodContainerManager {
 			qosContainersInfo: cm.GetQOSContainersInfo(),
 			subsystems:        cm.subsystems,
 			cgroupManager:     cm.cgroupManager,
+			podPidsLimit:      cm.ExperimentalPodPidsLimit,
+			enforceCPULimits:  cm.EnforceCPULimits,
 		}
 	}
 	return &podContainerManagerNoop{
@@ -499,6 +501,11 @@ func (cm *containerManagerImpl) GetNodeConfig() NodeConfig {
 	return cm.NodeConfig
 }
 
+// GetPodCgroupRoot returns the literal cgroupfs value for the cgroup containing all pods.
+func (cm *containerManagerImpl) GetPodCgroupRoot() string {
+	return cm.cgroupManager.Name(CgroupName(cm.cgroupRoot))
+}
+
 func (cm *containerManagerImpl) GetMountedSubsystems() *CgroupSubsystems {
 	return cm.subsystems
 }
@@ -532,6 +539,14 @@ func (cm *containerManagerImpl) Start(node *v1.Node,
 	// allocatable of the node
 	cm.nodeInfo = node
 
+	rootfs, err := cm.cadvisorInterface.RootFsInfo()
+	if err != nil {
+		return fmt.Errorf("failed to get rootfs info: %v", err)
+	}
+	for rName, rCap := range cadvisor.EphemeralStorageCapacityFromFsInfo(rootfs) {
+		cm.capacity[rName] = rCap
+	}
+
 	// Ensure that node allocatable configuration is valid.
 	if err := cm.validateNodeAllocatable(); err != nil {
 		return err
@@ -574,36 +589,11 @@ func (cm *containerManagerImpl) Start(node *v1.Node,
 		}, 5*time.Minute, wait.NeverStop)
 	}
 
-	// Local storage filesystem information from `RootFsInfo` and `ImagesFsInfo` is available at a later time
-	// depending on the time when cadvisor manager updates container stats. Therefore use a go routine to keep
-	// retrieving the information until it is available.
-	stopChan := make(chan struct{})
-	go wait.Until(func() {
-		if err := cm.setFsCapacity(); err != nil {
-			glog.Errorf("[ContainerManager]: %v", err)
-			return
-		}
-		close(stopChan)
-	}, time.Second, stopChan)
-
-	// Starts device plugin manager.
-	if err := cm.devicePluginManager.Start(deviceplugin.ActivePodsFunc(activePods), sourcesReady); err != nil {
+	// Starts device manager.
+	if err := cm.deviceManager.Start(devicemanager.ActivePodsFunc(activePods), sourcesReady); err != nil {
 		return err
 	}
-	return nil
-}
-
-func (cm *containerManagerImpl) setFsCapacity() error {
-	rootfs, err := cm.cadvisorInterface.RootFsInfo()
-	if err != nil {
-		return fmt.Errorf("Fail to get rootfs information %v", err)
-	}
 
-	cm.Lock()
-	for rName, rCap := range cadvisor.EphemeralStorageCapacityFromFsInfo(rootfs) {
-		cm.capacity[rName] = rCap
-	}
-	cm.Unlock()
 	return nil
 }
 
@@ -612,18 +602,21 @@ func (cm *containerManagerImpl) GetResources(pod *v1.Pod, container *v1.Containe
 	opts := &kubecontainer.RunContainerOptions{}
 	// Allocate should already be called during predicateAdmitHandler.Admit(),
 	// just try to fetch device runtime information from cached state here
-	devOpts := cm.devicePluginManager.GetDeviceRunContainerOptions(pod, container)
-	if devOpts == nil {
+	devOpts, err := cm.deviceManager.GetDeviceRunContainerOptions(pod, container)
+	if err != nil {
+		return nil, err
+	} else if devOpts == nil {
 		return opts, nil
 	}
 	opts.Devices = append(opts.Devices, devOpts.Devices...)
 	opts.Mounts = append(opts.Mounts, devOpts.Mounts...)
 	opts.Envs = append(opts.Envs, devOpts.Envs...)
+	opts.Annotations = append(opts.Annotations, devOpts.Annotations...)
 	return opts, nil
 }
 
 func (cm *containerManagerImpl) UpdatePluginResources(node *schedulercache.NodeInfo, attrs *lifecycle.PodAdmitAttributes) error {
-	return cm.devicePluginManager.Allocate(node, attrs)
+	return cm.deviceManager.Allocate(node, attrs)
 }
 
 func (cm *containerManagerImpl) SystemCgroupsLimit() v1.ResourceList {
@@ -882,11 +875,9 @@ func getDockerAPIVersion(cadvisor cadvisor.Interface) *utilversion.Version {
 }
 
 func (cm *containerManagerImpl) GetCapacity() v1.ResourceList {
-	cm.RLock()
-	defer cm.RUnlock()
 	return cm.capacity
 }
 
-func (cm *containerManagerImpl) GetDevicePluginResourceCapacity() (v1.ResourceList, []string) {
-	return cm.devicePluginManager.GetCapacity()
+func (cm *containerManagerImpl) GetDevicePluginResourceCapacity() (v1.ResourceList, v1.ResourceList, []string) {
+	return cm.deviceManager.GetCapacity()
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/container_manager_stub.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/container_manager_stub.go
index 27a86849582e..261552da7002 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/container_manager_stub.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/container_manager_stub.go
@@ -20,13 +20,14 @@ import (
 	"github.com/golang/glog"
 	"k8s.io/api/core/v1"
 
+	"k8s.io/apimachinery/pkg/api/resource"
 	internalapi "k8s.io/kubernetes/pkg/kubelet/apis/cri"
 	"k8s.io/kubernetes/pkg/kubelet/cm/cpumanager"
 	"k8s.io/kubernetes/pkg/kubelet/config"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/kubelet/lifecycle"
 	"k8s.io/kubernetes/pkg/kubelet/status"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 )
 
 type containerManagerStub struct{}
@@ -67,11 +68,16 @@ func (cm *containerManagerStub) GetNodeAllocatableReservation() v1.ResourceList
 }
 
 func (cm *containerManagerStub) GetCapacity() v1.ResourceList {
-	return nil
+	c := v1.ResourceList{
+		v1.ResourceEphemeralStorage: *resource.NewQuantity(
+			int64(0),
+			resource.BinarySI),
+	}
+	return c
 }
 
-func (cm *containerManagerStub) GetDevicePluginResourceCapacity() (v1.ResourceList, []string) {
-	return nil, []string{}
+func (cm *containerManagerStub) GetDevicePluginResourceCapacity() (v1.ResourceList, v1.ResourceList, []string) {
+	return nil, nil, []string{}
 }
 
 func (cm *containerManagerStub) NewPodContainerManager() PodContainerManager {
@@ -90,6 +96,10 @@ func (cm *containerManagerStub) InternalContainerLifecycle() InternalContainerLi
 	return &internalContainerLifecycleImpl{cpumanager.NewFakeManager()}
 }
 
+func (cm *containerManagerStub) GetPodCgroupRoot() string {
+	return ""
+}
+
 func NewStubContainerManager() ContainerManager {
 	return &containerManagerStub{}
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/container_manager_unsupported.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/container_manager_unsupported.go
index 6453397b1774..97a3a3a6337c 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/container_manager_unsupported.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/container_manager_unsupported.go
@@ -25,16 +25,13 @@ import (
 	"k8s.io/client-go/tools/record"
 	internalapi "k8s.io/kubernetes/pkg/kubelet/apis/cri"
 	"k8s.io/kubernetes/pkg/kubelet/cadvisor"
-	"k8s.io/kubernetes/pkg/kubelet/cm/cpumanager"
 	"k8s.io/kubernetes/pkg/kubelet/config"
-	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
-	"k8s.io/kubernetes/pkg/kubelet/lifecycle"
 	"k8s.io/kubernetes/pkg/kubelet/status"
 	"k8s.io/kubernetes/pkg/util/mount"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
 )
 
 type unsupportedContainerManager struct {
+	containerManagerStub
 }
 
 var _ ContainerManager = &unsupportedContainerManager{}
@@ -43,58 +40,6 @@ func (unsupportedContainerManager) Start(_ *v1.Node, _ ActivePodsFunc, _ config.
 	return fmt.Errorf("Container Manager is unsupported in this build")
 }
 
-func (unsupportedContainerManager) SystemCgroupsLimit() v1.ResourceList {
-	return v1.ResourceList{}
-}
-
-func (unsupportedContainerManager) GetNodeConfig() NodeConfig {
-	return NodeConfig{}
-}
-
-func (unsupportedContainerManager) GetMountedSubsystems() *CgroupSubsystems {
-	return &CgroupSubsystems{}
-}
-
-func (unsupportedContainerManager) GetQOSContainersInfo() QOSContainersInfo {
-	return QOSContainersInfo{}
-}
-
-func (unsupportedContainerManager) UpdateQOSCgroups() error {
-	return nil
-}
-
-func (cm *unsupportedContainerManager) Status() Status {
-	return Status{}
-}
-
-func (cm *unsupportedContainerManager) GetNodeAllocatableReservation() v1.ResourceList {
-	return nil
-}
-
-func (cm *unsupportedContainerManager) GetCapacity() v1.ResourceList {
-	return nil
-}
-
-func (cm *unsupportedContainerManager) GetDevicePluginResourceCapacity() (v1.ResourceList, []string) {
-	return nil, []string{}
-}
-
-func (cm *unsupportedContainerManager) NewPodContainerManager() PodContainerManager {
-	return &unsupportedPodContainerManager{}
-}
-
-func (cm *unsupportedContainerManager) GetResources(pod *v1.Pod, container *v1.Container) (*kubecontainer.RunContainerOptions, error) {
-	return &kubecontainer.RunContainerOptions{}, nil
-}
-
-func (cm *unsupportedContainerManager) UpdatePluginResources(*schedulercache.NodeInfo, *lifecycle.PodAdmitAttributes) error {
-	return nil
-}
-
-func (cm *unsupportedContainerManager) InternalContainerLifecycle() InternalContainerLifecycle {
-	return &internalContainerLifecycleImpl{cpumanager.NewFakeManager()}
-}
-
 func NewContainerManager(_ mount.Interface, _ cadvisor.Interface, _ NodeConfig, failSwapOn bool, devicePluginEnabled bool, recorder record.EventRecorder) (ContainerManager, error) {
 	return &unsupportedContainerManager{}, nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/BUILD
index f76a6a9312ef..26d292e5f8fa 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/BUILD
@@ -14,7 +14,7 @@ go_library(
     visibility = ["//visibility:public"],
     deps = [
         "//pkg/apis/core/v1/helper/qos:go_default_library",
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//pkg/kubelet/cm/cpumanager/state:go_default_library",
         "//pkg/kubelet/cm/cpumanager/topology:go_default_library",
         "//pkg/kubelet/cm/cpuset:go_default_library",
@@ -36,10 +36,9 @@ go_test(
         "policy_static_test.go",
         "policy_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/cm/cpumanager",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//pkg/kubelet/cm/cpumanager/state:go_default_library",
         "//pkg/kubelet/cm/cpumanager/topology:go_default_library",
         "//pkg/kubelet/cm/cpuset:go_default_library",
@@ -47,7 +46,6 @@ go_test(
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/cpu_assignment.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/cpu_assignment.go
index a4de3b5ec89e..3f5f33bafeda 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/cpu_assignment.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/cpu_assignment.go
@@ -86,7 +86,7 @@ func (a *cpuAccumulator) freeCores() []int {
 
 // Returns CPU IDs as a slice sorted by:
 // - socket affinity with result
-// - number of CPUs available on the same sockett
+// - number of CPUs available on the same socket
 // - number of CPUs available on the same core
 // - socket ID.
 // - core ID.
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/cpu_manager.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/cpu_manager.go
index 9dc6b98b4e76..b52fe59a12d1 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/cpu_manager.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/cpu_manager.go
@@ -27,7 +27,7 @@ import (
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/util/wait"
 
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/state"
 	"k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/topology"
 	"k8s.io/kubernetes/pkg/kubelet/cm/cpuset"
@@ -98,13 +98,7 @@ type manager struct {
 var _ Manager = &manager{}
 
 // NewManager creates new cpu manager based on provided policy
-func NewManager(
-	cpuPolicyName string,
-	reconcilePeriod time.Duration,
-	machineInfo *cadvisorapi.MachineInfo,
-	nodeAllocatableReservation v1.ResourceList,
-	stateFileDirecory string,
-) (Manager, error) {
+func NewManager(cpuPolicyName string, reconcilePeriod time.Duration, machineInfo *cadvisorapi.MachineInfo, nodeAllocatableReservation v1.ResourceList, stateFileDirecory string) (Manager, error) {
 	var policy Policy
 
 	switch policyName(cpuPolicyName) {
@@ -120,18 +114,16 @@ func NewManager(
 		glog.Infof("[cpumanager] detected CPU topology: %v", topo)
 		reservedCPUs, ok := nodeAllocatableReservation[v1.ResourceCPU]
 		if !ok {
-			// The static policy cannot initialize without this information. Panic!
-			panic("[cpumanager] unable to determine reserved CPU resources for static policy")
+			// The static policy cannot initialize without this information.
+			return nil, fmt.Errorf("[cpumanager] unable to determine reserved CPU resources for static policy")
 		}
 		if reservedCPUs.IsZero() {
-			// Panic!
-			//
 			// The static policy requires this to be nonzero. Zero CPU reservation
 			// would allow the shared pool to be completely exhausted. At that point
 			// either we would violate our guarantee of exclusivity or need to evict
 			// any pod that has at least one container that requires zero CPUs.
 			// See the comments in policy_static.go for more details.
-			panic("[cpumanager] the static policy requires systemreserved.cpu + kubereserved.cpu to be greater than zero")
+			return nil, fmt.Errorf("[cpumanager] the static policy requires systemreserved.cpu + kubereserved.cpu to be greater than zero")
 		}
 
 		// Take the ceiling of the reservation, since fractional CPUs cannot be
@@ -160,8 +152,8 @@ func NewManager(
 }
 
 func (m *manager) Start(activePods ActivePodsFunc, podStatusProvider status.PodStatusProvider, containerRuntime runtimeService) {
-	glog.Infof("[cpumanger] starting with %s policy", m.policy.Name())
-	glog.Infof("[cpumanger] reconciling every %v", m.reconcilePeriod)
+	glog.Infof("[cpumanager] starting with %s policy", m.policy.Name())
+	glog.Infof("[cpumanager] reconciling every %v", m.reconcilePeriod)
 
 	m.activePods = activePods
 	m.podStatusProvider = podStatusProvider
@@ -242,6 +234,25 @@ func (m *manager) reconcileState() (success []reconciledContainer, failure []rec
 				continue
 			}
 
+			// Check whether container is present in state, there may be 3 reasons why it's not present:
+			// - policy does not want to track the container
+			// - kubelet has just been restarted - and there is no previous state file
+			// - container has been removed from state by RemoveContainer call (DeletionTimestamp is set)
+			if _, ok := m.state.GetCPUSet(containerID); !ok {
+				if status.Phase == v1.PodRunning && pod.DeletionTimestamp == nil {
+					glog.V(4).Infof("[cpumanager] reconcileState: container is not present in state - trying to add (pod: %s, container: %s, container id: %s)", pod.Name, container.Name, containerID)
+					err := m.AddContainer(pod, &container, containerID)
+					if err != nil {
+						glog.Errorf("[cpumanager] reconcileState: failed to add container (pod: %s, container: %s, container id: %s, error: %v)", pod.Name, container.Name, containerID, err)
+						failure = append(failure, reconciledContainer{pod.Name, container.Name, containerID})
+					}
+				} else {
+					// if DeletionTimestamp is set, pod has already been removed from state
+					// skip the pod/container since it's not running and will be deleted soon
+					continue
+				}
+			}
+
 			cset := m.state.GetCPUSetOrDefault(containerID)
 			if cset.IsEmpty() {
 				// NOTE: This should not happen outside of tests.
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/policy.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/policy.go
index 39eb76316b10..c79091659e32 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/policy.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/policy.go
@@ -25,6 +25,8 @@ import (
 type Policy interface {
 	Name() string
 	Start(s state.State)
+	// AddContainer call is idempotent
 	AddContainer(s state.State, pod *v1.Pod, container *v1.Container, containerID string) error
+	// RemoveContainer call is idempotent
 	RemoveContainer(s state.State, containerID string) error
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/policy_static.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/policy_static.go
index dfbb0a297d06..9a461bacb63f 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/policy_static.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/policy_static.go
@@ -156,9 +156,15 @@ func (p *staticPolicy) assignableCPUs(s state.State) cpuset.CPUSet {
 }
 
 func (p *staticPolicy) AddContainer(s state.State, pod *v1.Pod, container *v1.Container, containerID string) error {
-	glog.Infof("[cpumanager] static policy: AddContainer (pod: %s, container: %s, container id: %s)", pod.Name, container.Name, containerID)
 	if numCPUs := guaranteedCPUs(pod, container); numCPUs != 0 {
+		glog.Infof("[cpumanager] static policy: AddContainer (pod: %s, container: %s, container id: %s)", pod.Name, container.Name, containerID)
 		// container belongs in an exclusively allocated pool
+
+		if _, ok := s.GetCPUSet(containerID); ok {
+			glog.Infof("[cpumanager] static policy: container already present in state, skipping (container: %s, container id: %s)", container.Name, containerID)
+			return nil
+		}
+
 		cpuset, err := p.allocateCPUs(s, numCPUs)
 		if err != nil {
 			glog.Errorf("[cpumanager] unable to allocate %d CPUs (container id: %s, error: %v)", numCPUs, containerID, err)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/state/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/state/BUILD
index 8af631c9ad6d..bcaf0045a08e 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/state/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/state/BUILD
@@ -18,8 +18,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["state_file_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/state",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//pkg/kubelet/cm/cpuset:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/state/state_file.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/state/state_file.go
index 20c7763350d1..6c2353cf10f5 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/state/state_file.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/state/state_file.go
@@ -51,9 +51,10 @@ func NewFileState(filePath string, policyName string) State {
 
 	if err := stateFile.tryRestoreState(); err != nil {
 		// could not restore state, init new state file
-		glog.Infof("[cpumanager] state file: initializing empty state file - reason: \"%s\"", err)
-		stateFile.cache.ClearState()
-		stateFile.storeState()
+		msg := fmt.Sprintf("[cpumanager] state file: unable to restore state from disk (%s)\n", err.Error()) +
+			"Panicking because we cannot guarantee sane CPU affinity for existing containers.\n" +
+			fmt.Sprintf("Please drain this node and delete the CPU manager state file \"%s\" before restarting Kubelet.", stateFile.stateFilePath)
+		panic(msg)
 	}
 
 	return stateFile
@@ -73,45 +74,51 @@ func (sf *stateFile) tryRestoreState() error {
 
 	var content []byte
 
-	if content, err = ioutil.ReadFile(sf.stateFilePath); os.IsNotExist(err) {
-		// Create file
-		if _, err = os.Create(sf.stateFilePath); err != nil {
-			glog.Errorf("[cpumanager] state file: unable to create state file \"%s\":%s", sf.stateFilePath, err.Error())
-			panic("[cpumanager] state file not created")
-		}
-		glog.Infof("[cpumanager] state file: created empty state file \"%s\"", sf.stateFilePath)
-	} else {
-		// File exists - try to read
-		var readState stateFileData
+	content, err = ioutil.ReadFile(sf.stateFilePath)
 
-		if err = json.Unmarshal(content, &readState); err != nil {
-			glog.Warningf("[cpumanager] state file: could not unmarshal, corrupted state file - \"%s\"", sf.stateFilePath)
-			return err
-		}
+	// If the state file does not exist or has zero length, write a new file.
+	if os.IsNotExist(err) || len(content) == 0 {
+		sf.storeState()
+		glog.Infof("[cpumanager] state file: created new state file \"%s\"", sf.stateFilePath)
+		return nil
+	}
 
-		if sf.policyName != readState.PolicyName {
-			return fmt.Errorf("policy configured \"%s\" != policy from state file \"%s\"", sf.policyName, readState.PolicyName)
-		}
+	// Fail on any other file read error.
+	if err != nil {
+		return err
+	}
+
+	// File exists; try to read it.
+	var readState stateFileData
+
+	if err = json.Unmarshal(content, &readState); err != nil {
+		glog.Errorf("[cpumanager] state file: could not unmarshal, corrupted state file - \"%s\"", sf.stateFilePath)
+		return err
+	}
+
+	if sf.policyName != readState.PolicyName {
+		return fmt.Errorf("policy configured \"%s\" != policy from state file \"%s\"", sf.policyName, readState.PolicyName)
+	}
+
+	if tmpDefaultCPUSet, err = cpuset.Parse(readState.DefaultCPUSet); err != nil {
+		glog.Errorf("[cpumanager] state file: could not parse state file - [defaultCpuSet:\"%s\"]", readState.DefaultCPUSet)
+		return err
+	}
 
-		if tmpDefaultCPUSet, err = cpuset.Parse(readState.DefaultCPUSet); err != nil {
-			glog.Warningf("[cpumanager] state file: could not parse state file - [defaultCpuSet:\"%s\"]", readState.DefaultCPUSet)
+	for containerID, cpuString := range readState.Entries {
+		if tmpContainerCPUSet, err = cpuset.Parse(cpuString); err != nil {
+			glog.Errorf("[cpumanager] state file: could not parse state file - container id: %s, cpuset: \"%s\"", containerID, cpuString)
 			return err
 		}
+		tmpAssignments[containerID] = tmpContainerCPUSet
+	}
 
-		for containerID, cpuString := range readState.Entries {
-			if tmpContainerCPUSet, err = cpuset.Parse(cpuString); err != nil {
-				glog.Warningf("[cpumanager] state file: could not parse state file - container id: %s, cpuset: \"%s\"", containerID, cpuString)
-				return err
-			}
-			tmpAssignments[containerID] = tmpContainerCPUSet
-		}
+	sf.cache.SetDefaultCPUSet(tmpDefaultCPUSet)
+	sf.cache.SetCPUAssignments(tmpAssignments)
 
-		sf.cache.SetDefaultCPUSet(tmpDefaultCPUSet)
-		sf.cache.SetCPUAssignments(tmpAssignments)
+	glog.V(2).Infof("[cpumanager] state file: restored state from state file \"%s\"", sf.stateFilePath)
+	glog.V(2).Infof("[cpumanager] state file: defaultCPUSet: %s", tmpDefaultCPUSet.String())
 
-		glog.V(2).Infof("[cpumanager] state file: restored state from state file \"%s\"", sf.stateFilePath)
-		glog.V(2).Infof("[cpumanager] state file: defaultCPUSet: %s", tmpDefaultCPUSet.String())
-	}
 	return nil
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/topology/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/topology/BUILD
index eb6ba3d6e63a..e9f640785548 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/topology/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/topology/BUILD
@@ -32,7 +32,6 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["topology_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/cm/cpumanager/topology",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/github.com/google/cadvisor/info/v1:go_default_library"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpuset/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpuset/BUILD
index 7ed863a5ee6c..89126d680e32 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpuset/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/cpuset/BUILD
@@ -11,8 +11,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["cpuset_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/cm/cpuset",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/BUILD
similarity index 71%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/BUILD
rename to vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/BUILD
index 9c91c2e9df28..051eaeef3726 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/BUILD
@@ -1,10 +1,4 @@
-package(default_visibility = ["//visibility:public"])
-
-load(
-    "@io_bazel_rules_go//go:def.bzl",
-    "go_library",
-    "go_test",
-)
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 
 go_library(
     name = "go_default_library",
@@ -16,15 +10,18 @@ go_library(
         "pod_devices.go",
         "types.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin",
+    importpath = "k8s.io/kubernetes/pkg/kubelet/cm/devicemanager",
+    visibility = ["//visibility:public"],
     deps = [
         "//pkg/apis/core/v1/helper:go_default_library",
-        "//pkg/kubelet/apis/deviceplugin/v1alpha:go_default_library",
+        "//pkg/kubelet/apis/deviceplugin/v1beta1:go_default_library",
         "//pkg/kubelet/config:go_default_library",
         "//pkg/kubelet/container:go_default_library",
         "//pkg/kubelet/lifecycle:go_default_library",
         "//pkg/kubelet/metrics:go_default_library",
-        "//plugin/pkg/scheduler/schedulercache:go_default_library",
+        "//pkg/kubelet/util/store:go_default_library",
+        "//pkg/scheduler/schedulercache:go_default_library",
+        "//pkg/util/filesystem:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/golang.org/x/net/context:go_default_library",
         "//vendor/google.golang.org/grpc:go_default_library",
@@ -34,31 +31,19 @@ go_library(
     ],
 )
 
-filegroup(
-    name = "package-srcs",
-    srcs = glob(["**"]),
-    tags = ["automanaged"],
-    visibility = ["//visibility:private"],
-)
-
-filegroup(
-    name = "all-srcs",
-    srcs = [":package-srcs"],
-    tags = ["automanaged"],
-)
-
 go_test(
     name = "go_default_test",
     srcs = [
         "endpoint_test.go",
         "manager_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
-        "//pkg/kubelet/apis/deviceplugin/v1alpha:go_default_library",
+        "//pkg/kubelet/apis/deviceplugin/v1beta1:go_default_library",
         "//pkg/kubelet/lifecycle:go_default_library",
-        "//plugin/pkg/scheduler/schedulercache:go_default_library",
+        "//pkg/kubelet/util/store:go_default_library",
+        "//pkg/scheduler/schedulercache:go_default_library",
+        "//pkg/util/filesystem:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/github.com/stretchr/testify/require:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
@@ -68,3 +53,17 @@ go_test(
         "//vendor/k8s.io/apimachinery/pkg/util/uuid:go_default_library",
     ],
 )
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/OWNERS b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/OWNERS
similarity index 78%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/OWNERS
rename to vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/OWNERS
index ec9b7ddc156a..a374cd524544 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/OWNERS
@@ -4,3 +4,4 @@ approvers:
 reviewers:
 - mindprince
 - RenaudWasTaken
+- vikaschoudhary16
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/device_plugin_stub.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/device_plugin_stub.go
similarity index 63%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/device_plugin_stub.go
rename to vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/device_plugin_stub.go
index 01f08c159876..a7c3fd38bb55 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/device_plugin_stub.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/device_plugin_stub.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package deviceplugin
+package devicemanager
 
 import (
 	"log"
@@ -26,7 +26,7 @@ import (
 	"golang.org/x/net/context"
 	"google.golang.org/grpc"
 
-	pluginapi "k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha"
+	pluginapi "k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1"
 )
 
 // Stub implementation for DevicePlugin.
@@ -38,6 +38,18 @@ type Stub struct {
 	update chan []*pluginapi.Device
 
 	server *grpc.Server
+
+	// allocFunc is used for handling allocation request
+	allocFunc stubAllocFunc
+}
+
+// stubAllocFunc is the function called when receive an allocation request from Kubelet
+type stubAllocFunc func(r *pluginapi.AllocateRequest, devs map[string]pluginapi.Device) (*pluginapi.AllocateResponse, error)
+
+func defaultAllocFunc(r *pluginapi.AllocateRequest, devs map[string]pluginapi.Device) (*pluginapi.AllocateResponse, error) {
+	var response pluginapi.AllocateResponse
+
+	return &response, nil
 }
 
 // NewDevicePluginStub returns an initialized DevicePlugin Stub.
@@ -48,9 +60,16 @@ func NewDevicePluginStub(devs []*pluginapi.Device, socket string) *Stub {
 
 		stop:   make(chan interface{}),
 		update: make(chan []*pluginapi.Device),
+
+		allocFunc: defaultAllocFunc,
 	}
 }
 
+// SetAllocFunc sets allocFunc of the device plugin
+func (m *Stub) SetAllocFunc(f stubAllocFunc) {
+	m.allocFunc = f
+}
+
 // Start starts the gRPC server of the device plugin
 func (m *Stub) Start() error {
 	err := m.cleanup()
@@ -67,14 +86,11 @@ func (m *Stub) Start() error {
 	pluginapi.RegisterDevicePluginServer(m.server, m)
 
 	go m.server.Serve(sock)
-	// Wait till grpc server is ready.
-	for i := 0; i < 10; i++ {
-		services := m.server.GetServiceInfo()
-		if len(services) > 1 {
-			break
-		}
-		time.Sleep(1 * time.Second)
+	_, conn, err := dial(m.socket)
+	if err != nil {
+		return err
 	}
+	conn.Close()
 	log.Println("Starting to serve on", m.socket)
 
 	return nil
@@ -89,8 +105,9 @@ func (m *Stub) Stop() error {
 }
 
 // Register registers the device plugin for the given resourceName with Kubelet.
-func (m *Stub) Register(kubeletEndpoint, resourceName string) error {
-	conn, err := grpc.Dial(kubeletEndpoint, grpc.WithInsecure(),
+func (m *Stub) Register(kubeletEndpoint, resourceName string, preStartContainerFlag bool) error {
+	conn, err := grpc.Dial(kubeletEndpoint, grpc.WithInsecure(), grpc.WithBlock(),
+		grpc.WithTimeout(10*time.Second),
 		grpc.WithDialer(func(addr string, timeout time.Duration) (net.Conn, error) {
 			return net.DialTimeout("unix", addr, timeout)
 		}))
@@ -103,6 +120,7 @@ func (m *Stub) Register(kubeletEndpoint, resourceName string) error {
 		Version:      pluginapi.Version,
 		Endpoint:     path.Base(m.socket),
 		ResourceName: resourceName,
+		Options:      &pluginapi.DevicePluginOptions{PreStartRequired: preStartContainerFlag},
 	}
 
 	_, err = client.Register(context.Background(), reqt)
@@ -112,19 +130,22 @@ func (m *Stub) Register(kubeletEndpoint, resourceName string) error {
 	return nil
 }
 
+// GetDevicePluginOptions returns DevicePluginOptions settings for the device plugin.
+func (m *Stub) GetDevicePluginOptions(ctx context.Context, e *pluginapi.Empty) (*pluginapi.DevicePluginOptions, error) {
+	return &pluginapi.DevicePluginOptions{}, nil
+}
+
+// PreStartContainer resets the devices received
+func (m *Stub) PreStartContainer(ctx context.Context, r *pluginapi.PreStartContainerRequest) (*pluginapi.PreStartContainerResponse, error) {
+	log.Printf("PreStartContainer, %+v", r)
+	return &pluginapi.PreStartContainerResponse{}, nil
+}
+
 // ListAndWatch lists devices and update that list according to the Update call
 func (m *Stub) ListAndWatch(e *pluginapi.Empty, s pluginapi.DevicePlugin_ListAndWatchServer) error {
 	log.Println("ListAndWatch")
-	var devs []*pluginapi.Device
-
-	for _, d := range m.devs {
-		devs = append(devs, &pluginapi.Device{
-			ID:     d.ID,
-			Health: pluginapi.Healthy,
-		})
-	}
 
-	s.Send(&pluginapi.ListAndWatchResponse{Devices: devs})
+	s.Send(&pluginapi.ListAndWatchResponse{Devices: m.devs})
 
 	for {
 		select {
@@ -145,8 +166,13 @@ func (m *Stub) Update(devs []*pluginapi.Device) {
 func (m *Stub) Allocate(ctx context.Context, r *pluginapi.AllocateRequest) (*pluginapi.AllocateResponse, error) {
 	log.Printf("Allocate, %+v", r)
 
-	var response pluginapi.AllocateResponse
-	return &response, nil
+	devs := make(map[string]pluginapi.Device)
+
+	for _, dev := range m.devs {
+		devs[dev.ID] = *dev
+	}
+
+	return m.allocFunc(r, devs)
 }
 
 func (m *Stub) cleanup() error {
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/endpoint.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/endpoint.go
similarity index 68%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/endpoint.go
rename to vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/endpoint.go
index 29feaf52852e..26b3952d041c 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/endpoint.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/endpoint.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package deviceplugin
+package devicemanager
 
 import (
 	"fmt"
@@ -26,7 +26,7 @@ import (
 	"golang.org/x/net/context"
 	"google.golang.org/grpc"
 
-	pluginapi "k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha"
+	pluginapi "k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1"
 )
 
 // endpoint maps to a single registered device plugin. It is responsible
@@ -36,8 +36,11 @@ type endpoint interface {
 	run()
 	stop()
 	allocate(devs []string) (*pluginapi.AllocateResponse, error)
+	preStartContainer(devs []string) (*pluginapi.PreStartContainerResponse, error)
 	getDevices() []pluginapi.Device
 	callback(resourceName string, added, updated, deleted []pluginapi.Device)
+	isStopped() bool
+	stopGracePeriodExpired() bool
 }
 
 type endpointImpl struct {
@@ -46,6 +49,7 @@ type endpointImpl struct {
 
 	socketPath   string
 	resourceName string
+	stopTime     time.Time
 
 	devices map[string]pluginapi.Device
 	mutex   sync.Mutex
@@ -54,6 +58,7 @@ type endpointImpl struct {
 }
 
 // newEndpoint creates a new endpoint for the given resourceName.
+// This is to be used during normal device plugin registration.
 func newEndpointImpl(socketPath, resourceName string, devices map[string]pluginapi.Device, callback monitorCallback) (*endpointImpl, error) {
 	client, c, err := dial(socketPath)
 	if err != nil {
@@ -73,6 +78,16 @@ func newEndpointImpl(socketPath, resourceName string, devices map[string]plugina
 	}, nil
 }
 
+// newStoppedEndpointImpl creates a new endpoint for the given resourceName with stopTime set.
+// This is to be used during Kubelet restart, before the actual device plugin re-registers.
+func newStoppedEndpointImpl(resourceName string, devices map[string]pluginapi.Device) *endpointImpl {
+	return &endpointImpl{
+		resourceName: resourceName,
+		devices:      devices,
+		stopTime:     time.Now(),
+	}
+}
+
 func (e *endpointImpl) callback(resourceName string, added, updated, deleted []pluginapi.Device) {
 	e.cb(resourceName, added, updated, deleted)
 }
@@ -164,27 +179,73 @@ func (e *endpointImpl) run() {
 		}
 
 		e.mutex.Lock()
-		e.devices = devices
+		// NOTE: Return a copy of 'devices' instead of returning a direct reference to local 'devices'
+		e.devices = make(map[string]pluginapi.Device)
+		for _, d := range devices {
+			e.devices[d.ID] = d
+		}
 		e.mutex.Unlock()
 
 		e.callback(e.resourceName, added, updated, deleted)
 	}
 }
 
+func (e *endpointImpl) isStopped() bool {
+	e.mutex.Lock()
+	defer e.mutex.Unlock()
+	return !e.stopTime.IsZero()
+}
+
+func (e *endpointImpl) stopGracePeriodExpired() bool {
+	e.mutex.Lock()
+	defer e.mutex.Unlock()
+	return !e.stopTime.IsZero() && time.Since(e.stopTime) > endpointStopGracePeriod
+}
+
+// used for testing only
+func (e *endpointImpl) setStopTime(t time.Time) {
+	e.mutex.Lock()
+	defer e.mutex.Unlock()
+	e.stopTime = t
+}
+
 // allocate issues Allocate gRPC call to the device plugin.
 func (e *endpointImpl) allocate(devs []string) (*pluginapi.AllocateResponse, error) {
+	if e.isStopped() {
+		return nil, fmt.Errorf(errEndpointStopped, e)
+	}
 	return e.client.Allocate(context.Background(), &pluginapi.AllocateRequest{
+		ContainerRequests: []*pluginapi.ContainerAllocateRequest{
+			{DevicesIDs: devs},
+		},
+	})
+}
+
+// preStartContainer issues PreStartContainer gRPC call to the device plugin.
+func (e *endpointImpl) preStartContainer(devs []string) (*pluginapi.PreStartContainerResponse, error) {
+	if e.isStopped() {
+		return nil, fmt.Errorf(errEndpointStopped, e)
+	}
+	ctx, cancel := context.WithTimeout(context.Background(), pluginapi.KubeletPreStartContainerRPCTimeoutInSecs*time.Second)
+	defer cancel()
+	return e.client.PreStartContainer(ctx, &pluginapi.PreStartContainerRequest{
 		DevicesIDs: devs,
 	})
 }
 
 func (e *endpointImpl) stop() {
-	e.clientConn.Close()
+	e.mutex.Lock()
+	defer e.mutex.Unlock()
+	if e.clientConn != nil {
+		e.clientConn.Close()
+	}
+	e.stopTime = time.Now()
 }
 
-// dial establishes the gRPC communication with the registered device plugin.
+// dial establishes the gRPC communication with the registered device plugin. https://godoc.org/google.golang.org/grpc#Dial
 func dial(unixSocketPath string) (pluginapi.DevicePluginClient, *grpc.ClientConn, error) {
-	c, err := grpc.Dial(unixSocketPath, grpc.WithInsecure(),
+	c, err := grpc.Dial(unixSocketPath, grpc.WithInsecure(), grpc.WithBlock(),
+		grpc.WithTimeout(10*time.Second),
 		grpc.WithDialer(func(addr string, timeout time.Duration) (net.Conn, error) {
 			return net.DialTimeout("unix", addr, timeout)
 		}),
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/manager.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/manager.go
similarity index 71%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/manager.go
rename to vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/manager.go
index db28e36d5d60..c8cc00658909 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/manager.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/manager.go
@@ -14,12 +14,11 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package deviceplugin
+package devicemanager
 
 import (
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
 	"net"
 	"os"
 	"path/filepath"
@@ -34,11 +33,13 @@ import (
 	"k8s.io/apimachinery/pkg/api/resource"
 	"k8s.io/apimachinery/pkg/util/sets"
 	v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
-	pluginapi "k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha"
+	pluginapi "k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1"
 	"k8s.io/kubernetes/pkg/kubelet/config"
 	"k8s.io/kubernetes/pkg/kubelet/lifecycle"
 	"k8s.io/kubernetes/pkg/kubelet/metrics"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
+	utilstore "k8s.io/kubernetes/pkg/kubelet/util/store"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
+	utilfs "k8s.io/kubernetes/pkg/util/filesystem"
 )
 
 // ActivePodsFunc is a function that returns a list of pods to reconcile.
@@ -72,14 +73,19 @@ type ManagerImpl struct {
 	// e.g. a new device is advertised, two old devices are deleted and a running device fails.
 	callback monitorCallback
 
-	// allDevices contains all of registered resourceNames and their exported device IDs.
-	allDevices map[string]sets.String
+	// healthyDevices contains all of the registered healthy resourceNames and their exported device IDs.
+	healthyDevices map[string]sets.String
+
+	// unhealthyDevices contains all of the unhealthy devices and their exported device IDs.
+	unhealthyDevices map[string]sets.String
 
 	// allocatedDevices contains allocated deviceIds, keyed by resourceName.
 	allocatedDevices map[string]sets.String
 
 	// podDevices contains pod to allocated device mapping.
 	podDevices podDevices
+	store      utilstore.Store
+	pluginOpts map[string]*pluginapi.DevicePluginOptions
 }
 
 type sourcesReadyStub struct{}
@@ -104,8 +110,10 @@ func newManagerImpl(socketPath string) (*ManagerImpl, error) {
 		endpoints:        make(map[string]endpoint),
 		socketname:       file,
 		socketdir:        dir,
-		allDevices:       make(map[string]sets.String),
+		healthyDevices:   make(map[string]sets.String),
+		unhealthyDevices: make(map[string]sets.String),
 		allocatedDevices: make(map[string]sets.String),
+		pluginOpts:       make(map[string]*pluginapi.DevicePluginOptions),
 		podDevices:       make(podDevices),
 	}
 	manager.callback = manager.genericDeviceUpdateCallback
@@ -114,6 +122,11 @@ func newManagerImpl(socketPath string) (*ManagerImpl, error) {
 	// Before that, initializes them to perform no-op operations.
 	manager.activePods = func() []*v1.Pod { return []*v1.Pod{} }
 	manager.sourcesReady = &sourcesReadyStub{}
+	var err error
+	manager.store, err = utilstore.NewFileStore(dir, utilfs.DefaultFs{})
+	if err != nil {
+		return nil, fmt.Errorf("failed to initialize device plugin checkpointing store: %+v", err)
+	}
 
 	return manager, nil
 }
@@ -121,20 +134,24 @@ func newManagerImpl(socketPath string) (*ManagerImpl, error) {
 func (m *ManagerImpl) genericDeviceUpdateCallback(resourceName string, added, updated, deleted []pluginapi.Device) {
 	kept := append(updated, added...)
 	m.mutex.Lock()
-	if _, ok := m.allDevices[resourceName]; !ok {
-		m.allDevices[resourceName] = sets.NewString()
+	if _, ok := m.healthyDevices[resourceName]; !ok {
+		m.healthyDevices[resourceName] = sets.NewString()
+	}
+	if _, ok := m.unhealthyDevices[resourceName]; !ok {
+		m.unhealthyDevices[resourceName] = sets.NewString()
 	}
-	// For now, Manager only keeps track of healthy devices.
-	// TODO: adds support to track unhealthy devices.
 	for _, dev := range kept {
 		if dev.Health == pluginapi.Healthy {
-			m.allDevices[resourceName].Insert(dev.ID)
+			m.healthyDevices[resourceName].Insert(dev.ID)
+			m.unhealthyDevices[resourceName].Delete(dev.ID)
 		} else {
-			m.allDevices[resourceName].Delete(dev.ID)
+			m.unhealthyDevices[resourceName].Insert(dev.ID)
+			m.healthyDevices[resourceName].Delete(dev.ID)
 		}
 	}
 	for _, dev := range deleted {
-		m.allDevices[resourceName].Delete(dev.ID)
+		m.healthyDevices[resourceName].Delete(dev.ID)
+		m.unhealthyDevices[resourceName].Delete(dev.ID)
 	}
 	m.mutex.Unlock()
 	m.writeCheckpoint()
@@ -172,13 +189,13 @@ func (m *ManagerImpl) removeContents(dir string) error {
 }
 
 const (
-	// kubeletDevicePluginCheckpoint is the file name of device plugin checkpoint
-	kubeletDevicePluginCheckpoint = "kubelet_internal_checkpoint"
+	// kubeletDeviceManagerCheckpoint is the file name of device plugin checkpoint
+	kubeletDeviceManagerCheckpoint = "kubelet_internal_checkpoint"
 )
 
 // checkpointFile returns device plugin checkpoint file path.
 func (m *ManagerImpl) checkpointFile() string {
-	return filepath.Join(m.socketdir, kubeletDevicePluginCheckpoint)
+	return filepath.Join(m.socketdir, kubeletDeviceManagerCheckpoint)
 }
 
 // Start starts the Device Plugin Manager amd start initialization of
@@ -186,6 +203,7 @@ func (m *ManagerImpl) checkpointFile() string {
 // starts device plugin registration service.
 func (m *ManagerImpl) Start(activePods ActivePodsFunc, sourcesReady config.SourcesReady) error {
 	glog.V(2).Infof("Starting Device Plugin manager")
+	fmt.Println("Starting Device Plugin manager")
 
 	m.activePods = activePods
 	m.sourcesReady = sourcesReady
@@ -271,8 +289,15 @@ func (m *ManagerImpl) Allocate(node *schedulercache.NodeInfo, attrs *lifecycle.P
 func (m *ManagerImpl) Register(ctx context.Context, r *pluginapi.RegisterRequest) (*pluginapi.Empty, error) {
 	glog.Infof("Got registration request from device plugin with resource name %q", r.ResourceName)
 	metrics.DevicePluginRegistrationCount.WithLabelValues(r.ResourceName).Inc()
-	if r.Version != pluginapi.Version {
-		errorString := fmt.Sprintf(errUnsuportedVersion, r.Version, pluginapi.Version)
+	var versionCompatible bool
+	for _, v := range pluginapi.SupportedVersions {
+		if r.Version == v {
+			versionCompatible = true
+			break
+		}
+	}
+	if !versionCompatible {
+		errorString := fmt.Sprintf(errUnsupportedVersion, r.Version, pluginapi.SupportedVersions)
 		glog.Infof("Bad registration request from device plugin with resource name %q: %v", r.ResourceName, errorString)
 		return &pluginapi.Empty{}, fmt.Errorf(errorString)
 	}
@@ -325,8 +350,10 @@ func (m *ManagerImpl) addEndpoint(r *pluginapi.RegisterRequest) {
 		glog.Errorf("Failed to dial device plugin with request %v: %v", r, err)
 		return
 	}
-
 	m.mutex.Lock()
+	if r.Options != nil {
+		m.pluginOpts[r.ResourceName] = r.Options
+	}
 	// Check for potential re-registration during the initialization of new endpoint,
 	// and skip updating if re-registration happens.
 	// TODO: simplify the part once we have a better way to handle registered devices
@@ -350,21 +377,32 @@ func (m *ManagerImpl) addEndpoint(r *pluginapi.RegisterRequest) {
 	go func() {
 		e.run()
 		e.stop()
-
 		m.mutex.Lock()
 		if old, ok := m.endpoints[r.ResourceName]; ok && old == e {
-			glog.V(2).Infof("Delete resource for endpoint %v", e)
-			delete(m.endpoints, r.ResourceName)
+			m.markResourceUnhealthy(r.ResourceName)
 		}
-
 		glog.V(2).Infof("Unregistered endpoint %v", e)
 		m.mutex.Unlock()
 	}()
 }
 
+func (m *ManagerImpl) markResourceUnhealthy(resourceName string) {
+	glog.V(2).Infof("Mark all resources Unhealthy for resource %s", resourceName)
+	healthyDevices := sets.NewString()
+	if _, ok := m.healthyDevices[resourceName]; ok {
+		healthyDevices = m.healthyDevices[resourceName]
+		m.healthyDevices[resourceName] = sets.NewString()
+	}
+	if _, ok := m.unhealthyDevices[resourceName]; !ok {
+		m.unhealthyDevices[resourceName] = sets.NewString()
+	}
+	m.unhealthyDevices[resourceName] = m.unhealthyDevices[resourceName].Union(healthyDevices)
+}
+
 // GetCapacity is expected to be called when Kubelet updates its node status.
 // The first returned variable contains the registered device plugin resource capacity.
-// The second returned variable contains previously registered resources that are no longer active.
+// The second returned variable contains the registered device plugin resource allocatable.
+// The third returned variable contains previously registered resources that are no longer active.
 // Kubelet uses this information to update resource capacity/allocatable in its node status.
 // After the call, device plugin can remove the inactive resources from its internal list as the
 // change is already reflected in Kubelet node status.
@@ -373,25 +411,52 @@ func (m *ManagerImpl) addEndpoint(r *pluginapi.RegisterRequest) {
 // cm.UpdatePluginResource() run during predicate Admit guarantees we adjust nodeinfo
 // capacity for already allocated pods so that they can continue to run. However, new pods
 // requiring device plugin resources will not be scheduled till device plugin re-registers.
-func (m *ManagerImpl) GetCapacity() (v1.ResourceList, []string) {
+func (m *ManagerImpl) GetCapacity() (v1.ResourceList, v1.ResourceList, []string) {
 	needsUpdateCheckpoint := false
 	var capacity = v1.ResourceList{}
-	var deletedResources []string
+	var allocatable = v1.ResourceList{}
+	deletedResources := sets.NewString()
 	m.mutex.Lock()
-	for resourceName, devices := range m.allDevices {
-		if _, ok := m.endpoints[resourceName]; !ok {
-			delete(m.allDevices, resourceName)
-			deletedResources = append(deletedResources, resourceName)
+	for resourceName, devices := range m.healthyDevices {
+		e, ok := m.endpoints[resourceName]
+		if (ok && e.stopGracePeriodExpired()) || !ok {
+			// The resources contained in endpoints and (un)healthyDevices
+			// should always be consistent. Otherwise, we run with the risk
+			// of failing to garbage collect non-existing resources or devices.
+			if !ok {
+				glog.Errorf("unexpected: healthyDevices and endpoints are out of sync")
+			}
+			delete(m.endpoints, resourceName)
+			delete(m.healthyDevices, resourceName)
+			deletedResources.Insert(resourceName)
 			needsUpdateCheckpoint = true
 		} else {
 			capacity[v1.ResourceName(resourceName)] = *resource.NewQuantity(int64(devices.Len()), resource.DecimalSI)
+			allocatable[v1.ResourceName(resourceName)] = *resource.NewQuantity(int64(devices.Len()), resource.DecimalSI)
+		}
+	}
+	for resourceName, devices := range m.unhealthyDevices {
+		e, ok := m.endpoints[resourceName]
+		if (ok && e.stopGracePeriodExpired()) || !ok {
+			if !ok {
+				glog.Errorf("unexpected: unhealthyDevices and endpoints are out of sync")
+			}
+			delete(m.endpoints, resourceName)
+			delete(m.unhealthyDevices, resourceName)
+			deletedResources.Insert(resourceName)
+			needsUpdateCheckpoint = true
+		} else {
+			capacityCount := capacity[v1.ResourceName(resourceName)]
+			unhealthyCount := *resource.NewQuantity(int64(devices.Len()), resource.DecimalSI)
+			capacityCount.Add(unhealthyCount)
+			capacity[v1.ResourceName(resourceName)] = capacityCount
 		}
 	}
 	m.mutex.Unlock()
 	if needsUpdateCheckpoint {
 		m.writeCheckpoint()
 	}
-	return capacity, deletedResources
+	return capacity, allocatable, deletedResources.UnsortedList()
 }
 
 // checkpointData struct is used to store pod to device allocation information
@@ -409,7 +474,7 @@ func (m *ManagerImpl) writeCheckpoint() error {
 		PodDeviceEntries:  m.podDevices.toCheckpointData(),
 		RegisteredDevices: make(map[string][]string),
 	}
-	for resource, devices := range m.allDevices {
+	for resource, devices := range m.healthyDevices {
 		data.RegisteredDevices[resource] = devices.UnsortedList()
 	}
 	m.mutex.Unlock()
@@ -418,33 +483,39 @@ func (m *ManagerImpl) writeCheckpoint() error {
 	if err != nil {
 		return err
 	}
-	filepath := m.checkpointFile()
-	return ioutil.WriteFile(filepath, dataJSON, 0644)
+	err = m.store.Write(kubeletDeviceManagerCheckpoint, dataJSON)
+	if err != nil {
+		return fmt.Errorf("failed to write deviceplugin checkpoint file %q: %v", kubeletDeviceManagerCheckpoint, err)
+	}
+	return nil
 }
 
 // Reads device to container allocation information from disk, and populates
 // m.allocatedDevices accordingly.
 func (m *ManagerImpl) readCheckpoint() error {
-	filepath := m.checkpointFile()
-	content, err := ioutil.ReadFile(filepath)
-	if err != nil && !os.IsNotExist(err) {
-		return fmt.Errorf("failed to read checkpoint file %q: %v", filepath, err)
+	content, err := m.store.Read(kubeletDeviceManagerCheckpoint)
+	if err != nil {
+		if err == utilstore.ErrKeyNotFound {
+			return nil
+		}
+		return fmt.Errorf("failed to read checkpoint file %q: %v", kubeletDeviceManagerCheckpoint, err)
 	}
-	glog.V(2).Infof("Read checkpoint file %s\n", filepath)
+	glog.V(4).Infof("Read checkpoint file %s\n", kubeletDeviceManagerCheckpoint)
 	var data checkpointData
 	if err := json.Unmarshal(content, &data); err != nil {
-		return fmt.Errorf("failed to unmarshal checkpoint data: %v", err)
+		return fmt.Errorf("failed to unmarshal deviceplugin checkpoint data: %v", err)
 	}
 
 	m.mutex.Lock()
 	defer m.mutex.Unlock()
 	m.podDevices.fromCheckpointData(data.PodDeviceEntries)
 	m.allocatedDevices = m.podDevices.devices()
-	for resource, devices := range data.RegisteredDevices {
-		m.allDevices[resource] = sets.NewString()
-		for _, dev := range devices {
-			m.allDevices[resource].Insert(dev)
-		}
+	for resource := range data.RegisteredDevices {
+		// During start up, creates empty healthyDevices list so that the resource capacity
+		// will stay zero till the corresponding device plugin re-registers.
+		m.healthyDevices[resource] = sets.NewString()
+		m.unhealthyDevices[resource] = sets.NewString()
+		m.endpoints[resource] = newStoppedEndpointImpl(resource, make(map[string]pluginapi.Device))
 	}
 	return nil
 }
@@ -496,7 +567,7 @@ func (m *ManagerImpl) devicesToAllocate(podUID, contName, resource string, requi
 	}
 	glog.V(3).Infof("Needs to allocate %v %v for pod %q container %q", needed, resource, podUID, contName)
 	// Needs to allocate additional devices.
-	if _, ok := m.allDevices[resource]; !ok {
+	if _, ok := m.healthyDevices[resource]; !ok {
 		return nil, fmt.Errorf("can't allocate unregistered device %v", resource)
 	}
 	devices = sets.NewString()
@@ -515,7 +586,7 @@ func (m *ManagerImpl) devicesToAllocate(podUID, contName, resource string, requi
 	// Gets Devices in use.
 	devicesInUse := m.allocatedDevices[resource]
 	// Gets a list of available devices.
-	available := m.allDevices[resource].Difference(devicesInUse)
+	available := m.healthyDevices[resource].Difference(devicesInUse)
 	if int(available.Len()) < needed {
 		return nil, fmt.Errorf("requested number of devices unavailable for %s. Requested: %d, Available: %d", resource, needed, available.Len())
 	}
@@ -538,15 +609,15 @@ func (m *ManagerImpl) allocateContainerResources(pod *v1.Pod, container *v1.Cont
 	podUID := string(pod.UID)
 	contName := container.Name
 	allocatedDevicesUpdated := false
+	// Extended resources are not allowed to be overcommitted.
+	// Since device plugin advertises extended resources,
+	// therefore Requests must be equal to Limits and iterating
+	// over the Limits should be sufficient.
 	for k, v := range container.Resources.Limits {
 		resource := string(k)
 		needed := int(v.Value())
 		glog.V(3).Infof("needs %d %s", needed, resource)
-		_, registeredResource := m.allDevices[resource]
-		_, allocatedResource := m.allocatedDevices[resource]
-		// Continues if this is neither an active device plugin resource nor
-		// a resource we have previously allocated.
-		if !registeredResource && !allocatedResource {
+		if !m.isDevicePluginResource(resource) {
 			continue
 		}
 		// Updates allocatedDevices to garbage collect any stranded resources
@@ -562,8 +633,9 @@ func (m *ManagerImpl) allocateContainerResources(pod *v1.Pod, container *v1.Cont
 		if allocDevices == nil || len(allocDevices) <= 0 {
 			continue
 		}
+
 		startRPCTime := time.Now()
-		// devicePluginManager.Allocate involves RPC calls to device plugin, which
+		// Manager.Allocate involves RPC calls to device plugin, which
 		// could be heavy-weight. Therefore we want to perform this operation outside
 		// mutex lock. Note if Allocate call fails, we may leave container resources
 		// partially allocated for the failed container. We rely on updateAllocatedDevices()
@@ -586,6 +658,8 @@ func (m *ManagerImpl) allocateContainerResources(pod *v1.Pod, container *v1.Cont
 		}
 
 		devs := allocDevices.UnsortedList()
+		// TODO: refactor this part of code to just append a ContainerAllocationRequest
+		// in a passed in AllocateRequest pointer, and issues a single Allocate call per pod.
 		glog.V(3).Infof("Making allocation request for devices %v for device plugin %s", devs, resource)
 		resp, err := e.allocate(devs)
 		metrics.DevicePluginAllocationLatency.WithLabelValues(resource).Observe(metrics.SinceInMicroseconds(startRPCTime))
@@ -600,7 +674,7 @@ func (m *ManagerImpl) allocateContainerResources(pod *v1.Pod, container *v1.Cont
 
 		// Update internal cached podDevices state.
 		m.mutex.Lock()
-		m.podDevices.insert(podUID, contName, resource, allocDevices, resp)
+		m.podDevices.insert(podUID, contName, resource, allocDevices, resp.ContainerResponses[0])
 		m.mutex.Unlock()
 	}
 
@@ -611,10 +685,62 @@ func (m *ManagerImpl) allocateContainerResources(pod *v1.Pod, container *v1.Cont
 // GetDeviceRunContainerOptions checks whether we have cached containerDevices
 // for the passed-in <pod, container> and returns its DeviceRunContainerOptions
 // for the found one. An empty struct is returned in case no cached state is found.
-func (m *ManagerImpl) GetDeviceRunContainerOptions(pod *v1.Pod, container *v1.Container) *DeviceRunContainerOptions {
+func (m *ManagerImpl) GetDeviceRunContainerOptions(pod *v1.Pod, container *v1.Container) (*DeviceRunContainerOptions, error) {
+	podUID := string(pod.UID)
+	contName := container.Name
+	for k := range container.Resources.Limits {
+		resource := string(k)
+		if !m.isDevicePluginResource(resource) {
+			continue
+		}
+		err := m.callPreStartContainerIfNeeded(podUID, contName, resource)
+		if err != nil {
+			return nil, err
+		}
+	}
 	m.mutex.Lock()
 	defer m.mutex.Unlock()
-	return m.podDevices.deviceRunContainerOptions(string(pod.UID), container.Name)
+	return m.podDevices.deviceRunContainerOptions(string(pod.UID), container.Name), nil
+}
+
+// callPreStartContainerIfNeeded issues PreStartContainer grpc call for device plugin resource
+// with PreStartRequired option set.
+func (m *ManagerImpl) callPreStartContainerIfNeeded(podUID, contName, resource string) error {
+	m.mutex.Lock()
+	opts, ok := m.pluginOpts[resource]
+	if !ok {
+		m.mutex.Unlock()
+		glog.V(4).Infof("Plugin options not found in cache for resource: %s. Skip PreStartContainer", resource)
+		return nil
+	}
+
+	if !opts.PreStartRequired {
+		m.mutex.Unlock()
+		glog.V(4).Infof("Plugin options indicate to skip PreStartContainer for resource, %v", resource)
+		return nil
+	}
+
+	devices := m.podDevices.containerDevices(podUID, contName, resource)
+	if devices == nil {
+		m.mutex.Unlock()
+		return fmt.Errorf("no devices found allocated in local cache for pod %s, container %s, resource %s", podUID, contName, resource)
+	}
+
+	e, ok := m.endpoints[resource]
+	if !ok {
+		m.mutex.Unlock()
+		return fmt.Errorf("endpoint not found in cache for a registered resource: %s", resource)
+	}
+
+	m.mutex.Unlock()
+	devs := devices.UnsortedList()
+	glog.V(4).Infof("Issuing an PreStartContainer call for container, %s, of pod %s", contName, podUID)
+	_, err := e.preStartContainer(devs)
+	if err != nil {
+		return fmt.Errorf("device plugin PreStartContainer rpc failed with err: %v", err)
+	}
+	// TODO: Add metrics support for init RPC
+	return nil
 }
 
 // sanitizeNodeAllocatable scans through allocatedDevices in the device manager
@@ -644,3 +770,14 @@ func (m *ManagerImpl) sanitizeNodeAllocatable(node *schedulercache.NodeInfo) {
 		node.SetAllocatableResource(newAllocatableResource)
 	}
 }
+
+func (m *ManagerImpl) isDevicePluginResource(resource string) bool {
+	_, registeredResource := m.healthyDevices[resource]
+	_, allocatedResource := m.allocatedDevices[resource]
+	// Return true if this is either an active device plugin resource or
+	// a resource we have previously allocated.
+	if registeredResource || allocatedResource {
+		return true
+	}
+	return false
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/manager_stub.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/manager_stub.go
similarity index 83%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/manager_stub.go
rename to vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/manager_stub.go
index 903a0077a2c3..a0f14257fddd 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/manager_stub.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/manager_stub.go
@@ -14,14 +14,14 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package deviceplugin
+package devicemanager
 
 import (
 	"k8s.io/api/core/v1"
-	pluginapi "k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha"
+	pluginapi "k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1"
 	"k8s.io/kubernetes/pkg/kubelet/config"
 	"k8s.io/kubernetes/pkg/kubelet/lifecycle"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 )
 
 // ManagerStub provides a simple stub implementation for the Device Manager.
@@ -53,11 +53,11 @@ func (h *ManagerStub) Allocate(node *schedulercache.NodeInfo, attrs *lifecycle.P
 }
 
 // GetDeviceRunContainerOptions simply returns nil.
-func (h *ManagerStub) GetDeviceRunContainerOptions(pod *v1.Pod, container *v1.Container) *DeviceRunContainerOptions {
-	return nil
+func (h *ManagerStub) GetDeviceRunContainerOptions(pod *v1.Pod, container *v1.Container) (*DeviceRunContainerOptions, error) {
+	return nil, nil
 }
 
 // GetCapacity simply returns nil capacity and empty removed resource list.
-func (h *ManagerStub) GetCapacity() (v1.ResourceList, []string) {
-	return nil, []string{}
+func (h *ManagerStub) GetCapacity() (v1.ResourceList, v1.ResourceList, []string) {
+	return nil, nil, []string{}
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/pod_devices.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/pod_devices.go
similarity index 86%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/pod_devices.go
rename to vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/pod_devices.go
index 311c8d0c60fe..eb20dc0a6e81 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/pod_devices.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/pod_devices.go
@@ -14,13 +14,13 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package deviceplugin
+package devicemanager
 
 import (
 	"github.com/golang/glog"
 
 	"k8s.io/apimachinery/pkg/util/sets"
-	pluginapi "k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha"
+	pluginapi "k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 )
 
@@ -28,7 +28,7 @@ type deviceAllocateInfo struct {
 	// deviceIds contains device Ids allocated to this container for the given resourceName.
 	deviceIds sets.String
 	// allocResp contains cached rpc AllocateResponse.
-	allocResp *pluginapi.AllocateResponse
+	allocResp *pluginapi.ContainerAllocateResponse
 }
 
 type resourceAllocateInfo map[string]deviceAllocateInfo // Keyed by resourceName.
@@ -43,7 +43,7 @@ func (pdev podDevices) pods() sets.String {
 	return ret
 }
 
-func (pdev podDevices) insert(podUID, contName, resource string, devices sets.String, resp *pluginapi.AllocateResponse) {
+func (pdev podDevices) insert(podUID, contName, resource string, devices sets.String, resp *pluginapi.ContainerAllocateResponse) {
 	if _, podExists := pdev[podUID]; !podExists {
 		pdev[podUID] = make(containerDevices)
 	}
@@ -117,7 +117,9 @@ func (pdev podDevices) devices() map[string]sets.String {
 				if _, exists := ret[resource]; !exists {
 					ret[resource] = sets.NewString()
 				}
-				ret[resource] = ret[resource].Union(devices.deviceIds)
+				if devices.allocResp != nil {
+					ret[resource] = ret[resource].Union(devices.deviceIds)
+				}
 			}
 		}
 	}
@@ -166,7 +168,7 @@ func (pdev podDevices) fromCheckpointData(data []podDevicesCheckpointEntry) {
 		for _, devID := range entry.DeviceIDs {
 			devIDs.Insert(devID)
 		}
-		allocResp := &pluginapi.AllocateResponse{}
+		allocResp := &pluginapi.ContainerAllocateResponse{}
 		err := allocResp.Unmarshal(entry.AllocResp)
 		if err != nil {
 			glog.Errorf("Can't unmarshal allocResp for %v %v %v: %v", entry.PodUID, entry.ContainerName, entry.ResourceName, err)
@@ -191,6 +193,7 @@ func (pdev podDevices) deviceRunContainerOptions(podUID, contName string) *Devic
 	devsMap := make(map[string]string)
 	mountsMap := make(map[string]string)
 	envsMap := make(map[string]string)
+	annotationsMap := make(map[string]string)
 	// Loops through AllocationResponses of all cached device resources.
 	for _, devices := range resources {
 		resp := devices.allocResp
@@ -198,17 +201,18 @@ func (pdev podDevices) deviceRunContainerOptions(podUID, contName string) *Devic
 		// Environment variables
 		// Mount points
 		// Device files
+		// Container annotations
 		// These artifacts are per resource per container.
 		// Updates RunContainerOptions.Envs.
 		for k, v := range resp.Envs {
 			if e, ok := envsMap[k]; ok {
-				glog.V(3).Infof("skip existing env %s %s", k, v)
+				glog.V(4).Infof("Skip existing env %s %s", k, v)
 				if e != v {
 					glog.Errorf("Environment variable %s has conflicting setting: %s and %s", k, e, v)
 				}
 				continue
 			}
-			glog.V(4).Infof("add env %s %s", k, v)
+			glog.V(4).Infof("Add env %s %s", k, v)
 			envsMap[k] = v
 			opts.Envs = append(opts.Envs, kubecontainer.EnvVar{Name: k, Value: v})
 		}
@@ -216,14 +220,14 @@ func (pdev podDevices) deviceRunContainerOptions(podUID, contName string) *Devic
 		// Updates RunContainerOptions.Devices.
 		for _, dev := range resp.Devices {
 			if d, ok := devsMap[dev.ContainerPath]; ok {
-				glog.V(3).Infof("skip existing device %s %s", dev.ContainerPath, dev.HostPath)
+				glog.V(4).Infof("Skip existing device %s %s", dev.ContainerPath, dev.HostPath)
 				if d != dev.HostPath {
 					glog.Errorf("Container device %s has conflicting mapping host devices: %s and %s",
 						dev.ContainerPath, d, dev.HostPath)
 				}
 				continue
 			}
-			glog.V(4).Infof("add device %s %s", dev.ContainerPath, dev.HostPath)
+			glog.V(4).Infof("Add device %s %s", dev.ContainerPath, dev.HostPath)
 			devsMap[dev.ContainerPath] = dev.HostPath
 			opts.Devices = append(opts.Devices, kubecontainer.DeviceInfo{
 				PathOnHost:      dev.HostPath,
@@ -231,17 +235,18 @@ func (pdev podDevices) deviceRunContainerOptions(podUID, contName string) *Devic
 				Permissions:     dev.Permissions,
 			})
 		}
+
 		// Updates RunContainerOptions.Mounts.
 		for _, mount := range resp.Mounts {
 			if m, ok := mountsMap[mount.ContainerPath]; ok {
-				glog.V(3).Infof("skip existing mount %s %s", mount.ContainerPath, mount.HostPath)
+				glog.V(4).Infof("Skip existing mount %s %s", mount.ContainerPath, mount.HostPath)
 				if m != mount.HostPath {
 					glog.Errorf("Container mount %s has conflicting mapping host mounts: %s and %s",
 						mount.ContainerPath, m, mount.HostPath)
 				}
 				continue
 			}
-			glog.V(4).Infof("add mount %s %s", mount.ContainerPath, mount.HostPath)
+			glog.V(4).Infof("Add mount %s %s", mount.ContainerPath, mount.HostPath)
 			mountsMap[mount.ContainerPath] = mount.HostPath
 			opts.Mounts = append(opts.Mounts, kubecontainer.Mount{
 				Name:          mount.ContainerPath,
@@ -252,6 +257,20 @@ func (pdev podDevices) deviceRunContainerOptions(podUID, contName string) *Devic
 				SELinuxRelabel: false,
 			})
 		}
+
+		// Updates for Annotations
+		for k, v := range resp.Annotations {
+			if e, ok := annotationsMap[k]; ok {
+				glog.V(4).Infof("Skip existing annotation %s %s", k, v)
+				if e != v {
+					glog.Errorf("Annotation %s has conflicting setting: %s and %s", k, e, v)
+				}
+				continue
+			}
+			glog.V(4).Infof("Add annotation %s %s", k, v)
+			annotationsMap[k] = v
+			opts.Annotations = append(opts.Annotations, kubecontainer.Annotation{Name: k, Value: v})
+		}
 	}
 	return opts
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/types.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/types.go
similarity index 80%
rename from vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/types.go
rename to vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/types.go
index c4465a8be4cb..e1d07ef5fa20 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/deviceplugin/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/types.go
@@ -14,15 +14,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package deviceplugin
+package devicemanager
 
 import (
+	"time"
+
 	"k8s.io/api/core/v1"
-	pluginapi "k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1alpha"
+	pluginapi "k8s.io/kubernetes/pkg/kubelet/apis/deviceplugin/v1beta1"
 	"k8s.io/kubernetes/pkg/kubelet/config"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/kubelet/lifecycle"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 )
 
 // Manager manages all the Device Plugins running on a node.
@@ -51,11 +53,11 @@ type Manager interface {
 	// GetDeviceRunContainerOptions checks whether we have cached containerDevices
 	// for the passed-in <pod, container> and returns its DeviceRunContainerOptions
 	// for the found one. An empty struct is returned in case no cached state is found.
-	GetDeviceRunContainerOptions(pod *v1.Pod, container *v1.Container) *DeviceRunContainerOptions
+	GetDeviceRunContainerOptions(pod *v1.Pod, container *v1.Container) (*DeviceRunContainerOptions, error)
 
-	// GetCapacity returns the amount of available device plugin resource capacity
+	// GetCapacity returns the amount of available device plugin resource capacity, resource allocatable
 	// and inactive device plugin resources previously registered on the node.
-	GetCapacity() (v1.ResourceList, []string)
+	GetCapacity() (v1.ResourceList, v1.ResourceList, []string)
 }
 
 // DeviceRunContainerOptions contains the combined container runtime settings to consume its allocated devices.
@@ -66,6 +68,8 @@ type DeviceRunContainerOptions struct {
 	Mounts []kubecontainer.Mount
 	// The host devices mapped into the container.
 	Devices []kubecontainer.DeviceInfo
+	// The Annotations for the container
+	Annotations []kubecontainer.Annotation
 }
 
 // TODO: evaluate whether we need these error definitions.
@@ -73,9 +77,9 @@ const (
 	// errFailedToDialDevicePlugin is the error raised when the device plugin could not be
 	// reached on the registered socket
 	errFailedToDialDevicePlugin = "failed to dial device plugin:"
-	// errUnsuportedVersion is the error raised when the device plugin uses an API version not
+	// errUnsupportedVersion is the error raised when the device plugin uses an API version not
 	// supported by the Kubelet registry
-	errUnsuportedVersion = "requested API version %q is not supported by kubelet. Supported version is %q"
+	errUnsupportedVersion = "requested API version %q is not supported by kubelet. Supported versions are %q"
 	// errDevicePluginAlreadyExists is the error raised when a device plugin with the
 	// same Resource Name tries to register itself
 	errDevicePluginAlreadyExists = "another device plugin already registered this Resource Name"
@@ -84,6 +88,8 @@ const (
 	errInvalidResourceName = "the ResourceName %q is invalid"
 	// errEmptyResourceName is the error raised when the resource name field is empty
 	errEmptyResourceName = "invalid Empty ResourceName"
+	// errEndpointStopped indicates that the endpoint has been stopped
+	errEndpointStopped = "endpoint %v has been stopped"
 
 	// errBadSocket is the error raised when the registry socket path is not absolute
 	errBadSocket = "bad socketPath, must be an absolute path:"
@@ -94,3 +100,9 @@ const (
 	// errListAndWatch is the error raised when ListAndWatch ended unsuccessfully
 	errListAndWatch = "listAndWatch ended unexpectedly for device plugin %s with error %v"
 )
+
+// endpointStopGracePeriod indicates the grace period after an endpoint is stopped
+// because its device plugin fails. DeviceManager keeps the stopped endpoint in its
+// cache during this grace period to cover the time gap for the capacity change to
+// take effect.
+const endpointStopGracePeriod = time.Duration(5) * time.Minute
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/helpers_linux.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/helpers_linux.go
index 935fb6c8060e..d04128edd719 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/helpers_linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/helpers_linux.go
@@ -103,7 +103,7 @@ func HugePageLimits(resourceList v1.ResourceList) map[int64]int64 {
 }
 
 // ResourceConfigForPod takes the input pod and outputs the cgroup resource config.
-func ResourceConfigForPod(pod *v1.Pod) *ResourceConfig {
+func ResourceConfigForPod(pod *v1.Pod, enforceCPULimits bool) *ResourceConfig {
 	// sum requests and limits.
 	reqs, limits := resource.PodRequestsAndLimits(pod)
 
@@ -146,6 +146,11 @@ func ResourceConfigForPod(pod *v1.Pod) *ResourceConfig {
 		}
 	}
 
+	// quota is not capped when cfs quota is disabled
+	if !enforceCPULimits {
+		cpuQuota = int64(-1)
+	}
+
 	// determine the qos class
 	qosClass := v1qos.GetPodQOS(pod)
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/helpers_unsupported.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/helpers_unsupported.go
index b572f3456f3f..ee3ed91d5576 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/helpers_unsupported.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/helpers_unsupported.go
@@ -43,7 +43,7 @@ func MilliCPUToShares(milliCPU int64) int64 {
 }
 
 // ResourceConfigForPod takes the input pod and outputs the cgroup resource config.
-func ResourceConfigForPod(pod *v1.Pod) *ResourceConfig {
+func ResourceConfigForPod(pod *v1.Pod, enforceCPULimit bool) *ResourceConfig {
 	return nil
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/node_container_manager.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/node_container_manager.go
index 66e0d82467e0..04e5acdd1a52 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/node_container_manager.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/node_container_manager.go
@@ -32,6 +32,7 @@ import (
 	kubefeatures "k8s.io/kubernetes/pkg/features"
 	"k8s.io/kubernetes/pkg/kubelet/events"
 	evictionapi "k8s.io/kubernetes/pkg/kubelet/eviction/api"
+	kubetypes "k8s.io/kubernetes/pkg/kubelet/types"
 )
 
 const (
@@ -62,7 +63,7 @@ func (cm *containerManagerImpl) enforceNodeAllocatableCgroups() error {
 	// default cpu shares on cgroups are low and can cause cpu starvation.
 	nodeAllocatable := cm.capacity
 	// Use Node Allocatable limits instead of capacity if the user requested enforcing node allocatable.
-	if cm.CgroupsPerQOS && nc.EnforceNodeAllocatable.Has(NodeAllocatableEnforcementKey) {
+	if cm.CgroupsPerQOS && nc.EnforceNodeAllocatable.Has(kubetypes.NodeAllocatableEnforcementKey) {
 		nodeAllocatable = cm.getNodeAllocatableAbsolute()
 	}
 
@@ -101,7 +102,7 @@ func (cm *containerManagerImpl) enforceNodeAllocatableCgroups() error {
 		}()
 	}
 	// Now apply kube reserved and system reserved limits if required.
-	if nc.EnforceNodeAllocatable.Has(SystemReservedEnforcementKey) {
+	if nc.EnforceNodeAllocatable.Has(kubetypes.SystemReservedEnforcementKey) {
 		glog.V(2).Infof("Enforcing System reserved on cgroup %q with limits: %+v", nc.SystemReservedCgroupName, nc.SystemReserved)
 		if err := enforceExistingCgroup(cm.cgroupManager, nc.SystemReservedCgroupName, nc.SystemReserved); err != nil {
 			message := fmt.Sprintf("Failed to enforce System Reserved Cgroup Limits on %q: %v", nc.SystemReservedCgroupName, err)
@@ -110,7 +111,7 @@ func (cm *containerManagerImpl) enforceNodeAllocatableCgroups() error {
 		}
 		cm.recorder.Eventf(nodeRef, v1.EventTypeNormal, events.SuccessfulNodeAllocatableEnforcement, "Updated limits on system reserved cgroup %v", nc.SystemReservedCgroupName)
 	}
-	if nc.EnforceNodeAllocatable.Has(KubeReservedEnforcementKey) {
+	if nc.EnforceNodeAllocatable.Has(kubetypes.KubeReservedEnforcementKey) {
 		glog.V(2).Infof("Enforcing kube reserved on cgroup %q with limits: %+v", nc.KubeReservedCgroupName, nc.KubeReserved)
 		if err := enforceExistingCgroup(cm.cgroupManager, nc.KubeReservedCgroupName, nc.KubeReserved); err != nil {
 			message := fmt.Sprintf("Failed to enforce Kube Reserved Cgroup Limits on %q: %v", nc.KubeReservedCgroupName, err)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/pod_container_manager_linux.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/pod_container_manager_linux.go
index e62d192891d4..a9a873691cb0 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/pod_container_manager_linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/pod_container_manager_linux.go
@@ -27,7 +27,9 @@ import (
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
 	utilerrors "k8s.io/apimachinery/pkg/util/errors"
+	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	v1qos "k8s.io/kubernetes/pkg/apis/core/v1/helper/qos"
+	kubefeatures "k8s.io/kubernetes/pkg/features"
 )
 
 const (
@@ -45,6 +47,10 @@ type podContainerManagerImpl struct {
 	// cgroupManager is the cgroup Manager Object responsible for managing all
 	// pod cgroups.
 	cgroupManager CgroupManager
+	// Maximum number of pids in a pod
+	podPidsLimit int64
+	// enforceCPULimits controls whether cfs quota is enforced or not
+	enforceCPULimits bool
 }
 
 // Make sure that podContainerManagerImpl implements the PodContainerManager interface
@@ -75,7 +81,10 @@ func (m *podContainerManagerImpl) EnsureExists(pod *v1.Pod) error {
 		// Create the pod container
 		containerConfig := &CgroupConfig{
 			Name:               podContainerName,
-			ResourceParameters: ResourceConfigForPod(pod),
+			ResourceParameters: ResourceConfigForPod(pod, m.enforceCPULimits),
+		}
+		if utilfeature.DefaultFeatureGate.Enabled(kubefeatures.SupportPodPidsLimit) && m.podPidsLimit > 0 {
+			containerConfig.ResourceParameters.PodPidsLimit = &m.podPidsLimit
 		}
 		if err := m.cgroupManager.Create(containerConfig); err != nil {
 			return fmt.Errorf("failed to create container for %v : %v", podContainerName, err)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/pod_container_manager_unsupported.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/pod_container_manager_unsupported.go
index e69542b18239..d62eb7fa4e8f 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/pod_container_manager_unsupported.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/pod_container_manager_unsupported.go
@@ -18,36 +18,8 @@ limitations under the License.
 
 package cm
 
-import (
-	"k8s.io/api/core/v1"
-	"k8s.io/apimachinery/pkg/types"
-)
-
 type unsupportedPodContainerManager struct {
+	podContainerManagerStub
 }
 
 var _ PodContainerManager = &unsupportedPodContainerManager{}
-
-func (m *unsupportedPodContainerManager) Exists(_ *v1.Pod) bool {
-	return true
-}
-
-func (m *unsupportedPodContainerManager) EnsureExists(_ *v1.Pod) error {
-	return nil
-}
-
-func (m *unsupportedPodContainerManager) GetPodContainerName(_ *v1.Pod) (CgroupName, string) {
-	return "", ""
-}
-
-func (m *unsupportedPodContainerManager) ReduceCPULimits(_ CgroupName) error {
-	return nil
-}
-
-func (m *unsupportedPodContainerManager) GetAllPodsFromCgroups() (map[types.UID]CgroupName, error) {
-	return nil, nil
-}
-
-func (m *unsupportedPodContainerManager) Destroy(name CgroupName) error {
-	return nil
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/types.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/types.go
index 1ee48f9c8eb3..ce2cc2c826fd 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/types.go
@@ -33,6 +33,8 @@ type ResourceConfig struct {
 	CpuPeriod *uint64
 	// HugePageLimit map from page size (in bytes) to limit (in bytes)
 	HugePageLimit map[int64]int64
+	// Maximum number of pids
+	PodPidsLimit *int64
 }
 
 // CgroupName is the abstract name of a cgroup prior to any driver specific conversion.
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/util/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/util/BUILD
index 9de2c5ba0116..e344dc6e66e5 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/cm/util/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cm/util/BUILD
@@ -7,17 +7,45 @@ load(
 
 go_library(
     name = "go_default_library",
-    srcs = [
-        "cgroups_unsupported.go",
-    ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+    srcs = select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "cgroups_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "cgroups_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "cgroups_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "cgroups_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "cgroups_linux.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "cgroups_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "cgroups_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "cgroups_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "cgroups_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "cgroups_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "cgroups_unsupported.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/kubelet/cm/util",
     deps = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/github.com/opencontainers/runc/libcontainer/cgroups:go_default_library",
             "//vendor/github.com/opencontainers/runc/libcontainer/utils:go_default_library",
         ],
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/config/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/config/BUILD
index f5e082e7c256..3f88dbf72486 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/config/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/config/BUILD
@@ -9,14 +9,43 @@ go_library(
         "defaults.go",
         "doc.go",
         "file.go",
-        "file_unsupported.go",
         "flags.go",
         "http.go",
         "sources.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "file_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "file_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "file_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "file_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "file_linux.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "file_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "file_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "file_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "file_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "file_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "file_unsupported.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/kubelet/config",
@@ -49,7 +78,7 @@ go_library(
         "//vendor/k8s.io/client-go/tools/cache:go_default_library",
         "//vendor/k8s.io/client-go/tools/record:go_default_library",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/golang.org/x/exp/inotify:go_default_library",
         ],
         "//conditions:default": [],
@@ -64,13 +93,12 @@ go_test(
         "config_test.go",
         "http_test.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "file_linux_test.go",
         ],
         "//conditions:default": [],
     }),
-    importpath = "k8s.io/kubernetes/pkg/kubelet/config",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/api/testapi:go_default_library",
@@ -79,6 +107,7 @@ go_test(
         "//pkg/apis/core/validation:go_default_library",
         "//pkg/kubelet/types:go_default_library",
         "//pkg/securitycontext:go_default_library",
+        "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
@@ -90,7 +119,7 @@ go_test(
         "//vendor/k8s.io/client-go/tools/record:go_default_library",
         "//vendor/k8s.io/client-go/util/testing:go_default_library",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         ],
         "//conditions:default": [],
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/config/common.go b/vendor/k8s.io/kubernetes/pkg/kubelet/config/common.go
index 02a4f476126e..1f45349d0c1f 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/config/common.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/config/common.go
@@ -21,6 +21,7 @@ import (
 	"crypto/md5"
 	"encoding/hex"
 	"fmt"
+	"strings"
 
 	"k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -44,7 +45,7 @@ import (
 
 // Generate a pod name that is unique among nodes by appending the nodeName.
 func generatePodName(name string, nodeName types.NodeName) string {
-	return fmt.Sprintf("%s-%s", name, nodeName)
+	return fmt.Sprintf("%s-%s", name, strings.ToLower(string(nodeName)))
 }
 
 func applyDefaults(pod *api.Pod, source string, isFile bool, nodeName types.NodeName) error {
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/config/config.go b/vendor/k8s.io/kubernetes/pkg/kubelet/config/config.go
index d131c6ce3950..c03e32512afd 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/config/config.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/config/config.go
@@ -96,7 +96,7 @@ func (c *PodConfig) SeenAllSources(seenSources sets.String) bool {
 	if c.pods == nil {
 		return false
 	}
-	glog.V(6).Infof("Looking for %v, have seen %v", c.sources.List(), seenSources)
+	glog.V(5).Infof("Looking for %v, have seen %v", c.sources.List(), seenSources)
 	return seenSources.HasAll(c.sources.List()...) && c.pods.seenSources(c.sources.List()...)
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/config/file.go b/vendor/k8s.io/kubernetes/pkg/kubelet/config/file.go
index a706abdb36e2..b96a790ec781 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/config/file.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/config/file.go
@@ -48,12 +48,12 @@ func NewSourceFile(path string, nodeName types.NodeName, period time.Duration, u
 	// "golang.org/x/exp/inotify" requires a path without trailing "/"
 	path = strings.TrimRight(path, string(os.PathSeparator))
 
-	config := new(path, nodeName, period, updates)
+	config := newSourceFile(path, nodeName, updates)
 	glog.V(1).Infof("Watching path %q", path)
 	go wait.Forever(config.run, period)
 }
 
-func new(path string, nodeName types.NodeName, period time.Duration, updates chan<- interface{}) *sourceFile {
+func newSourceFile(path string, nodeName types.NodeName, updates chan<- interface{}) *sourceFile {
 	send := func(objs []interface{}) {
 		var pods []*v1.Pod
 		for _, o := range objs {
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/config/flags.go b/vendor/k8s.io/kubernetes/pkg/kubelet/config/flags.go
index 705b8babfd23..19d595041cbb 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/config/flags.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/config/flags.go
@@ -81,7 +81,7 @@ type ContainerRuntimeOptions struct {
 
 func (s *ContainerRuntimeOptions) AddFlags(fs *pflag.FlagSet) {
 	// General settings.
-	fs.StringVar(&s.ContainerRuntime, "container-runtime", s.ContainerRuntime, "The container runtime to use. Possible values: 'docker', 'rkt'.")
+	fs.StringVar(&s.ContainerRuntime, "container-runtime", s.ContainerRuntime, "The container runtime to use. Possible values: 'docker', 'remote', 'rkt (deprecated)'.")
 	fs.StringVar(&s.RuntimeCgroups, "runtime-cgroups", s.RuntimeCgroups, "Optional absolute name of cgroups to create and run the runtime in.")
 
 	// Docker-specific settings.
@@ -89,7 +89,8 @@ func (s *ContainerRuntimeOptions) AddFlags(fs *pflag.FlagSet) {
 	fs.MarkHidden("experimental-dockershim")
 	fs.StringVar(&s.DockershimRootDirectory, "experimental-dockershim-root-directory", s.DockershimRootDirectory, "Path to the dockershim root directory.")
 	fs.MarkHidden("experimental-dockershim-root-directory")
-	fs.BoolVar(&s.DockerDisableSharedPID, "docker-disable-shared-pid", s.DockerDisableSharedPID, "The Container Runtime Interface (CRI) defaults to using a shared PID namespace for containers in a pod when running with Docker 1.13.1 or higher. Setting this flag reverts to the previous behavior of isolated PID namespaces. This ability will be removed in a future Kubernetes release.")
+	fs.BoolVar(&s.DockerDisableSharedPID, "docker-disable-shared-pid", s.DockerDisableSharedPID, "Setting this to false causes Kubernetes to create pods using a shared process namespace for containers in a pod when running with Docker 1.13.1 or higher. A future Kubernetes release will make this configurable instead in the API.")
+	fs.MarkDeprecated("docker-disable-shared-pid", "will be removed in a future release. This option will be replaced by PID namespace sharing that is configurable per-pod using the API. See https://features.k8s.io/495")
 	fs.StringVar(&s.PodSandboxImage, "pod-infra-container-image", s.PodSandboxImage, "The image whose network/ipc namespaces containers in each pod will use.")
 	fs.StringVar(&s.DockerEndpoint, "docker-endpoint", s.DockerEndpoint, "Use this for the docker endpoint to communicate with")
 	fs.DurationVar(&s.ImagePullProgressDeadline.Duration, "image-pull-progress-deadline", s.ImagePullProgressDeadline.Duration, "If no pulling progress is made before this deadline, the image pulling will be cancelled.")
@@ -102,8 +103,9 @@ func (s *ContainerRuntimeOptions) AddFlags(fs *pflag.FlagSet) {
 
 	// Rkt-specific settings.
 	fs.StringVar(&s.RktPath, "rkt-path", s.RktPath, "Path of rkt binary. Leave empty to use the first rkt in $PATH.  Only used if --container-runtime='rkt'.")
+	fs.MarkDeprecated("rkt-path", "will be removed in a future version. Rktnetes has been deprecated in favor of rktlet (https://github.com/kubernetes-incubator/rktlet).")
 	fs.StringVar(&s.RktAPIEndpoint, "rkt-api-endpoint", s.RktAPIEndpoint, "The endpoint of the rkt API service to communicate with. Only used if --container-runtime='rkt'.")
+	fs.MarkDeprecated("rkt-api-endpoint", "will be removed in a future version. Rktnetes has been deprecated in favor of rktlet (https://github.com/kubernetes-incubator/rktlet).")
 	fs.StringVar(&s.RktStage1Image, "rkt-stage1-image", s.RktStage1Image, "image to use as stage1. Local paths and http/https URLs are supported. If empty, the 'stage1.aci' in the same directory as '--rkt-path' will be used.")
-	fs.MarkDeprecated("rkt-stage1-image", "Will be removed in a future version. The default stage1 image will be specified by the rkt configurations, see https://github.com/coreos/rkt/blob/master/Documentation/configuration.md for more details.")
-
+	fs.MarkDeprecated("rkt-stage1-image", "will be removed in a future version. Rktnetes has been deprecated in favor of rktlet (https://github.com/kubernetes-incubator/rktlet).")
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/configmap/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/configmap/BUILD
index 27612f889f24..4762f1e9b2ca 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/configmap/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/configmap/BUILD
@@ -42,8 +42,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["configmap_manager_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/configmap",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/container/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/container/BUILD
index ac38ebd80049..1ea5866b0f82 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/container/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/container/BUILD
@@ -8,7 +8,6 @@ go_library(
         "container_reference_manager.go",
         "helpers.go",
         "os.go",
-        "pty_unsupported.go",
         "ref.go",
         "resize.go",
         "runtime.go",
@@ -16,16 +15,46 @@ go_library(
         "runtime_cache_fake.go",
         "sync_result.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "pty_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "pty_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "pty_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "pty_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "pty_linux.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "pty_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "pty_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "pty_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "pty_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "pty_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "pty_unsupported.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/kubelet/container",
     visibility = ["//visibility:public"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//pkg/kubelet/util/format:go_default_library",
         "//pkg/kubelet/util/ioutils:go_default_library",
         "//pkg/util/hash:go_default_library",
@@ -43,7 +72,7 @@ go_library(
         "//vendor/k8s.io/client-go/tools/remotecommand:go_default_library",
         "//vendor/k8s.io/client-go/util/flowcontrol:go_default_library",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/github.com/kr/pty:go_default_library",
         ],
         "//conditions:default": [],
@@ -58,8 +87,7 @@ go_test(
         "ref_test.go",
         "sync_result_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/container",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core/install:go_default_library",
@@ -73,7 +101,6 @@ go_test(
 go_test(
     name = "go_default_xtest",
     srcs = ["runtime_cache_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/container_test",
     deps = [
         ":go_default_library",
         "//pkg/kubelet/container/testing:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/container/container_gc.go b/vendor/k8s.io/kubernetes/pkg/kubelet/container/container_gc.go
index be2fac4b9960..72fa4bd722ee 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/container/container_gc.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/container/container_gc.go
@@ -19,6 +19,8 @@ package container
 import (
 	"fmt"
 	"time"
+
+	"github.com/golang/glog"
 )
 
 // Specified a policy for garbage collecting containers.
@@ -58,7 +60,7 @@ type realContainerGC struct {
 	// Policy for garbage collection.
 	policy ContainerGCPolicy
 
-	// sourcesReadyProvider provides the readyness of kubelet configuration sources.
+	// sourcesReadyProvider provides the readiness of kubelet configuration sources.
 	sourcesReadyProvider SourcesReadyProvider
 }
 
@@ -80,5 +82,6 @@ func (cgc *realContainerGC) GarbageCollect() error {
 }
 
 func (cgc *realContainerGC) DeleteAllUnusedContainers() error {
+	glog.Infof("attempting to delete unused containers")
 	return cgc.runtime.GarbageCollect(cgc.policy, cgc.sourcesReadyProvider.AllReady(), true)
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/container/helpers.go b/vendor/k8s.io/kubernetes/pkg/kubelet/container/helpers.go
index fc632f634280..529c6dfe4e5a 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/container/helpers.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/container/helpers.go
@@ -31,7 +31,7 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/client-go/tools/record"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/kubelet/util/format"
 	"k8s.io/kubernetes/pkg/kubelet/util/ioutils"
 	hashutil "k8s.io/kubernetes/pkg/util/hash"
@@ -48,7 +48,7 @@ type HandlerRunner interface {
 type RuntimeHelper interface {
 	GenerateRunContainerOptions(pod *v1.Pod, container *v1.Container, podIP string) (contOpts *RunContainerOptions, cleanupAction func(), err error)
 	GetPodDNS(pod *v1.Pod) (dnsConfig *runtimeapi.DNSConfig, err error)
-	// GetPodCgroupParent returns the CgroupName identifer, and its literal cgroupfs form on the host
+	// GetPodCgroupParent returns the CgroupName identifier, and its literal cgroupfs form on the host
 	// of a pod.
 	GetPodCgroupParent(pod *v1.Pod) string
 	GetPodDir(podUID types.UID) string
@@ -302,7 +302,7 @@ func GetContainerSpec(pod *v1.Pod, containerName string) *v1.Container {
 
 // HasPrivilegedContainer returns true if any of the containers in the pod are privileged.
 func HasPrivilegedContainer(pod *v1.Pod) bool {
-	for _, c := range pod.Spec.Containers {
+	for _, c := range append(pod.Spec.Containers, pod.Spec.InitContainers...) {
 		if c.SecurityContext != nil &&
 			c.SecurityContext.Privileged != nil &&
 			*c.SecurityContext.Privileged {
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/container/runtime.go b/vendor/k8s.io/kubernetes/pkg/kubelet/container/runtime.go
index 2f5f4e3d188a..bf2af98620df 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/container/runtime.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/container/runtime.go
@@ -29,7 +29,7 @@ import (
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/client-go/tools/remotecommand"
 	"k8s.io/client-go/util/flowcontrol"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/volume"
 )
 
@@ -265,6 +265,13 @@ const (
 	ContainerStateUnknown ContainerState = "unknown"
 )
 
+type ContainerType string
+
+const (
+	ContainerTypeInit    ContainerType = "INIT"
+	ContainerTypeRegular ContainerType = "REGULAR"
+)
+
 // Container provides the runtime information for a container, such as ID, hash,
 // state of the container.
 type Container struct {
@@ -375,6 +382,11 @@ type EnvVar struct {
 	Value string
 }
 
+type Annotation struct {
+	Name  string
+	Value string
+}
+
 type Mount struct {
 	// Name of the volume mount.
 	// TODO(yifan): Remove this field, as this is not representing the unique name of the mount,
@@ -424,6 +436,10 @@ type RunContainerOptions struct {
 	Devices []DeviceInfo
 	// The port mappings for the containers.
 	PortMappings []PortMapping
+	// The annotations for the container
+	// These annotations are generated by other components (i.e.,
+	// not users). Currently, only device plugins populate the annotations.
+	Annotations []Annotation
 	// If the container has specified the TerminationMessagePath, then
 	// this directory will be used to create and mount the log file to
 	// container.TerminationMessagePath
@@ -454,6 +470,9 @@ type VolumeInfo struct {
 	// Whether the volume permission is set to read-only or not
 	// This value is passed from volume.spec
 	ReadOnly bool
+	// Inner volume spec name, which is the PV name if used, otherwise
+	// it is the same as the outer volume spec name.
+	InnerVolumeSpecName string
 }
 
 type VolumeMap map[string]VolumeInfo
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/BUILD
index 748a74c79e81..2429b5263750 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/BUILD
@@ -1,10 +1,4 @@
-package(default_visibility = ["//visibility:public"])
-
-load(
-    "@io_bazel_rules_go//go:def.bzl",
-    "go_library",
-    "go_test",
-)
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 
 go_library(
     name = "go_default_library",
@@ -14,24 +8,68 @@ go_library(
         "docker_checkpoint.go",
         "docker_container.go",
         "docker_image.go",
-        "docker_image_unsupported.go",
+        "docker_legacy_service.go",
+        "docker_logs.go",
         "docker_sandbox.go",
         "docker_service.go",
-        "docker_stats_unsupported.go",
         "docker_streaming.go",
         "exec.go",
         "helpers.go",
-        "helpers_unsupported.go",
         "naming.go",
         "security_context.go",
         "selinux_util.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "docker_image_unsupported.go",
+            "docker_stats_unsupported.go",
+            "helpers_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "docker_image_unsupported.go",
+            "docker_stats_unsupported.go",
+            "helpers_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "docker_image_unsupported.go",
+            "docker_stats_unsupported.go",
+            "helpers_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "docker_image_unsupported.go",
+            "docker_stats_unsupported.go",
+            "helpers_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "docker_image_linux.go",
             "docker_stats_linux.go",
             "helpers_linux.go",
         ],
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "docker_image_unsupported.go",
+            "docker_stats_unsupported.go",
+            "helpers_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "docker_image_unsupported.go",
+            "docker_stats_unsupported.go",
+            "helpers_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "docker_image_unsupported.go",
+            "docker_stats_unsupported.go",
+            "helpers_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "docker_image_unsupported.go",
+            "docker_stats_unsupported.go",
+            "helpers_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "docker_image_unsupported.go",
+            "docker_stats_unsupported.go",
+            "helpers_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
             "docker_image_windows.go",
             "docker_stats_windows.go",
             "helpers_windows.go",
@@ -39,16 +77,17 @@ go_library(
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim",
+    visibility = ["//visibility:public"],
     deps = [
         "//pkg/credentialprovider:go_default_library",
-        "//pkg/kubelet/apis/cri:go_default_library",
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//pkg/kubelet/apis/kubeletconfig:go_default_library",
         "//pkg/kubelet/cm:go_default_library",
         "//pkg/kubelet/container:go_default_library",
         "//pkg/kubelet/dockershim/cm:go_default_library",
         "//pkg/kubelet/dockershim/libdocker:go_default_library",
         "//pkg/kubelet/dockershim/metrics:go_default_library",
+        "//pkg/kubelet/kuberuntime:go_default_library",
         "//pkg/kubelet/leaky:go_default_library",
         "//pkg/kubelet/network:go_default_library",
         "//pkg/kubelet/network/cni:go_default_library",
@@ -73,12 +112,20 @@ go_library(
         "//vendor/github.com/docker/docker/pkg/jsonmessage:go_default_library",
         "//vendor/github.com/docker/go-connections/nat:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/golang.org/x/net/context:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
         "//vendor/k8s.io/client-go/tools/remotecommand:go_default_library",
-    ],
+        "//vendor/k8s.io/utils/exec:go_default_library",
+    ] + select({
+        "@io_bazel_rules_go//go/platform:windows": [
+            "//pkg/kubelet/apis:go_default_library",
+            "//pkg/kubelet/winstats:go_default_library",
+        ],
+        "//conditions:default": [],
+    }),
 )
 
 go_test(
@@ -95,17 +142,14 @@ go_test(
         "security_context_test.go",
         "selinux_util_test.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "helpers_linux_test.go",
         ],
         "//conditions:default": [],
     }),
-    data = [
-    ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//pkg/kubelet/container:go_default_library",
         "//pkg/kubelet/container/testing:go_default_library",
         "//pkg/kubelet/dockershim/libdocker:go_default_library",
@@ -123,6 +167,7 @@ go_test(
         "//vendor/github.com/golang/mock/gomock:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/github.com/stretchr/testify/require:go_default_library",
+        "//vendor/golang.org/x/net/context:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/clock:go_default_library",
     ],
 )
@@ -145,4 +190,5 @@ filegroup(
         "//pkg/kubelet/dockershim/testing:all-srcs",
     ],
     tags = ["automanaged"],
+    visibility = ["//visibility:public"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/cm/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/cm/BUILD
index fb5661cd50ac..871d6f9b1be1 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/cm/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/cm/BUILD
@@ -9,22 +9,59 @@ go_library(
     name = "go_default_library",
     srcs = [
         "container_manager.go",
-        "container_manager_unsupported.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "container_manager_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "container_manager_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "container_manager_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "container_manager_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "container_manager_linux.go",
         ],
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "container_manager_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "container_manager_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "container_manager_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "container_manager_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "container_manager_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
             "container_manager_windows.go",
         ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/cm",
-    deps = [
-        "//pkg/kubelet/dockershim/libdocker:go_default_library",
-    ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+    deps = select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "//pkg/kubelet/dockershim/libdocker:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "//pkg/kubelet/dockershim/libdocker:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "//pkg/kubelet/dockershim/libdocker:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "//pkg/kubelet/dockershim/libdocker:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "//pkg/kubelet/cm:go_default_library",
+            "//pkg/kubelet/dockershim/libdocker:go_default_library",
             "//pkg/kubelet/qos:go_default_library",
             "//pkg/util/version:go_default_library",
             "//vendor/github.com/golang/glog:go_default_library",
@@ -32,6 +69,24 @@ go_library(
             "//vendor/github.com/opencontainers/runc/libcontainer/configs:go_default_library",
             "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "//pkg/kubelet/dockershim/libdocker:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "//pkg/kubelet/dockershim/libdocker:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "//pkg/kubelet/dockershim/libdocker:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "//pkg/kubelet/dockershim/libdocker:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "//pkg/kubelet/dockershim/libdocker:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "//pkg/kubelet/dockershim/libdocker:go_default_library",
+        ],
         "//conditions:default": [],
     }),
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/cm/container_manager_linux.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/cm/container_manager_linux.go
index 74d00be66224..17baaee11ef6 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/cm/container_manager_linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/cm/container_manager_linux.go
@@ -95,7 +95,7 @@ func (m *containerManager) doWork() {
 	//   1. Ensure processes run in the cgroups if m.cgroupsManager is not nil.
 	//   2. Ensure processes have the OOM score applied.
 	if err := kubecm.EnsureDockerInContainer(version, dockerOOMScoreAdj, m.cgroupsManager); err != nil {
-		glog.Errorf("Unable to ensure the docker processes run in the desired containers")
+		glog.Errorf("Unable to ensure the docker processes run in the desired containers: %v", err)
 	}
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/convert.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/convert.go
index 0ce30959a745..f1c9b0e852fc 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/convert.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/convert.go
@@ -23,7 +23,7 @@ import (
 
 	dockertypes "github.com/docker/docker/api/types"
 
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker"
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/doc.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/doc.go
index 323a941c451d..943e59d3e5b1 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/doc.go
@@ -14,5 +14,5 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// Docker integration using pkg/kubelet/apis/cri/v1alpha1/runtime/api.pb.go
+// Docker integration using pkg/kubelet/apis/cri/runtime/v1alpha2/api.pb.go
 package dockershim
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_container.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_container.go
index 453c18c75663..e10363636004 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_container.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_container.go
@@ -27,13 +27,15 @@ import (
 	dockerfilters "github.com/docker/docker/api/types/filters"
 	dockerstrslice "github.com/docker/docker/api/types/strslice"
 	"github.com/golang/glog"
+	"golang.org/x/net/context"
 
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker"
 )
 
 // ListContainers lists all containers matching the filter.
-func (ds *dockerService) ListContainers(filter *runtimeapi.ContainerFilter) ([]*runtimeapi.Container, error) {
+func (ds *dockerService) ListContainers(_ context.Context, r *runtimeapi.ListContainersRequest) (*runtimeapi.ListContainersResponse, error) {
+	filter := r.GetFilter()
 	opts := dockertypes.ContainerListOptions{All: true}
 
 	opts.Filters = dockerfilters.NewArgs()
@@ -75,19 +77,24 @@ func (ds *dockerService) ListContainers(filter *runtimeapi.ContainerFilter) ([]*
 
 		result = append(result, converted)
 	}
-	return result, nil
+
+	return &runtimeapi.ListContainersResponse{Containers: result}, nil
 }
 
 // CreateContainer creates a new container in the given PodSandbox
 // Docker cannot store the log to an arbitrary location (yet), so we create an
 // symlink at LogPath, linking to the actual path of the log.
 // TODO: check if the default values returned by the runtime API are ok.
-func (ds *dockerService) CreateContainer(podSandboxID string, config *runtimeapi.ContainerConfig, sandboxConfig *runtimeapi.PodSandboxConfig) (string, error) {
+func (ds *dockerService) CreateContainer(_ context.Context, r *runtimeapi.CreateContainerRequest) (*runtimeapi.CreateContainerResponse, error) {
+	podSandboxID := r.PodSandboxId
+	config := r.GetConfig()
+	sandboxConfig := r.GetSandboxConfig()
+
 	if config == nil {
-		return "", fmt.Errorf("container config is nil")
+		return nil, fmt.Errorf("container config is nil")
 	}
 	if sandboxConfig == nil {
-		return "", fmt.Errorf("sandbox config is nil for container %q", config.Metadata.Name)
+		return nil, fmt.Errorf("sandbox config is nil for container %q", config.Metadata.Name)
 	}
 
 	labels := makeLabels(config.GetLabels(), config.GetAnnotations())
@@ -100,9 +107,8 @@ func (ds *dockerService) CreateContainer(podSandboxID string, config *runtimeapi
 
 	apiVersion, err := ds.getDockerAPIVersion()
 	if err != nil {
-		return "", fmt.Errorf("unable to get the docker API version: %v", err)
+		return nil, fmt.Errorf("unable to get the docker API version: %v", err)
 	}
-	securityOptSep := getSecurityOptSeparator(apiVersion)
 
 	image := ""
 	if iSpec := config.GetImage(); iSpec != nil {
@@ -134,7 +140,7 @@ func (ds *dockerService) CreateContainer(podSandboxID string, config *runtimeapi
 	}
 
 	hc := createConfig.HostConfig
-	ds.updateCreateConfig(&createConfig, config, sandboxConfig, podSandboxID, securityOptSep, apiVersion)
+	ds.updateCreateConfig(&createConfig, config, sandboxConfig, podSandboxID, securityOptSeparator, apiVersion)
 	// Set devices for container.
 	devices := make([]dockercontainer.DeviceMapping, len(config.Devices))
 	for i, device := range config.Devices {
@@ -146,9 +152,9 @@ func (ds *dockerService) CreateContainer(podSandboxID string, config *runtimeapi
 	}
 	hc.Resources.Devices = devices
 
-	securityOpts, err := ds.getSecurityOpts(config.GetLinux().GetSecurityContext().GetSeccompProfilePath(), securityOptSep)
+	securityOpts, err := ds.getSecurityOpts(config.GetLinux().GetSecurityContext().GetSeccompProfilePath(), securityOptSeparator)
 	if err != nil {
-		return "", fmt.Errorf("failed to generate security options for container %q: %v", config.Metadata.Name, err)
+		return nil, fmt.Errorf("failed to generate security options for container %q: %v", config.Metadata.Name, err)
 	}
 
 	hc.SecurityOpt = append(hc.SecurityOpt, securityOpts...)
@@ -159,9 +165,9 @@ func (ds *dockerService) CreateContainer(podSandboxID string, config *runtimeapi
 	}
 
 	if createResp != nil {
-		return createResp.ID, err
+		return &runtimeapi.CreateContainerResponse{ContainerId: createResp.ID}, nil
 	}
-	return "", err
+	return nil, err
 }
 
 // getContainerLogPath returns the container log path specified by kubelet and the real
@@ -230,45 +236,49 @@ func (ds *dockerService) removeContainerLogSymlink(containerID string) error {
 }
 
 // StartContainer starts the container.
-func (ds *dockerService) StartContainer(containerID string) error {
-	err := ds.client.StartContainer(containerID)
+func (ds *dockerService) StartContainer(_ context.Context, r *runtimeapi.StartContainerRequest) (*runtimeapi.StartContainerResponse, error) {
+	err := ds.client.StartContainer(r.ContainerId)
 
 	// Create container log symlink for all containers (including failed ones).
-	if linkError := ds.createContainerLogSymlink(containerID); linkError != nil {
+	if linkError := ds.createContainerLogSymlink(r.ContainerId); linkError != nil {
 		// Do not stop the container if we failed to create symlink because:
 		//   1. This is not a critical failure.
 		//   2. We don't have enough information to properly stop container here.
 		// Kubelet will surface this error to user via an event.
-		return linkError
+		return nil, linkError
 	}
 
 	if err != nil {
 		err = transformStartContainerError(err)
-		return fmt.Errorf("failed to start container %q: %v", containerID, err)
+		return nil, fmt.Errorf("failed to start container %q: %v", r.ContainerId, err)
 	}
 
-	return nil
+	return &runtimeapi.StartContainerResponse{}, nil
 }
 
 // StopContainer stops a running container with a grace period (i.e., timeout).
-func (ds *dockerService) StopContainer(containerID string, timeout int64) error {
-	return ds.client.StopContainer(containerID, time.Duration(timeout)*time.Second)
+func (ds *dockerService) StopContainer(_ context.Context, r *runtimeapi.StopContainerRequest) (*runtimeapi.StopContainerResponse, error) {
+	err := ds.client.StopContainer(r.ContainerId, time.Duration(r.Timeout)*time.Second)
+	if err != nil {
+		return nil, err
+	}
+	return &runtimeapi.StopContainerResponse{}, nil
 }
 
 // RemoveContainer removes the container.
-func (ds *dockerService) RemoveContainer(containerID string) error {
+func (ds *dockerService) RemoveContainer(_ context.Context, r *runtimeapi.RemoveContainerRequest) (*runtimeapi.RemoveContainerResponse, error) {
 	// Ideally, log lifecycle should be independent of container lifecycle.
 	// However, docker will remove container log after container is removed,
 	// we can't prevent that now, so we also clean up the symlink here.
-	err := ds.removeContainerLogSymlink(containerID)
+	err := ds.removeContainerLogSymlink(r.ContainerId)
 	if err != nil {
-		return err
+		return nil, err
 	}
-	err = ds.client.RemoveContainer(containerID, dockertypes.ContainerRemoveOptions{RemoveVolumes: true, Force: true})
+	err = ds.client.RemoveContainer(r.ContainerId, dockertypes.ContainerRemoveOptions{RemoveVolumes: true, Force: true})
 	if err != nil {
-		return fmt.Errorf("failed to remove container %q: %v", containerID, err)
+		return nil, fmt.Errorf("failed to remove container %q: %v", r.ContainerId, err)
 	}
-	return nil
+	return &runtimeapi.RemoveContainerResponse{}, nil
 }
 
 func getContainerTimestamps(r *dockertypes.ContainerJSON) (time.Time, time.Time, time.Time, error) {
@@ -291,7 +301,8 @@ func getContainerTimestamps(r *dockertypes.ContainerJSON) (time.Time, time.Time,
 }
 
 // ContainerStatus inspects the docker container and returns the status.
-func (ds *dockerService) ContainerStatus(containerID string) (*runtimeapi.ContainerStatus, error) {
+func (ds *dockerService) ContainerStatus(_ context.Context, req *runtimeapi.ContainerStatusRequest) (*runtimeapi.ContainerStatusResponse, error) {
+	containerID := req.ContainerId
 	r, err := ds.client.InspectContainer(containerID)
 	if err != nil {
 		return nil, err
@@ -374,7 +385,7 @@ func (ds *dockerService) ContainerStatus(containerID string) (*runtimeapi.Contai
 	if len(ir.RepoTags) > 0 {
 		imageName = ir.RepoTags[0]
 	}
-	return &runtimeapi.ContainerStatus{
+	status := &runtimeapi.ContainerStatus{
 		Id:          r.ID,
 		Metadata:    metadata,
 		Image:       &runtimeapi.ImageSpec{Image: imageName},
@@ -390,10 +401,12 @@ func (ds *dockerService) ContainerStatus(containerID string) (*runtimeapi.Contai
 		Labels:      labels,
 		Annotations: annotations,
 		LogPath:     r.Config.Labels[containerLogPathLabelKey],
-	}, nil
+	}
+	return &runtimeapi.ContainerStatusResponse{Status: status}, nil
 }
 
-func (ds *dockerService) UpdateContainerResources(containerID string, resources *runtimeapi.LinuxContainerResources) error {
+func (ds *dockerService) UpdateContainerResources(_ context.Context, r *runtimeapi.UpdateContainerResourcesRequest) (*runtimeapi.UpdateContainerResourcesResponse, error) {
+	resources := r.Linux
 	updateConfig := dockercontainer.UpdateConfig{
 		Resources: dockercontainer.Resources{
 			CPUPeriod:  resources.CpuPeriod,
@@ -405,9 +418,9 @@ func (ds *dockerService) UpdateContainerResources(containerID string, resources
 		},
 	}
 
-	err := ds.client.UpdateContainerResources(containerID, updateConfig)
+	err := ds.client.UpdateContainerResources(r.ContainerId, updateConfig)
 	if err != nil {
-		return fmt.Errorf("failed to update container %q: %v", containerID, err)
+		return nil, fmt.Errorf("failed to update container %q: %v", r.ContainerId, err)
 	}
-	return nil
+	return &runtimeapi.UpdateContainerResourcesResponse{}, nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_image.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_image.go
index 1b39522f862f..71fe27cc2070 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_image.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_image.go
@@ -23,15 +23,17 @@ import (
 	dockertypes "github.com/docker/docker/api/types"
 	dockerfilters "github.com/docker/docker/api/types/filters"
 	"github.com/docker/docker/pkg/jsonmessage"
+	"golang.org/x/net/context"
 
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker"
 )
 
 // This file implements methods in ImageManagerService.
 
 // ListImages lists existing images.
-func (ds *dockerService) ListImages(filter *runtimeapi.ImageFilter) ([]*runtimeapi.Image, error) {
+func (ds *dockerService) ListImages(_ context.Context, r *runtimeapi.ListImagesRequest) (*runtimeapi.ListImagesResponse, error) {
+	filter := r.GetFilter()
 	opts := dockertypes.ImageListOptions{}
 	if filter != nil {
 		if filter.GetImage().GetImage() != "" {
@@ -54,24 +56,39 @@ func (ds *dockerService) ListImages(filter *runtimeapi.ImageFilter) ([]*runtimea
 		}
 		result = append(result, apiImage)
 	}
-	return result, nil
+	return &runtimeapi.ListImagesResponse{Images: result}, nil
 }
 
 // ImageStatus returns the status of the image, returns nil if the image doesn't present.
-func (ds *dockerService) ImageStatus(image *runtimeapi.ImageSpec) (*runtimeapi.Image, error) {
+func (ds *dockerService) ImageStatus(_ context.Context, r *runtimeapi.ImageStatusRequest) (*runtimeapi.ImageStatusResponse, error) {
+	image := r.GetImage()
+
 	imageInspect, err := ds.client.InspectImageByRef(image.Image)
 	if err != nil {
 		if libdocker.IsImageNotFoundError(err) {
-			return nil, nil
+			return &runtimeapi.ImageStatusResponse{}, nil
 		}
 		return nil, err
 	}
-	return imageInspectToRuntimeAPIImage(imageInspect)
+
+	imageStatus, err := imageInspectToRuntimeAPIImage(imageInspect)
+	if err != nil {
+		return nil, err
+	}
+
+	res := runtimeapi.ImageStatusResponse{Image: imageStatus}
+	if r.GetVerbose() {
+		res.Info = imageInspect.Config.Labels
+	}
+	return &res, nil
 }
 
 // PullImage pulls an image with authentication config.
-func (ds *dockerService) PullImage(image *runtimeapi.ImageSpec, auth *runtimeapi.AuthConfig) (string, error) {
+func (ds *dockerService) PullImage(_ context.Context, r *runtimeapi.PullImageRequest) (*runtimeapi.PullImageResponse, error) {
+	image := r.GetImage()
+	auth := r.GetAuth()
 	authConfig := dockertypes.AuthConfig{}
+
 	if auth != nil {
 		authConfig.Username = auth.Username
 		authConfig.Password = auth.Password
@@ -84,14 +101,20 @@ func (ds *dockerService) PullImage(image *runtimeapi.ImageSpec, auth *runtimeapi
 		dockertypes.ImagePullOptions{},
 	)
 	if err != nil {
-		return "", filterHTTPError(err, image.Image)
+		return nil, filterHTTPError(err, image.Image)
 	}
 
-	return getImageRef(ds.client, image.Image)
+	imageRef, err := getImageRef(ds.client, image.Image)
+	if err != nil {
+		return nil, err
+	}
+
+	return &runtimeapi.PullImageResponse{ImageRef: imageRef}, nil
 }
 
 // RemoveImage removes the image.
-func (ds *dockerService) RemoveImage(image *runtimeapi.ImageSpec) error {
+func (ds *dockerService) RemoveImage(_ context.Context, r *runtimeapi.RemoveImageRequest) (*runtimeapi.RemoveImageResponse, error) {
+	image := r.GetImage()
 	// If the image has multiple tags, we need to remove all the tags
 	// TODO: We assume image.Image is image ID here, which is true in the current implementation
 	// of kubelet, but we should still clarify this in CRI.
@@ -99,22 +122,22 @@ func (ds *dockerService) RemoveImage(image *runtimeapi.ImageSpec) error {
 	if err == nil && imageInspect != nil && len(imageInspect.RepoTags) > 1 {
 		for _, tag := range imageInspect.RepoTags {
 			if _, err := ds.client.RemoveImage(tag, dockertypes.ImageRemoveOptions{PruneChildren: true}); err != nil && !libdocker.IsImageNotFoundError(err) {
-				return err
+				return nil, err
 			}
 		}
-		return nil
+		return &runtimeapi.RemoveImageResponse{}, nil
 	}
 	// dockerclient.InspectImageByID doesn't work with digest and repoTags,
 	// it is safe to continue removing it since there is another check below.
 	if err != nil && !libdocker.IsImageNotFoundError(err) {
-		return err
+		return nil, err
 	}
 
 	_, err = ds.client.RemoveImage(image.Image, dockertypes.ImageRemoveOptions{PruneChildren: true})
 	if err != nil && !libdocker.IsImageNotFoundError(err) {
-		return err
+		return nil, err
 	}
-	return nil
+	return &runtimeapi.RemoveImageResponse{}, nil
 }
 
 // getImageRef returns the image digest if exists, or else returns the image ID.
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_image_linux.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_image_linux.go
index 1af785972cca..c823f91376df 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_image_linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_image_linux.go
@@ -21,10 +21,12 @@ package dockershim
 import (
 	"fmt"
 
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	"golang.org/x/net/context"
+
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 )
 
 // ImageFsInfo returns information of the filesystem that is used to store images.
-func (ds *dockerService) ImageFsInfo() ([]*runtimeapi.FilesystemUsage, error) {
+func (ds *dockerService) ImageFsInfo(_ context.Context, r *runtimeapi.ImageFsInfoRequest) (*runtimeapi.ImageFsInfoResponse, error) {
 	return nil, fmt.Errorf("not implemented")
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_image_unsupported.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_image_unsupported.go
index 17519e0385f7..36fbd7cc638a 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_image_unsupported.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_image_unsupported.go
@@ -21,10 +21,12 @@ package dockershim
 import (
 	"fmt"
 
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	"golang.org/x/net/context"
+
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 )
 
 // ImageFsInfo returns information of the filesystem that is used to store images.
-func (ds *dockerService) ImageFsInfo() ([]*runtimeapi.FilesystemUsage, error) {
+func (ds *dockerService) ImageFsInfo(_ context.Context, r *runtimeapi.ImageFsInfoRequest) (*runtimeapi.ImageFsInfoResponse, error) {
 	return nil, fmt.Errorf("not implemented")
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_image_windows.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_image_windows.go
index b147659f2b69..703405614832 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_image_windows.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_image_windows.go
@@ -21,19 +21,38 @@ package dockershim
 import (
 	"time"
 
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	"github.com/golang/glog"
+	"golang.org/x/net/context"
+
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
+	"k8s.io/kubernetes/pkg/kubelet/winstats"
 )
 
 // ImageFsInfo returns information of the filesystem that is used to store images.
-func (ds *dockerService) ImageFsInfo() ([]*runtimeapi.FilesystemUsage, error) {
-	// For Windows Stats to work correctly, a file system must be provided. For now, provide a fake filesystem.
+func (ds *dockerService) ImageFsInfo(_ context.Context, _ *runtimeapi.ImageFsInfoRequest) (*runtimeapi.ImageFsInfoResponse, error) {
+	info, err := ds.client.Info()
+	if err != nil {
+		glog.Errorf("Failed to get docker info: %v", err)
+		return nil, err
+	}
+
+	statsClient := &winstats.StatsClient{}
+	fsinfo, err := statsClient.GetDirFsInfo(info.DockerRootDir)
+	if err != nil {
+		glog.Errorf("Failed to get dir fsInfo for %q: %v", info.DockerRootDir, err)
+		return nil, err
+	}
+
 	filesystems := []*runtimeapi.FilesystemUsage{
 		{
 			Timestamp:  time.Now().UnixNano(),
-			UsedBytes:  &runtimeapi.UInt64Value{Value: 0},
+			UsedBytes:  &runtimeapi.UInt64Value{Value: fsinfo.Usage},
 			InodesUsed: &runtimeapi.UInt64Value{Value: 0},
+			FsId: &runtimeapi.FilesystemIdentifier{
+				Mountpoint: info.DockerRootDir,
+			},
 		},
 	}
 
-	return filesystems, nil
+	return &runtimeapi.ImageFsInfoResponse{ImageFilesystems: filesystems}, nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_legacy_service.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_legacy_service.go
new file mode 100644
index 000000000000..df756a5f44f5
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_legacy_service.go
@@ -0,0 +1,123 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package dockershim
+
+import (
+	"fmt"
+	"io"
+	"strconv"
+	"time"
+
+	"github.com/armon/circbuf"
+	dockertypes "github.com/docker/docker/api/types"
+
+	"k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	kubetypes "k8s.io/apimachinery/pkg/types"
+	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
+	"k8s.io/kubernetes/pkg/kubelet/kuberuntime"
+
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker"
+)
+
+// DockerLegacyService interface embeds some legacy methods for backward compatibility.
+// This file/interface will be removed in the near future. Do not modify or add
+// more functions.
+type DockerLegacyService interface {
+	// GetContainerLogs gets logs for a specific container.
+	GetContainerLogs(*v1.Pod, kubecontainer.ContainerID, *v1.PodLogOptions, io.Writer, io.Writer) error
+
+	// IsCRISupportedLogDriver checks whether the logging driver used by docker is
+	// supported by native CRI integration.
+	// TODO(resouer): remove this when deprecating unsupported log driver
+	IsCRISupportedLogDriver() (bool, error)
+
+	kuberuntime.LegacyLogProvider
+}
+
+// GetContainerLogs get container logs directly from docker daemon.
+func (d *dockerService) GetContainerLogs(pod *v1.Pod, containerID kubecontainer.ContainerID, logOptions *v1.PodLogOptions, stdout, stderr io.Writer) error {
+	container, err := d.client.InspectContainer(containerID.ID)
+	if err != nil {
+		return err
+	}
+
+	var since int64
+	if logOptions.SinceSeconds != nil {
+		t := metav1.Now().Add(-time.Duration(*logOptions.SinceSeconds) * time.Second)
+		since = t.Unix()
+	}
+	if logOptions.SinceTime != nil {
+		since = logOptions.SinceTime.Unix()
+	}
+	opts := dockertypes.ContainerLogsOptions{
+		ShowStdout: true,
+		ShowStderr: true,
+		Since:      strconv.FormatInt(since, 10),
+		Timestamps: logOptions.Timestamps,
+		Follow:     logOptions.Follow,
+	}
+	if logOptions.TailLines != nil {
+		opts.Tail = strconv.FormatInt(*logOptions.TailLines, 10)
+	}
+
+	sopts := libdocker.StreamOptions{
+		OutputStream: stdout,
+		ErrorStream:  stderr,
+		RawTerminal:  container.Config.Tty,
+	}
+	return d.client.Logs(containerID.ID, opts, sopts)
+}
+
+// GetContainerLogTail attempts to read up to MaxContainerTerminationMessageLogLength
+// from the end of the log when docker is configured with a log driver other than json-log.
+// It reads up to MaxContainerTerminationMessageLogLines lines.
+func (d *dockerService) GetContainerLogTail(uid kubetypes.UID, name, namespace string, containerId kubecontainer.ContainerID) (string, error) {
+	value := int64(kubecontainer.MaxContainerTerminationMessageLogLines)
+	buf, _ := circbuf.NewBuffer(kubecontainer.MaxContainerTerminationMessageLogLength)
+	// Although this is not a full spec pod, dockerLegacyService.GetContainerLogs() currently completely ignores its pod param
+	pod := &v1.Pod{
+		ObjectMeta: metav1.ObjectMeta{
+			UID:       uid,
+			Name:      name,
+			Namespace: namespace,
+		},
+	}
+	err := d.GetContainerLogs(pod, containerId, &v1.PodLogOptions{TailLines: &value}, buf, buf)
+	if err != nil {
+		return "", err
+	}
+	return buf.String(), nil
+}
+
+// criSupportedLogDrivers are log drivers supported by native CRI integration.
+var criSupportedLogDrivers = []string{"json-file"}
+
+// IsCRISupportedLogDriver checks whether the logging driver used by docker is
+// supported by native CRI integration.
+func (d *dockerService) IsCRISupportedLogDriver() (bool, error) {
+	info, err := d.client.Info()
+	if err != nil {
+		return false, fmt.Errorf("failed to get docker info: %v", err)
+	}
+	for _, driver := range criSupportedLogDrivers {
+		if info.LoggingDriver == driver {
+			return true, nil
+		}
+	}
+	return false, nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_logs.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_logs.go
new file mode 100644
index 000000000000..5366c2982708
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_logs.go
@@ -0,0 +1,30 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package dockershim
+
+import (
+	"fmt"
+
+	"golang.org/x/net/context"
+
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
+)
+
+// ReopenContainerLog reopens the container log file.
+func (ds *dockerService) ReopenContainerLog(_ context.Context, _ *runtimeapi.ReopenContainerLogRequest) (*runtimeapi.ReopenContainerLogResponse, error) {
+	return nil, fmt.Errorf("docker does not support reopening container log files")
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_sandbox.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_sandbox.go
index b595e310096b..dd150d8db0cb 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_sandbox.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_sandbox.go
@@ -26,9 +26,10 @@ import (
 	dockercontainer "github.com/docker/docker/api/types/container"
 	dockerfilters "github.com/docker/docker/api/types/filters"
 	"github.com/golang/glog"
+	"golang.org/x/net/context"
 
 	utilerrors "k8s.io/apimachinery/pkg/util/errors"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker"
 	"k8s.io/kubernetes/pkg/kubelet/qos"
@@ -36,7 +37,7 @@ import (
 )
 
 const (
-	defaultSandboxImage = "gcr.io/google_containers/pause-amd64:3.0"
+	defaultSandboxImage = "k8s.gcr.io/pause-amd64:3.1"
 
 	// Various default sandbox resources requests/limits.
 	defaultSandboxCPUshares int64 = 2
@@ -75,7 +76,9 @@ func (ds *dockerService) clearNetworkReady(podSandboxID string) {
 // For docker, PodSandbox is implemented by a container holding the network
 // namespace for the pod.
 // Note: docker doesn't use LogDirectory (yet).
-func (ds *dockerService) RunPodSandbox(config *runtimeapi.PodSandboxConfig) (id string, err error) {
+func (ds *dockerService) RunPodSandbox(ctx context.Context, r *runtimeapi.RunPodSandboxRequest) (*runtimeapi.RunPodSandboxResponse, error) {
+	config := r.GetConfig()
+
 	// Step 1: Pull the image for the sandbox.
 	image := defaultSandboxImage
 	podSandboxImage := ds.podSandboxImage
@@ -87,13 +90,13 @@ func (ds *dockerService) RunPodSandbox(config *runtimeapi.PodSandboxConfig) (id
 	// see: http://kubernetes.io/docs/user-guide/images/#configuring-nodes-to-authenticate-to-a-private-repository
 	// Only pull sandbox image when it's not present - v1.PullIfNotPresent.
 	if err := ensureSandboxImageExists(ds.client, image); err != nil {
-		return "", err
+		return nil, err
 	}
 
 	// Step 2: Create the sandbox container.
 	createConfig, err := ds.makeSandboxDockerConfig(config, image)
 	if err != nil {
-		return "", fmt.Errorf("failed to make sandbox docker config for pod %q: %v", config.Metadata.Name, err)
+		return nil, fmt.Errorf("failed to make sandbox docker config for pod %q: %v", config.Metadata.Name, err)
 	}
 	createResp, err := ds.client.CreateContainer(*createConfig)
 	if err != nil {
@@ -101,8 +104,9 @@ func (ds *dockerService) RunPodSandbox(config *runtimeapi.PodSandboxConfig) (id
 	}
 
 	if err != nil || createResp == nil {
-		return "", fmt.Errorf("failed to create a sandbox for pod %q: %v", config.Metadata.Name, err)
+		return nil, fmt.Errorf("failed to create a sandbox for pod %q: %v", config.Metadata.Name, err)
 	}
+	resp := &runtimeapi.RunPodSandboxResponse{PodSandboxId: createResp.ID}
 
 	ds.setNetworkReady(createResp.ID, false)
 	defer func(e *error) {
@@ -115,7 +119,7 @@ func (ds *dockerService) RunPodSandbox(config *runtimeapi.PodSandboxConfig) (id
 
 	// Step 3: Create Sandbox Checkpoint.
 	if err = ds.checkpointHandler.CreateCheckpoint(createResp.ID, constructPodSandboxCheckpoint(config)); err != nil {
-		return createResp.ID, err
+		return nil, err
 	}
 
 	// Step 4: Start the sandbox container.
@@ -123,7 +127,7 @@ func (ds *dockerService) RunPodSandbox(config *runtimeapi.PodSandboxConfig) (id
 	// startContainer failed.
 	err = ds.client.StartContainer(createResp.ID)
 	if err != nil {
-		return createResp.ID, fmt.Errorf("failed to start sandbox container for pod %q: %v", config.Metadata.Name, err)
+		return nil, fmt.Errorf("failed to start sandbox container for pod %q: %v", config.Metadata.Name, err)
 	}
 
 	// Rewrite resolv.conf file generated by docker.
@@ -135,17 +139,17 @@ func (ds *dockerService) RunPodSandbox(config *runtimeapi.PodSandboxConfig) (id
 	if dnsConfig := config.GetDnsConfig(); dnsConfig != nil {
 		containerInfo, err := ds.client.InspectContainer(createResp.ID)
 		if err != nil {
-			return createResp.ID, fmt.Errorf("failed to inspect sandbox container for pod %q: %v", config.Metadata.Name, err)
+			return nil, fmt.Errorf("failed to inspect sandbox container for pod %q: %v", config.Metadata.Name, err)
 		}
 
 		if err := rewriteResolvFile(containerInfo.ResolvConfPath, dnsConfig.Servers, dnsConfig.Searches, dnsConfig.Options); err != nil {
-			return createResp.ID, fmt.Errorf("rewrite resolv.conf failed for pod %q: %v", config.Metadata.Name, err)
+			return nil, fmt.Errorf("rewrite resolv.conf failed for pod %q: %v", config.Metadata.Name, err)
 		}
 	}
 
 	// Do not invoke network plugins if in hostNetwork mode.
-	if nsOptions := config.GetLinux().GetSecurityContext().GetNamespaceOptions(); nsOptions != nil && nsOptions.HostNetwork {
-		return createResp.ID, nil
+	if config.GetLinux().GetSecurityContext().GetNamespaceOptions().GetNetwork() == runtimeapi.NamespaceMode_NODE {
+		return resp, nil
 	}
 
 	// Step 5: Setup networking for the sandbox.
@@ -163,7 +167,7 @@ func (ds *dockerService) RunPodSandbox(config *runtimeapi.PodSandboxConfig) (id
 			glog.Warningf("Failed to stop sandbox container %q for pod %q: %v", createResp.ID, config.Metadata.Name, err)
 		}
 	}
-	return createResp.ID, err
+	return resp, err
 }
 
 // StopPodSandbox stops the sandbox. If there are any running containers in the
@@ -171,22 +175,21 @@ func (ds *dockerService) RunPodSandbox(config *runtimeapi.PodSandboxConfig) (id
 // TODO: This function blocks sandbox teardown on networking teardown. Is it
 // better to cut our losses assuming an out of band GC routine will cleanup
 // after us?
-func (ds *dockerService) StopPodSandbox(podSandboxID string) error {
+func (ds *dockerService) StopPodSandbox(ctx context.Context, r *runtimeapi.StopPodSandboxRequest) (*runtimeapi.StopPodSandboxResponse, error) {
 	var namespace, name string
 	var hostNetwork bool
-	var checkpointErr, statusErr error
 
-	// Try to retrieve sandbox information from docker daemon or sandbox checkpoint
-	status, statusErr := ds.PodSandboxStatus(podSandboxID)
+	podSandboxID := r.PodSandboxId
+	resp := &runtimeapi.StopPodSandboxResponse{}
+
+	// Try to retrieve minimal sandbox information from docker daemon or sandbox checkpoint.
+	inspectResult, metadata, statusErr := ds.getPodSandboxDetails(podSandboxID)
 	if statusErr == nil {
-		nsOpts := status.GetLinux().GetNamespaces().GetOptions()
-		hostNetwork = nsOpts != nil && nsOpts.HostNetwork
-		m := status.GetMetadata()
-		namespace = m.Namespace
-		name = m.Name
+		namespace = metadata.Namespace
+		name = metadata.Name
+		hostNetwork = (networkNamespaceMode(inspectResult) == runtimeapi.NamespaceMode_NODE)
 	} else {
-		var checkpoint *PodSandboxCheckpoint
-		checkpoint, checkpointErr = ds.checkpointHandler.GetCheckpoint(podSandboxID)
+		checkpoint, checkpointErr := ds.checkpointHandler.GetCheckpoint(podSandboxID)
 
 		// Proceed if both sandbox container and checkpoint could not be found. This means that following
 		// actions will only have sandbox ID and not have pod namespace and name information.
@@ -196,7 +199,7 @@ func (ds *dockerService) StopPodSandbox(podSandboxID string) error {
 				glog.Warningf("Both sandbox container and checkpoint for id %q could not be found. "+
 					"Proceed without further sandbox information.", podSandboxID)
 			} else {
-				return utilerrors.NewAggregate([]error{
+				return nil, utilerrors.NewAggregate([]error{
 					fmt.Errorf("failed to get checkpoint for sandbox %q: %v", podSandboxID, checkpointErr),
 					fmt.Errorf("failed to get sandbox status: %v", statusErr)})
 			}
@@ -237,14 +240,21 @@ func (ds *dockerService) StopPodSandbox(podSandboxID string) error {
 			ds.checkpointHandler.RemoveCheckpoint(podSandboxID)
 		}
 	}
-	return utilerrors.NewAggregate(errList)
+
+	if len(errList) == 0 {
+		return resp, nil
+	}
+
 	// TODO: Stop all running containers in the sandbox.
+	return nil, utilerrors.NewAggregate(errList)
 }
 
 // RemovePodSandbox removes the sandbox. If there are running containers in the
 // sandbox, they should be forcibly removed.
-func (ds *dockerService) RemovePodSandbox(podSandboxID string) error {
+func (ds *dockerService) RemovePodSandbox(ctx context.Context, r *runtimeapi.RemovePodSandboxRequest) (*runtimeapi.RemovePodSandboxResponse, error) {
+	podSandboxID := r.PodSandboxId
 	var errs []error
+
 	opts := dockertypes.ContainerListOptions{All: true}
 
 	opts.Filters = dockerfilters.NewArgs()
@@ -258,7 +268,7 @@ func (ds *dockerService) RemovePodSandbox(podSandboxID string) error {
 
 	// Remove all containers in the sandbox.
 	for i := range containers {
-		if err := ds.RemoveContainer(containers[i].ID); err != nil && !libdocker.IsContainerNotFoundError(err) {
+		if _, err := ds.RemoveContainer(ctx, &runtimeapi.RemoveContainerRequest{ContainerId: containers[i].ID}); err != nil && !libdocker.IsContainerNotFoundError(err) {
 			errs = append(errs, err)
 		}
 	}
@@ -277,7 +287,10 @@ func (ds *dockerService) RemovePodSandbox(podSandboxID string) error {
 	if err := ds.checkpointHandler.RemoveCheckpoint(podSandboxID); err != nil {
 		errs = append(errs, err)
 	}
-	return utilerrors.NewAggregate(errs)
+	if len(errs) == 0 {
+		return &runtimeapi.RemovePodSandboxResponse{}, nil
+	}
+	return nil, utilerrors.NewAggregate(errs)
 }
 
 // getIPFromPlugin interrogates the network plugin for an IP.
@@ -305,7 +318,7 @@ func (ds *dockerService) getIP(podSandboxID string, sandbox *dockertypes.Contain
 	if sandbox.NetworkSettings == nil {
 		return ""
 	}
-	if sharesHostNetwork(sandbox) {
+	if networkNamespaceMode(sandbox) == runtimeapi.NamespaceMode_NODE {
 		// For sandboxes using host network, the shim is not responsible for
 		// reporting the IP.
 		return ""
@@ -341,10 +354,26 @@ func (ds *dockerService) getIP(podSandboxID string, sandbox *dockertypes.Contain
 	return ""
 }
 
+// Returns the inspect container response, the sandbox metadata, and network namespace mode
+func (ds *dockerService) getPodSandboxDetails(podSandboxID string) (*dockertypes.ContainerJSON, *runtimeapi.PodSandboxMetadata, error) {
+	resp, err := ds.client.InspectContainer(podSandboxID)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	metadata, err := parseSandboxName(resp.Name)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	return resp, metadata, nil
+}
+
 // PodSandboxStatus returns the status of the PodSandbox.
-func (ds *dockerService) PodSandboxStatus(podSandboxID string) (*runtimeapi.PodSandboxStatus, error) {
-	// Inspect the container.
-	r, err := ds.client.InspectContainer(podSandboxID)
+func (ds *dockerService) PodSandboxStatus(ctx context.Context, req *runtimeapi.PodSandboxStatusRequest) (*runtimeapi.PodSandboxStatusResponse, error) {
+	podSandboxID := req.PodSandboxId
+
+	r, metadata, err := ds.getPodSandboxDetails(podSandboxID)
 	if err != nil {
 		return nil, err
 	}
@@ -368,14 +397,9 @@ func (ds *dockerService) PodSandboxStatus(podSandboxID string) (*runtimeapi.PodS
 	if IP = ds.determinePodIPBySandboxID(podSandboxID); IP == "" {
 		IP = ds.getIP(podSandboxID, r)
 	}
-	hostNetwork := sharesHostNetwork(r)
 
-	metadata, err := parseSandboxName(r.Name)
-	if err != nil {
-		return nil, err
-	}
 	labels, annotations := extractLabels(r.Config.Labels)
-	return &runtimeapi.PodSandboxStatus{
+	status := &runtimeapi.PodSandboxStatus{
 		Id:          r.ID,
 		State:       state,
 		CreatedAt:   ct,
@@ -388,17 +412,20 @@ func (ds *dockerService) PodSandboxStatus(podSandboxID string) (*runtimeapi.PodS
 		Linux: &runtimeapi.LinuxPodSandboxStatus{
 			Namespaces: &runtimeapi.Namespace{
 				Options: &runtimeapi.NamespaceOption{
-					HostNetwork: hostNetwork,
-					HostPid:     sharesHostPid(r),
-					HostIpc:     sharesHostIpc(r),
+					Network: networkNamespaceMode(r),
+					Pid:     pidNamespaceMode(r),
+					Ipc:     ipcNamespaceMode(r),
 				},
 			},
 		},
-	}, nil
+	}
+	return &runtimeapi.PodSandboxStatusResponse{Status: status}, nil
 }
 
 // ListPodSandbox returns a list of Sandbox.
-func (ds *dockerService) ListPodSandbox(filter *runtimeapi.PodSandboxFilter) ([]*runtimeapi.PodSandbox, error) {
+func (ds *dockerService) ListPodSandbox(_ context.Context, r *runtimeapi.ListPodSandboxRequest) (*runtimeapi.ListPodSandboxResponse, error) {
+	filter := r.GetFilter()
+
 	// By default, list all containers whether they are running or not.
 	opts := dockertypes.ContainerListOptions{All: true}
 	filterOutReadySandboxes := false
@@ -482,7 +509,7 @@ func (ds *dockerService) ListPodSandbox(filter *runtimeapi.PodSandboxFilter) ([]
 		result = append(result, checkpointToRuntimeAPISandbox(id, checkpoint))
 	}
 
-	return result, nil
+	return &runtimeapi.ListPodSandboxResponse{Items: result}, nil
 }
 
 // applySandboxLinuxOptions applies LinuxPodSandboxConfig to dockercontainer.HostConfig and dockercontainer.ContainerCreateConfig.
@@ -528,12 +555,6 @@ func (ds *dockerService) makeSandboxDockerConfig(c *runtimeapi.PodSandboxConfig,
 	// TODO(random-liu): Deprecate this label once container metrics is directly got from CRI.
 	labels[types.KubernetesContainerNameLabel] = sandboxContainerName
 
-	apiVersion, err := ds.getDockerAPIVersion()
-	if err != nil {
-		return nil, fmt.Errorf("unable to get the docker API version: %v", err)
-	}
-	securityOptSep := getSecurityOptSeparator(apiVersion)
-
 	hc := &dockercontainer.HostConfig{}
 	createConfig := &dockertypes.ContainerCreateConfig{
 		Name: makeSandboxName(c),
@@ -547,7 +568,7 @@ func (ds *dockerService) makeSandboxDockerConfig(c *runtimeapi.PodSandboxConfig,
 	}
 
 	// Apply linux-specific options.
-	if err := ds.applySandboxLinuxOptions(hc, c.GetLinux(), createConfig, image, securityOptSep); err != nil {
+	if err := ds.applySandboxLinuxOptions(hc, c.GetLinux(), createConfig, image, securityOptSeparator); err != nil {
 		return nil, err
 	}
 
@@ -565,39 +586,42 @@ func (ds *dockerService) makeSandboxDockerConfig(c *runtimeapi.PodSandboxConfig,
 	}
 
 	// Set security options.
-	securityOpts, err := ds.getSecurityOpts(c.GetLinux().GetSecurityContext().GetSeccompProfilePath(), securityOptSep)
+	securityOpts, err := ds.getSecurityOpts(c.GetLinux().GetSecurityContext().GetSeccompProfilePath(), securityOptSeparator)
 	if err != nil {
 		return nil, fmt.Errorf("failed to generate sandbox security options for sandbox %q: %v", c.Metadata.Name, err)
 	}
 	hc.SecurityOpt = append(hc.SecurityOpt, securityOpts...)
+
+	applyExperimentalCreateConfig(createConfig, c.Annotations)
 	return createConfig, nil
 }
 
-// sharesHostNetwork returns true if the given container is sharing the host's
-// network namespace.
-func sharesHostNetwork(container *dockertypes.ContainerJSON) bool {
-	if container != nil && container.HostConfig != nil {
-		return string(container.HostConfig.NetworkMode) == namespaceModeHost
+// networkNamespaceMode returns the network runtimeapi.NamespaceMode for this container.
+// Supports: POD, NODE
+func networkNamespaceMode(container *dockertypes.ContainerJSON) runtimeapi.NamespaceMode {
+	if container != nil && container.HostConfig != nil && string(container.HostConfig.NetworkMode) == namespaceModeHost {
+		return runtimeapi.NamespaceMode_NODE
 	}
-	return false
+	return runtimeapi.NamespaceMode_POD
 }
 
-// sharesHostPid returns true if the given container is sharing the host's pid
-// namespace.
-func sharesHostPid(container *dockertypes.ContainerJSON) bool {
-	if container != nil && container.HostConfig != nil {
-		return string(container.HostConfig.PidMode) == namespaceModeHost
+// pidNamespaceMode returns the PID runtimeapi.NamespaceMode for this container.
+// Supports: CONTAINER, NODE
+// TODO(verb): add support for POD PID namespace sharing
+func pidNamespaceMode(container *dockertypes.ContainerJSON) runtimeapi.NamespaceMode {
+	if container != nil && container.HostConfig != nil && string(container.HostConfig.PidMode) == namespaceModeHost {
+		return runtimeapi.NamespaceMode_NODE
 	}
-	return false
+	return runtimeapi.NamespaceMode_CONTAINER
 }
 
-// sharesHostIpc returns true if the given container is sharing the host's ipc
-// namespace.
-func sharesHostIpc(container *dockertypes.ContainerJSON) bool {
-	if container != nil && container.HostConfig != nil {
-		return string(container.HostConfig.IpcMode) == namespaceModeHost
+// ipcNamespaceMode returns the IPC runtimeapi.NamespaceMode for this container.
+// Supports: POD, NODE
+func ipcNamespaceMode(container *dockertypes.ContainerJSON) runtimeapi.NamespaceMode {
+	if container != nil && container.HostConfig != nil && string(container.HostConfig.IpcMode) == namespaceModeHost {
+		return runtimeapi.NamespaceMode_NODE
 	}
-	return false
+	return runtimeapi.NamespaceMode_POD
 }
 
 func constructPodSandboxCheckpoint(config *runtimeapi.PodSandboxConfig) *PodSandboxCheckpoint {
@@ -610,8 +634,8 @@ func constructPodSandboxCheckpoint(config *runtimeapi.PodSandboxConfig) *PodSand
 			Protocol:      &proto,
 		})
 	}
-	if nsOptions := config.GetLinux().GetSecurityContext().GetNamespaceOptions(); nsOptions != nil {
-		checkpoint.Data.HostNetwork = nsOptions.HostNetwork
+	if config.GetLinux().GetSecurityContext().GetNamespaceOptions().GetNetwork() == runtimeapi.NamespaceMode_NODE {
+		checkpoint.Data.HostNetwork = true
 	}
 	return checkpoint
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_service.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_service.go
index 6fa1106f4fd4..3c88a0e4e0c9 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_service.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_service.go
@@ -18,22 +18,17 @@ package dockershim
 
 import (
 	"fmt"
-	"io"
 	"net/http"
-	"strconv"
 	"sync"
 	"time"
 
-	"github.com/armon/circbuf"
 	"github.com/blang/semver"
 	dockertypes "github.com/docker/docker/api/types"
 	"github.com/golang/glog"
+	"golang.org/x/net/context"
 
 	"k8s.io/api/core/v1"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	kubetypes "k8s.io/apimachinery/pkg/types"
-	internalapi "k8s.io/kubernetes/pkg/kubelet/apis/cri"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
 	kubecm "k8s.io/kubernetes/pkg/kubelet/cm"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
@@ -61,8 +56,6 @@ const (
 
 	dockerNetNSFmt = "/proc/%v/ns/net"
 
-	defaultSeccompProfile = "unconfined"
-
 	// Internal docker labels used to identify whether a container is a sandbox
 	// or a regular container.
 	// TODO: This is not backward compatible with older containers. We will
@@ -86,6 +79,25 @@ const (
 	// to kubelet behavior and system settings in addition to any API flags that may be introduced.
 )
 
+// CRIService includes all methods necessary for a CRI server.
+type CRIService interface {
+	runtimeapi.RuntimeServiceServer
+	runtimeapi.ImageServiceServer
+	Start() error
+}
+
+// DockerService is an interface that embeds the new RuntimeService and
+// ImageService interfaces.
+type DockerService interface {
+	CRIService
+
+	// For serving streaming calls.
+	http.Handler
+
+	// For supporting legacy features.
+	DockerLegacyService
+}
+
 // NetworkPluginSettings is the subset of kubelet runtime args we pass
 // to the container runtime shim so it can probe for network plugins.
 // In the future we will feed these directly to a standalone container
@@ -138,7 +150,7 @@ func (p *portMappingGetter) GetPodPortMappings(containerID string) ([]*hostport.
 }
 
 // dockerNetworkHost implements network.Host by wrapping the legacy host passed in by the kubelet
-// and dockerServices which implementes the rest of the network host interfaces.
+// and dockerServices which implements the rest of the network host interfaces.
 // The legacy host methods are slated for deletion.
 type dockerNetworkHost struct {
 	network.LegacyHost
@@ -262,25 +274,6 @@ func NewDockerService(config *ClientConfig, podSandboxImage string, streamingCon
 	return ds, nil
 }
 
-// DockerService is an interface that embeds the new RuntimeService and
-// ImageService interfaces.
-type DockerService interface {
-	internalapi.RuntimeService
-	internalapi.ImageManagerService
-	Start() error
-	// For serving streaming calls.
-	http.Handler
-
-	// IsCRISupportedLogDriver checks whether the logging driver used by docker is
-	// suppoted by native CRI integration.
-	// TODO(resouer): remove this when deprecating unsupported log driver
-	IsCRISupportedLogDriver() (bool, error)
-
-	// NewDockerLegacyService created docker legacy service when log driver is not supported.
-	// TODO(resouer): remove this when deprecating unsupported log driver
-	NewDockerLegacyService() DockerLegacyService
-}
-
 type dockerService struct {
 	client           libdocker.Interface
 	os               kubecontainer.OSInterface
@@ -309,8 +302,10 @@ type dockerService struct {
 	disableSharedPID bool
 }
 
+// TODO: handle context.
+
 // Version returns the runtime name, runtime version and runtime API version
-func (ds *dockerService) Version(_ string) (*runtimeapi.VersionResponse, error) {
+func (ds *dockerService) Version(_ context.Context, r *runtimeapi.VersionRequest) (*runtimeapi.VersionResponse, error) {
 	v, err := ds.getDockerVersion()
 	if err != nil {
 		return nil, err
@@ -336,17 +331,20 @@ func (ds *dockerService) getDockerVersion() (*dockertypes.Version, error) {
 }
 
 // UpdateRuntimeConfig updates the runtime config. Currently only handles podCIDR updates.
-func (ds *dockerService) UpdateRuntimeConfig(runtimeConfig *runtimeapi.RuntimeConfig) (err error) {
+func (ds *dockerService) UpdateRuntimeConfig(_ context.Context, r *runtimeapi.UpdateRuntimeConfigRequest) (*runtimeapi.UpdateRuntimeConfigResponse, error) {
+	runtimeConfig := r.GetRuntimeConfig()
 	if runtimeConfig == nil {
-		return
+		return &runtimeapi.UpdateRuntimeConfigResponse{}, nil
 	}
+
 	glog.Infof("docker cri received runtime config %+v", runtimeConfig)
 	if ds.network != nil && runtimeConfig.NetworkConfig.PodCidr != "" {
 		event := make(map[string]interface{})
 		event[network.NET_PLUGIN_EVENT_POD_CIDR_CHANGE_DETAIL_CIDR] = runtimeConfig.NetworkConfig.PodCidr
 		ds.network.Event(network.NET_PLUGIN_EVENT_POD_CIDR_CHANGE, event)
 	}
-	return
+
+	return &runtimeapi.UpdateRuntimeConfigResponse{}, nil
 }
 
 // GetNetNS returns the network namespace of the given containerID. The ID
@@ -392,7 +390,7 @@ func (ds *dockerService) Start() error {
 
 // Status returns the status of the runtime.
 // TODO(random-liu): Set network condition accordingly here.
-func (ds *dockerService) Status() (*runtimeapi.RuntimeStatus, error) {
+func (ds *dockerService) Status(_ context.Context, r *runtimeapi.StatusRequest) (*runtimeapi.StatusResponse, error) {
 	runtimeReady := &runtimeapi.RuntimeCondition{
 		Type:   runtimeapi.RuntimeReady,
 		Status: true,
@@ -412,7 +410,8 @@ func (ds *dockerService) Status() (*runtimeapi.RuntimeStatus, error) {
 		networkReady.Reason = "NetworkPluginNotReady"
 		networkReady.Message = fmt.Sprintf("docker: network plugin is not ready: %v", err)
 	}
-	return &runtimeapi.RuntimeStatus{Conditions: conditions}, nil
+	status := &runtimeapi.RuntimeStatus{Conditions: conditions}
+	return &runtimeapi.StatusResponse{Status: status}, nil
 }
 
 func (ds *dockerService) ServeHTTP(w http.ResponseWriter, r *http.Request) {
@@ -507,103 +506,3 @@ func toAPIProtocol(protocol Protocol) v1.Protocol {
 	glog.Warningf("Unknown protocol %q: defaulting to TCP", protocol)
 	return v1.ProtocolTCP
 }
-
-// DockerLegacyService interface embeds some legacy methods for backward compatibility.
-type DockerLegacyService interface {
-	// GetContainerLogs gets logs for a specific container.
-	GetContainerLogs(*v1.Pod, kubecontainer.ContainerID, *v1.PodLogOptions, io.Writer, io.Writer) error
-}
-
-// dockerLegacyService implements the DockerLegacyService. We add this for non json-log driver
-// support. (See #41996)
-type dockerLegacyService struct {
-	client libdocker.Interface
-}
-
-// NewDockerLegacyService created docker legacy service when log driver is not supported.
-// TODO(resouer): remove this when deprecating unsupported log driver
-func (d *dockerService) NewDockerLegacyService() DockerLegacyService {
-	return &dockerLegacyService{client: d.client}
-}
-
-// GetContainerLogs get container logs directly from docker daemon.
-func (d *dockerLegacyService) GetContainerLogs(pod *v1.Pod, containerID kubecontainer.ContainerID, logOptions *v1.PodLogOptions, stdout, stderr io.Writer) error {
-	container, err := d.client.InspectContainer(containerID.ID)
-	if err != nil {
-		return err
-	}
-
-	var since int64
-	if logOptions.SinceSeconds != nil {
-		t := metav1.Now().Add(-time.Duration(*logOptions.SinceSeconds) * time.Second)
-		since = t.Unix()
-	}
-	if logOptions.SinceTime != nil {
-		since = logOptions.SinceTime.Unix()
-	}
-	opts := dockertypes.ContainerLogsOptions{
-		ShowStdout: true,
-		ShowStderr: true,
-		Since:      strconv.FormatInt(since, 10),
-		Timestamps: logOptions.Timestamps,
-		Follow:     logOptions.Follow,
-	}
-	if logOptions.TailLines != nil {
-		opts.Tail = strconv.FormatInt(*logOptions.TailLines, 10)
-	}
-
-	sopts := libdocker.StreamOptions{
-		OutputStream: stdout,
-		ErrorStream:  stderr,
-		RawTerminal:  container.Config.Tty,
-	}
-	return d.client.Logs(containerID.ID, opts, sopts)
-}
-
-// LegacyLogProvider implements the kuberuntime.LegacyLogProvider interface
-type LegacyLogProvider struct {
-	dls DockerLegacyService
-}
-
-func NewLegacyLogProvider(dls DockerLegacyService) LegacyLogProvider {
-	return LegacyLogProvider{dls: dls}
-}
-
-// GetContainerLogTail attempts to read up to MaxContainerTerminationMessageLogLength
-// from the end of the log when docker is configured with a log driver other than json-log.
-// It reads up to MaxContainerTerminationMessageLogLines lines.
-func (l LegacyLogProvider) GetContainerLogTail(uid kubetypes.UID, name, namespace string, containerId kubecontainer.ContainerID) (string, error) {
-	value := int64(kubecontainer.MaxContainerTerminationMessageLogLines)
-	buf, _ := circbuf.NewBuffer(kubecontainer.MaxContainerTerminationMessageLogLength)
-	// Although this is not a full spec pod, dockerLegacyService.GetContainerLogs() currently completely ignores its pod param
-	pod := &v1.Pod{
-		ObjectMeta: metav1.ObjectMeta{
-			UID:       uid,
-			Name:      name,
-			Namespace: namespace,
-		},
-	}
-	err := l.dls.GetContainerLogs(pod, containerId, &v1.PodLogOptions{TailLines: &value}, buf, buf)
-	if err != nil {
-		return "", err
-	}
-	return buf.String(), nil
-}
-
-// criSupportedLogDrivers are log drivers supported by native CRI integration.
-var criSupportedLogDrivers = []string{"json-file"}
-
-// IsCRISupportedLogDriver checks whether the logging driver used by docker is
-// suppoted by native CRI integration.
-func (d *dockerService) IsCRISupportedLogDriver() (bool, error) {
-	info, err := d.client.Info()
-	if err != nil {
-		return false, fmt.Errorf("failed to get docker info: %v", err)
-	}
-	for _, driver := range criSupportedLogDrivers {
-		if info.LoggingDriver == driver {
-			return true, nil
-		}
-	}
-	return false, nil
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_stats_linux.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_stats_linux.go
index 48622185f1b3..e8b54ac1df39 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_stats_linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_stats_linux.go
@@ -20,15 +20,17 @@ package dockershim
 
 import (
 	"fmt"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+
+	"golang.org/x/net/context"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 )
 
 // ContainerStats returns stats for a container stats request based on container id.
-func (ds *dockerService) ContainerStats(string) (*runtimeapi.ContainerStats, error) {
+func (ds *dockerService) ContainerStats(_ context.Context, r *runtimeapi.ContainerStatsRequest) (*runtimeapi.ContainerStatsResponse, error) {
 	return nil, fmt.Errorf("not implemented")
 }
 
 // ListContainerStats returns stats for a list container stats request based on a filter.
-func (ds *dockerService) ListContainerStats(*runtimeapi.ContainerStatsFilter) ([]*runtimeapi.ContainerStats, error) {
+func (ds *dockerService) ListContainerStats(_ context.Context, r *runtimeapi.ListContainerStatsRequest) (*runtimeapi.ListContainerStatsResponse, error) {
 	return nil, fmt.Errorf("not implemented")
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_stats_unsupported.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_stats_unsupported.go
index d9f7beef5c7e..72b6409c7eb9 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_stats_unsupported.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_stats_unsupported.go
@@ -21,15 +21,17 @@ package dockershim
 import (
 	"fmt"
 
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	"golang.org/x/net/context"
+
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 )
 
 // ContainerStats returns stats for a container stats request based on container id.
-func (ds *dockerService) ContainerStats(string) (*runtimeapi.ContainerStats, error) {
+func (ds *dockerService) ContainerStats(_ context.Context, r *runtimeapi.ContainerStatsRequest) (*runtimeapi.ContainerStatsResponse, error) {
 	return nil, fmt.Errorf("not implemented")
 }
 
 // ListContainerStats returns stats for a list container stats request based on a filter.
-func (ds *dockerService) ListContainerStats(*runtimeapi.ContainerStatsFilter) ([]*runtimeapi.ContainerStats, error) {
+func (ds *dockerService) ListContainerStats(_ context.Context, r *runtimeapi.ListContainerStatsRequest) (*runtimeapi.ListContainerStatsResponse, error) {
 	return nil, fmt.Errorf("not implemented")
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_stats_windows.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_stats_windows.go
index 6f51239502e4..644dffd584a5 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_stats_windows.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_stats_windows.go
@@ -21,20 +21,23 @@ package dockershim
 import (
 	"time"
 
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	"golang.org/x/net/context"
+
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 )
 
 // ContainerStats returns stats for a container stats request based on container id.
-func (ds *dockerService) ContainerStats(containerID string) (*runtimeapi.ContainerStats, error) {
-	containerStats, err := ds.getContainerStats(containerID)
+func (ds *dockerService) ContainerStats(_ context.Context, r *runtimeapi.ContainerStatsRequest) (*runtimeapi.ContainerStatsResponse, error) {
+	stats, err := ds.getContainerStats(r.ContainerId)
 	if err != nil {
 		return nil, err
 	}
-	return containerStats, nil
+	return &runtimeapi.ContainerStatsResponse{Stats: stats}, nil
 }
 
 // ListContainerStats returns stats for a list container stats request based on a filter.
-func (ds *dockerService) ListContainerStats(containerStatsFilter *runtimeapi.ContainerStatsFilter) ([]*runtimeapi.ContainerStats, error) {
+func (ds *dockerService) ListContainerStats(ctx context.Context, r *runtimeapi.ListContainerStatsRequest) (*runtimeapi.ListContainerStatsResponse, error) {
+	containerStatsFilter := r.GetFilter()
 	filter := &runtimeapi.ContainerFilter{}
 
 	if containerStatsFilter != nil {
@@ -43,13 +46,13 @@ func (ds *dockerService) ListContainerStats(containerStatsFilter *runtimeapi.Con
 		filter.LabelSelector = containerStatsFilter.LabelSelector
 	}
 
-	containers, err := ds.ListContainers(filter)
+	listResp, err := ds.ListContainers(ctx, &runtimeapi.ListContainersRequest{Filter: filter})
 	if err != nil {
 		return nil, err
 	}
 
 	var stats []*runtimeapi.ContainerStats
-	for _, container := range containers {
+	for _, container := range listResp.Containers {
 		containerStats, err := ds.getContainerStats(container.Id)
 		if err != nil {
 			return nil, err
@@ -58,7 +61,7 @@ func (ds *dockerService) ListContainerStats(containerStatsFilter *runtimeapi.Con
 		stats = append(stats, containerStats)
 	}
 
-	return stats, nil
+	return &runtimeapi.ListContainerStatsResponse{Stats: stats}, nil
 }
 
 func (ds *dockerService) getContainerStats(containerID string) (*runtimeapi.ContainerStats, error) {
@@ -72,10 +75,11 @@ func (ds *dockerService) getContainerStats(containerID string) (*runtimeapi.Cont
 		return nil, err
 	}
 
-	status, err := ds.ContainerStatus(containerID)
+	statusResp, err := ds.ContainerStatus(context.Background(), &runtimeapi.ContainerStatusRequest{ContainerId: containerID})
 	if err != nil {
 		return nil, err
 	}
+	status := statusResp.GetStatus()
 
 	dockerStats := statsJSON.Stats
 	timestamp := time.Now().UnixNano()
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_streaming.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_streaming.go
index 4c4b74185ab5..bb0a4a63728d 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_streaming.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/docker_streaming.go
@@ -26,14 +26,15 @@ import (
 	"time"
 
 	dockertypes "github.com/docker/docker/api/types"
-
 	"github.com/golang/glog"
+	"golang.org/x/net/context"
 
 	"k8s.io/client-go/tools/remotecommand"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/kubelet/server/streaming"
 	"k8s.io/kubernetes/pkg/kubelet/util/ioutils"
+	utilexec "k8s.io/utils/exec"
 
 	"k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker"
 )
@@ -76,20 +77,35 @@ func (r *streamingRuntime) PortForward(podSandboxID string, port int32, stream i
 
 // ExecSync executes a command in the container, and returns the stdout output.
 // If command exits with a non-zero exit code, an error is returned.
-func (ds *dockerService) ExecSync(containerID string, cmd []string, timeout time.Duration) (stdout []byte, stderr []byte, err error) {
+func (ds *dockerService) ExecSync(_ context.Context, req *runtimeapi.ExecSyncRequest) (*runtimeapi.ExecSyncResponse, error) {
+	timeout := time.Duration(req.Timeout) * time.Second
 	var stdoutBuffer, stderrBuffer bytes.Buffer
-	err = ds.streamingRuntime.exec(containerID, cmd,
+	err := ds.streamingRuntime.exec(req.ContainerId, req.Cmd,
 		nil, // in
 		ioutils.WriteCloserWrapper(&stdoutBuffer),
 		ioutils.WriteCloserWrapper(&stderrBuffer),
 		false, // tty
 		nil,   // resize
 		timeout)
-	return stdoutBuffer.Bytes(), stderrBuffer.Bytes(), err
+
+	var exitCode int32
+	if err != nil {
+		exitError, ok := err.(utilexec.ExitError)
+		if !ok {
+			return nil, err
+		}
+
+		exitCode = int32(exitError.ExitStatus())
+	}
+	return &runtimeapi.ExecSyncResponse{
+		Stdout:   stdoutBuffer.Bytes(),
+		Stderr:   stderrBuffer.Bytes(),
+		ExitCode: exitCode,
+	}, nil
 }
 
 // Exec prepares a streaming endpoint to execute a command in the container, and returns the address.
-func (ds *dockerService) Exec(req *runtimeapi.ExecRequest) (*runtimeapi.ExecResponse, error) {
+func (ds *dockerService) Exec(_ context.Context, req *runtimeapi.ExecRequest) (*runtimeapi.ExecResponse, error) {
 	if ds.streamingServer == nil {
 		return nil, streaming.ErrorStreamingDisabled("exec")
 	}
@@ -101,7 +117,7 @@ func (ds *dockerService) Exec(req *runtimeapi.ExecRequest) (*runtimeapi.ExecResp
 }
 
 // Attach prepares a streaming endpoint to attach to a running container, and returns the address.
-func (ds *dockerService) Attach(req *runtimeapi.AttachRequest) (*runtimeapi.AttachResponse, error) {
+func (ds *dockerService) Attach(_ context.Context, req *runtimeapi.AttachRequest) (*runtimeapi.AttachResponse, error) {
 	if ds.streamingServer == nil {
 		return nil, streaming.ErrorStreamingDisabled("attach")
 	}
@@ -113,7 +129,7 @@ func (ds *dockerService) Attach(req *runtimeapi.AttachRequest) (*runtimeapi.Atta
 }
 
 // PortForward prepares a streaming endpoint to forward ports from a PodSandbox, and returns the address.
-func (ds *dockerService) PortForward(req *runtimeapi.PortForwardRequest) (*runtimeapi.PortForwardResponse, error) {
+func (ds *dockerService) PortForward(_ context.Context, req *runtimeapi.PortForwardRequest) (*runtimeapi.PortForwardResponse, error) {
 	if ds.streamingServer == nil {
 		return nil, streaming.ErrorStreamingDisabled("port forward")
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/helpers.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/helpers.go
index 595263a840b2..3caa2441dac8 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/helpers.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/helpers.go
@@ -22,7 +22,6 @@ import (
 	"strconv"
 	"strings"
 
-	"github.com/blang/semver"
 	dockertypes "github.com/docker/docker/api/types"
 	dockercontainer "github.com/docker/docker/api/types/container"
 	dockerfilters "github.com/docker/docker/api/types/filters"
@@ -31,7 +30,7 @@ import (
 
 	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 	"k8s.io/kubernetes/pkg/credentialprovider"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker"
 	"k8s.io/kubernetes/pkg/kubelet/types"
 	"k8s.io/kubernetes/pkg/security/apparmor"
@@ -39,12 +38,8 @@ import (
 )
 
 const (
-	annotationPrefix = "annotation."
-
-	// Docker changed the API for specifying options in v1.11
-	securityOptSeparatorChangeVersion = "1.23.0" // Corresponds to docker 1.11.x
-	securityOptSeparatorOld           = ':'
-	securityOptSeparatorNew           = '='
+	annotationPrefix     = "annotation."
+	securityOptSeparator = '='
 )
 
 var (
@@ -54,10 +49,6 @@ var (
 	// if a container starts but the executable file is not found, runc gives a message that matches
 	startRE = regexp.MustCompile(`\\\\\\\"(.*)\\\\\\\": executable file not found`)
 
-	// Docker changes the security option separator from ':' to '=' in the 1.23
-	// API version.
-	optsSeparatorChangeVersion = semver.MustParse(securityOptSeparatorChangeVersion)
-
 	defaultSeccompOpt = []dockerOpt{{"seccomp", "unconfined", ""}}
 )
 
@@ -321,21 +312,6 @@ func transformStartContainerError(err error) error {
 	return err
 }
 
-// getSecurityOptSeparator returns the security option separator based on the
-// docker API version.
-// TODO: Remove this function along with the relevant code when we no longer
-// need to support docker 1.10.
-func getSecurityOptSeparator(v *semver.Version) rune {
-	switch v.Compare(optsSeparatorChangeVersion) {
-	case -1:
-		// Current version is less than the API change version; use the old
-		// separator.
-		return securityOptSeparatorOld
-	default:
-		return securityOptSeparatorNew
-	}
-}
-
 // ensureSandboxImageExists pulls the sandbox image when it's not present.
 func ensureSandboxImageExists(client libdocker.Interface, image string) error {
 	_, err := client.InspectImageByRef(image)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/helpers_linux.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/helpers_linux.go
index f8a9a1fbbe06..a73c241ccd0c 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/helpers_linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/helpers_linux.go
@@ -30,7 +30,7 @@ import (
 	"github.com/blang/semver"
 	dockertypes "github.com/docker/docker/api/types"
 	dockercontainer "github.com/docker/docker/api/types/container"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 )
 
 func DefaultMemorySwap() int64 {
@@ -104,8 +104,9 @@ func (ds *dockerService) updateCreateConfig(
 		rOpts := lc.GetResources()
 		if rOpts != nil {
 			createConfig.HostConfig.Resources = dockercontainer.Resources{
+				// Memory and MemorySwap are set to the same value, this prevents containers from using any swap.
 				Memory:     rOpts.MemoryLimitInBytes,
-				MemorySwap: DefaultMemorySwap(),
+				MemorySwap: rOpts.MemoryLimitInBytes,
 				CPUShares:  rOpts.CpuShares,
 				CPUQuota:   rOpts.CpuQuota,
 				CPUPeriod:  rOpts.CpuPeriod,
@@ -118,7 +119,7 @@ func (ds *dockerService) updateCreateConfig(
 		if err := applyContainerSecurityContext(lc, podSandboxID, createConfig.Config, createConfig.HostConfig, securityOptSep); err != nil {
 			return fmt.Errorf("failed to apply container security context for container %q: %v", config.Metadata.Name, err)
 		}
-		modifyPIDNamespaceOverrides(ds.disableSharedPID, apiVersion, createConfig.HostConfig)
+		modifyContainerPIDNamespaceOverrides(ds.disableSharedPID, apiVersion, createConfig.HostConfig, podSandboxID)
 	}
 
 	// Apply cgroupsParent derived from the sandbox config.
@@ -145,3 +146,7 @@ func getNetworkNamespace(c *dockertypes.ContainerJSON) (string, error) {
 	}
 	return fmt.Sprintf(dockerNetNSFmt, c.State.Pid), nil
 }
+
+// applyExperimentalCreateConfig applys experimental configures from sandbox annotations.
+func applyExperimentalCreateConfig(createConfig *dockertypes.ContainerCreateConfig, annotations map[string]string) {
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/helpers_unsupported.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/helpers_unsupported.go
index dfe3a097a495..2867898f301f 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/helpers_unsupported.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/helpers_unsupported.go
@@ -24,7 +24,7 @@ import (
 	"github.com/blang/semver"
 	dockertypes "github.com/docker/docker/api/types"
 	"github.com/golang/glog"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 )
 
 func DefaultMemorySwap() int64 {
@@ -53,3 +53,7 @@ func (ds *dockerService) determinePodIPBySandboxID(uid string) string {
 func getNetworkNamespace(c *dockertypes.ContainerJSON) (string, error) {
 	return "", fmt.Errorf("unsupported platform")
 }
+
+// applyExperimentalCreateConfig applys experimental configures from sandbox annotations.
+func applyExperimentalCreateConfig(createConfig *dockertypes.ContainerCreateConfig, annotations map[string]string) {
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/helpers_windows.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/helpers_windows.go
index c93515daab27..e614eed851b1 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/helpers_windows.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/helpers_windows.go
@@ -26,7 +26,9 @@ import (
 	dockercontainer "github.com/docker/docker/api/types/container"
 	dockerfilters "github.com/docker/docker/api/types/filters"
 	"github.com/golang/glog"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+
+	kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 )
 
 func DefaultMemorySwap() int64 {
@@ -40,6 +42,17 @@ func (ds *dockerService) getSecurityOpts(seccompProfile string, separator rune)
 	return nil, nil
 }
 
+// applyExperimentalCreateConfig applys experimental configures from sandbox annotations.
+func applyExperimentalCreateConfig(createConfig *dockertypes.ContainerCreateConfig, annotations map[string]string) {
+	if kubeletapis.ShouldIsolatedByHyperV(annotations) {
+		createConfig.HostConfig.Isolation = kubeletapis.HypervIsolationValue
+
+		if networkMode := os.Getenv("CONTAINER_NETWORK"); networkMode == "" {
+			createConfig.HostConfig.NetworkMode = dockercontainer.NetworkMode("none")
+		}
+	}
+}
+
 func (ds *dockerService) updateCreateConfig(
 	createConfig *dockertypes.ContainerCreateConfig,
 	config *runtimeapi.ContainerConfig,
@@ -47,11 +60,26 @@ func (ds *dockerService) updateCreateConfig(
 	podSandboxID string, securityOptSep rune, apiVersion *semver.Version) error {
 	if networkMode := os.Getenv("CONTAINER_NETWORK"); networkMode != "" {
 		createConfig.HostConfig.NetworkMode = dockercontainer.NetworkMode(networkMode)
-	} else {
+	} else if !kubeletapis.ShouldIsolatedByHyperV(sandboxConfig.Annotations) {
 		// Todo: Refactor this call in future for calling methods directly in security_context.go
-		modifyHostNetworkOptionForContainer(false, podSandboxID, createConfig.HostConfig)
+		modifyHostOptionsForContainer(nil, podSandboxID, createConfig.HostConfig)
 	}
 
+	// Apply Windows-specific options if applicable.
+	if wc := config.GetWindows(); wc != nil {
+		rOpts := wc.GetResources()
+		if rOpts != nil {
+			createConfig.HostConfig.Resources = dockercontainer.Resources{
+				Memory:     rOpts.MemoryLimitInBytes,
+				CPUShares:  rOpts.CpuShares,
+				CPUCount:   rOpts.CpuCount,
+				CPUPercent: rOpts.CpuMaximum,
+			}
+		}
+	}
+
+	applyExperimentalCreateConfig(createConfig, sandboxConfig.Annotations)
+
 	return nil
 }
 
@@ -82,13 +110,22 @@ func (ds *dockerService) determinePodIPBySandboxID(sandboxID string) string {
 		// Windows version < Windows Server 2016 is Not Supported
 
 		// Sandbox support in Windows mandates CNI Plugin.
-		// Presense of CONTAINER_NETWORK flag is considered as non-Sandbox cases here
+		// Presence of CONTAINER_NETWORK flag is considered as non-Sandbox cases here
 
 		// Todo: Add a kernel version check for more validation
 
 		if networkMode := os.Getenv("CONTAINER_NETWORK"); networkMode == "" {
-			// Do not return any IP, so that we would continue and get the IP of the Sandbox
-			ds.getIP(sandboxID, r)
+			if r.HostConfig.Isolation == kubeletapis.HypervIsolationValue {
+				// Hyper-V only supports one container per Pod yet and the container will have a different
+				// IP address from sandbox. Return the first non-sandbox container IP as POD IP.
+				// TODO(feiskyer): remove this workaround after Hyper-V supports multiple containers per Pod.
+				if containerIP := ds.getIP(c.ID, r); containerIP != "" {
+					return containerIP
+				}
+			} else {
+				// Do not return any IP, so that we would continue and get the IP of the Sandbox
+				ds.getIP(sandboxID, r)
+			}
 		} else {
 			// On Windows, every container that is created in a Sandbox, needs to invoke CNI plugin again for adding the Network,
 			// with the shared container name as NetNS info,
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker/BUILD
index 574ca6eca9d1..e3e75cff4c7d 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker/BUILD
@@ -12,8 +12,7 @@ go_test(
         "helpers_test.go",
         "kube_docker_client_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/docker/docker/api/types:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker/client.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker/client.go
index 0400bbb91790..73f0a4dc7d73 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker/client.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker/client.go
@@ -17,7 +17,6 @@ limitations under the License.
 package libdocker
 
 import (
-	"strings"
 	"time"
 
 	dockertypes "github.com/docker/docker/api/types"
@@ -29,18 +28,14 @@ import (
 
 const (
 	// https://docs.docker.com/engine/reference/api/docker_remote_api/
-	// docker version should be at least 1.10.x
-	MinimumDockerAPIVersion = "1.22.0"
+	// docker version should be at least 1.11.x
+	MinimumDockerAPIVersion = "1.23.0"
 
 	// Status of a container returned by ListContainers.
 	StatusRunningPrefix = "Up"
 	StatusCreatedPrefix = "Created"
 	StatusExitedPrefix  = "Exited"
 
-	// This is only used by GetKubeletDockerContainers(), and should be removed
-	// along with the function.
-	containerNamePrefix = "k8s"
-
 	// Fake docker endpoint
 	FakeDockerEndpoint = "fake://"
 )
@@ -109,29 +104,3 @@ func ConnectToDockerOrDie(dockerEndpoint string, requestTimeout, imagePullProgre
 	glog.Infof("Start docker client with request timeout=%v", requestTimeout)
 	return newKubeDockerClient(client, requestTimeout, imagePullProgressDeadline)
 }
-
-// GetKubeletDockerContainers lists all container or just the running ones.
-// Returns a list of docker containers that we manage
-// TODO: This function should be deleted after migrating
-// test/e2e_node/garbage_collector_test.go off of it.
-func GetKubeletDockerContainers(client Interface, allContainers bool) ([]*dockertypes.Container, error) {
-	result := []*dockertypes.Container{}
-	containers, err := client.ListContainers(dockertypes.ContainerListOptions{All: allContainers})
-	if err != nil {
-		return nil, err
-	}
-	for i := range containers {
-		container := &containers[i]
-		if len(container.Names) == 0 {
-			continue
-		}
-		// Skip containers that we didn't create to allow users to manually
-		// spin up their own containers if they want.
-		if !strings.HasPrefix(container.Names[0], "/"+containerNamePrefix+"_") {
-			glog.V(5).Infof("Docker Container: %s is not managed by kubelet.", container.Names[0])
-			continue
-		}
-		result = append(result, container)
-	}
-	return result, nil
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker/fake_client.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker/fake_client.go
index 21e27eba8fc2..54dafcaf767b 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker/fake_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker/fake_client.go
@@ -61,6 +61,7 @@ type FakeDockerClient struct {
 	called               []calledDetail
 	pulled               []string
 	EnableTrace          bool
+	RandGenerator        *rand.Rand
 
 	// Created, Started, Stopped and Removed all contain container docker ID
 	Created []string
@@ -99,6 +100,7 @@ func NewFakeDockerClient() *FakeDockerClient {
 		EnableTrace:         true,
 		ImageInspects:       make(map[string]*dockertypes.ImageInspect),
 		ImageIDsNeedingAuth: make(map[string]dockertypes.AuthConfig),
+		RandGenerator:       rand.New(rand.NewSource(time.Now().UnixNano())),
 	}
 }
 
@@ -123,6 +125,13 @@ func (f *FakeDockerClient) WithTraceDisabled() *FakeDockerClient {
 	return f
 }
 
+func (f *FakeDockerClient) WithRandSource(source rand.Source) *FakeDockerClient {
+	f.Lock()
+	defer f.Unlock()
+	f.RandGenerator = rand.New(source)
+	return f
+}
+
 func (f *FakeDockerClient) appendCalled(callDetail calledDetail) {
 	if f.EnableTrace {
 		f.called = append(f.called, callDetail)
@@ -597,7 +606,8 @@ func (f *FakeDockerClient) StartContainer(id string) error {
 	container.State.Running = true
 	container.State.Pid = os.Getpid()
 	container.State.StartedAt = dockerTimestampToString(timestamp)
-	container.NetworkSettings.IPAddress = "2.3.4.5"
+	r := f.RandGenerator.Uint32()
+	container.NetworkSettings.IPAddress = fmt.Sprintf("10.%d.%d.%d", byte(r>>16), byte(r>>8), byte(r))
 	f.ContainerMap[id] = container
 	f.updateContainerStatus(id, StatusRunningPrefix)
 	f.normalSleep(200, 50, 50)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/naming.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/naming.go
index 3a7ef13becc3..a2a97c2da4e4 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/naming.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/naming.go
@@ -22,7 +22,7 @@ import (
 	"strconv"
 	"strings"
 
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/kubelet/leaky"
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/remote/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/remote/BUILD
index 2d3202536989..4ac86b9d370c 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/remote/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/remote/BUILD
@@ -7,21 +7,15 @@ load(
 
 go_library(
     name = "go_default_library",
-    srcs = [
-        "docker_server.go",
-        "docker_service.go",
-    ],
+    srcs = ["docker_server.go"],
     importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/remote",
     deps = [
-        "//pkg/kubelet/apis/cri:go_default_library",
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//pkg/kubelet/dockershim:go_default_library",
         "//pkg/kubelet/util:go_default_library",
         "//pkg/util/interrupt:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
-        "//vendor/golang.org/x/net/context:go_default_library",
         "//vendor/google.golang.org/grpc:go_default_library",
-        "//vendor/k8s.io/utils/exec:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/remote/docker_server.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/remote/docker_server.go
index 21865e3e2c1f..53f52526e94d 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/remote/docker_server.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/remote/docker_server.go
@@ -22,7 +22,7 @@ import (
 	"github.com/golang/glog"
 	"google.golang.org/grpc"
 
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/kubelet/dockershim"
 	"k8s.io/kubernetes/pkg/kubelet/util"
 	"k8s.io/kubernetes/pkg/util/interrupt"
@@ -33,21 +33,27 @@ type DockerServer struct {
 	// endpoint is the endpoint to serve on.
 	endpoint string
 	// service is the docker service which implements runtime and image services.
-	service DockerService
+	service dockershim.CRIService
 	// server is the grpc server.
 	server *grpc.Server
 }
 
 // NewDockerServer creates the dockershim grpc server.
-func NewDockerServer(endpoint string, s dockershim.DockerService) *DockerServer {
+func NewDockerServer(endpoint string, s dockershim.CRIService) *DockerServer {
 	return &DockerServer{
 		endpoint: endpoint,
-		service:  NewDockerService(s),
+		service:  s,
 	}
 }
 
 // Start starts the dockershim grpc server.
 func (s *DockerServer) Start() error {
+	// Start the internal service.
+	if err := s.service.Start(); err != nil {
+		glog.Errorf("Unable to start docker service")
+		return err
+	}
+
 	glog.V(2).Infof("Start dockershim grpc server")
 	l, err := util.CreateListener(s.endpoint)
 	if err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/remote/docker_service.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/remote/docker_service.go
deleted file mode 100644
index 2d85f1790002..000000000000
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/remote/docker_service.go
+++ /dev/null
@@ -1,249 +0,0 @@
-/*
-Copyright 2016 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package remote
-
-import (
-	"time"
-
-	"golang.org/x/net/context"
-
-	internalapi "k8s.io/kubernetes/pkg/kubelet/apis/cri"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
-	"k8s.io/kubernetes/pkg/kubelet/dockershim"
-	utilexec "k8s.io/utils/exec"
-)
-
-// DockerService is the interface implement CRI remote service server.
-type DockerService interface {
-	runtimeapi.RuntimeServiceServer
-	runtimeapi.ImageServiceServer
-}
-
-// dockerService uses dockershim service to implement DockerService.
-// Notice that the contexts in the functions are not used now.
-// TODO(random-liu): Change the dockershim service to support context, and implement
-// internal services and remote services with the dockershim service.
-type dockerService struct {
-	runtimeService internalapi.RuntimeService
-	imageService   internalapi.ImageManagerService
-}
-
-func NewDockerService(s dockershim.DockerService) DockerService {
-	return &dockerService{runtimeService: s, imageService: s}
-}
-
-func (d *dockerService) Version(ctx context.Context, r *runtimeapi.VersionRequest) (*runtimeapi.VersionResponse, error) {
-	return d.runtimeService.Version(r.Version)
-}
-
-func (d *dockerService) Status(ctx context.Context, r *runtimeapi.StatusRequest) (*runtimeapi.StatusResponse, error) {
-	status, err := d.runtimeService.Status()
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.StatusResponse{Status: status}, nil
-}
-
-func (d *dockerService) RunPodSandbox(ctx context.Context, r *runtimeapi.RunPodSandboxRequest) (*runtimeapi.RunPodSandboxResponse, error) {
-	podSandboxId, err := d.runtimeService.RunPodSandbox(r.GetConfig())
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.RunPodSandboxResponse{PodSandboxId: podSandboxId}, nil
-}
-
-func (d *dockerService) StopPodSandbox(ctx context.Context, r *runtimeapi.StopPodSandboxRequest) (*runtimeapi.StopPodSandboxResponse, error) {
-	err := d.runtimeService.StopPodSandbox(r.PodSandboxId)
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.StopPodSandboxResponse{}, nil
-}
-
-func (d *dockerService) RemovePodSandbox(ctx context.Context, r *runtimeapi.RemovePodSandboxRequest) (*runtimeapi.RemovePodSandboxResponse, error) {
-	err := d.runtimeService.RemovePodSandbox(r.PodSandboxId)
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.RemovePodSandboxResponse{}, nil
-}
-
-func (d *dockerService) PodSandboxStatus(ctx context.Context, r *runtimeapi.PodSandboxStatusRequest) (*runtimeapi.PodSandboxStatusResponse, error) {
-	podSandboxStatus, err := d.runtimeService.PodSandboxStatus(r.PodSandboxId)
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.PodSandboxStatusResponse{Status: podSandboxStatus}, nil
-}
-
-func (d *dockerService) ListPodSandbox(ctx context.Context, r *runtimeapi.ListPodSandboxRequest) (*runtimeapi.ListPodSandboxResponse, error) {
-	items, err := d.runtimeService.ListPodSandbox(r.GetFilter())
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.ListPodSandboxResponse{Items: items}, nil
-}
-
-func (d *dockerService) CreateContainer(ctx context.Context, r *runtimeapi.CreateContainerRequest) (*runtimeapi.CreateContainerResponse, error) {
-	containerId, err := d.runtimeService.CreateContainer(r.PodSandboxId, r.GetConfig(), r.GetSandboxConfig())
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.CreateContainerResponse{ContainerId: containerId}, nil
-}
-
-func (d *dockerService) StartContainer(ctx context.Context, r *runtimeapi.StartContainerRequest) (*runtimeapi.StartContainerResponse, error) {
-	err := d.runtimeService.StartContainer(r.ContainerId)
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.StartContainerResponse{}, nil
-}
-
-func (d *dockerService) StopContainer(ctx context.Context, r *runtimeapi.StopContainerRequest) (*runtimeapi.StopContainerResponse, error) {
-	err := d.runtimeService.StopContainer(r.ContainerId, r.Timeout)
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.StopContainerResponse{}, nil
-}
-
-func (d *dockerService) RemoveContainer(ctx context.Context, r *runtimeapi.RemoveContainerRequest) (*runtimeapi.RemoveContainerResponse, error) {
-	err := d.runtimeService.RemoveContainer(r.ContainerId)
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.RemoveContainerResponse{}, nil
-}
-
-func (d *dockerService) ListContainers(ctx context.Context, r *runtimeapi.ListContainersRequest) (*runtimeapi.ListContainersResponse, error) {
-	containers, err := d.runtimeService.ListContainers(r.GetFilter())
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.ListContainersResponse{Containers: containers}, nil
-}
-
-func (d *dockerService) ContainerStatus(ctx context.Context, r *runtimeapi.ContainerStatusRequest) (*runtimeapi.ContainerStatusResponse, error) {
-	status, err := d.runtimeService.ContainerStatus(r.ContainerId)
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.ContainerStatusResponse{Status: status}, nil
-}
-
-func (d *dockerService) UpdateContainerResources(ctx context.Context, r *runtimeapi.UpdateContainerResourcesRequest) (*runtimeapi.UpdateContainerResourcesResponse, error) {
-	err := d.runtimeService.UpdateContainerResources(r.ContainerId, r.Linux)
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.UpdateContainerResourcesResponse{}, nil
-}
-
-func (d *dockerService) ExecSync(ctx context.Context, r *runtimeapi.ExecSyncRequest) (*runtimeapi.ExecSyncResponse, error) {
-	stdout, stderr, err := d.runtimeService.ExecSync(r.ContainerId, r.Cmd, time.Duration(r.Timeout)*time.Second)
-	var exitCode int32
-	if err != nil {
-		exitError, ok := err.(utilexec.ExitError)
-		if !ok {
-			return nil, err
-		}
-		exitCode = int32(exitError.ExitStatus())
-	}
-	return &runtimeapi.ExecSyncResponse{
-		Stdout:   stdout,
-		Stderr:   stderr,
-		ExitCode: exitCode,
-	}, nil
-}
-
-func (d *dockerService) Exec(ctx context.Context, r *runtimeapi.ExecRequest) (*runtimeapi.ExecResponse, error) {
-	return d.runtimeService.Exec(r)
-}
-
-func (d *dockerService) Attach(ctx context.Context, r *runtimeapi.AttachRequest) (*runtimeapi.AttachResponse, error) {
-	return d.runtimeService.Attach(r)
-}
-
-func (d *dockerService) PortForward(ctx context.Context, r *runtimeapi.PortForwardRequest) (*runtimeapi.PortForwardResponse, error) {
-	return d.runtimeService.PortForward(r)
-}
-
-func (d *dockerService) UpdateRuntimeConfig(ctx context.Context, r *runtimeapi.UpdateRuntimeConfigRequest) (*runtimeapi.UpdateRuntimeConfigResponse, error) {
-	err := d.runtimeService.UpdateRuntimeConfig(r.GetRuntimeConfig())
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.UpdateRuntimeConfigResponse{}, nil
-}
-
-func (d *dockerService) ListImages(ctx context.Context, r *runtimeapi.ListImagesRequest) (*runtimeapi.ListImagesResponse, error) {
-	images, err := d.imageService.ListImages(r.GetFilter())
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.ListImagesResponse{Images: images}, nil
-}
-
-func (d *dockerService) ImageStatus(ctx context.Context, r *runtimeapi.ImageStatusRequest) (*runtimeapi.ImageStatusResponse, error) {
-	image, err := d.imageService.ImageStatus(r.GetImage())
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.ImageStatusResponse{Image: image}, nil
-}
-
-func (d *dockerService) PullImage(ctx context.Context, r *runtimeapi.PullImageRequest) (*runtimeapi.PullImageResponse, error) {
-	image, err := d.imageService.PullImage(r.GetImage(), r.GetAuth())
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.PullImageResponse{ImageRef: image}, nil
-}
-
-func (d *dockerService) RemoveImage(ctx context.Context, r *runtimeapi.RemoveImageRequest) (*runtimeapi.RemoveImageResponse, error) {
-	err := d.imageService.RemoveImage(r.GetImage())
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.RemoveImageResponse{}, nil
-}
-
-// ImageFsInfo returns information of the filesystem that is used to store images.
-func (d *dockerService) ImageFsInfo(ctx context.Context, r *runtimeapi.ImageFsInfoRequest) (*runtimeapi.ImageFsInfoResponse, error) {
-	filesystems, err := d.imageService.ImageFsInfo()
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.ImageFsInfoResponse{ImageFilesystems: filesystems}, nil
-}
-
-func (d *dockerService) ContainerStats(ctx context.Context, r *runtimeapi.ContainerStatsRequest) (*runtimeapi.ContainerStatsResponse, error) {
-	stats, err := d.runtimeService.ContainerStats(r.ContainerId)
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.ContainerStatsResponse{Stats: stats}, nil
-}
-
-func (d *dockerService) ListContainerStats(ctx context.Context, r *runtimeapi.ListContainerStatsRequest) (*runtimeapi.ListContainerStatsResponse, error) {
-	stats, err := d.runtimeService.ListContainerStats(r.GetFilter())
-	if err != nil {
-		return nil, err
-	}
-	return &runtimeapi.ListContainerStatsResponse{Stats: stats}, nil
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/security_context.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/security_context.go
index 5cb2dd481d16..28b420b678dd 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/security_context.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/security_context.go
@@ -24,7 +24,7 @@ import (
 	"github.com/blang/semver"
 	dockercontainer "github.com/docker/docker/api/types/container"
 
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	knetwork "k8s.io/kubernetes/pkg/kubelet/network"
 )
 
@@ -39,13 +39,18 @@ func applySandboxSecurityContext(lc *runtimeapi.LinuxPodSandboxConfig, config *d
 		sc = &runtimeapi.LinuxContainerSecurityContext{
 			SupplementalGroups: lc.SecurityContext.SupplementalGroups,
 			RunAsUser:          lc.SecurityContext.RunAsUser,
+			RunAsGroup:         lc.SecurityContext.RunAsGroup,
 			ReadonlyRootfs:     lc.SecurityContext.ReadonlyRootfs,
 			SelinuxOptions:     lc.SecurityContext.SelinuxOptions,
 			NamespaceOptions:   lc.SecurityContext.NamespaceOptions,
 		}
 	}
 
-	modifyContainerConfig(sc, config)
+	err := modifyContainerConfig(sc, config)
+	if err != nil {
+		return err
+	}
+
 	if err := modifyHostConfig(sc, hc, separator); err != nil {
 		return err
 	}
@@ -59,7 +64,10 @@ func applyContainerSecurityContext(lc *runtimeapi.LinuxContainerConfig, podSandb
 		return nil
 	}
 
-	modifyContainerConfig(lc.SecurityContext, config)
+	err := modifyContainerConfig(lc.SecurityContext, config)
+	if err != nil {
+		return err
+	}
 	if err := modifyHostConfig(lc.SecurityContext, hc, separator); err != nil {
 		return err
 	}
@@ -68,9 +76,9 @@ func applyContainerSecurityContext(lc *runtimeapi.LinuxContainerConfig, podSandb
 }
 
 // modifyContainerConfig applies container security context config to dockercontainer.Config.
-func modifyContainerConfig(sc *runtimeapi.LinuxContainerSecurityContext, config *dockercontainer.Config) {
+func modifyContainerConfig(sc *runtimeapi.LinuxContainerSecurityContext, config *dockercontainer.Config) error {
 	if sc == nil {
-		return
+		return nil
 	}
 	if sc.RunAsUser != nil {
 		config.User = strconv.FormatInt(sc.GetRunAsUser().Value, 10)
@@ -78,6 +86,18 @@ func modifyContainerConfig(sc *runtimeapi.LinuxContainerSecurityContext, config
 	if sc.RunAsUsername != "" {
 		config.User = sc.RunAsUsername
 	}
+
+	user := config.User
+	if sc.RunAsGroup != nil {
+		if user == "" {
+			return fmt.Errorf("runAsGroup is specified without a runAsUser.")
+		}
+		user = fmt.Sprintf("%s:%d", config.User, sc.GetRunAsGroup().Value)
+	}
+
+	config.User = user
+
+	return nil
 }
 
 // modifyHostConfig applies security context config to dockercontainer.HostConfig.
@@ -122,40 +142,33 @@ func modifyHostConfig(sc *runtimeapi.LinuxContainerSecurityContext, hostConfig *
 
 // modifySandboxNamespaceOptions apply namespace options for sandbox
 func modifySandboxNamespaceOptions(nsOpts *runtimeapi.NamespaceOption, hostConfig *dockercontainer.HostConfig, network *knetwork.PluginManager) {
-	hostNetwork := false
-	if nsOpts != nil {
-		hostNetwork = nsOpts.HostNetwork
-	}
+	// The sandbox's PID namespace is the one that's shared, so CONTAINER and POD are equivalent for it
 	modifyCommonNamespaceOptions(nsOpts, hostConfig)
-	modifyHostNetworkOptionForSandbox(hostNetwork, network, hostConfig)
+	modifyHostOptionsForSandbox(nsOpts, network, hostConfig)
 }
 
 // modifyContainerNamespaceOptions apply namespace options for container
 func modifyContainerNamespaceOptions(nsOpts *runtimeapi.NamespaceOption, podSandboxID string, hostConfig *dockercontainer.HostConfig) {
-	hostNetwork := false
-	if nsOpts != nil {
-		hostNetwork = nsOpts.HostNetwork
+	if nsOpts.GetPid() == runtimeapi.NamespaceMode_POD {
+		hostConfig.PidMode = dockercontainer.PidMode(fmt.Sprintf("container:%v", podSandboxID))
 	}
-	hostConfig.PidMode = dockercontainer.PidMode(fmt.Sprintf("container:%v", podSandboxID))
 	modifyCommonNamespaceOptions(nsOpts, hostConfig)
-	modifyHostNetworkOptionForContainer(hostNetwork, podSandboxID, hostConfig)
+	modifyHostOptionsForContainer(nsOpts, podSandboxID, hostConfig)
 }
 
 // modifyCommonNamespaceOptions apply common namespace options for sandbox and container
 func modifyCommonNamespaceOptions(nsOpts *runtimeapi.NamespaceOption, hostConfig *dockercontainer.HostConfig) {
-	if nsOpts != nil {
-		if nsOpts.HostPid {
-			hostConfig.PidMode = namespaceModeHost
-		}
-		if nsOpts.HostIpc {
-			hostConfig.IpcMode = namespaceModeHost
-		}
+	if nsOpts.GetPid() == runtimeapi.NamespaceMode_NODE {
+		hostConfig.PidMode = namespaceModeHost
 	}
 }
 
-// modifyHostNetworkOptionForSandbox applies NetworkMode/UTSMode to sandbox's dockercontainer.HostConfig.
-func modifyHostNetworkOptionForSandbox(hostNetwork bool, network *knetwork.PluginManager, hc *dockercontainer.HostConfig) {
-	if hostNetwork {
+// modifyHostOptionsForSandbox applies NetworkMode/UTSMode to sandbox's dockercontainer.HostConfig.
+func modifyHostOptionsForSandbox(nsOpts *runtimeapi.NamespaceOption, network *knetwork.PluginManager, hc *dockercontainer.HostConfig) {
+	if nsOpts.GetIpc() == runtimeapi.NamespaceMode_NODE {
+		hc.IpcMode = namespaceModeHost
+	}
+	if nsOpts.GetNetwork() == runtimeapi.NamespaceMode_NODE {
 		hc.NetworkMode = namespaceModeHost
 		return
 	}
@@ -175,14 +188,14 @@ func modifyHostNetworkOptionForSandbox(hostNetwork bool, network *knetwork.Plugi
 	}
 }
 
-// modifyHostNetworkOptionForContainer applies NetworkMode/UTSMode to container's dockercontainer.HostConfig.
-func modifyHostNetworkOptionForContainer(hostNetwork bool, podSandboxID string, hc *dockercontainer.HostConfig) {
+// modifyHostOptionsForContainer applies NetworkMode/UTSMode to container's dockercontainer.HostConfig.
+func modifyHostOptionsForContainer(nsOpts *runtimeapi.NamespaceOption, podSandboxID string, hc *dockercontainer.HostConfig) {
 	sandboxNSMode := fmt.Sprintf("container:%v", podSandboxID)
 	hc.NetworkMode = dockercontainer.NetworkMode(sandboxNSMode)
 	hc.IpcMode = dockercontainer.IpcMode(sandboxNSMode)
 	hc.UTSMode = ""
 
-	if hostNetwork {
+	if nsOpts.GetNetwork() == runtimeapi.NamespaceMode_NODE {
 		hc.UTSMode = namespaceModeHost
 	}
 }
@@ -191,14 +204,16 @@ func modifyHostNetworkOptionForContainer(hostNetwork bool, podSandboxID string,
 //     1. Docker engine prior to API Version 1.24 doesn't support attaching to another container's
 //        PID namespace, and it didn't stabilize until 1.26. This check can be removed when Kubernetes'
 //        minimum Docker version is at least 1.13.1 (API version 1.26).
-//     2. The administrator has overridden the default behavior by means of a kubelet flag. This is an
-//        "escape hatch" to return to previous behavior of isolated namespaces and should be removed once
-//        no longer needed.
-func modifyPIDNamespaceOverrides(disableSharedPID bool, version *semver.Version, hc *dockercontainer.HostConfig) {
-	if !strings.HasPrefix(string(hc.PidMode), "container:") {
-		return
-	}
-	if disableSharedPID || version.LT(semver.Version{Major: 1, Minor: 26}) {
-		hc.PidMode = ""
+//     2. The administrator can override the API behavior by using the deprecated --docker-disable-shared-pid=false
+//        flag. Until this flag is removed, this causes pods to use NamespaceMode_POD instead of
+//        NamespaceMode_CONTAINER regardless of pod configuration.
+// TODO(verb): remove entirely once these two conditions are satisfied
+func modifyContainerPIDNamespaceOverrides(disableSharedPID bool, version *semver.Version, hc *dockercontainer.HostConfig, podSandboxID string) {
+	if version.LT(semver.Version{Major: 1, Minor: 26}) {
+		if strings.HasPrefix(string(hc.PidMode), "container:") {
+			hc.PidMode = ""
+		}
+	} else if !disableSharedPID && hc.PidMode == "" {
+		hc.PidMode = dockercontainer.PidMode(fmt.Sprintf("container:%v", podSandboxID))
 	}
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/selinux_util.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/selinux_util.go
index e8e2a07f6239..d9a59cf0aabc 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/selinux_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/selinux_util.go
@@ -19,7 +19,7 @@ package dockershim
 import (
 	"fmt"
 
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 )
 
 // selinuxLabelUser returns the fragment of a Docker security opt that
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/envvars/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/envvars/BUILD
index 0583ebdf13da..aa438e800a99 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/envvars/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/envvars/BUILD
@@ -22,7 +22,6 @@ go_library(
 go_test(
     name = "go_default_xtest",
     srcs = ["envvars_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/envvars_test",
     deps = [
         ":go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/events/event.go b/vendor/k8s.io/kubernetes/pkg/kubelet/events/event.go
index 127405738117..7a4769d67e40 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/events/event.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/events/event.go
@@ -52,6 +52,7 @@ const (
 	FailedDetachVolume                   = "FailedDetachVolume"
 	FailedMountVolume                    = "FailedMount"
 	VolumeResizeFailed                   = "VolumeResizeFailed"
+	VolumeResizeSuccess                  = "VolumeResizeSuccessful"
 	FileSystemResizeFailed               = "FileSystemResizeFailed"
 	FileSystemResizeSuccess              = "FileSystemResizeSuccessful"
 	FailedUnMountVolume                  = "FailedUnMount"
@@ -59,6 +60,7 @@ const (
 	FailedUnmapDevice                    = "FailedUnmapDevice"
 	WarnAlreadyMountedVolume             = "AlreadyMountedVolume"
 	SuccessfulDetachVolume               = "SuccessfulDetachVolume"
+	SuccessfulAttachVolume               = "SuccessfulAttachVolume"
 	SuccessfulMountVolume                = "SuccessfulMountVolume"
 	SuccessfulUnMountVolume              = "SuccessfulUnMountVolume"
 	HostPortConflict                     = "HostPortConflict"
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/BUILD
index 0f4d6f820990..caa68996fc67 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/BUILD
@@ -12,13 +12,11 @@ go_test(
         "eviction_manager_test.go",
         "helpers_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/eviction",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/features:go_default_library",
         "//pkg/kubelet/apis/stats/v1alpha1:go_default_library",
-        "//pkg/kubelet/cm:go_default_library",
         "//pkg/kubelet/eviction/api:go_default_library",
         "//pkg/kubelet/lifecycle:go_default_library",
         "//pkg/kubelet/types:go_default_library",
@@ -39,12 +37,41 @@ go_library(
         "doc.go",
         "eviction_manager.go",
         "helpers.go",
-        "threshold_notifier_unsupported.go",
         "types.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "threshold_notifier_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "threshold_notifier_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "threshold_notifier_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "threshold_notifier_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "threshold_notifier_linux.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "threshold_notifier_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "threshold_notifier_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "threshold_notifier_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "threshold_notifier_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "threshold_notifier_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "threshold_notifier_unsupported.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/kubelet/eviction",
@@ -61,7 +88,7 @@ go_library(
         "//pkg/kubelet/server/stats:go_default_library",
         "//pkg/kubelet/types:go_default_library",
         "//pkg/kubelet/util/format:go_default_library",
-        "//plugin/pkg/scheduler/util:go_default_library",
+        "//pkg/scheduler/util:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
@@ -71,7 +98,7 @@ go_library(
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/client-go/tools/record:go_default_library",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/golang.org/x/sys/unix:go_default_library",
         ],
         "//conditions:default": [],
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/api/types.go b/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/api/types.go
index f0e5e416c306..3e16d249c97b 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/api/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/api/types.go
@@ -40,6 +40,8 @@ const (
 	SignalAllocatableMemoryAvailable Signal = "allocatableMemory.available"
 	// SignalAllocatableNodeFsAvailable is amount of local storage available for pod allocation
 	SignalAllocatableNodeFsAvailable Signal = "allocatableNodeFs.available"
+	// SignalPIDAvailable is amount of PID available for pod allocation
+	SignalPIDAvailable Signal = "pid.available"
 )
 
 // ThresholdOperator is the operator used to express a Threshold.
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/eviction_manager.go b/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/eviction_manager.go
index 90b1038cf150..de15e60e88df 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/eviction_manager.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/eviction_manager.go
@@ -59,7 +59,7 @@ type managerImpl struct {
 	killPodFunc KillPodFunc
 	// the interface that knows how to do image gc
 	imageGC ImageGC
-	// the interface that knows how to do image gc
+	// the interface that knows how to do container gc
 	containerGC ContainerGC
 	// protects access to internal state
 	sync.RWMutex
@@ -101,7 +101,8 @@ func NewManager(
 	containerGC ContainerGC,
 	recorder record.EventRecorder,
 	nodeRef *v1.ObjectReference,
-	clock clock.Clock) (Manager, lifecycle.PodAdmitHandler) {
+	clock clock.Clock,
+) (Manager, lifecycle.PodAdmitHandler) {
 	manager := &managerImpl{
 		clock:           clock,
 		killPodFunc:     killPodFunc,
@@ -148,11 +149,11 @@ func (m *managerImpl) Admit(attrs *lifecycle.PodAdmitAttributes) lifecycle.PodAd
 }
 
 // Start starts the control loop to observe and response to low compute resources.
-func (m *managerImpl) Start(diskInfoProvider DiskInfoProvider, podFunc ActivePodsFunc, podCleanedUpFunc PodCleanedUpFunc, capacityProvider CapacityProvider, monitoringInterval time.Duration) {
+func (m *managerImpl) Start(diskInfoProvider DiskInfoProvider, podFunc ActivePodsFunc, podCleanedUpFunc PodCleanedUpFunc, monitoringInterval time.Duration) {
 	// start the eviction manager monitoring
 	go func() {
 		for {
-			if evictedPods := m.synchronize(diskInfoProvider, podFunc, capacityProvider); evictedPods != nil {
+			if evictedPods := m.synchronize(diskInfoProvider, podFunc); evictedPods != nil {
 				glog.Infof("eviction manager: pods %s evicted, waiting for pod to be cleaned up", format.Pods(evictedPods))
 				m.waitForPodsCleanup(podCleanedUpFunc, evictedPods)
 			} else {
@@ -176,6 +177,13 @@ func (m *managerImpl) IsUnderDiskPressure() bool {
 	return hasNodeCondition(m.nodeConditions, v1.NodeDiskPressure)
 }
 
+// IsUnderPIDPressure returns true if the node is under PID pressure.
+func (m *managerImpl) IsUnderPIDPressure() bool {
+	m.RLock()
+	defer m.RUnlock()
+	return hasNodeCondition(m.nodeConditions, v1.NodePIDPressure)
+}
+
 func startMemoryThresholdNotifier(thresholds []evictionapi.Threshold, observations signalObservations, hard bool, handler thresholdNotifierHandlerFunc) error {
 	for _, threshold := range thresholds {
 		if threshold.Signal != evictionapi.SignalMemoryAvailable || hard != isHardEvictionThreshold(threshold) {
@@ -211,10 +219,10 @@ func startMemoryThresholdNotifier(thresholds []evictionapi.Threshold, observatio
 
 // synchronize is the main control loop that enforces eviction thresholds.
 // Returns the pod that was killed, or nil if no pod was killed.
-func (m *managerImpl) synchronize(diskInfoProvider DiskInfoProvider, podFunc ActivePodsFunc, capacityProvider CapacityProvider) []*v1.Pod {
+func (m *managerImpl) synchronize(diskInfoProvider DiskInfoProvider, podFunc ActivePodsFunc) []*v1.Pod {
 	// if we have nothing to do, just return
 	thresholds := m.config.Thresholds
-	if len(thresholds) == 0 {
+	if len(thresholds) == 0 && !utilfeature.DefaultFeatureGate.Enabled(features.LocalStorageCapacityIsolation) {
 		return nil
 	}
 
@@ -232,12 +240,15 @@ func (m *managerImpl) synchronize(diskInfoProvider DiskInfoProvider, podFunc Act
 	}
 
 	activePods := podFunc()
-	// make observations and get a function to derive pod usage stats relative to those observations.
-	observations, statsFunc, err := makeSignalObservations(m.summaryProvider, capacityProvider, activePods)
+	updateStats := true
+	summary, err := m.summaryProvider.Get(updateStats)
 	if err != nil {
-		glog.Errorf("eviction manager: unexpected err: %v", err)
+		glog.Errorf("eviction manager: failed to get get summary stats: %v", err)
 		return nil
 	}
+
+	// make observations and get a function to derive pod usage stats relative to those observations.
+	observations, statsFunc := makeSignalObservations(summary)
 	debugLogObservations("observations", observations)
 
 	// attempt to create a threshold notifier to improve eviction response time
@@ -248,18 +259,18 @@ func (m *managerImpl) synchronize(diskInfoProvider DiskInfoProvider, podFunc Act
 		err = startMemoryThresholdNotifier(m.config.Thresholds, observations, false, func(desc string) {
 			glog.Infof("soft memory eviction threshold crossed at %s", desc)
 			// TODO wait grace period for soft memory limit
-			m.synchronize(diskInfoProvider, podFunc, capacityProvider)
+			m.synchronize(diskInfoProvider, podFunc)
 		})
 		if err != nil {
-			glog.Warningf("eviction manager: failed to create hard memory threshold notifier: %v", err)
+			glog.Warningf("eviction manager: failed to create soft memory threshold notifier: %v", err)
 		}
 		// start hard memory notification
 		err = startMemoryThresholdNotifier(m.config.Thresholds, observations, true, func(desc string) {
 			glog.Infof("hard memory eviction threshold crossed at %s", desc)
-			m.synchronize(diskInfoProvider, podFunc, capacityProvider)
+			m.synchronize(diskInfoProvider, podFunc)
 		})
 		if err != nil {
-			glog.Warningf("eviction manager: failed to create soft memory threshold notifier: %v", err)
+			glog.Warningf("eviction manager: failed to create hard memory threshold notifier: %v", err)
 		}
 	}
 
@@ -312,9 +323,9 @@ func (m *managerImpl) synchronize(diskInfoProvider DiskInfoProvider, podFunc Act
 	m.Unlock()
 
 	// evict pods if there is a resource usage violation from local volume temporary storage
-	// If eviction happens in localVolumeEviction function, skip the rest of eviction action
+	// If eviction happens in localStorageEviction function, skip the rest of eviction action
 	if utilfeature.DefaultFeatureGate.Enabled(features.LocalStorageCapacityIsolation) {
-		if evictedPods := m.localStorageEviction(activePods); len(evictedPods) > 0 {
+		if evictedPods := m.localStorageEviction(summary, activePods); len(evictedPods) > 0 {
 			return evictedPods
 		}
 	}
@@ -338,7 +349,7 @@ func (m *managerImpl) synchronize(diskInfoProvider DiskInfoProvider, podFunc Act
 	m.recorder.Eventf(m.nodeRef, v1.EventTypeWarning, "EvictionThresholdMet", "Attempting to reclaim %s", resourceToReclaim)
 
 	// check if there are node-level resources we can reclaim to reduce pressure before evicting end-user pods.
-	if m.reclaimNodeLevelResources(resourceToReclaim, observations) {
+	if m.reclaimNodeLevelResources(resourceToReclaim) {
 		glog.Infof("eviction manager: able to reduce %v pressure without evicting pods.", resourceToReclaim)
 		return nil
 	}
@@ -426,26 +437,31 @@ func (m *managerImpl) waitForPodsCleanup(podCleanedUpFunc PodCleanedUpFunc, pods
 }
 
 // reclaimNodeLevelResources attempts to reclaim node level resources.  returns true if thresholds were satisfied and no pod eviction is required.
-func (m *managerImpl) reclaimNodeLevelResources(resourceToReclaim v1.ResourceName, observations signalObservations) bool {
+func (m *managerImpl) reclaimNodeLevelResources(resourceToReclaim v1.ResourceName) bool {
 	nodeReclaimFuncs := m.resourceToNodeReclaimFuncs[resourceToReclaim]
 	for _, nodeReclaimFunc := range nodeReclaimFuncs {
 		// attempt to reclaim the pressured resource.
-		reclaimed, err := nodeReclaimFunc()
-		if err != nil {
+		if err := nodeReclaimFunc(); err != nil {
 			glog.Warningf("eviction manager: unexpected error when attempting to reduce %v pressure: %v", resourceToReclaim, err)
 		}
-		// update our local observations based on the amount reported to have been reclaimed.
-		// note: this is optimistic, other things could have been still consuming the pressured resource in the interim.
-		for _, signal := range resourceClaimToSignal[resourceToReclaim] {
-			value, ok := observations[signal]
-			if !ok {
-				glog.Errorf("eviction manager: unable to find value associated with signal %v", signal)
-				continue
-			}
-			value.available.Add(*reclaimed)
+
+	}
+	if len(nodeReclaimFuncs) > 0 {
+		summary, err := m.summaryProvider.Get(true)
+		if err != nil {
+			glog.Errorf("eviction manager: failed to get get summary stats after resource reclaim: %v", err)
+			return false
 		}
-		// evaluate all current thresholds to see if with adjusted observations, we think we have met min reclaim goals
-		if len(thresholdsMet(m.thresholdsMet, observations, true)) == 0 {
+
+		// make observations and get a function to derive pod usage stats relative to those observations.
+		observations, _ := makeSignalObservations(summary)
+		debugLogObservations("observations after resource reclaim", observations)
+
+		// determine the set of thresholds met independent of grace period
+		thresholds := thresholdsMet(m.config.Thresholds, observations, false)
+		debugLogThresholdsWithObservation("thresholds after resource reclaim - ignoring grace period", thresholds, observations)
+
+		if len(thresholds) == 0 {
 			return true
 		}
 	}
@@ -454,13 +470,7 @@ func (m *managerImpl) reclaimNodeLevelResources(resourceToReclaim v1.ResourceNam
 
 // localStorageEviction checks the EmptyDir volume usage for each pod and determine whether it exceeds the specified limit and needs
 // to be evicted. It also checks every container in the pod, if the container overlay usage exceeds the limit, the pod will be evicted too.
-func (m *managerImpl) localStorageEviction(pods []*v1.Pod) []*v1.Pod {
-	summary, err := m.summaryProvider.Get()
-	if err != nil {
-		glog.Errorf("Could not get summary provider")
-		return nil
-	}
-
+func (m *managerImpl) localStorageEviction(summary *statsapi.Summary, pods []*v1.Pod) []*v1.Pod {
 	statsFunc := cachedStatsFunc(summary.Pods)
 	evicted := []*v1.Pod{}
 	for _, pod := range pods {
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/helpers.go b/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/helpers.go
index 8c5931967293..92c10ad6f557 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/helpers.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/helpers.go
@@ -29,10 +29,9 @@ import (
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	"k8s.io/kubernetes/pkg/features"
 	statsapi "k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1"
-	"k8s.io/kubernetes/pkg/kubelet/cm"
 	evictionapi "k8s.io/kubernetes/pkg/kubelet/eviction/api"
-	"k8s.io/kubernetes/pkg/kubelet/server/stats"
-	schedulerutils "k8s.io/kubernetes/plugin/pkg/scheduler/util"
+	kubetypes "k8s.io/kubernetes/pkg/kubelet/types"
+	schedulerutils "k8s.io/kubernetes/pkg/scheduler/util"
 )
 
 const (
@@ -73,6 +72,7 @@ func init() {
 	signalToNodeCondition[evictionapi.SignalNodeFsAvailable] = v1.NodeDiskPressure
 	signalToNodeCondition[evictionapi.SignalImageFsInodesFree] = v1.NodeDiskPressure
 	signalToNodeCondition[evictionapi.SignalNodeFsInodesFree] = v1.NodeDiskPressure
+	signalToNodeCondition[evictionapi.SignalPIDAvailable] = v1.NodePIDPressure
 
 	// map signals to resources (and vice-versa)
 	signalToResource = map[evictionapi.Signal]v1.ResourceName{}
@@ -100,15 +100,11 @@ func validSignal(signal evictionapi.Signal) bool {
 // ParseThresholdConfig parses the flags for thresholds.
 func ParseThresholdConfig(allocatableConfig []string, evictionHard, evictionSoft, evictionSoftGracePeriod, evictionMinimumReclaim map[string]string) ([]evictionapi.Threshold, error) {
 	results := []evictionapi.Threshold{}
-	allocatableThresholds := getAllocatableThreshold(allocatableConfig)
-	results = append(results, allocatableThresholds...)
-
 	hardThresholds, err := parseThresholdStatements(evictionHard)
 	if err != nil {
 		return nil, err
 	}
 	results = append(results, hardThresholds...)
-
 	softThresholds, err := parseThresholdStatements(evictionSoft)
 	if err != nil {
 		return nil, err
@@ -138,9 +134,31 @@ func ParseThresholdConfig(allocatableConfig []string, evictionHard, evictionSoft
 			}
 		}
 	}
+	for _, key := range allocatableConfig {
+		if key == kubetypes.NodeAllocatableEnforcementKey {
+			results = addAllocatableThresholds(results)
+			break
+		}
+	}
 	return results, nil
 }
 
+func addAllocatableThresholds(thresholds []evictionapi.Threshold) []evictionapi.Threshold {
+	additionalThresholds := []evictionapi.Threshold{}
+	for _, threshold := range thresholds {
+		if threshold.Signal == evictionapi.SignalMemoryAvailable && isHardEvictionThreshold(threshold) {
+			// Copy the SignalMemoryAvailable to SignalAllocatableMemoryAvailable
+			additionalThresholds = append(additionalThresholds, evictionapi.Threshold{
+				Signal:     evictionapi.SignalAllocatableMemoryAvailable,
+				Operator:   threshold.Operator,
+				Value:      threshold.Value,
+				MinReclaim: threshold.MinReclaim,
+			})
+		}
+	}
+	return append(thresholds, additionalThresholds...)
+}
+
 // parseThresholdStatements parses the input statements into a list of Threshold objects.
 func parseThresholdStatements(statements map[string]string) ([]evictionapi.Threshold, error) {
 	if len(statements) == 0 {
@@ -152,26 +170,36 @@ func parseThresholdStatements(statements map[string]string) ([]evictionapi.Thres
 		if err != nil {
 			return nil, err
 		}
-		results = append(results, result)
+		if result != nil {
+			results = append(results, *result)
+		}
 	}
 	return results, nil
 }
 
-// parseThresholdStatement parses a threshold statement.
-func parseThresholdStatement(signal evictionapi.Signal, val string) (evictionapi.Threshold, error) {
+// parseThresholdStatement parses a threshold statement and returns a threshold,
+// or nil if the threshold should be ignored.
+func parseThresholdStatement(signal evictionapi.Signal, val string) (*evictionapi.Threshold, error) {
 	if !validSignal(signal) {
-		return evictionapi.Threshold{}, fmt.Errorf(unsupportedEvictionSignal, signal)
+		return nil, fmt.Errorf(unsupportedEvictionSignal, signal)
 	}
 	operator := evictionapi.OpForSignal[signal]
 	if strings.HasSuffix(val, "%") {
+		// ignore 0% and 100%
+		if val == "0%" || val == "100%" {
+			return nil, nil
+		}
 		percentage, err := parsePercentage(val)
 		if err != nil {
-			return evictionapi.Threshold{}, err
+			return nil, err
+		}
+		if percentage < 0 {
+			return nil, fmt.Errorf("eviction percentage threshold %v must be >= 0%%: %s", signal, val)
 		}
-		if percentage <= 0 {
-			return evictionapi.Threshold{}, fmt.Errorf("eviction percentage threshold %v must be positive: %s", signal, val)
+		if percentage > 100 {
+			return nil, fmt.Errorf("eviction percentage threshold %v must be <= 100%%: %s", signal, val)
 		}
-		return evictionapi.Threshold{
+		return &evictionapi.Threshold{
 			Signal:   signal,
 			Operator: operator,
 			Value: evictionapi.ThresholdValue{
@@ -181,12 +209,12 @@ func parseThresholdStatement(signal evictionapi.Signal, val string) (evictionapi
 	}
 	quantity, err := resource.ParseQuantity(val)
 	if err != nil {
-		return evictionapi.Threshold{}, err
+		return nil, err
 	}
 	if quantity.Sign() < 0 || quantity.IsZero() {
-		return evictionapi.Threshold{}, fmt.Errorf("eviction threshold %v must be positive: %s", signal, &quantity)
+		return nil, fmt.Errorf("eviction threshold %v must be positive: %s", signal, &quantity)
 	}
-	return evictionapi.Threshold{
+	return &evictionapi.Threshold{
 		Signal:   signal,
 		Operator: operator,
 		Value: evictionapi.ThresholdValue{
@@ -195,27 +223,6 @@ func parseThresholdStatement(signal evictionapi.Signal, val string) (evictionapi
 	}, nil
 }
 
-// getAllocatableThreshold returns the thresholds applicable for the allocatable configuration
-func getAllocatableThreshold(allocatableConfig []string) []evictionapi.Threshold {
-	for _, key := range allocatableConfig {
-		if key == cm.NodeAllocatableEnforcementKey {
-			return []evictionapi.Threshold{
-				{
-					Signal:   evictionapi.SignalAllocatableMemoryAvailable,
-					Operator: evictionapi.OpLessThan,
-					Value: evictionapi.ThresholdValue{
-						Quantity: resource.NewQuantity(int64(0), resource.BinarySI),
-					},
-					MinReclaim: &evictionapi.ThresholdValue{
-						Quantity: resource.NewQuantity(int64(0), resource.BinarySI),
-					},
-				},
-			}
-		}
-	}
-	return []evictionapi.Threshold{}
-}
-
 // parsePercentage parses a string representing a percentage value
 func parsePercentage(input string) (float32, error) {
 	value, err := strconv.ParseFloat(strings.TrimRight(input, "%"), 32)
@@ -715,11 +722,7 @@ func (a byEvictionPriority) Less(i, j int) bool {
 }
 
 // makeSignalObservations derives observations using the specified summary provider.
-func makeSignalObservations(summaryProvider stats.SummaryProvider, capacityProvider CapacityProvider, pods []*v1.Pod) (signalObservations, statsFunc, error) {
-	summary, err := summaryProvider.Get()
-	if err != nil {
-		return nil, nil, err
-	}
+func makeSignalObservations(summary *statsapi.Summary) (signalObservations, statsFunc) {
 	// build the function to work against for pod stats
 	statsFunc := cachedStatsFunc(summary.Pods)
 	// build an evaluation context for current eviction signals
@@ -732,6 +735,17 @@ func makeSignalObservations(summaryProvider stats.SummaryProvider, capacityProvi
 			time:      memory.Time,
 		}
 	}
+	if allocatableContainer, err := getSysContainer(summary.Node.SystemContainers, statsapi.SystemContainerPods); err != nil {
+		glog.Errorf("eviction manager: failed to construct signal: %q error: %v", evictionapi.SignalAllocatableMemoryAvailable, err)
+	} else {
+		if memory := allocatableContainer.Memory; memory != nil && memory.AvailableBytes != nil && memory.WorkingSetBytes != nil {
+			result[evictionapi.SignalAllocatableMemoryAvailable] = signalObservation{
+				available: resource.NewQuantity(int64(*memory.AvailableBytes), resource.BinarySI),
+				capacity:  resource.NewQuantity(int64(*memory.AvailableBytes+*memory.WorkingSetBytes), resource.BinarySI),
+				time:      memory.Time,
+			}
+		}
+	}
 	if nodeFs := summary.Node.Fs; nodeFs != nil {
 		if nodeFs.AvailableBytes != nil && nodeFs.CapacityBytes != nil {
 			result[evictionapi.SignalNodeFsAvailable] = signalObservation{
@@ -766,27 +780,26 @@ func makeSignalObservations(summaryProvider stats.SummaryProvider, capacityProvi
 			}
 		}
 	}
-
-	if memoryAllocatableCapacity, ok := capacityProvider.GetCapacity()[v1.ResourceMemory]; ok {
-		memoryAllocatableAvailable := memoryAllocatableCapacity.Copy()
-		if reserved, exists := capacityProvider.GetNodeAllocatableReservation()[v1.ResourceMemory]; exists {
-			memoryAllocatableAvailable.Sub(reserved)
-		}
-		for _, pod := range summary.Pods {
-			mu, err := podMemoryUsage(pod)
-			if err == nil {
-				memoryAllocatableAvailable.Sub(mu[v1.ResourceMemory])
+	if rlimit := summary.Node.Rlimit; rlimit != nil {
+		if rlimit.NumOfRunningProcesses != nil && rlimit.MaxPID != nil {
+			available := int64(*rlimit.MaxPID) - int64(*rlimit.NumOfRunningProcesses)
+			result[evictionapi.SignalPIDAvailable] = signalObservation{
+				available: resource.NewQuantity(available, resource.BinarySI),
+				capacity:  resource.NewQuantity(int64(*rlimit.MaxPID), resource.BinarySI),
+				time:      rlimit.Time,
 			}
 		}
-		result[evictionapi.SignalAllocatableMemoryAvailable] = signalObservation{
-			available: memoryAllocatableAvailable,
-			capacity:  &memoryAllocatableCapacity,
-		}
-	} else {
-		glog.Errorf("Could not find capacity information for resource %v", v1.ResourceMemory)
 	}
+	return result, statsFunc
+}
 
-	return result, statsFunc, nil
+func getSysContainer(sysContainers []statsapi.ContainerStats, name string) (*statsapi.ContainerStats, error) {
+	for _, cont := range sysContainers {
+		if cont.Name == name {
+			return &cont, nil
+		}
+	}
+	return nil, fmt.Errorf("system container %q not found in metrics", name)
 }
 
 // thresholdsMet returns the set of thresholds that were met independent of grace period
@@ -1055,38 +1068,15 @@ func buildResourceToNodeReclaimFuncs(imageGC ImageGC, containerGC ContainerGC, w
 		resourceToReclaimFunc[resourceNodeFs] = nodeReclaimFuncs{}
 		resourceToReclaimFunc[resourceNodeFsInodes] = nodeReclaimFuncs{}
 		// with an imagefs, imagefs pressure should delete unused images
-		resourceToReclaimFunc[resourceImageFs] = nodeReclaimFuncs{deleteTerminatedContainers(containerGC), deleteImages(imageGC, true)}
-		resourceToReclaimFunc[resourceImageFsInodes] = nodeReclaimFuncs{deleteTerminatedContainers(containerGC), deleteImages(imageGC, false)}
+		resourceToReclaimFunc[resourceImageFs] = nodeReclaimFuncs{containerGC.DeleteAllUnusedContainers, imageGC.DeleteUnusedImages}
+		resourceToReclaimFunc[resourceImageFsInodes] = nodeReclaimFuncs{containerGC.DeleteAllUnusedContainers, imageGC.DeleteUnusedImages}
 	} else {
 		// without an imagefs, nodefs pressure should delete logs, and unused images
 		// since imagefs and nodefs share a common device, they share common reclaim functions
-		resourceToReclaimFunc[resourceNodeFs] = nodeReclaimFuncs{deleteTerminatedContainers(containerGC), deleteImages(imageGC, true)}
-		resourceToReclaimFunc[resourceNodeFsInodes] = nodeReclaimFuncs{deleteTerminatedContainers(containerGC), deleteImages(imageGC, false)}
-		resourceToReclaimFunc[resourceImageFs] = nodeReclaimFuncs{deleteTerminatedContainers(containerGC), deleteImages(imageGC, true)}
-		resourceToReclaimFunc[resourceImageFsInodes] = nodeReclaimFuncs{deleteTerminatedContainers(containerGC), deleteImages(imageGC, false)}
+		resourceToReclaimFunc[resourceNodeFs] = nodeReclaimFuncs{containerGC.DeleteAllUnusedContainers, imageGC.DeleteUnusedImages}
+		resourceToReclaimFunc[resourceNodeFsInodes] = nodeReclaimFuncs{containerGC.DeleteAllUnusedContainers, imageGC.DeleteUnusedImages}
+		resourceToReclaimFunc[resourceImageFs] = nodeReclaimFuncs{containerGC.DeleteAllUnusedContainers, imageGC.DeleteUnusedImages}
+		resourceToReclaimFunc[resourceImageFsInodes] = nodeReclaimFuncs{containerGC.DeleteAllUnusedContainers, imageGC.DeleteUnusedImages}
 	}
 	return resourceToReclaimFunc
 }
-
-// deleteTerminatedContainers will delete terminated containers to free up disk pressure.
-func deleteTerminatedContainers(containerGC ContainerGC) nodeReclaimFunc {
-	return func() (*resource.Quantity, error) {
-		glog.Infof("eviction manager: attempting to delete unused containers")
-		err := containerGC.DeleteAllUnusedContainers()
-		// Calculating bytes freed is not yet supported.
-		return resource.NewQuantity(int64(0), resource.BinarySI), err
-	}
-}
-
-// deleteImages will delete unused images to free up disk pressure.
-func deleteImages(imageGC ImageGC, reportBytesFreed bool) nodeReclaimFunc {
-	return func() (*resource.Quantity, error) {
-		glog.Infof("eviction manager: attempting to delete unused images")
-		bytesFreed, err := imageGC.DeleteUnusedImages()
-		reclaimed := int64(0)
-		if reportBytesFreed {
-			reclaimed = bytesFreed
-		}
-		return resource.NewQuantity(reclaimed, resource.BinarySI), err
-	}
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/types.go b/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/types.go
index f9548510c81b..e4fca84d7a04 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/eviction/types.go
@@ -53,13 +53,16 @@ type Config struct {
 // Manager evaluates when an eviction threshold for node stability has been met on the node.
 type Manager interface {
 	// Start starts the control loop to monitor eviction thresholds at specified interval.
-	Start(diskInfoProvider DiskInfoProvider, podFunc ActivePodsFunc, podCleanedUpFunc PodCleanedUpFunc, capacityProvider CapacityProvider, monitoringInterval time.Duration)
+	Start(diskInfoProvider DiskInfoProvider, podFunc ActivePodsFunc, podCleanedUpFunc PodCleanedUpFunc, monitoringInterval time.Duration)
 
 	// IsUnderMemoryPressure returns true if the node is under memory pressure.
 	IsUnderMemoryPressure() bool
 
 	// IsUnderDiskPressure returns true if the node is under disk pressure.
 	IsUnderDiskPressure() bool
+
+	// IsUnderPIDPressure returns true if the node is under PID pressure.
+	IsUnderPIDPressure() bool
 }
 
 // DiskInfoProvider is responsible for informing the manager how disk is configured.
@@ -68,25 +71,15 @@ type DiskInfoProvider interface {
 	HasDedicatedImageFs() (bool, error)
 }
 
-// CapacityProvider is responsible for providing the resource capacity and reservation information
-type CapacityProvider interface {
-	// GetCapacity returns the amount of compute resources tracked by container manager available on the node.
-	GetCapacity() v1.ResourceList
-	// GetNodeAllocatableReservation returns the amount of compute resources that have to be reserved from scheduling.
-	GetNodeAllocatableReservation() v1.ResourceList
-}
-
 // ImageGC is responsible for performing garbage collection of unused images.
 type ImageGC interface {
-	// DeleteUnusedImages deletes unused images and returns the number of bytes freed, and an error.
-	// This returns the bytes freed even if an error is returned.
-	DeleteUnusedImages() (int64, error)
+	// DeleteUnusedImages deletes unused images.
+	DeleteUnusedImages() error
 }
 
 // ContainerGC is responsible for performing garbage collection of unused containers.
 type ContainerGC interface {
 	// DeleteAllUnusedContainers deletes all unused containers, even those that belong to pods that are terminated, but not deleted.
-	// It returns an error if it is unsuccessful.
 	DeleteAllUnusedContainers() error
 }
 
@@ -131,9 +124,7 @@ type thresholdsObservedAt map[evictionapi.Threshold]time.Time
 type nodeConditionsObservedAt map[v1.NodeConditionType]time.Time
 
 // nodeReclaimFunc is a function that knows how to reclaim a resource from the node without impacting pods.
-// Returns the quantity of resources reclaimed and an error, if applicable.
-// nodeReclaimFunc return the resources reclaimed even if an error occurs.
-type nodeReclaimFunc func() (*resource.Quantity, error)
+type nodeReclaimFunc func() error
 
 // nodeReclaimFuncs is an ordered list of nodeReclaimFunc
 type nodeReclaimFuncs []nodeReclaimFunc
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/gpu/nvidia/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/gpu/nvidia/BUILD
index 62082545e713..28feb876ff7b 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/gpu/nvidia/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/gpu/nvidia/BUILD
@@ -40,8 +40,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["nvidia_gpu_manager_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/gpu/nvidia",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/dockershim:go_default_library",
         "//pkg/kubelet/dockershim/libdocker:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/images/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/images/BUILD
index 8a8684920f4f..f0baa3a3cdfa 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/images/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/images/BUILD
@@ -21,6 +21,7 @@ go_library(
         "//pkg/kubelet/apis/stats/v1alpha1:go_default_library",
         "//pkg/kubelet/container:go_default_library",
         "//pkg/kubelet/events:go_default_library",
+        "//pkg/kubelet/util/sliceutils:go_default_library",
         "//pkg/util/parsers:go_default_library",
         "//vendor/github.com/docker/distribution/reference:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
@@ -39,8 +40,7 @@ go_test(
         "image_gc_manager_test.go",
         "image_manager_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/images",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/apis/stats/v1alpha1:go_default_library",
         "//pkg/kubelet/container:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/images/image_gc_manager.go b/vendor/k8s.io/kubernetes/pkg/kubelet/images/image_gc_manager.go
index 344e0156a498..42dee55d5048 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/images/image_gc_manager.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/images/image_gc_manager.go
@@ -33,8 +33,8 @@ import (
 	"k8s.io/client-go/tools/record"
 	statsapi "k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1"
 	"k8s.io/kubernetes/pkg/kubelet/container"
-	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/kubelet/events"
+	"k8s.io/kubernetes/pkg/kubelet/util/sliceutils"
 )
 
 // StatsProvider is an interface for fetching stats used during image garbage
@@ -55,10 +55,10 @@ type ImageGCManager interface {
 	// Start async garbage collection of images.
 	Start()
 
-	GetImageList() ([]kubecontainer.Image, error)
+	GetImageList() ([]container.Image, error)
 
-	// Delete all unused images and returns the number of bytes freed. The number of bytes freed is always returned.
-	DeleteUnusedImages() (int64, error)
+	// Delete all unused images.
+	DeleteUnusedImages() error
 }
 
 // A policy for garbage collecting images. Policy defines an allowed band in
@@ -101,6 +101,9 @@ type realImageGCManager struct {
 
 	// imageCache is the cache of latest image list.
 	imageCache imageCache
+
+	// sandbox image exempted from GC
+	sandboxImage string
 }
 
 // imageCache caches latest result of ListImages.
@@ -108,20 +111,24 @@ type imageCache struct {
 	// sync.RWMutex is the mutex protects the image cache.
 	sync.RWMutex
 	// images is the image cache.
-	images []kubecontainer.Image
+	images []container.Image
 }
 
 // set updates image cache.
-func (i *imageCache) set(images []kubecontainer.Image) {
+func (i *imageCache) set(images []container.Image) {
 	i.Lock()
 	defer i.Unlock()
 	i.images = images
 }
 
-// get gets image list from image cache.
-func (i *imageCache) get() []kubecontainer.Image {
-	i.RLock()
-	defer i.RUnlock()
+// get gets a sorted (by image size) image list from image cache.
+// There is a potentical data race in this function. See PR #60448
+// Because there is deepcopy function available currently, move sort
+// function inside this function
+func (i *imageCache) get() []container.Image {
+	i.Lock()
+	defer i.Unlock()
+	sort.Sort(sliceutils.ByImageSize(i.images))
 	return i.images
 }
 
@@ -137,7 +144,7 @@ type imageRecord struct {
 	size int64
 }
 
-func NewImageGCManager(runtime container.Runtime, statsProvider StatsProvider, recorder record.EventRecorder, nodeRef *v1.ObjectReference, policy ImageGCPolicy) (ImageGCManager, error) {
+func NewImageGCManager(runtime container.Runtime, statsProvider StatsProvider, recorder record.EventRecorder, nodeRef *v1.ObjectReference, policy ImageGCPolicy, sandboxImage string) (ImageGCManager, error) {
 	// Validate policy.
 	if policy.HighThresholdPercent < 0 || policy.HighThresholdPercent > 100 {
 		return nil, fmt.Errorf("invalid HighThresholdPercent %d, must be in range [0-100]", policy.HighThresholdPercent)
@@ -156,6 +163,7 @@ func NewImageGCManager(runtime container.Runtime, statsProvider StatsProvider, r
 		recorder:      recorder,
 		nodeRef:       nodeRef,
 		initialized:   false,
+		sandboxImage:  sandboxImage,
 	}
 
 	return im, nil
@@ -168,7 +176,7 @@ func (im *realImageGCManager) Start() {
 		if im.initialized {
 			ts = time.Now()
 		}
-		err := im.detectImages(ts)
+		_, err := im.detectImages(ts)
 		if err != nil {
 			glog.Warningf("[imageGCManager] Failed to monitor images: %v", err)
 		} else {
@@ -190,22 +198,29 @@ func (im *realImageGCManager) Start() {
 }
 
 // Get a list of images on this node
-func (im *realImageGCManager) GetImageList() ([]kubecontainer.Image, error) {
+func (im *realImageGCManager) GetImageList() ([]container.Image, error) {
 	return im.imageCache.get(), nil
 }
 
-func (im *realImageGCManager) detectImages(detectTime time.Time) error {
+func (im *realImageGCManager) detectImages(detectTime time.Time) (sets.String, error) {
+	imagesInUse := sets.NewString()
+
+	// Always consider the container runtime pod sandbox image in use
+	imageRef, err := im.runtime.GetImageRef(container.ImageSpec{Image: im.sandboxImage})
+	if err == nil && imageRef != "" {
+		imagesInUse.Insert(imageRef)
+	}
+
 	images, err := im.runtime.ListImages()
 	if err != nil {
-		return err
+		return imagesInUse, err
 	}
 	pods, err := im.runtime.GetPods(true)
 	if err != nil {
-		return err
+		return imagesInUse, err
 	}
 
 	// Make a set of images in use by containers.
-	imagesInUse := sets.NewString()
 	for _, pod := range pods {
 		for _, container := range pod.Containers {
 			glog.V(5).Infof("Pod %s/%s, container %s uses image %s(%s)", pod.Namespace, pod.Name, container.Name, container.Image, container.ImageID)
@@ -231,7 +246,7 @@ func (im *realImageGCManager) detectImages(detectTime time.Time) error {
 		}
 
 		// Set last used time to now if the image is being used.
-		if isImageUsed(image, imagesInUse) {
+		if isImageUsed(image.ID, imagesInUse) {
 			glog.V(5).Infof("Setting Image ID %s lastUsed to %v", image.ID, now)
 			im.imageRecords[image.ID].lastUsed = now
 		}
@@ -248,7 +263,7 @@ func (im *realImageGCManager) detectImages(detectTime time.Time) error {
 		}
 	}
 
-	return nil
+	return imagesInUse, nil
 }
 
 func (im *realImageGCManager) GarbageCollect() error {
@@ -298,8 +313,10 @@ func (im *realImageGCManager) GarbageCollect() error {
 	return nil
 }
 
-func (im *realImageGCManager) DeleteUnusedImages() (int64, error) {
-	return im.freeSpace(math.MaxInt64, time.Now())
+func (im *realImageGCManager) DeleteUnusedImages() error {
+	glog.Infof("attempting to delete unused images")
+	_, err := im.freeSpace(math.MaxInt64, time.Now())
+	return err
 }
 
 // Tries to free bytesToFree worth of images on the disk.
@@ -309,7 +326,7 @@ func (im *realImageGCManager) DeleteUnusedImages() (int64, error) {
 // Note that error may be nil and the number of bytes free may be less
 // than bytesToFree.
 func (im *realImageGCManager) freeSpace(bytesToFree int64, freeTime time.Time) (int64, error) {
-	err := im.detectImages(freeTime)
+	imagesInUse, err := im.detectImages(freeTime)
 	if err != nil {
 		return 0, err
 	}
@@ -320,6 +337,10 @@ func (im *realImageGCManager) freeSpace(bytesToFree int64, freeTime time.Time) (
 	// Get all images in eviction order.
 	images := make([]evictionInfo, 0, len(im.imageRecords))
 	for image, record := range im.imageRecords {
+		if isImageUsed(image, imagesInUse) {
+			glog.V(5).Infof("Image ID %s is being used", image)
+			continue
+		}
 		images = append(images, evictionInfo{
 			id:          image,
 			imageRecord: *record,
@@ -335,7 +356,7 @@ func (im *realImageGCManager) freeSpace(bytesToFree int64, freeTime time.Time) (
 		// Images that are currently in used were given a newer lastUsed.
 		if image.lastUsed.Equal(freeTime) || image.lastUsed.After(freeTime) {
 			glog.V(5).Infof("Image ID %s has lastUsed=%v which is >= freeTime=%v, not eligible for garbage collection", image.id, image.lastUsed, freeTime)
-			break
+			continue
 		}
 
 		// Avoid garbage collect the image if the image is not old enough.
@@ -385,9 +406,9 @@ func (ev byLastUsedAndDetected) Less(i, j int) bool {
 	}
 }
 
-func isImageUsed(image container.Image, imagesInUse sets.String) bool {
+func isImageUsed(imageID string, imagesInUse sets.String) bool {
 	// Check the image ID.
-	if _, ok := imagesInUse[image.ID]; ok {
+	if _, ok := imagesInUse[imageID]; ok {
 		return true
 	}
 	return false
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/images/image_manager.go b/vendor/k8s.io/kubernetes/pkg/kubelet/images/image_manager.go
index 04652da04033..413df5a727d6 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/images/image_manager.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/images/image_manager.go
@@ -154,11 +154,12 @@ func applyDefaultImageTag(image string) (string, error) {
 	_, isTagged := named.(dockerref.Tagged)
 	_, isDigested := named.(dockerref.Digested)
 	if !isTagged && !isDigested {
-		named, err := dockerref.WithTag(named, parsers.DefaultImageTag)
-		if err != nil {
-			return "", fmt.Errorf("failed to apply default image tag %q: %v", image, err)
-		}
-		image = named.String()
+		// we just concatenate the image name with the default tag here instead
+		// of using dockerref.WithTag(named, ...) because that would cause the
+		// image to be fully qualified as docker.io/$name if it's a short name
+		// (e.g. just busybox). We don't want that to happen to keep the CRI
+		// agnostic wrt image names and default hostnames.
+		image = image + ":" + parsers.DefaultImageTag
 	}
 	return image, nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet.go
index f0930e3757fe..c4e88c0cb1c5 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet.go
@@ -17,8 +17,10 @@ limitations under the License.
 package kubelet
 
 import (
+	"context"
 	"crypto/tls"
 	"fmt"
+	"math"
 	"net"
 	"net/http"
 	"net/url"
@@ -57,7 +59,6 @@ import (
 	"k8s.io/kubernetes/pkg/features"
 	internalapi "k8s.io/kubernetes/pkg/kubelet/apis/cri"
 	kubeletconfiginternal "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
-	kubeletconfigv1alpha1 "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1"
 	"k8s.io/kubernetes/pkg/kubelet/cadvisor"
 	kubeletcertificate "k8s.io/kubernetes/pkg/kubelet/certificate"
 	"k8s.io/kubernetes/pkg/kubelet/cm"
@@ -74,7 +75,9 @@ import (
 	"k8s.io/kubernetes/pkg/kubelet/kubeletconfig"
 	"k8s.io/kubernetes/pkg/kubelet/kuberuntime"
 	"k8s.io/kubernetes/pkg/kubelet/lifecycle"
+	"k8s.io/kubernetes/pkg/kubelet/logs"
 	"k8s.io/kubernetes/pkg/kubelet/metrics"
+	"k8s.io/kubernetes/pkg/kubelet/metrics/collectors"
 	"k8s.io/kubernetes/pkg/kubelet/network"
 	"k8s.io/kubernetes/pkg/kubelet/network/dns"
 	"k8s.io/kubernetes/pkg/kubelet/pleg"
@@ -96,6 +99,7 @@ import (
 	"k8s.io/kubernetes/pkg/kubelet/util/queue"
 	"k8s.io/kubernetes/pkg/kubelet/util/sliceutils"
 	"k8s.io/kubernetes/pkg/kubelet/volumemanager"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm/predicates"
 	"k8s.io/kubernetes/pkg/security/apparmor"
 	utildbus "k8s.io/kubernetes/pkg/util/dbus"
 	kubeio "k8s.io/kubernetes/pkg/util/io"
@@ -104,7 +108,6 @@ import (
 	nodeutil "k8s.io/kubernetes/pkg/util/node"
 	"k8s.io/kubernetes/pkg/util/oom"
 	"k8s.io/kubernetes/pkg/volume"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates"
 	utilexec "k8s.io/utils/exec"
 )
 
@@ -203,7 +206,6 @@ type Builder func(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 	registerNode bool,
 	registerWithTaints []api.Taint,
 	allowedUnsafeSysctls []string,
-	containerized bool,
 	remoteRuntimeEndpoint string,
 	remoteImageEndpoint string,
 	experimentalMounterPath string,
@@ -225,27 +227,7 @@ type Builder func(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 // at runtime that are necessary for running the Kubelet. This is a temporary solution for grouping
 // these objects while we figure out a more comprehensive dependency injection story for the Kubelet.
 type Dependencies struct {
-	// TODO(mtaufen): KubeletBuilder:
-	//                Mesos currently uses this as a hook to let them make their own call to
-	//                let them wrap the KubeletBootstrap that CreateAndInitKubelet returns with
-	//                their own KubeletBootstrap. It's a useful hook. I need to think about what
-	//                a nice home for it would be. There seems to be a trend, between this and
-	//                the Options fields below, of providing hooks where you can add extra functionality
-	//                to the Kubelet for your solution. Maybe we should centralize these sorts of things?
-	Builder Builder
-
-	// TODO(mtaufen): ContainerRuntimeOptions and Options:
-	//                Arrays of functions that can do arbitrary things to the Kubelet and the Runtime
-	//                seem like a difficult path to trace when it's time to debug something.
-	//                I'm leaving these fields here for now, but there is likely an easier-to-follow
-	//                way to support their intended use cases. E.g. ContainerRuntimeOptions
-	//                is used by Mesos to set an environment variable in containers which has
-	//                some connection to their container GC. It seems that Mesos intends to use
-	//                Options to add additional node conditions that are updated as part of the
-	//                Kubelet lifecycle (see https://github.com/kubernetes/kubernetes/pull/21521).
-	//                We should think about providing more explicit ways of doing these things.
-	ContainerRuntimeOptions []kubecontainer.Option
-	Options                 []Option
+	Options []Option
 
 	// Injected Dependencies
 	Auth                    server.AuthInterface
@@ -274,8 +256,8 @@ type Dependencies struct {
 // KubeletConfiguration or returns an error.
 func makePodSourceConfig(kubeCfg *kubeletconfiginternal.KubeletConfiguration, kubeDeps *Dependencies, nodeName types.NodeName, bootstrapCheckpointPath string) (*config.PodConfig, error) {
 	manifestURLHeader := make(http.Header)
-	if len(kubeCfg.ManifestURLHeader) > 0 {
-		for k, v := range kubeCfg.ManifestURLHeader {
+	if len(kubeCfg.StaticPodURLHeader) > 0 {
+		for k, v := range kubeCfg.StaticPodURLHeader {
 			for i := range v {
 				manifestURLHeader.Add(k, v[i])
 			}
@@ -286,15 +268,15 @@ func makePodSourceConfig(kubeCfg *kubeletconfiginternal.KubeletConfiguration, ku
 	cfg := config.NewPodConfig(config.PodConfigNotificationIncremental, kubeDeps.Recorder)
 
 	// define file config source
-	if kubeCfg.PodManifestPath != "" {
-		glog.Infof("Adding manifest path: %v", kubeCfg.PodManifestPath)
-		config.NewSourceFile(kubeCfg.PodManifestPath, nodeName, kubeCfg.FileCheckFrequency.Duration, cfg.Channel(kubetypes.FileSource))
+	if kubeCfg.StaticPodPath != "" {
+		glog.Infof("Adding pod path: %v", kubeCfg.StaticPodPath)
+		config.NewSourceFile(kubeCfg.StaticPodPath, nodeName, kubeCfg.FileCheckFrequency.Duration, cfg.Channel(kubetypes.FileSource))
 	}
 
 	// define url config source
-	if kubeCfg.ManifestURL != "" {
-		glog.Infof("Adding manifest url %q with HTTP header %v", kubeCfg.ManifestURL, manifestURLHeader)
-		config.NewSourceURL(kubeCfg.ManifestURL, manifestURLHeader, nodeName, kubeCfg.HTTPCheckFrequency.Duration, cfg.Channel(kubetypes.HTTPSource))
+	if kubeCfg.StaticPodURL != "" {
+		glog.Infof("Adding pod url %q with HTTP header %v", kubeCfg.StaticPodURL, manifestURLHeader)
+		config.NewSourceURL(kubeCfg.StaticPodURL, manifestURLHeader, nodeName, kubeCfg.HTTPCheckFrequency.Duration, cfg.Channel(kubetypes.HTTPSource))
 	}
 
 	// Restore from the checkpoint path
@@ -349,7 +331,6 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 	registerNode bool,
 	registerWithTaints []api.Taint,
 	allowedUnsafeSysctls []string,
-	containerized bool,
 	remoteRuntimeEndpoint string,
 	remoteImageEndpoint string,
 	experimentalMounterPath string,
@@ -397,7 +378,7 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 			return nil, fmt.Errorf("failed to get instances from cloud provider")
 		}
 
-		nodeName, err = instances.CurrentNodeName(hostname)
+		nodeName, err = instances.CurrentNodeName(context.TODO(), hostname)
 		if err != nil {
 			return nil, fmt.Errorf("error fetching current instance name from cloud provider: %v", err)
 		}
@@ -405,7 +386,7 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 		glog.V(2).Infof("cloud provider determined current node name to be %s", nodeName)
 
 		if utilfeature.DefaultFeatureGate.Enabled(features.RotateKubeletServerCertificate) {
-			nodeAddresses, err := instances.NodeAddresses(nodeName)
+			nodeAddresses, err := instances.NodeAddresses(context.TODO(), nodeName)
 			if err != nil {
 				return nil, fmt.Errorf("failed to get the addresses of the current instance from the cloud provider: %v", err)
 			}
@@ -526,7 +507,6 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 		recorder:                       kubeDeps.Recorder,
 		cadvisor:                       kubeDeps.CAdvisorInterface,
 		cloud:                          kubeDeps.Cloud,
-		autoDetectCloudProvider:   (kubeletconfigv1alpha1.AutoDetectCloudProvider == cloudProvider),
 		externalCloudProvider:     cloudprovider.IsExternal(cloudProvider),
 		providerID:                providerID,
 		nodeRef:                   nodeRef,
@@ -580,11 +560,11 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 		return nil, err
 	}
 	klet.networkPlugin = plug
-
-	machineInfo, err := klet.GetCachedMachineInfo()
+	machineInfo, err := klet.cadvisor.MachineInfo()
 	if err != nil {
 		return nil, err
 	}
+	klet.machineInfo = machineInfo
 
 	imageBackOff := flowcontrol.NewBackOff(backOffPeriod, MaxContainerBackOff)
 
@@ -619,6 +599,10 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 	var nl *NoOpLegacyHost
 	pluginSettings.LegacyRuntimeHost = nl
 
+	if containerRuntime == kubetypes.RktContainerRuntime {
+		glog.Warningln("rktnetes has been deprecated in favor of rktlet. Please see https://github.com/kubernetes-incubator/rktlet for more information.")
+	}
+
 	// rktnetes cannot be run with CRI.
 	if containerRuntime != kubetypes.RktContainerRuntime {
 		// kubelet defers to the runtime shim to setup networking. Setting
@@ -639,9 +623,6 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 			if err != nil {
 				return nil, err
 			}
-			if err := ds.Start(); err != nil {
-				return nil, err
-			}
 			// For now, the CRI shim redirects the streaming requests to the
 			// kubelet, which handles the requests using DockerService..
 			klet.criHandler = ds
@@ -662,8 +643,8 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 				return nil, err
 			}
 			if !supported {
-				klet.dockerLegacyService = ds.NewDockerLegacyService()
-				legacyLogProvider = dockershim.NewLegacyLogProvider(klet.dockerLegacyService)
+				klet.dockerLegacyService = ds
+				legacyLogProvider = ds
 			}
 		case kubetypes.RemoteContainerRuntime:
 			// No-op.
@@ -716,7 +697,8 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 				klet.podManager,
 				klet.runtimeCache,
 				runtimeService,
-				imageService)
+				imageService,
+				stats.NewLogMetricsService())
 		}
 	} else {
 		// rkt uses the legacy, non-CRI, integration. Configure it the old way.
@@ -772,12 +754,27 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 	klet.containerDeletor = newPodContainerDeletor(klet.containerRuntime, integer.IntMax(containerGCPolicy.MaxPerPodContainer, minDeadContainerInPod))
 
 	// setup imageManager
-	imageManager, err := images.NewImageGCManager(klet.containerRuntime, klet.StatsProvider, kubeDeps.Recorder, nodeRef, imageGCPolicy)
+	imageManager, err := images.NewImageGCManager(klet.containerRuntime, klet.StatsProvider, kubeDeps.Recorder, nodeRef, imageGCPolicy, crOptions.PodSandboxImage)
 	if err != nil {
 		return nil, fmt.Errorf("failed to initialize image manager: %v", err)
 	}
 	klet.imageManager = imageManager
 
+	if containerRuntime == kubetypes.RemoteContainerRuntime && utilfeature.DefaultFeatureGate.Enabled(features.CRIContainerLogRotation) {
+		// setup containerLogManager for CRI container runtime
+		containerLogManager, err := logs.NewContainerLogManager(
+			klet.runtimeService,
+			kubeCfg.ContainerLogMaxSize,
+			int(kubeCfg.ContainerLogMaxFiles),
+		)
+		if err != nil {
+			return nil, fmt.Errorf("failed to initialize container log manager: %v", err)
+		}
+		klet.containerLogManager = containerLogManager
+	} else {
+		klet.containerLogManager = logs.NewStubContainerLogManager()
+	}
+
 	klet.statusManager = status.NewManager(klet.kubeClient, klet.podManager, klet)
 
 	if utilfeature.DefaultFeatureGate.Enabled(features.RotateKubeletServerCertificate) && kubeDeps.TLSOptions != nil {
@@ -802,7 +799,7 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 		kubeDeps.TLSOptions.Config.GetCertificate = func(*tls.ClientHelloInfo) (*tls.Certificate, error) {
 			cert := klet.serverCertificateManager.Current()
 			if cert == nil {
-				return nil, fmt.Errorf("no certificate available")
+				return nil, fmt.Errorf("no serving certificate available for the kubelet")
 			}
 			return cert, nil
 		}
@@ -904,6 +901,7 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 	klet.softAdmitHandlers.AddPodAdmitHandler(lifecycle.NewNoNewPrivsAdmitHandler(klet.containerRuntime))
 	if utilfeature.DefaultFeatureGate.Enabled(features.Accelerators) {
 		if containerRuntime == kubetypes.DockerContainerRuntime {
+			glog.Warningln("Accelerators feature is deprecated and will be removed in v1.11. Please use device plugins instead. They can be enabled using the DevicePlugins feature gate.")
 			if klet.gpuManager, err = nvidia.NewNvidiaGPUManager(klet, kubeDeps.DockerClientConfig); err != nil {
 				return nil, err
 			}
@@ -1012,6 +1010,9 @@ type Kubelet struct {
 	// Manager for image garbage collection.
 	imageManager images.ImageGCManager
 
+	// Manager for container logs.
+	containerLogManager logs.ContainerLogManager
+
 	// Secret manager.
 	secretManager secret.Manager
 
@@ -1037,11 +1038,7 @@ type Kubelet struct {
 
 	// Cloud provider interface.
 	cloud cloudprovider.Interface
-	// DEPRECATED: auto detecting cloud providers goes against the initiative
-	// for out-of-tree cloud providers as we'll now depend on cAdvisor integrations
-	// with cloud providers instead of in the core repo.
-	// More details here: https://github.com/kubernetes/kubernetes/issues/50986
-	autoDetectCloudProvider bool
+
 	// Indicates that the node initialization happens in an external cloud controller
 	externalCloudProvider bool
 	// Reference to this node.
@@ -1296,7 +1293,7 @@ func (kl *Kubelet) StartGarbageCollection() {
 // Note that the modules here must not depend on modules that are not initialized here.
 func (kl *Kubelet) initializeModules() error {
 	// Prometheus metrics.
-	metrics.Register(kl.runtimeCache)
+	metrics.Register(kl.runtimeCache, collectors.NewVolumeStatsCollector(kl))
 
 	// Setup filesystem directories.
 	if err := kl.setupDataDirs(); err != nil {
@@ -1318,16 +1315,6 @@ func (kl *Kubelet) initializeModules() error {
 		kl.serverCertificateManager.Start()
 	}
 
-	// Start container manager.
-	node, err := kl.getNodeAnyWay()
-	if err != nil {
-		return fmt.Errorf("Kubelet failed to get node info: %v", err)
-	}
-
-	if err := kl.containerManager.Start(node, kl.GetActivePods, kl.sourcesReady, kl.statusManager, kl.runtimeService); err != nil {
-		return fmt.Errorf("Failed to start ContainerManager %v", err)
-	}
-
 	// Start out of memory watcher.
 	if err := kl.oomWatcher.Start(kl.nodeRef); err != nil {
 		return fmt.Errorf("Failed to start OOM watcher %v", err)
@@ -1351,8 +1338,27 @@ func (kl *Kubelet) initializeRuntimeDependentModules() {
 		// TODO(random-liu): Add backoff logic in the babysitter
 		glog.Fatalf("Failed to start cAdvisor %v", err)
 	}
+
+	// trigger on-demand stats collection once so that we have capacity information for ephemeral storage.
+	// ignore any errors, since if stats collection is not successful, the container manager will fail to start below.
+	kl.StatsProvider.GetCgroupStats("/", true)
+	// Start container manager.
+	node, err := kl.getNodeAnyWay()
+	if err != nil {
+		// Fail kubelet and rely on the babysitter to retry starting kubelet.
+		glog.Fatalf("Kubelet failed to get node info: %v", err)
+	}
+	// containerManager must start after cAdvisor because it needs filesystem capacity information
+	if err := kl.containerManager.Start(node, kl.GetActivePods, kl.sourcesReady, kl.statusManager, kl.runtimeService); err != nil {
+		// Fail kubelet and rely on the babysitter to retry starting kubelet.
+		glog.Fatalf("Failed to start ContainerManager %v", err)
+	}
 	// eviction manager must start after cadvisor because it needs to know if the container runtime has a dedicated imagefs
-	kl.evictionManager.Start(kl.cadvisor, kl.GetActivePods, kl.podResourcesAreReclaimed, kl.containerManager, evictionMonitoringPeriod)
+	kl.evictionManager.Start(kl.StatsProvider, kl.GetActivePods, kl.podResourcesAreReclaimed, evictionMonitoringPeriod)
+
+	// container log manager must start after container runtime is up to retrieve information from container runtime
+	// and inform container to reopen log file after log rotation.
+	kl.containerLogManager.Start()
 }
 
 // Run starts the kubelet reacting to config updates
@@ -1777,12 +1783,22 @@ func (kl *Kubelet) syncLoop(updates <-chan kubetypes.PodUpdate, handler SyncHand
 	housekeepingTicker := time.NewTicker(housekeepingPeriod)
 	defer housekeepingTicker.Stop()
 	plegCh := kl.pleg.Watch()
+	const (
+		base   = 100 * time.Millisecond
+		max    = 5 * time.Second
+		factor = 2
+	)
+	duration := base
 	for {
 		if rs := kl.runtimeState.runtimeErrors(); len(rs) != 0 {
 			glog.Infof("skipping pod synchronization - %v", rs)
-			time.Sleep(5 * time.Second)
+			// exponential backoff
+			time.Sleep(duration)
+			duration = time.Duration(math.Min(float64(max), factor*float64(duration)))
 			continue
 		}
+		// reset backoff if we have a success
+		duration = base
 
 		kl.syncLoopMonitor.Store(kl.clock.Now())
 		if !kl.syncLoopIteration(updates, handler, syncTicker.C, housekeepingTicker.C, plegCh) {
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_getters.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_getters.go
index fefd8aac1444..04284f6e3ea5 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_getters.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_getters.go
@@ -179,9 +179,8 @@ func (kl *Kubelet) GetHostname() string {
 	return kl.hostname
 }
 
-// GetRuntime returns the current Runtime implementation in use by the kubelet. This func
-// is exported to simplify integration with third party kubelet extensions (e.g. kubernetes-mesos).
-func (kl *Kubelet) GetRuntime() kubecontainer.Runtime {
+// getRuntime returns the current Runtime implementation in use by the kubelet.
+func (kl *Kubelet) getRuntime() kubecontainer.Runtime {
 	return kl.containerRuntime
 }
 
@@ -212,6 +211,11 @@ func (kl *Kubelet) GetNodeConfig() cm.NodeConfig {
 	return kl.containerManager.GetNodeConfig()
 }
 
+// GetPodCgroupRoot returns the listeral cgroupfs value for the cgroup containing all pods
+func (kl *Kubelet) GetPodCgroupRoot() string {
+	return kl.containerManager.GetPodCgroupRoot()
+}
+
 // GetHostIP returns host IP or nil in case of error.
 func (kl *Kubelet) GetHostIP() (net.IP, error) {
 	node, err := kl.GetNode()
@@ -270,6 +274,24 @@ func (kl *Kubelet) getPodVolumePathListFromDisk(podUID types.UID) ([]string, err
 	return volumes, nil
 }
 
+func (kl *Kubelet) getMountedVolumePathListFromDisk(podUID types.UID) ([]string, error) {
+	mountedVolumes := []string{}
+	volumePaths, err := kl.getPodVolumePathListFromDisk(podUID)
+	if err != nil {
+		return mountedVolumes, err
+	}
+	for _, volumePath := range volumePaths {
+		isNotMount, err := kl.mounter.IsLikelyNotMountPoint(volumePath)
+		if err != nil {
+			return mountedVolumes, err
+		}
+		if !isNotMount {
+			mountedVolumes = append(mountedVolumes, volumePath)
+		}
+	}
+	return mountedVolumes, nil
+}
+
 // GetVersionInfo returns information about the version of cAdvisor in use.
 func (kl *Kubelet) GetVersionInfo() (*cadvisorapiv1.VersionInfo, error) {
 	return kl.cadvisor.VersionInfo()
@@ -277,12 +299,5 @@ func (kl *Kubelet) GetVersionInfo() (*cadvisorapiv1.VersionInfo, error) {
 
 // GetCachedMachineInfo assumes that the machine info can't change without a reboot
 func (kl *Kubelet) GetCachedMachineInfo() (*cadvisorapiv1.MachineInfo, error) {
-	if kl.machineInfo == nil {
-		info, err := kl.cadvisor.MachineInfo()
-		if err != nil {
-			return nil, err
-		}
-		kl.machineInfo = info
-	}
 	return kl.machineInfo, nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_network.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_network.go
index d7e47de55767..c33b5a7ed018 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_network.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_network.go
@@ -22,7 +22,7 @@ import (
 	"github.com/golang/glog"
 	"k8s.io/api/core/v1"
 	clientset "k8s.io/client-go/kubernetes"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/kubelet/network"
@@ -65,7 +65,7 @@ func (nh *networkHost) GetKubeClient() clientset.Interface {
 }
 
 func (nh *networkHost) GetRuntime() kubecontainer.Runtime {
-	return nh.kubelet.GetRuntime()
+	return nh.kubelet.getRuntime()
 }
 
 func (nh *networkHost) SupportsLegacyFeatures() bool {
@@ -88,7 +88,7 @@ type criNetworkHost struct {
 // Any network plugin invoked by a cri must implement NamespaceGetter
 // to talk directly to the runtime instead.
 func (c *criNetworkHost) GetNetNS(containerID string) (string, error) {
-	return c.kubelet.GetRuntime().GetNetNS(kubecontainer.ContainerID{Type: "", ID: containerID})
+	return c.kubelet.getRuntime().GetNetNS(kubecontainer.ContainerID{Type: "", ID: containerID})
 }
 
 // NoOpLegacyHost implements the network.LegacyHost interface for the remote
@@ -106,7 +106,7 @@ func (n *NoOpLegacyHost) GetKubeClient() clientset.Interface {
 	return nil
 }
 
-// GetRuntime always returns "nil" for 'NoOpLegacyHost'
+// getRuntime always returns "nil" for 'NoOpLegacyHost'
 func (n *NoOpLegacyHost) GetRuntime() kubecontainer.Runtime {
 	return nil
 }
@@ -188,7 +188,7 @@ func (kl *Kubelet) updatePodCIDR(cidr string) {
 
 	// kubelet -> generic runtime -> runtime shim -> network plugin
 	// docker/rkt non-cri implementations have a passthrough UpdatePodCIDR
-	if err := kl.GetRuntime().UpdatePodCIDR(cidr); err != nil {
+	if err := kl.getRuntime().UpdatePodCIDR(cidr); err != nil {
 		glog.Errorf("Failed to update pod CIDR: %v", err)
 		return
 	}
@@ -282,7 +282,7 @@ func getIPTablesMark(bit int) string {
 	return fmt.Sprintf("%#08x/%#08x", value, value)
 }
 
-// GetPodDNS returns DNS setttings for the pod.
+// GetPodDNS returns DNS settings for the pod.
 // This function is defined in kubecontainer.RuntimeHelper interface so we
 // have to implement it.
 func (kl *Kubelet) GetPodDNS(pod *v1.Pod) (*runtimeapi.DNSConfig, error) {
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_node_status.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_node_status.go
index 7e09c16815f3..85e7ca7d17ce 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_node_status.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_node_status.go
@@ -17,12 +17,13 @@ limitations under the License.
 package kubelet
 
 import (
+	"context"
 	"fmt"
 	"math"
 	"net"
 	goruntime "runtime"
-	"sort"
 	"strings"
+	"sync"
 	"time"
 
 	"github.com/golang/glog"
@@ -41,11 +42,10 @@ import (
 	"k8s.io/kubernetes/pkg/kubelet/cadvisor"
 	"k8s.io/kubernetes/pkg/kubelet/events"
 	"k8s.io/kubernetes/pkg/kubelet/util"
-	"k8s.io/kubernetes/pkg/kubelet/util/sliceutils"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
 	nodeutil "k8s.io/kubernetes/pkg/util/node"
 	"k8s.io/kubernetes/pkg/version"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
+	volutil "k8s.io/kubernetes/pkg/volume/util"
 )
 
 const (
@@ -132,8 +132,7 @@ func (kl *Kubelet) tryRegisterWithAPIServer(node *v1.Node) bool {
 		requiresUpdate := kl.reconcileCMADAnnotationWithExistingNode(node, existingNode)
 		requiresUpdate = kl.updateDefaultLabels(node, existingNode) || requiresUpdate
 		if requiresUpdate {
-			if _, err := nodeutil.PatchNodeStatus(kl.kubeClient.CoreV1(), types.NodeName(kl.nodeName),
-				originalNode, existingNode); err != nil {
+			if _, _, err := nodeutil.PatchNodeStatus(kl.kubeClient.CoreV1(), types.NodeName(kl.nodeName), originalNode, existingNode); err != nil {
 				glog.Errorf("Unable to reconcile node %q with API server: error updating node: %v", kl.nodeName, err)
 				return false
 			}
@@ -142,8 +141,7 @@ func (kl *Kubelet) tryRegisterWithAPIServer(node *v1.Node) bool {
 		return true
 	}
 
-	glog.Errorf(
-		"Previously node %q had externalID %q; now it is %q; will delete and recreate.",
+	glog.Errorf("Previously node %q had externalID %q; now it is %q; will delete and recreate.",
 		kl.nodeName, node.Spec.ExternalID, existingNode.Spec.ExternalID,
 	)
 	if err := kl.kubeClient.CoreV1().Nodes().Delete(node.Name, nil); err != nil {
@@ -191,8 +189,8 @@ func (kl *Kubelet) updateDefaultLabels(initialNode, existingNode *v1.Node) bool
 // whether the existing node must be updated.
 func (kl *Kubelet) reconcileCMADAnnotationWithExistingNode(node, existingNode *v1.Node) bool {
 	var (
-		existingCMAAnnotation    = existingNode.Annotations[volumehelper.ControllerManagedAttachAnnotation]
-		newCMAAnnotation, newSet = node.Annotations[volumehelper.ControllerManagedAttachAnnotation]
+		existingCMAAnnotation    = existingNode.Annotations[volutil.ControllerManagedAttachAnnotation]
+		newCMAAnnotation, newSet = node.Annotations[volutil.ControllerManagedAttachAnnotation]
 	)
 
 	if newCMAAnnotation == existingCMAAnnotation {
@@ -204,13 +202,13 @@ func (kl *Kubelet) reconcileCMADAnnotationWithExistingNode(node, existingNode *v
 	// the correct value of the annotation.
 	if !newSet {
 		glog.Info("Controller attach-detach setting changed to false; updating existing Node")
-		delete(existingNode.Annotations, volumehelper.ControllerManagedAttachAnnotation)
+		delete(existingNode.Annotations, volutil.ControllerManagedAttachAnnotation)
 	} else {
 		glog.Info("Controller attach-detach setting changed to true; updating existing Node")
 		if existingNode.Annotations == nil {
 			existingNode.Annotations = make(map[string]string)
 		}
-		existingNode.Annotations[volumehelper.ControllerManagedAttachAnnotation] = newCMAAnnotation
+		existingNode.Annotations[volutil.ControllerManagedAttachAnnotation] = newCMAAnnotation
 	}
 
 	return true
@@ -271,7 +269,7 @@ func (kl *Kubelet) initialNode() (*v1.Node, error) {
 		}
 
 		glog.Infof("Setting node annotation to enable volume controller attach/detach")
-		node.Annotations[volumehelper.ControllerManagedAttachAnnotation] = "true"
+		node.Annotations[volutil.ControllerManagedAttachAnnotation] = "true"
 	} else {
 		glog.Infof("Controller attach/detach is disabled for this node; Kubelet will attach and detach volumes")
 	}
@@ -281,7 +279,7 @@ func (kl *Kubelet) initialNode() (*v1.Node, error) {
 			node.Annotations = make(map[string]string)
 		}
 		glog.Infof("Setting node annotation to keep pod volumes of terminated pods attached to the node")
-		node.Annotations[volumehelper.KeepTerminatedPodVolumesAnnotation] = "true"
+		node.Annotations[volutil.KeepTerminatedPodVolumesAnnotation] = "true"
 	}
 
 	// @question: should this be place after the call to the cloud provider? which also applies labels
@@ -305,7 +303,7 @@ func (kl *Kubelet) initialNode() (*v1.Node, error) {
 		// TODO(roberthbailey): Can we do this without having credentials to talk
 		// to the cloud provider?
 		// TODO: ExternalID is deprecated, we'll have to drop this code
-		externalID, err := instances.ExternalID(kl.nodeName)
+		externalID, err := instances.ExternalID(context.TODO(), kl.nodeName)
 		if err != nil {
 			return nil, fmt.Errorf("failed to get external ID from cloud provider: %v", err)
 		}
@@ -315,13 +313,13 @@ func (kl *Kubelet) initialNode() (*v1.Node, error) {
 		// cloudprovider from arbitrary nodes. At most, we should talk to a
 		// local metadata server here.
 		if node.Spec.ProviderID == "" {
-			node.Spec.ProviderID, err = cloudprovider.GetInstanceProviderID(kl.cloud, kl.nodeName)
+			node.Spec.ProviderID, err = cloudprovider.GetInstanceProviderID(context.TODO(), kl.cloud, kl.nodeName)
 			if err != nil {
 				return nil, err
 			}
 		}
 
-		instanceType, err := instances.InstanceType(kl.nodeName)
+		instanceType, err := instances.InstanceType(context.TODO(), kl.nodeName)
 		if err != nil {
 			return nil, err
 		}
@@ -332,7 +330,7 @@ func (kl *Kubelet) initialNode() (*v1.Node, error) {
 		// If the cloud has zone information, label the node with the zone information
 		zones, ok := kl.cloud.Zones()
 		if ok {
-			zone, err := zones.GetZone()
+			zone, err := zones.GetZone(context.TODO())
 			if err != nil {
 				return nil, fmt.Errorf("failed to get zone from cloud provider: %v", err)
 			}
@@ -347,13 +345,6 @@ func (kl *Kubelet) initialNode() (*v1.Node, error) {
 		}
 	} else {
 		node.Spec.ExternalID = kl.hostname
-		if kl.autoDetectCloudProvider {
-			// If no cloud provider is defined - use the one detected by cadvisor
-			info, err := kl.GetCachedMachineInfo()
-			if err == nil {
-				kl.updateCloudProviderFromMachineInfo(node, info)
-			}
-		}
 	}
 	kl.setNodeStatus(node)
 
@@ -415,7 +406,7 @@ func (kl *Kubelet) tryUpdateNodeStatus(tryNumber int) error {
 
 	kl.setNodeStatus(node)
 	// Patch the current status on the API server
-	updatedNode, err := nodeutil.PatchNodeStatus(kl.heartbeatClient, types.NodeName(kl.nodeName), originalNode, node)
+	updatedNode, _, err := nodeutil.PatchNodeStatus(kl.heartbeatClient, types.NodeName(kl.nodeName), originalNode, node)
 	if err != nil {
 		return err
 	}
@@ -462,7 +453,7 @@ func (kl *Kubelet) setNodeAddress(node *v1.Node) error {
 		// to the cloud provider?
 		// TODO(justinsb): We can if CurrentNodeName() was actually CurrentNode() and returned an interface
 		// TODO: If IP addresses couldn't be fetched from the cloud provider, should kubelet fallback on the other methods for getting the IP below?
-		nodeAddresses, err := instances.NodeAddresses(kl.nodeName)
+		nodeAddresses, err := instances.NodeAddresses(context.TODO(), kl.nodeName)
 		if err != nil {
 			return fmt.Errorf("failed to get node address from cloud provider: %v", err)
 		}
@@ -557,6 +548,10 @@ func (kl *Kubelet) setNodeStatusMachineInfo(node *v1.Node) {
 		}
 	}
 
+	var devicePluginAllocatable v1.ResourceList
+	var devicePluginCapacity v1.ResourceList
+	var removedDevicePlugins []string
+
 	// TODO: Post NotReady if we cannot get MachineInfo from cAdvisor. This needs to start
 	// cAdvisor locally, e.g. for test-cmd.sh, and in integration test.
 	info, err := kl.GetCachedMachineInfo()
@@ -601,16 +596,25 @@ func (kl *Kubelet) setNodeStatusMachineInfo(node *v1.Node) {
 			}
 		}
 
-		devicePluginCapacity, removedDevicePlugins := kl.containerManager.GetDevicePluginResourceCapacity()
+		devicePluginCapacity, devicePluginAllocatable, removedDevicePlugins = kl.containerManager.GetDevicePluginResourceCapacity()
 		if devicePluginCapacity != nil {
 			for k, v := range devicePluginCapacity {
 				glog.V(2).Infof("Update capacity for %s to %d", k, v.Value())
 				node.Status.Capacity[k] = v
 			}
 		}
+
 		for _, removedResource := range removedDevicePlugins {
-			glog.V(2).Infof("Remove capacity for %s", removedResource)
-			delete(node.Status.Capacity, v1.ResourceName(removedResource))
+			glog.V(2).Infof("Set capacity for %s to 0 on device removal", removedResource)
+			// Set the capacity of the removed resource to 0 instead of
+			// removing the resource from the node status. This is to indicate
+			// that the resource is managed by device plugin and had been
+			// registered before.
+			//
+			// This is required to differentiate the device plugin managed
+			// resources and the cluster-level resources, which are absent in
+			// node status.
+			node.Status.Capacity[v1.ResourceName(removedResource)] = *resource.NewQuantity(int64(0), resource.DecimalSI)
 		}
 	}
 
@@ -638,6 +642,12 @@ func (kl *Kubelet) setNodeStatusMachineInfo(node *v1.Node) {
 		}
 		node.Status.Allocatable[k] = value
 	}
+	if devicePluginAllocatable != nil {
+		for k, v := range devicePluginAllocatable {
+			glog.V(2).Infof("Update allocatable for %s to %d", k, v.Value())
+			node.Status.Allocatable[k] = v
+		}
+	}
 	// for every huge page reservation, we need to remove it from allocatable memory
 	for k, v := range node.Status.Capacity {
 		if v1helper.IsHugePageResourceName(k) {
@@ -691,7 +701,6 @@ func (kl *Kubelet) setNodeStatusImages(node *v1.Node) {
 		return
 	}
 	// sort the images from max to min, and only set top N images into the node status.
-	sort.Sort(sliceutils.ByImageSize(containerImages))
 	if maxImagesInNodeStatus < len(containerImages) {
 		containerImages = containerImages[0:maxImagesInNodeStatus]
 	}
@@ -732,17 +741,28 @@ func (kl *Kubelet) setNodeReadyCondition(node *v1.Node) {
 	// This is due to an issue with version skewed kubelet and master components.
 	// ref: https://github.com/kubernetes/kubernetes/issues/16961
 	currentTime := metav1.NewTime(kl.clock.Now())
-	var newNodeReadyCondition v1.NodeCondition
+	newNodeReadyCondition := v1.NodeCondition{
+		Type:              v1.NodeReady,
+		Status:            v1.ConditionTrue,
+		Reason:            "KubeletReady",
+		Message:           "kubelet is posting ready status",
+		LastHeartbeatTime: currentTime,
+	}
 	rs := append(kl.runtimeState.runtimeErrors(), kl.runtimeState.networkErrors()...)
-	if len(rs) == 0 {
-		newNodeReadyCondition = v1.NodeCondition{
-			Type:              v1.NodeReady,
-			Status:            v1.ConditionTrue,
-			Reason:            "KubeletReady",
-			Message:           "kubelet is posting ready status",
-			LastHeartbeatTime: currentTime,
+	requiredCapacities := []v1.ResourceName{v1.ResourceCPU, v1.ResourceMemory, v1.ResourcePods}
+	if utilfeature.DefaultFeatureGate.Enabled(features.LocalStorageCapacityIsolation) {
+		requiredCapacities = append(requiredCapacities, v1.ResourceEphemeralStorage)
+	}
+	missingCapacities := []string{}
+	for _, resource := range requiredCapacities {
+		if _, found := node.Status.Capacity[resource]; !found {
+			missingCapacities = append(missingCapacities, string(resource))
 		}
-	} else {
+	}
+	if len(missingCapacities) > 0 {
+		rs = append(rs, fmt.Sprintf("Missing node capacity for resources: %s", strings.Join(missingCapacities, ", ")))
+	}
+	if len(rs) > 0 {
 		newNodeReadyCondition = v1.NodeCondition{
 			Type:              v1.NodeReady,
 			Status:            v1.ConditionFalse,
@@ -751,7 +771,6 @@ func (kl *Kubelet) setNodeReadyCondition(node *v1.Node) {
 			LastHeartbeatTime: currentTime,
 		}
 	}
-
 	// Append AppArmor status if it's enabled.
 	// TODO(tallclair): This is a temporary message until node feature reporting is added.
 	if newNodeReadyCondition.Status == v1.ConditionTrue &&
@@ -850,6 +869,62 @@ func (kl *Kubelet) setNodeMemoryPressureCondition(node *v1.Node) {
 	}
 }
 
+// setNodePIDPressureCondition for the node.
+// TODO: this needs to move somewhere centralized...
+func (kl *Kubelet) setNodePIDPressureCondition(node *v1.Node) {
+	currentTime := metav1.NewTime(kl.clock.Now())
+	var condition *v1.NodeCondition
+
+	// Check if NodePIDPressure condition already exists and if it does, just pick it up for update.
+	for i := range node.Status.Conditions {
+		if node.Status.Conditions[i].Type == v1.NodePIDPressure {
+			condition = &node.Status.Conditions[i]
+		}
+	}
+
+	newCondition := false
+	// If the NodePIDPressure condition doesn't exist, create one
+	if condition == nil {
+		condition = &v1.NodeCondition{
+			Type:   v1.NodePIDPressure,
+			Status: v1.ConditionUnknown,
+		}
+		// cannot be appended to node.Status.Conditions here because it gets
+		// copied to the slice. So if we append to the slice here none of the
+		// updates we make below are reflected in the slice.
+		newCondition = true
+	}
+
+	// Update the heartbeat time
+	condition.LastHeartbeatTime = currentTime
+
+	// Note: The conditions below take care of the case when a new NodePIDPressure condition is
+	// created and as well as the case when the condition already exists. When a new condition
+	// is created its status is set to v1.ConditionUnknown which matches either
+	// condition.Status != v1.ConditionTrue or
+	// condition.Status != v1.ConditionFalse in the conditions below depending on whether
+	// the kubelet is under PID pressure or not.
+	if kl.evictionManager.IsUnderPIDPressure() {
+		if condition.Status != v1.ConditionTrue {
+			condition.Status = v1.ConditionTrue
+			condition.Reason = "KubeletHasInsufficientPID"
+			condition.Message = "kubelet has insufficient PID available"
+			condition.LastTransitionTime = currentTime
+			kl.recordNodeStatusEvent(v1.EventTypeNormal, "NodeHasInsufficientPID")
+		}
+	} else if condition.Status != v1.ConditionFalse {
+		condition.Status = v1.ConditionFalse
+		condition.Reason = "KubeletHasSufficientPID"
+		condition.Message = "kubelet has sufficient PID available"
+		condition.LastTransitionTime = currentTime
+		kl.recordNodeStatusEvent(v1.EventTypeNormal, "NodeHasSufficientPID")
+	}
+
+	if newCondition {
+		node.Status.Conditions = append(node.Status.Conditions, *condition)
+	}
+}
+
 // setNodeDiskPressureCondition for the node.
 // TODO: this needs to move somewhere centralized...
 func (kl *Kubelet) setNodeDiskPressureCondition(node *v1.Node) {
@@ -941,10 +1016,15 @@ func (kl *Kubelet) setNodeOODCondition(node *v1.Node) {
 
 // Maintains Node.Spec.Unschedulable value from previous run of tryUpdateNodeStatus()
 // TODO: why is this a package var?
-var oldNodeUnschedulable bool
+var (
+	oldNodeUnschedulable     bool
+	oldNodeUnschedulableLock sync.Mutex
+)
 
 // record if node schedulable change.
 func (kl *Kubelet) recordNodeSchedulableEvent(node *v1.Node) {
+	oldNodeUnschedulableLock.Lock()
+	defer oldNodeUnschedulableLock.Unlock()
 	if oldNodeUnschedulable != node.Spec.Unschedulable {
 		if node.Spec.Unschedulable {
 			kl.recordNodeStatusEvent(v1.EventTypeNormal, events.NodeNotSchedulable)
@@ -992,6 +1072,7 @@ func (kl *Kubelet) defaultNodeStatusFuncs() []func(*v1.Node) error {
 		withoutError(kl.setNodeOODCondition),
 		withoutError(kl.setNodeMemoryPressureCondition),
 		withoutError(kl.setNodeDiskPressureCondition),
+		withoutError(kl.setNodePIDPressureCondition),
 		withoutError(kl.setNodeReadyCondition),
 		withoutError(kl.setNodeVolumesInUseStatus),
 		withoutError(kl.recordNodeSchedulableEvent),
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_pods.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_pods.go
index a4cb85a56bb2..1b96da8169f0 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_pods.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_pods.go
@@ -40,7 +40,6 @@ import (
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/sets"
 	utilvalidation "k8s.io/apimachinery/pkg/util/validation"
-	"k8s.io/apimachinery/pkg/util/validation/field"
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	"k8s.io/client-go/tools/remotecommand"
 	podutil "k8s.io/kubernetes/pkg/api/v1/pod"
@@ -48,10 +47,9 @@ import (
 	podshelper "k8s.io/kubernetes/pkg/apis/core/pods"
 	v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
 	v1qos "k8s.io/kubernetes/pkg/apis/core/v1/helper/qos"
-	"k8s.io/kubernetes/pkg/apis/core/v1/validation"
 	"k8s.io/kubernetes/pkg/features"
 	"k8s.io/kubernetes/pkg/fieldpath"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/kubelet/cm"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/kubelet/envvars"
@@ -64,9 +62,8 @@ import (
 	"k8s.io/kubernetes/pkg/kubelet/util/format"
 	utilfile "k8s.io/kubernetes/pkg/util/file"
 	mountutil "k8s.io/kubernetes/pkg/util/mount"
-	"k8s.io/kubernetes/pkg/volume"
 	volumeutil "k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
+	"k8s.io/kubernetes/pkg/volume/util/volumepathhandler"
 	volumevalidation "k8s.io/kubernetes/pkg/volume/validation"
 	"k8s.io/kubernetes/third_party/forked/golang/expansion"
 )
@@ -132,7 +129,7 @@ func makeAbsolutePath(goos, path string) string {
 
 // makeBlockVolumes maps the raw block devices specified in the path of the container
 // Experimental
-func (kl *Kubelet) makeBlockVolumes(pod *v1.Pod, container *v1.Container, podVolumes kubecontainer.VolumeMap, blkutil volumeutil.BlockVolumePathHandler) ([]kubecontainer.DeviceInfo, error) {
+func (kl *Kubelet) makeBlockVolumes(pod *v1.Pod, container *v1.Container, podVolumes kubecontainer.VolumeMap, blkutil volumepathhandler.BlockVolumePathHandler) ([]kubecontainer.DeviceInfo, error) {
 	var devices []kubecontainer.DeviceInfo
 	for _, device := range container.VolumeDevices {
 		// check path is absolute
@@ -192,7 +189,7 @@ func makeMounts(pod *v1.Pod, podDir string, container *v1.Container, hostName, h
 			vol.SELinuxLabeled = true
 			relabelVolume = true
 		}
-		hostPath, err := volume.GetPath(vol.Mounter)
+		hostPath, err := volumeutil.GetPath(vol.Mounter)
 		if err != nil {
 			return nil, cleanupAction, err
 		}
@@ -238,7 +235,7 @@ func makeMounts(pod *v1.Pod, podDir string, container *v1.Container, hostName, h
 			hostPath, cleanupAction, err = mounter.PrepareSafeSubpath(mountutil.Subpath{
 				VolumeMountIndex: i,
 				Path:             hostPath,
-				VolumeName:       mount.Name,
+				VolumeName:       vol.InnerVolumeSpecName,
 				VolumePath:       volumePath,
 				PodDir:           podDir,
 				ContainerName:    container.Name,
@@ -292,6 +289,12 @@ func makeMounts(pod *v1.Pod, podDir string, container *v1.Container, hostName, h
 // translateMountPropagation transforms v1.MountPropagationMode to
 // runtimeapi.MountPropagation.
 func translateMountPropagation(mountMode *v1.MountPropagationMode) (runtimeapi.MountPropagation, error) {
+	if runtime.GOOS == "windows" {
+		// Windows containers doesn't support mount propagation, use private for it.
+		// Refer https://docs.docker.com/storage/bind-mounts/#configure-bind-propagation.
+		return runtimeapi.MountPropagation_PROPAGATION_PRIVATE, nil
+	}
+
 	if !utilfeature.DefaultFeatureGate.Enabled(features.MountPropagation) {
 		// mount propagation is disabled, use private as in the old versions
 		return runtimeapi.MountPropagation_PROPAGATION_PRIVATE, nil
@@ -465,7 +468,7 @@ func (kl *Kubelet) GenerateRunContainerOptions(pod *v1.Pod, container *v1.Contai
 		return nil, nil, err
 	}
 	opts.Hostname = hostname
-	podName := volumehelper.GetUniquePodName(pod)
+	podName := volumeutil.GetUniquePodName(pod)
 	volumes := kl.volumeManager.GetMountedVolumesForPod(podName)
 
 	opts.PortMappings = kubecontainer.MakePortMappings(container)
@@ -478,7 +481,7 @@ func (kl *Kubelet) GenerateRunContainerOptions(pod *v1.Pod, container *v1.Contai
 
 	// TODO: remove feature gate check after no longer needed
 	if utilfeature.DefaultFeatureGate.Enabled(features.BlockVolume) {
-		blkutil := volumeutil.NewBlockVolumePathHandler()
+		blkutil := volumepathhandler.NewBlockVolumePathHandler()
 		blkVolumes, err := kl.makeBlockVolumes(pod, container, volumes, blkutil)
 		if err != nil {
 			return nil, nil, err
@@ -834,7 +837,7 @@ func (kl *Kubelet) killPod(pod *v1.Pod, runningPod *kubecontainer.Pod, status *k
 	if runningPod != nil {
 		p = *runningPod
 	} else if status != nil {
-		p = kubecontainer.ConvertPodStatusToRunningPod(kl.GetRuntime().Type(), status)
+		p = kubecontainer.ConvertPodStatusToRunningPod(kl.getRuntime().Type(), status)
 	} else {
 		return fmt.Errorf("one of the two arguments must be non-nil: runningPod, status")
 	}
@@ -1129,22 +1132,6 @@ func (kl *Kubelet) podKiller() {
 	}
 }
 
-// hasHostPortConflicts detects pods with conflicted host ports.
-func hasHostPortConflicts(pods []*v1.Pod) bool {
-	ports := sets.String{}
-	for _, pod := range pods {
-		if errs := validation.AccumulateUniqueHostPorts(pod.Spec.Containers, &ports, field.NewPath("spec", "containers")); len(errs) > 0 {
-			glog.Errorf("Pod %q: HostPort is already allocated, ignoring: %v", format.Pod(pod), errs)
-			return true
-		}
-		if errs := validation.AccumulateUniqueHostPorts(pod.Spec.InitContainers, &ports, field.NewPath("spec", "initContainers")); len(errs) > 0 {
-			glog.Errorf("Pod %q: HostPort is already allocated, ignoring: %v", format.Pod(pod), errs)
-			return true
-		}
-	}
-	return false
-}
-
 // validateContainerLogStatus returns the container ID for the desired container to retrieve logs for, based on the state
 // of the container. The previous flag will only return the logs for the last terminated container, otherwise, the current
 // running container is preferred over a previous termination. If info about the container is not available then a specific
@@ -1165,7 +1152,7 @@ func (kl *Kubelet) validateContainerLogStatus(podName string, podStatus *v1.PodS
 
 	switch {
 	case previous:
-		if lastState.Terminated == nil {
+		if lastState.Terminated == nil || lastState.Terminated.ContainerID == "" {
 			return kubecontainer.ContainerID{}, fmt.Errorf("previous terminated container %q in pod %q not found", containerName, podName)
 		}
 		cID = lastState.Terminated.ContainerID
@@ -1174,9 +1161,21 @@ func (kl *Kubelet) validateContainerLogStatus(podName string, podStatus *v1.PodS
 		cID = cStatus.ContainerID
 
 	case terminated != nil:
-		cID = terminated.ContainerID
+		// in cases where the next container didn't start, terminated.ContainerID will be empty, so get logs from the lastState.Terminated.
+		if terminated.ContainerID == "" {
+			if lastState.Terminated != nil && lastState.Terminated.ContainerID != "" {
+				cID = lastState.Terminated.ContainerID
+			} else {
+				return kubecontainer.ContainerID{}, fmt.Errorf("container %q in pod %q is terminated", containerName, podName)
+			}
+		} else {
+			cID = terminated.ContainerID
+		}
 
 	case lastState.Terminated != nil:
+		if lastState.Terminated.ContainerID == "" {
+			return kubecontainer.ContainerID{}, fmt.Errorf("container %q in pod %q is terminated", containerName, podName)
+		}
 		cID = lastState.Terminated.ContainerID
 
 	case waiting != nil:
@@ -1251,10 +1250,8 @@ func (kl *Kubelet) GetKubeletContainerLogs(podFullName, containerName string, lo
 	return kl.containerRuntime.GetContainerLogs(pod, containerID, logOptions, stdout, stderr)
 }
 
-// GetPhase returns the phase of a pod given its container info.
-// This func is exported to simplify integration with 3rd party kubelet
-// integrations like kubernetes-mesos.
-func GetPhase(spec *v1.PodSpec, info []v1.ContainerStatus) v1.PodPhase {
+// getPhase returns the phase of a pod given its container info.
+func getPhase(spec *v1.PodSpec, info []v1.ContainerStatus) v1.PodPhase {
 	initialized := 0
 	pendingInitialization := 0
 	failedInitialization := 0
@@ -1384,17 +1381,23 @@ func (kl *Kubelet) generateAPIPodStatus(pod *v1.Pod, podStatus *kubecontainer.Po
 	// Assume info is ready to process
 	spec := &pod.Spec
 	allStatus := append(append([]v1.ContainerStatus{}, s.ContainerStatuses...), s.InitContainerStatuses...)
-	s.Phase = GetPhase(spec, allStatus)
+	s.Phase = getPhase(spec, allStatus)
+	// Check for illegal phase transition
+	if pod.Status.Phase == v1.PodFailed || pod.Status.Phase == v1.PodSucceeded {
+		// API server shows terminal phase; transitions are not allowed
+		if s.Phase != pod.Status.Phase {
+			glog.Errorf("Pod attempted illegal phase transition from %s to %s: %v", pod.Status.Phase, s.Phase, s)
+			// Force back to phase from the API server
+			s.Phase = pod.Status.Phase
+		}
+	}
 	kl.probeManager.UpdatePodStatus(pod.UID, s)
 	s.Conditions = append(s.Conditions, status.GeneratePodInitializedCondition(spec, s.InitContainerStatuses, s.Phase))
 	s.Conditions = append(s.Conditions, status.GeneratePodReadyCondition(spec, s.ContainerStatuses, s.Phase))
-	// s (the PodStatus we are creating) will not have a PodScheduled condition yet, because converStatusToAPIStatus()
-	// does not create one. If the existing PodStatus has a PodScheduled condition, then copy it into s and make sure
-	// it is set to true. If the existing PodStatus does not have a PodScheduled condition, then create one that is set to true.
-	if _, oldPodScheduled := podutil.GetPodCondition(&pod.Status, v1.PodScheduled); oldPodScheduled != nil {
-		s.Conditions = append(s.Conditions, *oldPodScheduled)
-	}
-	podutil.UpdatePodCondition(&pod.Status, &v1.PodCondition{
+	// Status manager will take care of the LastTransitionTimestamp, either preserve
+	// the timestamp from apiserver, or set a new one. When kubelet sees the pod,
+	// `PodScheduled` condition must be true.
+	s.Conditions = append(s.Conditions, v1.PodCondition{
 		Type:   v1.PodScheduled,
 		Status: v1.ConditionTrue,
 	})
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_volumes.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_volumes.go
index 79b0fe3ea3af..09179fec8041 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_volumes.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_volumes.go
@@ -57,6 +57,18 @@ func (kl *Kubelet) podVolumesExist(podUID types.UID) bool {
 			volumetypes.UniquePodName(podUID)); len(mountedVolumes) > 0 {
 		return true
 	}
+	// TODO: This checks pod volume paths and whether they are mounted. If checking returns error, podVolumesExist will return true
+	// which means we consider volumes might exist and requires further checking.
+	// There are some volume plugins such as flexvolume might not have mounts. See issue #61229
+	volumePaths, err := kl.getMountedVolumePathListFromDisk(podUID)
+	if err != nil {
+		glog.Errorf("pod %q found, but error %v occurred during checking mounted volumes from disk", podUID, err)
+		return true
+	}
+	if len(volumePaths) > 0 {
+		glog.V(4).Infof("pod %q found, but volumes are still mounted on disk %v", podUID, volumePaths)
+		return true
+	}
 
 	return false
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/BUILD
index 71bbe9fb145e..ae3e99f674ef 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/BUILD
@@ -10,7 +10,6 @@ go_library(
     srcs = [
         "configsync.go",
         "controller.go",
-        "rollback.go",
         "watch.go",
     ],
     importpath = "k8s.io/kubernetes/pkg/kubelet/kubeletconfig",
@@ -19,19 +18,21 @@ go_library(
         "//pkg/kubelet/apis/kubeletconfig/validation:go_default_library",
         "//pkg/kubelet/kubeletconfig/checkpoint:go_default_library",
         "//pkg/kubelet/kubeletconfig/checkpoint/store:go_default_library",
-        "//pkg/kubelet/kubeletconfig/configfiles:go_default_library",
         "//pkg/kubelet/kubeletconfig/status:go_default_library",
         "//pkg/kubelet/kubeletconfig/util/equal:go_default_library",
         "//pkg/kubelet/kubeletconfig/util/log:go_default_library",
         "//pkg/kubelet/kubeletconfig/util/panic:go_default_library",
         "//pkg/util/filesystem:go_default_library",
+        "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/fields:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes/typed/core/v1:go_default_library",
         "//vendor/k8s.io/client-go/tools/cache:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint/BUILD
index 4a2f55aa6a73..a04eed0d3fe3 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint/BUILD
@@ -13,12 +13,11 @@ go_test(
         "configmap_test.go",
         "download_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/apis/kubeletconfig:go_default_library",
         "//pkg/kubelet/apis/kubeletconfig/scheme:go_default_library",
-        "//pkg/kubelet/apis/kubeletconfig/v1alpha1:go_default_library",
+        "//pkg/kubelet/apis/kubeletconfig/v1beta1:go_default_library",
         "//pkg/kubelet/kubeletconfig/util/codec:go_default_library",
         "//pkg/kubelet/kubeletconfig/util/test:go_default_library",
         "//vendor/github.com/davecgh/go-spew/spew:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint/configmap.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint/configmap.go
index 7472384889f5..076e7ed33d82 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint/configmap.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint/configmap.go
@@ -65,7 +65,6 @@ func (c *configMapCheckpoint) Parse() (*kubeletconfig.KubeletConfiguration, erro
 		return nil, fmt.Errorf(emptyCfgErr)
 	}
 
-	// TODO(mtaufen): Once the KubeletConfiguration type is decomposed, extend this to a key for each sub-object
 	config, ok := c.configMap.Data[configMapConfigKey]
 	if !ok {
 		return nil, fmt.Errorf("key %q not found in ConfigMap", configMapConfigKey)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint/download.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint/download.go
index 297d974a1aa6..9b516a0eb72c 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint/download.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint/download.go
@@ -34,6 +34,8 @@ import (
 type RemoteConfigSource interface {
 	// UID returns the UID of the remote config source object
 	UID() string
+	// APIPath returns the API path to the remote resource, e.g. its SelfLink
+	APIPath() string
 	// Download downloads the remote config source object returns a Checkpoint backed by the object,
 	// or a sanitized failure reason and error if the download fails
 	Download(client clientset.Interface) (Checkpoint, string, error)
@@ -110,6 +112,13 @@ func (r *remoteConfigMap) UID() string {
 	return string(r.source.ConfigMapRef.UID)
 }
 
+const configMapAPIPathFmt = "/api/v1/namespaces/%s/configmaps/%s"
+
+func (r *remoteConfigMap) APIPath() string {
+	ref := r.source.ConfigMapRef
+	return fmt.Sprintf(configMapAPIPathFmt, ref.Namespace, ref.Name)
+}
+
 func (r *remoteConfigMap) Download(client clientset.Interface) (Checkpoint, string, error) {
 	var reason string
 	uid := string(r.source.ConfigMapRef.UID)
@@ -119,13 +128,13 @@ func (r *remoteConfigMap) Download(client clientset.Interface) (Checkpoint, stri
 	// get the ConfigMap via namespace/name, there doesn't seem to be a way to get it by UID
 	cm, err := client.CoreV1().ConfigMaps(r.source.ConfigMapRef.Namespace).Get(r.source.ConfigMapRef.Name, metav1.GetOptions{})
 	if err != nil {
-		reason = fmt.Sprintf(status.FailSyncReasonDownloadFmt, r.source.ConfigMapRef.Name, r.source.ConfigMapRef.Namespace)
+		reason = fmt.Sprintf(status.FailSyncReasonDownloadFmt, r.APIPath())
 		return nil, reason, fmt.Errorf("%s, error: %v", reason, err)
 	}
 
 	// ensure that UID matches the UID on the reference, the ObjectReference must be unambiguous
 	if r.source.ConfigMapRef.UID != cm.UID {
-		reason = fmt.Sprintf(status.FailSyncReasonUIDMismatchFmt, r.source.ConfigMapRef.UID, cm.UID)
+		reason = fmt.Sprintf(status.FailSyncReasonUIDMismatchFmt, r.source.ConfigMapRef.UID, r.APIPath(), cm.UID)
 		return nil, reason, fmt.Errorf(reason)
 	}
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint/store/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint/store/BUILD
index 37529c46abb4..035a9641d6f7 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint/store/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint/store/BUILD
@@ -12,8 +12,7 @@ go_test(
         "fsstore_test.go",
         "store_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint/store",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/kubeletconfig/checkpoint:go_default_library",
         "//pkg/kubelet/kubeletconfig/util/files:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/configfiles/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/configfiles/BUILD
index 939e728f0122..55bee6fe569a 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/configfiles/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/configfiles/BUILD
@@ -35,12 +35,11 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["configfiles_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/kubeletconfig/configfiles",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/apis/kubeletconfig:go_default_library",
         "//pkg/kubelet/apis/kubeletconfig/scheme:go_default_library",
-        "//pkg/kubelet/apis/kubeletconfig/v1alpha1:go_default_library",
+        "//pkg/kubelet/apis/kubeletconfig/v1beta1:go_default_library",
         "//pkg/kubelet/kubeletconfig/util/files:go_default_library",
         "//pkg/kubelet/kubeletconfig/util/test:go_default_library",
         "//pkg/util/filesystem:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/configfiles/configfiles.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/configfiles/configfiles.go
index fe55e0b938f7..c3b5fc9b4790 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/configfiles/configfiles.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/configfiles/configfiles.go
@@ -27,8 +27,6 @@ import (
 	utilfs "k8s.io/kubernetes/pkg/util/filesystem"
 )
 
-const kubeletFile = "kubelet"
-
 // Loader loads configuration from a storage layer
 type Loader interface {
 	// Load loads and returns the KubeletConfiguration from the storage layer, or an error if a configuration could not be loaded
@@ -41,12 +39,12 @@ type fsLoader struct {
 	fs utilfs.Filesystem
 	// kubeletCodecs is the scheme used to decode config files
 	kubeletCodecs *serializer.CodecFactory
-	// configDir is the absolute path to the directory containing the configuration files
-	configDir string
+	// kubeletFile is an absolute path to the file containing a serialized KubeletConfiguration
+	kubeletFile string
 }
 
-// NewFsLoader returns a Loader that loads a KubeletConfiguration from the files in `configDir`
-func NewFsLoader(fs utilfs.Filesystem, configDir string) (Loader, error) {
+// NewFsLoader returns a Loader that loads a KubeletConfiguration from the `kubeletFile`
+func NewFsLoader(fs utilfs.Filesystem, kubeletFile string) (Loader, error) {
 	_, kubeletCodecs, err := kubeletscheme.NewSchemeAndCodecs()
 	if err != nil {
 		return nil, err
@@ -55,21 +53,19 @@ func NewFsLoader(fs utilfs.Filesystem, configDir string) (Loader, error) {
 	return &fsLoader{
 		fs:            fs,
 		kubeletCodecs: kubeletCodecs,
-		configDir:     configDir,
+		kubeletFile:   kubeletFile,
 	}, nil
 }
 
 func (loader *fsLoader) Load() (*kubeletconfig.KubeletConfiguration, error) {
-	// require the config be in a file called "kubelet"
-	path := filepath.Join(loader.configDir, kubeletFile)
-	data, err := loader.fs.ReadFile(path)
+	data, err := loader.fs.ReadFile(loader.kubeletFile)
 	if err != nil {
-		return nil, fmt.Errorf("failed to read init config file %q, error: %v", path, err)
+		return nil, fmt.Errorf("failed to read kubelet config file %q, error: %v", loader.kubeletFile, err)
 	}
 
 	// no configuration is an error, some parameters are required
 	if len(data) == 0 {
-		return nil, fmt.Errorf("init config file %q was empty, but some parameters are required", path)
+		return nil, fmt.Errorf("kubelet config file %q was empty", loader.kubeletFile)
 	}
 
 	kc, err := utilcodec.DecodeKubeletConfiguration(loader.kubeletCodecs, data)
@@ -78,7 +74,7 @@ func (loader *fsLoader) Load() (*kubeletconfig.KubeletConfiguration, error) {
 	}
 
 	// make all paths absolute
-	resolveRelativePaths(kubeletconfig.KubeletConfigurationPathRefs(kc), loader.configDir)
+	resolveRelativePaths(kubeletconfig.KubeletConfigurationPathRefs(kc), filepath.Dir(loader.kubeletFile))
 	return kc, nil
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/configsync.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/configsync.go
index ac7e40656f97..2584bc2efcc6 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/configsync.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/configsync.go
@@ -19,15 +19,30 @@ package kubeletconfig
 import (
 	"fmt"
 	"os"
+	"time"
+
+	"github.com/golang/glog"
 
 	apiv1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/types"
 	clientset "k8s.io/client-go/kubernetes"
+	v1core "k8s.io/client-go/kubernetes/typed/core/v1"
 	"k8s.io/client-go/tools/cache"
 	"k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint"
 	"k8s.io/kubernetes/pkg/kubelet/kubeletconfig/status"
 	utillog "k8s.io/kubernetes/pkg/kubelet/kubeletconfig/util/log"
 )
 
+const (
+	// KubeletConfigChangedEventReason identifies an event as a change of Kubelet configuration
+	KubeletConfigChangedEventReason = "KubeletConfigChanged"
+	// EventMessageFmt is the message format for Kubelet config change events
+	EventMessageFmt = "Kubelet will restart to use: %s"
+	// LocalConfigMessage is the text to apply to EventMessageFmt when the Kubelet has been configured to use its local config (init or defaults)
+	LocalConfigMessage = "local config"
+)
+
 // pokeConfiSourceWorker tells the worker thread that syncs config sources that work needs to be done
 func (cc *Controller) pokeConfigSourceWorker() {
 	select {
@@ -37,7 +52,7 @@ func (cc *Controller) pokeConfigSourceWorker() {
 }
 
 // syncConfigSource checks if work needs to be done to use a new configuration, and does that work if necessary
-func (cc *Controller) syncConfigSource(client clientset.Interface, nodeName string) {
+func (cc *Controller) syncConfigSource(client clientset.Interface, eventClient v1core.EventsGetter, nodeName string) {
 	select {
 	case <-cc.pendingConfigSource:
 	default:
@@ -56,19 +71,28 @@ func (cc *Controller) syncConfigSource(client clientset.Interface, nodeName stri
 
 	node, err := latestNode(cc.informer.GetStore(), nodeName)
 	if err != nil {
-		cc.configOK.SetFailSyncCondition(status.FailSyncReasonInformer)
+		cc.configOk.SetFailSyncCondition(status.FailSyncReasonInformer)
 		syncerr = fmt.Errorf("%s, error: %v", status.FailSyncReasonInformer, err)
 		return
 	}
 
 	// check the Node and download any new config
-	if updated, reason, err := cc.doSyncConfigSource(client, node.Spec.ConfigSource); err != nil {
-		cc.configOK.SetFailSyncCondition(reason)
+	if updated, cur, reason, err := cc.doSyncConfigSource(client, node.Spec.ConfigSource); err != nil {
+		cc.configOk.SetFailSyncCondition(reason)
 		syncerr = fmt.Errorf("%s, error: %v", reason, err)
 		return
 	} else if updated {
-		// TODO(mtaufen): Consider adding a "currently restarting kubelet" ConfigOK message for this case
-		utillog.Infof("config updated, Kubelet will restart to begin using new config")
+		path := LocalConfigMessage
+		if cur != nil {
+			path = cur.APIPath()
+		}
+		// we directly log and send the event, instead of using the event recorder,
+		// because the event recorder won't flush its queue before we exit (we'd lose the event)
+		event := eventf(nodeName, apiv1.EventTypeNormal, KubeletConfigChangedEventReason, EventMessageFmt, path)
+		glog.V(3).Infof("Event(%#v): type: '%v' reason: '%v' %v", event.InvolvedObject, event.Type, event.Reason, event.Message)
+		if _, err := eventClient.Events(apiv1.NamespaceDefault).Create(event); err != nil {
+			utillog.Errorf("failed to send event, error: %v", err)
+		}
 		os.Exit(0)
 	}
 
@@ -76,36 +100,36 @@ func (cc *Controller) syncConfigSource(client clientset.Interface, nodeName stri
 	// - there is no need to restart to update the current config
 	// - there was no error trying to sync configuration
 	// - if, previously, there was an error trying to sync configuration, we need to clear that error from the condition
-	cc.configOK.ClearFailSyncCondition()
+	cc.configOk.ClearFailSyncCondition()
 }
 
 // doSyncConfigSource checkpoints and sets the store's current config to the new config or resets config,
 // depending on the `source`, and returns whether the current config in the checkpoint store was updated as a result
-func (cc *Controller) doSyncConfigSource(client clientset.Interface, source *apiv1.NodeConfigSource) (bool, string, error) {
+func (cc *Controller) doSyncConfigSource(client clientset.Interface, source *apiv1.NodeConfigSource) (bool, checkpoint.RemoteConfigSource, string, error) {
 	if source == nil {
 		utillog.Infof("Node.Spec.ConfigSource is empty, will reset current and last-known-good to defaults")
 		updated, reason, err := cc.resetConfig()
 		if err != nil {
-			return false, reason, err
+			return false, nil, reason, err
 		}
-		return updated, "", nil
+		return updated, nil, "", nil
 	}
 
 	// if the NodeConfigSource is non-nil, download the config
 	utillog.Infof("Node.Spec.ConfigSource is non-empty, will checkpoint source and update config if necessary")
 	remote, reason, err := checkpoint.NewRemoteConfigSource(source)
 	if err != nil {
-		return false, reason, err
+		return false, nil, reason, err
 	}
 	reason, err = cc.checkpointConfigSource(client, remote)
 	if err != nil {
-		return false, reason, err
+		return false, nil, reason, err
 	}
 	updated, reason, err := cc.setCurrentConfig(remote)
 	if err != nil {
-		return false, reason, err
+		return false, nil, reason, err
 	}
-	return updated, "", nil
+	return updated, remote, "", nil
 }
 
 // checkpointConfigSource downloads and checkpoints the object referred to by `source` if the checkpoint does not already exist,
@@ -115,7 +139,7 @@ func (cc *Controller) checkpointConfigSource(client clientset.Interface, source
 
 	// if the checkpoint already exists, skip downloading
 	if ok, err := cc.checkpointStore.Exists(uid); err != nil {
-		reason := fmt.Sprintf(status.FailSyncReasonCheckpointExistenceFmt, uid)
+		reason := fmt.Sprintf(status.FailSyncReasonCheckpointExistenceFmt, source.APIPath(), uid)
 		return reason, fmt.Errorf("%s, error: %v", reason, err)
 	} else if ok {
 		utillog.Infof("checkpoint already exists for object with UID %q, skipping download", uid)
@@ -131,7 +155,7 @@ func (cc *Controller) checkpointConfigSource(client clientset.Interface, source
 	// save
 	err = cc.checkpointStore.Save(checkpoint)
 	if err != nil {
-		reason := fmt.Sprintf(status.FailSyncReasonSaveCheckpointFmt, checkpoint.UID())
+		reason := fmt.Sprintf(status.FailSyncReasonSaveCheckpointFmt, source.APIPath(), checkpoint.UID())
 		return reason, fmt.Errorf("%s, error: %v", reason, err)
 	}
 
@@ -144,9 +168,9 @@ func (cc *Controller) setCurrentConfig(source checkpoint.RemoteConfigSource) (bo
 	updated, err := cc.checkpointStore.SetCurrentUpdated(source)
 	if err != nil {
 		if source == nil {
-			return false, status.FailSyncReasonSetCurrentDefault, err
+			return false, status.FailSyncReasonSetCurrentLocal, err
 		}
-		return false, fmt.Sprintf(status.FailSyncReasonSetCurrentUIDFmt, source.UID()), err
+		return false, fmt.Sprintf(status.FailSyncReasonSetCurrentUIDFmt, source.APIPath(), source.UID()), err
 	}
 	return updated, "", nil
 }
@@ -181,3 +205,43 @@ func latestNode(store cache.Store, nodeName string) (*apiv1.Node, error) {
 	}
 	return node, nil
 }
+
+// eventf constructs and returns an event containing a formatted message
+// similar to k8s.io/client-go/tools/record/event.go
+func eventf(nodeName, eventType, reason, messageFmt string, args ...interface{}) *apiv1.Event {
+	return makeEvent(nodeName, eventType, reason, fmt.Sprintf(messageFmt, args...))
+}
+
+// makeEvent constructs an event
+// similar to makeEvent in k8s.io/client-go/tools/record/event.go
+func makeEvent(nodeName, eventtype, reason, message string) *apiv1.Event {
+	const componentKubelet = "kubelet"
+	// NOTE(mtaufen): This is consistent with pkg/kubelet/kubelet.go. Even though setting the node
+	// name as the UID looks strange, it appears to be conventional for events sent by the Kubelet.
+	ref := apiv1.ObjectReference{
+		Kind:      "Node",
+		Name:      nodeName,
+		UID:       types.UID(nodeName),
+		Namespace: "",
+	}
+
+	t := metav1.Time{Time: time.Now()}
+	namespace := ref.Namespace
+	if namespace == "" {
+		namespace = metav1.NamespaceDefault
+	}
+	return &apiv1.Event{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      fmt.Sprintf("%v.%x", ref.Name, t.UnixNano()),
+			Namespace: namespace,
+		},
+		InvolvedObject: ref,
+		Reason:         reason,
+		Message:        message,
+		FirstTimestamp: t,
+		LastTimestamp:  t,
+		Count:          1,
+		Type:           eventtype,
+		Source:         apiv1.EventSource{Component: componentKubelet, Host: string(nodeName)},
+	}
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/controller.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/controller.go
index 6ff4cd6b2840..352a310f45dc 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/controller.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/controller.go
@@ -24,12 +24,13 @@ import (
 	apiv1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/util/wait"
 	clientset "k8s.io/client-go/kubernetes"
+	v1core "k8s.io/client-go/kubernetes/typed/core/v1"
 	"k8s.io/client-go/tools/cache"
 	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
 	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/validation"
 
+	"k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint"
 	"k8s.io/kubernetes/pkg/kubelet/kubeletconfig/checkpoint/store"
-	"k8s.io/kubernetes/pkg/kubelet/kubeletconfig/configfiles"
 	"k8s.io/kubernetes/pkg/kubelet/kubeletconfig/status"
 	utillog "k8s.io/kubernetes/pkg/kubelet/kubeletconfig/util/log"
 	utilpanic "k8s.io/kubernetes/pkg/kubelet/kubeletconfig/util/panic"
@@ -38,34 +39,22 @@ import (
 
 const (
 	checkpointsDir = "checkpoints"
-	initConfigDir  = "init"
+	// TODO(mtaufen): We may expose this in a future API, but for the time being we use an internal default,
+	// because it is not especially clear where this should live in the API.
+	configTrialDuration = 10 * time.Minute
 )
 
-// Controller is the controller which, among other things:
-// - loads configuration from disk
-// - checkpoints configuration to disk
-// - downloads new configuration from the API server
-// - validates configuration
-// - tracks the last-known-good configuration, and rolls-back to last-known-good when necessary
+// Controller manages syncing dynamic Kubelet configurations
 // For more information, see the proposal: https://github.com/kubernetes/community/blob/master/contributors/design-proposals/node/dynamic-kubelet-configuration.md
 type Controller struct {
-	// dynamicConfig, if true, indicates that we should sync config from the API server
-	dynamicConfig bool
-
 	// defaultConfig is the configuration to use if no initConfig is provided
 	defaultConfig *kubeletconfig.KubeletConfiguration
 
-	// initConfig is the unmarshaled init config, this will be loaded by the Controller if an initConfigDir is provided
-	initConfig *kubeletconfig.KubeletConfiguration
-
-	// initLoader is for loading the Kubelet's init configuration files from disk
-	initLoader configfiles.Loader
-
 	// pendingConfigSource; write to this channel to indicate that the config source needs to be synced from the API server
 	pendingConfigSource chan bool
 
-	// configOK manages the ConfigOK condition that is reported in Node.Status.Conditions
-	configOK status.ConfigOKCondition
+	// configOk manages the KubeletConfigOk condition that is reported in Node.Status.Conditions
+	configOk status.ConfigOkCondition
 
 	// informer is the informer that watches the Node object
 	informer cache.SharedInformer
@@ -75,37 +64,14 @@ type Controller struct {
 }
 
 // NewController constructs a new Controller object and returns it. Directory paths must be absolute.
-// If the `initConfigDir` is an empty string, skips trying to load the init config.
-// If the `dynamicConfigDir` is an empty string, skips trying to load checkpoints or download new config,
-// but will still sync the ConfigOK condition if you call StartSync with a non-nil client.
-func NewController(defaultConfig *kubeletconfig.KubeletConfiguration,
-	initConfigDir string,
-	dynamicConfigDir string) (*Controller, error) {
-	var err error
-
-	fs := utilfs.DefaultFs{}
-
-	var initLoader configfiles.Loader
-	if len(initConfigDir) > 0 {
-		initLoader, err = configfiles.NewFsLoader(fs, initConfigDir)
-		if err != nil {
-			return nil, err
-		}
-	}
-	dynamicConfig := false
-	if len(dynamicConfigDir) > 0 {
-		dynamicConfig = true
-	}
-
+func NewController(defaultConfig *kubeletconfig.KubeletConfiguration, dynamicConfigDir string) *Controller {
 	return &Controller{
-		dynamicConfig: dynamicConfig,
 		defaultConfig: defaultConfig,
 		// channels must have capacity at least 1, since we signal with non-blocking writes
 		pendingConfigSource: make(chan bool, 1),
-		configOK:            status.NewConfigOKCondition(),
-		checkpointStore:     store.NewFsStore(fs, filepath.Join(dynamicConfigDir, checkpointsDir)),
-		initLoader:          initLoader,
-	}, nil
+		configOk:            status.NewConfigOkCondition(),
+		checkpointStore:     store.NewFsStore(utilfs.DefaultFs{}, filepath.Join(dynamicConfigDir, checkpointsDir)),
+	}
 }
 
 // Bootstrap attempts to return a valid KubeletConfiguration based on the configuration of the Controller,
@@ -113,95 +79,65 @@ func NewController(defaultConfig *kubeletconfig.KubeletConfiguration,
 func (cc *Controller) Bootstrap() (*kubeletconfig.KubeletConfiguration, error) {
 	utillog.Infof("starting controller")
 
-	// ALWAYS validate the local (default and init) configs. This makes incorrectly provisioned nodes an error.
-	// These must be valid because they are the foundational last-known-good configs.
-	utillog.Infof("validating combination of defaults and flags")
+	// ALWAYS validate the local config. This makes incorrectly provisioned nodes an error.
+	// It must be valid because it is the default last-known-good config.
+	utillog.Infof("validating local config")
 	if err := validation.ValidateKubeletConfiguration(cc.defaultConfig); err != nil {
-		return nil, fmt.Errorf("combination of defaults and flags failed validation, error: %v", err)
+		return nil, fmt.Errorf("local config failed validation, error: %v", err)
 	}
-	// only attempt to load and validate the init config if the user provided a path
-	if cc.initLoader != nil {
-		utillog.Infof("loading init config")
-		kc, err := cc.initLoader.Load()
-		if err != nil {
-			return nil, err
-		}
-		// validate the init config
-		utillog.Infof("validating init config")
-		if err := validation.ValidateKubeletConfiguration(kc); err != nil {
-			return nil, fmt.Errorf("failed to validate the init config, error: %v", err)
-		}
-		cc.initConfig = kc
-	}
-	// Assert: the default and init configs are both valid
-
-	// if dynamic config is disabled, skip trying to load any checkpoints because they won't exist
-	if !cc.dynamicConfig {
-		return cc.localConfig(), nil
-	}
-
-	// assert: now we know that a dynamicConfigDir was provided, and we can rely on that existing
 
-	// make sure the filesystem is set up properly
-	// TODO(mtaufen): rename this to initializeDynamicConfigDir
-	if err := cc.initialize(); err != nil {
+	// ensure the filesystem is initialized
+	if err := cc.initializeDynamicConfigDir(); err != nil {
 		return nil, err
 	}
 
-	// determine UID of the current config source
-	curUID := ""
-	if curSource, err := cc.checkpointStore.Current(); err != nil {
-		return nil, err
-	} else if curSource != nil {
-		curUID = curSource.UID()
-	}
+	assigned, curSource, reason, err := cc.loadAssignedConfig(cc.defaultConfig)
+	if err == nil {
+		// set the status to indicate we will use the assigned config
+		if curSource != nil {
+			cc.configOk.Set(fmt.Sprintf(status.CurRemoteMessageFmt, curSource.APIPath()), reason, apiv1.ConditionTrue)
+		} else {
+			cc.configOk.Set(status.CurLocalMessage, reason, apiv1.ConditionTrue)
+		}
+
+		// update the last-known-good config if necessary, and start a timer that
+		// periodically checks whether the last-known good needs to be updated
+		// we only do this when the assigned config loads and passes validation
+		// wait.Forever will call the func once before starting the timer
+		go wait.Forever(func() { cc.checkTrial(configTrialDuration) }, 10*time.Second)
 
-	// if curUID indicates the local config should be used, return the correct one of those
-	if len(curUID) == 0 {
-		return cc.localConfig(), nil
-	} // Assert: we will not use the local configurations, unless we roll back to lkg; curUID is non-empty
+		return assigned, nil
+	} // Assert: the assigned config failed to load, parse, or validate
 
-	// TODO(mtaufen): consider re-verifying integrity and re-attempting download when a load/verify/parse/validate
+	// TODO(mtaufen): consider re-attempting download when a load/verify/parse/validate
 	// error happens outside trial period, we already made it past the trial so it's probably filesystem corruption
 	// or something else scary (unless someone is using a 0-length trial period)
+	// load from checkpoint
 
-	// load the current config
-	checkpoint, err := cc.checkpointStore.Load(curUID)
-	if err != nil {
-		// TODO(mtaufen): rollback for now, but this could reasonably be handled by re-attempting a download,
-		// it probably indicates some sort of corruption
-		return cc.lkgRollback(fmt.Sprintf(status.CurFailLoadReasonFmt, curUID), fmt.Sprintf("error: %v", err))
-	}
+	// log the reason and error details for the failure to load the assigned config
+	utillog.Errorf(fmt.Sprintf("%s, error: %v", reason, err))
 
-	// parse the checkpoint into a KubeletConfiguration
-	cur, err := checkpoint.Parse()
+	// load the last-known-good config
+	lkg, lkgSource, err := cc.loadLastKnownGoodConfig(cc.defaultConfig)
 	if err != nil {
-		return cc.lkgRollback(fmt.Sprintf(status.CurFailParseReasonFmt, curUID), fmt.Sprintf("error: %v", err))
-	}
-
-	// validate current config
-	if err := validation.ValidateKubeletConfiguration(cur); err != nil {
-		return cc.lkgRollback(fmt.Sprintf(status.CurFailValidateReasonFmt, curUID), fmt.Sprintf("error: %v", err))
+		return nil, err
 	}
 
-	// when the trial period is over, the current config becomes the last-known-good
-	if trial, err := cc.inTrial(cur.ConfigTrialDuration.Duration); err != nil {
-		return nil, err
-	} else if !trial {
-		if err := cc.graduateCurrentToLastKnownGood(); err != nil {
-			return nil, err
-		}
+	// set the status to indicate that we had to roll back to the lkg for the reason reported when we tried to load the assigned config
+	if lkgSource != nil {
+		cc.configOk.Set(fmt.Sprintf(status.LkgRemoteMessageFmt, lkgSource.APIPath()), reason, apiv1.ConditionFalse)
+	} else {
+		cc.configOk.Set(status.LkgLocalMessage, reason, apiv1.ConditionFalse)
 	}
 
-	// update the status to note that we will use the current config
-	cc.configOK.Set(fmt.Sprintf(status.CurRemoteMessageFmt, curUID), status.CurRemoteOKReason, apiv1.ConditionTrue)
-	return cur, nil
+	// return the last-known-good config
+	return lkg, nil
 }
 
 // StartSync launches the controller's sync loops if `client` is non-nil and `nodeName` is non-empty.
 // It will always start the Node condition reporting loop, and will also start the dynamic conifg sync loops
 // if dynamic config is enabled on the controller. If `nodeName` is empty but `client` is non-nil, an error is logged.
-func (cc *Controller) StartSync(client clientset.Interface, nodeName string) {
+func (cc *Controller) StartSync(client clientset.Interface, eventClient v1core.EventsGetter, nodeName string) {
 	if client == nil {
 		utillog.Infof("nil client, will not start sync loops")
 		return
@@ -210,56 +146,114 @@ func (cc *Controller) StartSync(client clientset.Interface, nodeName string) {
 		return
 	}
 
-	// start the ConfigOK condition sync loop
+	// start the ConfigOk condition sync loop
 	go utilpanic.HandlePanic(func() {
-		utillog.Infof("starting ConfigOK condition sync loop")
+		utillog.Infof("starting ConfigOk condition sync loop")
 		wait.JitterUntil(func() {
-			cc.configOK.Sync(client, nodeName)
+			cc.configOk.Sync(client, nodeName)
 		}, 10*time.Second, 0.2, true, wait.NeverStop)
 	})()
 
-	// only sync to new, remotely provided configurations if dynamic config was enabled
-	if cc.dynamicConfig {
-		cc.informer = newSharedNodeInformer(client, nodeName,
-			cc.onAddNodeEvent, cc.onUpdateNodeEvent, cc.onDeleteNodeEvent)
-		// start the informer loop
-		// Rather than use utilruntime.HandleCrash, which doesn't actually crash in the Kubelet,
-		// we use HandlePanic to manually call the panic handlers and then crash.
-		// We have a better chance of recovering normal operation if we just restart the Kubelet in the event
-		// of a Go runtime error.
-		go utilpanic.HandlePanic(func() {
-			utillog.Infof("starting Node informer sync loop")
-			cc.informer.Run(wait.NeverStop)
-		})()
-
-		// start the config source sync loop
-		go utilpanic.HandlePanic(func() {
-			utillog.Infof("starting config source sync loop")
-			wait.JitterUntil(func() {
-				cc.syncConfigSource(client, nodeName)
-			}, 10*time.Second, 0.2, true, wait.NeverStop)
-		})()
-	} else {
-		utillog.Infof("dynamic config not enabled, will not sync to remote config")
+	cc.informer = newSharedNodeInformer(client, nodeName,
+		cc.onAddNodeEvent, cc.onUpdateNodeEvent, cc.onDeleteNodeEvent)
+	// start the informer loop
+	// Rather than use utilruntime.HandleCrash, which doesn't actually crash in the Kubelet,
+	// we use HandlePanic to manually call the panic handlers and then crash.
+	// We have a better chance of recovering normal operation if we just restart the Kubelet in the event
+	// of a Go runtime error.
+	go utilpanic.HandlePanic(func() {
+		utillog.Infof("starting Node informer sync loop")
+		cc.informer.Run(wait.NeverStop)
+	})()
+
+	// start the config source sync loop
+	go utilpanic.HandlePanic(func() {
+		utillog.Infof("starting config source sync loop")
+		wait.JitterUntil(func() {
+			cc.syncConfigSource(client, eventClient, nodeName)
+		}, 10*time.Second, 0.2, true, wait.NeverStop)
+	})()
+
+}
+
+// loadAssignedConfig loads the Kubelet's currently assigned config,
+// based on the setting in the local checkpoint store.
+// It returns the loaded configuration, the checkpoint store's config source record,
+// a clean success or failure reason that can be reported in the status, and any error that occurs.
+// If the local config should be used, it will be returned. You should validate local before passing it to this function.
+func (cc *Controller) loadAssignedConfig(local *kubeletconfig.KubeletConfiguration) (*kubeletconfig.KubeletConfiguration, checkpoint.RemoteConfigSource, string, error) {
+	src, err := cc.checkpointStore.Current()
+	if err != nil {
+		return nil, nil, fmt.Sprintf(status.CurFailLoadReasonFmt, "unknown"), err
+	}
+	// nil source is the signal to use the local config
+	if src == nil {
+		return local, src, status.CurLocalOkayReason, nil
+	}
+	curUID := src.UID()
+	// load from checkpoint
+	checkpoint, err := cc.checkpointStore.Load(curUID)
+	if err != nil {
+		return nil, src, fmt.Sprintf(status.CurFailLoadReasonFmt, src.APIPath()), err
 	}
+	cur, err := checkpoint.Parse()
+	if err != nil {
+		return nil, src, fmt.Sprintf(status.CurFailParseReasonFmt, src.APIPath()), err
+	}
+	if err := validation.ValidateKubeletConfiguration(cur); err != nil {
+		return nil, src, fmt.Sprintf(status.CurFailValidateReasonFmt, src.APIPath()), err
+	}
+	return cur, src, status.CurRemoteOkayReason, nil
 }
 
-// initialize makes sure that the storage layers for various controller components are set up correctly
-func (cc *Controller) initialize() error {
+// loadLastKnownGoodConfig loads the Kubelet's last-known-good config,
+// based on the setting in the local checkpoint store.
+// It returns the loaded configuration, the checkpoint store's config source record,
+// and any error that occurs.
+// If the local config should be used, it will be returned. You should validate local before passing it to this function.
+func (cc *Controller) loadLastKnownGoodConfig(local *kubeletconfig.KubeletConfiguration) (*kubeletconfig.KubeletConfiguration, checkpoint.RemoteConfigSource, error) {
+	src, err := cc.checkpointStore.LastKnownGood()
+	if err != nil {
+		return nil, nil, fmt.Errorf("unable to determine last-known-good config, error: %v", err)
+	}
+	// nil source is the signal to use the local config
+	if src == nil {
+		return local, src, nil
+	}
+	lkgUID := src.UID()
+	// load from checkpoint
+	checkpoint, err := cc.checkpointStore.Load(lkgUID)
+	if err != nil {
+		return nil, src, fmt.Errorf("%s, error: %v", fmt.Sprintf(status.LkgFailLoadReasonFmt, src.APIPath()), err)
+	}
+	lkg, err := checkpoint.Parse()
+	if err != nil {
+		return nil, src, fmt.Errorf("%s, error: %v", fmt.Sprintf(status.LkgFailParseReasonFmt, src.APIPath()), err)
+	}
+	if err := validation.ValidateKubeletConfiguration(lkg); err != nil {
+		return nil, src, fmt.Errorf("%s, error: %v", fmt.Sprintf(status.LkgFailValidateReasonFmt, src.APIPath()), err)
+	}
+	return lkg, src, nil
+}
+
+// initializeDynamicConfigDir makes sure that the storage layers for various controller components are set up correctly
+func (cc *Controller) initializeDynamicConfigDir() error {
 	utillog.Infof("ensuring filesystem is set up correctly")
-	// initialize local checkpoint storage location
+	// initializeDynamicConfigDir local checkpoint storage location
 	return cc.checkpointStore.Initialize()
 }
 
-// localConfig returns the initConfig if it is loaded, otherwise returns the defaultConfig.
-// It also sets the local configOK condition to match the returned config.
-func (cc *Controller) localConfig() *kubeletconfig.KubeletConfiguration {
-	if cc.initConfig != nil {
-		cc.configOK.Set(status.CurInitMessage, status.CurInitOKReason, apiv1.ConditionTrue)
-		return cc.initConfig
+// checkTrial checks whether the trial duration has passed, and updates the last-known-good config if necessary
+func (cc *Controller) checkTrial(duration time.Duration) {
+	// when the trial period is over, the assigned config becomes the last-known-good
+	if trial, err := cc.inTrial(duration); err != nil {
+		utillog.Errorf("failed to check trial period for assigned config, error: %v", err)
+	} else if !trial {
+		utillog.Infof("assigned config passed trial period, will set as last-known-good")
+		if err := cc.graduateAssignedToLastKnownGood(); err != nil {
+			utillog.Errorf("failed to set last-known-good to assigned config, error: %v", err)
+		}
 	}
-	cc.configOK.Set(status.CurDefaultMessage, status.CurDefaultOKReason, apiv1.ConditionTrue)
-	return cc.defaultConfig
 }
 
 // inTrial returns true if the time elapsed since the last modification of the current config does not exceed `trialDur`, false otherwise
@@ -275,16 +269,16 @@ func (cc *Controller) inTrial(trialDur time.Duration) (bool, error) {
 	return false, nil
 }
 
-// graduateCurrentToLastKnownGood sets the last-known-good UID on the checkpointStore
+// graduateAssignedToLastKnownGood sets the last-known-good UID on the checkpointStore
 // to the same value as the current UID maintained by the checkpointStore
-func (cc *Controller) graduateCurrentToLastKnownGood() error {
+func (cc *Controller) graduateAssignedToLastKnownGood() error {
 	curUID, err := cc.checkpointStore.Current()
 	if err != nil {
-		return fmt.Errorf("could not graduate last-known-good config to current config, error: %v", err)
+		return err
 	}
 	err = cc.checkpointStore.SetLastKnownGood(curUID)
 	if err != nil {
-		return fmt.Errorf("could not graduate last-known-good config to current config, error: %v", err)
+		return err
 	}
 	return nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/rollback.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/rollback.go
deleted file mode 100644
index a2789566345b..000000000000
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/rollback.go
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
-Copyright 2017 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package kubeletconfig
-
-import (
-	"fmt"
-
-	apiv1 "k8s.io/api/core/v1"
-	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
-	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/validation"
-	"k8s.io/kubernetes/pkg/kubelet/kubeletconfig/status"
-	utillog "k8s.io/kubernetes/pkg/kubelet/kubeletconfig/util/log"
-)
-
-// lkgRollback returns a valid last-known-good configuration, and updates the `cc.configOK` condition
-// regarding the `reason` for the rollback, or returns an error if a valid last-known-good could not be produced
-func (cc *Controller) lkgRollback(reason, detail string) (*kubeletconfig.KubeletConfiguration, error) {
-	utillog.Errorf(fmt.Sprintf("%s, %s", reason, detail))
-
-	lkgUID := ""
-	if lkgSource, err := cc.checkpointStore.LastKnownGood(); err != nil {
-		return nil, fmt.Errorf("unable to determine last-known-good config, error: %v", err)
-	} else if lkgSource != nil {
-		lkgUID = lkgSource.UID()
-	}
-
-	// if lkgUID indicates the default should be used, return initConfig or defaultConfig
-	if len(lkgUID) == 0 {
-		if cc.initConfig != nil {
-			cc.configOK.Set(status.LkgInitMessage, reason, apiv1.ConditionFalse)
-			return cc.initConfig, nil
-		}
-		cc.configOK.Set(status.LkgDefaultMessage, reason, apiv1.ConditionFalse)
-		return cc.defaultConfig, nil
-	}
-
-	// load
-	checkpoint, err := cc.checkpointStore.Load(lkgUID)
-	if err != nil {
-		return nil, fmt.Errorf("%s, error: %v", fmt.Sprintf(status.LkgFailLoadReasonFmt, lkgUID), err)
-	}
-
-	// parse
-	lkg, err := checkpoint.Parse()
-	if err != nil {
-		return nil, fmt.Errorf("%s, error: %v", fmt.Sprintf(status.LkgFailParseReasonFmt, lkgUID), err)
-	}
-
-	// validate
-	if err := validation.ValidateKubeletConfiguration(lkg); err != nil {
-		return nil, fmt.Errorf("%s, error: %v", fmt.Sprintf(status.LkgFailValidateReasonFmt, lkgUID), err)
-	}
-
-	cc.configOK.Set(fmt.Sprintf(status.LkgRemoteMessageFmt, lkgUID), reason, apiv1.ConditionFalse)
-	return lkg, nil
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/status/status.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/status/status.go
index b83e6891d78f..4cd5db1f7ae5 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/status/status.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/status/status.go
@@ -32,46 +32,38 @@ import (
 	utillog "k8s.io/kubernetes/pkg/kubelet/kubeletconfig/util/log"
 )
 
+// TODO(mtaufen): s/current/assigned, as this is more accurate e.g. if you are using lkg, you aren't currently using "current" :)
 const (
-	// CurDefaultMessage indicates the Kubelet is using it's current config, which is the default
-	CurDefaultMessage = "using current (default)"
-	// LkgDefaultMessage indicates the Kubelet is using it's last-known-good config, which is the default
-	LkgDefaultMessage = "using last-known-good (default)"
-
-	// CurInitMessage indicates the Kubelet is using it's current config, which is from the init config files
-	CurInitMessage = "using current (init)"
-	// LkgInitMessage indicates the Kubelet is using it's last-known-good config, which is from the init config files
-	LkgInitMessage = "using last-known-good (init)"
-
-	// CurRemoteMessageFmt indicates the Kubelet is usin it's current config, which is from an API source
-	CurRemoteMessageFmt = "using current (UID: %q)"
-	// LkgRemoteMessageFmt indicates the Kubelet is using it's last-known-good config, which is from an API source
-	LkgRemoteMessageFmt = "using last-known-good (UID: %q)"
-
-	// CurDefaultOKReason indicates that no init config files were provided
-	CurDefaultOKReason = "current is set to the local default, and no init config was provided"
-	// CurInitOKReason indicates that init config files were provided
-	CurInitOKReason = "current is set to the local default, and an init config was provided"
-	// CurRemoteOKReason indicates that the config referenced by Node.ConfigSource is currently passing all checks
-	CurRemoteOKReason = "passing all checks"
+	// CurLocalMessage indicates that the Kubelet is using its local config, which consists of defaults, flags, and/or local files
+	CurLocalMessage = "using current: local"
+	// LkgLocalMessage indicates that the Kubelet is using its local config, which consists of defaults, flags, and/or local files
+	LkgLocalMessage = "using last-known-good: local"
+
+	// CurRemoteMessageFmt indicates the Kubelet is using its current config, which is from an API source
+	CurRemoteMessageFmt = "using current: %s"
+	// LkgRemoteMessageFmt indicates the Kubelet is using its last-known-good config, which is from an API source
+	LkgRemoteMessageFmt = "using last-known-good: %s"
+
+	// CurLocalOkayReason indicates that the Kubelet is using its local config
+	CurLocalOkayReason = "when the config source is nil, the Kubelet uses its local config"
+	// CurRemoteOkayReason indicates that the config referenced by Node.ConfigSource is currently passing all checks
+	CurRemoteOkayReason = "passing all checks"
 
 	// CurFailLoadReasonFmt indicates that the Kubelet failed to load the current config checkpoint for an API source
-	CurFailLoadReasonFmt = "failed to load current (UID: %q)"
+	CurFailLoadReasonFmt = "failed to load current: %s"
 	// CurFailParseReasonFmt indicates that the Kubelet failed to parse the current config checkpoint for an API source
-	CurFailParseReasonFmt = "failed to parse current (UID: %q)"
+	CurFailParseReasonFmt = "failed to parse current: %s"
 	// CurFailValidateReasonFmt indicates that the Kubelet failed to validate the current config checkpoint for an API source
-	CurFailValidateReasonFmt = "failed to validate current (UID: %q)"
-	// CurFailCrashLoopReasonFmt indicates that the Kubelet experienced a crash loop while using the current config checkpoint for an API source
-	CurFailCrashLoopReasonFmt = "current failed trial period due to crash loop (UID: %q)"
+	CurFailValidateReasonFmt = "failed to validate current: %s"
 
 	// LkgFail*ReasonFmt reasons are currently used to print errors in the Kubelet log, but do not appear in Node.Status.Conditions
 
 	// LkgFailLoadReasonFmt indicates that the Kubelet failed to load the last-known-good config checkpoint for an API source
-	LkgFailLoadReasonFmt = "failed to load last-known-good (UID: %q)"
+	LkgFailLoadReasonFmt = "failed to load last-known-good: %s"
 	// LkgFailParseReasonFmt indicates that the Kubelet failed to parse the last-known-good config checkpoint for an API source
-	LkgFailParseReasonFmt = "failed to parse last-known-good (UID: %q)"
+	LkgFailParseReasonFmt = "failed to parse last-known-good: %s"
 	// LkgFailValidateReasonFmt indicates that the Kubelet failed to validate the last-known-good config checkpoint for an API source
-	LkgFailValidateReasonFmt = "failed to validate last-known-good (UID: %q)"
+	LkgFailValidateReasonFmt = "failed to validate last-known-good: %s"
 
 	// FailSyncReasonFmt is used when the system couldn't sync the config, due to a malformed Node.Spec.ConfigSource, a download failure, etc.
 	FailSyncReasonFmt = "failed to sync, reason: %s"
@@ -81,21 +73,21 @@ const (
 	FailSyncReasonPartialObjectReference = "invalid ObjectReference, all of UID, Name, and Namespace must be specified"
 	// FailSyncReasonUIDMismatchFmt is used when there is a UID mismatch between the referenced and downloaded ConfigMaps,
 	// this can happen because objects must be downloaded by namespace/name, rather than by UID
-	FailSyncReasonUIDMismatchFmt = "invalid ObjectReference, UID %q does not match UID of downloaded ConfigMap %q"
+	FailSyncReasonUIDMismatchFmt = "invalid ConfigSource.ConfigMapRef.UID: %s does not match %s.UID: %s"
 	// FailSyncReasonDownloadFmt is used when the download fails, e.g. due to network issues
-	FailSyncReasonDownloadFmt = "failed to download ConfigMap with name %q from namespace %q"
+	FailSyncReasonDownloadFmt = "failed to download: %s"
 	// FailSyncReasonInformer is used when the informer fails to report the Node object
 	FailSyncReasonInformer = "failed to read Node from informer object cache"
 	// FailSyncReasonReset is used when we can't reset the local configuration references, e.g. due to filesystem issues
-	FailSyncReasonReset = "failed to reset to local (default or init) config"
+	FailSyncReasonReset = "failed to reset to local config"
 	// FailSyncReasonCheckpointExistenceFmt is used when we can't determine if a checkpoint already exists, e.g. due to filesystem issues
-	FailSyncReasonCheckpointExistenceFmt = "failed to determine whether object with UID %q was already checkpointed"
+	FailSyncReasonCheckpointExistenceFmt = "failed to determine whether object %s with UID %s was already checkpointed"
 	// FailSyncReasonSaveCheckpointFmt is used when we can't save a checkpoint, e.g. due to filesystem issues
-	FailSyncReasonSaveCheckpointFmt = "failed to save config checkpoint for object with UID %q"
+	FailSyncReasonSaveCheckpointFmt = "failed to save config checkpoint for object %s with UID %s"
 	// FailSyncReasonSetCurrentDefault is used when we can't set the current config checkpoint to the local default, e.g. due to filesystem issues
-	FailSyncReasonSetCurrentDefault = "failed to set current config checkpoint to default"
+	FailSyncReasonSetCurrentLocal = "failed to set current config checkpoint to local config"
 	// FailSyncReasonSetCurrentUIDFmt is used when we can't set the current config checkpoint to a checkpointed object, e.g. due to filesystem issues
-	FailSyncReasonSetCurrentUIDFmt = "failed to set current config checkpoint to object with UID %q"
+	FailSyncReasonSetCurrentUIDFmt = "failed to set current config checkpoint to object %s with UID %s"
 
 	// EmptyMessage is a placeholder in the case that we accidentally set the condition's message to the empty string.
 	// Doing so can result in a partial patch, and thus a confusing status; this makes it clear that the message was not provided.
@@ -105,8 +97,8 @@ const (
 	EmptyReason = "unknown - reason not provided"
 )
 
-// ConfigOKCondition represents a ConfigOK NodeCondition
-type ConfigOKCondition interface {
+// ConfigOkCondition represents a ConfigOk NodeCondition
+type ConfigOkCondition interface {
 	// Set sets the Message, Reason, and Status of the condition
 	Set(message, reason string, status apiv1.ConditionStatus)
 	// SetFailSyncCondition sets the condition for when syncing Kubelet config fails
@@ -117,61 +109,68 @@ type ConfigOKCondition interface {
 	Sync(client clientset.Interface, nodeName string)
 }
 
-// configOKCondition implements ConfigOKCondition
-type configOKCondition struct {
+// configOkCondition implements ConfigOkCondition
+type configOkCondition struct {
 	// conditionMux is a mutex on the condition, alternate between setting and syncing the condition
 	conditionMux sync.Mutex
-	// condition is the current ConfigOK node condition, which will be reported in the Node.status.conditions
-	condition *apiv1.NodeCondition
+	// message will appear as the condition's message
+	message string
+	// reason will appear as the condition's reason
+	reason string
+	// status will appear as the condition's status
+	status apiv1.ConditionStatus
 	// failedSyncReason is sent in place of the usual reason when the Kubelet is failing to sync the remote config
 	failedSyncReason string
-	// pendingCondition; write to this channel to indicate that ConfigOK needs to be synced to the API server
+	// pendingCondition; write to this channel to indicate that ConfigOk needs to be synced to the API server
 	pendingCondition chan bool
 }
 
-// NewConfigOKCondition returns a new ConfigOKCondition
-func NewConfigOKCondition() ConfigOKCondition {
-	return &configOKCondition{
+// NewConfigOkCondition returns a new ConfigOkCondition
+func NewConfigOkCondition() ConfigOkCondition {
+	return &configOkCondition{
+		message: EmptyMessage,
+		reason:  EmptyReason,
+		status:  apiv1.ConditionUnknown,
 		// channels must have capacity at least 1, since we signal with non-blocking writes
 		pendingCondition: make(chan bool, 1),
 	}
 }
 
 // unsafeSet sets the current state of the condition
-// it does not grab the conditionMux lock, so you should generally use setConfigOK unless you need to grab the lock
+// it does not grab the conditionMux lock, so you should generally use setConfigOk unless you need to grab the lock
 // at a higher level to synchronize additional operations
-func (c *configOKCondition) unsafeSet(message, reason string, status apiv1.ConditionStatus) {
+func (c *configOkCondition) unsafeSet(message, reason string, status apiv1.ConditionStatus) {
 	// We avoid an empty Message, Reason, or Status on the condition. Since we use Patch to update conditions, an empty
 	// field might cause a value from a previous condition to leak through, which can be very confusing.
+
+	// message
 	if len(message) == 0 {
 		message = EmptyMessage
 	}
+	c.message = message
+	// reason
 	if len(reason) == 0 {
 		reason = EmptyReason
 	}
+	c.reason = reason
+	// status
 	if len(string(status)) == 0 {
 		status = apiv1.ConditionUnknown
 	}
-
-	c.condition = &apiv1.NodeCondition{
-		Message: message,
-		Reason:  reason,
-		Status:  status,
-		Type:    apiv1.NodeConfigOK,
-	}
-
+	c.status = status
+	// always poke worker after update
 	c.pokeSyncWorker()
 }
 
-func (c *configOKCondition) Set(message, reason string, status apiv1.ConditionStatus) {
+func (c *configOkCondition) Set(message, reason string, status apiv1.ConditionStatus) {
 	c.conditionMux.Lock()
 	defer c.conditionMux.Unlock()
 	c.unsafeSet(message, reason, status)
 }
 
-// SetFailSyncCondition updates the ConfigOK status to reflect that we failed to sync to the latest config,
+// SetFailSyncCondition updates the ConfigOk status to reflect that we failed to sync to the latest config,
 // e.g. due to a malformed Node.Spec.ConfigSource, a download failure, etc.
-func (c *configOKCondition) SetFailSyncCondition(reason string) {
+func (c *configOkCondition) SetFailSyncCondition(reason string) {
 	c.conditionMux.Lock()
 	defer c.conditionMux.Unlock()
 	// set the reason overlay and poke the sync worker to send the update
@@ -180,7 +179,7 @@ func (c *configOKCondition) SetFailSyncCondition(reason string) {
 }
 
 // ClearFailSyncCondition removes the "failed to sync" reason overlay
-func (c *configOKCondition) ClearFailSyncCondition() {
+func (c *configOkCondition) ClearFailSyncCondition() {
 	c.conditionMux.Lock()
 	defer c.conditionMux.Unlock()
 	// clear the reason overlay and poke the sync worker to send the update
@@ -188,8 +187,8 @@ func (c *configOKCondition) ClearFailSyncCondition() {
 	c.pokeSyncWorker()
 }
 
-// pokeSyncWorker notes that the ConfigOK condition needs to be synced to the API server
-func (c *configOKCondition) pokeSyncWorker() {
+// pokeSyncWorker notes that the ConfigOk condition needs to be synced to the API server
+func (c *configOkCondition) pokeSyncWorker() {
 	select {
 	case c.pendingCondition <- true:
 	default:
@@ -198,7 +197,7 @@ func (c *configOKCondition) pokeSyncWorker() {
 
 // Sync attempts to sync `c.condition` with the Node object for this Kubelet,
 // if syncing fails, an error is logged, and work is queued for retry.
-func (c *configOKCondition) Sync(client clientset.Interface, nodeName string) {
+func (c *configOkCondition) Sync(client clientset.Interface, nodeName string) {
 	select {
 	case <-c.pendingCondition:
 	default:
@@ -219,41 +218,39 @@ func (c *configOKCondition) Sync(client clientset.Interface, nodeName string) {
 		}
 	}()
 
-	if c.condition == nil {
-		utillog.Infof("ConfigOK condition is nil, skipping ConfigOK sync")
-		return
-	}
-
 	// get the Node so we can check the current condition
 	node, err := client.CoreV1().Nodes().Get(nodeName, metav1.GetOptions{})
 	if err != nil {
-		err = fmt.Errorf("could not get Node %q, will not sync ConfigOK condition, error: %v", nodeName, err)
+		err = fmt.Errorf("could not get Node %q, will not sync ConfigOk condition, error: %v", nodeName, err)
 		return
 	}
 
+	// construct the node condition
+	condition := &apiv1.NodeCondition{
+		Type:    apiv1.NodeKubeletConfigOk,
+		Message: c.message,
+		Reason:  c.reason,
+		Status:  c.status,
+	}
+
+	// overlay failed sync reason, if necessary
+	if len(c.failedSyncReason) > 0 {
+		condition.Reason = c.failedSyncReason
+		condition.Status = apiv1.ConditionFalse
+	}
+
 	// set timestamps
 	syncTime := metav1.NewTime(time.Now())
-	c.condition.LastHeartbeatTime = syncTime
-	if remote := getConfigOK(node.Status.Conditions); remote == nil || !utilequal.ConfigOKEq(remote, c.condition) {
+	condition.LastHeartbeatTime = syncTime
+	if remote := getKubeletConfigOk(node.Status.Conditions); remote == nil || !utilequal.KubeletConfigOkEq(remote, condition) {
 		// update transition time the first time we create the condition,
 		// or if we are semantically changing the condition
-		c.condition.LastTransitionTime = syncTime
+		condition.LastTransitionTime = syncTime
 	} else {
 		// since the conditions are semantically equal, use lastTransitionTime from the condition currently on the Node
 		// we need to do this because the field will always be represented in the patch generated below, and this copy
 		// prevents nullifying the field during the patch operation
-		c.condition.LastTransitionTime = remote.LastTransitionTime
-	}
-
-	// overlay the failedSyncReason if necessary
-	var condition *apiv1.NodeCondition
-	if len(c.failedSyncReason) > 0 {
-		// get a copy of the condition before we add the overlay
-		condition = c.condition.DeepCopy()
-		condition.Reason = c.failedSyncReason
-		condition.Status = apiv1.ConditionFalse
-	} else {
-		condition = c.condition
+		condition.LastTransitionTime = remote.LastTransitionTime
 	}
 
 	// generate the patch
@@ -277,7 +274,7 @@ func (c *configOKCondition) Sync(client clientset.Interface, nodeName string) {
 		return
 	}
 
-	patchConfigOK(node, condition)
+	patchConfigOk(node, condition)
 	after, err := kuberuntime.Encode(encoder, node)
 	if err != nil {
 		err = fmt.Errorf(`failed to encode "after" node while generating patch, error: %v`, err)
@@ -286,36 +283,36 @@ func (c *configOKCondition) Sync(client clientset.Interface, nodeName string) {
 
 	patch, err := strategicpatch.CreateTwoWayMergePatch(before, after, apiv1.Node{})
 	if err != nil {
-		err = fmt.Errorf("failed to generate patch for updating ConfigOK condition, error: %v", err)
+		err = fmt.Errorf("failed to generate patch for updating ConfigOk condition, error: %v", err)
 		return
 	}
 
 	// patch the remote Node object
 	_, err = client.CoreV1().Nodes().PatchStatus(nodeName, patch)
 	if err != nil {
-		err = fmt.Errorf("could not update ConfigOK condition, error: %v", err)
+		err = fmt.Errorf("could not update ConfigOk condition, error: %v", err)
 		return
 	}
 }
 
-// patchConfigOK replaces or adds the ConfigOK condition to the node
-func patchConfigOK(node *apiv1.Node, configOK *apiv1.NodeCondition) {
+// patchConfigOk replaces or adds the ConfigOk condition to the node
+func patchConfigOk(node *apiv1.Node, configOk *apiv1.NodeCondition) {
 	for i := range node.Status.Conditions {
-		if node.Status.Conditions[i].Type == apiv1.NodeConfigOK {
+		if node.Status.Conditions[i].Type == apiv1.NodeKubeletConfigOk {
 			// edit the condition
-			node.Status.Conditions[i] = *configOK
+			node.Status.Conditions[i] = *configOk
 			return
 		}
 	}
 	// append the condition
-	node.Status.Conditions = append(node.Status.Conditions, *configOK)
+	node.Status.Conditions = append(node.Status.Conditions, *configOk)
 }
 
-// getConfigOK returns the first NodeCondition in `cs` with Type == apiv1.NodeConfigOK,
+// getKubeletConfigOk returns the first NodeCondition in `cs` with Type == apiv1.NodeKubeletConfigOk,
 // or if no such condition exists, returns nil.
-func getConfigOK(cs []apiv1.NodeCondition) *apiv1.NodeCondition {
+func getKubeletConfigOk(cs []apiv1.NodeCondition) *apiv1.NodeCondition {
 	for i := range cs {
-		if cs[i].Type == apiv1.NodeConfigOK {
+		if cs[i].Type == apiv1.NodeKubeletConfigOk {
 			return &cs[i]
 		}
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/util/equal/equal.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/util/equal/equal.go
index ffd12cf6a49b..5a59edb94b1f 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/util/equal/equal.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/util/equal/equal.go
@@ -30,7 +30,7 @@ func ConfigSourceEq(a, b *apiv1.NodeConfigSource) bool {
 	if a.ConfigMapRef != b.ConfigMapRef {
 		return ObjectRefEq(a.ConfigMapRef, b.ConfigMapRef)
 	}
-	// all internal subfields of the config soruce are equal
+	// all internal subfields of the config source are equal
 	return true
 }
 
@@ -45,7 +45,7 @@ func ObjectRefEq(a, b *apiv1.ObjectReference) bool {
 	return a.UID == b.UID && a.Namespace == b.Namespace && a.Name == b.Name
 }
 
-// ConfigOKEq returns true if the two conditions are semantically equivalent in the context of dynamic config
-func ConfigOKEq(a, b *apiv1.NodeCondition) bool {
+// KubeletConfigOkEq returns true if the two conditions are semantically equivalent in the context of dynamic config
+func KubeletConfigOkEq(a, b *apiv1.NodeCondition) bool {
 	return a.Message == b.Message && a.Reason == b.Reason && a.Status == b.Status
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/watch.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/watch.go
index ecc255b962f6..8c02e3c9a828 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/watch.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubeletconfig/watch.go
@@ -103,7 +103,7 @@ func (cc *Controller) onUpdateNodeEvent(oldObj interface{}, newObj interface{})
 // if an unexpected DeletedFinalStateUnknown was received.
 // We allow the sync-loop to continue, because it is possible that the Kubelet detected
 // a Node with unexpected externalID and is attempting to delete and re-create the Node
-// (see pkg/kubelet/kubelet_node_status.go), or that someone accidently deleted the Node
+// (see pkg/kubelet/kubelet_node_status.go), or that someone accidentally deleted the Node
 // (the Kubelet will re-create it).
 func (cc *Controller) onDeleteNodeEvent(deletedObj interface{}) {
 	node, ok := deletedObj.(*apiv1.Node)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/BUILD
index e46a4dcc4121..7fc904d311a1 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/BUILD
@@ -22,14 +22,62 @@ go_library(
         "labels.go",
         "legacy.go",
         "security_context.go",
-    ],
+    ] + select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "helpers_unsupported.go",
+            "kuberuntime_container_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "helpers_unsupported.go",
+            "kuberuntime_container_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "helpers_unsupported.go",
+            "kuberuntime_container_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "helpers_unsupported.go",
+            "kuberuntime_container_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "helpers_linux.go",
+            "kuberuntime_container_linux.go",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "helpers_unsupported.go",
+            "kuberuntime_container_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "helpers_unsupported.go",
+            "kuberuntime_container_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "helpers_unsupported.go",
+            "kuberuntime_container_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "helpers_unsupported.go",
+            "kuberuntime_container_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "helpers_unsupported.go",
+            "kuberuntime_container_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "helpers_windows.go",
+            "kuberuntime_container_windows.go",
+        ],
+        "//conditions:default": [],
+    }),
     importpath = "k8s.io/kubernetes/pkg/kubelet/kuberuntime",
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core/v1/helper:go_default_library",
         "//pkg/credentialprovider:go_default_library",
+        "//pkg/credentialprovider/secrets:go_default_library",
+        "//pkg/features:go_default_library",
         "//pkg/kubelet/apis/cri:go_default_library",
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//pkg/kubelet/cm:go_default_library",
         "//pkg/kubelet/container:go_default_library",
         "//pkg/kubelet/events:go_default_library",
@@ -38,7 +86,6 @@ go_library(
         "//pkg/kubelet/lifecycle:go_default_library",
         "//pkg/kubelet/metrics:go_default_library",
         "//pkg/kubelet/prober/results:go_default_library",
-        "//pkg/kubelet/qos:go_default_library",
         "//pkg/kubelet/types:go_default_library",
         "//pkg/kubelet/util/cache:go_default_library",
         "//pkg/kubelet/util/format:go_default_library",
@@ -58,10 +105,20 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/client-go/tools/record:go_default_library",
         "//vendor/k8s.io/client-go/tools/reference:go_default_library",
         "//vendor/k8s.io/client-go/util/flowcontrol:go_default_library",
-    ],
+    ] + select({
+        "@io_bazel_rules_go//go/platform:linux": [
+            "//pkg/kubelet/qos:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "//pkg/kubelet/apis:go_default_library",
+            "//vendor/github.com/docker/docker/pkg/sysinfo:go_default_library",
+        ],
+        "//conditions:default": [],
+    }),
 )
 
 go_test(
@@ -77,13 +134,18 @@ go_test(
         "labels_test.go",
         "legacy_test.go",
         "security_context_test.go",
-    ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/kuberuntime",
-    library = ":go_default_library",
+    ] + select({
+        "@io_bazel_rules_go//go/platform:linux": [
+            "kuberuntime_container_linux_test.go",
+        ],
+        "//conditions:default": [],
+    }),
+    embed = [":go_default_library"],
     deps = [
         "//pkg/credentialprovider:go_default_library",
+        "//pkg/features:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//pkg/kubelet/apis/cri/testing:go_default_library",
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
         "//pkg/kubelet/container:go_default_library",
         "//pkg/kubelet/container/testing:go_default_library",
         "//pkg/kubelet/lifecycle:go_default_library",
@@ -98,6 +160,8 @@ go_test(
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature/testing:go_default_library",
         "//vendor/k8s.io/client-go/util/flowcontrol:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/helpers.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/helpers.go
index d1ee8de3f982..a1e6119a2a95 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/helpers.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/helpers.go
@@ -25,22 +25,13 @@ import (
 	"github.com/golang/glog"
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
+	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	"k8s.io/kubernetes/pkg/features"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 )
 
-const (
-	// Taken from lmctfy https://github.com/google/lmctfy/blob/master/lmctfy/controllers/cpu_controller.cc
-	minShares     = 2
-	sharesPerCPU  = 1024
-	milliCPUToCPU = 1000
-
-	// 100000 is equivalent to 100ms
-	quotaPeriod    = 100 * minQuotaPeriod
-	minQuotaPeriod = 1000
-)
-
 type podsByID []*kubecontainer.Pod
 
 func (b podsByID) Len() int           { return len(b) }
@@ -158,45 +149,6 @@ func isContainerFailed(status *kubecontainer.ContainerStatus) bool {
 	return false
 }
 
-// milliCPUToShares converts milliCPU to CPU shares
-func milliCPUToShares(milliCPU int64) int64 {
-	if milliCPU == 0 {
-		// Return 2 here to really match kernel default for zero milliCPU.
-		return minShares
-	}
-	// Conceptually (milliCPU / milliCPUToCPU) * sharesPerCPU, but factored to improve rounding.
-	shares := (milliCPU * sharesPerCPU) / milliCPUToCPU
-	if shares < minShares {
-		return minShares
-	}
-	return shares
-}
-
-// milliCPUToQuota converts milliCPU to CFS quota and period values
-func milliCPUToQuota(milliCPU int64) (quota int64, period int64) {
-	// CFS quota is measured in two values:
-	//  - cfs_period_us=100ms (the amount of time to measure usage across)
-	//  - cfs_quota=20ms (the amount of cpu time allowed to be used across a period)
-	// so in the above example, you are limited to 20% of a single CPU
-	// for multi-cpu environments, you just scale equivalent amounts
-	if milliCPU == 0 {
-		return
-	}
-
-	// we set the period to 100ms by default
-	period = quotaPeriod
-
-	// we then convert your milliCPU to a value normalized over a period
-	quota = (milliCPU * quotaPeriod) / milliCPUToCPU
-
-	// quota needs to be a minimum of 1ms.
-	if quota < minQuotaPeriod {
-		quota = minQuotaPeriod
-	}
-
-	return
-}
-
 // getStableKey generates a key (string) to uniquely identify a
 // (pod, container) tuple. The key should include the content of the
 // container, so that any change to the container generates a new key.
@@ -207,7 +159,7 @@ func getStableKey(pod *v1.Pod, container *v1.Container) string {
 
 // buildContainerLogsPath builds log path for container relative to pod logs directory.
 func buildContainerLogsPath(containerName string, restartCount int) string {
-	return fmt.Sprintf("%s_%d.log", containerName, restartCount)
+	return filepath.Join(containerName, fmt.Sprintf("%d.log", restartCount))
 }
 
 // buildFullContainerLogsPath builds absolute log path for container.
@@ -215,6 +167,11 @@ func buildFullContainerLogsPath(podUID types.UID, containerName string, restartC
 	return filepath.Join(buildPodLogsDirectory(podUID), buildContainerLogsPath(containerName, restartCount))
 }
 
+// BuildContainerLogsDirectory builds absolute log directory path for a container in pod.
+func BuildContainerLogsDirectory(podUID types.UID, containerName string) string {
+	return filepath.Join(buildPodLogsDirectory(podUID), containerName)
+}
+
 // buildPodLogsDirectory builds absolute log directory path for a pod sandbox.
 func buildPodLogsDirectory(podUID types.UID) string {
 	return filepath.Join(podLogsRootDirectory, string(podUID))
@@ -278,3 +235,40 @@ func (m *kubeGenericRuntimeManager) getSeccompProfileFromAnnotations(annotations
 
 	return profile
 }
+
+func ipcNamespaceForPod(pod *v1.Pod) runtimeapi.NamespaceMode {
+	if pod != nil && pod.Spec.HostIPC {
+		return runtimeapi.NamespaceMode_NODE
+	}
+	return runtimeapi.NamespaceMode_POD
+}
+
+func networkNamespaceForPod(pod *v1.Pod) runtimeapi.NamespaceMode {
+	if pod != nil && pod.Spec.HostNetwork {
+		return runtimeapi.NamespaceMode_NODE
+	}
+	return runtimeapi.NamespaceMode_POD
+}
+
+func pidNamespaceForPod(pod *v1.Pod) runtimeapi.NamespaceMode {
+	if pod != nil {
+		if pod.Spec.HostPID {
+			return runtimeapi.NamespaceMode_NODE
+		}
+		if utilfeature.DefaultFeatureGate.Enabled(features.PodShareProcessNamespace) && pod.Spec.ShareProcessNamespace != nil && *pod.Spec.ShareProcessNamespace {
+			return runtimeapi.NamespaceMode_POD
+		}
+	}
+	// Note that PID does not default to the zero value for v1.Pod
+	return runtimeapi.NamespaceMode_CONTAINER
+}
+
+// namespacesForPod returns the runtimeapi.NamespaceOption for a given pod.
+// An empty or nil pod can be used to get the namespace defaults for v1.Pod.
+func namespacesForPod(pod *v1.Pod) *runtimeapi.NamespaceOption {
+	return &runtimeapi.NamespaceOption{
+		Ipc:     ipcNamespaceForPod(pod),
+		Network: networkNamespaceForPod(pod),
+		Pid:     pidNamespaceForPod(pod),
+	}
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/helpers_linux.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/helpers_linux.go
new file mode 100644
index 000000000000..15abb4a08894
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/helpers_linux.go
@@ -0,0 +1,69 @@
+// +build linux
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package kuberuntime
+
+const (
+	// Taken from lmctfy https://github.com/google/lmctfy/blob/master/lmctfy/controllers/cpu_controller.cc
+	minShares     = 2
+	sharesPerCPU  = 1024
+	milliCPUToCPU = 1000
+
+	// 100000 is equivalent to 100ms
+	quotaPeriod    = 100 * minQuotaPeriod
+	minQuotaPeriod = 1000
+)
+
+// milliCPUToShares converts milliCPU to CPU shares
+func milliCPUToShares(milliCPU int64) int64 {
+	if milliCPU == 0 {
+		// Return 2 here to really match kernel default for zero milliCPU.
+		return minShares
+	}
+	// Conceptually (milliCPU / milliCPUToCPU) * sharesPerCPU, but factored to improve rounding.
+	shares := (milliCPU * sharesPerCPU) / milliCPUToCPU
+	if shares < minShares {
+		return minShares
+	}
+	return shares
+}
+
+// milliCPUToQuota converts milliCPU to CFS quota and period values
+func milliCPUToQuota(milliCPU int64) (quota int64, period int64) {
+	// CFS quota is measured in two values:
+	//  - cfs_period_us=100ms (the amount of time to measure usage across)
+	//  - cfs_quota=20ms (the amount of cpu time allowed to be used across a period)
+	// so in the above example, you are limited to 20% of a single CPU
+	// for multi-cpu environments, you just scale equivalent amounts
+	if milliCPU == 0 {
+		return
+	}
+
+	// we set the period to 100ms by default
+	period = quotaPeriod
+
+	// we then convert your milliCPU to a value normalized over a period
+	quota = (milliCPU * quotaPeriod) / milliCPUToCPU
+
+	// quota needs to be a minimum of 1ms.
+	if quota < minQuotaPeriod {
+		quota = minQuotaPeriod
+	}
+
+	return
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/helpers_unsupported.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/helpers_unsupported.go
new file mode 100644
index 000000000000..1e99c4f93176
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/helpers_unsupported.go
@@ -0,0 +1,24 @@
+// +build !linux,!windows
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package kuberuntime
+
+// milliCPUToShares converts milliCPU to CPU shares
+func milliCPUToShares(milliCPU int64) int64 {
+	return 0
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/helpers_windows.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/helpers_windows.go
new file mode 100644
index 000000000000..2009fad8d0fb
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/helpers_windows.go
@@ -0,0 +1,55 @@
+// +build windows
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package kuberuntime
+
+import (
+	"github.com/docker/docker/pkg/sysinfo"
+)
+
+const (
+	// Taken from https://docs.microsoft.com/en-us/virtualization/windowscontainers/manage-containers/resource-controls
+	minSharesProcess = 5000
+	minSharesHyperV  = 10
+	maxShares        = 10000
+	milliCPUToCPU    = 1000
+)
+
+// milliCPUToShares converts milliCPU to CPU shares
+func milliCPUToShares(milliCPU int64, hyperv bool) int64 {
+	var minShares int64 = minSharesProcess
+	if hyperv {
+		minShares = minSharesHyperV
+	}
+
+	if milliCPU == 0 {
+		// Return here to really match kernel default for zero milliCPU.
+		return minShares
+	}
+
+	// Conceptually (milliCPU / milliCPUToCPU) * sharesPerCPU, but factored to improve rounding.
+	totalCPU := sysinfo.NumCPU()
+	shares := (milliCPU * (maxShares - minShares)) / int64(totalCPU) / milliCPUToCPU
+	if shares < minShares {
+		return minShares
+	}
+	if shares > maxShares {
+		return maxShares
+	}
+	return shares
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/instrumented_services.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/instrumented_services.go
index a408f67e0ec0..8540ddb4759c 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/instrumented_services.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/instrumented_services.go
@@ -20,7 +20,7 @@ import (
 	"time"
 
 	internalapi "k8s.io/kubernetes/pkg/kubelet/apis/cri"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/kubelet/metrics"
 )
 
@@ -140,6 +140,15 @@ func (in instrumentedRuntimeService) UpdateContainerResources(containerID string
 	return err
 }
 
+func (in instrumentedRuntimeService) ReopenContainerLog(containerID string) error {
+	const operation = "reopen_container_log"
+	defer recordOperation(operation, time.Now())
+
+	err := in.service.ReopenContainerLog(containerID)
+	recordError(operation, err)
+	return err
+}
+
 func (in instrumentedRuntimeService) ExecSync(containerID string, cmd []string, timeout time.Duration) ([]byte, []byte, error) {
 	const operation = "exec_sync"
 	defer recordOperation(operation, time.Now())
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_container.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_container.go
index f0088e2a06f5..ec9f29535e31 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_container.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_container.go
@@ -39,10 +39,9 @@ import (
 	kubetypes "k8s.io/apimachinery/pkg/types"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/sets"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/kubelet/events"
-	"k8s.io/kubernetes/pkg/kubelet/qos"
 	"k8s.io/kubernetes/pkg/kubelet/types"
 	"k8s.io/kubernetes/pkg/kubelet/util/format"
 	"k8s.io/kubernetes/pkg/util/selinux"
@@ -85,7 +84,7 @@ func (m *kubeGenericRuntimeManager) recordContainerEvent(pod *v1.Pod, container
 // * create the container
 // * start the container
 // * run the post start lifecycle hooks (if applicable)
-func (m *kubeGenericRuntimeManager) startContainer(podSandboxID string, podSandboxConfig *runtimeapi.PodSandboxConfig, container *v1.Container, pod *v1.Pod, podStatus *kubecontainer.PodStatus, pullSecrets []v1.Secret, podIP string) (string, error) {
+func (m *kubeGenericRuntimeManager) startContainer(podSandboxID string, podSandboxConfig *runtimeapi.PodSandboxConfig, container *v1.Container, pod *v1.Pod, podStatus *kubecontainer.PodStatus, pullSecrets []v1.Secret, podIP string, containerType kubecontainer.ContainerType) (string, error) {
 	// Step 1: pull the image.
 	imageRef, msg, err := m.imagePuller.EnsureImageExists(pod, container, pullSecrets)
 	if err != nil {
@@ -107,7 +106,7 @@ func (m *kubeGenericRuntimeManager) startContainer(podSandboxID string, podSandb
 		restartCount = containerStatus.RestartCount + 1
 	}
 
-	containerConfig, cleanupAction, err := m.generateContainerConfig(container, pod, restartCount, podIP, imageRef)
+	containerConfig, cleanupAction, err := m.generateContainerConfig(container, pod, restartCount, podIP, imageRef, containerType)
 	if cleanupAction != nil {
 		defer cleanupAction()
 	}
@@ -169,7 +168,7 @@ func (m *kubeGenericRuntimeManager) startContainer(podSandboxID string, podSandb
 				glog.Errorf("Failed to kill container %q(id=%q) in pod %q: %v, %v",
 					container.Name, kubeContainerID.String(), format.Pod(pod), ErrPostStartHook, err)
 			}
-			return msg, ErrPostStartHook
+			return msg, fmt.Errorf("%s: %v", ErrPostStartHook, handlerErr)
 		}
 	}
 
@@ -177,7 +176,7 @@ func (m *kubeGenericRuntimeManager) startContainer(podSandboxID string, podSandb
 }
 
 // generateContainerConfig generates container config for kubelet runtime v1.
-func (m *kubeGenericRuntimeManager) generateContainerConfig(container *v1.Container, pod *v1.Pod, restartCount int, podIP, imageRef string) (*runtimeapi.ContainerConfig, func(), error) {
+func (m *kubeGenericRuntimeManager) generateContainerConfig(container *v1.Container, pod *v1.Pod, restartCount int, podIP, imageRef string, containerType kubecontainer.ContainerType) (*runtimeapi.ContainerConfig, func(), error) {
 	opts, cleanupAction, err := m.runtimeHelper.GenerateRunContainerOptions(pod, container, podIP)
 	if err != nil {
 		return nil, nil, err
@@ -194,6 +193,11 @@ func (m *kubeGenericRuntimeManager) generateContainerConfig(container *v1.Contai
 	}
 
 	command, args := kubecontainer.ExpandContainerCommandAndArgs(container, opts.Envs)
+	logDir := BuildContainerLogsDirectory(kubetypes.UID(pod.UID), container.Name)
+	err = m.osInterface.MkdirAll(logDir, 0755)
+	if err != nil {
+		return nil, cleanupAction, fmt.Errorf("create container log directory for container %s failed: %v", container.Name, err)
+	}
 	containerLogsPath := buildContainerLogsPath(container.Name, restartCount)
 	restartCountUint32 := uint32(restartCount)
 	config := &runtimeapi.ContainerConfig{
@@ -205,15 +209,19 @@ func (m *kubeGenericRuntimeManager) generateContainerConfig(container *v1.Contai
 		Command:     command,
 		Args:        args,
 		WorkingDir:  container.WorkingDir,
-		Labels:      newContainerLabels(container, pod),
-		Annotations: newContainerAnnotations(container, pod, restartCount),
+		Labels:      newContainerLabels(container, pod, containerType),
+		Annotations: newContainerAnnotations(container, pod, restartCount, opts),
 		Devices:     makeDevices(opts),
 		Mounts:      m.makeMounts(opts, container),
 		LogPath:     containerLogsPath,
 		Stdin:       container.Stdin,
 		StdinOnce:   container.StdinOnce,
 		Tty:         container.TTY,
-		Linux:       m.generateLinuxContainerConfig(container, pod, uid, username),
+	}
+
+	// set platform specific configurations.
+	if err := m.applyPlatformSpecificContainerConfig(config, container, pod, uid, username); err != nil {
+		return nil, cleanupAction, err
 	}
 
 	// set environment variables
@@ -230,49 +238,6 @@ func (m *kubeGenericRuntimeManager) generateContainerConfig(container *v1.Contai
 	return config, cleanupAction, nil
 }
 
-// generateLinuxContainerConfig generates linux container config for kubelet runtime v1.
-func (m *kubeGenericRuntimeManager) generateLinuxContainerConfig(container *v1.Container, pod *v1.Pod, uid *int64, username string) *runtimeapi.LinuxContainerConfig {
-	lc := &runtimeapi.LinuxContainerConfig{
-		Resources:       &runtimeapi.LinuxContainerResources{},
-		SecurityContext: m.determineEffectiveSecurityContext(pod, container, uid, username),
-	}
-
-	// set linux container resources
-	var cpuShares int64
-	cpuRequest := container.Resources.Requests.Cpu()
-	cpuLimit := container.Resources.Limits.Cpu()
-	memoryLimit := container.Resources.Limits.Memory().Value()
-	oomScoreAdj := int64(qos.GetContainerOOMScoreAdjust(pod, container,
-		int64(m.machineInfo.MemoryCapacity)))
-	// If request is not specified, but limit is, we want request to default to limit.
-	// API server does this for new containers, but we repeat this logic in Kubelet
-	// for containers running on existing Kubernetes clusters.
-	if cpuRequest.IsZero() && !cpuLimit.IsZero() {
-		cpuShares = milliCPUToShares(cpuLimit.MilliValue())
-	} else {
-		// if cpuRequest.Amount is nil, then milliCPUToShares will return the minimal number
-		// of CPU shares.
-		cpuShares = milliCPUToShares(cpuRequest.MilliValue())
-	}
-	lc.Resources.CpuShares = cpuShares
-	if memoryLimit != 0 {
-		lc.Resources.MemoryLimitInBytes = memoryLimit
-	}
-	// Set OOM score of the container based on qos policy. Processes in lower-priority pods should
-	// be killed first if the system runs out of memory.
-	lc.Resources.OomScoreAdj = oomScoreAdj
-
-	if m.cpuCFSQuota {
-		// if cpuLimit.Amount is nil, then the appropriate default value is returned
-		// to allow full usage of cpu resource.
-		cpuQuota, cpuPeriod := milliCPUToQuota(cpuLimit.MilliValue())
-		lc.Resources.CpuQuota = cpuQuota
-		lc.Resources.CpuPeriod = cpuPeriod
-	}
-
-	return lc
-}
-
 // makeDevices generates container devices for kubelet runtime v1.
 func makeDevices(opts *kubecontainer.RunContainerOptions) []*runtimeapi.Device {
 	devices := make([]*runtimeapi.Device, len(opts.Devices))
@@ -762,7 +727,8 @@ func findNextInitContainerToRun(pod *v1.Pod, podStatus *kubecontainer.PodStatus)
 func (m *kubeGenericRuntimeManager) GetContainerLogs(pod *v1.Pod, containerID kubecontainer.ContainerID, logOptions *v1.PodLogOptions, stdout, stderr io.Writer) (err error) {
 	status, err := m.runtimeService.ContainerStatus(containerID.ID)
 	if err != nil {
-		return fmt.Errorf("failed to get container status %q: %v", containerID, err)
+		glog.V(4).Infof("failed to get container status for %v: %v", containerID.String(), err)
+		return fmt.Errorf("Unable to retrieve container logs for %v", containerID.String())
 	}
 	labeledInfo := getContainerInfoFromLabels(status.Labels)
 	annotatedInfo := getContainerInfoFromAnnotations(status.Annotations)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_container_linux.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_container_linux.go
new file mode 100644
index 000000000000..cdac02ffb53b
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_container_linux.go
@@ -0,0 +1,74 @@
+// +build linux
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package kuberuntime
+
+import (
+	"k8s.io/api/core/v1"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
+	"k8s.io/kubernetes/pkg/kubelet/qos"
+)
+
+// applyPlatformSpecificContainerConfig applies platform specific configurations to runtimeapi.ContainerConfig.
+func (m *kubeGenericRuntimeManager) applyPlatformSpecificContainerConfig(config *runtimeapi.ContainerConfig, container *v1.Container, pod *v1.Pod, uid *int64, username string) error {
+	config.Linux = m.generateLinuxContainerConfig(container, pod, uid, username)
+	return nil
+}
+
+// generateLinuxContainerConfig generates linux container config for kubelet runtime v1.
+func (m *kubeGenericRuntimeManager) generateLinuxContainerConfig(container *v1.Container, pod *v1.Pod, uid *int64, username string) *runtimeapi.LinuxContainerConfig {
+	lc := &runtimeapi.LinuxContainerConfig{
+		Resources:       &runtimeapi.LinuxContainerResources{},
+		SecurityContext: m.determineEffectiveSecurityContext(pod, container, uid, username),
+	}
+
+	// set linux container resources
+	var cpuShares int64
+	cpuRequest := container.Resources.Requests.Cpu()
+	cpuLimit := container.Resources.Limits.Cpu()
+	memoryLimit := container.Resources.Limits.Memory().Value()
+	oomScoreAdj := int64(qos.GetContainerOOMScoreAdjust(pod, container,
+		int64(m.machineInfo.MemoryCapacity)))
+	// If request is not specified, but limit is, we want request to default to limit.
+	// API server does this for new containers, but we repeat this logic in Kubelet
+	// for containers running on existing Kubernetes clusters.
+	if cpuRequest.IsZero() && !cpuLimit.IsZero() {
+		cpuShares = milliCPUToShares(cpuLimit.MilliValue())
+	} else {
+		// if cpuRequest.Amount is nil, then milliCPUToShares will return the minimal number
+		// of CPU shares.
+		cpuShares = milliCPUToShares(cpuRequest.MilliValue())
+	}
+	lc.Resources.CpuShares = cpuShares
+	if memoryLimit != 0 {
+		lc.Resources.MemoryLimitInBytes = memoryLimit
+	}
+	// Set OOM score of the container based on qos policy. Processes in lower-priority pods should
+	// be killed first if the system runs out of memory.
+	lc.Resources.OomScoreAdj = oomScoreAdj
+
+	if m.cpuCFSQuota {
+		// if cpuLimit.Amount is nil, then the appropriate default value is returned
+		// to allow full usage of cpu resource.
+		cpuQuota, cpuPeriod := milliCPUToQuota(cpuLimit.MilliValue())
+		lc.Resources.CpuQuota = cpuQuota
+		lc.Resources.CpuPeriod = cpuPeriod
+	}
+
+	return lc
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_container_unsupported.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_container_unsupported.go
new file mode 100644
index 000000000000..0344b7d9e938
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_container_unsupported.go
@@ -0,0 +1,29 @@
+// +build !linux,!windows
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package kuberuntime
+
+import (
+	"k8s.io/api/core/v1"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
+)
+
+// applyPlatformSpecificContainerConfig applies platform specific configurations to runtimeapi.ContainerConfig.
+func (m *kubeGenericRuntimeManager) applyPlatformSpecificContainerConfig(config *runtimeapi.ContainerConfig, container *v1.Container, pod *v1.Pod, uid *int64, username string) error {
+	return nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_container_windows.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_container_windows.go
new file mode 100644
index 000000000000..6ea1928cf93c
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_container_windows.go
@@ -0,0 +1,81 @@
+// +build windows
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package kuberuntime
+
+import (
+	"github.com/docker/docker/pkg/sysinfo"
+
+	"k8s.io/api/core/v1"
+	kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
+)
+
+// applyPlatformSpecificContainerConfig applies platform specific configurations to runtimeapi.ContainerConfig.
+func (m *kubeGenericRuntimeManager) applyPlatformSpecificContainerConfig(config *runtimeapi.ContainerConfig, container *v1.Container, pod *v1.Pod, uid *int64, username string) error {
+	config.Windows = m.generateWindowsContainerConfig(container, pod, uid, username)
+	return nil
+}
+
+// generateWindowsContainerConfig generates windows container config for kubelet runtime v1.
+// Refer https://github.com/kubernetes/community/blob/master/contributors/design-proposals/node/cri-windows.md.
+func (m *kubeGenericRuntimeManager) generateWindowsContainerConfig(container *v1.Container, pod *v1.Pod, uid *int64, username string) *runtimeapi.WindowsContainerConfig {
+	wc := &runtimeapi.WindowsContainerConfig{
+		Resources: &runtimeapi.WindowsContainerResources{},
+	}
+
+	cpuRequest := container.Resources.Requests.Cpu()
+	cpuLimit := container.Resources.Limits.Cpu()
+	isolatedByHyperv := kubeletapis.ShouldIsolatedByHyperV(pod.Annotations)
+	if !cpuLimit.IsZero() {
+		// Note that sysinfo.NumCPU() is limited to 64 CPUs on Windows due to Processor Groups,
+		// as only 64 processors are available for execution by a given process. This causes
+		// some oddities on systems with more than 64 processors.
+		// Refer https://msdn.microsoft.com/en-us/library/windows/desktop/dd405503(v=vs.85).aspx.
+		cpuMaximum := 10000 * cpuLimit.MilliValue() / int64(sysinfo.NumCPU()) / 1000
+		if isolatedByHyperv {
+			cpuCount := int64(cpuLimit.MilliValue()+999) / 1000
+			wc.Resources.CpuCount = cpuCount
+
+			if cpuCount != 0 {
+				cpuMaximum = cpuLimit.MilliValue() / cpuCount * 10000 / 1000
+			}
+		}
+		// ensure cpuMaximum is in range [1, 10000].
+		if cpuMaximum < 1 {
+			cpuMaximum = 1
+		} else if cpuMaximum > 10000 {
+			cpuMaximum = 10000
+		}
+
+		wc.Resources.CpuMaximum = cpuMaximum
+	}
+
+	cpuShares := milliCPUToShares(cpuLimit.MilliValue(), isolatedByHyperv)
+	if cpuShares == 0 {
+		cpuShares = milliCPUToShares(cpuRequest.MilliValue(), isolatedByHyperv)
+	}
+	wc.Resources.CpuShares = cpuShares
+
+	memoryLimit := container.Resources.Limits.Memory().Value()
+	if memoryLimit != 0 {
+		wc.Resources.MemoryLimitInBytes = memoryLimit
+	}
+
+	return wc
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_gc.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_gc.go
index 4bf35638c398..a66a07370cbb 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_gc.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_gc.go
@@ -27,7 +27,7 @@ import (
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/sets"
 	internalapi "k8s.io/kubernetes/pkg/kubelet/apis/cri"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_image.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_image.go
index 66ca5c7145ac..a8f2c1c060be 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_image.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_image.go
@@ -21,7 +21,8 @@ import (
 	"k8s.io/api/core/v1"
 	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 	"k8s.io/kubernetes/pkg/credentialprovider"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	credentialprovidersecrets "k8s.io/kubernetes/pkg/credentialprovider/secrets"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/util/parsers"
 )
@@ -35,7 +36,7 @@ func (m *kubeGenericRuntimeManager) PullImage(image kubecontainer.ImageSpec, pul
 		return "", err
 	}
 
-	keyring, err := credentialprovider.MakeDockerKeyring(pullSecrets, m.keyring)
+	keyring, err := credentialprovidersecrets.MakeDockerKeyring(pullSecrets, m.keyring)
 	if err != nil {
 		return "", err
 	}
@@ -78,7 +79,7 @@ func (m *kubeGenericRuntimeManager) PullImage(image kubecontainer.ImageSpec, pul
 	return "", utilerrors.NewAggregate(pullErrs)
 }
 
-// GetImageRef gets the reference (digest or ID) of the image which has already been in
+// GetImageRef gets the ID of the image which has already been in
 // the local storage. It returns ("", nil) if the image isn't in the local storage.
 func (m *kubeGenericRuntimeManager) GetImageRef(image kubecontainer.ImageSpec) (string, error) {
 	status, err := m.imageService.ImageStatus(&runtimeapi.ImageSpec{Image: image.Image})
@@ -89,12 +90,7 @@ func (m *kubeGenericRuntimeManager) GetImageRef(image kubecontainer.ImageSpec) (
 	if status == nil {
 		return "", nil
 	}
-
-	imageRef := status.Id
-	if len(status.RepoDigests) > 0 {
-		imageRef = status.RepoDigests[0]
-	}
-	return imageRef, nil
+	return status.Id, nil
 }
 
 // ListImages gets all images currently on the machine.
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_manager.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_manager.go
index 06d91b7540ba..c34136b569aa 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_manager.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_manager.go
@@ -35,7 +35,7 @@ import (
 	"k8s.io/kubernetes/pkg/api/legacyscheme"
 	"k8s.io/kubernetes/pkg/credentialprovider"
 	internalapi "k8s.io/kubernetes/pkg/kubelet/apis/cri"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/kubelet/cm"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/kubelet/events"
@@ -405,8 +405,7 @@ func (m *kubeGenericRuntimeManager) podSandboxChanged(pod *v1.Pod, podStatus *ku
 	}
 
 	// Needs to create a new sandbox when network namespace changed.
-	if sandboxStatus.Linux != nil && sandboxStatus.Linux.Namespaces != nil && sandboxStatus.Linux.Namespaces.Options != nil &&
-		sandboxStatus.Linux.Namespaces.Options.HostNetwork != kubecontainer.IsHostNetworkPod(pod) {
+	if sandboxStatus.GetLinux().GetNamespaces().GetOptions().GetNetwork() != networkNamespaceForPod(pod) {
 		glog.V(2).Infof("Sandbox for pod %q has changed. Need to start a new one", format.Pod(pod))
 		return true, sandboxStatus.Metadata.Attempt + 1, ""
 	}
@@ -614,7 +613,7 @@ func (m *kubeGenericRuntimeManager) SyncPod(pod *v1.Pod, _ v1.PodStatus, podStat
 	}
 
 	// Keep terminated init containers fairly aggressively controlled
-	// This is an optmization because container removals are typically handled
+	// This is an optimization because container removals are typically handled
 	// by container garbage collector.
 	m.pruneInitContainersBeforeStart(pod, podStatus)
 
@@ -645,20 +644,20 @@ func (m *kubeGenericRuntimeManager) SyncPod(pod *v1.Pod, _ v1.PodStatus, podStat
 		if err != nil {
 			createSandboxResult.Fail(kubecontainer.ErrCreatePodSandbox, msg)
 			glog.Errorf("createPodSandbox for pod %q failed: %v", format.Pod(pod), err)
-			ref, err := ref.GetReference(legacyscheme.Scheme, pod)
-			if err != nil {
-				glog.Errorf("Couldn't make a ref to pod %q: '%v'", format.Pod(pod), err)
+			ref, referr := ref.GetReference(legacyscheme.Scheme, pod)
+			if referr != nil {
+				glog.Errorf("Couldn't make a ref to pod %q: '%v'", format.Pod(pod), referr)
 			}
-			m.recorder.Eventf(ref, v1.EventTypeWarning, events.FailedCreatePodSandBox, "Failed create pod sandbox.")
+			m.recorder.Eventf(ref, v1.EventTypeWarning, events.FailedCreatePodSandBox, "Failed create pod sandbox: %v", err)
 			return
 		}
 		glog.V(4).Infof("Created PodSandbox %q for pod %q", podSandboxID, format.Pod(pod))
 
 		podSandboxStatus, err := m.runtimeService.PodSandboxStatus(podSandboxID)
 		if err != nil {
-			ref, err := ref.GetReference(legacyscheme.Scheme, pod)
-			if err != nil {
-				glog.Errorf("Couldn't make a ref to pod %q: '%v'", format.Pod(pod), err)
+			ref, referr := ref.GetReference(legacyscheme.Scheme, pod)
+			if referr != nil {
+				glog.Errorf("Couldn't make a ref to pod %q: '%v'", format.Pod(pod), referr)
 			}
 			m.recorder.Eventf(ref, v1.EventTypeWarning, events.FailedStatusPodSandBox, "Unable to get pod sandbox status: %v", err)
 			glog.Errorf("Failed to get pod sandbox status: %v; Skipping pod %q", err, format.Pod(pod))
@@ -699,7 +698,7 @@ func (m *kubeGenericRuntimeManager) SyncPod(pod *v1.Pod, _ v1.PodStatus, podStat
 		}
 
 		glog.V(4).Infof("Creating init container %+v in pod %v", container, format.Pod(pod))
-		if msg, err := m.startContainer(podSandboxID, podSandboxConfig, container, pod, podStatus, pullSecrets, podIP); err != nil {
+		if msg, err := m.startContainer(podSandboxID, podSandboxConfig, container, pod, podStatus, pullSecrets, podIP, kubecontainer.ContainerTypeInit); err != nil {
 			startContainerResult.Fail(err, msg)
 			utilruntime.HandleError(fmt.Errorf("init container start failed: %v: %s", err, msg))
 			return
@@ -723,7 +722,7 @@ func (m *kubeGenericRuntimeManager) SyncPod(pod *v1.Pod, _ v1.PodStatus, podStat
 		}
 
 		glog.V(4).Infof("Creating container %+v in pod %v", container, format.Pod(pod))
-		if msg, err := m.startContainer(podSandboxID, podSandboxConfig, container, pod, podStatus, pullSecrets, podIP); err != nil {
+		if msg, err := m.startContainer(podSandboxID, podSandboxConfig, container, pod, podStatus, pullSecrets, podIP, kubecontainer.ContainerTypeRegular); err != nil {
 			startContainerResult.Fail(err, msg)
 			// known errors that are logged in other places are logged at higher levels here to avoid
 			// repetitive log spam
@@ -815,8 +814,8 @@ func (m *kubeGenericRuntimeManager) isHostNetwork(podSandBoxID string, pod *v1.P
 		return false, err
 	}
 
-	if nsOpts := podStatus.GetLinux().GetNamespaces().GetOptions(); nsOpts != nil {
-		return nsOpts.HostNetwork, nil
+	if podStatus.GetLinux().GetNamespaces().GetOptions().GetNetwork() == runtimeapi.NamespaceMode_NODE {
+		return true, nil
 	}
 
 	return false, nil
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_sandbox.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_sandbox.go
index 2773270e2fae..cddf3385d90a 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_sandbox.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_sandbox.go
@@ -25,7 +25,7 @@ import (
 	"github.com/golang/glog"
 	"k8s.io/api/core/v1"
 	kubetypes "k8s.io/apimachinery/pkg/types"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/kubelet/types"
 	"k8s.io/kubernetes/pkg/kubelet/util/format"
@@ -145,11 +145,7 @@ func (m *kubeGenericRuntimeManager) generatePodSandboxLinuxConfig(pod *v1.Pod) (
 		if sc.RunAsUser != nil {
 			lc.SecurityContext.RunAsUser = &runtimeapi.Int64Value{Value: int64(*sc.RunAsUser)}
 		}
-		lc.SecurityContext.NamespaceOptions = &runtimeapi.NamespaceOption{
-			HostNetwork: pod.Spec.HostNetwork,
-			HostIpc:     pod.Spec.HostIPC,
-			HostPid:     pod.Spec.HostPID,
-		}
+		lc.SecurityContext.NamespaceOptions = namespacesForPod(pod)
 
 		if sc.FSGroup != nil {
 			lc.SecurityContext.SupplementalGroups = append(lc.SecurityContext.SupplementalGroups, int64(*sc.FSGroup))
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/labels.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/labels.go
index d3da2cf8eb92..9adc0205a26d 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/labels.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/labels.go
@@ -23,6 +23,8 @@ import (
 	"github.com/golang/glog"
 	"k8s.io/api/core/v1"
 	kubetypes "k8s.io/apimachinery/pkg/types"
+	utilfeature "k8s.io/apiserver/pkg/util/feature"
+	"k8s.io/kubernetes/pkg/features"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/kubelet/types"
 	"k8s.io/kubernetes/pkg/kubelet/util/format"
@@ -56,6 +58,7 @@ type annotatedPodSandboxInfo struct {
 
 type labeledContainerInfo struct {
 	ContainerName string
+	ContainerType kubecontainer.ContainerType
 	PodName       string
 	PodNamespace  string
 	PodUID        kubetypes.UID
@@ -94,19 +97,28 @@ func newPodAnnotations(pod *v1.Pod) map[string]string {
 }
 
 // newContainerLabels creates container labels from v1.Container and v1.Pod.
-func newContainerLabels(container *v1.Container, pod *v1.Pod) map[string]string {
+func newContainerLabels(container *v1.Container, pod *v1.Pod, containerType kubecontainer.ContainerType) map[string]string {
 	labels := map[string]string{}
 	labels[types.KubernetesPodNameLabel] = pod.Name
 	labels[types.KubernetesPodNamespaceLabel] = pod.Namespace
 	labels[types.KubernetesPodUIDLabel] = string(pod.UID)
 	labels[types.KubernetesContainerNameLabel] = container.Name
+	if utilfeature.DefaultFeatureGate.Enabled(features.DebugContainers) {
+		labels[types.KubernetesContainerTypeLabel] = string(containerType)
+	}
 
 	return labels
 }
 
 // newContainerAnnotations creates container annotations from v1.Container and v1.Pod.
-func newContainerAnnotations(container *v1.Container, pod *v1.Pod, restartCount int) map[string]string {
+func newContainerAnnotations(container *v1.Container, pod *v1.Pod, restartCount int, opts *kubecontainer.RunContainerOptions) map[string]string {
 	annotations := map[string]string{}
+
+	// Kubelet always overrides device plugin annotations if they are conflicting
+	for _, a := range opts.Annotations {
+		annotations[a.Name] = a.Value
+	}
+
 	annotations[containerHashLabel] = strconv.FormatUint(kubecontainer.HashContainer(container), 16)
 	annotations[containerRestartCountLabel] = strconv.Itoa(restartCount)
 	annotations[containerTerminationMessagePathLabel] = container.TerminationMessagePath
@@ -120,7 +132,7 @@ func newContainerAnnotations(container *v1.Container, pod *v1.Pod, restartCount
 	}
 
 	if container.Lifecycle != nil && container.Lifecycle.PreStop != nil {
-		// Using json enconding so that the PreStop handler object is readable after writing as a label
+		// Using json encoding so that the PreStop handler object is readable after writing as a label
 		rawPreStop, err := json.Marshal(container.Lifecycle.PreStop)
 		if err != nil {
 			glog.Errorf("Unable to marshal lifecycle PreStop handler for container %q of pod %q: %v", container.Name, format.Pod(pod), err)
@@ -169,11 +181,16 @@ func getPodSandboxInfoFromAnnotations(annotations map[string]string) *annotatedP
 
 // getContainerInfoFromLabels gets labeledContainerInfo from labels.
 func getContainerInfoFromLabels(labels map[string]string) *labeledContainerInfo {
+	var containerType kubecontainer.ContainerType
+	if utilfeature.DefaultFeatureGate.Enabled(features.DebugContainers) {
+		containerType = kubecontainer.ContainerType(getStringValueFromLabel(labels, types.KubernetesContainerTypeLabel))
+	}
 	return &labeledContainerInfo{
 		PodName:       getStringValueFromLabel(labels, types.KubernetesPodNameLabel),
 		PodNamespace:  getStringValueFromLabel(labels, types.KubernetesPodNamespaceLabel),
 		PodUID:        kubetypes.UID(getStringValueFromLabel(labels, types.KubernetesPodUIDLabel)),
 		ContainerName: getStringValueFromLabel(labels, types.KubernetesContainerNameLabel),
+		ContainerType: containerType,
 	}
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/logs/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/logs/BUILD
index 211a0b2c0fed..ffccbf2d3245 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/logs/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/logs/BUILD
@@ -7,7 +7,7 @@ go_library(
     visibility = ["//visibility:public"],
     deps = [
         "//pkg/kubelet/apis/cri:go_default_library",
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//pkg/util/tail:go_default_library",
         "//vendor/github.com/docker/docker/pkg/jsonlog:go_default_library",
         "//vendor/github.com/fsnotify/fsnotify:go_default_library",
@@ -19,10 +19,9 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["logs_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/kuberuntime/logs",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/logs/logs.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/logs/logs.go
index e029d40d6c0b..5ccd226fe758 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/logs/logs.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/logs/logs.go
@@ -33,7 +33,7 @@ import (
 
 	"k8s.io/api/core/v1"
 	internalapi "k8s.io/kubernetes/pkg/kubelet/apis/cri"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/util/tail"
 )
 
@@ -278,7 +278,7 @@ func ReadLogs(path, containerID string, opts *LogOptions, runtimeService interna
 	if err != nil {
 		return fmt.Errorf("failed to tail %d lines of log file %q: %v", opts.tail, path, err)
 	}
-	if _, err := f.Seek(start, os.SEEK_SET); err != nil {
+	if _, err := f.Seek(start, io.SeekStart); err != nil {
 		return fmt.Errorf("failed to seek %d in log file %q: %v", start, path, err)
 	}
 
@@ -303,11 +303,11 @@ func ReadLogs(path, containerID string, opts *LogOptions, runtimeService interna
 			if opts.follow {
 				// Reset seek so that if this is an incomplete line,
 				// it will be read again.
-				if _, err := f.Seek(-int64(len(l)), os.SEEK_CUR); err != nil {
+				if _, err := f.Seek(-int64(len(l)), io.SeekCurrent); err != nil {
 					return fmt.Errorf("failed to reset seek in log file %q: %v", path, err)
 				}
 				if watcher == nil {
-					// Intialize the watcher if it has not been initialized yet.
+					// Initialize the watcher if it has not been initialized yet.
 					if watcher, err = fsnotify.NewWatcher(); err != nil {
 						return fmt.Errorf("failed to create fsnotify watcher: %v", err)
 					}
@@ -330,7 +330,7 @@ func ReadLogs(path, containerID string, opts *LogOptions, runtimeService interna
 			glog.Warningf("Incomplete line in log file %q: %q", path, l)
 		}
 		if parse == nil {
-			// Intialize the log parsing function.
+			// Initialize the log parsing function.
 			parse, err = getParseFunc(l)
 			if err != nil {
 				return fmt.Errorf("failed to get parse function: %v", err)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/security_context.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/security_context.go
index 3d48d372ac44..c01fd52061ec 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/security_context.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/security_context.go
@@ -20,7 +20,7 @@ import (
 	"fmt"
 
 	"k8s.io/api/core/v1"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/security/apparmor"
 	"k8s.io/kubernetes/pkg/securitycontext"
 )
@@ -48,11 +48,7 @@ func (m *kubeGenericRuntimeManager) determineEffectiveSecurityContext(pod *v1.Po
 	}
 
 	// set namespace options and supplemental groups.
-	synthesized.NamespaceOptions = &runtimeapi.NamespaceOption{
-		HostNetwork: pod.Spec.HostNetwork,
-		HostIpc:     pod.Spec.HostIPC,
-		HostPid:     pod.Spec.HostPID,
-	}
+	synthesized.NamespaceOptions = namespacesForPod(pod)
 	podSc := pod.Spec.SecurityContext
 	if podSc != nil {
 		if podSc.FSGroup != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/lifecycle/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/lifecycle/BUILD
index d2463e5de9de..872a195913dd 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/lifecycle/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/lifecycle/BUILD
@@ -18,13 +18,14 @@ go_library(
     ],
     importpath = "k8s.io/kubernetes/pkg/kubelet/lifecycle",
     deps = [
+        "//pkg/apis/core/v1/helper:go_default_library",
         "//pkg/kubelet/container:go_default_library",
         "//pkg/kubelet/types:go_default_library",
         "//pkg/kubelet/util/format:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
+        "//pkg/scheduler/algorithm/predicates:go_default_library",
+        "//pkg/scheduler/schedulercache:go_default_library",
         "//pkg/security/apparmor:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/predicates:go_default_library",
-        "//plugin/pkg/scheduler/schedulercache:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
@@ -34,13 +35,17 @@ go_library(
 
 go_test(
     name = "go_default_test",
-    srcs = ["handlers_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/lifecycle",
-    library = ":go_default_library",
+    srcs = [
+        "handlers_test.go",
+        "predicate_test.go",
+    ],
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/container:go_default_library",
         "//pkg/kubelet/util/format:go_default_library",
+        "//pkg/scheduler/schedulercache:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/lifecycle/admission_failure_handler_stub.go b/vendor/k8s.io/kubernetes/pkg/kubelet/lifecycle/admission_failure_handler_stub.go
index c98339782e4c..58e675e9a9b9 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/lifecycle/admission_failure_handler_stub.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/lifecycle/admission_failure_handler_stub.go
@@ -18,7 +18,7 @@ package lifecycle
 
 import (
 	"k8s.io/api/core/v1"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
 )
 
 // AdmissionFailureHandlerStub is an AdmissionFailureHandler that does not perform any handling of admission failure.
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/lifecycle/predicate.go b/vendor/k8s.io/kubernetes/pkg/kubelet/lifecycle/predicate.go
index 9b8ad4d3cc12..e917acab37f3 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/lifecycle/predicate.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/lifecycle/predicate.go
@@ -20,11 +20,13 @@ import (
 	"fmt"
 
 	"github.com/golang/glog"
+
 	"k8s.io/api/core/v1"
+	v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
 	"k8s.io/kubernetes/pkg/kubelet/util/format"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm/predicates"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 )
 
 type getNodeAnyWayFuncType func() (*v1.Node, error)
@@ -77,7 +79,18 @@ func (w *predicateAdmitHandler) Admit(attrs *PodAdmitAttributes) PodAdmitResult
 			Message: message,
 		}
 	}
-	fit, reasons, err := predicates.GeneralPredicates(pod, nil, nodeInfo)
+
+	// Remove the requests of the extended resources that are missing in the
+	// node info. This is required to support cluster-level resources, which
+	// are extended resources unknown to nodes.
+	//
+	// Caveat: If a pod was manually bound to a node (e.g., static pod) where a
+	// node-level extended resource it requires is not found, then kubelet will
+	// not fail admission while it should. This issue will be addressed with
+	// the Resource Class API in the future.
+	podWithoutMissingExtendedResources := removeMissingExtendedResources(pod, nodeInfo)
+
+	fit, reasons, err := predicates.GeneralPredicates(podWithoutMissingExtendedResources, nil, nodeInfo)
 	if err != nil {
 		message := fmt.Sprintf("GeneralPredicates failed due to %v, which is unexpected.", err)
 		glog.Warningf("Failed to admit pod %v - %s", format.Pod(pod), message)
@@ -141,3 +154,22 @@ func (w *predicateAdmitHandler) Admit(attrs *PodAdmitAttributes) PodAdmitResult
 		Admit: true,
 	}
 }
+
+func removeMissingExtendedResources(pod *v1.Pod, nodeInfo *schedulercache.NodeInfo) *v1.Pod {
+	podCopy := pod.DeepCopy()
+	for i, c := range pod.Spec.Containers {
+		// We only handle requests in Requests but not Limits because the
+		// PodFitsResources predicate, to which the result pod will be passed,
+		// does not use Limits.
+		podCopy.Spec.Containers[i].Resources.Requests = make(v1.ResourceList)
+		for rName, rQuant := range c.Resources.Requests {
+			if v1helper.IsExtendedResourceName(rName) {
+				if _, found := nodeInfo.AllocatableResource().ScalarResources[rName]; !found {
+					continue
+				}
+			}
+			podCopy.Spec.Containers[i].Resources.Requests[rName] = rQuant
+		}
+	}
+	return podCopy
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/logs/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/logs/BUILD
new file mode 100644
index 000000000000..bd16b1c23d9d
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/logs/BUILD
@@ -0,0 +1,46 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "container_log_manager.go",
+        "container_log_manager_stub.go",
+    ],
+    importpath = "k8s.io/kubernetes/pkg/kubelet/logs",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//pkg/kubelet/apis/cri:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/clock:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["container_log_manager_test.go"],
+    embed = [":go_default_library"],
+    deps = [
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
+        "//pkg/kubelet/apis/cri/testing:go_default_library",
+        "//vendor/github.com/stretchr/testify/assert:go_default_library",
+        "//vendor/github.com/stretchr/testify/require:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/clock:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/logs/container_log_manager.go b/vendor/k8s.io/kubernetes/pkg/kubelet/logs/container_log_manager.go
new file mode 100644
index 000000000000..baedd6c4c4ca
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/logs/container_log_manager.go
@@ -0,0 +1,387 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package logs
+
+import (
+	"compress/gzip"
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+	"sort"
+	"strings"
+	"time"
+
+	"github.com/golang/glog"
+
+	"k8s.io/apimachinery/pkg/api/resource"
+	"k8s.io/apimachinery/pkg/util/clock"
+	"k8s.io/apimachinery/pkg/util/wait"
+	internalapi "k8s.io/kubernetes/pkg/kubelet/apis/cri"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
+)
+
+const (
+	// logMonitorPeriod is the period container log manager monitors
+	// container logs and performs log rotation.
+	logMonitorPeriod = 10 * time.Second
+	// timestampFormat is format of the timestamp suffix for rotated log.
+	// See https://golang.org/pkg/time/#Time.Format.
+	timestampFormat = "20060102-150405"
+	// compressSuffix is the suffix for compressed log.
+	compressSuffix = ".gz"
+	// tmpSuffix is the suffix for temporary file.
+	tmpSuffix = ".tmp"
+)
+
+// ContainerLogManager manages lifecycle of all container logs.
+//
+// Implementation is thread-safe.
+type ContainerLogManager interface {
+	// TODO(random-liu): Add RotateLogs function and call it under disk pressure.
+	// Start container log manager.
+	Start()
+}
+
+// LogRotatePolicy is a policy for container log rotation. The policy applies to all
+// containers managed by kubelet.
+type LogRotatePolicy struct {
+	// MaxSize in bytes of the container log file before it is rotated. Negative
+	// number means to disable container log rotation.
+	MaxSize int64
+	// MaxFiles is the maximum number of log files that can be present.
+	// If rotating the logs creates excess files, the oldest file is removed.
+	MaxFiles int
+}
+
+// GetAllLogs gets all inuse (rotated/compressed) logs for a specific container log.
+// Returned logs are sorted in oldest to newest order.
+// TODO(#59902): Leverage this function to support log rotation in `kubectl logs`.
+func GetAllLogs(log string) ([]string, error) {
+	// pattern is used to match all rotated files.
+	pattern := fmt.Sprintf("%s.*", log)
+	logs, err := filepath.Glob(pattern)
+	if err != nil {
+		return nil, fmt.Errorf("failed to list all log files with pattern %q: %v", pattern, err)
+	}
+	inuse, _ := filterUnusedLogs(logs)
+	sort.Strings(inuse)
+	return append(inuse, log), nil
+}
+
+// compressReadCloser wraps gzip.Reader with a function to close file handler.
+type compressReadCloser struct {
+	f *os.File
+	*gzip.Reader
+}
+
+func (rc *compressReadCloser) Close() error {
+	ferr := rc.f.Close()
+	rerr := rc.Reader.Close()
+	if ferr != nil {
+		return ferr
+	}
+	if rerr != nil {
+		return rerr
+	}
+	return nil
+}
+
+// UncompressLog compresses a compressed log and return a readcloser for the
+// stream of the uncompressed content.
+// TODO(#59902): Leverage this function to support log rotation in `kubectl logs`.
+func UncompressLog(log string) (_ io.ReadCloser, retErr error) {
+	if !strings.HasSuffix(log, compressSuffix) {
+		return nil, fmt.Errorf("log is not compressed")
+	}
+	f, err := os.Open(log)
+	if err != nil {
+		return nil, fmt.Errorf("failed to open log: %v", err)
+	}
+	defer func() {
+		if retErr != nil {
+			f.Close()
+		}
+	}()
+	r, err := gzip.NewReader(f)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create gzip reader: %v", err)
+	}
+	return &compressReadCloser{f: f, Reader: r}, nil
+}
+
+// parseMaxSize parses quantity string to int64 max size in bytes.
+func parseMaxSize(size string) (int64, error) {
+	quantity, err := resource.ParseQuantity(size)
+	if err != nil {
+		return 0, err
+	}
+	maxSize, ok := quantity.AsInt64()
+	if !ok {
+		return 0, fmt.Errorf("invalid max log size")
+	}
+	if maxSize < 0 {
+		return 0, fmt.Errorf("negative max log size %d", maxSize)
+	}
+	return maxSize, nil
+}
+
+type containerLogManager struct {
+	runtimeService internalapi.RuntimeService
+	policy         LogRotatePolicy
+	clock          clock.Clock
+}
+
+// NewContainerLogManager creates a new container log manager.
+func NewContainerLogManager(runtimeService internalapi.RuntimeService, maxSize string, maxFiles int) (ContainerLogManager, error) {
+	if maxFiles <= 1 {
+		return nil, fmt.Errorf("invalid MaxFiles %d, must be > 1", maxFiles)
+	}
+	parsedMaxSize, err := parseMaxSize(maxSize)
+	if err != nil {
+		return nil, fmt.Errorf("failed to parse container log max size %q: %v", maxSize, err)
+	}
+	// policy LogRotatePolicy
+	return &containerLogManager{
+		runtimeService: runtimeService,
+		policy: LogRotatePolicy{
+			MaxSize:  parsedMaxSize,
+			MaxFiles: maxFiles,
+		},
+		clock: clock.RealClock{},
+	}, nil
+}
+
+// Start the container log manager.
+func (c *containerLogManager) Start() {
+	// Start a goroutine peirodically does container log rotation.
+	go wait.Forever(func() {
+		if err := c.rotateLogs(); err != nil {
+			glog.Errorf("Failed to rotate container logs: %v", err)
+		}
+	}, logMonitorPeriod)
+}
+
+func (c *containerLogManager) rotateLogs() error {
+	// TODO(#59998): Use kubelet pod cache.
+	containers, err := c.runtimeService.ListContainers(&runtimeapi.ContainerFilter{})
+	if err != nil {
+		return fmt.Errorf("failed to list containers: %v", err)
+	}
+	// NOTE(random-liu): Figure out whether we need to rotate container logs in parallel.
+	for _, container := range containers {
+		// Only rotate logs for running containers. Non-running containers won't
+		// generate new output, it doesn't make sense to keep an empty latest log.
+		if container.GetState() != runtimeapi.ContainerState_CONTAINER_RUNNING {
+			continue
+		}
+		id := container.GetId()
+		// Note that we should not block log rotate for an error of a single container.
+		status, err := c.runtimeService.ContainerStatus(id)
+		if err != nil {
+			glog.Errorf("Failed to get container status for %q: %v", id, err)
+			continue
+		}
+		path := status.GetLogPath()
+		info, err := os.Stat(path)
+		if err != nil {
+			if !os.IsNotExist(err) {
+				glog.Errorf("Failed to stat container log %q: %v", path, err)
+				continue
+			}
+			// In rotateLatestLog, there are several cases that we may
+			// lose original container log after ReopenContainerLog fails.
+			// We try to to recover it by reopening container log.
+			if err := c.runtimeService.ReopenContainerLog(id); err != nil {
+				glog.Errorf("Container %q log %q doesn't exist, reopen container log failed: %v", id, path, err)
+				continue
+			}
+			// The container log should be recovered.
+			info, err = os.Stat(path)
+			if err != nil {
+				glog.Errorf("Failed to stat container log %q after reopen: %v", path, err)
+				continue
+			}
+		}
+		if info.Size() < c.policy.MaxSize {
+			continue
+		}
+		// Perform log rotation.
+		if err := c.rotateLog(id, path); err != nil {
+			glog.Errorf("Failed to rotate log %q for container %q: %v", path, id, err)
+			continue
+		}
+	}
+	return nil
+}
+
+func (c *containerLogManager) rotateLog(id, log string) error {
+	// pattern is used to match all rotated files.
+	pattern := fmt.Sprintf("%s.*", log)
+	logs, err := filepath.Glob(pattern)
+	if err != nil {
+		return fmt.Errorf("failed to list all log files with pattern %q: %v", pattern, err)
+	}
+
+	logs, err = c.cleanupUnusedLogs(logs)
+	if err != nil {
+		return fmt.Errorf("failed to cleanup logs: %v", err)
+	}
+
+	logs, err = c.removeExcessLogs(logs)
+	if err != nil {
+		return fmt.Errorf("failed to remove excess logs: %v", err)
+	}
+
+	// Compress uncompressed log files.
+	for _, l := range logs {
+		if strings.HasSuffix(l, compressSuffix) {
+			continue
+		}
+		if err := c.compressLog(l); err != nil {
+			return fmt.Errorf("failed to compress log %q: %v", l, err)
+		}
+	}
+
+	if err := c.rotateLatestLog(id, log); err != nil {
+		return fmt.Errorf("failed to rotate log %q: %v", log, err)
+	}
+
+	return nil
+}
+
+// cleanupUnusedLogs cleans up temporary or unused log files generated by previous log rotation
+// failure.
+func (c *containerLogManager) cleanupUnusedLogs(logs []string) ([]string, error) {
+	inuse, unused := filterUnusedLogs(logs)
+	for _, l := range unused {
+		if err := os.Remove(l); err != nil {
+			return nil, fmt.Errorf("failed to remove unused log %q: %v", l, err)
+		}
+	}
+	return inuse, nil
+}
+
+// filterUnusedLogs splits logs into 2 groups, the 1st group is in used logs,
+// the second group is unused logs.
+func filterUnusedLogs(logs []string) (inuse []string, unused []string) {
+	for _, l := range logs {
+		if isInUse(l, logs) {
+			inuse = append(inuse, l)
+		} else {
+			unused = append(unused, l)
+		}
+	}
+	return inuse, unused
+}
+
+// isInUse checks whether a container log file is still inuse.
+func isInUse(l string, logs []string) bool {
+	// All temporary files are not in use.
+	if strings.HasSuffix(l, tmpSuffix) {
+		return false
+	}
+	// All compresed logs are in use.
+	if strings.HasSuffix(l, compressSuffix) {
+		return true
+	}
+	// Files has already been compressed are not in use.
+	for _, another := range logs {
+		if l+compressSuffix == another {
+			return false
+		}
+	}
+	return true
+}
+
+// removeExcessLogs removes old logs to make sure there are only at most MaxFiles log files.
+func (c *containerLogManager) removeExcessLogs(logs []string) ([]string, error) {
+	// Sort log files in oldest to newest order.
+	sort.Strings(logs)
+	// Container will create a new log file, and we'll rotate the latest log file.
+	// Other than those 2 files, we can have at most MaxFiles-2 rotated log files.
+	// Keep MaxFiles-2 files by removing old files.
+	// We should remove from oldest to newest, so as not to break ongoing `kubectl logs`.
+	maxRotatedFiles := c.policy.MaxFiles - 2
+	if maxRotatedFiles < 0 {
+		maxRotatedFiles = 0
+	}
+	i := 0
+	for ; i < len(logs)-maxRotatedFiles; i++ {
+		if err := os.Remove(logs[i]); err != nil {
+			return nil, fmt.Errorf("failed to remove old log %q: %v", logs[i], err)
+		}
+	}
+	logs = logs[i:]
+	return logs, nil
+}
+
+// compressLog compresses a log to log.gz with gzip.
+func (c *containerLogManager) compressLog(log string) error {
+	r, err := os.Open(log)
+	if err != nil {
+		return fmt.Errorf("failed to open log %q: %v", log, err)
+	}
+	defer r.Close()
+	tmpLog := log + tmpSuffix
+	f, err := os.OpenFile(tmpLog, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0644)
+	if err != nil {
+		return fmt.Errorf("failed to create temporary log %q: %v", tmpLog, err)
+	}
+	defer func() {
+		// Best effort cleanup of tmpLog.
+		os.Remove(tmpLog)
+	}()
+	defer f.Close()
+	w := gzip.NewWriter(f)
+	defer w.Close()
+	if _, err := io.Copy(w, r); err != nil {
+		return fmt.Errorf("failed to compress %q to %q: %v", log, tmpLog, err)
+	}
+	compressedLog := log + compressSuffix
+	if err := os.Rename(tmpLog, compressedLog); err != nil {
+		return fmt.Errorf("failed to rename %q to %q: %v", tmpLog, compressedLog, err)
+	}
+	// Remove old log file.
+	if err := os.Remove(log); err != nil {
+		return fmt.Errorf("failed to remove log %q after compress: %v", log, err)
+	}
+	return nil
+}
+
+// rotateLatestLog rotates latest log without compression, so that container can still write
+// and fluentd can finish reading.
+func (c *containerLogManager) rotateLatestLog(id, log string) error {
+	timestamp := c.clock.Now().Format(timestampFormat)
+	rotated := fmt.Sprintf("%s.%s", log, timestamp)
+	if err := os.Rename(log, rotated); err != nil {
+		return fmt.Errorf("failed to rotate log %q to %q: %v", log, rotated, err)
+	}
+	if err := c.runtimeService.ReopenContainerLog(id); err != nil {
+		// Rename the rotated log back, so that we can try rotating it again
+		// next round.
+		// If kubelet gets restarted at this point, we'll lose original log.
+		if renameErr := os.Rename(rotated, log); renameErr != nil {
+			// This shouldn't happen.
+			// Report an error if this happens, because we will lose original
+			// log.
+			glog.Errorf("Failed to rename rotated log %q back to %q: %v, reopen container log error: %v", rotated, log, renameErr, err)
+		}
+		return fmt.Errorf("failed to reopen container log %q: %v", id, err)
+	}
+	return nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/logs/container_log_manager_stub.go b/vendor/k8s.io/kubernetes/pkg/kubelet/logs/container_log_manager_stub.go
new file mode 100644
index 000000000000..a6e0729f19de
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/logs/container_log_manager_stub.go
@@ -0,0 +1,26 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package logs
+
+type containerLogManagerStub struct{}
+
+func (*containerLogManagerStub) Start() {}
+
+// NewStubContainerLogManager returns an empty ContainerLogManager which does nothing.
+func NewStubContainerLogManager() ContainerLogManager {
+	return &containerLogManagerStub{}
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/metrics/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/metrics/BUILD
index 568ae707755c..2f8d8839738a 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/metrics/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/metrics/BUILD
@@ -25,6 +25,9 @@ filegroup(
 
 filegroup(
     name = "all-srcs",
-    srcs = [":package-srcs"],
+    srcs = [
+        ":package-srcs",
+        "//pkg/kubelet/metrics/collectors:all-srcs",
+    ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/metrics/collectors/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/metrics/collectors/BUILD
new file mode 100644
index 000000000000..792e8cf3505e
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/metrics/collectors/BUILD
@@ -0,0 +1,47 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["volume_stats.go"],
+    importpath = "k8s.io/kubernetes/pkg/kubelet/metrics/collectors",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//pkg/kubelet/apis/stats/v1alpha1:go_default_library",
+        "//pkg/kubelet/metrics:go_default_library",
+        "//pkg/kubelet/server/stats:go_default_library",
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/github.com/prometheus/client_golang/prometheus:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = [
+        "helper_test.go",
+        "volume_stats_test.go",
+    ],
+    embed = [":go_default_library"],
+    deps = [
+        "//pkg/kubelet/apis/stats/v1alpha1:go_default_library",
+        "//pkg/kubelet/server/stats/testing:go_default_library",
+        "//vendor/github.com/prometheus/client_golang/prometheus:go_default_library",
+        "//vendor/github.com/prometheus/client_model/go:go_default_library",
+        "//vendor/github.com/prometheus/common/expfmt:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/metrics/collectors/volume_stats.go b/vendor/k8s.io/kubernetes/pkg/kubelet/metrics/collectors/volume_stats.go
new file mode 100644
index 000000000000..7f80243dc975
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/metrics/collectors/volume_stats.go
@@ -0,0 +1,120 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package collectors
+
+import (
+	"github.com/golang/glog"
+	"github.com/prometheus/client_golang/prometheus"
+	"k8s.io/apimachinery/pkg/util/sets"
+	stats "k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1"
+	"k8s.io/kubernetes/pkg/kubelet/metrics"
+	serverstats "k8s.io/kubernetes/pkg/kubelet/server/stats"
+)
+
+var (
+	volumeStatsCapacityBytesDesc = prometheus.NewDesc(
+		prometheus.BuildFQName("", metrics.KubeletSubsystem, metrics.VolumeStatsCapacityBytesKey),
+		"Capacity in bytes of the volume",
+		[]string{"namespace", "persistentvolumeclaim"}, nil,
+	)
+	volumeStatsAvailableBytesDesc = prometheus.NewDesc(
+		prometheus.BuildFQName("", metrics.KubeletSubsystem, metrics.VolumeStatsAvailableBytesKey),
+		"Number of available bytes in the volume",
+		[]string{"namespace", "persistentvolumeclaim"}, nil,
+	)
+	volumeStatsUsedBytesDesc = prometheus.NewDesc(
+		prometheus.BuildFQName("", metrics.KubeletSubsystem, metrics.VolumeStatsUsedBytesKey),
+		"Number of used bytes in the volume",
+		[]string{"namespace", "persistentvolumeclaim"}, nil,
+	)
+	volumeStatsInodesDesc = prometheus.NewDesc(
+		prometheus.BuildFQName("", metrics.KubeletSubsystem, metrics.VolumeStatsInodesKey),
+		"Maximum number of inodes in the volume",
+		[]string{"namespace", "persistentvolumeclaim"}, nil,
+	)
+	volumeStatsInodesFreeDesc = prometheus.NewDesc(
+		prometheus.BuildFQName("", metrics.KubeletSubsystem, metrics.VolumeStatsInodesFreeKey),
+		"Number of free inodes in the volume",
+		[]string{"namespace", "persistentvolumeclaim"}, nil,
+	)
+	volumeStatsInodesUsedDesc = prometheus.NewDesc(
+		prometheus.BuildFQName("", metrics.KubeletSubsystem, metrics.VolumeStatsInodesUsedKey),
+		"Number of used inodes in the volume",
+		[]string{"namespace", "persistentvolumeclaim"}, nil,
+	)
+)
+
+type volumeStatsCollecotr struct {
+	statsProvider serverstats.StatsProvider
+}
+
+// NewVolumeStatsCollector creates a volume stats prometheus collector.
+func NewVolumeStatsCollector(statsProvider serverstats.StatsProvider) prometheus.Collector {
+	return &volumeStatsCollecotr{statsProvider: statsProvider}
+}
+
+// Describe implements the prometheus.Collector interface.
+func (collector *volumeStatsCollecotr) Describe(ch chan<- *prometheus.Desc) {
+	ch <- volumeStatsCapacityBytesDesc
+	ch <- volumeStatsAvailableBytesDesc
+	ch <- volumeStatsUsedBytesDesc
+	ch <- volumeStatsInodesDesc
+	ch <- volumeStatsInodesFreeDesc
+	ch <- volumeStatsInodesUsedDesc
+}
+
+// Collect implements the prometheus.Collector interface.
+func (collector *volumeStatsCollecotr) Collect(ch chan<- prometheus.Metric) {
+	podStats, err := collector.statsProvider.ListPodStats()
+	if err != nil {
+		return
+	}
+	addGauge := func(desc *prometheus.Desc, pvcRef *stats.PVCReference, v float64, lv ...string) {
+		lv = append([]string{pvcRef.Namespace, pvcRef.Name}, lv...)
+		metric, err := prometheus.NewConstMetric(desc, prometheus.GaugeValue, v, lv...)
+		if err != nil {
+			glog.Warningf("Failed to generate metric: %v", err)
+			return
+		}
+		ch <- metric
+	}
+	allPVCs := sets.String{}
+	for _, podStat := range podStats {
+		if podStat.VolumeStats == nil {
+			continue
+		}
+		for _, volumeStat := range podStat.VolumeStats {
+			pvcRef := volumeStat.PVCRef
+			if pvcRef == nil {
+				// ignore if no PVC reference
+				continue
+			}
+			pvcUniqStr := pvcRef.Namespace + "/" + pvcRef.Name
+			if allPVCs.Has(pvcUniqStr) {
+				// ignore if already collected
+				continue
+			}
+			addGauge(volumeStatsCapacityBytesDesc, pvcRef, float64(*volumeStat.CapacityBytes))
+			addGauge(volumeStatsAvailableBytesDesc, pvcRef, float64(*volumeStat.AvailableBytes))
+			addGauge(volumeStatsUsedBytesDesc, pvcRef, float64(*volumeStat.UsedBytes))
+			addGauge(volumeStatsInodesDesc, pvcRef, float64(*volumeStat.Inodes))
+			addGauge(volumeStatsInodesFreeDesc, pvcRef, float64(*volumeStat.InodesFree))
+			addGauge(volumeStatsInodesUsedDesc, pvcRef, float64(*volumeStat.InodesUsed))
+			allPVCs.Insert(pvcUniqStr)
+		}
+	}
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/metrics/metrics.go b/vendor/k8s.io/kubernetes/pkg/kubelet/metrics/metrics.go
index 0fc10dc189a4..4e9470f5a52e 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/metrics/metrics.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/metrics/metrics.go
@@ -134,54 +134,6 @@ var (
 		},
 		[]string{"eviction_signal"},
 	)
-	VolumeStatsCapacityBytes = prometheus.NewGaugeVec(
-		prometheus.GaugeOpts{
-			Subsystem: KubeletSubsystem,
-			Name:      VolumeStatsCapacityBytesKey,
-			Help:      "Capacity in bytes of the volume",
-		},
-		[]string{"namespace", "persistentvolumeclaim"},
-	)
-	VolumeStatsAvailableBytes = prometheus.NewGaugeVec(
-		prometheus.GaugeOpts{
-			Subsystem: KubeletSubsystem,
-			Name:      VolumeStatsAvailableBytesKey,
-			Help:      "Number of available bytes in the volume",
-		},
-		[]string{"namespace", "persistentvolumeclaim"},
-	)
-	VolumeStatsUsedBytes = prometheus.NewGaugeVec(
-		prometheus.GaugeOpts{
-			Subsystem: KubeletSubsystem,
-			Name:      VolumeStatsUsedBytesKey,
-			Help:      "Number of used bytes in the volume",
-		},
-		[]string{"namespace", "persistentvolumeclaim"},
-	)
-	VolumeStatsInodes = prometheus.NewGaugeVec(
-		prometheus.GaugeOpts{
-			Subsystem: KubeletSubsystem,
-			Name:      VolumeStatsInodesKey,
-			Help:      "Maximum number of inodes in the volume",
-		},
-		[]string{"namespace", "persistentvolumeclaim"},
-	)
-	VolumeStatsInodesFree = prometheus.NewGaugeVec(
-		prometheus.GaugeOpts{
-			Subsystem: KubeletSubsystem,
-			Name:      VolumeStatsInodesFreeKey,
-			Help:      "Number of free inodes in the volume",
-		},
-		[]string{"namespace", "persistentvolumeclaim"},
-	)
-	VolumeStatsInodesUsed = prometheus.NewGaugeVec(
-		prometheus.GaugeOpts{
-			Subsystem: KubeletSubsystem,
-			Name:      VolumeStatsInodesUsedKey,
-			Help:      "Number of used inodes in the volume",
-		},
-		[]string{"namespace", "persistentvolumeclaim"},
-	)
 	DevicePluginRegistrationCount = prometheus.NewCounterVec(
 		prometheus.CounterOpts{
 			Subsystem: KubeletSubsystem,
@@ -203,7 +155,7 @@ var (
 var registerMetrics sync.Once
 
 // Register all metrics.
-func Register(containerCache kubecontainer.RuntimeCache) {
+func Register(containerCache kubecontainer.RuntimeCache, collectors ...prometheus.Collector) {
 	// Register the metrics.
 	registerMetrics.Do(func() {
 		prometheus.MustRegister(PodWorkerLatency)
@@ -218,14 +170,11 @@ func Register(containerCache kubecontainer.RuntimeCache) {
 		prometheus.MustRegister(RuntimeOperationsLatency)
 		prometheus.MustRegister(RuntimeOperationsErrors)
 		prometheus.MustRegister(EvictionStatsAge)
-		prometheus.MustRegister(VolumeStatsCapacityBytes)
-		prometheus.MustRegister(VolumeStatsAvailableBytes)
-		prometheus.MustRegister(VolumeStatsUsedBytes)
-		prometheus.MustRegister(VolumeStatsInodes)
-		prometheus.MustRegister(VolumeStatsInodesFree)
-		prometheus.MustRegister(VolumeStatsInodesUsed)
 		prometheus.MustRegister(DevicePluginRegistrationCount)
 		prometheus.MustRegister(DevicePluginAllocationLatency)
+		for _, collector := range collectors {
+			prometheus.MustRegister(collector)
+		}
 	})
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/mountpod/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/mountpod/BUILD
index d21981739a79..f606715ab702 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/mountpod/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/mountpod/BUILD
@@ -16,8 +16,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["mount_pod_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/mountpod",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/configmap:go_default_library",
         "//pkg/kubelet/pod:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/network/cni/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/network/cni/BUILD
index b91992366ec1..b21f8bee1463 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/network/cni/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/network/cni/BUILD
@@ -10,9 +10,38 @@ go_library(
     name = "go_default_library",
     srcs = [
         "cni.go",
-        "cni_others.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "cni_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "cni_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "cni_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "cni_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "cni_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "cni_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "cni_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "cni_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "cni_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "cni_others.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
             "cni_windows.go",
         ],
         "//conditions:default": [],
@@ -27,7 +56,7 @@ go_library(
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/utils/exec:go_default_library",
     ] + select({
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:windows": [
             "//vendor/github.com/containernetworking/cni/pkg/types/020:go_default_library",
         ],
         "//conditions:default": [],
@@ -37,15 +66,14 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "cni_test.go",
         ],
         "//conditions:default": [],
     }),
-    importpath = "k8s.io/kubernetes/pkg/kubelet/network/cni",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//pkg/kubelet/apis/kubeletconfig:go_default_library",
             "//pkg/kubelet/container:go_default_library",
             "//pkg/kubelet/container/testing:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/network/cni/cni.go b/vendor/k8s.io/kubernetes/pkg/kubelet/network/cni/cni.go
index 540be4b70cf6..15724afc4860 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/network/cni/cni.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/network/cni/cni.go
@@ -273,7 +273,9 @@ func (plugin *cniNetworkPlugin) deleteFromNetwork(network *cniNetwork, podName s
 	netConf, cniNet := network.NetworkConfig, network.CNIConfig
 	glog.V(4).Infof("About to del CNI network %v (type=%v)", netConf.Name, netConf.Plugins[0].Network.Type)
 	err = cniNet.DelNetworkList(netConf, rt)
-	if err != nil {
+	// The pod may not get deleted successfully at the first time.
+	// Ignore "no such file or directory" error in case the network has already been deleted in previous attempts.
+	if err != nil && !strings.Contains(err.Error(), "no such file or directory") {
 		glog.Errorf("Error deleting network: %v", err)
 		return err
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/network/dns/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/network/dns/BUILD
index c0a4c05463af..28989f99d59d 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/network/dns/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/network/dns/BUILD
@@ -8,7 +8,7 @@ go_library(
     deps = [
         "//pkg/apis/core/validation:go_default_library",
         "//pkg/features:go_default_library",
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//pkg/kubelet/container:go_default_library",
         "//pkg/kubelet/util/format:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
@@ -21,10 +21,9 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["dns_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/network/dns",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/github.com/stretchr/testify/require:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/network/dns/dns.go b/vendor/k8s.io/kubernetes/pkg/kubelet/network/dns/dns.go
index bcc717e01c1e..a3e42358c7ba 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/network/dns/dns.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/network/dns/dns.go
@@ -30,7 +30,7 @@ import (
 	"k8s.io/client-go/tools/record"
 	"k8s.io/kubernetes/pkg/apis/core/validation"
 	"k8s.io/kubernetes/pkg/features"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/kubelet/util/format"
 
@@ -321,7 +321,7 @@ func appendDNSConfig(existingDNSConfig *runtimeapi.DNSConfig, dnsConfig *v1.PodD
 	return existingDNSConfig
 }
 
-// GetPodDNS returns DNS setttings for the pod.
+// GetPodDNS returns DNS settings for the pod.
 func (c *Configurer) GetPodDNS(pod *v1.Pod) (*runtimeapi.DNSConfig, error) {
 	dnsConfig, err := c.getHostDNSConfig(pod)
 	if err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/network/hairpin/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/network/hairpin/BUILD
index d10f32a5c864..6081b12b29cb 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/network/hairpin/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/network/hairpin/BUILD
@@ -19,8 +19,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["hairpin_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/network/hairpin",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/utils/exec:go_default_library",
         "//vendor/k8s.io/utils/exec/testing:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/network/hostport/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/network/hostport/BUILD
index a6bb4d0e14b5..7cc35a9c27a7 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/network/hostport/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/network/hostport/BUILD
@@ -17,11 +17,14 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/kubelet/network/hostport",
     deps = [
         "//pkg/proxy/iptables:go_default_library",
+        "//pkg/util/conntrack:go_default_library",
         "//pkg/util/iptables:go_default_library",
+        "//pkg/util/net:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//vendor/k8s.io/utils/exec:go_default_library",
     ],
 )
 
@@ -33,12 +36,12 @@ go_test(
         "hostport_syncer_test.go",
         "hostport_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/network/hostport",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/util/iptables:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/utils/exec:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/network/hostport/hostport_manager.go b/vendor/k8s.io/kubernetes/pkg/kubelet/network/hostport/hostport_manager.go
index a31b4da08420..3177ac5adff9 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/network/hostport/hostport_manager.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/network/hostport/hostport_manager.go
@@ -26,9 +26,13 @@ import (
 	"sync"
 
 	"github.com/golang/glog"
+	"k8s.io/api/core/v1"
 	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 	iptablesproxy "k8s.io/kubernetes/pkg/proxy/iptables"
+	"k8s.io/kubernetes/pkg/util/conntrack"
 	utiliptables "k8s.io/kubernetes/pkg/util/iptables"
+	utilnet "k8s.io/kubernetes/pkg/util/net"
+	"k8s.io/utils/exec"
 )
 
 // HostPortManager is an interface for adding and removing hostport for a given pod sandbox.
@@ -44,18 +48,26 @@ type HostPortManager interface {
 }
 
 type hostportManager struct {
-	hostPortMap map[hostport]closeable
-	iptables    utiliptables.Interface
-	portOpener  hostportOpener
-	mu          sync.Mutex
+	hostPortMap    map[hostport]closeable
+	execer         exec.Interface
+	conntrackFound bool
+	iptables       utiliptables.Interface
+	portOpener     hostportOpener
+	mu             sync.Mutex
 }
 
 func NewHostportManager(iptables utiliptables.Interface) HostPortManager {
-	return &hostportManager{
+	h := &hostportManager{
 		hostPortMap: make(map[hostport]closeable),
+		execer:      exec.New(),
 		iptables:    iptables,
 		portOpener:  openLocalPort,
 	}
+	h.conntrackFound = conntrack.Exists(h.execer)
+	if !h.conntrackFound {
+		glog.Warningf("The binary conntrack is not installed, this can cause failures in network connection cleanup.")
+	}
+	return h
 }
 
 func (hm *hostportManager) Add(id string, podPortMapping *PodPortMapping, natInterfaceName string) (err error) {
@@ -103,10 +115,14 @@ func (hm *hostportManager) Add(id string, podPortMapping *PodPortMapping, natInt
 	}
 
 	newChains := []utiliptables.Chain{}
+	conntrackPortsToRemove := []int{}
 	for _, pm := range hostportMappings {
 		protocol := strings.ToLower(string(pm.Protocol))
 		chain := getHostportChain(id, pm)
 		newChains = append(newChains, chain)
+		if pm.Protocol == v1.ProtocolUDP {
+			conntrackPortsToRemove = append(conntrackPortsToRemove, int(pm.HostPort))
+		}
 
 		// Add new hostport chain
 		writeLine(natChains, utiliptables.MakeChainLine(chain))
@@ -150,6 +166,21 @@ func (hm *hostportManager) Add(id string, podPortMapping *PodPortMapping, natInt
 		// clean up opened host port if encounter any error
 		return utilerrors.NewAggregate([]error{err, hm.closeHostports(hostportMappings)})
 	}
+	isIpv6 := utilnet.IsIPv6(podPortMapping.IP)
+
+	// Remove conntrack entries just after adding the new iptables rules. If the conntrack entry is removed along with
+	// the IP tables rule, it can be the case that the packets received by the node after iptables rule removal will
+	// create a new conntrack entry without any DNAT. That will result in blackhole of the traffic even after correct
+	// iptables rules have been added back.
+	if hm.execer != nil && hm.conntrackFound {
+		glog.Infof("Starting to delete udp conntrack entries: %v, isIPv6 - %v", conntrackPortsToRemove, isIpv6)
+		for _, port := range conntrackPortsToRemove {
+			err = conntrack.ClearEntriesForPort(hm.execer, port, isIpv6, v1.ProtocolUDP)
+			if err != nil {
+				glog.Errorf("Failed to clear udp conntrack for port %d, error: %v", port, err)
+			}
+		}
+	}
 	return nil
 }
 
@@ -178,8 +209,6 @@ func (hm *hostportManager) Remove(id string, podPortMapping *PodPortMapping) (er
 	chainsToRemove := []utiliptables.Chain{}
 	for _, pm := range hostportMappings {
 		chainsToRemove = append(chainsToRemove, getHostportChain(id, pm))
-		// TODO remove this after release 1.9, please refer https://github.com/kubernetes/kubernetes/pull/55153
-		chainsToRemove = append(chainsToRemove, getBuggyHostportChain(id, pm))
 	}
 
 	// remove rules that consists of target chains
@@ -255,16 +284,6 @@ func getHostportChain(id string, pm *PortMapping) utiliptables.Chain {
 	return utiliptables.Chain(kubeHostportChainPrefix + encoded[:16])
 }
 
-// This bugy func does bad conversion on HostPort from int32 to string.
-// It may generates same chain names for different ports of the same pod, e.g. port 57119/55429/56833.
-// `getHostportChain` fixed this bug. In order to cleanup the legacy chains/rules, it is temporarily left.
-// TODO remove this after release 1.9, please refer https://github.com/kubernetes/kubernetes/pull/55153
-func getBuggyHostportChain(id string, pm *PortMapping) utiliptables.Chain {
-	hash := sha256.Sum256([]byte(id + string(pm.HostPort) + string(pm.Protocol)))
-	encoded := base32.StdEncoding.EncodeToString(hash[:])
-	return utiliptables.Chain(kubeHostportChainPrefix + encoded[:16])
-}
-
 // gatherHostportMappings returns all the PortMappings which has hostport for a pod
 func gatherHostportMappings(podPortMapping *PodPortMapping) []*PortMapping {
 	mappings := []*PortMapping{}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/network/kubenet/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/network/kubenet/BUILD
index 13c4bce3db31..d13c20baf948 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/network/kubenet/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/network/kubenet/BUILD
@@ -10,20 +10,68 @@ go_library(
     name = "go_default_library",
     srcs = [
         "kubenet.go",
-        "kubenet_unsupported.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "kubenet_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "kubenet_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "kubenet_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "kubenet_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "kubenet_linux.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "kubenet_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "kubenet_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "kubenet_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "kubenet_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "kubenet_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "kubenet_unsupported.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/kubelet/network/kubenet",
-    deps = [
-        "//pkg/kubelet/apis/kubeletconfig:go_default_library",
-        "//pkg/kubelet/container:go_default_library",
-        "//pkg/kubelet/network:go_default_library",
-    ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+    deps = select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
+            "//pkg/kubelet/container:go_default_library",
+            "//pkg/kubelet/network:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
+            "//pkg/kubelet/container:go_default_library",
+            "//pkg/kubelet/network:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
+            "//pkg/kubelet/container:go_default_library",
+            "//pkg/kubelet/network:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
+            "//pkg/kubelet/container:go_default_library",
+            "//pkg/kubelet/network:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
+            "//pkg/kubelet/container:go_default_library",
+            "//pkg/kubelet/network:go_default_library",
             "//pkg/kubelet/network/hostport:go_default_library",
             "//pkg/util/bandwidth:go_default_library",
             "//pkg/util/dbus:go_default_library",
@@ -42,6 +90,36 @@ go_library(
             "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
             "//vendor/k8s.io/utils/exec:go_default_library",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
+            "//pkg/kubelet/container:go_default_library",
+            "//pkg/kubelet/network:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
+            "//pkg/kubelet/container:go_default_library",
+            "//pkg/kubelet/network:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
+            "//pkg/kubelet/container:go_default_library",
+            "//pkg/kubelet/network:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
+            "//pkg/kubelet/container:go_default_library",
+            "//pkg/kubelet/network:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
+            "//pkg/kubelet/container:go_default_library",
+            "//pkg/kubelet/network:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
+            "//pkg/kubelet/container:go_default_library",
+            "//pkg/kubelet/network:go_default_library",
+        ],
         "//conditions:default": [],
     }),
 )
@@ -49,15 +127,14 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "kubenet_linux_test.go",
         ],
         "//conditions:default": [],
     }),
-    importpath = "k8s.io/kubernetes/pkg/kubelet/network/kubenet",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//pkg/kubelet/apis/kubeletconfig:go_default_library",
             "//pkg/kubelet/container:go_default_library",
             "//pkg/kubelet/network:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/network/kubenet/kubenet_linux.go b/vendor/k8s.io/kubernetes/pkg/kubelet/network/kubenet/kubenet_linux.go
index 8551946d4958..9fc7e3b279f3 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/network/kubenet/kubenet_linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/network/kubenet/kubenet_linux.go
@@ -334,20 +334,18 @@ func (plugin *kubenetNetworkPlugin) setup(namespace string, name string, id kube
 
 	// Put the container bridge into promiscuous mode to force it to accept hairpin packets.
 	// TODO: Remove this once the kernel bug (#20096) is fixed.
-	// TODO: check and set promiscuous mode with netlink once vishvananda/netlink supports it
 	if plugin.hairpinMode == kubeletconfig.PromiscuousBridge {
-		output, err := plugin.execer.Command("ip", "link", "show", "dev", BridgeName).CombinedOutput()
-		if err != nil || strings.Index(string(output), "PROMISC") < 0 {
-			_, err := plugin.execer.Command("ip", "link", "set", BridgeName, "promisc", "on").CombinedOutput()
-			if err != nil {
-				return fmt.Errorf("Error setting promiscuous mode on %s: %v", BridgeName, err)
-			}
-		}
-
 		link, err := netlink.LinkByName(BridgeName)
 		if err != nil {
 			return fmt.Errorf("failed to lookup %q: %v", BridgeName, err)
 		}
+		if link.Attrs().Promisc != 1 {
+			// promiscuous mode is not on, then turn it on.
+			err := netlink.SetPromiscOn(link)
+			if err != nil {
+				return fmt.Errorf("Error setting promiscuous mode on %s: %v", BridgeName, err)
+			}
+		}
 
 		// configure the ebtables rules to eliminate duplicate packets by best effort
 		plugin.syncEbtablesDedupRules(link.Attrs().HardwareAddr)
@@ -572,7 +570,7 @@ func (plugin *kubenetNetworkPlugin) Status() error {
 	return nil
 }
 
-// checkCNIPlugin returns if all kubenet required cni plugins can be found at /opt/cni/bin or user specifed NetworkPluginDir.
+// checkCNIPlugin returns if all kubenet required cni plugins can be found at /opt/cni/bin or user specified NetworkPluginDir.
 func (plugin *kubenetNetworkPlugin) checkCNIPlugin() bool {
 	if plugin.checkCNIPluginInDir(DefaultCNIDir) || plugin.checkCNIPluginInDir(plugin.vendorDir) {
 		return true
@@ -767,7 +765,10 @@ func (plugin *kubenetNetworkPlugin) delContainerFromNetwork(config *libcni.Netwo
 	}
 
 	glog.V(3).Infof("Removing %s/%s from '%s' with CNI '%s' plugin and runtime: %+v", namespace, name, config.Network.Name, config.Network.Type, rt)
-	if err := plugin.cniConfig.DelNetwork(config, rt); err != nil {
+	err = plugin.cniConfig.DelNetwork(config, rt)
+	// The pod may not get deleted successfully at the first time.
+	// Ignore "no such file or directory" error in case the network has already been deleted in previous attempts.
+	if err != nil && !strings.Contains(err.Error(), "no such file or directory") {
 		return fmt.Errorf("Error removing container from network: %v", err)
 	}
 	return nil
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/pleg/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/pleg/BUILD
index 122fd02436d9..7138d64ba3d9 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/pleg/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/pleg/BUILD
@@ -15,7 +15,7 @@ go_library(
     ],
     importpath = "k8s.io/kubernetes/pkg/kubelet/pleg",
     deps = [
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//pkg/kubelet/container:go_default_library",
         "//pkg/kubelet/metrics:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
@@ -29,8 +29,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["generic_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/pleg",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/container:go_default_library",
         "//pkg/kubelet/container/testing:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/pleg/generic.go b/vendor/k8s.io/kubernetes/pkg/kubelet/pleg/generic.go
index b873efb005b9..d9286c96c629 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/pleg/generic.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/pleg/generic.go
@@ -26,7 +26,7 @@ import (
 	"k8s.io/apimachinery/pkg/util/clock"
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/apimachinery/pkg/util/wait"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/kubelet/metrics"
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/pod/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/pod/BUILD
index 2287b7cf9e9f..bba1a722c306 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/pod/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/pod/BUILD
@@ -34,8 +34,7 @@ go_test(
         "mirror_client_test.go",
         "pod_manager_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/pod",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/configmap:go_default_library",
         "//pkg/kubelet/container:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/preemption/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/preemption/BUILD
index 736a457de10a..a71817932672 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/preemption/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/preemption/BUILD
@@ -19,8 +19,8 @@ go_library(
         "//pkg/kubelet/lifecycle:go_default_library",
         "//pkg/kubelet/types:go_default_library",
         "//pkg/kubelet/util/format:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/predicates:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
+        "//pkg/scheduler/algorithm/predicates:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
@@ -44,8 +44,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["preemption_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/preemption",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/kubelet/types:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/preemption/preemption.go b/vendor/k8s.io/kubernetes/pkg/kubelet/preemption/preemption.go
index 1f9214b83063..96d829e4f8c7 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/preemption/preemption.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/preemption/preemption.go
@@ -32,8 +32,8 @@ import (
 	"k8s.io/kubernetes/pkg/kubelet/lifecycle"
 	kubetypes "k8s.io/kubernetes/pkg/kubelet/types"
 	"k8s.io/kubernetes/pkg/kubelet/util/format"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm/predicates"
 )
 
 const message = "Preempted in order to admit critical pod"
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/prober/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/prober/BUILD
index ef21ca9173f8..e208ff07b4a8 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/prober/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/prober/BUILD
@@ -45,8 +45,7 @@ go_test(
         "prober_test.go",
         "worker_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/prober",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/container:go_default_library",
         "//pkg/kubelet/container/testing:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/prober/results/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/prober/results/BUILD
index 2e73fb74483a..ca3c9045f22c 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/prober/results/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/prober/results/BUILD
@@ -20,8 +20,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["results_manager_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/prober/results",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/container:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/prober/results/results_manager.go b/vendor/k8s.io/kubernetes/pkg/kubelet/prober/results/results_manager.go
index 03261e353d28..2b01be7ba2f5 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/prober/results/results_manager.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/prober/results/results_manager.go
@@ -77,7 +77,7 @@ type manager struct {
 
 var _ Manager = &manager{}
 
-// NewManager creates ane returns an empty results manager.
+// NewManager creates and returns an empty results manager.
 func NewManager() Manager {
 	return &manager{
 		cache:   make(map[kubecontainer.ContainerID]Result),
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/qos/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/qos/BUILD
index 6160d7b41378..97b797de248e 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/qos/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/qos/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["policy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/qos",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/remote/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/remote/BUILD
index cee27f87387d..6f3112676d5d 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/remote/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/remote/BUILD
@@ -17,7 +17,7 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/kubelet/remote",
     deps = [
         "//pkg/kubelet/apis/cri:go_default_library",
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//pkg/kubelet/util:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/golang.org/x/net/context:go_default_library",
@@ -45,13 +45,13 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["remote_runtime_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/remote",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     tags = ["automanaged"],
     deps = [
         "//pkg/kubelet/apis/cri:go_default_library",
         "//pkg/kubelet/apis/cri/testing:go_default_library",
         "//pkg/kubelet/remote/fake:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
+        "//vendor/github.com/stretchr/testify/require:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/remote/remote_image.go b/vendor/k8s.io/kubernetes/pkg/kubelet/remote/remote_image.go
index d685f07ace81..21bcaea63b16 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/remote/remote_image.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/remote/remote_image.go
@@ -25,7 +25,7 @@ import (
 	"google.golang.org/grpc"
 
 	internalapi "k8s.io/kubernetes/pkg/kubelet/apis/cri"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/kubelet/util"
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/remote/remote_runtime.go b/vendor/k8s.io/kubernetes/pkg/kubelet/remote/remote_runtime.go
index 3560e3c9b297..9860d735655f 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/remote/remote_runtime.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/remote/remote_runtime.go
@@ -27,7 +27,7 @@ import (
 	"google.golang.org/grpc"
 
 	internalapi "k8s.io/kubernetes/pkg/kubelet/apis/cri"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/kubelet/util"
 	utilexec "k8s.io/utils/exec"
 )
@@ -476,3 +476,15 @@ func (r *RemoteRuntimeService) ListContainerStats(filter *runtimeapi.ContainerSt
 
 	return resp.GetStats(), nil
 }
+
+func (r *RemoteRuntimeService) ReopenContainerLog(containerID string) error {
+	ctx, cancel := getContextWithTimeout(r.timeout)
+	defer cancel()
+
+	_, err := r.runtimeClient.ReopenContainerLog(ctx, &runtimeapi.ReopenContainerLogRequest{ContainerId: containerID})
+	if err != nil {
+		glog.Errorf("ReopenContainerLog %q from runtime service failed: %v", containerID, err)
+		return err
+	}
+	return nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/remote/utils.go b/vendor/k8s.io/kubernetes/pkg/kubelet/remote/utils.go
index 47a37fd09aee..bd86492ac332 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/remote/utils.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/remote/utils.go
@@ -22,7 +22,7 @@ import (
 
 	"golang.org/x/net/context"
 
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 )
 
 // getContextWithTimeout returns a context with timeout.
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/rkt/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/rkt/BUILD
index 3b687934fd32..83c07f979b1a 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/rkt/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/rkt/BUILD
@@ -22,6 +22,7 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/kubelet/rkt",
     deps = [
         "//pkg/credentialprovider:go_default_library",
+        "//pkg/credentialprovider/secrets:go_default_library",
         "//pkg/kubelet/container:go_default_library",
         "//pkg/kubelet/events:go_default_library",
         "//pkg/kubelet/images:go_default_library",
@@ -66,8 +67,7 @@ go_test(
         "fake_rkt_interface_test.go",
         "rkt_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/rkt",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/container:go_default_library",
         "//pkg/kubelet/container/testing:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/rkt/image.go b/vendor/k8s.io/kubernetes/pkg/kubelet/rkt/image.go
index 225604c6129d..180dcfa51a36 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/rkt/image.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/rkt/image.go
@@ -35,6 +35,7 @@ import (
 	"golang.org/x/net/context"
 	"k8s.io/api/core/v1"
 	"k8s.io/kubernetes/pkg/credentialprovider"
+	credentialprovidersecrets "k8s.io/kubernetes/pkg/credentialprovider/secrets"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/util/parsers"
 )
@@ -54,7 +55,7 @@ func (r *Runtime) PullImage(image kubecontainer.ImageSpec, pullSecrets []v1.Secr
 		return "", err
 	}
 
-	keyring, err := credentialprovider.MakeDockerKeyring(pullSecrets, r.dockerKeyring)
+	keyring, err := credentialprovidersecrets.MakeDockerKeyring(pullSecrets, r.dockerKeyring)
 	if err != nil {
 		return "", err
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/secret/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/secret/BUILD
index 26a879d8fa67..1fdb5850c271 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/secret/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/secret/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["secret_manager_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/secret",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/server/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/server/BUILD
index 7584f70d5228..a310a7d5f80d 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/server/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/server/BUILD
@@ -56,8 +56,7 @@ go_test(
         "server_test.go",
         "server_websocket_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/server",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/install:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/server/portforward/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/server/portforward/BUILD
index 190ff72197f5..1b2a5837bb0c 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/server/portforward/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/server/portforward/BUILD
@@ -33,8 +33,7 @@ go_test(
         "httpstream_test.go",
         "websocket_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/server/portforward",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/httpstream:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/server/portforward/websocket.go b/vendor/k8s.io/kubernetes/pkg/kubelet/server/portforward/websocket.go
index b445c922f609..8bd6eb709803 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/server/portforward/websocket.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/server/portforward/websocket.go
@@ -45,7 +45,7 @@ const (
 
 // options contains details about which streams are required for
 // port forwarding.
-// All fields incldued in V4Options need to be expressed explicilty in the
+// All fields included in V4Options need to be expressed explicitly in the
 // CRI (pkg/kubelet/apis/cri/{version}/api.proto) PortForwardRequest.
 type V4Options struct {
 	Ports []int32
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/server/remotecommand/httpstream.go b/vendor/k8s.io/kubernetes/pkg/kubelet/server/remotecommand/httpstream.go
index 74f0595cf7e7..387ad3d5a76e 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/server/remotecommand/httpstream.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/server/remotecommand/httpstream.go
@@ -156,7 +156,7 @@ func createHttpStreamStreams(req *http.Request, w http.ResponseWriter, opts *Opt
 	case remotecommandconsts.StreamProtocolV2Name:
 		handler = &v2ProtocolHandler{}
 	case "":
-		glog.V(4).Infof("Client did not request protocol negotiaion. Falling back to %q", remotecommandconsts.StreamProtocolV1Name)
+		glog.V(4).Infof("Client did not request protocol negotiation. Falling back to %q", remotecommandconsts.StreamProtocolV1Name)
 		fallthrough
 	case remotecommandconsts.StreamProtocolV1Name:
 		handler = &v1ProtocolHandler{}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/server/stats/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/server/stats/BUILD
index 00140b342bf3..16a3791a88e8 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/server/stats/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/server/stats/BUILD
@@ -16,7 +16,6 @@ go_library(
         "//pkg/kubelet/apis/stats/v1alpha1:go_default_library",
         "//pkg/kubelet/cm:go_default_library",
         "//pkg/kubelet/container:go_default_library",
-        "//pkg/kubelet/metrics:go_default_library",
         "//pkg/kubelet/util/format:go_default_library",
         "//pkg/volume:go_default_library",
         "//vendor/github.com/emicklei/go-restful:go_default_library",
@@ -35,8 +34,7 @@ go_test(
         "summary_test.go",
         "volume_stat_calculator_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/server/stats",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/apis/stats/v1alpha1:go_default_library",
         "//pkg/kubelet/cm:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/server/stats/handler.go b/vendor/k8s.io/kubernetes/pkg/kubelet/server/stats/handler.go
index 969b25f3de12..ba2033c953db 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/server/stats/handler.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/server/stats/handler.go
@@ -50,7 +50,7 @@ type StatsProvider interface {
 	//
 	// GetCgroupStats returns the stats and the networking usage of the cgroup
 	// with the specified cgroupName.
-	GetCgroupStats(cgroupName string) (*statsapi.ContainerStats, *statsapi.NetworkStats, error)
+	GetCgroupStats(cgroupName string, updateStats bool) (*statsapi.ContainerStats, *statsapi.NetworkStats, error)
 	// RootFsStats returns the stats of the node root filesystem.
 	RootFsStats() (*statsapi.FsStats, error)
 
@@ -78,6 +78,12 @@ type StatsProvider interface {
 	ListVolumesForPod(podUID types.UID) (map[string]volume.Volume, bool)
 	// GetPods returns the specs of all the pods running on this node.
 	GetPods() []*v1.Pod
+
+	// RlimitStats returns the rlimit stats of system.
+	RlimitStats() (*statsapi.RlimitStats, error)
+
+	// GetPodCgroupRoot returns the literal cgroupfs value for the cgroup containing all pods
+	GetPodCgroupRoot() string
 }
 
 type handler struct {
@@ -183,7 +189,9 @@ func (h *handler) handleStats(request *restful.Request, response *restful.Respon
 
 // Handles stats summary requests to /stats/summary
 func (h *handler) handleSummary(request *restful.Request, response *restful.Response) {
-	summary, err := h.summaryProvider.Get()
+	// external calls to the summary API use cached stats
+	forceStatsUpdate := false
+	summary, err := h.summaryProvider.Get(forceStatsUpdate)
 	if err != nil {
 		handleError(response, "/stats/summary", err)
 	} else {
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/server/stats/summary.go b/vendor/k8s.io/kubernetes/pkg/kubelet/server/stats/summary.go
index 3e59d7724758..0fff691f1222 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/server/stats/summary.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/server/stats/summary.go
@@ -25,7 +25,9 @@ import (
 )
 
 type SummaryProvider interface {
-	Get() (*statsapi.Summary, error)
+	// Get provides a new Summary with the stats from Kubelet,
+	// and will update some stats if updateStats is true
+	Get(updateStats bool) (*statsapi.Summary, error)
 }
 
 // summaryProviderImpl implements the SummaryProvider interface.
@@ -41,8 +43,7 @@ func NewSummaryProvider(statsProvider StatsProvider) SummaryProvider {
 	return &summaryProviderImpl{statsProvider}
 }
 
-// Get provides a new Summary with the stats from Kubelet.
-func (sp *summaryProviderImpl) Get() (*statsapi.Summary, error) {
+func (sp *summaryProviderImpl) Get(updateStats bool) (*statsapi.Summary, error) {
 	// TODO(timstclair): Consider returning a best-effort response if any of
 	// the following errors occur.
 	node, err := sp.provider.GetNode()
@@ -50,7 +51,7 @@ func (sp *summaryProviderImpl) Get() (*statsapi.Summary, error) {
 		return nil, fmt.Errorf("failed to get node info: %v", err)
 	}
 	nodeConfig := sp.provider.GetNodeConfig()
-	rootStats, networkStats, err := sp.provider.GetCgroupStats("/")
+	rootStats, networkStats, err := sp.provider.GetCgroupStats("/", updateStats)
 	if err != nil {
 		return nil, fmt.Errorf("failed to get root cgroup stats: %v", err)
 	}
@@ -66,6 +67,10 @@ func (sp *summaryProviderImpl) Get() (*statsapi.Summary, error) {
 	if err != nil {
 		return nil, fmt.Errorf("failed to list pod stats: %v", err)
 	}
+	rlimit, err := sp.provider.RlimitStats()
+	if err != nil {
+		return nil, fmt.Errorf("failed to get rlimit stats: %v", err)
+	}
 
 	nodeStats := statsapi.NodeStats{
 		NodeName:  node.Name,
@@ -75,21 +80,26 @@ func (sp *summaryProviderImpl) Get() (*statsapi.Summary, error) {
 		StartTime: rootStats.StartTime,
 		Fs:        rootFsStats,
 		Runtime:   &statsapi.RuntimeStats{ImageFs: imageFsStats},
+		Rlimit:    rlimit,
 	}
 
-	systemContainers := map[string]string{
-		statsapi.SystemContainerKubelet: nodeConfig.KubeletCgroupsName,
-		statsapi.SystemContainerRuntime: nodeConfig.RuntimeCgroupsName,
-		statsapi.SystemContainerMisc:    nodeConfig.SystemCgroupsName,
+	systemContainers := map[string]struct {
+		name             string
+		forceStatsUpdate bool
+	}{
+		statsapi.SystemContainerKubelet: {nodeConfig.KubeletCgroupsName, false},
+		statsapi.SystemContainerRuntime: {nodeConfig.RuntimeCgroupsName, false},
+		statsapi.SystemContainerMisc:    {nodeConfig.SystemCgroupsName, false},
+		statsapi.SystemContainerPods:    {sp.provider.GetPodCgroupRoot(), updateStats},
 	}
-	for sys, name := range systemContainers {
+	for sys, cont := range systemContainers {
 		// skip if cgroup name is undefined (not all system containers are required)
-		if name == "" {
+		if cont.name == "" {
 			continue
 		}
-		s, _, err := sp.provider.GetCgroupStats(name)
+		s, _, err := sp.provider.GetCgroupStats(cont.name, cont.forceStatsUpdate)
 		if err != nil {
-			glog.Errorf("Failed to get system container stats for %q: %v", name, err)
+			glog.Errorf("Failed to get system container stats for %q: %v", cont.name, err)
 			continue
 		}
 		// System containers don't have a filesystem associated with them.
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/server/stats/volume_stat_calculator.go b/vendor/k8s.io/kubernetes/pkg/kubelet/server/stats/volume_stat_calculator.go
index 87355870cc4d..2c535f56241a 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/server/stats/volume_stat_calculator.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/server/stats/volume_stat_calculator.go
@@ -24,7 +24,6 @@ import (
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/util/wait"
 	stats "k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1"
-	"k8s.io/kubernetes/pkg/kubelet/metrics"
 	"k8s.io/kubernetes/pkg/kubelet/util/format"
 	"k8s.io/kubernetes/pkg/volume"
 
@@ -122,8 +121,6 @@ func (s *volumeStatCalculator) calcAndStoreStats() {
 				Name:      pvcSource.ClaimName,
 				Namespace: s.pod.GetNamespace(),
 			}
-			// Set the PVC's prometheus metrics
-			s.setPVCMetrics(pvcRef, metric)
 		}
 		volumeStats := s.parsePodVolumeStats(name, pvcRef, metric, volSpec)
 		if isVolumeEphemeral(volSpec) {
@@ -163,13 +160,3 @@ func isVolumeEphemeral(volume v1.Volume) bool {
 	}
 	return false
 }
-
-// setPVCMetrics sets the given PVC's prometheus metrics to match the given volume.Metrics
-func (s *volumeStatCalculator) setPVCMetrics(pvcRef *stats.PVCReference, metric *volume.Metrics) {
-	metrics.VolumeStatsAvailableBytes.WithLabelValues(pvcRef.Namespace, pvcRef.Name).Set(float64(metric.Available.Value()))
-	metrics.VolumeStatsCapacityBytes.WithLabelValues(pvcRef.Namespace, pvcRef.Name).Set(float64(metric.Capacity.Value()))
-	metrics.VolumeStatsUsedBytes.WithLabelValues(pvcRef.Namespace, pvcRef.Name).Set(float64(metric.Used.Value()))
-	metrics.VolumeStatsInodes.WithLabelValues(pvcRef.Namespace, pvcRef.Name).Set(float64(metric.Inodes.Value()))
-	metrics.VolumeStatsInodesFree.WithLabelValues(pvcRef.Namespace, pvcRef.Name).Set(float64(metric.InodesFree.Value()))
-	metrics.VolumeStatsInodesUsed.WithLabelValues(pvcRef.Namespace, pvcRef.Name).Set(float64(metric.InodesUsed.Value()))
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/server/streaming/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/server/streaming/BUILD
index 70fe31d096a3..64e1760226f3 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/server/streaming/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/server/streaming/BUILD
@@ -15,7 +15,7 @@ go_library(
     ],
     importpath = "k8s.io/kubernetes/pkg/kubelet/server/streaming",
     deps = [
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//pkg/kubelet/server/portforward:go_default_library",
         "//pkg/kubelet/server/remotecommand:go_default_library",
         "//vendor/github.com/emicklei/go-restful:go_default_library",
@@ -34,11 +34,10 @@ go_test(
         "request_cache_test.go",
         "server_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/server/streaming",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//pkg/kubelet/server/portforward:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/github.com/stretchr/testify/require:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/server/streaming/server.go b/vendor/k8s.io/kubernetes/pkg/kubelet/server/streaming/server.go
index ba9f12ff1037..64bd52f3355e 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/server/streaming/server.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/server/streaming/server.go
@@ -33,7 +33,7 @@ import (
 	"k8s.io/apimachinery/pkg/types"
 	remotecommandconsts "k8s.io/apimachinery/pkg/util/remotecommand"
 	"k8s.io/client-go/tools/remotecommand"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/kubelet/server/portforward"
 	remotecommandserver "k8s.io/kubernetes/pkg/kubelet/server/remotecommand"
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/stats/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/stats/BUILD
index 07732d9ad092..8bbca05b29eb 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/stats/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/stats/BUILD
@@ -6,22 +6,60 @@ go_library(
         "cadvisor_stats_provider.go",
         "cri_stats_provider.go",
         "helper.go",
+        "log_metrics_provider.go",
         "stats_provider.go",
-    ],
+    ] + select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "stats_provider_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "stats_provider_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "stats_provider_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "stats_provider_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "stats_provider_linux.go",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "stats_provider_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "stats_provider_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "stats_provider_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "stats_provider_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "stats_provider_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "stats_provider_unsupported.go",
+        ],
+        "//conditions:default": [],
+    }),
     importpath = "k8s.io/kubernetes/pkg/kubelet/stats",
     visibility = ["//visibility:public"],
     deps = [
         "//pkg/kubelet/apis/cri:go_default_library",
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//pkg/kubelet/apis/stats/v1alpha1:go_default_library",
         "//pkg/kubelet/cadvisor:go_default_library",
         "//pkg/kubelet/cm:go_default_library",
         "//pkg/kubelet/container:go_default_library",
+        "//pkg/kubelet/kuberuntime:go_default_library",
         "//pkg/kubelet/leaky:go_default_library",
         "//pkg/kubelet/network:go_default_library",
         "//pkg/kubelet/pod:go_default_library",
         "//pkg/kubelet/server/stats:go_default_library",
         "//pkg/kubelet/types:go_default_library",
+        "//pkg/volume:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/golang/protobuf/proto:go_default_library",
         "//vendor/github.com/google/cadvisor/fs:go_default_library",
@@ -52,27 +90,31 @@ go_test(
         "cadvisor_stats_provider_test.go",
         "cri_stats_provider_test.go",
         "helper_test.go",
+        "log_metrics_provider_test.go",
         "stats_provider_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/stats",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
+        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
         "//pkg/kubelet/apis/cri/testing:go_default_library",
-        "//pkg/kubelet/apis/cri/v1alpha1/runtime:go_default_library",
         "//pkg/kubelet/apis/stats/v1alpha1:go_default_library",
         "//pkg/kubelet/cadvisor/testing:go_default_library",
+        "//pkg/kubelet/cm:go_default_library",
         "//pkg/kubelet/container:go_default_library",
         "//pkg/kubelet/container/testing:go_default_library",
+        "//pkg/kubelet/kuberuntime:go_default_library",
         "//pkg/kubelet/leaky:go_default_library",
         "//pkg/kubelet/pod/testing:go_default_library",
         "//pkg/kubelet/server/stats:go_default_library",
         "//pkg/kubelet/types:go_default_library",
+        "//pkg/volume:go_default_library",
         "//vendor/github.com/google/cadvisor/fs:go_default_library",
         "//vendor/github.com/google/cadvisor/info/v1:go_default_library",
         "//vendor/github.com/google/cadvisor/info/v2:go_default_library",
         "//vendor/github.com/google/gofuzz:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/github.com/stretchr/testify/require:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
     ],
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/stats/cadvisor_stats_provider.go b/vendor/k8s.io/kubernetes/pkg/kubelet/stats/cadvisor_stats_provider.go
index 17a10df2f6af..67da08d408d4 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/stats/cadvisor_stats_provider.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/stats/cadvisor_stats_provider.go
@@ -133,7 +133,7 @@ func (p *cadvisorStatsProvider) ListPodStats() ([]statsapi.PodStats, error) {
 		}
 		podStats.EphemeralStorage = calcEphemeralStorage(podStats.Containers, ephemeralStats, &rootFsInfo)
 		// Lookup the pod-level cgroup's CPU and memory stats
-		podInfo := getcadvisorPodInfoFromPodUID(podUID, allInfos)
+		podInfo := getCadvisorPodInfoFromPodUID(podUID, allInfos)
 		if podInfo != nil {
 			cpu, memory := cadvisorInfoToCPUandMemoryStats(podInfo)
 			podStats.CPU = cpu
@@ -220,6 +220,16 @@ func (p *cadvisorStatsProvider) ImageFsStats() (*statsapi.FsStats, error) {
 	}, nil
 }
 
+// ImageFsDevice returns name of the device where the image filesystem locates,
+// e.g. /dev/sda1.
+func (p *cadvisorStatsProvider) ImageFsDevice() (string, error) {
+	imageFsInfo, err := p.cadvisor.ImagesFsInfo()
+	if err != nil {
+		return "", err
+	}
+	return imageFsInfo.Device, nil
+}
+
 // buildPodRef returns a PodReference that identifies the Pod managing cinfo
 func buildPodRef(containerLabels map[string]string) statsapi.PodReference {
 	podName := kubetypes.GetPodName(containerLabels)
@@ -241,8 +251,8 @@ func isPodManagedContainer(cinfo *cadvisorapiv2.ContainerInfo) bool {
 	return managed
 }
 
-// getcadvisorPodInfoFromPodUID returns a pod cgroup information by matching the podUID with its CgroupName identifier base name
-func getcadvisorPodInfoFromPodUID(podUID types.UID, infos map[string]cadvisorapiv2.ContainerInfo) *cadvisorapiv2.ContainerInfo {
+// getCadvisorPodInfoFromPodUID returns a pod cgroup information by matching the podUID with its CgroupName identifier base name
+func getCadvisorPodInfoFromPodUID(podUID types.UID, infos map[string]cadvisorapiv2.ContainerInfo) *cadvisorapiv2.ContainerInfo {
 	for key, info := range infos {
 		if cm.IsSystemdStyleName(key) {
 			key = cm.RevertFromSystemdToCgroupStyleName(key)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/stats/cri_stats_provider.go b/vendor/k8s.io/kubernetes/pkg/kubelet/stats/cri_stats_provider.go
index 5934c2962bfd..1ed2e300efd0 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/stats/cri_stats_provider.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/stats/cri_stats_provider.go
@@ -17,6 +17,7 @@ limitations under the License.
 package stats
 
 import (
+	"errors"
 	"fmt"
 	"path"
 	"sort"
@@ -31,9 +32,10 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	internalapi "k8s.io/kubernetes/pkg/kubelet/apis/cri"
-	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
+	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	statsapi "k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1"
 	"k8s.io/kubernetes/pkg/kubelet/cadvisor"
+	"k8s.io/kubernetes/pkg/kubelet/kuberuntime"
 	"k8s.io/kubernetes/pkg/kubelet/server/stats"
 	kubetypes "k8s.io/kubernetes/pkg/kubelet/types"
 )
@@ -52,6 +54,8 @@ type criStatsProvider struct {
 	runtimeService internalapi.RuntimeService
 	// imageService is used to get the stats of the image filesystem.
 	imageService internalapi.ImageManagerService
+	// logMetrics provides the metrics for container logs
+	logMetricsService LogMetricsService
 }
 
 // newCRIStatsProvider returns a containerStatsProvider implementation that
@@ -61,12 +65,14 @@ func newCRIStatsProvider(
 	resourceAnalyzer stats.ResourceAnalyzer,
 	runtimeService internalapi.RuntimeService,
 	imageService internalapi.ImageManagerService,
+	logMetricsService LogMetricsService,
 ) containerStatsProvider {
 	return &criStatsProvider{
-		cadvisor:         cadvisor,
-		resourceAnalyzer: resourceAnalyzer,
-		runtimeService:   runtimeService,
-		imageService:     imageService,
+		cadvisor:          cadvisor,
+		resourceAnalyzer:  resourceAnalyzer,
+		runtimeService:    runtimeService,
+		imageService:      imageService,
+		logMetricsService: logMetricsService,
 	}
 }
 
@@ -93,11 +99,10 @@ func (p *criStatsProvider) ListPodStats() ([]statsapi.PodStats, error) {
 	for _, s := range podSandboxes {
 		podSandboxMap[s.Id] = s
 	}
-
-	// uuidToFsInfo is a map from filesystem UUID to its stats. This will be
-	// used as a cache to avoid querying cAdvisor for the filesystem stats with
-	// the same UUID many times.
-	uuidToFsInfo := make(map[runtimeapi.StorageIdentifier]*cadvisorapiv2.FsInfo)
+	// fsIDtoInfo is a map from filesystem id to its stats. This will be used
+	// as a cache to avoid querying cAdvisor for the filesystem stats with the
+	// same filesystem id many times.
+	fsIDtoInfo := make(map[runtimeapi.FilesystemIdentifier]*cadvisorapiv2.FsInfo)
 
 	// sandboxIDToPodStats is a temporary map from sandbox ID to its pod stats.
 	sandboxIDToPodStats := make(map[string]*statsapi.PodStats)
@@ -114,23 +119,22 @@ func (p *criStatsProvider) ListPodStats() ([]statsapi.PodStats, error) {
 		containerMap[c.Id] = c
 	}
 
-	caInfos, err := getCRICadvisorStats(p.cadvisor)
+	allInfos, err := getCadvisorContainerInfo(p.cadvisor)
 	if err != nil {
-		return nil, fmt.Errorf("failed to get container info from cadvisor: %v", err)
+		return nil, fmt.Errorf("failed to fetch cadvisor stats: %v", err)
 	}
+	caInfos := getCRICadvisorStats(allInfos)
 
 	for _, stats := range resp {
 		containerID := stats.Attributes.Id
 		container, found := containerMap[containerID]
 		if !found {
-			glog.Errorf("Unknown id %q in container map.", containerID)
 			continue
 		}
 
 		podSandboxID := container.PodSandboxId
 		podSandbox, found := podSandboxMap[podSandboxID]
 		if !found {
-			glog.Errorf("Unknown id %q in pod sandbox map.", podSandboxID)
 			continue
 		}
 
@@ -140,20 +144,16 @@ func (p *criStatsProvider) ListPodStats() ([]statsapi.PodStats, error) {
 		if !found {
 			ps = buildPodStats(podSandbox)
 			// Fill stats from cadvisor is available for full set of required pod stats
-			caPodSandbox, found := caInfos[podSandboxID]
-			if !found {
-				glog.V(4).Info("Unable to find cadvisor stats for sandbox %q", podSandboxID)
-			} else {
-				p.addCadvisorPodStats(ps, &caPodSandbox)
-			}
+			p.addCadvisorPodNetworkStats(ps, podSandboxID, caInfos)
+			p.addCadvisorPodCPUMemoryStats(ps, types.UID(podSandbox.Metadata.Uid), allInfos)
 			sandboxIDToPodStats[podSandboxID] = ps
 		}
-		cs := p.makeContainerStats(stats, container, &rootFsInfo, uuidToFsInfo)
+		cs := p.makeContainerStats(stats, container, &rootFsInfo, fsIDtoInfo, podSandbox.GetMetadata().GetUid())
 		// If cadvisor stats is available for the container, use it to populate
 		// container stats
 		caStats, caFound := caInfos[containerID]
 		if !caFound {
-			glog.V(4).Info("Unable to find cadvisor stats for %q", containerID)
+			glog.V(4).Infof("Unable to find cadvisor stats for %q", containerID)
 		} else {
 			p.addCadvisorContainerStats(cs, &caStats)
 		}
@@ -185,11 +185,11 @@ func (p *criStatsProvider) ImageFsStats() (*statsapi.FsStats, error) {
 			UsedBytes:  &fs.UsedBytes.Value,
 			InodesUsed: &fs.InodesUsed.Value,
 		}
-		imageFsInfo := p.getFsInfo(fs.StorageId)
+		imageFsInfo := p.getFsInfo(fs.GetFsId())
 		if imageFsInfo != nil {
-			// The image filesystem UUID is unknown to the local node or
-			// there's an error on retrieving the stats. In these cases, we
-			// omit those stats and return the best-effort partial result. See
+			// The image filesystem id is unknown to the local node or there's
+			// an error on retrieving the stats. In these cases, we omit those
+			// stats and return the best-effort partial result. See
 			// https://github.com/kubernetes/heapster/issues/1793.
 			s.AvailableBytes = &imageFsInfo.Available
 			s.CapacityBytes = &imageFsInfo.Capacity
@@ -202,17 +202,34 @@ func (p *criStatsProvider) ImageFsStats() (*statsapi.FsStats, error) {
 	return nil, fmt.Errorf("imageFs information is unavailable")
 }
 
+// ImageFsDevice returns name of the device where the image filesystem locates,
+// e.g. /dev/sda1.
+func (p *criStatsProvider) ImageFsDevice() (string, error) {
+	resp, err := p.imageService.ImageFsInfo()
+	if err != nil {
+		return "", err
+	}
+	for _, fs := range resp {
+		fsInfo := p.getFsInfo(fs.GetFsId())
+		if fsInfo != nil {
+			return fsInfo.Device, nil
+		}
+	}
+	return "", errors.New("imagefs device is not found")
+}
+
 // getFsInfo returns the information of the filesystem with the specified
-// storageID. If any error occurs, this function logs the error and returns
+// fsID. If any error occurs, this function logs the error and returns
 // nil.
-func (p *criStatsProvider) getFsInfo(storageID *runtimeapi.StorageIdentifier) *cadvisorapiv2.FsInfo {
-	if storageID == nil {
-		glog.V(2).Infof("Failed to get filesystem info: storageID is nil.")
+func (p *criStatsProvider) getFsInfo(fsID *runtimeapi.FilesystemIdentifier) *cadvisorapiv2.FsInfo {
+	if fsID == nil {
+		glog.V(2).Infof("Failed to get filesystem info: fsID is nil.")
 		return nil
 	}
-	fsInfo, err := p.cadvisor.GetFsInfoByFsUUID(storageID.Uuid)
+	mountpoint := fsID.GetMountpoint()
+	fsInfo, err := p.cadvisor.GetDirFsInfo(mountpoint)
 	if err != nil {
-		msg := fmt.Sprintf("Failed to get the info of the filesystem with id %q: %v.", storageID.Uuid, err)
+		msg := fmt.Sprintf("Failed to get the info of the filesystem with mountpoint %q: %v.", mountpoint, err)
 		if err == cadvisorfs.ErrNoSuchDevice {
 			glog.V(2).Info(msg)
 		} else {
@@ -247,18 +264,38 @@ func (p *criStatsProvider) makePodStorageStats(s *statsapi.PodStats, rootFsInfo
 	return s
 }
 
-func (p *criStatsProvider) addCadvisorPodStats(
+func (p *criStatsProvider) addCadvisorPodNetworkStats(
 	ps *statsapi.PodStats,
-	caPodSandbox *cadvisorapiv2.ContainerInfo,
+	podSandboxID string,
+	caInfos map[string]cadvisorapiv2.ContainerInfo,
 ) {
-	ps.Network = cadvisorInfoToNetworkStats(ps.PodRef.Name, caPodSandbox)
+	caPodSandbox, found := caInfos[podSandboxID]
+	if found {
+		ps.Network = cadvisorInfoToNetworkStats(ps.PodRef.Name, &caPodSandbox)
+	} else {
+		glog.V(4).Infof("Unable to find cadvisor stats for sandbox %q", podSandboxID)
+	}
+}
+
+func (p *criStatsProvider) addCadvisorPodCPUMemoryStats(
+	ps *statsapi.PodStats,
+	podUID types.UID,
+	allInfos map[string]cadvisorapiv2.ContainerInfo,
+) {
+	podCgroupInfo := getCadvisorPodInfoFromPodUID(podUID, allInfos)
+	if podCgroupInfo != nil {
+		cpu, memory := cadvisorInfoToCPUandMemoryStats(podCgroupInfo)
+		ps.CPU = cpu
+		ps.Memory = memory
+	}
 }
 
 func (p *criStatsProvider) makeContainerStats(
 	stats *runtimeapi.ContainerStats,
 	container *runtimeapi.Container,
 	rootFsInfo *cadvisorapiv2.FsInfo,
-	uuidToFsInfo map[runtimeapi.StorageIdentifier]*cadvisorapiv2.FsInfo,
+	fsIDtoInfo map[runtimeapi.FilesystemIdentifier]*cadvisorapiv2.FsInfo,
+	uid string,
 ) *statsapi.ContainerStats {
 	result := &statsapi.ContainerStats{
 		Name: stats.Attributes.Metadata.Name,
@@ -273,17 +310,6 @@ func (p *criStatsProvider) makeContainerStats(
 			RSSBytes: proto.Uint64(0),
 		},
 		Rootfs: &statsapi.FsStats{},
-		Logs: &statsapi.FsStats{
-			Time:           metav1.NewTime(rootFsInfo.Timestamp),
-			AvailableBytes: &rootFsInfo.Available,
-			CapacityBytes:  &rootFsInfo.Capacity,
-			InodesFree:     rootFsInfo.InodesFree,
-			Inodes:         rootFsInfo.Inodes,
-			// UsedBytes and InodesUsed are unavailable from CRI stats.
-			//
-			// TODO(yguo0905): Get this information from kubelet and
-			// populate the two fields here.
-		},
 		// UserDefinedMetrics is not supported by CRI.
 	}
 	if stats.Cpu != nil {
@@ -307,16 +333,16 @@ func (p *criStatsProvider) makeContainerStats(
 			result.Rootfs.InodesUsed = &stats.WritableLayer.InodesUsed.Value
 		}
 	}
-	storageID := stats.GetWritableLayer().GetStorageId()
-	if storageID != nil {
-		imageFsInfo, found := uuidToFsInfo[*storageID]
+	fsID := stats.GetWritableLayer().GetFsId()
+	if fsID != nil {
+		imageFsInfo, found := fsIDtoInfo[*fsID]
 		if !found {
-			imageFsInfo = p.getFsInfo(storageID)
-			uuidToFsInfo[*storageID] = imageFsInfo
+			imageFsInfo = p.getFsInfo(fsID)
+			fsIDtoInfo[*fsID] = imageFsInfo
 		}
 		if imageFsInfo != nil {
-			// The image filesystem UUID is unknown to the local node or there's an
-			// error on retrieving the stats. In these cases, we omit those stats
+			// The image filesystem id is unknown to the local node or there's
+			// an error on retrieving the stats. In these cases, we omit those stats
 			// and return the best-effort partial result. See
 			// https://github.com/kubernetes/heapster/issues/1793.
 			result.Rootfs.AvailableBytes = &imageFsInfo.Available
@@ -325,7 +351,8 @@ func (p *criStatsProvider) makeContainerStats(
 			result.Rootfs.Inodes = imageFsInfo.Inodes
 		}
 	}
-
+	containerLogPath := kuberuntime.BuildContainerLogsDirectory(types.UID(uid), container.GetMetadata().GetName())
+	result.Logs = p.getContainerLogStats(containerLogPath, rootFsInfo)
 	return result
 }
 
@@ -382,12 +409,8 @@ func (p *criStatsProvider) addCadvisorContainerStats(
 	}
 }
 
-func getCRICadvisorStats(ca cadvisor.Interface) (map[string]cadvisorapiv2.ContainerInfo, error) {
+func getCRICadvisorStats(infos map[string]cadvisorapiv2.ContainerInfo) map[string]cadvisorapiv2.ContainerInfo {
 	stats := make(map[string]cadvisorapiv2.ContainerInfo)
-	infos, err := getCadvisorContainerInfo(ca)
-	if err != nil {
-		return nil, fmt.Errorf("failed to fetch cadvisor stats: %v", err)
-	}
 	infos = removeTerminatedContainerInfo(infos)
 	for key, info := range infos {
 		// On systemd using devicemapper each mount into the container has an
@@ -403,5 +426,27 @@ func getCRICadvisorStats(ca cadvisor.Interface) (map[string]cadvisorapiv2.Contai
 		}
 		stats[path.Base(key)] = info
 	}
-	return stats, nil
+	return stats
+}
+
+// TODO Cache the metrics in container log manager
+func (p *criStatsProvider) getContainerLogStats(path string, rootFsInfo *cadvisorapiv2.FsInfo) *statsapi.FsStats {
+	m := p.logMetricsService.createLogMetricsProvider(path)
+	logMetrics, err := m.GetMetrics()
+	if err != nil {
+		glog.Errorf("Unable to fetch container log stats for path %s: %v ", path, err)
+		return nil
+	}
+	result := &statsapi.FsStats{
+		Time:           metav1.NewTime(rootFsInfo.Timestamp),
+		AvailableBytes: &rootFsInfo.Available,
+		CapacityBytes:  &rootFsInfo.Capacity,
+		InodesFree:     rootFsInfo.InodesFree,
+		Inodes:         rootFsInfo.Inodes,
+	}
+	usedbytes := uint64(logMetrics.Used.Value())
+	result.UsedBytes = &usedbytes
+	inodesUsed := uint64(logMetrics.InodesUsed.Value())
+	result.InodesUsed = &inodesUsed
+	return result
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/stats/helper.go b/vendor/k8s.io/kubernetes/pkg/kubelet/stats/helper.go
index 6856a8c76da4..cee923722a73 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/stats/helper.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/stats/helper.go
@@ -238,11 +238,17 @@ func isMemoryUnlimited(v uint64) bool {
 
 // getCgroupInfo returns the information of the container with the specified
 // containerName from cadvisor.
-func getCgroupInfo(cadvisor cadvisor.Interface, containerName string) (*cadvisorapiv2.ContainerInfo, error) {
+func getCgroupInfo(cadvisor cadvisor.Interface, containerName string, updateStats bool) (*cadvisorapiv2.ContainerInfo, error) {
+	var maxAge *time.Duration
+	if updateStats {
+		age := 0 * time.Second
+		maxAge = &age
+	}
 	infoMap, err := cadvisor.ContainerInfoV2(containerName, cadvisorapiv2.RequestOptions{
 		IdType:    cadvisorapiv2.TypeName,
 		Count:     2, // 2 samples are needed to compute "instantaneous" CPU
 		Recursive: false,
+		MaxAge:    maxAge,
 	})
 	if err != nil {
 		return nil, fmt.Errorf("failed to get container info for %q: %v", containerName, err)
@@ -256,8 +262,8 @@ func getCgroupInfo(cadvisor cadvisor.Interface, containerName string) (*cadvisor
 
 // getCgroupStats returns the latest stats of the container having the
 // specified containerName from cadvisor.
-func getCgroupStats(cadvisor cadvisor.Interface, containerName string) (*cadvisorapiv2.ContainerStats, error) {
-	info, err := getCgroupInfo(cadvisor, containerName)
+func getCgroupStats(cadvisor cadvisor.Interface, containerName string, updateStats bool) (*cadvisorapiv2.ContainerStats, error) {
+	info, err := getCgroupInfo(cadvisor, containerName, updateStats)
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/stats/log_metrics_provider.go b/vendor/k8s.io/kubernetes/pkg/kubelet/stats/log_metrics_provider.go
new file mode 100644
index 000000000000..1d31c8b59978
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/stats/log_metrics_provider.go
@@ -0,0 +1,35 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package stats
+
+import (
+	"k8s.io/kubernetes/pkg/volume"
+)
+
+type LogMetricsService interface {
+	createLogMetricsProvider(path string) volume.MetricsProvider
+}
+
+type logMetrics struct{}
+
+func NewLogMetricsService() LogMetricsService {
+	return logMetrics{}
+}
+
+func (l logMetrics) createLogMetricsProvider(path string) volume.MetricsProvider {
+	return volume.NewMetricsDu(path)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/stats/stats_provider.go b/vendor/k8s.io/kubernetes/pkg/kubelet/stats/stats_provider.go
index b61a41079402..29a24a1b3c29 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/stats/stats_provider.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/stats/stats_provider.go
@@ -39,8 +39,9 @@ func NewCRIStatsProvider(
 	runtimeCache kubecontainer.RuntimeCache,
 	runtimeService internalapi.RuntimeService,
 	imageService internalapi.ImageManagerService,
+	logMetricsService LogMetricsService,
 ) *StatsProvider {
-	return newStatsProvider(cadvisor, podManager, runtimeCache, newCRIStatsProvider(cadvisor, resourceAnalyzer, runtimeService, imageService))
+	return newStatsProvider(cadvisor, podManager, runtimeCache, newCRIStatsProvider(cadvisor, resourceAnalyzer, runtimeService, imageService, logMetricsService))
 }
 
 // NewCadvisorStatsProvider returns a containerStatsProvider that provides both
@@ -77,6 +78,7 @@ type StatsProvider struct {
 	podManager   kubepod.Manager
 	runtimeCache kubecontainer.RuntimeCache
 	containerStatsProvider
+	rlimitStatsProvider
 }
 
 // containerStatsProvider is an interface that provides the stats of the
@@ -84,12 +86,17 @@ type StatsProvider struct {
 type containerStatsProvider interface {
 	ListPodStats() ([]statsapi.PodStats, error)
 	ImageFsStats() (*statsapi.FsStats, error)
+	ImageFsDevice() (string, error)
+}
+
+type rlimitStatsProvider interface {
+	RlimitStats() (*statsapi.RlimitStats, error)
 }
 
 // GetCgroupStats returns the stats of the cgroup with the cgroupName. Note that
 // this function doesn't generate filesystem stats.
-func (p *StatsProvider) GetCgroupStats(cgroupName string) (*statsapi.ContainerStats, *statsapi.NetworkStats, error) {
-	info, err := getCgroupInfo(p.cadvisor, cgroupName)
+func (p *StatsProvider) GetCgroupStats(cgroupName string, updateStats bool) (*statsapi.ContainerStats, *statsapi.NetworkStats, error) {
+	info, err := getCgroupInfo(p.cadvisor, cgroupName, updateStats)
 	if err != nil {
 		return nil, nil, fmt.Errorf("failed to get cgroup stats for %q: %v", cgroupName, err)
 	}
@@ -113,8 +120,8 @@ func (p *StatsProvider) RootFsStats() (*statsapi.FsStats, error) {
 	}
 
 	// Get the root container stats's timestamp, which will be used as the
-	// imageFs stats timestamp.
-	rootStats, err := getCgroupStats(p.cadvisor, "/")
+	// imageFs stats timestamp.  Dont force a stats update, as we only want the timestamp.
+	rootStats, err := getCgroupStats(p.cadvisor, "/", false)
 	if err != nil {
 		return nil, fmt.Errorf("failed to get root container stats: %v", err)
 	}
@@ -167,3 +174,16 @@ func (p *StatsProvider) GetRawContainerInfo(containerName string, req *cadvisora
 		containerInfo.Name: containerInfo,
 	}, nil
 }
+
+// HasDedicatedImageFs returns true if a dedicated image filesystem exists for storing images.
+func (p *StatsProvider) HasDedicatedImageFs() (bool, error) {
+	device, err := p.containerStatsProvider.ImageFsDevice()
+	if err != nil {
+		return false, err
+	}
+	rootFsInfo, err := p.cadvisor.RootFsInfo()
+	if err != nil {
+		return false, err
+	}
+	return device != rootFsInfo.Device, nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/stats/stats_provider_linux.go b/vendor/k8s.io/kubernetes/pkg/kubelet/stats/stats_provider_linux.go
new file mode 100644
index 000000000000..f36890fc26c1
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/stats/stats_provider_linux.go
@@ -0,0 +1,48 @@
+// +build linux
+
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package stats
+
+import (
+	"io/ioutil"
+	"strconv"
+	"syscall"
+	"time"
+
+	"k8s.io/apimachinery/pkg/apis/meta/v1"
+	statsapi "k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1"
+)
+
+func (p *StatsProvider) RlimitStats() (*statsapi.RlimitStats, error) {
+	rlimit := &statsapi.RlimitStats{}
+
+	if content, err := ioutil.ReadFile("/proc/sys/kernel/pid_max"); err == nil {
+		if maxPid, err := strconv.ParseInt(string(content[:len(content)-1]), 10, 64); err == nil {
+			rlimit.MaxPID = &maxPid
+		}
+	}
+
+	var info syscall.Sysinfo_t
+	syscall.Sysinfo(&info)
+	procs := int64(info.Procs)
+	rlimit.NumOfRunningProcesses = &procs
+
+	rlimit.Time = v1.NewTime(time.Now())
+
+	return rlimit, nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/stats/stats_provider_unsupported.go b/vendor/k8s.io/kubernetes/pkg/kubelet/stats/stats_provider_unsupported.go
new file mode 100644
index 000000000000..a7b00d9db021
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/stats/stats_provider_unsupported.go
@@ -0,0 +1,27 @@
+// +build !linux
+
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package stats
+
+import (
+	statsapi "k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1"
+)
+
+func (p *StatsProvider) RlimitStats() (*statsapi.RlimitStats, error) {
+	return nil, nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/status/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/status/BUILD
index 0483a6a3b6ae..ccc78651f0f4 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/status/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/status/BUILD
@@ -37,8 +37,7 @@ go_test(
         "generate_test.go",
         "status_manager_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/status",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/v1/pod:go_default_library",
         "//pkg/apis/core:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/status/status_manager.go b/vendor/k8s.io/kubernetes/pkg/kubelet/status/status_manager.go
index d9a027d544ec..eaf5b9a0512f 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/status/status_manager.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/status/status_manager.go
@@ -316,26 +316,13 @@ func (m *manager) updateStatusInternal(pod *v1.Pod, status v1.PodStatus, forceUp
 	}
 
 	// Set ReadyCondition.LastTransitionTime.
-	if _, readyCondition := podutil.GetPodCondition(&status, v1.PodReady); readyCondition != nil {
-		// Need to set LastTransitionTime.
-		lastTransitionTime := metav1.Now()
-		_, oldReadyCondition := podutil.GetPodCondition(&oldStatus, v1.PodReady)
-		if oldReadyCondition != nil && readyCondition.Status == oldReadyCondition.Status {
-			lastTransitionTime = oldReadyCondition.LastTransitionTime
-		}
-		readyCondition.LastTransitionTime = lastTransitionTime
-	}
+	updateLastTransitionTime(&status, &oldStatus, v1.PodReady)
 
 	// Set InitializedCondition.LastTransitionTime.
-	if _, initCondition := podutil.GetPodCondition(&status, v1.PodInitialized); initCondition != nil {
-		// Need to set LastTransitionTime.
-		lastTransitionTime := metav1.Now()
-		_, oldInitCondition := podutil.GetPodCondition(&oldStatus, v1.PodInitialized)
-		if oldInitCondition != nil && initCondition.Status == oldInitCondition.Status {
-			lastTransitionTime = oldInitCondition.LastTransitionTime
-		}
-		initCondition.LastTransitionTime = lastTransitionTime
-	}
+	updateLastTransitionTime(&status, &oldStatus, v1.PodInitialized)
+
+	// Set PodScheduledCondition.LastTransitionTime.
+	updateLastTransitionTime(&status, &oldStatus, v1.PodScheduled)
 
 	// ensure that the start time does not change across updates.
 	if oldStatus.StartTime != nil && !oldStatus.StartTime.IsZero() {
@@ -376,6 +363,21 @@ func (m *manager) updateStatusInternal(pod *v1.Pod, status v1.PodStatus, forceUp
 	}
 }
 
+// updateLastTransitionTime updates the LastTransitionTime of a pod condition.
+func updateLastTransitionTime(status, oldStatus *v1.PodStatus, conditionType v1.PodConditionType) {
+	_, condition := podutil.GetPodCondition(status, conditionType)
+	if condition == nil {
+		return
+	}
+	// Need to set LastTransitionTime.
+	lastTransitionTime := metav1.Now()
+	_, oldCondition := podutil.GetPodCondition(oldStatus, conditionType)
+	if oldCondition != nil && condition.Status == oldCondition.Status {
+		lastTransitionTime = oldCondition.LastTransitionTime
+	}
+	condition.LastTransitionTime = lastTransitionTime
+}
+
 // deletePodStatus simply removes the given pod from the status cache.
 func (m *manager) deletePodStatus(uid types.UID) {
 	m.podStatusesLock.Lock()
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/sysctl/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/sysctl/BUILD
index 7d7cc778dc73..949a758235a1 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/sysctl/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/sysctl/BUILD
@@ -20,7 +20,6 @@ go_library(
         "//pkg/apis/extensions/validation:go_default_library",
         "//pkg/kubelet/container:go_default_library",
         "//pkg/kubelet/lifecycle:go_default_library",
-        "//vendor/k8s.io/api/core/v1:go_default_library",
     ],
 )
 
@@ -30,8 +29,7 @@ go_test(
         "namespace_test.go",
         "whitelist_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/sysctl",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/api/core/v1:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/sysctl/runtime.go b/vendor/k8s.io/kubernetes/pkg/kubelet/sysctl/runtime.go
index cd8e34f7c58f..7ccbbdf53285 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/sysctl/runtime.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/sysctl/runtime.go
@@ -53,7 +53,7 @@ func NewRuntimeAdmitHandler(runtime container.Runtime) (*runtimeAdmitHandler, er
 			return nil, fmt.Errorf("failed to get runtime version: %v", err)
 		}
 
-		// only Docker >= 1.12 supports sysctls
+		// only Docker API version >= 1.24 supports sysctls
 		c, err := v.Compare(dockerMinimumAPIVersion)
 		if err != nil {
 			return nil, fmt.Errorf("failed to compare Docker version for sysctl support: %v", err)
@@ -69,7 +69,7 @@ func NewRuntimeAdmitHandler(runtime container.Runtime) (*runtimeAdmitHandler, er
 			result: lifecycle.PodAdmitResult{
 				Admit:   false,
 				Reason:  UnsupportedReason,
-				Message: "Docker before 1.12 does not support sysctls",
+				Message: "Docker API version before 1.24 does not support sysctls",
 			},
 		}, nil
 	case rktTypeName:
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/sysctl/whitelist.go b/vendor/k8s.io/kubernetes/pkg/kubelet/sysctl/whitelist.go
index 9bb1086a5587..e236f7952313 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/sysctl/whitelist.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/sysctl/whitelist.go
@@ -20,7 +20,6 @@ import (
 	"fmt"
 	"strings"
 
-	"k8s.io/api/core/v1"
 	v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
 	"k8s.io/kubernetes/pkg/apis/core/validation"
 	extvalidation "k8s.io/kubernetes/pkg/apis/extensions/validation"
@@ -45,14 +44,6 @@ func SafeSysctlWhitelist() []string {
 	}
 }
 
-// Whitelist provides a list of allowed sysctls and sysctl patterns (ending in *)
-// and a function to check whether a given sysctl matches this list.
-type Whitelist interface {
-	// Validate checks that all sysctls given in a v1.SysctlsPodAnnotationKey annotation
-	// are valid according to the whitelist.
-	Validate(pod *v1.Pod) error
-}
-
 // patternWhitelist takes a list of sysctls or sysctl patterns (ending in *) and
 // checks validity via a sysctl and prefix map, rejecting those which are not known
 // to be namespaced.
@@ -130,7 +121,7 @@ func (w *patternWhitelist) validateSysctl(sysctl string, hostNet, hostIPC bool)
 	return fmt.Errorf("%q not whitelisted", sysctl)
 }
 
-// Admit checks that all sysctls given in a v1.SysctlsPodAnnotationKey annotation
+// Admit checks that all sysctls given in annotations v1.SysctlsPodAnnotationKey and v1.UnsafeSysctlsPodAnnotationKey
 // are valid according to the whitelist.
 func (w *patternWhitelist) Admit(attrs *lifecycle.PodAdmitAttributes) lifecycle.PodAdmitResult {
 	pod := attrs.Pod
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/types/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/types/BUILD
index 515d1e8a096a..762979d5baf2 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/types/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/types/BUILD
@@ -18,6 +18,7 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/kubelet/types",
     deps = [
         "//pkg/apis/core:go_default_library",
+        "//pkg/scheduler/api:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
@@ -31,8 +32,7 @@ go_test(
         "pod_update_test.go",
         "types_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/types",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/github.com/stretchr/testify/require:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/types/constants.go b/vendor/k8s.io/kubernetes/pkg/kubelet/types/constants.go
index 65f17c4a7a62..2c83908a7c42 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/types/constants.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/types/constants.go
@@ -24,4 +24,10 @@ const (
 	DockerContainerRuntime = "docker"
 	RktContainerRuntime    = "rkt"
 	RemoteContainerRuntime = "remote"
+
+	// User visible keys for managing node allocatable enforcement on the node.
+	NodeAllocatableEnforcementKey = "pods"
+	SystemReservedEnforcementKey  = "system-reserved"
+	KubeReservedEnforcementKey    = "kube-reserved"
+	NodeAllocatableNoneKey        = "none"
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/types/labels.go b/vendor/k8s.io/kubernetes/pkg/kubelet/types/labels.go
index c4dad6302e55..67c84f6d6146 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/types/labels.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/types/labels.go
@@ -21,6 +21,7 @@ const (
 	KubernetesPodNamespaceLabel  = "io.kubernetes.pod.namespace"
 	KubernetesPodUIDLabel        = "io.kubernetes.pod.uid"
 	KubernetesContainerNameLabel = "io.kubernetes.container.name"
+	KubernetesContainerTypeLabel = "io.kubernetes.container.type"
 )
 
 func GetContainerName(labels map[string]string) string {
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/types/pod_update.go b/vendor/k8s.io/kubernetes/pkg/kubelet/types/pod_update.go
index 6bfc3dac63f8..62116985fd39 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/types/pod_update.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/types/pod_update.go
@@ -22,6 +22,7 @@ import (
 	"k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	kubeapi "k8s.io/kubernetes/pkg/apis/core"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
 )
 
 const (
@@ -139,15 +140,16 @@ func (sp SyncPodType) String() string {
 	}
 }
 
-// IsCriticalPod returns true if the pod bears the critical pod annotation
-// key. Both the rescheduler and the kubelet use this key to make admission
-// and scheduling decisions.
+// IsCriticalPod returns true if the pod bears the critical pod annotation key or if pod's priority is greater than
+// or equal to SystemCriticalPriority. Both the rescheduler(deprecated in 1.10) and the kubelet use this function
+// to make admission and scheduling decisions.
 func IsCriticalPod(pod *v1.Pod) bool {
-	return IsCritical(pod.Namespace, pod.Annotations)
+	return IsCritical(pod.Namespace, pod.Annotations) || (pod.Spec.Priority != nil && IsCriticalPodBasedOnPriority(pod.Namespace, *pod.Spec.Priority))
 }
 
 // IsCritical returns true if parameters bear the critical pod annotation
 // key. The DaemonSetController use this key directly to make scheduling decisions.
+// TODO: @ravig - Deprecated. Remove this when we move to resolving critical pods based on priorityClassName.
 func IsCritical(ns string, annotations map[string]string) bool {
 	// Critical pods are restricted to "kube-system" namespace as of now.
 	if ns != kubeapi.NamespaceSystem {
@@ -159,3 +161,15 @@ func IsCritical(ns string, annotations map[string]string) bool {
 	}
 	return false
 }
+
+// IsCriticalPodBasedOnPriority checks if the given pod is a critical pod based on priority resolved from pod Spec.
+func IsCriticalPodBasedOnPriority(ns string, priority int32) bool {
+	// Critical pods are restricted to "kube-system" namespace as of now.
+	if ns != kubeapi.NamespaceSystem {
+		return false
+	}
+	if priority >= schedulerapi.SystemCriticalPriority {
+		return true
+	}
+	return false
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/util/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/util/BUILD
index ad092614a9be..e76e870bb346 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/util/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/util/BUILD
@@ -8,10 +8,13 @@ load(
 
 go_test(
     name = "go_default_test",
-    srcs = ["util_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/util",
-    library = ":go_default_library",
-    deps = ["//vendor/github.com/stretchr/testify/assert:go_default_library"],
+    srcs = [
+        "util_test.go",
+    ],
+    embed = [":go_default_library"],
+    deps = [
+        "//vendor/github.com/stretchr/testify/assert:go_default_library",
+    ],
 )
 
 go_library(
@@ -19,15 +22,38 @@ go_library(
     srcs = [
         "doc.go",
         "util.go",
-        "util_unsupported.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:darwin_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "util_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "util_unix.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "util_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
             "util_unix.go",
         ],
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "util_unix.go",
         ],
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "util_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "util_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "util_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "util_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "util_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
             "util_windows.go",
         ],
         "//conditions:default": [],
@@ -36,11 +62,15 @@ go_library(
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
     ] + select({
-        "@io_bazel_rules_go//go/platform:darwin_amd64": [
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "//vendor/github.com/golang/glog:go_default_library",
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
             "//vendor/github.com/golang/glog:go_default_library",
             "//vendor/golang.org/x/sys/unix:go_default_library",
         ],
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/github.com/golang/glog:go_default_library",
             "//vendor/golang.org/x/sys/unix:go_default_library",
         ],
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/util/cache/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/util/cache/BUILD
index 47910609800c..fd8bda8b8492 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/util/cache/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/util/cache/BUILD
@@ -16,8 +16,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["object_cache_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/util/cache",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/util/clock:go_default_library",
         "//vendor/k8s.io/client-go/tools/cache:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/util/format/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/util/format/BUILD
index 887330b96aa7..2d7dc66ce183 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/util/format/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/util/format/BUILD
@@ -22,8 +22,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["resources_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/util/format",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/util/format/pod.go b/vendor/k8s.io/kubernetes/pkg/kubelet/util/format/pod.go
index c2931ad57ab1..45c0d8b4b347 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/util/format/pod.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/util/format/pod.go
@@ -51,7 +51,7 @@ func PodWithDeletionTimestamp(pod *v1.Pod) string {
 	return Pod(pod) + deletionTimestamp
 }
 
-// Pods returns a string representating a list of pods in a human
+// Pods returns a string representation a list of pods in a human
 // readable format.
 func Pods(pods []*v1.Pod) string {
 	return aggregatePods(pods, Pod)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/util/queue/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/util/queue/BUILD
index 0b43effc87ac..8384901fe449 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/util/queue/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/util/queue/BUILD
@@ -19,8 +19,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["work_queue_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/util/queue",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/clock:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/util/sliceutils/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/util/sliceutils/BUILD
index 4134706c80ed..7f9c3e618d0f 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/util/sliceutils/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/util/sliceutils/BUILD
@@ -32,8 +32,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["sliceutils_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/util/sliceutils",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/container:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/util/store/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/util/store/BUILD
index 66640ca19751..8697660d7d74 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/util/store/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/util/store/BUILD
@@ -18,8 +18,7 @@ go_test(
         "filestore_test.go",
         "store_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/util/store",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/util/filesystem:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/util/util.go b/vendor/k8s.io/kubernetes/pkg/kubelet/util/util.go
index cb70c07f86f7..eb7cf142754b 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/util/util.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/util/util.go
@@ -19,8 +19,6 @@ package util
 import (
 	"fmt"
 	"net/url"
-	"path/filepath"
-	"strings"
 
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
@@ -47,14 +45,3 @@ func parseEndpoint(endpoint string) (string, string, error) {
 		return u.Scheme, "", fmt.Errorf("protocol %q not supported", u.Scheme)
 	}
 }
-
-func pathWithinBase(fullPath, basePath string) bool {
-	rel, err := filepath.Rel(basePath, fullPath)
-	if err != nil {
-		return false
-	}
-	if strings.HasPrefix(rel, "..") {
-		return false
-	}
-	return true
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/volume_host.go b/vendor/k8s.io/kubernetes/pkg/kubelet/volume_host.go
index de71e3c4b0f3..cf1fc77deb7a 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/volume_host.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/volume_host.go
@@ -36,6 +36,7 @@ import (
 	"k8s.io/kubernetes/pkg/util/io"
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
+	"k8s.io/kubernetes/pkg/volume/util"
 )
 
 // NewInitializedVolumePluginMgr returns a new instance of
@@ -94,7 +95,7 @@ func (kvh *kubeletVolumeHost) GetVolumeDevicePluginDir(pluginName string) string
 func (kvh *kubeletVolumeHost) GetPodVolumeDir(podUID types.UID, pluginName string, volumeName string) string {
 	dir := kvh.kubelet.getPodVolumeDir(podUID, pluginName, volumeName)
 	if runtime.GOOS == "windows" {
-		dir = volume.GetWindowsPath(dir)
+		dir = util.GetWindowsPath(dir)
 	}
 	return dir
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/BUILD
index 9139cae32c3c..3f9d35d46225 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/BUILD
@@ -24,7 +24,7 @@ go_library(
         "//pkg/volume/util:go_default_library",
         "//pkg/volume/util/operationexecutor:go_default_library",
         "//pkg/volume/util/types:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
+        "//pkg/volume/util/volumepathhandler:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
@@ -39,8 +39,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["volume_manager_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/volumemanager",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/config:go_default_library",
         "//pkg/kubelet/configmap:go_default_library",
@@ -53,8 +52,8 @@ go_test(
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/testing:go_default_library",
+        "//pkg/volume/util:go_default_library",
         "//pkg/volume/util/types:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/cache/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/cache/BUILD
index cf5e351aa3b6..bac59a12bd8d 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/cache/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/cache/BUILD
@@ -15,9 +15,9 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/kubelet/volumemanager/cache",
     deps = [
         "//pkg/volume:go_default_library",
+        "//pkg/volume/util:go_default_library",
         "//pkg/volume/util/operationexecutor:go_default_library",
         "//pkg/volume/util/types:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
@@ -30,13 +30,12 @@ go_test(
         "actual_state_of_world_test.go",
         "desired_state_of_world_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/volumemanager/cache",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/volume:go_default_library",
         "//pkg/volume/testing:go_default_library",
+        "//pkg/volume/util:go_default_library",
         "//pkg/volume/util/types:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
     ],
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/cache/actual_state_of_world.go b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/cache/actual_state_of_world.go
index c22049e7bcaf..140c434fe6c5 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/cache/actual_state_of_world.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/cache/actual_state_of_world.go
@@ -29,9 +29,9 @@ import (
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/kubernetes/pkg/volume"
+	"k8s.io/kubernetes/pkg/volume/util"
 	"k8s.io/kubernetes/pkg/volume/util/operationexecutor"
 	volumetypes "k8s.io/kubernetes/pkg/volume/util/types"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 // ActualStateOfWorld defines a set of thread-safe operations for the kubelet
@@ -73,7 +73,7 @@ type ActualStateOfWorld interface {
 	// must unmounted prior to detach.
 	// If a volume with the name volumeName does not exist in the list of
 	// attached volumes, an error is returned.
-	SetVolumeGloballyMounted(volumeName v1.UniqueVolumeName, globallyMounted bool) error
+	SetVolumeGloballyMounted(volumeName v1.UniqueVolumeName, globallyMounted bool, devicePath, deviceMountPath string) error
 
 	// DeletePodFromVolume removes the given pod from the given volume in the
 	// cache indicating the volume has been successfully unmounted from the pod.
@@ -109,6 +109,13 @@ type ActualStateOfWorld interface {
 	// volumes that do not need to update contents should not fail.
 	PodExistsInVolume(podName volumetypes.UniquePodName, volumeName v1.UniqueVolumeName) (bool, string, error)
 
+	// VolumeExistsWithSpecName returns true if the given volume specified with the
+	// volume spec name (a.k.a., InnerVolumeSpecName) exists in the list of
+	// volumes that should be attached to this node.
+	// If a pod with the same name does not exist under the specified
+	// volume, false is returned.
+	VolumeExistsWithSpecName(podName volumetypes.UniquePodName, volumeSpecName string) bool
+
 	// VolumeExists returns true if the given volume exists in the list of
 	// attached volumes in the cache, indicating the volume is attached to this
 	// node.
@@ -240,6 +247,10 @@ type attachedVolume struct {
 	// devicePath contains the path on the node where the volume is attached for
 	// attachable volumes
 	devicePath string
+
+	// deviceMountPath contains the path on the node where the device should
+	// be mounted after it is attached.
+	deviceMountPath string
 }
 
 // The mountedPod object represents a pod for which the kubelet volume manager
@@ -318,13 +329,13 @@ func (asw *actualStateOfWorld) MarkVolumeAsUnmounted(
 }
 
 func (asw *actualStateOfWorld) MarkDeviceAsMounted(
-	volumeName v1.UniqueVolumeName) error {
-	return asw.SetVolumeGloballyMounted(volumeName, true /* globallyMounted */)
+	volumeName v1.UniqueVolumeName, devicePath, deviceMountPath string) error {
+	return asw.SetVolumeGloballyMounted(volumeName, true /* globallyMounted */, devicePath, deviceMountPath)
 }
 
 func (asw *actualStateOfWorld) MarkDeviceAsUnmounted(
 	volumeName v1.UniqueVolumeName) error {
-	return asw.SetVolumeGloballyMounted(volumeName, false /* globallyMounted */)
+	return asw.SetVolumeGloballyMounted(volumeName, false /* globallyMounted */, "", "")
 }
 
 // addVolume adds the given volume to the cache indicating the specified
@@ -347,7 +358,7 @@ func (asw *actualStateOfWorld) addVolume(
 	}
 
 	if len(volumeName) == 0 {
-		volumeName, err = volumehelper.GetUniqueVolumeNameFromSpec(volumePlugin, volumeSpec)
+		volumeName, err = util.GetUniqueVolumeNameFromSpec(volumePlugin, volumeSpec)
 		if err != nil {
 			return fmt.Errorf(
 				"failed to GetUniqueVolumeNameFromSpec for volumeSpec %q using volume plugin %q err=%v",
@@ -454,7 +465,7 @@ func (asw *actualStateOfWorld) MarkRemountRequired(
 }
 
 func (asw *actualStateOfWorld) SetVolumeGloballyMounted(
-	volumeName v1.UniqueVolumeName, globallyMounted bool) error {
+	volumeName v1.UniqueVolumeName, globallyMounted bool, devicePath, deviceMountPath string) error {
 	asw.Lock()
 	defer asw.Unlock()
 
@@ -466,6 +477,8 @@ func (asw *actualStateOfWorld) SetVolumeGloballyMounted(
 	}
 
 	volumeObj.globallyMounted = globallyMounted
+	volumeObj.deviceMountPath = deviceMountPath
+	volumeObj.devicePath = devicePath
 	asw.attachedVolumes[volumeName] = volumeObj
 	return nil
 }
@@ -529,6 +542,19 @@ func (asw *actualStateOfWorld) PodExistsInVolume(
 	return podExists, volumeObj.devicePath, nil
 }
 
+func (asw *actualStateOfWorld) VolumeExistsWithSpecName(podName volumetypes.UniquePodName, volumeSpecName string) bool {
+	asw.RLock()
+	defer asw.RUnlock()
+	for _, volumeObj := range asw.attachedVolumes {
+		for name := range volumeObj.mountedPods {
+			if podName == name && volumeObj.spec.Name() == volumeSpecName {
+				return true
+			}
+		}
+	}
+	return false
+}
+
 func (asw *actualStateOfWorld) VolumeExists(
 	volumeName v1.UniqueVolumeName) bool {
 	asw.RLock()
@@ -625,8 +651,11 @@ func (asw *actualStateOfWorld) newAttachedVolume(
 			VolumeSpec:         attachedVolume.spec,
 			NodeName:           asw.nodeName,
 			PluginIsAttachable: attachedVolume.pluginIsAttachable,
-			DevicePath:         attachedVolume.devicePath},
-		GloballyMounted: attachedVolume.globallyMounted}
+			DevicePath:         attachedVolume.devicePath,
+			DeviceMountPath:    attachedVolume.deviceMountPath,
+			PluginName:         attachedVolume.pluginName},
+		GloballyMounted: attachedVolume.globallyMounted,
+	}
 }
 
 // Compile-time check to ensure volumeNotAttachedError implements the error interface
@@ -691,5 +720,6 @@ func getMountedVolume(
 			Mounter:             mountedPod.mounter,
 			BlockVolumeMapper:   mountedPod.blockVolumeMapper,
 			VolumeGidValue:      mountedPod.volumeGidValue,
-			VolumeSpec:          attachedVolume.spec}}
+			VolumeSpec:          attachedVolume.spec,
+			DeviceMountPath:     attachedVolume.deviceMountPath}}
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/cache/desired_state_of_world.go b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/cache/desired_state_of_world.go
index e26131335c54..a61752d8c697 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/cache/desired_state_of_world.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/cache/desired_state_of_world.go
@@ -26,9 +26,9 @@ import (
 
 	"k8s.io/api/core/v1"
 	"k8s.io/kubernetes/pkg/volume"
+	"k8s.io/kubernetes/pkg/volume/util"
 	"k8s.io/kubernetes/pkg/volume/util/operationexecutor"
 	"k8s.io/kubernetes/pkg/volume/util/types"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 // DesiredStateOfWorld defines a set of thread-safe operations for the kubelet
@@ -98,6 +98,13 @@ type DesiredStateOfWorld interface {
 	// with pod's unique name. This map can be used to determine which pod is currently
 	// in desired state of world.
 	GetPods() map[types.UniquePodName]bool
+
+	// VolumeExistsWithSpecName returns true if the given volume specified with the
+	// volume spec name (a.k.a., InnerVolumeSpecName) exists in the list of
+	// volumes that should be attached to this node.
+	// If a pod with the same name does not exist under the specified
+	// volume, false is returned.
+	VolumeExistsWithSpecName(podName types.UniquePodName, volumeSpecName string) bool
 }
 
 // VolumeToMount represents a volume that is attached to this node and needs to
@@ -199,7 +206,7 @@ func (dsw *desiredStateOfWorld) AddPodToVolume(
 		// For attachable volumes, use the unique volume name as reported by
 		// the plugin.
 		volumeName, err =
-			volumehelper.GetUniqueVolumeNameFromSpec(volumePlugin, volumeSpec)
+			util.GetUniqueVolumeNameFromSpec(volumePlugin, volumeSpec)
 		if err != nil {
 			return "", fmt.Errorf(
 				"failed to GetUniqueVolumeNameFromSpec for volumeSpec %q using volume plugin %q err=%v",
@@ -210,7 +217,7 @@ func (dsw *desiredStateOfWorld) AddPodToVolume(
 	} else {
 		// For non-attachable volumes, generate a unique name based on the pod
 		// namespace and name and the name of the volume within the pod.
-		volumeName = volumehelper.GetUniqueVolumeNameForNonAttachableVolume(podName, volumePlugin, volumeSpec)
+		volumeName = util.GetUniqueVolumeNameForNonAttachableVolume(podName, volumePlugin, volumeSpec)
 	}
 
 	volumeObj, volumeExists := dsw.volumesToMount[volumeName]
@@ -234,7 +241,6 @@ func (dsw *desiredStateOfWorld) AddPodToVolume(
 		spec:                volumeSpec,
 		outerVolumeSpecName: outerVolumeSpecName,
 	}
-
 	return volumeName, nil
 }
 
@@ -303,6 +309,19 @@ func (dsw *desiredStateOfWorld) PodExistsInVolume(
 	return podExists
 }
 
+func (dsw *desiredStateOfWorld) VolumeExistsWithSpecName(podName types.UniquePodName, volumeSpecName string) bool {
+	dsw.RLock()
+	defer dsw.RUnlock()
+	for _, volumeObj := range dsw.volumesToMount {
+		for name, podObj := range volumeObj.podsToMount {
+			if podName == name && podObj.spec.Name() == volumeSpecName {
+				return true
+			}
+		}
+	}
+	return false
+}
+
 func (dsw *desiredStateOfWorld) GetPods() map[types.UniquePodName]bool {
 	dsw.RLock()
 	defer dsw.RUnlock()
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/BUILD
index a3bd36cc0577..c44312cb7f00 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/BUILD
@@ -21,7 +21,6 @@ go_library(
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
         "//pkg/volume/util/types:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
@@ -48,8 +47,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["desired_state_of_world_populator_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/volumemanager/populator",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/configmap:go_default_library",
         "//pkg/kubelet/container/testing:go_default_library",
@@ -60,8 +58,8 @@ go_test(
         "//pkg/kubelet/status/testing:go_default_library",
         "//pkg/kubelet/volumemanager/cache:go_default_library",
         "//pkg/volume/testing:go_default_library",
+        "//pkg/volume/util:go_default_library",
         "//pkg/volume/util/types:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/desired_state_of_world_populator.go b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/desired_state_of_world_populator.go
index ac762a040fa3..cc642511a72f 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/desired_state_of_world_populator.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/desired_state_of_world_populator.go
@@ -41,9 +41,8 @@ import (
 	"k8s.io/kubernetes/pkg/kubelet/util/format"
 	"k8s.io/kubernetes/pkg/kubelet/volumemanager/cache"
 	"k8s.io/kubernetes/pkg/volume"
-	volumeutil "k8s.io/kubernetes/pkg/volume/util"
+	"k8s.io/kubernetes/pkg/volume/util"
 	volumetypes "k8s.io/kubernetes/pkg/volume/util/types"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 // DesiredStateOfWorldPopulator periodically loops through the list of active
@@ -84,6 +83,7 @@ func NewDesiredStateOfWorldPopulator(
 	podManager pod.Manager,
 	podStatusProvider status.PodStatusProvider,
 	desiredStateOfWorld cache.DesiredStateOfWorld,
+	actualStateOfWorld cache.ActualStateOfWorld,
 	kubeContainerRuntime kubecontainer.Runtime,
 	keepTerminatedPodVolumes bool) DesiredStateOfWorldPopulator {
 	return &desiredStateOfWorldPopulator{
@@ -93,6 +93,7 @@ func NewDesiredStateOfWorldPopulator(
 		podManager:                podManager,
 		podStatusProvider:         podStatusProvider,
 		desiredStateOfWorld:       desiredStateOfWorld,
+		actualStateOfWorld:        actualStateOfWorld,
 		pods: processedPods{
 			processedPods: make(map[volumetypes.UniquePodName]bool)},
 		kubeContainerRuntime:     kubeContainerRuntime,
@@ -109,6 +110,7 @@ type desiredStateOfWorldPopulator struct {
 	podManager                pod.Manager
 	podStatusProvider         status.PodStatusProvider
 	desiredStateOfWorld       cache.DesiredStateOfWorld
+	actualStateOfWorld        cache.ActualStateOfWorld
 	pods                      processedPods
 	kubeContainerRuntime      kubecontainer.Runtime
 	timeOfLastGetPodStatus    time.Time
@@ -124,6 +126,7 @@ type processedPods struct {
 
 func (dswp *desiredStateOfWorldPopulator) Run(sourcesReady config.SourcesReady, stopCh <-chan struct{}) {
 	// Wait for the completion of a loop that started after sources are all ready, then set hasAddedPods accordingly
+	glog.Infof("Desired state populator starts to run")
 	wait.PollUntil(dswp.loopSleepDuration, func() (bool, error) {
 		done := sourcesReady.AllReady()
 		dswp.populatorLoopFunc()()
@@ -173,7 +176,7 @@ func (dswp *desiredStateOfWorldPopulator) isPodTerminated(pod *v1.Pod) bool {
 	if !found {
 		podStatus = pod.Status
 	}
-	return volumehelper.IsPodTerminated(pod, podStatus)
+	return util.IsPodTerminated(pod, podStatus)
 }
 
 // Iterate through all pods and add to desired state of world if they don't
@@ -236,13 +239,17 @@ func (dswp *desiredStateOfWorldPopulator) findAndRemoveDeletedPods() {
 		}
 
 		if runningContainers {
-			glog.V(5).Infof(
+			glog.V(4).Infof(
 				"Pod %q has been removed from pod manager. However, it still has one or more containers in the non-exited state. Therefore, it will not be removed from volume manager.",
 				format.Pod(volumeToMount.Pod))
 			continue
 		}
 
-		glog.V(5).Infof(volumeToMount.GenerateMsgDetailed("Removing volume from desired state", ""))
+		if !dswp.actualStateOfWorld.VolumeExists(volumeToMount.VolumeName) && podExists {
+			glog.V(4).Infof(volumeToMount.GenerateMsgDetailed("Actual state has not yet has this information skip removing volume from desired state", ""))
+			continue
+		}
+		glog.V(4).Infof(volumeToMount.GenerateMsgDetailed("Removing volume from desired state", ""))
 
 		dswp.desiredStateOfWorld.DeletePodFromVolume(
 			volumeToMount.PodName, volumeToMount.VolumeName)
@@ -257,7 +264,7 @@ func (dswp *desiredStateOfWorldPopulator) processPodVolumes(pod *v1.Pod) {
 		return
 	}
 
-	uniquePodName := volumehelper.GetUniquePodName(pod)
+	uniquePodName := util.GetUniquePodName(pod)
 	if dswp.podPreviouslyProcessed(uniquePodName) {
 		return
 	}
@@ -292,7 +299,7 @@ func (dswp *desiredStateOfWorldPopulator) processPodVolumes(pod *v1.Pod) {
 			allVolumesAdded = false
 		}
 
-		glog.V(10).Infof(
+		glog.V(4).Infof(
 			"Added volume %q (volSpec=%q) for pod %q to desired state.",
 			podVolume.Name,
 			volumeSpec.Name(),
@@ -302,6 +309,9 @@ func (dswp *desiredStateOfWorldPopulator) processPodVolumes(pod *v1.Pod) {
 	// some of the volume additions may have failed, should not mark this pod as fully processed
 	if allVolumesAdded {
 		dswp.markPodProcessed(uniquePodName)
+		// New pod has been synced. Re-mount all volumes that need it
+		// (e.g. DownwardAPI)
+		dswp.actualStateOfWorld.MarkRemountRequired(uniquePodName)
 	}
 
 }
@@ -343,7 +353,7 @@ func (dswp *desiredStateOfWorldPopulator) createVolumeSpec(
 	podVolume v1.Volume, podName string, podNamespace string, mountsMap map[string]bool, devicesMap map[string]bool) (*volume.Spec, string, error) {
 	if pvcSource :=
 		podVolume.VolumeSource.PersistentVolumeClaim; pvcSource != nil {
-		glog.V(10).Infof(
+		glog.V(5).Infof(
 			"Found PVC, ClaimName: %q/%q",
 			podNamespace,
 			pvcSource.ClaimName)
@@ -359,7 +369,7 @@ func (dswp *desiredStateOfWorldPopulator) createVolumeSpec(
 				err)
 		}
 
-		glog.V(10).Infof(
+		glog.V(5).Infof(
 			"Found bound PV for PVC (ClaimName %q/%q pvcUID %v): pvName=%q",
 			podNamespace,
 			pvcSource.ClaimName,
@@ -377,7 +387,7 @@ func (dswp *desiredStateOfWorldPopulator) createVolumeSpec(
 				err)
 		}
 
-		glog.V(10).Infof(
+		glog.V(5).Infof(
 			"Extracted volumeSpec (%v) from bound PV (pvName %q) and PVC (ClaimName %q/%q pvcUID %v)",
 			volumeSpec.Name,
 			pvName,
@@ -387,7 +397,7 @@ func (dswp *desiredStateOfWorldPopulator) createVolumeSpec(
 
 		// TODO: remove feature gate check after no longer needed
 		if utilfeature.DefaultFeatureGate.Enabled(features.BlockVolume) {
-			volumeMode, err := volumehelper.GetVolumeMode(volumeSpec)
+			volumeMode, err := util.GetVolumeMode(volumeSpec)
 			if err != nil {
 				return nil, "", err
 			}
@@ -435,7 +445,7 @@ func (dswp *desiredStateOfWorldPopulator) getPVCExtractPV(
 			err)
 	}
 
-	if utilfeature.DefaultFeatureGate.Enabled(features.PVCProtection) {
+	if utilfeature.DefaultFeatureGate.Enabled(features.StorageObjectInUseProtection) {
 		// Pods that uses a PVC that is being deleted must not be started.
 		//
 		// In case an old kubelet is running without this check or some kubelets
@@ -444,7 +454,7 @@ func (dswp *desiredStateOfWorldPopulator) getPVCExtractPV(
 		// and users should not be that surprised.
 		// It should happen only in very rare case when scheduler schedules
 		// a pod and user deletes a PVC that's used by it at the same time.
-		if volumeutil.IsPVCBeingDeleted(pvc) {
+		if pvc.ObjectMeta.DeletionTimestamp != nil {
 			return "", "", fmt.Errorf(
 				"can't start pod because PVC %s/%s is being deleted",
 				namespace,
@@ -519,7 +529,7 @@ func (dswp *desiredStateOfWorldPopulator) makeVolumeMap(containers []v1.Containe
 }
 
 func getPVVolumeGidAnnotationValue(pv *v1.PersistentVolume) string {
-	if volumeGid, ok := pv.Annotations[volumehelper.VolumeGidAnnotationKey]; ok {
+	if volumeGid, ok := pv.Annotations[util.VolumeGidAnnotationKey]; ok {
 		return volumeGid
 	}
 
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/reconciler/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/reconciler/BUILD
index 6fca7c17d827..b2a41d000658 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/reconciler/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/reconciler/BUILD
@@ -19,10 +19,10 @@ go_library(
         "//pkg/util/mount:go_default_library",
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
+        "//pkg/volume/util:go_default_library",
         "//pkg/volume/util/nestedpendingoperations:go_default_library",
         "//pkg/volume/util/operationexecutor:go_default_library",
         "//pkg/volume/util/types:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
@@ -36,15 +36,14 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["reconciler_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/volumemanager/reconciler",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/volumemanager/cache:go_default_library",
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/testing:go_default_library",
+        "//pkg/volume/util:go_default_library",
         "//pkg/volume/util/operationexecutor:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/reconciler/reconciler.go b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/reconciler/reconciler.go
index 23cc6eedfdd6..6fb3b63abd5e 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/reconciler/reconciler.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/reconciler/reconciler.go
@@ -15,7 +15,7 @@ limitations under the License.
 */
 
 // Package reconciler implements interfaces that attempt to reconcile the
-// desired state of the with the actual state of the world by triggering
+// desired state of the world with the actual state of the world by triggering
 // relevant actions (attach, detach, mount, unmount).
 package reconciler
 
@@ -41,10 +41,10 @@ import (
 	"k8s.io/kubernetes/pkg/util/mount"
 	utilstrings "k8s.io/kubernetes/pkg/util/strings"
 	volumepkg "k8s.io/kubernetes/pkg/volume"
+	"k8s.io/kubernetes/pkg/volume/util"
 	"k8s.io/kubernetes/pkg/volume/util/nestedpendingoperations"
 	"k8s.io/kubernetes/pkg/volume/util/operationexecutor"
 	volumetypes "k8s.io/kubernetes/pkg/volume/util/types"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 // Reconciler runs a periodic loop to reconcile the desired state of the world
@@ -140,26 +140,18 @@ type reconciler struct {
 }
 
 func (rc *reconciler) Run(stopCh <-chan struct{}) {
-	// Wait for the populator to indicate that it has actually populated the desired state of world, meaning it has
-	// completed a populate loop that started after sources are all ready. After, there's no need to keep checking.
-	wait.PollUntil(rc.loopSleepDuration, func() (bool, error) {
-		rc.reconciliationLoopFunc(rc.populatorHasAddedPods())()
-		return rc.populatorHasAddedPods(), nil
-	}, stopCh)
-	wait.Until(rc.reconciliationLoopFunc(true), rc.loopSleepDuration, stopCh)
+	wait.Until(rc.reconciliationLoopFunc(), rc.loopSleepDuration, stopCh)
 }
 
-func (rc *reconciler) reconciliationLoopFunc(populatorHasAddedPods bool) func() {
+func (rc *reconciler) reconciliationLoopFunc() func() {
 	return func() {
 		rc.reconcile()
 
-		// Add a check that the populator has added pods so that reconciler's reconstruct process will start
-		// after desired state of world is populated with pod volume information. Otherwise, reconciler's
-		// reconstruct process may add incomplete volume information and cause confusion. In addition, if the
-		// desired state of world has not been populated yet, the reconstruct process may clean up pods' volumes
-		// that are still in use because desired state of world does not contain a complete list of pods.
-		if populatorHasAddedPods && time.Since(rc.timeOfLastSync) > rc.syncDuration {
-			glog.V(5).Infof("Desired state of world has been populated with pods, starting reconstruct state function")
+		// Sync the state with the reality once after all existing pods are added to the desired state from all sources.
+		// Otherwise, the reconstruct process may clean up pods' volumes that are still in use because
+		// desired state of world does not contain a complete list of pods.
+		if rc.populatorHasAddedPods() && !rc.StatesHasBeenSynced() {
+			glog.Infof("Reconciler: start to sync state")
 			rc.sync()
 		}
 	}
@@ -174,12 +166,10 @@ func (rc *reconciler) reconcile() {
 	// Ensure volumes that should be unmounted are unmounted.
 	for _, mountedVolume := range rc.actualStateOfWorld.GetMountedVolumes() {
 		if !rc.desiredStateOfWorld.PodExistsInVolume(mountedVolume.PodName, mountedVolume.VolumeName) {
-			volumeHandler, err := operationexecutor.NewVolumeHandler(mountedVolume.VolumeSpec, rc.operationExecutor)
-			if err != nil {
-				glog.Errorf(mountedVolume.GenerateErrorDetailed(fmt.Sprintf("operationExecutor.NewVolumeHandler for UnmountVolume failed"), err).Error())
-				continue
-			}
-			err = volumeHandler.UnmountVolumeHandler(mountedVolume.MountedVolume, rc.actualStateOfWorld, rc.kubeletPodsDir)
+			// Volume is mounted, unmount it
+			glog.V(5).Infof(mountedVolume.GenerateMsgDetailed("Starting operationExecutor.UnmountVolume", ""))
+			err := rc.operationExecutor.UnmountVolume(
+				mountedVolume.MountedVolume, rc.actualStateOfWorld, rc.kubeletPodsDir)
 			if err != nil &&
 				!nestedpendingoperations.IsAlreadyExists(err) &&
 				!exponentialbackoff.IsExponentialBackoff(err) {
@@ -201,7 +191,7 @@ func (rc *reconciler) reconcile() {
 			if rc.controllerAttachDetachEnabled || !volumeToMount.PluginIsAttachable {
 				// Volume is not attached (or doesn't implement attacher), kubelet attach is disabled, wait
 				// for controller to finish attaching volume.
-				glog.V(12).Infof(volumeToMount.GenerateMsgDetailed("Starting operationExecutor.VerifyControllerAttachedVolume", ""))
+				glog.V(5).Infof(volumeToMount.GenerateMsgDetailed("Starting operationExecutor.VerifyControllerAttachedVolume", ""))
 				err := rc.operationExecutor.VerifyControllerAttachedVolume(
 					volumeToMount.VolumeToMount,
 					rc.nodeName,
@@ -224,7 +214,7 @@ func (rc *reconciler) reconcile() {
 					VolumeSpec: volumeToMount.VolumeSpec,
 					NodeName:   rc.nodeName,
 				}
-				glog.V(12).Infof(volumeToAttach.GenerateMsgDetailed("Starting operationExecutor.AttachVolume", ""))
+				glog.V(5).Infof(volumeToAttach.GenerateMsgDetailed("Starting operationExecutor.AttachVolume", ""))
 				err := rc.operationExecutor.AttachVolume(volumeToAttach, rc.actualStateOfWorld)
 				if err != nil &&
 					!nestedpendingoperations.IsAlreadyExists(err) &&
@@ -244,12 +234,12 @@ func (rc *reconciler) reconcile() {
 			if isRemount {
 				remountingLogStr = "Volume is already mounted to pod, but remount was requested."
 			}
-			volumeHandler, err := operationexecutor.NewVolumeHandler(volumeToMount.VolumeSpec, rc.operationExecutor)
-			if err != nil {
-				glog.Errorf(volumeToMount.GenerateErrorDetailed(fmt.Sprintf("operationExecutor.NewVolumeHandler for MountVolume failed"), err).Error())
-				continue
-			}
-			err = volumeHandler.MountVolumeHandler(rc.waitForAttachTimeout, volumeToMount.VolumeToMount, rc.actualStateOfWorld, isRemount, remountingLogStr)
+			glog.V(4).Infof(volumeToMount.GenerateMsgDetailed("Starting operationExecutor.MountVolume", remountingLogStr))
+			err := rc.operationExecutor.MountVolume(
+				rc.waitForAttachTimeout,
+				volumeToMount.VolumeToMount,
+				rc.actualStateOfWorld,
+				isRemount)
 			if err != nil &&
 				!nestedpendingoperations.IsAlreadyExists(err) &&
 				!exponentialbackoff.IsExponentialBackoff(err) {
@@ -273,12 +263,10 @@ func (rc *reconciler) reconcile() {
 		if !rc.desiredStateOfWorld.VolumeExists(attachedVolume.VolumeName) &&
 			!rc.operationExecutor.IsOperationPending(attachedVolume.VolumeName, nestedpendingoperations.EmptyUniquePodName) {
 			if attachedVolume.GloballyMounted {
-				volumeHandler, err := operationexecutor.NewVolumeHandler(attachedVolume.VolumeSpec, rc.operationExecutor)
-				if err != nil {
-					glog.Errorf(attachedVolume.GenerateErrorDetailed(fmt.Sprintf("operationExecutor.NewVolumeHandler for UnmountDevice failed"), err).Error())
-					continue
-				}
-				err = volumeHandler.UnmountDeviceHandler(attachedVolume.AttachedVolume, rc.actualStateOfWorld, rc.mounter)
+				// Volume is globally mounted to device, unmount it
+				glog.V(5).Infof(attachedVolume.GenerateMsgDetailed("Starting operationExecutor.UnmountDevice", ""))
+				err := rc.operationExecutor.UnmountDevice(
+					attachedVolume.AttachedVolume, rc.actualStateOfWorld, rc.mounter)
 				if err != nil &&
 					!nestedpendingoperations.IsAlreadyExists(err) &&
 					!exponentialbackoff.IsExponentialBackoff(err) {
@@ -297,7 +285,7 @@ func (rc *reconciler) reconcile() {
 					glog.Infof(attachedVolume.GenerateMsgDetailed("Volume detached", fmt.Sprintf("DevicePath %q", attachedVolume.DevicePath)))
 				} else {
 					// Only detach if kubelet detach is enabled
-					glog.V(12).Infof(attachedVolume.GenerateMsgDetailed("Starting operationExecutor.DetachVolume", ""))
+					glog.V(5).Infof(attachedVolume.GenerateMsgDetailed("Starting operationExecutor.DetachVolume", ""))
 					err := rc.operationExecutor.DetachVolume(
 						attachedVolume.AttachedVolume, false /* verifySafeToDetach */, rc.actualStateOfWorld)
 					if err != nil &&
@@ -319,11 +307,11 @@ func (rc *reconciler) reconcile() {
 // sync process tries to observe the real world by scanning all pods' volume directories from the disk.
 // If the actual and desired state of worlds are not consistent with the observed world, it means that some
 // mounted volumes are left out probably during kubelet restart. This process will reconstruct
-// the volumes and udpate the actual and desired states. In the following reconciler loop, those volumes will
-// be cleaned up.
+// the volumes and update the actual and desired states. For the volumes that cannot support reconstruction,
+// it will try to clean up the mount paths with operation executor.
 func (rc *reconciler) sync() {
 	defer rc.updateLastSyncTime()
-	rc.syncStates(rc.kubeletPodsDir)
+	rc.syncStates()
 }
 
 func (rc *reconciler) updateLastSyncTime() {
@@ -348,7 +336,7 @@ type reconstructedVolume struct {
 	volumeSpec          *volumepkg.Spec
 	outerVolumeSpecName string
 	pod                 *v1.Pod
-	pluginIsAttachable  bool
+	attachablePlugin    volumepkg.AttachableVolumePlugin
 	volumeGidValue      string
 	devicePath          string
 	reportedInUse       bool
@@ -356,66 +344,59 @@ type reconstructedVolume struct {
 	blockVolumeMapper   volumepkg.BlockVolumeMapper
 }
 
-// reconstructFromDisk scans the volume directories under the given pod directory. If the volume is not
-// in either actual or desired state of world, or pending operation, this function will reconstruct
-// the volume spec and put it in both the actual and desired state of worlds. If no running
-// container is mounting the volume, the volume will be removed by desired state of world's populator and
-// cleaned up by the reconciler.
-func (rc *reconciler) syncStates(podsDir string) {
+// syncStates scans the volume directories under the given pod directory.
+// If the volume is not in desired state of world, this function will reconstruct
+// the volume related information and put it in both the actual and desired state of worlds.
+// For some volume plugins that cannot support reconstruction, it will clean up the existing
+// mount points since the volume is no long needed (removed from desired state)
+func (rc *reconciler) syncStates() {
 	// Get volumes information by reading the pod's directory
-	podVolumes, err := getVolumesFromPodDir(podsDir)
+	podVolumes, err := getVolumesFromPodDir(rc.kubeletPodsDir)
 	if err != nil {
 		glog.Errorf("Cannot get volumes from disk %v", err)
 		return
 	}
-
 	volumesNeedUpdate := make(map[v1.UniqueVolumeName]*reconstructedVolume)
+	volumeNeedReport := []v1.UniqueVolumeName{}
 	for _, volume := range podVolumes {
-		reconstructedVolume, err := rc.reconstructVolume(volume)
-		if err != nil {
-			glog.Errorf("Could not construct volume information: %v", err)
+		if rc.actualStateOfWorld.VolumeExistsWithSpecName(volume.podName, volume.volumeSpecName) {
+			glog.V(4).Infof("Volume exists in actual state (volume.SpecName %s, pod.UID %s), skip cleaning up mounts", volume.volumeSpecName, volume.podName)
+			// There is nothing to reconstruct
 			continue
 		}
-		// Check if there is an pending operation for the given pod and volume.
-		// Need to check pending operation before checking the actual and desired
-		// states to avoid race condition during checking. For example, the following
-		// might happen if pending operation is checked after checking actual and desired states.
-		// 1. Checking the pod and it does not exist in either actual or desired state.
-		// 2. An operation for the given pod finishes and the actual state is updated.
-		// 3. Checking and there is no pending operation for the given pod.
-		// During state reconstruction period, no new volume operations could be issued. If the
-		// mounted path is not in either pending operation, or actual or desired states, this
-		// volume needs to be reconstructed back to the states.
-		pending := rc.operationExecutor.IsOperationPending(reconstructedVolume.volumeName, reconstructedVolume.podName)
-		dswExist := rc.desiredStateOfWorld.PodExistsInVolume(reconstructedVolume.podName, reconstructedVolume.volumeName)
-		aswExist, _, _ := rc.actualStateOfWorld.PodExistsInVolume(reconstructedVolume.podName, reconstructedVolume.volumeName)
-
-		if !rc.StatesHasBeenSynced() {
-			// In case this is the first time to reconstruct state after kubelet starts, for a persistant volume, it must have
-			// been mounted before kubelet restarts because no mount operations could be started at this time (node
-			// status has not yet been updated before this very first syncStates finishes, so that VerifyControllerAttachedVolume will fail),
-			// In this case, the volume state should be put back to actual state now no matter desired state has it or not.
-			// This is to prevent node status from being updated to empty for attachable volumes. This might happen because
-			// in the case that a volume is discovered on disk, and it is part of desired state, but is then quickly deleted
-			// from the desired state. If in such situation, the volume is not added to the actual state, the node status updater will
-			// not get this volume from either actual or desired state. In turn, this might cause master controller
-			// detaching while the volume is still mounted.
-			if aswExist || !reconstructedVolume.pluginIsAttachable {
-				continue
-			}
-		} else {
-			// Check pending first since no new operations could be started at this point.
-			// Otherwise there might a race condition in checking actual states and pending operations
-			if pending || dswExist || aswExist {
+		volumeInDSW := rc.desiredStateOfWorld.VolumeExistsWithSpecName(volume.podName, volume.volumeSpecName)
+
+		reconstructedVolume, err := rc.reconstructVolume(volume)
+		if err != nil {
+			if volumeInDSW {
+				// Some pod needs the volume, don't clean it up and hope that
+				// reconcile() calls SetUp and reconstructs the volume in ASW.
+				glog.V(4).Infof("Volume exists in desired state (volume.SpecName %s, pod.UID %s), skip cleaning up mounts", volume.volumeSpecName, volume.podName)
 				continue
 			}
+			// No pod needs the volume.
+			glog.Warningf("Could not construct volume information, cleanup the mounts. (pod.UID %s, volume.SpecName %s): %v", volume.podName, volume.volumeSpecName, err)
+			rc.cleanupMounts(volume)
+			continue
+		}
+		if volumeInDSW {
+			// Some pod needs the volume. And it exists on disk. Some previous
+			// kubelet must have created the directory, therefore it must have
+			// reported the volume as in use. Mark the volume as in use also in
+			// this new kubelet so reconcile() calls SetUp and re-mounts the
+			// volume if it's necessary.
+			volumeNeedReport = append(volumeNeedReport, reconstructedVolume.volumeName)
+			glog.V(4).Infof("Volume exists in desired state (volume.SpecName %s, pod.UID %s), marking as InUse", volume.volumeSpecName, volume.podName)
+			continue
+		}
+		// There is no pod that uses the volume.
+		if rc.operationExecutor.IsOperationPending(reconstructedVolume.volumeName, nestedpendingoperations.EmptyUniquePodName) {
+			glog.Warning("Volume is in pending operation, skip cleaning up mounts")
 		}
-
 		glog.V(2).Infof(
-			"Reconciler sync states: could not find pod information in desired or actual states or pending operation, update it in both states: %+v",
+			"Reconciler sync states: could not find pod information in desired state, update it in actual state: %+v",
 			reconstructedVolume)
 		volumesNeedUpdate[reconstructedVolume.volumeName] = reconstructedVolume
-
 	}
 
 	if len(volumesNeedUpdate) > 0 {
@@ -423,10 +404,31 @@ func (rc *reconciler) syncStates(podsDir string) {
 			glog.Errorf("Error occurred during reconstruct volume from disk: %v", err)
 		}
 	}
+	if len(volumeNeedReport) > 0 {
+		rc.desiredStateOfWorld.MarkVolumesReportedInUse(volumeNeedReport)
+	}
+}
 
+func (rc *reconciler) cleanupMounts(volume podVolume) {
+	glog.V(2).Infof("Reconciler sync states: could not find information (PID: %s) (Volume SpecName: %s) in desired state, clean up the mount points",
+		volume.podName, volume.volumeSpecName)
+	mountedVolume := operationexecutor.MountedVolume{
+		PodName:             volume.podName,
+		VolumeName:          v1.UniqueVolumeName(volume.volumeSpecName),
+		InnerVolumeSpecName: volume.volumeSpecName,
+		PluginName:          volume.pluginName,
+		PodUID:              types.UID(volume.podName),
+	}
+	// TODO: Currently cleanupMounts only includes UnmountVolume operation. In the next PR, we will add
+	// to unmount both volume and device in the same routine.
+	err := rc.operationExecutor.UnmountVolume(mountedVolume, rc.actualStateOfWorld, rc.kubeletPodsDir)
+	if err != nil {
+		glog.Errorf(mountedVolume.GenerateErrorDetailed(fmt.Sprintf("volumeHandler.UnmountVolumeHandler for UnmountVolume failed"), err).Error())
+		return
+	}
 }
 
-// Reconstruct Volume object and reconstructedVolume data structure by reading the pod's volume directories
+// Reconstruct volume data structure by reading the pod's volume directories
 func (rc *reconciler) reconstructVolume(volume podVolume) (*reconstructedVolume, error) {
 	// plugin initializations
 	plugin, err := rc.volumePluginMgr.FindPluginByName(volume.pluginName)
@@ -438,27 +440,18 @@ func (rc *reconciler) reconstructVolume(volume podVolume) (*reconstructedVolume,
 		return nil, err
 	}
 
-	// Create volumeSpec
+	// Create pod object
 	pod := &v1.Pod{
 		ObjectMeta: metav1.ObjectMeta{
 			UID: types.UID(volume.podName),
 		},
 	}
-	// TODO: remove feature gate check after no longer needed
-	var mapperPlugin volumepkg.BlockVolumePlugin
-	tmpSpec := &volumepkg.Spec{PersistentVolume: &v1.PersistentVolume{Spec: v1.PersistentVolumeSpec{}}}
-	if utilfeature.DefaultFeatureGate.Enabled(features.BlockVolume) {
-		mapperPlugin, err = rc.volumePluginMgr.FindMapperPluginByName(volume.pluginName)
-		if err != nil {
-			return nil, err
-		}
-		tmpSpec = &volumepkg.Spec{PersistentVolume: &v1.PersistentVolume{Spec: v1.PersistentVolumeSpec{VolumeMode: &volume.volumeMode}}}
-	}
-	volumeHandler, err := operationexecutor.NewVolumeHandler(tmpSpec, rc.operationExecutor)
+	mapperPlugin, err := rc.volumePluginMgr.FindMapperPluginByName(volume.pluginName)
 	if err != nil {
 		return nil, err
 	}
-	volumeSpec, err := volumeHandler.ReconstructVolumeHandler(
+	volumeSpec, err := rc.operationExecutor.ReconstructVolumeOperation(
+		volume.volumeMode,
 		plugin,
 		mapperPlugin,
 		pod.UID,
@@ -470,21 +463,19 @@ func (rc *reconciler) reconstructVolume(volume podVolume) (*reconstructedVolume,
 		return nil, err
 	}
 
-	volumeName, err := plugin.GetVolumeName(volumeSpec)
-	if err != nil {
-		return nil, err
-	}
 	var uniqueVolumeName v1.UniqueVolumeName
 	if attachablePlugin != nil {
-		uniqueVolumeName = volumehelper.GetUniqueVolumeName(volume.pluginName, volumeName)
+		uniqueVolumeName, err = util.GetUniqueVolumeNameFromSpec(plugin, volumeSpec)
+		if err != nil {
+			return nil, err
+		}
 	} else {
-		uniqueVolumeName = volumehelper.GetUniqueVolumeNameForNonAttachableVolume(volume.podName, plugin, volumeSpec)
+		uniqueVolumeName = util.GetUniqueVolumeNameForNonAttachableVolume(volume.podName, plugin, volumeSpec)
 	}
-
 	// Check existence of mount point for filesystem volume or symbolic link for block volume
-	isExist, checkErr := volumeHandler.CheckVolumeExistence(volume.mountPath, volumeSpec.Name(), rc.mounter, uniqueVolumeName, volume.podName, pod.UID, attachablePlugin)
+	isExist, checkErr := rc.operationExecutor.CheckVolumeExistenceOperation(volumeSpec, volume.mountPath, volumeSpec.Name(), rc.mounter, uniqueVolumeName, volume.podName, pod.UID, attachablePlugin)
 	if checkErr != nil {
-		return nil, err
+		return nil, checkErr
 	}
 	// If mount or symlink doesn't exist, volume reconstruction should be failed
 	if !isExist {
@@ -507,7 +498,7 @@ func (rc *reconciler) reconstructVolume(volume podVolume) (*reconstructedVolume,
 
 	// TODO: remove feature gate check after no longer needed
 	var volumeMapper volumepkg.BlockVolumeMapper
-	if utilfeature.DefaultFeatureGate.Enabled(features.BlockVolume) {
+	if utilfeature.DefaultFeatureGate.Enabled(features.BlockVolume) && volume.volumeMode == v1.PersistentVolumeBlock {
 		var newMapperErr error
 		if mapperPlugin != nil {
 			volumeMapper, newMapperErr = mapperPlugin.NewBlockVolumeMapper(
@@ -530,23 +521,24 @@ func (rc *reconciler) reconstructVolume(volume podVolume) (*reconstructedVolume,
 		volumeName: uniqueVolumeName,
 		podName:    volume.podName,
 		volumeSpec: volumeSpec,
-		// volume.volumeSpecName is actually InnerVolumeSpecName. But this information will likely to be updated in updateStates()
-		// by checking the desired state volumeToMount list and getting the real OuterVolumeSpecName.
-		// In case the pod is deleted during this period and desired state does not have this information, it will not be used
+		// volume.volumeSpecName is actually InnerVolumeSpecName. It will not be used
 		// for volume cleanup.
+		// TODO: in case pod is added back before reconciler starts to unmount, we can update this field from desired state information
 		outerVolumeSpecName: volume.volumeSpecName,
 		pod:                 pod,
-		pluginIsAttachable:  attachablePlugin != nil,
+		attachablePlugin:    attachablePlugin,
 		volumeGidValue:      "",
-		devicePath:          "",
-		mounter:             volumeMounter,
-		blockVolumeMapper:   volumeMapper,
+		// devicePath is updated during updateStates() by checking node status's VolumesAttached data.
+		// TODO: get device path directly from the volume mount path.
+		devicePath:        "",
+		mounter:           volumeMounter,
+		blockVolumeMapper: volumeMapper,
 	}
 	return reconstructedVolume, nil
 }
 
-func (rc *reconciler) updateStates(volumesNeedUpdate map[v1.UniqueVolumeName]*reconstructedVolume) error {
-	// Get the node status to retrieve volume device path information.
+// updateDevicePath gets the node status to retrieve volume device path information.
+func (rc *reconciler) updateDevicePath(volumesNeedUpdate map[v1.UniqueVolumeName]*reconstructedVolume) {
 	node, fetchErr := rc.kubeClient.CoreV1().Nodes().Get(string(rc.nodeName), metav1.GetOptions{})
 	if fetchErr != nil {
 		glog.Errorf("updateStates in reconciler: could not get node status with error %v", fetchErr)
@@ -559,26 +551,42 @@ func (rc *reconciler) updateStates(volumesNeedUpdate map[v1.UniqueVolumeName]*re
 			}
 		}
 	}
+}
+
+func getDeviceMountPath(volume *reconstructedVolume) (string, error) {
+	volumeAttacher, err := volume.attachablePlugin.NewAttacher()
+	if volumeAttacher == nil || err != nil {
+		return "", err
+	}
+	deviceMountPath, err :=
+		volumeAttacher.GetDeviceMountPath(volume.volumeSpec)
+	if err != nil {
+		return "", err
+	}
 
-	// Get the list of volumes from desired state and update OuterVolumeSpecName if the information is available
-	volumesToMount := rc.desiredStateOfWorld.GetVolumesToMount()
-	for _, volumeToMount := range volumesToMount {
-		if volume, exists := volumesNeedUpdate[volumeToMount.VolumeName]; exists {
-			volume.outerVolumeSpecName = volumeToMount.OuterVolumeSpecName
-			volumesNeedUpdate[volumeToMount.VolumeName] = volume
-			glog.V(4).Infof("Update OuterVolumeSpecName from desired state for volume (%q): %q",
-				volumeToMount.VolumeName, volume.outerVolumeSpecName)
+	if volume.blockVolumeMapper != nil {
+		deviceMountPath, err =
+			volume.blockVolumeMapper.GetGlobalMapPath(volume.volumeSpec)
+		if err != nil {
+			return "", err
 		}
 	}
+	return deviceMountPath, nil
+}
+
+func (rc *reconciler) updateStates(volumesNeedUpdate map[v1.UniqueVolumeName]*reconstructedVolume) error {
+	// Get the node status to retrieve volume device path information.
+	rc.updateDevicePath(volumesNeedUpdate)
+
 	for _, volume := range volumesNeedUpdate {
 		err := rc.actualStateOfWorld.MarkVolumeAsAttached(
+			//TODO: the devicePath might not be correct for some volume plugins: see issue #54108
 			volume.volumeName, volume.volumeSpec, "" /* nodeName */, volume.devicePath)
 		if err != nil {
 			glog.Errorf("Could not add volume information to actual state of world: %v", err)
 			continue
 		}
-
-		err = rc.actualStateOfWorld.AddPodToVolume(
+		err = rc.actualStateOfWorld.MarkVolumeAsMounted(
 			volume.podName,
 			types.UID(volume.podName),
 			volume.volumeName,
@@ -590,22 +598,19 @@ func (rc *reconciler) updateStates(volumesNeedUpdate map[v1.UniqueVolumeName]*re
 			glog.Errorf("Could not add pod to volume information to actual state of world: %v", err)
 			continue
 		}
-		if volume.pluginIsAttachable {
-			err = rc.actualStateOfWorld.MarkDeviceAsMounted(volume.volumeName)
+		glog.V(4).Infof("Volume: %s (pod UID %s) is marked as mounted and added into the actual state", volume.volumeName, volume.podName)
+		if volume.attachablePlugin != nil {
+			deviceMountPath, err := getDeviceMountPath(volume)
+			if err != nil {
+				glog.Errorf("Could not find device mount path for volume %s", volume.volumeName)
+				continue
+			}
+			err = rc.actualStateOfWorld.MarkDeviceAsMounted(volume.volumeName, volume.devicePath, deviceMountPath)
 			if err != nil {
 				glog.Errorf("Could not mark device is mounted to actual state of world: %v", err)
 				continue
 			}
-			glog.Infof("Volume: %v is mounted", volume.volumeName)
-		}
-
-		_, err = rc.desiredStateOfWorld.AddPodToVolume(volume.podName,
-			volume.pod,
-			volume.volumeSpec,
-			volume.outerVolumeSpecName,
-			volume.volumeGidValue)
-		if err != nil {
-			glog.Errorf("Could not add pod to volume information to desired state of world: %v", err)
+			glog.V(4).Infof("Volume: %s (pod UID %s) is marked device as mounted and added into the actual state", volume.volumeName, volume.podName)
 		}
 	}
 	return nil
@@ -641,7 +646,7 @@ func getVolumesFromPodDir(podDir string) ([]podVolume, error) {
 		for volumeMode, volumesDir := range volumesDirs {
 			var volumesDirInfo []os.FileInfo
 			if volumesDirInfo, err = ioutil.ReadDir(volumesDir); err != nil {
-				// Just skip the loop becuase given volumesDir doesn't exist depending on volumeMode
+				// Just skip the loop because given volumesDir doesn't exist depending on volumeMode
 				continue
 			}
 			for _, volumeDir := range volumesDirInfo {
@@ -667,6 +672,6 @@ func getVolumesFromPodDir(podDir string) ([]podVolume, error) {
 			}
 		}
 	}
-	glog.V(10).Infof("Get volumes from pod directory %q %+v", podDir, volumes)
+	glog.V(4).Infof("Get volumes from pod directory %q %+v", podDir, volumes)
 	return volumes, nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/volume_manager.go b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/volume_manager.go
index d3e7711407b2..5d5ad90ab41c 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/volume_manager.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/volume_manager.go
@@ -32,7 +32,6 @@ import (
 	"k8s.io/client-go/tools/record"
 	"k8s.io/kubernetes/pkg/kubelet/config"
 	"k8s.io/kubernetes/pkg/kubelet/container"
-	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/kubelet/pod"
 	"k8s.io/kubernetes/pkg/kubelet/status"
 	"k8s.io/kubernetes/pkg/kubelet/util/format"
@@ -44,7 +43,7 @@ import (
 	"k8s.io/kubernetes/pkg/volume/util"
 	"k8s.io/kubernetes/pkg/volume/util/operationexecutor"
 	"k8s.io/kubernetes/pkg/volume/util/types"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
+	"k8s.io/kubernetes/pkg/volume/util/volumepathhandler"
 )
 
 const (
@@ -153,7 +152,7 @@ func NewVolumeManager(
 	podStatusProvider status.PodStatusProvider,
 	kubeClient clientset.Interface,
 	volumePluginMgr *volume.VolumePluginMgr,
-	kubeContainerRuntime kubecontainer.Runtime,
+	kubeContainerRuntime container.Runtime,
 	mounter mount.Interface,
 	kubeletPodsDir string,
 	recorder record.EventRecorder,
@@ -170,7 +169,7 @@ func NewVolumeManager(
 			volumePluginMgr,
 			recorder,
 			checkNodeCapabilitiesBeforeMount,
-			util.NewBlockVolumePathHandler())),
+			volumepathhandler.NewBlockVolumePathHandler())),
 	}
 
 	vm.desiredStateOfWorldPopulator = populator.NewDesiredStateOfWorldPopulator(
@@ -180,6 +179,7 @@ func NewVolumeManager(
 		podManager,
 		podStatusProvider,
 		vm.desiredStateOfWorld,
+		vm.actualStateOfWorld,
 		kubeContainerRuntime,
 		keepTerminatedPodVolumes)
 	vm.reconciler = reconciler.NewReconciler(
@@ -255,16 +255,17 @@ func (vm *volumeManager) GetMountedVolumesForPod(podName types.UniquePodName) co
 	podVolumes := make(container.VolumeMap)
 	for _, mountedVolume := range vm.actualStateOfWorld.GetMountedVolumesForPod(podName) {
 		podVolumes[mountedVolume.OuterVolumeSpecName] = container.VolumeInfo{
-			Mounter:           mountedVolume.Mounter,
-			BlockVolumeMapper: mountedVolume.BlockVolumeMapper,
-			ReadOnly:          mountedVolume.VolumeSpec.ReadOnly,
+			Mounter:             mountedVolume.Mounter,
+			BlockVolumeMapper:   mountedVolume.BlockVolumeMapper,
+			ReadOnly:            mountedVolume.VolumeSpec.ReadOnly,
+			InnerVolumeSpecName: mountedVolume.InnerVolumeSpecName,
 		}
 	}
 	return podVolumes
 }
 
 func (vm *volumeManager) GetExtraSupplementalGroupsForPod(pod *v1.Pod) []int64 {
-	podName := volumehelper.GetUniquePodName(pod)
+	podName := util.GetUniquePodName(pod)
 	supplementalGroups := sets.NewString()
 
 	for _, mountedVolume := range vm.actualStateOfWorld.GetMountedVolumesForPod(podName) {
@@ -333,6 +334,10 @@ func (vm *volumeManager) MarkVolumesAsReportedInUse(
 }
 
 func (vm *volumeManager) WaitForAttachAndMount(pod *v1.Pod) error {
+	if pod == nil {
+		return nil
+	}
+
 	expectedVolumes := getExpectedVolumes(pod)
 	if len(expectedVolumes) == 0 {
 		// No volumes to verify
@@ -340,13 +345,12 @@ func (vm *volumeManager) WaitForAttachAndMount(pod *v1.Pod) error {
 	}
 
 	glog.V(3).Infof("Waiting for volumes to attach and mount for pod %q", format.Pod(pod))
-	uniquePodName := volumehelper.GetUniquePodName(pod)
+	uniquePodName := util.GetUniquePodName(pod)
 
 	// Some pods expect to have Setup called over and over again to update.
 	// Remount plugins for which this is true. (Atomically updating volumes,
 	// like Downward API, depend on this to update the contents of the volume).
 	vm.desiredStateOfWorldPopulator.ReprocessPod(uniquePodName)
-	vm.actualStateOfWorld.MarkRemountRequired(uniquePodName)
 
 	err := wait.Poll(
 		podAttachAndMountRetryInterval,
@@ -357,21 +361,38 @@ func (vm *volumeManager) WaitForAttachAndMount(pod *v1.Pod) error {
 		// Timeout expired
 		unmountedVolumes :=
 			vm.getUnmountedVolumes(uniquePodName, expectedVolumes)
+		// Also get unattached volumes for error message
+		unattachedVolumes :=
+			vm.getUnattachedVolumes(expectedVolumes)
+
 		if len(unmountedVolumes) == 0 {
 			return nil
 		}
 
 		return fmt.Errorf(
-			"timeout expired waiting for volumes to attach/mount for pod %q/%q. list of unattached/unmounted volumes=%v",
+			"timeout expired waiting for volumes to attach or mount for pod %q/%q. list of unmounted volumes=%v. list of unattached volumes=%v",
 			pod.Namespace,
 			pod.Name,
-			unmountedVolumes)
+			unmountedVolumes,
+			unattachedVolumes)
 	}
 
 	glog.V(3).Infof("All volumes are attached and mounted for pod %q", format.Pod(pod))
 	return nil
 }
 
+// getUnattachedVolumes returns a list of the volumes that are expected to be attached but
+// are not currently attached to the node
+func (vm *volumeManager) getUnattachedVolumes(expectedVolumes []string) []string {
+	unattachedVolumes := []string{}
+	for _, volume := range expectedVolumes {
+		if !vm.actualStateOfWorld.VolumeExists(v1.UniqueVolumeName(volume)) {
+			unattachedVolumes = append(unattachedVolumes, volume)
+		}
+	}
+	return unattachedVolumes
+}
+
 // verifyVolumesMountedFunc returns a method that returns true when all expected
 // volumes are mounted.
 func (vm *volumeManager) verifyVolumesMountedFunc(podName types.UniquePodName, expectedVolumes []string) wait.ConditionFunc {
@@ -407,9 +428,6 @@ func filterUnmountedVolumes(mountedVolumes sets.String, expectedVolumes []string
 // consider the volume setup step for this pod satisfied.
 func getExpectedVolumes(pod *v1.Pod) []string {
 	expectedVolumes := []string{}
-	if pod == nil {
-		return expectedVolumes
-	}
 
 	for _, podVolume := range pod.Spec.Volumes {
 		expectedVolumes = append(expectedVolumes, podVolume.Name)
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/winstats/BUILD b/vendor/k8s.io/kubernetes/pkg/kubelet/winstats/BUILD
index 049fae2385f1..e82b2eceb2f1 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/winstats/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/winstats/BUILD
@@ -1,42 +1,26 @@
-package(default_visibility = ["//visibility:public"])
-
-licenses(["notice"])
-
-filegroup(
-    name = "package-srcs",
-    srcs = glob(["**"]),
-    tags = ["automanaged"],
-    visibility = ["//visibility:private"],
-)
-
-filegroup(
-    name = "all-srcs",
-    srcs = [":package-srcs"],
-    tags = ["automanaged"],
-)
-
 load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 
 go_library(
     name = "go_default_library",
     srcs = [
-        "winstats.go",
+        "doc.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:windows": [
             "perfcounter_nodestats.go",
             "perfcounters.go",
             "version.go",
+            "winstats.go",
         ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/kubelet/winstats",
-    deps = [
-        "//vendor/github.com/google/cadvisor/info/v1:go_default_library",
-        "//vendor/github.com/google/cadvisor/info/v2:go_default_library",
-    ] + select({
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+    visibility = ["//visibility:public"],
+    deps = select({
+        "@io_bazel_rules_go//go/platform:windows": [
             "//vendor/github.com/JeffAshton/win_pdh:go_default_library",
             "//vendor/github.com/golang/glog:go_default_library",
+            "//vendor/github.com/google/cadvisor/info/v1:go_default_library",
+            "//vendor/github.com/google/cadvisor/info/v2:go_default_library",
             "//vendor/golang.org/x/sys/windows:go_default_library",
             "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         ],
@@ -46,12 +30,33 @@ go_library(
 
 go_test(
     name = "go_default_test",
-    srcs = ["winstats_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/winstats",
-    library = ":go_default_library",
-    deps = [
-        "//vendor/github.com/google/cadvisor/info/v1:go_default_library",
-        "//vendor/github.com/google/cadvisor/info/v2:go_default_library",
-        "//vendor/github.com/stretchr/testify/assert:go_default_library",
-    ],
+    srcs = select({
+        "@io_bazel_rules_go//go/platform:windows": [
+            "winstats_test.go",
+        ],
+        "//conditions:default": [],
+    }),
+    embed = [":go_default_library"],
+    deps = select({
+        "@io_bazel_rules_go//go/platform:windows": [
+            "//vendor/github.com/google/cadvisor/info/v1:go_default_library",
+            "//vendor/github.com/google/cadvisor/info/v2:go_default_library",
+            "//vendor/github.com/stretchr/testify/assert:go_default_library",
+        ],
+        "//conditions:default": [],
+    }),
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/winstats/doc.go b/vendor/k8s.io/kubernetes/pkg/kubelet/winstats/doc.go
new file mode 100644
index 000000000000..9802d587b5aa
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/winstats/doc.go
@@ -0,0 +1,18 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package winstats provides a client to get node and pod level stats on windows
+package winstats
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/winstats/version.go b/vendor/k8s.io/kubernetes/pkg/kubelet/winstats/version.go
index 81bb52edf554..fae2f7778502 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/winstats/version.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/winstats/version.go
@@ -25,7 +25,7 @@ import (
 	"golang.org/x/sys/windows"
 )
 
-// getCurrentVersionVal gets value of speficied key from registry.
+// getCurrentVersionVal gets value of specified key from registry.
 func getCurrentVersionVal(key string) (string, error) {
 	var h windows.Handle
 	if err := windows.RegOpenKeyEx(windows.HKEY_LOCAL_MACHINE,
diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/winstats/winstats.go b/vendor/k8s.io/kubernetes/pkg/kubelet/winstats/winstats.go
index b02bab4f6bd8..2c483f8967e7 100644
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/winstats/winstats.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/winstats/winstats.go
@@ -1,3 +1,5 @@
+// +build windows
+
 /*
 Copyright 2017 The Kubernetes Authors.
 
@@ -18,21 +20,28 @@ limitations under the License.
 package winstats
 
 import (
+	"syscall"
 	"time"
+	"unsafe"
 
 	cadvisorapi "github.com/google/cadvisor/info/v1"
 	cadvisorapiv2 "github.com/google/cadvisor/info/v2"
 )
 
+var (
+	procGetDiskFreeSpaceEx = modkernel32.NewProc("GetDiskFreeSpaceExW")
+)
+
 // Client is an interface that is used to get stats information.
 type Client interface {
 	WinContainerInfos() (map[string]cadvisorapiv2.ContainerInfo, error)
 	WinMachineInfo() (*cadvisorapi.MachineInfo, error)
 	WinVersionInfo() (*cadvisorapi.VersionInfo, error)
+	GetDirFsInfo(path string) (cadvisorapiv2.FsInfo, error)
 }
 
 // StatsClient is a client that implements the Client interface
-type statsClient struct {
+type StatsClient struct {
 	client winNodeStatsClient
 }
 
@@ -61,7 +70,7 @@ type nodeInfo struct {
 
 // newClient constructs a Client.
 func newClient(statsNodeClient winNodeStatsClient) (Client, error) {
-	statsClient := new(statsClient)
+	statsClient := new(StatsClient)
 	statsClient.client = statsNodeClient
 
 	err := statsClient.client.startMonitoring()
@@ -74,7 +83,7 @@ func newClient(statsNodeClient winNodeStatsClient) (Client, error) {
 
 // WinContainerInfos returns a map of container infos. The map contains node and
 // pod level stats. Analogous to cadvisor GetContainerInfoV2 method.
-func (c *statsClient) WinContainerInfos() (map[string]cadvisorapiv2.ContainerInfo, error) {
+func (c *StatsClient) WinContainerInfos() (map[string]cadvisorapiv2.ContainerInfo, error) {
 	infos := make(map[string]cadvisorapiv2.ContainerInfo)
 	rootContainerInfo, err := c.createRootContainerInfo()
 	if err != nil {
@@ -88,17 +97,17 @@ func (c *statsClient) WinContainerInfos() (map[string]cadvisorapiv2.ContainerInf
 
 // WinMachineInfo returns a cadvisorapi.MachineInfo with details about the
 // node machine. Analogous to cadvisor MachineInfo method.
-func (c *statsClient) WinMachineInfo() (*cadvisorapi.MachineInfo, error) {
+func (c *StatsClient) WinMachineInfo() (*cadvisorapi.MachineInfo, error) {
 	return c.client.getMachineInfo()
 }
 
 // WinVersionInfo returns a  cadvisorapi.VersionInfo with version info of
 // the kernel and docker runtime. Analogous to cadvisor VersionInfo method.
-func (c *statsClient) WinVersionInfo() (*cadvisorapi.VersionInfo, error) {
+func (c *StatsClient) WinVersionInfo() (*cadvisorapi.VersionInfo, error) {
 	return c.client.getVersionInfo()
 }
 
-func (c *statsClient) createRootContainerInfo() (*cadvisorapiv2.ContainerInfo, error) {
+func (c *StatsClient) createRootContainerInfo() (*cadvisorapiv2.ContainerInfo, error) {
 	nodeMetrics, err := c.client.getNodeMetrics()
 
 	if err != nil {
@@ -134,3 +143,30 @@ func (c *statsClient) createRootContainerInfo() (*cadvisorapiv2.ContainerInfo, e
 
 	return &rootInfo, nil
 }
+
+// GetDirFsInfo returns filesystem capacity and usage information.
+func (c *StatsClient) GetDirFsInfo(path string) (cadvisorapiv2.FsInfo, error) {
+	var freeBytesAvailable, totalNumberOfBytes, totalNumberOfFreeBytes int64
+	var err error
+
+	ret, _, err := syscall.Syscall6(
+		procGetDiskFreeSpaceEx.Addr(),
+		4,
+		uintptr(unsafe.Pointer(syscall.StringToUTF16Ptr(path))),
+		uintptr(unsafe.Pointer(&freeBytesAvailable)),
+		uintptr(unsafe.Pointer(&totalNumberOfBytes)),
+		uintptr(unsafe.Pointer(&totalNumberOfFreeBytes)),
+		0,
+		0,
+	)
+	if ret == 0 {
+		return cadvisorapiv2.FsInfo{}, err
+	}
+
+	return cadvisorapiv2.FsInfo{
+		Timestamp: time.Now(),
+		Capacity:  uint64(totalNumberOfBytes),
+		Available: uint64(freeBytesAvailable),
+		Usage:     uint64(totalNumberOfBytes - freeBytesAvailable),
+	}, nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/master/BUILD b/vendor/k8s.io/kubernetes/pkg/master/BUILD
index 2a846024d2ec..e8ac47c70eee 100644
--- a/vendor/k8s.io/kubernetes/pkg/master/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/master/BUILD
@@ -68,6 +68,7 @@ go_library(
         "//pkg/registry/settings/rest:go_default_library",
         "//pkg/registry/storage/rest:go_default_library",
         "//pkg/routes:go_default_library",
+        "//pkg/serviceaccount:go_default_library",
         "//pkg/util/async:go_default_library",
         "//pkg/util/node:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
@@ -113,6 +114,8 @@ go_library(
 
 go_test(
     name = "go_default_test",
+    size = "medium",
+    timeout = "long",
     srcs = [
         "client_ca_hook_test.go",
         "controller_test.go",
@@ -120,9 +123,8 @@ go_test(
         "master_openapi_test.go",
         "master_test.go",
     ],
-    features = ["-race"],
-    importpath = "k8s.io/kubernetes/pkg/master",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
+    race = "off",
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/api/testapi:go_default_library",
@@ -133,6 +135,7 @@ go_test(
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/extensions:go_default_library",
         "//pkg/apis/rbac:go_default_library",
+        "//pkg/apis/storage:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/fake:go_default_library",
         "//pkg/generated/openapi:go_default_library",
         "//pkg/kubelet/client:go_default_library",
@@ -146,13 +149,8 @@ go_test(
         "//vendor/github.com/go-openapi/strfmt:go_default_library",
         "//vendor/github.com/go-openapi/validate:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
-        "//vendor/k8s.io/api/apps/v1beta1:go_default_library",
-        "//vendor/k8s.io/api/autoscaling/v1:go_default_library",
-        "//vendor/k8s.io/api/batch/v1:go_default_library",
-        "//vendor/k8s.io/api/batch/v1beta1:go_default_library",
         "//vendor/k8s.io/api/certificates/v1beta1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
-        "//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/master/client_ca_hook.go b/vendor/k8s.io/kubernetes/pkg/master/client_ca_hook.go
index 75f76a9bce9b..3f1daa86c8f2 100644
--- a/vendor/k8s.io/kubernetes/pkg/master/client_ca_hook.go
+++ b/vendor/k8s.io/kubernetes/pkg/master/client_ca_hook.go
@@ -50,7 +50,7 @@ func (h ClientCARegistrationHook) PostStartHook(hookContext genericapiserver.Pos
 	// We've seen lagging etcd before, so we want to retry this a few times before we decide to crashloop
 	// the API server on it.
 	err := wait.Poll(1*time.Second, 30*time.Second, func() (done bool, err error) {
-		// retry building the config since sometimes the server can be in an inbetween state which caused
+		// retry building the config since sometimes the server can be in an in-between state which caused
 		// some kind of auto detection failure as I recall from other post start hooks.
 		// TODO see if this is still true and fix the RBAC one too if it isn't.
 		client, err := coreclient.NewForConfig(hookContext.LoopbackClientConfig)
diff --git a/vendor/k8s.io/kubernetes/pkg/master/controller.go b/vendor/k8s.io/kubernetes/pkg/master/controller.go
index cc10f0b387c8..78154d176ef3 100644
--- a/vendor/k8s.io/kubernetes/pkg/master/controller.go
+++ b/vendor/k8s.io/kubernetes/pkg/master/controller.go
@@ -48,6 +48,7 @@ const kubernetesServiceName = "kubernetes"
 type Controller struct {
 	ServiceClient   coreclient.ServicesGetter
 	NamespaceClient coreclient.NamespacesGetter
+	EventClient     coreclient.EventsGetter
 
 	ServiceClusterIPRegistry rangeallocation.RangeRegistry
 	ServiceClusterIPInterval time.Duration
@@ -77,10 +78,11 @@ type Controller struct {
 }
 
 // NewBootstrapController returns a controller for watching the core capabilities of the master
-func (c *completedConfig) NewBootstrapController(legacyRESTStorage corerest.LegacyRESTStorage, serviceClient coreclient.ServicesGetter, nsClient coreclient.NamespacesGetter) *Controller {
+func (c *completedConfig) NewBootstrapController(legacyRESTStorage corerest.LegacyRESTStorage, serviceClient coreclient.ServicesGetter, nsClient coreclient.NamespacesGetter, eventClient coreclient.EventsGetter) *Controller {
 	return &Controller{
 		ServiceClient:   serviceClient,
 		NamespaceClient: nsClient,
+		EventClient:     eventClient,
 
 		EndpointReconciler: c.ExtraConfig.EndpointReconcilerConfig.Reconciler,
 		EndpointInterval:   c.ExtraConfig.EndpointReconcilerConfig.Interval,
@@ -124,8 +126,8 @@ func (c *Controller) Start() {
 		return
 	}
 
-	repairClusterIPs := servicecontroller.NewRepair(c.ServiceClusterIPInterval, c.ServiceClient, &c.ServiceClusterIPRange, c.ServiceClusterIPRegistry)
-	repairNodePorts := portallocatorcontroller.NewRepair(c.ServiceNodePortInterval, c.ServiceClient, c.ServiceNodePortRange, c.ServiceNodePortRegistry)
+	repairClusterIPs := servicecontroller.NewRepair(c.ServiceClusterIPInterval, c.ServiceClient, c.EventClient, &c.ServiceClusterIPRange, c.ServiceClusterIPRegistry)
+	repairNodePorts := portallocatorcontroller.NewRepair(c.ServiceNodePortInterval, c.ServiceClient, c.EventClient, c.ServiceNodePortRange, c.ServiceNodePortRegistry)
 
 	// run all of the controllers once prior to returning from Start.
 	if err := repairClusterIPs.RunOnce(); err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/master/controller/crdregistration/BUILD b/vendor/k8s.io/kubernetes/pkg/master/controller/crdregistration/BUILD
index b902953bb816..ccf75639dc81 100644
--- a/vendor/k8s.io/kubernetes/pkg/master/controller/crdregistration/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/master/controller/crdregistration/BUILD
@@ -43,8 +43,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["crdregistration_controller_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/master/controller/crdregistration",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions:go_default_library",
         "//vendor/k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/internalversion:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/master/master.go b/vendor/k8s.io/kubernetes/pkg/master/master.go
index 174e150e7cee..d90dadfda643 100644
--- a/vendor/k8s.io/kubernetes/pkg/master/master.go
+++ b/vendor/k8s.io/kubernetes/pkg/master/master.go
@@ -65,6 +65,7 @@ import (
 	"k8s.io/kubernetes/pkg/registry/core/endpoint"
 	endpointsstorage "k8s.io/kubernetes/pkg/registry/core/endpoint/storage"
 	"k8s.io/kubernetes/pkg/routes"
+	"k8s.io/kubernetes/pkg/serviceaccount"
 	nodeutil "k8s.io/kubernetes/pkg/util/node"
 
 	"github.com/golang/glog"
@@ -109,7 +110,6 @@ type ExtraConfig struct {
 
 	// Used to start and monitor tunneling
 	Tunneler          tunneler.Tunneler
-	EnableUISupport   bool
 	EnableLogsSupport bool
 	ProxyTransport    http.RoundTripper
 
@@ -156,6 +156,9 @@ type ExtraConfig struct {
 
 	// Selects which reconciler to use
 	EndpointReconcilerType reconcilers.Type
+
+	ServiceAccountIssuer       serviceaccount.TokenGenerator
+	ServiceAccountAPIAudiences []string
 }
 
 type Config struct {
@@ -269,9 +272,6 @@ func (cfg *Config) Complete(informers informers.SharedInformerFactory) Completed
 		glog.Infof("Node port range unspecified. Defaulting to %v.", c.ExtraConfig.ServiceNodePortRange)
 	}
 
-	// enable swagger UI only if general UI support is on
-	c.GenericConfig.EnableSwaggerUI = c.GenericConfig.EnableSwaggerUI && c.ExtraConfig.EnableUISupport
-
 	if c.ExtraConfig.EndpointReconcilerConfig.Interval == 0 {
 		c.ExtraConfig.EndpointReconcilerConfig.Interval = DefaultEndpointReconcilerInterval
 	}
@@ -304,9 +304,6 @@ func (c completedConfig) New(delegationTarget genericapiserver.DelegationTarget)
 		return nil, err
 	}
 
-	if c.ExtraConfig.EnableUISupport {
-		routes.UIRedirect{}.Install(s.Handler.NonGoRestfulMux)
-	}
 	if c.ExtraConfig.EnableLogsSupport {
 		routes.Logs{}.Install(s.Handler.GoRestfulContainer)
 	}
@@ -316,15 +313,17 @@ func (c completedConfig) New(delegationTarget genericapiserver.DelegationTarget)
 	}
 
 	// install legacy rest storage
-	if c.ExtraConfig.APIResourceConfigSource.AnyResourcesForVersionEnabled(apiv1.SchemeGroupVersion) {
+	if c.ExtraConfig.APIResourceConfigSource.VersionEnabled(apiv1.SchemeGroupVersion) {
 		legacyRESTStorageProvider := corerest.LegacyRESTStorageProvider{
-			StorageFactory:       c.ExtraConfig.StorageFactory,
-			ProxyTransport:       c.ExtraConfig.ProxyTransport,
-			KubeletClientConfig:  c.ExtraConfig.KubeletClientConfig,
-			EventTTL:             c.ExtraConfig.EventTTL,
-			ServiceIPRange:       c.ExtraConfig.ServiceIPRange,
-			ServiceNodePortRange: c.ExtraConfig.ServiceNodePortRange,
-			LoopbackClientConfig: c.GenericConfig.LoopbackClientConfig,
+			StorageFactory:             c.ExtraConfig.StorageFactory,
+			ProxyTransport:             c.ExtraConfig.ProxyTransport,
+			KubeletClientConfig:        c.ExtraConfig.KubeletClientConfig,
+			EventTTL:                   c.ExtraConfig.EventTTL,
+			ServiceIPRange:             c.ExtraConfig.ServiceIPRange,
+			ServiceNodePortRange:       c.ExtraConfig.ServiceNodePortRange,
+			LoopbackClientConfig:       c.GenericConfig.LoopbackClientConfig,
+			ServiceAccountIssuer:       c.ExtraConfig.ServiceAccountIssuer,
+			ServiceAccountAPIAudiences: c.ExtraConfig.ServiceAccountAPIAudiences,
 		}
 		m.InstallLegacyAPI(&c, c.GenericConfig.RESTOptionsGetter, legacyRESTStorageProvider)
 	}
@@ -337,15 +336,15 @@ func (c completedConfig) New(delegationTarget genericapiserver.DelegationTarget)
 	// TODO: describe the priority all the way down in the RESTStorageProviders and plumb it back through the various discovery
 	// handlers that we have.
 	restStorageProviders := []RESTStorageProvider{
-		authenticationrest.RESTStorageProvider{Authenticator: c.GenericConfig.Authenticator},
-		authorizationrest.RESTStorageProvider{Authorizer: c.GenericConfig.Authorizer, RuleResolver: c.GenericConfig.RuleResolver},
+		authenticationrest.RESTStorageProvider{Authenticator: c.GenericConfig.Authentication.Authenticator},
+		authorizationrest.RESTStorageProvider{Authorizer: c.GenericConfig.Authorization.Authorizer, RuleResolver: c.GenericConfig.RuleResolver},
 		autoscalingrest.RESTStorageProvider{},
 		batchrest.RESTStorageProvider{},
 		certificatesrest.RESTStorageProvider{},
 		extensionsrest.RESTStorageProvider{},
 		networkingrest.RESTStorageProvider{},
 		policyrest.RESTStorageProvider{},
-		rbacrest.RESTStorageProvider{Authorizer: c.GenericConfig.Authorizer},
+		rbacrest.RESTStorageProvider{Authorizer: c.GenericConfig.Authorization.Authorizer},
 		schedulingrest.RESTStorageProvider{},
 		settingsrest.RESTStorageProvider{},
 		storagerest.RESTStorageProvider{},
@@ -375,7 +374,7 @@ func (m *Master) InstallLegacyAPI(c *completedConfig, restOptionsGetter generic.
 	if c.ExtraConfig.EnableCoreControllers {
 		controllerName := "bootstrap-controller"
 		coreClient := coreclient.NewForConfigOrDie(c.GenericConfig.LoopbackClientConfig)
-		bootstrapController := c.NewBootstrapController(legacyRESTStorage, coreClient, coreClient)
+		bootstrapController := c.NewBootstrapController(legacyRESTStorage, coreClient, coreClient, coreClient)
 		m.GenericAPIServer.AddPostStartHookOrDie(controllerName, bootstrapController.PostStartHook)
 		m.GenericAPIServer.AddPreShutdownHookOrDie(controllerName, bootstrapController.PreShutdownHook)
 	}
@@ -406,7 +405,7 @@ func (m *Master) InstallAPIs(apiResourceConfigSource serverstorage.APIResourceCo
 
 	for _, restStorageBuilder := range restStorageProviders {
 		groupName := restStorageBuilder.GroupName()
-		if !apiResourceConfigSource.AnyResourcesForGroupEnabled(groupName) {
+		if !apiResourceConfigSource.AnyVersionForGroupEnabled(groupName) {
 			glog.V(1).Infof("Skipping disabled API group %q.", groupName)
 			continue
 		}
@@ -487,15 +486,5 @@ func DefaultAPIResourceConfigSource() *serverstorage.ResourceConfig {
 		admissionregistrationv1beta1.SchemeGroupVersion,
 	)
 
-	// all extensions resources except these are disabled by default
-	ret.EnableResources(
-		extensionsapiv1beta1.SchemeGroupVersion.WithResource("daemonsets"),
-		extensionsapiv1beta1.SchemeGroupVersion.WithResource("deployments"),
-		extensionsapiv1beta1.SchemeGroupVersion.WithResource("ingresses"),
-		extensionsapiv1beta1.SchemeGroupVersion.WithResource("networkpolicies"),
-		extensionsapiv1beta1.SchemeGroupVersion.WithResource("replicasets"),
-		extensionsapiv1beta1.SchemeGroupVersion.WithResource("podsecuritypolicies"),
-	)
-
 	return ret
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/master/ports/ports.go b/vendor/k8s.io/kubernetes/pkg/master/ports/ports.go
index 14508cc27f30..d4a42f603bbd 100644
--- a/vendor/k8s.io/kubernetes/pkg/master/ports/ports.go
+++ b/vendor/k8s.io/kubernetes/pkg/master/ports/ports.go
@@ -26,12 +26,12 @@ const (
 	// SchedulerPort is the default port for the scheduler status server.
 	// May be overridden by a flag at startup.
 	SchedulerPort = 10251
-	// ControllerManagerPort is the default port for the controller manager status server.
+	// InsecureKubeControllerManagerPort is the default port for the controller manager status server.
 	// May be overridden by a flag at startup.
-	ControllerManagerPort = 10252
-	// CloudControllerManagerPort is the default port for the cloud controller manager server.
-	// This value may be overriden by a flag at startup.
-	CloudControllerManagerPort = 10253
+	InsecureKubeControllerManagerPort = 10252
+	// InsecureCloudControllerManagerPort is the default port for the cloud controller manager server.
+	// This value may be overridden by a flag at startup.
+	InsecureCloudControllerManagerPort = 10253
 	// KubeletReadOnlyPort exposes basic read-only services from the kubelet.
 	// May be overridden by a flag at startup.
 	// This is necessary for heapster to collect monitoring stats from the kubelet
diff --git a/vendor/k8s.io/kubernetes/pkg/master/reconcilers/BUILD b/vendor/k8s.io/kubernetes/pkg/master/reconcilers/BUILD
index 3fbb514b0e67..b76adac933fd 100644
--- a/vendor/k8s.io/kubernetes/pkg/master/reconcilers/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/master/reconcilers/BUILD
@@ -30,8 +30,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["lease_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/master/reconcilers",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/master/services.go b/vendor/k8s.io/kubernetes/pkg/master/services.go
index a0e510d1fdde..44bb15edffc0 100644
--- a/vendor/k8s.io/kubernetes/pkg/master/services.go
+++ b/vendor/k8s.io/kubernetes/pkg/master/services.go
@@ -21,23 +21,17 @@ import (
 	"net"
 
 	"github.com/golang/glog"
-
+	kubeoptions "k8s.io/kubernetes/pkg/kubeapiserver/options"
 	"k8s.io/kubernetes/pkg/registry/core/service/ipallocator"
 )
 
 // DefaultServiceIPRange takes a the serviceIPRange flag and returns the defaulted service ip range (if  needed),
 // api server service IP, and an error
-// TODO move this out of the genericapiserver package
 func DefaultServiceIPRange(passedServiceClusterIPRange net.IPNet) (net.IPNet, net.IP, error) {
 	serviceClusterIPRange := passedServiceClusterIPRange
 	if passedServiceClusterIPRange.IP == nil {
-		defaultNet := "10.0.0.0/24"
-		glog.Infof("Network range for service cluster IPs is unspecified. Defaulting to %v.", defaultNet)
-		_, defaultServiceClusterIPRange, err := net.ParseCIDR(defaultNet)
-		if err != nil {
-			return net.IPNet{}, net.IP{}, err
-		}
-		serviceClusterIPRange = *defaultServiceClusterIPRange
+		glog.Infof("Network range for service cluster IPs is unspecified. Defaulting to %v.", kubeoptions.DefaultServiceIPCIDR)
+		serviceClusterIPRange = kubeoptions.DefaultServiceIPCIDR
 	}
 	if size := ipallocator.RangeSize(&serviceClusterIPRange); size < 8 {
 		return net.IPNet{}, net.IP{}, fmt.Errorf("The service cluster IP range must be at least %d IP addresses", 8)
diff --git a/vendor/k8s.io/kubernetes/pkg/master/tunneler/BUILD b/vendor/k8s.io/kubernetes/pkg/master/tunneler/BUILD
index dcaa51b8ea75..686ff7c3dd36 100644
--- a/vendor/k8s.io/kubernetes/pkg/master/tunneler/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/master/tunneler/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["ssh_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/master/tunneler",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/clock:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/master/tunneler/ssh.go b/vendor/k8s.io/kubernetes/pkg/master/tunneler/ssh.go
index 562c09adc539..2bee87326df6 100644
--- a/vendor/k8s.io/kubernetes/pkg/master/tunneler/ssh.go
+++ b/vendor/k8s.io/kubernetes/pkg/master/tunneler/ssh.go
@@ -17,6 +17,7 @@ limitations under the License.
 package tunneler
 
 import (
+	"context"
 	"fmt"
 	"io/ioutil"
 	"net"
@@ -35,7 +36,7 @@ import (
 	"github.com/prometheus/client_golang/prometheus"
 )
 
-type InstallSSHKey func(user string, data []byte) error
+type InstallSSHKey func(ctx context.Context, user string, data []byte) error
 
 type AddressFunc func() (addresses []string, err error)
 
@@ -180,7 +181,7 @@ func (c *SSHTunneler) installSSHKeySyncLoop(user, publicKeyfile string) {
 			glog.Errorf("Failed to encode public key: %v", err)
 			return
 		}
-		if err := c.InstallSSHKey(user, keyData); err != nil {
+		if err := c.InstallSSHKey(context.TODO(), user, keyData); err != nil {
 			glog.Errorf("Failed to install ssh key: %v", err)
 			return
 		}
diff --git a/vendor/k8s.io/kubernetes/pkg/printers/BUILD b/vendor/k8s.io/kubernetes/pkg/printers/BUILD
index c59f547fc22d..4e2dd00009d4 100644
--- a/vendor/k8s.io/kubernetes/pkg/printers/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/printers/BUILD
@@ -9,7 +9,6 @@ load(
 go_library(
     name = "go_default_library",
     srcs = [
-        "common.go",
         "customcolumn.go",
         "humanreadable.go",
         "interface.go",
@@ -24,9 +23,11 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/printers",
     deps = [
         "//vendor/github.com/ghodss/yaml:go_default_library",
+        "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/meta:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
@@ -39,7 +40,6 @@ go_library(
 go_test(
     name = "go_default_xtest",
     srcs = ["customcolumn_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/printers_test",
     deps = [
         ":go_default_library",
         "//pkg/api/legacyscheme:go_default_library",
@@ -70,12 +70,11 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["humanreadable_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/printers",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/printers/humanreadable.go b/vendor/k8s.io/kubernetes/pkg/printers/humanreadable.go
index 73ef967b1504..4e4b7c6543e5 100644
--- a/vendor/k8s.io/kubernetes/pkg/printers/humanreadable.go
+++ b/vendor/k8s.io/kubernetes/pkg/printers/humanreadable.go
@@ -26,7 +26,7 @@ import (
 
 	"k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	metav1alpha1 "k8s.io/apimachinery/pkg/apis/meta/v1alpha1"
+	metav1beta1 "k8s.io/apimachinery/pkg/apis/meta/v1beta1"
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
@@ -34,19 +34,19 @@ import (
 )
 
 type TablePrinter interface {
-	PrintTable(obj runtime.Object, options PrintOptions) (*metav1alpha1.Table, error)
+	PrintTable(obj runtime.Object, options PrintOptions) (*metav1beta1.Table, error)
 }
 
 type PrintHandler interface {
 	Handler(columns, columnsWithWide []string, printFunc interface{}) error
-	TableHandler(columns []metav1alpha1.TableColumnDefinition, printFunc interface{}) error
-	DefaultTableHandler(columns []metav1alpha1.TableColumnDefinition, printFunc interface{}) error
+	TableHandler(columns []metav1beta1.TableColumnDefinition, printFunc interface{}) error
+	DefaultTableHandler(columns []metav1beta1.TableColumnDefinition, printFunc interface{}) error
 }
 
 var withNamespacePrefixColumns = []string{"NAMESPACE"} // TODO(erictune): print cluster name too.
 
 type handlerEntry struct {
-	columnDefinitions []metav1alpha1.TableColumnDefinition
+	columnDefinitions []metav1beta1.TableColumnDefinition
 	printRows         bool
 	printFunc         reflect.Value
 	args              []reflect.Value
@@ -126,15 +126,15 @@ func (h *HumanReadablePrinter) EnsurePrintHeaders() {
 // Handler adds a print handler with a given set of columns to HumanReadablePrinter instance.
 // See ValidatePrintHandlerFunc for required method signature.
 func (h *HumanReadablePrinter) Handler(columns, columnsWithWide []string, printFunc interface{}) error {
-	var columnDefinitions []metav1alpha1.TableColumnDefinition
+	var columnDefinitions []metav1beta1.TableColumnDefinition
 	for _, column := range columns {
-		columnDefinitions = append(columnDefinitions, metav1alpha1.TableColumnDefinition{
+		columnDefinitions = append(columnDefinitions, metav1beta1.TableColumnDefinition{
 			Name: column,
 			Type: "string",
 		})
 	}
 	for _, column := range columnsWithWide {
-		columnDefinitions = append(columnDefinitions, metav1alpha1.TableColumnDefinition{
+		columnDefinitions = append(columnDefinitions, metav1beta1.TableColumnDefinition{
 			Name:     column,
 			Type:     "string",
 			Priority: 1,
@@ -164,7 +164,7 @@ func (h *HumanReadablePrinter) Handler(columns, columnsWithWide []string, printF
 
 // TableHandler adds a print handler with a given set of columns to HumanReadablePrinter instance.
 // See ValidateRowPrintHandlerFunc for required method signature.
-func (h *HumanReadablePrinter) TableHandler(columnDefinitions []metav1alpha1.TableColumnDefinition, printFunc interface{}) error {
+func (h *HumanReadablePrinter) TableHandler(columnDefinitions []metav1beta1.TableColumnDefinition, printFunc interface{}) error {
 	printFuncValue := reflect.ValueOf(printFunc)
 	if err := ValidateRowPrintHandlerFunc(printFuncValue); err != nil {
 		utilruntime.HandleError(fmt.Errorf("unable to register print function: %v", err))
@@ -189,7 +189,7 @@ func (h *HumanReadablePrinter) TableHandler(columnDefinitions []metav1alpha1.Tab
 // DefaultTableHandler registers a set of columns and a print func that is given a chance to process
 // any object without an explicit handler. Only the most recently set print handler is used.
 // See ValidateRowPrintHandlerFunc for required method signature.
-func (h *HumanReadablePrinter) DefaultTableHandler(columnDefinitions []metav1alpha1.TableColumnDefinition, printFunc interface{}) error {
+func (h *HumanReadablePrinter) DefaultTableHandler(columnDefinitions []metav1beta1.TableColumnDefinition, printFunc interface{}) error {
 	printFuncValue := reflect.ValueOf(printFunc)
 	if err := ValidateRowPrintHandlerFunc(printFuncValue); err != nil {
 		utilruntime.HandleError(fmt.Errorf("unable to register print function: %v", err))
@@ -208,7 +208,7 @@ func (h *HumanReadablePrinter) DefaultTableHandler(columnDefinitions []metav1alp
 // ValidateRowPrintHandlerFunc validates print handler signature.
 // printFunc is the function that will be called to print an object.
 // It must be of the following type:
-//  func printFunc(object ObjectType, options PrintOptions) ([]metav1alpha1.TableRow, error)
+//  func printFunc(object ObjectType, options PrintOptions) ([]metav1beta1.TableRow, error)
 // where ObjectType is the type of the object that will be printed, and the first
 // return value is an array of rows, with each row containing a number of cells that
 // match the number of columns defined for that printer function.
@@ -222,10 +222,10 @@ func ValidateRowPrintHandlerFunc(printFunc reflect.Value) error {
 			"Must accept 2 parameters and return 2 value.")
 	}
 	if funcType.In(1) != reflect.TypeOf((*PrintOptions)(nil)).Elem() ||
-		funcType.Out(0) != reflect.TypeOf((*[]metav1alpha1.TableRow)(nil)).Elem() ||
+		funcType.Out(0) != reflect.TypeOf((*[]metav1beta1.TableRow)(nil)).Elem() ||
 		funcType.Out(1) != reflect.TypeOf((*error)(nil)).Elem() {
 		return fmt.Errorf("invalid print handler. The expected signature is: "+
-			"func handler(obj %v, options PrintOptions) ([]metav1alpha1.TableRow, error)", funcType.In(0))
+			"func handler(obj %v, options PrintOptions) ([]metav1beta1.TableRow, error)", funcType.In(0))
 	}
 	return nil
 }
@@ -303,15 +303,15 @@ func (h *HumanReadablePrinter) PrintObj(obj runtime.Object, output io.Writer) er
 	}
 
 	// display tables following the rules of options
-	if table, ok := obj.(*metav1alpha1.Table); ok {
+	if table, ok := obj.(*metav1beta1.Table); ok {
 		if err := DecorateTable(table, h.options); err != nil {
 			return err
 		}
 		return PrintTable(table, output, h.options)
 	}
 
-	// check if the object is unstructured.  If so, let's attempt to convert it to a type we can understand before
-	// trying to print, since the printers are keyed by type.  This is extremely expensive.
+	// check if the object is unstructured. If so, let's attempt to convert it to a type we can understand before
+	// trying to print, since the printers are keyed by type. This is extremely expensive.
 	if h.encoder != nil && h.decoder != nil {
 		obj, _ = decodeUnknownObject(obj, h.encoder, h.decoder)
 	}
@@ -341,20 +341,25 @@ func (h *HumanReadablePrinter) PrintObj(obj runtime.Object, output io.Writer) er
 	return fmt.Errorf("error: unknown type %#v", obj)
 }
 
-func hasCondition(conditions []metav1alpha1.TableRowCondition, t metav1alpha1.RowConditionType) bool {
+func hasCondition(conditions []metav1beta1.TableRowCondition, t metav1beta1.RowConditionType) bool {
 	for _, condition := range conditions {
 		if condition.Type == t {
-			return condition.Status == metav1alpha1.ConditionTrue
+			return condition.Status == metav1beta1.ConditionTrue
 		}
 	}
 	return false
 }
 
 // PrintTable prints a table to the provided output respecting the filtering rules for options
-// for wide columns and filetred rows. It filters out rows that are Completed. You should call
+// for wide columns and filtered rows. It filters out rows that are Completed. You should call
 // DecorateTable if you receive a table from a remote server before calling PrintTable.
-func PrintTable(table *metav1alpha1.Table, output io.Writer, options PrintOptions) error {
+func PrintTable(table *metav1beta1.Table, output io.Writer, options PrintOptions) error {
 	if !options.NoHeaders {
+		// avoid printing headers if we have no rows to display
+		if len(table.Rows) == 0 {
+			return nil
+		}
+
 		first := true
 		for _, column := range table.ColumnDefinitions {
 			if !options.Wide && column.Priority != 0 {
@@ -370,7 +375,7 @@ func PrintTable(table *metav1alpha1.Table, output io.Writer, options PrintOption
 		fmt.Fprintln(output)
 	}
 	for _, row := range table.Rows {
-		if !options.ShowAll && hasCondition(row.Conditions, metav1alpha1.RowCompleted) {
+		if !options.ShowAll && hasCondition(row.Conditions, metav1beta1.RowCompleted) {
 			continue
 		}
 		first := true
@@ -397,7 +402,7 @@ func PrintTable(table *metav1alpha1.Table, output io.Writer, options PrintOption
 // namespace column. It will fill empty columns with nil (if the object
 // does not expose metadata). It returns an error if the table cannot
 // be decorated.
-func DecorateTable(table *metav1alpha1.Table, options PrintOptions) error {
+func DecorateTable(table *metav1beta1.Table, options PrintOptions) error {
 	width := len(table.ColumnDefinitions) + len(options.ColumnLabels)
 	if options.WithNamespace {
 		width++
@@ -413,29 +418,28 @@ func DecorateTable(table *metav1alpha1.Table, options PrintOptions) error {
 		for i := range columns {
 			if columns[i].Format == "name" && columns[i].Type == "string" {
 				nameColumn = i
-				fmt.Printf("found name column: %d\n", i)
 				break
 			}
 		}
 	}
 
 	if width != len(table.ColumnDefinitions) {
-		columns = make([]metav1alpha1.TableColumnDefinition, 0, width)
+		columns = make([]metav1beta1.TableColumnDefinition, 0, width)
 		if options.WithNamespace {
-			columns = append(columns, metav1alpha1.TableColumnDefinition{
+			columns = append(columns, metav1beta1.TableColumnDefinition{
 				Name: "Namespace",
 				Type: "string",
 			})
 		}
 		columns = append(columns, table.ColumnDefinitions...)
 		for _, label := range formatLabelHeaders(options.ColumnLabels) {
-			columns = append(columns, metav1alpha1.TableColumnDefinition{
+			columns = append(columns, metav1beta1.TableColumnDefinition{
 				Name: label,
 				Type: "string",
 			})
 		}
 		if options.ShowLabels {
-			columns = append(columns, metav1alpha1.TableColumnDefinition{
+			columns = append(columns, metav1beta1.TableColumnDefinition{
 				Name: "Labels",
 				Type: "string",
 			})
@@ -492,7 +496,7 @@ func DecorateTable(table *metav1alpha1.Table, options PrintOptions) error {
 // PrintTable returns a table for the provided object, using the printer registered for that type. It returns
 // a table that includes all of the information requested by options, but will not remove rows or columns. The
 // caller is responsible for applying rules related to filtering rows or columns.
-func (h *HumanReadablePrinter) PrintTable(obj runtime.Object, options PrintOptions) (*metav1alpha1.Table, error) {
+func (h *HumanReadablePrinter) PrintTable(obj runtime.Object, options PrintOptions) (*metav1beta1.Table, error) {
 	t := reflect.TypeOf(obj)
 	handler, ok := h.handlerMap[t]
 	if !ok {
@@ -510,7 +514,7 @@ func (h *HumanReadablePrinter) PrintTable(obj runtime.Object, options PrintOptio
 
 	columns := handler.columnDefinitions
 	if !options.Wide {
-		columns = make([]metav1alpha1.TableColumnDefinition, 0, len(handler.columnDefinitions))
+		columns = make([]metav1beta1.TableColumnDefinition, 0, len(handler.columnDefinitions))
 		for i := range handler.columnDefinitions {
 			if handler.columnDefinitions[i].Priority != 0 {
 				continue
@@ -518,12 +522,12 @@ func (h *HumanReadablePrinter) PrintTable(obj runtime.Object, options PrintOptio
 			columns = append(columns, handler.columnDefinitions[i])
 		}
 	}
-	table := &metav1alpha1.Table{
+	table := &metav1beta1.Table{
 		ListMeta: metav1.ListMeta{
 			ResourceVersion: "",
 		},
 		ColumnDefinitions: columns,
-		Rows:              results[0].Interface().([]metav1alpha1.TableRow),
+		Rows:              results[0].Interface().([]metav1beta1.TableRow),
 	}
 	if m, err := meta.ListAccessor(obj); err == nil {
 		table.ResourceVersion = m.GetResourceVersion()
@@ -582,7 +586,7 @@ func printRowsForHandlerEntry(output io.Writer, handler *handlerEntry, obj runti
 	}
 
 	if results[1].IsNil() {
-		rows := results[0].Interface().([]metav1alpha1.TableRow)
+		rows := results[0].Interface().([]metav1beta1.TableRow)
 		printRows(output, rows, options)
 		return nil
 	}
@@ -590,7 +594,7 @@ func printRowsForHandlerEntry(output io.Writer, handler *handlerEntry, obj runti
 }
 
 // printRows writes the provided rows to output.
-func printRows(output io.Writer, rows []metav1alpha1.TableRow, options PrintOptions) {
+func printRows(output io.Writer, rows []metav1beta1.TableRow, options PrintOptions) {
 	for _, row := range rows {
 		if options.WithNamespace {
 			if obj := row.Object.Object; obj != nil {
@@ -630,9 +634,9 @@ func printRows(output io.Writer, rows []metav1alpha1.TableRow, options PrintOpti
 
 // legacyPrinterToTable uses the old printFunc with tabbed writer to generate a table.
 // TODO: remove when all legacy printers are removed.
-func (h *HumanReadablePrinter) legacyPrinterToTable(obj runtime.Object, handler *handlerEntry) (*metav1alpha1.Table, error) {
+func (h *HumanReadablePrinter) legacyPrinterToTable(obj runtime.Object, handler *handlerEntry) (*metav1beta1.Table, error) {
 	printFunc := handler.printFunc
-	table := &metav1alpha1.Table{
+	table := &metav1beta1.Table{
 		ColumnDefinitions: handler.columnDefinitions,
 	}
 
@@ -659,7 +663,7 @@ func (h *HumanReadablePrinter) legacyPrinterToTable(obj runtime.Object, handler
 		}
 		for len(data) > 0 {
 			cells, remainder := tabbedLineToCells(data, len(table.ColumnDefinitions))
-			table.Rows = append(table.Rows, metav1alpha1.TableRow{
+			table.Rows = append(table.Rows, metav1beta1.TableRow{
 				Cells:  cells,
 				Object: runtime.RawExtension{Object: items[i]},
 			})
@@ -674,7 +678,7 @@ func (h *HumanReadablePrinter) legacyPrinterToTable(obj runtime.Object, handler
 		}
 		data := buf.Bytes()
 		cells, _ := tabbedLineToCells(data, len(table.ColumnDefinitions))
-		table.Rows = append(table.Rows, metav1alpha1.TableRow{
+		table.Rows = append(table.Rows, metav1beta1.TableRow{
 			Cells:  cells,
 			Object: runtime.RawExtension{Object: obj},
 		})
diff --git a/vendor/k8s.io/kubernetes/pkg/printers/internalversion/BUILD b/vendor/k8s.io/kubernetes/pkg/printers/internalversion/BUILD
index 522478a731e5..1921aa44b81f 100644
--- a/vendor/k8s.io/kubernetes/pkg/printers/internalversion/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/printers/internalversion/BUILD
@@ -13,8 +13,7 @@ go_test(
         "printers_test.go",
         "sorted_resource_name_list_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/printers/internalversion",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/api/testapi:go_default_library",
@@ -28,7 +27,6 @@ go_test(
         "//pkg/apis/storage:go_default_library",
         "//pkg/client/clientset_generated/internalclientset:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/fake:go_default_library",
-        "//pkg/kubectl/testing:go_default_library",
         "//pkg/printers:go_default_library",
         "//pkg/util/pointer:go_default_library",
         "//vendor/github.com/ghodss/yaml:go_default_library",
@@ -38,7 +36,7 @@ go_test(
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/serializer/yaml:go_default_library",
@@ -98,12 +96,13 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/api/meta:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/fields:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/duration:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/client-go/dynamic:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/printers/internalversion/describe.go b/vendor/k8s.io/kubernetes/pkg/printers/internalversion/describe.go
index c33b1c636ceb..318148dfa1b4 100644
--- a/vendor/k8s.io/kubernetes/pkg/printers/internalversion/describe.go
+++ b/vendor/k8s.io/kubernetes/pkg/printers/internalversion/describe.go
@@ -87,7 +87,7 @@ type PrefixWriter interface {
 	Write(level int, format string, a ...interface{})
 	// WriteLine writes an entire line with no indentation level.
 	WriteLine(a ...interface{})
-	// Flush forces indendation to be reset.
+	// Flush forces indentation to be reset.
 	Flush()
 }
 
@@ -636,7 +636,7 @@ func describePod(pod *api.Pod, events *api.EventList) (string, error) {
 		printLabelsMultiline(w, "Labels", pod.Labels)
 		printAnnotationsMultiline(w, "Annotations", pod.Annotations)
 		if pod.DeletionTimestamp != nil {
-			w.Write(LEVEL_0, "Status:\tTerminating (expires %s)\n", pod.DeletionTimestamp.Time.Format(time.RFC1123Z))
+			w.Write(LEVEL_0, "Status:\tTerminating (lasts %s)\n", translateTimestamp(*pod.DeletionTimestamp))
 			w.Write(LEVEL_0, "Termination Grace Period:\t%ds\n", *pod.DeletionGracePeriodSeconds)
 		} else {
 			w.Write(LEVEL_0, "Status:\t%s\n", string(pod.Status.Phase))
@@ -651,6 +651,9 @@ func describePod(pod *api.Pod, events *api.EventList) (string, error) {
 		if controlledBy := printController(pod); len(controlledBy) > 0 {
 			w.Write(LEVEL_0, "Controlled By:\t%s\n", controlledBy)
 		}
+		if len(pod.Status.NominatedNodeName) > 0 {
+			w.Write(LEVEL_0, "NominatedNodeName:\t%s\n", pod.Status.NominatedNodeName)
+		}
 
 		if len(pod.Spec.InitContainers) > 0 {
 			describeContainers("Init Containers", pod.Spec.InitContainers, pod.Status.InitContainerStatuses, EnvValueRetriever(pod), w, "")
@@ -943,7 +946,7 @@ func printAzureDiskVolumeSource(d *api.AzureDiskVolumeSource, w PrefixWriter) {
 func printVsphereVolumeSource(vsphere *api.VsphereVirtualDiskVolumeSource, w PrefixWriter) {
 	w.Write(LEVEL_2, "Type:\tvSphereVolume (a Persistent Disk resource in vSphere)\n"+
 		"    VolumePath:\t%v\n"+
-		"    FSType:\t%v\n",
+		"    FSType:\t%v\n"+
 		"    StoragePolicyName:\t%v\n",
 		vsphere.VolumePath, vsphere.FSType, vsphere.StoragePolicyName)
 }
@@ -1076,12 +1079,22 @@ func printAzureFilePersistentVolumeSource(azureFile *api.AzureFilePersistentVolu
 		azureFile.SecretName, ns, azureFile.ShareName, azureFile.ReadOnly)
 }
 
+func printFlexPersistentVolumeSource(flex *api.FlexPersistentVolumeSource, w PrefixWriter) {
+	w.Write(LEVEL_2, "Type:\tFlexVolume (a generic volume resource that is provisioned/attached using an exec based plugin)\n"+
+		"    Driver:\t%v\n"+
+		"    FSType:\t%v\n"+
+		"    SecretRef:\t%v\n"+
+		"    ReadOnly:\t%v\n"+
+		"    Options:\t%v\n",
+		flex.Driver, flex.FSType, flex.SecretRef, flex.ReadOnly, flex.Options)
+}
+
 func printFlexVolumeSource(flex *api.FlexVolumeSource, w PrefixWriter) {
 	w.Write(LEVEL_2, "Type:\tFlexVolume (a generic volume resource that is provisioned/attached using an exec based plugin)\n"+
 		"    Driver:\t%v\n"+
 		"    FSType:\t%v\n"+
 		"    SecretRef:\t%v\n"+
-		"    ReadOnly:\t%v\n",
+		"    ReadOnly:\t%v\n"+
 		"    Options:\t%v\n",
 		flex.Driver, flex.FSType, flex.SecretRef, flex.ReadOnly, flex.Options)
 }
@@ -1096,7 +1109,7 @@ func printFlockerVolumeSource(flocker *api.FlockerVolumeSource, w PrefixWriter)
 func printCSIPersistentVolumeSource(csi *api.CSIPersistentVolumeSource, w PrefixWriter) {
 	w.Write(LEVEL_2, "Type:\tCSI (a Container Storage Interface (CSI) volume source)\n"+
 		"    Driver:\t%v\n"+
-		"    VolumeHandle:\t%v\n",
+		"    VolumeHandle:\t%v\n"+
 		"    ReadOnly:\t%v\n",
 		csi.Driver, csi.VolumeHandle, csi.ReadOnly)
 }
@@ -1121,14 +1134,61 @@ func (d *PersistentVolumeDescriber) Describe(namespace, name string, describerSe
 	return describePersistentVolume(pv, events)
 }
 
+func printVolumeNodeAffinity(w PrefixWriter, affinity *api.VolumeNodeAffinity) {
+	w.Write(LEVEL_0, "Node Affinity:\t")
+	if affinity == nil || affinity.Required == nil {
+		w.WriteLine("<none>")
+		return
+	}
+	w.WriteLine("")
+
+	if affinity.Required != nil {
+		w.Write(LEVEL_1, "Required Terms:\t")
+		if len(affinity.Required.NodeSelectorTerms) == 0 {
+			w.WriteLine("<none>")
+		} else {
+			w.WriteLine("")
+			for i, term := range affinity.Required.NodeSelectorTerms {
+				printNodeSelectorTermsMultilineWithIndent(w, LEVEL_2, fmt.Sprintf("Term %v", i), "\t", term.MatchExpressions)
+			}
+		}
+	}
+}
+
+// printLabelsMultiline prints multiple labels with a user-defined alignment.
+func printNodeSelectorTermsMultilineWithIndent(w PrefixWriter, indentLevel int, title, innerIndent string, reqs []api.NodeSelectorRequirement) {
+	w.Write(indentLevel, "%s:%s", title, innerIndent)
+
+	if len(reqs) == 0 {
+		w.WriteLine("<none>")
+		return
+	}
+
+	for i, req := range reqs {
+		if i != 0 {
+			w.Write(indentLevel, "%s", innerIndent)
+		}
+		exprStr := fmt.Sprintf("%s %s", req.Key, strings.ToLower(string(req.Operator)))
+		if len(req.Values) > 0 {
+			exprStr = fmt.Sprintf("%s [%s]", exprStr, strings.Join(req.Values, ", "))
+		}
+		w.Write(LEVEL_0, "%s\n", exprStr)
+	}
+}
+
 func describePersistentVolume(pv *api.PersistentVolume, events *api.EventList) (string, error) {
 	return tabbedString(func(out io.Writer) error {
 		w := NewPrefixWriter(out)
 		w.Write(LEVEL_0, "Name:\t%s\n", pv.Name)
 		printLabelsMultiline(w, "Labels", pv.Labels)
 		printAnnotationsMultiline(w, "Annotations", pv.Annotations)
+		w.Write(LEVEL_0, "Finalizers:\t%v\n", pv.ObjectMeta.Finalizers)
 		w.Write(LEVEL_0, "StorageClass:\t%s\n", helper.GetPersistentVolumeClass(pv))
-		w.Write(LEVEL_0, "Status:\t%s\n", pv.Status.Phase)
+		if pv.ObjectMeta.DeletionTimestamp != nil {
+			w.Write(LEVEL_0, "Status:\tTerminating (lasts %s)\n", translateTimestamp(*pv.ObjectMeta.DeletionTimestamp))
+		} else {
+			w.Write(LEVEL_0, "Status:\t%v\n", pv.Status.Phase)
+		}
 		if pv.Spec.ClaimRef != nil {
 			w.Write(LEVEL_0, "Claim:\t%s\n", pv.Spec.ClaimRef.Namespace+"/"+pv.Spec.ClaimRef.Name)
 		} else {
@@ -1141,6 +1201,7 @@ func describePersistentVolume(pv *api.PersistentVolume, events *api.EventList) (
 		}
 		storage := pv.Spec.Capacity[api.ResourceStorage]
 		w.Write(LEVEL_0, "Capacity:\t%s\n", storage.String())
+		printVolumeNodeAffinity(w, pv.Spec.NodeAffinity)
 		w.Write(LEVEL_0, "Message:\t%s\n", pv.Status.Message)
 		w.Write(LEVEL_0, "Source:\n")
 
@@ -1184,7 +1245,7 @@ func describePersistentVolume(pv *api.PersistentVolume, events *api.EventList) (
 		case pv.Spec.AzureFile != nil:
 			printAzureFilePersistentVolumeSource(pv.Spec.AzureFile, w)
 		case pv.Spec.FlexVolume != nil:
-			printFlexVolumeSource(pv.Spec.FlexVolume, w)
+			printFlexPersistentVolumeSource(pv.Spec.FlexVolume, w)
 		case pv.Spec.Flocker != nil:
 			printFlockerVolumeSource(pv.Spec.Flocker, w)
 		case pv.Spec.CSI != nil:
@@ -1225,7 +1286,7 @@ func describePersistentVolumeClaim(pvc *api.PersistentVolumeClaim, events *api.E
 		w.Write(LEVEL_0, "Namespace:\t%s\n", pvc.Namespace)
 		w.Write(LEVEL_0, "StorageClass:\t%s\n", helper.GetPersistentVolumeClaimClass(pvc))
 		if pvc.ObjectMeta.DeletionTimestamp != nil {
-			w.Write(LEVEL_0, "Status:\tTerminating (since %s)\n", pvc.ObjectMeta.DeletionTimestamp.Time.Format(time.RFC1123Z))
+			w.Write(LEVEL_0, "Status:\tTerminating (lasts %s)\n", translateTimestamp(*pvc.ObjectMeta.DeletionTimestamp))
 		} else {
 			w.Write(LEVEL_0, "Status:\t%v\n", pvc.Status.Phase)
 		}
@@ -1305,11 +1366,13 @@ func describeContainerBasicInfo(container api.Container, status api.ContainerSta
 	if strings.Contains(portString, ",") {
 		w.Write(LEVEL_2, "Ports:\t%s\n", portString)
 	} else {
-		if len(portString) == 0 {
-			w.Write(LEVEL_2, "Port:\t<none>\n")
-		} else {
-			w.Write(LEVEL_2, "Port:\t%s\n", portString)
-		}
+		w.Write(LEVEL_2, "Port:\t%s\n", stringOrNone(portString))
+	}
+	hostPortString := describeContainerHostPorts(container.Ports)
+	if strings.Contains(hostPortString, ",") {
+		w.Write(LEVEL_2, "Host Ports:\t%s\n", hostPortString)
+	} else {
+		w.Write(LEVEL_2, "Host Port:\t%s\n", stringOrNone(hostPortString))
 	}
 }
 
@@ -1321,6 +1384,14 @@ func describeContainerPorts(cPorts []api.ContainerPort) string {
 	return strings.Join(ports, ", ")
 }
 
+func describeContainerHostPorts(cPorts []api.ContainerPort) string {
+	ports := make([]string, 0, len(cPorts))
+	for _, cPort := range cPorts {
+		ports = append(ports, fmt.Sprintf("%d/%s", cPort.HostPort, cPort.Protocol))
+	}
+	return strings.Join(ports, ", ")
+}
+
 func describeContainerCommand(container api.Container, w PrefixWriter) {
 	if len(container.Command) > 0 {
 		w.Write(LEVEL_2, "Command:\n")
@@ -2054,12 +2125,7 @@ func describeIngressTLS(w PrefixWriter, ingTLS []extensions.IngressTLS) {
 func describeIngressAnnotations(w PrefixWriter, annotations map[string]string) {
 	w.Write(LEVEL_0, "Annotations:\n")
 	for k, v := range annotations {
-		if !strings.HasPrefix(k, "ingress") {
-			continue
-		}
-		parts := strings.Split(k, "/")
-		name := parts[len(parts)-1]
-		w.Write(LEVEL_1, "%v:\t%s\n", name, v)
+		w.Write(LEVEL_1, "%v:\t%s\n", k, v)
 	}
 	return
 }
@@ -2565,8 +2631,9 @@ func describeNode(node *api.Node, nodeNonTerminatedPodsList *api.PodList, events
 		}
 		printLabelsMultiline(w, "Labels", node.Labels)
 		printAnnotationsMultiline(w, "Annotations", node.Annotations)
-		printNodeTaintsMultiline(w, "Taints", node.Spec.Taints)
 		w.Write(LEVEL_0, "CreationTimestamp:\t%s\n", node.CreationTimestamp.Time.Format(time.RFC1123Z))
+		printNodeTaintsMultiline(w, "Taints", node.Spec.Taints)
+		w.Write(LEVEL_0, "Unschedulable:\t%v\n", node.Spec.Unschedulable)
 		if len(node.Status.Conditions) > 0 {
 			w.Write(LEVEL_0, "Conditions:\n  Type\tStatus\tLastHeartbeatTime\tLastTransitionTime\tReason\tMessage\n")
 			w.Write(LEVEL_1, "----\t------\t-----------------\t------------------\t------\t-------\n")
@@ -2625,10 +2692,11 @@ func describeNode(node *api.Node, nodeNonTerminatedPodsList *api.PodList, events
 		if len(node.Spec.ExternalID) > 0 {
 			w.Write(LEVEL_0, "ExternalID:\t%s\n", node.Spec.ExternalID)
 		}
+		if len(node.Spec.ProviderID) > 0 {
+			w.Write(LEVEL_0, "ProviderID:\t%s\n", node.Spec.ProviderID)
+		}
 		if canViewPods && nodeNonTerminatedPodsList != nil {
-			if err := describeNodeResource(nodeNonTerminatedPodsList, node, w); err != nil {
-				return err
-			}
+			describeNodeResource(nodeNonTerminatedPodsList, node, w)
 		} else {
 			w.Write(LEVEL_0, "Pods:\tnot authorized\n")
 		}
@@ -2798,6 +2866,22 @@ func describeHorizontalPodAutoscaler(hpa *autoscaling.HorizontalPodAutoscaler, e
 		w.Write(LEVEL_0, "Metrics:\t( current / target )\n")
 		for i, metric := range hpa.Spec.Metrics {
 			switch metric.Type {
+			case autoscaling.ExternalMetricSourceType:
+				if metric.External.TargetAverageValue != nil {
+					current := "<unknown>"
+					if len(hpa.Status.CurrentMetrics) > i && hpa.Status.CurrentMetrics[i].External != nil &&
+						hpa.Status.CurrentMetrics[i].External.CurrentAverageValue != nil {
+						current = hpa.Status.CurrentMetrics[i].External.CurrentAverageValue.String()
+					}
+					w.Write(LEVEL_1, "%q (target average value):\t%s / %s\n", metric.External.MetricName, current, metric.External.TargetAverageValue.String())
+				} else {
+					current := "<unknown>"
+					if len(hpa.Status.CurrentMetrics) > i && hpa.Status.CurrentMetrics[i].External != nil {
+						current = hpa.Status.CurrentMetrics[i].External.CurrentValue.String()
+					}
+					w.Write(LEVEL_1, "%q (target value):\t%s / %s\n", metric.External.MetricName, current, metric.External.TargetValue.String())
+
+				}
 			case autoscaling.PodsMetricSourceType:
 				current := "<unknown>"
 				if len(hpa.Status.CurrentMetrics) > i && hpa.Status.CurrentMetrics[i].Pods != nil {
@@ -2868,7 +2952,7 @@ func describeHorizontalPodAutoscaler(hpa *autoscaling.HorizontalPodAutoscaler, e
 	})
 }
 
-func describeNodeResource(nodeNonTerminatedPodsList *api.PodList, node *api.Node, w PrefixWriter) error {
+func describeNodeResource(nodeNonTerminatedPodsList *api.PodList, node *api.Node, w PrefixWriter) {
 	w.Write(LEVEL_0, "Non-terminated Pods:\t(%d in total)\n", len(nodeNonTerminatedPodsList.Items))
 	w.Write(LEVEL_1, "Namespace\tName\t\tCPU Requests\tCPU Limits\tMemory Requests\tMemory Limits\n")
 	w.Write(LEVEL_1, "---------\t----\t\t------------\t----------\t---------------\t-------------\n")
@@ -2878,10 +2962,7 @@ func describeNodeResource(nodeNonTerminatedPodsList *api.PodList, node *api.Node
 	}
 
 	for _, pod := range nodeNonTerminatedPodsList.Items {
-		req, limit, err := resourcehelper.PodRequestsAndLimits(&pod)
-		if err != nil {
-			return err
-		}
+		req, limit := resourcehelper.PodRequestsAndLimits(&pod)
 		cpuReq, cpuLimit, memoryReq, memoryLimit := req[api.ResourceCPU], limit[api.ResourceCPU], req[api.ResourceMemory], limit[api.ResourceMemory]
 		fractionCpuReq := float64(cpuReq.MilliValue()) / float64(allocatable.Cpu().MilliValue()) * 100
 		fractionCpuLimit := float64(cpuLimit.MilliValue()) / float64(allocatable.Cpu().MilliValue()) * 100
@@ -2894,28 +2975,29 @@ func describeNodeResource(nodeNonTerminatedPodsList *api.PodList, node *api.Node
 
 	w.Write(LEVEL_0, "Allocated resources:\n  (Total limits may be over 100 percent, i.e., overcommitted.)\n  CPU Requests\tCPU Limits\tMemory Requests\tMemory Limits\n")
 	w.Write(LEVEL_1, "------------\t----------\t---------------\t-------------\n")
-	reqs, limits, err := getPodsTotalRequestsAndLimits(nodeNonTerminatedPodsList)
-	if err != nil {
-		return err
-	}
+	reqs, limits := getPodsTotalRequestsAndLimits(nodeNonTerminatedPodsList)
 	cpuReqs, cpuLimits, memoryReqs, memoryLimits := reqs[api.ResourceCPU], limits[api.ResourceCPU], reqs[api.ResourceMemory], limits[api.ResourceMemory]
-	fractionCpuReqs := float64(cpuReqs.MilliValue()) / float64(allocatable.Cpu().MilliValue()) * 100
-	fractionCpuLimits := float64(cpuLimits.MilliValue()) / float64(allocatable.Cpu().MilliValue()) * 100
-	fractionMemoryReqs := float64(memoryReqs.Value()) / float64(allocatable.Memory().Value()) * 100
-	fractionMemoryLimits := float64(memoryLimits.Value()) / float64(allocatable.Memory().Value()) * 100
+	fractionCpuReqs := float64(0)
+	fractionCpuLimits := float64(0)
+	if allocatable.Cpu().MilliValue() != 0 {
+		fractionCpuReqs = float64(cpuReqs.MilliValue()) / float64(allocatable.Cpu().MilliValue()) * 100
+		fractionCpuLimits = float64(cpuLimits.MilliValue()) / float64(allocatable.Cpu().MilliValue()) * 100
+	}
+	fractionMemoryReqs := float64(0)
+	fractionMemoryLimits := float64(0)
+	if allocatable.Memory().Value() != 0 {
+		fractionMemoryReqs = float64(memoryReqs.Value()) / float64(allocatable.Memory().Value()) * 100
+		fractionMemoryLimits = float64(memoryLimits.Value()) / float64(allocatable.Memory().Value()) * 100
+	}
 	w.Write(LEVEL_1, "%s (%d%%)\t%s (%d%%)\t%s (%d%%)\t%s (%d%%)\n",
 		cpuReqs.String(), int64(fractionCpuReqs), cpuLimits.String(), int64(fractionCpuLimits),
 		memoryReqs.String(), int64(fractionMemoryReqs), memoryLimits.String(), int64(fractionMemoryLimits))
-	return nil
 }
 
-func getPodsTotalRequestsAndLimits(podList *api.PodList) (reqs map[api.ResourceName]resource.Quantity, limits map[api.ResourceName]resource.Quantity, err error) {
+func getPodsTotalRequestsAndLimits(podList *api.PodList) (reqs map[api.ResourceName]resource.Quantity, limits map[api.ResourceName]resource.Quantity) {
 	reqs, limits = map[api.ResourceName]resource.Quantity{}, map[api.ResourceName]resource.Quantity{}
 	for _, pod := range podList.Items {
-		podReqs, podLimits, err := resourcehelper.PodRequestsAndLimits(&pod)
-		if err != nil {
-			return nil, nil, err
-		}
+		podReqs, podLimits := resourcehelper.PodRequestsAndLimits(&pod)
 		for podReqName, podReqValue := range podReqs {
 			if value, ok := reqs[podReqName]; !ok {
 				reqs[podReqName] = *podReqValue.Copy()
@@ -3261,6 +3343,15 @@ func describeStorageClass(sc *storage.StorageClass, events *api.EventList) (stri
 		w.Write(LEVEL_0, "Annotations:\t%s\n", labels.FormatLabels(sc.Annotations))
 		w.Write(LEVEL_0, "Provisioner:\t%s\n", sc.Provisioner)
 		w.Write(LEVEL_0, "Parameters:\t%s\n", labels.FormatLabels(sc.Parameters))
+		w.Write(LEVEL_0, "AllowVolumeExpansion:\t%s\n", printBoolPtr(sc.AllowVolumeExpansion))
+		if len(sc.MountOptions) == 0 {
+			w.Write(LEVEL_0, "MountOptions:\t<none>\n")
+		} else {
+			w.Write(LEVEL_0, "MountOptions:\n")
+			for _, option := range sc.MountOptions {
+				w.Write(LEVEL_1, "%s\n", option)
+			}
+		}
 		if sc.ReclaimPolicy != nil {
 			w.Write(LEVEL_0, "ReclaimPolicy:\t%s\n", *sc.ReclaimPolicy)
 		}
@@ -3346,8 +3437,8 @@ func describePriorityClass(pc *scheduling.PriorityClass, events *api.EventList)
 	return tabbedString(func(out io.Writer) error {
 		w := NewPrefixWriter(out)
 		w.Write(LEVEL_0, "Name:\t%s\n", pc.Name)
-		w.Write(LEVEL_0, "Value:\t%s\n", pc.Value)
-		w.Write(LEVEL_0, "GlobalDefault:\t%s\n", pc.GlobalDefault)
+		w.Write(LEVEL_0, "Value:\t%v\n", pc.Value)
+		w.Write(LEVEL_0, "GlobalDefault:\t%v\n", pc.GlobalDefault)
 		w.Write(LEVEL_0, "Description:\t%s\n", pc.Description)
 
 		w.Write(LEVEL_0, "Annotations:\t%s\n", labels.FormatLabels(pc.Annotations))
@@ -3381,6 +3472,7 @@ func describePodSecurityPolicy(psp *extensions.PodSecurityPolicy) (string, error
 		w.Write(LEVEL_0, "\nSettings:\n")
 
 		w.Write(LEVEL_1, "Allow Privileged:\t%t\n", psp.Spec.Privileged)
+		w.Write(LEVEL_1, "Allow Privilege Escalation:\t%v\n", psp.Spec.AllowPrivilegeEscalation)
 		w.Write(LEVEL_1, "Default Add Capabilities:\t%v\n", capsToString(psp.Spec.DefaultAddCapabilities))
 		w.Write(LEVEL_1, "Required Drop Capabilities:\t%s\n", capsToString(psp.Spec.RequiredDropCapabilities))
 		w.Write(LEVEL_1, "Allowed Capabilities:\t%s\n", capsToString(psp.Spec.AllowedCapabilities))
diff --git a/vendor/k8s.io/kubernetes/pkg/printers/internalversion/printers.go b/vendor/k8s.io/kubernetes/pkg/printers/internalversion/printers.go
index 0b8d1b192163..93e099776b83 100644
--- a/vendor/k8s.io/kubernetes/pkg/printers/internalversion/printers.go
+++ b/vendor/k8s.io/kubernetes/pkg/printers/internalversion/printers.go
@@ -37,9 +37,10 @@ import (
 	storagev1 "k8s.io/api/storage/v1"
 	"k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	metav1alpha1 "k8s.io/apimachinery/pkg/apis/meta/v1alpha1"
+	metav1beta1 "k8s.io/apimachinery/pkg/apis/meta/v1beta1"
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/util/duration"
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/kubernetes/pkg/api/events"
 	"k8s.io/kubernetes/pkg/apis/apps"
@@ -72,7 +73,7 @@ const (
 // AddHandlers adds print handlers for default Kubernetes types dealing with internal versions.
 // TODO: handle errors from Handler
 func AddHandlers(h printers.PrintHandler) {
-	podColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	podColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Ready", Type: "string", Description: "The aggregate readiness state of this pod for accepting traffic."},
 		{Name: "Status", Type: "string", Description: "The aggregate status of the containers in this pod."},
@@ -84,7 +85,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(podColumnDefinitions, printPodList)
 	h.TableHandler(podColumnDefinitions, printPod)
 
-	podTemplateColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	podTemplateColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Containers", Type: "string", Description: "Names of each container in the template."},
 		{Name: "Images", Type: "string", Description: "Images referenced by each container in the template."},
@@ -93,7 +94,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(podTemplateColumnDefinitions, printPodTemplate)
 	h.TableHandler(podTemplateColumnDefinitions, printPodTemplateList)
 
-	podDisruptionBudgetColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	podDisruptionBudgetColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Min Available", Type: "string", Description: "The minimum number of pods that must be available."},
 		{Name: "Max Unavailable", Type: "string", Description: "The maximum number of pods that may be unavailable."},
@@ -103,7 +104,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(podDisruptionBudgetColumnDefinitions, printPodDisruptionBudget)
 	h.TableHandler(podDisruptionBudgetColumnDefinitions, printPodDisruptionBudgetList)
 
-	replicationControllerColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	replicationControllerColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Desired", Type: "integer", Description: apiv1.ReplicationControllerSpec{}.SwaggerDoc()["replicas"]},
 		{Name: "Current", Type: "integer", Description: apiv1.ReplicationControllerStatus{}.SwaggerDoc()["replicas"]},
@@ -116,7 +117,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(replicationControllerColumnDefinitions, printReplicationController)
 	h.TableHandler(replicationControllerColumnDefinitions, printReplicationControllerList)
 
-	replicaSetColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	replicaSetColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Desired", Type: "integer", Description: extensionsv1beta1.ReplicaSetSpec{}.SwaggerDoc()["replicas"]},
 		{Name: "Current", Type: "integer", Description: extensionsv1beta1.ReplicaSetStatus{}.SwaggerDoc()["replicas"]},
@@ -129,7 +130,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(replicaSetColumnDefinitions, printReplicaSet)
 	h.TableHandler(replicaSetColumnDefinitions, printReplicaSetList)
 
-	daemonSetColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	daemonSetColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Desired", Type: "integer", Description: extensionsv1beta1.DaemonSetStatus{}.SwaggerDoc()["desiredNumberScheduled"]},
 		{Name: "Current", Type: "integer", Description: extensionsv1beta1.DaemonSetStatus{}.SwaggerDoc()["currentNumberScheduled"]},
@@ -145,7 +146,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(daemonSetColumnDefinitions, printDaemonSet)
 	h.TableHandler(daemonSetColumnDefinitions, printDaemonSetList)
 
-	jobColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	jobColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Desired", Type: "integer", Description: batchv1.JobSpec{}.SwaggerDoc()["completions"]},
 		{Name: "Successful", Type: "integer", Description: batchv1.JobStatus{}.SwaggerDoc()["succeeded"]},
@@ -157,7 +158,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(jobColumnDefinitions, printJob)
 	h.TableHandler(jobColumnDefinitions, printJobList)
 
-	cronJobColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	cronJobColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Schedule", Type: "string", Description: batchv1beta1.CronJobSpec{}.SwaggerDoc()["schedule"]},
 		{Name: "Suspend", Type: "boolean", Description: batchv1beta1.CronJobSpec{}.SwaggerDoc()["suspend"]},
@@ -171,7 +172,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(cronJobColumnDefinitions, printCronJob)
 	h.TableHandler(cronJobColumnDefinitions, printCronJobList)
 
-	serviceColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	serviceColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Type", Type: "string", Description: apiv1.ServiceSpec{}.SwaggerDoc()["type"]},
 		{Name: "Cluster-IP", Type: "string", Description: apiv1.ServiceSpec{}.SwaggerDoc()["clusterIP"]},
@@ -184,7 +185,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(serviceColumnDefinitions, printService)
 	h.TableHandler(serviceColumnDefinitions, printServiceList)
 
-	ingressColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	ingressColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Hosts", Type: "string", Description: "Hosts that incoming requests are matched against before the ingress rule"},
 		{Name: "Address", Type: "string", Description: "Address is a list containing ingress points for the load-balancer"},
@@ -194,7 +195,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(ingressColumnDefinitions, printIngress)
 	h.TableHandler(ingressColumnDefinitions, printIngressList)
 
-	statefulSetColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	statefulSetColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Desired", Type: "string", Description: appsv1beta1.StatefulSetSpec{}.SwaggerDoc()["replicas"]},
 		{Name: "Current", Type: "string", Description: appsv1beta1.StatefulSetStatus{}.SwaggerDoc()["replicas"]},
@@ -205,7 +206,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(statefulSetColumnDefinitions, printStatefulSet)
 	h.TableHandler(statefulSetColumnDefinitions, printStatefulSetList)
 
-	endpointColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	endpointColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Endpoints", Type: "string", Description: apiv1.Endpoints{}.SwaggerDoc()["subsets"]},
 		{Name: "Age", Type: "string", Description: metav1.ObjectMeta{}.SwaggerDoc()["creationTimestamp"]},
@@ -213,7 +214,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(endpointColumnDefinitions, printEndpoints)
 	h.TableHandler(endpointColumnDefinitions, printEndpointsList)
 
-	nodeColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	nodeColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Status", Type: "string", Description: "The status of the node"},
 		{Name: "Roles", Type: "string", Description: "The roles of the node"},
@@ -228,7 +229,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(nodeColumnDefinitions, printNode)
 	h.TableHandler(nodeColumnDefinitions, printNodeList)
 
-	eventColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	eventColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Last Seen", Type: "string", Description: apiv1.Event{}.SwaggerDoc()["lastTimestamp"]},
 		{Name: "First Seen", Type: "string", Description: apiv1.Event{}.SwaggerDoc()["firstTimestamp"]},
 		{Name: "Count", Type: "string", Description: apiv1.Event{}.SwaggerDoc()["count"]},
@@ -243,7 +244,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(eventColumnDefinitions, printEvent)
 	h.TableHandler(eventColumnDefinitions, printEventList)
 
-	namespaceColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	namespaceColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Status", Type: "string", Description: "The status of the namespace"},
 		{Name: "Age", Type: "string", Description: metav1.ObjectMeta{}.SwaggerDoc()["creationTimestamp"]},
@@ -251,7 +252,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(namespaceColumnDefinitions, printNamespace)
 	h.TableHandler(namespaceColumnDefinitions, printNamespaceList)
 
-	secretColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	secretColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Type", Type: "string", Description: apiv1.Secret{}.SwaggerDoc()["type"]},
 		{Name: "Data", Type: "string", Description: apiv1.Secret{}.SwaggerDoc()["data"]},
@@ -260,7 +261,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(secretColumnDefinitions, printSecret)
 	h.TableHandler(secretColumnDefinitions, printSecretList)
 
-	serviceAccountColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	serviceAccountColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Secrets", Type: "string", Description: apiv1.ServiceAccount{}.SwaggerDoc()["secrets"]},
 		{Name: "Age", Type: "string", Description: metav1.ObjectMeta{}.SwaggerDoc()["creationTimestamp"]},
@@ -268,7 +269,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(serviceAccountColumnDefinitions, printServiceAccount)
 	h.TableHandler(serviceAccountColumnDefinitions, printServiceAccountList)
 
-	persistentVolumeColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	persistentVolumeColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Capacity", Type: "string", Description: apiv1.PersistentVolumeSpec{}.SwaggerDoc()["capacity"]},
 		{Name: "Access Modes", Type: "string", Description: apiv1.PersistentVolumeSpec{}.SwaggerDoc()["accessModes"]},
@@ -282,10 +283,10 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(persistentVolumeColumnDefinitions, printPersistentVolume)
 	h.TableHandler(persistentVolumeColumnDefinitions, printPersistentVolumeList)
 
-	persistentVolumeClaimColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	persistentVolumeClaimColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Status", Type: "string", Description: apiv1.PersistentVolumeClaimStatus{}.SwaggerDoc()["phase"]},
-		{Name: "Volume", Type: "string", Description: apiv1.PersistentVolumeSpec{}.SwaggerDoc()["volumeName"]},
+		{Name: "Volume", Type: "string", Description: apiv1.PersistentVolumeClaimSpec{}.SwaggerDoc()["volumeName"]},
 		{Name: "Capacity", Type: "string", Description: apiv1.PersistentVolumeClaimStatus{}.SwaggerDoc()["capacity"]},
 		{Name: "Access Modes", Type: "string", Description: apiv1.PersistentVolumeClaimStatus{}.SwaggerDoc()["accessModes"]},
 		{Name: "StorageClass", Type: "string", Description: "StorageClass of the pvc"},
@@ -294,7 +295,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(persistentVolumeClaimColumnDefinitions, printPersistentVolumeClaim)
 	h.TableHandler(persistentVolumeClaimColumnDefinitions, printPersistentVolumeClaimList)
 
-	componentStatusColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	componentStatusColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Status", Type: "string", Description: "Status of the component conditions"},
 		{Name: "Message", Type: "string", Description: "Message of the component conditions"},
@@ -303,7 +304,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(componentStatusColumnDefinitions, printComponentStatus)
 	h.TableHandler(componentStatusColumnDefinitions, printComponentStatusList)
 
-	deploymentColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	deploymentColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Desired", Type: "string", Description: extensionsv1beta1.DeploymentSpec{}.SwaggerDoc()["replicas"]},
 		{Name: "Current", Type: "string", Description: extensionsv1beta1.DeploymentStatus{}.SwaggerDoc()["replicas"]},
@@ -317,7 +318,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(deploymentColumnDefinitions, printDeployment)
 	h.TableHandler(deploymentColumnDefinitions, printDeploymentList)
 
-	horizontalPodAutoscalerColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	horizontalPodAutoscalerColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Reference", Type: "string", Description: autoscalingv2beta1.HorizontalPodAutoscalerSpec{}.SwaggerDoc()["scaleTargetRef"]},
 		{Name: "Targets", Type: "string", Description: autoscalingv2beta1.HorizontalPodAutoscalerSpec{}.SwaggerDoc()["metrics"]},
@@ -329,7 +330,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(horizontalPodAutoscalerColumnDefinitions, printHorizontalPodAutoscaler)
 	h.TableHandler(horizontalPodAutoscalerColumnDefinitions, printHorizontalPodAutoscalerList)
 
-	configMapColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	configMapColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Data", Type: "string", Description: apiv1.ConfigMap{}.SwaggerDoc()["data"]},
 		{Name: "Age", Type: "string", Description: metav1.ObjectMeta{}.SwaggerDoc()["creationTimestamp"]},
@@ -337,7 +338,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(configMapColumnDefinitions, printConfigMap)
 	h.TableHandler(configMapColumnDefinitions, printConfigMapList)
 
-	podSecurityPolicyColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	podSecurityPolicyColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Data", Type: "string", Description: extensionsv1beta1.PodSecurityPolicySpec{}.SwaggerDoc()["privileged"]},
 		{Name: "Caps", Type: "string", Description: extensionsv1beta1.PodSecurityPolicySpec{}.SwaggerDoc()["allowedCapabilities"]},
@@ -351,7 +352,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(podSecurityPolicyColumnDefinitions, printPodSecurityPolicy)
 	h.TableHandler(podSecurityPolicyColumnDefinitions, printPodSecurityPolicyList)
 
-	networkPolicyColumnDefinitioins := []metav1alpha1.TableColumnDefinition{
+	networkPolicyColumnDefinitioins := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Pod-Selector", Type: "string", Description: extensionsv1beta1.NetworkPolicySpec{}.SwaggerDoc()["podSelector"]},
 		{Name: "Age", Type: "string", Description: metav1.ObjectMeta{}.SwaggerDoc()["creationTimestamp"]},
@@ -359,7 +360,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(networkPolicyColumnDefinitioins, printNetworkPolicy)
 	h.TableHandler(networkPolicyColumnDefinitioins, printNetworkPolicyList)
 
-	roleBindingsColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	roleBindingsColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Age", Type: "string", Description: metav1.ObjectMeta{}.SwaggerDoc()["creationTimestamp"]},
 		{Name: "Role", Type: "string", Priority: 1, Description: rbacv1beta1.RoleBinding{}.SwaggerDoc()["roleRef"]},
@@ -370,7 +371,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(roleBindingsColumnDefinitions, printRoleBinding)
 	h.TableHandler(roleBindingsColumnDefinitions, printRoleBindingList)
 
-	clusterRoleBindingsColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	clusterRoleBindingsColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Age", Type: "string", Description: metav1.ObjectMeta{}.SwaggerDoc()["creationTimestamp"]},
 		{Name: "Role", Type: "string", Priority: 1, Description: rbacv1beta1.ClusterRoleBinding{}.SwaggerDoc()["roleRef"]},
@@ -381,7 +382,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(clusterRoleBindingsColumnDefinitions, printClusterRoleBinding)
 	h.TableHandler(clusterRoleBindingsColumnDefinitions, printClusterRoleBindingList)
 
-	certificateSigningRequestColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	certificateSigningRequestColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Age", Type: "string", Description: metav1.ObjectMeta{}.SwaggerDoc()["creationTimestamp"]},
 		{Name: "Requestor", Type: "string", Description: certificatesv1beta1.CertificateSigningRequestSpec{}.SwaggerDoc()["request"]},
@@ -390,7 +391,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(certificateSigningRequestColumnDefinitions, printCertificateSigningRequest)
 	h.TableHandler(certificateSigningRequestColumnDefinitions, printCertificateSigningRequestList)
 
-	storageClassColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	storageClassColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Provisioner", Type: "string", Description: storagev1.StorageClass{}.SwaggerDoc()["provisioner"]},
 		{Name: "Age", Type: "string", Description: metav1.ObjectMeta{}.SwaggerDoc()["creationTimestamp"]},
@@ -399,7 +400,7 @@ func AddHandlers(h printers.PrintHandler) {
 	h.TableHandler(storageClassColumnDefinitions, printStorageClass)
 	h.TableHandler(storageClassColumnDefinitions, printStorageClassList)
 
-	statusColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	statusColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Status", Type: "string", Description: metav1.Status{}.SwaggerDoc()["status"]},
 		{Name: "Reason", Type: "string", Description: metav1.Status{}.SwaggerDoc()["reason"]},
 		{Name: "Message", Type: "string", Description: metav1.Status{}.SwaggerDoc()["Message"]},
@@ -407,7 +408,7 @@ func AddHandlers(h printers.PrintHandler) {
 
 	h.TableHandler(statusColumnDefinitions, printStatus)
 
-	controllerRevisionColumnDefinition := []metav1alpha1.TableColumnDefinition{
+	controllerRevisionColumnDefinition := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Controller", Type: "string", Description: "Controller of the object"},
 		{Name: "Revision", Type: "string", Description: appsv1beta1.ControllerRevision{}.SwaggerDoc()["revision"]},
@@ -422,16 +423,16 @@ func AddHandlers(h printers.PrintHandler) {
 // AddDefaultHandlers adds handlers that can work with most Kubernetes objects.
 func AddDefaultHandlers(h printers.PrintHandler) {
 	// types without defined columns
-	objectMetaColumnDefinitions := []metav1alpha1.TableColumnDefinition{
+	objectMetaColumnDefinitions := []metav1beta1.TableColumnDefinition{
 		{Name: "Name", Type: "string", Format: "name", Description: metav1.ObjectMeta{}.SwaggerDoc()["name"]},
 		{Name: "Age", Type: "string", Description: metav1.ObjectMeta{}.SwaggerDoc()["creationTimestamp"]},
 	}
 	h.DefaultTableHandler(objectMetaColumnDefinitions, printObjectMeta)
 }
 
-func printObjectMeta(obj runtime.Object, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
+func printObjectMeta(obj runtime.Object, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
 	if meta.IsListType(obj) {
-		rows := make([]metav1alpha1.TableRow, 0, 16)
+		rows := make([]metav1beta1.TableRow, 0, 16)
 		err := meta.EachListItem(obj, func(obj runtime.Object) error {
 			nestedRows, err := printObjectMeta(obj, options)
 			if err != nil {
@@ -446,12 +447,12 @@ func printObjectMeta(obj runtime.Object, options printers.PrintOptions) ([]metav
 		return rows, nil
 	}
 
-	rows := make([]metav1alpha1.TableRow, 0, 1)
+	rows := make([]metav1beta1.TableRow, 0, 1)
 	m, err := meta.Accessor(obj)
 	if err != nil {
 		return nil, err
 	}
-	row := metav1alpha1.TableRow{
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 	row.Cells = append(row.Cells, m.GetName(), translateTimestamp(m.GetCreationTimestamp()))
@@ -500,16 +501,16 @@ func translateTimestamp(timestamp metav1.Time) string {
 	if timestamp.IsZero() {
 		return "<unknown>"
 	}
-	return printers.ShortHumanDuration(time.Now().Sub(timestamp.Time))
+	return duration.ShortHumanDuration(time.Now().Sub(timestamp.Time))
 }
 
 var (
-	podSuccessConditions = []metav1alpha1.TableRowCondition{{Type: metav1alpha1.RowCompleted, Status: metav1alpha1.ConditionTrue, Reason: string(api.PodSucceeded), Message: "The pod has completed successfully."}}
-	podFailedConditions  = []metav1alpha1.TableRowCondition{{Type: metav1alpha1.RowCompleted, Status: metav1alpha1.ConditionTrue, Reason: string(api.PodFailed), Message: "The pod failed."}}
+	podSuccessConditions = []metav1beta1.TableRowCondition{{Type: metav1beta1.RowCompleted, Status: metav1beta1.ConditionTrue, Reason: string(api.PodSucceeded), Message: "The pod has completed successfully."}}
+	podFailedConditions  = []metav1beta1.TableRowCondition{{Type: metav1beta1.RowCompleted, Status: metav1beta1.ConditionTrue, Reason: string(api.PodFailed), Message: "The pod failed."}}
 )
 
-func printPodList(podList *api.PodList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(podList.Items))
+func printPodList(podList *api.PodList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(podList.Items))
 	for i := range podList.Items {
 		r, err := printPod(&podList.Items[i], options)
 		if err != nil {
@@ -520,7 +521,7 @@ func printPodList(podList *api.PodList, options printers.PrintOptions) ([]metav1
 	return rows, nil
 }
 
-func printPod(pod *api.Pod, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
+func printPod(pod *api.Pod, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
 	restarts := 0
 	totalContainers := len(pod.Spec.Containers)
 	readyContainers := 0
@@ -530,7 +531,7 @@ func printPod(pod *api.Pod, options printers.PrintOptions) ([]metav1alpha1.Table
 		reason = pod.Status.Reason
 	}
 
-	row := metav1alpha1.TableRow{
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: pod},
 	}
 
@@ -609,22 +610,25 @@ func printPod(pod *api.Pod, options printers.PrintOptions) ([]metav1alpha1.Table
 			nodeName = "<none>"
 		}
 		row.Cells = append(row.Cells, podIP, nodeName)
+		if len(pod.Status.NominatedNodeName) > 0 {
+			row.Cells = append(row.Cells, pod.Status.NominatedNodeName)
+		}
 	}
 
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printPodTemplate(obj *api.PodTemplate, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printPodTemplate(obj *api.PodTemplate, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 	names, images := layoutContainerCells(obj.Template.Spec.Containers)
 	row.Cells = append(row.Cells, obj.Name, names, images, labels.FormatLabels(obj.Template.Labels))
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printPodTemplateList(list *api.PodTemplateList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printPodTemplateList(list *api.PodTemplateList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printPodTemplate(&list.Items[i], options)
 		if err != nil {
@@ -635,8 +639,8 @@ func printPodTemplateList(list *api.PodTemplateList, options printers.PrintOptio
 	return rows, nil
 }
 
-func printPodDisruptionBudget(obj *policy.PodDisruptionBudget, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printPodDisruptionBudget(obj *policy.PodDisruptionBudget, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 
@@ -655,11 +659,11 @@ func printPodDisruptionBudget(obj *policy.PodDisruptionBudget, options printers.
 	}
 
 	row.Cells = append(row.Cells, obj.Name, minAvailable, maxUnavailable, obj.Status.PodDisruptionsAllowed, translateTimestamp(obj.CreationTimestamp))
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printPodDisruptionBudgetList(list *policy.PodDisruptionBudgetList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printPodDisruptionBudgetList(list *policy.PodDisruptionBudgetList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printPodDisruptionBudget(&list.Items[i], options)
 		if err != nil {
@@ -671,8 +675,8 @@ func printPodDisruptionBudgetList(list *policy.PodDisruptionBudgetList, options
 }
 
 // TODO(AdoHe): try to put wide output in a single method
-func printReplicationController(obj *api.ReplicationController, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printReplicationController(obj *api.ReplicationController, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 
@@ -685,11 +689,11 @@ func printReplicationController(obj *api.ReplicationController, options printers
 		names, images := layoutContainerCells(obj.Spec.Template.Spec.Containers)
 		row.Cells = append(row.Cells, names, images, labels.FormatLabels(obj.Spec.Selector))
 	}
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printReplicationControllerList(list *api.ReplicationControllerList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printReplicationControllerList(list *api.ReplicationControllerList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printReplicationController(&list.Items[i], options)
 		if err != nil {
@@ -700,8 +704,8 @@ func printReplicationControllerList(list *api.ReplicationControllerList, options
 	return rows, nil
 }
 
-func printReplicaSet(obj *extensions.ReplicaSet, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printReplicaSet(obj *extensions.ReplicaSet, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 
@@ -714,11 +718,11 @@ func printReplicaSet(obj *extensions.ReplicaSet, options printers.PrintOptions)
 		names, images := layoutContainerCells(obj.Spec.Template.Spec.Containers)
 		row.Cells = append(row.Cells, names, images, metav1.FormatLabelSelector(obj.Spec.Selector))
 	}
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printReplicaSetList(list *extensions.ReplicaSetList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printReplicaSetList(list *extensions.ReplicaSetList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printReplicaSet(&list.Items[i], options)
 		if err != nil {
@@ -729,8 +733,8 @@ func printReplicaSetList(list *extensions.ReplicaSetList, options printers.Print
 	return rows, nil
 }
 
-func printJob(obj *batch.Job, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printJob(obj *batch.Job, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 
@@ -746,11 +750,11 @@ func printJob(obj *batch.Job, options printers.PrintOptions) ([]metav1alpha1.Tab
 		names, images := layoutContainerCells(obj.Spec.Template.Spec.Containers)
 		row.Cells = append(row.Cells, names, images, metav1.FormatLabelSelector(obj.Spec.Selector))
 	}
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printJobList(list *batch.JobList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printJobList(list *batch.JobList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printJob(&list.Items[i], options)
 		if err != nil {
@@ -761,8 +765,8 @@ func printJobList(list *batch.JobList, options printers.PrintOptions) ([]metav1a
 	return rows, nil
 }
 
-func printCronJob(obj *batch.CronJob, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printCronJob(obj *batch.CronJob, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 
@@ -776,11 +780,11 @@ func printCronJob(obj *batch.CronJob, options printers.PrintOptions) ([]metav1al
 		names, images := layoutContainerCells(obj.Spec.JobTemplate.Spec.Template.Spec.Containers)
 		row.Cells = append(row.Cells, names, images, metav1.FormatLabelSelector(obj.Spec.JobTemplate.Spec.Selector))
 	}
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printCronJobList(list *batch.CronJobList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printCronJobList(list *batch.CronJobList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printCronJob(&list.Items[i], options)
 		if err != nil {
@@ -855,8 +859,8 @@ func makePortString(ports []api.ServicePort) string {
 	return strings.Join(pieces, ",")
 }
 
-func printService(obj *api.Service, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printService(obj *api.Service, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 	svcType := obj.Spec.Type
@@ -875,11 +879,11 @@ func printService(obj *api.Service, options printers.PrintOptions) ([]metav1alph
 		row.Cells = append(row.Cells, labels.FormatLabels(obj.Spec.Selector))
 	}
 
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printServiceList(list *api.ServiceList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printServiceList(list *api.ServiceList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printService(&list.Items[i], options)
 		if err != nil {
@@ -927,8 +931,8 @@ func formatPorts(tls []extensions.IngressTLS) string {
 	return "80"
 }
 
-func printIngress(obj *extensions.Ingress, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printIngress(obj *extensions.Ingress, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 	hosts := formatHosts(obj.Spec.Rules)
@@ -936,11 +940,11 @@ func printIngress(obj *extensions.Ingress, options printers.PrintOptions) ([]met
 	ports := formatPorts(obj.Spec.TLS)
 	createTime := translateTimestamp(obj.CreationTimestamp)
 	row.Cells = append(row.Cells, obj.Name, hosts, address, ports, createTime)
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printIngressList(list *extensions.IngressList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printIngressList(list *extensions.IngressList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printIngress(&list.Items[i], options)
 		if err != nil {
@@ -951,8 +955,8 @@ func printIngressList(list *extensions.IngressList, options printers.PrintOption
 	return rows, nil
 }
 
-func printStatefulSet(obj *apps.StatefulSet, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printStatefulSet(obj *apps.StatefulSet, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 	desiredReplicas := obj.Spec.Replicas
@@ -963,11 +967,11 @@ func printStatefulSet(obj *apps.StatefulSet, options printers.PrintOptions) ([]m
 		names, images := layoutContainerCells(obj.Spec.Template.Spec.Containers)
 		row.Cells = append(row.Cells, names, images)
 	}
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printStatefulSetList(list *apps.StatefulSetList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printStatefulSetList(list *apps.StatefulSetList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printStatefulSet(&list.Items[i], options)
 		if err != nil {
@@ -978,8 +982,8 @@ func printStatefulSetList(list *apps.StatefulSetList, options printers.PrintOpti
 	return rows, nil
 }
 
-func printDaemonSet(obj *extensions.DaemonSet, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printDaemonSet(obj *extensions.DaemonSet, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 
@@ -994,11 +998,11 @@ func printDaemonSet(obj *extensions.DaemonSet, options printers.PrintOptions) ([
 		names, images := layoutContainerCells(obj.Spec.Template.Spec.Containers)
 		row.Cells = append(row.Cells, names, images, metav1.FormatLabelSelector(obj.Spec.Selector))
 	}
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printDaemonSetList(list *extensions.DaemonSetList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printDaemonSetList(list *extensions.DaemonSetList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printDaemonSet(&list.Items[i], options)
 		if err != nil {
@@ -1009,16 +1013,16 @@ func printDaemonSetList(list *extensions.DaemonSetList, options printers.PrintOp
 	return rows, nil
 }
 
-func printEndpoints(obj *api.Endpoints, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printEndpoints(obj *api.Endpoints, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 	row.Cells = append(row.Cells, obj.Name, formatEndpoints(obj, nil), translateTimestamp(obj.CreationTimestamp))
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printEndpointsList(list *api.EndpointsList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printEndpointsList(list *api.EndpointsList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printEndpoints(&list.Items[i], options)
 		if err != nil {
@@ -1029,16 +1033,16 @@ func printEndpointsList(list *api.EndpointsList, options printers.PrintOptions)
 	return rows, nil
 }
 
-func printNamespace(obj *api.Namespace, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printNamespace(obj *api.Namespace, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
-	row.Cells = append(row.Cells, obj.Name, obj.Status.Phase, translateTimestamp(obj.CreationTimestamp))
-	return []metav1alpha1.TableRow{row}, nil
+	row.Cells = append(row.Cells, obj.Name, string(obj.Status.Phase), translateTimestamp(obj.CreationTimestamp))
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printNamespaceList(list *api.NamespaceList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printNamespaceList(list *api.NamespaceList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printNamespace(&list.Items[i], options)
 		if err != nil {
@@ -1049,16 +1053,16 @@ func printNamespaceList(list *api.NamespaceList, options printers.PrintOptions)
 	return rows, nil
 }
 
-func printSecret(obj *api.Secret, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printSecret(obj *api.Secret, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
-	row.Cells = append(row.Cells, obj.Name, obj.Type, len(obj.Data), translateTimestamp(obj.CreationTimestamp))
-	return []metav1alpha1.TableRow{row}, nil
+	row.Cells = append(row.Cells, obj.Name, string(obj.Type), len(obj.Data), translateTimestamp(obj.CreationTimestamp))
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printSecretList(list *api.SecretList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printSecretList(list *api.SecretList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printSecret(&list.Items[i], options)
 		if err != nil {
@@ -1069,16 +1073,16 @@ func printSecretList(list *api.SecretList, options printers.PrintOptions) ([]met
 	return rows, nil
 }
 
-func printServiceAccount(obj *api.ServiceAccount, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printServiceAccount(obj *api.ServiceAccount, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 	row.Cells = append(row.Cells, obj.Name, len(obj.Secrets), translateTimestamp(obj.CreationTimestamp))
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printServiceAccountList(list *api.ServiceAccountList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printServiceAccountList(list *api.ServiceAccountList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printServiceAccount(&list.Items[i], options)
 		if err != nil {
@@ -1089,8 +1093,8 @@ func printServiceAccountList(list *api.ServiceAccountList, options printers.Prin
 	return rows, nil
 }
 
-func printNode(obj *api.Node, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printNode(obj *api.Node, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 
@@ -1137,7 +1141,7 @@ func printNode(obj *api.Node, options printers.PrintOptions) ([]metav1alpha1.Tab
 		row.Cells = append(row.Cells, getNodeExternalIP(obj), osImage, kernelVersion, crVersion)
 	}
 
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
 // Returns first external ip of the node or "<none>" if none is found.
@@ -1171,8 +1175,8 @@ func findNodeRoles(node *api.Node) []string {
 	return roles.List()
 }
 
-func printNodeList(list *api.NodeList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printNodeList(list *api.NodeList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printNode(&list.Items[i], options)
 		if err != nil {
@@ -1183,8 +1187,8 @@ func printNodeList(list *api.NodeList, options printers.PrintOptions) ([]metav1a
 	return rows, nil
 }
 
-func printPersistentVolume(obj *api.PersistentVolume, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printPersistentVolume(obj *api.PersistentVolume, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 
@@ -1201,15 +1205,20 @@ func printPersistentVolume(obj *api.PersistentVolume, options printers.PrintOpti
 	aQty := obj.Spec.Capacity[api.ResourceStorage]
 	aSize := aQty.String()
 
+	phase := obj.Status.Phase
+	if obj.ObjectMeta.DeletionTimestamp != nil {
+		phase = "Terminating"
+	}
+
 	row.Cells = append(row.Cells, obj.Name, aSize, modesStr, reclaimPolicyStr,
-		obj.Status.Phase, claimRefUID, helper.GetPersistentVolumeClass(obj),
+		string(phase), claimRefUID, helper.GetPersistentVolumeClass(obj),
 		obj.Status.Reason,
 		translateTimestamp(obj.CreationTimestamp))
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printPersistentVolumeList(list *api.PersistentVolumeList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printPersistentVolumeList(list *api.PersistentVolumeList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printPersistentVolume(&list.Items[i], options)
 		if err != nil {
@@ -1220,8 +1229,8 @@ func printPersistentVolumeList(list *api.PersistentVolumeList, options printers.
 	return rows, nil
 }
 
-func printPersistentVolumeClaim(obj *api.PersistentVolumeClaim, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printPersistentVolumeClaim(obj *api.PersistentVolumeClaim, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 
@@ -1239,12 +1248,12 @@ func printPersistentVolumeClaim(obj *api.PersistentVolumeClaim, options printers
 		capacity = storage.String()
 	}
 
-	row.Cells = append(row.Cells, obj.Name, phase, obj.Spec.VolumeName, capacity, accessModes, helper.GetPersistentVolumeClaimClass(obj), translateTimestamp(obj.CreationTimestamp))
-	return []metav1alpha1.TableRow{row}, nil
+	row.Cells = append(row.Cells, obj.Name, string(phase), obj.Spec.VolumeName, capacity, accessModes, helper.GetPersistentVolumeClaimClass(obj), translateTimestamp(obj.CreationTimestamp))
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printPersistentVolumeClaimList(list *api.PersistentVolumeClaimList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printPersistentVolumeClaimList(list *api.PersistentVolumeClaimList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printPersistentVolumeClaim(&list.Items[i], options)
 		if err != nil {
@@ -1255,8 +1264,8 @@ func printPersistentVolumeClaimList(list *api.PersistentVolumeClaimList, options
 	return rows, nil
 }
 
-func printEvent(obj *api.Event, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printEvent(obj *api.Event, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 	// While watching event, we should print absolute time.
@@ -1273,13 +1282,13 @@ func printEvent(obj *api.Event, options printers.PrintOptions) ([]metav1alpha1.T
 		obj.InvolvedObject.FieldPath, obj.Type, obj.Reason,
 		formatEventSource(obj.Source), obj.Message)
 
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
 // Sorts and prints the EventList in a human-friendly format.
-func printEventList(list *api.EventList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
+func printEventList(list *api.EventList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
 	sort.Sort(events.SortableEvents(list.Items))
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printEvent(&list.Items[i], options)
 		if err != nil {
@@ -1290,8 +1299,8 @@ func printEventList(list *api.EventList, options printers.PrintOptions) ([]metav
 	return rows, nil
 }
 
-func printRoleBinding(obj *rbac.RoleBinding, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printRoleBinding(obj *rbac.RoleBinding, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 
@@ -1301,12 +1310,12 @@ func printRoleBinding(obj *rbac.RoleBinding, options printers.PrintOptions) ([]m
 		users, groups, sas, _ := rbac.SubjectsStrings(obj.Subjects)
 		row.Cells = append(row.Cells, roleRef, strings.Join(users, ", "), strings.Join(groups, ", "), strings.Join(sas, ", "))
 	}
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
 // Prints the RoleBinding in a human-friendly format.
-func printRoleBindingList(list *rbac.RoleBindingList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printRoleBindingList(list *rbac.RoleBindingList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printRoleBinding(&list.Items[i], options)
 		if err != nil {
@@ -1317,8 +1326,8 @@ func printRoleBindingList(list *rbac.RoleBindingList, options printers.PrintOpti
 	return rows, nil
 }
 
-func printClusterRoleBinding(obj *rbac.ClusterRoleBinding, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printClusterRoleBinding(obj *rbac.ClusterRoleBinding, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 
@@ -1328,12 +1337,12 @@ func printClusterRoleBinding(obj *rbac.ClusterRoleBinding, options printers.Prin
 		users, groups, sas, _ := rbac.SubjectsStrings(obj.Subjects)
 		row.Cells = append(row.Cells, roleRef, strings.Join(users, ", "), strings.Join(groups, ", "), strings.Join(sas, ", "))
 	}
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
 // Prints the ClusterRoleBinding in a human-friendly format.
-func printClusterRoleBindingList(list *rbac.ClusterRoleBindingList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printClusterRoleBindingList(list *rbac.ClusterRoleBindingList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printClusterRoleBinding(&list.Items[i], options)
 		if err != nil {
@@ -1344,8 +1353,8 @@ func printClusterRoleBindingList(list *rbac.ClusterRoleBindingList, options prin
 	return rows, nil
 }
 
-func printCertificateSigningRequest(obj *certificates.CertificateSigningRequest, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printCertificateSigningRequest(obj *certificates.CertificateSigningRequest, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 	status, err := extractCSRStatus(obj)
@@ -1353,7 +1362,7 @@ func printCertificateSigningRequest(obj *certificates.CertificateSigningRequest,
 		return nil, err
 	}
 	row.Cells = append(row.Cells, obj.Name, translateTimestamp(obj.CreationTimestamp), obj.Spec.Username, status)
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
 func extractCSRStatus(csr *certificates.CertificateSigningRequest) (string, error) {
@@ -1383,8 +1392,8 @@ func extractCSRStatus(csr *certificates.CertificateSigningRequest) (string, erro
 	return status, nil
 }
 
-func printCertificateSigningRequestList(list *certificates.CertificateSigningRequestList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printCertificateSigningRequestList(list *certificates.CertificateSigningRequestList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printCertificateSigningRequest(&list.Items[i], options)
 		if err != nil {
@@ -1395,8 +1404,8 @@ func printCertificateSigningRequestList(list *certificates.CertificateSigningReq
 	return rows, nil
 }
 
-func printComponentStatus(obj *api.ComponentStatus, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printComponentStatus(obj *api.ComponentStatus, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 	status := "Unknown"
@@ -1415,11 +1424,11 @@ func printComponentStatus(obj *api.ComponentStatus, options printers.PrintOption
 		}
 	}
 	row.Cells = append(row.Cells, obj.Name, status, message, error)
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printComponentStatusList(list *api.ComponentStatusList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printComponentStatusList(list *api.ComponentStatusList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printComponentStatus(&list.Items[i], options)
 		if err != nil {
@@ -1437,8 +1446,8 @@ func truncate(str string, maxLen int) string {
 	return str
 }
 
-func printDeployment(obj *extensions.Deployment, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printDeployment(obj *extensions.Deployment, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 	desiredReplicas := obj.Spec.Replicas
@@ -1457,11 +1466,11 @@ func printDeployment(obj *extensions.Deployment, options printers.PrintOptions)
 		containers, images := layoutContainerCells(containers)
 		row.Cells = append(row.Cells, containers, images, selector.String())
 	}
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printDeploymentList(list *extensions.DeploymentList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printDeploymentList(list *extensions.DeploymentList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printDeployment(&list.Items[i], options)
 		if err != nil {
@@ -1482,25 +1491,39 @@ func formatHPAMetrics(specs []autoscaling.MetricSpec, statuses []autoscaling.Met
 	count := 0
 	for i, spec := range specs {
 		switch spec.Type {
+		case autoscaling.ExternalMetricSourceType:
+			if spec.External.TargetAverageValue != nil {
+				current := "<unknown>"
+				if len(statuses) > i && statuses[i].External != nil && statuses[i].External.CurrentAverageValue != nil {
+					current = statuses[i].External.CurrentAverageValue.String()
+				}
+				list = append(list, fmt.Sprintf("%s/%s (avg)", current, spec.External.TargetAverageValue.String()))
+			} else {
+				current := "<unknown>"
+				if len(statuses) > i && statuses[i].External != nil {
+					current = statuses[i].External.CurrentValue.String()
+				}
+				list = append(list, fmt.Sprintf("%s/%s", current, spec.External.TargetValue.String()))
+			}
 		case autoscaling.PodsMetricSourceType:
 			current := "<unknown>"
 			if len(statuses) > i && statuses[i].Pods != nil {
 				current = statuses[i].Pods.CurrentAverageValue.String()
 			}
-			list = append(list, fmt.Sprintf("%s / %s", current, spec.Pods.TargetAverageValue.String()))
+			list = append(list, fmt.Sprintf("%s/%s", current, spec.Pods.TargetAverageValue.String()))
 		case autoscaling.ObjectMetricSourceType:
 			current := "<unknown>"
 			if len(statuses) > i && statuses[i].Object != nil {
 				current = statuses[i].Object.CurrentValue.String()
 			}
-			list = append(list, fmt.Sprintf("%s / %s", current, spec.Object.TargetValue.String()))
+			list = append(list, fmt.Sprintf("%s/%s", current, spec.Object.TargetValue.String()))
 		case autoscaling.ResourceMetricSourceType:
 			if spec.Resource.TargetAverageValue != nil {
 				current := "<unknown>"
 				if len(statuses) > i && statuses[i].Resource != nil {
 					current = statuses[i].Resource.CurrentAverageValue.String()
 				}
-				list = append(list, fmt.Sprintf("%s / %s", current, spec.Resource.TargetAverageValue.String()))
+				list = append(list, fmt.Sprintf("%s/%s", current, spec.Resource.TargetAverageValue.String()))
 			} else {
 				current := "<unknown>"
 				if len(statuses) > i && statuses[i].Resource != nil && statuses[i].Resource.CurrentAverageUtilization != nil {
@@ -1511,7 +1534,7 @@ func formatHPAMetrics(specs []autoscaling.MetricSpec, statuses []autoscaling.Met
 				if spec.Resource.TargetAverageUtilization != nil {
 					target = fmt.Sprintf("%d%%", *spec.Resource.TargetAverageUtilization)
 				}
-				list = append(list, fmt.Sprintf("%s / %s", current, target))
+				list = append(list, fmt.Sprintf("%s/%s", current, target))
 			}
 		default:
 			list = append(list, "<unknown type>")
@@ -1532,8 +1555,8 @@ func formatHPAMetrics(specs []autoscaling.MetricSpec, statuses []autoscaling.Met
 	return ret
 }
 
-func printHorizontalPodAutoscaler(obj *autoscaling.HorizontalPodAutoscaler, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printHorizontalPodAutoscaler(obj *autoscaling.HorizontalPodAutoscaler, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 
@@ -1548,11 +1571,11 @@ func printHorizontalPodAutoscaler(obj *autoscaling.HorizontalPodAutoscaler, opti
 	maxPods := obj.Spec.MaxReplicas
 	currentReplicas := obj.Status.CurrentReplicas
 	row.Cells = append(row.Cells, obj.Name, reference, metrics, minPods, maxPods, currentReplicas, translateTimestamp(obj.CreationTimestamp))
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printHorizontalPodAutoscalerList(list *autoscaling.HorizontalPodAutoscalerList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printHorizontalPodAutoscalerList(list *autoscaling.HorizontalPodAutoscalerList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printHorizontalPodAutoscaler(&list.Items[i], options)
 		if err != nil {
@@ -1563,16 +1586,16 @@ func printHorizontalPodAutoscalerList(list *autoscaling.HorizontalPodAutoscalerL
 	return rows, nil
 }
 
-func printConfigMap(obj *api.ConfigMap, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printConfigMap(obj *api.ConfigMap, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 	row.Cells = append(row.Cells, obj.Name, len(obj.Data), translateTimestamp(obj.CreationTimestamp))
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printConfigMapList(list *api.ConfigMapList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printConfigMapList(list *api.ConfigMapList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printConfigMap(&list.Items[i], options)
 		if err != nil {
@@ -1583,18 +1606,29 @@ func printConfigMapList(list *api.ConfigMapList, options printers.PrintOptions)
 	return rows, nil
 }
 
-func printPodSecurityPolicy(obj *extensions.PodSecurityPolicy, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printPodSecurityPolicy(obj *extensions.PodSecurityPolicy, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
-	row.Cells = append(row.Cells, obj.Name, obj.Spec.Privileged,
-		obj.Spec.AllowedCapabilities, obj.Spec.SELinux.Rule,
-		obj.Spec.RunAsUser.Rule, obj.Spec.FSGroup.Rule, obj.Spec.SupplementalGroups.Rule, obj.Spec.ReadOnlyRootFilesystem, obj.Spec.Volumes)
-	return []metav1alpha1.TableRow{row}, nil
+
+	capabilities := make([]string, len(obj.Spec.AllowedCapabilities))
+	for i, c := range obj.Spec.AllowedCapabilities {
+		capabilities[i] = string(c)
+	}
+	volumes := make([]string, len(obj.Spec.Volumes))
+	for i, v := range obj.Spec.Volumes {
+		volumes[i] = string(v)
+	}
+	row.Cells = append(row.Cells, obj.Name, fmt.Sprintf("%v", obj.Spec.Privileged),
+		strings.Join(capabilities, ","), string(obj.Spec.SELinux.Rule),
+		string(obj.Spec.RunAsUser.Rule), string(obj.Spec.FSGroup.Rule),
+		string(obj.Spec.SupplementalGroups.Rule), obj.Spec.ReadOnlyRootFilesystem,
+		strings.Join(volumes, ","))
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printPodSecurityPolicyList(list *extensions.PodSecurityPolicyList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printPodSecurityPolicyList(list *extensions.PodSecurityPolicyList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printPodSecurityPolicy(&list.Items[i], options)
 		if err != nil {
@@ -1605,16 +1639,16 @@ func printPodSecurityPolicyList(list *extensions.PodSecurityPolicyList, options
 	return rows, nil
 }
 
-func printNetworkPolicy(obj *networking.NetworkPolicy, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printNetworkPolicy(obj *networking.NetworkPolicy, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 	row.Cells = append(row.Cells, obj.Name, metav1.FormatLabelSelector(&obj.Spec.PodSelector), translateTimestamp(obj.CreationTimestamp))
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printNetworkPolicyList(list *networking.NetworkPolicyList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printNetworkPolicyList(list *networking.NetworkPolicyList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printNetworkPolicy(&list.Items[i], options)
 		if err != nil {
@@ -1625,8 +1659,8 @@ func printNetworkPolicyList(list *networking.NetworkPolicyList, options printers
 	return rows, nil
 }
 
-func printStorageClass(obj *storage.StorageClass, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printStorageClass(obj *storage.StorageClass, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 
@@ -1637,11 +1671,11 @@ func printStorageClass(obj *storage.StorageClass, options printers.PrintOptions)
 	provtype := obj.Provisioner
 	row.Cells = append(row.Cells, name, provtype, translateTimestamp(obj.CreationTimestamp))
 
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printStorageClassList(list *storage.StorageClassList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printStorageClassList(list *storage.StorageClassList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printStorageClass(&list.Items[i], options)
 		if err != nil {
@@ -1652,13 +1686,13 @@ func printStorageClassList(list *storage.StorageClassList, options printers.Prin
 	return rows, nil
 }
 
-func printStatus(obj *metav1.Status, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printStatus(obj *metav1.Status, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 	row.Cells = append(row.Cells, obj.Status, obj.Reason, obj.Message)
 
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
 // Lay out all the containers on one line if use wide output.
@@ -1704,8 +1738,8 @@ func formatEventSource(es api.EventSource) string {
 	return strings.Join(EventSourceString, ", ")
 }
 
-func printControllerRevision(obj *apps.ControllerRevision, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	row := metav1alpha1.TableRow{
+func printControllerRevision(obj *apps.ControllerRevision, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	row := metav1beta1.TableRow{
 		Object: runtime.RawExtension{Object: obj},
 	}
 
@@ -1718,11 +1752,11 @@ func printControllerRevision(obj *apps.ControllerRevision, options printers.Prin
 	revision := obj.Revision
 	age := translateTimestamp(obj.CreationTimestamp)
 	row.Cells = append(row.Cells, obj.Name, controllerName, revision, age)
-	return []metav1alpha1.TableRow{row}, nil
+	return []metav1beta1.TableRow{row}, nil
 }
 
-func printControllerRevisionList(list *apps.ControllerRevisionList, options printers.PrintOptions) ([]metav1alpha1.TableRow, error) {
-	rows := make([]metav1alpha1.TableRow, 0, len(list.Items))
+func printControllerRevisionList(list *apps.ControllerRevisionList, options printers.PrintOptions) ([]metav1beta1.TableRow, error) {
+	rows := make([]metav1beta1.TableRow, 0, len(list.Items))
 	for i := range list.Items {
 		r, err := printControllerRevision(&list.Items[i], options)
 		if err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/printers/name.go b/vendor/k8s.io/kubernetes/pkg/printers/name.go
index c720ca583d4f..4d8903e4ad65 100644
--- a/vendor/k8s.io/kubernetes/pkg/printers/name.go
+++ b/vendor/k8s.io/kubernetes/pkg/printers/name.go
@@ -19,9 +19,12 @@ package printers
 import (
 	"fmt"
 	"io"
+	"strings"
 
 	"k8s.io/apimachinery/pkg/api/meta"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
 	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 )
 
@@ -29,7 +32,6 @@ import (
 type NamePrinter struct {
 	Decoders []runtime.Decoder
 	Typer    runtime.ObjectTyper
-	Mapper   meta.RESTMapper
 }
 
 func (p *NamePrinter) AfterPrint(w io.Writer, res string) error {
@@ -62,24 +64,47 @@ func (p *NamePrinter) PrintObj(obj runtime.Object, w io.Writer) error {
 		}
 	}
 
+	return printObj(w, name, GetObjectGroupKind(obj, p.Typer))
+}
+
+func GetObjectGroupKind(obj runtime.Object, typer runtime.ObjectTyper) schema.GroupKind {
+	if obj == nil {
+		return schema.GroupKind{Kind: "<unknown>"}
+	}
 	groupVersionKind := obj.GetObjectKind().GroupVersionKind()
 	if len(groupVersionKind.Kind) > 0 {
-		if mappings, err := p.Mapper.RESTMappings(groupVersionKind.GroupKind(), groupVersionKind.Version); err == nil && len(mappings) > 0 {
-			fmt.Fprintf(w, "%s/%s\n", mappings[0].Resource, name)
-			return nil
-		}
+		return groupVersionKind.GroupKind()
 	}
 
-	if gvks, _, err := p.Typer.ObjectKinds(obj); err == nil {
+	if gvks, _, err := typer.ObjectKinds(obj); err == nil {
 		for _, gvk := range gvks {
-			if mappings, err := p.Mapper.RESTMappings(gvk.GroupKind(), gvk.Version); err == nil && len(mappings) > 0 {
-				fmt.Fprintf(w, "%s/%s\n", mappings[0].Resource, name)
-				return nil
+			if len(gvk.Kind) == 0 {
+				continue
 			}
+			return gvk.GroupKind()
+		}
+	}
+
+	if uns, ok := obj.(*unstructured.Unstructured); ok {
+		if len(uns.GroupVersionKind().Kind) > 0 {
+			return uns.GroupVersionKind().GroupKind()
 		}
 	}
 
-	fmt.Fprintf(w, "<unknown>/%s\n", name)
+	return schema.GroupKind{Kind: "<unknown>"}
+}
+
+func printObj(w io.Writer, name string, groupKind schema.GroupKind) error {
+	if len(groupKind.Kind) == 0 {
+		return fmt.Errorf("missing kind for resource with name %v", name)
+	}
+
+	if len(groupKind.Group) == 0 {
+		fmt.Fprintf(w, "%s/%s\n", strings.ToLower(groupKind.Kind), name)
+		return nil
+	}
+
+	fmt.Fprintf(w, "%s.%s/%s\n", strings.ToLower(groupKind.Kind), groupKind.Group, name)
 	return nil
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/printers/printers.go b/vendor/k8s.io/kubernetes/pkg/printers/printers.go
index 3ef696ed9b8c..357faf498a4c 100644
--- a/vendor/k8s.io/kubernetes/pkg/printers/printers.go
+++ b/vendor/k8s.io/kubernetes/pkg/printers/printers.go
@@ -21,7 +21,6 @@ import (
 	"io/ioutil"
 	"os"
 
-	"k8s.io/apimachinery/pkg/api/meta"
 	"k8s.io/apimachinery/pkg/runtime"
 )
 
@@ -29,7 +28,7 @@ import (
 // a printer or an error. The printer is agnostic to schema versions, so you must
 // send arguments to PrintObj in the version you wish them to be shown using a
 // VersionedPrinter (typically when generic is true).
-func GetStandardPrinter(mapper meta.RESTMapper, typer runtime.ObjectTyper, encoder runtime.Encoder, decoders []runtime.Decoder, options PrintOptions) (ResourcePrinter, error) {
+func GetStandardPrinter(typer runtime.ObjectTyper, encoder runtime.Encoder, decoders []runtime.Decoder, options PrintOptions) (ResourcePrinter, error) {
 	format, formatArgument, allowMissingTemplateKeys := options.OutputFormatType, options.OutputFormatArgument, options.AllowMissingKeys
 
 	var printer ResourcePrinter
@@ -45,7 +44,6 @@ func GetStandardPrinter(mapper meta.RESTMapper, typer runtime.ObjectTyper, encod
 		printer = &NamePrinter{
 			Typer:    typer,
 			Decoders: decoders,
-			Mapper:   mapper,
 		}
 
 	case "template", "go-template":
diff --git a/vendor/k8s.io/kubernetes/pkg/printers/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/printers/storage/BUILD
index 69772c8a4033..a560d725aa54 100644
--- a/vendor/k8s.io/kubernetes/pkg/printers/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/printers/storage/BUILD
@@ -11,7 +11,7 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/printers/storage",
     deps = [
         "//pkg/printers:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
     ],
diff --git a/vendor/k8s.io/kubernetes/pkg/printers/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/printers/storage/storage.go
index e70f408c73ff..3eee73825a0f 100644
--- a/vendor/k8s.io/kubernetes/pkg/printers/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/printers/storage/storage.go
@@ -17,7 +17,7 @@ limitations under the License.
 package storage
 
 import (
-	metav1alpha1 "k8s.io/apimachinery/pkg/apis/meta/v1alpha1"
+	metav1beta1 "k8s.io/apimachinery/pkg/apis/meta/v1beta1"
 	"k8s.io/apimachinery/pkg/runtime"
 	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
 	"k8s.io/kubernetes/pkg/printers"
@@ -27,6 +27,6 @@ type TableConvertor struct {
 	printers.TablePrinter
 }
 
-func (c TableConvertor) ConvertToTable(ctx genericapirequest.Context, obj runtime.Object, tableOptions runtime.Object) (*metav1alpha1.Table, error) {
+func (c TableConvertor) ConvertToTable(ctx genericapirequest.Context, obj runtime.Object, tableOptions runtime.Object) (*metav1beta1.Table, error) {
 	return c.TablePrinter.PrintTable(obj, printers.PrintOptions{Wide: true})
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/printers/versioned.go b/vendor/k8s.io/kubernetes/pkg/printers/versioned.go
index 5e3a6cdac29e..9c00a3d931af 100644
--- a/vendor/k8s.io/kubernetes/pkg/printers/versioned.go
+++ b/vendor/k8s.io/kubernetes/pkg/printers/versioned.go
@@ -20,6 +20,8 @@ import (
 	"fmt"
 	"io"
 
+	"github.com/golang/glog"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 )
@@ -29,14 +31,16 @@ import (
 type VersionedPrinter struct {
 	printer   ResourcePrinter
 	converter runtime.ObjectConvertor
+	typer     runtime.ObjectTyper
 	versions  []schema.GroupVersion
 }
 
 // NewVersionedPrinter wraps a printer to convert objects to a known API version prior to printing.
-func NewVersionedPrinter(printer ResourcePrinter, converter runtime.ObjectConvertor, versions ...schema.GroupVersion) ResourcePrinter {
+func NewVersionedPrinter(printer ResourcePrinter, converter runtime.ObjectConvertor, typer runtime.ObjectTyper, versions ...schema.GroupVersion) ResourcePrinter {
 	return &VersionedPrinter{
 		printer:   printer,
 		converter: converter,
+		typer:     typer,
 		versions:  versions,
 	}
 }
@@ -47,6 +51,34 @@ func (p *VersionedPrinter) AfterPrint(w io.Writer, res string) error {
 
 // PrintObj implements ResourcePrinter
 func (p *VersionedPrinter) PrintObj(obj runtime.Object, w io.Writer) error {
+	// if we're unstructured, no conversion necessary
+	if _, ok := obj.(*unstructured.Unstructured); ok {
+		return p.printer.PrintObj(obj, w)
+	}
+	// if we aren't a generic printer, we don't convert.  This means the printer must be aware of what it is getting.
+	// The default printers fall into this category.
+	// TODO eventually, all printers must be generic
+	if !p.IsGeneric() {
+		return p.printer.PrintObj(obj, w)
+	}
+
+	// if we're already external, no conversion necessary
+	gvks, _, err := p.typer.ObjectKinds(obj)
+	if err != nil {
+		glog.V(1).Info("error determining type for %T, using passed object: %v", obj, err)
+		return p.printer.PrintObj(obj, w)
+	}
+	needsConversion := false
+	for _, gvk := range gvks {
+		if len(gvk.Version) == 0 || gvk.Version == runtime.APIVersionInternal {
+			needsConversion = true
+		}
+	}
+
+	if !needsConversion {
+		return p.printer.PrintObj(obj, w)
+	}
+
 	if len(p.versions) == 0 {
 		return fmt.Errorf("no version specified, object cannot be converted")
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/probe/exec/BUILD b/vendor/k8s.io/kubernetes/pkg/probe/exec/BUILD
index 7d69fa359ecc..42b68b510b69 100644
--- a/vendor/k8s.io/kubernetes/pkg/probe/exec/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/probe/exec/BUILD
@@ -20,8 +20,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["exec_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/probe/exec",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//pkg/probe:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/probe/http/BUILD b/vendor/k8s.io/kubernetes/pkg/probe/http/BUILD
index 7ef260235468..c411f77f71e8 100644
--- a/vendor/k8s.io/kubernetes/pkg/probe/http/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/probe/http/BUILD
@@ -21,8 +21,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["http_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/probe/http",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//pkg/probe:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/probe/tcp/BUILD b/vendor/k8s.io/kubernetes/pkg/probe/tcp/BUILD
index 5238534016fb..b14c197e2557 100644
--- a/vendor/k8s.io/kubernetes/pkg/probe/tcp/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/probe/tcp/BUILD
@@ -19,8 +19,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["tcp_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/probe/tcp",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//pkg/probe:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/BUILD b/vendor/k8s.io/kubernetes/pkg/proxy/BUILD
index 597c49c46545..ba71f18ca301 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/BUILD
@@ -3,16 +3,29 @@ package(default_visibility = ["//visibility:public"])
 load(
     "@io_bazel_rules_go//go:def.bzl",
     "go_library",
+    "go_test",
 )
 
 go_library(
     name = "go_default_library",
     srcs = [
         "doc.go",
+        "endpoints.go",
+        "service.go",
         "types.go",
     ],
     importpath = "k8s.io/kubernetes/pkg/proxy",
-    deps = ["//vendor/k8s.io/apimachinery/pkg/types:go_default_library"],
+    deps = [
+        "//pkg/api/service:go_default_library",
+        "//pkg/apis/core:go_default_library",
+        "//pkg/apis/core/helper:go_default_library",
+        "//pkg/proxy/util:go_default_library",
+        "//pkg/util/net:go_default_library",
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//vendor/k8s.io/client-go/tools/record:go_default_library",
+    ],
 )
 
 filegroup(
@@ -39,3 +52,20 @@ filegroup(
     ],
     tags = ["automanaged"],
 )
+
+go_test(
+    name = "go_default_test",
+    srcs = [
+        "endpoints_test.go",
+        "service_test.go",
+    ],
+    embed = [":go_default_library"],
+    deps = [
+        "//pkg/apis/core:go_default_library",
+        "//vendor/github.com/davecgh/go-spew/spew:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+    ],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/OWNERS b/vendor/k8s.io/kubernetes/pkg/proxy/OWNERS
index 311f4413163c..040ab1aaf5f6 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/OWNERS
@@ -11,3 +11,4 @@ reviewers:
 - freehan
 - dcbw
 - m1093782566
+- danwinship
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/BUILD b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/BUILD
index d9887d9f9900..317d8b770c9f 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/BUILD
@@ -32,6 +32,7 @@ filegroup(
     name = "all-srcs",
     srcs = [
         ":package-srcs",
+        "//pkg/proxy/apis/kubeproxyconfig/fuzzer:all-srcs",
         "//pkg/proxy/apis/kubeproxyconfig/scheme:all-srcs",
         "//pkg/proxy/apis/kubeproxyconfig/v1alpha1:all-srcs",
         "//pkg/proxy/apis/kubeproxyconfig/validation:all-srcs",
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/scheme/BUILD b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/scheme/BUILD
index 2e5b9e8f2062..917b8fa7dd07 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/scheme/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/scheme/BUILD
@@ -1,4 +1,4 @@
-load("@io_bazel_rules_go//go:def.bzl", "go_library")
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 
 go_library(
     name = "go_default_library",
@@ -26,3 +26,13 @@ filegroup(
     tags = ["automanaged"],
     visibility = ["//visibility:public"],
 )
+
+go_test(
+    name = "go_default_test",
+    srcs = ["scheme_test.go"],
+    embed = [":go_default_library"],
+    deps = [
+        "//pkg/proxy/apis/kubeproxyconfig/fuzzer:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/testing/roundtrip:go_default_library",
+    ],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/types.go b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/types.go
index 2a971c120d75..b9e662826ae4 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/types.go
@@ -26,7 +26,7 @@ import (
 
 // ClientConnectionConfiguration contains details for constructing a client.
 type ClientConnectionConfiguration struct {
-	// kubeConfigFile is the path to a kubeconfig file.
+	// kubeconfig is the path to a kubeconfig file.
 	KubeConfigFile string
 	// acceptContentTypes defines the Accept header sent by clients when connecting to a server, overriding the
 	// default value of 'application/json'. This field will control all connections to the server used by a particular
@@ -97,14 +97,8 @@ type KubeProxyConntrackConfiguration struct {
 type KubeProxyConfiguration struct {
 	metav1.TypeMeta
 
-	// featureGates is a comma-separated list of key=value pairs that control
-	// which alpha/beta features are enabled.
-	//
-	// TODO this really should be a map but that requires refactoring all
-	// components to use config files because local-up-cluster.sh only supports
-	// the --feature-gates flag right now, which is comma-separated key=value
-	// pairs.
-	FeatureGates string
+	// featureGates is a map of feature names to bools that enable or disable alpha/experimental features.
+	FeatureGates map[string]bool
 
 	// bindAddress is the IP address for the proxy server to serve on (set to 0.0.0.0
 	// for all interfaces)
@@ -150,15 +144,29 @@ type KubeProxyConfiguration struct {
 	// configSyncPeriod is how often configuration from the apiserver is refreshed. Must be greater
 	// than 0.
 	ConfigSyncPeriod metav1.Duration
+	// nodePortAddresses is the --nodeport-addresses value for kube-proxy process. Values must be valid
+	// IP blocks. These values are as a parameter to select the interfaces where nodeport works.
+	// In case someone would like to expose a service on localhost for local visit and some other interfaces for
+	// particular purpose, a list of IP blocks would do that.
+	// If set it to "127.0.0.0/8", kube-proxy will only select the loopback interface for NodePort.
+	// If set it to a non-zero IP block, kube-proxy will filter that down to just the IPs that applied to the node.
+	// An empty string slice is meant to select all network interfaces.
+	NodePortAddresses []string
 }
 
-// Currently, four modes of proxying are available total: 'userspace' (older, stable), 'iptables'
-// (newer, faster), 'ipvs', and 'kernelspace' (Windows only, newer).
+// Currently, three modes of proxy are available in Linux platform: 'userspace' (older, going to be EOL), 'iptables'
+// (newer, faster), 'ipvs'(newest, better in performance and scalability).
 //
-// If blank, use the best-available proxy (currently iptables, but may change in
-// future versions). If the iptables proxy is selected, regardless of how, but
-// the system's kernel or iptables versions are insufficient, this always falls
-// back to the userspace proxy.
+// Two modes of proxy are available in Windows platform: 'userspace'(older, stable) and 'kernelspace' (newer, faster).
+//
+// In Linux platform, if proxy mode is blank, use the best-available proxy (currently iptables, but may change in the
+// future). If the iptables proxy is selected, regardless of how, but the system's kernel or iptables versions are
+// insufficient, this always falls back to the userspace proxy. IPVS mode will be enabled when proxy mode is set to 'ipvs',
+// and the fall back path is firstly iptables and then userspace.
+
+// In Windows platform, if proxy mode is blank, use the best-available proxy (currently userspace, but may change in the
+// future). If winkernel proxy is selected, regardless of how, but the Windows kernel can't support this mode of proxy,
+// this always falls back to the userspace proxy.
 type ProxyMode string
 
 const (
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/defaults.go b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/defaults.go
index af74a1424828..fea368eb7bd3 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/defaults.go
@@ -116,4 +116,7 @@ func SetDefaults_KubeProxyConfiguration(obj *KubeProxyConfiguration) {
 	if obj.ClientConnection.Burst == 0 {
 		obj.ClientConnection.Burst = 10
 	}
+	if obj.FeatureGates == nil {
+		obj.FeatureGates = make(map[string]bool)
+	}
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/types.go b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/types.go
index add86cdcbf0a..b0e44c1fe12a 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/types.go
@@ -22,7 +22,7 @@ import (
 
 // ClientConnectionConfiguration contains details for constructing a client.
 type ClientConnectionConfiguration struct {
-	// kubeConfigFile is the path to a kubeconfig file.
+	// kubeconfig is the path to a kubeconfig file.
 	KubeConfigFile string `json:"kubeconfig"`
 	// acceptContentTypes defines the Accept header sent by clients when connecting to a server, overriding the
 	// default value of 'application/json'. This field will control all connections to the server used by a particular
@@ -30,7 +30,7 @@ type ClientConnectionConfiguration struct {
 	AcceptContentTypes string `json:"acceptContentTypes"`
 	// contentType is the content type used when sending data to the server from this client.
 	ContentType string `json:"contentType"`
-	// cps controls the number of queries per second allowed for this connection.
+	// qps controls the number of queries per second allowed for this connection.
 	QPS float32 `json:"qps"`
 	// burst allows extra queries to accumulate when a client is exceeding its rate.
 	Burst int `json:"burst"`
@@ -93,14 +93,8 @@ type KubeProxyConntrackConfiguration struct {
 type KubeProxyConfiguration struct {
 	metav1.TypeMeta `json:",inline"`
 
-	// featureGates is a comma-separated list of key=value pairs that control
-	// which alpha/beta features are enabled.
-	//
-	// TODO this really should be a map but that requires refactoring all
-	// components to use config files because local-up-cluster.sh only supports
-	// the --feature-gates flag right now, which is comma-separated key=value
-	// pairs.
-	FeatureGates string `json:"featureGates"`
+	// featureGates is a map of feature names to bools that enable or disable alpha/experimental features.
+	FeatureGates map[string]bool `json:"featureGates,omitempty"`
 
 	// bindAddress is the IP address for the proxy server to serve on (set to 0.0.0.0
 	// for all interfaces)
@@ -140,22 +134,33 @@ type KubeProxyConfiguration struct {
 	ResourceContainer string `json:"resourceContainer"`
 	// udpIdleTimeout is how long an idle UDP connection will be kept open (e.g. '250ms', '2s').
 	// Must be greater than 0. Only applicable for proxyMode=userspace.
-	UDPIdleTimeout metav1.Duration `json:"udpTimeoutMilliseconds"`
+	UDPIdleTimeout metav1.Duration `json:"udpIdleTimeout"`
 	// conntrack contains conntrack-related configuration options.
 	Conntrack KubeProxyConntrackConfiguration `json:"conntrack"`
 	// configSyncPeriod is how often configuration from the apiserver is refreshed. Must be greater
 	// than 0.
 	ConfigSyncPeriod metav1.Duration `json:"configSyncPeriod"`
+	// nodePortAddresses is the --nodeport-addresses value for kube-proxy process. Values must be valid
+	// IP blocks. These values are as a parameter to select the interfaces where nodeport works.
+	// In case someone would like to expose a service on localhost for local visit and some other interfaces for
+	// particular purpose, a list of IP blocks would do that.
+	// If set it to "127.0.0.0/8", kube-proxy will only select the loopback interface for NodePort.
+	// If set it to a non-zero IP block, kube-proxy will filter that down to just the IPs that applied to the node.
+	// An empty string slice is meant to select all network interfaces.
+	NodePortAddresses []string `json:"nodePortAddresses"`
 }
 
-// Currently two modes of proxying are available: 'userspace' (older, stable) or 'iptables'
-// (newer, faster). If blank, use the best-available proxy (currently iptables, but may
-// change in future versions).  If the iptables proxy is selected, regardless of how, but
-// the system's kernel or iptables versions are insufficient, this always falls back to the
-// userspace proxy.
-type ProxyMode string
+// Currently, three modes of proxy are available in Linux platform: 'userspace' (older, going to be EOL), 'iptables'
+// (newer, faster), 'ipvs'(newest, better in performance and scalability).
+//
+// Two modes of proxy are available in Windows platform: 'userspace'(older, stable) and 'kernelspace' (newer, faster).
+//
+// In Linux platform, if proxy mode is blank, use the best-available proxy (currently iptables, but may change in the
+// future). If the iptables proxy is selected, regardless of how, but the system's kernel or iptables versions are
+// insufficient, this always falls back to the userspace proxy. IPVS mode will be enabled when proxy mode is set to 'ipvs',
+// and the fall back path is firstly iptables and then userspace.
 
-const (
-	ProxyModeUserspace ProxyMode = "userspace"
-	ProxyModeIPTables  ProxyMode = "iptables"
-)
+// In Windows platform, if proxy mode is blank, use the best-available proxy (currently userspace, but may change in the
+// future). If winkernel proxy is selected, regardless of how, but the Windows kernel can't support this mode of proxy,
+// this always falls back to the userspace proxy.
+type ProxyMode string
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/zz_generated.conversion.go
index d91bac70ab2c..d5613f03771d 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/zz_generated.conversion.go
@@ -16,16 +16,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	unsafe "unsafe"
+
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	kubeproxyconfig "k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig"
-	unsafe "unsafe"
 )
 
 func init() {
@@ -78,7 +79,7 @@ func Convert_kubeproxyconfig_ClientConnectionConfiguration_To_v1alpha1_ClientCon
 }
 
 func autoConvert_v1alpha1_KubeProxyConfiguration_To_kubeproxyconfig_KubeProxyConfiguration(in *KubeProxyConfiguration, out *kubeproxyconfig.KubeProxyConfiguration, s conversion.Scope) error {
-	out.FeatureGates = in.FeatureGates
+	out.FeatureGates = *(*map[string]bool)(unsafe.Pointer(&in.FeatureGates))
 	out.BindAddress = in.BindAddress
 	out.HealthzBindAddress = in.HealthzBindAddress
 	out.MetricsBindAddress = in.MetricsBindAddress
@@ -103,6 +104,7 @@ func autoConvert_v1alpha1_KubeProxyConfiguration_To_kubeproxyconfig_KubeProxyCon
 		return err
 	}
 	out.ConfigSyncPeriod = in.ConfigSyncPeriod
+	out.NodePortAddresses = *(*[]string)(unsafe.Pointer(&in.NodePortAddresses))
 	return nil
 }
 
@@ -112,7 +114,7 @@ func Convert_v1alpha1_KubeProxyConfiguration_To_kubeproxyconfig_KubeProxyConfigu
 }
 
 func autoConvert_kubeproxyconfig_KubeProxyConfiguration_To_v1alpha1_KubeProxyConfiguration(in *kubeproxyconfig.KubeProxyConfiguration, out *KubeProxyConfiguration, s conversion.Scope) error {
-	out.FeatureGates = in.FeatureGates
+	out.FeatureGates = *(*map[string]bool)(unsafe.Pointer(&in.FeatureGates))
 	out.BindAddress = in.BindAddress
 	out.HealthzBindAddress = in.HealthzBindAddress
 	out.MetricsBindAddress = in.MetricsBindAddress
@@ -137,6 +139,7 @@ func autoConvert_kubeproxyconfig_KubeProxyConfiguration_To_v1alpha1_KubeProxyCon
 		return err
 	}
 	out.ConfigSyncPeriod = in.ConfigSyncPeriod
+	out.NodePortAddresses = *(*[]string)(unsafe.Pointer(&in.NodePortAddresses))
 	return nil
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/zz_generated.deepcopy.go
index 65ba9af1ba57..4ab893fdc55c 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1alpha1
 
@@ -45,6 +45,13 @@ func (in *ClientConnectionConfiguration) DeepCopy() *ClientConnectionConfigurati
 func (in *KubeProxyConfiguration) DeepCopyInto(out *KubeProxyConfiguration) {
 	*out = *in
 	out.TypeMeta = in.TypeMeta
+	if in.FeatureGates != nil {
+		in, out := &in.FeatureGates, &out.FeatureGates
+		*out = make(map[string]bool, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
 	out.ClientConnection = in.ClientConnection
 	in.IPTables.DeepCopyInto(&out.IPTables)
 	out.IPVS = in.IPVS
@@ -60,6 +67,11 @@ func (in *KubeProxyConfiguration) DeepCopyInto(out *KubeProxyConfiguration) {
 	out.UDPIdleTimeout = in.UDPIdleTimeout
 	in.Conntrack.DeepCopyInto(&out.Conntrack)
 	out.ConfigSyncPeriod = in.ConfigSyncPeriod
+	if in.NodePortAddresses != nil {
+		in, out := &in.NodePortAddresses, &out.NodePortAddresses
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
 	return
 }
 
@@ -77,9 +89,8 @@ func (in *KubeProxyConfiguration) DeepCopy() *KubeProxyConfiguration {
 func (in *KubeProxyConfiguration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/zz_generated.defaults.go
index 93d5f80fec4c..3799fbf9d972 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/v1alpha1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/validation/BUILD
index 2c8abb0dcab1..3319d4b429bb 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/validation/BUILD
@@ -14,6 +14,7 @@ go_library(
         "//pkg/apis/core/validation:go_default_library",
         "//pkg/proxy/apis/kubeproxyconfig:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
     ],
 )
@@ -34,8 +35,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/proxy/apis/kubeproxyconfig:go_default_library",
         "//pkg/util/pointer:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/validation/validation.go b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/validation/validation.go
index 376d281c9d8c..d28453e2bb1f 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/validation/validation.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/validation/validation.go
@@ -24,6 +24,7 @@ import (
 	"strings"
 
 	utilnet "k8s.io/apimachinery/pkg/util/net"
+	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	apivalidation "k8s.io/kubernetes/pkg/apis/core/validation"
 	"k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig"
@@ -36,7 +37,9 @@ func Validate(config *kubeproxyconfig.KubeProxyConfiguration) field.ErrorList {
 	newPath := field.NewPath("KubeProxyConfiguration")
 
 	allErrs = append(allErrs, validateKubeProxyIPTablesConfiguration(config.IPTables, newPath.Child("KubeProxyIPTablesConfiguration"))...)
-	allErrs = append(allErrs, validateKubeProxyIPVSConfiguration(config.IPVS, newPath.Child("KubeProxyIPVSConfiguration"))...)
+	if config.Mode == kubeproxyconfig.ProxyModeIPVS {
+		allErrs = append(allErrs, validateKubeProxyIPVSConfiguration(config.IPVS, newPath.Child("KubeProxyIPVSConfiguration"))...)
+	}
 	allErrs = append(allErrs, validateKubeProxyConntrackConfiguration(config.Conntrack, newPath.Child("KubeProxyConntrackConfiguration"))...)
 	allErrs = append(allErrs, validateProxyMode(config.Mode, newPath.Child("Mode"))...)
 	allErrs = append(allErrs, validateClientConnectionConfiguration(config.ClientConnection, newPath.Child("ClientConnection"))...)
@@ -70,6 +73,8 @@ func Validate(config *kubeproxyconfig.KubeProxyConfiguration) field.ErrorList {
 		allErrs = append(allErrs, field.Invalid(newPath.Child("PortRange"), config.PortRange, "must be a valid port range (e.g. 300-2000)"))
 	}
 
+	allErrs = append(allErrs, validateKubeProxyNodePortAddress(config.NodePortAddresses, newPath.Child("NodePortAddresses"))...)
+
 	return allErrs
 }
 
@@ -150,33 +155,32 @@ func validateProxyMode(mode kubeproxyconfig.ProxyMode, fldPath *field.Path) fiel
 }
 
 func validateProxyModeLinux(mode kubeproxyconfig.ProxyMode, fldPath *field.Path) field.ErrorList {
-	allErrs := field.ErrorList{}
+	validModes := sets.NewString(
+		string(kubeproxyconfig.ProxyModeUserspace),
+		string(kubeproxyconfig.ProxyModeIPTables),
+		string(kubeproxyconfig.ProxyModeIPVS),
+	)
 
-	switch mode {
-	case kubeproxyconfig.ProxyModeUserspace:
-	case kubeproxyconfig.ProxyModeIPTables:
-	case kubeproxyconfig.ProxyModeIPVS:
-	case "":
-	default:
-		modes := []string{string(kubeproxyconfig.ProxyModeUserspace), string(kubeproxyconfig.ProxyModeIPTables), string(kubeproxyconfig.ProxyModeIPVS)}
-		errMsg := fmt.Sprintf("must be %s or blank (blank means the best-available proxy [currently iptables])", strings.Join(modes, ","))
-		allErrs = append(allErrs, field.Invalid(fldPath.Child("ProxyMode"), string(mode), errMsg))
+	if mode == "" || validModes.Has(string(mode)) {
+		return nil
 	}
-	return allErrs
+
+	errMsg := fmt.Sprintf("must be %s or blank (blank means the best-available proxy [currently iptables])", strings.Join(validModes.List(), ","))
+	return field.ErrorList{field.Invalid(fldPath.Child("ProxyMode"), string(mode), errMsg)}
 }
 
 func validateProxyModeWindows(mode kubeproxyconfig.ProxyMode, fldPath *field.Path) field.ErrorList {
-	allErrs := field.ErrorList{}
+	validModes := sets.NewString(
+		string(kubeproxyconfig.ProxyModeUserspace),
+		string(kubeproxyconfig.ProxyModeKernelspace),
+	)
 
-	switch mode {
-	case kubeproxyconfig.ProxyModeUserspace:
-	case kubeproxyconfig.ProxyModeKernelspace:
-	default:
-		modes := []string{string(kubeproxyconfig.ProxyModeUserspace), string(kubeproxyconfig.ProxyModeKernelspace)}
-		errMsg := fmt.Sprintf("must be %s or blank (blank means the most-available proxy [currently userspace])", strings.Join(modes, ","))
-		allErrs = append(allErrs, field.Invalid(fldPath.Child("ProxyMode"), string(mode), errMsg))
+	if mode == "" || validModes.Has(string(mode)) {
+		return nil
 	}
-	return allErrs
+
+	errMsg := fmt.Sprintf("must be %s or blank (blank means the most-available proxy [currently userspace])", strings.Join(validModes.List(), ","))
+	return field.ErrorList{field.Invalid(fldPath.Child("ProxyMode"), string(mode), errMsg)}
 }
 
 func validateClientConnectionConfiguration(config kubeproxyconfig.ClientConnectionConfiguration, fldPath *field.Path) field.ErrorList {
@@ -236,3 +240,16 @@ func validateIPVSSchedulerMethod(scheduler kubeproxyconfig.IPVSSchedulerMethod,
 	}
 	return allErrs
 }
+
+func validateKubeProxyNodePortAddress(nodePortAddresses []string, fldPath *field.Path) field.ErrorList {
+	allErrs := field.ErrorList{}
+
+	for i := range nodePortAddresses {
+		if _, _, err := net.ParseCIDR(nodePortAddresses[i]); err != nil {
+			allErrs = append(allErrs, field.Invalid(fldPath, nodePortAddresses, "must be a valid IP block"))
+			break
+		}
+	}
+
+	return allErrs
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/zz_generated.deepcopy.go
index 989455bcd8ef..ed7e5ef4d9f5 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/apis/kubeproxyconfig/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package kubeproxyconfig
 
@@ -41,10 +41,39 @@ func (in *ClientConnectionConfiguration) DeepCopy() *ClientConnectionConfigurati
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in ConfigurationMap) DeepCopyInto(out *ConfigurationMap) {
+	{
+		in := &in
+		*out = make(ConfigurationMap, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigurationMap.
+func (in ConfigurationMap) DeepCopy() ConfigurationMap {
+	if in == nil {
+		return nil
+	}
+	out := new(ConfigurationMap)
+	in.DeepCopyInto(out)
+	return *out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *KubeProxyConfiguration) DeepCopyInto(out *KubeProxyConfiguration) {
 	*out = *in
 	out.TypeMeta = in.TypeMeta
+	if in.FeatureGates != nil {
+		in, out := &in.FeatureGates, &out.FeatureGates
+		*out = make(map[string]bool, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
 	out.ClientConnection = in.ClientConnection
 	in.IPTables.DeepCopyInto(&out.IPTables)
 	out.IPVS = in.IPVS
@@ -60,6 +89,11 @@ func (in *KubeProxyConfiguration) DeepCopyInto(out *KubeProxyConfiguration) {
 	out.UDPIdleTimeout = in.UDPIdleTimeout
 	in.Conntrack.DeepCopyInto(&out.Conntrack)
 	out.ConfigSyncPeriod = in.ConfigSyncPeriod
+	if in.NodePortAddresses != nil {
+		in, out := &in.NodePortAddresses, &out.NodePortAddresses
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
 	return
 }
 
@@ -77,9 +111,8 @@ func (in *KubeProxyConfiguration) DeepCopy() *KubeProxyConfiguration {
 func (in *KubeProxyConfiguration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/config/BUILD b/vendor/k8s.io/kubernetes/pkg/proxy/config/BUILD
index a3f59aa45b2c..1f7517cf48b6 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/config/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/config/BUILD
@@ -30,8 +30,7 @@ go_test(
         "api_test.go",
         "config_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/proxy/config",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/fake:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/endpoints.go b/vendor/k8s.io/kubernetes/pkg/proxy/endpoints.go
new file mode 100644
index 000000000000..36f53c989963
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/endpoints.go
@@ -0,0 +1,314 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package proxy
+
+import (
+	"net"
+	"reflect"
+	"strconv"
+	"sync"
+
+	"github.com/golang/glog"
+
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/client-go/tools/record"
+	api "k8s.io/kubernetes/pkg/apis/core"
+	utilproxy "k8s.io/kubernetes/pkg/proxy/util"
+	utilnet "k8s.io/kubernetes/pkg/util/net"
+)
+
+// BaseEndpointInfo contains base information that defines an endpoint.
+// This could be used directly by proxier while processing endpoints,
+// or can be used for constructing a more specific EndpointInfo struct
+// defined by the proxier if needed.
+type BaseEndpointInfo struct {
+	Endpoint string // TODO: should be an endpointString type
+	// IsLocal indicates whether the endpoint is running in same host as kube-proxy.
+	IsLocal bool
+}
+
+var _ Endpoint = &BaseEndpointInfo{}
+
+// String is part of proxy.Endpoint interface.
+func (info *BaseEndpointInfo) String() string {
+	return info.Endpoint
+}
+
+// GetIsLocal is part of proxy.Endpoint interface.
+func (info *BaseEndpointInfo) GetIsLocal() bool {
+	return info.IsLocal
+}
+
+// IP returns just the IP part of the endpoint, it's a part of proxy.Endpoint interface.
+func (info *BaseEndpointInfo) IP() string {
+	return utilproxy.IPPart(info.Endpoint)
+}
+
+// Port returns just the Port part of the endpoint.
+func (info *BaseEndpointInfo) Port() (int, error) {
+	return utilproxy.PortPart(info.Endpoint)
+}
+
+// Equal is part of proxy.Endpoint interface.
+func (info *BaseEndpointInfo) Equal(other Endpoint) bool {
+	return info.String() == other.String() && info.GetIsLocal() == other.GetIsLocal()
+}
+
+func newBaseEndpointInfo(IP string, port int, isLocal bool) *BaseEndpointInfo {
+	return &BaseEndpointInfo{
+		Endpoint: net.JoinHostPort(IP, strconv.Itoa(port)),
+		IsLocal:  isLocal,
+	}
+}
+
+type makeEndpointFunc func(info *BaseEndpointInfo) Endpoint
+
+// EndpointChangeTracker carries state about uncommitted changes to an arbitrary number of
+// Endpoints, keyed by their namespace and name.
+type EndpointChangeTracker struct {
+	// lock protects items.
+	lock sync.Mutex
+	// hostname is the host where kube-proxy is running.
+	hostname string
+	// items maps a service to is endpointsChange.
+	items map[types.NamespacedName]*endpointsChange
+	// makeEndpointInfo allows proxier to inject customized information when processing endpoint.
+	makeEndpointInfo makeEndpointFunc
+	// isIPv6Mode indicates if change tracker is under IPv6/IPv4 mode. Nil means not applicable.
+	isIPv6Mode *bool
+	recorder   record.EventRecorder
+}
+
+// NewEndpointChangeTracker initializes an EndpointsChangeMap
+func NewEndpointChangeTracker(hostname string, makeEndpointInfo makeEndpointFunc, isIPv6Mode *bool, recorder record.EventRecorder) *EndpointChangeTracker {
+	return &EndpointChangeTracker{
+		hostname:         hostname,
+		items:            make(map[types.NamespacedName]*endpointsChange),
+		makeEndpointInfo: makeEndpointInfo,
+		isIPv6Mode:       isIPv6Mode,
+		recorder:         recorder,
+	}
+}
+
+// Update updates given service's endpoints change map based on the <previous, current> endpoints pair.  It returns true
+// if items changed, otherwise return false.  Update can be used to add/update/delete items of EndpointsChangeMap.  For example,
+// Add item
+//   - pass <nil, endpoints> as the <previous, current> pair.
+// Update item
+//   - pass <oldEndpoints, endpoints> as the <previous, current> pair.
+// Delete item
+//   - pass <endpoints, nil> as the <previous, current> pair.
+func (ect *EndpointChangeTracker) Update(previous, current *api.Endpoints) bool {
+	endpoints := current
+	if endpoints == nil {
+		endpoints = previous
+	}
+	// previous == nil && current == nil is unexpected, we should return false directly.
+	if endpoints == nil {
+		return false
+	}
+	namespacedName := types.NamespacedName{Namespace: endpoints.Namespace, Name: endpoints.Name}
+
+	ect.lock.Lock()
+	defer ect.lock.Unlock()
+
+	change, exists := ect.items[namespacedName]
+	if !exists {
+		change = &endpointsChange{}
+		change.previous = ect.endpointsToEndpointsMap(previous)
+		ect.items[namespacedName] = change
+	}
+	change.current = ect.endpointsToEndpointsMap(current)
+	// if change.previous equal to change.current, it means no change
+	if reflect.DeepEqual(change.previous, change.current) {
+		delete(ect.items, namespacedName)
+	}
+	return len(ect.items) > 0
+}
+
+// endpointsChange contains all changes to endpoints that happened since proxy rules were synced.  For a single object,
+// changes are accumulated, i.e. previous is state from before applying the changes,
+// current is state after applying the changes.
+type endpointsChange struct {
+	previous EndpointsMap
+	current  EndpointsMap
+}
+
+// UpdateEndpointMapResult is the updated results after applying endpoints changes.
+type UpdateEndpointMapResult struct {
+	// HCEndpointsLocalIPSize maps an endpoints name to the length of its local IPs.
+	HCEndpointsLocalIPSize map[types.NamespacedName]int
+	// StaleEndpoints identifies if an endpoints service pair is stale.
+	StaleEndpoints []ServiceEndpoint
+	// StaleServiceNames identifies if a service is stale.
+	StaleServiceNames []ServicePortName
+}
+
+// UpdateEndpointsMap updates endpointsMap base on the given changes.
+func UpdateEndpointsMap(endpointsMap EndpointsMap, changes *EndpointChangeTracker) (result UpdateEndpointMapResult) {
+	result.StaleEndpoints = make([]ServiceEndpoint, 0)
+	result.StaleServiceNames = make([]ServicePortName, 0)
+
+	endpointsMap.apply(changes, &result.StaleEndpoints, &result.StaleServiceNames)
+
+	// TODO: If this will appear to be computationally expensive, consider
+	// computing this incrementally similarly to endpointsMap.
+	result.HCEndpointsLocalIPSize = make(map[types.NamespacedName]int)
+	localIPs := GetLocalEndpointIPs(endpointsMap)
+	for nsn, ips := range localIPs {
+		result.HCEndpointsLocalIPSize[nsn] = len(ips)
+	}
+
+	return result
+}
+
+// EndpointsMap maps a service name to a list of all its Endpoints.
+type EndpointsMap map[ServicePortName][]Endpoint
+
+// endpointsToEndpointsMap translates single Endpoints object to EndpointsMap.
+// This function is used for incremental updated of endpointsMap.
+//
+// NOTE: endpoints object should NOT be modified.
+func (ect *EndpointChangeTracker) endpointsToEndpointsMap(endpoints *api.Endpoints) EndpointsMap {
+	if endpoints == nil {
+		return nil
+	}
+
+	endpointsMap := make(EndpointsMap)
+	// We need to build a map of portname -> all ip:ports for that
+	// portname.  Explode Endpoints.Subsets[*] into this structure.
+	for i := range endpoints.Subsets {
+		ss := &endpoints.Subsets[i]
+		for i := range ss.Ports {
+			port := &ss.Ports[i]
+			if port.Port == 0 {
+				glog.Warningf("ignoring invalid endpoint port %s", port.Name)
+				continue
+			}
+			svcPortName := ServicePortName{
+				NamespacedName: types.NamespacedName{Namespace: endpoints.Namespace, Name: endpoints.Name},
+				Port:           port.Name,
+			}
+			for i := range ss.Addresses {
+				addr := &ss.Addresses[i]
+				if addr.IP == "" {
+					glog.Warningf("ignoring invalid endpoint port %s with empty host", port.Name)
+					continue
+				}
+				// Filter out the incorrect IP version case.
+				// Any endpoint port that contains incorrect IP version will be ignored.
+				if ect.isIPv6Mode != nil && utilnet.IsIPv6String(addr.IP) != *ect.isIPv6Mode {
+					// Emit event on the corresponding service which had a different
+					// IP version than the endpoint.
+					utilproxy.LogAndEmitIncorrectIPVersionEvent(ect.recorder, "endpoints", addr.IP, endpoints.Name, endpoints.Namespace, "")
+					continue
+				}
+				isLocal := addr.NodeName != nil && *addr.NodeName == ect.hostname
+				baseEndpointInfo := newBaseEndpointInfo(addr.IP, int(port.Port), isLocal)
+				if ect.makeEndpointInfo != nil {
+					endpointsMap[svcPortName] = append(endpointsMap[svcPortName], ect.makeEndpointInfo(baseEndpointInfo))
+				} else {
+					endpointsMap[svcPortName] = append(endpointsMap[svcPortName], baseEndpointInfo)
+				}
+			}
+			if glog.V(3) {
+				newEPList := []string{}
+				for _, ep := range endpointsMap[svcPortName] {
+					newEPList = append(newEPList, ep.String())
+				}
+				glog.Infof("Setting endpoints for %q to %+v", svcPortName, newEPList)
+			}
+		}
+	}
+	return endpointsMap
+}
+
+// apply the changes to EndpointsMap and updates stale endpoints and service-endpoints pair. The `staleEndpoints` argument
+// is passed in to store the stale udp endpoints and `staleServiceNames` argument is passed in to store the stale udp service.
+// The changes map is cleared after applying them.
+func (endpointsMap EndpointsMap) apply(changes *EndpointChangeTracker, staleEndpoints *[]ServiceEndpoint, staleServiceNames *[]ServicePortName) {
+	if changes == nil {
+		return
+	}
+	changes.lock.Lock()
+	defer changes.lock.Unlock()
+	for _, change := range changes.items {
+		endpointsMap.Unmerge(change.previous)
+		endpointsMap.Merge(change.current)
+		detectStaleConnections(change.previous, change.current, staleEndpoints, staleServiceNames)
+	}
+	changes.items = make(map[types.NamespacedName]*endpointsChange)
+}
+
+// Merge ensures that the current EndpointsMap contains all <service, endpoints> pairs from the EndpointsMap passed in.
+func (em EndpointsMap) Merge(other EndpointsMap) {
+	for svcPortName := range other {
+		em[svcPortName] = other[svcPortName]
+	}
+}
+
+// Unmerge removes the <service, endpoints> pairs from the current EndpointsMap which are contained in the EndpointsMap passed in.
+func (em EndpointsMap) Unmerge(other EndpointsMap) {
+	for svcPortName := range other {
+		delete(em, svcPortName)
+	}
+}
+
+// GetLocalEndpointIPs returns endpoints IPs if given endpoint is local - local means the endpoint is running in same host as kube-proxy.
+func GetLocalEndpointIPs(endpointsMap EndpointsMap) map[types.NamespacedName]sets.String {
+	localIPs := make(map[types.NamespacedName]sets.String)
+	for svcPortName, epList := range endpointsMap {
+		for _, ep := range epList {
+			if ep.GetIsLocal() {
+				nsn := svcPortName.NamespacedName
+				if localIPs[nsn] == nil {
+					localIPs[nsn] = sets.NewString()
+				}
+				localIPs[nsn].Insert(ep.IP())
+			}
+		}
+	}
+	return localIPs
+}
+
+// detectStaleConnections modifies <staleEndpoints> and <staleServices> with detected stale connections. <staleServiceNames>
+// is used to store stale udp service in order to clear udp conntrack later.
+func detectStaleConnections(oldEndpointsMap, newEndpointsMap EndpointsMap, staleEndpoints *[]ServiceEndpoint, staleServiceNames *[]ServicePortName) {
+	for svcPortName, epList := range oldEndpointsMap {
+		for _, ep := range epList {
+			stale := true
+			for i := range newEndpointsMap[svcPortName] {
+				if newEndpointsMap[svcPortName][i].Equal(ep) {
+					stale = false
+					break
+				}
+			}
+			if stale {
+				glog.V(4).Infof("Stale endpoint %v -> %v", svcPortName, ep.String())
+				*staleEndpoints = append(*staleEndpoints, ServiceEndpoint{Endpoint: ep.String(), ServicePortName: svcPortName})
+			}
+		}
+	}
+
+	for svcPortName, epList := range newEndpointsMap {
+		// For udp service, if its backend changes from 0 to non-0. There may exist a conntrack entry that could blackhole traffic to the service.
+		if len(epList) > 0 && len(oldEndpointsMap[svcPortName]) == 0 {
+			*staleServiceNames = append(*staleServiceNames, svcPortName)
+		}
+	}
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/healthcheck/BUILD b/vendor/k8s.io/kubernetes/pkg/proxy/healthcheck/BUILD
index a909cef8b54f..859600f0fd3a 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/healthcheck/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/healthcheck/BUILD
@@ -28,8 +28,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["healthcheck_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/proxy/healthcheck",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/davecgh/go-spew/spew:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/healthcheck/healthcheck.go b/vendor/k8s.io/kubernetes/pkg/proxy/healthcheck/healthcheck.go
index 7ee1da6ff4e2..93e5edf6112f 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/healthcheck/healthcheck.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/healthcheck/healthcheck.go
@@ -73,7 +73,7 @@ type HTTPServerFactory interface {
 
 // HTTPServer allows for testing of Server.
 type HTTPServer interface {
-	// Server is designed so that http.Server satifies this interface,
+	// Server is designed so that http.Server satisfies this interface,
 	Serve(listener net.Listener) error
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/iptables/BUILD b/vendor/k8s.io/kubernetes/pkg/proxy/iptables/BUILD
index cd7e76524e6d..c8bdf903a79e 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/iptables/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/iptables/BUILD
@@ -13,24 +13,21 @@ go_library(
     ],
     importpath = "k8s.io/kubernetes/pkg/proxy/iptables",
     deps = [
-        "//pkg/api/service:go_default_library",
         "//pkg/apis/core:go_default_library",
-        "//pkg/apis/core/helper:go_default_library",
-        "//pkg/features:go_default_library",
         "//pkg/proxy:go_default_library",
         "//pkg/proxy/healthcheck:go_default_library",
         "//pkg/proxy/metrics:go_default_library",
         "//pkg/proxy/util:go_default_library",
         "//pkg/util/async:go_default_library",
+        "//pkg/util/conntrack:go_default_library",
         "//pkg/util/iptables:go_default_library",
+        "//pkg/util/net:go_default_library",
         "//pkg/util/sysctl:go_default_library",
         "//pkg/util/version:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/client-go/tools/record:go_default_library",
         "//vendor/k8s.io/utils/exec:go_default_library",
     ],
@@ -39,21 +36,20 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["proxier_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/proxy/iptables",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/proxy:go_default_library",
         "//pkg/proxy/util:go_default_library",
+        "//pkg/proxy/util/testing:go_default_library",
         "//pkg/util/async:go_default_library",
+        "//pkg/util/conntrack:go_default_library",
         "//pkg/util/iptables:go_default_library",
         "//pkg/util/iptables/testing:go_default_library",
-        "//vendor/github.com/davecgh/go-spew/spew:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/utils/exec:go_default_library",
         "//vendor/k8s.io/utils/exec/testing:go_default_library",
     ],
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/iptables/OWNERS b/vendor/k8s.io/kubernetes/pkg/proxy/iptables/OWNERS
index d0dffc124002..b6d1d616c8d7 100755
--- a/vendor/k8s.io/kubernetes/pkg/proxy/iptables/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/iptables/OWNERS
@@ -4,3 +4,4 @@ reviewers:
 - justinsb
 - freehan
 - dcbw
+- danwinship
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/iptables/proxier.go b/vendor/k8s.io/kubernetes/pkg/proxy/iptables/proxier.go
index 1710d989f976..4b57e0440652 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/iptables/proxier.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/iptables/proxier.go
@@ -26,7 +26,6 @@ import (
 	"encoding/base32"
 	"fmt"
 	"net"
-	"reflect"
 	"strconv"
 	"strings"
 	"sync"
@@ -37,20 +36,17 @@ import (
 
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
-	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/apimachinery/pkg/util/wait"
-	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	"k8s.io/client-go/tools/record"
-	apiservice "k8s.io/kubernetes/pkg/api/service"
 	api "k8s.io/kubernetes/pkg/apis/core"
-	"k8s.io/kubernetes/pkg/apis/core/helper"
-	"k8s.io/kubernetes/pkg/features"
 	"k8s.io/kubernetes/pkg/proxy"
 	"k8s.io/kubernetes/pkg/proxy/healthcheck"
 	"k8s.io/kubernetes/pkg/proxy/metrics"
 	utilproxy "k8s.io/kubernetes/pkg/proxy/util"
 	"k8s.io/kubernetes/pkg/util/async"
+	"k8s.io/kubernetes/pkg/util/conntrack"
 	utiliptables "k8s.io/kubernetes/pkg/util/iptables"
+	utilnet "k8s.io/kubernetes/pkg/util/net"
 	utilsysctl "k8s.io/kubernetes/pkg/util/sysctl"
 	utilversion "k8s.io/kubernetes/pkg/util/version"
 	utilexec "k8s.io/utils/exec"
@@ -69,6 +65,9 @@ const (
 	// the services chain
 	kubeServicesChain utiliptables.Chain = "KUBE-SERVICES"
 
+	// the external services chain
+	kubeExternalServicesChain utiliptables.Chain = "KUBE-EXTERNAL-SERVICES"
+
 	// the nodeports chain
 	kubeNodePortsChain utiliptables.Chain = "KUBE-NODEPORTS"
 
@@ -141,17 +140,7 @@ const sysctlBridgeCallIPTables = "net/bridge/bridge-nf-call-iptables"
 
 // internal struct for string service information
 type serviceInfo struct {
-	clusterIP                net.IP
-	port                     int
-	protocol                 api.Protocol
-	nodePort                 int
-	loadBalancerStatus       api.LoadBalancerStatus
-	sessionAffinityType      api.ServiceAffinity
-	stickyMaxAgeSeconds      int
-	externalIPs              []string
-	loadBalancerSourceRanges []string
-	onlyNodeLocalEndpoints   bool
-	healthCheckNodePort      int
+	*proxy.BaseServiceInfo
 	// The following fields are computed and stored for performance reasons.
 	serviceNameString        string
 	servicePortChainName     utiliptables.Chain
@@ -159,75 +148,14 @@ type serviceInfo struct {
 	serviceLBChainName       utiliptables.Chain
 }
 
-// internal struct for endpoints information
-type endpointsInfo struct {
-	endpoint string // TODO: should be an endpointString type
-	isLocal  bool
-	// The following fields we lazily compute and store here for performance
-	// reasons. If the protocol is the same as you expect it to be, then the
-	// chainName can be reused, otherwise it should be recomputed.
-	protocol  string
-	chainName utiliptables.Chain
-}
-
-// IPPart returns just the IP part of the endpoint.
-func (e *endpointsInfo) IPPart() string {
-	return utilproxy.IPPart(e.endpoint)
-}
-
-// Returns the endpoint chain name for a given endpointsInfo.
-func (e *endpointsInfo) endpointChain(svcNameString, protocol string) utiliptables.Chain {
-	if e.protocol != protocol {
-		e.protocol = protocol
-		e.chainName = servicePortEndpointChainName(svcNameString, protocol, e.endpoint)
-	}
-	return e.chainName
-}
-
-func (e *endpointsInfo) String() string {
-	return fmt.Sprintf("%v", *e)
-}
-
-// returns a new serviceInfo struct
-func newServiceInfo(svcPortName proxy.ServicePortName, port *api.ServicePort, service *api.Service) *serviceInfo {
-	onlyNodeLocalEndpoints := false
-	if utilfeature.DefaultFeatureGate.Enabled(features.ExternalTrafficLocalOnly) &&
-		apiservice.RequestsOnlyLocalTraffic(service) {
-		onlyNodeLocalEndpoints = true
-	}
-	var stickyMaxAgeSeconds int
-	if service.Spec.SessionAffinity == api.ServiceAffinityClientIP {
-		// Kube-apiserver side guarantees SessionAffinityConfig won't be nil when session affinity type is ClientIP
-		stickyMaxAgeSeconds = int(*service.Spec.SessionAffinityConfig.ClientIP.TimeoutSeconds)
-	}
-	info := &serviceInfo{
-		clusterIP: net.ParseIP(service.Spec.ClusterIP),
-		port:      int(port.Port),
-		protocol:  port.Protocol,
-		nodePort:  int(port.NodePort),
-		// Deep-copy in case the service instance changes
-		loadBalancerStatus:       *helper.LoadBalancerStatusDeepCopy(&service.Status.LoadBalancer),
-		sessionAffinityType:      service.Spec.SessionAffinity,
-		stickyMaxAgeSeconds:      stickyMaxAgeSeconds,
-		externalIPs:              make([]string, len(service.Spec.ExternalIPs)),
-		loadBalancerSourceRanges: make([]string, len(service.Spec.LoadBalancerSourceRanges)),
-		onlyNodeLocalEndpoints:   onlyNodeLocalEndpoints,
-	}
-
-	copy(info.loadBalancerSourceRanges, service.Spec.LoadBalancerSourceRanges)
-	copy(info.externalIPs, service.Spec.ExternalIPs)
-
-	if apiservice.NeedsHealthCheck(service) {
-		p := service.Spec.HealthCheckNodePort
-		if p == 0 {
-			glog.Errorf("Service %q has no healthcheck nodeport", svcPortName.NamespacedName.String())
-		} else {
-			info.healthCheckNodePort = int(p)
-		}
-	}
+// returns a new proxy.ServicePort which abstracts a serviceInfo
+func newServiceInfo(port *api.ServicePort, service *api.Service, baseInfo *proxy.BaseServiceInfo) proxy.ServicePort {
+	info := &serviceInfo{BaseServiceInfo: baseInfo}
 
 	// Store the following for performance reasons.
-	protocol := strings.ToLower(string(info.protocol))
+	svcName := types.NamespacedName{Namespace: service.Namespace, Name: service.Name}
+	svcPortName := proxy.ServicePortName{NamespacedName: svcName, Port: port.Name}
+	protocol := strings.ToLower(string(info.Protocol))
 	info.serviceNameString = svcPortName.String()
 	info.servicePortChainName = servicePortChainName(info.serviceNameString, protocol)
 	info.serviceFirewallChainName = serviceFirewallChainName(info.serviceNameString, protocol)
@@ -236,133 +164,41 @@ func newServiceInfo(svcPortName proxy.ServicePortName, port *api.ServicePort, se
 	return info
 }
 
-type endpointsChange struct {
-	previous proxyEndpointsMap
-	current  proxyEndpointsMap
-}
-
-type endpointsChangeMap struct {
-	lock     sync.Mutex
-	hostname string
-	items    map[types.NamespacedName]*endpointsChange
-}
-
-type serviceChange struct {
-	previous proxyServiceMap
-	current  proxyServiceMap
-}
-
-type serviceChangeMap struct {
-	lock  sync.Mutex
-	items map[types.NamespacedName]*serviceChange
-}
-
-type updateEndpointMapResult struct {
-	hcEndpoints       map[types.NamespacedName]int
-	staleEndpoints    map[endpointServicePair]bool
-	staleServiceNames map[proxy.ServicePortName]bool
-}
-
-type updateServiceMapResult struct {
-	hcServices    map[types.NamespacedName]uint16
-	staleServices sets.String
-}
-
-type proxyServiceMap map[proxy.ServicePortName]*serviceInfo
-type proxyEndpointsMap map[proxy.ServicePortName][]*endpointsInfo
-
-func newEndpointsChangeMap(hostname string) endpointsChangeMap {
-	return endpointsChangeMap{
-		hostname: hostname,
-		items:    make(map[types.NamespacedName]*endpointsChange),
-	}
-}
-
-func (ecm *endpointsChangeMap) update(namespacedName *types.NamespacedName, previous, current *api.Endpoints) bool {
-	ecm.lock.Lock()
-	defer ecm.lock.Unlock()
-
-	change, exists := ecm.items[*namespacedName]
-	if !exists {
-		change = &endpointsChange{}
-		change.previous = endpointsToEndpointsMap(previous, ecm.hostname)
-		ecm.items[*namespacedName] = change
-	}
-	change.current = endpointsToEndpointsMap(current, ecm.hostname)
-	if reflect.DeepEqual(change.previous, change.current) {
-		delete(ecm.items, *namespacedName)
-	}
-	return len(ecm.items) > 0
-}
-
-func newServiceChangeMap() serviceChangeMap {
-	return serviceChangeMap{
-		items: make(map[types.NamespacedName]*serviceChange),
-	}
-}
-
-func (scm *serviceChangeMap) update(namespacedName *types.NamespacedName, previous, current *api.Service) bool {
-	scm.lock.Lock()
-	defer scm.lock.Unlock()
-
-	change, exists := scm.items[*namespacedName]
-	if !exists {
-		change = &serviceChange{}
-		change.previous = serviceToServiceMap(previous)
-		scm.items[*namespacedName] = change
-	}
-	change.current = serviceToServiceMap(current)
-	if reflect.DeepEqual(change.previous, change.current) {
-		delete(scm.items, *namespacedName)
-	}
-	return len(scm.items) > 0
-}
-
-func (sm *proxyServiceMap) merge(other proxyServiceMap) sets.String {
-	existingPorts := sets.NewString()
-	for svcPortName, info := range other {
-		port := strconv.Itoa(info.port)
-		clusterIPPort := net.JoinHostPort(info.clusterIP.String(), port)
-		existingPorts.Insert(svcPortName.Port)
-		_, exists := (*sm)[svcPortName]
-		if !exists {
-			glog.V(1).Infof("Adding new service port %q at %s/%s", svcPortName, clusterIPPort, info.protocol)
-		} else {
-			glog.V(1).Infof("Updating existing service port %q at %s/%s", svcPortName, clusterIPPort, info.protocol)
-		}
-		(*sm)[svcPortName] = info
-	}
-	return existingPorts
+// internal struct for endpoints information
+type endpointsInfo struct {
+	*proxy.BaseEndpointInfo
+	// The following fields we lazily compute and store here for performance
+	// reasons. If the protocol is the same as you expect it to be, then the
+	// chainName can be reused, otherwise it should be recomputed.
+	protocol  string
+	chainName utiliptables.Chain
 }
 
-func (sm *proxyServiceMap) unmerge(other proxyServiceMap, existingPorts, staleServices sets.String) {
-	for svcPortName := range other {
-		if existingPorts.Has(svcPortName.Port) {
-			continue
-		}
-		info, exists := (*sm)[svcPortName]
-		if exists {
-			glog.V(1).Infof("Removing service port %q", svcPortName)
-			if info.protocol == api.ProtocolUDP {
-				staleServices.Insert(info.clusterIP.String())
-			}
-			delete(*sm, svcPortName)
-		} else {
-			glog.Errorf("Service port %q removed, but doesn't exists", svcPortName)
-		}
-	}
+// returns a new proxy.Endpoint which abstracts a endpointsInfo
+func newEndpointInfo(baseInfo *proxy.BaseEndpointInfo) proxy.Endpoint {
+	return &endpointsInfo{BaseEndpointInfo: baseInfo}
 }
 
-func (em proxyEndpointsMap) merge(other proxyEndpointsMap) {
-	for svcPortName := range other {
-		em[svcPortName] = other[svcPortName]
-	}
+// Equal overrides the Equal() function imlemented by proxy.BaseEndpointInfo.
+func (e *endpointsInfo) Equal(other proxy.Endpoint) bool {
+	o, ok := other.(*endpointsInfo)
+	if !ok {
+		glog.Errorf("Failed to cast endpointsInfo")
+		return false
+	}
+	return e.Endpoint == o.Endpoint &&
+		e.IsLocal == o.IsLocal &&
+		e.protocol == o.protocol &&
+		e.chainName == o.chainName
 }
 
-func (em proxyEndpointsMap) unmerge(other proxyEndpointsMap) {
-	for svcPortName := range other {
-		delete(em, svcPortName)
+// Returns the endpoint chain name for a given endpointsInfo.
+func (e *endpointsInfo) endpointChain(svcNameString, protocol string) utiliptables.Chain {
+	if e.protocol != protocol {
+		e.protocol = protocol
+		e.chainName = servicePortEndpointChainName(svcNameString, protocol, e.Endpoint)
 	}
+	return e.chainName
 }
 
 // Proxier is an iptables based proxy for connections between a localhost:lport
@@ -372,12 +208,12 @@ type Proxier struct {
 	// services that happened since iptables was synced. For a single object,
 	// changes are accumulated, i.e. previous is state from before all of them,
 	// current is state after applying all of those.
-	endpointsChanges endpointsChangeMap
-	serviceChanges   serviceChangeMap
+	endpointsChanges *proxy.EndpointChangeTracker
+	serviceChanges   *proxy.ServiceChangeTracker
 
 	mu           sync.Mutex // protects the following fields
-	serviceMap   proxyServiceMap
-	endpointsMap proxyEndpointsMap
+	serviceMap   proxy.ServiceMap
+	endpointsMap proxy.EndpointsMap
 	portsMap     map[utilproxy.LocalPort]utilproxy.Closeable
 	// endpointsSynced and servicesSynced are set to true when corresponding
 	// objects are synced after startup. This is used to avoid updating iptables
@@ -412,6 +248,12 @@ type Proxier struct {
 	filterRules  *bytes.Buffer
 	natChains    *bytes.Buffer
 	natRules     *bytes.Buffer
+
+	// Values are as a parameter to select the interfaces where nodeport works.
+	nodePortAddresses []string
+	// networkInterfacer defines an interface for several net library functions.
+	// Inject for test purpose.
+	networkInterfacer utilproxy.NetworkInterfacer
 }
 
 // listenPortOpener opens ports by calling bind() and listen().
@@ -442,6 +284,7 @@ func NewProxier(ipt utiliptables.Interface,
 	nodeIP net.IP,
 	recorder record.EventRecorder,
 	healthzServer healthcheck.HealthzUpdater,
+	nodePortAddresses []string,
 ) (*Proxier, error) {
 	// Set the route_localnet sysctl we need for
 	if err := sysctl.SetSysctl(sysctlRouteLocalnet, 1); err != nil {
@@ -466,16 +309,19 @@ func NewProxier(ipt utiliptables.Interface,
 
 	if len(clusterCIDR) == 0 {
 		glog.Warningf("clusterCIDR not specified, unable to distinguish between internal and external traffic")
+	} else if utilnet.IsIPv6CIDR(clusterCIDR) != ipt.IsIpv6() {
+		return nil, fmt.Errorf("clusterCIDR %s has incorrect IP version: expect isIPv6=%t", clusterCIDR, ipt.IsIpv6())
 	}
 
 	healthChecker := healthcheck.NewServer(hostname, recorder, nil, nil) // use default implementations of deps
 
+	isIPv6 := ipt.IsIpv6()
 	proxier := &Proxier{
 		portsMap:                 make(map[utilproxy.LocalPort]utilproxy.Closeable),
-		serviceMap:               make(proxyServiceMap),
-		serviceChanges:           newServiceChangeMap(),
-		endpointsMap:             make(proxyEndpointsMap),
-		endpointsChanges:         newEndpointsChangeMap(hostname),
+		serviceMap:               make(proxy.ServiceMap),
+		serviceChanges:           proxy.NewServiceChangeTracker(newServiceInfo, &isIPv6, recorder),
+		endpointsMap:             make(proxy.EndpointsMap),
+		endpointsChanges:         proxy.NewEndpointChangeTracker(hostname, newEndpointInfo, &isIPv6, recorder),
 		iptables:                 ipt,
 		masqueradeAll:            masqueradeAll,
 		masqueradeMark:           masqueradeMark,
@@ -493,6 +339,8 @@ func NewProxier(ipt utiliptables.Interface,
 		filterRules:              bytes.NewBuffer(nil),
 		natChains:                bytes.NewBuffer(nil),
 		natRules:                 bytes.NewBuffer(nil),
+		nodePortAddresses:        nodePortAddresses,
+		networkInterfacer:        utilproxy.RealNetwork{},
 	}
 	burstSyncs := 2
 	glog.V(3).Infof("minSyncPeriod: %v, syncPeriod: %v, burstSyncs: %d", minSyncPeriod, syncPeriod, burstSyncs)
@@ -500,25 +348,40 @@ func NewProxier(ipt utiliptables.Interface,
 	return proxier, nil
 }
 
+type iptablesJumpChain struct {
+	table       utiliptables.Table
+	chain       utiliptables.Chain
+	sourceChain utiliptables.Chain
+	comment     string
+	extraArgs   []string
+}
+
+var iptablesJumpChains = []iptablesJumpChain{
+	{utiliptables.TableFilter, kubeExternalServicesChain, utiliptables.ChainInput, "kubernetes externally-visible service portals", []string{"-m", "conntrack", "--ctstate", "NEW"}},
+	{utiliptables.TableFilter, kubeServicesChain, utiliptables.ChainOutput, "kubernetes service portals", []string{"-m", "conntrack", "--ctstate", "NEW"}},
+	{utiliptables.TableNAT, kubeServicesChain, utiliptables.ChainOutput, "kubernetes service portals", nil},
+	{utiliptables.TableNAT, kubeServicesChain, utiliptables.ChainPrerouting, "kubernetes service portals", nil},
+	{utiliptables.TableNAT, kubePostroutingChain, utiliptables.ChainPostrouting, "kubernetes postrouting rules", nil},
+	{utiliptables.TableFilter, kubeForwardChain, utiliptables.ChainForward, "kubernetes forwarding rules", nil},
+}
+
+var iptablesCleanupOnlyChains = []iptablesJumpChain{
+	// Present in kube 1.6 - 1.9. Removed by #56164 in favor of kubeExternalServicesChain
+	{utiliptables.TableFilter, kubeServicesChain, utiliptables.ChainInput, "kubernetes service portals", nil},
+	// Present in kube <= 1.9. Removed by #60306 in favor of rule with extraArgs
+	{utiliptables.TableFilter, kubeServicesChain, utiliptables.ChainOutput, "kubernetes service portals", nil},
+}
+
 // CleanupLeftovers removes all iptables rules and chains created by the Proxier
 // It returns true if an error was encountered. Errors are logged.
 func CleanupLeftovers(ipt utiliptables.Interface) (encounteredError bool) {
-	// Unlink the services chain.
-	args := []string{
-		"-m", "comment", "--comment", "kubernetes service portals",
-		"-j", string(kubeServicesChain),
-	}
-	tableChainsWithJumpServices := []struct {
-		table utiliptables.Table
-		chain utiliptables.Chain
-	}{
-		{utiliptables.TableFilter, utiliptables.ChainInput},
-		{utiliptables.TableFilter, utiliptables.ChainOutput},
-		{utiliptables.TableNAT, utiliptables.ChainOutput},
-		{utiliptables.TableNAT, utiliptables.ChainPrerouting},
-	}
-	for _, tc := range tableChainsWithJumpServices {
-		if err := ipt.DeleteRule(tc.table, tc.chain, args...); err != nil {
+	// Unlink our chains
+	for _, chain := range append(iptablesJumpChains, iptablesCleanupOnlyChains...) {
+		args := append(chain.extraArgs,
+			"-m", "comment", "--comment", chain.comment,
+			"-j", string(chain.chain),
+		)
+		if err := ipt.DeleteRule(chain.table, chain.sourceChain, args...); err != nil {
 			if !utiliptables.IsNotFoundError(err) {
 				glog.Errorf("Error removing pure-iptables proxy rule: %v", err)
 				encounteredError = true
@@ -526,31 +389,7 @@ func CleanupLeftovers(ipt utiliptables.Interface) (encounteredError bool) {
 		}
 	}
 
-	// Unlink the postrouting chain.
-	args = []string{
-		"-m", "comment", "--comment", "kubernetes postrouting rules",
-		"-j", string(kubePostroutingChain),
-	}
-	if err := ipt.DeleteRule(utiliptables.TableNAT, utiliptables.ChainPostrouting, args...); err != nil {
-		if !utiliptables.IsNotFoundError(err) {
-			glog.Errorf("Error removing pure-iptables proxy rule: %v", err)
-			encounteredError = true
-		}
-	}
-
-	// Unlink the forwarding chain.
-	args = []string{
-		"-m", "comment", "--comment", "kubernetes forwarding rules",
-		"-j", string(kubeForwardChain),
-	}
-	if err := ipt.DeleteRule(utiliptables.TableFilter, utiliptables.ChainForward, args...); err != nil {
-		if !utiliptables.IsNotFoundError(err) {
-			glog.Errorf("Error removing pure-iptables proxy rule: %v", err)
-			encounteredError = true
-		}
-	}
-
-	// Flush and remove all of our chains.
+	// Flush and remove all of our "-t nat" chains.
 	iptablesData := bytes.NewBuffer(nil)
 	if err := ipt.SaveInto(utiliptables.TableNAT, iptablesData); err != nil {
 		glog.Errorf("Failed to execute iptables-save for %s: %v", utiliptables.TableNAT, err)
@@ -586,7 +425,7 @@ func CleanupLeftovers(ipt utiliptables.Interface) (encounteredError bool) {
 		}
 	}
 
-	// Flush and remove all of our chains.
+	// Flush and remove all of our "-t filter" chains.
 	iptablesData = bytes.NewBuffer(nil)
 	if err := ipt.SaveInto(utiliptables.TableFilter, iptablesData); err != nil {
 		glog.Errorf("Failed to execute iptables-save for %s: %v", utiliptables.TableFilter, err)
@@ -596,7 +435,7 @@ func CleanupLeftovers(ipt utiliptables.Interface) (encounteredError bool) {
 		filterChains := bytes.NewBuffer(nil)
 		filterRules := bytes.NewBuffer(nil)
 		writeLine(filterChains, "*filter")
-		for _, chain := range []utiliptables.Chain{kubeServicesChain, kubeForwardChain} {
+		for _, chain := range []utiliptables.Chain{kubeServicesChain, kubeExternalServicesChain, kubeForwardChain} {
 			if _, found := existingFilterChains[chain]; found {
 				chainString := string(chain)
 				writeLine(filterChains, existingFilterChains[chain])
@@ -663,24 +502,18 @@ func (proxier *Proxier) isInitialized() bool {
 }
 
 func (proxier *Proxier) OnServiceAdd(service *api.Service) {
-	namespacedName := types.NamespacedName{Namespace: service.Namespace, Name: service.Name}
-	if proxier.serviceChanges.update(&namespacedName, nil, service) && proxier.isInitialized() {
-		proxier.syncRunner.Run()
-	}
+	proxier.OnServiceUpdate(nil, service)
 }
 
 func (proxier *Proxier) OnServiceUpdate(oldService, service *api.Service) {
-	namespacedName := types.NamespacedName{Namespace: service.Namespace, Name: service.Name}
-	if proxier.serviceChanges.update(&namespacedName, oldService, service) && proxier.isInitialized() {
+	if proxier.serviceChanges.Update(oldService, service) && proxier.isInitialized() {
 		proxier.syncRunner.Run()
 	}
 }
 
 func (proxier *Proxier) OnServiceDelete(service *api.Service) {
-	namespacedName := types.NamespacedName{Namespace: service.Namespace, Name: service.Name}
-	if proxier.serviceChanges.update(&namespacedName, service, nil) && proxier.isInitialized() {
-		proxier.syncRunner.Run()
-	}
+	proxier.OnServiceUpdate(service, nil)
+
 }
 
 func (proxier *Proxier) OnServiceSynced() {
@@ -693,54 +526,18 @@ func (proxier *Proxier) OnServiceSynced() {
 	proxier.syncProxyRules()
 }
 
-// <serviceMap> is updated by this function (based on the given changes).
-// <changes> map is cleared after applying them.
-func updateServiceMap(
-	serviceMap proxyServiceMap,
-	changes *serviceChangeMap) (result updateServiceMapResult) {
-	result.staleServices = sets.NewString()
-
-	func() {
-		changes.lock.Lock()
-		defer changes.lock.Unlock()
-		for _, change := range changes.items {
-			existingPorts := serviceMap.merge(change.current)
-			serviceMap.unmerge(change.previous, existingPorts, result.staleServices)
-		}
-		changes.items = make(map[types.NamespacedName]*serviceChange)
-	}()
-
-	// TODO: If this will appear to be computationally expensive, consider
-	// computing this incrementally similarly to serviceMap.
-	result.hcServices = make(map[types.NamespacedName]uint16)
-	for svcPortName, info := range serviceMap {
-		if info.healthCheckNodePort != 0 {
-			result.hcServices[svcPortName.NamespacedName] = uint16(info.healthCheckNodePort)
-		}
-	}
-
-	return result
-}
-
 func (proxier *Proxier) OnEndpointsAdd(endpoints *api.Endpoints) {
-	namespacedName := types.NamespacedName{Namespace: endpoints.Namespace, Name: endpoints.Name}
-	if proxier.endpointsChanges.update(&namespacedName, nil, endpoints) && proxier.isInitialized() {
-		proxier.syncRunner.Run()
-	}
+	proxier.OnEndpointsUpdate(nil, endpoints)
 }
 
 func (proxier *Proxier) OnEndpointsUpdate(oldEndpoints, endpoints *api.Endpoints) {
-	namespacedName := types.NamespacedName{Namespace: endpoints.Namespace, Name: endpoints.Name}
-	if proxier.endpointsChanges.update(&namespacedName, oldEndpoints, endpoints) && proxier.isInitialized() {
+	if proxier.endpointsChanges.Update(oldEndpoints, endpoints) && proxier.isInitialized() {
 		proxier.syncRunner.Run()
 	}
 }
 
 func (proxier *Proxier) OnEndpointsDelete(endpoints *api.Endpoints) {
-	namespacedName := types.NamespacedName{Namespace: endpoints.Namespace, Name: endpoints.Name}
-	if proxier.endpointsChanges.update(&namespacedName, endpoints, nil) && proxier.isInitialized() {
-		proxier.syncRunner.Run()
-	}
+	proxier.OnEndpointsUpdate(endpoints, nil)
 }
 
 func (proxier *Proxier) OnEndpointsSynced() {
@@ -753,156 +550,6 @@ func (proxier *Proxier) OnEndpointsSynced() {
 	proxier.syncProxyRules()
 }
 
-// <endpointsMap> is updated by this function (based on the given changes).
-// <changes> map is cleared after applying them.
-func updateEndpointsMap(
-	endpointsMap proxyEndpointsMap,
-	changes *endpointsChangeMap,
-	hostname string) (result updateEndpointMapResult) {
-	result.staleEndpoints = make(map[endpointServicePair]bool)
-	result.staleServiceNames = make(map[proxy.ServicePortName]bool)
-
-	func() {
-		changes.lock.Lock()
-		defer changes.lock.Unlock()
-		for _, change := range changes.items {
-			endpointsMap.unmerge(change.previous)
-			endpointsMap.merge(change.current)
-			detectStaleConnections(change.previous, change.current, result.staleEndpoints, result.staleServiceNames)
-		}
-		changes.items = make(map[types.NamespacedName]*endpointsChange)
-	}()
-
-	if !utilfeature.DefaultFeatureGate.Enabled(features.ExternalTrafficLocalOnly) {
-		return
-	}
-
-	// TODO: If this will appear to be computationally expensive, consider
-	// computing this incrementally similarly to endpointsMap.
-	result.hcEndpoints = make(map[types.NamespacedName]int)
-	localIPs := getLocalIPs(endpointsMap)
-	for nsn, ips := range localIPs {
-		result.hcEndpoints[nsn] = len(ips)
-	}
-
-	return result
-}
-
-// <staleEndpoints> and <staleServices> are modified by this function with detected stale connections.
-func detectStaleConnections(oldEndpointsMap, newEndpointsMap proxyEndpointsMap, staleEndpoints map[endpointServicePair]bool, staleServiceNames map[proxy.ServicePortName]bool) {
-	for svcPortName, epList := range oldEndpointsMap {
-		for _, ep := range epList {
-			stale := true
-			for i := range newEndpointsMap[svcPortName] {
-				if *newEndpointsMap[svcPortName][i] == *ep {
-					stale = false
-					break
-				}
-			}
-			if stale {
-				glog.V(4).Infof("Stale endpoint %v -> %v", svcPortName, ep.endpoint)
-				staleEndpoints[endpointServicePair{endpoint: ep.endpoint, servicePortName: svcPortName}] = true
-			}
-		}
-	}
-
-	for svcPortName, epList := range newEndpointsMap {
-		// For udp service, if its backend changes from 0 to non-0. There may exist a conntrack entry that could blackhole traffic to the service.
-		if len(epList) > 0 && len(oldEndpointsMap[svcPortName]) == 0 {
-			staleServiceNames[svcPortName] = true
-		}
-	}
-}
-
-func getLocalIPs(endpointsMap proxyEndpointsMap) map[types.NamespacedName]sets.String {
-	localIPs := make(map[types.NamespacedName]sets.String)
-	for svcPortName := range endpointsMap {
-		for _, ep := range endpointsMap[svcPortName] {
-			if ep.isLocal {
-				// If the endpoint has a bad format, utilproxy.IPPart() will log an
-				// error and ep.IPPart() will return a null string.
-				if ip := ep.IPPart(); ip != "" {
-					nsn := svcPortName.NamespacedName
-					if localIPs[nsn] == nil {
-						localIPs[nsn] = sets.NewString()
-					}
-					localIPs[nsn].Insert(ip)
-				}
-			}
-		}
-	}
-	return localIPs
-}
-
-// Translates single Endpoints object to proxyEndpointsMap.
-// This function is used for incremental updated of endpointsMap.
-//
-// NOTE: endpoints object should NOT be modified.
-func endpointsToEndpointsMap(endpoints *api.Endpoints, hostname string) proxyEndpointsMap {
-	if endpoints == nil {
-		return nil
-	}
-
-	endpointsMap := make(proxyEndpointsMap)
-	// We need to build a map of portname -> all ip:ports for that
-	// portname.  Explode Endpoints.Subsets[*] into this structure.
-	for i := range endpoints.Subsets {
-		ss := &endpoints.Subsets[i]
-		for i := range ss.Ports {
-			port := &ss.Ports[i]
-			if port.Port == 0 {
-				glog.Warningf("ignoring invalid endpoint port %s", port.Name)
-				continue
-			}
-			svcPortName := proxy.ServicePortName{
-				NamespacedName: types.NamespacedName{Namespace: endpoints.Namespace, Name: endpoints.Name},
-				Port:           port.Name,
-			}
-			for i := range ss.Addresses {
-				addr := &ss.Addresses[i]
-				if addr.IP == "" {
-					glog.Warningf("ignoring invalid endpoint port %s with empty host", port.Name)
-					continue
-				}
-				epInfo := &endpointsInfo{
-					endpoint: net.JoinHostPort(addr.IP, strconv.Itoa(int(port.Port))),
-					isLocal:  addr.NodeName != nil && *addr.NodeName == hostname,
-				}
-				endpointsMap[svcPortName] = append(endpointsMap[svcPortName], epInfo)
-			}
-			if glog.V(3) {
-				newEPList := []string{}
-				for _, ep := range endpointsMap[svcPortName] {
-					newEPList = append(newEPList, ep.endpoint)
-				}
-				glog.Infof("Setting endpoints for %q to %+v", svcPortName, newEPList)
-			}
-		}
-	}
-	return endpointsMap
-}
-
-// Translates single Service object to proxyServiceMap.
-//
-// NOTE: service object should NOT be modified.
-func serviceToServiceMap(service *api.Service) proxyServiceMap {
-	if service == nil {
-		return nil
-	}
-	svcName := types.NamespacedName{Namespace: service.Namespace, Name: service.Name}
-	if utilproxy.ShouldSkipService(svcName, service) {
-		return nil
-	}
-
-	serviceMap := make(proxyServiceMap)
-	for i := range service.Spec.Ports {
-		servicePort := &service.Spec.Ports[i]
-		svcPortName := proxy.ServicePortName{NamespacedName: svcName, Port: servicePort.Name}
-		serviceMap[svcPortName] = newServiceInfo(svcPortName, servicePort, service)
-	}
-	return serviceMap
-}
-
 // portProtoHash takes the ServicePortName and protocol for a service
 // returns the associated 16 character hash. This is computed by hashing (sha256)
 // then encoding to base32 and truncating to 16 chars. We do this because IPTables
@@ -943,25 +590,17 @@ func servicePortEndpointChainName(servicePortName string, protocol string, endpo
 	return utiliptables.Chain("KUBE-SEP-" + encoded[:16])
 }
 
-type endpointServicePair struct {
-	endpoint        string
-	servicePortName proxy.ServicePortName
-}
-
-func (esp *endpointServicePair) IPPart() string {
-	return utilproxy.IPPart(esp.endpoint)
-}
-
 // After a UDP endpoint has been removed, we must flush any pending conntrack entries to it, or else we
 // risk sending more traffic to it, all of which will be lost (because UDP).
 // This assumes the proxier mutex is held
-func (proxier *Proxier) deleteEndpointConnections(connectionMap map[endpointServicePair]bool) {
-	for epSvcPair := range connectionMap {
-		if svcInfo, ok := proxier.serviceMap[epSvcPair.servicePortName]; ok && svcInfo.protocol == api.ProtocolUDP {
-			endpointIP := utilproxy.IPPart(epSvcPair.endpoint)
-			err := utilproxy.ClearUDPConntrackForPeers(proxier.exec, svcInfo.clusterIP.String(), endpointIP)
+// TODO: move it to util
+func (proxier *Proxier) deleteEndpointConnections(connectionMap []proxy.ServiceEndpoint) {
+	for _, epSvcPair := range connectionMap {
+		if svcInfo, ok := proxier.serviceMap[epSvcPair.ServicePortName]; ok && svcInfo.GetProtocol() == api.ProtocolUDP {
+			endpointIP := utilproxy.IPPart(epSvcPair.Endpoint)
+			err := conntrack.ClearEntriesForNAT(proxier.exec, svcInfo.ClusterIPString(), endpointIP, v1.ProtocolUDP)
 			if err != nil {
-				glog.Errorf("Failed to delete %s endpoint connections, error: %v", epSvcPair.servicePortName.String(), err)
+				glog.Errorf("Failed to delete %s endpoint connections, error: %v", epSvcPair.ServicePortName.String(), err)
 			}
 		}
 	}
@@ -988,77 +627,32 @@ func (proxier *Proxier) syncProxyRules() {
 	// We assume that if this was called, we really want to sync them,
 	// even if nothing changed in the meantime. In other words, callers are
 	// responsible for detecting no-op changes and not calling this function.
-	serviceUpdateResult := updateServiceMap(
-		proxier.serviceMap, &proxier.serviceChanges)
-	endpointUpdateResult := updateEndpointsMap(
-		proxier.endpointsMap, &proxier.endpointsChanges, proxier.hostname)
+	serviceUpdateResult := proxy.UpdateServiceMap(proxier.serviceMap, proxier.serviceChanges)
+	endpointUpdateResult := proxy.UpdateEndpointsMap(proxier.endpointsMap, proxier.endpointsChanges)
 
-	staleServices := serviceUpdateResult.staleServices
+	staleServices := serviceUpdateResult.UDPStaleClusterIP
 	// merge stale services gathered from updateEndpointsMap
-	for svcPortName := range endpointUpdateResult.staleServiceNames {
-		if svcInfo, ok := proxier.serviceMap[svcPortName]; ok && svcInfo != nil && svcInfo.protocol == api.ProtocolUDP {
-			glog.V(2).Infof("Stale udp service %v -> %s", svcPortName, svcInfo.clusterIP.String())
-			staleServices.Insert(svcInfo.clusterIP.String())
+	for _, svcPortName := range endpointUpdateResult.StaleServiceNames {
+		if svcInfo, ok := proxier.serviceMap[svcPortName]; ok && svcInfo != nil && svcInfo.GetProtocol() == api.ProtocolUDP {
+			glog.V(2).Infof("Stale udp service %v -> %s", svcPortName, svcInfo.ClusterIPString())
+			staleServices.Insert(svcInfo.ClusterIPString())
 		}
 	}
 
 	glog.V(3).Infof("Syncing iptables rules")
 
-	// Create and link the kube services chain.
-	{
-		tablesNeedServicesChain := []utiliptables.Table{utiliptables.TableFilter, utiliptables.TableNAT}
-		for _, table := range tablesNeedServicesChain {
-			if _, err := proxier.iptables.EnsureChain(table, kubeServicesChain); err != nil {
-				glog.Errorf("Failed to ensure that %s chain %s exists: %v", table, kubeServicesChain, err)
-				return
-			}
-		}
-
-		tableChainsNeedJumpServices := []struct {
-			table utiliptables.Table
-			chain utiliptables.Chain
-		}{
-			{utiliptables.TableFilter, utiliptables.ChainInput},
-			{utiliptables.TableFilter, utiliptables.ChainOutput},
-			{utiliptables.TableNAT, utiliptables.ChainOutput},
-			{utiliptables.TableNAT, utiliptables.ChainPrerouting},
-		}
-		comment := "kubernetes service portals"
-		args := []string{"-m", "comment", "--comment", comment, "-j", string(kubeServicesChain)}
-		for _, tc := range tableChainsNeedJumpServices {
-			if _, err := proxier.iptables.EnsureRule(utiliptables.Prepend, tc.table, tc.chain, args...); err != nil {
-				glog.Errorf("Failed to ensure that %s chain %s jumps to %s: %v", tc.table, tc.chain, kubeServicesChain, err)
-				return
-			}
-		}
-	}
-
-	// Create and link the kube postrouting chain.
-	{
-		if _, err := proxier.iptables.EnsureChain(utiliptables.TableNAT, kubePostroutingChain); err != nil {
-			glog.Errorf("Failed to ensure that %s chain %s exists: %v", utiliptables.TableNAT, kubePostroutingChain, err)
+	// Create and link the kube chains.
+	for _, chain := range iptablesJumpChains {
+		if _, err := proxier.iptables.EnsureChain(chain.table, chain.chain); err != nil {
+			glog.Errorf("Failed to ensure that %s chain %s exists: %v", chain.table, kubeServicesChain, err)
 			return
 		}
-
-		comment := "kubernetes postrouting rules"
-		args := []string{"-m", "comment", "--comment", comment, "-j", string(kubePostroutingChain)}
-		if _, err := proxier.iptables.EnsureRule(utiliptables.Prepend, utiliptables.TableNAT, utiliptables.ChainPostrouting, args...); err != nil {
-			glog.Errorf("Failed to ensure that %s chain %s jumps to %s: %v", utiliptables.TableNAT, utiliptables.ChainPostrouting, kubePostroutingChain, err)
-			return
-		}
-	}
-
-	// Create and link the kube forward chain.
-	{
-		if _, err := proxier.iptables.EnsureChain(utiliptables.TableFilter, kubeForwardChain); err != nil {
-			glog.Errorf("Failed to ensure that %s chain %s exists: %v", utiliptables.TableFilter, kubeForwardChain, err)
-			return
-		}
-
-		comment := "kubernetes forward rules"
-		args := []string{"-m", "comment", "--comment", comment, "-j", string(kubeForwardChain)}
-		if _, err := proxier.iptables.EnsureRule(utiliptables.Prepend, utiliptables.TableFilter, utiliptables.ChainForward, args...); err != nil {
-			glog.Errorf("Failed to ensure that %s chain %s jumps to %s: %v", utiliptables.TableFilter, utiliptables.ChainForward, kubeForwardChain, err)
+		args := append(chain.extraArgs,
+			"-m", "comment", "--comment", chain.comment,
+			"-j", string(chain.chain),
+		)
+		if _, err := proxier.iptables.EnsureRule(utiliptables.Prepend, chain.table, chain.sourceChain, args...); err != nil {
+			glog.Errorf("Failed to ensure that %s chain %s jumps to %s: %v", chain.table, chain.sourceChain, chain.chain, err)
 			return
 		}
 	}
@@ -1100,35 +694,19 @@ func (proxier *Proxier) syncProxyRules() {
 
 	// Make sure we keep stats for the top-level chains, if they existed
 	// (which most should have because we created them above).
-	if chain, ok := existingFilterChains[kubeServicesChain]; ok {
-		writeLine(proxier.filterChains, chain)
-	} else {
-		writeLine(proxier.filterChains, utiliptables.MakeChainLine(kubeServicesChain))
-	}
-	if chain, ok := existingFilterChains[kubeForwardChain]; ok {
-		writeLine(proxier.filterChains, chain)
-	} else {
-		writeLine(proxier.filterChains, utiliptables.MakeChainLine(kubeForwardChain))
-	}
-	if chain, ok := existingNATChains[kubeServicesChain]; ok {
-		writeLine(proxier.natChains, chain)
-	} else {
-		writeLine(proxier.natChains, utiliptables.MakeChainLine(kubeServicesChain))
-	}
-	if chain, ok := existingNATChains[kubeNodePortsChain]; ok {
-		writeLine(proxier.natChains, chain)
-	} else {
-		writeLine(proxier.natChains, utiliptables.MakeChainLine(kubeNodePortsChain))
-	}
-	if chain, ok := existingNATChains[kubePostroutingChain]; ok {
-		writeLine(proxier.natChains, chain)
-	} else {
-		writeLine(proxier.natChains, utiliptables.MakeChainLine(kubePostroutingChain))
+	for _, chainName := range []utiliptables.Chain{kubeServicesChain, kubeExternalServicesChain, kubeForwardChain} {
+		if chain, ok := existingFilterChains[chainName]; ok {
+			writeLine(proxier.filterChains, chain)
+		} else {
+			writeLine(proxier.filterChains, utiliptables.MakeChainLine(chainName))
+		}
 	}
-	if chain, ok := existingNATChains[KubeMarkMasqChain]; ok {
-		writeLine(proxier.natChains, chain)
-	} else {
-		writeLine(proxier.natChains, utiliptables.MakeChainLine(KubeMarkMasqChain))
+	for _, chainName := range []utiliptables.Chain{kubeServicesChain, kubeNodePortsChain, kubePostroutingChain, KubeMarkMasqChain} {
+		if chain, ok := existingNATChains[chainName]; ok {
+			writeLine(proxier.natChains, chain)
+		} else {
+			writeLine(proxier.natChains, utiliptables.MakeChainLine(chainName))
+		}
 	}
 
 	// Install the kubernetes-specific postrouting rules. We use a whole chain for
@@ -1170,22 +748,30 @@ func (proxier *Proxier) syncProxyRules() {
 	args := make([]string, 64)
 
 	// Build rules for each service.
-	var svcNameString string
-	for svcName, svcInfo := range proxier.serviceMap {
-		protocol := strings.ToLower(string(svcInfo.protocol))
-		svcNameString = svcInfo.serviceNameString
+	for svcName, svc := range proxier.serviceMap {
+		svcInfo, ok := svc.(*serviceInfo)
+		if !ok {
+			glog.Errorf("Failed to cast serviceInfo %q", svcName.String())
+			continue
+		}
+		isIPv6 := utilnet.IsIPv6(svcInfo.ClusterIP)
+		protocol := strings.ToLower(string(svcInfo.Protocol))
+		svcNameString := svcInfo.serviceNameString
+		hasEndpoints := len(proxier.endpointsMap[svcName]) > 0
 
-		// Create the per-service chain, retaining counters if possible.
 		svcChain := svcInfo.servicePortChainName
-		if chain, ok := existingNATChains[svcChain]; ok {
-			writeLine(proxier.natChains, chain)
-		} else {
-			writeLine(proxier.natChains, utiliptables.MakeChainLine(svcChain))
+		if hasEndpoints {
+			// Create the per-service chain, retaining counters if possible.
+			if chain, ok := existingNATChains[svcChain]; ok {
+				writeLine(proxier.natChains, chain)
+			} else {
+				writeLine(proxier.natChains, utiliptables.MakeChainLine(svcChain))
+			}
+			activeNATChains[svcChain] = true
 		}
-		activeNATChains[svcChain] = true
 
 		svcXlbChain := svcInfo.serviceLBChainName
-		if svcInfo.onlyNodeLocalEndpoints {
+		if svcInfo.OnlyNodeLocalEndpoints {
 			// Only for services request OnlyLocal traffic
 			// create the per-service LB chain, retaining counters if possible.
 			if lbChain, ok := existingNATChains[svcXlbChain]; ok {
@@ -1194,33 +780,41 @@ func (proxier *Proxier) syncProxyRules() {
 				writeLine(proxier.natChains, utiliptables.MakeChainLine(svcXlbChain))
 			}
 			activeNATChains[svcXlbChain] = true
-		} else if activeNATChains[svcXlbChain] {
-			// Cleanup the previously created XLB chain for this service
-			delete(activeNATChains, svcXlbChain)
 		}
 
 		// Capture the clusterIP.
-		args = append(args[:0],
-			"-A", string(kubeServicesChain),
-			"-m", "comment", "--comment", fmt.Sprintf(`"%s cluster IP"`, svcNameString),
-			"-m", protocol, "-p", protocol,
-			"-d", utilproxy.ToCIDR(svcInfo.clusterIP),
-			"--dport", strconv.Itoa(svcInfo.port),
-		)
-		if proxier.masqueradeAll {
-			writeLine(proxier.natRules, append(args, "-j", string(KubeMarkMasqChain))...)
-		} else if len(proxier.clusterCIDR) > 0 {
-			// This masquerades off-cluster traffic to a service VIP.  The idea
-			// is that you can establish a static route for your Service range,
-			// routing to any node, and that node will bridge into the Service
-			// for you.  Since that might bounce off-node, we masquerade here.
-			// If/when we support "Local" policy for VIPs, we should update this.
-			writeLine(proxier.natRules, append(args, "! -s", proxier.clusterCIDR, "-j", string(KubeMarkMasqChain))...)
+		if hasEndpoints {
+			args = append(args[:0],
+				"-A", string(kubeServicesChain),
+				"-m", "comment", "--comment", fmt.Sprintf(`"%s cluster IP"`, svcNameString),
+				"-m", protocol, "-p", protocol,
+				"-d", utilproxy.ToCIDR(svcInfo.ClusterIP),
+				"--dport", strconv.Itoa(svcInfo.Port),
+			)
+			if proxier.masqueradeAll {
+				writeLine(proxier.natRules, append(args, "-j", string(KubeMarkMasqChain))...)
+			} else if len(proxier.clusterCIDR) > 0 {
+				// This masquerades off-cluster traffic to a service VIP.  The idea
+				// is that you can establish a static route for your Service range,
+				// routing to any node, and that node will bridge into the Service
+				// for you.  Since that might bounce off-node, we masquerade here.
+				// If/when we support "Local" policy for VIPs, we should update this.
+				writeLine(proxier.natRules, append(args, "! -s", proxier.clusterCIDR, "-j", string(KubeMarkMasqChain))...)
+			}
+			writeLine(proxier.natRules, append(args, "-j", string(svcChain))...)
+		} else {
+			writeLine(proxier.filterRules,
+				"-A", string(kubeServicesChain),
+				"-m", "comment", "--comment", fmt.Sprintf(`"%s has no endpoints"`, svcNameString),
+				"-m", protocol, "-p", protocol,
+				"-d", utilproxy.ToCIDR(svcInfo.ClusterIP),
+				"--dport", strconv.Itoa(svcInfo.Port),
+				"-j", "REJECT",
+			)
 		}
-		writeLine(proxier.natRules, append(args, "-j", string(svcChain))...)
 
 		// Capture externalIPs.
-		for _, externalIP := range svcInfo.externalIPs {
+		for _, externalIP := range svcInfo.ExternalIPs {
 			// If the "external" IP happens to be an IP that is local to this
 			// machine, hold the local port open so no other process can open it
 			// (because the socket might open but it would never work).
@@ -1230,7 +824,7 @@ func (proxier *Proxier) syncProxyRules() {
 				lp := utilproxy.LocalPort{
 					Description: "externalIP for " + svcNameString,
 					IP:          externalIP,
-					Port:        svcInfo.port,
+					Port:        svcInfo.Port,
 					Protocol:    protocol,
 				}
 				if proxier.portsMap[lp] != nil {
@@ -1253,121 +847,123 @@ func (proxier *Proxier) syncProxyRules() {
 					}
 					replacementPortsMap[lp] = socket
 				}
-			} // We're holding the port, so it's OK to install iptables rules.
-			args = append(args[:0],
-				"-A", string(kubeServicesChain),
-				"-m", "comment", "--comment", fmt.Sprintf(`"%s external IP"`, svcNameString),
-				"-m", protocol, "-p", protocol,
-				"-d", utilproxy.ToCIDR(net.ParseIP(externalIP)),
-				"--dport", strconv.Itoa(svcInfo.port),
-			)
-			// We have to SNAT packets to external IPs.
-			writeLine(proxier.natRules, append(args, "-j", string(KubeMarkMasqChain))...)
-
-			// Allow traffic for external IPs that does not come from a bridge (i.e. not from a container)
-			// nor from a local process to be forwarded to the service.
-			// This rule roughly translates to "all traffic from off-machine".
-			// This is imperfect in the face of network plugins that might not use a bridge, but we can revisit that later.
-			externalTrafficOnlyArgs := append(args,
-				"-m", "physdev", "!", "--physdev-is-in",
-				"-m", "addrtype", "!", "--src-type", "LOCAL")
-			writeLine(proxier.natRules, append(externalTrafficOnlyArgs, "-j", string(svcChain))...)
-			dstLocalOnlyArgs := append(args, "-m", "addrtype", "--dst-type", "LOCAL")
-			// Allow traffic bound for external IPs that happen to be recognized as local IPs to stay local.
-			// This covers cases like GCE load-balancers which get added to the local routing table.
-			writeLine(proxier.natRules, append(dstLocalOnlyArgs, "-j", string(svcChain))...)
-
-			// If the service has no endpoints then reject packets coming via externalIP
-			// Install ICMP Reject rule in filter table for destination=externalIP and dport=svcport
-			if len(proxier.endpointsMap[svcName]) == 0 {
-				writeLine(proxier.filterRules,
+			}
+
+			if hasEndpoints {
+				args = append(args[:0],
 					"-A", string(kubeServicesChain),
+					"-m", "comment", "--comment", fmt.Sprintf(`"%s external IP"`, svcNameString),
+					"-m", protocol, "-p", protocol,
+					"-d", utilproxy.ToCIDR(net.ParseIP(externalIP)),
+					"--dport", strconv.Itoa(svcInfo.Port),
+				)
+				// We have to SNAT packets to external IPs.
+				writeLine(proxier.natRules, append(args, "-j", string(KubeMarkMasqChain))...)
+
+				// Allow traffic for external IPs that does not come from a bridge (i.e. not from a container)
+				// nor from a local process to be forwarded to the service.
+				// This rule roughly translates to "all traffic from off-machine".
+				// This is imperfect in the face of network plugins that might not use a bridge, but we can revisit that later.
+				externalTrafficOnlyArgs := append(args,
+					"-m", "physdev", "!", "--physdev-is-in",
+					"-m", "addrtype", "!", "--src-type", "LOCAL")
+				writeLine(proxier.natRules, append(externalTrafficOnlyArgs, "-j", string(svcChain))...)
+				dstLocalOnlyArgs := append(args, "-m", "addrtype", "--dst-type", "LOCAL")
+				// Allow traffic bound for external IPs that happen to be recognized as local IPs to stay local.
+				// This covers cases like GCE load-balancers which get added to the local routing table.
+				writeLine(proxier.natRules, append(dstLocalOnlyArgs, "-j", string(svcChain))...)
+			} else {
+				writeLine(proxier.filterRules,
+					"-A", string(kubeExternalServicesChain),
 					"-m", "comment", "--comment", fmt.Sprintf(`"%s has no endpoints"`, svcNameString),
 					"-m", protocol, "-p", protocol,
 					"-d", utilproxy.ToCIDR(net.ParseIP(externalIP)),
-					"--dport", strconv.Itoa(svcInfo.port),
+					"--dport", strconv.Itoa(svcInfo.Port),
 					"-j", "REJECT",
 				)
 			}
 		}
 
 		// Capture load-balancer ingress.
-		fwChain := svcInfo.serviceFirewallChainName
-		for _, ingress := range svcInfo.loadBalancerStatus.Ingress {
-			if ingress.IP != "" {
-				// create service firewall chain
-				if chain, ok := existingNATChains[fwChain]; ok {
-					writeLine(proxier.natChains, chain)
-				} else {
-					writeLine(proxier.natChains, utiliptables.MakeChainLine(fwChain))
-				}
-				activeNATChains[fwChain] = true
-				// The service firewall rules are created based on ServiceSpec.loadBalancerSourceRanges field.
-				// This currently works for loadbalancers that preserves source ips.
-				// For loadbalancers which direct traffic to service NodePort, the firewall rules will not apply.
-
-				args = append(args[:0],
-					"-A", string(kubeServicesChain),
-					"-m", "comment", "--comment", fmt.Sprintf(`"%s loadbalancer IP"`, svcNameString),
-					"-m", protocol, "-p", protocol,
-					"-d", utilproxy.ToCIDR(net.ParseIP(ingress.IP)),
-					"--dport", strconv.Itoa(svcInfo.port),
-				)
-				// jump to service firewall chain
-				writeLine(proxier.natRules, append(args, "-j", string(fwChain))...)
-
-				args = append(args[:0],
-					"-A", string(fwChain),
-					"-m", "comment", "--comment", fmt.Sprintf(`"%s loadbalancer IP"`, svcNameString),
-				)
-
-				// Each source match rule in the FW chain may jump to either the SVC or the XLB chain
-				chosenChain := svcXlbChain
-				// If we are proxying globally, we need to masquerade in case we cross nodes.
-				// If we are proxying only locally, we can retain the source IP.
-				if !svcInfo.onlyNodeLocalEndpoints {
-					writeLine(proxier.natRules, append(args, "-j", string(KubeMarkMasqChain))...)
-					chosenChain = svcChain
-				}
+		if hasEndpoints {
+			fwChain := svcInfo.serviceFirewallChainName
+			for _, ingress := range svcInfo.LoadBalancerStatus.Ingress {
+				if ingress.IP != "" {
+					// create service firewall chain
+					if chain, ok := existingNATChains[fwChain]; ok {
+						writeLine(proxier.natChains, chain)
+					} else {
+						writeLine(proxier.natChains, utiliptables.MakeChainLine(fwChain))
+					}
+					activeNATChains[fwChain] = true
+					// The service firewall rules are created based on ServiceSpec.loadBalancerSourceRanges field.
+					// This currently works for loadbalancers that preserves source ips.
+					// For loadbalancers which direct traffic to service NodePort, the firewall rules will not apply.
+
+					args = append(args[:0],
+						"-A", string(kubeServicesChain),
+						"-m", "comment", "--comment", fmt.Sprintf(`"%s loadbalancer IP"`, svcNameString),
+						"-m", protocol, "-p", protocol,
+						"-d", utilproxy.ToCIDR(net.ParseIP(ingress.IP)),
+						"--dport", strconv.Itoa(svcInfo.Port),
+					)
+					// jump to service firewall chain
+					writeLine(proxier.natRules, append(args, "-j", string(fwChain))...)
+
+					args = append(args[:0],
+						"-A", string(fwChain),
+						"-m", "comment", "--comment", fmt.Sprintf(`"%s loadbalancer IP"`, svcNameString),
+					)
+
+					// Each source match rule in the FW chain may jump to either the SVC or the XLB chain
+					chosenChain := svcXlbChain
+					// If we are proxying globally, we need to masquerade in case we cross nodes.
+					// If we are proxying only locally, we can retain the source IP.
+					if !svcInfo.OnlyNodeLocalEndpoints {
+						writeLine(proxier.natRules, append(args, "-j", string(KubeMarkMasqChain))...)
+						chosenChain = svcChain
+					}
 
-				if len(svcInfo.loadBalancerSourceRanges) == 0 {
-					// allow all sources, so jump directly to the KUBE-SVC or KUBE-XLB chain
-					writeLine(proxier.natRules, append(args, "-j", string(chosenChain))...)
-				} else {
-					// firewall filter based on each source range
-					allowFromNode := false
-					for _, src := range svcInfo.loadBalancerSourceRanges {
-						writeLine(proxier.natRules, append(args, "-s", src, "-j", string(chosenChain))...)
-						// ignore error because it has been validated
-						_, cidr, _ := net.ParseCIDR(src)
-						if cidr.Contains(proxier.nodeIP) {
-							allowFromNode = true
+					if len(svcInfo.LoadBalancerSourceRanges) == 0 {
+						// allow all sources, so jump directly to the KUBE-SVC or KUBE-XLB chain
+						writeLine(proxier.natRules, append(args, "-j", string(chosenChain))...)
+					} else {
+						// firewall filter based on each source range
+						allowFromNode := false
+						for _, src := range svcInfo.LoadBalancerSourceRanges {
+							writeLine(proxier.natRules, append(args, "-s", src, "-j", string(chosenChain))...)
+							// ignore error because it has been validated
+							_, cidr, _ := net.ParseCIDR(src)
+							if cidr.Contains(proxier.nodeIP) {
+								allowFromNode = true
+							}
+						}
+						// generally, ip route rule was added to intercept request to loadbalancer vip from the
+						// loadbalancer's backend hosts. In this case, request will not hit the loadbalancer but loop back directly.
+						// Need to add the following rule to allow request on host.
+						if allowFromNode {
+							writeLine(proxier.natRules, append(args, "-s", utilproxy.ToCIDR(net.ParseIP(ingress.IP)), "-j", string(chosenChain))...)
 						}
 					}
-					// generally, ip route rule was added to intercept request to loadbalancer vip from the
-					// loadbalancer's backend hosts. In this case, request will not hit the loadbalancer but loop back directly.
-					// Need to add the following rule to allow request on host.
-					if allowFromNode {
-						writeLine(proxier.natRules, append(args, "-s", utilproxy.ToCIDR(net.ParseIP(ingress.IP)), "-j", string(chosenChain))...)
-					}
-				}
 
-				// If the packet was able to reach the end of firewall chain, then it did not get DNATed.
-				// It means the packet cannot go thru the firewall, then mark it for DROP
-				writeLine(proxier.natRules, append(args, "-j", string(KubeMarkDropChain))...)
+					// If the packet was able to reach the end of firewall chain, then it did not get DNATed.
+					// It means the packet cannot go thru the firewall, then mark it for DROP
+					writeLine(proxier.natRules, append(args, "-j", string(KubeMarkDropChain))...)
+				}
 			}
 		}
+		// FIXME: do we need REJECT rules for load-balancer ingress if !hasEndpoints?
 
 		// Capture nodeports.  If we had more than 2 rules it might be
 		// worthwhile to make a new per-service chain for nodeport rules, but
 		// with just 2 rules it ends up being a waste and a cognitive burden.
-		if svcInfo.nodePort != 0 {
+		if svcInfo.NodePort != 0 {
 			// Hold the local port open so no other process can open it
 			// (because the socket might open but it would never work).
 			lp := utilproxy.LocalPort{
 				Description: "nodePort for " + svcNameString,
 				IP:          "",
-				Port:        svcInfo.nodePort,
+				Port:        svcInfo.NodePort,
 				Protocol:    protocol,
 			}
 			if proxier.portsMap[lp] != nil {
@@ -1384,63 +980,54 @@ func (proxier *Proxier) syncProxyRules() {
 					// This is very low impact. The NodePort range is intentionally obscure, and unlikely to actually collide with real Services.
 					// This only affects UDP connections, which are not common.
 					// See issue: https://github.com/kubernetes/kubernetes/issues/49881
-					isIPv6 := utilproxy.IsIPv6(svcInfo.clusterIP)
-					err := utilproxy.ClearUDPConntrackForPort(proxier.exec, lp.Port, isIPv6)
+					err := conntrack.ClearEntriesForPort(proxier.exec, lp.Port, isIPv6, v1.ProtocolUDP)
 					if err != nil {
 						glog.Errorf("Failed to clear udp conntrack for port %d, error: %v", lp.Port, err)
 					}
 				}
 				replacementPortsMap[lp] = socket
-			} // We're holding the port, so it's OK to install iptables rules.
-
-			args = append(args[:0],
-				"-A", string(kubeNodePortsChain),
-				"-m", "comment", "--comment", svcNameString,
-				"-m", protocol, "-p", protocol,
-				"--dport", strconv.Itoa(svcInfo.nodePort),
-			)
-			if !svcInfo.onlyNodeLocalEndpoints {
-				// Nodeports need SNAT, unless they're local.
-				writeLine(proxier.natRules, append(args, "-j", string(KubeMarkMasqChain))...)
-				// Jump to the service chain.
-				writeLine(proxier.natRules, append(args, "-j", string(svcChain))...)
-			} else {
-				// TODO: Make all nodePorts jump to the firewall chain.
-				// Currently we only create it for loadbalancers (#33586).
-				writeLine(proxier.natRules, append(args, "-j", string(svcXlbChain))...)
 			}
 
-			// If the service has no endpoints then reject packets.  The filter
-			// table doesn't currently have the same per-service structure that
-			// the nat table does, so we just stick this into the kube-services
-			// chain.
-			if len(proxier.endpointsMap[svcName]) == 0 {
+			if hasEndpoints {
+				args = append(args[:0],
+					"-A", string(kubeNodePortsChain),
+					"-m", "comment", "--comment", svcNameString,
+					"-m", protocol, "-p", protocol,
+					"--dport", strconv.Itoa(svcInfo.NodePort),
+				)
+				if !svcInfo.OnlyNodeLocalEndpoints {
+					// Nodeports need SNAT, unless they're local.
+					writeLine(proxier.natRules, append(args, "-j", string(KubeMarkMasqChain))...)
+					// Jump to the service chain.
+					writeLine(proxier.natRules, append(args, "-j", string(svcChain))...)
+				} else {
+					// TODO: Make all nodePorts jump to the firewall chain.
+					// Currently we only create it for loadbalancers (#33586).
+
+					// Fix localhost martian source error
+					loopback := "127.0.0.0/8"
+					if isIPv6 {
+						loopback = "::1/128"
+					}
+					writeLine(proxier.natRules, append(args, "-s", loopback, "-j", string(KubeMarkMasqChain))...)
+					writeLine(proxier.natRules, append(args, "-j", string(svcXlbChain))...)
+				}
+			} else {
 				writeLine(proxier.filterRules,
-					"-A", string(kubeServicesChain),
+					"-A", string(kubeExternalServicesChain),
 					"-m", "comment", "--comment", fmt.Sprintf(`"%s has no endpoints"`, svcNameString),
 					"-m", "addrtype", "--dst-type", "LOCAL",
 					"-m", protocol, "-p", protocol,
-					"--dport", strconv.Itoa(svcInfo.nodePort),
+					"--dport", strconv.Itoa(svcInfo.NodePort),
 					"-j", "REJECT",
 				)
 			}
 		}
 
-		// If the service has no endpoints then reject packets.
-		if len(proxier.endpointsMap[svcName]) == 0 {
-			writeLine(proxier.filterRules,
-				"-A", string(kubeServicesChain),
-				"-m", "comment", "--comment", fmt.Sprintf(`"%s has no endpoints"`, svcNameString),
-				"-m", protocol, "-p", protocol,
-				"-d", utilproxy.ToCIDR(svcInfo.clusterIP),
-				"--dport", strconv.Itoa(svcInfo.port),
-				"-j", "REJECT",
-			)
+		if !hasEndpoints {
 			continue
 		}
 
-		// From here on, we assume there are active endpoints.
-
 		// Generate the per-endpoint chains.  We do this in multiple passes so we
 		// can group rules together.
 		// These two slices parallel each other - keep in sync
@@ -1448,8 +1035,13 @@ func (proxier *Proxier) syncProxyRules() {
 		endpointChains = endpointChains[:0]
 		var endpointChain utiliptables.Chain
 		for _, ep := range proxier.endpointsMap[svcName] {
-			endpoints = append(endpoints, ep)
-			endpointChain = ep.endpointChain(svcNameString, protocol)
+			epInfo, ok := ep.(*endpointsInfo)
+			if !ok {
+				glog.Errorf("Failed to cast endpointsInfo %q", ep.String())
+				continue
+			}
+			endpoints = append(endpoints, epInfo)
+			endpointChain = epInfo.endpointChain(svcNameString, protocol)
 			endpointChains = append(endpointChains, endpointChain)
 
 			// Create the endpoint chain, retaining counters if possible.
@@ -1462,13 +1054,13 @@ func (proxier *Proxier) syncProxyRules() {
 		}
 
 		// First write session affinity rules, if applicable.
-		if svcInfo.sessionAffinityType == api.ServiceAffinityClientIP {
+		if svcInfo.SessionAffinityType == api.ServiceAffinityClientIP {
 			for _, endpointChain := range endpointChains {
 				writeLine(proxier.natRules,
 					"-A", string(svcChain),
 					"-m", "comment", "--comment", svcNameString,
 					"-m", "recent", "--name", string(endpointChain),
-					"--rcheck", "--seconds", strconv.Itoa(svcInfo.stickyMaxAgeSeconds), "--reap",
+					"--rcheck", "--seconds", strconv.Itoa(svcInfo.StickyMaxAgeSeconds), "--reap",
 					"-j", string(endpointChain))
 			}
 		}
@@ -1476,7 +1068,7 @@ func (proxier *Proxier) syncProxyRules() {
 		// Now write loadbalancing & DNAT rules.
 		n := len(endpointChains)
 		for i, endpointChain := range endpointChains {
-			epIP := endpoints[i].IPPart()
+			epIP := endpoints[i].IP()
 			if epIP == "" {
 				// Error parsing this endpoint has been logged. Skip to next endpoint.
 				continue
@@ -1507,16 +1099,16 @@ func (proxier *Proxier) syncProxyRules() {
 				"-s", utilproxy.ToCIDR(net.ParseIP(epIP)),
 				"-j", string(KubeMarkMasqChain))...)
 			// Update client-affinity lists.
-			if svcInfo.sessionAffinityType == api.ServiceAffinityClientIP {
+			if svcInfo.SessionAffinityType == api.ServiceAffinityClientIP {
 				args = append(args, "-m", "recent", "--name", string(endpointChain), "--set")
 			}
 			// DNAT to final destination.
-			args = append(args, "-m", protocol, "-p", protocol, "-j", "DNAT", "--to-destination", endpoints[i].endpoint)
+			args = append(args, "-m", protocol, "-p", protocol, "-j", "DNAT", "--to-destination", endpoints[i].Endpoint)
 			writeLine(proxier.natRules, args...)
 		}
 
 		// The logic below this applies only if this service is marked as OnlyLocal
-		if !svcInfo.onlyNodeLocalEndpoints {
+		if !svcInfo.OnlyNodeLocalEndpoints {
 			continue
 		}
 
@@ -1525,7 +1117,7 @@ func (proxier *Proxier) syncProxyRules() {
 		localEndpoints := make([]*endpointsInfo, 0)
 		localEndpointChains := make([]utiliptables.Chain, 0)
 		for i := range endpointChains {
-			if endpoints[i].isLocal {
+			if endpoints[i].IsLocal {
 				// These slices parallel each other; must be kept in sync
 				localEndpoints = append(localEndpoints, endpoints[i])
 				localEndpointChains = append(localEndpointChains, endpointChains[i])
@@ -1558,13 +1150,13 @@ func (proxier *Proxier) syncProxyRules() {
 			writeLine(proxier.natRules, args...)
 		} else {
 			// First write session affinity rules only over local endpoints, if applicable.
-			if svcInfo.sessionAffinityType == api.ServiceAffinityClientIP {
+			if svcInfo.SessionAffinityType == api.ServiceAffinityClientIP {
 				for _, endpointChain := range localEndpointChains {
 					writeLine(proxier.natRules,
 						"-A", string(svcXlbChain),
 						"-m", "comment", "--comment", svcNameString,
 						"-m", "recent", "--name", string(endpointChain),
-						"--rcheck", "--seconds", strconv.Itoa(svcInfo.stickyMaxAgeSeconds), "--reap",
+						"--rcheck", "--seconds", strconv.Itoa(svcInfo.StickyMaxAgeSeconds), "--reap",
 						"-j", string(endpointChain))
 				}
 			}
@@ -1609,11 +1201,37 @@ func (proxier *Proxier) syncProxyRules() {
 
 	// Finally, tail-call to the nodeports chain.  This needs to be after all
 	// other service portal rules.
-	writeLine(proxier.natRules,
-		"-A", string(kubeServicesChain),
-		"-m", "comment", "--comment", `"kubernetes service nodeports; NOTE: this must be the last rule in this chain"`,
-		"-m", "addrtype", "--dst-type", "LOCAL",
-		"-j", string(kubeNodePortsChain))
+	addresses, err := utilproxy.GetNodeAddresses(proxier.nodePortAddresses, proxier.networkInterfacer)
+	if err != nil {
+		glog.Errorf("Failed to get node ip address matching nodeport cidr")
+	} else {
+		isIPv6 := proxier.iptables.IsIpv6()
+		for address := range addresses {
+			// TODO(thockin, m1093782566): If/when we have dual-stack support we will want to distinguish v4 from v6 zero-CIDRs.
+			if utilproxy.IsZeroCIDR(address) {
+				args = append(args[:0],
+					"-A", string(kubeServicesChain),
+					"-m", "comment", "--comment", `"kubernetes service nodeports; NOTE: this must be the last rule in this chain"`,
+					"-m", "addrtype", "--dst-type", "LOCAL",
+					"-j", string(kubeNodePortsChain))
+				writeLine(proxier.natRules, args...)
+				// Nothing else matters after the zero CIDR.
+				break
+			}
+			// Ignore IP addresses with incorrect version
+			if isIPv6 && !utilnet.IsIPv6String(address) || !isIPv6 && utilnet.IsIPv6String(address) {
+				glog.Errorf("IP address %s has incorrect IP version", address)
+				continue
+			}
+			// create nodeport rules for each IP one by one
+			args = append(args[:0],
+				"-A", string(kubeServicesChain),
+				"-m", "comment", "--comment", `"kubernetes service nodeports; NOTE: this must be the last rule in this chain"`,
+				"-d", address,
+				"-j", string(kubeNodePortsChain))
+			writeLine(proxier.natRules, args...)
+		}
+	}
 
 	// If the masqueradeMark has been added then we want to forward that same
 	// traffic, this allows NodePort traffic to be forwarded even if the default
@@ -1687,21 +1305,21 @@ func (proxier *Proxier) syncProxyRules() {
 	// Update healthchecks.  The endpoints list might include services that are
 	// not "OnlyLocal", but the services list will not, and the healthChecker
 	// will just drop those endpoints.
-	if err := proxier.healthChecker.SyncServices(serviceUpdateResult.hcServices); err != nil {
+	if err := proxier.healthChecker.SyncServices(serviceUpdateResult.HCServiceNodePorts); err != nil {
 		glog.Errorf("Error syncing healtcheck services: %v", err)
 	}
-	if err := proxier.healthChecker.SyncEndpoints(endpointUpdateResult.hcEndpoints); err != nil {
+	if err := proxier.healthChecker.SyncEndpoints(endpointUpdateResult.HCEndpointsLocalIPSize); err != nil {
 		glog.Errorf("Error syncing healthcheck endoints: %v", err)
 	}
 
 	// Finish housekeeping.
 	// TODO: these could be made more consistent.
 	for _, svcIP := range staleServices.UnsortedList() {
-		if err := utilproxy.ClearUDPConntrackForIP(proxier.exec, svcIP); err != nil {
+		if err := conntrack.ClearEntriesForIP(proxier.exec, svcIP, v1.ProtocolUDP); err != nil {
 			glog.Errorf("Failed to delete stale service IP %s connections, error: %v", svcIP, err)
 		}
 	}
-	proxier.deleteEndpointConnections(endpointUpdateResult.staleEndpoints)
+	proxier.deleteEndpointConnections(endpointUpdateResult.StaleEndpoints)
 }
 
 // Join all words with spaces, terminate with newline and write to buf.
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/BUILD b/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/BUILD
index 30945e443348..2bb1b01d100b 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/BUILD
@@ -12,20 +12,19 @@ go_test(
         "ipset_test.go",
         "proxier_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/proxy/ipvs",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/proxy:go_default_library",
         "//pkg/proxy/ipvs/testing:go_default_library",
         "//pkg/proxy/util:go_default_library",
+        "//pkg/proxy/util/testing:go_default_library",
         "//pkg/util/ipset:go_default_library",
         "//pkg/util/ipset/testing:go_default_library",
         "//pkg/util/iptables:go_default_library",
         "//pkg/util/iptables/testing:go_default_library",
         "//pkg/util/ipvs:go_default_library",
         "//pkg/util/ipvs/testing:go_default_library",
-        "//vendor/github.com/davecgh/go-spew/spew:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
@@ -40,42 +39,69 @@ go_library(
     srcs = [
         "ipset.go",
         "netlink.go",
-        "netlink_unsupported.go",
         "proxier.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "netlink_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "netlink_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "netlink_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "netlink_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "netlink_linux.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "netlink_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "netlink_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "netlink_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "netlink_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "netlink_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "netlink_unsupported.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/proxy/ipvs",
     deps = [
-        "//pkg/api/service:go_default_library",
         "//pkg/apis/core:go_default_library",
-        "//pkg/apis/core/helper:go_default_library",
-        "//pkg/features:go_default_library",
         "//pkg/proxy:go_default_library",
         "//pkg/proxy/healthcheck:go_default_library",
         "//pkg/proxy/metrics:go_default_library",
         "//pkg/proxy/util:go_default_library",
         "//pkg/util/async:go_default_library",
+        "//pkg/util/conntrack:go_default_library",
         "//pkg/util/ipset:go_default_library",
         "//pkg/util/iptables:go_default_library",
         "//pkg/util/ipvs:go_default_library",
+        "//pkg/util/net:go_default_library",
         "//pkg/util/sysctl:go_default_library",
         "//pkg/util/version:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/client-go/tools/record:go_default_library",
         "//vendor/k8s.io/utils/exec:go_default_library",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/github.com/vishvananda/netlink:go_default_library",
+            "//vendor/golang.org/x/sys/unix:go_default_library",
         ],
         "//conditions:default": [],
     }),
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/OWNERS b/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/OWNERS
new file mode 100644
index 000000000000..6cc306c646ae
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/OWNERS
@@ -0,0 +1,8 @@
+reviewers:
+- thockin
+- brendandburns
+- m1093782566
+approvers:
+- thockin
+- brendandburns
+- m1093782566
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/README.md b/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/README.md
index c0f616c92170..6af327f0b511 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/README.md
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/README.md
@@ -8,60 +8,41 @@ This document shows how to use kube-proxy ipvs mode.
 Linux kernel.
 
 IPVS runs on a host and acts as a load balancer in front of a cluster of real servers. IPVS can direct requests for TCP
-and UDP-based services to the real servers, and make services of real servers appear as irtual services on a single IP address.
+and UDP-based services to the real servers, and make services of real servers appear as virtual services on a single IP address.
 
-## How to use
+## Run kube-proxy in ipvs mode
 
-#### Load IPVS kernel modules
+Currently, local-up scripts and kubeadm support switching IPVS proxy mode via exporting environment variables or specifying flags.
 
-Currently the IPVS kernel module can't be loaded automatically, so first we should use the following command to load IPVS kernel
-modules manually.
-
-```shell
-modprobe ip_vs
-modprobe ip_vs_rr
-modprobe ip_vs_wrr
-modprobe ip_vs_sh
-modprobe nf_conntrack_ipv4
-```
-
-After that, use `lsmod | grep ip_vs` to make sure kernel modules are loaded.
-
-#### Run kube-proxy in ipvs mode
-
-#### Local UP Cluster
+### Local UP Cluster
 
 Kube-proxy will run in iptables mode by default in a [local-up cluster](https://github.com/kubernetes/community/blob/master/contributors/devel/running-locally.md). 
 
-Users should export the env `KUBEPROXY_MODE=ipvs` to specify the ipvs mode before deploying the cluster if want to run kube-proxy in ipvs mode.
+Users should export the env `KUBE_PROXY_MODE=ipvs` to specify the ipvs mode before deploying the cluster if want to run kube-proxy in ipvs mode.
 
-#### Cluster Created by Kubeadm
+### Cluster Created by Kubeadm
 
 Kube-proxy will run in iptables mode by default in a cluster deployed by [kubeadm](https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/). 
 
-Since IPVS mode is still feature-gated, users should add the flag `--feature-gates=SupportIPVSProxyMode=true` in `kubeadm init` command
-
-```
-kubeadm init --feature-gates=SupportIPVSProxyMode=true
-```
-
-to specify the ipvs mode before deploying the cluster if want to run kube-proxy in ipvs mode.
-
-If you are using kubeadm with a configuration file, you can specify the ipvs mode adding `SupportIPVSProxyMode: true` below the `featureGates` field.
+If you are using kubeadm with a [configuration file](https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-init/#config-file), you can specify the ipvs mode adding `SupportIPVSProxyMode: true` below the `kubeProxy` field.
 Then the configuration file is similar to:
 
 ```json
 kind: MasterConfiguration
 apiVersion: kubeadm.k8s.io/v1alpha1
 ...
-featureGates:
-  SupportIPVSProxyMode: true
+kubeProxy:
+  config:
+    featureGates: SupportIPVSProxyMode=true
+    mode: ipvs
 ...
 ```
 
-#### Test
+## Debug
+
+### Check IPVS proxy rules
 
-Use `ipvsadm` tool to test whether the kube-proxy start succeed. By default we may get result like:
+People can use `ipvsadm` tool to check whether kube-proxy are maintaining IPVS rules correctly. For example, we may get IPVS proxy rules like:
 
 ```shell
 # ipvsadm -ln
@@ -73,3 +54,29 @@ TCP  10.0.0.1:443 rr persistent 10800
 TCP  10.0.0.10:53 rr      
 UDP  10.0.0.10:53 rr
 ```
+
+### Why kube-proxy can't start IPVS mode
+
+People can do the following check list step by step:
+
+**1. Enable IPVS feature gateway**
+
+Currently IPVS-based kube-proxy is still in alpha phase, people need to enable `--feature-gates=SupportIPVSProxyMode=true` explicitly.
+
+**2. Specify proxy-mode=ipvs**
+
+Tell kube-proxy that proxy-mode=ipvs, please.
+
+**3. Load ipvs required kernel modules**
+
+The following kernel modules are required by IPVS-based kube-proxy:
+
+```shell
+ip_vs
+ip_vs_rr
+ip_vs_wrr
+ip_vs_sh
+nf_conntrack_ipv4
+```
+
+IPVS-based kube-proxy will load them automatically. If it fails to load them, please check whether they are compiled into your kernel.
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/ipset.go b/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/ipset.go
index 0a01f0bacc67..16637455b7b9 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/ipset.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/ipset.go
@@ -89,6 +89,10 @@ func NewIPSet(handle utilipset.Interface, name string, setType utilipset.Type, i
 	return set
 }
 
+func (set *IPSet) validateEntry(entry *utilipset.Entry) bool {
+	return entry.Validate(&set.IPSet)
+}
+
 func (set *IPSet) isEmpty() bool {
 	return len(set.activeEntries.UnsortedList()) == 0
 }
@@ -114,14 +118,16 @@ func (set *IPSet) syncIPSetEntries() {
 		// Clean legacy entries
 		for _, entry := range currentIPSetEntries.Difference(set.activeEntries).List() {
 			if err := set.handle.DelEntry(entry, set.Name); err != nil {
-				glog.Errorf("Failed to delete ip set entry: %s from ip set: %s, error: %v", entry, set.Name, err)
+				if !utilipset.IsNotFoundError(err) {
+					glog.Errorf("Failed to delete ip set entry: %s from ip set: %s, error: %v", entry, set.Name, err)
+				}
 			} else {
 				glog.V(3).Infof("Successfully delete legacy ip set entry: %s from ip set: %s", entry, set.Name)
 			}
 		}
 		// Create active entries
 		for _, entry := range set.activeEntries.Difference(currentIPSetEntries).List() {
-			if err := set.handle.AddEntry(entry, set.Name, true); err != nil {
+			if err := set.handle.AddEntry(entry, &set.IPSet, true); err != nil {
 				glog.Errorf("Failed to add entry: %v to ip set: %s, error: %v", entry, set.Name, err)
 			} else {
 				glog.V(3).Infof("Successfully add entry: %v to ip set: %s", entry, set.Name)
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/netlink.go b/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/netlink.go
index 4f66f706ee5a..45551da36ad2 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/netlink.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/netlink.go
@@ -16,14 +16,21 @@ limitations under the License.
 
 package ipvs
 
+import (
+	"k8s.io/apimachinery/pkg/util/sets"
+)
+
 // NetLinkHandle for revoke netlink interface
 type NetLinkHandle interface {
-	// EnsureAddressBind checks if address is bound to the interface and, if not, binds it. If the address is already bound, return true.
+	// EnsureAddressBind checks if address is bound to the interface and, if not, binds it.  If the address is already bound, return true.
 	EnsureAddressBind(address, devName string) (exist bool, err error)
 	// UnbindAddress unbind address from the interface
 	UnbindAddress(address, devName string) error
-	// EnsureDummyDevice checks if dummy device is exist and, if not, create one. If the dummy device is already exist, return true.
+	// EnsureDummyDevice checks if dummy device is exist and, if not, create one.  If the dummy device is already exist, return true.
 	EnsureDummyDevice(devName string) (exist bool, err error)
 	// DeleteDummyDevice deletes the given dummy device by name.
 	DeleteDummyDevice(devName string) error
+	// GetLocalAddresses returns all unique local type IP addresses based on filter device interface.  If filter device is not given,
+	// it will list all unique local type addresses.
+	GetLocalAddresses(filterDev string) (sets.String, error)
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/netlink_linux.go b/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/netlink_linux.go
index e709afafabbd..8277ace35ec4 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/netlink_linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/netlink_linux.go
@@ -21,16 +21,18 @@ package ipvs
 import (
 	"fmt"
 	"net"
-	"syscall"
+
+	"k8s.io/apimachinery/pkg/util/sets"
 
 	"github.com/vishvananda/netlink"
+	"golang.org/x/sys/unix"
 )
 
 type netlinkHandle struct {
 	netlink.Handle
 }
 
-// NewNetLinkHandle will crate a new netlinkHandle
+// NewNetLinkHandle will crate a new NetLinkHandle
 func NewNetLinkHandle() NetLinkHandle {
 	return &netlinkHandle{netlink.Handle{}}
 }
@@ -47,7 +49,7 @@ func (h *netlinkHandle) EnsureAddressBind(address, devName string) (exist bool,
 	}
 	if err := h.AddrAdd(dev, &netlink.Addr{IPNet: netlink.NewIPNet(addr)}); err != nil {
 		// "EEXIST" will be returned if the address is already bound to device
-		if err == syscall.Errno(syscall.EEXIST) {
+		if err == unix.EEXIST {
 			return true, nil
 		}
 		return false, fmt.Errorf("error bind address: %s to interface: %s, err: %v", address, devName, err)
@@ -55,7 +57,7 @@ func (h *netlinkHandle) EnsureAddressBind(address, devName string) (exist bool,
 	return false, nil
 }
 
-// UnbindAddress unbind address from the interface
+// UnbindAddress makes sure IP address is unbound from the network interface.
 func (h *netlinkHandle) UnbindAddress(address, devName string) error {
 	dev, err := h.LinkByName(devName)
 	if err != nil {
@@ -66,7 +68,9 @@ func (h *netlinkHandle) UnbindAddress(address, devName string) error {
 		return fmt.Errorf("error parse ip address: %s", address)
 	}
 	if err := h.AddrDel(dev, &netlink.Addr{IPNet: netlink.NewIPNet(addr)}); err != nil {
-		return fmt.Errorf("error unbind address: %s from interface: %s, err: %v", address, devName, err)
+		if err != unix.ENXIO {
+			return fmt.Errorf("error unbind address: %s from interface: %s, err: %v", address, devName, err)
+		}
 	}
 	return nil
 }
@@ -88,7 +92,11 @@ func (h *netlinkHandle) EnsureDummyDevice(devName string) (bool, error) {
 func (h *netlinkHandle) DeleteDummyDevice(devName string) error {
 	link, err := h.LinkByName(devName)
 	if err != nil {
-		return fmt.Errorf("error deleting a non-exist dummy device: %s", devName)
+		_, ok := err.(netlink.LinkNotFoundError)
+		if ok {
+			return nil
+		}
+		return fmt.Errorf("error deleting a non-exist dummy device: %s, %v", devName, err)
 	}
 	dummy, ok := link.(*netlink.Dummy)
 	if !ok {
@@ -96,3 +104,59 @@ func (h *netlinkHandle) DeleteDummyDevice(devName string) error {
 	}
 	return h.LinkDel(dummy)
 }
+
+// GetLocalAddresses lists all LOCAL type IP addresses from host based on filter device.
+// If filter device is not specified, it's equivalent to exec:
+// $ ip route show table local type local proto kernel
+// 10.0.0.1 dev kube-ipvs0  scope host  src 10.0.0.1
+// 10.0.0.10 dev kube-ipvs0  scope host  src 10.0.0.10
+// 10.0.0.252 dev kube-ipvs0  scope host  src 10.0.0.252
+// 100.106.89.164 dev eth0  scope host  src 100.106.89.164
+// 127.0.0.0/8 dev lo  scope host  src 127.0.0.1
+// 127.0.0.1 dev lo  scope host  src 127.0.0.1
+// 172.17.0.1 dev docker0  scope host  src 172.17.0.1
+// 192.168.122.1 dev virbr0  scope host  src 192.168.122.1
+// Then cut the unique src IP fields,
+// --> result set: [10.0.0.1, 10.0.0.10, 10.0.0.252, 100.106.89.164, 127.0.0.1, 192.168.122.1]
+
+// If filter device is specified, it's equivalent to exec:
+// $ ip route show table local type local proto kernel dev kube-ipvs0
+// 10.0.0.1  scope host  src 10.0.0.1
+// 10.0.0.10  scope host  src 10.0.0.10
+// Then cut the unique src IP fields,
+// --> result set: [10.0.0.1, 10.0.0.10]
+func (h *netlinkHandle) GetLocalAddresses(filterDev string) (sets.String, error) {
+	linkIndex := -1
+	if len(filterDev) != 0 {
+		link, err := h.LinkByName(filterDev)
+		if err != nil {
+			return nil, fmt.Errorf("error get filter device %s, err: %v", filterDev, err)
+		}
+		linkIndex = link.Attrs().Index
+	}
+
+	routeFilter := &netlink.Route{
+		Table:    unix.RT_TABLE_LOCAL,
+		Type:     unix.RTN_LOCAL,
+		Protocol: unix.RTPROT_KERNEL,
+	}
+	filterMask := netlink.RT_FILTER_TABLE | netlink.RT_FILTER_TYPE | netlink.RT_FILTER_PROTOCOL
+
+	// find filter device
+	if linkIndex != -1 {
+		routeFilter.LinkIndex = linkIndex
+		filterMask |= netlink.RT_FILTER_OIF
+	}
+
+	routes, err := h.RouteListFiltered(netlink.FAMILY_ALL, routeFilter, filterMask)
+	if err != nil {
+		return nil, fmt.Errorf("error list route table, err: %v", err)
+	}
+	res := sets.NewString()
+	for _, route := range routes {
+		if route.Src != nil {
+			res.Insert(route.Src.String())
+		}
+	}
+	return res, nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/netlink_unsupported.go b/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/netlink_unsupported.go
index 1e22685b2793..b70550387ad0 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/netlink_unsupported.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/netlink_unsupported.go
@@ -20,6 +20,8 @@ package ipvs
 
 import (
 	"fmt"
+
+	"k8s.io/apimachinery/pkg/util/sets"
 )
 
 type emptyHandle struct {
@@ -49,3 +51,8 @@ func (h *emptyHandle) EnsureDummyDevice(devName string) (bool, error) {
 func (h *emptyHandle) DeleteDummyDevice(devName string) error {
 	return fmt.Errorf("netlink is not supported in this platform")
 }
+
+// GetLocalAddresses is part of interface.
+func (h *emptyHandle) GetLocalAddresses(filterDev string) (sets.String, error) {
+	return nil, fmt.Errorf("netlink is not supported in this platform")
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/proxier.go b/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/proxier.go
index 5f5a09d24473..7f0e7630fdbb 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/proxier.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/ipvs/proxier.go
@@ -24,7 +24,6 @@ import (
 	"bytes"
 	"fmt"
 	"net"
-	"reflect"
 	"strconv"
 	"strings"
 	"sync"
@@ -35,23 +34,20 @@ import (
 
 	clientv1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
-	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/apimachinery/pkg/util/wait"
-	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	"k8s.io/client-go/tools/record"
-	apiservice "k8s.io/kubernetes/pkg/api/service"
 	api "k8s.io/kubernetes/pkg/apis/core"
-	"k8s.io/kubernetes/pkg/apis/core/helper"
-	"k8s.io/kubernetes/pkg/features"
 	"k8s.io/kubernetes/pkg/proxy"
 	"k8s.io/kubernetes/pkg/proxy/healthcheck"
 	"k8s.io/kubernetes/pkg/proxy/metrics"
 	utilproxy "k8s.io/kubernetes/pkg/proxy/util"
 	"k8s.io/kubernetes/pkg/util/async"
+	"k8s.io/kubernetes/pkg/util/conntrack"
 	utilipset "k8s.io/kubernetes/pkg/util/ipset"
 	utiliptables "k8s.io/kubernetes/pkg/util/iptables"
 	utilipvs "k8s.io/kubernetes/pkg/util/ipvs"
+	utilnet "k8s.io/kubernetes/pkg/util/net"
 	utilsysctl "k8s.io/kubernetes/pkg/util/sysctl"
 	utilexec "k8s.io/utils/exec"
 )
@@ -82,6 +78,15 @@ const (
 	DefaultDummyDevice = "kube-ipvs0"
 )
 
+// tableChainsWithJumpService is the iptables chains ipvs proxy mode used.
+var tableChainsWithJumpService = []struct {
+	table utiliptables.Table
+	chain utiliptables.Chain
+}{
+	{utiliptables.TableNAT, utiliptables.ChainOutput},
+	{utiliptables.TableNAT, utiliptables.ChainPrerouting},
+}
+
 var ipvsModules = []string{
 	"ip_vs",
 	"ip_vs_rr",
@@ -90,7 +95,7 @@ var ipvsModules = []string{
 	"nf_conntrack_ipv4",
 }
 
-// In IPVS proxy mode, the following flags need to be setted
+// In IPVS proxy mode, the following flags need to be set
 const sysctlRouteLocalnet = "net/ipv4/conf/all/route_localnet"
 const sysctlBridgeCallIPTables = "net/bridge/bridge-nf-call-iptables"
 const sysctlVSConnTrack = "net/ipv4/vs/conntrack"
@@ -103,12 +108,12 @@ type Proxier struct {
 	// services that happened since last syncProxyRules call. For a single object,
 	// changes are accumulated, i.e. previous is state from before all of them,
 	// current is state after applying all of those.
-	endpointsChanges endpointsChangeMap
-	serviceChanges   serviceChangeMap
+	endpointsChanges *proxy.EndpointChangeTracker
+	serviceChanges   *proxy.ServiceChangeTracker
 
 	mu           sync.Mutex // protects the following fields
-	serviceMap   proxyServiceMap
-	endpointsMap proxyEndpointsMap
+	serviceMap   proxy.ServiceMap
+	endpointsMap proxy.EndpointsMap
 	portsMap     map[utilproxy.LocalPort]utilproxy.Closeable
 	// endpointsSynced and servicesSynced are set to true when corresponding
 	// objects are synced after startup. This is used to avoid updating ipvs rules
@@ -164,6 +169,11 @@ type Proxier struct {
 	// lbWhiteListIPSet is the hash:ip,port,net type ipset where stores all service load balancer ingress IP:Port,sourceCIDR pair, any packets
 	// from the source CIDR visit ingress IP:Port can pass through.
 	lbWhiteListCIDRSet *IPSet
+	// Values are as a parameter to select the interfaces where nodeport works.
+	nodePortAddresses []string
+	// networkInterfacer defines an interface for several net library functions.
+	// Inject for test purpose.
+	networkInterfacer utilproxy.NetworkInterfacer
 }
 
 // IPGetter helps get node network interface IP
@@ -171,36 +181,57 @@ type IPGetter interface {
 	NodeIPs() ([]net.IP, error)
 }
 
-type realIPGetter struct{}
+// realIPGetter is a real NodeIP handler, it implements IPGetter.
+type realIPGetter struct {
+	// nl is a handle for revoking netlink interface
+	nl NetLinkHandle
+}
 
+// NodeIPs returns all LOCAL type IP addresses from host which are taken as the Node IPs of NodePort service.
+// Firstly, it will list source IP exists in local route table with `kernel` protocol type.  For example,
+// $ ip route show table local type local proto kernel
+// 10.0.0.1 dev kube-ipvs0  scope host  src 10.0.0.1
+// 10.0.0.10 dev kube-ipvs0  scope host  src 10.0.0.10
+// 10.0.0.252 dev kube-ipvs0  scope host  src 10.0.0.252
+// 100.106.89.164 dev eth0  scope host  src 100.106.89.164
+// 127.0.0.0/8 dev lo  scope host  src 127.0.0.1
+// 127.0.0.1 dev lo  scope host  src 127.0.0.1
+// 172.17.0.1 dev docker0  scope host  src 172.17.0.1
+// 192.168.122.1 dev virbr0  scope host  src 192.168.122.1
+// Then cut the unique src IP fields,
+// --> result set1: [10.0.0.1, 10.0.0.10, 10.0.0.252, 100.106.89.164, 127.0.0.1, 192.168.122.1]
+
+// NOTE: For cases where an LB acts as a VIP (e.g. Google cloud), the VIP IP is considered LOCAL, but the protocol
+// of the entry is 66, e.g. `10.128.0.6 dev ens4  proto 66  scope host`.  Therefore, the rule mentioned above will
+// filter these entries out.
+
+// Secondly, as we bind Cluster IPs to the dummy interface in IPVS proxier, we need to filter the them out so that
+// we can eventually get the Node IPs.  Fortunately, the dummy interface created by IPVS proxier is known as `kube-ipvs0`,
+// so we just need to specify the `dev kube-ipvs0` argument in ip route command, for example,
+// $ ip route show table local type local proto kernel dev kube-ipvs0
+// 10.0.0.1  scope host  src 10.0.0.1
+// 10.0.0.10  scope host  src 10.0.0.10
+// Then cut the unique src IP fields,
+// --> result set2: [10.0.0.1, 10.0.0.10]
+
+// Finally, Node IP set = set1 - set2
 func (r *realIPGetter) NodeIPs() (ips []net.IP, err error) {
-	interfaces, err := net.Interfaces()
+	// Pass in empty filter device name for list all LOCAL type addresses.
+	allAddress, err := r.nl.GetLocalAddresses("")
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("error listing LOCAL type addresses from host, error: %v", err)
 	}
-	for i := range interfaces {
-		name := interfaces[i].Name
-		// We assume node ip bind to eth{x}
-		if !strings.HasPrefix(name, "eth") {
-			continue
-		}
-		intf, err := net.InterfaceByName(name)
-		if err != nil {
-			utilruntime.HandleError(fmt.Errorf("Failed to get interface by name: %s, error: %v", name, err))
-			continue
-		}
-		addrs, err := intf.Addrs()
-		if err != nil {
-			utilruntime.HandleError(fmt.Errorf("Failed to get addresses from interface: %s, error: %v", name, err))
-			continue
-		}
-		for _, a := range addrs {
-			if ipnet, ok := a.(*net.IPNet); ok {
-				ips = append(ips, ipnet.IP)
-			}
-		}
+	dummyAddress, err := r.nl.GetLocalAddresses(DefaultDummyDevice)
+	if err != nil {
+		return nil, fmt.Errorf("error listing LOCAL type addresses from device: %s, error: %v", DefaultDummyDevice, err)
+	}
+	// exclude ip address from dummy interface created by IPVS proxier - they are all Cluster IPs.
+	nodeAddress := allAddress.Difference(dummyAddress)
+	// translate ip string to IP
+	for _, ipStr := range nodeAddress.UnsortedList() {
+		ips = append(ips, net.ParseIP(ipStr))
 	}
-	return
+	return ips, nil
 }
 
 // Proxier implements ProxyProvider
@@ -226,6 +257,7 @@ func NewProxier(ipt utiliptables.Interface,
 	recorder record.EventRecorder,
 	healthzServer healthcheck.HealthzUpdater,
 	scheduler string,
+	nodePortAddresses []string,
 ) (*Proxier, error) {
 	// Set the route_localnet sysctl we need for
 	if err := sysctl.SetSysctl(sysctlRouteLocalnet, 1); err != nil {
@@ -258,8 +290,14 @@ func NewProxier(ipt utiliptables.Interface,
 		nodeIP = net.ParseIP("127.0.0.1")
 	}
 
+	isIPv6 := utilnet.IsIPv6(nodeIP)
+
+	glog.V(2).Infof("nodeIP: %v, isIPv6: %v", nodeIP, isIPv6)
+
 	if len(clusterCIDR) == 0 {
 		glog.Warningf("clusterCIDR not specified, unable to distinguish between internal and external traffic")
+	} else if utilnet.IsIPv6CIDR(clusterCIDR) != isIPv6 {
+		return nil, fmt.Errorf("clusterCIDR %s has incorrect IP version: expect isIPv6=%t", clusterCIDR, isIPv6)
 	}
 
 	if len(scheduler) == 0 {
@@ -269,16 +307,12 @@ func NewProxier(ipt utiliptables.Interface,
 
 	healthChecker := healthcheck.NewServer(hostname, recorder, nil, nil) // use default implementations of deps
 
-	isIPv6 := utilproxy.IsIPv6(nodeIP)
-
-	glog.V(2).Infof("nodeIP: %v, isIPv6: %v", nodeIP, isIPv6)
-
 	proxier := &Proxier{
 		portsMap:           make(map[utilproxy.LocalPort]utilproxy.Closeable),
-		serviceMap:         make(proxyServiceMap),
-		serviceChanges:     newServiceChangeMap(),
-		endpointsMap:       make(proxyEndpointsMap),
-		endpointsChanges:   newEndpointsChangeMap(hostname),
+		serviceMap:         make(proxy.ServiceMap),
+		serviceChanges:     proxy.NewServiceChangeTracker(newServiceInfo, &isIPv6, recorder),
+		endpointsMap:       make(proxy.EndpointsMap),
+		endpointsChanges:   proxy.NewEndpointChangeTracker(hostname, nil, &isIPv6, recorder),
 		syncPeriod:         syncPeriod,
 		minSyncPeriod:      minSyncPeriod,
 		iptables:           ipt,
@@ -294,7 +328,7 @@ func NewProxier(ipt utiliptables.Interface,
 		healthzServer:      healthzServer,
 		ipvs:               ipvs,
 		ipvsScheduler:      scheduler,
-		ipGetter:           &realIPGetter{},
+		ipGetter:           &realIPGetter{nl: NewNetLinkHandle()},
 		iptablesData:       bytes.NewBuffer(nil),
 		natChains:          bytes.NewBuffer(nil),
 		natRules:           bytes.NewBuffer(nil),
@@ -309,6 +343,8 @@ func NewProxier(ipt utiliptables.Interface,
 		lbWhiteListCIDRSet: NewIPSet(ipset, KubeLoadBalancerSourceCIDRSet, utilipset.HashIPPortNet, isIPv6),
 		nodePortSetTCP:     NewIPSet(ipset, KubeNodePortSetTCP, utilipset.BitmapPort, false),
 		nodePortSetUDP:     NewIPSet(ipset, KubeNodePortSetUDP, utilipset.BitmapPort, false),
+		nodePortAddresses:  nodePortAddresses,
+		networkInterfacer:  utilproxy.RealNetwork{},
 	}
 	burstSyncs := 2
 	glog.V(3).Infof("minSyncPeriod: %v, syncPeriod: %v, burstSyncs: %d", minSyncPeriod, syncPeriod, burstSyncs)
@@ -316,399 +352,72 @@ func NewProxier(ipt utiliptables.Interface,
 	return proxier, nil
 }
 
-type proxyServiceMap map[proxy.ServicePortName]*serviceInfo
-
 // internal struct for string service information
 type serviceInfo struct {
-	clusterIP                net.IP
-	port                     int
-	protocol                 api.Protocol
-	nodePort                 int
-	loadBalancerStatus       api.LoadBalancerStatus
-	sessionAffinityType      api.ServiceAffinity
-	stickyMaxAgeSeconds      int
-	externalIPs              []string
-	loadBalancerSourceRanges []string
-	onlyNodeLocalEndpoints   bool
-	healthCheckNodePort      int
+	*proxy.BaseServiceInfo
 	// The following fields are computed and stored for performance reasons.
 	serviceNameString string
 }
 
-// <serviceMap> is updated by this function (based on the given changes).
-// <changes> map is cleared after applying them.
-func updateServiceMap(
-	serviceMap proxyServiceMap,
-	changes *serviceChangeMap) (result updateServiceMapResult) {
-	result.staleServices = sets.NewString()
-
-	func() {
-		changes.lock.Lock()
-		defer changes.lock.Unlock()
-		for _, change := range changes.items {
-			existingPorts := serviceMap.merge(change.current)
-			serviceMap.unmerge(change.previous, existingPorts, result.staleServices)
-		}
-		changes.items = make(map[types.NamespacedName]*serviceChange)
-	}()
-
-	// TODO: If this will appear to be computationally expensive, consider
-	// computing this incrementally similarly to serviceMap.
-	result.hcServices = make(map[types.NamespacedName]uint16)
-	for svcPortName, info := range serviceMap {
-		if info.healthCheckNodePort != 0 {
-			result.hcServices[svcPortName.NamespacedName] = uint16(info.healthCheckNodePort)
-		}
-	}
-
-	return result
-}
-
-// returns a new serviceInfo struct
-func newServiceInfo(svcPortName proxy.ServicePortName, port *api.ServicePort, service *api.Service) *serviceInfo {
-	onlyNodeLocalEndpoints := false
-	if utilfeature.DefaultFeatureGate.Enabled(features.ExternalTrafficLocalOnly) &&
-		apiservice.RequestsOnlyLocalTraffic(service) {
-		onlyNodeLocalEndpoints = true
-	}
-	var stickyMaxAgeSeconds int
-	if service.Spec.SessionAffinity == api.ServiceAffinityClientIP {
-		stickyMaxAgeSeconds = int(*service.Spec.SessionAffinityConfig.ClientIP.TimeoutSeconds)
-	}
-	info := &serviceInfo{
-		clusterIP: net.ParseIP(service.Spec.ClusterIP),
-		port:      int(port.Port),
-		protocol:  port.Protocol,
-		nodePort:  int(port.NodePort),
-		// Deep-copy in case the service instance changes
-		loadBalancerStatus:       *helper.LoadBalancerStatusDeepCopy(&service.Status.LoadBalancer),
-		sessionAffinityType:      service.Spec.SessionAffinity,
-		stickyMaxAgeSeconds:      stickyMaxAgeSeconds,
-		externalIPs:              make([]string, len(service.Spec.ExternalIPs)),
-		loadBalancerSourceRanges: make([]string, len(service.Spec.LoadBalancerSourceRanges)),
-		onlyNodeLocalEndpoints:   onlyNodeLocalEndpoints,
-	}
-
-	copy(info.loadBalancerSourceRanges, service.Spec.LoadBalancerSourceRanges)
-	copy(info.externalIPs, service.Spec.ExternalIPs)
-
-	if apiservice.NeedsHealthCheck(service) {
-		p := service.Spec.HealthCheckNodePort
-		if p == 0 {
-			glog.Errorf("Service %q has no healthcheck nodeport", svcPortName.NamespacedName.String())
-		} else {
-			info.healthCheckNodePort = int(p)
-		}
-	}
+// returns a new proxy.ServicePort which abstracts a serviceInfo
+func newServiceInfo(port *api.ServicePort, service *api.Service, baseInfo *proxy.BaseServiceInfo) proxy.ServicePort {
+	info := &serviceInfo{BaseServiceInfo: baseInfo}
 
 	// Store the following for performance reasons.
+	svcName := types.NamespacedName{Namespace: service.Namespace, Name: service.Name}
+	svcPortName := proxy.ServicePortName{NamespacedName: svcName, Port: port.Name}
 	info.serviceNameString = svcPortName.String()
 
 	return info
 }
 
-func (sm *proxyServiceMap) merge(other proxyServiceMap) sets.String {
-	existingPorts := sets.NewString()
-	for svcPortName, info := range other {
-		existingPorts.Insert(svcPortName.Port)
-		_, exists := (*sm)[svcPortName]
-		if !exists {
-			glog.V(1).Infof("Adding new service port %q at %s:%d/%s", svcPortName, info.clusterIP, info.port, info.protocol)
-		} else {
-			glog.V(1).Infof("Updating existing service port %q at %s:%d/%s", svcPortName, info.clusterIP, info.port, info.protocol)
-		}
-		(*sm)[svcPortName] = info
-	}
-	return existingPorts
-}
-
-func (sm *proxyServiceMap) unmerge(other proxyServiceMap, existingPorts, staleServices sets.String) {
-	for svcPortName := range other {
-		if existingPorts.Has(svcPortName.Port) {
-			continue
-		}
-		info, exists := (*sm)[svcPortName]
-		if exists {
-			glog.V(1).Infof("Removing service port %q", svcPortName)
-			if info.protocol == api.ProtocolUDP {
-				staleServices.Insert(info.clusterIP.String())
-			}
-			delete(*sm, svcPortName)
-		} else {
-			glog.Errorf("Service port %q removed, but doesn't exists", svcPortName)
-		}
-	}
-}
-
-type serviceChangeMap struct {
-	lock  sync.Mutex
-	items map[types.NamespacedName]*serviceChange
-}
-
-type serviceChange struct {
-	previous proxyServiceMap
-	current  proxyServiceMap
-}
-
-type updateEndpointMapResult struct {
-	hcEndpoints       map[types.NamespacedName]int
-	staleEndpoints    map[endpointServicePair]bool
-	staleServiceNames map[proxy.ServicePortName]bool
-}
-
-type updateServiceMapResult struct {
-	hcServices    map[types.NamespacedName]uint16
-	staleServices sets.String
-}
-
-func newServiceChangeMap() serviceChangeMap {
-	return serviceChangeMap{
-		items: make(map[types.NamespacedName]*serviceChange),
-	}
+// KernelHandler can handle the current installed kernel modules.
+type KernelHandler interface {
+	GetModules() ([]string, error)
 }
 
-func (scm *serviceChangeMap) update(namespacedName *types.NamespacedName, previous, current *api.Service) bool {
-	scm.lock.Lock()
-	defer scm.lock.Unlock()
-
-	change, exists := scm.items[*namespacedName]
-	if !exists {
-		change = &serviceChange{}
-		change.previous = serviceToServiceMap(previous)
-		scm.items[*namespacedName] = change
-	}
-	change.current = serviceToServiceMap(current)
-	if reflect.DeepEqual(change.previous, change.current) {
-		delete(scm.items, *namespacedName)
-	}
-	return len(scm.items) > 0
+// LinuxKernelHandler implements KernelHandler interface.
+type LinuxKernelHandler struct {
+	executor utilexec.Interface
 }
 
-// Translates single Service object to proxyServiceMap.
-//
-// NOTE: service object should NOT be modified.
-func serviceToServiceMap(service *api.Service) proxyServiceMap {
-	if service == nil {
-		return nil
-	}
-	svcName := types.NamespacedName{Namespace: service.Namespace, Name: service.Name}
-	if utilproxy.ShouldSkipService(svcName, service) {
-		return nil
-	}
-
-	serviceMap := make(proxyServiceMap)
-	for i := range service.Spec.Ports {
-		servicePort := &service.Spec.Ports[i]
-		svcPortName := proxy.ServicePortName{NamespacedName: svcName, Port: servicePort.Name}
-		serviceMap[svcPortName] = newServiceInfo(svcPortName, servicePort, service)
+// NewLinuxKernelHandler initializes LinuxKernelHandler with exec.
+func NewLinuxKernelHandler() *LinuxKernelHandler {
+	return &LinuxKernelHandler{
+		executor: utilexec.New(),
 	}
-	return serviceMap
-}
-
-// internal struct for endpoints information
-type endpointsInfo struct {
-	endpoint string // TODO: should be an endpointString type
-	isLocal  bool
-}
-
-func (e *endpointsInfo) String() string {
-	return fmt.Sprintf("%v", *e)
 }
 
-// IPPart returns just the IP part of the endpoint.
-func (e *endpointsInfo) IPPart() string {
-	return utilproxy.IPPart(e.endpoint)
-}
-
-// PortPart returns just the Port part of the endpoint.
-func (e *endpointsInfo) PortPart() (int, error) {
-	return utilproxy.PortPart(e.endpoint)
-}
-
-type endpointServicePair struct {
-	endpoint        string
-	servicePortName proxy.ServicePortName
-}
-
-type proxyEndpointsMap map[proxy.ServicePortName][]*endpointsInfo
-
-type endpointsChange struct {
-	previous proxyEndpointsMap
-	current  proxyEndpointsMap
-}
-
-type endpointsChangeMap struct {
-	lock     sync.Mutex
-	hostname string
-	items    map[types.NamespacedName]*endpointsChange
-}
-
-// <staleEndpoints> and <staleServices> are modified by this function with detected stale connections.
-func detectStaleConnections(oldEndpointsMap, newEndpointsMap proxyEndpointsMap, staleEndpoints map[endpointServicePair]bool, staleServiceNames map[proxy.ServicePortName]bool) {
-	for svcPortName, epList := range oldEndpointsMap {
-		for _, ep := range epList {
-			stale := true
-			for i := range newEndpointsMap[svcPortName] {
-				if *newEndpointsMap[svcPortName][i] == *ep {
-					stale = false
-					break
-				}
-			}
-			if stale {
-				glog.V(4).Infof("Stale endpoint %v -> %v", svcPortName, ep.endpoint)
-				staleEndpoints[endpointServicePair{endpoint: ep.endpoint, servicePortName: svcPortName}] = true
-			}
-		}
-	}
-
-	for svcPortName, epList := range newEndpointsMap {
-		// For udp service, if its backend changes from 0 to non-0. There may exist a conntrack entry that could blackhole traffic to the service.
-		if len(epList) > 0 && len(oldEndpointsMap[svcPortName]) == 0 {
-			staleServiceNames[svcPortName] = true
-		}
-	}
-}
-
-// <endpointsMap> is updated by this function (based on the given changes).
-// <changes> map is cleared after applying them.
-func updateEndpointsMap(
-	endpointsMap proxyEndpointsMap,
-	changes *endpointsChangeMap,
-	hostname string) (result updateEndpointMapResult) {
-	result.staleEndpoints = make(map[endpointServicePair]bool)
-	result.staleServiceNames = make(map[proxy.ServicePortName]bool)
-
-	func() {
-		changes.lock.Lock()
-		defer changes.lock.Unlock()
-		for _, change := range changes.items {
-			endpointsMap.unmerge(change.previous)
-			endpointsMap.merge(change.current)
-			detectStaleConnections(change.previous, change.current, result.staleEndpoints, result.staleServiceNames)
-		}
-		changes.items = make(map[types.NamespacedName]*endpointsChange)
-	}()
-
-	if !utilfeature.DefaultFeatureGate.Enabled(features.ExternalTrafficLocalOnly) {
-		return
-	}
-
-	// TODO: If this will appear to be computationally expensive, consider
-	// computing this incrementally similarly to endpointsMap.
-	result.hcEndpoints = make(map[types.NamespacedName]int)
-	localIPs := getLocalIPs(endpointsMap)
-	for nsn, ips := range localIPs {
-		result.hcEndpoints[nsn] = len(ips)
-	}
-
-	return result
-}
-
-// Translates single Endpoints object to proxyEndpointsMap.
-// This function is used for incremental updated of endpointsMap.
-//
-// NOTE: endpoints object should NOT be modified.
-func endpointsToEndpointsMap(endpoints *api.Endpoints, hostname string) proxyEndpointsMap {
-	if endpoints == nil {
-		return nil
-	}
-
-	endpointsMap := make(proxyEndpointsMap)
-	// We need to build a map of portname -> all ip:ports for that
-	// portname.  Explode Endpoints.Subsets[*] into this structure.
-	for i := range endpoints.Subsets {
-		ss := &endpoints.Subsets[i]
-		for i := range ss.Ports {
-			port := &ss.Ports[i]
-			if port.Port == 0 {
-				glog.Warningf("ignoring invalid endpoint port %s", port.Name)
-				continue
-			}
-			svcPort := proxy.ServicePortName{
-				NamespacedName: types.NamespacedName{Namespace: endpoints.Namespace, Name: endpoints.Name},
-				Port:           port.Name,
-			}
-			for i := range ss.Addresses {
-				addr := &ss.Addresses[i]
-				if addr.IP == "" {
-					glog.Warningf("ignoring invalid endpoint port %s with empty host", port.Name)
-					continue
-				}
-				epInfo := &endpointsInfo{
-					endpoint: net.JoinHostPort(addr.IP, strconv.Itoa(int(port.Port))),
-					isLocal:  addr.NodeName != nil && *addr.NodeName == hostname,
-				}
-				endpointsMap[svcPort] = append(endpointsMap[svcPort], epInfo)
-			}
-			if glog.V(3) {
-				newEPList := []string{}
-				for _, ep := range endpointsMap[svcPort] {
-					newEPList = append(newEPList, ep.endpoint)
-				}
-				glog.Infof("Setting endpoints for %q to %+v", svcPort, newEPList)
-			}
+// GetModules returns all installed kernel modules.
+func (handle *LinuxKernelHandler) GetModules() ([]string, error) {
+	// Try to load IPVS required kernel modules using modprobe first
+	for _, kmod := range ipvsModules {
+		err := handle.executor.Command("modprobe", "--", kmod).Run()
+		if err != nil {
+			glog.Warningf("Failed to load kernel module %v with modprobe. "+
+				"You can ignore this message when kube-proxy is running inside container without mounting /lib/modules", kmod)
 		}
 	}
-	return endpointsMap
-}
-
-func newEndpointsChangeMap(hostname string) endpointsChangeMap {
-	return endpointsChangeMap{
-		hostname: hostname,
-		items:    make(map[types.NamespacedName]*endpointsChange),
-	}
-}
-
-func (ecm *endpointsChangeMap) update(namespacedName *types.NamespacedName, previous, current *api.Endpoints) bool {
-	ecm.lock.Lock()
-	defer ecm.lock.Unlock()
 
-	change, exists := ecm.items[*namespacedName]
-	if !exists {
-		change = &endpointsChange{}
-		change.previous = endpointsToEndpointsMap(previous, ecm.hostname)
-		ecm.items[*namespacedName] = change
-	}
-	change.current = endpointsToEndpointsMap(current, ecm.hostname)
-	if reflect.DeepEqual(change.previous, change.current) {
-		delete(ecm.items, *namespacedName)
-	}
-	return len(ecm.items) > 0
-}
-
-func (em proxyEndpointsMap) merge(other proxyEndpointsMap) {
-	for svcPort := range other {
-		em[svcPort] = other[svcPort]
+	// Find out loaded kernel modules
+	out, err := handle.executor.Command("cut", "-f1", "-d", " ", "/proc/modules").CombinedOutput()
+	if err != nil {
+		return nil, err
 	}
-}
 
-func (em proxyEndpointsMap) unmerge(other proxyEndpointsMap) {
-	for svcPort := range other {
-		delete(em, svcPort)
-	}
+	mods := strings.Split(string(out), "\n")
+	return mods, nil
 }
 
 // CanUseIPVSProxier returns true if we can use the ipvs Proxier.
 // This is determined by checking if all the required kernel modules can be loaded. It may
 // return an error if it fails to get the kernel modules information without error, in which
 // case it will also return false.
-func CanUseIPVSProxier(ipsetver IPSetVersioner) (bool, error) {
-	// Try to load IPVS required kernel modules using modprobe
-	for _, kmod := range ipvsModules {
-		err := utilexec.New().Command("modprobe", "--", kmod).Run()
-		if err != nil {
-			glog.Warningf("Failed to load kernel module %v with modprobe. "+
-				"You can ignore this message when kube-proxy is running inside container without mounting /lib/modules", kmod)
-		}
-	}
-
-	// Find out loaded kernel modules
-	out, err := utilexec.New().Command("cut", "-f1", "-d", " ", "/proc/modules").CombinedOutput()
+func CanUseIPVSProxier(handle KernelHandler, ipsetver IPSetVersioner) (bool, error) {
+	mods, err := handle.GetModules()
 	if err != nil {
-		return false, err
+		return false, fmt.Errorf("error getting installed ipvs required kernel modules: %v", err)
 	}
-
-	mods := strings.Split(string(out), "\n")
 	wantModules := sets.NewString()
 	loadModules := sets.NewString()
 	wantModules.Insert(ipvsModules...)
@@ -729,7 +438,6 @@ func CanUseIPVSProxier(ipsetver IPSetVersioner) (bool, error) {
 	return true, nil
 }
 
-// TODO: make it simpler.
 // CleanupIptablesLeftovers removes all iptables rules and chains created by the Proxier
 // It returns true if an error was encountered. Errors are logged.
 func cleanupIptablesLeftovers(ipt utiliptables.Interface) (encounteredError bool) {
@@ -738,14 +446,7 @@ func cleanupIptablesLeftovers(ipt utiliptables.Interface) (encounteredError bool
 		"-m", "comment", "--comment", "kubernetes service portals",
 		"-j", string(kubeServicesChain),
 	}
-	tableChainsWithJumpServices := []struct {
-		table utiliptables.Table
-		chain utiliptables.Chain
-	}{
-		{utiliptables.TableNAT, utiliptables.ChainOutput},
-		{utiliptables.TableNAT, utiliptables.ChainPrerouting},
-	}
-	for _, tc := range tableChainsWithJumpServices {
+	for _, tc := range tableChainsWithJumpService {
 		if err := ipt.DeleteRule(tc.table, tc.chain, args...); err != nil {
 			if !utiliptables.IsNotFoundError(err) {
 				glog.Errorf("Error removing pure-iptables proxy rule: %v", err)
@@ -767,30 +468,18 @@ func cleanupIptablesLeftovers(ipt utiliptables.Interface) (encounteredError bool
 	}
 
 	// Flush and remove all of our chains.
-	iptablesData := bytes.NewBuffer(nil)
-	if err := ipt.SaveInto(utiliptables.TableNAT, iptablesData); err != nil {
-		glog.Errorf("Failed to execute iptables-save for %s: %v", utiliptables.TableNAT, err)
-		encounteredError = true
-	} else {
-		existingNATChains := utiliptables.GetChainLines(utiliptables.TableNAT, iptablesData.Bytes())
-		natChains := bytes.NewBuffer(nil)
-		natRules := bytes.NewBuffer(nil)
-		writeLine(natChains, "*nat")
-		// Start with chains we know we need to remove.
-		for _, chain := range []utiliptables.Chain{kubeServicesChain, kubePostroutingChain, KubeMarkMasqChain, KubeServiceIPSetsChain} {
-			if _, found := existingNATChains[chain]; found {
-				chainString := string(chain)
-				writeLine(natChains, existingNATChains[chain]) // flush
-				writeLine(natRules, "-X", chainString)         // delete
+	for _, chain := range []utiliptables.Chain{kubeServicesChain, kubePostroutingChain} {
+		if err := ipt.FlushChain(utiliptables.TableNAT, chain); err != nil {
+			if !utiliptables.IsNotFoundError(err) {
+				glog.Errorf("Error removing ipvs Proxier iptables rule: %v", err)
+				encounteredError = true
 			}
 		}
-		writeLine(natRules, "COMMIT")
-		natLines := append(natChains.Bytes(), natRules.Bytes()...)
-		// Write it.
-		err = ipt.Restore(utiliptables.TableNAT, natLines, utiliptables.NoFlushTables, utiliptables.RestoreCounters)
-		if err != nil {
-			glog.Errorf("Failed to execute iptables-restore for %s: %v", utiliptables.TableNAT, err)
-			encounteredError = true
+		if err := ipt.DeleteChain(utiliptables.TableNAT, chain); err != nil {
+			if !utiliptables.IsNotFoundError(err) {
+				glog.Errorf("Error removing ipvs Proxier iptables rule: %v", err)
+				encounteredError = true
+			}
 		}
 	}
 	return encounteredError
@@ -806,6 +495,7 @@ func CleanupLeftovers(ipvs utilipvs.Interface, ipt utiliptables.Interface, ipset
 		encounteredError = false
 		err := ipvs.Flush()
 		if err != nil {
+			glog.Errorf("Error flushing IPVS rules: %v", err)
 			encounteredError = true
 		}
 	}
@@ -813,6 +503,7 @@ func CleanupLeftovers(ipvs utilipvs.Interface, ipt utiliptables.Interface, ipset
 	nl := NewNetLinkHandle()
 	err := nl.DeleteDummyDevice(DefaultDummyDevice)
 	if err != nil {
+		glog.Errorf("Error deleting dummy device %s created by IPVS proxier: %v", DefaultDummyDevice, err)
 		encounteredError = true
 	}
 	// Clear iptables created by ipvs Proxier.
@@ -824,7 +515,10 @@ func CleanupLeftovers(ipvs utilipvs.Interface, ipt utiliptables.Interface, ipset
 	for _, set := range ipSetsToDestroy {
 		err = ipset.DestroySet(set)
 		if err != nil {
-			encounteredError = true
+			if !utilipset.IsNotFoundError(err) {
+				glog.Errorf("Error removing ipset %s, error: %v", set, err)
+				encounteredError = true
+			}
 		}
 	}
 	return encounteredError
@@ -858,26 +552,19 @@ func (proxier *Proxier) isInitialized() bool {
 
 // OnServiceAdd is called whenever creation of new service object is observed.
 func (proxier *Proxier) OnServiceAdd(service *api.Service) {
-	namespacedName := types.NamespacedName{Namespace: service.Namespace, Name: service.Name}
-	if proxier.serviceChanges.update(&namespacedName, nil, service) && proxier.isInitialized() {
-		proxier.syncRunner.Run()
-	}
+	proxier.OnServiceUpdate(nil, service)
 }
 
 // OnServiceUpdate is called whenever modification of an existing service object is observed.
 func (proxier *Proxier) OnServiceUpdate(oldService, service *api.Service) {
-	namespacedName := types.NamespacedName{Namespace: service.Namespace, Name: service.Name}
-	if proxier.serviceChanges.update(&namespacedName, oldService, service) && proxier.isInitialized() {
+	if proxier.serviceChanges.Update(oldService, service) && proxier.isInitialized() {
 		proxier.syncRunner.Run()
 	}
 }
 
 // OnServiceDelete is called whenever deletion of an existing service object is observed.
 func (proxier *Proxier) OnServiceDelete(service *api.Service) {
-	namespacedName := types.NamespacedName{Namespace: service.Namespace, Name: service.Name}
-	if proxier.serviceChanges.update(&namespacedName, service, nil) && proxier.isInitialized() {
-		proxier.syncRunner.Run()
-	}
+	proxier.OnServiceUpdate(service, nil)
 }
 
 // OnServiceSynced is called once all the initial even handlers were called and the state is fully propagated to local cache.
@@ -893,26 +580,19 @@ func (proxier *Proxier) OnServiceSynced() {
 
 // OnEndpointsAdd is called whenever creation of new endpoints object is observed.
 func (proxier *Proxier) OnEndpointsAdd(endpoints *api.Endpoints) {
-	namespacedName := types.NamespacedName{Namespace: endpoints.Namespace, Name: endpoints.Name}
-	if proxier.endpointsChanges.update(&namespacedName, nil, endpoints) && proxier.isInitialized() {
-		proxier.syncRunner.Run()
-	}
+	proxier.OnEndpointsUpdate(nil, endpoints)
 }
 
 // OnEndpointsUpdate is called whenever modification of an existing endpoints object is observed.
 func (proxier *Proxier) OnEndpointsUpdate(oldEndpoints, endpoints *api.Endpoints) {
-	namespacedName := types.NamespacedName{Namespace: endpoints.Namespace, Name: endpoints.Name}
-	if proxier.endpointsChanges.update(&namespacedName, oldEndpoints, endpoints) && proxier.isInitialized() {
+	if proxier.endpointsChanges.Update(oldEndpoints, endpoints) && proxier.isInitialized() {
 		proxier.syncRunner.Run()
 	}
 }
 
 // OnEndpointsDelete is called whenever deletion of an existing endpoints object is observed.
 func (proxier *Proxier) OnEndpointsDelete(endpoints *api.Endpoints) {
-	namespacedName := types.NamespacedName{Namespace: endpoints.Namespace, Name: endpoints.Name}
-	if proxier.endpointsChanges.update(&namespacedName, endpoints, nil) && proxier.isInitialized() {
-		proxier.syncRunner.Run()
-	}
+	proxier.OnEndpointsUpdate(endpoints, nil)
 }
 
 // OnEndpointsSynced is called once all the initial event handlers were called and the state is fully propagated to local cache.
@@ -924,6 +604,9 @@ func (proxier *Proxier) OnEndpointsSynced() {
 	proxier.syncProxyRules()
 }
 
+// EntryInvalidErr indicates if an ipset entry is invalid or not
+const EntryInvalidErr = "error adding entry %s to ipset %s"
+
 // This is where all of the ipvs calls happen.
 // assumes proxier.mu is held
 func (proxier *Proxier) syncProxyRules() {
@@ -944,17 +627,15 @@ func (proxier *Proxier) syncProxyRules() {
 	// We assume that if this was called, we really want to sync them,
 	// even if nothing changed in the meantime. In other words, callers are
 	// responsible for detecting no-op changes and not calling this function.
-	serviceUpdateResult := updateServiceMap(
-		proxier.serviceMap, &proxier.serviceChanges)
-	endpointUpdateResult := updateEndpointsMap(
-		proxier.endpointsMap, &proxier.endpointsChanges, proxier.hostname)
+	serviceUpdateResult := proxy.UpdateServiceMap(proxier.serviceMap, proxier.serviceChanges)
+	endpointUpdateResult := proxy.UpdateEndpointsMap(proxier.endpointsMap, proxier.endpointsChanges)
 
-	staleServices := serviceUpdateResult.staleServices
+	staleServices := serviceUpdateResult.UDPStaleClusterIP
 	// merge stale services gathered from updateEndpointsMap
-	for svcPortName := range endpointUpdateResult.staleServiceNames {
-		if svcInfo, ok := proxier.serviceMap[svcPortName]; ok && svcInfo != nil && svcInfo.protocol == api.ProtocolUDP {
-			glog.V(2).Infof("Stale udp service %v -> %s", svcPortName, svcInfo.clusterIP.String())
-			staleServices.Insert(svcInfo.clusterIP.String())
+	for _, svcPortName := range endpointUpdateResult.StaleServiceNames {
+		if svcInfo, ok := proxier.serviceMap[svcPortName]; ok && svcInfo != nil && svcInfo.GetProtocol() == api.ProtocolUDP {
+			glog.V(2).Infof("Stale udp service %v -> %s", svcPortName, svcInfo.ClusterIPString())
+			staleServices.Insert(svcInfo.ClusterIPString())
 		}
 	}
 
@@ -1057,16 +738,26 @@ func (proxier *Proxier) syncProxyRules() {
 	}
 
 	// Build IPVS rules for each service.
-	for svcName, svcInfo := range proxier.serviceMap {
-		protocol := strings.ToLower(string(svcInfo.protocol))
+	for svcName, svc := range proxier.serviceMap {
+		svcInfo, ok := svc.(*serviceInfo)
+		if !ok {
+			glog.Errorf("Failed to cast serviceInfo %q", svcName.String())
+			continue
+		}
+		protocol := strings.ToLower(string(svcInfo.Protocol))
 		// Precompute svcNameString; with many services the many calls
 		// to ServicePortName.String() show up in CPU profiles.
 		svcNameString := svcName.String()
 
 		// Handle traffic that loops back to the originator with SNAT.
-		for _, ep := range proxier.endpointsMap[svcName] {
-			epIP := ep.IPPart()
-			epPort, err := ep.PortPart()
+		for _, e := range proxier.endpointsMap[svcName] {
+			ep, ok := e.(*proxy.BaseEndpointInfo)
+			if !ok {
+				glog.Errorf("Failed to cast BaseEndpointInfo %q", e.String())
+				continue
+			}
+			epIP := ep.IP()
+			epPort, err := ep.Port()
 			// Error parsing this endpoint has been logged. Skip to next endpoint.
 			if epIP == "" || err != nil {
 				continue
@@ -1078,41 +769,49 @@ func (proxier *Proxier) syncProxyRules() {
 				IP2:      epIP,
 				SetType:  utilipset.HashIPPortIP,
 			}
+			if valid := proxier.loopbackSet.validateEntry(entry); !valid {
+				glog.Errorf("%s", fmt.Sprintf(EntryInvalidErr, entry, proxier.loopbackSet.Name))
+				continue
+			}
 			proxier.loopbackSet.activeEntries.Insert(entry.String())
 		}
 
 		// Capture the clusterIP.
 		// ipset call
 		entry := &utilipset.Entry{
-			IP:       svcInfo.clusterIP.String(),
-			Port:     svcInfo.port,
+			IP:       svcInfo.ClusterIP.String(),
+			Port:     svcInfo.Port,
 			Protocol: protocol,
 			SetType:  utilipset.HashIPPort,
 		}
 		// add service Cluster IP:Port to kubeServiceAccess ip set for the purpose of solving hairpin.
 		// proxier.kubeServiceAccessSet.activeEntries.Insert(entry.String())
 		// Install masquerade rules if 'masqueradeAll' or 'clusterCIDR' is specified.
-		if proxier.masqueradeAll {
-			proxier.clusterIPSet.activeEntries.Insert(entry.String())
-		} else if len(proxier.clusterCIDR) > 0 {
+		if proxier.masqueradeAll || len(proxier.clusterCIDR) > 0 {
+			if valid := proxier.clusterIPSet.validateEntry(entry); !valid {
+				glog.Errorf("%s", fmt.Sprintf(EntryInvalidErr, entry, proxier.clusterIPSet.Name))
+				continue
+			}
 			proxier.clusterIPSet.activeEntries.Insert(entry.String())
 		}
 		// ipvs call
 		serv := &utilipvs.VirtualServer{
-			Address:   svcInfo.clusterIP,
-			Port:      uint16(svcInfo.port),
-			Protocol:  string(svcInfo.protocol),
+			Address:   svcInfo.ClusterIP,
+			Port:      uint16(svcInfo.Port),
+			Protocol:  string(svcInfo.Protocol),
 			Scheduler: proxier.ipvsScheduler,
 		}
 		// Set session affinity flag and timeout for IPVS service
-		if svcInfo.sessionAffinityType == api.ServiceAffinityClientIP {
+		if svcInfo.SessionAffinityType == api.ServiceAffinityClientIP {
 			serv.Flags |= utilipvs.FlagPersistent
-			serv.Timeout = uint32(svcInfo.stickyMaxAgeSeconds)
+			serv.Timeout = uint32(svcInfo.StickyMaxAgeSeconds)
 		}
 		// We need to bind ClusterIP to dummy interface, so set `bindAddr` parameter to `true` in syncService()
 		if err := proxier.syncService(svcNameString, serv, true); err == nil {
 			activeIPVSServices[serv.String()] = true
-			if err := proxier.syncEndpoint(svcName, svcInfo.onlyNodeLocalEndpoints, serv); err != nil {
+			// ExternalTrafficPolicy only works for NodePort and external LB traffic, does not affect ClusterIP
+			// So we still need clusterIP rules in onlyNodeLocalEndpoints mode.
+			if err := proxier.syncEndpoint(svcName, false, serv); err != nil {
 				glog.Errorf("Failed to sync endpoint for service: %v, err: %v", serv, err)
 			}
 		} else {
@@ -1120,14 +819,14 @@ func (proxier *Proxier) syncProxyRules() {
 		}
 
 		// Capture externalIPs.
-		for _, externalIP := range svcInfo.externalIPs {
+		for _, externalIP := range svcInfo.ExternalIPs {
 			if local, err := utilproxy.IsLocalIP(externalIP); err != nil {
 				glog.Errorf("can't determine if IP is local, assuming not: %v", err)
 			} else if local {
 				lp := utilproxy.LocalPort{
 					Description: "externalIP for " + svcNameString,
 					IP:          externalIP,
-					Port:        svcInfo.port,
+					Port:        svcInfo.Port,
 					Protocol:    protocol,
 				}
 				if proxier.portsMap[lp] != nil {
@@ -1155,28 +854,32 @@ func (proxier *Proxier) syncProxyRules() {
 			// ipset call
 			entry := &utilipset.Entry{
 				IP:       externalIP,
-				Port:     svcInfo.port,
+				Port:     svcInfo.Port,
 				Protocol: protocol,
 				SetType:  utilipset.HashIPPort,
 			}
 			// We have to SNAT packets to external IPs.
+			if valid := proxier.externalIPSet.validateEntry(entry); !valid {
+				glog.Errorf("%s", fmt.Sprintf(EntryInvalidErr, entry, proxier.externalIPSet.Name))
+				continue
+			}
 			proxier.externalIPSet.activeEntries.Insert(entry.String())
 
 			// ipvs call
 			serv := &utilipvs.VirtualServer{
 				Address:   net.ParseIP(externalIP),
-				Port:      uint16(svcInfo.port),
-				Protocol:  string(svcInfo.protocol),
+				Port:      uint16(svcInfo.Port),
+				Protocol:  string(svcInfo.Protocol),
 				Scheduler: proxier.ipvsScheduler,
 			}
-			if svcInfo.sessionAffinityType == api.ServiceAffinityClientIP {
+			if svcInfo.SessionAffinityType == api.ServiceAffinityClientIP {
 				serv.Flags |= utilipvs.FlagPersistent
-				serv.Timeout = uint32(svcInfo.stickyMaxAgeSeconds)
+				serv.Timeout = uint32(svcInfo.StickyMaxAgeSeconds)
 			}
 			// There is no need to bind externalIP to dummy interface, so set parameter `bindAddr` to `false`.
 			if err := proxier.syncService(svcNameString, serv, false); err == nil {
 				activeIPVSServices[serv.String()] = true
-				if err := proxier.syncEndpoint(svcName, svcInfo.onlyNodeLocalEndpoints, serv); err != nil {
+				if err := proxier.syncEndpoint(svcName, svcInfo.OnlyNodeLocalEndpoints, serv); err != nil {
 					glog.Errorf("Failed to sync endpoint for service: %v, err: %v", serv, err)
 				}
 			} else {
@@ -1185,12 +888,12 @@ func (proxier *Proxier) syncProxyRules() {
 		}
 
 		// Capture load-balancer ingress.
-		for _, ingress := range svcInfo.loadBalancerStatus.Ingress {
+		for _, ingress := range svcInfo.LoadBalancerStatus.Ingress {
 			if ingress.IP != "" {
 				// ipset call
 				entry = &utilipset.Entry{
 					IP:       ingress.IP,
-					Port:     svcInfo.port,
+					Port:     svcInfo.Port,
 					Protocol: protocol,
 					SetType:  utilipset.HashIPPort,
 				}
@@ -1198,26 +901,38 @@ func (proxier *Proxier) syncProxyRules() {
 				// proxier.kubeServiceAccessSet.activeEntries.Insert(entry.String())
 				// If we are proxying globally, we need to masquerade in case we cross nodes.
 				// If we are proxying only locally, we can retain the source IP.
-				if !svcInfo.onlyNodeLocalEndpoints {
+				if !svcInfo.OnlyNodeLocalEndpoints {
+					if valid := proxier.lbMasqSet.validateEntry(entry); !valid {
+						glog.Errorf("%s", fmt.Sprintf(EntryInvalidErr, entry, proxier.lbMasqSet.Name))
+						continue
+					}
 					proxier.lbMasqSet.activeEntries.Insert(entry.String())
 				}
-				if len(svcInfo.loadBalancerSourceRanges) != 0 {
+				if len(svcInfo.LoadBalancerSourceRanges) != 0 {
 					// The service firewall rules are created based on ServiceSpec.loadBalancerSourceRanges field.
 					// This currently works for loadbalancers that preserves source ips.
 					// For loadbalancers which direct traffic to service NodePort, the firewall rules will not apply.
+					if valid := proxier.lbIngressSet.validateEntry(entry); !valid {
+						glog.Errorf("%s", fmt.Sprintf(EntryInvalidErr, entry, proxier.lbIngressSet.Name))
+						continue
+					}
 					proxier.lbIngressSet.activeEntries.Insert(entry.String())
 
 					allowFromNode := false
-					for _, src := range svcInfo.loadBalancerSourceRanges {
+					for _, src := range svcInfo.LoadBalancerSourceRanges {
 						// ipset call
 						entry = &utilipset.Entry{
 							IP:       ingress.IP,
-							Port:     svcInfo.port,
+							Port:     svcInfo.Port,
 							Protocol: protocol,
 							Net:      src,
 							SetType:  utilipset.HashIPPortNet,
 						}
 						// enumerate all white list source cidr
+						if valid := proxier.lbWhiteListCIDRSet.validateEntry(entry); !valid {
+							glog.Errorf("%s", fmt.Sprintf(EntryInvalidErr, entry, proxier.lbWhiteListCIDRSet.Name))
+							continue
+						}
 						proxier.lbWhiteListCIDRSet.activeEntries.Insert(entry.String())
 
 						// ignore error because it has been validated
@@ -1232,12 +947,16 @@ func (proxier *Proxier) syncProxyRules() {
 					if allowFromNode {
 						entry = &utilipset.Entry{
 							IP:       ingress.IP,
-							Port:     svcInfo.port,
+							Port:     svcInfo.Port,
 							Protocol: protocol,
 							IP2:      ingress.IP,
 							SetType:  utilipset.HashIPPortIP,
 						}
 						// enumerate all white list source ip
+						if valid := proxier.lbWhiteListIPSet.validateEntry(entry); !valid {
+							glog.Errorf("%s", fmt.Sprintf(EntryInvalidErr, entry, proxier.lbWhiteListIPSet.Name))
+							continue
+						}
 						proxier.lbWhiteListIPSet.activeEntries.Insert(entry.String())
 					}
 				}
@@ -1245,18 +964,18 @@ func (proxier *Proxier) syncProxyRules() {
 				// ipvs call
 				serv := &utilipvs.VirtualServer{
 					Address:   net.ParseIP(ingress.IP),
-					Port:      uint16(svcInfo.port),
-					Protocol:  string(svcInfo.protocol),
+					Port:      uint16(svcInfo.Port),
+					Protocol:  string(svcInfo.Protocol),
 					Scheduler: proxier.ipvsScheduler,
 				}
-				if svcInfo.sessionAffinityType == api.ServiceAffinityClientIP {
+				if svcInfo.SessionAffinityType == api.ServiceAffinityClientIP {
 					serv.Flags |= utilipvs.FlagPersistent
-					serv.Timeout = uint32(svcInfo.stickyMaxAgeSeconds)
+					serv.Timeout = uint32(svcInfo.StickyMaxAgeSeconds)
 				}
 				// There is no need to bind LB ingress.IP to dummy interface, so set parameter `bindAddr` to `false`.
 				if err := proxier.syncService(svcNameString, serv, false); err == nil {
 					activeIPVSServices[serv.String()] = true
-					if err := proxier.syncEndpoint(svcName, svcInfo.onlyNodeLocalEndpoints, serv); err != nil {
+					if err := proxier.syncEndpoint(svcName, svcInfo.OnlyNodeLocalEndpoints, serv); err != nil {
 						glog.Errorf("Failed to sync endpoint for service: %v, err: %v", serv, err)
 					}
 				} else {
@@ -1265,11 +984,11 @@ func (proxier *Proxier) syncProxyRules() {
 			}
 		}
 
-		if svcInfo.nodePort != 0 {
+		if svcInfo.NodePort != 0 {
 			lp := utilproxy.LocalPort{
 				Description: "nodePort for " + svcNameString,
 				IP:          "",
-				Port:        svcInfo.nodePort,
+				Port:        svcInfo.NodePort,
 				Protocol:    protocol,
 			}
 			if proxier.portsMap[lp] != nil {
@@ -1282,58 +1001,79 @@ func (proxier *Proxier) syncProxyRules() {
 					continue
 				}
 				if lp.Protocol == "udp" {
-					isIPv6 := utilproxy.IsIPv6(svcInfo.clusterIP)
-					utilproxy.ClearUDPConntrackForPort(proxier.exec, lp.Port, isIPv6)
+					isIPv6 := utilnet.IsIPv6(svcInfo.ClusterIP)
+					conntrack.ClearEntriesForPort(proxier.exec, lp.Port, isIPv6, clientv1.ProtocolUDP)
 				}
 				replacementPortsMap[lp] = socket
 			} // We're holding the port, so it's OK to install ipvs rules.
 
 			// Nodeports need SNAT, unless they're local.
 			// ipset call
-			if !svcInfo.onlyNodeLocalEndpoints {
+			if !svcInfo.OnlyNodeLocalEndpoints {
 				entry = &utilipset.Entry{
 					// No need to provide ip info
-					Port:     svcInfo.nodePort,
+					Port:     svcInfo.NodePort,
 					Protocol: protocol,
 					SetType:  utilipset.BitmapPort,
 				}
+				var nodePortSet *IPSet
 				switch protocol {
+
 				case "tcp":
-					proxier.nodePortSetTCP.activeEntries.Insert(entry.String())
+					nodePortSet = proxier.nodePortSetTCP
 				case "udp":
-					proxier.nodePortSetUDP.activeEntries.Insert(entry.String())
+					nodePortSet = proxier.nodePortSetUDP
 				default:
 					// It should never hit
 					glog.Errorf("Unsupported protocol type: %s", protocol)
 				}
+				if nodePortSet != nil {
+					if valid := nodePortSet.validateEntry(entry); !valid {
+						glog.Errorf("%s", fmt.Sprintf(EntryInvalidErr, entry, nodePortSet.Name))
+						continue
+					}
+					nodePortSet.activeEntries.Insert(entry.String())
+				}
 			}
 
 			// Build ipvs kernel routes for each node ip address
-			nodeIPs, err := proxier.ipGetter.NodeIPs()
+			nodeIPs := make([]net.IP, 0)
+			addresses, err := utilproxy.GetNodeAddresses(proxier.nodePortAddresses, proxier.networkInterfacer)
 			if err != nil {
-				glog.Errorf("Failed to get node IP, err: %v", err)
-			} else {
-				for _, nodeIP := range nodeIPs {
-					// ipvs call
-					serv := &utilipvs.VirtualServer{
-						Address:   nodeIP,
-						Port:      uint16(svcInfo.nodePort),
-						Protocol:  string(svcInfo.protocol),
-						Scheduler: proxier.ipvsScheduler,
-					}
-					if svcInfo.sessionAffinityType == api.ServiceAffinityClientIP {
-						serv.Flags |= utilipvs.FlagPersistent
-						serv.Timeout = uint32(svcInfo.stickyMaxAgeSeconds)
-					}
-					// There is no need to bind Node IP to dummy interface, so set parameter `bindAddr` to `false`.
-					if err := proxier.syncService(svcNameString, serv, false); err == nil {
-						activeIPVSServices[serv.String()] = true
-						if err := proxier.syncEndpoint(svcName, svcInfo.onlyNodeLocalEndpoints, serv); err != nil {
-							glog.Errorf("Failed to sync endpoint for service: %v, err: %v", serv, err)
-						}
-					} else {
-						glog.Errorf("Failed to sync service: %v, err: %v", serv, err)
+				glog.Errorf("Failed to get node ip address matching nodeport cidr")
+				continue
+			}
+			for address := range addresses {
+				if !utilproxy.IsZeroCIDR(address) {
+					nodeIPs = append(nodeIPs, net.ParseIP(address))
+					continue
+				}
+				// zero cidr
+				nodeIPs, err = proxier.ipGetter.NodeIPs()
+				if err != nil {
+					glog.Errorf("Failed to list all node IPs from host, err: %v", err)
+				}
+			}
+			for _, nodeIP := range nodeIPs {
+				// ipvs call
+				serv := &utilipvs.VirtualServer{
+					Address:   nodeIP,
+					Port:      uint16(svcInfo.NodePort),
+					Protocol:  string(svcInfo.Protocol),
+					Scheduler: proxier.ipvsScheduler,
+				}
+				if svcInfo.SessionAffinityType == api.ServiceAffinityClientIP {
+					serv.Flags |= utilipvs.FlagPersistent
+					serv.Timeout = uint32(svcInfo.StickyMaxAgeSeconds)
+				}
+				// There is no need to bind Node IP to dummy interface, so set parameter `bindAddr` to `false`.
+				if err := proxier.syncService(svcNameString, serv, false); err == nil {
+					activeIPVSServices[serv.String()] = true
+					if err := proxier.syncEndpoint(svcName, svcInfo.OnlyNodeLocalEndpoints, serv); err != nil {
+						glog.Errorf("Failed to sync endpoint for service: %v, err: %v", serv, err)
 					}
+				} else {
+					glog.Errorf("Failed to sync service: %v, err: %v", serv, err)
 				}
 			}
 		}
@@ -1497,33 +1237,33 @@ func (proxier *Proxier) syncProxyRules() {
 	// Update healthchecks.  The endpoints list might include services that are
 	// not "OnlyLocal", but the services list will not, and the healthChecker
 	// will just drop those endpoints.
-	if err := proxier.healthChecker.SyncServices(serviceUpdateResult.hcServices); err != nil {
+	if err := proxier.healthChecker.SyncServices(serviceUpdateResult.HCServiceNodePorts); err != nil {
 		glog.Errorf("Error syncing healtcheck services: %v", err)
 	}
-	if err := proxier.healthChecker.SyncEndpoints(endpointUpdateResult.hcEndpoints); err != nil {
+	if err := proxier.healthChecker.SyncEndpoints(endpointUpdateResult.HCEndpointsLocalIPSize); err != nil {
 		glog.Errorf("Error syncing healthcheck endpoints: %v", err)
 	}
 
 	// Finish housekeeping.
 	// TODO: these could be made more consistent.
 	for _, svcIP := range staleServices.UnsortedList() {
-		if err := utilproxy.ClearUDPConntrackForIP(proxier.exec, svcIP); err != nil {
+		if err := conntrack.ClearEntriesForIP(proxier.exec, svcIP, clientv1.ProtocolUDP); err != nil {
 			glog.Errorf("Failed to delete stale service IP %s connections, error: %v", svcIP, err)
 		}
 	}
-	proxier.deleteEndpointConnections(endpointUpdateResult.staleEndpoints)
+	proxier.deleteEndpointConnections(endpointUpdateResult.StaleEndpoints)
 }
 
 // After a UDP endpoint has been removed, we must flush any pending conntrack entries to it, or else we
 // risk sending more traffic to it, all of which will be lost (because UDP).
 // This assumes the proxier mutex is held
-func (proxier *Proxier) deleteEndpointConnections(connectionMap map[endpointServicePair]bool) {
-	for epSvcPair := range connectionMap {
-		if svcInfo, ok := proxier.serviceMap[epSvcPair.servicePortName]; ok && svcInfo.protocol == api.ProtocolUDP {
-			endpointIP := utilproxy.IPPart(epSvcPair.endpoint)
-			err := utilproxy.ClearUDPConntrackForPeers(proxier.exec, svcInfo.clusterIP.String(), endpointIP)
+func (proxier *Proxier) deleteEndpointConnections(connectionMap []proxy.ServiceEndpoint) {
+	for _, epSvcPair := range connectionMap {
+		if svcInfo, ok := proxier.serviceMap[epSvcPair.ServicePortName]; ok && svcInfo.GetProtocol() == api.ProtocolUDP {
+			endpointIP := utilproxy.IPPart(epSvcPair.Endpoint)
+			err := conntrack.ClearEntriesForNAT(proxier.exec, svcInfo.ClusterIPString(), endpointIP, clientv1.ProtocolUDP)
 			if err != nil {
-				glog.Errorf("Failed to delete %s endpoint connections, error: %v", epSvcPair.servicePortName.String(), err)
+				glog.Errorf("Failed to delete %s endpoint connections, error: %v", epSvcPair.ServicePortName.String(), err)
 			}
 		}
 	}
@@ -1543,7 +1283,7 @@ func (proxier *Proxier) syncService(svcName string, vs *utilipvs.VirtualServer,
 			// IPVS service was changed, update the existing one
 			// During updates, service VIP will not go down
 			glog.V(3).Infof("IPVS service %s was changed", svcName)
-			if err := proxier.ipvs.UpdateVirtualServer(appliedVirtualServer); err != nil {
+			if err := proxier.ipvs.UpdateVirtualServer(vs); err != nil {
 				glog.Errorf("Failed to update IPVS service, err:%v", err)
 				return err
 			}
@@ -1569,7 +1309,7 @@ func (proxier *Proxier) syncEndpoint(svcPortName proxy.ServicePortName, onlyNode
 		return err
 	}
 
-	// curEndpoints represents IPVS destiantions listed from current system.
+	// curEndpoints represents IPVS destinations listed from current system.
 	curEndpoints := sets.NewString()
 	// newEndpoints represents Endpoints watched from API Server.
 	newEndpoints := sets.NewString()
@@ -1583,9 +1323,9 @@ func (proxier *Proxier) syncEndpoint(svcPortName proxy.ServicePortName, onlyNode
 		curEndpoints.Insert(des.String())
 	}
 
-	for _, eps := range proxier.endpointsMap[svcPortName] {
-		if !onlyNodeLocalEndpoints || onlyNodeLocalEndpoints && eps.isLocal {
-			newEndpoints.Insert(eps.endpoint)
+	for _, epInfo := range proxier.endpointsMap[svcPortName] {
+		if !onlyNodeLocalEndpoints || onlyNodeLocalEndpoints && epInfo.GetIsLocal() {
+			newEndpoints.Insert(epInfo.String())
 		}
 	}
 
@@ -1656,8 +1396,9 @@ func (proxier *Proxier) cleanLegacyService(atciveServices map[string]bool, curre
 
 	for _, addr := range unbindIPAddr.UnsortedList() {
 		err := proxier.netlinkHandle.UnbindAddress(addr, DefaultDummyDevice)
+		// Ignore no such address error when try to unbind address
 		if err != nil {
-			glog.Errorf("Failed to unbind service from dummy interface, error: %v", err)
+			glog.Errorf("Failed to unbind service addr %s from dummy interface %s: %v", addr, DefaultDummyDevice, err)
 		}
 	}
 }
@@ -1677,16 +1418,9 @@ func (proxier *Proxier) linkKubeServiceChain(existingNATChains map[utiliptables.
 	if _, err := proxier.iptables.EnsureChain(utiliptables.TableNAT, kubeServicesChain); err != nil {
 		return fmt.Errorf("Failed to ensure that %s chain %s exists: %v", utiliptables.TableNAT, kubeServicesChain, err)
 	}
-	tableChainsNeedJumpServices := []struct {
-		table utiliptables.Table
-		chain utiliptables.Chain
-	}{
-		{utiliptables.TableNAT, utiliptables.ChainOutput},
-		{utiliptables.TableNAT, utiliptables.ChainPrerouting},
-	}
 	comment := "kubernetes service portals"
 	args := []string{"-m", "comment", "--comment", comment, "-j", string(kubeServicesChain)}
-	for _, tc := range tableChainsNeedJumpServices {
+	for _, tc := range tableChainsWithJumpService {
 		if _, err := proxier.iptables.EnsureRule(utiliptables.Prepend, tc.table, tc.chain, args...); err != nil {
 			return fmt.Errorf("Failed to ensure that %s chain %s jumps to %s: %v", tc.table, tc.chain, kubeServicesChain, err)
 		}
@@ -1702,40 +1436,6 @@ func (proxier *Proxier) linkKubeServiceChain(existingNATChains map[utiliptables.
 	return nil
 }
 
-//// linkKubeIPSetsChain will Create chain KUBE-SVC-IPSETS and link the chin in KUBE-SERVICES
-//
-//// Chain KUBE-SERVICES (policy ACCEPT)
-//// target            prot opt source               destination
-//// KUBE-SVC-IPSETS   all  --  0.0.0.0/0            0.0.0.0/0     match-set KUBE-SERVICE-ACCESS dst,dst
-//
-//// Chain KUBE-SVC-IPSETS (1 references)
-//// target     prot opt source               destination
-//// KUBE-MARK-MASQ  all  --  0.0.0.0/0       0.0.0.0/0            match-set KUBE-EXTERNAL-IP dst,dst
-//// ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            match-set KUBE-EXTERNAL-IP dst,dst PHYSDEV match ! --physdev-is-in ADDRTYPE match src-type !LOCAL
-//// ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            match-set KUBE-EXTERNAL-IP dst,dst ADDRTYPE match dst-type LOCAL
-//// ...
-//func (proxier *Proxier) linkKubeIPSetsChain(existingNATChains map[utiliptables.Chain]string, natChains *bytes.Buffer) error {
-//	if _, err := proxier.iptables.EnsureChain(utiliptables.TableNAT, KubeServiceIPSetsChain); err != nil {
-//		return fmt.Errorf("Failed to ensure that %s chain %s exists: %v", utiliptables.TableNAT, KubeServiceIPSetsChain, err)
-//	}
-//
-//	// TODO: iptables comment message for ipset?
-//	// The hash:ip,port type of sets require two src/dst parameters of the set match and SET target kernel modules.
-//	args := []string{"-m", "set", "--match-set", proxier.kubeServiceAccessSet.Name, "dst,dst", "-j", string(KubeServiceIPSetsChain)}
-//	if _, err := proxier.iptables.EnsureRule(utiliptables.Prepend, utiliptables.TableNAT, kubeServicesChain, args...); err != nil {
-//		return fmt.Errorf("Failed to ensure that ipset %s chain %s jumps to %s: %v", proxier.kubeServiceAccessSet.Name, kubeServicesChain, KubeServiceIPSetsChain, err)
-//	}
-//
-//	// equal to `iptables -t nat -N KUBE-SVC-IPSETS`
-//	// write `:KUBE-SERVICES - [0:0]` in nat table
-//	if chain, ok := existingNATChains[KubeServiceIPSetsChain]; ok {
-//		writeLine(natChains, chain)
-//	} else {
-//		writeLine(natChains, utiliptables.MakeChainLine(KubeServiceIPSetsChain))
-//	}
-//	return nil
-//}
-
 func (proxier *Proxier) createKubeFireWallChain(existingNATChains map[utiliptables.Chain]string, natChains *bytes.Buffer) error {
 	// `iptables -t nat -N KUBE-FIRE-WALL`
 	if _, err := proxier.iptables.EnsureChain(utiliptables.TableNAT, KubeFireWallChain); err != nil {
@@ -1764,26 +1464,6 @@ func writeLine(buf *bytes.Buffer, words ...string) {
 	}
 }
 
-func getLocalIPs(endpointsMap proxyEndpointsMap) map[types.NamespacedName]sets.String {
-	localIPs := make(map[types.NamespacedName]sets.String)
-	for svcPortName := range endpointsMap {
-		for _, ep := range endpointsMap[svcPortName] {
-			if ep.isLocal {
-				// If the endpoint has a bad format, utilproxy.IPPart() will log an
-				// error and ep.IPPart() will return a null string.
-				if ip := ep.IPPart(); ip != "" {
-					nsn := svcPortName.NamespacedName
-					if localIPs[nsn] == nil {
-						localIPs[nsn] = sets.NewString()
-					}
-					localIPs[nsn].Insert(ip)
-				}
-			}
-		}
-	}
-	return localIPs
-}
-
 // listenPortOpener opens ports by calling bind() and listen().
 type listenPortOpener struct{}
 
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/service.go b/vendor/k8s.io/kubernetes/pkg/proxy/service.go
new file mode 100644
index 000000000000..23911a43c5a3
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/service.go
@@ -0,0 +1,344 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package proxy
+
+import (
+	"fmt"
+	"net"
+	"reflect"
+	"strings"
+	"sync"
+
+	"github.com/golang/glog"
+
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/client-go/tools/record"
+	apiservice "k8s.io/kubernetes/pkg/api/service"
+	api "k8s.io/kubernetes/pkg/apis/core"
+	"k8s.io/kubernetes/pkg/apis/core/helper"
+	utilproxy "k8s.io/kubernetes/pkg/proxy/util"
+	utilnet "k8s.io/kubernetes/pkg/util/net"
+)
+
+// BaseServiceInfo contains base information that defines a service.
+// This could be used directly by proxier while processing services,
+// or can be used for constructing a more specific ServiceInfo struct
+// defined by the proxier if needed.
+type BaseServiceInfo struct {
+	ClusterIP                net.IP
+	Port                     int
+	Protocol                 api.Protocol
+	NodePort                 int
+	LoadBalancerStatus       api.LoadBalancerStatus
+	SessionAffinityType      api.ServiceAffinity
+	StickyMaxAgeSeconds      int
+	ExternalIPs              []string
+	LoadBalancerSourceRanges []string
+	HealthCheckNodePort      int
+	OnlyNodeLocalEndpoints   bool
+}
+
+var _ ServicePort = &BaseServiceInfo{}
+
+// String is part of ServicePort interface.
+func (info *BaseServiceInfo) String() string {
+	return fmt.Sprintf("%s:%d/%s", info.ClusterIP, info.Port, info.Protocol)
+}
+
+// ClusterIPString is part of ServicePort interface.
+func (info *BaseServiceInfo) ClusterIPString() string {
+	return info.ClusterIP.String()
+}
+
+// GetProtocol is part of ServicePort interface.
+func (info *BaseServiceInfo) GetProtocol() api.Protocol {
+	return info.Protocol
+}
+
+// GetHealthCheckNodePort is part of ServicePort interface.
+func (info *BaseServiceInfo) GetHealthCheckNodePort() int {
+	return info.HealthCheckNodePort
+}
+
+func (sct *ServiceChangeTracker) newBaseServiceInfo(port *api.ServicePort, service *api.Service) *BaseServiceInfo {
+	onlyNodeLocalEndpoints := false
+	if apiservice.RequestsOnlyLocalTraffic(service) {
+		onlyNodeLocalEndpoints = true
+	}
+	var stickyMaxAgeSeconds int
+	if service.Spec.SessionAffinity == api.ServiceAffinityClientIP {
+		// Kube-apiserver side guarantees SessionAffinityConfig won't be nil when session affinity type is ClientIP
+		stickyMaxAgeSeconds = int(*service.Spec.SessionAffinityConfig.ClientIP.TimeoutSeconds)
+	}
+	info := &BaseServiceInfo{
+		ClusterIP: net.ParseIP(service.Spec.ClusterIP),
+		Port:      int(port.Port),
+		Protocol:  port.Protocol,
+		NodePort:  int(port.NodePort),
+		// Deep-copy in case the service instance changes
+		LoadBalancerStatus:     *helper.LoadBalancerStatusDeepCopy(&service.Status.LoadBalancer),
+		SessionAffinityType:    service.Spec.SessionAffinity,
+		StickyMaxAgeSeconds:    stickyMaxAgeSeconds,
+		OnlyNodeLocalEndpoints: onlyNodeLocalEndpoints,
+	}
+
+	if sct.isIPv6Mode == nil {
+		info.ExternalIPs = make([]string, len(service.Spec.ExternalIPs))
+		info.LoadBalancerSourceRanges = make([]string, len(service.Spec.LoadBalancerSourceRanges))
+		copy(info.LoadBalancerSourceRanges, service.Spec.LoadBalancerSourceRanges)
+		copy(info.ExternalIPs, service.Spec.ExternalIPs)
+	} else {
+		// Filter out the incorrect IP version case.
+		// If ExternalIPs and LoadBalancerSourceRanges on service contains incorrect IP versions,
+		// only filter out the incorrect ones.
+		var incorrectIPs []string
+		info.ExternalIPs, incorrectIPs = utilnet.FilterIncorrectIPVersion(service.Spec.ExternalIPs, *sct.isIPv6Mode)
+		if len(incorrectIPs) > 0 {
+			utilproxy.LogAndEmitIncorrectIPVersionEvent(sct.recorder, "externalIPs", strings.Join(incorrectIPs, ","), service.Namespace, service.Name, service.UID)
+		}
+		info.LoadBalancerSourceRanges, incorrectIPs = utilnet.FilterIncorrectCIDRVersion(service.Spec.LoadBalancerSourceRanges, *sct.isIPv6Mode)
+		if len(incorrectIPs) > 0 {
+			utilproxy.LogAndEmitIncorrectIPVersionEvent(sct.recorder, "loadBalancerSourceRanges", strings.Join(incorrectIPs, ","), service.Namespace, service.Name, service.UID)
+		}
+	}
+
+	if apiservice.NeedsHealthCheck(service) {
+		p := service.Spec.HealthCheckNodePort
+		if p == 0 {
+			glog.Errorf("Service %s/%s has no healthcheck nodeport", service.Namespace, service.Name)
+		} else {
+			info.HealthCheckNodePort = int(p)
+		}
+	}
+
+	return info
+}
+
+type makeServicePortFunc func(*api.ServicePort, *api.Service, *BaseServiceInfo) ServicePort
+
+// serviceChange contains all changes to services that happened since proxy rules were synced.  For a single object,
+// changes are accumulated, i.e. previous is state from before applying the changes,
+// current is state after applying all of the changes.
+type serviceChange struct {
+	previous ServiceMap
+	current  ServiceMap
+}
+
+// ServiceChangeTracker carries state about uncommitted changes to an arbitrary number of
+// Services, keyed by their namespace and name.
+type ServiceChangeTracker struct {
+	// lock protects items.
+	lock sync.Mutex
+	// items maps a service to its serviceChange.
+	items map[types.NamespacedName]*serviceChange
+	// makeServiceInfo allows proxier to inject customized information when processing service.
+	makeServiceInfo makeServicePortFunc
+	// isIPv6Mode indicates if change tracker is under IPv6/IPv4 mode. Nil means not applicable.
+	isIPv6Mode *bool
+	recorder   record.EventRecorder
+}
+
+// NewServiceChangeTracker initializes a ServiceChangeTracker
+func NewServiceChangeTracker(makeServiceInfo makeServicePortFunc, isIPv6Mode *bool, recorder record.EventRecorder) *ServiceChangeTracker {
+	return &ServiceChangeTracker{
+		items:           make(map[types.NamespacedName]*serviceChange),
+		makeServiceInfo: makeServiceInfo,
+		isIPv6Mode:      isIPv6Mode,
+		recorder:        recorder,
+	}
+}
+
+// Update updates given service's change map based on the <previous, current> service pair.  It returns true if items changed,
+// otherwise return false.  Update can be used to add/update/delete items of ServiceChangeMap.  For example,
+// Add item
+//   - pass <nil, service> as the <previous, current> pair.
+// Update item
+//   - pass <oldService, service> as the <previous, current> pair.
+// Delete item
+//   - pass <service, nil> as the <previous, current> pair.
+func (sct *ServiceChangeTracker) Update(previous, current *api.Service) bool {
+	svc := current
+	if svc == nil {
+		svc = previous
+	}
+	// previous == nil && current == nil is unexpected, we should return false directly.
+	if svc == nil {
+		return false
+	}
+	namespacedName := types.NamespacedName{Namespace: svc.Namespace, Name: svc.Name}
+
+	sct.lock.Lock()
+	defer sct.lock.Unlock()
+
+	change, exists := sct.items[namespacedName]
+	if !exists {
+		change = &serviceChange{}
+		change.previous = sct.serviceToServiceMap(previous)
+		sct.items[namespacedName] = change
+	}
+	change.current = sct.serviceToServiceMap(current)
+	// if change.previous equal to change.current, it means no change
+	if reflect.DeepEqual(change.previous, change.current) {
+		delete(sct.items, namespacedName)
+	}
+	return len(sct.items) > 0
+}
+
+// UpdateServiceMapResult is the updated results after applying service changes.
+type UpdateServiceMapResult struct {
+	// HCServiceNodePorts is a map of Service names to node port numbers which indicate the health of that Service on this Node.
+	// The value(uint16) of HCServices map is the service health check node port.
+	HCServiceNodePorts map[types.NamespacedName]uint16
+	// UDPStaleClusterIP holds stale (no longer assigned to a Service) Service IPs that had UDP ports.
+	// Callers can use this to abort timeout-waits or clear connection-tracking information.
+	UDPStaleClusterIP sets.String
+}
+
+// UpdateServiceMap updates ServiceMap based on the given changes.
+func UpdateServiceMap(serviceMap ServiceMap, changes *ServiceChangeTracker) (result UpdateServiceMapResult) {
+	result.UDPStaleClusterIP = sets.NewString()
+	serviceMap.apply(changes, result.UDPStaleClusterIP)
+
+	// TODO: If this will appear to be computationally expensive, consider
+	// computing this incrementally similarly to serviceMap.
+	result.HCServiceNodePorts = make(map[types.NamespacedName]uint16)
+	for svcPortName, info := range serviceMap {
+		if info.GetHealthCheckNodePort() != 0 {
+			result.HCServiceNodePorts[svcPortName.NamespacedName] = uint16(info.GetHealthCheckNodePort())
+		}
+	}
+
+	return result
+}
+
+// ServiceMap maps a service to its ServicePort.
+type ServiceMap map[ServicePortName]ServicePort
+
+// serviceToServiceMap translates a single Service object to a ServiceMap.
+//
+// NOTE: service object should NOT be modified.
+func (sct *ServiceChangeTracker) serviceToServiceMap(service *api.Service) ServiceMap {
+	if service == nil {
+		return nil
+	}
+	svcName := types.NamespacedName{Namespace: service.Namespace, Name: service.Name}
+	if utilproxy.ShouldSkipService(svcName, service) {
+		return nil
+	}
+
+	if len(service.Spec.ClusterIP) != 0 {
+		// Filter out the incorrect IP version case.
+		// If ClusterIP on service has incorrect IP version, service itself will be ignored.
+		if sct.isIPv6Mode != nil && utilnet.IsIPv6String(service.Spec.ClusterIP) != *sct.isIPv6Mode {
+			utilproxy.LogAndEmitIncorrectIPVersionEvent(sct.recorder, "clusterIP", service.Spec.ClusterIP, service.Namespace, service.Name, service.UID)
+			return nil
+		}
+	}
+
+	serviceMap := make(ServiceMap)
+	for i := range service.Spec.Ports {
+		servicePort := &service.Spec.Ports[i]
+		svcPortName := ServicePortName{NamespacedName: svcName, Port: servicePort.Name}
+		baseSvcInfo := sct.newBaseServiceInfo(servicePort, service)
+		if sct.makeServiceInfo != nil {
+			serviceMap[svcPortName] = sct.makeServiceInfo(servicePort, service, baseSvcInfo)
+		} else {
+			serviceMap[svcPortName] = baseSvcInfo
+		}
+	}
+	return serviceMap
+}
+
+// apply the changes to ServiceMap and update the stale udp cluster IP set. The UDPStaleClusterIP argument is passed in to store the
+// udp protocol service cluster ip when service is deleted from the ServiceMap.
+func (serviceMap *ServiceMap) apply(changes *ServiceChangeTracker, UDPStaleClusterIP sets.String) {
+	changes.lock.Lock()
+	defer changes.lock.Unlock()
+	for _, change := range changes.items {
+		serviceMap.merge(change.current)
+		// filter out the Update event of current changes from previous changes before calling unmerge() so that can
+		// skip deleting the Update events.
+		change.previous.filter(change.current)
+		serviceMap.unmerge(change.previous, UDPStaleClusterIP)
+	}
+	// clear changes after applying them to ServiceMap.
+	changes.items = make(map[types.NamespacedName]*serviceChange)
+	return
+}
+
+// merge adds other ServiceMap's elements to current ServiceMap.
+// If collision, other ALWAYS win. Otherwise add the other to current.
+// In other words, if some elements in current collisions with other, update the current by other.
+// It returns a string type set which stores all the newly merged services' identifier, ServicePortName.String(), to help users
+// tell if a service is deleted or updated.
+// The returned value is one of the arguments of ServiceMap.unmerge().
+// ServiceMap A Merge ServiceMap B will do following 2 things:
+//   * update ServiceMap A.
+//   * produce a string set which stores all other ServiceMap's ServicePortName.String().
+// For example,
+//   - A{}
+//   - B{{"ns", "cluster-ip", "http"}: {"172.16.55.10", 1234, "TCP"}}
+//     - A updated to be {{"ns", "cluster-ip", "http"}: {"172.16.55.10", 1234, "TCP"}}
+//     - produce string set {"ns/cluster-ip:http"}
+//   - A{{"ns", "cluster-ip", "http"}: {"172.16.55.10", 345, "UDP"}}
+//   - B{{"ns", "cluster-ip", "http"}: {"172.16.55.10", 1234, "TCP"}}
+//     - A updated to be {{"ns", "cluster-ip", "http"}: {"172.16.55.10", 1234, "TCP"}}
+//     - produce string set {"ns/cluster-ip:http"}
+func (sm *ServiceMap) merge(other ServiceMap) sets.String {
+	// existingPorts is going to store all identifiers of all services in `other` ServiceMap.
+	existingPorts := sets.NewString()
+	for svcPortName, info := range other {
+		// Take ServicePortName.String() as the newly merged service's identifier and put it into existingPorts.
+		existingPorts.Insert(svcPortName.String())
+		_, exists := (*sm)[svcPortName]
+		if !exists {
+			glog.V(1).Infof("Adding new service port %q at %s", svcPortName, info.String())
+		} else {
+			glog.V(1).Infof("Updating existing service port %q at %s", svcPortName, info.String())
+		}
+		(*sm)[svcPortName] = info
+	}
+	return existingPorts
+}
+
+// filter filters out elements from ServiceMap base on given ports string sets.
+func (sm *ServiceMap) filter(other ServiceMap) {
+	for svcPortName := range *sm {
+		// skip the delete for Update event.
+		if _, ok := other[svcPortName]; ok {
+			delete(*sm, svcPortName)
+		}
+	}
+}
+
+// unmerge deletes all other ServiceMap's elements from current ServiceMap.  We pass in the UDPStaleClusterIP strings sets
+// for storing the stale udp service cluster IPs. We will clear stale udp connection base on UDPStaleClusterIP later
+func (sm *ServiceMap) unmerge(other ServiceMap, UDPStaleClusterIP sets.String) {
+	for svcPortName := range other {
+		info, exists := (*sm)[svcPortName]
+		if exists {
+			glog.V(1).Infof("Removing service port %q", svcPortName)
+			if info.GetProtocol() == api.ProtocolUDP {
+				UDPStaleClusterIP.Insert(info.ClusterIPString())
+			}
+			delete(*sm, svcPortName)
+		} else {
+			glog.Errorf("Service port %q doesn't exists", svcPortName)
+		}
+	}
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/types.go b/vendor/k8s.io/kubernetes/pkg/proxy/types.go
index 578baff693db..a3cb4d35e55c 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/types.go
@@ -20,11 +20,12 @@ import (
 	"fmt"
 
 	"k8s.io/apimachinery/pkg/types"
+	api "k8s.io/kubernetes/pkg/apis/core"
 )
 
 // ProxyProvider is the interface provided by proxier implementations.
 type ProxyProvider interface {
-	// Sync immediately synchronizes the ProxyProvider's current state to iptables.
+	// Sync immediately synchronizes the ProxyProvider's current state to proxy rules.
 	Sync()
 	// SyncLoop runs periodic work.
 	// This is expected to run as a goroutine or as the main loop of the app.
@@ -33,7 +34,7 @@ type ProxyProvider interface {
 }
 
 // ServicePortName carries a namespace + name + portname.  This is the unique
-// identfier for a load-balanced service.
+// identifier for a load-balanced service.
 type ServicePortName struct {
 	types.NamespacedName
 	Port string
@@ -42,3 +43,37 @@ type ServicePortName struct {
 func (spn ServicePortName) String() string {
 	return fmt.Sprintf("%s:%s", spn.NamespacedName.String(), spn.Port)
 }
+
+// ServicePort is an interface which abstracts information about a service.
+type ServicePort interface {
+	// String returns service string.  An example format can be: `IP:Port/Protocol`.
+	String() string
+	// ClusterIPString returns service cluster IP in string format.
+	ClusterIPString() string
+	// GetProtocol returns service protocol.
+	GetProtocol() api.Protocol
+	// GetHealthCheckNodePort returns service health check node port if present.  If return 0, it means not present.
+	GetHealthCheckNodePort() int
+}
+
+// Endpoint in an interface which abstracts information about an endpoint.
+// TODO: Rename functions to be consistent with ServicePort.
+type Endpoint interface {
+	// String returns endpoint string.  An example format can be: `IP:Port`.
+	// We take the returned value as ServiceEndpoint.Endpoint.
+	String() string
+	// GetIsLocal returns true if the endpoint is running in same host as kube-proxy, otherwise returns false.
+	GetIsLocal() bool
+	// IP returns IP part of the endpoint.
+	IP() string
+	// Port returns the Port part of the endpoint.
+	Port() (int, error)
+	// Equal checks if two endpoints are equal.
+	Equal(Endpoint) bool
+}
+
+// ServiceEndpoint is used to identify a service and one of its endpoint pair.
+type ServiceEndpoint struct {
+	Endpoint        string
+	ServicePortName ServicePortName
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/userspace/BUILD b/vendor/k8s.io/kubernetes/pkg/proxy/userspace/BUILD
index f533d0daa200..715e176fb90e 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/userspace/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/userspace/BUILD
@@ -13,11 +13,40 @@ go_library(
         "port_allocator.go",
         "proxier.go",
         "proxysocket.go",
-        "rlimit.go",
         "roundrobin.go",
         "udp_server.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "rlimit.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "rlimit.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "rlimit.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "rlimit.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "rlimit.go",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "rlimit.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "rlimit.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "rlimit.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "rlimit.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "rlimit.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
             "rlimit_windows.go",
         ],
         "//conditions:default": [],
@@ -28,10 +57,11 @@ go_library(
         "//pkg/apis/core/helper:go_default_library",
         "//pkg/proxy:go_default_library",
         "//pkg/proxy/util:go_default_library",
+        "//pkg/util/conntrack:go_default_library",
         "//pkg/util/iptables:go_default_library",
         "//pkg/util/slice:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
-        "//vendor/golang.org/x/sys/unix:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
@@ -39,7 +69,39 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/utils/exec:go_default_library",
-    ],
+    ] + select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "//conditions:default": [],
+    }),
 )
 
 go_test(
@@ -49,8 +111,7 @@ go_test(
         "proxier_test.go",
         "roundrobin_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/proxy/userspace",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/proxy:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/userspace/proxier.go b/vendor/k8s.io/kubernetes/pkg/proxy/userspace/proxier.go
index 8c4f622e1158..3fc49c06426b 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/userspace/proxier.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/userspace/proxier.go
@@ -26,6 +26,7 @@ import (
 	"time"
 
 	"github.com/golang/glog"
+	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
 	utilnet "k8s.io/apimachinery/pkg/util/net"
 	api "k8s.io/kubernetes/pkg/apis/core"
@@ -36,6 +37,7 @@ import (
 	"k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/sets"
 	utilproxy "k8s.io/kubernetes/pkg/proxy/util"
+	"k8s.io/kubernetes/pkg/util/conntrack"
 	"k8s.io/kubernetes/pkg/util/iptables"
 	utilexec "k8s.io/utils/exec"
 )
@@ -123,7 +125,7 @@ type portMapKey struct {
 }
 
 func (k *portMapKey) String() string {
-	return fmt.Sprintf("%s:%d/%s", k.ip, k.port, k.protocol)
+	return fmt.Sprintf("%s/%s", net.JoinHostPort(k.ip, strconv.Itoa(k.port)), k.protocol)
 }
 
 // A value for the portMap
@@ -153,15 +155,15 @@ func IsProxyLocked(err error) bool {
 // if iptables fails to update or acquire the initial lock. Once a proxier is
 // created, it will keep iptables up to date in the background and will not
 // terminate if a particular iptables call fails.
-func NewProxier(loadBalancer LoadBalancer, listenIP net.IP, iptables iptables.Interface, exec utilexec.Interface, pr utilnet.PortRange, syncPeriod, minSyncPeriod, udpIdleTimeout time.Duration) (*Proxier, error) {
-	return NewCustomProxier(loadBalancer, listenIP, iptables, exec, pr, syncPeriod, minSyncPeriod, udpIdleTimeout, newProxySocket)
+func NewProxier(loadBalancer LoadBalancer, listenIP net.IP, iptables iptables.Interface, exec utilexec.Interface, pr utilnet.PortRange, syncPeriod, minSyncPeriod, udpIdleTimeout time.Duration, nodePortAddresses []string) (*Proxier, error) {
+	return NewCustomProxier(loadBalancer, listenIP, iptables, exec, pr, syncPeriod, minSyncPeriod, udpIdleTimeout, nodePortAddresses, newProxySocket)
 }
 
-// NewCustomProxier functions similarly to NewProxier, returing a new Proxier
+// NewCustomProxier functions similarly to NewProxier, returning a new Proxier
 // for the given LoadBalancer and address.  The new proxier is constructed using
 // the ProxySocket constructor provided, however, instead of constructing the
 // default ProxySockets.
-func NewCustomProxier(loadBalancer LoadBalancer, listenIP net.IP, iptables iptables.Interface, exec utilexec.Interface, pr utilnet.PortRange, syncPeriod, minSyncPeriod, udpIdleTimeout time.Duration, makeProxySocket ProxySocketFunc) (*Proxier, error) {
+func NewCustomProxier(loadBalancer LoadBalancer, listenIP net.IP, iptables iptables.Interface, exec utilexec.Interface, pr utilnet.PortRange, syncPeriod, minSyncPeriod, udpIdleTimeout time.Duration, nodePortAddresses []string, makeProxySocket ProxySocketFunc) (*Proxier, error) {
 	if listenIP.Equal(localhostIPv4) || listenIP.Equal(localhostIPv6) {
 		return nil, ErrProxyOnLocalhost
 	}
@@ -170,7 +172,7 @@ func NewCustomProxier(loadBalancer LoadBalancer, listenIP net.IP, iptables iptab
 	// try to find a suitable host IP address from network interfaces.
 	var err error
 	hostIP := listenIP
-	if hostIP.Equal(net.IPv4zero) {
+	if hostIP.Equal(net.IPv4zero) || hostIP.Equal(net.IPv6zero) {
 		hostIP, err = utilnet.ChooseHostInterface()
 		if err != nil {
 			return nil, fmt.Errorf("failed to select a host interface: %v", err)
@@ -435,7 +437,7 @@ func (proxier *Proxier) mergeService(service *api.Service) sets.String {
 		}
 
 		serviceIP := net.ParseIP(service.Spec.ClusterIP)
-		glog.V(1).Infof("Adding new service %q at %s:%d/%s", serviceName, serviceIP, servicePort.Port, servicePort.Protocol)
+		glog.V(1).Infof("Adding new service %q at %s/%s", serviceName, net.JoinHostPort(serviceIP.String(), strconv.Itoa(int(servicePort.Port))), servicePort.Protocol)
 		info, err = proxier.addServiceOnPort(serviceName, servicePort.Protocol, proxyPort, proxier.udpIdleTimeout)
 		if err != nil {
 			glog.Errorf("Failed to start proxy for %q: %v", serviceName, err)
@@ -504,7 +506,7 @@ func (proxier *Proxier) unmergeService(service *api.Service, existingPorts sets.
 		proxier.loadBalancer.DeleteService(serviceName)
 	}
 	for _, svcIP := range staleUDPServices.UnsortedList() {
-		if err := utilproxy.ClearUDPConntrackForIP(proxier.exec, svcIP); err != nil {
+		if err := conntrack.ClearEntriesForIP(proxier.exec, svcIP, v1.ProtocolUDP); err != nil {
 			glog.Errorf("Failed to delete stale service IP %s connections, error: %v", svcIP, err)
 		}
 	}
@@ -597,13 +599,14 @@ func (proxier *Proxier) openOnePortal(portal portal, protocol api.Protocol, prox
 
 	// Handle traffic from containers.
 	args := proxier.iptablesContainerPortalArgs(portal.ip, portal.isExternal, false, portal.port, protocol, proxyIP, proxyPort, name)
+	portalAddress := net.JoinHostPort(portal.ip.String(), strconv.Itoa(portal.port))
 	existed, err := proxier.iptables.EnsureRule(iptables.Append, iptables.TableNAT, iptablesContainerPortalChain, args...)
 	if err != nil {
 		glog.Errorf("Failed to install iptables %s rule for service %q, args:%v", iptablesContainerPortalChain, name, args)
 		return err
 	}
 	if !existed {
-		glog.V(3).Infof("Opened iptables from-containers portal for service %q on %s %s:%d", name, protocol, portal.ip, portal.port)
+		glog.V(3).Infof("Opened iptables from-containers portal for service %q on %s %s", name, protocol, portalAddress)
 	}
 	if portal.isExternal {
 		args := proxier.iptablesContainerPortalArgs(portal.ip, false, true, portal.port, protocol, proxyIP, proxyPort, name)
@@ -613,7 +616,7 @@ func (proxier *Proxier) openOnePortal(portal portal, protocol api.Protocol, prox
 			return err
 		}
 		if !existed {
-			glog.V(3).Infof("Opened iptables from-containers portal for service %q on %s %s:%d for local traffic", name, protocol, portal.ip, portal.port)
+			glog.V(3).Infof("Opened iptables from-containers portal for service %q on %s %s for local traffic", name, protocol, portalAddress)
 		}
 
 		args = proxier.iptablesHostPortalArgs(portal.ip, true, portal.port, protocol, proxyIP, proxyPort, name)
@@ -623,7 +626,7 @@ func (proxier *Proxier) openOnePortal(portal portal, protocol api.Protocol, prox
 			return err
 		}
 		if !existed {
-			glog.V(3).Infof("Opened iptables from-host portal for service %q on %s %s:%d for dst-local traffic", name, protocol, portal.ip, portal.port)
+			glog.V(3).Infof("Opened iptables from-host portal for service %q on %s %s for dst-local traffic", name, protocol, portalAddress)
 		}
 		return nil
 	}
@@ -636,7 +639,7 @@ func (proxier *Proxier) openOnePortal(portal portal, protocol api.Protocol, prox
 		return err
 	}
 	if !existed {
-		glog.V(3).Infof("Opened iptables from-host portal for service %q on %s %s:%d", name, protocol, portal.ip, portal.port)
+		glog.V(3).Infof("Opened iptables from-host portal for service %q on %s %s", name, protocol, portalAddress)
 	}
 	return nil
 }
@@ -964,7 +967,7 @@ func iptablesCommonPortalArgs(destIP net.IP, addPhysicalInterfaceMatch bool, add
 	}
 
 	if destIP != nil {
-		args = append(args, "-d", fmt.Sprintf("%s/32", destIP.String()))
+		args = append(args, "-d", utilproxy.ToCIDR(destIP))
 	}
 
 	if addPhysicalInterfaceMatch {
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/userspace/proxysocket.go b/vendor/k8s.io/kubernetes/pkg/proxy/userspace/proxysocket.go
index d65ac02a0cce..207004b1cb2d 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/userspace/proxysocket.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/userspace/proxysocket.go
@@ -87,7 +87,7 @@ func (tcp *tcpProxySocket) ListenPort() int {
 }
 
 // TryConnectEndpoints attempts to connect to the next available endpoint for the given service, cycling
-// through until it is able to successully connect, or it has tried with all timeouts in EndpointDialTimeouts.
+// through until it is able to successfully connect, or it has tried with all timeouts in EndpointDialTimeouts.
 func TryConnectEndpoints(service proxy.ServicePortName, srcAddr net.Addr, protocol string, loadBalancer LoadBalancer) (out net.Conn, err error) {
 	sessionAffinityReset := false
 	for _, dialTimeout := range EndpointDialTimeouts {
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/util/BUILD b/vendor/k8s.io/kubernetes/pkg/proxy/util/BUILD
index 2956b5212694..91e24087a435 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/util/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/util/BUILD
@@ -3,8 +3,8 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 go_library(
     name = "go_default_library",
     srcs = [
-        "conntrack.go",
         "endpoints.go",
+        "network.go",
         "port.go",
         "utils.go",
     ],
@@ -13,28 +13,29 @@ go_library(
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/helper:go_default_library",
+        "//pkg/util/net:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
-        "//vendor/k8s.io/utils/exec:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//vendor/k8s.io/client-go/tools/record:go_default_library",
     ],
 )
 
 go_test(
     name = "go_default_test",
     srcs = [
-        "conntrack_test.go",
         "endpoints_test.go",
         "port_test.go",
         "utils_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/proxy/util",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
+        "//pkg/proxy/util/testing:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
-        "//vendor/k8s.io/utils/exec:go_default_library",
-        "//vendor/k8s.io/utils/exec/testing:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
     ],
 )
 
@@ -47,7 +48,10 @@ filegroup(
 
 filegroup(
     name = "all-srcs",
-    srcs = [":package-srcs"],
+    srcs = [
+        ":package-srcs",
+        "//pkg/proxy/util/testing:all-srcs",
+    ],
     tags = ["automanaged"],
     visibility = ["//visibility:public"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/util/endpoints.go b/vendor/k8s.io/kubernetes/pkg/proxy/util/endpoints.go
index 449e112619db..7c91b9cd6a10 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/util/endpoints.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/util/endpoints.go
@@ -47,6 +47,7 @@ func IPPart(s string) string {
 	return ""
 }
 
+// PortPart returns just the port part of an endpoint string.
 func PortPart(s string) (int, error) {
 	// Must be IP:port
 	_, port, err := net.SplitHostPort(s)
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/util/network.go b/vendor/k8s.io/kubernetes/pkg/proxy/util/network.go
new file mode 100644
index 000000000000..fa5c9fc7535f
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/util/network.go
@@ -0,0 +1,45 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package util
+
+import (
+	"net"
+)
+
+// NetworkInterfacer defines an interface for several net library functions. Production
+// code will forward to net library functions, and unit tests will override the methods
+// for testing purposes.
+type NetworkInterfacer interface {
+	Addrs(intf *net.Interface) ([]net.Addr, error)
+	Interfaces() ([]net.Interface, error)
+}
+
+// RealNetwork implements the NetworkInterfacer interface for production code, just
+// wrapping the underlying net library function calls.
+type RealNetwork struct{}
+
+// Addrs wraps net.Interface.Addrs(), it's a part of NetworkInterfacer interface.
+func (_ RealNetwork) Addrs(intf *net.Interface) ([]net.Addr, error) {
+	return intf.Addrs()
+}
+
+// Interfaces wraps net.Interfaces(), it's a part of NetworkInterfacer interface.
+func (_ RealNetwork) Interfaces() ([]net.Interface, error) {
+	return net.Interfaces()
+}
+
+var _ NetworkInterfacer = &RealNetwork{}
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/util/utils.go b/vendor/k8s.io/kubernetes/pkg/proxy/util/utils.go
index cac0140c3860..d766a1d4ebb3 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/util/utils.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/util/utils.go
@@ -17,15 +17,32 @@ limitations under the License.
 package util
 
 import (
+	"fmt"
 	"net"
 
+	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/client-go/tools/record"
 	api "k8s.io/kubernetes/pkg/apis/core"
 	"k8s.io/kubernetes/pkg/apis/core/helper"
+	utilnet "k8s.io/kubernetes/pkg/util/net"
 
 	"github.com/golang/glog"
 )
 
+const (
+	IPv4ZeroCIDR = "0.0.0.0/0"
+	IPv6ZeroCIDR = "::/0"
+)
+
+func IsZeroCIDR(cidr string) bool {
+	if cidr == IPv4ZeroCIDR || cidr == IPv6ZeroCIDR {
+		return true
+	}
+	return false
+}
+
 func IsLocalIP(ip string) (bool, error) {
 	addrs, err := net.InterfaceAddrs()
 	if err != nil {
@@ -56,3 +73,76 @@ func ShouldSkipService(svcName types.NamespacedName, service *api.Service) bool
 	}
 	return false
 }
+
+// GetNodeAddresses return all matched node IP addresses based on given cidr slice.
+// Some callers, e.g. IPVS proxier, need concrete IPs, not ranges, which is why this exists.
+// NetworkInterfacer is injected for test purpose.
+// We expect the cidrs passed in is already validated.
+// Given an empty input `[]`, it will return `0.0.0.0/0` and `::/0` directly.
+// If multiple cidrs is given, it will return the minimal IP sets, e.g. given input `[1.2.0.0/16, 0.0.0.0/0]`, it will
+// only return `0.0.0.0/0`.
+// NOTE: GetNodeAddresses only accepts CIDRs, if you want concrete IPs, e.g. 1.2.3.4, then the input should be 1.2.3.4/32.
+func GetNodeAddresses(cidrs []string, nw NetworkInterfacer) (sets.String, error) {
+	uniqueAddressList := sets.NewString()
+	if len(cidrs) == 0 {
+		uniqueAddressList.Insert(IPv4ZeroCIDR)
+		uniqueAddressList.Insert(IPv6ZeroCIDR)
+		return uniqueAddressList, nil
+	}
+	// First round of iteration to pick out `0.0.0.0/0` or `::/0` for the sake of excluding non-zero IPs.
+	for _, cidr := range cidrs {
+		if IsZeroCIDR(cidr) {
+			uniqueAddressList.Insert(cidr)
+		}
+	}
+	// Second round of iteration to parse IPs based on cidr.
+	for _, cidr := range cidrs {
+		if IsZeroCIDR(cidr) {
+			continue
+		}
+		_, ipNet, _ := net.ParseCIDR(cidr)
+		itfs, err := nw.Interfaces()
+		if err != nil {
+			return nil, fmt.Errorf("error listing all interfaces from host, error: %v", err)
+		}
+		for _, itf := range itfs {
+			addrs, err := nw.Addrs(&itf)
+			if err != nil {
+				return nil, fmt.Errorf("error getting address from interface %s, error: %v", itf.Name, err)
+			}
+			for _, addr := range addrs {
+				if addr == nil {
+					continue
+				}
+				ip, _, err := net.ParseCIDR(addr.String())
+				if err != nil {
+					return nil, fmt.Errorf("error parsing CIDR for interface %s, error: %v", itf.Name, err)
+				}
+				if ipNet.Contains(ip) {
+					if utilnet.IsIPv6(ip) && !uniqueAddressList.Has(IPv6ZeroCIDR) {
+						uniqueAddressList.Insert(ip.String())
+					}
+					if !utilnet.IsIPv6(ip) && !uniqueAddressList.Has(IPv4ZeroCIDR) {
+						uniqueAddressList.Insert(ip.String())
+					}
+				}
+			}
+		}
+	}
+	return uniqueAddressList, nil
+}
+
+// LogAndEmitIncorrectIPVersionEvent logs and emits incorrect IP version event.
+func LogAndEmitIncorrectIPVersionEvent(recorder record.EventRecorder, fieldName, fieldValue, svcNamespace, svcName string, svcUID types.UID) {
+	errMsg := fmt.Sprintf("%s in %s has incorrect IP version", fieldValue, fieldName)
+	glog.Errorf("%s (service %s/%s).", errMsg, svcNamespace, svcName)
+	if recorder != nil {
+		recorder.Eventf(
+			&v1.ObjectReference{
+				Kind:      "Service",
+				Name:      svcName,
+				Namespace: svcNamespace,
+				UID:       svcUID,
+			}, v1.EventTypeWarning, "KubeProxyIncorrectIPVersion", errMsg)
+	}
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/winkernel/BUILD b/vendor/k8s.io/kubernetes/pkg/proxy/winkernel/BUILD
index 42494391696e..30d4bb6f99f4 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/winkernel/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/winkernel/BUILD
@@ -1,11 +1,11 @@
-load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
 
 go_library(
     name = "go_default_library",
     srcs = [
         "metrics.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:windows": [
             "proxier.go",
         ],
         "//conditions:default": [],
@@ -15,11 +15,10 @@ go_library(
     deps = [
         "//vendor/github.com/prometheus/client_golang/prometheus:go_default_library",
     ] + select({
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:windows": [
             "//pkg/api/service:go_default_library",
             "//pkg/apis/core:go_default_library",
             "//pkg/apis/core/helper:go_default_library",
-            "//pkg/features:go_default_library",
             "//pkg/proxy:go_default_library",
             "//pkg/proxy/healthcheck:go_default_library",
             "//pkg/util/async:go_default_library",
@@ -29,40 +28,12 @@ go_library(
             "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
             "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
             "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
-            "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
             "//vendor/k8s.io/client-go/tools/record:go_default_library",
         ],
         "//conditions:default": [],
     }),
 )
 
-go_test(
-    name = "go_default_test",
-    srcs = select({
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
-            "proxier_test.go",
-        ],
-        "//conditions:default": [],
-    }),
-    importpath = "k8s.io/kubernetes/pkg/proxy/winkernel",
-    library = ":go_default_library",
-    deps = select({
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
-            "//pkg/apis/core:go_default_library",
-            "//pkg/proxy:go_default_library",
-            "//pkg/util/async:go_default_library",
-            "//vendor/github.com/davecgh/go-spew/spew:go_default_library",
-            "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-            "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
-            "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
-            "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
-            "//vendor/k8s.io/utils/exec:go_default_library",
-            "//vendor/k8s.io/utils/exec/testing:go_default_library",
-        ],
-        "//conditions:default": [],
-    }),
-)
-
 filegroup(
     name = "package-srcs",
     srcs = glob(["**"]),
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/winkernel/proxier.go b/vendor/k8s.io/kubernetes/pkg/proxy/winkernel/proxier.go
index 5d56561c4222..595286520cee 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/winkernel/proxier.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/winkernel/proxier.go
@@ -35,12 +35,10 @@ import (
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/apimachinery/pkg/util/wait"
-	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	"k8s.io/client-go/tools/record"
 	apiservice "k8s.io/kubernetes/pkg/api/service"
 	api "k8s.io/kubernetes/pkg/apis/core"
 	"k8s.io/kubernetes/pkg/apis/core/helper"
-	"k8s.io/kubernetes/pkg/features"
 	"k8s.io/kubernetes/pkg/proxy"
 	"k8s.io/kubernetes/pkg/proxy/healthcheck"
 	"k8s.io/kubernetes/pkg/util/async"
@@ -160,8 +158,7 @@ func (ep *endpointsInfo) Cleanup() {
 // returns a new serviceInfo struct
 func newServiceInfo(svcPortName proxy.ServicePortName, port *api.ServicePort, service *api.Service) *serviceInfo {
 	onlyNodeLocalEndpoints := false
-	if utilfeature.DefaultFeatureGate.Enabled(features.ExternalTrafficLocalOnly) &&
-		apiservice.RequestsOnlyLocalTraffic(service) {
+	if apiservice.RequestsOnlyLocalTraffic(service) {
 		onlyNodeLocalEndpoints = true
 	}
 
@@ -474,7 +471,7 @@ func NewProxier(
 	}
 	hnsNetwork, err := getHnsNetworkInfo(hnsNetworkName)
 	if err != nil {
-		glog.Fatalf("Unable to find Hns Network speficied by %s. Please check environment variable KUBE_NETWORK", hnsNetworkName)
+		glog.Fatalf("Unable to find Hns Network specified by %s. Please check environment variable KUBE_NETWORK", hnsNetworkName)
 		return nil, err
 	}
 
@@ -825,10 +822,6 @@ func (proxier *Proxier) updateEndpointsMap() (result updateEndpointMapResult) {
 		changes.items = make(map[types.NamespacedName]*endpointsChange)
 	}()
 
-	if !utilfeature.DefaultFeatureGate.Enabled(features.ExternalTrafficLocalOnly) {
-		return
-	}
-
 	// TODO: If this will appear to be computationally expensive, consider
 	// computing this incrementally similarly to endpointsMap.
 	result.hcEndpoints = make(map[types.NamespacedName]int)
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/winuserspace/BUILD b/vendor/k8s.io/kubernetes/pkg/proxy/winuserspace/BUILD
index cd583ef26959..4a4829c87439 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/winuserspace/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/winuserspace/BUILD
@@ -39,8 +39,7 @@ go_test(
         "proxier_test.go",
         "roundrobin_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/proxy/winuserspace",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/proxy:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/winuserspace/proxier.go b/vendor/k8s.io/kubernetes/pkg/proxy/winuserspace/proxier.go
index 5b318164220d..a94503ed01ee 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/winuserspace/proxier.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/winuserspace/proxier.go
@@ -19,6 +19,7 @@ package winuserspace
 import (
 	"fmt"
 	"net"
+	"strconv"
 	"strings"
 	"sync"
 	"sync/atomic"
@@ -103,7 +104,7 @@ type portMapKey struct {
 }
 
 func (k *portMapKey) String() string {
-	return fmt.Sprintf("%s:%d/%s", k.ip, k.port, k.protocol)
+	return fmt.Sprintf("%s/%s", net.JoinHostPort(k.ip, strconv.Itoa(k.port)), k.protocol)
 }
 
 // A value for the portMap
@@ -233,7 +234,7 @@ func (proxier *Proxier) addServicePortPortal(servicePortPortalName ServicePortPo
 		if existed, err := proxier.netsh.EnsureIPAddress(args, serviceIP); err != nil {
 			return nil, err
 		} else if !existed {
-			glog.V(3).Infof("Added ip address to fowarder interface for service %q at %s:%d/%s", servicePortPortalName, listenIP, port, protocol)
+			glog.V(3).Infof("Added ip address to fowarder interface for service %q at %s/%s", servicePortPortalName, net.JoinHostPort(listenIP, strconv.Itoa(port)), protocol)
 		}
 	}
 
@@ -258,7 +259,7 @@ func (proxier *Proxier) addServicePortPortal(servicePortPortalName ServicePortPo
 	}
 	proxier.setServiceInfo(servicePortPortalName, si)
 
-	glog.V(2).Infof("Proxying for service %q at %s:%d/%s", servicePortPortalName, listenIP, port, protocol)
+	glog.V(2).Infof("Proxying for service %q at %s/%s", servicePortPortalName, net.JoinHostPort(listenIP, strconv.Itoa(port)), protocol)
 	go func(service ServicePortPortalName, proxier *Proxier) {
 		defer runtime.HandleCrash()
 		atomic.AddInt32(&proxier.numProxyLoops, 1)
@@ -341,7 +342,7 @@ func (proxier *Proxier) mergeService(service *api.Service) map[ServicePortPortal
 					glog.Errorf("Failed to close service port portal %q: %v", servicePortPortalName, err)
 				}
 			}
-			glog.V(1).Infof("Adding new service %q at %s:%d/%s", servicePortPortalName, listenIP, listenPort, protocol)
+			glog.V(1).Infof("Adding new service %q at %s/%s", servicePortPortalName, net.JoinHostPort(listenIP, strconv.Itoa(listenPort)), protocol)
 			info, err := proxier.addServicePortPortal(servicePortPortalName, protocol, listenIP, listenPort, proxier.udpIdleTimeout)
 			if err != nil {
 				glog.Errorf("Failed to start proxy for %q: %v", servicePortPortalName, err)
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/winuserspace/proxysocket.go b/vendor/k8s.io/kubernetes/pkg/proxy/winuserspace/proxysocket.go
index ed87f1975377..85823b737ef1 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/winuserspace/proxysocket.go
+++ b/vendor/k8s.io/kubernetes/pkg/proxy/winuserspace/proxysocket.go
@@ -382,7 +382,7 @@ func processUnpackedDNSResponsePacket(
 	if found {
 		index := atomic.SwapInt32(&state.searchIndex, state.searchIndex+1)
 		if rcode != 0 && index >= 0 && index < int32(len(dnsSearch)) {
-			// If the reponse has failure and iteration through the search list has not
+			// If the response has failure and iteration through the search list has not
 			// reached the end, retry on behalf of the client using the original query message
 			drop = true
 			length, err = appendDNSSuffix(state.msg, buffer, length, dnsSearch[index])
@@ -477,7 +477,7 @@ func processDNSResponsePacket(
 
 	// QDCOUNT
 	if len(msg.Question) != 1 {
-		glog.V(1).Infof("Number of entries in the reponse section of the DNS packet is: %d", len(msg.Answer))
+		glog.V(1).Infof("Number of entries in the response section of the DNS packet is: %d", len(msg.Answer))
 		return drop, length, nil
 	}
 
diff --git a/vendor/k8s.io/kubernetes/pkg/quota/BUILD b/vendor/k8s.io/kubernetes/pkg/quota/BUILD
index 7d5cd09601d9..dc2584b683a8 100644
--- a/vendor/k8s.io/kubernetes/pkg/quota/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/quota/BUILD
@@ -28,8 +28,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["resources_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/quota",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/quota/OWNERS b/vendor/k8s.io/kubernetes/pkg/quota/OWNERS
index d2eabe9cd4ef..7025d6d6eea1 100644
--- a/vendor/k8s.io/kubernetes/pkg/quota/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/quota/OWNERS
@@ -1,8 +1,9 @@
 approvers:
+- deads2k
 - derekwaynecarr
 - vishh
 reviewers:
-- smarterclayton
 - deads2k
 - derekwaynecarr
+- smarterclayton
 - vishh
diff --git a/vendor/k8s.io/kubernetes/pkg/quota/evaluator/core/BUILD b/vendor/k8s.io/kubernetes/pkg/quota/evaluator/core/BUILD
index 85d50d0855ae..8d254028c7cd 100644
--- a/vendor/k8s.io/kubernetes/pkg/quota/evaluator/core/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/quota/evaluator/core/BUILD
@@ -21,7 +21,6 @@ go_library(
         "//pkg/apis/core/helper:go_default_library",
         "//pkg/apis/core/helper/qos:go_default_library",
         "//pkg/apis/core/v1:go_default_library",
-        "//pkg/apis/core/validation:go_default_library",
         "//pkg/features:go_default_library",
         "//pkg/kubeapiserver/admission/util:go_default_library",
         "//pkg/quota:go_default_library",
@@ -34,7 +33,6 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/util/initialization:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/features:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
@@ -48,8 +46,7 @@ go_test(
         "pods_test.go",
         "services_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/quota/evaluator/core",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/quota:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/quota/evaluator/core/persistent_volume_claims.go b/vendor/k8s.io/kubernetes/pkg/quota/evaluator/core/persistent_volume_claims.go
index 9032dcaf7b1d..4547f370d5be 100644
--- a/vendor/k8s.io/kubernetes/pkg/quota/evaluator/core/persistent_volume_claims.go
+++ b/vendor/k8s.io/kubernetes/pkg/quota/evaluator/core/persistent_volume_claims.go
@@ -42,7 +42,7 @@ import (
 var pvcObjectCountName = generic.ObjectCountQuotaResourceNameFor(v1.SchemeGroupVersion.WithResource("persistentvolumeclaims").GroupResource())
 
 // pvcResources are the set of static resources managed by quota associated with pvcs.
-// for each resouce in this list, it may be refined dynamically based on storage class.
+// for each resource in this list, it may be refined dynamically based on storage class.
 var pvcResources = []api.ResourceName{
 	api.ResourcePersistentVolumeClaims,
 	api.ResourceRequestsStorage,
diff --git a/vendor/k8s.io/kubernetes/pkg/quota/evaluator/core/pods.go b/vendor/k8s.io/kubernetes/pkg/quota/evaluator/core/pods.go
index ba935eab5afc..a2d94c96c789 100644
--- a/vendor/k8s.io/kubernetes/pkg/quota/evaluator/core/pods.go
+++ b/vendor/k8s.io/kubernetes/pkg/quota/evaluator/core/pods.go
@@ -29,12 +29,11 @@ import (
 	"k8s.io/apimachinery/pkg/util/clock"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/sets"
-	"k8s.io/apimachinery/pkg/util/validation/field"
 	"k8s.io/apiserver/pkg/admission"
 	api "k8s.io/kubernetes/pkg/apis/core"
+	"k8s.io/kubernetes/pkg/apis/core/helper"
 	"k8s.io/kubernetes/pkg/apis/core/helper/qos"
 	k8s_api_v1 "k8s.io/kubernetes/pkg/apis/core/v1"
-	"k8s.io/kubernetes/pkg/apis/core/validation"
 	"k8s.io/kubernetes/pkg/kubeapiserver/admission/util"
 	"k8s.io/kubernetes/pkg/quota"
 	"k8s.io/kubernetes/pkg/quota/generic"
@@ -71,17 +70,20 @@ var requestedResourcePrefixes = []string{
 	api.ResourceHugePagesPrefix,
 }
 
-const (
-	requestsPrefix = "requests."
-	limitsPrefix   = "limits."
-)
-
 // maskResourceWithPrefix mask resource with certain prefix
 // e.g. hugepages-XXX -> requests.hugepages-XXX
 func maskResourceWithPrefix(resource api.ResourceName, prefix string) api.ResourceName {
 	return api.ResourceName(fmt.Sprintf("%s%s", prefix, string(resource)))
 }
 
+// isExtendedResourceNameForQuota returns true if the extended resource name
+// has the quota related resource prefix.
+func isExtendedResourceNameForQuota(name api.ResourceName) bool {
+	// As overcommit is not supported by extended resources for now,
+	// only quota objects in format of "requests.resourceName" is allowed.
+	return !helper.IsDefaultNamespaceResource(name) && strings.HasPrefix(string(name), api.DefaultResourceRequestsPrefix)
+}
+
 // NOTE: it was a mistake, but if a quota tracks cpu or memory related resources,
 // the incoming pod is required to have those values set.  we should not repeat
 // this mistake for other future resources (gpus, ephemeral-storage,etc).
@@ -118,23 +120,6 @@ func (p *podEvaluator) Constraints(required []api.ResourceName, item runtime.Obj
 		return fmt.Errorf("Unexpected input object %v", item)
 	}
 
-	// Pod level resources are often set during admission control
-	// As a consequence, we want to verify that resources are valid prior
-	// to ever charging quota prematurely in case they are not.
-	// TODO remove this entire section when we have a validation step in admission.
-	allErrs := field.ErrorList{}
-	fldPath := field.NewPath("spec").Child("containers")
-	for i, ctr := range pod.Spec.Containers {
-		allErrs = append(allErrs, validation.ValidateResourceRequirements(&ctr.Resources, fldPath.Index(i).Child("resources"))...)
-	}
-	fldPath = field.NewPath("spec").Child("initContainers")
-	for i, ctr := range pod.Spec.InitContainers {
-		allErrs = append(allErrs, validation.ValidateResourceRequirements(&ctr.Resources, fldPath.Index(i).Child("resources"))...)
-	}
-	if len(allErrs) > 0 {
-		return allErrs.ToAggregate()
-	}
-
 	// BACKWARD COMPATIBILITY REQUIREMENT: if we quota cpu or memory, then each container
 	// must make an explicit request for the resource.  this was a mistake.  it coupled
 	// validation with resource counting, but we did this before QoS was even defined.
@@ -183,9 +168,14 @@ func (p *podEvaluator) Matches(resourceQuota *api.ResourceQuota, item runtime.Ob
 func (p *podEvaluator) MatchingResources(input []api.ResourceName) []api.ResourceName {
 	result := quota.Intersection(input, podResources)
 	for _, resource := range input {
+		// for resources with certain prefix, e.g. hugepages
 		if quota.ContainsPrefix(podResourcePrefixes, resource) {
 			result = append(result, resource)
 		}
+		// for extended resources
+		if isExtendedResourceNameForQuota(resource) {
+			result = append(result, resource)
+		}
 	}
 
 	return result
@@ -244,14 +234,15 @@ func podComputeUsageHelper(requests api.ResourceList, limits api.ResourceList) a
 		result[api.ResourceLimitsEphemeralStorage] = limit
 	}
 	for resource, request := range requests {
+		// for resources with certain prefix, e.g. hugepages
 		if quota.ContainsPrefix(requestedResourcePrefixes, resource) {
 			result[resource] = request
-			result[maskResourceWithPrefix(resource, requestsPrefix)] = request
+			result[maskResourceWithPrefix(resource, api.DefaultResourceRequestsPrefix)] = request
 		}
-	}
-	for resource, limit := range limits {
-		if quota.ContainsPrefix(requestedResourcePrefixes, resource) {
-			result[maskResourceWithPrefix(resource, limitsPrefix)] = limit
+		// for extended resources
+		if helper.IsExtendedResourceName(resource) {
+			// only quota objects in format of "requests.resourceName" is allowed for extended resource.
+			result[maskResourceWithPrefix(resource, api.DefaultResourceRequestsPrefix)] = request
 		}
 	}
 
diff --git a/vendor/k8s.io/kubernetes/pkg/quota/evaluator/core/services.go b/vendor/k8s.io/kubernetes/pkg/quota/evaluator/core/services.go
index f4dec5973a26..cdddaf064a80 100644
--- a/vendor/k8s.io/kubernetes/pkg/quota/evaluator/core/services.go
+++ b/vendor/k8s.io/kubernetes/pkg/quota/evaluator/core/services.go
@@ -132,15 +132,6 @@ func (p *serviceEvaluator) UsageStats(options quota.UsageStatsOptions) (quota.Us
 
 var _ quota.Evaluator = &serviceEvaluator{}
 
-// QuotaServiceType returns true if the service type is eligible to track against a quota
-func QuotaServiceType(service *v1.Service) bool {
-	switch service.Spec.Type {
-	case v1.ServiceTypeNodePort, v1.ServiceTypeLoadBalancer:
-		return true
-	}
-	return false
-}
-
 //GetQuotaServiceType returns ServiceType if the service type is eligible to track against a quota, nor return ""
 func GetQuotaServiceType(service *v1.Service) v1.ServiceType {
 	switch service.Spec.Type {
diff --git a/vendor/k8s.io/kubernetes/pkg/quota/generic/evaluator.go b/vendor/k8s.io/kubernetes/pkg/quota/generic/evaluator.go
index 5bcb1cb20fff..6324ce5ddeb7 100644
--- a/vendor/k8s.io/kubernetes/pkg/quota/generic/evaluator.go
+++ b/vendor/k8s.io/kubernetes/pkg/quota/generic/evaluator.go
@@ -200,7 +200,7 @@ func (o *objectCountEvaluator) UsageStats(options quota.UsageStatsOptions) (quot
 var _ quota.Evaluator = &objectCountEvaluator{}
 
 // NewObjectCountEvaluator returns an evaluator that can perform generic
-// object quota counting.  It allows an optional alias for backwards compatibilty
+// object quota counting.  It allows an optional alias for backwards compatibility
 // purposes for the legacy object counting names in quota.  Unless its supporting
 // backward compatibility, alias should not be used.
 func NewObjectCountEvaluator(
diff --git a/vendor/k8s.io/kubernetes/pkg/quota/resources.go b/vendor/k8s.io/kubernetes/pkg/quota/resources.go
index 924ee41b9466..a40a81a64c6e 100644
--- a/vendor/k8s.io/kubernetes/pkg/quota/resources.go
+++ b/vendor/k8s.io/kubernetes/pkg/quota/resources.go
@@ -126,7 +126,7 @@ func Add(a api.ResourceList, b api.ResourceList) api.ResourceList {
 	return result
 }
 
-// SubtractWithNonNegativeResult - substracts and returns result of a - b but
+// SubtractWithNonNegativeResult - subtracts and returns result of a - b but
 // makes sure we don't return negative values to prevent negative resource usage.
 func SubtractWithNonNegativeResult(a api.ResourceList, b api.ResourceList) api.ResourceList {
 	zero := resource.MustParse("0")
@@ -263,7 +263,7 @@ func CalculateUsage(namespaceName string, scopes []api.ResourceQuotaScope, hardL
 	for _, evaluator := range evaluators {
 		potentialResources = append(potentialResources, evaluator.MatchingResources(hardResources)...)
 	}
-	// NOTE: the intersection just removes duplicates since the evaluator match intersects wtih hard
+	// NOTE: the intersection just removes duplicates since the evaluator match intersects with hard
 	matchedResources := Intersection(hardResources, potentialResources)
 
 	// sum the observed usage from each evaluator
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/admissionregistration/rest/storage_apiserver.go b/vendor/k8s.io/kubernetes/pkg/registry/admissionregistration/rest/storage_apiserver.go
index 5b26e830bd72..53e6041938b8 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/admissionregistration/rest/storage_apiserver.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/admissionregistration/rest/storage_apiserver.go
@@ -37,11 +37,11 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 	// If you add a version here, be sure to add an entry in `k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go with specific priorities.
 	// TODO refactor the plumbing to provide the information in the APIGroupInfo
 
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(admissionregistrationv1alpha1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(admissionregistrationv1alpha1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[admissionregistrationv1alpha1.SchemeGroupVersion.Version] = p.v1alpha1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = admissionregistrationv1alpha1.SchemeGroupVersion
 	}
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(admissionregistrationv1beta1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(admissionregistrationv1beta1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[admissionregistrationv1beta1.SchemeGroupVersion.Version] = p.v1beta1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = admissionregistrationv1beta1.SchemeGroupVersion
 	}
@@ -49,26 +49,24 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 }
 
 func (p RESTStorageProvider) v1alpha1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := admissionregistrationv1alpha1.SchemeGroupVersion
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("initializerconfigurations")) {
-		s := initializerconfigurationstorage.NewREST(restOptionsGetter)
-		storage["initializerconfigurations"] = s
-	}
+	// initializerconfigurations
+	s := initializerconfigurationstorage.NewREST(restOptionsGetter)
+	storage["initializerconfigurations"] = s
+
 	return storage
 }
 
 func (p RESTStorageProvider) v1beta1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := admissionregistrationv1beta1.SchemeGroupVersion
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("validatingwebhookconfigurations")) {
-		s := validatingwebhookconfigurationstorage.NewREST(restOptionsGetter)
-		storage["validatingwebhookconfigurations"] = s
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("mutatingwebhookconfigurations")) {
-		s := mutatingwebhookconfigurationstorage.NewREST(restOptionsGetter)
-		storage["mutatingwebhookconfigurations"] = s
-	}
+	// validatingwebhookconfigurations
+	validatingStorage := validatingwebhookconfigurationstorage.NewREST(restOptionsGetter)
+	storage["validatingwebhookconfigurations"] = validatingStorage
+
+	// mutatingwebhookconfigurations
+	mutatingStorage := mutatingwebhookconfigurationstorage.NewREST(restOptionsGetter)
+	storage["mutatingwebhookconfigurations"] = mutatingStorage
+
 	return storage
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/apps/controllerrevision/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/apps/controllerrevision/BUILD
index 24e6e13da2c9..474d6bb1b469 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/apps/controllerrevision/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/apps/controllerrevision/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/apps/controllerrevision",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/apps:go_default_library",
         "//pkg/apis/core:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/apps/controllerrevision/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/apps/controllerrevision/storage/BUILD
index 083eb3f06d17..b80811bc49c6 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/apps/controllerrevision/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/apps/controllerrevision/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/apps/controllerrevision/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/apps:go_default_library",
         "//pkg/apis/core:go_default_library",
@@ -31,6 +30,9 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/registry/apps/controllerrevision/storage",
     deps = [
         "//pkg/apis/apps:go_default_library",
+        "//pkg/printers:go_default_library",
+        "//pkg/printers/internalversion:go_default_library",
+        "//pkg/printers/storage:go_default_library",
         "//pkg/registry/apps/controllerrevision:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/apps/controllerrevision/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/apps/controllerrevision/storage/storage.go
index c1c1de7b04ae..86f81fd850ab 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/apps/controllerrevision/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/apps/controllerrevision/storage/storage.go
@@ -21,6 +21,9 @@ import (
 	"k8s.io/apiserver/pkg/registry/generic"
 	genericregistry "k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/kubernetes/pkg/apis/apps"
+	"k8s.io/kubernetes/pkg/printers"
+	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
+	printerstorage "k8s.io/kubernetes/pkg/printers/storage"
 	"k8s.io/kubernetes/pkg/registry/apps/controllerrevision"
 )
 
@@ -39,6 +42,8 @@ func NewREST(optsGetter generic.RESTOptionsGetter) *REST {
 		CreateStrategy: controllerrevision.Strategy,
 		UpdateStrategy: controllerrevision.Strategy,
 		DeleteStrategy: controllerrevision.Strategy,
+
+		TableConvertor: printerstorage.TableConvertor{TablePrinter: printers.NewTablePrinter().With(printersinternal.AddHandlers)},
 	}
 	options := &generic.StoreOptions{RESTOptions: optsGetter}
 	if err := store.CompleteWithOptions(options); err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/daemonset/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/apps/daemonset/BUILD
similarity index 88%
rename from vendor/k8s.io/kubernetes/pkg/registry/extensions/daemonset/BUILD
rename to vendor/k8s.io/kubernetes/pkg/registry/apps/daemonset/BUILD
index 76dcae9bd984..539803cc1b4f 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/extensions/daemonset/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/apps/daemonset/BUILD
@@ -12,7 +12,7 @@ go_library(
         "doc.go",
         "strategy.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/registry/extensions/daemonset",
+    importpath = "k8s.io/kubernetes/pkg/registry/apps/daemonset",
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/api/pod:go_default_library",
@@ -34,8 +34,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/extensions/daemonset",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/extensions:go_default_library",
@@ -57,7 +56,7 @@ filegroup(
     name = "all-srcs",
     srcs = [
         ":package-srcs",
-        "//pkg/registry/extensions/daemonset/storage:all-srcs",
+        "//pkg/registry/apps/daemonset/storage:all-srcs",
     ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/daemonset/doc.go b/vendor/k8s.io/kubernetes/pkg/registry/apps/daemonset/doc.go
similarity index 100%
rename from vendor/k8s.io/kubernetes/pkg/registry/extensions/daemonset/doc.go
rename to vendor/k8s.io/kubernetes/pkg/registry/apps/daemonset/doc.go
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/daemonset/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/apps/daemonset/storage/BUILD
similarity index 87%
rename from vendor/k8s.io/kubernetes/pkg/registry/extensions/daemonset/storage/BUILD
rename to vendor/k8s.io/kubernetes/pkg/registry/apps/daemonset/storage/BUILD
index b1dd9b2ceb8c..dc992ae1e98a 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/extensions/daemonset/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/apps/daemonset/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/extensions/daemonset/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/extensions:go_default_library",
@@ -28,13 +27,13 @@ go_test(
 go_library(
     name = "go_default_library",
     srcs = ["storage.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/extensions/daemonset/storage",
+    importpath = "k8s.io/kubernetes/pkg/registry/apps/daemonset/storage",
     deps = [
         "//pkg/apis/extensions:go_default_library",
         "//pkg/printers:go_default_library",
         "//pkg/printers/internalversion:go_default_library",
         "//pkg/printers/storage:go_default_library",
-        "//pkg/registry/extensions/daemonset:go_default_library",
+        "//pkg/registry/apps/daemonset:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/daemonset/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/apps/daemonset/storage/storage.go
similarity index 92%
rename from vendor/k8s.io/kubernetes/pkg/registry/extensions/daemonset/storage/storage.go
rename to vendor/k8s.io/kubernetes/pkg/registry/apps/daemonset/storage/storage.go
index 461e5a97ff2c..8a961399df87 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/extensions/daemonset/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/apps/daemonset/storage/storage.go
@@ -27,12 +27,13 @@ import (
 	"k8s.io/kubernetes/pkg/printers"
 	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
 	printerstorage "k8s.io/kubernetes/pkg/printers/storage"
-	"k8s.io/kubernetes/pkg/registry/extensions/daemonset"
+	"k8s.io/kubernetes/pkg/registry/apps/daemonset"
 )
 
 // rest implements a RESTStorage for DaemonSets
 type REST struct {
 	*genericregistry.Store
+	categories []string
 }
 
 // NewREST returns a RESTStorage object that will work against DaemonSets.
@@ -56,7 +57,7 @@ func NewREST(optsGetter generic.RESTOptionsGetter) (*REST, *StatusREST) {
 	statusStore := *store
 	statusStore.UpdateStrategy = daemonset.StatusStrategy
 
-	return &REST{store}, &StatusREST{store: &statusStore}
+	return &REST{store, []string{"all"}}, &StatusREST{store: &statusStore}
 }
 
 // Implement ShortNamesProvider
@@ -71,7 +72,12 @@ var _ rest.CategoriesProvider = &REST{}
 
 // Categories implements the CategoriesProvider interface. Returns a list of categories a resource is part of.
 func (r *REST) Categories() []string {
-	return []string{"all"}
+	return r.categories
+}
+
+func (r *REST) WithCategories(categories []string) *REST {
+	r.categories = categories
+	return r
 }
 
 // StatusREST implements the REST endpoint for changing the status of a daemonset
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/daemonset/strategy.go b/vendor/k8s.io/kubernetes/pkg/registry/apps/daemonset/strategy.go
similarity index 100%
rename from vendor/k8s.io/kubernetes/pkg/registry/extensions/daemonset/strategy.go
rename to vendor/k8s.io/kubernetes/pkg/registry/apps/daemonset/strategy.go
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/deployment/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/apps/deployment/BUILD
similarity index 90%
rename from vendor/k8s.io/kubernetes/pkg/registry/extensions/deployment/BUILD
rename to vendor/k8s.io/kubernetes/pkg/registry/apps/deployment/BUILD
index 850dda20a540..22b2bb4d2133 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/extensions/deployment/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/apps/deployment/BUILD
@@ -13,7 +13,7 @@ go_library(
         "registry.go",
         "strategy.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/registry/extensions/deployment",
+    importpath = "k8s.io/kubernetes/pkg/registry/apps/deployment",
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/api/pod:go_default_library",
@@ -38,8 +38,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/extensions/deployment",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/extensions:go_default_library",
@@ -63,7 +62,7 @@ filegroup(
     name = "all-srcs",
     srcs = [
         ":package-srcs",
-        "//pkg/registry/extensions/deployment/storage:all-srcs",
+        "//pkg/registry/apps/deployment/storage:all-srcs",
     ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/deployment/doc.go b/vendor/k8s.io/kubernetes/pkg/registry/apps/deployment/doc.go
similarity index 100%
rename from vendor/k8s.io/kubernetes/pkg/registry/extensions/deployment/doc.go
rename to vendor/k8s.io/kubernetes/pkg/registry/apps/deployment/doc.go
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/deployment/registry.go b/vendor/k8s.io/kubernetes/pkg/registry/apps/deployment/registry.go
similarity index 100%
rename from vendor/k8s.io/kubernetes/pkg/registry/extensions/deployment/registry.go
rename to vendor/k8s.io/kubernetes/pkg/registry/apps/deployment/registry.go
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/deployment/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/apps/deployment/storage/BUILD
similarity index 90%
rename from vendor/k8s.io/kubernetes/pkg/registry/extensions/deployment/storage/BUILD
rename to vendor/k8s.io/kubernetes/pkg/registry/apps/deployment/storage/BUILD
index 81b341d8208f..488a9f08b14a 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/extensions/deployment/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/apps/deployment/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/extensions/deployment/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/autoscaling:go_default_library",
         "//pkg/apis/core:go_default_library",
@@ -36,7 +35,7 @@ go_test(
 go_library(
     name = "go_default_library",
     srcs = ["storage.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/extensions/deployment/storage",
+    importpath = "k8s.io/kubernetes/pkg/registry/apps/deployment/storage",
     deps = [
         "//pkg/apis/apps/v1beta1:go_default_library",
         "//pkg/apis/apps/v1beta2:go_default_library",
@@ -46,7 +45,10 @@ go_library(
         "//pkg/apis/extensions:go_default_library",
         "//pkg/apis/extensions/v1beta1:go_default_library",
         "//pkg/apis/extensions/validation:go_default_library",
-        "//pkg/registry/extensions/deployment:go_default_library",
+        "//pkg/printers:go_default_library",
+        "//pkg/printers/internalversion:go_default_library",
+        "//pkg/printers/storage:go_default_library",
+        "//pkg/registry/apps/deployment:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/deployment/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/apps/deployment/storage/storage.go
similarity index 94%
rename from vendor/k8s.io/kubernetes/pkg/registry/extensions/deployment/storage/storage.go
rename to vendor/k8s.io/kubernetes/pkg/registry/apps/deployment/storage/storage.go
index 6cf80f8dcc70..2fa85ea97df7 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/extensions/deployment/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/apps/deployment/storage/storage.go
@@ -38,7 +38,10 @@ import (
 	"k8s.io/kubernetes/pkg/apis/extensions"
 	extensionsv1beta1 "k8s.io/kubernetes/pkg/apis/extensions/v1beta1"
 	extvalidation "k8s.io/kubernetes/pkg/apis/extensions/validation"
-	"k8s.io/kubernetes/pkg/registry/extensions/deployment"
+	"k8s.io/kubernetes/pkg/printers"
+	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
+	printerstorage "k8s.io/kubernetes/pkg/printers/storage"
+	"k8s.io/kubernetes/pkg/registry/apps/deployment"
 )
 
 // DeploymentStorage includes dummy storage for Deployments and for Scale subresource.
@@ -63,6 +66,7 @@ func NewStorage(optsGetter generic.RESTOptionsGetter) DeploymentStorage {
 
 type REST struct {
 	*genericregistry.Store
+	categories []string
 }
 
 // NewREST returns a RESTStorage object that will work against deployments.
@@ -75,6 +79,8 @@ func NewREST(optsGetter generic.RESTOptionsGetter) (*REST, *StatusREST, *Rollbac
 		CreateStrategy: deployment.Strategy,
 		UpdateStrategy: deployment.Strategy,
 		DeleteStrategy: deployment.Strategy,
+
+		TableConvertor: printerstorage.TableConvertor{TablePrinter: printers.NewTablePrinter().With(printersinternal.AddHandlers)},
 	}
 	options := &generic.StoreOptions{RESTOptions: optsGetter}
 	if err := store.CompleteWithOptions(options); err != nil {
@@ -83,7 +89,7 @@ func NewREST(optsGetter generic.RESTOptionsGetter) (*REST, *StatusREST, *Rollbac
 
 	statusStore := *store
 	statusStore.UpdateStrategy = deployment.StatusStrategy
-	return &REST{store}, &StatusREST{store: &statusStore}, &RollbackREST{store: store}
+	return &REST{store, []string{"all"}}, &StatusREST{store: &statusStore}, &RollbackREST{store: store}
 }
 
 // Implement ShortNamesProvider
@@ -99,7 +105,12 @@ var _ rest.CategoriesProvider = &REST{}
 
 // Categories implements the CategoriesProvider interface. Returns a list of categories a resource is part of.
 func (r *REST) Categories() []string {
-	return []string{"all"}
+	return r.categories
+}
+
+func (r *REST) WithCategories(categories []string) *REST {
+	r.categories = categories
+	return r
 }
 
 // StatusREST implements the REST endpoint for changing the status of a deployment
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/deployment/strategy.go b/vendor/k8s.io/kubernetes/pkg/registry/apps/deployment/strategy.go
similarity index 100%
rename from vendor/k8s.io/kubernetes/pkg/registry/extensions/deployment/strategy.go
rename to vendor/k8s.io/kubernetes/pkg/registry/apps/deployment/strategy.go
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/replicaset/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/apps/replicaset/BUILD
similarity index 91%
rename from vendor/k8s.io/kubernetes/pkg/registry/extensions/replicaset/BUILD
rename to vendor/k8s.io/kubernetes/pkg/registry/apps/replicaset/BUILD
index fd4e7eaa367c..19f6da91c07f 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/extensions/replicaset/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/apps/replicaset/BUILD
@@ -13,7 +13,7 @@ go_library(
         "registry.go",
         "strategy.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/registry/extensions/replicaset",
+    importpath = "k8s.io/kubernetes/pkg/registry/apps/replicaset",
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/api/pod:go_default_library",
@@ -42,8 +42,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/extensions/replicaset",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/extensions:go_default_library",
@@ -65,7 +64,7 @@ filegroup(
     name = "all-srcs",
     srcs = [
         ":package-srcs",
-        "//pkg/registry/extensions/replicaset/storage:all-srcs",
+        "//pkg/registry/apps/replicaset/storage:all-srcs",
     ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/replicaset/doc.go b/vendor/k8s.io/kubernetes/pkg/registry/apps/replicaset/doc.go
similarity index 100%
rename from vendor/k8s.io/kubernetes/pkg/registry/extensions/replicaset/doc.go
rename to vendor/k8s.io/kubernetes/pkg/registry/apps/replicaset/doc.go
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/replicaset/registry.go b/vendor/k8s.io/kubernetes/pkg/registry/apps/replicaset/registry.go
similarity index 100%
rename from vendor/k8s.io/kubernetes/pkg/registry/extensions/replicaset/registry.go
rename to vendor/k8s.io/kubernetes/pkg/registry/apps/replicaset/registry.go
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/replicaset/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/apps/replicaset/storage/BUILD
similarity index 91%
rename from vendor/k8s.io/kubernetes/pkg/registry/extensions/replicaset/storage/BUILD
rename to vendor/k8s.io/kubernetes/pkg/registry/apps/replicaset/storage/BUILD
index 77500a739a8c..917b635c46ea 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/extensions/replicaset/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/apps/replicaset/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/extensions/replicaset/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/autoscaling:go_default_library",
         "//pkg/apis/core:go_default_library",
@@ -34,7 +33,7 @@ go_test(
 go_library(
     name = "go_default_library",
     srcs = ["storage.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/extensions/replicaset/storage",
+    importpath = "k8s.io/kubernetes/pkg/registry/apps/replicaset/storage",
     deps = [
         "//pkg/apis/apps/v1beta1:go_default_library",
         "//pkg/apis/apps/v1beta2:go_default_library",
@@ -46,7 +45,7 @@ go_library(
         "//pkg/printers:go_default_library",
         "//pkg/printers/internalversion:go_default_library",
         "//pkg/printers/storage:go_default_library",
-        "//pkg/registry/extensions/replicaset:go_default_library",
+        "//pkg/registry/apps/replicaset:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/replicaset/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/apps/replicaset/storage/storage.go
similarity index 96%
rename from vendor/k8s.io/kubernetes/pkg/registry/extensions/replicaset/storage/storage.go
rename to vendor/k8s.io/kubernetes/pkg/registry/apps/replicaset/storage/storage.go
index 893e66390da8..d181b35c9725 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/extensions/replicaset/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/apps/replicaset/storage/storage.go
@@ -39,7 +39,7 @@ import (
 	"k8s.io/kubernetes/pkg/printers"
 	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
 	printerstorage "k8s.io/kubernetes/pkg/printers/storage"
-	"k8s.io/kubernetes/pkg/registry/extensions/replicaset"
+	"k8s.io/kubernetes/pkg/registry/apps/replicaset"
 )
 
 // ReplicaSetStorage includes dummy storage for ReplicaSets and for Scale subresource.
@@ -62,6 +62,7 @@ func NewStorage(optsGetter generic.RESTOptionsGetter) ReplicaSetStorage {
 
 type REST struct {
 	*genericregistry.Store
+	categories []string
 }
 
 // NewREST returns a RESTStorage object that will work against ReplicaSet.
@@ -86,7 +87,7 @@ func NewREST(optsGetter generic.RESTOptionsGetter) (*REST, *StatusREST) {
 	statusStore := *store
 	statusStore.UpdateStrategy = replicaset.StatusStrategy
 
-	return &REST{store}, &StatusREST{store: &statusStore}
+	return &REST{store, []string{"all"}}, &StatusREST{store: &statusStore}
 }
 
 // Implement ShortNamesProvider
@@ -102,7 +103,12 @@ var _ rest.CategoriesProvider = &REST{}
 
 // Categories implements the CategoriesProvider interface. Returns a list of categories a resource is part of.
 func (r *REST) Categories() []string {
-	return []string{"all"}
+	return r.categories
+}
+
+func (r *REST) WithCategories(categories []string) *REST {
+	r.categories = categories
+	return r
 }
 
 // StatusREST implements the REST endpoint for changing the status of a ReplicaSet
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/replicaset/strategy.go b/vendor/k8s.io/kubernetes/pkg/registry/apps/replicaset/strategy.go
similarity index 100%
rename from vendor/k8s.io/kubernetes/pkg/registry/extensions/replicaset/strategy.go
rename to vendor/k8s.io/kubernetes/pkg/registry/apps/replicaset/strategy.go
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/apps/rest/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/apps/rest/BUILD
index 70032abad7bc..3fdf1ef3ee13 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/apps/rest/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/apps/rest/BUILD
@@ -13,10 +13,10 @@ go_library(
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/apps:go_default_library",
         "//pkg/registry/apps/controllerrevision/storage:go_default_library",
+        "//pkg/registry/apps/daemonset/storage:go_default_library",
+        "//pkg/registry/apps/deployment/storage:go_default_library",
+        "//pkg/registry/apps/replicaset/storage:go_default_library",
         "//pkg/registry/apps/statefulset/storage:go_default_library",
-        "//pkg/registry/extensions/daemonset/storage:go_default_library",
-        "//pkg/registry/extensions/deployment/storage:go_default_library",
-        "//pkg/registry/extensions/replicaset/storage:go_default_library",
         "//vendor/k8s.io/api/apps/v1:go_default_library",
         "//vendor/k8s.io/api/apps/v1beta1:go_default_library",
         "//vendor/k8s.io/api/apps/v1beta2:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/apps/rest/storage_apps.go b/vendor/k8s.io/kubernetes/pkg/registry/apps/rest/storage_apps.go
index f77900e88132..96bb06963a37 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/apps/rest/storage_apps.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/apps/rest/storage_apps.go
@@ -27,10 +27,10 @@ import (
 	"k8s.io/kubernetes/pkg/api/legacyscheme"
 	"k8s.io/kubernetes/pkg/apis/apps"
 	controllerrevisionsstore "k8s.io/kubernetes/pkg/registry/apps/controllerrevision/storage"
+	daemonsetstore "k8s.io/kubernetes/pkg/registry/apps/daemonset/storage"
+	deploymentstore "k8s.io/kubernetes/pkg/registry/apps/deployment/storage"
+	replicasetstore "k8s.io/kubernetes/pkg/registry/apps/replicaset/storage"
 	statefulsetstore "k8s.io/kubernetes/pkg/registry/apps/statefulset/storage"
-	daemonsetstore "k8s.io/kubernetes/pkg/registry/extensions/daemonset/storage"
-	deploymentstore "k8s.io/kubernetes/pkg/registry/extensions/deployment/storage"
-	replicasetstore "k8s.io/kubernetes/pkg/registry/extensions/replicaset/storage"
 )
 
 type RESTStorageProvider struct{}
@@ -40,15 +40,15 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 	// If you add a version here, be sure to add an entry in `k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go with specific priorities.
 	// TODO refactor the plumbing to provide the information in the APIGroupInfo
 
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(appsapiv1beta1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(appsapiv1beta1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[appsapiv1beta1.SchemeGroupVersion.Version] = p.v1beta1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = appsapiv1beta1.SchemeGroupVersion
 	}
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(appsapiv1beta2.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(appsapiv1beta2.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[appsapiv1beta2.SchemeGroupVersion.Version] = p.v1beta2Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = appsapiv1beta2.SchemeGroupVersion
 	}
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(appsapiv1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(appsapiv1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[appsapiv1.SchemeGroupVersion.Version] = p.v1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = appsapiv1.SchemeGroupVersion
 	}
@@ -57,94 +57,91 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 }
 
 func (p RESTStorageProvider) v1beta1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := appsapiv1beta1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("deployments")) {
-		deploymentStorage := deploymentstore.NewStorage(restOptionsGetter)
-		storage["deployments"] = deploymentStorage.Deployment
-		storage["deployments/status"] = deploymentStorage.Status
-		storage["deployments/rollback"] = deploymentStorage.Rollback
-		storage["deployments/scale"] = deploymentStorage.Scale
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("statefulsets")) {
-		statefulSetStorage := statefulsetstore.NewStorage(restOptionsGetter)
-		storage["statefulsets"] = statefulSetStorage.StatefulSet
-		storage["statefulsets/status"] = statefulSetStorage.Status
-		storage["statefulsets/scale"] = statefulSetStorage.Scale
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("controllerrevisions")) {
-		historyStorage := controllerrevisionsstore.NewREST(restOptionsGetter)
-		storage["controllerrevisions"] = historyStorage
-	}
+
+	// deployments
+	deploymentStorage := deploymentstore.NewStorage(restOptionsGetter)
+	storage["deployments"] = deploymentStorage.Deployment
+	storage["deployments/status"] = deploymentStorage.Status
+	storage["deployments/rollback"] = deploymentStorage.Rollback
+	storage["deployments/scale"] = deploymentStorage.Scale
+
+	// statefulsets
+	statefulSetStorage := statefulsetstore.NewStorage(restOptionsGetter)
+	storage["statefulsets"] = statefulSetStorage.StatefulSet
+	storage["statefulsets/status"] = statefulSetStorage.Status
+	storage["statefulsets/scale"] = statefulSetStorage.Scale
+
+	// controllerrevisions
+	historyStorage := controllerrevisionsstore.NewREST(restOptionsGetter)
+	storage["controllerrevisions"] = historyStorage
+
 	return storage
 }
 
 func (p RESTStorageProvider) v1beta2Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := appsapiv1beta2.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("deployments")) {
-		deploymentStorage := deploymentstore.NewStorage(restOptionsGetter)
-		storage["deployments"] = deploymentStorage.Deployment
-		storage["deployments/status"] = deploymentStorage.Status
-		storage["deployments/scale"] = deploymentStorage.Scale
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("statefulsets")) {
-		statefulSetStorage := statefulsetstore.NewStorage(restOptionsGetter)
-		storage["statefulsets"] = statefulSetStorage.StatefulSet
-		storage["statefulsets/status"] = statefulSetStorage.Status
-		storage["statefulsets/scale"] = statefulSetStorage.Scale
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("daemonsets")) {
-		daemonSetStorage, daemonSetStatusStorage := daemonsetstore.NewREST(restOptionsGetter)
-		storage["daemonsets"] = daemonSetStorage
-		storage["daemonsets/status"] = daemonSetStatusStorage
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("replicasets")) {
-		replicaSetStorage := replicasetstore.NewStorage(restOptionsGetter)
-		storage["replicasets"] = replicaSetStorage.ReplicaSet
-		storage["replicasets/status"] = replicaSetStorage.Status
-		storage["replicasets/scale"] = replicaSetStorage.Scale
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("controllerrevisions")) {
-		historyStorage := controllerrevisionsstore.NewREST(restOptionsGetter)
-		storage["controllerrevisions"] = historyStorage
-	}
+
+	// deployments
+	deploymentStorage := deploymentstore.NewStorage(restOptionsGetter)
+	storage["deployments"] = deploymentStorage.Deployment
+	storage["deployments/status"] = deploymentStorage.Status
+	storage["deployments/scale"] = deploymentStorage.Scale
+
+	// statefulsets
+	statefulSetStorage := statefulsetstore.NewStorage(restOptionsGetter)
+	storage["statefulsets"] = statefulSetStorage.StatefulSet
+	storage["statefulsets/status"] = statefulSetStorage.Status
+	storage["statefulsets/scale"] = statefulSetStorage.Scale
+
+	// daemonsets
+	daemonSetStorage, daemonSetStatusStorage := daemonsetstore.NewREST(restOptionsGetter)
+	storage["daemonsets"] = daemonSetStorage
+	storage["daemonsets/status"] = daemonSetStatusStorage
+
+	// replicasets
+	replicaSetStorage := replicasetstore.NewStorage(restOptionsGetter)
+	storage["replicasets"] = replicaSetStorage.ReplicaSet
+	storage["replicasets/status"] = replicaSetStorage.Status
+	storage["replicasets/scale"] = replicaSetStorage.Scale
+
+	// controllerrevisions
+	historyStorage := controllerrevisionsstore.NewREST(restOptionsGetter)
+	storage["controllerrevisions"] = historyStorage
+
 	return storage
 }
 
 func (p RESTStorageProvider) v1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := appsapiv1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("deployments")) {
-		deploymentStorage := deploymentstore.NewStorage(restOptionsGetter)
-		storage["deployments"] = deploymentStorage.Deployment
-		storage["deployments/status"] = deploymentStorage.Status
-		storage["deployments/scale"] = deploymentStorage.Scale
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("statefulsets")) {
-		statefulSetStorage := statefulsetstore.NewStorage(restOptionsGetter)
-		storage["statefulsets"] = statefulSetStorage.StatefulSet
-		storage["statefulsets/status"] = statefulSetStorage.Status
-		storage["statefulsets/scale"] = statefulSetStorage.Scale
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("daemonsets")) {
-		daemonSetStorage, daemonSetStatusStorage := daemonsetstore.NewREST(restOptionsGetter)
-		storage["daemonsets"] = daemonSetStorage
-		storage["daemonsets/status"] = daemonSetStatusStorage
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("replicasets")) {
-		replicaSetStorage := replicasetstore.NewStorage(restOptionsGetter)
-		storage["replicasets"] = replicaSetStorage.ReplicaSet
-		storage["replicasets/status"] = replicaSetStorage.Status
-		storage["replicasets/scale"] = replicaSetStorage.Scale
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("controllerrevisions")) {
-		historyStorage := controllerrevisionsstore.NewREST(restOptionsGetter)
-		storage["controllerrevisions"] = historyStorage
-	}
+
+	// deployments
+	deploymentStorage := deploymentstore.NewStorage(restOptionsGetter)
+	storage["deployments"] = deploymentStorage.Deployment
+	storage["deployments/status"] = deploymentStorage.Status
+	storage["deployments/scale"] = deploymentStorage.Scale
+
+	// statefulsets
+	statefulSetStorage := statefulsetstore.NewStorage(restOptionsGetter)
+	storage["statefulsets"] = statefulSetStorage.StatefulSet
+	storage["statefulsets/status"] = statefulSetStorage.Status
+	storage["statefulsets/scale"] = statefulSetStorage.Scale
+
+	// daemonsets
+	daemonSetStorage, daemonSetStatusStorage := daemonsetstore.NewREST(restOptionsGetter)
+	storage["daemonsets"] = daemonSetStorage
+	storage["daemonsets/status"] = daemonSetStatusStorage
+
+	// replicasets
+	replicaSetStorage := replicasetstore.NewStorage(restOptionsGetter)
+	storage["replicasets"] = replicaSetStorage.ReplicaSet
+	storage["replicasets/status"] = replicaSetStorage.Status
+	storage["replicasets/scale"] = replicaSetStorage.Scale
+
+	// controllerrevisions
+	historyStorage := controllerrevisionsstore.NewREST(restOptionsGetter)
+	storage["controllerrevisions"] = historyStorage
+
 	return storage
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/apps/statefulset/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/apps/statefulset/BUILD
index deb73b96dc6e..7e18e5fc5239 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/apps/statefulset/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/apps/statefulset/BUILD
@@ -38,8 +38,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/apps/statefulset",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/apps:go_default_library",
         "//pkg/apis/core:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/apps/statefulset/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/apps/statefulset/storage/BUILD
index 6bbc1eee2042..b67e2fea55b1 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/apps/statefulset/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/apps/statefulset/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/apps/statefulset/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/apps:go_default_library",
         "//pkg/apis/autoscaling:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/authentication/rest/storage_authentication.go b/vendor/k8s.io/kubernetes/pkg/registry/authentication/rest/storage_authentication.go
index e3f1aa6da953..c55bd530d917 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/authentication/rest/storage_authentication.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/authentication/rest/storage_authentication.go
@@ -43,11 +43,11 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 	// If you add a version here, be sure to add an entry in `k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go with specific priorities.
 	// TODO refactor the plumbing to provide the information in the APIGroupInfo
 
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(authenticationv1beta1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(authenticationv1beta1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[authenticationv1beta1.SchemeGroupVersion.Version] = p.v1beta1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = authenticationv1beta1.SchemeGroupVersion
 	}
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(authenticationv1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(authenticationv1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[authenticationv1.SchemeGroupVersion.Version] = p.v1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = authenticationv1.SchemeGroupVersion
 	}
@@ -56,29 +56,19 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 }
 
 func (p RESTStorageProvider) v1beta1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := authenticationv1beta1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(authenticationv1beta1.SchemeGroupVersion) {
-		if apiResourceConfigSource.ResourceEnabled(version.WithResource("tokenreviews")) {
-			tokenReviewStorage := tokenreview.NewREST(p.Authenticator)
-			storage["tokenreviews"] = tokenReviewStorage
-		}
-	}
+	// tokenreviews
+	tokenReviewStorage := tokenreview.NewREST(p.Authenticator)
+	storage["tokenreviews"] = tokenReviewStorage
 
 	return storage
 }
 
 func (p RESTStorageProvider) v1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := authenticationv1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(authenticationv1.SchemeGroupVersion) {
-		if apiResourceConfigSource.ResourceEnabled(version.WithResource("tokenreviews")) {
-			tokenReviewStorage := tokenreview.NewREST(p.Authenticator)
-			storage["tokenreviews"] = tokenReviewStorage
-		}
-	}
+	// tokenreviews
+	tokenReviewStorage := tokenreview.NewREST(p.Authenticator)
+	storage["tokenreviews"] = tokenReviewStorage
 
 	return storage
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/authorization/rest/storage_authorization.go b/vendor/k8s.io/kubernetes/pkg/registry/authorization/rest/storage_authorization.go
index 10f3293c6db2..f127e19cc31f 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/authorization/rest/storage_authorization.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/authorization/rest/storage_authorization.go
@@ -46,12 +46,12 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 	// If you add a version here, be sure to add an entry in `k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go with specific priorities.
 	// TODO refactor the plumbing to provide the information in the APIGroupInfo
 
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(authorizationv1beta1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(authorizationv1beta1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[authorizationv1beta1.SchemeGroupVersion.Version] = p.v1beta1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = authorizationv1beta1.SchemeGroupVersion
 	}
 
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(authorizationv1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(authorizationv1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[authorizationv1.SchemeGroupVersion.Version] = p.v1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = authorizationv1.SchemeGroupVersion
 	}
@@ -60,41 +60,29 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 }
 
 func (p RESTStorageProvider) v1beta1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := authorizationv1beta1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("subjectaccessreviews")) {
-		storage["subjectaccessreviews"] = subjectaccessreview.NewREST(p.Authorizer)
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("selfsubjectaccessreviews")) {
-		storage["selfsubjectaccessreviews"] = selfsubjectaccessreview.NewREST(p.Authorizer)
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("localsubjectaccessreviews")) {
-		storage["localsubjectaccessreviews"] = localsubjectaccessreview.NewREST(p.Authorizer)
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("selfsubjectrulesreviews")) {
-		storage["selfsubjectrulesreviews"] = selfsubjectrulesreview.NewREST(p.RuleResolver)
-	}
+	// subjectaccessreviews
+	storage["subjectaccessreviews"] = subjectaccessreview.NewREST(p.Authorizer)
+	// selfsubjectaccessreviews
+	storage["selfsubjectaccessreviews"] = selfsubjectaccessreview.NewREST(p.Authorizer)
+	// localsubjectaccessreviews
+	storage["localsubjectaccessreviews"] = localsubjectaccessreview.NewREST(p.Authorizer)
+	// selfsubjectrulesreviews
+	storage["selfsubjectrulesreviews"] = selfsubjectrulesreview.NewREST(p.RuleResolver)
 
 	return storage
 }
 
 func (p RESTStorageProvider) v1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := authorizationv1beta1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("subjectaccessreviews")) {
-		storage["subjectaccessreviews"] = subjectaccessreview.NewREST(p.Authorizer)
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("selfsubjectaccessreviews")) {
-		storage["selfsubjectaccessreviews"] = selfsubjectaccessreview.NewREST(p.Authorizer)
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("localsubjectaccessreviews")) {
-		storage["localsubjectaccessreviews"] = localsubjectaccessreview.NewREST(p.Authorizer)
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("selfsubjectrulesreviews")) {
-		storage["selfsubjectrulesreviews"] = selfsubjectrulesreview.NewREST(p.RuleResolver)
-	}
+	// subjectaccessreviews
+	storage["subjectaccessreviews"] = subjectaccessreview.NewREST(p.Authorizer)
+	// selfsubjectaccessreviews
+	storage["selfsubjectaccessreviews"] = selfsubjectaccessreview.NewREST(p.Authorizer)
+	// localsubjectaccessreviews
+	storage["localsubjectaccessreviews"] = localsubjectaccessreview.NewREST(p.Authorizer)
+	// selfsubjectrulesreviews
+	storage["selfsubjectrulesreviews"] = selfsubjectrulesreview.NewREST(p.RuleResolver)
 
 	return storage
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/authorization/subjectaccessreview/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/authorization/subjectaccessreview/BUILD
index fb4474b43984..09d797c1f7dc 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/authorization/subjectaccessreview/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/authorization/subjectaccessreview/BUILD
@@ -38,8 +38,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["rest_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/authorization/subjectaccessreview",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/authorization:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/authorization/util/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/authorization/util/BUILD
index 0d1fc9be2de7..b4c9516f81a8 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/authorization/util/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/authorization/util/BUILD
@@ -33,8 +33,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["helpers_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/authorization/util",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/authorization:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/autoscaling/horizontalpodautoscaler/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/autoscaling/horizontalpodautoscaler/storage/BUILD
index 209cfeeea2e0..f5fde8df423f 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/autoscaling/horizontalpodautoscaler/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/autoscaling/horizontalpodautoscaler/storage/BUILD
@@ -9,19 +9,22 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/autoscaling/horizontalpodautoscaler/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/autoscaling:go_default_library",
         "//pkg/apis/core:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
         "//vendor/k8s.io/api/autoscaling/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/fields:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/diff:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic/testing:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/registry/rest:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/etcd/testing:go_default_library",
     ],
 )
@@ -32,6 +35,9 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/registry/autoscaling/horizontalpodautoscaler/storage",
     deps = [
         "//pkg/apis/autoscaling:go_default_library",
+        "//pkg/printers:go_default_library",
+        "//pkg/printers/internalversion:go_default_library",
+        "//pkg/printers/storage:go_default_library",
         "//pkg/registry/autoscaling/horizontalpodautoscaler:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/autoscaling/horizontalpodautoscaler/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/autoscaling/horizontalpodautoscaler/storage/storage.go
index 5d6602f5dd0b..4e5ccca06642 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/autoscaling/horizontalpodautoscaler/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/autoscaling/horizontalpodautoscaler/storage/storage.go
@@ -24,6 +24,9 @@ import (
 	genericregistry "k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/apiserver/pkg/registry/rest"
 	"k8s.io/kubernetes/pkg/apis/autoscaling"
+	"k8s.io/kubernetes/pkg/printers"
+	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
+	printerstorage "k8s.io/kubernetes/pkg/printers/storage"
 	"k8s.io/kubernetes/pkg/registry/autoscaling/horizontalpodautoscaler"
 )
 
@@ -41,6 +44,8 @@ func NewREST(optsGetter generic.RESTOptionsGetter) (*REST, *StatusREST) {
 		CreateStrategy: horizontalpodautoscaler.Strategy,
 		UpdateStrategy: horizontalpodautoscaler.Strategy,
 		DeleteStrategy: horizontalpodautoscaler.Strategy,
+
+		TableConvertor: printerstorage.TableConvertor{TablePrinter: printers.NewTablePrinter().With(printersinternal.AddHandlers)},
 	}
 	options := &generic.StoreOptions{RESTOptions: optsGetter}
 	if err := store.CompleteWithOptions(options); err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/autoscaling/rest/storage_autoscaling.go b/vendor/k8s.io/kubernetes/pkg/registry/autoscaling/rest/storage_autoscaling.go
index e6ce55b483d5..7a023571c690 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/autoscaling/rest/storage_autoscaling.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/autoscaling/rest/storage_autoscaling.go
@@ -35,11 +35,11 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 	// If you add a version here, be sure to add an entry in `k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go with specific priorities.
 	// TODO refactor the plumbing to provide the information in the APIGroupInfo
 
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(autoscalingapiv2beta1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(autoscalingapiv2beta1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[autoscalingapiv2beta1.SchemeGroupVersion.Version] = p.v2beta1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = autoscalingapiv2beta1.SchemeGroupVersion
 	}
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(autoscalingapiv1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(autoscalingapiv1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[autoscalingapiv1.SchemeGroupVersion.Version] = p.v1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = autoscalingapiv1.SchemeGroupVersion
 	}
@@ -48,26 +48,22 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 }
 
 func (p RESTStorageProvider) v1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := autoscalingapiv1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("horizontalpodautoscalers")) {
-		hpaStorage, hpaStatusStorage := horizontalpodautoscalerstore.NewREST(restOptionsGetter)
-		storage["horizontalpodautoscalers"] = hpaStorage
-		storage["horizontalpodautoscalers/status"] = hpaStatusStorage
-	}
+	// horizontalpodautoscalers
+	hpaStorage, hpaStatusStorage := horizontalpodautoscalerstore.NewREST(restOptionsGetter)
+	storage["horizontalpodautoscalers"] = hpaStorage
+	storage["horizontalpodautoscalers/status"] = hpaStatusStorage
+
 	return storage
 }
 
 func (p RESTStorageProvider) v2beta1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := autoscalingapiv2beta1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("horizontalpodautoscalers")) {
-		hpaStorage, hpaStatusStorage := horizontalpodautoscalerstore.NewREST(restOptionsGetter)
-		storage["horizontalpodautoscalers"] = hpaStorage
-		storage["horizontalpodautoscalers/status"] = hpaStatusStorage
-	}
+	// horizontalpodautoscalers
+	hpaStorage, hpaStatusStorage := horizontalpodautoscalerstore.NewREST(restOptionsGetter)
+	storage["horizontalpodautoscalers"] = hpaStorage
+	storage["horizontalpodautoscalers/status"] = hpaStatusStorage
+
 	return storage
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/batch/cronjob/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/batch/cronjob/BUILD
index 4b037adf2d77..ac61eca1d7dd 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/batch/cronjob/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/batch/cronjob/BUILD
@@ -29,8 +29,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/batch/cronjob",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/batch:go_default_library",
         "//pkg/apis/core:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/batch/cronjob/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/batch/cronjob/storage/BUILD
index c5c5c535c7f5..ab8de0a52bbe 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/batch/cronjob/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/batch/cronjob/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/batch/cronjob/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/testapi:go_default_library",
         "//pkg/apis/batch:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/batch/cronjob/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/batch/cronjob/storage/storage.go
index d8ae47f38900..7826ea5a1e75 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/batch/cronjob/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/batch/cronjob/storage/storage.go
@@ -60,12 +60,18 @@ func NewREST(optsGetter generic.RESTOptionsGetter) (*REST, *StatusREST) {
 }
 
 var _ rest.CategoriesProvider = &REST{}
+var _ rest.ShortNamesProvider = &REST{}
 
 // Categories implements the CategoriesProvider interface. Returns a list of categories a resource is part of.
 func (r *REST) Categories() []string {
 	return []string{"all"}
 }
 
+// ShortNames implements the ShortNamesProvider interface. Returns a list of short names for a resource.
+func (r *REST) ShortNames() []string {
+	return []string{"cj"}
+}
+
 // StatusREST implements the REST endpoint for changing the status of a resourcequota.
 type StatusREST struct {
 	store *genericregistry.Store
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/batch/job/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/batch/job/BUILD
index d5d3f23ffb32..1c3e57aed4bb 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/batch/job/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/batch/job/BUILD
@@ -34,8 +34,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/batch/job",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/testapi:go_default_library",
         "//pkg/api/testing:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/batch/job/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/batch/job/storage/BUILD
index 40d02ffecd8b..e53918f074e1 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/batch/job/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/batch/job/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/batch/job/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/batch:go_default_library",
         "//pkg/apis/core:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/batch/rest/storage_batch.go b/vendor/k8s.io/kubernetes/pkg/registry/batch/rest/storage_batch.go
index 93c453de38d5..7b225a5f7a39 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/batch/rest/storage_batch.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/batch/rest/storage_batch.go
@@ -37,15 +37,15 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 	// If you add a version here, be sure to add an entry in `k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go with specific priorities.
 	// TODO refactor the plumbing to provide the information in the APIGroupInfo
 
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(batchapiv1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(batchapiv1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[batchapiv1.SchemeGroupVersion.Version] = p.v1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = batchapiv1.SchemeGroupVersion
 	}
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(batchapiv1beta1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(batchapiv1beta1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[batchapiv1beta1.SchemeGroupVersion.Version] = p.v1beta1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = batchapiv1beta1.SchemeGroupVersion
 	}
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(batchapiv2alpha1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(batchapiv2alpha1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[batchapiv2alpha1.SchemeGroupVersion.Version] = p.v2alpha1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = batchapiv2alpha1.SchemeGroupVersion
 	}
@@ -54,38 +54,32 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 }
 
 func (p RESTStorageProvider) v1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := batchapiv1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("jobs")) {
-		jobsStorage, jobsStatusStorage := jobstore.NewREST(restOptionsGetter)
-		storage["jobs"] = jobsStorage
-		storage["jobs/status"] = jobsStatusStorage
-	}
+	// jobs
+	jobsStorage, jobsStatusStorage := jobstore.NewREST(restOptionsGetter)
+	storage["jobs"] = jobsStorage
+	storage["jobs/status"] = jobsStatusStorage
+
 	return storage
 }
 
 func (p RESTStorageProvider) v1beta1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := batchapiv1beta1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("cronjobs")) {
-		cronJobsStorage, cronJobsStatusStorage := cronjobstore.NewREST(restOptionsGetter)
-		storage["cronjobs"] = cronJobsStorage
-		storage["cronjobs/status"] = cronJobsStatusStorage
-	}
+	// cronjobs
+	cronJobsStorage, cronJobsStatusStorage := cronjobstore.NewREST(restOptionsGetter)
+	storage["cronjobs"] = cronJobsStorage
+	storage["cronjobs/status"] = cronJobsStatusStorage
+
 	return storage
 }
 
 func (p RESTStorageProvider) v2alpha1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := batchapiv2alpha1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("cronjobs")) {
-		cronJobsStorage, cronJobsStatusStorage := cronjobstore.NewREST(restOptionsGetter)
-		storage["cronjobs"] = cronJobsStorage
-		storage["cronjobs/status"] = cronJobsStatusStorage
-	}
+	// cronjobs
+	cronJobsStorage, cronJobsStatusStorage := cronjobstore.NewREST(restOptionsGetter)
+	storage["cronjobs"] = cronJobsStorage
+	storage["cronjobs/status"] = cronJobsStatusStorage
+
 	return storage
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/certificates/certificates/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/certificates/certificates/BUILD
index 91af9ed73cd1..eea0343fd1dd 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/certificates/certificates/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/certificates/certificates/BUILD
@@ -32,8 +32,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/certificates/certificates",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/certificates:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/certificates/certificates/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/certificates/certificates/storage/BUILD
index 0ee0023203cf..23a23392025c 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/certificates/certificates/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/certificates/certificates/storage/BUILD
@@ -11,6 +11,9 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/registry/certificates/certificates/storage",
     deps = [
         "//pkg/apis/certificates:go_default_library",
+        "//pkg/printers:go_default_library",
+        "//pkg/printers/internalversion:go_default_library",
+        "//pkg/printers/storage:go_default_library",
         "//pkg/registry/certificates/certificates:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/certificates/certificates/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/certificates/certificates/storage/storage.go
index 4f69ac911894..77ab436fce80 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/certificates/certificates/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/certificates/certificates/storage/storage.go
@@ -23,6 +23,9 @@ import (
 	genericregistry "k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/apiserver/pkg/registry/rest"
 	"k8s.io/kubernetes/pkg/apis/certificates"
+	"k8s.io/kubernetes/pkg/printers"
+	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
+	printerstorage "k8s.io/kubernetes/pkg/printers/storage"
 	csrregistry "k8s.io/kubernetes/pkg/registry/certificates/certificates"
 )
 
@@ -42,6 +45,8 @@ func NewREST(optsGetter generic.RESTOptionsGetter) (*REST, *StatusREST, *Approva
 		UpdateStrategy: csrregistry.Strategy,
 		DeleteStrategy: csrregistry.Strategy,
 		ExportStrategy: csrregistry.Strategy,
+
+		TableConvertor: printerstorage.TableConvertor{TablePrinter: printers.NewTablePrinter().With(printersinternal.AddHandlers)},
 	}
 	options := &generic.StoreOptions{RESTOptions: optsGetter}
 	if err := store.CompleteWithOptions(options); err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/certificates/rest/storage_certificates.go b/vendor/k8s.io/kubernetes/pkg/registry/certificates/rest/storage_certificates.go
index 3fe8915b5777..777312aa0016 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/certificates/rest/storage_certificates.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/certificates/rest/storage_certificates.go
@@ -34,7 +34,7 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 	// If you add a version here, be sure to add an entry in `k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go with specific priorities.
 	// TODO refactor the plumbing to provide the information in the APIGroupInfo
 
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(certificatesapiv1beta1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(certificatesapiv1beta1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[certificatesapiv1beta1.SchemeGroupVersion.Version] = p.v1beta1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = certificatesapiv1beta1.SchemeGroupVersion
 	}
@@ -43,15 +43,13 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 }
 
 func (p RESTStorageProvider) v1beta1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := certificatesapiv1beta1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("certificatesigningrequests")) {
-		csrStorage, csrStatusStorage, csrApprovalStorage := certificatestore.NewREST(restOptionsGetter)
-		storage["certificatesigningrequests"] = csrStorage
-		storage["certificatesigningrequests/status"] = csrStatusStorage
-		storage["certificatesigningrequests/approval"] = csrApprovalStorage
-	}
+	// certificatesigningrequests
+	csrStorage, csrStatusStorage, csrApprovalStorage := certificatestore.NewREST(restOptionsGetter)
+	storage["certificatesigningrequests"] = csrStorage
+	storage["certificatesigningrequests/status"] = csrStatusStorage
+	storage["certificatesigningrequests/approval"] = csrApprovalStorage
+
 	return storage
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/componentstatus/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/componentstatus/BUILD
index 48e5f6c73bf5..d58dd84b1db6 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/componentstatus/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/componentstatus/BUILD
@@ -33,8 +33,7 @@ go_test(
         "rest_test.go",
         "validator_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/componentstatus",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/probe:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/configmap/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/configmap/BUILD
index 7af8141a14a0..b9f7c6398dce 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/configmap/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/configmap/BUILD
@@ -32,8 +32,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/configmap",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/configmap/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/configmap/storage/BUILD
index 948fa36104af..16285cd146ea 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/configmap/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/configmap/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/configmap/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
@@ -30,6 +29,9 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/registry/core/configmap/storage",
     deps = [
         "//pkg/apis/core:go_default_library",
+        "//pkg/printers:go_default_library",
+        "//pkg/printers/internalversion:go_default_library",
+        "//pkg/printers/storage:go_default_library",
         "//pkg/registry/core/configmap:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/configmap/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/core/configmap/storage/storage.go
index 50855e364077..124fca6e59d8 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/configmap/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/configmap/storage/storage.go
@@ -22,6 +22,9 @@ import (
 	genericregistry "k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/apiserver/pkg/registry/rest"
 	api "k8s.io/kubernetes/pkg/apis/core"
+	"k8s.io/kubernetes/pkg/printers"
+	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
+	printerstorage "k8s.io/kubernetes/pkg/printers/storage"
 	"k8s.io/kubernetes/pkg/registry/core/configmap"
 )
 
@@ -40,6 +43,8 @@ func NewREST(optsGetter generic.RESTOptionsGetter) *REST {
 		CreateStrategy: configmap.Strategy,
 		UpdateStrategy: configmap.Strategy,
 		DeleteStrategy: configmap.Strategy,
+
+		TableConvertor: printerstorage.TableConvertor{TablePrinter: printers.NewTablePrinter().With(printersinternal.AddHandlers)},
 	}
 	options := &generic.StoreOptions{RESTOptions: optsGetter}
 	if err := store.CompleteWithOptions(options); err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/endpoint/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/endpoint/storage/BUILD
index 93b2770d2540..05ec6af37fb8 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/endpoint/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/endpoint/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/endpoint/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/event/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/event/BUILD
index 8bdfa1d2d719..53fa733b7979 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/event/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/event/BUILD
@@ -32,8 +32,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/event",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/api/testapi:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/event/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/event/storage/BUILD
index efb61b4676fb..1c9fa7180031 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/event/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/event/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/event/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
@@ -28,6 +27,9 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/registry/core/event/storage",
     deps = [
         "//pkg/apis/core:go_default_library",
+        "//pkg/printers:go_default_library",
+        "//pkg/printers/internalversion:go_default_library",
+        "//pkg/printers/storage:go_default_library",
         "//pkg/registry/core/event:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/event/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/core/event/storage/storage.go
index 21fa08b3b739..094f00cbe3a0 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/event/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/event/storage/storage.go
@@ -22,6 +22,9 @@ import (
 	genericregistry "k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/apiserver/pkg/registry/rest"
 	api "k8s.io/kubernetes/pkg/apis/core"
+	"k8s.io/kubernetes/pkg/printers"
+	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
+	printerstorage "k8s.io/kubernetes/pkg/printers/storage"
 	"k8s.io/kubernetes/pkg/registry/core/event"
 )
 
@@ -53,6 +56,8 @@ func NewREST(optsGetter generic.RESTOptionsGetter, ttl uint64) *REST {
 		CreateStrategy: event.Strategy,
 		UpdateStrategy: event.Strategy,
 		DeleteStrategy: event.Strategy,
+
+		TableConvertor: printerstorage.TableConvertor{TablePrinter: printers.NewTablePrinter().With(printersinternal.AddHandlers)},
 	}
 	options := &generic.StoreOptions{RESTOptions: opts, AttrFunc: event.GetAttrs} // Pass in opts to use UndecoratedStorage
 	if err := store.CompleteWithOptions(options); err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/limitrange/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/limitrange/storage/BUILD
index 6de922d9d2a5..661305991860 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/limitrange/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/limitrange/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/limitrange/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/namespace/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/namespace/BUILD
index d9c43922006a..675e7db80c6b 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/namespace/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/namespace/BUILD
@@ -36,8 +36,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/namespace",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/api/testapi:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/namespace/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/namespace/storage/BUILD
index 51a01d93ca80..ff853936af7e 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/namespace/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/namespace/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/namespace/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
@@ -31,10 +30,14 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/registry/core/namespace/storage",
     deps = [
         "//pkg/apis/core:go_default_library",
+        "//pkg/printers:go_default_library",
+        "//pkg/printers/internalversion:go_default_library",
+        "//pkg/printers/storage:go_default_library",
         "//pkg/registry/core/namespace:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/namespace/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/core/namespace/storage/storage.go
index faa099a95109..77f8747b50b2 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/namespace/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/namespace/storage/storage.go
@@ -22,6 +22,7 @@ import (
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metainternalversion "k8s.io/apimachinery/pkg/apis/meta/internalversion"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	metav1beta1 "k8s.io/apimachinery/pkg/apis/meta/v1beta1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/watch"
 	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
@@ -30,7 +31,11 @@ import (
 	"k8s.io/apiserver/pkg/registry/rest"
 	"k8s.io/apiserver/pkg/storage"
 	storageerr "k8s.io/apiserver/pkg/storage/errors"
+
 	api "k8s.io/kubernetes/pkg/apis/core"
+	"k8s.io/kubernetes/pkg/printers"
+	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
+	printerstorage "k8s.io/kubernetes/pkg/printers/storage"
 	"k8s.io/kubernetes/pkg/registry/core/namespace"
 )
 
@@ -62,6 +67,8 @@ func NewREST(optsGetter generic.RESTOptionsGetter) (*REST, *StatusREST, *Finaliz
 		UpdateStrategy:      namespace.Strategy,
 		DeleteStrategy:      namespace.Strategy,
 		ReturnDeletedObject: true,
+
+		TableConvertor: printerstorage.TableConvertor{TablePrinter: printers.NewTablePrinter().With(printersinternal.AddHandlers)},
 	}
 	options := &generic.StoreOptions{RESTOptions: optsGetter, AttrFunc: namespace.GetAttrs}
 	if err := store.CompleteWithOptions(options); err != nil {
@@ -201,6 +208,10 @@ func (r *REST) Delete(ctx genericapirequest.Context, name string, options *metav
 	return r.store.Delete(ctx, name, options)
 }
 
+func (e *REST) ConvertToTable(ctx genericapirequest.Context, object runtime.Object, tableOptions runtime.Object) (*metav1beta1.Table, error) {
+	return e.store.ConvertToTable(ctx, object, tableOptions)
+}
+
 // Implement ShortNamesProvider
 var _ rest.ShortNamesProvider = &REST{}
 
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/node/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/node/BUILD
index ad3fb4995df4..32a872cb43b5 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/node/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/node/BUILD
@@ -42,8 +42,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/node",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/api/testapi:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/node/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/node/storage/BUILD
index 1cb9081d2610..bed7d0ad5b22 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/node/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/node/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/node/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/kubelet/client:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolume/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolume/BUILD
index b98e547e596c..8cf27c1c97c9 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolume/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolume/BUILD
@@ -33,8 +33,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/persistentvolume",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/api/testapi:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolume/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolume/storage/BUILD
index d8cf0d27fdc8..25c758afda32 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolume/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolume/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/persistentvolume/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
@@ -35,6 +34,9 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/registry/core/persistentvolume/storage",
     deps = [
         "//pkg/apis/core:go_default_library",
+        "//pkg/printers:go_default_library",
+        "//pkg/printers/internalversion:go_default_library",
+        "//pkg/printers/storage:go_default_library",
         "//pkg/registry/core/persistentvolume:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolume/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolume/storage/storage.go
index b8f7948f9b6c..519b7cb9c843 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolume/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolume/storage/storage.go
@@ -24,6 +24,9 @@ import (
 	genericregistry "k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/apiserver/pkg/registry/rest"
 	api "k8s.io/kubernetes/pkg/apis/core"
+	"k8s.io/kubernetes/pkg/printers"
+	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
+	printerstorage "k8s.io/kubernetes/pkg/printers/storage"
 	"k8s.io/kubernetes/pkg/registry/core/persistentvolume"
 )
 
@@ -43,6 +46,8 @@ func NewREST(optsGetter generic.RESTOptionsGetter) (*REST, *StatusREST) {
 		UpdateStrategy:      persistentvolume.Strategy,
 		DeleteStrategy:      persistentvolume.Strategy,
 		ReturnDeletedObject: true,
+
+		TableConvertor: printerstorage.TableConvertor{TablePrinter: printers.NewTablePrinter().With(printersinternal.AddHandlers)},
 	}
 	options := &generic.StoreOptions{RESTOptions: optsGetter, AttrFunc: persistentvolume.GetAttrs}
 	if err := store.CompleteWithOptions(options); err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolumeclaim/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolumeclaim/BUILD
index 6da3f612b1ab..dcf84be0849c 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolumeclaim/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolumeclaim/BUILD
@@ -32,8 +32,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/persistentvolumeclaim",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/api/testapi:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolumeclaim/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolumeclaim/storage/BUILD
index 0ef87b1507ce..c927ef5b3c77 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolumeclaim/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolumeclaim/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/persistentvolumeclaim/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
@@ -35,6 +34,9 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/registry/core/persistentvolumeclaim/storage",
     deps = [
         "//pkg/apis/core:go_default_library",
+        "//pkg/printers:go_default_library",
+        "//pkg/printers/internalversion:go_default_library",
+        "//pkg/printers/storage:go_default_library",
         "//pkg/registry/core/persistentvolumeclaim:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolumeclaim/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolumeclaim/storage/storage.go
index c361d59a47ad..2720c2d58123 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolumeclaim/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/persistentvolumeclaim/storage/storage.go
@@ -24,6 +24,9 @@ import (
 	genericregistry "k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/apiserver/pkg/registry/rest"
 	api "k8s.io/kubernetes/pkg/apis/core"
+	"k8s.io/kubernetes/pkg/printers"
+	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
+	printerstorage "k8s.io/kubernetes/pkg/printers/storage"
 	"k8s.io/kubernetes/pkg/registry/core/persistentvolumeclaim"
 )
 
@@ -43,6 +46,8 @@ func NewREST(optsGetter generic.RESTOptionsGetter) (*REST, *StatusREST) {
 		UpdateStrategy:      persistentvolumeclaim.Strategy,
 		DeleteStrategy:      persistentvolumeclaim.Strategy,
 		ReturnDeletedObject: true,
+
+		TableConvertor: printerstorage.TableConvertor{TablePrinter: printers.NewTablePrinter().With(printersinternal.AddHandlers)},
 	}
 	options := &generic.StoreOptions{RESTOptions: optsGetter, AttrFunc: persistentvolumeclaim.GetAttrs}
 	if err := store.CompleteWithOptions(options); err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/pod/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/pod/BUILD
index cf35e0ba5bb1..34e64e3514d6 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/pod/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/pod/BUILD
@@ -42,8 +42,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/pod",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/api/testapi:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/pod/rest/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/pod/rest/BUILD
index 122911086bc5..114159cdedf4 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/pod/rest/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/pod/rest/BUILD
@@ -35,8 +35,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["log_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/pod/rest",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/pod/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/pod/storage/BUILD
index 8545fae94453..c409b87a37b3 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/pod/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/pod/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/pod/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
@@ -20,7 +19,7 @@ go_test(
         "//vendor/k8s.io/apimachinery/pkg/api/equality:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1alpha1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/fields:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/pod/storage/eviction.go b/vendor/k8s.io/kubernetes/pkg/registry/core/pod/storage/eviction.go
index ff03d96dd5e5..e98a93211af9 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/pod/storage/eviction.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/pod/storage/eviction.go
@@ -125,7 +125,7 @@ func (r *EvictionREST) Create(ctx genericapirequest.Context, obj runtime.Object,
 		return rtStatus, nil
 	}
 
-	// At this point there was either no PDB or we succeded in decrementing
+	// At this point there was either no PDB or we succeeded in decrementing
 
 	// Try the delete
 	_, _, err = r.store.Delete(ctx, eviction.Name, eviction.DeleteOptions)
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/pod/strategy.go b/vendor/k8s.io/kubernetes/pkg/registry/core/pod/strategy.go
index 5cd0eb03cf73..90118016cdb0 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/pod/strategy.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/pod/strategy.go
@@ -237,12 +237,13 @@ func PodToSelectableFields(pod *api.Pod) fields.Set {
 	// amount of allocations needed to create the fields.Set. If you add any
 	// field here or the number of object-meta related fields changes, this should
 	// be adjusted.
-	podSpecificFieldsSet := make(fields.Set, 7)
+	podSpecificFieldsSet := make(fields.Set, 8)
 	podSpecificFieldsSet["spec.nodeName"] = pod.Spec.NodeName
 	podSpecificFieldsSet["spec.restartPolicy"] = string(pod.Spec.RestartPolicy)
 	podSpecificFieldsSet["spec.schedulerName"] = string(pod.Spec.SchedulerName)
 	podSpecificFieldsSet["status.phase"] = string(pod.Status.Phase)
 	podSpecificFieldsSet["status.podIP"] = string(pod.Status.PodIP)
+	podSpecificFieldsSet["status.nominatedNodeName"] = string(pod.Status.NominatedNodeName)
 	return generic.AddObjectMetaFieldsSet(podSpecificFieldsSet, &pod.ObjectMeta, true)
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/podtemplate/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/podtemplate/storage/BUILD
index 103296b4a236..438ba241c204 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/podtemplate/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/podtemplate/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/podtemplate/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/replicationcontroller/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/replicationcontroller/BUILD
index 931c1bb2877f..a55314ed708e 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/replicationcontroller/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/replicationcontroller/BUILD
@@ -39,8 +39,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/replicationcontroller",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/api/testapi:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/replicationcontroller/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/replicationcontroller/storage/BUILD
index d5177a1ff909..0ccf4bf19073 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/replicationcontroller/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/replicationcontroller/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/replicationcontroller/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/autoscaling:go_default_library",
         "//pkg/apis/core:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/resourcequota/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/resourcequota/BUILD
index 77150f2f29b1..a2458fa36840 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/resourcequota/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/resourcequota/BUILD
@@ -27,8 +27,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/resourcequota",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/resourcequota/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/resourcequota/storage/BUILD
index 38b63c3b8ab4..fb088527b7a7 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/resourcequota/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/resourcequota/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/resourcequota/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/rest/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/rest/BUILD
index 9e81ccda7793..a978a8d594e1 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/rest/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/rest/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_core_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/rest",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server/storage:go_default_library",
@@ -26,11 +25,11 @@ go_library(
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/typed/policy/internalversion:go_default_library",
+        "//pkg/features:go_default_library",
         "//pkg/kubelet/client:go_default_library",
         "//pkg/master/ports:go_default_library",
         "//pkg/registry/core/componentstatus:go_default_library",
         "//pkg/registry/core/configmap/storage:go_default_library",
-        "//pkg/registry/core/endpoint:go_default_library",
         "//pkg/registry/core/endpoint/storage:go_default_library",
         "//pkg/registry/core/event/storage:go_default_library",
         "//pkg/registry/core/limitrange/storage:go_default_library",
@@ -44,13 +43,13 @@ go_library(
         "//pkg/registry/core/replicationcontroller/storage:go_default_library",
         "//pkg/registry/core/resourcequota/storage:go_default_library",
         "//pkg/registry/core/secret/storage:go_default_library",
-        "//pkg/registry/core/service:go_default_library",
         "//pkg/registry/core/service/allocator:go_default_library",
         "//pkg/registry/core/service/allocator/storage:go_default_library",
         "//pkg/registry/core/service/ipallocator:go_default_library",
         "//pkg/registry/core/service/portallocator:go_default_library",
         "//pkg/registry/core/service/storage:go_default_library",
         "//pkg/registry/core/serviceaccount/storage:go_default_library",
+        "//pkg/serviceaccount:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
@@ -59,6 +58,7 @@ go_library(
         "//vendor/k8s.io/apiserver/pkg/server:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server/storage:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/etcd/util:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/client-go/rest:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/rest/storage_core.go b/vendor/k8s.io/kubernetes/pkg/registry/core/rest/storage_core.go
index 7a316bd500f6..d085022aae0f 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/rest/storage_core.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/rest/storage_core.go
@@ -34,15 +34,16 @@ import (
 	genericapiserver "k8s.io/apiserver/pkg/server"
 	serverstorage "k8s.io/apiserver/pkg/server/storage"
 	etcdutil "k8s.io/apiserver/pkg/storage/etcd/util"
+	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	restclient "k8s.io/client-go/rest"
 	"k8s.io/kubernetes/pkg/api/legacyscheme"
 	api "k8s.io/kubernetes/pkg/apis/core"
 	policyclient "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion"
+	"k8s.io/kubernetes/pkg/features"
 	kubeletclient "k8s.io/kubernetes/pkg/kubelet/client"
 	"k8s.io/kubernetes/pkg/master/ports"
 	"k8s.io/kubernetes/pkg/registry/core/componentstatus"
 	configmapstore "k8s.io/kubernetes/pkg/registry/core/configmap/storage"
-	"k8s.io/kubernetes/pkg/registry/core/endpoint"
 	endpointsstore "k8s.io/kubernetes/pkg/registry/core/endpoint/storage"
 	eventstore "k8s.io/kubernetes/pkg/registry/core/event/storage"
 	limitrangestore "k8s.io/kubernetes/pkg/registry/core/limitrange/storage"
@@ -56,13 +57,13 @@ import (
 	controllerstore "k8s.io/kubernetes/pkg/registry/core/replicationcontroller/storage"
 	resourcequotastore "k8s.io/kubernetes/pkg/registry/core/resourcequota/storage"
 	secretstore "k8s.io/kubernetes/pkg/registry/core/secret/storage"
-	"k8s.io/kubernetes/pkg/registry/core/service"
 	"k8s.io/kubernetes/pkg/registry/core/service/allocator"
 	serviceallocator "k8s.io/kubernetes/pkg/registry/core/service/allocator/storage"
 	"k8s.io/kubernetes/pkg/registry/core/service/ipallocator"
 	"k8s.io/kubernetes/pkg/registry/core/service/portallocator"
 	servicestore "k8s.io/kubernetes/pkg/registry/core/service/storage"
 	serviceaccountstore "k8s.io/kubernetes/pkg/registry/core/serviceaccount/storage"
+	"k8s.io/kubernetes/pkg/serviceaccount"
 )
 
 // LegacyRESTStorageProvider provides information needed to build RESTStorage for core, but
@@ -78,6 +79,9 @@ type LegacyRESTStorageProvider struct {
 	ServiceIPRange       net.IPNet
 	ServiceNodePortRange utilnet.PortRange
 
+	ServiceAccountIssuer       serviceaccount.TokenGenerator
+	ServiceAccountAPIAudiences []string
+
 	LoopbackClientConfig *restclient.Config
 }
 
@@ -115,7 +119,6 @@ func (c LegacyRESTStorageProvider) NewLegacyRESTStorage(restOptionsGetter generi
 
 	resourceQuotaStorage, resourceQuotaStatusStorage := resourcequotastore.NewREST(restOptionsGetter)
 	secretStorage := secretstore.NewREST(restOptionsGetter)
-	serviceAccountStorage := serviceaccountstore.NewREST(restOptionsGetter)
 	persistentVolumeStorage, persistentVolumeStatusStorage := pvstore.NewREST(restOptionsGetter)
 	persistentVolumeClaimStorage, persistentVolumeClaimStatusStorage := pvcstore.NewREST(restOptionsGetter)
 	configMapStorage := configmapstore.NewREST(restOptionsGetter)
@@ -123,7 +126,6 @@ func (c LegacyRESTStorageProvider) NewLegacyRESTStorage(restOptionsGetter generi
 	namespaceStorage, namespaceStatusStorage, namespaceFinalizeStorage := namespacestore.NewREST(restOptionsGetter)
 
 	endpointsStorage := endpointsstore.NewREST(restOptionsGetter)
-	endpointRegistry := endpoint.NewRegistry(endpointsStorage)
 
 	nodeStorage, err := nodestore.NewStorage(restOptionsGetter, c.KubeletClientConfig, c.ProxyTransport)
 	if err != nil {
@@ -137,8 +139,14 @@ func (c LegacyRESTStorageProvider) NewLegacyRESTStorage(restOptionsGetter generi
 		podDisruptionClient,
 	)
 
-	serviceRESTStorage, serviceStatusStorage := servicestore.NewREST(restOptionsGetter)
-	serviceRegistry := service.NewRegistry(serviceRESTStorage)
+	var serviceAccountStorage *serviceaccountstore.REST
+	if c.ServiceAccountIssuer != nil && utilfeature.DefaultFeatureGate.Enabled(features.TokenRequest) {
+		serviceAccountStorage = serviceaccountstore.NewREST(restOptionsGetter, c.ServiceAccountIssuer, c.ServiceAccountAPIAudiences, podStorage.Pod.Store, secretStorage.Store)
+	} else {
+		serviceAccountStorage = serviceaccountstore.NewREST(restOptionsGetter, nil, nil, nil, nil)
+	}
+
+	serviceRESTStorage, serviceStatusStorage := servicestore.NewGenericREST(restOptionsGetter)
 
 	var serviceClusterIPRegistry rangeallocation.RangeRegistry
 	serviceClusterIPRange := c.ServiceIPRange
@@ -151,7 +159,7 @@ func (c LegacyRESTStorageProvider) NewLegacyRESTStorage(restOptionsGetter generi
 		return LegacyRESTStorage{}, genericapiserver.APIGroupInfo{}, err
 	}
 
-	ServiceClusterIPAllocator := ipallocator.NewAllocatorCIDRRange(&serviceClusterIPRange, func(max int, rangeSpec string) allocator.Interface {
+	serviceClusterIPAllocator := ipallocator.NewAllocatorCIDRRange(&serviceClusterIPRange, func(max int, rangeSpec string) allocator.Interface {
 		mem := allocator.NewAllocationMap(max, rangeSpec)
 		// TODO etcdallocator package to return a storage interface via the storageFactory
 		etcd := serviceallocator.NewEtcd(mem, "/ranges/serviceips", api.Resource("serviceipallocations"), serviceStorageConfig)
@@ -161,7 +169,7 @@ func (c LegacyRESTStorageProvider) NewLegacyRESTStorage(restOptionsGetter generi
 	restStorage.ServiceClusterIPAllocator = serviceClusterIPRegistry
 
 	var serviceNodePortRegistry rangeallocation.RangeRegistry
-	ServiceNodePortAllocator := portallocator.NewPortAllocatorCustom(c.ServiceNodePortRange, func(max int, rangeSpec string) allocator.Interface {
+	serviceNodePortAllocator := portallocator.NewPortAllocatorCustom(c.ServiceNodePortRange, func(max int, rangeSpec string) allocator.Interface {
 		mem := allocator.NewAllocationMap(max, rangeSpec)
 		// TODO etcdallocator package to return a storage interface via the storageFactory
 		etcd := serviceallocator.NewEtcd(mem, "/ranges/servicenodeports", api.Resource("servicenodeportallocations"), serviceStorageConfig)
@@ -172,7 +180,7 @@ func (c LegacyRESTStorageProvider) NewLegacyRESTStorage(restOptionsGetter generi
 
 	controllerStorage := controllerstore.NewStorage(restOptionsGetter)
 
-	serviceRest := service.NewStorage(serviceRegistry, endpointRegistry, podStorage.Pod, ServiceClusterIPAllocator, ServiceNodePortAllocator, c.ProxyTransport)
+	serviceRest, serviceRestProxy := servicestore.NewREST(serviceRESTStorage, endpointsStorage, podStorage.Pod, serviceClusterIPAllocator, serviceNodePortAllocator, c.ProxyTransport)
 
 	restStorageMap := map[string]rest.Storage{
 		"pods":             podStorage.Pod,
@@ -190,8 +198,8 @@ func (c LegacyRESTStorageProvider) NewLegacyRESTStorage(restOptionsGetter generi
 		"replicationControllers":        controllerStorage.Controller,
 		"replicationControllers/status": controllerStorage.Status,
 
-		"services":        serviceRest.Service,
-		"services/proxy":  serviceRest.Proxy,
+		"services":        serviceRest,
+		"services/proxy":  serviceRestProxy,
 		"services/status": serviceStatusStorage,
 
 		"endpoints": endpointsStorage,
@@ -224,6 +232,9 @@ func (c LegacyRESTStorageProvider) NewLegacyRESTStorage(restOptionsGetter generi
 	if legacyscheme.Registry.IsEnabledVersion(schema.GroupVersion{Group: "policy", Version: "v1beta1"}) {
 		restStorageMap["pods/eviction"] = podStorage.Eviction
 	}
+	if serviceAccountStorage.Token != nil {
+		restStorageMap["serviceaccounts/token"] = serviceAccountStorage.Token
+	}
 	apiGroupInfo.VersionedResourcesStorageMap["v1"] = restStorageMap
 
 	return restStorage, apiGroupInfo, nil
@@ -239,7 +250,7 @@ type componentStatusStorage struct {
 
 func (s componentStatusStorage) serversToValidate() map[string]*componentstatus.Server {
 	serversToValidate := map[string]*componentstatus.Server{
-		"controller-manager": {Addr: "127.0.0.1", Port: ports.ControllerManagerPort, Path: "/healthz"},
+		"controller-manager": {Addr: "127.0.0.1", Port: ports.InsecureKubeControllerManagerPort, Path: "/healthz"},
 		"scheduler":          {Addr: "127.0.0.1", Port: ports.SchedulerPort, Path: "/healthz"},
 	}
 
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/secret/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/secret/BUILD
index 48332003ed0d..2626c3cec837 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/secret/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/secret/BUILD
@@ -10,7 +10,6 @@ go_library(
     name = "go_default_library",
     srcs = [
         "doc.go",
-        "registry.go",
         "strategy.go",
     ],
     importpath = "k8s.io/kubernetes/pkg/registry/core/secret",
@@ -19,13 +18,10 @@ go_library(
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/validation:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/fields:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/rest:go_default_library",
@@ -37,8 +33,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/secret",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/api/testapi:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/secret/registry.go b/vendor/k8s.io/kubernetes/pkg/registry/core/secret/registry.go
deleted file mode 100644
index 8d214d4f1fe8..000000000000
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/secret/registry.go
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
-Copyright 2015 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package secret
-
-import (
-	metainternalversion "k8s.io/apimachinery/pkg/apis/meta/internalversion"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/watch"
-	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
-	"k8s.io/apiserver/pkg/registry/rest"
-	api "k8s.io/kubernetes/pkg/apis/core"
-)
-
-// Registry is an interface implemented by things that know how to store Secret objects.
-type Registry interface {
-	ListSecrets(ctx genericapirequest.Context, options *metainternalversion.ListOptions) (*api.SecretList, error)
-	WatchSecrets(ctx genericapirequest.Context, options *metainternalversion.ListOptions) (watch.Interface, error)
-	GetSecret(ctx genericapirequest.Context, name string, options *metav1.GetOptions) (*api.Secret, error)
-	CreateSecret(ctx genericapirequest.Context, Secret *api.Secret, createValidation rest.ValidateObjectFunc) (*api.Secret, error)
-	UpdateSecret(ctx genericapirequest.Context, Secret *api.Secret, createValidation rest.ValidateObjectFunc, updateValidation rest.ValidateObjectUpdateFunc) (*api.Secret, error)
-	DeleteSecret(ctx genericapirequest.Context, name string) error
-}
-
-// storage puts strong typing around storage calls
-type storage struct {
-	rest.StandardStorage
-}
-
-// NewRegistry returns a new Registry interface for the given Storage. Any mismatched
-// types will panic.
-func NewRegistry(s rest.StandardStorage) Registry {
-	return &storage{s}
-}
-
-func (s *storage) ListSecrets(ctx genericapirequest.Context, options *metainternalversion.ListOptions) (*api.SecretList, error) {
-	obj, err := s.List(ctx, options)
-	if err != nil {
-		return nil, err
-	}
-	return obj.(*api.SecretList), nil
-}
-
-func (s *storage) WatchSecrets(ctx genericapirequest.Context, options *metainternalversion.ListOptions) (watch.Interface, error) {
-	return s.Watch(ctx, options)
-}
-
-func (s *storage) GetSecret(ctx genericapirequest.Context, name string, options *metav1.GetOptions) (*api.Secret, error) {
-	obj, err := s.Get(ctx, name, options)
-	if err != nil {
-		return nil, err
-	}
-	return obj.(*api.Secret), nil
-}
-
-func (s *storage) CreateSecret(ctx genericapirequest.Context, secret *api.Secret, createValidation rest.ValidateObjectFunc) (*api.Secret, error) {
-	obj, err := s.Create(ctx, secret, createValidation, false)
-	return obj.(*api.Secret), err
-}
-
-func (s *storage) UpdateSecret(ctx genericapirequest.Context, secret *api.Secret, createValidation rest.ValidateObjectFunc, updateValidation rest.ValidateObjectUpdateFunc) (*api.Secret, error) {
-	obj, _, err := s.Update(ctx, secret.Name, rest.DefaultUpdatedObjectInfo(secret), createValidation, updateValidation)
-	return obj.(*api.Secret), err
-}
-
-func (s *storage) DeleteSecret(ctx genericapirequest.Context, name string) error {
-	_, _, err := s.Delete(ctx, name, nil)
-	return err
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/secret/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/secret/storage/BUILD
index 8e73a457f1c7..32767931a471 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/secret/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/secret/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/secret/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
@@ -30,6 +29,9 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/registry/core/secret/storage",
     deps = [
         "//pkg/apis/core:go_default_library",
+        "//pkg/printers:go_default_library",
+        "//pkg/printers/internalversion:go_default_library",
+        "//pkg/printers/storage:go_default_library",
         "//pkg/registry/core/secret:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/secret/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/core/secret/storage/storage.go
index 13600daf0560..20c6413b6055 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/secret/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/secret/storage/storage.go
@@ -21,6 +21,9 @@ import (
 	"k8s.io/apiserver/pkg/registry/generic"
 	genericregistry "k8s.io/apiserver/pkg/registry/generic/registry"
 	api "k8s.io/kubernetes/pkg/apis/core"
+	"k8s.io/kubernetes/pkg/printers"
+	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
+	printerstorage "k8s.io/kubernetes/pkg/printers/storage"
 	"k8s.io/kubernetes/pkg/registry/core/secret"
 )
 
@@ -40,6 +43,8 @@ func NewREST(optsGetter generic.RESTOptionsGetter) *REST {
 		UpdateStrategy: secret.Strategy,
 		DeleteStrategy: secret.Strategy,
 		ExportStrategy: secret.Strategy,
+
+		TableConvertor: printerstorage.TableConvertor{TablePrinter: printers.NewTablePrinter().With(printersinternal.AddHandlers)},
 	}
 	options := &generic.StoreOptions{RESTOptions: optsGetter, AttrFunc: secret.GetAttrs}
 	if err := store.CompleteWithOptions(options); err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/service/BUILD
index 5356efdd980d..fd277aa7c931 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/service/BUILD
@@ -12,68 +12,40 @@ go_library(
         "doc.go",
         "proxy.go",
         "registry.go",
-        "rest.go",
         "strategy.go",
     ],
     importpath = "k8s.io/kubernetes/pkg/registry/core/service",
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
-        "//pkg/api/service:go_default_library",
         "//pkg/apis/core:go_default_library",
-        "//pkg/apis/core/helper:go_default_library",
         "//pkg/apis/core/validation:go_default_library",
         "//pkg/capabilities:go_default_library",
-        "//pkg/features:go_default_library",
-        "//pkg/registry/core/endpoint:go_default_library",
-        "//pkg/registry/core/pod/storage:go_default_library",
-        "//pkg/registry/core/service/ipallocator:go_default_library",
-        "//pkg/registry/core/service/portallocator:go_default_library",
-        "//vendor/github.com/golang/glog:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/proxy:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/rest:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/names:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
     ],
 )
 
 go_test(
     name = "go_default_test",
-    srcs = [
-        "rest_test.go",
-        "strategy_test.go",
-    ],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/service",
-    library = ":go_default_library",
+    srcs = ["strategy_test.go"],
+    embed = [":go_default_library"],
     deps = [
-        "//pkg/api/service:go_default_library",
         "//pkg/apis/core:go_default_library",
-        "//pkg/apis/core/helper:go_default_library",
-        "//pkg/features:go_default_library",
-        "//pkg/registry/core/pod/storage:go_default_library",
-        "//pkg/registry/core/service/ipallocator:go_default_library",
-        "//pkg/registry/core/service/portallocator:go_default_library",
-        "//pkg/registry/registrytest:go_default_library",
+        "//pkg/apis/core/install:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/api/meta:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/rand:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/rest:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/storage/etcd/testing:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/allocator/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/service/allocator/BUILD
index ef863f8c3a25..753506c1b308 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/allocator/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/service/allocator/BUILD
@@ -22,8 +22,7 @@ go_test(
         "bitmap_test.go",
         "utils_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/service/allocator",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/allocator/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/service/allocator/storage/BUILD
index 18a175e63bbb..d77f66c405dd 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/allocator/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/service/allocator/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/service/allocator/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/registry/core/service/allocator:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/BUILD
index 17b5d4925524..63fbf6b6cea7 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/BUILD
@@ -19,8 +19,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["allocator_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/service/ipallocator",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/allocator.go b/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/allocator.go
index b480418c2f30..bb5c2984df5b 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/allocator.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/allocator.go
@@ -262,11 +262,18 @@ func calculateIPOffset(base *big.Int, ip net.IP) int {
 // RangeSize returns the size of a range in valid addresses.
 func RangeSize(subnet *net.IPNet) int64 {
 	ones, bits := subnet.Mask.Size()
-	if bits == 32 && (bits-ones) >= 31 || bits == 128 && (bits-ones) >= 63 {
+	if bits == 32 && (bits-ones) >= 31 || bits == 128 && (bits-ones) >= 127 {
 		return 0
 	}
-	max := int64(1) << uint(bits-ones)
-	return max
+	// For IPv6, the max size will be limited to 65536
+	// This is due to the allocator keeping track of all the
+	// allocated IP's in a bitmap. This will keep the size of
+	// the bitmap to 64k.
+	if bits == 128 && (bits-ones) >= 16 {
+		return int64(1) << uint(16)
+	} else {
+		return int64(1) << uint(bits-ones)
+	}
 }
 
 // GetIndexedIP returns a net.IP that is subnet.IP + index in the contiguous IP space.
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/controller/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/controller/BUILD
index b6a8f0a64d13..88e8d0b2a049 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/controller/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/controller/BUILD
@@ -11,15 +11,18 @@ go_library(
     srcs = ["repair.go"],
     importpath = "k8s.io/kubernetes/pkg/registry/core/service/ipallocator/controller",
     deps = [
+        "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/helper:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/typed/core/internalversion:go_default_library",
         "//pkg/registry/core/rangeallocation:go_default_library",
         "//pkg/registry/core/service/ipallocator:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
+        "//vendor/k8s.io/client-go/tools/record:go_default_library",
         "//vendor/k8s.io/client-go/util/retry:go_default_library",
     ],
 )
@@ -27,8 +30,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["repair_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/service/ipallocator/controller",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/fake:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/controller/repair.go b/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/controller/repair.go
index fa2cae7f3a21..b4aaf1c289c3 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/controller/repair.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/service/ipallocator/controller/repair.go
@@ -21,11 +21,14 @@ import (
 	"net"
 	"time"
 
+	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/wait"
+	"k8s.io/client-go/tools/record"
 	"k8s.io/client-go/util/retry"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
 	api "k8s.io/kubernetes/pkg/apis/core"
 	"k8s.io/kubernetes/pkg/apis/core/helper"
 	coreclient "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion"
@@ -54,6 +57,7 @@ type Repair struct {
 	network       *net.IPNet
 	alloc         rangeallocation.RangeRegistry
 	leaks         map[string]int // counter per leaked IP
+	recorder      record.EventRecorder
 }
 
 // How many times we need to detect a leak before we clean up.  This is to
@@ -62,13 +66,18 @@ const numRepairsBeforeLeakCleanup = 3
 
 // NewRepair creates a controller that periodically ensures that all clusterIPs are uniquely allocated across the cluster
 // and generates informational warnings for a cluster that is not in sync.
-func NewRepair(interval time.Duration, serviceClient coreclient.ServicesGetter, network *net.IPNet, alloc rangeallocation.RangeRegistry) *Repair {
+func NewRepair(interval time.Duration, serviceClient coreclient.ServicesGetter, eventClient coreclient.EventsGetter, network *net.IPNet, alloc rangeallocation.RangeRegistry) *Repair {
+	eventBroadcaster := record.NewBroadcaster()
+	eventBroadcaster.StartRecordingToSink(&coreclient.EventSinkImpl{Interface: eventClient.Events("")})
+	recorder := eventBroadcaster.NewRecorder(legacyscheme.Scheme, v1.EventSource{Component: "ipallocator-repair-controller"})
+
 	return &Repair{
 		interval:      interval,
 		serviceClient: serviceClient,
 		network:       network,
 		alloc:         alloc,
 		leaks:         map[string]int{},
+		recorder:      recorder,
 	}
 }
 
@@ -136,6 +145,7 @@ func (c *Repair) runOnce() error {
 		ip := net.ParseIP(svc.Spec.ClusterIP)
 		if ip == nil {
 			// cluster IP is corrupt
+			c.recorder.Eventf(&svc, v1.EventTypeWarning, "ClusterIPNotValid", "Cluster IP %s is not a valid IP; please recreate service", svc.Spec.ClusterIP)
 			runtime.HandleError(fmt.Errorf("the cluster IP %s for service %s/%s is not a valid IP; please recreate", svc.Spec.ClusterIP, svc.Name, svc.Namespace))
 			continue
 		}
@@ -147,22 +157,24 @@ func (c *Repair) runOnce() error {
 				stored.Release(ip)
 			} else {
 				// cluster IP doesn't seem to be allocated
-				runtime.HandleError(fmt.Errorf("the cluster IP %s for service %s/%s is not allocated; repairing", svc.Spec.ClusterIP, svc.Name, svc.Namespace))
+				c.recorder.Eventf(&svc, v1.EventTypeWarning, "ClusterIPNotAllocated", "Cluster IP %s is not allocated; repairing", ip)
+				runtime.HandleError(fmt.Errorf("the cluster IP %s for service %s/%s is not allocated; repairing", ip, svc.Name, svc.Namespace))
 			}
 			delete(c.leaks, ip.String()) // it is used, so it can't be leaked
 		case ipallocator.ErrAllocated:
-			// TODO: send event
 			// cluster IP is duplicate
+			c.recorder.Eventf(&svc, v1.EventTypeWarning, "ClusterIPAlreadyAllocated", "Cluster IP %s was assigned to multiple services; please recreate service", ip)
 			runtime.HandleError(fmt.Errorf("the cluster IP %s for service %s/%s was assigned to multiple services; please recreate", ip, svc.Name, svc.Namespace))
 		case err.(*ipallocator.ErrNotInRange):
-			// TODO: send event
 			// cluster IP is out of range
+			c.recorder.Eventf(&svc, v1.EventTypeWarning, "ClusterIPOutOfRange", "Cluster IP %s is not within the service CIDR %s; please recreate service", ip, c.network)
 			runtime.HandleError(fmt.Errorf("the cluster IP %s for service %s/%s is not within the service CIDR %s; please recreate", ip, svc.Name, svc.Namespace, c.network))
 		case ipallocator.ErrFull:
-			// TODO: send event
 			// somehow we are out of IPs
-			return fmt.Errorf("the service CIDR %v is full; you must widen the CIDR in order to create new services", rebuilt)
+			c.recorder.Eventf(&svc, v1.EventTypeWarning, "ServiceCIDRFull", "Service CIDR %s is full; you must widen the CIDR in order to create new services", c.network)
+			return fmt.Errorf("the service CIDR %s is full; you must widen the CIDR in order to create new services", c.network)
 		default:
+			c.recorder.Eventf(&svc, v1.EventTypeWarning, "UnknownError", "Unable to allocate cluster IP %s due to an unknown error", ip)
 			return fmt.Errorf("unable to allocate cluster IP %s for service %s/%s due to an unknown error, exiting: %v", ip, svc.Name, svc.Namespace, err)
 		}
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/portallocator/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/service/portallocator/BUILD
index 4d038b33add6..c997a6776aca 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/portallocator/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/service/portallocator/BUILD
@@ -24,8 +24,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["allocator_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/service/portallocator",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/portallocator/allocator.go b/vendor/k8s.io/kubernetes/pkg/registry/core/service/portallocator/allocator.go
index c31f4b045ea0..a9db71cd3284 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/portallocator/allocator.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/service/portallocator/allocator.go
@@ -74,7 +74,7 @@ func NewPortAllocatorCustom(pr net.PortRange, allocatorFactory allocator.Allocat
 	return a
 }
 
-// Helper that wraps NewAllocatorCIDRRange, for creating a range backed by an in-memory store.
+// Helper that wraps NewPortAllocatorCustom, for creating a range backed by an in-memory store.
 func NewPortAllocator(pr net.PortRange) *PortAllocator {
 	return NewPortAllocatorCustom(pr, func(max int, rangeSpec string) allocator.Interface {
 		return allocator.NewAllocationMap(max, rangeSpec)
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/portallocator/controller/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/service/portallocator/controller/BUILD
index 01408f6fba65..ab35e950a1dd 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/portallocator/controller/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/service/portallocator/controller/BUILD
@@ -11,16 +11,18 @@ go_library(
     srcs = ["repair.go"],
     importpath = "k8s.io/kubernetes/pkg/registry/core/service/portallocator/controller",
     deps = [
+        "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/typed/core/internalversion:go_default_library",
         "//pkg/registry/core/rangeallocation:go_default_library",
-        "//pkg/registry/core/service:go_default_library",
         "//pkg/registry/core/service/portallocator:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
+        "//vendor/k8s.io/client-go/tools/record:go_default_library",
         "//vendor/k8s.io/client-go/util/retry:go_default_library",
     ],
 )
@@ -28,8 +30,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["repair_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/service/portallocator/controller",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/fake:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/portallocator/controller/repair.go b/vendor/k8s.io/kubernetes/pkg/registry/core/service/portallocator/controller/repair.go
index e02ca3ef1e4f..1e4dc685c3d9 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/portallocator/controller/repair.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/service/portallocator/controller/repair.go
@@ -20,16 +20,18 @@ import (
 	"fmt"
 	"time"
 
+	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/util/net"
 	"k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/wait"
+	"k8s.io/client-go/tools/record"
 	"k8s.io/client-go/util/retry"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
 	api "k8s.io/kubernetes/pkg/apis/core"
 	coreclient "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion"
 	"k8s.io/kubernetes/pkg/registry/core/rangeallocation"
-	"k8s.io/kubernetes/pkg/registry/core/service"
 	"k8s.io/kubernetes/pkg/registry/core/service/portallocator"
 )
 
@@ -40,6 +42,7 @@ type Repair struct {
 	portRange     net.PortRange
 	alloc         rangeallocation.RangeRegistry
 	leaks         map[int]int // counter per leaked port
+	recorder      record.EventRecorder
 }
 
 // How many times we need to detect a leak before we clean up.  This is to
@@ -48,13 +51,18 @@ const numRepairsBeforeLeakCleanup = 3
 
 // NewRepair creates a controller that periodically ensures that all ports are uniquely allocated across the cluster
 // and generates informational warnings for a cluster that is not in sync.
-func NewRepair(interval time.Duration, serviceClient coreclient.ServicesGetter, portRange net.PortRange, alloc rangeallocation.RangeRegistry) *Repair {
+func NewRepair(interval time.Duration, serviceClient coreclient.ServicesGetter, eventClient coreclient.EventsGetter, portRange net.PortRange, alloc rangeallocation.RangeRegistry) *Repair {
+	eventBroadcaster := record.NewBroadcaster()
+	eventBroadcaster.StartRecordingToSink(&coreclient.EventSinkImpl{Interface: eventClient.Events("")})
+	recorder := eventBroadcaster.NewRecorder(legacyscheme.Scheme, v1.EventSource{Component: "portallocator-repair-controller"})
+
 	return &Repair{
 		interval:      interval,
 		serviceClient: serviceClient,
 		portRange:     portRange,
 		alloc:         alloc,
 		leaks:         map[int]int{},
+		recorder:      recorder,
 	}
 }
 
@@ -117,7 +125,7 @@ func (c *Repair) runOnce() error {
 	// Check every Service's ports, and rebuild the state as we think it should be.
 	for i := range list.Items {
 		svc := &list.Items[i]
-		ports := service.CollectServiceNodePorts(svc)
+		ports := collectServiceNodePorts(svc)
 		if len(ports) == 0 {
 			continue
 		}
@@ -130,22 +138,24 @@ func (c *Repair) runOnce() error {
 					stored.Release(port)
 				} else {
 					// doesn't seem to be allocated
+					c.recorder.Eventf(svc, v1.EventTypeWarning, "PortNotAllocated", "Port %d is not allocated; repairing", port)
 					runtime.HandleError(fmt.Errorf("the node port %d for service %s/%s is not allocated; repairing", port, svc.Name, svc.Namespace))
 				}
 				delete(c.leaks, port) // it is used, so it can't be leaked
 			case portallocator.ErrAllocated:
-				// TODO: send event
 				// port is duplicate, reallocate
+				c.recorder.Eventf(svc, v1.EventTypeWarning, "PortAlreadyAllocated", "Port %d was assigned to multiple services; please recreate service", port)
 				runtime.HandleError(fmt.Errorf("the node port %d for service %s/%s was assigned to multiple services; please recreate", port, svc.Name, svc.Namespace))
 			case err.(*portallocator.ErrNotInRange):
-				// TODO: send event
 				// port is out of range, reallocate
-				runtime.HandleError(fmt.Errorf("the port %d for service %s/%s is not within the port range %v; please recreate", port, svc.Name, svc.Namespace, c.portRange))
+				c.recorder.Eventf(svc, v1.EventTypeWarning, "PortOutOfRange", "Port %d is not within the port range %s; please recreate service", port, c.portRange)
+				runtime.HandleError(fmt.Errorf("the port %d for service %s/%s is not within the port range %s; please recreate", port, svc.Name, svc.Namespace, c.portRange))
 			case portallocator.ErrFull:
-				// TODO: send event
 				// somehow we are out of ports
-				return fmt.Errorf("the port range %v is full; you must widen the port range in order to create new services", c.portRange)
+				c.recorder.Eventf(svc, v1.EventTypeWarning, "PortRangeFull", "Port range %s is full; you must widen the port range in order to create new services", c.portRange)
+				return fmt.Errorf("the port range %s is full; you must widen the port range in order to create new services", c.portRange)
 			default:
+				c.recorder.Eventf(svc, v1.EventTypeWarning, "UnknownError", "Unable to allocate port %d due to an unknown error", port)
 				return fmt.Errorf("unable to allocate port %d for service %s/%s due to an unknown error, exiting: %v", port, svc.Name, svc.Namespace, err)
 			}
 		}
@@ -185,3 +195,14 @@ func (c *Repair) runOnce() error {
 	}
 	return nil
 }
+
+func collectServiceNodePorts(service *api.Service) []int {
+	servicePorts := []int{}
+	for i := range service.Spec.Ports {
+		servicePort := &service.Spec.Ports[i]
+		if servicePort.NodePort != 0 {
+			servicePorts = append(servicePorts, int(servicePort.NodePort))
+		}
+	}
+	return servicePorts
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/proxy.go b/vendor/k8s.io/kubernetes/pkg/registry/core/service/proxy.go
index 1956f276fb38..23e016b07afb 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/proxy.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/service/proxy.go
@@ -32,7 +32,7 @@ import (
 
 // ProxyREST implements the proxy subresource for a Service
 type ProxyREST struct {
-	ServiceRest    *REST
+	Redirector     rest.Redirector
 	ProxyTransport http.RoundTripper
 }
 
@@ -62,7 +62,7 @@ func (r *ProxyREST) Connect(ctx genericapirequest.Context, id string, opts runti
 	if !ok {
 		return nil, fmt.Errorf("Invalid options object: %#v", opts)
 	}
-	location, transport, err := r.ServiceRest.ResourceLocation(ctx, id)
+	location, transport, err := r.Redirector.ResourceLocation(ctx, id)
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/service/storage/BUILD
index 49826b6330fd..859d0f645516 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/service/storage/BUILD
@@ -8,39 +8,74 @@ load(
 
 go_test(
     name = "go_default_test",
-    srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/service/storage",
-    library = ":go_default_library",
+    srcs = [
+        "rest_test.go",
+        "storage_test.go",
+    ],
+    embed = [":go_default_library"],
     deps = [
+        "//pkg/api/service:go_default_library",
         "//pkg/apis/core:go_default_library",
+        "//pkg/apis/core/helper:go_default_library",
+        "//pkg/registry/core/endpoint/storage:go_default_library",
+        "//pkg/registry/core/pod/storage:go_default_library",
+        "//pkg/registry/core/service/ipallocator:go_default_library",
+        "//pkg/registry/core/service/portallocator:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/meta:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/fields:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/rand:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic/testing:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/registry/rest:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/etcd/testing:go_default_library",
     ],
 )
 
 go_library(
     name = "go_default_library",
-    srcs = ["storage.go"],
+    srcs = [
+        "rest.go",
+        "storage.go",
+    ],
     importpath = "k8s.io/kubernetes/pkg/registry/core/service/storage",
     deps = [
+        "//pkg/api/service:go_default_library",
         "//pkg/apis/core:go_default_library",
+        "//pkg/apis/core/helper:go_default_library",
+        "//pkg/apis/core/validation:go_default_library",
+        "//pkg/features:go_default_library",
         "//pkg/printers:go_default_library",
         "//pkg/printers/internalversion:go_default_library",
         "//pkg/printers/storage:go_default_library",
         "//pkg/registry/core/service:go_default_library",
+        "//pkg/registry/core/service/ipallocator:go_default_library",
+        "//pkg/registry/core/service/portallocator:go_default_library",
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic/registry:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/rest:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/rest.go b/vendor/k8s.io/kubernetes/pkg/registry/core/service/storage/rest.go
similarity index 77%
rename from vendor/k8s.io/kubernetes/pkg/registry/core/service/rest.go
rename to vendor/k8s.io/kubernetes/pkg/registry/core/service/storage/rest.go
index c710d8509d24..6dea373d1892 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/rest.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/service/storage/rest.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package service
+package storage
 
 import (
 	"fmt"
@@ -28,6 +28,7 @@ import (
 	"k8s.io/apimachinery/pkg/api/errors"
 	metainternalversion "k8s.io/apimachinery/pkg/apis/meta/internalversion"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	metav1beta1 "k8s.io/apimachinery/pkg/apis/meta/v1beta1"
 	"k8s.io/apimachinery/pkg/runtime"
 	utilnet "k8s.io/apimachinery/pkg/util/net"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
@@ -36,31 +37,25 @@ import (
 	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
 	"k8s.io/apiserver/pkg/registry/rest"
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
+
 	apiservice "k8s.io/kubernetes/pkg/api/service"
 	api "k8s.io/kubernetes/pkg/apis/core"
 	"k8s.io/kubernetes/pkg/apis/core/helper"
 	"k8s.io/kubernetes/pkg/apis/core/validation"
 	"k8s.io/kubernetes/pkg/features"
-	"k8s.io/kubernetes/pkg/registry/core/endpoint"
-	podstore "k8s.io/kubernetes/pkg/registry/core/pod/storage"
+	registry "k8s.io/kubernetes/pkg/registry/core/service"
 	"k8s.io/kubernetes/pkg/registry/core/service/ipallocator"
 	"k8s.io/kubernetes/pkg/registry/core/service/portallocator"
 )
 
-// ServiceRest includes storage for services and all sub resources
-type ServiceRest struct {
-	Service *REST
-	Proxy   *ProxyREST
-}
-
 // REST adapts a service registry into apiserver's RESTStorage model.
 type REST struct {
-	registry         Registry
-	endpoints        endpoint.Registry
+	services         ServiceStorage
+	endpoints        EndpointsStorage
 	serviceIPs       ipallocator.Interface
 	serviceNodePorts portallocator.Interface
 	proxyTransport   http.RoundTripper
-	pods             *podstore.REST
+	pods             rest.Getter
 }
 
 // ServiceNodePort includes protocol and port number of a service NodePort.
@@ -73,23 +68,50 @@ type ServiceNodePort struct {
 	NodePort int32
 }
 
-// NewStorage returns a new REST.
-func NewStorage(registry Registry, endpoints endpoint.Registry, pods *podstore.REST, serviceIPs ipallocator.Interface,
-	serviceNodePorts portallocator.Interface, proxyTransport http.RoundTripper) *ServiceRest {
+type ServiceStorage interface {
+	rest.Getter
+	rest.Lister
+	rest.CreaterUpdater
+	rest.GracefulDeleter
+	rest.Watcher
+	rest.TableConvertor
+	rest.Exporter
+}
+
+type EndpointsStorage interface {
+	rest.Getter
+	rest.GracefulDeleter
+}
+
+// NewREST returns a wrapper around the underlying generic storage and performs
+// allocations and deallocations of various service related resources like ports.
+// TODO: all transactional behavior should be supported from within generic storage
+//   or the strategy.
+func NewREST(
+	services ServiceStorage,
+	endpoints EndpointsStorage,
+	pods rest.Getter,
+	serviceIPs ipallocator.Interface,
+	serviceNodePorts portallocator.Interface,
+	proxyTransport http.RoundTripper,
+) (*REST, *registry.ProxyREST) {
 	rest := &REST{
-		registry:         registry,
+		services:         services,
 		endpoints:        endpoints,
 		serviceIPs:       serviceIPs,
 		serviceNodePorts: serviceNodePorts,
 		proxyTransport:   proxyTransport,
 		pods:             pods,
 	}
-	return &ServiceRest{
-		Service: rest,
-		Proxy:   &ProxyREST{ServiceRest: rest, ProxyTransport: proxyTransport},
-	}
+	return rest, &registry.ProxyREST{Redirector: rest, ProxyTransport: proxyTransport}
 }
 
+var (
+	_ ServiceStorage          = &REST{}
+	_ rest.CategoriesProvider = &REST{}
+	_ rest.ShortNamesProvider = &REST{}
+)
+
 // ShortNames implements the ShortNamesProvider interface. Returns a list of short names for a resource.
 func (rs *REST) ShortNames() []string {
 	return []string{"svc"}
@@ -100,11 +122,34 @@ func (rs *REST) Categories() []string {
 	return []string{"all"}
 }
 
-// TODO: implement includeUninitialized by refactoring this to move to store
+func (rs *REST) New() runtime.Object {
+	return rs.services.New()
+}
+
+func (rs *REST) NewList() runtime.Object {
+	return rs.services.NewList()
+}
+
+func (rs *REST) Get(ctx genericapirequest.Context, name string, options *metav1.GetOptions) (runtime.Object, error) {
+	return rs.services.Get(ctx, name, options)
+}
+
+func (rs *REST) List(ctx genericapirequest.Context, options *metainternalversion.ListOptions) (runtime.Object, error) {
+	return rs.services.List(ctx, options)
+}
+
+func (rs *REST) Watch(ctx genericapirequest.Context, options *metainternalversion.ListOptions) (watch.Interface, error) {
+	return rs.services.Watch(ctx, options)
+}
+
+func (rs *REST) Export(ctx genericapirequest.Context, name string, opts metav1.ExportOptions) (runtime.Object, error) {
+	return rs.services.Export(ctx, name, opts)
+}
+
 func (rs *REST) Create(ctx genericapirequest.Context, obj runtime.Object, createValidation rest.ValidateObjectFunc, includeUninitialized bool) (runtime.Object, error) {
 	service := obj.(*api.Service)
 
-	if err := rest.BeforeCreate(Strategy, ctx, obj); err != nil {
+	if err := rest.BeforeCreate(registry.Strategy, ctx, obj); err != nil {
 		return nil, err
 	}
 
@@ -120,7 +165,7 @@ func (rs *REST) Create(ctx genericapirequest.Context, obj runtime.Object, create
 
 	var err error
 	if service.Spec.Type != api.ServiceTypeExternalName {
-		if releaseServiceIP, err = rs.initClusterIP(service); err != nil {
+		if releaseServiceIP, err = initClusterIP(service, rs.serviceIPs); err != nil {
 			return nil, err
 		}
 	}
@@ -129,33 +174,31 @@ func (rs *REST) Create(ctx genericapirequest.Context, obj runtime.Object, create
 	defer nodePortOp.Finish()
 
 	if service.Spec.Type == api.ServiceTypeNodePort || service.Spec.Type == api.ServiceTypeLoadBalancer {
-		if err := rs.initNodePorts(service, nodePortOp); err != nil {
+		if err := initNodePorts(service, nodePortOp); err != nil {
 			return nil, err
 		}
 	}
 
-	// Handle ExternalTraiffc related fields during service creation.
-	if utilfeature.DefaultFeatureGate.Enabled(features.ExternalTrafficLocalOnly) {
-		if apiservice.NeedsHealthCheck(service) {
-			if err := rs.allocateHealthCheckNodePort(service, nodePortOp); err != nil {
-				return nil, errors.NewInternalError(err)
-			}
-		}
-		if errs := validation.ValidateServiceExternalTrafficFieldsCombination(service); len(errs) > 0 {
-			return nil, errors.NewInvalid(api.Kind("Service"), service.Name, errs)
+	// Handle ExternalTraffic related fields during service creation.
+	if apiservice.NeedsHealthCheck(service) {
+		if err := allocateHealthCheckNodePort(service, nodePortOp); err != nil {
+			return nil, errors.NewInternalError(err)
 		}
 	}
+	if errs := validation.ValidateServiceExternalTrafficFieldsCombination(service); len(errs) > 0 {
+		return nil, errors.NewInvalid(api.Kind("Service"), service.Name, errs)
+	}
 
-	out, err := rs.registry.CreateService(ctx, service, createValidation)
+	out, err := rs.services.Create(ctx, service, createValidation, includeUninitialized)
 	if err != nil {
-		err = rest.CheckGeneratedNameError(Strategy, err, service)
+		err = rest.CheckGeneratedNameError(registry.Strategy, err, service)
 	}
 
 	if err == nil {
 		el := nodePortOp.Commit()
 		if el != nil {
 			// these should be caught by an eventual reconciliation / restart
-			glog.Errorf("error(s) committing service node-ports changes: %v", el)
+			utilruntime.HandleError(fmt.Errorf("error(s) committing service node-ports changes: %v", el))
 		}
 
 		releaseServiceIP = false
@@ -164,76 +207,56 @@ func (rs *REST) Create(ctx genericapirequest.Context, obj runtime.Object, create
 	return out, err
 }
 
-func (rs *REST) Delete(ctx genericapirequest.Context, id string) (runtime.Object, error) {
-	service, err := rs.registry.GetService(ctx, id, &metav1.GetOptions{})
+func (rs *REST) Delete(ctx genericapirequest.Context, id string, options *metav1.DeleteOptions) (runtime.Object, bool, error) {
+	// TODO: handle graceful
+	obj, _, err := rs.services.Delete(ctx, id, options)
 	if err != nil {
-		return nil, err
+		return nil, false, err
 	}
 
-	err = rs.registry.DeleteService(ctx, id)
-	if err != nil {
-		return nil, err
-	}
+	svc := obj.(*api.Service)
 
 	// TODO: can leave dangling endpoints, and potentially return incorrect
 	// endpoints if a new service is created with the same name
-	err = rs.endpoints.DeleteEndpoints(ctx, id)
+	_, _, err = rs.endpoints.Delete(ctx, id, &metav1.DeleteOptions{})
 	if err != nil && !errors.IsNotFound(err) {
-		return nil, err
+		return nil, false, err
 	}
 
-	if helper.IsServiceIPSet(service) {
-		rs.serviceIPs.Release(net.ParseIP(service.Spec.ClusterIP))
+	if helper.IsServiceIPSet(svc) {
+		rs.serviceIPs.Release(net.ParseIP(svc.Spec.ClusterIP))
 	}
 
-	for _, nodePort := range CollectServiceNodePorts(service) {
+	for _, nodePort := range collectServiceNodePorts(svc) {
 		err := rs.serviceNodePorts.Release(nodePort)
 		if err != nil {
 			// these should be caught by an eventual reconciliation / restart
-			glog.Errorf("Error releasing service %s node port %d: %v", service.Name, nodePort, err)
+			utilruntime.HandleError(fmt.Errorf("Error releasing service %s node port %d: %v", svc.Name, nodePort, err))
 		}
 	}
 
-	if utilfeature.DefaultFeatureGate.Enabled(features.ExternalTrafficLocalOnly) &&
-		apiservice.NeedsHealthCheck(service) {
-		nodePort := service.Spec.HealthCheckNodePort
+	if apiservice.NeedsHealthCheck(svc) {
+		nodePort := svc.Spec.HealthCheckNodePort
 		if nodePort > 0 {
 			err := rs.serviceNodePorts.Release(int(nodePort))
 			if err != nil {
 				// these should be caught by an eventual reconciliation / restart
-				utilruntime.HandleError(fmt.Errorf("Error releasing service %s health check node port %d: %v", service.Name, nodePort, err))
+				utilruntime.HandleError(fmt.Errorf("Error releasing service %s health check node port %d: %v", svc.Name, nodePort, err))
 			}
 		}
 	}
-	return &metav1.Status{Status: metav1.StatusSuccess}, nil
-}
-
-func (rs *REST) Get(ctx genericapirequest.Context, id string, options *metav1.GetOptions) (runtime.Object, error) {
-	return rs.registry.GetService(ctx, id, options)
-}
 
-func (rs *REST) List(ctx genericapirequest.Context, options *metainternalversion.ListOptions) (runtime.Object, error) {
-	return rs.registry.ListServices(ctx, options)
-}
-
-// Watch returns Services events via a watch.Interface.
-// It implements rest.Watcher.
-func (rs *REST) Watch(ctx genericapirequest.Context, options *metainternalversion.ListOptions) (watch.Interface, error) {
-	return rs.registry.WatchServices(ctx, options)
-}
-
-// Export returns Service stripped of cluster-specific information.
-// It implements rest.Exporter.
-func (rs *REST) Export(ctx genericapirequest.Context, name string, opts metav1.ExportOptions) (runtime.Object, error) {
-	return rs.registry.ExportService(ctx, name, opts)
-}
-
-func (*REST) New() runtime.Object {
-	return &api.Service{}
-}
-
-func (*REST) NewList() runtime.Object {
-	return &api.ServiceList{}
+	// TODO: this is duplicated from the generic storage, when this wrapper is fully removed we can drop this
+	details := &metav1.StatusDetails{
+		Name: svc.Name,
+		UID:  svc.UID,
+	}
+	if info, ok := genericapirequest.RequestInfoFrom(ctx); ok {
+		details.Group = info.APIGroup
+		details.Kind = info.Resource // legacy behavior
+	}
+	status := &metav1.Status{Status: metav1.StatusSuccess, Details: details}
+	return status, true, nil
 }
 
 // externalTrafficPolicyUpdate adjusts ExternalTrafficPolicy during service update if needed.
@@ -270,7 +293,7 @@ func (rs *REST) healthCheckNodePortUpdate(oldService, service *api.Service, node
 	// Insert health check node port into the service's HealthCheckNodePort field if needed.
 	case !neededHealthCheckNodePort && needsHealthCheckNodePort:
 		glog.Infof("Transition to LoadBalancer type service with ExternalTrafficPolicy=Local")
-		if err := rs.allocateHealthCheckNodePort(service, nodePortOp); err != nil {
+		if err := allocateHealthCheckNodePort(service, nodePortOp); err != nil {
 			return false, errors.NewInternalError(err)
 		}
 
@@ -298,10 +321,11 @@ func (rs *REST) healthCheckNodePortUpdate(oldService, service *api.Service, node
 }
 
 func (rs *REST) Update(ctx genericapirequest.Context, name string, objInfo rest.UpdatedObjectInfo, createValidation rest.ValidateObjectFunc, updateValidation rest.ValidateObjectUpdateFunc) (runtime.Object, bool, error) {
-	oldService, err := rs.registry.GetService(ctx, name, &metav1.GetOptions{})
+	oldObj, err := rs.services.Get(ctx, name, &metav1.GetOptions{})
 	if err != nil {
 		return nil, false, err
 	}
+	oldService := oldObj.(*api.Service)
 
 	obj, err := objInfo.UpdatedObject(ctx, oldService)
 	if err != nil {
@@ -334,7 +358,7 @@ func (rs *REST) Update(ctx genericapirequest.Context, name string, objInfo rest.
 
 	// Update service from ExternalName to non-ExternalName, should initialize ClusterIP.
 	if oldService.Spec.Type == api.ServiceTypeExternalName && service.Spec.Type != api.ServiceTypeExternalName {
-		if releaseServiceIP, err = rs.initClusterIP(service); err != nil {
+		if releaseServiceIP, err = initClusterIP(service, rs.serviceIPs); err != nil {
 			return nil, false, err
 		}
 	}
@@ -347,11 +371,11 @@ func (rs *REST) Update(ctx genericapirequest.Context, name string, objInfo rest.
 	// Update service from NodePort or LoadBalancer to ExternalName or ClusterIP, should release NodePort if exists.
 	if (oldService.Spec.Type == api.ServiceTypeNodePort || oldService.Spec.Type == api.ServiceTypeLoadBalancer) &&
 		(service.Spec.Type == api.ServiceTypeExternalName || service.Spec.Type == api.ServiceTypeClusterIP) {
-		rs.releaseNodePorts(oldService, nodePortOp)
+		releaseNodePorts(oldService, nodePortOp)
 	}
 	// Update service from any type to NodePort or LoadBalancer, should update NodePort.
 	if service.Spec.Type == api.ServiceTypeNodePort || service.Spec.Type == api.ServiceTypeLoadBalancer {
-		if err := rs.updateNodePorts(oldService, service, nodePortOp); err != nil {
+		if err := updateNodePorts(oldService, service, nodePortOp); err != nil {
 			return nil, false, err
 		}
 	}
@@ -361,30 +385,28 @@ func (rs *REST) Update(ctx genericapirequest.Context, name string, objInfo rest.
 		service.Status.LoadBalancer = api.LoadBalancerStatus{}
 	}
 
-	// Handle ExternalTraiffc related updates.
-	if utilfeature.DefaultFeatureGate.Enabled(features.ExternalTrafficLocalOnly) {
-		success, err := rs.healthCheckNodePortUpdate(oldService, service, nodePortOp)
-		if !success || err != nil {
-			return nil, false, err
-		}
-		externalTrafficPolicyUpdate(oldService, service)
-		if errs := validation.ValidateServiceExternalTrafficFieldsCombination(service); len(errs) > 0 {
-			return nil, false, errors.NewInvalid(api.Kind("Service"), service.Name, errs)
-		}
+	// Handle ExternalTraffic related updates.
+	success, err := rs.healthCheckNodePortUpdate(oldService, service, nodePortOp)
+	if !success || err != nil {
+		return nil, false, err
+	}
+	externalTrafficPolicyUpdate(oldService, service)
+	if errs := validation.ValidateServiceExternalTrafficFieldsCombination(service); len(errs) > 0 {
+		return nil, false, errors.NewInvalid(api.Kind("Service"), service.Name, errs)
 	}
 
-	out, err := rs.registry.UpdateService(ctx, service, createValidation, updateValidation)
+	out, created, err := rs.services.Update(ctx, service.Name, rest.DefaultUpdatedObjectInfo(service), createValidation, updateValidation)
 	if err == nil {
 		el := nodePortOp.Commit()
 		if el != nil {
 			// problems should be fixed by an eventual reconciliation / restart
-			glog.Errorf("error(s) committing NodePorts changes: %v", el)
+			utilruntime.HandleError(fmt.Errorf("error(s) committing NodePorts changes: %v", el))
 		}
 
 		releaseServiceIP = false
 	}
 
-	return out, false, err
+	return out, created, err
 }
 
 // Implement Redirector.
@@ -400,10 +422,11 @@ func (rs *REST) ResourceLocation(ctx genericapirequest.Context, id string) (*url
 
 	// If a port *number* was specified, find the corresponding service port name
 	if portNum, err := strconv.ParseInt(portStr, 10, 64); err == nil {
-		svc, err := rs.registry.GetService(ctx, svcName, &metav1.GetOptions{})
+		obj, err := rs.services.Get(ctx, svcName, &metav1.GetOptions{})
 		if err != nil {
 			return nil, nil, err
 		}
+		svc := obj.(*api.Service)
 		found := false
 		for _, svcPort := range svc.Spec.Ports {
 			if int64(svcPort.Port) == portNum {
@@ -418,10 +441,11 @@ func (rs *REST) ResourceLocation(ctx genericapirequest.Context, id string) (*url
 		}
 	}
 
-	eps, err := rs.endpoints.GetEndpoints(ctx, svcName, &metav1.GetOptions{})
+	obj, err := rs.endpoints.Get(ctx, svcName, &metav1.GetOptions{})
 	if err != nil {
 		return nil, nil, err
 	}
+	eps := obj.(*api.Endpoints)
 	if len(eps.Subsets) == 0 {
 		return nil, nil, errors.NewServiceUnavailable(fmt.Sprintf("no endpoints available for service %q", svcName))
 	}
@@ -444,7 +468,7 @@ func (rs *REST) ResourceLocation(ctx genericapirequest.Context, id string) (*url
 					addr := ss.Addresses[(addrSeed+try)%len(ss.Addresses)]
 					if !utilfeature.DefaultFeatureGate.Enabled(features.ServiceProxyAllowExternalIPs) {
 						if err := isValidAddress(ctx, &addr, rs.pods); err != nil {
-							glog.Errorf("Address %v isn't valid (%v)", addr, err)
+							utilruntime.HandleError(fmt.Errorf("Address %v isn't valid (%v)", addr, err))
 							continue
 						}
 					}
@@ -455,14 +479,18 @@ func (rs *REST) ResourceLocation(ctx genericapirequest.Context, id string) (*url
 						Host:   net.JoinHostPort(ip, strconv.Itoa(port)),
 					}, rs.proxyTransport, nil
 				}
-				glog.Errorf("Failed to find a valid address, skipping subset: %v", ss)
+				utilruntime.HandleError(fmt.Errorf("Failed to find a valid address, skipping subset: %v", ss))
 			}
 		}
 	}
 	return nil, nil, errors.NewServiceUnavailable(fmt.Sprintf("no endpoints available for service %q", id))
 }
 
-func isValidAddress(ctx genericapirequest.Context, addr *api.EndpointAddress, pods *podstore.REST) error {
+func (r *REST) ConvertToTable(ctx genericapirequest.Context, object runtime.Object, tableOptions runtime.Object) (*metav1beta1.Table, error) {
+	return r.services.ConvertToTable(ctx, object, tableOptions)
+}
+
+func isValidAddress(ctx genericapirequest.Context, addr *api.EndpointAddress, pods rest.Getter) error {
 	if addr.TargetRef == nil {
 		return fmt.Errorf("Address has no target ref, skipping: %v", addr)
 	}
@@ -508,17 +536,6 @@ func containsNodePort(serviceNodePorts []ServiceNodePort, serviceNodePort Servic
 	return false
 }
 
-func CollectServiceNodePorts(service *api.Service) []int {
-	servicePorts := []int{}
-	for i := range service.Spec.Ports {
-		servicePort := &service.Spec.Ports[i]
-		if servicePort.NodePort != 0 {
-			servicePorts = append(servicePorts, int(servicePort.NodePort))
-		}
-	}
-	return servicePorts
-}
-
 // Loop through the service ports list, find one with the same port number and
 // NodePort specified, return this NodePort otherwise return 0.
 func findRequestedNodePort(port int, servicePorts []api.ServicePort) int {
@@ -532,7 +549,7 @@ func findRequestedNodePort(port int, servicePorts []api.ServicePort) int {
 }
 
 // allocateHealthCheckNodePort allocates health check node port to service.
-func (rs *REST) allocateHealthCheckNodePort(service *api.Service, nodePortOp *portallocator.PortAllocationOperation) error {
+func allocateHealthCheckNodePort(service *api.Service, nodePortOp *portallocator.PortAllocationOperation) error {
 	healthCheckNodePort := service.Spec.HealthCheckNodePort
 	if healthCheckNodePort != 0 {
 		// If the request has a health check nodePort in mind, attempt to reserve it.
@@ -555,11 +572,11 @@ func (rs *REST) allocateHealthCheckNodePort(service *api.Service, nodePortOp *po
 }
 
 // The return bool value indicates if a cluster IP is allocated successfully.
-func (rs *REST) initClusterIP(service *api.Service) (bool, error) {
+func initClusterIP(service *api.Service, serviceIPs ipallocator.Interface) (bool, error) {
 	switch {
 	case service.Spec.ClusterIP == "":
 		// Allocate next available.
-		ip, err := rs.serviceIPs.AllocateNext()
+		ip, err := serviceIPs.AllocateNext()
 		if err != nil {
 			// TODO: what error should be returned here?  It's not a
 			// field-level validation failure (the field is valid), and it's
@@ -570,7 +587,7 @@ func (rs *REST) initClusterIP(service *api.Service) (bool, error) {
 		return true, nil
 	case service.Spec.ClusterIP != api.ClusterIPNone && service.Spec.ClusterIP != "":
 		// Try to respect the requested IP.
-		if err := rs.serviceIPs.Allocate(net.ParseIP(service.Spec.ClusterIP)); err != nil {
+		if err := serviceIPs.Allocate(net.ParseIP(service.Spec.ClusterIP)); err != nil {
 			// TODO: when validation becomes versioned, this gets more complicated.
 			el := field.ErrorList{field.Invalid(field.NewPath("spec", "clusterIP"), service.Spec.ClusterIP, err.Error())}
 			return false, errors.NewInvalid(api.Kind("Service"), service.Name, el)
@@ -581,7 +598,7 @@ func (rs *REST) initClusterIP(service *api.Service) (bool, error) {
 	return false, nil
 }
 
-func (rs *REST) initNodePorts(service *api.Service, nodePortOp *portallocator.PortAllocationOperation) error {
+func initNodePorts(service *api.Service, nodePortOp *portallocator.PortAllocationOperation) error {
 	svcPortToNodePort := map[int]int{}
 	for i := range service.Spec.Ports {
 		servicePort := &service.Spec.Ports[i]
@@ -630,8 +647,8 @@ func (rs *REST) initNodePorts(service *api.Service, nodePortOp *portallocator.Po
 	return nil
 }
 
-func (rs *REST) updateNodePorts(oldService, newService *api.Service, nodePortOp *portallocator.PortAllocationOperation) error {
-	oldNodePortsNumbers := CollectServiceNodePorts(oldService)
+func updateNodePorts(oldService, newService *api.Service, nodePortOp *portallocator.PortAllocationOperation) error {
+	oldNodePortsNumbers := collectServiceNodePorts(oldService)
 	newNodePorts := []ServiceNodePort{}
 	portAllocated := map[int]bool{}
 
@@ -664,7 +681,7 @@ func (rs *REST) updateNodePorts(oldService, newService *api.Service, nodePortOp
 		newNodePorts = append(newNodePorts, nodePort)
 	}
 
-	newNodePortsNumbers := CollectServiceNodePorts(newService)
+	newNodePortsNumbers := collectServiceNodePorts(newService)
 
 	// The comparison loops are O(N^2), but we don't expect N to be huge
 	// (there's a hard-limit at 2^16, because they're ports; and even 4 ports would be a lot)
@@ -678,10 +695,21 @@ func (rs *REST) updateNodePorts(oldService, newService *api.Service, nodePortOp
 	return nil
 }
 
-func (rs *REST) releaseNodePorts(service *api.Service, nodePortOp *portallocator.PortAllocationOperation) {
-	nodePorts := CollectServiceNodePorts(service)
+func releaseNodePorts(service *api.Service, nodePortOp *portallocator.PortAllocationOperation) {
+	nodePorts := collectServiceNodePorts(service)
 
 	for _, nodePort := range nodePorts {
 		nodePortOp.ReleaseDeferred(nodePort)
 	}
 }
+
+func collectServiceNodePorts(service *api.Service) []int {
+	servicePorts := []int{}
+	for i := range service.Spec.Ports {
+		servicePort := &service.Spec.Ports[i]
+		if servicePort.NodePort != 0 {
+			servicePorts = append(servicePorts, int(servicePort.NodePort))
+		}
+	}
+	return servicePorts
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/service/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/core/service/storage/storage.go
index 0d492b7e8813..131c7c2ba1d7 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/service/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/service/storage/storage.go
@@ -30,16 +30,17 @@ import (
 	"k8s.io/kubernetes/pkg/registry/core/service"
 )
 
-type REST struct {
+type GenericREST struct {
 	*genericregistry.Store
 }
 
 // NewREST returns a RESTStorage object that will work against services.
-func NewREST(optsGetter generic.RESTOptionsGetter) (*REST, *StatusREST) {
+func NewGenericREST(optsGetter generic.RESTOptionsGetter) (*GenericREST, *StatusREST) {
 	store := &genericregistry.Store{
 		NewFunc:                  func() runtime.Object { return &api.Service{} },
 		NewListFunc:              func() runtime.Object { return &api.ServiceList{} },
 		DefaultQualifiedResource: api.Resource("services"),
+		ReturnDeletedObject:      true,
 
 		CreateStrategy: service.Strategy,
 		UpdateStrategy: service.Strategy,
@@ -55,26 +56,25 @@ func NewREST(optsGetter generic.RESTOptionsGetter) (*REST, *StatusREST) {
 
 	statusStore := *store
 	statusStore.UpdateStrategy = service.StatusStrategy
-	return &REST{store}, &StatusREST{store: &statusStore}
+	return &GenericREST{store}, &StatusREST{store: &statusStore}
 }
 
-// Implement ShortNamesProvider
-var _ rest.ShortNamesProvider = &REST{}
+var (
+	_ rest.ShortNamesProvider = &GenericREST{}
+	_ rest.CategoriesProvider = &GenericREST{}
+)
 
 // ShortNames implements the ShortNamesProvider interface. Returns a list of short names for a resource.
-func (r *REST) ShortNames() []string {
+func (r *GenericREST) ShortNames() []string {
 	return []string{"svc"}
 }
 
-// Implement CategoriesProvider
-var _ rest.CategoriesProvider = &REST{}
-
 // Categories implements the CategoriesProvider interface. Returns a list of categories a resource is part of.
-func (r *REST) Categories() []string {
+func (r *GenericREST) Categories() []string {
 	return []string{"all"}
 }
 
-// StatusREST implements the REST endpoint for changing the status of a service.
+// StatusREST implements the GenericREST endpoint for changing the status of a service.
 type StatusREST struct {
 	store *genericregistry.Store
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/serviceaccount/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/serviceaccount/BUILD
index 956de50f0d58..076f7f734f4b 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/serviceaccount/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/serviceaccount/BUILD
@@ -9,7 +9,6 @@ go_library(
     name = "go_default_library",
     srcs = [
         "doc.go",
-        "registry.go",
         "strategy.go",
     ],
     importpath = "k8s.io/kubernetes/pkg/registry/core/serviceaccount",
@@ -17,13 +16,9 @@ go_library(
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/validation:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/registry/rest:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/names:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/serviceaccount/registry.go b/vendor/k8s.io/kubernetes/pkg/registry/core/serviceaccount/registry.go
deleted file mode 100644
index 8d13600577f5..000000000000
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/serviceaccount/registry.go
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
-Copyright 2014 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package serviceaccount
-
-import (
-	metainternalversion "k8s.io/apimachinery/pkg/apis/meta/internalversion"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/watch"
-	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
-	"k8s.io/apiserver/pkg/registry/rest"
-	api "k8s.io/kubernetes/pkg/apis/core"
-)
-
-// Registry is an interface implemented by things that know how to store ServiceAccount objects.
-type Registry interface {
-	ListServiceAccounts(ctx genericapirequest.Context, options *metainternalversion.ListOptions) (*api.ServiceAccountList, error)
-	WatchServiceAccounts(ctx genericapirequest.Context, options *metainternalversion.ListOptions) (watch.Interface, error)
-	GetServiceAccount(ctx genericapirequest.Context, name string, options *metav1.GetOptions) (*api.ServiceAccount, error)
-	CreateServiceAccount(ctx genericapirequest.Context, ServiceAccount *api.ServiceAccount, createValidation rest.ValidateObjectFunc) error
-	UpdateServiceAccount(ctx genericapirequest.Context, ServiceAccount *api.ServiceAccount, createValidation rest.ValidateObjectFunc, updateValidation rest.ValidateObjectUpdateFunc) error
-	DeleteServiceAccount(ctx genericapirequest.Context, name string) error
-}
-
-// storage puts strong typing around storage calls
-type storage struct {
-	rest.StandardStorage
-}
-
-// NewRegistry returns a new Registry interface for the given Storage. Any mismatched
-// types will panic.
-func NewRegistry(s rest.StandardStorage) Registry {
-	return &storage{s}
-}
-
-func (s *storage) ListServiceAccounts(ctx genericapirequest.Context, options *metainternalversion.ListOptions) (*api.ServiceAccountList, error) {
-	obj, err := s.List(ctx, options)
-	if err != nil {
-		return nil, err
-	}
-	return obj.(*api.ServiceAccountList), nil
-}
-
-func (s *storage) WatchServiceAccounts(ctx genericapirequest.Context, options *metainternalversion.ListOptions) (watch.Interface, error) {
-	return s.Watch(ctx, options)
-}
-
-func (s *storage) GetServiceAccount(ctx genericapirequest.Context, name string, options *metav1.GetOptions) (*api.ServiceAccount, error) {
-	obj, err := s.Get(ctx, name, options)
-	if err != nil {
-		return nil, err
-	}
-	return obj.(*api.ServiceAccount), nil
-}
-
-func (s *storage) CreateServiceAccount(ctx genericapirequest.Context, serviceAccount *api.ServiceAccount, createValidation rest.ValidateObjectFunc) error {
-	_, err := s.Create(ctx, serviceAccount, createValidation, false)
-	return err
-}
-
-func (s *storage) UpdateServiceAccount(ctx genericapirequest.Context, serviceAccount *api.ServiceAccount, createValidation rest.ValidateObjectFunc, updateValidation rest.ValidateObjectUpdateFunc) error {
-	_, _, err := s.Update(ctx, serviceAccount.Name, rest.DefaultUpdatedObjectInfo(serviceAccount), createValidation, updateValidation)
-	return err
-}
-
-func (s *storage) DeleteServiceAccount(ctx genericapirequest.Context, name string) error {
-	_, _, err := s.Delete(ctx, name, nil)
-	return err
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/serviceaccount/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/core/serviceaccount/storage/BUILD
index 441485c32efb..1469f663888f 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/serviceaccount/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/serviceaccount/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/core/serviceaccount/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
@@ -26,12 +25,26 @@ go_test(
 
 go_library(
     name = "go_default_library",
-    srcs = ["storage.go"],
+    srcs = [
+        "storage.go",
+        "token.go",
+    ],
     importpath = "k8s.io/kubernetes/pkg/registry/core/serviceaccount/storage",
     deps = [
+        "//pkg/apis/authentication:go_default_library",
         "//pkg/apis/core:go_default_library",
+        "//pkg/printers:go_default_library",
+        "//pkg/printers/internalversion:go_default_library",
+        "//pkg/printers/storage:go_default_library",
         "//pkg/registry/core/serviceaccount:go_default_library",
+        "//pkg/serviceaccount:go_default_library",
+        "//vendor/k8s.io/api/authentication/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic/registry:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/rest:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/serviceaccount/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/core/serviceaccount/storage/storage.go
index 1b889374add8..53f28e2ba495 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/core/serviceaccount/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/serviceaccount/storage/storage.go
@@ -22,15 +22,20 @@ import (
 	genericregistry "k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/apiserver/pkg/registry/rest"
 	api "k8s.io/kubernetes/pkg/apis/core"
+	"k8s.io/kubernetes/pkg/printers"
+	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
+	printerstorage "k8s.io/kubernetes/pkg/printers/storage"
 	"k8s.io/kubernetes/pkg/registry/core/serviceaccount"
+	token "k8s.io/kubernetes/pkg/serviceaccount"
 )
 
 type REST struct {
 	*genericregistry.Store
+	Token *TokenREST
 }
 
 // NewREST returns a RESTStorage object that will work against service accounts.
-func NewREST(optsGetter generic.RESTOptionsGetter) *REST {
+func NewREST(optsGetter generic.RESTOptionsGetter, issuer token.TokenGenerator, auds []string, podStorage, secretStorage *genericregistry.Store) *REST {
 	store := &genericregistry.Store{
 		NewFunc:                  func() runtime.Object { return &api.ServiceAccount{} },
 		NewListFunc:              func() runtime.Object { return &api.ServiceAccountList{} },
@@ -40,12 +45,29 @@ func NewREST(optsGetter generic.RESTOptionsGetter) *REST {
 		UpdateStrategy:      serviceaccount.Strategy,
 		DeleteStrategy:      serviceaccount.Strategy,
 		ReturnDeletedObject: true,
+
+		TableConvertor: printerstorage.TableConvertor{TablePrinter: printers.NewTablePrinter().With(printersinternal.AddHandlers)},
 	}
 	options := &generic.StoreOptions{RESTOptions: optsGetter}
 	if err := store.CompleteWithOptions(options); err != nil {
 		panic(err) // TODO: Propagate error up
 	}
-	return &REST{store}
+
+	var trest *TokenREST
+	if issuer != nil && podStorage != nil && secretStorage != nil {
+		trest = &TokenREST{
+			svcaccts: store,
+			pods:     podStorage,
+			secrets:  secretStorage,
+			issuer:   issuer,
+			auds:     auds,
+		}
+	}
+
+	return &REST{
+		Store: store,
+		Token: trest,
+	}
 }
 
 // Implement ShortNamesProvider
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/core/serviceaccount/storage/token.go b/vendor/k8s.io/kubernetes/pkg/registry/core/serviceaccount/storage/token.go
new file mode 100644
index 000000000000..276681bd792c
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/registry/core/serviceaccount/storage/token.go
@@ -0,0 +1,122 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package storage
+
+import (
+	"fmt"
+
+	authenticationapiv1 "k8s.io/api/authentication/v1"
+	"k8s.io/apimachinery/pkg/api/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/types"
+	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
+	"k8s.io/apiserver/pkg/registry/rest"
+	authenticationapi "k8s.io/kubernetes/pkg/apis/authentication"
+	api "k8s.io/kubernetes/pkg/apis/core"
+	token "k8s.io/kubernetes/pkg/serviceaccount"
+)
+
+func (r *TokenREST) New() runtime.Object {
+	return &authenticationapi.TokenRequest{}
+}
+
+type TokenREST struct {
+	svcaccts getter
+	pods     getter
+	secrets  getter
+	issuer   token.TokenGenerator
+	auds     []string
+}
+
+var _ = rest.NamedCreater(&TokenREST{})
+
+func (r *TokenREST) Create(ctx genericapirequest.Context, name string, obj runtime.Object, createValidation rest.ValidateObjectFunc, includeUninitialized bool) (runtime.Object, error) {
+	if err := createValidation(obj); err != nil {
+		return nil, err
+	}
+
+	out := obj.(*authenticationapi.TokenRequest)
+
+	svcacctObj, err := r.svcaccts.Get(ctx, name, &metav1.GetOptions{})
+	if err != nil {
+		return nil, err
+	}
+	svcacct := svcacctObj.(*api.ServiceAccount)
+
+	var (
+		pod    *api.Pod
+		secret *api.Secret
+	)
+
+	if ref := out.Spec.BoundObjectRef; ref != nil {
+		var uid types.UID
+
+		gvk := schema.FromAPIVersionAndKind(ref.APIVersion, ref.Kind)
+		switch {
+		case gvk.Group == "" && gvk.Kind == "Pod":
+			podObj, err := r.pods.Get(ctx, ref.Name, &metav1.GetOptions{})
+			if err != nil {
+				return nil, err
+			}
+			pod = podObj.(*api.Pod)
+			if name != pod.Spec.ServiceAccountName {
+				return nil, errors.NewBadRequest(fmt.Sprintf("cannot bind token for serviceaccount %q to pod running with serviceaccount %q", name, pod.Spec.ServiceAccountName))
+			}
+			uid = pod.UID
+		case gvk.Group == "" && gvk.Kind == "Secret":
+			secretObj, err := r.secrets.Get(ctx, ref.Name, &metav1.GetOptions{})
+			if err != nil {
+				return nil, err
+			}
+			secret = secretObj.(*api.Secret)
+			uid = secret.UID
+		default:
+			return nil, errors.NewBadRequest(fmt.Sprintf("cannot bind token to object of type %s", gvk.String()))
+		}
+		if ref.UID != "" && uid != ref.UID {
+			return nil, errors.NewConflict(schema.GroupResource{Group: gvk.Group, Resource: gvk.Kind}, ref.Name, fmt.Errorf("the UID in the bound object reference (%s) does not match the UID in record (%s). The object might have been deleted and then recreated", ref.UID, uid))
+		}
+	}
+	if len(out.Spec.Audiences) == 0 {
+		out.Spec.Audiences = r.auds
+	}
+	sc, pc := token.Claims(*svcacct, pod, secret, out.Spec.ExpirationSeconds, out.Spec.Audiences)
+	tokdata, err := r.issuer.GenerateToken(sc, pc)
+	if err != nil {
+		return nil, fmt.Errorf("failed to generate token: %v", err)
+	}
+
+	out.Status = authenticationapi.TokenRequestStatus{
+		Token:               tokdata,
+		ExpirationTimestamp: metav1.Time{Time: sc.Expiry.Time()},
+	}
+	return out, nil
+}
+
+func (r *TokenREST) GroupVersionKind(containingGV schema.GroupVersion) schema.GroupVersionKind {
+	return schema.GroupVersionKind{
+		Group:   authenticationapiv1.SchemeGroupVersion.Group,
+		Version: authenticationapiv1.SchemeGroupVersion.Version,
+		Kind:    "TokenRequest",
+	}
+}
+
+type getter interface {
+	Get(ctx genericapirequest.Context, name string, options *metav1.GetOptions) (runtime.Object, error)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/events/rest/storage_events.go b/vendor/k8s.io/kubernetes/pkg/registry/events/rest/storage_events.go
index 03d6c661a522..b7bea4f0f2c6 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/events/rest/storage_events.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/events/rest/storage_events.go
@@ -38,7 +38,7 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 	// If you add a version here, be sure to add an entry in `k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go with specific priorities.
 	// TODO refactor the plumbing to provide the information in the APIGroupInfo
 
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(eventsapiv1beta1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(eventsapiv1beta1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[eventsapiv1beta1.SchemeGroupVersion.Version] = p.v1beta1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = eventsapiv1beta1.SchemeGroupVersion
 	}
@@ -47,13 +47,11 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 }
 
 func (p RESTStorageProvider) v1beta1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := eventsapiv1beta1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("events")) {
-		eventsStorage := eventstore.NewREST(restOptionsGetter, uint64(p.TTL.Seconds()))
-		storage["events"] = eventsStorage
-	}
+	// events
+	eventsStorage := eventstore.NewREST(restOptionsGetter, uint64(p.TTL.Seconds()))
+	storage["events"] = eventsStorage
+
 	return storage
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/controller/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/extensions/controller/storage/BUILD
index 8f4cf02eec69..26a1fd9f4016 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/extensions/controller/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/extensions/controller/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/extensions/controller/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/autoscaling:go_default_library",
         "//pkg/apis/core:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/ingress/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/extensions/ingress/BUILD
index 277a12e4a8a3..63b888a32824 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/extensions/ingress/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/extensions/ingress/BUILD
@@ -28,8 +28,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/extensions/ingress",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/extensions:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/ingress/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/extensions/ingress/storage/BUILD
index cc12d254a9fc..bffa12adb3e6 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/extensions/ingress/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/extensions/ingress/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/extensions/ingress/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/extensions:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy/storage/BUILD
index b57880b72fa3..335150fe03af 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/extensions:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
@@ -31,6 +30,9 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy/storage",
     deps = [
         "//pkg/apis/extensions:go_default_library",
+        "//pkg/printers:go_default_library",
+        "//pkg/printers/internalversion:go_default_library",
+        "//pkg/printers/storage:go_default_library",
         "//pkg/registry/extensions/podsecuritypolicy:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy/storage/storage.go
index ff5382974615..ceaecefa3cc1 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy/storage/storage.go
@@ -21,6 +21,9 @@ import (
 	"k8s.io/apiserver/pkg/registry/generic"
 	genericregistry "k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/kubernetes/pkg/apis/extensions"
+	"k8s.io/kubernetes/pkg/printers"
+	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
+	printerstorage "k8s.io/kubernetes/pkg/printers/storage"
 	"k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy"
 )
 
@@ -40,6 +43,8 @@ func NewREST(optsGetter generic.RESTOptionsGetter) *REST {
 		UpdateStrategy:      podsecuritypolicy.Strategy,
 		DeleteStrategy:      podsecuritypolicy.Strategy,
 		ReturnDeletedObject: true,
+
+		TableConvertor: printerstorage.TableConvertor{TablePrinter: printers.NewTablePrinter().With(printersinternal.AddHandlers)},
 	}
 	options := &generic.StoreOptions{RESTOptions: optsGetter}
 	if err := store.CompleteWithOptions(options); err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/rest/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/extensions/rest/BUILD
index c4e43a547e5a..4e984a458362 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/extensions/rest/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/extensions/rest/BUILD
@@ -12,12 +12,12 @@ go_library(
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/extensions:go_default_library",
+        "//pkg/registry/apps/daemonset/storage:go_default_library",
+        "//pkg/registry/apps/deployment/storage:go_default_library",
+        "//pkg/registry/apps/replicaset/storage:go_default_library",
         "//pkg/registry/extensions/controller/storage:go_default_library",
-        "//pkg/registry/extensions/daemonset/storage:go_default_library",
-        "//pkg/registry/extensions/deployment/storage:go_default_library",
         "//pkg/registry/extensions/ingress/storage:go_default_library",
         "//pkg/registry/extensions/podsecuritypolicy/storage:go_default_library",
-        "//pkg/registry/extensions/replicaset/storage:go_default_library",
         "//pkg/registry/networking/networkpolicy/storage:go_default_library",
         "//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/extensions/rest/storage_extensions.go b/vendor/k8s.io/kubernetes/pkg/registry/extensions/rest/storage_extensions.go
index 6de5b96233a6..b77ca23badaa 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/extensions/rest/storage_extensions.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/extensions/rest/storage_extensions.go
@@ -24,24 +24,23 @@ import (
 	serverstorage "k8s.io/apiserver/pkg/server/storage"
 	"k8s.io/kubernetes/pkg/api/legacyscheme"
 	"k8s.io/kubernetes/pkg/apis/extensions"
+	daemonstore "k8s.io/kubernetes/pkg/registry/apps/daemonset/storage"
+	deploymentstore "k8s.io/kubernetes/pkg/registry/apps/deployment/storage"
+	replicasetstore "k8s.io/kubernetes/pkg/registry/apps/replicaset/storage"
 	expcontrollerstore "k8s.io/kubernetes/pkg/registry/extensions/controller/storage"
-	daemonstore "k8s.io/kubernetes/pkg/registry/extensions/daemonset/storage"
-	deploymentstore "k8s.io/kubernetes/pkg/registry/extensions/deployment/storage"
 	ingressstore "k8s.io/kubernetes/pkg/registry/extensions/ingress/storage"
 	pspstore "k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy/storage"
-	replicasetstore "k8s.io/kubernetes/pkg/registry/extensions/replicaset/storage"
 	networkpolicystore "k8s.io/kubernetes/pkg/registry/networking/networkpolicy/storage"
 )
 
-type RESTStorageProvider struct {
-}
+type RESTStorageProvider struct{}
 
 func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (genericapiserver.APIGroupInfo, bool) {
 	apiGroupInfo := genericapiserver.NewDefaultAPIGroupInfo(extensions.GroupName, legacyscheme.Registry, legacyscheme.Scheme, legacyscheme.ParameterCodec, legacyscheme.Codecs)
 	// If you add a version here, be sure to add an entry in `k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go with specific priorities.
 	// TODO refactor the plumbing to provide the information in the APIGroupInfo
 
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(extensionsapiv1beta1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(extensionsapiv1beta1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[extensionsapiv1beta1.SchemeGroupVersion.Version] = p.v1beta1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = extensionsapiv1beta1.SchemeGroupVersion
 	}
@@ -50,8 +49,6 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 }
 
 func (p RESTStorageProvider) v1beta1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := extensionsapiv1beta1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
 
 	// This is a dummy replication controller for scale subresource purposes.
@@ -60,37 +57,35 @@ func (p RESTStorageProvider) v1beta1Storage(apiResourceConfigSource serverstorag
 	storage["replicationcontrollers"] = controllerStorage.ReplicationController
 	storage["replicationcontrollers/scale"] = controllerStorage.Scale
 
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("daemonsets")) {
-		daemonSetStorage, daemonSetStatusStorage := daemonstore.NewREST(restOptionsGetter)
-		storage["daemonsets"] = daemonSetStorage
-		storage["daemonsets/status"] = daemonSetStatusStorage
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("deployments")) {
-		deploymentStorage := deploymentstore.NewStorage(restOptionsGetter)
-		storage["deployments"] = deploymentStorage.Deployment
-		storage["deployments/status"] = deploymentStorage.Status
-		storage["deployments/rollback"] = deploymentStorage.Rollback
-		storage["deployments/scale"] = deploymentStorage.Scale
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("ingresses")) {
-		ingressStorage, ingressStatusStorage := ingressstore.NewREST(restOptionsGetter)
-		storage["ingresses"] = ingressStorage
-		storage["ingresses/status"] = ingressStatusStorage
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("podsecuritypolicy")) || apiResourceConfigSource.ResourceEnabled(version.WithResource("podsecuritypolicies")) {
-		podSecurityExtensionsStorage := pspstore.NewREST(restOptionsGetter)
-		storage["podSecurityPolicies"] = podSecurityExtensionsStorage
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("replicasets")) {
-		replicaSetStorage := replicasetstore.NewStorage(restOptionsGetter)
-		storage["replicasets"] = replicaSetStorage.ReplicaSet
-		storage["replicasets/status"] = replicaSetStorage.Status
-		storage["replicasets/scale"] = replicaSetStorage.Scale
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("networkpolicies")) {
-		networkExtensionsStorage := networkpolicystore.NewREST(restOptionsGetter)
-		storage["networkpolicies"] = networkExtensionsStorage
-	}
+	// daemonsets
+	daemonSetStorage, daemonSetStatusStorage := daemonstore.NewREST(restOptionsGetter)
+	storage["daemonsets"] = daemonSetStorage.WithCategories(nil)
+	storage["daemonsets/status"] = daemonSetStatusStorage
+
+	//deployments
+	deploymentStorage := deploymentstore.NewStorage(restOptionsGetter)
+	storage["deployments"] = deploymentStorage.Deployment.WithCategories(nil)
+	storage["deployments/status"] = deploymentStorage.Status
+	storage["deployments/rollback"] = deploymentStorage.Rollback
+	storage["deployments/scale"] = deploymentStorage.Scale
+	// ingresses
+	ingressStorage, ingressStatusStorage := ingressstore.NewREST(restOptionsGetter)
+	storage["ingresses"] = ingressStorage
+	storage["ingresses/status"] = ingressStatusStorage
+
+	// podsecuritypolicy
+	podSecurityExtensionsStorage := pspstore.NewREST(restOptionsGetter)
+	storage["podSecurityPolicies"] = podSecurityExtensionsStorage
+
+	// replicasets
+	replicaSetStorage := replicasetstore.NewStorage(restOptionsGetter)
+	storage["replicasets"] = replicaSetStorage.ReplicaSet.WithCategories(nil)
+	storage["replicasets/status"] = replicaSetStorage.Status
+	storage["replicasets/scale"] = replicaSetStorage.Scale
+
+	// networkpolicies
+	networkExtensionsStorage := networkpolicystore.NewREST(restOptionsGetter)
+	storage["networkpolicies"] = networkExtensionsStorage
 
 	return storage
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/networking/networkpolicy/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/networking/networkpolicy/storage/BUILD
index 1570fd609d4f..b67dd84bf780 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/networking/networkpolicy/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/networking/networkpolicy/storage/BUILD
@@ -12,6 +12,9 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/registry/networking/networkpolicy/storage",
     deps = [
         "//pkg/apis/networking:go_default_library",
+        "//pkg/printers:go_default_library",
+        "//pkg/printers/internalversion:go_default_library",
+        "//pkg/printers/storage:go_default_library",
         "//pkg/registry/networking/networkpolicy:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
@@ -36,8 +39,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/networking/networkpolicy/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/networking:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/networking/networkpolicy/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/networking/networkpolicy/storage/storage.go
index 96e51c95b1f2..c2e8a159da1e 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/networking/networkpolicy/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/networking/networkpolicy/storage/storage.go
@@ -22,6 +22,9 @@ import (
 	genericregistry "k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/apiserver/pkg/registry/rest"
 	networkingapi "k8s.io/kubernetes/pkg/apis/networking"
+	"k8s.io/kubernetes/pkg/printers"
+	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
+	printerstorage "k8s.io/kubernetes/pkg/printers/storage"
 	"k8s.io/kubernetes/pkg/registry/networking/networkpolicy"
 )
 
@@ -40,6 +43,8 @@ func NewREST(optsGetter generic.RESTOptionsGetter) *REST {
 		CreateStrategy: networkpolicy.Strategy,
 		UpdateStrategy: networkpolicy.Strategy,
 		DeleteStrategy: networkpolicy.Strategy,
+
+		TableConvertor: printerstorage.TableConvertor{TablePrinter: printers.NewTablePrinter().With(printersinternal.AddHandlers)},
 	}
 	options := &generic.StoreOptions{RESTOptions: optsGetter}
 	if err := store.CompleteWithOptions(options); err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/networking/rest/storage_settings.go b/vendor/k8s.io/kubernetes/pkg/registry/networking/rest/storage_settings.go
index e0489bcff577..d50862bb0f1c 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/networking/rest/storage_settings.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/networking/rest/storage_settings.go
@@ -34,7 +34,7 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 	// If you add a version here, be sure to add an entry in `k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go with specific priorities.
 	// TODO refactor the plumbing to provide the information in the APIGroupInfo
 
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(networkingapiv1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(networkingapiv1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[networkingapiv1.SchemeGroupVersion.Version] = p.v1alpha1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = networkingapiv1.SchemeGroupVersion
 	}
@@ -43,13 +43,11 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 }
 
 func (p RESTStorageProvider) v1alpha1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := networkingapiv1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("networkpolicies")) {
-		networkPolicyStorage := networkpolicystore.NewREST(restOptionsGetter)
-		storage["networkpolicies"] = networkPolicyStorage
-	}
+	// networkpolicies
+	networkPolicyStorage := networkpolicystore.NewREST(restOptionsGetter)
+	storage["networkpolicies"] = networkPolicyStorage
+
 	return storage
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/policy/poddisruptionbudget/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/policy/poddisruptionbudget/BUILD
index e0be96921f52..bc8ab60b6d8a 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/policy/poddisruptionbudget/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/policy/poddisruptionbudget/BUILD
@@ -28,8 +28,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/policy/poddisruptionbudget",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/policy:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/policy/poddisruptionbudget/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/policy/poddisruptionbudget/storage/BUILD
index a4ce1e3d40da..7c1ad4c60123 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/policy/poddisruptionbudget/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/policy/poddisruptionbudget/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/policy/poddisruptionbudget/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/policy:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/policy/rest/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/policy/rest/BUILD
index 95f5a4801435..904fd2078d81 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/policy/rest/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/policy/rest/BUILD
@@ -12,6 +12,7 @@ go_library(
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/policy:go_default_library",
+        "//pkg/registry/extensions/podsecuritypolicy/storage:go_default_library",
         "//pkg/registry/policy/poddisruptionbudget/storage:go_default_library",
         "//vendor/k8s.io/api/policy/v1beta1:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/policy/rest/storage_policy.go b/vendor/k8s.io/kubernetes/pkg/registry/policy/rest/storage_policy.go
index 2cb65949dc7b..153686d76a2e 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/policy/rest/storage_policy.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/policy/rest/storage_policy.go
@@ -24,6 +24,7 @@ import (
 	serverstorage "k8s.io/apiserver/pkg/server/storage"
 	"k8s.io/kubernetes/pkg/api/legacyscheme"
 	"k8s.io/kubernetes/pkg/apis/policy"
+	pspstore "k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy/storage"
 	poddisruptionbudgetstore "k8s.io/kubernetes/pkg/registry/policy/poddisruptionbudget/storage"
 )
 
@@ -34,7 +35,7 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 	// If you add a version here, be sure to add an entry in `k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go with specific priorities.
 	// TODO refactor the plumbing to provide the information in the APIGroupInfo
 
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(policyapiv1beta1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(policyapiv1beta1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[policyapiv1beta1.SchemeGroupVersion.Version] = p.v1beta1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = policyapiv1beta1.SchemeGroupVersion
 	}
@@ -42,13 +43,14 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 }
 
 func (p RESTStorageProvider) v1beta1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := policyapiv1beta1.SchemeGroupVersion
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("poddisruptionbudgets")) {
-		poddisruptionbudgetStorage, poddisruptionbudgetStatusStorage := poddisruptionbudgetstore.NewREST(restOptionsGetter)
-		storage["poddisruptionbudgets"] = poddisruptionbudgetStorage
-		storage["poddisruptionbudgets/status"] = poddisruptionbudgetStatusStorage
-	}
+	// poddisruptionbudgets
+	poddisruptionbudgetStorage, poddisruptionbudgetStatusStorage := poddisruptionbudgetstore.NewREST(restOptionsGetter)
+	storage["poddisruptionbudgets"] = poddisruptionbudgetStorage
+	storage["poddisruptionbudgets/status"] = poddisruptionbudgetStatusStorage
+
+	storage["podsecuritypolicies"] = pspstore.NewREST(restOptionsGetter)
+
 	return storage
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/rbac/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/rbac/BUILD
index 10bb6820839d..0c3d4ebd1bca 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/rbac/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/rbac/BUILD
@@ -50,8 +50,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["helpers_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/rbac",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/helper:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/rbac/clusterrolebinding/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/rbac/clusterrolebinding/storage/BUILD
index 3a2f0a31061f..4874071def70 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/rbac/clusterrolebinding/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/rbac/clusterrolebinding/storage/BUILD
@@ -11,6 +11,9 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/registry/rbac/clusterrolebinding/storage",
     deps = [
         "//pkg/apis/rbac:go_default_library",
+        "//pkg/printers:go_default_library",
+        "//pkg/printers/internalversion:go_default_library",
+        "//pkg/printers/storage:go_default_library",
         "//pkg/registry/rbac/clusterrolebinding:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/rbac/clusterrolebinding/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/rbac/clusterrolebinding/storage/storage.go
index 200e8794c80e..7567d779795b 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/rbac/clusterrolebinding/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/rbac/clusterrolebinding/storage/storage.go
@@ -21,6 +21,9 @@ import (
 	"k8s.io/apiserver/pkg/registry/generic"
 	genericregistry "k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/kubernetes/pkg/apis/rbac"
+	"k8s.io/kubernetes/pkg/printers"
+	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
+	printerstorage "k8s.io/kubernetes/pkg/printers/storage"
 	"k8s.io/kubernetes/pkg/registry/rbac/clusterrolebinding"
 )
 
@@ -39,6 +42,8 @@ func NewREST(optsGetter generic.RESTOptionsGetter) *REST {
 		CreateStrategy: clusterrolebinding.Strategy,
 		UpdateStrategy: clusterrolebinding.Strategy,
 		DeleteStrategy: clusterrolebinding.Strategy,
+
+		TableConvertor: printerstorage.TableConvertor{TablePrinter: printers.NewTablePrinter().With(printersinternal.AddHandlers)},
 	}
 	options := &generic.StoreOptions{RESTOptions: optsGetter}
 	if err := store.CompleteWithOptions(options); err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/rbac/reconciliation/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/rbac/reconciliation/BUILD
index 72d6ae1d5b13..4b14eed1c69b 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/rbac/reconciliation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/rbac/reconciliation/BUILD
@@ -12,8 +12,7 @@ go_test(
         "reconcile_role_test.go",
         "reconcile_rolebindings_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/registry/rbac/reconciliation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core/helper:go_default_library",
         "//pkg/apis/rbac:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/rbac/reconciliation/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/registry/rbac/reconciliation/zz_generated.deepcopy.go
index d165cb3b1ec7..8a1633296618 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/rbac/reconciliation/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/rbac/reconciliation/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package reconciliation
 
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/rbac/rest/storage_rbac.go b/vendor/k8s.io/kubernetes/pkg/registry/rbac/rest/storage_rbac.go
index b8704f8e465e..0670c8d4d17e 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/rbac/rest/storage_rbac.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/rbac/rest/storage_rbac.go
@@ -18,7 +18,6 @@ package rest
 
 import (
 	"fmt"
-	"sync"
 	"time"
 
 	"github.com/golang/glog"
@@ -71,15 +70,15 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 	// If you add a version here, be sure to add an entry in `k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go with specific priorities.
 	// TODO refactor the plumbing to provide the information in the APIGroupInfo
 
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(rbacapiv1alpha1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(rbacapiv1alpha1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[rbacapiv1alpha1.SchemeGroupVersion.Version] = p.storage(rbacapiv1alpha1.SchemeGroupVersion, apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = rbacapiv1alpha1.SchemeGroupVersion
 	}
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(rbacapiv1beta1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(rbacapiv1beta1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[rbacapiv1beta1.SchemeGroupVersion.Version] = p.storage(rbacapiv1beta1.SchemeGroupVersion, apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = rbacapiv1beta1.SchemeGroupVersion
 	}
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(rbacapiv1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(rbacapiv1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[rbacapiv1.SchemeGroupVersion.Version] = p.storage(rbacapiv1.SchemeGroupVersion, apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = rbacapiv1.SchemeGroupVersion
 	}
@@ -88,48 +87,31 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 }
 
 func (p RESTStorageProvider) storage(version schema.GroupVersion, apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	once := new(sync.Once)
-	var (
-		authorizationRuleResolver  rbacregistryvalidation.AuthorizationRuleResolver
-		rolesStorage               rest.StandardStorage
-		roleBindingsStorage        rest.StandardStorage
-		clusterRolesStorage        rest.StandardStorage
-		clusterRoleBindingsStorage rest.StandardStorage
+	storage := map[string]rest.Storage{}
+	rolesStorage := rolestore.NewREST(restOptionsGetter)
+	roleBindingsStorage := rolebindingstore.NewREST(restOptionsGetter)
+	clusterRolesStorage := clusterrolestore.NewREST(restOptionsGetter)
+	clusterRoleBindingsStorage := clusterrolebindingstore.NewREST(restOptionsGetter)
+
+	authorizationRuleResolver := rbacregistryvalidation.NewDefaultRuleResolver(
+		role.AuthorizerAdapter{Registry: role.NewRegistry(rolesStorage)},
+		rolebinding.AuthorizerAdapter{Registry: rolebinding.NewRegistry(roleBindingsStorage)},
+		clusterrole.AuthorizerAdapter{Registry: clusterrole.NewRegistry(clusterRolesStorage)},
+		clusterrolebinding.AuthorizerAdapter{Registry: clusterrolebinding.NewRegistry(clusterRoleBindingsStorage)},
 	)
 
-	initializeStorage := func() {
-		once.Do(func() {
-			rolesStorage = rolestore.NewREST(restOptionsGetter)
-			roleBindingsStorage = rolebindingstore.NewREST(restOptionsGetter)
-			clusterRolesStorage = clusterrolestore.NewREST(restOptionsGetter)
-			clusterRoleBindingsStorage = clusterrolebindingstore.NewREST(restOptionsGetter)
-
-			authorizationRuleResolver = rbacregistryvalidation.NewDefaultRuleResolver(
-				role.AuthorizerAdapter{Registry: role.NewRegistry(rolesStorage)},
-				rolebinding.AuthorizerAdapter{Registry: rolebinding.NewRegistry(roleBindingsStorage)},
-				clusterrole.AuthorizerAdapter{Registry: clusterrole.NewRegistry(clusterRolesStorage)},
-				clusterrolebinding.AuthorizerAdapter{Registry: clusterrolebinding.NewRegistry(clusterRoleBindingsStorage)},
-			)
-		})
-	}
+	// roles
+	storage["roles"] = rolepolicybased.NewStorage(rolesStorage, authorizationRuleResolver)
+
+	// rolebindings
+	storage["rolebindings"] = rolebindingpolicybased.NewStorage(roleBindingsStorage, p.Authorizer, authorizationRuleResolver)
+
+	// clusterroles
+	storage["clusterroles"] = clusterrolepolicybased.NewStorage(clusterRolesStorage, authorizationRuleResolver)
+
+	// clusterrolebindings
+	storage["clusterrolebindings"] = clusterrolebindingpolicybased.NewStorage(clusterRoleBindingsStorage, p.Authorizer, authorizationRuleResolver)
 
-	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("roles")) {
-		initializeStorage()
-		storage["roles"] = rolepolicybased.NewStorage(rolesStorage, authorizationRuleResolver)
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("rolebindings")) {
-		initializeStorage()
-		storage["rolebindings"] = rolebindingpolicybased.NewStorage(roleBindingsStorage, p.Authorizer, authorizationRuleResolver)
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("clusterroles")) {
-		initializeStorage()
-		storage["clusterroles"] = clusterrolepolicybased.NewStorage(clusterRolesStorage, authorizationRuleResolver)
-	}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("clusterrolebindings")) {
-		initializeStorage()
-		storage["clusterrolebindings"] = clusterrolebindingpolicybased.NewStorage(clusterRoleBindingsStorage, p.Authorizer, authorizationRuleResolver)
-	}
 	return storage
 }
 
@@ -264,7 +246,7 @@ func (p *PolicyData) EnsureRBACPolicy() genericapiserver.PostStartHookFunc {
 						case result.Operation == reconciliation.ReconcileUpdate:
 							glog.Infof("updated role.%s/%s in %v with additional permissions: %v", rbac.GroupName, role.Name, namespace, result.MissingRules)
 						case result.Operation == reconciliation.ReconcileCreate:
-							glog.Infof("created role.%s/%s in %v ", rbac.GroupName, role.Name, namespace)
+							glog.Infof("created role.%s/%s in %v", rbac.GroupName, role.Name, namespace)
 						}
 						return nil
 					})
@@ -309,7 +291,7 @@ func (p *PolicyData) EnsureRBACPolicy() genericapiserver.PostStartHookFunc {
 
 			return true, nil
 		})
-		// if we're never able to make it through intialization, kill the API server
+		// if we're never able to make it through initialization, kill the API server
 		if err != nil {
 			return fmt.Errorf("unable to initialize roles: %v", err)
 		}
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/rbac/rolebinding/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/rbac/rolebinding/storage/BUILD
index 09341405d514..f601574f8c5f 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/rbac/rolebinding/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/rbac/rolebinding/storage/BUILD
@@ -11,6 +11,9 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/registry/rbac/rolebinding/storage",
     deps = [
         "//pkg/apis/rbac:go_default_library",
+        "//pkg/printers:go_default_library",
+        "//pkg/printers/internalversion:go_default_library",
+        "//pkg/printers/storage:go_default_library",
         "//pkg/registry/rbac/rolebinding:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/rbac/rolebinding/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/rbac/rolebinding/storage/storage.go
index d549583a2467..135a33143ca1 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/rbac/rolebinding/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/rbac/rolebinding/storage/storage.go
@@ -21,6 +21,9 @@ import (
 	"k8s.io/apiserver/pkg/registry/generic"
 	genericregistry "k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/kubernetes/pkg/apis/rbac"
+	"k8s.io/kubernetes/pkg/printers"
+	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
+	printerstorage "k8s.io/kubernetes/pkg/printers/storage"
 	"k8s.io/kubernetes/pkg/registry/rbac/rolebinding"
 )
 
@@ -39,6 +42,8 @@ func NewREST(optsGetter generic.RESTOptionsGetter) *REST {
 		CreateStrategy: rolebinding.Strategy,
 		UpdateStrategy: rolebinding.Strategy,
 		DeleteStrategy: rolebinding.Strategy,
+
+		TableConvertor: printerstorage.TableConvertor{TablePrinter: printers.NewTablePrinter().With(printersinternal.AddHandlers)},
 	}
 	options := &generic.StoreOptions{RESTOptions: optsGetter}
 	if err := store.CompleteWithOptions(options); err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/rbac/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/rbac/validation/BUILD
index 7618b8ff4ec9..ddfb6431fbdb 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/rbac/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/rbac/validation/BUILD
@@ -13,8 +13,7 @@ go_test(
         "policy_comparator_test.go",
         "rule_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/registry/rbac/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/rbac:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/rbac/validation/rule.go b/vendor/k8s.io/kubernetes/pkg/registry/rbac/validation/rule.go
index db65ed4508da..e80382e6d3eb 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/rbac/validation/rule.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/rbac/validation/rule.go
@@ -42,7 +42,7 @@ type AuthorizationRuleResolver interface {
 
 	// VisitRulesFor invokes visitor() with each rule that applies to a given user in a given namespace, and each error encountered resolving those rules.
 	// If visitor() returns false, visiting is short-circuited.
-	VisitRulesFor(user user.Info, namespace string, visitor func(rule *rbac.PolicyRule, err error) bool)
+	VisitRulesFor(user user.Info, namespace string, visitor func(source fmt.Stringer, rule *rbac.PolicyRule, err error) bool)
 }
 
 // ConfirmNoEscalation determines if the roles for a given user in a given namespace encompass the provided role.
@@ -107,7 +107,7 @@ type ruleAccumulator struct {
 	errors []error
 }
 
-func (r *ruleAccumulator) visit(rule *rbac.PolicyRule, err error) bool {
+func (r *ruleAccumulator) visit(source fmt.Stringer, rule *rbac.PolicyRule, err error) bool {
 	if rule != nil {
 		r.rules = append(r.rules, *rule)
 	}
@@ -117,25 +117,69 @@ func (r *ruleAccumulator) visit(rule *rbac.PolicyRule, err error) bool {
 	return true
 }
 
-func (r *DefaultRuleResolver) VisitRulesFor(user user.Info, namespace string, visitor func(rule *rbac.PolicyRule, err error) bool) {
+func describeSubject(s *rbac.Subject, bindingNamespace string) string {
+	switch s.Kind {
+	case rbac.ServiceAccountKind:
+		if len(s.Namespace) > 0 {
+			return fmt.Sprintf("%s %q", s.Kind, s.Name+"/"+s.Namespace)
+		}
+		return fmt.Sprintf("%s %q", s.Kind, s.Name+"/"+bindingNamespace)
+	default:
+		return fmt.Sprintf("%s %q", s.Kind, s.Name)
+	}
+}
+
+type clusterRoleBindingDescriber struct {
+	binding *rbac.ClusterRoleBinding
+	subject *rbac.Subject
+}
+
+func (d *clusterRoleBindingDescriber) String() string {
+	return fmt.Sprintf("ClusterRoleBinding %q of %s %q to %s",
+		d.binding.Name,
+		d.binding.RoleRef.Kind,
+		d.binding.RoleRef.Name,
+		describeSubject(d.subject, ""),
+	)
+}
+
+type roleBindingDescriber struct {
+	binding *rbac.RoleBinding
+	subject *rbac.Subject
+}
+
+func (d *roleBindingDescriber) String() string {
+	return fmt.Sprintf("RoleBinding %q of %s %q to %s",
+		d.binding.Name+"/"+d.binding.Namespace,
+		d.binding.RoleRef.Kind,
+		d.binding.RoleRef.Name,
+		describeSubject(d.subject, d.binding.Namespace),
+	)
+}
+
+func (r *DefaultRuleResolver) VisitRulesFor(user user.Info, namespace string, visitor func(source fmt.Stringer, rule *rbac.PolicyRule, err error) bool) {
 	if clusterRoleBindings, err := r.clusterRoleBindingLister.ListClusterRoleBindings(); err != nil {
-		if !visitor(nil, err) {
+		if !visitor(nil, nil, err) {
 			return
 		}
 	} else {
+		sourceDescriber := &clusterRoleBindingDescriber{}
 		for _, clusterRoleBinding := range clusterRoleBindings {
-			if !appliesTo(user, clusterRoleBinding.Subjects, "") {
+			subjectIndex, applies := appliesTo(user, clusterRoleBinding.Subjects, "")
+			if !applies {
 				continue
 			}
 			rules, err := r.GetRoleReferenceRules(clusterRoleBinding.RoleRef, "")
 			if err != nil {
-				if !visitor(nil, err) {
+				if !visitor(nil, nil, err) {
 					return
 				}
 				continue
 			}
+			sourceDescriber.binding = clusterRoleBinding
+			sourceDescriber.subject = &clusterRoleBinding.Subjects[subjectIndex]
 			for i := range rules {
-				if !visitor(&rules[i], nil) {
+				if !visitor(sourceDescriber, &rules[i], nil) {
 					return
 				}
 			}
@@ -144,23 +188,27 @@ func (r *DefaultRuleResolver) VisitRulesFor(user user.Info, namespace string, vi
 
 	if len(namespace) > 0 {
 		if roleBindings, err := r.roleBindingLister.ListRoleBindings(namespace); err != nil {
-			if !visitor(nil, err) {
+			if !visitor(nil, nil, err) {
 				return
 			}
 		} else {
+			sourceDescriber := &roleBindingDescriber{}
 			for _, roleBinding := range roleBindings {
-				if !appliesTo(user, roleBinding.Subjects, namespace) {
+				subjectIndex, applies := appliesTo(user, roleBinding.Subjects, namespace)
+				if !applies {
 					continue
 				}
 				rules, err := r.GetRoleReferenceRules(roleBinding.RoleRef, namespace)
 				if err != nil {
-					if !visitor(nil, err) {
+					if !visitor(nil, nil, err) {
 						return
 					}
 					continue
 				}
+				sourceDescriber.binding = roleBinding
+				sourceDescriber.subject = &roleBinding.Subjects[subjectIndex]
 				for i := range rules {
-					if !visitor(&rules[i], nil) {
+					if !visitor(sourceDescriber, &rules[i], nil) {
 						return
 					}
 				}
@@ -190,13 +238,16 @@ func (r *DefaultRuleResolver) GetRoleReferenceRules(roleRef rbac.RoleRef, bindin
 		return nil, fmt.Errorf("unsupported role reference kind: %q", kind)
 	}
 }
-func appliesTo(user user.Info, bindingSubjects []rbac.Subject, namespace string) bool {
-	for _, bindingSubject := range bindingSubjects {
+
+// appliesTo returns whether any of the bindingSubjects applies to the specified subject,
+// and if true, the index of the first subject that applies
+func appliesTo(user user.Info, bindingSubjects []rbac.Subject, namespace string) (int, bool) {
+	for i, bindingSubject := range bindingSubjects {
 		if appliesToUser(user, bindingSubject, namespace) {
-			return true
+			return i, true
 		}
 	}
-	return false
+	return 0, false
 }
 
 func appliesToUser(user user.Info, subject rbac.Subject, namespace string) bool {
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/scheduling/priorityclass/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/scheduling/priorityclass/BUILD
index 0ed675fcd9e9..498ccb32c02f 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/scheduling/priorityclass/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/scheduling/priorityclass/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/scheduling/priorityclass",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/scheduling:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/scheduling/priorityclass/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/scheduling/priorityclass/storage/BUILD
index cec9fe2e28f9..7c0f95e785e3 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/scheduling/priorityclass/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/scheduling/priorityclass/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/scheduling/priorityclass/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/scheduling:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/scheduling/rest/storage_scheduling.go b/vendor/k8s.io/kubernetes/pkg/registry/scheduling/rest/storage_scheduling.go
index f56a58653822..3074fb7d4afc 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/scheduling/rest/storage_scheduling.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/scheduling/rest/storage_scheduling.go
@@ -32,7 +32,7 @@ type RESTStorageProvider struct{}
 func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (genericapiserver.APIGroupInfo, bool) {
 	apiGroupInfo := genericapiserver.NewDefaultAPIGroupInfo(scheduling.GroupName, legacyscheme.Registry, legacyscheme.Scheme, legacyscheme.ParameterCodec, legacyscheme.Codecs)
 
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(schedulingapiv1alpha1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(schedulingapiv1alpha1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[schedulingapiv1alpha1.SchemeGroupVersion.Version] = p.v1alpha1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = schedulingapiv1alpha1.SchemeGroupVersion
 	}
@@ -41,13 +41,11 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 }
 
 func (p RESTStorageProvider) v1alpha1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := schedulingapiv1alpha1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("priorityclasses")) {
-		priorityClassStorage := priorityclassstore.NewREST(restOptionsGetter)
-		storage["priorityclasses"] = priorityClassStorage
-	}
+	// priorityclasses
+	priorityClassStorage := priorityclassstore.NewREST(restOptionsGetter)
+	storage["priorityclasses"] = priorityClassStorage
+
 	return storage
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/settings/podpreset/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/settings/podpreset/storage/BUILD
index 0057bb4acacf..12e59ba2ad17 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/settings/podpreset/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/settings/podpreset/storage/BUILD
@@ -35,8 +35,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/settings/podpreset/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/settings:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/settings/rest/storage_settings.go b/vendor/k8s.io/kubernetes/pkg/registry/settings/rest/storage_settings.go
index f976b3726a56..7cc958b2559e 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/settings/rest/storage_settings.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/settings/rest/storage_settings.go
@@ -34,7 +34,7 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 	// If you add a version here, be sure to add an entry in `k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go with specific priorities.
 	// TODO refactor the plumbing to provide the information in the APIGroupInfo
 
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(settingsapiv1alpha1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(settingsapiv1alpha1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[settingsapiv1alpha1.SchemeGroupVersion.Version] = p.v1alpha1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = settingsapiv1alpha1.SchemeGroupVersion
 	}
@@ -43,13 +43,11 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 }
 
 func (p RESTStorageProvider) v1alpha1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := settingsapiv1alpha1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("podpresets")) {
-		podPresetStorage := podpresetstore.NewREST(restOptionsGetter)
-		storage["podpresets"] = podPresetStorage
-	}
+	// podpresets
+	podPresetStorage := podpresetstore.NewREST(restOptionsGetter)
+	storage["podpresets"] = podPresetStorage
+
 	return storage
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/storage/rest/storage_storage.go b/vendor/k8s.io/kubernetes/pkg/registry/storage/rest/storage_storage.go
index c8ab31e4acd0..3b581c113c26 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/storage/rest/storage_storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/storage/rest/storage_storage.go
@@ -38,15 +38,15 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 	// If you add a version here, be sure to add an entry in `k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go with specific priorities.
 	// TODO refactor the plumbing to provide the information in the APIGroupInfo
 
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(storageapiv1alpha1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(storageapiv1alpha1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[storageapiv1alpha1.SchemeGroupVersion.Version] = p.v1alpha1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = storageapiv1alpha1.SchemeGroupVersion
 	}
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(storageapiv1beta1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(storageapiv1beta1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[storageapiv1beta1.SchemeGroupVersion.Version] = p.v1beta1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = storageapiv1beta1.SchemeGroupVersion
 	}
-	if apiResourceConfigSource.AnyResourcesForVersionEnabled(storageapiv1.SchemeGroupVersion) {
+	if apiResourceConfigSource.VersionEnabled(storageapiv1.SchemeGroupVersion) {
 		apiGroupInfo.VersionedResourcesStorageMap[storageapiv1.SchemeGroupVersion.Version] = p.v1Storage(apiResourceConfigSource, restOptionsGetter)
 		apiGroupInfo.GroupMeta.GroupVersion = storageapiv1.SchemeGroupVersion
 	}
@@ -55,40 +55,32 @@ func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorag
 }
 
 func (p RESTStorageProvider) v1alpha1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := storageapiv1alpha1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
-
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("volumeattachments")) {
-		volumeAttachmentStorage := volumeattachmentstore.NewREST(restOptionsGetter)
-		storage["volumeattachments"] = volumeAttachmentStorage
-	}
+	// volumeattachments
+	volumeAttachmentStorage := volumeattachmentstore.NewREST(restOptionsGetter)
+	storage["volumeattachments"] = volumeAttachmentStorage
 
 	return storage
 }
 
 func (p RESTStorageProvider) v1beta1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := storageapiv1beta1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
+	// storageclasses
+	storageClassStorage := storageclassstore.NewREST(restOptionsGetter)
+	storage["storageclasses"] = storageClassStorage
 
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("storageclasses")) {
-		storageClassStorage := storageclassstore.NewREST(restOptionsGetter)
-		storage["storageclasses"] = storageClassStorage
-	}
+	// volumeattachments
+	volumeAttachmentStorage := volumeattachmentstore.NewREST(restOptionsGetter)
+	storage["volumeattachments"] = volumeAttachmentStorage
 
 	return storage
 }
 
 func (p RESTStorageProvider) v1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
-	version := storageapiv1.SchemeGroupVersion
-
 	storage := map[string]rest.Storage{}
-
-	if apiResourceConfigSource.ResourceEnabled(version.WithResource("storageclasses")) {
-		storageClassStorage := storageclassstore.NewREST(restOptionsGetter)
-		storage["storageclasses"] = storageClassStorage
-	}
+	// storageclasses
+	storageClassStorage := storageclassstore.NewREST(restOptionsGetter)
+	storage["storageclasses"] = storageClassStorage
 
 	return storage
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/storage/storageclass/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/storage/storageclass/BUILD
index d8d1d0a375c5..d0a99123f0a9 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/storage/storageclass/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/storage/storageclass/BUILD
@@ -30,8 +30,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/storage/storageclass",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/storage:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/storage/storageclass/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/storage/storageclass/storage/BUILD
index 1d52ca0fb372..045ac8e79c14 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/storage/storageclass/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/storage/storageclass/storage/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/storage/storageclass/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/storage:go_default_library",
@@ -31,6 +30,9 @@ go_library(
     importpath = "k8s.io/kubernetes/pkg/registry/storage/storageclass/storage",
     deps = [
         "//pkg/apis/storage:go_default_library",
+        "//pkg/printers:go_default_library",
+        "//pkg/printers/internalversion:go_default_library",
+        "//pkg/printers/storage:go_default_library",
         "//pkg/registry/storage/storageclass:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/storage/storageclass/storage/storage.go b/vendor/k8s.io/kubernetes/pkg/registry/storage/storageclass/storage/storage.go
index da0a82d779c4..bfdc6fa1e4e7 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/storage/storageclass/storage/storage.go
+++ b/vendor/k8s.io/kubernetes/pkg/registry/storage/storageclass/storage/storage.go
@@ -22,6 +22,9 @@ import (
 	genericregistry "k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/apiserver/pkg/registry/rest"
 	storageapi "k8s.io/kubernetes/pkg/apis/storage"
+	"k8s.io/kubernetes/pkg/printers"
+	printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
+	printerstorage "k8s.io/kubernetes/pkg/printers/storage"
 	"k8s.io/kubernetes/pkg/registry/storage/storageclass"
 )
 
@@ -40,6 +43,8 @@ func NewREST(optsGetter generic.RESTOptionsGetter) *REST {
 		UpdateStrategy:      storageclass.Strategy,
 		DeleteStrategy:      storageclass.Strategy,
 		ReturnDeletedObject: true,
+
+		TableConvertor: printerstorage.TableConvertor{TablePrinter: printers.NewTablePrinter().With(printersinternal.AddHandlers)},
 	}
 	options := &generic.StoreOptions{RESTOptions: optsGetter}
 	if err := store.CompleteWithOptions(options); err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/storage/volumeattachment/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/storage/volumeattachment/BUILD
index 7c014068604d..582dd5533113 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/storage/volumeattachment/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/storage/volumeattachment/BUILD
@@ -22,8 +22,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/storage/volumeattachment",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/storage:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/registry/storage/volumeattachment/storage/BUILD b/vendor/k8s.io/kubernetes/pkg/registry/storage/volumeattachment/storage/BUILD
index 5601437087c4..b0fc75970381 100644
--- a/vendor/k8s.io/kubernetes/pkg/registry/storage/volumeattachment/storage/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/registry/storage/volumeattachment/storage/BUILD
@@ -17,13 +17,13 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["storage_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/registry/storage/volumeattachment/storage",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/testapi:go_default_library",
         "//pkg/apis/storage:go_default_library",
         "//pkg/registry/registrytest:go_default_library",
         "//vendor/k8s.io/api/storage/v1alpha1:go_default_library",
+        "//vendor/k8s.io/api/storage/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/fields:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/routes/BUILD b/vendor/k8s.io/kubernetes/pkg/routes/BUILD
index b62bff305db4..7d7d36902509 100644
--- a/vendor/k8s.io/kubernetes/pkg/routes/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/routes/BUILD
@@ -10,13 +10,9 @@ go_library(
     srcs = [
         "doc.go",
         "logs.go",
-        "ui.go",
     ],
     importpath = "k8s.io/kubernetes/pkg/routes",
-    deps = [
-        "//vendor/github.com/emicklei/go-restful:go_default_library",
-        "//vendor/k8s.io/apiserver/pkg/server/mux:go_default_library",
-    ],
+    deps = ["//vendor/github.com/emicklei/go-restful:go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/routes/ui.go b/vendor/k8s.io/kubernetes/pkg/routes/ui.go
deleted file mode 100644
index de6ca3c3abdf..000000000000
--- a/vendor/k8s.io/kubernetes/pkg/routes/ui.go
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
-Copyright 2014 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package routes
-
-import (
-	"net/http"
-
-	"k8s.io/apiserver/pkg/server/mux"
-)
-
-const dashboardPath = "/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/"
-
-// UIRedirect redirects /ui to the kube-ui proxy path.
-type UIRedirect struct{}
-
-func (r UIRedirect) Install(c *mux.PathRecorderMux) {
-	handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		http.Redirect(w, r, dashboardPath, http.StatusTemporaryRedirect)
-	})
-	c.Handle("/ui", handler)
-	c.HandlePrefix("/ui/", handler)
-}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/BUILD b/vendor/k8s.io/kubernetes/pkg/scheduler/BUILD
similarity index 55%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/BUILD
rename to vendor/k8s.io/kubernetes/pkg/scheduler/BUILD
index e20acec40603..4a4a322cfa24 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/BUILD
@@ -9,22 +9,22 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["scheduler_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/controller/volume/persistentvolume:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/predicates:go_default_library",
-        "//plugin/pkg/scheduler/core:go_default_library",
-        "//plugin/pkg/scheduler/schedulercache:go_default_library",
-        "//plugin/pkg/scheduler/testing:go_default_library",
-        "//plugin/pkg/scheduler/util:go_default_library",
-        "//plugin/pkg/scheduler/volumebinder:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
+        "//pkg/scheduler/algorithm/predicates:go_default_library",
+        "//pkg/scheduler/core:go_default_library",
+        "//pkg/scheduler/schedulercache:go_default_library",
+        "//pkg/scheduler/testing:go_default_library",
+        "//pkg/scheduler/util:go_default_library",
+        "//pkg/scheduler/volumebinder:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/diff:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
@@ -39,17 +39,17 @@ go_library(
         "scheduler.go",
         "testutil.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler",
+    importpath = "k8s.io/kubernetes/pkg/scheduler",
     deps = [
         "//pkg/features:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/predicates:go_default_library",
-        "//plugin/pkg/scheduler/api:go_default_library",
-        "//plugin/pkg/scheduler/core:go_default_library",
-        "//plugin/pkg/scheduler/metrics:go_default_library",
-        "//plugin/pkg/scheduler/schedulercache:go_default_library",
-        "//plugin/pkg/scheduler/util:go_default_library",
-        "//plugin/pkg/scheduler/volumebinder:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
+        "//pkg/scheduler/algorithm/predicates:go_default_library",
+        "//pkg/scheduler/api:go_default_library",
+        "//pkg/scheduler/core:go_default_library",
+        "//pkg/scheduler/metrics:go_default_library",
+        "//pkg/scheduler/schedulercache:go_default_library",
+        "//pkg/scheduler/util:go_default_library",
+        "//pkg/scheduler/volumebinder:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
@@ -73,16 +73,16 @@ filegroup(
     name = "all-srcs",
     srcs = [
         ":package-srcs",
-        "//plugin/pkg/scheduler/algorithm:all-srcs",
-        "//plugin/pkg/scheduler/algorithmprovider:all-srcs",
-        "//plugin/pkg/scheduler/api:all-srcs",
-        "//plugin/pkg/scheduler/core:all-srcs",
-        "//plugin/pkg/scheduler/factory:all-srcs",
-        "//plugin/pkg/scheduler/metrics:all-srcs",
-        "//plugin/pkg/scheduler/schedulercache:all-srcs",
-        "//plugin/pkg/scheduler/testing:all-srcs",
-        "//plugin/pkg/scheduler/util:all-srcs",
-        "//plugin/pkg/scheduler/volumebinder:all-srcs",
+        "//pkg/scheduler/algorithm:all-srcs",
+        "//pkg/scheduler/algorithmprovider:all-srcs",
+        "//pkg/scheduler/api:all-srcs",
+        "//pkg/scheduler/core:all-srcs",
+        "//pkg/scheduler/factory:all-srcs",
+        "//pkg/scheduler/metrics:all-srcs",
+        "//pkg/scheduler/schedulercache:all-srcs",
+        "//pkg/scheduler/testing:all-srcs",
+        "//pkg/scheduler/util:all-srcs",
+        "//pkg/scheduler/volumebinder:all-srcs",
     ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/OWNERS b/vendor/k8s.io/kubernetes/pkg/scheduler/OWNERS
similarity index 100%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/OWNERS
rename to vendor/k8s.io/kubernetes/pkg/scheduler/OWNERS
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/BUILD b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/BUILD
similarity index 69%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/BUILD
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/BUILD
index 58a4684e1981..f2230c48c36e 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/BUILD
@@ -14,10 +14,10 @@ go_library(
         "types.go",
         "well_known_labels.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm",
+    importpath = "k8s.io/kubernetes/pkg/scheduler/algorithm",
     deps = [
-        "//plugin/pkg/scheduler/api:go_default_library",
-        "//plugin/pkg/scheduler/schedulercache:go_default_library",
+        "//pkg/scheduler/api:go_default_library",
+        "//pkg/scheduler/schedulercache:go_default_library",
         "//vendor/k8s.io/api/apps/v1beta1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
@@ -31,10 +31,9 @@ go_test(
         "scheduler_interface_test.go",
         "types_test.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
-        "//plugin/pkg/scheduler/schedulercache:go_default_library",
+        "//pkg/scheduler/schedulercache:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
     ],
@@ -51,8 +50,8 @@ filegroup(
     name = "all-srcs",
     srcs = [
         ":package-srcs",
-        "//plugin/pkg/scheduler/algorithm/predicates:all-srcs",
-        "//plugin/pkg/scheduler/algorithm/priorities:all-srcs",
+        "//pkg/scheduler/algorithm/predicates:all-srcs",
+        "//pkg/scheduler/algorithm/priorities:all-srcs",
     ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/doc.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/doc.go
similarity index 90%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/doc.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/doc.go
index 6d63763f42e4..4d41cc3752a0 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/doc.go
@@ -14,6 +14,6 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// Package scheduler contains a generic Scheduler interface and several
+// Package algorithm contains a generic Scheduler interface and several
 // implementations.
 package algorithm
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates/BUILD b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/predicates/BUILD
similarity index 73%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates/BUILD
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/predicates/BUILD
index 453fbafb726a..d85c822872c2 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/predicates/BUILD
@@ -15,19 +15,18 @@ go_library(
         "testing_helper.go",
         "utils.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates",
+    importpath = "k8s.io/kubernetes/pkg/scheduler/algorithm/predicates",
     deps = [
         "//pkg/apis/core/v1/helper:go_default_library",
         "//pkg/apis/core/v1/helper/qos:go_default_library",
-        "//pkg/cloudprovider/providers/aws:go_default_library",
         "//pkg/features:go_default_library",
         "//pkg/kubelet/apis:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
+        "//pkg/scheduler/algorithm/priorities/util:go_default_library",
+        "//pkg/scheduler/schedulercache:go_default_library",
+        "//pkg/scheduler/util:go_default_library",
+        "//pkg/scheduler/volumebinder:go_default_library",
         "//pkg/volume/util:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/priorities/util:go_default_library",
-        "//plugin/pkg/scheduler/schedulercache:go_default_library",
-        "//plugin/pkg/scheduler/util:go_default_library",
-        "//plugin/pkg/scheduler/volumebinder:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/api/storage/v1:go_default_library",
@@ -50,20 +49,19 @@ go_test(
         "predicates_test.go",
         "utils_test.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core/v1/helper:go_default_library",
         "//pkg/kubelet/apis:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
-        "//plugin/pkg/scheduler/schedulercache:go_default_library",
-        "//plugin/pkg/scheduler/testing:go_default_library",
-        "//plugin/pkg/scheduler/util:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
+        "//pkg/scheduler/schedulercache:go_default_library",
+        "//pkg/scheduler/testing:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/api/storage/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/predicates/error.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/predicates/error.go
new file mode 100644
index 000000000000..6f7160dfa339
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/predicates/error.go
@@ -0,0 +1,150 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package predicates
+
+import (
+	"fmt"
+
+	"k8s.io/api/core/v1"
+)
+
+var (
+	// The predicateName tries to be consistent as the predicate name used in DefaultAlgorithmProvider defined in
+	// defaults.go (which tend to be stable for backward compatibility)
+
+	// NOTE: If you add a new predicate failure error for a predicate that can never
+	// be made to pass by removing pods, or you change an existing predicate so that
+	// it can never be made to pass by removing pods, you need to add the predicate
+	// failure error in nodesWherePreemptionMightHelp() in scheduler/core/generic_scheduler.go
+
+	// ErrDiskConflict is used for NoDiskConflict predicate error.
+	ErrDiskConflict = newPredicateFailureError("NoDiskConflict", "node(s) had no available disk")
+	// ErrVolumeZoneConflict is used for NoVolumeZoneConflict predicate error.
+	ErrVolumeZoneConflict = newPredicateFailureError("NoVolumeZoneConflict", "node(s) had no available volume zone")
+	// ErrNodeSelectorNotMatch is used for MatchNodeSelector predicate error.
+	ErrNodeSelectorNotMatch = newPredicateFailureError("MatchNodeSelector", "node(s) didn't match node selector")
+	// ErrPodAffinityNotMatch is used for MatchInterPodAffinity predicate error.
+	ErrPodAffinityNotMatch = newPredicateFailureError("MatchInterPodAffinity", "node(s) didn't match pod affinity/anti-affinity")
+	// ErrPodAffinityRulesNotMatch is used for PodAffinityRulesNotMatch predicate error.
+	ErrPodAffinityRulesNotMatch = newPredicateFailureError("PodAffinityRulesNotMatch", "node(s) didn't match pod affinity rules")
+	// ErrPodAntiAffinityRulesNotMatch is used for PodAntiAffinityRulesNotMatch predicate error.
+	ErrPodAntiAffinityRulesNotMatch = newPredicateFailureError("PodAntiAffinityRulesNotMatch", "node(s) didn't match pod anti-affinity rules")
+	// ErrExistingPodsAntiAffinityRulesNotMatch is used for ExistingPodsAntiAffinityRulesNotMatch predicate error.
+	ErrExistingPodsAntiAffinityRulesNotMatch = newPredicateFailureError("ExistingPodsAntiAffinityRulesNotMatch", "node(s) didn't satisfy existing pods anti-affinity rules")
+	// ErrTaintsTolerationsNotMatch is used for PodToleratesNodeTaints predicate error.
+	ErrTaintsTolerationsNotMatch = newPredicateFailureError("PodToleratesNodeTaints", "node(s) had taints that the pod didn't tolerate")
+	// ErrPodNotMatchHostName is used for HostName predicate error.
+	ErrPodNotMatchHostName = newPredicateFailureError("HostName", "node(s) didn't match the requested hostname")
+	// ErrPodNotFitsHostPorts is used for PodFitsHostPorts predicate error.
+	ErrPodNotFitsHostPorts = newPredicateFailureError("PodFitsHostPorts", "node(s) didn't have free ports for the requested pod ports")
+	// ErrNodeLabelPresenceViolated is used for CheckNodeLabelPresence predicate error.
+	ErrNodeLabelPresenceViolated = newPredicateFailureError("CheckNodeLabelPresence", "node(s) didn't have the requested labels")
+	// ErrServiceAffinityViolated is used for CheckServiceAffinity predicate error.
+	ErrServiceAffinityViolated = newPredicateFailureError("CheckServiceAffinity", "node(s) didn't match service affinity")
+	// ErrMaxVolumeCountExceeded is used for MaxVolumeCount predicate error.
+	ErrMaxVolumeCountExceeded = newPredicateFailureError("MaxVolumeCount", "node(s) exceed max volume count")
+	// ErrNodeUnderMemoryPressure is used for NodeUnderMemoryPressure predicate error.
+	ErrNodeUnderMemoryPressure = newPredicateFailureError("NodeUnderMemoryPressure", "node(s) had memory pressure")
+	// ErrNodeUnderDiskPressure is used for NodeUnderDiskPressure predicate error.
+	ErrNodeUnderDiskPressure = newPredicateFailureError("NodeUnderDiskPressure", "node(s) had disk pressure")
+	// ErrNodeOutOfDisk is used for NodeOutOfDisk predicate error.
+	ErrNodeOutOfDisk = newPredicateFailureError("NodeOutOfDisk", "node(s) were out of disk space")
+	// ErrNodeNotReady is used for NodeNotReady predicate error.
+	ErrNodeNotReady = newPredicateFailureError("NodeNotReady", "node(s) were not ready")
+	// ErrNodeNetworkUnavailable is used for NodeNetworkUnavailable predicate error.
+	ErrNodeNetworkUnavailable = newPredicateFailureError("NodeNetworkUnavailable", "node(s) had unavailable network")
+	// ErrNodeUnschedulable is used for NodeUnschedulable predicate error.
+	ErrNodeUnschedulable = newPredicateFailureError("NodeUnschedulable", "node(s) were unschedulable")
+	// ErrNodeUnknownCondition is used for NodeUnknownCondition predicate error.
+	ErrNodeUnknownCondition = newPredicateFailureError("NodeUnknownCondition", "node(s) had unknown conditions")
+	// ErrVolumeNodeConflict is used for VolumeNodeAffinityConflict predicate error.
+	ErrVolumeNodeConflict = newPredicateFailureError("VolumeNodeAffinityConflict", "node(s) had volume node affinity conflict")
+	// ErrVolumeBindConflict is used for VolumeBindingNoMatch predicate error.
+	ErrVolumeBindConflict = newPredicateFailureError("VolumeBindingNoMatch", "node(s) didn't find available persistent volumes to bind")
+	// ErrFakePredicate is used for test only. The fake predicates returning false also returns error
+	// as ErrFakePredicate.
+	ErrFakePredicate = newPredicateFailureError("FakePredicateError", "Nodes failed the fake predicate")
+)
+
+// InsufficientResourceError is an error type that indicates what kind of resource limit is
+// hit and caused the unfitting failure.
+type InsufficientResourceError struct {
+	// resourceName is the name of the resource that is insufficient
+	ResourceName v1.ResourceName
+	requested    int64
+	used         int64
+	capacity     int64
+}
+
+// NewInsufficientResourceError returns an InsufficientResourceError.
+func NewInsufficientResourceError(resourceName v1.ResourceName, requested, used, capacity int64) *InsufficientResourceError {
+	return &InsufficientResourceError{
+		ResourceName: resourceName,
+		requested:    requested,
+		used:         used,
+		capacity:     capacity,
+	}
+}
+
+func (e *InsufficientResourceError) Error() string {
+	return fmt.Sprintf("Node didn't have enough resource: %s, requested: %d, used: %d, capacity: %d",
+		e.ResourceName, e.requested, e.used, e.capacity)
+}
+
+// GetReason returns the reason of the InsufficientResourceError.
+func (e *InsufficientResourceError) GetReason() string {
+	return fmt.Sprintf("Insufficient %v", e.ResourceName)
+}
+
+// GetInsufficientAmount returns the amount of the insufficient resource of the error.
+func (e *InsufficientResourceError) GetInsufficientAmount() int64 {
+	return e.requested - (e.capacity - e.used)
+}
+
+// PredicateFailureError describes a failure error of predicate.
+type PredicateFailureError struct {
+	PredicateName string
+	PredicateDesc string
+}
+
+func newPredicateFailureError(predicateName, predicateDesc string) *PredicateFailureError {
+	return &PredicateFailureError{PredicateName: predicateName, PredicateDesc: predicateDesc}
+}
+
+func (e *PredicateFailureError) Error() string {
+	return fmt.Sprintf("Predicate %s failed", e.PredicateName)
+}
+
+// GetReason returns the reason of the PredicateFailureError.
+func (e *PredicateFailureError) GetReason() string {
+	return e.PredicateDesc
+}
+
+// FailureReason describes a failure reason.
+type FailureReason struct {
+	reason string
+}
+
+// NewFailureReason creates a FailureReason with message.
+func NewFailureReason(msg string) *FailureReason {
+	return &FailureReason{reason: msg}
+}
+
+// GetReason returns the reason of the FailureReason.
+func (e *FailureReason) GetReason() string {
+	return e.reason
+}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates/metadata.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/predicates/metadata.go
similarity index 76%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates/metadata.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/predicates/metadata.go
index c0eda6a24dee..a83e153e5a1c 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates/metadata.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/predicates/metadata.go
@@ -22,13 +22,15 @@ import (
 
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/labels"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
-	schedutil "k8s.io/kubernetes/plugin/pkg/scheduler/util"
+	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
+	schedutil "k8s.io/kubernetes/pkg/scheduler/util"
 
 	"github.com/golang/glog"
 )
 
+// PredicateMetadataFactory defines a factory of predicate metadata.
 type PredicateMetadataFactory struct {
 	podLister algorithm.PodLister
 }
@@ -46,29 +48,49 @@ type predicateMetadata struct {
 	pod           *v1.Pod
 	podBestEffort bool
 	podRequest    *schedulercache.Resource
-	podPorts      map[string]bool
+	podPorts      []*v1.ContainerPort
 	//key is a pod full name with the anti-affinity rules.
 	matchingAntiAffinityTerms          map[string][]matchingPodAntiAffinityTerm
 	serviceAffinityInUse               bool
 	serviceAffinityMatchingPodList     []*v1.Pod
 	serviceAffinityMatchingPodServices []*v1.Service
+	// ignoredExtendedResources is a set of extended resource names that will
+	// be ignored in the PodFitsResources predicate.
+	//
+	// They can be scheduler extender managed resources, the consumption of
+	// which should be accounted only by the extenders. This set is synthesized
+	// from scheduler extender configuration and does not change per pod.
+	ignoredExtendedResources sets.String
 }
 
 // Ensure that predicateMetadata implements algorithm.PredicateMetadata.
 var _ algorithm.PredicateMetadata = &predicateMetadata{}
 
-// PredicateMetadataProducer: Helper types/variables...
+// PredicateMetadataProducer function produces predicate metadata.
 type PredicateMetadataProducer func(pm *predicateMetadata)
 
 var predicateMetaProducerRegisterLock sync.Mutex
-var predicateMetadataProducers map[string]PredicateMetadataProducer = make(map[string]PredicateMetadataProducer)
+var predicateMetadataProducers = make(map[string]PredicateMetadataProducer)
 
+// RegisterPredicateMetadataProducer registers a PredicateMetadataProducer.
 func RegisterPredicateMetadataProducer(predicateName string, precomp PredicateMetadataProducer) {
 	predicateMetaProducerRegisterLock.Lock()
 	defer predicateMetaProducerRegisterLock.Unlock()
 	predicateMetadataProducers[predicateName] = precomp
 }
 
+// RegisterPredicateMetadataProducerWithExtendedResourceOptions registers a
+// PredicateMetadataProducer that creates predicate metadata with the provided
+// options for extended resources.
+//
+// See the comments in "predicateMetadata" for the explanation of the options.
+func RegisterPredicateMetadataProducerWithExtendedResourceOptions(ignoredExtendedResources sets.String) {
+	RegisterPredicateMetadataProducer("PredicateWithExtendedResourceOptions", func(pm *predicateMetadata) {
+		pm.ignoredExtendedResources = ignoredExtendedResources
+	})
+}
+
+// NewPredicateMetadataFactory creates a PredicateMetadataFactory.
 func NewPredicateMetadataFactory(podLister algorithm.PodLister) algorithm.PredicateMetadataProducer {
 	factory := &PredicateMetadataFactory{
 		podLister,
@@ -90,7 +112,7 @@ func (pfactory *PredicateMetadataFactory) GetMetadata(pod *v1.Pod, nodeNameToInf
 		pod:                       pod,
 		podBestEffort:             isPodBestEffort(pod),
 		podRequest:                GetResourceRequest(pod),
-		podPorts:                  schedutil.GetUsedPorts(pod),
+		podPorts:                  schedutil.GetContainerPorts(pod),
 		matchingAntiAffinityTerms: matchingTerms,
 	}
 	for predicateName, precomputeFunc := range predicateMetadataProducers {
@@ -105,7 +127,7 @@ func (pfactory *PredicateMetadataFactory) GetMetadata(pod *v1.Pod, nodeNameToInf
 func (meta *predicateMetadata) RemovePod(deletedPod *v1.Pod) error {
 	deletedPodFullName := schedutil.GetPodFullName(deletedPod)
 	if deletedPodFullName == schedutil.GetPodFullName(meta.pod) {
-		return fmt.Errorf("deletedPod and meta.pod must not be the same.")
+		return fmt.Errorf("deletedPod and meta.pod must not be the same")
 	}
 	// Delete any anti-affinity rule from the deletedPod.
 	delete(meta.matchingAntiAffinityTerms, deletedPodFullName)
@@ -132,10 +154,10 @@ func (meta *predicateMetadata) RemovePod(deletedPod *v1.Pod) error {
 func (meta *predicateMetadata) AddPod(addedPod *v1.Pod, nodeInfo *schedulercache.NodeInfo) error {
 	addedPodFullName := schedutil.GetPodFullName(addedPod)
 	if addedPodFullName == schedutil.GetPodFullName(meta.pod) {
-		return fmt.Errorf("addedPod and meta.pod must not be the same.")
+		return fmt.Errorf("addedPod and meta.pod must not be the same")
 	}
 	if nodeInfo.Node() == nil {
-		return fmt.Errorf("Invalid node in nodeInfo.")
+		return fmt.Errorf("invalid node in nodeInfo")
 	}
 	// Add matching anti-affinity terms of the addedPod to the map.
 	podMatchingTerms, err := getMatchingAntiAffinityTermsOfExistingPod(meta.pod, addedPod, nodeInfo.Node())
@@ -167,15 +189,13 @@ func (meta *predicateMetadata) AddPod(addedPod *v1.Pod, nodeInfo *schedulercache
 // its maps and slices, but it does not copy the contents of pointer values.
 func (meta *predicateMetadata) ShallowCopy() algorithm.PredicateMetadata {
 	newPredMeta := &predicateMetadata{
-		pod:                  meta.pod,
-		podBestEffort:        meta.podBestEffort,
-		podRequest:           meta.podRequest,
-		serviceAffinityInUse: meta.serviceAffinityInUse,
-	}
-	newPredMeta.podPorts = map[string]bool{}
-	for k, v := range meta.podPorts {
-		newPredMeta.podPorts[k] = v
+		pod:                      meta.pod,
+		podBestEffort:            meta.podBestEffort,
+		podRequest:               meta.podRequest,
+		serviceAffinityInUse:     meta.serviceAffinityInUse,
+		ignoredExtendedResources: meta.ignoredExtendedResources,
 	}
+	newPredMeta.podPorts = append([]*v1.ContainerPort(nil), meta.podPorts...)
 	newPredMeta.matchingAntiAffinityTerms = map[string][]matchingPodAntiAffinityTerm{}
 	for k, v := range meta.matchingAntiAffinityTerms {
 		newPredMeta.matchingAntiAffinityTerms[k] = append([]matchingPodAntiAffinityTerm(nil), v...)
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates/predicates.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/predicates/predicates.go
similarity index 87%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates/predicates.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/predicates/predicates.go
index 6cdaecb83cfe..23c31e537547 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates/predicates.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/predicates/predicates.go
@@ -29,29 +29,71 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/util/rand"
+	"k8s.io/apimachinery/pkg/util/sets"
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	corelisters "k8s.io/client-go/listers/core/v1"
 	storagelisters "k8s.io/client-go/listers/storage/v1"
 	"k8s.io/client-go/util/workqueue"
 	v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
 	v1qos "k8s.io/kubernetes/pkg/apis/core/v1/helper/qos"
-	"k8s.io/kubernetes/pkg/cloudprovider/providers/aws"
 	"k8s.io/kubernetes/pkg/features"
 	kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
+	priorityutil "k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
+	schedutil "k8s.io/kubernetes/pkg/scheduler/util"
+	"k8s.io/kubernetes/pkg/scheduler/volumebinder"
 	volumeutil "k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
-	priorityutil "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
-	schedutil "k8s.io/kubernetes/plugin/pkg/scheduler/util"
 
 	"github.com/golang/glog"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/volumebinder"
 )
 
 const (
-	MatchInterPodAffinity = "MatchInterPodAffinity"
-	CheckVolumeBinding    = "CheckVolumeBinding"
-
+	// MatchInterPodAffinityPred defines the name of predicate MatchInterPodAffinity.
+	MatchInterPodAffinityPred = "MatchInterPodAffinity"
+	// CheckVolumeBindingPred defines the name of predicate CheckVolumeBinding.
+	CheckVolumeBindingPred = "CheckVolumeBinding"
+	// CheckNodeConditionPred defines the name of predicate CheckNodeCondition.
+	CheckNodeConditionPred = "CheckNodeCondition"
+	// GeneralPred defines the name of predicate GeneralPredicates.
+	GeneralPred = "GeneralPredicates"
+	// HostNamePred defines the name of predicate HostName.
+	HostNamePred = "HostName"
+	// PodFitsHostPortsPred defines the name of predicate PodFitsHostPorts.
+	PodFitsHostPortsPred = "PodFitsHostPorts"
+	// MatchNodeSelectorPred defines the name of predicate MatchNodeSelector.
+	MatchNodeSelectorPred = "MatchNodeSelector"
+	// PodFitsResourcesPred defines the name of predicate PodFitsResources.
+	PodFitsResourcesPred = "PodFitsResources"
+	// NoDiskConflictPred defines the name of predicate NoDiskConflict.
+	NoDiskConflictPred = "NoDiskConflict"
+	// PodToleratesNodeTaintsPred defines the name of predicate PodToleratesNodeTaints.
+	PodToleratesNodeTaintsPred = "PodToleratesNodeTaints"
+	// CheckNodeUnschedulablePred defines the name of predicate CheckNodeUnschedulablePredicate.
+	CheckNodeUnschedulablePred = "CheckNodeUnschedulable"
+	// PodToleratesNodeNoExecuteTaintsPred defines the name of predicate PodToleratesNodeNoExecuteTaints.
+	PodToleratesNodeNoExecuteTaintsPred = "PodToleratesNodeNoExecuteTaints"
+	// CheckNodeLabelPresencePred defines the name of predicate CheckNodeLabelPresence.
+	CheckNodeLabelPresencePred = "CheckNodeLabelPresence"
+	// CheckServiceAffinityPred defines the name of predicate checkServiceAffinity.
+	CheckServiceAffinityPred = "CheckServiceAffinity"
+	// MaxEBSVolumeCountPred defines the name of predicate MaxEBSVolumeCount.
+	MaxEBSVolumeCountPred = "MaxEBSVolumeCount"
+	// MaxGCEPDVolumeCountPred defines the name of predicate MaxGCEPDVolumeCount.
+	MaxGCEPDVolumeCountPred = "MaxGCEPDVolumeCount"
+	// MaxAzureDiskVolumeCountPred defines the name of predicate MaxAzureDiskVolumeCount.
+	MaxAzureDiskVolumeCountPred = "MaxAzureDiskVolumeCount"
+	// NoVolumeZoneConflictPred defines the name of predicate NoVolumeZoneConflict.
+	NoVolumeZoneConflictPred = "NoVolumeZoneConflict"
+	// CheckNodeMemoryPressurePred defines the name of predicate CheckNodeMemoryPressure.
+	CheckNodeMemoryPressurePred = "CheckNodeMemoryPressure"
+	// CheckNodeDiskPressurePred defines the name of predicate CheckNodeDiskPressure.
+	CheckNodeDiskPressurePred = "CheckNodeDiskPressure"
+
+	// DefaultMaxEBSVolumes is the limit for volumes attached to an instance.
+	// Amazon recommends no more than 40; the system root volume uses at least one.
+	// See http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/volume_limits.html#linux-specific-volume-limits
+	DefaultMaxEBSVolumes = 39
 	// DefaultMaxGCEPDVolumes defines the maximum number of PD Volumes for GCE
 	// GCE instances can have up to 16 PD volumes attached.
 	DefaultMaxGCEPDVolumes = 16
@@ -63,11 +105,11 @@ const (
 	// KubeMaxPDVols defines the maximum number of PD Volumes per kubelet
 	KubeMaxPDVols = "KUBE_MAX_PD_VOLS"
 
-	// for EBSVolumeFilter
+	// EBSVolumeFilterType defines the filter name for EBSVolumeFilter.
 	EBSVolumeFilterType = "EBS"
-	// for GCEPDVolumeFilter
+	// GCEPDVolumeFilterType defines the filter name for GCEPDVolumeFilter.
 	GCEPDVolumeFilterType = "GCE"
-	// for AzureDiskVolumeFilter
+	// AzureDiskVolumeFilterType defines the filter name for AzureDiskVolumeFilter.
 	AzureDiskVolumeFilterType = "AzureDisk"
 )
 
@@ -79,11 +121,27 @@ const (
 // For example:
 // https://github.com/kubernetes/kubernetes/blob/36a218e/plugin/pkg/scheduler/factory/factory.go#L422
 
-// NodeInfo: Other types for predicate functions...
+// IMPORTANT NOTE: this list contains the ordering of the predicates, if you develop a new predicate
+// it is mandatory to add its name to this list.
+// Otherwise it won't be processed, see generic_scheduler#podFitsOnNode().
+// The order is based on the restrictiveness & complexity of predicates.
+// Design doc: https://github.com/kubernetes/community/blob/master/contributors/design-proposals/scheduling/predicates-ordering.md
+var (
+	predicatesOrdering = []string{CheckNodeConditionPred, CheckNodeUnschedulablePred,
+		GeneralPred, HostNamePred, PodFitsHostPortsPred,
+		MatchNodeSelectorPred, PodFitsResourcesPred, NoDiskConflictPred,
+		PodToleratesNodeTaintsPred, PodToleratesNodeNoExecuteTaintsPred, CheckNodeLabelPresencePred,
+		CheckServiceAffinityPred, MaxEBSVolumeCountPred, MaxGCEPDVolumeCountPred,
+		MaxAzureDiskVolumeCountPred, CheckVolumeBindingPred, NoVolumeZoneConflictPred,
+		CheckNodeMemoryPressurePred, CheckNodeDiskPressurePred, MatchInterPodAffinityPred}
+)
+
+// NodeInfo interface represents anything that can get node object from node ID.
 type NodeInfo interface {
 	GetNodeInfo(nodeID string) (*v1.Node, error)
 }
 
+// PersistentVolumeInfo interface represents anything that can get persistent volume object by PV ID.
 type PersistentVolumeInfo interface {
 	GetPersistentVolumeInfo(pvID string) (*v1.PersistentVolume, error)
 }
@@ -93,10 +151,23 @@ type CachedPersistentVolumeInfo struct {
 	corelisters.PersistentVolumeLister
 }
 
+// Ordering returns the ordering of predicates.
+func Ordering() []string {
+	return predicatesOrdering
+}
+
+// SetPredicatesOrdering sets the ordering of predicates.
+func SetPredicatesOrdering(names []string) {
+	predicatesOrdering = names
+}
+
+// GetPersistentVolumeInfo returns a persistent volume object by PV ID.
 func (c *CachedPersistentVolumeInfo) GetPersistentVolumeInfo(pvID string) (*v1.PersistentVolume, error) {
 	return c.Get(pvID)
 }
 
+// PersistentVolumeClaimInfo interface represents anything that can get a PVC object in
+// specified namespace with specified name.
 type PersistentVolumeClaimInfo interface {
 	GetPersistentVolumeClaimInfo(namespace string, name string) (*v1.PersistentVolumeClaim, error)
 }
@@ -111,6 +182,7 @@ func (c *CachedPersistentVolumeClaimInfo) GetPersistentVolumeClaimInfo(namespace
 	return c.PersistentVolumeClaims(namespace).Get(name)
 }
 
+// CachedNodeInfo implements NodeInfo
 type CachedNodeInfo struct {
 	corelisters.NodeLister
 }
@@ -130,6 +202,7 @@ func (c *CachedNodeInfo) GetNodeInfo(id string) (*v1.Node, error) {
 	return node, nil
 }
 
+// StorageClassInfo interface represents anything that can get a storage class object by class name.
 type StorageClassInfo interface {
 	GetStorageClassInfo(className string) (*storagev1.StorageClass, error)
 }
@@ -139,6 +212,7 @@ type CachedStorageClassInfo struct {
 	storagelisters.StorageClassLister
 }
 
+// GetStorageClassInfo get StorageClass by class name.
 func (c *CachedStorageClassInfo) GetStorageClassInfo(className string) (*storagev1.StorageClass, error) {
 	return c.Get(className)
 }
@@ -210,6 +284,7 @@ func NoDiskConflict(pod *v1.Pod, meta algorithm.PredicateMetadata, nodeInfo *sch
 	return true, nil, nil
 }
 
+// MaxPDVolumeCountChecker contains information to check the max number of volumes for a predicate.
 type MaxPDVolumeCountChecker struct {
 	filter     VolumeFilter
 	maxVolumes int
@@ -244,7 +319,7 @@ func NewMaxPDVolumeCountPredicate(filterName string, pvInfo PersistentVolumeInfo
 
 	case EBSVolumeFilterType:
 		filter = EBSVolumeFilter
-		maxVolumes = getMaxVols(aws.DefaultMaxEBSVolumes)
+		maxVolumes = getMaxVols(DefaultMaxEBSVolumes)
 	case GCEPDVolumeFilterType:
 		filter = GCEPDVolumeFilter
 		maxVolumes = getMaxVols(DefaultMaxGCEPDVolumes)
@@ -298,33 +373,33 @@ func (c *MaxPDVolumeCountChecker) filterVolumes(volumes []v1.Volume, namespace s
 			// Until we know real ID of the volume use namespace/pvcName as substitute
 			// with a random prefix (calculated and stored inside 'c' during initialization)
 			// to avoid conflicts with existing volume IDs.
-			pvId := fmt.Sprintf("%s-%s/%s", c.randomVolumeIDPrefix, namespace, pvcName)
+			pvID := fmt.Sprintf("%s-%s/%s", c.randomVolumeIDPrefix, namespace, pvcName)
 
 			pvc, err := c.pvcInfo.GetPersistentVolumeClaimInfo(namespace, pvcName)
 			if err != nil || pvc == nil {
 				// if the PVC is not found, log the error and count the PV towards the PV limit
 				glog.V(4).Infof("Unable to look up PVC info for %s/%s, assuming PVC matches predicate when counting limits: %v", namespace, pvcName, err)
-				filteredVolumes[pvId] = true
+				filteredVolumes[pvID] = true
 				continue
 			}
 
-			if pvc.Spec.VolumeName == "" {
+			pvName := pvc.Spec.VolumeName
+			if pvName == "" {
 				// PVC is not bound. It was either deleted and created again or
-				// it was forcefuly unbound by admin. The pod can still use the
+				// it was forcefully unbound by admin. The pod can still use the
 				// original PV where it was bound to -> log the error and count
 				// the PV towards the PV limit
 				glog.V(4).Infof("PVC %s/%s is not bound, assuming PVC matches predicate when counting limits", namespace, pvcName)
-				filteredVolumes[pvId] = true
+				filteredVolumes[pvID] = true
 				continue
 			}
 
-			pvName := pvc.Spec.VolumeName
 			pv, err := c.pvInfo.GetPersistentVolumeInfo(pvName)
 			if err != nil || pv == nil {
 				// if the PV is not found, log the error
 				// and count the PV towards the PV limit
 				glog.V(4).Infof("Unable to look up PV info for %s/%s/%s, assuming PV matches predicate when counting limits: %v", namespace, pvcName, pvName, err)
-				filteredVolumes[pvId] = true
+				filteredVolumes[pvID] = true
 				continue
 			}
 
@@ -381,7 +456,7 @@ func (c *MaxPDVolumeCountChecker) predicate(pod *v1.Pod, meta algorithm.Predicat
 }
 
 // EBSVolumeFilter is a VolumeFilter for filtering AWS ElasticBlockStore Volumes
-var EBSVolumeFilter VolumeFilter = VolumeFilter{
+var EBSVolumeFilter = VolumeFilter{
 	FilterVolume: func(vol *v1.Volume) (string, bool) {
 		if vol.AWSElasticBlockStore != nil {
 			return vol.AWSElasticBlockStore.VolumeID, true
@@ -398,7 +473,7 @@ var EBSVolumeFilter VolumeFilter = VolumeFilter{
 }
 
 // GCEPDVolumeFilter is a VolumeFilter for filtering GCE PersistentDisk Volumes
-var GCEPDVolumeFilter VolumeFilter = VolumeFilter{
+var GCEPDVolumeFilter = VolumeFilter{
 	FilterVolume: func(vol *v1.Volume) (string, bool) {
 		if vol.GCEPersistentDisk != nil {
 			return vol.GCEPersistentDisk.PDName, true
@@ -415,7 +490,7 @@ var GCEPDVolumeFilter VolumeFilter = VolumeFilter{
 }
 
 // AzureDiskVolumeFilter is a VolumeFilter for filtering Azure Disk Volumes
-var AzureDiskVolumeFilter VolumeFilter = VolumeFilter{
+var AzureDiskVolumeFilter = VolumeFilter{
 	FilterVolume: func(vol *v1.Volume) (string, bool) {
 		if vol.AzureDisk != nil {
 			return vol.AzureDisk.DiskName, true
@@ -431,6 +506,7 @@ var AzureDiskVolumeFilter VolumeFilter = VolumeFilter{
 	},
 }
 
+// VolumeZoneChecker contains information to check the volume zone for a predicate.
 type VolumeZoneChecker struct {
 	pvInfo    PersistentVolumeInfo
 	pvcInfo   PersistentVolumeClaimInfo
@@ -639,9 +715,15 @@ func PodFitsResources(pod *v1.Pod, meta algorithm.PredicateMetadata, nodeInfo *s
 		predicateFails = append(predicateFails, NewInsufficientResourceError(v1.ResourcePods, 1, int64(len(nodeInfo.Pods())), int64(allowedPodNumber)))
 	}
 
+	// No extended resources should be ignored by default.
+	ignoredExtendedResources := sets.NewString()
+
 	var podRequest *schedulercache.Resource
 	if predicateMeta, ok := meta.(*predicateMetadata); ok {
 		podRequest = predicateMeta.podRequest
+		if predicateMeta.ignoredExtendedResources != nil {
+			ignoredExtendedResources = predicateMeta.ignoredExtendedResources
+		}
 	} else {
 		// We couldn't parse metadata - fallback to computing it.
 		podRequest = GetResourceRequest(pod)
@@ -670,6 +752,13 @@ func PodFitsResources(pod *v1.Pod, meta algorithm.PredicateMetadata, nodeInfo *s
 	}
 
 	for rName, rQuant := range podRequest.ScalarResources {
+		if v1helper.IsExtendedResourceName(rName) {
+			// If this resource is one of the extended resources that should be
+			// ignored, we will skip checking it.
+			if ignoredExtendedResources.Has(string(rName)) {
+				continue
+			}
+		}
 		if allocatable.ScalarResources[rName] < rQuant+nodeInfo.RequestedResource().ScalarResources[rName] {
 			predicateFails = append(predicateFails, NewInsufficientResourceError(rName, podRequest.ScalarResources[rName], nodeInfo.RequestedResource().ScalarResources[rName], allocatable.ScalarResources[rName]))
 		}
@@ -775,11 +864,14 @@ func PodFitsHost(pod *v1.Pod, meta algorithm.PredicateMetadata, nodeInfo *schedu
 	return false, []algorithm.PredicateFailureReason{ErrPodNotMatchHostName}, nil
 }
 
+// NodeLabelChecker contains information to check node labels for a predicate.
 type NodeLabelChecker struct {
 	labels   []string
 	presence bool
 }
 
+// NewNodeLabelPredicate creates a predicate which evaluates whether a pod can fit based on the
+// node labels which match a filter that it requests.
 func NewNodeLabelPredicate(labels []string, presence bool) algorithm.FitPredicate {
 	labelChecker := &NodeLabelChecker{
 		labels:   labels,
@@ -817,6 +909,7 @@ func (n *NodeLabelChecker) CheckNodeLabelPresence(pod *v1.Pod, meta algorithm.Pr
 	return true, nil, nil
 }
 
+// ServiceAffinity defines a struct used for create service affinity predicates.
 type ServiceAffinity struct {
 	podLister     algorithm.PodLister
 	serviceLister algorithm.ServiceLister
@@ -846,6 +939,7 @@ func (s *ServiceAffinity) serviceAffinityMetadataProducer(pm *predicateMetadata)
 	pm.serviceAffinityMatchingPodList = FilterPodsByNamespace(allMatches, pm.pod.Namespace)
 }
 
+// NewServiceAffinityPredicate creates a ServiceAffinity.
 func NewServiceAffinityPredicate(podLister algorithm.PodLister, serviceLister algorithm.ServiceLister, nodeInfo NodeInfo, labels []string) (algorithm.FitPredicate, PredicateMetadataProducer) {
 	affinity := &ServiceAffinity{
 		podLister:     podLister,
@@ -923,12 +1017,12 @@ func (s *ServiceAffinity) checkServiceAffinity(pod *v1.Pod, meta algorithm.Predi
 
 // PodFitsHostPorts checks if a node has free ports for the requested pod ports.
 func PodFitsHostPorts(pod *v1.Pod, meta algorithm.PredicateMetadata, nodeInfo *schedulercache.NodeInfo) (bool, []algorithm.PredicateFailureReason, error) {
-	var wantPorts map[string]bool
+	var wantPorts []*v1.ContainerPort
 	if predicateMeta, ok := meta.(*predicateMetadata); ok {
 		wantPorts = predicateMeta.podPorts
 	} else {
 		// We couldn't parse metadata - fallback to computing it.
-		wantPorts = schedutil.GetUsedPorts(pod)
+		wantPorts = schedutil.GetContainerPorts(pod)
 	}
 	if len(wantPorts) == 0 {
 		return true, nil, nil
@@ -1028,11 +1122,13 @@ func EssentialPredicates(pod *v1.Pod, meta algorithm.PredicateMetadata, nodeInfo
 	return len(predicateFails) == 0, predicateFails, nil
 }
 
+// PodAffinityChecker contains information to check pod affinity.
 type PodAffinityChecker struct {
 	info      NodeInfo
 	podLister algorithm.PodLister
 }
 
+// NewPodAffinityPredicate creates a PodAffinityChecker.
 func NewPodAffinityPredicate(info NodeInfo, podLister algorithm.PodLister) algorithm.FitPredicate {
 	checker := &PodAffinityChecker{
 		info:      info,
@@ -1077,7 +1173,7 @@ func (c *PodAffinityChecker) InterPodAffinityMatches(pod *v1.Pod, meta algorithm
 // First return value indicates whether a matching pod exists on a node that matches the topology key,
 // while the second return value indicates whether a matching pod exists anywhere.
 // TODO: Do we really need any pod matching, or all pods matching? I think the latter.
-func (c *PodAffinityChecker) anyPodMatchesPodAffinityTerm(pod *v1.Pod, allPods []*v1.Pod, node *v1.Node, term *v1.PodAffinityTerm) (bool, bool, error) {
+func (c *PodAffinityChecker) anyPodMatchesPodAffinityTerm(pod *v1.Pod, pods []*v1.Pod, nodeInfo *schedulercache.NodeInfo, term *v1.PodAffinityTerm) (bool, bool, error) {
 	if len(term.TopologyKey) == 0 {
 		return false, false, fmt.Errorf("empty topologyKey is not allowed except for PreferredDuringScheduling pod anti-affinity")
 	}
@@ -1087,7 +1183,12 @@ func (c *PodAffinityChecker) anyPodMatchesPodAffinityTerm(pod *v1.Pod, allPods [
 	if err != nil {
 		return false, false, err
 	}
-	for _, existingPod := range allPods {
+	// Special case: When the topological domain is node, we can limit our
+	// search to pods on that node without searching the entire cluster.
+	if term.TopologyKey == kubeletapis.LabelHostname {
+		pods = nodeInfo.Pods()
+	}
+	for _, existingPod := range pods {
 		match := priorityutil.PodMatchesTermsNamespaceAndSelector(existingPod, namespaces, selector)
 		if match {
 			matchingPodExists = true
@@ -1095,7 +1196,7 @@ func (c *PodAffinityChecker) anyPodMatchesPodAffinityTerm(pod *v1.Pod, allPods [
 			if err != nil {
 				return false, matchingPodExists, err
 			}
-			if priorityutil.NodesHaveSameTopologyKey(node, existingPodNode, term.TopologyKey) {
+			if priorityutil.NodesHaveSameTopologyKey(nodeInfo.Node(), existingPodNode, term.TopologyKey) {
 				return true, matchingPodExists, nil
 			}
 		}
@@ -1103,6 +1204,7 @@ func (c *PodAffinityChecker) anyPodMatchesPodAffinityTerm(pod *v1.Pod, allPods [
 	return false, matchingPodExists, nil
 }
 
+// GetPodAffinityTerms gets pod affinity terms by a pod affinity object.
 func GetPodAffinityTerms(podAffinity *v1.PodAffinity) (terms []v1.PodAffinityTerm) {
 	if podAffinity != nil {
 		if len(podAffinity.RequiredDuringSchedulingIgnoredDuringExecution) != 0 {
@@ -1116,6 +1218,7 @@ func GetPodAffinityTerms(podAffinity *v1.PodAffinity) (terms []v1.PodAffinityTer
 	return terms
 }
 
+// GetPodAntiAffinityTerms gets pod affinity terms by a pod anti-affinity.
 func GetPodAntiAffinityTerms(podAntiAffinity *v1.PodAntiAffinity) (terms []v1.PodAffinityTerm) {
 	if podAntiAffinity != nil {
 		if len(podAntiAffinity.RequiredDuringSchedulingIgnoredDuringExecution) != 0 {
@@ -1295,7 +1398,7 @@ func (c *PodAffinityChecker) satisfiesPodsAffinityAntiAffinity(pod *v1.Pod, node
 
 	// Check all affinity terms.
 	for _, term := range GetPodAffinityTerms(affinity.PodAffinity) {
-		termMatches, matchingPodExists, err := c.anyPodMatchesPodAffinityTerm(pod, filteredPods, node, &term)
+		termMatches, matchingPodExists, err := c.anyPodMatchesPodAffinityTerm(pod, filteredPods, nodeInfo, &term)
 		if err != nil {
 			errMessage := fmt.Sprintf("Cannot schedule pod %+v onto node %v, because of PodAffinityTerm %v, err: %v", podName(pod), node.Name, term, err)
 			glog.Error(errMessage)
@@ -1328,7 +1431,7 @@ func (c *PodAffinityChecker) satisfiesPodsAffinityAntiAffinity(pod *v1.Pod, node
 
 	// Check all anti-affinity terms.
 	for _, term := range GetPodAntiAffinityTerms(affinity.PodAntiAffinity) {
-		termMatches, _, err := c.anyPodMatchesPodAffinityTerm(pod, filteredPods, node, &term)
+		termMatches, _, err := c.anyPodMatchesPodAffinityTerm(pod, filteredPods, nodeInfo, &term)
 		if err != nil || termMatches {
 			glog.V(10).Infof("Cannot schedule pod %+v onto node %v, because of PodAntiAffinityTerm %v, err: %v",
 				podName(pod), node.Name, term, err)
@@ -1345,8 +1448,25 @@ func (c *PodAffinityChecker) satisfiesPodsAffinityAntiAffinity(pod *v1.Pod, node
 	return nil, nil
 }
 
+// CheckNodeUnschedulablePredicate checks if a pod can be scheduled on a node with Unschedulable spec.
+func CheckNodeUnschedulablePredicate(pod *v1.Pod, meta algorithm.PredicateMetadata, nodeInfo *schedulercache.NodeInfo) (bool, []algorithm.PredicateFailureReason, error) {
+	if nodeInfo == nil || nodeInfo.Node() == nil {
+		return false, []algorithm.PredicateFailureReason{ErrNodeUnknownCondition}, nil
+	}
+
+	if nodeInfo.Node().Spec.Unschedulable {
+		return false, []algorithm.PredicateFailureReason{ErrNodeUnschedulable}, nil
+	}
+
+	return true, nil, nil
+}
+
 // PodToleratesNodeTaints checks if a pod tolerations can tolerate the node taints
 func PodToleratesNodeTaints(pod *v1.Pod, meta algorithm.PredicateMetadata, nodeInfo *schedulercache.NodeInfo) (bool, []algorithm.PredicateFailureReason, error) {
+	if nodeInfo == nil || nodeInfo.Node() == nil {
+		return false, []algorithm.PredicateFailureReason{ErrNodeUnknownCondition}, nil
+	}
+
 	return podToleratesNodeTaints(pod, nodeInfo, func(t *v1.Taint) bool {
 		// PodToleratesNodeTaints is only interested in NoSchedule and NoExecute taints.
 		return t.Effect == v1.TaintEffectNoSchedule || t.Effect == v1.TaintEffectNoExecute
@@ -1440,6 +1560,7 @@ func CheckNodeConditionPredicate(pod *v1.Pod, meta algorithm.PredicateMetadata,
 	return len(reasons) == 0, reasons, nil
 }
 
+// VolumeBindingChecker contains information to check a volume binding.
 type VolumeBindingChecker struct {
 	binder *volumebinder.VolumeBinder
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates/testing_helper.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/predicates/testing_helper.go
similarity index 74%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates/testing_helper.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/predicates/testing_helper.go
index 57306c58aad2..c8e7cb1e17c0 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates/testing_helper.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/predicates/testing_helper.go
@@ -23,8 +23,10 @@ import (
 	storagev1 "k8s.io/api/storage/v1"
 )
 
+// FakePersistentVolumeClaimInfo declares a []v1.PersistentVolumeClaim type for testing.
 type FakePersistentVolumeClaimInfo []v1.PersistentVolumeClaim
 
+// GetPersistentVolumeClaimInfo gets PVC matching the namespace and PVC ID.
 func (pvcs FakePersistentVolumeClaimInfo) GetPersistentVolumeClaimInfo(namespace string, pvcID string) (*v1.PersistentVolumeClaim, error) {
 	for _, pvc := range pvcs {
 		if pvc.Name == pvcID && pvc.Namespace == namespace {
@@ -34,15 +36,19 @@ func (pvcs FakePersistentVolumeClaimInfo) GetPersistentVolumeClaimInfo(namespace
 	return nil, fmt.Errorf("Unable to find persistent volume claim: %s/%s", namespace, pvcID)
 }
 
+// FakeNodeInfo declares a v1.Node type for testing.
 type FakeNodeInfo v1.Node
 
+// GetNodeInfo return a fake node info object.
 func (n FakeNodeInfo) GetNodeInfo(nodeName string) (*v1.Node, error) {
 	node := v1.Node(n)
 	return &node, nil
 }
 
+// FakeNodeListInfo declares a []v1.Node type for testing.
 type FakeNodeListInfo []v1.Node
 
+// GetNodeInfo returns a fake node object in the fake nodes.
 func (nodes FakeNodeListInfo) GetNodeInfo(nodeName string) (*v1.Node, error) {
 	for _, node := range nodes {
 		if node.Name == nodeName {
@@ -52,8 +58,10 @@ func (nodes FakeNodeListInfo) GetNodeInfo(nodeName string) (*v1.Node, error) {
 	return nil, fmt.Errorf("Unable to find node: %s", nodeName)
 }
 
+// FakePersistentVolumeInfo declares a []v1.PersistentVolume type for testing.
 type FakePersistentVolumeInfo []v1.PersistentVolume
 
+// GetPersistentVolumeInfo returns a fake PV object in the fake PVs by PV ID.
 func (pvs FakePersistentVolumeInfo) GetPersistentVolumeInfo(pvID string) (*v1.PersistentVolume, error) {
 	for _, pv := range pvs {
 		if pv.Name == pvID {
@@ -63,8 +71,10 @@ func (pvs FakePersistentVolumeInfo) GetPersistentVolumeInfo(pvID string) (*v1.Pe
 	return nil, fmt.Errorf("Unable to find persistent volume: %s", pvID)
 }
 
+// FakeStorageClassInfo declares a []storagev1.StorageClass type for testing.
 type FakeStorageClassInfo []storagev1.StorageClass
 
+// GetStorageClassInfo returns a fake storage class object in the fake storage classes by name.
 func (classes FakeStorageClassInfo) GetStorageClassInfo(name string) (*storagev1.StorageClass, error) {
 	for _, sc := range classes {
 		if sc.Name == name {
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates/utils.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/predicates/utils.go
similarity index 65%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates/utils.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/predicates/utils.go
index 622bdc683597..2e8761279ca9 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates/utils.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/predicates/utils.go
@@ -17,16 +17,13 @@ limitations under the License.
 package predicates
 
 import (
-	"strings"
-
 	"github.com/golang/glog"
-
 	"k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/util/sets"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
-	schedutil "k8s.io/kubernetes/plugin/pkg/scheduler/util"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
+	schedutil "k8s.io/kubernetes/pkg/scheduler/util"
 )
 
 // FindLabelsInSet gets as many key/value pairs as possible out of a label set.
@@ -95,17 +92,18 @@ func (e *EquivalencePodGenerator) getEquivalencePod(pod *v1.Pod) interface{} {
 	// to be equivalent
 	for _, ref := range pod.OwnerReferences {
 		if ref.Controller != nil && *ref.Controller {
-			if pvcSet, err := e.getPVCSet(pod); err == nil {
+			pvcSet, err := e.getPVCSet(pod)
+			if err == nil {
 				// A pod can only belongs to one controller, so let's return.
 				return &EquivalencePod{
 					ControllerRef: ref,
 					PVCSet:        pvcSet,
 				}
-			} else {
-				// If error encountered, log warning and return nil (i.e. no equivalent pod found)
-				glog.Warningf("[EquivalencePodGenerator] for pod: %v failed due to: %v", pod.GetName(), err)
-				return nil
 			}
+
+			// If error encountered, log warning and return nil (i.e. no equivalent pod found)
+			glog.Warningf("[EquivalencePodGenerator] for pod: %v failed due to: %v", pod.GetName(), err)
+			return nil
 		}
 	}
 	return nil
@@ -135,65 +133,11 @@ type EquivalencePod struct {
 	PVCSet        sets.String
 }
 
-type hostPortInfo struct {
-	protocol string
-	hostIP   string
-	hostPort string
-}
-
-// decode decodes string ("protocol/hostIP/hostPort") to *hostPortInfo object.
-func decode(info string) *hostPortInfo {
-	hostPortInfoSlice := strings.Split(info, "/")
-
-	protocol := hostPortInfoSlice[0]
-	hostIP := hostPortInfoSlice[1]
-	hostPort := hostPortInfoSlice[2]
-
-	return &hostPortInfo{
-		protocol: protocol,
-		hostIP:   hostIP,
-		hostPort: hostPort,
-	}
-}
-
-// specialPortConflictCheck detects whether specailHostPort(whose hostIP is 0.0.0.0) is conflict with otherHostPorts.
-// return true if we have a conflict.
-func specialPortConflictCheck(specialHostPort string, otherHostPorts map[string]bool) bool {
-	specialHostPortInfo := decode(specialHostPort)
-
-	if specialHostPortInfo.hostIP == schedutil.DefaultBindAllHostIP {
-		// loop through all the otherHostPorts to see if there exists a conflict
-		for hostPortItem := range otherHostPorts {
-			hostPortInfo := decode(hostPortItem)
-
-			// if there exists one hostPortItem which has the same hostPort and protocol with the specialHostPort, that will cause a conflict
-			if specialHostPortInfo.hostPort == hostPortInfo.hostPort && specialHostPortInfo.protocol == hostPortInfo.protocol {
-				return true
-			}
-		}
-
-	}
-
-	return false
-}
-
 // portsConflict check whether existingPorts and wantPorts conflict with each other
 // return true if we have a conflict
-func portsConflict(existingPorts, wantPorts map[string]bool) bool {
-
-	for existingPort := range existingPorts {
-		if specialPortConflictCheck(existingPort, wantPorts) {
-			return true
-		}
-	}
-
-	for wantPort := range wantPorts {
-		if specialPortConflictCheck(wantPort, existingPorts) {
-			return true
-		}
-
-		// general check hostPort conflict procedure for hostIP is not 0.0.0.0
-		if existingPorts[wantPort] {
+func portsConflict(existingPorts schedutil.HostPortInfo, wantPorts []*v1.ContainerPort) bool {
+	for _, cp := range wantPorts {
+		if existingPorts.CheckConflict(cp.HostIP, string(cp.Protocol), cp.HostPort) {
 			return true
 		}
 	}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/BUILD b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/BUILD
similarity index 72%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/BUILD
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/BUILD
index 2c335c4004ef..9012ddcb2edd 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/BUILD
@@ -19,21 +19,21 @@ go_library(
         "node_label.go",
         "node_prefer_avoid_pods.go",
         "reduce.go",
+        "resource_allocation.go",
         "resource_limits.go",
         "selector_spreading.go",
         "taint_toleration.go",
         "test_util.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities",
+    importpath = "k8s.io/kubernetes/pkg/scheduler/algorithm/priorities",
     deps = [
         "//pkg/apis/core/v1/helper:go_default_library",
-        "//pkg/kubelet/apis:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
+        "//pkg/scheduler/algorithm/predicates:go_default_library",
+        "//pkg/scheduler/algorithm/priorities/util:go_default_library",
+        "//pkg/scheduler/api:go_default_library",
+        "//pkg/scheduler/schedulercache:go_default_library",
         "//pkg/util/node:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/predicates:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/priorities/util:go_default_library",
-        "//plugin/pkg/scheduler/api:go_default_library",
-        "//plugin/pkg/scheduler/schedulercache:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
@@ -60,14 +60,13 @@ go_test(
         "selector_spreading_test.go",
         "taint_toleration_test.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/apis:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/priorities/util:go_default_library",
-        "//plugin/pkg/scheduler/api:go_default_library",
-        "//plugin/pkg/scheduler/schedulercache:go_default_library",
-        "//plugin/pkg/scheduler/testing:go_default_library",
+        "//pkg/scheduler/algorithm/priorities/util:go_default_library",
+        "//pkg/scheduler/api:go_default_library",
+        "//pkg/scheduler/schedulercache:go_default_library",
+        "//pkg/scheduler/testing:go_default_library",
         "//vendor/k8s.io/api/apps/v1beta1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
@@ -87,7 +86,7 @@ filegroup(
     name = "all-srcs",
     srcs = [
         ":package-srcs",
-        "//plugin/pkg/scheduler/algorithm/priorities/util:all-srcs",
+        "//pkg/scheduler/algorithm/priorities/util:all-srcs",
     ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/balanced_resource_allocation.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/balanced_resource_allocation.go
new file mode 100644
index 000000000000..5f070caac135
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/balanced_resource_allocation.go
@@ -0,0 +1,61 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package priorities
+
+import (
+	"math"
+
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
+)
+
+var (
+	balancedResourcePriority = &ResourceAllocationPriority{"BalancedResourceAllocation", balancedResourceScorer}
+
+	// BalancedResourceAllocationMap favors nodes with balanced resource usage rate.
+	// BalancedResourceAllocationMap should **NOT** be used alone, and **MUST** be used together
+	// with LeastRequestedPriority. It calculates the difference between the cpu and memory fraction
+	// of capacity, and prioritizes the host based on how close the two metrics are to each other.
+	// Detail: score = 10 - abs(cpuFraction-memoryFraction)*10. The algorithm is partly inspired by:
+	// "Wei Huang et al. An Energy Efficient Virtual Machine Placement Algorithm with Balanced
+	// Resource Utilization"
+	BalancedResourceAllocationMap = balancedResourcePriority.PriorityMap
+)
+
+func balancedResourceScorer(requested, allocable *schedulercache.Resource) int64 {
+	cpuFraction := fractionOfCapacity(requested.MilliCPU, allocable.MilliCPU)
+	memoryFraction := fractionOfCapacity(requested.Memory, allocable.Memory)
+
+	if cpuFraction >= 1 || memoryFraction >= 1 {
+		// if requested >= capacity, the corresponding host should never be preferred.
+		return 0
+	}
+
+	// Upper and lower boundary of difference between cpuFraction and memoryFraction are -1 and 1
+	// respectively. Multilying the absolute value of the difference by 10 scales the value to
+	// 0-10 with 0 representing well balanced allocation and 10 poorly balanced. Subtracting it from
+	// 10 leads to the score which also scales from 0 to 10 while 10 representing well balanced.
+	diff := math.Abs(cpuFraction - memoryFraction)
+	return int64((1 - diff) * float64(schedulerapi.MaxPriority))
+}
+
+func fractionOfCapacity(requested, capacity int64) float64 {
+	if capacity == 0 {
+		return 1
+	}
+	return float64(requested) / float64(capacity)
+}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/image_locality.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/image_locality.go
similarity index 89%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/image_locality.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/image_locality.go
index 1629dee4fdfe..5df5d35308df 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/image_locality.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/image_locality.go
@@ -20,8 +20,15 @@ import (
 	"fmt"
 
 	"k8s.io/api/core/v1"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
+)
+
+// This is a reasonable size range of all container images. 90%ile of images on dockerhub drops into this range.
+const (
+	mb         int64 = 1024 * 1024
+	minImgSize int64 = 23 * mb
+	maxImgSize int64 = 1000 * mb
 )
 
 // ImageLocalityPriorityMap is a priority function that favors nodes that already have requested pod container's images.
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/interpod_affinity.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/interpod_affinity.go
similarity index 89%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/interpod_affinity.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/interpod_affinity.go
index af2cd8f6c20f..f3e9c9647b6a 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/interpod_affinity.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/interpod_affinity.go
@@ -17,23 +17,22 @@ limitations under the License.
 package priorities
 
 import (
-	"strings"
 	"sync"
 
 	"k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/client-go/util/workqueue"
-	kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates"
-	priorityutil "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm/predicates"
+	priorityutil "k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 
 	"github.com/golang/glog"
 )
 
+// InterPodAffinity contains information to calculate inter pod affinity.
 type InterPodAffinity struct {
 	info                  predicates.NodeInfo
 	nodeLister            algorithm.NodeLister
@@ -41,6 +40,7 @@ type InterPodAffinity struct {
 	hardPodAffinityWeight int32
 }
 
+// NewInterPodAffinityPriority creates an InterPodAffinity.
 func NewInterPodAffinityPriority(
 	info predicates.NodeInfo,
 	nodeLister algorithm.NodeLister,
@@ -63,17 +63,14 @@ type podAffinityPriorityMap struct {
 	// counts store the mapping from node name to so-far computed score of
 	// the node.
 	counts map[string]float64
-	// failureDomains contain default failure domains keys
-	failureDomains priorityutil.Topologies
 	// The first error that we faced.
 	firstError error
 }
 
 func newPodAffinityPriorityMap(nodes []*v1.Node) *podAffinityPriorityMap {
 	return &podAffinityPriorityMap{
-		nodes:          nodes,
-		counts:         make(map[string]float64, len(nodes)),
-		failureDomains: priorityutil.Topologies{DefaultKeys: strings.Split(kubeletapis.DefaultFailureDomains, ",")},
+		nodes:  nodes,
+		counts: make(map[string]float64, len(nodes)),
 	}
 }
 
@@ -98,7 +95,7 @@ func (p *podAffinityPriorityMap) processTerm(term *v1.PodAffinityTerm, podDefini
 			p.Lock()
 			defer p.Unlock()
 			for _, node := range p.nodes {
-				if p.failureDomains.NodesHaveSameTopologyKey(node, fixedNode, term.TopologyKey) {
+				if priorityutil.NodesHaveSameTopologyKey(node, fixedNode, term.TopologyKey) {
 					p.counts[node.Name] += weight
 				}
 			}
@@ -236,9 +233,7 @@ func (ipa *InterPodAffinity) CalculateInterPodAffinityPriority(pod *v1.Pod, node
 		}
 		result = append(result, schedulerapi.HostPriority{Host: node.Name, Score: int(fScore)})
 		if glog.V(10) {
-			// We explicitly don't do glog.V(10).Infof() to avoid computing all the parameters if this is
-			// not logged. There is visible performance gain from it.
-			glog.V(10).Infof("%v -> %v: InterPodAffinityPriority, Score: (%d)", pod.Name, node.Name, int(fScore))
+			glog.Infof("%v -> %v: InterPodAffinityPriority, Score: (%d)", pod.Name, node.Name, int(fScore))
 		}
 	}
 	return result, nil
diff --git a/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/least_requested.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/least_requested.go
new file mode 100644
index 000000000000..33d6e5a6c4e9
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/least_requested.go
@@ -0,0 +1,53 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package priorities
+
+import (
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
+)
+
+var (
+	leastResourcePriority = &ResourceAllocationPriority{"LeastResourceAllocation", leastResourceScorer}
+
+	// LeastRequestedPriorityMap is a priority function that favors nodes with fewer requested resources.
+	// It calculates the percentage of memory and CPU requested by pods scheduled on the node, and
+	// prioritizes based on the minimum of the average of the fraction of requested to capacity.
+	//
+	// Details:
+	// cpu((capacity-sum(requested))*10/capacity) + memory((capacity-sum(requested))*10/capacity)/2
+	LeastRequestedPriorityMap = leastResourcePriority.PriorityMap
+)
+
+func leastResourceScorer(requested, allocable *schedulercache.Resource) int64 {
+	return (leastRequestedScore(requested.MilliCPU, allocable.MilliCPU) +
+		leastRequestedScore(requested.Memory, allocable.Memory)) / 2
+}
+
+// The unused capacity is calculated on a scale of 0-10
+// 0 being the lowest priority and 10 being the highest.
+// The more unused resources the higher the score is.
+func leastRequestedScore(requested, capacity int64) int64 {
+	if capacity == 0 {
+		return 0
+	}
+	if requested > capacity {
+		return 0
+	}
+
+	return ((capacity - requested) * int64(schedulerapi.MaxPriority)) / capacity
+}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/metadata.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/metadata.go
similarity index 65%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/metadata.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/metadata.go
index 1e16c4aad4da..da88a9f3a366 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/metadata.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/metadata.go
@@ -20,10 +20,12 @@ import (
 	"k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
+	priorityutil "k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 )
 
+// PriorityMetadataFactory is a factory to produce PriorityMetadata.
 type PriorityMetadataFactory struct {
 	serviceLister     algorithm.ServiceLister
 	controllerLister  algorithm.ControllerLister
@@ -31,7 +33,8 @@ type PriorityMetadataFactory struct {
 	statefulSetLister algorithm.StatefulSetLister
 }
 
-func NewPriorityMetadataFactory(serviceLister algorithm.ServiceLister, controllerLister algorithm.ControllerLister, replicaSetLister algorithm.ReplicaSetLister, statefulSetLister algorithm.StatefulSetLister) algorithm.MetadataProducer {
+// NewPriorityMetadataFactory creates a PriorityMetadataFactory.
+func NewPriorityMetadataFactory(serviceLister algorithm.ServiceLister, controllerLister algorithm.ControllerLister, replicaSetLister algorithm.ReplicaSetLister, statefulSetLister algorithm.StatefulSetLister) algorithm.PriorityMetadataProducer {
 	factory := &PriorityMetadataFactory{
 		serviceLister:     serviceLister,
 		controllerLister:  controllerLister,
@@ -43,41 +46,54 @@ func NewPriorityMetadataFactory(serviceLister algorithm.ServiceLister, controlle
 
 // priorityMetadata is a type that is passed as metadata for priority functions
 type priorityMetadata struct {
-	nonZeroRequest *schedulercache.Resource
-	podTolerations []v1.Toleration
-	affinity       *v1.Affinity
-	podSelectors   []labels.Selector
+	nonZeroRequest          *schedulercache.Resource
+	podTolerations          []v1.Toleration
+	affinity                *v1.Affinity
+	podSelectors            []labels.Selector
+	controllerRef           *metav1.OwnerReference
+	podFirstServiceSelector labels.Selector
 }
 
-// PriorityMetadata is a MetadataProducer.  Node info can be nil.
+// PriorityMetadata is a PriorityMetadataProducer.  Node info can be nil.
 func (pmf *PriorityMetadataFactory) PriorityMetadata(pod *v1.Pod, nodeNameToInfo map[string]*schedulercache.NodeInfo) interface{} {
 	// If we cannot compute metadata, just return nil
 	if pod == nil {
 		return nil
 	}
-	tolerationsPreferNoSchedule := getAllTolerationPreferNoSchedule(pod.Spec.Tolerations)
-	podSelectors := getSelectors(pod, pmf.serviceLister, pmf.controllerLister, pmf.replicaSetLister, pmf.statefulSetLister)
 	return &priorityMetadata{
-		nonZeroRequest: getNonZeroRequests(pod),
-		podTolerations: tolerationsPreferNoSchedule,
-		affinity:       pod.Spec.Affinity,
-		podSelectors:   podSelectors,
+		nonZeroRequest:          getNonZeroRequests(pod),
+		podTolerations:          getAllTolerationPreferNoSchedule(pod.Spec.Tolerations),
+		affinity:                pod.Spec.Affinity,
+		podSelectors:            getSelectors(pod, pmf.serviceLister, pmf.controllerLister, pmf.replicaSetLister, pmf.statefulSetLister),
+		controllerRef:           priorityutil.GetControllerRef(pod),
+		podFirstServiceSelector: getFirstServiceSelector(pod, pmf.serviceLister),
 	}
 }
 
+// getFirstServiceSelector returns one selector of services the given pod.
+func getFirstServiceSelector(pod *v1.Pod, sl algorithm.ServiceLister) (firstServiceSelector labels.Selector) {
+	if services, err := sl.GetPodServices(pod); err == nil && len(services) > 0 {
+		return labels.SelectorFromSet(services[0].Spec.Selector)
+	}
+	return nil
+}
+
 // getSelectors returns selectors of services, RCs and RSs matching the given pod.
 func getSelectors(pod *v1.Pod, sl algorithm.ServiceLister, cl algorithm.ControllerLister, rsl algorithm.ReplicaSetLister, ssl algorithm.StatefulSetLister) []labels.Selector {
 	var selectors []labels.Selector
+
 	if services, err := sl.GetPodServices(pod); err == nil {
 		for _, service := range services {
 			selectors = append(selectors, labels.SelectorFromSet(service.Spec.Selector))
 		}
 	}
+
 	if rcs, err := cl.GetPodControllers(pod); err == nil {
 		for _, rc := range rcs {
 			selectors = append(selectors, labels.SelectorFromSet(rc.Spec.Selector))
 		}
 	}
+
 	if rss, err := rsl.GetPodReplicaSets(pod); err == nil {
 		for _, rs := range rss {
 			if selector, err := metav1.LabelSelectorAsSelector(rs.Spec.Selector); err == nil {
@@ -85,6 +101,7 @@ func getSelectors(pod *v1.Pod, sl algorithm.ServiceLister, cl algorithm.Controll
 			}
 		}
 	}
+
 	if sss, err := ssl.GetPodStatefulSets(pod); err == nil {
 		for _, ss := range sss {
 			if selector, err := metav1.LabelSelectorAsSelector(ss.Spec.Selector); err == nil {
@@ -92,5 +109,6 @@ func getSelectors(pod *v1.Pod, sl algorithm.ServiceLister, cl algorithm.Controll
 			}
 		}
 	}
+
 	return selectors
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/most_requested.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/most_requested.go
new file mode 100644
index 000000000000..6cb6fe323e7d
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/most_requested.go
@@ -0,0 +1,55 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package priorities
+
+import (
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
+)
+
+var (
+	mostResourcePriority = &ResourceAllocationPriority{"MostResourceAllocation", mostResourceScorer}
+
+	// MostRequestedPriorityMap is a priority function that favors nodes with most requested resources.
+	// It calculates the percentage of memory and CPU requested by pods scheduled on the node, and prioritizes
+	// based on the maximum of the average of the fraction of requested to capacity.
+	// Details: (cpu(10 * sum(requested) / capacity) + memory(10 * sum(requested) / capacity)) / 2
+	MostRequestedPriorityMap = mostResourcePriority.PriorityMap
+)
+
+func mostResourceScorer(requested, allocable *schedulercache.Resource) int64 {
+	return (mostRequestedScore(requested.MilliCPU, allocable.MilliCPU) +
+		mostRequestedScore(requested.Memory, allocable.Memory)) / 2
+}
+
+// The used capacity is calculated on a scale of 0-10
+// 0 being the lowest priority and 10 being the highest.
+// The more resources are used the higher the score is. This function
+// is almost a reversed version of least_requested_priority.calculatUnusedScore
+// (10 - calculateUnusedScore). The main difference is in rounding. It was added to
+// keep the final formula clean and not to modify the widely used (by users
+// in their default scheduling policies) calculateUSedScore.
+func mostRequestedScore(requested, capacity int64) int64 {
+	if capacity == 0 {
+		return 0
+	}
+	if requested > capacity {
+		return 0
+	}
+
+	return (requested * schedulerapi.MaxPriority) / capacity
+}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/node_affinity.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/node_affinity.go
similarity index 90%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/node_affinity.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/node_affinity.go
index 0ed713a3b5c1..ca0a351650e9 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/node_affinity.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/node_affinity.go
@@ -22,11 +22,11 @@ import (
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/labels"
 	v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 )
 
-// CalculateNodeAffinityPriority prioritizes nodes according to node affinity scheduling preferences
+// CalculateNodeAffinityPriorityMap prioritizes nodes according to node affinity scheduling preferences
 // indicated in PreferredDuringSchedulingIgnoredDuringExecution. Each time a node match a preferredSchedulingTerm,
 // it will a get an add of preferredSchedulingTerm.Weight. Thus, the more preferredSchedulingTerms
 // the node satisfies and the more the preferredSchedulingTerm that is satisfied weights, the higher
@@ -74,4 +74,5 @@ func CalculateNodeAffinityPriorityMap(pod *v1.Pod, meta interface{}, nodeInfo *s
 	}, nil
 }
 
+// CalculateNodeAffinityPriorityReduce is a reduce function for node affinity priority calculation.
 var CalculateNodeAffinityPriorityReduce = NormalizeReduce(schedulerapi.MaxPriority, false)
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/node_label.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/node_label.go
similarity index 80%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/node_label.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/node_label.go
index 7eef5a3bd762..ae5d070a12c7 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/node_label.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/node_label.go
@@ -21,16 +21,18 @@ import (
 
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/labels"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 )
 
+// NodeLabelPrioritizer contains information to calculate node label priority.
 type NodeLabelPrioritizer struct {
 	label    string
 	presence bool
 }
 
+// NewNodeLabelPriority creates a NodeLabelPrioritizer.
 func NewNodeLabelPriority(label string, presence bool) (algorithm.PriorityMapFunction, algorithm.PriorityReduceFunction) {
 	labelPrioritizer := &NodeLabelPrioritizer{
 		label:    label,
@@ -39,7 +41,7 @@ func NewNodeLabelPriority(label string, presence bool) (algorithm.PriorityMapFun
 	return labelPrioritizer.CalculateNodeLabelPriorityMap, nil
 }
 
-// CalculateNodeLabelPriority checks whether a particular label exists on a node or not, regardless of its value.
+// CalculateNodeLabelPriorityMap checks whether a particular label exists on a node or not, regardless of its value.
 // If presence is true, prioritizes nodes that have the specified label, regardless of value.
 // If presence is false, prioritizes nodes that do not have the specified label.
 func (n *NodeLabelPrioritizer) CalculateNodeLabelPriorityMap(pod *v1.Pod, meta interface{}, nodeInfo *schedulercache.NodeInfo) (schedulerapi.HostPriority, error) {
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/node_prefer_avoid_pods.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/node_prefer_avoid_pods.go
similarity index 75%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/node_prefer_avoid_pods.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/node_prefer_avoid_pods.go
index c4311fb3ab5e..da27daae8e09 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/node_prefer_avoid_pods.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/node_prefer_avoid_pods.go
@@ -20,19 +20,28 @@ import (
 	"fmt"
 
 	"k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
-	priorityutil "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
+	priorityutil "k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 )
 
+// CalculateNodePreferAvoidPodsPriorityMap priorities nodes according to the node annotation
+// "scheduler.alpha.kubernetes.io/preferAvoidPods".
 func CalculateNodePreferAvoidPodsPriorityMap(pod *v1.Pod, meta interface{}, nodeInfo *schedulercache.NodeInfo) (schedulerapi.HostPriority, error) {
 	node := nodeInfo.Node()
 	if node == nil {
 		return schedulerapi.HostPriority{}, fmt.Errorf("node not found")
 	}
+	var controllerRef *metav1.OwnerReference
+	if priorityMeta, ok := meta.(*priorityMetadata); ok {
+		controllerRef = priorityMeta.controllerRef
+	} else {
+		// We couldn't parse metadata - fallback to the podspec.
+		controllerRef = priorityutil.GetControllerRef(pod)
+	}
 
-	controllerRef := priorityutil.GetControllerRef(pod)
 	if controllerRef != nil {
 		// Ignore pods that are owned by other controller than ReplicationController
 		// or ReplicaSet.
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/reduce.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/reduce.go
similarity index 89%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/reduce.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/reduce.go
index 9ce84fd9f6b3..608a83355e92 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/reduce.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/reduce.go
@@ -18,9 +18,9 @@ package priorities
 
 import (
 	"k8s.io/api/core/v1"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 )
 
 // NormalizeReduce generates a PriorityReduceFunction that can normalize the result
diff --git a/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/resource_allocation.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/resource_allocation.go
new file mode 100644
index 000000000000..2d569b1d3888
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/resource_allocation.go
@@ -0,0 +1,85 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package priorities
+
+import (
+	"fmt"
+
+	"github.com/golang/glog"
+	"k8s.io/api/core/v1"
+	priorityutil "k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
+)
+
+// ResourceAllocationPriority contains information to calculate resource allocation priority.
+type ResourceAllocationPriority struct {
+	Name   string
+	scorer func(requested, allocable *schedulercache.Resource) int64
+}
+
+// PriorityMap priorities nodes according to the resource allocations on the node.
+// It will use `scorer` function to calculate the score.
+func (r *ResourceAllocationPriority) PriorityMap(
+	pod *v1.Pod,
+	meta interface{},
+	nodeInfo *schedulercache.NodeInfo) (schedulerapi.HostPriority, error) {
+	node := nodeInfo.Node()
+	if node == nil {
+		return schedulerapi.HostPriority{}, fmt.Errorf("node not found")
+	}
+	allocatable := nodeInfo.AllocatableResource()
+
+	var requested schedulercache.Resource
+	if priorityMeta, ok := meta.(*priorityMetadata); ok {
+		requested = *priorityMeta.nonZeroRequest
+	} else {
+		// We couldn't parse metadata - fallback to computing it.
+		requested = *getNonZeroRequests(pod)
+	}
+
+	requested.MilliCPU += nodeInfo.NonZeroRequest().MilliCPU
+	requested.Memory += nodeInfo.NonZeroRequest().Memory
+
+	score := r.scorer(&requested, &allocatable)
+
+	if glog.V(10) {
+		glog.Infof(
+			"%v -> %v: %v, capacity %d millicores %d memory bytes, total request %d millicores %d memory bytes, score %d",
+			pod.Name, node.Name, r.Name,
+			allocatable.MilliCPU, allocatable.Memory,
+			requested.MilliCPU+allocatable.MilliCPU, requested.Memory+allocatable.Memory,
+			score,
+		)
+	}
+
+	return schedulerapi.HostPriority{
+		Host:  node.Name,
+		Score: int(score),
+	}, nil
+}
+
+func getNonZeroRequests(pod *v1.Pod) *schedulercache.Resource {
+	result := &schedulercache.Resource{}
+	for i := range pod.Spec.Containers {
+		container := &pod.Spec.Containers[i]
+		cpu, memory := priorityutil.GetNonzeroRequests(&container.Resources.Requests)
+		result.MilliCPU += cpu
+		result.Memory += memory
+	}
+	return result
+}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/resource_limits.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/resource_limits.go
similarity index 97%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/resource_limits.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/resource_limits.go
index 77ae0dca923c..3267368d2f9f 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/resource_limits.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/resource_limits.go
@@ -21,8 +21,8 @@ import (
 
 	"k8s.io/api/core/v1"
 	v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 
 	"github.com/golang/glog"
 )
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/selector_spreading.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/selector_spreading.go
similarity index 64%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/selector_spreading.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/selector_spreading.go
index aa195b0e4f86..7139728808ea 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/selector_spreading.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/selector_spreading.go
@@ -21,10 +21,10 @@ import (
 
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/labels"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 	utilnode "k8s.io/kubernetes/pkg/util/node"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
 
 	"github.com/golang/glog"
 )
@@ -33,6 +33,7 @@ import (
 // TODO: Any way to justify this weighting?
 const zoneWeighting float64 = 2.0 / 3.0
 
+// SelectorSpread contains information to calculate selector spread priority.
 type SelectorSpread struct {
 	serviceLister     algorithm.ServiceLister
 	controllerLister  algorithm.ControllerLister
@@ -40,6 +41,7 @@ type SelectorSpread struct {
 	statefulSetLister algorithm.StatefulSetLister
 }
 
+// NewSelectorSpreadPriority creates a SelectorSpread.
 func NewSelectorSpreadPriority(
 	serviceLister algorithm.ServiceLister,
 	controllerLister algorithm.ControllerLister,
@@ -125,16 +127,16 @@ func (s *SelectorSpread) CalculateSpreadPriorityReduce(pod *v1.Pod, meta interfa
 		if result[i].Score > maxCountByNodeName {
 			maxCountByNodeName = result[i].Score
 		}
-		zoneId := utilnode.GetZoneKey(nodeNameToInfo[result[i].Host].Node())
-		if zoneId == "" {
+		zoneID := utilnode.GetZoneKey(nodeNameToInfo[result[i].Host].Node())
+		if zoneID == "" {
 			continue
 		}
-		countsByZone[zoneId] += result[i].Score
+		countsByZone[zoneID] += result[i].Score
 	}
 
-	for zoneId := range countsByZone {
-		if countsByZone[zoneId] > maxCountByZone {
-			maxCountByZone = countsByZone[zoneId]
+	for zoneID := range countsByZone {
+		if countsByZone[zoneID] > maxCountByZone {
+			maxCountByZone = countsByZone[zoneID]
 		}
 	}
 
@@ -152,20 +154,18 @@ func (s *SelectorSpread) CalculateSpreadPriorityReduce(pod *v1.Pod, meta interfa
 		}
 		// If there is zone information present, incorporate it
 		if haveZones {
-			zoneId := utilnode.GetZoneKey(nodeNameToInfo[result[i].Host].Node())
-			if zoneId != "" {
+			zoneID := utilnode.GetZoneKey(nodeNameToInfo[result[i].Host].Node())
+			if zoneID != "" {
 				zoneScore := MaxPriorityFloat64
 				if maxCountByZone > 0 {
-					zoneScore = MaxPriorityFloat64 * (float64(maxCountByZone-countsByZone[zoneId]) / maxCountByZoneFloat64)
+					zoneScore = MaxPriorityFloat64 * (float64(maxCountByZone-countsByZone[zoneID]) / maxCountByZoneFloat64)
 				}
 				fScore = (fScore * (1.0 - zoneWeighting)) + (zoneWeighting * zoneScore)
 			}
 		}
 		result[i].Score = int(fScore)
 		if glog.V(10) {
-			// We explicitly don't do glog.V(10).Infof() to avoid computing all the parameters if this is
-			// not logged. There is visible performance gain from it.
-			glog.V(10).Infof(
+			glog.Infof(
 				"%v -> %v: SelectorSpreadPriority, Score: (%d)", pod.Name, result[i].Host, int(fScore),
 			)
 		}
@@ -173,19 +173,21 @@ func (s *SelectorSpread) CalculateSpreadPriorityReduce(pod *v1.Pod, meta interfa
 	return nil
 }
 
+// ServiceAntiAffinity contains information to calculate service anti-affinity priority.
 type ServiceAntiAffinity struct {
 	podLister     algorithm.PodLister
 	serviceLister algorithm.ServiceLister
 	label         string
 }
 
-func NewServiceAntiAffinityPriority(podLister algorithm.PodLister, serviceLister algorithm.ServiceLister, label string) algorithm.PriorityFunction {
+// NewServiceAntiAffinityPriority creates a ServiceAntiAffinity.
+func NewServiceAntiAffinityPriority(podLister algorithm.PodLister, serviceLister algorithm.ServiceLister, label string) (algorithm.PriorityMapFunction, algorithm.PriorityReduceFunction) {
 	antiAffinity := &ServiceAntiAffinity{
 		podLister:     podLister,
 		serviceLister: serviceLister,
 		label:         label,
 	}
-	return antiAffinity.CalculateAntiAffinityPriority
+	return antiAffinity.CalculateAntiAffinityPriorityMap, antiAffinity.CalculateAntiAffinityPriorityReduce
 }
 
 // Classifies nodes into ones with labels and without labels.
@@ -203,52 +205,79 @@ func (s *ServiceAntiAffinity) getNodeClassificationByLabels(nodes []*v1.Node) (m
 	return labeledNodes, nonLabeledNodes
 }
 
-// CalculateAntiAffinityPriority spreads pods by minimizing the number of pods belonging to the same service
-// on machines with the same value for a particular label.
-// The label to be considered is provided to the struct (ServiceAntiAffinity).
-func (s *ServiceAntiAffinity) CalculateAntiAffinityPriority(pod *v1.Pod, nodeNameToInfo map[string]*schedulercache.NodeInfo, nodes []*v1.Node) (schedulerapi.HostPriorityList, error) {
-	var nsServicePods []*v1.Pod
-	if services, err := s.serviceLister.GetPodServices(pod); err == nil && len(services) > 0 {
-		// just use the first service and get the other pods within the service
-		// TODO: a separate predicate can be created that tries to handle all services for the pod
-		selector := labels.SelectorFromSet(services[0].Spec.Selector)
-		pods, err := s.podLister.List(selector)
-		if err != nil {
-			return nil, err
-		}
-		// consider only the pods that belong to the same namespace
-		for _, nsPod := range pods {
-			if nsPod.Namespace == pod.Namespace {
-				nsServicePods = append(nsServicePods, nsPod)
-			}
+// filteredPod get pods based on namespace and selector
+func filteredPod(namespace string, selector labels.Selector, nodeInfo *schedulercache.NodeInfo) (pods []*v1.Pod) {
+	if nodeInfo.Pods() == nil || len(nodeInfo.Pods()) == 0 || selector == nil {
+		return []*v1.Pod{}
+	}
+	for _, pod := range nodeInfo.Pods() {
+		if namespace == pod.Namespace && selector.Matches(labels.Set(pod.Labels)) {
+			pods = append(pods, pod)
 		}
 	}
+	return
+}
+
+// CalculateAntiAffinityPriorityMap spreads pods by minimizing the number of pods belonging to the same service
+// on given machine
+func (s *ServiceAntiAffinity) CalculateAntiAffinityPriorityMap(pod *v1.Pod, meta interface{}, nodeInfo *schedulercache.NodeInfo) (schedulerapi.HostPriority, error) {
+	var firstServiceSelector labels.Selector
+
+	node := nodeInfo.Node()
+	if node == nil {
+		return schedulerapi.HostPriority{}, fmt.Errorf("node not found")
+	}
+	priorityMeta, ok := meta.(*priorityMetadata)
+	if ok {
+		firstServiceSelector = priorityMeta.podFirstServiceSelector
+	} else {
+		firstServiceSelector = getFirstServiceSelector(pod, s.serviceLister)
+	}
+	//pods matched namespace,selector on current node
+	matchedPodsOfNode := filteredPod(pod.Namespace, firstServiceSelector, nodeInfo)
 
-	// separate out the nodes that have the label from the ones that don't
-	labeledNodes, nonLabeledNodes := s.getNodeClassificationByLabels(nodes)
+	return schedulerapi.HostPriority{
+		Host:  node.Name,
+		Score: int(len(matchedPodsOfNode)),
+	}, nil
+}
+
+// CalculateAntiAffinityPriorityReduce computes each node score with the same value for a particular label.
+// The label to be considered is provided to the struct (ServiceAntiAffinity).
+func (s *ServiceAntiAffinity) CalculateAntiAffinityPriorityReduce(pod *v1.Pod, meta interface{}, nodeNameToInfo map[string]*schedulercache.NodeInfo, result schedulerapi.HostPriorityList) error {
+	var numServicePods int
+	var label string
 	podCounts := map[string]int{}
-	for _, pod := range nsServicePods {
-		label, exists := labeledNodes[pod.Spec.NodeName]
-		if !exists {
+	labelNodesStatus := map[string]string{}
+	maxPriorityFloat64 := float64(schedulerapi.MaxPriority)
+
+	for _, hostPriority := range result {
+		numServicePods += hostPriority.Score
+		if !labels.Set(nodeNameToInfo[hostPriority.Host].Node().Labels).Has(s.label) {
 			continue
 		}
-		podCounts[label]++
+		label = labels.Set(nodeNameToInfo[hostPriority.Host].Node().Labels).Get(s.label)
+		labelNodesStatus[hostPriority.Host] = label
+		podCounts[label] += hostPriority.Score
 	}
-	numServicePods := len(nsServicePods)
-	result := []schedulerapi.HostPriority{}
+
 	//score int - scale of 0-maxPriority
 	// 0 being the lowest priority and maxPriority being the highest
-	for node := range labeledNodes {
+	for i, hostPriority := range result {
+		label, ok := labelNodesStatus[hostPriority.Host]
+		if !ok {
+			result[i].Host = hostPriority.Host
+			result[i].Score = int(0)
+			continue
+		}
 		// initializing to the default/max node score of maxPriority
-		fScore := float64(schedulerapi.MaxPriority)
+		fScore := maxPriorityFloat64
 		if numServicePods > 0 {
-			fScore = float64(schedulerapi.MaxPriority) * (float64(numServicePods-podCounts[labeledNodes[node]]) / float64(numServicePods))
+			fScore = maxPriorityFloat64 * (float64(numServicePods-podCounts[label]) / float64(numServicePods))
 		}
-		result = append(result, schedulerapi.HostPriority{Host: node, Score: int(fScore)})
-	}
-	// add the open nodes with a score of 0
-	for _, node := range nonLabeledNodes {
-		result = append(result, schedulerapi.HostPriority{Host: node, Score: 0})
+		result[i].Host = hostPriority.Host
+		result[i].Score = int(fScore)
 	}
-	return result, nil
+
+	return nil
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/taint_toleration.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/taint_toleration.go
similarity index 96%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/taint_toleration.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/taint_toleration.go
index 9e2905e8edb2..c6847c0ea1f8 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/taint_toleration.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/taint_toleration.go
@@ -21,8 +21,8 @@ import (
 
 	"k8s.io/api/core/v1"
 	v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 )
 
 // CountIntolerableTaintsPreferNoSchedule gives the count of intolerable taints of a pod with effect PreferNoSchedule
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/test_util.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/test_util.go
similarity index 92%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/test_util.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/test_util.go
index 312c7619410c..d1756c0383c3 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/test_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/test_util.go
@@ -20,9 +20,9 @@ import (
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 )
 
 func makeNode(node string, milliCPU, memory int64) *v1.Node {
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util/BUILD b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util/BUILD
similarity index 87%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util/BUILD
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util/BUILD
index 9638eeab5115..eab1c8344379 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util/BUILD
@@ -13,8 +13,7 @@ go_test(
         "topologies_test.go",
         "util_test.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
@@ -33,7 +32,7 @@ go_library(
         "topologies.go",
         "util.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util",
+    importpath = "k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util",
     deps = [
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util/non_zero.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util/non_zero.go
similarity index 90%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util/non_zero.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util/non_zero.go
index cfa092051264..bfbe86d66397 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util/non_zero.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util/non_zero.go
@@ -26,7 +26,10 @@ import "k8s.io/api/core/v1"
 // consuming no resources whatsoever. We chose these values to be similar to the
 // resources that we give to cluster addon pods (#10653). But they are pretty arbitrary.
 // As described in #11713, we use request instead of limit to deal with resource requirements.
-const DefaultMilliCpuRequest int64 = 100             // 0.1 core
+
+// DefaultMilliCPURequest defines default milli cpu request number.
+const DefaultMilliCPURequest int64 = 100 // 0.1 core
+// DefaultMemoryRequest defines default memory request size.
 const DefaultMemoryRequest int64 = 200 * 1024 * 1024 // 200 MB
 
 // GetNonzeroRequests returns the default resource request if none is found or what is provided on the request
@@ -36,7 +39,7 @@ func GetNonzeroRequests(requests *v1.ResourceList) (int64, int64) {
 	var outMilliCPU, outMemory int64
 	// Override if un-set, but not if explicitly set to zero
 	if _, found := (*requests)[v1.ResourceCPU]; !found {
-		outMilliCPU = DefaultMilliCpuRequest
+		outMilliCPU = DefaultMilliCPURequest
 	} else {
 		outMilliCPU = requests.Cpu().MilliValue()
 	}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util/topologies.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util/topologies.go
similarity index 97%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util/topologies.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util/topologies.go
index 511ffc137061..bf5ee53ac01d 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util/topologies.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util/topologies.go
@@ -70,6 +70,7 @@ func NodesHaveSameTopologyKey(nodeA, nodeB *v1.Node, topologyKey string) bool {
 	return false
 }
 
+// Topologies contains topologies information of nodes.
 type Topologies struct {
 	DefaultKeys []string
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util/util.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util/util.go
similarity index 92%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util/util.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util/util.go
index 703949e318ef..a3150c34a1f6 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util/util.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util/util.go
@@ -21,6 +21,7 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
+// GetControllerRef gets pod's owner controller reference from a pod object.
 func GetControllerRef(pod *v1.Pod) *metav1.OwnerReference {
 	if len(pod.OwnerReferences) == 0 {
 		return nil
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/scheduler_interface.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/scheduler_interface.go
similarity index 91%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/scheduler_interface.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/scheduler_interface.go
index 5ef4fd6f407c..f86015b491c5 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/scheduler_interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/scheduler_interface.go
@@ -18,8 +18,8 @@ package algorithm
 
 import (
 	"k8s.io/api/core/v1"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 )
 
 // SchedulerExtender is an interface for external processes to influence scheduling
@@ -41,6 +41,10 @@ type SchedulerExtender interface {
 
 	// IsBinder returns whether this extender is configured for the Bind method.
 	IsBinder() bool
+
+	// IsInterested returns true if at least one extended resource requested by
+	// this pod is managed by this extender.
+	IsInterested(pod *v1.Pod) bool
 }
 
 // ScheduleAlgorithm is an interface implemented by things that know how to schedule pods
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/types.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/types.go
similarity index 87%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/types.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/types.go
index b3e34e02401f..60ad348c9ab9 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/types.go
@@ -21,8 +21,8 @@ import (
 	"k8s.io/api/core/v1"
 	extensions "k8s.io/api/extensions/v1beta1"
 	"k8s.io/apimachinery/pkg/labels"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 )
 
 // FitPredicate is a function that indicates if a pod fits into an existing node.
@@ -43,15 +43,16 @@ type PriorityReduceFunction func(pod *v1.Pod, meta interface{}, nodeNameToInfo m
 // PredicateMetadataProducer is a function that computes predicate metadata for a given pod.
 type PredicateMetadataProducer func(pod *v1.Pod, nodeNameToInfo map[string]*schedulercache.NodeInfo) PredicateMetadata
 
-// MetadataProducer is a function that computes metadata for a given pod. This
+// PriorityMetadataProducer is a function that computes metadata for a given pod. This
 // is now used for only for priority functions. For predicates please use PredicateMetadataProducer.
-// TODO: Rename this once we have a specific type for priority metadata producer.
-type MetadataProducer func(pod *v1.Pod, nodeNameToInfo map[string]*schedulercache.NodeInfo) interface{}
+type PriorityMetadataProducer func(pod *v1.Pod, nodeNameToInfo map[string]*schedulercache.NodeInfo) interface{}
 
+// PriorityFunction is a function that computes scores for all nodes.
 // DEPRECATED
 // Use Map-Reduce pattern for priority functions.
 type PriorityFunction func(pod *v1.Pod, nodeNameToInfo map[string]*schedulercache.NodeInfo, nodes []*v1.Node) (schedulerapi.HostPriorityList, error)
 
+// PriorityConfig is a config used for a priority function.
 type PriorityConfig struct {
 	Name   string
 	Map    PriorityMapFunction
@@ -67,15 +68,17 @@ func EmptyPredicateMetadataProducer(pod *v1.Pod, nodeNameToInfo map[string]*sche
 	return nil
 }
 
-// EmptyMetadataProducer returns a no-op MetadataProducer type.
-func EmptyMetadataProducer(pod *v1.Pod, nodeNameToInfo map[string]*schedulercache.NodeInfo) interface{} {
+// EmptyPriorityMetadataProducer returns a no-op PriorityMetadataProducer type.
+func EmptyPriorityMetadataProducer(pod *v1.Pod, nodeNameToInfo map[string]*schedulercache.NodeInfo) interface{} {
 	return nil
 }
 
+// PredicateFailureReason interface represents the failure reason of a predicate.
 type PredicateFailureReason interface {
 	GetReason() string
 }
 
+// GetEquivalencePodFunc is a function that gets a EquivalencePod from a pod.
 type GetEquivalencePodFunc func(pod *v1.Pod) interface{}
 
 // NodeLister interface represents anything that can list nodes for a scheduler.
@@ -158,6 +161,7 @@ func (f EmptyStatefulSetLister) GetPodStatefulSets(pod *v1.Pod) (sss []*apps.Sta
 	return nil, nil
 }
 
+// PredicateMetadata interface represents anything that can access a predicate metadata.
 type PredicateMetadata interface {
 	ShallowCopy() PredicateMetadata
 	AddPod(addedPod *v1.Pod, nodeInfo *schedulercache.NodeInfo) error
diff --git a/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/well_known_labels.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/well_known_labels.go
new file mode 100644
index 000000000000..4b3ba39d1af7
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithm/well_known_labels.go
@@ -0,0 +1,74 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package algorithm
+
+const (
+	// TaintNodeNotReady will be added when node is not ready
+	// and feature-gate for TaintBasedEvictions flag is enabled,
+	// and removed when node becomes ready.
+	TaintNodeNotReady = "node.kubernetes.io/not-ready"
+
+	// DeprecatedTaintNodeNotReady is the deprecated version of TaintNodeNotReady.
+	// It is deprecated since 1.9
+	DeprecatedTaintNodeNotReady = "node.alpha.kubernetes.io/notReady"
+
+	// TaintNodeUnreachable will be added when node becomes unreachable
+	// (corresponding to NodeReady status ConditionUnknown)
+	// and feature-gate for TaintBasedEvictions flag is enabled,
+	// and removed when node becomes reachable (NodeReady status ConditionTrue).
+	TaintNodeUnreachable = "node.kubernetes.io/unreachable"
+
+	// DeprecatedTaintNodeUnreachable is the deprecated version of TaintNodeUnreachable.
+	// It is deprecated since 1.9
+	DeprecatedTaintNodeUnreachable = "node.alpha.kubernetes.io/unreachable"
+
+	// TaintNodeUnschedulable will be added when node becomes unschedulable
+	// and feature-gate for TaintNodesByCondition flag is enabled,
+	// and removed when node becomes scheduable.
+	TaintNodeUnschedulable = "node.kubernetes.io/unschedulable"
+
+	// TaintNodeOutOfDisk will be added when node becomes out of disk
+	// and feature-gate for TaintNodesByCondition flag is enabled,
+	// and removed when node has enough disk.
+	TaintNodeOutOfDisk = "node.kubernetes.io/out-of-disk"
+
+	// TaintNodeMemoryPressure will be added when node has memory pressure
+	// and feature-gate for TaintNodesByCondition flag is enabled,
+	// and removed when node has enough memory.
+	TaintNodeMemoryPressure = "node.kubernetes.io/memory-pressure"
+
+	// TaintNodeDiskPressure will be added when node has disk pressure
+	// and feature-gate for TaintNodesByCondition flag is enabled,
+	// and removed when node has enough disk.
+	TaintNodeDiskPressure = "node.kubernetes.io/disk-pressure"
+
+	// TaintNodeNetworkUnavailable will be added when node's network is unavailable
+	// and feature-gate for TaintNodesByCondition flag is enabled,
+	// and removed when network becomes ready.
+	TaintNodeNetworkUnavailable = "node.kubernetes.io/network-unavailable"
+
+	// TaintNodePIDPressure will be added when node has pid pressure
+	// and feature-gate for TaintNodesByCondition flag is enabled,
+	// and removed when node has enough disk.
+	TaintNodePIDPressure = "node.kubernetes.io/pid-pressure"
+
+	// TaintExternalCloudProvider sets this taint on a node to mark it as unusable,
+	// when kubelet is started with the "external" cloud provider, until a controller
+	// from the cloud-controller-manager intitializes this node, and then removes
+	// the taint
+	TaintExternalCloudProvider = "node.cloudprovider.kubernetes.io/uninitialized"
+)
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider/BUILD b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithmprovider/BUILD
similarity index 60%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider/BUILD
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithmprovider/BUILD
index 904796b74aa9..9f4c969ae01e 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithmprovider/BUILD
@@ -9,17 +9,16 @@ load(
 go_library(
     name = "go_default_library",
     srcs = ["plugins.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider",
-    deps = ["//plugin/pkg/scheduler/algorithmprovider/defaults:go_default_library"],
+    importpath = "k8s.io/kubernetes/pkg/scheduler/algorithmprovider",
+    deps = ["//pkg/scheduler/algorithmprovider/defaults:go_default_library"],
 )
 
 go_test(
     name = "go_default_test",
     srcs = ["plugins_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
-        "//plugin/pkg/scheduler/factory:go_default_library",
+        "//pkg/scheduler/factory:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
     ],
 )
@@ -35,7 +34,7 @@ filegroup(
     name = "all-srcs",
     srcs = [
         ":package-srcs",
-        "//plugin/pkg/scheduler/algorithmprovider/defaults:all-srcs",
+        "//pkg/scheduler/algorithmprovider/defaults:all-srcs",
     ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider/defaults/BUILD b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithmprovider/defaults/BUILD
similarity index 64%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider/defaults/BUILD
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithmprovider/defaults/BUILD
index e72930b90f99..b260bee377be 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider/defaults/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithmprovider/defaults/BUILD
@@ -9,14 +9,14 @@ load(
 go_library(
     name = "go_default_library",
     srcs = ["defaults.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider/defaults",
+    importpath = "k8s.io/kubernetes/pkg/scheduler/algorithmprovider/defaults",
     deps = [
         "//pkg/features:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/predicates:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/priorities:go_default_library",
-        "//plugin/pkg/scheduler/core:go_default_library",
-        "//plugin/pkg/scheduler/factory:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
+        "//pkg/scheduler/algorithm/predicates:go_default_library",
+        "//pkg/scheduler/algorithm/priorities:go_default_library",
+        "//pkg/scheduler/core:go_default_library",
+        "//pkg/scheduler/factory:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
@@ -29,15 +29,14 @@ go_test(
         "compatibility_test.go",
         "defaults_test.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider/defaults",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core/install:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/predicates:go_default_library",
-        "//plugin/pkg/scheduler/api:go_default_library",
-        "//plugin/pkg/scheduler/api/latest:go_default_library",
-        "//plugin/pkg/scheduler/factory:go_default_library",
+        "//pkg/scheduler/algorithm/predicates:go_default_library",
+        "//pkg/scheduler/api:go_default_library",
+        "//pkg/scheduler/api/latest:go_default_library",
+        "//pkg/scheduler/factory:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider/defaults/defaults.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithmprovider/defaults/defaults.go
similarity index 84%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider/defaults/defaults.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithmprovider/defaults/defaults.go
index 9860efdd710b..3267d457baf7 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider/defaults/defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithmprovider/defaults/defaults.go
@@ -21,21 +21,18 @@ import (
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
 
 	"k8s.io/kubernetes/pkg/features"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/core"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/factory"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm/predicates"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm/priorities"
+	"k8s.io/kubernetes/pkg/scheduler/core"
+	"k8s.io/kubernetes/pkg/scheduler/factory"
 
 	"github.com/golang/glog"
 )
 
 const (
-
 	// ClusterAutoscalerProvider defines the default autoscaler provider
 	ClusterAutoscalerProvider = "ClusterAutoscalerProvider"
-	// StatefulSetKind defines the name of 'StatefulSet' kind
-	StatefulSetKind = "StatefulSet"
 )
 
 func init() {
@@ -45,7 +42,7 @@ func init() {
 			return predicates.NewPredicateMetadataFactory(args.PodLister)
 		})
 	factory.RegisterPriorityMetadataProducerFactory(
-		func(args factory.PluginFactoryArgs) algorithm.MetadataProducer {
+		func(args factory.PluginFactoryArgs) algorithm.PriorityMetadataProducer {
 			return priorities.NewPriorityMetadataFactory(args.ServiceLister, args.ControllerLister, args.ReplicaSetLister, args.StatefulSetLister)
 		})
 
@@ -68,17 +65,17 @@ func init() {
 	// Fit is defined based on the absence of port conflicts.
 	// This predicate is actually a default predicate, because it is invoked from
 	// predicates.GeneralPredicates()
-	factory.RegisterFitPredicate("PodFitsHostPorts", predicates.PodFitsHostPorts)
+	factory.RegisterFitPredicate(predicates.PodFitsHostPortsPred, predicates.PodFitsHostPorts)
 	// Fit is determined by resource availability.
 	// This predicate is actually a default predicate, because it is invoked from
 	// predicates.GeneralPredicates()
-	factory.RegisterFitPredicate("PodFitsResources", predicates.PodFitsResources)
+	factory.RegisterFitPredicate(predicates.PodFitsResourcesPred, predicates.PodFitsResources)
 	// Fit is determined by the presence of the Host parameter and a string match
 	// This predicate is actually a default predicate, because it is invoked from
 	// predicates.GeneralPredicates()
-	factory.RegisterFitPredicate("HostName", predicates.PodFitsHost)
+	factory.RegisterFitPredicate(predicates.HostNamePred, predicates.PodFitsHost)
 	// Fit is determined by node selector query.
-	factory.RegisterFitPredicate("MatchNodeSelector", predicates.PodMatchNodeSelector)
+	factory.RegisterFitPredicate(predicates.MatchNodeSelectorPred, predicates.PodMatchNodeSelector)
 
 	// Use equivalence class to speed up heavy predicates phase.
 	factory.RegisterGetEquivalencePodFunction(
@@ -110,72 +107,68 @@ func init() {
 	factory.RegisterPriorityFunction2("ImageLocalityPriority", priorities.ImageLocalityPriorityMap, nil, 1)
 	// Optional, cluster-autoscaler friendly priority function - give used nodes higher priority.
 	factory.RegisterPriorityFunction2("MostRequestedPriority", priorities.MostRequestedPriorityMap, nil, 1)
-	// Prioritizes nodes that satisfy pod's resource limits
-	if utilfeature.DefaultFeatureGate.Enabled(features.ResourceLimitsPriorityFunction) {
-		factory.RegisterPriorityFunction2("ResourceLimitsPriority", priorities.ResourceLimitsPriorityMap, nil, 1)
-	}
 }
 
 func defaultPredicates() sets.String {
 	return sets.NewString(
 		// Fit is determined by volume zone requirements.
 		factory.RegisterFitPredicateFactory(
-			"NoVolumeZoneConflict",
+			predicates.NoVolumeZoneConflictPred,
 			func(args factory.PluginFactoryArgs) algorithm.FitPredicate {
 				return predicates.NewVolumeZonePredicate(args.PVInfo, args.PVCInfo, args.StorageClassInfo)
 			},
 		),
 		// Fit is determined by whether or not there would be too many AWS EBS volumes attached to the node
 		factory.RegisterFitPredicateFactory(
-			"MaxEBSVolumeCount",
+			predicates.MaxEBSVolumeCountPred,
 			func(args factory.PluginFactoryArgs) algorithm.FitPredicate {
 				return predicates.NewMaxPDVolumeCountPredicate(predicates.EBSVolumeFilterType, args.PVInfo, args.PVCInfo)
 			},
 		),
 		// Fit is determined by whether or not there would be too many GCE PD volumes attached to the node
 		factory.RegisterFitPredicateFactory(
-			"MaxGCEPDVolumeCount",
+			predicates.MaxGCEPDVolumeCountPred,
 			func(args factory.PluginFactoryArgs) algorithm.FitPredicate {
 				return predicates.NewMaxPDVolumeCountPredicate(predicates.GCEPDVolumeFilterType, args.PVInfo, args.PVCInfo)
 			},
 		),
 		// Fit is determined by whether or not there would be too many Azure Disk volumes attached to the node
 		factory.RegisterFitPredicateFactory(
-			"MaxAzureDiskVolumeCount",
+			predicates.MaxAzureDiskVolumeCountPred,
 			func(args factory.PluginFactoryArgs) algorithm.FitPredicate {
 				return predicates.NewMaxPDVolumeCountPredicate(predicates.AzureDiskVolumeFilterType, args.PVInfo, args.PVCInfo)
 			},
 		),
 		// Fit is determined by inter-pod affinity.
 		factory.RegisterFitPredicateFactory(
-			predicates.MatchInterPodAffinity,
+			predicates.MatchInterPodAffinityPred,
 			func(args factory.PluginFactoryArgs) algorithm.FitPredicate {
 				return predicates.NewPodAffinityPredicate(args.NodeInfo, args.PodLister)
 			},
 		),
 
 		// Fit is determined by non-conflicting disk volumes.
-		factory.RegisterFitPredicate("NoDiskConflict", predicates.NoDiskConflict),
+		factory.RegisterFitPredicate(predicates.NoDiskConflictPred, predicates.NoDiskConflict),
 
 		// GeneralPredicates are the predicates that are enforced by all Kubernetes components
 		// (e.g. kubelet and all schedulers)
-		factory.RegisterFitPredicate("GeneralPredicates", predicates.GeneralPredicates),
+		factory.RegisterFitPredicate(predicates.GeneralPred, predicates.GeneralPredicates),
 
 		// Fit is determined by node memory pressure condition.
-		factory.RegisterFitPredicate("CheckNodeMemoryPressure", predicates.CheckNodeMemoryPressurePredicate),
+		factory.RegisterFitPredicate(predicates.CheckNodeMemoryPressurePred, predicates.CheckNodeMemoryPressurePredicate),
 
 		// Fit is determined by node disk pressure condition.
-		factory.RegisterFitPredicate("CheckNodeDiskPressure", predicates.CheckNodeDiskPressurePredicate),
+		factory.RegisterFitPredicate(predicates.CheckNodeDiskPressurePred, predicates.CheckNodeDiskPressurePredicate),
 
-		// Fit is determied by node condtions: not ready, network unavailable and out of disk.
-		factory.RegisterMandatoryFitPredicate("CheckNodeCondition", predicates.CheckNodeConditionPredicate),
+		// Fit is determined by node conditions: not ready, network unavailable or out of disk.
+		factory.RegisterMandatoryFitPredicate(predicates.CheckNodeConditionPred, predicates.CheckNodeConditionPredicate),
 
 		// Fit is determined based on whether a pod can tolerate all of the node's taints
-		factory.RegisterFitPredicate("PodToleratesNodeTaints", predicates.PodToleratesNodeTaints),
+		factory.RegisterFitPredicate(predicates.PodToleratesNodeTaintsPred, predicates.PodToleratesNodeTaints),
 
 		// Fit is determined by volume topology requirements.
 		factory.RegisterFitPredicateFactory(
-			predicates.CheckVolumeBinding,
+			predicates.CheckVolumeBindingPred,
 			func(args factory.PluginFactoryArgs) algorithm.FitPredicate {
 				return predicates.NewVolumeBindingPredicate(args.VolumeBinder)
 			},
@@ -185,24 +178,29 @@ func defaultPredicates() sets.String {
 
 // ApplyFeatureGates applies algorithm by feature gates.
 func ApplyFeatureGates() {
-
 	if utilfeature.DefaultFeatureGate.Enabled(features.TaintNodesByCondition) {
 		// Remove "CheckNodeCondition" predicate
-		factory.RemoveFitPredicate("CheckNodeCondition")
+		factory.RemoveFitPredicate(predicates.CheckNodeConditionPred)
 		// Remove Key "CheckNodeCondition" From All Algorithm Provider
 		// The key will be removed from all providers which in algorithmProviderMap[]
 		// if you just want remove specific provider, call func RemovePredicateKeyFromAlgoProvider()
-		factory.RemovePredicateKeyFromAlgorithmProviderMap("CheckNodeCondition")
+		factory.RemovePredicateKeyFromAlgorithmProviderMap(predicates.CheckNodeConditionPred)
 
 		// Fit is determined based on whether a pod can tolerate all of the node's taints
-		factory.RegisterMandatoryFitPredicate("PodToleratesNodeTaints", predicates.PodToleratesNodeTaints)
-		// Insert Key "PodToleratesNodeTaints" To All Algorithm Provider
+		factory.RegisterMandatoryFitPredicate(predicates.PodToleratesNodeTaintsPred, predicates.PodToleratesNodeTaints)
+		// Insert Key "PodToleratesNodeTaints" and "CheckNodeUnschedulable" To All Algorithm Provider
 		// The key will insert to all providers which in algorithmProviderMap[]
 		// if you just want insert to specific provider, call func InsertPredicateKeyToAlgoProvider()
-		factory.InsertPredicateKeyToAlgorithmProviderMap("PodToleratesNodeTaints")
+		factory.InsertPredicateKeyToAlgorithmProviderMap(predicates.PodToleratesNodeTaintsPred)
 
 		glog.Warningf("TaintNodesByCondition is enabled, PodToleratesNodeTaints predicate is mandatory")
 	}
+
+	// Prioritizes nodes that satisfy pod's resource limits
+	if utilfeature.DefaultFeatureGate.Enabled(features.ResourceLimitsPriorityFunction) {
+		factory.RegisterPriorityFunction2("ResourceLimitsPriority", priorities.ResourceLimitsPriorityMap, nil, 1)
+	}
+
 }
 
 func registerAlgorithmProvider(predSet, priSet sets.String) {
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider/plugins.go b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithmprovider/plugins.go
similarity index 91%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider/plugins.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/algorithmprovider/plugins.go
index f357a12d5a9b..e2784f626092 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider/plugins.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/algorithmprovider/plugins.go
@@ -17,7 +17,7 @@ limitations under the License.
 package algorithmprovider
 
 import (
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider/defaults"
+	"k8s.io/kubernetes/pkg/scheduler/algorithmprovider/defaults"
 )
 
 // ApplyFeatureGates applies algorithm by feature gates.
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/BUILD b/vendor/k8s.io/kubernetes/pkg/scheduler/api/BUILD
similarity index 81%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/BUILD
rename to vendor/k8s.io/kubernetes/pkg/scheduler/api/BUILD
index 593cff9295a5..eeaef16a4220 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/api/BUILD
@@ -13,7 +13,7 @@ go_library(
         "types.go",
         "zz_generated.deepcopy.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/api",
+    importpath = "k8s.io/kubernetes/pkg/scheduler/api",
     deps = [
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
@@ -35,9 +35,9 @@ filegroup(
     name = "all-srcs",
     srcs = [
         ":package-srcs",
-        "//plugin/pkg/scheduler/api/latest:all-srcs",
-        "//plugin/pkg/scheduler/api/v1:all-srcs",
-        "//plugin/pkg/scheduler/api/validation:all-srcs",
+        "//pkg/scheduler/api/latest:all-srcs",
+        "//pkg/scheduler/api/v1:all-srcs",
+        "//pkg/scheduler/api/validation:all-srcs",
     ],
     tags = ["automanaged"],
 )
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/doc.go b/vendor/k8s.io/kubernetes/pkg/scheduler/api/doc.go
similarity index 91%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/doc.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/api/doc.go
index a326c9973378..4f87f6c8833b 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/api/doc.go
@@ -16,5 +16,5 @@ limitations under the License.
 
 // +k8s:deepcopy-gen=package
 
-// Package api contains scheduler plugin API objects.
+// Package api contains scheduler API objects.
 package api
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/latest/BUILD b/vendor/k8s.io/kubernetes/pkg/scheduler/api/latest/BUILD
similarity index 80%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/latest/BUILD
rename to vendor/k8s.io/kubernetes/pkg/scheduler/api/latest/BUILD
index ee0f0ffa1c3f..439f952b52a1 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/latest/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/api/latest/BUILD
@@ -8,10 +8,10 @@ load(
 go_library(
     name = "go_default_library",
     srcs = ["latest.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/api/latest",
+    importpath = "k8s.io/kubernetes/pkg/scheduler/api/latest",
     deps = [
-        "//plugin/pkg/scheduler/api:go_default_library",
-        "//plugin/pkg/scheduler/api/v1:go_default_library",
+        "//pkg/scheduler/api:go_default_library",
+        "//pkg/scheduler/api/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/serializer/json:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/latest/latest.go b/vendor/k8s.io/kubernetes/pkg/scheduler/api/latest/latest.go
similarity index 93%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/latest/latest.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/api/latest/latest.go
index f225847737a5..97696d57be17 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/latest/latest.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/api/latest/latest.go
@@ -21,8 +21,9 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/runtime/serializer/json"
 	"k8s.io/apimachinery/pkg/runtime/serializer/versioning"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	_ "k8s.io/kubernetes/plugin/pkg/scheduler/api/v1"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	// Init the api v1 package
+	_ "k8s.io/kubernetes/pkg/scheduler/api/v1"
 )
 
 // Version is the string that represents the current external default version.
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/register.go b/vendor/k8s.io/kubernetes/pkg/scheduler/api/register.go
similarity index 91%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/register.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/api/register.go
index a627997540d4..4852cd559e5a 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/register.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/api/register.go
@@ -31,8 +31,10 @@ var Scheme = runtime.NewScheme()
 var SchemeGroupVersion = schema.GroupVersion{Group: "", Version: runtime.APIVersionInternal}
 
 var (
+	// SchemeBuilder defines a SchemeBuilder object.
 	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
-	AddToScheme   = SchemeBuilder.AddToScheme
+	// AddToScheme is used to add stored functions to scheme.
+	AddToScheme = SchemeBuilder.AddToScheme
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/types.go b/vendor/k8s.io/kubernetes/pkg/scheduler/api/types.go
similarity index 73%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/types.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/api/types.go
index 080fc386db5e..cfc8d219ec11 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/api/types.go
@@ -26,20 +26,39 @@ import (
 )
 
 const (
-	MaxUint          = ^uint(0)
-	MaxInt           = int(MaxUint >> 1)
+	// MaxUint defines the max unsigned int value.
+	MaxUint = ^uint(0)
+	// MaxInt defines the max signed int value.
+	MaxInt = int(MaxUint >> 1)
+	// MaxTotalPriority defines the max total priority value.
 	MaxTotalPriority = MaxInt
-	MaxPriority      = 10
-	MaxWeight        = MaxInt / MaxPriority
+	// MaxPriority defines the max priority value.
+	MaxPriority = 10
+	// MaxWeight defines the max weight value.
+	MaxWeight = MaxInt / MaxPriority
+	// HighestUserDefinablePriority is the highest priority for user defined priority classes. Priority values larger than 1 billion are reserved for Kubernetes system use.
+	HighestUserDefinablePriority = int32(1000000000)
+	// SystemCriticalPriority is the beginning of the range of priority values for critical system components.
+	SystemCriticalPriority = 2 * HighestUserDefinablePriority
+	// NOTE: In order to avoid conflict of names with user-defined priority classes, all the names must
+	// start with scheduling.SystemPriorityClassPrefix which is by default "system-".
+	SystemClusterCritical = "system-cluster-critical"
+	SystemNodeCritical    = "system-node-critical"
 )
 
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 
+// Policy describes a struct of a policy resource in api.
 type Policy struct {
 	metav1.TypeMeta
-	// Holds the information to configure the fit predicate functions
+	// Holds the information to configure the fit predicate functions.
+	// If unspecified, the default predicate functions will be applied.
+	// If empty list, all predicates (except the mandatory ones) will be
+	// bypassed.
 	Predicates []PredicatePolicy
-	// Holds the information to configure the priority functions
+	// Holds the information to configure the priority functions.
+	// If unspecified, the default priority functions will be applied.
+	// If empty list, all priority functions will be bypassed.
 	Priorities []PriorityPolicy
 	// Holds the information to communicate with the extender(s)
 	ExtenderConfigs []ExtenderConfig
@@ -47,8 +66,15 @@ type Policy struct {
 	// corresponding to every RequiredDuringScheduling affinity rule.
 	// HardPodAffinitySymmetricWeight represents the weight of implicit PreferredDuringScheduling affinity rule, in the range 1-100.
 	HardPodAffinitySymmetricWeight int32
+
+	// When AlwaysCheckAllPredicates is set to true, scheduler checks all
+	// the configured predicates even after one or more of them fails.
+	// When the flag is set to false, scheduler skips checking the rest
+	// of the predicates after it finds one predicate that failed.
+	AlwaysCheckAllPredicates bool
 }
 
+// PredicatePolicy describes a struct of a predicate policy.
 type PredicatePolicy struct {
 	// Identifier of the predicate policy
 	// For a custom predicate, the name can be user-defined
@@ -58,6 +84,7 @@ type PredicatePolicy struct {
 	Argument *PredicateArgument
 }
 
+// PriorityPolicy describes a struct of a priority policy.
 type PriorityPolicy struct {
 	// Identifier of the priority policy
 	// For a custom priority, the name can be user-defined
@@ -124,6 +151,16 @@ type LabelPreference struct {
 	Presence bool
 }
 
+// ExtenderManagedResource describes the arguments of extended resources
+// managed by an extender.
+type ExtenderManagedResource struct {
+	// Name is the extended resource name.
+	Name v1.ResourceName
+	// IgnoredByScheduler indicates whether kube-scheduler should ignore this
+	// resource when applying predicates.
+	IgnoredByScheduler bool
+}
+
 // ExtenderConfig holds the parameters used to communicate with the extender. If a verb is unspecified/empty,
 // it is assumed that the extender chose not to provide that extension.
 type ExtenderConfig struct {
@@ -140,8 +177,8 @@ type ExtenderConfig struct {
 	// If this method is implemented by the extender, it is the extender's responsibility to bind the pod to apiserver. Only one extender
 	// can implement this function.
 	BindVerb string
-	// EnableHttps specifies whether https should be used to communicate with the extender
-	EnableHttps bool
+	// EnableHTTPS specifies whether https should be used to communicate with the extender
+	EnableHTTPS bool
 	// TLSConfig specifies the transport layer security config
 	TLSConfig *restclient.TLSClientConfig
 	// HTTPTimeout specifies the timeout duration for a call to the extender. Filter timeout fails the scheduling of the pod. Prioritize
@@ -151,6 +188,16 @@ type ExtenderConfig struct {
 	// so the scheduler should only send minimal information about the eligible nodes
 	// assuming that the extender already cached full details of all nodes in the cluster
 	NodeCacheCapable bool
+	// ManagedResources is a list of extended resources that are managed by
+	// this extender.
+	// - A pod will be sent to the extender on the Filter, Prioritize and Bind
+	//   (if the extender is the binder) phases iff the pod requests at least
+	//   one of the extended resources in this list. If empty or unspecified,
+	//   all pods will be sent to this extender.
+	// - If IgnoredByScheduler is set to true for a resource, kube-scheduler
+	//   will skip checking the resource in predicates.
+	// +optional
+	ManagedResources []ExtenderManagedResource
 }
 
 // ExtenderArgs represents the arguments needed by the extender to filter/prioritize
@@ -209,8 +256,15 @@ type HostPriority struct {
 	Score int
 }
 
+// HostPriorityList declares a []HostPriority type.
 type HostPriorityList []HostPriority
 
+// SystemPriorityClasses defines special priority classes which are used by system critical pods that should not be preempted by workload pods.
+var SystemPriorityClasses = map[string]int32{
+	SystemClusterCritical: SystemCriticalPriority,
+	SystemNodeCritical:    SystemCriticalPriority + 1000,
+}
+
 func (h HostPriorityList) Len() int {
 	return len(h)
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/v1/BUILD b/vendor/k8s.io/kubernetes/pkg/scheduler/api/v1/BUILD
similarity index 88%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/v1/BUILD
rename to vendor/k8s.io/kubernetes/pkg/scheduler/api/v1/BUILD
index 2516dc06b128..35e291a27d5a 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/v1/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/api/v1/BUILD
@@ -13,9 +13,9 @@ go_library(
         "types.go",
         "zz_generated.deepcopy.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/api/v1",
+    importpath = "k8s.io/kubernetes/pkg/scheduler/api/v1",
     deps = [
-        "//plugin/pkg/scheduler/api:go_default_library",
+        "//pkg/scheduler/api:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/v1/doc.go b/vendor/k8s.io/kubernetes/pkg/scheduler/api/v1/doc.go
similarity index 92%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/v1/doc.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/api/v1/doc.go
index 2a53ab7c17b8..35d302e1f25b 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/v1/doc.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/api/v1/doc.go
@@ -16,5 +16,5 @@ limitations under the License.
 
 // +k8s:deepcopy-gen=package
 
-// Package v1 contains scheduler plugin API objects.
+// Package v1 contains scheduler API objects.
 package v1
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/v1/register.go b/vendor/k8s.io/kubernetes/pkg/scheduler/api/v1/register.go
similarity index 88%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/v1/register.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/api/v1/register.go
index 292245a0a610..504de9c7672b 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/v1/register.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/api/v1/register.go
@@ -19,7 +19,7 @@ package v1
 import (
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
 )
 
 // SchemeGroupVersion is group version used to register these objects
@@ -36,9 +36,12 @@ func init() {
 var (
 	// TODO: move SchemeBuilder with zz_generated.deepcopy.go to k8s.io/api.
 	// localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes.
+
+	// SchemeBuilder is a v1 api scheme builder.
 	SchemeBuilder      runtime.SchemeBuilder
 	localSchemeBuilder = &SchemeBuilder
-	AddToScheme        = localSchemeBuilder.AddToScheme
+	// AddToScheme is used to add stored functions to scheme.
+	AddToScheme = localSchemeBuilder.AddToScheme
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/v1/types.go b/vendor/k8s.io/kubernetes/pkg/scheduler/api/v1/types.go
similarity index 84%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/v1/types.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/api/v1/types.go
index 3f6684a5f3cf..32ac25795887 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/v1/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/api/v1/types.go
@@ -27,6 +27,7 @@ import (
 
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 
+// Policy describes a struct for a policy resource used in api.
 type Policy struct {
 	metav1.TypeMeta `json:",inline"`
 	// Holds the information to configure the fit predicate functions
@@ -39,8 +40,15 @@ type Policy struct {
 	// corresponding to every RequiredDuringScheduling affinity rule.
 	// HardPodAffinitySymmetricWeight represents the weight of implicit PreferredDuringScheduling affinity rule, in the range 1-100.
 	HardPodAffinitySymmetricWeight int `json:"hardPodAffinitySymmetricWeight"`
+
+	// When AlwaysCheckAllPredicates is set to true, scheduler checks all
+	// the configured predicates even after one or more of them fails.
+	// When the flag is set to false, scheduler skips checking the rest
+	// of the predicates after it finds one predicate that failed.
+	AlwaysCheckAllPredicates bool `json:"alwaysCheckAllPredicates"`
 }
 
+// PredicatePolicy describes a struct of a predicate policy.
 type PredicatePolicy struct {
 	// Identifier of the predicate policy
 	// For a custom predicate, the name can be user-defined
@@ -50,6 +58,7 @@ type PredicatePolicy struct {
 	Argument *PredicateArgument `json:"argument"`
 }
 
+// PriorityPolicy describes a struct of a priority policy.
 type PriorityPolicy struct {
 	// Identifier of the priority policy
 	// For a custom priority, the name can be user-defined
@@ -116,6 +125,16 @@ type LabelPreference struct {
 	Presence bool `json:"presence"`
 }
 
+// ExtenderManagedResource describes the arguments of extended resources
+// managed by an extender.
+type ExtenderManagedResource struct {
+	// Name is the extended resource name.
+	Name apiv1.ResourceName `json:"name,casttype=ResourceName"`
+	// IgnoredByScheduler indicates whether kube-scheduler should ignore this
+	// resource when applying predicates.
+	IgnoredByScheduler bool `json:"ignoredByScheduler,omitempty"`
+}
+
 // ExtenderConfig holds the parameters used to communicate with the extender. If a verb is unspecified/empty,
 // it is assumed that the extender chose not to provide that extension.
 type ExtenderConfig struct {
@@ -132,8 +151,8 @@ type ExtenderConfig struct {
 	// If this method is implemented by the extender, it is the extender's responsibility to bind the pod to apiserver. Only one extender
 	// can implement this function.
 	BindVerb string
-	// EnableHttps specifies whether https should be used to communicate with the extender
-	EnableHttps bool `json:"enableHttps,omitempty"`
+	// EnableHTTPS specifies whether https should be used to communicate with the extender
+	EnableHTTPS bool `json:"enableHttps,omitempty"`
 	// TLSConfig specifies the transport layer security config
 	TLSConfig *restclient.TLSClientConfig `json:"tlsConfig,omitempty"`
 	// HTTPTimeout specifies the timeout duration for a call to the extender. Filter timeout fails the scheduling of the pod. Prioritize
@@ -143,6 +162,16 @@ type ExtenderConfig struct {
 	// so the scheduler should only send minimal information about the eligible nodes
 	// assuming that the extender already cached full details of all nodes in the cluster
 	NodeCacheCapable bool `json:"nodeCacheCapable,omitempty"`
+	// ManagedResources is a list of extended resources that are managed by
+	// this extender.
+	// - A pod will be sent to the extender on the Filter, Prioritize and Bind
+	//   (if the extender is the binder) phases iff the pod requests at least
+	//   one of the extended resources in this list. If empty or unspecified,
+	//   all pods will be sent to this extender.
+	// - If IgnoredByScheduler is set to true for a resource, kube-scheduler
+	//   will skip checking the resource in predicates.
+	// +optional
+	ManagedResources []ExtenderManagedResource `json:"managedResources,omitempty"`
 }
 
 // ExtenderArgs represents the arguments needed by the extender to filter/prioritize
@@ -201,6 +230,7 @@ type HostPriority struct {
 	Score int `json:"score"`
 }
 
+// HostPriorityList declares a []HostPriority type.
 type HostPriorityList []HostPriority
 
 func (h HostPriorityList) Len() int {
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/v1/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/scheduler/api/v1/zz_generated.deepcopy.go
similarity index 85%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/v1/zz_generated.deepcopy.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/api/v1/zz_generated.deepcopy.go
index dab87e7e681b..98f8fcbf7efc 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/v1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/api/v1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1
 
@@ -109,6 +109,11 @@ func (in *ExtenderConfig) DeepCopyInto(out *ExtenderConfig) {
 			(*in).DeepCopyInto(*out)
 		}
 	}
+	if in.ManagedResources != nil {
+		in, out := &in.ManagedResources, &out.ManagedResources
+		*out = make([]ExtenderManagedResource, len(*in))
+		copy(*out, *in)
+	}
 	return
 }
 
@@ -167,6 +172,44 @@ func (in *ExtenderFilterResult) DeepCopy() *ExtenderFilterResult {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExtenderManagedResource) DeepCopyInto(out *ExtenderManagedResource) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtenderManagedResource.
+func (in *ExtenderManagedResource) DeepCopy() *ExtenderManagedResource {
+	if in == nil {
+		return nil
+	}
+	out := new(ExtenderManagedResource)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in FailedNodesMap) DeepCopyInto(out *FailedNodesMap) {
+	{
+		in := &in
+		*out = make(FailedNodesMap, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FailedNodesMap.
+func (in FailedNodesMap) DeepCopy() FailedNodesMap {
+	if in == nil {
+		return nil
+	}
+	out := new(FailedNodesMap)
+	in.DeepCopyInto(out)
+	return *out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *HostPriority) DeepCopyInto(out *HostPriority) {
 	*out = *in
@@ -183,6 +226,26 @@ func (in *HostPriority) DeepCopy() *HostPriority {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in HostPriorityList) DeepCopyInto(out *HostPriorityList) {
+	{
+		in := &in
+		*out = make(HostPriorityList, len(*in))
+		copy(*out, *in)
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostPriorityList.
+func (in HostPriorityList) DeepCopy() HostPriorityList {
+	if in == nil {
+		return nil
+	}
+	out := new(HostPriorityList)
+	in.DeepCopyInto(out)
+	return *out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *LabelPreference) DeepCopyInto(out *LabelPreference) {
 	*out = *in
@@ -262,9 +325,8 @@ func (in *Policy) DeepCopy() *Policy {
 func (in *Policy) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/scheduler/api/validation/BUILD
similarity index 56%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/validation/BUILD
rename to vendor/k8s.io/kubernetes/pkg/scheduler/api/validation/BUILD
index 2120ba3dc092..2cee0ff30371 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/api/validation/BUILD
@@ -9,19 +9,22 @@ load(
 go_library(
     name = "go_default_library",
     srcs = ["validation.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/api/validation",
+    importpath = "k8s.io/kubernetes/pkg/scheduler/api/validation",
     deps = [
-        "//plugin/pkg/scheduler/api:go_default_library",
+        "//pkg/apis/core/v1/helper:go_default_library",
+        "//pkg/scheduler/api:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/validation:go_default_library",
     ],
 )
 
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/api/validation",
-    library = ":go_default_library",
-    deps = ["//plugin/pkg/scheduler/api:go_default_library"],
+    embed = [":go_default_library"],
+    deps = ["//pkg/scheduler/api:go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/validation/validation.go b/vendor/k8s.io/kubernetes/pkg/scheduler/api/validation/validation.go
similarity index 56%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/validation/validation.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/api/validation/validation.go
index cec33b1955b8..5e9e53bec6f4 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/validation/validation.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/api/validation/validation.go
@@ -17,10 +17,15 @@ limitations under the License.
 package validation
 
 import (
+	"errors"
 	"fmt"
 
+	"k8s.io/api/core/v1"
 	utilerrors "k8s.io/apimachinery/pkg/util/errors"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
+	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/apimachinery/pkg/util/validation"
+	v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
 )
 
 // ValidatePolicy checks for errors in the Config
@@ -35,6 +40,7 @@ func ValidatePolicy(policy schedulerapi.Policy) error {
 	}
 
 	binders := 0
+	extenderManagedResources := sets.NewString()
 	for _, extender := range policy.ExtenderConfigs {
 		if len(extender.PrioritizeVerb) > 0 && extender.Weight <= 0 {
 			validationErrors = append(validationErrors, fmt.Errorf("Priority for extender %s should have a positive weight applied to it", extender.URLPrefix))
@@ -42,9 +48,35 @@ func ValidatePolicy(policy schedulerapi.Policy) error {
 		if extender.BindVerb != "" {
 			binders++
 		}
+		for _, resource := range extender.ManagedResources {
+			errs := validateExtendedResourceName(resource.Name)
+			if len(errs) != 0 {
+				validationErrors = append(validationErrors, errs...)
+			}
+			if extenderManagedResources.Has(string(resource.Name)) {
+				validationErrors = append(validationErrors, fmt.Errorf("Duplicate extender managed resource name %s", string(resource.Name)))
+			}
+			extenderManagedResources.Insert(string(resource.Name))
+		}
 	}
 	if binders > 1 {
 		validationErrors = append(validationErrors, fmt.Errorf("Only one extender can implement bind, found %v", binders))
 	}
 	return utilerrors.NewAggregate(validationErrors)
 }
+
+// validateExtendedResourceName checks whether the specified name is a valid
+// extended resource name.
+func validateExtendedResourceName(name v1.ResourceName) []error {
+	var validationErrors []error
+	for _, msg := range validation.IsQualifiedName(string(name)) {
+		validationErrors = append(validationErrors, errors.New(msg))
+	}
+	if len(validationErrors) != 0 {
+		return validationErrors
+	}
+	if !v1helper.IsExtendedResourceName(name) {
+		validationErrors = append(validationErrors, fmt.Errorf("%s is an invalid extended resource name", name))
+	}
+	return validationErrors
+}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/pkg/scheduler/api/zz_generated.deepcopy.go
similarity index 85%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/zz_generated.deepcopy.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/api/zz_generated.deepcopy.go
index ad8c0c237434..1986933b93c7 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/api/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/api/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package api
 
@@ -109,6 +109,11 @@ func (in *ExtenderConfig) DeepCopyInto(out *ExtenderConfig) {
 			(*in).DeepCopyInto(*out)
 		}
 	}
+	if in.ManagedResources != nil {
+		in, out := &in.ManagedResources, &out.ManagedResources
+		*out = make([]ExtenderManagedResource, len(*in))
+		copy(*out, *in)
+	}
 	return
 }
 
@@ -167,6 +172,44 @@ func (in *ExtenderFilterResult) DeepCopy() *ExtenderFilterResult {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExtenderManagedResource) DeepCopyInto(out *ExtenderManagedResource) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtenderManagedResource.
+func (in *ExtenderManagedResource) DeepCopy() *ExtenderManagedResource {
+	if in == nil {
+		return nil
+	}
+	out := new(ExtenderManagedResource)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in FailedNodesMap) DeepCopyInto(out *FailedNodesMap) {
+	{
+		in := &in
+		*out = make(FailedNodesMap, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FailedNodesMap.
+func (in FailedNodesMap) DeepCopy() FailedNodesMap {
+	if in == nil {
+		return nil
+	}
+	out := new(FailedNodesMap)
+	in.DeepCopyInto(out)
+	return *out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *HostPriority) DeepCopyInto(out *HostPriority) {
 	*out = *in
@@ -183,6 +226,26 @@ func (in *HostPriority) DeepCopy() *HostPriority {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in HostPriorityList) DeepCopyInto(out *HostPriorityList) {
+	{
+		in := &in
+		*out = make(HostPriorityList, len(*in))
+		copy(*out, *in)
+		return
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostPriorityList.
+func (in HostPriorityList) DeepCopy() HostPriorityList {
+	if in == nil {
+		return nil
+	}
+	out := new(HostPriorityList)
+	in.DeepCopyInto(out)
+	return *out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *LabelPreference) DeepCopyInto(out *LabelPreference) {
 	*out = *in
@@ -262,9 +325,8 @@ func (in *Policy) DeepCopy() *Policy {
 func (in *Policy) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/core/BUILD b/vendor/k8s.io/kubernetes/pkg/scheduler/core/BUILD
similarity index 65%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/core/BUILD
rename to vendor/k8s.io/kubernetes/pkg/scheduler/core/BUILD
index aa14221fe524..6be7c9fa9941 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/core/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/core/BUILD
@@ -14,22 +14,22 @@ go_test(
         "generic_scheduler_test.go",
         "scheduling_queue_test.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/core",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/predicates:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/priorities:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/priorities/util:go_default_library",
-        "//plugin/pkg/scheduler/api:go_default_library",
-        "//plugin/pkg/scheduler/schedulercache:go_default_library",
-        "//plugin/pkg/scheduler/testing:go_default_library",
-        "//plugin/pkg/scheduler/util:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
+        "//pkg/scheduler/algorithm/predicates:go_default_library",
+        "//pkg/scheduler/algorithm/priorities:go_default_library",
+        "//pkg/scheduler/algorithm/priorities/util:go_default_library",
+        "//pkg/scheduler/api:go_default_library",
+        "//pkg/scheduler/schedulercache:go_default_library",
+        "//pkg/scheduler/testing:go_default_library",
+        "//pkg/scheduler/util:go_default_library",
         "//vendor/k8s.io/api/apps/v1beta1:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
     ],
@@ -43,17 +43,18 @@ go_library(
         "generic_scheduler.go",
         "scheduling_queue.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/core",
+    importpath = "k8s.io/kubernetes/pkg/scheduler/core",
     deps = [
         "//pkg/api/v1/pod:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
+        "//pkg/scheduler/algorithm/predicates:go_default_library",
+        "//pkg/scheduler/algorithm/priorities/util:go_default_library",
+        "//pkg/scheduler/api:go_default_library",
+        "//pkg/scheduler/metrics:go_default_library",
+        "//pkg/scheduler/schedulercache:go_default_library",
+        "//pkg/scheduler/util:go_default_library",
+        "//pkg/scheduler/volumebinder:go_default_library",
         "//pkg/util/hash:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/predicates:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/priorities/util:go_default_library",
-        "//plugin/pkg/scheduler/api:go_default_library",
-        "//plugin/pkg/scheduler/schedulercache:go_default_library",
-        "//plugin/pkg/scheduler/util:go_default_library",
-        "//plugin/pkg/scheduler/volumebinder:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/golang/groupcache/lru:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
@@ -64,6 +65,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/trace:go_default_library",
+        "//vendor/k8s.io/client-go/listers/core/v1:go_default_library",
         "//vendor/k8s.io/client-go/rest:go_default_library",
         "//vendor/k8s.io/client-go/tools/cache:go_default_library",
         "//vendor/k8s.io/client-go/util/workqueue:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/core/equivalence_cache.go b/vendor/k8s.io/kubernetes/pkg/scheduler/core/equivalence_cache.go
similarity index 88%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/core/equivalence_cache.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/core/equivalence_cache.go
index ca27f40d57ae..3eebe9dcb67a 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/core/equivalence_cache.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/core/equivalence_cache.go
@@ -22,8 +22,8 @@ import (
 
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
 	hashutil "k8s.io/kubernetes/pkg/util/hash"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
 
 	"github.com/golang/glog"
 	"github.com/golang/groupcache/lru"
@@ -62,6 +62,7 @@ func newAlgorithmCache() AlgorithmCache {
 	}
 }
 
+// NewEquivalenceCache creates a EquivalenceCache object.
 func NewEquivalenceCache(getEquivalencePodFunc algorithm.GetEquivalencePodFunc) *EquivalenceCache {
 	return &EquivalenceCache{
 		getEquivalencePod: getEquivalencePodFunc,
@@ -75,9 +76,12 @@ func (ec *EquivalenceCache) UpdateCachedPredicateItem(
 	fit bool,
 	reasons []algorithm.PredicateFailureReason,
 	equivalenceHash uint64,
+	needLock bool,
 ) {
-	ec.Lock()
-	defer ec.Unlock()
+	if needLock {
+		ec.Lock()
+		defer ec.Unlock()
+	}
 	if _, exist := ec.algorithmCache[nodeName]; !exist {
 		ec.algorithmCache[nodeName] = newAlgorithmCache()
 	}
@@ -106,10 +110,12 @@ func (ec *EquivalenceCache) UpdateCachedPredicateItem(
 // based on cached predicate results
 func (ec *EquivalenceCache) PredicateWithECache(
 	podName, nodeName, predicateKey string,
-	equivalenceHash uint64,
+	equivalenceHash uint64, needLock bool,
 ) (bool, []algorithm.PredicateFailureReason, bool) {
-	ec.RLock()
-	defer ec.RUnlock()
+	if needLock {
+		ec.RLock()
+		defer ec.RUnlock()
+	}
 	glog.V(5).Infof("Begin to calculate predicate: %v for pod: %s on node: %s based on equivalence cache",
 		predicateKey, podName, nodeName)
 	if algorithmCache, exist := ec.algorithmCache[nodeName]; exist {
@@ -119,13 +125,11 @@ func (ec *EquivalenceCache) PredicateWithECache(
 			if hostPredicate, ok := predicateMap[equivalenceHash]; ok {
 				if hostPredicate.Fit {
 					return true, []algorithm.PredicateFailureReason{}, false
-				} else {
-					return false, hostPredicate.FailReasons, false
 				}
-			} else {
-				// is invalid
-				return false, []algorithm.PredicateFailureReason{}, true
+				return false, hostPredicate.FailReasons, false
 			}
+			// is invalid
+			return false, []algorithm.PredicateFailureReason{}, true
 		}
 	}
 	return false, []algorithm.PredicateFailureReason{}, true
@@ -208,15 +212,22 @@ func (ec *EquivalenceCache) InvalidateCachedPredicateItemForPodAdd(pod *v1.Pod,
 	ec.InvalidateCachedPredicateItem(nodeName, invalidPredicates)
 }
 
-// getHashEquivalencePod returns the hash of equivalence pod.
-// 1. equivalenceHash
-// 2. if equivalence hash is valid
-func (ec *EquivalenceCache) getHashEquivalencePod(pod *v1.Pod) (uint64, bool) {
+// equivalenceClassInfo holds equivalence hash which is used for checking equivalence cache.
+// We will pass this to podFitsOnNode to ensure equivalence hash is only calculated per schedule.
+type equivalenceClassInfo struct {
+	// Equivalence hash.
+	hash uint64
+}
+
+// getEquivalenceClassInfo returns the equivalence class of given pod.
+func (ec *EquivalenceCache) getEquivalenceClassInfo(pod *v1.Pod) *equivalenceClassInfo {
 	equivalencePod := ec.getEquivalencePod(pod)
 	if equivalencePod != nil {
 		hash := fnv.New32a()
 		hashutil.DeepHashObject(hash, equivalencePod)
-		return uint64(hash.Sum32()), true
+		return &equivalenceClassInfo{
+			hash: uint64(hash.Sum32()),
+		}
 	}
-	return 0, false
+	return nil
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/core/extender.go b/vendor/k8s.io/kubernetes/pkg/scheduler/core/extender.go
similarity index 83%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/core/extender.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/core/extender.go
index 898ef4f45251..022db87f5ba2 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/core/extender.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/core/extender.go
@@ -26,13 +26,15 @@ import (
 
 	"k8s.io/api/core/v1"
 	utilnet "k8s.io/apimachinery/pkg/util/net"
+	"k8s.io/apimachinery/pkg/util/sets"
 	restclient "k8s.io/client-go/rest"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
 )
 
 const (
+	// DefaultExtenderTimeout defines the default extender timeout in second.
 	DefaultExtenderTimeout = 5 * time.Second
 )
 
@@ -45,6 +47,7 @@ type HTTPExtender struct {
 	weight           int
 	client           *http.Client
 	nodeCacheCapable bool
+	managedResources sets.String
 }
 
 func makeTransport(config *schedulerapi.ExtenderConfig) (http.RoundTripper, error) {
@@ -52,7 +55,7 @@ func makeTransport(config *schedulerapi.ExtenderConfig) (http.RoundTripper, erro
 	if config.TLSConfig != nil {
 		cfg.TLSClientConfig = *config.TLSConfig
 	}
-	if config.EnableHttps {
+	if config.EnableHTTPS {
 		hasCA := len(cfg.CAFile) > 0 || len(cfg.CAData) > 0
 		if !hasCA {
 			cfg.Insecure = true
@@ -70,6 +73,7 @@ func makeTransport(config *schedulerapi.ExtenderConfig) (http.RoundTripper, erro
 	return utilnet.SetTransportDefaults(&http.Transport{}), nil
 }
 
+// NewHTTPExtender creates an HTTPExtender object.
 func NewHTTPExtender(config *schedulerapi.ExtenderConfig) (algorithm.SchedulerExtender, error) {
 	if config.HTTPTimeout.Nanoseconds() == 0 {
 		config.HTTPTimeout = time.Duration(DefaultExtenderTimeout)
@@ -83,6 +87,10 @@ func NewHTTPExtender(config *schedulerapi.ExtenderConfig) (algorithm.SchedulerEx
 		Transport: transport,
 		Timeout:   config.HTTPTimeout,
 	}
+	managedResources := sets.NewString()
+	for _, r := range config.ManagedResources {
+		managedResources.Insert(string(r.Name))
+	}
 	return &HTTPExtender{
 		extenderURL:      config.URLPrefix,
 		filterVerb:       config.FilterVerb,
@@ -91,6 +99,7 @@ func NewHTTPExtender(config *schedulerapi.ExtenderConfig) (algorithm.SchedulerEx
 		weight:           config.Weight,
 		client:           client,
 		nodeCacheCapable: config.NodeCacheCapable,
+		managedResources: managedResources,
 	}, nil
 }
 
@@ -250,3 +259,35 @@ func (h *HTTPExtender) send(action string, args interface{}, result interface{})
 
 	return json.NewDecoder(resp.Body).Decode(result)
 }
+
+// IsInterested returns true if at least one extended resource requested by
+// this pod is managed by this extender.
+func (h *HTTPExtender) IsInterested(pod *v1.Pod) bool {
+	if h.managedResources.Len() == 0 {
+		return true
+	}
+	if h.hasManagedResources(pod.Spec.Containers) {
+		return true
+	}
+	if h.hasManagedResources(pod.Spec.InitContainers) {
+		return true
+	}
+	return false
+}
+
+func (h *HTTPExtender) hasManagedResources(containers []v1.Container) bool {
+	for i := range containers {
+		container := &containers[i]
+		for resourceName := range container.Resources.Requests {
+			if h.managedResources.Has(string(resourceName)) {
+				return true
+			}
+		}
+		for resourceName := range container.Resources.Limits {
+			if h.managedResources.Has(string(resourceName)) {
+				return true
+			}
+		}
+	}
+	return false
+}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/core/generic_scheduler.go b/vendor/k8s.io/kubernetes/pkg/scheduler/core/generic_scheduler.go
similarity index 80%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/core/generic_scheduler.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/core/generic_scheduler.go
index e14d220be3f5..f7e9cddfd23b 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/core/generic_scheduler.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/core/generic_scheduler.go
@@ -31,39 +31,41 @@ import (
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/util/errors"
 	utiltrace "k8s.io/apiserver/pkg/util/trace"
+	corelisters "k8s.io/client-go/listers/core/v1"
 	"k8s.io/client-go/util/workqueue"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/util"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm/predicates"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/metrics"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
+	"k8s.io/kubernetes/pkg/scheduler/util"
+	"k8s.io/kubernetes/pkg/scheduler/volumebinder"
 
 	"github.com/golang/glog"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/volumebinder"
 )
 
+// FailedPredicateMap declares a map[string][]algorithm.PredicateFailureReason type.
 type FailedPredicateMap map[string][]algorithm.PredicateFailureReason
 
+// FitError describes a fit error of a pod.
 type FitError struct {
 	Pod              *v1.Pod
 	NumAllNodes      int
 	FailedPredicates FailedPredicateMap
 }
 
+// Victims describes pod victims.
 type Victims struct {
 	pods             []*v1.Pod
 	numPDBViolations int
 }
 
+// ErrNoNodesAvailable defines an error of no nodes available.
 var ErrNoNodesAvailable = fmt.Errorf("no nodes available to schedule pods")
 
 const (
+	// NoNodeAvailableMsg is used to format message when no nodes available.
 	NoNodeAvailableMsg = "0/%v nodes are available"
-	// NominatedNodeAnnotationKey is used to annotate a pod that has preempted other pods.
-	// The scheduler uses the annotation to find that the pod shouldn't preempt more pods
-	// when it gets to the head of scheduling queue again.
-	// See podEligibleToPreemptOthers() for more information.
-	NominatedNodeAnnotationKey = "NominatedNodeName"
 )
 
 // Error returns detailed information of why the pod failed to fit on each node
@@ -71,7 +73,7 @@ func (f *FitError) Error() string {
 	reasons := make(map[string]int)
 	for _, predicates := range f.FailedPredicates {
 		for _, pred := range predicates {
-			reasons[pred.GetReason()] += 1
+			reasons[pred.GetReason()]++
 		}
 	}
 
@@ -88,28 +90,33 @@ func (f *FitError) Error() string {
 }
 
 type genericScheduler struct {
-	cache                 schedulercache.Cache
-	equivalenceCache      *EquivalenceCache
-	schedulingQueue       SchedulingQueue
-	predicates            map[string]algorithm.FitPredicate
-	priorityMetaProducer  algorithm.MetadataProducer
-	predicateMetaProducer algorithm.PredicateMetadataProducer
-	prioritizers          []algorithm.PriorityConfig
-	extenders             []algorithm.SchedulerExtender
-	lastNodeIndexLock     sync.Mutex
-	lastNodeIndex         uint64
-
-	cachedNodeInfoMap map[string]*schedulercache.NodeInfo
-	volumeBinder      *volumebinder.VolumeBinder
+	cache                    schedulercache.Cache
+	equivalenceCache         *EquivalenceCache
+	schedulingQueue          SchedulingQueue
+	predicates               map[string]algorithm.FitPredicate
+	priorityMetaProducer     algorithm.PriorityMetadataProducer
+	predicateMetaProducer    algorithm.PredicateMetadataProducer
+	prioritizers             []algorithm.PriorityConfig
+	extenders                []algorithm.SchedulerExtender
+	lastNodeIndexLock        sync.Mutex
+	lastNodeIndex            uint64
+	alwaysCheckAllPredicates bool
+	cachedNodeInfoMap        map[string]*schedulercache.NodeInfo
+	volumeBinder             *volumebinder.VolumeBinder
+	pvcLister                corelisters.PersistentVolumeClaimLister
 }
 
-// Schedule tries to schedule the given pod to one of node in the node list.
+// Schedule tries to schedule the given pod to one of the nodes in the node list.
 // If it succeeds, it will return the name of the node.
-// If it fails, it will return a Fiterror error with reasons.
+// If it fails, it will return a FitError error with reasons.
 func (g *genericScheduler) Schedule(pod *v1.Pod, nodeLister algorithm.NodeLister) (string, error) {
 	trace := utiltrace.New(fmt.Sprintf("Scheduling %s/%s", pod.Namespace, pod.Name))
 	defer trace.LogIfLong(100 * time.Millisecond)
 
+	if err := podPassesBasicChecks(pod, g.pvcLister); err != nil {
+		return "", err
+	}
+
 	nodes, err := nodeLister.List()
 	if err != nil {
 		return "", err
@@ -125,7 +132,8 @@ func (g *genericScheduler) Schedule(pod *v1.Pod, nodeLister algorithm.NodeLister
 	}
 
 	trace.Step("Computing predicates")
-	filteredNodes, failedPredicateMap, err := findNodesThatFit(pod, g.cachedNodeInfoMap, nodes, g.predicates, g.extenders, g.predicateMetaProducer, g.equivalenceCache, g.schedulingQueue)
+	startPredicateEvalTime := time.Now()
+	filteredNodes, failedPredicateMap, err := findNodesThatFit(pod, g.cachedNodeInfoMap, nodes, g.predicates, g.extenders, g.predicateMetaProducer, g.equivalenceCache, g.schedulingQueue, g.alwaysCheckAllPredicates)
 	if err != nil {
 		return "", err
 	}
@@ -137,11 +145,13 @@ func (g *genericScheduler) Schedule(pod *v1.Pod, nodeLister algorithm.NodeLister
 			FailedPredicates: failedPredicateMap,
 		}
 	}
+	metrics.SchedulingAlgorithmPredicateEvaluationDuration.Observe(metrics.SinceInMicroseconds(startPredicateEvalTime))
 
 	trace.Step("Prioritizing")
-
+	startPriorityEvalTime := time.Now()
 	// When only one node after predicate, just use it.
 	if len(filteredNodes) == 1 {
+		metrics.SchedulingAlgorithmPriorityEvaluationDuration.Observe(metrics.SinceInMicroseconds(startPriorityEvalTime))
 		return filteredNodes[0].Name, nil
 	}
 
@@ -150,6 +160,7 @@ func (g *genericScheduler) Schedule(pod *v1.Pod, nodeLister algorithm.NodeLister
 	if err != nil {
 		return "", err
 	}
+	metrics.SchedulingAlgorithmPriorityEvaluationDuration.Observe(metrics.SinceInMicroseconds(startPriorityEvalTime))
 
 	trace.Step("Selecting host")
 	return g.selectHost(priorityList)
@@ -284,6 +295,7 @@ func findNodesThatFit(
 	metadataProducer algorithm.PredicateMetadataProducer,
 	ecache *EquivalenceCache,
 	schedulingQueue SchedulingQueue,
+	alwaysCheckAllPredicates bool,
 ) ([]*v1.Node, FailedPredicateMap, error) {
 	var filtered []*v1.Node
 	failedPredicateMap := FailedPredicateMap{}
@@ -300,9 +312,25 @@ func findNodesThatFit(
 
 		// We can use the same metadata producer for all nodes.
 		meta := metadataProducer(pod, nodeNameToInfo)
+
+		var equivCacheInfo *equivalenceClassInfo
+		if ecache != nil {
+			// getEquivalenceClassInfo will return immediately if no equivalence pod found
+			equivCacheInfo = ecache.getEquivalenceClassInfo(pod)
+		}
+
 		checkNode := func(i int) {
 			nodeName := nodes[i].Name
-			fits, failedPredicates, err := podFitsOnNode(pod, meta, nodeNameToInfo[nodeName], predicateFuncs, ecache, schedulingQueue)
+			fits, failedPredicates, err := podFitsOnNode(
+				pod,
+				meta,
+				nodeNameToInfo[nodeName],
+				predicateFuncs,
+				ecache,
+				schedulingQueue,
+				alwaysCheckAllPredicates,
+				equivCacheInfo,
+			)
 			if err != nil {
 				predicateResultLock.Lock()
 				errs[err.Error()]++
@@ -326,6 +354,9 @@ func findNodesThatFit(
 
 	if len(filtered) > 0 && len(extenders) != 0 {
 		for _, extender := range extenders {
+			if !extender.IsInterested(pod) {
+				continue
+			}
 			filteredList, failedMap, err := extender.Filter(pod, filtered, nodeNameToInfo)
 			if err != nil {
 				return []*v1.Node{}, FailedPredicateMap{}, err
@@ -360,7 +391,7 @@ func addNominatedPods(podPriority int32, meta algorithm.PredicateMetadata,
 	if nominatedPods == nil || len(nominatedPods) == 0 {
 		return false, meta, nodeInfo
 	}
-	var metaOut algorithm.PredicateMetadata = nil
+	var metaOut algorithm.PredicateMetadata
 	if meta != nil {
 		metaOut = meta.ShallowCopy()
 	}
@@ -377,6 +408,8 @@ func addNominatedPods(podPriority int32, meta algorithm.PredicateMetadata,
 }
 
 // podFitsOnNode checks whether a node given by NodeInfo satisfies the given predicate functions.
+// For given pod, podFitsOnNode will check if any equivalent pod exists and try to reuse its cached
+// predicate results as possible.
 // This function is called from two different places: Schedule and Preempt.
 // When it is called from Schedule, we want to test whether the pod is schedulable
 // on the node with all the existing pods on the node plus higher and equal priority
@@ -391,11 +424,12 @@ func podFitsOnNode(
 	predicateFuncs map[string]algorithm.FitPredicate,
 	ecache *EquivalenceCache,
 	queue SchedulingQueue,
+	alwaysCheckAllPredicates bool,
+	equivCacheInfo *equivalenceClassInfo,
 ) (bool, []algorithm.PredicateFailureReason, error) {
 	var (
-		equivalenceHash  uint64
-		failedPredicates []algorithm.PredicateFailureReason
 		eCacheAvailable  bool
+		failedPredicates []algorithm.PredicateFailureReason
 		invalid          bool
 		fit              bool
 		reasons          []algorithm.PredicateFailureReason
@@ -403,10 +437,6 @@ func podFitsOnNode(
 	)
 	predicateResults := make(map[string]HostPredicate)
 
-	if ecache != nil {
-		// getHashEquivalencePod will return immediately if no equivalence pod found
-		equivalenceHash, eCacheAvailable = ecache.getHashEquivalencePod(pod)
-	}
 	podsAdded := false
 	// We run predicates twice in some cases. If the node has greater or equal priority
 	// nominated pods, we run them when those pods are added to meta and nodeInfo.
@@ -437,55 +467,59 @@ func podFitsOnNode(
 		// Bypass eCache if node has any nominated pods.
 		// TODO(bsalamat): consider using eCache and adding proper eCache invalidations
 		// when pods are nominated or their nominations change.
-		eCacheAvailable = eCacheAvailable && !podsAdded
-		for predicateKey, predicate := range predicateFuncs {
-			if eCacheAvailable {
-				// PredicateWithECache will return its cached predicate results.
-				fit, reasons, invalid = ecache.PredicateWithECache(pod.GetName(), info.Node().GetName(), predicateKey, equivalenceHash)
-			}
+		eCacheAvailable = equivCacheInfo != nil && !podsAdded
+		for _, predicateKey := range predicates.Ordering() {
+			//TODO (yastij) : compute average predicate restrictiveness to export it as Prometheus metric
+			if predicate, exist := predicateFuncs[predicateKey]; exist {
+				if eCacheAvailable {
+					// Lock ecache here to avoid a race condition against cache invalidation invoked
+					// in event handlers. This race has existed despite locks in eCache implementation.
+					ecache.Lock()
+					// PredicateWithECache will return its cached predicate results.
+					fit, reasons, invalid = ecache.PredicateWithECache(pod.GetName(), info.Node().GetName(), predicateKey, equivCacheInfo.hash, false)
+				}
 
-			// TODO(bsalamat): When one predicate fails and fit is false, why do we continue
-			// checking other predicates?
-			if !eCacheAvailable || invalid {
-				// we need to execute predicate functions since equivalence cache does not work
-				fit, reasons, err = predicate(pod, metaToUse, nodeInfoToUse)
-				if err != nil {
-					return false, []algorithm.PredicateFailureReason{}, err
+				if !eCacheAvailable || invalid {
+					// we need to execute predicate functions since equivalence cache does not work
+					fit, reasons, err = predicate(pod, metaToUse, nodeInfoToUse)
+					if err != nil {
+						return false, []algorithm.PredicateFailureReason{}, err
+					}
+					if eCacheAvailable {
+						// Store data to update eCache after this loop.
+						if res, exists := predicateResults[predicateKey]; exists {
+							res.Fit = res.Fit && fit
+							res.FailReasons = append(res.FailReasons, reasons...)
+							predicateResults[predicateKey] = res
+						} else {
+							predicateResults[predicateKey] = HostPredicate{Fit: fit, FailReasons: reasons}
+						}
+						result := predicateResults[predicateKey]
+						ecache.UpdateCachedPredicateItem(pod.GetName(), info.Node().GetName(), predicateKey, result.Fit, result.FailReasons, equivCacheInfo.hash, false)
+					}
 				}
+
 				if eCacheAvailable {
-					// Store data to update eCache after this loop.
-					if res, exists := predicateResults[predicateKey]; exists {
-						res.Fit = res.Fit && fit
-						res.FailReasons = append(res.FailReasons, reasons...)
-						predicateResults[predicateKey] = res
-					} else {
-						predicateResults[predicateKey] = HostPredicate{Fit: fit, FailReasons: reasons}
+					ecache.Unlock()
+				}
+
+				if !fit {
+					// eCache is available and valid, and predicates result is unfit, record the fail reasons
+					failedPredicates = append(failedPredicates, reasons...)
+					// if alwaysCheckAllPredicates is false, short circuit all predicates when one predicate fails.
+					if !alwaysCheckAllPredicates {
+						glog.V(5).Infoln("since alwaysCheckAllPredicates has not been set, the predicate evaluation is short circuited and there are chances of other predicates failing as well.")
+						break
 					}
 				}
 			}
-			if !fit {
-				// eCache is available and valid, and predicates result is unfit, record the fail reasons
-				failedPredicates = append(failedPredicates, reasons...)
-			}
 		}
 	}
 
-	// TODO(bsalamat): This way of updating equiv. cache has a race condition against
-	// cache invalidations invoked in event handlers. This race has existed despite locks
-	// in eCache implementation. If cache is invalidated after a predicate is executed
-	// and before we update the cache, the updates should not be written to the cache.
-	if eCacheAvailable {
-		nodeName := info.Node().GetName()
-		for predKey, result := range predicateResults {
-			// update equivalence cache with newly computed fit & reasons
-			// TODO(resouer) should we do this in another thread? any race?
-			ecache.UpdateCachedPredicateItem(pod.GetName(), nodeName, predKey, result.Fit, result.FailReasons, equivalenceHash)
-		}
-	}
 	return len(failedPredicates) == 0, failedPredicates, nil
 }
 
-// Prioritizes the nodes by running the individual priority functions in parallel.
+// PrioritizeNodes prioritizes the nodes by running the individual priority functions in parallel.
 // Each priority function is expected to set a score of 0-10
 // 0 is the lowest priority score (least preferred node) and 10 is the highest
 // Each priority function can also have its own weight
@@ -593,6 +627,9 @@ func PrioritizeNodes(
 	if len(extenders) != 0 && nodes != nil {
 		combinedScores := make(map[string]int, len(nodeNameToInfo))
 		for _, extender := range extenders {
+			if !extender.IsInterested(pod) {
+				continue
+			}
 			wg.Add(1)
 			go func(ext algorithm.SchedulerExtender) {
 				defer wg.Done()
@@ -624,7 +661,7 @@ func PrioritizeNodes(
 	return result, nil
 }
 
-// EqualPriority is a prioritizer function that gives an equal weight of one to all nodes
+// EqualPriorityMap is a prioritizer function that gives an equal weight of one to all nodes
 func EqualPriorityMap(_ *v1.Pod, _ interface{}, nodeInfo *schedulercache.NodeInfo) (schedulerapi.HostPriority, error) {
 	node := nodeInfo.Node()
 	if node == nil {
@@ -644,13 +681,15 @@ func EqualPriorityMap(_ *v1.Pod, _ interface{}, nodeInfo *schedulercache.NodeInf
 // 3. Ties are broken by sum of priorities of all victims.
 // 4. If there are still ties, node with the minimum number of victims is picked.
 // 5. If there are still ties, the first such node is picked (sort of randomly).
-//TODO(bsalamat): Try to reuse the "min*Nodes" slices in order to save GC time.
+// The 'minNodes1' and 'minNodes2' are being reused here to save the memory
+// allocation and garbage collection time.
 func pickOneNodeForPreemption(nodesToVictims map[*v1.Node]*Victims) *v1.Node {
 	if len(nodesToVictims) == 0 {
 		return nil
 	}
 	minNumPDBViolatingPods := math.MaxInt32
-	var minPDBViolatingNodes []*v1.Node
+	var minNodes1 []*v1.Node
+	lenNodes1 := 0
 	for node, victims := range nodesToVictims {
 		if len(victims.pods) == 0 {
 			// We found a node that doesn't need any preemption. Return it!
@@ -662,42 +701,48 @@ func pickOneNodeForPreemption(nodesToVictims map[*v1.Node]*Victims) *v1.Node {
 		numPDBViolatingPods := victims.numPDBViolations
 		if numPDBViolatingPods < minNumPDBViolatingPods {
 			minNumPDBViolatingPods = numPDBViolatingPods
-			minPDBViolatingNodes = nil
+			minNodes1 = nil
+			lenNodes1 = 0
 		}
 		if numPDBViolatingPods == minNumPDBViolatingPods {
-			minPDBViolatingNodes = append(minPDBViolatingNodes, node)
+			minNodes1 = append(minNodes1, node)
+			lenNodes1++
 		}
 	}
-	if len(minPDBViolatingNodes) == 1 {
-		return minPDBViolatingNodes[0]
+	if lenNodes1 == 1 {
+		return minNodes1[0]
 	}
 
 	// There are more than one node with minimum number PDB violating pods. Find
 	// the one with minimum highest priority victim.
 	minHighestPriority := int32(math.MaxInt32)
-	var minPriorityNodes []*v1.Node
-	for _, node := range minPDBViolatingNodes {
+	var minNodes2 = make([]*v1.Node, lenNodes1)
+	lenNodes2 := 0
+	for i := 0; i < lenNodes1; i++ {
+		node := minNodes1[i]
 		victims := nodesToVictims[node]
 		// highestPodPriority is the highest priority among the victims on this node.
 		highestPodPriority := util.GetPodPriority(victims.pods[0])
 		if highestPodPriority < minHighestPriority {
 			minHighestPriority = highestPodPriority
-			minPriorityNodes = nil
+			lenNodes2 = 0
 		}
 		if highestPodPriority == minHighestPriority {
-			minPriorityNodes = append(minPriorityNodes, node)
+			minNodes2[lenNodes2] = node
+			lenNodes2++
 		}
 	}
-	if len(minPriorityNodes) == 1 {
-		return minPriorityNodes[0]
+	if lenNodes2 == 1 {
+		return minNodes2[0]
 	}
 
 	// There are a few nodes with minimum highest priority victim. Find the
 	// smallest sum of priorities.
 	minSumPriorities := int64(math.MaxInt64)
-	var minSumPriorityNodes []*v1.Node
-	for _, node := range minPriorityNodes {
+	lenNodes1 = 0
+	for i := 0; i < lenNodes2; i++ {
 		var sumPriorities int64
+		node := minNodes2[i]
 		for _, pod := range nodesToVictims[node].pods {
 			// We add MaxInt32+1 to all priorities to make all of them >= 0. This is
 			// needed so that a node with a few pods with negative priority is not
@@ -707,34 +752,37 @@ func pickOneNodeForPreemption(nodesToVictims map[*v1.Node]*Victims) *v1.Node {
 		}
 		if sumPriorities < minSumPriorities {
 			minSumPriorities = sumPriorities
-			minSumPriorityNodes = nil
+			lenNodes1 = 0
 		}
 		if sumPriorities == minSumPriorities {
-			minSumPriorityNodes = append(minSumPriorityNodes, node)
+			minNodes1[lenNodes1] = node
+			lenNodes1++
 		}
 	}
-	if len(minSumPriorityNodes) == 1 {
-		return minSumPriorityNodes[0]
+	if lenNodes1 == 1 {
+		return minNodes1[0]
 	}
 
 	// There are a few nodes with minimum highest priority victim and sum of priorities.
 	// Find one with the minimum number of pods.
 	minNumPods := math.MaxInt32
-	var minNumPodNodes []*v1.Node
-	for _, node := range minSumPriorityNodes {
+	lenNodes2 = 0
+	for i := 0; i < lenNodes1; i++ {
+		node := minNodes1[i]
 		numPods := len(nodesToVictims[node].pods)
 		if numPods < minNumPods {
 			minNumPods = numPods
-			minNumPodNodes = nil
+			lenNodes2 = 0
 		}
 		if numPods == minNumPods {
-			minNumPodNodes = append(minNumPodNodes, node)
+			minNodes2[lenNodes2] = node
+			lenNodes2++
 		}
 	}
 	// At this point, even if there are more than one node with the same score,
 	// return the first one.
-	if len(minNumPodNodes) > 0 {
-		return minNumPodNodes[0]
+	if lenNodes2 > 0 {
+		return minNodes2[0]
 	}
 	glog.Errorf("Error in logic of node scoring for preemption. We should never reach here!")
 	return nil
@@ -903,7 +951,7 @@ func selectVictimsOnNode(
 	// that we should check is if the "pod" is failing to schedule due to pod affinity
 	// failure.
 	// TODO(bsalamat): Consider checking affinity to lower priority pods if feasible with reasonable performance.
-	if fits, _, err := podFitsOnNode(pod, meta, nodeInfoCopy, fitPredicates, nil, queue); !fits {
+	if fits, _, err := podFitsOnNode(pod, meta, nodeInfoCopy, fitPredicates, nil, queue, false, nil); !fits {
 		if err != nil {
 			glog.Warningf("Encountered error while selecting victims on node %v: %v", nodeInfo.Node().Name, err)
 		}
@@ -917,7 +965,7 @@ func selectVictimsOnNode(
 	violatingVictims, nonViolatingVictims := filterPodsWithPDBViolation(potentialVictims.Items, pdbs)
 	reprievePod := func(p *v1.Pod) bool {
 		addPod(p)
-		fits, _, _ := podFitsOnNode(pod, meta, nodeInfoCopy, fitPredicates, nil, queue)
+		fits, _, _ := podFitsOnNode(pod, meta, nodeInfoCopy, fitPredicates, nil, queue, false, nil)
 		if !fits {
 			removePod(p)
 			victims = append(victims, p)
@@ -982,8 +1030,9 @@ func nodesWherePreemptionMightHelp(pod *v1.Pod, nodes []*v1.Node, failedPredicat
 // We look at the node that is nominated for this pod and as long as there are
 // terminating pods on the node, we don't consider this for preempting more pods.
 func podEligibleToPreemptOthers(pod *v1.Pod, nodeNameToInfo map[string]*schedulercache.NodeInfo) bool {
-	if nodeName, found := pod.Annotations[NominatedNodeAnnotationKey]; found {
-		if nodeInfo, found := nodeNameToInfo[nodeName]; found {
+	nomNodeName := pod.Status.NominatedNodeName
+	if len(nomNodeName) > 0 {
+		if nodeInfo, found := nodeNameToInfo[nomNodeName]; found {
 			for _, p := range nodeInfo.Pods() {
 				if p.DeletionTimestamp != nil && util.GetPodPriority(p) < util.GetPodPriority(pod) {
 					// There is a terminating pod on the nominated node.
@@ -995,6 +1044,33 @@ func podEligibleToPreemptOthers(pod *v1.Pod, nodeNameToInfo map[string]*schedule
 	return true
 }
 
+// podPassesBasicChecks makes sanity checks on the pod if it can be scheduled.
+func podPassesBasicChecks(pod *v1.Pod, pvcLister corelisters.PersistentVolumeClaimLister) error {
+	// Check PVCs used by the pod
+	namespace := pod.Namespace
+	manifest := &(pod.Spec)
+	for i := range manifest.Volumes {
+		volume := &manifest.Volumes[i]
+		if volume.PersistentVolumeClaim == nil {
+			// Volume is not a PVC, ignore
+			continue
+		}
+		pvcName := volume.PersistentVolumeClaim.ClaimName
+		pvc, err := pvcLister.PersistentVolumeClaims(namespace).Get(pvcName)
+		if err != nil {
+			// The error has already enough context ("persistentvolumeclaim "myclaim" not found")
+			return err
+		}
+
+		if pvc.DeletionTimestamp != nil {
+			return fmt.Errorf("persistentvolumeclaim %q is being deleted", pvc.Name)
+		}
+	}
+
+	return nil
+}
+
+// NewGenericScheduler creates a genericScheduler object.
 func NewGenericScheduler(
 	cache schedulercache.Cache,
 	eCache *EquivalenceCache,
@@ -1002,19 +1078,23 @@ func NewGenericScheduler(
 	predicates map[string]algorithm.FitPredicate,
 	predicateMetaProducer algorithm.PredicateMetadataProducer,
 	prioritizers []algorithm.PriorityConfig,
-	priorityMetaProducer algorithm.MetadataProducer,
+	priorityMetaProducer algorithm.PriorityMetadataProducer,
 	extenders []algorithm.SchedulerExtender,
-	volumeBinder *volumebinder.VolumeBinder) algorithm.ScheduleAlgorithm {
+	volumeBinder *volumebinder.VolumeBinder,
+	pvcLister corelisters.PersistentVolumeClaimLister,
+	alwaysCheckAllPredicates bool) algorithm.ScheduleAlgorithm {
 	return &genericScheduler{
-		cache:                 cache,
-		equivalenceCache:      eCache,
-		schedulingQueue:       podQueue,
-		predicates:            predicates,
-		predicateMetaProducer: predicateMetaProducer,
-		prioritizers:          prioritizers,
-		priorityMetaProducer:  priorityMetaProducer,
-		extenders:             extenders,
-		cachedNodeInfoMap:     make(map[string]*schedulercache.NodeInfo),
-		volumeBinder:          volumeBinder,
+		cache:                    cache,
+		equivalenceCache:         eCache,
+		schedulingQueue:          podQueue,
+		predicates:               predicates,
+		predicateMetaProducer:    predicateMetaProducer,
+		prioritizers:             prioritizers,
+		priorityMetaProducer:     priorityMetaProducer,
+		extenders:                extenders,
+		cachedNodeInfoMap:        make(map[string]*schedulercache.NodeInfo),
+		volumeBinder:             volumeBinder,
+		pvcLister:                pvcLister,
+		alwaysCheckAllPredicates: alwaysCheckAllPredicates,
 	}
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/core/scheduling_queue.go b/vendor/k8s.io/kubernetes/pkg/scheduler/core/scheduling_queue.go
similarity index 88%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/core/scheduling_queue.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/core/scheduling_queue.go
index de7c69881315..9145416658b7 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/core/scheduling_queue.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/core/scheduling_queue.go
@@ -35,9 +35,9 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/client-go/tools/cache"
 	podutil "k8s.io/kubernetes/pkg/api/v1/pod"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates"
-	priorityutil "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/util"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm/predicates"
+	priorityutil "k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util"
+	"k8s.io/kubernetes/pkg/scheduler/util"
 
 	"github.com/golang/glog"
 	"reflect"
@@ -76,10 +76,12 @@ type FIFO struct {
 
 var _ = SchedulingQueue(&FIFO{}) // Making sure that FIFO implements SchedulingQueue.
 
+// Add adds a pod to the FIFO.
 func (f *FIFO) Add(pod *v1.Pod) error {
 	return f.FIFO.Add(pod)
 }
 
+// AddIfNotPresent adds a pod to the FIFO if it is absent in the FIFO.
 func (f *FIFO) AddIfNotPresent(pod *v1.Pod) error {
 	return f.FIFO.AddIfNotPresent(pod)
 }
@@ -95,6 +97,7 @@ func (f *FIFO) Update(oldPod, newPod *v1.Pod) error {
 	return f.FIFO.Update(newPod)
 }
 
+// Delete deletes a pod in the FIFO.
 func (f *FIFO) Delete(pod *v1.Pod) error {
 	return f.FIFO.Delete(pod)
 }
@@ -115,7 +118,11 @@ func (f *FIFO) Pop() (*v1.Pod, error) {
 
 // FIFO does not need to react to events, as all pods are always in the active
 // scheduling queue anyway.
-func (f *FIFO) AssignedPodAdded(pod *v1.Pod)   {}
+
+// AssignedPodAdded does nothing here.
+func (f *FIFO) AssignedPodAdded(pod *v1.Pod) {}
+
+// AssignedPodUpdated does nothing here.
 func (f *FIFO) AssignedPodUpdated(pod *v1.Pod) {}
 
 // MoveAllToActiveQueue does nothing in FIFO as all pods are always in the active queue.
@@ -127,29 +134,14 @@ func (f *FIFO) WaitingPodsForNode(nodeName string) []*v1.Pod {
 	return nil
 }
 
+// NewFIFO creates a FIFO object.
 func NewFIFO() *FIFO {
 	return &FIFO{FIFO: cache.NewFIFO(cache.MetaNamespaceKeyFunc)}
 }
 
 // NominatedNodeName returns nominated node name of a Pod.
 func NominatedNodeName(pod *v1.Pod) string {
-	nominatedNodeName, ok := pod.Annotations[NominatedNodeAnnotationKey]
-	if !ok {
-		return ""
-	}
-	return nominatedNodeName
-}
-
-// UnschedulablePods is an interface for a queue that is used to keep unschedulable
-// pods. These pods are not actively reevaluated for scheduling. They are moved
-// to the active scheduling queue on certain events, such as termination of a pod
-// in the cluster, addition of nodes, etc.
-type UnschedulablePods interface {
-	Add(pod *v1.Pod)
-	Delete(pod *v1.Pod)
-	Update(pod *v1.Pod)
-	Get(pod *v1.Pod) *v1.Pod
-	Clear()
+	return pod.Status.NominatedNodeName
 }
 
 // PriorityQueue implements a scheduling queue. It is an alternative to FIFO.
@@ -158,8 +150,6 @@ type UnschedulablePods interface {
 // scheduling. This is called activeQ and is a Heap. Another queue holds
 // pods that are already tried and are determined to be unschedulable. The latter
 // is called unschedulableQ.
-// Heap is already thread safe, but we need to acquire another lock here to ensure
-// atomicity of operations on the two data structures..
 type PriorityQueue struct {
 	lock sync.RWMutex
 	cond sync.Cond
@@ -184,6 +174,7 @@ type PriorityQueue struct {
 // Making sure that PriorityQueue implements SchedulingQueue.
 var _ = SchedulingQueue(&PriorityQueue{})
 
+// NewPriorityQueue creates a PriorityQueue object.
 func NewPriorityQueue() *PriorityQueue {
 	pq := &PriorityQueue{
 		activeQ:        newHeap(cache.MetaNamespaceKeyFunc, util.HigherPriorityPod),
@@ -242,10 +233,10 @@ func (p *PriorityQueue) Add(pod *v1.Pod) error {
 	if err != nil {
 		glog.Errorf("Error adding pod %v to the scheduling queue: %v", pod.Name, err)
 	} else {
-		if p.unschedulableQ.Get(pod) != nil {
+		if p.unschedulableQ.get(pod) != nil {
 			glog.Errorf("Error: pod %v is already in the unschedulable queue.", pod.Name)
 			p.deleteNominatedPodIfExists(pod)
-			p.unschedulableQ.Delete(pod)
+			p.unschedulableQ.delete(pod)
 		}
 		p.addNominatedPodIfNeeded(pod)
 		p.cond.Broadcast()
@@ -258,7 +249,7 @@ func (p *PriorityQueue) Add(pod *v1.Pod) error {
 func (p *PriorityQueue) AddIfNotPresent(pod *v1.Pod) error {
 	p.lock.Lock()
 	defer p.lock.Unlock()
-	if p.unschedulableQ.Get(pod) != nil {
+	if p.unschedulableQ.get(pod) != nil {
 		return nil
 	}
 	if _, exists, _ := p.activeQ.Get(pod); exists {
@@ -285,14 +276,14 @@ func isPodUnschedulable(pod *v1.Pod) bool {
 func (p *PriorityQueue) AddUnschedulableIfNotPresent(pod *v1.Pod) error {
 	p.lock.Lock()
 	defer p.lock.Unlock()
-	if p.unschedulableQ.Get(pod) != nil {
+	if p.unschedulableQ.get(pod) != nil {
 		return fmt.Errorf("pod is already present in unschedulableQ")
 	}
 	if _, exists, _ := p.activeQ.Get(pod); exists {
 		return fmt.Errorf("pod is already present in the activeQ")
 	}
 	if !p.receivedMoveRequest && isPodUnschedulable(pod) {
-		p.unschedulableQ.Add(pod)
+		p.unschedulableQ.addOrUpdate(pod)
 		p.addNominatedPodIfNeeded(pod)
 		return nil
 	}
@@ -349,17 +340,17 @@ func (p *PriorityQueue) Update(oldPod, newPod *v1.Pod) error {
 		return err
 	}
 	// If the pod is in the unschedulable queue, updating it may make it schedulable.
-	if usPod := p.unschedulableQ.Get(newPod); usPod != nil {
+	if usPod := p.unschedulableQ.get(newPod); usPod != nil {
 		p.updateNominatedPod(oldPod, newPod)
 		if isPodUpdated(oldPod, newPod) {
-			p.unschedulableQ.Delete(usPod)
+			p.unschedulableQ.delete(usPod)
 			err := p.activeQ.Add(newPod)
 			if err == nil {
 				p.cond.Broadcast()
 			}
 			return err
 		}
-		p.unschedulableQ.Update(newPod)
+		p.unschedulableQ.addOrUpdate(newPod)
 		return nil
 	}
 	// If pod is not in any of the two queue, we put it in the active queue.
@@ -377,10 +368,10 @@ func (p *PriorityQueue) Delete(pod *v1.Pod) error {
 	p.lock.Lock()
 	defer p.lock.Unlock()
 	p.deleteNominatedPodIfExists(pod)
-	if _, exists, _ := p.activeQ.Get(pod); exists {
-		return p.activeQ.Delete(pod)
+	err := p.activeQ.Delete(pod)
+	if err != nil { // The item was probably not found in the activeQ.
+		p.unschedulableQ.delete(pod)
 	}
-	p.unschedulableQ.Delete(pod)
 	return nil
 }
 
@@ -407,12 +398,12 @@ func (p *PriorityQueue) AssignedPodUpdated(pod *v1.Pod) {
 func (p *PriorityQueue) MoveAllToActiveQueue() {
 	p.lock.Lock()
 	defer p.lock.Unlock()
-	var unschedulablePods []interface{}
 	for _, pod := range p.unschedulableQ.pods {
-		unschedulablePods = append(unschedulablePods, pod)
+		if err := p.activeQ.Add(pod); err != nil {
+			glog.Errorf("Error adding pod %v to the scheduling queue: %v", pod.Name, err)
+		}
 	}
-	p.activeQ.BulkAdd(unschedulablePods)
-	p.unschedulableQ.Clear()
+	p.unschedulableQ.clear()
 	p.receivedMoveRequest = true
 	p.cond.Broadcast()
 }
@@ -421,8 +412,11 @@ func (p *PriorityQueue) movePodsToActiveQueue(pods []*v1.Pod) {
 	p.lock.Lock()
 	defer p.lock.Unlock()
 	for _, pod := range pods {
-		p.activeQ.Add(pod)
-		p.unschedulableQ.Delete(pod)
+		if err := p.activeQ.Add(pod); err == nil {
+			p.unschedulableQ.delete(pod)
+		} else {
+			glog.Errorf("Error adding pod %v to the scheduling queue: %v", pod.Name, err)
+		}
 	}
 	p.receivedMoveRequest = true
 	p.cond.Broadcast()
@@ -433,7 +427,7 @@ func (p *PriorityQueue) movePodsToActiveQueue(pods []*v1.Pod) {
 func (p *PriorityQueue) getUnschedulablePodsWithMatchingAffinityTerm(pod *v1.Pod) []*v1.Pod {
 	p.lock.RLock()
 	defer p.lock.RUnlock()
-	podsToMove := []*v1.Pod{}
+	var podsToMove []*v1.Pod
 	for _, up := range p.unschedulableQ.pods {
 		affinity := up.Spec.Affinity
 		if affinity != nil && affinity.PodAffinity != nil {
@@ -446,6 +440,7 @@ func (p *PriorityQueue) getUnschedulablePodsWithMatchingAffinityTerm(pod *v1.Pod
 				}
 				if priorityutil.PodMatchesTermsNamespaceAndSelector(pod, namespaces, selector) {
 					podsToMove = append(podsToMove, up)
+					break
 				}
 			}
 		}
@@ -473,38 +468,19 @@ type UnschedulablePodsMap struct {
 	keyFunc func(*v1.Pod) string
 }
 
-var _ = UnschedulablePods(&UnschedulablePodsMap{})
-
 // Add adds a pod to the unschedulable pods.
-func (u *UnschedulablePodsMap) Add(pod *v1.Pod) {
-	podKey := u.keyFunc(pod)
-	if _, exists := u.pods[podKey]; !exists {
-		u.pods[podKey] = pod
-	}
+func (u *UnschedulablePodsMap) addOrUpdate(pod *v1.Pod) {
+	u.pods[u.keyFunc(pod)] = pod
 }
 
 // Delete deletes a pod from the unschedulable pods.
-func (u *UnschedulablePodsMap) Delete(pod *v1.Pod) {
-	podKey := u.keyFunc(pod)
-	if _, exists := u.pods[podKey]; exists {
-		delete(u.pods, podKey)
-	}
-}
-
-// Update updates a pod in the unschedulable pods.
-func (u *UnschedulablePodsMap) Update(pod *v1.Pod) {
-	podKey := u.keyFunc(pod)
-	_, exists := u.pods[podKey]
-	if !exists {
-		u.Add(pod)
-		return
-	}
-	u.pods[podKey] = pod
+func (u *UnschedulablePodsMap) delete(pod *v1.Pod) {
+	delete(u.pods, u.keyFunc(pod))
 }
 
 // Get returns the pod if a pod with the same key as the key of the given "pod"
 // is found in the map. It returns nil otherwise.
-func (u *UnschedulablePodsMap) Get(pod *v1.Pod) *v1.Pod {
+func (u *UnschedulablePodsMap) get(pod *v1.Pod) *v1.Pod {
 	podKey := u.keyFunc(pod)
 	if p, exists := u.pods[podKey]; exists {
 		return p
@@ -513,7 +489,7 @@ func (u *UnschedulablePodsMap) Get(pod *v1.Pod) *v1.Pod {
 }
 
 // Clear removes all the entries from the unschedulable maps.
-func (u *UnschedulablePodsMap) Clear() {
+func (u *UnschedulablePodsMap) clear() {
 	u.pods = make(map[string]*v1.Pod)
 }
 
@@ -529,7 +505,10 @@ func newUnschedulablePodsMap() *UnschedulablePodsMap {
 // as cache.heap, however, this heap does not perform synchronization. It leaves
 // synchronization to the SchedulingQueue.
 
+// LessFunc is a function type to compare two objects.
 type LessFunc func(interface{}, interface{}) bool
+
+// KeyFunc is a function type to get the key from an object.
 type KeyFunc func(obj interface{}) (string, error)
 
 type heapItem struct {
@@ -615,7 +594,7 @@ func (h *heapData) Pop() interface{} {
 	return item.obj
 }
 
-// Heap is a thread-safe producer/consumer queue that implements a heap data structure.
+// Heap is a producer/consumer queue that implements a heap data structure.
 // It can be used to implement priority queues and similar data structures.
 type Heap struct {
 	// data stores objects and has a queue that keeps their ordering according
@@ -639,23 +618,6 @@ func (h *Heap) Add(obj interface{}) error {
 	return nil
 }
 
-// BulkAdd adds all the items in the list to the queue.
-func (h *Heap) BulkAdd(list []interface{}) error {
-	for _, obj := range list {
-		key, err := h.data.keyFunc(obj)
-		if err != nil {
-			return cache.KeyError{Obj: obj, Err: err}
-		}
-		if _, exists := h.data.items[key]; exists {
-			h.data.items[key].obj = obj
-			heap.Fix(h.data, h.data.items[key].index)
-		} else {
-			heap.Push(h.data, &itemKeyValue{key, obj})
-		}
-	}
-	return nil
-}
-
 // AddIfNotPresent inserts an item, and puts it in the queue. If an item with
 // the key is present in the map, no changes is made to the item.
 func (h *Heap) AddIfNotPresent(obj interface{}) error {
@@ -693,9 +655,8 @@ func (h *Heap) Pop() (interface{}, error) {
 	obj := heap.Pop(h.data)
 	if obj != nil {
 		return obj, nil
-	} else {
-		return nil, fmt.Errorf("object was removed from heap data")
 	}
+	return nil, fmt.Errorf("object was removed from heap data")
 }
 
 // Get returns the requested item, or sets exists=false.
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/factory/BUILD b/vendor/k8s.io/kubernetes/pkg/scheduler/factory/BUILD
similarity index 70%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/factory/BUILD
rename to vendor/k8s.io/kubernetes/pkg/scheduler/factory/BUILD
index c4fe5102bb55..a4c87066f6a3 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/factory/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/factory/BUILD
@@ -12,28 +12,28 @@ go_library(
         "factory.go",
         "plugins.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/factory",
+    importpath = "k8s.io/kubernetes/pkg/scheduler/factory",
     deps = [
         "//pkg/api/v1/pod:go_default_library",
         "//pkg/apis/core/helper:go_default_library",
+        "//pkg/apis/core/v1/helper:go_default_library",
         "//pkg/features:go_default_library",
         "//pkg/kubelet/apis:go_default_library",
-        "//plugin/pkg/scheduler:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/predicates:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/priorities:go_default_library",
-        "//plugin/pkg/scheduler/api:go_default_library",
-        "//plugin/pkg/scheduler/api/validation:go_default_library",
-        "//plugin/pkg/scheduler/core:go_default_library",
-        "//plugin/pkg/scheduler/schedulercache:go_default_library",
-        "//plugin/pkg/scheduler/util:go_default_library",
-        "//plugin/pkg/scheduler/volumebinder:go_default_library",
+        "//pkg/scheduler:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
+        "//pkg/scheduler/algorithm/predicates:go_default_library",
+        "//pkg/scheduler/algorithm/priorities:go_default_library",
+        "//pkg/scheduler/api:go_default_library",
+        "//pkg/scheduler/api/validation:go_default_library",
+        "//pkg/scheduler/core:go_default_library",
+        "//pkg/scheduler/schedulercache:go_default_library",
+        "//pkg/scheduler/util:go_default_library",
+        "//pkg/scheduler/volumebinder:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/api/policy/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/fields:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
@@ -62,21 +62,22 @@ go_test(
         "factory_test.go",
         "plugins_test.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/factory",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/api/testing:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
-        "//plugin/pkg/scheduler/api:go_default_library",
-        "//plugin/pkg/scheduler/api/latest:go_default_library",
-        "//plugin/pkg/scheduler/core:go_default_library",
-        "//plugin/pkg/scheduler/schedulercache:go_default_library",
-        "//plugin/pkg/scheduler/testing:go_default_library",
-        "//plugin/pkg/scheduler/util:go_default_library",
+        "//pkg/scheduler:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
+        "//pkg/scheduler/api:go_default_library",
+        "//pkg/scheduler/api/latest:go_default_library",
+        "//pkg/scheduler/core:go_default_library",
+        "//pkg/scheduler/schedulercache:go_default_library",
+        "//pkg/scheduler/testing:go_default_library",
+        "//pkg/scheduler/util:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/client-go/informers:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
         "//vendor/k8s.io/client-go/rest:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/factory/factory.go b/vendor/k8s.io/kubernetes/pkg/scheduler/factory/factory.go
similarity index 74%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/factory/factory.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/factory/factory.go
index 59df935e6ea7..407d5b85c126 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/factory/factory.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/factory/factory.go
@@ -15,11 +15,10 @@ limitations under the License.
 */
 
 // Package factory can set up a scheduler. This code is here instead of
-// plugin/cmd/scheduler for both testability and reuse.
+// cmd/scheduler for both testability and reuse.
 package factory
 
 import (
-	"encoding/json"
 	"fmt"
 	"reflect"
 	"time"
@@ -30,7 +29,6 @@ import (
 	"k8s.io/api/policy/v1beta1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/apimachinery/pkg/fields"
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/runtime/schema"
@@ -52,17 +50,18 @@ import (
 	"k8s.io/client-go/tools/cache"
 	podutil "k8s.io/kubernetes/pkg/api/v1/pod"
 	"k8s.io/kubernetes/pkg/apis/core/helper"
+	v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
 	"k8s.io/kubernetes/pkg/features"
 	kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis"
-	"k8s.io/kubernetes/plugin/pkg/scheduler"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/api/validation"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/core"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/util"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/volumebinder"
+	"k8s.io/kubernetes/pkg/scheduler"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm/predicates"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/api/validation"
+	"k8s.io/kubernetes/pkg/scheduler/core"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
+	"k8s.io/kubernetes/pkg/scheduler/util"
+	"k8s.io/kubernetes/pkg/scheduler/volumebinder"
 )
 
 const (
@@ -71,11 +70,11 @@ const (
 )
 
 var (
-	serviceAffinitySet            = sets.NewString("ServiceAffinity")
-	matchInterPodAffinitySet      = sets.NewString("MatchInterPodAffinity")
-	generalPredicatesSets         = sets.NewString("GeneralPredicates")
-	noDiskConflictSet             = sets.NewString("NoDiskConflict")
-	maxPDVolumeCountPredicateKeys = []string{"MaxGCEPDVolumeCount", "MaxAzureDiskVolumeCount", "MaxEBSVolumeCount"}
+	serviceAffinitySet            = sets.NewString(predicates.CheckServiceAffinityPred)
+	matchInterPodAffinitySet      = sets.NewString(predicates.MatchInterPodAffinityPred)
+	generalPredicatesSets         = sets.NewString(predicates.GeneralPred)
+	noDiskConflictSet             = sets.NewString(predicates.NoDiskConflictPred)
+	maxPDVolumeCountPredicateKeys = []string{predicates.MaxGCEPDVolumeCountPred, predicates.MaxAzureDiskVolumeCountPred, predicates.MaxEBSVolumeCountPred}
 )
 
 // configFactory is the default implementation of the scheduler.Configurator interface.
@@ -130,6 +129,9 @@ type configFactory struct {
 
 	// Handles volume binding decisions
 	volumeBinder *volumebinder.VolumeBinder
+
+	// always check all predicates even if the middle of one predicate fails.
+	alwaysCheckAllPredicates bool
 }
 
 // NewConfigFactory initializes the default implementation of a Configurator To encourage eventual privatization of the struct type, we only
@@ -186,6 +188,12 @@ func NewConfigFactory(
 				switch t := obj.(type) {
 				case *v1.Pod:
 					return assignedNonTerminatedPod(t)
+				case cache.DeletedFinalStateUnknown:
+					if pod, ok := t.Obj.(*v1.Pod); ok {
+						return assignedNonTerminatedPod(pod)
+					}
+					runtime.HandleError(fmt.Errorf("unable to convert object %T to *v1.Pod in %T", obj, c))
+					return false
 				default:
 					runtime.HandleError(fmt.Errorf("unable to handle object in %T: %T", c, obj))
 					return false
@@ -205,36 +213,21 @@ func NewConfigFactory(
 				switch t := obj.(type) {
 				case *v1.Pod:
 					return unassignedNonTerminatedPod(t)
+				case cache.DeletedFinalStateUnknown:
+					if pod, ok := t.Obj.(*v1.Pod); ok {
+						return unassignedNonTerminatedPod(pod)
+					}
+					runtime.HandleError(fmt.Errorf("unable to convert object %T to *v1.Pod in %T", obj, c))
+					return false
 				default:
 					runtime.HandleError(fmt.Errorf("unable to handle object in %T: %T", c, obj))
 					return false
 				}
 			},
 			Handler: cache.ResourceEventHandlerFuncs{
-				AddFunc: func(obj interface{}) {
-					if err := c.podQueue.Add(obj.(*v1.Pod)); err != nil {
-						runtime.HandleError(fmt.Errorf("unable to queue %T: %v", obj, err))
-					}
-				},
-				UpdateFunc: func(oldObj, newObj interface{}) {
-					pod := newObj.(*v1.Pod)
-					if c.skipPodUpdate(pod) {
-						return
-					}
-					if err := c.podQueue.Update(oldObj.(*v1.Pod), pod); err != nil {
-						runtime.HandleError(fmt.Errorf("unable to update %T: %v", newObj, err))
-					}
-				},
-				DeleteFunc: func(obj interface{}) {
-					pod := obj.(*v1.Pod)
-					if err := c.podQueue.Delete(pod); err != nil {
-						runtime.HandleError(fmt.Errorf("unable to dequeue %T: %v", obj, err))
-					}
-					if c.volumeBinder != nil {
-						// Volume binder only wants to keep unassigned pods
-						c.volumeBinder.DeletePodBindings(pod)
-					}
-				},
+				AddFunc:    c.addPodToSchedulingQueue,
+				UpdateFunc: c.updatePodInSchedulingQueue,
+				DeleteFunc: c.deletePodFromSchedulingQueue,
 			},
 		},
 	)
@@ -266,6 +259,7 @@ func NewConfigFactory(
 		cache.ResourceEventHandlerFuncs{
 			// MaxPDVolumeCountPredicate: since it relies on the counts of PV.
 			AddFunc:    c.onPvAdd,
+			UpdateFunc: c.onPvUpdate,
 			DeleteFunc: c.onPvDelete,
 		},
 	)
@@ -362,6 +356,56 @@ func (c *configFactory) onPvAdd(obj interface{}) {
 	}
 }
 
+func (c *configFactory) onPvUpdate(old, new interface{}) {
+	if c.enableEquivalenceClassCache {
+		newPV, ok := new.(*v1.PersistentVolume)
+		if !ok {
+			glog.Errorf("cannot convert to *v1.PersistentVolume: %v", new)
+			return
+		}
+		oldPV, ok := old.(*v1.PersistentVolume)
+		if !ok {
+			glog.Errorf("cannot convert to *v1.PersistentVolume: %v", old)
+			return
+		}
+		c.invalidatePredicatesForPvUpdate(oldPV, newPV)
+	}
+}
+
+func (c *configFactory) invalidatePredicatesForPvUpdate(oldPV, newPV *v1.PersistentVolume) {
+	invalidPredicates := sets.NewString()
+	for k, v := range newPV.Labels {
+		// If PV update modifies the zone/region labels.
+		if isZoneRegionLabel(k) && !reflect.DeepEqual(v, oldPV.Labels[k]) {
+			invalidPredicates.Insert(predicates.NoVolumeZoneConflictPred)
+			break
+		}
+	}
+	if utilfeature.DefaultFeatureGate.Enabled(features.VolumeScheduling) {
+		oldAffinity, err := v1helper.GetStorageNodeAffinityFromAnnotation(oldPV.Annotations)
+		if err != nil {
+			glog.Errorf("cannot get node affinity fo *v1.PersistentVolume: %v", oldPV)
+			return
+		}
+		newAffinity, err := v1helper.GetStorageNodeAffinityFromAnnotation(newPV.Annotations)
+		if err != nil {
+			glog.Errorf("cannot get node affinity fo *v1.PersistentVolume: %v", newPV)
+			return
+		}
+
+		// If node affinity of PV is changed.
+		if !reflect.DeepEqual(oldAffinity, newAffinity) {
+			invalidPredicates.Insert(predicates.CheckVolumeBindingPred)
+		}
+	}
+	c.equivalencePodCache.InvalidateCachedPredicateItemOfAllNodes(invalidPredicates)
+}
+
+// isZoneRegionLabel check if given key of label is zone or region label.
+func isZoneRegionLabel(k string) bool {
+	return k == kubeletapis.LabelZoneFailureDomain || k == kubeletapis.LabelZoneRegion
+}
+
 func (c *configFactory) onPvDelete(obj interface{}) {
 	if c.enableEquivalenceClassCache {
 		var pv *v1.PersistentVolume
@@ -390,26 +434,26 @@ func (c *configFactory) invalidatePredicatesForPv(pv *v1.PersistentVolume) {
 
 	// PV types which impact MaxPDVolumeCountPredicate
 	if pv.Spec.AWSElasticBlockStore != nil {
-		invalidPredicates.Insert("MaxEBSVolumeCount")
+		invalidPredicates.Insert(predicates.MaxEBSVolumeCountPred)
 	}
 	if pv.Spec.GCEPersistentDisk != nil {
-		invalidPredicates.Insert("MaxGCEPDVolumeCount")
+		invalidPredicates.Insert(predicates.MaxGCEPDVolumeCountPred)
 	}
 	if pv.Spec.AzureDisk != nil {
-		invalidPredicates.Insert("MaxAzureDiskVolumeCount")
+		invalidPredicates.Insert(predicates.MaxAzureDiskVolumeCountPred)
 	}
 
 	// If PV contains zone related label, it may impact cached NoVolumeZoneConflict
-	for k := range pv.ObjectMeta.Labels {
-		if k == kubeletapis.LabelZoneFailureDomain || k == kubeletapis.LabelZoneRegion {
-			invalidPredicates.Insert("NoVolumeZoneConflict")
+	for k := range pv.Labels {
+		if isZoneRegionLabel(k) {
+			invalidPredicates.Insert(predicates.NoVolumeZoneConflictPred)
 			break
 		}
 	}
 
 	if utilfeature.DefaultFeatureGate.Enabled(features.VolumeScheduling) {
 		// Add/delete impacts the available PVs to choose from
-		invalidPredicates.Insert(predicates.CheckVolumeBinding)
+		invalidPredicates.Insert(predicates.CheckVolumeBindingPred)
 	}
 
 	c.equivalencePodCache.InvalidateCachedPredicateItemOfAllNodes(invalidPredicates)
@@ -476,11 +520,11 @@ func (c *configFactory) invalidatePredicatesForPvc(pvc *v1.PersistentVolumeClaim
 	invalidPredicates := sets.NewString(maxPDVolumeCountPredicateKeys...)
 
 	// The bound volume's label may change
-	invalidPredicates.Insert("NoVolumeZoneConflict")
+	invalidPredicates.Insert(predicates.NoVolumeZoneConflictPred)
 
 	if utilfeature.DefaultFeatureGate.Enabled(features.VolumeScheduling) {
 		// Add/delete impacts the available PVs to choose from
-		invalidPredicates.Insert(predicates.CheckVolumeBinding)
+		invalidPredicates.Insert(predicates.CheckVolumeBindingPred)
 	}
 	c.equivalencePodCache.InvalidateCachedPredicateItemOfAllNodes(invalidPredicates)
 }
@@ -491,12 +535,10 @@ func (c *configFactory) invalidatePredicatesForPvcUpdate(old, new *v1.Persistent
 	if old.Spec.VolumeName != new.Spec.VolumeName {
 		if utilfeature.DefaultFeatureGate.Enabled(features.VolumeScheduling) {
 			// PVC volume binding has changed
-			invalidPredicates.Insert(predicates.CheckVolumeBinding)
+			invalidPredicates.Insert(predicates.CheckVolumeBindingPred)
 		}
 		// The bound volume type may change
 		invalidPredicates.Insert(maxPDVolumeCountPredicateKeys...)
-		// The bound volume's label may change
-		invalidPredicates.Insert("NoVolumeZoneConflict")
 	}
 
 	c.equivalencePodCache.InvalidateCachedPredicateItemOfAllNodes(invalidPredicates)
@@ -537,13 +579,13 @@ func (c *configFactory) GetHardPodAffinitySymmetricWeight() int32 {
 	return c.hardPodAffinitySymmetricWeight
 }
 
-func (f *configFactory) GetSchedulerName() string {
-	return f.schedulerName
+func (c *configFactory) GetSchedulerName() string {
+	return c.schedulerName
 }
 
 // GetClient provides a kubernetes client, mostly internal use, but may also be called by mock-tests.
-func (f *configFactory) GetClient() clientset.Interface {
-	return f.client
+func (c *configFactory) GetClient() clientset.Interface {
+	return c.client
 }
 
 // GetScheduledPodListerIndexer provides a pod lister, mostly internal use, but may also be called by mock-tests.
@@ -565,7 +607,7 @@ func (c *configFactory) addPodToCache(obj interface{}) {
 	c.podQueue.AssignedPodAdded(pod)
 
 	// NOTE: Updating equivalence cache of addPodToCache has been
-	// handled optimistically in: plugin/pkg/scheduler/scheduler.go#assume()
+	// handled optimistically in: pkg/scheduler/scheduler.go#assume()
 }
 
 func (c *configFactory) updatePodInCache(oldObj, newObj interface{}) {
@@ -588,6 +630,47 @@ func (c *configFactory) updatePodInCache(oldObj, newObj interface{}) {
 	c.podQueue.AssignedPodUpdated(newPod)
 }
 
+func (c *configFactory) addPodToSchedulingQueue(obj interface{}) {
+	if err := c.podQueue.Add(obj.(*v1.Pod)); err != nil {
+		runtime.HandleError(fmt.Errorf("unable to queue %T: %v", obj, err))
+	}
+}
+
+func (c *configFactory) updatePodInSchedulingQueue(oldObj, newObj interface{}) {
+	pod := newObj.(*v1.Pod)
+	if c.skipPodUpdate(pod) {
+		return
+	}
+	if err := c.podQueue.Update(oldObj.(*v1.Pod), pod); err != nil {
+		runtime.HandleError(fmt.Errorf("unable to update %T: %v", newObj, err))
+	}
+}
+
+func (c *configFactory) deletePodFromSchedulingQueue(obj interface{}) {
+	var pod *v1.Pod
+	switch t := obj.(type) {
+	case *v1.Pod:
+		pod = obj.(*v1.Pod)
+	case cache.DeletedFinalStateUnknown:
+		var ok bool
+		pod, ok = t.Obj.(*v1.Pod)
+		if !ok {
+			runtime.HandleError(fmt.Errorf("unable to convert object %T to *v1.Pod in %T", obj, c))
+			return
+		}
+	default:
+		runtime.HandleError(fmt.Errorf("unable to handle object in %T: %T", c, obj))
+		return
+	}
+	if err := c.podQueue.Delete(pod); err != nil {
+		runtime.HandleError(fmt.Errorf("unable to dequeue %T: %v", obj, err))
+	}
+	if c.volumeBinder != nil {
+		// Volume binder only wants to keep unassigned pods
+		c.volumeBinder.DeletePodBindings(pod)
+	}
+}
+
 func (c *configFactory) invalidateCachedPredicatesOnUpdatePod(newPod *v1.Pod, oldPod *v1.Pod) {
 	if c.enableEquivalenceClassCache {
 		// if the pod does not have bound node, updating equivalence cache is meaningless;
@@ -696,19 +779,19 @@ func (c *configFactory) invalidateCachedPredicatesOnNodeUpdate(newNode *v1.Node,
 		invalidPredicates := sets.NewString()
 
 		if !reflect.DeepEqual(oldNode.Status.Allocatable, newNode.Status.Allocatable) {
-			invalidPredicates.Insert("GeneralPredicates") // "PodFitsResources"
+			invalidPredicates.Insert(predicates.GeneralPred) // "PodFitsResources"
 		}
 		if !reflect.DeepEqual(oldNode.GetLabels(), newNode.GetLabels()) {
-			invalidPredicates.Insert("GeneralPredicates", "ServiceAffinity") // "PodSelectorMatches"
+			invalidPredicates.Insert(predicates.GeneralPred, predicates.CheckServiceAffinityPred) // "PodSelectorMatches"
 			for k, v := range oldNode.GetLabels() {
 				// any label can be topology key of pod, we have to invalidate in all cases
 				if v != newNode.GetLabels()[k] {
-					invalidPredicates.Insert("MatchInterPodAffinity")
+					invalidPredicates.Insert(predicates.MatchInterPodAffinityPred)
 				}
 				// NoVolumeZoneConflict will only be affected by zone related label change
-				if k == kubeletapis.LabelZoneFailureDomain || k == kubeletapis.LabelZoneRegion {
+				if isZoneRegionLabel(k) {
 					if v != newNode.GetLabels()[k] {
-						invalidPredicates.Insert("NoVolumeZoneConflict")
+						invalidPredicates.Insert(predicates.NoVolumeZoneConflictPred)
 					}
 				}
 			}
@@ -724,7 +807,7 @@ func (c *configFactory) invalidateCachedPredicatesOnNodeUpdate(newNode *v1.Node,
 		}
 		if !reflect.DeepEqual(oldTaints, newTaints) ||
 			!reflect.DeepEqual(oldNode.Spec.Taints, newNode.Spec.Taints) {
-			invalidPredicates.Insert("PodToleratesNodeTaints")
+			invalidPredicates.Insert(predicates.PodToleratesNodeTaintsPred)
 		}
 
 		if !reflect.DeepEqual(oldNode.Status.Conditions, newNode.Status.Conditions) {
@@ -737,18 +820,20 @@ func (c *configFactory) invalidateCachedPredicatesOnNodeUpdate(newNode *v1.Node,
 				newConditions[cond.Type] = cond.Status
 			}
 			if oldConditions[v1.NodeMemoryPressure] != newConditions[v1.NodeMemoryPressure] {
-				invalidPredicates.Insert("CheckNodeMemoryPressure")
+				invalidPredicates.Insert(predicates.CheckNodeMemoryPressurePred)
 			}
 			if oldConditions[v1.NodeDiskPressure] != newConditions[v1.NodeDiskPressure] {
-				invalidPredicates.Insert("CheckNodeDiskPressure")
+				invalidPredicates.Insert(predicates.CheckNodeDiskPressurePred)
 			}
 			if oldConditions[v1.NodeReady] != newConditions[v1.NodeReady] ||
 				oldConditions[v1.NodeOutOfDisk] != newConditions[v1.NodeOutOfDisk] ||
-				oldConditions[v1.NodeNetworkUnavailable] != newConditions[v1.NodeNetworkUnavailable] ||
-				newNode.Spec.Unschedulable != oldNode.Spec.Unschedulable {
-				invalidPredicates.Insert("CheckNodeCondition")
+				oldConditions[v1.NodeNetworkUnavailable] != newConditions[v1.NodeNetworkUnavailable] {
+				invalidPredicates.Insert(predicates.CheckNodeConditionPred)
 			}
 		}
+		if newNode.Spec.Unschedulable != oldNode.Spec.Unschedulable {
+			invalidPredicates.Insert(predicates.CheckNodeConditionPred)
+		}
 		c.equivalencePodCache.InvalidateCachedPredicateItem(newNode.GetName(), invalidPredicates)
 	}
 }
@@ -828,23 +913,23 @@ func (c *configFactory) deletePDBFromCache(obj interface{}) {
 }
 
 // Create creates a scheduler with the default algorithm provider.
-func (f *configFactory) Create() (*scheduler.Config, error) {
-	return f.CreateFromProvider(DefaultProvider)
+func (c *configFactory) Create() (*scheduler.Config, error) {
+	return c.CreateFromProvider(DefaultProvider)
 }
 
 // Creates a scheduler from the name of a registered algorithm provider.
-func (f *configFactory) CreateFromProvider(providerName string) (*scheduler.Config, error) {
+func (c *configFactory) CreateFromProvider(providerName string) (*scheduler.Config, error) {
 	glog.V(2).Infof("Creating scheduler from algorithm provider '%v'", providerName)
 	provider, err := GetAlgorithmProvider(providerName)
 	if err != nil {
 		return nil, err
 	}
 
-	return f.CreateFromKeys(provider.FitPredicateKeys, provider.PriorityFunctionKeys, []algorithm.SchedulerExtender{})
+	return c.CreateFromKeys(provider.FitPredicateKeys, provider.PriorityFunctionKeys, []algorithm.SchedulerExtender{})
 }
 
 // Creates a scheduler from the configuration file
-func (f *configFactory) CreateFromConfig(policy schedulerapi.Policy) (*scheduler.Config, error) {
+func (c *configFactory) CreateFromConfig(policy schedulerapi.Policy) (*scheduler.Config, error) {
 	glog.V(2).Infof("Creating scheduler from configuration: %v", policy)
 
 	// validate the policy configuration
@@ -853,107 +938,146 @@ func (f *configFactory) CreateFromConfig(policy schedulerapi.Policy) (*scheduler
 	}
 
 	predicateKeys := sets.NewString()
-	for _, predicate := range policy.Predicates {
-		glog.V(2).Infof("Registering predicate: %s", predicate.Name)
-		predicateKeys.Insert(RegisterCustomFitPredicate(predicate))
+	if policy.Predicates == nil {
+		glog.V(2).Infof("Using predicates from algorithm provider '%v'", DefaultProvider)
+		provider, err := GetAlgorithmProvider(DefaultProvider)
+		if err != nil {
+			return nil, err
+		}
+		predicateKeys = provider.FitPredicateKeys
+	} else {
+		for _, predicate := range policy.Predicates {
+			glog.V(2).Infof("Registering predicate: %s", predicate.Name)
+			predicateKeys.Insert(RegisterCustomFitPredicate(predicate))
+		}
 	}
 
 	priorityKeys := sets.NewString()
-	for _, priority := range policy.Priorities {
-		glog.V(2).Infof("Registering priority: %s", priority.Name)
-		priorityKeys.Insert(RegisterCustomPriorityFunction(priority))
+	if policy.Priorities == nil {
+		glog.V(2).Infof("Using priorities from algorithm provider '%v'", DefaultProvider)
+		provider, err := GetAlgorithmProvider(DefaultProvider)
+		if err != nil {
+			return nil, err
+		}
+		priorityKeys = provider.PriorityFunctionKeys
+	} else {
+		for _, priority := range policy.Priorities {
+			glog.V(2).Infof("Registering priority: %s", priority.Name)
+			priorityKeys.Insert(RegisterCustomPriorityFunction(priority))
+		}
 	}
 
 	extenders := make([]algorithm.SchedulerExtender, 0)
 	if len(policy.ExtenderConfigs) != 0 {
+		ignoredExtendedResources := sets.NewString()
 		for ii := range policy.ExtenderConfigs {
 			glog.V(2).Infof("Creating extender with config %+v", policy.ExtenderConfigs[ii])
-			if extender, err := core.NewHTTPExtender(&policy.ExtenderConfigs[ii]); err != nil {
+			extender, err := core.NewHTTPExtender(&policy.ExtenderConfigs[ii])
+			if err != nil {
 				return nil, err
-			} else {
-				extenders = append(extenders, extender)
+			}
+			extenders = append(extenders, extender)
+			for _, r := range policy.ExtenderConfigs[ii].ManagedResources {
+				if r.IgnoredByScheduler {
+					ignoredExtendedResources.Insert(string(r.Name))
+				}
 			}
 		}
+		predicates.RegisterPredicateMetadataProducerWithExtendedResourceOptions(ignoredExtendedResources)
 	}
 	// Providing HardPodAffinitySymmetricWeight in the policy config is the new and preferred way of providing the value.
 	// Give it higher precedence than scheduler CLI configuration when it is provided.
 	if policy.HardPodAffinitySymmetricWeight != 0 {
-		f.hardPodAffinitySymmetricWeight = policy.HardPodAffinitySymmetricWeight
+		c.hardPodAffinitySymmetricWeight = policy.HardPodAffinitySymmetricWeight
+	}
+	// When AlwaysCheckAllPredicates is set to true, scheduler checks all the configured
+	// predicates even after one or more of them fails.
+	if policy.AlwaysCheckAllPredicates {
+		c.alwaysCheckAllPredicates = policy.AlwaysCheckAllPredicates
 	}
-	return f.CreateFromKeys(predicateKeys, priorityKeys, extenders)
+
+	return c.CreateFromKeys(predicateKeys, priorityKeys, extenders)
 }
 
-// getBinder returns an extender that supports bind or a default binder.
-func (f *configFactory) getBinder(extenders []algorithm.SchedulerExtender) scheduler.Binder {
+// getBinderFunc returns an func which returns an extender that supports bind or a default binder based on the given pod.
+func (c *configFactory) getBinderFunc(extenders []algorithm.SchedulerExtender) func(pod *v1.Pod) scheduler.Binder {
+	var extenderBinder algorithm.SchedulerExtender
 	for i := range extenders {
 		if extenders[i].IsBinder() {
-			return extenders[i]
+			extenderBinder = extenders[i]
+			break
+		}
+	}
+	defaultBinder := &binder{c.client}
+	return func(pod *v1.Pod) scheduler.Binder {
+		if extenderBinder != nil && extenderBinder.IsInterested(pod) {
+			return extenderBinder
 		}
+		return defaultBinder
 	}
-	return &binder{f.client}
 }
 
 // Creates a scheduler from a set of registered fit predicate keys and priority keys.
-func (f *configFactory) CreateFromKeys(predicateKeys, priorityKeys sets.String, extenders []algorithm.SchedulerExtender) (*scheduler.Config, error) {
+func (c *configFactory) CreateFromKeys(predicateKeys, priorityKeys sets.String, extenders []algorithm.SchedulerExtender) (*scheduler.Config, error) {
 	glog.V(2).Infof("Creating scheduler with fit predicates '%v' and priority functions '%v'", predicateKeys, priorityKeys)
 
-	if f.GetHardPodAffinitySymmetricWeight() < 1 || f.GetHardPodAffinitySymmetricWeight() > 100 {
-		return nil, fmt.Errorf("invalid hardPodAffinitySymmetricWeight: %d, must be in the range 1-100", f.GetHardPodAffinitySymmetricWeight())
+	if c.GetHardPodAffinitySymmetricWeight() < 1 || c.GetHardPodAffinitySymmetricWeight() > 100 {
+		return nil, fmt.Errorf("invalid hardPodAffinitySymmetricWeight: %d, must be in the range 1-100", c.GetHardPodAffinitySymmetricWeight())
 	}
 
-	predicateFuncs, err := f.GetPredicates(predicateKeys)
+	predicateFuncs, err := c.GetPredicates(predicateKeys)
 	if err != nil {
 		return nil, err
 	}
 
-	priorityConfigs, err := f.GetPriorityFunctionConfigs(priorityKeys)
+	priorityConfigs, err := c.GetPriorityFunctionConfigs(priorityKeys)
 	if err != nil {
 		return nil, err
 	}
 
-	priorityMetaProducer, err := f.GetPriorityMetadataProducer()
+	priorityMetaProducer, err := c.GetPriorityMetadataProducer()
 	if err != nil {
 		return nil, err
 	}
 
-	predicateMetaProducer, err := f.GetPredicateMetadataProducer()
+	predicateMetaProducer, err := c.GetPredicateMetadataProducer()
 	if err != nil {
 		return nil, err
 	}
 
 	// Init equivalence class cache
-	if f.enableEquivalenceClassCache && getEquivalencePodFuncFactory != nil {
-		pluginArgs, err := f.getPluginArgs()
+	if c.enableEquivalenceClassCache && getEquivalencePodFuncFactory != nil {
+		pluginArgs, err := c.getPluginArgs()
 		if err != nil {
 			return nil, err
 		}
-		f.equivalencePodCache = core.NewEquivalenceCache(
+		c.equivalencePodCache = core.NewEquivalenceCache(
 			getEquivalencePodFuncFactory(*pluginArgs),
 		)
 		glog.Info("Created equivalence class cache")
 	}
 
-	algo := core.NewGenericScheduler(f.schedulerCache, f.equivalencePodCache, f.podQueue, predicateFuncs, predicateMetaProducer, priorityConfigs, priorityMetaProducer, extenders, f.volumeBinder)
+	algo := core.NewGenericScheduler(c.schedulerCache, c.equivalencePodCache, c.podQueue, predicateFuncs, predicateMetaProducer, priorityConfigs, priorityMetaProducer, extenders, c.volumeBinder, c.pVCLister, c.alwaysCheckAllPredicates)
 
 	podBackoff := util.CreateDefaultPodBackoff()
 	return &scheduler.Config{
-		SchedulerCache: f.schedulerCache,
-		Ecache:         f.equivalencePodCache,
+		SchedulerCache: c.schedulerCache,
+		Ecache:         c.equivalencePodCache,
 		// The scheduler only needs to consider schedulable nodes.
-		NodeLister:          &nodeLister{f.nodeLister},
+		NodeLister:          &nodeLister{c.nodeLister},
 		Algorithm:           algo,
-		Binder:              f.getBinder(extenders),
-		PodConditionUpdater: &podConditionUpdater{f.client},
-		PodPreemptor:        &podPreemptor{f.client},
+		GetBinder:           c.getBinderFunc(extenders),
+		PodConditionUpdater: &podConditionUpdater{c.client},
+		PodPreemptor:        &podPreemptor{c.client},
 		WaitForCacheSync: func() bool {
-			return cache.WaitForCacheSync(f.StopEverything, f.scheduledPodsHasSynced)
+			return cache.WaitForCacheSync(c.StopEverything, c.scheduledPodsHasSynced)
 		},
 		NextPod: func() *v1.Pod {
-			return f.getNextPod()
+			return c.getNextPod()
 		},
-		Error:          f.MakeDefaultErrorFunc(podBackoff, f.podQueue),
-		StopEverything: f.StopEverything,
-		VolumeBinder:   f.volumeBinder,
+		Error:          c.MakeDefaultErrorFunc(podBackoff, c.podQueue),
+		StopEverything: c.StopEverything,
+		VolumeBinder:   c.volumeBinder,
 	}, nil
 }
 
@@ -965,8 +1089,8 @@ func (n *nodeLister) List() ([]*v1.Node, error) {
 	return n.NodeLister.List(labels.Everything())
 }
 
-func (f *configFactory) GetPriorityFunctionConfigs(priorityKeys sets.String) ([]algorithm.PriorityConfig, error) {
-	pluginArgs, err := f.getPluginArgs()
+func (c *configFactory) GetPriorityFunctionConfigs(priorityKeys sets.String) ([]algorithm.PriorityConfig, error) {
+	pluginArgs, err := c.getPluginArgs()
 	if err != nil {
 		return nil, err
 	}
@@ -974,8 +1098,8 @@ func (f *configFactory) GetPriorityFunctionConfigs(priorityKeys sets.String) ([]
 	return getPriorityFunctionConfigs(priorityKeys, *pluginArgs)
 }
 
-func (f *configFactory) GetPriorityMetadataProducer() (algorithm.MetadataProducer, error) {
-	pluginArgs, err := f.getPluginArgs()
+func (c *configFactory) GetPriorityMetadataProducer() (algorithm.PriorityMetadataProducer, error) {
+	pluginArgs, err := c.getPluginArgs()
 	if err != nil {
 		return nil, err
 	}
@@ -983,16 +1107,16 @@ func (f *configFactory) GetPriorityMetadataProducer() (algorithm.MetadataProduce
 	return getPriorityMetadataProducer(*pluginArgs)
 }
 
-func (f *configFactory) GetPredicateMetadataProducer() (algorithm.PredicateMetadataProducer, error) {
-	pluginArgs, err := f.getPluginArgs()
+func (c *configFactory) GetPredicateMetadataProducer() (algorithm.PredicateMetadataProducer, error) {
+	pluginArgs, err := c.getPluginArgs()
 	if err != nil {
 		return nil, err
 	}
 	return getPredicateMetadataProducer(*pluginArgs)
 }
 
-func (f *configFactory) GetPredicates(predicateKeys sets.String) (map[string]algorithm.FitPredicate, error) {
-	pluginArgs, err := f.getPluginArgs()
+func (c *configFactory) GetPredicates(predicateKeys sets.String) (map[string]algorithm.FitPredicate, error) {
+	pluginArgs, err := c.getPluginArgs()
 	if err != nil {
 		return nil, err
 	}
@@ -1000,31 +1124,31 @@ func (f *configFactory) GetPredicates(predicateKeys sets.String) (map[string]alg
 	return getFitPredicateFunctions(predicateKeys, *pluginArgs)
 }
 
-func (f *configFactory) getPluginArgs() (*PluginFactoryArgs, error) {
+func (c *configFactory) getPluginArgs() (*PluginFactoryArgs, error) {
 	return &PluginFactoryArgs{
-		PodLister:                      f.podLister,
-		ServiceLister:                  f.serviceLister,
-		ControllerLister:               f.controllerLister,
-		ReplicaSetLister:               f.replicaSetLister,
-		StatefulSetLister:              f.statefulSetLister,
-		NodeLister:                     &nodeLister{f.nodeLister},
-		NodeInfo:                       &predicates.CachedNodeInfo{NodeLister: f.nodeLister},
-		PVInfo:                         &predicates.CachedPersistentVolumeInfo{PersistentVolumeLister: f.pVLister},
-		PVCInfo:                        &predicates.CachedPersistentVolumeClaimInfo{PersistentVolumeClaimLister: f.pVCLister},
-		StorageClassInfo:               &predicates.CachedStorageClassInfo{StorageClassLister: f.storageClassLister},
-		VolumeBinder:                   f.volumeBinder,
-		HardPodAffinitySymmetricWeight: f.hardPodAffinitySymmetricWeight,
+		PodLister:                      c.podLister,
+		ServiceLister:                  c.serviceLister,
+		ControllerLister:               c.controllerLister,
+		ReplicaSetLister:               c.replicaSetLister,
+		StatefulSetLister:              c.statefulSetLister,
+		NodeLister:                     &nodeLister{c.nodeLister},
+		NodeInfo:                       &predicates.CachedNodeInfo{NodeLister: c.nodeLister},
+		PVInfo:                         &predicates.CachedPersistentVolumeInfo{PersistentVolumeLister: c.pVLister},
+		PVCInfo:                        &predicates.CachedPersistentVolumeClaimInfo{PersistentVolumeClaimLister: c.pVCLister},
+		StorageClassInfo:               &predicates.CachedStorageClassInfo{StorageClassLister: c.storageClassLister},
+		VolumeBinder:                   c.volumeBinder,
+		HardPodAffinitySymmetricWeight: c.hardPodAffinitySymmetricWeight,
 	}, nil
 }
 
-func (f *configFactory) getNextPod() *v1.Pod {
-	if pod, err := f.podQueue.Pop(); err == nil {
+func (c *configFactory) getNextPod() *v1.Pod {
+	pod, err := c.podQueue.Pop()
+	if err == nil {
 		glog.V(4).Infof("About to try and schedule pod %v", pod.Name)
 		return pod
-	} else {
-		glog.Errorf("Error while retrieving next pod from scheduling queue: %v", err)
-		return nil
 	}
+	glog.Errorf("Error while retrieving next pod from scheduling queue: %v", err)
+	return nil
 }
 
 // unassignedNonTerminatedPod selects pods that are unassigned and non-terminal.
@@ -1132,7 +1256,7 @@ func NewPodInformer(client clientset.Interface, resyncPeriod time.Duration, sche
 	}
 }
 
-func (factory *configFactory) MakeDefaultErrorFunc(backoff *util.PodBackoff, podQueue core.SchedulingQueue) func(pod *v1.Pod, err error) {
+func (c *configFactory) MakeDefaultErrorFunc(backoff *util.PodBackoff, podQueue core.SchedulingQueue) func(pod *v1.Pod, err error) {
 	return func(pod *v1.Pod, err error) {
 		if err == core.ErrNoNodesAvailable {
 			glog.V(4).Infof("Unable to schedule %v %v: no nodes are registered to the cluster; waiting", pod.Namespace, pod.Name)
@@ -1144,13 +1268,13 @@ func (factory *configFactory) MakeDefaultErrorFunc(backoff *util.PodBackoff, pod
 					nodeName := errStatus.Status().Details.Name
 					// when node is not found, We do not remove the node right away. Trying again to get
 					// the node and if the node is still not found, then remove it from the scheduler cache.
-					_, err := factory.client.CoreV1().Nodes().Get(nodeName, metav1.GetOptions{})
+					_, err := c.client.CoreV1().Nodes().Get(nodeName, metav1.GetOptions{})
 					if err != nil && errors.IsNotFound(err) {
 						node := v1.Node{ObjectMeta: metav1.ObjectMeta{Name: nodeName}}
-						factory.schedulerCache.RemoveNode(&node)
+						c.schedulerCache.RemoveNode(&node)
 						// invalidate cached predicate for the node
-						if factory.enableEquivalenceClassCache {
-							factory.equivalencePodCache.InvalidateAllCachedPredicateItemOfNode(nodeName)
+						if c.enableEquivalenceClassCache {
+							c.equivalencePodCache.InvalidateAllCachedPredicateItemOfNode(nodeName)
 						}
 					}
 				}
@@ -1184,14 +1308,14 @@ func (factory *configFactory) MakeDefaultErrorFunc(backoff *util.PodBackoff, pod
 			// Get the pod again; it may have changed/been scheduled already.
 			getBackoff := initialGetBackoff
 			for {
-				pod, err := factory.client.CoreV1().Pods(podID.Namespace).Get(podID.Name, metav1.GetOptions{})
+				pod, err := c.client.CoreV1().Pods(podID.Namespace).Get(podID.Name, metav1.GetOptions{})
 				if err == nil {
 					if len(pod.Spec.NodeName) == 0 {
 						podQueue.AddUnschedulableIfNotPresent(pod)
 					} else {
-						if factory.volumeBinder != nil {
+						if c.volumeBinder != nil {
 							// Volume binder only wants to keep unassigned pods
-							factory.volumeBinder.DeletePodBindings(pod)
+							c.volumeBinder.DeletePodBindings(pod)
 						}
 					}
 					break
@@ -1199,9 +1323,9 @@ func (factory *configFactory) MakeDefaultErrorFunc(backoff *util.PodBackoff, pod
 				if errors.IsNotFound(err) {
 					glog.Warningf("A pod %v no longer exists", podID)
 
-					if factory.volumeBinder != nil {
+					if c.volumeBinder != nil {
 						// Volume binder only wants to keep unassigned pods
-						factory.volumeBinder.DeletePodBindings(origPod)
+						c.volumeBinder.DeletePodBindings(origPod)
 					}
 					return
 				}
@@ -1268,41 +1392,16 @@ func (p *podPreemptor) DeletePod(pod *v1.Pod) error {
 	return p.Client.CoreV1().Pods(pod.Namespace).Delete(pod.Name, &metav1.DeleteOptions{})
 }
 
-func (p *podPreemptor) UpdatePodAnnotations(pod *v1.Pod, annotations map[string]string) error {
+func (p *podPreemptor) SetNominatedNodeName(pod *v1.Pod, nominatedNodeName string) error {
 	podCopy := pod.DeepCopy()
-	if podCopy.Annotations == nil {
-		podCopy.Annotations = map[string]string{}
-	}
-	for k, v := range annotations {
-		podCopy.Annotations[k] = v
-	}
-	ret := &unstructured.Unstructured{}
-	ret.SetAnnotations(podCopy.Annotations)
-	patchData, err := json.Marshal(ret)
-	if err != nil {
-		return err
-	}
-	_, error := p.Client.CoreV1().Pods(podCopy.Namespace).Patch(podCopy.Name, types.MergePatchType, patchData, "status")
-	return error
+	podCopy.Status.NominatedNodeName = nominatedNodeName
+	_, err := p.Client.CoreV1().Pods(pod.Namespace).UpdateStatus(podCopy)
+	return err
 }
 
-func (p *podPreemptor) RemoveNominatedNodeAnnotation(pod *v1.Pod) error {
-	podCopy := pod.DeepCopy()
-	if podCopy.Annotations == nil {
-		return nil
-	}
-	if _, exists := podCopy.Annotations[core.NominatedNodeAnnotationKey]; !exists {
+func (p *podPreemptor) RemoveNominatedNodeName(pod *v1.Pod) error {
+	if len(pod.Status.NominatedNodeName) == 0 {
 		return nil
 	}
-	// Note: Deleting the entry from the annotations and passing it to Patch() will
-	// not remove the annotation. That's why we set it to empty string.
-	podCopy.Annotations[core.NominatedNodeAnnotationKey] = ""
-	ret := &unstructured.Unstructured{}
-	ret.SetAnnotations(podCopy.Annotations)
-	patchData, err := json.Marshal(ret)
-	if err != nil {
-		return err
-	}
-	_, error := p.Client.CoreV1().Pods(podCopy.Namespace).Patch(podCopy.Name, types.MergePatchType, patchData, "status")
-	return error
+	return p.SetNominatedNodeName(pod, "")
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/factory/plugins.go b/vendor/k8s.io/kubernetes/pkg/scheduler/factory/plugins.go
similarity index 90%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/factory/plugins.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/factory/plugins.go
index 6c7a7ab7d5f7..bd33dad00e97 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/factory/plugins.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/factory/plugins.go
@@ -24,13 +24,13 @@ import (
 	"sync"
 
 	"k8s.io/apimachinery/pkg/util/sets"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm/predicates"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm/priorities"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/volumebinder"
 
 	"github.com/golang/glog"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/volumebinder"
 )
 
 // PluginFactoryArgs are passed to all plugin factory functions.
@@ -49,27 +49,26 @@ type PluginFactoryArgs struct {
 	HardPodAffinitySymmetricWeight int32
 }
 
-// MetadataProducerFactory produces MetadataProducer from the given args.
-// TODO: Rename this to PriorityMetadataProducerFactory.
-type MetadataProducerFactory func(PluginFactoryArgs) algorithm.MetadataProducer
+// PriorityMetadataProducerFactory produces PriorityMetadataProducer from the given args.
+type PriorityMetadataProducerFactory func(PluginFactoryArgs) algorithm.PriorityMetadataProducer
 
 // PredicateMetadataProducerFactory produces PredicateMetadataProducer from the given args.
 type PredicateMetadataProducerFactory func(PluginFactoryArgs) algorithm.PredicateMetadataProducer
 
-// A FitPredicateFactory produces a FitPredicate from the given args.
+// FitPredicateFactory produces a FitPredicate from the given args.
 type FitPredicateFactory func(PluginFactoryArgs) algorithm.FitPredicate
 
+// PriorityFunctionFactory produces a PriorityConfig from the given args.
 // DEPRECATED
 // Use Map-Reduce pattern for priority functions.
-// A PriorityFunctionFactory produces a PriorityConfig from the given args.
 type PriorityFunctionFactory func(PluginFactoryArgs) algorithm.PriorityFunction
 
-// A PriorityFunctionFactory produces map & reduce priority functions
+// PriorityFunctionFactory2 produces map & reduce priority functions
 // from a given args.
 // FIXME: Rename to PriorityFunctionFactory.
 type PriorityFunctionFactory2 func(PluginFactoryArgs) (algorithm.PriorityMapFunction, algorithm.PriorityReduceFunction)
 
-// A PriorityConfigFactory produces a PriorityConfig from the given function and weight
+// PriorityConfigFactory produces a PriorityConfig from the given function and weight
 type PriorityConfigFactory struct {
 	Function          PriorityFunctionFactory
 	MapReduceFunction PriorityFunctionFactory2
@@ -89,7 +88,7 @@ var (
 	algorithmProviderMap   = make(map[string]AlgorithmProviderConfig)
 
 	// Registered metadata producers
-	priorityMetadataProducer  MetadataProducerFactory
+	priorityMetadataProducer  PriorityMetadataProducerFactory
 	predicateMetadataProducer PredicateMetadataProducerFactory
 
 	// get equivalence pod function
@@ -97,9 +96,11 @@ var (
 )
 
 const (
+	// DefaultProvider defines the default algorithm provider name.
 	DefaultProvider = "DefaultProvider"
 )
 
+// AlgorithmProviderConfig is used to store the configuration of algorithm providers.
 type AlgorithmProviderConfig struct {
 	FitPredicateKeys     sets.String
 	PriorityFunctionKeys sets.String
@@ -135,7 +136,7 @@ func RemovePredicateKeyFromAlgoProvider(providerName, key string) error {
 	return nil
 }
 
-// RemovePredicateKeyFromAlgoProvider removes a fit predicate key from all algorithmProviders which in algorithmProviderMap.
+// RemovePredicateKeyFromAlgorithmProviderMap removes a fit predicate key from all algorithmProviders which in algorithmProviderMap.
 func RemovePredicateKeyFromAlgorithmProviderMap(key string) {
 	schedulerFactoryMutex.Lock()
 	defer schedulerFactoryMutex.Unlock()
@@ -245,22 +246,24 @@ func IsFitPredicateRegistered(name string) bool {
 	return ok
 }
 
-func RegisterPriorityMetadataProducerFactory(factory MetadataProducerFactory) {
+// RegisterPriorityMetadataProducerFactory registers a PriorityMetadataProducerFactory.
+func RegisterPriorityMetadataProducerFactory(factory PriorityMetadataProducerFactory) {
 	schedulerFactoryMutex.Lock()
 	defer schedulerFactoryMutex.Unlock()
 	priorityMetadataProducer = factory
 }
 
+// RegisterPredicateMetadataProducerFactory registers a PredicateMetadataProducerFactory.
 func RegisterPredicateMetadataProducerFactory(factory PredicateMetadataProducerFactory) {
 	schedulerFactoryMutex.Lock()
 	defer schedulerFactoryMutex.Unlock()
 	predicateMetadataProducer = factory
 }
 
+// RegisterPriorityFunction registers a priority function with the algorithm registry. Returns the name,
+// with which the function was registered.
 // DEPRECATED
 // Use Map-Reduce pattern for priority functions.
-// Registers a priority function with the algorithm registry. Returns the name,
-// with which the function was registered.
 func RegisterPriorityFunction(name string, function algorithm.PriorityFunction, weight int) string {
 	return RegisterPriorityConfigFactory(name, PriorityConfigFactory{
 		Function: func(PluginFactoryArgs) algorithm.PriorityFunction {
@@ -286,6 +289,7 @@ func RegisterPriorityFunction2(
 	})
 }
 
+// RegisterPriorityConfigFactory registers a priority config factory with its name.
 func RegisterPriorityConfigFactory(name string, pcf PriorityConfigFactory) string {
 	schedulerFactoryMutex.Lock()
 	defer schedulerFactoryMutex.Unlock()
@@ -305,7 +309,7 @@ func RegisterCustomPriorityFunction(policy schedulerapi.PriorityPolicy) string {
 	if policy.Argument != nil {
 		if policy.Argument.ServiceAntiAffinity != nil {
 			pcf = &PriorityConfigFactory{
-				Function: func(args PluginFactoryArgs) algorithm.PriorityFunction {
+				MapReduceFunction: func(args PluginFactoryArgs) (algorithm.PriorityMapFunction, algorithm.PriorityReduceFunction) {
 					return priorities.NewServiceAntiAffinityPriority(
 						args.PodLister,
 						args.ServiceLister,
@@ -404,12 +408,12 @@ func getFitPredicateFunctions(names sets.String, args PluginFactoryArgs) (map[st
 	return predicates, nil
 }
 
-func getPriorityMetadataProducer(args PluginFactoryArgs) (algorithm.MetadataProducer, error) {
+func getPriorityMetadataProducer(args PluginFactoryArgs) (algorithm.PriorityMetadataProducer, error) {
 	schedulerFactoryMutex.Lock()
 	defer schedulerFactoryMutex.Unlock()
 
 	if priorityMetadataProducer == nil {
-		return algorithm.EmptyMetadataProducer, nil
+		return algorithm.EmptyPriorityMetadataProducer, nil
 	}
 	return priorityMetadataProducer(args), nil
 }
@@ -507,6 +511,7 @@ func validatePriorityOrDie(priority schedulerapi.PriorityPolicy) {
 	}
 }
 
+// ListRegisteredFitPredicates returns the registered fit predicates.
 func ListRegisteredFitPredicates() []string {
 	schedulerFactoryMutex.Lock()
 	defer schedulerFactoryMutex.Unlock()
@@ -518,6 +523,7 @@ func ListRegisteredFitPredicates() []string {
 	return names
 }
 
+// ListRegisteredPriorityFunctions returns the registered priority functions.
 func ListRegisteredPriorityFunctions() []string {
 	schedulerFactoryMutex.Lock()
 	defer schedulerFactoryMutex.Unlock()
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/metrics/BUILD b/vendor/k8s.io/kubernetes/pkg/scheduler/metrics/BUILD
similarity index 88%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/metrics/BUILD
rename to vendor/k8s.io/kubernetes/pkg/scheduler/metrics/BUILD
index 7d059ed21123..81d6d19d5876 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/metrics/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/metrics/BUILD
@@ -8,7 +8,7 @@ load(
 go_library(
     name = "go_default_library",
     srcs = ["metrics.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/metrics",
+    importpath = "k8s.io/kubernetes/pkg/scheduler/metrics",
     deps = ["//vendor/github.com/prometheus/client_golang/prometheus:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/metrics/metrics.go b/vendor/k8s.io/kubernetes/pkg/scheduler/metrics/metrics.go
similarity index 51%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/metrics/metrics.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/metrics/metrics.go
index cd50ceddc9a7..4836ac4b93c5 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/metrics/metrics.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/metrics/metrics.go
@@ -25,8 +25,7 @@ import (
 
 const schedulerSubsystem = "scheduler"
 
-var BindingSaturationReportInterval = 1 * time.Second
-
+// All the histogram based metrics have 1ms as size for the smallest bucket.
 var (
 	E2eSchedulingLatency = prometheus.NewHistogram(
 		prometheus.HistogramOpts{
@@ -44,6 +43,30 @@ var (
 			Buckets:   prometheus.ExponentialBuckets(1000, 2, 15),
 		},
 	)
+	SchedulingAlgorithmPredicateEvaluationDuration = prometheus.NewHistogram(
+		prometheus.HistogramOpts{
+			Subsystem: schedulerSubsystem,
+			Name:      "scheduling_algorithm_predicate_evaluation",
+			Help:      "Scheduling algorithm predicate evaluation duration",
+			Buckets:   prometheus.ExponentialBuckets(1000, 2, 15),
+		},
+	)
+	SchedulingAlgorithmPriorityEvaluationDuration = prometheus.NewHistogram(
+		prometheus.HistogramOpts{
+			Subsystem: schedulerSubsystem,
+			Name:      "scheduling_algorithm_priority_evaluation",
+			Help:      "Scheduling algorithm priority evaluation duration",
+			Buckets:   prometheus.ExponentialBuckets(1000, 2, 15),
+		},
+	)
+	SchedulingAlgorithmPremptionEvaluationDuration = prometheus.NewHistogram(
+		prometheus.HistogramOpts{
+			Subsystem: schedulerSubsystem,
+			Name:      "scheduling_algorithm_preemption_evaluation",
+			Help:      "Scheduling algorithm preemption evaluation duration",
+			Buckets:   prometheus.ExponentialBuckets(1000, 2, 15),
+		},
+	)
 	BindingLatency = prometheus.NewHistogram(
 		prometheus.HistogramOpts{
 			Subsystem: schedulerSubsystem,
@@ -52,6 +75,18 @@ var (
 			Buckets:   prometheus.ExponentialBuckets(1000, 2, 15),
 		},
 	)
+	PreemptionVictims = prometheus.NewGauge(
+		prometheus.GaugeOpts{
+			Subsystem: schedulerSubsystem,
+			Name:      "pod_preemption_victims",
+			Help:      "Number of selected preemption victims",
+		})
+	PreemptionAttempts = prometheus.NewCounter(
+		prometheus.CounterOpts{
+			Subsystem: schedulerSubsystem,
+			Name:      "total_preemption_attempts",
+			Help:      "Total preemption attempts in the cluster till now",
+		})
 )
 
 var registerMetrics sync.Once
@@ -63,10 +98,16 @@ func Register() {
 		prometheus.MustRegister(E2eSchedulingLatency)
 		prometheus.MustRegister(SchedulingAlgorithmLatency)
 		prometheus.MustRegister(BindingLatency)
+
+		prometheus.MustRegister(SchedulingAlgorithmPredicateEvaluationDuration)
+		prometheus.MustRegister(SchedulingAlgorithmPriorityEvaluationDuration)
+		prometheus.MustRegister(SchedulingAlgorithmPremptionEvaluationDuration)
+		prometheus.MustRegister(PreemptionVictims)
+		prometheus.MustRegister(PreemptionAttempts)
 	})
 }
 
-// Gets the time since the specified start in microseconds.
+// SinceInMicroseconds gets the time since the specified start in microseconds.
 func SinceInMicroseconds(start time.Time) float64 {
 	return float64(time.Since(start).Nanoseconds() / time.Microsecond.Nanoseconds())
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/scheduler.go b/vendor/k8s.io/kubernetes/pkg/scheduler/scheduler.go
similarity index 94%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/scheduler.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/scheduler.go
index b69aacc8eaf0..ebab58d45b2e 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/scheduler.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/scheduler.go
@@ -29,16 +29,16 @@ import (
 	corelisters "k8s.io/client-go/listers/core/v1"
 	"k8s.io/client-go/tools/record"
 	"k8s.io/kubernetes/pkg/features"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/core"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/metrics"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/util"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm/predicates"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/core"
+	"k8s.io/kubernetes/pkg/scheduler/metrics"
+	"k8s.io/kubernetes/pkg/scheduler/schedulercache"
+	"k8s.io/kubernetes/pkg/scheduler/util"
+	"k8s.io/kubernetes/pkg/scheduler/volumebinder"
 
 	"github.com/golang/glog"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/volumebinder"
 )
 
 // Binder knows how to write a binding.
@@ -57,8 +57,8 @@ type PodConditionUpdater interface {
 type PodPreemptor interface {
 	GetUpdatedPod(pod *v1.Pod) (*v1.Pod, error)
 	DeletePod(pod *v1.Pod) error
-	UpdatePodAnnotations(pod *v1.Pod, annots map[string]string) error
-	RemoveNominatedNodeAnnotation(pod *v1.Pod) error
+	SetNominatedNodeName(pod *v1.Pod, nominatedNode string) error
+	RemoveNominatedNodeName(pod *v1.Pod) error
 }
 
 // Scheduler watches for new unscheduled pods. It attempts to find
@@ -78,7 +78,7 @@ func (sched *Scheduler) StopEverything() {
 // factory.go.
 type Configurator interface {
 	GetPriorityFunctionConfigs(priorityKeys sets.String) ([]algorithm.PriorityConfig, error)
-	GetPriorityMetadataProducer() (algorithm.MetadataProducer, error)
+	GetPriorityMetadataProducer() (algorithm.PriorityMetadataProducer, error)
 	GetPredicateMetadataProducer() (algorithm.PredicateMetadataProducer, error)
 	GetPredicates(predicateKeys sets.String) (map[string]algorithm.FitPredicate, error)
 	GetHardPodAffinitySymmetricWeight() int32
@@ -107,7 +107,7 @@ type Config struct {
 	Ecache     *core.EquivalenceCache
 	NodeLister algorithm.NodeLister
 	Algorithm  algorithm.ScheduleAlgorithm
-	Binder     Binder
+	GetBinder  func(pod *v1.Pod) Binder
 	// PodConditionUpdater is used only in case of scheduling errors. If we succeed
 	// with scheduling, PodScheduled condition will be updated in apiserver in /bind
 	// handler so that binding and setting PodCondition it is atomic.
@@ -216,7 +216,9 @@ func (sched *Scheduler) preempt(preemptor *v1.Pod, scheduleErr error) (string, e
 		glog.Errorf("Error getting the updated preemptor pod object: %v", err)
 		return "", err
 	}
+
 	node, victims, nominatedPodsToClear, err := sched.config.Algorithm.Preempt(preemptor, sched.config.NodeLister, scheduleErr)
+	metrics.PreemptionVictims.Set(float64(len(victims)))
 	if err != nil {
 		glog.Errorf("Error preempting victims to make room for %v/%v.", preemptor.Namespace, preemptor.Name)
 		return "", err
@@ -224,8 +226,7 @@ func (sched *Scheduler) preempt(preemptor *v1.Pod, scheduleErr error) (string, e
 	var nodeName = ""
 	if node != nil {
 		nodeName = node.Name
-		annotations := map[string]string{core.NominatedNodeAnnotationKey: nodeName}
-		err = sched.config.PodPreemptor.UpdatePodAnnotations(preemptor, annotations)
+		err = sched.config.PodPreemptor.SetNominatedNodeName(preemptor, nodeName)
 		if err != nil {
 			glog.Errorf("Error in preemption process. Cannot update pod %v annotations: %v", preemptor.Name, err)
 			return "", err
@@ -243,7 +244,7 @@ func (sched *Scheduler) preempt(preemptor *v1.Pod, scheduleErr error) (string, e
 	// but preemption logic does not find any node for it. In that case Preempt()
 	// function of generic_scheduler.go returns the pod itself for removal of the annotation.
 	for _, p := range nominatedPodsToClear {
-		rErr := sched.config.PodPreemptor.RemoveNominatedNodeAnnotation(p)
+		rErr := sched.config.PodPreemptor.RemoveNominatedNodeName(p)
 		if rErr != nil {
 			glog.Errorf("Cannot remove nominated node annotation of pod: %v", rErr)
 			// We do not return as this error is not critical.
@@ -278,7 +279,7 @@ func (sched *Scheduler) assumeAndBindVolumes(assumed *v1.Pod, host string) error
 			err = fmt.Errorf("Volume binding started, waiting for completion")
 			if bindingRequired {
 				if sched.config.Ecache != nil {
-					invalidPredicates := sets.NewString(predicates.CheckVolumeBinding)
+					invalidPredicates := sets.NewString(predicates.CheckVolumeBindingPred)
 					sched.config.Ecache.InvalidateCachedPredicateItemOfAllNodes(invalidPredicates)
 				}
 
@@ -402,7 +403,7 @@ func (sched *Scheduler) bind(assumed *v1.Pod, b *v1.Binding) error {
 	bindingStart := time.Now()
 	// If binding succeeded then PodScheduled condition will be updated in apiserver so that
 	// it's atomic with setting host.
-	err := sched.config.Binder.Bind(b)
+	err := sched.config.GetBinder(assumed).Bind(b)
 	if err := sched.config.SchedulerCache.FinishBinding(assumed); err != nil {
 		glog.Errorf("scheduler cache FinishBinding failed: %v", err)
 	}
@@ -440,18 +441,20 @@ func (sched *Scheduler) scheduleOne() {
 	// Synchronously attempt to find a fit for the pod.
 	start := time.Now()
 	suggestedHost, err := sched.schedule(pod)
-	metrics.SchedulingAlgorithmLatency.Observe(metrics.SinceInMicroseconds(start))
 	if err != nil {
 		// schedule() may have failed because the pod would not fit on any host, so we try to
 		// preempt, with the expectation that the next time the pod is tried for scheduling it
 		// will fit due to the preemption. It is also possible that a different pod will schedule
 		// into the resources that were preempted, but this is harmless.
 		if fitError, ok := err.(*core.FitError); ok {
+			preemptionStartTime := time.Now()
 			sched.preempt(pod, fitError)
+			metrics.PreemptionAttempts.Inc()
+			metrics.SchedulingAlgorithmPremptionEvaluationDuration.Observe(metrics.SinceInMicroseconds(preemptionStartTime))
 		}
 		return
 	}
-
+	metrics.SchedulingAlgorithmLatency.Observe(metrics.SinceInMicroseconds(start))
 	// Tell the cache to assume that a pod now is running on a given node, even though it hasn't been bound yet.
 	// This allows us to keep scheduling without waiting on binding to occur.
 	assumedPod := pod.DeepCopy()
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache/BUILD b/vendor/k8s.io/kubernetes/pkg/scheduler/schedulercache/BUILD
similarity index 72%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache/BUILD
rename to vendor/k8s.io/kubernetes/pkg/scheduler/schedulercache/BUILD
index 6d5e6204f55e..90daac4cdcb9 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/schedulercache/BUILD
@@ -8,35 +8,37 @@ go_library(
         "node_info.go",
         "util.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache",
+    importpath = "k8s.io/kubernetes/pkg/scheduler/schedulercache",
     visibility = ["//visibility:public"],
     deps = [
         "//pkg/apis/core/v1/helper:go_default_library",
-        "//plugin/pkg/scheduler/algorithm/priorities/util:go_default_library",
-        "//plugin/pkg/scheduler/util:go_default_library",
+        "//pkg/scheduler/algorithm/priorities/util:go_default_library",
+        "//pkg/scheduler/util:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/api/policy/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
-        "//vendor/k8s.io/client-go/tools/cache:go_default_library",
     ],
 )
 
 go_test(
     name = "go_default_test",
-    srcs = ["cache_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache",
-    library = ":go_default_library",
+    srcs = [
+        "cache_test.go",
+        "node_info_test.go",
+    ],
+    embed = [":go_default_library"],
     deps = [
-        "//plugin/pkg/scheduler/algorithm/priorities/util:go_default_library",
-        "//plugin/pkg/scheduler/util:go_default_library",
+        "//pkg/scheduler/algorithm/priorities/util:go_default_library",
+        "//pkg/scheduler/util:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/api/policy/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache/cache.go b/vendor/k8s.io/kubernetes/pkg/scheduler/schedulercache/cache.go
similarity index 90%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache/cache.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/schedulercache/cache.go
index 7e409903331b..78cdca25b3e7 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache/cache.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/schedulercache/cache.go
@@ -104,7 +104,14 @@ func (cache *schedulerCache) List(selector labels.Selector) ([]*v1.Pod, error) {
 func (cache *schedulerCache) FilteredList(podFilter PodFilter, selector labels.Selector) ([]*v1.Pod, error) {
 	cache.mu.Lock()
 	defer cache.mu.Unlock()
-	var pods []*v1.Pod
+	// podFilter is expected to return true for most or all of the pods. We
+	// can avoid expensive array growth without wasting too much memory by
+	// pre-allocating capacity.
+	maxSize := 0
+	for _, info := range cache.nodes {
+		maxSize += len(info.pods)
+	}
+	pods := make([]*v1.Pod, 0, maxSize)
 	for _, info := range cache.nodes {
 		for _, pod := range info.pods {
 			if podFilter(pod) && selector.Matches(labels.Set(pod.Labels)) {
@@ -124,7 +131,7 @@ func (cache *schedulerCache) AssumePod(pod *v1.Pod) error {
 	cache.mu.Lock()
 	defer cache.mu.Unlock()
 	if _, ok := cache.podStates[key]; ok {
-		return fmt.Errorf("pod %v state wasn't initial but get assumed", key)
+		return fmt.Errorf("pod %v is in the cache, so can't be assumed", key)
 	}
 
 	cache.addPod(pod)
@@ -171,7 +178,7 @@ func (cache *schedulerCache) ForgetPod(pod *v1.Pod) error {
 
 	currState, ok := cache.podStates[key]
 	if ok && currState.pod.Spec.NodeName != pod.Spec.NodeName {
-		return fmt.Errorf("pod %v state was assumed on a different node", key)
+		return fmt.Errorf("pod %v was assumed on %v but assigned to %v", key, pod.Spec.NodeName, currState.pod.Spec.NodeName)
 	}
 
 	switch {
@@ -184,7 +191,7 @@ func (cache *schedulerCache) ForgetPod(pod *v1.Pod) error {
 		delete(cache.assumedPods, key)
 		delete(cache.podStates, key)
 	default:
-		return fmt.Errorf("pod %v state wasn't assumed but get forgotten", key)
+		return fmt.Errorf("pod %v wasn't assumed so cannot be forgotten", key)
 	}
 	return nil
 }
@@ -234,7 +241,7 @@ func (cache *schedulerCache) AddPod(pod *v1.Pod) error {
 	case ok && cache.assumedPods[key]:
 		if currState.pod.Spec.NodeName != pod.Spec.NodeName {
 			// The pod was added to a different node than it was assumed to.
-			glog.Warningf("Pod %v assumed to a different node than added to.", key)
+			glog.Warningf("Pod %v was assumed to be on %v but got added to %v", key, pod.Spec.NodeName, currState.pod.Spec.NodeName)
 			// Clean this up.
 			cache.removePod(currState.pod)
 			cache.addPod(pod)
@@ -250,7 +257,7 @@ func (cache *schedulerCache) AddPod(pod *v1.Pod) error {
 		}
 		cache.podStates[key] = ps
 	default:
-		return fmt.Errorf("pod was already in added state. Pod key: %v", key)
+		return fmt.Errorf("pod %v was already in added state", key)
 	}
 	return nil
 }
@@ -277,7 +284,7 @@ func (cache *schedulerCache) UpdatePod(oldPod, newPod *v1.Pod) error {
 			return err
 		}
 	default:
-		return fmt.Errorf("pod %v state wasn't added but get updated", key)
+		return fmt.Errorf("pod %v is not added to scheduler cache, so cannot be updated", key)
 	}
 	return nil
 }
@@ -297,7 +304,7 @@ func (cache *schedulerCache) RemovePod(pod *v1.Pod) error {
 	// before Remove event, in which case the state would change from Assumed to Added.
 	case ok && !cache.assumedPods[key]:
 		if currState.pod.Spec.NodeName != pod.Spec.NodeName {
-			glog.Errorf("Pod %v removed from a different node than previously added to.", key)
+			glog.Errorf("Pod %v was assumed to be on %v but got added to %v", key, pod.Spec.NodeName, currState.pod.Spec.NodeName)
 			glog.Fatalf("Schedulercache is corrupted and can badly affect scheduling decisions")
 		}
 		err := cache.removePod(currState.pod)
@@ -306,7 +313,7 @@ func (cache *schedulerCache) RemovePod(pod *v1.Pod) error {
 		}
 		delete(cache.podStates, key)
 	default:
-		return fmt.Errorf("pod state wasn't added but get removed. Pod key: %v", key)
+		return fmt.Errorf("pod %v is not found in scheduler cache, so cannot be removed from it", key)
 	}
 	return nil
 }
@@ -338,7 +345,7 @@ func (cache *schedulerCache) GetPod(pod *v1.Pod) (*v1.Pod, error) {
 
 	podState, ok := cache.podStates[key]
 	if !ok {
-		return nil, fmt.Errorf("pod %v does not exist", key)
+		return nil, fmt.Errorf("pod %v does not exist in scheduler cache", key)
 	}
 
 	return podState.pod, nil
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache/interface.go b/vendor/k8s.io/kubernetes/pkg/scheduler/schedulercache/interface.go
similarity index 98%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache/interface.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/schedulercache/interface.go
index d8c09fb7e060..d3c65313b831 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache/interface.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/schedulercache/interface.go
@@ -22,6 +22,7 @@ import (
 	"k8s.io/apimachinery/pkg/labels"
 )
 
+// PodFilter is a function to filter a pod. If pod passed return true else return false.
 type PodFilter func(*v1.Pod) bool
 
 // Cache collects pods' information and provides node-level aggregated information.
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache/node_info.go b/vendor/k8s.io/kubernetes/pkg/scheduler/schedulercache/node_info.go
similarity index 86%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache/node_info.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/schedulercache/node_info.go
index 13f71d525a00..3c981982afad 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache/node_info.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/schedulercache/node_info.go
@@ -17,16 +17,16 @@ limitations under the License.
 package schedulercache
 
 import (
+	"errors"
 	"fmt"
 
 	"github.com/golang/glog"
 
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/resource"
-	clientcache "k8s.io/client-go/tools/cache"
 	v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
-	priorityutil "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/util"
+	priorityutil "k8s.io/kubernetes/pkg/scheduler/algorithm/priorities/util"
+	"k8s.io/kubernetes/pkg/scheduler/util"
 )
 
 var emptyResource = Resource{}
@@ -38,7 +38,7 @@ type NodeInfo struct {
 
 	pods             []*v1.Pod
 	podsWithAffinity []*v1.Pod
-	usedPorts        map[string]bool
+	usedPorts        util.HostPortInfo
 
 	// Total requested resource of all pods on this node.
 	// It includes assumed pods which scheduler sends binding to apiserver but
@@ -75,7 +75,7 @@ type Resource struct {
 	ScalarResources map[v1.ResourceName]int64
 }
 
-// New creates a Resource from ResourceList
+// NewResource creates a Resource from ResourceList
 func NewResource(rl v1.ResourceList) *Resource {
 	r := &Resource{}
 	r.Add(rl)
@@ -108,6 +108,7 @@ func (r *Resource) Add(rl v1.ResourceList) {
 	}
 }
 
+// ResourceList returns a resource list of this resource.
 func (r *Resource) ResourceList() v1.ResourceList {
 	result := v1.ResourceList{
 		v1.ResourceCPU:              *resource.NewMilliQuantity(r.MilliCPU, resource.DecimalSI),
@@ -126,6 +127,7 @@ func (r *Resource) ResourceList() v1.ResourceList {
 	return result
 }
 
+// Clone returns a copy of this resource.
 func (r *Resource) Clone() *Resource {
 	res := &Resource{
 		MilliCPU:         r.MilliCPU,
@@ -143,10 +145,12 @@ func (r *Resource) Clone() *Resource {
 	return res
 }
 
+// AddScalar adds a resource by a scalar value of this resource.
 func (r *Resource) AddScalar(name v1.ResourceName, quantity int64) {
 	r.SetScalar(name, r.ScalarResources[name]+quantity)
 }
 
+// SetScalar sets a resource by a scalar value of this resource.
 func (r *Resource) SetScalar(name v1.ResourceName, quantity int64) {
 	// Lazily allocate scalar resource map.
 	if r.ScalarResources == nil {
@@ -164,7 +168,7 @@ func NewNodeInfo(pods ...*v1.Pod) *NodeInfo {
 		nonzeroRequest:      &Resource{},
 		allocatableResource: &Resource{},
 		generation:          0,
-		usedPorts:           make(map[string]bool),
+		usedPorts:           make(util.HostPortInfo),
 	}
 	for _, pod := range pods {
 		ni.AddPod(pod)
@@ -172,7 +176,7 @@ func NewNodeInfo(pods ...*v1.Pod) *NodeInfo {
 	return ni
 }
 
-// Returns overall information about this node.
+// Node returns overall information about this node.
 func (n *NodeInfo) Node() *v1.Node {
 	if n == nil {
 		return nil
@@ -188,7 +192,8 @@ func (n *NodeInfo) Pods() []*v1.Pod {
 	return n.pods
 }
 
-func (n *NodeInfo) UsedPorts() map[string]bool {
+// UsedPorts returns used ports on this node.
+func (n *NodeInfo) UsedPorts() util.HostPortInfo {
 	if n == nil {
 		return nil
 	}
@@ -203,6 +208,7 @@ func (n *NodeInfo) PodsWithAffinity() []*v1.Pod {
 	return n.podsWithAffinity
 }
 
+// AllowedPodNumber returns the number of the allowed pods on this node.
 func (n *NodeInfo) AllowedPodNumber() int {
 	if n == nil || n.allocatableResource == nil {
 		return 0
@@ -210,6 +216,7 @@ func (n *NodeInfo) AllowedPodNumber() int {
 	return n.allocatableResource.AllowedPodNumber
 }
 
+// Taints returns the taints list on this node.
 func (n *NodeInfo) Taints() ([]v1.Taint, error) {
 	if n == nil {
 		return nil, nil
@@ -217,6 +224,7 @@ func (n *NodeInfo) Taints() ([]v1.Taint, error) {
 	return n.taints, n.taintsErr
 }
 
+// MemoryPressureCondition returns the memory pressure condition status on this node.
 func (n *NodeInfo) MemoryPressureCondition() v1.ConditionStatus {
 	if n == nil {
 		return v1.ConditionUnknown
@@ -224,6 +232,7 @@ func (n *NodeInfo) MemoryPressureCondition() v1.ConditionStatus {
 	return n.memoryPressureCondition
 }
 
+// DiskPressureCondition returns the disk pressure condition status on this node.
 func (n *NodeInfo) DiskPressureCondition() v1.ConditionStatus {
 	if n == nil {
 		return v1.ConditionUnknown
@@ -260,6 +269,7 @@ func (n *NodeInfo) SetAllocatableResource(allocatableResource *Resource) {
 	n.allocatableResource = allocatableResource
 }
 
+// Clone returns a copy of this node.
 func (n *NodeInfo) Clone() *NodeInfo {
 	clone := &NodeInfo{
 		node:                    n.node,
@@ -269,7 +279,7 @@ func (n *NodeInfo) Clone() *NodeInfo {
 		taintsErr:               n.taintsErr,
 		memoryPressureCondition: n.memoryPressureCondition,
 		diskPressureCondition:   n.diskPressureCondition,
-		usedPorts:               make(map[string]bool),
+		usedPorts:               make(util.HostPortInfo),
 		generation:              n.generation,
 	}
 	if len(n.pods) > 0 {
@@ -306,7 +316,7 @@ func hasPodAffinityConstraints(pod *v1.Pod) bool {
 
 // AddPod adds pod information to this NodeInfo.
 func (n *NodeInfo) AddPod(pod *v1.Pod) {
-	res, non0_cpu, non0_mem := calculateResource(pod)
+	res, non0CPU, non0Mem := calculateResource(pod)
 	n.requestedResource.MilliCPU += res.MilliCPU
 	n.requestedResource.Memory += res.Memory
 	n.requestedResource.NvidiaGPU += res.NvidiaGPU
@@ -317,8 +327,8 @@ func (n *NodeInfo) AddPod(pod *v1.Pod) {
 	for rName, rQuant := range res.ScalarResources {
 		n.requestedResource.ScalarResources[rName] += rQuant
 	}
-	n.nonzeroRequest.MilliCPU += non0_cpu
-	n.nonzeroRequest.Memory += non0_mem
+	n.nonzeroRequest.MilliCPU += non0CPU
+	n.nonzeroRequest.Memory += non0Mem
 	n.pods = append(n.pods, pod)
 	if hasPodAffinityConstraints(pod) {
 		n.podsWithAffinity = append(n.podsWithAffinity, pod)
@@ -361,19 +371,20 @@ func (n *NodeInfo) RemovePod(pod *v1.Pod) error {
 			n.pods[i] = n.pods[len(n.pods)-1]
 			n.pods = n.pods[:len(n.pods)-1]
 			// reduce the resource data
-			res, non0_cpu, non0_mem := calculateResource(pod)
+			res, non0CPU, non0Mem := calculateResource(pod)
 
 			n.requestedResource.MilliCPU -= res.MilliCPU
 			n.requestedResource.Memory -= res.Memory
 			n.requestedResource.NvidiaGPU -= res.NvidiaGPU
+			n.requestedResource.EphemeralStorage -= res.EphemeralStorage
 			if len(res.ScalarResources) > 0 && n.requestedResource.ScalarResources == nil {
 				n.requestedResource.ScalarResources = map[v1.ResourceName]int64{}
 			}
 			for rName, rQuant := range res.ScalarResources {
 				n.requestedResource.ScalarResources[rName] -= rQuant
 			}
-			n.nonzeroRequest.MilliCPU -= non0_cpu
-			n.nonzeroRequest.Memory -= non0_mem
+			n.nonzeroRequest.MilliCPU -= non0CPU
+			n.nonzeroRequest.Memory -= non0Mem
 
 			// Release ports when remove Pods.
 			n.updateUsedPorts(pod, false)
@@ -386,54 +397,35 @@ func (n *NodeInfo) RemovePod(pod *v1.Pod) error {
 	return fmt.Errorf("no corresponding pod %s in pods of node %s", pod.Name, n.node.Name)
 }
 
-func calculateResource(pod *v1.Pod) (res Resource, non0_cpu int64, non0_mem int64) {
+func calculateResource(pod *v1.Pod) (res Resource, non0CPU int64, non0Mem int64) {
 	resPtr := &res
 	for _, c := range pod.Spec.Containers {
 		resPtr.Add(c.Resources.Requests)
 
-		non0_cpu_req, non0_mem_req := priorityutil.GetNonzeroRequests(&c.Resources.Requests)
-		non0_cpu += non0_cpu_req
-		non0_mem += non0_mem_req
+		non0CPUReq, non0MemReq := priorityutil.GetNonzeroRequests(&c.Resources.Requests)
+		non0CPU += non0CPUReq
+		non0Mem += non0MemReq
 		// No non-zero resources for GPUs or opaque resources.
 	}
 
 	return
 }
 
-func (n *NodeInfo) updateUsedPorts(pod *v1.Pod, used bool) {
+func (n *NodeInfo) updateUsedPorts(pod *v1.Pod, add bool) {
 	for j := range pod.Spec.Containers {
 		container := &pod.Spec.Containers[j]
 		for k := range container.Ports {
 			podPort := &container.Ports[k]
-			// "0" is explicitly ignored in PodFitsHostPorts,
-			// which is the only function that uses this value.
-			if podPort.HostPort != 0 {
-				// user does not explicitly set protocol, default is tcp
-				portProtocol := podPort.Protocol
-				if podPort.Protocol == "" {
-					portProtocol = v1.ProtocolTCP
-				}
-
-				// user does not explicitly set hostIP, default is 0.0.0.0
-				portHostIP := podPort.HostIP
-				if podPort.HostIP == "" {
-					portHostIP = util.DefaultBindAllHostIP
-				}
-
-				str := fmt.Sprintf("%s/%s/%d", portProtocol, portHostIP, podPort.HostPort)
-
-				if used {
-					n.usedPorts[str] = used
-				} else {
-					delete(n.usedPorts, str)
-				}
-
+			if add {
+				n.usedPorts.Add(podPort.HostIP, string(podPort.Protocol), podPort.HostPort)
+			} else {
+				n.usedPorts.Remove(podPort.HostIP, string(podPort.Protocol), podPort.HostPort)
 			}
 		}
 	}
 }
 
-// Sets the overall node information.
+// SetNode sets the overall node information.
 func (n *NodeInfo) SetNode(node *v1.Node) error {
 	n.node = node
 
@@ -455,7 +447,7 @@ func (n *NodeInfo) SetNode(node *v1.Node) error {
 	return nil
 }
 
-// Removes the overall information about the node.
+// RemoveNode removes the overall information about the node.
 func (n *NodeInfo) RemoveNode(node *v1.Node) error {
 	// We don't remove NodeInfo for because there can still be some pods on this node -
 	// this is because notifications about pods are delivered in a different watch,
@@ -503,19 +495,22 @@ func (n *NodeInfo) FilterOutPods(pods []*v1.Pod) []*v1.Pod {
 
 // getPodKey returns the string key of a pod.
 func getPodKey(pod *v1.Pod) (string, error) {
-	return clientcache.MetaNamespaceKeyFunc(pod)
+	uid := string(pod.UID)
+	if len(uid) == 0 {
+		return "", errors.New("Cannot get cache key for pod with empty UID")
+	}
+	return uid, nil
 }
 
 // Filter implements PodFilter interface. It returns false only if the pod node name
 // matches NodeInfo.node and the pod is not found in the pods list. Otherwise,
 // returns true.
 func (n *NodeInfo) Filter(pod *v1.Pod) bool {
-	pFullName := util.GetPodFullName(pod)
 	if pod.Spec.NodeName != n.node.Name {
 		return true
 	}
 	for _, p := range n.pods {
-		if util.GetPodFullName(p) == pFullName {
+		if p.Name == pod.Name && p.Namespace == pod.Namespace {
 			return true
 		}
 	}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache/util.go b/vendor/k8s.io/kubernetes/pkg/scheduler/schedulercache/util.go
similarity index 100%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache/util.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/schedulercache/util.go
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/testutil.go b/vendor/k8s.io/kubernetes/pkg/scheduler/testutil.go
similarity index 87%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/testutil.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/testutil.go
index 7976353ed4e5..4302b913b5fc 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/testutil.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/testutil.go
@@ -23,10 +23,10 @@ import (
 	"k8s.io/apimachinery/pkg/util/sets"
 	clientset "k8s.io/client-go/kubernetes"
 	corelisters "k8s.io/client-go/listers/core/v1"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/core"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/util"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
+	"k8s.io/kubernetes/pkg/scheduler/core"
+	"k8s.io/kubernetes/pkg/scheduler/util"
 )
 
 // FakeConfigurator is an implementation for test.
@@ -40,7 +40,7 @@ func (fc *FakeConfigurator) GetPriorityFunctionConfigs(priorityKeys sets.String)
 }
 
 // GetPriorityMetadataProducer is not implemented yet.
-func (fc *FakeConfigurator) GetPriorityMetadataProducer() (algorithm.MetadataProducer, error) {
+func (fc *FakeConfigurator) GetPriorityMetadataProducer() (algorithm.PriorityMetadataProducer, error) {
 	return nil, fmt.Errorf("not implemented")
 }
 
@@ -69,11 +69,6 @@ func (fc *FakeConfigurator) MakeDefaultErrorFunc(backoff *util.PodBackoff, podQu
 	return nil
 }
 
-// ResponsibleForPod is not implemented yet.
-func (fc *FakeConfigurator) ResponsibleForPod(pod *v1.Pod) bool {
-	panic("not implemented")
-}
-
 // GetNodeLister is not implemented yet.
 func (fc *FakeConfigurator) GetNodeLister() corelisters.NodeLister {
 	return nil
@@ -89,11 +84,6 @@ func (fc *FakeConfigurator) GetScheduledPodLister() corelisters.PodLister {
 	return nil
 }
 
-// Run is not implemented yet.
-func (fc *FakeConfigurator) Run() {
-	panic("not implemented")
-}
-
 // Create returns FakeConfigurator.Config
 func (fc *FakeConfigurator) Create() (*Config, error) {
 	return fc.Config, nil
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/util/BUILD b/vendor/k8s.io/kubernetes/pkg/scheduler/util/BUILD
similarity index 91%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/util/BUILD
rename to vendor/k8s.io/kubernetes/pkg/scheduler/util/BUILD
index 1eed06de1836..37f3b829f3e8 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/util/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/util/BUILD
@@ -13,8 +13,7 @@ go_test(
         "testutil_test.go",
         "utils_test.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/util",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/scheduling:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
@@ -31,7 +30,7 @@ go_library(
         "testutil.go",
         "utils.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/util",
+    importpath = "k8s.io/kubernetes/pkg/scheduler/util",
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/util/backoff_utils.go b/vendor/k8s.io/kubernetes/pkg/scheduler/util/backoff_utils.go
similarity index 71%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/util/backoff_utils.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/util/backoff_utils.go
index aa8a8e61fd81..50920ae86c83 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/util/backoff_utils.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/util/backoff_utils.go
@@ -37,10 +37,10 @@ func (realClock) Now() time.Time {
 	return time.Now()
 }
 
-// backoffEntry is single threaded.  in particular, it only allows a single action to be waiting on backoff at a time.
+// BackoffEntry is single threaded.  in particular, it only allows a single action to be waiting on backoff at a time.
 // It is expected that all users will only use the public TryWait(...) method
 // It is also not safe to copy this object.
-type backoffEntry struct {
+type BackoffEntry struct {
 	backoff     time.Duration
 	lastUpdate  time.Time
 	reqInFlight int32
@@ -48,19 +48,19 @@ type backoffEntry struct {
 
 // tryLock attempts to acquire a lock via atomic compare and swap.
 // returns true if the lock was acquired, false otherwise
-func (b *backoffEntry) tryLock() bool {
+func (b *BackoffEntry) tryLock() bool {
 	return atomic.CompareAndSwapInt32(&b.reqInFlight, 0, 1)
 }
 
 // unlock returns the lock.  panics if the lock isn't held
-func (b *backoffEntry) unlock() {
+func (b *BackoffEntry) unlock() {
 	if !atomic.CompareAndSwapInt32(&b.reqInFlight, 1, 0) {
 		panic(fmt.Sprintf("unexpected state on unlocking: %+v", b))
 	}
 }
 
 // TryWait tries to acquire the backoff lock, maxDuration is the maximum allowed period to wait for.
-func (b *backoffEntry) TryWait(maxDuration time.Duration) bool {
+func (b *BackoffEntry) TryWait(maxDuration time.Duration) bool {
 	if !b.tryLock() {
 		return false
 	}
@@ -69,62 +69,69 @@ func (b *backoffEntry) TryWait(maxDuration time.Duration) bool {
 	return true
 }
 
-func (entry *backoffEntry) getBackoff(maxDuration time.Duration) time.Duration {
-	duration := entry.backoff
+func (b *BackoffEntry) getBackoff(maxDuration time.Duration) time.Duration {
+	duration := b.backoff
 	newDuration := time.Duration(duration) * 2
 	if newDuration > maxDuration {
 		newDuration = maxDuration
 	}
-	entry.backoff = newDuration
+	b.backoff = newDuration
 	glog.V(4).Infof("Backing off %s", duration.String())
 	return duration
 }
 
-func (entry *backoffEntry) wait(maxDuration time.Duration) {
-	time.Sleep(entry.getBackoff(maxDuration))
+func (b *BackoffEntry) wait(maxDuration time.Duration) {
+	time.Sleep(b.getBackoff(maxDuration))
 }
 
+// PodBackoff is used to restart a pod with back-off delay.
 type PodBackoff struct {
-	perPodBackoff   map[ktypes.NamespacedName]*backoffEntry
+	perPodBackoff   map[ktypes.NamespacedName]*BackoffEntry
 	lock            sync.Mutex
 	clock           clock
 	defaultDuration time.Duration
 	maxDuration     time.Duration
 }
 
+// MaxDuration returns the max time duration of the back-off.
 func (p *PodBackoff) MaxDuration() time.Duration {
 	return p.maxDuration
 }
 
+// CreateDefaultPodBackoff creates a default pod back-off object.
 func CreateDefaultPodBackoff() *PodBackoff {
 	return CreatePodBackoff(1*time.Second, 60*time.Second)
 }
 
+// CreatePodBackoff creates a pod back-off object by default duration and max duration.
 func CreatePodBackoff(defaultDuration, maxDuration time.Duration) *PodBackoff {
 	return CreatePodBackoffWithClock(defaultDuration, maxDuration, realClock{})
 }
 
+// CreatePodBackoffWithClock creates a pod back-off object by default duration, max duration and clock.
 func CreatePodBackoffWithClock(defaultDuration, maxDuration time.Duration, clock clock) *PodBackoff {
 	return &PodBackoff{
-		perPodBackoff:   map[ktypes.NamespacedName]*backoffEntry{},
+		perPodBackoff:   map[ktypes.NamespacedName]*BackoffEntry{},
 		clock:           clock,
 		defaultDuration: defaultDuration,
 		maxDuration:     maxDuration,
 	}
 }
 
-func (p *PodBackoff) GetEntry(podID ktypes.NamespacedName) *backoffEntry {
+// GetEntry returns a back-off entry by Pod ID.
+func (p *PodBackoff) GetEntry(podID ktypes.NamespacedName) *BackoffEntry {
 	p.lock.Lock()
 	defer p.lock.Unlock()
 	entry, ok := p.perPodBackoff[podID]
 	if !ok {
-		entry = &backoffEntry{backoff: p.defaultDuration}
+		entry = &BackoffEntry{backoff: p.defaultDuration}
 		p.perPodBackoff[podID] = entry
 	}
 	entry.lastUpdate = p.clock.Now()
 	return entry
 }
 
+// Gc execute garbage collection on the pod back-off.
 func (p *PodBackoff) Gc() {
 	p.lock.Lock()
 	defer p.lock.Unlock()
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/util/testutil.go b/vendor/k8s.io/kubernetes/pkg/scheduler/util/testutil.go
similarity index 97%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/util/testutil.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/util/testutil.go
index 45ce2df112d8..7b3cf0d210af 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/util/testutil.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/util/testutil.go
@@ -28,9 +28,11 @@ import (
 	"k8s.io/kubernetes/pkg/api/legacyscheme"
 	api "k8s.io/kubernetes/pkg/apis/core"
 
+	// Init the core api installation
 	_ "k8s.io/kubernetes/pkg/apis/core/install"
 )
 
+// TestGroup defines a api group for testing.
 type TestGroup struct {
 	externalGroupVersion schema.GroupVersion
 	internalGroupVersion schema.GroupVersion
@@ -39,8 +41,10 @@ type TestGroup struct {
 }
 
 var (
+	// Groups defines a TestGroup map.
 	Groups = make(map[string]TestGroup)
-	Test   TestGroup
+	// Test defines a TestGroup object.
+	Test TestGroup
 
 	serializer runtime.SerializerInfo
 )
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/util/utils.go b/vendor/k8s.io/kubernetes/pkg/scheduler/util/utils.go
similarity index 54%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/util/utils.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/util/utils.go
index 66a004e00135..731ad7a01455 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/util/utils.go
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/util/utils.go
@@ -17,7 +17,6 @@ limitations under the License.
 package util
 
 import (
-	"fmt"
 	"sort"
 
 	"k8s.io/api/core/v1"
@@ -26,35 +25,129 @@ import (
 	"k8s.io/kubernetes/pkg/features"
 )
 
+// DefaultBindAllHostIP defines the default ip address used to bind to all host.
 const DefaultBindAllHostIP = "0.0.0.0"
 
-// GetUsedPorts returns the used host ports of Pods: if 'port' was used, a 'port:true' pair
+// ProtocolPort represents a protocol port pair, e.g. tcp:80.
+type ProtocolPort struct {
+	Protocol string
+	Port     int32
+}
+
+// NewProtocolPort creates a ProtocolPort instance.
+func NewProtocolPort(protocol string, port int32) *ProtocolPort {
+	pp := &ProtocolPort{
+		Protocol: protocol,
+		Port:     port,
+	}
+
+	if len(pp.Protocol) == 0 {
+		pp.Protocol = string(v1.ProtocolTCP)
+	}
+
+	return pp
+}
+
+// HostPortInfo stores mapping from ip to a set of ProtocolPort
+type HostPortInfo map[string]map[ProtocolPort]struct{}
+
+// Add adds (ip, protocol, port) to HostPortInfo
+func (h HostPortInfo) Add(ip, protocol string, port int32) {
+	if port <= 0 {
+		return
+	}
+
+	h.sanitize(&ip, &protocol)
+
+	pp := NewProtocolPort(protocol, port)
+	if _, ok := h[ip]; !ok {
+		h[ip] = map[ProtocolPort]struct{}{
+			*pp: {},
+		}
+		return
+	}
+
+	h[ip][*pp] = struct{}{}
+}
+
+// Remove removes (ip, protocol, port) from HostPortInfo
+func (h HostPortInfo) Remove(ip, protocol string, port int32) {
+	if port <= 0 {
+		return
+	}
+
+	h.sanitize(&ip, &protocol)
+
+	pp := NewProtocolPort(protocol, port)
+	if m, ok := h[ip]; ok {
+		delete(m, *pp)
+		if len(h[ip]) == 0 {
+			delete(h, ip)
+		}
+	}
+}
+
+// Len returns the total number of (ip, protocol, port) tuple in HostPortInfo
+func (h HostPortInfo) Len() int {
+	length := 0
+	for _, m := range h {
+		length += len(m)
+	}
+	return length
+}
+
+// CheckConflict checks if the input (ip, protocol, port) conflicts with the existing
+// ones in HostPortInfo.
+func (h HostPortInfo) CheckConflict(ip, protocol string, port int32) bool {
+	if port <= 0 {
+		return false
+	}
+
+	h.sanitize(&ip, &protocol)
+
+	pp := NewProtocolPort(protocol, port)
+
+	// If ip is 0.0.0.0 check all IP's (protocol, port) pair
+	if ip == DefaultBindAllHostIP {
+		for _, m := range h {
+			if _, ok := m[*pp]; ok {
+				return true
+			}
+		}
+		return false
+	}
+
+	// If ip isn't 0.0.0.0, only check IP and 0.0.0.0's (protocol, port) pair
+	for _, key := range []string{DefaultBindAllHostIP, ip} {
+		if m, ok := h[key]; ok {
+			if _, ok2 := m[*pp]; ok2 {
+				return true
+			}
+		}
+	}
+
+	return false
+}
+
+// sanitize the parameters
+func (h HostPortInfo) sanitize(ip, protocol *string) {
+	if len(*ip) == 0 {
+		*ip = DefaultBindAllHostIP
+	}
+	if len(*protocol) == 0 {
+		*protocol = string(v1.ProtocolTCP)
+	}
+}
+
+// GetContainerPorts returns the used host ports of Pods: if 'port' was used, a 'port:true' pair
 // will be in the result; but it does not resolve port conflict.
-func GetUsedPorts(pods ...*v1.Pod) map[string]bool {
-	ports := make(map[string]bool)
+func GetContainerPorts(pods ...*v1.Pod) []*v1.ContainerPort {
+	var ports []*v1.ContainerPort
 	for _, pod := range pods {
 		for j := range pod.Spec.Containers {
 			container := &pod.Spec.Containers[j]
 			for k := range container.Ports {
-				podPort := &container.Ports[k]
-				// "0" is explicitly ignored in PodFitsHostPorts,
-				// which is the only function that uses this value.
-				if podPort.HostPort != 0 {
-					// user does not explicitly set protocol, default is tcp
-					portProtocol := podPort.Protocol
-					if podPort.Protocol == "" {
-						portProtocol = v1.ProtocolTCP
-					}
-
-					// user does not explicitly set hostIP, default is 0.0.0.0
-					portHostIP := podPort.HostIP
-					if podPort.HostIP == "" {
-						portHostIP = "0.0.0.0"
-					}
-
-					str := fmt.Sprintf("%s/%s/%d", portProtocol, portHostIP, podPort.HostPort)
-					ports[str] = true
-				}
+				ports = append(ports, &container.Ports[k])
 			}
 		}
 	}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/volumebinder/BUILD b/vendor/k8s.io/kubernetes/pkg/scheduler/volumebinder/BUILD
similarity index 93%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/volumebinder/BUILD
rename to vendor/k8s.io/kubernetes/pkg/scheduler/volumebinder/BUILD
index f942bfecdb87..0656eeee2748 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/volumebinder/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/scheduler/volumebinder/BUILD
@@ -3,7 +3,7 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library")
 go_library(
     name = "go_default_library",
     srcs = ["volume_binder.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/scheduler/volumebinder",
+    importpath = "k8s.io/kubernetes/pkg/scheduler/volumebinder",
     visibility = ["//visibility:public"],
     deps = [
         "//pkg/controller/volume/persistentvolume:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/volumebinder/volume_binder.go b/vendor/k8s.io/kubernetes/pkg/scheduler/volumebinder/volume_binder.go
similarity index 100%
rename from vendor/k8s.io/kubernetes/plugin/pkg/scheduler/volumebinder/volume_binder.go
rename to vendor/k8s.io/kubernetes/pkg/scheduler/volumebinder/volume_binder.go
diff --git a/vendor/k8s.io/kubernetes/pkg/security/apparmor/BUILD b/vendor/k8s.io/kubernetes/pkg/security/apparmor/BUILD
index ad686ff2ab28..82829b342145 100644
--- a/vendor/k8s.io/kubernetes/pkg/security/apparmor/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/security/apparmor/BUILD
@@ -11,8 +11,39 @@ go_library(
     srcs = [
         "helpers.go",
         "validate.go",
-        "validate_disabled.go",
-    ],
+    ] + select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "validate_disabled.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "validate_disabled.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "validate_disabled.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "validate_disabled.go",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "validate_disabled.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "validate_disabled.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "validate_disabled.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "validate_disabled.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "validate_disabled.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "validate_disabled.go",
+        ],
+        "//conditions:default": [],
+    }),
     importpath = "k8s.io/kubernetes/pkg/security/apparmor",
     deps = [
         "//pkg/features:go_default_library",
@@ -29,8 +60,7 @@ go_test(
     data = [
         "testdata/profiles",
     ],
-    importpath = "k8s.io/kubernetes/pkg/security/apparmor",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/BUILD b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/BUILD
index 282d256aaef3..f2c8a332913a 100644
--- a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/BUILD
@@ -27,7 +27,6 @@ go_library(
         "//pkg/security/podsecuritypolicy/user:go_default_library",
         "//pkg/security/podsecuritypolicy/util:go_default_library",
         "//pkg/securitycontext:go_default_library",
-        "//pkg/util/maps:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
     ],
@@ -36,8 +35,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["provider_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/security/podsecuritypolicy",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/apparmor/BUILD b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/apparmor/BUILD
index d1cf962c8faf..40cc26bf42ac 100644
--- a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/apparmor/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/apparmor/BUILD
@@ -21,8 +21,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/security/podsecuritypolicy/apparmor",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/security/apparmor:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/capabilities/BUILD b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/capabilities/BUILD
index 87681f9e7887..cafbaa6343b9 100644
--- a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/capabilities/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/capabilities/BUILD
@@ -9,8 +9,8 @@ load(
 go_library(
     name = "go_default_library",
     srcs = [
+        "capabilities.go",
         "doc.go",
-        "mustrunas.go",
         "types.go",
     ],
     importpath = "k8s.io/kubernetes/pkg/security/podsecuritypolicy/capabilities",
@@ -24,9 +24,8 @@ go_library(
 
 go_test(
     name = "go_default_test",
-    srcs = ["mustrunas_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/security/podsecuritypolicy/capabilities",
-    library = ":go_default_library",
+    srcs = ["capabilities_test.go"],
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/extensions:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/capabilities/mustrunas.go b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/capabilities/capabilities.go
similarity index 100%
rename from vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/capabilities/mustrunas.go
rename to vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/capabilities/capabilities.go
diff --git a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/group/BUILD b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/group/BUILD
index 2a7bbe66e3f8..27e2be78bc96 100644
--- a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/group/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/group/BUILD
@@ -29,12 +29,8 @@ go_test(
         "mustrunas_test.go",
         "runasany_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/security/podsecuritypolicy/group",
-    library = ":go_default_library",
-    deps = [
-        "//pkg/apis/core:go_default_library",
-        "//pkg/apis/extensions:go_default_library",
-    ],
+    embed = [":go_default_library"],
+    deps = ["//pkg/apis/extensions:go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/provider.go b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/provider.go
index b10aa15555c0..8567ecf437ae 100644
--- a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/provider.go
+++ b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/provider.go
@@ -25,7 +25,6 @@ import (
 	"k8s.io/kubernetes/pkg/apis/extensions"
 	psputil "k8s.io/kubernetes/pkg/security/podsecuritypolicy/util"
 	"k8s.io/kubernetes/pkg/securitycontext"
-	"k8s.io/kubernetes/pkg/util/maps"
 )
 
 // used to pass in the field being validated for reusable group strategies so they
@@ -64,17 +63,16 @@ func NewSimpleProvider(psp *extensions.PodSecurityPolicy, namespace string, stra
 	}, nil
 }
 
-// Create a PodSecurityContext based on the given constraints.  If a setting is already set
-// on the PodSecurityContext it will not be changed.  Validate should be used after the context
-// is created to ensure it complies with the required restrictions.
-func (s *simpleProvider) CreatePodSecurityContext(pod *api.Pod) (*api.PodSecurityContext, map[string]string, error) {
+// DefaultPodSecurityContext sets the default values of the required but not filled fields.
+// It modifies the SecurityContext and annotations of the provided pod. Validation should be
+// used after the context is defaulted to ensure it complies with the required restrictions.
+func (s *simpleProvider) DefaultPodSecurityContext(pod *api.Pod) error {
 	sc := securitycontext.NewPodSecurityContextMutator(pod.Spec.SecurityContext)
-	annotations := maps.CopySS(pod.Annotations)
 
 	if sc.SupplementalGroups() == nil {
 		supGroups, err := s.strategies.SupplementalGroupStrategy.Generate(pod)
 		if err != nil {
-			return nil, nil, err
+			return err
 		}
 		sc.SetSupplementalGroups(supGroups)
 	}
@@ -82,7 +80,7 @@ func (s *simpleProvider) CreatePodSecurityContext(pod *api.Pod) (*api.PodSecurit
 	if sc.FSGroup() == nil {
 		fsGroup, err := s.strategies.FSGroupStrategy.GenerateSingle(pod)
 		if err != nil {
-			return nil, nil, err
+			return err
 		}
 		sc.SetFSGroup(fsGroup)
 	}
@@ -90,41 +88,42 @@ func (s *simpleProvider) CreatePodSecurityContext(pod *api.Pod) (*api.PodSecurit
 	if sc.SELinuxOptions() == nil {
 		seLinux, err := s.strategies.SELinuxStrategy.Generate(pod, nil)
 		if err != nil {
-			return nil, nil, err
+			return err
 		}
 		sc.SetSELinuxOptions(seLinux)
 	}
 
 	// This is only generated on the pod level.  Containers inherit the pod's profile.  If the
 	// container has a specific profile set then it will be caught in the validation step.
-	seccompProfile, err := s.strategies.SeccompStrategy.Generate(annotations, pod)
+	seccompProfile, err := s.strategies.SeccompStrategy.Generate(pod.Annotations, pod)
 	if err != nil {
-		return nil, nil, err
+		return err
 	}
 	if seccompProfile != "" {
-		if annotations == nil {
-			annotations = map[string]string{}
+		if pod.Annotations == nil {
+			pod.Annotations = map[string]string{}
 		}
-		annotations[api.SeccompPodAnnotationKey] = seccompProfile
+		pod.Annotations[api.SeccompPodAnnotationKey] = seccompProfile
 	}
-	return sc.PodSecurityContext(), annotations, nil
+
+	pod.Spec.SecurityContext = sc.PodSecurityContext()
+
+	return nil
 }
 
-// Create a SecurityContext based on the given constraints.  If a setting is already set on the
-// container's security context then it will not be changed.  Validation should be used after
-// the context is created to ensure it complies with the required restrictions.
-func (s *simpleProvider) CreateContainerSecurityContext(pod *api.Pod, container *api.Container) (*api.SecurityContext, map[string]string, error) {
+// DefaultContainerSecurityContext sets the default values of the required but not filled fields.
+// It modifies the SecurityContext of the container and annotations of the pod. Validation should
+// be used after the context is defaulted to ensure it complies with the required restrictions.
+func (s *simpleProvider) DefaultContainerSecurityContext(pod *api.Pod, container *api.Container) error {
 	sc := securitycontext.NewEffectiveContainerSecurityContextMutator(
 		securitycontext.NewPodSecurityContextAccessor(pod.Spec.SecurityContext),
 		securitycontext.NewContainerSecurityContextMutator(container.SecurityContext),
 	)
 
-	annotations := maps.CopySS(pod.Annotations)
-
 	if sc.RunAsUser() == nil {
 		uid, err := s.strategies.RunAsUserStrategy.Generate(pod, container)
 		if err != nil {
-			return nil, nil, err
+			return err
 		}
 		sc.SetRunAsUser(uid)
 	}
@@ -132,14 +131,14 @@ func (s *simpleProvider) CreateContainerSecurityContext(pod *api.Pod, container
 	if sc.SELinuxOptions() == nil {
 		seLinux, err := s.strategies.SELinuxStrategy.Generate(pod, container)
 		if err != nil {
-			return nil, nil, err
+			return err
 		}
 		sc.SetSELinuxOptions(seLinux)
 	}
 
-	annotations, err := s.strategies.AppArmorStrategy.Generate(annotations, container)
+	annotations, err := s.strategies.AppArmorStrategy.Generate(pod.Annotations, container)
 	if err != nil {
-		return nil, nil, err
+		return err
 	}
 
 	// if we're using the non-root strategy set the marker that this container should not be
@@ -152,7 +151,7 @@ func (s *simpleProvider) CreateContainerSecurityContext(pod *api.Pod, container
 
 	caps, err := s.strategies.CapabilitiesStrategy.Generate(pod, container)
 	if err != nil {
-		return nil, nil, err
+		return err
 	}
 	sc.SetCapabilities(caps)
 
@@ -174,11 +173,14 @@ func (s *simpleProvider) CreateContainerSecurityContext(pod *api.Pod, container
 		sc.SetAllowPrivilegeEscalation(&s.psp.Spec.AllowPrivilegeEscalation)
 	}
 
-	return sc.ContainerSecurityContext(), annotations, nil
+	pod.Annotations = annotations
+	container.SecurityContext = sc.ContainerSecurityContext()
+
+	return nil
 }
 
-// Ensure a pod's SecurityContext is in compliance with the given constraints.
-func (s *simpleProvider) ValidatePodSecurityContext(pod *api.Pod, fldPath *field.Path) field.ErrorList {
+// ValidatePod ensure a pod is in compliance with the given constraints.
+func (s *simpleProvider) ValidatePod(pod *api.Pod, fldPath *field.Path) field.ErrorList {
 	allErrs := field.ErrorList{}
 
 	sc := securitycontext.NewPodSecurityContextAccessor(pod.Spec.SecurityContext)
@@ -207,8 +209,6 @@ func (s *simpleProvider) ValidatePodSecurityContext(pod *api.Pod, fldPath *field
 
 	allErrs = append(allErrs, s.strategies.SysctlsStrategy.Validate(pod)...)
 
-	// TODO(tallclair): ValidatePodSecurityContext should be renamed to ValidatePod since its scope
-	// is not limited to the PodSecurityContext.
 	if len(pod.Spec.Volumes) > 0 {
 		allowsAllVolumeTypes := psputil.PSPAllowsAllVolumes(s.psp)
 		allowedVolumes := psputil.FSTypeToStringSet(s.psp.Spec.Volumes)
diff --git a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/seccomp/BUILD b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/seccomp/BUILD
index c49f6fc6996b..97a4a3eb4d9a 100644
--- a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/seccomp/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/seccomp/BUILD
@@ -19,8 +19,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["strategy_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/security/podsecuritypolicy/seccomp",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/selinux/BUILD b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/selinux/BUILD
index 97f5e5292c07..c8662912316d 100644
--- a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/selinux/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/selinux/BUILD
@@ -18,6 +18,7 @@ go_library(
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/extensions:go_default_library",
+        "//pkg/security/podsecuritypolicy/util:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
     ],
 )
@@ -28,8 +29,7 @@ go_test(
         "mustrunas_test.go",
         "runasany_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/security/podsecuritypolicy/selinux",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/extensions:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/selinux/mustrunas.go b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/selinux/mustrunas.go
index b2605cd3304b..67f23b995080 100644
--- a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/selinux/mustrunas.go
+++ b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/selinux/mustrunas.go
@@ -18,10 +18,13 @@ package selinux
 
 import (
 	"fmt"
+	"sort"
+	"strings"
 
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	api "k8s.io/kubernetes/pkg/apis/core"
 	"k8s.io/kubernetes/pkg/apis/extensions"
+	"k8s.io/kubernetes/pkg/security/podsecuritypolicy/util"
 )
 
 type mustRunAs struct {
@@ -55,7 +58,7 @@ func (s *mustRunAs) Validate(fldPath *field.Path, _ *api.Pod, _ *api.Container,
 		allErrs = append(allErrs, field.Required(fldPath, ""))
 		return allErrs
 	}
-	if seLinux.Level != s.opts.SELinuxOptions.Level {
+	if !equalLevels(s.opts.SELinuxOptions.Level, seLinux.Level) {
 		detail := fmt.Sprintf("must be %s", s.opts.SELinuxOptions.Level)
 		allErrs = append(allErrs, field.Invalid(fldPath.Child("level"), seLinux.Level, detail))
 	}
@@ -74,3 +77,44 @@ func (s *mustRunAs) Validate(fldPath *field.Path, _ *api.Pod, _ *api.Container,
 
 	return allErrs
 }
+
+// equalLevels compares SELinux levels for equality.
+func equalLevels(expected, actual string) bool {
+	if expected == actual {
+		return true
+	}
+	// "s0:c6,c0" => [ "s0", "c6,c0" ]
+	expectedParts := strings.SplitN(expected, ":", 2)
+	actualParts := strings.SplitN(actual, ":", 2)
+
+	// both SELinux levels must be in a format "sX:cY"
+	if len(expectedParts) != 2 || len(actualParts) != 2 {
+		return false
+	}
+
+	if !equalSensitivity(expectedParts[0], actualParts[0]) {
+		return false
+	}
+
+	if !equalCategories(expectedParts[1], actualParts[1]) {
+		return false
+	}
+
+	return true
+}
+
+// equalSensitivity compares sensitivities of the SELinux levels for equality.
+func equalSensitivity(expected, actual string) bool {
+	return expected == actual
+}
+
+// equalCategories compares categories of the SELinux levels for equality.
+func equalCategories(expected, actual string) bool {
+	expectedCategories := strings.Split(expected, ",")
+	actualCategories := strings.Split(actual, ",")
+
+	sort.Strings(expectedCategories)
+	sort.Strings(actualCategories)
+
+	return util.EqualStringSlices(expectedCategories, actualCategories)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/sysctl/BUILD b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/sysctl/BUILD
index dbd473ec8373..b466cbbeb282 100644
--- a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/sysctl/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/sysctl/BUILD
@@ -23,8 +23,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["mustmatchpatterns_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/security/podsecuritypolicy/sysctl",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/helper:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/types.go b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/types.go
index 31fcc5484d8b..c839c680e3b9 100644
--- a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/types.go
@@ -32,14 +32,14 @@ import (
 // Provider provides the implementation to generate a new security
 // context based on constraints or validate an existing security context against constraints.
 type Provider interface {
-	// Create a PodSecurityContext based on the given constraints. Also returns an updated set
-	// of Pod annotations for alpha feature support.
-	CreatePodSecurityContext(pod *api.Pod) (*api.PodSecurityContext, map[string]string, error)
-	// Create a container SecurityContext based on the given constraints. Also returns an updated set
-	// of Pod annotations for alpha feature support.
-	CreateContainerSecurityContext(pod *api.Pod, container *api.Container) (*api.SecurityContext, map[string]string, error)
-	// Ensure a pod's SecurityContext is in compliance with the given constraints.
-	ValidatePodSecurityContext(pod *api.Pod, fldPath *field.Path) field.ErrorList
+	// DefaultPodSecurityContext sets the default values of the required but not filled fields.
+	// It modifies the SecurityContext and annotations of the provided pod.
+	DefaultPodSecurityContext(pod *api.Pod) error
+	// DefaultContainerSecurityContext sets the default values of the required but not filled fields.
+	// It modifies the SecurityContext of the container and annotations of the pod.
+	DefaultContainerSecurityContext(pod *api.Pod, container *api.Container) error
+	// Ensure a pod is in compliance with the given constraints.
+	ValidatePod(pod *api.Pod, fldPath *field.Path) field.ErrorList
 	// Ensure a container's SecurityContext is in compliance with the given constraints
 	ValidateContainerSecurityContext(pod *api.Pod, container *api.Container, fldPath *field.Path) field.ErrorList
 	// Get the name of the PSP that this provider was initialized with.
diff --git a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/user/BUILD b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/user/BUILD
index f4e57284ad07..03ebcfeea982 100644
--- a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/user/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/user/BUILD
@@ -31,8 +31,7 @@ go_test(
         "nonroot_test.go",
         "runasany_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/security/podsecuritypolicy/user",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/extensions:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/util/BUILD b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/util/BUILD
index 118784e9f0ff..aa2d980535aa 100644
--- a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/util/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/util/BUILD
@@ -23,8 +23,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["util_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/security/podsecuritypolicy/util",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/extensions:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/util/util.go b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/util/util.go
index d654f88c77fa..d581f5012a07 100644
--- a/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/util/util.go
+++ b/vendor/k8s.io/kubernetes/pkg/security/podsecuritypolicy/util/util.go
@@ -222,3 +222,17 @@ func hasPathPrefix(s, pathPrefix string) bool {
 
 	return false
 }
+
+// EqualStringSlices compares string slices for equality. Slices are equal when
+// their sizes and elements on similar positions are equal.
+func EqualStringSlices(a, b []string) bool {
+	if len(a) != len(b) {
+		return false
+	}
+	for i := 0; i < len(a); i++ {
+		if a[i] != b[i] {
+			return false
+		}
+	}
+	return true
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/securitycontext/BUILD b/vendor/k8s.io/kubernetes/pkg/securitycontext/BUILD
index fa4eb424a0eb..def21ae17913 100644
--- a/vendor/k8s.io/kubernetes/pkg/securitycontext/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/securitycontext/BUILD
@@ -27,8 +27,7 @@ go_test(
         "accessors_test.go",
         "util_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/securitycontext",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/securitycontext/util.go b/vendor/k8s.io/kubernetes/pkg/securitycontext/util.go
index 73d23a43131b..38377f40f57e 100644
--- a/vendor/k8s.io/kubernetes/pkg/securitycontext/util.go
+++ b/vendor/k8s.io/kubernetes/pkg/securitycontext/util.go
@@ -21,7 +21,6 @@ import (
 	"strings"
 
 	"k8s.io/api/core/v1"
-	api "k8s.io/kubernetes/pkg/apis/core"
 )
 
 // HasPrivilegedRequest returns the value of SecurityContext.Privileged, taking into account
@@ -123,6 +122,11 @@ func DetermineEffectiveSecurityContext(pod *v1.Pod, container *v1.Container) *v1
 		*effectiveSc.RunAsUser = *containerSc.RunAsUser
 	}
 
+	if containerSc.RunAsGroup != nil {
+		effectiveSc.RunAsGroup = new(int64)
+		*effectiveSc.RunAsGroup = *containerSc.RunAsGroup
+	}
+
 	if containerSc.RunAsNonRoot != nil {
 		effectiveSc.RunAsNonRoot = new(bool)
 		*effectiveSc.RunAsNonRoot = *containerSc.RunAsNonRoot
@@ -157,81 +161,9 @@ func securityContextFromPodSecurityContext(pod *v1.Pod) *v1.SecurityContext {
 		*synthesized.RunAsUser = *pod.Spec.SecurityContext.RunAsUser
 	}
 
-	if pod.Spec.SecurityContext.RunAsNonRoot != nil {
-		synthesized.RunAsNonRoot = new(bool)
-		*synthesized.RunAsNonRoot = *pod.Spec.SecurityContext.RunAsNonRoot
-	}
-
-	return synthesized
-}
-
-// TODO: remove the duplicate code
-func InternalDetermineEffectiveSecurityContext(pod *api.Pod, container *api.Container) *api.SecurityContext {
-	effectiveSc := internalSecurityContextFromPodSecurityContext(pod)
-	containerSc := container.SecurityContext
-
-	if effectiveSc == nil && containerSc == nil {
-		return nil
-	}
-	if effectiveSc != nil && containerSc == nil {
-		return effectiveSc
-	}
-	if effectiveSc == nil && containerSc != nil {
-		return containerSc
-	}
-
-	if containerSc.SELinuxOptions != nil {
-		effectiveSc.SELinuxOptions = new(api.SELinuxOptions)
-		*effectiveSc.SELinuxOptions = *containerSc.SELinuxOptions
-	}
-
-	if containerSc.Capabilities != nil {
-		effectiveSc.Capabilities = new(api.Capabilities)
-		*effectiveSc.Capabilities = *containerSc.Capabilities
-	}
-
-	if containerSc.Privileged != nil {
-		effectiveSc.Privileged = new(bool)
-		*effectiveSc.Privileged = *containerSc.Privileged
-	}
-
-	if containerSc.RunAsUser != nil {
-		effectiveSc.RunAsUser = new(int64)
-		*effectiveSc.RunAsUser = *containerSc.RunAsUser
-	}
-
-	if containerSc.RunAsNonRoot != nil {
-		effectiveSc.RunAsNonRoot = new(bool)
-		*effectiveSc.RunAsNonRoot = *containerSc.RunAsNonRoot
-	}
-
-	if containerSc.ReadOnlyRootFilesystem != nil {
-		effectiveSc.ReadOnlyRootFilesystem = new(bool)
-		*effectiveSc.ReadOnlyRootFilesystem = *containerSc.ReadOnlyRootFilesystem
-	}
-
-	if containerSc.AllowPrivilegeEscalation != nil {
-		effectiveSc.AllowPrivilegeEscalation = new(bool)
-		*effectiveSc.AllowPrivilegeEscalation = *containerSc.AllowPrivilegeEscalation
-	}
-
-	return effectiveSc
-}
-
-func internalSecurityContextFromPodSecurityContext(pod *api.Pod) *api.SecurityContext {
-	if pod.Spec.SecurityContext == nil {
-		return nil
-	}
-
-	synthesized := &api.SecurityContext{}
-
-	if pod.Spec.SecurityContext.SELinuxOptions != nil {
-		synthesized.SELinuxOptions = &api.SELinuxOptions{}
-		*synthesized.SELinuxOptions = *pod.Spec.SecurityContext.SELinuxOptions
-	}
-	if pod.Spec.SecurityContext.RunAsUser != nil {
-		synthesized.RunAsUser = new(int64)
-		*synthesized.RunAsUser = *pod.Spec.SecurityContext.RunAsUser
+	if pod.Spec.SecurityContext.RunAsGroup != nil {
+		synthesized.RunAsGroup = new(int64)
+		*synthesized.RunAsGroup = *pod.Spec.SecurityContext.RunAsGroup
 	}
 
 	if pod.Spec.SecurityContext.RunAsNonRoot != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/serviceaccount/BUILD b/vendor/k8s.io/kubernetes/pkg/serviceaccount/BUILD
index afafa2849d9a..eaa64787b16d 100644
--- a/vendor/k8s.io/kubernetes/pkg/serviceaccount/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/serviceaccount/BUILD
@@ -9,15 +9,19 @@ load(
 go_library(
     name = "go_default_library",
     srcs = [
+        "claims.go",
         "jwt.go",
+        "legacy.go",
         "util.go",
     ],
     importpath = "k8s.io/kubernetes/pkg/serviceaccount",
     deps = [
         "//pkg/apis/core:go_default_library",
-        "//vendor/github.com/dgrijalva/jwt-go:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/gopkg.in/square/go-jose.v2:go_default_library",
+        "//vendor/gopkg.in/square/go-jose.v2/jwt:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/authenticator:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/serviceaccount:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library",
@@ -27,7 +31,6 @@ go_library(
 go_test(
     name = "go_default_xtest",
     srcs = ["jwt_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/serviceaccount_test",
     deps = [
         ":go_default_library",
         "//pkg/controller/serviceaccount:go_default_library",
@@ -52,3 +55,18 @@ filegroup(
     srcs = [":package-srcs"],
     tags = ["automanaged"],
 )
+
+go_test(
+    name = "go_default_test",
+    srcs = [
+        "claims_test.go",
+        "util_test.go",
+    ],
+    embed = [":go_default_library"],
+    deps = [
+        "//pkg/apis/core:go_default_library",
+        "//vendor/gopkg.in/square/go-jose.v2/jwt:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+    ],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/serviceaccount/claims.go b/vendor/k8s.io/kubernetes/pkg/serviceaccount/claims.go
new file mode 100644
index 000000000000..c3ed29c4c2df
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/serviceaccount/claims.go
@@ -0,0 +1,186 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package serviceaccount
+
+import (
+	"errors"
+	"fmt"
+	"time"
+
+	"github.com/golang/glog"
+	apiserverserviceaccount "k8s.io/apiserver/pkg/authentication/serviceaccount"
+	"k8s.io/kubernetes/pkg/apis/core"
+
+	"gopkg.in/square/go-jose.v2/jwt"
+)
+
+// time.Now stubbed out to allow testing
+var now = time.Now
+
+type privateClaims struct {
+	Kubernetes kubernetes `json:"kubernetes.io,omitempty"`
+}
+
+type kubernetes struct {
+	Namespace string `json:"namespace,omitempty"`
+	Svcacct   ref    `json:"serviceaccount,omitempty"`
+	Pod       *ref   `json:"pod,omitempty"`
+	Secret    *ref   `json:"secret,omitempty"`
+}
+
+type ref struct {
+	Name string `json:"name,omitempty"`
+	UID  string `json:"uid,omitempty"`
+}
+
+func Claims(sa core.ServiceAccount, pod *core.Pod, secret *core.Secret, expirationSeconds int64, audience []string) (*jwt.Claims, interface{}) {
+	now := now()
+	sc := &jwt.Claims{
+		Subject:   apiserverserviceaccount.MakeUsername(sa.Namespace, sa.Name),
+		Audience:  jwt.Audience(audience),
+		IssuedAt:  jwt.NewNumericDate(now),
+		NotBefore: jwt.NewNumericDate(now),
+		Expiry:    jwt.NewNumericDate(now.Add(time.Duration(expirationSeconds) * time.Second)),
+	}
+	pc := &privateClaims{
+		Kubernetes: kubernetes{
+			Namespace: sa.Namespace,
+			Svcacct: ref{
+				Name: sa.Name,
+				UID:  string(sa.UID),
+			},
+		},
+	}
+	switch {
+	case pod != nil:
+		pc.Kubernetes.Pod = &ref{
+			Name: pod.Name,
+			UID:  string(pod.UID),
+		}
+	case secret != nil:
+		pc.Kubernetes.Secret = &ref{
+			Name: secret.Name,
+			UID:  string(secret.UID),
+		}
+	}
+	return sc, pc
+}
+
+func NewValidator(audiences []string, getter ServiceAccountTokenGetter) Validator {
+	return &validator{
+		auds:   audiences,
+		getter: getter,
+	}
+}
+
+type validator struct {
+	auds   []string
+	getter ServiceAccountTokenGetter
+}
+
+var _ = Validator(&validator{})
+
+func (v *validator) Validate(_ string, public *jwt.Claims, privateObj interface{}) (string, string, string, error) {
+	private, ok := privateObj.(*privateClaims)
+	if !ok {
+		glog.Errorf("jwt validator expected private claim of type *privateClaims but got: %T", privateObj)
+		return "", "", "", errors.New("Token could not be validated.")
+	}
+	err := public.Validate(jwt.Expected{
+		Time: now(),
+	})
+	switch {
+	case err == nil:
+	case err == jwt.ErrExpired:
+		return "", "", "", errors.New("Token has expired.")
+	default:
+		glog.Errorf("unexpected validation error: %T", err)
+		return "", "", "", errors.New("Token could not be validated.")
+	}
+
+	var audValid bool
+
+	for _, aud := range v.auds {
+		audValid = public.Audience.Contains(aud)
+		if audValid {
+			break
+		}
+	}
+
+	if !audValid {
+		return "", "", "", errors.New("Token is invalid for this audience.")
+	}
+
+	namespace := private.Kubernetes.Namespace
+	saref := private.Kubernetes.Svcacct
+	podref := private.Kubernetes.Pod
+	secref := private.Kubernetes.Secret
+	// Make sure service account still exists (name and UID)
+	serviceAccount, err := v.getter.GetServiceAccount(namespace, saref.Name)
+	if err != nil {
+		glog.V(4).Infof("Could not retrieve service account %s/%s: %v", namespace, saref.Name, err)
+		return "", "", "", err
+	}
+	if serviceAccount.DeletionTimestamp != nil {
+		glog.V(4).Infof("Service account has been deleted %s/%s", namespace, saref.Name)
+		return "", "", "", fmt.Errorf("ServiceAccount %s/%s has been deleted", namespace, saref.Name)
+	}
+	if string(serviceAccount.UID) != saref.UID {
+		glog.V(4).Infof("Service account UID no longer matches %s/%s: %q != %q", namespace, saref.Name, string(serviceAccount.UID), saref.UID)
+		return "", "", "", fmt.Errorf("ServiceAccount UID (%s) does not match claim (%s)", serviceAccount.UID, saref.UID)
+	}
+
+	if secref != nil {
+		// Make sure token hasn't been invalidated by deletion of the secret
+		secret, err := v.getter.GetSecret(namespace, secref.Name)
+		if err != nil {
+			glog.V(4).Infof("Could not retrieve bound secret %s/%s for service account %s/%s: %v", namespace, secref.Name, namespace, saref.Name, err)
+			return "", "", "", errors.New("Token has been invalidated")
+		}
+		if secret.DeletionTimestamp != nil {
+			glog.V(4).Infof("Bound secret is deleted and awaiting removal: %s/%s for service account %s/%s", namespace, secref.Name, namespace, saref.Name)
+			return "", "", "", errors.New("Token has been invalidated")
+		}
+		if string(secref.UID) != secref.UID {
+			glog.V(4).Infof("Secret UID no longer matches %s/%s: %q != %q", namespace, secref.Name, string(serviceAccount.UID), secref.UID)
+			return "", "", "", fmt.Errorf("Secret UID (%s) does not match claim (%s)", secret.UID, secref.UID)
+		}
+	}
+
+	if podref != nil {
+		// Make sure token hasn't been invalidated by deletion of the pod
+		pod, err := v.getter.GetPod(namespace, podref.Name)
+		if err != nil {
+			glog.V(4).Infof("Could not retrieve bound secret %s/%s for service account %s/%s: %v", namespace, podref.Name, namespace, saref.Name, err)
+			return "", "", "", errors.New("Token has been invalidated")
+		}
+		if pod.DeletionTimestamp != nil {
+			glog.V(4).Infof("Bound pod is deleted and awaiting removal: %s/%s for service account %s/%s", namespace, podref.Name, namespace, saref.Name)
+			return "", "", "", errors.New("Token has been invalidated")
+		}
+		if string(podref.UID) != podref.UID {
+			glog.V(4).Infof("Pod UID no longer matches %s/%s: %q != %q", namespace, podref.Name, string(serviceAccount.UID), podref.UID)
+			return "", "", "", fmt.Errorf("Pod UID (%s) does not match claim (%s)", pod.UID, podref.UID)
+		}
+	}
+
+	return private.Kubernetes.Namespace, private.Kubernetes.Svcacct.Name, private.Kubernetes.Svcacct.UID, nil
+}
+
+func (v *validator) NewPrivateClaims() interface{} {
+	return &privateClaims{}
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/serviceaccount/jwt.go b/vendor/k8s.io/kubernetes/pkg/serviceaccount/jwt.go
index a7051be3077a..01c369a31f39 100644
--- a/vendor/k8s.io/kubernetes/pkg/serviceaccount/jwt.go
+++ b/vendor/k8s.io/kubernetes/pkg/serviceaccount/jwt.go
@@ -17,69 +17,69 @@ limitations under the License.
 package serviceaccount
 
 import (
-	"bytes"
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rsa"
+	"encoding/base64"
+	"encoding/json"
 	"errors"
 	"fmt"
+	"strings"
 
 	"k8s.io/api/core/v1"
+	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 	"k8s.io/apiserver/pkg/authentication/authenticator"
-	apiserverserviceaccount "k8s.io/apiserver/pkg/authentication/serviceaccount"
 	"k8s.io/apiserver/pkg/authentication/user"
 
-	jwt "github.com/dgrijalva/jwt-go"
-	"github.com/golang/glog"
-)
-
-const (
-	Issuer = "kubernetes/serviceaccount"
-
-	SubjectClaim            = "sub"
-	IssuerClaim             = "iss"
-	ServiceAccountNameClaim = "kubernetes.io/serviceaccount/service-account.name"
-	ServiceAccountUIDClaim  = "kubernetes.io/serviceaccount/service-account.uid"
-	SecretNameClaim         = "kubernetes.io/serviceaccount/secret.name"
-	NamespaceClaim          = "kubernetes.io/serviceaccount/namespace"
+	jose "gopkg.in/square/go-jose.v2"
+	"gopkg.in/square/go-jose.v2/jwt"
 )
 
 // ServiceAccountTokenGetter defines functions to retrieve a named service account and secret
 type ServiceAccountTokenGetter interface {
 	GetServiceAccount(namespace, name string) (*v1.ServiceAccount, error)
+	GetPod(namespace, name string) (*v1.Pod, error)
 	GetSecret(namespace, name string) (*v1.Secret, error)
 }
 
 type TokenGenerator interface {
-	// GenerateToken generates a token which will identify the given ServiceAccount.
-	// The returned token will be stored in the given (and yet-unpersisted) Secret.
-	GenerateToken(serviceAccount v1.ServiceAccount, secret v1.Secret) (string, error)
+	// GenerateToken generates a token which will identify the given
+	// ServiceAccount. privateClaims is an interface that will be
+	// serialized into the JWT payload JSON encoding at the root level of
+	// the payload object. Public claims take precedent over private
+	// claims i.e. if both claims and privateClaims have an "exp" field,
+	// the value in claims will be used.
+	GenerateToken(claims *jwt.Claims, privateClaims interface{}) (string, error)
 }
 
 // JWTTokenGenerator returns a TokenGenerator that generates signed JWT tokens, using the given privateKey.
 // privateKey is a PEM-encoded byte array of a private RSA key.
 // JWTTokenAuthenticator()
-func JWTTokenGenerator(privateKey interface{}) TokenGenerator {
-	return &jwtTokenGenerator{privateKey}
+func JWTTokenGenerator(iss string, privateKey interface{}) TokenGenerator {
+	return &jwtTokenGenerator{
+		iss:        iss,
+		privateKey: privateKey,
+	}
 }
 
 type jwtTokenGenerator struct {
+	iss        string
 	privateKey interface{}
 }
 
-func (j *jwtTokenGenerator) GenerateToken(serviceAccount v1.ServiceAccount, secret v1.Secret) (string, error) {
-	var method jwt.SigningMethod
+func (j *jwtTokenGenerator) GenerateToken(claims *jwt.Claims, privateClaims interface{}) (string, error) {
+	var alg jose.SignatureAlgorithm
 	switch privateKey := j.privateKey.(type) {
 	case *rsa.PrivateKey:
-		method = jwt.SigningMethodRS256
+		alg = jose.RS256
 	case *ecdsa.PrivateKey:
 		switch privateKey.Curve {
 		case elliptic.P256():
-			method = jwt.SigningMethodES256
+			alg = jose.ES256
 		case elliptic.P384():
-			method = jwt.SigningMethodES384
+			alg = jose.ES384
 		case elliptic.P521():
-			method = jwt.SigningMethodES512
+			alg = jose.ES512
 		default:
 			return "", fmt.Errorf("unknown private key curve, must be 256, 384, or 521")
 		}
@@ -87,164 +87,126 @@ func (j *jwtTokenGenerator) GenerateToken(serviceAccount v1.ServiceAccount, secr
 		return "", fmt.Errorf("unknown private key type %T, must be *rsa.PrivateKey or *ecdsa.PrivateKey", j.privateKey)
 	}
 
-	token := jwt.New(method)
-
-	claims, _ := token.Claims.(jwt.MapClaims)
-
-	// Identify the issuer
-	claims[IssuerClaim] = Issuer
-
-	// Username
-	claims[SubjectClaim] = apiserverserviceaccount.MakeUsername(serviceAccount.Namespace, serviceAccount.Name)
-
-	// Persist enough structured info for the authenticator to be able to look up the service account and secret
-	claims[NamespaceClaim] = serviceAccount.Namespace
-	claims[ServiceAccountNameClaim] = serviceAccount.Name
-	claims[ServiceAccountUIDClaim] = serviceAccount.UID
-	claims[SecretNameClaim] = secret.Name
+	signer, err := jose.NewSigner(
+		jose.SigningKey{
+			Algorithm: alg,
+			Key:       j.privateKey,
+		},
+		nil,
+	)
+	if err != nil {
+		return "", err
+	}
 
-	// Sign and get the complete encoded token as a string
-	return token.SignedString(j.privateKey)
+	// claims are applied in reverse precedence
+	return jwt.Signed(signer).
+		Claims(privateClaims).
+		Claims(claims).
+		Claims(&jwt.Claims{
+			Issuer: j.iss,
+		}).
+		CompactSerialize()
 }
 
 // JWTTokenAuthenticator authenticates tokens as JWT tokens produced by JWTTokenGenerator
 // Token signatures are verified using each of the given public keys until one works (allowing key rotation)
 // If lookup is true, the service account and secret referenced as claims inside the token are retrieved and verified with the provided ServiceAccountTokenGetter
-func JWTTokenAuthenticator(keys []interface{}, lookup bool, getter ServiceAccountTokenGetter) authenticator.Token {
-	return &jwtTokenAuthenticator{keys, lookup, getter}
+func JWTTokenAuthenticator(iss string, keys []interface{}, validator Validator) authenticator.Token {
+	return &jwtTokenAuthenticator{
+		iss:       iss,
+		keys:      keys,
+		validator: validator,
+	}
 }
 
 type jwtTokenAuthenticator struct {
-	keys   []interface{}
-	lookup bool
-	getter ServiceAccountTokenGetter
+	iss       string
+	keys      []interface{}
+	validator Validator
 }
 
-var errMismatchedSigningMethod = errors.New("invalid signing method")
+// Validator is called by the JWT token authentictaor to apply domain specific
+// validation to a token and extract user information.
+type Validator interface {
+	// Validate validates a token and returns user information or an error.
+	// Validator can assume that the issuer and signature of a token are already
+	// verified when this function is called.
+	Validate(tokenData string, public *jwt.Claims, private interface{}) (namespace, name, uid string, err error)
+	// NewPrivateClaims returns a struct that the authenticator should
+	// deserialize the JWT payload into. The authenticator may then pass this
+	// struct back to the Validator as the 'private' argument to a Validate()
+	// call. This struct should contain fields for any private claims that the
+	// Validator requires to validate the JWT.
+	NewPrivateClaims() interface{}
+}
 
-func (j *jwtTokenAuthenticator) AuthenticateToken(token string) (user.Info, bool, error) {
-	var validationError error
-
-	for i, key := range j.keys {
-		// Attempt to verify with each key until we find one that works
-		parsedToken, err := jwt.Parse(token, func(token *jwt.Token) (interface{}, error) {
-			switch token.Method.(type) {
-			case *jwt.SigningMethodRSA:
-				if _, ok := key.(*rsa.PublicKey); ok {
-					return key, nil
-				}
-				return nil, errMismatchedSigningMethod
-			case *jwt.SigningMethodECDSA:
-				if _, ok := key.(*ecdsa.PublicKey); ok {
-					return key, nil
-				}
-				return nil, errMismatchedSigningMethod
-			default:
-				return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
-			}
-		})
-
-		if err != nil {
-			switch err := err.(type) {
-			case *jwt.ValidationError:
-				if (err.Errors & jwt.ValidationErrorMalformed) != 0 {
-					// Not a JWT, no point in continuing
-					return nil, false, nil
-				}
-
-				if (err.Errors & jwt.ValidationErrorSignatureInvalid) != 0 {
-					// Signature error, perhaps one of the other keys will verify the signature
-					// If not, we want to return this error
-					glog.V(4).Infof("Signature error (key %d): %v", i, err)
-					validationError = err
-					continue
-				}
-
-				// This key doesn't apply to the given signature type
-				// Perhaps one of the other keys will verify the signature
-				// If not, we want to return this error
-				if err.Inner == errMismatchedSigningMethod {
-					glog.V(4).Infof("Mismatched key type (key %d): %v", i, err)
-					validationError = err
-					continue
-				}
-			}
-
-			// Other errors should just return as errors
-			return nil, false, err
-		}
+var errMismatchedSigningMethod = errors.New("invalid signing method")
 
-		// If we get here, we have a token with a recognized signature
+func (j *jwtTokenAuthenticator) AuthenticateToken(tokenData string) (user.Info, bool, error) {
+	if !j.hasCorrectIssuer(tokenData) {
+		return nil, false, nil
+	}
 
-		claims, _ := parsedToken.Claims.(jwt.MapClaims)
+	tok, err := jwt.ParseSigned(tokenData)
+	if err != nil {
+		return nil, false, nil
+	}
 
-		// Make sure we issued the token
-		iss, _ := claims[IssuerClaim].(string)
-		if iss != Issuer {
-			return nil, false, nil
+	public := &jwt.Claims{}
+	private := j.validator.NewPrivateClaims()
+
+	var (
+		found   bool
+		errlist []error
+	)
+	for _, key := range j.keys {
+		if err := tok.Claims(key, public, private); err != nil {
+			errlist = append(errlist, err)
+			continue
 		}
+		found = true
+		break
+	}
 
-		// Make sure the claims we need exist
-		sub, _ := claims[SubjectClaim].(string)
-		if len(sub) == 0 {
-			return nil, false, errors.New("sub claim is missing")
-		}
-		namespace, _ := claims[NamespaceClaim].(string)
-		if len(namespace) == 0 {
-			return nil, false, errors.New("namespace claim is missing")
-		}
-		secretName, _ := claims[SecretNameClaim].(string)
-		if len(namespace) == 0 {
-			return nil, false, errors.New("secretName claim is missing")
-		}
-		serviceAccountName, _ := claims[ServiceAccountNameClaim].(string)
-		if len(serviceAccountName) == 0 {
-			return nil, false, errors.New("serviceAccountName claim is missing")
-		}
-		serviceAccountUID, _ := claims[ServiceAccountUIDClaim].(string)
-		if len(serviceAccountUID) == 0 {
-			return nil, false, errors.New("serviceAccountUID claim is missing")
-		}
+	if !found {
+		return nil, false, utilerrors.NewAggregate(errlist)
+	}
 
-		subjectNamespace, subjectName, err := apiserverserviceaccount.SplitUsername(sub)
-		if err != nil || subjectNamespace != namespace || subjectName != serviceAccountName {
-			return nil, false, errors.New("sub claim is invalid")
-		}
+	// If we get here, we have a token with a recognized signature and
+	// issuer string.
+	ns, name, uid, err := j.validator.Validate(tokenData, public, private)
+	if err != nil {
+		return nil, false, err
+	}
 
-		if j.lookup {
-			// Make sure token hasn't been invalidated by deletion of the secret
-			secret, err := j.getter.GetSecret(namespace, secretName)
-			if err != nil {
-				glog.V(4).Infof("Could not retrieve token %s/%s for service account %s/%s: %v", namespace, secretName, namespace, serviceAccountName, err)
-				return nil, false, errors.New("Token has been invalidated")
-			}
-			if secret.DeletionTimestamp != nil {
-				glog.V(4).Infof("Token is deleted and awaiting removal: %s/%s for service account %s/%s", namespace, secretName, namespace, serviceAccountName)
-				return nil, false, errors.New("Token has been invalidated")
-			}
-			if bytes.Compare(secret.Data[v1.ServiceAccountTokenKey], []byte(token)) != 0 {
-				glog.V(4).Infof("Token contents no longer matches %s/%s for service account %s/%s", namespace, secretName, namespace, serviceAccountName)
-				return nil, false, errors.New("Token does not match server's copy")
-			}
-
-			// Make sure service account still exists (name and UID)
-			serviceAccount, err := j.getter.GetServiceAccount(namespace, serviceAccountName)
-			if err != nil {
-				glog.V(4).Infof("Could not retrieve service account %s/%s: %v", namespace, serviceAccountName, err)
-				return nil, false, err
-			}
-			if serviceAccount.DeletionTimestamp != nil {
-				glog.V(4).Infof("Service account has been deleted %s/%s", namespace, serviceAccountName)
-				return nil, false, fmt.Errorf("ServiceAccount %s/%s has been deleted", namespace, serviceAccountName)
-			}
-			if string(serviceAccount.UID) != serviceAccountUID {
-				glog.V(4).Infof("Service account UID no longer matches %s/%s: %q != %q", namespace, serviceAccountName, string(serviceAccount.UID), serviceAccountUID)
-				return nil, false, fmt.Errorf("ServiceAccount UID (%s) does not match claim (%s)", serviceAccount.UID, serviceAccountUID)
-			}
-		}
+	return UserInfo(ns, name, uid), true, nil
+}
 
-		return UserInfo(namespace, serviceAccountName, serviceAccountUID), true, nil
+// hasCorrectIssuer returns true if tokenData is a valid JWT in compact
+// serialization format and the "iss" claim matches the iss field of this token
+// authenticator, and otherwise returns false.
+//
+// Note: go-jose currently does not allow access to unverified JWS payloads.
+// See https://github.com/square/go-jose/issues/169
+func (j *jwtTokenAuthenticator) hasCorrectIssuer(tokenData string) bool {
+	parts := strings.Split(tokenData, ".")
+	if len(parts) != 3 {
+		return false
+	}
+	payload, err := base64.RawURLEncoding.DecodeString(parts[1])
+	if err != nil {
+		return false
+	}
+	claims := struct {
+		// WARNING: this JWT is not verified. Do not trust these claims.
+		Issuer string `json:"iss"`
+	}{}
+	if err := json.Unmarshal(payload, &claims); err != nil {
+		return false
+	}
+	if claims.Issuer != j.iss {
+		return false
 	}
+	return true
 
-	return nil, false, validationError
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/serviceaccount/legacy.go b/vendor/k8s.io/kubernetes/pkg/serviceaccount/legacy.go
new file mode 100644
index 000000000000..5055db7cb763
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/serviceaccount/legacy.go
@@ -0,0 +1,135 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package serviceaccount
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+
+	"k8s.io/api/core/v1"
+	apiserverserviceaccount "k8s.io/apiserver/pkg/authentication/serviceaccount"
+
+	"github.com/golang/glog"
+	"gopkg.in/square/go-jose.v2/jwt"
+)
+
+func LegacyClaims(serviceAccount v1.ServiceAccount, secret v1.Secret) (*jwt.Claims, interface{}) {
+	return &jwt.Claims{
+			Subject: apiserverserviceaccount.MakeUsername(serviceAccount.Namespace, serviceAccount.Name),
+		}, &legacyPrivateClaims{
+			Namespace:          serviceAccount.Namespace,
+			ServiceAccountName: serviceAccount.Name,
+			ServiceAccountUID:  string(serviceAccount.UID),
+			SecretName:         secret.Name,
+		}
+}
+
+const LegacyIssuer = "kubernetes/serviceaccount"
+
+type legacyPrivateClaims struct {
+	ServiceAccountName string `json:"kubernetes.io/serviceaccount/service-account.name"`
+	ServiceAccountUID  string `json:"kubernetes.io/serviceaccount/service-account.uid"`
+	SecretName         string `json:"kubernetes.io/serviceaccount/secret.name"`
+	Namespace          string `json:"kubernetes.io/serviceaccount/namespace"`
+}
+
+func NewLegacyValidator(lookup bool, getter ServiceAccountTokenGetter) Validator {
+	return &legacyValidator{
+		lookup: lookup,
+		getter: getter,
+	}
+}
+
+type legacyValidator struct {
+	lookup bool
+	getter ServiceAccountTokenGetter
+}
+
+var _ = Validator(&legacyValidator{})
+
+func (v *legacyValidator) Validate(tokenData string, public *jwt.Claims, privateObj interface{}) (string, string, string, error) {
+	private, ok := privateObj.(*legacyPrivateClaims)
+	if !ok {
+		glog.Errorf("jwt validator expected private claim of type *legacyPrivateClaims but got: %T", privateObj)
+		return "", "", "", errors.New("Token could not be validated.")
+	}
+
+	// Make sure the claims we need exist
+	if len(public.Subject) == 0 {
+		return "", "", "", errors.New("sub claim is missing")
+	}
+	namespace := private.Namespace
+	if len(namespace) == 0 {
+		return "", "", "", errors.New("namespace claim is missing")
+	}
+	secretName := private.SecretName
+	if len(secretName) == 0 {
+		return "", "", "", errors.New("secretName claim is missing")
+	}
+	serviceAccountName := private.ServiceAccountName
+	if len(serviceAccountName) == 0 {
+		return "", "", "", errors.New("serviceAccountName claim is missing")
+	}
+	serviceAccountUID := private.ServiceAccountUID
+	if len(serviceAccountUID) == 0 {
+		return "", "", "", errors.New("serviceAccountUID claim is missing")
+	}
+
+	subjectNamespace, subjectName, err := apiserverserviceaccount.SplitUsername(public.Subject)
+	if err != nil || subjectNamespace != namespace || subjectName != serviceAccountName {
+		return "", "", "", errors.New("sub claim is invalid")
+	}
+
+	if v.lookup {
+		// Make sure token hasn't been invalidated by deletion of the secret
+		secret, err := v.getter.GetSecret(namespace, secretName)
+		if err != nil {
+			glog.V(4).Infof("Could not retrieve token %s/%s for service account %s/%s: %v", namespace, secretName, namespace, serviceAccountName, err)
+			return "", "", "", errors.New("Token has been invalidated")
+		}
+		if secret.DeletionTimestamp != nil {
+			glog.V(4).Infof("Token is deleted and awaiting removal: %s/%s for service account %s/%s", namespace, secretName, namespace, serviceAccountName)
+			return "", "", "", errors.New("Token has been invalidated")
+		}
+		if bytes.Compare(secret.Data[v1.ServiceAccountTokenKey], []byte(tokenData)) != 0 {
+			glog.V(4).Infof("Token contents no longer matches %s/%s for service account %s/%s", namespace, secretName, namespace, serviceAccountName)
+			return "", "", "", errors.New("Token does not match server's copy")
+		}
+
+		// Make sure service account still exists (name and UID)
+		serviceAccount, err := v.getter.GetServiceAccount(namespace, serviceAccountName)
+		if err != nil {
+			glog.V(4).Infof("Could not retrieve service account %s/%s: %v", namespace, serviceAccountName, err)
+			return "", "", "", err
+		}
+		if serviceAccount.DeletionTimestamp != nil {
+			glog.V(4).Infof("Service account has been deleted %s/%s", namespace, serviceAccountName)
+			return "", "", "", fmt.Errorf("ServiceAccount %s/%s has been deleted", namespace, serviceAccountName)
+		}
+		if string(serviceAccount.UID) != serviceAccountUID {
+			glog.V(4).Infof("Service account UID no longer matches %s/%s: %q != %q", namespace, serviceAccountName, string(serviceAccount.UID), serviceAccountUID)
+			return "", "", "", fmt.Errorf("ServiceAccount UID (%s) does not match claim (%s)", serviceAccount.UID, serviceAccountUID)
+		}
+	}
+
+	return private.Namespace, private.ServiceAccountName, private.ServiceAccountUID, nil
+}
+
+func (v *legacyValidator) NewPrivateClaims() interface{} {
+	return &legacyPrivateClaims{}
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/ssh/BUILD b/vendor/k8s.io/kubernetes/pkg/ssh/BUILD
index 28794b702c4b..3002a8053ab8 100644
--- a/vendor/k8s.io/kubernetes/pkg/ssh/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/ssh/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["ssh_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/ssh",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/golang.org/x/crypto/ssh:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/util/async/BUILD b/vendor/k8s.io/kubernetes/pkg/util/async/BUILD
index a00d4843d7b4..6ea6e5d8d256 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/async/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/async/BUILD
@@ -25,8 +25,7 @@ go_test(
         "bounded_frequency_runner_test.go",
         "runner_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/util/async",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/util/async/bounded_frequency_runner.go b/vendor/k8s.io/kubernetes/pkg/util/async/bounded_frequency_runner.go
index da6fc2a4f8fa..f03a7ec2d5d2 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/async/bounded_frequency_runner.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/async/bounded_frequency_runner.go
@@ -109,7 +109,7 @@ var _ timer = realTimer{}
 // multiple runs are serialized. If the function needs to hold locks, it must
 // take them internally.
 //
-// Runs of the funtion will have at least minInterval between them (from
+// Runs of the function will have at least minInterval between them (from
 // completion to next start), except that up to bursts may be allowed.  Burst
 // runs are "accumulated" over time, one per minInterval up to burstRuns total.
 // This can be used, for example, to mitigate the impact of expensive operations
diff --git a/vendor/k8s.io/kubernetes/pkg/util/bandwidth/BUILD b/vendor/k8s.io/kubernetes/pkg/util/bandwidth/BUILD
index f440a61cef4c..c78108a2a3a1 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/bandwidth/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/bandwidth/BUILD
@@ -12,19 +12,48 @@ go_library(
         "doc.go",
         "fake_shaper.go",
         "interfaces.go",
-        "unsupported.go",
         "utils.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "linux.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "unsupported.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/util/bandwidth",
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/github.com/golang/glog:go_default_library",
             "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
             "//vendor/k8s.io/utils/exec:go_default_library",
@@ -38,19 +67,18 @@ go_test(
     srcs = [
         "utils_test.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "linux_test.go",
         ],
         "//conditions:default": [],
     }),
-    importpath = "k8s.io/kubernetes/pkg/util/bandwidth",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/k8s.io/utils/exec:go_default_library",
             "//vendor/k8s.io/utils/exec/testing:go_default_library",
         ],
diff --git a/vendor/k8s.io/kubernetes/pkg/util/bandwidth/linux.go b/vendor/k8s.io/kubernetes/pkg/util/bandwidth/linux.go
index 539e0588f9f6..b8936a34f014 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/bandwidth/linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/bandwidth/linux.go
@@ -128,15 +128,15 @@ func asciiCIDR(cidr string) (string, error) {
 	return fmt.Sprintf("%s/%d", ip.String(), size), nil
 }
 
-func (t *tcShaper) findCIDRClass(cidr string) (class, handle string, found bool, err error) {
+func (t *tcShaper) findCIDRClass(cidr string) (classAndHandleList [][]string, found bool, err error) {
 	data, err := t.e.Command("tc", "filter", "show", "dev", t.iface).CombinedOutput()
 	if err != nil {
-		return "", "", false, err
+		return classAndHandleList, false, err
 	}
 
 	hex, err := hexCIDR(cidr)
 	if err != nil {
-		return "", "", false, err
+		return classAndHandleList, false, err
 	}
 	spec := fmt.Sprintf("match %s", hex)
 
@@ -156,12 +156,17 @@ func (t *tcShaper) findCIDRClass(cidr string) (class, handle string, found bool,
 			// expected tc line:
 			// filter parent 1: protocol ip pref 1 u32 fh 800::800 order 2048 key ht 800 bkt 0 flowid 1:1
 			if len(parts) != 19 {
-				return "", "", false, fmt.Errorf("unexpected output from tc: %s %d (%v)", filter, len(parts), parts)
+				return classAndHandleList, false, fmt.Errorf("unexpected output from tc: %s %d (%v)", filter, len(parts), parts)
+			} else {
+				resultTmp := []string{parts[18], parts[9]}
+				classAndHandleList = append(classAndHandleList, resultTmp)
 			}
-			return parts[18], parts[9], true, nil
 		}
 	}
-	return "", "", false, nil
+	if len(classAndHandleList) > 0 {
+		return classAndHandleList, true, nil
+	}
+	return classAndHandleList, false, nil
 }
 
 func makeKBitString(rsrc *resource.Quantity) string {
@@ -237,7 +242,7 @@ func (t *tcShaper) interfaceExists() (bool, string, error) {
 }
 
 func (t *tcShaper) ReconcileCIDR(cidr string, upload, download *resource.Quantity) error {
-	_, _, found, err := t.findCIDRClass(cidr)
+	_, found, err := t.findCIDRClass(cidr)
 	if err != nil {
 		return err
 	}
@@ -272,22 +277,31 @@ func (t *tcShaper) initializeInterface() error {
 }
 
 func (t *tcShaper) Reset(cidr string) error {
-	class, handle, found, err := t.findCIDRClass(cidr)
+	classAndHandle, found, err := t.findCIDRClass(cidr)
 	if err != nil {
 		return err
 	}
 	if !found {
 		return fmt.Errorf("Failed to find cidr: %s on interface: %s", cidr, t.iface)
 	}
-	if err := t.execAndLog("tc", "filter", "del",
-		"dev", t.iface,
-		"parent", "1:",
-		"proto", "ip",
-		"prio", "1",
-		"handle", handle, "u32"); err != nil {
-		return err
+	for i := 0; i < len(classAndHandle); i++ {
+		if err := t.execAndLog("tc", "filter", "del",
+			"dev", t.iface,
+			"parent", "1:",
+			"proto", "ip",
+			"prio", "1",
+			"handle", classAndHandle[i][1], "u32"); err != nil {
+			return err
+		}
+		if err := t.execAndLog("tc", "class", "del",
+			"dev", t.iface,
+			"parent", "1:",
+			"classid", classAndHandle[i][0]); err != nil {
+			return err
+		}
 	}
-	return t.execAndLog("tc", "class", "del", "dev", t.iface, "parent", "1:", "classid", class)
+	return nil
+
 }
 
 func (t *tcShaper) deleteInterface(class string) error {
diff --git a/vendor/k8s.io/kubernetes/pkg/util/config/BUILD b/vendor/k8s.io/kubernetes/pkg/util/config/BUILD
index 68bf1ccc1077..88a1773f603d 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/config/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/config/BUILD
@@ -19,8 +19,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["config_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/config",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/util/configz/BUILD b/vendor/k8s.io/kubernetes/pkg/util/configz/BUILD
index 2fbc52d4c92f..0df832aa55db 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/configz/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/configz/BUILD
@@ -15,8 +15,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["configz_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/configz",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/util/conntrack/BUILD b/vendor/k8s.io/kubernetes/pkg/util/conntrack/BUILD
new file mode 100644
index 000000000000..a17d15316cb2
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/util/conntrack/BUILD
@@ -0,0 +1,43 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "conntrack.go",
+    ],
+    importpath = "k8s.io/kubernetes/pkg/util/conntrack",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//pkg/util/net:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/utils/exec:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = [
+        "conntrack_test.go",
+    ],
+    embed = [":go_default_library"],
+    deps = [
+        "//pkg/util/net:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/utils/exec:go_default_library",
+        "//vendor/k8s.io/utils/exec/testing:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/util/conntrack.go b/vendor/k8s.io/kubernetes/pkg/util/conntrack/conntrack.go
similarity index 63%
rename from vendor/k8s.io/kubernetes/pkg/proxy/util/conntrack.go
rename to vendor/k8s.io/kubernetes/pkg/util/conntrack/conntrack.go
index d99d61b5dbd5..353bc0d0c25f 100644
--- a/vendor/k8s.io/kubernetes/pkg/proxy/util/conntrack.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/conntrack/conntrack.go
@@ -14,28 +14,25 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package util
+package conntrack
 
 import (
 	"fmt"
-	"net"
 	"strconv"
 	"strings"
 
+	"k8s.io/api/core/v1"
+	utilnet "k8s.io/kubernetes/pkg/util/net"
 	"k8s.io/utils/exec"
 )
 
 // Utilities for dealing with conntrack
 
+// NoConnectionToDelete is the error string returned by conntrack when no matching connections are found
 const NoConnectionToDelete = "0 flow entries have been deleted"
 
-func IsIPv6(netIP net.IP) bool {
-	return netIP != nil && netIP.To4() == nil
-}
-
-func IsIPv6String(ip string) bool {
-	netIP := net.ParseIP(ip)
-	return IsIPv6(netIP)
+func protoStr(proto v1.Protocol) string {
+	return strings.ToLower(string(proto))
 }
 
 func parametersWithFamily(isIPv6 bool, parameters ...string) []string {
@@ -45,11 +42,11 @@ func parametersWithFamily(isIPv6 bool, parameters ...string) []string {
 	return parameters
 }
 
-// ClearUDPConntrackForIP uses the conntrack tool to delete the conntrack entries
+// ClearEntriesForIP uses the conntrack tool to delete the conntrack entries
 // for the UDP connections specified by the given service IP
-func ClearUDPConntrackForIP(execer exec.Interface, ip string) error {
-	parameters := parametersWithFamily(IsIPv6String(ip), "-D", "--orig-dst", ip, "-p", "udp")
-	err := ExecConntrackTool(execer, parameters...)
+func ClearEntriesForIP(execer exec.Interface, ip string, protocol v1.Protocol) error {
+	parameters := parametersWithFamily(utilnet.IsIPv6String(ip), "-D", "--orig-dst", ip, "-p", protoStr(protocol))
+	err := Exec(execer, parameters...)
 	if err != nil && !strings.Contains(err.Error(), NoConnectionToDelete) {
 		// TODO: Better handling for deletion failure. When failure occur, stale udp connection may not get flushed.
 		// These stale udp connection will keep black hole traffic. Making this a best effort operation for now, since it
@@ -59,8 +56,8 @@ func ClearUDPConntrackForIP(execer exec.Interface, ip string) error {
 	return nil
 }
 
-// ExecConntrackTool executes the conntrack tool using the given parameters
-func ExecConntrackTool(execer exec.Interface, parameters ...string) error {
+// Exec executes the conntrack tool using the given parameters
+func Exec(execer exec.Interface, parameters ...string) error {
 	conntrackPath, err := execer.LookPath("conntrack")
 	if err != nil {
 		return fmt.Errorf("error looking for path of conntrack: %v", err)
@@ -72,29 +69,36 @@ func ExecConntrackTool(execer exec.Interface, parameters ...string) error {
 	return nil
 }
 
-// ClearUDPConntrackForPort uses the conntrack tool to delete the conntrack entries
-// for the UDP connections specified by the port.
+// Exists returns true if conntrack binary is installed.
+func Exists(execer exec.Interface) bool {
+	_, err := execer.LookPath("conntrack")
+	return err == nil
+}
+
+// ClearEntriesForPort uses the conntrack tool to delete the conntrack entries
+// for connections specified by the port.
 // When a packet arrives, it will not go through NAT table again, because it is not "the first" packet.
 // The solution is clearing the conntrack. Known issues:
 // https://github.com/docker/docker/issues/8795
 // https://github.com/kubernetes/kubernetes/issues/31983
-func ClearUDPConntrackForPort(execer exec.Interface, port int, isIPv6 bool) error {
+func ClearEntriesForPort(execer exec.Interface, port int, isIPv6 bool, protocol v1.Protocol) error {
 	if port <= 0 {
 		return fmt.Errorf("Wrong port number. The port number must be greater than zero")
 	}
-	parameters := parametersWithFamily(isIPv6, "-D", "-p", "udp", "--dport", strconv.Itoa(port))
-	err := ExecConntrackTool(execer, parameters...)
+	parameters := parametersWithFamily(isIPv6, "-D", "-p", protoStr(protocol), "--dport", strconv.Itoa(port))
+	err := Exec(execer, parameters...)
 	if err != nil && !strings.Contains(err.Error(), NoConnectionToDelete) {
 		return fmt.Errorf("error deleting conntrack entries for UDP port: %d, error: %v", port, err)
 	}
 	return nil
 }
 
-// ClearUDPConntrackForPeers uses the conntrack tool to delete the conntrack entries
-// for the UDP connections specified by the {origin, dest} IP pair.
-func ClearUDPConntrackForPeers(execer exec.Interface, origin, dest string) error {
-	parameters := parametersWithFamily(IsIPv6String(origin), "-D", "--orig-dst", origin, "--dst-nat", dest, "-p", "udp")
-	err := ExecConntrackTool(execer, parameters...)
+// ClearEntriesForNAT uses the conntrack tool to delete the conntrack entries
+// for connections specified by the {origin, dest} IP pair.
+func ClearEntriesForNAT(execer exec.Interface, origin, dest string, protocol v1.Protocol) error {
+	parameters := parametersWithFamily(utilnet.IsIPv6String(origin), "-D", "--orig-dst", origin, "--dst-nat", dest,
+		"-p", protoStr(protocol))
+	err := Exec(execer, parameters...)
 	if err != nil && !strings.Contains(err.Error(), NoConnectionToDelete) {
 		// TODO: Better handling for deletion failure. When failure occur, stale udp connection may not get flushed.
 		// These stale udp connection will keep black hole traffic. Making this a best effort operation for now, since it
diff --git a/vendor/k8s.io/kubernetes/pkg/util/dbus/BUILD b/vendor/k8s.io/kubernetes/pkg/util/dbus/BUILD
index d596d30649f2..6b91c8b6c3ec 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/dbus/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/dbus/BUILD
@@ -20,8 +20,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["dbus_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/dbus",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/github.com/godbus/dbus:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/util/ebtables/BUILD b/vendor/k8s.io/kubernetes/pkg/util/ebtables/BUILD
index 6a9f7f0a71ee..89f51a6db6d0 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/ebtables/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/ebtables/BUILD
@@ -16,8 +16,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["ebtables_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/ebtables",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/utils/exec:go_default_library",
         "//vendor/k8s.io/utils/exec/testing:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/util/env/BUILD b/vendor/k8s.io/kubernetes/pkg/util/env/BUILD
index 3e864094f69a..3300ed0449a5 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/env/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/env/BUILD
@@ -15,8 +15,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["env_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/env",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/github.com/stretchr/testify/assert:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/util/file/BUILD b/vendor/k8s.io/kubernetes/pkg/util/file/BUILD
index 325d1da146ea..299528ca00fb 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/file/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/file/BUILD
@@ -28,8 +28,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["file_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/file",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/spf13/afero:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/util/flag/BUILD b/vendor/k8s.io/kubernetes/pkg/util/flag/BUILD
new file mode 100644
index 000000000000..2295ae5fb044
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/util/flag/BUILD
@@ -0,0 +1,29 @@
+package(default_visibility = ["//visibility:public"])
+
+load(
+    "@io_bazel_rules_go//go:def.bzl",
+    "go_library",
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = ["flags.go"],
+    importpath = "k8s.io/kubernetes/pkg/util/flag",
+    deps = [
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/github.com/spf13/pflag:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/util/flag/flags.go b/vendor/k8s.io/kubernetes/pkg/util/flag/flags.go
new file mode 100644
index 000000000000..e55bac1121c0
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/util/flag/flags.go
@@ -0,0 +1,29 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package flag
+
+import (
+	"github.com/golang/glog"
+	"github.com/spf13/pflag"
+)
+
+// PrintFlags logs the flags in the flagset
+func PrintFlags(flags *pflag.FlagSet) {
+	flags.VisitAll(func(flag *pflag.Flag) {
+		glog.V(1).Infof("FLAG: --%s=%q", flag.Name, flag.Value)
+	})
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/util/flock/BUILD b/vendor/k8s.io/kubernetes/pkg/util/flock/BUILD
index ef9212a2075b..040ed5d0c976 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/flock/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/flock/BUILD
@@ -7,23 +7,60 @@ load(
 
 go_library(
     name = "go_default_library",
-    srcs = [
-        "flock_other.go",
-    ] + select({
-        "@io_bazel_rules_go//go/platform:darwin_amd64": [
+    srcs = select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "flock_other.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "flock_unix.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
             "flock_unix.go",
         ],
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:freebsd": [
             "flock_unix.go",
         ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "flock_unix.go",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "flock_other.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "flock_unix.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "flock_unix.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "flock_other.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "flock_other.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "flock_other.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/util/flock",
     deps = select({
-        "@io_bazel_rules_go//go/platform:darwin_amd64": [
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
             "//vendor/golang.org/x/sys/unix:go_default_library",
         ],
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:openbsd": [
             "//vendor/golang.org/x/sys/unix:go_default_library",
         ],
         "//conditions:default": [],
diff --git a/vendor/k8s.io/kubernetes/pkg/util/goroutinemap/BUILD b/vendor/k8s.io/kubernetes/pkg/util/goroutinemap/BUILD
index fe6895f0a6c6..9f6bff29bd18 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/goroutinemap/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/goroutinemap/BUILD
@@ -20,8 +20,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["goroutinemap_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/goroutinemap",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/util/goroutinemap/goroutinemap.go b/vendor/k8s.io/kubernetes/pkg/util/goroutinemap/goroutinemap.go
index b28ca30a6157..474e1215cc38 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/goroutinemap/goroutinemap.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/goroutinemap/goroutinemap.go
@@ -24,27 +24,12 @@ package goroutinemap
 import (
 	"fmt"
 	"sync"
-	"time"
 
 	"github.com/golang/glog"
 	k8sRuntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/kubernetes/pkg/util/goroutinemap/exponentialbackoff"
 )
 
-const (
-	// initialDurationBeforeRetry is the amount of time after an error occurs
-	// that GoRoutineMap will refuse to allow another operation to start with
-	// the same operation name (if exponentialBackOffOnError is enabled). Each
-	// successive error results in a wait 2x times the previous.
-	initialDurationBeforeRetry = 500 * time.Millisecond
-
-	// maxDurationBeforeRetry is the maximum amount of time that
-	// durationBeforeRetry will grow to due to exponential backoff.
-	// Value is slightly offset from 2 minutes to make timeouts due to this
-	// constant recognizable.
-	maxDurationBeforeRetry = 2*time.Minute + 1*time.Second
-)
-
 // GoRoutineMap defines a type that can run named goroutines and track their
 // state.  It prevents the creation of multiple goroutines with the same name
 // and may prevent recreation of a goroutine until after the a backoff time
diff --git a/vendor/k8s.io/kubernetes/pkg/util/hash/BUILD b/vendor/k8s.io/kubernetes/pkg/util/hash/BUILD
index bafca6ba8bcc..93b2b3edff6f 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/hash/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/hash/BUILD
@@ -16,8 +16,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["hash_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/hash",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/github.com/davecgh/go-spew/spew:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/util/io/BUILD b/vendor/k8s.io/kubernetes/pkg/util/io/BUILD
index da3218fb232e..93de0dcba440 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/io/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/io/BUILD
@@ -12,7 +12,10 @@ go_library(
         "writer.go",
     ],
     importpath = "k8s.io/kubernetes/pkg/util/io",
-    deps = ["//vendor/github.com/golang/glog:go_default_library"],
+    deps = [
+        "//pkg/util/nsenter:go_default_library",
+        "//vendor/github.com/golang/glog:go_default_library",
+    ],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/util/io/writer.go b/vendor/k8s.io/kubernetes/pkg/util/io/writer.go
index 5d0f1703ebc3..8d1d9964e0d9 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/io/writer.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/io/writer.go
@@ -21,7 +21,8 @@ import (
 	"fmt"
 	"io/ioutil"
 	"os"
-	"os/exec"
+
+	"k8s.io/kubernetes/pkg/util/nsenter"
 
 	"github.com/golang/glog"
 )
@@ -54,25 +55,20 @@ type NsenterWriter struct{}
 // WriteFile calls 'nsenter cat - > <the file>' and 'nsenter chmod' to create a
 // file on the host.
 func (writer *NsenterWriter) WriteFile(filename string, data []byte, perm os.FileMode) error {
-	cmd := "nsenter"
-	baseArgs := []string{
-		"--mount=/rootfs/proc/1/ns/mnt",
-		"--",
-	}
-
-	echoArgs := append(baseArgs, "sh", "-c", fmt.Sprintf("cat > %s", filename))
-	glog.V(5).Infof("Command to write data to file: %v %v", cmd, echoArgs)
-	command := exec.Command(cmd, echoArgs...)
-	command.Stdin = bytes.NewBuffer(data)
+	ne := nsenter.NewNsenter()
+	echoArgs := []string{"-c", fmt.Sprintf("cat > %s", filename)}
+	glog.V(5).Infof("nsenter: write data to file %s by nsenter", filename)
+	command := ne.Exec("sh", echoArgs)
+	command.SetStdin(bytes.NewBuffer(data))
 	outputBytes, err := command.CombinedOutput()
 	if err != nil {
 		glog.Errorf("Output from writing to %q: %v", filename, string(outputBytes))
 		return err
 	}
 
-	chmodArgs := append(baseArgs, "chmod", fmt.Sprintf("%o", perm), filename)
-	glog.V(5).Infof("Command to change permissions to file: %v %v", cmd, chmodArgs)
-	outputBytes, err = exec.Command(cmd, chmodArgs...).CombinedOutput()
+	chmodArgs := []string{fmt.Sprintf("%o", perm), filename}
+	glog.V(5).Infof("nsenter: change permissions of file %s to %s", filename, chmodArgs[0])
+	outputBytes, err = ne.Exec("chmod", chmodArgs).CombinedOutput()
 	if err != nil {
 		glog.Errorf("Output from chmod command: %v", string(outputBytes))
 		return err
diff --git a/vendor/k8s.io/kubernetes/pkg/util/ipconfig/BUILD b/vendor/k8s.io/kubernetes/pkg/util/ipconfig/BUILD
index f452283eab73..ffcecee10316 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/ipconfig/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/ipconfig/BUILD
@@ -22,8 +22,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["ipconfig_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/ipconfig",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/utils/exec:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/util/ipset/BUILD b/vendor/k8s.io/kubernetes/pkg/util/ipset/BUILD
index 20f172c010e0..c58b32ebddd0 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/ipset/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/ipset/BUILD
@@ -8,14 +8,16 @@ go_library(
     ],
     importpath = "k8s.io/kubernetes/pkg/util/ipset",
     visibility = ["//visibility:public"],
-    deps = ["//vendor/k8s.io/utils/exec:go_default_library"],
+    deps = [
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/k8s.io/utils/exec:go_default_library",
+    ],
 )
 
 go_test(
     name = "go_default_test",
     srcs = ["ipset_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/ipset",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/utils/exec:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/util/ipset/OWNERS b/vendor/k8s.io/kubernetes/pkg/util/ipset/OWNERS
new file mode 100644
index 000000000000..30a0de33f72f
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/util/ipset/OWNERS
@@ -0,0 +1,8 @@
+reviewers:
+  - thockin
+  - brendandburns
+  - m1093782566
+approvers:
+  - thockin
+  - brendandburns
+  - m1093782566
diff --git a/vendor/k8s.io/kubernetes/pkg/util/ipset/ipset.go b/vendor/k8s.io/kubernetes/pkg/util/ipset/ipset.go
index ba92bff74bf0..3615caefecb2 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/ipset/ipset.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/ipset/ipset.go
@@ -19,10 +19,12 @@ package ipset
 import (
 	"bytes"
 	"fmt"
+	"net"
 	"regexp"
 	"strconv"
 	"strings"
 
+	"github.com/golang/glog"
 	utilexec "k8s.io/utils/exec"
 )
 
@@ -34,10 +36,10 @@ type Interface interface {
 	DestroySet(set string) error
 	// DestroyAllSets deletes all sets.
 	DestroyAllSets() error
-	// CreateSet creates a new set,  it will ignore error when the set already exists if ignoreExistErr=true.
+	// CreateSet creates a new set.  It will ignore error when the set already exists if ignoreExistErr=true.
 	CreateSet(set *IPSet, ignoreExistErr bool) error
-	// AddEntry adds a new entry to the named set.
-	AddEntry(entry string, set string, ignoreExistErr bool) error
+	// AddEntry adds a new entry to the named set.  It will ignore error when the entry already exists if ignoreExistErr=true.
+	AddEntry(entry string, set *IPSet, ignoreExistErr bool) error
 	// DelEntry deletes one entry from the named set
 	DelEntry(entry string, set string) error
 	// Test test if an entry exists in the named set
@@ -85,6 +87,39 @@ type IPSet struct {
 	MaxElem int
 	// PortRange specifies the port range of bitmap:port type ipset.
 	PortRange string
+	// TODO: add comment message for ipset
+}
+
+// Validate checks if a given ipset is valid or not.
+func (set *IPSet) Validate() bool {
+	// Check if protocol is valid for `HashIPPort`, `HashIPPortIP` and `HashIPPortNet` type set.
+	if set.SetType == HashIPPort || set.SetType == HashIPPortIP || set.SetType == HashIPPortNet {
+		if valid := validateHashFamily(set.HashFamily); !valid {
+			return false
+		}
+	}
+	// check set type
+	if valid := validateIPSetType(set.SetType); !valid {
+		return false
+	}
+	// check port range for bitmap type set
+	if set.SetType == BitmapPort {
+		if valid := validatePortRange(set.PortRange); !valid {
+			return false
+		}
+	}
+	// check hash size value of ipset
+	if set.HashSize <= 0 {
+
+		return false
+	}
+	// check max elem value of ipset
+	if set.MaxElem <= 0 {
+		glog.Errorf("Invalid maxelem value %d, should be >0", set.MaxElem)
+		return false
+	}
+
+	return true
 }
 
 // Entry represents a ipset entry.
@@ -102,10 +137,92 @@ type Entry struct {
 	Net string
 	// IP2 is the entry's second IP.  IP2 may not be empty for `hash:ip,port,ip` type ip set.
 	IP2 string
-	// SetType specifies the type of ip set where the entry exists.
+	// SetType is the type of ipset where the entry exists.
 	SetType Type
 }
 
+// Validate checks if a given ipset entry is valid or not.  The set parameter is the ipset that entry belongs to.
+func (e *Entry) Validate(set *IPSet) bool {
+	if e.Port < 0 {
+		glog.Errorf("Entry %v port number %d should be >=0 for ipset %v", e, e.Port, set)
+		return false
+	}
+	switch e.SetType {
+	case HashIPPort:
+		// set default protocol to tcp if empty
+		if len(e.Protocol) == 0 {
+			e.Protocol = ProtocolTCP
+		}
+
+		if net.ParseIP(e.IP) == nil {
+			glog.Errorf("Error parsing entry %v ip address %v for ipset %v", e, e.IP, set)
+			return false
+		}
+
+		if valid := validateProtocol(e.Protocol); !valid {
+			return false
+		}
+	case HashIPPortIP:
+		// set default protocol to tcp if empty
+		if len(e.Protocol) == 0 {
+			e.Protocol = ProtocolTCP
+		}
+
+		if net.ParseIP(e.IP) == nil {
+			glog.Errorf("Error parsing entry %v ip address %v for ipset %v", e, e.IP, set)
+			return false
+		}
+
+		if valid := validateProtocol(e.Protocol); !valid {
+			return false
+		}
+
+		// IP2 can not be empty for `hash:ip,port,ip` type ip set
+		if net.ParseIP(e.IP2) == nil {
+			glog.Errorf("Error parsing entry %v second ip address %v for ipset %v", e, e.IP2, set)
+			return false
+		}
+	case HashIPPortNet:
+		// set default protocol to tcp if empty
+		if len(e.Protocol) == 0 {
+			e.Protocol = ProtocolTCP
+		}
+
+		if net.ParseIP(e.IP) == nil {
+			glog.Errorf("Error parsing entry %v ip address %v for ipset %v", e, e.IP, set)
+			return false
+		}
+
+		if valid := validateProtocol(e.Protocol); !valid {
+			return false
+		}
+
+		// Net can not be empty for `hash:ip,port,net` type ip set
+		if _, ipNet, _ := net.ParseCIDR(e.Net); ipNet == nil {
+			glog.Errorf("Error parsing entry %v ip net %v for ipset %v", e, e.Net, set)
+			return false
+		}
+	case BitmapPort:
+		// check if port number satisfies its ipset's requirement of port range
+		if set == nil {
+			glog.Errorf("Unable to reference ip set where the entry %v exists", e)
+			return false
+		}
+		begin, end, err := parsePortRange(set.PortRange)
+		if err != nil {
+			glog.Errorf("Failed to parse set %v port range %s for ipset %v, error: %v", set, set.PortRange, set, err)
+			return false
+		}
+		if e.Port < begin || e.Port > end {
+			glog.Errorf("Entry %v port number %d is not in the port range %s of its ipset %v", e, e.Port, set.PortRange, set)
+			return false
+		}
+	}
+
+	return true
+}
+
+// String returns the string format for ipset entry.
 func (e *Entry) String() string {
 	switch e.SetType {
 	case HashIPPort:
@@ -141,28 +258,30 @@ func New(exec utilexec.Interface) Interface {
 
 // CreateSet creates a new set,  it will ignore error when the set already exists if ignoreExistErr=true.
 func (runner *runner) CreateSet(set *IPSet, ignoreExistErr bool) error {
-	// Using default values.
+	// Setting default values if not present
 	if set.HashSize == 0 {
 		set.HashSize = 1024
 	}
 	if set.MaxElem == 0 {
 		set.MaxElem = 65536
 	}
+	// Default protocol is IPv4
 	if set.HashFamily == "" {
 		set.HashFamily = ProtocolFamilyIPV4
 	}
-	if len(set.HashFamily) != 0 && set.HashFamily != ProtocolFamilyIPV4 && set.HashFamily != ProtocolFamilyIPV6 {
-		return fmt.Errorf("Currently supported protocol families are: %s and %s, %s is not supported", ProtocolFamilyIPV4, ProtocolFamilyIPV6, set.HashFamily)
-	}
 	// Default ipset type is "hash:ip,port"
 	if len(set.SetType) == 0 {
 		set.SetType = HashIPPort
 	}
-	// Check if setType is supported
-	if !IsValidIPSetType(set.SetType) {
-		return fmt.Errorf("Currently supported ipset types are: %v, %s is not supported", ValidIPSetTypes, set.SetType)
+	if len(set.PortRange) == 0 {
+		set.PortRange = DefaultPortRange
 	}
 
+	// Validate ipset before creating
+	valid := set.Validate()
+	if !valid {
+		return fmt.Errorf("error creating ipset since it's invalid")
+	}
 	return runner.createSet(set, ignoreExistErr)
 }
 
@@ -178,12 +297,6 @@ func (runner *runner) createSet(set *IPSet, ignoreExistErr bool) error {
 		)
 	}
 	if set.SetType == BitmapPort {
-		if len(set.PortRange) == 0 {
-			set.PortRange = DefaultPortRange
-		}
-		if !validatePortRange(set.PortRange) {
-			return fmt.Errorf("invalid port range for %s type ip set: %s, expect: a-b", BitmapPort, set.PortRange)
-		}
 		args = append(args, "range", set.PortRange)
 	}
 	if ignoreExistErr {
@@ -198,8 +311,8 @@ func (runner *runner) createSet(set *IPSet, ignoreExistErr bool) error {
 // AddEntry adds a new entry to the named set.
 // If the -exist option is specified, ipset ignores the error otherwise raised when
 // the same set (setname and create parameters are identical) already exists.
-func (runner *runner) AddEntry(entry string, set string, ignoreExistErr bool) error {
-	args := []string{"add", set, entry}
+func (runner *runner) AddEntry(entry string, set *IPSet, ignoreExistErr bool) error {
+	args := []string{"add", set.Name, entry}
 	if ignoreExistErr {
 		args = append(args, "-exist")
 	}
@@ -243,8 +356,8 @@ func (runner *runner) FlushSet(set string) error {
 
 // DestroySet is used to destroy a named set.
 func (runner *runner) DestroySet(set string) error {
-	if _, err := runner.exec.Command(IPSetCmd, "destroy", set).CombinedOutput(); err != nil {
-		return fmt.Errorf("error destroying set %s:, error: %v", set, err)
+	if out, err := runner.exec.Command(IPSetCmd, "destroy", set).CombinedOutput(); err != nil {
+		return fmt.Errorf("error destroying set %s, error: %v(%s)", set, err, out)
 	}
 	return nil
 }
@@ -309,17 +422,110 @@ func getIPSetVersionString(exec utilexec.Interface) (string, error) {
 	return match[0], nil
 }
 
+// checks if port range is valid. The begin port number is not necessarily less than
+// end port number - ipset util can accept it.  It means both 1-100 and 100-1 are valid.
 func validatePortRange(portRange string) bool {
 	strs := strings.Split(portRange, "-")
 	if len(strs) != 2 {
+		glog.Errorf("port range should be in the format of `a-b`")
 		return false
 	}
 	for i := range strs {
-		if _, err := strconv.Atoi(strs[i]); err != nil {
+		num, err := strconv.Atoi(strs[i])
+		if err != nil {
+			glog.Errorf("Failed to parse %s, error: %v", strs[i], err)
+			return false
+		}
+		if num < 0 {
+			glog.Errorf("port number %d should be >=0", num)
 			return false
 		}
 	}
 	return true
 }
 
+// checks if the given ipset type is valid.
+func validateIPSetType(set Type) bool {
+	for _, valid := range ValidIPSetTypes {
+		if set == valid {
+			return true
+		}
+	}
+	glog.Errorf("Currently supported ipset types are: %v, %s is not supported", ValidIPSetTypes, set)
+	return false
+}
+
+// checks if given hash family is supported in ipset
+func validateHashFamily(family string) bool {
+	if family == ProtocolFamilyIPV4 || family == ProtocolFamilyIPV6 {
+		return true
+	}
+	glog.Errorf("Currently supported ip set hash families are: [%s, %s], %s is not supported", ProtocolFamilyIPV4, ProtocolFamilyIPV6, family)
+	return false
+}
+
+// IsNotFoundError returns true if the error indicates "not found".  It parses
+// the error string looking for known values, which is imperfect but works in
+// practice.
+func IsNotFoundError(err error) bool {
+	es := err.Error()
+	if strings.Contains(es, "does not exist") {
+		// set with the same name already exists
+		// xref: https://github.com/Olipro/ipset/blob/master/lib/errcode.c#L32-L33
+		return true
+	}
+	if strings.Contains(es, "element is missing") {
+		// entry is missing from the set
+		// xref: https://github.com/Olipro/ipset/blob/master/lib/parse.c#L1904
+		// https://github.com/Olipro/ipset/blob/master/lib/parse.c#L1925
+		return true
+	}
+	return false
+}
+
+// checks if given protocol is supported in entry
+func validateProtocol(protocol string) bool {
+	if protocol == ProtocolTCP || protocol == ProtocolUDP {
+		return true
+	}
+	glog.Errorf("Invalid entry's protocol: %s, supported protocols are [%s, %s]", protocol, ProtocolTCP, ProtocolUDP)
+	return false
+}
+
+// parsePortRange parse the begin and end port from a raw string(format: a-b).  beginPort <= endPort
+// in the return value.
+func parsePortRange(portRange string) (beginPort int, endPort int, err error) {
+	if len(portRange) == 0 {
+		portRange = DefaultPortRange
+	}
+
+	strs := strings.Split(portRange, "-")
+	if len(strs) != 2 {
+		// port number -1 indicates invalid
+		return -1, -1, fmt.Errorf("port range should be in the format of `a-b`")
+	}
+	for i := range strs {
+		num, err := strconv.Atoi(strs[i])
+		if err != nil {
+			// port number -1 indicates invalid
+			return -1, -1, err
+		}
+		if num < 0 {
+			// port number -1 indicates invalid
+			return -1, -1, fmt.Errorf("port number %d should be >=0", num)
+		}
+		if i == 0 {
+			beginPort = num
+			continue
+		}
+		endPort = num
+		// switch when first port number > second port number
+		if beginPort > endPort {
+			endPort = beginPort
+			beginPort = num
+		}
+	}
+	return beginPort, endPort, nil
+}
+
 var _ = Interface(&runner{})
diff --git a/vendor/k8s.io/kubernetes/pkg/util/ipset/types.go b/vendor/k8s.io/kubernetes/pkg/util/ipset/types.go
index d2406c00878b..cacfd6f8d8e4 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/ipset/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/ipset/types.go
@@ -58,13 +58,3 @@ var ValidIPSetTypes = []Type{
 	BitmapPort,
 	HashIPPortNet,
 }
-
-// IsValidIPSetType checks if the given ipset type is valid.
-func IsValidIPSetType(set Type) bool {
-	for _, valid := range ValidIPSetTypes {
-		if set == valid {
-			return true
-		}
-	}
-	return false
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/util/iptables/BUILD b/vendor/k8s.io/kubernetes/pkg/util/iptables/BUILD
index 0f3dbcef4bc2..d803ccb390b6 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/iptables/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/iptables/BUILD
@@ -11,12 +11,41 @@ go_library(
     srcs = [
         "doc.go",
         "iptables.go",
-        "iptables_unsupported.go",
         "save_restore.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "iptables_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "iptables_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "iptables_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "iptables_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "iptables_linux.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "iptables_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "iptables_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "iptables_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "iptables_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "iptables_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "iptables_unsupported.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/util/iptables",
@@ -28,7 +57,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/utils/exec:go_default_library",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/golang.org/x/sys/unix:go_default_library",
             "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
             "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
@@ -40,15 +69,14 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "iptables_test.go",
         ],
         "//conditions:default": [],
     }),
-    importpath = "k8s.io/kubernetes/pkg/util/iptables",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//pkg/util/dbus:go_default_library",
             "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
             "//vendor/k8s.io/utils/exec:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/util/iptables/OWNERS b/vendor/k8s.io/kubernetes/pkg/util/iptables/OWNERS
index 8005a3c35672..55d0a0de0835 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/iptables/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/util/iptables/OWNERS
@@ -2,8 +2,8 @@ reviewers:
   - dcbw
   - thockin
   - eparis
+  - danwinship
 approvers:
   - dcbw
   - thockin
   - eparis
-
diff --git a/vendor/k8s.io/kubernetes/pkg/util/iptables/iptables.go b/vendor/k8s.io/kubernetes/pkg/util/iptables/iptables.go
index 292288d218b0..0fb03468fd64 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/iptables/iptables.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/iptables/iptables.go
@@ -124,7 +124,7 @@ const MinCheckVersion = "1.4.11"
 const WaitMinVersion = "1.4.20"
 const WaitSecondsMinVersion = "1.4.22"
 const WaitString = "-w"
-const WaitSecondsString = "-w5"
+const WaitSecondsValue = "5"
 
 const LockfilePath16x = "/run/xtables.lock"
 
@@ -558,7 +558,7 @@ func getIPTablesWaitFlag(vstring string) []string {
 	if version.LessThan(minVersion) {
 		return []string{WaitString}
 	} else {
-		return []string{WaitSecondsString}
+		return []string{WaitString, WaitSecondsValue}
 	}
 }
 
@@ -594,7 +594,7 @@ func getIPTablesRestoreWaitFlag(exec utilexec.Interface, protocol Protocol) []st
 		return nil
 	}
 
-	return []string{WaitSecondsString}
+	return []string{WaitString, WaitSecondsValue}
 }
 
 // getIPTablesRestoreVersionString runs "iptables-restore --version" to get the version string
diff --git a/vendor/k8s.io/kubernetes/pkg/util/ipvs/BUILD b/vendor/k8s.io/kubernetes/pkg/util/ipvs/BUILD
index 21c27d219c78..90ddf07b0d1b 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/ipvs/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/ipvs/BUILD
@@ -11,15 +11,14 @@ go_test(
     srcs = [
         "ipvs_test.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "ipvs_linux_test.go",
         ],
         "//conditions:default": [],
     }),
-    importpath = "k8s.io/kubernetes/pkg/util/ipvs",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/github.com/docker/libnetwork/ipvs:go_default_library",
         ],
         "//conditions:default": [],
@@ -30,20 +29,78 @@ go_library(
     name = "go_default_library",
     srcs = [
         "ipvs.go",
-        "ipvs_unsupported.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "ipvs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "ipvs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "ipvs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "ipvs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "ipvs_linux.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "ipvs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "ipvs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "ipvs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "ipvs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "ipvs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "ipvs_unsupported.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/util/ipvs",
-    deps = [
-        "//vendor/k8s.io/utils/exec:go_default_library",
-    ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+    deps = select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/github.com/docker/libnetwork/ipvs:go_default_library",
             "//vendor/github.com/golang/glog:go_default_library",
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
         ],
         "//conditions:default": [],
     }),
diff --git a/vendor/k8s.io/kubernetes/pkg/util/ipvs/OWNERS b/vendor/k8s.io/kubernetes/pkg/util/ipvs/OWNERS
new file mode 100644
index 000000000000..fce2911d6a23
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/util/ipvs/OWNERS
@@ -0,0 +1,7 @@
+reviewers:
+  - thockin
+  - m1093782566
+approvers:
+  - thockin
+  - m1093782566
+
diff --git a/vendor/k8s.io/kubernetes/pkg/util/ipvs/ipvs_linux.go b/vendor/k8s.io/kubernetes/pkg/util/ipvs/ipvs_linux.go
index 3652a9566369..86c42730d2b3 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/ipvs/ipvs_linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/ipvs/ipvs_linux.go
@@ -25,83 +25,86 @@ import (
 	"strings"
 	"syscall"
 
-	"github.com/docker/libnetwork/ipvs"
+	libipvs "github.com/docker/libnetwork/ipvs"
 	"github.com/golang/glog"
 	utilexec "k8s.io/utils/exec"
 )
 
-// runner implements Interface.
+// runner implements ipvs.Interface.
 type runner struct {
 	exec       utilexec.Interface
-	ipvsHandle *ipvs.Handle
+	ipvsHandle *libipvs.Handle
 }
 
+// Protocol is the IPVS service protocol type
+type Protocol uint16
+
 // New returns a new Interface which will call ipvs APIs.
 func New(exec utilexec.Interface) Interface {
-	ihandle, err := ipvs.New("")
+	handle, err := libipvs.New("")
 	if err != nil {
 		glog.Errorf("IPVS interface can't be initialized, error: %v", err)
 		return nil
 	}
 	return &runner{
 		exec:       exec,
-		ipvsHandle: ihandle,
+		ipvsHandle: handle,
 	}
 }
 
-// AddVirtualServer is part of Interface.
+// AddVirtualServer is part of ipvs.Interface.
 func (runner *runner) AddVirtualServer(vs *VirtualServer) error {
-	eSvc, err := toBackendService(vs)
+	svc, err := toIPVSService(vs)
 	if err != nil {
 		return err
 	}
-	return runner.ipvsHandle.NewService(eSvc)
+	return runner.ipvsHandle.NewService(svc)
 }
 
-// UpdateVirtualServer is part of Interface.
+// UpdateVirtualServer is part of ipvs.Interface.
 func (runner *runner) UpdateVirtualServer(vs *VirtualServer) error {
-	bSvc, err := toBackendService(vs)
+	svc, err := toIPVSService(vs)
 	if err != nil {
 		return err
 	}
-	return runner.ipvsHandle.UpdateService(bSvc)
+	return runner.ipvsHandle.UpdateService(svc)
 }
 
-// DeleteVirtualServer is part of Interface.
+// DeleteVirtualServer is part of ipvs.Interface.
 func (runner *runner) DeleteVirtualServer(vs *VirtualServer) error {
-	bSvc, err := toBackendService(vs)
+	svc, err := toIPVSService(vs)
 	if err != nil {
 		return err
 	}
-	return runner.ipvsHandle.DelService(bSvc)
+	return runner.ipvsHandle.DelService(svc)
 }
 
-// GetVirtualServer is part of Interface.
+// GetVirtualServer is part of ipvs.Interface.
 func (runner *runner) GetVirtualServer(vs *VirtualServer) (*VirtualServer, error) {
-	bSvc, err := toBackendService(vs)
+	svc, err := toIPVSService(vs)
 	if err != nil {
 		return nil, err
 	}
-	ipvsService, err := runner.ipvsHandle.GetService(bSvc)
+	ipvsSvc, err := runner.ipvsHandle.GetService(svc)
 	if err != nil {
 		return nil, err
 	}
-	virtualServer, err := toVirtualServer(ipvsService)
+	vServ, err := toVirtualServer(ipvsSvc)
 	if err != nil {
 		return nil, err
 	}
-	return virtualServer, nil
+	return vServ, nil
 }
 
-// GetVirtualServers is part of Interface.
+// GetVirtualServers is part of ipvs.Interface.
 func (runner *runner) GetVirtualServers() ([]*VirtualServer, error) {
-	ipvsServices, err := runner.ipvsHandle.GetServices()
+	ipvsSvcs, err := runner.ipvsHandle.GetServices()
 	if err != nil {
 		return nil, err
 	}
 	vss := make([]*VirtualServer, 0)
-	for _, ipvsService := range ipvsServices {
-		vs, err := toVirtualServer(ipvsService)
+	for _, ipvsSvc := range ipvsSvcs {
+		vs, err := toVirtualServer(ipvsSvc)
 		if err != nil {
 			return nil, err
 		}
@@ -110,61 +113,61 @@ func (runner *runner) GetVirtualServers() ([]*VirtualServer, error) {
 	return vss, nil
 }
 
-// Flush is part of Interface.  Currently we delete IPVS services one by one
+// Flush is part of ipvs.Interface. Currently we delete IPVS services one by one
 func (runner *runner) Flush() error {
 	return runner.ipvsHandle.Flush()
 }
 
-// AddRealServer is part of Interface.
+// AddRealServer is part of ipvs.Interface.
 func (runner *runner) AddRealServer(vs *VirtualServer, rs *RealServer) error {
-	bSvc, err := toBackendService(vs)
+	svc, err := toIPVSService(vs)
 	if err != nil {
 		return err
 	}
-	bDst, err := toBackendDestination(rs)
+	dst, err := toIPVSDestination(rs)
 	if err != nil {
 		return err
 	}
-	return runner.ipvsHandle.NewDestination(bSvc, bDst)
+	return runner.ipvsHandle.NewDestination(svc, dst)
 }
 
-// DeleteRealServer is part of Interface.
+// DeleteRealServer is part of ipvs.Interface.
 func (runner *runner) DeleteRealServer(vs *VirtualServer, rs *RealServer) error {
-	bSvc, err := toBackendService(vs)
+	svc, err := toIPVSService(vs)
 	if err != nil {
 		return err
 	}
-	bDst, err := toBackendDestination(rs)
+	dst, err := toIPVSDestination(rs)
 	if err != nil {
 		return err
 	}
-	return runner.ipvsHandle.DelDestination(bSvc, bDst)
+	return runner.ipvsHandle.DelDestination(svc, dst)
 }
 
-// GetRealServers is part of Interface.
+// GetRealServers is part of ipvs.Interface.
 func (runner *runner) GetRealServers(vs *VirtualServer) ([]*RealServer, error) {
-	bSvc, err := toBackendService(vs)
+	svc, err := toIPVSService(vs)
 	if err != nil {
 		return nil, err
 	}
-	bDestinations, err := runner.ipvsHandle.GetDestinations(bSvc)
+	dsts, err := runner.ipvsHandle.GetDestinations(svc)
 	if err != nil {
 		return nil, err
 	}
-	realServers := make([]*RealServer, 0)
-	for _, dest := range bDestinations {
-		dst, err := toRealServer(dest)
+	rss := make([]*RealServer, 0)
+	for _, dst := range dsts {
+		dst, err := toRealServer(dst)
 		// TODO: aggregate errors?
 		if err != nil {
 			return nil, err
 		}
-		realServers = append(realServers, dst)
+		rss = append(rss, dst)
 	}
-	return realServers, nil
+	return rss, nil
 }
 
-// toVirtualServer converts an IPVS service representation to the equivalent virtual server structure.
-func toVirtualServer(svc *ipvs.Service) (*VirtualServer, error) {
+// toVirtualServer converts an IPVS Service to the equivalent VirtualServer structure.
+func toVirtualServer(svc *libipvs.Service) (*VirtualServer, error) {
 	if svc == nil {
 		return nil, errors.New("ipvs svc should not be empty")
 	}
@@ -172,7 +175,7 @@ func toVirtualServer(svc *ipvs.Service) (*VirtualServer, error) {
 		Address:   svc.Address,
 		Port:      svc.Port,
 		Scheduler: svc.SchedName,
-		Protocol:  protocolNumbeToString(ProtoType(svc.Protocol)),
+		Protocol:  protocolToString(Protocol(svc.Protocol)),
 		Timeout:   svc.Timeout,
 	}
 
@@ -194,8 +197,8 @@ func toVirtualServer(svc *ipvs.Service) (*VirtualServer, error) {
 	return vs, nil
 }
 
-// toRealServer converts an IPVS destination representation to the equivalent real server structure.
-func toRealServer(dst *ipvs.Destination) (*RealServer, error) {
+// toRealServer converts an IPVS Destination to the equivalent RealServer structure.
+func toRealServer(dst *libipvs.Destination) (*RealServer, error) {
 	if dst == nil {
 		return nil, errors.New("ipvs destination should not be empty")
 	}
@@ -206,14 +209,14 @@ func toRealServer(dst *ipvs.Destination) (*RealServer, error) {
 	}, nil
 }
 
-// toBackendService converts an IPVS real server representation to the equivalent "backend" service structure.
-func toBackendService(vs *VirtualServer) (*ipvs.Service, error) {
+// toIPVSService converts a VirtualServer to the equivalent IPVS Service structure.
+func toIPVSService(vs *VirtualServer) (*libipvs.Service, error) {
 	if vs == nil {
 		return nil, errors.New("virtual server should not be empty")
 	}
-	bakSvc := &ipvs.Service{
+	ipvsSvc := &libipvs.Service{
 		Address:   vs.Address,
-		Protocol:  stringToProtocolNumber(vs.Protocol),
+		Protocol:  stringToProtocol(vs.Protocol),
 		Port:      vs.Port,
 		SchedName: vs.Scheduler,
 		Flags:     uint32(vs.Flags),
@@ -221,29 +224,29 @@ func toBackendService(vs *VirtualServer) (*ipvs.Service, error) {
 	}
 
 	if ip4 := vs.Address.To4(); ip4 != nil {
-		bakSvc.AddressFamily = syscall.AF_INET
-		bakSvc.Netmask = 0xffffffff
+		ipvsSvc.AddressFamily = syscall.AF_INET
+		ipvsSvc.Netmask = 0xffffffff
 	} else {
-		bakSvc.AddressFamily = syscall.AF_INET6
-		bakSvc.Netmask = 128
+		ipvsSvc.AddressFamily = syscall.AF_INET6
+		ipvsSvc.Netmask = 128
 	}
-	return bakSvc, nil
+	return ipvsSvc, nil
 }
 
-// toBackendDestination converts an IPVS real server representation to the equivalent "backend" destination structure.
-func toBackendDestination(rs *RealServer) (*ipvs.Destination, error) {
+// toIPVSDestination converts a RealServer to the equivalent IPVS Destination structure.
+func toIPVSDestination(rs *RealServer) (*libipvs.Destination, error) {
 	if rs == nil {
 		return nil, errors.New("real server should not be empty")
 	}
-	return &ipvs.Destination{
+	return &libipvs.Destination{
 		Address: rs.Address,
 		Port:    rs.Port,
 		Weight:  rs.Weight,
 	}, nil
 }
 
-// stringToProtocolNumber returns the protocol value for the given name
-func stringToProtocolNumber(protocol string) uint16 {
+// stringToProtocolType returns the protocol type for the given name
+func stringToProtocol(protocol string) uint16 {
 	switch strings.ToLower(protocol) {
 	case "tcp":
 		return uint16(syscall.IPPROTO_TCP)
@@ -253,8 +256,8 @@ func stringToProtocolNumber(protocol string) uint16 {
 	return uint16(0)
 }
 
-// protocolNumbeToString returns the name for the given protocol value.
-func protocolNumbeToString(proto ProtoType) string {
+// protocolTypeToString returns the name for the given protocol.
+func protocolToString(proto Protocol) string {
 	switch proto {
 	case syscall.IPPROTO_TCP:
 		return "TCP"
@@ -263,6 +266,3 @@ func protocolNumbeToString(proto ProtoType) string {
 	}
 	return ""
 }
-
-// ProtoType is IPVS service protocol type
-type ProtoType uint16
diff --git a/vendor/k8s.io/kubernetes/pkg/util/keymutex/BUILD b/vendor/k8s.io/kubernetes/pkg/util/keymutex/BUILD
index c954729108d4..bc278f010a9a 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/keymutex/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/keymutex/BUILD
@@ -16,8 +16,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["keymutex_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/keymutex",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/util/labels/BUILD b/vendor/k8s.io/kubernetes/pkg/util/labels/BUILD
index 96f42ae579dc..51e0119f4104 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/labels/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/labels/BUILD
@@ -19,8 +19,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["labels_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/labels",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/util/limitwriter/BUILD b/vendor/k8s.io/kubernetes/pkg/util/limitwriter/BUILD
index e04f353a41b5..1c9d11f8cdf1 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/limitwriter/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/limitwriter/BUILD
@@ -18,8 +18,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["limitwriter_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/limitwriter",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/util/metrics/BUILD b/vendor/k8s.io/kubernetes/pkg/util/metrics/BUILD
index d0629b2b3599..082bcffc6863 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/metrics/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/metrics/BUILD
@@ -13,7 +13,6 @@ go_library(
     deps = [
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/prometheus/client_golang/prometheus:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/client-go/util/flowcontrol:go_default_library",
     ],
 )
@@ -21,8 +20,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["util_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/metrics",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/client-go/util/flowcontrol:go_default_library",
     ],
diff --git a/vendor/k8s.io/kubernetes/pkg/util/metrics/util.go b/vendor/k8s.io/kubernetes/pkg/util/metrics/util.go
index 3980ae818add..0a14b9b3fe99 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/metrics/util.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/metrics/util.go
@@ -21,7 +21,6 @@ import (
 	"sync"
 	"time"
 
-	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/client-go/util/flowcontrol"
 
 	"github.com/golang/glog"
@@ -71,11 +70,13 @@ func RegisterMetricAndTrackRateLimiterUsage(ownerName string, rateLimiter flowco
 	if err := registerRateLimiterMetric(ownerName); err != nil {
 		return err
 	}
-	go wait.Until(func() {
-		metricsLock.Lock()
-		defer metricsLock.Unlock()
-		rateLimiterMetrics[ownerName].metric.Set(rateLimiter.Saturation())
-	}, updatePeriod, rateLimiterMetrics[ownerName].stopCh)
+	// TODO: determine how to track rate limiter saturation
+	// See discussion at https://go-review.googlesource.com/c/time/+/29958#message-4caffc11669cadd90e2da4c05122cfec50ea6a22
+	// go wait.Until(func() {
+	//   metricsLock.Lock()
+	//   defer metricsLock.Unlock()
+	//   rateLimiterMetrics[ownerName].metric.Set()
+	// }, updatePeriod, rateLimiterMetrics[ownerName].stopCh)
 	return nil
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/util/mount/BUILD b/vendor/k8s.io/kubernetes/pkg/util/mount/BUILD
index 1914475e5644..3b2a78a5651a 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/mount/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/mount/BUILD
@@ -1,38 +1,77 @@
-package(default_visibility = ["//visibility:public"])
-
-load(
-    "@io_bazel_rules_go//go:def.bzl",
-    "go_library",
-    "go_test",
-)
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 
 go_library(
     name = "go_default_library",
     srcs = [
         "doc.go",
         "exec.go",
-        "exec_mount_unsupported.go",
         "fake.go",
         "mount.go",
-        "mount_unsupported.go",
-        "nsenter_mount_unsupported.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "exec_mount_unsupported.go",
+            "mount_unsupported.go",
+            "nsenter_mount_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "exec_mount_unsupported.go",
+            "mount_unsupported.go",
+            "nsenter_mount_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "exec_mount_unsupported.go",
+            "mount_unsupported.go",
+            "nsenter_mount_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "exec_mount_unsupported.go",
+            "mount_unsupported.go",
+            "nsenter_mount_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "exec_mount.go",
             "mount_linux.go",
             "nsenter_mount.go",
         ],
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "exec_mount_unsupported.go",
+            "mount_unsupported.go",
+            "nsenter_mount_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "exec_mount_unsupported.go",
+            "mount_unsupported.go",
+            "nsenter_mount_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "exec_mount_unsupported.go",
+            "mount_unsupported.go",
+            "nsenter_mount_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "exec_mount_unsupported.go",
+            "mount_unsupported.go",
+            "nsenter_mount_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "exec_mount_unsupported.go",
+            "mount_unsupported.go",
+            "nsenter_mount_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "exec_mount_unsupported.go",
             "mount_windows.go",
+            "nsenter_mount_unsupported.go",
         ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/util/mount",
+    visibility = ["//visibility:public"],
     deps = [
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/utils/exec:go_default_library",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//pkg/util/io:go_default_library",
             "//pkg/util/nsenter:go_default_library",
             "//vendor/golang.org/x/sys/unix:go_default_library",
@@ -47,25 +86,24 @@ go_test(
     srcs = [
         "safe_format_and_mount_test.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "exec_mount_test.go",
             "mount_linux_test.go",
             "nsenter_mount_test.go",
         ],
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:windows": [
             "mount_windows_test.go",
         ],
         "//conditions:default": [],
     }),
-    importpath = "k8s.io/kubernetes/pkg/util/mount",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/utils/exec/testing:go_default_library",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/github.com/golang/glog:go_default_library",
         ],
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:windows": [
             "//vendor/github.com/stretchr/testify/assert:go_default_library",
         ],
         "//conditions:default": [],
@@ -83,4 +121,5 @@ filegroup(
     name = "all-srcs",
     srcs = [":package-srcs"],
     tags = ["automanaged"],
+    visibility = ["//visibility:public"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/util/mount/OWNERS b/vendor/k8s.io/kubernetes/pkg/util/mount/OWNERS
index 556119c44711..8b4ff6218ea5 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/mount/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/util/mount/OWNERS
@@ -1,7 +1,10 @@
 reviewers:
   - jingxu97
   - saad-ali
+  - jsafrane
+  - msau42
 approvers:
   - jingxu97
   - saad-ali
+  - jsafrane
 
diff --git a/vendor/k8s.io/kubernetes/pkg/util/mount/exec_mount.go b/vendor/k8s.io/kubernetes/pkg/util/mount/exec_mount.go
index 8572ff338394..574174af853a 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/mount/exec_mount.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/mount/exec_mount.go
@@ -57,7 +57,7 @@ func (m *execMounter) Mount(source string, target string, fstype string, options
 	return m.doExecMount(source, target, fstype, options)
 }
 
-// doExecMount calls exec(mount <waht> <where>) using given exec interface.
+// doExecMount calls exec(mount <what> <where>) using given exec interface.
 func (m *execMounter) doExecMount(source, target, fstype string, options []string) error {
 	glog.V(5).Infof("Exec Mounting %s %s %s %v", source, target, fstype, options)
 	mountArgs := makeMountArgs(source, target, fstype, options)
diff --git a/vendor/k8s.io/kubernetes/pkg/util/mount/mount.go b/vendor/k8s.io/kubernetes/pkg/util/mount/mount.go
index bd57421de970..f30db7692e81 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/mount/mount.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/mount/mount.go
@@ -163,12 +163,6 @@ type SafeFormatAndMount struct {
 // disk is already formatted or it is being mounted as read-only, it
 // will be mounted without formatting.
 func (mounter *SafeFormatAndMount) FormatAndMount(source string, target string, fstype string, options []string) error {
-	// Don't attempt to format if mounting as readonly. Go straight to mounting.
-	for _, option := range options {
-		if option == "ro" {
-			return mounter.Interface.Mount(source, target, fstype, options)
-		}
-	}
 	return mounter.formatAndMount(source, target, fstype, options)
 }
 
@@ -254,6 +248,12 @@ func IsNotMountPoint(mounter Interface, file string) (bool, error) {
 	// IsLikelyNotMountPoint provides a quick check
 	// to determine whether file IS A mountpoint
 	notMnt, notMntErr := mounter.IsLikelyNotMountPoint(file)
+	if notMntErr != nil && os.IsPermission(notMntErr) {
+		// We were not allowed to do the simple stat() check, e.g. on NFS with
+		// root_squash. Fall back to /proc/mounts check below.
+		notMnt = true
+		notMntErr = nil
+	}
 	if notMntErr != nil && isNotDirErr(notMntErr) {
 		return notMnt, notMntErr
 	}
@@ -301,15 +301,39 @@ func isBind(options []string) (bool, []string) {
 	return bind, bindRemountOpts
 }
 
-// pathWithinBase checks if give path is withing given base directory.
+// TODO: this is a workaround for the unmount device issue caused by gci mounter.
+// In GCI cluster, if gci mounter is used for mounting, the container started by mounter
+// script will cause additional mounts created in the container. Since these mounts are
+// irrelevant to the original mounts, they should be not considered when checking the
+// mount references. Current solution is to filter out those mount paths that contain
+// the string of original mount path.
+// Plan to work on better approach to solve this issue.
+
+func HasMountRefs(mountPath string, mountRefs []string) bool {
+	count := 0
+	for _, ref := range mountRefs {
+		if !strings.Contains(ref, mountPath) {
+			count = count + 1
+		}
+	}
+	return count > 0
+}
+
+// pathWithinBase checks if give path is within given base directory.
 func pathWithinBase(fullPath, basePath string) bool {
 	rel, err := filepath.Rel(basePath, fullPath)
 	if err != nil {
 		return false
 	}
-	if strings.HasPrefix(rel, "..") {
+	if startsWithBackstep(rel) {
 		// Needed to escape the base path
 		return false
 	}
 	return true
 }
+
+// startsWithBackstep checks if the given path starts with a backstep segment
+func startsWithBackstep(rel string) bool {
+	// normalize to / and check for ../
+	return rel == ".." || strings.HasPrefix(filepath.ToSlash(rel), "../")
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/util/mount/mount_linux.go b/vendor/k8s.io/kubernetes/pkg/util/mount/mount_linux.go
index 8274ee477620..0b54b3fd36a8 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/mount/mount_linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/mount/mount_linux.go
@@ -19,6 +19,7 @@ limitations under the License.
 package mount
 
 import (
+	"errors"
 	"fmt"
 	"io/ioutil"
 	"os"
@@ -75,7 +76,7 @@ func New(mounterPath string) Interface {
 }
 
 // Mount mounts source to target as fstype with given options. 'source' and 'fstype' must
-// be an emtpy string in case it's not required, e.g. for remount, or for auto filesystem
+// be an empty string in case it's not required, e.g. for remount, or for auto filesystem
 // type, where kernel handles fstype for you. The mount 'options' is a list of options,
 // currently come from mount(8), e.g. "ro", "remount", "bind", etc. If no more option is
 // required, call Mount with an empty string list or nil.
@@ -271,7 +272,7 @@ func (mounter *Mounter) IsLikelyNotMountPoint(file string) (bool, error) {
 	if err != nil {
 		return true, err
 	}
-	rootStat, err := os.Lstat(file + "/..")
+	rootStat, err := os.Lstat(filepath.Dir(strings.TrimSuffix(file, "/")))
 	if err != nil {
 		return true, err
 	}
@@ -319,7 +320,7 @@ func exclusiveOpenFailsOnDevice(pathname string) (bool, error) {
 	}
 
 	if !isDevice {
-		glog.Errorf("Path %q is not refering to a device.", pathname)
+		glog.Errorf("Path %q is not referring to a device.", pathname)
 		return false, nil
 	}
 	fd, errno := unix.Open(pathname, unix.O_RDONLY|unix.O_EXCL, 0)
@@ -437,7 +438,7 @@ func (mounter *Mounter) GetFileType(pathname string) (FileType, error) {
 	case syscall.S_IFBLK:
 		return FileTypeBlockDev, nil
 	case syscall.S_IFCHR:
-		return FileTypeBlockDev, nil
+		return FileTypeCharDev, nil
 	case syscall.S_IFDIR:
 		return FileTypeDirectory, nil
 	case syscall.S_IFREG:
@@ -478,23 +479,33 @@ func (mounter *Mounter) ExistsPath(pathname string) bool {
 
 // formatAndMount uses unix utils to format and mount the given disk
 func (mounter *SafeFormatAndMount) formatAndMount(source string, target string, fstype string, options []string) error {
+	readOnly := false
+	for _, option := range options {
+		if option == "ro" {
+			readOnly = true
+			break
+		}
+	}
+
 	options = append(options, "defaults")
 
-	// Run fsck on the disk to fix repairable issues
-	glog.V(4).Infof("Checking for issues with fsck on disk: %s", source)
-	args := []string{"-a", source}
-	out, err := mounter.Exec.Run("fsck", args...)
-	if err != nil {
-		ee, isExitError := err.(utilexec.ExitError)
-		switch {
-		case err == utilexec.ErrExecutableNotFound:
-			glog.Warningf("'fsck' not found on system; continuing mount without running 'fsck'.")
-		case isExitError && ee.ExitStatus() == fsckErrorsCorrected:
-			glog.Infof("Device %s has errors which were corrected by fsck.", source)
-		case isExitError && ee.ExitStatus() == fsckErrorsUncorrected:
-			return fmt.Errorf("'fsck' found errors on device %s but could not correct them: %s.", source, string(out))
-		case isExitError && ee.ExitStatus() > fsckErrorsUncorrected:
-			glog.Infof("`fsck` error %s", string(out))
+	if !readOnly {
+		// Run fsck on the disk to fix repairable issues, only do this for volumes requested as rw.
+		glog.V(4).Infof("Checking for issues with fsck on disk: %s", source)
+		args := []string{"-a", source}
+		out, err := mounter.Exec.Run("fsck", args...)
+		if err != nil {
+			ee, isExitError := err.(utilexec.ExitError)
+			switch {
+			case err == utilexec.ErrExecutableNotFound:
+				glog.Warningf("'fsck' not found on system; continuing mount without running 'fsck'.")
+			case isExitError && ee.ExitStatus() == fsckErrorsCorrected:
+				glog.Infof("Device %s has errors which were corrected by fsck.", source)
+			case isExitError && ee.ExitStatus() == fsckErrorsUncorrected:
+				return fmt.Errorf("'fsck' found errors on device %s but could not correct them: %s.", source, string(out))
+			case isExitError && ee.ExitStatus() > fsckErrorsUncorrected:
+				glog.Infof("`fsck` error %s", string(out))
+			}
 		}
 	}
 
@@ -509,8 +520,13 @@ func (mounter *SafeFormatAndMount) formatAndMount(source string, target string,
 			return err
 		}
 		if existingFormat == "" {
+			if readOnly {
+				// Don't attempt to format if mounting as readonly, return an error to reflect this.
+				return errors.New("failed to mount unformatted volume as read only")
+			}
+
 			// Disk is unformatted so format it.
-			args = []string{source}
+			args := []string{source}
 			// Use 'ext4' as the default
 			if len(fstype) == 0 {
 				fstype = "ext4"
@@ -542,36 +558,57 @@ func (mounter *SafeFormatAndMount) formatAndMount(source string, target string,
 	return mountErr
 }
 
-// GetDiskFormat uses 'lsblk' to see if the given disk is unformated
+// GetDiskFormat uses 'blkid' to see if the given disk is unformated
 func (mounter *SafeFormatAndMount) GetDiskFormat(disk string) (string, error) {
-	args := []string{"-n", "-o", "FSTYPE", disk}
-	glog.V(4).Infof("Attempting to determine if disk %q is formatted using lsblk with args: (%v)", disk, args)
-	dataOut, err := mounter.Exec.Run("lsblk", args...)
+	args := []string{"-p", "-s", "TYPE", "-s", "PTTYPE", "-o", "export", disk}
+	glog.V(4).Infof("Attempting to determine if disk %q is formatted using blkid with args: (%v)", disk, args)
+	dataOut, err := mounter.Exec.Run("blkid", args...)
 	output := string(dataOut)
-	glog.V(4).Infof("Output: %q", output)
+	glog.V(4).Infof("Output: %q, err: %v", output, err)
 
 	if err != nil {
+		if exit, ok := err.(utilexec.ExitError); ok {
+			if exit.ExitStatus() == 2 {
+				// Disk device is unformatted.
+				// For `blkid`, if the specified token (TYPE/PTTYPE, etc) was
+				// not found, or no (specified) devices could be identified, an
+				// exit code of 2 is returned.
+				return "", nil
+			}
+		}
 		glog.Errorf("Could not determine if disk %q is formatted (%v)", disk, err)
 		return "", err
 	}
 
-	// Split lsblk output into lines. Unformatted devices should contain only
-	// "\n". Beware of "\n\n", that's a device with one empty partition.
-	output = strings.TrimSuffix(output, "\n") // Avoid last empty line
+	var fstype, pttype string
+
 	lines := strings.Split(output, "\n")
-	if lines[0] != "" {
-		// The device is formatted
-		return lines[0], nil
+	for _, l := range lines {
+		if len(l) <= 0 {
+			// Ignore empty line.
+			continue
+		}
+		cs := strings.Split(l, "=")
+		if len(cs) != 2 {
+			return "", fmt.Errorf("blkid returns invalid output: %s", output)
+		}
+		// TYPE is filesystem type, and PTTYPE is partition table type, according
+		// to https://www.kernel.org/pub/linux/utils/util-linux/v2.21/libblkid-docs/.
+		if cs[0] == "TYPE" {
+			fstype = cs[1]
+		} else if cs[0] == "PTTYPE" {
+			pttype = cs[1]
+		}
 	}
 
-	if len(lines) == 1 {
-		// The device is unformatted and has no dependent devices
-		return "", nil
+	if len(pttype) > 0 {
+		glog.V(4).Infof("Disk %s detected partition table type: %s", pttype)
+		// Returns a special non-empty string as filesystem type, then kubelet
+		// will not format it.
+		return "unknown data, probably partitions", nil
 	}
 
-	// The device has dependent devices, most probably partitions (LVM, LUKS
-	// and MD RAID are reported as FSTYPE and caught above).
-	return "unknown data, probably partitions", nil
+	return fstype, nil
 }
 
 // isShared returns true, if given path is on a mount point that has shared
@@ -778,9 +815,10 @@ func (mounter *Mounter) CleanSubPaths(podDir string, volumeName string) error {
 
 // This implementation is shared between Linux and NsEnterMounter
 func doCleanSubPaths(mounter Interface, podDir string, volumeName string) error {
-	glog.V(4).Infof("Cleaning up subpath mounts for %s", podDir)
 	// scan /var/lib/kubelet/pods/<uid>/volume-subpaths/<volume>/*
 	subPathDir := filepath.Join(podDir, containerSubPathDirectoryName, volumeName)
+	glog.V(4).Infof("Cleaning up subpath mounts for %s", subPathDir)
+
 	containerDirs, err := ioutil.ReadDir(subPathDir)
 	if err != nil {
 		if os.IsNotExist(err) {
@@ -995,7 +1033,19 @@ func doSafeMakeDir(pathname string, base string, perm os.FileMode) error {
 	// so user can read/write it. This is the behavior of previous code.
 	// TODO: chmod all created directories, not just the last one.
 	// parentFD is the last created directory.
-	if err = syscall.Fchmod(parentFD, uint32(perm)&uint32(os.ModePerm)); err != nil {
+
+	// Translate perm (os.FileMode) to uint32 that fchmod() expects
+	kernelPerm := uint32(perm & os.ModePerm)
+	if perm&os.ModeSetgid > 0 {
+		kernelPerm |= syscall.S_ISGID
+	}
+	if perm&os.ModeSetuid > 0 {
+		kernelPerm |= syscall.S_ISUID
+	}
+	if perm&os.ModeSticky > 0 {
+		kernelPerm |= syscall.S_ISVTX
+	}
+	if err = syscall.Fchmod(parentFD, kernelPerm); err != nil {
 		return fmt.Errorf("chmod %q failed: %s", currentPath, err)
 	}
 	return nil
diff --git a/vendor/k8s.io/kubernetes/pkg/util/mount/mount_windows.go b/vendor/k8s.io/kubernetes/pkg/util/mount/mount_windows.go
index 9ba4417f9797..12e1bca118a2 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/mount/mount_windows.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/mount/mount_windows.go
@@ -291,7 +291,7 @@ func lockAndCheckSubPathWithoutSymlink(volumePath, subPath string) ([]uintptr, e
 	if err != nil {
 		return []uintptr{}, fmt.Errorf("Rel(%s, %s) error: %v", volumePath, subPath, err)
 	}
-	if strings.HasPrefix(relSubPath, "..") {
+	if startsWithBackstep(relSubPath) {
 		return []uintptr{}, fmt.Errorf("SubPath %q not within volume path %q", subPath, volumePath)
 	}
 
@@ -552,7 +552,7 @@ func findExistingPrefix(base, pathname string) (string, []string, error) {
 		return base, nil, err
 	}
 
-	if strings.HasPrefix(rel, "..") {
+	if startsWithBackstep(rel) {
 		return base, nil, fmt.Errorf("pathname(%s) is not within base(%s)", pathname, base)
 	}
 
diff --git a/vendor/k8s.io/kubernetes/pkg/util/mount/nsenter_mount.go b/vendor/k8s.io/kubernetes/pkg/util/mount/nsenter_mount.go
index b695c3fd2677..dd2ad3c64040 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/mount/nsenter_mount.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/mount/nsenter_mount.go
@@ -175,7 +175,7 @@ func (n *NsenterMounter) IsLikelyNotMountPoint(file string) (bool, error) {
 	glog.V(5).Infof("nsenter findmnt args: %v", args)
 	out, err := n.ne.Exec("findmnt", args).CombinedOutput()
 	if err != nil {
-		glog.V(2).Infof("Failed findmnt command for path %s: %v", file, err)
+		glog.V(2).Infof("Failed findmnt command for path %s: %s %v", file, out, err)
 		// Different operating systems behave differently for paths which are not mount points.
 		// On older versions (e.g. 2.20.1) we'd get error, on newer ones (e.g. 2.26.2) we'd get "/".
 		// It's safer to assume that it's not a mount point.
diff --git a/vendor/k8s.io/kubernetes/pkg/util/net/BUILD b/vendor/k8s.io/kubernetes/pkg/util/net/BUILD
new file mode 100644
index 000000000000..0d2a302e1e1b
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/util/net/BUILD
@@ -0,0 +1,31 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+
+package(default_visibility = ["//visibility:public"])
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [
+        ":package-srcs",
+        "//pkg/util/net/sets:all-srcs",
+    ],
+    tags = ["automanaged"],
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = ["net.go"],
+    importpath = "k8s.io/kubernetes/pkg/util/net",
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["net_test.go"],
+    embed = [":go_default_library"],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/util/net/OWNERS b/vendor/k8s.io/kubernetes/pkg/util/net/OWNERS
new file mode 100644
index 000000000000..064cbc393ef0
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/util/net/OWNERS
@@ -0,0 +1,4 @@
+reviewers:
+  - sig-network-reviewers
+approvers:
+  - sig-network-approvers
diff --git a/vendor/k8s.io/kubernetes/pkg/util/net/net.go b/vendor/k8s.io/kubernetes/pkg/util/net/net.go
new file mode 100644
index 000000000000..f838864cf5bc
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/util/net/net.go
@@ -0,0 +1,61 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package net
+
+import (
+	"net"
+)
+
+// IsIPv6 returns if netIP is IPv6.
+func IsIPv6(netIP net.IP) bool {
+	return netIP != nil && netIP.To4() == nil
+}
+
+// IsIPv6String returns if ip is IPv6.
+func IsIPv6String(ip string) bool {
+	netIP := net.ParseIP(ip)
+	return IsIPv6(netIP)
+}
+
+// IsIPv6CIDR returns if cidr is IPv6.
+// This assumes cidr is a valid CIDR.
+func IsIPv6CIDR(cidr string) bool {
+	ip, _, _ := net.ParseCIDR(cidr)
+	return IsIPv6(ip)
+}
+
+// FilterIncorrectIPVersion filters out the incorrect IP version case from a slice of IP strings.
+func FilterIncorrectIPVersion(ipStrings []string, isIPv6Mode bool) ([]string, []string) {
+	return filterWithCondition(ipStrings, isIPv6Mode, IsIPv6String)
+}
+
+// FilterIncorrectCIDRVersion filters out the incorrect IP version case from a slice of CIDR strings.
+func FilterIncorrectCIDRVersion(ipStrings []string, isIPv6Mode bool) ([]string, []string) {
+	return filterWithCondition(ipStrings, isIPv6Mode, IsIPv6CIDR)
+}
+
+func filterWithCondition(strs []string, expectedCondition bool, conditionFunc func(string) bool) ([]string, []string) {
+	var corrects, incorrects []string
+	for _, str := range strs {
+		if conditionFunc(str) != expectedCondition {
+			incorrects = append(incorrects, str)
+		} else {
+			corrects = append(corrects, str)
+		}
+	}
+	return corrects, incorrects
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/util/net/sets/BUILD b/vendor/k8s.io/kubernetes/pkg/util/net/sets/BUILD
index 413f5e390530..6c342f122f37 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/net/sets/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/net/sets/BUILD
@@ -18,8 +18,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["ipnet_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/net/sets",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/util/netsh/BUILD b/vendor/k8s.io/kubernetes/pkg/util/netsh/BUILD
index 88c4ef7de78e..980f16ba9add 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/netsh/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/netsh/BUILD
@@ -38,8 +38,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["netsh_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/netsh",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/github.com/pkg/errors:go_default_library",
         "//vendor/github.com/stretchr/testify/assert:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/util/node/BUILD b/vendor/k8s.io/kubernetes/pkg/util/node/BUILD
index 6ce01d7e6fbc..1e198dbbcfab 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/node/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/node/BUILD
@@ -26,8 +26,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["node_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/node",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/kubelet/apis:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/util/node/node.go b/vendor/k8s.io/kubernetes/pkg/util/node/node.go
index a4c91bdbbf85..6bc3ea8a7778 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/node/node.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/node/node.go
@@ -166,10 +166,23 @@ func PatchNodeCIDR(c clientset.Interface, node types.NodeName, cidr string) erro
 }
 
 // PatchNodeStatus patches node status.
-func PatchNodeStatus(c v1core.CoreV1Interface, nodeName types.NodeName, oldNode *v1.Node, newNode *v1.Node) (*v1.Node, error) {
+func PatchNodeStatus(c v1core.CoreV1Interface, nodeName types.NodeName, oldNode *v1.Node, newNode *v1.Node) (*v1.Node, []byte, error) {
+	patchBytes, err := preparePatchBytesforNodeStatus(nodeName, oldNode, newNode)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	updatedNode, err := c.Nodes().Patch(string(nodeName), types.StrategicMergePatchType, patchBytes, "status")
+	if err != nil {
+		return nil, nil, fmt.Errorf("failed to patch status %q for node %q: %v", patchBytes, nodeName, err)
+	}
+	return updatedNode, patchBytes, nil
+}
+
+func preparePatchBytesforNodeStatus(nodeName types.NodeName, oldNode *v1.Node, newNode *v1.Node) ([]byte, error) {
 	oldData, err := json.Marshal(oldNode)
 	if err != nil {
-		return nil, fmt.Errorf("failed to marshal old node %#v for node %q: %v", oldNode, nodeName, err)
+		return nil, fmt.Errorf("failed to Marshal oldData for node %q: %v", nodeName, err)
 	}
 
 	// Reset spec to make sure only patch for Status or ObjectMeta is generated.
@@ -179,17 +192,12 @@ func PatchNodeStatus(c v1core.CoreV1Interface, nodeName types.NodeName, oldNode
 	newNode.Spec = oldNode.Spec
 	newData, err := json.Marshal(newNode)
 	if err != nil {
-		return nil, fmt.Errorf("failed to marshal new node %#v for node %q: %v", newNode, nodeName, err)
+		return nil, fmt.Errorf("failed to Marshal newData for node %q: %v", nodeName, err)
 	}
 
 	patchBytes, err := strategicpatch.CreateTwoWayMergePatch(oldData, newData, v1.Node{})
 	if err != nil {
-		return nil, fmt.Errorf("failed to create patch for node %q: %v", nodeName, err)
-	}
-
-	updatedNode, err := c.Nodes().Patch(string(nodeName), types.StrategicMergePatchType, patchBytes, "status")
-	if err != nil {
-		return nil, fmt.Errorf("failed to patch status %q for node %q: %v", patchBytes, nodeName, err)
+		return nil, fmt.Errorf("failed to CreateTwoWayMergePatch for node %q: %v", nodeName, err)
 	}
-	return updatedNode, nil
+	return patchBytes, nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/util/nsenter/BUILD b/vendor/k8s.io/kubernetes/pkg/util/nsenter/BUILD
index b3f2d2b031d0..988fef01b59b 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/nsenter/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/nsenter/BUILD
@@ -2,21 +2,78 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library")
 
 go_library(
     name = "go_default_library",
-    srcs = [
-        "nsenter_unsupported.go",
-    ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+    srcs = select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "nsenter_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "nsenter_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "nsenter_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "nsenter_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "nsenter.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "nsenter_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "nsenter_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "nsenter_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "nsenter_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "nsenter_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "nsenter_unsupported.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/util/nsenter",
     visibility = ["//visibility:public"],
-    deps = [
-        "//vendor/k8s.io/utils/exec:go_default_library",
-    ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+    deps = select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/github.com/golang/glog:go_default_library",
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "//vendor/k8s.io/utils/exec:go_default_library",
         ],
         "//conditions:default": [],
     }),
diff --git a/vendor/k8s.io/kubernetes/pkg/util/nsenter/nsenter_unsupported.go b/vendor/k8s.io/kubernetes/pkg/util/nsenter/nsenter_unsupported.go
index 17b3b5722d39..9c2130cb6f11 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/nsenter/nsenter_unsupported.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/nsenter/nsenter_unsupported.go
@@ -35,7 +35,7 @@ func NewNsenter() *Nsenter {
 }
 
 // Exec executes nsenter commands in hostProcMountNsPath mount namespace
-func (ne *Nsenter) Exec(args ...string) exec.Cmd {
+func (ne *Nsenter) Exec(cmd string, args []string) exec.Cmd {
 	return nil
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/util/oom/BUILD b/vendor/k8s.io/kubernetes/pkg/util/oom/BUILD
index 9e027c7f4825..9e666b9f7daa 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/oom/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/oom/BUILD
@@ -12,16 +12,45 @@ go_library(
         "doc.go",
         "oom.go",
         "oom_fake.go",
-        "oom_unsupported.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "oom_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "oom_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "oom_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "oom_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "oom_linux.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "oom_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "oom_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "oom_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "oom_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "oom_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "oom_unsupported.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/util/oom",
     deps = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//pkg/kubelet/cm/util:go_default_library",
             "//vendor/github.com/golang/glog:go_default_library",
         ],
@@ -32,15 +61,14 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "oom_linux_test.go",
         ],
         "//conditions:default": [],
     }),
-    importpath = "k8s.io/kubernetes/pkg/util/oom",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/github.com/stretchr/testify/assert:go_default_library",
         ],
         "//conditions:default": [],
diff --git a/vendor/k8s.io/kubernetes/pkg/util/parsers/BUILD b/vendor/k8s.io/kubernetes/pkg/util/parsers/BUILD
index 7070f4b5f894..b78af091ee49 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/parsers/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/parsers/BUILD
@@ -16,8 +16,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["parsers_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/parsers",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/util/pointer/BUILD b/vendor/k8s.io/kubernetes/pkg/util/pointer/BUILD
index 57cde0c2f07a..d45d90005c71 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/pointer/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/pointer/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["pointer_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/pointer",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/kubernetes/pkg/util/procfs/BUILD b/vendor/k8s.io/kubernetes/pkg/util/procfs/BUILD
index ea7c3be29f8a..c7bc5f4a2821 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/procfs/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/procfs/BUILD
@@ -12,16 +12,45 @@ go_library(
         "doc.go",
         "procfs.go",
         "procfs_fake.go",
-        "procfs_unsupported.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "procfs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "procfs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "procfs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "procfs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "procfs_linux.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "procfs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "procfs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "procfs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "procfs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "procfs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "procfs_unsupported.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/util/procfs",
     deps = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/github.com/golang/glog:go_default_library",
             "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
         ],
@@ -32,7 +61,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "procfs_linux_test.go",
         ],
         "//conditions:default": [],
@@ -40,10 +69,9 @@ go_test(
     data = [
         "example_proc_cgroup",
     ],
-    importpath = "k8s.io/kubernetes/pkg/util/procfs",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/github.com/stretchr/testify/assert:go_default_library",
         ],
         "//conditions:default": [],
diff --git a/vendor/k8s.io/kubernetes/pkg/util/removeall/BUILD b/vendor/k8s.io/kubernetes/pkg/util/removeall/BUILD
index 54d7332eb575..23b0472572fe 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/removeall/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/removeall/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["removeall_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/removeall",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/util/mount:go_default_library",
         "//vendor/k8s.io/client-go/util/testing:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/util/resizefs/BUILD b/vendor/k8s.io/kubernetes/pkg/util/resizefs/BUILD
index aaa1f9aa5f49..00fedd0c1d5f 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/resizefs/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/resizefs/BUILD
@@ -2,22 +2,78 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library")
 
 go_library(
     name = "go_default_library",
-    srcs = [
-        "resizefs_unsupported.go",
-    ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+    srcs = select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "resizefs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "resizefs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "resizefs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "resizefs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "resizefs_linux.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "resizefs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "resizefs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "resizefs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "resizefs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "resizefs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "resizefs_unsupported.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/util/resizefs",
     visibility = ["//visibility:public"],
-    deps = [
-        "//pkg/util/mount:go_default_library",
-    ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+    deps = select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "//pkg/util/mount:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "//pkg/util/mount:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "//pkg/util/mount:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "//pkg/util/mount:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "//pkg/util/mount:go_default_library",
             "//vendor/github.com/golang/glog:go_default_library",
-            "//vendor/k8s.io/utils/exec:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "//pkg/util/mount:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "//pkg/util/mount:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "//pkg/util/mount:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "//pkg/util/mount:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "//pkg/util/mount:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "//pkg/util/mount:go_default_library",
         ],
         "//conditions:default": [],
     }),
diff --git a/vendor/k8s.io/kubernetes/pkg/util/resizefs/resizefs_linux.go b/vendor/k8s.io/kubernetes/pkg/util/resizefs/resizefs_linux.go
index 6a4d82d6c037..518eba2bb603 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/resizefs/resizefs_linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/resizefs/resizefs_linux.go
@@ -23,14 +23,6 @@ import (
 
 	"github.com/golang/glog"
 	"k8s.io/kubernetes/pkg/util/mount"
-	utilexec "k8s.io/utils/exec"
-)
-
-const (
-	// 'fsck' found errors and corrected them
-	fsckErrorsCorrected = 1
-	// 'fsck' found errors but exited without correcting them
-	fsckErrorsUncorrected = 4
 )
 
 // ResizeFs Provides support for resizing file systems
@@ -44,11 +36,11 @@ func NewResizeFs(mounter *mount.SafeFormatAndMount) *ResizeFs {
 }
 
 // Resize perform resize of file system
-func (resizefs *ResizeFs) Resize(devicePath string) (bool, error) {
+func (resizefs *ResizeFs) Resize(devicePath string, deviceMountPath string) (bool, error) {
 	format, err := resizefs.mounter.GetDiskFormat(devicePath)
 
 	if err != nil {
-		formatErr := fmt.Errorf("error checking format for device %s: %v", devicePath, err)
+		formatErr := fmt.Errorf("ResizeFS.Resize - error checking format for device %s: %v", devicePath, err)
 		return false, formatErr
 	}
 
@@ -58,63 +50,14 @@ func (resizefs *ResizeFs) Resize(devicePath string) (bool, error) {
 		return false, nil
 	}
 
-	deviceOpened, err := resizefs.mounter.DeviceOpened(devicePath)
-
-	if err != nil {
-		deviceOpenErr := fmt.Errorf("error verifying if device %s is open: %v", devicePath, err)
-		return false, deviceOpenErr
-	}
-
-	if deviceOpened {
-		deviceAlreadyOpenErr := fmt.Errorf("the device %s is already in use", devicePath)
-		return false, deviceAlreadyOpenErr
-	}
-
+	glog.V(3).Infof("ResizeFS.Resize - Expanding mounted volume %s", devicePath)
 	switch format {
 	case "ext3", "ext4":
-		fsckErr := resizefs.extFsck(devicePath, format)
-		if fsckErr != nil {
-			return false, fsckErr
-		}
 		return resizefs.extResize(devicePath)
 	case "xfs":
-		fsckErr := resizefs.fsckDevice(devicePath)
-		if fsckErr != nil {
-			return false, fsckErr
-		}
-		return resizefs.xfsResize(devicePath)
+		return resizefs.xfsResize(deviceMountPath)
 	}
-	return false, fmt.Errorf("resize of format %s is not supported for device %s", format, devicePath)
-}
-
-func (resizefs *ResizeFs) fsckDevice(devicePath string) error {
-	glog.V(4).Infof("Checking for issues with fsck on device: %s", devicePath)
-	args := []string{"-a", devicePath}
-	out, err := resizefs.mounter.Exec.Run("fsck", args...)
-	if err != nil {
-		ee, isExitError := err.(utilexec.ExitError)
-		switch {
-		case err == utilexec.ErrExecutableNotFound:
-			glog.Warningf("'fsck' not found on system; continuing resizing without running 'fsck'.")
-		case isExitError && ee.ExitStatus() == fsckErrorsCorrected:
-			glog.V(2).Infof("Device %s has errors which were corrected by fsck: %s", devicePath, string(out))
-		case isExitError && ee.ExitStatus() == fsckErrorsUncorrected:
-			return fmt.Errorf("'fsck' found errors on device %s but could not correct them: %s", devicePath, string(out))
-		case isExitError && ee.ExitStatus() > fsckErrorsUncorrected:
-			glog.Infof("`fsck` error %s", string(out))
-		}
-	}
-	return nil
-}
-
-func (resizefs *ResizeFs) extFsck(devicePath string, fsType string) error {
-	glog.V(4).Infof("Checking for issues with fsck.%s on device: %s", fsType, devicePath)
-	args := []string{"-f", "-y", devicePath}
-	out, err := resizefs.mounter.Run("fsck."+fsType, args...)
-	if err != nil {
-		return fmt.Errorf("running fsck.%s failed on %s with error: %v\n Output: %s", fsType, devicePath, err, string(out))
-	}
-	return nil
+	return false, fmt.Errorf("ResizeFS.Resize - resize of format %s is not supported for device %s mounted at %s", format, devicePath, deviceMountPath)
 }
 
 func (resizefs *ResizeFs) extResize(devicePath string) (bool, error) {
@@ -129,15 +72,15 @@ func (resizefs *ResizeFs) extResize(devicePath string) (bool, error) {
 
 }
 
-func (resizefs *ResizeFs) xfsResize(devicePath string) (bool, error) {
-	args := []string{"-d", devicePath}
+func (resizefs *ResizeFs) xfsResize(deviceMountPath string) (bool, error) {
+	args := []string{"-d", deviceMountPath}
 	output, err := resizefs.mounter.Exec.Run("xfs_growfs", args...)
 
 	if err == nil {
-		glog.V(2).Infof("Device %s resized successfully", devicePath)
+		glog.V(2).Infof("Device %s resized successfully", deviceMountPath)
 		return true, nil
 	}
 
-	resizeError := fmt.Errorf("resize of device %s failed: %v. xfs_growfs output: %s", devicePath, err, string(output))
+	resizeError := fmt.Errorf("resize of device %s failed: %v. xfs_growfs output: %s", deviceMountPath, err, string(output))
 	return false, resizeError
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/util/resizefs/resizefs_unsupported.go b/vendor/k8s.io/kubernetes/pkg/util/resizefs/resizefs_unsupported.go
index 9241d7d5b27d..dd4dd017e829 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/resizefs/resizefs_unsupported.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/resizefs/resizefs_unsupported.go
@@ -35,6 +35,6 @@ func NewResizeFs(mounter *mount.SafeFormatAndMount) *ResizeFs {
 }
 
 // Resize perform resize of file system
-func (resizefs *ResizeFs) Resize(devicePath string) (bool, error) {
+func (resizefs *ResizeFs) Resize(devicePath string, deviceMountPath string) (bool, error) {
 	return false, fmt.Errorf("Resize is not supported for this build")
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/util/resourcecontainer/BUILD b/vendor/k8s.io/kubernetes/pkg/util/resourcecontainer/BUILD
index 05b817b4b122..e13b8aea09e6 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/resourcecontainer/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/resourcecontainer/BUILD
@@ -7,17 +7,45 @@ load(
 
 go_library(
     name = "go_default_library",
-    srcs = [
-        "resource_container_unsupported.go",
-    ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+    srcs = select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "resource_container_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "resource_container_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "resource_container_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "resource_container_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "resource_container_linux.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "resource_container_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "resource_container_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "resource_container_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "resource_container_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "resource_container_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "resource_container_unsupported.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/util/resourcecontainer",
     deps = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs:go_default_library",
             "//vendor/github.com/opencontainers/runc/libcontainer/configs:go_default_library",
         ],
diff --git a/vendor/k8s.io/kubernetes/pkg/util/rlimit/BUILD b/vendor/k8s.io/kubernetes/pkg/util/rlimit/BUILD
index 52fe550b1037..7735de7909e0 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/rlimit/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/rlimit/BUILD
@@ -7,17 +7,45 @@ load(
 
 go_library(
     name = "go_default_library",
-    srcs = [
-        "rlimit_unsupported.go",
-    ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+    srcs = select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "rlimit_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "rlimit_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "rlimit_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "rlimit_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "rlimit_linux.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "rlimit_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "rlimit_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "rlimit_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "rlimit_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "rlimit_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "rlimit_unsupported.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/util/rlimit",
     deps = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/golang.org/x/sys/unix:go_default_library",
         ],
         "//conditions:default": [],
diff --git a/vendor/k8s.io/kubernetes/pkg/util/selinux/BUILD b/vendor/k8s.io/kubernetes/pkg/util/selinux/BUILD
index f5eab6022f05..dae3792f4c2a 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/selinux/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/selinux/BUILD
@@ -10,16 +10,45 @@ go_library(
     srcs = [
         "doc.go",
         "selinux.go",
-        "selinux_unsupported.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "selinux_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "selinux_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "selinux_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "selinux_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "selinux_linux.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "selinux_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "selinux_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "selinux_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "selinux_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "selinux_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "selinux_unsupported.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/util/selinux",
     deps = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/github.com/opencontainers/selinux/go-selinux:go_default_library",
         ],
         "//conditions:default": [],
diff --git a/vendor/k8s.io/kubernetes/pkg/util/slice/BUILD b/vendor/k8s.io/kubernetes/pkg/util/slice/BUILD
index 611545484c03..16325c778693 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/slice/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/slice/BUILD
@@ -16,8 +16,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["slice_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/slice",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/util/slice/slice.go b/vendor/k8s.io/kubernetes/pkg/util/slice/slice.go
index b408dbae841f..b9809cc2972c 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/slice/slice.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/slice/slice.go
@@ -68,3 +68,24 @@ func ContainsString(slice []string, s string, modifier func(s string) string) bo
 	}
 	return false
 }
+
+// RemoveString returns a newly created []string that contains all items from slice that
+// are not equal to s and modifier(s) in case modifier func is provided.
+func RemoveString(slice []string, s string, modifier func(s string) string) []string {
+	newSlice := make([]string, 0)
+	for _, item := range slice {
+		if item == s {
+			continue
+		}
+		if modifier != nil && modifier(item) == s {
+			continue
+		}
+		newSlice = append(newSlice, item)
+	}
+	if len(newSlice) == 0 {
+		// Sanitize for unit tests so we don't need to distinguish empty array
+		// and nil.
+		newSlice = nil
+	}
+	return newSlice
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/util/strings/BUILD b/vendor/k8s.io/kubernetes/pkg/util/strings/BUILD
index f71a3326e39d..a7cd124f7cc7 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/strings/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/strings/BUILD
@@ -23,8 +23,7 @@ go_test(
         "line_delimiter_test.go",
         "strings_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/util/strings",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/util/system/BUILD b/vendor/k8s.io/kubernetes/pkg/util/system/BUILD
index 1c2f1a067f13..8a3e253677d2 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/system/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/system/BUILD
@@ -15,8 +15,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["system_utils_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/system",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/util/tail/BUILD b/vendor/k8s.io/kubernetes/pkg/util/tail/BUILD
index 4e81446dd40e..5c1b261c75b2 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/tail/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/tail/BUILD
@@ -22,8 +22,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["tail_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/tail",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 go_library(
diff --git a/vendor/k8s.io/kubernetes/pkg/util/tail/tail.go b/vendor/k8s.io/kubernetes/pkg/util/tail/tail.go
index 23ad4ae7911e..cd9fc22c175e 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/tail/tail.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/tail/tail.go
@@ -53,7 +53,7 @@ func ReadAtMost(path string, max int64) ([]byte, bool, error) {
 	if size < max {
 		max = size
 	}
-	offset, err := f.Seek(-max, os.SEEK_END)
+	offset, err := f.Seek(-max, io.SeekEnd)
 	if err != nil {
 		return nil, false, err
 	}
@@ -70,7 +70,7 @@ func FindTailLineStartIndex(f io.ReadSeeker, n int64) (int64, error) {
 	if n < 0 {
 		return 0, nil
 	}
-	size, err := f.Seek(0, os.SEEK_END)
+	size, err := f.Seek(0, io.SeekEnd)
 	if err != nil {
 		return 0, err
 	}
@@ -82,7 +82,7 @@ func FindTailLineStartIndex(f io.ReadSeeker, n int64) (int64, error) {
 			left = 0
 			buf = make([]byte, right)
 		}
-		if _, err := f.Seek(left, os.SEEK_SET); err != nil {
+		if _, err := f.Seek(left, io.SeekStart); err != nil {
 			return 0, err
 		}
 		if _, err := f.Read(buf); err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/util/taints/BUILD b/vendor/k8s.io/kubernetes/pkg/util/taints/BUILD
index 957af3c05f22..7bcc781951c0 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/taints/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/taints/BUILD
@@ -23,8 +23,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["taints_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/taints",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/github.com/spf13/pflag:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/util/term/BUILD b/vendor/k8s.io/kubernetes/pkg/util/term/BUILD
index 01b8ca19dc58..894c6008cedc 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/term/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/term/BUILD
@@ -7,19 +7,89 @@ load(
 
 go_library(
     name = "go_default_library",
-    srcs = [
-        "setsize.go",
-    ] + select({
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+    srcs = select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "setsize.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "setsize.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "setsize.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "setsize.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "setsize.go",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "setsize.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "setsize.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "setsize.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "setsize.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "setsize.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
             "setsize_unsupported.go",
         ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/util/term",
-    deps = [
-        "//vendor/github.com/docker/docker/pkg/term:go_default_library",
-        "//vendor/k8s.io/client-go/tools/remotecommand:go_default_library",
-    ],
+    deps = select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "//vendor/github.com/docker/docker/pkg/term:go_default_library",
+            "//vendor/k8s.io/client-go/tools/remotecommand:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "//vendor/github.com/docker/docker/pkg/term:go_default_library",
+            "//vendor/k8s.io/client-go/tools/remotecommand:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "//vendor/github.com/docker/docker/pkg/term:go_default_library",
+            "//vendor/k8s.io/client-go/tools/remotecommand:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "//vendor/github.com/docker/docker/pkg/term:go_default_library",
+            "//vendor/k8s.io/client-go/tools/remotecommand:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "//vendor/github.com/docker/docker/pkg/term:go_default_library",
+            "//vendor/k8s.io/client-go/tools/remotecommand:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "//vendor/github.com/docker/docker/pkg/term:go_default_library",
+            "//vendor/k8s.io/client-go/tools/remotecommand:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "//vendor/github.com/docker/docker/pkg/term:go_default_library",
+            "//vendor/k8s.io/client-go/tools/remotecommand:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "//vendor/github.com/docker/docker/pkg/term:go_default_library",
+            "//vendor/k8s.io/client-go/tools/remotecommand:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "//vendor/github.com/docker/docker/pkg/term:go_default_library",
+            "//vendor/k8s.io/client-go/tools/remotecommand:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "//vendor/github.com/docker/docker/pkg/term:go_default_library",
+            "//vendor/k8s.io/client-go/tools/remotecommand:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "//vendor/k8s.io/client-go/tools/remotecommand:go_default_library",
+        ],
+        "//conditions:default": [],
+    }),
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/util/tolerations/BUILD b/vendor/k8s.io/kubernetes/pkg/util/tolerations/BUILD
index 1e3b1189b0d0..fb96f4a85f88 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/tolerations/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/tolerations/BUILD
@@ -32,7 +32,6 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["tolerations_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/tolerations",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//pkg/apis/core:go_default_library"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/util/version/BUILD b/vendor/k8s.io/kubernetes/pkg/util/version/BUILD
index 9b3cf2bc9216..3b53281f771c 100644
--- a/vendor/k8s.io/kubernetes/pkg/util/version/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/version/BUILD
@@ -18,8 +18,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["version_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/util/version",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
 )
 
 filegroup(
diff --git a/vendor/k8s.io/kubernetes/pkg/version/def.bzl b/vendor/k8s.io/kubernetes/pkg/version/def.bzl
index bca85ab4b5be..9c018a4ef745 100644
--- a/vendor/k8s.io/kubernetes/pkg/version/def.bzl
+++ b/vendor/k8s.io/kubernetes/pkg/version/def.bzl
@@ -1,3 +1,17 @@
+# Copyright 2017 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 # Implements hack/lib/version.sh's kube::version::ldflags() for Bazel.
 def version_x_defs():
   # This should match the list of packages in kube::version::ldflag
diff --git a/vendor/k8s.io/kubernetes/pkg/version/verflag/verflag.go b/vendor/k8s.io/kubernetes/pkg/version/verflag/verflag.go
index 5809c3aa8f47..18c3ac44247c 100644
--- a/vendor/k8s.io/kubernetes/pkg/version/verflag/verflag.go
+++ b/vendor/k8s.io/kubernetes/pkg/version/verflag/verflag.go
@@ -85,10 +85,18 @@ func Version(name string, value versionValue, usage string) *versionValue {
 	return p
 }
 
+const versionFlagName = "version"
+
 var (
-	versionFlag = Version("version", VersionFalse, "Print version information and quit")
+	versionFlag = Version(versionFlagName, VersionFalse, "Print version information and quit")
 )
 
+// AddFlags registers this package's flags on arbitrary FlagSets, such that they point to the
+// same value as the global flags.
+func AddFlags(fs *flag.FlagSet) {
+	fs.AddFlag(flag.Lookup(versionFlagName))
+}
+
 // PrintAndExitIfRequested will check if the -version flag was passed
 // and, if so, print the version and exit.
 func PrintAndExitIfRequested() {
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/BUILD
index 8b7ef61afc3b..ffcd7bc4de12 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/BUILD
@@ -1,10 +1,4 @@
-package(default_visibility = ["//visibility:public"])
-
-load(
-    "@io_bazel_rules_go//go:def.bzl",
-    "go_library",
-    "go_test",
-)
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 
 go_library(
     name = "go_default_library",
@@ -16,32 +10,58 @@ go_library(
         "metrics_nil.go",
         "metrics_statfs.go",
         "plugins.go",
-        "util.go",
         "volume.go",
-        "volume_unsupported.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "volume_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "volume_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "volume_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "volume_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "volume_linux.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "volume_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "volume_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "volume_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "volume_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "volume_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "volume_unsupported.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/volume",
+    visibility = ["//visibility:public"],
     deps = [
         "//pkg/cloudprovider:go_default_library",
         "//pkg/util/io:go_default_library",
         "//pkg/util/mount:go_default_library",
-        "//pkg/volume/util:go_default_library",
+        "//pkg/volume/util/fs:go_default_library",
+        "//pkg/volume/util/recyclerclient:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/fields:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/validation:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
     ],
 )
@@ -51,20 +71,12 @@ go_test(
     srcs = [
         "metrics_nil_test.go",
         "plugins_test.go",
-        "util_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/volume",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
-        "//pkg/apis/core:go_default_library",
-        "//pkg/util/slice:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
     ],
 )
 
@@ -73,18 +85,17 @@ go_test(
     srcs = [
         "metrics_statfs_test.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "metrics_du_test.go",
         ],
         "//conditions:default": [],
     }),
-    importpath = "k8s.io/kubernetes/pkg/volume_test",
     deps = [
         ":go_default_library",
         "//pkg/volume/testing:go_default_library",
         "//vendor/k8s.io/client-go/util/testing:go_default_library",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/golang.org/x/sys/unix:go_default_library",
         ],
         "//conditions:default": [],
@@ -135,4 +146,5 @@ filegroup(
         "//pkg/volume/vsphere_volume:all-srcs",
     ],
     tags = ["automanaged"],
+    visibility = ["//visibility:public"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/aws_ebs/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/aws_ebs/BUILD
index e61d65a9da2d..5354b9e31b13 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/aws_ebs/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/aws_ebs/BUILD
@@ -11,6 +11,7 @@ go_library(
     srcs = [
         "attacher.go",
         "aws_ebs.go",
+        "aws_ebs_block.go",
         "aws_util.go",
         "doc.go",
     ],
@@ -22,7 +23,7 @@ go_library(
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
+        "//pkg/volume/util/volumepathhandler:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
@@ -35,10 +36,10 @@ go_test(
     name = "go_default_test",
     srcs = [
         "attacher_test.go",
+        "aws_ebs_block_test.go",
         "aws_ebs_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/volume/aws_ebs",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/cloudprovider/providers/aws:go_default_library",
         "//pkg/util/mount:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/aws_ebs/attacher.go b/vendor/k8s.io/kubernetes/pkg/volume/aws_ebs/attacher.go
index 19ca2ea49b45..059431e1661f 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/aws_ebs/attacher.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/aws_ebs/attacher.go
@@ -30,7 +30,6 @@ import (
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
 	volumeutil "k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 type awsElasticBlockStoreAttacher struct {
@@ -168,19 +167,15 @@ func (attacher *awsElasticBlockStoreAttacher) WaitForAttach(spec *volume.Spec, d
 		select {
 		case <-ticker.C:
 			glog.V(5).Infof("Checking AWS Volume %q is attached.", volumeID)
-			if devicePath != "" {
-				devicePaths := getDiskByIdPaths(aws.KubernetesVolumeID(volumeSource.VolumeID), partition, devicePath)
-				path, err := verifyDevicePath(devicePaths)
-				if err != nil {
-					// Log error, if any, and continue checking periodically. See issue #11321
-					glog.Errorf("Error verifying AWS Volume (%q) is attached: %v", volumeID, err)
-				} else if path != "" {
-					// A device path has successfully been created for the PD
-					glog.Infof("Successfully found attached AWS Volume %q.", volumeID)
-					return path, nil
-				}
-			} else {
-				glog.V(5).Infof("AWS Volume (%q) is not attached yet", volumeID)
+			devicePaths := getDiskByIdPaths(aws.KubernetesVolumeID(volumeSource.VolumeID), partition, devicePath)
+			path, err := verifyDevicePath(devicePaths)
+			if err != nil {
+				// Log error, if any, and continue checking periodically. See issue #11321
+				glog.Errorf("Error verifying AWS Volume (%q) is attached: %v", volumeID, err)
+			} else if path != "" {
+				// A device path has successfully been created for the PD
+				glog.Infof("Successfully found attached AWS Volume %q.", volumeID)
+				return path, nil
 			}
 		case <-timer.C:
 			return "", fmt.Errorf("Could not find attached AWS Volume %q. Timeout waiting for mount paths to be created.", volumeID)
@@ -223,8 +218,8 @@ func (attacher *awsElasticBlockStoreAttacher) MountDevice(spec *volume.Spec, dev
 		options = append(options, "ro")
 	}
 	if notMnt {
-		diskMounter := volumehelper.NewSafeFormatAndMountFromHost(awsElasticBlockStorePluginName, attacher.host)
-		mountOptions := volume.MountOptionFromSpec(spec, options...)
+		diskMounter := volumeutil.NewSafeFormatAndMountFromHost(awsElasticBlockStorePluginName, attacher.host)
+		mountOptions := volumeutil.MountOptionFromSpec(spec, options...)
 		err = diskMounter.FormatAndMount(devicePath, deviceMountPath, volumeSource.FSType, mountOptions)
 		if err != nil {
 			os.Remove(deviceMountPath)
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/aws_ebs/aws_ebs.go b/vendor/k8s.io/kubernetes/pkg/volume/aws_ebs/aws_ebs.go
index 9a0091928e20..869d06773c10 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/aws_ebs/aws_ebs.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/aws_ebs/aws_ebs.go
@@ -34,7 +34,6 @@ import (
 	kstrings "k8s.io/kubernetes/pkg/util/strings"
 	"k8s.io/kubernetes/pkg/volume"
 	"k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 // This is the primary entrypoint for volume plugins.
@@ -134,7 +133,7 @@ func (plugin *awsElasticBlockStorePlugin) newMounterInternal(spec *volume.Spec,
 		},
 		fsType:      fsType,
 		readOnly:    readOnly,
-		diskMounter: volumehelper.NewSafeFormatAndMountFromHost(plugin.GetPluginName(), plugin.host)}, nil
+		diskMounter: util.NewSafeFormatAndMountFromHost(plugin.GetPluginName(), plugin.host)}, nil
 }
 
 func (plugin *awsElasticBlockStorePlugin) NewUnmounter(volName string, podUID types.UID) (volume.Unmounter, error) {
@@ -456,7 +455,7 @@ type awsElasticBlockStoreProvisioner struct {
 var _ volume.Provisioner = &awsElasticBlockStoreProvisioner{}
 
 func (c *awsElasticBlockStoreProvisioner) Provision() (*v1.PersistentVolume, error) {
-	if !volume.AccessModesContainedInAll(c.plugin.GetAccessModes(), c.options.PVC.Spec.AccessModes) {
+	if !util.AccessModesContainedInAll(c.plugin.GetAccessModes(), c.options.PVC.Spec.AccessModes) {
 		return nil, fmt.Errorf("invalid AccessModes %v: only AccessModes %v are supported", c.options.PVC.Spec.AccessModes, c.plugin.GetAccessModes())
 	}
 
@@ -475,7 +474,7 @@ func (c *awsElasticBlockStoreProvisioner) Provision() (*v1.PersistentVolume, err
 			Name:   c.options.PVName,
 			Labels: map[string]string{},
 			Annotations: map[string]string{
-				volumehelper.VolumeDynamicallyCreatedByKey: "aws-ebs-dynamic-provisioner",
+				util.VolumeDynamicallyCreatedByKey: "aws-ebs-dynamic-provisioner",
 			},
 		},
 		Spec: v1.PersistentVolumeSpec{
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/aws_ebs/aws_ebs_block.go b/vendor/k8s.io/kubernetes/pkg/volume/aws_ebs/aws_ebs_block.go
new file mode 100644
index 000000000000..d104bafa5e93
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/volume/aws_ebs/aws_ebs_block.go
@@ -0,0 +1,175 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package aws_ebs
+
+import (
+	"fmt"
+	"path"
+	"path/filepath"
+	"strconv"
+	"strings"
+
+	"github.com/golang/glog"
+	"k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/aws"
+	"k8s.io/kubernetes/pkg/util/mount"
+	kstrings "k8s.io/kubernetes/pkg/util/strings"
+	"k8s.io/kubernetes/pkg/volume"
+	"k8s.io/kubernetes/pkg/volume/util/volumepathhandler"
+)
+
+var _ volume.VolumePlugin = &awsElasticBlockStorePlugin{}
+var _ volume.PersistentVolumePlugin = &awsElasticBlockStorePlugin{}
+var _ volume.BlockVolumePlugin = &awsElasticBlockStorePlugin{}
+var _ volume.DeletableVolumePlugin = &awsElasticBlockStorePlugin{}
+var _ volume.ProvisionableVolumePlugin = &awsElasticBlockStorePlugin{}
+
+func (plugin *awsElasticBlockStorePlugin) ConstructBlockVolumeSpec(podUID types.UID, volumeName, mapPath string) (*volume.Spec, error) {
+	pluginDir := plugin.host.GetVolumeDevicePluginDir(awsElasticBlockStorePluginName)
+	blkutil := volumepathhandler.NewBlockVolumePathHandler()
+	globalMapPathUUID, err := blkutil.FindGlobalMapPathUUIDFromPod(pluginDir, mapPath, podUID)
+	if err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("globalMapPathUUID: %s", globalMapPathUUID)
+
+	globalMapPath := filepath.Dir(globalMapPathUUID)
+	if len(globalMapPath) <= 1 {
+		return nil, fmt.Errorf("failed to get volume plugin information from globalMapPathUUID: %v", globalMapPathUUID)
+	}
+
+	return getVolumeSpecFromGlobalMapPath(globalMapPath)
+}
+
+func getVolumeSpecFromGlobalMapPath(globalMapPath string) (*volume.Spec, error) {
+	// Get volume spec information from globalMapPath
+	// globalMapPath example:
+	//   plugins/kubernetes.io/{PluginName}/{DefaultKubeletVolumeDevicesDirName}/{volumeID}
+	//   plugins/kubernetes.io/aws-ebs/volumeDevices/vol-XXXXXX
+	vID := filepath.Base(globalMapPath)
+	if len(vID) <= 1 {
+		return nil, fmt.Errorf("failed to get volumeID from global path=%s", globalMapPath)
+	}
+	if !strings.Contains(vID, "vol-") {
+		return nil, fmt.Errorf("failed to get volumeID from global path=%s, invalid volumeID format = %s", globalMapPath, vID)
+	}
+	block := v1.PersistentVolumeBlock
+	awsVolume := &v1.PersistentVolume{
+		Spec: v1.PersistentVolumeSpec{
+			PersistentVolumeSource: v1.PersistentVolumeSource{
+				AWSElasticBlockStore: &v1.AWSElasticBlockStoreVolumeSource{
+					VolumeID: vID,
+				},
+			},
+			VolumeMode: &block,
+		},
+	}
+
+	return volume.NewSpecFromPersistentVolume(awsVolume, true), nil
+}
+
+// NewBlockVolumeMapper creates a new volume.BlockVolumeMapper from an API specification.
+func (plugin *awsElasticBlockStorePlugin) NewBlockVolumeMapper(spec *volume.Spec, pod *v1.Pod, _ volume.VolumeOptions) (volume.BlockVolumeMapper, error) {
+	// If this is called via GenerateUnmapDeviceFunc(), pod is nil.
+	// Pass empty string as dummy uid since uid isn't used in the case.
+	var uid types.UID
+	if pod != nil {
+		uid = pod.UID
+	}
+
+	return plugin.newBlockVolumeMapperInternal(spec, uid, &AWSDiskUtil{}, plugin.host.GetMounter(plugin.GetPluginName()))
+}
+
+func (plugin *awsElasticBlockStorePlugin) newBlockVolumeMapperInternal(spec *volume.Spec, podUID types.UID, manager ebsManager, mounter mount.Interface) (volume.BlockVolumeMapper, error) {
+	ebs, readOnly, err := getVolumeSource(spec)
+	if err != nil {
+		return nil, err
+	}
+
+	volumeID := aws.KubernetesVolumeID(ebs.VolumeID)
+	partition := ""
+	if ebs.Partition != 0 {
+		partition = strconv.Itoa(int(ebs.Partition))
+	}
+
+	return &awsElasticBlockStoreMapper{
+		awsElasticBlockStore: &awsElasticBlockStore{
+			podUID:    podUID,
+			volName:   spec.Name(),
+			volumeID:  volumeID,
+			partition: partition,
+			manager:   manager,
+			mounter:   mounter,
+			plugin:    plugin,
+		},
+		readOnly: readOnly}, nil
+}
+
+func (plugin *awsElasticBlockStorePlugin) NewBlockVolumeUnmapper(volName string, podUID types.UID) (volume.BlockVolumeUnmapper, error) {
+	return plugin.newUnmapperInternal(volName, podUID, &AWSDiskUtil{}, plugin.host.GetMounter(plugin.GetPluginName()))
+}
+
+func (plugin *awsElasticBlockStorePlugin) newUnmapperInternal(volName string, podUID types.UID, manager ebsManager, mounter mount.Interface) (volume.BlockVolumeUnmapper, error) {
+	return &awsElasticBlockStoreUnmapper{
+		awsElasticBlockStore: &awsElasticBlockStore{
+			podUID:  podUID,
+			volName: volName,
+			manager: manager,
+			mounter: mounter,
+			plugin:  plugin,
+		}}, nil
+}
+
+func (c *awsElasticBlockStoreUnmapper) TearDownDevice(mapPath, devicePath string) error {
+	return nil
+}
+
+type awsElasticBlockStoreUnmapper struct {
+	*awsElasticBlockStore
+}
+
+var _ volume.BlockVolumeUnmapper = &awsElasticBlockStoreUnmapper{}
+
+type awsElasticBlockStoreMapper struct {
+	*awsElasticBlockStore
+	readOnly bool
+}
+
+var _ volume.BlockVolumeMapper = &awsElasticBlockStoreMapper{}
+
+func (b *awsElasticBlockStoreMapper) SetUpDevice() (string, error) {
+	return "", nil
+}
+
+// GetGlobalMapPath returns global map path and error
+// path: plugins/kubernetes.io/{PluginName}/volumeDevices/volumeID
+//       plugins/kubernetes.io/aws-ebs/volumeDevices/vol-XXXXXX
+func (ebs *awsElasticBlockStore) GetGlobalMapPath(spec *volume.Spec) (string, error) {
+	volumeSource, _, err := getVolumeSource(spec)
+	if err != nil {
+		return "", err
+	}
+	return path.Join(ebs.plugin.host.GetVolumeDevicePluginDir(awsElasticBlockStorePluginName), string(volumeSource.VolumeID)), nil
+}
+
+// GetPodDeviceMapPath returns pod device map path and volume name
+// path: pods/{podUid}/volumeDevices/kubernetes.io~aws
+func (ebs *awsElasticBlockStore) GetPodDeviceMapPath() (string, string) {
+	name := awsElasticBlockStorePluginName
+	return ebs.plugin.host.GetPodVolumeDeviceDir(ebs.podUID, kstrings.EscapeQualifiedNameForDisk(name)), ebs.volName
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/aws_ebs/aws_util.go b/vendor/k8s.io/kubernetes/pkg/volume/aws_ebs/aws_util.go
index 932617d4e9ad..94f9dd30ec25 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/aws_ebs/aws_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/aws_ebs/aws_util.go
@@ -80,12 +80,12 @@ func (util *AWSDiskUtil) CreateVolume(c *awsElasticBlockStoreProvisioner) (aws.K
 	} else {
 		tags = *c.options.CloudTags
 	}
-	tags["Name"] = volume.GenerateVolumeName(c.options.ClusterName, c.options.PVName, 255) // AWS tags can have 255 characters
+	tags["Name"] = volumeutil.GenerateVolumeName(c.options.ClusterName, c.options.PVName, 255) // AWS tags can have 255 characters
 
 	capacity := c.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)]
 	requestBytes := capacity.Value()
 	// AWS works with gigabytes, convert to GiB with rounding up
-	requestGB := int(volume.RoundUpSize(requestBytes, 1024*1024*1024))
+	requestGB := int(volumeutil.RoundUpSize(requestBytes, 1024*1024*1024))
 	volumeOptions := &aws.VolumeOptions{
 		CapacityGB: requestGB,
 		Tags:       tags,
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/BUILD
index 7a71a2c4bb21..163c75e25240 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/BUILD
@@ -11,15 +11,41 @@ go_library(
     srcs = [
         "attacher.go",
         "azure_common.go",
-        "azure_common_unsupported.go",
         "azure_dd.go",
         "azure_mounter.go",
         "azure_provision.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "azure_common_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "azure_common_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "azure_common_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "azure_common_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "azure_common_linux.go",
         ],
-        "@io_bazel_rules_go//go/platform:windows_amd64": [
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "azure_common_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "azure_common_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "azure_common_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "azure_common_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "azure_common_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
             "azure_common_windows.go",
         ],
         "//conditions:default": [],
@@ -34,7 +60,6 @@ go_library(
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
         "//vendor/github.com/Azure/azure-sdk-for-go/arm/compute:go_default_library",
         "//vendor/github.com/Azure/azure-sdk-for-go/arm/storage:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
@@ -66,8 +91,7 @@ go_test(
         "azure_common_test.go",
         "azure_dd_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/volume/azure_dd",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/OWNERS b/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/OWNERS
index dbe4f0a2053f..635cdd060b44 100755
--- a/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/OWNERS
@@ -1,11 +1,18 @@
 approvers:
+- andyzhangx
 - brendandburns
+- feiskyer
+- karataliu
+- khenidak
 - rootfs
 reviewers:
-- rootfs
+- andyzhangx
 - brendandburns
-- saad-ali
-- jsafrane
+- feiskyer
 - jingxu97
+- jsafrane
 - msau42
-- andyzhangx
+- karataliu
+- khenidak
+- rootfs
+- saad-ali
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/attacher.go b/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/attacher.go
index 8fba944087e1..c422ffd5da77 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/attacher.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/attacher.go
@@ -17,13 +17,13 @@ limitations under the License.
 package azure_dd
 
 import (
+	"context"
 	"fmt"
 	"os"
 	"path"
 	"path/filepath"
 	"runtime"
 	"strconv"
-	"strings"
 	"time"
 
 	"github.com/Azure/azure-sdk-for-go/arm/compute"
@@ -36,8 +36,7 @@ import (
 	"k8s.io/kubernetes/pkg/util/keymutex"
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
-	volumeutil "k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
+	"k8s.io/kubernetes/pkg/volume/util"
 )
 
 type azureDiskDetacher struct {
@@ -60,17 +59,14 @@ var getLunMutex = keymutex.NewKeyMutex()
 func (a *azureDiskAttacher) Attach(spec *volume.Spec, nodeName types.NodeName) (string, error) {
 	volumeSource, err := getVolumeSource(spec)
 	if err != nil {
-		glog.Warningf("failed to get azure disk spec")
+		glog.Warningf("failed to get azure disk spec (%v)", err)
 		return "", err
 	}
 
-	instanceid, err := a.cloud.InstanceID(nodeName)
+	instanceid, err := a.cloud.InstanceID(context.TODO(), nodeName)
 	if err != nil {
-		glog.Warningf("failed to get azure instance id")
-		return "", fmt.Errorf("failed to get azure instance id for node %q", nodeName)
-	}
-	if ind := strings.LastIndex(instanceid, "/"); ind >= 0 {
-		instanceid = instanceid[(ind + 1):]
+		glog.Warningf("failed to get azure instance id (%v)", err)
+		return "", fmt.Errorf("failed to get azure instance id for node %q (%v)", nodeName, err)
 	}
 
 	diskController, err := getDiskController(a.plugin.host)
@@ -96,8 +92,8 @@ func (a *azureDiskAttacher) Attach(spec *volume.Spec, nodeName types.NodeName) (
 
 		lun, err = diskController.GetNextDiskLun(nodeName)
 		if err != nil {
-			glog.Warningf("no LUN available for instance %q", nodeName)
-			return "", fmt.Errorf("all LUNs are used, cannot attach volume %q to instance %q", volumeSource.DiskName, instanceid)
+			glog.Warningf("no LUN available for instance %q (%v)", nodeName, err)
+			return "", fmt.Errorf("all LUNs are used, cannot attach volume %q to instance %q (%v)", volumeSource.DiskName, instanceid, err)
 		}
 		glog.V(4).Infof("Trying to attach volume %q lun %d to node %q.", volumeSource.DataDiskURI, lun, nodeName)
 		isManagedDisk := (*volumeSource.Kind == v1.AzureManagedDisk)
@@ -156,7 +152,7 @@ func (a *azureDiskAttacher) WaitForAttach(spec *volume.Spec, devicePath string,
 	var err error
 	lun, err := strconv.Atoi(devicePath)
 	if err != nil {
-		return "", fmt.Errorf("azureDisk - Wait for attach expect device path as a lun number, instead got: %s", devicePath)
+		return "", fmt.Errorf("azureDisk - Wait for attach expect device path as a lun number, instead got: %s (%v)", devicePath, err)
 	}
 
 	volumeSource, err := getVolumeSource(spec)
@@ -180,7 +176,7 @@ func (a *azureDiskAttacher) WaitForAttach(spec *volume.Spec, devicePath string,
 
 		// did we find it?
 		if newDevicePath != "" {
-			// the curent sequence k8s uses for unformated disk (check-disk, mount, fail, mkfs.extX) hangs on
+			// the current sequence k8s uses for unformated disk (check-disk, mount, fail, mkfs.extX) hangs on
 			// Azure Managed disk scsi interface. this is a hack and will be replaced once we identify and solve
 			// the root case on Azure.
 			formatIfNotFormatted(newDevicePath, *volumeSource.FSType, exec)
@@ -252,8 +248,8 @@ func (attacher *azureDiskAttacher) MountDevice(spec *volume.Spec, devicePath str
 
 	options := []string{}
 	if notMnt {
-		diskMounter := volumehelper.NewSafeFormatAndMountFromHost(azureDataDiskPluginName, attacher.plugin.host)
-		mountOptions := volume.MountOptionFromSpec(spec, options...)
+		diskMounter := util.NewSafeFormatAndMountFromHost(azureDataDiskPluginName, attacher.plugin.host)
+		mountOptions := util.MountOptionFromSpec(spec, options...)
 		err = diskMounter.FormatAndMount(devicePath, deviceMountPath, *volumeSource.FSType, mountOptions)
 		if err != nil {
 			if cleanErr := os.Remove(deviceMountPath); cleanErr != nil {
@@ -271,14 +267,11 @@ func (d *azureDiskDetacher) Detach(diskURI string, nodeName types.NodeName) erro
 		return fmt.Errorf("invalid disk to detach: %q", diskURI)
 	}
 
-	instanceid, err := d.cloud.InstanceID(nodeName)
+	instanceid, err := d.cloud.InstanceID(context.TODO(), nodeName)
 	if err != nil {
-		glog.Warningf("no instance id for node %q, skip detaching", nodeName)
+		glog.Warningf("no instance id for node %q, skip detaching (%v)", nodeName, err)
 		return nil
 	}
-	if ind := strings.LastIndex(instanceid, "/"); ind >= 0 {
-		instanceid = instanceid[(ind + 1):]
-	}
 
 	glog.V(4).Infof("detach %v from node %q", diskURI, nodeName)
 
@@ -286,6 +279,10 @@ func (d *azureDiskDetacher) Detach(diskURI string, nodeName types.NodeName) erro
 	if err != nil {
 		return err
 	}
+
+	getLunMutex.LockKey(instanceid)
+	defer getLunMutex.UnlockKey(instanceid)
+
 	err = diskController.DetachDiskByName("", diskURI, nodeName)
 	if err != nil {
 		glog.Errorf("failed to detach azure disk %q, err %v", diskURI, err)
@@ -297,7 +294,7 @@ func (d *azureDiskDetacher) Detach(diskURI string, nodeName types.NodeName) erro
 
 // UnmountDevice unmounts the volume on the node
 func (detacher *azureDiskDetacher) UnmountDevice(deviceMountPath string) error {
-	err := volumeutil.UnmountPath(deviceMountPath, detacher.plugin.host.GetMounter(detacher.plugin.GetPluginName()))
+	err := util.UnmountPath(deviceMountPath, detacher.plugin.host.GetMounter(detacher.plugin.GetPluginName()))
 	if err == nil {
 		glog.V(4).Infof("azureDisk - Device %s was unmounted", deviceMountPath)
 	} else {
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/azure_dd.go b/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/azure_dd.go
index 09e4cdb63532..c0b51a23d697 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/azure_dd.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/azure_dd.go
@@ -26,7 +26,7 @@ import (
 	"k8s.io/kubernetes/pkg/volume"
 )
 
-// interface exposed by the cloud provider implementing Disk functionlity
+// interface exposed by the cloud provider implementing Disk functionality
 type DiskController interface {
 	CreateBlobDisk(dataDiskName string, storageAccountType storage.SkuName, sizeGB int) (string, error)
 	DeleteBlobDisk(diskUri string) error
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/azure_mounter.go b/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/azure_mounter.go
index 345a4ea7d4bd..514a6dcb1088 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/azure_mounter.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/azure_mounter.go
@@ -115,6 +115,10 @@ func (m *azureDiskMounter) SetUpAt(dir string, fsGroup *int64) error {
 		options = append(options, "ro")
 	}
 
+	if m.options.MountOptions != nil {
+		options = util.JoinMountOptions(m.options.MountOptions, options)
+	}
+
 	glog.V(4).Infof("azureDisk - Attempting to mount %s on %s", diskName, dir)
 	isManagedDisk := (*volumeSource.Kind == v1.AzureManagedDisk)
 	globalPDPath, err := makeGlobalPDPath(m.plugin.host, volumeSource.DataDiskURI, isManagedDisk)
@@ -151,7 +155,7 @@ func (m *azureDiskMounter) SetUpAt(dir string, fsGroup *int64) error {
 			return fmt.Errorf("azureDisk - SetupAt:Mount:Failure error cleaning up (removing dir:%s) with error:%v original-mountErr:%v", dir, err, mountErr)
 		}
 
-		glog.V(2).Infof("azureDisk - Mount of disk:%s on dir:%s failed with mount error:%v post failure clean up was completed", diskName, dir, err, mountErr)
+		glog.V(2).Infof("azureDisk - Mount of disk:%s on dir:%s failed with mount error:%v post failure clean up was completed", diskName, dir, mountErr)
 		return mountErr
 	}
 
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/azure_provision.go b/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/azure_provision.go
index 5f11743d52bd..72b7f3362579 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/azure_provision.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/azure_dd/azure_provision.go
@@ -24,6 +24,7 @@ import (
 	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/kubernetes/pkg/volume"
+	"k8s.io/kubernetes/pkg/volume/util"
 )
 
 type azureDiskProvisioner struct {
@@ -65,7 +66,7 @@ func (d *azureDiskDeleter) Delete() error {
 }
 
 func (p *azureDiskProvisioner) Provision() (*v1.PersistentVolume, error) {
-	if !volume.AccessModesContainedInAll(p.plugin.GetAccessModes(), p.options.PVC.Spec.AccessModes) {
+	if !util.AccessModesContainedInAll(p.plugin.GetAccessModes(), p.options.PVC.Spec.AccessModes) {
 		return nil, fmt.Errorf("invalid AccessModes %v: only AccessModes %v are supported", p.options.PVC.Spec.AccessModes, p.plugin.GetAccessModes())
 	}
 	supportedModes := p.plugin.GetAccessModes()
@@ -93,10 +94,10 @@ func (p *azureDiskProvisioner) Provision() (*v1.PersistentVolume, error) {
 		err                        error
 	)
 	// maxLength = 79 - (4 for ".vhd") = 75
-	name := volume.GenerateVolumeName(p.options.ClusterName, p.options.PVName, 75)
+	name := util.GenerateVolumeName(p.options.ClusterName, p.options.PVName, 75)
 	capacity := p.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)]
 	requestBytes := capacity.Value()
-	requestGB := int(volume.RoundUpSize(requestBytes, 1024*1024*1024))
+	requestGB := int(util.RoundUpSize(requestBytes, 1024*1024*1024))
 
 	for k, v := range p.options.Parameters {
 		switch strings.ToLower(k) {
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/azure_file/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/azure_file/BUILD
index fec0c0a95043..712b69f02b3e 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/azure_file/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/azure_file/BUILD
@@ -22,7 +22,6 @@ go_library(
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
@@ -35,14 +34,14 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["azure_file_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/volume/azure_file",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/cloudprovider/providers/azure:go_default_library",
         "//pkg/cloudprovider/providers/fake:go_default_library",
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/testing:go_default_library",
+        "//vendor/github.com/Azure/go-autorest/autorest/to:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/azure_file/OWNERS b/vendor/k8s.io/kubernetes/pkg/volume/azure_file/OWNERS
index dbe4f0a2053f..c71485c993a0 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/azure_file/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/volume/azure_file/OWNERS
@@ -1,11 +1,18 @@
 approvers:
+- andyzhangx
 - brendandburns
+- feiskyer
+- karataliu
+- khenidak
 - rootfs
 reviewers:
-- rootfs
+- andyzhangx
 - brendandburns
-- saad-ali
+- feiskyer
 - jsafrane
 - jingxu97
+- karataliu
+- khenidak
 - msau42
-- andyzhangx
+- rootfs
+- saad-ali
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_file.go b/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_file.go
index e81d10de85fb..b7efb940d0b9 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_file.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_file.go
@@ -18,20 +18,21 @@ package azure_file
 
 import (
 	"fmt"
+	"io/ioutil"
 	"os"
 	"runtime"
 
+	"github.com/golang/glog"
 	"k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/kubernetes/pkg/cloudprovider"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/azure"
 	"k8s.io/kubernetes/pkg/util/mount"
 	kstrings "k8s.io/kubernetes/pkg/util/strings"
 	"k8s.io/kubernetes/pkg/volume"
-
-	"github.com/golang/glog"
-	"k8s.io/kubernetes/pkg/cloudprovider"
-	"k8s.io/kubernetes/pkg/cloudprovider/providers/azure"
-	"k8s.io/kubernetes/pkg/volume/util"
+	volutil "k8s.io/kubernetes/pkg/volume/util"
 )
 
 // ProbeVolumePlugins is the primary endpoint for volume plugins
@@ -45,6 +46,7 @@ type azureFilePlugin struct {
 
 var _ volume.VolumePlugin = &azureFilePlugin{}
 var _ volume.PersistentVolumePlugin = &azureFilePlugin{}
+var _ volume.ExpandableVolumePlugin = &azureFilePlugin{}
 
 const (
 	azureFilePluginName = "kubernetes.io/azure-file"
@@ -121,7 +123,7 @@ func (plugin *azureFilePlugin) newMounterInternal(spec *volume.Spec, pod *v1.Pod
 		secretName:      secretName,
 		shareName:       share,
 		readOnly:        readOnly,
-		mountOptions:    volume.MountOptionFromSpec(spec),
+		mountOptions:    volutil.MountOptionFromSpec(spec),
 	}, nil
 }
 
@@ -139,6 +141,41 @@ func (plugin *azureFilePlugin) newUnmounterInternal(volName string, podUID types
 	}}, nil
 }
 
+func (plugin *azureFilePlugin) RequiresFSResize() bool {
+	return false
+}
+
+func (plugin *azureFilePlugin) ExpandVolumeDevice(
+	spec *volume.Spec,
+	newSize resource.Quantity,
+	oldSize resource.Quantity) (resource.Quantity, error) {
+
+	if spec.PersistentVolume != nil || spec.PersistentVolume.Spec.AzureFile == nil {
+		return oldSize, fmt.Errorf("invalid PV spec")
+	}
+	shareName := spec.PersistentVolume.Spec.AzureFile.ShareName
+	azure, err := getAzureCloudProvider(plugin.host.GetCloudProvider())
+	if err != nil {
+		return oldSize, err
+	}
+
+	secretName, secretNamespace, err := getSecretNameAndNamespace(spec, spec.PersistentVolume.Spec.ClaimRef.Namespace)
+	if err != nil {
+		return oldSize, err
+	}
+
+	accountName, accountKey, err := (&azureSvc{}).GetAzureCredentials(plugin.host, secretNamespace, secretName)
+	if err != nil {
+		return oldSize, err
+	}
+
+	if err := azure.ResizeFileShare(accountName, accountKey, shareName, int(volutil.RoundUpToGiB(newSize))); err != nil {
+		return oldSize, err
+	}
+
+	return newSize, nil
+}
+
 func (plugin *azureFilePlugin) ConstructVolumeSpec(volName, mountPath string) (*volume.Spec, error) {
 	azureVolume := &v1.Volume{
 		Name: volName,
@@ -205,8 +242,20 @@ func (b *azureFileMounter) SetUpAt(dir string, fsGroup *int64) error {
 		return err
 	}
 	if !notMnt {
-		return nil
+		// testing original mount point, make sure the mount link is valid
+		if _, err := ioutil.ReadDir(dir); err == nil {
+			glog.V(4).Infof("azureFile - already mounted to target %s", dir)
+			return nil
+		}
+		// mount link is invalid, now unmount and remount later
+		glog.Warningf("azureFile - ReadDir %s failed with %v, unmount this directory", dir, err)
+		if err := b.mounter.Unmount(dir); err != nil {
+			glog.Errorf("azureFile - Unmount directory %s failed with %v", dir, err)
+			return err
+		}
+		notMnt = true
 	}
+
 	var accountKey, accountName string
 	if accountName, accountKey, err = b.util.GetAzureCredentials(b.plugin.host, b.secretNamespace, b.secretName); err != nil {
 		return err
@@ -226,8 +275,8 @@ func (b *azureFileMounter) SetUpAt(dir string, fsGroup *int64) error {
 		if b.readOnly {
 			options = append(options, "ro")
 		}
-		mountOptions = volume.JoinMountOptions(b.mountOptions, options)
-		mountOptions = appendDefaultMountOptions(mountOptions)
+		mountOptions = volutil.JoinMountOptions(b.mountOptions, options)
+		mountOptions = appendDefaultMountOptions(mountOptions, fsGroup)
 	}
 
 	err = b.mounter.Mount(source, dir, "cifs", mountOptions)
@@ -270,7 +319,7 @@ func (c *azureFileUnmounter) TearDown() error {
 }
 
 func (c *azureFileUnmounter) TearDownAt(dir string) error {
-	return util.UnmountPath(dir, c.mounter)
+	return volutil.UnmountPath(dir, c.mounter)
 }
 
 func getVolumeSource(spec *volume.Spec) (string, bool, error) {
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_provision.go b/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_provision.go
index dbbdda0b5c05..dc155334ff91 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_provision.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_provision.go
@@ -28,7 +28,7 @@ import (
 	"k8s.io/kubernetes/pkg/cloudprovider/providers/azure"
 	utilstrings "k8s.io/kubernetes/pkg/util/strings"
 	"k8s.io/kubernetes/pkg/volume"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
+	"k8s.io/kubernetes/pkg/volume/util"
 )
 
 var _ volume.DeletableVolumePlugin = &azureFilePlugin{}
@@ -41,6 +41,8 @@ type azureCloudProvider interface {
 	CreateFileShare(shareName, accountName, accountType, location string, requestGiB int) (string, string, error)
 	// delete a file share
 	DeleteFileShare(accountName, accountKey, shareName string) error
+	// resize a file share
+	ResizeFileShare(accountName, accountKey, name string, sizeGiB int) error
 }
 
 type azureFileDeleter struct {
@@ -130,18 +132,18 @@ type azureFileProvisioner struct {
 var _ volume.Provisioner = &azureFileProvisioner{}
 
 func (a *azureFileProvisioner) Provision() (*v1.PersistentVolume, error) {
-	if !volume.AccessModesContainedInAll(a.plugin.GetAccessModes(), a.options.PVC.Spec.AccessModes) {
+	if !util.AccessModesContainedInAll(a.plugin.GetAccessModes(), a.options.PVC.Spec.AccessModes) {
 		return nil, fmt.Errorf("invalid AccessModes %v: only AccessModes %v are supported", a.options.PVC.Spec.AccessModes, a.plugin.GetAccessModes())
 	}
 
 	var sku, location, account string
 
 	// File share name has a length limit of 63, and it cannot contain two consecutive '-'s.
-	name := volume.GenerateVolumeName(a.options.ClusterName, a.options.PVName, 63)
+	name := util.GenerateVolumeName(a.options.ClusterName, a.options.PVName, 63)
 	name = strings.Replace(name, "--", "-", -1)
 	capacity := a.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)]
 	requestBytes := capacity.Value()
-	requestGB := int(volume.RoundUpSize(requestBytes, 1024*1024*1024))
+	requestGiB := int(util.RoundUpSize(requestBytes, 1024*1024*1024))
 	secretNamespace := a.options.PVC.Namespace
 	// Apply ProvisionerParameters (case-insensitive). We leave validation of
 	// the values to the cloud provider.
@@ -164,7 +166,7 @@ func (a *azureFileProvisioner) Provision() (*v1.PersistentVolume, error) {
 		return nil, fmt.Errorf("claim.Spec.Selector is not supported for dynamic provisioning on Azure file")
 	}
 
-	account, key, err := a.azureProvider.CreateFileShare(name, account, sku, location, requestGB)
+	account, key, err := a.azureProvider.CreateFileShare(name, account, sku, location, requestGiB)
 	if err != nil {
 		return nil, err
 	}
@@ -180,14 +182,14 @@ func (a *azureFileProvisioner) Provision() (*v1.PersistentVolume, error) {
 			Name:   a.options.PVName,
 			Labels: map[string]string{},
 			Annotations: map[string]string{
-				volumehelper.VolumeDynamicallyCreatedByKey: "azure-file-dynamic-provisioner",
+				util.VolumeDynamicallyCreatedByKey: "azure-file-dynamic-provisioner",
 			},
 		},
 		Spec: v1.PersistentVolumeSpec{
 			PersistentVolumeReclaimPolicy: a.options.PersistentVolumeReclaimPolicy,
 			AccessModes:                   a.options.PVC.Spec.AccessModes,
 			Capacity: v1.ResourceList{
-				v1.ResourceName(v1.ResourceStorage): resource.MustParse(fmt.Sprintf("%dGi", requestGB)),
+				v1.ResourceName(v1.ResourceStorage): resource.MustParse(fmt.Sprintf("%dGi", requestGiB)),
 			},
 			PersistentVolumeSource: v1.PersistentVolumeSource{
 				AzureFile: &v1.AzureFilePersistentVolumeSource{
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_util.go b/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_util.go
index 7931a9adf631..cb3b9da37318 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_util.go
@@ -29,6 +29,7 @@ import (
 const (
 	fileMode        = "file_mode"
 	dirMode         = "dir_mode"
+	gid             = "gid"
 	vers            = "vers"
 	defaultFileMode = "0755"
 	defaultDirMode  = "0755"
@@ -50,7 +51,7 @@ func (s *azureSvc) GetAzureCredentials(host volume.VolumeHost, nameSpace, secret
 		return "", "", fmt.Errorf("Cannot get kube client")
 	}
 
-	keys, err := kubeClient.Core().Secrets(nameSpace).Get(secretName, metav1.GetOptions{})
+	keys, err := kubeClient.CoreV1().Secrets(nameSpace).Get(secretName, metav1.GetOptions{})
 	if err != nil {
 		return "", "", fmt.Errorf("Couldn't get secret %v/%v", nameSpace, secretName)
 	}
@@ -85,7 +86,7 @@ func (s *azureSvc) SetAzureCredentials(host volume.VolumeHost, nameSpace, accoun
 		},
 		Type: "Opaque",
 	}
-	_, err := kubeClient.Core().Secrets(nameSpace).Create(secret)
+	_, err := kubeClient.CoreV1().Secrets(nameSpace).Create(secret)
 	if errors.IsAlreadyExists(err) {
 		err = nil
 	}
@@ -95,11 +96,12 @@ func (s *azureSvc) SetAzureCredentials(host volume.VolumeHost, nameSpace, accoun
 	return secretName, err
 }
 
-// check whether mountOptions contain file_mode and dir_mode, if not, append default mode
-func appendDefaultMountOptions(mountOptions []string) []string {
+// check whether mountOptions contain file_mode, dir_mode, vers, gid, if not, append default mode
+func appendDefaultMountOptions(mountOptions []string, fsGroup *int64) []string {
 	fileModeFlag := false
 	dirModeFlag := false
 	versFlag := false
+	gidFlag := false
 
 	for _, mountOption := range mountOptions {
 		if strings.HasPrefix(mountOption, fileMode) {
@@ -111,6 +113,9 @@ func appendDefaultMountOptions(mountOptions []string) []string {
 		if strings.HasPrefix(mountOption, vers) {
 			versFlag = true
 		}
+		if strings.HasPrefix(mountOption, gid) {
+			gidFlag = true
+		}
 	}
 
 	allMountOptions := mountOptions
@@ -125,5 +130,9 @@ func appendDefaultMountOptions(mountOptions []string) []string {
 	if !versFlag {
 		allMountOptions = append(allMountOptions, fmt.Sprintf("%s=%s", vers, defaultVers))
 	}
+
+	if !gidFlag && fsGroup != nil {
+		allMountOptions = append(allMountOptions, fmt.Sprintf("%s=%d", gid, *fsGroup))
+	}
 	return allMountOptions
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/cephfs/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/cephfs/BUILD
index a61e1fb8595b..704cce736a66 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/cephfs/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/cephfs/BUILD
@@ -28,8 +28,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["cephfs_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/volume/cephfs",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/cephfs/cephfs.go b/vendor/k8s.io/kubernetes/pkg/volume/cephfs/cephfs.go
index 5c0fdd04a747..426efcc2c8c7 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/cephfs/cephfs.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/cephfs/cephfs.go
@@ -19,6 +19,9 @@ package cephfs
 import (
 	"fmt"
 	"os"
+	"os/exec"
+	"path"
+	"runtime"
 	"strings"
 
 	"github.com/golang/glog"
@@ -100,7 +103,7 @@ func (plugin *cephfsPlugin) NewMounter(spec *volume.Spec, pod *v1.Pod, _ volume.
 		if kubeClient == nil {
 			return nil, fmt.Errorf("Cannot get kube client")
 		}
-		secrets, err := kubeClient.Core().Secrets(secretNs).Get(secretName, metav1.GetOptions{})
+		secrets, err := kubeClient.CoreV1().Secrets(secretNs).Get(secretName, metav1.GetOptions{})
 		if err != nil {
 			err = fmt.Errorf("Couldn't get secret %v/%v err: %v", secretNs, secretName, err)
 			return nil, err
@@ -145,7 +148,7 @@ func (plugin *cephfsPlugin) newMounterInternal(spec *volume.Spec, podUID types.U
 			readonly:     readOnly,
 			mounter:      mounter,
 			plugin:       plugin,
-			mountOptions: volume.MountOptionFromSpec(spec),
+			mountOptions: util.MountOptionFromSpec(spec),
 		},
 	}, nil
 }
@@ -170,7 +173,7 @@ func (plugin *cephfsPlugin) ConstructVolumeSpec(volumeName, mountPath string) (*
 		VolumeSource: v1.VolumeSource{
 			CephFS: &v1.CephFSVolumeSource{
 				Monitors: []string{},
-				Path:     volumeName,
+				Path:     mountPath,
 			},
 		},
 	}
@@ -229,17 +232,38 @@ func (cephfsVolume *cephfsMounter) SetUpAt(dir string, fsGroup *int64) error {
 	if !notMnt {
 		return nil
 	}
-	os.MkdirAll(dir, 0750)
 
-	err = cephfsVolume.execMount(dir)
-	if err == nil {
-		return nil
+	if err := os.MkdirAll(dir, 0750); err != nil {
+		return err
+	}
+
+	// check whether it belongs to fuse, if not, default to use kernel mount.
+	if cephfsVolume.checkFuseMount() {
+		glog.V(4).Info("CephFS fuse mount.")
+		err = cephfsVolume.execFuseMount(dir)
+		// cleanup no matter if fuse mount fail.
+		keyringPath := cephfsVolume.GetKeyringPath()
+		_, StatErr := os.Stat(keyringPath)
+		if !os.IsNotExist(StatErr) {
+			os.RemoveAll(keyringPath)
+		}
+		if err == nil {
+			// cephfs fuse mount succeeded.
+			return nil
+		} else {
+			// if cephfs fuse mount failed, fallback to kernel mount.
+			glog.V(4).Infof("CephFS fuse mount failed: %v, fallback to kernel mount.", err)
+		}
 	}
+	glog.V(4).Info("CephFS kernel mount.")
 
-	// cleanup upon failure
-	util.UnmountPath(dir, cephfsVolume.mounter)
-	// return error
-	return err
+	err = cephfsVolume.execMount(dir)
+	if err != nil {
+		// cleanup upon failure.
+		util.UnmountPath(dir, cephfsVolume.mounter)
+		return err
+	}
+	return nil
 }
 
 type cephfsUnmounter struct {
@@ -264,6 +288,14 @@ func (cephfsVolume *cephfs) GetPath() string {
 	return cephfsVolume.plugin.host.GetPodVolumeDir(cephfsVolume.podUID, utilstrings.EscapeQualifiedNameForDisk(name), cephfsVolume.volName)
 }
 
+// GetKeyringPath creates cephfuse keyring path
+func (cephfsVolume *cephfs) GetKeyringPath() string {
+	name := cephfsPluginName
+	volumeDir := cephfsVolume.plugin.host.GetPodVolumeDir(cephfsVolume.podUID, utilstrings.EscapeQualifiedNameForDisk(name), cephfsVolume.volName)
+	volumeKeyringDir := volumeDir + "~keyring"
+	return volumeKeyringDir
+}
+
 func (cephfsVolume *cephfs) execMount(mountpoint string) error {
 	// cephfs mount option
 	ceph_opt := ""
@@ -291,7 +323,7 @@ func (cephfsVolume *cephfs) execMount(mountpoint string) error {
 	}
 	src += hosts[i] + ":" + cephfsVolume.path
 
-	mountOptions := volume.JoinMountOptions(cephfsVolume.mountOptions, opt)
+	mountOptions := util.JoinMountOptions(cephfsVolume.mountOptions, opt)
 	if err := cephfsVolume.mounter.Mount(src, mountpoint, "ceph", mountOptions); err != nil {
 		return fmt.Errorf("CephFS: mount failed: %v", err)
 	}
@@ -299,6 +331,91 @@ func (cephfsVolume *cephfs) execMount(mountpoint string) error {
 	return nil
 }
 
+func (cephfsMounter *cephfsMounter) checkFuseMount() bool {
+	execute := cephfsMounter.plugin.host.GetExec(cephfsMounter.plugin.GetPluginName())
+	switch runtime.GOOS {
+	case "linux":
+		if _, err := execute.Run("/usr/bin/test", "-x", "/sbin/mount.fuse.ceph"); err == nil {
+			glog.V(4).Info("/sbin/mount.fuse.ceph exists, it should be fuse mount.")
+			return true
+		}
+		return false
+	}
+	return false
+}
+
+func (cephfsVolume *cephfs) execFuseMount(mountpoint string) error {
+	// cephfs keyring file
+	keyring_file := ""
+	// override secretfile if secret is provided
+	if cephfsVolume.secret != "" {
+		// TODO: cephfs fuse currently doesn't support secret option,
+		// remove keyring file create once secret option is supported.
+		glog.V(4).Info("cephfs mount begin using fuse.")
+
+		keyringPath := cephfsVolume.GetKeyringPath()
+		os.MkdirAll(keyringPath, 0750)
+
+		payload := make(map[string]util.FileProjection, 1)
+		var fileProjection util.FileProjection
+
+		keyring := fmt.Sprintf("[client.%s]\nkey = %s\n", cephfsVolume.id, cephfsVolume.secret)
+
+		fileProjection.Data = []byte(keyring)
+		fileProjection.Mode = int32(0644)
+		fileName := cephfsVolume.id + ".keyring"
+
+		payload[fileName] = fileProjection
+
+		writerContext := fmt.Sprintf("cephfuse:%v.keyring", cephfsVolume.id)
+		writer, err := util.NewAtomicWriter(keyringPath, writerContext)
+		if err != nil {
+			glog.Errorf("failed to create atomic writer: %v", err)
+			return err
+		}
+
+		err = writer.Write(payload)
+		if err != nil {
+			glog.Errorf("failed to write payload to dir: %v", err)
+			return err
+		}
+
+		keyring_file = path.Join(keyringPath, fileName)
+
+	} else {
+		keyring_file = cephfsVolume.secret_file
+	}
+
+	// build src like mon1:6789,mon2:6789,mon3:6789:/
+	hosts := cephfsVolume.mon
+	l := len(hosts)
+	// pass all monitors and let ceph randomize and fail over
+	i := 0
+	src := ""
+	for i = 0; i < l-1; i++ {
+		src += hosts[i] + ","
+	}
+	src += hosts[i]
+
+	mountArgs := []string{}
+	mountArgs = append(mountArgs, "-k")
+	mountArgs = append(mountArgs, keyring_file)
+	mountArgs = append(mountArgs, "-m")
+	mountArgs = append(mountArgs, src)
+	mountArgs = append(mountArgs, mountpoint)
+	mountArgs = append(mountArgs, "-r")
+	mountArgs = append(mountArgs, cephfsVolume.path)
+
+	glog.V(4).Infof("Mounting cmd ceph-fuse with arguments (%s)", mountArgs)
+	command := exec.Command("ceph-fuse", mountArgs...)
+	output, err := command.CombinedOutput()
+	if err != nil || !(strings.Contains(string(output), "starting fuse")) {
+		return fmt.Errorf("Ceph-fuse failed: %v\narguments: %s\nOutput: %s\n", err, mountArgs, string(output))
+	}
+
+	return nil
+}
+
 func getVolumeSource(spec *volume.Spec) ([]string, string, string, string, bool, error) {
 	if spec.Volume != nil && spec.Volume.CephFS != nil {
 		mon := spec.Volume.CephFS.Monitors
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/cinder/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/cinder/BUILD
index 35ef7a2a21f8..9bd619cc4448 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/cinder/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/cinder/BUILD
@@ -24,7 +24,6 @@ go_library(
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
@@ -43,8 +42,7 @@ go_test(
         "attacher_test.go",
         "cinder_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/volume/cinder",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/cloudprovider:go_default_library",
         "//pkg/util/mount:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/cinder/OWNERS b/vendor/k8s.io/kubernetes/pkg/volume/cinder/OWNERS
index d63338e28f07..d8cc02546b27 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/cinder/OWNERS
+++ b/vendor/k8s.io/kubernetes/pkg/volume/cinder/OWNERS
@@ -2,7 +2,7 @@ approvers:
 - jsafrane
 - anguslees
 - dims
-- FengyunPan
+- FengyunPan2
 reviewers:
 - anguslees
 - rootfs
@@ -10,4 +10,4 @@ reviewers:
 - jsafrane
 - jingxu97
 - msau42
-- FengyunPan
+- FengyunPan2
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/cinder/attacher.go b/vendor/k8s.io/kubernetes/pkg/volume/cinder/attacher.go
index dab97b9b9c46..bfe66d56603d 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/cinder/attacher.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/cinder/attacher.go
@@ -17,6 +17,7 @@ limitations under the License.
 package cinder
 
 import (
+	"context"
 	"fmt"
 	"os"
 	"path"
@@ -27,16 +28,14 @@ import (
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
-	"k8s.io/kubernetes/pkg/cloudprovider"
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
 	volumeutil "k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 type cinderDiskAttacher struct {
 	host           volume.VolumeHost
-	cinderProvider CinderProvider
+	cinderProvider BlockStorageProvider
 }
 
 var _ volume.Attacher = &cinderDiskAttacher{}
@@ -44,20 +43,21 @@ var _ volume.Attacher = &cinderDiskAttacher{}
 var _ volume.AttachableVolumePlugin = &cinderPlugin{}
 
 const (
-	checkSleepDuration       = 1 * time.Second
-	operationFinishInitDealy = 1 * time.Second
+	probeVolumeInitDelay     = 1 * time.Second
+	probeVolumeFactor        = 2.0
+	operationFinishInitDelay = 1 * time.Second
 	operationFinishFactor    = 1.1
 	operationFinishSteps     = 10
-	diskAttachInitDealy      = 1 * time.Second
+	diskAttachInitDelay      = 1 * time.Second
 	diskAttachFactor         = 1.2
 	diskAttachSteps          = 15
-	diskDetachInitDealy      = 1 * time.Second
+	diskDetachInitDelay      = 1 * time.Second
 	diskDetachFactor         = 1.2
 	diskDetachSteps          = 13
 )
 
 func (plugin *cinderPlugin) NewAttacher() (volume.Attacher, error) {
-	cinder, err := getCloudProvider(plugin.host.GetCloudProvider())
+	cinder, err := plugin.getCloudProvider()
 	if err != nil {
 		return nil, err
 	}
@@ -74,7 +74,7 @@ func (plugin *cinderPlugin) GetDeviceMountRefs(deviceMountPath string) ([]string
 
 func (attacher *cinderDiskAttacher) waitOperationFinished(volumeID string) error {
 	backoff := wait.Backoff{
-		Duration: operationFinishInitDealy,
+		Duration: operationFinishInitDelay,
 		Factor:   operationFinishFactor,
 		Steps:    operationFinishSteps,
 	}
@@ -99,7 +99,7 @@ func (attacher *cinderDiskAttacher) waitOperationFinished(volumeID string) error
 
 func (attacher *cinderDiskAttacher) waitDiskAttached(instanceID, volumeID string) error {
 	backoff := wait.Backoff{
-		Duration: diskAttachInitDealy,
+		Duration: diskAttachInitDelay,
 		Factor:   diskAttachFactor,
 		Steps:    diskAttachSteps,
 	}
@@ -186,23 +186,7 @@ func (attacher *cinderDiskAttacher) VolumesAreAttached(specs []*volume.Spec, nod
 		volumeSpecMap[volumeSource.VolumeID] = spec
 	}
 
-	instanceID, err := attacher.nodeInstanceID(nodeName)
-	if err != nil {
-		if err == cloudprovider.InstanceNotFound {
-			// If node doesn't exist, OpenStack Nova will assume the volumes are not attached to it.
-			// Mark the volumes as detached and return false without error.
-			glog.Warningf("VolumesAreAttached: node %q does not exist.", nodeName)
-			for spec := range volumesAttachedCheck {
-				volumesAttachedCheck[spec] = false
-			}
-
-			return volumesAttachedCheck, nil
-		}
-
-		return volumesAttachedCheck, err
-	}
-
-	attachedResult, err := attacher.cinderProvider.DisksAreAttached(instanceID, volumeIDList)
+	attachedResult, err := attacher.cinderProvider.DisksAreAttachedByName(nodeName, volumeIDList)
 	if err != nil {
 		// Log error and continue with attach
 		glog.Errorf(
@@ -231,14 +215,15 @@ func (attacher *cinderDiskAttacher) WaitForAttach(spec *volume.Spec, devicePath
 	volumeID := volumeSource.VolumeID
 
 	if devicePath == "" {
-		return "", fmt.Errorf("WaitForAttach failed for Cinder disk %q: devicePath is empty.", volumeID)
+		return "", fmt.Errorf("WaitForAttach failed for Cinder disk %q: devicePath is empty", volumeID)
 	}
 
-	ticker := time.NewTicker(checkSleepDuration)
+	ticker := time.NewTicker(probeVolumeInitDelay)
 	defer ticker.Stop()
 	timer := time.NewTimer(timeout)
 	defer timer.Stop()
 
+	duration := probeVolumeInitDelay
 	for {
 		select {
 		case <-ticker.C:
@@ -252,12 +237,15 @@ func (attacher *cinderDiskAttacher) WaitForAttach(spec *volume.Spec, devicePath
 			if exists && err == nil {
 				glog.Infof("Successfully found attached Cinder disk %q at %v.", volumeID, devicePath)
 				return devicePath, nil
-			} else {
-				// Log an error, and continue checking periodically
-				glog.Errorf("Error: could not find attached Cinder disk %q (path: %q): %v", volumeID, devicePath, err)
 			}
+			// Log an error, and continue checking periodically
+			glog.Errorf("Error: could not find attached Cinder disk %q (path: %q): %v", volumeID, devicePath, err)
+			// Using exponential backoff instead of linear
+			ticker.Stop()
+			duration = time.Duration(float64(duration) * probeVolumeFactor)
+			ticker = time.NewTicker(duration)
 		case <-timer.C:
-			return "", fmt.Errorf("Could not find attached Cinder disk %q. Timeout waiting for mount paths to be created.", volumeID)
+			return "", fmt.Errorf("could not find attached Cinder disk %q. Timeout waiting for mount paths to be created", volumeID)
 		}
 	}
 }
@@ -297,8 +285,8 @@ func (attacher *cinderDiskAttacher) MountDevice(spec *volume.Spec, devicePath st
 		options = append(options, "ro")
 	}
 	if notMnt {
-		diskMounter := volumehelper.NewSafeFormatAndMountFromHost(cinderVolumePluginName, attacher.host)
-		mountOptions := volume.MountOptionFromSpec(spec, options...)
+		diskMounter := volumeutil.NewSafeFormatAndMountFromHost(cinderVolumePluginName, attacher.host)
+		mountOptions := volumeutil.MountOptionFromSpec(spec, options...)
 		err = diskMounter.FormatAndMount(devicePath, deviceMountPath, volumeSource.FSType, mountOptions)
 		if err != nil {
 			os.Remove(deviceMountPath)
@@ -310,13 +298,13 @@ func (attacher *cinderDiskAttacher) MountDevice(spec *volume.Spec, devicePath st
 
 type cinderDiskDetacher struct {
 	mounter        mount.Interface
-	cinderProvider CinderProvider
+	cinderProvider BlockStorageProvider
 }
 
 var _ volume.Detacher = &cinderDiskDetacher{}
 
 func (plugin *cinderPlugin) NewDetacher() (volume.Detacher, error) {
-	cinder, err := getCloudProvider(plugin.host.GetCloudProvider())
+	cinder, err := plugin.getCloudProvider()
 	if err != nil {
 		return nil, err
 	}
@@ -328,7 +316,7 @@ func (plugin *cinderPlugin) NewDetacher() (volume.Detacher, error) {
 
 func (detacher *cinderDiskDetacher) waitOperationFinished(volumeID string) error {
 	backoff := wait.Backoff{
-		Duration: operationFinishInitDealy,
+		Duration: operationFinishInitDelay,
 		Factor:   operationFinishFactor,
 		Steps:    operationFinishSteps,
 	}
@@ -353,7 +341,7 @@ func (detacher *cinderDiskDetacher) waitOperationFinished(volumeID string) error
 
 func (detacher *cinderDiskDetacher) waitDiskDetached(instanceID, volumeID string) error {
 	backoff := wait.Backoff{
-		Duration: diskDetachInitDealy,
+		Duration: diskDetachInitDelay,
 		Factor:   diskDetachFactor,
 		Steps:    diskDetachSteps,
 	}
@@ -375,20 +363,10 @@ func (detacher *cinderDiskDetacher) waitDiskDetached(instanceID, volumeID string
 
 func (detacher *cinderDiskDetacher) Detach(volumeName string, nodeName types.NodeName) error {
 	volumeID := path.Base(volumeName)
-	instances, res := detacher.cinderProvider.Instances()
-	if !res {
-		return fmt.Errorf("failed to list openstack instances")
-	}
-	instanceID, err := instances.InstanceID(nodeName)
-	if ind := strings.LastIndex(instanceID, "/"); ind >= 0 {
-		instanceID = instanceID[(ind + 1):]
-	}
-
 	if err := detacher.waitOperationFinished(volumeID); err != nil {
 		return err
 	}
-
-	attached, err := detacher.cinderProvider.DiskIsAttached(instanceID, volumeID)
+	attached, instanceID, err := detacher.cinderProvider.DiskIsAttachedByName(nodeName, volumeID)
 	if err != nil {
 		// Log error and continue with detach
 		glog.Errorf(
@@ -423,7 +401,7 @@ func (attacher *cinderDiskAttacher) nodeInstanceID(nodeName types.NodeName) (str
 	if !res {
 		return "", fmt.Errorf("failed to list openstack instances")
 	}
-	instanceID, err := instances.InstanceID(nodeName)
+	instanceID, err := instances.InstanceID(context.TODO(), nodeName)
 	if err != nil {
 		return "", err
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/cinder/cinder.go b/vendor/k8s.io/kubernetes/pkg/volume/cinder/cinder.go
index c5b785cd0abd..1ee17ba2fd19 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/cinder/cinder.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/cinder/cinder.go
@@ -34,15 +34,20 @@ import (
 	kstrings "k8s.io/kubernetes/pkg/util/strings"
 	"k8s.io/kubernetes/pkg/volume"
 	"k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
-// This is the primary entrypoint for volume plugins.
+const (
+	// DefaultCloudConfigPath is the default path for cloud configuration
+	DefaultCloudConfigPath = "/etc/kubernetes/cloud-config"
+)
+
+// ProbeVolumePlugins is the primary entrypoint for volume plugins.
 func ProbeVolumePlugins() []volume.VolumePlugin {
 	return []volume.VolumePlugin{&cinderPlugin{}}
 }
 
-type CinderProvider interface {
+// BlockStorageProvider is the interface for accessing cinder functionality.
+type BlockStorageProvider interface {
 	AttachDisk(instanceID, volumeID string) (string, error)
 	DetachDisk(instanceID, volumeID string) error
 	DeleteVolume(volumeID string) error
@@ -52,7 +57,8 @@ type CinderProvider interface {
 	GetAttachmentDiskPath(instanceID, volumeID string) (string, error)
 	OperationPending(diskName string) (bool, string, error)
 	DiskIsAttached(instanceID, volumeID string) (bool, error)
-	DisksAreAttached(instanceID string, volumeIDs []string) (map[string]bool, error)
+	DiskIsAttachedByName(nodeName types.NodeName, volumeID string) (bool, string, error)
+	DisksAreAttachedByName(nodeName types.NodeName, volumeIDs []string) (map[string]bool, error)
 	ShouldTrustDevicePath() bool
 	Instances() (cloudprovider.Instances, bool)
 	ExpandVolume(volumeID string, oldSize resource.Quantity, newSize resource.Quantity) (resource.Quantity, error)
@@ -115,7 +121,7 @@ func (plugin *cinderPlugin) GetAccessModes() []v1.PersistentVolumeAccessMode {
 }
 
 func (plugin *cinderPlugin) NewMounter(spec *volume.Spec, pod *v1.Pod, _ volume.VolumeOptions) (volume.Mounter, error) {
-	return plugin.newMounterInternal(spec, pod.UID, &CinderDiskUtil{}, plugin.host.GetMounter(plugin.GetPluginName()))
+	return plugin.newMounterInternal(spec, pod.UID, &DiskUtil{}, plugin.host.GetMounter(plugin.GetPluginName()))
 }
 
 func (plugin *cinderPlugin) newMounterInternal(spec *volume.Spec, podUID types.UID, manager cdManager, mounter mount.Interface) (volume.Mounter, error) {
@@ -138,11 +144,11 @@ func (plugin *cinderPlugin) newMounterInternal(spec *volume.Spec, podUID types.U
 		},
 		fsType:             fsType,
 		readOnly:           readOnly,
-		blockDeviceMounter: volumehelper.NewSafeFormatAndMountFromHost(plugin.GetPluginName(), plugin.host)}, nil
+		blockDeviceMounter: util.NewSafeFormatAndMountFromHost(plugin.GetPluginName(), plugin.host)}, nil
 }
 
 func (plugin *cinderPlugin) NewUnmounter(volName string, podUID types.UID) (volume.Unmounter, error) {
-	return plugin.newUnmounterInternal(volName, podUID, &CinderDiskUtil{}, plugin.host.GetMounter(plugin.GetPluginName()))
+	return plugin.newUnmounterInternal(volName, podUID, &DiskUtil{}, plugin.host.GetMounter(plugin.GetPluginName()))
 }
 
 func (plugin *cinderPlugin) newUnmounterInternal(volName string, podUID types.UID, manager cdManager, mounter mount.Interface) (volume.Unmounter, error) {
@@ -157,7 +163,7 @@ func (plugin *cinderPlugin) newUnmounterInternal(volName string, podUID types.UI
 }
 
 func (plugin *cinderPlugin) NewDeleter(spec *volume.Spec) (volume.Deleter, error) {
-	return plugin.newDeleterInternal(spec, &CinderDiskUtil{})
+	return plugin.newDeleterInternal(spec, &DiskUtil{})
 }
 
 func (plugin *cinderPlugin) newDeleterInternal(spec *volume.Spec, manager cdManager) (volume.Deleter, error) {
@@ -174,7 +180,7 @@ func (plugin *cinderPlugin) newDeleterInternal(spec *volume.Spec, manager cdMana
 }
 
 func (plugin *cinderPlugin) NewProvisioner(options volume.VolumeOptions) (volume.Provisioner, error) {
-	return plugin.newProvisionerInternal(options, &CinderDiskUtil{})
+	return plugin.newProvisionerInternal(options, &DiskUtil{})
 }
 
 func (plugin *cinderPlugin) newProvisionerInternal(options volume.VolumeOptions, manager cdManager) (volume.Provisioner, error) {
@@ -187,25 +193,30 @@ func (plugin *cinderPlugin) newProvisionerInternal(options volume.VolumeOptions,
 	}, nil
 }
 
-func getCloudProvider(cloudProvider cloudprovider.Interface) (CinderProvider, error) {
-	if cloud, ok := cloudProvider.(*openstack.OpenStack); ok && cloud != nil {
-		return cloud, nil
-	}
-	return nil, fmt.Errorf("wrong cloud type")
-}
-
-func (plugin *cinderPlugin) getCloudProvider() (CinderProvider, error) {
+func (plugin *cinderPlugin) getCloudProvider() (BlockStorageProvider, error) {
 	cloud := plugin.host.GetCloudProvider()
 	if cloud == nil {
-		glog.Errorf("Cloud provider not initialized properly")
-		return nil, errors.New("Cloud provider not initialized properly")
+		if _, err := os.Stat(DefaultCloudConfigPath); err == nil {
+			var config *os.File
+			config, err = os.Open(DefaultCloudConfigPath)
+			if err != nil {
+				return nil, fmt.Errorf("unable to load OpenStack configuration from default path : %v", err)
+			}
+			defer config.Close()
+			cloud, err = cloudprovider.GetCloudProvider(openstack.ProviderName, config)
+			if err != nil {
+				return nil, fmt.Errorf("unable to create OpenStack cloud provider from default path : %v", err)
+			}
+		} else {
+			return nil, fmt.Errorf("OpenStack cloud provider was not initialized properly : %v", err)
+		}
 	}
 
 	switch cloud := cloud.(type) {
 	case *openstack.OpenStack:
 		return cloud, nil
 	default:
-		return nil, errors.New("Invalid cloud provider: expected OpenStack.")
+		return nil, errors.New("invalid cloud provider: expected OpenStack")
 	}
 }
 
@@ -489,7 +500,7 @@ type cinderVolumeProvisioner struct {
 var _ volume.Provisioner = &cinderVolumeProvisioner{}
 
 func (c *cinderVolumeProvisioner) Provision() (*v1.PersistentVolume, error) {
-	if !volume.AccessModesContainedInAll(c.plugin.GetAccessModes(), c.options.PVC.Spec.AccessModes) {
+	if !util.AccessModesContainedInAll(c.plugin.GetAccessModes(), c.options.PVC.Spec.AccessModes) {
 		return nil, fmt.Errorf("invalid AccessModes %v: only AccessModes %v are supported", c.options.PVC.Spec.AccessModes, c.plugin.GetAccessModes())
 	}
 
@@ -503,7 +514,7 @@ func (c *cinderVolumeProvisioner) Provision() (*v1.PersistentVolume, error) {
 			Name:   c.options.PVName,
 			Labels: labels,
 			Annotations: map[string]string{
-				volumehelper.VolumeDynamicallyCreatedByKey: "cinder-dynamic-provisioner",
+				util.VolumeDynamicallyCreatedByKey: "cinder-dynamic-provisioner",
 			},
 		},
 		Spec: v1.PersistentVolumeSpec{
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/cinder/cinder_util.go b/vendor/k8s.io/kubernetes/pkg/volume/cinder/cinder_util.go
index 661ad3f059cf..8a5e25d8daf8 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/cinder/cinder_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/cinder/cinder_util.go
@@ -32,14 +32,16 @@ import (
 	clientset "k8s.io/client-go/kubernetes"
 	kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis"
 	"k8s.io/kubernetes/pkg/volume"
+	volutil "k8s.io/kubernetes/pkg/volume/util"
 	"k8s.io/utils/exec"
 )
 
-type CinderDiskUtil struct{}
+// DiskUtil has utility/helper methods
+type DiskUtil struct{}
 
-// Attaches a disk specified by a volume.CinderPersistenDisk to the current kubelet.
+// AttachDisk attaches a disk specified by a volume.CinderPersistenDisk to the current kubelet.
 // Mounts the disk to its global path.
-func (util *CinderDiskUtil) AttachDisk(b *cinderVolumeMounter, globalPDPath string) error {
+func (util *DiskUtil) AttachDisk(b *cinderVolumeMounter, globalPDPath string) error {
 	options := []string{}
 	if b.readOnly {
 		options = append(options, "ro")
@@ -98,8 +100,8 @@ func (util *CinderDiskUtil) AttachDisk(b *cinderVolumeMounter, globalPDPath stri
 	return nil
 }
 
-// Unmounts the device and detaches the disk from the kubelet's host machine.
-func (util *CinderDiskUtil) DetachDisk(cd *cinderVolumeUnmounter) error {
+// DetachDisk unmounts the device and detaches the disk from the kubelet's host machine.
+func (util *DiskUtil) DetachDisk(cd *cinderVolumeUnmounter) error {
 	globalPDPath := makeGlobalPDName(cd.plugin.host, cd.pdName)
 	if err := cd.mounter.Unmount(globalPDPath); err != nil {
 		return err
@@ -124,7 +126,8 @@ func (util *CinderDiskUtil) DetachDisk(cd *cinderVolumeUnmounter) error {
 	return nil
 }
 
-func (util *CinderDiskUtil) DeleteVolume(cd *cinderVolumeDeleter) error {
+// DeleteVolume uses the cloud entrypoint to delete specified volume
+func (util *DiskUtil) DeleteVolume(cd *cinderVolumeDeleter) error {
 	cloud, err := cd.plugin.getCloudProvider()
 	if err != nil {
 		return err
@@ -158,7 +161,8 @@ func getZonesFromNodes(kubeClient clientset.Interface) (sets.String, error) {
 	return zones, nil
 }
 
-func (util *CinderDiskUtil) CreateVolume(c *cinderVolumeProvisioner) (volumeID string, volumeSizeGB int, volumeLabels map[string]string, fstype string, err error) {
+// CreateVolume uses the cloud provider entrypoint for creating a volume
+func (util *DiskUtil) CreateVolume(c *cinderVolumeProvisioner) (volumeID string, volumeSizeGB int, volumeLabels map[string]string, fstype string, err error) {
 	cloud, err := c.plugin.getCloudProvider()
 	if err != nil {
 		return "", 0, nil, "", err
@@ -167,8 +171,8 @@ func (util *CinderDiskUtil) CreateVolume(c *cinderVolumeProvisioner) (volumeID s
 	capacity := c.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)]
 	volSizeBytes := capacity.Value()
 	// Cinder works with gigabytes, convert to GiB with rounding up
-	volSizeGB := int(volume.RoundUpSize(volSizeBytes, 1024*1024*1024))
-	name := volume.GenerateVolumeName(c.options.ClusterName, c.options.PVName, 255) // Cinder volume name can have up to 255 characters
+	volSizeGB := int(volutil.RoundUpSize(volSizeBytes, 1024*1024*1024))
+	name := volutil.GenerateVolumeName(c.options.ClusterName, c.options.PVName, 255) // Cinder volume name can have up to 255 characters
 	vtype := ""
 	availability := ""
 	// Apply ProvisionerParameters (case-insensitive). We leave validation of
@@ -200,7 +204,7 @@ func (util *CinderDiskUtil) CreateVolume(c *cinderVolumeProvisioner) (volumeID s
 		// if we did not get any zones, lets leave it blank and gophercloud will
 		// use zone "nova" as default
 		if len(zones) > 0 {
-			availability = volume.ChooseZoneForVolume(zones, c.options.PVC.Name)
+			availability = volutil.ChooseZoneForVolume(zones, c.options.PVC.Name)
 		}
 	}
 
@@ -224,6 +228,17 @@ func probeAttachedVolume() error {
 	scsiHostRescan()
 
 	executor := exec.New()
+
+	// udevadm settle waits for udevd to process the device creation
+	// events for all hardware devices, thus ensuring that any device
+	// nodes have been created successfully before proceeding.
+	argsSettle := []string{"settle"}
+	cmdSettle := executor.Command("udevadm", argsSettle...)
+	_, errSettle := cmdSettle.CombinedOutput()
+	if errSettle != nil {
+		glog.Errorf("error running udevadm settle %v\n", errSettle)
+	}
+
 	args := []string{"trigger"}
 	cmd := executor.Command("udevadm", args...)
 	_, err := cmd.CombinedOutput()
@@ -236,10 +251,10 @@ func probeAttachedVolume() error {
 }
 
 func scsiHostRescan() {
-	scsi_path := "/sys/class/scsi_host/"
-	if dirs, err := ioutil.ReadDir(scsi_path); err == nil {
+	scsiPath := "/sys/class/scsi_host/"
+	if dirs, err := ioutil.ReadDir(scsiPath); err == nil {
 		for _, f := range dirs {
-			name := scsi_path + f.Name() + "/scan"
+			name := scsiPath + f.Name() + "/scan"
 			data := []byte("- - -")
 			ioutil.WriteFile(name, data, 0666)
 		}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/configmap/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/configmap/BUILD
index 7cdad062d837..718bfe6fa6e6 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/configmap/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/configmap/BUILD
@@ -30,8 +30,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["configmap_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/volume/configmap",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/volume:go_default_library",
         "//pkg/volume/empty_dir:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/configmap/configmap.go b/vendor/k8s.io/kubernetes/pkg/volume/configmap/configmap.go
index b798d1c73547..ff041c0ac0c8 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/configmap/configmap.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/configmap/configmap.go
@@ -217,7 +217,7 @@ func (b *configMapVolumeMounter) SetUpAt(dir string, fsGroup *int64) error {
 	glog.V(3).Infof("Received configMap %v/%v containing (%v) pieces of data, %v total bytes",
 		b.pod.Namespace,
 		b.source.Name,
-		len(configMap.Data),
+		len(configMap.Data)+len(configMap.BinaryData),
 		totalBytes)
 
 	payload, err := MakePayload(b.source.Items, configMap, b.source.DefaultMode, optional)
@@ -253,7 +253,7 @@ func MakePayload(mappings []v1.KeyToPath, configMap *v1.ConfigMap, defaultMode *
 		return nil, fmt.Errorf("No defaultMode used, not even the default value for it")
 	}
 
-	payload := make(map[string]volumeutil.FileProjection, len(configMap.Data))
+	payload := make(map[string]volumeutil.FileProjection, (len(configMap.Data) + len(configMap.BinaryData)))
 	var fileProjection volumeutil.FileProjection
 
 	if len(mappings) == 0 {
@@ -262,17 +262,24 @@ func MakePayload(mappings []v1.KeyToPath, configMap *v1.ConfigMap, defaultMode *
 			fileProjection.Mode = *defaultMode
 			payload[name] = fileProjection
 		}
+		for name, data := range configMap.BinaryData {
+			fileProjection.Data = data
+			fileProjection.Mode = *defaultMode
+			payload[name] = fileProjection
+		}
 	} else {
 		for _, ktp := range mappings {
-			content, ok := configMap.Data[ktp.Key]
-			if !ok {
+			if stringData, ok := configMap.Data[ktp.Key]; ok {
+				fileProjection.Data = []byte(stringData)
+			} else if binaryData, ok := configMap.BinaryData[ktp.Key]; ok {
+				fileProjection.Data = binaryData
+			} else {
 				if optional {
 					continue
 				}
 				return nil, fmt.Errorf("configmap references non-existent config key: %s", ktp.Key)
 			}
 
-			fileProjection.Data = []byte(content)
 			if ktp.Mode != nil {
 				fileProjection.Mode = *ktp.Mode
 			} else {
@@ -290,6 +297,9 @@ func totalBytes(configMap *v1.ConfigMap) int {
 	for _, value := range configMap.Data {
 		totalSize += len(value)
 	}
+	for _, value := range configMap.BinaryData {
+		totalSize += len(value)
+	}
 
 	return totalSize
 }
@@ -306,7 +316,7 @@ func (c *configMapVolumeUnmounter) TearDown() error {
 }
 
 func (c *configMapVolumeUnmounter) TearDownAt(dir string) error {
-	return volume.UnmountViaEmptyDir(dir, c.plugin.host, c.volName, wrappedVolumeSpec(), c.podUID)
+	return volumeutil.UnmountViaEmptyDir(dir, c.plugin.host, c.volName, wrappedVolumeSpec(), c.podUID)
 }
 
 func getVolumeSource(spec *volume.Spec) (*v1.ConfigMapVolumeSource, bool) {
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/csi/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/csi/BUILD
index 88a2e857fe59..8cdba0adbd4d 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/csi/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/csi/BUILD
@@ -7,6 +7,7 @@ go_library(
         "csi_client.go",
         "csi_mounter.go",
         "csi_plugin.go",
+        "csi_util.go",
     ],
     importpath = "k8s.io/kubernetes/pkg/volume/csi",
     visibility = ["//visibility:public"],
@@ -15,15 +16,16 @@ go_library(
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
-        "//vendor/github.com/container-storage-interface/spec/lib/go/csi:go_default_library",
+        "//vendor/github.com/container-storage-interface/spec/lib/go/csi/v0:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/golang.org/x/net/context:go_default_library",
         "//vendor/google.golang.org/grpc:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
-        "//vendor/k8s.io/api/storage/v1alpha1:go_default_library",
+        "//vendor/k8s.io/api/storage/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
     ],
 )
@@ -36,22 +38,22 @@ go_test(
         "csi_mounter_test.go",
         "csi_plugin_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/volume/csi",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/volume:go_default_library",
         "//pkg/volume/csi/fake:go_default_library",
         "//pkg/volume/testing:go_default_library",
-        "//vendor/github.com/container-storage-interface/spec/lib/go/csi:go_default_library",
         "//vendor/golang.org/x/net/context:go_default_library",
         "//vendor/google.golang.org/grpc:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
-        "//vendor/k8s.io/api/storage/v1alpha1:go_default_library",
+        "//vendor/k8s.io/api/storage/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes/fake:go_default_library",
+        "//vendor/k8s.io/client-go/testing:go_default_library",
         "//vendor/k8s.io/client-go/util/testing:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/csi/csi_attacher.go b/vendor/k8s.io/kubernetes/pkg/volume/csi/csi_attacher.go
index 2c0b577b8f00..720cbce04da6 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/csi/csi_attacher.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/csi/csi_attacher.go
@@ -20,24 +20,37 @@ import (
 	"crypto/sha256"
 	"errors"
 	"fmt"
+	"os"
+	"path"
+	"path/filepath"
 	"strings"
 	"time"
 
 	"github.com/golang/glog"
+	grpctx "golang.org/x/net/context"
 
+	csipb "github.com/container-storage-interface/spec/lib/go/csi/v0"
 	"k8s.io/api/core/v1"
-	storage "k8s.io/api/storage/v1alpha1"
+	storage "k8s.io/api/storage/v1beta1"
 	apierrs "k8s.io/apimachinery/pkg/api/errors"
 	meta "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/apimachinery/pkg/watch"
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/kubernetes/pkg/volume"
 )
 
+const (
+	persistentVolumeInGlobalPath = "pv"
+	globalMountInGlobalPath      = "globalmount"
+)
+
 type csiAttacher struct {
 	plugin        *csiPlugin
 	k8s           kubernetes.Interface
 	waitSleepTime time.Duration
+
+	csiClient csiClient
 }
 
 // volume.Attacher methods
@@ -73,7 +86,7 @@ func (c *csiAttacher) Attach(spec *volume.Spec, nodeName types.NodeName) (string
 		Status: storage.VolumeAttachmentStatus{Attached: false},
 	}
 
-	_, err = c.k8s.StorageV1alpha1().VolumeAttachments().Create(attachment)
+	_, err = c.k8s.StorageV1beta1().VolumeAttachments().Create(attachment)
 	alreadyExist := false
 	if err != nil {
 		if !apierrs.IsAlreadyExists(err) {
@@ -91,7 +104,7 @@ func (c *csiAttacher) Attach(spec *volume.Spec, nodeName types.NodeName) (string
 
 	// probe for attachment update here
 	// NOTE: any error from waiting for attachment is logged only.  This is because
-	// the primariy intent of the enclosing method is to create VolumeAttachment.
+	// the primary intent of the enclosing method is to create VolumeAttachment.
 	// DONOT return that error here as it is mitigated in attacher.WaitForAttach.
 	volAttachmentOK := true
 	if _, err := c.waitForVolumeAttachment(csiSource.VolumeHandle, attachID, csiTimeout); err != nil {
@@ -117,37 +130,79 @@ func (c *csiAttacher) WaitForAttach(spec *volume.Spec, attachID string, pod *v1.
 func (c *csiAttacher) waitForVolumeAttachment(volumeHandle, attachID string, timeout time.Duration) (string, error) {
 	glog.V(4).Info(log("probing for updates from CSI driver for [attachment.ID=%v]", attachID))
 
-	ticker := time.NewTicker(c.waitSleepTime)
-	defer ticker.Stop()
-
 	timer := time.NewTimer(timeout) // TODO (vladimirvivien) investigate making this configurable
 	defer timer.Stop()
 
-	//TODO (vladimirvivien) instead of polling api-server, change to a api-server watch
+	return c.waitForVolumeAttachmentInternal(volumeHandle, attachID, timer, timeout)
+}
+
+func (c *csiAttacher) waitForVolumeAttachmentInternal(volumeHandle, attachID string, timer *time.Timer, timeout time.Duration) (string, error) {
+	glog.V(4).Info(log("probing VolumeAttachment [id=%v]", attachID))
+	attach, err := c.k8s.StorageV1beta1().VolumeAttachments().Get(attachID, meta.GetOptions{})
+	if err != nil {
+		glog.Error(log("attacher.WaitForAttach failed for volume [%s] (will continue to try): %v", volumeHandle, err))
+		return "", err
+	}
+	// if being deleted, fail fast
+	if attach.GetDeletionTimestamp() != nil {
+		glog.Error(log("VolumeAttachment [%s] has deletion timestamp, will not continue to wait for attachment", attachID))
+		return "", errors.New("volume attachment is being deleted")
+	}
+	// attachment OK
+	if attach.Status.Attached {
+		return attachID, nil
+	}
+	// driver reports attach error
+	attachErr := attach.Status.AttachError
+	if attachErr != nil {
+		glog.Error(log("attachment for %v failed: %v", volumeHandle, attachErr.Message))
+		return "", errors.New(attachErr.Message)
+	}
+
+	watcher, err := c.k8s.StorageV1beta1().VolumeAttachments().Watch(meta.SingleObject(meta.ObjectMeta{Name: attachID, ResourceVersion: attach.ResourceVersion}))
+	if err != nil {
+		return "", fmt.Errorf("watch error:%v for volume %v", err, volumeHandle)
+	}
+
+	ch := watcher.ResultChan()
+	defer watcher.Stop()
+
 	for {
 		select {
-		case <-ticker.C:
-			glog.V(4).Info(log("probing VolumeAttachment [id=%v]", attachID))
-			attach, err := c.k8s.StorageV1alpha1().VolumeAttachments().Get(attachID, meta.GetOptions{})
-			if err != nil {
-				glog.Error(log("attacher.WaitForAttach failed (will continue to try): %v", err))
-				continue
+		case event, ok := <-ch:
+			if !ok {
+				glog.Errorf("[attachment.ID=%v] watch channel had been closed", attachID)
+				return "", errors.New("volume attachment watch channel had been closed")
 			}
-			// if being deleted, fail fast
-			if attach.GetDeletionTimestamp() != nil {
-				glog.Error(log("VolumeAttachment [%s] has deletion timestamp, will not continue to wait for attachment", attachID))
-				return "", errors.New("volume attachment is being deleted")
-			}
-			// attachment OK
-			if attach.Status.Attached {
-				return attachID, nil
-			}
-			// driver reports attach error
-			attachErr := attach.Status.AttachError
-			if attachErr != nil {
-				glog.Error(log("attachment for %v failed: %v", volumeHandle, attachErr.Message))
-				return "", errors.New(attachErr.Message)
+
+			switch event.Type {
+			case watch.Added, watch.Modified:
+				attach, _ := event.Object.(*storage.VolumeAttachment)
+				// if being deleted, fail fast
+				if attach.GetDeletionTimestamp() != nil {
+					glog.Error(log("VolumeAttachment [%s] has deletion timestamp, will not continue to wait for attachment", attachID))
+					return "", errors.New("volume attachment is being deleted")
+				}
+				// attachment OK
+				if attach.Status.Attached {
+					return attachID, nil
+				}
+				// driver reports attach error
+				attachErr := attach.Status.AttachError
+				if attachErr != nil {
+					glog.Error(log("attachment for %v failed: %v", volumeHandle, attachErr.Message))
+					return "", errors.New(attachErr.Message)
+				}
+			case watch.Deleted:
+				// if deleted, fail fast
+				glog.Error(log("VolumeAttachment [%s] has been deleted, will not continue to wait for attachment", attachID))
+				return "", errors.New("volume attachment has been deleted")
+
+			case watch.Error:
+				// start another cycle
+				c.waitForVolumeAttachmentInternal(volumeHandle, attachID, timer, timeout)
 			}
+
 		case <-timer.C:
 			glog.Error(log("attacher.WaitForAttach timeout after %v [volume=%v; attachment.ID=%v]", timeout, volumeHandle, attachID))
 			return "", fmt.Errorf("attachment timeout for volume %v", volumeHandle)
@@ -173,7 +228,7 @@ func (c *csiAttacher) VolumesAreAttached(specs []*volume.Spec, nodeName types.No
 
 		attachID := getAttachmentName(source.VolumeHandle, source.Driver, string(nodeName))
 		glog.V(4).Info(log("probing attachment status for VolumeAttachment %v", attachID))
-		attach, err := c.k8s.StorageV1alpha1().VolumeAttachments().Get(attachID, meta.GetOptions{})
+		attach, err := c.k8s.StorageV1beta1().VolumeAttachments().Get(attachID, meta.GetOptions{})
 		if err != nil {
 			glog.Error(log("attacher.VolumesAreAttached failed for attach.ID=%v: %v", attachID, err))
 			continue
@@ -186,12 +241,125 @@ func (c *csiAttacher) VolumesAreAttached(specs []*volume.Spec, nodeName types.No
 }
 
 func (c *csiAttacher) GetDeviceMountPath(spec *volume.Spec) (string, error) {
-	glog.V(4).Info(log("attacher.GetDeviceMountPath is not implemented"))
-	return "", nil
+	glog.V(4).Info(log("attacher.GetDeviceMountPath(%v)", spec))
+	deviceMountPath, err := makeDeviceMountPath(c.plugin, spec)
+	if err != nil {
+		glog.Error(log("attacher.GetDeviceMountPath failed to make device mount path: %v", err))
+		return "", err
+	}
+	glog.V(4).Infof("attacher.GetDeviceMountPath succeeded, deviceMountPath: %s", deviceMountPath)
+	return deviceMountPath, nil
 }
 
 func (c *csiAttacher) MountDevice(spec *volume.Spec, devicePath string, deviceMountPath string) error {
-	glog.V(4).Info(log("attacher.MountDevice is not implemented"))
+	glog.V(4).Infof(log("attacher.MountDevice(%s, %s)", devicePath, deviceMountPath))
+
+	mounted, err := isDirMounted(c.plugin, deviceMountPath)
+	if err != nil {
+		glog.Error(log("attacher.MountDevice failed while checking mount status for dir [%s]", deviceMountPath))
+		return err
+	}
+
+	if mounted {
+		glog.V(4).Info(log("attacher.MountDevice skipping mount, dir already mounted [%s]", deviceMountPath))
+		return nil
+	}
+
+	// Setup
+	if spec == nil {
+		return fmt.Errorf("attacher.MountDevice failed, spec is nil")
+	}
+	csiSource, err := getCSISourceFromSpec(spec)
+	if err != nil {
+		glog.Error(log("attacher.MountDevice failed to get CSI persistent source: %v", err))
+		return err
+	}
+
+	if c.csiClient == nil {
+		if csiSource.Driver == "" {
+			return fmt.Errorf("attacher.MountDevice failed, driver name is empty")
+		}
+		addr := fmt.Sprintf(csiAddrTemplate, csiSource.Driver)
+		c.csiClient = newCsiDriverClient("unix", addr)
+	}
+	csi := c.csiClient
+
+	ctx, cancel := grpctx.WithTimeout(grpctx.Background(), csiTimeout)
+	defer cancel()
+	// Check whether "STAGE_UNSTAGE_VOLUME" is set
+	stageUnstageSet, err := hasStageUnstageCapability(ctx, csi)
+	if err != nil {
+		glog.Error(log("attacher.MountDevice failed to check STAGE_UNSTAGE_VOLUME: %v", err))
+		return err
+	}
+	if !stageUnstageSet {
+		glog.Infof(log("attacher.MountDevice STAGE_UNSTAGE_VOLUME capability not set. Skipping MountDevice..."))
+		return nil
+	}
+
+	// Start MountDevice
+	if deviceMountPath == "" {
+		return fmt.Errorf("attacher.MountDevice failed, deviceMountPath is empty")
+	}
+
+	nodeName := string(c.plugin.host.GetNodeName())
+	attachID := getAttachmentName(csiSource.VolumeHandle, csiSource.Driver, nodeName)
+
+	// search for attachment by VolumeAttachment.Spec.Source.PersistentVolumeName
+	attachment, err := c.k8s.StorageV1beta1().VolumeAttachments().Get(attachID, meta.GetOptions{})
+	if err != nil {
+		glog.Error(log("attacher.MountDevice failed while getting volume attachment [id=%v]: %v", attachID, err))
+		return err
+	}
+
+	if attachment == nil {
+		glog.Error(log("unable to find VolumeAttachment [id=%s]", attachID))
+		return errors.New("no existing VolumeAttachment found")
+	}
+	publishVolumeInfo := attachment.Status.AttachmentMetadata
+
+	// create target_dir before call to NodeStageVolume
+	if err := os.MkdirAll(deviceMountPath, 0750); err != nil {
+		glog.Error(log("attacher.MountDevice failed to create dir %#v:  %v", deviceMountPath, err))
+		return err
+	}
+	glog.V(4).Info(log("created target path successfully [%s]", deviceMountPath))
+
+	//TODO (vladimirvivien) implement better AccessModes mapping between k8s and CSI
+	accessMode := v1.ReadWriteOnce
+	if spec.PersistentVolume.Spec.AccessModes != nil {
+		accessMode = spec.PersistentVolume.Spec.AccessModes[0]
+	}
+
+	fsType := csiSource.FSType
+	if len(fsType) == 0 {
+		fsType = defaultFSType
+	}
+
+	nodeStageSecrets := map[string]string{}
+	if csiSource.NodeStageSecretRef != nil {
+		nodeStageSecrets = getCredentialsFromSecret(c.k8s, csiSource.NodeStageSecretRef)
+	}
+
+	err = csi.NodeStageVolume(ctx,
+		csiSource.VolumeHandle,
+		publishVolumeInfo,
+		deviceMountPath,
+		fsType,
+		accessMode,
+		nodeStageSecrets,
+		csiSource.VolumeAttributes)
+
+	if err != nil {
+		glog.Errorf(log("attacher.MountDevice failed: %v", err))
+		if err := removeMountDir(c.plugin, deviceMountPath); err != nil {
+			glog.Error(log("attacher.MountDevice failed to remove mount dir after a NodeStageVolume() error [%s]: %v", deviceMountPath, err))
+			return err
+		}
+		return err
+	}
+
+	glog.V(4).Infof(log("attacher.MountDevice successfully requested NodeStageVolume [%s]", deviceMountPath))
 	return nil
 }
 
@@ -201,7 +369,7 @@ func (c *csiAttacher) Detach(volumeName string, nodeName types.NodeName) error {
 	// volumeName in format driverName<SEP>volumeHandle generated by plugin.GetVolumeName()
 	if volumeName == "" {
 		glog.Error(log("detacher.Detach missing value for parameter volumeName"))
-		return errors.New("missing exepected parameter volumeName")
+		return errors.New("missing expected parameter volumeName")
 	}
 	parts := strings.Split(volumeName, volNameSep)
 	if len(parts) != 2 {
@@ -212,7 +380,7 @@ func (c *csiAttacher) Detach(volumeName string, nodeName types.NodeName) error {
 	driverName := parts[0]
 	volID := parts[1]
 	attachID := getAttachmentName(volID, driverName, string(nodeName))
-	if err := c.k8s.StorageV1alpha1().VolumeAttachments().Delete(attachID, nil); err != nil {
+	if err := c.k8s.StorageV1beta1().VolumeAttachments().Delete(attachID, nil); err != nil {
 		glog.Error(log("detacher.Detach failed to delete VolumeAttachment [%s]: %v", attachID, err))
 		return err
 	}
@@ -224,49 +392,179 @@ func (c *csiAttacher) Detach(volumeName string, nodeName types.NodeName) error {
 func (c *csiAttacher) waitForVolumeDetachment(volumeHandle, attachID string) error {
 	glog.V(4).Info(log("probing for updates from CSI driver for [attachment.ID=%v]", attachID))
 
-	ticker := time.NewTicker(c.waitSleepTime)
-	defer ticker.Stop()
-
 	timeout := c.waitSleepTime * 10
 	timer := time.NewTimer(timeout) // TODO (vladimirvivien) investigate making this configurable
 	defer timer.Stop()
 
-	//TODO (vladimirvivien) instead of polling api-server, change to a api-server watch
+	return c.waitForVolumeDetachmentInternal(volumeHandle, attachID, timer, timeout)
+}
+
+func (c *csiAttacher) waitForVolumeDetachmentInternal(volumeHandle, attachID string, timer *time.Timer, timeout time.Duration) error {
+	glog.V(4).Info(log("probing VolumeAttachment [id=%v]", attachID))
+	attach, err := c.k8s.StorageV1beta1().VolumeAttachments().Get(attachID, meta.GetOptions{})
+	if err != nil {
+		if apierrs.IsNotFound(err) {
+			//object deleted or never existed, done
+			glog.V(4).Info(log("VolumeAttachment object [%v] for volume [%v] not found, object deleted", attachID, volumeHandle))
+			return nil
+		}
+		glog.Error(log("detacher.WaitForDetach failed for volume [%s] (will continue to try): %v", volumeHandle, err))
+		return err
+	}
+	// driver reports attach error
+	detachErr := attach.Status.DetachError
+	if detachErr != nil {
+		glog.Error(log("detachment for VolumeAttachment [%v] for volume [%s] failed: %v", attachID, volumeHandle, detachErr.Message))
+		return errors.New(detachErr.Message)
+	}
+
+	watcher, err := c.k8s.StorageV1beta1().VolumeAttachments().Watch(meta.SingleObject(meta.ObjectMeta{Name: attachID, ResourceVersion: attach.ResourceVersion}))
+	if err != nil {
+		return fmt.Errorf("watch error:%v for volume %v", err, volumeHandle)
+	}
+	ch := watcher.ResultChan()
+	defer watcher.Stop()
+
 	for {
 		select {
-		case <-ticker.C:
-			glog.V(4).Info(log("probing VolumeAttachment [id=%v]", attachID))
-			attach, err := c.k8s.StorageV1alpha1().VolumeAttachments().Get(attachID, meta.GetOptions{})
-			if err != nil {
-				if apierrs.IsNotFound(err) {
-					//object deleted or never existed, done
-					glog.V(4).Info(log("VolumeAttachment object [%v] for volume [%v] not found, object deleted", attachID, volumeHandle))
-					return nil
-				}
-				glog.Error(log("detacher.WaitForDetach failed for volume [%s] (will continue to try): %v", volumeHandle, err))
-				continue
+		case event, ok := <-ch:
+			if !ok {
+				glog.Errorf("[attachment.ID=%v] watch channel had been closed", attachID)
+				return errors.New("volume attachment watch channel had been closed")
 			}
 
-			// driver reports attach error
-			detachErr := attach.Status.DetachError
-			if detachErr != nil {
-				glog.Error(log("detachment for VolumeAttachment [%v] for volume [%s] failed: %v", attachID, volumeHandle, detachErr.Message))
-				return errors.New(detachErr.Message)
+			switch event.Type {
+			case watch.Added, watch.Modified:
+				attach, _ := event.Object.(*storage.VolumeAttachment)
+				// driver reports attach error
+				detachErr := attach.Status.DetachError
+				if detachErr != nil {
+					glog.Error(log("detachment for VolumeAttachment [%v] for volume [%s] failed: %v", attachID, volumeHandle, detachErr.Message))
+					return errors.New(detachErr.Message)
+				}
+			case watch.Deleted:
+				//object deleted
+				glog.V(4).Info(log("VolumeAttachment object [%v] for volume [%v] has been deleted", attachID, volumeHandle))
+				return nil
+
+			case watch.Error:
+				// start another cycle
+				c.waitForVolumeDetachmentInternal(volumeHandle, attachID, timer, timeout)
 			}
+
 		case <-timer.C:
 			glog.Error(log("detacher.WaitForDetach timeout after %v [volume=%v; attachment.ID=%v]", timeout, volumeHandle, attachID))
-			return fmt.Errorf("detachment timed out for volume %v", volumeHandle)
+			return fmt.Errorf("detachment timeout for volume %v", volumeHandle)
 		}
 	}
 }
 
 func (c *csiAttacher) UnmountDevice(deviceMountPath string) error {
-	glog.V(4).Info(log("detacher.UnmountDevice is not implemented"))
+	glog.V(4).Info(log("attacher.UnmountDevice(%s)", deviceMountPath))
+
+	// Setup
+	driverName, volID, err := getDriverAndVolNameFromDeviceMountPath(c.k8s, deviceMountPath)
+	if err != nil {
+		glog.Errorf(log("attacher.UnmountDevice failed to get driver and volume name from device mount path: %v", err))
+		return err
+	}
+
+	if c.csiClient == nil {
+		addr := fmt.Sprintf(csiAddrTemplate, driverName)
+		c.csiClient = newCsiDriverClient("unix", addr)
+	}
+	csi := c.csiClient
+
+	ctx, cancel := grpctx.WithTimeout(grpctx.Background(), csiTimeout)
+	defer cancel()
+	// Check whether "STAGE_UNSTAGE_VOLUME" is set
+	stageUnstageSet, err := hasStageUnstageCapability(ctx, csi)
+	if err != nil {
+		glog.Errorf(log("attacher.UnmountDevice failed to check whether STAGE_UNSTAGE_VOLUME set: %v", err))
+		return err
+	}
+	if !stageUnstageSet {
+		glog.Infof(log("attacher.UnmountDevice STAGE_UNSTAGE_VOLUME capability not set. Skipping UnmountDevice..."))
+		return nil
+	}
+
+	// Start UnmountDevice
+	err = csi.NodeUnstageVolume(ctx,
+		volID,
+		deviceMountPath)
+
+	if err != nil {
+		glog.Errorf(log("attacher.UnmountDevice failed: %v", err))
+		return err
+	}
+
+	glog.V(4).Infof(log("attacher.UnmountDevice successfully requested NodeStageVolume [%s]", deviceMountPath))
 	return nil
 }
 
+func hasStageUnstageCapability(ctx grpctx.Context, csi csiClient) (bool, error) {
+	capabilities, err := csi.NodeGetCapabilities(ctx)
+	if err != nil {
+		return false, err
+	}
+
+	stageUnstageSet := false
+	if capabilities == nil {
+		return false, nil
+	}
+	for _, capability := range capabilities {
+		if capability.GetRpc().GetType() == csipb.NodeServiceCapability_RPC_STAGE_UNSTAGE_VOLUME {
+			stageUnstageSet = true
+		}
+	}
+	return stageUnstageSet, nil
+}
+
 // getAttachmentName returns csi-<sha252(volName,csiDriverName,NodeName>
 func getAttachmentName(volName, csiDriverName, nodeName string) string {
 	result := sha256.Sum256([]byte(fmt.Sprintf("%s%s%s", volName, csiDriverName, nodeName)))
 	return fmt.Sprintf("csi-%x", result)
 }
+
+func makeDeviceMountPath(plugin *csiPlugin, spec *volume.Spec) (string, error) {
+	if spec == nil {
+		return "", fmt.Errorf("makeDeviceMountPath failed, spec is nil")
+	}
+
+	pvName := spec.PersistentVolume.Name
+	if pvName == "" {
+		return "", fmt.Errorf("makeDeviceMountPath failed, pv name empty")
+	}
+
+	return path.Join(plugin.host.GetPluginDir(plugin.GetPluginName()), persistentVolumeInGlobalPath, pvName, globalMountInGlobalPath), nil
+}
+
+func getDriverAndVolNameFromDeviceMountPath(k8s kubernetes.Interface, deviceMountPath string) (string, string, error) {
+	// deviceMountPath structure: /var/lib/kubelet/plugins/kubernetes.io/csi/pv/{pvname}/globalmount
+	dir := filepath.Dir(deviceMountPath)
+	if file := filepath.Base(deviceMountPath); file != globalMountInGlobalPath {
+		return "", "", fmt.Errorf("getDriverAndVolNameFromDeviceMountPath failed, path did not end in %s", globalMountInGlobalPath)
+	}
+	// dir is now /var/lib/kubelet/plugins/kubernetes.io/csi/pv/{pvname}
+	pvName := filepath.Base(dir)
+
+	// Get PV and check for errors
+	pv, err := k8s.CoreV1().PersistentVolumes().Get(pvName, meta.GetOptions{})
+	if err != nil {
+		return "", "", err
+	}
+	if pv == nil || pv.Spec.CSI == nil {
+		return "", "", fmt.Errorf("getDriverAndVolNameFromDeviceMountPath could not find CSI Persistent Volume Source for pv: %s", pvName)
+	}
+
+	// Get VolumeHandle and PluginName from pv
+	csiSource := pv.Spec.CSI
+	if csiSource.Driver == "" {
+		return "", "", fmt.Errorf("getDriverAndVolNameFromDeviceMountPath failed, driver name empty")
+	}
+	if csiSource.VolumeHandle == "" {
+		return "", "", fmt.Errorf("getDriverAndVolNameFromDeviceMountPath failed, VolumeHandle empty")
+	}
+
+	return csiSource.Driver, csiSource.VolumeHandle, nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/csi/csi_client.go b/vendor/k8s.io/kubernetes/pkg/volume/csi/csi_client.go
index c8b8ad0f28e1..4ec6f9575b7a 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/csi/csi_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/csi/csi_client.go
@@ -17,13 +17,11 @@ limitations under the License.
 package csi
 
 import (
-	"bytes"
 	"errors"
-	"fmt"
 	"net"
 	"time"
 
-	csipb "github.com/container-storage-interface/spec/lib/go/csi"
+	csipb "github.com/container-storage-interface/spec/lib/go/csi/v0"
 	"github.com/golang/glog"
 	grpctx "golang.org/x/net/context"
 	"google.golang.org/grpc"
@@ -31,19 +29,34 @@ import (
 )
 
 type csiClient interface {
-	AssertSupportedVersion(ctx grpctx.Context, ver *csipb.Version) error
-	NodeProbe(ctx grpctx.Context, ver *csipb.Version) error
 	NodePublishVolume(
 		ctx grpctx.Context,
 		volumeid string,
 		readOnly bool,
+		stagingTargetPath string,
 		targetPath string,
 		accessMode api.PersistentVolumeAccessMode,
 		volumeInfo map[string]string,
 		volumeAttribs map[string]string,
+		nodePublishSecrets map[string]string,
 		fsType string,
 	) error
-	NodeUnpublishVolume(ctx grpctx.Context, volID string, targetPath string) error
+	NodeUnpublishVolume(
+		ctx grpctx.Context,
+		volID string,
+		targetPath string,
+	) error
+	NodeStageVolume(ctx grpctx.Context,
+		volID string,
+		publishVolumeInfo map[string]string,
+		stagingTargetPath string,
+		fsType string,
+		accessMode api.PersistentVolumeAccessMode,
+		nodeStageSecrets map[string]string,
+		volumeAttribs map[string]string,
+	) error
+	NodeUnstageVolume(ctx grpctx.Context, volID, stagingTargetPath string) error
+	NodeGetCapabilities(ctx grpctx.Context) ([]*csipb.NodeServiceCapability, error)
 }
 
 // csiClient encapsulates all csi-plugin methods
@@ -89,68 +102,16 @@ func (c *csiDriverClient) assertConnection() error {
 	return nil
 }
 
-// AssertSupportedVersion ensures driver supports specified spec version.
-// If version is not supported, the assertion fails with an error.
-// This test should be done early during the storage operation flow to avoid
-// unnecessary calls later.
-func (c *csiDriverClient) AssertSupportedVersion(ctx grpctx.Context, ver *csipb.Version) error {
-	if c.versionAsserted {
-		if !c.versionSupported {
-			return fmt.Errorf("version %s not supported", verToStr(ver))
-		}
-		return nil
-	}
-
-	if err := c.assertConnection(); err != nil {
-		c.versionAsserted = false
-		return err
-	}
-
-	glog.V(4).Info(log("asserting version supported by driver"))
-	rsp, err := c.idClient.GetSupportedVersions(ctx, &csipb.GetSupportedVersionsRequest{})
-	if err != nil {
-		c.versionAsserted = false
-		return err
-	}
-
-	supported := false
-	vers := rsp.GetSupportedVersions()
-	glog.V(4).Info(log("driver reports %d versions supported: %s", len(vers), versToStr(vers)))
-
-	for _, v := range vers {
-		//TODO (vladimirvivien) use more lenient/heuristic for exact or match of ranges etc
-		if verToStr(v) == verToStr(ver) {
-			supported = true
-			break
-		}
-	}
-
-	c.versionAsserted = true
-	c.versionSupported = supported
-
-	if !supported {
-		return fmt.Errorf("version %s not supported", verToStr(ver))
-	}
-
-	glog.V(4).Info(log("version %s supported", verToStr(ver)))
-	return nil
-}
-
-func (c *csiDriverClient) NodeProbe(ctx grpctx.Context, ver *csipb.Version) error {
-	glog.V(4).Info(log("sending NodeProbe rpc call to csi driver: [version %v]", ver))
-	req := &csipb.NodeProbeRequest{Version: ver}
-	_, err := c.nodeClient.NodeProbe(ctx, req)
-	return err
-}
-
 func (c *csiDriverClient) NodePublishVolume(
 	ctx grpctx.Context,
 	volID string,
 	readOnly bool,
+	stagingTargetPath string,
 	targetPath string,
 	accessMode api.PersistentVolumeAccessMode,
 	volumeInfo map[string]string,
 	volumeAttribs map[string]string,
+	nodePublishSecrets map[string]string,
 	fsType string,
 ) error {
 	glog.V(4).Info(log("calling NodePublishVolume rpc [volid=%s,target_path=%s]", volID, targetPath))
@@ -166,13 +127,12 @@ func (c *csiDriverClient) NodePublishVolume(
 	}
 
 	req := &csipb.NodePublishVolumeRequest{
-		Version:           csiVersion,
-		VolumeId:          volID,
-		TargetPath:        targetPath,
-		Readonly:          readOnly,
-		PublishVolumeInfo: volumeInfo,
-		VolumeAttributes:  volumeAttribs,
-
+		VolumeId:           volID,
+		TargetPath:         targetPath,
+		Readonly:           readOnly,
+		PublishInfo:        volumeInfo,
+		VolumeAttributes:   volumeAttribs,
+		NodePublishSecrets: nodePublishSecrets,
 		VolumeCapability: &csipb.VolumeCapability{
 			AccessMode: &csipb.VolumeCapability_AccessMode{
 				Mode: asCSIAccessMode(accessMode),
@@ -184,6 +144,9 @@ func (c *csiDriverClient) NodePublishVolume(
 			},
 		},
 	}
+	if stagingTargetPath != "" {
+		req.StagingTargetPath = stagingTargetPath
+	}
 
 	_, err := c.nodeClient.NodePublishVolume(ctx, req)
 	return err
@@ -203,7 +166,6 @@ func (c *csiDriverClient) NodeUnpublishVolume(ctx grpctx.Context, volID string,
 	}
 
 	req := &csipb.NodeUnpublishVolumeRequest{
-		Version:    csiVersion,
 		VolumeId:   volID,
 		TargetPath: targetPath,
 	}
@@ -212,6 +174,84 @@ func (c *csiDriverClient) NodeUnpublishVolume(ctx grpctx.Context, volID string,
 	return err
 }
 
+func (c *csiDriverClient) NodeStageVolume(ctx grpctx.Context,
+	volID string,
+	publishInfo map[string]string,
+	stagingTargetPath string,
+	fsType string,
+	accessMode api.PersistentVolumeAccessMode,
+	nodeStageSecrets map[string]string,
+	volumeAttribs map[string]string,
+) error {
+	glog.V(4).Info(log("calling NodeStageVolume rpc [volid=%s,staging_target_path=%s]", volID, stagingTargetPath))
+	if volID == "" {
+		return errors.New("missing volume id")
+	}
+	if stagingTargetPath == "" {
+		return errors.New("missing staging target path")
+	}
+	if err := c.assertConnection(); err != nil {
+		glog.Errorf("%v: failed to assert a connection: %v", csiPluginName, err)
+		return err
+	}
+
+	req := &csipb.NodeStageVolumeRequest{
+		VolumeId:          volID,
+		PublishInfo:       publishInfo,
+		StagingTargetPath: stagingTargetPath,
+		VolumeCapability: &csipb.VolumeCapability{
+			AccessMode: &csipb.VolumeCapability_AccessMode{
+				Mode: asCSIAccessMode(accessMode),
+			},
+			AccessType: &csipb.VolumeCapability_Mount{
+				Mount: &csipb.VolumeCapability_MountVolume{
+					FsType: fsType,
+				},
+			},
+		},
+		NodeStageSecrets: nodeStageSecrets,
+		VolumeAttributes: volumeAttribs,
+	}
+
+	_, err := c.nodeClient.NodeStageVolume(ctx, req)
+	return err
+}
+
+func (c *csiDriverClient) NodeUnstageVolume(ctx grpctx.Context, volID, stagingTargetPath string) error {
+	glog.V(4).Info(log("calling NodeUnstageVolume rpc [volid=%s,staging_target_path=%s]", volID, stagingTargetPath))
+	if volID == "" {
+		return errors.New("missing volume id")
+	}
+	if stagingTargetPath == "" {
+		return errors.New("missing staging target path")
+	}
+	if err := c.assertConnection(); err != nil {
+		glog.Errorf("%v: failed to assert a connection: %v", csiPluginName, err)
+		return err
+	}
+
+	req := &csipb.NodeUnstageVolumeRequest{
+		VolumeId:          volID,
+		StagingTargetPath: stagingTargetPath,
+	}
+	_, err := c.nodeClient.NodeUnstageVolume(ctx, req)
+	return err
+}
+
+func (c *csiDriverClient) NodeGetCapabilities(ctx grpctx.Context) ([]*csipb.NodeServiceCapability, error) {
+	glog.V(4).Info(log("calling NodeGetCapabilities rpc"))
+	if err := c.assertConnection(); err != nil {
+		glog.Errorf("%v: failed to assert a connection: %v", csiPluginName, err)
+		return nil, err
+	}
+	req := &csipb.NodeGetCapabilitiesRequest{}
+	resp, err := c.nodeClient.NodeGetCapabilities(ctx, req)
+	if err != nil {
+		return nil, err
+	}
+	return resp.GetCapabilities(), nil
+}
+
 func asCSIAccessMode(am api.PersistentVolumeAccessMode) csipb.VolumeCapability_AccessMode_Mode {
 	switch am {
 	case api.ReadWriteOnce:
@@ -223,22 +263,3 @@ func asCSIAccessMode(am api.PersistentVolumeAccessMode) csipb.VolumeCapability_A
 	}
 	return csipb.VolumeCapability_AccessMode_UNKNOWN
 }
-
-func verToStr(ver *csipb.Version) string {
-	if ver == nil {
-		return ""
-	}
-	return fmt.Sprintf("%d.%d.%d", ver.GetMajor(), ver.GetMinor(), ver.GetPatch())
-}
-
-func versToStr(vers []*csipb.Version) string {
-	if vers == nil {
-		return ""
-	}
-	str := bytes.NewBufferString("[")
-	for _, v := range vers {
-		str.WriteString(fmt.Sprintf("{%s};", verToStr(v)))
-	}
-	str.WriteString("]")
-	return str.String()
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/csi/csi_mounter.go b/vendor/k8s.io/kubernetes/pkg/volume/csi/csi_mounter.go
index 84d10362bdbe..213d0b582009 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/csi/csi_mounter.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/csi/csi_mounter.go
@@ -34,6 +34,8 @@ import (
 	"k8s.io/kubernetes/pkg/volume/util"
 )
 
+const defaultFSType = "ext4"
+
 //TODO (vladimirvivien) move this in a central loc later
 var (
 	volDataKey = struct {
@@ -85,8 +87,6 @@ func getTargetPath(uid types.UID, specVolumeID string, host volume.VolumeHost) s
 var _ volume.Mounter = &csiMountMgr{}
 
 func (c *csiMountMgr) CanMount() error {
-	//TODO (vladimirvivien) use this method to probe controller using CSI.NodeProbe() call
-	// to ensure Node service is ready in the CSI plugin
 	return nil
 }
 
@@ -114,29 +114,31 @@ func (c *csiMountMgr) SetUpAt(dir string, fsGroup *int64) error {
 		return err
 	}
 
-	ctx, cancel := grpctx.WithTimeout(grpctx.Background(), csiTimeout)
-	defer cancel()
-
 	csi := c.csiClient
 	nodeName := string(c.plugin.host.GetNodeName())
 	attachID := getAttachmentName(csiSource.VolumeHandle, csiSource.Driver, nodeName)
 
-	// ensure version is supported
-	if err := csi.AssertSupportedVersion(ctx, csiVersion); err != nil {
-		glog.Error(log("mounter.SetUpAt failed to assert version: %v", err))
+	ctx, cancel := grpctx.WithTimeout(grpctx.Background(), csiTimeout)
+	defer cancel()
+	// Check for STAGE_UNSTAGE_VOLUME set and populate deviceMountPath if so
+	deviceMountPath := ""
+	stageUnstageSet, err := hasStageUnstageCapability(ctx, csi)
+	if err != nil {
+		glog.Error(log("mounter.SetUpAt failed to check for STAGE_UNSTAGE_VOLUME capabilty: %v", err))
 		return err
 	}
 
-	// probe driver
-	// TODO (vladimirvivien) move probe call where it is done only when it is needed.
-	if err := csi.NodeProbe(ctx, csiVersion); err != nil {
-		glog.Error(log("mounter.SetUpAt failed to probe driver: %v", err))
-		return err
+	if stageUnstageSet {
+		deviceMountPath, err = makeDeviceMountPath(c.plugin, c.spec)
+		if err != nil {
+			glog.Error(log("mounter.SetUpAt failed to make device mount path: %v", err))
+			return err
+		}
 	}
 
 	// search for attachment by VolumeAttachment.Spec.Source.PersistentVolumeName
 	if c.volumeInfo == nil {
-		attachment, err := c.k8s.StorageV1alpha1().VolumeAttachments().Get(attachID, meta.GetOptions{})
+		attachment, err := c.k8s.StorageV1beta1().VolumeAttachments().Get(attachID, meta.GetOptions{})
 		if err != nil {
 			glog.Error(log("mounter.SetupAt failed while getting volume attachment [id=%v]: %v", attachID, err))
 			return err
@@ -149,14 +151,7 @@ func (c *csiMountMgr) SetUpAt(dir string, fsGroup *int64) error {
 		c.volumeInfo = attachment.Status.AttachmentMetadata
 	}
 
-	// get volume attributes
-	// TODO: for alpha vol atttributes are passed via PV.Annotations
-	// Beta will fix that
-	attribs, err := getVolAttribsFromSpec(c.spec)
-	if err != nil {
-		glog.Error(log("mounter.SetUpAt failed to extract volume attributes from PV annotations: %v", err))
-		return err
-	}
+	attribs := csiSource.VolumeAttributes
 
 	// create target_dir before call to NodePublish
 	if err := os.MkdirAll(dir, 0750); err != nil {
@@ -189,15 +184,25 @@ func (c *csiMountMgr) SetUpAt(dir string, fsGroup *int64) error {
 		accessMode = c.spec.PersistentVolume.Spec.AccessModes[0]
 	}
 
+	fsType := csiSource.FSType
+	if len(fsType) == 0 {
+		fsType = defaultFSType
+	}
+	nodePublishSecrets := map[string]string{}
+	if csiSource.NodePublishSecretRef != nil {
+		nodePublishSecrets = getCredentialsFromSecret(c.k8s, csiSource.NodePublishSecretRef)
+	}
 	err = csi.NodePublishVolume(
 		ctx,
 		c.volumeID,
 		c.readOnly,
+		deviceMountPath,
 		dir,
 		accessMode,
 		c.volumeInfo,
 		attribs,
-		"ext4", //TODO needs to be sourced from PV or somewhere else
+		nodePublishSecrets,
+		fsType,
 	)
 
 	if err != nil {
@@ -240,10 +245,15 @@ func (c *csiMountMgr) TearDownAt(dir string) error {
 	}
 
 	if !mounted {
-		glog.V(4).Info(log("unmounter.Teardown skipping unmout, dir not mounted [%s]", dir))
+		glog.V(4).Info(log("unmounter.Teardown skipping unmount, dir not mounted [%s]", dir))
 		return nil
 	}
 
+	if err != nil {
+		glog.Error(log("mounter.TearDownAt failed to get CSI persistent source: %v", err))
+		return err
+	}
+
 	// load volume info from file
 	dataDir := path.Dir(dir) // dropoff /mount at end
 	data, err := loadVolumeData(dataDir, volDataFileName)
@@ -267,51 +277,22 @@ func (c *csiMountMgr) TearDownAt(dir string) error {
 
 	csi := c.csiClient
 
-	// TODO make all assertion calls private within the client itself
-	if err := csi.AssertSupportedVersion(ctx, csiVersion); err != nil {
-		glog.Errorf(log("mounter.SetUpAt failed to assert version: %v", err))
-		return err
-	}
-
 	if err := csi.NodeUnpublishVolume(ctx, volID, dir); err != nil {
-		glog.Errorf(log("mounter.SetUpAt failed: %v", err))
+		glog.Errorf(log("mounter.TearDownAt failed: %v", err))
 		return err
 	}
 
 	// clean mount point dir
 	if err := removeMountDir(c.plugin, dir); err != nil {
-		glog.Error(log("mounter.SetUpAt failed to clean mount dir [%s]: %v", dir, err))
+		glog.Error(log("mounter.TearDownAt failed to clean mount dir [%s]: %v", dir, err))
 		return err
 	}
-	glog.V(4).Infof(log("mounte.SetUpAt successfully unmounted dir [%s]", dir))
+	glog.V(4).Infof(log("mounte.TearDownAt successfully unmounted dir [%s]", dir))
 
 	return nil
 }
 
-// getVolAttribsFromSpec exracts CSI VolumeAttributes information from PV.Annotations
-// using key csi.kubernetes.io/volume-attributes.  The annotation value is expected
-// to be a JSON-encoded object of form {"key0":"val0",...,"keyN":"valN"}
-func getVolAttribsFromSpec(spec *volume.Spec) (map[string]string, error) {
-	if spec == nil {
-		return nil, errors.New("missing volume spec")
-	}
-	annotations := spec.PersistentVolume.GetAnnotations()
-	if annotations == nil {
-		return nil, nil // no annotations found
-	}
-	jsonAttribs := annotations[csiVolAttribsAnnotationKey]
-	if jsonAttribs == "" {
-		return nil, nil // csi annotation not found
-	}
-	attribs := map[string]string{}
-	if err := json.Unmarshal([]byte(jsonAttribs), &attribs); err != nil {
-		glog.Error(log("error parsing csi PV.Annotation [%s]=%s: %v", csiVolAttribsAnnotationKey, jsonAttribs, err))
-		return nil, err
-	}
-	return attribs, nil
-}
-
-// saveVolumeData persists parameter data as json file using the locagion
+// saveVolumeData persists parameter data as json file using the location
 // generated by /var/lib/kubelet/pods/<podID>/volumes/kubernetes.io~csi/<specVolId>/volume_data.json
 func saveVolumeData(p *csiPlugin, podUID types.UID, specVolID string, data map[string]string) error {
 	dir := getTargetPath(podUID, specVolID, p.host)
@@ -390,12 +371,19 @@ func removeMountDir(plug *csiPlugin, mountPath string) error {
 			return err
 		}
 		// remove volume data file as well
-		dataFile := path.Join(path.Dir(mountPath), volDataFileName)
+		volPath := path.Dir(mountPath)
+		dataFile := path.Join(volPath, volDataFileName)
 		glog.V(4).Info(log("also deleting volume info data file [%s]", dataFile))
 		if err := os.Remove(dataFile); err != nil && !os.IsNotExist(err) {
 			glog.Error(log("failed to delete volume data file [%s]: %v", dataFile, err))
 			return err
 		}
+		// remove volume path
+		glog.V(4).Info(log("deleting volume path [%s]", volPath))
+		if err := os.Remove(volPath); err != nil && !os.IsNotExist(err) {
+			glog.Error(log("failed to delete volume path [%s]: %v", volPath, err))
+			return err
+		}
 	}
 	return nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/csi/csi_plugin.go b/vendor/k8s.io/kubernetes/pkg/volume/csi/csi_plugin.go
index be40992df049..d63296877d02 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/csi/csi_plugin.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/csi/csi_plugin.go
@@ -19,10 +19,8 @@ package csi
 import (
 	"errors"
 	"fmt"
-	"regexp"
 	"time"
 
-	csipb "github.com/container-storage-interface/spec/lib/go/csi"
 	"github.com/golang/glog"
 	api "k8s.io/api/core/v1"
 	meta "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -32,8 +30,7 @@ import (
 )
 
 const (
-	csiPluginName              = "kubernetes.io/csi"
-	csiVolAttribsAnnotationKey = "csi.volume.kubernetes.io/volume-attributes"
+	csiPluginName = "kubernetes.io/csi"
 
 	// TODO (vladimirvivien) implement a more dynamic way to discover
 	// the unix domain socket path for each installed csi driver.
@@ -45,12 +42,6 @@ const (
 	volDataFileName = "vol_data.json"
 )
 
-var (
-	// csiVersion supported csi version
-	csiVersion     = &csipb.Version{Major: 0, Minor: 1, Patch: 0}
-	driverNameRexp = regexp.MustCompile(`^[A-Za-z]+(\.?-?_?[A-Za-z0-9-])+$`)
-)
-
 type csiPlugin struct {
 	host volume.VolumeHost
 }
@@ -85,12 +76,6 @@ func (p *csiPlugin) GetVolumeName(spec *volume.Spec) (string, error) {
 		return "", err
 	}
 
-	//TODO (vladimirvivien) this validation should be done at the API validation check
-	if !isDriverNameValid(csi.Driver) {
-		glog.Error(log("plugin.GetVolumeName failed to create volume name: invalid csi driver name %s", csi.Driver))
-		return "", errors.New("invalid csi driver name")
-	}
-
 	// return driverName<separator>volumeHandle
 	return fmt.Sprintf("%s%s%s", csi.Driver, volNameSep, csi.VolumeHandle), nil
 }
@@ -113,12 +98,9 @@ func (p *csiPlugin) NewMounter(
 	if err != nil {
 		return nil, err
 	}
-
-	// TODO (vladimirvivien) consider moving this check in API validation
-	// check Driver name to conform to CSI spec
-	if !isDriverNameValid(pvSource.Driver) {
-		glog.Error(log("driver name does not conform to CSI spec: %s", pvSource.Driver))
-		return nil, errors.New("driver name is invalid")
+	readOnly, err := getReadOnlyFromSpec(spec)
+	if err != nil {
+		return nil, err
 	}
 
 	// before it is used in any paths such as socket etc
@@ -142,6 +124,7 @@ func (p *csiPlugin) NewMounter(
 		volumeID:     pvSource.VolumeHandle,
 		specVolumeID: spec.Name(),
 		csiClient:    client,
+		readOnly:     readOnly,
 	}
 	return mounter, nil
 }
@@ -239,15 +222,16 @@ func getCSISourceFromSpec(spec *volume.Spec) (*api.CSIPersistentVolumeSource, er
 	return nil, fmt.Errorf("CSIPersistentVolumeSource not defined in spec")
 }
 
+func getReadOnlyFromSpec(spec *volume.Spec) (bool, error) {
+	if spec.PersistentVolume != nil &&
+		spec.PersistentVolume.Spec.CSI != nil {
+		return spec.ReadOnly, nil
+	}
+
+	return false, fmt.Errorf("CSIPersistentVolumeSource not defined in spec")
+}
+
 // log prepends log string with `kubernetes.io/csi`
 func log(msg string, parts ...interface{}) string {
 	return fmt.Sprintf(fmt.Sprintf("%s: %s", csiPluginName, msg), parts...)
 }
-
-// isDriverNameValid validates the driverName using CSI spec
-func isDriverNameValid(name string) bool {
-	if len(name) == 0 || len(name) > 63 {
-		return false
-	}
-	return driverNameRexp.MatchString(name)
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/csi/csi_util.go b/vendor/k8s.io/kubernetes/pkg/volume/csi/csi_util.go
new file mode 100644
index 000000000000..6f5e0cd1b707
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/volume/csi/csi_util.go
@@ -0,0 +1,38 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package csi
+
+import (
+	"github.com/golang/glog"
+	api "k8s.io/api/core/v1"
+	meta "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/client-go/kubernetes"
+)
+
+func getCredentialsFromSecret(k8s kubernetes.Interface, secretRef *api.SecretReference) map[string]string {
+	credentials := map[string]string{}
+	secret, err := k8s.CoreV1().Secrets(secretRef.Namespace).Get(secretRef.Name, meta.GetOptions{})
+	if err != nil {
+		glog.Warningf("failed to find the secret %s in the namespace %s with error: %v\n", secretRef.Name, secretRef.Namespace, err)
+		return credentials
+	}
+	for key, value := range secret.Data {
+		credentials[key] = string(value)
+	}
+
+	return credentials
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/downwardapi/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/downwardapi/BUILD
index d84c809751a6..adfdd9ab9c17 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/downwardapi/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/downwardapi/BUILD
@@ -26,8 +26,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["downwardapi_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/volume/downwardapi",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/fieldpath:go_default_library",
         "//pkg/volume:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/downwardapi/downwardapi.go b/vendor/k8s.io/kubernetes/pkg/volume/downwardapi/downwardapi.go
index 77263d52a198..dc69a0916075 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/downwardapi/downwardapi.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/downwardapi/downwardapi.go
@@ -286,7 +286,7 @@ func (c *downwardAPIVolumeUnmounter) TearDown() error {
 }
 
 func (c *downwardAPIVolumeUnmounter) TearDownAt(dir string) error {
-	return volume.UnmountViaEmptyDir(dir, c.plugin.host, c.volName, wrappedVolumeSpec(), c.podUID)
+	return volumeutil.UnmountViaEmptyDir(dir, c.plugin.host, c.volName, wrappedVolumeSpec(), c.podUID)
 }
 
 func (b *downwardAPIVolumeMounter) getMetaDir() string {
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/empty_dir/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/empty_dir/BUILD
index c20dd4f39f50..4d7fa11936f8 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/empty_dir/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/empty_dir/BUILD
@@ -11,11 +11,40 @@ go_library(
     srcs = [
         "doc.go",
         "empty_dir.go",
-        "empty_dir_unsupported.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:android": [
+            "empty_dir_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "empty_dir_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "empty_dir_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "empty_dir_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "empty_dir_linux.go",
         ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "empty_dir_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "empty_dir_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "empty_dir_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "empty_dir_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "empty_dir_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "empty_dir_unsupported.go",
+        ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/volume/empty_dir",
@@ -31,7 +60,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//vendor/golang.org/x/sys/unix:go_default_library",
         ],
         "//conditions:default": [],
@@ -41,15 +70,14 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "empty_dir_test.go",
         ],
         "//conditions:default": [],
     }),
-    importpath = "k8s.io/kubernetes/pkg/volume/empty_dir",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "//pkg/util/mount:go_default_library",
             "//pkg/volume:go_default_library",
             "//pkg/volume/testing:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/empty_dir/empty_dir.go b/vendor/k8s.io/kubernetes/pkg/volume/empty_dir/empty_dir.go
index ef7807601eec..e0687e4e89df 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/empty_dir/empty_dir.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/empty_dir/empty_dir.go
@@ -155,20 +155,12 @@ func (plugin *emptyDirPlugin) ConstructVolumeSpec(volName, mountPath string) (*v
 type mountDetector interface {
 	// GetMountMedium determines what type of medium a given path is backed
 	// by and whether that path is a mount point.  For example, if this
-	// returns (mediumMemory, false, nil), the caller knows that the path is
+	// returns (v1.StorageMediumMemory, false, nil), the caller knows that the path is
 	// on a memory FS (tmpfs on Linux) but is not the root mountpoint of
 	// that tmpfs.
-	GetMountMedium(path string) (storageMedium, bool, error)
+	GetMountMedium(path string) (v1.StorageMedium, bool, error)
 }
 
-type storageMedium int
-
-const (
-	mediumUnknown   storageMedium = 0 // assume anything we don't explicitly handle is this
-	mediumMemory    storageMedium = 1 // memory (e.g. tmpfs on linux)
-	mediumHugepages storageMedium = 2 // hugepages
-)
-
 // EmptyDir volumes are temporary directories exposed to the pod.
 // These do not persist beyond the lifetime of a pod.
 type emptyDir struct {
@@ -257,7 +249,7 @@ func (ed *emptyDir) setupTmpfs(dir string) error {
 	}
 	// If the directory is a mountpoint with medium memory, there is no
 	// work to do since we are already in the desired state.
-	if isMnt && medium == mediumMemory {
+	if isMnt && medium == v1.StorageMediumMemory {
 		return nil
 	}
 
@@ -280,7 +272,7 @@ func (ed *emptyDir) setupHugepages(dir string) error {
 	}
 	// If the directory is a mountpoint with medium hugepages, there is no
 	// work to do since we are already in the desired state.
-	if isMnt && medium == mediumHugepages {
+	if isMnt && medium == v1.StorageMediumHugePages {
 		return nil
 	}
 
@@ -388,10 +380,10 @@ func (ed *emptyDir) TearDownAt(dir string) error {
 		return err
 	}
 	if isMnt {
-		if medium == mediumMemory {
+		if medium == v1.StorageMediumMemory {
 			ed.medium = v1.StorageMediumMemory
 			return ed.teardownTmpfsOrHugetlbfs(dir)
-		} else if medium == mediumHugepages {
+		} else if medium == v1.StorageMediumHugePages {
 			ed.medium = v1.StorageMediumHugePages
 			return ed.teardownTmpfsOrHugetlbfs(dir)
 		}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/empty_dir/empty_dir_linux.go b/vendor/k8s.io/kubernetes/pkg/volume/empty_dir/empty_dir_linux.go
index e7d04fbc18f9..ba289fee9fbd 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/empty_dir/empty_dir_linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/empty_dir/empty_dir_linux.go
@@ -23,6 +23,8 @@ import (
 
 	"github.com/golang/glog"
 	"golang.org/x/sys/unix"
+
+	"k8s.io/api/core/v1"
 	"k8s.io/kubernetes/pkg/util/mount"
 )
 
@@ -37,22 +39,22 @@ type realMountDetector struct {
 	mounter mount.Interface
 }
 
-func (m *realMountDetector) GetMountMedium(path string) (storageMedium, bool, error) {
+func (m *realMountDetector) GetMountMedium(path string) (v1.StorageMedium, bool, error) {
 	glog.V(5).Infof("Determining mount medium of %v", path)
 	notMnt, err := m.mounter.IsLikelyNotMountPoint(path)
 	if err != nil {
-		return 0, false, fmt.Errorf("IsLikelyNotMountPoint(%q): %v", path, err)
+		return v1.StorageMediumDefault, false, fmt.Errorf("IsLikelyNotMountPoint(%q): %v", path, err)
 	}
 	buf := unix.Statfs_t{}
 	if err := unix.Statfs(path, &buf); err != nil {
-		return 0, false, fmt.Errorf("statfs(%q): %v", path, err)
+		return v1.StorageMediumDefault, false, fmt.Errorf("statfs(%q): %v", path, err)
 	}
 
 	glog.V(5).Infof("Statfs_t of %v: %+v", path, buf)
 	if buf.Type == linuxTmpfsMagic {
-		return mediumMemory, !notMnt, nil
+		return v1.StorageMediumMemory, !notMnt, nil
 	} else if int64(buf.Type) == linuxHugetlbfsMagic {
-		return mediumHugepages, !notMnt, nil
+		return v1.StorageMediumHugePages, !notMnt, nil
 	}
-	return mediumUnknown, !notMnt, nil
+	return v1.StorageMediumDefault, !notMnt, nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/empty_dir/empty_dir_unsupported.go b/vendor/k8s.io/kubernetes/pkg/volume/empty_dir/empty_dir_unsupported.go
index c389ace7c30b..defbfc5e196a 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/empty_dir/empty_dir_unsupported.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/empty_dir/empty_dir_unsupported.go
@@ -19,6 +19,7 @@ limitations under the License.
 package empty_dir
 
 import (
+	"k8s.io/api/core/v1"
 	"k8s.io/kubernetes/pkg/util/mount"
 )
 
@@ -27,6 +28,6 @@ type realMountDetector struct {
 	mounter mount.Interface
 }
 
-func (m *realMountDetector) GetMountMedium(path string) (storageMedium, bool, error) {
-	return mediumUnknown, false, nil
+func (m *realMountDetector) GetMountMedium(path string) (v1.StorageMedium, bool, error) {
+	return v1.StorageMediumDefault, false, nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/fc/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/fc/BUILD
index b8d53706fb1a..4d3374ae9d22 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/fc/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/fc/BUILD
@@ -22,7 +22,7 @@ go_library(
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
+        "//pkg/volume/util/volumepathhandler:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
@@ -37,12 +37,12 @@ go_test(
         "fc_test.go",
         "fc_util_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/volume/fc",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/testing:go_default_library",
+        "//pkg/volume/util:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/fc/attacher.go b/vendor/k8s.io/kubernetes/pkg/volume/fc/attacher.go
index a0714dab36bd..77549e9b5bd3 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/fc/attacher.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/fc/attacher.go
@@ -31,7 +31,6 @@ import (
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
 	volumeutil "k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 type fcAttacher struct {
@@ -113,7 +112,7 @@ func (attacher *fcAttacher) MountDevice(spec *volume.Spec, devicePath string, de
 	}
 	if notMnt {
 		diskMounter := &mount.SafeFormatAndMount{Interface: mounter, Exec: attacher.host.GetExec(fcPluginName)}
-		mountOptions := volume.MountOptionFromSpec(spec, options...)
+		mountOptions := volumeutil.MountOptionFromSpec(spec, options...)
 		err = diskMounter.FormatAndMount(devicePath, deviceMountPath, volumeSource.FSType, mountOptions)
 		if err != nil {
 			os.Remove(deviceMountPath)
@@ -189,7 +188,7 @@ func volumeSpecToMounter(spec *volume.Spec, host volume.VolumeHost) (*fcDiskMoun
 	}
 	// TODO: remove feature gate check after no longer needed
 	if utilfeature.DefaultFeatureGate.Enabled(features.BlockVolume) {
-		volumeMode, err := volumehelper.GetVolumeMode(spec)
+		volumeMode, err := volumeutil.GetVolumeMode(spec)
 		if err != nil {
 			return nil, err
 		}
@@ -199,14 +198,16 @@ func volumeSpecToMounter(spec *volume.Spec, host volume.VolumeHost) (*fcDiskMoun
 			fsType:     fc.FSType,
 			volumeMode: volumeMode,
 			readOnly:   readOnly,
-			mounter:    volumehelper.NewSafeFormatAndMountFromHost(fcPluginName, host),
+			mounter:    volumeutil.NewSafeFormatAndMountFromHost(fcPluginName, host),
+			deviceUtil: volumeutil.NewDeviceHandler(volumeutil.NewIOHandler()),
 		}, nil
 	}
 	return &fcDiskMounter{
-		fcDisk:   fcDisk,
-		fsType:   fc.FSType,
-		readOnly: readOnly,
-		mounter:  volumehelper.NewSafeFormatAndMountFromHost(fcPluginName, host),
+		fcDisk:     fcDisk,
+		fsType:     fc.FSType,
+		readOnly:   readOnly,
+		mounter:    volumeutil.NewSafeFormatAndMountFromHost(fcPluginName, host),
+		deviceUtil: volumeutil.NewDeviceHandler(volumeutil.NewIOHandler()),
 	}, nil
 }
 
@@ -215,6 +216,7 @@ func volumeSpecToUnmounter(mounter mount.Interface) *fcDiskUnmounter {
 		fcDisk: &fcDisk{
 			io: &osIOHandler{},
 		},
-		mounter: mounter,
+		mounter:    mounter,
+		deviceUtil: volumeutil.NewDeviceHandler(volumeutil.NewIOHandler()),
 	}
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/fc/disk_manager.go b/vendor/k8s.io/kubernetes/pkg/volume/fc/disk_manager.go
index efd1881808cc..13cf923a9233 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/fc/disk_manager.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/fc/disk_manager.go
@@ -31,7 +31,9 @@ type diskManager interface {
 	// Attaches the disk to the kubelet's host machine.
 	AttachDisk(b fcDiskMounter) (string, error)
 	// Detaches the disk from the kubelet's host machine.
-	DetachDisk(disk fcDiskUnmounter, devName string) error
+	DetachDisk(disk fcDiskUnmounter, devicePath string) error
+	// Detaches the block disk from the kubelet's host machine.
+	DetachBlockFCDisk(disk fcDiskUnmapper, mntPath, devicePath string) error
 }
 
 // utility to mount a disk based filesystem
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/fc/fc.go b/vendor/k8s.io/kubernetes/pkg/volume/fc/fc.go
index f6c2841bda5f..fb7a570155e4 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/fc/fc.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/fc/fc.go
@@ -18,6 +18,7 @@ package fc
 
 import (
 	"fmt"
+	"os"
 	"strconv"
 	"strings"
 
@@ -31,7 +32,7 @@ import (
 	utilstrings "k8s.io/kubernetes/pkg/util/strings"
 	"k8s.io/kubernetes/pkg/volume"
 	"k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
+	"k8s.io/kubernetes/pkg/volume/util/volumepathhandler"
 )
 
 // This is the primary entrypoint for volume plugins.
@@ -81,11 +82,7 @@ func (plugin *fcPlugin) GetVolumeName(spec *volume.Spec) (string, error) {
 }
 
 func (plugin *fcPlugin) CanSupport(spec *volume.Spec) bool {
-	if (spec.Volume != nil && spec.Volume.FC == nil) || (spec.PersistentVolume != nil && spec.PersistentVolume.Spec.FC == nil) {
-		return false
-	}
-
-	return true
+	return (spec.Volume != nil && spec.Volume.FC != nil) || (spec.PersistentVolume != nil && spec.PersistentVolume.Spec.FC != nil)
 }
 
 func (plugin *fcPlugin) RequiresRemount() bool {
@@ -136,7 +133,7 @@ func (plugin *fcPlugin) newMounterInternal(spec *volume.Spec, podUID types.UID,
 	}
 	// TODO: remove feature gate check after no longer needed
 	if utilfeature.DefaultFeatureGate.Enabled(features.BlockVolume) {
-		volumeMode, err := volumehelper.GetVolumeMode(spec)
+		volumeMode, err := util.GetVolumeMode(spec)
 		if err != nil {
 			return nil, err
 		}
@@ -147,13 +144,15 @@ func (plugin *fcPlugin) newMounterInternal(spec *volume.Spec, podUID types.UID,
 			volumeMode: volumeMode,
 			readOnly:   readOnly,
 			mounter:    &mount.SafeFormatAndMount{Interface: mounter, Exec: exec},
+			deviceUtil: util.NewDeviceHandler(util.NewIOHandler()),
 		}, nil
 	}
 	return &fcDiskMounter{
-		fcDisk:   fcDisk,
-		fsType:   fc.FSType,
-		readOnly: readOnly,
-		mounter:  &mount.SafeFormatAndMount{Interface: mounter, Exec: exec},
+		fcDisk:     fcDisk,
+		fsType:     fc.FSType,
+		readOnly:   readOnly,
+		mounter:    &mount.SafeFormatAndMount{Interface: mounter, Exec: exec},
+		deviceUtil: util.NewDeviceHandler(util.NewIOHandler()),
 	}, nil
 
 }
@@ -189,8 +188,9 @@ func (plugin *fcPlugin) newBlockVolumeMapperInternal(spec *volume.Spec, podUID t
 			manager: manager,
 			io:      &osIOHandler{},
 			plugin:  plugin},
-		readOnly: readOnly,
-		mounter:  &mount.SafeFormatAndMount{Interface: mounter, Exec: exec},
+		readOnly:   readOnly,
+		mounter:    &mount.SafeFormatAndMount{Interface: mounter, Exec: exec},
+		deviceUtil: util.NewDeviceHandler(util.NewIOHandler()),
 	}, nil
 }
 
@@ -208,7 +208,8 @@ func (plugin *fcPlugin) newUnmounterInternal(volName string, podUID types.UID, m
 			plugin:  plugin,
 			io:      &osIOHandler{},
 		},
-		mounter: mounter,
+		mounter:    mounter,
+		deviceUtil: util.NewDeviceHandler(util.NewIOHandler()),
 	}, nil
 }
 
@@ -225,42 +226,91 @@ func (plugin *fcPlugin) newUnmapperInternal(volName string, podUID types.UID, ma
 			plugin:  plugin,
 			io:      &osIOHandler{},
 		},
+		deviceUtil: util.NewDeviceHandler(util.NewIOHandler()),
 	}, nil
 }
 
 func (plugin *fcPlugin) ConstructVolumeSpec(volumeName, mountPath string) (*volume.Spec, error) {
-	fcVolume := &v1.Volume{
-		Name: volumeName,
-		VolumeSource: v1.VolumeSource{
-			FC: &v1.FCVolumeSource{},
-		},
+	// Find globalPDPath from pod volume directory(mountPath)
+	// examples:
+	//   mountPath:     pods/{podUid}/volumes/kubernetes.io~fc/{volumeName}
+	//   globalPDPath : plugins/kubernetes.io/fc/50060e801049cfd1-lun-0
+	var globalPDPath string
+	mounter := plugin.host.GetMounter(plugin.GetPluginName())
+	paths, err := mount.GetMountRefs(mounter, mountPath)
+	if err != nil {
+		return nil, err
+	}
+	for _, path := range paths {
+		if strings.Contains(path, plugin.host.GetPluginDir(fcPluginName)) {
+			globalPDPath = path
+			break
+		}
+	}
+	// Couldn't fetch globalPDPath
+	if len(globalPDPath) == 0 {
+		return nil, fmt.Errorf("couldn't fetch globalPDPath. failed to obtain volume spec")
+	}
+	arr := strings.Split(globalPDPath, "/")
+	if len(arr) < 1 {
+		return nil, fmt.Errorf("failed to retrieve volume plugin information from globalPDPath: %v", globalPDPath)
+	}
+	volumeInfo := arr[len(arr)-1]
+	// Create volume from wwn+lun or wwid
+	var fcVolume *v1.Volume
+	if strings.Contains(volumeInfo, "-lun-") {
+		wwnLun := strings.Split(volumeInfo, "-lun-")
+		if len(wwnLun) < 2 {
+			return nil, fmt.Errorf("failed to retrieve TargetWWN and Lun. volumeInfo is invalid: %v", volumeInfo)
+		}
+		lun, err := strconv.Atoi(wwnLun[1])
+		if err != nil {
+			return nil, err
+		}
+		lun32 := int32(lun)
+		fcVolume = &v1.Volume{
+			Name: volumeName,
+			VolumeSource: v1.VolumeSource{
+				FC: &v1.FCVolumeSource{TargetWWNs: []string{wwnLun[0]}, Lun: &lun32},
+			},
+		}
+		glog.V(5).Infof("ConstructVolumeSpec: TargetWWNs: %v, Lun: %v",
+			fcVolume.VolumeSource.FC.TargetWWNs, *fcVolume.VolumeSource.FC.Lun)
+	} else {
+		fcVolume = &v1.Volume{
+			Name: volumeName,
+			VolumeSource: v1.VolumeSource{
+				FC: &v1.FCVolumeSource{WWIDs: []string{volumeInfo}},
+			},
+		}
+		glog.V(5).Infof("ConstructVolumeSpec: WWIDs: %v", fcVolume.VolumeSource.FC.WWIDs)
 	}
 	return volume.NewSpecFromVolume(fcVolume), nil
 }
 
 // ConstructBlockVolumeSpec creates a new volume.Spec with following steps.
-//   - Searchs a file whose name is {pod uuid} under volume plugin directory.
+//   - Searches a file whose name is {pod uuid} under volume plugin directory.
 //   - If a file is found, then retreives volumePluginDependentPath from globalMapPathUUID.
 //   - Once volumePluginDependentPath is obtained, store volume information to VolumeSource
 // examples:
-//   mapPath: pods/{podUid}}/{DefaultKubeletVolumeDevicesDirName}/{escapeQualifiedPluginName}/{volumeName}
+//   mapPath: pods/{podUid}/{DefaultKubeletVolumeDevicesDirName}/{escapeQualifiedPluginName}/{volumeName}
 //   globalMapPathUUID : plugins/kubernetes.io/{PluginName}/{DefaultKubeletVolumeDevicesDirName}/{volumePluginDependentPath}/{pod uuid}
 func (plugin *fcPlugin) ConstructBlockVolumeSpec(podUID types.UID, volumeName, mapPath string) (*volume.Spec, error) {
 	pluginDir := plugin.host.GetVolumeDevicePluginDir(fcPluginName)
-	blkutil := util.NewBlockVolumePathHandler()
+	blkutil := volumepathhandler.NewBlockVolumePathHandler()
 	globalMapPathUUID, err := blkutil.FindGlobalMapPathUUIDFromPod(pluginDir, mapPath, podUID)
 	if err != nil {
 		return nil, err
 	}
 	glog.V(5).Infof("globalMapPathUUID: %v, err: %v", globalMapPathUUID, err)
 
-	// Retreive volumePluginDependentPath from globalMapPathUUID
+	// Retrieve volumePluginDependentPath from globalMapPathUUID
 	// globalMapPathUUID examples:
 	//   wwn+lun: plugins/kubernetes.io/fc/volumeDevices/50060e801049cfd1-lun-0/{pod uuid}
 	//   wwid: plugins/kubernetes.io/fc/volumeDevices/3600508b400105e210000900000490000/{pod uuid}
 	arr := strings.Split(globalMapPathUUID, "/")
 	if len(arr) < 2 {
-		return nil, fmt.Errorf("Fail to retreive volume plugin information from globalMapPathUUID: %v", globalMapPathUUID)
+		return nil, fmt.Errorf("Fail to retrieve volume plugin information from globalMapPathUUID: %v", globalMapPathUUID)
 	}
 	l := len(arr) - 2
 	volumeInfo := arr[l]
@@ -278,7 +328,7 @@ func (plugin *fcPlugin) ConstructBlockVolumeSpec(podUID types.UID, volumeName, m
 			v1.FCVolumeSource{TargetWWNs: []string{wwnLun[0]}, Lun: &lun32})
 		glog.V(5).Infof("ConstructBlockVolumeSpec: TargetWWNs: %v, Lun: %v",
 			fcPV.Spec.PersistentVolumeSource.FC.TargetWWNs,
-			fcPV.Spec.PersistentVolumeSource.FC.Lun)
+			*fcPV.Spec.PersistentVolumeSource.FC.Lun)
 	} else {
 		fcPV = createPersistentVolumeFromFCVolumeSource(volumeName,
 			v1.FCVolumeSource{WWIDs: []string{volumeInfo}})
@@ -328,6 +378,7 @@ type fcDiskMounter struct {
 	fsType     string
 	volumeMode v1.PersistentVolumeMode
 	mounter    *mount.SafeFormatAndMount
+	deviceUtil util.DeviceUtil
 }
 
 var _ volume.Mounter = &fcDiskMounter{}
@@ -362,7 +413,8 @@ func (b *fcDiskMounter) SetUpAt(dir string, fsGroup *int64) error {
 
 type fcDiskUnmounter struct {
 	*fcDisk
-	mounter mount.Interface
+	mounter    mount.Interface
+	deviceUtil util.DeviceUtil
 }
 
 var _ volume.Unmounter = &fcDiskUnmounter{}
@@ -380,8 +432,9 @@ func (c *fcDiskUnmounter) TearDownAt(dir string) error {
 // Block Volumes Support
 type fcDiskMapper struct {
 	*fcDisk
-	readOnly bool
-	mounter  mount.Interface
+	readOnly   bool
+	mounter    mount.Interface
+	deviceUtil util.DeviceUtil
 }
 
 var _ volume.BlockVolumeMapper = &fcDiskMapper{}
@@ -392,18 +445,22 @@ func (b *fcDiskMapper) SetUpDevice() (string, error) {
 
 type fcDiskUnmapper struct {
 	*fcDisk
+	deviceUtil util.DeviceUtil
 }
 
 var _ volume.BlockVolumeUnmapper = &fcDiskUnmapper{}
 
-func (c *fcDiskUnmapper) TearDownDevice(_, devicePath string) error {
-	// Remove scsi device from the node.
-	if !strings.HasPrefix(devicePath, "/dev/") {
-		return fmt.Errorf("fc detach disk: invalid device name: %s", devicePath)
+func (c *fcDiskUnmapper) TearDownDevice(mapPath, devicePath string) error {
+	err := c.manager.DetachBlockFCDisk(*c, mapPath, devicePath)
+	if err != nil {
+		return fmt.Errorf("fc: failed to detach disk: %s\nError: %v", mapPath, err)
+	}
+	glog.V(4).Infof("fc: %q is unmounted, deleting the directory", mapPath)
+	err = os.RemoveAll(mapPath)
+	if err != nil {
+		return fmt.Errorf("fc: failed to delete the directory: %s\nError: %v", mapPath, err)
 	}
-	arr := strings.Split(devicePath, "/")
-	dev := arr[len(arr)-1]
-	removeFromScsiSubsystem(dev, c.io)
+	glog.V(4).Infof("fc: successfully detached disk: %s", mapPath)
 	return nil
 }
 
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/fc/fc_util.go b/vendor/k8s.io/kubernetes/pkg/volume/fc/fc_util.go
index 83d930220b5b..390827541028 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/fc/fc_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/fc/fc_util.go
@@ -29,6 +29,8 @@ import (
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	"k8s.io/kubernetes/pkg/features"
 	"k8s.io/kubernetes/pkg/volume"
+	volumeutil "k8s.io/kubernetes/pkg/volume/util"
+	"k8s.io/kubernetes/pkg/volume/util/volumepathhandler"
 )
 
 type ioHandler interface {
@@ -40,6 +42,11 @@ type ioHandler interface {
 
 type osIOHandler struct{}
 
+const (
+	byPath = "/dev/disk/by-path/"
+	byID   = "/dev/disk/by-id/"
+)
+
 func (handler *osIOHandler) ReadDir(dirname string) ([]os.FileInfo, error) {
 	return ioutil.ReadDir(dirname)
 }
@@ -53,37 +60,17 @@ func (handler *osIOHandler) WriteFile(filename string, data []byte, perm os.File
 	return ioutil.WriteFile(filename, data, perm)
 }
 
-// given a disk path like /dev/sdx, find the devicemapper parent
-// TODO #23192 Convert this code to use the generic code in ../util
-// which is used by the iSCSI implementation
-func findMultipathDeviceMapper(disk string, io ioHandler) string {
-	sys_path := "/sys/block/"
-	if dirs, err := io.ReadDir(sys_path); err == nil {
-		for _, f := range dirs {
-			name := f.Name()
-			if strings.HasPrefix(name, "dm-") {
-				if _, err1 := io.Lstat(sys_path + name + "/slaves/" + disk); err1 == nil {
-					return "/dev/" + name
-				}
-			}
-		}
-	}
-	return ""
-}
-
 // given a wwn and lun, find the device and associated devicemapper parent
-func findDisk(wwn, lun string, io ioHandler) (string, string) {
+func findDisk(wwn, lun string, io ioHandler, deviceUtil volumeutil.DeviceUtil) (string, string) {
 	fc_path := "-fc-0x" + wwn + "-lun-" + lun
-	dev_path := "/dev/disk/by-path/"
+	dev_path := byPath
 	if dirs, err := io.ReadDir(dev_path); err == nil {
 		for _, f := range dirs {
 			name := f.Name()
 			if strings.Contains(name, fc_path) {
 				if disk, err1 := io.EvalSymlinks(dev_path + name); err1 == nil {
-					arr := strings.Split(disk, "/")
-					l := len(arr) - 1
-					dev := arr[l]
-					dm := findMultipathDeviceMapper(dev, io)
+					dm := deviceUtil.FindMultipathDeviceForDevice(disk)
+					glog.Infof("fc: find disk: %v, dm: %v", disk, dm)
 					return disk, dm
 				}
 			}
@@ -93,7 +80,7 @@ func findDisk(wwn, lun string, io ioHandler) (string, string) {
 }
 
 // given a wwid, find the device and associated devicemapper parent
-func findDiskWWIDs(wwid string, io ioHandler) (string, string) {
+func findDiskWWIDs(wwid string, io ioHandler, deviceUtil volumeutil.DeviceUtil) (string, string) {
 	// Example wwid format:
 	//   3600508b400105e210000900000490000
 	//   <VENDOR NAME> <IDENTIFIER NUMBER>
@@ -104,7 +91,7 @@ func findDiskWWIDs(wwid string, io ioHandler) (string, string) {
 	// underscore when wwid is exposed under /dev/by-id.
 
 	fc_path := "scsi-" + wwid
-	dev_id := "/dev/disk/by-id/"
+	dev_id := byID
 	if dirs, err := io.ReadDir(dev_id); err == nil {
 		for _, f := range dirs {
 			name := f.Name()
@@ -114,10 +101,8 @@ func findDiskWWIDs(wwid string, io ioHandler) (string, string) {
 					glog.V(2).Infof("fc: failed to find a corresponding disk from symlink[%s], error %v", dev_id+name, err)
 					return "", ""
 				}
-				arr := strings.Split(disk, "/")
-				l := len(arr) - 1
-				dev := arr[l]
-				dm := findMultipathDeviceMapper(dev, io)
+				dm := deviceUtil.FindMultipathDeviceForDevice(disk)
+				glog.Infof("fc: find disk: %v, dm: %v", disk, dm)
 				return disk, dm
 			}
 		}
@@ -197,9 +182,9 @@ func searchDisk(b fcDiskMounter) (string, error) {
 	for true {
 		for _, diskId := range diskIds {
 			if len(wwns) != 0 {
-				disk, dm = findDisk(diskId, lun, io)
+				disk, dm = findDisk(diskId, lun, io, b.deviceUtil)
 			} else {
-				disk, dm = findDiskWWIDs(diskId, io)
+				disk, dm = findDiskWWIDs(diskId, io, b.deviceUtil)
 			}
 			// if multipath device is found, break
 			if dm != "" {
@@ -265,13 +250,160 @@ func (util *FCUtil) AttachDisk(b fcDiskMounter) (string, error) {
 	return devicePath, err
 }
 
-func (util *FCUtil) DetachDisk(c fcDiskUnmounter, devName string) error {
+// DetachDisk removes scsi device file such as /dev/sdX from the node.
+func (util *FCUtil) DetachDisk(c fcDiskUnmounter, devicePath string) error {
+	var devices []string
+	// devicePath might be like /dev/mapper/mpathX. Find destination.
+	dstPath, err := c.io.EvalSymlinks(devicePath)
+	if err != nil {
+		return err
+	}
+	// Find slave
+	if strings.HasPrefix(dstPath, "/dev/dm-") {
+		devices = c.deviceUtil.FindSlaveDevicesOnMultipath(dstPath)
+	} else {
+		// Add single devicepath to devices
+		devices = append(devices, dstPath)
+	}
+	glog.V(4).Infof("fc: DetachDisk devicePath: %v, dstPath: %v, devices: %v", devicePath, dstPath, devices)
+	var lastErr error
+	for _, device := range devices {
+		err := util.detachFCDisk(c.io, device)
+		if err != nil {
+			glog.Errorf("fc: detachFCDisk failed. device: %v err: %v", device, err)
+			lastErr = fmt.Errorf("fc: detachFCDisk failed. device: %v err: %v", device, err)
+		}
+	}
+	if lastErr != nil {
+		glog.Errorf("fc: last error occurred during detach disk:\n%v", lastErr)
+		return lastErr
+	}
+	return nil
+}
+
+// detachFCDisk removes scsi device file such as /dev/sdX from the node.
+func (util *FCUtil) detachFCDisk(io ioHandler, devicePath string) error {
 	// Remove scsi device from the node.
-	if !strings.HasPrefix(devName, "/dev/") {
-		return fmt.Errorf("fc detach disk: invalid device name: %s", devName)
+	if !strings.HasPrefix(devicePath, "/dev/") {
+		return fmt.Errorf("fc detach disk: invalid device name: %s", devicePath)
 	}
-	arr := strings.Split(devName, "/")
+	arr := strings.Split(devicePath, "/")
 	dev := arr[len(arr)-1]
-	removeFromScsiSubsystem(dev, c.io)
+	removeFromScsiSubsystem(dev, io)
+	return nil
+}
+
+// DetachBlockFCDisk detaches a volume from kubelet node, removes scsi device file
+// such as /dev/sdX from the node, and then removes loopback for the scsi device.
+func (util *FCUtil) DetachBlockFCDisk(c fcDiskUnmapper, mapPath, devicePath string) error {
+	// Check if devicePath is valid
+	if len(devicePath) != 0 {
+		if pathExists, pathErr := checkPathExists(devicePath); !pathExists || pathErr != nil {
+			return pathErr
+		}
+	} else {
+		// TODO: FC plugin can't obtain the devicePath from kubelet because devicePath
+		// in volume object isn't updated when volume is attached to kubelet node.
+		glog.Infof("fc: devicePath is empty. Try to retrieve FC configuration from global map path: %v", mapPath)
+	}
+
+	// Check if global map path is valid
+	// global map path examples:
+	//   wwn+lun: plugins/kubernetes.io/fc/volumeDevices/50060e801049cfd1-lun-0/
+	//   wwid: plugins/kubernetes.io/fc/volumeDevices/3600508b400105e210000900000490000/
+	if pathExists, pathErr := checkPathExists(mapPath); !pathExists || pathErr != nil {
+		return pathErr
+	}
+
+	// Retrieve volume plugin dependent path like '50060e801049cfd1-lun-0' from global map path
+	arr := strings.Split(mapPath, "/")
+	if len(arr) < 1 {
+		return fmt.Errorf("Fail to retrieve volume plugin information from global map path: %v", mapPath)
+	}
+	volumeInfo := arr[len(arr)-1]
+
+	// Search symbolick link which matches volumeInfo under /dev/disk/by-path or /dev/disk/by-id
+	// then find destination device path from the link
+	searchPath := byID
+	if strings.Contains(volumeInfo, "-lun-") {
+		searchPath = byPath
+	}
+	fis, err := ioutil.ReadDir(searchPath)
+	if err != nil {
+		return err
+	}
+	for _, fi := range fis {
+		if strings.Contains(fi.Name(), volumeInfo) {
+			devicePath = path.Join(searchPath, fi.Name())
+			glog.V(5).Infof("fc: updated devicePath: %s", devicePath)
+			break
+		}
+	}
+	if len(devicePath) == 0 {
+		return fmt.Errorf("fc: failed to find corresponding device from searchPath: %v", searchPath)
+	}
+	dstPath, err := c.io.EvalSymlinks(devicePath)
+	if err != nil {
+		return err
+	}
+	glog.V(4).Infof("fc: find destination device path from symlink: %v", dstPath)
+
+	// Get loopback device which takes fd lock for device beofore detaching a volume from node.
+	// TODO: This is a workaround for issue #54108
+	// Currently local attach plugins such as FC, iSCSI, RBD can't obtain devicePath during
+	// GenerateUnmapDeviceFunc() in operation_generator. As a result, these plugins fail to get
+	// and remove loopback device then it will be remained on kubelet node. To avoid the problem,
+	// local attach plugins needs to remove loopback device during TearDownDevice().
+	var devices []string
+	blkUtil := volumepathhandler.NewBlockVolumePathHandler()
+	dm := c.deviceUtil.FindMultipathDeviceForDevice(dstPath)
+	if len(dm) != 0 {
+		dstPath = dm
+	}
+	loop, err := volumepathhandler.BlockVolumePathHandler.GetLoopDevice(blkUtil, dstPath)
+	if err != nil {
+		if err.Error() != volumepathhandler.ErrDeviceNotFound {
+			return fmt.Errorf("fc: failed to get loopback for destination path: %v, err: %v", dstPath, err)
+		}
+		glog.Warning("fc: loopback for destination path: %s not found", dstPath)
+	}
+
+	// Detach volume from kubelet node
+	if len(dm) != 0 {
+		// Find all devices which are managed by multipath
+		devices = c.deviceUtil.FindSlaveDevicesOnMultipath(dm)
+	} else {
+		// Add single device path to devices
+		devices = append(devices, dstPath)
+	}
+	var lastErr error
+	for _, device := range devices {
+		err = util.detachFCDisk(c.io, device)
+		if err != nil {
+			glog.Errorf("fc: detachFCDisk failed. device: %v err: %v", device, err)
+			lastErr = fmt.Errorf("fc: detachFCDisk failed. device: %v err: %v", device, err)
+		}
+	}
+	if lastErr != nil {
+		glog.Errorf("fc: last error occurred during detach disk:\n%v", lastErr)
+		return lastErr
+	}
+	if len(loop) != 0 {
+		// The volume was successfully detached from node. We can safely remove the loopback.
+		err = volumepathhandler.BlockVolumePathHandler.RemoveLoopDevice(blkUtil, loop)
+		if err != nil {
+			return fmt.Errorf("fc: failed to remove loopback :%v, err: %v", loop, err)
+		}
+	}
 	return nil
 }
+
+func checkPathExists(path string) (bool, error) {
+	if pathExists, pathErr := volumeutil.PathExists(path); pathErr != nil {
+		return pathExists, fmt.Errorf("Error checking if path exists: %v", pathErr)
+	} else if !pathExists {
+		glog.Warningf("Warning: Unmap skipped because path does not exist: %v", path)
+		return pathExists, nil
+	}
+	return true, nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/BUILD
index b55261ee62bb..3a4ba7e1c275 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/BUILD
@@ -54,8 +54,7 @@ go_test(
         "probe_test.go",
         "unmounter_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/volume/flexvolume",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/util/filesystem:go_default_library",
         "//pkg/util/mount:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/attacher-defaults.go b/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/attacher-defaults.go
index bf8dcfe82541..e578443c47b9 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/attacher-defaults.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/attacher-defaults.go
@@ -48,7 +48,16 @@ func (a *attacherDefaults) GetDeviceMountPath(spec *volume.Spec, mountsDir strin
 // MountDevice is part of the volume.Attacher interface
 func (a *attacherDefaults) MountDevice(spec *volume.Spec, devicePath string, deviceMountPath string, mounter mount.Interface) error {
 	glog.Warning(logPrefix(a.plugin.flexVolumePlugin), "using default MountDevice for volume ", spec.Name, ", device ", devicePath, ", deviceMountPath ", deviceMountPath)
-	volSource, readOnly := getVolumeSource(spec)
+
+	volSourceFSType, err := getFSType(spec)
+	if err != nil {
+		return err
+	}
+
+	readOnly, err := getReadOnly(spec)
+	if err != nil {
+		return err
+	}
 
 	options := make([]string, 0)
 
@@ -60,5 +69,5 @@ func (a *attacherDefaults) MountDevice(spec *volume.Spec, devicePath string, dev
 
 	diskMounter := &mount.SafeFormatAndMount{Interface: mounter, Exec: a.plugin.host.GetExec(a.plugin.GetPluginName())}
 
-	return diskMounter.FormatAndMount(devicePath, deviceMountPath, volSource.FSType, options)
+	return diskMounter.FormatAndMount(devicePath, deviceMountPath, volSourceFSType, options)
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/detacher.go b/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/detacher.go
index d2aba85b93fc..c55ffbfa4739 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/detacher.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/detacher.go
@@ -19,7 +19,6 @@ package flexvolume
 import (
 	"fmt"
 	"os"
-	"time"
 
 	"github.com/golang/glog"
 	"k8s.io/apimachinery/pkg/types"
@@ -47,18 +46,6 @@ func (d *flexVolumeDetacher) Detach(volumeName string, hostName types.NodeName)
 	return err
 }
 
-// WaitForDetach is part of the volume.Detacher interface.
-func (d *flexVolumeDetacher) WaitForDetach(devicePath string, timeout time.Duration) error {
-	call := d.plugin.NewDriverCallWithTimeout(waitForDetachCmd, timeout)
-	call.Append(devicePath)
-
-	_, err := call.Run()
-	if isCmdNotSupportedErr(err) {
-		return (*detacherDefaults)(d).WaitForDetach(devicePath, timeout)
-	}
-	return err
-}
-
 // UnmountDevice is part of the volume.Detacher interface.
 func (d *flexVolumeDetacher) UnmountDevice(deviceMountPath string) error {
 
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/driver-call.go b/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/driver-call.go
index e3e4527ddc97..5b089df07a6f 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/driver-call.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/driver-call.go
@@ -39,7 +39,6 @@ const (
 	mountDeviceCmd   = "mountdevice"
 
 	detachCmd        = "detach"
-	waitForDetachCmd = "waitfordetach"
 	unmountDeviceCmd = "unmountdevice"
 
 	mountCmd   = "mount"
@@ -162,10 +161,25 @@ func (dc *DriverCall) Run() (*DriverStatus, error) {
 type OptionsForDriver map[string]string
 
 func NewOptionsForDriver(spec *volume.Spec, host volume.VolumeHost, extraOptions map[string]string) (OptionsForDriver, error) {
-	volSource, readOnly := getVolumeSource(spec)
+
+	volSourceFSType, err := getFSType(spec)
+	if err != nil {
+		return nil, err
+	}
+
+	readOnly, err := getReadOnly(spec)
+	if err != nil {
+		return nil, err
+	}
+
+	volSourceOptions, err := getOptions(spec)
+	if err != nil {
+		return nil, err
+	}
+
 	options := map[string]string{}
 
-	options[optionFSType] = volSource.FSType
+	options[optionFSType] = volSourceFSType
 
 	if readOnly {
 		options[optionReadWrite] = "ro"
@@ -179,7 +193,7 @@ func NewOptionsForDriver(spec *volume.Spec, host volume.VolumeHost, extraOptions
 		options[key] = value
 	}
 
-	for key, value := range volSource.Options {
+	for key, value := range volSourceOptions {
 		options[key] = value
 	}
 
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/plugin.go b/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/plugin.go
index 6de4614a9360..861ab4a3bb69 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/plugin.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/plugin.go
@@ -30,6 +30,7 @@ import (
 	"k8s.io/kubernetes/pkg/util/mount"
 	utilstrings "k8s.io/kubernetes/pkg/util/strings"
 	"k8s.io/kubernetes/pkg/volume"
+	"k8s.io/kubernetes/pkg/volume/util"
 	"k8s.io/utils/exec"
 )
 
@@ -103,7 +104,7 @@ func (plugin *flexVolumePlugin) getExecutable() string {
 	execName := parts[len(parts)-1]
 	execPath := path.Join(plugin.execPath, execName)
 	if runtime.GOOS == "windows" {
-		execPath = volume.GetWindowsPath(execPath)
+		execPath = util.GetWindowsPath(execPath)
 	}
 	return execPath
 }
@@ -137,8 +138,11 @@ func (plugin *flexVolumePlugin) GetVolumeName(spec *volume.Spec) (string, error)
 
 // CanSupport is part of the volume.VolumePlugin interface.
 func (plugin *flexVolumePlugin) CanSupport(spec *volume.Spec) bool {
-	source, _ := getVolumeSource(spec)
-	return (source != nil) && (source.Driver == plugin.driverName)
+	sourceDriver, err := getDriver(spec)
+	if err != nil {
+		return false
+	}
+	return sourceDriver == plugin.driverName
 }
 
 // RequiresRemount is part of the volume.VolumePlugin interface.
@@ -161,10 +165,19 @@ func (plugin *flexVolumePlugin) NewMounter(spec *volume.Spec, pod *api.Pod, _ vo
 
 // newMounterInternal is the internal mounter routine to build the volume.
 func (plugin *flexVolumePlugin) newMounterInternal(spec *volume.Spec, pod *api.Pod, mounter mount.Interface, runner exec.Interface) (volume.Mounter, error) {
-	source, readOnly := getVolumeSource(spec)
+	sourceDriver, err := getDriver(spec)
+	if err != nil {
+		return nil, err
+	}
+
+	readOnly, err := getReadOnly(spec)
+	if err != nil {
+		return nil, err
+	}
+
 	return &flexVolumeMounter{
 		flexVolume: &flexVolume{
-			driverName:            source.Driver,
+			driverName:            sourceDriver,
 			execPath:              plugin.getExecutable(),
 			mounter:               mounter,
 			plugin:                plugin,
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/probe.go b/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/probe.go
index d91ad388b09f..269ff0839ab0 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/probe.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/probe.go
@@ -176,7 +176,7 @@ func (prober *flexVolumeProber) updateProbeNeeded() {
 // on its parent directory.
 func (prober *flexVolumeProber) addWatchRecursive(filename string) error {
 	addWatch := func(path string, info os.FileInfo, err error) error {
-		if info.IsDir() {
+		if err == nil && info.IsDir() {
 			if err := prober.watcher.AddWatch(path); err != nil {
 				glog.Errorf("Error recursively adding watch: %v", err)
 			}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/util.go b/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/util.go
index bc86e1a60daa..b706712101c7 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/util.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/flexvolume/util.go
@@ -22,15 +22,18 @@ import (
 	"os"
 
 	"github.com/golang/glog"
-	api "k8s.io/api/core/v1"
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
 	"k8s.io/kubernetes/pkg/volume/util"
 )
 
 func addSecretsToOptions(options map[string]string, spec *volume.Spec, namespace string, driverName string, host volume.VolumeHost) error {
-	fv, _ := getVolumeSource(spec)
-	if fv.SecretRef == nil {
+	secretName, secretNamespace, err := getSecretNameAndNamespace(spec, namespace)
+	if err != nil {
+		return err
+	}
+
+	if len(secretName) == 0 || len(secretNamespace) == 0 {
 		return nil
 	}
 
@@ -39,9 +42,9 @@ func addSecretsToOptions(options map[string]string, spec *volume.Spec, namespace
 		return fmt.Errorf("Cannot get kube client")
 	}
 
-	secrets, err := util.GetSecretForPV(namespace, fv.SecretRef.Name, driverName, host.GetKubeClient())
+	secrets, err := util.GetSecretForPV(secretNamespace, secretName, driverName, host.GetKubeClient())
 	if err != nil {
-		err = fmt.Errorf("Couldn't get secret %v/%v err: %v", namespace, fv.SecretRef.Name, err)
+		err = fmt.Errorf("Couldn't get secret %v/%v err: %v", secretNamespace, secretName, err)
 		return err
 	}
 	for name, data := range secrets {
@@ -52,15 +55,68 @@ func addSecretsToOptions(options map[string]string, spec *volume.Spec, namespace
 	return nil
 }
 
-func getVolumeSource(spec *volume.Spec) (volumeSource *api.FlexVolumeSource, readOnly bool) {
+var notFlexVolume = fmt.Errorf("not a flex volume")
+
+func getDriver(spec *volume.Spec) (string, error) {
+	if spec.Volume != nil && spec.Volume.FlexVolume != nil {
+		return spec.Volume.FlexVolume.Driver, nil
+	}
+	if spec.PersistentVolume != nil && spec.PersistentVolume.Spec.FlexVolume != nil {
+		return spec.PersistentVolume.Spec.FlexVolume.Driver, nil
+	}
+	return "", notFlexVolume
+}
+
+func getFSType(spec *volume.Spec) (string, error) {
+	if spec.Volume != nil && spec.Volume.FlexVolume != nil {
+		return spec.Volume.FlexVolume.FSType, nil
+	}
+	if spec.PersistentVolume != nil && spec.PersistentVolume.Spec.FlexVolume != nil {
+		return spec.PersistentVolume.Spec.FlexVolume.FSType, nil
+	}
+	return "", notFlexVolume
+}
+
+func getSecretNameAndNamespace(spec *volume.Spec, podNamespace string) (string, string, error) {
 	if spec.Volume != nil && spec.Volume.FlexVolume != nil {
-		volumeSource = spec.Volume.FlexVolume
-		readOnly = volumeSource.ReadOnly
-	} else if spec.PersistentVolume != nil {
-		volumeSource = spec.PersistentVolume.Spec.FlexVolume
-		readOnly = spec.ReadOnly
+		if spec.Volume.FlexVolume.SecretRef == nil {
+			return "", "", nil
+		}
+		return spec.Volume.FlexVolume.SecretRef.Name, podNamespace, nil
+	}
+	if spec.PersistentVolume != nil && spec.PersistentVolume.Spec.FlexVolume != nil {
+		if spec.PersistentVolume.Spec.FlexVolume.SecretRef == nil {
+			return "", "", nil
+		}
+		secretName := spec.PersistentVolume.Spec.FlexVolume.SecretRef.Name
+		secretNamespace := spec.PersistentVolume.Spec.FlexVolume.SecretRef.Namespace
+		if len(secretNamespace) == 0 {
+			secretNamespace = podNamespace
+		}
+		return secretName, secretNamespace, nil
+	}
+	return "", "", notFlexVolume
+}
+
+func getReadOnly(spec *volume.Spec) (bool, error) {
+	if spec.Volume != nil && spec.Volume.FlexVolume != nil {
+		return spec.Volume.FlexVolume.ReadOnly, nil
+	}
+	if spec.PersistentVolume != nil && spec.PersistentVolume.Spec.FlexVolume != nil {
+		// ReadOnly is specified at the PV level
+		return spec.ReadOnly, nil
+	}
+	return false, notFlexVolume
+}
+
+func getOptions(spec *volume.Spec) (map[string]string, error) {
+	if spec.Volume != nil && spec.Volume.FlexVolume != nil {
+		return spec.Volume.FlexVolume.Options, nil
+	}
+	if spec.PersistentVolume != nil && spec.PersistentVolume.Spec.FlexVolume != nil {
+		return spec.PersistentVolume.Spec.FlexVolume.Options, nil
 	}
-	return
+	return nil, notFlexVolume
 }
 
 func prepareForMount(mounter mount.Interface, deviceMountPath string) (bool, error) {
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/flocker/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/flocker/BUILD
index 3d21d92dc91f..b1fd9272fb34 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/flocker/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/flocker/BUILD
@@ -21,7 +21,6 @@ go_library(
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
         "//vendor/github.com/clusterhq/flocker-go:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
@@ -39,8 +38,7 @@ go_test(
         "flocker_util_test.go",
         "flocker_volume_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/volume/flocker",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/flocker/flocker_util.go b/vendor/k8s.io/kubernetes/pkg/volume/flocker/flocker_util.go
index ab58bcef3fe6..3d9149cd34eb 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/flocker/flocker_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/flocker/flocker_util.go
@@ -22,7 +22,8 @@ import (
 
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/util/rand"
-	"k8s.io/kubernetes/pkg/volume"
+
+	volutil "k8s.io/kubernetes/pkg/volume/util"
 
 	flockerapi "github.com/clusterhq/flocker-go"
 	"github.com/golang/glog"
@@ -73,7 +74,7 @@ func (util *FlockerUtil) CreateVolume(c *flockerVolumeProvisioner) (datasetUUID
 
 	capacity := c.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)]
 	requestBytes := capacity.Value()
-	volumeSizeGB = int(volume.RoundUpSize(requestBytes, 1024*1024*1024))
+	volumeSizeGB = int(volutil.RoundUpSize(requestBytes, 1024*1024*1024))
 
 	createOptions := &flockerapi.CreateDatasetOptions{
 		MaximumSize: requestBytes,
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/flocker/flocker_volume.go b/vendor/k8s.io/kubernetes/pkg/volume/flocker/flocker_volume.go
index bdbf311fc248..d7f245d15a23 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/flocker/flocker_volume.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/flocker/flocker_volume.go
@@ -23,7 +23,7 @@ import (
 	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/kubernetes/pkg/volume"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
+	"k8s.io/kubernetes/pkg/volume/util"
 )
 
 type volumeManager interface {
@@ -55,7 +55,7 @@ type flockerVolumeProvisioner struct {
 var _ volume.Provisioner = &flockerVolumeProvisioner{}
 
 func (c *flockerVolumeProvisioner) Provision() (*v1.PersistentVolume, error) {
-	if !volume.AccessModesContainedInAll(c.plugin.GetAccessModes(), c.options.PVC.Spec.AccessModes) {
+	if !util.AccessModesContainedInAll(c.plugin.GetAccessModes(), c.options.PVC.Spec.AccessModes) {
 		return nil, fmt.Errorf("invalid AccessModes %v: only AccessModes %v are supported", c.options.PVC.Spec.AccessModes, c.plugin.GetAccessModes())
 	}
 
@@ -77,7 +77,7 @@ func (c *flockerVolumeProvisioner) Provision() (*v1.PersistentVolume, error) {
 			Name:   c.options.PVName,
 			Labels: map[string]string{},
 			Annotations: map[string]string{
-				volumehelper.VolumeDynamicallyCreatedByKey: "flocker-dynamic-provisioner",
+				util.VolumeDynamicallyCreatedByKey: "flocker-dynamic-provisioner",
 			},
 		},
 		Spec: v1.PersistentVolumeSpec{
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/gce_pd/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/gce_pd/BUILD
index 8c83b4d0d70a..91770ff306dd 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/gce_pd/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/gce_pd/BUILD
@@ -12,23 +12,27 @@ go_library(
         "attacher.go",
         "doc.go",
         "gce_pd.go",
+        "gce_pd_block.go",
         "gce_util.go",
     ],
     importpath = "k8s.io/kubernetes/pkg/volume/gce_pd",
     deps = [
         "//pkg/cloudprovider:go_default_library",
         "//pkg/cloudprovider/providers/gce:go_default_library",
+        "//pkg/features:go_default_library",
+        "//pkg/kubelet/apis:go_default_library",
         "//pkg/util/mount:go_default_library",
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
+        "//pkg/volume/util/volumepathhandler:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/utils/exec:go_default_library",
     ],
 )
@@ -37,14 +41,16 @@ go_test(
     name = "go_default_test",
     srcs = [
         "attacher_test.go",
+        "gce_pd_block_test.go",
         "gce_pd_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/volume/gce_pd",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
+        "//pkg/kubelet/apis:go_default_library",
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/testing:go_default_library",
+        "//pkg/volume/util:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/gce_pd/attacher.go b/vendor/k8s.io/kubernetes/pkg/volume/gce_pd/attacher.go
index 6ee1fd6d2305..21d8545b0843 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/gce_pd/attacher.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/gce_pd/attacher.go
@@ -32,7 +32,6 @@ import (
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
 	volumeutil "k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 type gcePersistentDiskAttacher struct {
@@ -88,7 +87,7 @@ func (attacher *gcePersistentDiskAttacher) Attach(spec *volume.Spec, nodeName ty
 		// Volume is already attached to node.
 		glog.Infof("Attach operation is successful. PD %q is already attached to node %q.", pdName, nodeName)
 	} else {
-		if err := attacher.gceDisks.AttachDisk(pdName, nodeName, readOnly); err != nil {
+		if err := attacher.gceDisks.AttachDisk(pdName, nodeName, readOnly, isRegionalPD(spec)); err != nil {
 			glog.Errorf("Error attaching PD %q to node %q: %+v", pdName, nodeName, err)
 			return "", err
 		}
@@ -103,7 +102,7 @@ func (attacher *gcePersistentDiskAttacher) VolumesAreAttached(specs []*volume.Sp
 	pdNameList := []string{}
 	for _, spec := range specs {
 		volumeSource, _, err := getVolumeSource(spec)
-		// If error is occured, skip this volume and move to the next one
+		// If error is occurred, skip this volume and move to the next one
 		if err != nil {
 			glog.Errorf("Error getting volume (%q) source : %v", spec.Name(), err)
 			continue
@@ -209,8 +208,8 @@ func (attacher *gcePersistentDiskAttacher) MountDevice(spec *volume.Spec, device
 		options = append(options, "ro")
 	}
 	if notMnt {
-		diskMounter := volumehelper.NewSafeFormatAndMountFromHost(gcePersistentDiskPluginName, attacher.host)
-		mountOptions := volume.MountOptionFromSpec(spec, options...)
+		diskMounter := volumeutil.NewSafeFormatAndMountFromHost(gcePersistentDiskPluginName, attacher.host)
+		mountOptions := volumeutil.MountOptionFromSpec(spec, options...)
 		err = diskMounter.FormatAndMount(devicePath, deviceMountPath, volumeSource.FSType, mountOptions)
 		if err != nil {
 			os.Remove(deviceMountPath)
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/gce_pd/gce_pd.go b/vendor/k8s.io/kubernetes/pkg/volume/gce_pd/gce_pd.go
index 5576f1fabea7..8c78c6754af3 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/gce_pd/gce_pd.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/gce_pd/gce_pd.go
@@ -31,7 +31,6 @@ import (
 	kstrings "k8s.io/kubernetes/pkg/util/strings"
 	"k8s.io/kubernetes/pkg/volume"
 	"k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 // This is the primary entrypoint for volume plugins.
@@ -398,7 +397,7 @@ type gcePersistentDiskProvisioner struct {
 var _ volume.Provisioner = &gcePersistentDiskProvisioner{}
 
 func (c *gcePersistentDiskProvisioner) Provision() (*v1.PersistentVolume, error) {
-	if !volume.AccessModesContainedInAll(c.plugin.GetAccessModes(), c.options.PVC.Spec.AccessModes) {
+	if !util.AccessModesContainedInAll(c.plugin.GetAccessModes(), c.options.PVC.Spec.AccessModes) {
 		return nil, fmt.Errorf("invalid AccessModes %v: only AccessModes %v are supported", c.options.PVC.Spec.AccessModes, c.plugin.GetAccessModes())
 	}
 
@@ -416,14 +415,14 @@ func (c *gcePersistentDiskProvisioner) Provision() (*v1.PersistentVolume, error)
 			Name:   c.options.PVName,
 			Labels: map[string]string{},
 			Annotations: map[string]string{
-				volumehelper.VolumeDynamicallyCreatedByKey: "gce-pd-dynamic-provisioner",
+				util.VolumeDynamicallyCreatedByKey: "gce-pd-dynamic-provisioner",
 			},
 		},
 		Spec: v1.PersistentVolumeSpec{
 			PersistentVolumeReclaimPolicy: c.options.PersistentVolumeReclaimPolicy,
 			AccessModes:                   c.options.PVC.Spec.AccessModes,
 			Capacity: v1.ResourceList{
-				v1.ResourceName(v1.ResourceStorage): resource.MustParse(fmt.Sprintf("%dGi", sizeGB)),
+				v1.ResourceName(v1.ResourceStorage): resource.MustParse(fmt.Sprintf("%dG", sizeGB)),
 			},
 			PersistentVolumeSource: v1.PersistentVolumeSource{
 				GCEPersistentDisk: &v1.GCEPersistentDiskVolumeSource{
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/gce_pd/gce_pd_block.go b/vendor/k8s.io/kubernetes/pkg/volume/gce_pd/gce_pd_block.go
new file mode 100644
index 000000000000..f4398d13b59a
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/volume/gce_pd/gce_pd_block.go
@@ -0,0 +1,169 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package gce_pd
+
+import (
+	"fmt"
+	"path"
+	"path/filepath"
+	"strconv"
+
+	"github.com/golang/glog"
+	"k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/kubernetes/pkg/util/mount"
+	kstrings "k8s.io/kubernetes/pkg/util/strings"
+	"k8s.io/kubernetes/pkg/volume"
+	"k8s.io/kubernetes/pkg/volume/util/volumepathhandler"
+)
+
+var _ volume.VolumePlugin = &gcePersistentDiskPlugin{}
+var _ volume.PersistentVolumePlugin = &gcePersistentDiskPlugin{}
+var _ volume.BlockVolumePlugin = &gcePersistentDiskPlugin{}
+var _ volume.DeletableVolumePlugin = &gcePersistentDiskPlugin{}
+var _ volume.ProvisionableVolumePlugin = &gcePersistentDiskPlugin{}
+var _ volume.ExpandableVolumePlugin = &gcePersistentDiskPlugin{}
+
+func (plugin *gcePersistentDiskPlugin) ConstructBlockVolumeSpec(podUID types.UID, volumeName, mapPath string) (*volume.Spec, error) {
+	pluginDir := plugin.host.GetVolumeDevicePluginDir(gcePersistentDiskPluginName)
+	blkutil := volumepathhandler.NewBlockVolumePathHandler()
+	globalMapPathUUID, err := blkutil.FindGlobalMapPathUUIDFromPod(pluginDir, mapPath, podUID)
+	if err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("globalMapPathUUID: %v, err: %v", globalMapPathUUID, err)
+
+	globalMapPath := filepath.Dir(globalMapPathUUID)
+	if len(globalMapPath) <= 1 {
+		return nil, fmt.Errorf("failed to get volume plugin information from globalMapPathUUID: %v", globalMapPathUUID)
+	}
+
+	return getVolumeSpecFromGlobalMapPath(globalMapPath)
+}
+
+func getVolumeSpecFromGlobalMapPath(globalMapPath string) (*volume.Spec, error) {
+	// Get volume spec information from globalMapPath
+	// globalMapPath example:
+	//   plugins/kubernetes.io/{PluginName}/{DefaultKubeletVolumeDevicesDirName}/{volumeID}
+	//   plugins/kubernetes.io/gce-pd/volumeDevices/vol-XXXXXX
+	pdName := filepath.Base(globalMapPath)
+	if len(pdName) <= 1 {
+		return nil, fmt.Errorf("failed to get pd name from global path=%s", globalMapPath)
+	}
+	block := v1.PersistentVolumeBlock
+	gceVolume := &v1.PersistentVolume{
+		Spec: v1.PersistentVolumeSpec{
+			PersistentVolumeSource: v1.PersistentVolumeSource{
+				GCEPersistentDisk: &v1.GCEPersistentDiskVolumeSource{
+					PDName: pdName,
+				},
+			},
+			VolumeMode: &block,
+		},
+	}
+
+	return volume.NewSpecFromPersistentVolume(gceVolume, true), nil
+}
+
+// NewBlockVolumeMapper creates a new volume.BlockVolumeMapper from an API specification.
+func (plugin *gcePersistentDiskPlugin) NewBlockVolumeMapper(spec *volume.Spec, pod *v1.Pod, _ volume.VolumeOptions) (volume.BlockVolumeMapper, error) {
+	// If this is called via GenerateUnmapDeviceFunc(), pod is nil.
+	// Pass empty string as dummy uid since uid isn't used in the case.
+	var uid types.UID
+	if pod != nil {
+		uid = pod.UID
+	}
+
+	return plugin.newBlockVolumeMapperInternal(spec, uid, &GCEDiskUtil{}, plugin.host.GetMounter(plugin.GetPluginName()))
+}
+
+func (plugin *gcePersistentDiskPlugin) newBlockVolumeMapperInternal(spec *volume.Spec, podUID types.UID, manager pdManager, mounter mount.Interface) (volume.BlockVolumeMapper, error) {
+	volumeSource, readOnly, err := getVolumeSource(spec)
+	if err != nil {
+		return nil, err
+	}
+	pdName := volumeSource.PDName
+	partition := ""
+	if volumeSource.Partition != 0 {
+		partition = strconv.Itoa(int(volumeSource.Partition))
+	}
+
+	return &gcePersistentDiskMapper{
+		gcePersistentDisk: &gcePersistentDisk{
+			volName:   spec.Name(),
+			podUID:    podUID,
+			pdName:    pdName,
+			partition: partition,
+			manager:   manager,
+			mounter:   mounter,
+			plugin:    plugin,
+		},
+		readOnly: readOnly}, nil
+}
+
+func (plugin *gcePersistentDiskPlugin) NewBlockVolumeUnmapper(volName string, podUID types.UID) (volume.BlockVolumeUnmapper, error) {
+	return plugin.newUnmapperInternal(volName, podUID, &GCEDiskUtil{})
+}
+
+func (plugin *gcePersistentDiskPlugin) newUnmapperInternal(volName string, podUID types.UID, manager pdManager) (volume.BlockVolumeUnmapper, error) {
+	return &gcePersistentDiskUnmapper{
+		gcePersistentDisk: &gcePersistentDisk{
+			volName: volName,
+			podUID:  podUID,
+			pdName:  volName,
+			manager: manager,
+			plugin:  plugin,
+		}}, nil
+}
+
+func (c *gcePersistentDiskUnmapper) TearDownDevice(mapPath, devicePath string) error {
+	return nil
+}
+
+type gcePersistentDiskUnmapper struct {
+	*gcePersistentDisk
+}
+
+var _ volume.BlockVolumeUnmapper = &gcePersistentDiskUnmapper{}
+
+type gcePersistentDiskMapper struct {
+	*gcePersistentDisk
+	readOnly bool
+}
+
+var _ volume.BlockVolumeMapper = &gcePersistentDiskMapper{}
+
+func (b *gcePersistentDiskMapper) SetUpDevice() (string, error) {
+	return "", nil
+}
+
+// GetGlobalMapPath returns global map path and error
+// path: plugins/kubernetes.io/{PluginName}/volumeDevices/pdName
+func (pd *gcePersistentDisk) GetGlobalMapPath(spec *volume.Spec) (string, error) {
+	volumeSource, _, err := getVolumeSource(spec)
+	if err != nil {
+		return "", err
+	}
+	return path.Join(pd.plugin.host.GetVolumeDevicePluginDir(gcePersistentDiskPluginName), string(volumeSource.PDName)), nil
+}
+
+// GetPodDeviceMapPath returns pod device map path and volume name
+// path: pods/{podUid}/volumeDevices/kubernetes.io~aws
+func (pd *gcePersistentDisk) GetPodDeviceMapPath() (string, string) {
+	name := gcePersistentDiskPluginName
+	return pd.plugin.host.GetPodVolumeDeviceDir(pd.podUID, kstrings.EscapeQualifiedNameForDisk(name)), pd.volName
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/gce_pd/gce_util.go b/vendor/k8s.io/kubernetes/pkg/volume/gce_pd/gce_util.go
index 3d17a455017b..8774d77c8fcc 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/gce_pd/gce_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/gce_pd/gce_util.go
@@ -26,8 +26,11 @@ import (
 	"github.com/golang/glog"
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/util/sets"
+	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	"k8s.io/kubernetes/pkg/cloudprovider"
 	gcecloud "k8s.io/kubernetes/pkg/cloudprovider/providers/gce"
+	"k8s.io/kubernetes/pkg/features"
+	kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis"
 	"k8s.io/kubernetes/pkg/volume"
 	volumeutil "k8s.io/kubernetes/pkg/volume/util"
 	"k8s.io/utils/exec"
@@ -40,11 +43,13 @@ const (
 	diskPartitionSuffix  = "-part"
 	diskSDPath           = "/dev/sd"
 	diskSDPattern        = "/dev/sd*"
-	regionalPDZonesAuto  = "auto" // "replica-zones: auto" means Kubernetes will select zones for RePD
-	maxChecks            = 60
 	maxRetries           = 10
 	checkSleepDuration   = time.Second
 	maxRegionalPDZones   = 2
+
+	// Replication type constants must be lower case.
+	replicationTypeNone       = "none"
+	replicationTypeRegionalPD = "regional-pd"
 )
 
 // These variables are modified only in unit tests and should be constant
@@ -79,21 +84,21 @@ func (gceutil *GCEDiskUtil) CreateVolume(c *gcePersistentDiskProvisioner) (strin
 		return "", 0, nil, "", err
 	}
 
-	name := volume.GenerateVolumeName(c.options.ClusterName, c.options.PVName, 63) // GCE PD name can have up to 63 characters
+	name := volumeutil.GenerateVolumeName(c.options.ClusterName, c.options.PVName, 63) // GCE PD name can have up to 63 characters
 	capacity := c.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)]
-	requestBytes := capacity.Value()
-	// GCE works with gigabytes, convert to GiB with rounding up
-	requestGB := volume.RoundUpSize(requestBytes, 1024*1024*1024)
+	// GCE PDs are allocated in chunks of GBs (not GiBs)
+	requestGB := volumeutil.RoundUpToGB(capacity)
 
-	// Apply Parameters (case-insensitive). We leave validation of
-	// the values to the cloud provider.
+	// Apply Parameters.
+	// Values for parameter "replication-type" are canonicalized to lower case.
+	// Values for other parameters are case-insensitive, and we leave validation of these values
+	// to the cloud provider.
 	diskType := ""
 	configuredZone := ""
 	configuredZones := ""
-	configuredReplicaZones := ""
 	zonePresent := false
 	zonesPresent := false
-	replicaZonesPresent := false
+	replicationType := replicationTypeNone
 	fstype := ""
 	for k, v := range c.options.Parameters {
 		switch strings.ToLower(k) {
@@ -105,9 +110,13 @@ func (gceutil *GCEDiskUtil) CreateVolume(c *gcePersistentDiskProvisioner) (strin
 		case "zones":
 			zonesPresent = true
 			configuredZones = v
-		case "replica-zones":
-			replicaZonesPresent = true
-			configuredReplicaZones = v
+		case "replication-type":
+			if !utilfeature.DefaultFeatureGate.Enabled(features.GCERegionalPersistentDisk) {
+				return "", 0, nil, "",
+					fmt.Errorf("the %q option for volume plugin %v is only supported with the %q Kubernetes feature gate enabled",
+						k, c.plugin.GetPluginName(), features.GCERegionalPersistentDisk)
+			}
+			replicationType = strings.ToLower(v)
 		case volume.VolumeParameterFSType:
 			fstype = v
 		default:
@@ -115,10 +124,14 @@ func (gceutil *GCEDiskUtil) CreateVolume(c *gcePersistentDiskProvisioner) (strin
 		}
 	}
 
-	if ((zonePresent || zonesPresent) && replicaZonesPresent) ||
-		(zonePresent && zonesPresent) {
-		// 011, 101, 111, 110
-		return "", 0, nil, "", fmt.Errorf("a combination of zone, zones, and replica-zones StorageClass parameters must not be used at the same time")
+	if zonePresent && zonesPresent {
+		return "", 0, nil, "", fmt.Errorf("the 'zone' and 'zones' StorageClass parameters must not be used at the same time")
+	}
+
+	if replicationType == replicationTypeRegionalPD && zonePresent {
+		// If a user accidentally types 'zone' instead of 'zones', we want to throw an error
+		// instead of assuming that 'zones' is empty and proceed by randomly selecting zones.
+		return "", 0, nil, "", fmt.Errorf("the '%s' replication type does not support the 'zone' parameter; use 'zones' instead", replicationTypeRegionalPD)
 	}
 
 	// TODO: implement PVC.Selector parsing
@@ -126,18 +139,13 @@ func (gceutil *GCEDiskUtil) CreateVolume(c *gcePersistentDiskProvisioner) (strin
 		return "", 0, nil, "", fmt.Errorf("claim.Spec.Selector is not supported for dynamic provisioning on GCE")
 	}
 
-	if !zonePresent && !zonesPresent && replicaZonesPresent {
-		// 001 - "replica-zones" specified
-		replicaZones, err := volumeutil.ZonesToSet(configuredReplicaZones)
-		if err != nil {
-			return "", 0, nil, "", err
-		}
-
+	switch replicationType {
+	case replicationTypeRegionalPD:
 		err = createRegionalPD(
 			name,
 			c.options.PVC.Name,
 			diskType,
-			replicaZones,
+			configuredZones,
 			requestGB,
 			c.options.CloudTags,
 			cloud)
@@ -147,10 +155,11 @@ func (gceutil *GCEDiskUtil) CreateVolume(c *gcePersistentDiskProvisioner) (strin
 		}
 
 		glog.V(2).Infof("Successfully created Regional GCE PD volume %s", name)
-	} else {
+
+	case replicationTypeNone:
 		var zones sets.String
 		if !zonePresent && !zonesPresent {
-			// 000 - neither "zone", "zones", or "replica-zones" specified
+			// 00 - neither "zone" or "zones" specified
 			// Pick a zone randomly selected from all active zones where
 			// Kubernetes cluster has a node.
 			zones, err = cloud.GetAllCurrentZones()
@@ -159,21 +168,21 @@ func (gceutil *GCEDiskUtil) CreateVolume(c *gcePersistentDiskProvisioner) (strin
 				return "", 0, nil, "", err
 			}
 		} else if !zonePresent && zonesPresent {
-			// 010 - "zones" specified
+			// 01 - "zones" specified
 			// Pick a zone randomly selected from specified set.
 			if zones, err = volumeutil.ZonesToSet(configuredZones); err != nil {
 				return "", 0, nil, "", err
 			}
 		} else if zonePresent && !zonesPresent {
-			// 100 - "zone" specified
+			// 10 - "zone" specified
 			// Use specified zone
-			if err := volume.ValidateZone(configuredZone); err != nil {
+			if err := volumeutil.ValidateZone(configuredZone); err != nil {
 				return "", 0, nil, "", err
 			}
 			zones = make(sets.String)
 			zones.Insert(configuredZone)
 		}
-		zone := volume.ChooseZoneForVolume(zones, c.options.PVC.Name)
+		zone := volumeutil.ChooseZoneForVolume(zones, c.options.PVC.Name)
 
 		if err := cloud.CreateDisk(
 			name,
@@ -186,6 +195,9 @@ func (gceutil *GCEDiskUtil) CreateVolume(c *gcePersistentDiskProvisioner) (strin
 		}
 
 		glog.V(2).Infof("Successfully created single-zone GCE PD volume %s", name)
+
+	default:
+		return "", 0, nil, "", fmt.Errorf("replication-type of '%s' is not supported", replicationType)
 	}
 
 	labels, err := cloud.GetAutoLabelsForPD(name, "" /* zone */)
@@ -202,32 +214,41 @@ func createRegionalPD(
 	diskName string,
 	pvcName string,
 	diskType string,
-	replicaZones sets.String,
+	zonesString string,
 	requestGB int64,
 	cloudTags *map[string]string,
 	cloud *gcecloud.GCECloud) error {
 
-	autoZoneSelection := false
-	if replicaZones.Len() != maxRegionalPDZones {
-		replicaZonesList := replicaZones.UnsortedList()
-		if replicaZones.Len() == 1 && replicaZonesList[0] == regionalPDZonesAuto {
-			// User requested automatic zone selection.
-			autoZoneSelection = true
-		} else {
-			return fmt.Errorf(
-				"replica-zones specifies %d zones. It must specify %d zones or the keyword \"auto\" to let Kubernetes select zones.",
-				replicaZones.Len(),
-				maxRegionalPDZones)
+	var replicaZones sets.String
+	var err error
+
+	if zonesString == "" {
+		// Consider all zones
+		replicaZones, err = cloud.GetAllCurrentZones()
+		if err != nil {
+			glog.V(2).Infof("error getting zone information from GCE: %v", err)
+			return err
+		}
+	} else {
+		replicaZones, err = volumeutil.ZonesToSet(zonesString)
+		if err != nil {
+			return err
 		}
 	}
 
-	selectedReplicaZones := replicaZones
-	if autoZoneSelection {
-		selectedReplicaZones = volume.ChooseZonesForVolume(
+	zoneCount := replicaZones.Len()
+	var selectedReplicaZones sets.String
+	if zoneCount < maxRegionalPDZones {
+		return fmt.Errorf("cannot specify only %d zone(s) for Regional PDs.", zoneCount)
+	} else if zoneCount == maxRegionalPDZones {
+		selectedReplicaZones = replicaZones
+	} else {
+		// Must randomly select zones
+		selectedReplicaZones = volumeutil.ChooseZonesForVolume(
 			replicaZones, pvcName, maxRegionalPDZones)
 	}
 
-	if err := cloud.CreateRegionalDisk(
+	if err = cloud.CreateRegionalDisk(
 		diskName,
 		diskType,
 		selectedReplicaZones,
@@ -357,3 +378,13 @@ func udevadmChangeToDrive(drivePath string) error {
 	}
 	return nil
 }
+
+// Checks whether the given GCE PD volume spec is associated with a regional PD.
+func isRegionalPD(spec *volume.Spec) bool {
+	if spec.PersistentVolume != nil {
+		zonesLabel := spec.PersistentVolume.Labels[kubeletapis.LabelZoneFailureDomain]
+		zones := strings.Split(zonesLabel, kubeletapis.LabelMultiZoneDelimiter)
+		return len(zones) > 1
+	}
+	return false
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/git_repo/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/git_repo/BUILD
index cd24945cf338..38ae008ad14c 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/git_repo/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/git_repo/BUILD
@@ -14,29 +14,27 @@ go_library(
     ],
     importpath = "k8s.io/kubernetes/pkg/volume/git_repo",
     deps = [
+        "//pkg/util/mount:go_default_library",
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
-        "//vendor/k8s.io/utils/exec:go_default_library",
     ],
 )
 
 go_test(
     name = "go_default_test",
     srcs = ["git_repo_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/volume/git_repo",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
+        "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/empty_dir:go_default_library",
         "//pkg/volume/testing:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
-        "//vendor/k8s.io/utils/exec:go_default_library",
-        "//vendor/k8s.io/utils/exec/testing:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/git_repo/git_repo.go b/vendor/k8s.io/kubernetes/pkg/volume/git_repo/git_repo.go
index 1948971e94ea..e432befb3c59 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/git_repo/git_repo.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/git_repo/git_repo.go
@@ -24,10 +24,10 @@ import (
 
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/kubernetes/pkg/util/mount"
 	utilstrings "k8s.io/kubernetes/pkg/util/strings"
 	"k8s.io/kubernetes/pkg/volume"
 	volumeutil "k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/utils/exec"
 )
 
 // This is the primary entrypoint for volume plugins.
@@ -100,7 +100,8 @@ func (plugin *gitRepoPlugin) NewMounter(spec *volume.Spec, pod *v1.Pod, opts vol
 		source:   spec.Volume.GitRepo.Repository,
 		revision: spec.Volume.GitRepo.Revision,
 		target:   spec.Volume.GitRepo.Directory,
-		exec:     exec.New(),
+		mounter:  plugin.host.GetMounter(plugin.GetPluginName()),
+		exec:     plugin.host.GetExec(plugin.GetPluginName()),
 		opts:     opts,
 	}, nil
 }
@@ -149,7 +150,8 @@ type gitRepoVolumeMounter struct {
 	source   string
 	revision string
 	target   string
-	exec     exec.Interface
+	mounter  mount.Interface
+	exec     mount.Exec
 	opts     volume.VolumeOptions
 }
 
@@ -195,7 +197,7 @@ func (b *gitRepoVolumeMounter) SetUpAt(dir string, fsGroup *int64) error {
 	if len(b.target) != 0 {
 		args = append(args, b.target)
 	}
-	if output, err := b.execCommand("git", args, dir); err != nil {
+	if output, err := b.execGit(args, dir); err != nil {
 		return fmt.Errorf("failed to exec 'git %s': %s: %v",
 			strings.Join(args, " "), output, err)
 	}
@@ -225,10 +227,10 @@ func (b *gitRepoVolumeMounter) SetUpAt(dir string, fsGroup *int64) error {
 		return fmt.Errorf("unexpected directory contents: %v", files)
 	}
 
-	if output, err := b.execCommand("git", []string{"checkout", b.revision}, subdir); err != nil {
+	if output, err := b.execGit([]string{"checkout", b.revision}, subdir); err != nil {
 		return fmt.Errorf("failed to exec 'git checkout %s': %s: %v", b.revision, output, err)
 	}
-	if output, err := b.execCommand("git", []string{"reset", "--hard"}, subdir); err != nil {
+	if output, err := b.execGit([]string{"reset", "--hard"}, subdir); err != nil {
 		return fmt.Errorf("failed to exec 'git reset --hard': %s: %v", output, err)
 	}
 
@@ -242,10 +244,10 @@ func (b *gitRepoVolumeMounter) getMetaDir() string {
 	return path.Join(b.plugin.host.GetPodPluginDir(b.podUID, utilstrings.EscapeQualifiedNameForDisk(gitRepoPluginName)), b.volName)
 }
 
-func (b *gitRepoVolumeMounter) execCommand(command string, args []string, dir string) ([]byte, error) {
-	cmd := b.exec.Command(command, args...)
-	cmd.SetDir(dir)
-	return cmd.CombinedOutput()
+func (b *gitRepoVolumeMounter) execGit(args []string, dir string) ([]byte, error) {
+	// run git -C <dir> <args>
+	fullArgs := append([]string{"-C", dir}, args...)
+	return b.exec.Run("git", fullArgs...)
 }
 
 // gitRepoVolumeUnmounter cleans git repo volumes.
@@ -262,7 +264,7 @@ func (c *gitRepoVolumeUnmounter) TearDown() error {
 
 // TearDownAt simply deletes everything in the directory.
 func (c *gitRepoVolumeUnmounter) TearDownAt(dir string) error {
-	return volume.UnmountViaEmptyDir(dir, c.plugin.host, c.volName, wrappedVolumeSpec(), c.podUID)
+	return volumeutil.UnmountViaEmptyDir(dir, c.plugin.host, c.volName, wrappedVolumeSpec(), c.podUID)
 }
 
 func getVolumeSource(spec *volume.Spec) (*v1.GitRepoVolumeSource, bool) {
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/glusterfs/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/glusterfs/BUILD
index b8371b5e8df0..990ff54c27dc 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/glusterfs/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/glusterfs/BUILD
@@ -21,7 +21,6 @@ go_library(
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/heketi/heketi/client/api/go-client:go_default_library",
         "//vendor/github.com/heketi/heketi/pkg/glusterfs/api:go_default_library",
@@ -32,6 +31,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/uuid:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
     ],
 )
@@ -42,8 +42,7 @@ go_test(
         "glusterfs_minmax_test.go",
         "glusterfs_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/volume/glusterfs",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/glusterfs/glusterfs.go b/vendor/k8s.io/kubernetes/pkg/volume/glusterfs/glusterfs.go
index c42e3cdf7945..d77eb5898bb2 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/glusterfs/glusterfs.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/glusterfs/glusterfs.go
@@ -36,13 +36,13 @@ import (
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/apimachinery/pkg/util/uuid"
 	clientset "k8s.io/client-go/kubernetes"
 	v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/util/strings"
 	"k8s.io/kubernetes/pkg/volume"
 	volutil "k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 // ProbeVolumePlugins is the primary entrypoint for volume plugins.
@@ -74,6 +74,7 @@ const (
 	gciLinuxGlusterMountBinaryPath = "/sbin/mount.glusterfs"
 	defaultGidMin                  = 2000
 	defaultGidMax                  = math.MaxInt32
+
 	// absoluteGidMin/Max are currently the same as the
 	// default values, but they play a different role and
 	// could take a different value. Only thing we need is:
@@ -84,6 +85,7 @@ const (
 	heketiAnn               = "heketi-dynamic-provisioner"
 	glusterTypeAnn          = "gluster.org/type"
 	glusterDescAnn          = "Gluster-Internal: Dynamically provisioned PV"
+	heketiVolIDAnn          = "gluster.kubernetes.io/heketi-volume-id"
 )
 
 func (plugin *glusterfsPlugin) Init(host volume.VolumeHost) error {
@@ -141,9 +143,13 @@ func (plugin *glusterfsPlugin) GetAccessModes() []v1.PersistentVolumeAccessMode
 }
 
 func (plugin *glusterfsPlugin) NewMounter(spec *volume.Spec, pod *v1.Pod, _ volume.VolumeOptions) (volume.Mounter, error) {
-	source, _ := plugin.getGlusterVolumeSource(spec)
+	source, _, err := getVolumeSource(spec)
+	if err != nil {
+		glog.Errorf("failed to get gluster volumesource: %v", err)
+		return nil, err
+	}
 	epName := source.EndpointsName
-	// PVC/POD is in same ns.
+	// PVC/POD is in same namespace.
 	podNs := pod.Namespace
 	kubeClient := plugin.host.GetKubeClient()
 	if kubeClient == nil {
@@ -151,35 +157,27 @@ func (plugin *glusterfsPlugin) NewMounter(spec *volume.Spec, pod *v1.Pod, _ volu
 	}
 	ep, err := kubeClient.CoreV1().Endpoints(podNs).Get(epName, metav1.GetOptions{})
 	if err != nil {
-		glog.Errorf("failed to get endpoints %s[%v]", epName, err)
+		glog.Errorf("failed to get endpoint %s: %v", epName, err)
 		return nil, err
 	}
-	glog.V(1).Infof("glusterfs pv endpoint %v", ep)
+	glog.V(4).Infof("glusterfs pv endpoint %v", ep)
 	return plugin.newMounterInternal(spec, ep, pod, plugin.host.GetMounter(plugin.GetPluginName()))
 }
 
-func (plugin *glusterfsPlugin) getGlusterVolumeSource(spec *volume.Spec) (*v1.GlusterfsVolumeSource, bool) {
-	// Glusterfs volumes used directly in a pod have a ReadOnly flag set by the pod author.
-	// Glusterfs volumes used as a PersistentVolume gets the ReadOnly flag indirectly through the persistent-claim volume used to mount the PV
-	if spec.Volume != nil && spec.Volume.Glusterfs != nil {
-		return spec.Volume.Glusterfs, spec.Volume.Glusterfs.ReadOnly
-	}
-	return spec.PersistentVolume.Spec.Glusterfs, spec.ReadOnly
-}
-
 func (plugin *glusterfsPlugin) newMounterInternal(spec *volume.Spec, ep *v1.Endpoints, pod *v1.Pod, mounter mount.Interface) (volume.Mounter, error) {
-	source, readOnly := plugin.getGlusterVolumeSource(spec)
+	source, readOnly, _ := getVolumeSource(spec)
 	return &glusterfsMounter{
 		glusterfs: &glusterfs{
-			volName: spec.Name(),
-			mounter: mounter,
-			pod:     pod,
-			plugin:  plugin,
+			volName:         spec.Name(),
+			mounter:         mounter,
+			pod:             pod,
+			plugin:          plugin,
+			MetricsProvider: volume.NewMetricsStatFS(plugin.host.GetPodVolumeDir(pod.UID, strings.EscapeQualifiedNameForDisk(glusterfsPluginName), spec.Name())),
 		},
 		hosts:        ep,
 		path:         source.Path,
 		readOnly:     readOnly,
-		mountOptions: volume.MountOptionFromSpec(spec),
+		mountOptions: volutil.MountOptionFromSpec(spec),
 	}, nil
 }
 
@@ -189,16 +187,17 @@ func (plugin *glusterfsPlugin) NewUnmounter(volName string, podUID types.UID) (v
 
 func (plugin *glusterfsPlugin) newUnmounterInternal(volName string, podUID types.UID, mounter mount.Interface) (volume.Unmounter, error) {
 	return &glusterfsUnmounter{&glusterfs{
-		volName: volName,
-		mounter: mounter,
-		pod:     &v1.Pod{ObjectMeta: metav1.ObjectMeta{UID: podUID}},
-		plugin:  plugin,
+		volName:         volName,
+		mounter:         mounter,
+		pod:             &v1.Pod{ObjectMeta: metav1.ObjectMeta{UID: podUID}},
+		plugin:          plugin,
+		MetricsProvider: volume.NewMetricsStatFS(plugin.host.GetPodVolumeDir(podUID, strings.EscapeQualifiedNameForDisk(glusterfsPluginName), volName)),
 	}}, nil
 }
 
 func (plugin *glusterfsPlugin) ConstructVolumeSpec(volumeName, mountPath string) (*volume.Spec, error) {
 
-	// To reconstrcut volume spec we need endpoint where fetching endpoint from mount
+	// To reconstruct volume spec we need endpoint where fetching endpoint from mount
 	// string looks to be impossible, so returning error.
 
 	return nil, fmt.Errorf("impossible to reconstruct glusterfs volume spec from volume mountpath")
@@ -210,7 +209,7 @@ type glusterfs struct {
 	pod     *v1.Pod
 	mounter mount.Interface
 	plugin  *glusterfsPlugin
-	volume.MetricsNil
+	volume.MetricsProvider
 }
 
 type glusterfsMounter struct {
@@ -238,7 +237,7 @@ func (b *glusterfsMounter) CanMount() error {
 	exe := b.plugin.host.GetExec(b.plugin.GetPluginName())
 	switch runtime.GOOS {
 	case "linux":
-		if _, err := exe.Run("/bin/ls", gciLinuxGlusterMountBinaryPath); err != nil {
+		if _, err := exe.Run("test", "-x", gciLinuxGlusterMountBinaryPath); err != nil {
 			return fmt.Errorf("Required binary %s is missing", gciLinuxGlusterMountBinaryPath)
 		}
 	}
@@ -259,8 +258,9 @@ func (b *glusterfsMounter) SetUpAt(dir string, fsGroup *int64) error {
 	if !notMnt {
 		return nil
 	}
-
-	os.MkdirAll(dir, 0750)
+	if err := os.MkdirAll(dir, 0750); err != nil {
+		return err
+	}
 	err = b.setUpAtInternal(dir)
 	if err == nil {
 		return nil
@@ -300,7 +300,7 @@ func (b *glusterfsMounter) setUpAtInternal(dir string) error {
 
 	p := path.Join(b.glusterfs.plugin.host.GetPluginDir(glusterfsPluginName), b.glusterfs.volName)
 	if err := os.MkdirAll(p, 0750); err != nil {
-		return fmt.Errorf("Error creating directory %v: %v", p, err)
+		return fmt.Errorf("failed to create directory %v: %v", p, err)
 	}
 
 	// adding log-level ERROR to remove noise
@@ -312,7 +312,7 @@ func (b *glusterfsMounter) setUpAtInternal(dir string) error {
 
 	var addrlist []string
 	if b.hosts == nil {
-		return fmt.Errorf("glusterfs: endpoint is nil")
+		return fmt.Errorf("glusterfs endpoint is nil in mounter")
 	}
 	addr := sets.String{}
 	if b.hosts.Subsets != nil {
@@ -327,18 +327,18 @@ func (b *glusterfsMounter) setUpAtInternal(dir string) error {
 
 	}
 	options = append(options, "backup-volfile-servers="+dstrings.Join(addrlist[:], ":"))
-	mountOptions := volume.JoinMountOptions(b.mountOptions, options)
+	mountOptions := volutil.JoinMountOptions(b.mountOptions, options)
 
 	// with `backup-volfile-servers` mount option in place, it is not required to
 	// iterate over all the servers in the addrlist. A mount attempt with this option
 	// will fetch all the servers mentioned in the backup-volfile-servers list.
-	// Refer backup-volfile-servers @ https://access.redhat.com/documentation/en-US/Red_Hat_Storage/3/html/Administration_Guide/sect-Native_Client.html
+	// Refer to backup-volfile-servers @ http://docs.gluster.org/en/latest/Administrator%20Guide/Setting%20Up%20Clients/
 
 	if (len(addrlist) > 0) && (addrlist[0] != "") {
 		ip := addrlist[0]
 		errs = b.mounter.Mount(ip+":"+b.path, dir, "glusterfs", mountOptions)
 		if errs == nil {
-			glog.Infof("glusterfs: successfully mounted %s", dir)
+			glog.Infof("successfully mounted directory %s", dir)
 			return nil
 		}
 
@@ -374,8 +374,7 @@ func (b *glusterfsMounter) setUpAtInternal(dir string) error {
 
 }
 
-func getVolumeSource(
-	spec *volume.Spec) (*v1.GlusterfsVolumeSource, bool, error) {
+func getVolumeSource(spec *volume.Spec) (*v1.GlusterfsVolumeSource, bool, error) {
 	if spec.Volume != nil && spec.Volume.Glusterfs != nil {
 		return spec.Volume.Glusterfs, spec.Volume.Glusterfs.ReadOnly, nil
 	} else if spec.PersistentVolume != nil &&
@@ -402,17 +401,18 @@ func (plugin *glusterfsPlugin) newProvisionerInternal(options volume.VolumeOptio
 }
 
 type provisionerConfig struct {
-	url             string
-	user            string
-	userKey         string
-	secretNamespace string
-	secretName      string
-	secretValue     string
-	clusterID       string
-	gidMin          int
-	gidMax          int
-	volumeType      gapi.VolumeDurabilityInfo
-	volumeOptions   []string
+	url              string
+	user             string
+	userKey          string
+	secretNamespace  string
+	secretName       string
+	secretValue      string
+	clusterID        string
+	gidMin           int
+	gidMax           int
+	volumeType       gapi.VolumeDurabilityInfo
+	volumeOptions    []string
+	volumeNamePrefix string
 }
 
 type glusterfsVolumeProvisioner struct {
@@ -424,11 +424,11 @@ type glusterfsVolumeProvisioner struct {
 func convertGid(gidString string) (int, error) {
 	gid64, err := strconv.ParseInt(gidString, 10, 32)
 	if err != nil {
-		return 0, fmt.Errorf("failed to parse gid %v ", gidString)
+		return 0, fmt.Errorf("failed to parse gid %v: %v", gidString, err)
 	}
 
 	if gid64 < 0 {
-		return 0, fmt.Errorf("negative GIDs are not allowed: %v", gidString)
+		return 0, fmt.Errorf("negative GIDs %v are not allowed", gidString)
 	}
 
 	// ParseInt returns a int64, but since we parsed only
@@ -441,7 +441,7 @@ func convertVolumeParam(volumeString string) (int, error) {
 
 	count, err := strconv.Atoi(volumeString)
 	if err != nil {
-		return 0, fmt.Errorf("failed to parse %q", volumeString)
+		return 0, fmt.Errorf("failed to parse volumestring %q: %v", volumeString, err)
 	}
 
 	if count < 0 {
@@ -490,7 +490,7 @@ func (plugin *glusterfsPlugin) collectGids(className string, gidTable *MinMaxAll
 	}
 	pvList, err := kubeClient.CoreV1().PersistentVolumes().List(metav1.ListOptions{LabelSelector: labels.Everything().String()})
 	if err != nil {
-		glog.Errorf("failed to get existing persistent volumes")
+		glog.Error("failed to get existing persistent volumes")
 		return err
 	}
 
@@ -501,24 +501,24 @@ func (plugin *glusterfsPlugin) collectGids(className string, gidTable *MinMaxAll
 
 		pvName := pv.ObjectMeta.Name
 
-		gidStr, ok := pv.Annotations[volumehelper.VolumeGidAnnotationKey]
+		gidStr, ok := pv.Annotations[volutil.VolumeGidAnnotationKey]
 
 		if !ok {
-			glog.Warningf("no GID found in pv '%v'", pvName)
+			glog.Warningf("no GID found in pv %v", pvName)
 			continue
 		}
 
 		gid, err := convertGid(gidStr)
 		if err != nil {
-			glog.Error(err)
+			glog.Errorf("failed to parse gid %s: %v", gidStr, err)
 			continue
 		}
 
 		_, err = gidTable.Allocate(gid)
 		if err == ErrConflict {
-			glog.Warningf("GID %v found in pv %v was already allocated", gid)
+			glog.Warningf("GID %v found in pv %v was already allocated", gid, pvName)
 		} else if err != nil {
-			glog.Errorf("failed to store gid %v found in pv '%v': %v", gid, pvName, err)
+			glog.Errorf("failed to store gid %v found in pv %v: %v", gid, pvName, err)
 			return err
 		}
 	}
@@ -563,7 +563,6 @@ func (plugin *glusterfsPlugin) getGidTable(className string, min int, max int) (
 	}
 
 	// if in the meantime a table appeared, use it
-
 	plugin.gidTableLock.Lock()
 	defer plugin.gidTableLock.Unlock()
 
@@ -583,7 +582,7 @@ func (plugin *glusterfsPlugin) getGidTable(className string, min int, max int) (
 }
 
 func (d *glusterfsVolumeDeleter) getGid() (int, bool, error) {
-	gidStr, ok := d.spec.Annotations[volumehelper.VolumeGidAnnotationKey]
+	gidStr, ok := d.spec.Annotations[volutil.VolumeGidAnnotationKey]
 
 	if !ok {
 		return 0, false, nil
@@ -595,9 +594,14 @@ func (d *glusterfsVolumeDeleter) getGid() (int, bool, error) {
 }
 
 func (d *glusterfsVolumeDeleter) Delete() error {
-	glog.V(2).Infof("delete volume: %s ", d.glusterfsMounter.path)
+	glog.V(2).Infof("delete volume %s", d.glusterfsMounter.path)
+
 	volumeName := d.glusterfsMounter.path
-	volumeID := dstrings.TrimPrefix(volumeName, volPrefix)
+	volumeID, err := getVolumeID(d.spec, volumeName)
+	if err != nil {
+		return fmt.Errorf("failed to get volumeID: %v", err)
+	}
+
 	class, err := volutil.GetClassForVolume(d.plugin.host.GetKubeClient(), d.spec)
 	if err != nil {
 		return err
@@ -609,7 +613,7 @@ func (d *glusterfsVolumeDeleter) Delete() error {
 	}
 	d.provisionerConfig = *cfg
 
-	glog.V(4).Infof("deleting volume %q with configuration %+v", volumeID, d.provisionerConfig)
+	glog.V(4).Infof("deleting volume %q", volumeID)
 
 	gid, exists, err := d.getGid()
 	if err != nil {
@@ -628,17 +632,17 @@ func (d *glusterfsVolumeDeleter) Delete() error {
 
 	cli := gcli.NewClient(d.url, d.user, d.secretValue)
 	if cli == nil {
-		glog.Errorf("failed to create glusterfs rest client")
-		return fmt.Errorf("failed to create glusterfs rest client, REST server authentication failed")
+		glog.Errorf("failed to create glusterfs REST client")
+		return fmt.Errorf("failed to create glusterfs REST client, REST server authentication failed")
 	}
 	err = cli.VolumeDelete(volumeID)
 	if err != nil {
-		glog.Errorf("error when deleting the volume :%v", err)
+		glog.Errorf("failed to delete volume %s: %v", volumeName, err)
 		return err
 	}
 	glog.V(2).Infof("volume %s deleted successfully", volumeName)
 
-	//Deleter takes endpoint and endpointnamespace from pv spec.
+	//Deleter takes endpoint and namespace from pv spec.
 	pvSpec := d.spec.Spec
 	var dynamicEndpoint, dynamicNamespace string
 	if pvSpec.ClaimRef == nil {
@@ -653,18 +657,18 @@ func (d *glusterfsVolumeDeleter) Delete() error {
 	if pvSpec.Glusterfs.EndpointsName != "" {
 		dynamicEndpoint = pvSpec.Glusterfs.EndpointsName
 	}
-	glog.V(3).Infof("dynamic namespace and endpoint : [%v/%v]", dynamicNamespace, dynamicEndpoint)
+	glog.V(3).Infof("dynamic namespace and endpoint %v/%v", dynamicNamespace, dynamicEndpoint)
 	err = d.deleteEndpointService(dynamicNamespace, dynamicEndpoint)
 	if err != nil {
-		glog.Errorf("error when deleting endpoint/service :%v", err)
+		glog.Errorf("failed to delete endpoint/service %v/%v: %v", dynamicNamespace, dynamicEndpoint, err)
 	} else {
-		glog.V(1).Infof("endpoint: %v and service: %v deleted successfully ", dynamicNamespace, dynamicEndpoint)
+		glog.V(1).Infof("endpoint %v/%v is deleted successfully ", dynamicNamespace, dynamicEndpoint)
 	}
 	return nil
 }
 
 func (p *glusterfsVolumeProvisioner) Provision() (*v1.PersistentVolume, error) {
-	if !volume.AccessModesContainedInAll(p.plugin.GetAccessModes(), p.options.PVC.Spec.AccessModes) {
+	if !volutil.AccessModesContainedInAll(p.plugin.GetAccessModes(), p.options.PVC.Spec.AccessModes) {
 		return nil, fmt.Errorf("invalid AccessModes %v: only AccessModes %v are supported", p.options.PVC.Spec.AccessModes, p.plugin.GetAccessModes())
 	}
 
@@ -693,21 +697,23 @@ func (p *glusterfsVolumeProvisioner) Provision() (*v1.PersistentVolume, error) {
 		return nil, fmt.Errorf("failed to reserve GID from table: %v", err)
 	}
 
-	glog.V(2).Infof("Allocated GID [%d] for PVC %s", gid, p.options.PVC.Name)
+	glog.V(2).Infof("Allocated GID %d for PVC %s", gid, p.options.PVC.Name)
 
-	glusterfs, sizeGB, err := p.CreateVolume(gid)
+	glusterfs, sizeGiB, volID, err := p.CreateVolume(gid)
 	if err != nil {
 		if releaseErr := gidTable.Release(gid); releaseErr != nil {
-			glog.Errorf("error when releasing GID in storageclass: %s", scName)
+			glog.Errorf("error when releasing GID in storageclass %s: %v", scName, releaseErr)
 		}
 
-		glog.Errorf("create volume error: %v.", err)
-		return nil, fmt.Errorf("create volume error: %v", err)
+		glog.Errorf("failed to create volume: %v", err)
+		return nil, fmt.Errorf("failed to create volume: %v", err)
 	}
+	mode := v1.PersistentVolumeFilesystem
 	pv := new(v1.PersistentVolume)
 	pv.Spec.PersistentVolumeSource.Glusterfs = glusterfs
 	pv.Spec.PersistentVolumeReclaimPolicy = p.options.PersistentVolumeReclaimPolicy
 	pv.Spec.AccessModes = p.options.PVC.Spec.AccessModes
+	pv.Spec.VolumeMode = &mode
 	if len(pv.Spec.AccessModes) == 0 {
 		pv.Spec.AccessModes = p.plugin.GetAccessModes()
 	}
@@ -716,74 +722,83 @@ func (p *glusterfsVolumeProvisioner) Provision() (*v1.PersistentVolume, error) {
 	gidStr := strconv.FormatInt(int64(gid), 10)
 
 	pv.Annotations = map[string]string{
-		volumehelper.VolumeGidAnnotationKey:        gidStr,
-		volumehelper.VolumeDynamicallyCreatedByKey: heketiAnn,
-		glusterTypeAnn:                             "file",
-		"Description":                              glusterDescAnn,
-		v1.MountOptionAnnotation:                   "auto_unmount",
+		volutil.VolumeGidAnnotationKey:        gidStr,
+		volutil.VolumeDynamicallyCreatedByKey: heketiAnn,
+		glusterTypeAnn:                        "file",
+		"Description":                         glusterDescAnn,
+		v1.MountOptionAnnotation:              "auto_unmount",
+		heketiVolIDAnn:                        volID,
 	}
 
 	pv.Spec.Capacity = v1.ResourceList{
-		v1.ResourceName(v1.ResourceStorage): resource.MustParse(fmt.Sprintf("%dG", sizeGB)),
+		v1.ResourceName(v1.ResourceStorage): resource.MustParse(fmt.Sprintf("%dGi", sizeGiB)),
 	}
 	return pv, nil
 }
 
-func (p *glusterfsVolumeProvisioner) CreateVolume(gid int) (r *v1.GlusterfsVolumeSource, size int, err error) {
+func (p *glusterfsVolumeProvisioner) CreateVolume(gid int) (r *v1.GlusterfsVolumeSource, size int, volID string, err error) {
 	var clusterIDs []string
+	customVolumeName := ""
 	capacity := p.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)]
-	volSizeBytes := capacity.Value()
-	// Glusterfs creates volumes in units of GBs
-	sz := int(volume.RoundUpSize(volSizeBytes, 1000*1000*1000))
-	glog.V(2).Infof("create volume of size: %d bytes and configuration %+v", volSizeBytes, p.provisionerConfig)
+
+	// GlusterFS/heketi creates volumes in units of GiB.
+	sz := int(volutil.RoundUpToGiB(capacity))
+	glog.V(2).Infof("create volume of size %dGiB", sz)
+
 	if p.url == "" {
 		glog.Errorf("REST server endpoint is empty")
-		return nil, 0, fmt.Errorf("failed to create glusterfs REST client, REST URL is empty")
+		return nil, 0, "", fmt.Errorf("failed to create glusterfs REST client, REST URL is empty")
 	}
 	cli := gcli.NewClient(p.url, p.user, p.secretValue)
 	if cli == nil {
-		glog.Errorf("failed to create glusterfs rest client")
-		return nil, 0, fmt.Errorf("failed to create glusterfs REST client, REST server authentication failed")
+		glog.Errorf("failed to create glusterfs REST client")
+		return nil, 0, "", fmt.Errorf("failed to create glusterfs REST client, REST server authentication failed")
 	}
 	if p.provisionerConfig.clusterID != "" {
 		clusterIDs = dstrings.Split(p.clusterID, ",")
-		glog.V(4).Infof("provided clusterIDs: %v", clusterIDs)
+		glog.V(4).Infof("provided clusterIDs %v", clusterIDs)
 	}
+
+	if p.provisionerConfig.volumeNamePrefix != "" {
+		customVolumeName = fmt.Sprintf("%s_%s_%s_%s", p.provisionerConfig.volumeNamePrefix, p.options.PVC.Namespace, p.options.PVC.Name, uuid.NewUUID())
+	}
+
 	gid64 := int64(gid)
-	volumeReq := &gapi.VolumeCreateRequest{Size: sz, Clusters: clusterIDs, Gid: gid64, Durability: p.volumeType, GlusterVolumeOptions: p.volumeOptions}
+	volumeReq := &gapi.VolumeCreateRequest{Size: sz, Name: customVolumeName, Clusters: clusterIDs, Gid: gid64, Durability: p.volumeType, GlusterVolumeOptions: p.volumeOptions}
 	volume, err := cli.VolumeCreate(volumeReq)
 	if err != nil {
-		glog.Errorf("error creating volume %v ", err)
-		return nil, 0, fmt.Errorf("error creating volume %v", err)
+		glog.Errorf("failed to create volume: %v", err)
+		return nil, 0, "", fmt.Errorf("failed to create volume: %v", err)
 	}
-	glog.V(1).Infof("volume with size: %d and name: %s created", volume.Size, volume.Name)
+	glog.V(1).Infof("volume with size %d and name %s created", volume.Size, volume.Name)
+	volID = volume.Id
 	dynamicHostIps, err := getClusterNodes(cli, volume.Cluster)
 	if err != nil {
-		glog.Errorf("error [%v] when getting cluster nodes for volume %s", err, volume)
-		return nil, 0, fmt.Errorf("error [%v] when getting cluster nodes for volume %s", err, volume)
+		glog.Errorf("failed to get cluster nodes for volume %s: %v", volume, err)
+		return nil, 0, "", fmt.Errorf("failed to get cluster nodes for volume %s: %v", volume, err)
 	}
 
 	// The 'endpointname' is created in form of 'glusterfs-dynamic-<claimname>'.
 	// createEndpointService() checks for this 'endpoint' existence in PVC's namespace and
-	// If not found, it create an endpoint and svc using the IPs we dynamically picked at time
+	// If not found, it create an endpoint and service using the IPs we dynamically picked at time
 	// of volume creation.
 	epServiceName := dynamicEpSvcPrefix + p.options.PVC.Name
 	epNamespace := p.options.PVC.Namespace
 	endpoint, service, err := p.createEndpointService(epNamespace, epServiceName, dynamicHostIps, p.options.PVC.Name)
 	if err != nil {
-		glog.Errorf("failed to create endpoint/service: %v", err)
+		glog.Errorf("failed to create endpoint/service %v/%v: %v", epNamespace, epServiceName, err)
 		deleteErr := cli.VolumeDelete(volume.Id)
 		if deleteErr != nil {
-			glog.Errorf("error when deleting the volume :%v , manual deletion required", deleteErr)
+			glog.Errorf("failed to delete volume: %v, manual deletion of the volume required", deleteErr)
 		}
-		return nil, 0, fmt.Errorf("failed to create endpoint/service %v", err)
+		return nil, 0, "", fmt.Errorf("failed to create endpoint/service %v/%v: %v", epNamespace, epServiceName, err)
 	}
-	glog.V(3).Infof("dynamic ep %v and svc : %v ", endpoint, service)
+	glog.V(3).Infof("dynamic endpoint %v and service %v ", endpoint, service)
 	return &v1.GlusterfsVolumeSource{
 		EndpointsName: endpoint.Name,
 		Path:          volume.Name,
 		ReadOnly:      false,
-	}, sz, nil
+	}, sz, volID, nil
 }
 
 func (p *glusterfsVolumeProvisioner) createEndpointService(namespace string, epServiceName string, hostips []string, pvcname string) (endpoint *v1.Endpoints, service *v1.Service, err error) {
@@ -811,12 +826,12 @@ func (p *glusterfsVolumeProvisioner) createEndpointService(namespace string, epS
 	}
 	_, err = kubeClient.CoreV1().Endpoints(namespace).Create(endpoint)
 	if err != nil && errors.IsAlreadyExists(err) {
-		glog.V(1).Infof("endpoint [%s] already exist in namespace [%s]", endpoint, namespace)
+		glog.V(1).Infof("endpoint %s already exist in namespace %s", endpoint, namespace)
 		err = nil
 	}
 	if err != nil {
 		glog.Errorf("failed to create endpoint: %v", err)
-		return nil, nil, fmt.Errorf("error creating endpoint: %v", err)
+		return nil, nil, fmt.Errorf("failed to create endpoint: %v", err)
 	}
 	service = &v1.Service{
 		ObjectMeta: metav1.ObjectMeta{
@@ -831,7 +846,7 @@ func (p *glusterfsVolumeProvisioner) createEndpointService(namespace string, epS
 				{Protocol: "TCP", Port: 1}}}}
 	_, err = kubeClient.CoreV1().Services(namespace).Create(service)
 	if err != nil && errors.IsAlreadyExists(err) {
-		glog.V(1).Infof("service [%s] already exist in namespace [%s]", service, namespace)
+		glog.V(1).Infof("service %s already exist in namespace %s", service, namespace)
 		err = nil
 	}
 	if err != nil {
@@ -848,10 +863,10 @@ func (d *glusterfsVolumeDeleter) deleteEndpointService(namespace string, epServi
 	}
 	err = kubeClient.CoreV1().Services(namespace).Delete(epServiceName, nil)
 	if err != nil {
-		glog.Errorf("error deleting service %s/%s: %v", namespace, epServiceName, err)
-		return fmt.Errorf("error deleting service %s/%s: %v", namespace, epServiceName, err)
+		glog.Errorf("failed to delete service %s/%s: %v", namespace, epServiceName, err)
+		return fmt.Errorf("failed to delete service %s/%s: %v", namespace, epServiceName, err)
 	}
-	glog.V(1).Infof("service/endpoint %s/%s deleted successfully", namespace, epServiceName)
+	glog.V(1).Infof("service/endpoint: %s/%s deleted successfully", namespace, epServiceName)
 	return nil
 }
 
@@ -859,7 +874,7 @@ func (d *glusterfsVolumeDeleter) deleteEndpointService(namespace string, epServi
 func parseSecret(namespace, secretName string, kubeClient clientset.Interface) (string, error) {
 	secretMap, err := volutil.GetSecretForPV(namespace, secretName, glusterfsPluginName, kubeClient)
 	if err != nil {
-		glog.Errorf("failed to get secret %s/%s: %v", namespace, secretName, err)
+		glog.Errorf("failed to get secret: %s/%s: %v", namespace, secretName, err)
 		return "", fmt.Errorf("failed to get secret %s/%s: %v", namespace, secretName, err)
 	}
 	if len(secretMap) == 0 {
@@ -872,12 +887,12 @@ func parseSecret(namespace, secretName string, kubeClient clientset.Interface) (
 		}
 		secret = v
 	}
+
 	// If not found, the last secret in the map wins as done before
 	return secret, nil
 }
 
 // getClusterNodes() returns the cluster nodes of a given cluster
-
 func getClusterNodes(cli *gcli.Client, cluster string) (dynamicHostIps []string, err error) {
 	clusterinfo, err := cli.ClusterInfo(cluster)
 	if err != nil {
@@ -889,15 +904,15 @@ func getClusterNodes(cli *gcli.Client, cluster string) (dynamicHostIps []string,
 	// of the cluster on which provisioned volume belongs to, as there can be multiple
 	// clusters.
 	for _, node := range clusterinfo.Nodes {
-		nodei, err := cli.NodeInfo(string(node))
+		nodeInfo, err := cli.NodeInfo(string(node))
 		if err != nil {
-			glog.Errorf(" failed to get hostip: %v", err)
-			return nil, fmt.Errorf("failed to get hostip: %v", err)
+			glog.Errorf("failed to get host ipaddress: %v", err)
+			return nil, fmt.Errorf("failed to get host ipaddress: %v", err)
 		}
-		ipaddr := dstrings.Join(nodei.NodeAddRequest.Hostnames.Storage, "")
+		ipaddr := dstrings.Join(nodeInfo.NodeAddRequest.Hostnames.Storage, "")
 		dynamicHostIps = append(dynamicHostIps, ipaddr)
 	}
-	glog.V(3).Infof("hostlist :%v", dynamicHostIps)
+	glog.V(3).Infof("host list :%v", dynamicHostIps)
 	if len(dynamicHostIps) == 0 {
 		glog.Errorf("no hosts found: %v", err)
 		return nil, fmt.Errorf("no hosts found: %v", err)
@@ -905,7 +920,7 @@ func getClusterNodes(cli *gcli.Client, cluster string) (dynamicHostIps []string,
 	return dynamicHostIps, nil
 }
 
-// parseClassParameters parses StorageClass.Parameters
+// parseClassParameters parses StorageClass parameters.
 func parseClassParameters(params map[string]string, kubeClient clientset.Interface) (*provisionerConfig, error) {
 	var cfg provisionerConfig
 	var err error
@@ -915,6 +930,7 @@ func parseClassParameters(params map[string]string, kubeClient clientset.Interfa
 	authEnabled := true
 	parseVolumeType := ""
 	parseVolumeOptions := ""
+	parseVolumeNamePrefix := ""
 
 	for k, v := range params {
 		switch dstrings.ToLower(k) {
@@ -937,7 +953,7 @@ func parseClassParameters(params map[string]string, kubeClient clientset.Interfa
 		case "gidmin":
 			parseGidMin, err := convertGid(v)
 			if err != nil {
-				return nil, fmt.Errorf("invalid value %q for volume plugin %s", k, glusterfsPluginName)
+				return nil, fmt.Errorf("invalid gidMin value %q for volume plugin %s", k, glusterfsPluginName)
 			}
 			if parseGidMin < absoluteGidMin {
 				return nil, fmt.Errorf("gidMin must be >= %v", absoluteGidMin)
@@ -949,7 +965,7 @@ func parseClassParameters(params map[string]string, kubeClient clientset.Interfa
 		case "gidmax":
 			parseGidMax, err := convertGid(v)
 			if err != nil {
-				return nil, fmt.Errorf("invalid value %q for volume plugin %s", k, glusterfsPluginName)
+				return nil, fmt.Errorf("invalid gidMax value %q for volume plugin %s", k, glusterfsPluginName)
 			}
 			if parseGidMax < absoluteGidMin {
 				return nil, fmt.Errorf("gidMax must be >= %v", absoluteGidMin)
@@ -965,7 +981,10 @@ func parseClassParameters(params map[string]string, kubeClient clientset.Interfa
 			if len(v) != 0 {
 				parseVolumeOptions = v
 			}
-
+		case "volumenameprefix":
+			if len(v) != 0 {
+				parseVolumeNamePrefix = v
+			}
 		default:
 			return nil, fmt.Errorf("invalid option %q for volume plugin %s", k, glusterfsPluginName)
 		}
@@ -985,7 +1004,7 @@ func parseClassParameters(params map[string]string, kubeClient clientset.Interfa
 			if len(parseVolumeTypeInfo) >= 2 {
 				newReplicaCount, err := convertVolumeParam(parseVolumeTypeInfo[1])
 				if err != nil {
-					return nil, fmt.Errorf("error [%v] when parsing value %q of option '%s' for volume plugin %s", err, parseVolumeTypeInfo[1], "volumetype", glusterfsPluginName)
+					return nil, fmt.Errorf("error parsing volumeType %q: %s", parseVolumeTypeInfo[1], err)
 				}
 				cfg.volumeType = gapi.VolumeDurabilityInfo{Type: gapi.DurabilityReplicate, Replicate: gapi.ReplicaDurability{Replica: newReplicaCount}}
 			} else {
@@ -995,11 +1014,11 @@ func parseClassParameters(params map[string]string, kubeClient clientset.Interfa
 			if len(parseVolumeTypeInfo) >= 3 {
 				newDisperseData, err := convertVolumeParam(parseVolumeTypeInfo[1])
 				if err != nil {
-					return nil, fmt.Errorf("error [%v] when parsing value %q of option '%s' for volume plugin %s", parseVolumeTypeInfo[1], err, "volumetype", glusterfsPluginName)
+					return nil, fmt.Errorf("error parsing volumeType %q: %s", parseVolumeTypeInfo[1], err)
 				}
 				newDisperseRedundancy, err := convertVolumeParam(parseVolumeTypeInfo[2])
 				if err != nil {
-					return nil, fmt.Errorf("error [%v] when parsing value %q of option '%s' for volume plugin %s", err, parseVolumeTypeInfo[2], "volumetype", glusterfsPluginName)
+					return nil, fmt.Errorf("error parsing volumeType %q: %s", parseVolumeTypeInfo[2], err)
 				}
 				cfg.volumeType = gapi.VolumeDurabilityInfo{Type: gapi.DurabilityEC, Disperse: gapi.DisperseDurability{Data: newDisperseData, Redundancy: newDisperseRedundancy}}
 			} else {
@@ -1020,6 +1039,7 @@ func parseClassParameters(params map[string]string, kubeClient clientset.Interfa
 	}
 
 	if len(cfg.secretName) != 0 || len(cfg.secretNamespace) != 0 {
+
 		// secretName + Namespace has precedence over userKey
 		if len(cfg.secretName) != 0 && len(cfg.secretNamespace) != 0 {
 			cfg.secretValue, err = parseSecret(cfg.secretNamespace, cfg.secretName, kubeClient)
@@ -1040,23 +1060,52 @@ func parseClassParameters(params map[string]string, kubeClient clientset.Interfa
 	if len(parseVolumeOptions) != 0 {
 		volOptions := dstrings.Split(parseVolumeOptions, ",")
 		if len(volOptions) == 0 {
-			return nil, fmt.Errorf("StorageClass for provisioner %q must have valid ( for eg, 'client.ssl on') volume option", glusterfsPluginName)
+			return nil, fmt.Errorf("StorageClass for provisioner %q must have valid (for e.g., 'client.ssl on') volume option", glusterfsPluginName)
 		}
 		cfg.volumeOptions = volOptions
 
 	}
+
+	if len(parseVolumeNamePrefix) != 0 {
+		if dstrings.Contains(parseVolumeNamePrefix, "_") {
+			return nil, fmt.Errorf("Storageclass parameter 'volumenameprefix' should not contain '_' in its value")
+		}
+		cfg.volumeNamePrefix = parseVolumeNamePrefix
+	}
 	return &cfg, nil
 }
 
+// getVolumeID returns volumeID from the PV or volumename.
+func getVolumeID(pv *v1.PersistentVolume, volumeName string) (string, error) {
+	volumeID := ""
+
+	// Get volID from pvspec if available, else fill it from volumename.
+	if pv != nil {
+		if pv.Annotations[heketiVolIDAnn] != "" {
+			volumeID = pv.Annotations[heketiVolIDAnn]
+		} else {
+			volumeID = dstrings.TrimPrefix(volumeName, volPrefix)
+		}
+	} else {
+		return volumeID, fmt.Errorf("provided PV spec is nil")
+	}
+	if volumeID == "" {
+		return volumeID, fmt.Errorf("volume ID is empty")
+	}
+	return volumeID, nil
+}
+
 func (plugin *glusterfsPlugin) ExpandVolumeDevice(spec *volume.Spec, newSize resource.Quantity, oldSize resource.Quantity) (resource.Quantity, error) {
 	pvSpec := spec.PersistentVolume.Spec
-	glog.V(2).Infof("Request to expand volume: %s ", pvSpec.Glusterfs.Path)
 	volumeName := pvSpec.Glusterfs.Path
+	glog.V(2).Infof("Received request to expand volume %s", volumeName)
+	volumeID, err := getVolumeID(spec.PersistentVolume, volumeName)
 
-	// Fetch the volume for expansion.
-	volumeID := dstrings.TrimPrefix(volumeName, volPrefix)
+	if err != nil {
+		return oldSize, fmt.Errorf("failed to get volumeID for volume %s: %v", volumeName, err)
+	}
 
-	//Get details of SC.
+	//Get details of StorageClass.
 	class, err := volutil.GetClassForVolume(plugin.host.GetKubeClient(), spec.PersistentVolume)
 	if err != nil {
 		return oldSize, err
@@ -1066,30 +1115,44 @@ func (plugin *glusterfsPlugin) ExpandVolumeDevice(spec *volume.Spec, newSize res
 		return oldSize, err
 	}
 
-	glog.V(4).Infof("Expanding volume %q with configuration %+v", volumeID, cfg)
+	glog.V(4).Infof("expanding volume: %q with configuration: %+v", volumeID, cfg)
 
 	//Create REST server connection
 	cli := gcli.NewClient(cfg.url, cfg.user, cfg.secretValue)
 	if cli == nil {
-		glog.Errorf("failed to create glusterfs rest client")
-		return oldSize, fmt.Errorf("failed to create glusterfs rest client, REST server authentication failed")
+		glog.Errorf("failed to create glusterfs REST client")
+		return oldSize, fmt.Errorf("failed to create glusterfs REST client, REST server authentication failed")
 	}
 
 	// Find out delta size
 	expansionSize := (newSize.Value() - oldSize.Value())
-	expansionSizeGB := int(volume.RoundUpSize(expansionSize, 1000*1000*1000))
+	expansionSizeGiB := int(volutil.RoundUpSize(expansionSize, volutil.GIB))
+
+	// Find out requested Size
+	requestGiB := volutil.RoundUpToGiB(newSize)
+
+	//Check the existing volume size
+	currentVolumeInfo, err := cli.VolumeInfo(volumeID)
+	if err != nil {
+		glog.Errorf("error when fetching details of volume %s: %v", volumeName, err)
+		return oldSize, err
+	}
+
+	if int64(currentVolumeInfo.Size) >= requestGiB {
+		return newSize, nil
+	}
 
 	// Make volume expansion request
-	volumeExpandReq := &gapi.VolumeExpandRequest{Size: expansionSizeGB}
+	volumeExpandReq := &gapi.VolumeExpandRequest{Size: expansionSizeGiB}
 
 	// Expand the volume
 	volumeInfoRes, err := cli.VolumeExpand(volumeID, volumeExpandReq)
 	if err != nil {
-		glog.Errorf("error when expanding the volume :%v", err)
+		glog.Errorf("failed to expand volume %s: %v", volumeName, err)
 		return oldSize, err
 	}
 
 	glog.V(2).Infof("volume %s expanded to new size %d successfully", volumeName, volumeInfoRes.Size)
-	newVolumeSize := resource.MustParse(fmt.Sprintf("%dG", volumeInfoRes.Size))
+	newVolumeSize := resource.MustParse(fmt.Sprintf("%dGi", volumeInfoRes.Size))
 	return newVolumeSize, nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/glusterfs/glusterfs_util.go b/vendor/k8s.io/kubernetes/pkg/volume/glusterfs/glusterfs_util.go
index 40cbd61ab6df..83d8a13c7696 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/glusterfs/glusterfs_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/glusterfs/glusterfs_util.go
@@ -27,24 +27,24 @@ import (
 // readGlusterLog will take the last 2 lines of the log file
 // on failure of gluster SetUp and return those so kubelet can
 // properly expose them
-// return nil on any failure
+// return error on any failure
 func readGlusterLog(path string, podName string) error {
 
 	var line1 string
 	var line2 string
 	linecount := 0
 
-	glog.Infof("glusterfs: failure, now attempting to read the gluster log for pod %s", podName)
+	glog.Infof("failure, now attempting to read the gluster log for pod %s", podName)
 
 	// Check and make sure path exists
 	if len(path) == 0 {
-		return fmt.Errorf("glusterfs: log file does not exist for pod: %s", podName)
+		return fmt.Errorf("log file does not exist for pod %s", podName)
 	}
 
 	// open the log file
 	file, err := os.Open(path)
 	if err != nil {
-		return fmt.Errorf("glusterfs: could not open log file for pod: %s", podName)
+		return fmt.Errorf("could not open log file for pod %s", podName)
 	}
 	defer file.Close()
 
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/host_path/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/host_path/BUILD
index b158f6de8b1e..b188bb3d94b9 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/host_path/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/host_path/BUILD
@@ -16,7 +16,8 @@ go_library(
     deps = [
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
+        "//pkg/volume/util:go_default_library",
+        "//pkg/volume/util/recyclerclient:go_default_library",
         "//pkg/volume/validation:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
@@ -28,8 +29,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["host_path_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/volume/host_path",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/util/file:go_default_library",
         "//pkg/util/mount:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/host_path/host_path.go b/vendor/k8s.io/kubernetes/pkg/volume/host_path/host_path.go
index 97e3fa5db558..4a3cb76b6af2 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/host_path/host_path.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/host_path/host_path.go
@@ -27,7 +27,8 @@ import (
 	"k8s.io/apimachinery/pkg/util/uuid"
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
+	"k8s.io/kubernetes/pkg/volume/util"
+	"k8s.io/kubernetes/pkg/volume/util/recyclerclient"
 	"k8s.io/kubernetes/pkg/volume/validation"
 )
 
@@ -129,13 +130,13 @@ func (plugin *hostPathPlugin) NewUnmounter(volName string, podUID types.UID) (vo
 // Recycle recycles/scrubs clean a HostPath volume.
 // Recycle blocks until the pod has completed or any error occurs.
 // HostPath recycling only works in single node clusters and is meant for testing purposes only.
-func (plugin *hostPathPlugin) Recycle(pvName string, spec *volume.Spec, eventRecorder volume.RecycleEventRecorder) error {
+func (plugin *hostPathPlugin) Recycle(pvName string, spec *volume.Spec, eventRecorder recyclerclient.RecycleEventRecorder) error {
 	if spec.PersistentVolume == nil || spec.PersistentVolume.Spec.HostPath == nil {
 		return fmt.Errorf("spec.PersistentVolumeSource.HostPath is nil")
 	}
 
 	pod := plugin.config.RecyclerPodTemplate
-	timeout := volume.CalculateTimeoutForVolume(plugin.config.RecyclerMinimumTimeout, plugin.config.RecyclerTimeoutIncrement, spec.PersistentVolume)
+	timeout := util.CalculateTimeoutForVolume(plugin.config.RecyclerMinimumTimeout, plugin.config.RecyclerTimeoutIncrement, spec.PersistentVolume)
 	// overrides
 	pod.Spec.ActiveDeadlineSeconds = &timeout
 	pod.Spec.Volumes[0].VolumeSource = v1.VolumeSource{
@@ -143,7 +144,7 @@ func (plugin *hostPathPlugin) Recycle(pvName string, spec *volume.Spec, eventRec
 			Path: spec.PersistentVolume.Spec.HostPath.Path,
 		},
 	}
-	return volume.RecycleVolumeByWatchingPodUntilCompletion(pvName, pod, plugin.host.GetKubeClient(), eventRecorder)
+	return recyclerclient.RecycleVolumeByWatchingPodUntilCompletion(pvName, pod, plugin.host.GetKubeClient(), eventRecorder)
 }
 
 func (plugin *hostPathPlugin) NewDeleter(spec *volume.Spec) (volume.Deleter, error) {
@@ -272,7 +273,7 @@ func (r *hostPathProvisioner) Provision() (*v1.PersistentVolume, error) {
 		ObjectMeta: metav1.ObjectMeta{
 			Name: r.options.PVName,
 			Annotations: map[string]string{
-				volumehelper.VolumeDynamicallyCreatedByKey: "hostpath-dynamic-provisioner",
+				util.VolumeDynamicallyCreatedByKey: "hostpath-dynamic-provisioner",
 			},
 		},
 		Spec: v1.PersistentVolumeSpec{
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/iscsi/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/iscsi/BUILD
index 3c7a7598136a..8e1f600de706 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/iscsi/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/iscsi/BUILD
@@ -17,14 +17,17 @@ go_library(
     ],
     importpath = "k8s.io/kubernetes/pkg/volume/iscsi",
     deps = [
+        "//pkg/features:go_default_library",
         "//pkg/util/mount:go_default_library",
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
+        "//pkg/volume/util/volumepathhandler:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
     ],
 )
 
@@ -34,8 +37,7 @@ go_test(
         "iscsi_test.go",
         "iscsi_util_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/volume/iscsi",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/iscsi/attacher.go b/vendor/k8s.io/kubernetes/pkg/volume/iscsi/attacher.go
index c039a70db8c5..0ca2f4d5febe 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/iscsi/attacher.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/iscsi/attacher.go
@@ -19,13 +19,13 @@ package iscsi
 import (
 	"fmt"
 	"os"
-	"strconv"
 	"time"
 
 	"github.com/golang/glog"
 	"k8s.io/api/core/v1"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
+	utilfeature "k8s.io/apiserver/pkg/util/feature"
+	"k8s.io/kubernetes/pkg/features"
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
 	volumeutil "k8s.io/kubernetes/pkg/volume/util"
@@ -66,7 +66,7 @@ func (attacher *iscsiAttacher) VolumesAreAttached(specs []*volume.Spec, nodeName
 }
 
 func (attacher *iscsiAttacher) WaitForAttach(spec *volume.Spec, devicePath string, pod *v1.Pod, timeout time.Duration) (string, error) {
-	mounter, err := attacher.volumeSpecToMounter(spec, attacher.host, pod)
+	mounter, err := volumeSpecToMounter(spec, attacher.host, pod)
 	if err != nil {
 		glog.Warningf("failed to get iscsi mounter: %v", err)
 		return "", err
@@ -76,7 +76,7 @@ func (attacher *iscsiAttacher) WaitForAttach(spec *volume.Spec, devicePath strin
 
 func (attacher *iscsiAttacher) GetDeviceMountPath(
 	spec *volume.Spec) (string, error) {
-	mounter, err := attacher.volumeSpecToMounter(spec, attacher.host, nil)
+	mounter, err := volumeSpecToMounter(spec, attacher.host, nil)
 	if err != nil {
 		glog.Warningf("failed to get iscsi mounter: %v", err)
 		return "", err
@@ -112,7 +112,7 @@ func (attacher *iscsiAttacher) MountDevice(spec *volume.Spec, devicePath string,
 	}
 	if notMnt {
 		diskMounter := &mount.SafeFormatAndMount{Interface: mounter, Exec: attacher.host.GetExec(iscsiPluginName)}
-		mountOptions := volume.MountOptionFromSpec(spec, options...)
+		mountOptions := volumeutil.MountOptionFromSpec(spec, options...)
 		err = diskMounter.FormatAndMount(devicePath, deviceMountPath, fsType, mountOptions)
 		if err != nil {
 			os.Remove(deviceMountPath)
@@ -143,7 +143,7 @@ func (detacher *iscsiDetacher) Detach(volumeName string, nodeName types.NodeName
 }
 
 func (detacher *iscsiDetacher) UnmountDevice(deviceMountPath string) error {
-	unMounter := detacher.volumeSpecToUnmounter(detacher.mounter)
+	unMounter := volumeSpecToUnmounter(detacher.mounter, detacher.host)
 	err := detacher.manager.DetachDisk(*unMounter, deviceMountPath)
 	if err != nil {
 		return fmt.Errorf("iscsi: failed to detach disk: %s\nError: %v", deviceMountPath, err)
@@ -157,94 +157,49 @@ func (detacher *iscsiDetacher) UnmountDevice(deviceMountPath string) error {
 	return nil
 }
 
-func (attacher *iscsiAttacher) volumeSpecToMounter(spec *volume.Spec, host volume.VolumeHost, pod *v1.Pod) (*iscsiDiskMounter, error) {
+func volumeSpecToMounter(spec *volume.Spec, host volume.VolumeHost, pod *v1.Pod) (*iscsiDiskMounter, error) {
 	var secret map[string]string
-	var bkportal []string
 	readOnly, fsType, err := getISCSIVolumeInfo(spec)
 	if err != nil {
 		return nil, err
 	}
+	var podUID types.UID
 	if pod != nil {
-		chapDiscovery, err := getISCSIDiscoveryCHAPInfo(spec)
+		secret, err = createSecretMap(spec, &iscsiPlugin{host: host}, pod.Namespace)
 		if err != nil {
 			return nil, err
 		}
-		chapSession, err := getISCSISessionCHAPInfo(spec)
-		if err != nil {
-			return nil, err
-		}
-		if chapDiscovery || chapSession {
-			secretName, secretNamespace, err := getISCSISecretNameAndNamespace(spec, pod.Namespace)
-			if err != nil {
-				return nil, err
-			}
-			if len(secretNamespace) == 0 || len(secretName) == 0 {
-				return nil, fmt.Errorf("CHAP enabled but secret name or namespace is empty")
-			}
-			// if secret is provided, retrieve it
-			kubeClient := host.GetKubeClient()
-			if kubeClient == nil {
-				return nil, fmt.Errorf("Cannot get kube client")
-			}
-			secretObj, err := kubeClient.Core().Secrets(secretNamespace).Get(secretName, metav1.GetOptions{})
-			if err != nil {
-				err = fmt.Errorf("Couldn't get secret %v/%v error: %v", secretNamespace, secretName, err)
-				return nil, err
-			}
-			secret = make(map[string]string)
-			for name, data := range secretObj.Data {
-				glog.V(6).Infof("retrieving CHAP secret name: %s", name)
-				secret[name] = string(data)
-			}
-		}
-
-	}
-	tp, portals, iqn, lunStr, err := getISCSITargetInfo(spec)
+		podUID = pod.UID
+	}
+	iscsiDisk, err := createISCSIDisk(spec,
+		podUID,
+		&iscsiPlugin{host: host},
+		&ISCSIUtil{},
+		secret,
+	)
 	if err != nil {
 		return nil, err
 	}
-
-	lun := strconv.Itoa(int(lunStr))
-	portal := portalMounter(tp)
-	bkportal = append(bkportal, portal)
-	for _, p := range portals {
-		bkportal = append(bkportal, portalMounter(string(p)))
-	}
-
-	iface, initiatorNamePtr, err := getISCSIInitiatorInfo(spec)
-	if err != nil {
-		return nil, err
-	}
-
-	var initiatorName string
-	if initiatorNamePtr != nil {
-		initiatorName = *initiatorNamePtr
-	}
-	chapDiscovery, err := getISCSIDiscoveryCHAPInfo(spec)
-	if err != nil {
-		return nil, err
-	}
-	chapSession, err := getISCSISessionCHAPInfo(spec)
-	if err != nil {
-		return nil, err
+	exec := host.GetExec(iscsiPluginName)
+	// TODO: remove feature gate check after no longer needed
+	if utilfeature.DefaultFeatureGate.Enabled(features.BlockVolume) {
+		volumeMode, err := volumeutil.GetVolumeMode(spec)
+		if err != nil {
+			return nil, err
+		}
+		glog.V(5).Infof("iscsi: VolumeSpecToMounter volumeMode %s", volumeMode)
+		return &iscsiDiskMounter{
+			iscsiDisk:  iscsiDisk,
+			fsType:     fsType,
+			volumeMode: volumeMode,
+			readOnly:   readOnly,
+			mounter:    &mount.SafeFormatAndMount{Interface: host.GetMounter(iscsiPluginName), Exec: exec},
+			exec:       exec,
+			deviceUtil: volumeutil.NewDeviceHandler(volumeutil.NewIOHandler()),
+		}, nil
 	}
-	exec := attacher.host.GetExec(iscsiPluginName)
-
 	return &iscsiDiskMounter{
-		iscsiDisk: &iscsiDisk{
-			plugin: &iscsiPlugin{
-				host: host,
-			},
-			VolName:        spec.Name(),
-			Portals:        bkportal,
-			Iqn:            iqn,
-			lun:            lun,
-			Iface:          iface,
-			chap_discovery: chapDiscovery,
-			chap_session:   chapSession,
-			secret:         secret,
-			InitiatorName:  initiatorName,
-			manager:        &ISCSIUtil{}},
+		iscsiDisk:  iscsiDisk,
 		fsType:     fsType,
 		readOnly:   readOnly,
 		mounter:    &mount.SafeFormatAndMount{Interface: host.GetMounter(iscsiPluginName), Exec: exec},
@@ -253,8 +208,8 @@ func (attacher *iscsiAttacher) volumeSpecToMounter(spec *volume.Spec, host volum
 	}, nil
 }
 
-func (detacher *iscsiDetacher) volumeSpecToUnmounter(mounter mount.Interface) *iscsiDiskUnmounter {
-	exec := detacher.host.GetExec(iscsiPluginName)
+func volumeSpecToUnmounter(mounter mount.Interface, host volume.VolumeHost) *iscsiDiskUnmounter {
+	exec := host.GetExec(iscsiPluginName)
 	return &iscsiDiskUnmounter{
 		iscsiDisk: &iscsiDisk{
 			plugin: &iscsiPlugin{},
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/iscsi/disk_manager.go b/vendor/k8s.io/kubernetes/pkg/volume/iscsi/disk_manager.go
index ea00c7ebcbeb..aa1caeaf99cd 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/iscsi/disk_manager.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/iscsi/disk_manager.go
@@ -22,20 +22,25 @@ import (
 	"github.com/golang/glog"
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
+	"k8s.io/kubernetes/pkg/volume/util"
 )
 
 // Abstract interface to disk operations.
 type diskManager interface {
 	MakeGlobalPDName(disk iscsiDisk) string
+	MakeGlobalVDPDName(disk iscsiDisk) string
 	// Attaches the disk to the kubelet's host machine.
 	AttachDisk(b iscsiDiskMounter) (string, error)
 	// Detaches the disk from the kubelet's host machine.
 	DetachDisk(disk iscsiDiskUnmounter, mntPath string) error
+	// Detaches the block disk from the kubelet's host machine.
+	DetachBlockISCSIDisk(disk iscsiDiskUnmapper, mntPath string) error
 }
 
 // utility to mount a disk based filesystem
+// globalPDPath: global mount path like, /var/lib/kubelet/plugins/kubernetes.io/iscsi/{ifaceName}/{portal-some_iqn-lun-lun_id}
+// volPath: pod volume dir path like, /var/lib/kubelet/pods/{podUID}/volumes/kubernetes.io~iscsi/{volumeName}
 func diskSetUp(manager diskManager, b iscsiDiskMounter, volPath string, mounter mount.Interface, fsGroup *int64) error {
-	// TODO: handle failed mounts here.
 	notMnt, err := mounter.IsLikelyNotMountPoint(volPath)
 	if err != nil && !os.IsNotExist(err) {
 		glog.Errorf("cannot validate mountpoint: %s", volPath)
@@ -59,7 +64,7 @@ func diskSetUp(manager diskManager, b iscsiDiskMounter, volPath string, mounter
 		b.iscsiDisk.Iface = b.iscsiDisk.Portals[0] + ":" + b.iscsiDisk.VolName
 	}
 	globalPDPath := manager.MakeGlobalPDName(*b.iscsiDisk)
-	mountOptions := volume.JoinMountOptions(b.mountOptions, options)
+	mountOptions := util.JoinMountOptions(b.mountOptions, options)
 	err = mounter.Mount(globalPDPath, volPath, "", mountOptions)
 	if err != nil {
 		glog.Errorf("Failed to bind mount: source:%s, target:%s, err:%v", globalPDPath, volPath, err)
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/iscsi/iscsi.go b/vendor/k8s.io/kubernetes/pkg/volume/iscsi/iscsi.go
index a7893ec7218f..525386e1932f 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/iscsi/iscsi.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/iscsi/iscsi.go
@@ -18,6 +18,8 @@ package iscsi
 
 import (
 	"fmt"
+	"os"
+	"path/filepath"
 	"strconv"
 	"strings"
 
@@ -29,6 +31,7 @@ import (
 	utilstrings "k8s.io/kubernetes/pkg/util/strings"
 	"k8s.io/kubernetes/pkg/volume"
 	ioutil "k8s.io/kubernetes/pkg/volume/util"
+	"k8s.io/kubernetes/pkg/volume/util/volumepathhandler"
 )
 
 // This is the primary entrypoint for volume plugins.
@@ -42,6 +45,7 @@ type iscsiPlugin struct {
 
 var _ volume.VolumePlugin = &iscsiPlugin{}
 var _ volume.PersistentVolumePlugin = &iscsiPlugin{}
+var _ volume.BlockVolumePlugin = &iscsiPlugin{}
 
 const (
 	iscsiPluginName = "kubernetes.io/iscsi"
@@ -66,11 +70,7 @@ func (plugin *iscsiPlugin) GetVolumeName(spec *volume.Spec) (string, error) {
 }
 
 func (plugin *iscsiPlugin) CanSupport(spec *volume.Spec) bool {
-	if (spec.Volume != nil && spec.Volume.ISCSI == nil) || (spec.PersistentVolume != nil && spec.PersistentVolume.Spec.ISCSI == nil) {
-		return false
-	}
-
-	return true
+	return (spec.Volume != nil && spec.Volume.ISCSI != nil) || (spec.PersistentVolume != nil && spec.PersistentVolume.Spec.ISCSI != nil)
 }
 
 func (plugin *iscsiPlugin) RequiresRemount() bool {
@@ -93,109 +93,71 @@ func (plugin *iscsiPlugin) GetAccessModes() []v1.PersistentVolumeAccessMode {
 }
 
 func (plugin *iscsiPlugin) NewMounter(spec *volume.Spec, pod *v1.Pod, _ volume.VolumeOptions) (volume.Mounter, error) {
-	// Inject real implementations here, test through the internal function.
-	var secret map[string]string
 	if pod == nil {
 		return nil, fmt.Errorf("nil pod")
 	}
-	chapDiscover, err := getISCSIDiscoveryCHAPInfo(spec)
-	if err != nil {
-		return nil, err
-	}
-	chapSession, err := getISCSISessionCHAPInfo(spec)
+	secret, err := createSecretMap(spec, plugin, pod.Namespace)
 	if err != nil {
 		return nil, err
 	}
-	if chapDiscover || chapSession {
-		secretName, secretNamespace, err := getISCSISecretNameAndNamespace(spec, pod.Namespace)
-		if err != nil {
-			return nil, err
-		}
-
-		if len(secretName) > 0 && len(secretNamespace) > 0 {
-			// if secret is provideded, retrieve it
-			kubeClient := plugin.host.GetKubeClient()
-			if kubeClient == nil {
-				return nil, fmt.Errorf("Cannot get kube client")
-			}
-			secretObj, err := kubeClient.Core().Secrets(secretNamespace).Get(secretName, metav1.GetOptions{})
-			if err != nil {
-				err = fmt.Errorf("Couldn't get secret %v/%v error: %v", secretNamespace, secretName, err)
-				return nil, err
-			}
-			secret = make(map[string]string)
-			for name, data := range secretObj.Data {
-				glog.V(4).Infof("retrieving CHAP secret name: %s", name)
-				secret[name] = string(data)
-			}
-		}
-	}
 	return plugin.newMounterInternal(spec, pod.UID, &ISCSIUtil{}, plugin.host.GetMounter(plugin.GetPluginName()), plugin.host.GetExec(plugin.GetPluginName()), secret)
 }
 
 func (plugin *iscsiPlugin) newMounterInternal(spec *volume.Spec, podUID types.UID, manager diskManager, mounter mount.Interface, exec mount.Exec, secret map[string]string) (volume.Mounter, error) {
-	// iscsi volumes used directly in a pod have a ReadOnly flag set by the pod author.
-	// iscsi volumes used as a PersistentVolume gets the ReadOnly flag indirectly through the persistent-claim volume used to mount the PV
 	readOnly, fsType, err := getISCSIVolumeInfo(spec)
 	if err != nil {
 		return nil, err
 	}
-	tp, portals, iqn, lunStr, err := getISCSITargetInfo(spec)
+	iscsiDisk, err := createISCSIDisk(spec, podUID, plugin, manager, secret)
 	if err != nil {
 		return nil, err
 	}
+	return &iscsiDiskMounter{
+		iscsiDisk:    iscsiDisk,
+		fsType:       fsType,
+		readOnly:     readOnly,
+		mounter:      &mount.SafeFormatAndMount{Interface: mounter, Exec: exec},
+		exec:         exec,
+		deviceUtil:   ioutil.NewDeviceHandler(ioutil.NewIOHandler()),
+		mountOptions: ioutil.MountOptionFromSpec(spec),
+	}, nil
+}
 
-	lun := strconv.Itoa(int(lunStr))
-	portal := portalMounter(tp)
-	var bkportal []string
-	bkportal = append(bkportal, portal)
-	for _, p := range portals {
-		bkportal = append(bkportal, portalMounter(string(p)))
-	}
-
-	iface, initiatorNamePtr, err := getISCSIInitiatorInfo(spec)
-	if err != nil {
-		return nil, err
+// NewBlockVolumeMapper creates a new volume.BlockVolumeMapper from an API specification.
+func (plugin *iscsiPlugin) NewBlockVolumeMapper(spec *volume.Spec, pod *v1.Pod, _ volume.VolumeOptions) (volume.BlockVolumeMapper, error) {
+	// If this is called via GenerateUnmapDeviceFunc(), pod is nil.
+	// Pass empty string as dummy uid since uid isn't used in the case.
+	var uid types.UID
+	var secret map[string]string
+	var err error
+	if pod != nil {
+		uid = pod.UID
+		secret, err = createSecretMap(spec, plugin, pod.Namespace)
+		if err != nil {
+			return nil, err
+		}
 	}
+	return plugin.newBlockVolumeMapperInternal(spec, uid, &ISCSIUtil{}, plugin.host.GetMounter(plugin.GetPluginName()), plugin.host.GetExec(plugin.GetPluginName()), secret)
+}
 
-	var initiatorName string
-	if initiatorNamePtr != nil {
-		initiatorName = *initiatorNamePtr
-	}
-	chapDiscovery, err := getISCSIDiscoveryCHAPInfo(spec)
+func (plugin *iscsiPlugin) newBlockVolumeMapperInternal(spec *volume.Spec, podUID types.UID, manager diskManager, mounter mount.Interface, exec mount.Exec, secret map[string]string) (volume.BlockVolumeMapper, error) {
+	readOnly, _, err := getISCSIVolumeInfo(spec)
 	if err != nil {
 		return nil, err
 	}
-	chapSession, err := getISCSISessionCHAPInfo(spec)
+	iscsiDisk, err := createISCSIDisk(spec, podUID, plugin, manager, secret)
 	if err != nil {
 		return nil, err
 	}
-
-	return &iscsiDiskMounter{
-		iscsiDisk: &iscsiDisk{
-			podUID:         podUID,
-			VolName:        spec.Name(),
-			Portals:        bkportal,
-			Iqn:            iqn,
-			lun:            lun,
-			Iface:          iface,
-			chap_discovery: chapDiscovery,
-			chap_session:   chapSession,
-			secret:         secret,
-			InitiatorName:  initiatorName,
-			manager:        manager,
-			plugin:         plugin},
-		fsType:       fsType,
-		readOnly:     readOnly,
-		mounter:      &mount.SafeFormatAndMount{Interface: mounter, Exec: exec},
-		exec:         exec,
-		deviceUtil:   ioutil.NewDeviceHandler(ioutil.NewIOHandler()),
-		mountOptions: volume.MountOptionFromSpec(spec),
+	return &iscsiDiskMapper{
+		iscsiDisk:  iscsiDisk,
+		readOnly:   readOnly,
+		exec:       exec,
+		deviceUtil: ioutil.NewDeviceHandler(ioutil.NewIOHandler()),
 	}, nil
 }
 
 func (plugin *iscsiPlugin) NewUnmounter(volName string, podUID types.UID) (volume.Unmounter, error) {
-	// Inject real implementations here, test through the internal function.
 	return plugin.newUnmounterInternal(volName, podUID, &ISCSIUtil{}, plugin.host.GetMounter(plugin.GetPluginName()), plugin.host.GetExec(plugin.GetPluginName()))
 }
 
@@ -212,25 +174,88 @@ func (plugin *iscsiPlugin) newUnmounterInternal(volName string, podUID types.UID
 	}, nil
 }
 
+// NewBlockVolumeUnmapper creates a new volume.BlockVolumeUnmapper from recoverable state.
+func (plugin *iscsiPlugin) NewBlockVolumeUnmapper(volName string, podUID types.UID) (volume.BlockVolumeUnmapper, error) {
+	return plugin.newUnmapperInternal(volName, podUID, &ISCSIUtil{}, plugin.host.GetExec(plugin.GetPluginName()))
+}
+
+func (plugin *iscsiPlugin) newUnmapperInternal(volName string, podUID types.UID, manager diskManager, exec mount.Exec) (volume.BlockVolumeUnmapper, error) {
+	return &iscsiDiskUnmapper{
+		iscsiDisk: &iscsiDisk{
+			podUID:  podUID,
+			VolName: volName,
+			manager: manager,
+			plugin:  plugin,
+		},
+		exec:       exec,
+		deviceUtil: ioutil.NewDeviceHandler(ioutil.NewIOHandler()),
+	}, nil
+}
+
 func (plugin *iscsiPlugin) ConstructVolumeSpec(volumeName, mountPath string) (*volume.Spec, error) {
+	// Find globalPDPath from pod volume directory(mountPath)
+	var globalPDPath string
+	mounter := plugin.host.GetMounter(plugin.GetPluginName())
+	paths, err := mount.GetMountRefs(mounter, mountPath)
+	if err != nil {
+		return nil, err
+	}
+	for _, path := range paths {
+		if strings.Contains(path, plugin.host.GetPluginDir(iscsiPluginName)) {
+			globalPDPath = path
+			break
+		}
+	}
+	// Couldn't fetch globalPDPath
+	if len(globalPDPath) == 0 {
+		return nil, fmt.Errorf("couldn't fetch globalPDPath. failed to obtain volume spec")
+	}
+
+	// Obtain iscsi disk configurations from globalPDPath
+	device, _, err := extractDeviceAndPrefix(globalPDPath)
+	if err != nil {
+		return nil, err
+	}
+	bkpPortal, iqn, err := extractPortalAndIqn(device)
+	if err != nil {
+		return nil, err
+	}
+	iface, _ := extractIface(globalPDPath)
 	iscsiVolume := &v1.Volume{
 		Name: volumeName,
 		VolumeSource: v1.VolumeSource{
 			ISCSI: &v1.ISCSIVolumeSource{
-				TargetPortal: volumeName,
-				IQN:          volumeName,
+				TargetPortal:   bkpPortal,
+				IQN:            iqn,
+				ISCSIInterface: iface,
 			},
 		},
 	}
 	return volume.NewSpecFromVolume(iscsiVolume), nil
 }
 
+func (plugin *iscsiPlugin) ConstructBlockVolumeSpec(podUID types.UID, volumeName, mapPath string) (*volume.Spec, error) {
+	pluginDir := plugin.host.GetVolumeDevicePluginDir(iscsiPluginName)
+	blkutil := volumepathhandler.NewBlockVolumePathHandler()
+	globalMapPathUUID, err := blkutil.FindGlobalMapPathUUIDFromPod(pluginDir, mapPath, podUID)
+	if err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("globalMapPathUUID: %v, err: %v", globalMapPathUUID, err)
+	// Retrieve volume information from globalMapPathUUID
+	// globalMapPathUUID example:
+	// plugins/kubernetes.io/{PluginName}/{DefaultKubeletVolumeDevicesDirName}/{volumePluginDependentPath}/{pod uuid}
+	// plugins/kubernetes.io/iscsi/volumeDevices/iface-default/192.168.0.10:3260-iqn.2017-05.com.example:test-lun-0/{pod uuid}
+	globalMapPath := filepath.Dir(globalMapPathUUID)
+	return getVolumeSpecFromGlobalMapPath(volumeName, globalMapPath)
+}
+
 type iscsiDisk struct {
 	VolName        string
 	podUID         types.UID
 	Portals        []string
 	Iqn            string
-	lun            string
+	Lun            string
 	Iface          string
 	chap_discovery bool
 	chap_session   bool
@@ -248,10 +273,25 @@ func (iscsi *iscsiDisk) GetPath() string {
 	return iscsi.plugin.host.GetPodVolumeDir(iscsi.podUID, utilstrings.EscapeQualifiedNameForDisk(name), iscsi.VolName)
 }
 
+func (iscsi *iscsiDisk) iscsiGlobalMapPath(spec *volume.Spec) (string, error) {
+	mounter, err := volumeSpecToMounter(spec, iscsi.plugin.host, nil /* pod */)
+	if err != nil {
+		glog.Warningf("failed to get iscsi mounter: %v", err)
+		return "", err
+	}
+	return iscsi.manager.MakeGlobalVDPDName(*mounter.iscsiDisk), nil
+}
+
+func (iscsi *iscsiDisk) iscsiPodDeviceMapPath() (string, string) {
+	name := iscsiPluginName
+	return iscsi.plugin.host.GetPodVolumeDeviceDir(iscsi.podUID, utilstrings.EscapeQualifiedNameForDisk(name)), iscsi.VolName
+}
+
 type iscsiDiskMounter struct {
 	*iscsiDisk
 	readOnly     bool
 	fsType       string
+	volumeMode   v1.PersistentVolumeMode
 	mounter      *mount.SafeFormatAndMount
 	exec         mount.Exec
 	deviceUtil   ioutil.DeviceUtil
@@ -306,6 +346,58 @@ func (c *iscsiDiskUnmounter) TearDownAt(dir string) error {
 	return ioutil.UnmountPath(dir, c.mounter)
 }
 
+// Block Volumes Support
+type iscsiDiskMapper struct {
+	*iscsiDisk
+	readOnly   bool
+	exec       mount.Exec
+	deviceUtil ioutil.DeviceUtil
+}
+
+var _ volume.BlockVolumeMapper = &iscsiDiskMapper{}
+
+func (b *iscsiDiskMapper) SetUpDevice() (string, error) {
+	return "", nil
+}
+
+type iscsiDiskUnmapper struct {
+	*iscsiDisk
+	exec       mount.Exec
+	deviceUtil ioutil.DeviceUtil
+}
+
+var _ volume.BlockVolumeUnmapper = &iscsiDiskUnmapper{}
+
+// Even though iSCSI plugin has attacher/detacher implementation, iSCSI plugin
+// needs volume detach operation during TearDownDevice(). This method is only
+// chance that operations are done on kubelet node during volume teardown sequences.
+func (c *iscsiDiskUnmapper) TearDownDevice(mapPath, _ string) error {
+	err := c.manager.DetachBlockISCSIDisk(*c, mapPath)
+	if err != nil {
+		return fmt.Errorf("iscsi: failed to detach disk: %s\nError: %v", mapPath, err)
+	}
+	glog.V(4).Infof("iscsi: %q is unmounted, deleting the directory", mapPath)
+	err = os.RemoveAll(mapPath)
+	if err != nil {
+		return fmt.Errorf("iscsi: failed to delete the directory: %s\nError: %v", mapPath, err)
+	}
+	glog.V(4).Infof("iscsi: successfully detached disk: %s", mapPath)
+	return nil
+}
+
+// GetGlobalMapPath returns global map path and error
+// path: plugins/kubernetes.io/{PluginName}/volumeDevices/{ifaceName}/{portal-some_iqn-lun-lun_id}
+func (iscsi *iscsiDisk) GetGlobalMapPath(spec *volume.Spec) (string, error) {
+	return iscsi.iscsiGlobalMapPath(spec)
+}
+
+// GetPodDeviceMapPath returns pod device map path and volume name
+// path: pods/{podUid}/volumeDevices/kubernetes.io~iscsi
+// volumeName: pv0001
+func (iscsi *iscsiDisk) GetPodDeviceMapPath() (string, string) {
+	return iscsi.iscsiPodDeviceMapPath()
+}
+
 func portalMounter(portal string) string {
 	if !strings.Contains(portal, ":") {
 		portal = portal + ":3260"
@@ -316,7 +408,7 @@ func portalMounter(portal string) string {
 // get iSCSI volume info: readOnly and fstype
 func getISCSIVolumeInfo(spec *volume.Spec) (bool, string, error) {
 	// for volume source, readonly is in volume spec
-	// for PV, readonly is in PV spec
+	// for PV, readonly is in PV spec. PV gets the ReadOnly flag indirectly through the PVC source
 	if spec.Volume != nil && spec.Volume.ISCSI != nil {
 		return spec.Volume.ISCSI.ReadOnly, spec.Volume.ISCSI.FSType, nil
 	} else if spec.PersistentVolume != nil &&
@@ -397,3 +489,155 @@ func getISCSISecretNameAndNamespace(spec *volume.Spec, defaultSecretNamespace st
 
 	return "", "", fmt.Errorf("Spec does not reference an ISCSI volume type")
 }
+
+func createISCSIDisk(spec *volume.Spec, podUID types.UID, plugin *iscsiPlugin, manager diskManager, secret map[string]string) (*iscsiDisk, error) {
+	tp, portals, iqn, lunStr, err := getISCSITargetInfo(spec)
+	if err != nil {
+		return nil, err
+	}
+
+	lun := strconv.Itoa(int(lunStr))
+	portal := portalMounter(tp)
+	var bkportal []string
+	bkportal = append(bkportal, portal)
+	for _, p := range portals {
+		bkportal = append(bkportal, portalMounter(string(p)))
+	}
+
+	iface, initiatorNamePtr, err := getISCSIInitiatorInfo(spec)
+	if err != nil {
+		return nil, err
+	}
+
+	var initiatorName string
+	if initiatorNamePtr != nil {
+		initiatorName = *initiatorNamePtr
+	}
+	chapDiscovery, err := getISCSIDiscoveryCHAPInfo(spec)
+	if err != nil {
+		return nil, err
+	}
+	chapSession, err := getISCSISessionCHAPInfo(spec)
+	if err != nil {
+		return nil, err
+	}
+
+	return &iscsiDisk{
+		podUID:         podUID,
+		VolName:        spec.Name(),
+		Portals:        bkportal,
+		Iqn:            iqn,
+		Lun:            lun,
+		Iface:          iface,
+		chap_discovery: chapDiscovery,
+		chap_session:   chapSession,
+		secret:         secret,
+		InitiatorName:  initiatorName,
+		manager:        manager,
+		plugin:         plugin}, nil
+}
+
+func createSecretMap(spec *volume.Spec, plugin *iscsiPlugin, namespace string) (map[string]string, error) {
+	var secret map[string]string
+	chapDiscover, err := getISCSIDiscoveryCHAPInfo(spec)
+	if err != nil {
+		return nil, err
+	}
+	chapSession, err := getISCSISessionCHAPInfo(spec)
+	if err != nil {
+		return nil, err
+	}
+	if chapDiscover || chapSession {
+		secretName, secretNamespace, err := getISCSISecretNameAndNamespace(spec, namespace)
+		if err != nil {
+			return nil, err
+		}
+
+		if len(secretName) > 0 && len(secretNamespace) > 0 {
+			// if secret is provideded, retrieve it
+			kubeClient := plugin.host.GetKubeClient()
+			if kubeClient == nil {
+				return nil, fmt.Errorf("Cannot get kube client")
+			}
+			secretObj, err := kubeClient.CoreV1().Secrets(secretNamespace).Get(secretName, metav1.GetOptions{})
+			if err != nil {
+				err = fmt.Errorf("Couldn't get secret %v/%v error: %v", secretNamespace, secretName, err)
+				return nil, err
+			}
+			secret = make(map[string]string)
+			for name, data := range secretObj.Data {
+				glog.V(4).Infof("retrieving CHAP secret name: %s", name)
+				secret[name] = string(data)
+			}
+		}
+	}
+	return secret, err
+}
+
+func createVolumeFromISCSIVolumeSource(volumeName string, iscsi v1.ISCSIVolumeSource) *v1.Volume {
+	return &v1.Volume{
+		Name: volumeName,
+		VolumeSource: v1.VolumeSource{
+			ISCSI: &iscsi,
+		},
+	}
+}
+
+func createPersistentVolumeFromISCSIPVSource(volumeName string, iscsi v1.ISCSIPersistentVolumeSource) *v1.PersistentVolume {
+	block := v1.PersistentVolumeBlock
+	return &v1.PersistentVolume{
+		ObjectMeta: metav1.ObjectMeta{
+			Name: volumeName,
+		},
+		Spec: v1.PersistentVolumeSpec{
+			PersistentVolumeSource: v1.PersistentVolumeSource{
+				ISCSI: &iscsi,
+			},
+			VolumeMode: &block,
+		},
+	}
+}
+
+func getVolumeSpecFromGlobalMapPath(volumeName, globalMapPath string) (*volume.Spec, error) {
+	// Retrieve volume spec information from globalMapPath
+	// globalMapPath example:
+	// plugins/kubernetes.io/{PluginName}/{DefaultKubeletVolumeDevicesDirName}/{volumePluginDependentPath}
+	// plugins/kubernetes.io/iscsi/volumeDevices/iface-default/192.168.0.10:3260-iqn.2017-05.com.example:test-lun-0
+
+	// device: 192.168.0.10:3260-iqn.2017-05.com.example:test-lun-0
+	device, _, err := extractDeviceAndPrefix(globalMapPath)
+	if err != nil {
+		return nil, err
+	}
+	bkpPortal, iqn, err := extractPortalAndIqn(device)
+	if err != nil {
+		return nil, err
+	}
+	arr := strings.Split(device, "-lun-")
+	if len(arr) < 2 {
+		return nil, fmt.Errorf("failed to retrieve lun from globalMapPath: %v", globalMapPath)
+	}
+	lun, err := strconv.Atoi(arr[1])
+	if err != nil {
+		return nil, err
+	}
+	iface, found := extractIface(globalMapPath)
+	if !found {
+		return nil, fmt.Errorf("failed to retrieve iface from globalMapPath: %v", globalMapPath)
+	}
+	iscsiPV := createPersistentVolumeFromISCSIPVSource(volumeName,
+		v1.ISCSIPersistentVolumeSource{
+			TargetPortal:   bkpPortal,
+			IQN:            iqn,
+			Lun:            int32(lun),
+			ISCSIInterface: iface,
+		},
+	)
+	glog.V(5).Infof("ConstructBlockVolumeSpec: TargetPortal: %v, IQN: %v, Lun: %v, ISCSIInterface: %v",
+		iscsiPV.Spec.PersistentVolumeSource.ISCSI.TargetPortal,
+		iscsiPV.Spec.PersistentVolumeSource.ISCSI.IQN,
+		iscsiPV.Spec.PersistentVolumeSource.ISCSI.Lun,
+		iscsiPV.Spec.PersistentVolumeSource.ISCSI.ISCSIInterface,
+	)
+	return volume.NewSpecFromPersistentVolume(iscsiPV, false), nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/iscsi/iscsi_util.go b/vendor/k8s.io/kubernetes/pkg/volume/iscsi/iscsi_util.go
index a72dace77352..ad6382f308f2 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/iscsi/iscsi_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/iscsi/iscsi_util.go
@@ -27,9 +27,13 @@ import (
 	"time"
 
 	"github.com/golang/glog"
+	"k8s.io/api/core/v1"
+	utilfeature "k8s.io/apiserver/pkg/util/feature"
+	"k8s.io/kubernetes/pkg/features"
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
 	volumeutil "k8s.io/kubernetes/pkg/volume/util"
+	"k8s.io/kubernetes/pkg/volume/util/volumepathhandler"
 )
 
 var (
@@ -163,10 +167,21 @@ func makePDNameInternal(host volume.VolumeHost, portal string, iqn string, lun s
 	return path.Join(host.GetPluginDir(iscsiPluginName), "iface-"+iface, portal+"-"+iqn+"-lun-"+lun)
 }
 
+// make a directory like /var/lib/kubelet/plugins/kubernetes.io/iscsi/volumeDevices/iface_name/portal-some_iqn-lun-lun_id
+func makeVDPDNameInternal(host volume.VolumeHost, portal string, iqn string, lun string, iface string) string {
+	return path.Join(host.GetVolumeDevicePluginDir(iscsiPluginName), "iface-"+iface, portal+"-"+iqn+"-lun-"+lun)
+}
+
 type ISCSIUtil struct{}
 
+// MakeGlobalPDName returns path of global plugin dir
 func (util *ISCSIUtil) MakeGlobalPDName(iscsi iscsiDisk) string {
-	return makePDNameInternal(iscsi.plugin.host, iscsi.Portals[0], iscsi.Iqn, iscsi.lun, iscsi.Iface)
+	return makePDNameInternal(iscsi.plugin.host, iscsi.Portals[0], iscsi.Iqn, iscsi.Lun, iscsi.Iface)
+}
+
+// MakeGlobalVDPDName returns path of global volume device plugin dir
+func (util *ISCSIUtil) MakeGlobalVDPDName(iscsi iscsiDisk) string {
+	return makeVDPDNameInternal(iscsi.plugin.host, iscsi.Portals[0], iscsi.Iqn, iscsi.Lun, iscsi.Iface)
 }
 
 func (util *ISCSIUtil) persistISCSI(conf iscsiDisk, mnt string) error {
@@ -184,7 +199,6 @@ func (util *ISCSIUtil) persistISCSI(conf iscsiDisk, mnt string) error {
 }
 
 func (util *ISCSIUtil) loadISCSI(conf *iscsiDisk, mnt string) error {
-	// NOTE: The iscsi config json is not deleted after logging out from target portals.
 	file := path.Join(mnt, "iscsi.json")
 	fp, err := os.Open(file)
 	if err != nil {
@@ -198,6 +212,7 @@ func (util *ISCSIUtil) loadISCSI(conf *iscsiDisk, mnt string) error {
 	return nil
 }
 
+// AttachDisk returns devicePath of volume if attach succeeded otherwise returns error
 func (util *ISCSIUtil) AttachDisk(b iscsiDiskMounter) (string, error) {
 	var devicePath string
 	var devicePaths []string
@@ -240,9 +255,9 @@ func (util *ISCSIUtil) AttachDisk(b iscsiDiskMounter) (string, error) {
 			return "", fmt.Errorf("Could not parse iface file for %s", b.Iface)
 		}
 		if iscsiTransport == "tcp" {
-			devicePath = strings.Join([]string{"/dev/disk/by-path/ip", tp, "iscsi", b.Iqn, "lun", b.lun}, "-")
+			devicePath = strings.Join([]string{"/dev/disk/by-path/ip", tp, "iscsi", b.Iqn, "lun", b.Lun}, "-")
 		} else {
-			devicePath = strings.Join([]string{"/dev/disk/by-path/pci", "*", "ip", tp, "iscsi", b.Iqn, "lun", b.lun}, "-")
+			devicePath = strings.Join([]string{"/dev/disk/by-path/pci", "*", "ip", tp, "iscsi", b.Iqn, "lun", b.Lun}, "-")
 		}
 
 		if exist := waitForPathToExist(&devicePath, 1, iscsiTransport); exist {
@@ -279,6 +294,12 @@ func (util *ISCSIUtil) AttachDisk(b iscsiDiskMounter) (string, error) {
 			lastErr = fmt.Errorf("iscsi: failed to attach disk: Error: %s (%v)", string(out), err)
 			continue
 		}
+		// in case of node failure/restart, explicitly set to manual login so it doesn't hang on boot
+		out, err = b.exec.Run("iscsiadm", "-m", "node", "-p", tp, "-T", b.Iqn, "-o", "update", "node.startup", "-v", "manual")
+		if err != nil {
+			// don't fail if we can't set startup mode, but log warning so there is a clue
+			glog.Warningf("Warning: Failed to set iSCSI login mode to manual. Error: %v", err)
+		}
 		if exist := waitForPathToExist(&devicePath, 10, iscsiTransport); !exist {
 			glog.Errorf("Could not attach disk: Timeout after 10s")
 			// update last error
@@ -301,26 +322,6 @@ func (util *ISCSIUtil) AttachDisk(b iscsiDiskMounter) (string, error) {
 
 	//Make sure we use a valid devicepath to find mpio device.
 	devicePath = devicePaths[0]
-
-	// mount it
-	globalPDPath := b.manager.MakeGlobalPDName(*b.iscsiDisk)
-	notMnt, err := b.mounter.IsLikelyNotMountPoint(globalPDPath)
-	if err != nil && !os.IsNotExist(err) {
-		return "", fmt.Errorf("Heuristic determination of mount point failed:%v", err)
-	}
-	if !notMnt {
-		glog.Infof("iscsi: %s already mounted", globalPDPath)
-		return "", nil
-	}
-
-	if err := os.MkdirAll(globalPDPath, 0750); err != nil {
-		glog.Errorf("iscsi: failed to mkdir %s, error", globalPDPath)
-		return "", err
-	}
-
-	// Persist iscsi disk config to json file for DetachDisk path
-	util.persistISCSI(*(b.iscsiDisk), globalPDPath)
-
 	for _, path := range devicePaths {
 		// There shouldnt be any empty device paths. However adding this check
 		// for safer side to avoid the possibility of an empty entry.
@@ -333,14 +334,67 @@ func (util *ISCSIUtil) AttachDisk(b iscsiDiskMounter) (string, error) {
 			break
 		}
 	}
-	err = b.mounter.FormatAndMount(devicePath, globalPDPath, b.fsType, nil)
-	if err != nil {
-		glog.Errorf("iscsi: failed to mount iscsi volume %s [%s] to %s, error %v", devicePath, b.fsType, globalPDPath, err)
+	glog.V(5).Infof("iscsi: AttachDisk devicePath: %s", devicePath)
+	// run global mount path related operations based on volumeMode
+	return globalPDPathOperation(b)(b, devicePath, util)
+}
+
+// globalPDPathOperation returns global mount path related operations based on volumeMode.
+// If the volumeMode is 'Filesystem' or not defined, plugin needs to create a dir, persist
+// iscsi configurations, and then format/mount the volume.
+// If the volumeMode is 'Block', plugin creates a dir and persists iscsi configurations.
+// Since volume type is block, plugin doesn't need to format/mount the volume.
+func globalPDPathOperation(b iscsiDiskMounter) func(iscsiDiskMounter, string, *ISCSIUtil) (string, error) {
+	// TODO: remove feature gate check after no longer needed
+	if utilfeature.DefaultFeatureGate.Enabled(features.BlockVolume) {
+		glog.V(5).Infof("iscsi: AttachDisk volumeMode: %s", b.volumeMode)
+		if b.volumeMode == v1.PersistentVolumeBlock {
+			// If the volumeMode is 'Block', plugin don't need to format the volume.
+			return func(b iscsiDiskMounter, devicePath string, util *ISCSIUtil) (string, error) {
+				globalPDPath := b.manager.MakeGlobalVDPDName(*b.iscsiDisk)
+				// Create dir like /var/lib/kubelet/plugins/kubernetes.io/iscsi/volumeDevices/{ifaceName}/{portal-some_iqn-lun-lun_id}
+				if err := os.MkdirAll(globalPDPath, 0750); err != nil {
+					glog.Errorf("iscsi: failed to mkdir %s, error", globalPDPath)
+					return "", err
+				}
+				// Persist iscsi disk config to json file for DetachDisk path
+				util.persistISCSI(*(b.iscsiDisk), globalPDPath)
+
+				return devicePath, nil
+			}
+		}
 	}
+	// If the volumeMode is 'Filesystem', plugin needs to format the volume
+	// and mount it to globalPDPath.
+	return func(b iscsiDiskMounter, devicePath string, util *ISCSIUtil) (string, error) {
+		globalPDPath := b.manager.MakeGlobalPDName(*b.iscsiDisk)
+		notMnt, err := b.mounter.IsLikelyNotMountPoint(globalPDPath)
+		if err != nil && !os.IsNotExist(err) {
+			return "", fmt.Errorf("Heuristic determination of mount point failed:%v", err)
+		}
+		// Return confirmed devicePath to caller
+		if !notMnt {
+			glog.Infof("iscsi: %s already mounted", globalPDPath)
+			return devicePath, nil
+		}
+		// Create dir like /var/lib/kubelet/plugins/kubernetes.io/iscsi/{ifaceName}/{portal-some_iqn-lun-lun_id}
+		if err := os.MkdirAll(globalPDPath, 0750); err != nil {
+			glog.Errorf("iscsi: failed to mkdir %s, error", globalPDPath)
+			return "", err
+		}
+		// Persist iscsi disk config to json file for DetachDisk path
+		util.persistISCSI(*(b.iscsiDisk), globalPDPath)
 
-	return devicePath, err
+		err = b.mounter.FormatAndMount(devicePath, globalPDPath, b.fsType, nil)
+		if err != nil {
+			glog.Errorf("iscsi: failed to mount iscsi volume %s [%s] to %s, error %v", devicePath, b.fsType, globalPDPath, err)
+		}
+
+		return devicePath, nil
+	}
 }
 
+// DetachDisk unmounts and detaches a volume from node
 func (util *ISCSIUtil) DetachDisk(c iscsiDiskUnmounter, mntPath string) error {
 	_, cnt, err := mount.GetDeviceNameFromMount(c.mounter, mntPath)
 	if err != nil {
@@ -395,9 +449,100 @@ func (util *ISCSIUtil) DetachDisk(c iscsiDiskUnmounter, mntPath string) error {
 	}
 	portals := removeDuplicate(bkpPortal)
 	if len(portals) == 0 {
-		return fmt.Errorf("iscsi detach disk: failed to detach iscsi disk. Couldn't get connected portals from configurations.")
+		return fmt.Errorf("iscsi detach disk: failed to detach iscsi disk. Couldn't get connected portals from configurations")
+	}
+
+	err = util.detachISCSIDisk(c.exec, portals, iqn, iface, volName, initiatorName, found)
+	if err != nil {
+		return fmt.Errorf("failed to finish detachISCSIDisk, err: %v", err)
+	}
+	return nil
+}
+
+// DetachBlockISCSIDisk removes loopback device for a volume and detaches a volume from node
+func (util *ISCSIUtil) DetachBlockISCSIDisk(c iscsiDiskUnmapper, mapPath string) error {
+	if pathExists, pathErr := volumeutil.PathExists(mapPath); pathErr != nil {
+		return fmt.Errorf("Error checking if path exists: %v", pathErr)
+	} else if !pathExists {
+		glog.Warningf("Warning: Unmap skipped because path does not exist: %v", mapPath)
+		return nil
+	}
+	// If we arrive here, device is no longer used, see if need to logout the target
+	// device: 192.168.0.10:3260-iqn.2017-05.com.example:test-lun-0
+	device, _, err := extractDeviceAndPrefix(mapPath)
+	if err != nil {
+		return err
+	}
+	var bkpPortal []string
+	var volName, iqn, lun, iface, initiatorName string
+	found := true
+	// load iscsi disk config from json file
+	if err := util.loadISCSI(c.iscsiDisk, mapPath); err == nil {
+		bkpPortal, iqn, lun, iface, volName = c.iscsiDisk.Portals, c.iscsiDisk.Iqn, c.iscsiDisk.Lun, c.iscsiDisk.Iface, c.iscsiDisk.VolName
+		initiatorName = c.iscsiDisk.InitiatorName
+	} else {
+		// If the iscsi disk config is not found, fall back to the original behavior.
+		// This portal/iqn/iface is no longer referenced, log out.
+		// Extract the portal and iqn from device path.
+		bkpPortal = make([]string, 1)
+		bkpPortal[0], iqn, err = extractPortalAndIqn(device)
+		if err != nil {
+			return err
+		}
+		arr := strings.Split(device, "-lun-")
+		if len(arr) < 2 {
+			return fmt.Errorf("failed to retrieve lun from mapPath: %v", mapPath)
+		}
+		lun = arr[1]
+		// Extract the iface from the mountPath and use it to log out. If the iface
+		// is not found, maintain the previous behavior to facilitate kubelet upgrade.
+		// Logout may fail as no session may exist for the portal/IQN on the specified interface.
+		iface, found = extractIface(mapPath)
+	}
+	portals := removeDuplicate(bkpPortal)
+	if len(portals) == 0 {
+		return fmt.Errorf("iscsi detach disk: failed to detach iscsi disk. Couldn't get connected portals from configurations")
+	}
+
+	devicePath := getDevByPath(portals[0], iqn, lun)
+	glog.V(5).Infof("iscsi: devicePath: %s", devicePath)
+	if _, err = os.Stat(devicePath); err != nil {
+		return fmt.Errorf("failed to validate devicePath: %s", devicePath)
+	}
+	// check if the dev is using mpio and if so mount it via the dm-XX device
+	if mappedDevicePath := c.deviceUtil.FindMultipathDeviceForDevice(devicePath); mappedDevicePath != "" {
+		devicePath = mappedDevicePath
+	}
+	// Get loopback device which takes fd lock for devicePath before detaching a volume from node.
+	// TODO: This is a workaround for issue #54108
+	// Currently local attach plugins such as FC, iSCSI, RBD can't obtain devicePath during
+	// GenerateUnmapDeviceFunc() in operation_generator. As a result, these plugins fail to get
+	// and remove loopback device then it will be remained on kubelet node. To avoid the problem,
+	// local attach plugins needs to remove loopback device during TearDownDevice().
+	blkUtil := volumepathhandler.NewBlockVolumePathHandler()
+	loop, err := volumepathhandler.BlockVolumePathHandler.GetLoopDevice(blkUtil, devicePath)
+	if err != nil {
+		if err.Error() != volumepathhandler.ErrDeviceNotFound {
+			return fmt.Errorf("failed to get loopback for device: %v, err: %v", devicePath, err)
+		}
+		glog.Warning("iscsi: loopback for device: %s not found", device)
 	}
+	// Detach a volume from kubelet node
+	err = util.detachISCSIDisk(c.exec, portals, iqn, iface, volName, initiatorName, found)
+	if err != nil {
+		return fmt.Errorf("failed to finish detachISCSIDisk, err: %v", err)
+	}
+	if len(loop) != 0 {
+		// The volume was successfully detached from node. We can safely remove the loopback.
+		err = volumepathhandler.BlockVolumePathHandler.RemoveLoopDevice(blkUtil, loop)
+		if err != nil {
+			return fmt.Errorf("failed to remove loopback :%v, err: %v", loop, err)
+		}
+	}
+	return nil
+}
 
+func (util *ISCSIUtil) detachISCSIDisk(exec mount.Exec, portals []string, iqn, iface, volName, initiatorName string, found bool) error {
 	for _, portal := range portals {
 		logoutArgs := []string{"-m", "node", "-p", portal, "-T", iqn, "--logout"}
 		deleteArgs := []string{"-m", "node", "-p", portal, "-T", iqn, "-o", "delete"}
@@ -406,13 +551,13 @@ func (util *ISCSIUtil) DetachDisk(c iscsiDiskUnmounter, mntPath string) error {
 			deleteArgs = append(deleteArgs, []string{"-I", iface}...)
 		}
 		glog.Infof("iscsi: log out target %s iqn %s iface %s", portal, iqn, iface)
-		out, err := c.exec.Run("iscsiadm", logoutArgs...)
+		out, err := exec.Run("iscsiadm", logoutArgs...)
 		if err != nil {
 			glog.Errorf("iscsi: failed to detach disk Error: %s", string(out))
 		}
 		// Delete the node record
 		glog.Infof("iscsi: delete node record target %s iqn %s", portal, iqn)
-		out, err = c.exec.Run("iscsiadm", deleteArgs...)
+		out, err = exec.Run("iscsiadm", deleteArgs...)
 		if err != nil {
 			glog.Errorf("iscsi: failed to delete node record Error: %s", string(out))
 		}
@@ -421,7 +566,7 @@ func (util *ISCSIUtil) DetachDisk(c iscsiDiskUnmounter, mntPath string) error {
 	// If the iface is not created via iscsi plugin, skip to delete
 	if initiatorName != "" && found && iface == (portals[0]+":"+volName) {
 		deleteArgs := []string{"-m", "iface", "-I", iface, "-o", "delete"}
-		out, err := c.exec.Run("iscsiadm", deleteArgs...)
+		out, err := exec.Run("iscsiadm", deleteArgs...)
 		if err != nil {
 			glog.Errorf("iscsi: failed to delete iface Error: %s", string(out))
 		}
@@ -430,6 +575,10 @@ func (util *ISCSIUtil) DetachDisk(c iscsiDiskUnmounter, mntPath string) error {
 	return nil
 }
 
+func getDevByPath(portal, iqn, lun string) string {
+	return "/dev/disk/by-path/ip-" + portal + "-iscsi-" + iqn + "-lun-" + lun
+}
+
 func extractTransportname(ifaceOutput string) (iscsiTransport string) {
 	rexOutput := ifaceTransportNameRe.FindStringSubmatch(ifaceOutput)
 	if rexOutput == nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/local/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/local/BUILD
index 8c8d3b1d8a70..8710d93a670e 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/local/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/local/BUILD
@@ -1,10 +1,4 @@
-package(default_visibility = ["//visibility:public"])
-
-load(
-    "@io_bazel_rules_go//go:def.bzl",
-    "go_library",
-    "go_test",
-)
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 
 go_library(
     name = "go_default_library",
@@ -13,6 +7,7 @@ go_library(
         "local.go",
     ],
     importpath = "k8s.io/kubernetes/pkg/volume/local",
+    visibility = ["//visibility:public"],
     deps = [
         "//pkg/kubelet/events:go_default_library",
         "//pkg/util/keymutex:go_default_library",
@@ -32,17 +27,35 @@ go_library(
 
 go_test(
     name = "go_default_test",
-    srcs = ["local_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/volume/local",
-    library = ":go_default_library",
-    deps = [
-        "//pkg/volume:go_default_library",
-        "//pkg/volume/testing:go_default_library",
-        "//vendor/k8s.io/api/core/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
-        "//vendor/k8s.io/client-go/util/testing:go_default_library",
-    ],
+    srcs = select({
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "local_test.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "local_test.go",
+        ],
+        "//conditions:default": [],
+    }),
+    embed = [":go_default_library"],
+    deps = select({
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "//pkg/volume:go_default_library",
+            "//pkg/volume/testing:go_default_library",
+            "//vendor/k8s.io/api/core/v1:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+            "//vendor/k8s.io/client-go/util/testing:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "//pkg/volume:go_default_library",
+            "//pkg/volume/testing:go_default_library",
+            "//vendor/k8s.io/api/core/v1:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+            "//vendor/k8s.io/client-go/util/testing:go_default_library",
+        ],
+        "//conditions:default": [],
+    }),
 )
 
 filegroup(
@@ -56,4 +69,5 @@ filegroup(
     name = "all-srcs",
     srcs = [":package-srcs"],
     tags = ["automanaged"],
+    visibility = ["//visibility:public"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/local/local.go b/vendor/k8s.io/kubernetes/pkg/volume/local/local.go
index 851570ec1cf7..88fd34c7a14c 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/local/local.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/local/local.go
@@ -19,6 +19,7 @@ package local
 import (
 	"fmt"
 	"os"
+	"path"
 
 	"github.com/golang/glog"
 
@@ -49,6 +50,7 @@ type localVolumePlugin struct {
 
 var _ volume.VolumePlugin = &localVolumePlugin{}
 var _ volume.PersistentVolumePlugin = &localVolumePlugin{}
+var _ volume.BlockVolumePlugin = &localVolumePlugin{}
 
 const (
 	localVolumePluginName = "kubernetes.io/local-volume"
@@ -137,6 +139,36 @@ func (plugin *localVolumePlugin) NewUnmounter(volName string, podUID types.UID)
 	}, nil
 }
 
+func (plugin *localVolumePlugin) NewBlockVolumeMapper(spec *volume.Spec, pod *v1.Pod,
+	_ volume.VolumeOptions) (volume.BlockVolumeMapper, error) {
+	volumeSource, readOnly, err := getVolumeSource(spec)
+	if err != nil {
+		return nil, err
+	}
+
+	return &localVolumeMapper{
+		localVolume: &localVolume{
+			podUID:     pod.UID,
+			volName:    spec.Name(),
+			globalPath: volumeSource.Path,
+			plugin:     plugin,
+		},
+		readOnly: readOnly,
+	}, nil
+
+}
+
+func (plugin *localVolumePlugin) NewBlockVolumeUnmapper(volName string,
+	podUID types.UID) (volume.BlockVolumeUnmapper, error) {
+	return &localVolumeUnmapper{
+		localVolume: &localVolume{
+			podUID:  podUID,
+			volName: volName,
+			plugin:  plugin,
+		},
+	}, nil
+}
+
 // TODO: check if no path and no topology constraints are ok
 func (plugin *localVolumePlugin) ConstructVolumeSpec(volumeName, mountPath string) (*volume.Spec, error) {
 	localVolume := &v1.PersistentVolume{
@@ -154,6 +186,27 @@ func (plugin *localVolumePlugin) ConstructVolumeSpec(volumeName, mountPath strin
 	return volume.NewSpecFromPersistentVolume(localVolume, false), nil
 }
 
+func (plugin *localVolumePlugin) ConstructBlockVolumeSpec(podUID types.UID, volumeName,
+	mapPath string) (*volume.Spec, error) {
+	block := v1.PersistentVolumeBlock
+
+	localVolume := &v1.PersistentVolume{
+		ObjectMeta: metav1.ObjectMeta{
+			Name: volumeName,
+		},
+		Spec: v1.PersistentVolumeSpec{
+			PersistentVolumeSource: v1.PersistentVolumeSource{
+				Local: &v1.LocalVolumeSource{
+					Path: "",
+				},
+			},
+			VolumeMode: &block,
+		},
+	}
+
+	return volume.NewSpecFromPersistentVolume(localVolume, false), nil
+}
+
 // Local volumes represent a local directory on a node.
 // The directory at the globalPath will be bind-mounted to the pod's directory
 type localVolume struct {
@@ -307,3 +360,45 @@ func (u *localVolumeUnmounter) TearDownAt(dir string) error {
 	glog.V(4).Infof("Unmounting volume %q at path %q\n", u.volName, dir)
 	return util.UnmountMountPoint(dir, u.mounter, true) /* extensiveMountPointCheck = true */
 }
+
+// localVolumeMapper implements the BlockVolumeMapper interface for local volumes.
+type localVolumeMapper struct {
+	*localVolume
+	readOnly bool
+}
+
+var _ volume.BlockVolumeMapper = &localVolumeMapper{}
+
+// SetUpDevice provides physical device path for the local PV.
+func (m *localVolumeMapper) SetUpDevice() (string, error) {
+	glog.V(4).Infof("SetupDevice returning path %s", m.globalPath)
+	return m.globalPath, nil
+}
+
+// localVolumeUnmapper implements the BlockVolumeUnmapper interface for local volumes.
+type localVolumeUnmapper struct {
+	*localVolume
+}
+
+var _ volume.BlockVolumeUnmapper = &localVolumeUnmapper{}
+
+// TearDownDevice will undo SetUpDevice procedure. In local PV, all of this already handled by operation_generator.
+func (u *localVolumeUnmapper) TearDownDevice(mapPath, devicePath string) error {
+	glog.V(4).Infof("local: TearDownDevice completed for: %s", mapPath)
+	return nil
+}
+
+// GetGlobalMapPath returns global map path and error.
+// path: plugins/kubernetes.io/kubernetes.io/local-volume/volumeDevices/{volumeName}
+func (lv *localVolume) GetGlobalMapPath(spec *volume.Spec) (string, error) {
+	return path.Join(lv.plugin.host.GetVolumeDevicePluginDir(strings.EscapeQualifiedNameForDisk(localVolumePluginName)),
+		lv.volName), nil
+}
+
+// GetPodDeviceMapPath returns pod device map path and volume name.
+// path: pods/{podUid}/volumeDevices/kubernetes.io~local-volume
+// volName: local-pv-ff0d6d4
+func (lv *localVolume) GetPodDeviceMapPath() (string, string) {
+	return lv.plugin.host.GetPodVolumeDeviceDir(lv.podUID,
+		strings.EscapeQualifiedNameForDisk(localVolumePluginName)), lv.volName
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/metrics_du.go b/vendor/k8s.io/kubernetes/pkg/volume/metrics_du.go
index 19a29cbbc848..88a985d5ac29 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/metrics_du.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/metrics_du.go
@@ -19,7 +19,7 @@ package volume
 import (
 	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/kubernetes/pkg/volume/util"
+	"k8s.io/kubernetes/pkg/volume/util/fs"
 )
 
 var _ MetricsProvider = &metricsDu{}
@@ -66,7 +66,7 @@ func (md *metricsDu) GetMetrics() (*Metrics, error) {
 
 // runDu executes the "du" command and writes the results to metrics.Used
 func (md *metricsDu) runDu(metrics *Metrics) error {
-	used, err := util.Du(md.path)
+	used, err := fs.Du(md.path)
 	if err != nil {
 		return err
 	}
@@ -76,7 +76,7 @@ func (md *metricsDu) runDu(metrics *Metrics) error {
 
 // runFind executes the "find" command and writes the results to metrics.InodesUsed
 func (md *metricsDu) runFind(metrics *Metrics) error {
-	inodesUsed, err := util.Find(md.path)
+	inodesUsed, err := fs.Find(md.path)
 	if err != nil {
 		return err
 	}
@@ -87,7 +87,7 @@ func (md *metricsDu) runFind(metrics *Metrics) error {
 // getFsInfo writes metrics.Capacity and metrics.Available from the filesystem
 // info
 func (md *metricsDu) getFsInfo(metrics *Metrics) error {
-	available, capacity, _, inodes, inodesFree, _, err := util.FsInfo(md.path)
+	available, capacity, _, inodes, inodesFree, _, err := fs.FsInfo(md.path)
 	if err != nil {
 		return NewFsInfoFailedError(err)
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/metrics_statfs.go b/vendor/k8s.io/kubernetes/pkg/volume/metrics_statfs.go
index ede4f6ef8f70..66f99e30a7a8 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/metrics_statfs.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/metrics_statfs.go
@@ -19,7 +19,7 @@ package volume
 import (
 	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/kubernetes/pkg/volume/util"
+	"k8s.io/kubernetes/pkg/volume/util/fs"
 )
 
 var _ MetricsProvider = &metricsStatFS{}
@@ -55,7 +55,7 @@ func (md *metricsStatFS) GetMetrics() (*Metrics, error) {
 
 // getFsInfo writes metrics.Capacity, metrics.Used and metrics.Available from the filesystem info
 func (md *metricsStatFS) getFsInfo(metrics *Metrics) error {
-	available, capacity, usage, inodes, inodesFree, inodesUsed, err := util.FsInfo(md.path)
+	available, capacity, usage, inodes, inodesFree, inodesUsed, err := fs.FsInfo(md.path)
 	if err != nil {
 		return NewFsInfoFailedError(err)
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/nfs/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/nfs/BUILD
index ad091ffb4d7e..48ffc558bb9b 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/nfs/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/nfs/BUILD
@@ -18,6 +18,7 @@ go_library(
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
+        "//pkg/volume/util/recyclerclient:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
@@ -28,8 +29,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["nfs_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/volume/nfs",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/nfs/nfs.go b/vendor/k8s.io/kubernetes/pkg/volume/nfs/nfs.go
index 1435db92815c..708ff7babd4a 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/nfs/nfs.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/nfs/nfs.go
@@ -29,6 +29,7 @@ import (
 	"k8s.io/kubernetes/pkg/util/strings"
 	"k8s.io/kubernetes/pkg/volume"
 	"k8s.io/kubernetes/pkg/volume/util"
+	"k8s.io/kubernetes/pkg/volume/util/recyclerclient"
 )
 
 // This is the primary entrypoint for volume plugins.
@@ -123,7 +124,7 @@ func (plugin *nfsPlugin) newMounterInternal(spec *volume.Spec, pod *v1.Pod, moun
 		server:       source.Server,
 		exportPath:   source.Path,
 		readOnly:     readOnly,
-		mountOptions: volume.MountOptionFromSpec(spec),
+		mountOptions: util.MountOptionFromSpec(spec),
 	}, nil
 }
 
@@ -142,13 +143,13 @@ func (plugin *nfsPlugin) newUnmounterInternal(volName string, podUID types.UID,
 
 // Recycle recycles/scrubs clean an NFS volume.
 // Recycle blocks until the pod has completed or any error occurs.
-func (plugin *nfsPlugin) Recycle(pvName string, spec *volume.Spec, eventRecorder volume.RecycleEventRecorder) error {
+func (plugin *nfsPlugin) Recycle(pvName string, spec *volume.Spec, eventRecorder recyclerclient.RecycleEventRecorder) error {
 	if spec.PersistentVolume == nil || spec.PersistentVolume.Spec.NFS == nil {
 		return fmt.Errorf("spec.PersistentVolumeSource.NFS is nil")
 	}
 
 	pod := plugin.config.RecyclerPodTemplate
-	timeout := volume.CalculateTimeoutForVolume(plugin.config.RecyclerMinimumTimeout, plugin.config.RecyclerTimeoutIncrement, spec.PersistentVolume)
+	timeout := util.CalculateTimeoutForVolume(plugin.config.RecyclerMinimumTimeout, plugin.config.RecyclerTimeoutIncrement, spec.PersistentVolume)
 	// overrides
 	pod.Spec.ActiveDeadlineSeconds = &timeout
 	pod.GenerateName = "pv-recycler-nfs-"
@@ -158,7 +159,7 @@ func (plugin *nfsPlugin) Recycle(pvName string, spec *volume.Spec, eventRecorder
 			Path:   spec.PersistentVolume.Spec.NFS.Path,
 		},
 	}
-	return volume.RecycleVolumeByWatchingPodUntilCompletion(pvName, pod, plugin.host.GetKubeClient(), eventRecorder)
+	return recyclerclient.RecycleVolumeByWatchingPodUntilCompletion(pvName, pod, plugin.host.GetKubeClient(), eventRecorder)
 }
 
 func (plugin *nfsPlugin) ConstructVolumeSpec(volumeName, mountPath string) (*volume.Spec, error) {
@@ -194,15 +195,15 @@ func (nfsMounter *nfsMounter) CanMount() error {
 	exec := nfsMounter.plugin.host.GetExec(nfsMounter.plugin.GetPluginName())
 	switch runtime.GOOS {
 	case "linux":
-		if _, err := exec.Run("/bin/ls", "/sbin/mount.nfs"); err != nil {
+		if _, err := exec.Run("test", "-x", "/sbin/mount.nfs"); err != nil {
 			return fmt.Errorf("Required binary /sbin/mount.nfs is missing")
 		}
-		if _, err := exec.Run("/bin/ls", "/sbin/mount.nfs4"); err != nil {
+		if _, err := exec.Run("test", "-x", "/sbin/mount.nfs4"); err != nil {
 			return fmt.Errorf("Required binary /sbin/mount.nfs4 is missing")
 		}
 		return nil
 	case "darwin":
-		if _, err := exec.Run("/bin/ls", "/sbin/mount_nfs"); err != nil {
+		if _, err := exec.Run("test", "-x", "/sbin/mount_nfs"); err != nil {
 			return fmt.Errorf("Required binary /sbin/mount_nfs is missing")
 		}
 	}
@@ -233,7 +234,7 @@ func (b *nfsMounter) SetUp(fsGroup *int64) error {
 }
 
 func (b *nfsMounter) SetUpAt(dir string, fsGroup *int64) error {
-	notMnt, err := b.mounter.IsLikelyNotMountPoint(dir)
+	notMnt, err := b.mounter.IsNotMountPoint(dir)
 	glog.V(4).Infof("NFS mount set up: %s %v %v", dir, !notMnt, err)
 	if err != nil && !os.IsNotExist(err) {
 		return err
@@ -249,10 +250,10 @@ func (b *nfsMounter) SetUpAt(dir string, fsGroup *int64) error {
 	if b.readOnly {
 		options = append(options, "ro")
 	}
-	mountOptions := volume.JoinMountOptions(b.mountOptions, options)
+	mountOptions := util.JoinMountOptions(b.mountOptions, options)
 	err = b.mounter.Mount(source, dir, "nfs", mountOptions)
 	if err != nil {
-		notMnt, mntErr := b.mounter.IsLikelyNotMountPoint(dir)
+		notMnt, mntErr := b.mounter.IsNotMountPoint(dir)
 		if mntErr != nil {
 			glog.Errorf("IsLikelyNotMountPoint check failed: %v", mntErr)
 			return err
@@ -262,7 +263,7 @@ func (b *nfsMounter) SetUpAt(dir string, fsGroup *int64) error {
 				glog.Errorf("Failed to unmount: %v", mntErr)
 				return err
 			}
-			notMnt, mntErr := b.mounter.IsLikelyNotMountPoint(dir)
+			notMnt, mntErr := b.mounter.IsNotMountPoint(dir)
 			if mntErr != nil {
 				glog.Errorf("IsLikelyNotMountPoint check failed: %v", mntErr)
 				return err
@@ -290,7 +291,10 @@ func (c *nfsUnmounter) TearDown() error {
 }
 
 func (c *nfsUnmounter) TearDownAt(dir string) error {
-	return util.UnmountPath(dir, c.mounter)
+	// Use extensiveMountPointCheck to consult /proc/mounts. We can't use faster
+	// IsLikelyNotMountPoint (lstat()), since there may be root_squash on the
+	// NFS server and kubelet may not be able to do lstat/stat() there.
+	return util.UnmountMountPoint(dir, c.mounter, true /* extensiveMountPointCheck */)
 }
 
 func getVolumeSource(spec *volume.Spec) (*v1.NFSVolumeSource, bool, error) {
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/photon_pd/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/photon_pd/BUILD
index bc72ab05def5..17314ec1a0fc 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/photon_pd/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/photon_pd/BUILD
@@ -21,7 +21,6 @@ go_library(
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
@@ -36,8 +35,7 @@ go_test(
         "attacher_test.go",
         "photon_pd_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/volume/photon_pd",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/cloudprovider/providers/photon:go_default_library",
         "//pkg/util/mount:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/photon_pd/attacher.go b/vendor/k8s.io/kubernetes/pkg/volume/photon_pd/attacher.go
index c3938269caa3..54370d60491b 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/photon_pd/attacher.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/photon_pd/attacher.go
@@ -17,6 +17,7 @@ limitations under the License.
 package photon_pd
 
 import (
+	"context"
 	"fmt"
 	"os"
 	"path"
@@ -31,7 +32,6 @@ import (
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
 	volumeutil "k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 type photonPersistentDiskAttacher struct {
@@ -68,7 +68,7 @@ func (attacher *photonPersistentDiskAttacher) Attach(spec *volume.Spec, nodeName
 		glog.Errorf("Photon Controller attacher: Attach failed to get volume source")
 		return "", err
 	}
-	attached, err := attacher.photonDisks.DiskIsAttached(volumeSource.PdID, nodeName)
+	attached, err := attacher.photonDisks.DiskIsAttached(context.TODO(), volumeSource.PdID, nodeName)
 
 	if err != nil {
 		glog.Warningf("Photon Controller: couldn't check if disk is Attached for host %s, will try attach disk: %+v", hostName, err)
@@ -78,7 +78,7 @@ func (attacher *photonPersistentDiskAttacher) Attach(spec *volume.Spec, nodeName
 	if !attached {
 		glog.V(4).Infof("Photon Controller: Attach disk called for host %s", hostName)
 
-		err = attacher.photonDisks.AttachDisk(volumeSource.PdID, nodeName)
+		err = attacher.photonDisks.AttachDisk(context.TODO(), volumeSource.PdID, nodeName)
 		if err != nil {
 			glog.Errorf("Error attaching volume %q to node %q: %+v", volumeSource.PdID, nodeName, err)
 			return "", err
@@ -104,7 +104,7 @@ func (attacher *photonPersistentDiskAttacher) VolumesAreAttached(specs []*volume
 		volumesAttachedCheck[spec] = true
 		volumeSpecMap[volumeSource.PdID] = spec
 	}
-	attachedResult, err := attacher.photonDisks.DisksAreAttached(pdIDList, nodeName)
+	attachedResult, err := attacher.photonDisks.DisksAreAttached(context.TODO(), pdIDList, nodeName)
 	if err != nil {
 		glog.Errorf(
 			"Error checking if volumes (%v) are attached to current node (%q). err=%v",
@@ -210,8 +210,8 @@ func (attacher *photonPersistentDiskAttacher) MountDevice(spec *volume.Spec, dev
 	options := []string{}
 
 	if notMnt {
-		diskMounter := volumehelper.NewSafeFormatAndMountFromHost(photonPersistentDiskPluginName, attacher.host)
-		mountOptions := volume.MountOptionFromSpec(spec)
+		diskMounter := volumeutil.NewSafeFormatAndMountFromHost(photonPersistentDiskPluginName, attacher.host)
+		mountOptions := volumeutil.MountOptionFromSpec(spec)
 		err = diskMounter.FormatAndMount(devicePath, deviceMountPath, volumeSource.FSType, mountOptions)
 		if err != nil {
 			os.Remove(deviceMountPath)
@@ -247,7 +247,7 @@ func (detacher *photonPersistentDiskDetacher) Detach(volumeName string, nodeName
 
 	hostName := string(nodeName)
 	pdID := volumeName
-	attached, err := detacher.photonDisks.DiskIsAttached(pdID, nodeName)
+	attached, err := detacher.photonDisks.DiskIsAttached(context.TODO(), pdID, nodeName)
 	if err != nil {
 		// Log error and continue with detach
 		glog.Errorf(
@@ -261,7 +261,7 @@ func (detacher *photonPersistentDiskDetacher) Detach(volumeName string, nodeName
 		return nil
 	}
 
-	if err := detacher.photonDisks.DetachDisk(pdID, nodeName); err != nil {
+	if err := detacher.photonDisks.DetachDisk(context.TODO(), pdID, nodeName); err != nil {
 		glog.Errorf("Error detaching volume %q: %v", pdID, err)
 		return err
 	}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/photon_pd/photon_pd.go b/vendor/k8s.io/kubernetes/pkg/volume/photon_pd/photon_pd.go
index 99965a775b1b..25ca23928d09 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/photon_pd/photon_pd.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/photon_pd/photon_pd.go
@@ -30,7 +30,6 @@ import (
 	utilstrings "k8s.io/kubernetes/pkg/util/strings"
 	"k8s.io/kubernetes/pkg/volume"
 	"k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 // This is the primary entrypoint for volume plugins.
@@ -115,7 +114,7 @@ func (plugin *photonPersistentDiskPlugin) newMounterInternal(spec *volume.Spec,
 			plugin:  plugin,
 		},
 		fsType:      fsType,
-		diskMounter: volumehelper.NewSafeFormatAndMountFromHost(plugin.GetPluginName(), plugin.host)}, nil
+		diskMounter: util.NewSafeFormatAndMountFromHost(plugin.GetPluginName(), plugin.host)}, nil
 }
 
 func (plugin *photonPersistentDiskPlugin) newUnmounterInternal(volName string, podUID types.UID, manager pdManager, mounter mount.Interface) (volume.Unmounter, error) {
@@ -342,7 +341,7 @@ func (plugin *photonPersistentDiskPlugin) newProvisionerInternal(options volume.
 }
 
 func (p *photonPersistentDiskProvisioner) Provision() (*v1.PersistentVolume, error) {
-	if !volume.AccessModesContainedInAll(p.plugin.GetAccessModes(), p.options.PVC.Spec.AccessModes) {
+	if !util.AccessModesContainedInAll(p.plugin.GetAccessModes(), p.options.PVC.Spec.AccessModes) {
 		return nil, fmt.Errorf("invalid AccessModes %v: only AccessModes %v are supported", p.options.PVC.Spec.AccessModes, p.plugin.GetAccessModes())
 	}
 
@@ -360,7 +359,7 @@ func (p *photonPersistentDiskProvisioner) Provision() (*v1.PersistentVolume, err
 			Name:   p.options.PVName,
 			Labels: map[string]string{},
 			Annotations: map[string]string{
-				volumehelper.VolumeDynamicallyCreatedByKey: "photon-volume-dynamic-provisioner",
+				util.VolumeDynamicallyCreatedByKey: "photon-volume-dynamic-provisioner",
 			},
 		},
 		Spec: v1.PersistentVolumeSpec{
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/photon_pd/photon_util.go b/vendor/k8s.io/kubernetes/pkg/volume/photon_pd/photon_util.go
index 7449abfe9d2f..d4eb69a2fbd5 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/photon_pd/photon_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/photon_pd/photon_util.go
@@ -90,8 +90,8 @@ func (util *PhotonDiskUtil) CreateVolume(p *photonPersistentDiskProvisioner) (pd
 	capacity := p.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)]
 	volSizeBytes := capacity.Value()
 	// PhotonController works with GB, convert to GB with rounding up
-	volSizeGB := int(volume.RoundUpSize(volSizeBytes, 1024*1024*1024))
-	name := volume.GenerateVolumeName(p.options.ClusterName, p.options.PVName, 255)
+	volSizeGB := int(volumeutil.RoundUpSize(volSizeBytes, 1024*1024*1024))
+	name := volumeutil.GenerateVolumeName(p.options.ClusterName, p.options.PVName, 255)
 	volumeOptions := &photon.VolumeOptions{
 		CapacityGB: volSizeGB,
 		Tags:       *p.options.CloudTags,
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/plugins.go b/vendor/k8s.io/kubernetes/pkg/volume/plugins.go
index 42ceaa40d2f9..ec4ec57914c9 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/plugins.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/plugins.go
@@ -33,6 +33,7 @@ import (
 	"k8s.io/kubernetes/pkg/cloudprovider"
 	"k8s.io/kubernetes/pkg/util/io"
 	"k8s.io/kubernetes/pkg/util/mount"
+	"k8s.io/kubernetes/pkg/volume/util/recyclerclient"
 )
 
 const (
@@ -161,7 +162,7 @@ type RecyclableVolumePlugin interface {
 	// Recycle will use the provided recorder to write any events that might be
 	// interesting to user. It's expected that caller will pass these events to
 	// the PV being recycled.
-	Recycle(pvName string, spec *Spec, eventRecorder RecycleEventRecorder) error
+	Recycle(pvName string, spec *Spec, eventRecorder recyclerclient.RecycleEventRecorder) error
 }
 
 // DeletableVolumePlugin is an extended interface of VolumePlugin and is used
@@ -654,7 +655,7 @@ func (pm *VolumePluginMgr) FindCreatablePluginBySpec(spec *Spec) (ProvisionableV
 	return nil, fmt.Errorf("no creatable volume plugin matched")
 }
 
-// FindAttachablePluginBySpec fetches a persistent volume plugin by name.
+// FindAttachablePluginBySpec fetches a persistent volume plugin by spec.
 // Unlike the other "FindPlugin" methods, this does not return error if no
 // plugin is found.  All volumes require a mounter and unmounter, but not
 // every volume will have an attacher/detacher.
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/portworx/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/portworx/BUILD
index 36714e9635f9..321306515b26 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/portworx/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/portworx/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["portworx_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/volume/portworx",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
@@ -34,7 +33,7 @@ go_library(
         "//pkg/util/mount:go_default_library",
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
+        "//pkg/volume/util:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/libopenstorage/openstorage/api:go_default_library",
         "//vendor/github.com/libopenstorage/openstorage/api/client:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/portworx/portworx.go b/vendor/k8s.io/kubernetes/pkg/volume/portworx/portworx.go
index 8c1738bbaa4b..70b6ece93666 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/portworx/portworx.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/portworx/portworx.go
@@ -28,7 +28,7 @@ import (
 	"k8s.io/kubernetes/pkg/util/mount"
 	kstrings "k8s.io/kubernetes/pkg/util/strings"
 	"k8s.io/kubernetes/pkg/volume"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
+	"k8s.io/kubernetes/pkg/volume/util"
 )
 
 const (
@@ -119,7 +119,7 @@ func (plugin *portworxVolumePlugin) newMounterInternal(spec *volume.Spec, podUID
 		},
 		fsType:      fsType,
 		readOnly:    readOnly,
-		diskMounter: volumehelper.NewSafeFormatAndMountFromHost(plugin.GetPluginName(), plugin.host)}, nil
+		diskMounter: util.NewSafeFormatAndMountFromHost(plugin.GetPluginName(), plugin.host)}, nil
 }
 
 func (plugin *portworxVolumePlugin) NewUnmounter(volName string, podUID types.UID) (volume.Unmounter, error) {
@@ -358,7 +358,7 @@ type portworxVolumeProvisioner struct {
 var _ volume.Provisioner = &portworxVolumeProvisioner{}
 
 func (c *portworxVolumeProvisioner) Provision() (*v1.PersistentVolume, error) {
-	if !volume.AccessModesContainedInAll(c.plugin.GetAccessModes(), c.options.PVC.Spec.AccessModes) {
+	if !util.AccessModesContainedInAll(c.plugin.GetAccessModes(), c.options.PVC.Spec.AccessModes) {
 		return nil, fmt.Errorf("invalid AccessModes %v: only AccessModes %v are supported", c.options.PVC.Spec.AccessModes, c.plugin.GetAccessModes())
 	}
 
@@ -372,7 +372,7 @@ func (c *portworxVolumeProvisioner) Provision() (*v1.PersistentVolume, error) {
 			Name:   c.options.PVName,
 			Labels: map[string]string{},
 			Annotations: map[string]string{
-				volumehelper.VolumeDynamicallyCreatedByKey: "portworx-volume-dynamic-provisioner",
+				util.VolumeDynamicallyCreatedByKey: "portworx-volume-dynamic-provisioner",
 			},
 		},
 		Spec: v1.PersistentVolumeSpec{
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/portworx/portworx_util.go b/vendor/k8s.io/kubernetes/pkg/volume/portworx/portworx_util.go
index fbf4b8837842..5faed5f1fc33 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/portworx/portworx_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/portworx/portworx_util.go
@@ -27,6 +27,7 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	api "k8s.io/kubernetes/pkg/apis/core"
 	"k8s.io/kubernetes/pkg/volume"
+	volutil "k8s.io/kubernetes/pkg/volume/util"
 )
 
 const (
@@ -55,7 +56,7 @@ func (util *PortworxVolumeUtil) CreateVolume(p *portworxVolumeProvisioner) (stri
 
 	capacity := p.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)]
 	// Portworx Volumes are specified in GB
-	requestGB := int(volume.RoundUpSize(capacity.Value(), 1024*1024*1024))
+	requestGB := int(volutil.RoundUpSize(capacity.Value(), 1024*1024*1024))
 
 	// Perform a best-effort parsing of parameters. Portworx 1.2.9 and later parses volume parameters from
 	// spec.VolumeLabels. So even if below SpecFromOpts() fails to parse certain parameters or
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/projected/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/projected/BUILD
index 219b8aa59d4a..a8d0ce63461a 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/projected/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/projected/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["projected_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/volume/projected",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/volume:go_default_library",
         "//pkg/volume/empty_dir:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/quobyte/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/quobyte/BUILD
index 7adf8b7d7aa8..46343963715f 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/quobyte/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/quobyte/BUILD
@@ -19,7 +19,6 @@ go_library(
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/pborman/uuid:go_default_library",
         "//vendor/github.com/quobyte/api:go_default_library",
@@ -33,8 +32,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["quobyte_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/volume/quobyte",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/quobyte/quobyte.go b/vendor/k8s.io/kubernetes/pkg/volume/quobyte/quobyte.go
index 8e6ec1f7d12c..0a5990b2900b 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/quobyte/quobyte.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/quobyte/quobyte.go
@@ -32,7 +32,6 @@ import (
 	"k8s.io/kubernetes/pkg/util/strings"
 	"k8s.io/kubernetes/pkg/volume"
 	"k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 // ProbeVolumePlugins is the primary entrypoint for volume plugins.
@@ -176,7 +175,7 @@ func (plugin *quobytePlugin) newMounterInternal(spec *volume.Spec, pod *v1.Pod,
 		},
 		registry:     source.Registry,
 		readOnly:     readOnly,
-		mountOptions: volume.MountOptionFromSpec(spec),
+		mountOptions: util.MountOptionFromSpec(spec),
 	}, nil
 }
 
@@ -256,7 +255,7 @@ func (mounter *quobyteMounter) SetUpAt(dir string, fsGroup *int64) error {
 	}
 
 	//if a trailing slash is missing we add it here
-	mountOptions := volume.JoinMountOptions(mounter.mountOptions, options)
+	mountOptions := util.JoinMountOptions(mounter.mountOptions, options)
 	if err := mounter.mounter.Mount(mounter.correctTraillingSlash(mounter.registry), dir, "quobyte", mountOptions); err != nil {
 		return fmt.Errorf("quobyte: mount failed: %v", err)
 	}
@@ -356,7 +355,7 @@ type quobyteVolumeProvisioner struct {
 }
 
 func (provisioner *quobyteVolumeProvisioner) Provision() (*v1.PersistentVolume, error) {
-	if !volume.AccessModesContainedInAll(provisioner.plugin.GetAccessModes(), provisioner.options.PVC.Spec.AccessModes) {
+	if !util.AccessModesContainedInAll(provisioner.plugin.GetAccessModes(), provisioner.options.PVC.Spec.AccessModes) {
 		return nil, fmt.Errorf("invalid AccessModes %v: only AccessModes %v are supported", provisioner.options.PVC.Spec.AccessModes, provisioner.plugin.GetAccessModes())
 	}
 
@@ -410,7 +409,7 @@ func (provisioner *quobyteVolumeProvisioner) Provision() (*v1.PersistentVolume,
 		return nil, err
 	}
 	pv := new(v1.PersistentVolume)
-	metav1.SetMetaDataAnnotation(&pv.ObjectMeta, volumehelper.VolumeDynamicallyCreatedByKey, "quobyte-dynamic-provisioner")
+	metav1.SetMetaDataAnnotation(&pv.ObjectMeta, util.VolumeDynamicallyCreatedByKey, "quobyte-dynamic-provisioner")
 	pv.Spec.PersistentVolumeSource.Quobyte = vol
 	pv.Spec.PersistentVolumeReclaimPolicy = provisioner.options.PersistentVolumeReclaimPolicy
 	pv.Spec.AccessModes = provisioner.options.PVC.Spec.AccessModes
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/quobyte/quobyte_util.go b/vendor/k8s.io/kubernetes/pkg/volume/quobyte/quobyte_util.go
index 2b5db49fa235..c1deb552a3c9 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/quobyte/quobyte_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/quobyte/quobyte_util.go
@@ -22,7 +22,7 @@ import (
 	"strings"
 
 	"k8s.io/api/core/v1"
-	"k8s.io/kubernetes/pkg/volume"
+	"k8s.io/kubernetes/pkg/volume/util"
 
 	"github.com/golang/glog"
 	quobyteapi "github.com/quobyte/api"
@@ -34,7 +34,7 @@ type quobyteVolumeManager struct {
 
 func (manager *quobyteVolumeManager) createVolume(provisioner *quobyteVolumeProvisioner, createQuota bool) (quobyte *v1.QuobyteVolumeSource, size int, err error) {
 	capacity := provisioner.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)]
-	volumeSize := int(volume.RoundUpSize(capacity.Value(), 1024*1024*1024))
+	volumeSize := int(util.RoundUpSize(capacity.Value(), 1024*1024*1024))
 	// Quobyte has the concept of Volumes which doen't have a specific size (they can grow unlimited)
 	// to simulate a size constraint we set here a Quota for logical space
 	volumeRequest := &quobyteapi.CreateVolumeRequest{
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/rbd/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/rbd/BUILD
index e97b0fc7567c..65042418cd43 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/rbd/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/rbd/BUILD
@@ -23,14 +23,16 @@ go_library(
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
+        "//pkg/volume/util/volumepathhandler:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/uuid:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
     ],
 )
@@ -38,8 +40,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["rbd_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/volume/rbd",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/rbd/attacher.go b/vendor/k8s.io/kubernetes/pkg/volume/rbd/attacher.go
index 1454c231fb48..2e5960092e13 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/rbd/attacher.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/rbd/attacher.go
@@ -27,7 +27,6 @@ import (
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
 	volutil "k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 // NewAttacher implements AttachableVolumePlugin.NewAttacher.
@@ -39,7 +38,7 @@ func (plugin *rbdPlugin) newAttacherInternal(manager diskManager) (volume.Attach
 	return &rbdAttacher{
 		plugin:  plugin,
 		manager: manager,
-		mounter: volumehelper.NewSafeFormatAndMountFromHost(plugin.GetPluginName(), plugin.host),
+		mounter: volutil.NewSafeFormatAndMountFromHost(plugin.GetPluginName(), plugin.host),
 	}, nil
 }
 
@@ -52,7 +51,7 @@ func (plugin *rbdPlugin) newDetacherInternal(manager diskManager) (volume.Detach
 	return &rbdDetacher{
 		plugin:  plugin,
 		manager: manager,
-		mounter: volumehelper.NewSafeFormatAndMountFromHost(plugin.GetPluginName(), plugin.host),
+		mounter: volutil.NewSafeFormatAndMountFromHost(plugin.GetPluginName(), plugin.host),
 	}, nil
 }
 
@@ -154,7 +153,7 @@ func (attacher *rbdAttacher) MountDevice(spec *volume.Spec, devicePath string, d
 	if ro {
 		options = append(options, "ro")
 	}
-	mountOptions := volume.MountOptionFromSpec(spec, options...)
+	mountOptions := volutil.MountOptionFromSpec(spec, options...)
 	err = attacher.mounter.FormatAndMount(devicePath, deviceMountPath, fstype, mountOptions)
 	if err != nil {
 		os.Remove(deviceMountPath)
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/rbd/disk_manager.go b/vendor/k8s.io/kubernetes/pkg/volume/rbd/disk_manager.go
index 87607370448b..6f62f485444e 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/rbd/disk_manager.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/rbd/disk_manager.go
@@ -31,18 +31,23 @@ import (
 	"k8s.io/apimachinery/pkg/api/resource"
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
+	"k8s.io/kubernetes/pkg/volume/util"
 )
 
 // Abstract interface to disk operations.
 type diskManager interface {
 	// MakeGlobalPDName creates global persistent disk path.
 	MakeGlobalPDName(disk rbd) string
+	// MakeGlobalVDPDName creates global block disk path.
+	MakeGlobalVDPDName(disk rbd) string
 	// Attaches the disk to the kubelet's host machine.
 	// If it successfully attaches, the path to the device
 	// is returned. Otherwise, an error will be returned.
 	AttachDisk(disk rbdMounter) (string, error)
 	// Detaches the disk from the kubelet's host machine.
 	DetachDisk(plugin *rbdPlugin, deviceMountPath string, device string) error
+	// Detaches the block disk from the kubelet's host machine.
+	DetachBlockDisk(disk rbdDiskUnmapper, mntPath string) error
 	// Creates a rbd image.
 	CreateImage(provisioner *rbdVolumeProvisioner) (r *v1.RBDPersistentVolumeSource, volumeSizeGB int, err error)
 	// Deletes a rbd image.
@@ -81,7 +86,7 @@ func diskSetUp(manager diskManager, b rbdMounter, volPath string, mounter mount.
 	if (&b).GetAttributes().ReadOnly {
 		options = append(options, "ro")
 	}
-	mountOptions := volume.JoinMountOptions(b.mountOptions, options)
+	mountOptions := util.JoinMountOptions(b.mountOptions, options)
 	err = mounter.Mount(globalPDPath, volPath, "", mountOptions)
 	if err != nil {
 		glog.Errorf("failed to bind mount:%s", globalPDPath)
@@ -115,9 +120,9 @@ func diskTearDown(manager diskManager, c rbdUnmounter, volPath string, mounter m
 	}
 
 	notMnt, mntErr := mounter.IsLikelyNotMountPoint(volPath)
-	if err != nil && !os.IsNotExist(err) {
+	if mntErr != nil && !os.IsNotExist(mntErr) {
 		glog.Errorf("IsLikelyNotMountPoint check failed: %v", mntErr)
-		return err
+		return mntErr
 	}
 	if notMnt {
 		if err := os.Remove(volPath); err != nil {
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/rbd/rbd.go b/vendor/k8s.io/kubernetes/pkg/volume/rbd/rbd.go
index fcdb4fa5ee2a..ffc5c03c1051 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/rbd/rbd.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/rbd/rbd.go
@@ -18,6 +18,9 @@ package rbd
 
 import (
 	"fmt"
+	"os"
+	"path/filepath"
+	"regexp"
 	dstrings "strings"
 
 	"github.com/golang/glog"
@@ -32,7 +35,7 @@ import (
 	"k8s.io/kubernetes/pkg/util/strings"
 	"k8s.io/kubernetes/pkg/volume"
 	volutil "k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
+	"k8s.io/kubernetes/pkg/volume/util/volumepathhandler"
 )
 
 var (
@@ -55,6 +58,7 @@ var _ volume.DeletableVolumePlugin = &rbdPlugin{}
 var _ volume.ProvisionableVolumePlugin = &rbdPlugin{}
 var _ volume.AttachableVolumePlugin = &rbdPlugin{}
 var _ volume.ExpandableVolumePlugin = &rbdPlugin{}
+var _ volume.BlockVolumePlugin = &rbdPlugin{}
 
 const (
 	rbdPluginName                  = "kubernetes.io/rbd"
@@ -81,7 +85,7 @@ func (plugin *rbdPlugin) GetPluginName() string {
 }
 
 func (plugin *rbdPlugin) GetVolumeName(spec *volume.Spec) (string, error) {
-	mon, err := getVolumeSourceMonitors(spec)
+	pool, err := getVolumeSourcePool(spec)
 	if err != nil {
 		return "", err
 	}
@@ -92,16 +96,12 @@ func (plugin *rbdPlugin) GetVolumeName(spec *volume.Spec) (string, error) {
 
 	return fmt.Sprintf(
 		"%v:%v",
-		mon,
+		pool,
 		img), nil
 }
 
 func (plugin *rbdPlugin) CanSupport(spec *volume.Spec) bool {
-	if (spec.Volume != nil && spec.Volume.RBD == nil) || (spec.PersistentVolume != nil && spec.PersistentVolume.Spec.RBD == nil) {
-		return false
-	}
-
-	return true
+	return (spec.Volume != nil && spec.Volume.RBD != nil) || (spec.PersistentVolume != nil && spec.PersistentVolume.Spec.RBD != nil)
 }
 
 func (plugin *rbdPlugin) RequiresRemount() bool {
@@ -244,7 +244,7 @@ func (plugin *rbdPlugin) createMounterFromVolumeSpecAndPod(spec *volume.Spec, po
 		if kubeClient == nil {
 			return nil, fmt.Errorf("Cannot get kube client")
 		}
-		secrets, err := kubeClient.Core().Secrets(secretNs).Get(secretName, metav1.GetOptions{})
+		secrets, err := kubeClient.CoreV1().Secrets(secretNs).Get(secretName, metav1.GetOptions{})
 		if err != nil {
 			err = fmt.Errorf("Couldn't get secret %v/%v err: %v", secretNs, secretName, err)
 			return nil, err
@@ -327,7 +327,7 @@ func (plugin *rbdPlugin) newMounterInternal(spec *volume.Spec, podUID types.UID,
 		Keyring:      keyring,
 		Secret:       secret,
 		fsType:       fstype,
-		mountOptions: volume.MountOptionFromSpec(spec),
+		mountOptions: volutil.MountOptionFromSpec(spec),
 	}, nil
 }
 
@@ -346,17 +346,184 @@ func (plugin *rbdPlugin) newUnmounterInternal(volName string, podUID types.UID,
 }
 
 func (plugin *rbdPlugin) ConstructVolumeSpec(volumeName, mountPath string) (*volume.Spec, error) {
+	mounter := plugin.host.GetMounter(plugin.GetPluginName())
+	pluginDir := plugin.host.GetPluginDir(plugin.GetPluginName())
+	sourceName, err := mounter.GetDeviceNameFromMount(mountPath, pluginDir)
+	if err != nil {
+		return nil, err
+	}
+	s := dstrings.Split(sourceName, "-image-")
+	if len(s) != 2 {
+		// The mountPath parameter is the volume mount path for a specific pod, its format
+		// is /var/lib/kubelet/pods/{podUID}/volumes/{volumePluginName}/{volumeName}.
+		// mounter.GetDeviceNameFromMount will find the device path(such as /dev/rbd0) by
+		// mountPath first, and then try to find the global device mount path from the mounted
+		// path list of this device. sourceName is extracted from this global device mount path.
+		// mounter.GetDeviceNameFromMount expects the global device mount path conforms to canonical
+		// format: /var/lib/kubelet/plugins/kubernetes.io/rbd/mounts/{pool}-image-{image}.
+		// If this assertion failed, it means that the global device mount path is created by
+		// the deprecated format: /var/lib/kubelet/plugins/kubernetes.io/rbd/rbd/{pool}-image-{image}.
+		// So we will try to check whether this old style global device mount path exist or not.
+		// If existed, extract the sourceName from this old style path, otherwise return an error.
+		glog.V(3).Infof("SourceName %s wrong, fallback to old format", sourceName)
+		sourceName, err = plugin.getDeviceNameFromOldMountPath(mounter, mountPath)
+		if err != nil {
+			return nil, err
+		}
+		s = dstrings.Split(sourceName, "-image-")
+		if len(s) != 2 {
+			return nil, fmt.Errorf("sourceName %s wrong, should be pool+\"-image-\"+imageName", sourceName)
+		}
+	}
 	rbdVolume := &v1.Volume{
 		Name: volumeName,
 		VolumeSource: v1.VolumeSource{
 			RBD: &v1.RBDVolumeSource{
-				CephMonitors: []string{},
+				RBDPool:  s[0],
+				RBDImage: s[1],
 			},
 		},
 	}
 	return volume.NewSpecFromVolume(rbdVolume), nil
 }
 
+func (plugin *rbdPlugin) ConstructBlockVolumeSpec(podUID types.UID, volumeName, mapPath string) (*volume.Spec, error) {
+	pluginDir := plugin.host.GetVolumeDevicePluginDir(rbdPluginName)
+	blkutil := volumepathhandler.NewBlockVolumePathHandler()
+
+	globalMapPathUUID, err := blkutil.FindGlobalMapPathUUIDFromPod(pluginDir, mapPath, podUID)
+	if err != nil {
+		return nil, err
+	}
+	glog.V(5).Infof("globalMapPathUUID: %v, err: %v", globalMapPathUUID, err)
+	globalMapPath := filepath.Dir(globalMapPathUUID)
+	if len(globalMapPath) == 1 {
+		return nil, fmt.Errorf("failed to retrieve volume plugin information from globalMapPathUUID: %v", globalMapPathUUID)
+	}
+	return getVolumeSpecFromGlobalMapPath(globalMapPath)
+}
+
+func getVolumeSpecFromGlobalMapPath(globalMapPath string) (*volume.Spec, error) {
+	// Retrieve volume spec information from globalMapPath
+	// globalMapPath example:
+	//   plugins/kubernetes.io/{PluginName}/{DefaultKubeletVolumeDevicesDirName}/{volumePluginDependentPath}
+	pool, image, err := getPoolAndImageFromMapPath(globalMapPath)
+	if err != nil {
+		return nil, err
+	}
+	block := v1.PersistentVolumeBlock
+	rbdVolume := &v1.PersistentVolume{
+		Spec: v1.PersistentVolumeSpec{
+			PersistentVolumeSource: v1.PersistentVolumeSource{
+				RBD: &v1.RBDPersistentVolumeSource{
+					RBDImage: image,
+					RBDPool:  pool,
+				},
+			},
+			VolumeMode: &block,
+		},
+	}
+
+	return volume.NewSpecFromPersistentVolume(rbdVolume, true), nil
+}
+
+func (plugin *rbdPlugin) NewBlockVolumeMapper(spec *volume.Spec, pod *v1.Pod, _ volume.VolumeOptions) (volume.BlockVolumeMapper, error) {
+
+	var uid types.UID
+	if pod != nil {
+		uid = pod.UID
+	}
+	secret := ""
+	// var err error
+	if pod != nil {
+		secretName, secretNs, err := getSecretNameAndNamespace(spec, pod.Namespace)
+		if err != nil {
+			return nil, err
+		}
+		if len(secretName) > 0 && len(secretNs) > 0 {
+			// if secret is provideded, retrieve it
+			kubeClient := plugin.host.GetKubeClient()
+			if kubeClient == nil {
+				return nil, fmt.Errorf("Cannot get kube client")
+			}
+			secrets, err := kubeClient.Core().Secrets(secretNs).Get(secretName, metav1.GetOptions{})
+			if err != nil {
+				err = fmt.Errorf("Couldn't get secret %v/%v err: %v", secretNs, secretName, err)
+				return nil, err
+			}
+			for _, data := range secrets.Data {
+				secret = string(data)
+			}
+		}
+	}
+
+	return plugin.newBlockVolumeMapperInternal(spec, uid, &RBDUtil{}, secret, plugin.host.GetMounter(plugin.GetPluginName()), plugin.host.GetExec(plugin.GetPluginName()))
+}
+
+func (plugin *rbdPlugin) newBlockVolumeMapperInternal(spec *volume.Spec, podUID types.UID, manager diskManager, secret string, mounter mount.Interface, exec mount.Exec) (volume.BlockVolumeMapper, error) {
+	mon, err := getVolumeSourceMonitors(spec)
+	if err != nil {
+		return nil, err
+	}
+	img, err := getVolumeSourceImage(spec)
+	if err != nil {
+		return nil, err
+	}
+	pool, err := getVolumeSourcePool(spec)
+	if err != nil {
+		return nil, err
+	}
+	id, err := getVolumeSourceUser(spec)
+	if err != nil {
+		return nil, err
+	}
+	keyring, err := getVolumeSourceKeyRing(spec)
+	if err != nil {
+		return nil, err
+	}
+	ro, err := getVolumeSourceReadOnly(spec)
+	if err != nil {
+		return nil, err
+	}
+
+	return &rbdDiskMapper{
+		rbd:     newRBD(podUID, spec.Name(), img, pool, ro, plugin, manager),
+		mon:     mon,
+		id:      id,
+		keyring: keyring,
+		secret:  secret,
+	}, nil
+}
+
+func (plugin *rbdPlugin) NewBlockVolumeUnmapper(volName string, podUID types.UID) (volume.BlockVolumeUnmapper, error) {
+	return plugin.newUnmapperInternal(volName, podUID, &RBDUtil{})
+}
+
+func (plugin *rbdPlugin) newUnmapperInternal(volName string, podUID types.UID, manager diskManager) (volume.BlockVolumeUnmapper, error) {
+	return &rbdDiskUnmapper{
+		rbdDiskMapper: &rbdDiskMapper{
+			rbd: newRBD(podUID, volName, "", "", false, plugin, manager),
+			mon: make([]string, 0),
+		},
+	}, nil
+}
+
+func (plugin *rbdPlugin) getDeviceNameFromOldMountPath(mounter mount.Interface, mountPath string) (string, error) {
+	refs, err := mount.GetMountRefsByDev(mounter, mountPath)
+	if err != nil {
+		return "", err
+	}
+	// baseMountPath is the prefix of deprecated device global mounted path,
+	// such as: /var/lib/kubelet/plugins/kubernetes.io/rbd/rbd
+	baseMountPath := filepath.Join(plugin.host.GetPluginDir(rbdPluginName), "rbd")
+	for _, ref := range refs {
+		if dstrings.HasPrefix(ref, baseMountPath) {
+			return filepath.Rel(baseMountPath, ref)
+		}
+	}
+	return "", fmt.Errorf("can't find source name from mounted path: %s", mountPath)
+}
+
 func (plugin *rbdPlugin) NewDeleter(spec *volume.Spec) (volume.Deleter, error) {
 	if spec.PersistentVolume != nil && spec.PersistentVolume.Spec.RBD == nil {
 		return nil, fmt.Errorf("spec.PersistentVolumeSource.Spec.RBD is nil")
@@ -402,7 +569,7 @@ type rbdVolumeProvisioner struct {
 var _ volume.Provisioner = &rbdVolumeProvisioner{}
 
 func (r *rbdVolumeProvisioner) Provision() (*v1.PersistentVolume, error) {
-	if !volume.AccessModesContainedInAll(r.plugin.GetAccessModes(), r.options.PVC.Spec.AccessModes) {
+	if !volutil.AccessModesContainedInAll(r.plugin.GetAccessModes(), r.options.PVC.Spec.AccessModes) {
 		return nil, fmt.Errorf("invalid AccessModes %v: only AccessModes %v are supported", r.options.PVC.Spec.AccessModes, r.plugin.GetAccessModes())
 	}
 
@@ -415,6 +582,7 @@ func (r *rbdVolumeProvisioner) Provision() (*v1.PersistentVolume, error) {
 	secret := ""
 	secretName := ""
 	secretNamespace := ""
+	keyring := ""
 	imageFormat := rbdImageFormat2
 	fstype := ""
 
@@ -439,6 +607,8 @@ func (r *rbdVolumeProvisioner) Provision() (*v1.PersistentVolume, error) {
 			secretName = v
 		case "usersecretnamespace":
 			secretNamespace = v
+		case "keyring":
+			keyring = v
 		case "imageformat":
 			imageFormat = v
 		case "imagefeatures":
@@ -472,8 +642,8 @@ func (r *rbdVolumeProvisioner) Provision() (*v1.PersistentVolume, error) {
 	if len(r.Mon) < 1 {
 		return nil, fmt.Errorf("missing Ceph monitors")
 	}
-	if secretName == "" {
-		return nil, fmt.Errorf("missing user secret name")
+	if secretName == "" && keyring == "" {
+		return nil, fmt.Errorf("must specify either keyring or user secret name")
 	}
 	if r.adminId == "" {
 		r.adminId = rbdDefaultAdminId
@@ -495,10 +665,20 @@ func (r *rbdVolumeProvisioner) Provision() (*v1.PersistentVolume, error) {
 	}
 	glog.Infof("successfully created rbd image %q", image)
 	pv := new(v1.PersistentVolume)
-	metav1.SetMetaDataAnnotation(&pv.ObjectMeta, volumehelper.VolumeDynamicallyCreatedByKey, "rbd-dynamic-provisioner")
-	rbd.SecretRef = new(v1.SecretReference)
-	rbd.SecretRef.Name = secretName
-	rbd.SecretRef.Namespace = secretNamespace
+	metav1.SetMetaDataAnnotation(&pv.ObjectMeta, volutil.VolumeDynamicallyCreatedByKey, "rbd-dynamic-provisioner")
+
+	if secretName != "" {
+		rbd.SecretRef = new(v1.SecretReference)
+		rbd.SecretRef.Name = secretName
+		rbd.SecretRef.Namespace = secretNamespace
+	} else {
+		var filePathRegex = regexp.MustCompile(`^(?:/[^/!;` + "`" + ` ]+)+$`)
+		if keyring != "" && !filePathRegex.MatchString(keyring) {
+			return nil, fmt.Errorf("keyring field must contain a path to a file")
+		}
+		rbd.Keyring = keyring
+	}
+
 	rbd.RadosUser = r.Id
 	rbd.FSType = fstype
 	pv.Spec.PersistentVolumeSource.RBD = rbd
@@ -561,7 +741,7 @@ func newRBD(podUID types.UID, volName string, image string, pool string, readOnl
 		Pool:            pool,
 		ReadOnly:        readOnly,
 		plugin:          plugin,
-		mounter:         volumehelper.NewSafeFormatAndMountFromHost(plugin.GetPluginName(), plugin.host),
+		mounter:         volutil.NewSafeFormatAndMountFromHost(plugin.GetPluginName(), plugin.host),
 		exec:            plugin.host.GetExec(plugin.GetPluginName()),
 		manager:         manager,
 		MetricsProvider: volume.NewMetricsStatFS(getPath(podUID, volName, plugin.host)),
@@ -650,6 +830,140 @@ func (c *rbdUnmounter) TearDownAt(dir string) error {
 	return nil
 }
 
+var _ volume.BlockVolumeMapper = &rbdDiskMapper{}
+
+type rbdDiskMapper struct {
+	*rbd
+	mon           []string
+	id            string
+	keyring       string
+	secret        string
+	adminSecret   string
+	adminId       string
+	imageFormat   string
+	imageFeatures []string
+}
+
+var _ volume.BlockVolumeUnmapper = &rbdDiskUnmapper{}
+
+// GetGlobalMapPath returns global map path and error
+// path: plugins/kubernetes.io/{PluginName}/volumeDevices/{rbd pool}-image-{rbd image-name}/{podUid}
+func (rbd *rbd) GetGlobalMapPath(spec *volume.Spec) (string, error) {
+	return rbd.rbdGlobalMapPath(spec)
+}
+
+// GetPodDeviceMapPath returns pod device map path and volume name
+// path: pods/{podUid}/volumeDevices/kubernetes.io~rbd
+// volumeName: pv0001
+func (rbd *rbd) GetPodDeviceMapPath() (string, string) {
+	return rbd.rbdPodDeviceMapPath()
+}
+
+func (rbd *rbdDiskMapper) SetUpDevice() (string, error) {
+	return "", nil
+}
+
+func (rbd *rbd) rbdGlobalMapPath(spec *volume.Spec) (string, error) {
+	var err error
+	mon, err := getVolumeSourceMonitors(spec)
+	if err != nil {
+		return "", err
+	}
+	img, err := getVolumeSourceImage(spec)
+	if err != nil {
+		return "", err
+	}
+	pool, err := getVolumeSourcePool(spec)
+	if err != nil {
+		return "", err
+	}
+	ro, err := getVolumeSourceReadOnly(spec)
+	if err != nil {
+		return "", err
+	}
+
+	mounter := &rbdMounter{
+		rbd: newRBD("", spec.Name(), img, pool, ro, rbd.plugin, &RBDUtil{}),
+		Mon: mon,
+	}
+	return rbd.manager.MakeGlobalVDPDName(*mounter.rbd), nil
+}
+
+func (rbd *rbd) rbdPodDeviceMapPath() (string, string) {
+	name := rbdPluginName
+	return rbd.plugin.host.GetPodVolumeDeviceDir(rbd.podUID, strings.EscapeQualifiedNameForDisk(name)), rbd.volName
+}
+
+type rbdDiskUnmapper struct {
+	*rbdDiskMapper
+}
+
+func getPoolAndImageFromMapPath(mapPath string) (string, string, error) {
+
+	pathParts := dstrings.Split(mapPath, "/")
+	if len(pathParts) < 2 {
+		return "", "", fmt.Errorf("corrupted mapPath")
+	}
+	rbdParts := dstrings.Split(pathParts[len(pathParts)-1], "-image-")
+
+	if len(rbdParts) < 2 {
+		return "", "", fmt.Errorf("corrupted mapPath")
+	}
+	return string(rbdParts[0]), string(rbdParts[1]), nil
+}
+
+func getBlockVolumeDevice(mapPath string) (string, error) {
+	pool, image, err := getPoolAndImageFromMapPath(mapPath)
+	if err != nil {
+		return "", err
+	}
+	// Getting full device path
+	device, found := getDevFromImageAndPool(pool, image)
+	if !found {
+		return "", err
+	}
+	return device, nil
+}
+
+func (rbd *rbdDiskUnmapper) TearDownDevice(mapPath, _ string) error {
+
+	device, err := getBlockVolumeDevice(mapPath)
+	if err != nil {
+		return fmt.Errorf("rbd: failed to get loopback for device: %v, err: %v", device, err)
+	}
+	// Get loopback device which takes fd lock for device beofore detaching a volume from node.
+	// TODO: This is a workaround for issue #54108
+	// Currently local attach plugins such as FC, iSCSI, RBD can't obtain devicePath during
+	// GenerateUnmapDeviceFunc() in operation_generator. As a result, these plugins fail to get
+	// and remove loopback device then it will be remained on kubelet node. To avoid the problem,
+	// local attach plugins needs to remove loopback device during TearDownDevice().
+	blkUtil := volumepathhandler.NewBlockVolumePathHandler()
+	loop, err := volumepathhandler.BlockVolumePathHandler.GetLoopDevice(blkUtil, device)
+	if err != nil {
+		return fmt.Errorf("rbd: failed to get loopback for device: %v, err: %v", device, err)
+	}
+	// Remove loop device before detaching volume since volume detach operation gets busy if volume is opened by loopback.
+	err = volumepathhandler.BlockVolumePathHandler.RemoveLoopDevice(blkUtil, loop)
+	if err != nil {
+		return fmt.Errorf("rbd: failed to remove loopback :%v, err: %v", loop, err)
+	}
+	glog.V(4).Infof("rbd: successfully removed loop device: %s", loop)
+
+	err = rbd.manager.DetachBlockDisk(*rbd, mapPath)
+	if err != nil {
+		return fmt.Errorf("rbd: failed to detach disk: %s\nError: %v", mapPath, err)
+	}
+	glog.V(4).Infof("rbd: %q is unmapped, deleting the directory", mapPath)
+
+	err = os.RemoveAll(mapPath)
+	if err != nil {
+		return fmt.Errorf("rbd: failed to delete the directory: %s\nError: %v", mapPath, err)
+	}
+	glog.V(4).Infof("rbd: successfully detached disk: %s", mapPath)
+
+	return nil
+}
+
 func getVolumeSourceMonitors(spec *volume.Spec) ([]string, error) {
 	if spec.Volume != nil && spec.Volume.RBD != nil {
 		return spec.Volume.RBD.CephMonitors, nil
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/rbd/rbd_util.go b/vendor/k8s.io/kubernetes/pkg/volume/rbd/rbd_util.go
index 15b4b52ee663..3374205104ee 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/rbd/rbd_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/rbd/rbd_util.go
@@ -25,11 +25,9 @@ import (
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
-	"math/rand"
 	"os"
 	"os/exec"
 	"path"
-	"regexp"
 	"strconv"
 	"strings"
 	"time"
@@ -37,7 +35,10 @@ import (
 	"github.com/golang/glog"
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/resource"
+	"k8s.io/apimachinery/pkg/util/errors"
+	"k8s.io/apimachinery/pkg/util/wait"
 	fileutil "k8s.io/kubernetes/pkg/util/file"
+	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/util/node"
 	"k8s.io/kubernetes/pkg/volume"
 	volutil "k8s.io/kubernetes/pkg/volume/util"
@@ -48,44 +49,57 @@ const (
 	imageSizeStr    = "size "
 	sizeDivStr      = " MB in"
 	kubeLockMagic   = "kubelet_lock_magic_"
+	// The following three values are used for 30 seconds timeout
+	// while waiting for RBD Watcher to expire.
+	rbdImageWatcherInitDelay = 1 * time.Second
+	rbdImageWatcherFactor    = 1.4
+	rbdImageWatcherSteps     = 10
 )
 
-var (
-	clientKubeLockMagicRe = regexp.MustCompile("client.* " + kubeLockMagic + ".*")
-)
-
-// search /sys/bus for rbd device that matches given pool and image
 func getDevFromImageAndPool(pool, image string) (string, bool) {
+	device, found := getRbdDevFromImageAndPool(pool, image)
+	if found {
+		return device, true
+	}
+	device, found = getNbdDevFromImageAndPool(pool, image)
+	if found {
+		return device, true
+	}
+	return "", false
+}
+
+// Search /sys/bus for rbd device that matches given pool and image.
+func getRbdDevFromImageAndPool(pool string, image string) (string, bool) {
 	// /sys/bus/rbd/devices/X/name and /sys/bus/rbd/devices/X/pool
 	sys_path := "/sys/bus/rbd/devices"
 	if dirs, err := ioutil.ReadDir(sys_path); err == nil {
 		for _, f := range dirs {
-			// pool and name format:
+			// Pool and name format:
 			// see rbd_pool_show() and rbd_name_show() at
 			// https://github.com/torvalds/linux/blob/master/drivers/block/rbd.c
 			name := f.Name()
-			// first match pool, then match name
+			// First match pool, then match name.
 			poolFile := path.Join(sys_path, name, "pool")
 			poolBytes, err := ioutil.ReadFile(poolFile)
 			if err != nil {
-				glog.V(4).Infof("Error reading %s: %v", poolFile, err)
+				glog.V(4).Infof("error reading %s: %v", poolFile, err)
 				continue
 			}
 			if strings.TrimSpace(string(poolBytes)) != pool {
-				glog.V(4).Infof("Device %s is not %q: %q", name, pool, string(poolBytes))
+				glog.V(4).Infof("device %s is not %q: %q", name, pool, string(poolBytes))
 				continue
 			}
 			imgFile := path.Join(sys_path, name, "name")
 			imgBytes, err := ioutil.ReadFile(imgFile)
 			if err != nil {
-				glog.V(4).Infof("Error reading %s: %v", imgFile, err)
+				glog.V(4).Infof("error reading %s: %v", imgFile, err)
 				continue
 			}
 			if strings.TrimSpace(string(imgBytes)) != image {
-				glog.V(4).Infof("Device %s is not %q: %q", name, image, string(imgBytes))
+				glog.V(4).Infof("device %s is not %q: %q", name, image, string(imgBytes))
 				continue
 			}
-			// found a match, check if device exists
+			// Found a match, check if device exists.
 			devicePath := "/dev/rbd" + name
 			if _, err := os.Lstat(devicePath); err == nil {
 				return devicePath, true
@@ -95,24 +109,158 @@ func getDevFromImageAndPool(pool, image string) (string, bool) {
 	return "", false
 }
 
-// stat a path, if not exists, retry maxRetries times
-func waitForPath(pool, image string, maxRetries int) (string, bool) {
+func getMaxNbds() (int, error) {
+
+	// the max number of nbd devices may be found in maxNbdsPath
+	// we will check sysfs for possible nbd devices even if this is not available
+	maxNbdsPath := "/sys/module/nbd/parameters/nbds_max"
+	_, err := os.Lstat(maxNbdsPath)
+	if err != nil {
+		return 0, fmt.Errorf("rbd-nbd: failed to retrieve max_nbds from %s err: %q", maxNbdsPath, err)
+	}
+
+	glog.V(4).Infof("found nbds max parameters file at %s", maxNbdsPath)
+
+	maxNbdBytes, err := ioutil.ReadFile(maxNbdsPath)
+	if err != nil {
+		return 0, fmt.Errorf("rbd-nbd: failed to read max_nbds from %s err: %q", maxNbdsPath, err)
+	}
+
+	maxNbds, err := strconv.Atoi(strings.TrimSpace(string(maxNbdBytes)))
+	if err != nil {
+		return 0, fmt.Errorf("rbd-nbd: failed to read max_nbds err: %q", err)
+	}
+
+	glog.V(4).Infof("rbd-nbd: max_nbds: %d", maxNbds)
+	return maxNbds, nil
+}
+
+// Locate any existing rbd-nbd process mapping given a <pool, image>.
+// Recent versions of rbd-nbd tool can correctly provide this info using list-mapped
+// but older versions of list-mapped don't.
+// The implementation below peeks at the command line of nbd bound processes
+// to figure out any mapped images.
+func getNbdDevFromImageAndPool(pool string, image string) (string, bool) {
+	// nbd module exports the pid of serving process in sysfs
+	basePath := "/sys/block/nbd"
+	// Do not change imgPath format - some tools like rbd-nbd are strict about it.
+	imgPath := fmt.Sprintf("%s/%s", pool, image)
+
+	maxNbds, maxNbdsErr := getMaxNbds()
+	if maxNbdsErr != nil {
+		glog.V(4).Infof("error reading nbds_max %v", maxNbdsErr)
+		return "", false
+	}
+
+	for i := 0; i < maxNbds; i++ {
+		nbdPath := basePath + strconv.Itoa(i)
+		_, err := os.Lstat(nbdPath)
+		if err != nil {
+			glog.V(4).Infof("error reading nbd info directory %s: %v", nbdPath, err)
+			continue
+		}
+		pidBytes, err := ioutil.ReadFile(path.Join(nbdPath, "pid"))
+		if err != nil {
+			glog.V(5).Infof("did not find valid pid file in dir %s: %v", nbdPath, err)
+			continue
+		}
+		cmdlineFileName := path.Join("/proc", strings.TrimSpace(string(pidBytes)), "cmdline")
+		rawCmdline, err := ioutil.ReadFile(cmdlineFileName)
+		if err != nil {
+			glog.V(4).Infof("failed to read cmdline file %s: %v", cmdlineFileName, err)
+			continue
+		}
+		cmdlineArgs := strings.FieldsFunc(string(rawCmdline), func(r rune) bool {
+			return r == '\u0000'
+		})
+		// Check if this process is mapping a rbd device.
+		// Only accepted pattern of cmdline is from execRbdMap:
+		// rbd-nbd map pool/image ...
+		if len(cmdlineArgs) < 3 || cmdlineArgs[0] != "rbd-nbd" || cmdlineArgs[1] != "map" {
+			glog.V(4).Infof("nbd device %s is not used by rbd", nbdPath)
+			continue
+		}
+		if cmdlineArgs[2] != imgPath {
+			glog.V(4).Infof("rbd-nbd device %s did not match expected image path: %s with path found: %s",
+				nbdPath, imgPath, cmdlineArgs[2])
+			continue
+		}
+		devicePath := path.Join("/dev", "nbd"+strconv.Itoa(i))
+		if _, err := os.Lstat(devicePath); err != nil {
+			glog.Warningf("Stat device %s for imgpath %s failed %v", devicePath, imgPath, err)
+			continue
+		}
+		return devicePath, true
+	}
+	return "", false
+}
+
+// Stat a path, if it doesn't exist, retry maxRetries times.
+func waitForPath(pool, image string, maxRetries int, useNbdDriver bool) (string, bool) {
 	for i := 0; i < maxRetries; i++ {
-		devicePath, found := getDevFromImageAndPool(pool, image)
-		if found {
-			return devicePath, true
+		if i != 0 {
+			time.Sleep(time.Second)
 		}
-		if i == maxRetries-1 {
-			break
+		if useNbdDriver {
+			if devicePath, found := getNbdDevFromImageAndPool(pool, image); found {
+				return devicePath, true
+			}
+		} else {
+			if devicePath, found := getRbdDevFromImageAndPool(pool, image); found {
+				return devicePath, true
+			}
 		}
-		time.Sleep(time.Second)
 	}
 	return "", false
 }
 
-// make a directory like /var/lib/kubelet/plugins/kubernetes.io/pod/rbd/pool-image-image
+// Execute command to map a rbd device for mounter.
+// rbdCmd is driver dependent and either "rbd" or "rbd-nbd".
+func execRbdMap(b rbdMounter, rbdCmd string, mon string) ([]byte, error) {
+	// Commandline: rbdCmd map imgPath ...
+	// do not change this format - some tools like rbd-nbd are strict about it.
+	imgPath := fmt.Sprintf("%s/%s", b.Pool, b.Image)
+	if b.Secret != "" {
+		return b.exec.Run(rbdCmd,
+			"map", imgPath, "--id", b.Id, "-m", mon, "--key="+b.Secret)
+	} else {
+		return b.exec.Run(rbdCmd,
+			"map", imgPath, "--id", b.Id, "-m", mon, "-k", b.Keyring)
+	}
+}
+
+// Check if rbd-nbd tools are installed.
+func checkRbdNbdTools(e mount.Exec) bool {
+	_, err := e.Run("modprobe", "nbd")
+	if err != nil {
+		glog.V(5).Infof("rbd-nbd: nbd modprobe failed with error %v", err)
+		return false
+	}
+	if _, err := e.Run("rbd-nbd", "--version"); err != nil {
+		glog.V(5).Infof("rbd-nbd: getting rbd-nbd version failed with error %v", err)
+		return false
+	}
+	glog.V(3).Infof("rbd-nbd tools were found.")
+	return true
+}
+
+// Make a directory like /var/lib/kubelet/plugins/kubernetes.io/rbd/mounts/pool-image-image.
 func makePDNameInternal(host volume.VolumeHost, pool string, image string) string {
-	return path.Join(host.GetPluginDir(rbdPluginName), "rbd", pool+"-image-"+image)
+	// Backward compatibility for the deprecated format: /var/lib/kubelet/plugins/kubernetes.io/rbd/rbd/pool-image-image.
+	deprecatedDir := path.Join(host.GetPluginDir(rbdPluginName), "rbd", pool+"-image-"+image)
+	info, err := os.Stat(deprecatedDir)
+	if err == nil && info.IsDir() {
+		// The device mount path has already been created with the deprecated format, return it.
+		glog.V(5).Infof("Deprecated format path %s found", deprecatedDir)
+		return deprecatedDir
+	}
+	// Return the canonical format path.
+	return path.Join(host.GetPluginDir(rbdPluginName), mount.MountsInGlobalPDPath, pool+"-image-"+image)
+}
+
+// Make a directory like /var/lib/kubelet/plugins/kubernetes.io/rbd/volumeDevices/pool-image-image.
+func makeVDPDNameInternal(host volume.VolumeHost, pool string, image string) string {
+	return path.Join(host.GetVolumeDevicePluginDir(rbdPluginName), pool+"-image-"+image)
 }
 
 // RBDUtil implements diskManager interface.
@@ -124,6 +272,10 @@ func (util *RBDUtil) MakeGlobalPDName(rbd rbd) string {
 	return makePDNameInternal(rbd.plugin.host, rbd.Pool, rbd.Image)
 }
 
+func (util *RBDUtil) MakeGlobalVDPDName(rbd rbd) string {
+	return makeVDPDNameInternal(rbd.plugin.host, rbd.Pool, rbd.Image)
+}
+
 func rbdErrors(runErr, resultErr error) error {
 	if err, ok := runErr.(*exec.Error); ok {
 		if err.Err == exec.ErrNotFound {
@@ -133,9 +285,21 @@ func rbdErrors(runErr, resultErr error) error {
 	return resultErr
 }
 
-// rbdLock acquires a lock on image if lock is true, otherwise releases if a
-// lock is found on image.
-func (util *RBDUtil) rbdLock(b rbdMounter, lock bool) error {
+// 'rbd' utility builds a comma-separated list of monitor addresses from '-m' /
+// '--mon_host` parameter (comma, semi-colon, or white-space delimited monitor
+// addresses) and send it to kernel rbd/libceph modules, which can accept
+// comma-seprated list of monitor addresses (e.g. ip1[:port1][,ip2[:port2]...])
+// in their first version in linux (see
+// https://github.com/torvalds/linux/blob/602adf400201636e95c3fed9f31fba54a3d7e844/net/ceph/ceph_common.c#L239).
+// Also, libceph module chooses monitor randomly, so we can simply pass all
+// addresses without randomization (see
+// https://github.com/torvalds/linux/blob/602adf400201636e95c3fed9f31fba54a3d7e844/net/ceph/mon_client.c#L132).
+func (util *RBDUtil) kernelRBDMonitorsOpt(mons []string) string {
+	return strings.Join(mons, ",")
+}
+
+// rbdUnlock releases a lock on image if found.
+func (util *RBDUtil) rbdUnlock(b rbdMounter) error {
 	var err error
 	var output, locker string
 	var cmd []byte
@@ -153,98 +317,43 @@ func (util *RBDUtil) rbdLock(b rbdMounter, lock bool) error {
 		b.adminSecret = b.Secret
 	}
 
-	// construct lock id using host name and a magic prefix
+	// Construct lock id using host name and a magic prefix.
 	lock_id := kubeLockMagic + node.GetHostname("")
 
-	l := len(b.Mon)
-	// avoid mount storm, pick a host randomly
-	start := rand.Int() % l
-	// iterate all hosts until mount succeeds.
-	for i := start; i < start+l; i++ {
-		mon := b.Mon[i%l]
-		// cmd "rbd lock list" serves two purposes:
-		// for fencing, check if lock already held for this host
-		// this edge case happens if host crashes in the middle of acquiring lock and mounting rbd
-		// for defencing, get the locker name, something like "client.1234"
-		args := []string{"lock", "list", b.Image, "--pool", b.Pool, "--id", b.Id, "-m", mon}
-		args = append(args, secret_opt...)
-		cmd, err = b.exec.Run("rbd", args...)
-		output = string(cmd)
-		glog.Infof("lock list output %q", output)
-		if err != nil {
-			continue
-		}
-
-		if lock {
-			// check if lock is already held for this host by matching lock_id and rbd lock id
-			if strings.Contains(output, lock_id) {
-				// this host already holds the lock, exit
-				glog.V(1).Infof("rbd: lock already held for %s", lock_id)
-				return nil
-			}
-			// clean up orphaned lock if no watcher on the image
-			used, rbdOutput, statusErr := util.rbdStatus(&b)
-			if statusErr != nil {
-				return fmt.Errorf("rbdStatus failed error %v, rbd output: %v", statusErr, rbdOutput)
-			}
-			if used {
-				// this image is already used by a node other than this node
-				return fmt.Errorf("rbd image: %s/%s is already used by a node other than this node, rbd output: %v", b.Image, b.Pool, output)
-			}
+	mon := util.kernelRBDMonitorsOpt(b.Mon)
 
-			// best effort clean up orphaned locked if not used
-			locks := clientKubeLockMagicRe.FindAllStringSubmatch(output, -1)
-			for _, v := range locks {
-				if len(v) > 0 {
-					lockInfo := strings.Split(v[0], " ")
-					if len(lockInfo) > 2 {
-						args := []string{"lock", "remove", b.Image, lockInfo[1], lockInfo[0], "--pool", b.Pool, "--id", b.Id, "-m", mon}
-						args = append(args, secret_opt...)
-						cmd, err = b.exec.Run("rbd", args...)
-						glog.Infof("remove orphaned locker %s from client %s: err %v, rbd output: %s", lockInfo[1], lockInfo[0], err, string(cmd))
-					}
-				}
-			}
-
-			// hold a lock: rbd lock add
-			args := []string{"lock", "add", b.Image, lock_id, "--pool", b.Pool, "--id", b.Id, "-m", mon}
-			args = append(args, secret_opt...)
-			cmd, err = b.exec.Run("rbd", args...)
-			if err == nil {
-				glog.V(4).Infof("rbd: successfully add lock (locker_id: %s) on image: %s/%s with id %s mon %s", lock_id, b.Pool, b.Image, b.Id, mon)
-			}
-		} else {
-			// defencing, find locker name
-			ind := strings.LastIndex(output, lock_id) - 1
-			for i := ind; i >= 0; i-- {
-				if output[i] == '\n' {
-					locker = output[(i + 1):ind]
-					break
-				}
-			}
-			// remove a lock if found: rbd lock remove
-			if len(locker) > 0 {
-				args := []string{"lock", "remove", b.Image, lock_id, locker, "--pool", b.Pool, "--id", b.Id, "-m", mon}
-				args = append(args, secret_opt...)
-				cmd, err = b.exec.Run("rbd", args...)
-				if err == nil {
-					glog.V(4).Infof("rbd: successfully remove lock (locker_id: %s) on image: %s/%s with id %s mon %s", lock_id, b.Pool, b.Image, b.Id, mon)
-				}
-			}
+	// Get the locker name, something like "client.1234".
+	args := []string{"lock", "list", b.Image, "--pool", b.Pool, "--id", b.Id, "-m", mon}
+	args = append(args, secret_opt...)
+	cmd, err = b.exec.Run("rbd", args...)
+	output = string(cmd)
+	glog.V(4).Infof("lock list output %q", output)
+	if err != nil {
+		return err
+	}
+	ind := strings.LastIndex(output, lock_id) - 1
+	for i := ind; i >= 0; i-- {
+		if output[i] == '\n' {
+			locker = output[(i + 1):ind]
+			break
 		}
+	}
 
+	// Remove a lock if found: rbd lock remove.
+	if len(locker) > 0 {
+		args := []string{"lock", "remove", b.Image, lock_id, locker, "--pool", b.Pool, "--id", b.Id, "-m", mon}
+		args = append(args, secret_opt...)
+		cmd, err = b.exec.Run("rbd", args...)
 		if err == nil {
-			// break if operation succeeds
-			break
+			glog.V(4).Infof("rbd: successfully remove lock (locker_id: %s) on image: %s/%s with id %s mon %s", lock_id, b.Pool, b.Image, b.Id, mon)
 		}
 	}
+
 	return err
 }
 
 // AttachDisk attaches the disk on the node.
-// If Volume is not read-only, acquire a lock on image first.
 func (util *RBDUtil) AttachDisk(b rbdMounter) (string, error) {
-	var err error
 	var output []byte
 
 	globalPDPath := util.MakeGlobalPDName(*b.rbd)
@@ -256,49 +365,72 @@ func (util *RBDUtil) AttachDisk(b rbdMounter) (string, error) {
 		}
 	}
 
-	devicePath, found := waitForPath(b.Pool, b.Image, 1)
-	if !found {
-		_, err = b.exec.Run("modprobe", "rbd")
-		if err != nil {
-			glog.Warningf("rbd: failed to load rbd kernel module:%v", err)
+	// Evalute whether this device was mapped with rbd.
+	devicePath, mapped := waitForPath(b.Pool, b.Image, 1 /*maxRetries*/, false /*useNbdDriver*/)
+
+	// If rbd-nbd tools are found, we will fallback to it should the default krbd driver fail.
+	nbdToolsFound := false
+
+	if !mapped {
+		nbdToolsFound := checkRbdNbdTools(b.exec)
+		if nbdToolsFound {
+			devicePath, mapped = waitForPath(b.Pool, b.Image, 1 /*maxRetries*/, true /*useNbdDriver*/)
 		}
+	}
 
+	if !mapped {
 		// Currently, we don't acquire advisory lock on image, but for backward
 		// compatibility, we need to check if the image is being used by nodes running old kubelet.
-		found, rbdOutput, err := util.rbdStatus(&b)
-		if err != nil {
-			return "", fmt.Errorf("error: %v, rbd output: %v", err, rbdOutput)
+		// osd_client_watch_timeout defaults to 30 seconds, if the watcher stays active longer than 30 seconds,
+		// rbd image does not get mounted and failure message gets generated.
+		backoff := wait.Backoff{
+			Duration: rbdImageWatcherInitDelay,
+			Factor:   rbdImageWatcherFactor,
+			Steps:    rbdImageWatcherSteps,
+		}
+		err := wait.ExponentialBackoff(backoff, func() (bool, error) {
+			used, rbdOutput, err := util.rbdStatus(&b)
+			if err != nil {
+				return false, fmt.Errorf("fail to check rbd image status with: (%v), rbd output: (%s)", err, rbdOutput)
+			}
+			return !used, nil
+		})
+		// Return error if rbd image has not become available for the specified timeout.
+		if err == wait.ErrWaitTimeout {
+			return "", fmt.Errorf("rbd image %s/%s is still being used", b.Pool, b.Image)
 		}
-		if found {
-			glog.Infof("rbd image %s/%s is still being used ", b.Pool, b.Image)
-			return "", fmt.Errorf("rbd image %s/%s is still being used. rbd output: %s", b.Pool, b.Image, rbdOutput)
+		// Return error if any other errors were encountered during wating for the image to become available.
+		if err != nil {
+			return "", err
 		}
 
-		// rbd map
-		l := len(b.Mon)
-		// avoid mount storm, pick a host randomly
-		start := rand.Int() % l
-		// iterate all hosts until mount succeeds.
-		for i := start; i < start+l; i++ {
-			mon := b.Mon[i%l]
-			glog.V(1).Infof("rbd: map mon %s", mon)
-			if b.Secret != "" {
-				output, err = b.exec.Run("rbd",
-					"map", b.Image, "--pool", b.Pool, "--id", b.Id, "-m", mon, "--key="+b.Secret)
-			} else {
-				output, err = b.exec.Run("rbd",
-					"map", b.Image, "--pool", b.Pool, "--id", b.Id, "-m", mon, "-k", b.Keyring)
-			}
-			if err == nil {
-				break
-			}
-			glog.V(1).Infof("rbd: map error %v, rbd output: %s", err, string(output))
+		mon := util.kernelRBDMonitorsOpt(b.Mon)
+		glog.V(1).Infof("rbd: map mon %s", mon)
+
+		_, err = b.exec.Run("modprobe", "rbd")
+		if err != nil {
+			glog.Warningf("rbd: failed to load rbd kernel module:%v", err)
 		}
+		output, err = execRbdMap(b, "rbd", mon)
 		if err != nil {
-			return "", fmt.Errorf("rbd: map failed %v, rbd output: %s", err, string(output))
+			if !nbdToolsFound {
+				glog.V(1).Infof("rbd: map error %v, rbd output: %s", err, string(output))
+				return "", fmt.Errorf("rbd: map failed %v, rbd output: %s", err, string(output))
+			}
+			glog.V(3).Infof("rbd: map failed with %v, %s. Retrying with rbd-nbd", err, string(output))
+			errList := []error{err}
+			outputList := output
+			output, err = execRbdMap(b, "rbd-nbd", mon)
+			if err != nil {
+				errList = append(errList, err)
+				outputList = append(outputList, output...)
+				return "", fmt.Errorf("rbd: map failed %v, rbd output: %s", errors.NewAggregate(errList), string(outputList))
+			}
+			devicePath, mapped = waitForPath(b.Pool, b.Image, 10 /*maxRetries*/, true /*useNbdDrive*/)
+		} else {
+			devicePath, mapped = waitForPath(b.Pool, b.Image, 10 /*maxRetries*/, false /*useNbdDriver*/)
 		}
-		devicePath, found = waitForPath(b.Pool, b.Image, 10)
-		if !found {
+		if !mapped {
 			return "", fmt.Errorf("Could not map image %s/%s, Timeout after 10s", b.Pool, b.Image)
 		}
 	}
@@ -312,9 +444,21 @@ func (util *RBDUtil) DetachDisk(plugin *rbdPlugin, deviceMountPath string, devic
 	if len(device) == 0 {
 		return fmt.Errorf("DetachDisk failed , device is empty")
 	}
-	// rbd unmap
+
 	exec := plugin.host.GetExec(plugin.GetPluginName())
-	output, err := exec.Run("rbd", "unmap", device)
+
+	var rbdCmd string
+
+	// Unlike map, we cannot fallthrough for unmap
+	// the tool to unmap is based on device type
+	if strings.HasPrefix(device, "/dev/nbd") {
+		rbdCmd = "rbd-nbd"
+	} else {
+		rbdCmd = "rbd"
+	}
+
+	// rbd unmap
+	output, err := exec.Run(rbdCmd, "unmap", device)
 	if err != nil {
 		return rbdErrors(err, fmt.Errorf("rbd: failed to unmap device %s, error %v, rbd output: %v", device, err, output))
 	}
@@ -339,11 +483,54 @@ func (util *RBDUtil) DetachDisk(plugin *rbdPlugin, deviceMountPath string, devic
 	return nil
 }
 
+// DetachBlockDisk detaches the disk from the node.
+func (util *RBDUtil) DetachBlockDisk(disk rbdDiskUnmapper, mapPath string) error {
+
+	if pathExists, pathErr := volutil.PathExists(mapPath); pathErr != nil {
+		return fmt.Errorf("Error checking if path exists: %v", pathErr)
+	} else if !pathExists {
+		glog.Warningf("Warning: Unmap skipped because path does not exist: %v", mapPath)
+		return nil
+	}
+	// If we arrive here, device is no longer used, see if we need to logout of the target
+	device, err := getBlockVolumeDevice(mapPath)
+	if err != nil {
+		return err
+	}
+
+	if len(device) == 0 {
+		return fmt.Errorf("DetachDisk failed , device is empty")
+	}
+
+	exec := disk.plugin.host.GetExec(disk.plugin.GetPluginName())
+
+	var rbdCmd string
+
+	// Unlike map, we cannot fallthrough here.
+	// Any nbd device must be unmapped by rbd-nbd
+	if strings.HasPrefix(device, "/dev/nbd") {
+		rbdCmd = "rbd-nbd"
+		glog.V(4).Infof("rbd: using rbd-nbd for unmap function")
+	} else {
+		rbdCmd = "rbd"
+		glog.V(4).Infof("rbd: using rbd for unmap function")
+	}
+
+	// rbd unmap
+	output, err := exec.Run(rbdCmd, "unmap", device)
+	if err != nil {
+		return rbdErrors(err, fmt.Errorf("rbd: failed to unmap device %s, error %v, rbd output: %s", device, err, string(output)))
+	}
+	glog.V(3).Infof("rbd: successfully unmap device %s", device)
+
+	return nil
+}
+
 // cleanOldRBDFile read rbd info from rbd.json file and removes lock if found.
 // At last, it removes rbd.json file.
 func (util *RBDUtil) cleanOldRBDFile(plugin *rbdPlugin, rbdFile string) error {
 	mounter := &rbdMounter{
-		// util.rbdLock needs it to run command.
+		// util.rbdUnlock needs it to run command.
 		rbd: newRBD("", "", "", "", false, plugin, util),
 	}
 	fp, err := os.Open(rbdFile)
@@ -361,10 +548,10 @@ func (util *RBDUtil) cleanOldRBDFile(plugin *rbdPlugin, rbdFile string) error {
 		glog.Errorf("failed to load rbd info from %s: %v", rbdFile, err)
 		return err
 	}
-	// remove rbd lock if found
-	// the disk is not attached to this node anymore, so the lock on image
-	// for this node can be removed safely
-	err = util.rbdLock(*mounter, false)
+	// Remove rbd lock if found.
+	// The disk is not attached to this node anymore, so the lock on image
+	// for this node can be removed safely.
+	err = util.rbdUnlock(*mounter)
 	if err == nil {
 		os.Remove(rbdFile)
 	}
@@ -375,37 +562,26 @@ func (util *RBDUtil) CreateImage(p *rbdVolumeProvisioner) (r *v1.RBDPersistentVo
 	var output []byte
 	capacity := p.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)]
 	volSizeBytes := capacity.Value()
-	// convert to MB that rbd defaults on
-	sz := int(volume.RoundUpSize(volSizeBytes, 1024*1024))
+	// Convert to MB that rbd defaults on.
+	sz := int(volutil.RoundUpSize(volSizeBytes, 1024*1024))
 	volSz := fmt.Sprintf("%d", sz)
-	// rbd create
-	l := len(p.rbdMounter.Mon)
-	// pick a mon randomly
-	start := rand.Int() % l
-	// iterate all monitors until create succeeds.
-	for i := start; i < start+l; i++ {
-		mon := p.Mon[i%l]
-		if p.rbdMounter.imageFormat == rbdImageFormat2 {
-			glog.V(4).Infof("rbd: create %s size %s format %s (features: %s) using mon %s, pool %s id %s key %s", p.rbdMounter.Image, volSz, p.rbdMounter.imageFormat, p.rbdMounter.imageFeatures, mon, p.rbdMounter.Pool, p.rbdMounter.adminId, p.rbdMounter.adminSecret)
-		} else {
-			glog.V(4).Infof("rbd: create %s size %s format %s using mon %s, pool %s id %s key %s", p.rbdMounter.Image, volSz, p.rbdMounter.imageFormat, mon, p.rbdMounter.Pool, p.rbdMounter.adminId, p.rbdMounter.adminSecret)
-		}
-		args := []string{"create", p.rbdMounter.Image, "--size", volSz, "--pool", p.rbdMounter.Pool, "--id", p.rbdMounter.adminId, "-m", mon, "--key=" + p.rbdMounter.adminSecret, "--image-format", p.rbdMounter.imageFormat}
-		if p.rbdMounter.imageFormat == rbdImageFormat2 {
-			// if no image features is provided, it results in empty string
-			// which disable all RBD image format 2 features as we expected
-			features := strings.Join(p.rbdMounter.imageFeatures, ",")
-			args = append(args, "--image-feature", features)
-		}
-		output, err = p.exec.Run("rbd", args...)
-		if err == nil {
-			break
-		} else {
-			glog.Warningf("failed to create rbd image, output %v", string(output))
-		}
+	mon := util.kernelRBDMonitorsOpt(p.Mon)
+	if p.rbdMounter.imageFormat == rbdImageFormat2 {
+		glog.V(4).Infof("rbd: create %s size %s format %s (features: %s) using mon %s, pool %s id %s key %s", p.rbdMounter.Image, volSz, p.rbdMounter.imageFormat, p.rbdMounter.imageFeatures, mon, p.rbdMounter.Pool, p.rbdMounter.adminId, p.rbdMounter.adminSecret)
+	} else {
+		glog.V(4).Infof("rbd: create %s size %s format %s using mon %s, pool %s id %s key %s", p.rbdMounter.Image, volSz, p.rbdMounter.imageFormat, mon, p.rbdMounter.Pool, p.rbdMounter.adminId, p.rbdMounter.adminSecret)
+	}
+	args := []string{"create", p.rbdMounter.Image, "--size", volSz, "--pool", p.rbdMounter.Pool, "--id", p.rbdMounter.adminId, "-m", mon, "--key=" + p.rbdMounter.adminSecret, "--image-format", p.rbdMounter.imageFormat}
+	if p.rbdMounter.imageFormat == rbdImageFormat2 {
+		// If no image features is provided, it results in empty string
+		// which disable all RBD image format 2 features as expected.
+		features := strings.Join(p.rbdMounter.imageFeatures, ",")
+		args = append(args, "--image-feature", features)
 	}
+	output, err = p.exec.Run("rbd", args...)
 
 	if err != nil {
+		glog.Warningf("failed to create rbd image, output %v", string(output))
 		return nil, 0, fmt.Errorf("failed to create rbd image: %v, command output: %s", err, string(output))
 	}
 
@@ -426,36 +602,30 @@ func (util *RBDUtil) DeleteImage(p *rbdVolumeDeleter) error {
 		glog.Info("rbd is still being used ", p.rbdMounter.Image)
 		return fmt.Errorf("rbd image %s/%s is still being used, rbd output: %v", p.rbdMounter.Pool, p.rbdMounter.Image, rbdOutput)
 	}
-	// rbd rm
-	l := len(p.rbdMounter.Mon)
-	// pick a mon randomly
-	start := rand.Int() % l
-	// iterate all monitors until rm succeeds.
-	for i := start; i < start+l; i++ {
-		mon := p.rbdMounter.Mon[i%l]
-		glog.V(4).Infof("rbd: rm %s using mon %s, pool %s id %s key %s", p.rbdMounter.Image, mon, p.rbdMounter.Pool, p.rbdMounter.adminId, p.rbdMounter.adminSecret)
-		output, err = p.exec.Run("rbd",
-			"rm", p.rbdMounter.Image, "--pool", p.rbdMounter.Pool, "--id", p.rbdMounter.adminId, "-m", mon, "--key="+p.rbdMounter.adminSecret)
-		if err == nil {
-			return nil
-		} else {
-			glog.Errorf("failed to delete rbd image: %v, command output: %s", err, string(output))
-		}
+	// rbd rm.
+	mon := util.kernelRBDMonitorsOpt(p.rbdMounter.Mon)
+	glog.V(4).Infof("rbd: rm %s using mon %s, pool %s id %s key %s", p.rbdMounter.Image, mon, p.rbdMounter.Pool, p.rbdMounter.adminId, p.rbdMounter.adminSecret)
+	output, err = p.exec.Run("rbd",
+		"rm", p.rbdMounter.Image, "--pool", p.rbdMounter.Pool, "--id", p.rbdMounter.adminId, "-m", mon, "--key="+p.rbdMounter.adminSecret)
+	if err == nil {
+		return nil
 	}
+
+	glog.Errorf("failed to delete rbd image: %v, command output: %s", err, string(output))
 	return fmt.Errorf("error %v, rbd output: %v", err, string(output))
 }
 
-// ExpandImage runs rbd resize command to resize the specified image
+// ExpandImage runs rbd resize command to resize the specified image.
 func (util *RBDUtil) ExpandImage(rbdExpander *rbdVolumeExpander, oldSize resource.Quantity, newSize resource.Quantity) (resource.Quantity, error) {
 	var output []byte
 	var err error
 	volSizeBytes := newSize.Value()
-	// convert to MB that rbd defaults on
-	sz := int(volume.RoundUpSize(volSizeBytes, 1024*1024))
+	// Convert to MB that rbd defaults on.
+	sz := int(volutil.RoundUpSize(volSizeBytes, 1024*1024))
 	newVolSz := fmt.Sprintf("%d", sz)
 	newSizeQuant := resource.MustParse(fmt.Sprintf("%dMi", sz))
 
-	// check the current size of rbd image, if equals to or greater that the new request size, do nothing
+	// Check the current size of rbd image, if equals to or greater that the new request size, do nothing.
 	curSize, infoErr := util.rbdInfo(rbdExpander.rbdMounter)
 	if infoErr != nil {
 		return oldSize, fmt.Errorf("rbd info failed, error: %v", infoErr)
@@ -464,26 +634,20 @@ func (util *RBDUtil) ExpandImage(rbdExpander *rbdVolumeExpander, oldSize resourc
 		return newSizeQuant, nil
 	}
 
-	// rbd resize
-	l := len(rbdExpander.rbdMounter.Mon)
-	// pick a mon randomly
-	start := rand.Int() % l
-	// iterate all monitors until resize succeeds.
-	for i := start; i < start+l; i++ {
-		mon := rbdExpander.rbdMounter.Mon[i%l]
-		glog.V(4).Infof("rbd: resize %s using mon %s, pool %s id %s key %s", rbdExpander.rbdMounter.Image, mon, rbdExpander.rbdMounter.Pool, rbdExpander.rbdMounter.adminId, rbdExpander.rbdMounter.adminSecret)
-		output, err = rbdExpander.exec.Run("rbd",
-			"resize", rbdExpander.rbdMounter.Image, "--size", newVolSz, "--pool", rbdExpander.rbdMounter.Pool, "--id", rbdExpander.rbdMounter.adminId, "-m", mon, "--key="+rbdExpander.rbdMounter.adminSecret)
-		if err == nil {
-			return newSizeQuant, nil
-		} else {
-			glog.Errorf("failed to resize rbd image: %v, command output: %s", err, string(output))
-		}
+	// rbd resize.
+	mon := util.kernelRBDMonitorsOpt(rbdExpander.rbdMounter.Mon)
+	glog.V(4).Infof("rbd: resize %s using mon %s, pool %s id %s key %s", rbdExpander.rbdMounter.Image, mon, rbdExpander.rbdMounter.Pool, rbdExpander.rbdMounter.adminId, rbdExpander.rbdMounter.adminSecret)
+	output, err = rbdExpander.exec.Run("rbd",
+		"resize", rbdExpander.rbdMounter.Image, "--size", newVolSz, "--pool", rbdExpander.rbdMounter.Pool, "--id", rbdExpander.rbdMounter.adminId, "-m", mon, "--key="+rbdExpander.rbdMounter.adminSecret)
+	if err == nil {
+		return newSizeQuant, nil
 	}
+
+	glog.Errorf("failed to resize rbd image: %v, command output: %s", err, string(output))
 	return oldSize, err
 }
 
-// rbdInfo runs `rbd info` command to get the current image size in MB
+// rbdInfo runs `rbd info` command to get the current image size in MB.
 func (util *RBDUtil) rbdInfo(b *rbdMounter) (int, error) {
 	var err error
 	var output string
@@ -497,44 +661,34 @@ func (util *RBDUtil) rbdInfo(b *rbdMounter) (int, error) {
 		secret = b.Secret
 	}
 
-	l := len(b.Mon)
-	start := rand.Int() % l
-	// iterate all hosts until rbd command succeeds.
-	for i := start; i < start+l; i++ {
-		mon := b.Mon[i%l]
-		// cmd "rbd info" get the image info with the following output:
-		//
-		// # image exists (exit=0)
-		// rbd info volume-4a5bcc8b-2b55-46da-ba04-0d3dc5227f08
-		//    size 1024 MB in 256 objects
-		//    order 22 (4096 kB objects)
-		// 	  block_name_prefix: rbd_data.1253ac238e1f29
-		//    format: 2
-		//    ...
-		//
-		//  rbd info volume-4a5bcc8b-2b55-46da-ba04-0d3dc5227f08 --format json
-		// {"name":"volume-4a5bcc8b-2b55-46da-ba04-0d3dc5227f08","size":1073741824,"objects":256,"order":22,"object_size":4194304,"block_name_prefix":"rbd_data.1253ac238e1f29","format":2,"features":["layering","exclusive-lock","object-map","fast-diff","deep-flatten"],"flags":[]}
-		//
-		//
-		// # image does not exist (exit=2)
-		// rbd: error opening image 1234: (2) No such file or directory
-		//
-		glog.V(4).Infof("rbd: info %s using mon %s, pool %s id %s key %s", b.Image, mon, b.Pool, id, secret)
-		cmd, err = b.exec.Run("rbd",
-			"info", b.Image, "--pool", b.Pool, "-m", mon, "--id", id, "--key="+secret)
-		output = string(cmd)
-
-		// break if command succeeds
-		if err == nil {
-			break
-		}
-
-		if err, ok := err.(*exec.Error); ok {
-			if err.Err == exec.ErrNotFound {
-				glog.Errorf("rbd cmd not found")
-				// fail fast if command not found
-				return 0, err
-			}
+	mon := util.kernelRBDMonitorsOpt(b.Mon)
+	// cmd "rbd info" get the image info with the following output:
+	//
+	// # image exists (exit=0)
+	// rbd info volume-4a5bcc8b-2b55-46da-ba04-0d3dc5227f08
+	//    size 1024 MB in 256 objects
+	//    order 22 (4096 kB objects)
+	// 	  block_name_prefix: rbd_data.1253ac238e1f29
+	//    format: 2
+	//    ...
+	//
+	//  rbd info volume-4a5bcc8b-2b55-46da-ba04-0d3dc5227f08 --format json
+	// {"name":"volume-4a5bcc8b-2b55-46da-ba04-0d3dc5227f08","size":1073741824,"objects":256,"order":22,"object_size":4194304,"block_name_prefix":"rbd_data.1253ac238e1f29","format":2,"features":["layering","exclusive-lock","object-map","fast-diff","deep-flatten"],"flags":[]}
+	//
+	//
+	// # image does not exist (exit=2)
+	// rbd: error opening image 1234: (2) No such file or directory
+	//
+	glog.V(4).Infof("rbd: info %s using mon %s, pool %s id %s key %s", b.Image, mon, b.Pool, id, secret)
+	cmd, err = b.exec.Run("rbd",
+		"info", b.Image, "--pool", b.Pool, "-m", mon, "--id", id, "--key="+secret)
+	output = string(cmd)
+
+	if err, ok := err.(*exec.Error); ok {
+		if err.Err == exec.ErrNotFound {
+			glog.Errorf("rbd cmd not found")
+			// fail fast if rbd command is not found.
+			return 0, err
 		}
 	}
 
@@ -547,7 +701,7 @@ func (util *RBDUtil) rbdInfo(b *rbdMounter) (int, error) {
 		return 0, fmt.Errorf("can not get image size info %s: %s", b.Image, output)
 	}
 
-	// get the size value string, just between `size ` and ` MB in`, such as `size 1024 MB in 256 objects`
+	// Get the size value string, just between `size ` and ` MB in`, such as `size 1024 MB in 256 objects`.
 	sizeIndex := strings.Index(output, imageSizeStr)
 	divIndex := strings.Index(output, sizeDivStr)
 	if sizeIndex == -1 || divIndex == -1 || divIndex <= sizeIndex+5 {
@@ -576,41 +730,31 @@ func (util *RBDUtil) rbdStatus(b *rbdMounter) (bool, string, error) {
 		secret = b.Secret
 	}
 
-	l := len(b.Mon)
-	start := rand.Int() % l
-	// iterate all hosts until rbd command succeeds.
-	for i := start; i < start+l; i++ {
-		mon := b.Mon[i%l]
-		// cmd "rbd status" list the rbd client watch with the following output:
-		//
-		// # there is a watcher (exit=0)
-		// Watchers:
-		//   watcher=10.16.153.105:0/710245699 client.14163 cookie=1
-		//
-		// # there is no watcher (exit=0)
-		// Watchers: none
-		//
-		// Otherwise, exit is non-zero, for example:
-		//
-		// # image does not exist (exit=2)
-		// rbd: error opening image kubernetes-dynamic-pvc-<UUID>: (2) No such file or directory
-		//
-		glog.V(4).Infof("rbd: status %s using mon %s, pool %s id %s key %s", b.Image, mon, b.Pool, id, secret)
-		cmd, err = b.exec.Run("rbd",
-			"status", b.Image, "--pool", b.Pool, "-m", mon, "--id", id, "--key="+secret)
-		output = string(cmd)
-
-		// break if command succeeds
-		if err == nil {
-			break
-		}
-
-		if err, ok := err.(*exec.Error); ok {
-			if err.Err == exec.ErrNotFound {
-				glog.Errorf("rbd cmd not found")
-				// fail fast if command not found
-				return false, output, err
-			}
+	mon := util.kernelRBDMonitorsOpt(b.Mon)
+	// cmd "rbd status" list the rbd client watch with the following output:
+	//
+	// # there is a watcher (exit=0)
+	// Watchers:
+	//   watcher=10.16.153.105:0/710245699 client.14163 cookie=1
+	//
+	// # there is no watcher (exit=0)
+	// Watchers: none
+	//
+	// Otherwise, exit is non-zero, for example:
+	//
+	// # image does not exist (exit=2)
+	// rbd: error opening image kubernetes-dynamic-pvc-<UUID>: (2) No such file or directory
+	//
+	glog.V(4).Infof("rbd: status %s using mon %s, pool %s id %s key %s", b.Image, mon, b.Pool, id, secret)
+	cmd, err = b.exec.Run("rbd",
+		"status", b.Image, "--pool", b.Pool, "-m", mon, "--id", id, "--key="+secret)
+	output = string(cmd)
+
+	if err, ok := err.(*exec.Error); ok {
+		if err.Err == exec.ErrNotFound {
+			glog.Errorf("rbd cmd not found")
+			// fail fast if command not found
+			return false, output, err
 		}
 	}
 
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/scaleio/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/scaleio/BUILD
index 5c103e6e268d..b6c80d8df2c5 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/scaleio/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/scaleio/BUILD
@@ -13,8 +13,7 @@ go_test(
         "sio_util_test.go",
         "sio_volume_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/volume/scaleio",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
@@ -46,7 +45,6 @@ go_library(
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
         "//vendor/github.com/codedellemc/goscaleio:go_default_library",
         "//vendor/github.com/codedellemc/goscaleio/types/v1:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/scaleio/sio_client.go b/vendor/k8s.io/kubernetes/pkg/volume/scaleio/sio_client.go
index 18b8ffb5b18f..b64d03482879 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/scaleio/sio_client.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/scaleio/sio_client.go
@@ -317,7 +317,7 @@ func (c *sioClient) IID() (string, error) {
 }
 
 // getGuid returns instance GUID, if not set using resource labels
-// it attemps to fallback to using drv_cfg binary
+// it attempts to fallback to using drv_cfg binary
 func (c *sioClient) getGuid() (string, error) {
 	if c.sdcGuid == "" {
 		glog.V(4).Info(log("sdc guid label not set, falling back to using drv_cfg"))
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/scaleio/sio_volume.go b/vendor/k8s.io/kubernetes/pkg/volume/scaleio/sio_volume.go
index 0d0d35608bd2..b7f02701118d 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/scaleio/sio_volume.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/scaleio/sio_volume.go
@@ -33,7 +33,6 @@ import (
 	kstrings "k8s.io/kubernetes/pkg/util/strings"
 	"k8s.io/kubernetes/pkg/volume"
 	"k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 type sioVolume struct {
@@ -142,7 +141,7 @@ func (v *sioVolume) SetUpAt(dir string, fsGroup *int64) error {
 	}
 	glog.V(4).Info(log("setup created mount point directory %s", dir))
 
-	diskMounter := volumehelper.NewSafeFormatAndMountFromHost(v.plugin.GetPluginName(), v.plugin.host)
+	diskMounter := util.NewSafeFormatAndMountFromHost(v.plugin.GetPluginName(), v.plugin.host)
 	err = diskMounter.FormatAndMount(devicePath, dir, v.fsType, options)
 
 	if err != nil {
@@ -256,7 +255,7 @@ var _ volume.Provisioner = &sioVolume{}
 func (v *sioVolume) Provision() (*api.PersistentVolume, error) {
 	glog.V(4).Info(log("attempting to dynamically provision pvc %v", v.options.PVC.Name))
 
-	if !volume.AccessModesContainedInAll(v.plugin.GetAccessModes(), v.options.PVC.Spec.AccessModes) {
+	if !util.AccessModesContainedInAll(v.plugin.GetAccessModes(), v.options.PVC.Spec.AccessModes) {
 		return nil, fmt.Errorf("invalid AccessModes %v: only AccessModes %v are supported", v.options.PVC.Spec.AccessModes, v.plugin.GetAccessModes())
 	}
 
@@ -267,14 +266,14 @@ func (v *sioVolume) Provision() (*api.PersistentVolume, error) {
 
 	capacity := v.options.PVC.Spec.Resources.Requests[api.ResourceName(api.ResourceStorage)]
 	volSizeBytes := capacity.Value()
-	volSizeGB := int64(volume.RoundUpSize(volSizeBytes, oneGig))
+	volSizeGB := int64(util.RoundUpSize(volSizeBytes, oneGig))
 
 	if volSizeBytes == 0 {
 		return nil, fmt.Errorf("invalid volume size of 0 specified")
 	}
 
 	if volSizeBytes < eightGig {
-		volSizeGB = int64(volume.RoundUpSize(eightGig, oneGig))
+		volSizeGB = int64(util.RoundUpSize(eightGig, oneGig))
 		glog.V(4).Info(log("capacity less than 8Gi found, adjusted to %dGi", volSizeGB))
 
 	}
@@ -314,7 +313,7 @@ func (v *sioVolume) Provision() (*api.PersistentVolume, error) {
 			Namespace: v.options.PVC.Namespace,
 			Labels:    map[string]string{},
 			Annotations: map[string]string{
-				volumehelper.VolumeDynamicallyCreatedByKey: "scaleio-dynamic-provisioner",
+				util.VolumeDynamicallyCreatedByKey: "scaleio-dynamic-provisioner",
 			},
 		},
 		Spec: api.PersistentVolumeSpec{
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/secret/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/secret/BUILD
index 9fc423f420a8..122d65fecb76 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/secret/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/secret/BUILD
@@ -30,8 +30,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["secret_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/volume/secret",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/volume:go_default_library",
         "//pkg/volume/empty_dir:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/secret/secret.go b/vendor/k8s.io/kubernetes/pkg/volume/secret/secret.go
index dbfdfb48ab9d..c8146d844221 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/secret/secret.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/secret/secret.go
@@ -306,7 +306,7 @@ func (c *secretVolumeUnmounter) TearDown() error {
 }
 
 func (c *secretVolumeUnmounter) TearDownAt(dir string) error {
-	return volume.UnmountViaEmptyDir(dir, c.plugin.host, c.volName, wrappedVolumeSpec(), c.podUID)
+	return volumeutil.UnmountViaEmptyDir(dir, c.plugin.host, c.volName, wrappedVolumeSpec(), c.podUID)
 }
 
 func getVolumeSource(spec *volume.Spec) (*v1.SecretVolumeSource, bool) {
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/storageos/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/storageos/BUILD
index a66bdc936e35..bff52a9eac9e 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/storageos/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/storageos/BUILD
@@ -19,7 +19,6 @@ go_library(
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/storageos/go-api:go_default_library",
         "//vendor/github.com/storageos/go-api/types:go_default_library",
@@ -37,8 +36,7 @@ go_test(
         "storageos_test.go",
         "storageos_util_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/volume/storageos",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/util/mount:go_default_library",
         "//pkg/volume:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/storageos/storageos.go b/vendor/k8s.io/kubernetes/pkg/volume/storageos/storageos.go
index 532ccd289878..a814c438dd15 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/storageos/storageos.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/storageos/storageos.go
@@ -35,7 +35,6 @@ import (
 	kstrings "k8s.io/kubernetes/pkg/util/strings"
 	"k8s.io/kubernetes/pkg/volume"
 	"k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 // ProbeVolumePlugins is the primary entrypoint for volume plugins.
@@ -54,7 +53,7 @@ var _ volume.ProvisionableVolumePlugin = &storageosPlugin{}
 
 const (
 	storageosPluginName = "kubernetes.io/storageos"
-	storageosDevicePath = "/var/lib/storageos/volumes"
+	defaultDeviceDir    = "/var/lib/storageos/volumes"
 	defaultAPIAddress   = "tcp://localhost:5705"
 	defaultAPIUser      = "storageos"
 	defaultAPIPassword  = "storageos"
@@ -136,8 +135,8 @@ func (plugin *storageosPlugin) newMounterInternal(spec *volume.Spec, pod *v1.Pod
 			plugin:          plugin,
 			MetricsProvider: volume.NewMetricsStatFS(getPath(pod.UID, volNamespace, volName, spec.Name(), plugin.host)),
 		},
-		devicePath:  storageosDevicePath,
-		diskMounter: &mount.SafeFormatAndMount{Interface: mounter, Exec: exec},
+		diskMounter:  &mount.SafeFormatAndMount{Interface: mounter, Exec: exec},
+		mountOptions: util.MountOptionFromSpec(spec),
 	}, nil
 }
 
@@ -249,7 +248,7 @@ func (plugin *storageosPlugin) ConstructVolumeSpec(volumeName, mountPath string)
 }
 
 func (plugin *storageosPlugin) SupportsMountOption() bool {
-	return false
+	return true
 }
 
 func (plugin *storageosPlugin) SupportsBulkVolumeVerification() bool {
@@ -286,6 +285,8 @@ type storageosManager interface {
 	UnmountVolume(unounter *storageosUnmounter) error
 	// Deletes the storageos volume.  All data will be lost.
 	DeleteVolume(deleter *storageosDeleter) error
+	// Gets the node's device path.
+	DeviceDir(mounter *storageosMounter) string
 }
 
 // storageos volumes represent a bare host directory mount of an StorageOS export.
@@ -312,9 +313,13 @@ type storageos struct {
 
 type storageosMounter struct {
 	*storageos
-	devicePath string
+
+	// The directory containing the StorageOS devices
+	deviceDir string
+
 	// Interface used to mount the file or block device
-	diskMounter *mount.SafeFormatAndMount
+	diskMounter  *mount.SafeFormatAndMount
+	mountOptions []string
 }
 
 var _ volume.Mounter = &storageosMounter{}
@@ -383,11 +388,12 @@ func (b *storageosMounter) SetUpAt(dir string, fsGroup *int64) error {
 	if b.readOnly {
 		options = append(options, "ro")
 	}
+	mountOptions := util.JoinMountOptions(b.mountOptions, options)
 
 	globalPDPath := makeGlobalPDName(b.plugin.host, b.pvName, b.volNamespace, b.volName)
 	glog.V(4).Infof("Attempting to bind mount to pod volume at %s", dir)
 
-	err = b.mounter.Mount(globalPDPath, dir, "", options)
+	err = b.mounter.Mount(globalPDPath, dir, "", mountOptions)
 	if err != nil {
 		notMnt, mntErr := b.mounter.IsLikelyNotMountPoint(dir)
 		if mntErr != nil {
@@ -555,7 +561,7 @@ type storageosProvisioner struct {
 var _ volume.Provisioner = &storageosProvisioner{}
 
 func (c *storageosProvisioner) Provision() (*v1.PersistentVolume, error) {
-	if !volume.AccessModesContainedInAll(c.plugin.GetAccessModes(), c.options.PVC.Spec.AccessModes) {
+	if !util.AccessModesContainedInAll(c.plugin.GetAccessModes(), c.options.PVC.Spec.AccessModes) {
 		return nil, fmt.Errorf("invalid AccessModes %v: only AccessModes %v are supported", c.options.PVC.Spec.AccessModes, c.plugin.GetAccessModes())
 	}
 
@@ -593,7 +599,7 @@ func (c *storageosProvisioner) Provision() (*v1.PersistentVolume, error) {
 		c.labels[k] = v
 	}
 	capacity := c.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)]
-	c.sizeGB = int(volume.RoundUpSize(capacity.Value(), 1024*1024*1024))
+	c.sizeGB = int(util.RoundUpSize(capacity.Value(), 1024*1024*1024))
 
 	apiCfg, err := parsePVSecret(adminSecretNamespace, adminSecretName, c.plugin.host.GetKubeClient())
 	if err != nil {
@@ -615,7 +621,7 @@ func (c *storageosProvisioner) Provision() (*v1.PersistentVolume, error) {
 			Name:   vol.Name,
 			Labels: map[string]string{},
 			Annotations: map[string]string{
-				volumehelper.VolumeDynamicallyCreatedByKey: "storageos-dynamic-provisioner",
+				util.VolumeDynamicallyCreatedByKey: "storageos-dynamic-provisioner",
 			},
 		},
 		Spec: v1.PersistentVolumeSpec{
@@ -636,6 +642,7 @@ func (c *storageosProvisioner) Provision() (*v1.PersistentVolume, error) {
 					},
 				},
 			},
+			MountOptions: c.options.MountOptions,
 		},
 	}
 	if len(c.options.PVC.Spec.AccessModes) == 0 {
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/storageos/storageos_util.go b/vendor/k8s.io/kubernetes/pkg/volume/storageos/storageos_util.go
index 107ba8590134..beac89240871 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/storageos/storageos_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/storageos/storageos_util.go
@@ -69,6 +69,7 @@ type apiImplementer interface {
 	VolumeMount(opts storageostypes.VolumeMountOptions) error
 	VolumeUnmount(opts storageostypes.VolumeUnmountOptions) error
 	VolumeDelete(opt storageostypes.DeleteOptions) error
+	Controller(ref string) (*storageostypes.Controller, error)
 }
 
 // storageosUtil is the utility structure to interact with the StorageOS API.
@@ -148,6 +149,12 @@ func (u *storageosUtil) AttachVolume(b *storageosMounter) (string, error) {
 		return "", err
 	}
 
+	// Get the node's device path from the API, falling back to the default if
+	// not set on the node.
+	if b.deviceDir == "" {
+		b.deviceDir = u.DeviceDir(b)
+	}
+
 	vol, err := u.api.Volume(b.volNamespace, b.volName)
 	if err != nil {
 		glog.Warningf("volume retrieve failed for volume %q with namespace %q (%v)", b.volName, b.volNamespace, err)
@@ -167,12 +174,13 @@ func (u *storageosUtil) AttachVolume(b *storageosMounter) (string, error) {
 		}
 	}
 
-	srcPath := path.Join(b.devicePath, vol.ID)
+	srcPath := path.Join(b.deviceDir, vol.ID)
 	dt, err := pathDeviceType(srcPath)
 	if err != nil {
 		glog.Warningf("volume source path %q for volume %q not ready (%v)", srcPath, b.volName, err)
 		return "", err
 	}
+
 	switch dt {
 	case modeBlock:
 		return srcPath, nil
@@ -277,6 +285,22 @@ func (u *storageosUtil) DeleteVolume(d *storageosDeleter) error {
 	return u.api.VolumeDelete(opts)
 }
 
+// Get the node's device path from the API, falling back to the default if not
+// specified.
+func (u *storageosUtil) DeviceDir(b *storageosMounter) string {
+
+	ctrl, err := u.api.Controller(b.plugin.host.GetHostName())
+	if err != nil {
+		glog.Warningf("node device path lookup failed: %v", err)
+		return defaultDeviceDir
+	}
+	if ctrl == nil || ctrl.DeviceDir == "" {
+		glog.Warningf("node device path not set, using default: %s", defaultDeviceDir)
+		return defaultDeviceDir
+	}
+	return ctrl.DeviceDir
+}
+
 // pathMode returns the FileMode for a path.
 func pathDeviceType(path string) (deviceType, error) {
 	fi, err := os.Stat(path)
@@ -332,7 +356,7 @@ func getLoopDevice(path string, exec mount.Exec) (string, error) {
 }
 
 func makeLoopDevice(path string, exec mount.Exec) (string, error) {
-	args := []string{"-f", "--show", path}
+	args := []string{"-f", "-P", "--show", path}
 	out, err := exec.Run(losetupPath, args...)
 	if err != nil {
 		glog.V(2).Infof("Failed device create command for path %s: %v", path, err)
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util.go b/vendor/k8s.io/kubernetes/pkg/volume/util.go
deleted file mode 100644
index 0baea012073a..000000000000
--- a/vendor/k8s.io/kubernetes/pkg/volume/util.go
+++ /dev/null
@@ -1,506 +0,0 @@
-/*
-Copyright 2014 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package volume
-
-import (
-	"fmt"
-	"reflect"
-
-	"k8s.io/api/core/v1"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/fields"
-	"k8s.io/apimachinery/pkg/watch"
-	clientset "k8s.io/client-go/kubernetes"
-
-	"hash/fnv"
-	"math/rand"
-	"strconv"
-	"strings"
-
-	"github.com/golang/glog"
-	"k8s.io/apimachinery/pkg/api/errors"
-	"k8s.io/apimachinery/pkg/api/resource"
-	"k8s.io/apimachinery/pkg/types"
-	"k8s.io/apimachinery/pkg/util/sets"
-)
-
-type RecycleEventRecorder func(eventtype, message string)
-
-// RecycleVolumeByWatchingPodUntilCompletion is intended for use with volume
-// Recyclers. This function will save the given Pod to the API and watch it
-// until it completes, fails, or the pod's ActiveDeadlineSeconds is exceeded,
-// whichever comes first. An attempt to delete a recycler pod is always
-// attempted before returning.
-//
-// In case there is a pod with the same namespace+name already running, this
-// function deletes it as it is not able to judge if it is an old recycler
-// or user has forged a fake recycler to block Kubernetes from recycling.//
-//
-//  pod - the pod designed by a volume plugin to recycle the volume. pod.Name
-//        will be overwritten with unique name based on PV.Name.
-//	client - kube client for API operations.
-func RecycleVolumeByWatchingPodUntilCompletion(pvName string, pod *v1.Pod, kubeClient clientset.Interface, recorder RecycleEventRecorder) error {
-	return internalRecycleVolumeByWatchingPodUntilCompletion(pvName, pod, newRecyclerClient(kubeClient, recorder))
-}
-
-// same as above func comments, except 'recyclerClient' is a narrower pod API
-// interface to ease testing
-func internalRecycleVolumeByWatchingPodUntilCompletion(pvName string, pod *v1.Pod, recyclerClient recyclerClient) error {
-	glog.V(5).Infof("creating recycler pod for volume %s\n", pod.Name)
-
-	// Generate unique name for the recycler pod - we need to get "already
-	// exists" error when a previous controller has already started recycling
-	// the volume. Here we assume that pv.Name is already unique.
-	pod.Name = "recycler-for-" + pvName
-	pod.GenerateName = ""
-
-	stopChannel := make(chan struct{})
-	defer close(stopChannel)
-	podCh, err := recyclerClient.WatchPod(pod.Name, pod.Namespace, stopChannel)
-	if err != nil {
-		glog.V(4).Infof("cannot start watcher for pod %s/%s: %v", pod.Namespace, pod.Name, err)
-		return err
-	}
-
-	// Start the pod
-	_, err = recyclerClient.CreatePod(pod)
-	if err != nil {
-		if errors.IsAlreadyExists(err) {
-			deleteErr := recyclerClient.DeletePod(pod.Name, pod.Namespace)
-			if deleteErr != nil {
-				return fmt.Errorf("failed to delete old recycler pod %s/%s: %s", pod.Namespace, pod.Name, deleteErr)
-			}
-			// Recycler will try again and the old pod will be hopefuly deleted
-			// at that time.
-			return fmt.Errorf("old recycler pod found, will retry later")
-		} else {
-			return fmt.Errorf("unexpected error creating recycler pod:  %+v\n", err)
-		}
-	}
-	err = waitForPod(pod, recyclerClient, podCh)
-
-	// In all cases delete the recycler pod and log its result.
-	glog.V(2).Infof("deleting recycler pod %s/%s", pod.Namespace, pod.Name)
-	deleteErr := recyclerClient.DeletePod(pod.Name, pod.Namespace)
-	if deleteErr != nil {
-		glog.Errorf("failed to delete recycler pod %s/%s: %v", pod.Namespace, pod.Name, err)
-	}
-
-	// Returning recycler error is preferred, the pod will be deleted again on
-	// the next retry.
-	if err != nil {
-		return fmt.Errorf("failed to recycle volume: %s", err)
-	}
-
-	// Recycle succeeded but we failed to delete the recycler pod. Report it,
-	// the controller will re-try recycling the PV again shortly.
-	if deleteErr != nil {
-		return fmt.Errorf("failed to delete recycler pod: %s", deleteErr)
-	}
-
-	return nil
-}
-
-// waitForPod watches the pod it until it finishes and send all events on the
-// pod to the PV.
-func waitForPod(pod *v1.Pod, recyclerClient recyclerClient, podCh <-chan watch.Event) error {
-	for {
-		event, ok := <-podCh
-		if !ok {
-			return fmt.Errorf("recycler pod %q watch channel had been closed", pod.Name)
-		}
-		switch event.Object.(type) {
-		case *v1.Pod:
-			// POD changed
-			pod := event.Object.(*v1.Pod)
-			glog.V(4).Infof("recycler pod update received: %s %s/%s %s", event.Type, pod.Namespace, pod.Name, pod.Status.Phase)
-			switch event.Type {
-			case watch.Added, watch.Modified:
-				if pod.Status.Phase == v1.PodSucceeded {
-					// Recycle succeeded.
-					return nil
-				}
-				if pod.Status.Phase == v1.PodFailed {
-					if pod.Status.Message != "" {
-						return fmt.Errorf(pod.Status.Message)
-					} else {
-						return fmt.Errorf("pod failed, pod.Status.Message unknown.")
-					}
-				}
-
-			case watch.Deleted:
-				return fmt.Errorf("recycler pod was deleted")
-
-			case watch.Error:
-				return fmt.Errorf("recycler pod watcher failed")
-			}
-
-		case *v1.Event:
-			// Event received
-			podEvent := event.Object.(*v1.Event)
-			glog.V(4).Infof("recycler event received: %s %s/%s %s/%s %s", event.Type, podEvent.Namespace, podEvent.Name, podEvent.InvolvedObject.Namespace, podEvent.InvolvedObject.Name, podEvent.Message)
-			if event.Type == watch.Added {
-				recyclerClient.Event(podEvent.Type, podEvent.Message)
-			}
-		}
-	}
-}
-
-// recyclerClient abstracts access to a Pod by providing a narrower interface.
-// This makes it easier to mock a client for testing.
-type recyclerClient interface {
-	CreatePod(pod *v1.Pod) (*v1.Pod, error)
-	GetPod(name, namespace string) (*v1.Pod, error)
-	DeletePod(name, namespace string) error
-	// WatchPod returns a ListWatch for watching a pod.  The stopChannel is used
-	// to close the reflector backing the watch.  The caller is responsible for
-	// derring a close on the channel to stop the reflector.
-	WatchPod(name, namespace string, stopChannel chan struct{}) (<-chan watch.Event, error)
-	// Event sends an event to the volume that is being recycled.
-	Event(eventtype, message string)
-}
-
-func newRecyclerClient(client clientset.Interface, recorder RecycleEventRecorder) recyclerClient {
-	return &realRecyclerClient{
-		client,
-		recorder,
-	}
-}
-
-type realRecyclerClient struct {
-	client   clientset.Interface
-	recorder RecycleEventRecorder
-}
-
-func (c *realRecyclerClient) CreatePod(pod *v1.Pod) (*v1.Pod, error) {
-	return c.client.CoreV1().Pods(pod.Namespace).Create(pod)
-}
-
-func (c *realRecyclerClient) GetPod(name, namespace string) (*v1.Pod, error) {
-	return c.client.CoreV1().Pods(namespace).Get(name, metav1.GetOptions{})
-}
-
-func (c *realRecyclerClient) DeletePod(name, namespace string) error {
-	return c.client.CoreV1().Pods(namespace).Delete(name, nil)
-}
-
-func (c *realRecyclerClient) Event(eventtype, message string) {
-	c.recorder(eventtype, message)
-}
-
-func (c *realRecyclerClient) WatchPod(name, namespace string, stopChannel chan struct{}) (<-chan watch.Event, error) {
-	podSelector, err := fields.ParseSelector("metadata.name=" + name)
-	if err != nil {
-		return nil, err
-	}
-	options := metav1.ListOptions{
-		FieldSelector: podSelector.String(),
-		Watch:         true,
-	}
-
-	podWatch, err := c.client.CoreV1().Pods(namespace).Watch(options)
-	if err != nil {
-		return nil, err
-	}
-
-	eventSelector, _ := fields.ParseSelector("involvedObject.name=" + name)
-	eventWatch, err := c.client.CoreV1().Events(namespace).Watch(metav1.ListOptions{
-		FieldSelector: eventSelector.String(),
-		Watch:         true,
-	})
-	if err != nil {
-		podWatch.Stop()
-		return nil, err
-	}
-
-	eventCh := make(chan watch.Event, 30)
-
-	go func() {
-		defer eventWatch.Stop()
-		defer podWatch.Stop()
-		defer close(eventCh)
-		var podWatchChannelClosed bool
-		var eventWatchChannelClosed bool
-		for {
-			select {
-			case _ = <-stopChannel:
-				return
-
-			case podEvent, ok := <-podWatch.ResultChan():
-				if !ok {
-					podWatchChannelClosed = true
-				} else {
-					eventCh <- podEvent
-				}
-			case eventEvent, ok := <-eventWatch.ResultChan():
-				if !ok {
-					eventWatchChannelClosed = true
-				} else {
-					eventCh <- eventEvent
-				}
-			}
-			if podWatchChannelClosed && eventWatchChannelClosed {
-				break
-			}
-		}
-	}()
-
-	return eventCh, nil
-}
-
-// CalculateTimeoutForVolume calculates time for a Recycler pod to complete a
-// recycle operation. The calculation and return value is either the
-// minimumTimeout or the timeoutIncrement per Gi of storage size, whichever is
-// greater.
-func CalculateTimeoutForVolume(minimumTimeout, timeoutIncrement int, pv *v1.PersistentVolume) int64 {
-	giQty := resource.MustParse("1Gi")
-	pvQty := pv.Spec.Capacity[v1.ResourceStorage]
-	giSize := giQty.Value()
-	pvSize := pvQty.Value()
-	timeout := (pvSize / giSize) * int64(timeoutIncrement)
-	if timeout < int64(minimumTimeout) {
-		return int64(minimumTimeout)
-	} else {
-		return timeout
-	}
-}
-
-// RoundUpSize calculates how many allocation units are needed to accommodate
-// a volume of given size. E.g. when user wants 1500MiB volume, while AWS EBS
-// allocates volumes in gibibyte-sized chunks,
-// RoundUpSize(1500 * 1024*1024, 1024*1024*1024) returns '2'
-// (2 GiB is the smallest allocatable volume that can hold 1500MiB)
-func RoundUpSize(volumeSizeBytes int64, allocationUnitBytes int64) int64 {
-	return (volumeSizeBytes + allocationUnitBytes - 1) / allocationUnitBytes
-}
-
-// GenerateVolumeName returns a PV name with clusterName prefix. The function
-// should be used to generate a name of GCE PD or Cinder volume. It basically
-// adds "<clusterName>-dynamic-" before the PV name, making sure the resulting
-// string fits given length and cuts "dynamic" if not.
-func GenerateVolumeName(clusterName, pvName string, maxLength int) string {
-	prefix := clusterName + "-dynamic"
-	pvLen := len(pvName)
-
-	// cut the "<clusterName>-dynamic" to fit full pvName into maxLength
-	// +1 for the '-' dash
-	if pvLen+1+len(prefix) > maxLength {
-		prefix = prefix[:maxLength-pvLen-1]
-	}
-	return prefix + "-" + pvName
-}
-
-// Check if the path from the mounter is empty.
-func GetPath(mounter Mounter) (string, error) {
-	path := mounter.GetPath()
-	if path == "" {
-		return "", fmt.Errorf("Path is empty %s", reflect.TypeOf(mounter).String())
-	}
-	return path, nil
-}
-
-// ChooseZone implements our heuristics for choosing a zone for volume creation based on the volume name
-// Volumes are generally round-robin-ed across all active zones, using the hash of the PVC Name.
-// However, if the PVCName ends with `-<integer>`, we will hash the prefix, and then add the integer to the hash.
-// This means that a StatefulSet's volumes (`claimname-statefulsetname-id`) will spread across available zones,
-// assuming the id values are consecutive.
-func ChooseZoneForVolume(zones sets.String, pvcName string) string {
-	// We create the volume in a zone determined by the name
-	// Eventually the scheduler will coordinate placement into an available zone
-	hash, index := getPVCNameHashAndIndexOffset(pvcName)
-
-	// Zones.List returns zones in a consistent order (sorted)
-	// We do have a potential failure case where volumes will not be properly spread,
-	// if the set of zones changes during StatefulSet volume creation.  However, this is
-	// probably relatively unlikely because we expect the set of zones to be essentially
-	// static for clusters.
-	// Hopefully we can address this problem if/when we do full scheduler integration of
-	// PVC placement (which could also e.g. avoid putting volumes in overloaded or
-	// unhealthy zones)
-	zoneSlice := zones.List()
-	zone := zoneSlice[(hash+index)%uint32(len(zoneSlice))]
-
-	glog.V(2).Infof("Creating volume for PVC %q; chose zone=%q from zones=%q", pvcName, zone, zoneSlice)
-	return zone
-}
-
-// ChooseZonesForVolume is identical to ChooseZoneForVolume, but selects a multiple zones, for multi-zone disks.
-func ChooseZonesForVolume(zones sets.String, pvcName string, numZones uint32) sets.String {
-	// We create the volume in a zone determined by the name
-	// Eventually the scheduler will coordinate placement into an available zone
-	hash, index := getPVCNameHashAndIndexOffset(pvcName)
-
-	// Zones.List returns zones in a consistent order (sorted)
-	// We do have a potential failure case where volumes will not be properly spread,
-	// if the set of zones changes during StatefulSet volume creation.  However, this is
-	// probably relatively unlikely because we expect the set of zones to be essentially
-	// static for clusters.
-	// Hopefully we can address this problem if/when we do full scheduler integration of
-	// PVC placement (which could also e.g. avoid putting volumes in overloaded or
-	// unhealthy zones)
-	zoneSlice := zones.List()
-	replicaZones := sets.NewString()
-
-	startingIndex := index * numZones
-	for index = startingIndex; index < startingIndex+numZones; index++ {
-		zone := zoneSlice[(hash+index)%uint32(len(zoneSlice))]
-		replicaZones.Insert(zone)
-	}
-
-	glog.V(2).Infof("Creating volume for replicated PVC %q; chosen zones=%q from zones=%q",
-		pvcName, replicaZones.UnsortedList(), zoneSlice)
-	return replicaZones
-}
-
-func getPVCNameHashAndIndexOffset(pvcName string) (hash uint32, index uint32) {
-	if pvcName == "" {
-		// We should always be called with a name; this shouldn't happen
-		glog.Warningf("No name defined during volume create; choosing random zone")
-
-		hash = rand.Uint32()
-	} else {
-		hashString := pvcName
-
-		// Heuristic to make sure that volumes in a StatefulSet are spread across zones
-		// StatefulSet PVCs are (currently) named ClaimName-StatefulSetName-Id,
-		// where Id is an integer index.
-		// Note though that if a StatefulSet pod has multiple claims, we need them to be
-		// in the same zone, because otherwise the pod will be unable to mount both volumes,
-		// and will be unschedulable.  So we hash _only_ the "StatefulSetName" portion when
-		// it looks like `ClaimName-StatefulSetName-Id`.
-		// We continue to round-robin volume names that look like `Name-Id` also; this is a useful
-		// feature for users that are creating statefulset-like functionality without using statefulsets.
-		lastDash := strings.LastIndexByte(pvcName, '-')
-		if lastDash != -1 {
-			statefulsetIDString := pvcName[lastDash+1:]
-			statefulsetID, err := strconv.ParseUint(statefulsetIDString, 10, 32)
-			if err == nil {
-				// Offset by the statefulsetID, so we round-robin across zones
-				index = uint32(statefulsetID)
-				// We still hash the volume name, but only the prefix
-				hashString = pvcName[:lastDash]
-
-				// In the special case where it looks like `ClaimName-StatefulSetName-Id`,
-				// hash only the StatefulSetName, so that different claims on the same StatefulSet
-				// member end up in the same zone.
-				// Note that StatefulSetName (and ClaimName) might themselves both have dashes.
-				// We actually just take the portion after the final - of ClaimName-StatefulSetName.
-				// For our purposes it doesn't much matter (just suboptimal spreading).
-				lastDash := strings.LastIndexByte(hashString, '-')
-				if lastDash != -1 {
-					hashString = hashString[lastDash+1:]
-				}
-
-				glog.V(2).Infof("Detected StatefulSet-style volume name %q; index=%d", pvcName, index)
-			}
-		}
-
-		// We hash the (base) volume name, so we don't bias towards the first N zones
-		h := fnv.New32()
-		h.Write([]byte(hashString))
-		hash = h.Sum32()
-	}
-
-	return hash, index
-}
-
-// UnmountViaEmptyDir delegates the tear down operation for secret, configmap, git_repo and downwardapi
-// to empty_dir
-func UnmountViaEmptyDir(dir string, host VolumeHost, volName string, volSpec Spec, podUID types.UID) error {
-	glog.V(3).Infof("Tearing down volume %v for pod %v at %v", volName, podUID, dir)
-
-	// Wrap EmptyDir, let it do the teardown.
-	wrapped, err := host.NewWrapperUnmounter(volName, volSpec, podUID)
-	if err != nil {
-		return err
-	}
-	return wrapped.TearDownAt(dir)
-}
-
-// MountOptionFromSpec extracts and joins mount options from volume spec with supplied options
-func MountOptionFromSpec(spec *Spec, options ...string) []string {
-	pv := spec.PersistentVolume
-
-	if pv != nil {
-		// Use beta annotation first
-		if mo, ok := pv.Annotations[v1.MountOptionAnnotation]; ok {
-			moList := strings.Split(mo, ",")
-			return JoinMountOptions(moList, options)
-		}
-
-		if len(pv.Spec.MountOptions) > 0 {
-			return JoinMountOptions(pv.Spec.MountOptions, options)
-		}
-	}
-
-	return options
-}
-
-// JoinMountOptions joins mount options eliminating duplicates
-func JoinMountOptions(userOptions []string, systemOptions []string) []string {
-	allMountOptions := sets.NewString()
-
-	for _, mountOption := range userOptions {
-		if len(mountOption) > 0 {
-			allMountOptions.Insert(mountOption)
-		}
-	}
-
-	for _, mountOption := range systemOptions {
-		allMountOptions.Insert(mountOption)
-	}
-	return allMountOptions.UnsortedList()
-}
-
-// ValidateZone returns:
-// - an error in case zone is an empty string or contains only any combination of spaces and tab characters
-// - nil otherwise
-func ValidateZone(zone string) error {
-	if strings.TrimSpace(zone) == "" {
-		return fmt.Errorf("the provided %q zone is not valid, it's an empty string or contains only spaces and tab characters", zone)
-	}
-	return nil
-}
-
-// AccessModesContains returns whether the requested mode is contained by modes
-func AccessModesContains(modes []v1.PersistentVolumeAccessMode, mode v1.PersistentVolumeAccessMode) bool {
-	for _, m := range modes {
-		if m == mode {
-			return true
-		}
-	}
-	return false
-}
-
-// AccessModesContainedInAll returns whether all of the requested modes are contained by modes
-func AccessModesContainedInAll(indexedModes []v1.PersistentVolumeAccessMode, requestedModes []v1.PersistentVolumeAccessMode) bool {
-	for _, mode := range requestedModes {
-		if !AccessModesContains(indexedModes, mode) {
-			return false
-		}
-	}
-	return true
-}
-
-// GetWindowsPath get a windows path
-func GetWindowsPath(path string) string {
-	windowsPath := strings.Replace(path, "/", "\\", -1)
-	if strings.HasPrefix(windowsPath, "\\") {
-		windowsPath = "c:" + windowsPath
-	}
-	return windowsPath
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/util/BUILD
index d1cc9cc65a97..4430a313190d 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/BUILD
@@ -1,43 +1,64 @@
-package(default_visibility = ["//visibility:public"])
-
-load(
-    "@io_bazel_rules_go//go:def.bzl",
-    "go_library",
-    "go_test",
-)
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 
 go_library(
     name = "go_default_library",
     srcs = [
         "atomic_writer.go",
         "device_util.go",
-        "device_util_unsupported.go",
         "doc.go",
         "error.go",
         "finalizer.go",
-        "fs_unsupported.go",
         "io_util.go",
         "metrics.go",
         "nested_volumes.go",
+        "resize_util.go",
         "util.go",
-        "util_unsupported.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:darwin_amd64": [
-            "fs.go",
+        "@io_bazel_rules_go//go/platform:android": [
+            "device_util_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "device_util_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "device_util_unsupported.go",
         ],
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "device_util_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
             "device_util_linux.go",
-            "fs.go",
-            "util_linux.go",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "device_util_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "device_util_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "device_util_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "device_util_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "device_util_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "device_util_unsupported.go",
         ],
         "//conditions:default": [],
     }),
     importpath = "k8s.io/kubernetes/pkg/volume/util",
+    visibility = ["//visibility:public"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core/v1/helper:go_default_library",
+        "//pkg/features:go_default_library",
         "//pkg/kubelet/apis:go_default_library",
         "//pkg/util/mount:go_default_library",
+        "//pkg/volume:go_default_library",
+        "//pkg/volume/util/types:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/prometheus/client_golang/prometheus:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
@@ -48,47 +69,39 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/strategicpatch:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
-    ] + select({
-        "@io_bazel_rules_go//go/platform:darwin_amd64": [
-            "//vendor/golang.org/x/sys/unix:go_default_library",
-        ],
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
-            "//vendor/golang.org/x/sys/unix:go_default_library",
-        ],
-        "//conditions:default": [],
-    }),
+    ],
 )
 
 go_test(
     name = "go_default_test",
     srcs = [
-        "finalizer_test.go",
         "nested_volumes_test.go",
+        "resize_util_test.go",
         "util_test.go",
     ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
+        "@io_bazel_rules_go//go/platform:linux": [
             "atomic_writer_test.go",
             "device_util_linux_test.go",
         ],
         "//conditions:default": [],
     }),
-    importpath = "k8s.io/kubernetes/pkg/volume/util",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core/install:go_default_library",
         "//pkg/apis/core/v1/helper:go_default_library",
-        "//vendor/github.com/davecgh/go-spew/spew:go_default_library",
+        "//pkg/util/mount:go_default_library",
+        "//pkg/util/slice:go_default_library",
+        "//pkg/volume:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
-    ] + select({
-        "@io_bazel_rules_go//go/platform:linux_amd64": [
-            "//vendor/k8s.io/client-go/util/testing:go_default_library",
-        ],
-        "//conditions:default": [],
-    }),
+        "//vendor/k8s.io/client-go/util/testing:go_default_library",
+    ],
 )
 
 filegroup(
@@ -102,10 +115,13 @@ filegroup(
     name = "all-srcs",
     srcs = [
         ":package-srcs",
+        "//pkg/volume/util/fs:all-srcs",
         "//pkg/volume/util/nestedpendingoperations:all-srcs",
         "//pkg/volume/util/operationexecutor:all-srcs",
+        "//pkg/volume/util/recyclerclient:all-srcs",
         "//pkg/volume/util/types:all-srcs",
-        "//pkg/volume/util/volumehelper:all-srcs",
+        "//pkg/volume/util/volumepathhandler:all-srcs",
     ],
     tags = ["automanaged"],
+    visibility = ["//visibility:public"],
 )
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/atomic_writer.go b/vendor/k8s.io/kubernetes/pkg/volume/util/atomic_writer.go
index 2a514be87462..b1345892878c 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/atomic_writer.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/atomic_writer.go
@@ -257,7 +257,7 @@ func validatePath(targetPath string) error {
 	}
 
 	if len(targetPath) > maxPathLength {
-		return fmt.Errorf("invalid path: must be less than %d characters", maxPathLength)
+		return fmt.Errorf("invalid path: must be less than or equal to %d characters", maxPathLength)
 	}
 
 	items := strings.Split(targetPath, string(os.PathSeparator))
@@ -266,7 +266,7 @@ func validatePath(targetPath string) error {
 			return fmt.Errorf("invalid path: must not contain '..': %s", targetPath)
 		}
 		if len(item) > maxFileNameLength {
-			return fmt.Errorf("invalid path: filenames must be less than %d characters", maxFileNameLength)
+			return fmt.Errorf("invalid path: filenames must be less than or equal to %d characters", maxFileNameLength)
 		}
 	}
 	if strings.HasPrefix(items[0], "..") && len(items[0]) > 2 {
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/device_util.go b/vendor/k8s.io/kubernetes/pkg/volume/util/device_util.go
index 9098d7b8597c..9d504bc2e78b 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/device_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/device_util.go
@@ -19,6 +19,7 @@ package util
 //DeviceUtil is a util for common device methods
 type DeviceUtil interface {
 	FindMultipathDeviceForDevice(disk string) string
+	FindSlaveDevicesOnMultipath(disk string) []string
 }
 
 type deviceHandler struct {
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/device_util_linux.go b/vendor/k8s.io/kubernetes/pkg/volume/util/device_util_linux.go
index 0d9851140f62..297004bf9501 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/device_util_linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/device_util_linux.go
@@ -20,6 +20,7 @@ package util
 
 import (
 	"errors"
+	"path"
 	"strings"
 )
 
@@ -59,3 +60,23 @@ func findDeviceForPath(path string, io IoUtil) (string, error) {
 	}
 	return "", errors.New("Illegal path for device " + devicePath)
 }
+
+// FindSlaveDevicesOnMultipath given a dm name like /dev/dm-1, find all devices
+// which are managed by the devicemapper dm-1.
+func (handler *deviceHandler) FindSlaveDevicesOnMultipath(dm string) []string {
+	var devices []string
+	io := handler.get_io
+	// Split path /dev/dm-1 into "", "dev", "dm-1"
+	parts := strings.Split(dm, "/")
+	if len(parts) != 3 || !strings.HasPrefix(parts[1], "dev") {
+		return devices
+	}
+	disk := parts[2]
+	slavesPath := path.Join("/sys/block/", disk, "/slaves/")
+	if files, err := io.ReadDir(slavesPath); err == nil {
+		for _, f := range files {
+			devices = append(devices, path.Join("/dev/", f.Name()))
+		}
+	}
+	return devices
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/device_util_unsupported.go b/vendor/k8s.io/kubernetes/pkg/volume/util/device_util_unsupported.go
index 6afb1f139154..0b41eb3741ca 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/device_util_unsupported.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/device_util_unsupported.go
@@ -22,3 +22,9 @@ package util
 func (handler *deviceHandler) FindMultipathDeviceForDevice(device string) string {
 	return ""
 }
+
+// FindSlaveDevicesOnMultipath unsupported returns ""
+func (handler *deviceHandler) FindSlaveDevicesOnMultipath(disk string) []string {
+	out := []string{}
+	return out
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/finalizer.go b/vendor/k8s.io/kubernetes/pkg/volume/util/finalizer.go
index 846315450604..92d3c2bdd57b 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/finalizer.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/finalizer.go
@@ -16,53 +16,10 @@ limitations under the License.
 
 package util
 
-import (
-	"k8s.io/api/core/v1"
-)
-
 const (
 	// Name of finalizer on PVCs that have a running pod.
 	PVCProtectionFinalizer = "kubernetes.io/pvc-protection"
-)
-
-// IsPVCBeingDeleted returns:
-// true: in case PVC is being deleted, i.e. ObjectMeta.DeletionTimestamp is set
-// false: in case PVC is not being deleted, i.e. ObjectMeta.DeletionTimestamp is nil
-func IsPVCBeingDeleted(pvc *v1.PersistentVolumeClaim) bool {
-	return pvc.ObjectMeta.DeletionTimestamp != nil
-}
 
-// IsProtectionFinalizerPresent returns true in case PVCProtectionFinalizer is
-// present among the pvc.Finalizers
-func IsProtectionFinalizerPresent(pvc *v1.PersistentVolumeClaim) bool {
-	for _, finalizer := range pvc.Finalizers {
-		if finalizer == PVCProtectionFinalizer {
-			return true
-		}
-	}
-	return false
-}
-
-// RemoveProtectionFinalizer returns pvc without PVCProtectionFinalizer in case
-// it's present in pvc.Finalizers. It expects that pvc is writable (i.e. is not
-// informer's cached copy.)
-func RemoveProtectionFinalizer(pvc *v1.PersistentVolumeClaim) {
-	newFinalizers := make([]string, 0)
-	for _, finalizer := range pvc.Finalizers {
-		if finalizer != PVCProtectionFinalizer {
-			newFinalizers = append(newFinalizers, finalizer)
-		}
-	}
-	if len(newFinalizers) == 0 {
-		// Sanitize for unit tests so we don't need to distinguish empty array
-		// and nil.
-		newFinalizers = nil
-	}
-	pvc.Finalizers = newFinalizers
-}
-
-// AddProtectionFinalizer adds PVCProtectionFinalizer to pvc. It expects that
-// pvc is writable (i.e. is not informer's cached copy.)
-func AddProtectionFinalizer(pvc *v1.PersistentVolumeClaim) {
-	pvc.Finalizers = append(pvc.Finalizers, PVCProtectionFinalizer)
-}
+	// Name of finalizer on PVs that are bound by PVCs
+	PVProtectionFinalizer = "kubernetes.io/pv-protection"
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/fs/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/util/fs/BUILD
new file mode 100644
index 000000000000..205ddaaaeb04
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/fs/BUILD
@@ -0,0 +1,95 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "fs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "fs.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "fs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "fs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "fs.go",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "fs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "fs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "fs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "fs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "fs_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "fs_unsupported.go",
+        ],
+        "//conditions:default": [],
+    }),
+    importpath = "k8s.io/kubernetes/pkg/volume/util/fs",
+    visibility = ["//visibility:public"],
+    deps = select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "//vendor/golang.org/x/sys/unix:go_default_library",
+            "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
+        ],
+        "//conditions:default": [],
+    }),
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/fs.go b/vendor/k8s.io/kubernetes/pkg/volume/util/fs/fs.go
similarity index 99%
rename from vendor/k8s.io/kubernetes/pkg/volume/util/fs.go
rename to vendor/k8s.io/kubernetes/pkg/volume/util/fs/fs.go
index c756c4a184b2..bbb4b0105c5e 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/fs.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/fs/fs.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package util
+package fs
 
 import (
 	"bytes"
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/fs_unsupported.go b/vendor/k8s.io/kubernetes/pkg/volume/util/fs/fs_unsupported.go
similarity index 98%
rename from vendor/k8s.io/kubernetes/pkg/volume/util/fs_unsupported.go
rename to vendor/k8s.io/kubernetes/pkg/volume/util/fs/fs_unsupported.go
index 8d35d5daedaa..da41fc8eee5b 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/fs_unsupported.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/fs/fs_unsupported.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package util
+package fs
 
 import (
 	"fmt"
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/metrics.go b/vendor/k8s.io/kubernetes/pkg/volume/util/metrics.go
index ab2d76286bb7..e3af12df8906 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/metrics.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/metrics.go
@@ -49,12 +49,12 @@ func registerMetrics() {
 }
 
 // OperationCompleteHook returns a hook to call when an operation is completed
-func OperationCompleteHook(plugin, operationName string) func(error) {
+func OperationCompleteHook(plugin, operationName string) func(*error) {
 	requestTime := time.Now()
-	opComplete := func(err error) {
+	opComplete := func(err *error) {
 		timeTaken := time.Since(requestTime).Seconds()
 		// Create metric with operation name and plugin name
-		if err != nil {
+		if *err != nil {
 			storageOperationErrorMetric.WithLabelValues(plugin, operationName).Inc()
 		} else {
 			storageOperationMetric.WithLabelValues(plugin, operationName).Observe(timeTaken)
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/nestedpendingoperations/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/util/nestedpendingoperations/BUILD
index c0623b47e1d4..46eb0830984c 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/nestedpendingoperations/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/nestedpendingoperations/BUILD
@@ -22,8 +22,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["nestedpendingoperations_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/volume/util/nestedpendingoperations",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/volume/util/types:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/nestedpendingoperations/nestedpendingoperations.go b/vendor/k8s.io/kubernetes/pkg/volume/util/nestedpendingoperations/nestedpendingoperations.go
index 82462c1f2f6c..526ea403ceea 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/nestedpendingoperations/nestedpendingoperations.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/nestedpendingoperations/nestedpendingoperations.go
@@ -55,7 +55,7 @@ type NestedPendingOperations interface {
 	// concatenation of volumeName and podName is removed from the list of
 	// executing operations allowing a new operation to be started with the
 	// volumeName without error.
-	Run(volumeName v1.UniqueVolumeName, podName types.UniquePodName, operationFunc func() error, operationCompleteFunc func(error)) error
+	Run(volumeName v1.UniqueVolumeName, podName types.UniquePodName, generatedOperations types.GeneratedOperations) error
 
 	// Wait blocks until all operations are completed. This is typically
 	// necessary during tests - the test should wait until all operations finish
@@ -94,8 +94,7 @@ type operation struct {
 func (grm *nestedPendingOperations) Run(
 	volumeName v1.UniqueVolumeName,
 	podName types.UniquePodName,
-	operationFunc func() error,
-	operationCompleteFunc func(error)) error {
+	generatedOperations types.GeneratedOperations) error {
 	grm.lock.Lock()
 	defer grm.lock.Unlock()
 	opExists, previousOpIndex := grm.isOperationExists(volumeName, podName)
@@ -128,15 +127,20 @@ func (grm *nestedPendingOperations) Run(
 			})
 	}
 
-	go func() (err error) {
+	go func() (eventErr, detailedErr error) {
 		// Handle unhandled panics (very unlikely)
 		defer k8sRuntime.HandleCrash()
 		// Handle completion of and error, if any, from operationFunc()
-		defer grm.operationComplete(volumeName, podName, &err)
-		defer operationCompleteFunc(err)
+		defer grm.operationComplete(volumeName, podName, &detailedErr)
+		if generatedOperations.CompleteFunc != nil {
+			defer generatedOperations.CompleteFunc(&detailedErr)
+		}
+		if generatedOperations.EventRecorderFunc != nil {
+			defer generatedOperations.EventRecorderFunc(&eventErr)
+		}
 		// Handle panic, if any, from operationFunc()
-		defer k8sRuntime.RecoverFromPanic(&err)
-		return operationFunc()
+		defer k8sRuntime.RecoverFromPanic(&detailedErr)
+		return generatedOperations.OperationFunc()
 	}()
 
 	return nil
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/BUILD
index 15c2ac27d837..f7676a07c73b 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/BUILD
@@ -23,13 +23,12 @@ go_library(
         "//pkg/volume/util:go_default_library",
         "//pkg/volume/util/nestedpendingoperations:go_default_library",
         "//pkg/volume/util/types:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
+        "//pkg/volume/util/volumepathhandler:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/strategicpatch:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
         "//vendor/k8s.io/client-go/tools/record:go_default_library",
@@ -39,8 +38,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["operation_executor_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/volume/util/operationexecutor",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/controller/volume/expand/cache:go_default_library",
         "//pkg/util/mount:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_executor.go b/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_executor.go
index e9147012f04e..c586b959ade0 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_executor.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_executor.go
@@ -22,22 +22,19 @@ package operationexecutor
 
 import (
 	"fmt"
-	"strings"
 	"time"
 
 	"github.com/golang/glog"
 
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
-	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	expandcache "k8s.io/kubernetes/pkg/controller/volume/expand/cache"
-	"k8s.io/kubernetes/pkg/features"
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
 	"k8s.io/kubernetes/pkg/volume/util"
 	"k8s.io/kubernetes/pkg/volume/util/nestedpendingoperations"
 	volumetypes "k8s.io/kubernetes/pkg/volume/util/types"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
+	"k8s.io/kubernetes/pkg/volume/util/volumepathhandler"
 )
 
 // OperationExecutor defines a set of operations for attaching, detaching,
@@ -84,7 +81,8 @@ type OperationExecutor interface {
 	// Status.VolumesInUse list (operation fails with error if it is).
 	DetachVolume(volumeToDetach AttachedVolume, verifySafeToDetach bool, actualStateOfWorld ActualStateOfWorldAttacherUpdater) error
 
-	// MountVolume mounts the volume to the pod specified in volumeToMount.
+	// If a volume has 'Filesystem' volumeMode, MountVolume mounts the
+	// volume to the pod specified in volumeToMount.
 	// Specifically it will:
 	// * Wait for the device to finish attaching (for attachable volumes only).
 	// * Mount device to global mount path (for attachable volumes only).
@@ -96,38 +94,36 @@ type OperationExecutor interface {
 	// The parameter "isRemount" is informational and used to adjust logging
 	// verbosity. An initial mount is more log-worthy than a remount, for
 	// example.
-	MountVolume(waitForAttachTimeout time.Duration, volumeToMount VolumeToMount, actualStateOfWorld ActualStateOfWorldMounterUpdater, isRemount bool) error
-
-	// UnmountVolume unmounts the volume from the pod specified in
-	// volumeToUnmount and updates the actual state of the world to reflect that.
-	UnmountVolume(volumeToUnmount MountedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater, podsDir string) error
-
-	// UnmountDevice unmounts the volumes global mount path from the device (for
-	// attachable volumes only, freeing it for detach. It then updates the
-	// actual state of the world to reflect that.
-	UnmountDevice(deviceToDetach AttachedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater, mounter mount.Interface) error
-
-	// MapVolume is used when the volumeMode is 'Block'.
-	// This method creates a symbolic link to the volume from both the pod
-	// specified in volumeToMount and global map path.
+	//
+	// For 'Block' volumeMode, this method creates a symbolic link to
+	// the volume from both the pod specified in volumeToMount and global map path.
 	// Specifically it will:
 	// * Wait for the device to finish attaching (for attachable volumes only).
 	// * Update actual state of world to reflect volume is globally mounted/mapped.
 	// * Map volume to global map path using symbolic link.
 	// * Map the volume to the pod device map path using symbolic link.
 	// * Update actual state of world to reflect volume is mounted/mapped to the pod path.
-	MapVolume(waitForAttachTimeout time.Duration, volumeToMount VolumeToMount, actualStateOfWorld ActualStateOfWorldMounterUpdater) error
+	MountVolume(waitForAttachTimeout time.Duration, volumeToMount VolumeToMount, actualStateOfWorld ActualStateOfWorldMounterUpdater, isRemount bool) error
 
-	// UnmapVolume unmaps symbolic link to the volume from both the pod device
-	// map path in volumeToUnmount and global map path.
+	// If a volume has 'Filesystem' volumeMode, UnmountVolume unmounts the
+	// volume from the pod specified in volumeToUnmount and updates the actual
+	// state of the world to reflect that.
+	//
+	// For 'Block' volumeMode, this method unmaps symbolic link to the volume
+	// from both the pod device map path in volumeToUnmount and global map path.
 	// And then, updates the actual state of the world to reflect that.
-	UnmapVolume(volumeToUnmount MountedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater) error
+	UnmountVolume(volumeToUnmount MountedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater, podsDir string) error
 
-	// UnmapDevice checks number of symbolic links under global map path.
-	// If number of reference is zero, remove global map path directory and
-	// free a volume for detach.
+	// If a volume has 'Filesystem' volumeMode, UnmountDevice unmounts the
+	// volumes global mount path from the device (for attachable volumes only,
+	// freeing it for detach. It then updates the actual state of the world to
+	// reflect that.
+	//
+	// For 'Block' volumeMode, this method checks number of symbolic links under
+	// global map path. If number of reference is zero, remove global map path
+	// directory and free a volume for detach.
 	// It then updates the actual state of the world to reflect that.
-	UnmapDevice(deviceToDetach AttachedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater, mounter mount.Interface) error
+	UnmountDevice(deviceToDetach AttachedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater, mounter mount.Interface) error
 
 	// VerifyControllerAttachedVolume checks if the specified volume is present
 	// in the specified nodes AttachedVolumes Status field. It uses kubeClient
@@ -146,6 +142,10 @@ type OperationExecutor interface {
 	IsOperationPending(volumeName v1.UniqueVolumeName, podName volumetypes.UniquePodName) bool
 	// Expand Volume will grow size available to PVC
 	ExpandVolume(*expandcache.PVCWithResizeRequest, expandcache.VolumeResizeMap) error
+	// ReconstructVolumeOperation construct a new volumeSpec and returns it created by plugin
+	ReconstructVolumeOperation(volumeMode v1.PersistentVolumeMode, plugin volume.VolumePlugin, mapperPlugin volume.BlockVolumePlugin, uid types.UID, podName volumetypes.UniquePodName, volumeSpecName string, mountPath string, pluginName string) (*volume.Spec, error)
+	// CheckVolumeExistenceOperation checks volume existence
+	CheckVolumeExistenceOperation(volumeSpec *volume.Spec, mountPath, volumeName string, mounter mount.Interface, uniqueVolumeName v1.UniqueVolumeName, podName volumetypes.UniquePodName, podUID types.UID, attachable volume.AttachableVolumePlugin) (bool, error)
 }
 
 // NewOperationExecutor returns a new instance of OperationExecutor.
@@ -169,7 +169,7 @@ type ActualStateOfWorldMounterUpdater interface {
 	MarkVolumeAsUnmounted(podName volumetypes.UniquePodName, volumeName v1.UniqueVolumeName) error
 
 	// Marks the specified volume as having been globally mounted.
-	MarkDeviceAsMounted(volumeName v1.UniqueVolumeName) error
+	MarkDeviceAsMounted(volumeName v1.UniqueVolumeName, devicePath, deviceMountPath string) error
 
 	// Marks the specified volume as having its global mount unmounted.
 	MarkDeviceAsUnmounted(volumeName v1.UniqueVolumeName) error
@@ -386,6 +386,14 @@ type AttachedVolume struct {
 	// DevicePath contains the path on the node where the volume is attached.
 	// For non-attachable volumes this is empty.
 	DevicePath string
+
+	// DeviceMountPath contains the path on the node where the device should
+	// be mounted after it is attached.
+	DeviceMountPath string
+
+	// PluginName is the Unescaped Qualified name of the volume plugin used to
+	// attach and mount this volume.
+	PluginName string
 }
 
 // GenerateMsgDetailed returns detailed msgs for attached volumes
@@ -453,7 +461,7 @@ type MountedVolume struct {
 	//     name: test-pd
 	//   spec:
 	//     containers:
-	//     - image: gcr.io/google_containers/test-webserver
+	//     - image: k8s.gcr.io/test-webserver
 	//     	 name: test-container
 	//     	 volumeMounts:
 	//     	 - mountPath: /test-pd
@@ -491,7 +499,7 @@ type MountedVolume struct {
 	//     name: test-pd
 	//   spec:
 	//     containers:
-	//     - image: gcr.io/google_containers/test-webserver
+	//     - image: k8s.gcr.io/test-webserver
 	//     	 name: test-container
 	//     	 volumeMounts:
 	//     	 - mountPath: /test-pd
@@ -529,6 +537,10 @@ type MountedVolume struct {
 	// VolumeSpec is a volume spec containing the specification for the volume
 	// that should be mounted.
 	VolumeSpec *volume.Spec
+
+	// DeviceMountPath contains the path on the node where the device should
+	// be mounted after it is attached.
+	DeviceMountPath string
 }
 
 // GenerateMsgDetailed returns detailed msgs for mounted volumes
@@ -571,30 +583,28 @@ func (oe *operationExecutor) IsOperationPending(volumeName v1.UniqueVolumeName,
 func (oe *operationExecutor) AttachVolume(
 	volumeToAttach VolumeToAttach,
 	actualStateOfWorld ActualStateOfWorldAttacherUpdater) error {
-	attachFunc, plugin, err :=
+	generatedOperations, err :=
 		oe.operationGenerator.GenerateAttachVolumeFunc(volumeToAttach, actualStateOfWorld)
 	if err != nil {
 		return err
 	}
 
-	opCompleteFunc := util.OperationCompleteHook(plugin, "volume_attach")
 	return oe.pendingOperations.Run(
-		volumeToAttach.VolumeName, "" /* podName */, attachFunc, opCompleteFunc)
+		volumeToAttach.VolumeName, "" /* podName */, generatedOperations)
 }
 
 func (oe *operationExecutor) DetachVolume(
 	volumeToDetach AttachedVolume,
 	verifySafeToDetach bool,
 	actualStateOfWorld ActualStateOfWorldAttacherUpdater) error {
-	detachFunc, plugin, err :=
+	generatedOperations, err :=
 		oe.operationGenerator.GenerateDetachVolumeFunc(volumeToDetach, verifySafeToDetach, actualStateOfWorld)
 	if err != nil {
 		return err
 	}
 
-	opCompleteFunc := util.OperationCompleteHook(plugin, "volume_detach")
 	return oe.pendingOperations.Run(
-		volumeToDetach.VolumeName, "" /* podName */, detachFunc, opCompleteFunc)
+		volumeToDetach.VolumeName, "" /* podName */, generatedOperations)
 }
 
 func (oe *operationExecutor) VerifyVolumesAreAttached(
@@ -661,7 +671,7 @@ func (oe *operationExecutor) VerifyVolumesAreAttached(
 	}
 
 	for pluginName, pluginNodeVolumes := range bulkVerifyPluginsByNode {
-		bulkVerifyVolumeFunc, err := oe.operationGenerator.GenerateBulkVolumeVerifyFunc(
+		generatedOperations, err := oe.operationGenerator.GenerateBulkVolumeVerifyFunc(
 			pluginNodeVolumes,
 			pluginName,
 			volumeSpecMapByPlugin[pluginName],
@@ -670,10 +680,9 @@ func (oe *operationExecutor) VerifyVolumesAreAttached(
 			glog.Errorf("BulkVerifyVolumes.GenerateBulkVolumeVerifyFunc error bulk verifying volumes for plugin %q with  %v", pluginName, err)
 		}
 
-		opCompleteFunc := util.OperationCompleteHook(pluginName, "verify_volumes_are_attached")
 		// Ugly hack to ensure - we don't do parallel bulk polling of same volume plugin
 		uniquePluginName := v1.UniqueVolumeName(pluginName)
-		err = oe.pendingOperations.Run(uniquePluginName, "" /* Pod Name */, bulkVerifyVolumeFunc, opCompleteFunc)
+		err = oe.pendingOperations.Run(uniquePluginName, "" /* Pod Name */, generatedOperations)
 		if err != nil {
 			glog.Errorf("BulkVerifyVolumes.Run Error bulk volume verification for plugin %q  with %v", pluginName, err)
 		}
@@ -684,15 +693,14 @@ func (oe *operationExecutor) VerifyVolumesAreAttachedPerNode(
 	attachedVolumes []AttachedVolume,
 	nodeName types.NodeName,
 	actualStateOfWorld ActualStateOfWorldAttacherUpdater) error {
-	volumesAreAttachedFunc, err :=
+	generatedOperations, err :=
 		oe.operationGenerator.GenerateVolumesAreAttachedFunc(attachedVolumes, nodeName, actualStateOfWorld)
 	if err != nil {
 		return err
 	}
 
-	opCompleteFunc := util.OperationCompleteHook("<n/a>", "verify_volumes_are_attached_per_node")
 	// Give an empty UniqueVolumeName so that this operation could be executed concurrently.
-	return oe.pendingOperations.Run("" /* volumeName */, "" /* podName */, volumesAreAttachedFunc, opCompleteFunc)
+	return oe.pendingOperations.Run("" /* volumeName */, "" /* podName */, generatedOperations)
 }
 
 func (oe *operationExecutor) MountVolume(
@@ -700,307 +708,154 @@ func (oe *operationExecutor) MountVolume(
 	volumeToMount VolumeToMount,
 	actualStateOfWorld ActualStateOfWorldMounterUpdater,
 	isRemount bool) error {
-	mountFunc, plugin, err := oe.operationGenerator.GenerateMountVolumeFunc(
-		waitForAttachTimeout, volumeToMount, actualStateOfWorld, isRemount)
+	fsVolume, err := util.CheckVolumeModeFilesystem(volumeToMount.VolumeSpec)
 	if err != nil {
 		return err
 	}
+	var generatedOperations volumetypes.GeneratedOperations
+	if fsVolume {
+		// Filesystem volume case
+		// Mount/remount a volume when a volume is attached
+		generatedOperations, err = oe.operationGenerator.GenerateMountVolumeFunc(
+			waitForAttachTimeout, volumeToMount, actualStateOfWorld, isRemount)
 
+	} else {
+		// Block volume case
+		// Creates a map to device if a volume is attached
+		generatedOperations, err = oe.operationGenerator.GenerateMapVolumeFunc(
+			waitForAttachTimeout, volumeToMount, actualStateOfWorld)
+	}
+	if err != nil {
+		return err
+	}
+	// Avoid executing mount/map from multiple pods referencing the
+	// same volume in parallel
 	podName := nestedpendingoperations.EmptyUniquePodName
+
 	// TODO: remove this -- not necessary
 	if !volumeToMount.PluginIsAttachable {
 		// Non-attachable volume plugins can execute mount for multiple pods
 		// referencing the same volume in parallel
-		podName = volumehelper.GetUniquePodName(volumeToMount.Pod)
+		podName = util.GetUniquePodName(volumeToMount.Pod)
 	}
 
 	// TODO mount_device
-	opCompleteFunc := util.OperationCompleteHook(plugin, "volume_mount")
 	return oe.pendingOperations.Run(
-		volumeToMount.VolumeName, podName, mountFunc, opCompleteFunc)
+		volumeToMount.VolumeName, podName, generatedOperations)
 }
 
 func (oe *operationExecutor) UnmountVolume(
 	volumeToUnmount MountedVolume,
 	actualStateOfWorld ActualStateOfWorldMounterUpdater,
 	podsDir string) error {
-
-	unmountFunc, plugin, err :=
-		oe.operationGenerator.GenerateUnmountVolumeFunc(volumeToUnmount, actualStateOfWorld, podsDir)
+	fsVolume, err := util.CheckVolumeModeFilesystem(volumeToUnmount.VolumeSpec)
 	if err != nil {
 		return err
 	}
-
-	// All volume plugins can execute mount for multiple pods referencing the
+	var generatedOperations volumetypes.GeneratedOperations
+	if fsVolume {
+		// Filesystem volume case
+		// Unmount a volume if a volume is mounted
+		generatedOperations, err = oe.operationGenerator.GenerateUnmountVolumeFunc(
+			volumeToUnmount, actualStateOfWorld, podsDir)
+	} else {
+		// Block volume case
+		// Unmap a volume if a volume is mapped
+		generatedOperations, err = oe.operationGenerator.GenerateUnmapVolumeFunc(
+			volumeToUnmount, actualStateOfWorld)
+	}
+	if err != nil {
+		return err
+	}
+	// All volume plugins can execute unmount/unmap for multiple pods referencing the
 	// same volume in parallel
 	podName := volumetypes.UniquePodName(volumeToUnmount.PodUID)
 
-	opCompleteFunc := util.OperationCompleteHook(plugin, "volume_unmount")
 	return oe.pendingOperations.Run(
-		volumeToUnmount.VolumeName, podName, unmountFunc, opCompleteFunc)
+		volumeToUnmount.VolumeName, podName, generatedOperations)
 }
 
 func (oe *operationExecutor) UnmountDevice(
 	deviceToDetach AttachedVolume,
 	actualStateOfWorld ActualStateOfWorldMounterUpdater,
 	mounter mount.Interface) error {
-	unmountDeviceFunc, plugin, err :=
-		oe.operationGenerator.GenerateUnmountDeviceFunc(deviceToDetach, actualStateOfWorld, mounter)
+	fsVolume, err := util.CheckVolumeModeFilesystem(deviceToDetach.VolumeSpec)
 	if err != nil {
 		return err
 	}
-
-	opCompleteFunc := util.OperationCompleteHook(plugin, "unmount_device")
-	return oe.pendingOperations.Run(
-		deviceToDetach.VolumeName, "" /* podName */, unmountDeviceFunc, opCompleteFunc)
-}
-
-func (oe *operationExecutor) ExpandVolume(pvcWithResizeRequest *expandcache.PVCWithResizeRequest, resizeMap expandcache.VolumeResizeMap) error {
-	expandFunc, pluginName, err := oe.operationGenerator.GenerateExpandVolumeFunc(pvcWithResizeRequest, resizeMap)
-
-	if err != nil {
-		return err
+	var generatedOperations volumetypes.GeneratedOperations
+	if fsVolume {
+		// Filesystem volume case
+		// Unmount and detach a device if a volume isn't referenced
+		generatedOperations, err = oe.operationGenerator.GenerateUnmountDeviceFunc(
+			deviceToDetach, actualStateOfWorld, mounter)
+	} else {
+		// Block volume case
+		// Detach a device and remove loopback if a volume isn't referenced
+		generatedOperations, err = oe.operationGenerator.GenerateUnmapDeviceFunc(
+			deviceToDetach, actualStateOfWorld, mounter)
 	}
-	uniqueVolumeKey := v1.UniqueVolumeName(pvcWithResizeRequest.UniquePVCKey())
-	opCompleteFunc := util.OperationCompleteHook(pluginName, "expand_volume")
-	return oe.pendingOperations.Run(uniqueVolumeKey, "", expandFunc, opCompleteFunc)
-}
-
-func (oe *operationExecutor) MapVolume(
-	waitForAttachTimeout time.Duration,
-	volumeToMount VolumeToMount,
-	actualStateOfWorld ActualStateOfWorldMounterUpdater) error {
-	mapFunc, plugin, err := oe.operationGenerator.GenerateMapVolumeFunc(
-		waitForAttachTimeout, volumeToMount, actualStateOfWorld)
 	if err != nil {
 		return err
 	}
-
-	// Avoid executing map from multiple pods referencing the
-	// same volume in parallel
+	// Avoid executing unmount/unmap device from multiple pods referencing
+	// the same volume in parallel
 	podName := nestedpendingoperations.EmptyUniquePodName
-	// TODO: remove this -- not necessary
-	if !volumeToMount.PluginIsAttachable {
-		// Non-attachable volume plugins can execute mount for multiple pods
-		// referencing the same volume in parallel
-		podName = volumehelper.GetUniquePodName(volumeToMount.Pod)
-	}
 
-	opCompleteFunc := util.OperationCompleteHook(plugin, "map_volume")
 	return oe.pendingOperations.Run(
-		volumeToMount.VolumeName, podName, mapFunc, opCompleteFunc)
+		deviceToDetach.VolumeName, podName, generatedOperations)
 }
 
-func (oe *operationExecutor) UnmapVolume(
-	volumeToUnmount MountedVolume,
-	actualStateOfWorld ActualStateOfWorldMounterUpdater) error {
-	unmapFunc, plugin, err :=
-		oe.operationGenerator.GenerateUnmapVolumeFunc(volumeToUnmount, actualStateOfWorld)
-	if err != nil {
-		return err
-	}
-
-	// All volume plugins can execute unmap for multiple pods referencing the
-	// same volume in parallel
-	podName := volumetypes.UniquePodName(volumeToUnmount.PodUID)
-
-	opCompleteFunc := util.OperationCompleteHook(plugin, "unmap_volume")
-	return oe.pendingOperations.Run(
-		volumeToUnmount.VolumeName, podName, unmapFunc, opCompleteFunc)
-}
+func (oe *operationExecutor) ExpandVolume(pvcWithResizeRequest *expandcache.PVCWithResizeRequest, resizeMap expandcache.VolumeResizeMap) error {
+	generatedOperations, err := oe.operationGenerator.GenerateExpandVolumeFunc(pvcWithResizeRequest, resizeMap)
 
-func (oe *operationExecutor) UnmapDevice(
-	deviceToDetach AttachedVolume,
-	actualStateOfWorld ActualStateOfWorldMounterUpdater,
-	mounter mount.Interface) error {
-	unmapDeviceFunc, plugin, err :=
-		oe.operationGenerator.GenerateUnmapDeviceFunc(deviceToDetach, actualStateOfWorld, mounter)
 	if err != nil {
 		return err
 	}
+	uniqueVolumeKey := v1.UniqueVolumeName(pvcWithResizeRequest.UniquePVCKey())
 
-	// Avoid executing unmap device from multiple pods referencing
-	// the same volume in parallel
-	podName := nestedpendingoperations.EmptyUniquePodName
-
-	opCompleteFunc := util.OperationCompleteHook(plugin, "unmap_device")
-	return oe.pendingOperations.Run(
-		deviceToDetach.VolumeName, podName, unmapDeviceFunc, opCompleteFunc)
+	return oe.pendingOperations.Run(uniqueVolumeKey, "", generatedOperations)
 }
 
 func (oe *operationExecutor) VerifyControllerAttachedVolume(
 	volumeToMount VolumeToMount,
 	nodeName types.NodeName,
 	actualStateOfWorld ActualStateOfWorldAttacherUpdater) error {
-	verifyControllerAttachedVolumeFunc, plugin, err :=
+	generatedOperations, err :=
 		oe.operationGenerator.GenerateVerifyControllerAttachedVolumeFunc(volumeToMount, nodeName, actualStateOfWorld)
 	if err != nil {
 		return err
 	}
 
-	opCompleteFunc := util.OperationCompleteHook(plugin, "verify_controller_attached_volume")
 	return oe.pendingOperations.Run(
-		volumeToMount.VolumeName, "" /* podName */, verifyControllerAttachedVolumeFunc, opCompleteFunc)
-}
-
-// VolumeStateHandler defines a set of operations for handling mount/unmount/detach/reconstruct volume-related operations
-type VolumeStateHandler interface {
-	// Volume is attached, mount/map it
-	MountVolumeHandler(waitForAttachTimeout time.Duration, volumeToMount VolumeToMount, actualStateOfWorld ActualStateOfWorldMounterUpdater, isRemount bool, remountingLogStr string) error
-	// Volume is mounted/mapped, unmount/unmap it
-	UnmountVolumeHandler(mountedVolume MountedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater, podsDir string) error
-	// Volume is not referenced from pod, unmount/unmap and detach it
-	UnmountDeviceHandler(attachedVolume AttachedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater, mounter mount.Interface) error
-	// Reconstruct volume from mount path
-	ReconstructVolumeHandler(plugin volume.VolumePlugin, mapperPlugin volume.BlockVolumePlugin, uid types.UID, podName volumetypes.UniquePodName, volumeSpecName string, mountPath string, pluginName string) (*volume.Spec, error)
-	// check mount path if volume still exists
-	CheckVolumeExistence(mountPath, volumeName string, mounter mount.Interface, uniqueVolumeName v1.UniqueVolumeName, podName volumetypes.UniquePodName, podUID types.UID, attachable volume.AttachableVolumePlugin) (bool, error)
-}
-
-// NewVolumeHandler return a new instance of volumeHandler depens on a volumeMode
-func NewVolumeHandler(volumeSpec *volume.Spec, oe OperationExecutor) (VolumeStateHandler, error) {
-
-	// TODO: remove feature gate check after no longer needed
-	var volumeHandler VolumeStateHandler
-	if utilfeature.DefaultFeatureGate.Enabled(features.BlockVolume) {
-		volumeMode, err := volumehelper.GetVolumeMode(volumeSpec)
+		volumeToMount.VolumeName, "" /* podName */, generatedOperations)
+}
+
+// ReconstructVolumeOperation return a func to create volumeSpec from mount path
+func (oe *operationExecutor) ReconstructVolumeOperation(
+	volumeMode v1.PersistentVolumeMode,
+	plugin volume.VolumePlugin,
+	mapperPlugin volume.BlockVolumePlugin,
+	uid types.UID,
+	podName volumetypes.UniquePodName,
+	volumeSpecName string,
+	mountPath string,
+	pluginName string) (*volume.Spec, error) {
+
+	// Filesystem Volume case
+	if volumeMode == v1.PersistentVolumeFilesystem {
+		// Create volumeSpec from mount path
+		glog.V(5).Infof("Starting operationExecutor.ReconstructVolumepodName")
+		volumeSpec, err := plugin.ConstructVolumeSpec(volumeSpecName, mountPath)
 		if err != nil {
 			return nil, err
 		}
-		if volumeMode == v1.PersistentVolumeFilesystem {
-			volumeHandler = NewFilesystemVolumeHandler(oe)
-		} else {
-			volumeHandler = NewBlockVolumeHandler(oe)
-		}
-	} else {
-		volumeHandler = NewFilesystemVolumeHandler(oe)
-	}
-	return volumeHandler, nil
-}
-
-// NewFilesystemVolumeHandler returns a new instance of FilesystemVolumeHandler.
-func NewFilesystemVolumeHandler(operationExecutor OperationExecutor) FilesystemVolumeHandler {
-	return FilesystemVolumeHandler{
-		oe: operationExecutor}
-}
-
-// NewBlockVolumeHandler returns a new instance of BlockVolumeHandler.
-func NewBlockVolumeHandler(operationExecutor OperationExecutor) BlockVolumeHandler {
-	return BlockVolumeHandler{
-		oe: operationExecutor}
-}
-
-// FilesystemVolumeHandler is VolumeHandler for Filesystem volume
-type FilesystemVolumeHandler struct {
-	oe OperationExecutor
-}
-
-// BlockVolumeHandler is VolumeHandler for Block volume
-type BlockVolumeHandler struct {
-	oe OperationExecutor
-}
-
-// MountVolumeHandler mount/remount a volume when a volume is attached
-// This method is handler for filesystem volume
-func (f FilesystemVolumeHandler) MountVolumeHandler(waitForAttachTimeout time.Duration, volumeToMount VolumeToMount, actualStateOfWorld ActualStateOfWorldMounterUpdater, isRemount bool, remountingLogStr string) error {
-	glog.V(12).Infof(volumeToMount.GenerateMsgDetailed("Starting operationExecutor.MountVolume", remountingLogStr))
-	err := f.oe.MountVolume(
-		waitForAttachTimeout,
-		volumeToMount,
-		actualStateOfWorld,
-		isRemount)
-	return err
-}
-
-// UnmountVolumeHandler unmount a volume if a volume is mounted
-// This method is handler for filesystem volume
-func (f FilesystemVolumeHandler) UnmountVolumeHandler(mountedVolume MountedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater, podsDir string) error {
-	glog.V(12).Infof(mountedVolume.GenerateMsgDetailed("Starting operationExecutor.UnmountVolume", ""))
-	err := f.oe.UnmountVolume(
-		mountedVolume,
-		actualStateOfWorld,
-		podsDir)
-	return err
-}
-
-// UnmountDeviceHandler unmount and detach a device if a volume isn't referenced
-// This method is handler for filesystem volume
-func (f FilesystemVolumeHandler) UnmountDeviceHandler(attachedVolume AttachedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater, mounter mount.Interface) error {
-	glog.V(12).Infof(attachedVolume.GenerateMsgDetailed("Starting operationExecutor.UnmountDevice", ""))
-	err := f.oe.UnmountDevice(
-		attachedVolume,
-		actualStateOfWorld,
-		mounter)
-	return err
-}
-
-// ReconstructVolumeHandler create volumeSpec from mount path
-// This method is handler for filesystem volume
-func (f FilesystemVolumeHandler) ReconstructVolumeHandler(plugin volume.VolumePlugin, _ volume.BlockVolumePlugin, _ types.UID, _ volumetypes.UniquePodName, volumeSpecName string, mountPath string, _ string) (*volume.Spec, error) {
-	glog.V(12).Infof("Starting operationExecutor.ReconstructVolumepodName")
-	volumeSpec, err := plugin.ConstructVolumeSpec(volumeSpecName, mountPath)
-	if err != nil {
-		return nil, err
-	}
-	return volumeSpec, nil
-}
-
-// CheckVolumeExistence checks mount path directory if volume still exists, return true if volume is there
-// Also return true for non-attachable volume case without mount point check
-// This method is handler for filesystem volume
-func (f FilesystemVolumeHandler) CheckVolumeExistence(mountPath, volumeName string, mounter mount.Interface, uniqueVolumeName v1.UniqueVolumeName, podName volumetypes.UniquePodName, podUID types.UID, attachable volume.AttachableVolumePlugin) (bool, error) {
-	if attachable != nil {
-		var isNotMount bool
-		var mountCheckErr error
-		if isNotMount, mountCheckErr = mounter.IsLikelyNotMountPoint(mountPath); mountCheckErr != nil {
-			return false, fmt.Errorf("Could not check whether the volume %q (spec.Name: %q) pod %q (UID: %q) is mounted with: %v",
-				uniqueVolumeName,
-				volumeName,
-				podName,
-				podUID,
-				mountCheckErr)
-		}
-		return !isNotMount, nil
+		return volumeSpec, nil
 	}
-	return true, nil
-}
-
-// MountVolumeHandler creates a map to device if a volume is attached
-// This method is handler for block volume
-func (b BlockVolumeHandler) MountVolumeHandler(waitForAttachTimeout time.Duration, volumeToMount VolumeToMount, actualStateOfWorld ActualStateOfWorldMounterUpdater, _ bool, _ string) error {
-	glog.V(12).Infof(volumeToMount.GenerateMsgDetailed("Starting operationExecutor.MapVolume", ""))
-	err := b.oe.MapVolume(
-		waitForAttachTimeout,
-		volumeToMount,
-		actualStateOfWorld)
-	return err
-}
 
-// UnmountVolumeHandler unmap a volume if a volume is mapped
-// This method is handler for block volume
-func (b BlockVolumeHandler) UnmountVolumeHandler(mountedVolume MountedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater, podsDir string) error {
-	glog.V(12).Infof(mountedVolume.GenerateMsgDetailed("Starting operationExecutor.UnmapVolume", ""))
-	err := b.oe.UnmapVolume(
-		mountedVolume,
-		actualStateOfWorld)
-	return err
-}
-
-// UnmountDeviceHandler detach a device and remove loopback if a volume isn't referenced
-// This method is handler for block volume
-func (b BlockVolumeHandler) UnmountDeviceHandler(attachedVolume AttachedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater, mounter mount.Interface) error {
-	glog.V(12).Infof(attachedVolume.GenerateMsgDetailed("Starting operationExecutor.UnmapDevice", ""))
-	err := b.oe.UnmapDevice(
-		attachedVolume,
-		actualStateOfWorld,
-		mounter)
-	return err
-}
-
-// ReconstructVolumeHandler create volumeSpec from mount path
-// This method is handler for block volume
-func (b BlockVolumeHandler) ReconstructVolumeHandler(_ volume.VolumePlugin, mapperPlugin volume.BlockVolumePlugin, uid types.UID, podName volumetypes.UniquePodName, volumeSpecName string, mountPath string, pluginName string) (*volume.Spec, error) {
-	glog.V(12).Infof("Starting operationExecutor.ReconstructVolume")
+	// Block Volume case
+	// Create volumeSpec from mount path
+	glog.V(5).Infof("Starting operationExecutor.ReconstructVolume")
 	if mapperPlugin == nil {
 		return nil, fmt.Errorf("Could not find block volume plugin %q (spec.Name: %q) pod %q (UID: %q)",
 			pluginName,
@@ -1018,13 +873,48 @@ func (b BlockVolumeHandler) ReconstructVolumeHandler(_ volume.VolumePlugin, mapp
 	return volumeSpec, nil
 }
 
-// CheckVolumeExistence checks mount path directory if volume still exists, then return
-// true if volume is there. Either plugin is attachable or non-attachable, the plugin
-// should have symbolic link associated to raw block device under pod device map
-// if volume exists.
-// This method is handler for block volume
-func (b BlockVolumeHandler) CheckVolumeExistence(mountPath, volumeName string, mounter mount.Interface, uniqueVolumeName v1.UniqueVolumeName, podName volumetypes.UniquePodName, podUID types.UID, _ volume.AttachableVolumePlugin) (bool, error) {
-	blkutil := util.NewBlockVolumePathHandler()
+// CheckVolumeExistenceOperation return a func() to check mount path directory if volume still exists
+func (oe *operationExecutor) CheckVolumeExistenceOperation(
+	volumeSpec *volume.Spec,
+	mountPath, volumeName string,
+	mounter mount.Interface,
+	uniqueVolumeName v1.UniqueVolumeName,
+	podName volumetypes.UniquePodName,
+	podUID types.UID,
+	attachable volume.AttachableVolumePlugin) (bool, error) {
+	fsVolume, err := util.CheckVolumeModeFilesystem(volumeSpec)
+	if err != nil {
+		return false, err
+	}
+
+	// Filesystem Volume case
+	// For attachable volume case, check mount path directory if volume is still existing and mounted.
+	// Return true if volume is mounted.
+	if fsVolume {
+		if attachable != nil {
+			var isNotMount bool
+			var mountCheckErr error
+			if isNotMount, mountCheckErr = mounter.IsLikelyNotMountPoint(mountPath); mountCheckErr != nil {
+				return false, fmt.Errorf("Could not check whether the volume %q (spec.Name: %q) pod %q (UID: %q) is mounted with: %v",
+					uniqueVolumeName,
+					volumeName,
+					podName,
+					podUID,
+					mountCheckErr)
+			}
+			return !isNotMount, nil
+		}
+		// For non-attachable volume case, skip check and return true without mount point check
+		// since plugins may not have volume mount point.
+		return true, nil
+	}
+
+	// Block Volume case
+	// Check mount path directory if volume still exists, then return true if volume
+	// is there. Either plugin is attachable or non-attachable, the plugin should
+	// have symbolic link associated to raw block device under pod device map
+	// if volume exists.
+	blkutil := volumepathhandler.NewBlockVolumePathHandler()
 	var islinkExist bool
 	var checkErr error
 	if islinkExist, checkErr = blkutil.IsSymlinkExist(mountPath); checkErr != nil {
@@ -1037,21 +927,3 @@ func (b BlockVolumeHandler) CheckVolumeExistence(mountPath, volumeName string, m
 	}
 	return islinkExist, nil
 }
-
-// TODO: this is a workaround for the unmount device issue caused by gci mounter.
-// In GCI cluster, if gci mounter is used for mounting, the container started by mounter
-// script will cause additional mounts created in the container. Since these mounts are
-// irrelavant to the original mounts, they should be not considered when checking the
-// mount references. Current solution is to filter out those mount paths that contain
-// the string of original mount path.
-// Plan to work on better approach to solve this issue.
-
-func hasMountRefs(mountPath string, mountRefs []string) bool {
-	count := 0
-	for _, ref := range mountRefs {
-		if !strings.Contains(ref, mountPath) {
-			count = count + 1
-		}
-	}
-	return count > 0
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go b/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go
index 43cce820be1f..7130d840437a 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go
@@ -17,7 +17,6 @@ limitations under the License.
 package operationexecutor
 
 import (
-	"encoding/json"
 	"fmt"
 	"path"
 	"strings"
@@ -28,7 +27,6 @@ import (
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
-	"k8s.io/apimachinery/pkg/util/strategicpatch"
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	clientset "k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/tools/record"
@@ -39,7 +37,8 @@ import (
 	"k8s.io/kubernetes/pkg/util/resizefs"
 	"k8s.io/kubernetes/pkg/volume"
 	"k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
+	volumetypes "k8s.io/kubernetes/pkg/volume/util/types"
+	"k8s.io/kubernetes/pkg/volume/util/volumepathhandler"
 )
 
 var _ OperationGenerator = &operationGenerator{}
@@ -62,7 +61,7 @@ type operationGenerator struct {
 	checkNodeCapabilitiesBeforeMount bool
 
 	// blkUtil provides volume path related operations for block volume
-	blkUtil util.BlockVolumePathHandler
+	blkUtil volumepathhandler.BlockVolumePathHandler
 }
 
 // NewOperationGenerator is returns instance of operationGenerator
@@ -70,7 +69,7 @@ func NewOperationGenerator(kubeClient clientset.Interface,
 	volumePluginMgr *volume.VolumePluginMgr,
 	recorder record.EventRecorder,
 	checkNodeCapabilitiesBeforeMount bool,
-	blkUtil util.BlockVolumePathHandler) OperationGenerator {
+	blkUtil volumepathhandler.BlockVolumePathHandler) OperationGenerator {
 
 	return &operationGenerator{
 		kubeClient:      kubeClient,
@@ -84,34 +83,34 @@ func NewOperationGenerator(kubeClient clientset.Interface,
 // OperationGenerator interface that extracts out the functions from operation_executor to make it dependency injectable
 type OperationGenerator interface {
 	// Generates the MountVolume function needed to perform the mount of a volume plugin
-	GenerateMountVolumeFunc(waitForAttachTimeout time.Duration, volumeToMount VolumeToMount, actualStateOfWorldMounterUpdater ActualStateOfWorldMounterUpdater, isRemount bool) (func() error, string, error)
+	GenerateMountVolumeFunc(waitForAttachTimeout time.Duration, volumeToMount VolumeToMount, actualStateOfWorldMounterUpdater ActualStateOfWorldMounterUpdater, isRemount bool) (volumetypes.GeneratedOperations, error)
 
 	// Generates the UnmountVolume function needed to perform the unmount of a volume plugin
-	GenerateUnmountVolumeFunc(volumeToUnmount MountedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater, podsDir string) (func() error, string, error)
+	GenerateUnmountVolumeFunc(volumeToUnmount MountedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater, podsDir string) (volumetypes.GeneratedOperations, error)
 
 	// Generates the AttachVolume function needed to perform attach of a volume plugin
-	GenerateAttachVolumeFunc(volumeToAttach VolumeToAttach, actualStateOfWorld ActualStateOfWorldAttacherUpdater) (func() error, string, error)
+	GenerateAttachVolumeFunc(volumeToAttach VolumeToAttach, actualStateOfWorld ActualStateOfWorldAttacherUpdater) (volumetypes.GeneratedOperations, error)
 
 	// Generates the DetachVolume function needed to perform the detach of a volume plugin
-	GenerateDetachVolumeFunc(volumeToDetach AttachedVolume, verifySafeToDetach bool, actualStateOfWorld ActualStateOfWorldAttacherUpdater) (func() error, string, error)
+	GenerateDetachVolumeFunc(volumeToDetach AttachedVolume, verifySafeToDetach bool, actualStateOfWorld ActualStateOfWorldAttacherUpdater) (volumetypes.GeneratedOperations, error)
 
 	// Generates the VolumesAreAttached function needed to verify if volume plugins are attached
-	GenerateVolumesAreAttachedFunc(attachedVolumes []AttachedVolume, nodeName types.NodeName, actualStateOfWorld ActualStateOfWorldAttacherUpdater) (func() error, error)
+	GenerateVolumesAreAttachedFunc(attachedVolumes []AttachedVolume, nodeName types.NodeName, actualStateOfWorld ActualStateOfWorldAttacherUpdater) (volumetypes.GeneratedOperations, error)
 
 	// Generates the UnMountDevice function needed to perform the unmount of a device
-	GenerateUnmountDeviceFunc(deviceToDetach AttachedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater, mounter mount.Interface) (func() error, string, error)
+	GenerateUnmountDeviceFunc(deviceToDetach AttachedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater, mounter mount.Interface) (volumetypes.GeneratedOperations, error)
 
 	// Generates the function needed to check if the attach_detach controller has attached the volume plugin
-	GenerateVerifyControllerAttachedVolumeFunc(volumeToMount VolumeToMount, nodeName types.NodeName, actualStateOfWorld ActualStateOfWorldAttacherUpdater) (func() error, string, error)
+	GenerateVerifyControllerAttachedVolumeFunc(volumeToMount VolumeToMount, nodeName types.NodeName, actualStateOfWorld ActualStateOfWorldAttacherUpdater) (volumetypes.GeneratedOperations, error)
 
 	// Generates the MapVolume function needed to perform the map of a volume plugin
-	GenerateMapVolumeFunc(waitForAttachTimeout time.Duration, volumeToMount VolumeToMount, actualStateOfWorldMounterUpdater ActualStateOfWorldMounterUpdater) (func() error, string, error)
+	GenerateMapVolumeFunc(waitForAttachTimeout time.Duration, volumeToMount VolumeToMount, actualStateOfWorldMounterUpdater ActualStateOfWorldMounterUpdater) (volumetypes.GeneratedOperations, error)
 
 	// Generates the UnmapVolume function needed to perform the unmap of a volume plugin
-	GenerateUnmapVolumeFunc(volumeToUnmount MountedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater) (func() error, string, error)
+	GenerateUnmapVolumeFunc(volumeToUnmount MountedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater) (volumetypes.GeneratedOperations, error)
 
 	// Generates the UnmapDevice function needed to perform the unmap of a device
-	GenerateUnmapDeviceFunc(deviceToDetach AttachedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater, mounter mount.Interface) (func() error, string, error)
+	GenerateUnmapDeviceFunc(deviceToDetach AttachedVolume, actualStateOfWorld ActualStateOfWorldMounterUpdater, mounter mount.Interface) (volumetypes.GeneratedOperations, error)
 
 	// GetVolumePluginMgr returns volume plugin manager
 	GetVolumePluginMgr() *volume.VolumePluginMgr
@@ -119,15 +118,15 @@ type OperationGenerator interface {
 	GenerateBulkVolumeVerifyFunc(
 		map[types.NodeName][]*volume.Spec,
 		string,
-		map[*volume.Spec]v1.UniqueVolumeName, ActualStateOfWorldAttacherUpdater) (func() error, error)
+		map[*volume.Spec]v1.UniqueVolumeName, ActualStateOfWorldAttacherUpdater) (volumetypes.GeneratedOperations, error)
 
-	GenerateExpandVolumeFunc(*expandcache.PVCWithResizeRequest, expandcache.VolumeResizeMap) (func() error, string, error)
+	GenerateExpandVolumeFunc(*expandcache.PVCWithResizeRequest, expandcache.VolumeResizeMap) (volumetypes.GeneratedOperations, error)
 }
 
 func (og *operationGenerator) GenerateVolumesAreAttachedFunc(
 	attachedVolumes []AttachedVolume,
 	nodeName types.NodeName,
-	actualStateOfWorld ActualStateOfWorldAttacherUpdater) (func() error, error) {
+	actualStateOfWorld ActualStateOfWorldAttacherUpdater) (volumetypes.GeneratedOperations, error) {
 
 	// volumesPerPlugin maps from a volume plugin to a list of volume specs which belong
 	// to this type of plugin
@@ -155,7 +154,7 @@ func (og *operationGenerator) GenerateVolumesAreAttachedFunc(
 		volumeSpecMap[volumeAttached.VolumeSpec] = volumeAttached.VolumeName
 	}
 
-	return func() error {
+	volumesAreAttachedFunc := func() (error, error) {
 
 		// For each volume plugin, pass the list of volume specs to VolumesAreAttached to check
 		// whether the volumes are still attached.
@@ -196,7 +195,13 @@ func (og *operationGenerator) GenerateVolumesAreAttachedFunc(
 				}
 			}
 		}
-		return nil
+		return nil, nil
+	}
+
+	return volumetypes.GeneratedOperations{
+		OperationFunc:     volumesAreAttachedFunc,
+		CompleteFunc:      util.OperationCompleteHook("<n/a>", "verify_volumes_are_attached_per_node"),
+		EventRecorderFunc: nil, // nil because we do not want to generate event on error
 	}, nil
 }
 
@@ -204,9 +209,9 @@ func (og *operationGenerator) GenerateBulkVolumeVerifyFunc(
 	pluginNodeVolumes map[types.NodeName][]*volume.Spec,
 	pluginName string,
 	volumeSpecMap map[*volume.Spec]v1.UniqueVolumeName,
-	actualStateOfWorld ActualStateOfWorldAttacherUpdater) (func() error, error) {
+	actualStateOfWorld ActualStateOfWorldAttacherUpdater) (volumetypes.GeneratedOperations, error) {
 
-	return func() error {
+	bulkVolumeVerifyFunc := func() (error, error) {
 		attachableVolumePlugin, err :=
 			og.volumePluginMgr.FindAttachablePluginByName(pluginName)
 		if err != nil || attachableVolumePlugin == nil {
@@ -214,7 +219,7 @@ func (og *operationGenerator) GenerateBulkVolumeVerifyFunc(
 				"BulkVerifyVolume.FindAttachablePluginBySpec failed for plugin %q with: %v",
 				pluginName,
 				err)
-			return nil
+			return nil, nil
 		}
 
 		volumeAttacher, newAttacherErr := attachableVolumePlugin.NewAttacher()
@@ -224,19 +229,19 @@ func (og *operationGenerator) GenerateBulkVolumeVerifyFunc(
 				"BulkVerifyVolume.NewAttacher failed for getting plugin %q with: %v",
 				attachableVolumePlugin,
 				newAttacherErr)
-			return nil
+			return nil, nil
 		}
 		bulkVolumeVerifier, ok := volumeAttacher.(volume.BulkVolumeVerifier)
 
 		if !ok {
 			glog.Errorf("BulkVerifyVolume failed to type assert attacher %q", bulkVolumeVerifier)
-			return nil
+			return nil, nil
 		}
 
 		attached, bulkAttachErr := bulkVolumeVerifier.BulkVerifyVolumes(pluginNodeVolumes)
 		if bulkAttachErr != nil {
 			glog.Errorf("BulkVerifyVolume.BulkVerifyVolumes Error checking volumes are attached with %v", bulkAttachErr)
-			return nil
+			return nil, nil
 		}
 
 		for nodeName, volumeSpecs := range pluginNodeVolumes {
@@ -261,26 +266,43 @@ func (og *operationGenerator) GenerateBulkVolumeVerifyFunc(
 			}
 		}
 
-		return nil
+		return nil, nil
+	}
+
+	return volumetypes.GeneratedOperations{
+		OperationFunc:     bulkVolumeVerifyFunc,
+		CompleteFunc:      util.OperationCompleteHook(pluginName, "verify_volumes_are_attached"),
+		EventRecorderFunc: nil, // nil because we do not want to generate event on error
 	}, nil
+
 }
 
 func (og *operationGenerator) GenerateAttachVolumeFunc(
 	volumeToAttach VolumeToAttach,
-	actualStateOfWorld ActualStateOfWorldAttacherUpdater) (func() error, string, error) {
+	actualStateOfWorld ActualStateOfWorldAttacherUpdater) (volumetypes.GeneratedOperations, error) {
 	// Get attacher plugin
+	eventRecorderFunc := func(err *error) {
+		if *err != nil {
+			for _, pod := range volumeToAttach.ScheduledPods {
+				og.recorder.Eventf(pod, v1.EventTypeWarning, kevents.FailedAttachVolume, (*err).Error())
+			}
+		}
+	}
+
 	attachableVolumePlugin, err :=
 		og.volumePluginMgr.FindAttachablePluginBySpec(volumeToAttach.VolumeSpec)
 	if err != nil || attachableVolumePlugin == nil {
-		return nil, "", volumeToAttach.GenerateErrorDetailed("AttachVolume.FindAttachablePluginBySpec failed", err)
+		eventRecorderFunc(&err)
+		return volumetypes.GeneratedOperations{}, volumeToAttach.GenerateErrorDetailed("AttachVolume.FindAttachablePluginBySpec failed", err)
 	}
 
 	volumeAttacher, newAttacherErr := attachableVolumePlugin.NewAttacher()
 	if newAttacherErr != nil {
-		return nil, attachableVolumePlugin.GetPluginName(), volumeToAttach.GenerateErrorDetailed("AttachVolume.NewAttacher failed", newAttacherErr)
+		eventRecorderFunc(&err)
+		return volumetypes.GeneratedOperations{}, volumeToAttach.GenerateErrorDetailed("AttachVolume.NewAttacher failed", newAttacherErr)
 	}
 
-	return func() error {
+	attachVolumeFunc := func() (error, error) {
 		// Execute attach
 		devicePath, attachErr := volumeAttacher.Attach(
 			volumeToAttach.VolumeSpec, volumeToAttach.NodeName)
@@ -299,13 +321,14 @@ func (og *operationGenerator) GenerateAttachVolumeFunc(
 
 			}
 			// On failure, return error. Caller will log and retry.
-			eventErr, detailedErr := volumeToAttach.GenerateError("AttachVolume.Attach failed", attachErr)
-			for _, pod := range volumeToAttach.ScheduledPods {
-				og.recorder.Eventf(pod, v1.EventTypeWarning, kevents.FailedMountVolume, eventErr.Error())
-			}
-			return detailedErr
+			return volumeToAttach.GenerateError("AttachVolume.Attach failed", attachErr)
 		}
 
+		// Successful attach event is useful for user debugging
+		simpleMsg, _ := volumeToAttach.GenerateMsg("AttachVolume.Attach succeeded", "")
+		for _, pod := range volumeToAttach.ScheduledPods {
+			og.recorder.Eventf(pod, v1.EventTypeNormal, kevents.SuccessfulAttachVolume, simpleMsg)
+		}
 		glog.Infof(volumeToAttach.GenerateMsgDetailed("AttachVolume.Attach succeeded", ""))
 
 		// Update actual state of world
@@ -313,11 +336,17 @@ func (og *operationGenerator) GenerateAttachVolumeFunc(
 			v1.UniqueVolumeName(""), volumeToAttach.VolumeSpec, volumeToAttach.NodeName, devicePath)
 		if addVolumeNodeErr != nil {
 			// On failure, return error. Caller will log and retry.
-			return volumeToAttach.GenerateErrorDetailed("AttachVolume.MarkVolumeAsAttached failed", addVolumeNodeErr)
+			return volumeToAttach.GenerateError("AttachVolume.MarkVolumeAsAttached failed", addVolumeNodeErr)
 		}
 
-		return nil
-	}, attachableVolumePlugin.GetPluginName(), nil
+		return nil, nil
+	}
+
+	return volumetypes.GeneratedOperations{
+		OperationFunc:     attachVolumeFunc,
+		EventRecorderFunc: eventRecorderFunc,
+		CompleteFunc:      util.OperationCompleteHook(attachableVolumePlugin.GetPluginName(), "volume_attach"),
+	}, nil
 }
 
 func (og *operationGenerator) GetVolumePluginMgr() *volume.VolumePluginMgr {
@@ -327,7 +356,7 @@ func (og *operationGenerator) GetVolumePluginMgr() *volume.VolumePluginMgr {
 func (og *operationGenerator) GenerateDetachVolumeFunc(
 	volumeToDetach AttachedVolume,
 	verifySafeToDetach bool,
-	actualStateOfWorld ActualStateOfWorldAttacherUpdater) (func() error, string, error) {
+	actualStateOfWorld ActualStateOfWorldAttacherUpdater) (volumetypes.GeneratedOperations, error) {
 	var volumeName string
 	var attachableVolumePlugin volume.AttachableVolumePlugin
 	var pluginName string
@@ -338,25 +367,25 @@ func (og *operationGenerator) GenerateDetachVolumeFunc(
 		attachableVolumePlugin, err =
 			og.volumePluginMgr.FindAttachablePluginBySpec(volumeToDetach.VolumeSpec)
 		if err != nil || attachableVolumePlugin == nil {
-			return nil, "", volumeToDetach.GenerateErrorDetailed("DetachVolume.FindAttachablePluginBySpec failed", err)
+			return volumetypes.GeneratedOperations{}, volumeToDetach.GenerateErrorDetailed("DetachVolume.FindAttachablePluginBySpec failed", err)
 		}
 
 		volumeName, err =
 			attachableVolumePlugin.GetVolumeName(volumeToDetach.VolumeSpec)
 		if err != nil {
-			return nil, attachableVolumePlugin.GetPluginName(), volumeToDetach.GenerateErrorDetailed("DetachVolume.GetVolumeName failed", err)
+			return volumetypes.GeneratedOperations{}, volumeToDetach.GenerateErrorDetailed("DetachVolume.GetVolumeName failed", err)
 		}
 	} else {
 		// Get attacher plugin and the volumeName by splitting the volume unique name in case
 		// there's no VolumeSpec: this happens only on attach/detach controller crash recovery
 		// when a pod has been deleted during the controller downtime
-		pluginName, volumeName, err = volumehelper.SplitUniqueName(volumeToDetach.VolumeName)
+		pluginName, volumeName, err = util.SplitUniqueName(volumeToDetach.VolumeName)
 		if err != nil {
-			return nil, pluginName, volumeToDetach.GenerateErrorDetailed("DetachVolume.SplitUniqueName failed", err)
+			return volumetypes.GeneratedOperations{}, volumeToDetach.GenerateErrorDetailed("DetachVolume.SplitUniqueName failed", err)
 		}
 		attachableVolumePlugin, err = og.volumePluginMgr.FindAttachablePluginByName(pluginName)
 		if err != nil {
-			return nil, pluginName, volumeToDetach.GenerateErrorDetailed("DetachVolume.FindAttachablePluginBySpec failed", err)
+			return volumetypes.GeneratedOperations{}, volumeToDetach.GenerateErrorDetailed("DetachVolume.FindAttachablePluginBySpec failed", err)
 		}
 	}
 
@@ -366,10 +395,10 @@ func (og *operationGenerator) GenerateDetachVolumeFunc(
 
 	volumeDetacher, err := attachableVolumePlugin.NewDetacher()
 	if err != nil {
-		return nil, pluginName, volumeToDetach.GenerateErrorDetailed("DetachVolume.NewDetacher failed", err)
+		return volumetypes.GeneratedOperations{}, volumeToDetach.GenerateErrorDetailed("DetachVolume.NewDetacher failed", err)
 	}
 
-	return func() error {
+	getVolumePluginMgrFunc := func() (error, error) {
 		var err error
 		if verifySafeToDetach {
 			err = og.verifyVolumeIsSafeToDetach(volumeToDetach)
@@ -381,7 +410,7 @@ func (og *operationGenerator) GenerateDetachVolumeFunc(
 			// On failure, add volume back to ReportAsAttached list
 			actualStateOfWorld.AddVolumeToReportAsAttached(
 				volumeToDetach.VolumeName, volumeToDetach.NodeName)
-			return volumeToDetach.GenerateErrorDetailed("DetachVolume.Detach failed", err)
+			return volumeToDetach.GenerateError("DetachVolume.Detach failed", err)
 		}
 
 		glog.Infof(volumeToDetach.GenerateMsgDetailed("DetachVolume.Detach succeeded", ""))
@@ -390,25 +419,33 @@ func (og *operationGenerator) GenerateDetachVolumeFunc(
 		actualStateOfWorld.MarkVolumeAsDetached(
 			volumeToDetach.VolumeName, volumeToDetach.NodeName)
 
-		return nil
-	}, pluginName, nil
+		return nil, nil
+	}
+
+	return volumetypes.GeneratedOperations{
+		OperationFunc:     getVolumePluginMgrFunc,
+		CompleteFunc:      util.OperationCompleteHook(pluginName, "volume_detach"),
+		EventRecorderFunc: nil, // nil because we do not want to generate event on error
+	}, nil
 }
 
 func (og *operationGenerator) GenerateMountVolumeFunc(
 	waitForAttachTimeout time.Duration,
 	volumeToMount VolumeToMount,
 	actualStateOfWorld ActualStateOfWorldMounterUpdater,
-	isRemount bool) (func() error, string, error) {
+	isRemount bool) (volumetypes.GeneratedOperations, error) {
 	// Get mounter plugin
 	volumePlugin, err :=
 		og.volumePluginMgr.FindPluginBySpec(volumeToMount.VolumeSpec)
 	if err != nil || volumePlugin == nil {
-		return nil, "", volumeToMount.GenerateErrorDetailed("MountVolume.FindPluginBySpec failed", err)
+		return volumetypes.GeneratedOperations{}, volumeToMount.GenerateErrorDetailed("MountVolume.FindPluginBySpec failed", err)
 	}
 
 	affinityErr := checkNodeAffinity(og, volumeToMount, volumePlugin)
 	if affinityErr != nil {
-		return nil, volumePlugin.GetPluginName(), affinityErr
+		eventErr, detailedErr := volumeToMount.GenerateError("MountVolume.NodeAffinity check failed", affinityErr)
+		og.recorder.Eventf(volumeToMount.Pod, v1.EventTypeWarning, kevents.FailedMountVolume, eventErr.Error())
+		return volumetypes.GeneratedOperations{}, detailedErr
 	}
 
 	volumeMounter, newMounterErr := volumePlugin.NewMounter(
@@ -418,13 +455,15 @@ func (og *operationGenerator) GenerateMountVolumeFunc(
 	if newMounterErr != nil {
 		eventErr, detailedErr := volumeToMount.GenerateError("MountVolume.NewMounter initialization failed", newMounterErr)
 		og.recorder.Eventf(volumeToMount.Pod, v1.EventTypeWarning, kevents.FailedMountVolume, eventErr.Error())
-		return nil, volumePlugin.GetPluginName(), detailedErr
+		return volumetypes.GeneratedOperations{}, detailedErr
 	}
 
 	mountCheckError := checkMountOptionSupport(og, volumeToMount, volumePlugin)
 
 	if mountCheckError != nil {
-		return nil, volumePlugin.GetPluginName(), mountCheckError
+		eventErr, detailedErr := volumeToMount.GenerateError("MountVolume.MountOptionSupport check failed", mountCheckError)
+		og.recorder.Eventf(volumeToMount.Pod, v1.EventTypeWarning, kevents.UnsupportedMountOption, eventErr.Error())
+		return volumetypes.GeneratedOperations{}, detailedErr
 	}
 
 	// Get attacher, if possible
@@ -441,7 +480,7 @@ func (og *operationGenerator) GenerateMountVolumeFunc(
 		fsGroup = volumeToMount.Pod.Spec.SecurityContext.FSGroup
 	}
 
-	return func() error {
+	mountVolumeFunc := func() (error, error) {
 		if volumeAttacher != nil {
 			// Wait for attachable volumes to finish attaching
 			glog.Infof(volumeToMount.GenerateMsgDetailed("MountVolume.WaitForAttach entering", fmt.Sprintf("DevicePath %q", volumeToMount.DevicePath)))
@@ -450,24 +489,16 @@ func (og *operationGenerator) GenerateMountVolumeFunc(
 				volumeToMount.VolumeSpec, volumeToMount.DevicePath, volumeToMount.Pod, waitForAttachTimeout)
 			if err != nil {
 				// On failure, return error. Caller will log and retry.
-				return volumeToMount.GenerateErrorDetailed("MountVolume.WaitForAttach failed", err)
+				return volumeToMount.GenerateError("MountVolume.WaitForAttach failed", err)
 			}
 
 			glog.Infof(volumeToMount.GenerateMsgDetailed("MountVolume.WaitForAttach succeeded", fmt.Sprintf("DevicePath %q", devicePath)))
 
-			// resizeFileSystem will resize the file system if user has requested a resize of
-			// underlying persistent volume and is allowed to do so.
-			resizeError := og.resizeFileSystem(volumeToMount, devicePath, volumePlugin.GetPluginName())
-
-			if resizeError != nil {
-				return volumeToMount.GenerateErrorDetailed("MountVolume.Resize failed", resizeError)
-			}
-
 			deviceMountPath, err :=
 				volumeAttacher.GetDeviceMountPath(volumeToMount.VolumeSpec)
 			if err != nil {
 				// On failure, return error. Caller will log and retry.
-				return volumeToMount.GenerateErrorDetailed("MountVolume.GetDeviceMountPath failed", err)
+				return volumeToMount.GenerateError("MountVolume.GetDeviceMountPath failed", err)
 			}
 
 			// Mount device to global mount path
@@ -477,20 +508,27 @@ func (og *operationGenerator) GenerateMountVolumeFunc(
 				deviceMountPath)
 			if err != nil {
 				// On failure, return error. Caller will log and retry.
-				eventErr, detailedErr := volumeToMount.GenerateError("MountVolume.MountDevice failed", err)
-				og.recorder.Eventf(volumeToMount.Pod, v1.EventTypeWarning, kevents.FailedMountVolume, eventErr.Error())
-				return detailedErr
+				return volumeToMount.GenerateError("MountVolume.MountDevice failed", err)
 			}
 
 			glog.Infof(volumeToMount.GenerateMsgDetailed("MountVolume.MountDevice succeeded", fmt.Sprintf("device mount path %q", deviceMountPath)))
 
 			// Update actual state of world to reflect volume is globally mounted
 			markDeviceMountedErr := actualStateOfWorld.MarkDeviceAsMounted(
-				volumeToMount.VolumeName)
+				volumeToMount.VolumeName, devicePath, deviceMountPath)
 			if markDeviceMountedErr != nil {
 				// On failure, return error. Caller will log and retry.
-				return volumeToMount.GenerateErrorDetailed("MountVolume.MarkDeviceAsMounted failed", markDeviceMountedErr)
+				return volumeToMount.GenerateError("MountVolume.MarkDeviceAsMounted failed", markDeviceMountedErr)
 			}
+
+			// resizeFileSystem will resize the file system if user has requested a resize of
+			// underlying persistent volume and is allowed to do so.
+			resizeSimpleError, resizeDetailedError := og.resizeFileSystem(volumeToMount, devicePath, deviceMountPath, volumePlugin.GetPluginName())
+
+			if resizeSimpleError != nil || resizeDetailedError != nil {
+				return resizeSimpleError, resizeDetailedError
+			}
+
 		}
 
 		if og.checkNodeCapabilitiesBeforeMount {
@@ -498,9 +536,7 @@ func (og *operationGenerator) GenerateMountVolumeFunc(
 				err = fmt.Errorf(
 					"Verify that your node machine has the required components before attempting to mount this volume type. %s",
 					canMountErr)
-				eventErr, detailedErr := volumeToMount.GenerateError("MountVolume.CanMount failed", err)
-				og.recorder.Eventf(volumeToMount.Pod, v1.EventTypeWarning, kevents.FailedMountVolume, eventErr.Error())
-				return detailedErr
+				return volumeToMount.GenerateError("MountVolume.CanMount failed", err)
 			}
 		}
 
@@ -508,15 +544,13 @@ func (og *operationGenerator) GenerateMountVolumeFunc(
 		mountErr := volumeMounter.SetUp(fsGroup)
 		if mountErr != nil {
 			// On failure, return error. Caller will log and retry.
-			eventErr, detailedErr := volumeToMount.GenerateError("MountVolume.SetUp failed", mountErr)
-			og.recorder.Eventf(volumeToMount.Pod, v1.EventTypeWarning, kevents.FailedMountVolume, eventErr.Error())
-			return detailedErr
+			return volumeToMount.GenerateError("MountVolume.SetUp failed", mountErr)
 		}
 
 		simpleMsg, detailedMsg := volumeToMount.GenerateMsg("MountVolume.SetUp succeeded", "")
 		verbosity := glog.Level(1)
 		if isRemount {
-			verbosity = glog.Level(7)
+			verbosity = glog.Level(4)
 		} else {
 			og.recorder.Eventf(volumeToMount.Pod, v1.EventTypeNormal, kevents.SuccessfulMountVolume, simpleMsg)
 		}
@@ -533,17 +567,29 @@ func (og *operationGenerator) GenerateMountVolumeFunc(
 			volumeToMount.VolumeGidValue)
 		if markVolMountedErr != nil {
 			// On failure, return error. Caller will log and retry.
-			return volumeToMount.GenerateErrorDetailed("MountVolume.MarkVolumeAsMounted failed", markVolMountedErr)
+			return volumeToMount.GenerateError("MountVolume.MarkVolumeAsMounted failed", markVolMountedErr)
 		}
 
-		return nil
-	}, volumePlugin.GetPluginName(), nil
+		return nil, nil
+	}
+
+	eventRecorderFunc := func(err *error) {
+		if *err != nil {
+			og.recorder.Eventf(volumeToMount.Pod, v1.EventTypeWarning, kevents.FailedMountVolume, (*err).Error())
+		}
+	}
+
+	return volumetypes.GeneratedOperations{
+		OperationFunc:     mountVolumeFunc,
+		EventRecorderFunc: eventRecorderFunc,
+		CompleteFunc:      util.OperationCompleteHook(volumePlugin.GetPluginName(), "volume_mount"),
+	}, nil
 }
 
-func (og *operationGenerator) resizeFileSystem(volumeToMount VolumeToMount, devicePath string, pluginName string) error {
+func (og *operationGenerator) resizeFileSystem(volumeToMount VolumeToMount, devicePath, deviceMountPath, pluginName string) (simpleErr, detailedErr error) {
 	if !utilfeature.DefaultFeatureGate.Enabled(features.ExpandPersistentVolumes) {
-		glog.V(6).Infof("Resizing is not enabled for this volume %s", volumeToMount.VolumeName)
-		return nil
+		glog.V(4).Infof("Resizing is not enabled for this volume %s", volumeToMount.VolumeName)
+		return nil, nil
 	}
 
 	mounter := og.volumePluginMgr.Host.GetMounter(pluginName)
@@ -558,7 +604,7 @@ func (og *operationGenerator) resizeFileSystem(volumeToMount VolumeToMount, devi
 		pvc, err := og.kubeClient.CoreV1().PersistentVolumeClaims(pv.Spec.ClaimRef.Namespace).Get(pv.Spec.ClaimRef.Name, metav1.GetOptions{})
 		if err != nil {
 			// Return error rather than leave the file system un-resized, caller will log and retry
-			return volumeToMount.GenerateErrorDetailed("MountVolume get PVC failed", err)
+			return volumeToMount.GenerateError("MountVolume.resizeFileSystem get PVC failed", err)
 		}
 
 		pvcStatusCap := pvc.Status.Capacity[v1.ResourceStorage]
@@ -571,7 +617,7 @@ func (og *operationGenerator) resizeFileSystem(volumeToMount VolumeToMount, devi
 				simpleMsg, detailedMsg := volumeToMount.GenerateMsg("MountVolume.resizeFileSystem failed", "requested read-only file system")
 				glog.Warningf(detailedMsg)
 				og.recorder.Eventf(volumeToMount.Pod, v1.EventTypeWarning, kevents.FileSystemResizeFailed, simpleMsg)
-				return nil
+				return nil, nil
 			}
 
 			diskFormatter := &mount.SafeFormatAndMount{
@@ -580,13 +626,10 @@ func (og *operationGenerator) resizeFileSystem(volumeToMount VolumeToMount, devi
 			}
 
 			resizer := resizefs.NewResizeFs(diskFormatter)
-			resizeStatus, resizeErr := resizer.Resize(devicePath)
+			resizeStatus, resizeErr := resizer.Resize(devicePath, deviceMountPath)
 
 			if resizeErr != nil {
-				resizeDetailedError := volumeToMount.GenerateErrorDetailed("MountVolume.resizeFileSystem failed", resizeErr)
-				glog.Error(resizeDetailedError)
-				og.recorder.Eventf(volumeToMount.Pod, v1.EventTypeWarning, kevents.FileSystemResizeFailed, resizeDetailedError.Error())
-				return resizeDetailedError
+				return volumeToMount.GenerateError("MountVolume.resizeFileSystem failed", resizeErr)
 			}
 
 			if resizeStatus {
@@ -596,48 +639,48 @@ func (og *operationGenerator) resizeFileSystem(volumeToMount VolumeToMount, devi
 			}
 
 			// File system resize succeeded, now update the PVC's Capacity to match the PV's
-			err = updatePVCStatusCapacity(pvc.Name, pvc, pv.Spec.Capacity, og.kubeClient)
+			err = util.MarkFSResizeFinished(pvc, pv.Spec.Capacity, og.kubeClient)
 			if err != nil {
 				// On retry, resizeFileSystem will be called again but do nothing
-				return volumeToMount.GenerateErrorDetailed("MountVolume update PVC status failed", err)
+				return volumeToMount.GenerateError("MountVolume.resizeFileSystem update PVC status failed", err)
 			}
-			return nil
+			return nil, nil
 		}
 	}
-	return nil
+	return nil, nil
 }
 
 func (og *operationGenerator) GenerateUnmountVolumeFunc(
 	volumeToUnmount MountedVolume,
 	actualStateOfWorld ActualStateOfWorldMounterUpdater,
-	podsDir string) (func() error, string, error) {
+	podsDir string) (volumetypes.GeneratedOperations, error) {
 	// Get mountable plugin
 	volumePlugin, err :=
 		og.volumePluginMgr.FindPluginByName(volumeToUnmount.PluginName)
 	if err != nil || volumePlugin == nil {
-		return nil, "", volumeToUnmount.GenerateErrorDetailed("UnmountVolume.FindPluginByName failed", err)
+		return volumetypes.GeneratedOperations{}, volumeToUnmount.GenerateErrorDetailed("UnmountVolume.FindPluginByName failed", err)
 	}
 
 	volumeUnmounter, newUnmounterErr := volumePlugin.NewUnmounter(
 		volumeToUnmount.InnerVolumeSpecName, volumeToUnmount.PodUID)
 	if newUnmounterErr != nil {
-		return nil, volumePlugin.GetPluginName(), volumeToUnmount.GenerateErrorDetailed("UnmountVolume.NewUnmounter failed", newUnmounterErr)
+		return volumetypes.GeneratedOperations{}, volumeToUnmount.GenerateErrorDetailed("UnmountVolume.NewUnmounter failed", newUnmounterErr)
 	}
 
-	return func() error {
+	unmountVolumeFunc := func() (error, error) {
 		mounter := og.volumePluginMgr.Host.GetMounter(volumeToUnmount.PluginName)
 
 		// Remove all bind-mounts for subPaths
 		podDir := path.Join(podsDir, string(volumeToUnmount.PodUID))
-		if err := mounter.CleanSubPaths(podDir, volumeToUnmount.OuterVolumeSpecName); err != nil {
-			return volumeToUnmount.GenerateErrorDetailed("error cleaning subPath mounts", err)
+		if err := mounter.CleanSubPaths(podDir, volumeToUnmount.InnerVolumeSpecName); err != nil {
+			return volumeToUnmount.GenerateError("error cleaning subPath mounts", err)
 		}
 
 		// Execute unmount
 		unmountErr := volumeUnmounter.TearDown()
 		if unmountErr != nil {
 			// On failure, return error. Caller will log and retry.
-			return volumeToUnmount.GenerateErrorDetailed("UnmountVolume.TearDown failed", unmountErr)
+			return volumeToUnmount.GenerateError("UnmountVolume.TearDown failed", unmountErr)
 		}
 
 		glog.Infof(
@@ -658,51 +701,46 @@ func (og *operationGenerator) GenerateUnmountVolumeFunc(
 			glog.Errorf(volumeToUnmount.GenerateErrorDetailed("UnmountVolume.MarkVolumeAsUnmounted failed", markVolMountedErr).Error())
 		}
 
-		return nil
-	}, volumePlugin.GetPluginName(), nil
+		return nil, nil
+	}
+
+	return volumetypes.GeneratedOperations{
+		OperationFunc:     unmountVolumeFunc,
+		CompleteFunc:      util.OperationCompleteHook(volumePlugin.GetPluginName(), "volume_unmount"),
+		EventRecorderFunc: nil, // nil because we do not want to generate event on error
+	}, nil
 }
 
 func (og *operationGenerator) GenerateUnmountDeviceFunc(
 	deviceToDetach AttachedVolume,
 	actualStateOfWorld ActualStateOfWorldMounterUpdater,
-	mounter mount.Interface) (func() error, string, error) {
+	mounter mount.Interface) (volumetypes.GeneratedOperations, error) {
 	// Get attacher plugin
 	attachableVolumePlugin, err :=
-		og.volumePluginMgr.FindAttachablePluginBySpec(deviceToDetach.VolumeSpec)
+		og.volumePluginMgr.FindAttachablePluginByName(deviceToDetach.PluginName)
 	if err != nil || attachableVolumePlugin == nil {
-		return nil, "", deviceToDetach.GenerateErrorDetailed("UnmountDevice.FindAttachablePluginBySpec failed", err)
+		return volumetypes.GeneratedOperations{}, deviceToDetach.GenerateErrorDetailed("UnmountDevice.FindAttachablePluginBySpec failed", err)
 	}
 
 	volumeDetacher, err := attachableVolumePlugin.NewDetacher()
 	if err != nil {
-		return nil, attachableVolumePlugin.GetPluginName(), deviceToDetach.GenerateErrorDetailed("UnmountDevice.NewDetacher failed", err)
+		return volumetypes.GeneratedOperations{}, deviceToDetach.GenerateErrorDetailed("UnmountDevice.NewDetacher failed", err)
 	}
-
-	volumeAttacher, err := attachableVolumePlugin.NewAttacher()
-	if err != nil {
-		return nil, attachableVolumePlugin.GetPluginName(), deviceToDetach.GenerateErrorDetailed("UnmountDevice.NewAttacher failed", err)
-	}
-
-	return func() error {
-		deviceMountPath, err :=
-			volumeAttacher.GetDeviceMountPath(deviceToDetach.VolumeSpec)
-		if err != nil {
-			// On failure, return error. Caller will log and retry.
-			return deviceToDetach.GenerateErrorDetailed("GetDeviceMountPath failed", err)
-		}
+	unmountDeviceFunc := func() (error, error) {
+		deviceMountPath := deviceToDetach.DeviceMountPath
 		refs, err := attachableVolumePlugin.GetDeviceMountRefs(deviceMountPath)
 
-		if err != nil || hasMountRefs(deviceMountPath, refs) {
+		if err != nil || mount.HasMountRefs(deviceMountPath, refs) {
 			if err == nil {
 				err = fmt.Errorf("The device mount path %q is still mounted by other references %v", deviceMountPath, refs)
 			}
-			return deviceToDetach.GenerateErrorDetailed("GetDeviceMountRefs check failed", err)
+			return deviceToDetach.GenerateError("GetDeviceMountRefs check failed", err)
 		}
 		// Execute unmount
 		unmountDeviceErr := volumeDetacher.UnmountDevice(deviceMountPath)
 		if unmountDeviceErr != nil {
 			// On failure, return error. Caller will log and retry.
-			return deviceToDetach.GenerateErrorDetailed("UnmountDevice failed", unmountDeviceErr)
+			return deviceToDetach.GenerateError("UnmountDevice failed", unmountDeviceErr)
 		}
 		// Before logging that UnmountDevice succeeded and moving on,
 		// use mounter.PathIsDevice to check if the path is a device,
@@ -710,27 +748,33 @@ func (og *operationGenerator) GenerateUnmountDeviceFunc(
 		// else on the system. Retry if it returns true.
 		deviceOpened, deviceOpenedErr := isDeviceOpened(deviceToDetach, mounter)
 		if deviceOpenedErr != nil {
-			return deviceOpenedErr
+			return nil, deviceOpenedErr
 		}
 		// The device is still in use elsewhere. Caller will log and retry.
 		if deviceOpened {
-			return deviceToDetach.GenerateErrorDetailed(
+			return deviceToDetach.GenerateError(
 				"UnmountDevice failed",
 				fmt.Errorf("the device is in use when it was no longer expected to be in use"))
 		}
 
-		glog.Infof(deviceToDetach.GenerateMsgDetailed("UnmountDevice succeeded", ""))
+		glog.Infof(deviceToDetach.GenerateMsg("UnmountDevice succeeded", ""))
 
 		// Update actual state of world
 		markDeviceUnmountedErr := actualStateOfWorld.MarkDeviceAsUnmounted(
 			deviceToDetach.VolumeName)
 		if markDeviceUnmountedErr != nil {
 			// On failure, return error. Caller will log and retry.
-			return deviceToDetach.GenerateErrorDetailed("MarkDeviceAsUnmounted failed", markDeviceUnmountedErr)
+			return deviceToDetach.GenerateError("MarkDeviceAsUnmounted failed", markDeviceUnmountedErr)
 		}
 
-		return nil
-	}, attachableVolumePlugin.GetPluginName(), nil
+		return nil, nil
+	}
+
+	return volumetypes.GeneratedOperations{
+		OperationFunc:     unmountDeviceFunc,
+		CompleteFunc:      util.OperationCompleteHook(attachableVolumePlugin.GetPluginName(), "unmount_device"),
+		EventRecorderFunc: nil, // nil because we do not want to generate event on error
+	}, nil
 }
 
 // GenerateMapVolumeFunc marks volume as mounted based on following steps.
@@ -741,25 +785,27 @@ func (og *operationGenerator) GenerateUnmountDeviceFunc(
 // device map path. Once symbolic links are created, take fd lock by
 // loopback for the device to avoid silent volume replacement. This lock
 // will be realased once no one uses the device.
-// If all steps are completed, the volume is marked as unmounted.
+// If all steps are completed, the volume is marked as mounted.
 func (og *operationGenerator) GenerateMapVolumeFunc(
 	waitForAttachTimeout time.Duration,
 	volumeToMount VolumeToMount,
-	actualStateOfWorld ActualStateOfWorldMounterUpdater) (func() error, string, error) {
+	actualStateOfWorld ActualStateOfWorldMounterUpdater) (volumetypes.GeneratedOperations, error) {
 
 	// Get block volume mapper plugin
 	var blockVolumeMapper volume.BlockVolumeMapper
 	blockVolumePlugin, err :=
 		og.volumePluginMgr.FindMapperPluginBySpec(volumeToMount.VolumeSpec)
 	if err != nil {
-		return nil, "", volumeToMount.GenerateErrorDetailed("MapVolume.FindMapperPluginBySpec failed", err)
+		return volumetypes.GeneratedOperations{}, volumeToMount.GenerateErrorDetailed("MapVolume.FindMapperPluginBySpec failed", err)
 	}
 	if blockVolumePlugin == nil {
-		return nil, "", volumeToMount.GenerateErrorDetailed("MapVolume.FindMapperPluginBySpec failed to find BlockVolumeMapper plugin. Volume plugin is nil.", nil)
+		return volumetypes.GeneratedOperations{}, volumeToMount.GenerateErrorDetailed("MapVolume.FindMapperPluginBySpec failed to find BlockVolumeMapper plugin. Volume plugin is nil.", nil)
 	}
 	affinityErr := checkNodeAffinity(og, volumeToMount, blockVolumePlugin)
 	if affinityErr != nil {
-		return nil, blockVolumePlugin.GetPluginName(), affinityErr
+		eventErr, detailedErr := volumeToMount.GenerateError("MapVolume.NodeAffinity check failed", affinityErr)
+		og.recorder.Eventf(volumeToMount.Pod, v1.EventTypeWarning, kevents.FailedMountVolume, eventErr.Error())
+		return volumetypes.GeneratedOperations{}, detailedErr
 	}
 	blockVolumeMapper, newMapperErr := blockVolumePlugin.NewBlockVolumeMapper(
 		volumeToMount.VolumeSpec,
@@ -768,7 +814,7 @@ func (og *operationGenerator) GenerateMapVolumeFunc(
 	if newMapperErr != nil {
 		eventErr, detailedErr := volumeToMount.GenerateError("MapVolume.NewBlockVolumeMapper initialization failed", newMapperErr)
 		og.recorder.Eventf(volumeToMount.Pod, v1.EventTypeWarning, kevents.FailedMapVolume, eventErr.Error())
-		return nil, blockVolumePlugin.GetPluginName(), detailedErr
+		return volumetypes.GeneratedOperations{}, detailedErr
 	}
 
 	// Get attacher, if possible
@@ -779,8 +825,15 @@ func (og *operationGenerator) GenerateMapVolumeFunc(
 		volumeAttacher, _ = attachableVolumePlugin.NewAttacher()
 	}
 
-	return func() error {
+	mapVolumeFunc := func() (error, error) {
 		var devicePath string
+		// Set up global map path under the given plugin directory using symbolic link
+		globalMapPath, err :=
+			blockVolumeMapper.GetGlobalMapPath(volumeToMount.VolumeSpec)
+		if err != nil {
+			// On failure, return error. Caller will log and retry.
+			return volumeToMount.GenerateError("MapVolume.GetDeviceMountPath failed", err)
+		}
 		if volumeAttacher != nil {
 			// Wait for attachable volumes to finish attaching
 			glog.Infof(volumeToMount.GenerateMsgDetailed("MapVolume.WaitForAttach entering", fmt.Sprintf("DevicePath %q", volumeToMount.DevicePath)))
@@ -789,49 +842,40 @@ func (og *operationGenerator) GenerateMapVolumeFunc(
 				volumeToMount.VolumeSpec, volumeToMount.DevicePath, volumeToMount.Pod, waitForAttachTimeout)
 			if err != nil {
 				// On failure, return error. Caller will log and retry.
-				return volumeToMount.GenerateErrorDetailed("MapVolume.WaitForAttach failed", err)
+				return volumeToMount.GenerateError("MapVolume.WaitForAttach failed", err)
 			}
 
 			glog.Infof(volumeToMount.GenerateMsgDetailed("MapVolume.WaitForAttach succeeded", fmt.Sprintf("DevicePath %q", devicePath)))
 
-			// Update actual state of world to reflect volume is globally mounted
-			markDeviceMappedErr := actualStateOfWorld.MarkDeviceAsMounted(
-				volumeToMount.VolumeName)
-			if markDeviceMappedErr != nil {
-				// On failure, return error. Caller will log and retry.
-				return volumeToMount.GenerateErrorDetailed("MapVolume.MarkDeviceAsMounted failed", markDeviceMappedErr)
-			}
 		}
 		// A plugin doesn't have attacher also needs to map device to global map path with SetUpDevice()
 		pluginDevicePath, mapErr := blockVolumeMapper.SetUpDevice()
 		if mapErr != nil {
 			// On failure, return error. Caller will log and retry.
-			eventErr, detailedErr := volumeToMount.GenerateError("MapVolume.SetUp failed", mapErr)
-			og.recorder.Eventf(volumeToMount.Pod, v1.EventTypeWarning, kevents.FailedMapVolume, eventErr.Error())
-			return detailedErr
+			return volumeToMount.GenerateError("MapVolume.SetUp failed", mapErr)
 		}
 		// Update devicePath for none attachable plugin case
 		if len(devicePath) == 0 {
 			if len(pluginDevicePath) != 0 {
 				devicePath = pluginDevicePath
 			} else {
-				return volumeToMount.GenerateErrorDetailed("MapVolume failed", fmt.Errorf("Device path of the volume is empty"))
+				return volumeToMount.GenerateError("MapVolume failed", fmt.Errorf("Device path of the volume is empty"))
 			}
 		}
-		// Set up global map path under the given plugin directory using symbolic link
-		globalMapPath, err :=
-			blockVolumeMapper.GetGlobalMapPath(volumeToMount.VolumeSpec)
-		if err != nil {
+		// Update actual state of world to reflect volume is globally mounted
+		markDeviceMappedErr := actualStateOfWorld.MarkDeviceAsMounted(
+			volumeToMount.VolumeName, devicePath, globalMapPath)
+		if markDeviceMappedErr != nil {
 			// On failure, return error. Caller will log and retry.
-			return volumeToMount.GenerateErrorDetailed("MapVolume.GetDeviceMountPath failed", err)
+			return volumeToMount.GenerateError("MapVolume.MarkDeviceAsMounted failed", markDeviceMappedErr)
 		}
+
 		mapErr = og.blkUtil.MapDevice(devicePath, globalMapPath, string(volumeToMount.Pod.UID))
 		if mapErr != nil {
 			// On failure, return error. Caller will log and retry.
-			eventErr, detailedErr := volumeToMount.GenerateError("MapVolume.MapDevice failed", mapErr)
-			og.recorder.Eventf(volumeToMount.Pod, v1.EventTypeWarning, kevents.FailedMapVolume, eventErr.Error())
-			return detailedErr
+			return volumeToMount.GenerateError("MapVolume.MapDevice failed", mapErr)
 		}
+
 		// Device mapping for global map path succeeded
 		simpleMsg, detailedMsg := volumeToMount.GenerateMsg("MapVolume.MapDevice succeeded", fmt.Sprintf("globalMapPath %q", globalMapPath))
 		verbosity := glog.Level(4)
@@ -843,9 +887,7 @@ func (og *operationGenerator) GenerateMapVolumeFunc(
 		mapErr = og.blkUtil.MapDevice(devicePath, volumeMapPath, volName)
 		if mapErr != nil {
 			// On failure, return error. Caller will log and retry.
-			eventErr, detailedErr := volumeToMount.GenerateError("MapVolume.MapDevice failed", mapErr)
-			og.recorder.Eventf(volumeToMount.Pod, v1.EventTypeWarning, kevents.FailedMapVolume, eventErr.Error())
-			return detailedErr
+			return volumeToMount.GenerateError("MapVolume.MapDevice failed", mapErr)
 		}
 
 		// Take filedescriptor lock to keep a block device opened. Otherwise, there is a case
@@ -854,7 +896,7 @@ func (og *operationGenerator) GenerateMapVolumeFunc(
 		// for the block device is required.
 		_, err = og.blkUtil.AttachFileDevice(devicePath)
 		if err != nil {
-			return volumeToMount.GenerateErrorDetailed("MapVolume.AttachFileDevice failed", err)
+			return volumeToMount.GenerateError("MapVolume.AttachFileDevice failed", err)
 		}
 
 		// Device mapping for pod device map path succeeded
@@ -874,11 +916,23 @@ func (og *operationGenerator) GenerateMapVolumeFunc(
 			volumeToMount.VolumeGidValue)
 		if markVolMountedErr != nil {
 			// On failure, return error. Caller will log and retry.
-			return volumeToMount.GenerateErrorDetailed("MapVolume.MarkVolumeAsMounted failed", markVolMountedErr)
+			return volumeToMount.GenerateError("MapVolume.MarkVolumeAsMounted failed", markVolMountedErr)
 		}
 
-		return nil
-	}, blockVolumePlugin.GetPluginName(), nil
+		return nil, nil
+	}
+
+	eventRecorderFunc := func(err *error) {
+		if *err != nil {
+			og.recorder.Eventf(volumeToMount.Pod, v1.EventTypeWarning, kevents.FailedMapVolume, (*err).Error())
+		}
+	}
+
+	return volumetypes.GeneratedOperations{
+		OperationFunc:     mapVolumeFunc,
+		EventRecorderFunc: eventRecorderFunc,
+		CompleteFunc:      util.OperationCompleteHook(blockVolumePlugin.GetPluginName(), "map_volume"),
+	}, nil
 }
 
 // GenerateUnmapVolumeFunc marks volume as unmonuted based on following steps.
@@ -887,45 +941,40 @@ func (og *operationGenerator) GenerateMapVolumeFunc(
 // If all steps are completed, the volume is marked as unmounted.
 func (og *operationGenerator) GenerateUnmapVolumeFunc(
 	volumeToUnmount MountedVolume,
-	actualStateOfWorld ActualStateOfWorldMounterUpdater) (func() error, string, error) {
+	actualStateOfWorld ActualStateOfWorldMounterUpdater) (volumetypes.GeneratedOperations, error) {
 
 	// Get block volume unmapper plugin
 	var blockVolumeUnmapper volume.BlockVolumeUnmapper
 	blockVolumePlugin, err :=
 		og.volumePluginMgr.FindMapperPluginByName(volumeToUnmount.PluginName)
 	if err != nil {
-		return nil, "", volumeToUnmount.GenerateErrorDetailed("UnmapVolume.FindMapperPluginByName failed", err)
+		return volumetypes.GeneratedOperations{}, volumeToUnmount.GenerateErrorDetailed("UnmapVolume.FindMapperPluginByName failed", err)
 	}
 	if blockVolumePlugin == nil {
-		return nil, "", volumeToUnmount.GenerateErrorDetailed("UnmapVolume.FindMapperPluginByName failed to find BlockVolumeMapper plugin. Volume plugin is nil.", nil)
+		return volumetypes.GeneratedOperations{}, volumeToUnmount.GenerateErrorDetailed("UnmapVolume.FindMapperPluginByName failed to find BlockVolumeMapper plugin. Volume plugin is nil.", nil)
 	}
 	blockVolumeUnmapper, newUnmapperErr := blockVolumePlugin.NewBlockVolumeUnmapper(
 		volumeToUnmount.InnerVolumeSpecName, volumeToUnmount.PodUID)
 	if newUnmapperErr != nil {
-		return nil, blockVolumePlugin.GetPluginName(), volumeToUnmount.GenerateErrorDetailed("UnmapVolume.NewUnmapper failed", newUnmapperErr)
+		return volumetypes.GeneratedOperations{}, volumeToUnmount.GenerateErrorDetailed("UnmapVolume.NewUnmapper failed", newUnmapperErr)
 	}
 
-	return func() error {
+	unmapVolumeFunc := func() (error, error) {
 		// Try to unmap volumeName symlink under pod device map path dir
 		// pods/{podUid}/volumeDevices/{escapeQualifiedPluginName}/{volumeName}
 		podDeviceUnmapPath, volName := blockVolumeUnmapper.GetPodDeviceMapPath()
 		unmapDeviceErr := og.blkUtil.UnmapDevice(podDeviceUnmapPath, volName)
 		if unmapDeviceErr != nil {
 			// On failure, return error. Caller will log and retry.
-			return volumeToUnmount.GenerateErrorDetailed("UnmapVolume.UnmapDevice on pod device map path failed", unmapDeviceErr)
+			return volumeToUnmount.GenerateError("UnmapVolume.UnmapDevice on pod device map path failed", unmapDeviceErr)
 		}
 		// Try to unmap podUID symlink under global map path dir
 		// plugins/kubernetes.io/{PluginName}/volumeDevices/{volumePluginDependentPath}/{podUID}
-		globalUnmapPath, err :=
-			blockVolumeUnmapper.GetGlobalMapPath(volumeToUnmount.VolumeSpec)
-		if err != nil {
-			// On failure, return error. Caller will log and retry.
-			return volumeToUnmount.GenerateErrorDetailed("UnmapVolume.GetGlobalUnmapPath failed", err)
-		}
+		globalUnmapPath := volumeToUnmount.DeviceMountPath
 		unmapDeviceErr = og.blkUtil.UnmapDevice(globalUnmapPath, string(volumeToUnmount.PodUID))
 		if unmapDeviceErr != nil {
 			// On failure, return error. Caller will log and retry.
-			return volumeToUnmount.GenerateErrorDetailed("UnmapVolume.UnmapDevice on global map path failed", unmapDeviceErr)
+			return volumeToUnmount.GenerateError("UnmapVolume.UnmapDevice on global map path failed", unmapDeviceErr)
 		}
 
 		glog.Infof(
@@ -946,8 +995,14 @@ func (og *operationGenerator) GenerateUnmapVolumeFunc(
 			glog.Errorf(volumeToUnmount.GenerateErrorDetailed("UnmapVolume.MarkVolumeAsUnmounted failed", markVolUnmountedErr).Error())
 		}
 
-		return nil
-	}, blockVolumePlugin.GetPluginName(), nil
+		return nil, nil
+	}
+
+	return volumetypes.GeneratedOperations{
+		OperationFunc:     unmapVolumeFunc,
+		CompleteFunc:      util.OperationCompleteHook(blockVolumePlugin.GetPluginName(), "unmap_volume"),
+		EventRecorderFunc: nil, // nil because we do not want to generate event on error
+	}, nil
 }
 
 // GenerateUnmapDeviceFunc marks device as unmounted based on following steps.
@@ -963,56 +1018,42 @@ func (og *operationGenerator) GenerateUnmapVolumeFunc(
 func (og *operationGenerator) GenerateUnmapDeviceFunc(
 	deviceToDetach AttachedVolume,
 	actualStateOfWorld ActualStateOfWorldMounterUpdater,
-	mounter mount.Interface) (func() error, string, error) {
+	mounter mount.Interface) (volumetypes.GeneratedOperations, error) {
 
-	// Get block volume mapper plugin
-	var blockVolumeMapper volume.BlockVolumeMapper
 	blockVolumePlugin, err :=
-		og.volumePluginMgr.FindMapperPluginBySpec(deviceToDetach.VolumeSpec)
+		og.volumePluginMgr.FindMapperPluginByName(deviceToDetach.PluginName)
 	if err != nil {
-		return nil, "", deviceToDetach.GenerateErrorDetailed("UnmapDevice.FindMapperPluginBySpec failed", err)
+		return volumetypes.GeneratedOperations{}, deviceToDetach.GenerateErrorDetailed("UnmapDevice.FindMapperPluginByName failed", err)
 	}
 	if blockVolumePlugin == nil {
-		return nil, "", deviceToDetach.GenerateErrorDetailed("UnmapDevice.FindMapperPluginBySpec failed to find BlockVolumeMapper plugin. Volume plugin is nil.", nil)
-	}
-	blockVolumeMapper, newMapperErr := blockVolumePlugin.NewBlockVolumeMapper(
-		deviceToDetach.VolumeSpec,
-		nil, /* Pod */
-		volume.VolumeOptions{})
-	if newMapperErr != nil {
-		return nil, "", deviceToDetach.GenerateErrorDetailed("UnmapDevice.NewBlockVolumeMapper initialization failed", newMapperErr)
+		return volumetypes.GeneratedOperations{}, deviceToDetach.GenerateErrorDetailed("UnmapDevice.FindMapperPluginByName failed to find BlockVolumeMapper plugin. Volume plugin is nil.", nil)
 	}
 
 	blockVolumeUnmapper, newUnmapperErr := blockVolumePlugin.NewBlockVolumeUnmapper(
 		string(deviceToDetach.VolumeName),
 		"" /* podUID */)
 	if newUnmapperErr != nil {
-		return nil, blockVolumePlugin.GetPluginName(), deviceToDetach.GenerateErrorDetailed("UnmapDevice.NewUnmapper failed", newUnmapperErr)
+		return volumetypes.GeneratedOperations{}, deviceToDetach.GenerateErrorDetailed("UnmapDevice.NewUnmapper failed", newUnmapperErr)
 	}
 
-	return func() error {
+	unmapDeviceFunc := func() (error, error) {
 		// Search under globalMapPath dir if all symbolic links from pods have been removed already.
 		// If symbolick links are there, pods may still refer the volume.
-		globalMapPath, err :=
-			blockVolumeMapper.GetGlobalMapPath(deviceToDetach.VolumeSpec)
-		if err != nil {
-			// On failure, return error. Caller will log and retry.
-			return deviceToDetach.GenerateErrorDetailed("UnmapDevice.GetGlobalMapPath failed", err)
-		}
+		globalMapPath := deviceToDetach.DeviceMountPath
 		refs, err := og.blkUtil.GetDeviceSymlinkRefs(deviceToDetach.DevicePath, globalMapPath)
 		if err != nil {
-			return deviceToDetach.GenerateErrorDetailed("UnmapDevice.GetDeviceSymlinkRefs check failed", err)
+			return deviceToDetach.GenerateError("UnmapDevice.GetDeviceSymlinkRefs check failed", err)
 		}
 		if len(refs) > 0 {
 			err = fmt.Errorf("The device %q is still referenced from other Pods %v", globalMapPath, refs)
-			return deviceToDetach.GenerateErrorDetailed("UnmapDevice failed", err)
+			return deviceToDetach.GenerateError("UnmapDevice failed", err)
 		}
 
 		// Execute tear down device
 		unmapErr := blockVolumeUnmapper.TearDownDevice(globalMapPath, deviceToDetach.DevicePath)
 		if unmapErr != nil {
 			// On failure, return error. Caller will log and retry.
-			return deviceToDetach.GenerateErrorDetailed("UnmapDevice.TearDownDevice failed", unmapErr)
+			return deviceToDetach.GenerateError("UnmapDevice.TearDownDevice failed", unmapErr)
 		}
 
 		// Plugin finished TearDownDevice(). Now globalMapPath dir and plugin's stored data
@@ -1020,18 +1061,18 @@ func (og *operationGenerator) GenerateUnmapDeviceFunc(
 		removeMapPathErr := og.blkUtil.RemoveMapPath(globalMapPath)
 		if removeMapPathErr != nil {
 			// On failure, return error. Caller will log and retry.
-			return deviceToDetach.GenerateErrorDetailed("UnmapDevice failed", removeMapPathErr)
+			return deviceToDetach.GenerateError("UnmapDevice failed", removeMapPathErr)
 		}
 
 		// The block volume is not referenced from Pods. Release file descriptor lock.
-		glog.V(5).Infof("UnmapDevice: deviceToDetach.DevicePath: %v", deviceToDetach.DevicePath)
+		glog.V(4).Infof("UnmapDevice: deviceToDetach.DevicePath: %v", deviceToDetach.DevicePath)
 		loopPath, err := og.blkUtil.GetLoopDevice(deviceToDetach.DevicePath)
 		if err != nil {
 			glog.Warningf(deviceToDetach.GenerateMsgDetailed("UnmapDevice: Couldn't find loopback device which takes file descriptor lock", fmt.Sprintf("device path: %q", deviceToDetach.DevicePath)))
 		} else {
 			err = og.blkUtil.RemoveLoopDevice(loopPath)
 			if err != nil {
-				return deviceToDetach.GenerateErrorDetailed("UnmapDevice.AttachFileDevice failed", err)
+				return deviceToDetach.GenerateError("UnmapDevice.AttachFileDevice failed", err)
 			}
 		}
 
@@ -1041,11 +1082,11 @@ func (og *operationGenerator) GenerateUnmapDeviceFunc(
 		// else on the system. Retry if it returns true.
 		deviceOpened, deviceOpenedErr := isDeviceOpened(deviceToDetach, mounter)
 		if deviceOpenedErr != nil {
-			return deviceOpenedErr
+			return nil, deviceOpenedErr
 		}
 		// The device is still in use elsewhere. Caller will log and retry.
 		if deviceOpened {
-			return deviceToDetach.GenerateErrorDetailed(
+			return deviceToDetach.GenerateError(
 				"UnmapDevice failed",
 				fmt.Errorf("the device is in use when it was no longer expected to be in use"))
 		}
@@ -1057,24 +1098,30 @@ func (og *operationGenerator) GenerateUnmapDeviceFunc(
 			deviceToDetach.VolumeName)
 		if markDeviceUnmountedErr != nil {
 			// On failure, return error. Caller will log and retry.
-			return deviceToDetach.GenerateErrorDetailed("MarkDeviceAsUnmounted failed", markDeviceUnmountedErr)
+			return deviceToDetach.GenerateError("MarkDeviceAsUnmounted failed", markDeviceUnmountedErr)
 		}
 
-		return nil
-	}, blockVolumePlugin.GetPluginName(), nil
+		return nil, nil
+	}
+
+	return volumetypes.GeneratedOperations{
+		OperationFunc:     unmapDeviceFunc,
+		CompleteFunc:      util.OperationCompleteHook(blockVolumePlugin.GetPluginName(), "unmap_device"),
+		EventRecorderFunc: nil, // nil because we do not want to generate event on error
+	}, nil
 }
 
 func (og *operationGenerator) GenerateVerifyControllerAttachedVolumeFunc(
 	volumeToMount VolumeToMount,
 	nodeName types.NodeName,
-	actualStateOfWorld ActualStateOfWorldAttacherUpdater) (func() error, string, error) {
+	actualStateOfWorld ActualStateOfWorldAttacherUpdater) (volumetypes.GeneratedOperations, error) {
 	volumePlugin, err :=
 		og.volumePluginMgr.FindPluginBySpec(volumeToMount.VolumeSpec)
 	if err != nil || volumePlugin == nil {
-		return nil, "", volumeToMount.GenerateErrorDetailed("VerifyControllerAttachedVolume.FindPluginBySpec failed", err)
+		return volumetypes.GeneratedOperations{}, volumeToMount.GenerateErrorDetailed("VerifyControllerAttachedVolume.FindPluginBySpec failed", err)
 	}
 
-	return func() error {
+	verifyControllerAttachedVolumeFunc := func() (error, error) {
 		if !volumeToMount.PluginIsAttachable {
 			// If the volume does not implement the attacher interface, it is
 			// assumed to be attached and the actual state of the world is
@@ -1084,10 +1131,10 @@ func (og *operationGenerator) GenerateVerifyControllerAttachedVolumeFunc(
 				volumeToMount.VolumeName, volumeToMount.VolumeSpec, nodeName, "" /* devicePath */)
 			if addVolumeNodeErr != nil {
 				// On failure, return error. Caller will log and retry.
-				return volumeToMount.GenerateErrorDetailed("VerifyControllerAttachedVolume.MarkVolumeAsAttachedByUniqueVolumeName failed", addVolumeNodeErr)
+				return volumeToMount.GenerateError("VerifyControllerAttachedVolume.MarkVolumeAsAttachedByUniqueVolumeName failed", addVolumeNodeErr)
 			}
 
-			return nil
+			return nil, nil
 		}
 
 		if !volumeToMount.ReportedInUse {
@@ -1097,19 +1144,19 @@ func (og *operationGenerator) GenerateVerifyControllerAttachedVolumeFunc(
 			// periodically by kubelet, so it may take as much as 10 seconds
 			// before this clears.
 			// Issue #28141 to enable on demand status updates.
-			return volumeToMount.GenerateErrorDetailed("Volume has not been added to the list of VolumesInUse in the node's volume status", nil)
+			return volumeToMount.GenerateError("Volume has not been added to the list of VolumesInUse in the node's volume status", nil)
 		}
 
 		// Fetch current node object
 		node, fetchErr := og.kubeClient.CoreV1().Nodes().Get(string(nodeName), metav1.GetOptions{})
 		if fetchErr != nil {
 			// On failure, return error. Caller will log and retry.
-			return volumeToMount.GenerateErrorDetailed("VerifyControllerAttachedVolume failed fetching node from API server", fetchErr)
+			return volumeToMount.GenerateError("VerifyControllerAttachedVolume failed fetching node from API server", fetchErr)
 		}
 
 		if node == nil {
 			// On failure, return error. Caller will log and retry.
-			return volumeToMount.GenerateErrorDetailed(
+			return volumeToMount.GenerateError(
 				"VerifyControllerAttachedVolume failed",
 				fmt.Errorf("Node object retrieved from API server is nil"))
 		}
@@ -1121,15 +1168,22 @@ func (og *operationGenerator) GenerateVerifyControllerAttachedVolumeFunc(
 				glog.Infof(volumeToMount.GenerateMsgDetailed("Controller attach succeeded", fmt.Sprintf("device path: %q", attachedVolume.DevicePath)))
 				if addVolumeNodeErr != nil {
 					// On failure, return error. Caller will log and retry.
-					return volumeToMount.GenerateErrorDetailed("VerifyControllerAttachedVolume.MarkVolumeAsAttached failed", addVolumeNodeErr)
+					return volumeToMount.GenerateError("VerifyControllerAttachedVolume.MarkVolumeAsAttached failed", addVolumeNodeErr)
 				}
-				return nil
+				return nil, nil
 			}
 		}
 
 		// Volume not attached, return error. Caller will log and retry.
-		return volumeToMount.GenerateErrorDetailed("Volume not attached according to node status", nil)
-	}, volumePlugin.GetPluginName(), nil
+		return volumeToMount.GenerateError("Volume not attached according to node status", nil)
+	}
+
+	return volumetypes.GeneratedOperations{
+		OperationFunc:     verifyControllerAttachedVolumeFunc,
+		CompleteFunc:      util.OperationCompleteHook(volumePlugin.GetPluginName(), "verify_controller_attached_volume"),
+		EventRecorderFunc: nil, // nil because we do not want to generate event on error
+	}, nil
+
 }
 
 func (og *operationGenerator) verifyVolumeIsSafeToDetach(
@@ -1168,17 +1222,20 @@ func (og *operationGenerator) verifyVolumeIsSafeToDetach(
 
 func (og *operationGenerator) GenerateExpandVolumeFunc(
 	pvcWithResizeRequest *expandcache.PVCWithResizeRequest,
-	resizeMap expandcache.VolumeResizeMap) (func() error, string, error) {
+	resizeMap expandcache.VolumeResizeMap) (volumetypes.GeneratedOperations, error) {
 
 	volumeSpec := volume.NewSpecFromPersistentVolume(pvcWithResizeRequest.PersistentVolume, false)
 
 	volumePlugin, err := og.volumePluginMgr.FindExpandablePluginBySpec(volumeSpec)
 
 	if err != nil {
-		return nil, "", fmt.Errorf("Error finding plugin for expanding volume: %q with error %v", pvcWithResizeRequest.QualifiedName(), err)
+		return volumetypes.GeneratedOperations{}, fmt.Errorf("Error finding plugin for expanding volume: %q with error %v", pvcWithResizeRequest.QualifiedName(), err)
+	}
+	if volumePlugin == nil {
+		return volumetypes.GeneratedOperations{}, fmt.Errorf("Can not find plugin for expanding volume: %q", pvcWithResizeRequest.QualifiedName())
 	}
 
-	expandFunc := func() error {
+	expandVolumeFunc := func() (error, error) {
 		newSize := pvcWithResizeRequest.ExpectedSize
 		pvSize := pvcWithResizeRequest.PersistentVolume.Spec.Capacity[v1.ResourceStorage]
 		if pvSize.Cmp(newSize) < 0 {
@@ -1188,9 +1245,8 @@ func (og *operationGenerator) GenerateExpandVolumeFunc(
 				pvcWithResizeRequest.CurrentSize)
 
 			if expandErr != nil {
-				glog.Errorf("Error expanding volume %q of plugin %s : %v", pvcWithResizeRequest.QualifiedName(), volumePlugin.GetPluginName(), expandErr)
-				og.recorder.Eventf(pvcWithResizeRequest.PVC, v1.EventTypeWarning, kevents.VolumeResizeFailed, expandErr.Error())
-				return expandErr
+				detailedErr := fmt.Errorf("Error expanding volume %q of plugin %s : %v", pvcWithResizeRequest.QualifiedName(), volumePlugin.GetPluginName(), expandErr)
+				return detailedErr, detailedErr
 			}
 			glog.Infof("ExpandVolume succeeded for volume %s", pvcWithResizeRequest.QualifiedName())
 			newSize = updatedSize
@@ -1200,9 +1256,8 @@ func (og *operationGenerator) GenerateExpandVolumeFunc(
 			updateErr := resizeMap.UpdatePVSize(pvcWithResizeRequest, newSize)
 
 			if updateErr != nil {
-				glog.V(4).Infof("Error updating PV spec capacity for volume %q with : %v", pvcWithResizeRequest.QualifiedName(), updateErr)
-				og.recorder.Eventf(pvcWithResizeRequest.PVC, v1.EventTypeWarning, kevents.VolumeResizeFailed, updateErr.Error())
-				return updateErr
+				detailedErr := fmt.Errorf("Error updating PV spec capacity for volume %q with : %v", pvcWithResizeRequest.QualifiedName(), updateErr)
+				return detailedErr, detailedErr
 			}
 			glog.Infof("ExpandVolume.UpdatePV succeeded for volume %s", pvcWithResizeRequest.QualifiedName())
 		}
@@ -1215,24 +1270,40 @@ func (og *operationGenerator) GenerateExpandVolumeFunc(
 			err := resizeMap.MarkAsResized(pvcWithResizeRequest, newSize)
 
 			if err != nil {
-				glog.Errorf("Error marking pvc %s as resized : %v", pvcWithResizeRequest.QualifiedName(), err)
-				og.recorder.Eventf(pvcWithResizeRequest.PVC, v1.EventTypeWarning, kevents.VolumeResizeFailed, err.Error())
-				return err
+				detailedErr := fmt.Errorf("Error marking pvc %s as resized : %v", pvcWithResizeRequest.QualifiedName(), err)
+				return detailedErr, detailedErr
+			}
+			successMsg := fmt.Sprintf("ExpandVolume succeeded for volume %s", pvcWithResizeRequest.QualifiedName())
+			og.recorder.Eventf(pvcWithResizeRequest.PVC, v1.EventTypeNormal, kevents.VolumeResizeSuccess, successMsg)
+		} else {
+			err := resizeMap.MarkForFSResize(pvcWithResizeRequest)
+			if err != nil {
+				detailedErr := fmt.Errorf("Error updating pvc %s condition for fs resize : %v", pvcWithResizeRequest.QualifiedName(), err)
+				glog.Warning(detailedErr)
+				return nil, nil
 			}
 		}
-		return nil
+		return nil, nil
+	}
 
+	eventRecorderFunc := func(err *error) {
+		if *err != nil {
+			og.recorder.Eventf(pvcWithResizeRequest.PVC, v1.EventTypeWarning, kevents.VolumeResizeFailed, (*err).Error())
+		}
 	}
-	return expandFunc, volumePlugin.GetPluginName(), nil
+
+	return volumetypes.GeneratedOperations{
+		OperationFunc:     expandVolumeFunc,
+		EventRecorderFunc: eventRecorderFunc,
+		CompleteFunc:      util.OperationCompleteHook(volumePlugin.GetPluginName(), "expand_volume"),
+	}, nil
 }
 
 func checkMountOptionSupport(og *operationGenerator, volumeToMount VolumeToMount, plugin volume.VolumePlugin) error {
-	mountOptions := volume.MountOptionFromSpec(volumeToMount.VolumeSpec)
+	mountOptions := util.MountOptionFromSpec(volumeToMount.VolumeSpec)
 
 	if len(mountOptions) > 0 && !plugin.SupportsMountOption() {
-		eventErr, detailedErr := volumeToMount.GenerateError("Mount options are not supported for this volume type", nil)
-		og.recorder.Eventf(volumeToMount.Pod, v1.EventTypeWarning, kevents.UnsupportedMountOption, eventErr.Error())
-		return detailedErr
+		return fmt.Errorf("Mount options are not supported for this volume type")
 	}
 	return nil
 }
@@ -1248,14 +1319,11 @@ func checkNodeAffinity(og *operationGenerator, volumeToMount VolumeToMount, plug
 	if pv != nil {
 		nodeLabels, err := og.volumePluginMgr.Host.GetNodeLabels()
 		if err != nil {
-			return volumeToMount.GenerateErrorDetailed("Error getting node labels", err)
+			return err
 		}
-
 		err = util.CheckNodeAffinity(pv, nodeLabels)
 		if err != nil {
-			eventErr, detailedErr := volumeToMount.GenerateError("Storage node affinity check failed", err)
-			og.recorder.Eventf(volumeToMount.Pod, v1.EventTypeWarning, kevents.FailedMountVolume, eventErr.Error())
-			return detailedErr
+			return err
 		}
 	}
 	return nil
@@ -1280,31 +1348,3 @@ func isDeviceOpened(deviceToDetach AttachedVolume, mounter mount.Interface) (boo
 	}
 	return deviceOpened, nil
 }
-
-func updatePVCStatusCapacity(pvcName string, pvc *v1.PersistentVolumeClaim, capacity v1.ResourceList, client clientset.Interface) error {
-	pvcCopy := pvc.DeepCopy()
-
-	oldData, err := json.Marshal(pvcCopy)
-	if err != nil {
-		return fmt.Errorf("Failed to marshal oldData for pvc %q with %v", pvcName, err)
-	}
-
-	pvcCopy.Status.Capacity = capacity
-	pvcCopy.Status.Conditions = []v1.PersistentVolumeClaimCondition{}
-	newData, err := json.Marshal(pvcCopy)
-
-	if err != nil {
-		return fmt.Errorf("Failed to marshal newData for pvc %q with %v", pvcName, err)
-	}
-	patchBytes, err := strategicpatch.CreateTwoWayMergePatch(oldData, newData, pvcCopy)
-
-	if err != nil {
-		return fmt.Errorf("Failed to CreateTwoWayMergePatch for pvc %q with %v ", pvcName, err)
-	}
-	_, err = client.CoreV1().PersistentVolumeClaims(pvc.Namespace).
-		Patch(pvcName, types.StrategicMergePatchType, patchBytes, "status")
-	if err != nil {
-		return fmt.Errorf("Failed to patch PVC %q with %v", pvcName, err)
-	}
-	return nil
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/recyclerclient/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/util/recyclerclient/BUILD
new file mode 100644
index 000000000000..e65ad6c98b29
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/recyclerclient/BUILD
@@ -0,0 +1,44 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["recycler_client.go"],
+    importpath = "k8s.io/kubernetes/pkg/volume/util/recyclerclient",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/fields:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["recycler_client_test.go"],
+    embed = [":go_default_library"],
+    deps = [
+        "//pkg/apis/core:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/recyclerclient/recycler_client.go b/vendor/k8s.io/kubernetes/pkg/volume/util/recyclerclient/recycler_client.go
new file mode 100644
index 000000000000..1af6465c6e73
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/recyclerclient/recycler_client.go
@@ -0,0 +1,252 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package recyclerclient
+
+import (
+	"fmt"
+
+	"github.com/golang/glog"
+	"k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/api/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/fields"
+	"k8s.io/apimachinery/pkg/watch"
+	clientset "k8s.io/client-go/kubernetes"
+)
+
+type RecycleEventRecorder func(eventtype, message string)
+
+// RecycleVolumeByWatchingPodUntilCompletion is intended for use with volume
+// Recyclers. This function will save the given Pod to the API and watch it
+// until it completes, fails, or the pod's ActiveDeadlineSeconds is exceeded,
+// whichever comes first. An attempt to delete a recycler pod is always
+// attempted before returning.
+//
+// In case there is a pod with the same namespace+name already running, this
+// function deletes it as it is not able to judge if it is an old recycler
+// or user has forged a fake recycler to block Kubernetes from recycling.//
+//
+//  pod - the pod designed by a volume plugin to recycle the volume. pod.Name
+//        will be overwritten with unique name based on PV.Name.
+//	client - kube client for API operations.
+func RecycleVolumeByWatchingPodUntilCompletion(pvName string, pod *v1.Pod, kubeClient clientset.Interface, recorder RecycleEventRecorder) error {
+	return internalRecycleVolumeByWatchingPodUntilCompletion(pvName, pod, newRecyclerClient(kubeClient, recorder))
+}
+
+// same as above func comments, except 'recyclerClient' is a narrower pod API
+// interface to ease testing
+func internalRecycleVolumeByWatchingPodUntilCompletion(pvName string, pod *v1.Pod, recyclerClient recyclerClient) error {
+	glog.V(5).Infof("creating recycler pod for volume %s\n", pod.Name)
+
+	// Generate unique name for the recycler pod - we need to get "already
+	// exists" error when a previous controller has already started recycling
+	// the volume. Here we assume that pv.Name is already unique.
+	pod.Name = "recycler-for-" + pvName
+	pod.GenerateName = ""
+
+	stopChannel := make(chan struct{})
+	defer close(stopChannel)
+	podCh, err := recyclerClient.WatchPod(pod.Name, pod.Namespace, stopChannel)
+	if err != nil {
+		glog.V(4).Infof("cannot start watcher for pod %s/%s: %v", pod.Namespace, pod.Name, err)
+		return err
+	}
+
+	// Start the pod
+	_, err = recyclerClient.CreatePod(pod)
+	if err != nil {
+		if errors.IsAlreadyExists(err) {
+			deleteErr := recyclerClient.DeletePod(pod.Name, pod.Namespace)
+			if deleteErr != nil {
+				return fmt.Errorf("failed to delete old recycler pod %s/%s: %s", pod.Namespace, pod.Name, deleteErr)
+			}
+			// Recycler will try again and the old pod will be hopefully deleted
+			// at that time.
+			return fmt.Errorf("old recycler pod found, will retry later")
+		}
+		return fmt.Errorf("unexpected error creating recycler pod:  %+v", err)
+	}
+	err = waitForPod(pod, recyclerClient, podCh)
+
+	// In all cases delete the recycler pod and log its result.
+	glog.V(2).Infof("deleting recycler pod %s/%s", pod.Namespace, pod.Name)
+	deleteErr := recyclerClient.DeletePod(pod.Name, pod.Namespace)
+	if deleteErr != nil {
+		glog.Errorf("failed to delete recycler pod %s/%s: %v", pod.Namespace, pod.Name, err)
+	}
+
+	// Returning recycler error is preferred, the pod will be deleted again on
+	// the next retry.
+	if err != nil {
+		return fmt.Errorf("failed to recycle volume: %s", err)
+	}
+
+	// Recycle succeeded but we failed to delete the recycler pod. Report it,
+	// the controller will re-try recycling the PV again shortly.
+	if deleteErr != nil {
+		return fmt.Errorf("failed to delete recycler pod: %s", deleteErr)
+	}
+
+	return nil
+}
+
+// waitForPod watches the pod it until it finishes and send all events on the
+// pod to the PV.
+func waitForPod(pod *v1.Pod, recyclerClient recyclerClient, podCh <-chan watch.Event) error {
+	for {
+		event, ok := <-podCh
+		if !ok {
+			return fmt.Errorf("recycler pod %q watch channel had been closed", pod.Name)
+		}
+		switch event.Object.(type) {
+		case *v1.Pod:
+			// POD changed
+			pod := event.Object.(*v1.Pod)
+			glog.V(4).Infof("recycler pod update received: %s %s/%s %s", event.Type, pod.Namespace, pod.Name, pod.Status.Phase)
+			switch event.Type {
+			case watch.Added, watch.Modified:
+				if pod.Status.Phase == v1.PodSucceeded {
+					// Recycle succeeded.
+					return nil
+				}
+				if pod.Status.Phase == v1.PodFailed {
+					if pod.Status.Message != "" {
+						return fmt.Errorf(pod.Status.Message)
+					} else {
+						return fmt.Errorf("pod failed, pod.Status.Message unknown.")
+					}
+				}
+
+			case watch.Deleted:
+				return fmt.Errorf("recycler pod was deleted")
+
+			case watch.Error:
+				return fmt.Errorf("recycler pod watcher failed")
+			}
+
+		case *v1.Event:
+			// Event received
+			podEvent := event.Object.(*v1.Event)
+			glog.V(4).Infof("recycler event received: %s %s/%s %s/%s %s", event.Type, podEvent.Namespace, podEvent.Name, podEvent.InvolvedObject.Namespace, podEvent.InvolvedObject.Name, podEvent.Message)
+			if event.Type == watch.Added {
+				recyclerClient.Event(podEvent.Type, podEvent.Message)
+			}
+		}
+	}
+}
+
+// recyclerClient abstracts access to a Pod by providing a narrower interface.
+// This makes it easier to mock a client for testing.
+type recyclerClient interface {
+	CreatePod(pod *v1.Pod) (*v1.Pod, error)
+	GetPod(name, namespace string) (*v1.Pod, error)
+	DeletePod(name, namespace string) error
+	// WatchPod returns a ListWatch for watching a pod.  The stopChannel is used
+	// to close the reflector backing the watch.  The caller is responsible for
+	// derring a close on the channel to stop the reflector.
+	WatchPod(name, namespace string, stopChannel chan struct{}) (<-chan watch.Event, error)
+	// Event sends an event to the volume that is being recycled.
+	Event(eventtype, message string)
+}
+
+func newRecyclerClient(client clientset.Interface, recorder RecycleEventRecorder) recyclerClient {
+	return &realRecyclerClient{
+		client,
+		recorder,
+	}
+}
+
+type realRecyclerClient struct {
+	client   clientset.Interface
+	recorder RecycleEventRecorder
+}
+
+func (c *realRecyclerClient) CreatePod(pod *v1.Pod) (*v1.Pod, error) {
+	return c.client.CoreV1().Pods(pod.Namespace).Create(pod)
+}
+
+func (c *realRecyclerClient) GetPod(name, namespace string) (*v1.Pod, error) {
+	return c.client.CoreV1().Pods(namespace).Get(name, metav1.GetOptions{})
+}
+
+func (c *realRecyclerClient) DeletePod(name, namespace string) error {
+	return c.client.CoreV1().Pods(namespace).Delete(name, nil)
+}
+
+func (c *realRecyclerClient) Event(eventtype, message string) {
+	c.recorder(eventtype, message)
+}
+
+func (c *realRecyclerClient) WatchPod(name, namespace string, stopChannel chan struct{}) (<-chan watch.Event, error) {
+	podSelector, err := fields.ParseSelector("metadata.name=" + name)
+	if err != nil {
+		return nil, err
+	}
+	options := metav1.ListOptions{
+		FieldSelector: podSelector.String(),
+		Watch:         true,
+	}
+
+	podWatch, err := c.client.CoreV1().Pods(namespace).Watch(options)
+	if err != nil {
+		return nil, err
+	}
+
+	eventSelector, _ := fields.ParseSelector("involvedObject.name=" + name)
+	eventWatch, err := c.client.CoreV1().Events(namespace).Watch(metav1.ListOptions{
+		FieldSelector: eventSelector.String(),
+		Watch:         true,
+	})
+	if err != nil {
+		podWatch.Stop()
+		return nil, err
+	}
+
+	eventCh := make(chan watch.Event, 30)
+
+	go func() {
+		defer eventWatch.Stop()
+		defer podWatch.Stop()
+		defer close(eventCh)
+		var podWatchChannelClosed bool
+		var eventWatchChannelClosed bool
+		for {
+			select {
+			case _ = <-stopChannel:
+				return
+
+			case podEvent, ok := <-podWatch.ResultChan():
+				if !ok {
+					podWatchChannelClosed = true
+				} else {
+					eventCh <- podEvent
+				}
+			case eventEvent, ok := <-eventWatch.ResultChan():
+				if !ok {
+					eventWatchChannelClosed = true
+				} else {
+					eventCh <- eventEvent
+				}
+			}
+			if podWatchChannelClosed && eventWatchChannelClosed {
+				break
+			}
+		}
+	}()
+
+	return eventCh, nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/resize_util.go b/vendor/k8s.io/kubernetes/pkg/volume/util/resize_util.go
new file mode 100644
index 000000000000..c1d2a1c82acd
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/resize_util.go
@@ -0,0 +1,125 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package util
+
+import (
+	"encoding/json"
+	"fmt"
+
+	"k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/apimachinery/pkg/util/strategicpatch"
+	clientset "k8s.io/client-go/kubernetes"
+)
+
+var (
+	knownResizeConditions map[v1.PersistentVolumeClaimConditionType]bool = map[v1.PersistentVolumeClaimConditionType]bool{
+		v1.PersistentVolumeClaimFileSystemResizePending: true,
+		v1.PersistentVolumeClaimResizing:                true,
+	}
+)
+
+type resizeProcessStatus struct {
+	condition v1.PersistentVolumeClaimCondition
+	processed bool
+}
+
+// ClaimToClaimKey return namespace/name string for pvc
+func ClaimToClaimKey(claim *v1.PersistentVolumeClaim) string {
+	return fmt.Sprintf("%s/%s", claim.Namespace, claim.Name)
+}
+
+// MarkFSResizeFinished marks file system resizing as done
+func MarkFSResizeFinished(
+	pvc *v1.PersistentVolumeClaim,
+	capacity v1.ResourceList,
+	kubeClient clientset.Interface) error {
+	newPVC := pvc.DeepCopy()
+	newPVC.Status.Capacity = capacity
+	newPVC = MergeResizeConditionOnPVC(newPVC, []v1.PersistentVolumeClaimCondition{})
+	_, err := PatchPVCStatus(pvc /*oldPVC*/, newPVC, kubeClient)
+	return err
+}
+
+// PatchPVCStatus updates PVC status using PATCH verb
+func PatchPVCStatus(
+	oldPVC *v1.PersistentVolumeClaim,
+	newPVC *v1.PersistentVolumeClaim,
+	kubeClient clientset.Interface) (*v1.PersistentVolumeClaim, error) {
+	pvcName := oldPVC.Name
+
+	oldData, err := json.Marshal(oldPVC)
+	if err != nil {
+		return nil, fmt.Errorf("PatchPVCStatus.Failed to marshal oldData for pvc %q with %v", pvcName, err)
+	}
+
+	newData, err := json.Marshal(newPVC)
+	if err != nil {
+		return nil, fmt.Errorf("PatchPVCStatus.Failed to marshal newData for pvc %q with %v", pvcName, err)
+	}
+
+	patchBytes, err := strategicpatch.CreateTwoWayMergePatch(oldData, newData, oldPVC)
+	if err != nil {
+		return nil, fmt.Errorf("PatchPVCStatus.Failed to CreateTwoWayMergePatch for pvc %q with %v ", pvcName, err)
+	}
+	updatedClaim, updateErr := kubeClient.CoreV1().PersistentVolumeClaims(oldPVC.Namespace).
+		Patch(pvcName, types.StrategicMergePatchType, patchBytes, "status")
+	if updateErr != nil {
+		return nil, fmt.Errorf("PatchPVCStatus.Failed to patch PVC %q with %v", pvcName, updateErr)
+	}
+	return updatedClaim, nil
+}
+
+// MergeResizeConditionOnPVC updates pvc with requested resize conditions
+// leaving other conditions untouched.
+func MergeResizeConditionOnPVC(
+	pvc *v1.PersistentVolumeClaim,
+	resizeConditions []v1.PersistentVolumeClaimCondition) *v1.PersistentVolumeClaim {
+	resizeConditionMap := map[v1.PersistentVolumeClaimConditionType]*resizeProcessStatus{}
+
+	for _, condition := range resizeConditions {
+		resizeConditionMap[condition.Type] = &resizeProcessStatus{condition, false}
+	}
+
+	oldConditions := pvc.Status.Conditions
+	newConditions := []v1.PersistentVolumeClaimCondition{}
+	for _, condition := range oldConditions {
+		// If Condition is of not resize type, we keep it.
+		if _, ok := knownResizeConditions[condition.Type]; !ok {
+			newConditions = append(newConditions, condition)
+			continue
+		}
+
+		if newCondition, ok := resizeConditionMap[condition.Type]; ok {
+			if newCondition.condition.Status != condition.Status {
+				newConditions = append(newConditions, newCondition.condition)
+			} else {
+				newConditions = append(newConditions, condition)
+			}
+			newCondition.processed = true
+		}
+	}
+
+	// append all unprocessed conditions
+	for _, newCondition := range resizeConditionMap {
+		if !newCondition.processed {
+			newConditions = append(newConditions, newCondition.condition)
+		}
+	}
+	pvc.Status.Conditions = newConditions
+	return pvc
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/types/types.go b/vendor/k8s.io/kubernetes/pkg/volume/util/types/types.go
index 9375ad6750c3..9815545ff609 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/types/types.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/types/types.go
@@ -24,3 +24,11 @@ type UniquePodName types.UID
 
 // UniquePVCName defines the type to key pvc off
 type UniquePVCName types.UID
+
+// GeneratedOperations contains the operation that is created as well as
+// supporting functions required for the operation executor
+type GeneratedOperations struct {
+	OperationFunc     func() (eventErr error, detailedErr error)
+	EventRecorderFunc func(*error)
+	CompleteFunc      func(*error)
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/util.go b/vendor/k8s.io/kubernetes/pkg/volume/util/util.go
index 106036dfb57f..518103414cab 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/util.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/util.go
@@ -21,8 +21,8 @@ import (
 	"io/ioutil"
 	"os"
 	"path"
-	"path/filepath"
 	"strings"
+	"syscall"
 
 	"github.com/golang/glog"
 	"k8s.io/api/core/v1"
@@ -30,22 +30,51 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/runtime"
-	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/sets"
+	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	clientset "k8s.io/client-go/kubernetes"
 	"k8s.io/kubernetes/pkg/api/legacyscheme"
 	v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
+	"k8s.io/kubernetes/pkg/features"
 	kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis"
 	"k8s.io/kubernetes/pkg/util/mount"
+	"k8s.io/kubernetes/pkg/volume"
+
+	"reflect"
+
+	"hash/fnv"
+	"math/rand"
+	"strconv"
+
+	"k8s.io/apimachinery/pkg/api/resource"
+	utypes "k8s.io/apimachinery/pkg/types"
+	"k8s.io/kubernetes/pkg/volume/util/types"
 )
 
 const (
+	// GB - GigaByte size
+	GB = 1000 * 1000 * 1000
+	// GIB - GibiByte size
+	GIB = 1024 * 1024 * 1024
+
 	readyFileName = "ready"
-	losetupPath   = "losetup"
 
-	ErrDeviceNotFound     = "device not found"
-	ErrDeviceNotSupported = "device not supported"
-	ErrNotAvailable       = "not available"
+	// ControllerManagedAttachAnnotation is the key of the annotation on Node
+	// objects that indicates attach/detach operations for the node should be
+	// managed by the attach/detach controller
+	ControllerManagedAttachAnnotation string = "volumes.kubernetes.io/controller-managed-attach-detach"
+
+	// KeepTerminatedPodVolumesAnnotation is the key of the annotation on Node
+	// that decides if pod volumes are unmounted when pod is terminated
+	KeepTerminatedPodVolumesAnnotation string = "volumes.kubernetes.io/keep-terminated-pod-volumes"
+
+	// VolumeGidAnnotationKey is the of the annotation on the PersistentVolume
+	// object that specifies a supplemental GID.
+	VolumeGidAnnotationKey = "pv.beta.kubernetes.io/gid"
+
+	// VolumeDynamicallyCreatedByKey is the key of the annotation on PersistentVolume
+	// object created dynamically
+	VolumeDynamicallyCreatedByKey = "kubernetes.io/createdby"
 )
 
 // IsReady checks for the existence of a regular file
@@ -96,29 +125,42 @@ func UnmountPath(mountPath string, mounter mount.Interface) error {
 // IsNotMountPoint will be called instead of IsLikelyNotMountPoint.
 // IsNotMountPoint is more expensive but properly handles bind mounts.
 func UnmountMountPoint(mountPath string, mounter mount.Interface, extensiveMountPointCheck bool) error {
-	if pathExists, pathErr := PathExists(mountPath); pathErr != nil {
-		return fmt.Errorf("Error checking if path exists: %v", pathErr)
-	} else if !pathExists {
+	pathExists, pathErr := PathExists(mountPath)
+	if !pathExists {
 		glog.Warningf("Warning: Unmount skipped because path does not exist: %v", mountPath)
 		return nil
 	}
-
-	var notMnt bool
-	var err error
-
-	if extensiveMountPointCheck {
-		notMnt, err = mount.IsNotMountPoint(mounter, mountPath)
-	} else {
-		notMnt, err = mounter.IsLikelyNotMountPoint(mountPath)
+	corruptedMnt := isCorruptedMnt(pathErr)
+	if pathErr != nil && !corruptedMnt {
+		return fmt.Errorf("Error checking path: %v", pathErr)
 	}
+	return doUnmountMountPoint(mountPath, mounter, extensiveMountPointCheck, corruptedMnt)
+}
 
-	if err != nil {
-		return err
-	}
+// doUnmountMountPoint is a common unmount routine that unmounts the given path and
+// deletes the remaining directory if successful.
+// if extensiveMountPointCheck is true
+// IsNotMountPoint will be called instead of IsLikelyNotMountPoint.
+// IsNotMountPoint is more expensive but properly handles bind mounts.
+// if corruptedMnt is true, it means that the mountPath is a corrupted mountpoint, Take it as an argument for convenience of testing
+func doUnmountMountPoint(mountPath string, mounter mount.Interface, extensiveMountPointCheck bool, corruptedMnt bool) error {
+	if !corruptedMnt {
+		var notMnt bool
+		var err error
+		if extensiveMountPointCheck {
+			notMnt, err = mount.IsNotMountPoint(mounter, mountPath)
+		} else {
+			notMnt, err = mounter.IsLikelyNotMountPoint(mountPath)
+		}
 
-	if notMnt {
-		glog.Warningf("Warning: %q is not a mountpoint, deleting", mountPath)
-		return os.Remove(mountPath)
+		if err != nil {
+			return err
+		}
+
+		if notMnt {
+			glog.Warningf("Warning: %q is not a mountpoint, deleting", mountPath)
+			return os.Remove(mountPath)
+		}
 	}
 
 	// Unmount the mount path
@@ -128,7 +170,7 @@ func UnmountMountPoint(mountPath string, mounter mount.Interface, extensiveMount
 	}
 	notMnt, mntErr := mounter.IsLikelyNotMountPoint(mountPath)
 	if mntErr != nil {
-		return err
+		return mntErr
 	}
 	if notMnt {
 		glog.V(4).Infof("%q is unmounted, deleting the directory", mountPath)
@@ -144,11 +186,32 @@ func PathExists(path string) (bool, error) {
 		return true, nil
 	} else if os.IsNotExist(err) {
 		return false, nil
+	} else if isCorruptedMnt(err) {
+		return true, err
 	} else {
 		return false, err
 	}
 }
 
+// isCorruptedMnt return true if err is about corrupted mount point
+func isCorruptedMnt(err error) bool {
+	if err == nil {
+		return false
+	}
+	var underlyingError error
+	switch pe := err.(type) {
+	case nil:
+		return false
+	case *os.PathError:
+		underlyingError = pe.Err
+	case *os.LinkError:
+		underlyingError = pe.Err
+	case *os.SyscallError:
+		underlyingError = pe.Err
+	}
+	return underlyingError == syscall.ENOTCONN || underlyingError == syscall.ESTALE
+}
+
 // GetSecretForPod locates secret by name in the pod's namespace and returns secret map
 func GetSecretForPod(pod *v1.Pod, secretName string, kubeClient clientset.Interface) (map[string]string, error) {
 	secret := make(map[string]string)
@@ -203,6 +266,13 @@ func GetClassForVolume(kubeClient clientset.Interface, pv *v1.PersistentVolume)
 // CheckNodeAffinity looks at the PV node affinity, and checks if the node has the same corresponding labels
 // This ensures that we don't mount a volume that doesn't belong to this node
 func CheckNodeAffinity(pv *v1.PersistentVolume, nodeLabels map[string]string) error {
+	if err := checkAlphaNodeAffinity(pv, nodeLabels); err != nil {
+		return err
+	}
+	return checkVolumeNodeAffinity(pv, nodeLabels)
+}
+
+func checkAlphaNodeAffinity(pv *v1.PersistentVolume, nodeLabels map[string]string) error {
 	affinity, err := v1helper.GetStorageNodeAffinityFromAnnotation(pv.Annotations)
 	if err != nil {
 		return fmt.Errorf("Error getting storage node affinity: %v", err)
@@ -227,6 +297,27 @@ func CheckNodeAffinity(pv *v1.PersistentVolume, nodeLabels map[string]string) er
 	return nil
 }
 
+func checkVolumeNodeAffinity(pv *v1.PersistentVolume, nodeLabels map[string]string) error {
+	if pv.Spec.NodeAffinity == nil {
+		return nil
+	}
+
+	if pv.Spec.NodeAffinity.Required != nil {
+		terms := pv.Spec.NodeAffinity.Required.NodeSelectorTerms
+		glog.V(10).Infof("Match for Required node selector terms %+v", terms)
+		for _, term := range terms {
+			selector, err := v1helper.NodeSelectorRequirementsAsSelector(term.MatchExpressions)
+			if err != nil {
+				return fmt.Errorf("Failed to parse MatchExpressions: %v", err)
+			}
+			if !selector.Matches(labels.Set(nodeLabels)) {
+				return fmt.Errorf("NodeSelectorTerm %+v does not match node labels", term.MatchExpressions)
+			}
+		}
+	}
+	return nil
+}
+
 // LoadPodFromFile will read, decode, and return a Pod from a file.
 func LoadPodFromFile(filePath string) (*v1.Pod, error) {
 	if filePath == "" {
@@ -279,200 +370,382 @@ func stringToSet(str, delimiter string) (sets.String, error) {
 	return zonesSet, nil
 }
 
-// BlockVolumePathHandler defines a set of operations for handling block volume-related operations
-type BlockVolumePathHandler interface {
-	// MapDevice creates a symbolic link to block device under specified map path
-	MapDevice(devicePath string, mapPath string, linkName string) error
-	// UnmapDevice removes a symbolic link to block device under specified map path
-	UnmapDevice(mapPath string, linkName string) error
-	// RemovePath removes a file or directory on specified map path
-	RemoveMapPath(mapPath string) error
-	// IsSymlinkExist retruns true if specified symbolic link exists
-	IsSymlinkExist(mapPath string) (bool, error)
-	// GetDeviceSymlinkRefs searches symbolic links under global map path
-	GetDeviceSymlinkRefs(devPath string, mapPath string) ([]string, error)
-	// FindGlobalMapPathUUIDFromPod finds {pod uuid} symbolic link under globalMapPath
-	// corresponding to map path symlink, and then return global map path with pod uuid.
-	FindGlobalMapPathUUIDFromPod(pluginDir, mapPath string, podUID types.UID) (string, error)
-	// AttachFileDevice takes a path to a regular file and makes it available as an
-	// attached block device.
-	AttachFileDevice(path string) (string, error)
-	// GetLoopDevice returns the full path to the loop device associated with the given path.
-	GetLoopDevice(path string) (string, error)
-	// RemoveLoopDevice removes specified loopback device
-	RemoveLoopDevice(device string) error
-}
-
-// NewBlockVolumePathHandler returns a new instance of BlockVolumeHandler.
-func NewBlockVolumePathHandler() BlockVolumePathHandler {
-	var volumePathHandler VolumePathHandler
-	return volumePathHandler
-}
-
-// VolumePathHandler is path related operation handlers for block volume
-type VolumePathHandler struct {
-}
-
-// MapDevice creates a symbolic link to block device under specified map path
-func (v VolumePathHandler) MapDevice(devicePath string, mapPath string, linkName string) error {
-	// Example of global map path:
-	//   globalMapPath/linkName: plugins/kubernetes.io/{PluginName}/{DefaultKubeletVolumeDevicesDirName}/{volumePluginDependentPath}/{podUid}
-	//   linkName: {podUid}
-	//
-	// Example of pod device map path:
-	//   podDeviceMapPath/linkName: pods/{podUid}/{DefaultKubeletVolumeDevicesDirName}/{escapeQualifiedPluginName}/{volumeName}
-	//   linkName: {volumeName}
-	if len(devicePath) == 0 {
-		return fmt.Errorf("Failed to map device to map path. devicePath is empty")
-	}
-	if len(mapPath) == 0 {
-		return fmt.Errorf("Failed to map device to map path. mapPath is empty")
-	}
-	if !filepath.IsAbs(mapPath) {
-		return fmt.Errorf("The map path should be absolute: map path: %s", mapPath)
-	}
-	glog.V(5).Infof("MapDevice: devicePath %s", devicePath)
-	glog.V(5).Infof("MapDevice: mapPath %s", mapPath)
-	glog.V(5).Infof("MapDevice: linkName %s", linkName)
-
-	// Check and create mapPath
-	_, err := os.Stat(mapPath)
-	if err != nil && !os.IsNotExist(err) {
-		glog.Errorf("cannot validate map path: %s", mapPath)
-		return err
-	}
-	if err = os.MkdirAll(mapPath, 0750); err != nil {
-		return fmt.Errorf("Failed to mkdir %s, error %v", mapPath, err)
-	}
-	// Remove old symbolic link(or file) then create new one.
-	// This should be done because current symbolic link is
-	// stale accross node reboot.
-	linkPath := path.Join(mapPath, string(linkName))
-	if err = os.Remove(linkPath); err != nil && !os.IsNotExist(err) {
-		return err
-	}
-	err = os.Symlink(devicePath, linkPath)
-	return err
+// CalculateTimeoutForVolume calculates time for a Recycler pod to complete a
+// recycle operation. The calculation and return value is either the
+// minimumTimeout or the timeoutIncrement per Gi of storage size, whichever is
+// greater.
+func CalculateTimeoutForVolume(minimumTimeout, timeoutIncrement int, pv *v1.PersistentVolume) int64 {
+	giQty := resource.MustParse("1Gi")
+	pvQty := pv.Spec.Capacity[v1.ResourceStorage]
+	giSize := giQty.Value()
+	pvSize := pvQty.Value()
+	timeout := (pvSize / giSize) * int64(timeoutIncrement)
+	if timeout < int64(minimumTimeout) {
+		return int64(minimumTimeout)
+	}
+	return timeout
 }
 
-// UnmapDevice removes a symbolic link associated to block device under specified map path
-func (v VolumePathHandler) UnmapDevice(mapPath string, linkName string) error {
-	if len(mapPath) == 0 {
-		return fmt.Errorf("Failed to unmap device from map path. mapPath is empty")
+// RoundUpSize calculates how many allocation units are needed to accommodate
+// a volume of given size. E.g. when user wants 1500MiB volume, while AWS EBS
+// allocates volumes in gibibyte-sized chunks,
+// RoundUpSize(1500 * 1024*1024, 1024*1024*1024) returns '2'
+// (2 GiB is the smallest allocatable volume that can hold 1500MiB)
+func RoundUpSize(volumeSizeBytes int64, allocationUnitBytes int64) int64 {
+	return (volumeSizeBytes + allocationUnitBytes - 1) / allocationUnitBytes
+}
+
+// RoundUpToGB rounds up given quantity to chunks of GB
+func RoundUpToGB(size resource.Quantity) int64 {
+	requestBytes := size.Value()
+	return RoundUpSize(requestBytes, GB)
+}
+
+// RoundUpToGiB rounds up given quantity upto chunks of GiB
+func RoundUpToGiB(size resource.Quantity) int64 {
+	requestBytes := size.Value()
+	return RoundUpSize(requestBytes, GIB)
+}
+
+// GenerateVolumeName returns a PV name with clusterName prefix. The function
+// should be used to generate a name of GCE PD or Cinder volume. It basically
+// adds "<clusterName>-dynamic-" before the PV name, making sure the resulting
+// string fits given length and cuts "dynamic" if not.
+func GenerateVolumeName(clusterName, pvName string, maxLength int) string {
+	prefix := clusterName + "-dynamic"
+	pvLen := len(pvName)
+
+	// cut the "<clusterName>-dynamic" to fit full pvName into maxLength
+	// +1 for the '-' dash
+	if pvLen+1+len(prefix) > maxLength {
+		prefix = prefix[:maxLength-pvLen-1]
 	}
-	glog.V(5).Infof("UnmapDevice: mapPath %s", mapPath)
-	glog.V(5).Infof("UnmapDevice: linkName %s", linkName)
+	return prefix + "-" + pvName
+}
 
-	// Check symbolic link exists
-	linkPath := path.Join(mapPath, string(linkName))
-	if islinkExist, checkErr := v.IsSymlinkExist(linkPath); checkErr != nil {
-		return checkErr
-	} else if !islinkExist {
-		glog.Warningf("Warning: Unmap skipped because symlink does not exist on the path: %v", linkPath)
-		return nil
+// GetPath checks if the path from the mounter is empty.
+func GetPath(mounter volume.Mounter) (string, error) {
+	path := mounter.GetPath()
+	if path == "" {
+		return "", fmt.Errorf("Path is empty %s", reflect.TypeOf(mounter).String())
 	}
-	err := os.Remove(linkPath)
-	return err
+	return path, nil
+}
+
+// ChooseZoneForVolume  implements our heuristics for choosing a zone for volume creation based on the volume name
+// Volumes are generally round-robin-ed across all active zones, using the hash of the PVC Name.
+// However, if the PVCName ends with `-<integer>`, we will hash the prefix, and then add the integer to the hash.
+// This means that a StatefulSet's volumes (`claimname-statefulsetname-id`) will spread across available zones,
+// assuming the id values are consecutive.
+func ChooseZoneForVolume(zones sets.String, pvcName string) string {
+	// We create the volume in a zone determined by the name
+	// Eventually the scheduler will coordinate placement into an available zone
+	hash, index := getPVCNameHashAndIndexOffset(pvcName)
+
+	// Zones.List returns zones in a consistent order (sorted)
+	// We do have a potential failure case where volumes will not be properly spread,
+	// if the set of zones changes during StatefulSet volume creation.  However, this is
+	// probably relatively unlikely because we expect the set of zones to be essentially
+	// static for clusters.
+	// Hopefully we can address this problem if/when we do full scheduler integration of
+	// PVC placement (which could also e.g. avoid putting volumes in overloaded or
+	// unhealthy zones)
+	zoneSlice := zones.List()
+	zone := zoneSlice[(hash+index)%uint32(len(zoneSlice))]
+
+	glog.V(2).Infof("Creating volume for PVC %q; chose zone=%q from zones=%q", pvcName, zone, zoneSlice)
+	return zone
+}
+
+// ChooseZonesForVolume is identical to ChooseZoneForVolume, but selects a multiple zones, for multi-zone disks.
+func ChooseZonesForVolume(zones sets.String, pvcName string, numZones uint32) sets.String {
+	// We create the volume in a zone determined by the name
+	// Eventually the scheduler will coordinate placement into an available zone
+	hash, index := getPVCNameHashAndIndexOffset(pvcName)
+
+	// Zones.List returns zones in a consistent order (sorted)
+	// We do have a potential failure case where volumes will not be properly spread,
+	// if the set of zones changes during StatefulSet volume creation.  However, this is
+	// probably relatively unlikely because we expect the set of zones to be essentially
+	// static for clusters.
+	// Hopefully we can address this problem if/when we do full scheduler integration of
+	// PVC placement (which could also e.g. avoid putting volumes in overloaded or
+	// unhealthy zones)
+	zoneSlice := zones.List()
+	replicaZones := sets.NewString()
+
+	startingIndex := index * numZones
+	for index = startingIndex; index < startingIndex+numZones; index++ {
+		zone := zoneSlice[(hash+index)%uint32(len(zoneSlice))]
+		replicaZones.Insert(zone)
+	}
+
+	glog.V(2).Infof("Creating volume for replicated PVC %q; chosen zones=%q from zones=%q",
+		pvcName, replicaZones.UnsortedList(), zoneSlice)
+	return replicaZones
 }
 
-// RemoveMapPath removes a file or directory on specified map path
-func (v VolumePathHandler) RemoveMapPath(mapPath string) error {
-	if len(mapPath) == 0 {
-		return fmt.Errorf("Failed to remove map path. mapPath is empty")
+func getPVCNameHashAndIndexOffset(pvcName string) (hash uint32, index uint32) {
+	if pvcName == "" {
+		// We should always be called with a name; this shouldn't happen
+		glog.Warningf("No name defined during volume create; choosing random zone")
+
+		hash = rand.Uint32()
+	} else {
+		hashString := pvcName
+
+		// Heuristic to make sure that volumes in a StatefulSet are spread across zones
+		// StatefulSet PVCs are (currently) named ClaimName-StatefulSetName-Id,
+		// where Id is an integer index.
+		// Note though that if a StatefulSet pod has multiple claims, we need them to be
+		// in the same zone, because otherwise the pod will be unable to mount both volumes,
+		// and will be unschedulable.  So we hash _only_ the "StatefulSetName" portion when
+		// it looks like `ClaimName-StatefulSetName-Id`.
+		// We continue to round-robin volume names that look like `Name-Id` also; this is a useful
+		// feature for users that are creating statefulset-like functionality without using statefulsets.
+		lastDash := strings.LastIndexByte(pvcName, '-')
+		if lastDash != -1 {
+			statefulsetIDString := pvcName[lastDash+1:]
+			statefulsetID, err := strconv.ParseUint(statefulsetIDString, 10, 32)
+			if err == nil {
+				// Offset by the statefulsetID, so we round-robin across zones
+				index = uint32(statefulsetID)
+				// We still hash the volume name, but only the prefix
+				hashString = pvcName[:lastDash]
+
+				// In the special case where it looks like `ClaimName-StatefulSetName-Id`,
+				// hash only the StatefulSetName, so that different claims on the same StatefulSet
+				// member end up in the same zone.
+				// Note that StatefulSetName (and ClaimName) might themselves both have dashes.
+				// We actually just take the portion after the final - of ClaimName-StatefulSetName.
+				// For our purposes it doesn't much matter (just suboptimal spreading).
+				lastDash := strings.LastIndexByte(hashString, '-')
+				if lastDash != -1 {
+					hashString = hashString[lastDash+1:]
+				}
+
+				glog.V(2).Infof("Detected StatefulSet-style volume name %q; index=%d", pvcName, index)
+			}
+		}
+
+		// We hash the (base) volume name, so we don't bias towards the first N zones
+		h := fnv.New32()
+		h.Write([]byte(hashString))
+		hash = h.Sum32()
 	}
-	glog.V(5).Infof("RemoveMapPath: mapPath %s", mapPath)
-	err := os.RemoveAll(mapPath)
-	if err != nil && !os.IsNotExist(err) {
+
+	return hash, index
+}
+
+// UnmountViaEmptyDir delegates the tear down operation for secret, configmap, git_repo and downwardapi
+// to empty_dir
+func UnmountViaEmptyDir(dir string, host volume.VolumeHost, volName string, volSpec volume.Spec, podUID utypes.UID) error {
+	glog.V(3).Infof("Tearing down volume %v for pod %v at %v", volName, podUID, dir)
+
+	// Wrap EmptyDir, let it do the teardown.
+	wrapped, err := host.NewWrapperUnmounter(volName, volSpec, podUID)
+	if err != nil {
 		return err
 	}
-	return nil
+	return wrapped.TearDownAt(dir)
 }
 
-// IsSymlinkExist returns true if specified file exists and the type is symbolik link.
-// If file doesn't exist, or file exists but not symbolick link, return false with no error.
-// On other cases, return false with error from Lstat().
-func (v VolumePathHandler) IsSymlinkExist(mapPath string) (bool, error) {
-	fi, err := os.Lstat(mapPath)
-	if err == nil {
-		// If file exits and it's symbolick link, return true and no error
-		if fi.Mode()&os.ModeSymlink == os.ModeSymlink {
-			return true, nil
+// MountOptionFromSpec extracts and joins mount options from volume spec with supplied options
+func MountOptionFromSpec(spec *volume.Spec, options ...string) []string {
+	pv := spec.PersistentVolume
+
+	if pv != nil {
+		// Use beta annotation first
+		if mo, ok := pv.Annotations[v1.MountOptionAnnotation]; ok {
+			moList := strings.Split(mo, ",")
+			return JoinMountOptions(moList, options)
+		}
+
+		if len(pv.Spec.MountOptions) > 0 {
+			return JoinMountOptions(pv.Spec.MountOptions, options)
 		}
-		// If file exits but it's not symbolick link, return fale and no error
-		return false, nil
 	}
-	// If file doesn't exist, return false and no error
-	if os.IsNotExist(err) {
-		return false, nil
+
+	return options
+}
+
+// JoinMountOptions joins mount options eliminating duplicates
+func JoinMountOptions(userOptions []string, systemOptions []string) []string {
+	allMountOptions := sets.NewString()
+
+	for _, mountOption := range userOptions {
+		if len(mountOption) > 0 {
+			allMountOptions.Insert(mountOption)
+		}
 	}
-	// Return error from Lstat()
-	return false, err
+
+	for _, mountOption := range systemOptions {
+		allMountOptions.Insert(mountOption)
+	}
+	return allMountOptions.UnsortedList()
 }
 
-// GetDeviceSymlinkRefs searches symbolic links under global map path
-func (v VolumePathHandler) GetDeviceSymlinkRefs(devPath string, mapPath string) ([]string, error) {
-	var refs []string
-	files, err := ioutil.ReadDir(mapPath)
-	if err != nil {
-		return nil, fmt.Errorf("Directory cannot read %v", err)
+// ValidateZone returns:
+// - an error in case zone is an empty string or contains only any combination of spaces and tab characters
+// - nil otherwise
+func ValidateZone(zone string) error {
+	if strings.TrimSpace(zone) == "" {
+		return fmt.Errorf("the provided %q zone is not valid, it's an empty string or contains only spaces and tab characters", zone)
 	}
-	for _, file := range files {
-		if file.Mode()&os.ModeSymlink != os.ModeSymlink {
-			continue
-		}
-		filename := file.Name()
-		filepath, err := os.Readlink(path.Join(mapPath, filename))
-		if err != nil {
-			return nil, fmt.Errorf("Symbolic link cannot be retrieved %v", err)
-		}
-		glog.V(5).Infof("GetDeviceSymlinkRefs: filepath: %v, devPath: %v", filepath, devPath)
-		if filepath == devPath {
-			refs = append(refs, path.Join(mapPath, filename))
+	return nil
+}
+
+// AccessModesContains returns whether the requested mode is contained by modes
+func AccessModesContains(modes []v1.PersistentVolumeAccessMode, mode v1.PersistentVolumeAccessMode) bool {
+	for _, m := range modes {
+		if m == mode {
+			return true
 		}
 	}
-	glog.V(5).Infof("GetDeviceSymlinkRefs: refs %v", refs)
-	return refs, nil
+	return false
 }
 
-// FindGlobalMapPathUUIDFromPod finds {pod uuid} symbolic link under globalMapPath
-// corresponding to map path symlink, and then return global map path with pod uuid.
-// ex. mapPath symlink: pods/{podUid}}/{DefaultKubeletVolumeDevicesDirName}/{escapeQualifiedPluginName}/{volumeName} -> /dev/sdX
-//     globalMapPath/{pod uuid}: plugins/kubernetes.io/{PluginName}/{DefaultKubeletVolumeDevicesDirName}/{volumePluginDependentPath}/{pod uuid} -> /dev/sdX
-func (v VolumePathHandler) FindGlobalMapPathUUIDFromPod(pluginDir, mapPath string, podUID types.UID) (string, error) {
-	var globalMapPathUUID string
-	// Find symbolic link named pod uuid under plugin dir
-	err := filepath.Walk(pluginDir, func(path string, fi os.FileInfo, err error) error {
-		if err != nil {
-			return err
+// AccessModesContainedInAll returns whether all of the requested modes are contained by modes
+func AccessModesContainedInAll(indexedModes []v1.PersistentVolumeAccessMode, requestedModes []v1.PersistentVolumeAccessMode) bool {
+	for _, mode := range requestedModes {
+		if !AccessModesContains(indexedModes, mode) {
+			return false
 		}
-		if (fi.Mode()&os.ModeSymlink == os.ModeSymlink) && (fi.Name() == string(podUID)) {
-			glog.V(5).Infof("FindGlobalMapPathFromPod: path %s, mapPath %s", path, mapPath)
-			if res, err := compareSymlinks(path, mapPath); err == nil && res {
-				globalMapPathUUID = path
-			}
+	}
+	return true
+}
+
+// GetWindowsPath get a windows path
+func GetWindowsPath(path string) string {
+	windowsPath := strings.Replace(path, "/", "\\", -1)
+	if strings.HasPrefix(windowsPath, "\\") {
+		windowsPath = "c:" + windowsPath
+	}
+	return windowsPath
+}
+
+// GetUniquePodName returns a unique identifier to reference a pod by
+func GetUniquePodName(pod *v1.Pod) types.UniquePodName {
+	return types.UniquePodName(pod.UID)
+}
+
+// GetUniqueVolumeName returns a unique name representing the volume/plugin.
+// Caller should ensure that volumeName is a name/ID uniquely identifying the
+// actual backing device, directory, path, etc. for a particular volume.
+// The returned name can be used to uniquely reference the volume, for example,
+// to prevent operations (attach/detach or mount/unmount) from being triggered
+// on the same volume.
+func GetUniqueVolumeName(pluginName, volumeName string) v1.UniqueVolumeName {
+	return v1.UniqueVolumeName(fmt.Sprintf("%s/%s", pluginName, volumeName))
+}
+
+// GetUniqueVolumeNameForNonAttachableVolume returns the unique volume name
+// for a non-attachable volume.
+func GetUniqueVolumeNameForNonAttachableVolume(
+	podName types.UniquePodName, volumePlugin volume.VolumePlugin, volumeSpec *volume.Spec) v1.UniqueVolumeName {
+	return v1.UniqueVolumeName(
+		fmt.Sprintf("%s/%v-%s", volumePlugin.GetPluginName(), podName, volumeSpec.Name()))
+}
+
+// GetUniqueVolumeNameFromSpec uses the given VolumePlugin to generate a unique
+// name representing the volume defined in the specified volume spec.
+// This returned name can be used to uniquely reference the actual backing
+// device, directory, path, etc. referenced by the given volumeSpec.
+// If the given plugin does not support the volume spec, this returns an error.
+func GetUniqueVolumeNameFromSpec(
+	volumePlugin volume.VolumePlugin,
+	volumeSpec *volume.Spec) (v1.UniqueVolumeName, error) {
+	if volumePlugin == nil {
+		return "", fmt.Errorf(
+			"volumePlugin should not be nil. volumeSpec.Name=%q",
+			volumeSpec.Name())
+	}
+
+	volumeName, err := volumePlugin.GetVolumeName(volumeSpec)
+	if err != nil || volumeName == "" {
+		return "", fmt.Errorf(
+			"failed to GetVolumeName from volumePlugin for volumeSpec %q err=%v",
+			volumeSpec.Name(),
+			err)
+	}
+
+	return GetUniqueVolumeName(
+			volumePlugin.GetPluginName(),
+			volumeName),
+		nil
+}
+
+// IsPodTerminated checks if pod is terminated
+func IsPodTerminated(pod *v1.Pod, podStatus v1.PodStatus) bool {
+	return podStatus.Phase == v1.PodFailed || podStatus.Phase == v1.PodSucceeded || (pod.DeletionTimestamp != nil && notRunning(podStatus.ContainerStatuses))
+}
+
+// notRunning returns true if every status is terminated or waiting, or the status list
+// is empty.
+func notRunning(statuses []v1.ContainerStatus) bool {
+	for _, status := range statuses {
+		if status.State.Terminated == nil && status.State.Waiting == nil {
+			return false
 		}
-		return nil
-	})
-	if err != nil {
-		return "", err
 	}
-	glog.V(5).Infof("FindGlobalMapPathFromPod: globalMapPathUUID %s", globalMapPathUUID)
-	// Return path contains global map path + {pod uuid}
-	return globalMapPathUUID, nil
+	return true
 }
 
-func compareSymlinks(global, pod string) (bool, error) {
-	devGlobal, err := os.Readlink(global)
-	if err != nil {
-		return false, err
+// SplitUniqueName splits the unique name to plugin name and volume name strings. It expects the uniqueName to follow
+// the fromat plugin_name/volume_name and the plugin name must be namespaced as described by the plugin interface,
+// i.e. namespace/plugin containing exactly one '/'. This means the unique name will always be in the form of
+// plugin_namespace/plugin/volume_name, see k8s.io/kubernetes/pkg/volume/plugins.go VolumePlugin interface
+// description and pkg/volume/util/volumehelper/volumehelper.go GetUniqueVolumeNameFromSpec that constructs
+// the unique volume names.
+func SplitUniqueName(uniqueName v1.UniqueVolumeName) (string, string, error) {
+	components := strings.SplitN(string(uniqueName), "/", 3)
+	if len(components) != 3 {
+		return "", "", fmt.Errorf("cannot split volume unique name %s to plugin/volume components", uniqueName)
+	}
+	pluginName := fmt.Sprintf("%s/%s", components[0], components[1])
+	return pluginName, components[2], nil
+}
+
+// NewSafeFormatAndMountFromHost creates a new SafeFormatAndMount with Mounter
+// and Exec taken from given VolumeHost.
+func NewSafeFormatAndMountFromHost(pluginName string, host volume.VolumeHost) *mount.SafeFormatAndMount {
+	mounter := host.GetMounter(pluginName)
+	exec := host.GetExec(pluginName)
+	return &mount.SafeFormatAndMount{Interface: mounter, Exec: exec}
+}
+
+// GetVolumeMode retrieves VolumeMode from pv.
+// If the volume doesn't have PersistentVolume, it's an inline volume,
+// should return volumeMode as filesystem to keep existing behavior.
+func GetVolumeMode(volumeSpec *volume.Spec) (v1.PersistentVolumeMode, error) {
+	if volumeSpec == nil || volumeSpec.PersistentVolume == nil {
+		return v1.PersistentVolumeFilesystem, nil
 	}
-	devPod, err := os.Readlink(pod)
-	if err != nil {
-		return false, err
+	if volumeSpec.PersistentVolume.Spec.VolumeMode != nil {
+		return *volumeSpec.PersistentVolume.Spec.VolumeMode, nil
 	}
-	glog.V(5).Infof("CompareSymlinks: devGloBal %s, devPod %s", devGlobal, devPod)
-	if devGlobal == devPod {
-		return true, nil
+	return "", fmt.Errorf("cannot get volumeMode for volume: %v", volumeSpec.Name())
+}
+
+// GetPersistentVolumeClaimVolumeMode retrieves VolumeMode from pvc.
+func GetPersistentVolumeClaimVolumeMode(claim *v1.PersistentVolumeClaim) (v1.PersistentVolumeMode, error) {
+	if claim.Spec.VolumeMode != nil {
+		return *claim.Spec.VolumeMode, nil
+	}
+	return "", fmt.Errorf("cannot get volumeMode from pvc: %v", claim.Name)
+}
+
+// CheckVolumeModeFilesystem checks VolumeMode.
+// If the mode is Filesystem, return true otherwise return false.
+func CheckVolumeModeFilesystem(volumeSpec *volume.Spec) (bool, error) {
+	if utilfeature.DefaultFeatureGate.Enabled(features.BlockVolume) {
+		volumeMode, err := GetVolumeMode(volumeSpec)
+		if err != nil {
+			return true, err
+		}
+		if volumeMode == v1.PersistentVolumeBlock {
+			return false, nil
+		}
 	}
-	return false, nil
+	return true, nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/volumehelper/volumehelper.go b/vendor/k8s.io/kubernetes/pkg/volume/util/volumehelper/volumehelper.go
deleted file mode 100644
index 74b14be5de80..000000000000
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/volumehelper/volumehelper.go
+++ /dev/null
@@ -1,159 +0,0 @@
-/*
-Copyright 2016 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-// Package volumehelper contains consts and helper methods used by various
-// volume components (attach/detach controller, kubelet, etc.).
-package volumehelper
-
-import (
-	"fmt"
-	"strings"
-
-	"k8s.io/api/core/v1"
-	"k8s.io/kubernetes/pkg/util/mount"
-	"k8s.io/kubernetes/pkg/volume"
-	"k8s.io/kubernetes/pkg/volume/util/types"
-)
-
-const (
-	// ControllerManagedAttachAnnotation is the key of the annotation on Node
-	// objects that indicates attach/detach operations for the node should be
-	// managed by the attach/detach controller
-	ControllerManagedAttachAnnotation string = "volumes.kubernetes.io/controller-managed-attach-detach"
-
-	// KeepTerminatedPodVolumesAnnotation is the key of the annotation on Node
-	// that decides if pod volumes are unmounted when pod is terminated
-	KeepTerminatedPodVolumesAnnotation string = "volumes.kubernetes.io/keep-terminated-pod-volumes"
-
-	// VolumeGidAnnotationKey is the of the annotation on the PersistentVolume
-	// object that specifies a supplemental GID.
-	VolumeGidAnnotationKey = "pv.beta.kubernetes.io/gid"
-
-	// VolumeDynamicallyCreatedByKey is the key of the annotation on PersistentVolume
-	// object created dynamically
-	VolumeDynamicallyCreatedByKey = "kubernetes.io/createdby"
-)
-
-// GetUniquePodName returns a unique identifier to reference a pod by
-func GetUniquePodName(pod *v1.Pod) types.UniquePodName {
-	return types.UniquePodName(pod.UID)
-}
-
-// GetUniqueVolumeName returns a unique name representing the volume/plugin.
-// Caller should ensure that volumeName is a name/ID uniquely identifying the
-// actual backing device, directory, path, etc. for a particular volume.
-// The returned name can be used to uniquely reference the volume, for example,
-// to prevent operations (attach/detach or mount/unmount) from being triggered
-// on the same volume.
-func GetUniqueVolumeName(pluginName, volumeName string) v1.UniqueVolumeName {
-	return v1.UniqueVolumeName(fmt.Sprintf("%s/%s", pluginName, volumeName))
-}
-
-// GetUniqueVolumeNameForNonAttachableVolume returns the unique volume name
-// for a non-attachable volume.
-func GetUniqueVolumeNameForNonAttachableVolume(
-	podName types.UniquePodName, volumePlugin volume.VolumePlugin, volumeSpec *volume.Spec) v1.UniqueVolumeName {
-	return v1.UniqueVolumeName(
-		fmt.Sprintf("%s/%v-%s", volumePlugin.GetPluginName(), podName, volumeSpec.Name()))
-}
-
-// GetUniqueVolumeNameFromSpec uses the given VolumePlugin to generate a unique
-// name representing the volume defined in the specified volume spec.
-// This returned name can be used to uniquely reference the actual backing
-// device, directory, path, etc. referenced by the given volumeSpec.
-// If the given plugin does not support the volume spec, this returns an error.
-func GetUniqueVolumeNameFromSpec(
-	volumePlugin volume.VolumePlugin,
-	volumeSpec *volume.Spec) (v1.UniqueVolumeName, error) {
-	if volumePlugin == nil {
-		return "", fmt.Errorf(
-			"volumePlugin should not be nil. volumeSpec.Name=%q",
-			volumeSpec.Name())
-	}
-
-	volumeName, err := volumePlugin.GetVolumeName(volumeSpec)
-	if err != nil || volumeName == "" {
-		return "", fmt.Errorf(
-			"failed to GetVolumeName from volumePlugin for volumeSpec %q err=%v",
-			volumeSpec.Name(),
-			err)
-	}
-
-	return GetUniqueVolumeName(
-			volumePlugin.GetPluginName(),
-			volumeName),
-		nil
-}
-
-// IsPodTerminated checks if pod is terminated
-func IsPodTerminated(pod *v1.Pod, podStatus v1.PodStatus) bool {
-	return podStatus.Phase == v1.PodFailed || podStatus.Phase == v1.PodSucceeded || (pod.DeletionTimestamp != nil && notRunning(podStatus.ContainerStatuses))
-}
-
-// notRunning returns true if every status is terminated or waiting, or the status list
-// is empty.
-func notRunning(statuses []v1.ContainerStatus) bool {
-	for _, status := range statuses {
-		if status.State.Terminated == nil && status.State.Waiting == nil {
-			return false
-		}
-	}
-	return true
-}
-
-// SplitUniqueName splits the unique name to plugin name and volume name strings. It expects the uniqueName to follow
-// the fromat plugin_name/volume_name and the plugin name must be namespaced as descibed by the plugin interface,
-// i.e. namespace/plugin containing exactly one '/'. This means the unique name will always be in the form of
-// plugin_namespace/plugin/volume_name, see k8s.io/kubernetes/pkg/volume/plugins.go VolumePlugin interface
-// description and pkg/volume/util/volumehelper/volumehelper.go GetUniqueVolumeNameFromSpec that constructs
-// the unique volume names.
-func SplitUniqueName(uniqueName v1.UniqueVolumeName) (string, string, error) {
-	components := strings.SplitN(string(uniqueName), "/", 3)
-	if len(components) != 3 {
-		return "", "", fmt.Errorf("cannot split volume unique name %s to plugin/volume components", uniqueName)
-	}
-	pluginName := fmt.Sprintf("%s/%s", components[0], components[1])
-	return pluginName, components[2], nil
-}
-
-// NewSafeFormatAndMountFromHost creates a new SafeFormatAndMount with Mounter
-// and Exec taken from given VolumeHost.
-func NewSafeFormatAndMountFromHost(pluginName string, host volume.VolumeHost) *mount.SafeFormatAndMount {
-	mounter := host.GetMounter(pluginName)
-	exec := host.GetExec(pluginName)
-	return &mount.SafeFormatAndMount{Interface: mounter, Exec: exec}
-}
-
-// GetVolumeMode retrieves VolumeMode from pv.
-// If the volume doesn't have PersistentVolume, it's an inline volume,
-// should return volumeMode as filesystem to keep existing behavior.
-func GetVolumeMode(volumeSpec *volume.Spec) (v1.PersistentVolumeMode, error) {
-	if volumeSpec == nil || volumeSpec.PersistentVolume == nil {
-		return v1.PersistentVolumeFilesystem, nil
-	}
-	if volumeSpec.PersistentVolume.Spec.VolumeMode != nil {
-		return *volumeSpec.PersistentVolume.Spec.VolumeMode, nil
-	}
-	return "", fmt.Errorf("cannot get volumeMode for volume: %v", volumeSpec.Name())
-}
-
-// GetPersistentVolumeClaimVolumeMode retrieves VolumeMode from pvc.
-func GetPersistentVolumeClaimVolumeMode(claim *v1.PersistentVolumeClaim) (v1.PersistentVolumeMode, error) {
-	if claim.Spec.VolumeMode != nil {
-		return *claim.Spec.VolumeMode, nil
-	}
-	return "", fmt.Errorf("cannot get volumeMode from pvc: %v", claim.Name)
-}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/volumepathhandler/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/util/volumepathhandler/BUILD
new file mode 100644
index 000000000000..562bfa906712
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/volumepathhandler/BUILD
@@ -0,0 +1,63 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "volume_path_handler.go",
+    ] + select({
+        "@io_bazel_rules_go//go/platform:android": [
+            "volume_path_handler_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:darwin": [
+            "volume_path_handler_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:dragonfly": [
+            "volume_path_handler_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:freebsd": [
+            "volume_path_handler_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:linux": [
+            "volume_path_handler_linux.go",
+        ],
+        "@io_bazel_rules_go//go/platform:nacl": [
+            "volume_path_handler_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:netbsd": [
+            "volume_path_handler_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:openbsd": [
+            "volume_path_handler_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:plan9": [
+            "volume_path_handler_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:solaris": [
+            "volume_path_handler_unsupported.go",
+        ],
+        "@io_bazel_rules_go//go/platform:windows": [
+            "volume_path_handler_unsupported.go",
+        ],
+        "//conditions:default": [],
+    }),
+    importpath = "k8s.io/kubernetes/pkg/volume/util/volumepathhandler",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/volumepathhandler/volume_path_handler.go b/vendor/k8s.io/kubernetes/pkg/volume/util/volumepathhandler/volume_path_handler.go
new file mode 100644
index 000000000000..61680c11577e
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/volumepathhandler/volume_path_handler.go
@@ -0,0 +1,233 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package volumepathhandler
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path"
+	"path/filepath"
+
+	"github.com/golang/glog"
+
+	"k8s.io/apimachinery/pkg/types"
+)
+
+const (
+	losetupPath           = "losetup"
+	ErrDeviceNotFound     = "device not found"
+	ErrDeviceNotSupported = "device not supported"
+)
+
+// BlockVolumePathHandler defines a set of operations for handling block volume-related operations
+type BlockVolumePathHandler interface {
+	// MapDevice creates a symbolic link to block device under specified map path
+	MapDevice(devicePath string, mapPath string, linkName string) error
+	// UnmapDevice removes a symbolic link to block device under specified map path
+	UnmapDevice(mapPath string, linkName string) error
+	// RemovePath removes a file or directory on specified map path
+	RemoveMapPath(mapPath string) error
+	// IsSymlinkExist retruns true if specified symbolic link exists
+	IsSymlinkExist(mapPath string) (bool, error)
+	// GetDeviceSymlinkRefs searches symbolic links under global map path
+	GetDeviceSymlinkRefs(devPath string, mapPath string) ([]string, error)
+	// FindGlobalMapPathUUIDFromPod finds {pod uuid} symbolic link under globalMapPath
+	// corresponding to map path symlink, and then return global map path with pod uuid.
+	FindGlobalMapPathUUIDFromPod(pluginDir, mapPath string, podUID types.UID) (string, error)
+	// AttachFileDevice takes a path to a regular file and makes it available as an
+	// attached block device.
+	AttachFileDevice(path string) (string, error)
+	// GetLoopDevice returns the full path to the loop device associated with the given path.
+	GetLoopDevice(path string) (string, error)
+	// RemoveLoopDevice removes specified loopback device
+	RemoveLoopDevice(device string) error
+}
+
+// NewBlockVolumePathHandler returns a new instance of BlockVolumeHandler.
+func NewBlockVolumePathHandler() BlockVolumePathHandler {
+	var volumePathHandler VolumePathHandler
+	return volumePathHandler
+}
+
+// VolumePathHandler is path related operation handlers for block volume
+type VolumePathHandler struct {
+}
+
+// MapDevice creates a symbolic link to block device under specified map path
+func (v VolumePathHandler) MapDevice(devicePath string, mapPath string, linkName string) error {
+	// Example of global map path:
+	//   globalMapPath/linkName: plugins/kubernetes.io/{PluginName}/{DefaultKubeletVolumeDevicesDirName}/{volumePluginDependentPath}/{podUid}
+	//   linkName: {podUid}
+	//
+	// Example of pod device map path:
+	//   podDeviceMapPath/linkName: pods/{podUid}/{DefaultKubeletVolumeDevicesDirName}/{escapeQualifiedPluginName}/{volumeName}
+	//   linkName: {volumeName}
+	if len(devicePath) == 0 {
+		return fmt.Errorf("Failed to map device to map path. devicePath is empty")
+	}
+	if len(mapPath) == 0 {
+		return fmt.Errorf("Failed to map device to map path. mapPath is empty")
+	}
+	if !filepath.IsAbs(mapPath) {
+		return fmt.Errorf("The map path should be absolute: map path: %s", mapPath)
+	}
+	glog.V(5).Infof("MapDevice: devicePath %s", devicePath)
+	glog.V(5).Infof("MapDevice: mapPath %s", mapPath)
+	glog.V(5).Infof("MapDevice: linkName %s", linkName)
+
+	// Check and create mapPath
+	_, err := os.Stat(mapPath)
+	if err != nil && !os.IsNotExist(err) {
+		glog.Errorf("cannot validate map path: %s", mapPath)
+		return err
+	}
+	if err = os.MkdirAll(mapPath, 0750); err != nil {
+		return fmt.Errorf("Failed to mkdir %s, error %v", mapPath, err)
+	}
+	// Remove old symbolic link(or file) then create new one.
+	// This should be done because current symbolic link is
+	// stale across node reboot.
+	linkPath := path.Join(mapPath, string(linkName))
+	if err = os.Remove(linkPath); err != nil && !os.IsNotExist(err) {
+		return err
+	}
+	err = os.Symlink(devicePath, linkPath)
+	return err
+}
+
+// UnmapDevice removes a symbolic link associated to block device under specified map path
+func (v VolumePathHandler) UnmapDevice(mapPath string, linkName string) error {
+	if len(mapPath) == 0 {
+		return fmt.Errorf("Failed to unmap device from map path. mapPath is empty")
+	}
+	glog.V(5).Infof("UnmapDevice: mapPath %s", mapPath)
+	glog.V(5).Infof("UnmapDevice: linkName %s", linkName)
+
+	// Check symbolic link exists
+	linkPath := path.Join(mapPath, string(linkName))
+	if islinkExist, checkErr := v.IsSymlinkExist(linkPath); checkErr != nil {
+		return checkErr
+	} else if !islinkExist {
+		glog.Warningf("Warning: Unmap skipped because symlink does not exist on the path: %v", linkPath)
+		return nil
+	}
+	err := os.Remove(linkPath)
+	return err
+}
+
+// RemoveMapPath removes a file or directory on specified map path
+func (v VolumePathHandler) RemoveMapPath(mapPath string) error {
+	if len(mapPath) == 0 {
+		return fmt.Errorf("Failed to remove map path. mapPath is empty")
+	}
+	glog.V(5).Infof("RemoveMapPath: mapPath %s", mapPath)
+	err := os.RemoveAll(mapPath)
+	if err != nil && !os.IsNotExist(err) {
+		return err
+	}
+	return nil
+}
+
+// IsSymlinkExist returns true if specified file exists and the type is symbolik link.
+// If file doesn't exist, or file exists but not symbolick link, return false with no error.
+// On other cases, return false with error from Lstat().
+func (v VolumePathHandler) IsSymlinkExist(mapPath string) (bool, error) {
+	fi, err := os.Lstat(mapPath)
+	if err == nil {
+		// If file exits and it's symbolick link, return true and no error
+		if fi.Mode()&os.ModeSymlink == os.ModeSymlink {
+			return true, nil
+		}
+		// If file exits but it's not symbolick link, return fale and no error
+		return false, nil
+	}
+	// If file doesn't exist, return false and no error
+	if os.IsNotExist(err) {
+		return false, nil
+	}
+	// Return error from Lstat()
+	return false, err
+}
+
+// GetDeviceSymlinkRefs searches symbolic links under global map path
+func (v VolumePathHandler) GetDeviceSymlinkRefs(devPath string, mapPath string) ([]string, error) {
+	var refs []string
+	files, err := ioutil.ReadDir(mapPath)
+	if err != nil {
+		return nil, fmt.Errorf("Directory cannot read %v", err)
+	}
+	for _, file := range files {
+		if file.Mode()&os.ModeSymlink != os.ModeSymlink {
+			continue
+		}
+		filename := file.Name()
+		filepath, err := os.Readlink(path.Join(mapPath, filename))
+		if err != nil {
+			return nil, fmt.Errorf("Symbolic link cannot be retrieved %v", err)
+		}
+		glog.V(5).Infof("GetDeviceSymlinkRefs: filepath: %v, devPath: %v", filepath, devPath)
+		if filepath == devPath {
+			refs = append(refs, path.Join(mapPath, filename))
+		}
+	}
+	glog.V(5).Infof("GetDeviceSymlinkRefs: refs %v", refs)
+	return refs, nil
+}
+
+// FindGlobalMapPathUUIDFromPod finds {pod uuid} symbolic link under globalMapPath
+// corresponding to map path symlink, and then return global map path with pod uuid.
+// ex. mapPath symlink: pods/{podUid}}/{DefaultKubeletVolumeDevicesDirName}/{escapeQualifiedPluginName}/{volumeName} -> /dev/sdX
+//     globalMapPath/{pod uuid}: plugins/kubernetes.io/{PluginName}/{DefaultKubeletVolumeDevicesDirName}/{volumePluginDependentPath}/{pod uuid} -> /dev/sdX
+func (v VolumePathHandler) FindGlobalMapPathUUIDFromPod(pluginDir, mapPath string, podUID types.UID) (string, error) {
+	var globalMapPathUUID string
+	// Find symbolic link named pod uuid under plugin dir
+	err := filepath.Walk(pluginDir, func(path string, fi os.FileInfo, err error) error {
+		if err != nil {
+			return err
+		}
+		if (fi.Mode()&os.ModeSymlink == os.ModeSymlink) && (fi.Name() == string(podUID)) {
+			glog.V(5).Infof("FindGlobalMapPathFromPod: path %s, mapPath %s", path, mapPath)
+			if res, err := compareSymlinks(path, mapPath); err == nil && res {
+				globalMapPathUUID = path
+			}
+		}
+		return nil
+	})
+	if err != nil {
+		return "", err
+	}
+	glog.V(5).Infof("FindGlobalMapPathFromPod: globalMapPathUUID %s", globalMapPathUUID)
+	// Return path contains global map path + {pod uuid}
+	return globalMapPathUUID, nil
+}
+
+func compareSymlinks(global, pod string) (bool, error) {
+	devGlobal, err := os.Readlink(global)
+	if err != nil {
+		return false, err
+	}
+	devPod, err := os.Readlink(pod)
+	if err != nil {
+		return false, err
+	}
+	glog.V(5).Infof("CompareSymlinks: devGloBal %s, devPod %s", devGlobal, devPod)
+	if devGlobal == devPod {
+		return true, nil
+	}
+	return false, nil
+}
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/util_linux.go b/vendor/k8s.io/kubernetes/pkg/volume/util/volumepathhandler/volume_path_handler_linux.go
similarity index 87%
rename from vendor/k8s.io/kubernetes/pkg/volume/util/util_linux.go
rename to vendor/k8s.io/kubernetes/pkg/volume/util/volumepathhandler/volume_path_handler_linux.go
index 755a10f012a4..f9a886d7dc64 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/util_linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/volumepathhandler/volume_path_handler_linux.go
@@ -1,7 +1,7 @@
 // +build linux
 
 /*
-Copyright 2017 The Kubernetes Authors.
+Copyright 2018 The Kubernetes Authors.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package util
+package volumepathhandler
 
 import (
 	"errors"
@@ -51,7 +51,7 @@ func (v VolumePathHandler) AttachFileDevice(path string) (string, error) {
 func (v VolumePathHandler) GetLoopDevice(path string) (string, error) {
 	_, err := os.Stat(path)
 	if os.IsNotExist(err) {
-		return "", errors.New(ErrNotAvailable)
+		return "", errors.New(ErrDeviceNotFound)
 	}
 	if err != nil {
 		return "", fmt.Errorf("not attachable: %v", err)
@@ -61,7 +61,7 @@ func (v VolumePathHandler) GetLoopDevice(path string) (string, error) {
 	cmd := exec.Command(losetupPath, args...)
 	out, err := cmd.CombinedOutput()
 	if err != nil {
-		glog.V(2).Infof("Failed device discover command for path %s: %v", path, err)
+		glog.V(2).Infof("Failed device discover command for path %s: %v %s", path, err, out)
 		return "", err
 	}
 	return parseLosetupOutputForDevice(out)
@@ -72,7 +72,7 @@ func makeLoopDevice(path string) (string, error) {
 	cmd := exec.Command(losetupPath, args...)
 	out, err := cmd.CombinedOutput()
 	if err != nil {
-		glog.V(2).Infof("Failed device create command for path %s: %v", path, err)
+		glog.V(2).Infof("Failed device create command for path: %s %v %s ", path, err, out)
 		return "", err
 	}
 	return parseLosetupOutputForDevice(out)
@@ -84,9 +84,11 @@ func (v VolumePathHandler) RemoveLoopDevice(device string) error {
 	cmd := exec.Command(losetupPath, args...)
 	out, err := cmd.CombinedOutput()
 	if err != nil {
-		if !strings.Contains(string(out), "No such device or address") {
-			return err
+		if _, err := os.Stat(device); os.IsNotExist(err) {
+			return nil
 		}
+		glog.V(2).Infof("Failed to remove loopback device: %s: %v %s", device, err, out)
+		return err
 	}
 	return nil
 }
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/util_unsupported.go b/vendor/k8s.io/kubernetes/pkg/volume/util/volumepathhandler/volume_path_handler_unsupported.go
similarity index 95%
rename from vendor/k8s.io/kubernetes/pkg/volume/util/util_unsupported.go
rename to vendor/k8s.io/kubernetes/pkg/volume/util/volumepathhandler/volume_path_handler_unsupported.go
index 930e4f663dd4..266398b1da8b 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/util_unsupported.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/volumepathhandler/volume_path_handler_unsupported.go
@@ -1,7 +1,7 @@
 // +build !linux
 
 /*
-Copyright 2017 The Kubernetes Authors.
+Copyright 2018 The Kubernetes Authors.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package util
+package volumepathhandler
 
 import (
 	"fmt"
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/validation/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/validation/BUILD
index a3cc585f7a41..453058567343 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/validation/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["pv_validation_test.go"],
-    importpath = "k8s.io/kubernetes/pkg/volume/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/vsphere_volume/BUILD b/vendor/k8s.io/kubernetes/pkg/volume/vsphere_volume/BUILD
index a2bd11e8fbcb..f69c1fb6d4a4 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/vsphere_volume/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/volume/vsphere_volume/BUILD
@@ -23,7 +23,6 @@ go_library(
         "//pkg/util/strings:go_default_library",
         "//pkg/volume:go_default_library",
         "//pkg/volume/util:go_default_library",
-        "//pkg/volume/util/volumehelper:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
@@ -38,8 +37,7 @@ go_test(
         "attacher_test.go",
         "vsphere_volume_test.go",
     ],
-    importpath = "k8s.io/kubernetes/pkg/volume/vsphere_volume",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/cloudprovider/providers/vsphere/vclib:go_default_library",
         "//pkg/util/mount:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/vsphere_volume/attacher.go b/vendor/k8s.io/kubernetes/pkg/volume/vsphere_volume/attacher.go
index fb9886beba28..0cf3440d8a24 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/vsphere_volume/attacher.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/vsphere_volume/attacher.go
@@ -30,7 +30,6 @@ import (
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
 	volumeutil "k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 type vsphereVMDKAttacher struct {
@@ -219,8 +218,8 @@ func (attacher *vsphereVMDKAttacher) MountDevice(spec *volume.Spec, devicePath s
 	options := []string{}
 
 	if notMnt {
-		diskMounter := volumehelper.NewSafeFormatAndMountFromHost(vsphereVolumePluginName, attacher.host)
-		mountOptions := volume.MountOptionFromSpec(spec, options...)
+		diskMounter := volumeutil.NewSafeFormatAndMountFromHost(vsphereVolumePluginName, attacher.host)
+		mountOptions := volumeutil.MountOptionFromSpec(spec, options...)
 		err = diskMounter.FormatAndMount(devicePath, deviceMountPath, volumeSource.FSType, mountOptions)
 		if err != nil {
 			os.Remove(deviceMountPath)
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/vsphere_volume/vsphere_volume.go b/vendor/k8s.io/kubernetes/pkg/volume/vsphere_volume/vsphere_volume.go
index 6c8fe5b9da68..7b1e611df54d 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/vsphere_volume/vsphere_volume.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/vsphere_volume/vsphere_volume.go
@@ -31,7 +31,6 @@ import (
 	utilstrings "k8s.io/kubernetes/pkg/util/strings"
 	"k8s.io/kubernetes/pkg/volume"
 	"k8s.io/kubernetes/pkg/volume/util"
-	"k8s.io/kubernetes/pkg/volume/util/volumehelper"
 )
 
 // This is the primary entrypoint for volume plugins.
@@ -52,6 +51,10 @@ const (
 	vsphereVolumePluginName = "kubernetes.io/vsphere-volume"
 )
 
+func getPath(uid types.UID, volName string, host volume.VolumeHost) string {
+	return host.GetPodVolumeDir(uid, utilstrings.EscapeQualifiedNameForDisk(vsphereVolumePluginName), volName)
+}
+
 // vSphere Volume Plugin
 func (plugin *vsphereVolumePlugin) Init(host volume.VolumeHost) error {
 	plugin.host = host
@@ -107,25 +110,27 @@ func (plugin *vsphereVolumePlugin) newMounterInternal(spec *volume.Spec, podUID
 
 	return &vsphereVolumeMounter{
 		vsphereVolume: &vsphereVolume{
-			podUID:  podUID,
-			volName: spec.Name(),
-			volPath: volPath,
-			manager: manager,
-			mounter: mounter,
-			plugin:  plugin,
+			podUID:          podUID,
+			volName:         spec.Name(),
+			volPath:         volPath,
+			manager:         manager,
+			mounter:         mounter,
+			plugin:          plugin,
+			MetricsProvider: volume.NewMetricsStatFS(getPath(podUID, spec.Name(), plugin.host)),
 		},
 		fsType:      fsType,
-		diskMounter: volumehelper.NewSafeFormatAndMountFromHost(plugin.GetPluginName(), plugin.host)}, nil
+		diskMounter: util.NewSafeFormatAndMountFromHost(plugin.GetPluginName(), plugin.host)}, nil
 }
 
 func (plugin *vsphereVolumePlugin) newUnmounterInternal(volName string, podUID types.UID, manager vdManager, mounter mount.Interface) (volume.Unmounter, error) {
 	return &vsphereVolumeUnmounter{
 		&vsphereVolume{
-			podUID:  podUID,
-			volName: volName,
-			manager: manager,
-			mounter: mounter,
-			plugin:  plugin,
+			podUID:          podUID,
+			volName:         volName,
+			manager:         manager,
+			mounter:         mounter,
+			plugin:          plugin,
+			MetricsProvider: volume.NewMetricsStatFS(getPath(podUID, volName, plugin.host)),
 		}}, nil
 }
 
@@ -174,7 +179,7 @@ type vsphereVolume struct {
 	// diskMounter provides the interface that is used to mount the actual block device.
 	diskMounter mount.Interface
 	plugin      *vsphereVolumePlugin
-	volume.MetricsNil
+	volume.MetricsProvider
 }
 
 var _ volume.Mounter = &vsphereVolumeMounter{}
@@ -344,7 +349,7 @@ func (plugin *vsphereVolumePlugin) newProvisionerInternal(options volume.VolumeO
 }
 
 func (v *vsphereVolumeProvisioner) Provision() (*v1.PersistentVolume, error) {
-	if !volume.AccessModesContainedInAll(v.plugin.GetAccessModes(), v.options.PVC.Spec.AccessModes) {
+	if !util.AccessModesContainedInAll(v.plugin.GetAccessModes(), v.options.PVC.Spec.AccessModes) {
 		return nil, fmt.Errorf("invalid AccessModes %v: only AccessModes %v are supported", v.options.PVC.Spec.AccessModes, v.plugin.GetAccessModes())
 	}
 
@@ -362,7 +367,7 @@ func (v *vsphereVolumeProvisioner) Provision() (*v1.PersistentVolume, error) {
 			Name:   v.options.PVName,
 			Labels: map[string]string{},
 			Annotations: map[string]string{
-				volumehelper.VolumeDynamicallyCreatedByKey: "vsphere-volume-dynamic-provisioner",
+				util.VolumeDynamicallyCreatedByKey: "vsphere-volume-dynamic-provisioner",
 			},
 		},
 		Spec: v1.PersistentVolumeSpec{
diff --git a/vendor/k8s.io/kubernetes/pkg/volume/vsphere_volume/vsphere_volume_util.go b/vendor/k8s.io/kubernetes/pkg/volume/vsphere_volume/vsphere_volume_util.go
index 0f5d335ec54e..14e235d5db9f 100644
--- a/vendor/k8s.io/kubernetes/pkg/volume/vsphere_volume/vsphere_volume_util.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/vsphere_volume/vsphere_volume_util.go
@@ -93,8 +93,8 @@ func (util *VsphereDiskUtil) CreateVolume(v *vsphereVolumeProvisioner) (volSpec
 	capacity := v.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)]
 	volSizeBytes := capacity.Value()
 	// vSphere works with kilobytes, convert to KiB with rounding up
-	volSizeKB := int(volume.RoundUpSize(volSizeBytes, 1024))
-	name := volume.GenerateVolumeName(v.options.ClusterName, v.options.PVName, 255)
+	volSizeKB := int(volumeutil.RoundUpSize(volSizeBytes, 1024))
+	name := volumeutil.GenerateVolumeName(v.options.ClusterName, v.options.PVName, 255)
 	volumeOptions := &vclib.VolumeOptions{
 		CapacityKB: volSizeKB,
 		Tags:       *v.options.CloudTags,
diff --git a/vendor/k8s.io/kubernetes/pkg/windows/service/BUILD b/vendor/k8s.io/kubernetes/pkg/windows/service/BUILD
new file mode 100644
index 000000000000..ea07fc9e4d41
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/windows/service/BUILD
@@ -0,0 +1,38 @@
+package(default_visibility = ["//visibility:public"])
+
+load(
+    "@io_bazel_rules_go//go:def.bzl",
+    "go_library",
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = select({
+        "@io_bazel_rules_go//go/platform:windows": [
+            "service.go",
+        ],
+        "//conditions:default": [],
+    }),
+    importpath = "k8s.io/kubernetes/pkg/windows/service",
+    deps = select({
+        "@io_bazel_rules_go//go/platform:windows": [
+            "//vendor/github.com/golang/glog:go_default_library",
+            "//vendor/golang.org/x/sys/windows:go_default_library",
+            "//vendor/golang.org/x/sys/windows/svc:go_default_library",
+        ],
+        "//conditions:default": [],
+    }),
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+)
diff --git a/vendor/k8s.io/kubernetes/pkg/windows/service/service.go b/vendor/k8s.io/kubernetes/pkg/windows/service/service.go
new file mode 100644
index 000000000000..acc48246f1e7
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/pkg/windows/service/service.go
@@ -0,0 +1,91 @@
+// +build windows
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package service
+
+import (
+	"os"
+
+	"github.com/golang/glog"
+
+	"golang.org/x/sys/windows"
+	"golang.org/x/sys/windows/svc"
+)
+
+var (
+	service *handler
+)
+
+type handler struct {
+	tosvc   chan bool
+	fromsvc chan error
+}
+
+// InitService is the entry point for running the daemon as a Windows
+// service. It returns an indication of whether it is running as a service;
+// and an error.
+func InitService(serviceName string) error {
+	h := &handler{
+		tosvc:   make(chan bool),
+		fromsvc: make(chan error),
+	}
+
+	service = h
+	var err error
+	go func() {
+		err = svc.Run(serviceName, h)
+		h.fromsvc <- err
+	}()
+
+	// Wait for the first signal from the service handler.
+	err = <-h.fromsvc
+	if err != nil {
+		return err
+	}
+	glog.Infof("Running %s as a Windows service!", serviceName)
+	return nil
+}
+
+func (h *handler) Execute(_ []string, r <-chan svc.ChangeRequest, s chan<- svc.Status) (bool, uint32) {
+	s <- svc.Status{State: svc.StartPending, Accepts: 0}
+	// Unblock initService()
+	h.fromsvc <- nil
+
+	s <- svc.Status{State: svc.Running, Accepts: svc.AcceptStop | svc.AcceptShutdown | svc.Accepted(windows.SERVICE_ACCEPT_PARAMCHANGE)}
+	glog.Infof("Service running")
+Loop:
+	for {
+		select {
+		case <-h.tosvc:
+			break Loop
+		case c := <-r:
+			switch c.Cmd {
+			case svc.Cmd(windows.SERVICE_CONTROL_PARAMCHANGE):
+				s <- c.CurrentStatus
+			case svc.Interrogate:
+				s <- c.CurrentStatus
+			case svc.Stop, svc.Shutdown:
+				s <- svc.Status{State: svc.Stopped}
+				// TODO: Stop the kubelet gracefully instead of killing the process
+				os.Exit(0)
+			}
+		}
+	}
+
+	return false, 0
+}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/admit/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/admit/BUILD
index d660932d2197..e69bde9470a4 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/admit/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/admit/BUILD
@@ -10,14 +10,16 @@ go_library(
     name = "go_default_library",
     srcs = ["admission.go"],
     importpath = "k8s.io/kubernetes/plugin/pkg/admission/admit",
-    deps = ["//vendor/k8s.io/apiserver/pkg/admission:go_default_library"],
+    deps = [
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
+    ],
 )
 
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/admit",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/admit/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/admit/admission.go
index 3c428d9136fb..863184d32e99 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/admit/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/admit/admission.go
@@ -19,40 +19,46 @@ package admit
 import (
 	"io"
 
+	"github.com/golang/glog"
 	"k8s.io/apiserver/pkg/admission"
 )
 
+// PluginName indicates name of admission plugin.
+const PluginName = "AlwaysAdmit"
+
 // Register registers a plugin
 func Register(plugins *admission.Plugins) {
-	plugins.Register("AlwaysAdmit", func(config io.Reader) (admission.Interface, error) {
+	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
 		return NewAlwaysAdmit(), nil
 	})
 }
 
-// AlwaysAdmit is an implementation of admission.Interface which always says yes to an admit request.
-// It is useful in tests and when using kubernetes in an open manner.
-type AlwaysAdmit struct{}
+// alwaysAdmit is an implementation of admission.Interface which always says yes to an admit request.
+type alwaysAdmit struct{}
 
-var _ admission.MutationInterface = AlwaysAdmit{}
-var _ admission.ValidationInterface = AlwaysAdmit{}
+var _ admission.MutationInterface = alwaysAdmit{}
+var _ admission.ValidationInterface = alwaysAdmit{}
 
 // Admit makes an admission decision based on the request attributes
-func (AlwaysAdmit) Admit(a admission.Attributes) (err error) {
+func (alwaysAdmit) Admit(a admission.Attributes) (err error) {
 	return nil
 }
 
 // Validate makes an admission decision based on the request attributes.  It is NOT allowed to mutate.
-func (AlwaysAdmit) Validate(a admission.Attributes) (err error) {
+func (alwaysAdmit) Validate(a admission.Attributes) (err error) {
 	return nil
 }
 
 // Handles returns true if this admission controller can handle the given operation
 // where operation can be one of CREATE, UPDATE, DELETE, or CONNECT
-func (AlwaysAdmit) Handles(operation admission.Operation) bool {
+func (alwaysAdmit) Handles(operation admission.Operation) bool {
 	return true
 }
 
 // NewAlwaysAdmit creates a new always admit admission handler
-func NewAlwaysAdmit() *AlwaysAdmit {
-	return new(AlwaysAdmit)
+func NewAlwaysAdmit() admission.Interface {
+	// DEPRECATED: AlwaysAdmit admit all admission request, it is no use.
+	glog.Warningf("%s admission controller is deprecated. "+
+		"Please remove this controller from your configuration files and scripts.", PluginName)
+	return new(alwaysAdmit)
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/alwayspullimages/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/alwayspullimages/BUILD
index ab8a3fd14db1..77b5bf7fec2d 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/alwayspullimages/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/alwayspullimages/BUILD
@@ -21,8 +21,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/alwayspullimages",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/alwayspullimages/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/alwayspullimages/admission.go
index c9a90f648a76..3024c98562b5 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/alwayspullimages/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/alwayspullimages/admission.go
@@ -33,9 +33,12 @@ import (
 	api "k8s.io/kubernetes/pkg/apis/core"
 )
 
+// PluginName indicates name of admission plugin.
+const PluginName = "AlwaysPullImages"
+
 // Register registers a plugin
 func Register(plugins *admission.Plugins) {
-	plugins.Register("AlwaysPullImages", func(config io.Reader) (admission.Interface, error) {
+	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
 		return NewAlwaysPullImages(), nil
 	})
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/antiaffinity/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/antiaffinity/BUILD
index c0e381995ab2..105f1c2a37e9 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/antiaffinity/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/antiaffinity/BUILD
@@ -24,8 +24,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/antiaffinity",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/kubelet/apis:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/antiaffinity/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/antiaffinity/admission.go
index bec95b8d8d79..b3376973977f 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/antiaffinity/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/antiaffinity/admission.go
@@ -26,9 +26,11 @@ import (
 	kubeletapis "k8s.io/kubernetes/pkg/kubelet/apis"
 )
 
+const PluginName = "LimitPodHardAntiAffinityTopology"
+
 // Register registers a plugin
 func Register(plugins *admission.Plugins) {
-	plugins.Register("LimitPodHardAntiAffinityTopology", func(config io.Reader) (admission.Interface, error) {
+	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
 		return NewInterPodAntiAffinity(), nil
 	})
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/defaulttolerationseconds/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/defaulttolerationseconds/BUILD
index 00bfbc9d5ddd..35b29f8215b2 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/defaulttolerationseconds/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/defaulttolerationseconds/BUILD
@@ -9,12 +9,11 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/defaulttolerationseconds",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/helper:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
     ],
 )
@@ -26,7 +25,7 @@ go_library(
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/helper:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
     ],
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/defaulttolerationseconds/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/defaulttolerationseconds/admission.go
index 05e170a96b40..41c37511c012 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/defaulttolerationseconds/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/defaulttolerationseconds/admission.go
@@ -25,9 +25,12 @@ import (
 	"k8s.io/apiserver/pkg/admission"
 	api "k8s.io/kubernetes/pkg/apis/core"
 	"k8s.io/kubernetes/pkg/apis/core/helper"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
 )
 
+// PluginName indicates name of admission plugin.
+const PluginName = "DefaultTolerationSeconds"
+
 var (
 	defaultNotReadyTolerationSeconds = flag.Int64("default-not-ready-toleration-seconds", 300,
 		"Indicates the tolerationSeconds of the toleration for notReady:NoExecute"+
@@ -40,7 +43,7 @@ var (
 
 // Register registers a plugin
 func Register(plugins *admission.Plugins) {
-	plugins.Register("DefaultTolerationSeconds", func(config io.Reader) (admission.Interface, error) {
+	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
 		return NewDefaultTolerationSeconds(), nil
 	})
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/deny/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/deny/BUILD
index c5eb8bf5af3d..df2dfbae82eb 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/deny/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/deny/BUILD
@@ -10,14 +10,16 @@ go_library(
     name = "go_default_library",
     srcs = ["admission.go"],
     importpath = "k8s.io/kubernetes/plugin/pkg/admission/deny",
-    deps = ["//vendor/k8s.io/apiserver/pkg/admission:go_default_library"],
+    deps = [
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
+    ],
 )
 
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/deny",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/deny/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/deny/admission.go
index f6f4951bed77..386cb78b1e25 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/deny/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/deny/admission.go
@@ -20,40 +20,47 @@ import (
 	"errors"
 	"io"
 
+	"github.com/golang/glog"
+
 	"k8s.io/apiserver/pkg/admission"
 )
 
+// PluginName indicates name of admission plugin.
+const PluginName = "AlwaysDeny"
+
 // Register registers a plugin
 func Register(plugins *admission.Plugins) {
-	plugins.Register("AlwaysDeny", func(config io.Reader) (admission.Interface, error) {
+	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
 		return NewAlwaysDeny(), nil
 	})
 }
 
-// AlwaysDeny is an implementation of admission.Interface which always says no to an admission request.
-// It is useful in unit tests to force an operation to be forbidden.
-type AlwaysDeny struct{}
+// alwaysDeny is an implementation of admission.Interface which always says no to an admission request.
+type alwaysDeny struct{}
 
-var _ admission.MutationInterface = AlwaysDeny{}
-var _ admission.ValidationInterface = AlwaysDeny{}
+var _ admission.MutationInterface = alwaysDeny{}
+var _ admission.ValidationInterface = alwaysDeny{}
 
 // Admit makes an admission decision based on the request attributes.
-func (AlwaysDeny) Admit(a admission.Attributes) (err error) {
-	return admission.NewForbidden(a, errors.New("Admission control is denying all modifications"))
+func (alwaysDeny) Admit(a admission.Attributes) (err error) {
+	return admission.NewForbidden(a, errors.New("admission control is denying all modifications"))
 }
 
 // Validate makes an admission decision based on the request attributes.  It is NOT allowed to mutate.
-func (AlwaysDeny) Validate(a admission.Attributes) (err error) {
-	return admission.NewForbidden(a, errors.New("Admission control is denying all modifications"))
+func (alwaysDeny) Validate(a admission.Attributes) (err error) {
+	return admission.NewForbidden(a, errors.New("admission control is denying all modifications"))
 }
 
 // Handles returns true if this admission controller can handle the given operation
 // where operation can be one of CREATE, UPDATE, DELETE, or CONNECT
-func (AlwaysDeny) Handles(operation admission.Operation) bool {
+func (alwaysDeny) Handles(operation admission.Operation) bool {
 	return true
 }
 
 // NewAlwaysDeny creates an always deny admission handler
-func NewAlwaysDeny() *AlwaysDeny {
-	return new(AlwaysDeny)
+func NewAlwaysDeny() admission.Interface {
+	// DEPRECATED: AlwaysDeny denys all admission request, it is no use.
+	glog.Warningf("%s admission controller is deprecated. "+
+		"Please remove this controller from your configuration files and scripts.", PluginName)
+	return new(alwaysDeny)
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/BUILD
index 7dbb98cfc80e..c12c5e39d6ef 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/BUILD
@@ -12,8 +12,7 @@ go_test(
         "admission_test.go",
         "cache_test.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/eventratelimit",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//plugin/pkg/admission/eventratelimit/apis/eventratelimit:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/admission.go
index 7e0253196902..a255b5743b4c 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/admission.go
@@ -26,9 +26,12 @@ import (
 	"k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/validation"
 )
 
+// PluginName indicates name of admission plugin.
+const PluginName = "EventRateLimit"
+
 // Register registers a plugin
 func Register(plugins *admission.Plugins) {
-	plugins.Register("EventRateLimit",
+	plugins.Register(PluginName,
 		func(config io.Reader) (admission.Interface, error) {
 			// load the configuration provided (if any)
 			configuration, err := LoadConfiguration(config)
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/v1alpha1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/v1alpha1/zz_generated.conversion.go
index 4f06087d7850..a3874100c769 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/v1alpha1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/v1alpha1/zz_generated.conversion.go
@@ -16,15 +16,16 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	unsafe "unsafe"
+
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	eventratelimit "k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/v1alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/v1alpha1/zz_generated.deepcopy.go
index 38307fe61321..3bc52968ffeb 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/v1alpha1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/v1alpha1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1alpha1
 
@@ -50,9 +50,8 @@ func (in *Configuration) DeepCopy() *Configuration {
 func (in *Configuration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/v1alpha1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/v1alpha1/zz_generated.defaults.go
index 35985182f5c5..5392d21f884b 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/v1alpha1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/v1alpha1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/validation/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/validation/BUILD
index 1a272b783210..024bf8332072 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/validation/BUILD
@@ -32,7 +32,6 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//plugin/pkg/admission/eventratelimit/apis/eventratelimit:go_default_library"],
 )
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/zz_generated.deepcopy.go
index 91ebbcca1b85..f539919edacb 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/eventratelimit/apis/eventratelimit/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package eventratelimit
 
@@ -50,9 +50,8 @@ func (in *Configuration) DeepCopy() *Configuration {
 func (in *Configuration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/exec/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/exec/BUILD
index 61fe91099546..7f11b0cf1037 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/exec/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/exec/BUILD
@@ -24,8 +24,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/exec",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/fake:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/exec/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/exec/admission.go
index 456d47e07e79..e16297136aad 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/exec/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/exec/admission.go
@@ -29,15 +29,23 @@ import (
 	kubeapiserveradmission "k8s.io/kubernetes/pkg/kubeapiserver/admission"
 )
 
+const (
+	// DenyEscalatingExec indicates name of admission plugin.
+	DenyEscalatingExec = "DenyEscalatingExec"
+	// DenyExecOnPrivileged indicates name of admission plugin.
+	// Deprecated, should use DenyEscalatingExec instead.
+	DenyExecOnPrivileged = "DenyExecOnPrivileged"
+)
+
 // Register registers a plugin
 func Register(plugins *admission.Plugins) {
-	plugins.Register("DenyEscalatingExec", func(config io.Reader) (admission.Interface, error) {
+	plugins.Register(DenyEscalatingExec, func(config io.Reader) (admission.Interface, error) {
 		return NewDenyEscalatingExec(), nil
 	})
 
 	// This is for legacy support of the DenyExecOnPrivileged admission controller.  Most
 	// of the time DenyEscalatingExec should be preferred.
-	plugins.Register("DenyExecOnPrivileged", func(config io.Reader) (admission.Interface, error) {
+	plugins.Register(DenyExecOnPrivileged, func(config io.Reader) (admission.Interface, error) {
 		return NewDenyExecOnPrivileged(), nil
 	})
 }
@@ -49,9 +57,10 @@ type DenyExec struct {
 	client internalclientset.Interface
 
 	// these flags control which items will be checked to deny exec/attach
-	hostIPC    bool
-	hostPID    bool
-	privileged bool
+	hostNetwork bool
+	hostIPC     bool
+	hostPID     bool
+	privileged  bool
 }
 
 var _ admission.ValidationInterface = &DenyExec{}
@@ -62,22 +71,24 @@ var _ = kubeapiserveradmission.WantsInternalKubeClientSet(&DenyExec{})
 // using host based configurations.
 func NewDenyEscalatingExec() *DenyExec {
 	return &DenyExec{
-		Handler:    admission.NewHandler(admission.Connect),
-		hostIPC:    true,
-		hostPID:    true,
-		privileged: true,
+		Handler:     admission.NewHandler(admission.Connect),
+		hostNetwork: true,
+		hostIPC:     true,
+		hostPID:     true,
+		privileged:  true,
 	}
 }
 
 // NewDenyExecOnPrivileged creates a new admission controller that is only checking the privileged
-// option.  This is for legacy support of the DenyExecOnPrivileged admission controller.  Most
-// of the time NewDenyEscalatingExec should be preferred.
+// option. This is for legacy support of the DenyExecOnPrivileged admission controller.
+// Most of the time NewDenyEscalatingExec should be preferred.
 func NewDenyExecOnPrivileged() *DenyExec {
 	return &DenyExec{
-		Handler:    admission.NewHandler(admission.Connect),
-		hostIPC:    false,
-		hostPID:    false,
-		privileged: true,
+		Handler:     admission.NewHandler(admission.Connect),
+		hostNetwork: false,
+		hostIPC:     false,
+		hostPID:     false,
+		privileged:  true,
 	}
 }
 
@@ -96,12 +107,19 @@ func (d *DenyExec) Validate(a admission.Attributes) (err error) {
 		return admission.NewForbidden(a, err)
 	}
 
-	if d.hostPID && pod.Spec.SecurityContext != nil && pod.Spec.SecurityContext.HostPID {
-		return admission.NewForbidden(a, fmt.Errorf("cannot exec into or attach to a container using host pid"))
-	}
+	if pod.Spec.SecurityContext != nil {
+		securityContext := pod.Spec.SecurityContext
+		if d.hostNetwork && securityContext.HostNetwork {
+			return admission.NewForbidden(a, fmt.Errorf("cannot exec into or attach to a container using host network"))
+		}
 
-	if d.hostIPC && pod.Spec.SecurityContext != nil && pod.Spec.SecurityContext.HostIPC {
-		return admission.NewForbidden(a, fmt.Errorf("cannot exec into or attach to a container using host ipc"))
+		if d.hostPID && securityContext.HostPID {
+			return admission.NewForbidden(a, fmt.Errorf("cannot exec into or attach to a container using host pid"))
+		}
+
+		if d.hostIPC && securityContext.HostIPC {
+			return admission.NewForbidden(a, fmt.Errorf("cannot exec into or attach to a container using host ipc"))
+		}
 	}
 
 	if d.privileged && isPrivileged(pod) {
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/extendedresourcetoleration/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/extendedresourcetoleration/BUILD
index 882b966cd7bc..b72e1cec2850 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/extendedresourcetoleration/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/extendedresourcetoleration/BUILD
@@ -17,8 +17,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/extendedresourcetoleration",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/helper:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/extendedresourcetoleration/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/extendedresourcetoleration/admission.go
index 410c18160bc8..207922a4787c 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/extendedresourcetoleration/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/extendedresourcetoleration/admission.go
@@ -27,9 +27,12 @@ import (
 	"k8s.io/kubernetes/pkg/apis/core/helper"
 )
 
+// PluginName indicates name of admission plugin.
+const PluginName = "ExtendedResourceToleration"
+
 // Register is called by the apiserver to register the plugin factory.
 func Register(plugins *admission.Plugins) {
-	plugins.Register("ExtendedResourceToleration", func(config io.Reader) (admission.Interface, error) {
+	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
 		return newExtendedResourceToleration(), nil
 	})
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/gc/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/gc/BUILD
index e4d316030fe2..2573403a464e 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/gc/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/gc/BUILD
@@ -25,8 +25,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["gc_admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/gc",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/gc/gc_admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/gc/gc_admission.go
index 7acd5cf48fdb..ac8af441703e 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/gc/gc_admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/gc/gc_admission.go
@@ -30,9 +30,12 @@ import (
 	"k8s.io/apiserver/pkg/authorization/authorizer"
 )
 
+// PluginName indicates name of admission plugin.
+const PluginName = "OwnerReferencesPermissionEnforcement"
+
 // Register registers a plugin
 func Register(plugins *admission.Plugins) {
-	plugins.Register("OwnerReferencesPermissionEnforcement", func(config io.Reader) (admission.Interface, error) {
+	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
 		// the pods/status endpoint is ignored by this plugin since old kubelets
 		// corrupt them.  the pod status strategy ensures status updates cannot mutate
 		// ownerRef.
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/imagepolicy/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/imagepolicy/BUILD
index 9ea88c749b9f..77a4a21cbfe9 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/imagepolicy/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/imagepolicy/BUILD
@@ -37,8 +37,7 @@ go_test(
         "certs_test.go",
         "config_test.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/imagepolicy",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/imagepolicy/install:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/imagepolicy/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/imagepolicy/admission.go
index 6a0e21e6f582..3a3701cf4e11 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/imagepolicy/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/imagepolicy/admission.go
@@ -43,13 +43,16 @@ import (
 	_ "k8s.io/kubernetes/pkg/apis/imagepolicy/install"
 )
 
+// PluginName indicates name of admission plugin.
+const PluginName = "ImagePolicyWebhook"
+
 var (
 	groupVersions = []schema.GroupVersion{v1alpha1.SchemeGroupVersion}
 )
 
 // Register registers a plugin
 func Register(plugins *admission.Plugins) {
-	plugins.Register("ImagePolicyWebhook", func(config io.Reader) (admission.Interface, error) {
+	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
 		newImagePolicyWebhook, err := NewImagePolicyWebhook(config)
 		if err != nil {
 			return nil, err
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/initialresources/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/initialresources/BUILD
index a10961168a1c..243409ddb54b 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/initialresources/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/initialresources/BUILD
@@ -43,8 +43,7 @@ go_test(
         "hawkular_test.go",
         "influxdb_test.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/initialresources",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/github.com/stretchr/testify/require:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/initialresources/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/initialresources/admission.go
index 360885091aa8..4f1c9ecfa6ef 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/initialresources/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/initialresources/admission.go
@@ -42,12 +42,14 @@ const (
 	samplesThreshold           = 30
 	week                       = 7 * 24 * time.Hour
 	month                      = 30 * 24 * time.Hour
+	// PluginName indicates name of admission plugin.
+	PluginName = "InitialResources"
 )
 
 // Register registers a plugin
 // WARNING: this feature is experimental and will definitely change.
 func Register(plugins *admission.Plugins) {
-	plugins.Register("InitialResources", func(config io.Reader) (admission.Interface, error) {
+	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
 		// TODO: remove the usage of flags in favor of reading versioned configuration
 		s, err := newDataSource(*source)
 		if err != nil {
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/limitranger/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/limitranger/BUILD
index f858867d3a6a..890223bdab77 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/limitranger/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/limitranger/BUILD
@@ -33,8 +33,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/limitranger",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/client/clientset_generated/internalclientset:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/limitranger/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/limitranger/admission.go
index 73336b7f56d7..3659cbb7380e 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/limitranger/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/limitranger/admission.go
@@ -41,11 +41,13 @@ import (
 
 const (
 	limitRangerAnnotation = "kubernetes.io/limit-ranger"
+	// PluginName indicates name of admission plugin.
+	PluginName = "LimitRanger"
 )
 
 // Register registers a plugin
 func Register(plugins *admission.Plugins) {
-	plugins.Register("LimitRanger", func(config io.Reader) (admission.Interface, error) {
+	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
 		return NewLimitRanger(&DefaultLimitRangerActions{})
 	})
 }
@@ -113,6 +115,18 @@ func (l *LimitRanger) runLimitFunc(a admission.Attributes, limitFn func(limitRan
 		}
 	}
 
+	// ignore all objects marked for deletion
+	oldObj := a.GetOldObject()
+	if oldObj != nil {
+		oldAccessor, err := meta.Accessor(oldObj)
+		if err != nil {
+			return admission.NewForbidden(a, err)
+		}
+		if oldAccessor.GetDeletionTimestamp() != nil {
+			return nil
+		}
+	}
+
 	items, err := l.GetLimitRanges(a)
 	if err != nil {
 		return err
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/autoprovision/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/autoprovision/BUILD
index 649aa56785b8..adbcfd5c0952 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/autoprovision/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/autoprovision/BUILD
@@ -25,8 +25,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/namespace/autoprovision",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/client/clientset_generated/internalclientset:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/autoprovision/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/autoprovision/admission.go
index 51e113af00e7..c87a1aac2b8a 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/autoprovision/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/autoprovision/admission.go
@@ -30,9 +30,12 @@ import (
 	kubeapiserveradmission "k8s.io/kubernetes/pkg/kubeapiserver/admission"
 )
 
+// PluginName indicates name of admission plugin.
+const PluginName = "NamespaceAutoProvision"
+
 // Register registers a plugin
 func Register(plugins *admission.Plugins) {
-	plugins.Register("NamespaceAutoProvision", func(config io.Reader) (admission.Interface, error) {
+	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
 		return NewProvision(), nil
 	})
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/exists/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/exists/BUILD
index 8da3f51b78fd..98191c5660fe 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/exists/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/exists/BUILD
@@ -25,8 +25,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/namespace/exists",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/client/clientset_generated/internalclientset:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/exists/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/exists/admission.go
index 51307482245e..5c698afc16f4 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/exists/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/exists/admission.go
@@ -30,9 +30,12 @@ import (
 	kubeapiserveradmission "k8s.io/kubernetes/pkg/kubeapiserver/admission"
 )
 
+// PluginName indicates name of admission plugin.
+const PluginName = "NamespaceExists"
+
 // Register registers a plugin
 func Register(plugins *admission.Plugins) {
-	plugins.Register("NamespaceExists", func(config io.Reader) (admission.Interface, error) {
+	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
 		return NewExists(), nil
 	})
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/noderestriction/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/noderestriction/BUILD
index 8d2777ea41f2..4e83ee515782 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/noderestriction/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/noderestriction/BUILD
@@ -12,6 +12,7 @@ go_library(
     importpath = "k8s.io/kubernetes/plugin/pkg/admission/noderestriction",
     deps = [
         "//pkg/api/pod:go_default_library",
+        "//pkg/apis/authentication:go_default_library",
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/policy:go_default_library",
         "//pkg/auth/nodeidentifier:go_default_library",
@@ -31,17 +32,20 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/noderestriction",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
+        "//pkg/apis/authentication:go_default_library",
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/policy:go_default_library",
         "//pkg/auth/nodeidentifier:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/fake:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/typed/core/internalversion:go_default_library",
+        "//pkg/features:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/noderestriction/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/noderestriction/admission.go
index d958dad3762b..333506e66579 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/noderestriction/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/noderestriction/admission.go
@@ -27,6 +27,7 @@ import (
 	"k8s.io/apiserver/pkg/admission"
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	podutil "k8s.io/kubernetes/pkg/api/pod"
+	authenticationapi "k8s.io/kubernetes/pkg/apis/authentication"
 	api "k8s.io/kubernetes/pkg/apis/core"
 	"k8s.io/kubernetes/pkg/apis/policy"
 	"k8s.io/kubernetes/pkg/auth/nodeidentifier"
@@ -53,6 +54,7 @@ func NewPlugin(nodeIdentifier nodeidentifier.NodeIdentifier) *nodePlugin {
 	return &nodePlugin{
 		Handler:        admission.NewHandler(admission.Create, admission.Update, admission.Delete),
 		nodeIdentifier: nodeIdentifier,
+		features:       utilfeature.DefaultFeatureGate,
 	}
 }
 
@@ -61,6 +63,8 @@ type nodePlugin struct {
 	*admission.Handler
 	nodeIdentifier nodeidentifier.NodeIdentifier
 	podsGetter     coreinternalversion.PodsGetter
+	// allows overriding for testing
+	features utilfeature.FeatureGate
 }
 
 var (
@@ -83,9 +87,10 @@ func (p *nodePlugin) ValidateInitialization() error {
 }
 
 var (
-	podResource  = api.Resource("pods")
-	nodeResource = api.Resource("nodes")
-	pvcResource  = api.Resource("persistentvolumeclaims")
+	podResource     = api.Resource("pods")
+	nodeResource    = api.Resource("nodes")
+	pvcResource     = api.Resource("persistentvolumeclaims")
+	svcacctResource = api.Resource("serviceaccounts")
 )
 
 func (c *nodePlugin) Admit(a admission.Attributes) error {
@@ -125,6 +130,12 @@ func (c *nodePlugin) Admit(a admission.Attributes) error {
 			return admission.NewForbidden(a, fmt.Errorf("may only update PVC status"))
 		}
 
+	case svcacctResource:
+		if c.features.Enabled(features.TokenRequest) {
+			return c.admitServiceAccount(nodeName, a)
+		}
+		return nil
+
 	default:
 		return nil
 	}
@@ -256,7 +267,7 @@ func (c *nodePlugin) admitPodEviction(nodeName string, a admission.Attributes) e
 func (c *nodePlugin) admitPVCStatus(nodeName string, a admission.Attributes) error {
 	switch a.GetOperation() {
 	case admission.Update:
-		if !utilfeature.DefaultFeatureGate.Enabled(features.ExpandPersistentVolumes) {
+		if !c.features.Enabled(features.ExpandPersistentVolumes) {
 			return admission.NewForbidden(a, fmt.Errorf("node %q may not update persistentvolumeclaim metadata", nodeName))
 		}
 
@@ -340,3 +351,44 @@ func (c *nodePlugin) admitNode(nodeName string, a admission.Attributes) error {
 
 	return nil
 }
+
+func (c *nodePlugin) admitServiceAccount(nodeName string, a admission.Attributes) error {
+	if a.GetOperation() != admission.Create {
+		return nil
+	}
+	if a.GetSubresource() != "token" {
+		return nil
+	}
+	tr, ok := a.GetObject().(*authenticationapi.TokenRequest)
+	if !ok {
+		return admission.NewForbidden(a, fmt.Errorf("unexpected type %T", a.GetObject()))
+	}
+
+	// TokenRequests from a node must have a pod binding. That pod must be
+	// scheduled on the node.
+	ref := tr.Spec.BoundObjectRef
+	if ref == nil ||
+		ref.APIVersion != "v1" ||
+		ref.Kind != "Pod" ||
+		ref.Name == "" {
+		return admission.NewForbidden(a, fmt.Errorf("node requested token not bound to a pod"))
+	}
+	if ref.UID == "" {
+		return admission.NewForbidden(a, fmt.Errorf("node requested token with a pod binding without a uid"))
+	}
+	pod, err := c.podsGetter.Pods(a.GetNamespace()).Get(ref.Name, v1.GetOptions{})
+	if errors.IsNotFound(err) {
+		return err
+	}
+	if err != nil {
+		return admission.NewForbidden(a, err)
+	}
+	if ref.UID != pod.UID {
+		return admission.NewForbidden(a, fmt.Errorf("the UID in the bound object reference (%s) does not match the UID in record (%s). The object might have been deleted and then recreated", ref.UID, pod.UID))
+	}
+	if pod.Spec.NodeName != nodeName {
+		return admission.NewForbidden(a, fmt.Errorf("node requested token bound to a pod scheduled on a different node"))
+	}
+
+	return nil
+}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/label/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/label/BUILD
index b88f19f863e0..7a0e4da71569 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/label/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/label/BUILD
@@ -29,8 +29,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/label",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/cloudprovider/providers/aws:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/label/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/label/admission.go
index 86e1921fcd90..819adae192c9 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/label/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/label/admission.go
@@ -33,9 +33,11 @@ import (
 	vol "k8s.io/kubernetes/pkg/volume"
 )
 
+const PluginName = "PersistentVolumeLabel"
+
 // Register registers a plugin
 func Register(plugins *admission.Plugins) {
-	plugins.Register("PersistentVolumeLabel", func(config io.Reader) (admission.Interface, error) {
+	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
 		persistentVolumeLabelAdmission := NewPersistentVolumeLabel()
 		return persistentVolumeLabelAdmission, nil
 	})
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/resize/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/resize/BUILD
index 90a12f1331c8..fab03d04f028 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/resize/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/resize/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/resize",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/storage:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/resize/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/resize/admission.go
index 9909f5f3fb7d..3d04ae812dd8 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/resize/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolume/resize/admission.go
@@ -161,5 +161,8 @@ func (pvcr *persistentVolumeClaimResize) checkVolumePlugin(pv *api.PersistentVol
 		return true
 	}
 
+	if pv.Spec.AzureFile != nil {
+		return true
+	}
 	return false
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolumeclaim/pvcprotection/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolumeclaim/pvcprotection/admission.go
deleted file mode 100644
index 218bca4b829c..000000000000
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolumeclaim/pvcprotection/admission.go
+++ /dev/null
@@ -1,111 +0,0 @@
-/*
-Copyright 2017 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package pvcprotection
-
-import (
-	"fmt"
-	"io"
-
-	"github.com/golang/glog"
-
-	admission "k8s.io/apiserver/pkg/admission"
-	"k8s.io/apiserver/pkg/util/feature"
-	api "k8s.io/kubernetes/pkg/apis/core"
-	informers "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion"
-	corelisters "k8s.io/kubernetes/pkg/client/listers/core/internalversion"
-	"k8s.io/kubernetes/pkg/features"
-	kubeapiserveradmission "k8s.io/kubernetes/pkg/kubeapiserver/admission"
-	volumeutil "k8s.io/kubernetes/pkg/volume/util"
-)
-
-const (
-	// PluginName is the name of this admission controller plugin
-	PluginName = "PVCProtection"
-)
-
-// Register registers a plugin
-func Register(plugins *admission.Plugins) {
-	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
-		plugin := newPlugin()
-		return plugin, nil
-	})
-}
-
-// pvcProtectionPlugin holds state for and implements the admission plugin.
-type pvcProtectionPlugin struct {
-	*admission.Handler
-	lister corelisters.PersistentVolumeClaimLister
-}
-
-var _ admission.Interface = &pvcProtectionPlugin{}
-var _ = kubeapiserveradmission.WantsInternalKubeInformerFactory(&pvcProtectionPlugin{})
-
-// newPlugin creates a new admission plugin.
-func newPlugin() *pvcProtectionPlugin {
-	return &pvcProtectionPlugin{
-		Handler: admission.NewHandler(admission.Create),
-	}
-}
-
-func (c *pvcProtectionPlugin) SetInternalKubeInformerFactory(f informers.SharedInformerFactory) {
-	informer := f.Core().InternalVersion().PersistentVolumeClaims()
-	c.lister = informer.Lister()
-	c.SetReadyFunc(informer.Informer().HasSynced)
-}
-
-// ValidateInitialization ensures lister is set.
-func (c *pvcProtectionPlugin) ValidateInitialization() error {
-	if c.lister == nil {
-		return fmt.Errorf("missing lister")
-	}
-	return nil
-}
-
-// Admit sets finalizer on all PVCs. The finalizer is removed by
-// PVCProtectionController when it's not referenced by any pod.
-//
-// This prevents users from deleting a PVC that's used by a running pod.
-func (c *pvcProtectionPlugin) Admit(a admission.Attributes) error {
-	if !feature.DefaultFeatureGate.Enabled(features.PVCProtection) {
-		return nil
-	}
-
-	if a.GetResource().GroupResource() != api.Resource("persistentvolumeclaims") {
-		return nil
-	}
-
-	if len(a.GetSubresource()) != 0 {
-		return nil
-	}
-
-	pvc, ok := a.GetObject().(*api.PersistentVolumeClaim)
-	// if we can't convert then we don't handle this object so just return
-	if !ok {
-		return nil
-	}
-
-	for _, f := range pvc.Finalizers {
-		if f == volumeutil.PVCProtectionFinalizer {
-			// Finalizer is already present, nothing to do
-			return nil
-		}
-	}
-
-	glog.V(4).Infof("adding PVC protection finalizer to %s/%s", pvc.Namespace, pvc.Name)
-	pvc.Finalizers = append(pvc.Finalizers, volumeutil.PVCProtectionFinalizer)
-	return nil
-}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podnodeselector/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podnodeselector/BUILD
index f0c03fb8c717..7ab07f5b288a 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podnodeselector/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podnodeselector/BUILD
@@ -29,8 +29,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/podnodeselector",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/client/clientset_generated/internalclientset:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podnodeselector/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podnodeselector/admission.go
index 84bb1d6ef146..3e06fec3a5bb 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podnodeselector/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podnodeselector/admission.go
@@ -40,9 +40,11 @@ import (
 // node selectors labels to namespaces
 var NamespaceNodeSelectors = []string{"scheduler.alpha.kubernetes.io/node-selector"}
 
+const PluginName = "PodNodeSelector"
+
 // Register registers a plugin
 func Register(plugins *admission.Plugins) {
-	plugins.Register("PodNodeSelector", func(config io.Reader) (admission.Interface, error) {
+	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
 		// TODO move this to a versioned configuration file format.
 		pluginConfig := readConfig(config)
 		plugin := NewPodNodeSelector(pluginConfig.PodNodeSelectorPluginConfig)
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podpreset/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podpreset/BUILD
index ca7376afd716..5ced8cecf8ec 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podpreset/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podpreset/BUILD
@@ -9,8 +9,7 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/podpreset",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/settings:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podpreset/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podpreset/admission.go
index 30752a2666c4..5c5df6579c84 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podpreset/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podpreset/admission.go
@@ -41,12 +41,12 @@ import (
 
 const (
 	annotationPrefix = "podpreset.admission.kubernetes.io"
-	pluginName       = "PodPreset"
+	PluginName       = "PodPreset"
 )
 
 // Register registers a plugin
 func Register(plugins *admission.Plugins) {
-	plugins.Register(pluginName, func(config io.Reader) (admission.Interface, error) {
+	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
 		return NewPlugin(), nil
 	})
 }
@@ -72,10 +72,10 @@ func NewPlugin() *podPresetPlugin {
 
 func (plugin *podPresetPlugin) ValidateInitialization() error {
 	if plugin.client == nil {
-		return fmt.Errorf("%s requires a client", pluginName)
+		return fmt.Errorf("%s requires a client", PluginName)
 	}
 	if plugin.lister == nil {
-		return fmt.Errorf("%s requires a lister", pluginName)
+		return fmt.Errorf("%s requires a lister", PluginName)
 	}
 	return nil
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/BUILD
index d3af4b936c48..f4625122b311 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/BUILD
@@ -9,17 +9,16 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/client/clientset_generated/internalclientset:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/fake:go_default_library",
         "//pkg/client/informers/informers_generated/internalversion:go_default_library",
         "//pkg/kubeapiserver/admission:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
         "//pkg/util/tolerations:go_default_library",
         "//plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
@@ -43,12 +42,12 @@ go_library(
         "//pkg/client/listers/core/internalversion:go_default_library",
         "//pkg/kubeapiserver/admission:go_default_library",
         "//pkg/kubeapiserver/admission/util:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
         "//pkg/util/tolerations:go_default_library",
         "//plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction:go_default_library",
         "//plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/install:go_default_library",
         "//plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/v1alpha1:go_default_library",
         "//plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/validation:go_default_library",
-        "//plugin/pkg/scheduler/algorithm:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/admission.go
index 14ff93f221e5..d7fe1b829669 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/admission.go
@@ -35,14 +35,16 @@ import (
 	corelisters "k8s.io/kubernetes/pkg/client/listers/core/internalversion"
 	kubeapiserveradmission "k8s.io/kubernetes/pkg/kubeapiserver/admission"
 	"k8s.io/kubernetes/pkg/kubeapiserver/admission/util"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
 	"k8s.io/kubernetes/pkg/util/tolerations"
 	pluginapi "k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/algorithm"
 )
 
+const PluginName = "PodTolerationRestriction"
+
 // Register registers a plugin
 func Register(plugins *admission.Plugins) {
-	plugins.Register("PodTolerationRestriction", func(config io.Reader) (admission.Interface, error) {
+	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
 		pluginConfig, err := loadConfiguration(config)
 		if err != nil {
 			return nil, err
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/v1alpha1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/v1alpha1/zz_generated.conversion.go
index 7dfc7b0d9932..edb4d01483df 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/v1alpha1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/v1alpha1/zz_generated.conversion.go
@@ -16,17 +16,18 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	unsafe "unsafe"
+
 	v1 "k8s.io/api/core/v1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	core "k8s.io/kubernetes/pkg/apis/core"
 	podtolerationrestriction "k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/v1alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/v1alpha1/zz_generated.deepcopy.go
index 71857b1199a1..6e7a745b2a52 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/v1alpha1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/v1alpha1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1alpha1
 
@@ -60,7 +60,6 @@ func (in *Configuration) DeepCopy() *Configuration {
 func (in *Configuration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/v1alpha1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/v1alpha1/zz_generated.defaults.go
index 5e24d22cacd1..2bd0078a37ef 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/v1alpha1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/v1alpha1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/validation/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/validation/BUILD
index 42a0a1328b9a..80fa728abdad 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/validation/BUILD
@@ -33,8 +33,7 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/zz_generated.deepcopy.go
index 9f45f4afb3f7..00934c85f39f 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/podtolerationrestriction/apis/podtolerationrestriction/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package podtolerationrestriction
 
@@ -60,7 +60,6 @@ func (in *Configuration) DeepCopy() *Configuration {
 func (in *Configuration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/priority/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/priority/BUILD
index db47cedb0274..3f9959806f40 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/priority/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/priority/BUILD
@@ -9,14 +9,14 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/priority",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/scheduling:go_default_library",
         "//pkg/client/informers/informers_generated/internalversion:go_default_library",
         "//pkg/controller:go_default_library",
         "//pkg/features:go_default_library",
+        "//pkg/scheduler/api:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
@@ -36,6 +36,8 @@ go_library(
         "//pkg/client/listers/scheduling/internalversion:go_default_library",
         "//pkg/features:go_default_library",
         "//pkg/kubeapiserver/admission:go_default_library",
+        "//pkg/kubelet/types:go_default_library",
+        "//pkg/scheduler/api:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/priority/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/priority/admission.go
index 5e3d5ceb770a..2c7e22242cb1 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/priority/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/priority/admission.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package admission
+package priority
 
 import (
 	"fmt"
@@ -31,69 +31,59 @@ import (
 	schedulinglisters "k8s.io/kubernetes/pkg/client/listers/scheduling/internalversion"
 	"k8s.io/kubernetes/pkg/features"
 	kubeapiserveradmission "k8s.io/kubernetes/pkg/kubeapiserver/admission"
+	kubelettypes "k8s.io/kubernetes/pkg/kubelet/types"
+	schedulerapi "k8s.io/kubernetes/pkg/scheduler/api"
 )
 
 const (
-	pluginName = "Priority"
-
-	// HighestUserDefinablePriority is the highest priority for user defined priority classes. Priority values larger than 1 billion are reserved for Kubernetes system use.
-	HighestUserDefinablePriority = 1000000000
-	// SystemCriticalPriority is the beginning of the range of priority values for critical system components.
-	SystemCriticalPriority = 2 * HighestUserDefinablePriority
+	// PluginName indicates name of admission plugin.
+	PluginName = "Priority"
 )
 
-// SystemPriorityClasses defines special priority classes which are used by system critical pods that should not be preempted by workload pods.
-var SystemPriorityClasses = map[string]int32{
-	"system-cluster-critical": SystemCriticalPriority,
-	"system-node-critical":    SystemCriticalPriority + 1000,
-}
-
 // Register registers a plugin
 func Register(plugins *admission.Plugins) {
-	plugins.Register(pluginName, func(config io.Reader) (admission.Interface, error) {
-		return NewPlugin(), nil
+	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
+		return newPlugin(), nil
 	})
 }
 
-// PriorityPlugin is an implementation of admission.Interface.
-type PriorityPlugin struct {
+// priorityPlugin is an implementation of admission.Interface.
+type priorityPlugin struct {
 	*admission.Handler
 	client internalclientset.Interface
 	lister schedulinglisters.PriorityClassLister
-	// globalDefaultPriority caches the value of global default priority class.
-	globalDefaultPriority *int32
 }
 
-var _ admission.MutationInterface = &PriorityPlugin{}
-var _ admission.ValidationInterface = &PriorityPlugin{}
-var _ = kubeapiserveradmission.WantsInternalKubeInformerFactory(&PriorityPlugin{})
-var _ = kubeapiserveradmission.WantsInternalKubeClientSet(&PriorityPlugin{})
+var _ admission.MutationInterface = &priorityPlugin{}
+var _ admission.ValidationInterface = &priorityPlugin{}
+var _ = kubeapiserveradmission.WantsInternalKubeInformerFactory(&priorityPlugin{})
+var _ = kubeapiserveradmission.WantsInternalKubeClientSet(&priorityPlugin{})
 
 // NewPlugin creates a new priority admission plugin.
-func NewPlugin() *PriorityPlugin {
-	return &PriorityPlugin{
+func newPlugin() *priorityPlugin {
+	return &priorityPlugin{
 		Handler: admission.NewHandler(admission.Create, admission.Update, admission.Delete),
 	}
 }
 
 // ValidateInitialization implements the InitializationValidator interface.
-func (p *PriorityPlugin) ValidateInitialization() error {
+func (p *priorityPlugin) ValidateInitialization() error {
 	if p.client == nil {
-		return fmt.Errorf("%s requires a client", pluginName)
+		return fmt.Errorf("%s requires a client", PluginName)
 	}
 	if p.lister == nil {
-		return fmt.Errorf("%s requires a lister", pluginName)
+		return fmt.Errorf("%s requires a lister", PluginName)
 	}
 	return nil
 }
 
 // SetInternalKubeClientSet implements the WantsInternalKubeClientSet interface.
-func (p *PriorityPlugin) SetInternalKubeClientSet(client internalclientset.Interface) {
+func (p *priorityPlugin) SetInternalKubeClientSet(client internalclientset.Interface) {
 	p.client = client
 }
 
 // SetInternalKubeInformerFactory implements the WantsInternalKubeInformerFactory interface.
-func (p *PriorityPlugin) SetInternalKubeInformerFactory(f informers.SharedInformerFactory) {
+func (p *priorityPlugin) SetInternalKubeInformerFactory(f informers.SharedInformerFactory) {
 	priorityInformer := f.Scheduling().InternalVersion().PriorityClasses()
 	p.lister = priorityInformer.Lister()
 	p.SetReadyFunc(priorityInformer.Informer().HasSynced)
@@ -106,7 +96,7 @@ var (
 
 // Admit checks Pods and admits or rejects them. It also resolves the priority of pods based on their PriorityClass.
 // Note that pod validation mechanism prevents update of a pod priority.
-func (p *PriorityPlugin) Admit(a admission.Attributes) error {
+func (p *priorityPlugin) Admit(a admission.Attributes) error {
 	operation := a.GetOperation()
 	// Ignore all calls to subresources
 	if len(a.GetSubresource()) != 0 {
@@ -126,7 +116,7 @@ func (p *PriorityPlugin) Admit(a admission.Attributes) error {
 }
 
 // Validate checks PriorityClasses and admits or rejects them.
-func (p *PriorityPlugin) Validate(a admission.Attributes) error {
+func (p *priorityPlugin) Validate(a admission.Attributes) error {
 	operation := a.GetOperation()
 	// Ignore all calls to subresources
 	if len(a.GetSubresource()) != 0 {
@@ -138,10 +128,6 @@ func (p *PriorityPlugin) Validate(a admission.Attributes) error {
 		if operation == admission.Create || operation == admission.Update {
 			return p.validatePriorityClass(a)
 		}
-		if operation == admission.Delete {
-			p.invalidateCachedDefaultPriority()
-			return nil
-		}
 		return nil
 
 	default:
@@ -150,7 +136,7 @@ func (p *PriorityPlugin) Validate(a admission.Attributes) error {
 }
 
 // admitPod makes sure a new pod does not set spec.Priority field. It also makes sure that the PriorityClassName exists if it is provided and resolves the pod priority from the PriorityClassName.
-func (p *PriorityPlugin) admitPod(a admission.Attributes) error {
+func (p *priorityPlugin) admitPod(a admission.Attributes) error {
 	operation := a.GetOperation()
 	pod, ok := a.GetObject().(*api.Pod)
 	if !ok {
@@ -163,6 +149,13 @@ func (p *PriorityPlugin) admitPod(a admission.Attributes) error {
 	}
 	if utilfeature.DefaultFeatureGate.Enabled(features.PodPriority) {
 		var priority int32
+		// TODO: @ravig - This is for backwards compatibility to ensure that critical pods with annotations just work fine.
+		// Remove when no longer needed.
+		if len(pod.Spec.PriorityClassName) == 0 &&
+			utilfeature.DefaultFeatureGate.Enabled(features.ExperimentalCriticalPodAnnotation) &&
+			kubelettypes.IsCritical(a.GetNamespace(), pod.Annotations) {
+			pod.Spec.PriorityClassName = schedulerapi.SystemClusterCritical
+		}
 		if len(pod.Spec.PriorityClassName) == 0 {
 			var err error
 			priority, err = p.getDefaultPriority()
@@ -171,16 +164,19 @@ func (p *PriorityPlugin) admitPod(a admission.Attributes) error {
 			}
 		} else {
 			// First try to resolve by system priority classes.
-			priority, ok = SystemPriorityClasses[pod.Spec.PriorityClassName]
+			priority, ok = schedulerapi.SystemPriorityClasses[pod.Spec.PriorityClassName]
 			if !ok {
 				// Now that we didn't find any system priority, try resolving by user defined priority classes.
 				pc, err := p.lister.Get(pod.Spec.PriorityClassName)
+
 				if err != nil {
-					return fmt.Errorf("failed to get default priority class %s: %v", pod.Spec.PriorityClassName, err)
-				}
-				if pc == nil {
-					return admission.NewForbidden(a, fmt.Errorf("no PriorityClass with name %v was found", pod.Spec.PriorityClassName))
+					if errors.IsNotFound(err) {
+						return admission.NewForbidden(a, fmt.Errorf("no PriorityClass with name %v was found", pod.Spec.PriorityClassName))
+					}
+
+					return fmt.Errorf("failed to get PriorityClass with name %s: %v", pod.Spec.PriorityClassName, err)
 				}
+
 				priority = pc.Value
 			}
 		}
@@ -190,16 +186,16 @@ func (p *PriorityPlugin) admitPod(a admission.Attributes) error {
 }
 
 // validatePriorityClass ensures that the value field is not larger than the highest user definable priority. If the GlobalDefault is set, it ensures that there is no other PriorityClass whose GlobalDefault is set.
-func (p *PriorityPlugin) validatePriorityClass(a admission.Attributes) error {
+func (p *priorityPlugin) validatePriorityClass(a admission.Attributes) error {
 	operation := a.GetOperation()
 	pc, ok := a.GetObject().(*scheduling.PriorityClass)
 	if !ok {
 		return errors.NewBadRequest("resource was marked with kind PriorityClass but was unable to be converted")
 	}
-	if pc.Value > HighestUserDefinablePriority {
-		return admission.NewForbidden(a, fmt.Errorf("maximum allowed value of a user defined priority is %v", HighestUserDefinablePriority))
+	if pc.Value > schedulerapi.HighestUserDefinablePriority {
+		return admission.NewForbidden(a, fmt.Errorf("maximum allowed value of a user defined priority is %v", schedulerapi.HighestUserDefinablePriority))
 	}
-	if _, ok := SystemPriorityClasses[pc.Name]; ok {
+	if _, ok := schedulerapi.SystemPriorityClasses[pc.Name]; ok {
 		return admission.NewForbidden(a, fmt.Errorf("the name of the priority class is a reserved name for system use only: %v", pc.Name))
 	}
 	// If the new PriorityClass tries to be the default priority, make sure that no other priority class is marked as default.
@@ -215,43 +211,34 @@ func (p *PriorityPlugin) validatePriorityClass(a admission.Attributes) error {
 			}
 		}
 	}
-	// We conservatively invalidate our cache of global default priority upon any changes to any of the existing classes or creation of a new class.
-	p.invalidateCachedDefaultPriority()
 	return nil
 }
 
-func (p *PriorityPlugin) getDefaultPriorityClass() (*scheduling.PriorityClass, error) {
+func (p *priorityPlugin) getDefaultPriorityClass() (*scheduling.PriorityClass, error) {
 	list, err := p.lister.List(labels.Everything())
 	if err != nil {
 		return nil, err
 	}
+	// In case more than one global default priority class is added as a result of a race condition,
+	// we pick the one with the lowest priority value.
+	var defaultPC *scheduling.PriorityClass
 	for _, pci := range list {
 		if pci.GlobalDefault {
-			return pci, nil
+			if defaultPC == nil || defaultPC.Value > pci.Value {
+				defaultPC = pci
+			}
 		}
 	}
-	return nil, nil
+	return defaultPC, nil
 }
 
-func (p *PriorityPlugin) getDefaultPriority() (int32, error) {
-	// If global default priority is cached, return it.
-	if p.globalDefaultPriority != nil {
-		return *p.globalDefaultPriority, nil
-	}
+func (p *priorityPlugin) getDefaultPriority() (int32, error) {
 	dpc, err := p.getDefaultPriorityClass()
 	if err != nil {
 		return 0, err
 	}
-	priority := int32(scheduling.DefaultPriorityWhenNoDefaultClassExists)
 	if dpc != nil {
-		priority = dpc.Value
+		return dpc.Value, nil
 	}
-	// Cache the value.
-	p.globalDefaultPriority = &priority
-	return priority, nil
-}
-
-// invalidateCachedDefaultPriority sets global default priority to nil to indicate that it should be looked up again.
-func (p *PriorityPlugin) invalidateCachedDefaultPriority() {
-	p.globalDefaultPriority = nil
+	return int32(scheduling.DefaultPriorityWhenNoDefaultClassExists), nil
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/BUILD
index d2518c15c88e..e19cf5dc513a 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/BUILD
@@ -52,13 +52,13 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/resourcequota",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/fake:go_default_library",
         "//pkg/client/informers/informers_generated/internalversion:go_default_library",
         "//pkg/controller:go_default_library",
+        "//pkg/quota/generic:go_default_library",
         "//pkg/quota/install:go_default_library",
         "//plugin/pkg/admission/resourcequota/apis/resourcequota:go_default_library",
         "//vendor/github.com/hashicorp/golang-lru:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/admission.go
index c6e89aad806f..ec8bc590a23c 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/admission.go
@@ -27,13 +27,16 @@ import (
 	informers "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion"
 	kubeapiserveradmission "k8s.io/kubernetes/pkg/kubeapiserver/admission"
 	"k8s.io/kubernetes/pkg/quota"
+	"k8s.io/kubernetes/pkg/quota/generic"
 	resourcequotaapi "k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota"
 	"k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/validation"
 )
 
+const PluginName = "ResourceQuota"
+
 // Register registers a plugin
 func Register(plugins *admission.Plugins) {
-	plugins.Register("ResourceQuota",
+	plugins.Register(PluginName,
 		func(config io.Reader) (admission.Interface, error) {
 			// load the configuration provided (if any)
 			configuration, err := LoadConfiguration(config)
@@ -98,7 +101,7 @@ func (a *QuotaAdmission) SetInternalKubeInformerFactory(f informers.SharedInform
 
 func (a *QuotaAdmission) SetQuotaConfiguration(c quota.Configuration) {
 	a.quotaConfiguration = c
-	a.evaluator = NewQuotaEvaluator(a.quotaAccessor, a.quotaConfiguration, nil, a.config, a.numEvaluators, a.stopCh)
+	a.evaluator = NewQuotaEvaluator(a.quotaAccessor, a.quotaConfiguration.IgnoredResources(), generic.NewRegistry(a.quotaConfiguration.Evaluators()), nil, a.config, a.numEvaluators, a.stopCh)
 }
 
 // ValidateInitialization ensures an authorizer is set.
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.conversion.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.conversion.go
index 5406a11f5016..3f2cd5ac8530 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.conversion.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.conversion.go
@@ -16,15 +16,16 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	unsafe "unsafe"
+
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	resourcequota "k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.deepcopy.go
index 9d36704613cb..e309402484ff 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1alpha1
 
@@ -52,9 +52,8 @@ func (in *Configuration) DeepCopy() *Configuration {
 func (in *Configuration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.defaults.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.defaults.go
index 35985182f5c5..5392d21f884b 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.defaults.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/v1alpha1/zz_generated.defaults.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by defaulter-gen. Do not edit it manually!
+// Code generated by defaulter-gen. DO NOT EDIT.
 
 package v1alpha1
 
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/validation/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/validation/BUILD
index 7067a2ed9c5b..d91c48cdf79b 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/validation/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/validation/BUILD
@@ -32,7 +32,6 @@ filegroup(
 go_test(
     name = "go_default_test",
     srcs = ["validation_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/validation",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//plugin/pkg/admission/resourcequota/apis/resourcequota:go_default_library"],
 )
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/zz_generated.deepcopy.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/zz_generated.deepcopy.go
index 4f8250a504a9..fad7a32c0d40 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/apis/resourcequota/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package resourcequota
 
@@ -52,9 +52,8 @@ func (in *Configuration) DeepCopy() *Configuration {
 func (in *Configuration) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/controller.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/controller.go
index 832943d64710..610961af730e 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/controller.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/controller.go
@@ -52,8 +52,7 @@ type quotaEvaluator struct {
 	// lockAcquisitionFunc acquires any required locks and returns a cleanup method to defer
 	lockAcquisitionFunc func([]api.ResourceQuota) func()
 
-	// how quota was configured
-	quotaConfiguration quota.Configuration
+	ignoredResources map[schema.GroupResource]struct{}
 
 	// registry that knows how to measure usage for objects
 	registry quota.Registry
@@ -110,7 +109,7 @@ func newAdmissionWaiter(a admission.Attributes) *admissionWaiter {
 // NewQuotaEvaluator configures an admission controller that can enforce quota constraints
 // using the provided registry.  The registry must have the capability to handle group/kinds that
 // are persisted by the server this admission controller is intercepting
-func NewQuotaEvaluator(quotaAccessor QuotaAccessor, quotaConfiguration quota.Configuration, lockAcquisitionFunc func([]api.ResourceQuota) func(), config *resourcequotaapi.Configuration, workers int, stopCh <-chan struct{}) Evaluator {
+func NewQuotaEvaluator(quotaAccessor QuotaAccessor, ignoredResources map[schema.GroupResource]struct{}, quotaRegistry quota.Registry, lockAcquisitionFunc func([]api.ResourceQuota) func(), config *resourcequotaapi.Configuration, workers int, stopCh <-chan struct{}) Evaluator {
 	// if we get a nil config, just create an empty default.
 	if config == nil {
 		config = &resourcequotaapi.Configuration{}
@@ -120,8 +119,8 @@ func NewQuotaEvaluator(quotaAccessor QuotaAccessor, quotaConfiguration quota.Con
 		quotaAccessor:       quotaAccessor,
 		lockAcquisitionFunc: lockAcquisitionFunc,
 
-		quotaConfiguration: quotaConfiguration,
-		registry:           generic.NewRegistry(quotaConfiguration.Evaluators()),
+		ignoredResources: ignoredResources,
+		registry:         quotaRegistry,
 
 		queue:      workqueue.NewNamed("admission_quota_controller"),
 		work:       map[string][]*admissionWaiter{},
@@ -524,7 +523,7 @@ func (e *quotaEvaluator) Evaluate(a admission.Attributes) error {
 	// is this resource ignored?
 	gvr := a.GetResource()
 	gr := gvr.GroupResource()
-	if _, ok := e.quotaConfiguration.IgnoredResources()[gr]; ok {
+	if _, ok := e.ignoredResources[gr]; ok {
 		return nil
 	}
 
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/resource_access.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/resource_access.go
index 9384770f514d..c7e12d6c8e0d 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/resource_access.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/resource_access.go
@@ -48,7 +48,7 @@ type quotaAccessor struct {
 	lister corelisters.ResourceQuotaLister
 
 	// liveLookups holds the last few live lookups we've done to help ammortize cost on repeated lookup failures.
-	// This let's us handle the case of latent caches, by looking up actual results for a namespace on cache miss/no results.
+	// This lets us handle the case of latent caches, by looking up actual results for a namespace on cache miss/no results.
 	// We track the lookup result here so that for repeated requests, we don't look it up very often.
 	liveLookupCache *lru.Cache
 	liveTTL         time.Duration
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy/BUILD
index a2f5467e0190..c8a3c79ef565 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy/BUILD
@@ -13,6 +13,7 @@ go_library(
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/extensions:go_default_library",
+        "//pkg/apis/policy:go_default_library",
         "//pkg/client/informers/informers_generated/internalversion:go_default_library",
         "//pkg/client/listers/extensions/internalversion:go_default_library",
         "//pkg/kubeapiserver/admission:go_default_library",
@@ -34,13 +35,13 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/api/legacyscheme:go_default_library",
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/helper:go_default_library",
         "//pkg/apis/extensions:go_default_library",
+        "//pkg/apis/policy:go_default_library",
         "//pkg/client/informers/informers_generated/internalversion:go_default_library",
         "//pkg/controller:go_default_library",
         "//pkg/security/apparmor:go_default_library",
@@ -56,6 +57,7 @@ go_test(
         "//vendor/k8s.io/apiserver/pkg/authentication/serviceaccount:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authorization/authorizer:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/authorization/authorizerfactory:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy/OWNERS b/vendor/k8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy/OWNERS
new file mode 100644
index 000000000000..4a0052da6c3c
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy/OWNERS
@@ -0,0 +1,6 @@
+approvers:
+- tallclair
+- liggitt
+reviewers:
+- pweil-
+- php-coder
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy/admission.go
index 15b94df75a00..849ab451415e 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy/admission.go
@@ -33,6 +33,7 @@ import (
 	"k8s.io/apiserver/pkg/authorization/authorizer"
 	api "k8s.io/kubernetes/pkg/apis/core"
 	"k8s.io/kubernetes/pkg/apis/extensions"
+	"k8s.io/kubernetes/pkg/apis/policy"
 	informers "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion"
 	extensionslisters "k8s.io/kubernetes/pkg/client/listers/extensions/internalversion"
 	kubeapiserveradmission "k8s.io/kubernetes/pkg/kubeapiserver/admission"
@@ -122,8 +123,8 @@ func (c *PodSecurityPolicyPlugin) Admit(a admission.Attributes) error {
 
 	pod := a.GetObject().(*api.Pod)
 
-	// compute the context
-	allowedPod, pspName, validationErrs, err := c.computeSecurityContext(a, pod, true)
+	// compute the context. Mutation is allowed. ValidatedPSPAnnotation is not taken into account.
+	allowedPod, pspName, validationErrs, err := c.computeSecurityContext(a, pod, true, "")
 	if err != nil {
 		return admission.NewForbidden(a, err)
 	}
@@ -152,8 +153,8 @@ func (c *PodSecurityPolicyPlugin) Validate(a admission.Attributes) error {
 
 	pod := a.GetObject().(*api.Pod)
 
-	// compute the context. Mutation is not allowed.
-	allowedPod, _, validationErrs, err := c.computeSecurityContext(a, pod, false)
+	// compute the context. Mutation is not allowed. ValidatedPSPAnnotation is used as a hint to gain same speed-up.
+	allowedPod, _, validationErrs, err := c.computeSecurityContext(a, pod, false, pod.ObjectMeta.Annotations[psputil.ValidatedPSPAnnotation])
 	if err != nil {
 		return admission.NewForbidden(a, err)
 	}
@@ -193,8 +194,9 @@ func shouldIgnore(a admission.Attributes) (bool, error) {
 
 // computeSecurityContext derives a valid security context while trying to avoid any changes to the given pod. I.e.
 // if there is a matching policy with the same security context as given, it will be reused. If there is no
-// matching policy the returned pod will be nil and the pspName empty.
-func (c *PodSecurityPolicyPlugin) computeSecurityContext(a admission.Attributes, pod *api.Pod, specMutationAllowed bool) (*api.Pod, string, field.ErrorList, error) {
+// matching policy the returned pod will be nil and the pspName empty. validatedPSPHint is the validated psp name
+// saved in kubernetes.io/psp annotation. This psp is usually the one we are looking for.
+func (c *PodSecurityPolicyPlugin) computeSecurityContext(a admission.Attributes, pod *api.Pod, specMutationAllowed bool, validatedPSPHint string) (*api.Pod, string, field.ErrorList, error) {
 	// get all constraints that are usable by the user
 	glog.V(4).Infof("getting pod security policies for pod %s (generate: %s)", pod.Name, pod.GenerateName)
 	var saInfo user.Info
@@ -213,9 +215,18 @@ func (c *PodSecurityPolicyPlugin) computeSecurityContext(a admission.Attributes,
 		return pod, "", nil, nil
 	}
 
-	// sort by name to make order deterministic
+	// sort policies by name to make order deterministic
+	// If mutation is not allowed and validatedPSPHint is provided, check the validated policy first.
 	// TODO(liggitt): add priority field to allow admins to bucket differently
 	sort.SliceStable(policies, func(i, j int) bool {
+		if !specMutationAllowed {
+			if policies[i].Name == validatedPSPHint {
+				return true
+			}
+			if policies[j].Name == validatedPSPHint {
+				return false
+			}
+		}
 		return strings.Compare(policies[i].Name, policies[j].Name) < 0
 	})
 
@@ -244,7 +255,6 @@ func (c *PodSecurityPolicyPlugin) computeSecurityContext(a admission.Attributes,
 		}
 
 		// the entire pod validated
-
 		mutated := !apiequality.Semantic.DeepEqual(pod, podCopy)
 		if mutated && !specMutationAllowed {
 			continue
@@ -287,35 +297,28 @@ func (c *PodSecurityPolicyPlugin) computeSecurityContext(a admission.Attributes,
 func assignSecurityContext(provider psp.Provider, pod *api.Pod, fldPath *field.Path) field.ErrorList {
 	errs := field.ErrorList{}
 
-	psc, pscAnnotations, err := provider.CreatePodSecurityContext(pod)
+	err := provider.DefaultPodSecurityContext(pod)
 	if err != nil {
 		errs = append(errs, field.Invalid(field.NewPath("spec", "securityContext"), pod.Spec.SecurityContext, err.Error()))
 	}
-	pod.Spec.SecurityContext = psc
-	pod.Annotations = pscAnnotations
 
-	errs = append(errs, provider.ValidatePodSecurityContext(pod, field.NewPath("spec", "securityContext"))...)
+	errs = append(errs, provider.ValidatePod(pod, field.NewPath("spec", "securityContext"))...)
 
 	for i := range pod.Spec.InitContainers {
-		sc, scAnnotations, err := provider.CreateContainerSecurityContext(pod, &pod.Spec.InitContainers[i])
+		err := provider.DefaultContainerSecurityContext(pod, &pod.Spec.InitContainers[i])
 		if err != nil {
 			errs = append(errs, field.Invalid(field.NewPath("spec", "initContainers").Index(i).Child("securityContext"), "", err.Error()))
 			continue
 		}
-		pod.Spec.InitContainers[i].SecurityContext = sc
-		pod.Annotations = scAnnotations
 		errs = append(errs, provider.ValidateContainerSecurityContext(pod, &pod.Spec.InitContainers[i], field.NewPath("spec", "initContainers").Index(i).Child("securityContext"))...)
 	}
 
 	for i := range pod.Spec.Containers {
-		sc, scAnnotations, err := provider.CreateContainerSecurityContext(pod, &pod.Spec.Containers[i])
+		err := provider.DefaultContainerSecurityContext(pod, &pod.Spec.Containers[i])
 		if err != nil {
 			errs = append(errs, field.Invalid(field.NewPath("spec", "containers").Index(i).Child("securityContext"), "", err.Error()))
 			continue
 		}
-
-		pod.Spec.Containers[i].SecurityContext = sc
-		pod.Annotations = scAnnotations
 		errs = append(errs, provider.ValidateContainerSecurityContext(pod, &pod.Spec.Containers[i], field.NewPath("spec", "containers").Index(i).Child("securityContext"))...)
 	}
 
@@ -352,11 +355,19 @@ func isAuthorizedForPolicy(user, sa user.Info, namespace, policyName string, aut
 }
 
 // authorizedForPolicy returns true if info is authorized to perform the "use" verb on the policy resource.
+// TODO: check against only the policy group when PSP will be completely moved out of the extensions
 func authorizedForPolicy(info user.Info, namespace string, policyName string, authz authorizer.Authorizer) bool {
+	// Check against extensions API group for backward compatibility
+	return authorizedForPolicyInAPIGroup(info, namespace, policyName, policy.GroupName, authz) ||
+		authorizedForPolicyInAPIGroup(info, namespace, policyName, extensions.GroupName, authz)
+}
+
+// authorizedForPolicyInAPIGroup returns true if info is authorized to perform the "use" verb on the policy resource in the specified API group.
+func authorizedForPolicyInAPIGroup(info user.Info, namespace, policyName, apiGroupName string, authz authorizer.Authorizer) bool {
 	if info == nil {
 		return false
 	}
-	attr := buildAttributes(info, namespace, policyName)
+	attr := buildAttributes(info, namespace, policyName, apiGroupName)
 	decision, reason, err := authz.Authorize(attr)
 	if err != nil {
 		glog.V(5).Infof("cannot authorize for policy: %v,%v", reason, err)
@@ -365,14 +376,14 @@ func authorizedForPolicy(info user.Info, namespace string, policyName string, au
 }
 
 // buildAttributes builds an attributes record for a SAR based on the user info and policy.
-func buildAttributes(info user.Info, namespace string, policyName string) authorizer.Attributes {
+func buildAttributes(info user.Info, namespace, policyName, apiGroupName string) authorizer.Attributes {
 	// check against the namespace that the pod is being created in to allow per-namespace PSP grants.
 	attr := authorizer.AttributesRecord{
 		User:            info,
 		Verb:            "use",
 		Namespace:       namespace,
 		Name:            policyName,
-		APIGroup:        extensions.GroupName,
+		APIGroup:        apiGroupName,
 		Resource:        "podsecuritypolicies",
 		ResourceRequest: true,
 	}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/securitycontext/scdeny/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/securitycontext/scdeny/BUILD
index a90da5e8f7fd..25a2ac1e99e4 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/securitycontext/scdeny/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/securitycontext/scdeny/BUILD
@@ -20,8 +20,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/securitycontext/scdeny",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/securitycontext/scdeny/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/securitycontext/scdeny/admission.go
index cace3843dad6..5ff6c07a0fdb 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/securitycontext/scdeny/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/securitycontext/scdeny/admission.go
@@ -25,9 +25,12 @@ import (
 	api "k8s.io/kubernetes/pkg/apis/core"
 )
 
+// PluginName indicates name of admission plugin.
+const PluginName = "SecurityContextDeny"
+
 // Register registers a plugin
 func Register(plugins *admission.Plugins) {
-	plugins.Register("SecurityContextDeny", func(config io.Reader) (admission.Interface, error) {
+	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
 		return NewSecurityContextDeny(), nil
 	})
 }
@@ -46,7 +49,7 @@ func NewSecurityContextDeny() *Plugin {
 	}
 }
 
-// Validate will deny any pod that defines SELinuxOptions or RunAsUser.
+// Validate will deny any pod that defines SupplementalGroups, SELinuxOptions, RunAsUser or FSGroup
 func (p *Plugin) Validate(a admission.Attributes) (err error) {
 	if a.GetSubresource() != "" || a.GetResource().GroupResource() != api.Resource("pods") {
 		return nil
@@ -57,20 +60,19 @@ func (p *Plugin) Validate(a admission.Attributes) (err error) {
 		return apierrors.NewBadRequest("Resource was marked with kind Pod but was unable to be converted")
 	}
 
-	if pod.Spec.SecurityContext != nil && pod.Spec.SecurityContext.SupplementalGroups != nil {
-		return apierrors.NewForbidden(a.GetResource().GroupResource(), pod.Name, fmt.Errorf("SecurityContext.SupplementalGroups is forbidden"))
-	}
 	if pod.Spec.SecurityContext != nil {
+		if pod.Spec.SecurityContext.SupplementalGroups != nil {
+			return apierrors.NewForbidden(a.GetResource().GroupResource(), pod.Name, fmt.Errorf("pod.Spec.SecurityContext.SupplementalGroups is forbidden"))
+		}
 		if pod.Spec.SecurityContext.SELinuxOptions != nil {
 			return apierrors.NewForbidden(a.GetResource().GroupResource(), pod.Name, fmt.Errorf("pod.Spec.SecurityContext.SELinuxOptions is forbidden"))
 		}
 		if pod.Spec.SecurityContext.RunAsUser != nil {
 			return apierrors.NewForbidden(a.GetResource().GroupResource(), pod.Name, fmt.Errorf("pod.Spec.SecurityContext.RunAsUser is forbidden"))
 		}
-	}
-
-	if pod.Spec.SecurityContext != nil && pod.Spec.SecurityContext.FSGroup != nil {
-		return apierrors.NewForbidden(a.GetResource().GroupResource(), pod.Name, fmt.Errorf("SecurityContext.FSGroup is forbidden"))
+		if pod.Spec.SecurityContext.FSGroup != nil {
+			return apierrors.NewForbidden(a.GetResource().GroupResource(), pod.Name, fmt.Errorf("pod.Spec.SecurityContext.FSGroup is forbidden"))
+		}
 	}
 
 	for _, v := range pod.Spec.InitContainers {
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/serviceaccount/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/serviceaccount/BUILD
index aaeedacddc46..832e82fbff90 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/serviceaccount/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/serviceaccount/BUILD
@@ -35,8 +35,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/serviceaccount",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/client/clientset_generated/internalclientset/fake:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/storageclass/setdefault/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/storage/storageclass/setdefault/BUILD
similarity index 92%
rename from vendor/k8s.io/kubernetes/plugin/pkg/admission/storageclass/setdefault/BUILD
rename to vendor/k8s.io/kubernetes/plugin/pkg/admission/storage/storageclass/setdefault/BUILD
index 27b114d0643a..c133f2e35147 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/storageclass/setdefault/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/storage/storageclass/setdefault/BUILD
@@ -9,7 +9,7 @@ load(
 go_library(
     name = "go_default_library",
     srcs = ["admission.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/storageclass/setdefault",
+    importpath = "k8s.io/kubernetes/plugin/pkg/admission/storage/storageclass/setdefault",
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/core/helper:go_default_library",
@@ -28,8 +28,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/storageclass/setdefault",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/storage:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/storageclass/setdefault/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/storage/storageclass/setdefault/admission.go
similarity index 91%
rename from vendor/k8s.io/kubernetes/plugin/pkg/admission/storageclass/setdefault/admission.go
rename to vendor/k8s.io/kubernetes/plugin/pkg/admission/storage/storageclass/setdefault/admission.go
index 6a9fe197a082..70281518821e 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/storageclass/setdefault/admission.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/storage/storageclass/setdefault/admission.go
@@ -35,6 +35,7 @@ import (
 )
 
 const (
+	// PluginName is the name of this admission controller plugin
 	PluginName = "DefaultStorageClass"
 )
 
@@ -84,16 +85,16 @@ func (a *claimDefaulterPlugin) ValidateInitialization() error {
 // 1.  Find available StorageClasses.
 // 2.  Figure which is the default
 // 3.  Write to the PVClaim
-func (c *claimDefaulterPlugin) Admit(a admission.Attributes) error {
-	if a.GetResource().GroupResource() != api.Resource("persistentvolumeclaims") {
+func (a *claimDefaulterPlugin) Admit(attr admission.Attributes) error {
+	if attr.GetResource().GroupResource() != api.Resource("persistentvolumeclaims") {
 		return nil
 	}
 
-	if len(a.GetSubresource()) != 0 {
+	if len(attr.GetSubresource()) != 0 {
 		return nil
 	}
 
-	pvc, ok := a.GetObject().(*api.PersistentVolumeClaim)
+	pvc, ok := attr.GetObject().(*api.PersistentVolumeClaim)
 	// if we can't convert then we don't handle this object so just return
 	if !ok {
 		return nil
@@ -106,9 +107,9 @@ func (c *claimDefaulterPlugin) Admit(a admission.Attributes) error {
 
 	glog.V(4).Infof("no storage class for claim %s (generate: %s)", pvc.Name, pvc.GenerateName)
 
-	def, err := getDefaultClass(c.lister)
+	def, err := getDefaultClass(a.lister)
 	if err != nil {
-		return admission.NewForbidden(a, err)
+		return admission.NewForbidden(attr, err)
 	}
 	if def == nil {
 		// No default class selected, do nothing about the PVC.
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolumeclaim/pvcprotection/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/admission/storage/storageobjectinuseprotection/BUILD
similarity index 88%
rename from vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolumeclaim/pvcprotection/BUILD
rename to vendor/k8s.io/kubernetes/plugin/pkg/admission/storage/storageobjectinuseprotection/BUILD
index e13f63e59349..11497423042f 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/admission/persistentvolumeclaim/pvcprotection/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/storage/storageobjectinuseprotection/BUILD
@@ -3,7 +3,7 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 go_library(
     name = "go_default_library",
     srcs = ["admission.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/persistentvolumeclaim/pvcprotection",
+    importpath = "k8s.io/kubernetes/plugin/pkg/admission/storage/storageobjectinuseprotection",
     visibility = ["//visibility:public"],
     deps = [
         "//pkg/apis/core:go_default_library",
@@ -21,8 +21,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["admission_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/admission/persistentvolumeclaim/pvcprotection",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/client/informers/informers_generated/internalversion:go_default_library",
@@ -31,6 +30,7 @@ go_test(
         "//vendor/github.com/davecgh/go-spew/spew:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
     ],
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/admission/storage/storageobjectinuseprotection/admission.go b/vendor/k8s.io/kubernetes/plugin/pkg/admission/storage/storageobjectinuseprotection/admission.go
new file mode 100644
index 000000000000..5d7fca15d3b0
--- /dev/null
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/admission/storage/storageobjectinuseprotection/admission.go
@@ -0,0 +1,156 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package storageobjectinuseprotection
+
+import (
+	"fmt"
+	"io"
+
+	"github.com/golang/glog"
+
+	admission "k8s.io/apiserver/pkg/admission"
+	"k8s.io/apiserver/pkg/util/feature"
+	api "k8s.io/kubernetes/pkg/apis/core"
+	informers "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion"
+	corelisters "k8s.io/kubernetes/pkg/client/listers/core/internalversion"
+	"k8s.io/kubernetes/pkg/features"
+	kubeapiserveradmission "k8s.io/kubernetes/pkg/kubeapiserver/admission"
+	volumeutil "k8s.io/kubernetes/pkg/volume/util"
+)
+
+const (
+	// PluginName is the name of this admission controller plugin
+	PluginName = "StorageObjectInUseProtection"
+)
+
+// Register registers a plugin
+func Register(plugins *admission.Plugins) {
+	plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
+		plugin := newPlugin()
+		return plugin, nil
+	})
+}
+
+// storageProtectionPlugin holds state for and implements the admission plugin.
+type storageProtectionPlugin struct {
+	*admission.Handler
+
+	pvcLister corelisters.PersistentVolumeClaimLister
+	pvLister  corelisters.PersistentVolumeLister
+}
+
+var _ admission.Interface = &storageProtectionPlugin{}
+var _ = kubeapiserveradmission.WantsInternalKubeInformerFactory(&storageProtectionPlugin{})
+
+// newPlugin creates a new admission plugin.
+func newPlugin() *storageProtectionPlugin {
+	return &storageProtectionPlugin{
+		Handler: admission.NewHandler(admission.Create),
+	}
+}
+
+func (c *storageProtectionPlugin) SetInternalKubeInformerFactory(f informers.SharedInformerFactory) {
+	pvcInformer := f.Core().InternalVersion().PersistentVolumeClaims()
+	c.pvcLister = pvcInformer.Lister()
+	pvInformer := f.Core().InternalVersion().PersistentVolumes()
+	c.pvLister = pvInformer.Lister()
+	c.SetReadyFunc(func() bool {
+		return pvcInformer.Informer().HasSynced() && pvInformer.Informer().HasSynced()
+	})
+}
+
+// ValidateInitialization ensures lister is set.
+func (c *storageProtectionPlugin) ValidateInitialization() error {
+	if c.pvcLister == nil {
+		return fmt.Errorf("missing PVC lister")
+	}
+	if c.pvLister == nil {
+		return fmt.Errorf("missing PV lister")
+	}
+	return nil
+}
+
+var (
+	pvResource  = api.Resource("persistentvolumes")
+	pvcResource = api.Resource("persistentvolumeclaims")
+)
+
+// Admit sets finalizer on all PVCs(PVs). The finalizer is removed by
+// PVCProtectionController(PVProtectionController) when it's not referenced.
+//
+// This prevents users from deleting a PVC that's used by a running pod.
+// This also prevents admin from deleting a PV that's bound by a PVC
+func (c *storageProtectionPlugin) Admit(a admission.Attributes) error {
+	if !feature.DefaultFeatureGate.Enabled(features.StorageObjectInUseProtection) {
+		return nil
+	}
+
+	switch a.GetResource().GroupResource() {
+	case pvResource:
+		return c.admitPV(a)
+	case pvcResource:
+		return c.admitPVC(a)
+
+	default:
+		return nil
+	}
+}
+
+func (c *storageProtectionPlugin) admitPV(a admission.Attributes) error {
+	if len(a.GetSubresource()) != 0 {
+		return nil
+	}
+
+	pv, ok := a.GetObject().(*api.PersistentVolume)
+	// if we can't convert the obj to PV, just return
+	if !ok {
+		return nil
+	}
+	for _, f := range pv.Finalizers {
+		if f == volumeutil.PVProtectionFinalizer {
+			// Finalizer is already present, nothing to do
+			return nil
+		}
+	}
+	glog.V(4).Infof("adding PV protection finalizer to %s", pv.Name)
+	pv.Finalizers = append(pv.Finalizers, volumeutil.PVProtectionFinalizer)
+
+	return nil
+}
+
+func (c *storageProtectionPlugin) admitPVC(a admission.Attributes) error {
+	if len(a.GetSubresource()) != 0 {
+		return nil
+	}
+
+	pvc, ok := a.GetObject().(*api.PersistentVolumeClaim)
+	// if we can't convert the obj to PVC, just return
+	if !ok {
+		return nil
+	}
+
+	for _, f := range pvc.Finalizers {
+		if f == volumeutil.PVCProtectionFinalizer {
+			// Finalizer is already present, nothing to do
+			return nil
+		}
+	}
+
+	glog.V(4).Infof("adding PVC protection finalizer to %s/%s", pvc.Namespace, pvc.Name)
+	pvc.Finalizers = append(pvc.Finalizers, volumeutil.PVCProtectionFinalizer)
+	return nil
+}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/bootstrap/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/bootstrap/BUILD
index b6f0426ab130..5beffd665a8c 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/bootstrap/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/bootstrap/BUILD
@@ -9,16 +9,15 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["bootstrap_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/bootstrap",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
-        "//pkg/bootstrap/api:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library",
+        "//vendor/k8s.io/client-go/tools/bootstrap/token/api:go_default_library",
     ],
 )
 
@@ -28,12 +27,13 @@ go_library(
     importpath = "k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/bootstrap",
     deps = [
         "//pkg/apis/core:go_default_library",
-        "//pkg/bootstrap/api:go_default_library",
         "//pkg/client/listers/core/internalversion:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library",
+        "//vendor/k8s.io/client-go/tools/bootstrap/token/api:go_default_library",
+        "//vendor/k8s.io/client-go/tools/bootstrap/token/util:go_default_library",
     ],
 )
 
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/bootstrap/bootstrap.go b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/bootstrap/bootstrap.go
index 90a0137489db..a0a615886b77 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/bootstrap/bootstrap.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/bootstrap/bootstrap.go
@@ -31,8 +31,9 @@ import (
 	"k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/apiserver/pkg/authentication/user"
+	bootstrapapi "k8s.io/client-go/tools/bootstrap/token/api"
+	bootstraputil "k8s.io/client-go/tools/bootstrap/token/util"
 	api "k8s.io/kubernetes/pkg/apis/core"
-	bootstrapapi "k8s.io/kubernetes/pkg/bootstrap/api"
 	"k8s.io/kubernetes/pkg/client/listers/core/internalversion"
 )
 
@@ -149,7 +150,7 @@ func (t *TokenAuthenticator) AuthenticateToken(token string) (user.Info, bool, e
 	}, true, nil
 }
 
-// Copied from k8s.io/kubernetes/pkg/bootstrap/api
+// Copied from k8s.io/client-go/tools/bootstrap/token/api
 func getSecretString(secret *api.Secret, key string) string {
 	if secret.Data == nil {
 		return ""
@@ -160,7 +161,7 @@ func getSecretString(secret *api.Secret, key string) string {
 	return ""
 }
 
-// Copied from k8s.io/kubernetes/pkg/bootstrap/api
+// Copied from k8s.io/client-go/tools/bootstrap/token/api
 func isSecretExpired(secret *api.Secret) bool {
 	expiration := getSecretString(secret, bootstrapapi.BootstrapTokenExpirationKey)
 	if len(expiration) > 0 {
@@ -209,7 +210,7 @@ func getGroups(secret *api.Secret) ([]string, error) {
 
 	// validate the names of the extra groups
 	for _, group := range strings.Split(extraGroupsString, ",") {
-		if err := bootstrapapi.ValidateBootstrapGroupName(group); err != nil {
+		if err := bootstraputil.ValidateBootstrapGroupName(group); err != nil {
 			return nil, err
 		}
 		groups.Insert(group)
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/node/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/node/BUILD
index 46bb915ba8a4..37d0db0b0d44 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/node/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/node/BUILD
@@ -9,15 +9,17 @@ load(
 go_test(
     name = "go_default_test",
     srcs = ["node_authorizer_test.go"],
-    importpath = "k8s.io/kubernetes/plugin/pkg/auth/authorizer/node",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/core:go_default_library",
         "//pkg/auth/nodeidentifier:go_default_library",
+        "//pkg/features:go_default_library",
         "//plugin/pkg/auth/authorizer/rbac/bootstrappolicy:go_default_library",
+        "//vendor/k8s.io/api/storage/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authorization/authorizer:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
     ],
 )
 
@@ -34,6 +36,7 @@ go_library(
         "//pkg/api/pod:go_default_library",
         "//pkg/apis/core:go_default_library",
         "//pkg/apis/rbac:go_default_library",
+        "//pkg/apis/storage:go_default_library",
         "//pkg/auth/nodeidentifier:go_default_library",
         "//pkg/client/informers/informers_generated/internalversion/core/internalversion:go_default_library",
         "//pkg/features:go_default_library",
@@ -42,9 +45,11 @@ go_library(
         "//third_party/forked/gonum/graph/simple:go_default_library",
         "//third_party/forked/gonum/graph/traverse:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/k8s.io/api/storage/v1beta1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/authorization/authorizer:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
+        "//vendor/k8s.io/client-go/informers/storage/v1beta1:go_default_library",
         "//vendor/k8s.io/client-go/tools/cache:go_default_library",
     ],
 )
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/node/graph.go b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/node/graph.go
index 729cad2ea772..38fea6d0323c 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/node/graph.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/node/graph.go
@@ -106,15 +106,19 @@ const (
 	pvcVertexType
 	pvVertexType
 	secretVertexType
+	vaVertexType
+	serviceAccountVertexType
 )
 
 var vertexTypes = map[vertexType]string{
-	configMapVertexType: "configmap",
-	nodeVertexType:      "node",
-	podVertexType:       "pod",
-	pvcVertexType:       "pvc",
-	pvVertexType:        "pv",
-	secretVertexType:    "secret",
+	configMapVertexType:      "configmap",
+	nodeVertexType:           "node",
+	podVertexType:            "pod",
+	pvcVertexType:            "pvc",
+	pvVertexType:             "pv",
+	secretVertexType:         "secret",
+	vaVertexType:             "volumeattachment",
+	serviceAccountVertexType: "serviceAccount",
 }
 
 // must be called under a write lock
@@ -202,6 +206,7 @@ func (g *Graph) deleteVertex_locked(vertexType vertexType, namespace, name strin
 //   secret    -> pod
 //   configmap -> pod
 //   pvc       -> pod
+//   svcacct   -> pod
 func (g *Graph) AddPod(pod *api.Pod) {
 	g.lock.Lock()
 	defer g.lock.Unlock()
@@ -211,6 +216,14 @@ func (g *Graph) AddPod(pod *api.Pod) {
 	nodeVertex := g.getOrCreateVertex_locked(nodeVertexType, "", pod.Spec.NodeName)
 	g.graph.SetEdge(newDestinationEdge(podVertex, nodeVertex, nodeVertex))
 
+	// TODO(mikedanese): If the pod doesn't mount the service account secrets,
+	// should the node still get access to the service account?
+	//
+	// ref https://github.com/kubernetes/kubernetes/issues/58790
+	if len(pod.Spec.ServiceAccountName) > 0 {
+		g.graph.SetEdge(newDestinationEdge(g.getOrCreateVertex_locked(serviceAccountVertexType, pod.Namespace, pod.Spec.ServiceAccountName), podVertex, nodeVertex))
+	}
+
 	podutil.VisitPodSecretNames(pod, func(secret string) bool {
 		g.graph.SetEdge(newDestinationEdge(g.getOrCreateVertex_locked(secretVertexType, pod.Namespace, secret), podVertex, nodeVertex))
 		return true
@@ -251,9 +264,11 @@ func (g *Graph) AddPV(pv *api.PersistentVolume) {
 
 		// since we don't know the other end of the pvc -> pod -> node chain (or it may not even exist yet), we can't decorate these edges with kubernetes node info
 		g.graph.SetEdge(simple.Edge{F: pvVertex, T: g.getOrCreateVertex_locked(pvcVertexType, pv.Spec.ClaimRef.Namespace, pv.Spec.ClaimRef.Name)})
-		pvutil.VisitPVSecretNames(pv, func(namespace, secret string) bool {
+		pvutil.VisitPVSecretNames(pv, func(namespace, secret string, kubeletVisible bool) bool {
 			// This grants access to the named secret in the same namespace as the bound PVC
-			g.graph.SetEdge(simple.Edge{F: g.getOrCreateVertex_locked(secretVertexType, namespace, secret), T: pvVertex})
+			if kubeletVisible {
+				g.graph.SetEdge(simple.Edge{F: g.getOrCreateVertex_locked(secretVertexType, namespace, secret), T: pvVertex})
+			}
 			return true
 		})
 	}
@@ -263,3 +278,26 @@ func (g *Graph) DeletePV(name string) {
 	defer g.lock.Unlock()
 	g.deleteVertex_locked(pvVertexType, "", name)
 }
+
+// AddVolumeAttachment sets up edges for the following relationships:
+//
+//   volume attachment -> node
+func (g *Graph) AddVolumeAttachment(attachmentName, nodeName string) {
+	g.lock.Lock()
+	defer g.lock.Unlock()
+
+	// clear existing edges
+	g.deleteVertex_locked(vaVertexType, "", attachmentName)
+
+	// if we have a node, establish new edges
+	if len(nodeName) > 0 {
+		vaVertex := g.getOrCreateVertex_locked(vaVertexType, "", attachmentName)
+		nodeVertex := g.getOrCreateVertex_locked(nodeVertexType, "", nodeName)
+		g.graph.SetEdge(newDestinationEdge(vaVertex, nodeVertex, nodeVertex))
+	}
+}
+func (g *Graph) DeleteVolumeAttachment(name string) {
+	g.lock.Lock()
+	defer g.lock.Unlock()
+	g.deleteVertex_locked(vaVertexType, "", name)
+}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/node/graph_populator.go b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/node/graph_populator.go
index 64ea648227cf..8c1c36a2d242 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/node/graph_populator.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/node/graph_populator.go
@@ -19,16 +19,25 @@ package node
 import (
 	"github.com/golang/glog"
 
+	storagev1beta1 "k8s.io/api/storage/v1beta1"
+	utilfeature "k8s.io/apiserver/pkg/util/feature"
+	storageinformers "k8s.io/client-go/informers/storage/v1beta1"
 	"k8s.io/client-go/tools/cache"
 	api "k8s.io/kubernetes/pkg/apis/core"
 	coreinformers "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion"
+	"k8s.io/kubernetes/pkg/features"
 )
 
 type graphPopulator struct {
 	graph *Graph
 }
 
-func AddGraphEventHandlers(graph *Graph, pods coreinformers.PodInformer, pvs coreinformers.PersistentVolumeInformer) {
+func AddGraphEventHandlers(
+	graph *Graph,
+	pods coreinformers.PodInformer,
+	pvs coreinformers.PersistentVolumeInformer,
+	attachments storageinformers.VolumeAttachmentInformer,
+) {
 	g := &graphPopulator{
 		graph: graph,
 	}
@@ -44,6 +53,14 @@ func AddGraphEventHandlers(graph *Graph, pods coreinformers.PodInformer, pvs cor
 		UpdateFunc: g.updatePV,
 		DeleteFunc: g.deletePV,
 	})
+
+	if utilfeature.DefaultFeatureGate.Enabled(features.CSIPersistentVolume) {
+		attachments.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
+			AddFunc:    g.addVolumeAttachment,
+			UpdateFunc: g.updateVolumeAttachment,
+			DeleteFunc: g.deleteVolumeAttachment,
+		})
+	}
 }
 
 func (g *graphPopulator) addPod(obj interface{}) {
@@ -106,3 +123,31 @@ func (g *graphPopulator) deletePV(obj interface{}) {
 	}
 	g.graph.DeletePV(pv.Name)
 }
+
+func (g *graphPopulator) addVolumeAttachment(obj interface{}) {
+	g.updateVolumeAttachment(nil, obj)
+}
+
+func (g *graphPopulator) updateVolumeAttachment(oldObj, obj interface{}) {
+	attachment := obj.(*storagev1beta1.VolumeAttachment)
+	if oldObj != nil {
+		// skip add if node name is identical
+		oldAttachment := oldObj.(*storagev1beta1.VolumeAttachment)
+		if oldAttachment.Spec.NodeName == attachment.Spec.NodeName {
+			return
+		}
+	}
+	g.graph.AddVolumeAttachment(attachment.Name, attachment.Spec.NodeName)
+}
+
+func (g *graphPopulator) deleteVolumeAttachment(obj interface{}) {
+	if tombstone, ok := obj.(cache.DeletedFinalStateUnknown); ok {
+		obj = tombstone.Obj
+	}
+	attachment, ok := obj.(*api.PersistentVolume)
+	if !ok {
+		glog.Infof("unexpected type %T", obj)
+		return
+	}
+	g.graph.DeleteVolumeAttachment(attachment.Name)
+}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/node/node_authorizer.go b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/node/node_authorizer.go
index bf728ccc5e63..b2078d2c6d9e 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/node/node_authorizer.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/node/node_authorizer.go
@@ -26,6 +26,7 @@ import (
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	api "k8s.io/kubernetes/pkg/apis/core"
 	rbacapi "k8s.io/kubernetes/pkg/apis/rbac"
+	storageapi "k8s.io/kubernetes/pkg/apis/storage"
 	"k8s.io/kubernetes/pkg/auth/nodeidentifier"
 	"k8s.io/kubernetes/pkg/features"
 	"k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac"
@@ -48,6 +49,9 @@ type NodeAuthorizer struct {
 	graph      *Graph
 	identifier nodeidentifier.NodeIdentifier
 	nodeRules  []rbacapi.PolicyRule
+
+	// allows overriding for testing
+	features utilfeature.FeatureGate
 }
 
 // NewAuthorizer returns a new node authorizer
@@ -56,6 +60,7 @@ func NewAuthorizer(graph *Graph, identifier nodeidentifier.NodeIdentifier, rules
 		graph:      graph,
 		identifier: identifier,
 		nodeRules:  rules,
+		features:   utilfeature.DefaultFeatureGate,
 	}
 }
 
@@ -64,6 +69,8 @@ var (
 	secretResource    = api.Resource("secrets")
 	pvcResource       = api.Resource("persistentvolumeclaims")
 	pvResource        = api.Resource("persistentvolumes")
+	vaResource        = storageapi.Resource("volumeattachments")
+	svcAcctResource   = api.Resource("serviceaccounts")
 )
 
 func (r *NodeAuthorizer) Authorize(attrs authorizer.Attributes) (authorizer.Decision, string, error) {
@@ -87,7 +94,7 @@ func (r *NodeAuthorizer) Authorize(attrs authorizer.Attributes) (authorizer.Deci
 		case configMapResource:
 			return r.authorizeGet(nodeName, configMapVertexType, attrs)
 		case pvcResource:
-			if utilfeature.DefaultFeatureGate.Enabled(features.ExpandPersistentVolumes) {
+			if r.features.Enabled(features.ExpandPersistentVolumes) {
 				if attrs.GetSubresource() == "status" {
 					return r.authorizeStatusUpdate(nodeName, pvcVertexType, attrs)
 				}
@@ -95,6 +102,16 @@ func (r *NodeAuthorizer) Authorize(attrs authorizer.Attributes) (authorizer.Deci
 			return r.authorizeGet(nodeName, pvcVertexType, attrs)
 		case pvResource:
 			return r.authorizeGet(nodeName, pvVertexType, attrs)
+		case vaResource:
+			if r.features.Enabled(features.CSIPersistentVolume) {
+				return r.authorizeGet(nodeName, vaVertexType, attrs)
+			}
+			return authorizer.DecisionNoOpinion, fmt.Sprintf("disabled by feature gate %s", features.CSIPersistentVolume), nil
+		case svcAcctResource:
+			if r.features.Enabled(features.TokenRequest) {
+				return r.authorizeCreateToken(nodeName, serviceAccountVertexType, attrs)
+			}
+			return authorizer.DecisionNoOpinion, fmt.Sprintf("disabled by feature gate %s", features.TokenRequest), nil
 		}
 	}
 
@@ -154,6 +171,31 @@ func (r *NodeAuthorizer) authorize(nodeName string, startingType vertexType, att
 	return authorizer.DecisionAllow, "", nil
 }
 
+// authorizeCreateToken authorizes "create" requests to serviceaccounts 'token'
+// subresource of pods running on a node
+func (r *NodeAuthorizer) authorizeCreateToken(nodeName string, startingType vertexType, attrs authorizer.Attributes) (authorizer.Decision, string, error) {
+	if attrs.GetVerb() != "create" || len(attrs.GetName()) == 0 {
+		glog.V(2).Infof("NODE DENY: %s %#v", nodeName, attrs)
+		return authorizer.DecisionNoOpinion, "can only create tokens for individual service accounts", nil
+	}
+
+	if attrs.GetSubresource() != "token" {
+		glog.V(2).Infof("NODE DENY: %s %#v", nodeName, attrs)
+		return authorizer.DecisionNoOpinion, "can only create token subresource of serviceaccount", nil
+	}
+
+	ok, err := r.hasPathFrom(nodeName, startingType, attrs.GetNamespace(), attrs.GetName())
+	if err != nil {
+		glog.V(2).Infof("NODE DENY: %v", err)
+		return authorizer.DecisionNoOpinion, "no path found to object", nil
+	}
+	if !ok {
+		glog.V(2).Infof("NODE DENY: %q %#v", nodeName, attrs)
+		return authorizer.DecisionNoOpinion, "no path found to object", nil
+	}
+	return authorizer.DecisionAllow, "", nil
+}
+
 // hasPathFrom returns true if there is a directed path from the specified type/namespace/name to the specified Node
 func (r *NodeAuthorizer) hasPathFrom(nodeName string, startingType vertexType, startingNamespace, startingName string) (bool, error) {
 	r.graph.lock.RLock()
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/BUILD
index 73dff4829009..258c860c5f1c 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/BUILD
@@ -31,8 +31,7 @@ go_test(
         "rbac_test.go",
         "subject_locator_test.go",
     ],
-    importpath = "k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//pkg/apis/rbac:go_default_library",
         "//pkg/registry/rbac/validation:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/BUILD b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/BUILD
index e503bb50c65e..4c891015f9e6 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/BUILD
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/BUILD
@@ -32,7 +32,6 @@ go_test(
     data = glob([
         "testdata/*",
     ]),
-    importpath = "k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy_test",
     deps = [
         ":go_default_library",
         "//pkg/api/legacyscheme:go_default_library",
@@ -55,8 +54,7 @@ go_test(
     name = "go_default_test",
     srcs = ["controller_policy_test.go"],
     data = glob(["testdata/**"]),
-    importpath = "k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = [
         "//vendor/k8s.io/apimachinery/pkg/api/meta:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/controller_policy.go b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/controller_policy.go
index c94c02953341..ef9c17e3e50e 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/controller_policy.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/controller_policy.go
@@ -265,7 +265,7 @@ func buildControllerRoles() ([]rbac.ClusterRole, []rbac.ClusterRoleBinding) {
 	addControllerRole(&controllerRoles, &controllerRoleBindings, rbac.ClusterRole{
 		ObjectMeta: metav1.ObjectMeta{Name: saRolePrefix + "resourcequota-controller"},
 		Rules: []rbac.PolicyRule{
-			// quota can count quota on anything for reconcilation, so it needs full viewing powers
+			// quota can count quota on anything for reconciliation, so it needs full viewing powers
 			rbac.NewRule("list", "watch").Groups("*").Resources("*").RuleOrDie(),
 			rbac.NewRule("update").Groups(legacyGroup).Resources("resourcequotas/status").RuleOrDie(),
 			eventsRule(),
@@ -318,13 +318,13 @@ func buildControllerRoles() ([]rbac.ClusterRole, []rbac.ClusterRoleBinding) {
 	addControllerRole(&controllerRoles, &controllerRoleBindings, rbac.ClusterRole{
 		ObjectMeta: metav1.ObjectMeta{Name: saRolePrefix + "certificate-controller"},
 		Rules: []rbac.PolicyRule{
-			rbac.NewRule("get", "list", "watch").Groups(certificatesGroup).Resources("certificatesigningrequests").RuleOrDie(),
+			rbac.NewRule("get", "list", "watch", "delete").Groups(certificatesGroup).Resources("certificatesigningrequests").RuleOrDie(),
 			rbac.NewRule("update").Groups(certificatesGroup).Resources("certificatesigningrequests/status", "certificatesigningrequests/approval").RuleOrDie(),
 			rbac.NewRule("create").Groups(authorizationGroup).Resources("subjectaccessreviews").RuleOrDie(),
 			eventsRule(),
 		},
 	})
-	if utilfeature.DefaultFeatureGate.Enabled(features.PVCProtection) {
+	if utilfeature.DefaultFeatureGate.Enabled(features.StorageObjectInUseProtection) {
 		addControllerRole(&controllerRoles, &controllerRoleBindings, rbac.ClusterRole{
 			ObjectMeta: metav1.ObjectMeta{Name: saRolePrefix + "pvc-protection-controller"},
 			Rules: []rbac.PolicyRule{
@@ -334,6 +334,15 @@ func buildControllerRoles() ([]rbac.ClusterRole, []rbac.ClusterRoleBinding) {
 			},
 		})
 	}
+	if utilfeature.DefaultFeatureGate.Enabled(features.StorageObjectInUseProtection) {
+		addControllerRole(&controllerRoles, &controllerRoleBindings, rbac.ClusterRole{
+			ObjectMeta: metav1.ObjectMeta{Name: saRolePrefix + "pv-protection-controller"},
+			Rules: []rbac.PolicyRule{
+				rbac.NewRule("get", "list", "watch", "update").Groups(legacyGroup).Resources("persistentvolumes").RuleOrDie(),
+				eventsRule(),
+			},
+		})
+	}
 
 	return controllerRoles, controllerRoleBindings
 }
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/namespace_policy.go b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/namespace_policy.go
index c40758c8af4e..16590fffc84b 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/namespace_policy.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/namespace_policy.go
@@ -87,6 +87,7 @@ func init() {
 	})
 	addNamespaceRole(metav1.NamespaceSystem, rbac.Role{
 		// role for the cloud providers to access/create kube-system configmaps
+		// Deprecated starting Kubernetes 1.10 and will be deleted according to GA deprecation policy.
 		ObjectMeta: metav1.ObjectMeta{Name: saRolePrefix + "cloud-provider"},
 		Rules: []rbac.PolicyRule{
 			rbac.NewRule("create", "get", "list", "watch").Groups(legacyGroup).Resources("configmaps").RuleOrDie(),
@@ -123,6 +124,7 @@ func init() {
 		rbac.NewRoleBinding("system::leader-locking-kube-scheduler", metav1.NamespaceSystem).SAs(metav1.NamespaceSystem, "kube-scheduler").BindingOrDie())
 	addNamespaceRoleBinding(metav1.NamespaceSystem,
 		rbac.NewRoleBinding(saRolePrefix+"bootstrap-signer", metav1.NamespaceSystem).SAs(metav1.NamespaceSystem, "bootstrap-signer").BindingOrDie())
+	// cloud-provider is deprecated starting Kubernetes 1.10 and will be deleted according to GA deprecation policy.
 	addNamespaceRoleBinding(metav1.NamespaceSystem,
 		rbac.NewRoleBinding(saRolePrefix+"cloud-provider", metav1.NamespaceSystem).SAs(metav1.NamespaceSystem, "cloud-provider").BindingOrDie())
 	addNamespaceRoleBinding(metav1.NamespaceSystem,
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy.go b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy.go
index b54d7c6dfdc9..74d86d9d11e0 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy.go
@@ -27,8 +27,9 @@ import (
 )
 
 var (
-	ReadWrite = []string{"get", "list", "watch", "create", "update", "patch", "delete", "deletecollection"}
-	Read      = []string{"get", "list", "watch"}
+	ReadWrite  = []string{"get", "list", "watch", "create", "update", "patch", "delete", "deletecollection"}
+	Read       = []string{"get", "list", "watch"}
+	ReadUpdate = []string{"get", "list", "watch", "update", "patch"}
 
 	Label      = map[string]string{"kubernetes.io/bootstrapping": "rbac-defaults"}
 	Annotation = map[string]string{rbac.AutoUpdateAnnotationKey: "true"}
@@ -48,6 +49,7 @@ const (
 	storageGroup        = "storage.k8s.io"
 	resMetricsGroup     = "metrics.k8s.io"
 	customMetricsGroup  = "custom.metrics.k8s.io"
+	networkingGroup     = "networking.k8s.io"
 )
 
 func addDefaultMetadata(obj runtime.Object) {
@@ -144,6 +146,13 @@ func NodeRules() []rbac.PolicyRule {
 		nodePolicyRules = append(nodePolicyRules, pvcStatusPolicyRule)
 	}
 
+	if utilfeature.DefaultFeatureGate.Enabled(features.TokenRequest) {
+		// Use the Node authorization to limit a node to create tokens for service accounts running on that node
+		// Use the NodeRestriction admission plugin to limit a node to create tokens bound to pods on that node
+		tokenRequestRule := rbac.NewRule("create").Groups(legacyGroup).Resources("serviceaccounts/token").RuleOrDie()
+		nodePolicyRules = append(nodePolicyRules, tokenRequestRule)
+	}
+
 	// CSI
 	if utilfeature.DefaultFeatureGate.Enabled(features.CSIPersistentVolume) {
 		volAttachRule := rbac.NewRule("get").Groups(storageGroup).Resources("volumeattachments").RuleOrDie()
@@ -168,12 +177,13 @@ func ClusterRoles() []rbac.ClusterRole {
 			ObjectMeta: metav1.ObjectMeta{Name: "system:discovery"},
 			Rules: []rbac.PolicyRule{
 				rbac.NewRule("get").URLs(
-					"/healthz", "/version",
+					"/healthz", "/version", "/version/",
 					// remove once swagger 1.2 support is removed
 					"/swaggerapi", "/swaggerapi/*",
 					// do not expand this pattern for openapi discovery docs
 					// move to a single openapi endpoint that takes accept/accept-encoding headers
 					"/swagger.json", "/swagger-2.0.0.pb-v1",
+					"/openapi", "/openapi/*",
 					"/api", "/api/*",
 					"/apis", "/apis/*",
 				).RuleOrDie(),
@@ -237,10 +247,13 @@ func ClusterRoles() []rbac.ClusterRole {
 
 				rbac.NewRule(ReadWrite...).Groups(extensionsGroup).Resources("daemonsets",
 					"deployments", "deployments/scale", "deployments/rollback", "ingresses",
-					"replicasets", "replicasets/scale", "replicationcontrollers/scale").RuleOrDie(),
+					"replicasets", "replicasets/scale", "replicationcontrollers/scale",
+					"networkpolicies").RuleOrDie(),
 
 				rbac.NewRule(ReadWrite...).Groups(policyGroup).Resources("poddisruptionbudgets").RuleOrDie(),
 
+				rbac.NewRule(ReadWrite...).Groups(networkingGroup).Resources("networkpolicies").RuleOrDie(),
+
 				// additional admin powers
 				rbac.NewRule("create").Groups(authorizationGroup).Resources("localsubjectaccessreviews").RuleOrDie(),
 				rbac.NewRule(ReadWrite...).Groups(rbacGroup).Resources("roles", "rolebindings").RuleOrDie(),
@@ -273,9 +286,12 @@ func ClusterRoles() []rbac.ClusterRole {
 
 				rbac.NewRule(ReadWrite...).Groups(extensionsGroup).Resources("daemonsets",
 					"deployments", "deployments/scale", "deployments/rollback", "ingresses",
-					"replicasets", "replicasets/scale", "replicationcontrollers/scale").RuleOrDie(),
+					"replicasets", "replicasets/scale", "replicationcontrollers/scale",
+					"networkpolicies").RuleOrDie(),
 
 				rbac.NewRule(ReadWrite...).Groups(policyGroup).Resources("poddisruptionbudgets").RuleOrDie(),
+
+				rbac.NewRule(ReadWrite...).Groups(networkingGroup).Resources("networkpolicies").RuleOrDie(),
 			},
 		},
 		{
@@ -301,9 +317,12 @@ func ClusterRoles() []rbac.ClusterRole {
 				rbac.NewRule(Read...).Groups(batchGroup).Resources("jobs", "cronjobs").RuleOrDie(),
 
 				rbac.NewRule(Read...).Groups(extensionsGroup).Resources("daemonsets", "deployments", "deployments/scale",
-					"ingresses", "replicasets", "replicasets/scale", "replicationcontrollers/scale").RuleOrDie(),
+					"ingresses", "replicasets", "replicasets/scale", "replicationcontrollers/scale",
+					"networkpolicies").RuleOrDie(),
 
 				rbac.NewRule(Read...).Groups(policyGroup).Resources("poddisruptionbudgets").RuleOrDie(),
+
+				rbac.NewRule(Read...).Groups(networkingGroup).Resources("networkpolicies").RuleOrDie(),
 			},
 		},
 		{
@@ -340,6 +359,17 @@ func ClusterRoles() []rbac.ClusterRole {
 				eventsRule(),
 			},
 		},
+		{
+			// a role to use for full access to the kubelet API
+			ObjectMeta: metav1.ObjectMeta{Name: "system:kubelet-api-admin"},
+			Rules: []rbac.PolicyRule{
+				// Allow read-only access to the Node API objects
+				rbac.NewRule("get", "list", "watch").Groups(legacyGroup).Resources("nodes").RuleOrDie(),
+				// Allow all API calls to the nodes
+				rbac.NewRule("proxy").Groups(legacyGroup).Resources("nodes").RuleOrDie(),
+				rbac.NewRule("*").Groups(legacyGroup).Resources("nodes/proxy", "nodes/metrics", "nodes/spec", "nodes/stats", "nodes/log").RuleOrDie(),
+			},
+		},
 		{
 			// a role to use for bootstrapping a node's client certificates
 			ObjectMeta: metav1.ObjectMeta{Name: "system:node-bootstrapper"},
@@ -462,15 +492,13 @@ func ClusterRoles() []rbac.ClusterRole {
 	}
 
 	if utilfeature.DefaultFeatureGate.Enabled(features.VolumeScheduling) {
-		// Find the scheduler role
-		for i, role := range roles {
-			if role.Name == "system:kube-scheduler" {
-				pvRule := rbac.NewRule("update").Groups(legacyGroup).Resources("persistentvolumes").RuleOrDie()
-				scRule := rbac.NewRule(Read...).Groups(storageGroup).Resources("storageclasses").RuleOrDie()
-				roles[i].Rules = append(role.Rules, pvRule, scRule)
-				break
-			}
-		}
+		roles = append(roles, rbac.ClusterRole{
+			ObjectMeta: metav1.ObjectMeta{Name: "system:volume-scheduler"},
+			Rules: []rbac.PolicyRule{
+				rbac.NewRule(ReadUpdate...).Groups(legacyGroup).Resources("persistentvolumes").RuleOrDie(),
+				rbac.NewRule(Read...).Groups(storageGroup).Resources("storageclasses").RuleOrDie(),
+			},
+		})
 	}
 
 	addClusterRoleLabel(roles)
@@ -499,6 +527,10 @@ func ClusterRoleBindings() []rbac.ClusterRoleBinding {
 		},
 	}
 
+	if utilfeature.DefaultFeatureGate.Enabled(features.VolumeScheduling) {
+		rolebindings = append(rolebindings, rbac.NewClusterBinding("system:volume-scheduler").Users(user.KubeScheduler).BindingOrDie())
+	}
+
 	addClusterRoleBindingLabel(rolebindings)
 
 	return rolebindings
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/rbac.go b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/rbac.go
index 92094807630a..bb714a01a083 100644
--- a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/rbac.go
+++ b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/rbac.go
@@ -43,7 +43,7 @@ type RequestToRuleMapper interface {
 	// VisitRulesFor invokes visitor() with each rule that applies to a given user in a given namespace,
 	// and each error encountered resolving those rules. Rule may be nil if err is non-nil.
 	// If visitor() returns false, visiting is short-circuited.
-	VisitRulesFor(user user.Info, namespace string, visitor func(rule *rbac.PolicyRule, err error) bool)
+	VisitRulesFor(user user.Info, namespace string, visitor func(source fmt.Stringer, rule *rbac.PolicyRule, err error) bool)
 }
 
 type RBACAuthorizer struct {
@@ -55,12 +55,14 @@ type authorizingVisitor struct {
 	requestAttributes authorizer.Attributes
 
 	allowed bool
+	reason  string
 	errors  []error
 }
 
-func (v *authorizingVisitor) visit(rule *rbac.PolicyRule, err error) bool {
+func (v *authorizingVisitor) visit(source fmt.Stringer, rule *rbac.PolicyRule, err error) bool {
 	if rule != nil && RuleAllows(v.requestAttributes, rule) {
 		v.allowed = true
+		v.reason = fmt.Sprintf("allowed by %s", source.String())
 		return false
 	}
 	if err != nil {
@@ -74,12 +76,12 @@ func (r *RBACAuthorizer) Authorize(requestAttributes authorizer.Attributes) (aut
 
 	r.authorizationRuleResolver.VisitRulesFor(requestAttributes.GetUser(), requestAttributes.GetNamespace(), ruleCheckingVisitor.visit)
 	if ruleCheckingVisitor.allowed {
-		return authorizer.DecisionAllow, "", nil
+		return authorizer.DecisionAllow, ruleCheckingVisitor.reason, nil
 	}
 
 	// Build a detailed log of the denial.
 	// Make the whole block conditional so we don't do a lot of string-building we won't use.
-	if glog.V(2) {
+	if glog.V(5) {
 		var operation string
 		if requestAttributes.IsResourceRequest() {
 			b := &bytes.Buffer{}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates/error.go b/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates/error.go
deleted file mode 100644
index a4450bc5643e..000000000000
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/predicates/error.go
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
-Copyright 2016 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package predicates
-
-import (
-	"fmt"
-
-	"k8s.io/api/core/v1"
-)
-
-var (
-	// The predicateName tries to be consistent as the predicate name used in DefaultAlgorithmProvider defined in
-	// defaults.go (which tend to be stable for backward compatibility)
-
-	// NOTE: If you add a new predicate failure error for a predicate that can never
-	// be made to pass by removing pods, or you change an existing predicate so that
-	// it can never be made to pass by removing pods, you need to add the predicate
-	// failure error in nodesWherePreemptionMightHelp() in scheduler/core/generic_scheduler.go
-	ErrDiskConflict                          = newPredicateFailureError("NoDiskConflict")
-	ErrVolumeZoneConflict                    = newPredicateFailureError("NoVolumeZoneConflict")
-	ErrNodeSelectorNotMatch                  = newPredicateFailureError("MatchNodeSelector")
-	ErrPodAffinityNotMatch                   = newPredicateFailureError("MatchInterPodAffinity")
-	ErrPodAffinityRulesNotMatch              = newPredicateFailureError("PodAffinityRulesNotMatch")
-	ErrPodAntiAffinityRulesNotMatch          = newPredicateFailureError("PodAntiAffinityRulesNotMatch")
-	ErrExistingPodsAntiAffinityRulesNotMatch = newPredicateFailureError("ExistingPodsAntiAffinityRulesNotMatch")
-	ErrTaintsTolerationsNotMatch             = newPredicateFailureError("PodToleratesNodeTaints")
-	ErrPodNotMatchHostName                   = newPredicateFailureError("HostName")
-	ErrPodNotFitsHostPorts                   = newPredicateFailureError("PodFitsHostPorts")
-	ErrNodeLabelPresenceViolated             = newPredicateFailureError("CheckNodeLabelPresence")
-	ErrServiceAffinityViolated               = newPredicateFailureError("CheckServiceAffinity")
-	ErrMaxVolumeCountExceeded                = newPredicateFailureError("MaxVolumeCount")
-	ErrNodeUnderMemoryPressure               = newPredicateFailureError("NodeUnderMemoryPressure")
-	ErrNodeUnderDiskPressure                 = newPredicateFailureError("NodeUnderDiskPressure")
-	ErrNodeOutOfDisk                         = newPredicateFailureError("NodeOutOfDisk")
-	ErrNodeNotReady                          = newPredicateFailureError("NodeNotReady")
-	ErrNodeNetworkUnavailable                = newPredicateFailureError("NodeNetworkUnavailable")
-	ErrNodeUnschedulable                     = newPredicateFailureError("NodeUnschedulable")
-	ErrNodeUnknownCondition                  = newPredicateFailureError("NodeUnknownCondition")
-	ErrVolumeNodeConflict                    = newPredicateFailureError("VolumeNodeAffinityConflict")
-	ErrVolumeBindConflict                    = newPredicateFailureError("VolumeBindingNoMatch")
-	// ErrFakePredicate is used for test only. The fake predicates returning false also returns error
-	// as ErrFakePredicate.
-	ErrFakePredicate = newPredicateFailureError("FakePredicateError")
-)
-
-// InsufficientResourceError is an error type that indicates what kind of resource limit is
-// hit and caused the unfitting failure.
-type InsufficientResourceError struct {
-	// resourceName is the name of the resource that is insufficient
-	ResourceName v1.ResourceName
-	requested    int64
-	used         int64
-	capacity     int64
-}
-
-func NewInsufficientResourceError(resourceName v1.ResourceName, requested, used, capacity int64) *InsufficientResourceError {
-	return &InsufficientResourceError{
-		ResourceName: resourceName,
-		requested:    requested,
-		used:         used,
-		capacity:     capacity,
-	}
-}
-
-func (e *InsufficientResourceError) Error() string {
-	return fmt.Sprintf("Node didn't have enough resource: %s, requested: %d, used: %d, capacity: %d",
-		e.ResourceName, e.requested, e.used, e.capacity)
-}
-
-func (e *InsufficientResourceError) GetReason() string {
-	return fmt.Sprintf("Insufficient %v", e.ResourceName)
-}
-
-func (e *InsufficientResourceError) GetInsufficientAmount() int64 {
-	return e.requested - (e.capacity - e.used)
-}
-
-type PredicateFailureError struct {
-	PredicateName string
-}
-
-func newPredicateFailureError(predicateName string) *PredicateFailureError {
-	return &PredicateFailureError{PredicateName: predicateName}
-}
-
-func (e *PredicateFailureError) Error() string {
-	return fmt.Sprintf("Predicate %s failed", e.PredicateName)
-}
-
-func (e *PredicateFailureError) GetReason() string {
-	return e.PredicateName
-}
-
-type FailureReason struct {
-	reason string
-}
-
-func NewFailureReason(msg string) *FailureReason {
-	return &FailureReason{reason: msg}
-}
-
-func (e *FailureReason) GetReason() string {
-	return e.reason
-}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/balanced_resource_allocation.go b/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/balanced_resource_allocation.go
deleted file mode 100644
index 718282da11f7..000000000000
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/balanced_resource_allocation.go
+++ /dev/null
@@ -1,116 +0,0 @@
-/*
-Copyright 2016 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package priorities
-
-import (
-	"fmt"
-	"math"
-
-	"k8s.io/api/core/v1"
-	priorityutil "k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/util"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
-
-	"github.com/golang/glog"
-)
-
-// This is a reasonable size range of all container images. 90%ile of images on dockerhub drops into this range.
-const (
-	mb         int64 = 1024 * 1024
-	minImgSize int64 = 23 * mb
-	maxImgSize int64 = 1000 * mb
-)
-
-// Also used in most/least_requested nad metadata.
-// TODO: despaghettify it
-func getNonZeroRequests(pod *v1.Pod) *schedulercache.Resource {
-	result := &schedulercache.Resource{}
-	for i := range pod.Spec.Containers {
-		container := &pod.Spec.Containers[i]
-		cpu, memory := priorityutil.GetNonzeroRequests(&container.Resources.Requests)
-		result.MilliCPU += cpu
-		result.Memory += memory
-	}
-	return result
-}
-
-func calculateBalancedResourceAllocation(pod *v1.Pod, podRequests *schedulercache.Resource, nodeInfo *schedulercache.NodeInfo) (schedulerapi.HostPriority, error) {
-	node := nodeInfo.Node()
-	if node == nil {
-		return schedulerapi.HostPriority{}, fmt.Errorf("node not found")
-	}
-
-	allocatableResources := nodeInfo.AllocatableResource()
-	totalResources := *podRequests
-	totalResources.MilliCPU += nodeInfo.NonZeroRequest().MilliCPU
-	totalResources.Memory += nodeInfo.NonZeroRequest().Memory
-
-	cpuFraction := fractionOfCapacity(totalResources.MilliCPU, allocatableResources.MilliCPU)
-	memoryFraction := fractionOfCapacity(totalResources.Memory, allocatableResources.Memory)
-	score := int(0)
-	if cpuFraction >= 1 || memoryFraction >= 1 {
-		// if requested >= capacity, the corresponding host should never be preferred.
-		score = 0
-	} else {
-		// Upper and lower boundary of difference between cpuFraction and memoryFraction are -1 and 1
-		// respectively. Multilying the absolute value of the difference by 10 scales the value to
-		// 0-10 with 0 representing well balanced allocation and 10 poorly balanced. Subtracting it from
-		// 10 leads to the score which also scales from 0 to 10 while 10 representing well balanced.
-		diff := math.Abs(cpuFraction - memoryFraction)
-		score = int((1 - diff) * float64(schedulerapi.MaxPriority))
-	}
-	if glog.V(10) {
-		// We explicitly don't do glog.V(10).Infof() to avoid computing all the parameters if this is
-		// not logged. There is visible performance gain from it.
-		glog.V(10).Infof(
-			"%v -> %v: Balanced Resource Allocation, capacity %d millicores %d memory bytes, total request %d millicores %d memory bytes, score %d",
-			pod.Name, node.Name,
-			allocatableResources.MilliCPU, allocatableResources.Memory,
-			totalResources.MilliCPU, totalResources.Memory,
-			score,
-		)
-	}
-
-	return schedulerapi.HostPriority{
-		Host:  node.Name,
-		Score: score,
-	}, nil
-}
-
-func fractionOfCapacity(requested, capacity int64) float64 {
-	if capacity == 0 {
-		return 1
-	}
-	return float64(requested) / float64(capacity)
-}
-
-// BalancedResourceAllocationMap favors nodes with balanced resource usage rate.
-// BalancedResourceAllocationMap should **NOT** be used alone, and **MUST** be used together with LeastRequestedPriority.
-// It calculates the difference between the cpu and memory fraction of capacity, and prioritizes the host based on how
-// close the two metrics are to each other.
-// Detail: score = 10 - abs(cpuFraction-memoryFraction)*10. The algorithm is partly inspired by:
-// "Wei Huang et al. An Energy Efficient Virtual Machine Placement Algorithm with Balanced Resource Utilization"
-func BalancedResourceAllocationMap(pod *v1.Pod, meta interface{}, nodeInfo *schedulercache.NodeInfo) (schedulerapi.HostPriority, error) {
-	var nonZeroRequest *schedulercache.Resource
-	if priorityMeta, ok := meta.(*priorityMetadata); ok {
-		nonZeroRequest = priorityMeta.nonZeroRequest
-	} else {
-		// We couldn't parse metadatat - fallback to computing it.
-		nonZeroRequest = getNonZeroRequests(pod)
-	}
-	return calculateBalancedResourceAllocation(pod, nonZeroRequest, nodeInfo)
-}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/least_requested.go b/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/least_requested.go
deleted file mode 100644
index 743064516388..000000000000
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/least_requested.go
+++ /dev/null
@@ -1,91 +0,0 @@
-/*
-Copyright 2016 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package priorities
-
-import (
-	"fmt"
-
-	"k8s.io/api/core/v1"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
-
-	"github.com/golang/glog"
-)
-
-// LeastRequestedPriority is a priority function that favors nodes with fewer requested resources.
-// It calculates the percentage of memory and CPU requested by pods scheduled on the node, and prioritizes
-// based on the minimum of the average of the fraction of requested to capacity.
-// Details: cpu((capacity - sum(requested)) * 10 / capacity) + memory((capacity - sum(requested)) * 10 / capacity) / 2
-func LeastRequestedPriorityMap(pod *v1.Pod, meta interface{}, nodeInfo *schedulercache.NodeInfo) (schedulerapi.HostPriority, error) {
-	var nonZeroRequest *schedulercache.Resource
-	if priorityMeta, ok := meta.(*priorityMetadata); ok {
-		nonZeroRequest = priorityMeta.nonZeroRequest
-	} else {
-		// We couldn't parse metadata - fallback to computing it.
-		nonZeroRequest = getNonZeroRequests(pod)
-	}
-	return calculateUnusedPriority(pod, nonZeroRequest, nodeInfo)
-}
-
-// The unused capacity is calculated on a scale of 0-10
-// 0 being the lowest priority and 10 being the highest.
-// The more unused resources the higher the score is.
-func calculateUnusedScore(requested int64, capacity int64, node string) int64 {
-	if capacity == 0 {
-		return 0
-	}
-	if requested > capacity {
-		glog.V(10).Infof("Combined requested resources %d from existing pods exceeds capacity %d on node %s",
-			requested, capacity, node)
-		return 0
-	}
-	return ((capacity - requested) * int64(schedulerapi.MaxPriority)) / capacity
-}
-
-// Calculates host priority based on the amount of unused resources.
-// 'node' has information about the resources on the node.
-// 'pods' is a list of pods currently scheduled on the node.
-func calculateUnusedPriority(pod *v1.Pod, podRequests *schedulercache.Resource, nodeInfo *schedulercache.NodeInfo) (schedulerapi.HostPriority, error) {
-	node := nodeInfo.Node()
-	if node == nil {
-		return schedulerapi.HostPriority{}, fmt.Errorf("node not found")
-	}
-
-	allocatableResources := nodeInfo.AllocatableResource()
-	totalResources := *podRequests
-	totalResources.MilliCPU += nodeInfo.NonZeroRequest().MilliCPU
-	totalResources.Memory += nodeInfo.NonZeroRequest().Memory
-
-	cpuScore := calculateUnusedScore(totalResources.MilliCPU, allocatableResources.MilliCPU, node.Name)
-	memoryScore := calculateUnusedScore(totalResources.Memory, allocatableResources.Memory, node.Name)
-	if glog.V(10) {
-		// We explicitly don't do glog.V(10).Infof() to avoid computing all the parameters if this is
-		// not logged. There is visible performance gain from it.
-		glog.V(10).Infof(
-			"%v -> %v: Least Requested Priority, capacity %d millicores %d memory bytes, total request %d millicores %d memory bytes, score %d CPU %d memory",
-			pod.Name, node.Name,
-			allocatableResources.MilliCPU, allocatableResources.Memory,
-			totalResources.MilliCPU, totalResources.Memory,
-			cpuScore, memoryScore,
-		)
-	}
-
-	return schedulerapi.HostPriority{
-		Host:  node.Name,
-		Score: int((cpuScore + memoryScore) / 2),
-	}, nil
-}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/most_requested.go b/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/most_requested.go
deleted file mode 100644
index 4245d4938baf..000000000000
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/priorities/most_requested.go
+++ /dev/null
@@ -1,94 +0,0 @@
-/*
-Copyright 2016 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package priorities
-
-import (
-	"fmt"
-
-	"k8s.io/api/core/v1"
-	schedulerapi "k8s.io/kubernetes/plugin/pkg/scheduler/api"
-	"k8s.io/kubernetes/plugin/pkg/scheduler/schedulercache"
-
-	"github.com/golang/glog"
-)
-
-// MostRequestedPriority is a priority function that favors nodes with most requested resources.
-// It calculates the percentage of memory and CPU requested by pods scheduled on the node, and prioritizes
-// based on the maximum of the average of the fraction of requested to capacity.
-// Details: (cpu(10 * sum(requested) / capacity) + memory(10 * sum(requested) / capacity)) / 2
-func MostRequestedPriorityMap(pod *v1.Pod, meta interface{}, nodeInfo *schedulercache.NodeInfo) (schedulerapi.HostPriority, error) {
-	var nonZeroRequest *schedulercache.Resource
-	if priorityMeta, ok := meta.(*priorityMetadata); ok {
-		nonZeroRequest = priorityMeta.nonZeroRequest
-	} else {
-		// We couldn't parse metadatat - fallback to computing it.
-		nonZeroRequest = getNonZeroRequests(pod)
-	}
-	return calculateUsedPriority(pod, nonZeroRequest, nodeInfo)
-}
-
-// The used capacity is calculated on a scale of 0-10
-// 0 being the lowest priority and 10 being the highest.
-// The more resources are used the higher the score is. This function
-// is almost a reversed version of least_requested_priority.calculatUnusedScore
-// (10 - calculateUnusedScore). The main difference is in rounding. It was added to
-// keep the final formula clean and not to modify the widely used (by users
-// in their default scheduling policies) calculateUSedScore.
-func calculateUsedScore(requested int64, capacity int64, node string) int64 {
-	if capacity == 0 {
-		return 0
-	}
-	if requested > capacity {
-		glog.V(10).Infof("Combined requested resources %d from existing pods exceeds capacity %d on node %s",
-			requested, capacity, node)
-		return 0
-	}
-	return (requested * schedulerapi.MaxPriority) / capacity
-}
-
-// Calculate the resource used on a node.  'node' has information about the resources on the node.
-// 'pods' is a list of pods currently scheduled on the node.
-func calculateUsedPriority(pod *v1.Pod, podRequests *schedulercache.Resource, nodeInfo *schedulercache.NodeInfo) (schedulerapi.HostPriority, error) {
-	node := nodeInfo.Node()
-	if node == nil {
-		return schedulerapi.HostPriority{}, fmt.Errorf("node not found")
-	}
-
-	allocatableResources := nodeInfo.AllocatableResource()
-	totalResources := *podRequests
-	totalResources.MilliCPU += nodeInfo.NonZeroRequest().MilliCPU
-	totalResources.Memory += nodeInfo.NonZeroRequest().Memory
-
-	cpuScore := calculateUsedScore(totalResources.MilliCPU, allocatableResources.MilliCPU, node.Name)
-	memoryScore := calculateUsedScore(totalResources.Memory, allocatableResources.Memory, node.Name)
-	if glog.V(10) {
-		// We explicitly don't do glog.V(10).Infof() to avoid computing all the parameters if this is
-		// not logged. There is visible performance gain from it.
-		glog.V(10).Infof(
-			"%v -> %v: Most Requested Priority, capacity %d millicores %d memory bytes, total request %d millicores %d memory bytes, score %d CPU %d memory",
-			pod.Name, node.Name,
-			allocatableResources.MilliCPU, allocatableResources.Memory,
-			totalResources.MilliCPU, totalResources.Memory,
-			cpuScore, memoryScore,
-		)
-	}
-
-	return schedulerapi.HostPriority{
-		Host:  node.Name,
-		Score: int((cpuScore + memoryScore) / 2),
-	}, nil
-}
diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/well_known_labels.go b/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/well_known_labels.go
deleted file mode 100644
index bffe40a08858..000000000000
--- a/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithm/well_known_labels.go
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
-Copyright 2015 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package algorithm
-
-const (
-	// When feature-gate for TaintBasedEvictions=true flag is enabled,
-	// TaintNodeNotReady would be automatically added by node controller
-	// when node is not ready, and removed when node becomes ready.
-	TaintNodeNotReady = "node.kubernetes.io/not-ready"
-
-	// DeprecatedTaintNodeNotReady is the deprecated version of TaintNodeNotReady.
-	// It is deprecated since 1.9
-	DeprecatedTaintNodeNotReady = "node.alpha.kubernetes.io/notReady"
-
-	// When feature-gate for TaintBasedEvictions=true flag is enabled,
-	// TaintNodeUnreachable would be automatically added by node controller
-	// when node becomes unreachable (corresponding to NodeReady status ConditionUnknown)
-	// and removed when node becomes reachable (NodeReady status ConditionTrue).
-	TaintNodeUnreachable = "node.kubernetes.io/unreachable"
-
-	// DeprecatedTaintNodeUnreachable is the deprecated version of TaintNodeUnreachable.
-	// It is deprecated since 1.9
-	DeprecatedTaintNodeUnreachable = "node.alpha.kubernetes.io/unreachable"
-
-	// When feature-gate for TaintBasedEvictions=true flag is enabled,
-	// TaintNodeOutOfDisk would be automatically added by node controller
-	// when node becomes out of disk, and removed when node has enough disk.
-	TaintNodeOutOfDisk = "node.kubernetes.io/out-of-disk"
-
-	// When feature-gate for TaintBasedEvictions=true flag is enabled,
-	// TaintNodeMemoryPressure would be automatically added by node controller
-	// when node has memory pressure, and removed when node has enough memory.
-	TaintNodeMemoryPressure = "node.kubernetes.io/memory-pressure"
-
-	// When feature-gate for TaintBasedEvictions=true flag is enabled,
-	// TaintNodeDiskPressure would be automatically added by node controller
-	// when node has disk pressure, and removed when node has enough disk.
-	TaintNodeDiskPressure = "node.kubernetes.io/disk-pressure"
-
-	// When feature-gate for TaintBasedEvictions=true flag is enabled,
-	// TaintNodeNetworkUnavailable would be automatically added by node controller
-	// when node's network is unavailable, and removed when network becomes ready.
-	TaintNodeNetworkUnavailable = "node.kubernetes.io/network-unavailable"
-
-	// When kubelet is started with the "external" cloud provider, then
-	// it sets this taint on a node to mark it as unusable, until a controller
-	// from the cloud-controller-manager intitializes this node, and then removes
-	// the taint
-	TaintExternalCloudProvider = "node.cloudprovider.kubernetes.io/uninitialized"
-)
diff --git a/vendor/k8s.io/kubernetes/third_party/forked/golang/expansion/BUILD b/vendor/k8s.io/kubernetes/third_party/forked/golang/expansion/BUILD
index 41a2e08cc634..f1a85c7a4e58 100644
--- a/vendor/k8s.io/kubernetes/third_party/forked/golang/expansion/BUILD
+++ b/vendor/k8s.io/kubernetes/third_party/forked/golang/expansion/BUILD
@@ -17,8 +17,7 @@ go_library(
 go_test(
     name = "go_default_test",
     srcs = ["expand_test.go"],
-    importpath = "k8s.io/kubernetes/third_party/forked/golang/expansion",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//pkg/apis/core:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/kubernetes/third_party/forked/gonum/graph/simple/BUILD b/vendor/k8s.io/kubernetes/third_party/forked/gonum/graph/simple/BUILD
index d363239f26bd..f4dc20f13c9a 100644
--- a/vendor/k8s.io/kubernetes/third_party/forked/gonum/graph/simple/BUILD
+++ b/vendor/k8s.io/kubernetes/third_party/forked/gonum/graph/simple/BUILD
@@ -15,8 +15,7 @@ go_test(
         "edgeholder_test.go",
         "undirected_test.go",
     ],
-    importpath = "k8s.io/kubernetes/third_party/forked/gonum/graph/simple",
-    library = ":go_default_library",
+    embed = [":go_default_library"],
     deps = ["//third_party/forked/gonum/graph:go_default_library"],
 )
 
diff --git a/vendor/k8s.io/metrics/pkg/apis/custom_metrics/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/metrics/pkg/apis/custom_metrics/v1beta1/zz_generated.conversion.go
index e169bb0d739d..7c7134778bea 100644
--- a/vendor/k8s.io/metrics/pkg/apis/custom_metrics/v1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/metrics/pkg/apis/custom_metrics/v1beta1/zz_generated.conversion.go
@@ -16,15 +16,16 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	unsafe "unsafe"
+
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	custom_metrics "k8s.io/metrics/pkg/apis/custom_metrics"
-	unsafe "unsafe"
 )
 
 func init() {
diff --git a/vendor/k8s.io/metrics/pkg/apis/custom_metrics/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/metrics/pkg/apis/custom_metrics/v1beta1/zz_generated.deepcopy.go
index 00130c62909b..e32c52827114 100644
--- a/vendor/k8s.io/metrics/pkg/apis/custom_metrics/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/metrics/pkg/apis/custom_metrics/v1beta1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1beta1
 
@@ -57,9 +57,8 @@ func (in *MetricValue) DeepCopy() *MetricValue {
 func (in *MetricValue) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -91,7 +90,6 @@ func (in *MetricValueList) DeepCopy() *MetricValueList {
 func (in *MetricValueList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/metrics/pkg/apis/custom_metrics/zz_generated.deepcopy.go b/vendor/k8s.io/metrics/pkg/apis/custom_metrics/zz_generated.deepcopy.go
index a74e50b2ddb6..e361cf64a567 100644
--- a/vendor/k8s.io/metrics/pkg/apis/custom_metrics/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/metrics/pkg/apis/custom_metrics/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package custom_metrics
 
@@ -57,9 +57,8 @@ func (in *MetricValue) DeepCopy() *MetricValue {
 func (in *MetricValue) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -91,9 +90,8 @@ func (in *MetricValueList) DeepCopy() *MetricValueList {
 func (in *MetricValueList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
diff --git a/vendor/k8s.io/metrics/pkg/apis/external_metrics/BUILD b/vendor/k8s.io/metrics/pkg/apis/external_metrics/BUILD
new file mode 100644
index 000000000000..e728e0c7c0b6
--- /dev/null
+++ b/vendor/k8s.io/metrics/pkg/apis/external_metrics/BUILD
@@ -0,0 +1,40 @@
+package(default_visibility = ["//visibility:public"])
+
+load(
+    "@io_bazel_rules_go//go:def.bzl",
+    "go_library",
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "doc.go",
+        "register.go",
+        "types.go",
+        "zz_generated.deepcopy.go",
+    ],
+    importpath = "k8s.io/metrics/pkg/apis/external_metrics",
+    deps = [
+        "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [
+        ":package-srcs",
+        "//staging/src/k8s.io/metrics/pkg/apis/external_metrics/install:all-srcs",
+        "//staging/src/k8s.io/metrics/pkg/apis/external_metrics/v1beta1:all-srcs",
+    ],
+    tags = ["automanaged"],
+)
diff --git a/vendor/k8s.io/metrics/pkg/apis/external_metrics/doc.go b/vendor/k8s.io/metrics/pkg/apis/external_metrics/doc.go
new file mode 100644
index 000000000000..c450a1e3b64c
--- /dev/null
+++ b/vendor/k8s.io/metrics/pkg/apis/external_metrics/doc.go
@@ -0,0 +1,19 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// +k8s:deepcopy-gen=package
+// +groupName=external.metrics.k8s.io
+package external_metrics
diff --git a/vendor/k8s.io/metrics/pkg/apis/external_metrics/register.go b/vendor/k8s.io/metrics/pkg/apis/external_metrics/register.go
new file mode 100644
index 000000000000..33dca86c9aea
--- /dev/null
+++ b/vendor/k8s.io/metrics/pkg/apis/external_metrics/register.go
@@ -0,0 +1,51 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package external_metrics
+
+import (
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+// GroupName is the group name use in this package
+const GroupName = "external.metrics.k8s.io"
+
+// SchemeGroupVersion is group version used to register these objects
+var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}
+
+// Kind takes an unqualified kind and returns back a Group qualified GroupKind
+func Kind(kind string) schema.GroupKind {
+	return SchemeGroupVersion.WithKind(kind).GroupKind()
+}
+
+// Resource takes an unqualified resource and returns back a Group qualified GroupResource
+func Resource(resource string) schema.GroupResource {
+	return SchemeGroupVersion.WithResource(resource).GroupResource()
+}
+
+var (
+	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
+	AddToScheme   = SchemeBuilder.AddToScheme
+)
+
+func addKnownTypes(scheme *runtime.Scheme) error {
+	scheme.AddKnownTypes(SchemeGroupVersion,
+		&ExternalMetricValue{},
+		&ExternalMetricValueList{},
+	)
+	return nil
+}
diff --git a/vendor/k8s.io/metrics/pkg/apis/external_metrics/types.go b/vendor/k8s.io/metrics/pkg/apis/external_metrics/types.go
new file mode 100644
index 000000000000..2a9c6e3923d1
--- /dev/null
+++ b/vendor/k8s.io/metrics/pkg/apis/external_metrics/types.go
@@ -0,0 +1,60 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package external_metrics
+
+import (
+	"k8s.io/apimachinery/pkg/api/resource"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// a list of values for a given metric for some set labels
+type ExternalMetricValueList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+
+	// value of the metric matching a given set of labels
+	Items []ExternalMetricValue `json:"items"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// a metric value for external metric
+// A single metric value is identified by metric name and a set of string labels.
+// For one metric there can be multiple values with different sets of labels.
+type ExternalMetricValue struct {
+	metav1.TypeMeta `json:",inline"`
+
+	// the name of the metric
+	MetricName string `json:"metricName"`
+
+	// a set of labels that identify a single time series for the metric
+	MetricLabels map[string]string `json:"metricLabels"`
+
+	// indicates the time at which the metrics were produced
+	Timestamp metav1.Time `json:"timestamp"`
+
+	// indicates the window ([Timestamp-Window, Timestamp]) from
+	// which these metrics were calculated, when returning rate
+	// metrics calculated from cumulative metrics (or zero for
+	// non-calculated instantaneous metrics).
+	WindowSeconds *int64 `json:"window,omitempty"`
+
+	// the value of the metric
+	Value resource.Quantity `json:"value"`
+}
diff --git a/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/BUILD b/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/BUILD
new file mode 100644
index 000000000000..ea25f623932c
--- /dev/null
+++ b/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/BUILD
@@ -0,0 +1,47 @@
+package(default_visibility = ["//visibility:public"])
+
+load(
+    "@io_bazel_rules_go//go:def.bzl",
+    "go_library",
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "doc.go",
+        "generated.pb.go",
+        "register.go",
+        "types.go",
+        "zz_generated.conversion.go",
+        "zz_generated.deepcopy.go",
+    ],
+    importpath = "k8s.io/metrics/pkg/apis/external_metrics/v1beta1",
+    deps = [
+        "//vendor/github.com/gogo/protobuf/proto:go_default_library",
+        "//vendor/github.com/gogo/protobuf/sortkeys:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/conversion:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
+        "//vendor/k8s.io/metrics/pkg/apis/external_metrics:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+)
+
+filegroup(
+    name = "go_default_library_protos",
+    srcs = ["generated.proto"],
+)
diff --git a/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/doc.go b/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/doc.go
new file mode 100644
index 000000000000..70acd67cd69d
--- /dev/null
+++ b/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/doc.go
@@ -0,0 +1,21 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// +k8s:deepcopy-gen=package
+// +k8s:conversion-gen=k8s.io/metrics/pkg/apis/external_metrics
+// +k8s:openapi-gen=true
+
+package v1beta1
diff --git a/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/generated.pb.go b/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/generated.pb.go
new file mode 100644
index 000000000000..71b70dc9615d
--- /dev/null
+++ b/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/generated.pb.go
@@ -0,0 +1,823 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by protoc-gen-gogo.
+// source: k8s.io/kubernetes/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/generated.proto
+// DO NOT EDIT!
+
+/*
+	Package v1beta1 is a generated protocol buffer package.
+
+	It is generated from these files:
+		k8s.io/kubernetes/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/generated.proto
+
+	It has these top-level messages:
+		ExternalMetricValue
+		ExternalMetricValueList
+*/
+package v1beta1
+
+import proto "github.com/gogo/protobuf/proto"
+import fmt "fmt"
+import math "math"
+
+import github_com_gogo_protobuf_sortkeys "github.com/gogo/protobuf/sortkeys"
+
+import strings "strings"
+import reflect "reflect"
+
+import io "io"
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = fmt.Errorf
+var _ = math.Inf
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the proto package it is being compiled against.
+// A compilation error at this line likely means your copy of the
+// proto package needs to be updated.
+const _ = proto.GoGoProtoPackageIsVersion2 // please upgrade the proto package
+
+func (m *ExternalMetricValue) Reset()                    { *m = ExternalMetricValue{} }
+func (*ExternalMetricValue) ProtoMessage()               {}
+func (*ExternalMetricValue) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{0} }
+
+func (m *ExternalMetricValueList) Reset()                    { *m = ExternalMetricValueList{} }
+func (*ExternalMetricValueList) ProtoMessage()               {}
+func (*ExternalMetricValueList) Descriptor() ([]byte, []int) { return fileDescriptorGenerated, []int{1} }
+
+func init() {
+	proto.RegisterType((*ExternalMetricValue)(nil), "k8s.io.metrics.pkg.apis.external_metrics.v1beta1.ExternalMetricValue")
+	proto.RegisterType((*ExternalMetricValueList)(nil), "k8s.io.metrics.pkg.apis.external_metrics.v1beta1.ExternalMetricValueList")
+}
+func (m *ExternalMetricValue) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ExternalMetricValue) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.MetricName)))
+	i += copy(dAtA[i:], m.MetricName)
+	if len(m.MetricLabels) > 0 {
+		keysForMetricLabels := make([]string, 0, len(m.MetricLabels))
+		for k := range m.MetricLabels {
+			keysForMetricLabels = append(keysForMetricLabels, string(k))
+		}
+		github_com_gogo_protobuf_sortkeys.Strings(keysForMetricLabels)
+		for _, k := range keysForMetricLabels {
+			dAtA[i] = 0x12
+			i++
+			v := m.MetricLabels[string(k)]
+			mapSize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + len(v) + sovGenerated(uint64(len(v)))
+			i = encodeVarintGenerated(dAtA, i, uint64(mapSize))
+			dAtA[i] = 0xa
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(len(k)))
+			i += copy(dAtA[i:], k)
+			dAtA[i] = 0x12
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(len(v)))
+			i += copy(dAtA[i:], v)
+		}
+	}
+	dAtA[i] = 0x1a
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Timestamp.Size()))
+	n1, err := m.Timestamp.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n1
+	if m.WindowSeconds != nil {
+		dAtA[i] = 0x20
+		i++
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.WindowSeconds))
+	}
+	dAtA[i] = 0x2a
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Value.Size()))
+	n2, err := m.Value.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n2
+	return i, nil
+}
+
+func (m *ExternalMetricValueList) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalTo(dAtA)
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ExternalMetricValueList) MarshalTo(dAtA []byte) (int, error) {
+	var i int
+	_ = i
+	var l int
+	_ = l
+	dAtA[i] = 0xa
+	i++
+	i = encodeVarintGenerated(dAtA, i, uint64(m.ListMeta.Size()))
+	n3, err := m.ListMeta.MarshalTo(dAtA[i:])
+	if err != nil {
+		return 0, err
+	}
+	i += n3
+	if len(m.Items) > 0 {
+		for _, msg := range m.Items {
+			dAtA[i] = 0x12
+			i++
+			i = encodeVarintGenerated(dAtA, i, uint64(msg.Size()))
+			n, err := msg.MarshalTo(dAtA[i:])
+			if err != nil {
+				return 0, err
+			}
+			i += n
+		}
+	}
+	return i, nil
+}
+
+func encodeFixed64Generated(dAtA []byte, offset int, v uint64) int {
+	dAtA[offset] = uint8(v)
+	dAtA[offset+1] = uint8(v >> 8)
+	dAtA[offset+2] = uint8(v >> 16)
+	dAtA[offset+3] = uint8(v >> 24)
+	dAtA[offset+4] = uint8(v >> 32)
+	dAtA[offset+5] = uint8(v >> 40)
+	dAtA[offset+6] = uint8(v >> 48)
+	dAtA[offset+7] = uint8(v >> 56)
+	return offset + 8
+}
+func encodeFixed32Generated(dAtA []byte, offset int, v uint32) int {
+	dAtA[offset] = uint8(v)
+	dAtA[offset+1] = uint8(v >> 8)
+	dAtA[offset+2] = uint8(v >> 16)
+	dAtA[offset+3] = uint8(v >> 24)
+	return offset + 4
+}
+func encodeVarintGenerated(dAtA []byte, offset int, v uint64) int {
+	for v >= 1<<7 {
+		dAtA[offset] = uint8(v&0x7f | 0x80)
+		v >>= 7
+		offset++
+	}
+	dAtA[offset] = uint8(v)
+	return offset + 1
+}
+func (m *ExternalMetricValue) Size() (n int) {
+	var l int
+	_ = l
+	l = len(m.MetricName)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.MetricLabels) > 0 {
+		for k, v := range m.MetricLabels {
+			_ = k
+			_ = v
+			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + len(v) + sovGenerated(uint64(len(v)))
+			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
+		}
+	}
+	l = m.Timestamp.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.WindowSeconds != nil {
+		n += 1 + sovGenerated(uint64(*m.WindowSeconds))
+	}
+	l = m.Value.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *ExternalMetricValueList) Size() (n int) {
+	var l int
+	_ = l
+	l = m.ListMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Items) > 0 {
+		for _, e := range m.Items {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func sovGenerated(x uint64) (n int) {
+	for {
+		n++
+		x >>= 7
+		if x == 0 {
+			break
+		}
+	}
+	return n
+}
+func sozGenerated(x uint64) (n int) {
+	return sovGenerated(uint64((x << 1) ^ uint64((int64(x) >> 63))))
+}
+func (this *ExternalMetricValue) String() string {
+	if this == nil {
+		return "nil"
+	}
+	keysForMetricLabels := make([]string, 0, len(this.MetricLabels))
+	for k := range this.MetricLabels {
+		keysForMetricLabels = append(keysForMetricLabels, k)
+	}
+	github_com_gogo_protobuf_sortkeys.Strings(keysForMetricLabels)
+	mapStringForMetricLabels := "map[string]string{"
+	for _, k := range keysForMetricLabels {
+		mapStringForMetricLabels += fmt.Sprintf("%v: %v,", k, this.MetricLabels[k])
+	}
+	mapStringForMetricLabels += "}"
+	s := strings.Join([]string{`&ExternalMetricValue{`,
+		`MetricName:` + fmt.Sprintf("%v", this.MetricName) + `,`,
+		`MetricLabels:` + mapStringForMetricLabels + `,`,
+		`Timestamp:` + strings.Replace(strings.Replace(this.Timestamp.String(), "Time", "k8s_io_apimachinery_pkg_apis_meta_v1.Time", 1), `&`, ``, 1) + `,`,
+		`WindowSeconds:` + valueToStringGenerated(this.WindowSeconds) + `,`,
+		`Value:` + strings.Replace(strings.Replace(this.Value.String(), "Quantity", "k8s_io_apimachinery_pkg_api_resource.Quantity", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ExternalMetricValueList) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ExternalMetricValueList{`,
+		`ListMeta:` + strings.Replace(strings.Replace(this.ListMeta.String(), "ListMeta", "k8s_io_apimachinery_pkg_apis_meta_v1.ListMeta", 1), `&`, ``, 1) + `,`,
+		`Items:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Items), "ExternalMetricValue", "ExternalMetricValue", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func valueToStringGenerated(v interface{}) string {
+	rv := reflect.ValueOf(v)
+	if rv.IsNil() {
+		return "nil"
+	}
+	pv := reflect.Indirect(rv).Interface()
+	return fmt.Sprintf("*%v", pv)
+}
+func (m *ExternalMetricValue) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ExternalMetricValue: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ExternalMetricValue: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field MetricName", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.MetricName = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field MetricLabels", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			var keykey uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				keykey |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			var stringLenmapkey uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLenmapkey |= (uint64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLenmapkey := int(stringLenmapkey)
+			if intStringLenmapkey < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postStringIndexmapkey := iNdEx + intStringLenmapkey
+			if postStringIndexmapkey > l {
+				return io.ErrUnexpectedEOF
+			}
+			mapkey := string(dAtA[iNdEx:postStringIndexmapkey])
+			iNdEx = postStringIndexmapkey
+			if m.MetricLabels == nil {
+				m.MetricLabels = make(map[string]string)
+			}
+			if iNdEx < postIndex {
+				var valuekey uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					valuekey |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				var stringLenmapvalue uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					stringLenmapvalue |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				intStringLenmapvalue := int(stringLenmapvalue)
+				if intStringLenmapvalue < 0 {
+					return ErrInvalidLengthGenerated
+				}
+				postStringIndexmapvalue := iNdEx + intStringLenmapvalue
+				if postStringIndexmapvalue > l {
+					return io.ErrUnexpectedEOF
+				}
+				mapvalue := string(dAtA[iNdEx:postStringIndexmapvalue])
+				iNdEx = postStringIndexmapvalue
+				m.MetricLabels[mapkey] = mapvalue
+			} else {
+				var mapvalue string
+				m.MetricLabels[mapkey] = mapvalue
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Timestamp", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Timestamp.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 4:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field WindowSeconds", wireType)
+			}
+			var v int64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= (int64(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.WindowSeconds = &v
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Value.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ExternalMetricValueList) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ExternalMetricValueList: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ExternalMetricValueList: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Items = append(m.Items, ExternalMetricValue{})
+			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if skippy < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func skipGenerated(dAtA []byte) (n int, err error) {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return 0, ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return 0, io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		wireType := int(wire & 0x7)
+		switch wireType {
+		case 0:
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return 0, ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return 0, io.ErrUnexpectedEOF
+				}
+				iNdEx++
+				if dAtA[iNdEx-1] < 0x80 {
+					break
+				}
+			}
+			return iNdEx, nil
+		case 1:
+			iNdEx += 8
+			return iNdEx, nil
+		case 2:
+			var length int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return 0, ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return 0, io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				length |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			iNdEx += length
+			if length < 0 {
+				return 0, ErrInvalidLengthGenerated
+			}
+			return iNdEx, nil
+		case 3:
+			for {
+				var innerWire uint64
+				var start int = iNdEx
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return 0, ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return 0, io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					innerWire |= (uint64(b) & 0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				innerWireType := int(innerWire & 0x7)
+				if innerWireType == 4 {
+					break
+				}
+				next, err := skipGenerated(dAtA[start:])
+				if err != nil {
+					return 0, err
+				}
+				iNdEx = start + next
+			}
+			return iNdEx, nil
+		case 4:
+			return iNdEx, nil
+		case 5:
+			iNdEx += 4
+			return iNdEx, nil
+		default:
+			return 0, fmt.Errorf("proto: illegal wireType %d", wireType)
+		}
+	}
+	panic("unreachable")
+}
+
+var (
+	ErrInvalidLengthGenerated = fmt.Errorf("proto: negative length found during unmarshaling")
+	ErrIntOverflowGenerated   = fmt.Errorf("proto: integer overflow")
+)
+
+func init() {
+	proto.RegisterFile("k8s.io/kubernetes/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/generated.proto", fileDescriptorGenerated)
+}
+
+var fileDescriptorGenerated = []byte{
+	// 564 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x92, 0x4d, 0x6b, 0x13, 0x41,
+	0x18, 0xc7, 0x33, 0x8d, 0xd1, 0x66, 0xda, 0x42, 0xb3, 0x16, 0x0c, 0x39, 0x6c, 0x42, 0x4f, 0x51,
+	0xe8, 0x8c, 0x89, 0x22, 0xc5, 0x8b, 0xb0, 0x90, 0x83, 0xd0, 0x08, 0x6e, 0x8b, 0xc5, 0x17, 0x90,
+	0xc9, 0xe6, 0x71, 0x33, 0x26, 0xfb, 0xc2, 0xcc, 0x6c, 0x6a, 0x6e, 0x7e, 0x04, 0xfd, 0x56, 0x39,
+	0xf6, 0xd8, 0x53, 0x30, 0xdb, 0x8f, 0xe1, 0x45, 0x76, 0x77, 0xb6, 0x89, 0x49, 0x5f, 0x10, 0xbc,
+	0xcd, 0x33, 0xcf, 0xfc, 0xff, 0xcf, 0x6f, 0xfe, 0x33, 0xf8, 0xfd, 0xf0, 0x50, 0x12, 0x1e, 0xd0,
+	0x61, 0xd4, 0x03, 0xe1, 0x83, 0x02, 0x49, 0xc7, 0xe0, 0xf7, 0x03, 0x41, 0x75, 0xc3, 0x03, 0x25,
+	0xb8, 0x23, 0x69, 0x38, 0x74, 0x29, 0x0b, 0xb9, 0xa4, 0xf0, 0x4d, 0x81, 0xf0, 0xd9, 0xe8, 0x73,
+	0xde, 0x19, 0xb7, 0x7a, 0xa0, 0x58, 0x8b, 0xba, 0xe0, 0x83, 0x60, 0x0a, 0xfa, 0x24, 0x14, 0x81,
+	0x0a, 0x8c, 0xa7, 0x99, 0x03, 0xd1, 0xe7, 0x48, 0x38, 0x74, 0x49, 0xe2, 0x40, 0x56, 0x1d, 0x88,
+	0x76, 0xa8, 0x1d, 0xb8, 0x5c, 0x0d, 0xa2, 0x1e, 0x71, 0x02, 0x8f, 0xba, 0x81, 0x1b, 0xd0, 0xd4,
+	0xa8, 0x17, 0x7d, 0x49, 0xab, 0xb4, 0x48, 0x57, 0xd9, 0x80, 0xda, 0x73, 0x8d, 0xc8, 0x42, 0xee,
+	0x31, 0x67, 0xc0, 0x7d, 0x10, 0x93, 0x9c, 0x93, 0x0a, 0x90, 0x41, 0x24, 0x1c, 0x58, 0xc5, 0xba,
+	0x55, 0x25, 0x93, 0xeb, 0x32, 0x3a, 0x5e, 0xbb, 0x4c, 0x8d, 0xde, 0xa4, 0x12, 0x91, 0xaf, 0xb8,
+	0xb7, 0x3e, 0xe6, 0xc5, 0x5d, 0x02, 0xe9, 0x0c, 0xc0, 0x63, 0x6b, 0xba, 0x67, 0x37, 0xe9, 0x22,
+	0xc5, 0x47, 0x94, 0xfb, 0x4a, 0x2a, 0xb1, 0x2a, 0xda, 0xff, 0x5d, 0xc4, 0x0f, 0x3b, 0x3a, 0xd5,
+	0x6e, 0x1a, 0xea, 0x3b, 0x36, 0x8a, 0xc0, 0x68, 0x63, 0x9c, 0x65, 0xfc, 0x86, 0x79, 0x50, 0x45,
+	0x0d, 0xd4, 0x2c, 0x5b, 0xc6, 0x74, 0x56, 0x2f, 0xc4, 0xb3, 0x3a, 0xee, 0x5e, 0x75, 0xec, 0xa5,
+	0x53, 0xc6, 0x4f, 0x84, 0xb7, 0xb3, 0xf2, 0x88, 0xf5, 0x60, 0x24, 0xab, 0x1b, 0x8d, 0x62, 0x73,
+	0xab, 0x7d, 0x4a, 0xfe, 0xf5, 0x39, 0xc9, 0x35, 0x44, 0xa4, 0xbb, 0xe4, 0xdc, 0xf1, 0x95, 0x98,
+	0x58, 0x7b, 0x9a, 0x67, 0x7b, 0xb9, 0x65, 0xff, 0x85, 0x60, 0x7c, 0xc4, 0xe5, 0x24, 0x33, 0xa9,
+	0x98, 0x17, 0x56, 0x8b, 0x0d, 0xd4, 0xdc, 0x6a, 0x3f, 0xc9, 0x79, 0x96, 0x83, 0x5a, 0x40, 0x25,
+	0xef, 0x48, 0xc6, 0x2d, 0x72, 0xc2, 0x3d, 0xb0, 0x2a, 0x7a, 0x44, 0xf9, 0x24, 0x37, 0xb1, 0x17,
+	0x7e, 0xc6, 0x63, 0x7c, 0xff, 0x8c, 0xfb, 0xfd, 0xe0, 0xac, 0x7a, 0xaf, 0x81, 0x9a, 0x45, 0xab,
+	0x12, 0xcf, 0xea, 0x3b, 0xa7, 0xe9, 0xce, 0x31, 0x38, 0x81, 0xdf, 0x97, 0xb6, 0x3e, 0x60, 0x1c,
+	0xe3, 0xd2, 0x38, 0xb9, 0x46, 0xb5, 0x94, 0x32, 0x90, 0xdb, 0x18, 0x48, 0xfe, 0x03, 0xc9, 0xdb,
+	0x88, 0xf9, 0x8a, 0xab, 0x89, 0xb5, 0xa3, 0x39, 0x4a, 0x69, 0x16, 0x76, 0xe6, 0x55, 0x7b, 0x85,
+	0x2b, 0x6b, 0xa9, 0x18, 0xbb, 0xb8, 0x38, 0x84, 0x49, 0xf6, 0x64, 0x76, 0xb2, 0x34, 0xf6, 0xf2,
+	0xd9, 0x1b, 0xe9, 0x5e, 0x56, 0xbc, 0xdc, 0x38, 0x44, 0xfb, 0x97, 0x08, 0x3f, 0xba, 0x26, 0xeb,
+	0x23, 0x2e, 0x95, 0xf1, 0x09, 0x6f, 0x26, 0x51, 0xf4, 0x99, 0x62, 0xa9, 0xd9, 0x1d, 0xd0, 0x8b,
+	0xe0, 0x12, 0x75, 0x17, 0x14, 0xb3, 0x76, 0x35, 0xf4, 0x66, 0xbe, 0x63, 0x5f, 0x39, 0x1a, 0x5f,
+	0x71, 0x89, 0x2b, 0xf0, 0xf2, 0x3f, 0xd2, 0xf9, 0x2f, 0x7f, 0x64, 0x11, 0xd3, 0xeb, 0xc4, 0xdb,
+	0xce, 0x46, 0x58, 0x07, 0xd3, 0xb9, 0x59, 0x38, 0x9f, 0x9b, 0x85, 0x8b, 0xb9, 0x59, 0xf8, 0x1e,
+	0x9b, 0x68, 0x1a, 0x9b, 0xe8, 0x3c, 0x36, 0xd1, 0x45, 0x6c, 0xa2, 0x5f, 0xb1, 0x89, 0x7e, 0x5c,
+	0x9a, 0x85, 0x0f, 0x0f, 0xb4, 0xf1, 0x9f, 0x00, 0x00, 0x00, 0xff, 0xff, 0xf5, 0x48, 0x2f, 0x06,
+	0xd9, 0x04, 0x00, 0x00,
+}
diff --git a/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/generated.proto b/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/generated.proto
new file mode 100644
index 000000000000..2fb3f56378b1
--- /dev/null
+++ b/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/generated.proto
@@ -0,0 +1,63 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+
+// This file was autogenerated by go-to-protobuf. Do not edit it manually!
+
+syntax = 'proto2';
+
+package k8s.io.metrics.pkg.apis.external_metrics.v1beta1;
+
+import "k8s.io/apimachinery/pkg/api/resource/generated.proto";
+import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
+import "k8s.io/apimachinery/pkg/runtime/generated.proto";
+import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
+import "k8s.io/apimachinery/pkg/util/intstr/generated.proto";
+
+// Package-wide variables from generator "generated".
+option go_package = "v1beta1";
+
+// a metric value for external metric
+// A single metric value is identified by metric name and a set of string labels.
+// For one metric there can be multiple values with different sets of labels.
+message ExternalMetricValue {
+  // the name of the metric
+  optional string metricName = 1;
+
+  // a set of labels that identify a single time series for the metric
+  map<string, string> metricLabels = 2;
+
+  // indicates the time at which the metrics were produced
+  optional k8s.io.apimachinery.pkg.apis.meta.v1.Time timestamp = 3;
+
+  // indicates the window ([Timestamp-Window, Timestamp]) from
+  // which these metrics were calculated, when returning rate
+  // metrics calculated from cumulative metrics (or zero for
+  // non-calculated instantaneous metrics).
+  optional int64 window = 4;
+
+  // the value of the metric
+  optional k8s.io.apimachinery.pkg.api.resource.Quantity value = 5;
+}
+
+// a list of values for a given metric for some set labels
+message ExternalMetricValueList {
+  optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+  // value of the metric matching a given set of labels
+  repeated ExternalMetricValue items = 2;
+}
+
diff --git a/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/register.go b/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/register.go
new file mode 100644
index 000000000000..83f1e9e61210
--- /dev/null
+++ b/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/register.go
@@ -0,0 +1,49 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+// GroupName is the group name use in this package
+const GroupName = "external.metrics.k8s.io"
+
+// SchemeGroupVersion is group version used to register these objects
+var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1beta1"}
+
+// Resource takes an unqualified resource and returns a Group qualified GroupResource
+func Resource(resource string) schema.GroupResource {
+	return SchemeGroupVersion.WithResource(resource).GroupResource()
+}
+
+var (
+	SchemeBuilder      = runtime.NewSchemeBuilder(addKnownTypes)
+	localSchemeBuilder = &SchemeBuilder
+	AddToScheme        = localSchemeBuilder.AddToScheme
+)
+
+func addKnownTypes(scheme *runtime.Scheme) error {
+	scheme.AddKnownTypes(SchemeGroupVersion,
+		&ExternalMetricValue{},
+		&ExternalMetricValueList{},
+	)
+	metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
+	return nil
+}
diff --git a/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/types.go b/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/types.go
new file mode 100644
index 000000000000..edf78ed43d2e
--- /dev/null
+++ b/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/types.go
@@ -0,0 +1,60 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta1
+
+import (
+	"k8s.io/apimachinery/pkg/api/resource"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// a list of values for a given metric for some set labels
+type ExternalMetricValueList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// value of the metric matching a given set of labels
+	Items []ExternalMetricValue `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// a metric value for external metric
+// A single metric value is identified by metric name and a set of string labels.
+// For one metric there can be multiple values with different sets of labels.
+type ExternalMetricValue struct {
+	metav1.TypeMeta `json:",inline"`
+
+	// the name of the metric
+	MetricName string `json:"metricName" protobuf:"bytes,1,name=metricName"`
+
+	// a set of labels that identify a single time series for the metric
+	MetricLabels map[string]string `json:"metricLabels" protobuf:"bytes,2,rep,name=metricLabels"`
+
+	// indicates the time at which the metrics were produced
+	Timestamp metav1.Time `json:"timestamp" protobuf:"bytes,3,name=timestamp"`
+
+	// indicates the window ([Timestamp-Window, Timestamp]) from
+	// which these metrics were calculated, when returning rate
+	// metrics calculated from cumulative metrics (or zero for
+	// non-calculated instantaneous metrics).
+	WindowSeconds *int64 `json:"window,omitempty" protobuf:"bytes,4,opt,name=window"`
+
+	// the value of the metric
+	Value resource.Quantity `json:"value" protobuf:"bytes,5,name=value"`
+}
diff --git a/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/zz_generated.conversion.go
new file mode 100644
index 000000000000..3069dd064bb2
--- /dev/null
+++ b/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/zz_generated.conversion.go
@@ -0,0 +1,94 @@
+// +build !ignore_autogenerated
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by conversion-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	unsafe "unsafe"
+
+	conversion "k8s.io/apimachinery/pkg/conversion"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	external_metrics "k8s.io/metrics/pkg/apis/external_metrics"
+)
+
+func init() {
+	localSchemeBuilder.Register(RegisterConversions)
+}
+
+// RegisterConversions adds conversion functions to the given scheme.
+// Public to allow building arbitrary schemes.
+func RegisterConversions(scheme *runtime.Scheme) error {
+	return scheme.AddGeneratedConversionFuncs(
+		Convert_v1beta1_ExternalMetricValue_To_external_metrics_ExternalMetricValue,
+		Convert_external_metrics_ExternalMetricValue_To_v1beta1_ExternalMetricValue,
+		Convert_v1beta1_ExternalMetricValueList_To_external_metrics_ExternalMetricValueList,
+		Convert_external_metrics_ExternalMetricValueList_To_v1beta1_ExternalMetricValueList,
+	)
+}
+
+func autoConvert_v1beta1_ExternalMetricValue_To_external_metrics_ExternalMetricValue(in *ExternalMetricValue, out *external_metrics.ExternalMetricValue, s conversion.Scope) error {
+	out.MetricName = in.MetricName
+	out.MetricLabels = *(*map[string]string)(unsafe.Pointer(&in.MetricLabels))
+	out.Timestamp = in.Timestamp
+	out.WindowSeconds = (*int64)(unsafe.Pointer(in.WindowSeconds))
+	out.Value = in.Value
+	return nil
+}
+
+// Convert_v1beta1_ExternalMetricValue_To_external_metrics_ExternalMetricValue is an autogenerated conversion function.
+func Convert_v1beta1_ExternalMetricValue_To_external_metrics_ExternalMetricValue(in *ExternalMetricValue, out *external_metrics.ExternalMetricValue, s conversion.Scope) error {
+	return autoConvert_v1beta1_ExternalMetricValue_To_external_metrics_ExternalMetricValue(in, out, s)
+}
+
+func autoConvert_external_metrics_ExternalMetricValue_To_v1beta1_ExternalMetricValue(in *external_metrics.ExternalMetricValue, out *ExternalMetricValue, s conversion.Scope) error {
+	out.MetricName = in.MetricName
+	out.MetricLabels = *(*map[string]string)(unsafe.Pointer(&in.MetricLabels))
+	out.Timestamp = in.Timestamp
+	out.WindowSeconds = (*int64)(unsafe.Pointer(in.WindowSeconds))
+	out.Value = in.Value
+	return nil
+}
+
+// Convert_external_metrics_ExternalMetricValue_To_v1beta1_ExternalMetricValue is an autogenerated conversion function.
+func Convert_external_metrics_ExternalMetricValue_To_v1beta1_ExternalMetricValue(in *external_metrics.ExternalMetricValue, out *ExternalMetricValue, s conversion.Scope) error {
+	return autoConvert_external_metrics_ExternalMetricValue_To_v1beta1_ExternalMetricValue(in, out, s)
+}
+
+func autoConvert_v1beta1_ExternalMetricValueList_To_external_metrics_ExternalMetricValueList(in *ExternalMetricValueList, out *external_metrics.ExternalMetricValueList, s conversion.Scope) error {
+	out.ListMeta = in.ListMeta
+	out.Items = *(*[]external_metrics.ExternalMetricValue)(unsafe.Pointer(&in.Items))
+	return nil
+}
+
+// Convert_v1beta1_ExternalMetricValueList_To_external_metrics_ExternalMetricValueList is an autogenerated conversion function.
+func Convert_v1beta1_ExternalMetricValueList_To_external_metrics_ExternalMetricValueList(in *ExternalMetricValueList, out *external_metrics.ExternalMetricValueList, s conversion.Scope) error {
+	return autoConvert_v1beta1_ExternalMetricValueList_To_external_metrics_ExternalMetricValueList(in, out, s)
+}
+
+func autoConvert_external_metrics_ExternalMetricValueList_To_v1beta1_ExternalMetricValueList(in *external_metrics.ExternalMetricValueList, out *ExternalMetricValueList, s conversion.Scope) error {
+	out.ListMeta = in.ListMeta
+	out.Items = *(*[]ExternalMetricValue)(unsafe.Pointer(&in.Items))
+	return nil
+}
+
+// Convert_external_metrics_ExternalMetricValueList_To_v1beta1_ExternalMetricValueList is an autogenerated conversion function.
+func Convert_external_metrics_ExternalMetricValueList_To_v1beta1_ExternalMetricValueList(in *external_metrics.ExternalMetricValueList, out *ExternalMetricValueList, s conversion.Scope) error {
+	return autoConvert_external_metrics_ExternalMetricValueList_To_v1beta1_ExternalMetricValueList(in, out, s)
+}
diff --git a/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/zz_generated.deepcopy.go
new file mode 100644
index 000000000000..ba062b977e54
--- /dev/null
+++ b/vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1/zz_generated.deepcopy.go
@@ -0,0 +1,101 @@
+// +build !ignore_autogenerated
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by deepcopy-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	runtime "k8s.io/apimachinery/pkg/runtime"
+)
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExternalMetricValue) DeepCopyInto(out *ExternalMetricValue) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	if in.MetricLabels != nil {
+		in, out := &in.MetricLabels, &out.MetricLabels
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
+	in.Timestamp.DeepCopyInto(&out.Timestamp)
+	if in.WindowSeconds != nil {
+		in, out := &in.WindowSeconds, &out.WindowSeconds
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(int64)
+			**out = **in
+		}
+	}
+	out.Value = in.Value.DeepCopy()
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalMetricValue.
+func (in *ExternalMetricValue) DeepCopy() *ExternalMetricValue {
+	if in == nil {
+		return nil
+	}
+	out := new(ExternalMetricValue)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ExternalMetricValue) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExternalMetricValueList) DeepCopyInto(out *ExternalMetricValueList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	out.ListMeta = in.ListMeta
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]ExternalMetricValue, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalMetricValueList.
+func (in *ExternalMetricValueList) DeepCopy() *ExternalMetricValueList {
+	if in == nil {
+		return nil
+	}
+	out := new(ExternalMetricValueList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ExternalMetricValueList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
diff --git a/vendor/k8s.io/metrics/pkg/apis/external_metrics/zz_generated.deepcopy.go b/vendor/k8s.io/metrics/pkg/apis/external_metrics/zz_generated.deepcopy.go
new file mode 100644
index 000000000000..b2dc1eb6cf8c
--- /dev/null
+++ b/vendor/k8s.io/metrics/pkg/apis/external_metrics/zz_generated.deepcopy.go
@@ -0,0 +1,101 @@
+// +build !ignore_autogenerated
+
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by deepcopy-gen. DO NOT EDIT.
+
+package external_metrics
+
+import (
+	runtime "k8s.io/apimachinery/pkg/runtime"
+)
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExternalMetricValue) DeepCopyInto(out *ExternalMetricValue) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	if in.MetricLabels != nil {
+		in, out := &in.MetricLabels, &out.MetricLabels
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
+	in.Timestamp.DeepCopyInto(&out.Timestamp)
+	if in.WindowSeconds != nil {
+		in, out := &in.WindowSeconds, &out.WindowSeconds
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(int64)
+			**out = **in
+		}
+	}
+	out.Value = in.Value.DeepCopy()
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalMetricValue.
+func (in *ExternalMetricValue) DeepCopy() *ExternalMetricValue {
+	if in == nil {
+		return nil
+	}
+	out := new(ExternalMetricValue)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ExternalMetricValue) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExternalMetricValueList) DeepCopyInto(out *ExternalMetricValueList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	out.ListMeta = in.ListMeta
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]ExternalMetricValue, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalMetricValueList.
+func (in *ExternalMetricValueList) DeepCopy() *ExternalMetricValueList {
+	if in == nil {
+		return nil
+	}
+	out := new(ExternalMetricValueList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ExternalMetricValueList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
diff --git a/vendor/k8s.io/metrics/pkg/apis/metrics/BUILD b/vendor/k8s.io/metrics/pkg/apis/metrics/BUILD
index 0b36e9d33dc5..da2b2a66a93b 100644
--- a/vendor/k8s.io/metrics/pkg/apis/metrics/BUILD
+++ b/vendor/k8s.io/metrics/pkg/apis/metrics/BUILD
@@ -15,7 +15,7 @@ go_library(
     ],
     importpath = "k8s.io/metrics/pkg/apis/metrics",
     deps = [
-        "//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
diff --git a/vendor/k8s.io/metrics/pkg/apis/metrics/types.go b/vendor/k8s.io/metrics/pkg/apis/metrics/types.go
index 08912fb68ed6..a53eb440f75e 100644
--- a/vendor/k8s.io/metrics/pkg/apis/metrics/types.go
+++ b/vendor/k8s.io/metrics/pkg/apis/metrics/types.go
@@ -17,7 +17,7 @@ limitations under the License.
 package metrics
 
 import (
-	"k8s.io/apimachinery/pkg/api/resource"
+	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
@@ -38,7 +38,7 @@ type NodeMetrics struct {
 	Window    metav1.Duration
 
 	// The memory usage is the memory working set.
-	Usage ResourceList
+	Usage corev1.ResourceList
 }
 
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
@@ -91,19 +91,5 @@ type ContainerMetrics struct {
 	// Container name corresponding to the one from pod.spec.containers.
 	Name string
 	// The memory usage is the memory working set.
-	Usage ResourceList
+	Usage corev1.ResourceList
 }
-
-// NOTE: ResourceName and ResourceList are copied from
-// k8s.io/kubernetes/pkg/api/types.go. We cannot depend on
-// k8s.io/kubernetes/pkg/api because that creates cyclic dependency between
-// k8s.io/metrics and k8s.io/kubernetes. We cannot depend on
-// k8s.io/client-go/pkg/api because the package is going to be deprecated soon.
-// There is no need to keep them exact copies. Each repo can define its own
-// internal objects.
-
-// ResourceList is a set of (resource name, quantity) pairs.
-type ResourceList map[ResourceName]resource.Quantity
-
-// ResourceName is the name identifying various resources in a ResourceList.
-type ResourceName string
diff --git a/vendor/k8s.io/metrics/pkg/apis/metrics/v1alpha1/zz_generated.conversion.go b/vendor/k8s.io/metrics/pkg/apis/metrics/v1alpha1/zz_generated.conversion.go
index cb04bee119ed..ffd8a20df012 100644
--- a/vendor/k8s.io/metrics/pkg/apis/metrics/v1alpha1/zz_generated.conversion.go
+++ b/vendor/k8s.io/metrics/pkg/apis/metrics/v1alpha1/zz_generated.conversion.go
@@ -16,16 +16,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1alpha1
 
 import (
+	unsafe "unsafe"
+
 	v1 "k8s.io/api/core/v1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	metrics "k8s.io/metrics/pkg/apis/metrics"
-	unsafe "unsafe"
 )
 
 func init() {
@@ -51,7 +52,7 @@ func RegisterConversions(scheme *runtime.Scheme) error {
 
 func autoConvert_v1alpha1_ContainerMetrics_To_metrics_ContainerMetrics(in *ContainerMetrics, out *metrics.ContainerMetrics, s conversion.Scope) error {
 	out.Name = in.Name
-	out.Usage = *(*metrics.ResourceList)(unsafe.Pointer(&in.Usage))
+	out.Usage = *(*v1.ResourceList)(unsafe.Pointer(&in.Usage))
 	return nil
 }
 
@@ -75,7 +76,7 @@ func autoConvert_v1alpha1_NodeMetrics_To_metrics_NodeMetrics(in *NodeMetrics, ou
 	out.ObjectMeta = in.ObjectMeta
 	out.Timestamp = in.Timestamp
 	out.Window = in.Window
-	out.Usage = *(*metrics.ResourceList)(unsafe.Pointer(&in.Usage))
+	out.Usage = *(*v1.ResourceList)(unsafe.Pointer(&in.Usage))
 	return nil
 }
 
diff --git a/vendor/k8s.io/metrics/pkg/apis/metrics/v1alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/metrics/pkg/apis/metrics/v1alpha1/zz_generated.deepcopy.go
index 3da622e3ec53..05337bd6d571 100644
--- a/vendor/k8s.io/metrics/pkg/apis/metrics/v1alpha1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/metrics/pkg/apis/metrics/v1alpha1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1alpha1
 
@@ -79,9 +79,8 @@ func (in *NodeMetrics) DeepCopy() *NodeMetrics {
 func (in *NodeMetrics) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -113,9 +112,8 @@ func (in *NodeMetricsList) DeepCopy() *NodeMetricsList {
 func (in *NodeMetricsList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -149,9 +147,8 @@ func (in *PodMetrics) DeepCopy() *PodMetrics {
 func (in *PodMetrics) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -183,7 +180,6 @@ func (in *PodMetricsList) DeepCopy() *PodMetricsList {
 func (in *PodMetricsList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/metrics/pkg/apis/metrics/v1beta1/zz_generated.conversion.go b/vendor/k8s.io/metrics/pkg/apis/metrics/v1beta1/zz_generated.conversion.go
index f6a1c47e7735..d3a70f9da506 100644
--- a/vendor/k8s.io/metrics/pkg/apis/metrics/v1beta1/zz_generated.conversion.go
+++ b/vendor/k8s.io/metrics/pkg/apis/metrics/v1beta1/zz_generated.conversion.go
@@ -16,16 +16,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by conversion-gen. Do not edit it manually!
+// Code generated by conversion-gen. DO NOT EDIT.
 
 package v1beta1
 
 import (
+	unsafe "unsafe"
+
 	v1 "k8s.io/api/core/v1"
 	conversion "k8s.io/apimachinery/pkg/conversion"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	metrics "k8s.io/metrics/pkg/apis/metrics"
-	unsafe "unsafe"
 )
 
 func init() {
@@ -51,7 +52,7 @@ func RegisterConversions(scheme *runtime.Scheme) error {
 
 func autoConvert_v1beta1_ContainerMetrics_To_metrics_ContainerMetrics(in *ContainerMetrics, out *metrics.ContainerMetrics, s conversion.Scope) error {
 	out.Name = in.Name
-	out.Usage = *(*metrics.ResourceList)(unsafe.Pointer(&in.Usage))
+	out.Usage = *(*v1.ResourceList)(unsafe.Pointer(&in.Usage))
 	return nil
 }
 
@@ -75,7 +76,7 @@ func autoConvert_v1beta1_NodeMetrics_To_metrics_NodeMetrics(in *NodeMetrics, out
 	out.ObjectMeta = in.ObjectMeta
 	out.Timestamp = in.Timestamp
 	out.Window = in.Window
-	out.Usage = *(*metrics.ResourceList)(unsafe.Pointer(&in.Usage))
+	out.Usage = *(*v1.ResourceList)(unsafe.Pointer(&in.Usage))
 	return nil
 }
 
diff --git a/vendor/k8s.io/metrics/pkg/apis/metrics/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/metrics/pkg/apis/metrics/v1beta1/zz_generated.deepcopy.go
index 069ab546d949..bdac4d4d77e1 100644
--- a/vendor/k8s.io/metrics/pkg/apis/metrics/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/metrics/pkg/apis/metrics/v1beta1/zz_generated.deepcopy.go
@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package v1beta1
 
@@ -79,9 +79,8 @@ func (in *NodeMetrics) DeepCopy() *NodeMetrics {
 func (in *NodeMetrics) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -113,9 +112,8 @@ func (in *NodeMetricsList) DeepCopy() *NodeMetricsList {
 func (in *NodeMetricsList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -149,9 +147,8 @@ func (in *PodMetrics) DeepCopy() *PodMetrics {
 func (in *PodMetrics) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -183,7 +180,6 @@ func (in *PodMetricsList) DeepCopy() *PodMetricsList {
 func (in *PodMetricsList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/metrics/pkg/apis/metrics/zz_generated.deepcopy.go b/vendor/k8s.io/metrics/pkg/apis/metrics/zz_generated.deepcopy.go
index 0bb9936ee23b..6db7df85cb8d 100644
--- a/vendor/k8s.io/metrics/pkg/apis/metrics/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/metrics/pkg/apis/metrics/zz_generated.deepcopy.go
@@ -16,11 +16,12 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// This file was autogenerated by deepcopy-gen. Do not edit it manually!
+// Code generated by deepcopy-gen. DO NOT EDIT.
 
 package metrics
 
 import (
+	v1 "k8s.io/api/core/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
 
@@ -29,7 +30,7 @@ func (in *ContainerMetrics) DeepCopyInto(out *ContainerMetrics) {
 	*out = *in
 	if in.Usage != nil {
 		in, out := &in.Usage, &out.Usage
-		*out = make(ResourceList, len(*in))
+		*out = make(v1.ResourceList, len(*in))
 		for key, val := range *in {
 			(*out)[key] = val.DeepCopy()
 		}
@@ -56,7 +57,7 @@ func (in *NodeMetrics) DeepCopyInto(out *NodeMetrics) {
 	out.Window = in.Window
 	if in.Usage != nil {
 		in, out := &in.Usage, &out.Usage
-		*out = make(ResourceList, len(*in))
+		*out = make(v1.ResourceList, len(*in))
 		for key, val := range *in {
 			(*out)[key] = val.DeepCopy()
 		}
@@ -78,9 +79,8 @@ func (in *NodeMetrics) DeepCopy() *NodeMetrics {
 func (in *NodeMetrics) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -112,9 +112,8 @@ func (in *NodeMetricsList) DeepCopy() *NodeMetricsList {
 func (in *NodeMetricsList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -148,9 +147,8 @@ func (in *PodMetrics) DeepCopy() *PodMetrics {
 func (in *PodMetrics) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -182,7 +180,6 @@ func (in *PodMetricsList) DeepCopy() *PodMetricsList {
 func (in *PodMetricsList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
-	} else {
-		return nil
 	}
+	return nil
 }
diff --git a/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/scheme/doc.go b/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/scheme/doc.go
index 3d3ab5f4edfa..5c5c8debb6b4 100644
--- a/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/scheme/doc.go
+++ b/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/scheme/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package contains the scheme of the automatically generated clientset.
 package scheme
diff --git a/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/scheme/register.go b/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/scheme/register.go
index 772cd9d19ba3..ce4323017680 100644
--- a/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/scheme/register.go
+++ b/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/scheme/register.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package scheme
 
 import (
@@ -39,7 +41,7 @@ func init() {
 //
 //   import (
 //     "k8s.io/client-go/kubernetes"
-//     clientsetscheme "k8s.io/client-go/kuberentes/scheme"
+//     clientsetscheme "k8s.io/client-go/kubernetes/scheme"
 //     aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme"
 //   )
 //
@@ -51,5 +53,4 @@ func init() {
 func AddToScheme(scheme *runtime.Scheme) {
 	metricsv1alpha1.AddToScheme(scheme)
 	metricsv1beta1.AddToScheme(scheme)
-
 }
diff --git a/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/doc.go b/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/doc.go
index 35b3db3f3542..11ae7049d165 100644
--- a/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/doc.go
+++ b/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/doc.go
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 // This package has the automatically generated typed clients.
 package v1beta1
diff --git a/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/generated_expansion.go b/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/generated_expansion.go
index 419975b555b6..77165723f9e5 100644
--- a/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/generated_expansion.go
+++ b/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/generated_expansion.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 type NodeMetricsExpansion interface{}
diff --git a/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/metrics_client.go b/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/metrics_client.go
index a540a03c4a65..6dac05fc2d91 100644
--- a/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/metrics_client.go
+++ b/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/metrics_client.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/nodemetrics.go b/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/nodemetrics.go
index 18adf9dd40c0..356e1fff5d75 100644
--- a/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/nodemetrics.go
+++ b/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/nodemetrics.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/podmetrics.go b/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/podmetrics.go
index 5d5e19e039ec..f2ab0758cbb8 100644
--- a/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/podmetrics.go
+++ b/vendor/k8s.io/metrics/pkg/client/clientset_generated/clientset/typed/metrics/v1beta1/podmetrics.go
@@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
+// Code generated by client-gen. DO NOT EDIT.
+
 package v1beta1
 
 import (
diff --git a/vendor/k8s.io/metrics/pkg/client/custom_metrics/client.go b/vendor/k8s.io/metrics/pkg/client/custom_metrics/client.go
index d88ec4f63f9c..1e1763bc8f4a 100644
--- a/vendor/k8s.io/metrics/pkg/client/custom_metrics/client.go
+++ b/vendor/k8s.io/metrics/pkg/client/custom_metrics/client.go
@@ -69,7 +69,7 @@ func NewForConfigOrDie(c *rest.Config) CustomMetricsClient {
 	return client
 }
 
-// NewForMapper constucts the client with a RESTMapper, which allows more
+// NewForMapper constructs the client with a RESTMapper, which allows more
 // accurate translation from GroupVersionKind to GroupVersionResource.
 func NewForMapper(client rest.Interface, mapper meta.RESTMapper) CustomMetricsClient {
 	return &customMetricsClient{
diff --git a/vendor/k8s.io/metrics/pkg/client/external_metrics/BUILD b/vendor/k8s.io/metrics/pkg/client/external_metrics/BUILD
new file mode 100644
index 000000000000..63f7b5cdd988
--- /dev/null
+++ b/vendor/k8s.io/metrics/pkg/client/external_metrics/BUILD
@@ -0,0 +1,40 @@
+package(default_visibility = ["//visibility:public"])
+
+load(
+    "@io_bazel_rules_go//go:def.bzl",
+    "go_library",
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "client.go",
+        "interfaces.go",
+    ],
+    importpath = "k8s.io/metrics/pkg/client/external_metrics",
+    deps = [
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes/scheme:go_default_library",
+        "//vendor/k8s.io/client-go/rest:go_default_library",
+        "//vendor/k8s.io/client-go/util/flowcontrol:go_default_library",
+        "//vendor/k8s.io/metrics/pkg/apis/external_metrics/v1beta1:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [
+        ":package-srcs",
+        "//staging/src/k8s.io/metrics/pkg/client/external_metrics/fake:all-srcs",
+    ],
+    tags = ["automanaged"],
+)
diff --git a/vendor/k8s.io/metrics/pkg/client/external_metrics/client.go b/vendor/k8s.io/metrics/pkg/client/external_metrics/client.go
new file mode 100644
index 000000000000..f12d8ebeb361
--- /dev/null
+++ b/vendor/k8s.io/metrics/pkg/client/external_metrics/client.go
@@ -0,0 +1,95 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package external_metrics
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/labels"
+	serializer "k8s.io/apimachinery/pkg/runtime/serializer"
+	"k8s.io/client-go/kubernetes/scheme"
+	"k8s.io/client-go/rest"
+	"k8s.io/client-go/util/flowcontrol"
+	"k8s.io/metrics/pkg/apis/external_metrics/v1beta1"
+)
+
+type externalMetricsClient struct {
+	client rest.Interface
+}
+
+func New(client rest.Interface) ExternalMetricsClient {
+	return &externalMetricsClient{
+		client: client,
+	}
+}
+
+func NewForConfig(c *rest.Config) (ExternalMetricsClient, error) {
+	configShallowCopy := *c
+	if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 {
+		configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst)
+	}
+	configShallowCopy.APIPath = "/apis"
+	if configShallowCopy.UserAgent == "" {
+		configShallowCopy.UserAgent = rest.DefaultKubernetesUserAgent()
+	}
+	configShallowCopy.GroupVersion = &v1beta1.SchemeGroupVersion
+	configShallowCopy.NegotiatedSerializer = serializer.DirectCodecFactory{CodecFactory: scheme.Codecs}
+
+	client, err := rest.RESTClientFor(&configShallowCopy)
+	if err != nil {
+		return nil, err
+	}
+
+	return New(client), nil
+}
+
+func NewForConfigOrDie(c *rest.Config) ExternalMetricsClient {
+	client, err := NewForConfig(c)
+	if err != nil {
+		panic(err)
+	}
+	return client
+}
+
+func (c *externalMetricsClient) NamespacedMetrics(namespace string) MetricsInterface {
+	return &namespacedMetrics{
+		client:    c,
+		namespace: namespace,
+	}
+}
+
+type namespacedMetrics struct {
+	client    *externalMetricsClient
+	namespace string
+}
+
+func (m *namespacedMetrics) List(metricName string, metricSelector labels.Selector) (*v1beta1.ExternalMetricValueList, error) {
+	res := &v1beta1.ExternalMetricValueList{}
+	err := m.client.client.Get().
+		Namespace(m.namespace).
+		Resource(metricName).
+		VersionedParams(&metav1.ListOptions{
+			LabelSelector: metricSelector.String(),
+		}, metav1.ParameterCodec).
+		Do().
+		Into(res)
+
+	if err != nil {
+		return nil, err
+	}
+
+	return res, nil
+}
diff --git a/vendor/k8s.io/metrics/pkg/client/external_metrics/interfaces.go b/vendor/k8s.io/metrics/pkg/client/external_metrics/interfaces.go
new file mode 100644
index 000000000000..42d66e88f323
--- /dev/null
+++ b/vendor/k8s.io/metrics/pkg/client/external_metrics/interfaces.go
@@ -0,0 +1,40 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package external_metrics
+
+import (
+	"k8s.io/apimachinery/pkg/labels"
+	"k8s.io/metrics/pkg/apis/external_metrics/v1beta1"
+)
+
+// ExternalMetricsClient is a client for fetching external metrics.
+type ExternalMetricsClient interface {
+	NamespacedMetricsGetter
+}
+
+// NamespacedMetricsGetter provides access to an interface for fetching
+// metrics in a particular namespace.
+type NamespacedMetricsGetter interface {
+	NamespacedMetrics(namespace string) MetricsInterface
+}
+
+// MetricsInterface provides access to external metrics.
+type MetricsInterface interface {
+	// Get fetches the metric for the given namespace that maches the given
+	// metricSelector.
+	List(metricName string, metricSelector labels.Selector) (*v1beta1.ExternalMetricValueList, error)
+}